diff options
author | jim-p <jimp@pfsense.org> | 2010-10-20 20:12:03 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2010-10-20 20:12:03 -0400 |
commit | 8f87a4a2aa746a44b6bd5f0ef4b4eea63c7703de (patch) | |
tree | 5bd0fd47a7829addd78d5991ba484caed67a2433 /usr/local/www/wizards | |
parent | 47319bfb725be0374048c193436b2b06775fbb92 (diff) | |
download | pfsense-8f87a4a2aa746a44b6bd5f0ef4b4eea63c7703de.zip pfsense-8f87a4a2aa746a44b6bd5f0ef4b4eea63c7703de.tar.gz |
Reject special characters in CA/Cert field names during OpenVPN wizard. Fixes #900
Diffstat (limited to 'usr/local/www/wizards')
-rw-r--r-- | usr/local/www/wizards/openvpn_wizard.inc | 20 | ||||
-rw-r--r-- | usr/local/www/wizards/openvpn_wizard.xml | 4 |
2 files changed, 18 insertions, 6 deletions
diff --git a/usr/local/www/wizards/openvpn_wizard.inc b/usr/local/www/wizards/openvpn_wizard.inc index 518aad2..059d50d 100644 --- a/usr/local/www/wizards/openvpn_wizard.inc +++ b/usr/local/www/wizards/openvpn_wizard.inc @@ -28,6 +28,10 @@ */ require_once("openvpn.inc"); +function has_special_chars($text) { + return ereg('[^A-Za-z0-9 _-]', $text); +} + function step1_submitphpaction() { global $stepid, $config; if ($_POST['authtype'] == "local") { @@ -193,12 +197,16 @@ function step7_submitphpaction() { } } - if (empty($_POST['name']) || empty($_POST['keylength']) || empty($_POST['lifetime']) || + if (empty($_POST['descr']) || empty($_POST['keylength']) || empty($_POST['lifetime']) || empty($_POST['country']) || empty($_POST['state']) || empty($_POST['city']) || empty($_POST['organization']) || empty($_POST['email'])) { $stepid--; $savemsg = "Please enter all information for the new Certificate Authority."; - } elseif (in_array($_POST['name'], $canames) || in_array($_POST['name'], $cacns)) { + } elseif (has_special_chars($_POST['country']) || has_special_chars($_POST['state']) || + has_special_chars($_POST['city']) || has_special_chars($_POST['organization'])) { + $stepid--; + $savemsg = "Please do not use special characters in Certificate Authority field names."; + } elseif (in_array($_POST['descr'], $canames) || in_array($_POST['descr'], $cacns)) { $stepid--; $savemsg = "Please enter a different name for the Certicicate Authority. A Certificate Authority with that name already exists."; } elseif (strlen($_POST['country']) != 2) { @@ -279,12 +287,16 @@ function step9_submitphpaction() { } } - if (empty($_POST['name']) || empty($_POST['keylength']) || empty($_POST['lifetime']) || + if (empty($_POST['descr']) || empty($_POST['keylength']) || empty($_POST['lifetime']) || empty($_POST['country']) || empty($_POST['state']) || empty($_POST['city']) || empty($_POST['organization']) || empty($_POST['email'])) { $stepid--; $savemsg = "Please enter all information for the new certificate."; - } elseif (in_array($_POST['name'], $certnames) || in_array($_POST['name'], $certcns)) { + } elseif (has_special_chars($_POST['country']) || has_special_chars($_POST['state']) || + has_special_chars($_POST['city']) || has_special_chars($_POST['organization'])) { + $stepid--; + $savemsg = "Please do not use special characters in Certificate field names."; + } elseif (in_array($_POST['descr'], $certnames) || in_array($_POST['descr'], $certcns)) { $stepid--; $savemsg = "Please enter a different name for the Certicicate. A Certificate with that name/common name already exists."; } elseif (strlen($_POST['country']) != 2) { diff --git a/usr/local/www/wizards/openvpn_wizard.xml b/usr/local/www/wizards/openvpn_wizard.xml index 5e1ab47..c7c561e 100644 --- a/usr/local/www/wizards/openvpn_wizard.xml +++ b/usr/local/www/wizards/openvpn_wizard.xml @@ -357,7 +357,7 @@ <type>listtopic</type> </field> <field> - <name>name</name> + <name>descr</name> <displayname>Descriptive name</displayname> <description>A name for your reference, to identify this certificate. This is the same as common-name field for other Certificates.</description> <type>input</type> @@ -488,7 +488,7 @@ <type>listtopic</type> </field> <field> - <name>name</name> + <name>descr</name> <displayname>Descriptive name</displayname> <description>A name for your reference, to identify this certificate. This is also known as the certificate's "Common Name."</description> <type>input</type> |