Michael Tremer [Sat, 23 Mar 2024 14:03:36 +0000 (15:03 +0100)]
openvpnctrl: Rewrite the entire thing
This binary because a major headache as it has been changed so many
times by so many people neglegting the code quality. Therefore, the
logic has now been moved into initscripts and the binary changed so that
it only serves as a SUID wrapper to call the initscripts.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sat, 23 Mar 2024 13:57:19 +0000 (14:57 +0100)]
initscripts: No longer restart OpenVPN when RED comes up/goes down
This is probably a relic from when dial-up connections where on trend
and systems were offline for long times of the day. Now, we should
always be on and there is no need to restart all those services on a
reconnect.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 20 Mar 2024 19:38:52 +0000 (20:38 +0100)]
ovpnmain.cgi: Migrate to subnet topology
For dynamic pools, this change is easy and does not require any extra
steps. For CCD clients however, we need to update the configuration to
replace the server IP address with the subnet mask.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 20 Mar 2024 13:56:20 +0000 (14:56 +0100)]
ovpnmain.cgi: Drop validdotmask()
This is a totally braindead function that prevented some basic usability
by using the more modern prefix notation. It simply checks if there is a
freaking dot. Great!
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 19 Mar 2024 19:44:18 +0000 (20:44 +0100)]
ovpnmain.cgi: Force NCP on clients
This change requires that all clients support NCP if they are set up
with a new connection. Existing clients remain supported using the
fallback cipher option.
This will result that connections with OpenVPN <= 2.3 cannot be set up
any more which is totally fine since that version is EOL.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 19 Mar 2024 19:11:31 +0000 (20:11 +0100)]
ovpnmain.cgi: Completely remove compression for RW clients
We will use the "compress migrate" option which disables compression by
default. If a client has been found that wants to use compression, the
server will push "stub-v2" to disable it. If that does not work, the
server might fall back to compression.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 19 Mar 2024 15:32:33 +0000 (16:32 +0100)]
ovpnmain.cgi: Drop newcleanssldatabase()
I have no idea why this was added when there is a function that does the
same already. The remove function also had typos in the path which
probably resulted in it not working very well.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Mon, 2 Jun 2025 18:41:58 +0000 (18:41 +0000)]
core196: Ship OpenSSL
This is being shipped because it has been rebuilt with GCC 15. There has
been reports on some systems that OpenSSL triggers some compiler bug and
therefore the openssl command tends to segfault a lot.
This is now being resolved with GCC 15.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 1 Jun 2025 14:58:28 +0000 (14:58 +0000)]
linux: Backport support for BIG TCP GSO on WireGuard
Advertise GSO_MAX_SIZE as TSO max size in order support BIG TCP for wireguard.
This helps to improve wireguard performance a bit when enabled as it allows
wireguard to aggregate larger skbs in wg_packet_consume_data_done() via
napi_gro_receive(), but also allows the stack to build larger skbs on xmit
where the driver then segments them before encryption inside wg_xmit().
We've seen a 15% improvement in TCP stream performance.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Fri, 30 May 2025 12:38:17 +0000 (14:38 +0200)]
ruby: Update to version 3.4.4
- This v2 version keeps the CFLAGS line in place
- Update from version 3.4.1 to 3.4.4
- Update of rootfile
- Changelog
3.4.4
YJIT: Split the block on optimized getlocal/setlocal by k0kubun · Pull
Request #13331
Bug #21257: YJIT can generate infinite loop when OOM - Ruby - Ruby Issue
Tracking System
Bug #21286: Windows - MSYS2 just updated to GCC 15.1.0, builds failing -
Ruby - Ruby Issue Tracking System
Bug #21327: Windows builds seem broken after clock_gettime changes? -
Ruby - Ruby Issue Tracking System
Bug #21331: heap-use-after-free caused by rehash during
transform_values! - Ruby - Ruby Issue Tracking System
Bug #21289: Fix C level backtraces for USE_ELF - Ruby - Ruby Issue
Tracking System
3.4.3
Bug #21145: Prism accepts newlines in-between curly unicode escape -
Ruby - Ruby Issue Tracking System
Bug #21153: ::Foo ||= p 1 should parse - Ruby - Ruby Issue Tracking System
Bug #21030: Bug: #step with Range<ActiveSupport::Duration> behavior
broken on Ruby 3.4.1 - Ruby - Ruby Issue Tracking System
Bug #21131: IO.copy_stream: yielded string changes value when duped -
Ruby - Ruby Issue Tracking System
Feature #19521: Support for Module#name= and Class#name=. - Ruby - Ruby
Issue Tracking System
Bug #21159: Module#set_temporary_name should freeze given name - Ruby -
Ruby Issue Tracking System
Bug #21161: Crash when locale is set to Turkish tr_TR.UTF-8 - Ruby - Ruby
Issue Tracking System
Bug #21144: Win32: Use Windows time zone ID as the time zone name if TZ
is not set - Ruby - Ruby Issue Tracking System
Bug #21170: Corrupted Hash (bad VALUE and missing entry) when -1 returned
from .hash - Ruby - Ruby Issue Tracking System
Bug #21172: Race condition in register_fstring - Ruby - Ruby Issue
Tracking System
Bug #21163: Inconsistencies in Kernel.Float compared to other number
parsing methods - Ruby - Ruby Issue Tracking System
Bug #21173: RUBY_FREE_AT_EXIT does not work when error in -r - Ruby -
Ruby Issue Tracking System
Bug #21179: Introduction Happy Eyeballs Version 2 broke Socket.tcp from
secondary Ractors - Ruby - Ruby Issue Tracking System
Bug #19841: Marshal.dump stack overflow with recursive Time - Ruby - Ruby
Issue Tracking System
Bug #21180: SEGV while marking imemo_env->iseq - Ruby - Ruby Issue
Tracking System
Bug #21186: Inconsistent parsing of ?あand 0 - Ruby - Ruby Issue Tracking
System
Bug #21094: Module#set_temporary_name does not affect a name of a nested
module - Ruby - Ruby Issue Tracking System
Bug #21195: Crash when using IO#timeout - Ruby - Ruby Issue Tracking System
Bug #21196: Ruby 3.4 ignores visibility when passing arguments using ... -
Ruby - Ruby Issue Tracking System
Bug #21141: Time#utc? does not work with a timezone object - Ruby - Ruby
Issue Tracking System
Bug #21211: Incomplete Backtrace for Socket Errors in Ruby 3.4+ - Ruby -
Ruby Issue Tracking System
Bug #21197: Prism does not accept newline after defined? keyword - Ruby -
Ruby Issue Tracking System
Bug #21183: Ractor error with Prism::VERSION - Ruby - Ruby Issue Tracking
System
Bug #21217: Integer.sqrt produces wrong results even on input <= 1e18 -
Ruby - Ruby Issue Tracking System
Bug #21220: Memory corruption in update_line_coverage()
[write at index -1] - Ruby - Ruby Issue Tracking System
3.4.2
Bug #21024: Ruby including generates compilation warning with GCC 15,
header is deprecated in C++17,
Bug #21021: "try to mark T_NONE object" with 3.4.1
Bug #20997: YJIT panic assertion left == right failed: leave instruction
expects stack size 1, but was: 2
Bug #20981: rb_undefine_finalizer is missing
Bug #20989: Segmentation fault in Ripper when lexing /#{"\xcd"}/
Bug #21003: unexpected warning about ignored block
Bug #21002: Please include license information of turbo_tests
Bug #21001: unexpected nil result from proc with ensure and next
Bug #21010: Endless method definition of []= is SyntaxError in parse.y but
allowed in Prism
Bug #20992: eval(ascii_encoded_code) raises EncodingError when multibyte
local variable exists
Bug #21017: --with-parser=parse.y configure option does not work
Bug #21014: Prism doesn't set node_id on iseqs correctly
Bug #21027: not() receiver should be nil
Bug #20995: exception escapes block given to IO.popen("-") in child process
Bug #21008: Array#sum, Enumerator#sum, Numeric subclass
Bug #21044: Prism maximum recursion depth is 1_000, parse.y is 10_000
Bug #21031: Incompatibility with prism and parse.y when eval'ing unnamed
forwarding variables
Bug #21085: [BUG] Stack consistency error with -ne
Bug #21048: [Prism] rescue in modifier form with condition behaves
differently
Bug #21046: Backport: TLS fix for ARM64
Bug #21012: Compiling a['a','b'],=1 with parse.y fails
Bug #21038: Preserve errno in rb_fiber_scheduler_unblock
Bug #21032: Module#autoload? is slow when $LOAD_PATH contains a relative path
Bug #21092: error building ruby 3.4.1 on cygwin/msys2
Bug #21095: Prefer uname -n over hostname in tests.
Bug #21103: Binding problem with delegate methods
Bug #21088: TCPSocket.new raises Socket::ResolutionError instead of
Errno::ECONNREFUSED for hosts defined in /etc/hosts
Bug #21112: Typo in error message when an incorrect key is used with
WeakKeyMap
Bug #21117: Inconsistent behaviour between "_1" and "it" variables
Bug #21114: Prism hangs up while parsing deeply nested def
Bug #20984: ENV.inspect is not encoding aware
Bug #20982: Inconsistency between Hash#inspect and ENV.inspect in Ruby 3.4
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Stephen Cuka [Thu, 29 May 2025 01:31:38 +0000 (19:31 -0600)]
manualpages: Fixbug13858 - Add doc link for Network/Aliases
- Add missing documentation link for 'Network/Aliases'.
Signed-off-by: Stephen Cuka <stephen@firemypi.org> Reviewed-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
projects / people / ms / ipfire-2.x.git / log
