From b3bcc72952ec1b425294782525515b2d3ef5a53b Mon Sep 17 00:00:00 2001 From: Phil Davis Date: Wed, 22 Jul 2015 19:36:09 +0545 Subject: Handle IPsec Advanced Settings save before IPsec is enabled If the Advanced Settings are saved before any other IPsec is set up then $config['ipsec'] can be just the empty string. As a result you can get: a) If you select some debug settings then those are not saved. The code to save those settings was only executed when $config['ipsec'] was already an array. Actually the code already did the necessary "if isset() then unset()" stuuf. So I just took the the "if is_array()" away from the code block. b) Some potential unset() can go wrong with errors like: Fatal error: Cannot unset string offsets in /usr/local/www/vpn_ipsec_settings.php on line 168 This is corrected by adding more "if (isset())" checks. Fixes Redmine #4865 Conflicts: usr/local/www/vpn_ipsec_settings.php --- usr/local/www/vpn_ipsec_settings.php | 30 ++++++++++++++++++------------ 1 file changed, 18 insertions(+), 12 deletions(-) diff --git a/usr/local/www/vpn_ipsec_settings.php b/usr/local/www/vpn_ipsec_settings.php index 075cbc9..bf00858 100644 --- a/usr/local/www/vpn_ipsec_settings.php +++ b/usr/local/www/vpn_ipsec_settings.php @@ -118,13 +118,13 @@ if ($_POST) { if (!$input_errors) { - if (is_array($config['ipsec'])) { - foreach ($ipsec_loglevels as $lkey => $ldescr) { - if (empty($_POST["ipsec_{$lkey}"])) { - if (isset($config['ipsec']["ipsec_{$lkey}"])) - unset($config['ipsec']["ipsec_{$lkey}"]); - } else - $config['ipsec']["ipsec_{$lkey}"] = $_POST["ipsec_{$lkey}"]; + foreach ($ipsec_loglevels as $lkey => $ldescr) { + if (empty($_POST["ipsec_{$lkey}"])) { + if (isset($config['ipsec']["ipsec_{$lkey}"])) { + unset($config['ipsec']["ipsec_{$lkey}"]); + } + } else { + $config['ipsec']["ipsec_{$lkey}"] = $_POST["ipsec_{$lkey}"]; } } @@ -164,8 +164,10 @@ if ($_POST) { } /* The wierd logic here is to avoid negative policies when checked #4655 */ - if($_POST['noshuntlaninterfaces'] == "yes") { - unset($config['ipsec']['noshuntlaninterfaces']); + if ($_POST['noshuntlaninterfaces'] == "yes") { + if (isset($config['ipsec']['noshuntlaninterfaces'])) { + unset($config['ipsec']['noshuntlaninterfaces']); + } } else { $config['ipsec']['noshuntlaninterfaces'] = true; } @@ -181,7 +183,7 @@ if ($_POST) { if(!empty($_POST['uniqueids'])) { $config['ipsec']['uniqueids'] = $_POST['uniqueids']; - } else { + } else if (isset($config['ipsec']['uniqueids'])) { unset($config['ipsec']['uniqueids']); } @@ -189,8 +191,12 @@ if ($_POST) { $config['system']['maxmss_enable'] = true; $config['system']['maxmss'] = $_POST['maxmss']; } else { - unset($config['system']['maxmss_enable']); - unset($config['system']['maxmss']); + if (isset($config['system']['maxmss_enable'])) { + unset($config['system']['maxmss_enable']); + } + if (isset($config['system']['maxmss'])) { + unset($config['system']['maxmss']); + } } write_config(); -- cgit v1.1