]> git.ipfire.org Git - ipfire-2.x.git/commitdiff
projects / ipfire-2.x.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw (from parent 1: b218cce)
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
authorStefan Schantl <stefan.schantl@ipfire.org>
Tue, 21 Jun 2022 07:41:04 +0000 (09:41 +0200)
committerStefan Schantl <stefan.schantl@ipfire.org>
Tue, 21 Jun 2022 07:41:04 +0000 (09:41 +0200)
106 files changed:
config/etc/sysctl.conf patch | blob | blame | history
config/httpd/vhosts.d/ipfire-interface-ssl.conf patch | blob | blame | history
config/httpd/vhosts.d/ipfire-interface.conf patch | blob | blame | history
config/kernel/kernel.config.aarch64-ipfire patch | blob | blame | history
config/kernel/kernel.config.armv6l-ipfire patch | blob | blame | history
config/kernel/kernel.config.riscv64-ipfire patch | blob | blame | history
config/kernel/kernel.config.x86_64-ipfire patch | blob | blame | history
config/ntp/ntp.conf patch | blob | blame | history
config/ovpn/openvpn-authenticator [new file with mode: 0644] patch | blob
config/rootfiles/common/aarch64/boost patch | blob | blame | history
config/rootfiles/common/aarch64/linux patch | blob | blame | history
config/rootfiles/common/armv6l/boost patch | blob | blame | history
config/rootfiles/common/armv6l/linux patch | blob | blame | history
config/rootfiles/common/bind patch | blob | blame | history
config/rootfiles/common/linux-firmware patch | blob | blame | history
config/rootfiles/common/oath-toolkit [new file with mode: 0644] patch | blob
config/rootfiles/common/openvpn patch | blob | blame | history
config/rootfiles/common/perl-File-Remove [new file with mode: 0644] patch | blob
config/rootfiles/common/perl-Imager [new file with mode: 0644] patch | blob
config/rootfiles/common/perl-Imager-QRCode [new file with mode: 0644] patch | blob
config/rootfiles/common/perl-MIME-Base32 [new file with mode: 0644] patch | blob
config/rootfiles/common/perl-Module-Build [new file with mode: 0644] patch | blob
config/rootfiles/common/perl-Module-Install [new file with mode: 0644] patch | blob
config/rootfiles/common/perl-Module-ScanDeps [new file with mode: 0644] patch | blob
config/rootfiles/common/perl-URI-Encode [new file with mode: 0644] patch | blob
config/rootfiles/common/perl-YAML-Tiny [new file with mode: 0644] patch | blob
config/rootfiles/common/qrencode [new file with mode: 0644] patch | blob
config/rootfiles/common/tzdata patch | blob | blame | history
config/rootfiles/common/web-user-interface patch | blob | blame | history
config/rootfiles/common/x86_64/boost patch | blob | blame | history
config/rootfiles/common/x86_64/linux patch | blob | blame | history
config/rootfiles/common/xfsprogs patch | blob | blame | history
config/rootfiles/core/169/filelists/aarch64/binutils [new symlink] patch | blob
config/rootfiles/core/169/filelists/aarch64/glibc [new symlink] patch | blob
config/rootfiles/core/169/filelists/aarch64/linux [new symlink] patch | blob
config/rootfiles/core/169/filelists/aarch64/u-boot [new symlink] patch | blob
config/rootfiles/core/169/filelists/apache2 [new symlink] patch | blob
config/rootfiles/core/169/filelists/armv6l/binutils [new symlink] patch | blob
config/rootfiles/core/169/filelists/armv6l/glibc [new symlink] patch | blob
config/rootfiles/core/169/filelists/armv6l/linux [new symlink] patch | blob
config/rootfiles/core/169/filelists/armv6l/u-boot [new symlink] patch | blob
config/rootfiles/core/169/filelists/bind [new symlink] patch | blob
config/rootfiles/core/169/filelists/files patch | blob | blame | history
config/rootfiles/core/169/filelists/keyutils [new symlink] patch | blob
config/rootfiles/core/169/filelists/krb5 [new symlink] patch | blob
config/rootfiles/core/169/filelists/libtiff [new symlink] patch | blob
config/rootfiles/core/169/filelists/lmdb [new symlink] patch | blob
config/rootfiles/core/169/filelists/misc-progs [new symlink] patch | blob
config/rootfiles/core/169/filelists/oath-toolkit [new symlink] patch | blob
config/rootfiles/core/169/filelists/perl-File-Remove [new symlink] patch | blob
config/rootfiles/core/169/filelists/perl-Imager [new symlink] patch | blob
config/rootfiles/core/169/filelists/perl-Imager-QRCode [new symlink] patch | blob
config/rootfiles/core/169/filelists/perl-MIME-Base32 [new symlink] patch | blob
config/rootfiles/core/169/filelists/perl-Module-Build [new symlink] patch | blob
config/rootfiles/core/169/filelists/perl-Module-Install [new symlink] patch | blob
config/rootfiles/core/169/filelists/perl-Module-ScanDeps [new symlink] patch | blob
config/rootfiles/core/169/filelists/perl-URI-Encode [new symlink] patch | blob
config/rootfiles/core/169/filelists/perl-YAML-Tiny [new symlink] patch | blob
config/rootfiles/core/169/filelists/poppler [new symlink] patch | blob
config/rootfiles/core/169/filelists/qrencode [new symlink] patch | blob
config/rootfiles/core/169/filelists/squid [new symlink] patch | blob
config/rootfiles/core/169/filelists/tzdata [new symlink] patch | blob
config/rootfiles/core/169/filelists/x86_64/binutils [new symlink] patch | blob
config/rootfiles/core/169/filelists/x86_64/glibc [new symlink] patch | blob
config/rootfiles/core/169/filelists/x86_64/linux [new symlink] patch | blob
config/rootfiles/core/169/update.sh patch | blob | blame | history
config/unbound/unbound.conf patch | blob | blame | history
html/cgi-bin/credits.cgi patch | blob | blame | history
html/cgi-bin/ovpnmain.cgi patch | blob | blame | history
html/html/images/qr-code.png [new file with mode: 0644] patch | blob
html/html/images/qr-code.svg [new file with mode: 0644] patch | blob
langs/de/cgi-bin/de.pl patch | blob | blame | history
langs/en/cgi-bin/en.pl patch | blob | blame | history
lfs/apache2 patch | blob | blame | history
lfs/bind patch | blob | blame | history
lfs/dnsdist patch | blob | blame | history
lfs/flash-images patch | blob | blame | history
lfs/linux patch | blob | blame | history
lfs/linux-firmware patch | blob | blame | history
lfs/lmdb patch | blob | blame | history
lfs/lynis patch | blob | blame | history
lfs/oath-toolkit [new file with mode: 0644] patch | blob
lfs/openvpn patch | blob | blame | history
lfs/perl-File-Remove [new file with mode: 0644] patch | blob
lfs/perl-Imager [new file with mode: 0644] patch | blob
lfs/perl-Imager-QRCode [new file with mode: 0644] patch | blob
lfs/perl-MIME-Base32 [new file with mode: 0644] patch | blob
lfs/perl-Module-Build [new file with mode: 0644] patch | blob
lfs/perl-Module-Install [new file with mode: 0644] patch | blob
lfs/perl-Module-ScanDeps [new file with mode: 0644] patch | blob
lfs/perl-URI-Encode [new file with mode: 0644] patch | blob
lfs/perl-YAML-Tiny [new file with mode: 0644] patch | blob
lfs/postfix patch | blob | blame | history
lfs/qrencode [new file with mode: 0644] patch | blob
lfs/squid patch | blob | blame | history
lfs/tor patch | blob | blame | history
lfs/tzdata patch | blob | blame | history
lfs/u-boot patch | blob | blame | history
make.sh patch | blob | blame | history
src/initscripts/system/localnet patch | blob | blame | history
src/initscripts/system/ntp patch | blob | blame | history
src/misc-progs/openvpnctrl.c patch | blob | blame | history
src/misc-progs/setuid.c patch | blob | blame | history
src/patches/Tor-Sandbox-permit-the-clone3-system-call.patch [deleted file] patch | blob | blame | history
src/patches/libcap-2.50-install_capsh_again.patch [deleted file] patch | blob | blame | history
src/patches/linux/linux-5.15.46-layer7.patch [moved from src/patches/linux/linux-5.15.17-layer7.patch with 94% similarity] patch | blob | blame | history

diff --git a/config/etc/sysctl.conf b/config/etc/sysctl.conf
index 7fe397bb71a1fa7b6ce21aae58e7cf5ade8da932..4d4f765eaa48196abb46e128f1e45225dcdadcfd 100644 (file)
--- a/config/etc/sysctl.conf
+++ b/config/etc/sysctl.conf
@@ -31,6 +31,10 @@ vm.min_free_kbytes = 8192
 net.ipv6.conf.all.disable_ipv6 = 1
 net.ipv6.conf.default.disable_ipv6 = 1
 
+# However, enable some IPv6 hardening sysctl's in case this system is run customly _with_ IPv6.
+net.ipv6.conf.all.accept_redirects = 0
+net.ipv6.conf.default.accept_redirects = 0
+
 # Enable netfilter accounting
 net.netfilter.nf_conntrack_acct = 1
 
@@ -104,3 +108,6 @@ kernel.core_uses_pid = 1
 
 # Block non-uid-0 profiling
 kernel.perf_event_paranoid = 3
+
+# Deny any ptrace use as there is no legitimate use-case for it on IPFire
+kernel.yama.ptrace_scope = 3
diff --git a/config/httpd/vhosts.d/ipfire-interface-ssl.conf b/config/httpd/vhosts.d/ipfire-interface-ssl.conf
index 8c4cf3806922b88454934e055d935c0798f07eb3..639f1d479689e4df397d2339bf7dcb77cc281af2 100644 (file)
--- a/config/httpd/vhosts.d/ipfire-interface-ssl.conf
+++ b/config/httpd/vhosts.d/ipfire-interface-ssl.conf
@@ -21,7 +21,7 @@
     SSLCertificateKeyFile /etc/httpd/server-ecdsa.key
 
     Header always set X-Content-Type-Options nosniff
-    Header always set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'"
+    Header always set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data:"
     Header always set Referrer-Policy strict-origin
     Header always set X-Frame-Options sameorigin
 
diff --git a/config/httpd/vhosts.d/ipfire-interface.conf b/config/httpd/vhosts.d/ipfire-interface.conf
index 2cf57dd29637d5aebcb49d718e3ea250012654a4..caa4b92f0f6cb5dcea8a1bb2b4325846fa17e7d5 100644 (file)
--- a/config/httpd/vhosts.d/ipfire-interface.conf
+++ b/config/httpd/vhosts.d/ipfire-interface.conf
@@ -7,7 +7,7 @@
     RewriteRule .* - [F]
 
     Header always set X-Content-Type-Options nosniff
-    Header always set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'"
+    Header always set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src: 'self' data:"
     Header always set Referrer-Policy strict-origin
     Header always set X-Frame-Options sameorigin
 
diff --git a/config/kernel/kernel.config.aarch64-ipfire b/config/kernel/kernel.config.aarch64-ipfire
index 6dfeae59559316aa403794a3855368abc01cb2f0..f2bdf2a3d02ae89c6bc988d767f35d082859d516 100644 (file)
--- a/config/kernel/kernel.config.aarch64-ipfire
+++ b/config/kernel/kernel.config.aarch64-ipfire
@@ -7433,7 +7433,6 @@ CONFIG_NFS_V4_SECURITY_LABEL=y
 CONFIG_NFS_FSCACHE=y
 # CONFIG_NFS_USE_LEGACY_DNS is not set
 CONFIG_NFS_USE_KERNEL_DNS=y
-CONFIG_NFS_DEBUG=y
 CONFIG_NFS_DISABLE_UDP_SUPPORT=y
 # CONFIG_NFS_V4_2_READ_PLUS is not set
 CONFIG_NFSD=m
@@ -7457,7 +7456,7 @@ CONFIG_SUNRPC_GSS=m
 CONFIG_SUNRPC_BACKCHANNEL=y
 CONFIG_RPCSEC_GSS_KRB5=m
 # CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES is not set
-CONFIG_SUNRPC_DEBUG=y
+# CONFIG_SUNRPC_DEBUG is not set
 # CONFIG_CEPH_FS is not set
 CONFIG_CIFS=m
 # CONFIG_CIFS_STATS2 is not set
@@ -7555,7 +7554,7 @@ CONFIG_FORTIFY_SOURCE=y
 # CONFIG_SECURITY_TOMOYO is not set
 # CONFIG_SECURITY_APPARMOR is not set
 # CONFIG_SECURITY_LOADPIN is not set
-# CONFIG_SECURITY_YAMA is not set
+CONFIG_SECURITY_YAMA=y
 # CONFIG_SECURITY_SAFESETID is not set
 CONFIG_SECURITY_LOCKDOWN_LSM=y
 CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y
diff --git a/config/kernel/kernel.config.armv6l-ipfire b/config/kernel/kernel.config.armv6l-ipfire
index 1bb745a8739ee946846f165764dfa494c566373c..3fb7b98a231313cce410bc227306219fd65234ae 100644 (file)
--- a/config/kernel/kernel.config.armv6l-ipfire
+++ b/config/kernel/kernel.config.armv6l-ipfire
@@ -7439,7 +7439,6 @@ CONFIG_NFS_V4_SECURITY_LABEL=y
 CONFIG_NFS_FSCACHE=y
 # CONFIG_NFS_USE_LEGACY_DNS is not set
 CONFIG_NFS_USE_KERNEL_DNS=y
-CONFIG_NFS_DEBUG=y
 CONFIG_NFS_DISABLE_UDP_SUPPORT=y
 # CONFIG_NFS_V4_2_READ_PLUS is not set
 CONFIG_NFSD=m
@@ -7463,7 +7462,7 @@ CONFIG_SUNRPC_GSS=m
 CONFIG_SUNRPC_BACKCHANNEL=y
 CONFIG_RPCSEC_GSS_KRB5=m
 # CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES is not set
-CONFIG_SUNRPC_DEBUG=y
+# CONFIG_SUNRPC_DEBUG is not set
 # CONFIG_CEPH_FS is not set
 CONFIG_CIFS=m
 # CONFIG_CIFS_STATS2 is not set
@@ -7561,7 +7560,7 @@ CONFIG_HARDENED_USERCOPY_PAGESPAN=y
 # CONFIG_SECURITY_TOMOYO is not set
 # CONFIG_SECURITY_APPARMOR is not set
 # CONFIG_SECURITY_LOADPIN is not set
-# CONFIG_SECURITY_YAMA is not set
+CONFIG_SECURITY_YAMA=y
 # CONFIG_SECURITY_SAFESETID is not set
 CONFIG_SECURITY_LOCKDOWN_LSM=y
 CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y
diff --git a/config/kernel/kernel.config.riscv64-ipfire b/config/kernel/kernel.config.riscv64-ipfire
index 2d1fdbd285d0fcec77821a467ef593ffa35131a5..f1364d14307d4a040fb443bf3a26cf9ee985fd33 100644 (file)
--- a/config/kernel/kernel.config.riscv64-ipfire
+++ b/config/kernel/kernel.config.riscv64-ipfire
@@ -6071,7 +6071,6 @@ CONFIG_NFS_V4_SECURITY_LABEL=y
 CONFIG_NFS_FSCACHE=y
 # CONFIG_NFS_USE_LEGACY_DNS is not set
 CONFIG_NFS_USE_KERNEL_DNS=y
-CONFIG_NFS_DEBUG=y
 CONFIG_NFS_DISABLE_UDP_SUPPORT=y
 CONFIG_NFS_V4_2_READ_PLUS=y
 CONFIG_NFSD=m
@@ -6095,7 +6094,7 @@ CONFIG_SUNRPC_GSS=m
 CONFIG_SUNRPC_BACKCHANNEL=y
 CONFIG_RPCSEC_GSS_KRB5=m
 # CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES is not set
-CONFIG_SUNRPC_DEBUG=y
+# CONFIG_SUNRPC_DEBUG is not set
 # CONFIG_CEPH_FS is not set
 CONFIG_CIFS=m
 # CONFIG_CIFS_STATS2 is not set
@@ -6193,7 +6192,7 @@ CONFIG_FORTIFY_SOURCE=y
 # CONFIG_SECURITY_TOMOYO is not set
 # CONFIG_SECURITY_APPARMOR is not set
 # CONFIG_SECURITY_LOADPIN is not set
-# CONFIG_SECURITY_YAMA is not set
+CONFIG_SECURITY_YAMA=y
 # CONFIG_SECURITY_SAFESETID is not set
 CONFIG_SECURITY_LOCKDOWN_LSM=y
 CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y
diff --git a/config/kernel/kernel.config.x86_64-ipfire b/config/kernel/kernel.config.x86_64-ipfire
index b84698235c88c188e744a9bfbd087886c5ef44e2..27ae709b15a14a3b489543e3a33c003bda524f09 100644 (file)
--- a/config/kernel/kernel.config.x86_64-ipfire
+++ b/config/kernel/kernel.config.x86_64-ipfire
@@ -1,10 +1,10 @@
 #
 # Automatically generated file; DO NOT EDIT.
-# Linux/x86 5.15.35-ipfire Kernel Configuration
+# Linux/x86 5.15.48-ipfire Kernel Configuration
 #
-CONFIG_CC_VERSION_TEXT="gcc (GCC) 11.1.0"
+CONFIG_CC_VERSION_TEXT="gcc (GCC) 11.3.0"
 CONFIG_CC_IS_GCC=y
-CONFIG_GCC_VERSION=110100
+CONFIG_GCC_VERSION=110300
 CONFIG_CLANG_VERSION=0
 CONFIG_AS_IS_GNU=y
 CONFIG_AS_VERSION=23700
@@ -15,6 +15,7 @@ CONFIG_CC_CAN_LINK=y
 CONFIG_CC_CAN_LINK_STATIC=y
 CONFIG_CC_HAS_ASM_GOTO=y
 CONFIG_CC_HAS_ASM_GOTO_OUTPUT=y
+CONFIG_CC_HAS_ASM_GOTO_TIED_OUTPUT=y
 CONFIG_CC_HAS_ASM_INLINE=y
 CONFIG_CC_HAS_NO_PROFILE_FN_ATTR=y
 CONFIG_IRQ_WORK=y
@@ -322,6 +323,8 @@ CONFIG_X86_X2APIC=y
 CONFIG_X86_MPPARSE=y
 # CONFIG_GOLDFISH is not set
 CONFIG_RETPOLINE=y
+CONFIG_CC_HAS_SLS=y
+CONFIG_SLS=y
 # CONFIG_X86_CPU_RESCTRL is not set
 CONFIG_X86_EXTENDED_PLATFORM=y
 # CONFIG_X86_VSMP is not set
@@ -1938,6 +1941,7 @@ CONFIG_PNPACPI=y
 CONFIG_BLK_DEV=y
 # CONFIG_BLK_DEV_NULL_BLK is not set
 CONFIG_BLK_DEV_FD=m
+# CONFIG_BLK_DEV_FD_RAWCMD is not set
 CONFIG_CDROM=y
 # CONFIG_PARIDE is not set
 CONFIG_BLK_DEV_PCIESSD_MTIP32XX=m
@@ -2511,6 +2515,7 @@ CONFIG_ATL1=m
 CONFIG_ATL1E=m
 CONFIG_ATL1C=m
 CONFIG_ALX=m
+CONFIG_CX_ECAT=m
 CONFIG_NET_VENDOR_BROADCOM=y
 CONFIG_B44=m
 CONFIG_B44_PCI_AUTOSELECT=y
@@ -2528,8 +2533,6 @@ CONFIG_BNXT=m
 CONFIG_BNXT_SRIOV=y
 CONFIG_BNXT_FLOWER_OFFLOAD=y
 CONFIG_BNXT_HWMON=y
-CONFIG_NET_VENDOR_BROCADE=y
-CONFIG_BNA=m
 CONFIG_NET_VENDOR_CADENCE=y
 CONFIG_MACB=m
 CONFIG_MACB_USE_HWSTAMP=y
@@ -2554,7 +2557,6 @@ CONFIG_CHELSIO_INLINE_CRYPTO=y
 CONFIG_NET_VENDOR_CISCO=y
 CONFIG_ENIC=m
 CONFIG_NET_VENDOR_CORTINA=y
-CONFIG_CX_ECAT=m
 CONFIG_DNET=m
 CONFIG_NET_VENDOR_DEC=y
 CONFIG_NET_TULIP=y
@@ -2611,8 +2613,6 @@ CONFIG_I40EVF=m
 CONFIG_ICE=m
 CONFIG_FM10K=m
 CONFIG_IGC=m
-CONFIG_NET_VENDOR_MICROSOFT=y
-CONFIG_MICROSOFT_MANA=m
 CONFIG_JME=m
 CONFIG_NET_VENDOR_LITEX=y
 CONFIG_NET_VENDOR_MARVELL=y
@@ -2663,10 +2663,14 @@ CONFIG_NET_VENDOR_MICROCHIP=y
 CONFIG_LAN743X=m
 CONFIG_NET_VENDOR_MICROSEMI=y
 CONFIG_MSCC_OCELOT_SWITCH_LIB=m
+CONFIG_NET_VENDOR_MICROSOFT=y
+CONFIG_MICROSOFT_MANA=m
 CONFIG_NET_VENDOR_MYRI=y
 CONFIG_MYRI10GE=m
 CONFIG_MYRI10GE_DCA=y
 CONFIG_FEALNX=m
+CONFIG_NET_VENDOR_NI=y
+CONFIG_NI_XGE_MANAGEMENT_ENET=m
 CONFIG_NET_VENDOR_NATSEMI=y
 CONFIG_NATSEMI=m
 CONFIG_NS83820=m
@@ -2679,8 +2683,6 @@ CONFIG_NFP=m
 CONFIG_NFP_APP_FLOWER=y
 CONFIG_NFP_APP_ABM_NIC=y
 # CONFIG_NFP_DEBUG is not set
-CONFIG_NET_VENDOR_NI=y
-CONFIG_NI_XGE_MANAGEMENT_ENET=m
 CONFIG_NET_VENDOR_8390=y
 CONFIG_PCMCIA_AXNET=m
 CONFIG_NE2K_PCI=m
@@ -2707,6 +2709,8 @@ CONFIG_QEDE=m
 CONFIG_QED_ISCSI=y
 CONFIG_QED_FCOE=y
 CONFIG_QED_OOO=y
+CONFIG_NET_VENDOR_BROCADE=y
+CONFIG_BNA=m
 CONFIG_NET_VENDOR_QUALCOMM=y
 CONFIG_QCOM_EMAC=m
 # CONFIG_RMNET is not set
@@ -2727,17 +2731,17 @@ CONFIG_ROCKER=m
 CONFIG_NET_VENDOR_SAMSUNG=y
 CONFIG_SXGBE_ETH=m
 CONFIG_NET_VENDOR_SEEQ=y
+CONFIG_NET_VENDOR_SILAN=y
+CONFIG_SC92031=m
+CONFIG_NET_VENDOR_SIS=y
+CONFIG_SIS900=m
+CONFIG_SIS190=m
 CONFIG_NET_VENDOR_SOLARFLARE=y
 CONFIG_SFC=m
 CONFIG_SFC_MCDI_MON=y
 CONFIG_SFC_SRIOV=y
 CONFIG_SFC_MCDI_LOGGING=y
 CONFIG_SFC_FALCON=m
-CONFIG_NET_VENDOR_SILAN=y
-CONFIG_SC92031=m
-CONFIG_NET_VENDOR_SIS=y
-CONFIG_SIS900=m
-CONFIG_SIS190=m
 CONFIG_NET_VENDOR_SMSC=y
 CONFIG_PCMCIA_SMC91C92=m
 CONFIG_EPIC100=m
@@ -6847,7 +6851,6 @@ CONFIG_NFS_V4_SECURITY_LABEL=y
 CONFIG_NFS_FSCACHE=y
 # CONFIG_NFS_USE_LEGACY_DNS is not set
 CONFIG_NFS_USE_KERNEL_DNS=y
-CONFIG_NFS_DEBUG=y
 CONFIG_NFS_DISABLE_UDP_SUPPORT=y
 CONFIG_NFS_V4_2_READ_PLUS=y
 CONFIG_NFSD=m
@@ -6871,7 +6874,7 @@ CONFIG_SUNRPC_GSS=m
 CONFIG_SUNRPC_BACKCHANNEL=y
 CONFIG_RPCSEC_GSS_KRB5=m
 # CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES is not set
-CONFIG_SUNRPC_DEBUG=y
+# CONFIG_SUNRPC_DEBUG is not set
 # CONFIG_CEPH_FS is not set
 CONFIG_CIFS=m
 # CONFIG_CIFS_STATS2 is not set
@@ -6971,7 +6974,7 @@ CONFIG_FORTIFY_SOURCE=y
 # CONFIG_SECURITY_TOMOYO is not set
 # CONFIG_SECURITY_APPARMOR is not set
 # CONFIG_SECURITY_LOADPIN is not set
-# CONFIG_SECURITY_YAMA is not set
+CONFIG_SECURITY_YAMA=y
 # CONFIG_SECURITY_SAFESETID is not set
 CONFIG_SECURITY_LOCKDOWN_LSM=y
 CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y
@@ -7204,28 +7207,6 @@ CONFIG_CRYPTO_USER_API_AEAD=m
 CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE=y
 # CONFIG_CRYPTO_STATS is not set
 CONFIG_CRYPTO_HASH_INFO=y
-
-#
-# Crypto library routines
-#
-CONFIG_CRYPTO_LIB_AES=y
-CONFIG_CRYPTO_LIB_ARC4=m
-CONFIG_CRYPTO_ARCH_HAVE_LIB_BLAKE2S=m
-CONFIG_CRYPTO_LIB_BLAKE2S_GENERIC=m
-CONFIG_CRYPTO_LIB_BLAKE2S=m
-CONFIG_CRYPTO_ARCH_HAVE_LIB_CHACHA=m
-CONFIG_CRYPTO_LIB_CHACHA_GENERIC=m
-CONFIG_CRYPTO_LIB_CHACHA=m
-CONFIG_CRYPTO_ARCH_HAVE_LIB_CURVE25519=m
-CONFIG_CRYPTO_LIB_CURVE25519_GENERIC=m
-CONFIG_CRYPTO_LIB_CURVE25519=m
-CONFIG_CRYPTO_LIB_DES=m
-CONFIG_CRYPTO_LIB_POLY1305_RSIZE=11
-CONFIG_CRYPTO_ARCH_HAVE_LIB_POLY1305=m
-CONFIG_CRYPTO_LIB_POLY1305_GENERIC=m
-CONFIG_CRYPTO_LIB_POLY1305=m
-CONFIG_CRYPTO_LIB_CHACHA20POLY1305=m
-CONFIG_CRYPTO_LIB_SHA256=y
 CONFIG_CRYPTO_HW=y
 CONFIG_CRYPTO_DEV_PADLOCK=m
 CONFIG_CRYPTO_DEV_PADLOCK_AES=m
@@ -7294,6 +7275,29 @@ CONFIG_GENERIC_IOMAP=y
 CONFIG_ARCH_USE_CMPXCHG_LOCKREF=y
 CONFIG_ARCH_HAS_FAST_MULTIPLIER=y
 CONFIG_ARCH_USE_SYM_ANNOTATIONS=y
+
+#
+# Crypto library routines
+#
+CONFIG_CRYPTO_LIB_AES=y
+CONFIG_CRYPTO_LIB_ARC4=m
+CONFIG_CRYPTO_ARCH_HAVE_LIB_BLAKE2S=y
+CONFIG_CRYPTO_LIB_BLAKE2S_GENERIC=y
+CONFIG_CRYPTO_ARCH_HAVE_LIB_CHACHA=m
+CONFIG_CRYPTO_LIB_CHACHA_GENERIC=m
+CONFIG_CRYPTO_LIB_CHACHA=m
+CONFIG_CRYPTO_ARCH_HAVE_LIB_CURVE25519=m
+CONFIG_CRYPTO_LIB_CURVE25519_GENERIC=m
+CONFIG_CRYPTO_LIB_CURVE25519=m
+CONFIG_CRYPTO_LIB_DES=m
+CONFIG_CRYPTO_LIB_POLY1305_RSIZE=11
+CONFIG_CRYPTO_ARCH_HAVE_LIB_POLY1305=m
+CONFIG_CRYPTO_LIB_POLY1305_GENERIC=m
+CONFIG_CRYPTO_LIB_POLY1305=m
+CONFIG_CRYPTO_LIB_CHACHA20POLY1305=m
+CONFIG_CRYPTO_LIB_SHA256=y
+# end of Crypto library routines
+
 CONFIG_CRC_CCITT=y
 CONFIG_CRC16=y
 CONFIG_CRC_T10DIF=y
diff --git a/config/ntp/ntp.conf b/config/ntp/ntp.conf
index 9e393ca8edfa4c6c4f7f90ba50d2f1f5978df8a7..bcaf2ee9ecf55892d72324c5bdc7446945395d30 100644 (file)
--- a/config/ntp/ntp.conf
+++ b/config/ntp/ntp.conf
@@ -1,6 +1,7 @@
 disable monitor
 restrict default nomodify noquery
 restrict 127.0.0.1
-server  127.127.1.0 prefer
+server  127.127.1.0
 fudge   127.127.1.0 stratum 10
 driftfile /etc/ntp/drift
+includefile /etc/ntp/ntpInclude.conf
diff --git a/config/ovpn/openvpn-authenticator b/config/ovpn/openvpn-authenticator
new file mode 100644 (file)
index 0000000..6584401
--- /dev/null
+++ b/config/ovpn/openvpn-authenticator
@@ -0,0 +1,381 @@
+#!/usr/bin/python3
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2022  Michael Tremer                                          #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+import argparse
+import base64
+import csv
+import daemon
+import logging
+import logging.handlers
+import signal
+import socket
+import subprocess
+import sys
+
+OPENVPN_CONFIG = "/var/ipfire/ovpn/ovpnconfig"
+
+CHALLENGETEXT = "One Time Token: "
+
+log = logging.getLogger()
+log.setLevel(logging.DEBUG)
+
+def setup_logging(daemon=True, loglevel=logging.INFO):
+       log.setLevel(loglevel)
+
+       # Log to syslog by default
+       handler = logging.handlers.SysLogHandler(address="/dev/log", facility="daemon")
+       log.addHandler(handler)
+
+       # Format everything
+       formatter = logging.Formatter("%(name)s[%(process)d]: %(message)s")
+       handler.setFormatter(formatter)
+
+       handler.setLevel(loglevel)
+
+       # If we are running in foreground, we should write everything to the console, too
+       if not daemon:
+               handler = logging.StreamHandler()
+               log.addHandler(handler)
+
+               handler.setLevel(loglevel)
+
+       return log
+
+class OpenVPNAuthenticator(object):
+       def __init__(self, socket_path):
+               self.socket_path = socket_path
+
+       def _read_line(self):
+               buf = []
+
+               while True:
+                       char = self.sock.recv(1)
+                       buf.append(char)
+
+                       # Reached end of line
+                       if char == b"\n":
+                               break
+
+               line = b"".join(buf).decode()
+               line = line.rstrip()
+
+               log.debug("< %s" % line)
+
+               return line
+
+       def _write_line(self, line):
+               log.debug("> %s" % line)
+
+               if not line.endswith("\n"):
+                       line = "%s\n" % line
+
+               # Convert into bytes
+               buf = line.encode()
+
+               # Send to socket
+               self.sock.send(buf)
+
+       def _send_command(self, command):
+               # Send the command
+               self._write_line(command)
+
+               return # XXX Code below doesn't work
+
+               # Read response
+               response = self._read_line()
+
+               # Handle response
+               if not response.startswith("SUCCESS:"):
+                       log.error("Command '%s' returned an error:" % command)
+                       log.error("  %s" % response)
+
+                       return response
+
+       def run(self):
+               # Connect to socket
+               self.sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
+               self.sock.connect(self.socket_path)
+
+               log.info("OpenVPN Authenticator started")
+
+               while True:
+                       line = self._read_line()
+
+                       if line.startswith(">CLIENT"):
+                               self._client_event(line)
+
+               log.info("OpenVPN Authenticator terminated")
+
+       def terminate(self, *args):
+               # XXX TODO
+               raise SystemExit
+
+       def _client_event(self, line):
+               # Strip away "CLIENT:"
+               client, delim, line = line.partition(":")
+
+               # Extract the event & split any arguments
+               event, delim, arguments = line.partition(",")
+               arguments = arguments.split(",")
+
+               environ = {}
+
+               if event == "CONNECT":
+                       environ = self._read_env(environ)
+                       self._client_connect(*arguments, environ=environ)
+               elif event == "DISCONNECT":
+                       environ = self._read_env(environ)
+                       self._client_disconnect(*arguments, environ=environ)
+               elif event == "REAUTH":
+                       environ = self._read_env(environ)
+                       self._client_reauth(*arguments, environ=environ)
+               elif event == "ESTABLISHED":
+                       environ = self._read_env(environ)
+               else:
+                       log.debug("Unhandled event: %s" % event)
+
+       def _read_env(self, environ):
+               # Read environment
+               while True:
+                       line = self._read_line()
+
+                       if not line.startswith(">CLIENT:ENV,"):
+                               raise RuntimeError("Unexpected environment line: %s" % line)
+
+                       # Strip >CLIENT:ENV,
+                       line = line[12:]
+
+                       # Done
+                       if line == "END":
+                               break
+
+                       # Parse environment
+                       key, delim, value = line.partition("=")
+                       environ[key] = value
+
+               return environ
+
+       def _client_connect(self, cid, kid, environ={}):
+               log.debug("Received client connect (cid=%s, kid=%s)" % (cid, kid))
+               for key in sorted(environ):
+                       log.debug("  %s : %s" % (key, environ[key]))
+
+               # Fetch common name
+               common_name = environ.get("common_name")
+
+               # Find connection details
+               conn = self._find_connection(common_name)
+               if not conn:
+                       log.warning("Could not find connection '%s'" % common_name)
+                       # XXX deny auth?
+
+               log.debug("Found connection:")
+               for key in conn:
+                       log.debug("  %s : %s" % (key, conn[key]))
+
+               # Perform no further checks if TOTP is disabled for this client
+               if not conn.get("totp_status") == "on":
+                       return self._client_auth_successful(cid, kid)
+
+               # Fetch username & password
+               username = environ.get("username")
+               password = environ.get("password")
+
+               # Client sent the special password TOTP to start challenge authentication
+               if password == "TOTP":
+                       return self._client_auth_challenge(cid, kid,
+                               username=common_name, password="TOTP")
+
+               elif password.startswith("CRV1:"):
+                       log.debug("Received dynamic challenge response %s" % password)
+
+                       # Decode the string
+                       (command, flags, username, password, token) = password.split(":", 5)
+
+                       # Decode username
+                       username = self._b64decode(username)
+
+                       # Check if username matches common name
+                       if username == common_name:
+                               # Check if TOTP token matches
+                               if self._check_totp_token(token, conn.get("totp_secret")):
+                                       return self._client_auth_successful(cid, kid)
+
+                       # Restart authentication
+                       self._client_auth_challenge(cid, kid,
+                               username=common_name, password="TOTP")
+
+       def _client_disconnect(self, cid, environ={}):
+               """
+                       Handles CLIENT:DISCONNECT events
+               """
+               pass
+
+       def _client_reauth(self, cid, kid, environ={}):
+               """
+                       Handles CLIENT:REAUTH events
+               """
+               # Perform no checks
+               self._client_auth_successful(cid, kid)
+
+       def _client_auth_challenge(self, cid, kid, username, password):
+               """
+                       Initiates a dynamic challenge authentication with the client
+               """
+               log.debug("Sending request for dynamic challenge...")
+
+               self._send_command(
+                       "client-deny %s %s \"CRV1\" \"CRV1:R,E:%s:%s:%s\"" % (
+                               cid,
+                               kid,
+                               self._b64encode(username),
+                               self._b64encode(password),
+                               self._escape(CHALLENGETEXT),
+                       ),
+               )
+
+       def _client_auth_successful(self, cid, kid):
+               """
+                       Sends a positive authentication response
+               """
+               log.debug("Client Authentication Successful (cid=%s, kid=%s)" % (cid, kid))
+
+               self._send_command(
+                       "client-auth-nt %s %s" % (cid, kid),
+               )
+
+       @staticmethod
+       def _b64encode(s):
+               return base64.b64encode(s.encode()).decode()
+
+       @staticmethod
+       def _b64decode(s):
+               return base64.b64decode(s.encode()).decode()
+               
+       @staticmethod
+       def _escape(s):
+               return s.replace(" ", "\ ")
+
+       def _find_connection(self, common_name):
+               with open(OPENVPN_CONFIG, "r") as f:
+                       for row in csv.reader(f, dialect="unix"):
+                               # Skip empty rows or rows that are too short
+                               if not row or len(row) < 5:
+                                       continue
+
+                               # Skip disabled connections
+                               if not row[1] == "on":
+                                       continue
+
+                               # Skip any net-2-net connections
+                               if not row[4] == "host":
+                                       continue
+
+                               # Skip if common name does not match
+                               if not row[3] == common_name:
+                                       continue
+
+                               # Return match!
+                               conn = {
+                                       "name"        : row[2],
+                                       "common_name" : row[3],
+                               }
+
+                               # TOTP options
+                               try:
+                                       conn |= {
+                                               "totp_protocol" : row[43],
+                                               "totp_status"   : row[44],
+                                               "totp_secret"   : row[45],
+                                       }
+                               except IndexError:
+                                       pass
+
+                               return conn
+
+
+       def _check_totp_token(self, token, secret):
+               p = subprocess.run(
+                       ["oathtool", "--totp", "-w", "3", "%s" % secret],
+                       capture_output=True,
+               )
+
+               # Catch any errors if we could not run the command
+               if p.returncode:
+                       log.error("Could not run oathtool: %s" % p.stderr)
+
+                       return False
+
+               # Reading returned tokens looking for a match
+               for line in p.stdout.split(b"\n"):
+                       # Skip empty/last line(s)
+                       if not line:
+                               continue
+
+                       # Decode bytes into string
+                       line = line.decode()
+
+                       # Return True if a token matches
+                       if line == token:
+                               return True
+
+               # No match
+               return False
+
+
+if __name__ == "__main__":
+       parser = argparse.ArgumentParser(description="OpenVPN Authenticator")
+
+       # Daemon Stuff
+       parser.add_argument("--daemon", "-d", action="store_true",
+               help="Launch as daemon in background")
+       parser.add_argument("--verbose", "-v", action="count", help="Be more verbose")
+
+       # Paths
+       parser.add_argument("--socket", default="/var/run/openvpn.sock",
+               metavar="PATH", help="Path to OpenVPN Management Socket")
+
+       # Parse command line arguments
+       args = parser.parse_args()
+
+       # Setup logging
+       loglevel = logging.WARN
+
+       if args.verbose:
+               if args.verbose == 1:
+                       loglevel = logging.INFO
+               elif args.verbose >= 2:
+                       loglevel = logging.DEBUG
+
+       # Create an authenticator
+       authenticator = OpenVPNAuthenticator(args.socket)
+
+       with daemon.DaemonContext(
+               detach_process=args.daemon,
+               stderr=None if args.daemon else sys.stderr,
+               signal_map = {
+                       signal.SIGINT  : authenticator.terminate,
+                       signal.SIGTERM : authenticator.terminate,
+               },
+       ) as daemon:
+               setup_logging(daemon=args.daemon, loglevel=loglevel)
+
+               authenticator.run()
diff --git a/config/rootfiles/common/aarch64/boost b/config/rootfiles/common/aarch64/boost
index 49ff120ab26a9db81e467297b22388bc0ef3d330..78e11498319d9236886b6a195b13d46b9df53159 100644 (file)
--- a/config/rootfiles/common/aarch64/boost
+++ b/config/rootfiles/common/aarch64/boost
@@ -16096,8 +16096,8 @@
 #usr/lib/cmake/boost_python-1.76.0
 #usr/lib/cmake/boost_python-1.76.0/boost_python-config-version.cmake
 #usr/lib/cmake/boost_python-1.76.0/boost_python-config.cmake
-#usr/lib/cmake/boost_python-1.76.0/libboost_python-variant-mt-a64-shared-py3.8.cmake
-#usr/lib/cmake/boost_python-1.76.0/libboost_python-variant-a64-shared-py3.8.cmake
+#usr/lib/cmake/boost_python-1.76.0/libboost_python-variant-mt-a64-shared-py3.10.cmake
+#usr/lib/cmake/boost_python-1.76.0/libboost_python-variant-a64-shared-py3.10.cmake
 #usr/lib/cmake/boost_random-1.76.0
 #usr/lib/cmake/boost_random-1.76.0/boost_random-config-version.cmake
 #usr/lib/cmake/boost_random-1.76.0/boost_random-config.cmake
@@ -16250,10 +16250,10 @@ usr/lib/libboost_nowide-a64.so.1.76.0
 usr/lib/libboost_prg_exec_monitor-mt-a64.so.1.76.0
 #usr/lib/libboost_prg_exec_monitor-a64.so
 usr/lib/libboost_prg_exec_monitor-a64.so.1.76.0
-#usr/lib/libboost_python38-mt-a64.so
-usr/lib/libboost_python38-mt-a64.so.1.76.0
-#usr/lib/libboost_python38-a64.so
-usr/lib/libboost_python38-a64.so.1.76.0
+#usr/lib/libboost_python310-mt-a64.so
+usr/lib/libboost_python310-mt-a64.so.1.76.0
+#usr/lib/libboost_python310-a64.so
+usr/lib/libboost_python310-a64.so.1.76.0
 #usr/lib/libboost_random-mt-a64.so
 usr/lib/libboost_random-mt-a64.so.1.76.0
 #usr/lib/libboost_random-a64.so
diff --git a/config/rootfiles/common/aarch64/linux b/config/rootfiles/common/aarch64/linux
index a88af0a3768d9babc4a86b506629a3549f25b353..791445c5ef7934b7c3f9188ca593453e462b4847 100644 (file)
--- a/config/rootfiles/common/aarch64/linux
+++ b/config/rootfiles/common/aarch64/linux
@@ -6878,6 +6878,7 @@ etc/modprobe.d/ipv6.conf
 #lib/modules/KVER-ipfire/build/include/config/CC_CAN_LINK
 #lib/modules/KVER-ipfire/build/include/config/CC_CAN_LINK_STATIC
 #lib/modules/KVER-ipfire/build/include/config/CC_HAS_ASM_GOTO
+#lib/modules/KVER-ipfire/build/include/config/CC_HAS_ASM_GOTO_TIED_OUTPUT
 #lib/modules/KVER-ipfire/build/include/config/CC_HAS_ASM_GOTO_OUTPUT
 #lib/modules/KVER-ipfire/build/include/config/CC_HAS_ASM_INLINE
 #lib/modules/KVER-ipfire/build/include/config/CC_HAS_BRANCH_PROT_PAC_RET
@@ -7107,7 +7108,6 @@ etc/modprobe.d/ipv6.conf
 #lib/modules/KVER-ipfire/build/include/config/CRYPTO_KPP2
 #lib/modules/KVER-ipfire/build/include/config/CRYPTO_LIB_AES
 #lib/modules/KVER-ipfire/build/include/config/CRYPTO_LIB_ARC4
-#lib/modules/KVER-ipfire/build/include/config/CRYPTO_LIB_BLAKE2S
 #lib/modules/KVER-ipfire/build/include/config/CRYPTO_LIB_BLAKE2S_GENERIC
 #lib/modules/KVER-ipfire/build/include/config/CRYPTO_LIB_CHACHA
 #lib/modules/KVER-ipfire/build/include/config/CRYPTO_LIB_CHACHA20POLY1305
@@ -9678,6 +9678,7 @@ etc/modprobe.d/ipv6.conf
 #lib/modules/KVER-ipfire/build/include/config/SECURITY_DMESG_RESTRICT
 #lib/modules/KVER-ipfire/build/include/config/SECURITY_LOCKDOWN_LSM
 #lib/modules/KVER-ipfire/build/include/config/SECURITY_LOCKDOWN_LSM_EARLY
+#lib/modules/KVER-ipfire/build/include/config/SECURITY_YAMA
 #lib/modules/KVER-ipfire/build/include/config/SENSORS_AD7414
 #lib/modules/KVER-ipfire/build/include/config/SENSORS_AD7418
 #lib/modules/KVER-ipfire/build/include/config/SENSORS_ADM1021
@@ -15293,7 +15294,6 @@ etc/modprobe.d/ipv6.conf
 #lib/modules/KVER-ipfire/build/include/trace/events/qdisc.h
 #lib/modules/KVER-ipfire/build/include/trace/events/qla.h
 #lib/modules/KVER-ipfire/build/include/trace/events/qrtr.h
-#lib/modules/KVER-ipfire/build/include/trace/events/random.h
 #lib/modules/KVER-ipfire/build/include/trace/events/rcu.h
 #lib/modules/KVER-ipfire/build/include/trace/events/rdma.h
 #lib/modules/KVER-ipfire/build/include/trace/events/rdma_core.h
@@ -20520,8 +20520,6 @@ lib/modules/KVER-ipfire/kernel
 #lib/modules/KVER-ipfire/kernel/lib/crc8.ko.xz
 #lib/modules/KVER-ipfire/kernel/lib/crypto
 #lib/modules/KVER-ipfire/kernel/lib/crypto/libarc4.ko.xz
-#lib/modules/KVER-ipfire/kernel/lib/crypto/libblake2s-generic.ko.xz
-#lib/modules/KVER-ipfire/kernel/lib/crypto/libblake2s.ko.xz
 #lib/modules/KVER-ipfire/kernel/lib/crypto/libchacha.ko.xz
 #lib/modules/KVER-ipfire/kernel/lib/crypto/libchacha20poly1305.ko.xz
 #lib/modules/KVER-ipfire/kernel/lib/crypto/libcurve25519-generic.ko.xz
diff --git a/config/rootfiles/common/armv6l/boost b/config/rootfiles/common/armv6l/boost
index 80cc4063a5a915afbec805d104251da41e6a8910..447413810d3edb70722bbc6f8e19902c2c97a7b5 100644 (file)
--- a/config/rootfiles/common/armv6l/boost
+++ b/config/rootfiles/common/armv6l/boost
@@ -16096,8 +16096,8 @@
 #usr/lib/cmake/boost_python-1.76.0
 #usr/lib/cmake/boost_python-1.76.0/boost_python-config-version.cmake
 #usr/lib/cmake/boost_python-1.76.0/boost_python-config.cmake
-#usr/lib/cmake/boost_python-1.76.0/libboost_python-variant-a32-shared-py3.8.cmake
-#usr/lib/cmake/boost_python-1.76.0/libboost_python-variant-mt-a32-shared-py3.8.cmake
+#usr/lib/cmake/boost_python-1.76.0/libboost_python-variant-a32-shared-py3.10.cmake
+#usr/lib/cmake/boost_python-1.76.0/libboost_python-variant-mt-a32-shared-py3.10.cmake
 #usr/lib/cmake/boost_random-1.76.0
 #usr/lib/cmake/boost_random-1.76.0/boost_random-config-version.cmake
 #usr/lib/cmake/boost_random-1.76.0/boost_random-config.cmake
@@ -16250,10 +16250,10 @@ usr/lib/libboost_nowide-mt-a32.so.1.76.0
 usr/lib/libboost_prg_exec_monitor-a32.so.1.76.0
 #usr/lib/libboost_prg_exec_monitor-mt-a32.so
 usr/lib/libboost_prg_exec_monitor-mt-a32.so.1.76.0
-#usr/lib/libboost_python38-a32.so
-usr/lib/libboost_python38-a32.so.1.76.0
-#usr/lib/libboost_python38-mt-a32.so
-usr/lib/libboost_python38-mt-a32.so.1.76.0
+#usr/lib/libboost_python310-a32.so
+usr/lib/libboost_python310-a32.so.1.76.0
+#usr/lib/libboost_python310-mt-a32.so
+usr/lib/libboost_python310-mt-a32.so.1.76.0
 #usr/lib/libboost_random-a32.so
 usr/lib/libboost_random-a32.so.1.76.0
 #usr/lib/libboost_random-mt-a32.so
diff --git a/config/rootfiles/common/armv6l/linux b/config/rootfiles/common/armv6l/linux
index 11da0fb3c0dc4052eec897537536cfad0997e92a..b470e835d2d940f873ec11570b980eb72f4964ce 100644 (file)
--- a/config/rootfiles/common/armv6l/linux
+++ b/config/rootfiles/common/armv6l/linux
@@ -7317,6 +7317,7 @@ etc/modprobe.d/ipv6.conf
 #lib/modules/KVER-ipfire/build/include/config/CC_CAN_LINK
 #lib/modules/KVER-ipfire/build/include/config/CC_CAN_LINK_STATIC
 #lib/modules/KVER-ipfire/build/include/config/CC_HAS_ASM_GOTO
+#lib/modules/KVER-ipfire/build/include/config/CC_HAS_ASM_GOTO_TIED_OUTPUT
 #lib/modules/KVER-ipfire/build/include/config/CC_HAS_ASM_GOTO_OUTPUT
 #lib/modules/KVER-ipfire/build/include/config/CC_HAS_ASM_INLINE
 #lib/modules/KVER-ipfire/build/include/config/CC_HAS_KASAN_GENERIC
@@ -7569,7 +7570,6 @@ etc/modprobe.d/ipv6.conf
 #lib/modules/KVER-ipfire/build/include/config/CRYPTO_KPP2
 #lib/modules/KVER-ipfire/build/include/config/CRYPTO_LIB_AES
 #lib/modules/KVER-ipfire/build/include/config/CRYPTO_LIB_ARC4
-#lib/modules/KVER-ipfire/build/include/config/CRYPTO_LIB_BLAKE2S
 #lib/modules/KVER-ipfire/build/include/config/CRYPTO_LIB_CHACHA
 #lib/modules/KVER-ipfire/build/include/config/CRYPTO_LIB_CHACHA20POLY1305
 #lib/modules/KVER-ipfire/build/include/config/CRYPTO_LIB_CHACHA_GENERIC
@@ -10102,6 +10102,7 @@ etc/modprobe.d/ipv6.conf
 #lib/modules/KVER-ipfire/build/include/config/SECURITY_DMESG_RESTRICT
 #lib/modules/KVER-ipfire/build/include/config/SECURITY_LOCKDOWN_LSM
 #lib/modules/KVER-ipfire/build/include/config/SECURITY_LOCKDOWN_LSM_EARLY
+#lib/modules/KVER-ipfire/build/include/config/SECURITY_YAMA
 #lib/modules/KVER-ipfire/build/include/config/SELECT_MEMORY_MODEL
 #lib/modules/KVER-ipfire/build/include/config/SENSORS_AD7414
 #lib/modules/KVER-ipfire/build/include/config/SENSORS_AD7418
@@ -15743,7 +15744,6 @@ etc/modprobe.d/ipv6.conf
 #lib/modules/KVER-ipfire/build/include/trace/events/qdisc.h
 #lib/modules/KVER-ipfire/build/include/trace/events/qla.h
 #lib/modules/KVER-ipfire/build/include/trace/events/qrtr.h
-#lib/modules/KVER-ipfire/build/include/trace/events/random.h
 #lib/modules/KVER-ipfire/build/include/trace/events/rcu.h
 #lib/modules/KVER-ipfire/build/include/trace/events/rdma.h
 #lib/modules/KVER-ipfire/build/include/trace/events/rdma_core.h
@@ -20739,7 +20739,6 @@ lib/modules/KVER-ipfire/kernel
 #lib/modules/KVER-ipfire/kernel/lib/crc8.ko.xz
 #lib/modules/KVER-ipfire/kernel/lib/crypto
 #lib/modules/KVER-ipfire/kernel/lib/crypto/libarc4.ko.xz
-#lib/modules/KVER-ipfire/kernel/lib/crypto/libblake2s.ko.xz
 #lib/modules/KVER-ipfire/kernel/lib/crypto/libchacha.ko.xz
 #lib/modules/KVER-ipfire/kernel/lib/crypto/libchacha20poly1305.ko.xz
 #lib/modules/KVER-ipfire/kernel/lib/crypto/libcurve25519-generic.ko.xz
diff --git a/config/rootfiles/common/bind b/config/rootfiles/common/bind
index 0d41c90e5eaefea3d32f65a88f33430733141170..60ec36f4513f09a6e49c1476195fb2df392d907c 100644 (file)
--- a/config/rootfiles/common/bind
+++ b/config/rootfiles/common/bind
@@ -274,24 +274,24 @@ usr/bin/nsupdate
 #usr/include/pk11/site.h
 #usr/include/pkcs11
 #usr/include/pkcs11/pkcs11.h
-usr/lib/libbind9-9.16.28.so
+usr/lib/libbind9-9.16.30.so
 #usr/lib/libbind9.la
 #usr/lib/libbind9.so
-usr/lib/libdns-9.16.28.so
+usr/lib/libdns-9.16.30.so
 #usr/lib/libdns.la
 #usr/lib/libdns.so
-usr/lib/libirs-9.16.28.so
+usr/lib/libirs-9.16.30.so
 #usr/lib/libirs.la
 #usr/lib/libirs.so
-usr/lib/libisc-9.16.28.so
+usr/lib/libisc-9.16.30.so
 #usr/lib/libisc.la
 #usr/lib/libisc.so
-usr/lib/libisccc-9.16.28.so
+usr/lib/libisccc-9.16.30.so
 #usr/lib/libisccc.la
 #usr/lib/libisccc.so
-usr/lib/libisccfg-9.16.28.so
+usr/lib/libisccfg-9.16.30.so
 #usr/lib/libisccfg.la
 #usr/lib/libisccfg.so
-usr/lib/libns-9.16.28.so
+usr/lib/libns-9.16.30.so
 #usr/lib/libns.la
 #usr/lib/libns.so
diff --git a/config/rootfiles/common/linux-firmware b/config/rootfiles/common/linux-firmware
index 8d18c5258ba5ec33013acd18cdc883016da9db1e..319d7dcc9cdef2d9efad30bb0699a77ed14e4d55 100644 (file)
--- a/config/rootfiles/common/linux-firmware
+++ b/config/rootfiles/common/linux-firmware
@@ -620,11 +620,12 @@ lib/firmware/ath10k/QCA9984/hw1.0/firmware-5.bin
 #lib/firmware/ath10k/QCA9984/hw1.0/notice_ath10k_firmware-5.txt
 #lib/firmware/ath10k/QCA99X0
 #lib/firmware/ath10k/QCA99X0/hw2.0
-lib/firmware/ath10k/QCA99X0/hw2.0/board.bin
+lib/firmware/ath10k/QCA99X0/hw2.0/board-2.bin
 lib/firmware/ath10k/QCA99X0/hw2.0/firmware-5.bin
 #lib/firmware/ath10k/QCA99X0/hw2.0/notice_ath10k_firmware-5.txt
 #lib/firmware/ath10k/WCN3990
 lib/firmware/ath10k/WCN3990/hw1.0
+lib/firmware/ath10k/WCN3990/hw1.0/board-2.bin
 lib/firmware/ath10k/WCN3990/hw1.0/firmware-5.bin
 #lib/firmware/ath10k/WCN3990/hw1.0/notice.txt_wlanmdsp
 lib/firmware/ath10k/WCN3990/hw1.0/wlanmdsp.mbn
@@ -673,6 +674,26 @@ lib/firmware/ath11k/QCA6390/hw2.0
 lib/firmware/ath11k/QCA6390/hw2.0/amss.bin
 lib/firmware/ath11k/QCA6390/hw2.0/board-2.bin
 lib/firmware/ath11k/QCA6390/hw2.0/m3.bin
+#lib/firmware/ath11k/QCN9074
+#lib/firmware/ath11k/QCN9074/hw1.0
+#lib/firmware/ath11k/QCN9074/hw1.0/Notice.txt
+lib/firmware/ath11k/QCN9074/hw1.0/amss.bin
+lib/firmware/ath11k/QCN9074/hw1.0/board-2.bin
+lib/firmware/ath11k/QCN9074/hw1.0/m3.bin
+#lib/firmware/ath11k/WCN6750
+#lib/firmware/ath11k/WCN6750/hw1.0
+#lib/firmware/ath11k/WCN6750/hw1.0/Notice.txt
+lib/firmware/ath11k/WCN6750/hw1.0/board-2.bin
+lib/firmware/ath11k/WCN6750/hw1.0/wpss.b00
+lib/firmware/ath11k/WCN6750/hw1.0/wpss.b01
+lib/firmware/ath11k/WCN6750/hw1.0/wpss.b02
+lib/firmware/ath11k/WCN6750/hw1.0/wpss.b03
+lib/firmware/ath11k/WCN6750/hw1.0/wpss.b04
+lib/firmware/ath11k/WCN6750/hw1.0/wpss.b05
+lib/firmware/ath11k/WCN6750/hw1.0/wpss.b06
+lib/firmware/ath11k/WCN6750/hw1.0/wpss.b07
+lib/firmware/ath11k/WCN6750/hw1.0/wpss.b08
+lib/firmware/ath11k/WCN6750/hw1.0/wpss.mdt
 #lib/firmware/ath11k/WCN6855
 #lib/firmware/ath11k/WCN6855/hw2.0
 #lib/firmware/ath11k/WCN6855/hw2.0/Notice.txt
@@ -862,6 +883,8 @@ lib/firmware/brcm/brcmfmac4339-sdio.bin
 lib/firmware/brcm/brcmfmac43430-sdio.AP6212.txt
 lib/firmware/brcm/brcmfmac43430-sdio.Hampoo-D2D3_Vi8A1.txt
 lib/firmware/brcm/brcmfmac43430-sdio.MUR1DX.txt
+lib/firmware/brcm/brcmfmac43430-sdio.beagle,beaglev-starlight-jh7100-a1.txt
+lib/firmware/brcm/brcmfmac43430-sdio.beagle,beaglev-starlight-jh7100-r0.txt
 lib/firmware/brcm/brcmfmac43430-sdio.bin
 lib/firmware/brcm/brcmfmac43430-sdio.clm_blob
 lib/firmware/brcm/brcmfmac43430-sdio.friendlyarm,nanopi-r1.txt
@@ -871,6 +894,7 @@ lib/firmware/brcm/brcmfmac43430-sdio.sinovoip,bpi-m2-plus.txt
 lib/firmware/brcm/brcmfmac43430-sdio.sinovoip,bpi-m2-ultra.txt
 lib/firmware/brcm/brcmfmac43430-sdio.sinovoip,bpi-m2-zero.txt
 lib/firmware/brcm/brcmfmac43430-sdio.sinovoip,bpi-m3.txt
+lib/firmware/brcm/brcmfmac43430-sdio.starfive,visionfive-v1.txt
 lib/firmware/brcm/brcmfmac43430a0-sdio.ONDA-V80_PLUS.txt
 lib/firmware/brcm/brcmfmac43430a0-sdio.bin
 lib/firmware/brcm/brcmfmac43430a0-sdio.ilife-S806.txt
@@ -881,6 +905,7 @@ lib/firmware/brcm/brcmfmac43455-sdio.Raspberry_Pi_Foundation-Raspberry_Pi_Comput
 lib/firmware/brcm/brcmfmac43455-sdio.acepc-t8.txt
 lib/firmware/brcm/brcmfmac43455-sdio.bin
 lib/firmware/brcm/brcmfmac43455-sdio.clm_blob
+lib/firmware/brcm/brcmfmac43455-sdio.pine64,quartz64-b.txt
 lib/firmware/brcm/brcmfmac43455-sdio.raspberrypi,3-model-a-plus.txt
 lib/firmware/brcm/brcmfmac43455-sdio.raspberrypi,3-model-b-plus.txt
 lib/firmware/brcm/brcmfmac43455-sdio.raspberrypi,4-model-b.txt
@@ -1093,6 +1118,7 @@ lib/firmware/i915/adlp_dmc_ver2_14.bin
 lib/firmware/i915/adlp_dmc_ver2_16.bin
 lib/firmware/i915/adlp_guc_62.0.3.bin
 lib/firmware/i915/adlp_guc_69.0.3.bin
+lib/firmware/i915/adlp_guc_70.1.1.bin
 lib/firmware/i915/adls_dmc_ver2_01.bin
 lib/firmware/i915/bxt_dmc_ver1.bin
 lib/firmware/i915/bxt_dmc_ver1_07.bin
@@ -1101,6 +1127,7 @@ lib/firmware/i915/bxt_guc_33.0.0.bin
 lib/firmware/i915/bxt_guc_49.0.1.bin
 lib/firmware/i915/bxt_guc_62.0.0.bin
 lib/firmware/i915/bxt_guc_69.0.3.bin
+lib/firmware/i915/bxt_guc_70.1.1.bin
 lib/firmware/i915/bxt_guc_ver8_7.bin
 lib/firmware/i915/bxt_guc_ver9_29.bin
 lib/firmware/i915/bxt_huc_2.0.0.bin
@@ -1110,6 +1137,7 @@ lib/firmware/i915/cml_guc_33.0.0.bin
 lib/firmware/i915/cml_guc_49.0.1.bin
 lib/firmware/i915/cml_guc_62.0.0.bin
 lib/firmware/i915/cml_guc_69.0.3.bin
+lib/firmware/i915/cml_guc_70.1.1.bin
 lib/firmware/i915/cml_huc_4.0.0.bin
 lib/firmware/i915/cnl_dmc_ver1_06.bin
 lib/firmware/i915/cnl_dmc_ver1_07.bin
@@ -1117,12 +1145,16 @@ lib/firmware/i915/dg1_dmc_ver2_02.bin
 lib/firmware/i915/dg1_guc_49.0.1.bin
 lib/firmware/i915/dg1_guc_62.0.0.bin
 lib/firmware/i915/dg1_guc_69.0.3.bin
+lib/firmware/i915/dg1_guc_70.1.1.bin
 lib/firmware/i915/dg1_huc_7.7.1.bin
 lib/firmware/i915/dg1_huc_7.9.3.bin
+lib/firmware/i915/dg2_dmc_ver2_06.bin
+lib/firmware/i915/dg2_guc_70.1.2.bin
 lib/firmware/i915/ehl_guc_33.0.4.bin
 lib/firmware/i915/ehl_guc_49.0.1.bin
 lib/firmware/i915/ehl_guc_62.0.0.bin
 lib/firmware/i915/ehl_guc_69.0.3.bin
+lib/firmware/i915/ehl_guc_70.1.1.bin
 lib/firmware/i915/ehl_huc_9.0.0.bin
 lib/firmware/i915/glk_dmc_ver1_04.bin
 lib/firmware/i915/glk_guc_32.0.3.bin
@@ -1130,6 +1162,7 @@ lib/firmware/i915/glk_guc_33.0.0.bin
 lib/firmware/i915/glk_guc_49.0.1.bin
 lib/firmware/i915/glk_guc_62.0.0.bin
 lib/firmware/i915/glk_guc_69.0.3.bin
+lib/firmware/i915/glk_guc_70.1.1.bin
 lib/firmware/i915/glk_huc_4.0.0.bin
 lib/firmware/i915/glk_huc_ver03_01_2893.bin
 lib/firmware/i915/icl_dmc_ver1_07.bin
@@ -1139,6 +1172,7 @@ lib/firmware/i915/icl_guc_33.0.0.bin
 lib/firmware/i915/icl_guc_49.0.1.bin
 lib/firmware/i915/icl_guc_62.0.0.bin
 lib/firmware/i915/icl_guc_69.0.3.bin
+lib/firmware/i915/icl_guc_70.1.1.bin
 lib/firmware/i915/icl_huc_9.0.0.bin
 lib/firmware/i915/icl_huc_ver8_4_3238.bin
 lib/firmware/i915/kbl_dmc_ver1.bin
@@ -1149,6 +1183,7 @@ lib/firmware/i915/kbl_guc_33.0.0.bin
 lib/firmware/i915/kbl_guc_49.0.1.bin
 lib/firmware/i915/kbl_guc_62.0.0.bin
 lib/firmware/i915/kbl_guc_69.0.3.bin
+lib/firmware/i915/kbl_guc_70.1.1.bin
 lib/firmware/i915/kbl_guc_ver9_14.bin
 lib/firmware/i915/kbl_guc_ver9_39.bin
 lib/firmware/i915/kbl_huc_4.0.0.bin
@@ -1164,6 +1199,7 @@ lib/firmware/i915/skl_guc_33.0.0.bin
 lib/firmware/i915/skl_guc_49.0.1.bin
 lib/firmware/i915/skl_guc_62.0.0.bin
 lib/firmware/i915/skl_guc_69.0.3.bin
+lib/firmware/i915/skl_guc_70.1.1.bin
 lib/firmware/i915/skl_guc_ver1.bin
 lib/firmware/i915/skl_guc_ver4.bin
 lib/firmware/i915/skl_guc_ver6.bin
@@ -1179,6 +1215,7 @@ lib/firmware/i915/tgl_guc_35.2.0.bin
 lib/firmware/i915/tgl_guc_49.0.1.bin
 lib/firmware/i915/tgl_guc_62.0.0.bin
 lib/firmware/i915/tgl_guc_69.0.3.bin
+lib/firmware/i915/tgl_guc_70.1.1.bin
 lib/firmware/i915/tgl_huc_7.0.12.bin
 lib/firmware/i915/tgl_huc_7.0.3.bin
 lib/firmware/i915/tgl_huc_7.5.0.bin
@@ -1296,7 +1333,7 @@ lib/firmware/intel/ice/ddp-comms
 lib/firmware/intel/ice/ddp-comms/ice_comms-1.3.31.0.pkg
 lib/firmware/intel/ice/ddp-wireless_edge
 lib/firmware/intel/ice/ddp-wireless_edge/ice_wireless_edge-1.3.7.0.pkg
-lib/firmware/intel/ice/ddp/ice-1.3.26.0.pkg
+lib/firmware/intel/ice/ddp/ice-1.3.28.0.pkg
 lib/firmware/intel/ice/ddp/ice.pkg
 lib/firmware/intel/ipu3-fw.bin
 lib/firmware/intel/irci_irci_ecr-master_20161208_0213_20170112_1500.bin
@@ -1313,15 +1350,7 @@ lib/firmware/iwlwifi-105-6.ucode
 lib/firmware/iwlwifi-135-6.ucode
 lib/firmware/iwlwifi-2000-6.ucode
 lib/firmware/iwlwifi-2030-6.ucode
-lib/firmware/iwlwifi-3160-10.ucode
-lib/firmware/iwlwifi-3160-12.ucode
-lib/firmware/iwlwifi-3160-13.ucode
-lib/firmware/iwlwifi-3160-16.ucode
 lib/firmware/iwlwifi-3160-17.ucode
-lib/firmware/iwlwifi-3160-7.ucode
-lib/firmware/iwlwifi-3160-8.ucode
-lib/firmware/iwlwifi-3160-9.ucode
-lib/firmware/iwlwifi-3168-21.ucode
 lib/firmware/iwlwifi-3168-22.ucode
 lib/firmware/iwlwifi-3168-27.ucode
 lib/firmware/iwlwifi-3168-29.ucode
@@ -1338,39 +1367,16 @@ lib/firmware/iwlwifi-6000g2b-5.ucode
 lib/firmware/iwlwifi-6000g2b-6.ucode
 lib/firmware/iwlwifi-6050-4.ucode
 lib/firmware/iwlwifi-6050-5.ucode
-lib/firmware/iwlwifi-7260-10.ucode
-lib/firmware/iwlwifi-7260-12.ucode
-lib/firmware/iwlwifi-7260-13.ucode
-lib/firmware/iwlwifi-7260-16.ucode
 lib/firmware/iwlwifi-7260-17.ucode
-lib/firmware/iwlwifi-7260-7.ucode
-lib/firmware/iwlwifi-7260-8.ucode
-lib/firmware/iwlwifi-7260-9.ucode
-lib/firmware/iwlwifi-7265-10.ucode
-lib/firmware/iwlwifi-7265-12.ucode
-lib/firmware/iwlwifi-7265-13.ucode
-lib/firmware/iwlwifi-7265-16.ucode
 lib/firmware/iwlwifi-7265-17.ucode
-lib/firmware/iwlwifi-7265-8.ucode
-lib/firmware/iwlwifi-7265-9.ucode
-lib/firmware/iwlwifi-7265D-10.ucode
-lib/firmware/iwlwifi-7265D-12.ucode
-lib/firmware/iwlwifi-7265D-13.ucode
-lib/firmware/iwlwifi-7265D-16.ucode
-lib/firmware/iwlwifi-7265D-17.ucode
-lib/firmware/iwlwifi-7265D-21.ucode
 lib/firmware/iwlwifi-7265D-22.ucode
 lib/firmware/iwlwifi-7265D-27.ucode
 lib/firmware/iwlwifi-7265D-29.ucode
-lib/firmware/iwlwifi-8000C-13.ucode
-lib/firmware/iwlwifi-8000C-16.ucode
-lib/firmware/iwlwifi-8000C-21.ucode
 lib/firmware/iwlwifi-8000C-22.ucode
 lib/firmware/iwlwifi-8000C-27.ucode
 lib/firmware/iwlwifi-8000C-31.ucode
 lib/firmware/iwlwifi-8000C-34.ucode
 lib/firmware/iwlwifi-8000C-36.ucode
-lib/firmware/iwlwifi-8265-21.ucode
 lib/firmware/iwlwifi-8265-22.ucode
 lib/firmware/iwlwifi-8265-27.ucode
 lib/firmware/iwlwifi-8265-31.ucode
@@ -1398,6 +1404,7 @@ lib/firmware/iwlwifi-Qu-b0-hr-b0-63.ucode
 lib/firmware/iwlwifi-Qu-b0-hr-b0-66.ucode
 lib/firmware/iwlwifi-Qu-b0-hr-b0-68.ucode
 lib/firmware/iwlwifi-Qu-b0-hr-b0-71.ucode
+lib/firmware/iwlwifi-Qu-b0-hr-b0-73.ucode
 lib/firmware/iwlwifi-Qu-b0-jf-b0-48.ucode
 lib/firmware/iwlwifi-Qu-b0-jf-b0-50.ucode
 lib/firmware/iwlwifi-Qu-b0-jf-b0-53.ucode
@@ -1408,6 +1415,7 @@ lib/firmware/iwlwifi-Qu-b0-jf-b0-63.ucode
 lib/firmware/iwlwifi-Qu-b0-jf-b0-66.ucode
 lib/firmware/iwlwifi-Qu-b0-jf-b0-68.ucode
 lib/firmware/iwlwifi-Qu-b0-jf-b0-71.ucode
+lib/firmware/iwlwifi-Qu-b0-jf-b0-73.ucode
 lib/firmware/iwlwifi-Qu-c0-hr-b0-48.ucode
 lib/firmware/iwlwifi-Qu-c0-hr-b0-50.ucode
 lib/firmware/iwlwifi-Qu-c0-hr-b0-53.ucode
@@ -1418,6 +1426,7 @@ lib/firmware/iwlwifi-Qu-c0-hr-b0-63.ucode
 lib/firmware/iwlwifi-Qu-c0-hr-b0-66.ucode
 lib/firmware/iwlwifi-Qu-c0-hr-b0-68.ucode
 lib/firmware/iwlwifi-Qu-c0-hr-b0-71.ucode
+lib/firmware/iwlwifi-Qu-c0-hr-b0-73.ucode
 lib/firmware/iwlwifi-Qu-c0-jf-b0-48.ucode
 lib/firmware/iwlwifi-Qu-c0-jf-b0-50.ucode
 lib/firmware/iwlwifi-Qu-c0-jf-b0-53.ucode
@@ -1428,6 +1437,7 @@ lib/firmware/iwlwifi-Qu-c0-jf-b0-63.ucode
 lib/firmware/iwlwifi-Qu-c0-jf-b0-66.ucode
 lib/firmware/iwlwifi-Qu-c0-jf-b0-68.ucode
 lib/firmware/iwlwifi-Qu-c0-jf-b0-71.ucode
+lib/firmware/iwlwifi-Qu-c0-jf-b0-73.ucode
 lib/firmware/iwlwifi-QuZ-a0-hr-b0-48.ucode
 lib/firmware/iwlwifi-QuZ-a0-hr-b0-50.ucode
 lib/firmware/iwlwifi-QuZ-a0-hr-b0-53.ucode
@@ -1439,6 +1449,7 @@ lib/firmware/iwlwifi-QuZ-a0-hr-b0-66.ucode
 lib/firmware/iwlwifi-QuZ-a0-hr-b0-67.ucode
 lib/firmware/iwlwifi-QuZ-a0-hr-b0-68.ucode
 lib/firmware/iwlwifi-QuZ-a0-hr-b0-71.ucode
+lib/firmware/iwlwifi-QuZ-a0-hr-b0-73.ucode
 lib/firmware/iwlwifi-QuZ-a0-jf-b0-48.ucode
 lib/firmware/iwlwifi-QuZ-a0-jf-b0-50.ucode
 lib/firmware/iwlwifi-QuZ-a0-jf-b0-53.ucode
@@ -1449,6 +1460,7 @@ lib/firmware/iwlwifi-QuZ-a0-jf-b0-63.ucode
 lib/firmware/iwlwifi-QuZ-a0-jf-b0-66.ucode
 lib/firmware/iwlwifi-QuZ-a0-jf-b0-68.ucode
 lib/firmware/iwlwifi-QuZ-a0-jf-b0-71.ucode
+lib/firmware/iwlwifi-QuZ-a0-jf-b0-73.ucode
 lib/firmware/iwlwifi-cc-a0-46.ucode
 lib/firmware/iwlwifi-cc-a0-48.ucode
 lib/firmware/iwlwifi-cc-a0-50.ucode
@@ -1461,21 +1473,26 @@ lib/firmware/iwlwifi-cc-a0-66.ucode
 lib/firmware/iwlwifi-cc-a0-67.ucode
 lib/firmware/iwlwifi-cc-a0-68.ucode
 lib/firmware/iwlwifi-cc-a0-71.ucode
+lib/firmware/iwlwifi-cc-a0-73.ucode
 lib/firmware/iwlwifi-so-a0-gf-a0-64.ucode
 lib/firmware/iwlwifi-so-a0-gf-a0-67.ucode
 lib/firmware/iwlwifi-so-a0-gf-a0-68.ucode
 lib/firmware/iwlwifi-so-a0-gf-a0-71.ucode
+lib/firmware/iwlwifi-so-a0-gf-a0-73.ucode
 lib/firmware/iwlwifi-so-a0-gf-a0.pnvm
 lib/firmware/iwlwifi-so-a0-gf4-a0-67.ucode
 lib/firmware/iwlwifi-so-a0-gf4-a0-68.ucode
 lib/firmware/iwlwifi-so-a0-gf4-a0-71.ucode
+lib/firmware/iwlwifi-so-a0-gf4-a0-73.ucode
 lib/firmware/iwlwifi-so-a0-gf4-a0.pnvm
 lib/firmware/iwlwifi-so-a0-hr-b0-64.ucode
 lib/firmware/iwlwifi-so-a0-hr-b0-68.ucode
 lib/firmware/iwlwifi-so-a0-hr-b0-71.ucode
+lib/firmware/iwlwifi-so-a0-hr-b0-73.ucode
 lib/firmware/iwlwifi-so-a0-jf-b0-64.ucode
 lib/firmware/iwlwifi-so-a0-jf-b0-68.ucode
 lib/firmware/iwlwifi-so-a0-jf-b0-71.ucode
+lib/firmware/iwlwifi-so-a0-jf-b0-73.ucode
 lib/firmware/iwlwifi-ty-a0-gf-a0-59.ucode
 lib/firmware/iwlwifi-ty-a0-gf-a0-62.ucode
 lib/firmware/iwlwifi-ty-a0-gf-a0-63.ucode
@@ -1483,6 +1500,7 @@ lib/firmware/iwlwifi-ty-a0-gf-a0-66.ucode
 lib/firmware/iwlwifi-ty-a0-gf-a0-67.ucode
 lib/firmware/iwlwifi-ty-a0-gf-a0-68.ucode
 lib/firmware/iwlwifi-ty-a0-gf-a0-71.ucode
+lib/firmware/iwlwifi-ty-a0-gf-a0-73.ucode
 lib/firmware/iwlwifi-ty-a0-gf-a0.pnvm
 #lib/firmware/kaweth
 lib/firmware/kaweth/new_code.bin
@@ -1591,7 +1609,13 @@ lib/firmware/mediatek/mt8173/vpu_d.bin
 lib/firmware/mediatek/mt8173/vpu_p.bin
 #lib/firmware/mediatek/mt8183
 lib/firmware/mediatek/mt8183/scp.img
+#lib/firmware/mediatek/mt8192
+lib/firmware/mediatek/mt8192/scp.img
+#lib/firmware/mediatek/mt8195
+lib/firmware/mediatek/mt8195/scp.img
 #lib/firmware/mellanox
+#lib/firmware/mellanox/lc_ini_bundle_2010_1006.bin
+#lib/firmware/mellanox/lc_ini_bundle_2010_1502.bin
 #lib/firmware/mellanox/mlxsw_spectrum-13.1420.122.mfa2
 #lib/firmware/mellanox/mlxsw_spectrum-13.1530.152.mfa2
 #lib/firmware/mellanox/mlxsw_spectrum-13.1620.192.mfa2
@@ -1615,6 +1639,7 @@ lib/firmware/mediatek/mt8183/scp.img
 #lib/firmware/mellanox/mlxsw_spectrum-13.2010.1006.mfa2
 #lib/firmware/mellanox/mlxsw_spectrum-13.2010.1232.mfa2
 #lib/firmware/mellanox/mlxsw_spectrum-13.2010.1406.mfa2
+#lib/firmware/mellanox/mlxsw_spectrum-13.2010.1502.mfa2
 #lib/firmware/mellanox/mlxsw_spectrum2-29.2000.2308.mfa2
 #lib/firmware/mellanox/mlxsw_spectrum2-29.2000.2714.mfa2
 #lib/firmware/mellanox/mlxsw_spectrum2-29.2007.1168.mfa2
@@ -1630,6 +1655,7 @@ lib/firmware/mediatek/mt8183/scp.img
 #lib/firmware/mellanox/mlxsw_spectrum2-29.2010.1006.mfa2
 #lib/firmware/mellanox/mlxsw_spectrum2-29.2010.1232.mfa2
 #lib/firmware/mellanox/mlxsw_spectrum2-29.2010.1406.mfa2
+#lib/firmware/mellanox/mlxsw_spectrum2-29.2010.1502.mfa2
 #lib/firmware/mellanox/mlxsw_spectrum3-30.2007.1168.mfa2
 #lib/firmware/mellanox/mlxsw_spectrum3-30.2008.1036.mfa2
 #lib/firmware/mellanox/mlxsw_spectrum3-30.2008.1310.mfa2
@@ -1643,6 +1669,7 @@ lib/firmware/mediatek/mt8183/scp.img
 #lib/firmware/mellanox/mlxsw_spectrum3-30.2010.1006.mfa2
 #lib/firmware/mellanox/mlxsw_spectrum3-30.2010.1232.mfa2
 #lib/firmware/mellanox/mlxsw_spectrum3-30.2010.1406.mfa2
+#lib/firmware/mellanox/mlxsw_spectrum3-30.2010.1502.mfa2
 #lib/firmware/meson
 #lib/firmware/meson/vdec
 lib/firmware/meson/vdec/g12a_h264.bin
@@ -2420,6 +2447,10 @@ lib/firmware/qca/rampatch_usb_00130201.bin
 #lib/firmware/qcom
 lib/firmware/qcom/a300_pfp.fw
 lib/firmware/qcom/a300_pm4.fw
+lib/firmware/qcom/a330_pfp.fw
+lib/firmware/qcom/a330_pm4.fw
+lib/firmware/qcom/a420_pfp.fw
+lib/firmware/qcom/a420_pm4.fw
 lib/firmware/qcom/a530_pfp.fw
 lib/firmware/qcom/a530_pm4.fw
 lib/firmware/qcom/a530_zap.b00
@@ -2433,6 +2464,15 @@ lib/firmware/qcom/a650_gmu.bin
 lib/firmware/qcom/a650_sqe.fw
 lib/firmware/qcom/a660_gmu.bin
 lib/firmware/qcom/a660_sqe.fw
+#lib/firmware/qcom/apq8096
+lib/firmware/qcom/apq8096/adsp.mbn
+lib/firmware/qcom/apq8096/adspr.jsn
+lib/firmware/qcom/apq8096/adspua.jsn
+lib/firmware/qcom/apq8096/mba.mbn
+lib/firmware/qcom/apq8096/modem.mbn
+lib/firmware/qcom/apq8096/modemr.jsn
+lib/firmware/qcom/leia_pfp_470.fw
+lib/firmware/qcom/leia_pm4_470.fw
 #lib/firmware/qcom/sdm845
 #lib/firmware/qcom/sdm845/a630_zap.mbn
 #lib/firmware/qcom/sdm845/adsp.mbn
@@ -2847,6 +2887,8 @@ lib/firmware/rtl_bt/rtl8852au_config.bin
 lib/firmware/rtl_bt/rtl8852au_fw.bin
 lib/firmware/rtl_bt/rtl8852bu_config.bin
 lib/firmware/rtl_bt/rtl8852bu_fw.bin
+lib/firmware/rtl_bt/rtl8852cu_config.bin
+lib/firmware/rtl_bt/rtl8852cu_fw.bin
 #lib/firmware/rtl_nic
 lib/firmware/rtl_nic/rtl8105e-1.fw
 lib/firmware/rtl_nic/rtl8106e-1.fw
@@ -2926,6 +2968,7 @@ lib/firmware/rtw88/rtw8822c_fw.bin
 lib/firmware/rtw88/rtw8822c_wow_fw.bin
 lib/firmware/rtw89
 lib/firmware/rtw89/rtw8852a_fw.bin
+lib/firmware/rtw89/rtw8852c_fw.bin
 lib/firmware/s2250.fw
 lib/firmware/s2250_loader.fw
 lib/firmware/s5p-mfc-v6-v2.fw
diff --git a/config/rootfiles/common/oath-toolkit b/config/rootfiles/common/oath-toolkit
new file mode 100644 (file)
index 0000000..ef10a86
--- /dev/null
+++ b/config/rootfiles/common/oath-toolkit
@@ -0,0 +1,219 @@
+usr/bin/oathtool
+#usr/bin/pskctool
+#usr/include/liboath
+#usr/include/liboath/oath.h
+#usr/include/pskc
+#usr/include/pskc/container.h
+#usr/include/pskc/enums.h
+#usr/include/pskc/errors.h
+#usr/include/pskc/exports.h
+#usr/include/pskc/global.h
+#usr/include/pskc/keypackage.h
+#usr/include/pskc/pskc.h
+#usr/include/pskc/version.h
+#usr/lib/liboath.a
+#usr/lib/liboath.la
+#usr/lib/liboath.so
+usr/lib/liboath.so.0
+usr/lib/liboath.so.0.1.3
+#usr/lib/libpskc.a
+#usr/lib/libpskc.la
+#usr/lib/libpskc.so
+#usr/lib/libpskc.so.0
+#usr/lib/libpskc.so.0.0.1
+#usr/lib/pkgconfig/liboath.pc
+#usr/lib/pkgconfig/libpskc.pc
+#usr/lib/security/pam_oath.la
+#usr/lib/security/pam_oath.so
+#usr/share/gtk-doc/html/liboath
+#usr/share/gtk-doc/html/liboath/api-index-1-10-0.html
+#usr/share/gtk-doc/html/liboath/api-index-1-12-0.html
+#usr/share/gtk-doc/html/liboath/api-index-1-4-0.html
+#usr/share/gtk-doc/html/liboath/api-index-1-6-0.html
+#usr/share/gtk-doc/html/liboath/api-index-1-8-0.html
+#usr/share/gtk-doc/html/liboath/api-index-2-4-0.html
+#usr/share/gtk-doc/html/liboath/api-index-2-6-0.html
+#usr/share/gtk-doc/html/liboath/api-index-full.html
+#usr/share/gtk-doc/html/liboath/deprecated-api-index.html
+#usr/share/gtk-doc/html/liboath/home.png
+#usr/share/gtk-doc/html/liboath/index.html
+#usr/share/gtk-doc/html/liboath/intro.html
+#usr/share/gtk-doc/html/liboath/left-insensitive.png
+#usr/share/gtk-doc/html/liboath/left.png
+#usr/share/gtk-doc/html/liboath/liboath-oath.h.html
+#usr/share/gtk-doc/html/liboath/liboath.devhelp2
+#usr/share/gtk-doc/html/liboath/right-insensitive.png
+#usr/share/gtk-doc/html/liboath/right.png
+#usr/share/gtk-doc/html/liboath/style.css
+#usr/share/gtk-doc/html/liboath/up-insensitive.png
+#usr/share/gtk-doc/html/liboath/up.png
+#usr/share/gtk-doc/html/libpskc
+#usr/share/gtk-doc/html/libpskc/api-index-2-2-0.html
+#usr/share/gtk-doc/html/libpskc/api-index-full.html
+#usr/share/gtk-doc/html/libpskc/deprecated-api-index.html
+#usr/share/gtk-doc/html/libpskc/home.png
+#usr/share/gtk-doc/html/libpskc/index.html
+#usr/share/gtk-doc/html/libpskc/left-insensitive.png
+#usr/share/gtk-doc/html/libpskc/left.png
+#usr/share/gtk-doc/html/libpskc/libpskc-container.html
+#usr/share/gtk-doc/html/libpskc/libpskc-enums.html
+#usr/share/gtk-doc/html/libpskc/libpskc-errors.html
+#usr/share/gtk-doc/html/libpskc/libpskc-global.html
+#usr/share/gtk-doc/html/libpskc/libpskc-keypackage.html
+#usr/share/gtk-doc/html/libpskc/libpskc-pskc.html
+#usr/share/gtk-doc/html/libpskc/libpskc-version.html
+#usr/share/gtk-doc/html/libpskc/libpskc.devhelp2
+#usr/share/gtk-doc/html/libpskc/pskc-reference.html
+#usr/share/gtk-doc/html/libpskc/pskc-tutorial-libpskc-create.html
+#usr/share/gtk-doc/html/libpskc/pskc-tutorial-libpskc-sign.html
+#usr/share/gtk-doc/html/libpskc/pskc-tutorial-libpskc-verify.html
+#usr/share/gtk-doc/html/libpskc/pskc-tutorial-library.html
+#usr/share/gtk-doc/html/libpskc/pskc-tutorial-pskctool-sign.html
+#usr/share/gtk-doc/html/libpskc/pskc-tutorial-pskctool-validate.html
+#usr/share/gtk-doc/html/libpskc/pskc-tutorial-pskctool-verify.html
+#usr/share/gtk-doc/html/libpskc/pskc-tutorial-pskctool.html
+#usr/share/gtk-doc/html/libpskc/pskc-tutorial-quickstart.html
+#usr/share/gtk-doc/html/libpskc/pskc-tutorial.html
+#usr/share/gtk-doc/html/libpskc/right-insensitive.png
+#usr/share/gtk-doc/html/libpskc/right.png
+#usr/share/gtk-doc/html/libpskc/style.css
+#usr/share/gtk-doc/html/libpskc/up-insensitive.png
+#usr/share/gtk-doc/html/libpskc/up.png
+#usr/share/man/man1/oathtool.1
+#usr/share/man/man1/pskctool.1
+#usr/share/man/man3/oath_authenticate_usersfile.3
+#usr/share/man/man3/oath_base32_decode.3
+#usr/share/man/man3/oath_base32_encode.3
+#usr/share/man/man3/oath_bin2hex.3
+#usr/share/man/man3/oath_check_version.3
+#usr/share/man/man3/oath_done.3
+#usr/share/man/man3/oath_hex2bin.3
+#usr/share/man/man3/oath_hotp_generate.3
+#usr/share/man/man3/oath_hotp_validate.3
+#usr/share/man/man3/oath_hotp_validate_callback.3
+#usr/share/man/man3/oath_init.3
+#usr/share/man/man3/oath_strerror.3
+#usr/share/man/man3/oath_strerror_name.3
+#usr/share/man/man3/oath_totp_generate.3
+#usr/share/man/man3/oath_totp_generate2.3
+#usr/share/man/man3/oath_totp_validate.3
+#usr/share/man/man3/oath_totp_validate2.3
+#usr/share/man/man3/oath_totp_validate2_callback.3
+#usr/share/man/man3/oath_totp_validate3.3
+#usr/share/man/man3/oath_totp_validate3_callback.3
+#usr/share/man/man3/oath_totp_validate4.3
+#usr/share/man/man3/oath_totp_validate4_callback.3
+#usr/share/man/man3/oath_totp_validate_callback.3
+#usr/share/man/man3/pskc_add_keypackage.3
+#usr/share/man/man3/pskc_build_xml.3
+#usr/share/man/man3/pskc_check_version.3
+#usr/share/man/man3/pskc_done.3
+#usr/share/man/man3/pskc_free.3
+#usr/share/man/man3/pskc_get_cryptomodule_id.3
+#usr/share/man/man3/pskc_get_device_devicebinding.3
+#usr/share/man/man3/pskc_get_device_expirydate.3
+#usr/share/man/man3/pskc_get_device_issueno.3
+#usr/share/man/man3/pskc_get_device_manufacturer.3
+#usr/share/man/man3/pskc_get_device_model.3
+#usr/share/man/man3/pskc_get_device_serialno.3
+#usr/share/man/man3/pskc_get_device_startdate.3
+#usr/share/man/man3/pskc_get_device_userid.3
+#usr/share/man/man3/pskc_get_id.3
+#usr/share/man/man3/pskc_get_key_algorithm.3
+#usr/share/man/man3/pskc_get_key_algparm_chall_checkdigits.3
+#usr/share/man/man3/pskc_get_key_algparm_chall_encoding.3
+#usr/share/man/man3/pskc_get_key_algparm_chall_max.3
+#usr/share/man/man3/pskc_get_key_algparm_chall_min.3
+#usr/share/man/man3/pskc_get_key_algparm_resp_checkdigits.3
+#usr/share/man/man3/pskc_get_key_algparm_resp_encoding.3
+#usr/share/man/man3/pskc_get_key_algparm_resp_length.3
+#usr/share/man/man3/pskc_get_key_algparm_suite.3
+#usr/share/man/man3/pskc_get_key_data_b64secret.3
+#usr/share/man/man3/pskc_get_key_data_counter.3
+#usr/share/man/man3/pskc_get_key_data_secret.3
+#usr/share/man/man3/pskc_get_key_data_time.3
+#usr/share/man/man3/pskc_get_key_data_timedrift.3
+#usr/share/man/man3/pskc_get_key_data_timeinterval.3
+#usr/share/man/man3/pskc_get_key_friendlyname.3
+#usr/share/man/man3/pskc_get_key_id.3
+#usr/share/man/man3/pskc_get_key_issuer.3
+#usr/share/man/man3/pskc_get_key_policy_expirydate.3
+#usr/share/man/man3/pskc_get_key_policy_keyusages.3
+#usr/share/man/man3/pskc_get_key_policy_numberoftransactions.3
+#usr/share/man/man3/pskc_get_key_policy_pinencoding.3
+#usr/share/man/man3/pskc_get_key_policy_pinkeyid.3
+#usr/share/man/man3/pskc_get_key_policy_pinmaxfailedattempts.3
+#usr/share/man/man3/pskc_get_key_policy_pinmaxlength.3
+#usr/share/man/man3/pskc_get_key_policy_pinminlength.3
+#usr/share/man/man3/pskc_get_key_policy_pinusagemode.3
+#usr/share/man/man3/pskc_get_key_policy_startdate.3
+#usr/share/man/man3/pskc_get_key_profileid.3
+#usr/share/man/man3/pskc_get_key_reference.3
+#usr/share/man/man3/pskc_get_key_userid.3
+#usr/share/man/man3/pskc_get_keypackage.3
+#usr/share/man/man3/pskc_get_signed_p.3
+#usr/share/man/man3/pskc_get_version.3
+#usr/share/man/man3/pskc_global_done.3
+#usr/share/man/man3/pskc_global_init.3
+#usr/share/man/man3/pskc_global_log.3
+#usr/share/man/man3/pskc_init.3
+#usr/share/man/man3/pskc_keyusage2str.3
+#usr/share/man/man3/pskc_output.3
+#usr/share/man/man3/pskc_parse_from_memory.3
+#usr/share/man/man3/pskc_pinusagemode2str.3
+#usr/share/man/man3/pskc_set_cryptomodule_id.3
+#usr/share/man/man3/pskc_set_device_devicebinding.3
+#usr/share/man/man3/pskc_set_device_expirydate.3
+#usr/share/man/man3/pskc_set_device_issueno.3
+#usr/share/man/man3/pskc_set_device_manufacturer.3
+#usr/share/man/man3/pskc_set_device_model.3
+#usr/share/man/man3/pskc_set_device_serialno.3
+#usr/share/man/man3/pskc_set_device_startdate.3
+#usr/share/man/man3/pskc_set_device_userid.3
+#usr/share/man/man3/pskc_set_id.3
+#usr/share/man/man3/pskc_set_key_algorithm.3
+#usr/share/man/man3/pskc_set_key_algparm_chall_checkdigits.3
+#usr/share/man/man3/pskc_set_key_algparm_chall_encoding.3
+#usr/share/man/man3/pskc_set_key_algparm_chall_max.3
+#usr/share/man/man3/pskc_set_key_algparm_chall_min.3
+#usr/share/man/man3/pskc_set_key_algparm_resp_checkdigits.3
+#usr/share/man/man3/pskc_set_key_algparm_resp_encoding.3
+#usr/share/man/man3/pskc_set_key_algparm_resp_length.3
+#usr/share/man/man3/pskc_set_key_algparm_suite.3
+#usr/share/man/man3/pskc_set_key_data_b64secret.3
+#usr/share/man/man3/pskc_set_key_data_counter.3
+#usr/share/man/man3/pskc_set_key_data_secret.3
+#usr/share/man/man3/pskc_set_key_data_time.3
+#usr/share/man/man3/pskc_set_key_data_timedrift.3
+#usr/share/man/man3/pskc_set_key_data_timeinterval.3
+#usr/share/man/man3/pskc_set_key_friendlyname.3
+#usr/share/man/man3/pskc_set_key_id.3
+#usr/share/man/man3/pskc_set_key_issuer.3
+#usr/share/man/man3/pskc_set_key_policy_expirydate.3
+#usr/share/man/man3/pskc_set_key_policy_keyusages.3
+#usr/share/man/man3/pskc_set_key_policy_numberoftransactions.3
+#usr/share/man/man3/pskc_set_key_policy_pinencoding.3
+#usr/share/man/man3/pskc_set_key_policy_pinkeyid.3
+#usr/share/man/man3/pskc_set_key_policy_pinmaxfailedattempts.3
+#usr/share/man/man3/pskc_set_key_policy_pinmaxlength.3
+#usr/share/man/man3/pskc_set_key_policy_pinminlength.3
+#usr/share/man/man3/pskc_set_key_policy_pinusagemode.3
+#usr/share/man/man3/pskc_set_key_policy_startdate.3
+#usr/share/man/man3/pskc_set_key_profileid.3
+#usr/share/man/man3/pskc_set_key_reference.3
+#usr/share/man/man3/pskc_set_key_userid.3
+#usr/share/man/man3/pskc_set_version.3
+#usr/share/man/man3/pskc_sign_x509.3
+#usr/share/man/man3/pskc_str2keyusage.3
+#usr/share/man/man3/pskc_str2pinusagemode.3
+#usr/share/man/man3/pskc_str2valueformat.3
+#usr/share/man/man3/pskc_strerror.3
+#usr/share/man/man3/pskc_strerror_name.3
+#usr/share/man/man3/pskc_validate.3
+#usr/share/man/man3/pskc_valueformat2str.3
+#usr/share/man/man3/pskc_verify_x509crt.3
+#usr/share/xml/pskc
+#usr/share/xml/pskc/catalog-pskc.xml
+#usr/share/xml/pskc/pskc-schema.xsd
+#usr/share/xml/pskc/xenc-schema.xsd
+#usr/share/xml/pskc/xmldsig-core-schema.xsd
diff --git a/config/rootfiles/common/openvpn b/config/rootfiles/common/openvpn
index 6c3457d01bc7a92faa0a035840eda3ffe3320189..d9848a579cb8a33b52a9ab8c73bbe38861477925 100644 (file)
--- a/config/rootfiles/common/openvpn
+++ b/config/rootfiles/common/openvpn
@@ -9,6 +9,7 @@ usr/lib/openvpn/plugins/openvpn-plugin-auth-pam.so
 usr/lib/openvpn/plugins/openvpn-plugin-down-root.so
 usr/lib/openvpn/verify
 usr/sbin/openvpn
+usr/sbin/openvpn-authenticator
 #usr/share/doc/openvpn
 #usr/share/doc/openvpn/COPYING
 #usr/share/doc/openvpn/COPYRIGHT.GPL
@@ -35,6 +36,7 @@ var/ipfire/ovpn/crls
 var/ipfire/ovpn/n2nconf
 #var/ipfire/ovpn/openssl
 var/ipfire/ovpn/openssl/ovpn.cnf
+var/ipfire/ovpn/openvpn-authenticator
 var/ipfire/ovpn/ovpn-leases.db
 var/ipfire/ovpn/ovpnconfig
 var/ipfire/ovpn/scripts
diff --git a/config/rootfiles/common/perl-File-Remove b/config/rootfiles/common/perl-File-Remove
new file mode 100644 (file)
index 0000000..b9b6461
--- /dev/null
+++ b/config/rootfiles/common/perl-File-Remove
@@ -0,0 +1,4 @@
+usr/lib/perl5/site_perl/5.32.1/File/Remove.pm
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/File/Remove
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/File/Remove/.packlist
+#usr/share/man/man3/File::Remove.3
diff --git a/config/rootfiles/common/perl-Imager b/config/rootfiles/common/perl-Imager
new file mode 100644 (file)
index 0000000..2416a78
--- /dev/null
+++ b/config/rootfiles/common/perl-Imager
@@ -0,0 +1,165 @@
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/API.pod
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/APIRef.pod
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Color
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Color.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Color/Float.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Color/Table.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Cookbook.pod
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/CountColor.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Draw.pod
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Engines.pod
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Expr
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Expr.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Expr/Assem.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/ExtUtils.pm
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/File
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/File/CUR.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/File/ICO.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/File/JPEG.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/File/PNG.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/File/SGI.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/File/TIFF.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Files.pod
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Fill.pm
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Filter
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Filter/DynTest.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Filter/Flines.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Filter/Mandelbrot.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Filters.pod
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Font
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Font.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Font/BBox.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Font/FT2.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Font/FreeType2.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Font/Image.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Font/Test.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Font/Truetype.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Font/Type1.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Font/Wrap.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Fountain.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Handy.pod
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/IO.pod
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/ImageTypes.pod
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Inline.pod
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Install.pod
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/LargeSamples.pod
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Matrix2d.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Preprocess.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Probe.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Regops.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Security.pod
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Test.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Threads.pod
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Transform.pm
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Transformations.pod
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/Tutorial.pod
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/draw.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/dynaload.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/ext.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/feat.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/imager.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/imageri.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/imconfig.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/imdatatypes.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/imerror.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/imexif.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/imext.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/imextdef.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/imextpl.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/imextpltypes.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/imexttypes.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/imio.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/immacros.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/imperl.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/imperlio.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/imrender.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/iolayer.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/iolayert.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/log.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/plug.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/ppport.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/regmach.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/rendert.h
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/include/stackmach.h
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/interface.pod
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/regmach.pod
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/typemap
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/.packlist
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/CountColor
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/CountColor/CountColor.so
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/File
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/File/ICO
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/File/ICO/ICO.so
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/File/JPEG
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/File/JPEG/JPEG.so
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/File/PNG
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/File/PNG/PNG.so
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/File/SGI
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/File/SGI/SGI.so
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/File/TIFF
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/File/TIFF/TIFF.so
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/Filter
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/Filter/DynTest
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/Filter/DynTest/DynTest.so
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/Filter/Flines
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/Filter/Flines/Flines.so
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/Filter/Mandelbrot
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/Filter/Mandelbrot/Mandelbrot.so
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/Font
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/Font/FT2
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/Font/FT2/FT2.so
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/Imager.so
+#usr/share/man/man3/Imager.3
+#usr/share/man/man3/Imager::API.3
+#usr/share/man/man3/Imager::APIRef.3
+#usr/share/man/man3/Imager::Color.3
+#usr/share/man/man3/Imager::Color::Float.3
+#usr/share/man/man3/Imager::Color::Table.3
+#usr/share/man/man3/Imager::Cookbook.3
+#usr/share/man/man3/Imager::CountColor.3
+#usr/share/man/man3/Imager::Draw.3
+#usr/share/man/man3/Imager::Engines.3
+#usr/share/man/man3/Imager::Expr.3
+#usr/share/man/man3/Imager::Expr::Assem.3
+#usr/share/man/man3/Imager::ExtUtils.3
+#usr/share/man/man3/Imager::File::ICO.3
+#usr/share/man/man3/Imager::File::JPEG.3
+#usr/share/man/man3/Imager::File::PNG.3
+#usr/share/man/man3/Imager::File::SGI.3
+#usr/share/man/man3/Imager::File::TIFF.3
+#usr/share/man/man3/Imager::Files.3
+#usr/share/man/man3/Imager::Fill.3
+#usr/share/man/man3/Imager::Filter::Flines.3
+#usr/share/man/man3/Imager::Filter::Mandelbrot.3
+#usr/share/man/man3/Imager::Filters.3
+#usr/share/man/man3/Imager::Font.3
+#usr/share/man/man3/Imager::Font::BBox.3
+#usr/share/man/man3/Imager::Font::FT2.3
+#usr/share/man/man3/Imager::Font::FreeType2.3
+#usr/share/man/man3/Imager::Font::Test.3
+#usr/share/man/man3/Imager::Font::Truetype.3
+#usr/share/man/man3/Imager::Font::Type1.3
+#usr/share/man/man3/Imager::Font::Wrap.3
+#usr/share/man/man3/Imager::Fountain.3
+#usr/share/man/man3/Imager::Handy.3
+#usr/share/man/man3/Imager::IO.3
+#usr/share/man/man3/Imager::ImageTypes.3
+#usr/share/man/man3/Imager::Inline.3
+#usr/share/man/man3/Imager::Install.3
+#usr/share/man/man3/Imager::LargeSamples.3
+#usr/share/man/man3/Imager::Matrix2d.3
+#usr/share/man/man3/Imager::Preprocess.3
+#usr/share/man/man3/Imager::Probe.3
+#usr/share/man/man3/Imager::Regops.3
+#usr/share/man/man3/Imager::Security.3
+#usr/share/man/man3/Imager::Test.3
+#usr/share/man/man3/Imager::Threads.3
+#usr/share/man/man3/Imager::Transform.3
+#usr/share/man/man3/Imager::Transformations.3
+#usr/share/man/man3/Imager::Tutorial.3
+#usr/share/man/man3/Imager::interface.3
+#usr/share/man/man3/Imager::regmach.3
diff --git a/config/rootfiles/common/perl-Imager-QRCode b/config/rootfiles/common/perl-Imager-QRCode
new file mode 100644 (file)
index 0000000..0ca11f2
--- /dev/null
+++ b/config/rootfiles/common/perl-Imager-QRCode
@@ -0,0 +1,5 @@
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/Imager/QRCode.pm
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/QRCode
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/QRCode/.packlist
+usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Imager/QRCode/QRCode.so
+#usr/share/man/man3/Imager::QRCode.3
diff --git a/config/rootfiles/common/perl-MIME-Base32 b/config/rootfiles/common/perl-MIME-Base32
new file mode 100644 (file)
index 0000000..31c21ef
--- /dev/null
+++ b/config/rootfiles/common/perl-MIME-Base32
@@ -0,0 +1,4 @@
+usr/lib/perl5/site_perl/5.32.1/MIME/Base32.pm
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/MIME/Base32
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/MIME/Base32/.packlist
+#usr/share/man/man3/MIME::Base32.3
diff --git a/config/rootfiles/common/perl-Module-Build b/config/rootfiles/common/perl-Module-Build
new file mode 100644 (file)
index 0000000..16cecf2
--- /dev/null
+++ b/config/rootfiles/common/perl-Module-Build
@@ -0,0 +1,51 @@
+#usr/bin/config_data
+#usr/lib/perl5/site_perl/5.32.1/Module
+#usr/lib/perl5/site_perl/5.32.1/Module/Build
+#usr/lib/perl5/site_perl/5.32.1/Module/Build.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Build/API.pod
+#usr/lib/perl5/site_perl/5.32.1/Module/Build/Authoring.pod
+#usr/lib/perl5/site_perl/5.32.1/Module/Build/Base.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Build/Bundling.pod
+#usr/lib/perl5/site_perl/5.32.1/Module/Build/Compat.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Build/Config.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Build/ConfigData.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Build/Cookbook.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Build/Dumper.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Build/Notes.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Build/PPMMaker.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Build/Platform
+#usr/lib/perl5/site_perl/5.32.1/Module/Build/Platform/Default.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Build/Platform/MacOS.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Build/Platform/Unix.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Build/Platform/VMS.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Build/Platform/VOS.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Build/Platform/Windows.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Build/Platform/aix.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Build/Platform/cygwin.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Build/Platform/darwin.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Build/Platform/os2.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Build/PodParser.pm
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Module
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Module/Build
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Module/Build/.packlist
+#usr/share/man/man1/config_data.1
+#usr/share/man/man3/Module::Build.3
+#usr/share/man/man3/Module::Build::API.3
+#usr/share/man/man3/Module::Build::Authoring.3
+#usr/share/man/man3/Module::Build::Base.3
+#usr/share/man/man3/Module::Build::Bundling.3
+#usr/share/man/man3/Module::Build::Compat.3
+#usr/share/man/man3/Module::Build::ConfigData.3
+#usr/share/man/man3/Module::Build::Cookbook.3
+#usr/share/man/man3/Module::Build::Notes.3
+#usr/share/man/man3/Module::Build::PPMMaker.3
+#usr/share/man/man3/Module::Build::Platform::Default.3
+#usr/share/man/man3/Module::Build::Platform::MacOS.3
+#usr/share/man/man3/Module::Build::Platform::Unix.3
+#usr/share/man/man3/Module::Build::Platform::VMS.3
+#usr/share/man/man3/Module::Build::Platform::VOS.3
+#usr/share/man/man3/Module::Build::Platform::Windows.3
+#usr/share/man/man3/Module::Build::Platform::aix.3
+#usr/share/man/man3/Module::Build::Platform::cygwin.3
+#usr/share/man/man3/Module::Build::Platform::darwin.3
+#usr/share/man/man3/Module::Build::Platform::os2.3
diff --git a/config/rootfiles/common/perl-Module-Install b/config/rootfiles/common/perl-Module-Install
new file mode 100644 (file)
index 0000000..caabe93
--- /dev/null
+++ b/config/rootfiles/common/perl-Module-Install
@@ -0,0 +1,66 @@
+#usr/lib/perl5/site_perl/5.32.1/Module/AutoInstall.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install
+#usr/lib/perl5/site_perl/5.32.1/Module/Install.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install.pod
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/API.pod
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/Admin
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/Admin.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/Admin/Bundle.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/Admin/Compiler.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/Admin/Find.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/Admin/Include.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/Admin/Makefile.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/Admin/Manifest.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/Admin/Metadata.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/Admin/ScanDeps.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/Admin/WriteAll.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/AutoInstall.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/Base.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/Bundle.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/Can.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/Compiler.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/DSL.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/Deprecated.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/External.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/FAQ.pod
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/Fetch.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/Include.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/Inline.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/MakeMaker.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/Makefile.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/Metadata.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/PAR.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/Philosophy.pod
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/Run.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/Scripts.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/Share.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/Win32.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/With.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/Install/WriteAll.pm
+#usr/lib/perl5/site_perl/5.32.1/inc
+#usr/lib/perl5/site_perl/5.32.1/inc/Module
+#usr/lib/perl5/site_perl/5.32.1/inc/Module/Install
+#usr/lib/perl5/site_perl/5.32.1/inc/Module/Install.pm
+#usr/lib/perl5/site_perl/5.32.1/inc/Module/Install/DSL.pm
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Module/Install
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Module/Install/.packlist
+#usr/share/man/man3/Module::AutoInstall.3
+#usr/share/man/man3/Module::Install.3
+#usr/share/man/man3/Module::Install::API.3
+#usr/share/man/man3/Module::Install::Admin.3
+#usr/share/man/man3/Module::Install::Admin::Include.3
+#usr/share/man/man3/Module::Install::Admin::Manifest.3
+#usr/share/man/man3/Module::Install::Base.3
+#usr/share/man/man3/Module::Install::Bundle.3
+#usr/share/man/man3/Module::Install::Can.3
+#usr/share/man/man3/Module::Install::Compiler.3
+#usr/share/man/man3/Module::Install::Deprecated.3
+#usr/share/man/man3/Module::Install::External.3
+#usr/share/man/man3/Module::Install::FAQ.3
+#usr/share/man/man3/Module::Install::Makefile.3
+#usr/share/man/man3/Module::Install::PAR.3
+#usr/share/man/man3/Module::Install::Philosophy.3
+#usr/share/man/man3/Module::Install::Share.3
+#usr/share/man/man3/Module::Install::With.3
+#usr/share/man/man3/inc::Module::Install.3
+#usr/share/man/man3/inc::Module::Install::DSL.3
diff --git a/config/rootfiles/common/perl-Module-ScanDeps b/config/rootfiles/common/perl-Module-ScanDeps
new file mode 100644 (file)
index 0000000..3886fb3
--- /dev/null
+++ b/config/rootfiles/common/perl-Module-ScanDeps
@@ -0,0 +1,8 @@
+#usr/bin/scandeps.pl
+#usr/lib/perl5/site_perl/5.32.1/Module/ScanDeps
+#usr/lib/perl5/site_perl/5.32.1/Module/ScanDeps.pm
+#usr/lib/perl5/site_perl/5.32.1/Module/ScanDeps/Cache.pm
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Module/ScanDeps
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/Module/ScanDeps/.packlist
+#usr/share/man/man1/scandeps.pl.1
+#usr/share/man/man3/Module::ScanDeps.3
diff --git a/config/rootfiles/common/perl-URI-Encode b/config/rootfiles/common/perl-URI-Encode
new file mode 100644 (file)
index 0000000..2bae6f8
--- /dev/null
+++ b/config/rootfiles/common/perl-URI-Encode
@@ -0,0 +1,4 @@
+usr/lib/perl5/site_perl/5.32.1/URI/Encode.pm
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/URI/Encode
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/URI/Encode/.packlist
+#usr/share/man/man3/URI::Encode.3
diff --git a/config/rootfiles/common/perl-YAML-Tiny b/config/rootfiles/common/perl-YAML-Tiny
new file mode 100644 (file)
index 0000000..7114b12
--- /dev/null
+++ b/config/rootfiles/common/perl-YAML-Tiny
@@ -0,0 +1,6 @@
+#usr/lib/perl5/site_perl/5.32.1/YAML
+usr/lib/perl5/site_perl/5.32.1/YAML/Tiny.pm
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/YAML
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/YAML/Tiny
+#usr/lib/perl5/site_perl/5.32.1/xxxMACHINExxx-linux-thread-multi/auto/YAML/Tiny/.packlist
+#usr/share/man/man3/YAML::Tiny.3
diff --git a/config/rootfiles/common/qrencode b/config/rootfiles/common/qrencode
new file mode 100644 (file)
index 0000000..c0406bd
--- /dev/null
+++ b/config/rootfiles/common/qrencode
@@ -0,0 +1,8 @@
+usr/bin/qrencode
+#usr/include/qrencode.h
+#usr/lib/libqrencode.la
+#usr/lib/libqrencode.so
+usr/lib/libqrencode.so.4
+usr/lib/libqrencode.so.4.1.1
+#usr/lib/pkgconfig/libqrencode.pc
+#usr/share/man/man1/qrencode.1
diff --git a/config/rootfiles/common/tzdata b/config/rootfiles/common/tzdata
index 7531cfb6479bbd2ae6060cf1ffb94883ff12a745..f6903a057c215a7fe516c488758f9954ffddf078 100644 (file)
--- a/config/rootfiles/common/tzdata
+++ b/config/rootfiles/common/tzdata
@@ -563,6 +563,7 @@ usr/share/zoneinfo
 #usr/share/zoneinfo/Pacific/Guam
 #usr/share/zoneinfo/Pacific/Honolulu
 #usr/share/zoneinfo/Pacific/Johnston
+#usr/share/zoneinfo/Pacific/Kanton
 #usr/share/zoneinfo/Pacific/Kiritimati
 #usr/share/zoneinfo/Pacific/Kosrae
 #usr/share/zoneinfo/Pacific/Kwajalein
@@ -1179,6 +1180,7 @@ usr/share/zoneinfo
 #usr/share/zoneinfo/posix/Pacific/Guam
 #usr/share/zoneinfo/posix/Pacific/Honolulu
 #usr/share/zoneinfo/posix/Pacific/Johnston
+#usr/share/zoneinfo/posix/Pacific/Kanton
 #usr/share/zoneinfo/posix/Pacific/Kiritimati
 #usr/share/zoneinfo/posix/Pacific/Kosrae
 #usr/share/zoneinfo/posix/Pacific/Kwajalein
@@ -1795,6 +1797,7 @@ usr/share/zoneinfo
 #usr/share/zoneinfo/right/Pacific/Guam
 #usr/share/zoneinfo/right/Pacific/Honolulu
 #usr/share/zoneinfo/right/Pacific/Johnston
+#usr/share/zoneinfo/right/Pacific/Kanton
 #usr/share/zoneinfo/right/Pacific/Kiritimati
 #usr/share/zoneinfo/right/Pacific/Kosrae
 #usr/share/zoneinfo/right/Pacific/Kwajalein
diff --git a/config/rootfiles/common/web-user-interface b/config/rootfiles/common/web-user-interface
index a5973f9e49a335e0678cd24b286d4935aceb870a..3c47dcdba3fe3578e0329a5913ef805643ac5c17 100644 (file)
--- a/config/rootfiles/common/web-user-interface
+++ b/config/rootfiles/common/web-user-interface
@@ -236,6 +236,8 @@ srv/web/ipfire/html/images/printer-error.png
 srv/web/ipfire/html/images/printer.png
 srv/web/ipfire/html/images/process-stop.png
 srv/web/ipfire/html/images/process-working.png
+srv/web/ipfire/html/images/qr-code.png
+srv/web/ipfire/html/images/qr-code.svg
 srv/web/ipfire/html/images/reload.gif
 srv/web/ipfire/html/images/start-here.png
 srv/web/ipfire/html/images/stock_down-16.png
diff --git a/config/rootfiles/common/x86_64/boost b/config/rootfiles/common/x86_64/boost
index 357dc2d1d23e636ea50842b06b0858c034ca2be5..fe77e6f8c0a2eb37f5fe32f1b590cfeb04ac54d5 100644 (file)
--- a/config/rootfiles/common/x86_64/boost
+++ b/config/rootfiles/common/x86_64/boost
@@ -16096,8 +16096,8 @@
 #usr/lib/cmake/boost_python-1.76.0
 #usr/lib/cmake/boost_python-1.76.0/boost_python-config-version.cmake
 #usr/lib/cmake/boost_python-1.76.0/boost_python-config.cmake
-#usr/lib/cmake/boost_python-1.76.0/libboost_python-variant-mt-x64-shared-py3.8.cmake
-#usr/lib/cmake/boost_python-1.76.0/libboost_python-variant-x64-shared-py3.8.cmake
+#usr/lib/cmake/boost_python-1.76.0/libboost_python-variant-mt-x64-shared-py3.10.cmake
+#usr/lib/cmake/boost_python-1.76.0/libboost_python-variant-x64-shared-py3.10.cmake
 #usr/lib/cmake/boost_random-1.76.0
 #usr/lib/cmake/boost_random-1.76.0/boost_random-config-version.cmake
 #usr/lib/cmake/boost_random-1.76.0/boost_random-config.cmake
@@ -16250,10 +16250,10 @@ usr/lib/libboost_nowide-x64.so.1.76.0
 usr/lib/libboost_prg_exec_monitor-mt-x64.so.1.76.0
 #usr/lib/libboost_prg_exec_monitor-x64.so
 usr/lib/libboost_prg_exec_monitor-x64.so.1.76.0
-#usr/lib/libboost_python38-mt-x64.so
-usr/lib/libboost_python38-mt-x64.so.1.76.0
-#usr/lib/libboost_python38-x64.so
-usr/lib/libboost_python38-x64.so.1.76.0
+#usr/lib/libboost_python310-mt-x64.so
+usr/lib/libboost_python310-mt-x64.so.1.76.0
+#usr/lib/libboost_python310-x64.so
+usr/lib/libboost_python310-x64.so.1.76.0
 #usr/lib/libboost_random-mt-x64.so
 usr/lib/libboost_random-mt-x64.so.1.76.0
 #usr/lib/libboost_random-x64.so
diff --git a/config/rootfiles/common/x86_64/linux b/config/rootfiles/common/x86_64/linux
index a578435d38e3f5edc569053219c7a79670e391ef..24ee525bf283d2f4458cb4b408d479e3d90be667 100644 (file)
--- a/config/rootfiles/common/x86_64/linux
+++ b/config/rootfiles/common/x86_64/linux
@@ -6780,12 +6780,14 @@ etc/modprobe.d/ipv6.conf
 #lib/modules/KVER-ipfire/build/include/config/CC_CAN_LINK_STATIC
 #lib/modules/KVER-ipfire/build/include/config/CC_HAS_ASM_GOTO
 #lib/modules/KVER-ipfire/build/include/config/CC_HAS_ASM_GOTO_OUTPUT
+#lib/modules/KVER-ipfire/build/include/config/CC_HAS_ASM_GOTO_TIED_OUTPUT
 #lib/modules/KVER-ipfire/build/include/config/CC_HAS_ASM_INLINE
 #lib/modules/KVER-ipfire/build/include/config/CC_HAS_INT128
 #lib/modules/KVER-ipfire/build/include/config/CC_HAS_KASAN_GENERIC
 #lib/modules/KVER-ipfire/build/include/config/CC_HAS_NO_PROFILE_FN_ATTR
 #lib/modules/KVER-ipfire/build/include/config/CC_HAS_SANCOV_TRACE_PC
 #lib/modules/KVER-ipfire/build/include/config/CC_HAS_SANE_STACKPROTECTOR
+#lib/modules/KVER-ipfire/build/include/config/CC_HAS_SLS
 #lib/modules/KVER-ipfire/build/include/config/CC_HAS_WORKING_NOSANITIZE_ADDRESS
 #lib/modules/KVER-ipfire/build/include/config/CC_HAS_ZERO_CALL_USED_REGS
 #lib/modules/KVER-ipfire/build/include/config/CC_IS_GCC
@@ -6999,7 +7001,6 @@ etc/modprobe.d/ipv6.conf
 #lib/modules/KVER-ipfire/build/include/config/CRYPTO_KPP2
 #lib/modules/KVER-ipfire/build/include/config/CRYPTO_LIB_AES
 #lib/modules/KVER-ipfire/build/include/config/CRYPTO_LIB_ARC4
-#lib/modules/KVER-ipfire/build/include/config/CRYPTO_LIB_BLAKE2S
 #lib/modules/KVER-ipfire/build/include/config/CRYPTO_LIB_BLAKE2S_GENERIC
 #lib/modules/KVER-ipfire/build/include/config/CRYPTO_LIB_CHACHA
 #lib/modules/KVER-ipfire/build/include/config/CRYPTO_LIB_CHACHA20POLY1305
@@ -9871,6 +9872,7 @@ etc/modprobe.d/ipv6.conf
 #lib/modules/KVER-ipfire/build/include/config/SECURITY_DMESG_RESTRICT
 #lib/modules/KVER-ipfire/build/include/config/SECURITY_LOCKDOWN_LSM
 #lib/modules/KVER-ipfire/build/include/config/SECURITY_LOCKDOWN_LSM_EARLY
+#lib/modules/KVER-ipfire/build/include/config/SECURITY_YAMA
 #lib/modules/KVER-ipfire/build/include/config/SELECT_MEMORY_MODEL
 #lib/modules/KVER-ipfire/build/include/config/SENSORS_ABITUGURU
 #lib/modules/KVER-ipfire/build/include/config/SENSORS_ABITUGURU3
@@ -10130,6 +10132,7 @@ etc/modprobe.d/ipv6.conf
 #lib/modules/KVER-ipfire/build/include/config/SLAB_MERGE_DEFAULT
 #lib/modules/KVER-ipfire/build/include/config/SLHC
 #lib/modules/KVER-ipfire/build/include/config/SLICOSS
+#lib/modules/KVER-ipfire/build/include/config/SLS
 #lib/modules/KVER-ipfire/build/include/config/SLUB
 #lib/modules/KVER-ipfire/build/include/config/SLUB_CPU_PARTIAL
 #lib/modules/KVER-ipfire/build/include/config/SMBFS_COMMON
@@ -15730,7 +15733,6 @@ etc/modprobe.d/ipv6.conf
 #lib/modules/KVER-ipfire/build/include/trace/events/qdisc.h
 #lib/modules/KVER-ipfire/build/include/trace/events/qla.h
 #lib/modules/KVER-ipfire/build/include/trace/events/qrtr.h
-#lib/modules/KVER-ipfire/build/include/trace/events/random.h
 #lib/modules/KVER-ipfire/build/include/trace/events/rcu.h
 #lib/modules/KVER-ipfire/build/include/trace/events/rdma.h
 #lib/modules/KVER-ipfire/build/include/trace/events/rdma_core.h
@@ -21621,8 +21623,6 @@ lib/modules/KVER-ipfire/kernel
 #lib/modules/KVER-ipfire/kernel/lib/crc8.ko.xz
 #lib/modules/KVER-ipfire/kernel/lib/crypto
 #lib/modules/KVER-ipfire/kernel/lib/crypto/libarc4.ko.xz
-#lib/modules/KVER-ipfire/kernel/lib/crypto/libblake2s-generic.ko.xz
-#lib/modules/KVER-ipfire/kernel/lib/crypto/libblake2s.ko.xz
 #lib/modules/KVER-ipfire/kernel/lib/crypto/libchacha.ko.xz
 #lib/modules/KVER-ipfire/kernel/lib/crypto/libchacha20poly1305.ko.xz
 #lib/modules/KVER-ipfire/kernel/lib/crypto/libcurve25519-generic.ko.xz
diff --git a/config/rootfiles/common/xfsprogs b/config/rootfiles/common/xfsprogs
index fab8b67cb4d28e4d581df2ed5fdc6986638a594e..eb2f9982eceeeb08cf9b9d51c8e93541901d702a 100644 (file)
--- a/config/rootfiles/common/xfsprogs
+++ b/config/rootfiles/common/xfsprogs
@@ -105,7 +105,7 @@ usr/sbin/xfs_spaceman
 #usr/share/man/man8/xfs_spaceman.8
 #usr/share/xfsprogs
 #usr/share/xfsprogs/mkfs
-#usr/share/xfsprogs/mkfs/dax_xxxMACHINExxx.conf
+#usr/share/xfsprogs/mkfs/dax_x86_64.conf
 #usr/share/xfsprogs/mkfs/lts_4.19.conf
 #usr/share/xfsprogs/mkfs/lts_5.10.conf
 #usr/share/xfsprogs/mkfs/lts_5.15.conf
diff --git a/config/rootfiles/core/169/filelists/aarch64/binutils b/config/rootfiles/core/169/filelists/aarch64/binutils
new file mode 120000 (symlink)
index 0000000..6da9d39
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/aarch64/binutils
@@ -0,0 +1 @@
+../../../../common/aarch64/binutils
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/aarch64/glibc b/config/rootfiles/core/169/filelists/aarch64/glibc
new file mode 120000 (symlink)
index 0000000..d13849f
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/aarch64/glibc
@@ -0,0 +1 @@
+../../../../common/aarch64/glibc
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/aarch64/linux b/config/rootfiles/core/169/filelists/aarch64/linux
new file mode 120000 (symlink)
index 0000000..3a2532b
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/aarch64/linux
@@ -0,0 +1 @@
+../../../../common/aarch64/linux
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/aarch64/u-boot b/config/rootfiles/core/169/filelists/aarch64/u-boot
new file mode 120000 (symlink)
index 0000000..2a16bdb
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/aarch64/u-boot
@@ -0,0 +1 @@
+../../../../common/aarch64/u-boot
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/apache2 b/config/rootfiles/core/169/filelists/apache2
new file mode 120000 (symlink)
index 0000000..eef95ef
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/apache2
@@ -0,0 +1 @@
+../../../common/apache2
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/armv6l/binutils b/config/rootfiles/core/169/filelists/armv6l/binutils
new file mode 120000 (symlink)
index 0000000..e4a1472
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/armv6l/binutils
@@ -0,0 +1 @@
+../../../../common/armv6l/binutils
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/armv6l/glibc b/config/rootfiles/core/169/filelists/armv6l/glibc
new file mode 120000 (symlink)
index 0000000..262a394
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/armv6l/glibc
@@ -0,0 +1 @@
+../../../../common/armv6l/glibc
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/armv6l/linux b/config/rootfiles/core/169/filelists/armv6l/linux
new file mode 120000 (symlink)
index 0000000..aee1f4d
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/armv6l/linux
@@ -0,0 +1 @@
+../../../../common/armv6l/linux
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/armv6l/u-boot b/config/rootfiles/core/169/filelists/armv6l/u-boot
new file mode 120000 (symlink)
index 0000000..e88d95f
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/armv6l/u-boot
@@ -0,0 +1 @@
+../../../../common/armv6l/u-boot
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/bind b/config/rootfiles/core/169/filelists/bind
new file mode 120000 (symlink)
index 0000000..48a0eba
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/bind
@@ -0,0 +1 @@
+../../../common/bind
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/files b/config/rootfiles/core/169/filelists/files
index 38ff2e47135f6a1524584cdb66bb62eafc9642c7..44a68f28e941090642bd155a094620e655611666 100644 (file)
--- a/config/rootfiles/core/169/filelists/files
+++ b/config/rootfiles/core/169/filelists/files
@@ -1,8 +1,221 @@
-etc/rc.d/helper/oci-setup
-etc/rc.d/helper/azure-setup
+etc/httpd/conf/vhosts.d/ipfire-interface.conf
+etc/httpd/conf/vhosts.d/ipfire-interface-ssl.conf
+etc/ntp.conf
 etc/rc.d/helper/aws-setup
+etc/rc.d/helper/azure-setup
 etc/rc.d/helper/exoscale-setup
 etc/rc.d/helper/gcp-setup
+etc/rc.d/helper/oci-setup
+etc/rc.d/init.d/localnet
+etc/rc.d/init.d/ntp
+etc/sysctl.conf
+lib/firmware/amdgpu/aldebaran_mec2.bin
+lib/firmware/amdgpu/aldebaran_mec.bin
+lib/firmware/amdgpu/aldebaran_rlc.bin
+lib/firmware/amdgpu/aldebaran_smc.bin
+lib/firmware/amdgpu/aldebaran_sos.bin
+lib/firmware/amdgpu/aldebaran_ta.bin
+lib/firmware/amdgpu/beige_goby_ce.bin
+lib/firmware/amdgpu/beige_goby_dmcub.bin
+lib/firmware/amdgpu/beige_goby_me.bin
+lib/firmware/amdgpu/beige_goby_mec2.bin
+lib/firmware/amdgpu/beige_goby_mec.bin
+lib/firmware/amdgpu/beige_goby_pfp.bin
+lib/firmware/amdgpu/beige_goby_smc.bin
+lib/firmware/amdgpu/beige_goby_ta.bin
+lib/firmware/amdgpu/beige_goby_vcn.bin
+lib/firmware/amdgpu/dcn_3_1_6_dmcub.bin
+lib/firmware/amdgpu/dimgrey_cavefish_ce.bin
+lib/firmware/amdgpu/dimgrey_cavefish_dmcub.bin
+lib/firmware/amdgpu/dimgrey_cavefish_me.bin
+lib/firmware/amdgpu/dimgrey_cavefish_mec2.bin
+lib/firmware/amdgpu/dimgrey_cavefish_mec.bin
+lib/firmware/amdgpu/dimgrey_cavefish_pfp.bin
+lib/firmware/amdgpu/dimgrey_cavefish_smc.bin
+lib/firmware/amdgpu/dimgrey_cavefish_sos.bin
+lib/firmware/amdgpu/dimgrey_cavefish_ta.bin
+lib/firmware/amdgpu/dimgrey_cavefish_vcn.bin
+lib/firmware/amdgpu/gc_10_3_7_rlc.bin
+lib/firmware/amdgpu/green_sardine_asd.bin
+lib/firmware/amdgpu/green_sardine_dmcub.bin
+lib/firmware/amdgpu/green_sardine_ta.bin
+lib/firmware/amdgpu/navi10_asd.bin
+lib/firmware/amdgpu/navi10_ce.bin
+lib/firmware/amdgpu/navi10_me.bin
+lib/firmware/amdgpu/navi10_mec2.bin
+lib/firmware/amdgpu/navi10_mec.bin
+lib/firmware/amdgpu/navi10_pfp.bin
+lib/firmware/amdgpu/navi10_sos.bin
+lib/firmware/amdgpu/navi10_ta.bin
+lib/firmware/amdgpu/navi12_asd.bin
+lib/firmware/amdgpu/navi12_ce.bin
+lib/firmware/amdgpu/navi12_me.bin
+lib/firmware/amdgpu/navi12_mec2.bin
+lib/firmware/amdgpu/navi12_mec.bin
+lib/firmware/amdgpu/navi12_pfp.bin
+lib/firmware/amdgpu/navi12_rlc.bin
+lib/firmware/amdgpu/navi12_sos.bin
+lib/firmware/amdgpu/navi12_ta.bin
+lib/firmware/amdgpu/navi14_asd.bin
+lib/firmware/amdgpu/navi14_ce.bin
+lib/firmware/amdgpu/navi14_me.bin
+lib/firmware/amdgpu/navi14_mec2.bin
+lib/firmware/amdgpu/navi14_mec.bin
+lib/firmware/amdgpu/navi14_pfp.bin
+lib/firmware/amdgpu/navi14_sos.bin
+lib/firmware/amdgpu/navi14_ta.bin
+lib/firmware/amdgpu/navy_flounder_ce.bin
+lib/firmware/amdgpu/navy_flounder_dmcub.bin
+lib/firmware/amdgpu/navy_flounder_me.bin
+lib/firmware/amdgpu/navy_flounder_mec2.bin
+lib/firmware/amdgpu/navy_flounder_mec.bin
+lib/firmware/amdgpu/navy_flounder_pfp.bin
+lib/firmware/amdgpu/navy_flounder_rlc.bin
+lib/firmware/amdgpu/navy_flounder_sdma.bin
+lib/firmware/amdgpu/navy_flounder_ta.bin
+lib/firmware/amdgpu/navy_flounder_vcn.bin
+lib/firmware/amdgpu/picasso_asd.bin
+lib/firmware/amdgpu/picasso_ta.bin
+lib/firmware/amdgpu/psp_13_0_8_asd.bin
+lib/firmware/amdgpu/psp_13_0_8_ta.bin
+lib/firmware/amdgpu/raven2_asd.bin
+lib/firmware/amdgpu/raven2_ta.bin
+lib/firmware/amdgpu/raven_asd.bin
+lib/firmware/amdgpu/raven_ta.bin
+lib/firmware/amdgpu/renoir_asd.bin
+lib/firmware/amdgpu/renoir_dmcub.bin
+lib/firmware/amdgpu/renoir_ta.bin
+lib/firmware/amdgpu/sienna_cichlid_ce.bin
+lib/firmware/amdgpu/sienna_cichlid_dmcub.bin
+lib/firmware/amdgpu/sienna_cichlid_me.bin
+lib/firmware/amdgpu/sienna_cichlid_mec2.bin
+lib/firmware/amdgpu/sienna_cichlid_mec.bin
+lib/firmware/amdgpu/sienna_cichlid_pfp.bin
+lib/firmware/amdgpu/sienna_cichlid_sos.bin
+lib/firmware/amdgpu/sienna_cichlid_ta.bin
+lib/firmware/amdgpu/sienna_cichlid_vcn.bin
+lib/firmware/amdgpu/vangogh_asd.bin
+lib/firmware/amdgpu/vangogh_ce.bin
+lib/firmware/amdgpu/vangogh_me.bin
+lib/firmware/amdgpu/vangogh_mec2.bin
+lib/firmware/amdgpu/vangogh_mec.bin
+lib/firmware/amdgpu/vangogh_pfp.bin
+lib/firmware/amdgpu/vangogh_rlc.bin
+lib/firmware/amdgpu/vega10_asd.bin
+lib/firmware/amdgpu/vega12_asd.bin
+lib/firmware/amdgpu/vega20_asd.bin
+lib/firmware/amdgpu/yellow_carp_asd.bin
+lib/firmware/amdgpu/yellow_carp_ce.bin
+lib/firmware/amdgpu/yellow_carp_dmcub.bin
+lib/firmware/amdgpu/yellow_carp_me.bin
+lib/firmware/amdgpu/yellow_carp_mec2.bin
+lib/firmware/amdgpu/yellow_carp_mec.bin
+lib/firmware/amdgpu/yellow_carp_pfp.bin
+lib/firmware/amdgpu/yellow_carp_ta.bin
+lib/firmware/ath10k/QCA4019/hw1.0/board-2.bin
+lib/firmware/ath10k/QCA9888/hw2.0/board-2.bin
+lib/firmware/ath10k/QCA9888/hw2.0/firmware-5.bin
+lib/firmware/ath10k/QCA9984/hw1.0/firmware-5.bin
+lib/firmware/ath10k/QCA99X0/hw2.0/board-2.bin
+lib/firmware/ath10k/WCN3990/hw1.0/board-2.bin
+lib/firmware/ath11k/QCN9074/hw1.0/amss.bin
+lib/firmware/ath11k/QCN9074/hw1.0/board-2.bin
+lib/firmware/ath11k/QCN9074/hw1.0/m3.bin
+lib/firmware/ath11k/WCN6750/hw1.0/board-2.bin
+lib/firmware/ath11k/WCN6750/hw1.0/wpss.b00
+lib/firmware/ath11k/WCN6750/hw1.0/wpss.b01
+lib/firmware/ath11k/WCN6750/hw1.0/wpss.b02
+lib/firmware/ath11k/WCN6750/hw1.0/wpss.b03
+lib/firmware/ath11k/WCN6750/hw1.0/wpss.b04
+lib/firmware/ath11k/WCN6750/hw1.0/wpss.b05
+lib/firmware/ath11k/WCN6750/hw1.0/wpss.b06
+lib/firmware/ath11k/WCN6750/hw1.0/wpss.b07
+lib/firmware/ath11k/WCN6750/hw1.0/wpss.b08
+lib/firmware/ath11k/WCN6750/hw1.0/wpss.mdt
+lib/firmware/ath11k/WCN6855/hw2.0/amss.bin
+lib/firmware/atmel/wilc1000_wifi_firmware-1.bin
+lib/firmware/brcm/brcmfmac43430-sdio.beagle,beaglev-starlight-jh7100-a1.txt
+lib/firmware/brcm/brcmfmac43430-sdio.beagle,beaglev-starlight-jh7100-r0.txt
+lib/firmware/brcm/brcmfmac43430-sdio.starfive,visionfive-v1.txt
+lib/firmware/brcm/brcmfmac43455-sdio.pine64,quartz64-b.txt
+lib/firmware/i915/adlp_guc_70.1.1.bin
+lib/firmware/i915/bxt_guc_70.1.1.bin
+lib/firmware/i915/cml_guc_70.1.1.bin
+lib/firmware/i915/dg1_guc_70.1.1.bin
+lib/firmware/i915/dg2_dmc_ver2_06.bin
+lib/firmware/i915/dg2_guc_70.1.2.bin
+lib/firmware/i915/ehl_guc_70.1.1.bin
+lib/firmware/i915/glk_guc_70.1.1.bin
+lib/firmware/i915/icl_guc_70.1.1.bin
+lib/firmware/i915/kbl_guc_70.1.1.bin
+lib/firmware/i915/skl_guc_70.1.1.bin
+lib/firmware/i915/tgl_guc_70.1.1.bin
+lib/firmware/intel/ibt-0040-0041.sfi
+lib/firmware/intel/ibt-0040-1020.sfi
+lib/firmware/intel/ibt-0040-2120.sfi
+lib/firmware/intel/ibt-0040-4150.sfi
+lib/firmware/intel/ibt-0041-0041.sfi
+lib/firmware/intel/ibt-1040-0041.sfi
+lib/firmware/intel/ibt-1040-1020.sfi
+lib/firmware/intel/ibt-1040-2120.sfi
+lib/firmware/intel/ibt-1040-4150.sfi
+lib/firmware/intel/ibt-19-0-0.sfi
+lib/firmware/intel/ibt-19-0-1.sfi
+lib/firmware/intel/ibt-19-0-4.sfi
+lib/firmware/intel/ibt-19-16-4.sfi
+lib/firmware/intel/ibt-19-240-1.sfi
+lib/firmware/intel/ibt-19-240-4.sfi
+lib/firmware/intel/ibt-19-32-0.sfi
+lib/firmware/intel/ibt-19-32-1.sfi
+lib/firmware/intel/ibt-19-32-4.sfi
+lib/firmware/intel/ibt-20-0-3.sfi
+lib/firmware/intel/ibt-20-1-3.sfi
+lib/firmware/intel/ibt-20-1-4.sfi
+lib/firmware/intel/ice/ddp/ice-1.3.28.0.pkg
+lib/firmware/iwlwifi-9000-pu-b0-jf-b0-46.ucode
+lib/firmware/iwlwifi-9260-th-b0-jf-b0-46.ucode
+lib/firmware/iwlwifi-cc-a0-73.ucode
+lib/firmware/iwlwifi-Qu-b0-hr-b0-73.ucode
+lib/firmware/iwlwifi-Qu-b0-jf-b0-73.ucode
+lib/firmware/iwlwifi-Qu-c0-hr-b0-73.ucode
+lib/firmware/iwlwifi-Qu-c0-jf-b0-73.ucode
+lib/firmware/iwlwifi-QuZ-a0-hr-b0-73.ucode
+lib/firmware/iwlwifi-QuZ-a0-jf-b0-73.ucode
+lib/firmware/iwlwifi-so-a0-gf4-a0-73.ucode
+lib/firmware/iwlwifi-so-a0-gf4-a0.pnvm
+lib/firmware/iwlwifi-so-a0-gf-a0-73.ucode
+lib/firmware/iwlwifi-so-a0-gf-a0.pnvm
+lib/firmware/iwlwifi-so-a0-hr-b0-73.ucode
+lib/firmware/iwlwifi-so-a0-jf-b0-73.ucode
+lib/firmware/iwlwifi-ty-a0-gf-a0-73.ucode
+lib/firmware/iwlwifi-ty-a0-gf-a0.pnvm
+lib/firmware/mediatek/BT_RAM_CODE_MT7922_1_1_hdr.bin
+lib/firmware/mediatek/mt8183/scp.img
+lib/firmware/mediatek/mt8192/scp.img
+lib/firmware/mediatek/mt8195/scp.img
+lib/firmware/mediatek/WIFI_MT7922_patch_mcu_1_1_hdr.bin
+lib/firmware/mediatek/WIFI_RAM_CODE_MT7922_1.bin
+lib/firmware/qcom/a330_pfp.fw
+lib/firmware/qcom/a330_pm4.fw
+lib/firmware/qcom/a420_pfp.fw
+lib/firmware/qcom/a420_pm4.fw
+lib/firmware/qcom/apq8096/adsp.mbn
+lib/firmware/qcom/apq8096/adspr.jsn
+lib/firmware/qcom/apq8096/adspua.jsn
+lib/firmware/qcom/apq8096/mba.mbn
+lib/firmware/qcom/apq8096/modem.mbn
+lib/firmware/qcom/apq8096/modemr.jsn
+lib/firmware/qcom/leia_pfp_470.fw
+lib/firmware/qcom/leia_pm4_470.fw
+lib/firmware/rtl_bt/rtl8852au_fw.bin
+lib/firmware/rtl_bt/rtl8852cu_config.bin
+lib/firmware/rtl_bt/rtl8852cu_fw.bin
+lib/firmware/rtw89/rtw8852c_fw.bin
+opt/pakfire/etc/pakfire.conf
+srv/web/ipfire/cgi-bin/ovpnmain.cgi
+srv/web/ipfire/html/images/qr-code.png
+srv/web/ipfire/html/images/qr-code.svg
 srv/web/ipfire/html/themes/ipfire/include/functions.pl
+usr/sbin/setup
 var/ipfire/header.pl
 var/ipfire/main/manualpages
diff --git a/config/rootfiles/core/169/filelists/keyutils b/config/rootfiles/core/169/filelists/keyutils
new file mode 120000 (symlink)
index 0000000..4311917
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/keyutils
@@ -0,0 +1 @@
+../../../common/keyutils
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/krb5 b/config/rootfiles/core/169/filelists/krb5
new file mode 120000 (symlink)
index 0000000..082c3cb
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/krb5
@@ -0,0 +1 @@
+../../../common/krb5
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/libtiff b/config/rootfiles/core/169/filelists/libtiff
new file mode 120000 (symlink)
index 0000000..dd89e3c
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/libtiff
@@ -0,0 +1 @@
+../../../common/libtiff
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/lmdb b/config/rootfiles/core/169/filelists/lmdb
new file mode 120000 (symlink)
index 0000000..c25767d
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/lmdb
@@ -0,0 +1 @@
+../../../common/lmdb
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/misc-progs b/config/rootfiles/core/169/filelists/misc-progs
new file mode 120000 (symlink)
index 0000000..7223cad
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/misc-progs
@@ -0,0 +1 @@
+../../../common/misc-progs
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/oath-toolkit b/config/rootfiles/core/169/filelists/oath-toolkit
new file mode 120000 (symlink)
index 0000000..589cc0d
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/oath-toolkit
@@ -0,0 +1 @@
+../../../common/oath-toolkit
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/perl-File-Remove b/config/rootfiles/core/169/filelists/perl-File-Remove
new file mode 120000 (symlink)
index 0000000..1fe57c8
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/perl-File-Remove
@@ -0,0 +1 @@
+../../../common/perl-File-Remove
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/perl-Imager b/config/rootfiles/core/169/filelists/perl-Imager
new file mode 120000 (symlink)
index 0000000..380cf51
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/perl-Imager
@@ -0,0 +1 @@
+../../../common/perl-Imager
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/perl-Imager-QRCode b/config/rootfiles/core/169/filelists/perl-Imager-QRCode
new file mode 120000 (symlink)
index 0000000..f7c97c7
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/perl-Imager-QRCode
@@ -0,0 +1 @@
+../../../common/perl-Imager-QRCode
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/perl-MIME-Base32 b/config/rootfiles/core/169/filelists/perl-MIME-Base32
new file mode 120000 (symlink)
index 0000000..66dfd7b
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/perl-MIME-Base32
@@ -0,0 +1 @@
+../../../common/perl-MIME-Base32
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/perl-Module-Build b/config/rootfiles/core/169/filelists/perl-Module-Build
new file mode 120000 (symlink)
index 0000000..9885efd
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/perl-Module-Build
@@ -0,0 +1 @@
+../../../common/perl-Module-Build
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/perl-Module-Install b/config/rootfiles/core/169/filelists/perl-Module-Install
new file mode 120000 (symlink)
index 0000000..4eac44f
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/perl-Module-Install
@@ -0,0 +1 @@
+../../../common/perl-Module-Install
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/perl-Module-ScanDeps b/config/rootfiles/core/169/filelists/perl-Module-ScanDeps
new file mode 120000 (symlink)
index 0000000..8aa94dd
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/perl-Module-ScanDeps
@@ -0,0 +1 @@
+../../../common/perl-Module-ScanDeps
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/perl-URI-Encode b/config/rootfiles/core/169/filelists/perl-URI-Encode
new file mode 120000 (symlink)
index 0000000..08ee7c4
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/perl-URI-Encode
@@ -0,0 +1 @@
+../../../common/perl-URI-Encode
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/perl-YAML-Tiny b/config/rootfiles/core/169/filelists/perl-YAML-Tiny
new file mode 120000 (symlink)
index 0000000..9b00d0b
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/perl-YAML-Tiny
@@ -0,0 +1 @@
+../../../common/perl-YAML-Tiny
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/poppler b/config/rootfiles/core/169/filelists/poppler
new file mode 120000 (symlink)
index 0000000..39aa6c2
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/poppler
@@ -0,0 +1 @@
+../../../common/poppler
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/qrencode b/config/rootfiles/core/169/filelists/qrencode
new file mode 120000 (symlink)
index 0000000..d6aa23d
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/qrencode
@@ -0,0 +1 @@
+../../../common/qrencode
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/squid b/config/rootfiles/core/169/filelists/squid
new file mode 120000 (symlink)
index 0000000..2dc8372
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/squid
@@ -0,0 +1 @@
+../../../common/squid
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/tzdata b/config/rootfiles/core/169/filelists/tzdata
new file mode 120000 (symlink)
index 0000000..5a6e325
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/tzdata
@@ -0,0 +1 @@
+../../../common/tzdata
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/x86_64/binutils b/config/rootfiles/core/169/filelists/x86_64/binutils
new file mode 120000 (symlink)
index 0000000..7d0fda5
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/x86_64/binutils
@@ -0,0 +1 @@
+../../../../common/x86_64/binutils
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/x86_64/glibc b/config/rootfiles/core/169/filelists/x86_64/glibc
new file mode 120000 (symlink)
index 0000000..1119099
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/x86_64/glibc
@@ -0,0 +1 @@
+../../../../common/x86_64/glibc
\ No newline at end of file
diff --git a/config/rootfiles/core/169/filelists/x86_64/linux b/config/rootfiles/core/169/filelists/x86_64/linux
new file mode 120000 (symlink)
index 0000000..0615b5b
--- /dev/null
+++ b/config/rootfiles/core/169/filelists/x86_64/linux
@@ -0,0 +1 @@
+../../../../common/x86_64/linux
\ No newline at end of file
diff --git a/config/rootfiles/core/169/update.sh b/config/rootfiles/core/169/update.sh
index e34f24f7a5993ffc4638eb590df737190ae1beb2..a27f20a304f3cf6401d49b983ee06f1e60906095 100644 (file)
--- a/config/rootfiles/core/169/update.sh
+++ b/config/rootfiles/core/169/update.sh
@@ -26,6 +26,18 @@
 
 core=169
 
+exit_with_error() {
+    # Set last succesfull installed core.
+    echo $(($core-1)) > /opt/pakfire/db/core/mine
+    # force fsck at next boot, this may fix free space on xfs
+    touch /forcefsck
+    # don't start pakfire again at error
+    killall -KILL pak_update
+    /usr/bin/logger -p syslog.emerg -t ipfire \
+       "core-update-${core}: $1"
+    exit $2
+}
+
 # Remove old core updates from pakfire cache to save space...
 for (( i=1; i<=$core; i++ )); do
        rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire
@@ -33,9 +45,82 @@ done
 
 # Stop services
 /etc/init.d/unbound stop
+/etc/init.d/squid stop
+/etc/init.d/apache stop
+
+KVER="xxxKVERxxx"
+
+# Backup uEnv.txt if exist
+if [ -e /boot/uEnv.txt ]; then
+    cp -vf /boot/uEnv.txt /boot/uEnv.txt.org
+fi
+
+# Do some sanity checks prior to the kernel update
+case $(uname -r) in
+    *-ipfire*)
+       # Ok.
+       ;;
+    *)
+       exit_with_error "ERROR cannot update. No IPFire Kernel." 1
+       ;;
+esac
+
+# Check diskspace on root
+ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1`
+
+if [ $ROOTSPACE -lt 100000 ]; then
+    exit_with_error "ERROR cannot update because not enough free space on root." 2
+    exit 2
+fi
+
+# Remove the old kernel
+rm -rvf \
+       /boot/System.map-* \
+       /boot/config-* \
+       /boot/ipfirerd-* \
+       /boot/initramfs-* \
+       /boot/vmlinuz-* \
+       /boot/uImage-* \
+       /boot/zImage-* \
+       /boot/uInit-* \
+       /boot/dtb-* \
+       /lib/modules
 
 # Remove files
 rm -rvf \
+       /lib/firmware/ath10k/QCA99X0/hw2.0/board.bin \
+       /lib/firmware/intel/ice/ddp/ice-1.3.26.0.pkg \
+       /lib/firmware/iwlwifi-3160-10.ucode \
+       /lib/firmware/iwlwifi-3160-12.ucode \
+       /lib/firmware/iwlwifi-3160-13.ucode \
+       /lib/firmware/iwlwifi-3160-16.ucode \
+       /lib/firmware/iwlwifi-3160-7.ucode \
+       /lib/firmware/iwlwifi-3160-8.ucode \
+       /lib/firmware/iwlwifi-3160-9.ucode \
+       /lib/firmware/iwlwifi-3168-21.ucode \
+       /lib/firmware/iwlwifi-7260-10.ucode \
+       /lib/firmware/iwlwifi-7260-12.ucode \
+       /lib/firmware/iwlwifi-7260-13.ucode \
+       /lib/firmware/iwlwifi-7260-16.ucode \
+       /lib/firmware/iwlwifi-7260-7.ucode \
+       /lib/firmware/iwlwifi-7260-8.ucode \
+       /lib/firmware/iwlwifi-7260-9.ucode \
+       /lib/firmware/iwlwifi-7265-10.ucode \
+       /lib/firmware/iwlwifi-7265-12.ucode \
+       /lib/firmware/iwlwifi-7265-13.ucode \
+       /lib/firmware/iwlwifi-7265-16.ucode \
+       /lib/firmware/iwlwifi-7265-8.ucode \
+       /lib/firmware/iwlwifi-7265-9.ucode \
+       /lib/firmware/iwlwifi-7265D-10.ucode \
+       /lib/firmware/iwlwifi-7265D-12.ucode \
+       /lib/firmware/iwlwifi-7265D-13.ucode \
+       /lib/firmware/iwlwifi-7265D-16.ucode \
+       /lib/firmware/iwlwifi-7265D-17.ucode \
+       /lib/firmware/iwlwifi-7265D-21.ucode \
+       /lib/firmware/iwlwifi-8000C-13.ucode \
+       /lib/firmware/iwlwifi-8000C-16.ucode \
+       /lib/firmware/iwlwifi-8000C-21.ucode \
+       /lib/firmware/iwlwifi-8265-21.ucode \
        /lib/libxtables.so.12.4.0 \
        /lib/xtables/libip6t_DNAT.so \
        /lib/xtables/libip6t_REDIRECT.so \
@@ -59,9 +144,31 @@ ldconfig
 # Filesytem cleanup
 /usr/local/bin/filesystem-cleanup
 
+# Apply sysctl changes
+/etc/init.d/sysctl start
+
 # Start services
+telinit u
 /etc/init.d/firewall restart
+/etc/init.d/apache start
 /etc/init.d/unbound start
+/etc/init.d/squid start
+
+# krb5 is now part of the core system, remove Pakfire metadata for it
+if [ -e "/opt/pakfire/db/installed/meta-krb5" ] && [ -e "/opt/pakfire/db/meta/meta-krb5" ]; then
+       rm -vf \
+               /opt/pakfire/db/installed/meta-krb5 \
+               /opt/pakfire/db/meta/meta-krb5 \
+               /opt/pakfire/db/rootfiles/krb5
+fi
+
+# libtiff is now part of the core system, remove Pakfire metadata for it
+if [ -e "/opt/pakfire/db/installed/meta-libtiff" ] && [ -e "/opt/pakfire/db/meta/meta-libtiff" ]; then
+       rm -vf \
+               /opt/pakfire/db/installed/meta-libtiff \
+               /opt/pakfire/db/meta/meta-libtiff \
+               /opt/pakfire/db/rootfiles/libtiff
+fi
 
 # This update needs a reboot...
 touch /var/run/need_reboot
@@ -70,6 +177,20 @@ touch /var/run/need_reboot
 /etc/init.d/fireinfo start
 sendprofile
 
+# remove lm_sensor config after collectd was started
+# to reserch sensors at next boot with updated kernel
+rm -f  /etc/sysconfig/lm_sensors
+
+# Upadate Kernel version in uEnv.txt
+if [ -e /boot/uEnv.txt ]; then
+    sed -i -e "s/KVER=.*/KVER=${KVER}/g" /boot/uEnv.txt
+fi
+
+# Call user update script (needed for some ARM boards)
+if [ -e /boot/pakfire-kernel-update ]; then
+    /boot/pakfire-kernel-update ${KVER}
+fi
+
 # Update grub config to display new core version
 if [ -e /boot/grub/grub.cfg ]; then
        grub-mkconfig -o /boot/grub/grub.cfg
diff --git a/config/unbound/unbound.conf b/config/unbound/unbound.conf
index 9d5e840dd4a59bc2eff70ca71bb9501220178b74..012beab54dc48c70a29b6d9b6969479ec37ef2e6 100644 (file)
--- a/config/unbound/unbound.conf
+++ b/config/unbound/unbound.conf
@@ -39,7 +39,6 @@ server:
        # Hardening Options
        harden-large-queries: yes
        harden-referral-path: yes
-       aggressive-nsec: yes
 
        # TLS
        tls-cert-bundle: /etc/ssl/certs/ca-bundle.crt
diff --git a/html/cgi-bin/credits.cgi b/html/cgi-bin/credits.cgi
index bfb7925401727b300598b2ddb1ba3b759e04c60b..13d0005e34d43abb24b577d52cabeb335838bcba 100644 (file)
--- a/html/cgi-bin/credits.cgi
+++ b/html/cgi-bin/credits.cgi
@@ -75,6 +75,7 @@ Dirk Wagner,
 Marcel Lorenz,
 Leo-Andres Hofmann,
 Alf Høgemark,
+Timo Eissler,
 Ben Schweikert,
 Daniel Weismüller,
 Peter Pfeiffer,
@@ -82,7 +83,6 @@ Daniel Glanzmann,
 Heiner Schmeling,
 Stephan Feddersen,
 Stéphane Pautrel,
-Timo Eissler,
 Jan Lentfer,
 Marcus Scholz,
 Ersan Yildirim,
@@ -96,12 +96,12 @@ Sascha Kilian,
 Bernhard Bitsch,
 Ronald Wiesinger,
 Florian Bührle,
+Jon Murphy,
 Justin Luth,
 Michael Eitelwein,
 Robin Roevens,
 Alex Koch,
 Dominik Hassler,
-Jon Murphy,
 Larsen,
 Ramax Lo,
 Gabriel Rolland,
diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index fd6d14ab390cabebf8e87ac10b79c9ccd539eb17..b8c3e506463fe57d36fe75f9e01508d17f1aabf2 100644 (file)
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -23,6 +23,10 @@
 ###
 use CGI;
 use CGI qw/:standard/;
+use Imager::QRCode;
+use MIME::Base32;
+use MIME::Base64;
+use URI::Encode qw(uri_encode uri_decode);;
 use Net::DNS;
 use Net::Ping;
 use Net::Telnet;
@@ -40,6 +44,7 @@ require "${General::swroot}/location-functions.pl";
 # enable only the following on debugging purpose
 #use warnings;
 #use CGI::Carp 'fatalsToBrowser';
+
 #workaround to suppress a warning when a variable is used only once
 my @dummy = ( ${Header::colourgreen}, ${Header::colourblue} );
 undef (@dummy);
@@ -372,6 +377,8 @@ sub writeserverconf {
     }
     print CONF "tls-verify /usr/lib/openvpn/verify\n";
     print CONF "crl-verify /var/ipfire/ovpn/crls/cacrl.pem\n";
+    print CONF "auth-user-pass-optional\n";
+    print CONF "reneg-sec 86400\n";
     print CONF "user nobody\n";
     print CONF "group nobody\n";
     print CONF "persist-key\n";
@@ -385,6 +392,11 @@ sub writeserverconf {
     print CONF "# Log clients connecting/disconnecting\n";
     print CONF "client-connect \"/usr/sbin/openvpn-metrics client-connect\"\n";
     print CONF "client-disconnect \"/usr/sbin/openvpn-metrics client-disconnect\"\n";
+    print CONF "\n";
+
+    print CONF "# Enable Management Socket\n";
+    print CONF "management /var/run/openvpn.sock unix\n";
+    print CONF "management-client-auth\n";
 
     # Print server.conf.local if entries exist to server.conf
     if ( !-z $local_serverconf  && $sovpnsettings{'ADDITIONAL_CONFIGS'} eq 'on') {
@@ -2337,17 +2349,17 @@ else
     if ( $vpnsettings{'ENABLED'} eq 'on'){
        print CLIENTCONF "remote $vpnsettings{'VPN_IP'} $vpnsettings{'DDEST_PORT'}\r\n";
        if ( $vpnsettings{'ENABLED_BLUE'} eq 'on' && (&haveBlueNet())){
-           print CLIENTCONF "#Coment the above line and uncoment the next line, if you want to connect on the Blue interface\r\n";
+           print CLIENTCONF "#comment the above line and uncomment the next line, if you want to connect on the Blue interface\r\n";
            print CLIENTCONF ";remote $netsettings{'BLUE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
        }
        if ( $vpnsettings{'ENABLED_ORANGE'} eq 'on' && (&haveOrangeNet())){
-           print CLIENTCONF "#Coment the above line and uncoment the next line, if you want to connect on the Orange interface\r\n";
+           print CLIENTCONF "#comment the above line and uncomment the next line, if you want to connect on the Orange interface\r\n";
            print CLIENTCONF ";remote $netsettings{'ORANGE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
        }
     } elsif ( $vpnsettings{'ENABLED_BLUE'} eq 'on' && (&haveBlueNet())){
        print CLIENTCONF "remote $netsettings{'BLUE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
        if ( $vpnsettings{'ENABLED_ORANGE'} eq 'on' && (&haveOrangeNet())){
-           print CLIENTCONF "#Coment the above line and uncoment the next line, if you want to connect on the Orange interface\r\n";
+           print CLIENTCONF "#comment the above line and uncomment the next line, if you want to connect on the Orange interface\r\n";
            print CLIENTCONF ";remote $netsettings{'ORANGE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
        }
     } elsif ( $vpnsettings{'ENABLED_ORANGE'} eq 'on' && (&haveOrangeNet())){
@@ -2431,6 +2443,16 @@ else
        print CLIENTCONF "fragment $vpnsettings{'FRAGMENT'}\r\n";
     }
 
+    # Disable storing any credentials in memory
+    print CLIENTCONF "auth-nocache\r\n";
+
+    # Set a fake user name for authentication
+    print CLIENTCONF "auth-token-user USER\r\n";
+    print CLIENTCONF "auth-token TOTP\r\n";
+
+    # If the server is asking for TOTP this needs to happen interactively
+    print CLIENTCONF "auth-retry interact\r\n";
+
     if ($include_certs) {
        print CLIENTCONF "\r\n";
 
@@ -2617,6 +2639,45 @@ else
        exit(0);
     }
 
+###
+### Display OTP QRCode
+###
+} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'show otp qrcode'}) {
+   &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+
+   my $qrcode = Imager::QRCode->new(
+      size          => 6,
+      margin        => 0,
+      version       => 0,
+      level         => 'M',
+      mode          => '8-bit',
+      casesensitive => 1,
+      lightcolor    => Imager::Color->new(255, 255, 255),
+      darkcolor     => Imager::Color->new(0, 0, 0),
+   );
+   my $cn = uri_encode($confighash{$cgiparams{'KEY'}}[2]);
+   my $secret = encode_base32(pack('H*', $confighash{$cgiparams{'KEY'}}[44]));
+   my $issuer = uri_encode("$mainsettings{'HOSTNAME'}.$mainsettings{'DOMAINNAME'}");
+   my $qrcodeimg = $qrcode->plot("otpauth://totp/$cn?secret=$secret&issuer=$issuer");
+   my $qrcodeimgdata;
+   $qrcodeimg->write(data => \$qrcodeimgdata, type=> 'png')
+      or die $qrcodeimg->errstr;
+   $qrcodeimgdata = encode_base64($qrcodeimgdata, '');
+
+   &Header::showhttpheaders();
+   &Header::openpage($Lang::tr{'ovpn'}, 1, '');
+   &Header::openbigbox('100%', 'LEFT', '', '');
+   &Header::openbox('100%', 'LEFT', "$Lang::tr{'otp qrcode'}:");
+   print <<END;
+$Lang::tr{'secret'}:&nbsp;$secret</br></br>
+<img alt="$Lang::tr{'otp qrcode'}" src="data:image/png;base64,$qrcodeimgdata">
+END
+   &Header::closebox();
+   print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
+   &Header::closebigbox();
+   &Header::closepage();
+   exit(0);
+
 ###
 ### Display Diffie-Hellman key
 ###
@@ -3660,6 +3721,7 @@ if ($confighash{$cgiparams{'KEY'}}) {
                $cgiparams{'DAUTH'}             = $confighash{$cgiparams{'KEY'}}[39];
                $cgiparams{'DCIPHER'}           = $confighash{$cgiparams{'KEY'}}[40];
                $cgiparams{'TLSAUTH'}           = $confighash{$cgiparams{'KEY'}}[41];
+               $cgiparams{'OTP_STATE'}         = $confighash{$cgiparams{'KEY'}}[43];
        } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) {
        $cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
 
@@ -4422,6 +4484,16 @@ if ($cgiparams{'TYPE'} eq 'net') {
                $confighash{$key}[41] = "no-pass";
        }
 
+   $confighash{$key}[42] = 'HOTP/T30/6';
+       $confighash{$key}[43] = $cgiparams{'OTP_STATE'};
+       if (($confighash{$key}[43] eq 'on') && ($confighash{$key}[44] eq '')) {
+               my @otp_secret = &General::system_output("/usr/bin/openssl", "rand", "-hex", "20");
+      chomp($otp_secret[0]);
+               $confighash{$key}[44] = $otp_secret[0];
+       } elsif ($confighash{$key}[43] eq '') {
+               $confighash{$key}[44] = '';
+       }
+
        &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
 
        if ($cgiparams{'CHECK1'} ){
@@ -4835,6 +4907,7 @@ if ($cgiparams{'TYPE'} eq 'host') {
            print"</td></tr></table><br><br>";
                my $name=$cgiparams{'CHECK1'};
                $checked{'RG'}{$cgiparams{'RG'}} = 'CHECKED';
+               $checked{'OTP_STATE'}{$cgiparams{'OTP_STATE'}} = 'CHECKED';
 
        if (! -z "${General::swroot}/ovpn/ccd.conf"){
                print"<table border='0' width='100%' cellspacing='1' cellpadding='0'><tr><td width='1%'></td><td width='30%' class='boldbase' align='center'><b>$Lang::tr{'ccd name'}</td><td width='15%' class='boldbase' align='center'><b>$Lang::tr{'network'}</td><td class='boldbase' align='center' width='18%'><b>$Lang::tr{'ccd clientip'}</td></tr>";
@@ -4970,6 +5043,7 @@ if ($cgiparams{'TYPE'} eq 'host') {
 
        print <<END;
        <table border='0' width='100%'>
+       <tr><td width='20%'>$Lang::tr{'enable otp'}:</td><td colspan='3'><input type='checkbox' name='OTP_STATE' $checked{'OTP_STATE'}{'on'} /></td></tr>
        <tr><td width='20%'>Redirect Gateway:</td><td colspan='3'><input type='checkbox' name='RG' $checked{'RG'}{'on'} /></td></tr>
        <tr><td colspan='4'><b><br>$Lang::tr{'ccd routes'}</b></td></tr>
        <tr><td colspan='4'>&nbsp</td></tr>
@@ -5413,7 +5487,7 @@ END
        <th width='15%' class='boldbase' align='center'><b>$Lang::tr{'type'}</b></th>
        <th width='20%' class='boldbase' align='center'><b>$Lang::tr{'remark'}</b></th>
        <th width='10%' class='boldbase' align='center'><b>$Lang::tr{'status'}</b></th>
-       <th width='5%' class='boldbase' colspan='7' align='center'><b>$Lang::tr{'action'}</b></th>
+       <th width='5%' class='boldbase' colspan='8' align='center'><b>$Lang::tr{'action'}</b></th>
 </tr>
 END
                }
@@ -5427,7 +5501,7 @@ END
        <th width='15%' class='boldbase' align='center'><b>$Lang::tr{'type'}</b></th>
        <th width='20%' class='boldbase' align='center'><b>$Lang::tr{'remark'}</b></th>
        <th width='10%' class='boldbase' align='center'><b>$Lang::tr{'status'}</b></th>
-       <th width='5%' class='boldbase' colspan='7' align='center'><b>$Lang::tr{'action'}</b></th>
+       <th width='5%' class='boldbase' colspan='8' align='center'><b>$Lang::tr{'action'}</b></th>
 </tr>
 END
                }
@@ -5560,6 +5634,19 @@ END
        ; } else {
            print "<td>&nbsp;</td>";
        }
+
+   if ($confighash{$key}[43] eq 'on') {
+      print <<END;
+<form method='post' name='frm${key}o'><td align='center' $col>
+<input type='image' name='$Lang::tr{'show otp qrcode'}' src='/images/qr-code.png' alt='$Lang::tr{'show otp qrcode'}' title='$Lang::tr{'show otp qrcode'}' border='0' />
+<input type='hidden' name='ACTION' value='$Lang::tr{'show otp qrcode'}' />
+<input type='hidden' name='KEY' value='$key' />
+</td></form>
+END
+; } else {
+      print "<td $col>&nbsp;</td>";
+   }
+
        if ($confighash{$key}[4] eq 'cert' && -f "${General::swroot}/ovpn/certs/$confighash{$key}[1].p12") {
            print <<END;
            <form method='post' name='frm${key}c'><td align='center' $col>
@@ -5628,6 +5715,8 @@ END
                <td class='base'>$Lang::tr{'download certificate'}</td>
                <td>&nbsp; &nbsp; <img src='/images/openvpn.png' alt='?RELOAD'/></td>
                <td class='base'>$Lang::tr{'dl client arch'}</td>
+               <td>&nbsp; &nbsp; <img src='/images/qr-code.png' alt='$Lang::tr{'show otp qrcode'}'/></td>
+               <td class='base'>$Lang::tr{'show otp qrcode'}</td>
                </tr>
     </table><br>
 END
diff --git a/html/html/images/qr-code.png b/html/html/images/qr-code.png
new file mode 100644 (file)
index 0000000..946e10a
Binary files /dev/null and b/html/html/images/qr-code.png differ
diff --git a/html/html/images/qr-code.svg b/html/html/images/qr-code.svg
new file mode 100644 (file)
index 0000000..66c6b9d
--- /dev/null
+++ b/html/html/images/qr-code.svg
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="iso-8859-1"?>\r
+<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->\r
+<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"\r
+        viewBox="0 0 512 512" style="enable-background:new 0 0 512 512;" xml:space="preserve">\r
+<path d="M0,0v233.739h233.739V0H0z M200.348,200.348H33.391V33.391h166.957V200.348z"/>\r
+<rect x="66.783" y="66.783" width="100.174" height="100.174"/>\r
+<path d="M278.261,0v233.739H512V0H278.261z M478.609,200.348H311.652V33.391h166.957V200.348z"/>\r
+<rect x="345.043" y="66.783" width="100.174" height="100.174"/>\r
+<path d="M0,278.261V512h233.739V278.261H0z M200.348,478.609H33.391V311.652h166.957V478.609z"/>\r
+<rect x="66.783" y="345.043" width="100.174" height="100.174"/>\r
+<polygon points="278.261,278.261 278.261,512 345.043,512 345.043,478.609 311.652,478.609 311.652,411.826 345.043,411.826 \r
+       345.043,378.435 311.652,378.435 311.652,311.652 345.043,311.652 345.043,278.261 "/>\r
+<rect x="478.609" y="278.261" width="33.391" height="33.391"/>\r
+<polygon points="478.609,478.609 445.217,478.609 445.217,512 512,512 512,356.174 478.609,356.174 "/>\r
+<rect x="378.435" y="278.261" width="66.783" height="33.391"/>\r
+<polygon points="445.217,411.826 411.826,411.826 411.826,378.435 445.217,378.435 445.217,345.043 378.435,345.043 \r
+       378.435,445.217 445.217,445.217 "/>\r
+<rect x="378.435" y="478.609" width="33.391" height="33.391"/>\r
+<g>\r
+</g>\r
+<g>\r
+</g>\r
+<g>\r
+</g>\r
+<g>\r
+</g>\r
+<g>\r
+</g>\r
+<g>\r
+</g>\r
+<g>\r
+</g>\r
+<g>\r
+</g>\r
+<g>\r
+</g>\r
+<g>\r
+</g>\r
+<g>\r
+</g>\r
+<g>\r
+</g>\r
+<g>\r
+</g>\r
+<g>\r
+</g>\r
+<g>\r
+</g>\r
+</svg>\r
diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index 7a39e233b415e4f8100e705812de2e0637cb1610..1799d8c74306a482b30826d6806c08101d8526ec 100644 (file)
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -979,6 +979,7 @@
 'empty profile' => 'Unbenannt',
 'enable ignore filter' => '&quot;Ignorieren&quot;-Filter ein',
 'enable javascript' => 'Javascript aktivieren',
+'enable otp' => 'Aktiviere OTP',
 'enable smt' => 'Simultaneous Multi-Threading (SMT) einschalten',
 'enable wildcards' => 'Wildcards erlauben:',
 'enabled' => 'Aktiviert:',
@@ -1903,6 +1904,7 @@
 'other login script' => 'Anderes Anmeldeskript',
 'otherip' => 'Andere IP',
 'otherport' => 'Anderer Port',
+'otp qrcode' => 'OTP QRCode',
 'our donors' => 'Unsere Unterstützer',
 'out' => 'Aus',
 'outgoing' => 'ausgehend',
@@ -2201,6 +2203,7 @@
 'secondary ntp server' => 'Sekundärer NTP-Server',
 'secondary wins server address' => 'Sekundärer WINS-Server',
 'seconds' => 'Sek.',
+'secret' => 'Geheimnis',
 'section' => 'Abschnitt',
 'secure shell server' => 'Secure Shell Server',
 'security' => 'Sicherheit',
@@ -2244,6 +2247,7 @@
 'show last x lines' => 'die letzten x Zeilen anzeigen',
 'show root certificate' => 'Root-Zertifikat anzeigen',
 'show share options' => 'Anzeige der Freigabeeinstellungen',
+'show otp qrcode' => 'Zeige OTP QRCode',
 'shuffle' => 'Zufall',
 'shutdown' => 'Herunterfahren',
 'shutdown ask' => 'Herunterfahren?',
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index f90e3103bca21b1d734fb174aa0eebc2b7b86453..9cc2fde0503a934d5541ff5e17c5702e46995191 100644 (file)
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -1018,6 +1018,7 @@
 'empty' => 'This field may be left blank',
 'empty profile' => 'empty',
 'enable' => 'Enable',
+'enable otp' => 'Enable OTP',
 'enable ignore filter' => 'Enable ignore filter',
 'enable javascript' => 'Enable javascript',
 'enable smt' => 'Enable Simultaneous Multi-Threading (SMT)',
@@ -1955,6 +1956,7 @@
 'other login script' => 'Other login script',
 'otherip' => 'other IP',
 'otherport' => 'other Port',
+'otp qrcode' => 'OTP QRCode',
 'our donors' => 'Our donors',
 'out' => 'Out',
 'outgoing' => 'outgoing',
@@ -2253,6 +2255,7 @@
 'secondary ntp server' => 'Secondary NTP server',
 'secondary wins server address' => 'Secondary WINS server address',
 'seconds' => 'Secs',
+'secret' => 'Secret',
 'section' => 'Section',
 'secure shell server' => 'Secure Shell Server',
 'security' => 'Security',
@@ -2297,6 +2300,7 @@
 'show host certificate' => 'Show host certificate',
 'show last x lines' => 'Show last x lines',
 'show lines' => 'Show lines',
+'show otp qrcode' => 'Show OTP QRCode',
 'show root certificate' => 'Show root certificate',
 'show share options' => 'Show shares options',
 'show tls-auth key' => 'Show tls-auth key',
diff --git a/lfs/apache2 b/lfs/apache2
index 11c61580bb976855b7449e7fa89432fbd2bcc3aa..33615168618b22385202d281c14a40012298394a 100644 (file)
--- a/lfs/apache2
+++ b/lfs/apache2
@@ -25,7 +25,7 @@
 
 include Config
 
-VER        = 2.4.53
+VER        = 2.4.54
 
 THISAPP    = httpd-$(VER)
 DL_FILE    = $(THISAPP).tar.bz2
@@ -45,7 +45,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 44acd51a2c18ae66878d64922947f2f24f0ddf8a5fa70718f788572032e18dafd06888fed3cf559e63e2a9e69d9b0a8dcc79e11fc9d8f216b5b073f769494727
+$(DL_FILE)_BLAKE2 = be2ba2d33368f9dd619e36e63dd3635fbcf55773a539ac2840251bda04311f3eb535c08a37ab58d8b184c71e75b90b92e2bdc4e59c722cfb146de516f6e1ed04
 
 install : $(TARGET)
 
diff --git a/lfs/bind b/lfs/bind
index e3efc84a1aa3ec0a31cb168be69e2aa6d8612821..a492624f89858d3ee1076ab3ccec491bc7723fe2 100644 (file)
--- a/lfs/bind
+++ b/lfs/bind
@@ -25,7 +25,7 @@
 
 include Config
 
-VER        = 9.16.28
+VER        = 9.16.30
 
 THISAPP    = bind-$(VER)
 DL_FILE    = $(THISAPP).tar.xz
@@ -43,7 +43,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 55932faa004c2021cd4c3384c14d4a58ca43d5a853602e271b58c9022256a5ec2eb1317168ac07c2b233b19407ddfb8c7f64a50d93169207cb3b4fe535a78afa
+$(DL_FILE)_BLAKE2 = 35fe14b58a018df25563e58a9632b4431f740bc7a708eb823117541548d23b1855e43058cf7323361ca904d5e59d687e282abb73dc8b617e4eb25ef113168e93
 
 install : $(TARGET)
 
diff --git a/lfs/dnsdist b/lfs/dnsdist
index 06ed4e88e09a9a87ad20bb127afce399ddf18869..9b668f40aa1f14df944a2a3832e4c78fde06bae1 100644 (file)
--- a/lfs/dnsdist
+++ b/lfs/dnsdist
@@ -26,7 +26,7 @@ include Config
 
 SUMMARY    = A highly DNS-, DoS- and abuse-aware loadbalancer
 
-VER        = 1.7.0
+VER        = 1.7.2
 
 THISAPP    = dnsdist-$(VER)
 DL_FILE    = $(THISAPP).tar.bz2
@@ -34,7 +34,7 @@ DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = dnsdist
-PAK_VER    = 11
+PAK_VER    = 12
 
 SUP_ARCH   = x86_64 aarch64
 
@@ -52,7 +52,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 3766da5f63df6390f555307d665efcbb2ad1462abae3af44503479d4c6ae6453e43527d2bcac718fabeb8b60ec989f264860532b480c465afc440405f9efac74
+$(DL_FILE)_BLAKE2 = cf2a9853be4c896b3909f871fad771d4298eb2586702a8a85eff2c612d275214cdad82e93961f4cfd58300f5629f06569c51a2c4f15de58188a69116bd5275de
 
 install : $(TARGET)
 
diff --git a/lfs/flash-images b/lfs/flash-images
index 3cf81fb6dd988b79742a42708d931e83679af6ea..8a033c310c7491446fa6e63b11aa4e56b087f3fa 100644 (file)
--- a/lfs/flash-images
+++ b/lfs/flash-images
@@ -1,7 +1,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007-2021  IPFire Team  <info@ipfire.org>                     #
+# Copyright (C) 2007-2022  IPFire Team  <info@ipfire.org>                     #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -167,7 +167,7 @@ endif
 
        # Create /etc/fstab
        printf "$(FSTAB_FMT)" "$$(blkid -o value -s UUID $(PART_BOOT))" "/boot" \
-               "auto" "defaults" 1 2 >  $(MNThdd)/etc/fstab
+               "auto" "defaults,nodev,noexec,nosuid" 1 2 >  $(MNThdd)/etc/fstab
 ifeq "$(EFI)" "1"
        printf "$(FSTAB_FMT)" "$$(blkid -o value -s UUID $(PART_EFI))" "/boot/efi" \
                "auto" "defaults" 1 2 >> $(MNThdd)/etc/fstab
diff --git a/lfs/linux b/lfs/linux
index d9637ef943e9f6fbb2c36b0b274c2dee23e1bb95..f1415b918a9d5f498a71c62f0e201e3a9a5126b1 100644 (file)
--- a/lfs/linux
+++ b/lfs/linux
@@ -24,7 +24,7 @@
 
 include Config
 
-VER         = 5.15.35
+VER         = 5.15.48
 ARM_PATCHES = 5.15-ipfire5
 
 THISAPP    = linux-$(VER)
@@ -78,7 +78,7 @@ objects =$(DL_FILE) \
 $(DL_FILE)                                     = $(URL_IPFIRE)/$(DL_FILE)
 arm-multi-patches-$(ARM_PATCHES).patch.xz      = $(URL_IPFIRE)/arm-multi-patches-$(ARM_PATCHES).patch.xz
 
-$(DL_FILE)_BLAKE2 = 15f1af609ae4a233dc6bdae84c1231c2335be6320ddbb9a5d76c7983498a9ca72c13b55cc1408dac477f707fb84df99435994c1a7eeb91396481c2f7b11ecc2e
+$(DL_FILE)_BLAKE2 = a23dd33dfac22741e5112961d92543a895c858be62c4e82a60b639e47c7b05e623c41a13a6c5157ec7b71ae1f152b381b7729f2bbaf03734cd40dfc0c27923f8
 arm-multi-patches-$(ARM_PATCHES).patch.xz_BLAKE2 = 58a70e757a9121a0aac83604a37aa787ec7ac0ee4970c5a3ac3bcb2dbaca32b00089cae6c0da5cf2fe0a2e156427b5165c6a86e0371a3e896f4c7cdd699c34a0
 
 install : $(TARGET)
@@ -116,7 +116,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        ln -svf linux-$(VER) $(DIR_SRC)/linux
 
        # Layer7-patch
-       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-5.15.17-layer7.patch
+       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-5.15.46-layer7.patch
 
        # DVB Patches
        cd $(DIR_APP) && patch -Np2 < $(DIR_SRC)/src/patches/v4l-dvb_fix_tua6034_pll.patch
diff --git a/lfs/linux-firmware b/lfs/linux-firmware
index fd150c0114d04f021b4dc0c2be18678bb26af324..04dc4f7ce229f7026d1dc201233cb36263be2454 100644 (file)
--- a/lfs/linux-firmware
+++ b/lfs/linux-firmware
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 20220411
+VER        = 20220610
 
 THISAPP    = linux-firmware-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 92aa5dd25de0779a597f1fd13a039b7bf131c4e8a760b5a6c77273d4c07a12b1ed8dfa3ea8a2f38b6362070318ed4e7d4f207e301a9c891d43c1a205cf9a00c1
+$(DL_FILE)_BLAKE2 = 88ec19a24e634702b640cdf5de66179ee9cd1ca627a8c8a45a109b94b6efac7f7534d3663b8c8a123fbe77e6e440db31ef03b28b957f056db1d1f9425b8a9a10
 
 install : $(TARGET)
 
diff --git a/lfs/lmdb b/lfs/lmdb
index 891f62e2d97a048473b750ef097f2bcc79c5a6bf..919dfb2fc3cb3ad498264e7b17b11a83613f77fe 100644 (file)
--- a/lfs/lmdb
+++ b/lfs/lmdb
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 0.9.24
+VER        = 0.9.29
 
 THISAPP    = lmdb-LMDB_$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = f075ec5f4dfb77685188229e20f12c4febe8295c7d35ed15c3db492b68af68cc7f76741078e9bb524d2c38587839f542e964af1e5d6d984bb28bd602caabbb8d
+$(DL_FILE)_BLAKE2 = 3f2a48785dd62921af79e0f10b86438085d86f8013f667dcf2f6177535baee26bba74c6a8023e47c6179c8a6be8fd63cf575b30e216b5669de2d58e69757bd1f
 
 install : $(TARGET)
 
diff --git a/lfs/lynis b/lfs/lynis
index bc6b29297c1550eb0655678bbf678938f3423911..afc109945a9780a6070021d75dcad908e1a0eaa1 100644 (file)
--- a/lfs/lynis
+++ b/lfs/lynis
@@ -26,7 +26,7 @@ include Config
 
 SUMMARY    = Security and System auditing tool
 
-VER        = 3.0.7
+VER        = 3.0.8
 
 THISAPP    = lynis-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -35,7 +35,7 @@ DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 
 PROG       = lynis
-PAK_VER    = 11
+PAK_VER    = 12
 
 DEPS       =
 
@@ -49,7 +49,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = d9cddcba9c83ddee08ea38c8e80bf6f0a78179ad102673a876a1fe3d4544612e945d8637a8d026ce7bff72b09d6274223031e1cb6fc74596b2c65f0380fecd67
+$(DL_FILE)_BLAKE2 = 490bd6799619a4247c3fa68cc96f2f1fead651b23db0ffb512394960f8ca0360ab7f25d2bb8d9e742641558972e1fdd4b1e18d7de0d13007988276eed3a97b1f
 
 install : $(TARGET)
 
diff --git a/lfs/oath-toolkit b/lfs/oath-toolkit
new file mode 100644 (file)
index 0000000..e3225f4
--- /dev/null
+++ b/lfs/oath-toolkit
@@ -0,0 +1,77 @@
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2022  IPFire Team  <info@ipfire.org>                          #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER        = 2.6.7
+
+THISAPP    = oath-toolkit-$(VER)
+DL_FILE    = $(THISAPP).tar.gz
+DL_FROM    = $(URL_IPFIRE)
+DIR_APP    = $(DIR_SRC)/$(THISAPP)
+TARGET     = $(DIR_INFO)/$(THISAPP)
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_BLAKE2 = 23f377c51eb633bf01d6085d33c7362cd91b6bed1cf4c2bbf32dc9433849e20c53f6896b16e5056b13f420f6a65a3c593fa1dafd7e184ed9e52666d94a7f75d1
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+b2 : $(subst %,%_BLAKE2,$(objects))
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+       @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+       @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+       @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+       @$(PREBUILD)
+       @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+       cd $(DIR_APP) && ./configure --prefix=/usr
+       cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE)
+       cd $(DIR_APP) && make install
+       @rm -rf $(DIR_APP)
+       @$(POSTBUILD)
diff --git a/lfs/openvpn b/lfs/openvpn
index 27a052ae152847dbafe4650c08b1b22119397cbb..8d6ba07ed9f963125d3e960c1784adbc5aa3eeb1 100644 (file)
--- a/lfs/openvpn
+++ b/lfs/openvpn
@@ -101,5 +101,9 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        chown root:root /etc/fcron.daily/openvpn-crl-updater
        chmod 750 /etc/fcron.daily/openvpn-crl-updater
 
+       # Install authenticator
+       install -v -m 755 $(DIR_SRC)/config/ovpn/openvpn-authenticator \
+               /usr/sbin/openvpn-authenticator
+
        @rm -rf $(DIR_APP)
        @$(POSTBUILD)
diff --git a/lfs/perl-File-Remove b/lfs/perl-File-Remove
new file mode 100644 (file)
index 0000000..88a5673
--- /dev/null
+++ b/lfs/perl-File-Remove
@@ -0,0 +1,80 @@
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2022  IPFire Team  <info@ipfire.org>                          #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER        = 1.60
+
+THISAPP    = File-Remove-$(VER)
+DL_FILE    = $(THISAPP).tar.gz
+DL_FROM    = $(URL_IPFIRE)
+DIR_APP    = $(DIR_SRC)/$(THISAPP)
+TARGET     = $(DIR_INFO)/$(THISAPP)
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_BLAKE2 = ffb98155d757bae6ec0d4f56dabdb78749fc968845e284797d0f0611fe9068722a007c7e0e890179720745d1451c926575949f36642dceef7071468a2863c7c6
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+b2 : $(subst %,%_BLAKE2,$(objects))
+
+dist:.
+       $(PAK)
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+       @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+       @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+       @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+       @$(PREBUILD)
+       @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+       cd $(DIR_APP) && yes 'n' | perl Makefile.PL
+       cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE)
+       cd $(DIR_APP) && make install
+       @rm -rf $(DIR_APP)
+       @$(POSTBUILD)
diff --git a/lfs/perl-Imager b/lfs/perl-Imager
new file mode 100644 (file)
index 0000000..e7301b9
--- /dev/null
+++ b/lfs/perl-Imager
@@ -0,0 +1,80 @@
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2022  IPFire Team  <info@ipfire.org>                          #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER        = 1.012
+
+THISAPP    = Imager-$(VER)
+DL_FILE    = $(THISAPP).tar.gz
+DL_FROM    = $(URL_IPFIRE)
+DIR_APP    = $(DIR_SRC)/$(THISAPP)
+TARGET     = $(DIR_INFO)/$(THISAPP)
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_BLAKE2 = 32dad83e9cfd66a162380b502ab49b343dae8c87eca8e6c0537d260956bf466e200511a7b4f89eed9b0bc1f20447584c7c4aabffaad77f0824ee9d5126848c39
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+b2 : $(subst %,%_BLAKE2,$(objects))
+
+dist:.
+       $(PAK)
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+       @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+       @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+       @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+       @$(PREBUILD)
+       @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+       cd $(DIR_APP) && yes 'n' | perl Makefile.PL
+       cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE)
+       cd $(DIR_APP) && make install
+       @rm -rf $(DIR_APP)
+       @$(POSTBUILD)
diff --git a/lfs/perl-Imager-QRCode b/lfs/perl-Imager-QRCode
new file mode 100644 (file)
index 0000000..3036715
--- /dev/null
+++ b/lfs/perl-Imager-QRCode
@@ -0,0 +1,80 @@
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2022  IPFire Team  <info@ipfire.org>                          #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER        = 0.035
+
+THISAPP    = Imager-QRCode-$(VER)
+DL_FILE    = $(THISAPP).tar.gz
+DL_FROM    = $(URL_IPFIRE)
+DIR_APP    = $(DIR_SRC)/$(THISAPP)
+TARGET     = $(DIR_INFO)/$(THISAPP)
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_BLAKE2 = 740119e2d7fab7286f8eeb0c1d9690f94146d51b09b721eaa65a8f9849784c6f113f64344d0fb2550cd5981665369b3881fe8f034b00f925987bb69ccd537b59
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+b2 : $(subst %,%_BLAKE2,$(objects))
+
+dist:.
+       $(PAK)
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+       @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+       @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+       @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+       @$(PREBUILD)
+       @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+       cd $(DIR_APP) && yes 'n' | perl Makefile.PL
+       cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE)
+       cd $(DIR_APP) && make install
+       @rm -rf $(DIR_APP)
+       @$(POSTBUILD)
diff --git a/lfs/perl-MIME-Base32 b/lfs/perl-MIME-Base32
new file mode 100644 (file)
index 0000000..4cb7c96
--- /dev/null
+++ b/lfs/perl-MIME-Base32
@@ -0,0 +1,80 @@
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2022  IPFire Team  <info@ipfire.org>                          #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER        = 1.303
+
+THISAPP    = MIME-Base32-$(VER)
+DL_FILE    = $(THISAPP).tar.gz
+DL_FROM    = $(URL_IPFIRE)
+DIR_APP    = $(DIR_SRC)/$(THISAPP)
+TARGET     = $(DIR_INFO)/$(THISAPP)
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_BLAKE2 = d9dad50d7474a42741f7a61fad4a7b30c4acb72eb80684e24c45d0478480cfe936d6b87ab37b735ff2065afeb0b5457cc50130187264fcb6addefa8e8cb8d934
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+b2 : $(subst %,%_BLAKE2,$(objects))
+
+dist:.
+       $(PAK)
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+       @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+       @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+       @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+       @$(PREBUILD)
+       @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+       cd $(DIR_APP) && yes 'n' | perl Makefile.PL
+       cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE)
+       cd $(DIR_APP) && make install
+       @rm -rf $(DIR_APP)
+       @$(POSTBUILD)
diff --git a/lfs/perl-Module-Build b/lfs/perl-Module-Build
new file mode 100644 (file)
index 0000000..977f7f6
--- /dev/null
+++ b/lfs/perl-Module-Build
@@ -0,0 +1,80 @@
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2022  IPFire Team  <info@ipfire.org>                          #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER        = 0.4231
+
+THISAPP    = Module-Build-$(VER)
+DL_FILE    = $(THISAPP).tar.gz
+DL_FROM    = $(URL_IPFIRE)
+DIR_APP    = $(DIR_SRC)/$(THISAPP)
+TARGET     = $(DIR_INFO)/$(THISAPP)
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_BLAKE2 = f35be09072a2facc505b199dd69cdb2605ab32c34376ef393170dca9d67871bc00cbe25b1fa6dcb925e92724a778ad5ddc3157afb33d18a10648ef1133c83991
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+b2 : $(subst %,%_BLAKE2,$(objects))
+
+dist:.
+       $(PAK)
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+       @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+       @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+       @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+       @$(PREBUILD)
+       @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+       cd $(DIR_APP) && yes 'n' | perl Makefile.PL
+       cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE)
+       cd $(DIR_APP) && make install
+       @rm -rf $(DIR_APP)
+       @$(POSTBUILD)
diff --git a/lfs/perl-Module-Install b/lfs/perl-Module-Install
new file mode 100644 (file)
index 0000000..3389aa6
--- /dev/null
+++ b/lfs/perl-Module-Install
@@ -0,0 +1,80 @@
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2022  IPFire Team  <info@ipfire.org>                          #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER        = 1.19
+
+THISAPP    = Module-Install-$(VER)
+DL_FILE    = $(THISAPP).tar.gz
+DL_FROM    = $(URL_IPFIRE)
+DIR_APP    = $(DIR_SRC)/$(THISAPP)
+TARGET     = $(DIR_INFO)/$(THISAPP)
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_BLAKE2 = a6f4b93ba964ff6f4b16a8db7117bee8c125cd8a280c649b007622ece8c14b79e36f6747a1b792fb312d2c6c8153aee05e7479ca53a76a253a415374839e6b90
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+b2 : $(subst %,%_BLAKE2,$(objects))
+
+dist:.
+       $(PAK)
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+       @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+       @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+       @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+       @$(PREBUILD)
+       @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+       cd $(DIR_APP) && yes 'n' | perl Makefile.PL
+       cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE)
+       cd $(DIR_APP) && make install
+       @rm -rf $(DIR_APP)
+       @$(POSTBUILD)
diff --git a/lfs/perl-Module-ScanDeps b/lfs/perl-Module-ScanDeps
new file mode 100644 (file)
index 0000000..19c36c6
--- /dev/null
+++ b/lfs/perl-Module-ScanDeps
@@ -0,0 +1,79 @@
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2022  IPFire Team  <info@ipfire.org>                          #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER        = 1.31
+
+THISAPP    = Module-ScanDeps-$(VER)
+DL_FILE    = $(THISAPP).tar.gz
+DL_FROM    = $(URL_IPFIRE)
+DIR_APP    = $(DIR_SRC)/$(THISAPP)
+TARGET     = $(DIR_INFO)/$(THISAPP)
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_BLAKE2 = 61d7438359d035d847fefdfa1427b4e444935c8207d41b7e4994a3704fb4c6fb48d7fac169214abed3d71212fd372f478b01cb91d8876c0fdb68962c791101ba
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+b2 : $(subst %,%_BLAKE2,$(objects))
+
+dist:.
+       $(PAK)
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+       @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+       @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+       @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+       @$(PREBUILD)
+       @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+       cd $(DIR_APP) && yes 'n' | perl Makefile.PL
+       cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE)
+       cd $(DIR_APP) && make install
+       @rm -rf $(DIR_APP)
+       @$(POSTBUILD)
diff --git a/lfs/perl-URI-Encode b/lfs/perl-URI-Encode
new file mode 100644 (file)
index 0000000..6a14787
--- /dev/null
+++ b/lfs/perl-URI-Encode
@@ -0,0 +1,80 @@
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2022  IPFire Team  <info@ipfire.org>                          #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER        = 1.1.1
+
+THISAPP    = URI-Encode-v$(VER)
+DL_FILE    = $(THISAPP).tar.gz
+DL_FROM    = $(URL_IPFIRE)
+DIR_APP    = $(DIR_SRC)/$(THISAPP)
+TARGET     = $(DIR_INFO)/$(THISAPP)
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_BLAKE2 = 2eb668d645be7ab726689dee7d3e1c9aa333623653b34d538666eb3b70cf28b3f2e0a27b4380db6148a85b3cdd738193262ab58c0b828d8119531c7011264449
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+b2 : $(subst %,%_BLAKE2,$(objects))
+
+dist:.
+       $(PAK)
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+       @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+       @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+       @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+       @$(PREBUILD)
+       @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+       cd $(DIR_APP) && yes 'n' | perl Makefile.PL
+       cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE)
+       cd $(DIR_APP) && make install
+       @rm -rf $(DIR_APP)
+       @$(POSTBUILD)
diff --git a/lfs/perl-YAML-Tiny b/lfs/perl-YAML-Tiny
new file mode 100644 (file)
index 0000000..052bcb8
--- /dev/null
+++ b/lfs/perl-YAML-Tiny
@@ -0,0 +1,80 @@
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2022  IPFire Team  <info@ipfire.org>                          #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER        = 1.73
+
+THISAPP    = YAML-Tiny-$(VER)
+DL_FILE    = $(THISAPP).tar.gz
+DL_FROM    = $(URL_IPFIRE)
+DIR_APP    = $(DIR_SRC)/$(THISAPP)
+TARGET     = $(DIR_INFO)/$(THISAPP)
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_BLAKE2 = 42e9c5cffa2b9babb0dd1453af69866405fd7273c2b340ceb010d78d8fe28db61268b6bb5ad1840b1aa72819ae048150bf5c416bed1b2e518b28f77b2ba978be
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+b2 : $(subst %,%_BLAKE2,$(objects))
+
+dist:.
+       $(PAK)
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+       @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+       @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+       @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+       @$(PREBUILD)
+       @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+       cd $(DIR_APP) && yes 'n' | perl Makefile.PL
+       cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE)
+       cd $(DIR_APP) && make install
+       @rm -rf $(DIR_APP)
+       @$(POSTBUILD)
diff --git a/lfs/postfix b/lfs/postfix
index 6fe12c9c834d89fb1bb271913bf3d8c44a80f79c..d5fdadbbed9adc6712e2933f1be0c5de82b856d1 100644 (file)
--- a/lfs/postfix
+++ b/lfs/postfix
@@ -26,7 +26,7 @@ include Config
 
 SUMMARY    = A fast, secure, and flexible mailer
 
-VER        = 3.7.1
+VER        = 3.7.2
 
 THISAPP    = postfix-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -34,7 +34,7 @@ DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = postfix
-PAK_VER    = 35
+PAK_VER    = 36
 
 DEPS       =
 
@@ -70,7 +70,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = d0bfdbc5105407e5143823e8e14b49e60d5c248eac435279a5fe803b370b46a56de9aff39fdf94398758863f753e43e889e2dffbb393ab63cf486d4fd3f5cf99
+$(DL_FILE)_BLAKE2 = 3f7aaba222b64274f756ea37b8ac06c29469d9183879deb4942a709d75783f4a8ca81204971b6658aba4b5bea46ed9c21b14e1f8fc6b613f257acd3aad16c170
 
 install : $(TARGET)
 
diff --git a/lfs/qrencode b/lfs/qrencode
new file mode 100644 (file)
index 0000000..aaf004b
--- /dev/null
+++ b/lfs/qrencode
@@ -0,0 +1,80 @@
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2022  IPFire Team  <info@ipfire.org>                          #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER        = 4.1.1
+
+THISAPP    = qrencode-$(VER)
+DL_FILE    = $(THISAPP).tar.gz
+DL_FROM    = $(URL_IPFIRE)
+DIR_APP    = $(DIR_SRC)/$(THISAPP)
+TARGET     = $(DIR_INFO)/$(THISAPP)
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_BLAKE2 = 03416ffdb8bf992ef2323a0bc92b52f3a6605e7eb182e3839178fea3c3669242780171b10e77674f0945224e57bcd1a841282a0d5f396d3955f23e3990d761c7
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+b2 : $(subst %,%_BLAKE2,$(objects))
+
+dist:.
+       $(PAK)
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+       @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+       @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+       @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+       @$(PREBUILD)
+       @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+       cd $(DIR_APP) && ./configure --prefix=/usr
+       cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE)
+       cd $(DIR_APP) && make install
+       @rm -rf $(DIR_APP)
+       @$(POSTBUILD)
diff --git a/lfs/squid b/lfs/squid
index 7b77e568f4c0248504e50b67df8d45b1896d8116..2a5317a43e2d8fa4b516a56f5d86f7a1e4e37635 100644 (file)
--- a/lfs/squid
+++ b/lfs/squid
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 5.5
+VER        = 5.6
 
 THISAPP    = squid-$(VER)
 DL_FILE    = $(THISAPP).tar.xz
@@ -46,7 +46,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = aef52ba0b47098f823d3f2bbe55e015c12b853bcc0a414bc94a4103009a05fee2c33263b8ade9b31cd22068e964d7f37fc0a497877d26ff836bc2193a6d0e8fc
+$(DL_FILE)_BLAKE2 = 172dbbc255dfbe6246f7e9e333469a4d7a1dda722bb1d897886e1fc075106f223dff739510ade836df4fb147b45e3626ce1e1916eaa9d708d55265347d74e183
 
 install : $(TARGET)
 
diff --git a/lfs/tor b/lfs/tor
index e6751fb84db663651511fda47df56655c10ada0d..628ed63a269480369557dd378ea3b62dc08dfbe5 100644 (file)
--- a/lfs/tor
+++ b/lfs/tor
@@ -26,7 +26,7 @@ include Config
 
 SUMMARY    = Anonymizing overlay network for TCP (The onion router)
 
-VER        = 0.4.7.7
+VER        = 0.4.7.8
 
 THISAPP    = tor-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -34,7 +34,7 @@ DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = tor
-PAK_VER    = 69
+PAK_VER    = 70
 
 DEPS       = libseccomp
 
@@ -48,7 +48,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 18acfbe017b2ad456184f6031881149717f6fecad0d3e6daf90241a5a8ef296c32a36ace266d38b703f34b66d71e282c803f03f2059502c6ff6f4fdfb6641a97
+$(DL_FILE)_BLAKE2 = 40f6eab453d95a09e4531ce7cdb59715a21b84e1d0b1045d107add6a443fb7563a5747734b23e0e1dfda6490a5a7659f912e38c11cdb5fa635535dcff6169eeb
 
 install : $(TARGET)
 
@@ -89,9 +89,6 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
                        --with-tor-user=tor \
                        --with-tor-group=tor
 
-       # https://bugzilla.ipfire.org/show_bug.cgi?id=12807
-       cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/Tor-Sandbox-permit-the-clone3-system-call.patch
-
        cd $(DIR_APP) && make $(MAKETUNING)
        cd $(DIR_APP) && make install
 
diff --git a/lfs/tzdata b/lfs/tzdata
index ac3a8dff10d7be98caf04760041c2569a7fd9add..34e7b9fd1cfc5fbe125ebc30ebb2187b2f020017 100644 (file)
--- a/lfs/tzdata
+++ b/lfs/tzdata
@@ -1,7 +1,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007-2021  IPFire Team  <info@ipfire.org>                     #
+# Copyright (C) 2007-2022  IPFire Team  <info@ipfire.org>                     #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 2021a
+VER        = 2022a
 TZDATA_VER = $(VER)
 TZCODE_VER = $(VER)
 
@@ -45,8 +45,8 @@ objects = tzdata$(TZDATA_VER).tar.gz tzcode$(TZCODE_VER).tar.gz
 tzdata$(TZDATA_VER).tar.gz = $(DL_FROM)/tzdata$(TZDATA_VER).tar.gz
 tzcode$(TZCODE_VER).tar.gz = $(DL_FROM)/tzcode$(TZCODE_VER).tar.gz
 
-tzdata$(TZDATA_VER).tar.gz_BLAKE2 = b8d177e90e22bd8a3fd23c9a9c19896cb245efd8e768b59ab8c63e56ab141e67331f3231e3a7c802f844375049cfd902e14e912ce677b3aea38fc0d968905e87
-tzcode$(TZCODE_VER).tar.gz_BLAKE2 = 4072685f2344602ffcfe32a7bf92d3b0d93e38ffca842f1c07a60db5e26f1f18ab32fc7b5f155b0bdab49f8d0bfcd5b58f4a192b4d06d7d9639893e5cb596328
+tzdata$(TZDATA_VER).tar.gz_BLAKE2 = 0af5b785a6f5d871b017237ad58d3d9bedd0de38cf18ac51b32cd8df9811215af7af913d8cd3966de695ce65df3f49f52e239196e93b953094763814cc56ecd0
+tzcode$(TZCODE_VER).tar.gz_BLAKE2 = f9b3bb5eedc51896c2a1dd77fe8118518c8a1f35152325fa6c4163e11dd34aeb0c88b16b17a27ad022feb2f6818996ec0e40e06a7e1edd454187f586c3739070
 
 install : $(TARGET)
 
diff --git a/lfs/u-boot b/lfs/u-boot
index f7341675db68cb8af471244812f0a12005376eb3..7b1ad4a0af95dc12bfa79ea310574165f47c5ef1 100644 (file)
--- a/lfs/u-boot
+++ b/lfs/u-boot
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 2021.07
+VER        = 2022.04
 
 THISAPP    = u-boot-$(VER)
 DL_FILE    = $(THISAPP).tar.bz2
@@ -35,21 +35,24 @@ SUP_ARCH   = armv6l aarch64
 
 CFLAGS    := $(patsubst -fstack-protector-strong,,$(CFLAGS))
 
-ATF_VER    = 2.6
+ATF_VER    = 2.7
 
 ###############################################################################
 # Top-level Rules
 ###############################################################################
 
-objects = $(DL_FILE) arm-trusted-firmware-$(ATF_VER).tar.gz arm-trusted-firmware-$(ATF_VER)-rk3399-binary.tar.xz
+objects = $(DL_FILE) arm-trusted-firmware-$(ATF_VER).tar.gz arm-trusted-firmware-$(ATF_VER)-rk3399-binary.tar.gz
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 arm-trusted-firmware-$(ATF_VER).tar.gz = $(DL_FROM)/arm-trusted-firmware-$(ATF_VER).tar.gz
-arm-trusted-firmware-$(ATF_VER)-rk3399-binary.tar.xz = $(DL_FROM)/arm-trusted-firmware-$(ATF_VER)-rk3399-binary.tar.xz
+arm-trusted-firmware-$(ATF_VER)-rk3399-binary.tar.gz = $(DL_FROM)/arm-trusted-firmware-$(ATF_VER)-rk3399-binary.tar.gz
 
-$(DL_FILE)_BLAKE2 = 1a209a604e0f30264781a14ca855bbb777e8f1c031de60d28de397084fc9bfc4a3771ad00ec22f5cdcfa721f22707a533b9b59004ac0b107df927f23dc5ab0a6
-arm-trusted-firmware-$(ATF_VER).tar.gz_BLAKE2 = 1d0caff9ea6d97276d1377483e3f81901c935f9af784b7a735636c75b00106935a7e301c21ecec7b9fd9a97dcf873ac1b12169bf7211dae3d975b78d379eba74
-arm-trusted-firmware-$(ATF_VER)-rk3399-binary.tar.xz_BLAKE2 = bc5245c1af911eb8ce8def743339102bb46d6aa854fbe916584775479dc97c9a9176c1d1615afc7ede496c7ca9da78db52d9c2eaf1290a4d06e53dbb1933e658
+# Downloaded from https://ftp.denx.de/pub/u-boot/
+$(DL_FILE)_BLAKE2 = 5d2035130c0631f8f1b7f7963bedf71578a66994e3950eb103a404a08e85686cd971ba51e8172093ccb75d975101024bf2a94d4064763ad57ad8950c11092319
+# Downloaded from https://github.com/ARM-software/arm-trusted-firmware/tags
+arm-trusted-firmware-$(ATF_VER).tar.gz_BLAKE2 = 4fc4d5646e272200d40081902e17f0be32956f451622f011a0d568c8cf26e15ab165fe16a69cf222241f7ba1d443add562d6d382277eb4fb2b49c3918cabdbad
+# Downloaded from https://github.com/skiffos/rk3399-firmware-blobs/tags
+arm-trusted-firmware-$(ATF_VER)-rk3399-binary.tar.gz_BLAKE2 = d6441f38f5795b1c7d4e15fe9b2fec3632490283d1e8f0a0ce53b7456413e9f455c78f4071f73f664c16813dba97897941d40ef3037a9f60302de158b7f3cd41
 
 install : $(TARGET)
 
@@ -220,7 +223,7 @@ else
 
        # Nanopi R4S
        # arm trusted firmware for rk3399 cannot build without cortex m0 gcc crosscompiler
-       cd $(DIR_APP) && tar axf $(DIR_DL)/arm-trusted-firmware-$(ATF_VER)-rk3399-binary.tar.xz
+       cd $(DIR_APP) && tar axf $(DIR_DL)/arm-trusted-firmware-$(ATF_VER)-rk3399-binary.tar.gz
        -mkdir -pv /usr/share/u-boot/nanopi_r4s
        cd $(DIR_APP) && make CROSS_COMPILE="" nanopi-r4s-rk3399_config
        cd $(DIR_APP) && sed -i -e 's!^CONFIG_IDENT_STRING=.*!CONFIG_IDENT_STRING=" Nanopi R4S - IPFire.org"!' .config
diff --git a/make.sh b/make.sh
index 2a4f6d0bdde62ec3320c6e51c90bf1f408eb1b81..fde39bb29c99d92f24fa715f599a77d0a50aa3dd 100755 (executable)
--- a/make.sh
+++ b/make.sh
@@ -1693,6 +1693,17 @@ buildipfire() {
   lfsmake2 squid-asnbl
   lfsmake2 qemu-ga
   lfsmake2 gptfdisk
+  lfsmake2 oath-toolkit
+  lfsmake2 qrencode
+  lfsmake2 perl-File-Remove
+  lfsmake2 perl-Module-Build
+  lfsmake2 perl-Module-ScanDeps
+  lfsmake2 perl-YAML-Tiny
+  lfsmake2 perl-Module-Install
+  lfsmake2 perl-Imager
+  lfsmake2 perl-Imager-QRCode
+  lfsmake2 perl-MIME-Base32
+  lfsmake2 perl-URI-Encode
 }
 
 buildinstaller() {
diff --git a/src/initscripts/system/localnet b/src/initscripts/system/localnet
index f260a1f29d71718d9b3172bc511dba1049b3b2c3..ffa05e397c61f8c8867ff6e23a1437f69a8415f6 100644 (file)
--- a/src/initscripts/system/localnet
+++ b/src/initscripts/system/localnet
@@ -26,7 +26,7 @@ write_resolv_conf() {
        (
                [ -n "${DOMAINNAME}" ] && echo "search ${DOMAINNAME}"
                echo "nameserver 127.0.0.1"
-               echo "options trust-ad"
+               echo "options edns0 trust-ad"
        ) > /etc/resolv.conf
 }
 
diff --git a/src/initscripts/system/ntp b/src/initscripts/system/ntp
index 74b8bc86ad2e0a2b43abd59a77b6df5f10e545c7..6c8174d25d9dd1a5cbe785bbab6c2887a7040503 100644 (file)
--- a/src/initscripts/system/ntp
+++ b/src/initscripts/system/ntp
@@ -52,6 +52,8 @@ case "$1" in
                        fi
                fi
 
+               echo -e "server ${NTP_ADDR_1} prefer\nserver    ${NTP_ADDR_2}" > /etc/ntp/ntpInclude.conf
+
                boot_mesg "Starting ntpd..."
                loadproc /usr/bin/ntpd -Ap /var/run/ntpd.pid
                ;;
diff --git a/src/misc-progs/openvpnctrl.c b/src/misc-progs/openvpnctrl.c
index db23e9f00400588fd54471012e09eac9196c73ca..b9e4fd2a6564073f864488d5f25844c200cd3d86 100644 (file)
--- a/src/misc-progs/openvpnctrl.c
+++ b/src/misc-progs/openvpnctrl.c
@@ -457,6 +457,15 @@ void setFirewallRules(void) {
        }
 }
 
+static void stopAuthenticator() {
+       const char* argv[] = {
+               "/usr/sbin/openvpn-authenticator",
+               NULL,
+       };
+
+       run("/sbin/killall", argv);
+}
+
 void stopDaemon(void) {
        char command[STRING_SIZE];
 
@@ -470,6 +479,15 @@ void stopDaemon(void) {
 
        snprintf(command, STRING_SIZE - 1, "/bin/rm -f /var/run/openvpn.pid");
        executeCommand(command);
+
+       // Stop OpenVPN authenticator
+       stopAuthenticator();
+}
+
+static int startAuthenticator(void) {
+       const char* argv[] = { "-d", NULL };
+
+       return run("/usr/sbin/openvpn-authenticator", argv);
 }
 
 void startDaemon(void) {
@@ -487,6 +505,9 @@ void startDaemon(void) {
                executeCommand(command);
                snprintf(command, STRING_SIZE-1, "/bin/chmod 644 /var/run/ovpnserver.log");
                executeCommand(command);
+
+               // Start OpenVPN Authenticator
+               startAuthenticator();
        }
 }
 
diff --git a/src/misc-progs/setuid.c b/src/misc-progs/setuid.c
index 831fb1f90b599f227afe95bf3f8c31b61b7a0f1b..17b0e70667540407dcb30bf9084f0641919d743f 100644 (file)
--- a/src/misc-progs/setuid.c
+++ b/src/misc-progs/setuid.c
@@ -61,10 +61,8 @@ static int system_core(char* command, char** args, uid_t uid, gid_t gid, char *e
        if(!command)
                return 1;
 
-#if 0
        // Add command as first element to argv
        argv[argc++] = command;
-#endif
 
        // Add all other arguments
        if (args) {
@@ -138,7 +136,7 @@ int safe_system(char* command) {
                NULL,
        };
 
-       return system_core(argv[0], argv, 0, 0, "safe_system");
+       return system_core(argv[0], argv + 1, 0, 0, "safe_system");
 }
 
 /* Much like safe_system but lets you specify a non-root uid and gid to run
@@ -151,7 +149,7 @@ int unpriv_system(char* command, uid_t uid, gid_t gid) {
                NULL,
        };
 
-       return system_core(argv[0], argv, uid, gid, "unpriv_system");
+       return system_core(argv[0], argv + 1, uid, gid, "unpriv_system");
 }
 
 /* General routine to initialise a setuid root program, and put the
diff --git a/src/patches/Tor-Sandbox-permit-the-clone3-system-call.patch b/src/patches/Tor-Sandbox-permit-the-clone3-system-call.patch
deleted file mode 100644 (file)
index 7e819ce..0000000
--- a/src/patches/Tor-Sandbox-permit-the-clone3-system-call.patch
+++ /dev/null
@@ -1,14 +0,0 @@
-diff -Naur tor-0.4.6.10.orig/src/lib/sandbox/sandbox.c tor-0.4.6.10/src/lib/sandbox/sandbox.c
---- tor-0.4.6.10.orig/src/lib/sandbox/sandbox.c        2022-04-09 07:58:00.281189564 +0000
-+++ tor-0.4.6.10/src/lib/sandbox/sandbox.c     2022-04-09 08:00:55.861698856 +0000
-@@ -151,6 +151,10 @@
-     SCMP_SYS(clock_gettime),
-     SCMP_SYS(close),
-     SCMP_SYS(clone),
-+#ifdef __NR_clone3
-+    SCMP_SYS(clone3),
-+#endif
-+    SCMP_SYS(rseq),
-     SCMP_SYS(dup),
-     SCMP_SYS(epoll_create),
-     SCMP_SYS(epoll_wait),
diff --git a/src/patches/libcap-2.50-install_capsh_again.patch b/src/patches/libcap-2.50-install_capsh_again.patch
deleted file mode 100644 (file)
index 0ae7520..0000000
--- a/src/patches/libcap-2.50-install_capsh_again.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-From 1f8d32942be54850a3a89c7b58ba5613b5525c58 Mon Sep 17 00:00:00 2001
-From: "Andrew G. Morgan" <morgan@kernel.org>
-Date: Fri, 28 May 2021 13:41:17 -0700
-Subject: [PATCH] Make capsh an installed binary again
-
-Bug report from Jan Palus:
-
-  https://bugzilla.kernel.org/show_bug.cgi?id=213261
-
-Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
----
- progs/Makefile | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/progs/Makefile b/progs/Makefile
-index 313dc4d..3c3dc97 100644
---- a/progs/Makefile
-+++ b/progs/Makefile
-@@ -32,14 +32,14 @@ $(BUILD): %: %.o $(DEPS)
- install: all
-       mkdir -p -m 0755 $(FAKEROOT)$(SBINDIR)
--      for p in $(PROGS) ; do \
-+      for p in $(PROGS) capsh ; do \
-               install -m 0755 $$p $(FAKEROOT)$(SBINDIR) ; \
-       done
- ifeq ($(RAISE_SETFCAP),yes)
-       $(FAKEROOT)$(SBINDIR)/setcap cap_setfcap=i $(FAKEROOT)$(SBINDIR)/setcap
- endif
--test: $(PROGS)
-+test: $(PROGS) capsh
- capshdoc.h.cf: capshdoc.h ./mkcapshdoc.sh
-       ./mkcapshdoc.sh > $@
--- 
-2.32.0.rc2
-
diff --git a/src/patches/linux/linux-5.15.17-layer7.patch b/src/patches/linux/linux-5.15.46-layer7.patch
similarity index 94%
rename from src/patches/linux/linux-5.15.17-layer7.patch
rename to src/patches/linux/linux-5.15.46-layer7.patch
index 0dafa16c7b671646ff32efea819d9c37d4b99c36..d6b46142c513af6af2c60e8e520588cbd64a169a 100644 (file)
--- a/src/patches/linux/linux-5.15.17-layer7.patch
+++ b/src/patches/linux/linux-5.15.46-layer7.patch
@@ -1,6 +1,6 @@
-diff -Naur a/include/linux/skbuff.h b/include/linux/skbuff.h
---- a/include/linux/skbuff.h   2022-01-27 10:05:44.000000000 +0000
-+++ b/include/linux/skbuff.h   2022-01-29 08:04:32.984637671 +0000
+diff -Naur linux-5.15.46.orig/include/linux/skbuff.h linux-5.15.46/include/linux/skbuff.h
+--- linux-5.15.46.orig/include/linux/skbuff.h  2022-06-11 14:51:47.639775333 +0000
++++ linux-5.15.46/include/linux/skbuff.h       2022-06-11 14:53:07.977494189 +0000
 @@ -772,6 +772,9 @@
  #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
        unsigned long            _nfct;
@@ -11,10 +11,10 @@ diff -Naur a/include/linux/skbuff.h b/include/linux/skbuff.h
        unsigned int            len,
                                data_len;
        __u16                   mac_len,
-diff -Naur a/include/net/netfilter/nf_conntrack.h b/include/net/netfilter/nf_conntrack.h
---- a/include/net/netfilter/nf_conntrack.h     2022-01-27 10:05:44.000000000 +0000
-+++ b/include/net/netfilter/nf_conntrack.h     2022-01-29 08:04:32.984637671 +0000
-@@ -117,6 +117,23 @@
+diff -Naur linux-5.15.46.orig/include/net/netfilter/nf_conntrack.h linux-5.15.46/include/net/netfilter/nf_conntrack.h
+--- linux-5.15.46.orig/include/net/netfilter/nf_conntrack.h    2022-06-11 14:51:48.471834543 +0000
++++ linux-5.15.46/include/net/netfilter/nf_conntrack.h 2022-06-11 14:53:07.977494189 +0000
+@@ -119,6 +119,23 @@
        /* Extensions */
        struct nf_ct_ext *ext;
  
@@ -38,9 +38,9 @@ diff -Naur a/include/net/netfilter/nf_conntrack.h b/include/net/netfilter/nf_con
        /* Storage reserved for other modules, must be the last member */
        union nf_conntrack_proto proto;
  };
-diff -Naur a/include/uapi/linux/netfilter/xt_layer7.h b/include/uapi/linux/netfilter/xt_layer7.h
---- a/include/uapi/linux/netfilter/xt_layer7.h 1970-01-01 00:00:00.000000000 +0000
-+++ b/include/uapi/linux/netfilter/xt_layer7.h 2022-01-29 08:04:32.984637671 +0000
+diff -Naur linux-5.15.46.orig/include/uapi/linux/netfilter/xt_layer7.h linux-5.15.46/include/uapi/linux/netfilter/xt_layer7.h
+--- linux-5.15.46.orig/include/uapi/linux/netfilter/xt_layer7.h        1970-01-01 00:00:00.000000000 +0000
++++ linux-5.15.46/include/uapi/linux/netfilter/xt_layer7.h     2022-06-11 14:53:07.977494189 +0000
 @@ -0,0 +1,13 @@
 +#ifndef _XT_LAYER7_H
 +#define _XT_LAYER7_H
@@ -55,9 +55,9 @@ diff -Naur a/include/uapi/linux/netfilter/xt_layer7.h b/include/uapi/linux/netfi
 +};
 +
 +#endif /* _XT_LAYER7_H */
-diff -Naur a/net/netfilter/Kconfig b/net/netfilter/Kconfig
---- a/net/netfilter/Kconfig    2022-01-27 10:05:44.000000000 +0000
-+++ b/net/netfilter/Kconfig    2022-01-29 08:04:32.988637605 +0000
+diff -Naur linux-5.15.46.orig/net/netfilter/Kconfig linux-5.15.46/net/netfilter/Kconfig
+--- linux-5.15.46.orig/net/netfilter/Kconfig   2022-06-11 14:51:48.599843652 +0000
++++ linux-5.15.46/net/netfilter/Kconfig        2022-06-11 14:53:07.977494189 +0000
 @@ -1389,6 +1389,26 @@
  
        To compile it as a module, choose M here. If unsure, say N.
@@ -85,9 +85,9 @@ diff -Naur a/net/netfilter/Kconfig b/net/netfilter/Kconfig
  config NETFILTER_XT_MATCH_LENGTH
        tristate '"length" match support'
        depends on NETFILTER_ADVANCED
-diff -Naur a/net/netfilter/Makefile b/net/netfilter/Makefile
---- a/net/netfilter/Makefile   2022-01-27 10:05:44.000000000 +0000
-+++ b/net/netfilter/Makefile   2022-01-29 08:04:32.988637605 +0000
+diff -Naur linux-5.15.46.orig/net/netfilter/Makefile linux-5.15.46/net/netfilter/Makefile
+--- linux-5.15.46.orig/net/netfilter/Makefile  2022-06-11 14:51:48.599843652 +0000
++++ linux-5.15.46/net/netfilter/Makefile       2022-06-11 14:53:07.981494474 +0000
 @@ -201,6 +201,7 @@
  obj-$(CONFIG_NETFILTER_XT_MATCH_SCTP) += xt_sctp.o
  obj-$(CONFIG_NETFILTER_XT_MATCH_SOCKET) += xt_socket.o
@@ -96,10 +96,10 @@ diff -Naur a/net/netfilter/Makefile b/net/netfilter/Makefile
  obj-$(CONFIG_NETFILTER_XT_MATCH_STATISTIC) += xt_statistic.o
  obj-$(CONFIG_NETFILTER_XT_MATCH_STRING) += xt_string.o
  obj-$(CONFIG_NETFILTER_XT_MATCH_TCPMSS) += xt_tcpmss.o
-diff -Naur a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
---- a/net/netfilter/nf_conntrack_core.c        2022-01-27 10:05:44.000000000 +0000
-+++ b/net/netfilter/nf_conntrack_core.c        2022-01-29 08:04:32.992637539 +0000
-@@ -636,6 +636,11 @@
+diff -Naur linux-5.15.46.orig/net/netfilter/nf_conntrack_core.c linux-5.15.46/net/netfilter/nf_conntrack_core.c
+--- linux-5.15.46.orig/net/netfilter/nf_conntrack_core.c       2022-06-11 14:51:48.599843652 +0000
++++ linux-5.15.46/net/netfilter/nf_conntrack_core.c    2022-06-11 14:53:07.981494474 +0000
+@@ -648,6 +648,11 @@
         */
        nf_ct_remove_expectations(ct);
  
@@ -111,24 +111,24 @@ diff -Naur a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core
        nf_ct_del_from_dying_or_unconfirmed_list(ct);
  
        local_bh_enable();
-diff -Naur a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c
---- a/net/netfilter/nf_conntrack_standalone.c  2022-01-27 10:05:44.000000000 +0000
-+++ b/net/netfilter/nf_conntrack_standalone.c  2022-01-29 08:04:32.992637539 +0000
+diff -Naur linux-5.15.46.orig/net/netfilter/nf_conntrack_standalone.c linux-5.15.46/net/netfilter/nf_conntrack_standalone.c
+--- linux-5.15.46.orig/net/netfilter/nf_conntrack_standalone.c 2022-06-11 14:51:48.603843938 +0000
++++ linux-5.15.46/net/netfilter/nf_conntrack_standalone.c      2022-06-11 14:54:23.322859367 +0000
 @@ -370,6 +370,11 @@
        ct_show_zone(s, ct, NF_CT_DEFAULT_ZONE_DIR);
        ct_show_delta_time(s, ct);
  
-+#if defined(CONFIG_NETFILTER_XT_MATCH_LAYER7) || defined(CONFIG_NETFILTER_XT_MATCH_LAYER7_MODULE)
++      #if defined(CONFIG_NETFILTER_XT_MATCH_LAYER7) || defined(CONFIG_NETFILTER_XT_MATCH_LAYER7_MODULE)
 +      if(ct->layer7.app_proto)
 +              seq_printf(s, "l7proto=%s ", ct->layer7.app_proto);
-+#endif
++      #endif
 +
-       seq_printf(s, "use=%u\n", atomic_read(&ct->ct_general.use));
+       seq_printf(s, "use=%u\n", refcount_read(&ct->ct_general.use));
  
        if (seq_has_overflowed(s))
-diff -Naur a/net/netfilter/regexp/regexp.c b/net/netfilter/regexp/regexp.c
---- a/net/netfilter/regexp/regexp.c    1970-01-01 00:00:00.000000000 +0000
-+++ b/net/netfilter/regexp/regexp.c    2022-01-29 08:04:32.992637539 +0000
+diff -Naur linux-5.15.46.orig/net/netfilter/regexp/regexp.c linux-5.15.46/net/netfilter/regexp/regexp.c
+--- linux-5.15.46.orig/net/netfilter/regexp/regexp.c   1970-01-01 00:00:00.000000000 +0000
++++ linux-5.15.46/net/netfilter/regexp/regexp.c        2022-06-11 14:53:07.985494758 +0000
 @@ -0,0 +1,1197 @@
 +/*
 + * regcomp and regexec -- regsub and regerror are elsewhere
@@ -1327,9 +1327,9 @@ diff -Naur a/net/netfilter/regexp/regexp.c b/net/netfilter/regexp/regexp.c
 +#endif
 +
 +
-diff -Naur a/net/netfilter/regexp/regexp.h b/net/netfilter/regexp/regexp.h
---- a/net/netfilter/regexp/regexp.h    1970-01-01 00:00:00.000000000 +0000
-+++ b/net/netfilter/regexp/regexp.h    2022-01-29 08:04:32.992637539 +0000
+diff -Naur linux-5.15.46.orig/net/netfilter/regexp/regexp.h linux-5.15.46/net/netfilter/regexp/regexp.h
+--- linux-5.15.46.orig/net/netfilter/regexp/regexp.h   1970-01-01 00:00:00.000000000 +0000
++++ linux-5.15.46/net/netfilter/regexp/regexp.h        2022-06-11 14:53:07.985494758 +0000
 @@ -0,0 +1,41 @@
 +/*
 + * Definitions etc. for regexp(3) routines.
@@ -1372,18 +1372,18 @@ diff -Naur a/net/netfilter/regexp/regexp.h b/net/netfilter/regexp/regexp.h
 +void regerror(char *s);
 +
 +#endif
-diff -Naur a/net/netfilter/regexp/regmagic.h b/net/netfilter/regexp/regmagic.h
---- a/net/netfilter/regexp/regmagic.h  1970-01-01 00:00:00.000000000 +0000
-+++ b/net/netfilter/regexp/regmagic.h  2022-01-29 08:04:32.992637539 +0000
+diff -Naur linux-5.15.46.orig/net/netfilter/regexp/regmagic.h linux-5.15.46/net/netfilter/regexp/regmagic.h
+--- linux-5.15.46.orig/net/netfilter/regexp/regmagic.h 1970-01-01 00:00:00.000000000 +0000
++++ linux-5.15.46/net/netfilter/regexp/regmagic.h      2022-06-11 14:53:07.985494758 +0000
 @@ -0,0 +1,5 @@
 +/*
 + * The first byte of the regexp internal "program" is actually this magic
 + * number; the start node begins in the second byte.
 + */
 +#define       MAGIC   0234
-diff -Naur a/net/netfilter/regexp/regsub.c b/net/netfilter/regexp/regsub.c
---- a/net/netfilter/regexp/regsub.c    1970-01-01 00:00:00.000000000 +0000
-+++ b/net/netfilter/regexp/regsub.c    2022-01-29 08:04:32.992637539 +0000
+diff -Naur linux-5.15.46.orig/net/netfilter/regexp/regsub.c linux-5.15.46/net/netfilter/regexp/regsub.c
+--- linux-5.15.46.orig/net/netfilter/regexp/regsub.c   1970-01-01 00:00:00.000000000 +0000
++++ linux-5.15.46/net/netfilter/regexp/regsub.c        2022-06-11 14:53:07.985494758 +0000
 @@ -0,0 +1,95 @@
 +/*
 + * regsub
@@ -1480,9 +1480,9 @@ diff -Naur a/net/netfilter/regexp/regsub.c b/net/netfilter/regexp/regsub.c
 +      }
 +      *dst++ = '\0';
 +}
-diff -Naur a/net/netfilter/xt_layer7.c b/net/netfilter/xt_layer7.c
---- a/net/netfilter/xt_layer7.c        1970-01-01 00:00:00.000000000 +0000
-+++ b/net/netfilter/xt_layer7.c        2022-01-29 08:04:32.992637539 +0000
+diff -Naur linux-5.15.46.orig/net/netfilter/xt_layer7.c linux-5.15.46/net/netfilter/xt_layer7.c
+--- linux-5.15.46.orig/net/netfilter/xt_layer7.c       1970-01-01 00:00:00.000000000 +0000
++++ linux-5.15.46/net/netfilter/xt_layer7.c    2022-06-11 14:53:07.985494758 +0000
 @@ -0,0 +1,666 @@
 +/*
 +  Kernel module to match application layer (OSI layer 7) data in connections.
IPFire 2.x development tree