From 113cd628833bfac52f372d6303942dccc44bca86 Mon Sep 17 00:00:00 2001 From: maniacikarus Date: Tue, 28 Aug 2007 10:47:06 +0000 Subject: [PATCH] Openswan patch fuer Fehler im Realsetup Remote CGI fuer ssh tempstart fertig kleine Korrektur der sshctrl und syslogdctrl git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@849 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8 --- html/cgi-bin/remote.cgi | 18 +++++++++++------- langs/de/cgi-bin/de.pl | 4 ++-- langs/en/cgi-bin/en.pl | 4 ++-- lfs/openswan | 1 + src/misc-progs/sshctrl.c | 1 + src/misc-progs/syslogdctrl.c | 2 +- src/patches/openswan-2.4.9-realsetup-1.patch | 10 ++++++++++ 7 files changed, 28 insertions(+), 12 deletions(-) create mode 100644 src/patches/openswan-2.4.9-realsetup-1.patch diff --git a/html/cgi-bin/remote.cgi b/html/cgi-bin/remote.cgi index c7b44bf790..a8daf1d2b0 100644 --- a/html/cgi-bin/remote.cgi +++ b/html/cgi-bin/remote.cgi @@ -22,6 +22,7 @@ require "${General::swroot}/header.pl"; my %remotesettings=(); my %checked=(); my $errormessage=''; +my $counter = 0; &Header::showhttpheaders(); @@ -63,13 +64,16 @@ if ( (($remotesettings{'ACTION'} eq $Lang::tr{'save'}) || ($remotesettings{'ACTI { &General::log($Lang::tr{'ssh1 disabled'}); } -if ( $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart15'} ){ - system('/usr/local/bin/sshctrl','tempstart','900') == 0 - or $errormessage = "$Lang::tr{'bad return code'} " . $?/256; - } -elsif ( $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart30'} ){ - system('/usr/local/bin/sshctrl','tempstart','1800') == 0 - or $errormessage = "$Lang::tr{'bad return code'} " . $?/256; +if ( $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart15'} || $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart30'} ){ + if ($remotesettings{'ENABLE_SSH'} eq 'off') + { + system ('/usr/bin/touch', "${General::swroot}/remote/enablessh"); + system('/usr/local/bin/sshctrl'); + } + if ( $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart15'} ) { $counter = 900;} + elsif ( $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart30'} ) { $counter = 1800;} + + system("/usr/local/bin/sshctrl tempstart $counter >/dev/null"); } else { system('/usr/local/bin/sshctrl') == 0 diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index 5246737697..fe41cc72bc 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -1462,8 +1462,8 @@ 'ssh no auth' => 'Sie haben keinerlei Authentifizierungverfahren zugelassen; dies wird Ihre Anmeldung verhindern', 'ssh passwords' => 'Passwortbasierte Authentifizierung zulassen', 'ssh portfw' => 'TCP-Weiterleitung zulassen', -'ssh tempstart15' => 'SSH-Zugriff für 15 Minuten', -'ssh tempstart30' => 'SSH-Zugriff für 30 Minuten', +'ssh tempstart15' => 'SSH-Deamon in 15 Minuten beenden', +'ssh tempstart30' => 'SSH-Deamon in 30 Minuten beenden', 'ssh1 disabled' => 'SSHv1 ist deaktiviert, ein Client der Version 2 wird benötigt.', 'ssh1 enabled' => 'SSHv1 ist aktiviert, Clients mit alten Versionen werden unterstützt.', 'ssh1 support' => 'Unterstützung für Version 1 des SSH-Protokolls (wird nur für alte Clients benötigt)', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index d80330b662..4c836c178e 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -1494,8 +1494,8 @@ 'ssh no auth' => 'You have not allowed any authentication methods; this will stop you logging in', 'ssh passwords' => 'Allow password based authentication', 'ssh portfw' => 'Allow TCP Forwarding', -'ssh tempstart15' => 'SSH Access for 15 Minutes', -'ssh tempstart30' => 'SSH Access for 30 Minutes', +'ssh tempstart15' => 'Stop SSH deamon in 15 minutes', +'ssh tempstart30' => 'Stop SSH deamon in 30 minutes', 'ssh1 disabled' => 'SSHv1 is disabled, a version 2 client will be required.', 'ssh1 enabled' => 'SSHv1 is enabled, old clients will be supported.', 'ssh1 support' => 'Support SSH protocol version 1 (required only for old clients)', diff --git a/lfs/openswan b/lfs/openswan index 9b48a88ccb..e1f92a56fd 100644 --- a/lfs/openswan +++ b/lfs/openswan @@ -91,6 +91,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) ln -sf $(CONFIG_ROOT)/crls /etc/ipsec.d/crls cd /usr/lib/ipsec && patch -Np0 < $(DIR_SRC)/src/patches/openswan-2.4.9-startklips-1.patch + cd /usr/lib/ipsec && patch -Np0 < $(DIR_SRC)/src/patches/openswan-2.4.9-realsetup-1.patch #@rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/src/misc-progs/sshctrl.c b/src/misc-progs/sshctrl.c index d0799730f3..52515ea8e1 100644 --- a/src/misc-progs/sshctrl.c +++ b/src/misc-progs/sshctrl.c @@ -130,6 +130,7 @@ int main(int argc, char *argv[]) sleep(5); unlink("/var/ipfire/remote/enablessh"); safe_system("cat /var/ipfire/remote/settings | sed 's/ENABLE_SSH=on/ENABLE_SSH=off/' > /var/ipfire/remote/settings2 && mv /var/ipfire/remote/settings2 /var/ipfire/remote/settings"); + safe_system("chown nobody.nobody /var/ipfire/remote/settings"); snprintf(command, BUFFER_SIZE-1, "sleep %s && /usr/local/bin/sshctrl &", argv[2]); safe_system(command); } diff --git a/src/misc-progs/syslogdctrl.c b/src/misc-progs/syslogdctrl.c index da1774b3a0..aee7c7a38e 100644 --- a/src/misc-progs/syslogdctrl.c +++ b/src/misc-progs/syslogdctrl.c @@ -112,7 +112,7 @@ int main(void) else snprintf(buffer, STRING_SIZE - 1, "/bin/sed -e 's/^#\\?\\(\\*\\.\\*[[:blank:]]\\+@.\\+\\)$/#\\1/' /etc/syslog.conf >&%d", config_fd ); - snprintf(buffer, STRING_SIZE - 1, "/bin/sed -e 's/*.\\/var\\/log\\/messages/%s \\/var\\/log\\/messages/' /etc/syslog.conf >&%d", varmessages, config_fd ); + snprintf(buffer, STRING_SIZE - 1, "/bin/sed 's/*.\\/var\\/log\\/messages/%s \\/var\\/log\\/messages/' /etc/syslog.conf >&%d", varmessages, config_fd ); /* if the return code isn't 0 failsafe */ if ((rc = unpriv_system(buffer,99,99)) != 0) diff --git a/src/patches/openswan-2.4.9-realsetup-1.patch b/src/patches/openswan-2.4.9-realsetup-1.patch new file mode 100644 index 0000000000..a5e6314c2f --- /dev/null +++ b/src/patches/openswan-2.4.9-realsetup-1.patch @@ -0,0 +1,10 @@ +--- programs/_realsetup/_realsetup.in ++++ programs/_realsetup/_realsetup.in +@@ -193,8 +193,8 @@ + + # preliminaries + perform rm -f $lock +- mkdir -p rundir > /dev/null 2>/dev/null +- mkdir -p subsysdir > /dev/null 2>/dev/null ++ mkdir -p $rundir > /dev/null 2>/dev/null ++ mkdir -p $subsysdir > /dev/null 2>/dev/null -- 2.39.2