ipfire-2.x.git
6 years agoopenssl: Don't ship an SSE-optimised version of libssl
Michael Tremer [Tue, 28 Apr 2015 09:15:38 +0000 (11:15 +0200)] 
openssl: Don't ship an SSE-optimised version of libssl

This one does not benefit at all from any optimisations
of this kind. Only libcrypto.so.10 which holds the implementation
of ciphers and hashes gains better performance by using SSE2.

6 years agoMerge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Tue, 28 Apr 2015 09:14:45 +0000 (11:14 +0200)] 
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

6 years agotzdata: Update to version 2015d
Michael Tremer [Tue, 28 Apr 2015 09:13:03 +0000 (11:13 +0200)] 
tzdata: Update to version 2015d

6 years agoopenssl: auto enable padlock engine.
Arne Fitzenreiter [Mon, 27 Apr 2015 20:15:20 +0000 (22:15 +0200)] 
openssl: auto enable padlock engine.

6 years agoglibc: Fix CVE-2013-7423 and CVE-2015-1781
Michael Tremer [Mon, 27 Apr 2015 19:17:17 +0000 (21:17 +0200)] 
glibc: Fix CVE-2013-7423 and CVE-2015-1781

CVE-2013-7423: Fix invalid file descriptor reuse while sending DNS query
CVE-2015-1781: Fix buffer overflow in gethostbyname_r with misaligned buffer

6 years agoopenssl: change sse2 optimization to i686.
Arne Fitzenreiter [Mon, 27 Apr 2015 19:19:46 +0000 (21:19 +0200)] 
openssl: change sse2 optimization to i686.

6 years agostrongswan: Increase stroke buffer size to 8k
Michael Tremer [Mon, 27 Apr 2015 18:58:45 +0000 (20:58 +0200)] 
strongswan: Increase stroke buffer size to 8k

6 years agodnsmasq: Import latest fixes from upstream
Michael Tremer [Mon, 27 Apr 2015 16:10:34 +0000 (18:10 +0200)] 
dnsmasq: Import latest fixes from upstream

6 years agoAdd rootfile check for hardcoded machine type.
Arne Fitzenreiter [Sat, 25 Apr 2015 11:23:34 +0000 (13:23 +0200)] 
Add rootfile check for hardcoded machine type.

6 years agolibsrtp: update rootfile.
Arne Fitzenreiter [Sat, 25 Apr 2015 07:49:37 +0000 (09:49 +0200)] 
libsrtp: update rootfile.

6 years agocore90: remove missing file from openssl-0.9.8-files.
Arne Fitzenreiter [Fri, 24 Apr 2015 18:06:13 +0000 (20:06 +0200)] 
core90: remove missing file from openssl-0.9.8-files.

6 years agoopenssl: fix ssl2 rootfile handling.
Arne Fitzenreiter [Fri, 24 Apr 2015 18:03:45 +0000 (20:03 +0200)] 
openssl: fix ssl2 rootfile handling.

KCFG will added to the lfs filename at determine the filename in config/rootfiles folder.

6 years agoasterisk addon: upate to 11.17.1
Dirk Wagner [Wed, 15 Apr 2015 12:17:34 +0000 (14:17 +0200)] 
asterisk addon: upate to 11.17.1

6 years agolibsrtp: upgrade to 1.5.2
Dirk Wagner [Wed, 15 Apr 2015 12:16:36 +0000 (14:16 +0200)] 
libsrtp: upgrade to 1.5.2

6 years agoopenssl: fix typo on arm config.
Arne Fitzenreiter [Thu, 23 Apr 2015 21:31:58 +0000 (23:31 +0200)] 
openssl: fix typo on arm config.

6 years agocore90: ship backupiso withupdate.
Arne Fitzenreiter [Thu, 23 Apr 2015 19:18:42 +0000 (21:18 +0200)] 
core90: ship backupiso withupdate.

this file was missing in core87.

6 years agoDrop openssl-compat package
Michael Tremer [Thu, 23 Apr 2015 12:28:41 +0000 (14:28 +0200)] 
Drop openssl-compat package

6 years agoopenssl: Enable all assembly optimisations build SSE2 optimised version
Michael Tremer [Thu, 23 Apr 2015 11:33:35 +0000 (13:33 +0200)] 
openssl: Enable all assembly optimisations build SSE2 optimised version

Fixes #10814

6 years agoBUG10812: fix missing slash in path
Alexander Marx [Thu, 23 Apr 2015 07:20:00 +0000 (09:20 +0200)] 
BUG10812: fix missing slash in path

6 years agorootfiles: fix build on arm.
Arne Fitzenreiter [Wed, 22 Apr 2015 20:15:27 +0000 (22:15 +0200)] 
rootfiles: fix build on arm.

i586 -> MACHINE

6 years agoCore 90: Ship modified country.cgi.
Stefan Schantl [Wed, 22 Apr 2015 16:35:00 +0000 (18:35 +0200)] 
Core 90: Ship modified country.cgi.

6 years agotor: Increase PAK_VER for shipping modified CGI file.
Stefan Schantl [Wed, 22 Apr 2015 16:28:58 +0000 (18:28 +0200)] 
tor: Increase PAK_VER for shipping modified CGI file.

6 years agoMerge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Stefan Schantl [Wed, 22 Apr 2015 16:25:25 +0000 (18:25 +0200)] 
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

6 years agoRename Locale::Country to Locale::Codes::Country in various scripts.
Stefan Schantl [Wed, 22 Apr 2015 16:18:38 +0000 (18:18 +0200)] 
Rename Locale::Country to Locale::Codes::Country in various scripts.

The new Locale-Country version needs to be loaded and used by specifing
Locale::Codes::Country since an upstream API change. Adjusting various perl
scripts to use the module in the proper way again.

6 years agoMerge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Wed, 22 Apr 2015 14:08:42 +0000 (16:08 +0200)] 
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

6 years agoBUG10812: change ovpnserver config if needed
Alexander Marx [Wed, 22 Apr 2015 13:02:02 +0000 (15:02 +0200)] 
BUG10812: change ovpnserver config if needed

6 years agovpnmain.cgi: Order ciphers by strength
Michael Tremer [Wed, 22 Apr 2015 12:45:10 +0000 (14:45 +0200)] 
vpnmain.cgi: Order ciphers by strength

strongSwan uses them in the defined order. Hence it makes
much more sense to present them to the user as well in that
order.

6 years agovpnmain.cgi: Use integrity functions as PRF for AEAD
Michael Tremer [Wed, 22 Apr 2015 12:44:16 +0000 (14:44 +0200)] 
vpnmain.cgi: Use integrity functions as PRF for AEAD

6 years agovpnmain.cgi: Rewrite algorithm generation code
Michael Tremer [Wed, 22 Apr 2015 12:08:41 +0000 (14:08 +0200)] 
vpnmain.cgi: Rewrite algorithm generation code

6 years agosquid-accounting: fix mistakenly deleted lines from last commit
Alexander Marx [Wed, 22 Apr 2015 11:32:04 +0000 (13:32 +0200)] 
squid-accounting: fix mistakenly deleted lines from last commit

6 years agoMerge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Michael Tremer [Wed, 22 Apr 2015 11:07:30 +0000 (13:07 +0200)] 
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

6 years agoindex.cgi: Hide blue and green if not enabled
Michael Tremer [Wed, 22 Apr 2015 11:06:52 +0000 (13:06 +0200)] 
index.cgi: Hide blue and green if not enabled

Those were shown when a blue or orange interface
was assigned which is not the same as enabled.

6 years agoSquid-accounting: new Version 1.0.3 (graph updates, movedb update)
Alexander Marx [Tue, 21 Apr 2015 09:25:29 +0000 (11:25 +0200)] 
Squid-accounting: new Version 1.0.3 (graph updates, movedb update)

New Version. Now the data is correctly moved to hist table when month
has changed.
Also the graphs for old month starts by zero. In old version graphdata
was started by total amount of bytes.

6 years agoipsec: Always enable support for IKE fragmentation
Michael Tremer [Tue, 21 Apr 2015 17:36:40 +0000 (19:36 +0200)] 
ipsec: Always enable support for IKE fragmentation

6 years agoMerge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Stefan Schantl [Tue, 21 Apr 2015 17:20:26 +0000 (19:20 +0200)] 
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

6 years agoRevert "Revert "perl-Locale-Country: Update country codes to version 3.33.""
Stefan Schantl [Tue, 21 Apr 2015 17:16:26 +0000 (19:16 +0200)] 
Revert "Revert "perl-Locale-Country: Update country codes to version 3.33.""

This reverts commit cbc5a4374fd19c8657792f14813da52b801fd681.

6 years agoRevert "Revert roofile update for Locale-Country."
Stefan Schantl [Tue, 21 Apr 2015 17:16:03 +0000 (19:16 +0200)] 
Revert "Revert roofile update for Locale-Country."

This reverts commit 91d6b6ef07fc9915dcb2ca8ed0147118615b690d.

6 years agokernel: update to 3.14.39
Arne Fitzenreiter [Tue, 21 Apr 2015 12:02:47 +0000 (14:02 +0200)] 
kernel: update to 3.14.39

6 years agorules.pl: fix geoip initialisation.
Arne Fitzenreiter [Mon, 20 Apr 2015 21:14:11 +0000 (23:14 +0200)] 
rules.pl: fix geoip initialisation.

6 years agoremove ipp2p patches.
Arne Fitzenreiter [Mon, 20 Apr 2015 20:57:24 +0000 (22:57 +0200)] 
remove ipp2p patches.

ipp2p is build by xtables addons now.

6 years agofunctions.network: update dhcp client commandline.
Arne Fitzenreiter [Mon, 20 Apr 2015 20:48:46 +0000 (22:48 +0200)] 
functions.network: update dhcp client commandline.

this fix trailing space before hostname.

6 years agoMerge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Stefan Schantl [Mon, 20 Apr 2015 17:03:52 +0000 (19:03 +0200)] 
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

6 years agoovpnmain.cgi: Update the certificate revocation list when a connection has been deleted.
Stefan Schantl [Sun, 19 Apr 2015 10:51:44 +0000 (12:51 +0200)] 
ovpnmain.cgi: Update the certificate revocation list when a connection has been deleted.

Reference #10554.

6 years agoopenssl: Fix build by updating the patches
Michael Tremer [Sun, 19 Apr 2015 09:58:50 +0000 (11:58 +0200)] 
openssl: Fix build by updating the patches

6 years agoopenssl: Update to 1.0.2a
Matthias Fischer [Sat, 18 Apr 2015 22:49:26 +0000 (00:49 +0200)] 
openssl: Update to 1.0.2a

6 years agoCore 90: Add changed css files.
Stefan Schantl [Sat, 18 Apr 2015 23:23:18 +0000 (01:23 +0200)] 
Core 90: Add changed css files.

6 years agofirewall.cgi: Dynamically show/hide DNAT and SNAT configure elements.
Stefan Schantl [Sat, 18 Apr 2015 23:04:14 +0000 (01:04 +0200)] 
firewall.cgi: Dynamically show/hide DNAT and SNAT configure elements.

Fixes #10732.

6 years agoCore 90: Add changed ovpnmain.cgi.
Stefan Schantl [Sat, 18 Apr 2015 23:15:02 +0000 (01:15 +0200)] 
Core 90: Add changed ovpnmain.cgi.

6 years agocore90: Add changed vpnmain.cgi
Michael Tremer [Sat, 18 Apr 2015 21:36:20 +0000 (23:36 +0200)] 
core90: Add changed vpnmain.cgi

6 years agoAdded clientAuth to EKU of client certificate. Fixed the comment.
Wolfgang Apolinarski [Sat, 18 Apr 2015 13:15:45 +0000 (15:15 +0200)] 
Added clientAuth to EKU of client certificate. Fixed the comment.

6 years agoxtables-addon: Build all matches and targets
Michael Tremer [Sat, 18 Apr 2015 14:42:22 +0000 (16:42 +0200)] 
xtables-addon: Build all matches and targets

6 years agoUpdate translations
Michael Tremer [Sat, 18 Apr 2015 14:16:01 +0000 (16:16 +0200)] 
Update translations

6 years agoMerge remote-tracking branch 'stevee/core-90-geoip' into next
Michael Tremer [Sat, 18 Apr 2015 14:15:17 +0000 (16:15 +0200)] 
Merge remote-tracking branch 'stevee/core-90-geoip' into next

6 years agodnsmasq: Import more patches from upstream
Michael Tremer [Sat, 18 Apr 2015 14:11:29 +0000 (16:11 +0200)] 
dnsmasq: Import more patches from upstream

6 years agoCore90: Update crontab.
Stefan Schantl [Thu, 16 Apr 2015 20:00:51 +0000 (22:00 +0200)] 
Core90: Update crontab.

6 years agokernel: update to 3.14.38
Arne Fitzenreiter [Thu, 16 Apr 2015 18:52:44 +0000 (20:52 +0200)] 
kernel: update to 3.14.38

6 years agoCore90: Add GeoIP to update.
Stefan Schantl [Thu, 16 Apr 2015 18:37:00 +0000 (20:37 +0200)] 
Core90: Add GeoIP to update.

6 years agoRoofile updates for GeoIP related files.
Stefan Schantl [Thu, 16 Apr 2015 17:40:53 +0000 (19:40 +0200)] 
Roofile updates for GeoIP related files.

6 years agoconfigroot: Add geoip related files.
Stefan Schantl [Thu, 16 Apr 2015 17:39:11 +0000 (19:39 +0200)] 
configroot: Add geoip related files.

Create required empty files and install geoip-functions.pl to
desired destination.

6 years agoRevert "perl-Locale-Country: Update country codes to version 3.33."
Stefan Schantl [Thu, 16 Apr 2015 08:51:44 +0000 (10:51 +0200)] 
Revert "perl-Locale-Country: Update country codes to version 3.33."

This reverts commit bf235e962cdd2d0d95d9a6ccfef0b449d181bb04.

6 years agoRevert roofile update for Locale-Country.
Stefan Schantl [Thu, 16 Apr 2015 08:51:03 +0000 (10:51 +0200)] 
Revert roofile update for Locale-Country.

This reverts commit f2d941436b9721cdbfc37f0c7769088d14621d13.

6 years agoMerge branch 'next-geoip' into core-90-geoip
Stefan Schantl [Wed, 15 Apr 2015 15:10:49 +0000 (17:10 +0200)] 
Merge branch 'next-geoip' into core-90-geoip

6 years agoMerge remote-tracking branch 'origin/master' into next
Arne Fitzenreiter [Tue, 14 Apr 2015 18:26:21 +0000 (20:26 +0200)] 
Merge remote-tracking branch 'origin/master' into next

6 years agoUpdate translations
Michael Tremer [Tue, 14 Apr 2015 18:06:19 +0000 (20:06 +0200)] 
Update translations

6 years agovpn-stats: Use more descriptive menu entry names
Michael Tremer [Tue, 14 Apr 2015 18:05:32 +0000 (20:05 +0200)] 
vpn-stats: Use more descriptive menu entry names

6 years agoMerge remote-tracking branch 'origin/master' into next
Arne Fitzenreiter [Tue, 14 Apr 2015 15:59:21 +0000 (17:59 +0200)] 
Merge remote-tracking branch 'origin/master' into next

6 years agostart core90.
Arne Fitzenreiter [Tue, 14 Apr 2015 08:27:17 +0000 (10:27 +0200)] 
start core90.

6 years agovpn-statistic: add URI::escape for openvpn names with special chars
Alexander Marx [Mon, 13 Apr 2015 14:26:48 +0000 (16:26 +0200)] 
vpn-statistic: add URI::escape for openvpn names with special chars

6 years agovpn-statistic: add collectd parameters to imported n2n packages
Alexander Marx [Tue, 14 Apr 2015 09:53:28 +0000 (11:53 +0200)] 
vpn-statistic: add collectd parameters to imported n2n packages

6 years agoMerge remote-tracking branch 'origin/master' into next
Arne Fitzenreiter [Mon, 13 Apr 2015 15:11:41 +0000 (17:11 +0200)] 
Merge remote-tracking branch 'origin/master' into next

6 years agovpn-statistic: update old n2n configs in update.sh
Alexander Marx [Mon, 13 Apr 2015 13:03:17 +0000 (15:03 +0200)] 
vpn-statistic: update old n2n configs in update.sh

6 years agocollectd: Ignore any errors if openvpn status files are missing
Michael Tremer [Mon, 13 Apr 2015 13:45:52 +0000 (15:45 +0200)] 
collectd: Ignore any errors if openvpn status files are missing

6 years agobackup: Include sshd config file.
Stefan Schantl [Mon, 13 Apr 2015 13:35:15 +0000 (15:35 +0200)] 
backup: Include sshd config file.

The sshd config file was not included in the backups, so if the port
was switched from the default one to another one, the changed value was
correctly restored and displayed in the WUI but still the original sshd
config file was present and the default port has been used.

This issue is fixed by this commit.

Fixes #10446.

6 years agoMerge remote-tracking branch 'amarx/BUG10796' into next
Michael Tremer [Mon, 13 Apr 2015 10:17:53 +0000 (12:17 +0200)] 
Merge remote-tracking branch 'amarx/BUG10796' into next

6 years agocore89: Move converter to the end because collectd should be restarted at last
Michael Tremer [Mon, 13 Apr 2015 09:39:08 +0000 (11:39 +0200)] 
core89: Move converter to the end because collectd should be restarted at last

6 years agoMerge remote-tracking branch 'amarx/BUG10797' into next
Michael Tremer [Mon, 13 Apr 2015 09:28:57 +0000 (11:28 +0200)] 
Merge remote-tracking branch 'amarx/BUG10797' into next

6 years agovpn-stats: Show daily graph as *all* other graphs do, too
Michael Tremer [Mon, 13 Apr 2015 08:57:09 +0000 (10:57 +0200)] 
vpn-stats: Show daily graph as *all* other graphs do, too

6 years agocore89: Fix permissions of /var/ipfire/dns
Michael Tremer [Mon, 13 Apr 2015 08:49:14 +0000 (10:49 +0200)] 
core89: Fix permissions of /var/ipfire/dns

6 years agocore89: Create temporary files in update to avoid reboot
Michael Tremer [Mon, 13 Apr 2015 08:24:44 +0000 (10:24 +0200)] 
core89: Create temporary files in update to avoid reboot

6 years agoBUG10797: Fix addontable in services.cgi when using squid-accounting addon
Alexander Marx [Mon, 13 Apr 2015 06:36:00 +0000 (08:36 +0200)] 
BUG10797: Fix addontable in services.cgi when using squid-accounting addon

When squid-accounting addon is installed, it shows up under services.cgi
as "squid" service which is wrong.

6 years agoBUG10796: Fix textoutput when doing pakfire update in WebUI
Alexander Marx [Mon, 13 Apr 2015 05:52:25 +0000 (07:52 +0200)] 
BUG10796: Fix textoutput when doing pakfire update in WebUI

6 years agoMerge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
Stefan Schantl [Sun, 12 Apr 2015 21:23:40 +0000 (23:23 +0200)] 
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

6 years agoovpnmain.cgi: Fix layout of CA related elements.
Stefan Schantl [Sun, 12 Apr 2015 21:18:11 +0000 (23:18 +0200)] 
ovpnmain.cgi: Fix layout of CA related elements.

Those elements where displayed out of the main box in the past.

6 years agoMerge remote-tracking branch 'origin/master' into next
Arne Fitzenreiter [Sun, 12 Apr 2015 20:53:06 +0000 (22:53 +0200)] 
Merge remote-tracking branch 'origin/master' into next

6 years agocollectd: Ignore errors from OpenVPN configuration file
Michael Tremer [Sun, 12 Apr 2015 20:44:50 +0000 (22:44 +0200)] 
collectd: Ignore errors from OpenVPN configuration file

6 years agoovpnmain.cgi: Remove DDEVICE setting
Michael Tremer [Sun, 12 Apr 2015 20:33:41 +0000 (22:33 +0200)] 
ovpnmain.cgi: Remove DDEVICE setting

This was used to select a TUN or TAP device from which TAP
was never supported anyway.

6 years agocore89: Fix permissions of collectd.vpn after update
Michael Tremer [Sun, 12 Apr 2015 20:33:16 +0000 (22:33 +0200)] 
core89: Fix permissions of collectd.vpn after update

6 years agocore89: Do not add collectd include multiple times
Michael Tremer [Sun, 12 Apr 2015 20:28:42 +0000 (22:28 +0200)] 
core89: Do not add collectd include multiple times

6 years agohostapd: remove MADWIFI from initskript
Arne Fitzenreiter [Sat, 11 Apr 2015 20:23:31 +0000 (22:23 +0200)] 
hostapd: remove MADWIFI from initskript

6 years agowlansp.cgi: remove MADWIFI functions.
Arne Fitzenreiter [Sat, 11 Apr 2015 20:18:26 +0000 (22:18 +0200)] 
wlansp.cgi: remove MADWIFI functions.

6 years agowlanap.cgi: hide "no IR" channels
Arne Fitzenreiter [Sat, 11 Apr 2015 20:09:18 +0000 (22:09 +0200)] 
wlanap.cgi: hide "no IR" channels

6 years agohostapd: update to 2.4
Arne Fitzenreiter [Sat, 11 Apr 2015 20:03:03 +0000 (22:03 +0200)] 
hostapd: update to 2.4

6 years agowpa_supplicant: update to 2.4
Arne Fitzenreiter [Sat, 11 Apr 2015 20:02:33 +0000 (22:02 +0200)] 
wpa_supplicant: update to 2.4

6 years agoMerge branch 'master' into next
Arne Fitzenreiter [Sat, 11 Apr 2015 19:58:09 +0000 (21:58 +0200)] 
Merge branch 'master' into next

Conflicts:
lfs/monit

6 years agovpn-statistic: fix removal of rw rrd-data
Alexander Marx [Sat, 11 Apr 2015 05:12:32 +0000 (07:12 +0200)] 
vpn-statistic: fix removal of rw rrd-data

Due to a missing slash the rrd data of a deleted rrd-connection was not
deleted

6 years agovpn-statistic: move collectd converter to the right place
Alexander Marx [Sat, 11 Apr 2015 03:34:34 +0000 (05:34 +0200)] 
vpn-statistic: move collectd converter to the right place

Build of cdrom will fail if the converter script is not moved to the
right place

6 years agovpn-statistic: fix alignment of graph legend for n2n graphs
Alexander Marx [Fri, 10 Apr 2015 13:47:10 +0000 (15:47 +0200)] 
vpn-statistic: fix alignment of graph legend for n2n graphs

6 years agopound: Decrease the size of the DH key to 1024 bits
Michael Tremer [Fri, 10 Apr 2015 11:48:47 +0000 (13:48 +0200)] 
pound: Decrease the size of the DH key to 1024 bits

Generating a 2048 bit key takes way too long to be feasible
at build time.

6 years agoopenvpn: Stop N2N connections before they are removed
Michael Tremer [Fri, 10 Apr 2015 11:32:48 +0000 (13:32 +0200)] 
openvpn: Stop N2N connections before they are removed

6 years agoopenvpn: Move remving files in /var/run to openvpnctrl
Michael Tremer [Fri, 10 Apr 2015 11:27:32 +0000 (13:27 +0200)] 
openvpn: Move remving files in /var/run to openvpnctrl