aboutsummaryrefslogtreecommitdiffstats
path: root/config/squid3
diff options
context:
space:
mode:
authordoktornotor <notordoktor@gmail.com>2015-09-30 15:43:43 +0200
committerdoktornotor <notordoktor@gmail.com>2015-09-30 15:43:43 +0200
commit6239f50ae4a51f1f3fc99d48a62efc9c6f528ace (patch)
tree44df10092c83274fb84d3302885c2f18208058f2 /config/squid3
parentb27ad1190a1a6360a9b61c488a9843f66d42125d (diff)
downloadpfsense-packages-6239f50ae4a51f1f3fc99d48a62efc9c6f528ace.tar.gz
pfsense-packages-6239f50ae4a51f1f3fc99d48a62efc9c6f528ace.tar.bz2
pfsense-packages-6239f50ae4a51f1f3fc99d48a62efc9c6f528ace.zip
Put safety checks here to prevent shooting users from shooting themselves in foot.
Diffstat (limited to 'config/squid3')
-rwxr-xr-xconfig/squid3/34/squid.inc53
1 files changed, 41 insertions, 12 deletions
diff --git a/config/squid3/34/squid.inc b/config/squid3/34/squid.inc
index dbfcda89..ed3367d3 100755
--- a/config/squid3/34/squid.inc
+++ b/config/squid3/34/squid.inc
@@ -141,15 +141,20 @@ function squid_dash_z($cache_action = 'none') {
// If it already exists, delete it.
if ($cachesettings['harddisk_cache_system'] == "null") {
if (is_dir($cachedir)) {
- log_error("Deleting Squid cache dir {$cachedir} since 'Hard Disk Cache System' is set to null.");
- // cannot nuke disk cache while Squid is running
- squid_stop_monitor();
- if (is_service_running('squid')) {
- stop_service("squid");
+ if (substr($cachedir, 0, 11) === "/var/squid/") {
+ log_error("Deleting Squid cache dir {$cachedir} since 'Hard Disk Cache System' is set to null.");
+ // cannot nuke disk cache while Squid is running
+ squid_stop_monitor();
+ if (is_service_running('squid')) {
+ stop_service("squid");
+ }
+ rename($cachedir, "{$cachedir}.old");
+ mwexec_bg("/bin/rm -rf {$cachedir}.old");
+ squid_restart_services();
+ } else {
+ log_error("'Hard Disk Cache System' is set to null.");
+ log_error("Will NOT delete Squid cache dir '{$cachedir}' since it is not located under /var/squid. Delete manually if required.");
}
- rename($cachedir, "{$cachedir}.old");
- mwexec_bg("/bin/rm -rf {$cachedir}.old");
- squid_restart_services();
}
return;
}
@@ -163,8 +168,12 @@ function squid_dash_z($cache_action = 'none') {
stop_service("squid");
}
if (is_dir($cachedir)) {
- rename($cachedir, "{$cachedir}.old");
- mwexec_bg("/bin/rm -rf {$cachedir}.old");
+ if (substr($cachedir, 0, 11) === "/var/squid/") {
+ rename($cachedir, "{$cachedir}.old");
+ mwexec_bg("/bin/rm -rf {$cachedir}.old");
+ } else {
+ log_error("Will NOT delete Squid cache dir '{$cachedir}' since it is not located under /var/squid. Delete manually if required.");
+ }
}
squid_create_cachedir();
squid_restart_services();
@@ -423,10 +432,18 @@ function squid_deinstall_command() {
$logdir = ($squidsettings['log_dir'] ? $squidsettings['log_dir'] : '/var/squid/logs');
// XXX: Is it ok to remove cache and logs? It's going to happen every time package is updated
if (is_dir("{$cachedir}")) {
- mwexec_bg("/bin/rm -rf {$cachedir}");
+ if (substr($cachedir, 0, 11) === "/var/squid/") {
+ mwexec_bg("/bin/rm -rf {$cachedir}");
+ } else {
+ log_error("Will NOT delete Squid cache dir '{$cachedir}' since it is not located under /var/squid. Delete manually if required.");
+ }
}
if (is_dir("{$logdir}")) {
- mwexec("/bin/rm -rf {$logdir}");
+ if (substr($logdir, 0, 11) === "/var/squid/") {
+ mwexec("/bin/rm -rf {$logdir}");
+ } else {
+ log_error("Will NOT delete Squid log dir '{$logdir}' since it is not located under /var/squid. Delete manually if required.");
+ }
}
$dirs = array("/var/run/c-icap", "/var/log/c-icap", "/var/log/clamav", "/var/run/clamav", "/var/db/clamav", "/var/run/squid", "/var/squid");
foreach ($dirs as $dir) {
@@ -621,6 +638,18 @@ function squid_validate_cache($post, &$input_errors) {
}
}
}
+
+ if (substr($post['harddisk_cache_location'], -1, 1) == '/') {
+ $input_errors[] = 'Log location must not end with a / character.';
+ }
+
+ if ($post['harddisk_cache_location']{0} != '/') {
+ $input_errors[] = 'Log location must start with a / character.';
+ }
+
+ if (strlen($post['harddisk_cache_location']) <= 3) {
+ $input_errors[] = "Configured log location directory is not valid.";
+ }
}
function squid_validate_nac($post, &$input_errors) {