Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Safe webGUI

    webGUI
    2
    5
    3189
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dvserg last edited by

      pfSense 2.0
      While booting pfSense, have error webgui starting, if any file '/usr/local/pkg/*.inc' contains php syntax error or function name
      duplication.

      This is /etc/inc/filter.inc

      
      function discover_pkg_rules($ruletype) {
      	global $config, $g, $aliases;
      
      	/* Bail if there is no pkg directory, or if the package files might be out of sync. */
      	if(!is_dir("/usr/local/pkg") || file_exists('/conf/needs_package_sync'))
      		return "";
      
      	$rules = "";
      	$files = glob("/usr/local/pkg/*.inc");
      	foreach($files as $pkg_inc) {
      		update_filter_reload_status("Checking for {$ruletype} PF hooks in package {$pkg_inc}");
      # here need safe >>
      		require_once($pkg_inc);
      		$pkg = basename($pkg_inc, ".inc");
      		$pkg_generate_rules = "{$pkg}_generate_rules";
      		if(function_exists($pkg_generate_rules)) {
      			update_filter_reload_status("Processing early {$ruletype} rules for package {$pkg_inc}");
      			$tmprules = $pkg_generate_rules("$ruletype");
      			file_put_contents("{$g['tmp_path']}/rules.test.packages", $aliases . $tmprules);
      			$status = mwexec("/sbin/pfctl -nf {$g['tmp_path']}/rules.test.packages");
      			if ($status <> 0) {
      				$errorrules = "There was an error while parsing the package filter rules for {$pkg_inc}.\n";
      				log_error($errorrules);
      				file_put_contents("{$g['tmp_path']}/rules.packages.{$pkg}", "#{$errorrules}\n");
      				continue;
      			}
      			$rules .= $tmprules;
      		}
      # here need safe >>
      	}
      	return $rules;
      }
      
      

      This is need safe code. Probably as here:

      
      # here need safe >>
      if (exec("php -l $pkg_inc") )  {
      		require_once($pkg_inc);
                      ...
      }else {
      # " package source $pkg_inc error "
      ... 
      }
      # here need safe >>
      

      Or other variant.

      Sorry for my English.
      Thanks.


      SquidGuardDoc EN  RU Tutorial
      Localization ru_PFSense

      1 Reply Last reply Reply Quote 0
      • jimp
        jimp Rebel Alliance Developer Netgate last edited by

        That has always been the case, we have tried to ensure that no packages declare the same functions with the same name.

        Code to catch exceptions may prevent the execution from stopping but it would cause unpredictable behavior if two packages had functions with the same name but different functionality.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • D
          dvserg last edited by

          In the screenshot error matching function names, but it is not so common mistake. I'm talking about the need to check the syntax of the INC files before their inclusion.

          What do you think is needed?

          SquidGuardDoc EN  RU Tutorial
          Localization ru_PFSense

          1 Reply Last reply Reply Quote 0
          • jimp
            jimp Rebel Alliance Developer Netgate last edited by

            Ah, yeah, I see what you mean now.

            I went ahead and opened ticket http://redmine.pfsense.org/issues/1310 for it.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • D
              dvserg last edited by

              Thank you for your work !!!

              SquidGuardDoc EN  RU Tutorial
              Localization ru_PFSense

              1 Reply Last reply Reply Quote 0
              • First post
                Last post