+END
+ &Header::closebox();
+ print "";
+ &Header::closebigbox();
+ &Header::closepage();
+ exit(0);
+
###
### Display Diffie-Hellman key
###
@@ -3660,6 +3721,7 @@ if ($confighash{$cgiparams{'KEY'}}) {
$cgiparams{'DAUTH'} = $confighash{$cgiparams{'KEY'}}[39];
$cgiparams{'DCIPHER'} = $confighash{$cgiparams{'KEY'}}[40];
$cgiparams{'TLSAUTH'} = $confighash{$cgiparams{'KEY'}}[41];
+ $cgiparams{'OTP_STATE'} = $confighash{$cgiparams{'KEY'}}[43];
} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) {
$cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
@@ -4422,6 +4484,16 @@ if ($cgiparams{'TYPE'} eq 'net') {
$confighash{$key}[41] = "no-pass";
}
+ $confighash{$key}[42] = 'HOTP/T30/6';
+ $confighash{$key}[43] = $cgiparams{'OTP_STATE'};
+ if (($confighash{$key}[43] eq 'on') && ($confighash{$key}[44] eq '')) {
+ my @otp_secret = &General::system_output("/usr/bin/openssl", "rand", "-hex", "20");
+ chomp($otp_secret[0]);
+ $confighash{$key}[44] = $otp_secret[0];
+ } elsif ($confighash{$key}[43] eq '') {
+ $confighash{$key}[44] = '';
+ }
+
&General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
if ($cgiparams{'CHECK1'} ){
@@ -4835,6 +4907,7 @@ if ($cgiparams{'TYPE'} eq 'host') {
print""; my $name=$cgiparams{'CHECK1'}; $checked{'RG'}{$cgiparams{'RG'}} = 'CHECKED'; + $checked{'OTP_STATE'}{$cgiparams{'OTP_STATE'}} = 'CHECKED'; if (! -z "${General::swroot}/ovpn/ccd.conf"){ print"
| $Lang::tr{'ccd name'} | $Lang::tr{'network'} | $Lang::tr{'ccd clientip'} | |
| $Lang::tr{'enable otp'}: | |||
| Redirect Gateway: | |||
$Lang::tr{'ccd routes'} | |||
| $Lang::tr{'type'} | $Lang::tr{'remark'} | $Lang::tr{'status'} | -$Lang::tr{'action'} | +$Lang::tr{'action'} | END } @@ -5427,7 +5501,7 @@ END$Lang::tr{'type'} | $Lang::tr{'remark'} | $Lang::tr{'status'} | -$Lang::tr{'action'} | +$Lang::tr{'action'} | END } @@ -5560,6 +5634,19 @@ END ; } else { print ""; } + + if ($confighash{$key}[43] eq 'on') { + print < | + + + + | +END +; } else { + print ""; + } + if ($confighash{$key}[4] eq 'cert' && -f "${General::swroot}/ovpn/certs/$confighash{$key}[1].p12") { print < | @@ -5628,6 +5715,8 @@ END | $Lang::tr{'download certificate'} |  |
$Lang::tr{'dl client arch'} | +  |
+ $Lang::tr{'show otp qrcode'} |
|---|---|---|---|
END diff --git a/html/html/images/qr-code.png b/html/html/images/qr-code.png new file mode 100644 index 000000000..946e10a2a Binary files /dev/null and b/html/html/images/qr-code.png differ diff --git a/html/html/images/qr-code.svg b/html/html/images/qr-code.svg new file mode 100644 index 000000000..66c6b9d17 --- /dev/null +++ b/html/html/images/qr-code.svg @@ -0,0 +1,49 @@ + + + diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index 7a39e233b..1799d8c74 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -979,6 +979,7 @@ 'empty profile' => 'Unbenannt', 'enable ignore filter' => '"Ignorieren"-Filter ein', 'enable javascript' => 'Javascript aktivieren', +'enable otp' => 'Aktiviere OTP', 'enable smt' => 'Simultaneous Multi-Threading (SMT) einschalten', 'enable wildcards' => 'Wildcards erlauben:', 'enabled' => 'Aktiviert:', @@ -1903,6 +1904,7 @@ 'other login script' => 'Anderes Anmeldeskript', 'otherip' => 'Andere IP', 'otherport' => 'Anderer Port', +'otp qrcode' => 'OTP QRCode', 'our donors' => 'Unsere Unterstützer', 'out' => 'Aus', 'outgoing' => 'ausgehend', @@ -2201,6 +2203,7 @@ 'secondary ntp server' => 'Sekundärer NTP-Server', 'secondary wins server address' => 'Sekundärer WINS-Server', 'seconds' => 'Sek.', +'secret' => 'Geheimnis', 'section' => 'Abschnitt', 'secure shell server' => 'Secure Shell Server', 'security' => 'Sicherheit', @@ -2244,6 +2247,7 @@ 'show last x lines' => 'die letzten x Zeilen anzeigen', 'show root certificate' => 'Root-Zertifikat anzeigen', 'show share options' => 'Anzeige der Freigabeeinstellungen', +'show otp qrcode' => 'Zeige OTP QRCode', 'shuffle' => 'Zufall', 'shutdown' => 'Herunterfahren', 'shutdown ask' => 'Herunterfahren?', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index f90e3103b..9cc2fde05 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -1018,6 +1018,7 @@ 'empty' => 'This field may be left blank', 'empty profile' => 'empty', 'enable' => 'Enable', +'enable otp' => 'Enable OTP', 'enable ignore filter' => 'Enable ignore filter', 'enable javascript' => 'Enable javascript', 'enable smt' => 'Enable Simultaneous Multi-Threading (SMT)', @@ -1955,6 +1956,7 @@ 'other login script' => 'Other login script', 'otherip' => 'other IP', 'otherport' => 'other Port', +'otp qrcode' => 'OTP QRCode', 'our donors' => 'Our donors', 'out' => 'Out', 'outgoing' => 'outgoing', @@ -2253,6 +2255,7 @@ 'secondary ntp server' => 'Secondary NTP server', 'secondary wins server address' => 'Secondary WINS server address', 'seconds' => 'Secs', +'secret' => 'Secret', 'section' => 'Section', 'secure shell server' => 'Secure Shell Server', 'security' => 'Security', @@ -2297,6 +2300,7 @@ 'show host certificate' => 'Show host certificate', 'show last x lines' => 'Show last x lines', 'show lines' => 'Show lines', +'show otp qrcode' => 'Show OTP QRCode', 'show root certificate' => 'Show root certificate', 'show share options' => 'Show shares options', 'show tls-auth key' => 'Show tls-auth key', diff --git a/lfs/apache2 b/lfs/apache2 index 11c61580b..336151686 100644 --- a/lfs/apache2 +++ b/lfs/apache2 @@ -25,7 +25,7 @@ include Config -VER = 2.4.53 +VER = 2.4.54 THISAPP = httpd-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -45,7 +45,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 44acd51a2c18ae66878d64922947f2f24f0ddf8a5fa70718f788572032e18dafd06888fed3cf559e63e2a9e69d9b0a8dcc79e11fc9d8f216b5b073f769494727 +$(DL_FILE)_BLAKE2 = be2ba2d33368f9dd619e36e63dd3635fbcf55773a539ac2840251bda04311f3eb535c08a37ab58d8b184c71e75b90b92e2bdc4e59c722cfb146de516f6e1ed04 install : $(TARGET) diff --git a/lfs/bind b/lfs/bind index e3efc84a1..a492624f8 100644 --- a/lfs/bind +++ b/lfs/bind @@ -25,7 +25,7 @@ include Config -VER = 9.16.28 +VER = 9.16.30 THISAPP = bind-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -43,7 +43,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 55932faa004c2021cd4c3384c14d4a58ca43d5a853602e271b58c9022256a5ec2eb1317168ac07c2b233b19407ddfb8c7f64a50d93169207cb3b4fe535a78afa +$(DL_FILE)_BLAKE2 = 35fe14b58a018df25563e58a9632b4431f740bc7a708eb823117541548d23b1855e43058cf7323361ca904d5e59d687e282abb73dc8b617e4eb25ef113168e93 install : $(TARGET) diff --git a/lfs/dnsdist b/lfs/dnsdist index 06ed4e88e..9b668f40a 100644 --- a/lfs/dnsdist +++ b/lfs/dnsdist @@ -26,7 +26,7 @@ include Config SUMMARY = A highly DNS-, DoS- and abuse-aware loadbalancer -VER = 1.7.0 +VER = 1.7.2 THISAPP = dnsdist-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = dnsdist -PAK_VER = 11 +PAK_VER = 12 SUP_ARCH = x86_64 aarch64 @@ -52,7 +52,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 3766da5f63df6390f555307d665efcbb2ad1462abae3af44503479d4c6ae6453e43527d2bcac718fabeb8b60ec989f264860532b480c465afc440405f9efac74 +$(DL_FILE)_BLAKE2 = cf2a9853be4c896b3909f871fad771d4298eb2586702a8a85eff2c612d275214cdad82e93961f4cfd58300f5629f06569c51a2c4f15de58188a69116bd5275de install : $(TARGET) diff --git a/lfs/flash-images b/lfs/flash-images index 3cf81fb6d..8a033c310 100644 --- a/lfs/flash-images +++ b/lfs/flash-images @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2021 IPFire Team