From c43d7a4ec17aa30de383968797b96a2c557cbd50 Mon Sep 17 00:00:00 2001 From: Chris Buechler Date: Thu, 10 Jun 2010 01:58:22 -0400 Subject: Add input validation for most fields. Remove broken input validation that made editing groups impossible. Still don't have input validation for parameters, nor validation ensuring groups that are in use cannot be deleted. --- config/openbgpd/openbgpd.inc | 35 +++++++++++++++++++++++++++++++++++ config/openbgpd/openbgpd.xml | 5 ++++- config/openbgpd/openbgpd_groups.xml | 4 +--- pkg_config.7.xml | 2 +- pkg_config.8.xml | 2 +- 5 files changed, 42 insertions(+), 6 deletions(-) diff --git a/config/openbgpd/openbgpd.inc b/config/openbgpd/openbgpd.inc index 4bf352c9..35485d3e 100644 --- a/config/openbgpd/openbgpd.inc +++ b/config/openbgpd/openbgpd.inc @@ -245,6 +245,41 @@ function check_group_usage($groupname) { return ""; } +function bgpd_validate_input() { + global $config, $g, $input_errors; + + + if (!empty($_POST['asnum']) && !is_numeric($_POST['asnum'])) + $input_errors[] = "AS must be entered as a number only."; + + if (!empty($_POST['routerid']) && !is_ipaddr($_POST['routerid'])) + $input_errors[] = "Router ID must be an IP address."; + + if (!empty($_POST['holdtime']) && !is_numeric($_POST['holdtime'])) + $input_errors[] = "Holdtime must be entered as a number."; + + if (!empty($_POST['listenip']) && !is_ipaddr($_POST['listenip'])) + $input_errors[] = "Listen IP must be an IP address or blank to bind to all IPs."; + +} + +function bgpd_validate_group() { + global $config, $g, $id, $input_errors; + + if (!is_numeric($_POST['remoteas'])) + $input_errors[] = "Remote AS must be entered as a number only."; + + if ($_POST['name'] == "") + $input_errors[] = "You must enter a name."; + + $_POST['name'] = remove_bad_chars($_POST['name']); + +} + +function remove_bad_chars($string) { + return preg_replace('/[^a-z|_|0-9]/i','',$string); +} + function grey_out_value_boxes() { echo << diff --git a/config/openbgpd/openbgpd.xml b/config/openbgpd/openbgpd.xml index f1130720..2d28de0f 100644 --- a/config/openbgpd/openbgpd.xml +++ b/config/openbgpd/openbgpd.xml @@ -132,7 +132,7 @@ Listen on IP listenip - Specify the local IP address bgpd(8) should listen on. + Specify the local IP address bgpd(8) should listen on, or leave blank to bind to all IPs. input @@ -166,4 +166,7 @@ openbgpd_install_conf(); + + bgpd_validate_input(); + diff --git a/config/openbgpd/openbgpd_groups.xml b/config/openbgpd/openbgpd_groups.xml index 7f479427..f43ab466 100644 --- a/config/openbgpd/openbgpd_groups.xml +++ b/config/openbgpd/openbgpd_groups.xml @@ -112,8 +112,6 @@ openbgpd_install_conf(); - $status = check_group_usage($_POST['groupname']); - if($status != "") - $input_errors[] = "Sorry this group is in use by {$status} and cannot be deleted."; + bgpd_validate_group(); diff --git a/pkg_config.7.xml b/pkg_config.7.xml index 9e1dfefd..d96e81b1 100755 --- a/pkg_config.7.xml +++ b/pkg_config.7.xml @@ -412,7 +412,7 @@ OpenBGPD is a FREE implementation of the Border Gateway Protocol, Version 4. It allows ordinary machines to be used as routers exchanging routes with other systems speaking the BGP protocol. NET http://www.pfsense.com/packages/config/openbgpd/openbgpd.xml - 0.4.1 + 0.4.2 STABLE 1.3 openbgpd.xml diff --git a/pkg_config.8.xml b/pkg_config.8.xml index e9099323..db2c5df1 100755 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -315,7 +315,7 @@ OpenBGPD is a FREE implementation of the Border Gateway Protocol, Version 4. It allows ordinary machines to be used as routers exchanging routes with other systems speaking the BGP protocol. NET http://www.pfsense.com/packages/config/openbgpd/openbgpd.xml - 0.5.1 + 0.5.2 STABLE http://doc.pfsense.org/index.php/OpenBGPD_package 1.3 -- cgit v1.2.3