people/pmueller/ipfire-2.x.git
3 years agocaptive: Get MAC address of a device without calling arp
Michael Tremer [Tue, 25 Apr 2017 11:52:29 +0000 (12:52 +0100)] 
captive: Get MAC address of a device without calling arp

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agocaptive: Don't compare action string
Michael Tremer [Tue, 25 Apr 2017 11:32:05 +0000 (12:32 +0100)] 
captive: Don't compare action string

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agocaptive: Import new design
Michael Tremer [Tue, 25 Apr 2017 11:24:45 +0000 (12:24 +0100)] 
captive: Import new design

This is the new design of the access page of the captive
portal. It is based on the Bootstrap 4 grid system and
reboot but does not use anything else from it.

It is responsive and customisable.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agobootstrap: New package
Michael Tremer [Mon, 24 Apr 2017 11:25:53 +0000 (12:25 +0100)] 
bootstrap: New package

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agocaptive-portal: Use template engine to render HTML template
Michael Tremer [Fri, 21 Apr 2017 16:34:59 +0000 (17:34 +0100)] 
captive-portal: Use template engine to render HTML template

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agocaptive-portal: Move CGI files to CGI directory
Michael Tremer [Fri, 21 Apr 2017 15:46:49 +0000 (16:46 +0100)] 
captive-portal: Move CGI files to CGI directory

Previously the assets directory has ExecCGI privileges
which is not at all required and potentially dangerous.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agocaptive-portal: Code cleanup
Michael Tremer [Fri, 21 Apr 2017 15:29:39 +0000 (16:29 +0100)] 
captive-portal: Code cleanup

No functional changes

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agocaptive: Fix bug with multiple license clients
Michael Tremer [Sun, 4 Sep 2016 08:57:26 +0000 (09:57 +0100)] 
captive: Fix bug with multiple license clients

If one active client with a license existed, any other client
authenticating will overwrite the configuration line.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agocaptive: Do not generally allow access to TCP/1013
Michael Tremer [Sun, 4 Sep 2016 08:45:53 +0000 (09:45 +0100)] 
captive: Do not generally allow access to TCP/1013

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agocaptive: Only make CGI script executable in document root
Michael Tremer [Sun, 4 Sep 2016 08:31:46 +0000 (09:31 +0100)] 
captive: Only make CGI script executable in document root

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agocaptive: Reindent apache configuration
Michael Tremer [Sun, 4 Sep 2016 08:27:29 +0000 (09:27 +0100)] 
captive: Reindent apache configuration

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agocaptive: Log into default apache log files
Michael Tremer [Sun, 4 Sep 2016 08:25:41 +0000 (09:25 +0100)] 
captive: Log into default apache log files

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agoCaptive-portal: Design changes
Alexander Marx [Tue, 12 Jul 2016 06:13:04 +0000 (08:13 +0200)] 
Captive-portal: Design changes

When choosing voucher as authentication type there is no need to display the license agreement textbox

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agoBUG11141: Redesign of configuration website
Alexander Marx [Thu, 7 Jul 2016 09:27:40 +0000 (11:27 +0200)] 
BUG11141: Redesign of configuration website

To improve the user experience, the configuration part of generating new vouchers has been reworked.

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agoBUG11140: Captive logo dimensions
Alexander Marx [Tue, 5 Jul 2016 09:39:16 +0000 (11:39 +0200)] 
BUG11140: Captive logo dimensions

Now the min and max logo dimensions are shown in webinterface.

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agoBUG11137: Captive save action messes up the form
Alexander Marx [Wed, 29 Jun 2016 10:47:55 +0000 (12:47 +0200)] 
BUG11137: Captive save action messes up the form

When configuring the captiveportal for the first time the form
will be empty after clicking on save button if not all relevant fields are set.

Now the settings are stored even if there is an error.

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agoBUG11139: Captive voucher table too wide
Alexander Marx [Wed, 29 Jun 2016 10:36:18 +0000 (12:36 +0200)] 
BUG11139: Captive voucher table too wide

Set table to 100% and the remark textfield to 96% (cellwidth)

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agoImprove the wording of the Captive Portal configuration site
Michael Tremer [Mon, 20 Jun 2016 19:26:00 +0000 (20:26 +0100)] 
Improve the wording of the Captive Portal configuration site

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agoUpdate translations
Michael Tremer [Mon, 20 Jun 2016 14:50:05 +0000 (15:50 +0100)] 
Update translations

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agoRootfile update
Michael Tremer [Mon, 20 Jun 2016 14:49:26 +0000 (15:49 +0100)] 
Rootfile update

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agoCaptive-Portal: fix fontsize of generated voucher
Alexander Marx [Thu, 11 Feb 2016 06:21:29 +0000 (07:21 +0100)] 
Captive-Portal: fix fontsize of generated voucher

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
3 years agoCaptive-Portal: Fix folder permissions
Alexander Marx [Wed, 10 Feb 2016 14:36:49 +0000 (15:36 +0100)] 
Captive-Portal: Fix folder permissions

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
3 years agoCaptive-Portal: fix some typos and missing dir
Alexander Marx [Wed, 10 Feb 2016 14:05:35 +0000 (15:05 +0100)] 
Captive-Portal: fix some typos and missing dir

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
3 years agoCaptive-Portal: Add logo upload feature
Alexander Marx [Wed, 10 Feb 2016 09:20:52 +0000 (10:20 +0100)] 
Captive-Portal: Add logo upload feature

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
3 years agoCaptive-portal: Add directory for logo upload
Alexander Marx [Wed, 10 Feb 2016 09:09:23 +0000 (10:09 +0100)] 
Captive-portal: Add directory for logo upload

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
3 years agocaptivectrl: Add protection against DNS tunnels
Michael Tremer [Mon, 8 Feb 2016 16:38:34 +0000 (16:38 +0000)] 
captivectrl: Add protection against DNS tunnels

Limit the amount of DNS traffic for each client that
has not registered, yet.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agocaptivectrl: Skip all lines that start with #
Michael Tremer [Mon, 8 Feb 2016 16:37:21 +0000 (16:37 +0000)] 
captivectrl: Skip all lines that start with #

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agoCaptive-Portal: fix cleanup script
Alexander Marx [Mon, 8 Feb 2016 09:56:01 +0000 (10:56 +0100)] 
Captive-Portal: fix cleanup script

The cleanup-script did not write back the hash after the expired voucher
was delted

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
3 years agoCaptive-Portal: add Errormessage when wrong code is entered
Alexander Marx [Thu, 4 Feb 2016 12:26:35 +0000 (13:26 +0100)] 
Captive-Portal: add Errormessage when wrong code is entered

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
3 years agoCaptive-Portal: fix wrong expiretime of unused vouchers
Alexander Marx [Thu, 4 Feb 2016 11:04:47 +0000 (12:04 +0100)] 
Captive-Portal: fix wrong expiretime of unused vouchers

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
3 years agoCaptive-Portal: fix voucher form
Alexander Marx [Thu, 4 Feb 2016 11:01:30 +0000 (12:01 +0100)] 
Captive-Portal: fix voucher form

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
3 years agoCaptive-Portal: add logging to syslog
Alexander Marx [Thu, 4 Feb 2016 07:10:11 +0000 (08:10 +0100)] 
Captive-Portal: add logging to syslog

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
3 years agoCaptive-Portal: SHow always licencebox in config
Alexander Marx [Thu, 4 Feb 2016 06:30:05 +0000 (07:30 +0100)] 
Captive-Portal: SHow always licencebox in config

Also fix index.cgi to show individual title

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
3 years agoCaptive-Portal: several design changes
Alexander Marx [Tue, 2 Feb 2016 13:30:13 +0000 (14:30 +0100)] 
Captive-Portal: several design changes

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
3 years agoCaptive-Portal: redesign Webinterface
Alexander Marx [Mon, 1 Feb 2016 15:14:50 +0000 (16:14 +0100)] 
Captive-Portal: redesign Webinterface

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
3 years agoCaptive-Portal: fix some rootfiles
Alexander Marx [Fri, 29 Jan 2016 11:52:27 +0000 (12:52 +0100)] 
Captive-Portal: fix some rootfiles

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
3 years agoCaptive-Portal: add backup-part
Alexander Marx [Fri, 29 Jan 2016 08:17:22 +0000 (09:17 +0100)] 
Captive-Portal: add backup-part

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
3 years agoCaptive-Portal: add captive logdir to apache2 rootfile
Alexander Marx [Fri, 29 Jan 2016 08:02:31 +0000 (09:02 +0100)] 
Captive-Portal: add captive logdir to apache2 rootfile

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
3 years agoCaptive-Portal: add files to configroot rootfile
Alexander Marx [Fri, 29 Jan 2016 07:56:16 +0000 (08:56 +0100)] 
Captive-Portal: add files to configroot rootfile

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
3 years agoCaptive-Portal: Add files for webinterface tio rootfile
Alexander Marx [Fri, 29 Jan 2016 07:52:32 +0000 (08:52 +0100)] 
Captive-Portal: Add files for webinterface tio rootfile

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
3 years agoCaptive-Portal: add vhost config to apache2 rootfile
Alexander Marx [Fri, 29 Jan 2016 07:44:01 +0000 (08:44 +0100)] 
Captive-Portal: add vhost config to apache2 rootfile

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
3 years agoCaptive-Portal: create dir for cative logfiles
Alexander Marx [Thu, 28 Jan 2016 15:21:51 +0000 (16:21 +0100)] 
Captive-Portal: create dir for cative logfiles

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
3 years agoCaptive-Portal: add captive dirs and files to configroot
Alexander Marx [Thu, 28 Jan 2016 15:14:34 +0000 (16:14 +0100)] 
Captive-Portal: add captive dirs and files to configroot

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
3 years agoCaptive-Portal: add captive chains to firewall initscript
Alexander Marx [Thu, 28 Jan 2016 15:08:32 +0000 (16:08 +0100)] 
Captive-Portal: add captive chains to firewall initscript

When loading the initscript of the firewall the neccessary chains for
the captive portalneed to be created.

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
3 years agoCaptive-Portal: add crontab and cleanup scripts
Alexander Marx [Thu, 28 Jan 2016 15:05:53 +0000 (16:05 +0100)] 
Captive-Portal: add crontab and cleanup scripts

The cleanup script is called every hour and deletes expired clients from
the clients file.
every night the captivectrl warpper runs once to flush the chains and
reload rules for active clients

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
3 years agoCaptive-Portal: add web-part
Alexander Marx [Thu, 28 Jan 2016 10:18:59 +0000 (11:18 +0100)] 
Captive-Portal: add web-part

Introduce new Captive-Portal.
Here we add the menu, apache configuration (vhost), IPFire configuration
website and Captive-Portal Access site. Also the languagefiles are
updated.

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
3 years agocaptivectrl: Move sure that the settings are always initialised
Michael Tremer [Thu, 4 Feb 2016 14:34:11 +0000 (14:34 +0000)] 
captivectrl: Move sure that the settings are always initialised

This just removes a compiler warning.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agowirelessctrl: Disable MAC filter on blue if captive portal is enabled
Michael Tremer [Thu, 4 Feb 2016 14:29:57 +0000 (14:29 +0000)] 
wirelessctrl: Disable MAC filter on blue if captive portal is enabled

Fixes #11038

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agocaptivectrl: Add missing space character
Michael Tremer [Sun, 31 Jan 2016 21:38:26 +0000 (21:38 +0000)] 
captivectrl: Add missing space character

The iptables argument list was botched. Oops. Sorry.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agocaptivectrl: Support unlimited leases
Michael Tremer [Sat, 30 Jan 2016 14:46:55 +0000 (14:46 +0000)] 
captivectrl: Support unlimited leases

When the expiry time equals zero, the lease will have
no time constraints. The IP address will also be removed
as it might probably change.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agocaptivectrl: Allow empty IP addresses
Michael Tremer [Sat, 30 Jan 2016 14:30:13 +0000 (14:30 +0000)] 
captivectrl: Allow empty IP addresses

Probably required for very long leases

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agocaptivectrl: Change format of clients configuration
Michael Tremer [Sat, 30 Jan 2016 13:55:44 +0000 (13:55 +0000)] 
captivectrl: Change format of clients configuration

We store the start of the lease now and the time in
seconds after the lease expires

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agoCaptive Portal: add c-wrapper captivectrl
Michael Tremer [Thu, 28 Jan 2016 13:24:07 +0000 (14:24 +0100)] 
Captive Portal: add c-wrapper captivectrl

This wrapper reads the captive settings and clients and sets the
firewall access rules. It is called every time the config changed or
everytime that a client changes. Also this wrapper is later called once
hourly to flush the chains and rebuild rules for actual clients.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
3 years agocore114: Update apache configuration of all add-ons that have one
Michael Tremer [Mon, 4 Sep 2017 12:09:43 +0000 (13:09 +0100)] 
core114: Update apache configuration of all add-ons that have one

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agocore114: Ship updated apache2
Michael Tremer [Mon, 4 Sep 2017 11:58:17 +0000 (12:58 +0100)] 
core114: Ship updated apache2

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agoapache2: Download source from IPFire servers
Michael Tremer [Mon, 4 Sep 2017 11:56:42 +0000 (12:56 +0100)] 
apache2: Download source from IPFire servers

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agoUpdate to apache 2.4.27
Wolfgang Apolinarski [Wed, 23 Aug 2017 19:25:25 +0000 (21:25 +0200)] 
Update to apache 2.4.27

- Updated to apache 2.4
- Updated the htpasswd generation to use the more secure bcrypt algorithm

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agoapr and aprutil: Added as requirement for apache 2.4
Wolfgang Apolinarski [Wed, 23 Aug 2017 19:24:47 +0000 (21:24 +0200)] 
apr and aprutil: Added as requirement for apache 2.4

- APR 1.6.2 is a requirement for building apache httpd 2.4
- APR-Util 1.6.0 is a requirement for building apache httpd 2.4

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agofix WebUI system information leak
Peter Müller [Sun, 3 Sep 2017 14:14:53 +0000 (16:14 +0200)] 
fix WebUI system information leak

Disable unauthenticated access to cgi-bin/credits.cgi. The page
leaks the currently installed version of IPFire and the hardware
architecture.

Both information might make a successful attack much easier.

This issue can be reproduced by accessing https://[IPFire-IP]:444/cgi-bin/credits.cgi
and accepting a SSL certificate warning (if any).

Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agoupdate german translations
Peter Müller [Sun, 3 Sep 2017 14:22:32 +0000 (16:22 +0200)] 
update german translations

- Unify translations of various terms.
- Unify translations of week days.
- Correct some typos and grammar errors.
- Modify some phrases which were not fully translated.

Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agostrongswan: rootfile update
Arne Fitzenreiter [Wed, 30 Aug 2017 17:03:25 +0000 (19:03 +0200)] 
strongswan: rootfile update

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
3 years agocore114: add unbound initskript to updater.
Arne Fitzenreiter [Wed, 30 Aug 2017 17:02:08 +0000 (19:02 +0200)] 
core114: add unbound initskript to updater.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
3 years agounbound: flush negative and bogus at update forwarders
Arne Fitzenreiter [Wed, 30 Aug 2017 08:35:32 +0000 (10:35 +0200)] 
unbound: flush negative and bogus at update forwarders

this resolves problems that negative answers from
a forwarder was still used after setting new servers.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
3 years agounbound: run time fix also after update forwarder
Arne Fitzenreiter [Wed, 30 Aug 2017 08:32:44 +0000 (10:32 +0200)] 
unbound: run time fix also after update forwarder

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
3 years agostrongswan: Update to 5.6.0
Michael Tremer [Wed, 23 Aug 2017 19:03:21 +0000 (20:03 +0100)] 
strongswan: Update to 5.6.0

Fixes CVE-2017-11185:

Fixed a DoS vulnerability in the gmp plugin that was caused by insufficient input validation
when verifying RSA signatures, which requires decryption with the operation m^e mod n,
where m is the signature, and e and n are the exponent and modulus of the public key.
The value m is an integer between 0 and n-1, however, the gmp plugin did not verify this.
So if m equals n the calculation results in 0, in which case mpz_export() returns NULL.
This result wasn't handled properly causing a null-pointer dereference.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agocore114: Ship updated squid
Michael Tremer [Wed, 23 Aug 2017 10:33:41 +0000 (11:33 +0100)] 
core114: Ship updated squid

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agosquid: Update to 3.5.27
Matthias Fischer [Mon, 21 Aug 2017 16:54:25 +0000 (18:54 +0200)] 
squid: Update to 3.5.27

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agocore114: Ship updated gnutls
Michael Tremer [Wed, 23 Aug 2017 10:31:56 +0000 (11:31 +0100)] 
core114: Ship updated gnutls

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agognutls: Update to 3.5.15
Matthias Fischer [Wed, 23 Aug 2017 01:54:03 +0000 (03:54 +0200)] 
gnutls: Update to 3.5.15

For details see:
https://lists.gnupg.org/pipermail/gnutls-devel/2017-August/008483.html

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agocore114: Ship updated unbound
Michael Tremer [Wed, 23 Aug 2017 10:29:55 +0000 (11:29 +0100)] 
core114: Ship updated unbound

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agounbound: Update to 1.6.5
Matthias Fischer [Tue, 22 Aug 2017 19:06:19 +0000 (21:06 +0200)] 
unbound: Update to 1.6.5

Changelog:

"21 Aug 2017: Wouter
- Fix install of trust anchor when two anchors are present, makes both
  valid.  Checks hash of DS but not signature of new key.  This fixes installs between
  sep11 and oct11 2017."

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agocore114: Ship updated hdparm
Michael Tremer [Mon, 21 Aug 2017 11:21:45 +0000 (12:21 +0100)] 
core114: Ship updated hdparm

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agoStart Core Update 114
Michael Tremer [Mon, 21 Aug 2017 11:21:14 +0000 (12:21 +0100)] 
Start Core Update 114

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agohdparm: Update to 9.52
Matthias Fischer [Sat, 19 Aug 2017 10:59:59 +0000 (12:59 +0200)] 
hdparm: Update to 9.52

Changes from 9.50 to 9.52:
- add support for Jmicron USB-SATA bridges, courtesy Jan Friesse <jfriesse@gmail.com>.
- New --security-prompt-for-password flag for use with the various --security- actions.
- Makefile tweak from Mike Frysinger.
- fix spelling/typos in man page and "removable", courtesy of Alex Mestiashvili.
- fix spelling/typos in --sanitize-crypto-scramble, courtesy of Tom Yan.
- fix NULL password handling in --security-unlock, courtesy of Tom Yan.

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agoclose core113
Arne Fitzenreiter [Thu, 17 Aug 2017 22:28:47 +0000 (00:28 +0200)] 
close core113

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
3 years agoMerge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next
Arne Fitzenreiter [Thu, 17 Aug 2017 13:00:38 +0000 (15:00 +0200)] 
Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next

3 years agounbound: update dns hints and keys
Arne Fitzenreiter [Thu, 17 Aug 2017 12:25:42 +0000 (14:25 +0200)] 
unbound: update dns hints and keys

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
3 years agocore113: Ship openvpn which has been missing in core112 updater
Michael Tremer [Thu, 17 Aug 2017 12:14:53 +0000 (13:14 +0100)] 
core113: Ship openvpn which has been missing in core112 updater

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agorootfile updates: nano, misc-progs
Arne Fitzenreiter [Thu, 17 Aug 2017 08:18:44 +0000 (10:18 +0200)] 
rootfile updates: nano, misc-progs

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
3 years agocore113: add strongswan-padlock to updater
Arne Fitzenreiter [Wed, 16 Aug 2017 18:12:45 +0000 (20:12 +0200)] 
core113: add strongswan-padlock to updater

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
3 years agomake.sh: Actually build iftop
Michael Tremer [Wed, 16 Aug 2017 12:47:33 +0000 (13:47 +0100)] 
make.sh: Actually build iftop

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agocore113: Ship packages that have not been shipped with 112
Michael Tremer [Wed, 16 Aug 2017 10:32:43 +0000 (11:32 +0100)] 
core113: Ship packages that have not been shipped with 112

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agolibgcrypt: Rootfile update
Michael Tremer [Tue, 15 Aug 2017 19:23:17 +0000 (20:23 +0100)] 
libgcrypt: Rootfile update

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agounbound/ntp: move not working DNS fallback from ntp to unbound initskript
Arne Fitzenreiter [Tue, 15 Aug 2017 18:20:16 +0000 (20:20 +0200)] 
unbound/ntp: move not working DNS fallback from ntp to unbound initskript

the ntp initskript will only run at first connection try. If this fails
and the connection can established later DNS will not work if the clock
is too far away.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
3 years agoserial-console: remove baudrate from inittab
Arne Fitzenreiter [Tue, 15 Aug 2017 18:08:22 +0000 (20:08 +0200)] 
serial-console: remove baudrate from inittab

new versions of agetty missinterpretes the baudrate and set it as TERM
without the parameter agetty use the previous rate that was set by the
kernel via console=XXX,Baudrate parameter.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
3 years agoWIO: wio.cgi edit how to get the ips for the networks
Stephan Feddersen [Tue, 15 Aug 2017 13:17:35 +0000 (15:17 +0200)] 
WIO: wio.cgi edit how to get the ips for the networks

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agologrotate: Fix source tarball checksum
Michael Tremer [Tue, 15 Aug 2017 11:02:12 +0000 (12:02 +0100)] 
logrotate: Fix source tarball checksum

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agocore113: Add latest packages
Michael Tremer [Tue, 15 Aug 2017 10:58:38 +0000 (11:58 +0100)] 
core113: Add latest packages

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agoiftop: This is an Update release to ver. 1.0pre4
Erik Kapfer [Thu, 10 Aug 2017 13:03:31 +0000 (15:03 +0200)] 
iftop: This is an Update release to ver. 1.0pre4

Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agologrotate: Update to 3.12.3
Matthias Fischer [Mon, 14 Aug 2017 16:30:34 +0000 (18:30 +0200)] 
logrotate: Update to 3.12.3

For details see:
https://github.com/logrotate/logrotate/releases

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agonano: Update to 2.8.6
Matthias Fischer [Mon, 14 Aug 2017 16:27:29 +0000 (18:27 +0200)] 
nano: Update to 2.8.6

For details see:
https://www.nano-editor.org/news.php

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agopcre: Update to 8.41
Matthias Fischer [Mon, 14 Aug 2017 16:22:57 +0000 (18:22 +0200)] 
pcre: Update to 8.41

For details see:
http://www.pcre.org/original/changelog.txt

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agobind: Update to 9.11.2
Matthias Fischer [Mon, 14 Aug 2017 16:17:20 +0000 (18:17 +0200)] 
bind: Update to 9.11.2

For details see:
https://ftp.isc.org/isc/bind9/9.11.2/RELEASE-NOTES-bind-9.11.2.html

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agognutls: Update to 3.5.14
Matthias Fischer [Mon, 14 Aug 2017 16:06:52 +0000 (18:06 +0200)] 
gnutls: Update to 3.5.14

For details see:
https://lists.gnupg.org/pipermail/gnutls-devel/2017-May/008427.html
https://lists.gnupg.org/pipermail/gnutls-devel/2017-June/008446.html
https://lists.gnupg.org/pipermail/gnutls-devel/2017-July/008469.html

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agolibgcrypt: Update to 1.8.0
Matthias Fischer [Sun, 13 Aug 2017 14:03:34 +0000 (16:03 +0200)] 
libgcrypt: Update to 1.8.0

Changes (see: https://gnupg.org/download/release_notes.html):

"gpg: Sending very large keys to the keyservers works again.
gpg: Validity strings in key listings are now again translatable.
gpg: Emit FAILURE status lines to help GPGME.
gpg: Does not anymore link to Libksba to reduce dependencies.
gpgsm: Export of secret keys via Assuan is now possible.
agent: Raise the maximum passphrase length from 100 to 255 bytes.
agent: Fix regression using EdDSA keys with ssh.
Does not anymore use a build timestamp by default.
The fallback encoding for broken locale settings changed from Latin-1 to UTF-8.
Many code cleanups and improved internal documentation.
Various minor bug fixes."

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agohostapd: Update to 2.6
Matthias Fischer [Sun, 13 Aug 2017 13:56:28 +0000 (15:56 +0200)] 
hostapd: Update to 2.6

For details see:
https://w1.fi/cgit/hostap/plain/hostapd/ChangeLog

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agounbound: Update to 1.6.4
Matthias Fischer [Sun, 13 Aug 2017 13:30:01 +0000 (15:30 +0200)] 
unbound: Update to 1.6.4

Hi, ("...back in town...") ;-)

For details see:
http://www.unbound.net/download.html

I had to remove the patch file: it wouldn't apply.

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agotor: Update to 0.3.0.10
Matthias Fischer [Sun, 13 Aug 2017 13:37:29 +0000 (15:37 +0200)] 
tor: Update to 0.3.0.10

Fixes CVE-2017-0377 and others.

For details see:
https://gitweb.torproject.org/tor.git/plain/ReleaseNotes?id=tor-0.3.0.10

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agosquid 3.5.26: latest patches (14169-14182)
Matthias Fischer [Sun, 13 Aug 2017 13:41:07 +0000 (15:41 +0200)] 
squid 3.5.26: latest patches (14169-14182)

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3 years agoWIO: minor changes
Stephan Feddersen [Tue, 18 Jul 2017 19:26:34 +0000 (21:26 +0200)] 
WIO: minor changes

correct typo in wio.en.pl language file
add button in wio.cgi to change to systems logs (section wio)

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>