From 9db6993f9ad8de7add4d8b042583c56014cef853 Mon Sep 17 00:00:00 2001 From: jim-p Date: Tue, 18 May 2010 11:06:23 -0400 Subject: Fix deletion of authentication servers. Fixes #600. --- usr/local/www/system_authservers.php | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) (limited to 'usr') diff --git a/usr/local/www/system_authservers.php b/usr/local/www/system_authservers.php index 984f0ab..698a6be 100644 --- a/usr/local/www/system_authservers.php +++ b/usr/local/www/system_authservers.php @@ -65,11 +65,19 @@ if ($act == "del") { exit; } + /* Remove server from main list. */ $serverdeleted = $a_server[$_GET['id']]['name']; + foreach ($config['system']['authserver'] as $k => $as) { + if ($config['system']['authserver'][$k]['name'] == $serverdeleted) + unset($config['system']['authserver'][$k]); + } + + /* Remove server from temp list used later on this page. */ unset($a_server[$_GET['id']]); - write_config(); + $savemsg = gettext("Authentication Server")." {$serverdeleted} ". - gettext("successfully deleted")."
"; + gettext("deleted")."
"; + write_config($savemsg); } if ($act == "edit") { -- cgit v1.1 From 4e6593de5a18b785565a4bcd454f2d3e31d2518c Mon Sep 17 00:00:00 2001 From: jim-p Date: Tue, 18 May 2010 12:53:28 -0400 Subject: Unbreak automatic updates. --- usr/local/www/system_firmware_auto.php | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) (limited to 'usr') diff --git a/usr/local/www/system_firmware_auto.php b/usr/local/www/system_firmware_auto.php index 57e1bf6..d5b7cd5 100755 --- a/usr/local/www/system_firmware_auto.php +++ b/usr/local/www/system_firmware_auto.php @@ -43,6 +43,7 @@ ##|-PRIV require("guiconfig.inc"); +require_once("pfsense-utils.inc"); $curcfg = $config['system']['firmware']; @@ -130,17 +131,16 @@ if(!$latest_version) { require("fend.inc"); exit; } else { - $current_installed_pfsense_version = str_replace("\n", "", @file_get_contents("/etc/version.buildtime")); - $current_installed_pfsense = strtotime($current_installed_pfsense_version); - $latest_version = str_replace("\n", "", @file_get_contents("/tmp/{$g['product_name']}_version")); + $current_installed_buildtime = trim(file_get_contents("/etc/version.buildtime")); + $current_installed_version = trim(file_get_contents("/etc/version")); + $latest_version = trim(@file_get_contents("/tmp/{$g['product_name']}_version")); $latest_version_pfsense = strtotime($latest_version); if(!$latest_version) { update_output_window(gettext("Unable to check for updates.")); require("fend.inc"); exit; } else { - $needs_system_upgrade = false; - if($current_installed_pfsense_version < $latest_version_pfsense) { + if (pfs_version_compare($current_installed_buildtime, $current_installed_version, $latest_version) == -1) { update_status(gettext("Downloading updates") . "..."); conf_mount_rw(); $status = download_file_with_progress_bar("{$updater_url}/latest.tgz", "{$g['upload_path']}/latest.tgz", "read_body_firmware"); @@ -163,8 +163,7 @@ if($g['platform'] == "nanobsd") else $external_upgrade_helper_text .= "pfSenseupgrade "; -if($needs_system_upgrade == true) - $external_upgrade_helper_text .= "{$g['upload_path']}/latest.tgz"; +$external_upgrade_helper_text .= "{$g['upload_path']}/latest.tgz"; $downloaded_latest_tgz_sha256 = str_replace("\n", "", `/sbin/sha256 -q {$g['upload_path']}/latest.tgz`); $upgrade_latest_tgz_sha256 = str_replace("\n", "", `/bin/cat {$g['upload_path']}/latest.tgz.sha256 | awk '{ print $4 }'`); @@ -221,7 +220,7 @@ if($downloaded_latest_tgz_sha256 <> $upgrade_latest_tgz_sha256) { */ function read_body_firmware($ch, $string) { - global $fout, $file_size, $downloaded, $counter, $version, $latest_version, $current_installed_pfsense_version; + global $fout, $file_size, $downloaded, $counter, $version, $latest_version, $current_installed_version; $length = strlen($string); $downloaded += intval($length); $downloadProgress = round(100 * (1 - $downloaded / $file_size), 0); @@ -231,7 +230,7 @@ function read_body_firmware($ch, $string) { $c = $downloadProgress; $text = " " . gettext("Auto Update Download Status") . "\\n"; $text .= "----------------------------------------------------\\n"; - $text .= " " . gettext("Current Version") . " : {$current_installed_pfsense_version}\\n"; + $text .= " " . gettext("Current Version") . " : {$current_installed_version}\\n"; $text .= " " . gettext("Latest Version") . " : {$latest_version}\\n"; $text .= " " . gettext("File size") . " : {$a}\\n"; $text .= " " . gettext("Downloaded") . " : {$b}\\n"; -- cgit v1.1 From 01207fd8487803b40559c62cac65ffbebf5bfcab Mon Sep 17 00:00:00 2001 From: Ermal Date: Tue, 18 May 2010 17:33:57 +0000 Subject: Fixes #536. More fixes and optimizations on the various functions and status pages used for gateways [groups]. --- usr/local/www/widgets/widgets/gateways.widget.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'usr') diff --git a/usr/local/www/widgets/widgets/gateways.widget.php b/usr/local/www/widgets/widgets/gateways.widget.php index 51118d5..7d67570 100644 --- a/usr/local/www/widgets/widgets/gateways.widget.php +++ b/usr/local/www/widgets/widgets/gateways.widget.php @@ -74,9 +74,9 @@ $counter = 1; "; - $counter++; + default: + $online = "Gathering data"; + } + echo ""; + $counter++; ?>
$online
$online
-- cgit v1.1 From cf9a4467e5c0a421aeed171b1b134a20ce2004a5 Mon Sep 17 00:00:00 2001 From: jim-p Date: Wed, 19 May 2010 15:10:54 -0400 Subject: Fix post-restore reboot on NanoBSD. Fixes #602 --- usr/local/www/diag_backup.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'usr') diff --git a/usr/local/www/diag_backup.php b/usr/local/www/diag_backup.php index ffac280..fc66900 100755 --- a/usr/local/www/diag_backup.php +++ b/usr/local/www/diag_backup.php @@ -670,6 +670,6 @@ decrypt_change(); -- cgit v1.1 From eef522258914a223c6490fe9e3aba62566637a9e Mon Sep 17 00:00:00 2001 From: jim-p Date: Wed, 19 May 2010 15:19:31 -0400 Subject: Use the PHP call here instead of a shell exec. --- usr/local/www/interfaces_assign.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'usr') diff --git a/usr/local/www/interfaces_assign.php b/usr/local/www/interfaces_assign.php index ecd47ad..407755f 100755 --- a/usr/local/www/interfaces_assign.php +++ b/usr/local/www/interfaces_assign.php @@ -137,7 +137,7 @@ if (is_array($config['ppps']['ppp']) && count($config['ppps']['ppp'])) { if ($_POST['apply']) { if (file_exists("/var/run/interface_mismatch_reboot_needed")) - exec("/etc/rc.reboot"); + system_reboot(); else { write_config(); -- cgit v1.1 From 091cb5e9ee8ec06fce9fd787fa109fd24ed75b19 Mon Sep 17 00:00:00 2001 From: Ermal Date: Wed, 19 May 2010 22:02:30 +0000 Subject: Add a global declaration. --- usr/local/captiveportal/index.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'usr') diff --git a/usr/local/captiveportal/index.php b/usr/local/captiveportal/index.php index c100ecf..56cddc0 100755 --- a/usr/local/captiveportal/index.php +++ b/usr/local/captiveportal/index.php @@ -234,7 +234,7 @@ function portal_mac_radius($clientmac,$clientip) { function portal_allow($clientip,$clientmac,$username,$password = null, $attributes = null, $ruleno = null) { - global $redirurl, $g, $config, $url_redirection, $type; + global $redirurl, $g, $config, $url_redirection, $type, $passthrumac; /* See if a ruleno is passed, if not start locking the sessions because this means there isn't one atm */ $captiveshouldunlock = false; @@ -402,7 +402,7 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut else $my_redirurl = $redirurl; - if(isset($config['captiveportal']['logoutwin_enable']) && !isset($config['captiveportal']['passthrumacadd'])) { + if(isset($config['captiveportal']['logoutwin_enable']) && !$passthrumac) { if (isset($config['captiveportal']['httpslogin'])) $logouturl = "https://{$config['captiveportal']['httpsname']}:8001/"; -- cgit v1.1 From 9603306327f07205ac69ea99b8c0666ba9dc8a1d Mon Sep 17 00:00:00 2001 From: Erik Fonnesbeck Date: Thu, 20 May 2010 10:48:39 -0600 Subject: Various fixes to usage of ip2long, long2ip, and negated subnet masks, mostly affecting 64-bit. Ticket #459 --- usr/local/www/diag_dhcp_leases.php | 4 ++-- usr/local/www/diag_states_summary.php | 2 +- usr/local/www/firewall_nat_edit.php | 4 ++-- usr/local/www/firewall_nat_out_edit.php | 6 +++--- usr/local/www/services_dhcp.php | 20 ++++++++++---------- usr/local/www/services_dhcp_edit.php | 12 ++++++------ usr/local/www/vpn_l2tp.php | 8 ++++---- usr/local/www/vpn_pppoe.php | 8 ++++---- usr/local/www/vpn_pptp.php | 8 ++++---- 9 files changed, 36 insertions(+), 36 deletions(-) (limited to 'usr') diff --git a/usr/local/www/diag_dhcp_leases.php b/usr/local/www/diag_dhcp_leases.php index 1496685..58e8351 100755 --- a/usr/local/www/diag_dhcp_leases.php +++ b/usr/local/www/diag_dhcp_leases.php @@ -328,7 +328,7 @@ foreach ($leases as $data) { } else { $fspans = $fspane = ""; } - $lip = ip2long($data['ip']); + $lip = ip2ulong($data['ip']); if ($data['act'] == "static") { foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf) { if(is_array($dhcpifconf['staticmap'])) { @@ -345,7 +345,7 @@ foreach ($leases as $data) { } } else { foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf) { - if (($lip >= ip2long($dhcpifconf['range']['from'])) && ($lip <= ip2long($dhcpifconf['range']['to']))) { + if (($lip >= ip2ulong($dhcpifconf['range']['from'])) && ($lip <= ip2ulong($dhcpifconf['range']['to']))) { $data['if'] = $dhcpif; break; } diff --git a/usr/local/www/diag_states_summary.php b/usr/local/www/diag_states_summary.php index 45600a0..40d064f 100644 --- a/usr/local/www/diag_states_summary.php +++ b/usr/local/www/diag_states_summary.php @@ -99,7 +99,7 @@ if(count($states) > 0) { } function sort_by_ip($a, $b) { - return sprintf("%u", ip2long($a)) < sprintf("%u", ip2long($b)) ? -1 : 1; + return ip2ulong($a) < ip2ulong($b) ? -1 : 1; } function build_port_info($portarr, $proto) { diff --git a/usr/local/www/firewall_nat_edit.php b/usr/local/www/firewall_nat_edit.php index 11744ae..d7806b1 100755 --- a/usr/local/www/firewall_nat_edit.php +++ b/usr/local/www/firewall_nat_edit.php @@ -625,10 +625,10 @@ include("fbegin.inc"); ?> diff --git a/usr/local/www/firewall_nat_out_edit.php b/usr/local/www/firewall_nat_out_edit.php index 483aec1..e5fb88a 100755 --- a/usr/local/www/firewall_nat_out_edit.php +++ b/usr/local/www/firewall_nat_out_edit.php @@ -421,14 +421,14 @@ any) diff --git a/usr/local/www/services_dhcp.php b/usr/local/www/services_dhcp.php index cc3d1e4..b72258f 100755 --- a/usr/local/www/services_dhcp.php +++ b/usr/local/www/services_dhcp.php @@ -181,7 +181,7 @@ if(is_array($dhcrelaycfg)) { } function is_inrange($test, $start, $end) { - if ( (ip2long($test) < ip2long($end)) && (ip2long($test) > ip2long($start)) ) + if ( (ip2ulong($test) < ip2ulong($end)) && (ip2ulong($test) > ip2ulong($start)) ) return true; else return false; @@ -242,15 +242,15 @@ if ($_POST) { if (!$input_errors) { /* make sure the range lies within the current subnet */ - $subnet_start = (ip2long($ifcfgip) & gen_subnet_mask_long($ifcfgsn)); - $subnet_end = (ip2long($ifcfgip) | (~gen_subnet_mask_long($ifcfgsn))); + $subnet_start = ip2ulong(long2ip32(ip2long($ifcfgip) & gen_subnet_mask_long($ifcfgsn))); + $subnet_end = ip2ulong(long2ip32(ip2long($ifcfgip) | (~gen_subnet_mask_long($ifcfgsn)))); - if ((ip2long($_POST['range_from']) < $subnet_start) || (ip2long($_POST['range_from']) > $subnet_end) || - (ip2long($_POST['range_to']) < $subnet_start) || (ip2long($_POST['range_to']) > $subnet_end)) { + if ((ip2ulong($_POST['range_from']) < $subnet_start) || (ip2ulong($_POST['range_from']) > $subnet_end) || + (ip2ulong($_POST['range_to']) < $subnet_start) || (ip2ulong($_POST['range_to']) > $subnet_end)) { $input_errors[] = "The specified range lies outside of the current subnet."; } - if (ip2long($_POST['range_from']) > ip2long($_POST['range_to'])) + if (ip2ulong($_POST['range_from']) > ip2ulong($_POST['range_to'])) $input_errors[] = "The range is invalid (first element higher than second element)."; /* make sure that the DHCP Relay isn't enabled on this interface */ @@ -534,15 +534,15 @@ include("head.inc"); Available range - diff --git a/usr/local/www/services_dhcp_edit.php b/usr/local/www/services_dhcp_edit.php index d44fb9b..86fefe3 100755 --- a/usr/local/www/services_dhcp_edit.php +++ b/usr/local/www/services_dhcp_edit.php @@ -140,12 +140,12 @@ if ($_POST) { /* make sure it's not within the dynamic subnet */ if ($_POST['ipaddr']) { - $dynsubnet_start = ip2long($config['dhcpd'][$if]['range']['from']); - $dynsubnet_end = ip2long($config['dhcpd'][$if]['range']['to']); - $lansubnet_start = (ip2long($ifcfgip) & gen_subnet_mask_long($ifcfgsn)); - $lansubnet_end = (ip2long($ifcfgip) | (~gen_subnet_mask_long($ifcfgsn))); - if ((ip2long($_POST['ipaddr']) < $lansubnet_start) || - (ip2long($_POST['ipaddr']) > $lansubnet_end)) { + $dynsubnet_start = ip2ulong($config['dhcpd'][$if]['range']['from']); + $dynsubnet_end = ip2ulong($config['dhcpd'][$if]['range']['to']); + $lansubnet_start = ip2ulong(long2ip32(ip2long($ifcfgip) & gen_subnet_mask_long($ifcfgsn))); + $lansubnet_end = ip2ulong(long2ip32(ip2long($ifcfgip) | (~gen_subnet_mask_long($ifcfgsn)))); + if ((ip2ulong($_POST['ipaddr']) < $lansubnet_start) || + (ip2ulong($_POST['ipaddr']) > $lansubnet_end)) { $input_errors[] = "The IP address must lie in the {$ifcfgdescr} subnet."; } } diff --git a/usr/local/www/vpn_l2tp.php b/usr/local/www/vpn_l2tp.php index 025e30f..2b61209 100644 --- a/usr/local/www/vpn_l2tp.php +++ b/usr/local/www/vpn_l2tp.php @@ -95,11 +95,11 @@ if ($_POST) { if (!$input_errors) { $_POST['remoteip'] = $pconfig['remoteip'] = gen_subnet($_POST['remoteip'], $_POST['l2tp_subnet']); - $subnet_start = ip2long($_POST['remoteip']); - $subnet_end = ip2long($_POST['remoteip']) + $_POST['n_l2tp_units'] - 1; + $subnet_start = ip2ulong($_POST['remoteip']); + $subnet_end = ip2ulong($_POST['remoteip']) + $_POST['n_l2tp_units'] - 1; - if ((ip2long($_POST['localip']) >= $subnet_start) && - (ip2long($_POST['localip']) <= $subnet_end)) { + if ((ip2ulong($_POST['localip']) >= $subnet_start) && + (ip2ulong($_POST['localip']) <= $subnet_end)) { $input_errors[] = gettext("The specified server address lies in the remote subnet."); } if ($_POST['localip'] == get_interface_ip("lan")) { diff --git a/usr/local/www/vpn_pppoe.php b/usr/local/www/vpn_pppoe.php index 7b0cd41..d95302e 100755 --- a/usr/local/www/vpn_pppoe.php +++ b/usr/local/www/vpn_pppoe.php @@ -98,11 +98,11 @@ if ($_POST) { if (!$input_errors) { $_POST['remoteip'] = $pconfig['remoteip'] = gen_subnet($_POST['remoteip'], $_POST['pppoe_subnet']); - $subnet_start = ip2long($_POST['remoteip']); - $subnet_end = ip2long($_POST['remoteip']) + $_POST['pppoe_subnet'] - 1; + $subnet_start = ip2ulong($_POST['remoteip']); + $subnet_end = ip2ulong($_POST['remoteip']) + $_POST['pppoe_subnet'] - 1; - if ((ip2long($_POST['localip']) >= $subnet_start) && - (ip2long($_POST['localip']) <= $subnet_end)) { + if ((ip2ulong($_POST['localip']) >= $subnet_start) && + (ip2ulong($_POST['localip']) <= $subnet_end)) { $input_errors[] = "The specified server address lies in the remote subnet."; } if ($_POST['localip'] == get_interface_ip("lan")) { diff --git a/usr/local/www/vpn_pptp.php b/usr/local/www/vpn_pptp.php index 5aae209..1c88670 100755 --- a/usr/local/www/vpn_pptp.php +++ b/usr/local/www/vpn_pptp.php @@ -99,11 +99,11 @@ if ($_POST) { } if (!$input_errors) { - $subnet_start = ip2long($_POST['remoteip']); - $subnet_end = ip2long($_POST['remoteip']) + $_POST['n_pptp_units'] - 1; + $subnet_start = ip2ulong($_POST['remoteip']); + $subnet_end = ip2ulong($_POST['remoteip']) + $_POST['n_pptp_units'] - 1; - if ((ip2long($_POST['localip']) >= $subnet_start) && - (ip2long($_POST['localip']) <= $subnet_end)) { + if ((ip2ulong($_POST['localip']) >= $subnet_start) && + (ip2ulong($_POST['localip']) <= $subnet_end)) { $input_errors[] = "The specified server address lies in the remote subnet."; } // TODO: Should this check be for any local IP address? -- cgit v1.1 From fa90d7013750b822001bdfcce224cbaf33d95f27 Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Thu, 20 May 2010 15:35:55 -0400 Subject: Add note about required enabled WPA option for 802.1x --- usr/local/www/interfaces.php | 1 + 1 file changed, 1 insertion(+) (limited to 'usr') diff --git a/usr/local/www/interfaces.php b/usr/local/www/interfaces.php index b15af72..4667801 100755 --- a/usr/local/www/interfaces.php +++ b/usr/local/www/interfaces.php @@ -1623,6 +1623,7 @@ $types = array("none" => "None", "static" => "Static", "dhcp" => "DHCP", "pppoe" >
Setting this option will enable 802.1x authentication. +
NOTE: this option requires checking the "Enable WPA box". -- cgit v1.1 From fdb085fade815c447e2172a67ffb0164c17d795f Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Thu, 20 May 2010 17:23:57 -0400 Subject: Add captive portal voucher configuration backup area option Ticket #609 --- usr/local/www/diag_backup.php | 1 + 1 file changed, 1 insertion(+) (limited to 'usr') diff --git a/usr/local/www/diag_backup.php b/usr/local/www/diag_backup.php index fc66900..243008d 100755 --- a/usr/local/www/diag_backup.php +++ b/usr/local/www/diag_backup.php @@ -101,6 +101,7 @@ function spit_out_select_items($area, $showall) { $areas = array("aliases" => "Aliases", "captiveportal" => "Captive Portal", + "voucher" => "Captive Portal Vouchers", "dnsmasq" => "DNS Forwarder", "dhcpd" => "DHCP Server", "filter" => "Firewall Rules", -- cgit v1.1 From c0ed686f9441b7019722954020057b23fe2f6603 Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Thu, 20 May 2010 18:16:38 -0400 Subject: Do not allow duplicate Roll #'s --- usr/local/www/services_captiveportal_vouchers_edit.php | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'usr') diff --git a/usr/local/www/services_captiveportal_vouchers_edit.php b/usr/local/www/services_captiveportal_vouchers_edit.php index 69e485a..ee95927 100644 --- a/usr/local/www/services_captiveportal_vouchers_edit.php +++ b/usr/local/www/services_captiveportal_vouchers_edit.php @@ -77,6 +77,14 @@ if ($_POST) { do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + // Look for duplicate roll # + foreach($a_roll as $re) { + if($re['number'] == $_POST['number']) { + $input_errors[] = "Roll number {$_POST['number']} already exists."; + break; + } + } + if (!is_numeric($_POST['number']) || $_POST['number'] >= $maxnumber) $input_errors[] = "Roll number must be numeric and less than $maxnumber"; -- cgit v1.1