From 03cb2067374a242a5c31af37f5a1a04ac79731b9 Mon Sep 17 00:00:00 2001 From: Jamie Cameron Date: Sun, 7 Nov 2010 12:04:59 -0800 Subject: [PATCH] More IPv6 support --- cfengine/save_class.cgi | 4 +- cfengine/save_push.cgi | 2 +- cipe-vpn/save.cgi | 83 ++++++++++++++++++++++++++++++++++++ exports-nfs4/save_export.cgi | 2 +- firewall/save_rule.cgi | 4 +- lpadmin/save_printer.cgi | 5 +-- 6 files changed, 91 insertions(+), 9 deletions(-) create mode 100755 cipe-vpn/save.cgi diff --git a/cfengine/save_class.cgi b/cfengine/save_class.cgi index 353b6a936..dd55a3f40 100755 --- a/cfengine/save_class.cgi +++ b/cfengine/save_class.cgi @@ -190,7 +190,7 @@ else { @hosts || &error(&text('save_egranthosts', $in{"dir_$i"})); foreach $h (@hosts) { - gethostbyname($h) || &check_ipaddress($h) || + &to_ipaddress($h) || $h =~ /\*/ || $h =~ /=/ || &error(&text('save_egranthost', $h)); push(@values, $h); @@ -303,7 +303,7 @@ else { &sdelete($copy, "server"); if (!$in{"server_def_$i"}) { - gethostbyname($in{"server_$i"}) || + &to_ipaddress($in{"server_$i"}) || &error(&text('save_ecopyserver', $d)); $copy->{'server'} = $in{"server_$i"}; } diff --git a/cfengine/save_push.cgi b/cfengine/save_push.cgi index 3544ed635..6fedb1e04 100755 --- a/cfengine/save_push.cgi +++ b/cfengine/save_push.cgi @@ -13,7 +13,7 @@ $opts->{'domain'} = $in{'domain'}; $opts->{'access'} = join(",", split(/\s+/, $in{'access'})); for($i=0; defined($in{"host_$i"}); $i++) { next if (!$in{"host_$i"}); - gethostbyname($in{"host_$i"}) || &check_ipaddress($in{"host_$i"}) || + &to_ipaddress($in{"host_$i"}) || &error(&text('push_ehost', $in{"host_$i"})); &to_ipaddress($in{"host_$i"}) ne &to_ipaddress(&get_system_hostname())|| &error(&text('push_ethis', $in{"host_$i"})); diff --git a/cipe-vpn/save.cgi b/cipe-vpn/save.cgi new file mode 100755 index 000000000..14e235b6d --- /dev/null +++ b/cipe-vpn/save.cgi @@ -0,0 +1,83 @@ +#!/usr/local/bin/perl +# save.cgi +# Create a new tunnel device + +require './cipe-vpn-lib.pl'; +&ReadParse(); +&error_setup($text{'save_err'}); +$dev = &get_config($in{'dev'}) if (!$in{'new'}); + +if ($in{'delete'}) { + # Just delete this tunnel + # XXX check if in use? + &delete_config($dev); + } +else { + # Validate and store inputs + $dev->{'desc'} = $in{'desc'}; + &check_ipaddress($in{'ipaddr'}) || &error($text{'save_eipaddr'}); + $dev->{'ipaddr'} = $in{'ipaddr'}; + &check_ipaddress($in{'ptpaddr'}) || &error($text{'save_eptpaddr'}); + $dev->{'ptpaddr'} = $in{'ptpaddr'}; + &parse_address("me", 1); + &parse_address("peer", 0); + $in{'key'} =~ /^[a-z0-9]{32,}$/i || &error($text{'save_ekey'}); + $dev->{'key'} = $in{'key'}; + $in{'def_def'} || &check_ipaddress($in{'def'}) || + &error($text{'save_edef'}); + $dev->{'def'} = $in{'def_def'} ? undef : $in{'def'}; + for($i=0; defined($t = $in{"type_$i"}); $i++) { + next if (!$t); + if ($t == 1) { + &check_ipaddress($in{"net_$i"}) || + &error(&text('save_enet', $i+1)); + &check_ipaddress($in{"mask_$i"}) || + &error(&text('save_emask', $i+1)); + $in{"gw_def_$i"} || &check_ipaddress($in{"gw_$i"}) || + &error(&text('save_egw', $i+1)); + push(@route, [ 1, $in{"net_$i"}, $in{"mask_$i"}, + $in{"gw_def_$i"} ? 'GW' : $in{"gw_$i"} ]); + } + else { + &check_ipaddress($in{"net_$i"}) || + &error(&text('save_ehost', $i+1)); + $in{"mask_$i"} && &error(&text('save_emask2', $i+1)); + $in{"gw_def_$i"} || &check_ipaddress($in{"gw_$i"}) || + &error(&text('save_egw2', $i+1)); + push(@route, [ 2, $in{"net_$i"}, "255.255.255.255", + $in{"gw_def_$i"} ? 'GW' : $in{"gw_$i"} ]); + } + } + $dev->{'route'} = \@route; + + # Create or update + $dev->{'device'} = $in{'dev'}; + if ($in{'new'}) { + $dev->{'dynip'} = 'yes'; + $dev->{'maxerr'} = -1; + } + &save_config($dev); + } +&redirect(""); + +# parse_address(name, optional) +sub parse_address +{ +local @rv; +if ($in{"$_[0]_ip_def"}) { + push(@rv, "0.0.0.0"); + } +else { + local $a = $in{"$_[0]_ip"}; + &to_ipaddress($a) || + &error(&text('save_eaddr', $a)); + push(@rv, $a); + } +if (!$in{"$_[0]_port_def"}) { + local $p = $in{"$_[0]_port"}; + $p =~ /^\d+$/ || &error(&text('save_eport', $p)); + push(@rv, $p); + } +$dev->{$_[0]} = join(":", @rv); +} + diff --git a/exports-nfs4/save_export.cgi b/exports-nfs4/save_export.cgi index 6d69bef00..d2bf3041c 100755 --- a/exports-nfs4/save_export.cgi +++ b/exports-nfs4/save_export.cgi @@ -52,7 +52,7 @@ else { $exp{'host'} = $in{'address'}."/".$in{'prefix'}; } else{ - $in{'host'} =~ /\*/ || gethostbyname($in{'host'}) || + $in{'host'} =~ /\*/ || &to_ipaddress($in{'host'}) || &error(&text('save_ehost', $in{'host'})); $exp{'host'} = $in{'host'}; } diff --git a/firewall/save_rule.cgi b/firewall/save_rule.cgi index 66cb43d19..25ee4ac27 100755 --- a/firewall/save_rule.cgi +++ b/firewall/save_rule.cgi @@ -404,9 +404,9 @@ else { sub check_ipmask { -return &check_ipaddress($_[0]) || gethostbyname($_[0]) || +return &to_ipaddress($_[0]) || $_[0] =~ /^([0-9\.]+)\/([0-9\.]+)$/ && - (&check_ipaddress("$1") || gethostbyname("$1")) && + &to_ipaddress("$1") && (&check_ipaddress("$2") || ($2 =~ /^\d+$/ && $2 <= 32)); } diff --git a/lpadmin/save_printer.cgi b/lpadmin/save_printer.cgi index 3a65ea57f..b1066e8e7 100755 --- a/lpadmin/save_printer.cgi +++ b/lpadmin/save_printer.cgi @@ -105,8 +105,7 @@ if ($in{'new'} || &printer_support('editdest')) { $rhost = $in{'rhost'}; $rport = 515; } - gethostbyname($rhost) || - &check_ipaddress($rhost) || + &to_ipaddress($rhost) || &to_ip6address($rhost) || &error(&text('save_erhost', $rhost)); $rport =~ /^\d+$/ || &error(&text('save_erport', $rport)); $in{'rqueue'} =~ /^[A-z0-9\-\_\.\/]+$/ || @@ -157,7 +156,7 @@ if ($in{'new'} || &printer_support('editdest')) { } elsif ($in{'dest'} == 5) { # direct connection printing - gethostbyname($in{'dhost'}) || &check_ipaddress($in{'dhost'}) || + &to_ipaddress($in{'dhost'}) || &to_ip6address($in{'dhost'}) || &error(&text('save_edhost', $in{'dhost'})); $in{'dport'} =~ /^\d+$/ || &error($text{'save_edport'}); $prn{'dhost'} = $in{'dhost'};