Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
authorMichael Tremer <michael.tremer@ipfire.org>
Sat, 20 Jul 2013 16:47:36 +0000 (18:47 +0200)
committerMichael Tremer <michael.tremer@ipfire.org>
Sat, 20 Jul 2013 16:47:36 +0000 (18:47 +0200)
config/rootfiles/core/72/exclude [new file with mode: 0644]
config/rootfiles/core/72/filelists/files [new file with mode: 0644]
config/rootfiles/core/72/meta [new file with mode: 0644]
config/rootfiles/core/72/update.sh [new file with mode: 0644]
html/cgi-bin/ovpnmain.cgi
lfs/transmission
make.sh

diff --git a/config/rootfiles/core/72/exclude b/config/rootfiles/core/72/exclude
new file mode 100644 (file)
index 0000000..321a931
--- /dev/null
@@ -0,0 +1,17 @@
+srv/web/ipfire/html/proxy.pac
+boot/config.txt
+etc/udev/rules.d/30-persistent-network.rules
+etc/collectd.custom
+etc/shadow
+etc/ipsec.conf
+etc/ipsec.secrets
+etc/ipsec.user.conf
+etc/ipsec.user.secrets
+var/log/cache
+var/updatecache
+etc/localtime
+var/ipfire/ovpn
+etc/ssh/ssh_config
+etc/ssh/sshd_config
+etc/ssl/openssl.cnf
+var/state/dhcp/dhcpd.leases
diff --git a/config/rootfiles/core/72/filelists/files b/config/rootfiles/core/72/filelists/files
new file mode 100644 (file)
index 0000000..efa4759
--- /dev/null
@@ -0,0 +1,3 @@
+etc/system-release
+etc/issue
+usr/local/bin/openvpnctrl
diff --git a/config/rootfiles/core/72/meta b/config/rootfiles/core/72/meta
new file mode 100644 (file)
index 0000000..d547fa8
--- /dev/null
@@ -0,0 +1 @@
+DEPS=""
diff --git a/config/rootfiles/core/72/update.sh b/config/rootfiles/core/72/update.sh
new file mode 100644 (file)
index 0000000..f365abb
--- /dev/null
@@ -0,0 +1,62 @@
+#!/bin/bash
+############################################################################
+#                                                                          #
+# This file is part of the IPFire Firewall.                                #
+#                                                                          #
+# IPFire is free software; you can redistribute it and/or modify           #
+# it under the terms of the GNU General Public License as published by     #
+# the Free Software Foundation; either version 3 of the License, or        #
+# (at your option) any later version.                                      #
+#                                                                          #
+# IPFire is distributed in the hope that it will be useful,                #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of           #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the            #
+# GNU General Public License for more details.                             #
+#                                                                          #
+# You should have received a copy of the GNU General Public License        #
+# along with IPFire; if not, write to the Free Software                    #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA #
+#                                                                          #
+# Copyright (C) 2013 IPFire-Team <info@ipfire.org>.                        #
+#                                                                          #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh
+/usr/local/bin/backupctrl exclude >/dev/null 2>&1
+
+#
+# Remove old core updates from pakfire cache to save space...
+core=72
+for (( i=1; i<=$core; i++ ))
+do
+       rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire
+done
+
+#
+#Stop services
+
+
+#
+#Extract files
+extract_files
+
+
+#
+#Start services
+
+#
+#Update Language cache
+#perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang"
+
+sync
+
+# This update need a reboot...
+#touch /var/run/need_reboot
+
+#
+#Finish
+/etc/init.d/fireinfo start
+sendprofile
+#Don't report the exitcode last command
+exit 0
+
index a4953ffe496185991e6ecd70996160604d391258..5e18d3cb53bf1a01e15565d7a78d50845185f2b0 100644 (file)
@@ -127,21 +127,6 @@ sub sizeformat{
     return("$newsize $units[$i]");
 }
 
-sub valid_dns_host {
-       my $hostname = $_[0];
-       unless ($hostname) { return "No hostname"};
-       my $res = new Net::DNS::Resolver;
-       my $query = $res->search("$hostname");
-       if ($query) {
-               foreach my $rr ($query->answer) {
-                       ## Potential bug - we are only looking at A records:
-                       return 0 if $rr->type eq "A";
-               }
-       } else {
-               return $res->errorstring;
-       }
-}
-
 sub cleanssldatabase
 {
     if (open(FILE, ">${General::swroot}/ovpn/certs/serial")) {
@@ -982,7 +967,11 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General
   print SERVERCONF "persist-key\n";
   print SERVERCONF "script-security 2\n";
   print SERVERCONF "# IP/DNS for remote Server Gateway\n"; 
+
+  if ($cgiparams{'REMOTE'} ne '') {
   print SERVERCONF "remote $cgiparams{'REMOTE'}\n";
+  }
+
   print SERVERCONF "float\n";
   print SERVERCONF "# IP adresses of the VPN Subnet\n"; 
   print SERVERCONF "ifconfig $ovsubnet.1 $ovsubnet.2\n"; 
@@ -2339,6 +2328,9 @@ ADV_ERROR:
     if ($cgiparams{'LOG_VERB'} eq '') {
        $cgiparams{'LOG_VERB'} =  '3';
     }
+    if ($cgiparams{'PMTU_DISCOVERY'} eq '') {
+       $cgiparams{'PMTU_DISCOVERY'} = 'off';
+    }
     $checked{'CLIENT2CLIENT'}{'off'} = '';
     $checked{'CLIENT2CLIENT'}{'on'} = '';
     $checked{'CLIENT2CLIENT'}{$cgiparams{'CLIENT2CLIENT'}} = 'CHECKED';
@@ -3520,6 +3512,14 @@ if ($cgiparams{'TYPE'} eq 'net') {
       goto VPNCONF_ERROR;                      
                }
 
+    # Check if the input for the transfer net is valid.
+    if (!&General::validipandmask($cgiparams{'OVPN_SUBNET'})){
+                       $errormessage = $Lang::tr{'ccd err invalidnet'};
+                       unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
+           rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
+                       goto VPNCONF_ERROR;
+               }
+
     if ($cgiparams{'OVPN_SUBNET'} eq  $vpnsettings{'DOVPN_SUBNET'}) {
                        $errormessage = $Lang::tr{'openvpn subnet is used'};
                        unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
@@ -3603,34 +3603,38 @@ if ($cgiparams{'TYPE'} eq 'net') {
            }
        }
 
-       if (($cgiparams{'TYPE'} eq 'net') && (! $cgiparams{'REMOTE'})) {
+       # Check if a remote host/IP has been set for the client.
+       if ($cgiparams{'REMOTE'} eq '' && $cgiparams{'SIDE'} ne 'server') {
            $errormessage = $Lang::tr{'invalid input for remote host/ip'};
+
+           # Check if this is a N2N connection and drop temporary config.
            if ($cgiparams{'TYPE'} eq 'net') {
-      unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
-           rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
-      }
+               unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
+               rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
+           }
            goto VPNCONF_ERROR;
        }
 
-       if ($cgiparams{'REMOTE'}) {
+       # Check if a remote host/IP has been configured - the field can be empty on the server side.
+       if ($cgiparams{'REMOTE'} ne '') {
+
+           # Check if the given IP is valid - otherwise check if it is a valid domain.
            if (! &General::validip($cgiparams{'REMOTE'})) {
+
+               # Check for a valid domain.
                if (! &General::validfqdn ($cgiparams{'REMOTE'}))  {
                    $errormessage = $Lang::tr{'invalid input for remote host/ip'};
+
+                   # Check if this is a N2N connection and drop temporary config.
                    if ($cgiparams{'TYPE'} eq 'net') {
-        unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
-             rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
-        }
+                       unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
+                       rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
+                   }
                    goto VPNCONF_ERROR;
-               } else {
-                   if (&valid_dns_host($cgiparams{'REMOTE'})) {
-                       $warnmessage = "$Lang::tr{'check vpn lr'} $cgiparams{'REMOTE'}. $Lang::tr{'dns check failed'}";
-                       if ($cgiparams{'TYPE'} eq 'net') {
-
-      }
-                   }
                }
            }
        }
+
        if ($cgiparams{'TYPE'} ne 'host') {
             unless (&General::validipandmask($cgiparams{'LOCAL_SUBNET'})) {
                    $errormessage = $Lang::tr{'local subnet is invalid'}; 
@@ -4147,6 +4151,9 @@ if ($cgiparams{'TYPE'} eq 'net') {
     $checked{'MSSFIX'}{'on'} = '';
     $checked{'MSSFIX'}{$cgiparams{'MSSFIX'}} = 'CHECKED';
 
+    if ($cgiparams{'PMTU_DISCOVERY'} eq '') {
+       $cgiparams{'PMTU_DISCOVERY'} = 'off';
+    }
     $checked{'PMTU_DISCOVERY'}{$cgiparams{'PMTU_DISCOVERY'}} = 'checked=\'checked\'';
 
 
index b20ae8852d788550957473fcd90e3bd35789bff0..9d5dfa578813bd2736447ca5ac2d912260a526a0 100644 (file)
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 2.80
+VER        = 2.81
 
 THISAPP    = transmission-$(VER)
 DL_FILE    = $(THISAPP).tar.xz
@@ -32,7 +32,7 @@ DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = transmission
-PAK_VER    = 7
+PAK_VER    = 8
 
 DEPS       = "libevent2"
 
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = 2bde600d4b0a75d0bd3784550d59a8af
+$(DL_FILE)_MD5 = db1ad10ecff07150486dab2365ccb3a8
 
 install : $(TARGET)
 
diff --git a/make.sh b/make.sh
index 88af89876fcc5192e53d8910a5e203463f076fcf..8ca36bf9cf442c0a63da75856ddd003ceb0f87af 100755 (executable)
--- a/make.sh
+++ b/make.sh
@@ -25,7 +25,7 @@
 NAME="IPFire"                                                  # Software name
 SNAME="ipfire"                                                 # Short name
 VERSION="2.13"                                                 # Version number
-CORE="71"                                                      # Core Level (Filename)
+CORE="72"                                                      # Core Level (Filename)
 PAKFIRE_CORE="71"                                              # Core Level (PAKFIRE)
 GIT_BRANCH=`git status | head -n1 | cut -d" " -f4`             # Git Branch
 SLOGAN="www.ipfire.org"                                                # Software slogan