From c7ab9481a46979187047e556b1ad9aec050e64fd Mon Sep 17 00:00:00 2001 From: doktornotor Date: Thu, 6 Aug 2015 21:40:39 +0200 Subject: widentd - code style and multiple improvements/bugfixes - Fix copyright header - FIx indentation, code cleanup - Add input validation (username, sysname, IPv4) - Actually make the default values (username, sysname) work, previously nothing was set if left empty - Fix Bug 3434 by adding custom_php_resync_config_command --- config/widentd/widentd.xml | 174 +++++++++++++++++++++++++++------------------ 1 file changed, 105 insertions(+), 69 deletions(-) (limited to 'config/widentd') diff --git a/config/widentd/widentd.xml b/config/widentd/widentd.xml index ca73d436..ea6f538a 100644 --- a/config/widentd/widentd.xml +++ b/config/widentd/widentd.xml @@ -1,58 +1,54 @@ - - + + - - + . - All rights reserved. - */ -/* ========================================================================== */ + widentd.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2009 Bill Marquette + Copyright (C) 2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> - - Describe your package here - Describe your package requirements here - Currently there are no FAQ items provided. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* ====================================================================================== */ + ]]> + widentd - 1.03_1 + 1.0.4 Services: widentd widentd Modify widentd settings.
Services
- pkg_edit.php?xml=widentd.xml&id=0 + pkg_edit.php?xml=widentd.xml&id=0 widentd @@ -62,61 +58,101 @@ installedpackages->package->$packagename->configuration->settings - Listening interface - interface - Enter the desired listening interface here. - interfaces_selection + Listening interface + interface + + + (Default: WAN) + ]]> + + interfaces_selection + wan + - Username - username - Enter the username you'd like displayed via widentd. - input + Username + username + + + (Defaults to 'user' if left empty.) + ]]> + + input - System name - sysname - Enter the system name you'd like displayed via widentd - input - pfSense + System name + sysname + + + (Defaults to 'UNIX' if left empty.) + ]]> + + input - + + "widentd.sh", "start" => $start, - "stop" => $stop + "stop" => $stop ) ); + restart_service("widentd"); - conf_mount_ro(); config_unlock(); + conf_mount_ro(); } + + + function validate_input_widentd($post, &$input_errors) { + /* Only allow ^[a-zA-Z\.]+$ otherwise the daemon will not start; see widentd manpage */ + if (($post['username'] != "") && !preg_match("/^[a-zA-Z\.]+$/", $post['username'])) { + $input_errors[] = 'Username may only contain uppercase and lowercase letters [a-zA-Z] and "." character.'; + } + + /* Technically, ^[A-Z][A-Z0-9\-.\/]+[A-Z0-9]$ should be valid characters here + https://www.iana.org/assignments/operating-system-names/operating-system-names.xhtml + However this is not supported by widentd; the service will not start. + */ + if (($post['sysname'] != "") && !preg_match("/^[a-zA-Z]+$/", $post['sysname'])) { + $input_errors[] .= 'System name may only contain uppercase and lowercase letters [a-zA-Z].'; + } + + /* Check for IPv6-only interfaces */ + $int = convert_friendly_interface_to_real_interface_name($post['interface']); + $ip = find_interface_ip($int); + if (!is_ipaddrv4($ip)) { + $input_errors[] .= 'The selected interface has no IPv4 configured. Widentd does not support IPv6.'; + } + } + ]]> sync_package_widentd(); + + sync_package_widentd(); + unlink_if_exists("/usr/local/etc/rc.d/widentd.sh"); + + validate_input_widentd($_POST, $input_errors); + - -- cgit v1.2.3