(legacy) cleanup and validate url alias download, closes...

(legacy) cleanup and validate url alias download, closes https://github.com/opnsense/core/issues/877

(legacy) cleanup and validate url alias download, closes...
(legacy) cleanup and validate url alias download, closes https://github.com/opnsense/core/issues/877
cdb5304d · Ad Schellevis · bfe5a992 · cdb5304d
Commit cdb5304d authored Apr 07, 2016 by Ad Schellevis
Show whitespace changes
Inline Side-by-side

Showing with 8 additions and 21 deletions

rc.update_alias_url_data src/etc/rc.update_alias_url_data +8 -21

No files found.
--- a/src/etc/rc.update_alias_url_data
+++ b/src/etc/rc.update_alias_url_data
@@ -30,6 +30,7 @@ require_once("config.inc");
 require_once("util.inc");
 require_once("pfsense-utils.inc");

+
 function update_alias_url_data()
 {
    global $config;
@@ -43,8 +44,7 @@ function update_alias_url_data()
                continue;
            }

-            $address = "";
-            $isfirst = 0;
+            $address_list = array();
            foreach ($alias['aliasurl'] as $alias_url) {
                /* fetch down and add in */
                $temp_filename = tempnam('/tmp/', 'alias_import');
@@ -52,17 +52,6 @@ function update_alias_url_data()
                $verify_ssl = isset($config['system']['checkaliasesurlcert']);
                mkdir($temp_filename);
                download_file($alias_url, $temp_filename . "/aliases", $verify_ssl);
-
-                /* if the item is tar gzipped then extract */
-                if (stripos($alias_url, '.tgz')) {
-                    if (!process_alias_tgz($temp_filename)) {
-                        continue;
-                    }
-                } elseif (stripos($alias_url, '.zip')) {
-                    if (!process_alias_unzip($temp_filename)) {
-                        continue;
-                    }
-                }
                if (file_exists("{$temp_filename}/aliases")) {
                    $fd = @fopen("{$temp_filename}/aliases", 'r');
                    if (!$fd) {
@@ -79,18 +68,17 @@ function update_alias_url_data()
                        if (!empty($tmp_str)) {
                            $tmp = $tmp_str;
                        }
-                        if ($isfirst == 1) {
-                            $address .= ' ';
+                        // validate address, it should either be an address or a subnet and must be unique
+                        if ((is_ipaddr($tmp) || is_subnet($tmp)) && !in_array($tmp, $address_list)) {
+                            $address_list[] = $tmp;
                        }
-                        $address .= $tmp;
-                        $isfirst = 1;
                    }
                    fclose($fd);
                    mwexec("/bin/rm -rf {$temp_filename}");
                }
            }
-            if (!empty($address)) {
-              $config['aliases']['alias'][$x]['address'] = $address;
+            if (count($address_list) > 0) {
+                $config['aliases']['alias'][$x]['address'] = implode(" ", $address_list);
                $updated = true;
            }
        }
@@ -101,7 +89,6 @@ function update_alias_url_data()
    return $updated;
 }

-
 if (update_alias_url_data()) {
    write_config();
    configd_run("filter reload");