+++ /dev/null
-/srv/web/esniper/.htaccess
-/srv/web/esniper/.config.php
-/srv/web/esniper/.config.state.php
-/srv/web/esniper/local/
-/srv/web/esniper/.run/
# Flush all chains.
&flush();
- # Reload firewall rules.
- &preparerules();
+ # Prepare firewall rules.
+ if (! -z "${General::swroot}/firewall/input"){
+ &buildrules(\%configinputfw);
+ }
+ if (! -z "${General::swroot}/firewall/outgoing"){
+ &buildrules(\%configoutgoingfw);
+ }
+ if (! -z "${General::swroot}/firewall/config"){
+ &buildrules(\%configfwdfw);
+ }
# Load P2P block rules.
&p2pblock();
# Reload firewall policy.
run("/usr/sbin/firewall-policy");
+
+ #Reload firewall.local if present
+ if ( -f '/etc/sysconfig/firewall.local'){
+ run("/etc/sysconfig/firewall.local reload");
+ }
}
sub run {
run("$IPTABLES -t mangle -F $CHAIN_MANGLE_NAT_DESTINATION_FIX");
}
-sub preparerules {
- if (! -z "${General::swroot}/firewall/input"){
- &buildrules(\%configinputfw);
- }
- if (! -z "${General::swroot}/firewall/outgoing"){
- &buildrules(\%configoutgoingfw);
- }
- if (! -z "${General::swroot}/firewall/config"){
- &buildrules(\%configfwdfw);
- }
-}
-
sub buildrules {
my $hash = shift;
}
}
}
- #Reload firewall.local if present
- if ( -f '/etc/sysconfig/firewall.local'){
- run("/etc/sysconfig/firewall.local reload");
- }
}
# Formats the given timestamp into the iptables format which is "hh:mm" UTC.
Timeout 300
ServerSignature on
UseCanonicalName off
-ServerTokens Full
+ServerTokens Prod
LogLevel warn
CustomLog /var/log/httpd/access_log combined
Include /etc/httpd/conf/hostname.conf
+++ /dev/null
-Listen 1006
-
-<VirtualHost *:1006>
-
- SSLEngine on
- SSLProtocol all -SSLv2
- SSLCipherSuite ALL:!ADH:!EXPORT56:!eNULL:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP
- SSLCertificateFile /etc/httpd/server.crt
- SSLCertificateKeyFile /etc/httpd/server.key
-
- DocumentRoot /srv/web/esniper
-
- Include /etc/httpd/conf/conf.d/php*.conf
-
- <Directory /srv/web/esniper>
- Options None
- AllowOverride None
- Order allow,deny
- Allow from all
- </Directory>
-
-</VirtualHost>
+++ /dev/null
-Listen 1002
-
-<VirtualHost *:1002>
-
- DocumentRoot /srv/web/phpaj
-
- Include /etc/httpd/conf/conf.d/php*.conf
-
- <Directory /srv/web/phpaj>
- Options None
- AllowOverride None
- Order allow,deny
- Allow from all
- </Directory>
-
-</VirtualHost>
#
# Automatically generated file; DO NOT EDIT.
-# Linux/arm 3.14.30 Kernel Configuration
+# Linux/arm 3.14.37 Kernel Configuration
#
CONFIG_ARM=y
CONFIG_SYS_SUPPORTS_APM_EMULATION=y
#
# Memory Debugging
#
-# CONFIG_DEBUG_PAGEALLOC is not set
# CONFIG_DEBUG_OBJECTS is not set
# CONFIG_SLUB_DEBUG_ON is not set
# CONFIG_SLUB_STATS is not set
CONFIG_GRKERNSEC_CHROOT_FINDTASK=y
CONFIG_GRKERNSEC_CHROOT_NICE=y
CONFIG_GRKERNSEC_CHROOT_SYSCTL=y
+CONFIG_GRKERNSEC_CHROOT_RENAME=y
# CONFIG_GRKERNSEC_CHROOT_CAPS is not set
CONFIG_GRKERNSEC_CHROOT_INITRD=y
#
# Automatically generated file; DO NOT EDIT.
-# Linux/arm 3.14.30 Kernel Configuration
+# Linux/arm 3.14.37 Kernel Configuration
#
CONFIG_ARM=y
CONFIG_MIGHT_HAVE_PCI=y
#
# Memory Debugging
#
-# CONFIG_DEBUG_PAGEALLOC is not set
# CONFIG_DEBUG_OBJECTS is not set
# CONFIG_SLUB_STATS is not set
CONFIG_HAVE_DEBUG_KMEMLEAK=y
CONFIG_GRKERNSEC_CHROOT_FINDTASK=y
CONFIG_GRKERNSEC_CHROOT_NICE=y
CONFIG_GRKERNSEC_CHROOT_SYSCTL=y
+CONFIG_GRKERNSEC_CHROOT_RENAME=y
# CONFIG_GRKERNSEC_CHROOT_CAPS is not set
CONFIG_GRKERNSEC_CHROOT_INITRD=y
#
# Automatically generated file; DO NOT EDIT.
-# Linux/arm 3.14.30 Kernel Configuration
+# Linux/arm 3.14.37 Kernel Configuration
#
CONFIG_ARM=y
CONFIG_SYS_SUPPORTS_APM_EMULATION=y
#
# Memory Debugging
#
-# CONFIG_DEBUG_PAGEALLOC is not set
# CONFIG_DEBUG_OBJECTS is not set
# CONFIG_SLUB_DEBUG_ON is not set
# CONFIG_SLUB_STATS is not set
CONFIG_GRKERNSEC_CHROOT_FINDTASK=y
CONFIG_GRKERNSEC_CHROOT_NICE=y
CONFIG_GRKERNSEC_CHROOT_SYSCTL=y
+CONFIG_GRKERNSEC_CHROOT_RENAME=y
# CONFIG_GRKERNSEC_CHROOT_CAPS is not set
CONFIG_GRKERNSEC_CHROOT_INITRD=y
#
# Automatically generated file; DO NOT EDIT.
-# Linux/x86 3.14.30 Kernel Configuration
+# Linux/x86 3.14.37 Kernel Configuration
#
# CONFIG_64BIT is not set
CONFIG_X86_32=y
CONFIG_PREEMPT_NONE=y
# CONFIG_PREEMPT_VOLUNTARY is not set
# CONFIG_PREEMPT is not set
+CONFIG_X86_UP_APIC_MSI=y
CONFIG_X86_LOCAL_APIC=y
CONFIG_X86_IO_APIC=y
CONFIG_X86_REROUTE_FOR_BROKEN_BOOT_IRQS=y
#
# Memory Debugging
#
-# CONFIG_DEBUG_PAGEALLOC is not set
# CONFIG_DEBUG_OBJECTS is not set
# CONFIG_SLUB_DEBUG_ON is not set
# CONFIG_SLUB_STATS is not set
CONFIG_GRKERNSEC_CHROOT_FINDTASK=y
CONFIG_GRKERNSEC_CHROOT_NICE=y
CONFIG_GRKERNSEC_CHROOT_SYSCTL=y
+CONFIG_GRKERNSEC_CHROOT_RENAME=y
# CONFIG_GRKERNSEC_CHROOT_CAPS is not set
CONFIG_GRKERNSEC_CHROOT_INITRD=y
#
# Automatically generated file; DO NOT EDIT.
-# Linux/x86 3.14.30 Kernel Configuration
+# Linux/x86 3.14.37 Kernel Configuration
#
# CONFIG_64BIT is not set
CONFIG_X86_32=y
CONFIG_PREEMPT_NONE=y
# CONFIG_PREEMPT_VOLUNTARY is not set
# CONFIG_PREEMPT is not set
+CONFIG_X86_UP_APIC_MSI=y
CONFIG_X86_LOCAL_APIC=y
CONFIG_X86_IO_APIC=y
CONFIG_X86_REROUTE_FOR_BROKEN_BOOT_IRQS=y
#
# Memory Debugging
#
-# CONFIG_DEBUG_PAGEALLOC is not set
# CONFIG_DEBUG_OBJECTS is not set
# CONFIG_SLUB_DEBUG_ON is not set
# CONFIG_SLUB_STATS is not set
CONFIG_GRKERNSEC_CHROOT_FINDTASK=y
CONFIG_GRKERNSEC_CHROOT_NICE=y
CONFIG_GRKERNSEC_CHROOT_SYSCTL=y
+CONFIG_GRKERNSEC_CHROOT_RENAME=y
# CONFIG_GRKERNSEC_CHROOT_CAPS is not set
CONFIG_GRKERNSEC_CHROOT_INITRD=y
#usr/lib/libapr-1.la
usr/lib/libapr-1.so
usr/lib/libapr-1.so.0
-usr/lib/libapr-1.so.0.5.0
+usr/lib/libapr-1.so.0.5.1
#usr/lib/libaprutil-1.a
#usr/lib/libaprutil-1.la
usr/lib/libaprutil-1.so
#etc/rc.d/init.d/mysql
#etc/rc.d/init.d/netsnmpd
etc/rc.d/init.d/network
+etc/rc.d/init.d/network-trigger
etc/rc.d/init.d/network-vlans
#etc/rc.d/init.d/networking
etc/rc.d/init.d/networking/any
etc/rc.d/rcsysinit.d/S75firstsetup
etc/rc.d/rcsysinit.d/S80localnet
etc/rc.d/rcsysinit.d/S85firewall
+etc/rc.d/rcsysinit.d/S90network-trigger
etc/rc.d/rcsysinit.d/S91network-vlans
etc/rc.d/rcsysinit.d/S92rngd
etc/rc.d/rc3.d/S15fireinfo
#boot/dtb-KVER-ipfire-multi/imx6dl-sabresd.dtb
#boot/dtb-KVER-ipfire-multi/imx6dl-wandboard.dtb
#boot/dtb-KVER-ipfire-multi/imx6q-arm2.dtb
+#boot/dtb-KVER-ipfire-multi/imx6q-cm-fx6.dtb
#boot/dtb-KVER-ipfire-multi/imx6q-cubox-i.dtb
#boot/dtb-KVER-ipfire-multi/imx6q-gw51xx.dtb
#boot/dtb-KVER-ipfire-multi/imx6q-gw52xx.dtb
#usr/include/curl/multi.h
#usr/include/curl/stdcheaders.h
#usr/include/curl/typecheck-gcc.h
-#usr/include/curl/types.h
#usr/lib/libcurl.a
#usr/lib/libcurl.la
usr/lib/libcurl.so
usr/lib/libcurl.so.4
usr/lib/libcurl.so.4.3.0
#usr/lib/pkgconfig/libcurl.pc
+#usr/share/aclocal/libcurl.m4
#usr/share/man/man1/curl-config.1
#usr/share/man/man1/curl.1
-#usr/share/man/man1/mk-ca-bundle.1
+#usr/share/man/man3/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3
+#usr/share/man/man3/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3
+#usr/share/man/man3/CURLMOPT_MAXCONNECTS.3
+#usr/share/man/man3/CURLMOPT_MAX_HOST_CONNECTIONS.3
+#usr/share/man/man3/CURLMOPT_MAX_PIPELINE_LENGTH.3
+#usr/share/man/man3/CURLMOPT_MAX_TOTAL_CONNECTIONS.3
+#usr/share/man/man3/CURLMOPT_PIPELINING.3
+#usr/share/man/man3/CURLMOPT_PIPELINING_SERVER_BL.3
+#usr/share/man/man3/CURLMOPT_PIPELINING_SITE_BL.3
+#usr/share/man/man3/CURLMOPT_SOCKETDATA.3
+#usr/share/man/man3/CURLMOPT_SOCKETFUNCTION.3
+#usr/share/man/man3/CURLMOPT_TIMERDATA.3
+#usr/share/man/man3/CURLMOPT_TIMERFUNCTION.3
+#usr/share/man/man3/CURLOPT_ACCEPTTIMEOUT_MS.3
+#usr/share/man/man3/CURLOPT_ACCEPT_ENCODING.3
+#usr/share/man/man3/CURLOPT_ADDRESS_SCOPE.3
+#usr/share/man/man3/CURLOPT_APPEND.3
+#usr/share/man/man3/CURLOPT_AUTOREFERER.3
+#usr/share/man/man3/CURLOPT_BUFFERSIZE.3
+#usr/share/man/man3/CURLOPT_CAINFO.3
+#usr/share/man/man3/CURLOPT_CAPATH.3
+#usr/share/man/man3/CURLOPT_CERTINFO.3
+#usr/share/man/man3/CURLOPT_CHUNK_BGN_FUNCTION.3
+#usr/share/man/man3/CURLOPT_CHUNK_DATA.3
+#usr/share/man/man3/CURLOPT_CHUNK_END_FUNCTION.3
+#usr/share/man/man3/CURLOPT_CLOSESOCKETDATA.3
+#usr/share/man/man3/CURLOPT_CLOSESOCKETFUNCTION.3
+#usr/share/man/man3/CURLOPT_CONNECTTIMEOUT.3
+#usr/share/man/man3/CURLOPT_CONNECTTIMEOUT_MS.3
+#usr/share/man/man3/CURLOPT_CONNECT_ONLY.3
+#usr/share/man/man3/CURLOPT_CONV_FROM_NETWORK_FUNCTION.3
+#usr/share/man/man3/CURLOPT_CONV_FROM_UTF8_FUNCTION.3
+#usr/share/man/man3/CURLOPT_CONV_TO_NETWORK_FUNCTION.3
+#usr/share/man/man3/CURLOPT_COOKIE.3
+#usr/share/man/man3/CURLOPT_COOKIEFILE.3
+#usr/share/man/man3/CURLOPT_COOKIEJAR.3
+#usr/share/man/man3/CURLOPT_COOKIELIST.3
+#usr/share/man/man3/CURLOPT_COOKIESESSION.3
+#usr/share/man/man3/CURLOPT_COPYPOSTFIELDS.3
+#usr/share/man/man3/CURLOPT_CRLF.3
+#usr/share/man/man3/CURLOPT_CRLFILE.3
+#usr/share/man/man3/CURLOPT_CUSTOMREQUEST.3
+#usr/share/man/man3/CURLOPT_DEBUGDATA.3
+#usr/share/man/man3/CURLOPT_DEBUGFUNCTION.3
+#usr/share/man/man3/CURLOPT_DIRLISTONLY.3
+#usr/share/man/man3/CURLOPT_DNS_CACHE_TIMEOUT.3
+#usr/share/man/man3/CURLOPT_DNS_INTERFACE.3
+#usr/share/man/man3/CURLOPT_DNS_LOCAL_IP4.3
+#usr/share/man/man3/CURLOPT_DNS_LOCAL_IP6.3
+#usr/share/man/man3/CURLOPT_DNS_SERVERS.3
+#usr/share/man/man3/CURLOPT_DNS_USE_GLOBAL_CACHE.3
+#usr/share/man/man3/CURLOPT_EGDSOCKET.3
+#usr/share/man/man3/CURLOPT_ERRORBUFFER.3
+#usr/share/man/man3/CURLOPT_EXPECT_100_TIMEOUT_MS.3
+#usr/share/man/man3/CURLOPT_FAILONERROR.3
+#usr/share/man/man3/CURLOPT_FILETIME.3
+#usr/share/man/man3/CURLOPT_FNMATCH_DATA.3
+#usr/share/man/man3/CURLOPT_FNMATCH_FUNCTION.3
+#usr/share/man/man3/CURLOPT_FOLLOWLOCATION.3
+#usr/share/man/man3/CURLOPT_FORBID_REUSE.3
+#usr/share/man/man3/CURLOPT_FRESH_CONNECT.3
+#usr/share/man/man3/CURLOPT_FTPPORT.3
+#usr/share/man/man3/CURLOPT_FTPSSLAUTH.3
+#usr/share/man/man3/CURLOPT_FTP_ACCOUNT.3
+#usr/share/man/man3/CURLOPT_FTP_ALTERNATIVE_TO_USER.3
+#usr/share/man/man3/CURLOPT_FTP_CREATE_MISSING_DIRS.3
+#usr/share/man/man3/CURLOPT_FTP_FILEMETHOD.3
+#usr/share/man/man3/CURLOPT_FTP_RESPONSE_TIMEOUT.3
+#usr/share/man/man3/CURLOPT_FTP_SKIP_PASV_IP.3
+#usr/share/man/man3/CURLOPT_FTP_SSL_CCC.3
+#usr/share/man/man3/CURLOPT_FTP_USE_EPRT.3
+#usr/share/man/man3/CURLOPT_FTP_USE_EPSV.3
+#usr/share/man/man3/CURLOPT_FTP_USE_PRET.3
+#usr/share/man/man3/CURLOPT_GSSAPI_DELEGATION.3
+#usr/share/man/man3/CURLOPT_HEADER.3
+#usr/share/man/man3/CURLOPT_HEADERDATA.3
+#usr/share/man/man3/CURLOPT_HEADERFUNCTION.3
+#usr/share/man/man3/CURLOPT_HEADEROPT.3
+#usr/share/man/man3/CURLOPT_HTTP200ALIASES.3
+#usr/share/man/man3/CURLOPT_HTTPAUTH.3
+#usr/share/man/man3/CURLOPT_HTTPGET.3
+#usr/share/man/man3/CURLOPT_HTTPHEADER.3
+#usr/share/man/man3/CURLOPT_HTTPPOST.3
+#usr/share/man/man3/CURLOPT_HTTPPROXYTUNNEL.3
+#usr/share/man/man3/CURLOPT_HTTP_CONTENT_DECODING.3
+#usr/share/man/man3/CURLOPT_HTTP_TRANSFER_DECODING.3
+#usr/share/man/man3/CURLOPT_HTTP_VERSION.3
+#usr/share/man/man3/CURLOPT_IGNORE_CONTENT_LENGTH.3
+#usr/share/man/man3/CURLOPT_INFILESIZE.3
+#usr/share/man/man3/CURLOPT_INFILESIZE_LARGE.3
+#usr/share/man/man3/CURLOPT_INTERFACE.3
+#usr/share/man/man3/CURLOPT_INTERLEAVEDATA.3
+#usr/share/man/man3/CURLOPT_INTERLEAVEFUNCTION.3
+#usr/share/man/man3/CURLOPT_IOCTLDATA.3
+#usr/share/man/man3/CURLOPT_IOCTLFUNCTION.3
+#usr/share/man/man3/CURLOPT_IPRESOLVE.3
+#usr/share/man/man3/CURLOPT_ISSUERCERT.3
+#usr/share/man/man3/CURLOPT_KEYPASSWD.3
+#usr/share/man/man3/CURLOPT_KRBLEVEL.3
+#usr/share/man/man3/CURLOPT_LOCALPORT.3
+#usr/share/man/man3/CURLOPT_LOCALPORTRANGE.3
+#usr/share/man/man3/CURLOPT_LOGIN_OPTIONS.3
+#usr/share/man/man3/CURLOPT_LOW_SPEED_LIMIT.3
+#usr/share/man/man3/CURLOPT_LOW_SPEED_TIME.3
+#usr/share/man/man3/CURLOPT_MAIL_AUTH.3
+#usr/share/man/man3/CURLOPT_MAIL_FROM.3
+#usr/share/man/man3/CURLOPT_MAIL_RCPT.3
+#usr/share/man/man3/CURLOPT_MAXCONNECTS.3
+#usr/share/man/man3/CURLOPT_MAXFILESIZE.3
+#usr/share/man/man3/CURLOPT_MAXFILESIZE_LARGE.3
+#usr/share/man/man3/CURLOPT_MAXREDIRS.3
+#usr/share/man/man3/CURLOPT_MAX_RECV_SPEED_LARGE.3
+#usr/share/man/man3/CURLOPT_MAX_SEND_SPEED_LARGE.3
+#usr/share/man/man3/CURLOPT_NETRC.3
+#usr/share/man/man3/CURLOPT_NETRC_FILE.3
+#usr/share/man/man3/CURLOPT_NEW_DIRECTORY_PERMS.3
+#usr/share/man/man3/CURLOPT_NEW_FILE_PERMS.3
+#usr/share/man/man3/CURLOPT_NOBODY.3
+#usr/share/man/man3/CURLOPT_NOPROGRESS.3
+#usr/share/man/man3/CURLOPT_NOPROXY.3
+#usr/share/man/man3/CURLOPT_NOSIGNAL.3
+#usr/share/man/man3/CURLOPT_OPENSOCKETDATA.3
+#usr/share/man/man3/CURLOPT_OPENSOCKETFUNCTION.3
+#usr/share/man/man3/CURLOPT_PASSWORD.3
+#usr/share/man/man3/CURLOPT_PORT.3
+#usr/share/man/man3/CURLOPT_POST.3
+#usr/share/man/man3/CURLOPT_POSTFIELDS.3
+#usr/share/man/man3/CURLOPT_POSTFIELDSIZE.3
+#usr/share/man/man3/CURLOPT_POSTFIELDSIZE_LARGE.3
+#usr/share/man/man3/CURLOPT_POSTQUOTE.3
+#usr/share/man/man3/CURLOPT_POSTREDIR.3
+#usr/share/man/man3/CURLOPT_PREQUOTE.3
+#usr/share/man/man3/CURLOPT_PRIVATE.3
+#usr/share/man/man3/CURLOPT_PROGRESSDATA.3
+#usr/share/man/man3/CURLOPT_PROGRESSFUNCTION.3
+#usr/share/man/man3/CURLOPT_PROTOCOLS.3
+#usr/share/man/man3/CURLOPT_PROXY.3
+#usr/share/man/man3/CURLOPT_PROXYAUTH.3
+#usr/share/man/man3/CURLOPT_PROXYHEADER.3
+#usr/share/man/man3/CURLOPT_PROXYPASSWORD.3
+#usr/share/man/man3/CURLOPT_PROXYPORT.3
+#usr/share/man/man3/CURLOPT_PROXYTYPE.3
+#usr/share/man/man3/CURLOPT_PROXYUSERNAME.3
+#usr/share/man/man3/CURLOPT_PROXYUSERPWD.3
+#usr/share/man/man3/CURLOPT_PROXY_TRANSFER_MODE.3
+#usr/share/man/man3/CURLOPT_PUT.3
+#usr/share/man/man3/CURLOPT_QUOTE.3
+#usr/share/man/man3/CURLOPT_RANDOM_FILE.3
+#usr/share/man/man3/CURLOPT_RANGE.3
+#usr/share/man/man3/CURLOPT_READDATA.3
+#usr/share/man/man3/CURLOPT_READFUNCTION.3
+#usr/share/man/man3/CURLOPT_REDIR_PROTOCOLS.3
+#usr/share/man/man3/CURLOPT_REFERER.3
+#usr/share/man/man3/CURLOPT_RESOLVE.3
+#usr/share/man/man3/CURLOPT_RESUME_FROM.3
+#usr/share/man/man3/CURLOPT_RESUME_FROM_LARGE.3
+#usr/share/man/man3/CURLOPT_RTSP_CLIENT_CSEQ.3
+#usr/share/man/man3/CURLOPT_RTSP_REQUEST.3
+#usr/share/man/man3/CURLOPT_RTSP_SERVER_CSEQ.3
+#usr/share/man/man3/CURLOPT_RTSP_SESSION_ID.3
+#usr/share/man/man3/CURLOPT_RTSP_STREAM_URI.3
+#usr/share/man/man3/CURLOPT_RTSP_TRANSPORT.3
+#usr/share/man/man3/CURLOPT_SASL_IR.3
+#usr/share/man/man3/CURLOPT_SEEKDATA.3
+#usr/share/man/man3/CURLOPT_SEEKFUNCTION.3
+#usr/share/man/man3/CURLOPT_SHARE.3
+#usr/share/man/man3/CURLOPT_SOCKOPTDATA.3
+#usr/share/man/man3/CURLOPT_SOCKOPTFUNCTION.3
+#usr/share/man/man3/CURLOPT_SOCKS5_GSSAPI_NEC.3
+#usr/share/man/man3/CURLOPT_SOCKS5_GSSAPI_SERVICE.3
+#usr/share/man/man3/CURLOPT_SSH_AUTH_TYPES.3
+#usr/share/man/man3/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.3
+#usr/share/man/man3/CURLOPT_SSH_KEYDATA.3
+#usr/share/man/man3/CURLOPT_SSH_KEYFUNCTION.3
+#usr/share/man/man3/CURLOPT_SSH_KNOWNHOSTS.3
+#usr/share/man/man3/CURLOPT_SSH_PRIVATE_KEYFILE.3
+#usr/share/man/man3/CURLOPT_SSH_PUBLIC_KEYFILE.3
+#usr/share/man/man3/CURLOPT_SSLCERT.3
+#usr/share/man/man3/CURLOPT_SSLCERTTYPE.3
+#usr/share/man/man3/CURLOPT_SSLENGINE.3
+#usr/share/man/man3/CURLOPT_SSLENGINE_DEFAULT.3
+#usr/share/man/man3/CURLOPT_SSLKEY.3
+#usr/share/man/man3/CURLOPT_SSLKEYTYPE.3
+#usr/share/man/man3/CURLOPT_SSLVERSION.3
+#usr/share/man/man3/CURLOPT_SSL_CIPHER_LIST.3
+#usr/share/man/man3/CURLOPT_SSL_CTX_DATA.3
+#usr/share/man/man3/CURLOPT_SSL_CTX_FUNCTION.3
+#usr/share/man/man3/CURLOPT_SSL_ENABLE_ALPN.3
+#usr/share/man/man3/CURLOPT_SSL_ENABLE_NPN.3
+#usr/share/man/man3/CURLOPT_SSL_OPTIONS.3
+#usr/share/man/man3/CURLOPT_SSL_SESSIONID_CACHE.3
+#usr/share/man/man3/CURLOPT_SSL_VERIFYHOST.3
+#usr/share/man/man3/CURLOPT_SSL_VERIFYPEER.3
+#usr/share/man/man3/CURLOPT_STDERR.3
+#usr/share/man/man3/CURLOPT_TCP_KEEPALIVE.3
+#usr/share/man/man3/CURLOPT_TCP_KEEPIDLE.3
+#usr/share/man/man3/CURLOPT_TCP_KEEPINTVL.3
+#usr/share/man/man3/CURLOPT_TCP_NODELAY.3
+#usr/share/man/man3/CURLOPT_TELNETOPTIONS.3
+#usr/share/man/man3/CURLOPT_TFTP_BLKSIZE.3
+#usr/share/man/man3/CURLOPT_TIMECONDITION.3
+#usr/share/man/man3/CURLOPT_TIMEOUT.3
+#usr/share/man/man3/CURLOPT_TIMEOUT_MS.3
+#usr/share/man/man3/CURLOPT_TIMEVALUE.3
+#usr/share/man/man3/CURLOPT_TLSAUTH_PASSWORD.3
+#usr/share/man/man3/CURLOPT_TLSAUTH_TYPE.3
+#usr/share/man/man3/CURLOPT_TLSAUTH_USERNAME.3
+#usr/share/man/man3/CURLOPT_TRANSFERTEXT.3
+#usr/share/man/man3/CURLOPT_TRANSFER_ENCODING.3
+#usr/share/man/man3/CURLOPT_UNIX_SOCKET_PATH.3
+#usr/share/man/man3/CURLOPT_UNRESTRICTED_AUTH.3
+#usr/share/man/man3/CURLOPT_UPLOAD.3
+#usr/share/man/man3/CURLOPT_URL.3
+#usr/share/man/man3/CURLOPT_USERAGENT.3
+#usr/share/man/man3/CURLOPT_USERNAME.3
+#usr/share/man/man3/CURLOPT_USERPWD.3
+#usr/share/man/man3/CURLOPT_USE_SSL.3
+#usr/share/man/man3/CURLOPT_VERBOSE.3
+#usr/share/man/man3/CURLOPT_WILDCARDMATCH.3
+#usr/share/man/man3/CURLOPT_WRITEDATA.3
+#usr/share/man/man3/CURLOPT_WRITEFUNCTION.3
+#usr/share/man/man3/CURLOPT_XFERINFODATA.3
+#usr/share/man/man3/CURLOPT_XFERINFOFUNCTION.3
+#usr/share/man/man3/CURLOPT_XOAUTH2_BEARER.3
#usr/share/man/man3/curl_easy_cleanup.3
#usr/share/man/man3/curl_easy_duphandle.3
#usr/share/man/man3/curl_easy_escape.3
-etc/rc.d/init.d/cyrus-sasl
#usr/include/sasl
#usr/include/sasl/hmac-md5.h
#usr/include/sasl/md5.h
#usr/include/sasl/saslutil.h
#usr/lib/libsasl2.la
usr/lib/libsasl2.so
-usr/lib/libsasl2.so.2
-usr/lib/libsasl2.so.2.0.21
+usr/lib/libsasl2.so.3
+usr/lib/libsasl2.so.3.0.0
+#usr/lib/pkgconfig/libsasl2.pc
#usr/lib/sasl2
#usr/lib/sasl2/libanonymous.la
usr/lib/sasl2/libanonymous.so
-usr/lib/sasl2/libanonymous.so.2
-usr/lib/sasl2/libanonymous.so.2.0.21
+usr/lib/sasl2/libanonymous.so.3
+usr/lib/sasl2/libanonymous.so.3.0.0
#usr/lib/sasl2/libcrammd5.la
usr/lib/sasl2/libcrammd5.so
-usr/lib/sasl2/libcrammd5.so.2
-usr/lib/sasl2/libcrammd5.so.2.0.21
+usr/lib/sasl2/libcrammd5.so.3
+usr/lib/sasl2/libcrammd5.so.3.0.0
#usr/lib/sasl2/libdigestmd5.la
usr/lib/sasl2/libdigestmd5.so
-usr/lib/sasl2/libdigestmd5.so.2
-usr/lib/sasl2/libdigestmd5.so.2.0.21
+usr/lib/sasl2/libdigestmd5.so.3
+usr/lib/sasl2/libdigestmd5.so.3.0.0
#usr/lib/sasl2/libotp.la
usr/lib/sasl2/libotp.so
-usr/lib/sasl2/libotp.so.2
-usr/lib/sasl2/libotp.so.2.0.21
+usr/lib/sasl2/libotp.so.3
+usr/lib/sasl2/libotp.so.3.0.0
#usr/lib/sasl2/libplain.la
usr/lib/sasl2/libplain.so
-usr/lib/sasl2/libplain.so.2
-usr/lib/sasl2/libplain.so.2.0.21
+usr/lib/sasl2/libplain.so.3
+usr/lib/sasl2/libplain.so.3.0.0
#usr/lib/sasl2/libsasldb.la
usr/lib/sasl2/libsasldb.so
-usr/lib/sasl2/libsasldb.so.2
-usr/lib/sasl2/libsasldb.so.2.0.21
+usr/lib/sasl2/libsasldb.so.3
+usr/lib/sasl2/libsasldb.so.3.0.0
+#usr/lib/sasl2/libscram.la
+usr/lib/sasl2/libscram.so
+usr/lib/sasl2/libscram.so.3
+usr/lib/sasl2/libscram.so.3.0.0
usr/lib/sasl2/smtpd.conf
-#usr/man/cat8
-#usr/man/cat8/saslauthd.8
+usr/sbin/pluginviewer
usr/sbin/saslauthd
usr/sbin/sasldblistusers2
usr/sbin/saslpasswd2
+usr/sbin/testsaslauthd
#usr/share/man/man3/sasl.3
#usr/share/man/man3/sasl_authorize_t.3
#usr/share/man/man3/sasl_auxprop.3
#usr/share/man/man3/sasl_errdetail.3
#usr/share/man/man3/sasl_errors.3
#usr/share/man/man3/sasl_errstring.3
+#usr/share/man/man3/sasl_getconfpath_t.3
#usr/share/man/man3/sasl_getopt_t.3
#usr/share/man/man3/sasl_getpath_t.3
#usr/share/man/man3/sasl_getprop.3
#usr/share/man/man3/sasl_setprop.3
#usr/share/man/man3/sasl_user_exists.3
#usr/share/man/man3/sasl_verifyfile_t.3
+#usr/share/man/man8/pluginviewer.8
+#usr/share/man/man8/saslauthd.8
#usr/share/man/man8/sasldblistusers2.8
#usr/share/man/man8/saslpasswd2.8
var/lib/sasl
+etc/rc.d/init.d/cyrus-sasl
#etc/dhcp
-#etc/dhcp/dhclient.conf
+#etc/dhcp/dhclient.conf.example
etc/dhcp/dhcpd.conf
+#etc/dhcp/dhcpd.conf.example
#usr/bin/omshell
#usr/include/dhcpctl
#usr/include/dhcpctl/dhcpctl.h
+#lib/dhcpcd
+#lib/dhcpcd/dev
+#lib/dhcpcd/dev/udev.so
sbin/dhcpcd
#usr/share/man/man5/dhcpcd.conf.5
#usr/share/man/man8/dhcpcd-run-hooks.8
#var/ipfire/dhcpc/dhcpcd-hooks/01-test
#var/ipfire/dhcpc/dhcpcd-hooks/02-dump
#var/ipfire/dhcpc/dhcpcd-hooks/10-mtu
+#var/ipfire/dhcpc/dhcpcd-hooks/10-wpa_supplicant
+#var/ipfire/dhcpc/dhcpcd-hooks/15-timezone
#var/ipfire/dhcpc/dhcpcd-hooks/29-lookup-hostname
#var/ipfire/dhcpc/dhcpcd-hooks/30-hostname
#var/ipfire/dhcpc/dhcpcd-hooks/70-dhcpcd.exe
#usr/lib/libexpat.la
usr/lib/libexpat.so
usr/lib/libexpat.so.1
-usr/lib/libexpat.so.1.5.0
-#usr/man/man1/xmlwf.1
-#usr/share/doc/expat-2.0.0
-#usr/share/doc/expat-2.0.0/expat.png
-#usr/share/doc/expat-2.0.0/reference.html
-#usr/share/doc/expat-2.0.0/style.css
-#usr/share/doc/expat-2.0.0/valid-xhtml10.png
+usr/lib/libexpat.so.1.6.0
+#usr/lib/pkgconfig/expat.pc
+#usr/share/doc/expat-2.1.0
+#usr/share/doc/expat-2.1.0/expat.png
+#usr/share/doc/expat-2.1.0/reference.html
+#usr/share/doc/expat-2.1.0/style.css
+#usr/share/doc/expat-2.1.0/valid-xhtml10.png
+#usr/share/man/man1/xmlwf.1
#usr/bin/eqn2graph
#usr/bin/gdiffmk
#usr/bin/geqn
+#usr/bin/glilypond
+#usr/bin/gperl
+#usr/bin/gpinyin
#usr/bin/grap2graph
#usr/bin/grn
#usr/bin/grodvi
#usr/bin/grog
#usr/bin/grolbp
#usr/bin/grolj4
+#usr/bin/gropdf
#usr/bin/grops
#usr/bin/grotty
#usr/bin/gtbl
#usr/bin/mmroff
#usr/bin/neqn
#usr/bin/nroff
+#usr/bin/pdfmom
#usr/bin/pdfroff
#usr/bin/pfbtops
#usr/bin/pic
#usr/bin/tfmtodit
#usr/bin/troff
#usr/lib/groff
+#usr/lib/groff/glilypond
+#usr/lib/groff/glilypond/args.pl
+#usr/lib/groff/glilypond/oop_fh.pl
+#usr/lib/groff/glilypond/subs.pl
+#usr/lib/groff/gpinyin
+#usr/lib/groff/gpinyin/subs.pl
+#usr/lib/groff/groff_opts_no_arg.txt
+#usr/lib/groff/groff_opts_with_arg.txt
#usr/lib/groff/groffer
-#usr/lib/groff/groffer/func.pl
+#usr/lib/groff/groffer/main_subs.pl
#usr/lib/groff/groffer/man.pl
-#usr/lib/groff/groffer/perl_test.pl
#usr/lib/groff/groffer/split_env.sh
+#usr/lib/groff/groffer/subs.pl
#usr/lib/groff/groffer/version.sh
+#usr/lib/groff/grog
+#usr/lib/groff/grog/subs.pl
+#usr/lib/groff/refer
#usr/lib/groff/site-tmac
-#usr/share/doc/groff-1.21
-#usr/share/doc/groff-1.21/examples
-#usr/share/doc/groff-1.21/examples/chem
-#usr/share/doc/groff-1.21/examples/chem/122
-#usr/share/doc/groff-1.21/examples/chem/122/README
-#usr/share/doc/groff-1.21/examples/chem/122/ch2a_ethyl.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch2b_benzene.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch2c_benzene_right.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4a_stick.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4b_methyl_acetate.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4c_colon.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4d_HCl.H2O.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4e_CaSO4.2H2O.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4f_C.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4g_BP.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4h_methacrylate.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4i_cyclo.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4j_ring4.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4k_ring3.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4l_vertex.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4m_double.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4n_triple.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4o_aromatic.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4p_cholestanol.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4q_rings.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4r_spiro.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4s_heteroatoms.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4t_polycyclic.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4u_nicotine.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4v_histidine.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4w_lsd.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4x_anisole.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4y_reserpine.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4z1_eqn_glutamic.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4z2_text.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch5a_size.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch6a_pic.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch6b_dna.chem
-#usr/share/doc/groff-1.21/examples/chem/122/chAa_polymer.chem
-#usr/share/doc/groff-1.21/examples/chem/122/chAb_vinyl_chloro.chem
-#usr/share/doc/groff-1.21/examples/chem/122/chAc_morphine.chem
-#usr/share/doc/groff-1.21/examples/chem/122/chAd_chlorophyll.chem
-#usr/share/doc/groff-1.21/examples/chem/122/chAe_chair.chem
-#usr/share/doc/groff-1.21/examples/chem/122/chAf_arrow.chem
-#usr/share/doc/groff-1.21/examples/chem/122/chAg_circle.chem
-#usr/share/doc/groff-1.21/examples/chem/122/chAh_brackets.chem
-#usr/share/doc/groff-1.21/examples/chem/122/chAi_poly_vinyl_chloride.chem
-#usr/share/doc/groff-1.21/examples/chem/122/chBa_jump.chem
-#usr/share/doc/groff-1.21/examples/chem/122/chBb_bonds.chem
-#usr/share/doc/groff-1.21/examples/chem/122/chBc_rings.chem
-#usr/share/doc/groff-1.21/examples/chem/README
-#usr/share/doc/groff-1.21/examples/chem/atp.chem
-#usr/share/doc/groff-1.21/examples/chem/cholesterin.chem
-#usr/share/doc/groff-1.21/examples/chem/ethamivan.chem
-#usr/share/doc/groff-1.21/examples/chem/lsd.chem
-#usr/share/doc/groff-1.21/examples/chem/morphine.chem
-#usr/share/doc/groff-1.21/examples/chem/penicillin.chem
-#usr/share/doc/groff-1.21/examples/chem/reserpine.chem
-#usr/share/doc/groff-1.21/examples/gnu.eps
-#usr/share/doc/groff-1.21/examples/grnexmpl.g
-#usr/share/doc/groff-1.21/examples/grnexmpl.me
-#usr/share/doc/groff-1.21/examples/grnexmpl.ps
-#usr/share/doc/groff-1.21/examples/groff.css
-#usr/share/doc/groff-1.21/examples/hdtbl
-#usr/share/doc/groff-1.21/examples/hdtbl/chess_board.ps
-#usr/share/doc/groff-1.21/examples/hdtbl/chess_board.roff
-#usr/share/doc/groff-1.21/examples/hdtbl/col_rowspan_colors.ps
-#usr/share/doc/groff-1.21/examples/hdtbl/col_rowspan_colors.roff
-#usr/share/doc/groff-1.21/examples/hdtbl/color_boxes.ps
-#usr/share/doc/groff-1.21/examples/hdtbl/color_boxes.roff
-#usr/share/doc/groff-1.21/examples/hdtbl/color_nested_tables.ps
-#usr/share/doc/groff-1.21/examples/hdtbl/color_nested_tables.roff
-#usr/share/doc/groff-1.21/examples/hdtbl/color_table_cells.ps
-#usr/share/doc/groff-1.21/examples/hdtbl/color_table_cells.roff
-#usr/share/doc/groff-1.21/examples/hdtbl/color_transitions.ps
-#usr/share/doc/groff-1.21/examples/hdtbl/color_transitions.roff
-#usr/share/doc/groff-1.21/examples/hdtbl/common.roff
-#usr/share/doc/groff-1.21/examples/hdtbl/fonts_n.ps
-#usr/share/doc/groff-1.21/examples/hdtbl/fonts_n.roff
-#usr/share/doc/groff-1.21/examples/hdtbl/fonts_x.ps
-#usr/share/doc/groff-1.21/examples/hdtbl/fonts_x.roff
-#usr/share/doc/groff-1.21/examples/hdtbl/gnu.eps
-#usr/share/doc/groff-1.21/examples/hdtbl/mixed_pickles.ps
-#usr/share/doc/groff-1.21/examples/hdtbl/mixed_pickles.roff
-#usr/share/doc/groff-1.21/examples/hdtbl/rainbow.ps
-#usr/share/doc/groff-1.21/examples/hdtbl/rainbow.roff
-#usr/share/doc/groff-1.21/examples/hdtbl/short_reference.ps
-#usr/share/doc/groff-1.21/examples/hdtbl/short_reference.roff
-#usr/share/doc/groff-1.21/examples/mom
-#usr/share/doc/groff-1.21/examples/mom/README.txt
-#usr/share/doc/groff-1.21/examples/mom/elvis_syntax
-#usr/share/doc/groff-1.21/examples/mom/elvis_syntax.new
-#usr/share/doc/groff-1.21/examples/mom/letter.mom
-#usr/share/doc/groff-1.21/examples/mom/letter.ps
-#usr/share/doc/groff-1.21/examples/mom/penguin.ps
-#usr/share/doc/groff-1.21/examples/mom/sample_docs.mom
-#usr/share/doc/groff-1.21/examples/mom/sample_docs.ps
-#usr/share/doc/groff-1.21/examples/mom/typesetting.mom
-#usr/share/doc/groff-1.21/examples/mom/typesetting.ps
-#usr/share/doc/groff-1.21/examples/webpage.ms
-#usr/share/doc/groff-1.21/examples/webpage.ps
-#usr/share/doc/groff-1.21/html
-#usr/share/doc/groff-1.21/html/mom
-#usr/share/doc/groff-1.21/html/mom/appendices.html
-#usr/share/doc/groff-1.21/html/mom/color.html
-#usr/share/doc/groff-1.21/html/mom/cover.html
-#usr/share/doc/groff-1.21/html/mom/definitions.html
-#usr/share/doc/groff-1.21/html/mom/docelement.html
-#usr/share/doc/groff-1.21/html/mom/docprocessing.html
-#usr/share/doc/groff-1.21/html/mom/goodies.html
-#usr/share/doc/groff-1.21/html/mom/graphical.html
-#usr/share/doc/groff-1.21/html/mom/headfootpage.html
-#usr/share/doc/groff-1.21/html/mom/images.html
-#usr/share/doc/groff-1.21/html/mom/inlines.html
-#usr/share/doc/groff-1.21/html/mom/intro.html
-#usr/share/doc/groff-1.21/html/mom/letters.html
-#usr/share/doc/groff-1.21/html/mom/macrolist.html
-#usr/share/doc/groff-1.21/html/mom/rectoverso.html
-#usr/share/doc/groff-1.21/html/mom/refer.html
-#usr/share/doc/groff-1.21/html/mom/reserved.html
-#usr/share/doc/groff-1.21/html/mom/stylesheet.css
-#usr/share/doc/groff-1.21/html/mom/tables-of-contents.html
-#usr/share/doc/groff-1.21/html/mom/toc.html
-#usr/share/doc/groff-1.21/html/mom/typesetting.html
-#usr/share/doc/groff-1.21/html/mom/using.html
-#usr/share/doc/groff-1.21/meintro.me
-#usr/share/doc/groff-1.21/meintro.ps
-#usr/share/doc/groff-1.21/meref.me
-#usr/share/doc/groff-1.21/meref.ps
-#usr/share/doc/groff-1.21/pic.ms
-#usr/share/doc/groff-1.21/pic.ps
+#usr/share/doc/groff-1.22.3
+#usr/share/doc/groff-1.22.3/examples
+#usr/share/doc/groff-1.22.3/examples/chem
+#usr/share/doc/groff-1.22.3/examples/chem/122
+#usr/share/doc/groff-1.22.3/examples/chem/122/README
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch2a_ethyl.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch2b_benzene.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch2c_benzene_right.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4a_stick.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4b_methyl_acetate.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4c_colon.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4d_HCl.H2O.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4e_CaSO4.2H2O.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4f_C.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4g_BP.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4h_methacrylate.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4i_cyclo.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4j_ring4.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4k_ring3.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4l_vertex.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4m_double.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4n_triple.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4o_aromatic.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4p_cholestanol.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4q_rings.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4r_spiro.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4s_heteroatoms.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4t_polycyclic.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4u_nicotine.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4v_histidine.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4w_lsd.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4x_anisole.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4y_reserpine.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4z1_eqn_glutamic.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4z2_text.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch5a_size.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch6a_pic.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch6b_dna.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/chAa_polymer.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/chAb_vinyl_chloro.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/chAc_morphine.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/chAd_chlorophyll.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/chAe_chair.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/chAf_arrow.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/chAg_circle.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/chAh_brackets.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/chAi_poly_vinyl_chloride.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/chBa_jump.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/chBb_bonds.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/chBc_rings.chem
+#usr/share/doc/groff-1.22.3/examples/chem/README
+#usr/share/doc/groff-1.22.3/examples/chem/atp.chem
+#usr/share/doc/groff-1.22.3/examples/chem/cholesterin.chem
+#usr/share/doc/groff-1.22.3/examples/chem/ethamivan.chem
+#usr/share/doc/groff-1.22.3/examples/chem/lsd.chem
+#usr/share/doc/groff-1.22.3/examples/chem/morphine.chem
+#usr/share/doc/groff-1.22.3/examples/chem/penicillin.chem
+#usr/share/doc/groff-1.22.3/examples/chem/reserpine.chem
+#usr/share/doc/groff-1.22.3/examples/gnu.eps
+#usr/share/doc/groff-1.22.3/examples/grnexmpl.g
+#usr/share/doc/groff-1.22.3/examples/grnexmpl.me
+#usr/share/doc/groff-1.22.3/examples/grnexmpl.ps
+#usr/share/doc/groff-1.22.3/examples/groff.css
+#usr/share/doc/groff-1.22.3/examples/hdtbl
+#usr/share/doc/groff-1.22.3/examples/hdtbl/chess_board.ps
+#usr/share/doc/groff-1.22.3/examples/hdtbl/chess_board.roff
+#usr/share/doc/groff-1.22.3/examples/hdtbl/col_rowspan_colors.ps
+#usr/share/doc/groff-1.22.3/examples/hdtbl/col_rowspan_colors.roff
+#usr/share/doc/groff-1.22.3/examples/hdtbl/color_boxes.ps
+#usr/share/doc/groff-1.22.3/examples/hdtbl/color_boxes.roff
+#usr/share/doc/groff-1.22.3/examples/hdtbl/color_nested_tables.ps
+#usr/share/doc/groff-1.22.3/examples/hdtbl/color_nested_tables.roff
+#usr/share/doc/groff-1.22.3/examples/hdtbl/color_table_cells.ps
+#usr/share/doc/groff-1.22.3/examples/hdtbl/color_table_cells.roff
+#usr/share/doc/groff-1.22.3/examples/hdtbl/color_transitions.ps
+#usr/share/doc/groff-1.22.3/examples/hdtbl/color_transitions.roff
+#usr/share/doc/groff-1.22.3/examples/hdtbl/common.roff
+#usr/share/doc/groff-1.22.3/examples/hdtbl/fonts_n.ps
+#usr/share/doc/groff-1.22.3/examples/hdtbl/fonts_n.roff
+#usr/share/doc/groff-1.22.3/examples/hdtbl/fonts_x.ps
+#usr/share/doc/groff-1.22.3/examples/hdtbl/fonts_x.roff
+#usr/share/doc/groff-1.22.3/examples/hdtbl/gnu.eps
+#usr/share/doc/groff-1.22.3/examples/hdtbl/mixed_pickles.ps
+#usr/share/doc/groff-1.22.3/examples/hdtbl/mixed_pickles.roff
+#usr/share/doc/groff-1.22.3/examples/hdtbl/rainbow.ps
+#usr/share/doc/groff-1.22.3/examples/hdtbl/rainbow.roff
+#usr/share/doc/groff-1.22.3/examples/hdtbl/short_reference.ps
+#usr/share/doc/groff-1.22.3/examples/hdtbl/short_reference.roff
+#usr/share/doc/groff-1.22.3/examples/mom
+#usr/share/doc/groff-1.22.3/examples/mom/README.txt
+#usr/share/doc/groff-1.22.3/examples/mom/elvis_syntax
+#usr/share/doc/groff-1.22.3/examples/mom/elvis_syntax.new
+#usr/share/doc/groff-1.22.3/examples/mom/letter.mom
+#usr/share/doc/groff-1.22.3/examples/mom/mom-pdf.mom
+#usr/share/doc/groff-1.22.3/examples/mom/mom.vim
+#usr/share/doc/groff-1.22.3/examples/mom/penguin.pdf
+#usr/share/doc/groff-1.22.3/examples/mom/penguin.ps
+#usr/share/doc/groff-1.22.3/examples/mom/sample_docs.mom
+#usr/share/doc/groff-1.22.3/examples/mom/typesetting.mom
+#usr/share/doc/groff-1.22.3/examples/webpage.ms
+#usr/share/doc/groff-1.22.3/examples/webpage.ps
+#usr/share/doc/groff-1.22.3/html
+#usr/share/doc/groff-1.22.3/html/mom
+#usr/share/doc/groff-1.22.3/html/mom/appendices.html
+#usr/share/doc/groff-1.22.3/html/mom/color.html
+#usr/share/doc/groff-1.22.3/html/mom/cover.html
+#usr/share/doc/groff-1.22.3/html/mom/definitions.html
+#usr/share/doc/groff-1.22.3/html/mom/docelement.html
+#usr/share/doc/groff-1.22.3/html/mom/docprocessing.html
+#usr/share/doc/groff-1.22.3/html/mom/goodies.html
+#usr/share/doc/groff-1.22.3/html/mom/graphical.html
+#usr/share/doc/groff-1.22.3/html/mom/headfootpage.html
+#usr/share/doc/groff-1.22.3/html/mom/images.html
+#usr/share/doc/groff-1.22.3/html/mom/inlines.html
+#usr/share/doc/groff-1.22.3/html/mom/intro.html
+#usr/share/doc/groff-1.22.3/html/mom/letters.html
+#usr/share/doc/groff-1.22.3/html/mom/macrolist.html
+#usr/share/doc/groff-1.22.3/html/mom/rectoverso.html
+#usr/share/doc/groff-1.22.3/html/mom/refer.html
+#usr/share/doc/groff-1.22.3/html/mom/reserved.html
+#usr/share/doc/groff-1.22.3/html/mom/stylesheet.css
+#usr/share/doc/groff-1.22.3/html/mom/tables-of-contents.html
+#usr/share/doc/groff-1.22.3/html/mom/toc.html
+#usr/share/doc/groff-1.22.3/html/mom/typesetting.html
+#usr/share/doc/groff-1.22.3/html/mom/using.html
+#usr/share/doc/groff-1.22.3/html/mom/version-2.html
+#usr/share/doc/groff-1.22.3/meintro.me
+#usr/share/doc/groff-1.22.3/meintro.ps
+#usr/share/doc/groff-1.22.3/meintro_fr.me
+#usr/share/doc/groff-1.22.3/meintro_fr.ps
+#usr/share/doc/groff-1.22.3/meref.me
+#usr/share/doc/groff-1.22.3/meref.ps
+#usr/share/doc/groff-1.22.3/pic.ms
+#usr/share/doc/groff-1.22.3/pic.ps
#usr/share/groff
-#usr/share/groff/1.21
-#usr/share/groff/1.21/eign
-#usr/share/groff/1.21/font
-#usr/share/groff/1.21/font/devascii
-#usr/share/groff/1.21/font/devascii/B
-#usr/share/groff/1.21/font/devascii/BI
-#usr/share/groff/1.21/font/devascii/DESC
-#usr/share/groff/1.21/font/devascii/I
-#usr/share/groff/1.21/font/devascii/R
-#usr/share/groff/1.21/font/devdvi
-#usr/share/groff/1.21/font/devdvi/CW
-#usr/share/groff/1.21/font/devdvi/CWEC
-#usr/share/groff/1.21/font/devdvi/CWI
-#usr/share/groff/1.21/font/devdvi/CWIEC
-#usr/share/groff/1.21/font/devdvi/CWITC
-#usr/share/groff/1.21/font/devdvi/CWTC
-#usr/share/groff/1.21/font/devdvi/DESC
-#usr/share/groff/1.21/font/devdvi/EX
-#usr/share/groff/1.21/font/devdvi/HB
-#usr/share/groff/1.21/font/devdvi/HBEC
-#usr/share/groff/1.21/font/devdvi/HBI
-#usr/share/groff/1.21/font/devdvi/HBIEC
-#usr/share/groff/1.21/font/devdvi/HBITC
-#usr/share/groff/1.21/font/devdvi/HBTC
-#usr/share/groff/1.21/font/devdvi/HI
-#usr/share/groff/1.21/font/devdvi/HIEC
-#usr/share/groff/1.21/font/devdvi/HITC
-#usr/share/groff/1.21/font/devdvi/HR
-#usr/share/groff/1.21/font/devdvi/HREC
-#usr/share/groff/1.21/font/devdvi/HRTC
-#usr/share/groff/1.21/font/devdvi/MI
-#usr/share/groff/1.21/font/devdvi/S
-#usr/share/groff/1.21/font/devdvi/SA
-#usr/share/groff/1.21/font/devdvi/SB
-#usr/share/groff/1.21/font/devdvi/SC
-#usr/share/groff/1.21/font/devdvi/TB
-#usr/share/groff/1.21/font/devdvi/TBEC
-#usr/share/groff/1.21/font/devdvi/TBI
-#usr/share/groff/1.21/font/devdvi/TBIEC
-#usr/share/groff/1.21/font/devdvi/TBITC
-#usr/share/groff/1.21/font/devdvi/TBTC
-#usr/share/groff/1.21/font/devdvi/TI
-#usr/share/groff/1.21/font/devdvi/TIEC
-#usr/share/groff/1.21/font/devdvi/TITC
-#usr/share/groff/1.21/font/devdvi/TR
-#usr/share/groff/1.21/font/devdvi/TREC
-#usr/share/groff/1.21/font/devdvi/TRTC
-#usr/share/groff/1.21/font/devdvi/generate
-#usr/share/groff/1.21/font/devdvi/generate/CompileFonts
-#usr/share/groff/1.21/font/devdvi/generate/Makefile
-#usr/share/groff/1.21/font/devdvi/generate/ec.map
-#usr/share/groff/1.21/font/devdvi/generate/msam.map
-#usr/share/groff/1.21/font/devdvi/generate/msbm.map
-#usr/share/groff/1.21/font/devdvi/generate/tc.map
-#usr/share/groff/1.21/font/devdvi/generate/texb.map
-#usr/share/groff/1.21/font/devdvi/generate/texex.map
-#usr/share/groff/1.21/font/devdvi/generate/texi.map
-#usr/share/groff/1.21/font/devdvi/generate/texmi.map
-#usr/share/groff/1.21/font/devdvi/generate/texr.map
-#usr/share/groff/1.21/font/devdvi/generate/texsy.map
-#usr/share/groff/1.21/font/devdvi/generate/textex.map
-#usr/share/groff/1.21/font/devdvi/generate/textt.map
-#usr/share/groff/1.21/font/devhtml
-#usr/share/groff/1.21/font/devhtml/B
-#usr/share/groff/1.21/font/devhtml/BI
-#usr/share/groff/1.21/font/devhtml/CB
-#usr/share/groff/1.21/font/devhtml/CBI
-#usr/share/groff/1.21/font/devhtml/CI
-#usr/share/groff/1.21/font/devhtml/CR
-#usr/share/groff/1.21/font/devhtml/DESC
-#usr/share/groff/1.21/font/devhtml/I
-#usr/share/groff/1.21/font/devhtml/R
-#usr/share/groff/1.21/font/devhtml/S
-#usr/share/groff/1.21/font/devlatin1
-#usr/share/groff/1.21/font/devlatin1/B
-#usr/share/groff/1.21/font/devlatin1/BI
-#usr/share/groff/1.21/font/devlatin1/DESC
-#usr/share/groff/1.21/font/devlatin1/I
-#usr/share/groff/1.21/font/devlatin1/R
-#usr/share/groff/1.21/font/devlbp
-#usr/share/groff/1.21/font/devlbp/CB
-#usr/share/groff/1.21/font/devlbp/CI
-#usr/share/groff/1.21/font/devlbp/CR
-#usr/share/groff/1.21/font/devlbp/DESC
-#usr/share/groff/1.21/font/devlbp/EB
-#usr/share/groff/1.21/font/devlbp/EI
-#usr/share/groff/1.21/font/devlbp/ER
-#usr/share/groff/1.21/font/devlbp/HB
-#usr/share/groff/1.21/font/devlbp/HBI
-#usr/share/groff/1.21/font/devlbp/HI
-#usr/share/groff/1.21/font/devlbp/HNB
-#usr/share/groff/1.21/font/devlbp/HNBI
-#usr/share/groff/1.21/font/devlbp/HNI
-#usr/share/groff/1.21/font/devlbp/HNR
-#usr/share/groff/1.21/font/devlbp/HR
-#usr/share/groff/1.21/font/devlbp/TB
-#usr/share/groff/1.21/font/devlbp/TBI
-#usr/share/groff/1.21/font/devlbp/TI
-#usr/share/groff/1.21/font/devlbp/TR
-#usr/share/groff/1.21/font/devlj4
-#usr/share/groff/1.21/font/devlj4/AB
-#usr/share/groff/1.21/font/devlj4/ABI
-#usr/share/groff/1.21/font/devlj4/AI
-#usr/share/groff/1.21/font/devlj4/ALBB
-#usr/share/groff/1.21/font/devlj4/ALBR
-#usr/share/groff/1.21/font/devlj4/AOB
-#usr/share/groff/1.21/font/devlj4/AOI
-#usr/share/groff/1.21/font/devlj4/AOR
-#usr/share/groff/1.21/font/devlj4/AR
-#usr/share/groff/1.21/font/devlj4/CB
-#usr/share/groff/1.21/font/devlj4/CBI
-#usr/share/groff/1.21/font/devlj4/CI
-#usr/share/groff/1.21/font/devlj4/CLARENDON
-#usr/share/groff/1.21/font/devlj4/CORONET
-#usr/share/groff/1.21/font/devlj4/CR
-#usr/share/groff/1.21/font/devlj4/DESC
-#usr/share/groff/1.21/font/devlj4/GB
-#usr/share/groff/1.21/font/devlj4/GBI
-#usr/share/groff/1.21/font/devlj4/GI
-#usr/share/groff/1.21/font/devlj4/GR
-#usr/share/groff/1.21/font/devlj4/LGB
-#usr/share/groff/1.21/font/devlj4/LGI
-#usr/share/groff/1.21/font/devlj4/LGR
-#usr/share/groff/1.21/font/devlj4/MARIGOLD
-#usr/share/groff/1.21/font/devlj4/OB
-#usr/share/groff/1.21/font/devlj4/OBI
-#usr/share/groff/1.21/font/devlj4/OI
-#usr/share/groff/1.21/font/devlj4/OR
-#usr/share/groff/1.21/font/devlj4/S
-#usr/share/groff/1.21/font/devlj4/SYMBOL
-#usr/share/groff/1.21/font/devlj4/TB
-#usr/share/groff/1.21/font/devlj4/TBI
-#usr/share/groff/1.21/font/devlj4/TI
-#usr/share/groff/1.21/font/devlj4/TNRB
-#usr/share/groff/1.21/font/devlj4/TNRBI
-#usr/share/groff/1.21/font/devlj4/TNRI
-#usr/share/groff/1.21/font/devlj4/TNRR
-#usr/share/groff/1.21/font/devlj4/TR
-#usr/share/groff/1.21/font/devlj4/UB
-#usr/share/groff/1.21/font/devlj4/UBI
-#usr/share/groff/1.21/font/devlj4/UCB
-#usr/share/groff/1.21/font/devlj4/UCBI
-#usr/share/groff/1.21/font/devlj4/UCI
-#usr/share/groff/1.21/font/devlj4/UCR
-#usr/share/groff/1.21/font/devlj4/UI
-#usr/share/groff/1.21/font/devlj4/UR
-#usr/share/groff/1.21/font/devlj4/WINGDINGS
-#usr/share/groff/1.21/font/devlj4/generate
-#usr/share/groff/1.21/font/devlj4/generate/Makefile
-#usr/share/groff/1.21/font/devlj4/generate/special.awk
-#usr/share/groff/1.21/font/devlj4/generate/special.map
-#usr/share/groff/1.21/font/devlj4/generate/symbol.map
-#usr/share/groff/1.21/font/devlj4/generate/text.map
-#usr/share/groff/1.21/font/devlj4/generate/wingdings.map
-#usr/share/groff/1.21/font/devps
-#usr/share/groff/1.21/font/devps/AB
-#usr/share/groff/1.21/font/devps/ABI
-#usr/share/groff/1.21/font/devps/AI
-#usr/share/groff/1.21/font/devps/AR
-#usr/share/groff/1.21/font/devps/BMB
-#usr/share/groff/1.21/font/devps/BMBI
-#usr/share/groff/1.21/font/devps/BMI
-#usr/share/groff/1.21/font/devps/BMR
-#usr/share/groff/1.21/font/devps/CB
-#usr/share/groff/1.21/font/devps/CBI
-#usr/share/groff/1.21/font/devps/CI
-#usr/share/groff/1.21/font/devps/CR
-#usr/share/groff/1.21/font/devps/DESC
-#usr/share/groff/1.21/font/devps/EURO
-#usr/share/groff/1.21/font/devps/HB
-#usr/share/groff/1.21/font/devps/HBI
-#usr/share/groff/1.21/font/devps/HI
-#usr/share/groff/1.21/font/devps/HNB
-#usr/share/groff/1.21/font/devps/HNBI
-#usr/share/groff/1.21/font/devps/HNI
-#usr/share/groff/1.21/font/devps/HNR
-#usr/share/groff/1.21/font/devps/HR
-#usr/share/groff/1.21/font/devps/NB
-#usr/share/groff/1.21/font/devps/NBI
-#usr/share/groff/1.21/font/devps/NI
-#usr/share/groff/1.21/font/devps/NR
-#usr/share/groff/1.21/font/devps/PB
-#usr/share/groff/1.21/font/devps/PBI
-#usr/share/groff/1.21/font/devps/PI
-#usr/share/groff/1.21/font/devps/PR
-#usr/share/groff/1.21/font/devps/S
-#usr/share/groff/1.21/font/devps/SS
-#usr/share/groff/1.21/font/devps/TB
-#usr/share/groff/1.21/font/devps/TBI
-#usr/share/groff/1.21/font/devps/TI
-#usr/share/groff/1.21/font/devps/TR
-#usr/share/groff/1.21/font/devps/ZCMI
-#usr/share/groff/1.21/font/devps/ZD
-#usr/share/groff/1.21/font/devps/ZDR
-#usr/share/groff/1.21/font/devps/download
-#usr/share/groff/1.21/font/devps/freeeuro.afm
-#usr/share/groff/1.21/font/devps/freeeuro.pfa
-#usr/share/groff/1.21/font/devps/generate
-#usr/share/groff/1.21/font/devps/generate/Makefile
-#usr/share/groff/1.21/font/devps/generate/afmname
-#usr/share/groff/1.21/font/devps/generate/dingbats.map
-#usr/share/groff/1.21/font/devps/generate/dingbats.rmap
-#usr/share/groff/1.21/font/devps/generate/lgreekmap
-#usr/share/groff/1.21/font/devps/generate/symbol.sed
-#usr/share/groff/1.21/font/devps/generate/symbolchars
-#usr/share/groff/1.21/font/devps/generate/symbolsl.afm
-#usr/share/groff/1.21/font/devps/generate/textmap
-#usr/share/groff/1.21/font/devps/prologue
-#usr/share/groff/1.21/font/devps/symbolsl.pfa
-#usr/share/groff/1.21/font/devps/text.enc
-#usr/share/groff/1.21/font/devps/zapfdr.pfa
-#usr/share/groff/1.21/font/devutf8
-#usr/share/groff/1.21/font/devutf8/B
-#usr/share/groff/1.21/font/devutf8/BI
-#usr/share/groff/1.21/font/devutf8/DESC
-#usr/share/groff/1.21/font/devutf8/I
-#usr/share/groff/1.21/font/devutf8/R
-#usr/share/groff/1.21/oldfont
-#usr/share/groff/1.21/oldfont/devps
-#usr/share/groff/1.21/oldfont/devps/CB
-#usr/share/groff/1.21/oldfont/devps/CBI
-#usr/share/groff/1.21/oldfont/devps/CI
-#usr/share/groff/1.21/oldfont/devps/CR
-#usr/share/groff/1.21/oldfont/devps/HB
-#usr/share/groff/1.21/oldfont/devps/HBI
-#usr/share/groff/1.21/oldfont/devps/HI
-#usr/share/groff/1.21/oldfont/devps/HNB
-#usr/share/groff/1.21/oldfont/devps/HNBI
-#usr/share/groff/1.21/oldfont/devps/HNI
-#usr/share/groff/1.21/oldfont/devps/HNR
-#usr/share/groff/1.21/oldfont/devps/HR
-#usr/share/groff/1.21/oldfont/devps/NB
-#usr/share/groff/1.21/oldfont/devps/NBI
-#usr/share/groff/1.21/oldfont/devps/NI
-#usr/share/groff/1.21/oldfont/devps/NR
-#usr/share/groff/1.21/oldfont/devps/PB
-#usr/share/groff/1.21/oldfont/devps/PBI
-#usr/share/groff/1.21/oldfont/devps/PI
-#usr/share/groff/1.21/oldfont/devps/PR
-#usr/share/groff/1.21/oldfont/devps/S
-#usr/share/groff/1.21/oldfont/devps/SS
-#usr/share/groff/1.21/oldfont/devps/TB
-#usr/share/groff/1.21/oldfont/devps/TBI
-#usr/share/groff/1.21/oldfont/devps/TI
-#usr/share/groff/1.21/oldfont/devps/TR
-#usr/share/groff/1.21/oldfont/devps/symbol.afm
-#usr/share/groff/1.21/oldfont/devps/symbolsl.afm
-#usr/share/groff/1.21/oldfont/devps/zapfdr.afm
-#usr/share/groff/1.21/oldfont/devps/zapfdr.ps
-#usr/share/groff/1.21/pic
-#usr/share/groff/1.21/pic/chem.pic
-#usr/share/groff/1.21/tmac
-#usr/share/groff/1.21/tmac/62bit.tmac
-#usr/share/groff/1.21/tmac/X.tmac
-#usr/share/groff/1.21/tmac/Xps.tmac
-#usr/share/groff/1.21/tmac/a4.tmac
-#usr/share/groff/1.21/tmac/an-ext.tmac
-#usr/share/groff/1.21/tmac/an-old.tmac
-#usr/share/groff/1.21/tmac/an.tmac
-#usr/share/groff/1.21/tmac/andoc.tmac
-#usr/share/groff/1.21/tmac/composite.tmac
-#usr/share/groff/1.21/tmac/cp1047.tmac
-#usr/share/groff/1.21/tmac/cs.tmac
-#usr/share/groff/1.21/tmac/de.tmac
-#usr/share/groff/1.21/tmac/den.tmac
-#usr/share/groff/1.21/tmac/devtag.tmac
-#usr/share/groff/1.21/tmac/doc-old.tmac
-#usr/share/groff/1.21/tmac/doc.tmac
-#usr/share/groff/1.21/tmac/dvi.tmac
-#usr/share/groff/1.21/tmac/e.tmac
-#usr/share/groff/1.21/tmac/ec.tmac
-#usr/share/groff/1.21/tmac/eqnrc
-#usr/share/groff/1.21/tmac/europs.tmac
-#usr/share/groff/1.21/tmac/fr.tmac
-#usr/share/groff/1.21/tmac/hdmisc.tmac
-#usr/share/groff/1.21/tmac/hdtbl.tmac
-#usr/share/groff/1.21/tmac/html-end.tmac
-#usr/share/groff/1.21/tmac/html.tmac
-#usr/share/groff/1.21/tmac/hyphen.cs
-#usr/share/groff/1.21/tmac/hyphen.den
-#usr/share/groff/1.21/tmac/hyphen.det
-#usr/share/groff/1.21/tmac/hyphen.fr
-#usr/share/groff/1.21/tmac/hyphen.sv
-#usr/share/groff/1.21/tmac/hyphen.us
-#usr/share/groff/1.21/tmac/hyphenex.cs
-#usr/share/groff/1.21/tmac/hyphenex.det
-#usr/share/groff/1.21/tmac/hyphenex.us
-#usr/share/groff/1.21/tmac/ja.tmac
-#usr/share/groff/1.21/tmac/latin1.tmac
-#usr/share/groff/1.21/tmac/latin2.tmac
-#usr/share/groff/1.21/tmac/latin5.tmac
-#usr/share/groff/1.21/tmac/latin9.tmac
-#usr/share/groff/1.21/tmac/lbp.tmac
-#usr/share/groff/1.21/tmac/lj4.tmac
-#usr/share/groff/1.21/tmac/m.tmac
-#usr/share/groff/1.21/tmac/man.tmac
-#usr/share/groff/1.21/tmac/mandoc.tmac
-#usr/share/groff/1.21/tmac/mdoc
-#usr/share/groff/1.21/tmac/mdoc.tmac
-#usr/share/groff/1.21/tmac/mdoc/doc-common
-#usr/share/groff/1.21/tmac/mdoc/doc-ditroff
-#usr/share/groff/1.21/tmac/mdoc/doc-nroff
-#usr/share/groff/1.21/tmac/mdoc/doc-syms
-#usr/share/groff/1.21/tmac/me.tmac
-#usr/share/groff/1.21/tmac/mm
-#usr/share/groff/1.21/tmac/mm.tmac
-#usr/share/groff/1.21/tmac/mm/0.MT
-#usr/share/groff/1.21/tmac/mm/4.MT
-#usr/share/groff/1.21/tmac/mm/5.MT
-#usr/share/groff/1.21/tmac/mm/locale
-#usr/share/groff/1.21/tmac/mm/ms.cov
-#usr/share/groff/1.21/tmac/mm/se_locale
-#usr/share/groff/1.21/tmac/mm/se_ms.cov
-#usr/share/groff/1.21/tmac/mmse.tmac
-#usr/share/groff/1.21/tmac/mom.tmac
-#usr/share/groff/1.21/tmac/ms.tmac
-#usr/share/groff/1.21/tmac/mse.tmac
-#usr/share/groff/1.21/tmac/om.tmac
-#usr/share/groff/1.21/tmac/papersize.tmac
-#usr/share/groff/1.21/tmac/pdfmark.tmac
-#usr/share/groff/1.21/tmac/pic.tmac
-#usr/share/groff/1.21/tmac/ps.tmac
-#usr/share/groff/1.21/tmac/psatk.tmac
-#usr/share/groff/1.21/tmac/psold.tmac
-#usr/share/groff/1.21/tmac/pspic.tmac
-#usr/share/groff/1.21/tmac/s.tmac
-#usr/share/groff/1.21/tmac/safer.tmac
-#usr/share/groff/1.21/tmac/spdf.tmac
-#usr/share/groff/1.21/tmac/sv.tmac
-#usr/share/groff/1.21/tmac/trace.tmac
-#usr/share/groff/1.21/tmac/trans.tmac
-#usr/share/groff/1.21/tmac/troffrc
-#usr/share/groff/1.21/tmac/troffrc-end
-#usr/share/groff/1.21/tmac/tty-char.tmac
-#usr/share/groff/1.21/tmac/tty.tmac
-#usr/share/groff/1.21/tmac/unicode.tmac
-#usr/share/groff/1.21/tmac/www.tmac
+#usr/share/groff/1.22.3
+#usr/share/groff/1.22.3/eign
+#usr/share/groff/1.22.3/font
+#usr/share/groff/1.22.3/font/devascii
+#usr/share/groff/1.22.3/font/devascii/B
+#usr/share/groff/1.22.3/font/devascii/BI
+#usr/share/groff/1.22.3/font/devascii/DESC
+#usr/share/groff/1.22.3/font/devascii/I
+#usr/share/groff/1.22.3/font/devascii/R
+#usr/share/groff/1.22.3/font/devdvi
+#usr/share/groff/1.22.3/font/devdvi/CW
+#usr/share/groff/1.22.3/font/devdvi/CWEC
+#usr/share/groff/1.22.3/font/devdvi/CWI
+#usr/share/groff/1.22.3/font/devdvi/CWIEC
+#usr/share/groff/1.22.3/font/devdvi/CWITC
+#usr/share/groff/1.22.3/font/devdvi/CWTC
+#usr/share/groff/1.22.3/font/devdvi/DESC
+#usr/share/groff/1.22.3/font/devdvi/EX
+#usr/share/groff/1.22.3/font/devdvi/HB
+#usr/share/groff/1.22.3/font/devdvi/HBEC
+#usr/share/groff/1.22.3/font/devdvi/HBI
+#usr/share/groff/1.22.3/font/devdvi/HBIEC
+#usr/share/groff/1.22.3/font/devdvi/HBITC
+#usr/share/groff/1.22.3/font/devdvi/HBTC
+#usr/share/groff/1.22.3/font/devdvi/HI
+#usr/share/groff/1.22.3/font/devdvi/HIEC
+#usr/share/groff/1.22.3/font/devdvi/HITC
+#usr/share/groff/1.22.3/font/devdvi/HR
+#usr/share/groff/1.22.3/font/devdvi/HREC
+#usr/share/groff/1.22.3/font/devdvi/HRTC
+#usr/share/groff/1.22.3/font/devdvi/MI
+#usr/share/groff/1.22.3/font/devdvi/S
+#usr/share/groff/1.22.3/font/devdvi/SA
+#usr/share/groff/1.22.3/font/devdvi/SB
+#usr/share/groff/1.22.3/font/devdvi/SC
+#usr/share/groff/1.22.3/font/devdvi/TB
+#usr/share/groff/1.22.3/font/devdvi/TBEC
+#usr/share/groff/1.22.3/font/devdvi/TBI
+#usr/share/groff/1.22.3/font/devdvi/TBIEC
+#usr/share/groff/1.22.3/font/devdvi/TBITC
+#usr/share/groff/1.22.3/font/devdvi/TBTC
+#usr/share/groff/1.22.3/font/devdvi/TI
+#usr/share/groff/1.22.3/font/devdvi/TIEC
+#usr/share/groff/1.22.3/font/devdvi/TITC
+#usr/share/groff/1.22.3/font/devdvi/TR
+#usr/share/groff/1.22.3/font/devdvi/TREC
+#usr/share/groff/1.22.3/font/devdvi/TRTC
+#usr/share/groff/1.22.3/font/devdvi/generate
+#usr/share/groff/1.22.3/font/devdvi/generate/CompileFonts
+#usr/share/groff/1.22.3/font/devdvi/generate/Makefile
+#usr/share/groff/1.22.3/font/devdvi/generate/ec.map
+#usr/share/groff/1.22.3/font/devdvi/generate/msam.map
+#usr/share/groff/1.22.3/font/devdvi/generate/msbm.map
+#usr/share/groff/1.22.3/font/devdvi/generate/tc.map
+#usr/share/groff/1.22.3/font/devdvi/generate/texb.map
+#usr/share/groff/1.22.3/font/devdvi/generate/texex.map
+#usr/share/groff/1.22.3/font/devdvi/generate/texi.map
+#usr/share/groff/1.22.3/font/devdvi/generate/texmi.map
+#usr/share/groff/1.22.3/font/devdvi/generate/texr.map
+#usr/share/groff/1.22.3/font/devdvi/generate/texsy.map
+#usr/share/groff/1.22.3/font/devdvi/generate/textex.map
+#usr/share/groff/1.22.3/font/devdvi/generate/textt.map
+#usr/share/groff/1.22.3/font/devhtml
+#usr/share/groff/1.22.3/font/devhtml/B
+#usr/share/groff/1.22.3/font/devhtml/BI
+#usr/share/groff/1.22.3/font/devhtml/CB
+#usr/share/groff/1.22.3/font/devhtml/CBI
+#usr/share/groff/1.22.3/font/devhtml/CI
+#usr/share/groff/1.22.3/font/devhtml/CR
+#usr/share/groff/1.22.3/font/devhtml/DESC
+#usr/share/groff/1.22.3/font/devhtml/I
+#usr/share/groff/1.22.3/font/devhtml/R
+#usr/share/groff/1.22.3/font/devhtml/S
+#usr/share/groff/1.22.3/font/devlatin1
+#usr/share/groff/1.22.3/font/devlatin1/B
+#usr/share/groff/1.22.3/font/devlatin1/BI
+#usr/share/groff/1.22.3/font/devlatin1/DESC
+#usr/share/groff/1.22.3/font/devlatin1/I
+#usr/share/groff/1.22.3/font/devlatin1/R
+#usr/share/groff/1.22.3/font/devlbp
+#usr/share/groff/1.22.3/font/devlbp/CB
+#usr/share/groff/1.22.3/font/devlbp/CI
+#usr/share/groff/1.22.3/font/devlbp/CR
+#usr/share/groff/1.22.3/font/devlbp/DESC
+#usr/share/groff/1.22.3/font/devlbp/EB
+#usr/share/groff/1.22.3/font/devlbp/EI
+#usr/share/groff/1.22.3/font/devlbp/ER
+#usr/share/groff/1.22.3/font/devlbp/HB
+#usr/share/groff/1.22.3/font/devlbp/HBI
+#usr/share/groff/1.22.3/font/devlbp/HI
+#usr/share/groff/1.22.3/font/devlbp/HNB
+#usr/share/groff/1.22.3/font/devlbp/HNBI
+#usr/share/groff/1.22.3/font/devlbp/HNI
+#usr/share/groff/1.22.3/font/devlbp/HNR
+#usr/share/groff/1.22.3/font/devlbp/HR
+#usr/share/groff/1.22.3/font/devlbp/TB
+#usr/share/groff/1.22.3/font/devlbp/TBI
+#usr/share/groff/1.22.3/font/devlbp/TI
+#usr/share/groff/1.22.3/font/devlbp/TR
+#usr/share/groff/1.22.3/font/devlj4
+#usr/share/groff/1.22.3/font/devlj4/AB
+#usr/share/groff/1.22.3/font/devlj4/ABI
+#usr/share/groff/1.22.3/font/devlj4/AI
+#usr/share/groff/1.22.3/font/devlj4/ALBB
+#usr/share/groff/1.22.3/font/devlj4/ALBR
+#usr/share/groff/1.22.3/font/devlj4/AOB
+#usr/share/groff/1.22.3/font/devlj4/AOI
+#usr/share/groff/1.22.3/font/devlj4/AOR
+#usr/share/groff/1.22.3/font/devlj4/AR
+#usr/share/groff/1.22.3/font/devlj4/CB
+#usr/share/groff/1.22.3/font/devlj4/CBI
+#usr/share/groff/1.22.3/font/devlj4/CI
+#usr/share/groff/1.22.3/font/devlj4/CLARENDON
+#usr/share/groff/1.22.3/font/devlj4/CORONET
+#usr/share/groff/1.22.3/font/devlj4/CR
+#usr/share/groff/1.22.3/font/devlj4/DESC
+#usr/share/groff/1.22.3/font/devlj4/GB
+#usr/share/groff/1.22.3/font/devlj4/GBI
+#usr/share/groff/1.22.3/font/devlj4/GI
+#usr/share/groff/1.22.3/font/devlj4/GR
+#usr/share/groff/1.22.3/font/devlj4/LGB
+#usr/share/groff/1.22.3/font/devlj4/LGI
+#usr/share/groff/1.22.3/font/devlj4/LGR
+#usr/share/groff/1.22.3/font/devlj4/MARIGOLD
+#usr/share/groff/1.22.3/font/devlj4/OB
+#usr/share/groff/1.22.3/font/devlj4/OBI
+#usr/share/groff/1.22.3/font/devlj4/OI
+#usr/share/groff/1.22.3/font/devlj4/OR
+#usr/share/groff/1.22.3/font/devlj4/S
+#usr/share/groff/1.22.3/font/devlj4/SYMBOL
+#usr/share/groff/1.22.3/font/devlj4/TB
+#usr/share/groff/1.22.3/font/devlj4/TBI
+#usr/share/groff/1.22.3/font/devlj4/TI
+#usr/share/groff/1.22.3/font/devlj4/TNRB
+#usr/share/groff/1.22.3/font/devlj4/TNRBI
+#usr/share/groff/1.22.3/font/devlj4/TNRI
+#usr/share/groff/1.22.3/font/devlj4/TNRR
+#usr/share/groff/1.22.3/font/devlj4/TR
+#usr/share/groff/1.22.3/font/devlj4/UB
+#usr/share/groff/1.22.3/font/devlj4/UBI
+#usr/share/groff/1.22.3/font/devlj4/UCB
+#usr/share/groff/1.22.3/font/devlj4/UCBI
+#usr/share/groff/1.22.3/font/devlj4/UCI
+#usr/share/groff/1.22.3/font/devlj4/UCR
+#usr/share/groff/1.22.3/font/devlj4/UI
+#usr/share/groff/1.22.3/font/devlj4/UR
+#usr/share/groff/1.22.3/font/devlj4/WINGDINGS
+#usr/share/groff/1.22.3/font/devlj4/generate
+#usr/share/groff/1.22.3/font/devlj4/generate/Makefile
+#usr/share/groff/1.22.3/font/devlj4/generate/special.awk
+#usr/share/groff/1.22.3/font/devlj4/generate/special.map
+#usr/share/groff/1.22.3/font/devlj4/generate/symbol.map
+#usr/share/groff/1.22.3/font/devlj4/generate/text.map
+#usr/share/groff/1.22.3/font/devlj4/generate/wingdings.map
+#usr/share/groff/1.22.3/font/devpdf
+#usr/share/groff/1.22.3/font/devpdf/CB
+#usr/share/groff/1.22.3/font/devpdf/CBI
+#usr/share/groff/1.22.3/font/devpdf/CI
+#usr/share/groff/1.22.3/font/devpdf/CR
+#usr/share/groff/1.22.3/font/devpdf/DESC
+#usr/share/groff/1.22.3/font/devpdf/EURO
+#usr/share/groff/1.22.3/font/devpdf/Foundry
+#usr/share/groff/1.22.3/font/devpdf/HB
+#usr/share/groff/1.22.3/font/devpdf/HBI
+#usr/share/groff/1.22.3/font/devpdf/HI
+#usr/share/groff/1.22.3/font/devpdf/HR
+#usr/share/groff/1.22.3/font/devpdf/S
+#usr/share/groff/1.22.3/font/devpdf/TB
+#usr/share/groff/1.22.3/font/devpdf/TBI
+#usr/share/groff/1.22.3/font/devpdf/TI
+#usr/share/groff/1.22.3/font/devpdf/TR
+#usr/share/groff/1.22.3/font/devpdf/ZD
+#usr/share/groff/1.22.3/font/devpdf/download
+#usr/share/groff/1.22.3/font/devpdf/enc
+#usr/share/groff/1.22.3/font/devpdf/enc/text.enc
+#usr/share/groff/1.22.3/font/devpdf/map
+#usr/share/groff/1.22.3/font/devpdf/map/dingbats.map
+#usr/share/groff/1.22.3/font/devpdf/map/symbolchars
+#usr/share/groff/1.22.3/font/devpdf/map/symbolmap
+#usr/share/groff/1.22.3/font/devpdf/map/textmap
+#usr/share/groff/1.22.3/font/devpdf/util
+#usr/share/groff/1.22.3/font/devpdf/util/BuildFoundries
+#usr/share/groff/1.22.3/font/devps
+#usr/share/groff/1.22.3/font/devps/AB
+#usr/share/groff/1.22.3/font/devps/ABI
+#usr/share/groff/1.22.3/font/devps/AI
+#usr/share/groff/1.22.3/font/devps/AR
+#usr/share/groff/1.22.3/font/devps/BMB
+#usr/share/groff/1.22.3/font/devps/BMBI
+#usr/share/groff/1.22.3/font/devps/BMI
+#usr/share/groff/1.22.3/font/devps/BMR
+#usr/share/groff/1.22.3/font/devps/CB
+#usr/share/groff/1.22.3/font/devps/CBI
+#usr/share/groff/1.22.3/font/devps/CI
+#usr/share/groff/1.22.3/font/devps/CR
+#usr/share/groff/1.22.3/font/devps/DESC
+#usr/share/groff/1.22.3/font/devps/EURO
+#usr/share/groff/1.22.3/font/devps/HB
+#usr/share/groff/1.22.3/font/devps/HBI
+#usr/share/groff/1.22.3/font/devps/HI
+#usr/share/groff/1.22.3/font/devps/HNB
+#usr/share/groff/1.22.3/font/devps/HNBI
+#usr/share/groff/1.22.3/font/devps/HNI
+#usr/share/groff/1.22.3/font/devps/HNR
+#usr/share/groff/1.22.3/font/devps/HR
+#usr/share/groff/1.22.3/font/devps/NB
+#usr/share/groff/1.22.3/font/devps/NBI
+#usr/share/groff/1.22.3/font/devps/NI
+#usr/share/groff/1.22.3/font/devps/NR
+#usr/share/groff/1.22.3/font/devps/PB
+#usr/share/groff/1.22.3/font/devps/PBI
+#usr/share/groff/1.22.3/font/devps/PI
+#usr/share/groff/1.22.3/font/devps/PR
+#usr/share/groff/1.22.3/font/devps/S
+#usr/share/groff/1.22.3/font/devps/SS
+#usr/share/groff/1.22.3/font/devps/TB
+#usr/share/groff/1.22.3/font/devps/TBI
+#usr/share/groff/1.22.3/font/devps/TI
+#usr/share/groff/1.22.3/font/devps/TR
+#usr/share/groff/1.22.3/font/devps/ZCMI
+#usr/share/groff/1.22.3/font/devps/ZD
+#usr/share/groff/1.22.3/font/devps/ZDR
+#usr/share/groff/1.22.3/font/devps/download
+#usr/share/groff/1.22.3/font/devps/freeeuro.afm
+#usr/share/groff/1.22.3/font/devps/freeeuro.pfa
+#usr/share/groff/1.22.3/font/devps/generate
+#usr/share/groff/1.22.3/font/devps/generate/Makefile
+#usr/share/groff/1.22.3/font/devps/generate/afmname
+#usr/share/groff/1.22.3/font/devps/generate/dingbats.map
+#usr/share/groff/1.22.3/font/devps/generate/dingbats.rmap
+#usr/share/groff/1.22.3/font/devps/generate/lgreekmap
+#usr/share/groff/1.22.3/font/devps/generate/symbol.sed
+#usr/share/groff/1.22.3/font/devps/generate/symbolchars
+#usr/share/groff/1.22.3/font/devps/generate/symbolsl.afm
+#usr/share/groff/1.22.3/font/devps/generate/textmap
+#usr/share/groff/1.22.3/font/devps/prologue
+#usr/share/groff/1.22.3/font/devps/symbolsl.pfa
+#usr/share/groff/1.22.3/font/devps/text.enc
+#usr/share/groff/1.22.3/font/devps/zapfdr.pfa
+#usr/share/groff/1.22.3/font/devutf8
+#usr/share/groff/1.22.3/font/devutf8/B
+#usr/share/groff/1.22.3/font/devutf8/BI
+#usr/share/groff/1.22.3/font/devutf8/DESC
+#usr/share/groff/1.22.3/font/devutf8/I
+#usr/share/groff/1.22.3/font/devutf8/R
+#usr/share/groff/1.22.3/oldfont
+#usr/share/groff/1.22.3/oldfont/devps
+#usr/share/groff/1.22.3/oldfont/devps/CB
+#usr/share/groff/1.22.3/oldfont/devps/CBI
+#usr/share/groff/1.22.3/oldfont/devps/CI
+#usr/share/groff/1.22.3/oldfont/devps/CR
+#usr/share/groff/1.22.3/oldfont/devps/HB
+#usr/share/groff/1.22.3/oldfont/devps/HBI
+#usr/share/groff/1.22.3/oldfont/devps/HI
+#usr/share/groff/1.22.3/oldfont/devps/HNB
+#usr/share/groff/1.22.3/oldfont/devps/HNBI
+#usr/share/groff/1.22.3/oldfont/devps/HNI
+#usr/share/groff/1.22.3/oldfont/devps/HNR
+#usr/share/groff/1.22.3/oldfont/devps/HR
+#usr/share/groff/1.22.3/oldfont/devps/NB
+#usr/share/groff/1.22.3/oldfont/devps/NBI
+#usr/share/groff/1.22.3/oldfont/devps/NI
+#usr/share/groff/1.22.3/oldfont/devps/NR
+#usr/share/groff/1.22.3/oldfont/devps/PB
+#usr/share/groff/1.22.3/oldfont/devps/PBI
+#usr/share/groff/1.22.3/oldfont/devps/PI
+#usr/share/groff/1.22.3/oldfont/devps/PR
+#usr/share/groff/1.22.3/oldfont/devps/S
+#usr/share/groff/1.22.3/oldfont/devps/SS
+#usr/share/groff/1.22.3/oldfont/devps/TB
+#usr/share/groff/1.22.3/oldfont/devps/TBI
+#usr/share/groff/1.22.3/oldfont/devps/TI
+#usr/share/groff/1.22.3/oldfont/devps/TR
+#usr/share/groff/1.22.3/oldfont/devps/symbol.afm
+#usr/share/groff/1.22.3/oldfont/devps/symbolsl.afm
+#usr/share/groff/1.22.3/oldfont/devps/zapfdr.afm
+#usr/share/groff/1.22.3/oldfont/devps/zapfdr.ps
+#usr/share/groff/1.22.3/pic
+#usr/share/groff/1.22.3/pic/chem.pic
+#usr/share/groff/1.22.3/tmac
+#usr/share/groff/1.22.3/tmac/62bit.tmac
+#usr/share/groff/1.22.3/tmac/X.tmac
+#usr/share/groff/1.22.3/tmac/Xps.tmac
+#usr/share/groff/1.22.3/tmac/a4.tmac
+#usr/share/groff/1.22.3/tmac/an-ext.tmac
+#usr/share/groff/1.22.3/tmac/an-old.tmac
+#usr/share/groff/1.22.3/tmac/an.tmac
+#usr/share/groff/1.22.3/tmac/andoc.tmac
+#usr/share/groff/1.22.3/tmac/composite.tmac
+#usr/share/groff/1.22.3/tmac/cp1047.tmac
+#usr/share/groff/1.22.3/tmac/cs.tmac
+#usr/share/groff/1.22.3/tmac/de.tmac
+#usr/share/groff/1.22.3/tmac/den.tmac
+#usr/share/groff/1.22.3/tmac/devtag.tmac
+#usr/share/groff/1.22.3/tmac/doc-old.tmac
+#usr/share/groff/1.22.3/tmac/doc.tmac
+#usr/share/groff/1.22.3/tmac/dvi.tmac
+#usr/share/groff/1.22.3/tmac/e.tmac
+#usr/share/groff/1.22.3/tmac/ec.tmac
+#usr/share/groff/1.22.3/tmac/eqnrc
+#usr/share/groff/1.22.3/tmac/europs.tmac
+#usr/share/groff/1.22.3/tmac/fallbacks.tmac
+#usr/share/groff/1.22.3/tmac/fr.tmac
+#usr/share/groff/1.22.3/tmac/hdmisc.tmac
+#usr/share/groff/1.22.3/tmac/hdtbl.tmac
+#usr/share/groff/1.22.3/tmac/html-end.tmac
+#usr/share/groff/1.22.3/tmac/html.tmac
+#usr/share/groff/1.22.3/tmac/hyphen.cs
+#usr/share/groff/1.22.3/tmac/hyphen.den
+#usr/share/groff/1.22.3/tmac/hyphen.det
+#usr/share/groff/1.22.3/tmac/hyphen.fr
+#usr/share/groff/1.22.3/tmac/hyphen.sv
+#usr/share/groff/1.22.3/tmac/hyphen.us
+#usr/share/groff/1.22.3/tmac/hyphenex.cs
+#usr/share/groff/1.22.3/tmac/hyphenex.det
+#usr/share/groff/1.22.3/tmac/hyphenex.us
+#usr/share/groff/1.22.3/tmac/ja.tmac
+#usr/share/groff/1.22.3/tmac/latin1.tmac
+#usr/share/groff/1.22.3/tmac/latin2.tmac
+#usr/share/groff/1.22.3/tmac/latin5.tmac
+#usr/share/groff/1.22.3/tmac/latin9.tmac
+#usr/share/groff/1.22.3/tmac/lbp.tmac
+#usr/share/groff/1.22.3/tmac/lj4.tmac
+#usr/share/groff/1.22.3/tmac/m.tmac
+#usr/share/groff/1.22.3/tmac/man.tmac
+#usr/share/groff/1.22.3/tmac/mandoc.tmac
+#usr/share/groff/1.22.3/tmac/mdoc
+#usr/share/groff/1.22.3/tmac/mdoc.tmac
+#usr/share/groff/1.22.3/tmac/mdoc/doc-common
+#usr/share/groff/1.22.3/tmac/mdoc/doc-ditroff
+#usr/share/groff/1.22.3/tmac/mdoc/doc-nroff
+#usr/share/groff/1.22.3/tmac/mdoc/doc-syms
+#usr/share/groff/1.22.3/tmac/me.tmac
+#usr/share/groff/1.22.3/tmac/mm
+#usr/share/groff/1.22.3/tmac/mm.tmac
+#usr/share/groff/1.22.3/tmac/mm/0.MT
+#usr/share/groff/1.22.3/tmac/mm/4.MT
+#usr/share/groff/1.22.3/tmac/mm/5.MT
+#usr/share/groff/1.22.3/tmac/mm/locale
+#usr/share/groff/1.22.3/tmac/mm/ms.cov
+#usr/share/groff/1.22.3/tmac/mm/se_locale
+#usr/share/groff/1.22.3/tmac/mm/se_ms.cov
+#usr/share/groff/1.22.3/tmac/mmse.tmac
+#usr/share/groff/1.22.3/tmac/mom.tmac
+#usr/share/groff/1.22.3/tmac/ms.tmac
+#usr/share/groff/1.22.3/tmac/mse.tmac
+#usr/share/groff/1.22.3/tmac/om.tmac
+#usr/share/groff/1.22.3/tmac/papersize.tmac
+#usr/share/groff/1.22.3/tmac/pdf.tmac
+#usr/share/groff/1.22.3/tmac/pdfmark.tmac
+#usr/share/groff/1.22.3/tmac/pic.tmac
+#usr/share/groff/1.22.3/tmac/ps.tmac
+#usr/share/groff/1.22.3/tmac/psatk.tmac
+#usr/share/groff/1.22.3/tmac/psold.tmac
+#usr/share/groff/1.22.3/tmac/pspic.tmac
+#usr/share/groff/1.22.3/tmac/refer-me.tmac
+#usr/share/groff/1.22.3/tmac/refer-mm.tmac
+#usr/share/groff/1.22.3/tmac/refer-ms.tmac
+#usr/share/groff/1.22.3/tmac/refer.tmac
+#usr/share/groff/1.22.3/tmac/s.tmac
+#usr/share/groff/1.22.3/tmac/safer.tmac
+#usr/share/groff/1.22.3/tmac/spdf.tmac
+#usr/share/groff/1.22.3/tmac/sv.tmac
+#usr/share/groff/1.22.3/tmac/trace.tmac
+#usr/share/groff/1.22.3/tmac/trans.tmac
+#usr/share/groff/1.22.3/tmac/troffrc
+#usr/share/groff/1.22.3/tmac/troffrc-end
+#usr/share/groff/1.22.3/tmac/tty-char.tmac
+#usr/share/groff/1.22.3/tmac/tty.tmac
+#usr/share/groff/1.22.3/tmac/unicode.tmac
+#usr/share/groff/1.22.3/tmac/www.tmac
#usr/share/groff/current
#usr/share/groff/site-font
#usr/share/groff/site-tmac
#usr/share/info/groff.info
#usr/share/info/groff.info-1
#usr/share/info/groff.info-2
-#usr/share/info/groff.info-3
#usr/share/man/man1/addftinfo.1
#usr/share/man/man1/afmtodit.1
#usr/share/man/man1/chem.1
#usr/share/man/man1/eqn.1
#usr/share/man/man1/eqn2graph.1
#usr/share/man/man1/gdiffmk.1
+#usr/share/man/man1/glilypond.1
+#usr/share/man/man1/gperl.1
+#usr/share/man/man1/gpinyin.1
#usr/share/man/man1/grap2graph.1
#usr/share/man/man1/grn.1
#usr/share/man/man1/grodvi.1
#usr/share/man/man1/grohtml.1
#usr/share/man/man1/grolbp.1
#usr/share/man/man1/grolj4.1
+#usr/share/man/man1/gropdf.1
#usr/share/man/man1/grops.1
#usr/share/man/man1/grotty.1
#usr/share/man/man1/hpftodit.1
#usr/share/man/man1/mmroff.1
#usr/share/man/man1/neqn.1
#usr/share/man/man1/nroff.1
+#usr/share/man/man1/pdfmom.1
#usr/share/man/man1/pdfroff.1
#usr/share/man/man1/pfbtops.1
#usr/share/man/man1/pic.1
#usr/share/man/man7/groff.7
#usr/share/man/man7/groff_char.7
#usr/share/man/man7/groff_diff.7
+#usr/share/man/man7/groff_filenames.7
#usr/share/man/man7/groff_hdtbl.7
#usr/share/man/man7/groff_man.7
#usr/share/man/man7/groff_mdoc.7
#etc/rc.d/init.d/mysql
#etc/rc.d/init.d/netsnmpd
etc/rc.d/init.d/network
+etc/rc.d/init.d/network-trigger
etc/rc.d/init.d/network-vlans
#etc/rc.d/init.d/networking
etc/rc.d/init.d/networking/any
etc/rc.d/rcsysinit.d/S75firstsetup
etc/rc.d/rcsysinit.d/S80localnet
etc/rc.d/rcsysinit.d/S85firewall
+etc/rc.d/rcsysinit.d/S90network-trigger
etc/rc.d/rcsysinit.d/S91network-vlans
etc/rc.d/rcsysinit.d/S92rngd
etc/rc.d/rc3.d/S15fireinfo
#etc/logrotate.d
etc/logrotate.d/.empty
+#usr/man/man5/logrotate.conf.5
#usr/man/man8/logrotate.8
usr/sbin/logrotate
var/lib/logrotate.status
#etc/logwatch
etc/logwatch/conf
-#etc/logwatch/conf/html
+#etc/logwatch/logwatch.cron
#etc/logwatch/conf/ignore.conf
#etc/logwatch/conf/logfiles
#etc/logwatch/conf/logwatch.conf
#usr/share/logwatch/default.conf/html/header.html
usr/share/logwatch/default.conf/ignore.conf
#usr/share/logwatch/default.conf/logfiles
+#usr/share/logwatch/default.conf/logfiles/audit_log.conf
#usr/share/logwatch/default.conf/logfiles/autorpm.conf
#usr/share/logwatch/default.conf/logfiles/bfd.conf
#usr/share/logwatch/default.conf/logfiles/cisco.conf
+#usr/share/logwatch/default.conf/logfiles/citadel.conf
usr/share/logwatch/default.conf/logfiles/clam-update.conf
+#usr/share/logwatch/default.conf/logfiles/clamav.conf
usr/share/logwatch/default.conf/logfiles/cron.conf
#usr/share/logwatch/default.conf/logfiles/daemon.conf
#usr/share/logwatch/default.conf/logfiles/denyhosts.conf
+#usr/share/logwatch/default.conf/logfiles/dirsrv.conf
#usr/share/logwatch/default.conf/logfiles/dnssec.conf
#usr/share/logwatch/default.conf/logfiles/dpkg.conf
#usr/share/logwatch/default.conf/logfiles/emerge.conf
#usr/share/logwatch/default.conf/logfiles/exim.conf
#usr/share/logwatch/default.conf/logfiles/extreme-networks.conf
#usr/share/logwatch/default.conf/logfiles/fail2ban.conf
+#usr/share/logwatch/default.conf/logfiles/freeradius.conf
+#usr/share/logwatch/default.conf/logfiles/http-error.conf
usr/share/logwatch/default.conf/logfiles/http.conf
usr/share/logwatch/default.conf/logfiles/iptables.conf
usr/share/logwatch/default.conf/logfiles/kernel.conf
usr/share/logwatch/default.conf/logfiles/maillog.conf
usr/share/logwatch/default.conf/logfiles/messages.conf
+#usr/share/logwatch/default.conf/logfiles/mysql-mmm.conf
+#usr/share/logwatch/default.conf/logfiles/mysql.conf
#usr/share/logwatch/default.conf/logfiles/netopia.conf
#usr/share/logwatch/default.conf/logfiles/netscreen.conf
usr/share/logwatch/default.conf/logfiles/php.conf
#usr/share/logwatch/default.conf/logfiles/pix.conf
+#usr/share/logwatch/default.conf/logfiles/postgresql.conf
#usr/share/logwatch/default.conf/logfiles/pureftp.conf
#usr/share/logwatch/default.conf/logfiles/qmail-pop3d-current.conf
#usr/share/logwatch/default.conf/logfiles/qmail-pop3ds-current.conf
usr/share/logwatch/default.conf/logfiles/samba.conf
#usr/share/logwatch/default.conf/logfiles/secure.conf
#usr/share/logwatch/default.conf/logfiles/sonicwall.conf
+#usr/share/logwatch/default.conf/logfiles/spamassassin.conf
usr/share/logwatch/default.conf/logfiles/syslog.conf
#usr/share/logwatch/default.conf/logfiles/tac_acc.conf
+#usr/share/logwatch/default.conf/logfiles/tivoli-smc.conf
#usr/share/logwatch/default.conf/logfiles/up2date.conf
+#usr/share/logwatch/default.conf/logfiles/vdr.conf
usr/share/logwatch/default.conf/logfiles/vsftpd.conf
usr/share/logwatch/default.conf/logfiles/windows.conf
usr/share/logwatch/default.conf/logfiles/xferlog.conf
#usr/share/logwatch/default.conf/logfiles/yum.conf
+#usr/share/logwatch/default.conf/logfiles/zypp.conf
usr/share/logwatch/default.conf/logwatch.conf
usr/share/logwatch/default.conf/services
#usr/share/logwatch/default.conf/services/afpd.conf
#usr/share/logwatch/default.conf/services/audit.conf
#usr/share/logwatch/default.conf/services/automount.conf
#usr/share/logwatch/default.conf/services/autorpm.conf
+#usr/share/logwatch/default.conf/services/barracuda.conf
#usr/share/logwatch/default.conf/services/bfd.conf
#usr/share/logwatch/default.conf/services/cisco.conf
+#usr/share/logwatch/default.conf/services/citadel.conf
usr/share/logwatch/default.conf/services/clam-update.conf
#usr/share/logwatch/default.conf/services/clamav-milter.conf
usr/share/logwatch/default.conf/services/clamav.conf
usr/share/logwatch/default.conf/services/cron.conf
#usr/share/logwatch/default.conf/services/denyhosts.conf
usr/share/logwatch/default.conf/services/dhcpd.conf
+#usr/share/logwatch/default.conf/services/dirsrv.conf
#usr/share/logwatch/default.conf/services/dnssec.conf
#usr/share/logwatch/default.conf/services/dovecot.conf
#usr/share/logwatch/default.conf/services/dpkg.conf
#usr/share/logwatch/default.conf/services/eximstats.conf
#usr/share/logwatch/default.conf/services/extreme-networks.conf
#usr/share/logwatch/default.conf/services/fail2ban.conf
+#usr/share/logwatch/default.conf/services/fetchmail.conf
+#usr/share/logwatch/default.conf/services/freeradius.conf
#usr/share/logwatch/default.conf/services/ftpd-messages.conf
#usr/share/logwatch/default.conf/services/ftpd-xferlog.conf
+#usr/share/logwatch/default.conf/services/http-error.conf
usr/share/logwatch/default.conf/services/http.conf
#usr/share/logwatch/default.conf/services/identd.conf
usr/share/logwatch/default.conf/services/imapd.conf
usr/share/logwatch/default.conf/services/ipop3d.conf
usr/share/logwatch/default.conf/services/iptables.conf
usr/share/logwatch/default.conf/services/kernel.conf
+#usr/share/logwatch/default.conf/services/knockd.conf
+#usr/share/logwatch/default.conf/services/lvm.conf
#usr/share/logwatch/default.conf/services/mailscanner.conf
+#usr/share/logwatch/default.conf/services/mdadm.conf
+#usr/share/logwatch/default.conf/services/mod_security2.conf
usr/share/logwatch/default.conf/services/modprobe.conf
#usr/share/logwatch/default.conf/services/mountd.conf
+#usr/share/logwatch/default.conf/services/mysql-mmm.conf
+#usr/share/logwatch/default.conf/services/mysql.conf
#usr/share/logwatch/default.conf/services/named.conf
#usr/share/logwatch/default.conf/services/netopia.conf
#usr/share/logwatch/default.conf/services/netscreen.conf
#usr/share/logwatch/default.conf/services/oidentd.conf
+#usr/share/logwatch/default.conf/services/omsa.conf
usr/share/logwatch/default.conf/services/openvpn.conf
usr/share/logwatch/default.conf/services/pam.conf
usr/share/logwatch/default.conf/services/pam_pwdb.conf
usr/share/logwatch/default.conf/services/pop3.conf
#usr/share/logwatch/default.conf/services/portsentry.conf
usr/share/logwatch/default.conf/services/postfix.conf
+#usr/share/logwatch/default.conf/services/postgresql.conf
#usr/share/logwatch/default.conf/services/pound.conf
#usr/share/logwatch/default.conf/services/proftpd-messages.conf
+#usr/share/logwatch/default.conf/services/puppet.conf
#usr/share/logwatch/default.conf/services/pureftpd.conf
#usr/share/logwatch/default.conf/services/qmail-pop3d.conf
#usr/share/logwatch/default.conf/services/qmail-pop3ds.conf
#usr/share/logwatch/default.conf/services/qmail.conf
#usr/share/logwatch/default.conf/services/raid.conf
usr/share/logwatch/default.conf/services/resolver.conf
+#usr/share/logwatch/default.conf/services/rsyslogd.conf
#usr/share/logwatch/default.conf/services/rt314.conf
usr/share/logwatch/default.conf/services/samba.conf
usr/share/logwatch/default.conf/services/saslauthd.conf
#usr/share/logwatch/default.conf/services/slon.conf
#usr/share/logwatch/default.conf/services/smartd.conf
#usr/share/logwatch/default.conf/services/sonicwall.conf
+#usr/share/logwatch/default.conf/services/spamassassin.conf
usr/share/logwatch/default.conf/services/sshd.conf
usr/share/logwatch/default.conf/services/sshd2.conf
#usr/share/logwatch/default.conf/services/stunnel.conf
usr/share/logwatch/default.conf/services/sudo.conf
+#usr/share/logwatch/default.conf/services/syslog-ng.conf
usr/share/logwatch/default.conf/services/syslogd.conf
#usr/share/logwatch/default.conf/services/tac_acc.conf
+#usr/share/logwatch/default.conf/services/tivoli-smc.conf
#usr/share/logwatch/default.conf/services/up2date.conf
+#usr/share/logwatch/default.conf/services/vdr.conf
#usr/share/logwatch/default.conf/services/vpopmail.conf
usr/share/logwatch/default.conf/services/vsftpd.conf
usr/share/logwatch/default.conf/services/windows.conf
#usr/share/logwatch/default.conf/services/xntpd.conf
#usr/share/logwatch/default.conf/services/yum.conf
+#usr/share/logwatch/default.conf/services/zypp.conf
usr/share/logwatch/default.conf/services/zz-disk_space.conf
#usr/share/logwatch/default.conf/services/zz-fortune.conf
+#usr/share/logwatch/default.conf/services/zz-lm_sensors.conf
usr/share/logwatch/default.conf/services/zz-network.conf
usr/share/logwatch/default.conf/services/zz-runtime.conf
#usr/share/logwatch/default.conf/services/zz-sys.conf
+#usr/share/logwatch/default.conf/services/zz-zfs.conf
#usr/share/logwatch/dist.conf
usr/share/logwatch/dist.conf/logfiles
usr/share/logwatch/dist.conf/services
#usr/share/logwatch/scripts/services/audit
#usr/share/logwatch/scripts/services/automount
#usr/share/logwatch/scripts/services/autorpm
+#usr/share/logwatch/scripts/services/barracuda
#usr/share/logwatch/scripts/services/bfd
#usr/share/logwatch/scripts/services/cisco
+#usr/share/logwatch/scripts/services/citadel
usr/share/logwatch/scripts/services/clam-update
usr/share/logwatch/scripts/services/clamav
#usr/share/logwatch/scripts/services/clamav-milter
#usr/share/logwatch/scripts/services/denyhosts
usr/share/logwatch/scripts/services/dhcpd
usr/share/logwatch/scripts/services/dialup
+#usr/share/logwatch/scripts/services/dirsrv
#usr/share/logwatch/scripts/services/dnssec
#usr/share/logwatch/scripts/services/dovecot
#usr/share/logwatch/scripts/services/dpkg
#usr/share/logwatch/scripts/services/eximstats
#usr/share/logwatch/scripts/services/extreme-networks
#usr/share/logwatch/scripts/services/fail2ban
+#usr/share/logwatch/scripts/services/fetchmail
+#usr/share/logwatch/scripts/services/freeradius
#usr/share/logwatch/scripts/services/ftpd-messages
#usr/share/logwatch/scripts/services/ftpd-xferlog
usr/share/logwatch/scripts/services/http
+#usr/share/logwatch/scripts/services/http-error
#usr/share/logwatch/scripts/services/identd
usr/share/logwatch/scripts/services/imapd
#usr/share/logwatch/scripts/services/in.qpopper
usr/share/logwatch/scripts/services/ipop3d
usr/share/logwatch/scripts/services/iptables
usr/share/logwatch/scripts/services/kernel
+#usr/share/logwatch/scripts/services/knockd
+#usr/share/logwatch/scripts/services/lvm
#usr/share/logwatch/scripts/services/mailscanner
+#usr/share/logwatch/scripts/services/mdadm
+#usr/share/logwatch/scripts/services/mod_security2
usr/share/logwatch/scripts/services/modprobe
#usr/share/logwatch/scripts/services/mountd
+#usr/share/logwatch/scripts/services/mysql
+#usr/share/logwatch/scripts/services/mysql-mmm
#usr/share/logwatch/scripts/services/named
#usr/share/logwatch/scripts/services/netopia
#usr/share/logwatch/scripts/services/netscreen
#usr/share/logwatch/scripts/services/oidentd
+#usr/share/logwatch/scripts/services/omsa
usr/share/logwatch/scripts/services/openvpn
usr/share/logwatch/scripts/services/pam
usr/share/logwatch/scripts/services/pam_pwdb
usr/share/logwatch/scripts/services/pop3
#usr/share/logwatch/scripts/services/portsentry
usr/share/logwatch/scripts/services/postfix
+#usr/share/logwatch/scripts/services/postgresql
#usr/share/logwatch/scripts/services/pound
#usr/share/logwatch/scripts/services/proftpd-messages
+#usr/share/logwatch/scripts/services/puppet
#usr/share/logwatch/scripts/services/pureftpd
#usr/share/logwatch/scripts/services/qmail
#usr/share/logwatch/scripts/services/qmail-pop3d
#usr/share/logwatch/scripts/services/qmail-smtpd
#usr/share/logwatch/scripts/services/raid
#usr/share/logwatch/scripts/services/resolver
+#usr/share/logwatch/scripts/services/rsyslogd
#usr/share/logwatch/scripts/services/rt314
usr/share/logwatch/scripts/services/samba
usr/share/logwatch/scripts/services/saslauthd
#usr/share/logwatch/scripts/services/slon
#usr/share/logwatch/scripts/services/smartd
#usr/share/logwatch/scripts/services/sonicwall
+#usr/share/logwatch/scripts/services/spamassassin
usr/share/logwatch/scripts/services/sshd
usr/share/logwatch/scripts/services/sshd2
#usr/share/logwatch/scripts/services/stunnel
usr/share/logwatch/scripts/services/sudo
+#usr/share/logwatch/scripts/services/syslog-ng
usr/share/logwatch/scripts/services/syslogd
#usr/share/logwatch/scripts/services/tac_acc
+#usr/share/logwatch/scripts/services/tivoli-smc
#usr/share/logwatch/scripts/services/up2date
+#usr/share/logwatch/scripts/services/vdr
#usr/share/logwatch/scripts/services/vpopmail
usr/share/logwatch/scripts/services/vsftpd
usr/share/logwatch/scripts/services/windows
#usr/share/logwatch/scripts/services/xntpd
#usr/share/logwatch/scripts/services/yum
+#usr/share/logwatch/scripts/services/zypp
usr/share/logwatch/scripts/services/zz-disk_space
#usr/share/logwatch/scripts/services/zz-fortune
+#usr/share/logwatch/scripts/services/zz-lm_sensors
usr/share/logwatch/scripts/services/zz-network
usr/share/logwatch/scripts/services/zz-runtime
#usr/share/logwatch/scripts/services/zz-sys
+#usr/share/logwatch/scripts/services/zz-zfs
#usr/share/logwatch/scripts/shared
usr/share/logwatch/scripts/shared/applybinddate
usr/share/logwatch/scripts/shared/applyeurodate
usr/share/logwatch/scripts/shared/remove
usr/share/logwatch/scripts/shared/removeheaders
usr/share/logwatch/scripts/shared/removeservice
+#usr/share/man/man1/amavis-logwatch.1
+#usr/share/man/man1/postfix-logwatch.1
+#usr/share/man/man5/ignore.conf.5
+#usr/share/man/man5/logwatch.conf.5
+#usr/share/man/man5/override.conf.5
#usr/share/man/man8/logwatch.8
var/cache/logwatch
var/log/logwatch
etc/strongswan.d/charon.conf
etc/strongswan.d/charon/aes.conf
etc/strongswan.d/charon/attr.conf
+etc/strongswan.d/charon/ccm.conf
etc/strongswan.d/charon/cmac.conf
etc/strongswan.d/charon/constraints.conf
+etc/strongswan.d/charon/ctr.conf
etc/strongswan.d/charon/curl.conf
etc/strongswan.d/charon/des.conf
etc/strongswan.d/charon/dhcp.conf
etc/strongswan.d/charon/eap-ttls.conf
etc/strongswan.d/charon/farp.conf
etc/strongswan.d/charon/fips-prf.conf
+etc/strongswan.d/charon/gcm.conf
etc/strongswan.d/charon/gcrypt.conf
etc/strongswan.d/charon/gmp.conf
etc/strongswan.d/charon/hmac.conf
#usr/lib/ipsec/plugins
usr/lib/ipsec/plugins/libstrongswan-aes.so
usr/lib/ipsec/plugins/libstrongswan-attr.so
+usr/lib/ipsec/plugins/libstrongswan-ccm.so
usr/lib/ipsec/plugins/libstrongswan-cmac.so
usr/lib/ipsec/plugins/libstrongswan-constraints.so
+usr/lib/ipsec/plugins/libstrongswan-ctr.so
usr/lib/ipsec/plugins/libstrongswan-curl.so
usr/lib/ipsec/plugins/libstrongswan-dhcp.so
usr/lib/ipsec/plugins/libstrongswan-des.so
usr/lib/ipsec/plugins/libstrongswan-eap-ttls.so
usr/lib/ipsec/plugins/libstrongswan-farp.so
usr/lib/ipsec/plugins/libstrongswan-fips-prf.so
+usr/lib/ipsec/plugins/libstrongswan-gcm.so
usr/lib/ipsec/plugins/libstrongswan-gcrypt.so
usr/lib/ipsec/plugins/libstrongswan-gmp.so
usr/lib/ipsec/plugins/libstrongswan-hmac.so
#usr/libexec/ipsec
usr/libexec/ipsec/_copyright
usr/libexec/ipsec/_updown
-usr/libexec/ipsec/_updown_espmark
usr/libexec/ipsec/charon
usr/libexec/ipsec/scepclient
usr/libexec/ipsec/starter
#usr/share/man/man5/ipsec.secrets.5
#usr/share/man/man5/strongswan.conf.5
#usr/share/man/man8/_updown.8
-#usr/share/man/man8/_updown_espmark.8
#usr/share/man/man8/ipsec.8
#usr/share/man/man8/openac.8
#usr/share/man/man8/scepclient.8
#usr/share/strongswan/templates/config/plugins
#usr/share/strongswan/templates/config/plugins/aes.conf
#usr/share/strongswan/templates/config/plugins/attr.conf
+#usr/share/strongswan/templates/config/plugins/ccm.conf
#usr/share/strongswan/templates/config/plugins/cmac.conf
#usr/share/strongswan/templates/config/plugins/constraints.conf
+#usr/share/strongswan/templates/config/plugins/ctr.conf
#usr/share/strongswan/templates/config/plugins/curl.conf
#usr/share/strongswan/templates/config/plugins/des.conf
#usr/share/strongswan/templates/config/plugins/dhcp.conf
#usr/share/strongswan/templates/config/plugins/eap-ttls.conf
#usr/share/strongswan/templates/config/plugins/farp.conf
#usr/share/strongswan/templates/config/plugins/fips-prf.conf
+#usr/share/strongswan/templates/config/plugins/gcm.conf
#usr/share/strongswan/templates/config/plugins/gcrypt.conf
#usr/share/strongswan/templates/config/plugins/gmp.conf
#usr/share/strongswan/templates/config/plugins/hmac.conf
etc/modprobe.d/blacklist.conf
etc/udev
#etc/udev/rules.d
-#etc/udev/rules.d/30-persistent-network.rules
#etc/udev/rules.d/55-lfs.rules
#etc/udev/rules.d/81-cdrom.rules
#etc/udev/rules.d/83-cdrom-symlinks.rules
#lib/udev/hwdb.d/60-keyboard.hwdb
#lib/udev/init-net-rules.sh
#lib/udev/mtd_probe
+#lib/udev/network-hotplug-rename
#lib/udev/rule_generator.functions
#lib/udev/rules.d
#lib/udev/rules.d/25-alsa.rules
#lib/udev/rules.d/50-udev-default.rules
#lib/udev/rules.d/60-cdrom_id.rules
#lib/udev/rules.d/60-keyboard.rules
+#lib/udev/rules.d/60-net.rules
#lib/udev/rules.d/60-persistent-alsa.rules
#lib/udev/rules.d/60-persistent-input.rules
#lib/udev/rules.d/60-persistent-serial.rules
-#etc/logrotate.d
etc/logrotate.d/tor
etc/rc.d/init.d/tor
etc/rc.d/rc0.d/K40tor
etc/rc.d/rc3.d/S60tor
etc/rc.d/rc6.d/K40tor
#etc/tor
-#etc/tor/tor-tsocks.conf
etc/tor/torrc
srv/web/ipfire/cgi-bin/tor.cgi
usr/bin/tor
x509_extensions = usr_cert
default_days = 999999
default_crl_days= 30
-default_md = md5
+default_md = sha256
preserve = no
policy = policy_match
email_in_dn = no
emailAddress = optional
[ req ]
-default_bits = 1024
+default_bits = 2048
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
attributes = req_attributes
ENDTEXT
KERNEL vmlinuz
INITRD instroot
+ APPEND novga
LABEL unattended
MENU LABEL Unattended installation
--- /dev/null
+# Call a script that checks for the right name of the new device.
+# If it matches the configuration it will be renamed accordingly.
+ACTION=="add", SUBSYSTEM=="net", PROGRAM="/lib/udev/network-hotplug-rename", RESULT=="?*", NAME="$result"
--- /dev/null
+#!/bin/bash
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2015 IPFire Team <info@ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+# Check if all appropriate variables are set
+[ -n "${INTERFACE}" ] || exit 2
+
+# Ignore virtual interfaces, etc.
+case "${INTERFACE}" in
+ lo)
+ exit 0
+ ;;
+ tun*)
+ exit 0
+ ;;
+ ppp*)
+ exit 0
+ ;;
+esac
+
+# Check if INTERFACE actually exists
+[ -d "/sys/class/net/${INTERFACE}" ] || exit 1
+
+# If the network configuration is not readable,
+# we cannot go on.
+if [ ! -r "/var/ipfire/ethernet/settings" ]; then
+ exit 1
+fi
+
+# Read network settings
+eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
+
+# Standard zones
+ZONES="RED GREEN ORANGE BLUE"
+
+# Determine the address of INTERFACE
+ADDRESS="$(</sys/class/net/${INTERFACE}/address)"
+
+# Walk through all zones and find the matching interface
+for zone in ${ZONES}; do
+ address="${zone}_MACADDR"
+ device="${zone}_DEV"
+
+ # Skip if address or device is unset
+ [ -n "${!address}" -a -n "${!device}" ] || continue
+
+ # If a matching interface has been found we will
+ # print the name to which udev will rename it.
+ if [ "${ADDRESS}" = "${!address}" ]; then
+ echo "${!device}"
+ exit 0
+ fi
+done
+
+# If we get here we have not found a matching device,
+# but we won't return an error any way. The new device
+# will remain with the previous name.
+exit 0
WARNING: translation string unused: ike grouptype
WARNING: translation string unused: ike integrity
WARNING: translation string unused: ike lifetime
+WARNING: translation string unused: ike lifetime should be between 1 and 24 hours
WARNING: translation string unused: import
WARNING: translation string unused: importkey
WARNING: translation string unused: in
WARNING: untranslated string: dead peer detection
WARNING: untranslated string: emerging rules
WARNING: untranslated string: fwhost err hostip
+WARNING: untranslated string: ike lifetime should be between 1 and 8 hours
WARNING: untranslated string: no data
WARNING: untranslated string: qos add subclass
WARNING: untranslated string: route config changed
WARNING: translation string unused: ike grouptype
WARNING: translation string unused: ike integrity
WARNING: translation string unused: ike lifetime
+WARNING: translation string unused: ike lifetime should be between 1 and 24 hours
WARNING: translation string unused: import
WARNING: translation string unused: importkey
WARNING: translation string unused: in
WARNING: untranslated string: Scan for Songs
WARNING: untranslated string: bytes
WARNING: untranslated string: fwhost err hostip
+WARNING: untranslated string: ike lifetime should be between 1 and 8 hours
WARNING: untranslated string: no data
WARNING: untranslated string: route config changed
WARNING: untranslated string: routing config added
WARNING: translation string unused: ike grouptype
WARNING: translation string unused: ike integrity
WARNING: translation string unused: ike lifetime
+WARNING: translation string unused: ike lifetime should be between 1 and 24 hours
WARNING: translation string unused: import
WARNING: translation string unused: importkey
WARNING: translation string unused: in
WARNING: untranslated string: generate dh key
WARNING: untranslated string: grouptype
WARNING: untranslated string: hardware support
+WARNING: untranslated string: ike lifetime should be between 1 and 8 hours
WARNING: untranslated string: imei
WARNING: untranslated string: imsi
WARNING: untranslated string: incoming compression in bytes per second
WARNING: translation string unused: ike grouptype
WARNING: translation string unused: ike integrity
WARNING: translation string unused: ike lifetime
+WARNING: translation string unused: ike lifetime should be between 1 and 24 hours
WARNING: translation string unused: import
WARNING: translation string unused: importkey
WARNING: translation string unused: in
WARNING: untranslated string: generate dh key
WARNING: untranslated string: grouptype
WARNING: untranslated string: hardware support
+WARNING: untranslated string: ike lifetime should be between 1 and 8 hours
WARNING: untranslated string: imei
WARNING: untranslated string: imsi
WARNING: untranslated string: incoming compression in bytes per second
--- /dev/null
+WARNING: translation string unused: Client status and controlc
+WARNING: translation string unused: ConnSched scheduler
+WARNING: translation string unused: ConnSched select profile
+WARNING: translation string unused: HDD temperature
+WARNING: translation string unused: Level7 rule
+WARNING: translation string unused: Local VPN IP
+WARNING: translation string unused: Ping
+WARNING: translation string unused: Queuelenght
+WARNING: translation string unused: Remote IP
+WARNING: translation string unused: Remote VPN IP
+WARNING: translation string unused: Resolv
+WARNING: translation string unused: TOS Bits
+WARNING: translation string unused: Verbose
+WARNING: translation string unused: access allowed
+WARNING: translation string unused: access refused with this oinkcode
+WARNING: translation string unused: add a new rule
+WARNING: translation string unused: add network
+WARNING: translation string unused: add new ovpn
+WARNING: translation string unused: add service
+WARNING: translation string unused: add xtaccess
+WARNING: translation string unused: add-route
+WARNING: translation string unused: admin user password has been changed
+WARNING: translation string unused: administrator user password
+WARNING: translation string unused: advproxy LDAP auth
+WARNING: translation string unused: advproxy NTLM auth
+WARNING: translation string unused: advproxy advanced proxy
+WARNING: translation string unused: advproxy chgwebpwd ERROR
+WARNING: translation string unused: advproxy chgwebpwd SUCCESS
+WARNING: translation string unused: advproxy chgwebpwd change password
+WARNING: translation string unused: advproxy chgwebpwd change web password
+WARNING: translation string unused: advproxy chgwebpwd new password
+WARNING: translation string unused: advproxy chgwebpwd new password confirm
+WARNING: translation string unused: advproxy chgwebpwd old password
+WARNING: translation string unused: advproxy chgwebpwd username
+WARNING: translation string unused: advproxy cre disabled
+WARNING: translation string unused: advproxy errmsg change fail
+WARNING: translation string unused: advproxy errmsg change success
+WARNING: translation string unused: advproxy errmsg invalid user
+WARNING: translation string unused: advproxy errmsg no password
+WARNING: translation string unused: advproxy errmsg password incorrect
+WARNING: translation string unused: advproxy no cre groups
+WARNING: translation string unused: advproxy ssadvanced proxy
+WARNING: translation string unused: advproxy update information
+WARNING: translation string unused: advproxy update notification
+WARNING: translation string unused: again
+WARNING: translation string unused: age seconds
+WARNING: translation string unused: age shour
+WARNING: translation string unused: age sminute
+WARNING: translation string unused: age ssecond
+WARNING: translation string unused: alcatelusb help
+WARNING: translation string unused: alcatelusb upload
+WARNING: translation string unused: all interfaces
+WARNING: translation string unused: all updates installed
+WARNING: translation string unused: allmsg
+WARNING: translation string unused: alt information
+WARNING: translation string unused: alt ovpn
+WARNING: translation string unused: alt vpn
+WARNING: translation string unused: and
+WARNING: translation string unused: ansi t1.483
+WARNING: translation string unused: apply
+WARNING: translation string unused: archive not exist
+WARNING: translation string unused: attemps
+WARNING: translation string unused: available updates
+WARNING: translation string unused: avoid dod
+WARNING: translation string unused: backup archive
+WARNING: translation string unused: backup clear archive
+WARNING: translation string unused: backup config floppy
+WARNING: translation string unused: backup configuration
+WARNING: translation string unused: backup erase key
+WARNING: translation string unused: backup explain key
+WARNING: translation string unused: backup explain key li1
+WARNING: translation string unused: backup explain key li2
+WARNING: translation string unused: backup explain key li3
+WARNING: translation string unused: backup explain key no1
+WARNING: translation string unused: backup explain key no2
+WARNING: translation string unused: backup export key
+WARNING: translation string unused: backup extract key
+WARNING: translation string unused: backup generate key
+WARNING: translation string unused: backup import dat file
+WARNING: translation string unused: backup import key
+WARNING: translation string unused: backup key
+WARNING: translation string unused: backup key file
+WARNING: translation string unused: backup key info
+WARNING: translation string unused: backup media info
+WARNING: translation string unused: backup missing key
+WARNING: translation string unused: backup password
+WARNING: translation string unused: backup protect key password
+WARNING: translation string unused: backup sets
+WARNING: translation string unused: backup to floppy
+WARNING: translation string unused: bad characters in
+WARNING: translation string unused: behind a proxy
+WARNING: translation string unused: bewan adsl pci st
+WARNING: translation string unused: bewan adsl usb
+WARNING: translation string unused: bitrate
+WARNING: translation string unused: bleeding rules
+WARNING: translation string unused: blue access use hint
+WARNING: translation string unused: blue interface
+WARNING: translation string unused: cache management
+WARNING: translation string unused: cache size
+WARNING: translation string unused: calamaris report interval (in minutes)
+WARNING: translation string unused: calc traffic all x minutes
+WARNING: translation string unused: cant enable xtaccess
+WARNING: translation string unused: capsinactive
+WARNING: translation string unused: ccd err iroute
+WARNING: translation string unused: ccd err netadr
+WARNING: translation string unused: cfg restart
+WARNING: translation string unused: check for net traffic update
+WARNING: translation string unused: choose config
+WARNING: translation string unused: choose media
+WARNING: translation string unused: clear cache
+WARNING: translation string unused: compression
+WARNING: translation string unused: connect
+WARNING: translation string unused: connect the modem
+WARNING: translation string unused: core notice 1
+WARNING: translation string unused: core notice 2
+WARNING: translation string unused: core notice 3
+WARNING: translation string unused: could not connect to
+WARNING: translation string unused: could not connect to www ipcop org
+WARNING: translation string unused: could not connect to www ipfire org
+WARNING: translation string unused: could not create directory
+WARNING: translation string unused: could not download latest patch list
+WARNING: translation string unused: could not download the available updates list
+WARNING: translation string unused: could not open available updates file
+WARNING: translation string unused: could not open installed updates file
+WARNING: translation string unused: could not open update information file
+WARNING: translation string unused: create
+WARNING: translation string unused: create new backup
+WARNING: translation string unused: current dynamic leases
+WARNING: translation string unused: current media
+WARNING: translation string unused: current ovpn
+WARNING: translation string unused: current profile
+WARNING: translation string unused: custom networks
+WARNING: translation string unused: custom services
+WARNING: translation string unused: daily firewallhits
+WARNING: translation string unused: dat without key
+WARNING: translation string unused: day-graph
+WARNING: translation string unused: dbfile
+WARNING: translation string unused: ddns help dnsmadeeasy
+WARNING: translation string unused: ddns help freedns
+WARNING: translation string unused: ddns help plus
+WARNING: translation string unused: ddns minimize updates
+WARNING: translation string unused: ddns noip prefix
+WARNING: translation string unused: debugme
+WARNING: translation string unused: deep scan directories
+WARNING: translation string unused: default ip
+WARNING: translation string unused: default networks
+WARNING: translation string unused: default services
+WARNING: translation string unused: description
+WARNING: translation string unused: destination ip bad
+WARNING: translation string unused: destination ip or net
+WARNING: translation string unused: destination net
+WARNING: translation string unused: destination port overlaps
+WARNING: translation string unused: dh name is invalid
+WARNING: translation string unused: dhcp base ip fixed lease
+WARNING: translation string unused: dhcp create fixed leases
+WARNING: translation string unused: dhcp fixed lease err1
+WARNING: translation string unused: dhcp fixed lease help1
+WARNING: translation string unused: dhcp mode
+WARNING: translation string unused: dhcp server disabled on blue interface
+WARNING: translation string unused: dhcp server enabled on blue interface
+WARNING: translation string unused: dial user password
+WARNING: translation string unused: dial user password has been changed
+WARNING: translation string unused: dialup settings
+WARNING: translation string unused: disconnect
+WARNING: translation string unused: disconnects
+WARNING: translation string unused: display traffic at home
+WARNING: translation string unused: display webinterface effects
+WARNING: translation string unused: dmz pinhole configuration
+WARNING: translation string unused: dmz pinhole rule added
+WARNING: translation string unused: dmz pinhole rule removed
+WARNING: translation string unused: dmzpinholes for same net not necessary
+WARNING: translation string unused: dns server
+WARNING: translation string unused: do not log this port list
+WARNING: translation string unused: domain not set
+WARNING: translation string unused: donation-link
+WARNING: translation string unused: done
+WARNING: translation string unused: download dh parameter
+WARNING: translation string unused: driver
+WARNING: translation string unused: dstprt range overlaps
+WARNING: translation string unused: dstprt within existing
+WARNING: translation string unused: dynamic dns client
+WARNING: translation string unused: eciadsl help
+WARNING: translation string unused: eciadsl upload
+WARNING: translation string unused: edit a rule
+WARNING: translation string unused: edit network
+WARNING: translation string unused: edit service
+WARNING: translation string unused: editor
+WARNING: translation string unused: eg
+WARNING: translation string unused: email server can not be empty
+WARNING: translation string unused: enable javascript
+WARNING: translation string unused: enable wildcards
+WARNING: translation string unused: enabled on
+WARNING: translation string unused: enabledtitle
+WARNING: translation string unused: encrypted
+WARNING: translation string unused: err bk 1
+WARNING: translation string unused: err bk 10 password
+WARNING: translation string unused: err bk 2 key
+WARNING: translation string unused: err bk 3 tar
+WARNING: translation string unused: err bk 4 gz
+WARNING: translation string unused: err bk 5 encrypt
+WARNING: translation string unused: err rs 1
+WARNING: translation string unused: err rs 6 decrypt
+WARNING: translation string unused: err rs 7 untartst
+WARNING: translation string unused: err rs 8 untar
+WARNING: translation string unused: error config
+WARNING: translation string unused: error external access
+WARNING: translation string unused: esp encryption
+WARNING: translation string unused: esp grouptype
+WARNING: translation string unused: esp integrity
+WARNING: translation string unused: esp keylife
+WARNING: translation string unused: expected
+WARNING: translation string unused: expertoptions
+WARNING: translation string unused: exportkey
+WARNING: translation string unused: external access
+WARNING: translation string unused: external access configuration
+WARNING: translation string unused: external access rule added
+WARNING: translation string unused: external access rule changed
+WARNING: translation string unused: external access rule removed
+WARNING: translation string unused: extrahd
+WARNING: translation string unused: extrahd unable to read
+WARNING: translation string unused: extrahd unable to write
+WARNING: translation string unused: filename
+WARNING: translation string unused: firewall graphs
+WARNING: translation string unused: firewall log viewer
+WARNING: translation string unused: firmware
+WARNING: translation string unused: firmware upload
+WARNING: translation string unused: force update
+WARNING: translation string unused: forward firewall
+WARNING: translation string unused: forwarding rule added
+WARNING: translation string unused: forwarding rule removed
+WARNING: translation string unused: forwarding rule updated
+WARNING: translation string unused: frequency
+WARNING: translation string unused: fritzdsl help
+WARNING: translation string unused: fritzdsl upload
+WARNING: translation string unused: from email adr
+WARNING: translation string unused: from email pw
+WARNING: translation string unused: from email server
+WARNING: translation string unused: from email user
+WARNING: translation string unused: from warn email bad
+WARNING: translation string unused: fwdfw MODE1
+WARNING: translation string unused: fwdfw MODE2
+WARNING: translation string unused: fwdfw addrule
+WARNING: translation string unused: fwdfw err nosrcip
+WARNING: translation string unused: fwdfw err notgtip
+WARNING: translation string unused: fwdfw err prot_port1
+WARNING: translation string unused: fwdfw final_rule
+WARNING: translation string unused: fwdfw from
+WARNING: translation string unused: fwdfw ipsec network
+WARNING: translation string unused: fwdfw man port
+WARNING: translation string unused: fwdfw menu
+WARNING: translation string unused: fwdfw natport used
+WARNING: translation string unused: fwdfw p2p txt
+WARNING: translation string unused: fwdfw rule action
+WARNING: translation string unused: fwdfw rules
+WARNING: translation string unused: fwdfw std network
+WARNING: translation string unused: fwdfw till
+WARNING: translation string unused: fwdfw time
+WARNING: translation string unused: fwdfw xt access
+WARNING: translation string unused: fwhost Custom Host
+WARNING: translation string unused: fwhost Custom Network
+WARNING: translation string unused: fwhost IpSec Host
+WARNING: translation string unused: fwhost IpSec Network
+WARNING: translation string unused: fwhost OpenVPN static host
+WARNING: translation string unused: fwhost OpenVPN static network
+WARNING: translation string unused: fwhost Standard Network
+WARNING: translation string unused: fwhost attention
+WARNING: translation string unused: fwhost blue
+WARNING: translation string unused: fwhost changeremark
+WARNING: translation string unused: fwhost err addrgrp
+WARNING: translation string unused: fwhost err hostorip
+WARNING: translation string unused: fwhost err mac
+WARNING: translation string unused: fwhost err partofnet
+WARNING: translation string unused: fwhost green
+WARNING: translation string unused: fwhost hosts
+WARNING: translation string unused: fwhost ipadr
+WARNING: translation string unused: fwhost ipsec host
+WARNING: translation string unused: fwhost orange
+WARNING: translation string unused: fwhost reread
+WARNING: translation string unused: fwhost reset
+WARNING: translation string unused: fwhost wo subnet
+WARNING: translation string unused: g.dtm
+WARNING: translation string unused: g.lite
+WARNING: translation string unused: gen static key
+WARNING: translation string unused: generate
+WARNING: translation string unused: genkey
+WARNING: translation string unused: green interface
+WARNING: translation string unused: gz with key
+WARNING: translation string unused: hint
+WARNING: translation string unused: host
+WARNING: translation string unused: host configuration
+WARNING: translation string unused: hostname and domain already in use
+WARNING: translation string unused: hour-graph
+WARNING: translation string unused: hours2
+WARNING: translation string unused: ibod for dual isdn only
+WARNING: translation string unused: icmp selected but no type
+WARNING: translation string unused: icmp type
+WARNING: translation string unused: id
+WARNING: translation string unused: ids preprocessor
+WARNING: translation string unused: ike encryption
+WARNING: translation string unused: ike grouptype
+WARNING: translation string unused: ike integrity
+WARNING: translation string unused: ike lifetime
+WARNING: translation string unused: ike lifetime should be between 1 and 24 hours
+WARNING: translation string unused: import
+WARNING: translation string unused: importkey
+WARNING: translation string unused: in
+WARNING: translation string unused: incorrect password
+WARNING: translation string unused: insert floppy
+WARNING: translation string unused: insert removable device
+WARNING: translation string unused: install new update
+WARNING: translation string unused: installed
+WARNING: translation string unused: installed updates
+WARNING: translation string unused: intrusion detection system log viewer
+WARNING: translation string unused: intrusion detection system2
+WARNING: translation string unused: invalid cache size
+WARNING: translation string unused: invalid date entered
+WARNING: translation string unused: invalid downlink speed
+WARNING: translation string unused: invalid loaded file
+WARNING: translation string unused: invalid md5sum
+WARNING: translation string unused: invalid port list
+WARNING: translation string unused: invalid time entered
+WARNING: translation string unused: invalid uplink speed
+WARNING: translation string unused: invalid upstream proxy username or password setting
+WARNING: translation string unused: invert
+WARNING: translation string unused: ip address in use
+WARNING: translation string unused: ipfire side
+WARNING: translation string unused: ipsec no connections
+WARNING: translation string unused: iptable rules
+WARNING: translation string unused: isdn
+WARNING: translation string unused: isdn settings
+WARNING: translation string unused: isdn1
+WARNING: translation string unused: isdn2
+WARNING: translation string unused: javascript menu error1
+WARNING: translation string unused: javascript menu error2
+WARNING: translation string unused: kernel version
+WARNING: translation string unused: key stuff
+WARNING: translation string unused: lateprompting
+WARNING: translation string unused: length
+WARNING: translation string unused: line
+WARNING: translation string unused: loaded modules
+WARNING: translation string unused: local hard disk
+WARNING: translation string unused: localkeyfile
+WARNING: translation string unused: log enabled
+WARNING: translation string unused: log viewer
+WARNING: translation string unused: logging
+WARNING: translation string unused: loosedirectorychecking
+WARNING: translation string unused: ls_dhcpd
+WARNING: translation string unused: ls_disk space
+WARNING: translation string unused: ls_free/swan
+WARNING: translation string unused: ls_httpd
+WARNING: translation string unused: ls_init
+WARNING: translation string unused: ls_kernel
+WARNING: translation string unused: ls_modprobe
+WARNING: translation string unused: ls_pam_unix
+WARNING: translation string unused: ls_sshd
+WARNING: translation string unused: ls_syslogd
+WARNING: translation string unused: mac address error not 00
+WARNING: translation string unused: manage ovpn
+WARNING: translation string unused: manual control and status
+WARNING: translation string unused: marked
+WARNING: translation string unused: max incoming size
+WARNING: translation string unused: max outgoing size
+WARNING: translation string unused: max size
+WARNING: translation string unused: mbmon fan in
+WARNING: translation string unused: mbmon graphs
+WARNING: translation string unused: mbmon temp in
+WARNING: translation string unused: mbmon value
+WARNING: translation string unused: min size
+WARNING: translation string unused: missing dat
+WARNING: translation string unused: missing gz
+WARNING: translation string unused: mode
+WARNING: translation string unused: modem on com1
+WARNING: translation string unused: modem on com2
+WARNING: translation string unused: modem on com3
+WARNING: translation string unused: modem on com4
+WARNING: translation string unused: modem on com5
+WARNING: translation string unused: modulation
+WARNING: translation string unused: month-graph
+WARNING: translation string unused: monthly firewallhits
+WARNING: translation string unused: monthly start day bad
+WARNING: translation string unused: monthly traffic bad
+WARNING: translation string unused: monthly volume
+WARNING: translation string unused: monthly volume start day
+WARNING: translation string unused: monthly volume start day short
+WARNING: translation string unused: mount
+WARNING: translation string unused: mtu QoS
+WARNING: translation string unused: nat-traversal
+WARNING: translation string unused: net
+WARNING: translation string unused: net address
+WARNING: translation string unused: net config type
+WARNING: translation string unused: net config type help
+WARNING: translation string unused: net-traffic configuration
+WARNING: translation string unused: network added
+WARNING: translation string unused: network configuration
+WARNING: translation string unused: network removed
+WARNING: translation string unused: network status information
+WARNING: translation string unused: network time
+WARNING: translation string unused: network traffic graphs
+WARNING: translation string unused: network updated
+WARNING: translation string unused: networks settings
+WARNING: translation string unused: never
+WARNING: translation string unused: new optionsfw must boot
+WARNING: translation string unused: no alcatelusb firmware
+WARNING: translation string unused: no cfg upload
+WARNING: translation string unused: no eciadsl synch.bin file
+WARNING: translation string unused: no fritzdsl driver
+WARNING: translation string unused: no information available
+WARNING: translation string unused: no modem selected
+WARNING: translation string unused: no set selected
+WARNING: translation string unused: nonetworkname
+WARNING: translation string unused: noservicename
+WARNING: translation string unused: notes
+WARNING: translation string unused: o-no
+WARNING: translation string unused: o-yes
+WARNING: translation string unused: online help en
+WARNING: translation string unused: only red
+WARNING: translation string unused: open to all
+WARNING: translation string unused: openvpn disabled
+WARNING: translation string unused: openvpn enabled
+WARNING: translation string unused: optional data
+WARNING: translation string unused: optionsfw portlist hint
+WARNING: translation string unused: optionsfw warning
+WARNING: translation string unused: or
+WARNING: translation string unused: original
+WARNING: translation string unused: our donors
+WARNING: translation string unused: out
+WARNING: translation string unused: outgoing firewall
+WARNING: translation string unused: outgoing firewall add ip group
+WARNING: translation string unused: outgoing firewall add mac group
+WARNING: translation string unused: outgoing firewall edit ip group
+WARNING: translation string unused: outgoing firewall edit mac group
+WARNING: translation string unused: outgoing firewall group error
+WARNING: translation string unused: outgoing firewall groups
+WARNING: translation string unused: outgoing firewall ip groups
+WARNING: translation string unused: outgoing firewall mac groups
+WARNING: translation string unused: outgoing firewall mode0
+WARNING: translation string unused: outgoing firewall mode1
+WARNING: translation string unused: outgoing firewall mode2
+WARNING: translation string unused: outgoing firewall outgoing firewall reserved groupname
+WARNING: translation string unused: outgoing firewall p2p description 1
+WARNING: translation string unused: outgoing firewall p2p description 2
+WARNING: translation string unused: outgoing firewall p2p description 3
+WARNING: translation string unused: outgoing firewall reset
+WARNING: translation string unused: outgoing firewall view group
+WARNING: translation string unused: outgoing firewall warning
+WARNING: translation string unused: override mtu
+WARNING: translation string unused: ovpn config
+WARNING: translation string unused: ovpn dl
+WARNING: translation string unused: ovpn engines
+WARNING: translation string unused: ovpn log
+WARNING: translation string unused: ovpn reneg sec
+WARNING: translation string unused: ovpn_fastio
+WARNING: translation string unused: ovpn_mssfix
+WARNING: translation string unused: ovpn_mtudisc
+WARNING: translation string unused: ovpn_processprio
+WARNING: translation string unused: ovpn_processprioD
+WARNING: translation string unused: ovpn_processprioED
+WARNING: translation string unused: ovpn_processprioEH
+WARNING: translation string unused: ovpn_processprioEN
+WARNING: translation string unused: ovpn_processprioH
+WARNING: translation string unused: ovpn_processprioLN
+WARNING: translation string unused: ovpn_processprioN
+WARNING: translation string unused: ovpn_processprioVD
+WARNING: translation string unused: ovpn_processprioVH
+WARNING: translation string unused: ovpnstatus log
+WARNING: translation string unused: ovpnsys log
+WARNING: translation string unused: package failed to install
+WARNING: translation string unused: pakfire core update auto
+WARNING: translation string unused: pakfire updates
+WARNING: translation string unused: password contains illegal characters
+WARNING: translation string unused: password crypting key
+WARNING: translation string unused: passwords must be at least 6 characters in length
+WARNING: translation string unused: phase1 group
+WARNING: translation string unused: phonebook entry
+WARNING: translation string unused: ping disabled
+WARNING: translation string unused: polfile
+WARNING: translation string unused: port forwarding configuration
+WARNING: translation string unused: ports
+WARNING: translation string unused: pots
+WARNING: translation string unused: pppoe
+WARNING: translation string unused: present
+WARNING: translation string unused: profiles
+WARNING: translation string unused: proxy
+WARNING: translation string unused: proxy access graphs
+WARNING: translation string unused: proxy no proxy extend
+WARNING: translation string unused: proxy no proxy local
+WARNING: translation string unused: proxy port
+WARNING: translation string unused: psk
+WARNING: translation string unused: quick control
+WARNING: translation string unused: reboot ask
+WARNING: translation string unused: reboot question
+WARNING: translation string unused: reboot schedule
+WARNING: translation string unused: reboot sure
+WARNING: translation string unused: refresh update list
+WARNING: translation string unused: released
+WARNING: translation string unused: removable device advice
+WARNING: translation string unused: reportfile
+WARNING: translation string unused: requested data
+WARNING: translation string unused: reserved dst port
+WARNING: translation string unused: reserved src port
+WARNING: translation string unused: restore hardware settings
+WARNING: translation string unused: root
+WARNING: translation string unused: root path
+WARNING: translation string unused: root user password
+WARNING: translation string unused: route subnet is invalid
+WARNING: translation string unused: router ip
+WARNING: translation string unused: rsvd dst port overlap
+WARNING: translation string unused: rsvd src port overlap
+WARNING: translation string unused: rules already up to date
+WARNING: translation string unused: safe removal of umounted device
+WARNING: translation string unused: save error
+WARNING: translation string unused: select dest net
+WARNING: translation string unused: select media
+WARNING: translation string unused: select source net
+WARNING: translation string unused: selecttraffic
+WARNING: translation string unused: send email notification
+WARNING: translation string unused: send test mail
+WARNING: translation string unused: server reserved
+WARNING: translation string unused: service added
+WARNING: translation string unused: service removed
+WARNING: translation string unused: service updated
+WARNING: translation string unused: servicename
+WARNING: translation string unused: services settings
+WARNING: translation string unused: shaping add options
+WARNING: translation string unused: shaping list options
+WARNING: translation string unused: show areas
+WARNING: translation string unused: show lines
+WARNING: translation string unused: shutdown ask
+WARNING: translation string unused: shutdown sure
+WARNING: translation string unused: shutdown2
+WARNING: translation string unused: sitekeyfile
+WARNING: translation string unused: smbreload
+WARNING: translation string unused: source ip bad
+WARNING: translation string unused: source ip in use
+WARNING: translation string unused: source ip or net
+WARNING: translation string unused: source net
+WARNING: translation string unused: source network
+WARNING: translation string unused: source port in use
+WARNING: translation string unused: source port overlaps
+WARNING: translation string unused: squid extension methods
+WARNING: translation string unused: squid extension methods invalid
+WARNING: translation string unused: squid fix cache
+WARNING: translation string unused: srcprt range overlaps
+WARNING: translation string unused: srcprt within existing
+WARNING: translation string unused: ssdmz pinholes
+WARNING: translation string unused: ssh access tip
+WARNING: translation string unused: ssh1 disabled
+WARNING: translation string unused: ssh1 enabled
+WARNING: translation string unused: ssh1 support
+WARNING: translation string unused: ssnetwork status
+WARNING: translation string unused: sspasswords
+WARNING: translation string unused: ssport forwarding
+WARNING: translation string unused: ssproxy graphs
+WARNING: translation string unused: sssystem status
+WARNING: translation string unused: sstraffic graphs
+WARNING: translation string unused: subject test
+WARNING: translation string unused: subject warn
+WARNING: translation string unused: subnet
+WARNING: translation string unused: subnet is invalid
+WARNING: translation string unused: successfully refreshed updates list
+WARNING: translation string unused: system graphs
+WARNING: translation string unused: system log viewer
+WARNING: translation string unused: system status information
+WARNING: translation string unused: teovpn_fragment
+WARNING: translation string unused: test
+WARNING: translation string unused: test email could not be sent
+WARNING: translation string unused: test email was sent
+WARNING: translation string unused: the following update was successfully installed
+WARNING: translation string unused: there are updates
+WARNING: translation string unused: there are updates available
+WARNING: translation string unused: this feature has been sponsored by
+WARNING: translation string unused: this is not a valid archive
+WARNING: translation string unused: this is not an authorised update
+WARNING: translation string unused: this months volume
+WARNING: translation string unused: this update is already installed
+WARNING: translation string unused: this weeks volume
+WARNING: translation string unused: time date manually reset
+WARNING: translation string unused: to email adr
+WARNING: translation string unused: to install an update
+WARNING: translation string unused: to warn email bad
+WARNING: translation string unused: too long 80 char max
+WARNING: translation string unused: tor 0 = disabled
+WARNING: translation string unused: tor accounting period daily
+WARNING: translation string unused: tor accounting period monthly
+WARNING: translation string unused: tor accounting period weekly
+WARNING: translation string unused: tor bridge enabled
+WARNING: translation string unused: tor errmsg invalid node id
+WARNING: translation string unused: tor exit country
+WARNING: translation string unused: total connection time
+WARNING: translation string unused: traffic back
+WARNING: translation string unused: traffic calc time
+WARNING: translation string unused: traffic calc time bad
+WARNING: translation string unused: traffic info messages
+WARNING: translation string unused: traffic monitor
+WARNING: translation string unused: traffic shaping
+WARNING: translation string unused: traffic shaping settings
+WARNING: translation string unused: traffic warn level bad
+WARNING: translation string unused: trafficblue
+WARNING: translation string unused: trafficdate
+WARNING: translation string unused: trafficfrom
+WARNING: translation string unused: trafficgreen
+WARNING: translation string unused: trafficin
+WARNING: translation string unused: trafficorange
+WARNING: translation string unused: trafficout
+WARNING: translation string unused: trafficred
+WARNING: translation string unused: trafficsum
+WARNING: translation string unused: trafficto
+WARNING: translation string unused: transfer limits
+WARNING: translation string unused: transparent on
+WARNING: translation string unused: umount
+WARNING: translation string unused: umount removable media before to unplug
+WARNING: translation string unused: unencrypted
+WARNING: translation string unused: update transcript
+WARNING: translation string unused: updates
+WARNING: translation string unused: updates is old1
+WARNING: translation string unused: updates is old2
+WARNING: translation string unused: updxlrtr children
+WARNING: translation string unused: updxlrtr invalid num of children
+WARNING: translation string unused: updxlrtr sources
+WARNING: translation string unused: updxlrtr standard view
+WARNING: translation string unused: updxlrtr unknown
+WARNING: translation string unused: updxlrtr update information
+WARNING: translation string unused: updxlrtr update notification
+WARNING: translation string unused: updxlrtr used by
+WARNING: translation string unused: upload fcdsl.o
+WARNING: translation string unused: upload file
+WARNING: translation string unused: upload static key
+WARNING: translation string unused: upload successful
+WARNING: translation string unused: upload synch.bin
+WARNING: translation string unused: upload update file
+WARNING: translation string unused: upstream password
+WARNING: translation string unused: upstream proxy host:port
+WARNING: translation string unused: upstream username
+WARNING: translation string unused: uptime
+WARNING: translation string unused: uptime and users
+WARNING: translation string unused: urlfilter background image
+WARNING: translation string unused: urlfilter background text
+WARNING: translation string unused: urlfilter enable jpeg
+WARNING: translation string unused: urlfilter update information
+WARNING: translation string unused: urlfilter update notification
+WARNING: translation string unused: urlfilter update results
+WARNING: translation string unused: urlfilter upload background
+WARNING: translation string unused: use
+WARNING: translation string unused: use dov
+WARNING: translation string unused: use ibod
+WARNING: translation string unused: view log
+WARNING: translation string unused: vpn aggrmode
+WARNING: translation string unused: vpn configuration main
+WARNING: translation string unused: vpn incompatible use of defaultroute
+WARNING: translation string unused: vpn mtu invalid
+WARNING: translation string unused: vpn on blue
+WARNING: translation string unused: vpn on green
+WARNING: translation string unused: vpn on orange
+WARNING: translation string unused: vpn watch
+WARNING: translation string unused: warn when traffic reaches
+WARNING: translation string unused: web proxy configuration
+WARNING: translation string unused: week-graph
+WARNING: translation string unused: weekly firewallhits
+WARNING: translation string unused: wildcards
+WARNING: translation string unused: wlanap wlan services
+WARNING: translation string unused: xtaccess all error
+WARNING: translation string unused: xtaccess bad transfert
+WARNING: translation string unused: year-graph
+WARNING: translation string unused: yearly firewallhits
+WARNING: untranslated string: MTU settings
+WARNING: untranslated string: Number of Countries for the pie chart
+WARNING: untranslated string: Scan for Songs
+WARNING: untranslated string: administrator password
+WARNING: untranslated string: administrator username
+WARNING: untranslated string: advproxy AUTH method ntlm auth
+WARNING: untranslated string: advproxy basic authentication
+WARNING: untranslated string: advproxy group access control
+WARNING: untranslated string: advproxy group required
+WARNING: untranslated string: bytes
+WARNING: untranslated string: fwdfw err concon
+WARNING: untranslated string: fwdfw err ratecon
+WARNING: untranslated string: fwdfw limitconcon
+WARNING: untranslated string: fwdfw maxconcon
+WARNING: untranslated string: fwdfw numcon
+WARNING: untranslated string: fwdfw ratelimit
+WARNING: untranslated string: fwhost err hostip
+WARNING: untranslated string: ike lifetime should be between 1 and 8 hours
+WARNING: untranslated string: incoming compression in bytes per second
+WARNING: untranslated string: incoming overhead in bytes per second
+WARNING: untranslated string: invalid input for valid till days
+WARNING: untranslated string: masquerade blue
+WARNING: untranslated string: masquerade green
+WARNING: untranslated string: masquerade orange
+WARNING: untranslated string: masquerading
+WARNING: untranslated string: masquerading disabled
+WARNING: untranslated string: masquerading enabled
+WARNING: untranslated string: messages
+WARNING: untranslated string: no data
+WARNING: untranslated string: outgoing compression in bytes per second
+WARNING: untranslated string: outgoing overhead in bytes per second
+WARNING: untranslated string: ovpn add conf
+WARNING: untranslated string: route config changed
+WARNING: untranslated string: routing config added
+WARNING: untranslated string: routing config changed
+WARNING: untranslated string: routing table
+WARNING: untranslated string: samba join a domain
+WARNING: untranslated string: samba join domain
WARNING: translation string unused: ike grouptype
WARNING: translation string unused: ike integrity
WARNING: translation string unused: ike lifetime
+WARNING: translation string unused: ike lifetime should be between 1 and 24 hours
WARNING: translation string unused: import
WARNING: translation string unused: importkey
WARNING: translation string unused: in
WARNING: untranslated string: fwhost err hostip
WARNING: untranslated string: gen dh
WARNING: untranslated string: generate dh key
+WARNING: untranslated string: ike lifetime should be between 1 and 8 hours
WARNING: untranslated string: imei
WARNING: untranslated string: imsi
WARNING: untranslated string: incoming compression in bytes per second
WARNING: translation string unused: ike grouptype
WARNING: translation string unused: ike integrity
WARNING: translation string unused: ike lifetime
+WARNING: translation string unused: ike lifetime should be between 1 and 24 hours
WARNING: translation string unused: import
WARNING: translation string unused: importkey
WARNING: translation string unused: in
WARNING: untranslated string: generate dh key
WARNING: untranslated string: grouptype
WARNING: untranslated string: hardware support
+WARNING: untranslated string: ike lifetime should be between 1 and 8 hours
WARNING: untranslated string: imei
WARNING: untranslated string: imsi
WARNING: untranslated string: incoming compression in bytes per second
WARNING: translation string unused: ike grouptype
WARNING: translation string unused: ike integrity
WARNING: translation string unused: ike lifetime
+WARNING: translation string unused: ike lifetime should be between 1 and 24 hours
WARNING: translation string unused: import
WARNING: translation string unused: importkey
WARNING: translation string unused: in
WARNING: untranslated string: generate dh key
WARNING: untranslated string: grouptype
WARNING: untranslated string: hardware support
+WARNING: untranslated string: ike lifetime should be between 1 and 8 hours
WARNING: untranslated string: imei
WARNING: untranslated string: imsi
WARNING: untranslated string: incoming compression in bytes per second
WARNING: translation string unused: ike grouptype
WARNING: translation string unused: ike integrity
WARNING: translation string unused: ike lifetime
+WARNING: translation string unused: ike lifetime should be between 1 and 24 hours
WARNING: translation string unused: import
WARNING: translation string unused: importkey
WARNING: translation string unused: in
WARNING: untranslated string: Scan for Songs
WARNING: untranslated string: bytes
WARNING: untranslated string: fwhost err hostip
+WARNING: untranslated string: ike lifetime should be between 1 and 8 hours
WARNING: untranslated string: incoming compression in bytes per second
WARNING: untranslated string: incoming overhead in bytes per second
WARNING: untranslated string: invalid input for valid till days
}
my $sip_colour = ipcolour($sip);
- my $dip_colour = ipcolour($dip);
+ # use colour of destination network for DNAT
+ my $dip_colour = $dip ne $dip_ret ? ipcolour($dip_ret) : ipcolour($dip);
my $sserv = '';
if ($sport < 1024) {
print FILE "password = $password\n";
}
- # These providers need to be set to only use IPv4.
- if ($provider ~~ ["freedns.afraid.org", "nsupdate.info", "opendns.com", "variomedia.de", "zoneedit.com"]) {
- print FILE "proto = ipv4\n";
- }
-
print FILE "\n";
}
my $comment = $3;
my $packet = $4;
- $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){ $iface="";}
- $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1;
- $packet =~ /DST=([\d\.]+)/; my $dstaddr=$1;
- $packet =~ /MAC=([\w+\:]+)/; my $macaddr=$1;
- $packet =~ /PROTO=(\w+)/; my $proto=$1;
- $packet =~ /SPT=(\d+)/; my $srcport=$1;
- $packet =~ /DPT=(\d+)/; my $dstport=$1;
+ my ($iface, $srcaddr, $dstaddr, $macaddr, $proto, $srcport, $dstport);
+ $iface=$1 if $packet =~ /IN=(\w+)/;
+ $srcaddr=$1 if $packet =~ /SRC=([\d\.]+)/;
+ $dstaddr=$1 if $packet =~ /DST=([\d\.]+)/;
+ $macaddr=$1 if $packet =~ /MAC=([\w+\:]+)/;
+ $proto=$1 if $packet =~ /PROTO=(\w+)/;
+ $srcport=$1 if $packet =~ /SPT=(\d+)/;
+ $dstport=$1 if $packet =~ /DPT=(\d+)/;
my $gi = Geo::IP::PurePerl->new();
my $ccode = $gi->country_code_by_name($srcaddr);
}
print CONF "\n";
}#foreach key
-
- # Add post user includes to config file
- # After the GUI-connections allows to patch connections.
- if (-e "/etc/ipsec.user-post.conf") {
- print CONF "include /etc/ipsec.user-post.conf\n";
- print CONF "\n";
- }
-
print SECRETS $last_secrets if ($last_secrets);
close(CONF);
close(SECRETS);
if (!$errormessage) {
&General::log("ipsec", "Creating cacert...");
if (open(STDIN, "-|")) {
- my $opt = " req -x509 -nodes -rand /proc/interrupts:/proc/net/rt_cache";
+ my $opt = " req -x509 -sha256 -nodes";
$opt .= " -days 999999";
- $opt .= " -newkey rsa:2048";
+ $opt .= " -newkey rsa:4096";
$opt .= " -keyout ${General::swroot}/private/cakey.pem";
$opt .= " -out ${General::swroot}/ca/cacert.pem";
if (!$errormessage) {
&General::log("ipsec", "Creating host cert...");
if (open(STDIN, "-|")) {
- my $opt = " req -nodes -rand /proc/interrupts:/proc/net/rt_cache";
- $opt .= " -newkey rsa:1024";
+ my $opt = " req -sha256 -nodes";
+ $opt .= " -newkey rsa:2048";
$opt .= " -keyout ${General::swroot}/certs/hostkey.pem";
$opt .= " -out ${General::swroot}/certs/hostreq.pem";
$errormessage = &callssl ($opt);
print $fh "subjectAltName=$cgiparams{'SUBJECTALTNAME'}" if ($cgiparams{'SUBJECTALTNAME'});
close ($fh);
- my $opt = " ca -days 999999";
+ my $opt = " ca -md sha256 -days 999999";
$opt .= " -batch -notext";
$opt .= " -in ${General::swroot}/certs/hostreq.pem";
$opt .= " -out ${General::swroot}/certs/hostcert.pem";
# Sign the certificate request
&General::log("ipsec", "Signing your cert $cgiparams{'NAME'}...");
- my $opt = " ca -days 999999";
+ my $opt = " ca -md sha256 -days 999999";
$opt .= " -batch -notext";
$opt .= " -in $filename";
$opt .= " -out ${General::swroot}/certs/$cgiparams{'NAME'}cert.pem";
if (open(STDIN, "-|")) {
my $opt = " req -nodes -rand /proc/interrupts:/proc/net/rt_cache";
- $opt .= " -newkey rsa:1024";
+ $opt .= " -newkey rsa:2048";
$opt .= " -keyout ${General::swroot}/certs/$cgiparams{'NAME'}key.pem";
$opt .= " -out ${General::swroot}/certs/$cgiparams{'NAME'}req.pem";
print $fh "subjectAltName=$cgiparams{'SUBJECTALTNAME'}" if ($cgiparams{'SUBJECTALTNAME'});
close ($fh);
- my $opt = " ca -days 999999 -batch -notext";
+ my $opt = " ca -md sha256 -days 999999 -batch -notext";
$opt .= " -in ${General::swroot}/certs/$cgiparams{'NAME'}req.pem";
$opt .= " -out ${General::swroot}/certs/$cgiparams{'NAME'}cert.pem";
$opt .= " -extfile $v3extname";
$cgiparams{'REMOTE_ID'} = '';
#use default advanced value
- $cgiparams{'IKE_ENCRYPTION'} = 'aes256|aes192|aes128|3des'; #[18];
- $cgiparams{'IKE_INTEGRITY'} = 'sha2_256|sha|md5'; #[19];
+ $cgiparams{'IKE_ENCRYPTION'} = 'aes256|aes192|aes128|aes256gcm128|aes192gcm128|aes128gcm128|aes256gcm96|aes192gcm96|aes128gcm96|aes256gcm64|aes192gcm64|aes128gcm64'; #[18];
+ $cgiparams{'IKE_INTEGRITY'} = 'sha2_512|sha2_256|sha'; #[19];
$cgiparams{'IKE_GROUPTYPE'} = '4096|3072|2048|1536|1024'; #[20];
$cgiparams{'IKE_LIFETIME'} = '3'; #[16];
- $cgiparams{'ESP_ENCRYPTION'} = 'aes256|aes192|aes128|3des'; #[21];
- $cgiparams{'ESP_INTEGRITY'} = 'sha2_256|sha1|md5'; #[22];
+ $cgiparams{'ESP_ENCRYPTION'} = 'aes256|aes192|aes128|aes256gcm128|aes192gcm128|aes128gcm128|aes256gcm96|aes192gcm96|aes128gcm96|aes256gcm64|aes192gcm64|aes128gcm64'; #[21];
+ $cgiparams{'ESP_INTEGRITY'} = 'sha2_512|sha2_256|sha1'; #[22];
$cgiparams{'ESP_GROUPTYPE'} = ''; #[23];
$cgiparams{'ESP_KEYLIFE'} = '1'; #[17];
$cgiparams{'COMPRESSION'} = 'on'; #[13];
goto ADVANCED_ERROR;
}
foreach my $val (@temp) {
- if ($val !~ /^(aes256|aes192|aes128|3des|camellia256|camellia192|camellia128)$/) {
+ if ($val !~ /^(aes(256|192|128)(gcm(128|96|64))?|3des|camellia(256|192|128))$/) {
$errormessage = $Lang::tr{'invalid input'};
goto ADVANCED_ERROR;
}
goto ADVANCED_ERROR;
}
foreach my $val (@temp) {
- if ($val !~ /^(sha2_512|sha2_384|sha2_256|sha|md5|aesxcbc)$/) {
+ if ($val !~ /^(sha2_(512|384|256)|sha|md5|aesxcbc)$/) {
$errormessage = $Lang::tr{'invalid input'};
goto ADVANCED_ERROR;
}
$errormessage = $Lang::tr{'invalid input for ike lifetime'};
goto ADVANCED_ERROR;
}
- if ($cgiparams{'IKE_LIFETIME'} < 1 || $cgiparams{'IKE_LIFETIME'} > 24) {
- $errormessage = $Lang::tr{'ike lifetime should be between 1 and 24 hours'};
+ if ($cgiparams{'IKE_LIFETIME'} < 1 || $cgiparams{'IKE_LIFETIME'} > 8) {
+ $errormessage = $Lang::tr{'ike lifetime should be between 1 and 8 hours'};
goto ADVANCED_ERROR;
}
@temp = split('\|', $cgiparams{'ESP_ENCRYPTION'});
goto ADVANCED_ERROR;
}
foreach my $val (@temp) {
- if ($val !~ /^(aes256|aes192|aes128|3des|camellia256|camellia192|camellia128)$/) {
+ if ($val !~ /^(aes(256|192|128)(gcm(128|96|64))?|3des|camellia(256|192|128))$/) {
$errormessage = $Lang::tr{'invalid input'};
goto ADVANCED_ERROR;
}
goto ADVANCED_ERROR;
}
foreach my $val (@temp) {
- if ($val !~ /^(sha2_512|sha2_384|sha2_256|sha1|md5|aesxcbc)$/) {
+ if ($val !~ /^(sha2_(512|384|256)|sha1|md5|aesxcbc)$/) {
$errormessage = $Lang::tr{'invalid input'};
goto ADVANCED_ERROR;
}
$checked{'IKE_ENCRYPTION'}{'aes256'} = '';
$checked{'IKE_ENCRYPTION'}{'aes192'} = '';
$checked{'IKE_ENCRYPTION'}{'aes128'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes256gcm128'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes192gcm128'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes128gcm128'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes256gcm96'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes192gcm96'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes128gcm96'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes256gcm64'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes192gcm64'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes128gcm64'} = '';
$checked{'IKE_ENCRYPTION'}{'3des'} = '';
$checked{'IKE_ENCRYPTION'}{'camellia256'} = '';
$checked{'IKE_ENCRYPTION'}{'camellia192'} = '';
$checked{'ESP_ENCRYPTION'}{'aes256'} = '';
$checked{'ESP_ENCRYPTION'}{'aes192'} = '';
$checked{'ESP_ENCRYPTION'}{'aes128'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes256gcm128'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes192gcm128'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes128gcm128'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes256gcm96'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes192gcm96'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes128gcm96'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes256gcm64'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes192gcm64'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes128gcm64'} = '';
$checked{'ESP_ENCRYPTION'}{'3des'} = '';
$checked{'ESP_ENCRYPTION'}{'camellia256'} = '';
$checked{'ESP_ENCRYPTION'}{'camellia192'} = '';
<td class='boldbase' width="15%">$Lang::tr{'encryption'}</td>
<td class='boldbase'>
<select name='IKE_ENCRYPTION' multiple='multiple' size='6' style='width: 100%'>
- <option value='aes256' $checked{'IKE_ENCRYPTION'}{'aes256'}>AES (256 bit)</option>
- <option value='aes192' $checked{'IKE_ENCRYPTION'}{'aes192'}>AES (192 bit)</option>
- <option value='aes128' $checked{'IKE_ENCRYPTION'}{'aes128'}>AES (128 bit)</option>
- <option value='3des' $checked{'IKE_ENCRYPTION'}{'3des'}>3DES</option>
- <option value='camellia256' $checked{'IKE_ENCRYPTION'}{'camellia256'}>Camellia (256 bit)</option>
- <option value='camellia192' $checked{'IKE_ENCRYPTION'}{'camellia192'}>Camellia (192 bit)</option>
- <option value='camellia128' $checked{'IKE_ENCRYPTION'}{'camellia128'}>Camellia (128 bit)</option>
+ <option value='aes256' $checked{'IKE_ENCRYPTION'}{'aes256'}>256 bit AES-CBC</option>
+ <option value='aes192' $checked{'IKE_ENCRYPTION'}{'aes192'}>192 bit AES-CBC</option>
+ <option value='aes128' $checked{'IKE_ENCRYPTION'}{'aes128'}>128 bit AES-CBC</option>
+ <option value='aes256gcm128' $checked{'IKE_ENCRYPTION'}{'aes256gcm128'}>256 bit AES-GCM/128 bit ICV</option>
+ <option value='aes192gcm128' $checked{'IKE_ENCRYPTION'}{'aes192gcm128'}>192 bit AES-GCM/128 bit ICV</option>
+ <option value='aes128gcm128' $checked{'IKE_ENCRYPTION'}{'aes128gcm128'}>128 bit AES-GCM/128 bit ICV</option>
+ <option value='aes256gcm96' $checked{'IKE_ENCRYPTION'}{'aes256gcm96'}>256 bit AES-GCM/96 bit ICV</option>
+ <option value='aes192gcm96' $checked{'IKE_ENCRYPTION'}{'aes192gcm96'}>192 bit AES-GCM/96 bit ICV</option>
+ <option value='aes128gcm96' $checked{'IKE_ENCRYPTION'}{'aes128gcm96'}>128 bit AES-GCM/96 bit ICV</option>
+ <option value='aes256gcm64' $checked{'IKE_ENCRYPTION'}{'aes256gcm64'}>256 bit AES-GCM/64 bit ICV</option>
+ <option value='aes192gcm64' $checked{'IKE_ENCRYPTION'}{'aes192gcm64'}>192 bit AES-GCM/64 bit ICV</option>
+ <option value='aes128gcm64' $checked{'IKE_ENCRYPTION'}{'aes128gcm64'}>128 bit AES-GCM/64 bit ICV</option>
+ <option value='3des' $checked{'IKE_ENCRYPTION'}{'3des'}>168 bit 3DES-EDE-CBC</option>
+ <option value='camellia256' $checked{'IKE_ENCRYPTION'}{'camellia256'}>256 bit Camellia-CBC</option>
+ <option value='camellia192' $checked{'IKE_ENCRYPTION'}{'camellia192'}>192 bit Camellia-CBC</option>
+ <option value='camellia128' $checked{'IKE_ENCRYPTION'}{'camellia128'}>128 bit Camellia-CBC</option>
</select>
</td>
<td class='boldbase'>
<select name='ESP_ENCRYPTION' multiple='multiple' size='6' style='width: 100%'>
- <option value='aes256' $checked{'ESP_ENCRYPTION'}{'aes256'}>AES (256 bit)</option>
- <option value='aes192' $checked{'ESP_ENCRYPTION'}{'aes192'}>AES (192 bit)</option>
- <option value='aes128' $checked{'ESP_ENCRYPTION'}{'aes128'}>AES (128 bit)</option>
- <option value='3des' $checked{'ESP_ENCRYPTION'}{'3des'}>3DES</option>
- <option value='camellia256' $checked{'ESP_ENCRYPTION'}{'camellia256'}>Camellia (256 bit)</option>
- <option value='camellia192' $checked{'ESP_ENCRYPTION'}{'camellia192'}>Camellia (192 bit)</option>
- <option value='camellia128' $checked{'ESP_ENCRYPTION'}{'camellia128'}>Camellia (128 bit)</option>
+ <option value='aes256' $checked{'ESP_ENCRYPTION'}{'aes256'}>256 bit AES-CBC</option>
+ <option value='aes192' $checked{'ESP_ENCRYPTION'}{'aes192'}>192 bit AES-CBC</option>
+ <option value='aes128' $checked{'ESP_ENCRYPTION'}{'aes128'}>128 bit AES-CBC</option>
+ <option value='aes256gcm128' $checked{'ESP_ENCRYPTION'}{'aes256gcm128'}>256 bit AES-GCM/128 bit ICV</option>
+ <option value='aes192gcm128' $checked{'ESP_ENCRYPTION'}{'aes192gcm128'}>192 bit AES-GCM/128 bit ICV</option>
+ <option value='aes128gcm128' $checked{'ESP_ENCRYPTION'}{'aes128gcm128'}>128 bit AES-GCM/128 bit ICV</option>
+ <option value='aes256gcm96' $checked{'ESP_ENCRYPTION'}{'aes256gcm96'}>256 bit AES-GCM/96 bit ICV</option>
+ <option value='aes192gcm96' $checked{'ESP_ENCRYPTION'}{'aes192gcm96'}>192 bit AES-GCM/96 bit ICV</option>
+ <option value='aes128gcm96' $checked{'ESP_ENCRYPTION'}{'aes128gcm96'}>128 bit AES-GCM/96 bit ICV</option>
+ <option value='aes256gcm64' $checked{'ESP_ENCRYPTION'}{'aes256gcm64'}>256 bit AES-GCM/64 bit ICV</option>
+ <option value='aes192gcm64' $checked{'ESP_ENCRYPTION'}{'aes192gcm64'}>192 bit AES-GCM/64 bit ICV</option>
+ <option value='aes128gcm64' $checked{'ESP_ENCRYPTION'}{'aes128gcm64'}>128 bit AES-GCM/64 bit ICV</option>
+ <option value='3des' $checked{'ESP_ENCRYPTION'}{'3des'}>168 bit 3DES-EDE-CBC</option>
+ <option value='camellia256' $checked{'ESP_ENCRYPTION'}{'camellia256'}>256 bit Camellia-CBC</option>
+ <option value='camellia192' $checked{'ESP_ENCRYPTION'}{'camellia192'}>192 bit Camellia-CBC</option>
+ <option value='camellia128' $checked{'ESP_ENCRYPTION'}{'camellia128'}>128 bit Camellia-CBC</option>
</select>
</td>
</tr>
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2015 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 2.0.16
+VER = 2.0.23
THISAPP = acpid-$(VER)
DL_FILE = $(THISAPP).tar.xz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = d59fc02c9c34f0d5c137495302e2c074
+$(DL_FILE)_MD5 = d7bcdcdefcd53b03730e50ba842554ea
install : $(TARGET)
include Config
-VER = 2.2.27
+VER = 2.2.29
THISAPP = httpd-$(VER)
DL_FILE = $(THISAPP).tar.bz2
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
httpd-2.2.2-config-1.patch = $(DL_FROM)/httpd-2.2.2-config-1.patch
-$(DL_FILE)_MD5 = 8faef0decf3fa7e69b2568eb2105a3d8
+$(DL_FILE)_MD5 = 579342fdeaa7b8b68d17fee91f8fab6e
httpd-2.2.2-config-1.patch_MD5 = e02a3ec5925eb9e111400b9aa229f822
install : $(TARGET)
include Config
-VER = 11.15.0
+VER = 11.16.0
THISAPP = asterisk-$(VER)
DL_FILE = $(THISAPP).tar.gz
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = asterisk
-PAK_VER = 14
+PAK_VER = 15
DEPS = "libsrtp"
asterisk-moh-opsound-gsm-2.03.tar.gz = $(URL_IPFIRE)/asterisk-moh-opsound-gsm-2.03.tar.gz
asterisk-1.4-de-prompts.tar.gz = $(URL_IPFIRE)/asterisk-1.4-de-prompts.tar.gz
-$(DL_FILE)_MD5 = 71e8c2e207255f7ef12b81b7f0da30ea
+$(DL_FILE)_MD5 = de06d4ac0d1ba531c4c18805a9d5a18d
asterisk-extra-sounds-en-gsm-1.4.15.tar.gz_MD5 = 5099fc65f49008e33ba7fb043a4ec995
asterisk-moh-opsound-gsm-2.03.tar.gz_MD5 = 09066f55f1358f298bc1a6e4678a3ddf
asterisk-1.4-de-prompts.tar.gz_MD5 = 626a2b95071a5505851e43874dfbfd5c
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/compat-drivers-3.8.3-ath_ignore_eeprom_regdomain.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.14.22-iwlwifi-noibss_only_on_radar_chan.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.10.37-rt2800usb_add_dlink_dwa137_usbid.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/backports-3.18.1-1_rt2x00usb_suppress_queue_warnings.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/backports-3.18.1-1_add_libertas_uap.patch
# smsc mac address patch for pandaboard and raspberry pi
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2015 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 7.31.0
+VER = 7.40.0
THISAPP = curl-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 6f26843f7e3a2fb06e02f68a55efe8c7
+$(DL_FILE)_MD5 = 58943642ea0ed050ab0431ea1caf3a6f
install : $(TARGET)
include Config
-VER = 2.1.21
+VER = 2.1.26
THISAPP = cyrus-sasl-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = dde02db234dea892bee298390890502e
+$(DL_FILE)_MD5 = a7f4e5e559a0e37b3ffc438c9456e425
install : $(TARGET)
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/cyrus-sasl-2.1.22-bad-elif.patch
cd $(DIR_APP) && sed -i '/sasl_global/s/^static //' lib/client.c
cd $(DIR_APP) && sed -i 's/cat8/man8/' saslauthd/Makefile.am
cd $(DIR_APP) && autoconf
ifeq "$(PASS)" ""
cd $(DIR_APP) && ./configure --prefix=/usr --sysconfdir=/etc \
--with-dbpath=/var/lib/sasl/sasldb2 \
- --with-saslauthd=/var/run/saslauthd
+ --with-saslauthd=/var/run/saslauthd \
+ --with-des=no --with-rc4=no
cd $(DIR_APP) && make
cd $(DIR_APP) && make install
install -v -m700 -d /var/lib/sasl
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2012 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2015 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 4.2.2
+VER = 4.3.1
THISAPP = dhcp-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = bb0f0434cd796f76aa7cead391d71f31
+$(DL_FILE)_MD5 = b3a42ece3c7f2cd2e74a3e12ca881d20
install : $(TARGET)
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-remove-bind.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-errwarn-message.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-options.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-release-by-ifup.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-dhclient-decline-backoff.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-unicast-bootp.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-dhclient-usage.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-default-requested-options.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-xen-checksum.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.1-manpages.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-paths.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-CLOEXEC.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-inherit-leases.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-garbage-chars.patch
- # ???
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-missing-ipv6-not-fatal.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-add_timeout_when_NULL.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.1-64_bit_lease_parse.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-capability.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-logpid.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-UseMulticast.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.1-sendDecline.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.1-retransmission.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-rfc3442-classless-static-routes.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-honor-expired.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-noprefixavail.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-sharedlib.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-PPP.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-lpf-ib.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-improved-xid.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-gpxe-cid.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.1-invalid-dhclient-conf.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-remove-bind.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-errwarn-message.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-dhclient-options.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-release-by-ifup.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-dhclient-decline-backoff.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-unicast-bootp.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-default-requested-options.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-xen-checksum.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-manpages.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-paths.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-CLOEXEC.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-garbage-chars.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-add_timeout_when_NULL.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-64_bit_lease_parse.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-capability.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-logpid.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-UseMulticast.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-sendDecline.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-rfc3442-classless-static-routes.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-honor-expired.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-sharedlib.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-PPP.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-paranoia.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-lpf-ib.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-improved-xid.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-gpxe-cid.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-stateless-DUID-LLT.patch
# Remove bundled BIND stuff.
# (requires newer autoconf)
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2012 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2015 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 5.2.9
+VER = 6.7.1
THISAPP = dhcpcd-$(VER)
DL_FILE = $(THISAPP).tar.bz2
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = aabe4a3c1f23c55f2c99a416c9085de9
+$(DL_FILE)_MD5 = ffb716b0e9327968e7200d519e1d4c0d
install : $(TARGET)
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2014 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 2.0.0
+VER = 2.1.0
THISAPP = expat-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = d945df7f1c0868c5c73cf66ba9596f3f
+$(DL_FILE)_MD5 = dd7dab7a5fea97d2a6a43f511449b7cd
install : $(TARGET)
cd $(DIR_APP) && ./configure --prefix=/usr --disable-nls
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
- cd $(DIR_APP) && install -v -m755 -d /usr/share/doc/expat-2.0.0
- cd $(DIR_APP) && install -v -m644 doc/*.{html,png,css} /usr/share/doc/expat-2.0.0
+ cd $(DIR_APP) && install -v -m755 -d /usr/share/doc/expat-2.1.0
+ cd $(DIR_APP) && install -v -m644 doc/*.{html,png,css} /usr/share/doc/expat-2.1.0
@rm -rf $(DIR_APP)
@$(POSTBUILD)
-fsck.ext4 -f -y $(PART_ROOT)
fsck.ext4 -f -y $(PART_ROOT)
+ sleep 10 #Ubuntu compiling: allow time to automount/dismount
kpartx -d -v $(DEVICE)
losetup -d $(DEVICE)
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2011 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2015 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 1.21
+VER = 1.22.3
THISAPP = groff-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 8b8cd29385b97616a0f0d96d0951c5bf
+$(DL_FILE)_MD5 = cc825fa64bc7306a885f2fb2268d3ec5
install : $(TARGET)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = hostapd
-PAK_VER = 33
+PAK_VER = 34
DEPS = ""
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/hostapd-2.3_increase_EAPOL-timeouts.patch
cd $(DIR_APP)/hostapd && cp $(DIR_SRC)/config/hostapd/config ./.config
cd $(DIR_APP)/hostapd && sed -e "s@/usr/local@/usr@g" -i Makefile
cd $(DIR_APP)/hostapd && make $(MAKETUNING) $(EXTRA_MAKE)
ln -sf ../init.d/firstsetup /etc/rc.d/rcsysinit.d/S75firstsetup
ln -sf ../init.d/localnet /etc/rc.d/rcsysinit.d/S80localnet
ln -sf ../init.d/firewall /etc/rc.d/rcsysinit.d/S85firewall
+ ln -sf ../init.d/network-trigger /etc/rc.d/rcsysinit.d/S90network-trigger
ln -sf ../init.d/network-vlans /etc/rc.d/rcsysinit.d/S91network-vlans
ln -sf ../init.d/rngd /etc/rc.d/rcsysinit.d/S92rngd
ln -sf ../init.d/wlanclient /etc/rc.d/rc0.d/K82wlanclient
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2014 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = ss020927
+VER = s20121221
THISAPP = iputils-$(VER)
-DL_FILE = $(THISAPP).tar.gz
+DL_FILE = $(THISAPP).tar.bz2
DL_FROM = $(URL_IPFIRE)
-DIR_APP = $(DIR_SRC)/iputils
+DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
###############################################################################
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = b5493f7a2997130a4f86c486c9993b86
+$(DL_FILE)_MD5 = 6072aef64205720dd1893b375e184171
install : $(TARGET)
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
- @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/iputils-20020927-headers.patch
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/iputils-20020927-rh.patch
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/iputils-glibckernheaders.patch
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && make ping tracepath
cd $(DIR_APP) && install -m 4755 ping /usr/bin
cd $(DIR_APP) && install -m 0755 tracepath /usr/bin
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2015 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 1.3.0
+VER = 1.3.1
THISAPP = libjpeg-turbo-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = e1e65cc711a1ade1322c06ad4a647741
+$(DL_FILE)_MD5 = 2c3a68129dac443a72815ff5bb374b05
install : $(TARGET)
include Config
-VER = 3.14.33
+VER = 3.14.37
-RPI_PATCHES = 3.14.33-grsec-ipfire1
-A7M_PATCHES = 3.14.33-grsec-ipfire1
-GRS_PATCHES = grsecurity-3.0-3.14.33-201502180832.patch.xz
+RPI_PATCHES = 3.14.37-grsec-ipfire1
+A7M_PATCHES = 3.14.37-grsec-ipfire1
+GRS_PATCHES = grsecurity-3.1-3.14.37-201503270048.patch.xz
THISAPP = linux-$(VER)
DL_FILE = linux-$(VER).tar.xz
CFLAGS =
CXXFLAGS =
-PAK_VER = 58
+PAK_VER = 59
DEPS = ""
VERSUFIX=ipfire$(KCFG)
arm7-multi-patches-$(A7M_PATCHES).patch.xz = $(URL_IPFIRE)/arm7-multi-patches-$(A7M_PATCHES).patch.xz
$(GRS_PATCHES) = $(URL_IPFIRE)/$(GRS_PATCHES)
-$(DL_FILE)_MD5 = c19feb0646fde7e96602ac313fb7e5d6
-rpi-patches-$(RPI_PATCHES).patch.xz_MD5 = e423c8b3a408f23b9a26f8f0f4384c50
-arm7-multi-patches-$(A7M_PATCHES).patch.xz_MD5 = f147ce7c81889d2c5134304f3a6e60e3
-$(GRS_PATCHES)_MD5 = 119943451628ff5a62437637d60a585d
+$(DL_FILE)_MD5 = 43abcb454054c53fb07296e84119edc5
+rpi-patches-$(RPI_PATCHES).patch.xz_MD5 = 375dc501711ff3ffeffdfc9848675d26
+arm7-multi-patches-$(A7M_PATCHES).patch.xz_MD5 = 8a0a0d6ef78d53b3095691499dac4b71
+$(GRS_PATCHES)_MD5 = d83ca635c83bbd5efc4372992ab58094
install : $(TARGET)
# r8169 L23 patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.14.32-r8169_disable_L23.patch
+ # HyperV 2008 patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.14.x-hyperv-2008-fix.patch
+
ifeq "$(KCFG)" "-kirkwood"
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.10.10-mv_cesa_disable_failing_hmac_sha1.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.14.22-kirkwood_legacy_boot.patch
# Install switch api userspace header
cd $(DIR_APP) && install -v -m644 include/uapi/linux/switch.h /usr/include/linux/
- # Fix Lamobo-R1 SATA Power
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.14.x-lamobo-r1-fix-sata-pwr.patch
endif
ifeq "$(KCFG)" "-rpi"
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2014 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 3.7.1
+VER = 3.8.1
THISAPP = logrotate-$(VER)
DL_FILE = logrotate_$(VER).orig.tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 552639142e163745f6bcd4f1f3816d8a
+$(DL_FILE)_MD5 = bd2e20d8dc644291b08f9215397d28a5
install : $(TARGET)
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2015 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 7.3.6
+VER = 7.4.1
THISAPP = logwatch-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 937d982006b2a76a83edfcfd2e5a9d7d
+$(DL_FILE)_MD5 = a0c3d8721f877bdcd4a9089eb1b4691b
install : $(TARGET)
-mkdir -p /var/log/logwatch
chmod -v 755 /var/log/logwatch
-rm -rf /etc/logwatch/conf
- ln -vsf /usr/share/logwatch/default.config /etc/logwatch/conf
+ ln -vsf /usr/share/logwatch/default.conf /etc/logwatch/conf
@rm -rf $(DIR_APP)
@$(POSTBUILD)
include Config
-VER = 5.11
+VER = 5.12.1
THISAPP = monit-$(VER)
DL_FILE = $(THISAPP).tar.gz
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = monit
-PAK_VER = 4
+PAK_VER = 6
DEPS = ""
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = ff00f39d248ed7068932ed82211da9e6
+$(DL_FILE)_MD5 = 1ffde79207270925f6f7df787d19100a
install : $(TARGET)
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2015 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 2.10.03
+VER = 2.11.06
THISAPP = nasm-$(VER)
DL_FILE = $(THISAPP).tar.xz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = a5d0ed070476a7c5b4f0893dc4a4ea4b
+$(DL_FILE)_MD5 = 2b958e9f5d200641e6fc9564977aecc5
install : $(TARGET)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = nfs
-PAK_VER = 5
+PAK_VER = 6
DEPS = "portmap"
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2014 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2015 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = pound
-PAK_VER = 7
+PAK_VER = 8
DEPS = ""
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && ./configure --prefix=/usr --sysconfdir=/etc
+ cd $(DIR_APP) && ./configure --prefix=/usr --sysconfdir=/etc \
+ --with-dh=1024
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
install -v -m 644 $(DIR_SRC)/config/backup/includes/pound \
include Config
-VER = 5.2.2
+VER = 5.3.0
THISAPP = strongswan-$(VER)
DL_FILE = $(THISAPP).tar.bz2
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 7ee1a33060b2bde35be0f6d78a1d26d0
+$(DL_FILE)_MD5 = c52d4228231c2025d9c320d0e9990327
install : $(TARGET)
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.0.2_ipfire.patch
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.2.2-issue-816-eb25190.patch
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.2.2-issue-816-650a3ad.patch
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.2.2-issue-816-dd0ebb.patch
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.2.2-issue-819-cd2c30a.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-ipfire.patch
cd $(DIR_APP) && [ -x "configure" ] || ./autogen.sh
cd $(DIR_APP) && ./configure \
--enable-farp \
--enable-openssl \
--enable-gcrypt \
+ --enable-ccm \
+ --enable-ctr \
+ --enable-gcm \
--enable-xauth-eap \
--enable-xauth-noauth \
--enable-eap-radius \
include Config
-VER = 0.2.4.23
+VER = 0.2.5.12
THISAPP = tor-$(VER)
DL_FILE = $(THISAPP).tar.gz
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = tor
-PAK_VER = 8
+PAK_VER = 10
DEPS = "libevent2"
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 9e39928e310612c3bffee727f554c63f
+$(DL_FILE)_MD5 = 89745069a7efb7aafd01ae263bd0fe5c
install : $(TARGET)
rm -f /lib/udev/rules.d/75-persistent-net-generator.rules
rm -f /lib/udev/rules.d/80-net-name-slot.rules
- # Create rule file for the setup
- touch /etc/udev/rules.d/30-persistent-network.rules
-
# Blacklist some modules
cp -vf $(DIR_SRC)/config/udev/blacklist.conf /etc/modprobe.d/blacklist.conf
install -v -m 644 $(DIR_SRC)/config/udev/25-alsa.rules \
/lib/udev/rules.d
+ # Install network rules.
+ install -v -m 755 $(DIR_SRC)/config/udev/network-hotplug-rename \
+ /lib/udev/network-hotplug-rename
+ install -v -m 644 $(DIR_SRC)/config/udev/60-net.rules \
+ /lib/udev/rules.d
+
# Install hwrng rules.
install -v -m 644 $(DIR_SRC)/config/udev/90-hwrng.rules \
/lib/udev/rules.d
ipfiremake backports KCFG="-pae"
ipfiremake cryptodev KCFG="-pae"
ipfiremake e1000e KCFG="-pae"
- ipfiremake igb KCFG="-pae"
+# ipfiremake igb KCFG="-pae"
ipfiremake ixgbe KCFG="-pae"
ipfiremake linux-initrd KCFG="-pae"
ipfiremake backports KCFG=""
ipfiremake cryptodev KCFG=""
ipfiremake e1000e KCFG=""
- ipfiremake igb KCFG=""
+# ipfiremake igb KCFG=""
ipfiremake ixgbe KCFG=""
ipfiremake linux-initrd KCFG=""
;;
ipfiremake backports KCFG="-multi"
ipfiremake cryptodev KCFG="-multi"
ipfiremake e1000e KCFG="-multi"
- ipfiremake igb KCFG="-multi"
+# ipfiremake igb KCFG="-multi"
ipfiremake ixgbe KCFG="-multi"
ipfiremake linux-initrd KCFG="-multi"
ipfiremake backports KCFG="-kirkwood"
ipfiremake cryptodev KCFG="-kirkwood"
ipfiremake e1000e KCFG="-kirkwood"
- ipfiremake igb KCFG="-kirkwood"
+# ipfiremake igb KCFG="-kirkwood"
ipfiremake ixgbe KCFG="-kirkwood"
ipfiremake linux-initrd KCFG="-kirkwood"
;;
--- /dev/null
+#!/bin/sh
+########################################################################
+# Begin $rc_base/init.d/network-trigger
+########################################################################
+
+. /etc/sysconfig/rc
+. ${rc_functions}
+
+case "${1}" in
+ start)
+ boot_mesg "Triggering network devices..."
+ udevadm trigger --action="add" --subsystem-match="net"
+ evaluate_retval
+ ;;
+
+ *)
+ echo "Usage: ${0} {start}"
+ exit 1
+ ;;
+esac
+
+# End $rc_base/init.d/network-trigger
loadproc /usr/sbin/rpc.rquotad
fi
- # NFSD support only in 2.6 kernel
- /bin/uname -r | /bin/grep "2.6" 2>&1 > /dev/null
- if [ $? = 0 ]; then
- boot_mesg "Mounting nfsd virtual filesystem..."
- /bin/mount -t nfsd none /proc/fs/nfsd 2>&1 > /dev/null
- evaluate_retval
- fi
+ boot_mesg "Mounting nfsd virtual filesystem..."
+ /bin/mount -t nfsd none /proc/fs/nfsd 2>&1 > /dev/null
+ evaluate_retval
# Make ceratin that the list is refreshed on
# a restart.
/usr/sbin/exportfs -au 2>&1 > /dev/null
evaluate_retval
- # NFSD support only in 2.6 kernel
- /bin/uname -r | /bin/grep "2.6" 2>&1 > /dev/null
- if [ $? = 0 ]; then
- boot_mesg "Unmounting NFS Virtual Filesystem..."
- /bin/umount /proc/fs/nfsd 2>&1 > /dev/null
- evaluate_retval
- fi
+ boot_mesg "Unmounting NFS Virtual Filesystem..."
+ /bin/umount /proc/fs/nfsd 2>&1 > /dev/null
+ evaluate_retval
# Remove a pid file that isn't done automatically
boot_mesg "Removing the rpc.statd pid file if it exists"
static struct config {
int unattended;
int serial_console;
+ int novga;
int require_networking;
int perform_download;
int disable_swap;
} config = {
.unattended = 0,
.serial_console = 0,
+ .novga = 0,
.require_networking = 0,
.perform_download = 0,
.disable_swap = 0,
if ((strcmp(key, "console") == 0) && (strncmp(val, "ttyS", 4) == 0))
c->serial_console = 1;
+ // novga
+ else if (strcmp(key, "novga") == 0)
+ c->novga = 1;
+
// enable networking?
else if (strcmp(token, "installer.net") == 0)
c->require_networking = 1;
replace("/harddisk/etc/inittab", "#7:2345:respawn:", "7:2345:respawn:");
}
+ /* novga */
+ if (config.novga) {
+ /* grub */
+ FILE* f = fopen(DESTINATION_MOUNT_PATH "/etc/default/grub", "a");
+ if (!f) {
+ errorbox(_("Unable to open /etc/default/grub for writing."));
+ goto EXIT;
+ }
+
+ fprintf(f, "GRUB_GFXMODE=\"none\"\n");
+ fclose(f);
+ }
+
rc = hw_install_bootloader(destination, logfile);
if (rc) {
errorbox(_("Unable to install the bootloader."));
newtPopWindow();
- /* Set marker that the user has already accepted the gpl */
- mysystem(logfile, "/usr/bin/touch /harddisk/var/ipfire/main/gpl_accepted");
+ /* Set marker that the user has already accepted the GPL if the license has been shown
+ * in the installation process. In unatteded mode, the user will be presented the
+ * license when he or she logs on to the web user interface for the first time. */
+ if (!config.unattended)
+ mysystem(logfile, "/usr/bin/touch /harddisk/var/ipfire/main/gpl_accepted");
/* Copy restore file from cdrom */
char* backup_file = hw_find_backup_file(logfile, SOURCE_MOUNT_PATH);
# André Felipe Morro <andre@andremorro.com>, 2014
# Evertton de Lima <e.everttonlima@gmail.com>, 2015
# Leandro Luquetti Basilio da Silva <leandroluquetti@gmail.com>, 2014
+# Moisés Bites Borges de Castro <moisesbites@gmail.com>, 2015
msgid ""
msgstr ""
"Project-Id-Version: IPFire Project\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2014-11-05 01:29+0000\n"
-"PO-Revision-Date: 2015-02-16 23:04+0000\n"
-"Last-Translator: Evertton de Lima <e.everttonlima@gmail.com>\n"
+"PO-Revision-Date: 2015-03-24 21:30+0000\n"
+"Last-Translator: Moisés Bites Borges de Castro <moisesbites@gmail.com>\n"
"Language-Team: Portuguese (Brazil) (http://www.transifex.com/projects/p/ipfire/language/pt_BR/)\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"No source drive could be found.\n"
"\n"
"You can try downloading the required installation image."
-msgstr ""
+msgstr "Nenhum Drive de origem foi encontrado.\n\nVocê pode tentar baixar a imagem da instalação solicitada. "
#: main.c:456
msgid ""
"Please make sure to connect your machine to a network and the installer will"
" try connect to acquire an IP address."
-msgstr ""
+msgstr "Por favor certifique que sua máquina está conectada com uma rede e o instalador irá tentar conectar para pegar um endereço IP;"
#: main.c:460
msgid "Download installation image"
#: main.c:510
#, c-format
msgid "MD5 checksum mismatch"
-msgstr ""
+msgstr "Assinatura MD5 incompatível"
#: main.c:513
#, c-format
#: main.c:834
msgid "An error occured when the backup file was restored."
-msgstr "Um erro ocorreu enquanto a cópia de segurança foi restaurada."
+msgstr "Um erro ocorreu enquanto a cópia de segurança era restaurada."
#: main.c:869
msgid "Running post-install script..."
-msgstr "Executando post-install script..."
+msgstr "Executando script pós instalação..."
#: main.c:870
msgid "Post-install script failed."
-msgstr "Post-install script falhou."
+msgstr "Script de pós instalação falhou."
#: main.c:877
#, c-format
"%s was successfully installed!\n"
"\n"
"Please remove any installation mediums from this system and hit the reboot button. Once the system has restarted you will be asked to setup networking and system passwords. After that, you should point your web browser at https://%s:444 (or what ever you name your %s) for the web configuration console."
-msgstr ""
+msgstr "%s está instalado com sucesso!\n\nPor favor, remova qualquer mídia de instalação desse sistema e o reinicie. Assim que o sistema for reiniciado você será solicitado a configurar a rede e especificar as senhas de sistema. Após isso, você deve apontar seu navegador para https://%s:444 (ou use nome de %s) para a página de configuração web."
#: main.c:882
msgid "Congratulations!"
--- /dev/null
+diff -Naur backports-3.18.1-1.org/drivers/net/wireless/rt2x00/rt2800usb.c backports-3.18.1-1/drivers/net/wireless/rt2x00/rt2800usb.c
+--- backports-3.18.1-1.org/drivers/net/wireless/rt2x00/rt2800usb.c 2014-12-21 22:37:14.000000000 +0100
++++ backports-3.18.1-1/drivers/net/wireless/rt2x00/rt2800usb.c 2015-04-07 11:44:16.647963570 +0200
+@@ -444,7 +444,7 @@
+
+ rt2x00usb_register_read(rt2x00dev, TXRXQ_PCNT, ®);
+ if (rt2x00_get_field32(reg, TXRXQ_PCNT_TX0Q)) {
+- rt2x00_warn(rt2x00dev, "TX HW queue 0 timed out, invoke forced kick\n");
++ rt2x00_dbg(rt2x00dev, "TX HW queue 0 timed out, invoke forced kick\n");
+
+ rt2x00usb_register_write(rt2x00dev, PBF_CFG, 0xf40012);
+
+@@ -459,7 +459,7 @@
+
+ rt2x00usb_register_read(rt2x00dev, TXRXQ_PCNT, ®);
+ if (rt2x00_get_field32(reg, TXRXQ_PCNT_TX1Q)) {
+- rt2x00_warn(rt2x00dev, "TX HW queue 1 timed out, invoke forced kick\n");
++ rt2x00_dbg(rt2x00dev, "TX HW queue 1 timed out, invoke forced kick\n");
+
+ rt2x00usb_register_write(rt2x00dev, PBF_CFG, 0xf4000a);
+
+@@ -609,7 +609,7 @@
+
+ if (unlikely(test_bit(ENTRY_OWNER_DEVICE_DATA, &entry->flags) ||
+ !test_bit(ENTRY_DATA_STATUS_PENDING, &entry->flags))) {
+- rt2x00_warn(rt2x00dev, "Data pending for entry %u in queue %u\n",
++ rt2x00_dbg(rt2x00dev, "Data pending for entry %u in queue %u\n",
+ entry->entry_idx, qid);
+ break;
+ }
+diff -Naur backports-3.18.1-1.org/drivers/net/wireless/rt2x00/rt2x00usb.c backports-3.18.1-1/drivers/net/wireless/rt2x00/rt2x00usb.c
+--- backports-3.18.1-1.org/drivers/net/wireless/rt2x00/rt2x00usb.c 2014-12-21 22:37:14.000000000 +0100
++++ backports-3.18.1-1/drivers/net/wireless/rt2x00/rt2x00usb.c 2015-04-07 11:42:41.723492892 +0200
+@@ -524,7 +524,7 @@
+
+ static void rt2x00usb_watchdog_tx_dma(struct data_queue *queue)
+ {
+- rt2x00_warn(queue->rt2x00dev, "TX queue %d DMA timed out, invoke forced forced reset\n",
++ rt2x00_dbg(queue->rt2x00dev, "TX queue %d DMA timed out, invoke forced reset\n",
+ queue->qid);
+
+ rt2x00queue_stop_queue(queue);
+++ /dev/null
-diff -up cyrus-sasl-2.1.22/plugins/digestmd5.c.elif cyrus-sasl-2.1.22/plugins/digestmd5.c
---- cyrus-sasl-2.1.22/plugins/digestmd5.c.elif 2009-01-23 09:40:31.000000000 +0100
-+++ cyrus-sasl-2.1.22/plugins/digestmd5.c 2009-02-06 15:20:15.000000000 +0100
-@@ -2743,7 +2743,7 @@ static sasl_server_plug_t digestmd5_serv
- "DIGEST-MD5", /* mech_name */
- #ifdef WITH_RC4
- 128, /* max_ssf */
--#elif WITH_DES
-+#elif defined(WITH_DES)
- 112,
- #else
- 1,
-@@ -4071,7 +4071,7 @@ static sasl_client_plug_t digestmd5_clie
- "DIGEST-MD5",
- #ifdef WITH_RC4 /* mech_name */
- 128, /* max ssf */
--#elif WITH_DES
-+#elif defined(WITH_DES)
- 112,
- #else
- 1,
+++ /dev/null
-diff -up dhcp-4.2.0/common/dispatch.c.dracut dhcp-4.2.0/common/dispatch.c
---- dhcp-4.2.0/common/dispatch.c.dracut 2010-06-01 19:29:59.000000000 +0200
-+++ dhcp-4.2.0/common/dispatch.c 2010-07-21 16:10:09.000000000 +0200
-@@ -189,6 +189,10 @@ void add_timeout (when, where, what, ref
- isc_interval_t interval;
- isc_time_t expires;
-
-+ if (when == NULL) {
-+ return;
-+ }
-+
- /* See if this timeout supersedes an existing timeout. */
- t = (struct timeout *)0;
- for (q = timeouts; q; q = q->next) {
+++ /dev/null
-diff -up dhcp-4.2.0/omapip/errwarn.c.errwarn dhcp-4.2.0/omapip/errwarn.c
---- dhcp-4.2.0/omapip/errwarn.c.errwarn 2009-07-23 20:52:21.000000000 +0200
-+++ dhcp-4.2.0/omapip/errwarn.c 2010-07-21 13:23:47.000000000 +0200
-@@ -76,20 +76,13 @@ void log_fatal (const char * fmt, ... )
-
- #if !defined (NOMINUM)
- log_error ("%s", "");
-- log_error ("If you did not get this software from ftp.isc.org, please");
-- log_error ("get the latest from ftp.isc.org and install that before");
-- log_error ("requesting help.");
-+ log_error ("This version of ISC DHCP is based on the release available");
-+ log_error ("on ftp.isc.org. Features have been added and other changes");
-+ log_error ("have been made to the base software release in order to make");
-+ log_error ("it work better with this distribution.");
- log_error ("%s", "");
-- log_error ("If you did get this software from ftp.isc.org and have not");
-- log_error ("yet read the README, please read it before requesting help.");
-- log_error ("If you intend to request help from the dhcp-server@isc.org");
-- log_error ("mailing list, please read the section on the README about");
-- log_error ("submitting bug reports and requests for help.");
-- log_error ("%s", "");
-- log_error ("Please do not under any circumstances send requests for");
-- log_error ("help directly to the authors of this software - please");
-- log_error ("send them to the appropriate mailing list as described in");
-- log_error ("the README file.");
-+ log_error ("Please report for this software via the Red Hat Bugzilla site:");
-+ log_error (" http://bugzilla.redhat.com");
- log_error ("%s", "");
- log_error ("exiting.");
- #endif
+++ /dev/null
-diff -up dhcp-4.2.0/common/tables.c.garbage dhcp-4.2.0/common/tables.c
---- dhcp-4.2.0/common/tables.c.garbage 2009-11-20 02:49:01.000000000 +0100
-+++ dhcp-4.2.0/common/tables.c 2010-07-21 14:40:56.000000000 +0200
-@@ -207,7 +207,7 @@ static struct option dhcp_options[] = {
- { "netinfo-server-tag", "t", &dhcp_universe, 113, 1 },
- { "default-url", "t", &dhcp_universe, 114, 1 },
- { "subnet-selection", "I", &dhcp_universe, 118, 1 },
-- { "domain-search", "Dc", &dhcp_universe, 119, 1 },
-+ { "domain-search", "D", &dhcp_universe, 119, 1 },
- { "vivco", "Evendor-class.", &dhcp_universe, 124, 1 },
- { "vivso", "Evendor.", &dhcp_universe, 125, 1 },
- #if 0
+++ /dev/null
-diff -up dhcp-4.2.0/client/dhclient.c.inherit dhcp-4.2.0/client/dhclient.c
---- dhcp-4.2.0/client/dhclient.c.inherit 2010-07-21 14:33:44.000000000 +0200
-+++ dhcp-4.2.0/client/dhclient.c 2010-07-21 14:40:05.000000000 +0200
-@@ -2322,6 +2322,7 @@ void send_request (cpp)
- {
- struct client_state *client = cpp;
-
-+ int i;
- int result;
- int interval;
- struct sockaddr_in destination;
-@@ -2381,6 +2382,22 @@ void send_request (cpp)
- /* Now do a preinit on the interface so that we can
- discover a new address. */
- script_init (client, "PREINIT", (struct string_list *)0);
-+
-+ /* Has an active lease */
-+ if (client -> interface -> addresses != NULL) {
-+ for (i = 0; i < client -> interface -> address_count; i++) {
-+ if (client -> active &&
-+ client -> active -> is_bootp &&
-+ client -> active -> expiry > cur_time &&
-+ client -> interface -> addresses[i].s_addr != 0 &&
-+ client -> active -> address.len == 4 &&
-+ memcpy (client -> active -> address.iabuf, &(client -> interface -> addresses[i]), 4) == 0) {
-+ client_envadd (client, "", "keep_old_ip", "%s", "yes");
-+ break;
-+ }
-+ }
-+ }
-+
- if (client -> alias)
- script_write_params (client, "alias_",
- client -> alias);
+++ /dev/null
-diff -up dhcp-4.2.0/client/dhclient.c.logpid dhcp-4.2.0/client/dhclient.c
---- dhcp-4.2.0/client/dhclient.c.logpid 2010-07-21 16:13:52.000000000 +0200
-+++ dhcp-4.2.0/client/dhclient.c 2010-07-21 16:16:51.000000000 +0200
-@@ -154,7 +154,7 @@ main(int argc, char **argv) {
- else if (fd != -1)
- close(fd);
-
-- openlog("dhclient", LOG_NDELAY, LOG_DAEMON);
-+ openlog("dhclient", LOG_NDELAY | LOG_PID, LOG_DAEMON);
-
- #if !(defined(DEBUG) || defined(__CYGWIN32__))
- setlogmask(LOG_UPTO(LOG_INFO));
+++ /dev/null
-diff -up dhcp-4.2.0/common/discover.c.noipv6 dhcp-4.2.0/common/discover.c
---- dhcp-4.2.0/common/discover.c.noipv6 2010-07-21 14:31:13.000000000 +0200
-+++ dhcp-4.2.0/common/discover.c 2010-07-21 16:04:57.000000000 +0200
-@@ -443,7 +443,7 @@ begin_iface_scan(struct iface_conf_list
- }
-
- #ifdef DHCPv6
-- if (local_family == AF_INET6) {
-+ if ((local_family == AF_INET6) && !access("/proc/net/if_inet6", R_OK)) {
- ifaces->fp6 = fopen("/proc/net/if_inet6", "re");
- if (ifaces->fp6 == NULL) {
- log_error("Error opening '/proc/net/if_inet6' to "
-@@ -454,6 +454,8 @@ begin_iface_scan(struct iface_conf_list
- ifaces->fp = NULL;
- return 0;
- }
-+ } else {
-+ ifaces->fp6 = NULL;
- }
- #endif
-
-@@ -721,7 +723,7 @@ next_iface(struct iface_info *info, int
- return 1;
- }
- #ifdef DHCPv6
-- if (!(*err)) {
-+ if (!(*err) && ifaces->fp6) {
- if (local_family == AF_INET6)
- return next_iface6(info, err, ifaces);
- }
-@@ -740,7 +742,8 @@ end_iface_scan(struct iface_conf_list *i
- ifaces->sock = -1;
- #ifdef DHCPv6
- if (local_family == AF_INET6) {
-- fclose(ifaces->fp6);
-+ if (ifaces->fp6)
-+ fclose(ifaces->fp6);
- ifaces->fp6 = NULL;
- }
- #endif
+++ /dev/null
-diff -up dhcp-4.2.0/server/dhcpv6.c.noprefixavail dhcp-4.2.0/server/dhcpv6.c
---- dhcp-4.2.0/server/dhcpv6.c.noprefixavail 2010-10-07 13:48:45.000000000 +0200
-+++ dhcp-4.2.0/server/dhcpv6.c 2010-10-13 11:00:25.000000000 +0200
-@@ -1134,7 +1134,7 @@ try_client_v6_prefix(struct iasubopt **p
- return DHCP_R_INVALIDARG;
- }
- tmp_plen = (int) requested_pref->data[0];
-- if ((tmp_plen < 3) || (tmp_plen > 128)) {
-+ if ((tmp_plen < 3) || (tmp_plen > 128) ||((int)tmp_plen != pool->units)) {
- return ISC_R_FAILURE;
- }
- memcpy(&tmp_pref, requested_pref->data + 1, sizeof(tmp_pref));
-@@ -1147,9 +1147,8 @@ try_client_v6_prefix(struct iasubopt **p
- return ISC_R_FAILURE;
- }
-
-- if (((int)tmp_plen != pool->units) ||
-- !ipv6_in_pool(&tmp_pref, pool)) {
-- return ISC_R_FAILURE;
-+ if (!ipv6_in_pool(&tmp_pref, pool)) {
-+ return ISC_R_ADDRNOTAVAIL;
- }
-
- if (prefix6_exists(pool, &tmp_pref, tmp_plen)) {
-@@ -1409,13 +1408,6 @@ lease_to_client(struct data_string *repl
- if ((status != ISC_R_SUCCESS) &&
- (status != ISC_R_NORESOURCES))
- goto exit;
--
-- /*
-- * If any prefix cannot be given to any IA_PD, then
-- * set the NoPrefixAvail status code.
-- */
-- if (reply.client_resources == 0)
-- no_resources_avail = ISC_TRUE;
- }
-
- /*
-@@ -1549,36 +1541,6 @@ lease_to_client(struct data_string *repl
- reply.opt_state, reply.packet,
- required_opts_NAA,
- NULL);
-- } else if (no_resources_avail && (reply.ia_count == 0) &&
-- (reply.packet->dhcpv6_msg_type == DHCPV6_SOLICIT))
-- {
-- /* Set the NoPrefixAvail status code. */
-- if (!set_status_code(STATUS_NoPrefixAvail,
-- "No prefixes available for this "
-- "interface.", reply.opt_state)) {
-- log_error("lease_to_client: Unable to set "
-- "NoPrefixAvail status code.");
-- goto exit;
-- }
--
-- /* Rewind the cursor to the start. */
-- reply.cursor = REPLY_OPTIONS_INDEX;
--
-- /*
-- * Produce an advertise that includes only:
-- *
-- * Status code.
-- * Server DUID.
-- * Client DUID.
-- */
-- reply.buf.reply.msg_type = DHCPV6_ADVERTISE;
-- reply.cursor += store_options6((char *)reply.buf.data +
-- reply.cursor,
-- sizeof(reply.buf) -
-- reply.cursor,
-- reply.opt_state, reply.packet,
-- required_opts_NAA,
-- NULL);
- } else {
- /*
- * Having stored the client's IA's, store any options that
-@@ -2793,16 +2755,18 @@ find_client_temporaries(struct reply_sta
- */
- static isc_result_t
- reply_process_try_addr(struct reply_state *reply, struct iaddr *addr) {
-- isc_result_t status = ISC_R_NORESOURCES;
-+ isc_result_t status = ISC_R_ADDRNOTAVAIL;
- struct ipv6_pool *pool;
- int i;
- struct data_string data_addr;
-
- if ((reply == NULL) || (reply->shared == NULL) ||
-- (reply->shared->ipv6_pools == NULL) || (addr == NULL) ||
-- (reply->lease != NULL))
-+ (addr == NULL) || (reply->lease != NULL))
- return DHCP_R_INVALIDARG;
-
-+ if (reply->shared->ipv6_pools == NULL)
-+ return ISC_R_ADDRNOTAVAIL;
-+
- memset(&data_addr, 0, sizeof(data_addr));
- data_addr.len = addr->len;
- data_addr.data = addr->iabuf;
-@@ -3314,7 +3278,9 @@ reply_process_ia_pd(struct reply_state *
- if (status == ISC_R_CANCELED)
- break;
-
-- if ((status != ISC_R_SUCCESS) && (status != ISC_R_ADDRINUSE))
-+ if ((status != ISC_R_SUCCESS) &&
-+ (status != ISC_R_ADDRINUSE) &&
-+ (status != ISC_R_ADDRNOTAVAIL))
- goto cleanup;
- }
-
-@@ -3594,7 +3560,8 @@ reply_process_prefix(struct reply_state
-
- /* Either error out or skip this prefix. */
- if ((status != ISC_R_SUCCESS) &&
-- (status != ISC_R_ADDRINUSE))
-+ (status != ISC_R_ADDRINUSE) &&
-+ (status != ISC_R_ADDRNOTAVAIL))
- goto cleanup;
-
- if (reply->lease == NULL) {
-@@ -3773,16 +3740,18 @@ prefix_is_owned(struct reply_state *repl
- static isc_result_t
- reply_process_try_prefix(struct reply_state *reply,
- struct iaddrcidrnet *pref) {
-- isc_result_t status = ISC_R_NORESOURCES;
-+ isc_result_t status = ISC_R_ADDRNOTAVAIL;
- struct ipv6_pool *pool;
- int i;
- struct data_string data_pref;
-
- if ((reply == NULL) || (reply->shared == NULL) ||
-- (reply->shared->ipv6_pools == NULL) || (pref == NULL) ||
-- (reply->lease != NULL))
-+ (pref == NULL) || (reply->lease != NULL))
- return DHCP_R_INVALIDARG;
-
-+ if (reply->shared->ipv6_pools == NULL)
-+ return ISC_R_ADDRNOTAVAIL;
-+
- memset(&data_pref, 0, sizeof(data_pref));
- data_pref.len = 17;
- if (!buffer_allocate(&data_pref.buffer, data_pref.len, MDL)) {
+++ /dev/null
-diff -up dhcp-4.2.1b1/common/dispatch.c.64-bit_lease_parse dhcp-4.2.1b1/common/dispatch.c
-diff -up dhcp-4.2.1b1/common/parse.c.64-bit_lease_parse dhcp-4.2.1b1/common/parse.c
---- dhcp-4.2.1b1/common/parse.c.64-bit_lease_parse 2010-12-30 00:01:42.000000000 +0100
-+++ dhcp-4.2.1b1/common/parse.c 2011-01-28 08:01:10.000000000 +0100
-@@ -909,8 +909,8 @@ TIME
- parse_date_core(cfile)
- struct parse *cfile;
- {
-- int guess;
-- int tzoff, wday, year, mon, mday, hour, min, sec;
-+ TIME guess;
-+ long int tzoff, wday, year, mon, mday, hour, min, sec;
- const char *val;
- enum dhcp_token token;
- static int months[11] = { 31, 59, 90, 120, 151, 181,
-@@ -936,7 +936,7 @@ parse_date_core(cfile)
- }
-
- token = next_token(&val, NULL, cfile); /* consume number */
-- guess = atoi(val);
-+ guess = atol(val);
-
- return((TIME)guess);
- }
-@@ -948,7 +948,7 @@ parse_date_core(cfile)
- return((TIME)0);
- }
- token = next_token(&val, NULL, cfile); /* consume day of week */
-- wday = atoi(val);
-+ wday = atol(val);
-
- /* Year... */
- token = peek_token(&val, NULL, cfile);
-@@ -964,7 +964,7 @@ parse_date_core(cfile)
- somebody invents a time machine, I think we can safely disregard
- it. This actually works around a stupid Y2K bug that was present
- in a very early beta release of dhcpd. */
-- year = atoi(val);
-+ year = atol(val);
- if (year > 1900)
- year -= 1900;
-
-@@ -988,7 +988,7 @@ parse_date_core(cfile)
- return((TIME)0);
- }
- token = next_token(&val, NULL, cfile); /* consume month */
-- mon = atoi(val) - 1;
-+ mon = atol(val) - 1;
-
- /* Slash separating month from day... */
- token = peek_token(&val, NULL, cfile);
-@@ -1010,7 +1010,7 @@ parse_date_core(cfile)
- return((TIME)0);
- }
- token = next_token(&val, NULL, cfile); /* consume day of month */
-- mday = atoi(val);
-+ mday = atol(val);
-
- /* Hour... */
- token = peek_token(&val, NULL, cfile);
-@@ -1021,7 +1021,7 @@ parse_date_core(cfile)
- return((TIME)0);
- }
- token = next_token(&val, NULL, cfile); /* consume hour */
-- hour = atoi(val);
-+ hour = atol(val);
-
- /* Colon separating hour from minute... */
- token = peek_token(&val, NULL, cfile);
-@@ -1043,7 +1043,7 @@ parse_date_core(cfile)
- return((TIME)0);
- }
- token = next_token(&val, NULL, cfile); /* consume minute */
-- min = atoi(val);
-+ min = atol(val);
-
- /* Colon separating minute from second... */
- token = peek_token(&val, NULL, cfile);
-@@ -1065,13 +1065,13 @@ parse_date_core(cfile)
- return((TIME)0);
- }
- token = next_token(&val, NULL, cfile); /* consume second */
-- sec = atoi(val);
-+ sec = atol(val);
-
- tzoff = 0;
- token = peek_token(&val, NULL, cfile);
- if (token == NUMBER) {
- token = next_token(&val, NULL, cfile); /* consume tzoff */
-- tzoff = atoi(val);
-+ tzoff = atol(val);
- } else if (token != SEMI) {
- token = next_token(&val, NULL, cfile);
- parse_warn(cfile,
+++ /dev/null
-diff -up dhcp-4.2.1b1/client/dhclient.conf.supersede dhcp-4.2.1b1/client/dhclient.conf
---- dhcp-4.2.1b1/client/dhclient.conf.supersede 2010-09-15 01:03:56.000000000 +0200
-+++ dhcp-4.2.1b1/client/dhclient.conf 2011-01-27 18:38:28.000000000 +0100
-@@ -4,7 +4,7 @@ send dhcp-lease-time 3600;
- supersede domain-search "fugue.com", "home.vix.com";
- prepend domain-name-servers 127.0.0.1;
- request subnet-mask, broadcast-address, time-offset, routers,
-- domain-name, domain-name-servers, host-name;
-+ domain-search, domain-name-servers, host-name;
- require subnet-mask, domain-name-servers;
- timeout 60;
- retry 60;
+++ /dev/null
-diff -up dhcp-4.2.1b1/client/dhc6.c.retransmission dhcp-4.2.1b1/client/dhc6.c
---- dhcp-4.2.1b1/client/dhc6.c.retransmission 2011-01-28 08:40:56.000000000 +0100
-+++ dhcp-4.2.1b1/client/dhc6.c 2011-01-28 08:39:22.000000000 +0100
-@@ -361,7 +361,7 @@ dhc6_retrans_init(struct client_state *c
- static void
- dhc6_retrans_advance(struct client_state *client)
- {
-- struct timeval elapsed;
-+ struct timeval elapsed, elapsed_after_RT;
-
- /* elapsed = cur - start */
- elapsed.tv_sec = cur_tv.tv_sec - client->start_time.tv_sec;
-@@ -378,6 +378,8 @@ dhc6_retrans_advance(struct client_state
- elapsed.tv_sec += 1;
- elapsed.tv_usec -= 1000000;
- }
-+ elapsed_after_RT.tv_sec = elapsed.tv_sec;
-+ elapsed_after_RT.tv_usec = elapsed.tv_usec;
-
- /*
- * RT for each subsequent message transmission is based on the previous
-@@ -415,13 +417,10 @@ dhc6_retrans_advance(struct client_state
- elapsed.tv_usec -= 1000000;
- }
- if (elapsed.tv_sec >= client->MRD) {
-- /*
-- * wake at RT + cur = start + MRD
-- */
-- client->RT = client->MRD +
-- (client->start_time.tv_sec - cur_tv.tv_sec);
-- client->RT = client->RT * 100 +
-- (client->start_time.tv_usec - cur_tv.tv_usec) / 10000;
-+ client->RT = client->MRD - elapsed_after_RT.tv_sec;
-+ client->RT = client->RT * 100 - elapsed_after_RT.tv_usec / 10000;
-+ if (client->RT < 0)
-+ client->RT = 0;
- }
- client->txcount++;
- }
-@@ -1497,7 +1496,7 @@ check_timing6 (struct client_state *clie
- }
-
- /* Check if finished (-1 argument). */
-- if ((client->MRD != 0) && (elapsed.tv_sec > client->MRD)) {
-+ if ((client->MRD != 0) && (elapsed.tv_sec >= client->MRD)) {
- log_info("Max retransmission duration exceeded.");
- return(CHK_TIM_MRD_EXCEEDED);
- }
+++ /dev/null
-diff -up dhcp-4.2.2b1/client/dhclient.c.usage dhcp-4.2.2b1/client/dhclient.c
---- dhcp-4.2.2b1/client/dhclient.c.usage 2011-07-01 13:55:16.000000000 +0200
-+++ dhcp-4.2.2b1/client/dhclient.c 2011-07-01 13:58:55.243800602 +0200
-@@ -1047,6 +1047,10 @@ static void usage()
- " [-s server-addr] [-cf config-file] "
- "[-lf lease-file]\n"
- " [-pf pid-file] [--no-pid] [-e VAR=val]\n"
-+ " [-I <dhcp-client-identifier>] [-B]\n"
-+ " [-H <host-name> | -F <fqdn.fqdn>] [-timeout <timeout>]\n"
-+ " [-V <vendor-class-identifier>]\n"
-+ " [-R <request option list>]\n"
- " [-sf script-file] [interface]");
- }
-
+++ /dev/null
-diff -up dhcp-4.2.2/client/Makefile.am.rh637017 dhcp-4.2.2/client/Makefile.am
---- dhcp-4.2.2/client/Makefile.am.rh637017 2010-09-15 00:32:36.000000000 +0200
-+++ dhcp-4.2.2/client/Makefile.am 2011-08-11 17:28:58.923897561 +0200
-@@ -5,7 +5,7 @@ dhclient_SOURCES = clparse.c dhclient.c
- scripts/netbsd scripts/nextstep scripts/openbsd \
- scripts/solaris scripts/openwrt
- dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-- ../bind/lib/libdns.a ../bind/lib/libisc.a
-+ $(BIND9_LIBDIR) -ldns-export -lisc-export
- man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
- EXTRA_DIST = $(man_MANS)
-
-diff -up dhcp-4.2.2/common/tests/Makefile.am.rh637017 dhcp-4.2.2/common/tests/Makefile.am
---- dhcp-4.2.2/common/tests/Makefile.am.rh637017 2009-10-28 05:12:30.000000000 +0100
-+++ dhcp-4.2.2/common/tests/Makefile.am 2011-08-11 17:33:45.258637236 +0200
-@@ -6,6 +6,5 @@ TESTS = test_alloc
-
- test_alloc_SOURCES = test_alloc.c
- test_alloc_LDADD = ../libdhcp.a ../../tests/libt_api.a \
-- ../../omapip/libomapi.a ../../bind/lib/libdns.a \
-- ../../bind/lib/libisc.a
--
-+ ../../omapip/libomapi.a \
-+ $(BIND9_LIBDIR) -ldns-export -lisc-export
-diff -up dhcp-4.2.2/configure.ac.rh637017 dhcp-4.2.2/configure.ac
---- dhcp-4.2.2/configure.ac.rh637017 2011-07-20 02:32:18.000000000 +0200
-+++ dhcp-4.2.2/configure.ac 2011-08-11 17:28:58.924897535 +0200
-@@ -512,20 +512,37 @@ AC_CHECK_MEMBER(struct msghdr.msg_contro
- libbind=
- AC_ARG_WITH(libbind,
- AC_HELP_STRING([--with-libbind=PATH],
-- [bind includes and libraries are in PATH
-- (default is ./bind)]),
-+ [bind includes are in PATH
-+ (default is ./bind/includes)]),
- use_libbind="$withval", use_libbind="no")
- case "$use_libbind" in
-+yes|no)
-+ libbind="\${top_srcdir}/bind/include"
-+ ;;
-+*)
-+ libbind="$use_libbind"
-+ ;;
-+esac
-+
-+BIND9_LIBDIR='-L$(top_builddir)/bind/lib'
-+AC_ARG_WITH(libbind-libs,
-+ AC_HELP_STRING([--with-libbind-libs=PATH],
-+ [bind9 export libraries are in PATH]),
-+ [libbind_libs="$withval"], [libbind_libs='no'])
-+case "$libbind_libs" in
- yes)
-- libbind="\${top_srcdir}/bind"
-+ AC_MSG_ERROR([Specify path to bind9 libraries])
- ;;
- no)
-- libbind="\${top_srcdir}/bind"
-+ BUNDLED_BIND=yes
- ;;
- *)
-- libbind="$use_libbind"
-+ BIND9_LIBDIR="-L$libbind_libs"
-+ BUNDLED_BIND=no
- ;;
- esac
-+AM_CONDITIONAL([BUNDLED_BIND], [test "$BUNDLED_BIND" = yes])
-+AC_SUBST([BIND9_LIBDIR])
-
- # OpenLDAP support.
- AC_ARG_WITH(ldap,
-@@ -562,7 +579,7 @@ fi
- CFLAGS="$CFLAGS $STD_CWARNINGS"
-
- # Try to add the bind include directory
--CFLAGS="$CFLAGS -I$libbind/include"
-+CFLAGS="$CFLAGS -I$libbind"
-
- AC_C_FLEXIBLE_ARRAY_MEMBER
-
-diff -up dhcp-4.2.2/dhcpctl/Makefile.am.rh637017 dhcp-4.2.2/dhcpctl/Makefile.am
---- dhcp-4.2.2/dhcpctl/Makefile.am.rh637017 2009-10-28 05:12:30.000000000 +0100
-+++ dhcp-4.2.2/dhcpctl/Makefile.am 2011-08-11 17:28:58.924897535 +0200
-@@ -6,10 +6,10 @@ EXTRA_DIST = $(man_MANS)
-
- omshell_SOURCES = omshell.c
- omshell_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
-- ../bind/lib/libdns.a ../bind/lib/libisc.a
-+ $(BIND9_LIBDIR) -ldns-export -lisc-export
-
- libdhcpctl_a_SOURCES = dhcpctl.c callback.c remote.c
-
- cltest_SOURCES = cltest.c
- cltest_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
-- ../bind/lib/libdns.a ../bind/lib/libisc.a
-\ No newline at end of file
-+ $(BIND9_LIBDIR) -ldns-export -lisc-export
-diff -up dhcp-4.2.2/Makefile.am.rh637017 dhcp-4.2.2/Makefile.am
---- dhcp-4.2.2/Makefile.am.rh637017 2010-03-25 00:30:38.000000000 +0100
-+++ dhcp-4.2.2/Makefile.am 2011-08-11 17:28:58.925897509 +0200
-@@ -21,7 +21,13 @@ EXTRA_DIST = RELNOTES LICENSE \
- util/bindvar.sh \
- bind/Makefile bind/bind.tar.gz bind/version.tmp
-
--SUBDIRS = bind includes tests common dst omapip client dhcpctl relay server
-+if BUNDLED_BIND
-+SUBDIRS = bind
-+else
-+SUBDIRS =
-+endif
-+
-+SUBDIRS += includes tests common dst omapip client dhcpctl relay server
-
- nobase_include_HEADERS = dhcpctl/dhcpctl.h
-
-diff -up dhcp-4.2.2/omapip/Makefile.am.rh637017 dhcp-4.2.2/omapip/Makefile.am
---- dhcp-4.2.2/omapip/Makefile.am.rh637017 2010-02-12 01:13:54.000000000 +0100
-+++ dhcp-4.2.2/omapip/Makefile.am 2011-08-11 17:28:58.939897149 +0200
-@@ -10,5 +10,5 @@ man_MANS = omapi.3
- EXTRA_DIST = $(man_MANS)
-
- svtest_SOURCES = test.c
--svtest_LDADD = libomapi.a ../bind/lib/libdns.a ../bind/lib/libisc.a
-+svtest_LDADD = libomapi.a $(BIND9_LIBDIR) -ldns-export -lisc-export
-
-diff -up dhcp-4.2.2/relay/Makefile.am.rh637017 dhcp-4.2.2/relay/Makefile.am
---- dhcp-4.2.2/relay/Makefile.am.rh637017 2009-10-28 05:12:30.000000000 +0100
-+++ dhcp-4.2.2/relay/Makefile.am 2011-08-11 17:28:58.940897123 +0200
-@@ -3,7 +3,7 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst
- sbin_PROGRAMS = dhcrelay
- dhcrelay_SOURCES = dhcrelay.c
- dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-- ../bind/lib/libdns.a ../bind/lib/libisc.a
-+ $(BIND9_LIBDIR) -ldns-export -lisc-export
- man_MANS = dhcrelay.8
- EXTRA_DIST = $(man_MANS)
-
-diff -up dhcp-4.2.2/server/Makefile.am.rh637017 dhcp-4.2.2/server/Makefile.am
---- dhcp-4.2.2/server/Makefile.am.rh637017 2010-03-24 22:49:47.000000000 +0100
-+++ dhcp-4.2.2/server/Makefile.am 2011-08-11 17:28:58.944897021 +0200
-@@ -8,8 +8,7 @@ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c c
-
- dhcpd_CFLAGS = $(LDAP_CFLAGS)
- dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-- ../dhcpctl/libdhcpctl.a ../bind/lib/libdns.a \
-- ../bind/lib/libisc.a
-+ ../dhcpctl/libdhcpctl.a $(BIND9_LIBDIR) -ldns-export -lisc-export
-
- man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
- EXTRA_DIST = $(man_MANS)
+++ /dev/null
-diff -up dhcp-4.2.2/client/Makefile.am.sharedlib dhcp-4.2.2/client/Makefile.am
---- dhcp-4.2.2/client/Makefile.am.sharedlib 2011-09-09 16:35:56.000000000 +0200
-+++ dhcp-4.2.2/client/Makefile.am 2011-09-09 16:36:29.849007951 +0200
-@@ -4,7 +4,7 @@ dhclient_SOURCES = clparse.c dhclient.c
- scripts/bsdos scripts/freebsd scripts/linux scripts/macos \
- scripts/netbsd scripts/nextstep scripts/openbsd \
- scripts/solaris scripts/openwrt
--dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-+dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.la \
- $(BIND9_LIBDIR) -ldns-export -lisc-export $(CAPNG_LDADD)
- man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
- EXTRA_DIST = $(man_MANS)
-diff -up dhcp-4.2.2/configure.ac.sharedlib dhcp-4.2.2/configure.ac
---- dhcp-4.2.2/configure.ac.sharedlib 2011-09-09 16:35:56.097000001 +0200
-+++ dhcp-4.2.2/configure.ac 2011-09-09 16:35:56.383000000 +0200
-@@ -30,7 +30,8 @@ fi
- # Use this to define _GNU_SOURCE to pull in the IPv6 Advanced Socket API.
- AC_USE_SYSTEM_EXTENSIONS
-
--AC_PROG_RANLIB
-+# Use libtool to simplify building of shared libraries
-+AC_PROG_LIBTOOL
- AC_CONFIG_HEADERS([includes/config.h])
-
- # we sometimes need to know byte order for building packets
-diff -up dhcp-4.2.2/dhcpctl/Makefile.am.sharedlib dhcp-4.2.2/dhcpctl/Makefile.am
---- dhcp-4.2.2/dhcpctl/Makefile.am.sharedlib 2011-09-09 16:35:55.459000001 +0200
-+++ dhcp-4.2.2/dhcpctl/Makefile.am 2011-09-09 16:35:56.384000000 +0200
-@@ -1,15 +1,15 @@
- bin_PROGRAMS = omshell
--lib_LIBRARIES = libdhcpctl.a
-+lib_LTLIBRARIES = libdhcpctl.la
- noinst_PROGRAMS = cltest
- man_MANS = omshell.1 dhcpctl.3
- EXTRA_DIST = $(man_MANS)
-
- omshell_SOURCES = omshell.c
--omshell_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
-+omshell_LDADD = libdhcpctl.la ../common/libdhcp.a ../omapip/libomapi.la \
- $(BIND9_LIBDIR) -ldns-export -lisc-export
-
--libdhcpctl_a_SOURCES = dhcpctl.c callback.c remote.c
-+libdhcpctl_la_SOURCES = dhcpctl.c callback.c remote.c
-
- cltest_SOURCES = cltest.c
--cltest_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
-+cltest_LDADD = libdhcpctl.la ../common/libdhcp.a ../omapip/libomapi.la \
- $(BIND9_LIBDIR) -ldns-export -lisc-export
-diff -up dhcp-4.2.2/dst/base64.c.sharedlib dhcp-4.2.2/dst/base64.c
---- dhcp-4.2.2/dst/base64.c.sharedlib 2009-11-20 02:49:01.000000000 +0100
-+++ dhcp-4.2.2/dst/base64.c 2011-09-09 16:35:56.385000000 +0200
-@@ -64,6 +64,7 @@ static const char rcsid[] = "$Id: base64
-
- #include <sys/socket.h>
-
-+#include "dst_internal.h"
- #include "cdefs.h"
- #include "osdep.h"
- #include "arpa/nameser.h"
-diff -up dhcp-4.2.2/dst/Makefile.am.sharedlib dhcp-4.2.2/dst/Makefile.am
---- dhcp-4.2.2/dst/Makefile.am.sharedlib 2007-05-29 18:32:10.000000000 +0200
-+++ dhcp-4.2.2/dst/Makefile.am 2011-09-09 16:35:56.386000000 +0200
-@@ -1,8 +1,8 @@
- AM_CPPFLAGS = -DMINIRES_LIB -DHMAC_MD5
-
--lib_LIBRARIES = libdst.a
-+lib_LTLIBRARIES = libdst.la
-
--libdst_a_SOURCES = dst_support.c dst_api.c hmac_link.c md5_dgst.c \
-+libdst_la_SOURCES = dst_support.c dst_api.c hmac_link.c md5_dgst.c \
- base64.c prandom.c
-
- EXTRA_DIST = dst_internal.h md5.h md5_locl.h
-diff -up dhcp-4.2.2/omapip/Makefile.am.sharedlib dhcp-4.2.2/omapip/Makefile.am
---- dhcp-4.2.2/omapip/Makefile.am.sharedlib 2011-09-09 16:35:55.000000000 +0200
-+++ dhcp-4.2.2/omapip/Makefile.am 2011-09-09 16:37:36.734000324 +0200
-@@ -1,7 +1,7 @@
--lib_LIBRARIES = libomapi.a
-+lib_LTLIBRARIES = libomapi.la
- noinst_PROGRAMS = svtest
-
--libomapi_a_SOURCES = protocol.c buffer.c alloc.c result.c connection.c \
-+libomapi_la_SOURCES = protocol.c buffer.c alloc.c result.c connection.c \
- errwarn.c listener.c dispatch.c generic.c support.c \
- handle.c message.c convert.c hash.c auth.c inet_addr.c \
- array.c trace.c toisc.c iscprint.c isclib.c
-@@ -10,5 +10,5 @@ man_MANS = omapi.3
- EXTRA_DIST = $(man_MANS)
-
- svtest_SOURCES = test.c
--svtest_LDADD = libomapi.a $(BIND9_LIBDIR) -ldns-export -lisc-export
-+svtest_LDADD = libomapi.la $(BIND9_LIBDIR) -ldns-export -lisc-export
-
-diff -up dhcp-4.2.2/relay/Makefile.am.sharedlib dhcp-4.2.2/relay/Makefile.am
---- dhcp-4.2.2/relay/Makefile.am.sharedlib 2011-09-09 16:35:56.000000000 +0200
-+++ dhcp-4.2.2/relay/Makefile.am 2011-09-09 16:37:57.058019749 +0200
-@@ -2,7 +2,7 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst
-
- sbin_PROGRAMS = dhcrelay
- dhcrelay_SOURCES = dhcrelay.c
--dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-+dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.la \
- $(BIND9_LIBDIR) -ldns-export -lisc-export $(CAPNG_LDADD)
- man_MANS = dhcrelay.8
- EXTRA_DIST = $(man_MANS)
-diff -up dhcp-4.2.2/server/Makefile.am.sharedlib dhcp-4.2.2/server/Makefile.am
---- dhcp-4.2.2/server/Makefile.am.sharedlib 2011-09-09 16:35:56.000000000 +0200
-+++ dhcp-4.2.2/server/Makefile.am 2011-09-09 16:38:56.291004599 +0200
-@@ -7,8 +7,8 @@ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c c
- dhcpv6.c mdb6.c ldap.c ldap_casa.c
-
- dhcpd_CFLAGS = $(LDAP_CFLAGS)
--dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-- ../dhcpctl/libdhcpctl.a $(BIND9_LIBDIR) -ldns-export -lisc-export \
-+dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.la \
-+ ../dhcpctl/libdhcpctl.la $(BIND9_LIBDIR) -ldns-export -lisc-export \
- $(CAPNG_LDADD)
-
- man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
--- /dev/null
+diff -up dhcp-4.3.0a1/common/parse.c.64-bit_lease_parse dhcp-4.3.0a1/common/parse.c
+--- dhcp-4.3.0a1/common/parse.c.64-bit_lease_parse 2013-12-11 01:25:12.000000000 +0100
++++ dhcp-4.3.0a1/common/parse.c 2013-12-19 15:45:25.990771814 +0100
+@@ -938,8 +938,8 @@ TIME
+ parse_date_core(cfile)
+ struct parse *cfile;
+ {
+- int guess;
+- int tzoff, year, mon, mday, hour, min, sec;
++ TIME guess;
++ long int tzoff, year, mon, mday, hour, min, sec;
+ const char *val;
+ enum dhcp_token token;
+ static int months[11] = { 31, 59, 90, 120, 151, 181,
+@@ -965,7 +965,7 @@ parse_date_core(cfile)
+ }
+
+ skip_token(&val, NULL, cfile); /* consume number */
+- guess = atoi(val);
++ guess = atol(val);
+
+ return((TIME)guess);
+ }
+@@ -993,7 +993,7 @@ parse_date_core(cfile)
+ somebody invents a time machine, I think we can safely disregard
+ it. This actually works around a stupid Y2K bug that was present
+ in a very early beta release of dhcpd. */
+- year = atoi(val);
++ year = atol(val);
+ if (year > 1900)
+ year -= 1900;
+
+@@ -1039,7 +1039,7 @@ parse_date_core(cfile)
+ return((TIME)0);
+ }
+ skip_token(&val, NULL, cfile); /* consume day of month */
+- mday = atoi(val);
++ mday = atol(val);
+
+ /* Hour... */
+ token = peek_token(&val, NULL, cfile);
+@@ -1050,7 +1050,7 @@ parse_date_core(cfile)
+ return((TIME)0);
+ }
+ skip_token(&val, NULL, cfile); /* consume hour */
+- hour = atoi(val);
++ hour = atol(val);
+
+ /* Colon separating hour from minute... */
+ token = peek_token(&val, NULL, cfile);
+@@ -1072,7 +1072,7 @@ parse_date_core(cfile)
+ return((TIME)0);
+ }
+ skip_token(&val, NULL, cfile); /* consume minute */
+- min = atoi(val);
++ min = atol(val);
+
+ /* Colon separating minute from second... */
+ token = peek_token(&val, NULL, cfile);
+@@ -1094,13 +1094,13 @@ parse_date_core(cfile)
+ return((TIME)0);
+ }
+ skip_token(&val, NULL, cfile); /* consume second */
+- sec = atoi(val);
++ sec = atol(val);
+
+ tzoff = 0;
+ token = peek_token(&val, NULL, cfile);
+ if (token == NUMBER) {
+ skip_token(&val, NULL, cfile); /* consume tzoff */
+- tzoff = atoi(val);
++ tzoff = atol(val);
+ } else if (token != SEMI) {
+ skip_token(&val, NULL, cfile);
+ parse_warn(cfile,
-diff -up dhcp-4.2.2b1/client/clparse.c.cloexec dhcp-4.2.2b1/client/clparse.c
---- dhcp-4.2.2b1/client/clparse.c.cloexec 2011-07-01 14:13:30.973887714 +0200
-+++ dhcp-4.2.2b1/client/clparse.c 2011-07-01 14:15:15.021580693 +0200
-@@ -246,7 +246,7 @@ int read_client_conf_file (const char *n
+diff -up dhcp-4.3.0a1/client/clparse.c.cloexec dhcp-4.3.0a1/client/clparse.c
+--- dhcp-4.3.0a1/client/clparse.c.cloexec 2013-12-19 15:34:41.638886256 +0100
++++ dhcp-4.3.0a1/client/clparse.c 2013-12-19 15:34:41.657885985 +0100
+@@ -253,7 +253,7 @@ int read_client_conf_file (const char *n
int token;
isc_result_t status;
return uerr2isc (errno);
cfile = NULL;
-@@ -283,7 +283,7 @@ void read_client_leases ()
+@@ -290,7 +290,7 @@ void read_client_leases ()
/* Open the lease file. If we can't open it, just return -
we can safely trust the server to remember our state. */
return;
cfile = NULL;
-diff -up dhcp-4.2.2b1/client/dhclient.c.cloexec dhcp-4.2.2b1/client/dhclient.c
---- dhcp-4.2.2b1/client/dhclient.c.cloexec 2011-07-01 14:13:30.970887717 +0200
-+++ dhcp-4.2.2b1/client/dhclient.c 2011-07-01 14:16:51.485930388 +0200
+diff -up dhcp-4.3.0a1/client/dhclient.c.cloexec dhcp-4.3.0a1/client/dhclient.c
+--- dhcp-4.3.0a1/client/dhclient.c.cloexec 2013-12-19 15:34:41.629886384 +0100
++++ dhcp-4.3.0a1/client/dhclient.c 2013-12-19 15:36:41.608180467 +0100
@@ -148,11 +148,11 @@ main(int argc, char **argv) {
/* Make sure that file descriptors 0 (stdin), 1, (stdout), and
2 (stderr) are open. To do this, we assume that when we
if (fd == 2)
log_perror = 0; /* No sense logging to /dev/null. */
else if (fd != -1)
-@@ -506,7 +506,7 @@ main(int argc, char **argv) {
+@@ -504,7 +504,7 @@ main(int argc, char **argv) {
+ long temp;
int e;
- oldpid = 0;
- if ((pidfd = fopen(path_dhclient_pid, "r")) != NULL) {
+ if ((pidfd = fopen(path_dhclient_pid, "re")) != NULL) {
e = fscanf(pidfd, "%ld\n", &temp);
oldpid = (pid_t)temp;
-@@ -548,7 +548,7 @@ main(int argc, char **argv) {
+@@ -554,7 +554,7 @@ main(int argc, char **argv) {
strncpy(new_path_dhclient_pid, path_dhclient_pid, pfx);
sprintf(new_path_dhclient_pid + pfx, "-%s.pid", ip->name);
e = fscanf(pidfd, "%ld\n", &temp);
oldpid = (pid_t)temp;
-@@ -573,7 +573,7 @@ main(int argc, char **argv) {
+@@ -579,7 +579,7 @@ main(int argc, char **argv) {
int dhc_running = 0;
char procfn[256] = "";
if ((fscanf(pidfp, "%ld", &temp)==1) && ((dhcpid=(pid_t)temp) > 0)) {
snprintf(procfn,256,"/proc/%u",dhcpid);
dhc_running = (access(procfn, F_OK) == 0);
-@@ -2995,7 +2995,7 @@ void rewrite_client_leases ()
+@@ -3077,7 +3077,7 @@ void rewrite_client_leases ()
if (leaseFile != NULL)
fclose (leaseFile);
if (leaseFile == NULL) {
log_error ("can't create %s: %m", path_dhclient_db);
return;
-@@ -3105,7 +3105,7 @@ write_duid(struct data_string *duid)
+@@ -3261,7 +3261,7 @@ write_duid(struct data_string *duid)
return DHCP_R_INVALIDARG;
if (leaseFile == NULL) { /* XXX? */
if (leaseFile == NULL) {
log_error("can't create %s: %m", path_dhclient_db);
return ISC_R_IOERROR;
-@@ -3285,7 +3285,7 @@ int write_client_lease (client, lease, r
+@@ -3441,7 +3441,7 @@ int write_client_lease (client, lease, r
return 1;
if (leaseFile == NULL) { /* XXX */
if (leaseFile == NULL) {
log_error ("can't create %s: %m", path_dhclient_db);
return 0;
-@@ -3772,9 +3772,9 @@ void go_daemon ()
- close(2);
+@@ -3952,9 +3952,9 @@ void go_daemon ()
+ (void) close(2);
/* Reopen them on /dev/null. */
-- open("/dev/null", O_RDWR);
-- open("/dev/null", O_RDWR);
-- open("/dev/null", O_RDWR);
-+ open("/dev/null", O_RDWR | O_CLOEXEC);
-+ open("/dev/null", O_RDWR | O_CLOEXEC);
-+ open("/dev/null", O_RDWR | O_CLOEXEC);
+- (void) open("/dev/null", O_RDWR);
+- (void) open("/dev/null", O_RDWR);
+- (void) open("/dev/null", O_RDWR);
++ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
++ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
++ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
write_client_pid_file ();
-@@ -3791,14 +3791,14 @@ void write_client_pid_file ()
+@@ -3971,14 +3971,14 @@ void write_client_pid_file ()
return;
}
if (!pf) {
close(pfdesc);
log_error ("Can't fdopen %s: %m", path_dhclient_pid);
-diff -up dhcp-4.2.2b1/common/bpf.c.cloexec dhcp-4.2.2b1/common/bpf.c
---- dhcp-4.2.2b1/common/bpf.c.cloexec 2011-07-01 14:13:30.976887712 +0200
-+++ dhcp-4.2.2b1/common/bpf.c 2011-07-01 14:13:31.030887673 +0200
-@@ -94,7 +94,7 @@ int if_register_bpf (info)
+diff -up dhcp-4.3.0a1/common/bpf.c.cloexec dhcp-4.3.0a1/common/bpf.c
+--- dhcp-4.3.0a1/common/bpf.c.cloexec 2013-12-19 15:34:41.640886227 +0100
++++ dhcp-4.3.0a1/common/bpf.c 2013-12-19 15:34:41.661885928 +0100
+@@ -95,7 +95,7 @@ int if_register_bpf (info)
for (b = 0; 1; b++) {
/* %Audit% 31 bytes max. %2004.06.17,Safe% */
sprintf(filename, BPF_FORMAT, b);
if (sock < 0) {
if (errno == EBUSY) {
continue;
-diff -up dhcp-4.2.2b1/common/discover.c.cloexec dhcp-4.2.2b1/common/discover.c
---- dhcp-4.2.2b1/common/discover.c.cloexec 2011-06-27 18:18:20.000000000 +0200
-+++ dhcp-4.2.2b1/common/discover.c 2011-07-01 14:13:31.031887673 +0200
-@@ -421,7 +421,7 @@ begin_iface_scan(struct iface_conf_list
- int len;
- int i;
-
-- ifaces->fp = fopen("/proc/net/dev", "r");
-+ ifaces->fp = fopen("/proc/net/dev", "re");
- if (ifaces->fp == NULL) {
- log_error("Error opening '/proc/net/dev' to list interfaces");
- return 0;
-@@ -456,7 +456,7 @@ begin_iface_scan(struct iface_conf_list
-
- #ifdef DHCPv6
- if (local_family == AF_INET6) {
-- ifaces->fp6 = fopen("/proc/net/if_inet6", "r");
-+ ifaces->fp6 = fopen("/proc/net/if_inet6", "re");
- if (ifaces->fp6 == NULL) {
- log_error("Error opening '/proc/net/if_inet6' to "
- "list IPv6 interfaces; %m");
-diff -up dhcp-4.2.2b1/common/dlpi.c.cloexec dhcp-4.2.2b1/common/dlpi.c
---- dhcp-4.2.2b1/common/dlpi.c.cloexec 2011-07-01 14:13:30.977887712 +0200
-+++ dhcp-4.2.2b1/common/dlpi.c 2011-07-01 14:13:31.032887673 +0200
-@@ -806,7 +806,7 @@ dlpiopen(const char *ifname) {
+diff -up dhcp-4.3.0a1/common/dlpi.c.cloexec dhcp-4.3.0a1/common/dlpi.c
+--- dhcp-4.3.0a1/common/dlpi.c.cloexec 2013-12-19 15:34:41.641886213 +0100
++++ dhcp-4.3.0a1/common/dlpi.c 2013-12-19 15:34:41.662885914 +0100
+@@ -804,7 +804,7 @@ dlpiopen(const char *ifname) {
}
*dp = '\0';
}
/*
-diff -up dhcp-4.2.2b1/common/nit.c.cloexec dhcp-4.2.2b1/common/nit.c
---- dhcp-4.2.2b1/common/nit.c.cloexec 2011-07-01 14:13:30.978887712 +0200
-+++ dhcp-4.2.2b1/common/nit.c 2011-07-01 14:13:31.033887672 +0200
+diff -up dhcp-4.3.0a1/common/nit.c.cloexec dhcp-4.3.0a1/common/nit.c
+--- dhcp-4.3.0a1/common/nit.c.cloexec 2013-12-19 15:34:41.642886199 +0100
++++ dhcp-4.3.0a1/common/nit.c 2013-12-19 15:34:41.662885914 +0100
@@ -81,7 +81,7 @@ int if_register_nit (info)
struct strioctl sio;
if (sock < 0)
log_fatal ("Can't open NIT device for %s: %m", info -> name);
-diff -up dhcp-4.2.2b1/common/resolv.c.cloexec dhcp-4.2.2b1/common/resolv.c
---- dhcp-4.2.2b1/common/resolv.c.cloexec 2009-11-20 02:49:01.000000000 +0100
-+++ dhcp-4.2.2b1/common/resolv.c 2011-07-01 14:13:31.033887672 +0200
-@@ -49,7 +49,7 @@ void read_resolv_conf (parse_time)
+diff -up dhcp-4.3.0a1/common/resolv.c.cloexec dhcp-4.3.0a1/common/resolv.c
+--- dhcp-4.3.0a1/common/resolv.c.cloexec 2013-12-11 01:25:12.000000000 +0100
++++ dhcp-4.3.0a1/common/resolv.c 2013-12-19 15:34:41.663885900 +0100
+@@ -50,7 +50,7 @@ void read_resolv_conf (parse_time)
struct domain_search_list *dp, *dl, *nd;
isc_result_t status;
log_error ("Can't open %s: %m", path_resolv_conf);
return;
}
-diff -up dhcp-4.2.2b1/common/upf.c.cloexec dhcp-4.2.2b1/common/upf.c
---- dhcp-4.2.2b1/common/upf.c.cloexec 2011-07-01 14:13:30.979887712 +0200
-+++ dhcp-4.2.2b1/common/upf.c 2011-07-01 14:13:31.034887671 +0200
+diff -up dhcp-4.3.0a1/common/upf.c.cloexec dhcp-4.3.0a1/common/upf.c
+--- dhcp-4.3.0a1/common/upf.c.cloexec 2013-12-19 15:34:41.642886199 +0100
++++ dhcp-4.3.0a1/common/upf.c 2013-12-19 15:34:41.663885900 +0100
@@ -77,7 +77,7 @@ int if_register_upf (info)
/* %Audit% Cannot exceed 36 bytes. %2004.06.17,Safe% */
sprintf(filename, "/dev/pf/pfilt%d", b);
if (sock < 0) {
if (errno == EBUSY) {
continue;
-diff -up dhcp-4.2.2b1/dst/dst_api.c.cloexec dhcp-4.2.2b1/dst/dst_api.c
---- dhcp-4.2.2b1/dst/dst_api.c.cloexec 2009-10-29 01:46:48.000000000 +0100
-+++ dhcp-4.2.2b1/dst/dst_api.c 2011-07-01 14:13:31.035887670 +0200
-@@ -437,7 +437,7 @@ dst_s_write_private_key(const DST_KEY *k
- PRIVATE_KEY, PATH_MAX);
-
- /* Do not overwrite an existing file */
-- if ((fp = dst_s_fopen(file, "w", 0600)) != NULL) {
-+ if ((fp = dst_s_fopen(file, "we", 0600)) != NULL) {
- int nn;
- if ((nn = fwrite(encoded_block, 1, len, fp)) != len) {
- EREPORT(("dst_write_private_key(): Write failure on %s %d != %d errno=%d\n",
-@@ -494,7 +494,7 @@ dst_s_read_public_key(const char *in_nam
- * flags, proto, alg stored as decimal (or hex numbers FIXME).
- * (FIXME: handle parentheses for line continuation.)
- */
-- if ((fp = dst_s_fopen(name, "r", 0)) == NULL) {
-+ if ((fp = dst_s_fopen(name, "re", 0)) == NULL) {
- EREPORT(("dst_read_public_key(): Public Key not found %s\n",
- name));
- return (NULL);
-@@ -620,7 +620,7 @@ dst_s_write_public_key(const DST_KEY *ke
- return (0);
- }
- /* create public key file */
-- if ((fp = dst_s_fopen(filename, "w+", 0644)) == NULL) {
-+ if ((fp = dst_s_fopen(filename, "w+e", 0644)) == NULL) {
- EREPORT(("DST_write_public_key: open of file:%s failed (errno=%d)\n",
- filename, errno));
- return (0);
-@@ -854,7 +854,7 @@ dst_s_read_private_key_file(char *name,
- return (0);
- }
- /* first check if we can find the key file */
-- if ((fp = dst_s_fopen(filename, "r", 0)) == NULL) {
-+ if ((fp = dst_s_fopen(filename, "re", 0)) == NULL) {
- EREPORT(("dst_s_read_private_key_file: Could not open file %s in directory %s\n",
- filename, dst_path[0] ? dst_path :
- (char *) getcwd(NULL, PATH_MAX - 1)));
-diff -up dhcp-4.2.2b1/dst/prandom.c.cloexec dhcp-4.2.2b1/dst/prandom.c
---- dhcp-4.2.2b1/dst/prandom.c.cloexec 2009-11-20 02:49:01.000000000 +0100
-+++ dhcp-4.2.2b1/dst/prandom.c 2011-07-01 14:13:31.035887670 +0200
-@@ -269,7 +269,7 @@ get_dev_random(u_char *output, unsigned
-
- s = stat("/dev/random", &st);
- if (s == 0 && S_ISCHR(st.st_mode)) {
-- if ((fd = open("/dev/random", O_RDONLY | O_NONBLOCK)) != -1) {
-+ if ((fd = open("/dev/random", O_RDONLY | O_NONBLOCK | O_CLOEXEC)) != -1) {
- if ((n = read(fd, output, size)) < 0)
- n = 0;
- close(fd);
-@@ -480,7 +480,7 @@ digest_file(dst_work *work)
- work->file_digest = dst_free_key(work->file_digest);
- return (0);
- }
-- if ((fp = fopen(name, "r")) == NULL)
-+ if ((fp = fopen(name, "re")) == NULL)
- return (0);
- for (no = 0; (i = fread(buf, sizeof(*buf), sizeof(buf), fp)) > 0;
- no += i)
-diff -up dhcp-4.2.2b1/omapip/trace.c.cloexec dhcp-4.2.2b1/omapip/trace.c
---- dhcp-4.2.2b1/omapip/trace.c.cloexec 2010-05-27 02:34:57.000000000 +0200
-+++ dhcp-4.2.2b1/omapip/trace.c 2011-07-01 14:13:31.036887669 +0200
-@@ -141,10 +141,10 @@ isc_result_t trace_begin (const char *fi
+diff -up dhcp-4.3.0a1/omapip/trace.c.cloexec dhcp-4.3.0a1/omapip/trace.c
+--- dhcp-4.3.0a1/omapip/trace.c.cloexec 2013-12-11 01:01:03.000000000 +0100
++++ dhcp-4.3.0a1/omapip/trace.c 2013-12-19 15:34:41.663885900 +0100
+@@ -142,10 +142,10 @@ isc_result_t trace_begin (const char *fi
return DHCP_R_INVALIDARG;
}
0600);
}
-@@ -431,7 +431,7 @@ void trace_file_replay (const char *file
+@@ -433,7 +433,7 @@ void trace_file_replay (const char *file
isc_result_t result;
int len;
if (!traceinfile) {
log_error("Can't open tracefile %s: %m", filename);
return;
-diff -up dhcp-4.2.2b1/relay/dhcrelay.c.cloexec dhcp-4.2.2b1/relay/dhcrelay.c
---- dhcp-4.2.2b1/relay/dhcrelay.c.cloexec 2011-05-10 15:07:37.000000000 +0200
-+++ dhcp-4.2.2b1/relay/dhcrelay.c 2011-07-01 14:18:07.630209767 +0200
-@@ -183,11 +183,11 @@ main(int argc, char **argv) {
+diff -up dhcp-4.3.0a1/relay/dhcrelay.c.cloexec dhcp-4.3.0a1/relay/dhcrelay.c
+--- dhcp-4.3.0a1/relay/dhcrelay.c.cloexec 2013-12-13 22:26:21.000000000 +0100
++++ dhcp-4.3.0a1/relay/dhcrelay.c 2013-12-19 15:34:41.664885886 +0100
+@@ -193,11 +193,11 @@ main(int argc, char **argv) {
/* Make sure that file descriptors 0(stdin), 1,(stdout), and
2(stderr) are open. To do this, we assume that when we
open a file the lowest available file descriptor is used. */
if (fd == 2)
log_perror = 0; /* No sense logging to /dev/null. */
else if (fd != -1)
-@@ -540,13 +540,13 @@ main(int argc, char **argv) {
+@@ -564,13 +564,13 @@ main(int argc, char **argv) {
if (no_pid_file == ISC_FALSE) {
pfdesc = open(path_dhcrelay_pid,
if (!pf)
log_error("Can't fdopen %s: %m",
path_dhcrelay_pid);
-diff -up dhcp-4.2.2b1/server/confpars.c.cloexec dhcp-4.2.2b1/server/confpars.c
---- dhcp-4.2.2b1/server/confpars.c.cloexec 2010-10-14 00:34:45.000000000 +0200
-+++ dhcp-4.2.2b1/server/confpars.c 2011-07-01 14:13:31.039887666 +0200
-@@ -116,7 +116,7 @@ isc_result_t read_conf_file (const char
+diff -up dhcp-4.3.0a1/server/confpars.c.cloexec dhcp-4.3.0a1/server/confpars.c
+--- dhcp-4.3.0a1/server/confpars.c.cloexec 2013-12-11 01:25:12.000000000 +0100
++++ dhcp-4.3.0a1/server/confpars.c 2013-12-19 15:34:41.665885871 +0100
+@@ -117,7 +117,7 @@ isc_result_t read_conf_file (const char
}
#endif
if (leasep) {
log_error ("Can't open lease database %s: %m --",
path_dhcpd_db);
-diff -up dhcp-4.2.2b1/server/db.c.cloexec dhcp-4.2.2b1/server/db.c
---- dhcp-4.2.2b1/server/db.c.cloexec 2010-09-14 00:15:26.000000000 +0200
-+++ dhcp-4.2.2b1/server/db.c 2011-07-01 14:13:31.040887665 +0200
-@@ -1035,7 +1035,7 @@ void db_startup (testp)
+diff -up dhcp-4.3.0a1/server/db.c.cloexec dhcp-4.3.0a1/server/db.c
+--- dhcp-4.3.0a1/server/db.c.cloexec 2013-12-11 01:25:12.000000000 +0100
++++ dhcp-4.3.0a1/server/db.c 2013-12-19 15:34:41.666885857 +0100
+@@ -1081,7 +1081,7 @@ void db_startup (testp)
}
#endif
if (!testp) {
if (!db_file)
log_fatal ("Can't open %s for append.", path_dhcpd_db);
expire_all_pools ();
-@@ -1083,12 +1083,12 @@ int new_lease_file ()
+@@ -1129,12 +1129,12 @@ int new_lease_file ()
path_dhcpd_db, (int)t) >= sizeof newfname)
log_fatal("new_lease_file: lease file path too long");
log_error("Can't fdopen new lease file: %m");
close(db_fd);
goto fdfail;
-diff -up dhcp-4.2.2b1/server/dhcpd.c.cloexec dhcp-4.2.2b1/server/dhcpd.c
---- dhcp-4.2.2b1/server/dhcpd.c.cloexec 2011-04-21 16:08:15.000000000 +0200
-+++ dhcp-4.2.2b1/server/dhcpd.c 2011-07-01 14:19:40.354124505 +0200
-@@ -270,11 +270,11 @@ main(int argc, char **argv) {
+diff -up dhcp-4.3.0a1/server/dhcpd.c.cloexec dhcp-4.3.0a1/server/dhcpd.c
+--- dhcp-4.3.0a1/server/dhcpd.c.cloexec 2013-12-13 22:26:01.000000000 +0100
++++ dhcp-4.3.0a1/server/dhcpd.c 2013-12-19 15:37:17.258674472 +0100
+@@ -193,11 +193,11 @@ main(int argc, char **argv) {
/* Make sure that file descriptors 0 (stdin), 1, (stdout), and
2 (stderr) are open. To do this, we assume that when we
open a file the lowest available file descriptor is used. */
if (fd == 2)
log_perror = 0; /* No sense logging to /dev/null. */
else if (fd != -1)
-@@ -793,7 +793,7 @@ main(int argc, char **argv) {
+@@ -716,7 +716,7 @@ main(int argc, char **argv) {
*/
if (no_pid_file == ISC_FALSE) {
/*Read previous pid file. */
status = read(i, pbuf, (sizeof pbuf) - 1);
close (i);
if (status > 0) {
-@@ -812,7 +812,7 @@ main(int argc, char **argv) {
+@@ -735,7 +735,7 @@ main(int argc, char **argv) {
}
/* Write new pid file. */
if (i >= 0) {
sprintf(pbuf, "%d\n", (int) getpid());
IGNORE_RET (write(i, pbuf, strlen(pbuf)));
-@@ -840,9 +840,9 @@ main(int argc, char **argv) {
- close(2);
+@@ -763,9 +763,9 @@ main(int argc, char **argv) {
+ (void) close(2);
/* Reopen them on /dev/null. */
-- open("/dev/null", O_RDWR);
-- open("/dev/null", O_RDWR);
-- open("/dev/null", O_RDWR);
-+ open("/dev/null", O_RDWR | O_CLOEXEC);
-+ open("/dev/null", O_RDWR | O_CLOEXEC);
-+ open("/dev/null", O_RDWR | O_CLOEXEC);
+- (void) open("/dev/null", O_RDWR);
+- (void) open("/dev/null", O_RDWR);
+- (void) open("/dev/null", O_RDWR);
++ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
++ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
++ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
log_perror = 0; /* No sense logging to /dev/null. */
IGNORE_RET (chdir("/"));
-diff -up dhcp-4.2.2b1/server/ldap.c.cloexec dhcp-4.2.2b1/server/ldap.c
---- dhcp-4.2.2b1/server/ldap.c.cloexec 2010-03-25 16:26:58.000000000 +0100
-+++ dhcp-4.2.2b1/server/ldap.c 2011-07-01 14:13:31.043887665 +0200
-@@ -685,7 +685,7 @@ ldap_start (void)
+diff -up dhcp-4.3.0a1/server/ldap.c.cloexec dhcp-4.3.0a1/server/ldap.c
+--- dhcp-4.3.0a1/server/ldap.c.cloexec 2013-12-11 01:25:12.000000000 +0100
++++ dhcp-4.3.0a1/server/ldap.c 2013-12-19 15:34:41.667885843 +0100
+@@ -684,7 +684,7 @@ ldap_start (void)
if (ldap_debug_file != NULL && ldap_debug_fd == -1)
{
-diff -up dhcp-4.2.0-P1/client/dhc6.c.PPP dhcp-4.2.0-P1/client/dhc6.c
---- dhcp-4.2.0-P1/client/dhc6.c.PPP 2010-11-05 10:47:37.000000000 +0100
-+++ dhcp-4.2.0-P1/client/dhc6.c 2010-11-09 15:54:12.000000000 +0100
-@@ -129,7 +129,7 @@ extern int stateless;
+diff -up dhcp-4.3.1b1/client/dhc6.c.mRfpsB dhcp-4.3.1b1/client/dhc6.c
+--- dhcp-4.3.1b1/client/dhc6.c.mRfpsB 2014-07-10 17:48:03.779424870 +0200
++++ dhcp-4.3.1b1/client/dhc6.c 2014-07-10 17:48:03.795424644 +0200
+@@ -5088,7 +5088,8 @@ make_client6_options(struct client_state
+ */
+ if ((oc = lookup_option(&dhcpv6_universe, *op,
+ D6O_CLIENTID)) == NULL) {
+- if (!option_cache(&oc, &default_duid, NULL, clientid_option,
++ if (default_duid.len == 0 ||
++ !option_cache(&oc, &default_duid, NULL, clientid_option,
+ MDL))
+ log_fatal("Failure assembling a DUID.");
+
+diff -up dhcp-4.3.1b1/client/dhclient.c.mRfpsB dhcp-4.3.1b1/client/dhclient.c
+--- dhcp-4.3.1b1/client/dhclient.c.mRfpsB 2014-07-10 17:39:25.853763858 +0200
++++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:49:49.882925843 +0200
+@@ -948,8 +948,8 @@ main(int argc, char **argv) {
+ if (default_duid.buffer != NULL)
+ data_string_forget(&default_duid, MDL);
+
+- form_duid(&default_duid, MDL);
+- write_duid(&default_duid);
++ if (form_duid(&default_duid, MDL) == ISC_R_SUCCESS)
++ write_duid(&default_duid);
+ }
+ }
+
+@@ -3267,7 +3267,7 @@ write_options(struct client_state *clien
* is not how it is intended. Upcoming rearchitecting the client should
* address this "one daemon model."
*/
form_duid(struct data_string *duid, const char *file, int line)
{
struct interface_info *ip;
-@@ -141,6 +141,15 @@ form_duid(struct data_string *duid, cons
+@@ -3280,6 +3280,15 @@ form_duid(struct data_string *duid, cons
if (ip == NULL)
log_fatal("Impossible condition at %s:%d.", MDL);
if ((ip->hw_address.hlen == 0) ||
(ip->hw_address.hlen > sizeof(ip->hw_address.hbuf)))
log_fatal("Impossible hardware address length at %s:%d.", MDL);
-@@ -176,6 +185,8 @@ form_duid(struct data_string *duid, cons
- memcpy(duid->buffer->data + 4, ip->hw_address.hbuf + 1,
- ip->hw_address.hlen - 1);
+@@ -3323,6 +3332,8 @@ form_duid(struct data_string *duid, cons
+ log_info("Created duid %s.", str);
+ dfree(str, MDL);
}
-+
++
+ return ISC_R_SUCCESS;
}
- /*
-@@ -5289,7 +5300,8 @@ make_client6_options(struct client_state
- */
- if ((oc = lookup_option(&dhcpv6_universe, *op,
- D6O_CLIENTID)) == NULL) {
-- if (!option_cache(&oc, &default_duid, NULL, clientid_option,
-+ if (default_duid.len == 0 ||
-+ !option_cache(&oc, &default_duid, NULL, clientid_option,
- MDL))
- log_fatal("Failure assembling a DUID.");
-
-diff -up dhcp-4.2.0-P1/client/dhclient.c.PPP dhcp-4.2.0-P1/client/dhclient.c
---- dhcp-4.2.0-P1/client/dhclient.c.PPP 2010-11-05 10:47:37.000000000 +0100
-+++ dhcp-4.2.0-P1/client/dhclient.c 2010-11-09 15:37:26.000000000 +0100
-@@ -911,8 +911,8 @@ main(int argc, char **argv) {
- if (default_duid.buffer != NULL)
- data_string_forget(&default_duid, MDL);
-
-- form_duid(&default_duid, MDL);
-- write_duid(&default_duid);
-+ if (form_duid(&default_duid, MDL) == ISC_R_SUCCESS)
-+ write_duid(&default_duid);
- }
-
- for (ip = interfaces ; ip != NULL ; ip = ip->next) {
-diff -up dhcp-4.2.0-P1/common/bpf.c.PPP dhcp-4.2.0-P1/common/bpf.c
---- dhcp-4.2.0-P1/common/bpf.c.PPP 2010-11-05 10:47:37.000000000 +0100
-+++ dhcp-4.2.0-P1/common/bpf.c 2010-11-09 15:42:42.000000000 +0100
-@@ -599,6 +599,22 @@ get_hw_addr(const char *name, struct har
+ /* Write the default DUID to the lease store. */
+diff -up dhcp-4.3.1b1/common/bpf.c.mRfpsB dhcp-4.3.1b1/common/bpf.c
+--- dhcp-4.3.1b1/common/bpf.c.mRfpsB 2014-07-10 17:39:25.797764653 +0200
++++ dhcp-4.3.1b1/common/bpf.c 2014-07-10 17:48:03.797424616 +0200
+@@ -600,6 +600,22 @@ get_hw_addr(const char *name, struct har
memcpy(&hw->hbuf[1], LLADDR(sa), sa->sdl_alen);
break;
#endif /* IFT_FDDI */
default:
log_fatal("Unsupported device type %d for \"%s\"",
sa->sdl_type, name);
-diff -up dhcp-4.2.0-P1/common/lpf.c.PPP dhcp-4.2.0-P1/common/lpf.c
---- dhcp-4.2.0-P1/common/lpf.c.PPP 2010-11-05 10:47:37.000000000 +0100
-+++ dhcp-4.2.0-P1/common/lpf.c 2010-11-09 15:45:40.000000000 +0100
-@@ -502,6 +502,22 @@ get_hw_addr(const char *name, struct har
+diff -up dhcp-4.3.1b1/common/lpf.c.mRfpsB dhcp-4.3.1b1/common/lpf.c
+--- dhcp-4.3.1b1/common/lpf.c.mRfpsB 2014-07-10 17:39:25.744765404 +0200
++++ dhcp-4.3.1b1/common/lpf.c 2014-07-10 17:48:03.797424616 +0200
+@@ -511,6 +511,22 @@ get_hw_addr(const char *name, struct har
hw->hbuf[0] = HTYPE_FDDI;
- memcpy(&hw->hbuf[1], sa->sa_data, 16);
+ memcpy(&hw->hbuf[1], sa->sa_data, 6);
break;
+#if defined(ARPHRD_PPP)
+ case ARPHRD_PPP:
default:
log_fatal("Unsupported device type %ld for \"%s\"",
(long int)sa->sa_family, name);
-diff -up dhcp-4.2.0-P1/includes/dhcpd.h.PPP dhcp-4.2.0-P1/includes/dhcpd.h
---- dhcp-4.2.0-P1/includes/dhcpd.h.PPP 2010-11-05 10:47:37.000000000 +0100
-+++ dhcp-4.2.0-P1/includes/dhcpd.h 2010-11-09 15:46:58.000000000 +0100
-@@ -2733,7 +2733,7 @@ void dhcpv4_client_assignments(void);
- void dhcpv6_client_assignments(void);
+diff -up dhcp-4.3.1b1/includes/dhcpd.h.mRfpsB dhcp-4.3.1b1/includes/dhcpd.h
+--- dhcp-4.3.1b1/includes/dhcpd.h.mRfpsB 2014-07-10 17:48:03.761425124 +0200
++++ dhcp-4.3.1b1/includes/dhcpd.h 2014-07-10 17:48:03.798424601 +0200
+@@ -2839,7 +2839,7 @@ void client_dns_remove(struct client_sta
- /* dhc6.c */
+ void dhcpv4_client_assignments(void);
+ void dhcpv6_client_assignments(void);
-void form_duid(struct data_string *duid, const char *file, int line);
+isc_result_t form_duid(struct data_string *duid, const char *file, int line);
+
+ /* dhc6.c */
void dhc6_lease_destroy(struct dhc6_lease **src, const char *file, int line);
- void start_init6(struct client_state *client);
- void start_info_request6(struct client_state *client);
-diff -up dhcp-4.2.0-P1/includes/dhcp.h.PPP dhcp-4.2.0-P1/includes/dhcp.h
---- dhcp-4.2.0-P1/includes/dhcp.h.PPP 2010-11-05 10:47:37.000000000 +0100
-+++ dhcp-4.2.0-P1/includes/dhcp.h 2010-11-09 15:48:53.000000000 +0100
-@@ -80,6 +80,8 @@ struct dhcp_packet {
- #define HTYPE_IEEE802 6 /* IEEE 802.2 Token Ring... */
- #define HTYPE_FDDI 8 /* FDDI... */
+diff -up dhcp-4.3.1b1/includes/dhcp.h.mRfpsB dhcp-4.3.1b1/includes/dhcp.h
+--- dhcp-4.3.1b1/includes/dhcp.h.mRfpsB 2014-07-10 17:48:03.761425124 +0200
++++ dhcp-4.3.1b1/includes/dhcp.h 2014-07-10 17:48:03.798424601 +0200
+@@ -81,6 +81,8 @@ struct dhcp_packet {
+ * is no standard for this so we
+ * just steal a type */
-+#define HTYPE_RESERVED 0 /* RFC 5494 */
++#define HTYPE_RESERVED 0 /* RFC 5494 */
+
/* Magic cookie validating dhcp options field (and bootp vendor
extensions field). */
#define DHCP_OPTIONS_COOKIE "\143\202\123\143"
-diff -up dhcp-4.2.0-P1/server/dhcpv6.c.PPP dhcp-4.2.0-P1/server/dhcpv6.c
---- dhcp-4.2.0-P1/server/dhcpv6.c.PPP 2010-11-05 10:47:37.000000000 +0100
-+++ dhcp-4.2.0-P1/server/dhcpv6.c 2010-11-09 15:50:17.000000000 +0100
-@@ -300,6 +300,9 @@ generate_new_server_duid(void) {
+diff -up dhcp-4.3.1b1/server/dhcpv6.c.mRfpsB dhcp-4.3.1b1/server/dhcpv6.c
+--- dhcp-4.3.1b1/server/dhcpv6.c.mRfpsB 2014-07-10 17:47:31.464881409 +0200
++++ dhcp-4.3.1b1/server/dhcpv6.c 2014-07-10 17:48:03.800424573 +0200
+@@ -330,6 +330,9 @@ generate_new_server_duid(void) {
if (p->hw_address.hlen > 0) {
break;
}
-diff -up dhcp-4.2.0/server/dhcpv6.c.UseMulticast dhcp-4.2.0/server/dhcpv6.c
---- dhcp-4.2.0/server/dhcpv6.c.UseMulticast 2010-06-01 19:30:00.000000000 +0200
-+++ dhcp-4.2.0/server/dhcpv6.c 2010-07-21 16:17:30.000000000 +0200
-@@ -346,6 +346,48 @@ generate_new_server_duid(void) {
+diff -up dhcp-4.3.1b1/server/dhcpv6.c.UseMulticast dhcp-4.3.1b1/server/dhcpv6.c
+--- dhcp-4.3.1b1/server/dhcpv6.c.UseMulticast 2014-07-02 19:58:40.000000000 +0200
++++ dhcp-4.3.1b1/server/dhcpv6.c 2014-07-10 18:20:03.066256219 +0200
+@@ -376,6 +376,48 @@ generate_new_server_duid(void) {
}
/*
+ }
+
+ execute_statements_in_scope(NULL, NULL, NULL, NULL, NULL,
-+ opt_state, &global_scope, root_group, NULL);
++ opt_state, &global_scope, root_group, NULL, NULL);
+
+ oc = lookup_option(&dhcpv6_universe, opt_state, D6O_UNICAST);
+ unicast_option_defined = (oc != NULL);
* Get the client identifier from the packet.
*/
isc_result_t
-@@ -1405,6 +1447,56 @@ lease_to_client(struct data_string *repl
- reply.shared->group);
+@@ -706,6 +748,12 @@ static const int required_opts[] = {
+ D6O_PREFERENCE,
+ 0
+ };
++static const int required_opts_NAA[] = {
++ D6O_CLIENTID,
++ D6O_SERVERID,
++ D6O_STATUS_CODE,
++ 0
++};
+ static const int required_opts_solicit[] = {
+ D6O_CLIENTID,
+ D6O_SERVERID,
+@@ -1587,6 +1635,56 @@ lease_to_client(struct data_string *repl
+ reply.shared->group, NULL);
}
+ /* reject unicast message, unless we set unicast option */
+ reply.opt_state, reply.packet,
+ required_opts_NAA,
+ NULL);
-+ } else if (no_resources_avail && (reply.ia_count != 0) &&
-+ (reply.packet->dhcpv6_msg_type == DHCPV6_SOLICIT))
++ }
++
/*
* RFC3315 section 17.2.2 (Solicit):
*
-@@ -1429,8 +1521,6 @@ lease_to_client(struct data_string *repl
- * the server.
- * Sends a Renew/Rebind if the IA is not in the Reply message.
+@@ -1619,6 +1717,7 @@ lease_to_client(struct data_string *repl
+ * Having stored the client's IA's, store any options that
+ * will fit in the remaining space.
*/
-- if (no_resources_avail && (reply.ia_count != 0) &&
-- (reply.packet->dhcpv6_msg_type == DHCPV6_SOLICIT))
- {
- /* Set the NoAddrsAvail status code. */
- if (!set_status_code(STATUS_NoAddrsAvail,
-@@ -4128,7 +4218,6 @@ dhcpv6_solicit(struct data_string *reply
++ else
+ reply.cursor += store_options6((char *)reply.buf.data + reply.cursor,
+ sizeof(reply.buf) - reply.cursor,
+ reply.opt_state, reply.packet,
+@@ -4748,7 +4847,6 @@ dhcpv6_solicit(struct data_string *reply
* Very similar to Solicit handling, except the server DUID is required.
*/
static void
dhcpv6_request(struct data_string *reply_ret, struct packet *packet) {
struct data_string client_id;
-@@ -4443,7 +4532,6 @@ exit:
+@@ -5078,7 +5176,6 @@ exit:
* except for the error code of when addresses don't match.
*/
static void
dhcpv6_renew(struct data_string *reply, struct packet *packet) {
struct data_string client_id;
-@@ -4688,18 +4776,60 @@ iterate_over_ia_na(struct data_string *r
+@@ -5322,18 +5419,60 @@ iterate_over_ia_na(struct data_string *r
goto exit;
}
/*
* Loop through the IA_NA reported by the client, and deal with
-@@ -4838,6 +4968,7 @@ iterate_over_ia_na(struct data_string *r
+@@ -5471,6 +5610,7 @@ iterate_over_ia_na(struct data_string *r
/*
* Return our reply to the caller.
*/
reply_ret->len = reply_ofs;
reply_ret->buffer = NULL;
if (!buffer_allocate(&reply_ret->buffer, reply_ofs, MDL)) {
-@@ -4883,7 +5014,6 @@ exit:
+@@ -5516,7 +5656,6 @@ exit:
* we still need to be aware of this possibility.
*/
/* TODO: IA_TA */
static void
dhcpv6_decline(struct data_string *reply, struct packet *packet) {
-@@ -5355,7 +5485,6 @@ exit:
+@@ -5986,7 +6125,6 @@ exit:
* Release means a client is done with the leases.
*/
--- /dev/null
+diff -up dhcp-4.3.0a1/common/dispatch.c.dracut dhcp-4.3.0a1/common/dispatch.c
+--- dhcp-4.3.0a1/common/dispatch.c.dracut 2013-12-11 01:25:12.000000000 +0100
++++ dhcp-4.3.0a1/common/dispatch.c 2013-12-19 15:39:50.350505860 +0100
+@@ -210,6 +210,10 @@ void add_timeout (when, where, what, ref
+ isc_interval_t interval;
+ isc_time_t expires;
+
++ if (when == NULL) {
++ return;
++ }
++
+ /* See if this timeout supersedes an existing timeout. */
+ t = (struct timeout *)0;
+ for (q = timeouts; q; q = q->next) {
-diff -up dhcp-4.2.2b1/client/dhclient.8.capability dhcp-4.2.2b1/client/dhclient.8
---- dhcp-4.2.2b1/client/dhclient.8.capability 2011-07-01 15:09:06.603784531 +0200
-+++ dhcp-4.2.2b1/client/dhclient.8 2011-07-01 15:09:06.663783913 +0200
-@@ -118,6 +118,9 @@ dhclient - Dynamic Host Configuration Pr
+diff -up dhcp-4.3.1b1/client/dhclient.8.zzftXp dhcp-4.3.1b1/client/dhclient.8
+--- dhcp-4.3.1b1/client/dhclient.8.zzftXp 2014-07-10 17:38:26.938599402 +0200
++++ dhcp-4.3.1b1/client/dhclient.8 2014-07-10 17:39:25.852763873 +0200
+@@ -128,6 +128,9 @@ dhclient - Dynamic Host Configuration Pr
.B -w
]
[
.B -B
]
[
-@@ -296,6 +299,32 @@ has been added or removed, so that the c
+@@ -304,6 +307,32 @@ has been added or removed, so that the c
address on that interface.
.TP
.BI \-B
Set the BOOTP broadcast flag in request packets so servers will always
broadcast replies.
-diff -up dhcp-4.2.2b1/client/dhclient.c.capability dhcp-4.2.2b1/client/dhclient.c
---- dhcp-4.2.2b1/client/dhclient.c.capability 2011-07-01 15:09:06.644784107 +0200
-+++ dhcp-4.2.2b1/client/dhclient.c 2011-07-01 15:09:06.664783903 +0200
+diff -up dhcp-4.3.1b1/client/dhclient.c.zzftXp dhcp-4.3.1b1/client/dhclient.c
+--- dhcp-4.3.1b1/client/dhclient.c.zzftXp 2014-07-10 17:39:25.797764653 +0200
++++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:39:25.853763858 +0200
@@ -39,6 +39,10 @@
#include <limits.h>
#include <dns/result.h>
/*
* Defined in stdio.h when _GNU_SOURCE is set, but we don't want to define
* that when building ISC code.
-@@ -141,6 +145,9 @@ main(int argc, char **argv) {
+@@ -143,6 +147,9 @@ main(int argc, char **argv) {
int timeout_arg = 0;
char *arg_conf = NULL;
int arg_conf_len = 0;
/* Initialize client globals. */
memset(&default_duid, 0, sizeof(default_duid));
-@@ -410,6 +417,10 @@ main(int argc, char **argv) {
+@@ -425,6 +432,10 @@ main(int argc, char **argv) {
}
dhclient_request_options = argv[i];
} else if (argv[i][0] == '-') {
usage();
} else if (interfaces_requested < 0) {
-@@ -458,6 +469,19 @@ main(int argc, char **argv) {
+@@ -473,6 +484,19 @@ main(int argc, char **argv) {
path_dhclient_script = s;
}
/* Set up the initial dhcp option universe. */
initialize_common_option_spaces();
-diff -up dhcp-4.2.2b1/client/dhclient-script.8.capability dhcp-4.2.2b1/client/dhclient-script.8
---- dhcp-4.2.2b1/client/dhclient-script.8.capability 2011-07-01 15:09:06.604784521 +0200
-+++ dhcp-4.2.2b1/client/dhclient-script.8 2011-07-01 15:09:06.666783883 +0200
-@@ -239,6 +239,16 @@ repeatedly initialized to the values pro
+diff -up dhcp-4.3.1b1/client/dhclient-script.8.zzftXp dhcp-4.3.1b1/client/dhclient-script.8
+--- dhcp-4.3.1b1/client/dhclient-script.8.zzftXp 2014-07-10 17:39:25.761765163 +0200
++++ dhcp-4.3.1b1/client/dhclient-script.8 2014-07-10 17:39:25.851763887 +0200
+@@ -243,6 +243,16 @@ repeatedly initialized to the values pro
the other. Assuming the information provided by both servers is
valid, this shouldn't cause any real problems, but it could be
confusing.
.SH SEE ALSO
dhclient(8), dhcpd(8), dhcrelay(8), dhclient.conf(5) and
dhclient.leases(5).
-diff -up dhcp-4.2.2b1/client/Makefile.am.capability dhcp-4.2.2b1/client/Makefile.am
---- dhcp-4.2.2b1/client/Makefile.am.capability 2011-07-01 15:09:06.526785327 +0200
-+++ dhcp-4.2.2b1/client/Makefile.am 2011-07-01 15:09:06.667783873 +0200
-@@ -5,7 +5,7 @@ dhclient_SOURCES = clparse.c dhclient.c
+diff -up dhcp-4.3.1b1/client/Makefile.am.zzftXp dhcp-4.3.1b1/client/Makefile.am
+--- dhcp-4.3.1b1/client/Makefile.am.zzftXp 2014-07-10 17:38:10.778828583 +0200
++++ dhcp-4.3.1b1/client/Makefile.am 2014-07-10 17:39:25.851763887 +0200
+@@ -10,7 +10,7 @@ dhclient_SOURCES = clparse.c dhclient.c
+ scripts/bsdos scripts/freebsd scripts/linux scripts/macos \
scripts/netbsd scripts/nextstep scripts/openbsd \
scripts/solaris scripts/openwrt
- dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-- $(BIND9_LIBDIR) -ldns-export -lisc-export
-+ $(BIND9_LIBDIR) -ldns-export -lisc-export $(CAPNG_LDADD)
+-dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
++dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.la $(CAPNG_LDADD) \
+ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
EXTRA_DIST = $(man_MANS)
-
-diff -up dhcp-4.2.2b1/configure.ac.capability dhcp-4.2.2b1/configure.ac
---- dhcp-4.2.2b1/configure.ac.capability 2011-07-01 15:09:06.527785317 +0200
-+++ dhcp-4.2.2b1/configure.ac 2011-07-01 15:09:06.667783873 +0200
-@@ -449,6 +449,41 @@ AC_TRY_LINK(
+diff -up dhcp-4.3.1b1/configure.ac.zzftXp dhcp-4.3.1b1/configure.ac
+--- dhcp-4.3.1b1/configure.ac.zzftXp 2014-07-10 17:38:10.779828569 +0200
++++ dhcp-4.3.1b1/configure.ac 2014-07-10 17:39:25.854763844 +0200
+@@ -499,6 +499,41 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]],
# Look for optional headers.
AC_CHECK_HEADERS(sys/socket.h net/if_dl.h net/if6.h regex.h)
# Solaris needs some libraries for functions
AC_SEARCH_LIBS(socket, [socket])
AC_SEARCH_LIBS(inet_ntoa, [nsl])
-diff -up dhcp-4.2.2b1/relay/dhcrelay.c.capability dhcp-4.2.2b1/relay/dhcrelay.c
---- dhcp-4.2.2b1/relay/dhcrelay.c.capability 2011-07-01 15:09:06.626784295 +0200
-+++ dhcp-4.2.2b1/relay/dhcrelay.c 2011-07-01 15:12:05.362223794 +0200
-@@ -36,6 +36,11 @@
- #include <syslog.h>
+diff -up dhcp-4.3.1b1/relay/dhcrelay.c.zzftXp dhcp-4.3.1b1/relay/dhcrelay.c
+--- dhcp-4.3.1b1/relay/dhcrelay.c.zzftXp 2014-07-10 17:39:25.799764624 +0200
++++ dhcp-4.3.1b1/relay/dhcrelay.c 2014-07-10 17:40:19.191007421 +0200
+@@ -31,6 +31,11 @@
+ #include <signal.h>
#include <sys/time.h>
+#ifdef HAVE_LIBCAP_NG
TIME default_lease_time = 43200; /* 12 hours... */
TIME max_lease_time = 86400; /* 24 hours... */
struct tree_cache *global_options[256];
-@@ -356,6 +361,10 @@ main(int argc, char **argv) {
- sl->next = upstreams;
- upstreams = sl;
+@@ -376,6 +381,10 @@ main(int argc, char **argv) {
+ usage();
+ dhcrelay_sub_id = argv[i];
#endif
+ } else if (!strcmp(argv[i], "-nc")) {
+#ifdef HAVE_LIBCAP_NG
} else if (!strcmp(argv[i], "-pf")) {
if (++i == argc)
usage();
-@@ -426,6 +435,17 @@ main(int argc, char **argv) {
+@@ -446,6 +455,17 @@ main(int argc, char **argv) {
#endif
}
if (!quiet) {
log_info("%s %s", message, PACKAGE_VERSION);
log_info(copyright);
-@@ -573,6 +593,15 @@ main(int argc, char **argv) {
- dhcpv6_packet_handler = do_packet6;
+@@ -598,6 +618,15 @@ main(int argc, char **argv) {
+ signal(SIGTERM, dhcp_signal_handler); /* kill */
#endif
+#ifdef HAVE_LIBCAP_NG
/* Start dispatching packets and timeouts... */
dispatch();
-diff -up dhcp-4.2.2b1/relay/Makefile.am.capability dhcp-4.2.2b1/relay/Makefile.am
---- dhcp-4.2.2b1/relay/Makefile.am.capability 2011-07-01 15:09:06.546785121 +0200
-+++ dhcp-4.2.2b1/relay/Makefile.am 2011-07-01 15:09:06.670783841 +0200
-@@ -3,7 +3,7 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst
+diff -up dhcp-4.3.1b1/relay/Makefile.am.zzftXp dhcp-4.3.1b1/relay/Makefile.am
+--- dhcp-4.3.1b1/relay/Makefile.am.zzftXp 2014-07-10 17:38:10.780828554 +0200
++++ dhcp-4.3.1b1/relay/Makefile.am 2014-07-10 17:39:25.854763844 +0200
+@@ -2,7 +2,7 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst
+
sbin_PROGRAMS = dhcrelay
dhcrelay_SOURCES = dhcrelay.c
- dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-- $(BIND9_LIBDIR) -ldns-export -lisc-export
-+ $(BIND9_LIBDIR) -ldns-export -lisc-export $(CAPNG_LDADD)
+-dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
++dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.la $(CAPNG_LDADD) \
+ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
man_MANS = dhcrelay.8
EXTRA_DIST = $(man_MANS)
-
-diff -up dhcp-4.2.2b1/server/dhcpd.c.capability dhcp-4.2.2b1/server/dhcpd.c
---- dhcp-4.2.2b1/server/dhcpd.c.capability 2011-07-01 15:09:06.636784192 +0200
-+++ dhcp-4.2.2b1/server/dhcpd.c 2011-07-01 15:09:06.670783841 +0200
-@@ -58,6 +58,11 @@ static const char url [] =
- # undef group
- #endif /* PARANOIA */
-
-+#ifdef HAVE_LIBCAP_NG
-+# include <cap-ng.h>
-+ int keep_capabilities = 0;
-+#endif
-+
- static void usage(void);
-
- struct iaddr server_identifier;
-@@ -403,6 +408,10 @@ main(int argc, char **argv) {
- traceinfile = argv [i];
- trace_replay_init ();
- #endif /* TRACING */
-+ } else if (!strcmp(argv[i], "-nc")) {
-+#ifdef HAVE_LIBCAP_NG
-+ keep_capabilities = 1;
-+#endif
- } else if (argv [i][0] == '-') {
- usage ();
- } else {
-@@ -459,6 +468,17 @@ main(int argc, char **argv) {
- }
- #endif /* DHCPv6 */
-
-+#ifdef HAVE_LIBCAP_NG
-+ /* Drop capabilities */
-+ if (!keep_capabilities) {
-+ capng_clear(CAPNG_SELECT_BOTH);
-+ capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED,
-+ CAP_NET_RAW, CAP_NET_BIND_SERVICE, CAP_SYS_CHROOT, CAP_SETUID, CAP_SETGID, -1);
-+ capng_apply(CAPNG_SELECT_BOTH);
-+ log_info ("Dropped all unnecessary capabilities.");
-+ }
-+#endif
-+
- /*
- * convert relative path names to absolute, for files that need
- * to be reopened after chdir() has been called
-@@ -859,6 +879,15 @@ main(int argc, char **argv) {
- omapi_set_int_value ((omapi_object_t *)dhcp_control_object,
- (omapi_object_t *)0, "state", server_running);
-
-+#ifdef HAVE_LIBCAP_NG
-+ /* Drop all capabilities */
-+ if (!keep_capabilities) {
-+ capng_clear(CAPNG_SELECT_BOTH);
-+ capng_apply(CAPNG_SELECT_BOTH);
-+ log_info ("Dropped all capabilities.");
-+ }
-+#endif
-+
- /* Receive packets and dispatch them... */
- dispatch ();
-
-diff -up dhcp-4.2.2b1/server/Makefile.am.capability dhcp-4.2.2b1/server/Makefile.am
---- dhcp-4.2.2b1/server/Makefile.am.capability 2011-07-01 15:09:06.546785121 +0200
-+++ dhcp-4.2.2b1/server/Makefile.am 2011-07-01 15:09:06.671783830 +0200
-@@ -8,7 +8,8 @@ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c c
-
- dhcpd_CFLAGS = $(LDAP_CFLAGS)
- dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-- ../dhcpctl/libdhcpctl.a $(BIND9_LIBDIR) -ldns-export -lisc-export
-+ ../dhcpctl/libdhcpctl.a $(BIND9_LIBDIR) -ldns-export -lisc-export \
-+ $(CAPNG_LDADD)
-
- man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
- EXTRA_DIST = $(man_MANS)
-diff -up dhcp-4.2.0/client/clparse.c.requested dhcp-4.2.0/client/clparse.c
---- dhcp-4.2.0/client/clparse.c.requested 2010-07-21 13:29:05.000000000 +0200
-+++ dhcp-4.2.0/client/clparse.c 2010-07-21 13:50:29.000000000 +0200
+diff -up dhcp-4.3.0a1/client/clparse.c.requested dhcp-4.3.0a1/client/clparse.c
+--- dhcp-4.3.0a1/client/clparse.c.requested 2013-12-19 15:13:27.276631307 +0100
++++ dhcp-4.3.0a1/client/clparse.c 2013-12-19 15:13:27.313630789 +0100
@@ -37,7 +37,7 @@
struct client_config top_level_config;
struct option *default_requested_options[NUM_DEFAULT_REQUESTED_OPTS + 1];
static void parse_client_default_duid(struct parse *cfile);
-@@ -111,6 +111,31 @@ isc_result_t read_client_conf ()
+@@ -119,6 +119,31 @@ isc_result_t read_client_conf ()
option_code_hash_lookup(&default_requested_options[8],
dhcpv6_universe.code_hash, &code, 0, MDL);
-diff -up dhcp-4.2.0/client/dhclient.c.backoff dhcp-4.2.0/client/dhclient.c
---- dhcp-4.2.0/client/dhclient.c.backoff 2010-07-21 13:37:03.000000000 +0200
-+++ dhcp-4.2.0/client/dhclient.c 2010-07-21 13:38:31.000000000 +0200
-@@ -1208,6 +1208,8 @@ void state_init (cpp)
+diff -up dhcp-4.3.1b1/client/dhclient.c.JwFUZj dhcp-4.3.1b1/client/dhclient.c
+--- dhcp-4.3.1b1/client/dhclient.c.JwFUZj 2014-07-10 17:38:50.511265091 +0200
++++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:39:16.164901267 +0200
+@@ -1281,6 +1281,8 @@ void state_init (cpp)
void *cpp;
{
struct client_state *client = cpp;
ASSERT_STATE(state, S_INIT);
-@@ -1220,9 +1222,18 @@ void state_init (cpp)
+@@ -1293,9 +1295,18 @@ void state_init (cpp)
client -> first_sending = cur_time;
client -> interval = client -> config -> initial_interval;
}
/*
-@@ -1501,6 +1512,7 @@ void bind_lease (client)
- send_decline (client);
- destroy_client_lease (client -> new);
- client -> new = (struct client_lease *)0;
-+ client -> state = S_DECLINED;
- state_init (client);
- return;
- }
-@@ -3711,6 +3723,7 @@ void client_location_changed ()
+@@ -1592,6 +1603,7 @@ void bind_lease (client)
+ "try (declined). Exiting.");
+ exit(2);
+ } else {
++ client -> state = S_DECLINED;
+ state_init(client);
+ return;
+ }
+@@ -4059,6 +4071,7 @@ void client_location_changed ()
case S_INIT:
case S_REBINDING:
case S_STOPPED:
break;
}
client -> state = S_INIT;
-diff -up dhcp-4.2.0/includes/dhcpd.h.backoff dhcp-4.2.0/includes/dhcpd.h
---- dhcp-4.2.0/includes/dhcpd.h.backoff 2010-07-21 13:29:05.000000000 +0200
-+++ dhcp-4.2.0/includes/dhcpd.h 2010-07-21 13:38:31.000000000 +0200
-@@ -1056,7 +1056,8 @@ enum dhcp_state {
+diff -up dhcp-4.3.1b1/includes/dhcpd.h.JwFUZj dhcp-4.3.1b1/includes/dhcpd.h
+--- dhcp-4.3.1b1/includes/dhcpd.h.JwFUZj 2014-07-10 17:38:26.941599360 +0200
++++ dhcp-4.3.1b1/includes/dhcpd.h 2014-07-10 17:38:50.526264878 +0200
+@@ -1087,7 +1087,8 @@ enum dhcp_state {
S_BOUND = 5,
S_RENEWING = 6,
S_REBINDING = 7,
-diff -up dhcp-4.2.2b1/client/clparse.c.options dhcp-4.2.2b1/client/clparse.c
---- dhcp-4.2.2b1/client/clparse.c.options 2011-04-21 16:08:14.000000000 +0200
-+++ dhcp-4.2.2b1/client/clparse.c 2011-07-01 13:51:52.935755570 +0200
-@@ -146,6 +146,7 @@ isc_result_t read_client_conf ()
+diff -up dhcp-4.3.1b1/client/clparse.c.fLPqYB dhcp-4.3.1b1/client/clparse.c
+--- dhcp-4.3.1b1/client/clparse.c.fLPqYB 2014-07-02 19:58:38.000000000 +0200
++++ dhcp-4.3.1b1/client/clparse.c 2014-07-10 17:38:26.938599402 +0200
+@@ -148,6 +148,7 @@ isc_result_t read_client_conf ()
/* Requested lease time, used by DHCPv6 (DHCPv4 uses the option cache)
*/
top_level_config.requested_lease = 7200;
group_allocate (&top_level_config.on_receipt, MDL);
if (!top_level_config.on_receipt)
-@@ -313,7 +314,8 @@ void read_client_leases ()
+@@ -353,7 +354,8 @@ void read_client_leases ()
interface-declaration |
LEASE client-lease-statement |
ALIAS client-lease-statement |
void parse_client_statement (cfile, ip, config)
struct parse *cfile;
-@@ -732,6 +734,12 @@ void parse_client_statement (cfile, ip,
+@@ -771,6 +773,12 @@ void parse_client_statement (cfile, ip,
parse_reject_statement (cfile, config);
return;
default:
lose = 0;
stmt = (struct executable_statement *)0;
-diff -up dhcp-4.2.2b1/client/dhclient.c.options dhcp-4.2.2b1/client/dhclient.c
---- dhcp-4.2.2b1/client/dhclient.c.options 2011-05-11 16:20:59.000000000 +0200
-+++ dhcp-4.2.2b1/client/dhclient.c 2011-07-01 13:51:52.936755545 +0200
+diff -up dhcp-4.3.1b1/client/dhclient.8.fLPqYB dhcp-4.3.1b1/client/dhclient.8
+--- dhcp-4.3.1b1/client/dhclient.8.fLPqYB 2014-07-02 19:58:38.000000000 +0200
++++ dhcp-4.3.1b1/client/dhclient.8 2014-07-10 17:38:26.938599402 +0200
+@@ -128,6 +128,33 @@ dhclient - Dynamic Host Configuration Pr
+ .B -w
+ ]
+ [
++.B -B
++]
++[
++.B -C
++.I dhcp-client-identifier
++]
++[
++.B -H
++.I host-name
++]
++[
++.B -F
++.I fqdn.fqdn
++]
++[
++.B -V
++.I vendor-class-identifier
++]
++[
++.B -R
++.I request-option-list
++]
++[
++.B -timeout
++.I timeout
++]
++[
+ .B -v
+ ]
+ [
+@@ -275,6 +302,69 @@ not to exit when it doesn't find any suc
+ program can then be used to notify the client when a network interface
+ has been added or removed, so that the client can attempt to configure an IP
+ address on that interface.
++
++.TP
++.BI \-B
++Set the BOOTP broadcast flag in request packets so servers will always
++broadcast replies.
++
++.TP
++.BI \-C\ <dhcp-client-identifier>
++Specify the dhcp-client-identifier option to send to the DHCP server.
++
++.TP
++.BI \-H\ <host-name>
++Specify the host-name option to send to the DHCP server. The host-name
++string only contains the client's hostname prefix, to which the server will
++append the ddns-domainname or domain-name options, if any, to derive the
++fully qualified domain name of the client. The
++.B -H
++option cannot be used with the
++.B -F
++option.
++
++.TP
++.BI \-F\ <fqdn.fqdn>
++Specify the fqdn.fqdn option to send to the DHCP server. This option cannot
++be used with the
++.B -H
++option. The fqdn.fqdn option must specify the complete domain name of the
++client host, which the server may use for dynamic DNS updates.
++
++.TP
++.BI \-V\ <vendor-class-identifier>
++Specify the vendor-class-identifier option to send to the DHCP server.
++
++.TP
++.BI \-R\ <option>[,<option>...]
++Specify the list of options the client is to request from the server. The
++option list must be a single string consisting of option names separated
++by at least one command and optional space characters. The default option
++list is:
++
++.BR
++ subnet-mask, broadcast-address, time-offset, routers,
++.BR
++ domain-search, domain-name, domain-name-servers, host-name,
++.BR
++ nis-domain, nis-servers, ntp-servers, interface-mtu
++
++.TP
++.B -R
++option does not append options to the default request, it overrides the
++default request list. Keep this in mind if you want to request an
++additional option besides the default request list. You will have to
++specify all option names for the
++.B -R
++parameter.
++
++.TP
++.BI \-timeout\ <timeout>
++Specify the time after which
++.B dhclient
++will decide that no DHCP servers can be contacted when no responses have been
++received.
++
+ .TP
+ .BI \-n
+ Do not configure any interfaces. This is most likely to be useful in
+diff -up dhcp-4.3.1b1/client/dhclient.c.fLPqYB dhcp-4.3.1b1/client/dhclient.c
+--- dhcp-4.3.1b1/client/dhclient.c.fLPqYB 2014-07-02 19:58:38.000000000 +0200
++++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:38:44.520350055 +0200
@@ -39,6 +39,12 @@
#include <limits.h>
#include <dns/result.h>
TIME default_lease_time = 43200; /* 12 hours... */
TIME max_lease_time = 86400; /* 24 hours... */
-@@ -87,6 +93,9 @@ int wanted_ia_na = -1; /* the absolute
+@@ -88,6 +94,9 @@ int wanted_ia_na = -1; /* the absolute
int wanted_ia_ta = 0;
int wanted_ia_pd = 0;
char *mockup_relay = NULL;
+int bootp_broadcast_always = 0;
+
-+extern u_int32_t default_requested_options[];
++extern struct option *default_requested_options[];
void run_stateless(int exit_mode);
-@@ -123,6 +132,15 @@ main(int argc, char **argv) {
+@@ -125,6 +134,15 @@ main(int argc, char **argv) {
int local_family_set = 0;
#endif /* DHCPv6 */
char *s;
/* Initialize client globals. */
memset(&default_duid, 0, sizeof(default_duid));
-@@ -310,6 +328,88 @@ main(int argc, char **argv) {
- } else if (!strcmp(argv[i], "--version")) {
- log_info("isc-dhclient-%s", PACKAGE_VERSION);
+@@ -325,6 +343,88 @@ main(int argc, char **argv) {
+ strlen(PACKAGE_VERSION)));
+ IGNORE_RET(write(STDERR_FILENO, "\n", 1));
exit(0);
-+ } else if (!strcmp(argv[i], "-I")) {
++ } else if (!strcmp(argv[i], "-C")) {
+ if ((++i == argc) || (argv[i] == NULL) || (*(argv[i])=='\0')) {
+ usage();
+ exit(1);
+ }
+
+ if (strlen(argv[i]) >= DHCP_MAX_OPTION_LEN) {
-+ log_error("-I option dhcp-client-identifier string \"%s\" is too long - maximum length is: %d", argv[i], DHCP_MAX_OPTION_LEN-1);
++ log_error("-C option dhcp-client-identifier string \"%s\" is too long - maximum length is: %d", argv[i], DHCP_MAX_OPTION_LEN-1);
+ exit(1);
+ }
+
+ }
+
+ if ((timeout_arg = atoi(argv[i])) <= 0) {
-+ log_error("-T timeout option must be > 0 - bad value: %s",argv[i]);
++ log_error("timeout option must be > 0 - bad value: %s",argv[i]);
+ exit(1);
+ }
+ } else if (!strcmp(argv[i], "-V")) {
} else if (argv[i][0] == '-') {
usage();
} else if (interfaces_requested < 0) {
-@@ -484,6 +584,166 @@ main(int argc, char **argv) {
+@@ -507,6 +607,156 @@ main(int argc, char **argv) {
/* Parse the dhclient.conf file. */
read_client_conf();
+ arg_conf_len = asprintf(&arg_conf, "send dhcp-client-identifier \"%s\";", dhcp_client_identifier_arg);
+
+ if ((arg_conf == 0) || (arg_conf_len <= 0))
-+ log_fatal("Unable to send -I option dhcp-client-identifier");
++ log_fatal("Unable to send -C option dhcp-client-identifier");
+ }
+
+ if ((dhcp_host_name_arg != NULL) && (*dhcp_host_name_arg != '\0')) {
+ if (arg_conf_len == 0)
+ if ((arg_conf_len = strlen(arg_conf)) == 0)
+ /* huh ? cannot happen ! */
-+ log_fatal("Unable to process -I/-H/-F/-timeout/-V/-R configuration arguments");
++ log_fatal("Unable to process -C/-H/-F/-timeout/-V/-R configuration arguments");
+
+ /* parse the extra dhclient.conf configuration arguments
+ * into top level config: */
+ const char *val = NULL;
+ int token;
+
-+ status = new_parse(&cfile, -1, arg_conf, arg_conf_len, "extra dhclient -I/-H/-F/-timeout/-V/-R configuration arguments", 0);
++ status = new_parse(&cfile, -1, arg_conf, arg_conf_len, "extra dhclient -C/-H/-F/-timeout/-V/-R configuration arguments", 0);
+
+ if ((status != ISC_R_SUCCESS) || (cfile -> warnings_occurred))
-+ log_fatal("Cannot parse -I/-H/-F/-timeout/-V/-R configuration arguments !");
++ log_fatal("Cannot parse -C/-H/-F/-timeout/-V/-R configuration arguments !");
+ /* more detailed parse failures will be logged */
+
+ do {
+ } while (1);
+
+ if (cfile -> warnings_occurred)
-+ log_fatal("Cannot parse -I/-H/-F/-timeout/-V/-R configuration arguments !");
++ log_fatal("Cannot parse -C/-H/-F/-timeout/-V/-R configuration arguments !");
+ end_parse(&cfile);
+
+ if (timeout_arg) {
+ /* we just set the toplevel timeout, but per-client
-+ * timeouts may still be at defaults. Also, it makes no
-+ * sense having the reboot_timeout or backoff_cutoff
-+ * greater than the timeout:
++ * timeouts may still be at defaults.
+ */
-+ if ((top_level_config.backoff_cutoff == 15) && (top_level_config.backoff_cutoff > (timeout_arg / 2)))
-+ top_level_config.backoff_cutoff = (((unsigned long)(timeout_arg / 2)) == 0) ? timeout_arg : (unsigned long)(timeout_arg / 2);
-+
+ for (ip=interfaces; ip; ip = ip->next) {
+ if (ip->client->config->timeout == 60)
+ ip->client->config->timeout = timeout_arg;
-+
-+ if ((ip->client->config->reboot_timeout == 10) && (ip->client->config->reboot_timeout > ip->client->config->timeout))
-+ ip->client->config->reboot_timeout = ip->client->config->timeout;
-+ if ((ip->client->config->backoff_cutoff == 15) && (ip->client->config->backoff_cutoff > top_level_config.backoff_cutoff))
-+ ip->client->config->backoff_cutoff = top_level_config.backoff_cutoff;
+ }
+ }
+
/* Parse the lease database. */
read_client_leases();
-@@ -2397,7 +2657,8 @@ void make_discover (client, lease)
+@@ -756,6 +1006,10 @@ static void usage()
+ " [-s server-addr] [-cf config-file]\n"
+ " [-df duid-file] [-lf lease-file]\n"
+ " [-pf pid-file] [--no-pid] [-e VAR=val]\n"
++ " [-C <dhcp-client-identifier>] [-B]\n"
++ " [-H <host-name> | -F <fqdn.fqdn>] [-timeout <timeout>]\n"
++ " [-V <vendor-class-identifier>]\n"
++ " [-R <request option list>]\n"
+ " [-sf script-file] [interface]");
+ }
+
+@@ -2531,7 +2785,8 @@ void make_discover (client, lease)
client -> packet.xid = random ();
client -> packet.secs = 0; /* filled in by send_discover. */
client -> packet.flags = 0;
else
client -> packet.flags = htons (BOOTP_BROADCAST);
-@@ -2481,7 +2742,9 @@ void make_request (client, lease)
+@@ -2615,7 +2870,9 @@ void make_request (client, lease)
} else {
memset (&client -> packet.ciaddr, 0,
sizeof client -> packet.ciaddr);
client -> packet.flags = 0;
else
client -> packet.flags = htons (BOOTP_BROADCAST);
-@@ -2543,7 +2806,8 @@ void make_decline (client, lease)
+@@ -2677,7 +2934,8 @@ void make_decline (client, lease)
client -> packet.hops = 0;
client -> packet.xid = client -> xid;
client -> packet.secs = 0; /* Filled in by send_request. */
client -> packet.flags = 0;
else
client -> packet.flags = htons (BOOTP_BROADCAST);
-diff -up dhcp-4.2.2b1/common/conflex.c.options dhcp-4.2.2b1/common/conflex.c
---- dhcp-4.2.2b1/common/conflex.c.options 2011-05-11 16:20:59.000000000 +0200
-+++ dhcp-4.2.2b1/common/conflex.c 2011-07-01 13:51:52.938755494 +0200
-@@ -808,6 +808,8 @@ intern(char *atom, enum dhcp_token dfv)
+diff -up dhcp-4.3.1b1/common/conflex.c.fLPqYB dhcp-4.3.1b1/common/conflex.c
+--- dhcp-4.3.1b1/common/conflex.c.fLPqYB 2014-07-02 19:58:38.000000000 +0200
++++ dhcp-4.3.1b1/common/conflex.c 2014-07-10 17:38:26.940599374 +0200
+@@ -811,6 +811,8 @@ intern(char *atom, enum dhcp_token dfv)
return BALANCE;
if (!strcasecmp (atom + 1, "ound"))
return BOUND;
break;
case 'c':
if (!strcasecmp(atom + 1, "ase"))
-diff -up dhcp-4.2.2b1/includes/dhcpd.h.options dhcp-4.2.2b1/includes/dhcpd.h
---- dhcp-4.2.2b1/includes/dhcpd.h.options 2011-05-20 16:21:11.000000000 +0200
-+++ dhcp-4.2.2b1/includes/dhcpd.h 2011-07-01 13:51:52.940755442 +0200
-@@ -1147,6 +1147,9 @@ struct client_config {
+diff -up dhcp-4.3.1b1/includes/dhcpd.h.fLPqYB dhcp-4.3.1b1/includes/dhcpd.h
+--- dhcp-4.3.1b1/includes/dhcpd.h.fLPqYB 2014-07-02 19:58:39.000000000 +0200
++++ dhcp-4.3.1b1/includes/dhcpd.h 2014-07-10 17:38:26.941599360 +0200
+@@ -1152,6 +1152,9 @@ struct client_config {
int do_forward_update; /* If nonzero, and if we have the
information we need, update the
A record for the address we get. */
};
/* Per-interface state used in the dhcp client... */
-diff -up dhcp-4.2.2b1/includes/dhctoken.h.options dhcp-4.2.2b1/includes/dhctoken.h
---- dhcp-4.2.2b1/includes/dhctoken.h.options 2011-05-12 14:02:47.000000000 +0200
-+++ dhcp-4.2.2b1/includes/dhctoken.h 2011-07-01 13:53:43.316861637 +0200
-@@ -361,7 +361,8 @@ enum dhcp_token {
- GETHOSTNAME = 662,
- REWIND = 663,
- INITIAL_DELAY = 664,
-- GETHOSTBYNAME = 665
-+ GETHOSTBYNAME = 665,
-+ BOOTP_BROADCAST_ALWAYS = 666
+diff -up dhcp-4.3.1b1/includes/dhctoken.h.fLPqYB dhcp-4.3.1b1/includes/dhctoken.h
+--- dhcp-4.3.1b1/includes/dhctoken.h.fLPqYB 2014-07-02 19:58:39.000000000 +0200
++++ dhcp-4.3.1b1/includes/dhctoken.h 2014-07-10 17:38:26.942599346 +0200
+@@ -367,7 +367,8 @@ enum dhcp_token {
+ TOKEN_INFINIBAND = 668,
+ POOL6 = 669,
+ V6RELAY = 670,
+- V6RELOPT = 671
++ V6RELOPT = 671,
++ BOOTP_BROADCAST_ALWAYS = 672
};
#define is_identifier(x) ((x) >= FIRST_TOKEN && \
--- /dev/null
+diff -up dhcp-4.3.0b1/omapip/errwarn.c.errwarn dhcp-4.3.0b1/omapip/errwarn.c
+--- dhcp-4.3.0b1/omapip/errwarn.c.errwarn 2014-01-21 09:31:47.301334249 +0100
++++ dhcp-4.3.0b1/omapip/errwarn.c 2014-01-21 09:33:20.569039072 +0100
+@@ -76,11 +76,13 @@ void log_fatal (const char * fmt, ... )
+ }
+
+ log_error ("%s", "");
+- log_error ("If you think you have received this message due to a bug rather");
+- log_error ("than a configuration issue please read the section on submitting");
+- log_error ("bugs on either our web page at www.isc.org or in the README file");
+- log_error ("before submitting a bug. These pages explain the proper");
+- log_error ("process and the information we find helpful for debugging..");
++ log_error ("This version of ISC DHCP is based on the release available");
++ log_error ("on ftp.isc.org. Features have been added and other changes");
++ log_error ("have been made to the base software release in order to make");
++ log_error ("it work better with this distribution.");
++ log_error ("%s", "");
++ log_error ("Please report for this software via the Red Hat Bugzilla site:");
++ log_error (" http://bugzilla.redhat.com");
+ log_error ("%s", "");
+ log_error ("exiting.");
+
--- /dev/null
+diff -up dhcp-4.3.0rc1/common/tables.c.garbage dhcp-4.3.0rc1/common/tables.c
+--- dhcp-4.3.0rc1/common/tables.c.garbage 2014-01-29 10:03:52.132624677 +0100
++++ dhcp-4.3.0rc1/common/tables.c 2014-01-29 10:04:51.413875343 +0100
+@@ -213,7 +213,7 @@ static struct option dhcp_options[] = {
+ { "name-service-search", "Sa", &dhcp_universe, 117, 1 },
+ #endif
+ { "subnet-selection", "I", &dhcp_universe, 118, 1 },
+- { "domain-search", "Dc", &dhcp_universe, 119, 1 },
++ { "domain-search", "D", &dhcp_universe, 119, 1 },
+ { "vivco", "Evendor-class.", &dhcp_universe, 124, 1 },
+ { "vivso", "Evendor.", &dhcp_universe, 125, 1 },
+ #if 0
-diff -up dhcp-4.2.2/client/dhclient.c.gpxe-cid dhcp-4.2.2/client/dhclient.c
---- dhcp-4.2.2/client/dhclient.c.gpxe-cid 2011-09-16 18:23:20.190453902 +0200
-+++ dhcp-4.2.2/client/dhclient.c 2011-09-16 18:27:15.568463599 +0200
-@@ -58,6 +58,13 @@ const char *path_dhclient_pid = NULL;
+diff -up dhcp-4.3.0a1/client/dhclient.c.gpxe-cid dhcp-4.3.0a1/client/dhclient.c
+--- dhcp-4.3.0a1/client/dhclient.c.gpxe-cid 2013-12-20 13:28:45.105048317 +0100
++++ dhcp-4.3.0a1/client/dhclient.c 2013-12-20 13:28:45.109048261 +0100
+@@ -47,6 +47,14 @@
+ const char *path_dhclient_pid = NULL;
static char path_dhclient_script_array[] = _PATH_DHCLIENT_SCRIPT;
char *path_dhclient_script = path_dhclient_script_array;
-
++
+/* Default Prefix */
+static unsigned char default_prefix[12] = {
+ 0xff, 0x00, 0x00, 0x00,
+ 0x00, 0x02, 0xc9, 0x00
+};
+
- /* False (default) => we write and use a pid file */
- isc_boolean_t no_pid_file = ISC_FALSE;
+ const char *path_dhclient_duid = NULL;
-@@ -1250,6 +1257,12 @@ int find_subnet (struct subnet **sp,
+ /* False (default) => we write and use a pid file */
+@@ -1253,6 +1260,12 @@ int find_subnet (struct subnet **sp,
static void setup_ib_interface(struct interface_info *ip)
{
struct group *g;
/* Set the broadcast flag */
ip->client->config->bootp_broadcast_always = 1;
-@@ -1266,8 +1279,39 @@ static void setup_ib_interface(struct in
+@@ -1269,8 +1282,39 @@ static void setup_ib_interface(struct in
}
}
}
/* Individual States:
-diff -up dhcp-4.2.2/common/lpf.c.gpxe-cid dhcp-4.2.2/common/lpf.c
---- dhcp-4.2.2/common/lpf.c.gpxe-cid 2011-09-16 18:23:20.183453996 +0200
-+++ dhcp-4.2.2/common/lpf.c 2011-09-16 18:25:28.235804421 +0200
-@@ -591,6 +591,37 @@ void maybe_setup_fallback ()
- }
- }
-
-+static unsigned char * get_ib_hw_addr(char * name)
-+{
-+ struct ifaddrs *ifaddrs;
-+ struct ifaddrs *ifa;
-+ struct sockaddr_ll *sll = NULL;
-+ static unsigned char hw_addr[8];
-+
-+ if (getifaddrs(&ifaddrs) == -1)
-+ return NULL;
-+
-+ for (ifa = ifaddrs; ifa != NULL; ifa = ifa->ifa_next) {
-+ if (ifa->ifa_addr == NULL)
-+ continue;
-+ if (ifa->ifa_addr->sa_family != AF_PACKET)
-+ continue;
-+ if (ifa->ifa_flags & IFF_LOOPBACK)
-+ continue;
-+ if (strcmp(ifa->ifa_name, name) == 0) {
-+ sll = (struct sockaddr_ll *)(void *)ifa->ifa_addr;
-+ break;
-+ }
-+ }
-+ if (sll == NULL) {
-+ freeifaddrs(ifaddrs);
-+ return NULL;
-+ }
-+ memcpy(hw_addr, &sll->sll_addr[sll->sll_halen - 8], 8);
-+ freeifaddrs(ifaddrs);
-+ return (unsigned char *)&hw_addr;
-+}
-+
- void
- get_hw_addr(struct interface_info *info)
- {
-@@ -599,6 +630,7 @@ get_hw_addr(struct interface_info *info)
- struct ifaddrs *ifaddrs;
- struct ifaddrs *ifa;
- struct sockaddr_ll *sll = NULL;
-+ unsigned char *hw_addr;
-
- if (getifaddrs(&ifaddrs) == -1)
- log_fatal("Failed to get interfaces");
-@@ -660,6 +692,10 @@ get_hw_addr(struct interface_info *info)
-
- hw->hlen = 1;
- hw->hbuf[0] = HTYPE_INFINIBAND;
-+ hw_addr = get_ib_hw_addr(name);
-+ if (!hw_addr)
-+ log_fatal("Failed getting %s hw addr", name);
-+ memcpy (&hw->hbuf [1], hw_addr, 8);
- break;
- #if defined(ARPHRD_PPP)
- case ARPHRD_PPP:
-diff -up dhcp-4.2.0/client/dhc6.c.honor-expired dhcp-4.2.0/client/dhc6.c
---- dhcp-4.2.0/client/dhc6.c.honor-expired 2010-10-07 12:55:37.000000000 +0200
-+++ dhcp-4.2.0/client/dhc6.c 2010-10-07 12:56:43.000000000 +0200
-@@ -1405,6 +1405,32 @@ start_info_request6(struct client_state
+diff -up dhcp-4.3.0a1/client/dhc6.c.honor-expired dhcp-4.3.0a1/client/dhc6.c
+--- dhcp-4.3.0a1/client/dhc6.c.honor-expired 2013-12-19 16:00:28.062183037 +0100
++++ dhcp-4.3.0a1/client/dhc6.c 2013-12-19 16:00:28.076182842 +0100
+@@ -1351,6 +1351,32 @@ start_info_request6(struct client_state
go_daemon();
}
/*
* start_confirm6() kicks off an "init-reboot" version of the process, at
* startup to find out if old bindings are 'fair' and at runtime whenever
-@@ -1417,8 +1446,10 @@ start_confirm6(struct client_state *clie
+@@ -1363,8 +1389,10 @@ start_confirm6(struct client_state *clie
/* If there is no active lease, there is nothing to check. */
if ((client->active_lease == NULL) ||
-diff -up dhcp-4.2.2/client/dhclient.c.improved-xid dhcp-4.2.2/client/dhclient.c
---- dhcp-4.2.2/client/dhclient.c.improved-xid 2011-09-16 18:18:00.649730661 +0200
-+++ dhcp-4.2.2/client/dhclient.c 2011-09-16 18:22:36.815035513 +0200
-@@ -898,6 +898,26 @@ main(int argc, char **argv) {
+diff -up dhcp-4.3.0a1/client/dhclient.c.improved-xid dhcp-4.3.0a1/client/dhclient.c
+--- dhcp-4.3.0a1/client/dhclient.c.improved-xid 2013-12-20 13:29:41.836260810 +0100
++++ dhcp-4.3.0a1/client/dhclient.c 2013-12-20 13:29:41.843260713 +0100
+@@ -894,6 +894,26 @@ main(int argc, char **argv) {
}
}
/* At this point, all the interfaces that the script thinks
are relevant should be running, so now we once again call
discover_interfaces(), and this time ask it to actually set
-@@ -912,14 +932,36 @@ main(int argc, char **argv) {
+@@ -908,14 +928,36 @@ main(int argc, char **argv) {
Not much entropy, but we're booting, so we're not likely to
find anything better. */
seed = 0;
/* Setup specific Infiniband options */
for (ip = interfaces; ip; ip = ip->next) {
-@@ -1457,7 +1499,7 @@ void dhcpack (packet)
+@@ -1460,7 +1502,7 @@ void dhcpack (packet)
return;
}
lease = packet_to_lease (packet, client);
if (!lease) {
-@@ -2174,7 +2216,7 @@ void dhcpnak (packet)
+@@ -2171,7 +2213,7 @@ void dhcpnak (packet)
return;
}
if (!client -> active) {
#if defined (DEBUG)
-@@ -2300,10 +2342,10 @@ void send_discover (cpp)
+@@ -2298,10 +2340,10 @@ void send_discover (cpp)
client -> packet.secs = htons (65535);
client -> secs = client -> packet.secs;
+ ntohs (sockaddr_broadcast.sin_port), (long)(client -> interval), client -> xid);
/* Send out a packet. */
- result = send_packet (client -> interface, (struct packet *)0,
-@@ -2584,10 +2626,10 @@ void send_request (cpp)
+ result = send_packet(client->interface, NULL, &client->packet,
+@@ -2570,10 +2612,10 @@ void send_request (cpp)
client -> packet.secs = htons (65535);
}
+ ntohs (destination.sin_port), client -> xid);
if (destination.sin_addr.s_addr != INADDR_BROADCAST &&
- fallback_interface)
-@@ -2618,10 +2660,10 @@ void send_decline (cpp)
+ fallback_interface) {
+@@ -2613,10 +2655,10 @@ void send_decline (cpp)
int result;
- log_info ("DHCPDECLINE on %s to %s port %d",
+ log_info ("DHCPDECLINE on %s to %s port %d (xid=0x%x)",
- client -> name ? client -> name : client -> interface -> name,
- inet_ntoa (sockaddr_broadcast.sin_addr),
-- ntohs (sockaddr_broadcast.sin_port));
-+ ntohs (sockaddr_broadcast.sin_port), client -> xid);
+ client->name ? client->name : client->interface->name,
+ inet_ntoa(sockaddr_broadcast.sin_addr),
+- ntohs(sockaddr_broadcast.sin_port));
++ ntohs(sockaddr_broadcast.sin_port), client -> xid);
/* Send out a packet. */
- result = send_packet (client -> interface, (struct packet *)0,
-@@ -2661,10 +2703,10 @@ void send_release (cpp)
+ result = send_packet(client->interface, NULL, &client->packet,
+@@ -2659,10 +2701,10 @@ void send_release (cpp)
return;
}
- ntohs (destination.sin_port));
+ ntohs (destination.sin_port), client -> xid);
- if (fallback_interface)
- result = send_packet (fallback_interface,
+ if (fallback_interface) {
+ result = send_packet(fallback_interface, NULL, &client->packet,
--- /dev/null
+--- expanded_org/client/dhclient.c Wed Aug 06 23:35:00 2014
++++ expanded_logpid/client/dhclient.c Mon Feb 16 13:35:31 2015
+@@ -142,7 +142,7 @@
+ else if (fd != -1)
+ close(fd);
+
+- openlog("dhclient", DHCP_LOG_OPTIONS, LOG_DAEMON);
++ openlog("dhclient", LOG_NDELAY | LOG_PID, LOG_DAEMON);
+
+ #if !(defined(DEBUG) || defined(__CYGWIN32__))
+ setlogmask(LOG_UPTO(LOG_INFO));
-diff -up dhcp-4.2.2/client/dhclient.c.lpf-ib dhcp-4.2.2/client/dhclient.c
---- dhcp-4.2.2/client/dhclient.c.lpf-ib 2011-09-19 11:24:08.693775799 +0200
-+++ dhcp-4.2.2/client/dhclient.c 2011-09-19 11:24:08.703775541 +0200
-@@ -113,6 +113,8 @@ static int check_domain_name_list(const
+diff -up dhcp-4.3.1b1/client/dhclient.c.bmgpWV dhcp-4.3.1b1/client/dhclient.c
+--- dhcp-4.3.1b1/client/dhclient.c.bmgpWV 2014-07-10 17:50:26.922402550 +0200
++++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:53:43.629623477 +0200
+@@ -114,6 +114,8 @@ static int check_domain_name_list(const
static int check_option_values(struct universe *universe, unsigned int opt,
const char *ptr, size_t len);
+static void setup_ib_interface(struct interface_info *ip);
+
+ #ifndef UNIT_TEST
int
main(int argc, char **argv) {
- int fd;
-@@ -919,6 +921,14 @@ main(int argc, char **argv) {
+@@ -937,6 +939,13 @@ main(int argc, char **argv) {
}
srandom(seed + cur_time + (unsigned)getpid());
+ setup_ib_interface(ip);
+ }
+ }
-+
- /* Start a configuration state machine for each interface. */
- #ifdef DHCPv6
- if (local_family == AF_INET6) {
-@@ -1195,6 +1205,29 @@ int find_subnet (struct subnet **sp,
+
+ /*
+ * Establish a default DUID. We always do so for v6 and
+@@ -1230,6 +1239,29 @@ int find_subnet (struct subnet **sp,
return 0;
}
/* Individual States:
*
* Each routine is called from the dhclient_state_machine() in one of
-diff -up dhcp-4.2.2/common/bpf.c.lpf-ib dhcp-4.2.2/common/bpf.c
---- dhcp-4.2.2/common/bpf.c.lpf-ib 2011-09-19 11:24:08.694775773 +0200
-+++ dhcp-4.2.2/common/bpf.c 2011-09-19 11:24:08.704775516 +0200
-@@ -198,11 +198,44 @@ struct bpf_insn dhcp_bpf_filter [] = {
+diff -up dhcp-4.3.1b1/common/bpf.c.bmgpWV dhcp-4.3.1b1/common/bpf.c
+--- dhcp-4.3.1b1/common/bpf.c.bmgpWV 2014-07-10 17:48:03.797424616 +0200
++++ dhcp-4.3.1b1/common/bpf.c 2014-07-10 17:52:57.705272295 +0200
+@@ -199,11 +199,44 @@ struct bpf_insn dhcp_bpf_filter [] = {
BPF_STMT(BPF_RET+BPF_K, 0),
};
#if defined (HAVE_TR_SUPPORT)
struct bpf_insn dhcp_bpf_tr_filter [] = {
/* accept all token ring packets due to variable length header */
-diff -up dhcp-4.2.2/common/lpf.c.lpf-ib dhcp-4.2.2/common/lpf.c
---- dhcp-4.2.2/common/lpf.c.lpf-ib 2011-09-19 11:24:08.694775773 +0200
-+++ dhcp-4.2.2/common/lpf.c 2011-09-19 11:26:15.107109935 +0200
-@@ -42,6 +42,7 @@
- #include "includes/netinet/udp.h"
- #include "includes/netinet/if_ether.h"
+diff -up dhcp-4.3.1b1/common/lpf.c.bmgpWV dhcp-4.3.1b1/common/lpf.c
+--- dhcp-4.3.1b1/common/lpf.c.bmgpWV 2014-07-10 17:48:03.797424616 +0200
++++ dhcp-4.3.1b1/common/lpf.c 2014-07-10 17:52:57.706272281 +0200
+@@ -46,6 +46,17 @@
+ #if defined (USE_LPF_RECEIVE) || defined (USE_LPF_HWADDR)
+ #include <sys/ioctl.h>
#include <net/if.h>
+#include <ifaddrs.h>
-
- #ifndef PACKET_AUXDATA
- #define PACKET_AUXDATA 8
-@@ -59,6 +60,15 @@ struct tpacket_auxdata
- /* Reinitializes the specified interface after an address change. This
- is not required for packet-filter APIs. */
-
++
+/* Default broadcast address for IPoIB */
+static unsigned char default_ib_bcast_addr[20] = {
+ 0x00, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff
+};
+
- #ifdef USE_LPF_SEND
- void if_reinitialize_send (info)
- struct interface_info *info;
-@@ -86,10 +96,21 @@ int if_register_lpf (info)
+ #endif
+
+ #if defined (USE_LPF_SEND) || defined (USE_LPF_RECEIVE)
+@@ -92,10 +103,21 @@ int if_register_lpf (info)
struct sockaddr common;
} sa;
struct ifreq ifr;
if (errno == ENOPROTOOPT || errno == EPROTONOSUPPORT ||
errno == ESOCKTNOSUPPORT || errno == EPFNOSUPPORT ||
errno == EAFNOSUPPORT || errno == EINVAL) {
-@@ -112,6 +133,7 @@ int if_register_lpf (info)
+@@ -118,6 +140,7 @@ int if_register_lpf (info)
/* Bind to the interface name */
memset (&sa, 0, sizeof sa);
sa.ll.sll_family = AF_PACKET;
sa.ll.sll_ifindex = ifr.ifr_ifindex;
if (bind (sock, &sa.common, sizeof sa)) {
if (errno == ENOPROTOOPT || errno == EPROTONOSUPPORT ||
-@@ -127,8 +149,6 @@ int if_register_lpf (info)
+@@ -133,8 +156,6 @@ int if_register_lpf (info)
log_fatal ("Bind socket to interface: %m");
}
return sock;
}
#endif /* USE_LPF_SEND || USE_LPF_RECEIVE */
-@@ -183,6 +203,8 @@ void if_deregister_send (info)
+@@ -189,6 +210,8 @@ void if_deregister_send (info)
in bpf includes... */
extern struct sock_filter dhcp_bpf_filter [];
extern int dhcp_bpf_filter_len;
#if defined (HAVE_TR_SUPPORT)
extern struct sock_filter dhcp_bpf_tr_filter [];
-@@ -200,11 +222,13 @@ void if_register_receive (info)
+@@ -206,11 +229,13 @@ void if_register_receive (info)
/* Open a LPF device and hang it on this interface... */
info -> rfdesc = if_register_lpf (info);
}
#if defined (HAVE_TR_SUPPORT)
-@@ -250,15 +274,28 @@ static void lpf_gen_filter_setup (info)
+@@ -256,15 +281,28 @@ static void lpf_gen_filter_setup (info)
memset(&p, 0, sizeof(p));
if (setsockopt (info -> rfdesc, SOL_SOCKET, SO_ATTACH_FILTER, &p,
sizeof p) < 0) {
-@@ -315,6 +352,54 @@ static void lpf_tr_filter_setup (info)
+@@ -321,6 +359,54 @@ static void lpf_tr_filter_setup (info)
#endif /* USE_LPF_RECEIVE */
#ifdef USE_LPF_SEND
ssize_t send_packet (interface, packet, raw, len, from, to, hto)
struct interface_info *interface;
struct packet *packet;
-@@ -335,6 +420,11 @@ ssize_t send_packet (interface, packet,
+@@ -341,6 +427,11 @@ ssize_t send_packet (interface, packet,
return send_fallback (interface, packet, raw,
len, from, to, hto);
if (hto == NULL && interface->anycast_mac_addr.hlen)
hto = &interface->anycast_mac_addr;
-@@ -356,6 +446,42 @@ ssize_t send_packet (interface, packet,
+@@ -362,6 +453,42 @@ ssize_t send_packet (interface, packet,
#endif /* USE_LPF_SEND */
#ifdef USE_LPF_RECEIVE
ssize_t receive_packet (interface, buf, len, from, hfrom)
struct interface_info *interface;
unsigned char *buf;
-@@ -382,6 +508,10 @@ ssize_t receive_packet (interface, buf,
+@@ -388,6 +515,10 @@ ssize_t receive_packet (interface, buf,
};
struct cmsghdr *cmsg;
length = recvmsg (interface -> rfdesc, &msg, 0);
if (length <= 0)
return length;
-@@ -462,33 +592,44 @@ void maybe_setup_fallback ()
- }
+@@ -469,11 +600,33 @@ void maybe_setup_fallback ()
+ #endif
- void
+ #if defined (USE_LPF_RECEIVE) || defined (USE_LPF_HWADDR)
+-void
-get_hw_addr(const char *name, struct hardware *hw) {
-- int sock;
-- struct ifreq tmp;
-- struct sockaddr *sa;
-+get_hw_addr(struct interface_info *info)
++struct sockaddr_ll *
++get_ll (struct ifaddrs *ifaddrs, struct ifaddrs **ifa, char *name)
+{
-+ struct hardware *hw = &info->hw_address;
-+ char *name = info->name;
-+ struct ifaddrs *ifaddrs;
-+ struct ifaddrs *ifa;
-+ struct sockaddr_ll *sll = NULL;
-
-- if (strlen(name) >= sizeof(tmp.ifr_name)) {
-- log_fatal("Device name too long: \"%s\"", name);
-- }
-+ if (getifaddrs(&ifaddrs) == -1)
-+ log_fatal("Failed to get interfaces");
-
-- sock = socket(AF_INET, SOCK_DGRAM, 0);
-- if (sock < 0) {
-- log_fatal("Can't create socket for \"%s\": %m", name);
-+ for (ifa = ifaddrs; ifa != NULL; ifa = ifa->ifa_next) {
-+
-+ if (ifa->ifa_addr == NULL)
++ for (*ifa = ifaddrs; *ifa != NULL; *ifa = (*ifa)->ifa_next) {
++ if ((*ifa)->ifa_addr == NULL)
+ continue;
+
-+ if (ifa->ifa_addr->sa_family != AF_PACKET)
++ if ((*ifa)->ifa_addr->sa_family != AF_PACKET)
+ continue;
+
-+ if (ifa->ifa_flags & IFF_LOOPBACK)
++ if ((*ifa)->ifa_flags & IFF_LOOPBACK)
+ continue;
+
-+ if (strcmp(ifa->ifa_name, name) == 0) {
-+ sll = (struct sockaddr_ll *)(void *)ifa->ifa_addr;
-+ break;
-+ }
- }
++ if (strcmp((*ifa)->ifa_name, name) == 0)
++ return (struct sockaddr_ll *)(void *)(*ifa)->ifa_addr;
++ }
++ *ifa = NULL;
++ return NULL;
++}
++
++struct sockaddr_ll *
++ioctl_get_ll(char *name)
++{
+ int sock;
+ struct ifreq tmp;
+- struct sockaddr *sa;
++ struct sockaddr *sa = NULL;
++ struct sockaddr_ll *sll = NULL;
-- memset(&tmp, 0, sizeof(tmp));
-- strcpy(tmp.ifr_name, name);
-- if (ioctl(sock, SIOCGIFHWADDR, &tmp) < 0) {
+ if (strlen(name) >= sizeof(tmp.ifr_name)) {
+ log_fatal("Device name too long: \"%s\"", name);
+@@ -487,16 +640,62 @@ get_hw_addr(const char *name, struct har
+ memset(&tmp, 0, sizeof(tmp));
+ strcpy(tmp.ifr_name, name);
+ if (ioctl(sock, SIOCGIFHWADDR, &tmp) < 0) {
- log_fatal("Error getting hardware address for \"%s\": %m",
-- name);
-+ if (sll == NULL) {
-+ freeifaddrs(ifaddrs);
-+ log_fatal("Failed to get HW address for %s\n", name);
++ log_fatal("Error getting hardware address for \"%s\": %m",
+ name);
}
++ close(sock);
-- sa = &tmp.ifr_hwaddr;
+ sa = &tmp.ifr_hwaddr;
- switch (sa->sa_family) {
++ // needs to be freed outside this function
++ sll = dmalloc (sizeof (struct sockaddr_ll), MDL);
++ if (!sll)
++ log_fatal("Unable to allocate memory for link layer address");
++ memcpy(&sll->sll_hatype, &sa->sa_family, sizeof (sll->sll_hatype));
++ memcpy(sll->sll_addr, sa->sa_data, sizeof (sll->sll_addr));
++ switch (sll->sll_hatype) {
++ case ARPHRD_INFINIBAND:
++ /* ioctl limits hardware addresses to 8 bytes */
++ sll->sll_halen = 8;
++ break;
++ default:
++ break;
++ }
++ return sll;
++}
++
++void
++get_hw_addr(struct interface_info *info)
++{
++ struct hardware *hw = &info->hw_address;
++ char *name = info->name;
++ struct ifaddrs *ifaddrs = NULL;
++ struct ifaddrs *ifa = NULL;
++ struct sockaddr_ll *sll = NULL;
++ int sll_allocated = 0;
++ char *dup = NULL;
++ char *colon = NULL;
++
++ if (getifaddrs(&ifaddrs) == -1)
++ log_fatal("Failed to get interfaces");
++
++ if ((sll = get_ll(ifaddrs, &ifa, name)) == NULL) {
++ /*
++ * We were unable to get link-layer address for name.
++ * Fall back to ioctl(SIOCGIFHWADDR).
++ */
++ sll = ioctl_get_ll(name);
++ if (sll != NULL)
++ sll_allocated = 1;
++ else
++ // shouldn't happen
++ log_fatal("Unexpected internal error");
++ }
++
+ switch (sll->sll_hatype) {
case ARPHRD_ETHER:
hw->hlen = 7;
break;
case ARPHRD_IEEE802:
#ifdef ARPHRD_IEEE802_TR
-@@ -496,18 +637,35 @@ get_hw_addr(const char *name, struct har
+@@ -504,18 +703,48 @@ get_hw_addr(const char *name, struct har
#endif /* ARPHRD_IEEE802_TR */
hw->hlen = 7;
hw->hbuf[0] = HTYPE_IEEE802;
+ memcpy(&hw->hbuf[1], sll->sll_addr, 6);
break;
case ARPHRD_FDDI:
- hw->hlen = 17;
+ hw->hlen = 7;
hw->hbuf[0] = HTYPE_FDDI;
-- memcpy(&hw->hbuf[1], sa->sa_data, 16);
-+ memcpy(&hw->hbuf[1], sll->sll_addr, 16);
+- memcpy(&hw->hbuf[1], sa->sa_data, 6);
++ memcpy(&hw->hbuf[1], sll->sll_addr, 6);
+ break;
+ case ARPHRD_INFINIBAND:
++ dup = strdup(name);
++ /* Aliased infiniband interface is special case where
++ * neither get_ll() nor ioctl_get_ll() get's correct hw
++ * address, so we have to truncate the :0 and run
++ * get_ll() again for the rest.
++ */
++ if ((colon = strchr(dup, ':')) != NULL) {
++ *colon = '\0';
++ if ((sll = get_ll(ifaddrs, &ifa, dup)) == NULL)
++ log_fatal("Error getting hardware address for \"%s\": %m", name);
++ }
++ free (dup);
+ /* For Infiniband, save the broadcast address and store
+ * the port GUID into the hardware address.
+ */
-+ if (ifa->ifa_flags & IFF_BROADCAST) {
++ if (ifa && (ifa->ifa_flags & IFF_BROADCAST)) {
+ struct sockaddr_ll *bll;
+
+ bll = (struct sockaddr_ll *)ifa->ifa_broadaddr;
+
+ hw->hlen = 1;
+ hw->hbuf[0] = HTYPE_INFINIBAND;
++ memcpy(&hw->hbuf[1], &sll->sll_addr[sll->sll_halen - 8], 8);
break;
#if defined(ARPHRD_PPP)
case ARPHRD_PPP:
if (local_family != AF_INET6)
- log_fatal("Unsupported device type %d for \"%s\"",
- sa->sa_family, name);
-+ log_fatal("Unsupported device type %ld for \"%s\"",
-+ (long int)sll->sll_family, name);
++ log_fatal("local_family != AF_INET6 for \"%s\"",
++ name);
hw->hlen = 0;
hw->hbuf[0] = HTYPE_RESERVED;
/* 0xdeadbeef should never occur on the wire,
-@@ -520,10 +678,11 @@ get_hw_addr(const char *name, struct har
+@@ -528,10 +757,13 @@ get_hw_addr(const char *name, struct har
break;
#endif
default:
-+ freeifaddrs(ifaddrs);
- log_fatal("Unsupported device type %ld for \"%s\"",
+- log_fatal("Unsupported device type %ld for \"%s\"",
- (long int)sa->sa_family, name);
-+ (long int)sll->sll_family, name);
++ freeifaddrs(ifaddrs);
++ log_fatal("Unsupported device type %hu for \"%s\"",
++ sll->sll_hatype, name);
}
- close(sock);
++ if (sll_allocated)
++ dfree(sll, MDL);
+ freeifaddrs(ifaddrs);
}
#endif
-diff -up dhcp-4.2.2/common/socket.c.lpf-ib dhcp-4.2.2/common/socket.c
---- dhcp-4.2.2/common/socket.c.lpf-ib 2011-06-27 18:18:20.000000000 +0200
-+++ dhcp-4.2.2/common/socket.c 2011-09-19 11:24:08.705775490 +0200
-@@ -324,7 +324,7 @@ void if_register_send (info)
- info->wfdesc = if_register_socket(info, AF_INET, 0);
+diff -up dhcp-4.3.1b1/common/socket.c.bmgpWV dhcp-4.3.1b1/common/socket.c
+--- dhcp-4.3.1b1/common/socket.c.bmgpWV 2014-07-02 19:58:38.000000000 +0200
++++ dhcp-4.3.1b1/common/socket.c 2014-07-10 17:52:57.706272281 +0200
+@@ -322,7 +322,7 @@ void if_register_send (info)
+ info->wfdesc = if_register_socket(info, AF_INET, 0, NULL);
/* If this is a normal IPv4 address, get the hardware address. */
if (strcmp(info->name, "fallback") != 0)
- get_hw_addr(info->name, &info->hw_address);
#if defined (USE_SOCKET_FALLBACK)
/* Fallback only registers for send, but may need to receive as
well. */
-@@ -387,7 +387,7 @@ void if_register_receive (info)
+@@ -385,7 +385,7 @@ void if_register_receive (info)
#endif /* IP_PKTINFO... */
/* If this is a normal IPv4 address, get the hardware address. */
if (strcmp(info->name, "fallback") != 0)
if (!quiet_interface_discovery)
log_info ("Listening on Socket/%s%s%s",
-@@ -497,7 +497,7 @@ if_register6(struct interface_info *info
+@@ -499,7 +499,7 @@ if_register6(struct interface_info *info
if (req_multi)
if_register_multicast(info);
if (!quiet_interface_discovery) {
if (info->shared_network != NULL) {
-diff -up dhcp-4.2.2/includes/dhcpd.h.lpf-ib dhcp-4.2.2/includes/dhcpd.h
---- dhcp-4.2.2/includes/dhcpd.h.lpf-ib 2011-09-19 11:24:08.696775721 +0200
-+++ dhcp-4.2.2/includes/dhcpd.h 2011-09-19 11:24:08.707775438 +0200
-@@ -1243,6 +1243,7 @@ struct interface_info {
+@@ -555,7 +555,7 @@ if_register_linklocal6(struct interface_
+ info->rfdesc = sock;
+ info->wfdesc = sock;
+
+- get_hw_addr(info->name, &info->hw_address);
++ get_hw_addr(info);
+
+ if (!quiet_interface_discovery) {
+ if (info->shared_network != NULL) {
+diff -up dhcp-4.3.1b1/includes/dhcpd.h.bmgpWV dhcp-4.3.1b1/includes/dhcpd.h
+--- dhcp-4.3.1b1/includes/dhcpd.h.bmgpWV 2014-07-10 17:50:26.923402536 +0200
++++ dhcp-4.3.1b1/includes/dhcpd.h 2014-07-10 17:52:57.707272266 +0200
+@@ -1248,6 +1248,7 @@ struct interface_info {
struct shared_network *shared_network;
/* Networks connected to this interface. */
struct hardware hw_address; /* Its physical address. */
struct in_addr *addresses; /* Addresses associated with this
* interface.
*/
-@@ -2356,7 +2357,7 @@ void print_dns_status (int, struct dhcp_
+@@ -2439,7 +2440,7 @@ void print_dns_status (int, struct dhcp_
#endif
const char *print_time(TIME);
/* socket.c */
#if defined (USE_SOCKET_SEND) || defined (USE_SOCKET_RECEIVE) \
-diff -up dhcp-4.2.2/includes/dhcp.h.lpf-ib dhcp-4.2.2/includes/dhcp.h
---- dhcp-4.2.2/includes/dhcp.h.lpf-ib 2011-09-19 11:24:08.696775721 +0200
-+++ dhcp-4.2.2/includes/dhcp.h 2011-09-19 11:24:08.707775438 +0200
-@@ -79,6 +79,7 @@ struct dhcp_packet {
- #define HTYPE_ETHER 1 /* Ethernet 10Mbps */
- #define HTYPE_IEEE802 6 /* IEEE 802.2 Token Ring... */
- #define HTYPE_FDDI 8 /* FDDI... */
-+#define HTYPE_INFINIBAND 32 /* Infiniband IPoIB */
-
- #define HTYPE_RESERVED 0 /* RFC 5494 */
-
-diff -up dhcp-4.2.1b1/client/dhclient.8.man dhcp-4.2.1b1/client/dhclient.8
---- dhcp-4.2.1b1/client/dhclient.8.man 2010-07-14 22:09:34.000000000 +0200
-+++ dhcp-4.2.1b1/client/dhclient.8 2011-01-27 18:19:07.000000000 +0100
-@@ -115,6 +115,33 @@ dhclient - Dynamic Host Configuration Pr
- .B -w
- ]
- [
-+.B -B
-+]
-+[
-+.B -I
-+.I dhcp-client-identifier
-+]
-+[
-+.B -H
-+.I host-name
-+]
-+[
-+.B -F
-+.I fqdn.fqdn
-+]
-+[
-+.B -V
-+.I vendor-class-identifier
-+]
-+[
-+.B -R
-+.I request-option-list
-+]
-+[
-+.B -timeout
-+.I timeout
-+]
-+[
- .B -v
- ]
- [
-@@ -264,6 +291,69 @@ not to exit when it doesn't find any suc
- program can then be used to notify the client when a network interface
- has been added or removed, so that the client can attempt to configure an IP
- address on that interface.
-+
-+.TP
-+.BI \-B
-+Set the BOOTP broadcast flag in request packets so servers will always
-+broadcast replies.
-+
-+.TP
-+.BI \-I\ <dhcp-client-identifier>
-+Specify the dhcp-client-identifier option to send to the DHCP server.
-+
-+.TP
-+.BI \-H\ <host-name>
-+Specify the host-name option to send to the DHCP server. The host-name
-+string only contains the client's hostname prefix, to which the server will
-+append the ddns-domainname or domain-name options, if any, to derive the
-+fully qualified domain name of the client. The
-+.B -H
-+option cannot be used with the
-+.B -F
-+option.
-+
-+.TP
-+.BI \-F\ <fqdn.fqdn>
-+Specify the fqdn.fqdn option to send to the DHCP server. This option cannot
-+be used with the
-+.B -H
-+option. The fqdn.fqdn option must specify the complete domain name of the
-+client host, which the server may use for dynamic DNS updates.
-+
-+.TP
-+.BI \-V\ <vendor-class-identifier>
-+Specify the vendor-class-identifier option to send to the DHCP server.
-+
-+.TP
-+.BI \-R\ <option>[,<option>...]
-+Specify the list of options the client is to request from the server. The
-+option list must be a single string consisting of option names separated
-+by at least one command and optional space characters. The default option
-+list is:
-+
-+.BR
-+ subnet-mask, broadcast-address, time-offset, routers,
-+.BR
-+ domain-search, domain-name, domain-name-servers, host-name,
-+.BR
-+ nis-domain, nis-servers, ntp-servers, interface-mtu
-+
-+.TP
-+.B -R
-+option does not append options to the default request, it overrides the
-+default request list. Keep this in mind if you want to request an
-+additional option besides the default request list. You will have to
-+specify all option names for the
-+.B -R
-+parameter.
-+
-+.TP
-+.BI \-timeout\ <timeout>
-+Specify the time after which
-+.B dhclient
-+will decide that no DHCP servers can be contacted when no responses have been
-+received.
-+
- .TP
- .BI \-n
- Do not configure any interfaces. This is most likely to be useful in
-diff -up dhcp-4.2.1b1/client/dhclient.conf.5.man dhcp-4.2.1b1/client/dhclient.conf.5
---- dhcp-4.2.1b1/client/dhclient.conf.5.man 2010-09-15 01:03:56.000000000 +0200
-+++ dhcp-4.2.1b1/client/dhclient.conf.5 2011-01-27 18:22:56.000000000 +0100
-@@ -186,7 +186,8 @@ responding to the client send the client
- options. Only the option names should be specified in the request
- statement - not option parameters. By default, the DHCPv4 client
- requests the subnet-mask, broadcast-address, time-offset, routers,
--domain-name, domain-name-servers and host-name options while the DHCPv6
-+domain-search, domain-name, domain-name-servers, host-name, nis-domain,
-+nis-servers, ntp-servers and interface-mtu options while the DHCPv6
- client requests the dhcp6 name-servers and domain-search options. Note
- that if you enter a \'request\' statement, you over-ride these defaults
- and these options will not be requested.
-@@ -672,6 +673,17 @@ know the DHCP service(s) anycast MAC add
- client. The \fIlink-type\fR and \fImac-address\fR parameters are configured
- in a similar manner to the \fBhardware\fR statement.
- .PP
-+ \fBbootp-broadcast-always;\fR
-+.PP
-+The
-+.B bootp-broadcast-always
-+statement instructs dhclient to always set the bootp broadcast flag in
-+request packets, so that servers will always broadcast replies.
-+This is equivalent to supplying the dhclient -B argument, and has
-+the same effect as specifying 'always-broadcast' in the server's dhcpd.conf.
-+This option is provided as an extension to enable dhclient to work
-+on IBM s390 Linux guests.
-+.PP
- .SH SAMPLE
- The following configuration file is used on a laptop running NetBSD
- 1.3. The laptop has an IP alias of 192.5.5.213, and has one
-@@ -697,7 +709,7 @@ interface "ep0" {
- supersede domain-search "fugue.com", "rc.vix.com", "home.vix.com";
- prepend domain-name-servers 127.0.0.1;
- request subnet-mask, broadcast-address, time-offset, routers,
-- domain-name, domain-name-servers, host-name;
-+ domain-search, domain-name, domain-name-servers, host-name;
- require subnet-mask, domain-name-servers;
- script "CLIENTBINDIR/dhclient-script";
- media "media 10baseT/UTP", "media 10base2/BNC";
-diff -up dhcp-4.2.1b1/client/dhclient-script.8.man dhcp-4.2.1b1/client/dhclient-script.8
---- dhcp-4.2.1b1/client/dhclient-script.8.man 2010-07-06 21:03:11.000000000 +0200
-+++ dhcp-4.2.1b1/client/dhclient-script.8 2011-01-27 18:24:44.000000000 +0100
-@@ -47,7 +47,7 @@ customizations are needed, they should b
+diff -up dhcp-4.3.0a1/client/dhclient-script.8.man dhcp-4.3.0a1/client/dhclient-script.8
+--- dhcp-4.3.0a1/client/dhclient-script.8.man 2013-12-11 01:01:02.000000000 +0100
++++ dhcp-4.3.0a1/client/dhclient-script.8 2013-12-19 15:27:17.617118805 +0100
+@@ -48,7 +48,7 @@ customizations are needed, they should b
exit hooks provided (see HOOKS for details). These hooks will allow the
user to override the default behaviour of the client in creating a
.B /etc/resolv.conf
.PP
No standard client script exists for some operating systems, even though
the actual client may work, so a pioneering user may well need to create
-@@ -91,6 +91,26 @@ present. The
+@@ -92,6 +92,26 @@ present. The
.B ETCDIR/dhclient-exit-hooks
script can modify the valid of exit_status to change the exit status
of dhclient-script.
.SH OPERATION
When dhclient needs to invoke the client configuration script, it
defines a set of variables in the environment, and then invokes
-diff -up dhcp-4.2.1b1/common/dhcp-options.5.man dhcp-4.2.1b1/common/dhcp-options.5
---- dhcp-4.2.1b1/common/dhcp-options.5.man 2010-07-13 22:56:56.000000000 +0200
-+++ dhcp-4.2.1b1/common/dhcp-options.5 2011-01-27 18:25:57.000000000 +0100
-@@ -913,6 +913,21 @@ classless IP routing - it does not inclu
+diff -up dhcp-4.3.0a1/client/dhclient.conf.5.man dhcp-4.3.0a1/client/dhclient.conf.5
+--- dhcp-4.3.0a1/client/dhclient.conf.5.man 2013-12-11 01:01:02.000000000 +0100
++++ dhcp-4.3.0a1/client/dhclient.conf.5 2013-12-19 15:27:17.617118805 +0100
+@@ -202,7 +202,8 @@ responding to the client send the client
+ options. Only the option names should be specified in the request
+ statement - not option parameters. By default, the DHCPv4 client
+ requests the subnet-mask, broadcast-address, time-offset, routers,
+-domain-name, domain-name-servers and host-name options while the DHCPv6
++domain-search, domain-name, domain-name-servers, host-name, nis-domain,
++nis-servers, ntp-servers and interface-mtu options while the DHCPv6
+ client requests the dhcp6 name-servers and domain-search options. Note
+ that if you enter a \'request\' statement, you over-ride these defaults
+ and these options will not be requested.
+@@ -688,6 +689,17 @@ know the DHCP service(s) anycast MAC add
+ client. The \fIlink-type\fR and \fImac-address\fR parameters are configured
+ in a similar manner to the \fBhardware\fR statement.
+ .PP
++ \fBbootp-broadcast-always;\fR
++.PP
++The
++.B bootp-broadcast-always
++statement instructs dhclient to always set the bootp broadcast flag in
++request packets, so that servers will always broadcast replies.
++This is equivalent to supplying the dhclient -B argument, and has
++the same effect as specifying 'always-broadcast' in the server's dhcpd.conf.
++This option is provided as an extension to enable dhclient to work
++on IBM s390 Linux guests.
++.PP
+ .SH SAMPLE
+ The following configuration file is used on a laptop running NetBSD
+ 1.3. The laptop has an IP alias of 192.5.5.213, and has one
+@@ -713,7 +725,7 @@ interface "ep0" {
+ supersede domain-search "fugue.com", "rc.vix.com", "home.vix.com";
+ prepend domain-name-servers 127.0.0.1;
+ request subnet-mask, broadcast-address, time-offset, routers,
+- domain-name, domain-name-servers, host-name;
++ domain-search, domain-name, domain-name-servers, host-name;
+ require subnet-mask, domain-name-servers;
+ script "CLIENTBINDIR/dhclient-script";
+ media "media 10baseT/UTP", "media 10base2/BNC";
+diff -up dhcp-4.3.0a1/common/dhcp-options.5.man dhcp-4.3.0a1/common/dhcp-options.5
+--- dhcp-4.3.0a1/common/dhcp-options.5.man 2013-12-11 01:25:12.000000000 +0100
++++ dhcp-4.3.0a1/common/dhcp-options.5 2013-12-19 15:27:17.618118791 +0100
+@@ -914,6 +914,21 @@ classless IP routing - it does not inclu
classless IP routing is now the most widely deployed routing standard,
this option is virtually useless, and is not implemented by any of the
popular DHCP clients, for example the Microsoft DHCP client.
.RE
.PP
.nf
-diff -up dhcp-4.2.1b1/server/dhcpd.conf.5.man dhcp-4.2.1b1/server/dhcpd.conf.5
---- dhcp-4.2.1b1/server/dhcpd.conf.5.man 2010-07-06 21:03:12.000000000 +0200
-+++ dhcp-4.2.1b1/server/dhcpd.conf.5 2011-01-27 18:29:12.000000000 +0100
-@@ -519,6 +519,9 @@ pool {
+diff -up dhcp-4.3.0a1/server/dhcpd.conf.5.man dhcp-4.3.0a1/server/dhcpd.conf.5
+--- dhcp-4.3.0a1/server/dhcpd.conf.5.man 2013-12-13 21:49:44.000000000 +0100
++++ dhcp-4.3.0a1/server/dhcpd.conf.5 2013-12-19 15:30:14.266670962 +0100
+@@ -527,6 +527,9 @@ pool {
};
.fi
.PP
The server currently does very little sanity checking, so if you
configure it wrong, it will just fail in odd ways. I would recommend
therefore that you either do failover or don't do failover, but don't
-@@ -533,9 +536,9 @@ primary server might look like this:
+@@ -541,9 +544,9 @@ primary server might look like this:
failover peer "foo" {
primary;
address anthrax.rc.vix.com;
max-response-delay 60;
max-unacked-updates 10;
mclt 3600;
-@@ -1305,7 +1308,7 @@ the zone containing PTR records - for IS
+@@ -1241,7 +1244,7 @@ the zone containing PTR records - for IS
.PP
.nf
key DHCP_UPDATER {
secret pRP5FapFoJ95JEL06sv4PQ==;
};
-@@ -1328,7 +1331,7 @@ dhcpd.conf file:
+@@ -1264,7 +1267,7 @@ dhcpd.conf file:
.PP
.nf
key DHCP_UPDATER {
secret pRP5FapFoJ95JEL06sv4PQ==;
};
-@@ -2540,7 +2543,8 @@ statement
+@@ -2539,7 +2542,8 @@ statement
The \fInext-server\fR statement is used to specify the host address of
the server from which the initial boot file (specified in the
- \fIfilename\fR statement) is to be loaded. \fIServer-name\fR should
+ \fIfilename\fR statement) is to be loaded. \fIServer-name\fR should
-be a numeric IP address or a domain name.
+be a numeric IP address or a domain name. If no \fInext-server\fR statement
+applies to a given client, the address 0.0.0.0 is used.
--- /dev/null
+diff -up dhcp-4.3.1b1/client/dhclient.c.dlTsyN dhcp-4.3.1b1/client/dhclient.c
+--- dhcp-4.3.1b1/client/dhclient.c.dlTsyN 2014-07-10 17:49:49.882925843 +0200
++++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:50:26.922402550 +0200
+@@ -1748,11 +1748,6 @@ int write_host (host)
+ return 0;
+ }
+
+-void db_startup (testp)
+- int testp;
+-{
+-}
+-
+ void bootp (packet)
+ struct packet *packet;
+ {
+diff -up dhcp-4.3.1b1/includes/dhcpd.h.dlTsyN dhcp-4.3.1b1/includes/dhcpd.h
+--- dhcp-4.3.1b1/includes/dhcpd.h.dlTsyN 2014-07-10 17:48:03.798424601 +0200
++++ dhcp-4.3.1b1/includes/dhcpd.h 2014-07-10 17:50:26.923402536 +0200
+@@ -2866,7 +2866,11 @@ void commit_leases_timeout (void *);
+ void commit_leases_readerdry(void *);
+ int commit_leases (void);
+ int commit_leases_timed (void);
++#if defined (PARANOIA)
++void db_startup (int, uid_t, gid_t);
++#else
+ void db_startup (int);
++#endif /* PARANOIA */
+ int new_lease_file (void);
+ int group_writer (struct group_object *);
+ int write_ia(const struct ia_xx *);
+diff -up dhcp-4.3.1b1/server/confpars.c.dlTsyN dhcp-4.3.1b1/server/confpars.c
+--- dhcp-4.3.1b1/server/confpars.c.dlTsyN 2014-07-10 17:39:25.801764596 +0200
++++ dhcp-4.3.1b1/server/confpars.c 2014-07-10 17:50:26.924402522 +0200
+@@ -219,7 +219,11 @@ void trace_conf_input (trace_type_t *tty
+ }
+
+ if (!leaseconf_initialized && ttype == trace_readleases_type) {
++#if defined (PARANOIA)
++ db_startup (0, 0, 0);
++#else
+ db_startup (0);
++#endif /* PARANOIA */
+ leaseconf_initialized = 1;
+ postdb_startup ();
+ }
+diff -up dhcp-4.3.1b1/server/db.c.dlTsyN dhcp-4.3.1b1/server/db.c
+--- dhcp-4.3.1b1/server/db.c.dlTsyN 2014-07-10 17:39:25.801764596 +0200
++++ dhcp-4.3.1b1/server/db.c 2014-07-10 17:50:26.925402508 +0200
+@@ -42,6 +42,10 @@ static int counting = 0;
+ static int count = 0;
+ TIME write_time;
+ int lease_file_is_corrupt = 0;
++#if defined (PARANOIA)
++uid_t global_set_uid = 0;
++gid_t global_set_gid = 0;
++#endif /* PARANOIA */
+
+ /* Write a single binding scope value in parsable format.
+ */
+@@ -1046,8 +1050,11 @@ int commit_leases_timed()
+ return (1);
+ }
+
+-void db_startup (testp)
+- int testp;
++#if defined (PARANOIA)
++void db_startup (int testp, uid_t set_uid, gid_t set_gid)
++#else
++void db_startup (int testp)
++#endif /* PARANOIA */
+ {
+ isc_result_t status;
+
+@@ -1066,6 +1073,11 @@ void db_startup (testp)
+ }
+ #endif
+
++#if defined (PARANOIA)
++ global_set_uid = set_uid;
++ global_set_gid = set_gid;
++#endif /* PARANOIA */
++
+ #if defined (TRACING)
+ /* If we're playing back, there is no lease file, so we can't
+ append it, so we create one immediately (maybe this isn't
+@@ -1128,6 +1140,17 @@ int new_lease_file ()
+ log_error ("Can't create new lease file: %m");
+ return 0;
+ }
++
++#if defined (PARANOIA)
++ if (global_set_uid && !geteuid() &&
++ global_set_gid && !getegid())
++ if (fchown(db_fd, global_set_uid, global_set_gid)) {
++ log_fatal ("Can't chown new lease file: %m");
++ close(db_fd);
++ goto fdfail;
++ }
++#endif /* PARANOIA */
++
+ if ((new_db_file = fdopen(db_fd, "we")) == NULL) {
+ log_error("Can't fdopen new lease file: %m");
+ close(db_fd);
+diff -up dhcp-4.3.1b1/server/dhcpd.8.dlTsyN dhcp-4.3.1b1/server/dhcpd.8
+--- dhcp-4.3.1b1/server/dhcpd.8.dlTsyN 2014-07-02 19:58:39.000000000 +0200
++++ dhcp-4.3.1b1/server/dhcpd.8 2014-07-10 17:50:26.925402508 +0200
+@@ -82,6 +82,18 @@ dhcpd - Dynamic Host Configuration Proto
+ .I trace-output-file
+ ]
+ [
++.B -user
++.I user
++]
++[
++.B -group
++.I group
++]
++[
++.B -chroot
++.I dir
++]
++[
+ .B -play
+ .I trace-playback-file
+ ]
+@@ -269,6 +281,15 @@ lease file.
+ .TP
+ .BI --version
+ Print version number and exit.
++.TP
++.BI \-user \ user
++Setuid to user after completing privileged operations, such as creating sockets that listen on privileged ports.
++.TP
++.BI \-group \ group
++Setgid to group after completing privileged operations, such as creating sockets that listen on privileged ports.
++.TP
++.BI \-chroot \ dir
++Chroot to directory after processing the command line arguments, but before reading the configuration file.
+ .PP
+ .I Modifying default file locations:
+ The following options can be used to modify the locations
+diff -up dhcp-4.3.1b1/server/dhcpd.c.dlTsyN dhcp-4.3.1b1/server/dhcpd.c
+--- dhcp-4.3.1b1/server/dhcpd.c.dlTsyN 2014-07-10 17:39:25.802764582 +0200
++++ dhcp-4.3.1b1/server/dhcpd.c 2014-07-10 17:52:35.341588248 +0200
+@@ -628,7 +628,11 @@ main(int argc, char **argv) {
+ group_write_hook = group_writer;
+
+ /* Start up the database... */
++#if defined (PARANOIA)
++ db_startup (lftest, set_uid, set_gid);
++#else
+ db_startup (lftest);
++#endif /* PARANOIA */
+
+ if (lftest)
+ exit (0);
-diff -up dhcp-4.2.0/includes/dhcpd.h.paths dhcp-4.2.0/includes/dhcpd.h
---- dhcp-4.2.0/includes/dhcpd.h.paths 2010-07-21 13:55:42.000000000 +0200
-+++ dhcp-4.2.0/includes/dhcpd.h 2010-07-21 14:29:57.000000000 +0200
-@@ -1390,15 +1390,15 @@ typedef unsigned char option_mask [16];
+--- expanded_org/includes/dhcpd.h Wed Aug 06 23:35:02 2014
++++ expanded_patched_51_4_2_0_paths_patch/includes/dhcpd.h Mon Feb 16 13:22:11 2015
+@@ -1424,15 +1424,15 @@
#else /* !DEBUG */
#ifndef _PATH_DHCPD_CONF
#endif
#ifndef _PATH_DHCPD_PID
-@@ -1412,7 +1412,7 @@ typedef unsigned char option_mask [16];
+@@ -1446,7 +1446,7 @@
#endif /* DEBUG */
#ifndef _PATH_DHCLIENT_CONF
#endif
#ifndef _PATH_DHCLIENT_SCRIPT
-@@ -1428,11 +1428,11 @@ typedef unsigned char option_mask [16];
+@@ -1462,11 +1462,11 @@
#endif
#ifndef _PATH_DHCLIENT_DB
-diff -up dhcp-4.2.0/client/dhclient.c.ifup dhcp-4.2.0/client/dhclient.c
---- dhcp-4.2.0/client/dhclient.c.ifup 2010-07-21 13:30:10.000000000 +0200
-+++ dhcp-4.2.0/client/dhclient.c 2010-07-21 13:37:03.000000000 +0200
-@@ -497,9 +497,81 @@ main(int argc, char **argv) {
- kill(oldpid, SIGTERM);
+diff -up dhcp-4.3.0a1/client/dhclient.c.ifup dhcp-4.3.0a1/client/dhclient.c
+--- dhcp-4.3.0a1/client/dhclient.c.ifup 2013-12-19 14:53:08.817760677 +0100
++++ dhcp-4.3.0a1/client/dhclient.c 2013-12-19 15:05:16.290518574 +0100
+@@ -521,9 +521,81 @@ main(int argc, char **argv) {
+ }
}
fclose(pidfd);
+ } else {
--- /dev/null
+diff -up dhcp-4.3.1b1/client/Makefile.am.brGmwh dhcp-4.3.1b1/client/Makefile.am
+--- dhcp-4.3.1b1/client/Makefile.am.brGmwh 2014-07-02 19:58:38.000000000 +0200
++++ dhcp-4.3.1b1/client/Makefile.am 2014-07-10 17:36:30.484250976 +0200
+@@ -10,8 +10,8 @@ dhclient_SOURCES = clparse.c dhclient.c
+ scripts/bsdos scripts/freebsd scripts/linux scripts/macos \
+ scripts/netbsd scripts/nextstep scripts/openbsd \
+ scripts/solaris scripts/openwrt
+-dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a ../bind/lib/libirs.a \
+- ../bind/lib/libdns.a ../bind/lib/libisccfg.a ../bind/lib/libisc.a
++dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
++ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+ man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
+ EXTRA_DIST = $(man_MANS)
+
+diff -up dhcp-4.3.1b1/common/tests/Makefile.am.brGmwh dhcp-4.3.1b1/common/tests/Makefile.am
+--- dhcp-4.3.1b1/common/tests/Makefile.am.brGmwh 2014-07-10 17:36:30.485250962 +0200
++++ dhcp-4.3.1b1/common/tests/Makefile.am 2014-07-10 17:38:04.010924566 +0200
+@@ -13,21 +13,20 @@ ATF_TESTS += alloc_unittest dns_unittest
+ alloc_unittest_SOURCES = test_alloc.c $(top_srcdir)/tests/t_api_dhcp.c
+ alloc_unittest_LDADD = $(ATF_LDFLAGS)
+ alloc_unittest_LDADD += ../libdhcp.a \
+- ../../omapip/libomapi.a ../../bind/lib/libirs.a \
+- ../../bind/lib/libdns.a ../../bind/lib/libisccfg.a ../../bind/lib/libisc.a
++ ../../omapip/libomapi.a \
++ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+
+ dns_unittest_SOURCES = dns_unittest.c $(top_srcdir)/tests/t_api_dhcp.c
+ dns_unittest_LDADD = $(ATF_LDFLAGS)
+ dns_unittest_LDADD += ../libdhcp.a \
+- ../../omapip/libomapi.a ../../bind/lib/libirs.a \
+- ../../bind/lib/libdns.a ../../bind/lib/libisccfg.a ../../bind/lib/libisc.a
++ ../../omapip/libomapi.a \
++ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+
+ misc_unittest_SOURCES = misc_unittest.c $(top_srcdir)/tests/t_api_dhcp.c
+ misc_unittest_LDADD = $(ATF_LDFLAGS)
+ misc_unittest_LDADD += ../libdhcp.a \
+- ../../omapip/libomapi.a ../../bind/lib/libirs.a \
+- ../../bind/lib/libdns.a ../../bind/lib/libisccfg.a ../../bind/lib/libisc.a
+-
++ ../../omapip/libomapi.a \
++ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+ check: $(ATF_TESTS)
+ atf-run | atf-report
+
+diff -up dhcp-4.3.1b1/configure.ac.brGmwh dhcp-4.3.1b1/configure.ac
+--- dhcp-4.3.1b1/configure.ac.brGmwh 2014-07-02 20:01:26.000000000 +0200
++++ dhcp-4.3.1b1/configure.ac 2014-07-10 17:36:30.485250962 +0200
+@@ -562,20 +562,37 @@ AC_CHECK_MEMBER(struct msghdr.msg_contro
+
+ libbind=
+ AC_ARG_WITH(libbind,
+- AS_HELP_STRING([--with-libbind=PATH],[bind includes and libraries are in PATH
+- (default is ./bind)]),
++ AS_HELP_STRING([--with-libbind=PATH],[bind includes are in PATH
++ (default is ./bind/includes)]),
+ use_libbind="$withval", use_libbind="no")
+ case "$use_libbind" in
++yes|no)
++ libbind="\${top_srcdir}/bind/include"
++ ;;
++*)
++ libbind="$use_libbind"
++ ;;
++esac
++
++BIND9_LIBDIR='-L$(top_builddir)/bind/lib'
++AC_ARG_WITH(libbind-libs,
++ AC_HELP_STRING([--with-libbind-libs=PATH],
++ [bind9 export libraries are in PATH]),
++ [libbind_libs="$withval"], [libbind_libs='no'])
++case "$libbind_libs" in
+ yes)
+- libbind="\${top_srcdir}/bind"
++ AC_MSG_ERROR([Specify path to bind9 libraries])
+ ;;
+ no)
+- libbind="\${top_srcdir}/bind"
++ BUNDLED_BIND=yes
+ ;;
+ *)
+- libbind="$use_libbind"
++ BIND9_LIBDIR="-L$libbind_libs"
++ BUNDLED_BIND=no
+ ;;
+ esac
++AM_CONDITIONAL([BUNDLED_BIND], [test "$BUNDLED_BIND" = yes])
++AC_SUBST([BIND9_LIBDIR])
+
+ # OpenLDAP support.
+ AC_ARG_WITH(ldap,
+@@ -610,7 +627,7 @@ fi
+ CFLAGS="$CFLAGS $STD_CWARNINGS"
+
+ # Try to add the bind include directory
+-CFLAGS="$CFLAGS -I$libbind/include"
++CFLAGS="$CFLAGS -I$libbind"
+
+ case "$host" in
+ *-darwin*)
+diff -up dhcp-4.3.1b1/dhcpctl/Makefile.am.brGmwh dhcp-4.3.1b1/dhcpctl/Makefile.am
+--- dhcp-4.3.1b1/dhcpctl/Makefile.am.brGmwh 2014-07-02 19:58:38.000000000 +0200
++++ dhcp-4.3.1b1/dhcpctl/Makefile.am 2014-07-10 17:36:30.485250962 +0200
+@@ -6,12 +6,9 @@ EXTRA_DIST = $(man_MANS)
+
+ omshell_SOURCES = omshell.c
+ omshell_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
+- ../bind/lib/libirs.a ../bind/lib/libdns.a \
+- ../bind/lib/libisccfg.a ../bind/lib/libisc.a
+-
++ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+ libdhcpctl_a_SOURCES = dhcpctl.c callback.c remote.c
+
+ cltest_SOURCES = cltest.c
+ cltest_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
+- ../bind/lib/libirs.a ../bind/lib/libdns.a \
+- ../bind/lib/libisccfg.a ../bind/lib/libisc.a
++ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+diff -up dhcp-4.3.1b1/Makefile.am.brGmwh dhcp-4.3.1b1/Makefile.am
+--- dhcp-4.3.1b1/Makefile.am.brGmwh 2014-07-02 19:58:38.000000000 +0200
++++ dhcp-4.3.1b1/Makefile.am 2014-07-10 17:36:30.484250976 +0200
+@@ -25,7 +25,13 @@ EXTRA_DIST = RELNOTES LICENSE \
+ bind/Makefile bind/bind.tar.gz bind/version.tmp \
+ common/tests/Atffile server/tests/Atffile
+
+-SUBDIRS = bind includes tests common dst omapip client dhcpctl relay server
++if BUNDLED_BIND
++SUBDIRS = bind
++else
++SUBDIRS =
++endif
++
++SUBDIRS += includes tests common dst omapip client dhcpctl relay server
+
+ nobase_include_HEADERS = dhcpctl/dhcpctl.h
+
+diff -up dhcp-4.3.1b1/omapip/Makefile.am.brGmwh dhcp-4.3.1b1/omapip/Makefile.am
+--- dhcp-4.3.1b1/omapip/Makefile.am.brGmwh 2014-07-02 19:58:39.000000000 +0200
++++ dhcp-4.3.1b1/omapip/Makefile.am 2014-07-10 17:36:30.486250948 +0200
+@@ -10,6 +10,5 @@ man_MANS = omapi.3
+ EXTRA_DIST = $(man_MANS)
+
+ svtest_SOURCES = test.c
+-svtest_LDADD = libomapi.a ../bind/lib/libirs.a ../bind/lib/libdns.a \
+- ../bind/lib/libisccfg.a ../bind/lib/libisc.a
+-
++svtest_LDADD = libomapi.a \
++ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+diff -up dhcp-4.3.1b1/relay/Makefile.am.brGmwh dhcp-4.3.1b1/relay/Makefile.am
+--- dhcp-4.3.1b1/relay/Makefile.am.brGmwh 2014-07-02 19:58:39.000000000 +0200
++++ dhcp-4.3.1b1/relay/Makefile.am 2014-07-10 17:36:30.486250948 +0200
+@@ -3,8 +3,7 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst
+ sbin_PROGRAMS = dhcrelay
+ dhcrelay_SOURCES = dhcrelay.c
+ dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
+- ../bind/lib/libirs.a ../bind/lib/libdns.a \
+- ../bind/lib/libisccfg.a ../bind/lib/libisc.a
++ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+ man_MANS = dhcrelay.8
+ EXTRA_DIST = $(man_MANS)
+
+diff -up dhcp-4.3.1b1/server/Makefile.am.brGmwh dhcp-4.3.1b1/server/Makefile.am
+--- dhcp-4.3.1b1/server/Makefile.am.brGmwh 2014-07-02 19:58:39.000000000 +0200
++++ dhcp-4.3.1b1/server/Makefile.am 2014-07-10 17:36:30.486250948 +0200
+@@ -13,10 +13,8 @@ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c c
+ dhcpv6.c mdb6.c ldap.c ldap_casa.c
+
+ dhcpd_CFLAGS = $(LDAP_CFLAGS)
+-dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
+- ../dhcpctl/libdhcpctl.a ../bind/lib/libirs.a \
+- ../bind/lib/libdns.a ../bind/lib/libisccfg.a ../bind/lib/libisc.a
+-
++dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a ../dhcpctl/libdhcpctl.a \
++ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+ man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
+ EXTRA_DIST = $(man_MANS)
+
+diff -up dhcp-4.3.1b1/server/tests/Makefile.am.brGmwh dhcp-4.3.1b1/server/tests/Makefile.am
+--- dhcp-4.3.1b1/server/tests/Makefile.am.brGmwh 2014-07-02 19:58:40.000000000 +0200
++++ dhcp-4.3.1b1/server/tests/Makefile.am 2014-07-10 17:36:30.486250948 +0200
+@@ -18,9 +18,8 @@ DHCPSRC = ../dhcp.c ../bootp.c ../confpa
+ ../ldap.c ../ldap_casa.c ../dhcpd.c
+
+ DHCPLIBS = $(top_builddir)/common/libdhcp.a $(top_builddir)/omapip/libomapi.a \
+- $(top_builddir)/dhcpctl/libdhcpctl.a $(top_builddir)/bind/lib/libirs.a \
+- $(top_builddir)/bind/lib/libdns.a $(top_builddir)/bind/lib/libisccfg.a \
+- $(top_builddir)/bind/lib/libisc.a
++ $(top_builddir)/dhcpctl/libdhcpctl.a \
++ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+
+ ATF_TESTS =
+ TESTS =
-diff -up dhcp-4.2.2b1/client/clparse.c.rfc3442 dhcp-4.2.2b1/client/clparse.c
---- dhcp-4.2.2b1/client/clparse.c.rfc3442 2011-07-01 14:22:38.031534508 +0200
-+++ dhcp-4.2.2b1/client/clparse.c 2011-07-01 14:22:38.128532940 +0200
-@@ -37,7 +37,7 @@
+diff -up dhcp-4.3.0rc1/client/clparse.c.rfc3442 dhcp-4.3.0rc1/client/clparse.c
+--- dhcp-4.3.0rc1/client/clparse.c.rfc3442 2014-01-29 10:05:48.474400352 +0100
++++ dhcp-4.3.0rc1/client/clparse.c 2014-01-29 10:05:48.517399955 +0100
+@@ -31,7 +31,7 @@
struct client_config top_level_config;
struct option *default_requested_options[NUM_DEFAULT_REQUESTED_OPTS + 1];
static void parse_client_default_duid(struct parse *cfile);
-@@ -82,7 +82,11 @@ isc_result_t read_client_conf ()
+@@ -84,7 +84,11 @@ isc_result_t read_client_conf ()
dhcp_universe.code_hash, &code, 0, MDL);
/* 4 */
option_code_hash_lookup(&default_requested_options[3],
dhcp_universe.code_hash, &code, 0, MDL);
-@@ -136,6 +140,11 @@ isc_result_t read_client_conf ()
+@@ -138,6 +142,11 @@ isc_result_t read_client_conf ()
option_code_hash_lookup(&default_requested_options[13],
dhcp_universe.code_hash, &code, 0, MDL);
for (code = 0 ; code < NUM_DEFAULT_REQUESTED_OPTS ; code++) {
if (default_requested_options[code] == NULL)
log_fatal("Unable to find option definition for "
-diff -up dhcp-4.2.2b1/common/dhcp-options.5.rfc3442 dhcp-4.2.2b1/common/dhcp-options.5
---- dhcp-4.2.2b1/common/dhcp-options.5.rfc3442 2011-07-01 14:22:38.020534686 +0200
-+++ dhcp-4.2.2b1/common/dhcp-options.5 2011-07-01 14:22:38.129532924 +0200
-@@ -115,6 +115,26 @@ hexadecimal, separated by colons. For
+diff -up dhcp-4.3.0rc1/common/dhcp-options.5.rfc3442 dhcp-4.3.0rc1/common/dhcp-options.5
+--- dhcp-4.3.0rc1/common/dhcp-options.5.rfc3442 2014-01-29 10:05:48.466400426 +0100
++++ dhcp-4.3.0rc1/common/dhcp-options.5 2014-01-29 10:05:48.518399945 +0100
+@@ -111,6 +111,26 @@ hexadecimal, separated by colons. For e
or
option dhcp-client-identifier 43:4c:49:45:54:2d:46:4f:4f;
.fi
+.fi
.SH SETTING OPTION VALUES USING EXPRESSIONS
Sometimes it's helpful to be able to set the value of a DHCP option
- based on some value that the client has sent. To do this, you can
-@@ -931,6 +951,29 @@ dhclient-script will create routes:
+ based on some value that the client has sent. To do this, you can
+@@ -972,6 +992,29 @@ dhclient-script will create routes:
.RE
.PP
.nf
.B option \fBstreettalk-directory-assistance-server\fR \fIip-address\fR
[\fB,\fR \fIip-address\fR...]\fB;\fR
.fi
-diff -up dhcp-4.2.2b1/common/inet.c.rfc3442 dhcp-4.2.2b1/common/inet.c
---- dhcp-4.2.2b1/common/inet.c.rfc3442 2011-05-11 02:47:22.000000000 +0200
-+++ dhcp-4.2.2b1/common/inet.c 2011-07-01 14:22:38.130532908 +0200
-@@ -528,6 +528,60 @@ free_iaddrcidrnetlist(struct iaddrcidrne
+diff -up dhcp-4.3.0rc1/common/inet.c.rfc3442 dhcp-4.3.0rc1/common/inet.c
+--- dhcp-4.3.0rc1/common/inet.c.rfc3442 2014-01-26 19:40:44.000000000 +0100
++++ dhcp-4.3.0rc1/common/inet.c 2014-01-29 10:05:48.519399936 +0100
+@@ -521,6 +521,60 @@ free_iaddrcidrnetlist(struct iaddrcidrne
return ISC_R_SUCCESS;
}
/* piaddr() turns an iaddr structure into a printable address. */
/* XXX: should use a const pointer rather than passing the structure */
const char *
-diff -up dhcp-4.2.2b1/common/options.c.rfc3442 dhcp-4.2.2b1/common/options.c
---- dhcp-4.2.2b1/common/options.c.rfc3442 2011-03-24 22:57:13.000000000 +0100
-+++ dhcp-4.2.2b1/common/options.c 2011-07-01 14:22:38.132532876 +0200
-@@ -706,7 +706,11 @@ cons_options(struct packet *inpacket, st
+diff -up dhcp-4.3.0rc1/common/options.c.rfc3442 dhcp-4.3.0rc1/common/options.c
+--- dhcp-4.3.0rc1/common/options.c.rfc3442 2014-01-26 19:40:44.000000000 +0100
++++ dhcp-4.3.0rc1/common/options.c 2014-01-29 10:05:48.520399927 +0100
+@@ -707,7 +707,11 @@ cons_options(struct packet *inpacket, st
* packet.
*/
priority_list[priority_len++] = DHO_SUBNET_MASK;
priority_list[priority_len++] = DHO_DOMAIN_NAME_SERVERS;
priority_list[priority_len++] = DHO_HOST_NAME;
priority_list[priority_len++] = DHO_FQDN;
-@@ -1683,6 +1687,7 @@ const char *pretty_print_option (option,
- const unsigned char *dp = data;
- char comma;
+@@ -1688,6 +1692,7 @@ const char *pretty_print_option (option,
unsigned long tval;
-+ unsigned int octets = 0;
+ isc_boolean_t a_array = ISC_FALSE;
+ int len_used;
++ unsigned int octets = 0;
if (emit_commas)
comma = ',';
-@@ -1691,6 +1696,7 @@ const char *pretty_print_option (option,
+@@ -1696,6 +1701,7 @@ const char *pretty_print_option (option,
memset (enumbuf, 0, sizeof enumbuf);
/* Figure out the size of the data. */
for (l = i = 0; option -> format [i]; i++, l++) {
if (l >= sizeof(fmtbuf) - 1)
-@@ -1840,6 +1846,33 @@ const char *pretty_print_option (option,
+@@ -1870,6 +1876,33 @@ const char *pretty_print_option (option,
if (numhunk < 0)
numhunk = 1;
+
/* Cycle through the array (or hunk) printing the data. */
for (i = 0; i < numhunk; i++) {
- for (j = 0; j < numelem; j++) {
-@@ -1978,6 +2011,20 @@ const char *pretty_print_option (option,
+ if ((a_array == ISC_TRUE) && (i != 0) && (numelem > 0)) {
+@@ -2025,6 +2058,20 @@ const char *pretty_print_option (option,
strcpy(op, piaddr(iaddr));
dp += 4;
break;
case '6':
iaddr.len = 16;
memcpy(iaddr.iabuf, dp, 16);
-diff -up dhcp-4.2.2b1/common/parse.c.rfc3442 dhcp-4.2.2b1/common/parse.c
---- dhcp-4.2.2b1/common/parse.c.rfc3442 2011-07-01 14:22:38.097533441 +0200
-+++ dhcp-4.2.2b1/common/parse.c 2011-07-01 14:22:38.135532828 +0200
-@@ -341,6 +341,39 @@ int parse_ip_addr (cfile, addr)
+diff -up dhcp-4.3.0rc1/common/parse.c.rfc3442 dhcp-4.3.0rc1/common/parse.c
+--- dhcp-4.3.0rc1/common/parse.c.rfc3442 2014-01-29 10:05:48.491400195 +0100
++++ dhcp-4.3.0rc1/common/parse.c 2014-01-29 10:05:48.522399908 +0100
+@@ -335,6 +335,39 @@ int parse_ip_addr (cfile, addr)
}
/*
* Return true if every character in the string is hexadecimal.
*/
static int
-@@ -700,8 +733,10 @@ unsigned char *parse_numeric_aggregate (
+@@ -713,8 +746,10 @@ unsigned char *parse_numeric_aggregate (
if (count) {
token = peek_token (&val, (unsigned *)0, cfile);
if (token != separator) {
if (token != RBRACE && token != LBRACE)
token = next_token (&val,
(unsigned *)0,
-@@ -1624,6 +1659,9 @@ int parse_option_code_definition (cfile,
+@@ -1654,6 +1689,9 @@ int parse_option_code_definition (cfile,
case IP_ADDRESS:
type = 'I';
break;
case IP6_ADDRESS:
type = '6';
break;
-@@ -5288,6 +5326,15 @@ int parse_option_token (rv, cfile, fmt,
+@@ -5071,6 +5109,15 @@ int parse_option_token (rv, cfile, fmt,
}
break;
case '6': /* IPv6 address. */
if (!parse_ip6_addr(cfile, &addr)) {
return 0;
-@@ -5548,6 +5595,13 @@ int parse_option_decl (oc, cfile)
+@@ -5348,6 +5395,13 @@ int parse_option_decl (oc, cfile)
goto exit;
len = ip_addr.len;
dp = ip_addr.iabuf;
alloc:
if (hunkix + len > sizeof hunkbuf) {
-diff -up dhcp-4.2.2b1/common/tables.c.rfc3442 dhcp-4.2.2b1/common/tables.c
---- dhcp-4.2.2b1/common/tables.c.rfc3442 2011-07-01 14:22:38.087533601 +0200
-+++ dhcp-4.2.2b1/common/tables.c 2011-07-01 14:22:38.137532796 +0200
-@@ -51,6 +51,7 @@ HASH_FUNCTIONS (option_code, const unsig
+diff -up dhcp-4.3.0rc1/common/tables.c.rfc3442 dhcp-4.3.0rc1/common/tables.c
+--- dhcp-4.3.0rc1/common/tables.c.rfc3442 2014-01-29 10:05:48.485400250 +0100
++++ dhcp-4.3.0rc1/common/tables.c 2014-01-29 10:06:25.724038563 +0100
+@@ -46,6 +46,7 @@ HASH_FUNCTIONS (option_code, const unsig
Format codes:
I - IPv4 address
6 - IPv6 address
l - 32-bit signed integer
L - 32-bit unsigned integer
-@@ -208,6 +209,7 @@ static struct option dhcp_options[] = {
- { "default-url", "t", &dhcp_universe, 114, 1 },
+@@ -214,6 +215,7 @@ static struct option dhcp_options[] = {
+ #endif
{ "subnet-selection", "I", &dhcp_universe, 118, 1 },
- { "domain-search", "D", &dhcp_universe, 119, 1 },
+ { "domain-search", "D", &dhcp_universe, 119, 1 },
+ { "classless-static-routes", "RIA", &dhcp_universe, 121, 1 },
{ "vivco", "Evendor-class.", &dhcp_universe, 124, 1 },
{ "vivso", "Evendor.", &dhcp_universe, 125, 1 },
#if 0
-diff -up dhcp-4.2.2b1/includes/dhcpd.h.rfc3442 dhcp-4.2.2b1/includes/dhcpd.h
---- dhcp-4.2.2b1/includes/dhcpd.h.rfc3442 2011-07-01 14:22:38.000000000 +0200
-+++ dhcp-4.2.2b1/includes/dhcpd.h 2011-07-01 14:24:19.999810333 +0200
-@@ -2662,6 +2662,7 @@ isc_result_t range2cidr(struct iaddrcidr
+diff -up dhcp-4.3.0rc1/includes/dhcpd.h.rfc3442 dhcp-4.3.0rc1/includes/dhcpd.h
+--- dhcp-4.3.0rc1/includes/dhcpd.h.rfc3442 2014-01-29 10:05:48.470400389 +0100
++++ dhcp-4.3.0rc1/includes/dhcpd.h 2014-01-29 10:05:48.525399881 +0100
+@@ -2725,6 +2725,7 @@ isc_result_t range2cidr(struct iaddrcidr
const struct iaddr *lo, const struct iaddr *hi);
isc_result_t free_iaddrcidrnetlist(struct iaddrcidrnetlist **result);
const char *piaddr (struct iaddr);
char *piaddrmask(struct iaddr *, struct iaddr *);
char *piaddrcidr(const struct iaddr *, unsigned int);
u_int16_t validate_port(char *);
-@@ -2869,6 +2870,7 @@ void parse_client_lease_declaration (str
+@@ -2934,6 +2935,7 @@ void parse_client_lease_declaration (str
int parse_option_decl (struct option_cache **, struct parse *);
void parse_string_list (struct parse *, struct string_list **, int);
int parse_ip_addr (struct parse *, struct iaddr *);
int parse_ip_addr_with_subnet(struct parse *, struct iaddrmatch *);
void parse_reject_statement (struct parse *, struct client_config *);
-diff -up dhcp-4.2.2b1/includes/dhcp.h.rfc3442 dhcp-4.2.2b1/includes/dhcp.h
---- dhcp-4.2.2b1/includes/dhcp.h.rfc3442 2009-11-20 02:49:01.000000000 +0100
-+++ dhcp-4.2.2b1/includes/dhcp.h 2011-07-01 14:22:38.145532665 +0200
-@@ -158,6 +158,7 @@ struct dhcp_packet {
+diff -up dhcp-4.3.0rc1/includes/dhcp.h.rfc3442 dhcp-4.3.0rc1/includes/dhcp.h
+--- dhcp-4.3.0rc1/includes/dhcp.h.rfc3442 2014-01-26 19:40:44.000000000 +0100
++++ dhcp-4.3.0rc1/includes/dhcp.h 2014-01-29 10:05:48.524399890 +0100
+@@ -159,6 +159,7 @@ struct dhcp_packet {
#define DHO_ASSOCIATED_IP 92
#define DHO_SUBNET_SELECTION 118 /* RFC3011! */
#define DHO_DOMAIN_SEARCH 119 /* RFC3397 */
#define DHO_VIVCO_SUBOPTIONS 124
#define DHO_VIVSO_SUBOPTIONS 125
-diff -up dhcp-4.2.2b1/includes/dhctoken.h.rfc3442 dhcp-4.2.2b1/includes/dhctoken.h
---- dhcp-4.2.2b1/includes/dhctoken.h.rfc3442 2011-07-01 14:22:37.000000000 +0200
-+++ dhcp-4.2.2b1/includes/dhctoken.h 2011-07-01 14:25:12.541867623 +0200
-@@ -362,7 +362,8 @@ enum dhcp_token {
- REWIND = 663,
- INITIAL_DELAY = 664,
- GETHOSTBYNAME = 665,
-- BOOTP_BROADCAST_ALWAYS = 666
-+ BOOTP_BROADCAST_ALWAYS = 666,
-+ DESTINATION_DESCRIPTOR = 667
+diff -up dhcp-4.3.0rc1/includes/dhctoken.h.rfc3442 dhcp-4.3.0rc1/includes/dhctoken.h
+--- dhcp-4.3.0rc1/includes/dhctoken.h.rfc3442 2014-01-29 10:05:48.435400713 +0100
++++ dhcp-4.3.0rc1/includes/dhctoken.h 2014-01-29 10:05:48.526399871 +0100
+@@ -368,7 +368,8 @@ enum dhcp_token {
+ POOL6 = 669,
+ V6RELAY = 670,
+ V6RELOPT = 671,
+- BOOTP_BROADCAST_ALWAYS = 672
++ BOOTP_BROADCAST_ALWAYS = 672,
++ DESTINATION_DESCRIPTOR = 673
};
#define is_identifier(x) ((x) >= FIRST_TOKEN && \
-diff -up dhcp-4.2.1-P1/client/dhc6.c.sendDecline dhcp-4.2.1-P1/client/dhc6.c
---- dhcp-4.2.1-P1/client/dhc6.c.sendDecline 2010-09-10 22:27:11.000000000 +0200
-+++ dhcp-4.2.1-P1/client/dhc6.c 2011-06-17 14:19:48.992099868 +0200
-@@ -95,6 +95,8 @@ void do_select6(void *input);
+diff -up dhcp-4.3.0a1/client/dhc6.c.sendDecline dhcp-4.3.0a1/client/dhc6.c
+--- dhcp-4.3.0a1/client/dhc6.c.sendDecline 2013-12-11 01:25:12.000000000 +0100
++++ dhcp-4.3.0a1/client/dhc6.c 2013-12-19 15:56:18.297660118 +0100
+@@ -96,6 +96,8 @@ void do_select6(void *input);
void do_refresh6(void *input);
static void do_release6(void *input);
static void start_bound(struct client_state *client);
static void start_informed(struct client_state *client);
void informed_handler(struct packet *packet, struct client_state *client);
void bound_handler(struct packet *packet, struct client_state *client);
-@@ -2075,6 +2077,7 @@ start_release6(struct client_state *clie
+@@ -2017,6 +2019,7 @@ start_release6(struct client_state *clie
cancel_timeout(do_select6, client);
cancel_timeout(do_refresh6, client);
cancel_timeout(do_release6, client);
client->state = S_STOPPED;
/*
-@@ -2708,6 +2711,7 @@ dhc6_check_reply(struct client_state *cl
+@@ -2650,6 +2653,7 @@ dhc6_check_reply(struct client_state *cl
break;
case S_STOPPED:
action = dhc6_stop_action;
break;
-@@ -2809,6 +2813,7 @@ dhc6_check_reply(struct client_state *cl
+@@ -2751,6 +2755,7 @@ dhc6_check_reply(struct client_state *cl
break;
case S_STOPPED:
/* Nothing critical to do at this stage. */
break;
-@@ -3799,17 +3804,23 @@ reply_handler(struct packet *packet, str
+@@ -3741,17 +3746,23 @@ reply_handler(struct packet *packet, str
cancel_timeout(do_select6, client);
cancel_timeout(do_refresh6, client);
cancel_timeout(do_release6, client);
return;
}
-@@ -4336,7 +4347,11 @@ start_bound(struct client_state *client)
- oldia, oldaddr);
+@@ -4279,7 +4290,11 @@ start_bound(struct client_state *client)
dhc6_marshall_values("new_", client, lease, ia, addr);
+ script_write_requested6(client);
- script_go(client);
+ // when script returns 3, DAD failed
}
/* XXX: maybe we should loop on the old values instead? */
-@@ -4382,6 +4397,149 @@ start_bound(struct client_state *client)
+@@ -4327,6 +4342,149 @@ start_bound(struct client_state *client)
dhc6_check_times(client);
}
--- /dev/null
+diff -up dhcp-4.3.1b1/common/tests/Makefile.am.uCWMBl dhcp-4.3.1b1/common/tests/Makefile.am
+--- dhcp-4.3.1b1/common/tests/Makefile.am.uCWMBl 2014-07-10 17:38:10.779828569 +0200
++++ dhcp-4.3.1b1/common/tests/Makefile.am 2014-07-10 17:38:21.355678580 +0200
+@@ -13,19 +13,19 @@ ATF_TESTS += alloc_unittest dns_unittest
+ alloc_unittest_SOURCES = test_alloc.c $(top_srcdir)/tests/t_api_dhcp.c
+ alloc_unittest_LDADD = $(ATF_LDFLAGS)
+ alloc_unittest_LDADD += ../libdhcp.a \
+- ../../omapip/libomapi.a \
++ ../../omapip/libomapi.la \
+ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+
+ dns_unittest_SOURCES = dns_unittest.c $(top_srcdir)/tests/t_api_dhcp.c
+ dns_unittest_LDADD = $(ATF_LDFLAGS)
+-dns_unittest_LDADD += ../libdhcp.a \
++dns_unittest_LDADD += ../libdhcp.la \
+ ../../omapip/libomapi.a \
+ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+
+ misc_unittest_SOURCES = misc_unittest.c $(top_srcdir)/tests/t_api_dhcp.c
+ misc_unittest_LDADD = $(ATF_LDFLAGS)
+ misc_unittest_LDADD += ../libdhcp.a \
+- ../../omapip/libomapi.a \
++ ../../omapip/libomapi.la \
+ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+ check: $(ATF_TESTS)
+ atf-run | atf-report
+diff -up dhcp-4.3.1b1/configure.ac.uCWMBl dhcp-4.3.1b1/configure.ac
+--- dhcp-4.3.1b1/configure.ac.uCWMBl 2014-07-10 17:38:10.766828753 +0200
++++ dhcp-4.3.1b1/configure.ac 2014-07-10 17:38:10.779828569 +0200
+@@ -39,7 +39,8 @@ fi
+ # Use this to define _GNU_SOURCE to pull in the IPv6 Advanced Socket API.
+ AC_USE_SYSTEM_EXTENSIONS
+
+-AC_PROG_RANLIB
++# Use libtool to simplify building of shared libraries
++AC_PROG_LIBTOOL
+ AC_CONFIG_HEADERS([includes/config.h])
+
+ # we sometimes need to know byte order for building packets
+diff -up dhcp-4.3.1b1/dhcpctl/Makefile.am.uCWMBl dhcp-4.3.1b1/dhcpctl/Makefile.am
+--- dhcp-4.3.1b1/dhcpctl/Makefile.am.uCWMBl 2014-07-10 17:36:30.485250962 +0200
++++ dhcp-4.3.1b1/dhcpctl/Makefile.am 2014-07-10 17:38:10.780828554 +0200
+@@ -1,14 +1,14 @@
+ bin_PROGRAMS = omshell
+-lib_LIBRARIES = libdhcpctl.a
++lib_LTLIBRARIES = libdhcpctl.la
+ noinst_PROGRAMS = cltest
+ man_MANS = omshell.1 dhcpctl.3
+ EXTRA_DIST = $(man_MANS)
+
+ omshell_SOURCES = omshell.c
+-omshell_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
++omshell_LDADD = libdhcpctl.la ../common/libdhcp.a ../omapip/libomapi.la \
+ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+-libdhcpctl_a_SOURCES = dhcpctl.c callback.c remote.c
++libdhcpctl_la_SOURCES = dhcpctl.c callback.c remote.c
+
+ cltest_SOURCES = cltest.c
+-cltest_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
++cltest_LDADD = libdhcpctl.la ../common/libdhcp.a ../omapip/libomapi.la \
+ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+diff -up dhcp-4.3.1b1/omapip/Makefile.am.uCWMBl dhcp-4.3.1b1/omapip/Makefile.am
+--- dhcp-4.3.1b1/omapip/Makefile.am.uCWMBl 2014-07-10 17:36:30.486250948 +0200
++++ dhcp-4.3.1b1/omapip/Makefile.am 2014-07-10 17:38:10.780828554 +0200
+@@ -1,7 +1,7 @@
+-lib_LIBRARIES = libomapi.a
++lib_LTLIBRARIES = libomapi.la
+ noinst_PROGRAMS = svtest
+
+-libomapi_a_SOURCES = protocol.c buffer.c alloc.c result.c connection.c \
++libomapi_la_SOURCES = protocol.c buffer.c alloc.c result.c connection.c \
+ errwarn.c listener.c dispatch.c generic.c support.c \
+ handle.c message.c convert.c hash.c auth.c inet_addr.c \
+ array.c trace.c toisc.c iscprint.c isclib.c
+@@ -10,5 +10,5 @@ man_MANS = omapi.3
+ EXTRA_DIST = $(man_MANS)
+
+ svtest_SOURCES = test.c
+-svtest_LDADD = libomapi.a \
++svtest_LDADD = libomapi.la \
+ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+diff -up dhcp-4.3.1b1/server/Makefile.am.uCWMBl dhcp-4.3.1b1/server/Makefile.am
+--- dhcp-4.3.1b1/server/Makefile.am.uCWMBl 2014-07-10 17:36:30.486250948 +0200
++++ dhcp-4.3.1b1/server/Makefile.am 2014-07-10 17:38:10.780828554 +0200
+@@ -13,7 +13,7 @@ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c c
+ dhcpv6.c mdb6.c ldap.c ldap_casa.c
+
+ dhcpd_CFLAGS = $(LDAP_CFLAGS)
+-dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a ../dhcpctl/libdhcpctl.a \
++dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.la ../dhcpctl/libdhcpctl.la \
+ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+ man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
+ EXTRA_DIST = $(man_MANS)
+diff -up dhcp-4.3.1b1/server/tests/Makefile.am.uCWMBl dhcp-4.3.1b1/server/tests/Makefile.am
+--- dhcp-4.3.1b1/server/tests/Makefile.am.uCWMBl 2014-07-10 17:36:30.486250948 +0200
++++ dhcp-4.3.1b1/server/tests/Makefile.am 2014-07-10 17:38:10.780828554 +0200
+@@ -17,8 +17,8 @@ DHCPSRC = ../dhcp.c ../bootp.c ../confpa
+ ../ddns.c ../dhcpleasequery.c ../dhcpv6.c ../mdb6.c \
+ ../ldap.c ../ldap_casa.c ../dhcpd.c
+
+-DHCPLIBS = $(top_builddir)/common/libdhcp.a $(top_builddir)/omapip/libomapi.a \
+- $(top_builddir)/dhcpctl/libdhcpctl.a \
++DHCPLIBS = $(top_builddir)/common/libdhcp.a $(top_builddir)/omapip/libomapi.la \
++ $(top_builddir)/dhcpctl/libdhcpctl.la \
+ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+
+ ATF_TESTS =
--- /dev/null
+From 61fa3dd9e789997f66e848c7e3fb2f554ee374e2 Mon Sep 17 00:00:00 2001
+From: Jiri Popelka <jpopelka@redhat.com>
+Date: Thu, 18 Dec 2014 11:53:26 +0100
+Subject: [PATCH] Write DUID_LLT even in stateless mode.
+
+By default, DHCPv6 dhclient creates DUID-LL
+if it is running in stateless mode (-6 -S) and
+doesn't write it into leases file, most likely
+because the DUID-LL is always generated the same.
+
+It's however possible to specify DUID to be of type LLT instead of LL
+with '-D LLT'. Rfc 3315 says that:
+'Clients and servers using this type of DUID MUST
+store the DUID-LLT in stable storage.'
+That's not fulfiled in this case (-6 -S -D LLT),
+because it's generated each time again.
+
+It's not a big deal because the server doesn't store any
+info about 'stateless' clients, so it doesn't matter
+that the DUID-LLT is different each time.
+But there's a TAHI test which tests this, i.e. that
+DUID-LLT is still the same even in stateless mode.
+It's a test DHCP_CONF.7.1.9, part B.
+https://www.ipv6ready.org/docs/Phase2_DHCPv6_Conformance_Latest.pdf
+
+Signed-off-by: Jiri Popelka <jpopelka@redhat.com>
+---
+ client/dhclient.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/client/dhclient.c b/client/dhclient.c
+index 5ef59cd..026e3fe 100644
+--- a/client/dhclient.c
++++ b/client/dhclient.c
+@@ -788,7 +788,9 @@ void run_stateless(int exit_mode)
+ if (default_duid.buffer != NULL)
+ data_string_forget(&default_duid, MDL);
+
+- form_duid(&default_duid, MDL);
++ if (form_duid(&default_duid, MDL) == ISC_R_SUCCESS &&
++ duid_type == DUID_LLT)
++ write_duid(&default_duid);
+ }
+
+ /* Start a configuration state machine. */
+--
+2.1.0
+
-diff -up dhcp-4.2.0/server/bootp.c.unicast dhcp-4.2.0/server/bootp.c
---- dhcp-4.2.0/server/bootp.c.unicast 2009-11-20 02:49:03.000000000 +0100
-+++ dhcp-4.2.0/server/bootp.c 2010-07-21 13:40:25.000000000 +0200
-@@ -58,6 +58,7 @@ void bootp (packet)
+diff -up dhcp-4.3.0a1/server/bootp.c.unicast dhcp-4.3.0a1/server/bootp.c
+--- dhcp-4.3.0a1/server/bootp.c.unicast 2013-12-11 01:25:12.000000000 +0100
++++ dhcp-4.3.0a1/server/bootp.c 2013-12-19 15:12:12.974671154 +0100
+@@ -59,6 +59,7 @@ void bootp (packet)
char msgbuf [1024];
int ignorep;
int peer_has_leases = 0;
if (packet -> raw -> op != BOOTREQUEST)
return;
-@@ -73,7 +74,7 @@ void bootp (packet)
+@@ -74,7 +75,7 @@ void bootp (packet)
? inet_ntoa (packet -> raw -> giaddr)
: packet -> interface -> name);
log_info ("%s: network unknown", msgbuf);
return;
}
-@@ -390,6 +391,13 @@ void bootp (packet)
- from, &to, &hto);
+@@ -396,6 +397,15 @@ void bootp (packet)
+
goto out;
}
+ } else if (norelay == 2) {
+ to.sin_addr = raw.ciaddr;
+ to.sin_port = remote_port;
+ if (fallback_interface) {
-+ result = send_packet (fallback_interface, (struct packet *)0, &raw, outgoing.packet_length, from, &to, &hto);
++ result = send_packet (fallback_interface, NULL, &raw,
++ outgoing.packet_length, from,
++ &to, &hto);
+ goto out;
+ }
/* If it comes from a client that already knows its address
and is not requesting a broadcast response, and we can
-diff -up dhcp-4.2.0/server/dhcp.c.unicast dhcp-4.2.0/server/dhcp.c
---- dhcp-4.2.0/server/dhcp.c.unicast 2010-06-01 19:29:59.000000000 +0200
-+++ dhcp-4.2.0/server/dhcp.c 2010-07-21 13:40:25.000000000 +0200
-@@ -4185,6 +4185,7 @@ int locate_network (packet)
+diff -up dhcp-4.3.0a1/server/dhcp.c.unicast dhcp-4.3.0a1/server/dhcp.c
+--- dhcp-4.3.0a1/server/dhcp.c.unicast 2013-12-13 21:50:38.000000000 +0100
++++ dhcp-4.3.0a1/server/dhcp.c 2013-12-19 15:12:12.975671140 +0100
+@@ -4627,6 +4627,7 @@ int locate_network (packet)
struct data_string data;
struct subnet *subnet = (struct subnet *)0;
struct option_cache *oc;
/* See if there's a Relay Agent Link Selection Option, or a
* Subnet Selection Option. The Link-Select and Subnet-Select
-@@ -4200,12 +4201,24 @@ int locate_network (packet)
+@@ -4642,12 +4643,24 @@ int locate_network (packet)
from the interface, if there is one. If not, fail. */
if (!oc && !packet -> raw -> giaddr.s_addr) {
if (packet -> interface -> shared_network) {
}
/* If there's an option indicating link connection, and it's valid,
-@@ -4228,7 +4241,10 @@ int locate_network (packet)
+@@ -4670,7 +4683,10 @@ int locate_network (packet)
data_string_forget (&data, MDL);
} else {
ia.len = 4;
}
/* If we know the subnet on which the IP address lives, use it. */
-@@ -4236,7 +4252,10 @@ int locate_network (packet)
+@@ -4678,7 +4694,10 @@ int locate_network (packet)
shared_network_reference (&packet -> shared_network,
subnet -> shared_network, MDL);
subnet_dereference (&subnet, MDL);
-diff -up dhcp-4.2.2b1/common/bpf.c.xen dhcp-4.2.2b1/common/bpf.c
---- dhcp-4.2.2b1/common/bpf.c.xen 2009-11-20 02:48:59.000000000 +0100
-+++ dhcp-4.2.2b1/common/bpf.c 2011-07-01 14:00:16.936959001 +0200
-@@ -485,7 +485,7 @@ ssize_t receive_packet (interface, buf,
- offset = decode_udp_ip_header (interface,
- interface -> rbuf,
- interface -> rbuf_offset,
+diff -up dhcp-4.3.0rc1/common/bpf.c.xen dhcp-4.3.0rc1/common/bpf.c
+--- dhcp-4.3.0rc1/common/bpf.c.xen 2014-01-29 10:03:27.503941664 +0100
++++ dhcp-4.3.0rc1/common/bpf.c 2014-01-29 10:03:37.564812175 +0100
+@@ -481,7 +481,7 @@ ssize_t receive_packet (interface, buf,
+ /* Decode the IP and UDP headers... */
+ offset = decode_udp_ip_header(interface, interface->rbuf,
+ interface->rbuf_offset,
- from, hdr.bh_caplen, &paylen);
+ from, hdr.bh_caplen, &paylen, 0);
/* If the IP or UDP checksum was bad, skip the packet... */
if (offset < 0) {
-diff -up dhcp-4.2.2b1/common/dlpi.c.xen dhcp-4.2.2b1/common/dlpi.c
---- dhcp-4.2.2b1/common/dlpi.c.xen 2011-05-11 16:20:59.000000000 +0200
-+++ dhcp-4.2.2b1/common/dlpi.c 2011-07-01 14:00:16.937958997 +0200
-@@ -693,7 +693,7 @@ ssize_t receive_packet (interface, buf,
+diff -up dhcp-4.3.0rc1/common/dlpi.c.xen dhcp-4.3.0rc1/common/dlpi.c
+--- dhcp-4.3.0rc1/common/dlpi.c.xen 2014-01-25 05:18:03.000000000 +0100
++++ dhcp-4.3.0rc1/common/dlpi.c 2014-01-29 10:03:27.503941664 +0100
+@@ -691,7 +691,7 @@ ssize_t receive_packet (interface, buf,
length -= offset;
#endif
offset = decode_udp_ip_header (interface, dbuf, bufix,
/*
* If the IP or UDP checksum was bad, skip the packet...
-diff -up dhcp-4.2.2b1/common/lpf.c.xen dhcp-4.2.2b1/common/lpf.c
---- dhcp-4.2.2b1/common/lpf.c.xen 2011-05-10 16:38:58.000000000 +0200
-+++ dhcp-4.2.2b1/common/lpf.c 2011-07-01 14:11:24.725748028 +0200
-@@ -29,19 +29,33 @@
+diff -up dhcp-4.3.0rc1/common/lpf.c.xen dhcp-4.3.0rc1/common/lpf.c
+--- dhcp-4.3.0rc1/common/lpf.c.xen 2014-01-25 05:18:03.000000000 +0100
++++ dhcp-4.3.0rc1/common/lpf.c 2014-01-29 10:03:27.504941651 +0100
+@@ -29,14 +29,15 @@
+
#include "dhcpd.h"
#if defined (USE_LPF_SEND) || defined (USE_LPF_RECEIVE)
- #include <sys/ioctl.h>
+#include <sys/socket.h>
#include <sys/uio.h>
#include <errno.h>
#include "includes/netinet/ip.h"
#include "includes/netinet/udp.h"
#include "includes/netinet/if_ether.h"
- #include <net/if.h>
+@@ -51,6 +52,19 @@
+ /* Reinitializes the specified interface after an address change. This
+ is not required for packet-filter APIs. */
+#ifndef PACKET_AUXDATA
+#define PACKET_AUXDATA 8
+};
+#endif
+
- /* Reinitializes the specified interface after an address change. This
- is not required for packet-filter APIs. */
-
-@@ -67,10 +81,14 @@ int if_register_lpf (info)
+ #ifdef USE_LPF_SEND
+ void if_reinitialize_send (info)
+ struct interface_info *info;
+@@ -73,10 +87,14 @@ int if_register_lpf (info)
struct interface_info *info;
{
int sock;
htons((short)ETH_P_ALL))) < 0) {
if (errno == ENOPROTOOPT || errno == EPROTONOSUPPORT ||
errno == ESOCKTNOSUPPORT || errno == EPFNOSUPPORT ||
-@@ -85,11 +103,17 @@ int if_register_lpf (info)
+@@ -91,11 +109,17 @@ int if_register_lpf (info)
log_fatal ("Open a socket for LPF: %m");
}
if (errno == ENOPROTOOPT || errno == EPROTONOSUPPORT ||
errno == ESOCKTNOSUPPORT || errno == EPFNOSUPPORT ||
errno == EAFNOSUPPORT || errno == EINVAL) {
-@@ -171,9 +195,18 @@ static void lpf_gen_filter_setup (struct
+@@ -177,9 +201,18 @@ static void lpf_gen_filter_setup (struct
void if_register_receive (info)
struct interface_info *info;
{
#if defined (HAVE_TR_SUPPORT)
if (info -> hw_address.hbuf [0] == HTYPE_IEEE802)
lpf_tr_filter_setup (info);
-@@ -295,7 +328,6 @@ ssize_t send_packet (interface, packet,
+@@ -301,7 +334,6 @@ ssize_t send_packet (interface, packet,
double hh [16];
double ih [1536 / sizeof (double)];
unsigned char *buf = (unsigned char *)ih;
int result;
int fudge;
-@@ -316,17 +348,7 @@ ssize_t send_packet (interface, packet,
+@@ -322,17 +354,7 @@ ssize_t send_packet (interface, packet,
(unsigned char *)raw, len);
memcpy (buf + ibufp, raw, len);
if (result < 0)
log_error ("send_packet: %m");
return result;
-@@ -343,14 +365,35 @@ ssize_t receive_packet (interface, buf,
+@@ -349,14 +371,35 @@ ssize_t receive_packet (interface, buf,
{
int length = 0;
int offset = 0;
bufix = 0;
/* Decode the physical header... */
offset = decode_hw_header (interface, ibuf, bufix, hfrom);
-@@ -367,7 +410,7 @@ ssize_t receive_packet (interface, buf,
+@@ -373,7 +416,7 @@ ssize_t receive_packet (interface, buf,
/* Decode the IP and UDP headers... */
offset = decode_udp_ip_header (interface, ibuf, bufix, from,
/* If the IP or UDP checksum was bad, skip the packet... */
if (offset < 0)
-diff -up dhcp-4.2.2b1/common/nit.c.xen dhcp-4.2.2b1/common/nit.c
---- dhcp-4.2.2b1/common/nit.c.xen 2009-11-20 02:49:01.000000000 +0100
-+++ dhcp-4.2.2b1/common/nit.c 2011-07-01 14:00:16.939958989 +0200
-@@ -369,7 +369,7 @@ ssize_t receive_packet (interface, buf,
+diff -up dhcp-4.3.0rc1/common/nit.c.xen dhcp-4.3.0rc1/common/nit.c
+--- dhcp-4.3.0rc1/common/nit.c.xen 2014-01-26 19:40:44.000000000 +0100
++++ dhcp-4.3.0rc1/common/nit.c 2014-01-29 10:03:27.504941651 +0100
+@@ -363,7 +363,7 @@ ssize_t receive_packet (interface, buf,
/* Decode the IP and UDP headers... */
offset = decode_udp_ip_header (interface, ibuf, bufix,
/* If the IP or UDP checksum was bad, skip the packet... */
if (offset < 0)
-diff -up dhcp-4.2.2b1/common/packet.c.xen dhcp-4.2.2b1/common/packet.c
---- dhcp-4.2.2b1/common/packet.c.xen 2009-07-23 20:52:20.000000000 +0200
-+++ dhcp-4.2.2b1/common/packet.c 2011-07-01 14:00:16.939958989 +0200
-@@ -211,7 +211,7 @@ ssize_t
+diff -up dhcp-4.3.0rc1/common/packet.c.xen dhcp-4.3.0rc1/common/packet.c
+--- dhcp-4.3.0rc1/common/packet.c.xen 2013-12-11 01:01:02.000000000 +0100
++++ dhcp-4.3.0rc1/common/packet.c 2014-01-29 10:03:27.504941651 +0100
+@@ -226,7 +226,7 @@ ssize_t
decode_udp_ip_header(struct interface_info *interface,
unsigned char *buf, unsigned bufix,
struct sockaddr_in *from, unsigned buflen,
{
unsigned char *data;
struct ip ip;
-@@ -322,7 +322,7 @@ decode_udp_ip_header(struct interface_in
+@@ -337,7 +337,7 @@ decode_udp_ip_header(struct interface_in
8, IPPROTO_UDP + ulen))));
udp_packets_seen++;
udp_packets_bad_checksum++;
if (udp_packets_seen > 4 &&
(udp_packets_seen / udp_packets_bad_checksum) < 2) {
-diff -up dhcp-4.2.2b1/common/upf.c.xen dhcp-4.2.2b1/common/upf.c
---- dhcp-4.2.2b1/common/upf.c.xen 2009-11-20 02:49:01.000000000 +0100
-+++ dhcp-4.2.2b1/common/upf.c 2011-07-01 14:00:16.940958986 +0200
-@@ -320,7 +320,7 @@ ssize_t receive_packet (interface, buf,
+diff -up dhcp-4.3.0rc1/common/upf.c.xen dhcp-4.3.0rc1/common/upf.c
+--- dhcp-4.3.0rc1/common/upf.c.xen 2014-01-26 19:40:44.000000000 +0100
++++ dhcp-4.3.0rc1/common/upf.c 2014-01-29 10:03:27.505941638 +0100
+@@ -314,7 +314,7 @@ ssize_t receive_packet (interface, buf,
/* Decode the IP and UDP headers... */
offset = decode_udp_ip_header (interface, ibuf, bufix,
/* If the IP or UDP checksum was bad, skip the packet... */
if (offset < 0)
-diff -up dhcp-4.2.2b1/includes/dhcpd.h.xen dhcp-4.2.2b1/includes/dhcpd.h
---- dhcp-4.2.2b1/includes/dhcpd.h.xen 2011-07-01 14:00:16.000000000 +0200
-+++ dhcp-4.2.2b1/includes/dhcpd.h 2011-07-01 14:12:18.069642470 +0200
-@@ -2796,7 +2796,7 @@ ssize_t decode_hw_header (struct interfa
+diff -up dhcp-4.3.0rc1/includes/dhcpd.h.xen dhcp-4.3.0rc1/includes/dhcpd.h
+--- dhcp-4.3.0rc1/includes/dhcpd.h.xen 2014-01-29 10:03:27.489941844 +0100
++++ dhcp-4.3.0rc1/includes/dhcpd.h 2014-01-29 10:03:27.506941626 +0100
+@@ -2861,7 +2861,7 @@ ssize_t decode_hw_header (struct interfa
unsigned, struct hardware *);
ssize_t decode_udp_ip_header (struct interface_info *, unsigned char *,
unsigned, struct sockaddr_in *,
--- /dev/null
+diff -Naur hostapd-2.3.org/src/ap/wpa_auth.c hostapd-2.3/src/ap/wpa_auth.c
+--- hostapd-2.3.org/src/ap/wpa_auth.c 2014-10-09 16:41:31.000000000 +0200
++++ hostapd-2.3/src/ap/wpa_auth.c 2015-04-07 16:32:10.671422975 +0200
+@@ -45,9 +45,9 @@
+
+ static const u32 dot11RSNAConfigGroupUpdateCount = 4;
+ static const u32 dot11RSNAConfigPairwiseUpdateCount = 4;
+-static const u32 eapol_key_timeout_first = 100; /* ms */
+-static const u32 eapol_key_timeout_subseq = 1000; /* ms */
+-static const u32 eapol_key_timeout_first_group = 500; /* ms */
++static const u32 eapol_key_timeout_first = 300; /* ms */
++static const u32 eapol_key_timeout_subseq = 3000; /* ms */
++static const u32 eapol_key_timeout_first_group = 1500; /* ms */
+
+ /* TODO: make these configurable */
+ static const int dot11RSNAConfigPMKLifetime = 43200;
--- /dev/null
+From 99d3016de4f2a29635f5382b0e9bd0e5f2151487 Mon Sep 17 00:00:00 2001
+From: Haiyang Zhang <haiyangz@microsoft.com>
+Date: Sun, 9 Mar 2014 16:10:59 -0700
+Subject: hyperv: Change the receive buffer size for legacy hosts
+
+Due to a bug in the Hyper-V host verion 2008R2, we need to use a slightly smaller
+receive buffer size, otherwise the buffer will not be accepted by the legacy hosts.
+
+Signed-off-by: Haiyang Zhang <haiyangz@microsoft.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+
+diff --git a/drivers/net/hyperv/hyperv_net.h b/drivers/net/hyperv/hyperv_net.h
+index 7d06b49..13010b4 100644
+--- a/drivers/net/hyperv/hyperv_net.h
++++ b/drivers/net/hyperv/hyperv_net.h
+@@ -513,6 +513,7 @@ struct nvsp_message {
+ #define NETVSC_MTU 65536
+
+ #define NETVSC_RECEIVE_BUFFER_SIZE (1024*1024*16) /* 16MB */
++#define NETVSC_RECEIVE_BUFFER_SIZE_LEGACY (1024*1024*15) /* 15MB */
+
+ #define NETVSC_RECEIVE_BUFFER_ID 0xcafe
+
+diff --git a/drivers/net/hyperv/netvsc.c b/drivers/net/hyperv/netvsc.c
+index 1a0280d..daddea2 100644
+--- a/drivers/net/hyperv/netvsc.c
++++ b/drivers/net/hyperv/netvsc.c
+@@ -365,6 +365,11 @@ static int netvsc_connect_vsp(struct hv_device *device)
+ goto cleanup;
+
+ /* Post the big receive buffer to NetVSP */
++ if (net_device->nvsp_version <= NVSP_PROTOCOL_VERSION_2)
++ net_device->recv_buf_size = NETVSC_RECEIVE_BUFFER_SIZE_LEGACY;
++ else
++ net_device->recv_buf_size = NETVSC_RECEIVE_BUFFER_SIZE;
++
+ ret = netvsc_init_recv_buf(device);
+
+ cleanup:
+@@ -898,7 +903,6 @@ int netvsc_device_add(struct hv_device *device, void *additional_info)
+ ndev = net_device->ndev;
+
+ /* Initialize the NetVSC channel extension */
+- net_device->recv_buf_size = NETVSC_RECEIVE_BUFFER_SIZE;
+ spin_lock_init(&net_device->recv_pkt_list_lock);
+
+ INIT_LIST_HEAD(&net_device->recv_pkt_list);
+--
+cgit v0.10.2
+
+++ /dev/null
-From 7f558e6e8abee42cc966e2cb64be0de875797e07 Mon Sep 17 00:00:00 2001
-From: Arne Fitzenreiter <arne_f@ipfire.org>
-Date: Fri, 20 Feb 2015 10:01:26 +0100
-Subject: [PATCH] sun7i: dts: lamobo-r1: fix sata pwr regulator pin.
-
-Lamobo-R1 use PB3 instead of PB8 for controlling the SATA power regulator.
----
- arch/arm/boot/dts/sun7i-a20-lamobo-r1.dts | 18 ++++++++++++++++++
- 1 file changed, 18 insertions(+)
-
-diff --git a/arch/arm/boot/dts/sun7i-a20-lamobo-r1.dts b/arch/arm/boot/dts/sun7i-a20-lamobo-r1.dts
-index 1eb6c9b..d634d2f 100644
---- a/arch/arm/boot/dts/sun7i-a20-lamobo-r1.dts
-+++ b/arch/arm/boot/dts/sun7i-a20-lamobo-r1.dts
-@@ -166,6 +166,16 @@
- reg = <1>;
- };
- };
-+
-+ pio: pinctrl@01c20800 {
-+ ahci_pwr_pin_a: ahci_pwr_pin@0 {
-+ allwinner,pins = "PB3";
-+ allwinner,function = "gpio_out";
-+ allwinner,drive = <0>;
-+ allwinner,pull = <0>;
-+ };
-+ };
-+
- };
-
- leds {
-@@ -181,6 +191,14 @@
- };
-
- reg_ahci_5v: ahci-5v {
-+ compatible = "regulator-fixed";
-+ pinctrl-names = "default";
-+ pinctrl-0 = <&ahci_pwr_pin_a>;
-+ regulator-name = "ahci-5v";
-+ regulator-min-microvolt = <5000000>;
-+ regulator-max-microvolt = <5000000>;
-+ enable-active-high;
-+ gpio = <&pio 1 3 0>;
- status = "okay";
- };
-
---
-1.8.5.2
-
+++ /dev/null
-commit 650a3ad5151958b99a95836fb8b84b8aa18da1be
-Author: Tobias Brunner <tobias@strongswan.org>
-Date: Wed Feb 25 08:09:11 2015 +0100
-
- ike-sa-manager: Make sure the message ID of initial messages is 0
-
- It is mandated by the RFCs and it is expected by the task managers.
-
- Initial messages with invalid MID will be treated like regular messages,
- so no IKE_SA will be created for them. Instead, if the responder SPI is 0
- no SA will be found and the message is rejected with ALERT_INVALID_IKE_SPI.
- If an SPI is set and we do find an SA, then we either ignore the message
- because the MID is unexpected, or because we don't allow initial messages
- on established connections.
-
- There is one exception, though, if an attacker can slip in an IKE_SA_INIT
- with both SPIs set before the client's IKE_AUTH is handled by the server,
- it does get processed (see next commit).
-
- References #816.
-
-diff --git a/src/libcharon/sa/ike_sa_manager.c b/src/libcharon/sa/ike_sa_manager.c
-index d0cbd47..5e2b925 100644
---- a/src/libcharon/sa/ike_sa_manager.c
-+++ b/src/libcharon/sa/ike_sa_manager.c
-@@ -1184,7 +1184,8 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*,
-
- DBG2(DBG_MGR, "checkout IKE_SA by message");
-
-- if (id->get_responder_spi(id) == 0)
-+ if (id->get_responder_spi(id) == 0 &&
-+ message->get_message_id(message) == 0)
- {
- if (message->get_major_version(message) == IKEV2_MAJOR_VERSION)
- {
+++ /dev/null
-commit dd0ebb54837298c869389d36a0b42eefdb893dd6
-Author: Tobias Brunner <tobias@strongswan.org>
-Date: Wed Feb 25 08:30:33 2015 +0100
-
- ikev2: Only accept initial messages in specific states
-
- The previous code allowed an attacker to slip in an IKE_SA_INIT with
- both SPIs and MID 1 set when an IKE_AUTH would be expected instead.
-
- References #816.
-
-diff --git a/src/libcharon/sa/ikev2/task_manager_v2.c b/src/libcharon/sa/ikev2/task_manager_v2.c
-index be84e71..540d4dc 100644
---- a/src/libcharon/sa/ikev2/task_manager_v2.c
-+++ b/src/libcharon/sa/ikev2/task_manager_v2.c
-@@ -1304,17 +1304,16 @@ METHOD(task_manager_t, process_message, status_t,
- {
- if (mid == this->responding.mid)
- {
-- /* reject initial messages once established */
-- if (msg->get_exchange_type(msg) == IKE_SA_INIT ||
-- msg->get_exchange_type(msg) == IKE_AUTH)
-+ /* reject initial messages if not received in specific states */
-+ if ((msg->get_exchange_type(msg) == IKE_SA_INIT &&
-+ this->ike_sa->get_state(this->ike_sa) != IKE_CREATED) ||
-+ (msg->get_exchange_type(msg) == IKE_AUTH &&
-+ this->ike_sa->get_state(this->ike_sa) != IKE_CONNECTING))
- {
-- if (this->ike_sa->get_state(this->ike_sa) != IKE_CREATED &&
-- this->ike_sa->get_state(this->ike_sa) != IKE_CONNECTING)
-- {
-- DBG1(DBG_IKE, "ignoring %N in established IKE_SA state",
-- exchange_type_names, msg->get_exchange_type(msg));
-- return FAILED;
-- }
-+ DBG1(DBG_IKE, "ignoring %N in IKE_SA state %N",
-+ exchange_type_names, msg->get_exchange_type(msg),
-+ ike_sa_state_names, this->ike_sa->get_state(this->ike_sa));
-+ return FAILED;
- }
- if (!this->ike_sa->supports_extension(this->ike_sa, EXT_MOBIKE))
- { /* with MOBIKE, we do no implicit updates */
+++ /dev/null
-commit eb251906298b529fa53b8a99746a9a7a9f318dd5
-Author: Tobias Brunner <tobias@strongswan.org>
-Date: Wed Feb 25 08:18:58 2015 +0100
-
- ikev2: Don't destroy the SA if an IKE_SA_INIT with unexpected MID is received
-
- This reverts 8f727d800751 ("Clean up IKE_SA state if IKE_SA_INIT request
- does not have message ID 0") because it allowed to close any IKE_SA by
- sending an IKE_SA_INIT with an unexpected MID and both SPIs set to those
- of that SA.
-
- The next commit will prevent SAs from getting created for IKE_SA_INIT messages
- with invalid MID.
-
- Fixes #816.
-
-diff --git a/src/libcharon/sa/ikev2/task_manager_v2.c b/src/libcharon/sa/ikev2/task_manager_v2.c
-index 48266aa..be84e71 100644
---- a/src/libcharon/sa/ikev2/task_manager_v2.c
-+++ b/src/libcharon/sa/ikev2/task_manager_v2.c
-@@ -1355,10 +1355,6 @@ METHOD(task_manager_t, process_message, status_t,
- {
- DBG1(DBG_IKE, "received message ID %d, expected %d. Ignored",
- mid, this->responding.mid);
-- if (msg->get_exchange_type(msg) == IKE_SA_INIT)
-- { /* clean up IKE_SA state if IKE_SA_INIT has invalid msg ID */
-- return DESTROY_ME;
-- }
- }
- }
- else
+++ /dev/null
-From cd2c30a56ec9bdab8b3923851509f27a4fd6f537 Mon Sep 17 00:00:00 2001
-From: Tobias Brunner <tobias@strongswan.org>
-Date: Tue, 10 Feb 2015 19:03:44 +0100
-Subject: [PATCH] ikev1: Set protocol ID and SPIs in INITIAL-CONTACT
- notification payloads
-
-The payload we sent before is not compliant with RFC 2407 and thus some
-peers might abort negotiation (e.g. with an INVALID-PROTOCOL-ID error).
-
- #819
----
- src/libcharon/sa/ikev1/tasks/main_mode.c | 15 +++++++++++++--
- 1 file changed, 13 insertions(+), 2 deletions(-)
-
-diff --git a/src/libcharon/sa/ikev1/tasks/main_mode.c b/src/libcharon/sa/ikev1/tasks/main_mode.c
-index 5065e70..3ea4a2a 100644
---- a/src/libcharon/sa/ikev1/tasks/main_mode.c
-+++ b/src/libcharon/sa/ikev1/tasks/main_mode.c
-@@ -213,6 +213,10 @@ static void add_initial_contact(private_main_mode_t *this, message_t *message,
- {
- identification_t *idr;
- host_t *host;
-+ notify_payload_t *notify;
-+ ike_sa_id_t *ike_sa_id;
-+ u_int64_t spi_i, spi_r;
-+ chunk_t spi;
-
- idr = this->ph1->get_id(this->ph1, this->peer_cfg, FALSE);
- if (idr && !idr->contains_wildcards(idr))
-@@ -224,8 +228,15 @@ static void add_initial_contact(private_main_mode_t *this, message_t *message,
- if (!charon->ike_sa_manager->has_contact(charon->ike_sa_manager,
- idi, idr, host->get_family(host)))
- {
-- message->add_notify(message, FALSE, INITIAL_CONTACT_IKEV1,
-- chunk_empty);
-+ notify = notify_payload_create_from_protocol_and_type(
-+ PLV1_NOTIFY, PROTO_IKE, INITIAL_CONTACT_IKEV1);
-+ ike_sa_id = this->ike_sa->get_id(this->ike_sa);
-+ spi_i = ike_sa_id->get_initiator_spi(ike_sa_id);
-+ spi_r = ike_sa_id->get_responder_spi(ike_sa_id);
-+ spi = chunk_cata("cc", chunk_from_thing(spi_i),
-+ chunk_from_thing(spi_r));
-+ notify->set_spi_data(notify, spi);
-+ message->add_payload(message, (payload_t*)notify);
- }
- }
- }
---
-1.7.9.5
-
---- a/src/_updown/_updown.in
-+++ b/src/_updown/_updown.in
-@@ -178,6 +178,29 @@
- ;;
- esac
+--- strongswan-5.3.0/src/_updown/_updown.in.old 2015-03-17 18:17:43.000000000 +0000
++++ strongswan-5.3.0/src/_updown/_updown.in 2015-03-30 22:48:27.084030719 +0000
+@@ -122,6 +122,29 @@
+ # address family.
+ #
+function ip_encode() {
+ local IFS=.
+ [ $vlsm -eq 0 ] && echo 0 || echo $(( -1 << $(( 32 - $vlsm )) ))
+}
+
- # utility functions for route manipulation
- # Meddling with this stuff should not be necessary and requires great care.
- uproute() {
-@@ -407,12 +430,12 @@
+ # define a minimum PATH environment in case it is not set
+ PATH="/sbin:/bin:/usr/sbin:/usr/bin:@sbindir@"
+ export PATH
+@@ -232,12 +255,12 @@
# connection to me, with (left/right)firewall=yes, coming up
# This is used only by the default updown script, not by your custom
# ones, so do not mess with it; see CAUTION comment up at top.
#
# allow IPIP traffic because of the implicit SA created by the kernel if
# IPComp is used (for small inbound packets that are not compressed)
-@@ -428,10 +451,10 @@
+@@ -253,10 +276,10 @@
if [ "$PLUTO_PEER_CLIENT" = "$PLUTO_PEER/32" ]
then
logger -t $TAG -p $FAC_PRIO \
fi
fi
;;
-@@ -439,12 +462,12 @@
+@@ -264,12 +287,12 @@
# connection to me, with (left/right)firewall=yes, going down
# This is used only by the default updown script, not by your custom
# ones, so do not mess with it; see CAUTION comment up at top.
#
# IPIP exception teardown
if [ -n "$PLUTO_IPCOMP" ]
-@@ -459,10 +482,10 @@
+@@ -284,10 +307,10 @@
if [ "$PLUTO_PEER_CLIENT" = "$PLUTO_PEER/32" ]
then
logger -t $TAG -p $FAC_PRIO -- \
fi
fi
;;
-@@ -472,24 +495,24 @@
+@@ -297,24 +320,24 @@
# ones, so do not mess with it; see CAUTION comment up at top.
if [ "$PLUTO_PEER_CLIENT" != "$PLUTO_MY_SOURCEIP/32" ]
then
fi
#
# allow IPIP traffic because of the implicit SA created by the kernel if
-@@ -497,7 +520,7 @@
+@@ -322,7 +345,7 @@
# INPUT is correct here even for forwarded traffic.
if [ -n "$PLUTO_IPCOMP" ]
then
-s $PLUTO_PEER -d $PLUTO_ME $IPSEC_POLICY_IN -j ACCEPT
fi
#
-@@ -507,12 +530,51 @@
+@@ -332,12 +355,51 @@
if [ "$PLUTO_PEER_CLIENT" = "$PLUTO_PEER/32" ]
then
logger -t $TAG -p $FAC_PRIO \
;;
down-client:iptables)
# connection to client subnet, with (left/right)firewall=yes, going down
-@@ -520,34 +582,34 @@
+@@ -345,34 +407,34 @@
# ones, so do not mess with it; see CAUTION comment up at top.
if [ "$PLUTO_PEER_CLIENT" != "$PLUTO_MY_SOURCEIP/32" ]
then
-s $PLUTO_PEER -d $PLUTO_ME $IPSEC_POLICY_IN -j ACCEPT
fi
#
-@@ -557,12 +619,51 @@
+@@ -382,12 +444,51 @@
if [ "$PLUTO_PEER_CLIENT" = "$PLUTO_PEER/32" ]
then
logger -t $TAG -p $FAC_PRIO -- \
;;
#
# IPv6
-@@ -597,10 +698,10 @@
+@@ -412,10 +513,10 @@
# connection to me, with (left/right)firewall=yes, coming up
# This is used only by the default updown script, not by your custom
# ones, so do not mess with it; see CAUTION comment up at top.
-s $PLUTO_ME $S_MY_PORT $IPSEC_POLICY_OUT \
-d $PLUTO_PEER_CLIENT $D_PEER_PORT -j ACCEPT
#
-@@ -621,10 +722,10 @@
+@@ -436,10 +537,10 @@
# connection to me, with (left/right)firewall=yes, going down
# This is used only by the default updown script, not by your custom
# ones, so do not mess with it; see CAUTION comment up at top.
-s $PLUTO_ME $S_MY_PORT $IPSEC_POLICY_OUT \
-d $PLUTO_PEER_CLIENT $D_PEER_PORT -j ACCEPT
#
-@@ -647,10 +748,10 @@
+@@ -462,10 +563,10 @@
# ones, so do not mess with it; see CAUTION comment up at top.
if [ "$PLUTO_PEER_CLIENT" != "$PLUTO_MY_SOURCEIP/128" ]
then
-s $PLUTO_PEER_CLIENT $S_PEER_PORT \
-d $PLUTO_MY_CLIENT $D_MY_PORT $IPSEC_POLICY_IN -j ACCEPT
fi
-@@ -659,10 +760,10 @@
+@@ -474,10 +575,10 @@
# or sometimes host access via the internal IP is needed
if [ -n "$PLUTO_MY_SOURCEIP" -o -n "$PLUTO_HOST_ACCESS" ]
then
-s $PLUTO_MY_CLIENT $S_MY_PORT \
-d $PLUTO_PEER_CLIENT $D_PEER_PORT $IPSEC_POLICY_OUT -j ACCEPT
fi
-@@ -686,11 +787,11 @@
+@@ -501,11 +602,11 @@
# ones, so do not mess with it; see CAUTION comment up at top.
if [ "$PLUTO_PEER_CLIENT" != "$PLUTO_MY_SOURCEIP/128" ]
then
-s $PLUTO_PEER_CLIENT $S_PEER_PORT \
-d $PLUTO_MY_CLIENT $D_MY_PORT \
$IPSEC_POLICY_IN -j ACCEPT
-@@ -700,11 +801,11 @@
+@@ -515,11 +616,11 @@
# or sometimes host access via the internal IP is needed
if [ -n "$PLUTO_MY_SOURCEIP" -o -n "$PLUTO_HOST_ACCESS" ]
then
}
}
-int create_udev(void)
-{
- #define UDEV_NET_CONF "/etc/udev/rules.d/30-persistent-network.rules"
- FILE *fp;
- int i;
-
- if ( (fp = fopen(UDEV_NET_CONF, "w")) == NULL ) {
- fprintf(stderr,"Couldn't open" UDEV_NET_CONF);
- return 1;
- }
-
- for (i = 0 ; i < 4 ; i++)
- {
- if (strcmp(knics[i].macaddr, "")) {
- fprintf(fp,"\n# %s\nACTION==\"add\", SUBSYSTEM==\"net\", ATTR{type}==\"1\", ATTR{address}==\"%s\", NAME=\"%s0\"\n", knics[i].description, knics[i].macaddr, lcolourcard[i]);
- }
- }
- fclose(fp);
- return 0;
-}
-
int write_configs_netudev(int card , int colour)
{
char commandstring[STRING_SIZE];
} else {
rename_nics();
}
- create_udev();
return 1;
}
# Translators:
# douglasdiasn <douglasdiasn@gmail.com>, 2015
# Evertton de Lima <e.everttonlima@gmail.com>, 2015
+# Moisés Bites Borges de Castro <moisesbites@gmail.com>, 2015
# Rafael Tavares <rafael@ibinetwork.com.br>, 2015
msgid ""
msgstr ""
"Project-Id-Version: IPFire Project\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2014-08-21 15:12+0000\n"
-"PO-Revision-Date: 2015-02-16 23:15+0000\n"
-"Last-Translator: Evertton de Lima <e.everttonlima@gmail.com>\n"
+"PO-Revision-Date: 2015-03-24 21:31+0000\n"
+"Last-Translator: Moisés Bites Borges de Castro <moisesbites@gmail.com>\n"
"Language-Team: Portuguese (Brazil) (http://www.transifex.com/projects/p/ipfire/language/pt_BR/)\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
#: dhcp.c:50
msgid "Start address:"
-msgstr "Endereço de Inicial:"
+msgstr "Endereço inicial:"
#: dhcp.c:51
msgid "End address:"
#: dhcp.c:54
msgid "Default lease (mins):"
-msgstr "Tempo padrão (mins):"
+msgstr "Concessão padrão (min):"
#: dhcp.c:55
msgid "Max lease (mins):"
-msgstr "Tempo máximo (mins)"
+msgstr "Concessão máxima (min)"
#: dhcp.c:56
msgid "Domain name suffix:"
-msgstr ""
+msgstr "Sufixo do nome de Domínio:"
#: dhcp.c:86 dhcp.c:93 dhcp.c:101 domainname.c:34 hostname.c:37 keymap.c:70
#: misc.c:40 misc.c:52 netstuff.c:377 netstuff.c:566 netstuff.c:704
#: dhcp.c:111
msgid "DHCP server configuration"
-msgstr "Configurar servidor DHCP"
+msgstr "Configuração do servidor DHCP"
#: dhcp.c:116
msgid "Configure the DHCP server by entering the settings information."
msgid ""
"The following fields are invalid:\n"
"\n"
-msgstr "Os campos a seguir são inválidos: \n"
+msgstr "Os campos a seguir são inválidos: \n\n"
#: dhcp.c:159
msgid "Start address"
-msgstr "Endereço de Inicial"
+msgstr "Endereço inicial"
#: dhcp.c:165
msgid "End address"
#: dhcp.c:189
msgid "Default lease time"
-msgstr "Tempo padrão"
+msgstr "Tempo de concessão padrão"
#: dhcp.c:195
msgid "Max. lease time"
-msgstr "Tempo máximo padrão"
+msgstr "Tempo de concessão máximo"
#: domainname.c:42 main.c:70
msgid "Domain name"
-msgstr "Domínio "
+msgstr "Nome de Domínio "
#: domainname.c:42
msgid "Enter Domain name"
-msgstr "Entre com o nome do Domínio"
+msgstr "Digite o nome do Domínio"
#: domainname.c:48
msgid "Domain name cannot be empty."
#: hostname.c:46 main.c:69
msgid "Hostname"
-msgstr "Hostname"
+msgstr "Nome do Host"
#: hostname.c:46
msgid "Enter the machine's hostname."
-msgstr "Entre com o nome do host."
+msgstr "Entre com o nome de Host da máquina."
#: hostname.c:53
msgid "Hostname cannot be empty."
#: netstuff.c:104
msgid "DHCP"
-msgstr "Automático "
+msgstr "DHCP"
#: netstuff.c:105
msgid "PPP DIALUP (PPPoE, modem, ATM ...)"
#: netstuff.c:396 netstuff.c:709
msgid "Unset"
-msgstr ""
+msgstr "Desativado"
#: netstuff.c:669
#, c-format
#: netstuff.c:755
msgid "Select network driver"
-msgstr "Selecionar driver de rede"
+msgstr "Selecionar o driver de rede"
#: netstuff.c:755
msgid "Set additional module parameters"
-msgstr ""
+msgstr "Especifique os parâmetros adicionais"
#: netstuff.c:762
msgid "Loading module..."
#: netstuff.c:777
msgid "Unable to load driver module."
-msgstr ""
+msgstr "Não foi possível carregar o driver."
#: netstuff.c:780
msgid "Module name cannot be blank."
-msgstr ""
+msgstr "O nome do módulo não pode ficar vazio."
#: networking.c:110
msgid "Stopping network..."
"list those interfaces which have ethernet attached. If you change this "
"setting, a network restart will be required, and you will have to "
"reconfigure the network driver assignments."
-msgstr ""
+msgstr "Selecione a configuração de rede para %s. Os tipos de configuração seguintes lista as interfaces cabo Ethernet. Se você alterar estas configurações, uma reinicialização de rede será exigida, e você terá que reconfigurar os drivers de rede especificados."
#: networking.c:307
#, c-format
"Not enough netcards for your choice.\n"
"\n"
"Needed: %d - Available: %d\n"
-msgstr ""
+msgstr "Não há dispositivos de rede suficientes para sua escolha.\n\nNecessárias: %d - Disponíveis: %d\n"
#: networking.c:359
msgid ""
"Configure network drivers, and which interface each card is assigned to. The current configuration is as follows:\n"
"\n"
-msgstr ""
+msgstr "Configure os drivers de rede, e a placa de rede que a interface está relacionada. A configuração atual é a seguinte:\n\n"
#: networking.c:408
msgid "Do you wish to change these settings?"
msgid ""
"Please choose the interface you wish to change.\n"
"\n"
-msgstr ""
+msgstr "Por favor, escolha a interface de rede que quer alterar.\n\n"
#: networking.c:519
msgid "Assigned Cards"
"connection to the %s machine will be broken, and you will have to reconnect "
"on the new IP. This is a risky operation, and should only be attempted if "
"you have physical access to the machine, should something go wrong."
-msgstr ""
+msgstr "Se você alterar o endereço IP, e você estiver logado remotamente, sua conexão com a máquina %s cairá, e você terá que reconectar através do novo IP. Esta é uma operação arriscada, e somente deve ser feita se você tem acesso físico à máquina, caso algo errado aconteça."
#: networking.c:641
msgid "Select the interface you wish to reconfigure."
-msgstr ""
+msgstr "Selecione a interface que deseja reconfigurar."
#: networking.c:729
msgid "Default gateway:"
msgid ""
"Enter the DNS and gateway information. These settings are used only with "
"Static IP (and DHCP if DNS set) on the RED interface."
-msgstr ""
+msgstr "Digite as informações de DNS e roteador. Estas configurações são usada somente com IP estático (e DHCP se o DNS está habilitado) para a inerface VERMELHA."
#: networking.c:773
msgid "Default gateway"
#: passwords.c:33
msgid ""
"Enter the 'root' user password. Login as this user for commandline access."
-msgstr ""
+msgstr "Digite a senha do usuário 'root'. Autentique com este usuário para acesso à linha de comando."
#: passwords.c:38 passwords.c:61
msgid "Setting password"
msgid ""
"Enter %s 'admin' user password. This is the user to use for logging into the"
" %s web administration pages."
-msgstr ""
+msgstr "Digite a senha do usuário 'admin' do %s. Este é o usuário para autenticação na interface web de administração do %s."
#: passwords.c:60
#, c-format
msgid "Setting %s 'admin' user password..."
-msgstr ""
+msgstr "Especificando a senha do usuário 'admin' do %s..."
#: passwords.c:62
#, c-format
msgid "Problem setting %s 'admin' user password."
-msgstr ""
+msgstr "Tem um problema ao gravar senha do usuário 'admin' do %s."
#: passwords.c:76
msgid "Password:"
"Project-Id-Version: IPFire Project\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2014-08-21 15:12+0000\n"
-"PO-Revision-Date: 2015-02-28 22:59+0000\n"
+"PO-Revision-Date: 2015-03-20 15:05+0000\n"
"Last-Translator: Ersan YILDIRIM <ersan73@gmail.com>\n"
"Language-Team: Turkish (http://www.transifex.com/projects/p/ipfire/language/tr/)\n"
"MIME-Version: 1.0\n"
"connection to the %s machine will be broken, and you will have to reconnect "
"on the new IP. This is a risky operation, and should only be attempted if "
"you have physical access to the machine, should something go wrong."
-msgstr "Eğer bu IP adresini değiştirirseniz, ve uzaktan oturum açmışsanız, %s makinesine olan bağlantınız kopacaktır ve yeni IP adresine tekrar bağlanmanız gerekecektir. Bu riskli bir işlemdir ve bir şeylerin ters gitmesi durumunda makineye fiziksel erişiminiz varsa kullanmalısınız."
+msgstr "Uzaktan oturum açtığınızda bu IP adresini değiştirirseniz %s makinesine olan bağlantınız kopacaktır ve yeni IP adresine tekrar bağlanmanız gerekecektir. Bu riskli bir işlemdir ve bir şeylerin ters gitmesi durumunda makineye fiziksel erişiminiz varsa kullanmalısınız."
#: networking.c:641
msgid "Select the interface you wish to reconfigure."
int interfacecheck(struct keyvalue *kv, char *colour);
int rename_nics(void);
int init_knics(void);
-int create_udev(void);
int scan_network_cards(void);
int nicmenu(int colour);
int clear_card_entry(int cards);