--- /dev/null
+etc/system-release
+etc/issue
--- /dev/null
+#!/bin/bash
+############################################################################
+# #
+# This file is part of the IPFire Firewall. #
+# #
+# IPFire is free software; you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation; either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# IPFire is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with IPFire; if not, write to the Free Software #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
+# #
+# Copyright (C) 2016 IPFire-Team <info@ipfire.org>. #
+# #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh
+/usr/local/bin/backupctrl exclude >/dev/null 2>&1
+
+core=103
+
+function exit_with_error() {
+ # Set last succesfull installed core.
+ echo $(($core-1)) > /opt/pakfire/db/core/mine
+ /usr/bin/logger -p syslog.emerg -t ipfire \
+ "core-update-${core}: $1"
+ exit $2
+}
+
+# Remove old core updates from pakfire cache to save space...
+for (( i=1; i<=$core; i++ ))
+do
+ rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire
+done
+
+
+# Stop services
+
+# Extract files
+extract_files
+
+# update linker config
+ldconfig
+
+# Update Language cache
+#/usr/local/bin/update-lang-cache
+
+#
+# Start services
+#
+
+sync
+# This update need a reboot...
+touch /var/run/need_reboot
+
+# Finish
+/etc/init.d/fireinfo start
+sendprofile
+
+# Update grub config to display new core version
+if [ -e /boot/grub/grub.cfg ]; then
+ grub-mkconfig -o /boot/grub/grub.cfg
+fi
+sync
+
+# Don't report the exitcode last command
+exit 0
--- /dev/null
+boot/config.txt
+boot/grub/grub.cfg
+boot/grub/grubenv
+etc/alternatives
+etc/collectd.custom
+etc/default/grub
+etc/ipsec.conf
+etc/ipsec.secrets
+etc/ipsec.user.conf
+etc/ipsec.user.secrets
+etc/localtime
+etc/shadow
+etc/snort/snort.conf
+etc/ssh/ssh_config
+etc/ssh/sshd_config
+etc/ssl/openssl.cnf
+etc/sudoers
+etc/sysconfig/firewall.local
+etc/sysconfig/rc.local
+etc/udev/rules.d/30-persistent-network.rules
+srv/web/ipfire/html/proxy.pac
+var/ipfire/dma
+var/ipfire/time
+var/ipfire/ovpn
+var/lib/alternatives
+var/log/cache
+var/state/dhcp/dhcpd.leases
+var/updatecache
--- /dev/null
+boot/config.txt
+boot/grub/grub.cfg
+boot/grub/grubenv
+etc/alternatives
+etc/collectd.custom
+etc/default/grub
+etc/ipsec.conf
+etc/ipsec.secrets
+etc/ipsec.user.conf
+etc/ipsec.user.secrets
+etc/localtime
+etc/shadow
+etc/snort/snort.conf
+etc/ssh/ssh_config
+etc/ssh/sshd_config
+etc/ssl/openssl.cnf
+etc/sudoers
+etc/sysconfig/firewall.local
+etc/sysconfig/rc.local
+etc/udev/rules.d/30-persistent-network.rules
+srv/web/ipfire/html/proxy.pac
+var/ipfire/dma
+var/ipfire/time
+var/ipfire/ovpn
+var/lib/alternatives
+var/log/cache
+var/state/dhcp/dhcpd.leases
+var/updatecache
--- /dev/null
+etc/system-release
+etc/issue
--- /dev/null
+../../../../common/i586/openssl-sse2
\ No newline at end of file
--- /dev/null
+../../../common/openssh
\ No newline at end of file
--- /dev/null
+../../../common/openssl
\ No newline at end of file
--- /dev/null
+#!/bin/bash
+############################################################################
+# #
+# This file is part of the IPFire Firewall. #
+# #
+# IPFire is free software; you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation; either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# IPFire is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with IPFire; if not, write to the Free Software #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
+# #
+# Copyright (C) 2016 IPFire-Team <info@ipfire.org>. #
+# #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh
+/usr/local/bin/backupctrl exclude >/dev/null 2>&1
+
+core=102
+
+function exit_with_error() {
+ # Set last succesfull installed core.
+ echo $(($core-1)) > /opt/pakfire/db/core/mine
+ /usr/bin/logger -p syslog.emerg -t ipfire \
+ "core-update-${core}: $1"
+ exit $2
+}
+
+# Remove old core updates from pakfire cache to save space...
+for (( i=1; i<=$core; i++ ))
+do
+ rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire
+done
+
+
+# Stop services
+
+# Extract files
+extract_files
+
+# update linker config
+ldconfig
+
+# Update Language cache
+#/usr/local/bin/update-lang-cache
+
+#
+# Start services
+#
+
+sync
+# This update need a reboot...
+touch /var/run/need_reboot
+
+# Finish
+/etc/init.d/fireinfo start
+sendprofile
+
+# Update grub config to display new core version
+if [ -e /boot/grub/grub.cfg ]; then
+ grub-mkconfig -o /boot/grub/grub.cfg
+fi
+sync
+
+# Don't report the exitcode last command
+exit 0
include Config
-VER = 0.99.1
+VER = 0.99.2
THISAPP = clamav-$(VER)
DL_FILE = $(THISAPP).tar.gz
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = clamav
-PAK_VER = 31
+PAK_VER = 33
DEPS = ""
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = cf1f3cbe62a08c9165801f79239166ff
+$(DL_FILE)_MD5 = 61b51a04619aeafd965892a53f86d192
install : $(TARGET)
include Config
-VER = 7.2p1
+VER = 7.2p2
THISAPP = openssh-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = b984775f0cfff1f7ff18b8797fce8a28
+$(DL_FILE)_MD5 = 13009a9156510d8f27e752659075cced
install : $(TARGET)
include Config
-VER = 1.0.2g
+VER = 1.0.2h
THISAPP = openssl-$(VER)
DL_FILE = $(THISAPP).tar.gz
zlib-dynamic \
enable-camellia \
enable-md2 \
- enable-ssl2 \
+ disable-ssl2 \
enable-seed \
enable-tlsext \
enable-rfc3779 \
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = f3c710c045cdee5fd114feb69feba7aa
+$(DL_FILE)_MD5 = 9392e65072ce4b614c1392eefc1f23d0
install : $(TARGET)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.0-beta5-enginesdir.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.2a-rpmbuild.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.1m-weak-ciphers.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.2h-weak-ciphers.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.2g-disable-sslv2v3.patch
# i586 specific patches
NAME="IPFire" # Software name
SNAME="ipfire" # Short name
VERSION="2.19" # Version number
-CORE="101" # Core Level (Filename)
-PAKFIRE_CORE="101" # Core Level (PAKFIRE)
+CORE="103" # Core Level (Filename)
+PAKFIRE_CORE="102" # Core Level (PAKFIRE)
GIT_BRANCH=`git rev-parse --abbrev-ref HEAD` # Git Branch
SLOGAN="www.ipfire.org" # Software slogan
CONFIG_ROOT=/var/ipfire # Configuration rootdir
if [ $(basename $0) == "clamav" ]; then
boot_mesg "Starting Clamav Definition Updater..."
loadproc /usr/bin/freshclam -d -c 10
-
- boot_mesg "Starting Clamav Daemon..."
+
COUNTER=0
- while [ "$COUNTER" -lt "30" ]; do
+ while [ "$COUNTER" -lt "61" ]; do
[ -e "/usr/share/clamav/main.cvd" ] && \
[ -e "/usr/share/clamav/daily.cvd" ] || \
[ -e "/usr/share/clamav/daily.cld" ] && \
break
- sleep 5
+ if [ "$COUNTER" -lt "1" ]; then
+ boot_mesg -n "Download db "
+ else
+ boot_mesg -n "."
+ fi
+ sleep 15
COUNTER=$(($COUNTER + 1))
done
+ if [ "$COUNTER" -gt "0" ]; then
+ boot_mesg
+ fi
+ if [ "$COUNTER" -gt "60" ]; then
+ boot_mesg "Download takes longer than 15min check freshclam status!"
+ echo_failure;
+ exit 1;
+ fi
+
+ boot_mesg "Starting Clamav Daemon..."
loadproc /usr/sbin/clamd
else
boot_mesg "Starting Clamav in background..."
stop)
boot_mesg "Stopping Clamav Definition Updater..."
killproc /usr/bin/freshclam
-
+ rm -rf /usr/share/clamav/*.tmp
+
boot_mesg "Stopping Clamav Daemon..."
killproc /usr/sbin/clamd
;;
# along with IPFire; if not, write to the Free Software #
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
# #
-# Copyright (C) 2007-2014 IPFire-Team <info@ipfire.org>. #
+# Copyright (C) 2007-2016 IPFire-Team <info@ipfire.org>. #
# #
############################################################################
#
return 0
}
+if [ "$(grep "^flags.* pae " /proc/cpuinfo)" == "" ]; then
+ rm -f /opt/pakfire/db/instelled/meta-linux-pae
+ /usr/bin/logger -p syslog.emerg -i pakfire \
+ "linux-pae: no pae support found, aborted!"
+ exit 1
+fi
+
extract_files
#
KVER=xxxKVERxxx
ln -s grub.conf $MNThdd/boot/grub/menu.lst
fi
-# request a reboot if pae is supported
-if [ ! "$(grep "^flags.* pae " /proc/cpuinfo)" == "" ]; then
- touch /var/run/need_reboot
-fi
+# request a reboot
+touch /var/run/need_reboot
sync && sync
\ No newline at end of file
+++ /dev/null
---- openssl-1.0.1m/ssl/ssl.h.old 2015-03-19 15:25:20.646533583 +0100
-+++ openssl-1.0.1m/ssl/ssl.h 2015-03-19 15:25:31.229875691 +0100
-@@ -334,7 +334,7 @@
- * The following cipher list is used by default. It also is substituted when
- * an application-defined cipher list string starts with 'DEFAULT'.
- */
--# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!aNULL:!eNULL:!SSLv2"
-+# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!aNULL:!eNULL:!SSLv2:!RC2:!DES"
- /*
- * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
- * starts with a reasonable order, and all we have to do for DEFAULT is
--- /dev/null
+diff -Naur openssl-1.0.2h.org/ssl/ssl.h openssl-1.0.2h/ssl/ssl.h
+--- openssl-1.0.2h.org/ssl/ssl.h 2016-05-03 15:44:42.000000000 +0200
++++ openssl-1.0.2h/ssl/ssl.h 2016-05-03 18:49:10.393302264 +0200
+@@ -338,7 +338,7 @@
+ * The following cipher list is used by default. It also is substituted when
+ * an application-defined cipher list string starts with 'DEFAULT'.
+ */
+-# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2"
++# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2:!RC2:!DES"
+ /*
+ * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
+ * starts with a reasonable order, and all we have to do for DEFAULT is