From cd0e45edf69432b170a9acc18f74d8b6c60cfd3e Mon Sep 17 00:00:00 2001 From: Ad Schellevis Date: Tue, 30 Apr 2024 21:17:00 +0200 Subject: [PATCH] Firewall: Aliases - remove Phalcon component usage in model for https://github.com/opnsense/core/issues/6389 --- .../Firewall/FieldTypes/AliasContentField.php | 2 - .../Firewall/FieldTypes/AliasNameField.php | 38 +++++++++---------- 2 files changed, 17 insertions(+), 23 deletions(-) diff --git a/src/opnsense/mvc/app/models/OPNsense/Firewall/FieldTypes/AliasContentField.php b/src/opnsense/mvc/app/models/OPNsense/Firewall/FieldTypes/AliasContentField.php index ecde957ff..b5a673a98 100644 --- a/src/opnsense/mvc/app/models/OPNsense/Firewall/FieldTypes/AliasContentField.php +++ b/src/opnsense/mvc/app/models/OPNsense/Firewall/FieldTypes/AliasContentField.php @@ -30,8 +30,6 @@ namespace OPNsense\Firewall\FieldTypes; use OPNsense\Base\FieldTypes\BaseField; use OPNsense\Base\Validators\CallbackValidator; -use Phalcon\Filter\Validation\Validator\Regex; -use Phalcon\Filter\Validation\Validator\ExclusionIn; use OPNsense\Core\Config; use OPNsense\Base\Messages\Message; use OPNsense\Firewall\Util; diff --git a/src/opnsense/mvc/app/models/OPNsense/Firewall/FieldTypes/AliasNameField.php b/src/opnsense/mvc/app/models/OPNsense/Firewall/FieldTypes/AliasNameField.php index ff8bc477b..58202f9f8 100644 --- a/src/opnsense/mvc/app/models/OPNsense/Firewall/FieldTypes/AliasNameField.php +++ b/src/opnsense/mvc/app/models/OPNsense/Firewall/FieldTypes/AliasNameField.php @@ -30,8 +30,6 @@ namespace OPNsense\Firewall\FieldTypes; use OPNsense\Base\FieldTypes\BaseField; use OPNsense\Base\Validators\CallbackValidator; -use Phalcon\Filter\Validation\Validator\Regex; -use Phalcon\Filter\Validation\Validator\ExclusionIn; /** * Class AliasNameField @@ -70,28 +68,26 @@ class AliasNameField extends BaseField 'upperlimit', 'urpf-failed', 'user' ); if ($this->internalValue != null) { - // add validations to deny reserved keywords, service/protocol names and invalid characters - $validators[] = new ExclusionIn(array( - 'message' => sprintf( - gettext('The name cannot be the internally reserved keyword "%s".'), - (string)$this - ), - 'domain' => $reservedwords)); - $validators[] = new Regex([ - 'message' => gettext('The name must start with a letter or single underscore, be less than 32 characters and only consist of alphanumeric characters or underscores.'), - /* avoids single "_" and prefixes of "__" here too */ - 'pattern' => '/^([a-zA-Z]|(([_a-zA-Z][a-zA-Z0-9]|[a-zA-Z][_a-zA-Z0-9])[_a-zA-Z0-9]{0,29}))$/' - ]); $validators[] = new CallbackValidator( [ - "callback" => function ($value) { - if ( - getservbyname($value, 'tcp') || - getservbyname($value, 'udp') || getprotobyname($value) - ) { - return array(gettext('Reserved protocol or service names may not be used')); + "callback" => function ($value) use ($reservedwords) { + $result = []; + /* avoids single "_" and prefixes of "__" here too */ + if (!preg_match( + '/^([a-zA-Z]|(([_a-zA-Z][a-zA-Z0-9]|[a-zA-Z][_a-zA-Z0-9])[_a-zA-Z0-9]{0,29}))$/', + $value + )) { + $result[] = gettext('The name must start with a letter or single underscore, be less than 32 characters and only consist of alphanumeric characters or underscores.'); } - return array(); + if (in_array($value, $reservedwords)) { + $result[] = gettext('The name cannot be the internally reserved keyword "%s".'); + } + if ( + getservbyname($value, 'tcp') || getservbyname($value, 'udp') || getprotobyname($value) + ) { + $result[] = gettext('Reserved protocol or service names may not be used'); + } + return $result; } ] );