From b878ad364aca9434ec160724a6e8479bc9402066 Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Tue, 16 Nov 2010 16:21:49 +0000
Subject: Ticket #1006. Make sure to interpret the response as needed. First
 check if we got 0 and then check if we have a faultCode().

---
 etc/rc.filter_synchronize | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

(limited to 'etc/rc.filter_synchronize')

diff --git a/etc/rc.filter_synchronize b/etc/rc.filter_synchronize
index 3febef0..34198b4 100755
--- a/etc/rc.filter_synchronize
+++ b/etc/rc.filter_synchronize
@@ -185,19 +185,16 @@ function carp_sync_xml($url, $password, $sections, $port = 80, $method = 'pfsens
 			$cli->setDebug(1);
 		/* send our XMLRPC message and timeout after 240 seconds */
 		$resp = $cli->send($msg, "240");
-		if($resp->faultCode()) {
-			$error = "A communications error occurred while attempting communication with {$url}:{$port} (pfsense.exec_php).";
-			log_error($error);
-			return;	
-		}
 		if(!$resp) {
 			$error = "A communications error occured while attempting XMLRPC sync with username {$username} {$url}:{$port}.";
 			log_error($error);
 			file_notice("sync_settings", $error, "Settings Sync", "");
+			continue;
 		} elseif($resp->faultCode()) {
 			$error = "An error code was received while attempting XMLRPC sync with username {$username} {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
 			log_error($error);
 			file_notice("sync_settings", $error, "Settings Sync", "");
+			continue;
 		} else {
 			log_error("XMLRPC sync successfully completed with {$url}:{$port}.");
 			$numberofruns = 3;
-- 
cgit v1.1


From 55910da79840bc37e6001e323de3e7900c3175d1 Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Tue, 16 Nov 2010 16:29:02 +0000
Subject: Tighten check even more. Ticket #1006.

---
 etc/rc.filter_synchronize | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'etc/rc.filter_synchronize')

diff --git a/etc/rc.filter_synchronize b/etc/rc.filter_synchronize
index 34198b4..dede6ba 100755
--- a/etc/rc.filter_synchronize
+++ b/etc/rc.filter_synchronize
@@ -185,7 +185,7 @@ function carp_sync_xml($url, $password, $sections, $port = 80, $method = 'pfsens
 			$cli->setDebug(1);
 		/* send our XMLRPC message and timeout after 240 seconds */
 		$resp = $cli->send($msg, "240");
-		if(!$resp) {
+		if(!is_object($resp)) {
 			$error = "A communications error occured while attempting XMLRPC sync with username {$username} {$url}:{$port}.";
 			log_error($error);
 			file_notice("sync_settings", $error, "Settings Sync", "");
-- 
cgit v1.1


From 137f46d8939ac05856b183d81d749287f1fc40cc Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Tue, 7 Dec 2010 11:10:08 +0000
Subject: Whitespace fixes to make this readble.

---
 etc/rc.filter_synchronize | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'etc/rc.filter_synchronize')

diff --git a/etc/rc.filter_synchronize b/etc/rc.filter_synchronize
index dede6ba..466e3b1 100755
--- a/etc/rc.filter_synchronize
+++ b/etc/rc.filter_synchronize
@@ -210,7 +210,7 @@ function carp_sync_xml($url, $password, $sections, $port = 80, $method = 'pfsens
 }
 
 global $g;
-if (file_exists("{$g['varrun_path']}/booting"))
+if (file_exists("{$g['varrun_path']}/booting") || $g['booting'])
 	return;
 
 if (is_array($config['installedpackages']['carpsettings']['config'])) {
-- 
cgit v1.1


From 7380bcdbe4be18bcb007f283b71fd5f83b51fced Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Tue, 7 Dec 2010 12:30:36 +0000
Subject: Prevent sync problems when upgrading carp clusters. Now we check that
 the other cluster is at least at our config file version.

---
 etc/rc.filter_synchronize | 81 ++++++++++++++++++++++++++++++++++++++++-------
 1 file changed, 69 insertions(+), 12 deletions(-)

(limited to 'etc/rc.filter_synchronize')

diff --git a/etc/rc.filter_synchronize b/etc/rc.filter_synchronize
index 466e3b1..cd60e91 100755
--- a/etc/rc.filter_synchronize
+++ b/etc/rc.filter_synchronize
@@ -81,10 +81,59 @@ function remove_special_characters($string) {
 	return $string;
 }
 
+function carp_check_version($url, $password, $port = 80, $method = 'pfsense.check_firmware_version') {
+	global $config, $g;
+
+	if(file_exists("{$g['varrun_path']}/booting") || $g['booting'])
+		return;
+
+	$params = array(
+                XML_RPC_encode($password),
+                XML_RPC_encode("all")
+        );
+
+        $numberofruns = 0;
+        while ($numberofruns < 2) {
+                $msg = new XML_RPC_Message($method, $params);
+                $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port);
+                $username = $config['system']['user'][0]['name'];
+                $cli->setCredentials($username, $password);
+                if($numberofruns > 1)
+                        $cli->setDebug(1);
+                /* send our XMLRPC message and timeout after 240 seconds */
+                $resp = $cli->send($msg, "240");
+		if(!is_object($resp)) {
+                        $error = "A communications error occured while attempting XMLRPC sync with username {$username} {$url}:{$port}.";
+                } elseif($resp->faultCode()) {
+                        $error = "An error code was received while attempting XMLRPC sync with username {$username} {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
+                } else {
+			$parsed_response =  XML_RPC_Decode($resp->value());
+			if(!is_array($parsed_response)) {
+				if (trim($parsed_response) == "Authentication failed") {
+					$error = "A authentication failure occurred while trying to access {$url}:{$port} ({$method}).";
+					log_error($error);
+					return false;
+				}
+			} else {
+				if (!isset($parsed_response['current']['config_version']) ||
+				    $parsed_response['current']['config_version'] < $config['version'])
+					return false;
+				else
+					return true;
+			}
+		}
+		log_error($error);
+		file_notice("sync_settings", $error, "Settings Sync", "");
+                $numberofruns++;
+        }
+
+	return false;
+}
+
 function carp_sync_xml($url, $password, $sections, $port = 80, $method = 'pfsense.restore_config_section') {
 	global $config, $g;
 
-	if(file_exists("{$g['varrun_path']}/booting"))
+	if(file_exists("{$g['varrun_path']}/booting") || $g['booting'])
 		return;
 
 	update_filter_reload_status("Syncing CARP data to {$url}");
@@ -200,10 +249,10 @@ function carp_sync_xml($url, $password, $sections, $port = 80, $method = 'pfsens
 			$numberofruns = 3;
 		}
 		$parsed_response =  XML_RPC_Decode($resp->value());
-		if(!is_array($firewall_info) && trim($firewall_info) == "Authentication failed") {
-			$error = "A authentication failure occurred while trying to access {$url}:{$port} (pfsense.exec_php).";
+		if(!is_array($parsed_response) && trim($parsed_repsonse) == "Authentication failed") {
+			$error = "A authentication failure occurred while trying to access {$url}:{$port} ($method).";
 			log_error($error);
-			$numberofruns = 5;
+			break;
 		}
 		$numberofruns++;
 	}
@@ -216,19 +265,22 @@ if (file_exists("{$g['varrun_path']}/booting") || $g['booting'])
 if (is_array($config['installedpackages']['carpsettings']['config'])) {
 	update_filter_reload_status("Building CARP sync information");
 	foreach($config['installedpackages']['carpsettings']['config'] as $carp) {
-		if ($carp['synchronizetoip'] != "" ) {
-		   /*
-			* XXX: The way we're finding the port right now is really suboptimal -
-			*              we can't assume that the other machine is setup identically.
-			*/
-		if ($config['system']['webgui']['protocol'] != "") {
+		if (empty($carp['synchronizetoip'])) {
+			log_error("CARP sync not being done because of missing sync ip!");
+			break;
+		}
+		/*
+		 * XXX: The way we're finding the port right now is really suboptimal -
+		 *     we can't assume that the other machine is setup identically.
+		 */
+		if (!empty($config['system']['webgui']['protocol'])) {
 			$synchronizetoip = $config['system']['webgui']['protocol'];
 			$synchronizetoip .= "://";
 		}
 
 		/* if port is empty lets rely on the protocol selection */
 		$port = $config['system']['webgui']['port'];
-		if ($port == "") {
+		if (empty($port)) {
 			if ($config['system']['webgui']['protocol'] == "http")
 				$port = "80";
 			else
@@ -323,6 +375,12 @@ if (is_array($config['installedpackages']['carpsettings']['config'])) {
 		if ($carp['synchronizecaptiveportal'] != "" and is_array($config['vouchers']))
 			$sections[] = 'vouchers';
 		if (count($sections) > 0) {
+			if (!carp_check_version($synchronizetoip, $carp['password'], $port)) {
+				update_filter_reload_status("The other member is on older version of {$g['product']}. Sync will not be done to prevent problems!");
+				log_error("The other member is on older version of {$g['product']}. Sync will not be done to prevent problems!");
+				break;
+			}
+				
 			update_filter_reload_status("Signaling CARP reload signal...");
 			carp_sync_xml($synchronizetoip, $carp['password'], $sections, $port);
 			if (is_array($mergesections))
@@ -351,7 +409,6 @@ if (is_array($config['installedpackages']['carpsettings']['config'])) {
 			}
 		}
 		break;
-		}
 	}
 }
 
-- 
cgit v1.1


From 2a834dcd89e6e86446743680469c8fef9ca936fc Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Tue, 7 Dec 2010 23:59:34 +0000
Subject: Adjust even advbase while synching. This should be params though.

---
 etc/rc.filter_synchronize | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'etc/rc.filter_synchronize')

diff --git a/etc/rc.filter_synchronize b/etc/rc.filter_synchronize
index cd60e91..36567f7 100755
--- a/etc/rc.filter_synchronize
+++ b/etc/rc.filter_synchronize
@@ -64,6 +64,13 @@ function backup_vip_config_section() {
 				$section_val = 255;
 			$section['advskew'] = $section_val;
 		}
+		if($section['advbase'] <> "") {
+			$section_val = intval($section['advbase']);
+			$section_val=$section_val+1;
+			if($section_val > 255)
+				$section_val = 255;
+			$section['advbase'] = $section_val;
+		}
 		$temp['vip'][] = $section;
 	}
 	return $temp;
-- 
cgit v1.1


From e501de37f786b13d2bb6a1b6593dbafd3aa346e6 Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Fri, 10 Dec 2010 00:19:22 +0000
Subject: Hello xmlrpc to another function!

---
 etc/rc.filter_synchronize | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'etc/rc.filter_synchronize')

diff --git a/etc/rc.filter_synchronize b/etc/rc.filter_synchronize
index 36567f7..a30825b 100755
--- a/etc/rc.filter_synchronize
+++ b/etc/rc.filter_synchronize
@@ -88,7 +88,7 @@ function remove_special_characters($string) {
 	return $string;
 }
 
-function carp_check_version($url, $password, $port = 80, $method = 'pfsense.check_firmware_version') {
+function carp_check_version($url, $password, $port = 80, $method = 'pfsense.host_firmware_version') {
 	global $config, $g;
 
 	if(file_exists("{$g['varrun_path']}/booting") || $g['booting'])
-- 
cgit v1.1


From de272dac835bc30bf9d795c82af302ae04293e31 Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Fri, 10 Dec 2010 00:44:52 +0000
Subject: Just the password here.

---
 etc/rc.filter_synchronize | 1 -
 1 file changed, 1 deletion(-)

(limited to 'etc/rc.filter_synchronize')

diff --git a/etc/rc.filter_synchronize b/etc/rc.filter_synchronize
index a30825b..40305c0 100755
--- a/etc/rc.filter_synchronize
+++ b/etc/rc.filter_synchronize
@@ -96,7 +96,6 @@ function carp_check_version($url, $password, $port = 80, $method = 'pfsense.host
 
 	$params = array(
                 XML_RPC_encode($password),
-                XML_RPC_encode("all")
         );
 
         $numberofruns = 0;
-- 
cgit v1.1


From 4ecc2263d1fb9c66571af192d4d40da362ab4bd3 Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Fri, 10 Dec 2010 01:18:44 +0000
Subject: Hmmm use correct keys to returned array.

---
 etc/rc.filter_synchronize | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'etc/rc.filter_synchronize')

diff --git a/etc/rc.filter_synchronize b/etc/rc.filter_synchronize
index 40305c0..6350791 100755
--- a/etc/rc.filter_synchronize
+++ b/etc/rc.filter_synchronize
@@ -121,8 +121,8 @@ function carp_check_version($url, $password, $port = 80, $method = 'pfsense.host
 					return false;
 				}
 			} else {
-				if (!isset($parsed_response['current']['config_version']) ||
-				    $parsed_response['current']['config_version'] < $config['version'])
+				if (!isset($parsed_response['config_version']) ||
+				    $parsed_response['config_version'] < $config['version'])
 					return false;
 				else
 					return true;
-- 
cgit v1.1


From 0567899d3d024618ad4b7d8274ef78c0f7669052 Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Fri, 10 Dec 2010 18:34:56 +0000
Subject: Fix config synchronization. Also unbreak the config when erroring out
 because it will loop indefinitely.

---
 etc/rc.filter_synchronize | 20 +++++++++-----------
 1 file changed, 9 insertions(+), 11 deletions(-)

(limited to 'etc/rc.filter_synchronize')

diff --git a/etc/rc.filter_synchronize b/etc/rc.filter_synchronize
index 6350791..7a4f1e1 100755
--- a/etc/rc.filter_synchronize
+++ b/etc/rc.filter_synchronize
@@ -95,7 +95,7 @@ function carp_check_version($url, $password, $port = 80, $method = 'pfsense.host
 		return;
 
 	$params = array(
-                XML_RPC_encode($password),
+                XML_RPC_encode($password)
         );
 
         $numberofruns = 0;
@@ -113,7 +113,7 @@ function carp_check_version($url, $password, $port = 80, $method = 'pfsense.host
                 } elseif($resp->faultCode()) {
                         $error = "An error code was received while attempting XMLRPC sync with username {$username} {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
                 } else {
-			$parsed_response =  XML_RPC_Decode($resp->value());
+			$parsed_response =  XML_RPC_decode($resp->value());
 			if(!is_array($parsed_response)) {
 				if (trim($parsed_response) == "Authentication failed") {
 					$error = "A authentication failure occurred while trying to access {$url}:{$port} ({$method}).";
@@ -244,22 +244,20 @@ function carp_sync_xml($url, $password, $sections, $port = 80, $method = 'pfsens
 			$error = "A communications error occured while attempting XMLRPC sync with username {$username} {$url}:{$port}.";
 			log_error($error);
 			file_notice("sync_settings", $error, "Settings Sync", "");
-			continue;
 		} elseif($resp->faultCode()) {
 			$error = "An error code was received while attempting XMLRPC sync with username {$username} {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
 			log_error($error);
 			file_notice("sync_settings", $error, "Settings Sync", "");
-			continue;
 		} else {
-			log_error("XMLRPC sync successfully completed with {$url}:{$port}.");
+			$parsed_response =  XML_RPC_decode($resp->value());
+			if(!is_array($parsed_response) && trim($parsed_repsonse) == "Authentication failed") {
+				$error = "A authentication failure occurred while trying to access {$url}:{$port} ($method).";
+				log_error($error);
+				break;
+			} else
+				log_error("XMLRPC sync successfully completed with {$url}:{$port}.");
 			$numberofruns = 3;
 		}
-		$parsed_response =  XML_RPC_Decode($resp->value());
-		if(!is_array($parsed_response) && trim($parsed_repsonse) == "Authentication failed") {
-			$error = "A authentication failure occurred while trying to access {$url}:{$port} ($method).";
-			log_error($error);
-			break;
-		}
 		$numberofruns++;
 	}
 }
-- 
cgit v1.1


From 52a93b82398c79c80418e5651ff0d12c1e3b2421 Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Fri, 10 Dec 2010 19:10:10 +0000
Subject: If we fail to authenticate consider it as fatal since nothing else
 can be done.

---
 etc/rc.filter_synchronize | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'etc/rc.filter_synchronize')

diff --git a/etc/rc.filter_synchronize b/etc/rc.filter_synchronize
index 7a4f1e1..0d9ee01 100755
--- a/etc/rc.filter_synchronize
+++ b/etc/rc.filter_synchronize
@@ -118,7 +118,7 @@ function carp_check_version($url, $password, $port = 80, $method = 'pfsense.host
 				if (trim($parsed_response) == "Authentication failed") {
 					$error = "A authentication failure occurred while trying to access {$url}:{$port} ({$method}).";
 					log_error($error);
-					return false;
+					exit;
 				}
 			} else {
 				if (!isset($parsed_response['config_version']) ||
@@ -253,7 +253,7 @@ function carp_sync_xml($url, $password, $sections, $port = 80, $method = 'pfsens
 			if(!is_array($parsed_response) && trim($parsed_repsonse) == "Authentication failed") {
 				$error = "A authentication failure occurred while trying to access {$url}:{$port} ($method).";
 				log_error($error);
-				break;
+				exit;
 			} else
 				log_error("XMLRPC sync successfully completed with {$url}:{$port}.");
 			$numberofruns = 3;
-- 
cgit v1.1


From 602cb4b00c590e2efcd5a91ea4d7ec2d68c4034b Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Fri, 10 Dec 2010 19:13:03 +0000
Subject: Leave a notice for this as well.

---
 etc/rc.filter_synchronize | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'etc/rc.filter_synchronize')

diff --git a/etc/rc.filter_synchronize b/etc/rc.filter_synchronize
index 0d9ee01..0a8316b 100755
--- a/etc/rc.filter_synchronize
+++ b/etc/rc.filter_synchronize
@@ -118,6 +118,7 @@ function carp_check_version($url, $password, $port = 80, $method = 'pfsense.host
 				if (trim($parsed_response) == "Authentication failed") {
 					$error = "A authentication failure occurred while trying to access {$url}:{$port} ({$method}).";
 					log_error($error);
+					file_notice("sync_settings", $error, "Settings Sync", "");
 					exit;
 				}
 			} else {
@@ -253,6 +254,7 @@ function carp_sync_xml($url, $password, $sections, $port = 80, $method = 'pfsens
 			if(!is_array($parsed_response) && trim($parsed_repsonse) == "Authentication failed") {
 				$error = "A authentication failure occurred while trying to access {$url}:{$port} ($method).";
 				log_error($error);
+				file_notice("sync_settings", $error, "Settings Sync", "");
 				exit;
 			} else
 				log_error("XMLRPC sync successfully completed with {$url}:{$port}.");
-- 
cgit v1.1