]>
git.ipfire.org Git - people/jschlag/ipfire-2.x.git/log
Stefan Schantl [Sun, 3 May 2015 19:51:04 +0000 (21:51 +0200)]
Update flag icon-set.
Move the flag icon-set into an own lfs file and replace the current
used one by a more recent version.
Arne Fitzenreiter [Sun, 3 May 2015 11:03:25 +0000 (13:03 +0200)]
Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Sun, 3 May 2015 11:02:30 +0000 (13:02 +0200)]
toolchain: set version to 9.
Alexander Marx [Sun, 3 May 2015 03:24:39 +0000 (05:24 +0200)]
squid-accounting: fix monthly dbmove funktion to put values in history table
Michael Tremer [Sun, 3 May 2015 10:53:28 +0000 (12:53 +0200)]
core90: Add updated netovpnsrv.cgi to update
Michael Tremer [Sun, 3 May 2015 10:52:50 +0000 (12:52 +0200)]
Merge remote-tracking branch 'amarx/core90' into next
Alexander Marx [Sun, 3 May 2015 03:12:13 +0000 (05:12 +0200)]
Core90: make N2N Graphs higher to them correctly
Graphs in core 89 where not heigh enough so that they where zoomed which
looked bad
Michael Tremer [Sat, 2 May 2015 12:29:46 +0000 (14:29 +0200)]
core90: Also regenerate IPsec configuration during the update
Michael Tremer [Sat, 2 May 2015 10:56:09 +0000 (12:56 +0200)]
squid: Disable SSL support
The SSL support parts of squid are a great security
risk. The majority of all security issues has been
in this area. As we are not using any of that in
production we can as well disable SSL support.
This won't affect squid's possibility to forward
SSL connections with the CONNECT method.
Michael Tremer [Sat, 2 May 2015 09:20:37 +0000 (11:20 +0200)]
squid: Update to 3.4.13
Michael Tremer [Fri, 1 May 2015 14:57:13 +0000 (16:57 +0200)]
vpnmain.cgi: Fix ECP regex again for Brainpool curves
The regular expression did not take into account that
there could be characters like "bp" in case of the Brainpool
curves (ecp512bp).
Arne Fitzenreiter [Thu, 30 Apr 2015 04:50:15 +0000 (06:50 +0200)]
clamav: update to 0.98.7
Arne Fitzenreiter [Wed, 29 Apr 2015 17:47:44 +0000 (19:47 +0200)]
xz: update to 5.2.1
Arne Fitzenreiter [Wed, 29 Apr 2015 17:42:06 +0000 (19:42 +0200)]
kernel: update to 3.14.40
Michael Tremer [Wed, 29 Apr 2015 09:26:35 +0000 (11:26 +0200)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Wed, 29 Apr 2015 09:26:20 +0000 (11:26 +0200)]
Merge remote-tracking branch 'stevee/core-90-ddnsctrl' into next
Michael Tremer [Wed, 29 Apr 2015 09:24:23 +0000 (11:24 +0200)]
dnsmasq: Import more upstream fixes
Fixes: #10786
Fixes DNSSEC validation when falling back to TCP.
Stefan Schantl [Tue, 28 Apr 2015 19:16:54 +0000 (21:16 +0200)]
Core90: Regenerate ddns config file.
Stefan Schantl [Tue, 28 Apr 2015 19:06:19 +0000 (21:06 +0200)]
ddns: Add more upstream patches.
Arne Fitzenreiter [Tue, 28 Apr 2015 18:51:03 +0000 (20:51 +0200)]
openssl: disable ssse3 on amd cpu's
amd with ssse3 (bulldozer and fusion) has serious performance problems
with the vpaes code. (-evp is 40% slower)
Michael Tremer [Tue, 28 Apr 2015 11:22:00 +0000 (13:22 +0200)]
vpnmain.cgi: Fix prefix for elliptic curve algorithms
Jochen Kauz [Tue, 28 Apr 2015 09:30:05 +0000 (11:30 +0200)]
vpnmain.cgi: dpd_delay/dpd_timeout wrong entry in ipsec.conf
Fixes #10636
Michael Tremer [Tue, 28 Apr 2015 09:15:38 +0000 (11:15 +0200)]
openssl: Don't ship an SSE-optimised version of libssl
This one does not benefit at all from any optimisations
of this kind. Only libcrypto.so.10 which holds the implementation
of ciphers and hashes gains better performance by using SSE2.
Michael Tremer [Tue, 28 Apr 2015 09:14:45 +0000 (11:14 +0200)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Tue, 28 Apr 2015 09:13:03 +0000 (11:13 +0200)]
tzdata: Update to version 2015d
Arne Fitzenreiter [Mon, 27 Apr 2015 20:15:20 +0000 (22:15 +0200)]
openssl: auto enable padlock engine.
Michael Tremer [Mon, 27 Apr 2015 19:17:17 +0000 (21:17 +0200)]
glibc: Fix CVE-2013-7423 and CVE-2015-1781
CVE-2013-7423: Fix invalid file descriptor reuse while sending DNS query
CVE-2015-1781: Fix buffer overflow in gethostbyname_r with misaligned buffer
Arne Fitzenreiter [Mon, 27 Apr 2015 19:19:46 +0000 (21:19 +0200)]
openssl: change sse2 optimization to i686.
Michael Tremer [Mon, 27 Apr 2015 18:58:45 +0000 (20:58 +0200)]
strongswan: Increase stroke buffer size to 8k
Michael Tremer [Mon, 27 Apr 2015 16:10:34 +0000 (18:10 +0200)]
dnsmasq: Import latest fixes from upstream
Stefan Schantl [Sun, 26 Apr 2015 15:17:36 +0000 (17:17 +0200)]
Add patched ddns to core 90.
Stefan Schantl [Sun, 26 Apr 2015 15:14:36 +0000 (17:14 +0200)]
Drop obsolete ddns patches.
Stefan Schantl [Sun, 26 Apr 2015 15:12:55 +0000 (17:12 +0200)]
ddns: Add upstream patch for fixing bug 10815.
Stefan Schantl [Sun, 26 Apr 2015 14:56:24 +0000 (16:56 +0200)]
Add ddns related files to core 90.
Stefan Schantl [Sun, 26 Apr 2015 14:52:52 +0000 (16:52 +0200)]
ddns.cgi: Use ddnsctrl for instant update.
Stefan Schantl [Sun, 26 Apr 2015 14:48:45 +0000 (16:48 +0200)]
ddnsctrl: New binary.
This helper binary is used to grand the ddns update client super user rights,
when launched out of the webinterface.
Arne Fitzenreiter [Sat, 25 Apr 2015 11:23:34 +0000 (13:23 +0200)]
Add rootfile check for hardcoded machine type.
Arne Fitzenreiter [Sat, 25 Apr 2015 07:49:37 +0000 (09:49 +0200)]
libsrtp: update rootfile.
Arne Fitzenreiter [Fri, 24 Apr 2015 18:06:13 +0000 (20:06 +0200)]
core90: remove missing file from openssl-0.9.8-files.
Arne Fitzenreiter [Fri, 24 Apr 2015 18:03:45 +0000 (20:03 +0200)]
openssl: fix ssl2 rootfile handling.
KCFG will added to the lfs filename at determine the filename in config/rootfiles folder.
Dirk Wagner [Wed, 15 Apr 2015 12:17:34 +0000 (14:17 +0200)]
asterisk addon: upate to 11.17.1
Dirk Wagner [Wed, 15 Apr 2015 12:16:36 +0000 (14:16 +0200)]
libsrtp: upgrade to 1.5.2
Arne Fitzenreiter [Thu, 23 Apr 2015 21:31:58 +0000 (23:31 +0200)]
openssl: fix typo on arm config.
Arne Fitzenreiter [Thu, 23 Apr 2015 19:18:42 +0000 (21:18 +0200)]
core90: ship backupiso withupdate.
this file was missing in core87.
Michael Tremer [Thu, 23 Apr 2015 12:28:41 +0000 (14:28 +0200)]
Drop openssl-compat package
Michael Tremer [Thu, 23 Apr 2015 11:33:35 +0000 (13:33 +0200)]
openssl: Enable all assembly optimisations build SSE2 optimised version
Fixes #10814
Alexander Marx [Thu, 23 Apr 2015 07:20:00 +0000 (09:20 +0200)]
BUG10812: fix missing slash in path
Arne Fitzenreiter [Wed, 22 Apr 2015 20:15:27 +0000 (22:15 +0200)]
rootfiles: fix build on arm.
i586 -> MACHINE
Stefan Schantl [Wed, 22 Apr 2015 16:35:00 +0000 (18:35 +0200)]
Core 90: Ship modified country.cgi.
Stefan Schantl [Wed, 22 Apr 2015 16:28:58 +0000 (18:28 +0200)]
tor: Increase PAK_VER for shipping modified CGI file.
Stefan Schantl [Wed, 22 Apr 2015 16:25:25 +0000 (18:25 +0200)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Stefan Schantl [Wed, 22 Apr 2015 16:18:38 +0000 (18:18 +0200)]
Rename Locale::Country to Locale::Codes::Country in various scripts.
The new Locale-Country version needs to be loaded and used by specifing
Locale::Codes::Country since an upstream API change. Adjusting various perl
scripts to use the module in the proper way again.
Michael Tremer [Wed, 22 Apr 2015 14:08:42 +0000 (16:08 +0200)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Alexander Marx [Wed, 22 Apr 2015 13:02:02 +0000 (15:02 +0200)]
BUG10812: change ovpnserver config if needed
Michael Tremer [Wed, 22 Apr 2015 12:45:10 +0000 (14:45 +0200)]
vpnmain.cgi: Order ciphers by strength
strongSwan uses them in the defined order. Hence it makes
much more sense to present them to the user as well in that
order.
Michael Tremer [Wed, 22 Apr 2015 12:44:16 +0000 (14:44 +0200)]
vpnmain.cgi: Use integrity functions as PRF for AEAD
Michael Tremer [Wed, 22 Apr 2015 12:08:41 +0000 (14:08 +0200)]
vpnmain.cgi: Rewrite algorithm generation code
Alexander Marx [Wed, 22 Apr 2015 11:32:04 +0000 (13:32 +0200)]
squid-accounting: fix mistakenly deleted lines from last commit
Michael Tremer [Wed, 22 Apr 2015 11:07:30 +0000 (13:07 +0200)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Wed, 22 Apr 2015 11:06:52 +0000 (13:06 +0200)]
index.cgi: Hide blue and green if not enabled
Those were shown when a blue or orange interface
was assigned which is not the same as enabled.
Alexander Marx [Tue, 21 Apr 2015 09:25:29 +0000 (11:25 +0200)]
Squid-accounting: new Version 1.0.3 (graph updates, movedb update)
New Version. Now the data is correctly moved to hist table when month
has changed.
Also the graphs for old month starts by zero. In old version graphdata
was started by total amount of bytes.
Michael Tremer [Tue, 21 Apr 2015 17:36:40 +0000 (19:36 +0200)]
ipsec: Always enable support for IKE fragmentation
Stefan Schantl [Tue, 21 Apr 2015 17:20:26 +0000 (19:20 +0200)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Stefan Schantl [Tue, 21 Apr 2015 17:16:26 +0000 (19:16 +0200)]
Revert "Revert "perl-Locale-Country: Update country codes to version 3.33.""
This reverts commit
cbc5a4374fd19c8657792f14813da52b801fd681 .
Stefan Schantl [Tue, 21 Apr 2015 17:16:03 +0000 (19:16 +0200)]
Revert "Revert roofile update for Locale-Country."
This reverts commit
91d6b6ef07fc9915dcb2ca8ed0147118615b690d .
Arne Fitzenreiter [Tue, 21 Apr 2015 12:02:47 +0000 (14:02 +0200)]
kernel: update to 3.14.39
Arne Fitzenreiter [Mon, 20 Apr 2015 21:14:11 +0000 (23:14 +0200)]
rules.pl: fix geoip initialisation.
Arne Fitzenreiter [Mon, 20 Apr 2015 20:57:24 +0000 (22:57 +0200)]
remove ipp2p patches.
ipp2p is build by xtables addons now.
Arne Fitzenreiter [Mon, 20 Apr 2015 20:48:46 +0000 (22:48 +0200)]
functions.network: update dhcp client commandline.
this fix trailing space before hostname.
Stefan Schantl [Mon, 20 Apr 2015 17:03:52 +0000 (19:03 +0200)]
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Stefan Schantl [Sun, 19 Apr 2015 10:51:44 +0000 (12:51 +0200)]
ovpnmain.cgi: Update the certificate revocation list when a connection has been deleted.
Reference #10554.
Michael Tremer [Sun, 19 Apr 2015 09:58:50 +0000 (11:58 +0200)]
openssl: Fix build by updating the patches
Matthias Fischer [Sat, 18 Apr 2015 22:49:26 +0000 (00:49 +0200)]
openssl: Update to 1.0.2a
Stefan Schantl [Sat, 18 Apr 2015 23:23:18 +0000 (01:23 +0200)]
Core 90: Add changed css files.
Stefan Schantl [Sat, 18 Apr 2015 23:04:14 +0000 (01:04 +0200)]
firewall.cgi: Dynamically show/hide DNAT and SNAT configure elements.
Fixes #10732.
Stefan Schantl [Sat, 18 Apr 2015 23:15:02 +0000 (01:15 +0200)]
Core 90: Add changed ovpnmain.cgi.
Michael Tremer [Sat, 18 Apr 2015 21:36:20 +0000 (23:36 +0200)]
core90: Add changed vpnmain.cgi
Wolfgang Apolinarski [Sat, 18 Apr 2015 13:15:45 +0000 (15:15 +0200)]
Added clientAuth to EKU of client certificate. Fixed the comment.
Michael Tremer [Sat, 18 Apr 2015 14:42:22 +0000 (16:42 +0200)]
xtables-addon: Build all matches and targets
Michael Tremer [Sat, 18 Apr 2015 14:16:01 +0000 (16:16 +0200)]
Update translations
Michael Tremer [Sat, 18 Apr 2015 14:15:17 +0000 (16:15 +0200)]
Merge remote-tracking branch 'stevee/core-90-geoip' into next
Michael Tremer [Sat, 18 Apr 2015 14:11:29 +0000 (16:11 +0200)]
dnsmasq: Import more patches from upstream
Stefan Schantl [Thu, 16 Apr 2015 20:00:51 +0000 (22:00 +0200)]
Core90: Update crontab.
Arne Fitzenreiter [Thu, 16 Apr 2015 18:52:44 +0000 (20:52 +0200)]
kernel: update to 3.14.38
Stefan Schantl [Thu, 16 Apr 2015 18:37:00 +0000 (20:37 +0200)]
Core90: Add GeoIP to update.
Stefan Schantl [Thu, 16 Apr 2015 17:40:53 +0000 (19:40 +0200)]
Roofile updates for GeoIP related files.
Stefan Schantl [Thu, 16 Apr 2015 17:39:11 +0000 (19:39 +0200)]
configroot: Add geoip related files.
Create required empty files and install geoip-functions.pl to
desired destination.
Stefan Schantl [Thu, 16 Apr 2015 08:51:44 +0000 (10:51 +0200)]
Revert "perl-Locale-Country: Update country codes to version 3.33."
This reverts commit
bf235e962cdd2d0d95d9a6ccfef0b449d181bb04 .
Stefan Schantl [Thu, 16 Apr 2015 08:51:03 +0000 (10:51 +0200)]
Revert roofile update for Locale-Country.
This reverts commit
f2d941436b9721cdbfc37f0c7769088d14621d13 .
Stefan Schantl [Wed, 15 Apr 2015 15:10:49 +0000 (17:10 +0200)]
Merge branch 'next-geoip' into core-90-geoip
Arne Fitzenreiter [Tue, 14 Apr 2015 18:26:21 +0000 (20:26 +0200)]
Merge remote-tracking branch 'origin/master' into next
Michael Tremer [Tue, 14 Apr 2015 18:06:19 +0000 (20:06 +0200)]
Update translations
Michael Tremer [Tue, 14 Apr 2015 18:05:32 +0000 (20:05 +0200)]
vpn-stats: Use more descriptive menu entry names
Arne Fitzenreiter [Tue, 14 Apr 2015 15:59:21 +0000 (17:59 +0200)]
Merge remote-tracking branch 'origin/master' into next
Arne Fitzenreiter [Tue, 14 Apr 2015 08:27:17 +0000 (10:27 +0200)]
start core90.
Alexander Marx [Mon, 13 Apr 2015 14:26:48 +0000 (16:26 +0200)]
vpn-statistic: add URI::escape for openvpn names with special chars
Alexander Marx [Tue, 14 Apr 2015 09:53:28 +0000 (11:53 +0200)]
vpn-statistic: add collectd parameters to imported n2n packages
Arne Fitzenreiter [Mon, 13 Apr 2015 15:11:41 +0000 (17:11 +0200)]
Merge remote-tracking branch 'origin/master' into next
Alexander Marx [Mon, 13 Apr 2015 13:03:17 +0000 (15:03 +0200)]
vpn-statistic: update old n2n configs in update.sh
Michael Tremer [Mon, 13 Apr 2015 13:45:52 +0000 (15:45 +0200)]
collectd: Ignore any errors if openvpn status files are missing