Commit 0079214d authored by Franco Fichtner's avatar Franco Fichtner

openvpn: allow tunnel_network overrides to contain host addresses; closes #1476

parent 2dbc3ab2
......@@ -332,7 +332,7 @@ function openvpn_validate_port($value, $name)
return false;
}
function openvpn_validate_cidr($value, $name, $multiple = false, $ipproto = "ipv4")
function openvpn_validate_cidr($value, $name, $multiple = false, $ipproto = 'ipv4', $allow_hosts = false)
{
$value = trim($value);
$error = false;
......@@ -346,8 +346,8 @@ function openvpn_validate_cidr($value, $name, $multiple = false, $ipproto = "ipv
}
foreach ($networks as $network) {
if ($ipproto == "ipv4") {
$error = !openvpn_validate_cidr_ipv4($network);
if ($ipproto == 'ipv4') {
$error = !openvpn_validate_cidr_ipv4($network, $allow_hosts);
} else {
$error = !openvpn_validate_cidr_ipv6($network);
}
......@@ -363,7 +363,7 @@ function openvpn_validate_cidr($value, $name, $multiple = false, $ipproto = "ipv
}
}
function openvpn_validate_cidr_ipv4($value)
function openvpn_validate_cidr_ipv4($value, $allow_hosts = false)
{
$value = trim($value);
if (!empty($value)) {
......@@ -373,7 +373,7 @@ function openvpn_validate_cidr_ipv4($value)
}
/* IPv4 case is very strict, cannot be a host address */
$mask = (0xffffffff << (32 - $mask)) & 0xffffffff;
if ((ip2long($ip) & $mask) != ip2long($ip)) {
if (!$allow_hosts && (ip2long($ip) & $mask) != ip2long($ip)) {
return false;
}
}
......
......@@ -127,10 +127,10 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
exit;
} else {
/* perform validations */
if ($result = openvpn_validate_cidr($pconfig['tunnel_network'], 'IPv4 Tunnel Network')) {
if ($result = openvpn_validate_cidr($pconfig['tunnel_network'], 'IPv4 Tunnel Network', false, 'ipv4', true)) {
$input_errors[] = $result;
}
if ($result = openvpn_validate_cidr($pconfig['tunnel_networkv6'], 'IPv6 Tunnel Network', false, "ipv6")) {
if ($result = openvpn_validate_cidr($pconfig['tunnel_networkv6'], 'IPv6 Tunnel Network', false, 'ipv6', true)) {
$input_errors[] = $result;
}
if ($result = openvpn_validate_cidr($pconfig['local_network'], 'IPv4 Local Network', true, "ipv4")) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment