From: Michael Tremer <michael.tremer@ipfire.org>
Date: Tue, 8 Jul 2014 08:52:36 +0000 (+0200)
Subject: Merge branch 'dnsmasq-dnssec' into next
X-Git-Url: http://git.ipfire.org/?p=people%2Fteissler%2Fipfire-2.x.git;a=commitdiff_plain;h=281f18fcb9b40834cf79671b3b489390a9826af1;hp=b66edc18d7954e235c08a0ea4bc82f0896f8cf59

Merge branch 'dnsmasq-dnssec' into next
---

diff --git a/config/cfgroot/general-functions.pl b/config/cfgroot/general-functions.pl
index 6fabf1c05..1ef014a66 100644
--- a/config/cfgroot/general-functions.pl
+++ b/config/cfgroot/general-functions.pl
@@ -598,6 +598,19 @@ sub checksubnets
 	if (($ownnet{'RED_NETADDRESS'} 		ne '' && $ownnet{'RED_NETADDRESS'} 		ne '0.0.0.0') && &IpInSubnet($ip,$ownnet{'RED_NETADDRESS'},&iporsubtodec($ownnet{'RED_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err red'};return $errormessage;}
 }
 
+sub check_net_internal{
+	my $network=shift;
+	my ($ip,$cidr)=split(/\//,$network);
+	my %ownnet=();
+	my $errormessage;
+	$cidr=&iporsubtocidr($cidr);
+	#check if we use one of ipfire's networks (green,orange,blue)
+	&readhash("${General::swroot}/ethernet/settings", \%ownnet);
+	if (($ownnet{'GREEN_NETADDRESS'}  	ne '' && $ownnet{'GREEN_NETADDRESS'} 	ne '0.0.0.0') && &IpInSubnet($ip,$ownnet{'GREEN_NETADDRESS'},&iporsubtodec($ownnet{'GREEN_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err green'};return $errormessage;}
+	if (($ownnet{'ORANGE_NETADDRESS'}	ne '' && $ownnet{'ORANGE_NETADDRESS'} 	ne '0.0.0.0') && &IpInSubnet($ip,$ownnet{'ORANGE_NETADDRESS'},&iporsubtodec($ownnet{'ORANGE_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err orange'};return $errormessage;}
+	if (($ownnet{'BLUE_NETADDRESS'} 	ne '' && $ownnet{'BLUE_NETADDRESS'} 	ne '0.0.0.0') && &IpInSubnet($ip,$ownnet{'BLUE_NETADDRESS'},&iporsubtodec($ownnet{'BLUE_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err blue'};return $errormessage;}
+	if (($ownnet{'RED_NETADDRESS'} 		ne '' && $ownnet{'RED_NETADDRESS'} 		ne '0.0.0.0') && &IpInSubnet($ip,$ownnet{'RED_NETADDRESS'},&iporsubtodec($ownnet{'RED_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err red'};return $errormessage;}
+}
 
 sub validport
 {
diff --git a/config/rootfiles/core/80/filelists/files b/config/rootfiles/core/80/filelists/files
index 4d242b6bf..3ea7ee2b6 100644
--- a/config/rootfiles/core/80/filelists/files
+++ b/config/rootfiles/core/80/filelists/files
@@ -1,6 +1,8 @@
 etc/system-release
 etc/issue
 etc/rc.d/init.d/dhcrelay
+srv/web/ipfire/cgi-bin/ovpnmain.cgi
+srv/web/ipfire/cgi-bin/routing.cgi
 usr/local/bin/setddns.pl
 usr/sbin/dhcrelay
 var/ipfire/general-functions.pl
diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index b2ce05e97..0cb41696f 100644
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -5041,7 +5041,7 @@ END
 	my $id = 0;
 	my $gif;
 	my $col1="";
-	foreach my $key (sort { ncmp ($confighash{$a}[1],$confighash{$b}[1]) } keys %confighash) {
+	foreach my $key (sort { ncmp ($confighash{$a}[3],$confighash{$b}[3]) } sort { ncmp ($confighash{$a}[1],$confighash{$b}[1]) } keys %confighash) {
 	if ($confighash{$key}[0] eq 'on') { $gif = 'on.gif'; } else { $gif = 'off.gif'; }
 	if ($id % 2) {
 		print "<tr>";
diff --git a/html/cgi-bin/routing.cgi b/html/cgi-bin/routing.cgi
index 5798fb896..c460a74e7 100644
--- a/html/cgi-bin/routing.cgi
+++ b/html/cgi-bin/routing.cgi
@@ -134,6 +134,27 @@ if ($settings{'ACTION'} eq $Lang::tr{'add'}) {
 	$errormessage = $Lang::tr{'invalid ip'}. " - ".$Lang::tr{'gateway ip'};
 	}
 
+	#set networkip if not already correctly defined
+	my($ip,$cidr) = split(/\//,$settings{'IP'});
+	my $netip=&General::getnetworkip($ip,$cidr);
+	$settings{'IP'} = "$netip/$cidr";
+
+	#Check for already existing routing entry
+	foreach my $line (@current) {
+		chomp($line);				# remove newline
+		my @temp=split(/\,/,$line);
+		$temp[2] ='' unless defined $temp[2]; # not always populated
+		$temp[3] ='' unless defined $temp[2]; # not always populated
+		#Same ip already used?
+		if($temp[1] eq $settings{'IP'}){
+			$errormessage = $Lang::tr{'ccd err irouteexist'};
+			last;
+		}
+		#Is the network part of an internal network?
+		$errormessage .= &General::check_net_internal($settings{'IP'});
+		last;
+	}
+
     unless ($errormessage) {
 	if ($settings{'KEY1'} eq '') { #add or edit ?
 	    unshift (@current, "$settings{'EN'},$settings{'IP'},$settings{'GATEWAY'},$settings{'REMARK'}\n");
diff --git a/lfs/strongswan b/lfs/strongswan
index 7448c8d2f..a5bda74ff 100644
--- a/lfs/strongswan
+++ b/lfs/strongswan
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 5.2.0dr6
+VER        = 5.2.0rc1
 
 THISAPP    = strongswan-$(VER)
 DL_FILE    = $(THISAPP).tar.bz2
@@ -48,7 +48,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = 6b9ac43a3934dcdf66ccbdfebc54081b
+$(DL_FILE)_MD5 = ca260196e49ca5f15ff2507f20c4539a
 
 install : $(TARGET)
 
diff --git a/lfs/tor b/lfs/tor
index 79567366a..6f9e50289 100644
--- a/lfs/tor
+++ b/lfs/tor
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 0.2.4.20
+VER        = 0.2.4.22
 
 THISAPP    = tor-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -32,7 +32,7 @@ DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = tor
-PAK_VER    = 6
+PAK_VER    = 7
 
 DEPS       = "libevent2"
 
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = a8cd8e3b3a3f6a7770f2c22d280f19b8
+$(DL_FILE)_MD5 = 5a7eee0d9df87233255d78b25c6f8270
 
 install : $(TARGET)