From 298ffc5eba7457bc7f8946458e99107a190a4507 Mon Sep 17 00:00:00 2001
From: jim-p <jimp@pfsense.org>
Date: Tue, 1 Dec 2015 09:55:31 -0500
Subject: Input validation for the Topology parameter. Issue #5526

---
 src/usr/local/www/vpn_openvpn_server.php | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'src/usr/local/www/vpn_openvpn_server.php')

diff --git a/src/usr/local/www/vpn_openvpn_server.php b/src/usr/local/www/vpn_openvpn_server.php
index 023b5a6..9053ec3 100644
--- a/src/usr/local/www/vpn_openvpn_server.php
+++ b/src/usr/local/www/vpn_openvpn_server.php
@@ -413,6 +413,10 @@ if ($_POST) {
 		$input_errors[] = gettext("The field 'Concurrent connections' must be numeric.");
 	}
 
+	if (!array_key_exists($pconfig['topology'], $openvpn_topologies)) {
+		$input_errors[] = gettext("The field 'Topology' contains an invalid selection");
+	}
+
 	/* If we are not in shared key mode, then we need the CA/Cert. */
 	if ($pconfig['mode'] != "p2p_shared_key") {
 		$reqdfields = explode(" ", "caref certref");
-- 
cgit v1.1