(legacy) cleanup and validate url alias download, closes...

(legacy) cleanup and validate url alias download, closes https://github.com/opnsense/core/issues/877 (cherry picked from commit cdb5304d)

(legacy) cleanup and validate url alias download, closes...
(legacy) cleanup and validate url alias download, closes https://github.com/opnsense/core/issues/877 (cherry picked from commit cdb5304d)
02a1000c · Ad Schellevis · Franco Fichtner · 1e7c91c6 · 02a1000c
Commit 02a1000c authored Apr 07, 2016 by Ad Schellevis Committed by Franco Fichtner Apr 12, 2016
Hide whitespace changes
Inline Side-by-side

Showing with 8 additions and 21 deletions

rc.update_alias_url_data src/etc/rc.update_alias_url_data +8 -21

No files found.
--- a/src/etc/rc.update_alias_url_data
+++ b/src/etc/rc.update_alias_url_data
@@ -30,6 +30,7 @@ require_once("config.inc");
 require_once("util.inc");
 require_once("pfsense-utils.inc");
 function update_alias_url_data()
 {
    global $config;
@@ -43,8 +44,7 @@ function update_alias_url_data()
                continue;
            }
-            $address = "";
+            $address_list = array();
-            $isfirst = 0;
            foreach ($alias['aliasurl'] as $alias_url) {
                /* fetch down and add in */
                $temp_filename = tempnam('/tmp/', 'alias_import');
@@ -52,17 +52,6 @@ function update_alias_url_data()
                $verify_ssl = isset($config['system']['checkaliasesurlcert']);
                mkdir($temp_filename);
                download_file($alias_url, $temp_filename . "/aliases", $verify_ssl);
-                /* if the item is tar gzipped then extract */
-                if (stripos($alias_url, '.tgz')) {
-                    if (!process_alias_tgz($temp_filename)) {
-                        continue;
-                    }
-                } elseif (stripos($alias_url, '.zip')) {
-                    if (!process_alias_unzip($temp_filename)) {
-                        continue;
-                    }
-                }
                if (file_exists("{$temp_filename}/aliases")) {
                    $fd = @fopen("{$temp_filename}/aliases", 'r');
                    if (!$fd) {
@@ -79,19 +68,18 @@ function update_alias_url_data()
                        if (!empty($tmp_str)) {
                            $tmp = $tmp_str;
                        }
-                        if ($isfirst == 1) {
+                        // validate address, it should either be an address or a subnet and must be unique
-                            $address .= ' ';
+                        if ((is_ipaddr($tmp) || is_subnet($tmp)) && !in_array($tmp, $address_list)) {
+                            $address_list[] = $tmp;
                        }
-                        $address .= $tmp;
-                        $isfirst = 1;
                    }
                    fclose($fd);
                    mwexec("/bin/rm -rf {$temp_filename}");
                }
            }
-            if (!empty($address)) {
+            if (count($address_list) > 0) {
-              $config['aliases']['alias'][$x]['address'] = $address;
+                $config['aliases']['alias'][$x]['address'] = implode(" ", $address_list);
-              $updated = true;
+                $updated = true;
            }
        }
    }
@@ -101,7 +89,6 @@ function update_alias_url_data()
    return $updated;
 }
 if (update_alias_url_data()) {
    write_config();
    configd_run("filter reload");