Mirrors
/
aredn
mirror of https://github.com/aredn/aredn.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

bugfix: Prevent users from uploading files when tunnels are active. 

If a user tries to upload a file (especially firmware images) while
a tunnel is active the nodes run a high risk of running out of
available RAM.

Change-Id: I6c31a5c641c7266f337aa4b209367ae0491703ad
This commit is contained in:
Conrad Lara - KG6JEI 2017-03-05 16:57:37 -08:00
parent 24a3243215
commit a2208dbc5a
2 changed files with 34 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
files/www/cgi-bin/admin
View File

@ -57,7 +57,24 @@ sub firmware_list_gen
$debug = 0;
$| = 1;
read_postdata({acceptfile => true});
$tunnel_active= 0;
if ( -e "/usr/sbin/vtund" && open(my $tuncfgfd, '/etc/config/vtun')) {
while ( my $line = <$tuncfgfd> ) {
if ( $line =~ /option enabled '1'/i ) {
$tunnel_active = 1;
last;
}
}
}
if ( $tunnel_active ) {
read_postdata({acceptfile => false});
} else {
read_postdata({acceptfile => true});
}
reboot_page("/cgi-bin/status") if $parms{button_reboot};
read_query_string();
$node = nvram_get("node");
@ -557,7 +574,9 @@ print "<tr><td align=center colspan=3>current version: $fw_version</td></tr>\n";
print "<tr>\n";
print "<td>Upload Firmware</td>\n";
print "<td><input type=file name=firmfile title='choose the firmware file to install from your hard drive'></td>\n";
print "<td align=center><input type=submit name=button_ul_fw value=Upload title='install the firmware'></td>\n";
print "<td align=center><input type=submit name=button_ul_fw value=Upload title='install the firmware'";
if($tunnel_active) { print " disabled"; };
print "></td>\n";
print "</tr>\n";
print "<tr>\n";
@ -601,7 +620,9 @@ if(@pkg_output)
print "<tr>\n";
print "<td>Upload Package</td>\n";
print "<td><input type=file name=ul_pkg title='choose the .ipk file to install from your hard drive'> </td>\n";
print "<td align=center><input type=submit name=button_ul_pkg value=Upload title='install the package'></td>\n";
print "<td align=center><input type=submit name=button_ul_pkg value=Upload title='install the package'";
if($tunnel_active) { print " disabled"; };
print "></td>\n";
print "</tr>\n";
print "<tr>\n";
@ -652,7 +673,9 @@ if(@key_output)
print "<tr>\n";
print "<td>Upload Key</td>\n";
print "<td><input type=file name=sshkey title='choose the id_rsa.pub file to install from your hard drive'></td>\n";
print "<td align=center><input type=submit name=button_ul_key value=Upload title='install the key'></td>\n";
print "<td align=center><input type=submit name=button_ul_key value=Upload title='install the key'";
if($tunnel_active) { print " disabled"; };
print "></td>\n";
print "</tr>\n";
print "<tr>\n";

7
files/www/help.html
View File

@ -644,6 +644,13 @@ size will be translated into the new subnet address space.
</p>
<br><br><hr>
<a name=admin><h2>Administration</h2></a>
<p>
<strong>Note:</strong></br>Files can not be uploaded to a node while a tunnel
server or client connection is enabled. To upload any file (firmware, package
or ssh key) you must ensure all tunnel servers and clients are disabled.</br>
Upload buttons will be disabled until tunnels are disabled.
</p>
<p>
<strong>Firmware Update</strong> is how new firmware is installed on the node.
If you have a firmware image on your computer, click