(unbound) get_interface_subnet(v6) can return null, ignore network in that case.

Eventually we should move this kind of "get all attached networks" to a single and simple function, which uses legacy_get_interface_addresses() underneath. but there's still too much obscure code in this region to remove it easily (cherry picked from commit 86996d7b)

(unbound) get_interface_subnet(v6) can return null, ignore network in that case.
Eventually we should move this kind of "get all attached networks" to a single and simple function, which uses legacy_get_interface_addresses() underneath. but there's still too much obscure code in this region to remove it easily (cherry picked from commit 86996d7b)
08a2e230 · Ad Schellevis · Franco Fichtner · 9dd53b06 · 08a2e230 · 08a2e230
Commit 08a2e230 authored Sep 18, 2016 by Ad Schellevis Committed by Franco Fichtner Sep 18, 2016
Hide whitespace changes
Inline Side-by-side

Showing with 12 additions and 4 deletions

unbound.inc src/etc/inc/unbound.inc +6 -2

services_unbound_acls.php src/www/services_unbound_acls.php +6 -2

No files found.
--- a/src/etc/inc/unbound.inc
+++ b/src/etc/inc/unbound.inc
@@ -707,13 +707,17 @@ function unbound_acls_config() {
        if (!empty($ifip)) {
            $subnet_bits = get_interface_subnet($ubif);
            $subnet_ip = gen_subnet($ifip, $subnet_bits);
-            $aclcfg .= "access-control: {$subnet_ip}/{$subnet_bits} allow\n";
+            if (!empty($subnet_bits) && !empty($subnet_ip)) {
+                $aclcfg .= "access-control: {$subnet_ip}/{$subnet_bits} allow\n";
+            }
        }
        $ifip = get_interface_ipv6($ubif);
        if (!empty($ifip)) {
            $subnet_bits = get_interface_subnetv6($ubif);
            $subnet_ip = gen_subnetv6($ifip, $subnet_bits);
-            $aclcfg .= "access-control: {$subnet_ip}/{$subnet_bits} allow\n";
+            if (!empty($subnet_bits) && !empty($subnet_ip)) {
+                $aclcfg .= "access-control: {$subnet_ip}/{$subnet_bits} allow\n";
+            }
        }
    }

--- a/src/www/services_unbound_acls.php
+++ b/src/www/services_unbound_acls.php
@@ -348,13 +348,17 @@ include("head.inc");
                      if (!empty($ifip)) {
                          $subnet_bits = get_interface_subnet($ubif);
                          $subnet_ip = gen_subnet($ifip, $subnet_bits);
-                          $automatic_allowed[] = "{$subnet_ip}/{$subnet_bits}";
+                          if (!empty($subnet_bits) && !empty($subnet_ip)) {
+                              $automatic_allowed[] = "{$subnet_ip}/{$subnet_bits}";
+                          }
                      }
                      $ifip = get_interface_ipv6($ubif);
                      if (!empty($ifip)) {
                          $subnet_bits = get_interface_subnetv6($ubif);
                          $subnet_ip = gen_subnetv6($ifip, $subnet_bits);
-                          $automatic_allowed[] = "{$subnet_ip}/{$subnet_bits}";
+                          if (!empty($subnet_bits) && !empty($subnet_ip)) {
+                              $automatic_allowed[] = "{$subnet_ip}/{$subnet_bits}";
+                          }
                      }
                  }
                  foreach ($automatic_allowed as $network):?>