From 82a9e4c7eb601bc2c105691d63c6865a1789e394 Mon Sep 17 00:00:00 2001 From: marcelloc Date: Tue, 12 Feb 2013 20:16:08 -0200 Subject: dansguardian - improve group acl check to avoid startup errors --- config/dansguardian/dansguardian.inc | 22 +++- config/dansguardian/dansguardian.xml | 6 +- config/dansguardian/dansguardian_ips_header.xml | 114 --------------------- .../dansguardian_ips_header.xml.template | 114 +++++++++++++++++++++ config/dansguardian/dansguardian_users_footer.xml | 14 --- .../dansguardian_users_footer.xml.template | 14 +++ config/dansguardian/dansguardian_users_header.xml | 99 ------------------ .../dansguardian_users_header.xml.template | 99 ++++++++++++++++++ 8 files changed, 247 insertions(+), 235 deletions(-) delete mode 100644 config/dansguardian/dansguardian_ips_header.xml create mode 100644 config/dansguardian/dansguardian_ips_header.xml.template delete mode 100644 config/dansguardian/dansguardian_users_footer.xml create mode 100644 config/dansguardian/dansguardian_users_footer.xml.template delete mode 100644 config/dansguardian/dansguardian_users_header.xml create mode 100644 config/dansguardian/dansguardian_users_header.xml.template (limited to 'config') diff --git a/config/dansguardian/dansguardian.inc b/config/dansguardian/dansguardian.inc index 3077eddb..e3a9e87c 100755 --- a/config/dansguardian/dansguardian.inc +++ b/config/dansguardian/dansguardian.inc @@ -737,7 +737,7 @@ function sync_package_dansguardian($via_rpc=false,$install_process=false) { $dansguardian_groups['embeddedurlweight']=($dansguardian_groups['embeddedurlweight']?$dansguardian_groups['embeddedurlweight']:"0"); $dansguardian_groups['bypass']=($dansguardian_groups['bypass']?$dansguardian_groups['bypass']:"0"); $dansguardian_groups['infectionbypass']=($dansguardian_groups['infectionbypass']?$dansguardian_groups['infectionbypass']:"0"); - $dansguardian_groups['maxuploadsize']=($dansguardian_groups['maxuploadsize']?$dansguardian_groups['maxuploadsize']:$maxuploadsize); + $dansguardian_groups['maxuploadsize']=(is_numeric($dansguardian_groups['maxuploadsize'])?$dansguardian_groups['maxuploadsize']:$maxuploadsize); switch ($dansguardian_groups['reportinglevel']){ case "1": case "2": @@ -780,6 +780,11 @@ function sync_package_dansguardian($via_rpc=false,$install_process=false) { foreach (explode(",",$dansguardian_groups[$list_key]) as $dacl){ if (! is_array(${$list_value})) ${$list_value}=array(); + // try to avoid errors on empty acl group options + if (!preg_match("/\d+/",$dacl)){ + log_error("dansguardian - Config error, Group {$dansguardian_group_name} {$list_key} cannot be empty! Trying to load default acl values"); + $dacl=0; + } $file_temp=file_get_contents(DANSGUARDIAN_DIR . "/etc/dansguardian/lists/{$list_value}list.{$dacl}")."\n"; ${$list_value}=array_merge(explode("\n",$file_temp),${$list_value}); } @@ -788,7 +793,7 @@ function sync_package_dansguardian($via_rpc=false,$install_process=false) { #save group file and unset array file_put_contents(DANSGUARDIAN_DIR . "/etc/dansguardian/lists/{$list_value}list.g_{$dansguardian_groups['name']}",implode("\n",array_unique(${$list_value}))."\n",LOCK_EX); unset(${$list_value}); - } + } } /* bannedphraselist = '/usr/local/etc/dansguardian/lists/bannedphraselist.{$dansguardian_groups['phraseacl']}' @@ -902,9 +907,9 @@ EOF; #Create/update filtergroupsiplist file_put_contents($dansguardian_dir."/lists/authplugins/ipgroups",$filtergroupsiplist,LOCK_EX); #Create/update userlist xml file - $ips_xml_header=file_get_contents("/usr/local/pkg/dansguardian_ips_header.xml"); - $user_xml_header=file_get_contents("/usr/local/pkg/dansguardian_users_header.xml"); - $user_xml_footer=file_get_contents("/usr/local/pkg/dansguardian_users_footer.xml"); + $ips_xml_header=file_get_contents("/usr/local/pkg/dansguardian_ips_header.xml.template"); + $user_xml_header=file_get_contents("/usr/local/pkg/dansguardian_users_header.xml.template"); + $user_xml_footer=file_get_contents("/usr/local/pkg/dansguardian_users_footer.xml.template"); file_put_contents("/usr/local/pkg/dansguardian_users.xml",$user_xml_header.$user_xml.$user_xml_footer,LOCK_EX); file_put_contents("/usr/local/pkg/dansguardian_ips.xml",$ips_xml_header.$ips_xml.$user_xml_footer,LOCK_EX); @@ -1221,11 +1226,18 @@ function dansguardian_validate_input($post, &$input_errors) { $input_errors[] = "{$value} cannot be used as name."; else if ($key == "name" && preg_match("/\W/",$value)) $input_errors[] = "{$value} cannot be used as name. Use only a-z 0-9 characters"; + else if ($key== "group_options"){ + $acls=array("pics","phrase","site","url","extension","header","content","search"); + foreach ($acls as $gacl) + if (!array_key_exists($gacl."acl",$post)) + $input_errors[] = ucfirst($gacl)." must has at least one acl assigned."; + } else if (empty($value)) continue; else if($key == "freq" && (!preg_match("/^\d+(h|m|d)$/",$value) || $value == 0)) $input_errors[] = "A valid number with a time reference is required for the field 'Update Frequency'"; } + } function dansguardian_php_install_command() { diff --git a/config/dansguardian/dansguardian.xml b/config/dansguardian/dansguardian.xml index 48b7b4a7..26d87825 100644 --- a/config/dansguardian/dansguardian.xml +++ b/config/dansguardian/dansguardian.xml @@ -84,17 +84,17 @@ 0755 - http://www.pfsense.org/packages/config/dansguardian/dansguardian_ips_header.xml + http://www.pfsense.org/packages/config/dansguardian/dansguardian_ips_header.xml.template /usr/local/pkg/ 0755 - http://www.pfsense.org/packages/config/dansguardian/dansguardian_users_header.xml + http://www.pfsense.org/packages/config/dansguardian/dansguardian_users_header.xml.template /usr/local/pkg/ 0755 - http://www.pfsense.org/packages/config/dansguardian/dansguardian_users_footer.xml + http://www.pfsense.org/packages/config/dansguardian/dansguardian_users_footer.xml.template /usr/local/pkg/ 0755 diff --git a/config/dansguardian/dansguardian_ips_header.xml b/config/dansguardian/dansguardian_ips_header.xml deleted file mode 100644 index 48eb3e68..00000000 --- a/config/dansguardian/dansguardian_ips_header.xml +++ /dev/null @@ -1,114 +0,0 @@ - - - - - - - - Describe your package here - Describe your package requirements here - Currently there are no FAQ items provided. - dansguardianips - 1.0 - Services: Dansguardian - /usr/local/pkg/dansguardian.inc - - Daemon - /pkg_edit.php?xml=dansguardian.xml&id=0 - - - General - /pkg_edit.php?xml=dansguardian_config.xml&id=0 - - - Limits - /pkg_edit.php?xml=dansguardian_limits.xml&id=0 - - - Blacklist - /pkg_edit.php?xml=dansguardian_blacklist.xml&id=0 - - - Access Lists - /pkg_edit.php?xml=dansguardian_site_acl.xml&id=0 - - - LDAP - /pkg.php?xml=dansguardian_ldap.xml - - - Groups - /pkg.php?xml=dansguardian_groups.xml - - - Users - /pkg_edit.php?xml=dansguardian_users.xml - - - IPs - /pkg_edit.php?xml=dansguardian_ips.xml - - - - Report and log - /pkg_edit.php?xml=dansguardian_log.xml&id=0 - - - Sync - /pkg_edit.php?xml=dansguardian_sync.xml&id=0 - - - Help - /dansguardian_about.php - - - - - Exception IP list - listtopic - - - exceptioniplist - Exception Ip List - - Leave empty to load dansguardian defaults.]]> - textarea - 80 - 12 - base64 - - \ No newline at end of file diff --git a/config/dansguardian/dansguardian_ips_header.xml.template b/config/dansguardian/dansguardian_ips_header.xml.template new file mode 100644 index 00000000..48eb3e68 --- /dev/null +++ b/config/dansguardian/dansguardian_ips_header.xml.template @@ -0,0 +1,114 @@ + + + + + + + + Describe your package here + Describe your package requirements here + Currently there are no FAQ items provided. + dansguardianips + 1.0 + Services: Dansguardian + /usr/local/pkg/dansguardian.inc + + Daemon + /pkg_edit.php?xml=dansguardian.xml&id=0 + + + General + /pkg_edit.php?xml=dansguardian_config.xml&id=0 + + + Limits + /pkg_edit.php?xml=dansguardian_limits.xml&id=0 + + + Blacklist + /pkg_edit.php?xml=dansguardian_blacklist.xml&id=0 + + + Access Lists + /pkg_edit.php?xml=dansguardian_site_acl.xml&id=0 + + + LDAP + /pkg.php?xml=dansguardian_ldap.xml + + + Groups + /pkg.php?xml=dansguardian_groups.xml + + + Users + /pkg_edit.php?xml=dansguardian_users.xml + + + IPs + /pkg_edit.php?xml=dansguardian_ips.xml + + + + Report and log + /pkg_edit.php?xml=dansguardian_log.xml&id=0 + + + Sync + /pkg_edit.php?xml=dansguardian_sync.xml&id=0 + + + Help + /dansguardian_about.php + + + + + Exception IP list + listtopic + + + exceptioniplist + Exception Ip List + + Leave empty to load dansguardian defaults.]]> + textarea + 80 + 12 + base64 + + \ No newline at end of file diff --git a/config/dansguardian/dansguardian_users_footer.xml b/config/dansguardian/dansguardian_users_footer.xml deleted file mode 100644 index 1288b919..00000000 --- a/config/dansguardian/dansguardian_users_footer.xml +++ /dev/null @@ -1,14 +0,0 @@ - - - dansguardian_php_install_command(); - - - dansguardian_php_deinstall_command(); - - - dansguardian_validate_input($_POST, &$input_errors); - - - sync_package_dansguardian(); - - diff --git a/config/dansguardian/dansguardian_users_footer.xml.template b/config/dansguardian/dansguardian_users_footer.xml.template new file mode 100644 index 00000000..1288b919 --- /dev/null +++ b/config/dansguardian/dansguardian_users_footer.xml.template @@ -0,0 +1,14 @@ + + + dansguardian_php_install_command(); + + + dansguardian_php_deinstall_command(); + + + dansguardian_validate_input($_POST, &$input_errors); + + + sync_package_dansguardian(); + + diff --git a/config/dansguardian/dansguardian_users_header.xml b/config/dansguardian/dansguardian_users_header.xml deleted file mode 100644 index 1cc038d5..00000000 --- a/config/dansguardian/dansguardian_users_header.xml +++ /dev/null @@ -1,99 +0,0 @@ - - - - - - - - Describe your package here - Describe your package requirements here - Currently there are no FAQ items provided. - dansguardianusers - 1.0 - Services: Dansguardian - /usr/local/pkg/dansguardian.inc - - Daemon - /pkg_edit.php?xml=dansguardian.xml&id=0 - - - General - /pkg_edit.php?xml=dansguardian_config.xml&id=0 - - - Limits - /pkg_edit.php?xml=dansguardian_limits.xml&id=0 - - - Blacklist - /pkg_edit.php?xml=dansguardian_blacklist.xml&id=0 - - - ACLs - /pkg.php?xml=dansguardian_site_acl.xml - - - LDAP - /pkg.php?xml=dansguardian_ldap.xml - - - Groups - /pkg.php?xml=dansguardian_groups.xml - - - Users - /pkg_edit.php?xml=dansguardian_users.xml - - - - IPs - /pkg_edit.php?xml=dansguardian_ips.xml - - - Report and log - /pkg_edit.php?xml=dansguardian_log.xml&id=0 - - - Sync - /pkg_edit.php?xml=dansguardian_sync.xml&id=0 - - - Help - /dansguardian_about.php - - - diff --git a/config/dansguardian/dansguardian_users_header.xml.template b/config/dansguardian/dansguardian_users_header.xml.template new file mode 100644 index 00000000..1cc038d5 --- /dev/null +++ b/config/dansguardian/dansguardian_users_header.xml.template @@ -0,0 +1,99 @@ + + + + + + + + Describe your package here + Describe your package requirements here + Currently there are no FAQ items provided. + dansguardianusers + 1.0 + Services: Dansguardian + /usr/local/pkg/dansguardian.inc + + Daemon + /pkg_edit.php?xml=dansguardian.xml&id=0 + + + General + /pkg_edit.php?xml=dansguardian_config.xml&id=0 + + + Limits + /pkg_edit.php?xml=dansguardian_limits.xml&id=0 + + + Blacklist + /pkg_edit.php?xml=dansguardian_blacklist.xml&id=0 + + + ACLs + /pkg.php?xml=dansguardian_site_acl.xml + + + LDAP + /pkg.php?xml=dansguardian_ldap.xml + + + Groups + /pkg.php?xml=dansguardian_groups.xml + + + Users + /pkg_edit.php?xml=dansguardian_users.xml + + + + IPs + /pkg_edit.php?xml=dansguardian_ips.xml + + + Report and log + /pkg_edit.php?xml=dansguardian_log.xml&id=0 + + + Sync + /pkg_edit.php?xml=dansguardian_sync.xml&id=0 + + + Help + /dansguardian_about.php + + + -- cgit v1.2.3