core120: Ship updated OpenSSL 1.1.0

author Michael Tremer <michael.tremer@ipfire.org>

Wed, 21 Feb 2018 12:39:55 +0000 (12:39 +0000)

committer Michael Tremer <michael.tremer@ipfire.org>

Wed, 21 Feb 2018 12:39:55 +0000 (12:39 +0000)
author Michael Tremer <michael.tremer@ipfire.org>
Wed, 21 Feb 2018 12:39:55 +0000 (12:39 +0000)
committer Michael Tremer <michael.tremer@ipfire.org>
Wed, 21 Feb 2018 12:39:55 +0000 (12:39 +0000)
diff --git a/config/rootfiles/core/120/filelists/Net_SSLeay b/config/rootfiles/core/120/filelists/Net_SSLeay

new file mode 120000 (symlink)

index 0000000..13fe056
--- /dev/null
+++ b/config/rootfiles/core/120/filelists/Net_SSLeay
@@ -0,0 +1 @@
+../../../common/Net_SSLeay
+\ No newline at end of file
diff --git a/config/rootfiles/core/120/filelists/cyrus-sasl b/config/rootfiles/core/120/filelists/cyrus-sasl

new file mode 120000 (symlink)

index 0000000..bb51b4c
--- /dev/null
+++ b/config/rootfiles/core/120/filelists/cyrus-sasl
@@ -0,0 +1 @@
+../../../common/cyrus-sasl
+\ No newline at end of file
diff --git a/config/rootfiles/core/120/filelists/files b/config/rootfiles/core/120/filelists/files

index 168c7d188b168dbae0b0001b8a01b6abe242c563..4baf08ebf5e36d52894ebc52e7c751be3d789cdf 100644 (file)
--- a/config/rootfiles/core/120/filelists/files
+++ b/config/rootfiles/core/120/filelists/files
@@ -1,3 +1,5 @@
  etc/system-release
  etc/issue
+etc/fcron.daily/openvpn-crl-updater
+srv/web/ipfire/cgi-bin/ovpnmain.cgi
  var/ipfire/langs
diff --git a/config/rootfiles/core/120/filelists/i586/openssl-sse2 b/config/rootfiles/core/120/filelists/i586/openssl-sse2

new file mode 120000 (symlink)

index 0000000..f424713
--- /dev/null
+++ b/config/rootfiles/core/120/filelists/i586/openssl-sse2
@@ -0,0 +1 @@
+../../../../common/i586/openssl-sse2
+\ No newline at end of file
diff --git a/config/rootfiles/core/120/filelists/openssh b/config/rootfiles/core/120/filelists/openssh

new file mode 120000 (symlink)

index 0000000..d8c77fd
--- /dev/null
+++ b/config/rootfiles/core/120/filelists/openssh
@@ -0,0 +1 @@
+../../../common/openssh
+\ No newline at end of file
diff --git a/config/rootfiles/core/120/filelists/openssl b/config/rootfiles/core/120/filelists/openssl

new file mode 120000 (symlink)

index 0000000..e011a92
--- /dev/null
+++ b/config/rootfiles/core/120/filelists/openssl
@@ -0,0 +1 @@
+../../../common/openssl
+\ No newline at end of file
diff --git a/config/rootfiles/core/120/filelists/openssl-compat b/config/rootfiles/core/120/filelists/openssl-compat

new file mode 120000 (symlink)

index 0000000..c9fa421
--- /dev/null
+++ b/config/rootfiles/core/120/filelists/openssl-compat
@@ -0,0 +1 @@
+../../../common/openssl-compat
+\ No newline at end of file
diff --git a/config/rootfiles/core/120/filelists/openvpn b/config/rootfiles/core/120/filelists/openvpn

new file mode 120000 (symlink)

index 0000000..493f3f7
--- /dev/null
+++ b/config/rootfiles/core/120/filelists/openvpn
@@ -0,0 +1 @@
+../../../common/openvpn
+\ No newline at end of file
diff --git a/config/rootfiles/core/120/filelists/python-typing b/config/rootfiles/core/120/filelists/python-typing

new file mode 120000 (symlink)

index 0000000..fc7f075
--- /dev/null
+++ b/config/rootfiles/core/120/filelists/python-typing
@@ -0,0 +1 @@
+../../../common/python-typing
+\ No newline at end of file
diff --git a/config/rootfiles/core/120/filelists/wget b/config/rootfiles/core/120/filelists/wget

new file mode 120000 (symlink)

index 0000000..fcb57df
--- /dev/null
+++ b/config/rootfiles/core/120/filelists/wget
@@ -0,0 +1 @@
+../../../common/wget
+\ No newline at end of file
diff --git a/config/rootfiles/core/120/update.sh b/config/rootfiles/core/120/update.sh

index 9986316e9f77f508cff2ab10a0c0fdd90b702f4e..c9bbd4723202de62c51ac179acce2403eb02b127 100644 (file)
--- a/config/rootfiles/core/120/update.sh
+++ b/config/rootfiles/core/120/update.sh
@@ -42,7 +42,25 @@ ldconfig
  # Update Language cache
  /usr/local/bin/update-lang-cache
  
+# Changed and new OpenVPN-2.4 directives will wrote to server.conf and renew CRL while update an core update
+if [ -e /var/ipfire/ovpn/server.conf ]; then
+       openvpnctrl -k
+
+       # Update configuration directives
+       sed -i -e 's/script-security 3 system/script-security 3/' \
+               -e '/status .*/ a ncp-disable' /var/ipfire/ovpn/server.conf
+
+       # Update the OpenVPN CRL
+       openssl ca -gencrl -keyfile /var/ipfire/ovpn/ca/cakey.pem \
+               -cert /var/ipfire/ovpn/ca/cacert.pem \
+               -out /var/ipfire/ovpn/crls/cacrl.pem \
+               -config /var/ipfire/ovpn/openssl/ovpn.cnf
+
+       openvpnctrl -s
+fi
+
  # Start services
+/etc/init.d/apache restart
  
  # This update needs a reboot...
  touch /var/run/need_reboot
author	Michael Tremer <michael.tremer@ipfire.org>
	Wed, 21 Feb 2018 12:39:55 +0000 (12:39 +0000)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Wed, 21 Feb 2018 12:39:55 +0000 (12:39 +0000)
config/rootfiles/core/120/filelists/Net_SSLeay	[new symlink]	patch \| blob
config/rootfiles/core/120/filelists/cyrus-sasl	[new symlink]	patch \| blob
config/rootfiles/core/120/filelists/files		patch \| blob \| blame \| history
config/rootfiles/core/120/filelists/i586/openssl-sse2	[new symlink]	patch \| blob
config/rootfiles/core/120/filelists/openssh	[new symlink]	patch \| blob
config/rootfiles/core/120/filelists/openssl	[new symlink]	patch \| blob
config/rootfiles/core/120/filelists/openssl-compat	[new symlink]	patch \| blob
config/rootfiles/core/120/filelists/openvpn	[new symlink]	patch \| blob
config/rootfiles/core/120/filelists/python-typing	[new symlink]	patch \| blob
config/rootfiles/core/120/filelists/wget	[new symlink]	patch \| blob
config/rootfiles/core/120/update.sh		patch \| blob \| blame \| history