mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-28 03:33:25 +02:00
Openswan patch fuer Fehler im Realsetup
Remote CGI fuer ssh tempstart fertig kleine Korrektur der sshctrl und syslogdctrl git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@849 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
This commit is contained in:
maniacikarus
@@ -22,6 +22,7 @@ require "${General::swroot}/header.pl";
|
|||||||
my %remotesettings=();
|
my %remotesettings=();
|
||||||
my %checked=();
|
my %checked=();
|
||||||
my $errormessage='';
|
my $errormessage='';
|
||||||
|
my $counter = 0;
|
||||||
|
|
||||||
&Header::showhttpheaders();
|
&Header::showhttpheaders();
|
||||||
|
|
||||||
@@ -63,13 +64,16 @@ if ( (($remotesettings{'ACTION'} eq $Lang::tr{'save'}) || ($remotesettings{'ACTI
|
|||||||
{
|
{
|
||||||
&General::log($Lang::tr{'ssh1 disabled'});
|
&General::log($Lang::tr{'ssh1 disabled'});
|
||||||
}
|
}
|
||||||
if ( $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart15'} ){
|
if ( $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart15'} || $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart30'} ){
|
||||||
system('/usr/local/bin/sshctrl','tempstart','900') == 0
|
if ($remotesettings{'ENABLE_SSH'} eq 'off')
|
||||||
or $errormessage = "$Lang::tr{'bad return code'} " . $?/256;
|
{
|
||||||
}
|
system ('/usr/bin/touch', "${General::swroot}/remote/enablessh");
|
||||||
elsif ( $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart30'} ){
|
system('/usr/local/bin/sshctrl');
|
||||||
system('/usr/local/bin/sshctrl','tempstart','1800') == 0
|
}
|
||||||
or $errormessage = "$Lang::tr{'bad return code'} " . $?/256;
|
if ( $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart15'} ) { $counter = 900;}
|
||||||
|
elsif ( $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart30'} ) { $counter = 1800;}
|
||||||
|
|
||||||
|
system("/usr/local/bin/sshctrl tempstart $counter >/dev/null");
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
system('/usr/local/bin/sshctrl') == 0
|
system('/usr/local/bin/sshctrl') == 0
|
||||||
|
|||||||
@@ -1462,8 +1462,8 @@
|
|||||||
'ssh no auth' => 'Sie haben keinerlei Authentifizierungverfahren zugelassen; dies wird Ihre Anmeldung verhindern',
|
'ssh no auth' => 'Sie haben keinerlei Authentifizierungverfahren zugelassen; dies wird Ihre Anmeldung verhindern',
|
||||||
'ssh passwords' => 'Passwortbasierte Authentifizierung zulassen',
|
'ssh passwords' => 'Passwortbasierte Authentifizierung zulassen',
|
||||||
'ssh portfw' => 'TCP-Weiterleitung zulassen',
|
'ssh portfw' => 'TCP-Weiterleitung zulassen',
|
||||||
'ssh tempstart15' => 'SSH-Zugriff für 15 Minuten',
|
'ssh tempstart15' => 'SSH-Deamon in 15 Minuten beenden',
|
||||||
'ssh tempstart30' => 'SSH-Zugriff für 30 Minuten',
|
'ssh tempstart30' => 'SSH-Deamon in 30 Minuten beenden',
|
||||||
'ssh1 disabled' => 'SSHv1 ist deaktiviert, ein Client der Version 2 wird benötigt.',
|
'ssh1 disabled' => 'SSHv1 ist deaktiviert, ein Client der Version 2 wird benötigt.',
|
||||||
'ssh1 enabled' => 'SSHv1 ist aktiviert, Clients mit alten Versionen werden unterstützt.',
|
'ssh1 enabled' => 'SSHv1 ist aktiviert, Clients mit alten Versionen werden unterstützt.',
|
||||||
'ssh1 support' => 'Unterstützung für Version 1 des SSH-Protokolls (wird nur für alte Clients benötigt)',
|
'ssh1 support' => 'Unterstützung für Version 1 des SSH-Protokolls (wird nur für alte Clients benötigt)',
|
||||||
|
|||||||
@@ -1494,8 +1494,8 @@
|
|||||||
'ssh no auth' => 'You have not allowed any authentication methods; this will stop you logging in',
|
'ssh no auth' => 'You have not allowed any authentication methods; this will stop you logging in',
|
||||||
'ssh passwords' => 'Allow password based authentication',
|
'ssh passwords' => 'Allow password based authentication',
|
||||||
'ssh portfw' => 'Allow TCP Forwarding',
|
'ssh portfw' => 'Allow TCP Forwarding',
|
||||||
'ssh tempstart15' => 'SSH Access for 15 Minutes',
|
'ssh tempstart15' => 'Stop SSH deamon in 15 minutes',
|
||||||
'ssh tempstart30' => 'SSH Access for 30 Minutes',
|
'ssh tempstart30' => 'Stop SSH deamon in 30 minutes',
|
||||||
'ssh1 disabled' => 'SSHv1 is disabled, a version 2 client will be required.',
|
'ssh1 disabled' => 'SSHv1 is disabled, a version 2 client will be required.',
|
||||||
'ssh1 enabled' => 'SSHv1 is enabled, old clients will be supported.',
|
'ssh1 enabled' => 'SSHv1 is enabled, old clients will be supported.',
|
||||||
'ssh1 support' => 'Support SSH protocol version 1 (required only for old clients)',
|
'ssh1 support' => 'Support SSH protocol version 1 (required only for old clients)',
|
||||||
|
|||||||
@@ -91,6 +91,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
|
|||||||
ln -sf $(CONFIG_ROOT)/crls /etc/ipsec.d/crls
|
ln -sf $(CONFIG_ROOT)/crls /etc/ipsec.d/crls
|
||||||
|
|
||||||
cd /usr/lib/ipsec && patch -Np0 < $(DIR_SRC)/src/patches/openswan-2.4.9-startklips-1.patch
|
cd /usr/lib/ipsec && patch -Np0 < $(DIR_SRC)/src/patches/openswan-2.4.9-startklips-1.patch
|
||||||
|
cd /usr/lib/ipsec && patch -Np0 < $(DIR_SRC)/src/patches/openswan-2.4.9-realsetup-1.patch
|
||||||
|
|
||||||
#@rm -rf $(DIR_APP)
|
#@rm -rf $(DIR_APP)
|
||||||
@$(POSTBUILD)
|
@$(POSTBUILD)
|
||||||
|
|||||||
@@ -130,6 +130,7 @@ int main(int argc, char *argv[])
|
|||||||
sleep(5);
|
sleep(5);
|
||||||
unlink("/var/ipfire/remote/enablessh");
|
unlink("/var/ipfire/remote/enablessh");
|
||||||
safe_system("cat /var/ipfire/remote/settings | sed 's/ENABLE_SSH=on/ENABLE_SSH=off/' > /var/ipfire/remote/settings2 && mv /var/ipfire/remote/settings2 /var/ipfire/remote/settings");
|
safe_system("cat /var/ipfire/remote/settings | sed 's/ENABLE_SSH=on/ENABLE_SSH=off/' > /var/ipfire/remote/settings2 && mv /var/ipfire/remote/settings2 /var/ipfire/remote/settings");
|
||||||
|
safe_system("chown nobody.nobody /var/ipfire/remote/settings");
|
||||||
snprintf(command, BUFFER_SIZE-1, "sleep %s && /usr/local/bin/sshctrl &", argv[2]);
|
snprintf(command, BUFFER_SIZE-1, "sleep %s && /usr/local/bin/sshctrl &", argv[2]);
|
||||||
safe_system(command);
|
safe_system(command);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -112,7 +112,7 @@ int main(void)
|
|||||||
else
|
else
|
||||||
snprintf(buffer, STRING_SIZE - 1, "/bin/sed -e 's/^#\\?\\(\\*\\.\\*[[:blank:]]\\+@.\\+\\)$/#\\1/' /etc/syslog.conf >&%d", config_fd );
|
snprintf(buffer, STRING_SIZE - 1, "/bin/sed -e 's/^#\\?\\(\\*\\.\\*[[:blank:]]\\+@.\\+\\)$/#\\1/' /etc/syslog.conf >&%d", config_fd );
|
||||||
|
|
||||||
snprintf(buffer, STRING_SIZE - 1, "/bin/sed -e 's/*.\\/var\\/log\\/messages/%s \\/var\\/log\\/messages/' /etc/syslog.conf >&%d", varmessages, config_fd );
|
snprintf(buffer, STRING_SIZE - 1, "/bin/sed 's/*.\\/var\\/log\\/messages/%s \\/var\\/log\\/messages/' /etc/syslog.conf >&%d", varmessages, config_fd );
|
||||||
|
|
||||||
/* if the return code isn't 0 failsafe */
|
/* if the return code isn't 0 failsafe */
|
||||||
if ((rc = unpriv_system(buffer,99,99)) != 0)
|
if ((rc = unpriv_system(buffer,99,99)) != 0)
|
||||||
|
|||||||
10
src/patches/openswan-2.4.9-realsetup-1.patch
Normal file
10
src/patches/openswan-2.4.9-realsetup-1.patch
Normal file
@@ -0,0 +1,10 @@
|
|||||||
|
--- programs/_realsetup/_realsetup.in
|
||||||
|
+++ programs/_realsetup/_realsetup.in
|
||||||
|
@@ -193,8 +193,8 @@
|
||||||
|
|
||||||
|
# preliminaries
|
||||||
|
perform rm -f $lock
|
||||||
|
- mkdir -p rundir > /dev/null 2>/dev/null
|
||||||
|
- mkdir -p subsysdir > /dev/null 2>/dev/null
|
||||||
|
+ mkdir -p $rundir > /dev/null 2>/dev/null
|
||||||
|
+ mkdir -p $subsysdir > /dev/null 2>/dev/null
|
||||||
Reference in New Issue
Block a user