From fb0eb20bb937d812b8d66605e22c1e3742cabf58 Mon Sep 17 00:00:00 2001 From: Ermal Date: Wed, 12 Jun 2013 17:46:12 +0000 Subject: Actually do not allow the loop to continue. Related to Ticket #1928 --- usr/local/www/xmlrpc.php | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) (limited to 'usr/local') diff --git a/usr/local/www/xmlrpc.php b/usr/local/www/xmlrpc.php index 535f6ee..0cb8d51 100755 --- a/usr/local/www/xmlrpc.php +++ b/usr/local/www/xmlrpc.php @@ -142,8 +142,10 @@ $backup_config_section_sig = array( function backup_config_section_xmlrpc($raw_params) { global $config, $xmlrpc_g; - if (xmlrpc_loop_detect()) + if (xmlrpc_loop_detect()) { log_error("Disallowing CARP sync loop"); + return; + } $params = xmlrpc_params_to_php($raw_params); if(!xmlrpc_auth($params)) { @@ -170,8 +172,10 @@ function restore_config_section_xmlrpc($raw_params) { $old_config = $config; - if (xmlrpc_loop_detect()) + if (xmlrpc_loop_detect()) { log_error("Disallowing CARP sync loop"); + return; + } $params = xmlrpc_params_to_php($raw_params); if(!xmlrpc_auth($params)) { @@ -295,8 +299,10 @@ $merge_config_section_sig = array( function merge_installedpackages_section_xmlrpc($raw_params) { global $config, $xmlrpc_g; - if (xmlrpc_loop_detect()) + if (xmlrpc_loop_detect()) { log_error("Disallowing CARP sync loop"); + return; + } $params = xmlrpc_params_to_php($raw_params); if(!xmlrpc_auth($params)) { @@ -323,8 +329,10 @@ $merge_config_section_sig = array( function merge_config_section_xmlrpc($raw_params) { global $config, $xmlrpc_g; - if (xmlrpc_loop_detect()) + if (xmlrpc_loop_detect()) { log_error("Disallowing CARP sync loop"); + return; + } $params = xmlrpc_params_to_php($raw_params); if(!xmlrpc_auth($params)) { @@ -380,8 +388,10 @@ $carp_configure_sig = array( function interfaces_carp_configure_xmlrpc($raw_params) { global $xmlrpc_g; - if (xmlrpc_loop_detect()) + if (xmlrpc_loop_detect()) { log_error("Disallowing CARP sync loop"); + return; + } $params = xmlrpc_params_to_php($raw_params); if(!xmlrpc_auth($params)) { -- cgit v1.1