From 59d765707666ea046f59a3c20602b29b74f02ff9 Mon Sep 17 00:00:00 2001 From: Ermal Date: Fri, 4 Jan 2013 08:43:54 +0000 Subject: Always commit the session fast to allow other consumers to proceed to their requests. This unbreaks now the lock up the GUI had allowing only one action from same source per time. Now even if you run a command that blocks indefinitely for example the GUI want lock anymore but allow you to proceed to other actions. Manual cherry-pick of 4111fcf5307829b19b95fbb499addddff46264af --- etc/inc/authgui.inc | 8 +++++++- etc/inc/config.lib.inc | 4 ++++ etc/inc/pfsense-utils.inc | 15 --------------- 3 files changed, 11 insertions(+), 16 deletions(-) (limited to 'etc') diff --git a/etc/inc/authgui.inc b/etc/inc/authgui.inc index e950345..9c6ffcd 100644 --- a/etc/inc/authgui.inc +++ b/etc/inc/authgui.inc @@ -87,6 +87,12 @@ if (!$_SESSION['Post_Login']) { exit; } +/* + * Close session data to allow other scripts from same host to come in. + * A session can be reactivated from calling session_start again + */ +session_commit(); + /* * determine if the user is allowed access to the requested page */ @@ -268,4 +274,4 @@ if($config['virtualip']) \ No newline at end of file +?> diff --git a/etc/inc/config.lib.inc b/etc/inc/config.lib.inc index a48d241..e0d5acb 100644 --- a/etc/inc/config.lib.inc +++ b/etc/inc/config.lib.inc @@ -494,7 +494,11 @@ function write_config($desc="Unknown", $backup = true) { log_error("WARNING! Configuration written on bootup. This can cause stray openvpn and load balancing items in config.xml"); */ + if (!session_id()) + session_start(); $username = empty($_SESSION["Username"]) ? "(system)" : $_SESSION['Username']; + session_commit(); + if (!empty($_SERVER['REMOTE_ADDR'])) $username .= '@' . $_SERVER['REMOTE_ADDR']; diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc index 08ab5fd..0a0cf68 100644 --- a/etc/inc/pfsense-utils.inc +++ b/etc/inc/pfsense-utils.inc @@ -40,21 +40,6 @@ pfSense_MODULE: utils */ -/****f* pfsense-utils/have_natonetooneruleint_access - * NAME - * have_natonetooneruleint_access - * INPUTS - * none - * RESULT - * returns true if user has access to edit a specific firewall nat one to one interface - ******/ -function have_natonetooneruleint_access($if) { - $security_url = "firewall_nat_1to1_edit.php?if=". strtolower($if); - if(isAllowedPage($security_url, $_SESSION['Username'])) - return true; - return false; -} - /****f* pfsense-utils/have_natpfruleint_access * NAME * have_natpfruleint_access -- cgit v1.1