webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master' into kernel-4.14

Browse Source
This commit is contained in:
Arne Fitzenreiter
2018-03-30 10:26:01 +02:00
parent 018a19af64 36600cef36
commit 302dba205b
158 changed files with 10487 additions and 913 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
config/etc/sysctl.conf
View File

@@ -1,6 +1,9 @@
net.ipv4.ip_forward = 1
net.ipv4.ip_dynaddr = 1
# Disable Path MTU Discovery
net.ipv4.ip_no_pmtu_disc = 1
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_ignore_bogus_error_responses = 1
net.ipv4.icmp_ratelimit = 1000

4
config/httpd/vhosts.d/ipfire-interface-ssl.conf
View File

@@ -10,8 +10,8 @@
TransferLog /var/log/httpd/access_log
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:CAMELLIA128-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256
SSLHonorCipherOrder on
SSLCompression off
SSLSessionTickets off

90
config/ovpn/openvpn-crl-updater Normal file
View File

@@ -0,0 +1,90 @@
#!/bin/bash
###############################################################################
# #
# IPFire.org - A linux based firewall #
# Copyright (C) 2018 IPFire Team <erik.kapfer@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation, either version 3 of the License, or #
# (at your option) any later version. #
# #
# This program is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
# along with this program. If not, see <http://www.gnu.org/licenses/>. #
# #
###############################################################################
###############################################################################
# #
# Script Location/Name: /etc/fcron.daily/openvpn-crl-updater #
# #
# Description: This script checks the "Next Update:" field of the CRL #
# and renews it if needed, which prevents the expiration of OpenVPNs CRL. #
# With OpenVPN 2.4.x the CRL handling has been refactored, #
# whereby the verification logic has been removed #
# from ssl_verify_<backend>.c . #
# #
# Run Information: If OpenVPNs CRL is present, #
# this script provides a cronjob which checks daily if an update #
# of the CRL is needed. If the expiring date reaches the value #
# (defined in the 'UPDATE' variable in days) before the CRL expiration, #
# an openssl command will be executed to renew the CRL. #
# Script execution will be logged into /var/log/messages. #
# #
###############################################################################
## Paths
OVPN="/var/ipfire/ovpn"
CRL="${OVPN}/crls/cacrl.pem"
CAKEY="${OVPN}/ca/cakey.pem"
CACERT="${OVPN}/ca/cacert.pem"
OPENSSLCONF="${OVPN}/openssl/ovpn.cnf"
# Check if CRL is presant or if OpenVPN is active
if [ ! -e "${CAKEY}" ]; then
exit 0;
fi
## Values
# Actual time in epoch format
NOW="$(date +%s)"
# Investigate CRLs 'Next Update' date
EXPIRES_CRL="$(openssl crl -in "${CRL}" -text | grep -oP 'Next Update: *\K.*')"
# Convert 'Next Update:' date from epoch to seconds
EXPIRES_AT="$(date -d "${EXPIRES_CRL}" "+%s")"
# Seconds left until CRL expires
EXPIRINGDATEINSEC="$(( EXPIRES_AT - NOW ))"
# Day in seconds to calculate
DAYINSEC="86400"
# Convert seconds to days
NEXTUPDATE="$(( EXPIRINGDATEINSEC / DAYINSEC ))"
# Update of the CRL in days before CRL expiring date
UPDATE="14"
## Mainpart
# Check if OpenVPNs CRL needs to be renewed
if [ ${NEXTUPDATE} -le ${UPDATE} ]; then
if openssl ca -gencrl -keyfile "${CAKEY}" -cert "${CACERT}" -out "${CRL}" -config "${OPENSSLCONF}"; then
logger -t openvpn "CRL has been updated"
else
logger -t openvpn "error: Could not update CRL"
fi
fi
exit 0
# EOF

2
config/qos/makeqosscripts.pl
View File

@@ -726,7 +726,7 @@ print <<END
echo "Quality of Service was successfully cleared!"
;;
gen|generate)
echo -n "Generateing the QoS-Scripts..."
echo -n "Generating the QoS-Scripts..."
/usr/bin/perl /var/ipfire/qos/bin/makeqosscripts.pl > /var/ipfire/qos/bin/qos.sh
echo ".Done!"
exit 0

1
config/rootfiles/common/armv5tel/gcc
View File

@@ -1353,6 +1353,7 @@ usr/lib/libubsan.so.0.0.0
#usr/share/info/gccint.info
#usr/share/info/libgomp.info
#usr/share/info/libitm.info
#usr/share/info/libquadmath.info
#usr/share/man/man1/cpp.1
#usr/share/man/man1/g++.1
#usr/share/man/man1/gcc.1

2
config/rootfiles/common/armv5tel/initscripts
View File

@@ -63,6 +63,7 @@ etc/rc.d/init.d/networking/red.up/99-geoip-database
etc/rc.d/init.d/networking/red.up/99-pakfire-update
etc/rc.d/init.d/networking/wpa_supplicant.exe
etc/rc.d/init.d/ntp
etc/rc.d/init.d/pakfire
etc/rc.d/init.d/partresize
etc/rc.d/init.d/random
etc/rc.d/init.d/rc
@@ -181,6 +182,7 @@ etc/rc.d/rcsysinit.d/S70console
etc/rc.d/rcsysinit.d/S73swconfig
etc/rc.d/rcsysinit.d/S75firstsetup
etc/rc.d/rcsysinit.d/S80localnet
etc/rc.d/rcsysinit.d/S81pakfire
etc/rc.d/rcsysinit.d/S85firewall
etc/rc.d/rcsysinit.d/S90network-trigger
etc/rc.d/rcsysinit.d/S92rngd

1
config/rootfiles/common/armv5tel/python-m2crypto
View File

@@ -1 +0,0 @@
#usr/lib/python2.7/site-packages/M2Crypto-0.21.1-py2.7-linux-armv5tel.egg

69
config/rootfiles/common/curl
View File

@@ -2,20 +2,18 @@ usr/bin/curl
#usr/bin/curl-config
#usr/include/curl
#usr/include/curl/curl.h
#usr/include/curl/curlbuild.h
#usr/include/curl/curlrules.h
#usr/include/curl/curlver.h
#usr/include/curl/easy.h
#usr/include/curl/mprintf.h
#usr/include/curl/multi.h
#usr/include/curl/stdcheaders.h
#usr/include/curl/system.h
#usr/include/curl/typecheck-gcc.h
#usr/lib/libcurl.a
#usr/lib/libcurl.la
#usr/lib/libcurl.so
usr/lib/libcurl.so.3
usr/lib/libcurl.so.4
usr/lib/libcurl.so.4.4.0
#usr/lib/libcurl.so.4.5.0
#usr/lib/pkgconfig/libcurl.pc
#usr/share/aclocal/libcurl.m4
#usr/share/man/man1/curl-config.1
@@ -26,15 +24,19 @@ usr/lib/libcurl.so.4.4.0
#usr/share/man/man3/CURLINFO_CONDITION_UNMET.3
#usr/share/man/man3/CURLINFO_CONNECT_TIME.3
#usr/share/man/man3/CURLINFO_CONTENT_LENGTH_DOWNLOAD.3
#usr/share/man/man3/CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.3
#usr/share/man/man3/CURLINFO_CONTENT_LENGTH_UPLOAD.3
#usr/share/man/man3/CURLINFO_CONTENT_LENGTH_UPLOAD_T.3
#usr/share/man/man3/CURLINFO_CONTENT_TYPE.3
#usr/share/man/man3/CURLINFO_COOKIELIST.3
#usr/share/man/man3/CURLINFO_EFFECTIVE_URL.3
#usr/share/man/man3/CURLINFO_FILETIME.3
#usr/share/man/man3/CURLINFO_FILETIME_T.3
#usr/share/man/man3/CURLINFO_FTP_ENTRY_PATH.3
#usr/share/man/man3/CURLINFO_HEADER_SIZE.3
#usr/share/man/man3/CURLINFO_HTTPAUTH_AVAIL.3
#usr/share/man/man3/CURLINFO_HTTP_CONNECTCODE.3
#usr/share/man/man3/CURLINFO_HTTP_VERSION.3
#usr/share/man/man3/CURLINFO_LASTSOCKET.3
#usr/share/man/man3/CURLINFO_LOCAL_IP.3
#usr/share/man/man3/CURLINFO_LOCAL_PORT.3
@@ -45,7 +47,9 @@ usr/lib/libcurl.so.4.4.0
#usr/share/man/man3/CURLINFO_PRIMARY_IP.3
#usr/share/man/man3/CURLINFO_PRIMARY_PORT.3
#usr/share/man/man3/CURLINFO_PRIVATE.3
#usr/share/man/man3/CURLINFO_PROTOCOL.3
#usr/share/man/man3/CURLINFO_PROXYAUTH_AVAIL.3
#usr/share/man/man3/CURLINFO_PROXY_SSL_VERIFYRESULT.3
#usr/share/man/man3/CURLINFO_REDIRECT_COUNT.3
#usr/share/man/man3/CURLINFO_REDIRECT_TIME.3
#usr/share/man/man3/CURLINFO_REDIRECT_URL.3
@@ -55,10 +59,15 @@ usr/lib/libcurl.so.4.4.0
#usr/share/man/man3/CURLINFO_RTSP_CSEQ_RECV.3
#usr/share/man/man3/CURLINFO_RTSP_SERVER_CSEQ.3
#usr/share/man/man3/CURLINFO_RTSP_SESSION_ID.3
#usr/share/man/man3/CURLINFO_SCHEME.3
#usr/share/man/man3/CURLINFO_SIZE_DOWNLOAD.3
#usr/share/man/man3/CURLINFO_SIZE_DOWNLOAD_T.3
#usr/share/man/man3/CURLINFO_SIZE_UPLOAD.3
#usr/share/man/man3/CURLINFO_SIZE_UPLOAD_T.3
#usr/share/man/man3/CURLINFO_SPEED_DOWNLOAD.3
#usr/share/man/man3/CURLINFO_SPEED_DOWNLOAD_T.3
#usr/share/man/man3/CURLINFO_SPEED_UPLOAD.3
#usr/share/man/man3/CURLINFO_SPEED_UPLOAD_T.3
#usr/share/man/man3/CURLINFO_SSL_ENGINES.3
#usr/share/man/man3/CURLINFO_SSL_VERIFYRESULT.3
#usr/share/man/man3/CURLINFO_STARTTRANSFER_TIME.3
@@ -80,6 +89,7 @@ usr/lib/libcurl.so.4.4.0
#usr/share/man/man3/CURLMOPT_SOCKETFUNCTION.3
#usr/share/man/man3/CURLMOPT_TIMERDATA.3
#usr/share/man/man3/CURLMOPT_TIMERFUNCTION.3
#usr/share/man/man3/CURLOPT_ABSTRACT_UNIX_SOCKET.3
#usr/share/man/man3/CURLOPT_ACCEPTTIMEOUT_MS.3
#usr/share/man/man3/CURLOPT_ACCEPT_ENCODING.3
#usr/share/man/man3/CURLOPT_ADDRESS_SCOPE.3
@@ -97,6 +107,7 @@ usr/lib/libcurl.so.4.4.0
#usr/share/man/man3/CURLOPT_CONNECTTIMEOUT.3
#usr/share/man/man3/CURLOPT_CONNECTTIMEOUT_MS.3
#usr/share/man/man3/CURLOPT_CONNECT_ONLY.3
#usr/share/man/man3/CURLOPT_CONNECT_TO.3
#usr/share/man/man3/CURLOPT_CONV_FROM_NETWORK_FUNCTION.3
#usr/share/man/man3/CURLOPT_CONV_FROM_UTF8_FUNCTION.3
#usr/share/man/man3/CURLOPT_CONV_TO_NETWORK_FUNCTION.3
@@ -142,6 +153,7 @@ usr/lib/libcurl.so.4.4.0
#usr/share/man/man3/CURLOPT_FTP_USE_EPSV.3
#usr/share/man/man3/CURLOPT_FTP_USE_PRET.3
#usr/share/man/man3/CURLOPT_GSSAPI_DELEGATION.3
#usr/share/man/man3/CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS.3
#usr/share/man/man3/CURLOPT_HEADER.3
#usr/share/man/man3/CURLOPT_HEADERDATA.3
#usr/share/man/man3/CURLOPT_HEADERFUNCTION.3
@@ -165,6 +177,7 @@ usr/lib/libcurl.so.4.4.0
#usr/share/man/man3/CURLOPT_IOCTLFUNCTION.3
#usr/share/man/man3/CURLOPT_IPRESOLVE.3
#usr/share/man/man3/CURLOPT_ISSUERCERT.3
#usr/share/man/man3/CURLOPT_KEEP_SENDING_ON_ERROR.3
#usr/share/man/man3/CURLOPT_KEYPASSWD.3
#usr/share/man/man3/CURLOPT_KRBLEVEL.3
#usr/share/man/man3/CURLOPT_LOCALPORT.3
@@ -181,6 +194,7 @@ usr/lib/libcurl.so.4.4.0
#usr/share/man/man3/CURLOPT_MAXREDIRS.3
#usr/share/man/man3/CURLOPT_MAX_RECV_SPEED_LARGE.3
#usr/share/man/man3/CURLOPT_MAX_SEND_SPEED_LARGE.3
#usr/share/man/man3/CURLOPT_MIMEPOST.3
#usr/share/man/man3/CURLOPT_NETRC.3
#usr/share/man/man3/CURLOPT_NETRC_FILE.3
#usr/share/man/man3/CURLOPT_NEW_DIRECTORY_PERMS.3
@@ -189,7 +203,6 @@ usr/lib/libcurl.so.4.4.0
#usr/share/man/man3/CURLOPT_NOPROGRESS.3
#usr/share/man/man3/CURLOPT_NOPROXY.3
#usr/share/man/man3/CURLOPT_NOSIGNAL.3
#usr/share/man/man3/CURLOPT_CONNECT_TO.3
#usr/share/man/man3/CURLOPT_OPENSOCKETDATA.3
#usr/share/man/man3/CURLOPT_OPENSOCKETFUNCTION.3
#usr/share/man/man3/CURLOPT_PASSWORD.3
@@ -204,6 +217,7 @@ usr/lib/libcurl.so.4.4.0
#usr/share/man/man3/CURLOPT_POSTQUOTE.3
#usr/share/man/man3/CURLOPT_POSTREDIR.3
#usr/share/man/man3/CURLOPT_PREQUOTE.3
#usr/share/man/man3/CURLOPT_PRE_PROXY.3
#usr/share/man/man3/CURLOPT_PRIVATE.3
#usr/share/man/man3/CURLOPT_PROGRESSDATA.3
#usr/share/man/man3/CURLOPT_PROGRESSFUNCTION.3
@@ -216,7 +230,24 @@ usr/lib/libcurl.so.4.4.0
#usr/share/man/man3/CURLOPT_PROXYTYPE.3
#usr/share/man/man3/CURLOPT_PROXYUSERNAME.3
#usr/share/man/man3/CURLOPT_PROXYUSERPWD.3
#usr/share/man/man3/CURLOPT_PROXY_CAINFO.3
#usr/share/man/man3/CURLOPT_PROXY_CAPATH.3
#usr/share/man/man3/CURLOPT_PROXY_CRLFILE.3
#usr/share/man/man3/CURLOPT_PROXY_KEYPASSWD.3
#usr/share/man/man3/CURLOPT_PROXY_PINNEDPUBLICKEY.3
#usr/share/man/man3/CURLOPT_PROXY_SERVICE_NAME.3
#usr/share/man/man3/CURLOPT_PROXY_SSLCERT.3
#usr/share/man/man3/CURLOPT_PROXY_SSLCERTTYPE.3
#usr/share/man/man3/CURLOPT_PROXY_SSLKEY.3
#usr/share/man/man3/CURLOPT_PROXY_SSLKEYTYPE.3
#usr/share/man/man3/CURLOPT_PROXY_SSLVERSION.3
#usr/share/man/man3/CURLOPT_PROXY_SSL_CIPHER_LIST.3
#usr/share/man/man3/CURLOPT_PROXY_SSL_OPTIONS.3
#usr/share/man/man3/CURLOPT_PROXY_SSL_VERIFYHOST.3
#usr/share/man/man3/CURLOPT_PROXY_SSL_VERIFYPEER.3
#usr/share/man/man3/CURLOPT_PROXY_TLSAUTH_PASSWORD.3
#usr/share/man/man3/CURLOPT_PROXY_TLSAUTH_TYPE.3
#usr/share/man/man3/CURLOPT_PROXY_TLSAUTH_USERNAME.3
#usr/share/man/man3/CURLOPT_PROXY_TRANSFER_MODE.3
#usr/share/man/man3/CURLOPT_PUT.3
#usr/share/man/man3/CURLOPT_QUOTE.3
@@ -226,7 +257,10 @@ usr/lib/libcurl.so.4.4.0
#usr/share/man/man3/CURLOPT_READFUNCTION.3
#usr/share/man/man3/CURLOPT_REDIR_PROTOCOLS.3
#usr/share/man/man3/CURLOPT_REFERER.3
#usr/share/man/man3/CURLOPT_REQUEST_TARGET.3
#usr/share/man/man3/CURLOPT_RESOLVE.3
#usr/share/man/man3/CURLOPT_RESOLVER_START_DATA.3
#usr/share/man/man3/CURLOPT_RESOLVER_START_FUNCTION.3
#usr/share/man/man3/CURLOPT_RESUME_FROM.3
#usr/share/man/man3/CURLOPT_RESUME_FROM_LARGE.3
#usr/share/man/man3/CURLOPT_RTSP_CLIENT_CSEQ.3
@@ -242,9 +276,11 @@ usr/lib/libcurl.so.4.4.0
#usr/share/man/man3/CURLOPT_SHARE.3
#usr/share/man/man3/CURLOPT_SOCKOPTDATA.3
#usr/share/man/man3/CURLOPT_SOCKOPTFUNCTION.3
#usr/share/man/man3/CURLOPT_SOCKS5_AUTH.3
#usr/share/man/man3/CURLOPT_SOCKS5_GSSAPI_NEC.3
#usr/share/man/man3/CURLOPT_SOCKS5_GSSAPI_SERVICE.3
#usr/share/man/man3/CURLOPT_SSH_AUTH_TYPES.3
#usr/share/man/man3/CURLOPT_SSH_COMPRESSION.3
#usr/share/man/man3/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.3
#usr/share/man/man3/CURLOPT_SSH_KEYDATA.3
#usr/share/man/man3/CURLOPT_SSH_KEYFUNCTION.3
@@ -273,6 +309,7 @@ usr/lib/libcurl.so.4.4.0
#usr/share/man/man3/CURLOPT_STREAM_DEPENDS.3
#usr/share/man/man3/CURLOPT_STREAM_DEPENDS_E.3
#usr/share/man/man3/CURLOPT_STREAM_WEIGHT.3
#usr/share/man/man3/CURLOPT_SUPPRESS_CONNECT_HEADERS.3
#usr/share/man/man3/CURLOPT_TCP_FASTOPEN.3
#usr/share/man/man3/CURLOPT_TCP_KEEPALIVE.3
#usr/share/man/man3/CURLOPT_TCP_KEEPIDLE.3
@@ -285,6 +322,7 @@ usr/lib/libcurl.so.4.4.0
#usr/share/man/man3/CURLOPT_TIMEOUT.3
#usr/share/man/man3/CURLOPT_TIMEOUT_MS.3
#usr/share/man/man3/CURLOPT_TIMEVALUE.3
#usr/share/man/man3/CURLOPT_TIMEVALUE_LARGE.3
#usr/share/man/man3/CURLOPT_TLSAUTH_PASSWORD.3
#usr/share/man/man3/CURLOPT_TLSAUTH_TYPE.3
#usr/share/man/man3/CURLOPT_TLSAUTH_USERNAME.3
@@ -328,6 +366,19 @@ usr/lib/libcurl.so.4.4.0
#usr/share/man/man3/curl_global_cleanup.3
#usr/share/man/man3/curl_global_init.3
#usr/share/man/man3/curl_global_init_mem.3
#usr/share/man/man3/curl_global_sslset.3
#usr/share/man/man3/curl_mime_addpart.3
#usr/share/man/man3/curl_mime_data.3
#usr/share/man/man3/curl_mime_data_cb.3
#usr/share/man/man3/curl_mime_encoder.3
#usr/share/man/man3/curl_mime_filedata.3
#usr/share/man/man3/curl_mime_filename.3
#usr/share/man/man3/curl_mime_free.3
#usr/share/man/man3/curl_mime_headers.3
#usr/share/man/man3/curl_mime_init.3
#usr/share/man/man3/curl_mime_name.3
#usr/share/man/man3/curl_mime_subparts.3
#usr/share/man/man3/curl_mime_type.3
#usr/share/man/man3/curl_mprintf.3
#usr/share/man/man3/curl_multi_add_handle.3
#usr/share/man/man3/curl_multi_assign.3
@@ -339,8 +390,8 @@ usr/lib/libcurl.so.4.4.0
#usr/share/man/man3/curl_multi_remove_handle.3
#usr/share/man/man3/curl_multi_setopt.3
#usr/share/man/man3/curl_multi_socket.3
#usr/share/man/man3/curl_multi_socket_all.3
#usr/share/man/man3/curl_multi_socket_action.3
#usr/share/man/man3/curl_multi_socket_all.3
#usr/share/man/man3/curl_multi_strerror.3
#usr/share/man/man3/curl_multi_timeout.3
#usr/share/man/man3/curl_multi_wait.3
@@ -351,17 +402,17 @@ usr/lib/libcurl.so.4.4.0
#usr/share/man/man3/curl_slist_append.3
#usr/share/man/man3/curl_slist_free_all.3
#usr/share/man/man3/curl_strequal.3
#usr/share/man/man3/curl_strnequal.3
#usr/share/man/man3/curl_unescape.3
#usr/share/man/man3/curl_version.3
#usr/share/man/man3/curl_version_info.3
#usr/share/man/man3/libcurl-easy.3
#usr/share/man/man3/libcurl-env.3
#usr/share/man/man3/libcurl-errors.3
#usr/share/man/man3/libcurl-multi.3
#usr/share/man/man3/libcurl-security.3
#usr/share/man/man3/libcurl-share.3
#usr/share/man/man3/libcurl-symbols.3
#usr/share/man/man3/libcurl-thread.3
#usr/share/man/man3/libcurl-tutorial.3
#usr/share/man/man3/libcurl.3
#usr/share/zsh
#usr/share/zsh/site-functions
#usr/share/zsh/site-functions/_curl

6
config/rootfiles/common/cyrus-sasl
View File

@@ -1,3 +1,4 @@
etc/rc.d/init.d/cyrus-sasl
#usr/include/sasl
#usr/include/sasl/hmac-md5.h
#usr/include/sasl/md5.h
@@ -24,10 +25,6 @@ usr/lib/sasl2/libcrammd5.so.3.0.0
usr/lib/sasl2/libdigestmd5.so
usr/lib/sasl2/libdigestmd5.so.3
usr/lib/sasl2/libdigestmd5.so.3.0.0
#usr/lib/sasl2/libotp.la
usr/lib/sasl2/libotp.so
usr/lib/sasl2/libotp.so.3
usr/lib/sasl2/libotp.so.3.0.0
#usr/lib/sasl2/libplain.la
usr/lib/sasl2/libplain.so
usr/lib/sasl2/libplain.so.3
@@ -94,4 +91,3 @@ usr/sbin/testsaslauthd
#usr/share/man/man8/sasldblistusers2.8
#usr/share/man/man8/saslpasswd2.8
var/lib/sasl
etc/rc.d/init.d/cyrus-sasl

2
config/rootfiles/common/i586/initscripts
View File

@@ -64,6 +64,7 @@ etc/rc.d/init.d/networking/red.up/99-geoip-database
etc/rc.d/init.d/networking/red.up/99-pakfire-update
etc/rc.d/init.d/networking/wpa_supplicant.exe
etc/rc.d/init.d/ntp
etc/rc.d/init.d/pakfire
etc/rc.d/init.d/partresize
etc/rc.d/init.d/random
etc/rc.d/init.d/rc
@@ -183,6 +184,7 @@ etc/rc.d/rcsysinit.d/S60setclock
etc/rc.d/rcsysinit.d/S70console
etc/rc.d/rcsysinit.d/S75firstsetup
etc/rc.d/rcsysinit.d/S80localnet
etc/rc.d/rcsysinit.d/S81pakfire
etc/rc.d/rcsysinit.d/S85firewall
etc/rc.d/rcsysinit.d/S90network-trigger
etc/rc.d/rcsysinit.d/S92rngd

2
config/rootfiles/common/i586/openssl-sse2
View File

@@ -1 +1 @@
usr/lib/sse2/libcrypto.so.10
usr/lib/sse2/libcrypto.so.1.1

1
config/rootfiles/common/i586/python-m2crypto
View File

@@ -1 +0,0 @@
#usr/lib/python2.7/site-packages/M2Crypto-0.21.1-py2.7-linux-i586.egg

6536
config/rootfiles/common/openssl
View File

File diff suppressed because it is too large Load Diff

2
config/rootfiles/common/openssl-compat Normal file
View File

@@ -0,0 +1,2 @@
usr/lib/libcrypto.so.10
usr/lib/libssl.so.10

5
config/rootfiles/common/openvpn
View File

@@ -1,3 +1,5 @@
etc/fcron.daily/openvpn-crl-updater
#usr/include/openvpn-msg.h
#usr/include/openvpn-plugin.h
#usr/lib/openvpn
#usr/lib/openvpn/plugins
@@ -10,11 +12,12 @@ usr/sbin/openvpn
#usr/share/doc/openvpn
#usr/share/doc/openvpn/COPYING
#usr/share/doc/openvpn/COPYRIGHT.GPL
#usr/share/doc/openvpn/Changes.rst
#usr/share/doc/openvpn/README
#usr/share/doc/openvpn/README.IPv6
#usr/share/doc/openvpn/README.auth-pam
#usr/share/doc/openvpn/README.down-root
#usr/share/doc/openvpn/README.polarssl
#usr/share/doc/openvpn/README.mbedtls
#usr/share/doc/openvpn/management-notes.txt
#usr/share/man/man8/openvpn.8
var/ipfire/ovpn/ca

1
config/rootfiles/common/pakfire
View File

@@ -6,6 +6,7 @@ opt/pakfire/db/rootfiles
#opt/pakfire/etc
#opt/pakfire/pakfire.conf
opt/pakfire/etc/pakfire.conf
opt/pakfire/pakfire.key
#opt/pakfire/lib
opt/pakfire/lib/functions.pl
opt/pakfire/lib/functions.sh

98
config/rootfiles/common/python-m2crypto Normal file
View File

@@ -0,0 +1,98 @@
#usr/lib/python2.7/site-packages/M2Crypto
#usr/lib/python2.7/site-packages/M2Crypto-0.27.0-py2.7.egg-info
#usr/lib/python2.7/site-packages/M2Crypto-0.27.0-py2.7.egg-info/PKG-INFO
#usr/lib/python2.7/site-packages/M2Crypto-0.27.0-py2.7.egg-info/SOURCES.txt
#usr/lib/python2.7/site-packages/M2Crypto-0.27.0-py2.7.egg-info/dependency_links.txt
#usr/lib/python2.7/site-packages/M2Crypto-0.27.0-py2.7.egg-info/requires.txt
#usr/lib/python2.7/site-packages/M2Crypto-0.27.0-py2.7.egg-info/top_level.txt
#usr/lib/python2.7/site-packages/M2Crypto/ASN1.py
#usr/lib/python2.7/site-packages/M2Crypto/ASN1.pyc
#usr/lib/python2.7/site-packages/M2Crypto/AuthCookie.py
#usr/lib/python2.7/site-packages/M2Crypto/AuthCookie.pyc
#usr/lib/python2.7/site-packages/M2Crypto/BIO.py
#usr/lib/python2.7/site-packages/M2Crypto/BIO.pyc
#usr/lib/python2.7/site-packages/M2Crypto/BN.py
#usr/lib/python2.7/site-packages/M2Crypto/BN.pyc
#usr/lib/python2.7/site-packages/M2Crypto/DH.py
#usr/lib/python2.7/site-packages/M2Crypto/DH.pyc
#usr/lib/python2.7/site-packages/M2Crypto/DSA.py
#usr/lib/python2.7/site-packages/M2Crypto/DSA.pyc
#usr/lib/python2.7/site-packages/M2Crypto/EC.py
#usr/lib/python2.7/site-packages/M2Crypto/EC.pyc
#usr/lib/python2.7/site-packages/M2Crypto/EVP.py
#usr/lib/python2.7/site-packages/M2Crypto/EVP.pyc
#usr/lib/python2.7/site-packages/M2Crypto/Engine.py
#usr/lib/python2.7/site-packages/M2Crypto/Engine.pyc
#usr/lib/python2.7/site-packages/M2Crypto/Err.py
#usr/lib/python2.7/site-packages/M2Crypto/Err.pyc
#usr/lib/python2.7/site-packages/M2Crypto/PGP
#usr/lib/python2.7/site-packages/M2Crypto/PGP/PublicKey.py
#usr/lib/python2.7/site-packages/M2Crypto/PGP/PublicKey.pyc
#usr/lib/python2.7/site-packages/M2Crypto/PGP/PublicKeyRing.py
#usr/lib/python2.7/site-packages/M2Crypto/PGP/PublicKeyRing.pyc
#usr/lib/python2.7/site-packages/M2Crypto/PGP/RSA.py
#usr/lib/python2.7/site-packages/M2Crypto/PGP/RSA.pyc
#usr/lib/python2.7/site-packages/M2Crypto/PGP/__init__.py
#usr/lib/python2.7/site-packages/M2Crypto/PGP/__init__.pyc
#usr/lib/python2.7/site-packages/M2Crypto/PGP/constants.py
#usr/lib/python2.7/site-packages/M2Crypto/PGP/constants.pyc
#usr/lib/python2.7/site-packages/M2Crypto/PGP/packet.py
#usr/lib/python2.7/site-packages/M2Crypto/PGP/packet.pyc
#usr/lib/python2.7/site-packages/M2Crypto/RC4.py
#usr/lib/python2.7/site-packages/M2Crypto/RC4.pyc
#usr/lib/python2.7/site-packages/M2Crypto/RSA.py
#usr/lib/python2.7/site-packages/M2Crypto/RSA.pyc
#usr/lib/python2.7/site-packages/M2Crypto/Rand.py
#usr/lib/python2.7/site-packages/M2Crypto/Rand.pyc
#usr/lib/python2.7/site-packages/M2Crypto/SMIME.py
#usr/lib/python2.7/site-packages/M2Crypto/SMIME.pyc
#usr/lib/python2.7/site-packages/M2Crypto/SSL
#usr/lib/python2.7/site-packages/M2Crypto/SSL/Checker.py
#usr/lib/python2.7/site-packages/M2Crypto/SSL/Checker.pyc
#usr/lib/python2.7/site-packages/M2Crypto/SSL/Cipher.py
#usr/lib/python2.7/site-packages/M2Crypto/SSL/Cipher.pyc
#usr/lib/python2.7/site-packages/M2Crypto/SSL/Connection.py
#usr/lib/python2.7/site-packages/M2Crypto/SSL/Connection.pyc
#usr/lib/python2.7/site-packages/M2Crypto/SSL/Context.py
#usr/lib/python2.7/site-packages/M2Crypto/SSL/Context.pyc
#usr/lib/python2.7/site-packages/M2Crypto/SSL/SSLServer.py
#usr/lib/python2.7/site-packages/M2Crypto/SSL/SSLServer.pyc
#usr/lib/python2.7/site-packages/M2Crypto/SSL/Session.py
#usr/lib/python2.7/site-packages/M2Crypto/SSL/Session.pyc
#usr/lib/python2.7/site-packages/M2Crypto/SSL/TwistedProtocolWrapper.py
#usr/lib/python2.7/site-packages/M2Crypto/SSL/TwistedProtocolWrapper.pyc
#usr/lib/python2.7/site-packages/M2Crypto/SSL/__init__.py
#usr/lib/python2.7/site-packages/M2Crypto/SSL/__init__.pyc
#usr/lib/python2.7/site-packages/M2Crypto/SSL/cb.py
#usr/lib/python2.7/site-packages/M2Crypto/SSL/cb.pyc
#usr/lib/python2.7/site-packages/M2Crypto/SSL/ssl_dispatcher.py
#usr/lib/python2.7/site-packages/M2Crypto/SSL/ssl_dispatcher.pyc
#usr/lib/python2.7/site-packages/M2Crypto/SSL/timeout.py
#usr/lib/python2.7/site-packages/M2Crypto/SSL/timeout.pyc
#usr/lib/python2.7/site-packages/M2Crypto/X509.py
#usr/lib/python2.7/site-packages/M2Crypto/X509.pyc
#usr/lib/python2.7/site-packages/M2Crypto/__init__.py
#usr/lib/python2.7/site-packages/M2Crypto/__init__.pyc
#usr/lib/python2.7/site-packages/M2Crypto/_m2crypto.so
#usr/lib/python2.7/site-packages/M2Crypto/callback.py
#usr/lib/python2.7/site-packages/M2Crypto/callback.pyc
#usr/lib/python2.7/site-packages/M2Crypto/ftpslib.py
#usr/lib/python2.7/site-packages/M2Crypto/ftpslib.pyc
#usr/lib/python2.7/site-packages/M2Crypto/httpslib.py
#usr/lib/python2.7/site-packages/M2Crypto/httpslib.pyc
#usr/lib/python2.7/site-packages/M2Crypto/m2.py
#usr/lib/python2.7/site-packages/M2Crypto/m2.pyc
#usr/lib/python2.7/site-packages/M2Crypto/m2crypto.py
#usr/lib/python2.7/site-packages/M2Crypto/m2crypto.pyc
#usr/lib/python2.7/site-packages/M2Crypto/m2urllib.py
#usr/lib/python2.7/site-packages/M2Crypto/m2urllib.pyc
#usr/lib/python2.7/site-packages/M2Crypto/m2urllib2.py
#usr/lib/python2.7/site-packages/M2Crypto/m2urllib2.pyc
#usr/lib/python2.7/site-packages/M2Crypto/m2xmlrpclib.py
#usr/lib/python2.7/site-packages/M2Crypto/m2xmlrpclib.pyc
#usr/lib/python2.7/site-packages/M2Crypto/six.py
#usr/lib/python2.7/site-packages/M2Crypto/six.pyc
#usr/lib/python2.7/site-packages/M2Crypto/threading.py
#usr/lib/python2.7/site-packages/M2Crypto/threading.pyc
#usr/lib/python2.7/site-packages/M2Crypto/util.py
#usr/lib/python2.7/site-packages/M2Crypto/util.pyc

3
config/rootfiles/common/python-typing Normal file
View File

@@ -0,0 +1,3 @@
#usr/lib/python2.7/site-packages/typing-3.6.1-py2.7.egg-info
#usr/lib/python2.7/site-packages/typing.py
#usr/lib/python2.7/site-packages/typing.pyc

3
config/rootfiles/common/unbound
View File

@@ -11,7 +11,8 @@ etc/unbound/unbound.conf
#usr/lib/libunbound.la
#usr/lib/libunbound.so
usr/lib/libunbound.so.2
usr/lib/libunbound.so.2.5.7
usr/lib/libunbound.so.2.5.8
#usr/lib/pkgconfig/libunbound.pc
usr/sbin/unbound
usr/sbin/unbound-anchor
usr/sbin/unbound-checkconf

2
config/rootfiles/common/x86_64/initscripts
View File

@@ -64,6 +64,7 @@ etc/rc.d/init.d/networking/red.up/99-geoip-database
etc/rc.d/init.d/networking/red.up/99-pakfire-update
etc/rc.d/init.d/networking/wpa_supplicant.exe
etc/rc.d/init.d/ntp
etc/rc.d/init.d/pakfire
etc/rc.d/init.d/partresize
etc/rc.d/init.d/random
etc/rc.d/init.d/rc
@@ -183,6 +184,7 @@ etc/rc.d/rcsysinit.d/S60setclock
etc/rc.d/rcsysinit.d/S70console
etc/rc.d/rcsysinit.d/S75firstsetup
etc/rc.d/rcsysinit.d/S80localnet
etc/rc.d/rcsysinit.d/S81pakfire
etc/rc.d/rcsysinit.d/S85firewall
etc/rc.d/rcsysinit.d/S90network-trigger
etc/rc.d/rcsysinit.d/S92rngd

1
config/rootfiles/common/x86_64/python-m2crypto
View File

@@ -1 +0,0 @@
#usr/lib/python2.7/site-packages/M2Crypto-0.21.1-py2.7-linux-x86_64.egg

0
config/rootfiles/core/119/exclude → config/rootfiles/core/120/exclude
View File

1
config/rootfiles/core/120/filelists/Net_SSLeay Symbolic link
View File

@@ -0,0 +1 @@
../../../common/Net_SSLeay

1
config/rootfiles/core/120/filelists/apache2 Symbolic link
View File

@@ -0,0 +1 @@
../../../common/apache2

1
config/rootfiles/core/120/filelists/apr Symbolic link
View File

@@ -0,0 +1 @@
../../../common/apr

1
config/rootfiles/core/120/filelists/aprutil Symbolic link
View File

@@ -0,0 +1 @@
../../../common/aprutil

1
config/rootfiles/core/120/filelists/bind Symbolic link
View File

@@ -0,0 +1 @@
../../../common/bind

1
config/rootfiles/core/120/filelists/curl Symbolic link
View File

@@ -0,0 +1 @@
../../../common/curl

1
config/rootfiles/core/120/filelists/cyrus-sasl Symbolic link
View File

@@ -0,0 +1 @@
../../../common/cyrus-sasl

0
config/rootfiles/core/119/filelists/dma → config/rootfiles/core/120/filelists/dma
View File

19
config/rootfiles/core/120/filelists/files Normal file
View File

@@ -0,0 +1,19 @@
etc/system-release
etc/issue
etc/sysctl.conf
etc/fcron.daily/openvpn-crl-updater
etc/rc.d/init.d/dhcp
etc/rc.d/init.d/pakfire
etc/rc.d/init.d/unbound
etc/rc.d/rcsysinit.d/S81pakfire
opt/pakfire/lib/functions.pl
opt/pakfire/pakfire.key
srv/web/ipfire/cgi-bin/ovpnmain.cgi
srv/web/ipfire/cgi-bin/proxy.cgi
srv/web/ipfire/cgi-bin/qos.cgi
srv/web/ipfire/cgi-bin/vpnmain.cgi
usr/lib/python2.7/lib-dynload/_hashlib.so
usr/lib/python2.7/lib-dynload/_ssl.so
var/ipfire/langs
var/ipfire/ovpn/openssl/ovpn.cnf
var/ipfire/qos/bin/makeqosscripts.pl

1
config/rootfiles/core/120/filelists/gnupg Symbolic link
View File

@@ -0,0 +1 @@
../../../common/gnupg

1
config/rootfiles/core/120/filelists/i586/openssl-sse2 Symbolic link
View File

@@ -0,0 +1 @@
../../../../common/i586/openssl-sse2

1
config/rootfiles/core/120/filelists/libevent2 Symbolic link
View File

@@ -0,0 +1 @@
../../../common/libevent2

1
config/rootfiles/core/120/filelists/logrotate Symbolic link
View File

@@ -0,0 +1 @@
../../../common/logrotate

1
config/rootfiles/core/120/filelists/ntp Symbolic link
View File

@@ -0,0 +1 @@
../../../common/ntp

1
config/rootfiles/core/120/filelists/openssh Symbolic link
View File

@@ -0,0 +1 @@
../../../common/openssh

1
config/rootfiles/core/120/filelists/openssl Symbolic link
View File

@@ -0,0 +1 @@
../../../common/openssl

1
config/rootfiles/core/120/filelists/openssl-compat Symbolic link
View File

@@ -0,0 +1 @@
../../../common/openssl-compat

1
config/rootfiles/core/120/filelists/openvpn Symbolic link
View File

@@ -0,0 +1 @@
../../../common/openvpn

1
config/rootfiles/core/120/filelists/python-typing Symbolic link
View File

@@ -0,0 +1 @@
../../../common/python-typing

1
config/rootfiles/core/120/filelists/snort Symbolic link
View File

@@ -0,0 +1 @@
../../../common/snort

0
config/rootfiles/core/119/filelists/strongswan → config/rootfiles/core/120/filelists/strongswan
View File

1
config/rootfiles/core/120/filelists/unbound Symbolic link
View File

@@ -0,0 +1 @@
../../../common/unbound

1
config/rootfiles/core/120/filelists/vnstat Symbolic link
View File

@@ -0,0 +1 @@
../../../common/vnstat

1
config/rootfiles/core/120/filelists/wget Symbolic link
View File

@@ -0,0 +1 @@
../../../common/wget

1
config/rootfiles/core/120/filelists/wpa_supplicant Symbolic link
View File

@@ -0,0 +1 @@
../../../common/wpa_supplicant

0
config/rootfiles/core/119/meta → config/rootfiles/core/120/meta
View File

95
config/rootfiles/core/120/update.sh Normal file
View File

@@ -0,0 +1,95 @@
#!/bin/bash
############################################################################
# #
# This file is part of the IPFire Firewall. #
# #
# IPFire is free software; you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation; either version 3 of the License, or #
# (at your option) any later version. #
# #
# IPFire is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
# along with IPFire; if not, write to the Free Software #
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
# #
# Copyright (C) 2017 IPFire-Team <info@ipfire.org>. #
# #
############################################################################
#
. /opt/pakfire/lib/functions.sh
/usr/local/bin/backupctrl exclude >/dev/null 2>&1
core=120
# Remove old core updates from pakfire cache to save space...
for (( i=1; i<=$core; i++ )); do
rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire
done
# Remove forgotten PHP file
rm -f /etc/httpd/conf/conf.d/php5.conf
# Delete old PAM libs and symlinks if presant
if ls /lib | grep -q 'libpam.*'; then
rm -f /lib/libpam*
fi
# Stop services
# Extract files
extract_files
# update linker config
ldconfig
# Update Language cache
/usr/local/bin/update-lang-cache
# Changed and new OpenVPN-2.4 directives will wrote to server.conf and renew CRL while update an core update
if [ -e /var/ipfire/ovpn/server.conf ]; then
/usr/local/bin/openvpnctrl -k
# Update configuration directives
sed -i -e 's/script-security 3 system/script-security 3/' \
-e '/status .*/ a ncp-disable' /var/ipfire/ovpn/server.conf
# Update the OpenVPN CRL
openssl ca -gencrl -keyfile /var/ipfire/ovpn/ca/cakey.pem \
-cert /var/ipfire/ovpn/ca/cacert.pem \
-out /var/ipfire/ovpn/crls/cacrl.pem \
-config /var/ipfire/ovpn/openssl/ovpn.cnf
/usr/local/bin/openvpnctrl -s
fi
# Start services
/etc/init.d/apache restart
/etc/init.d/unbound restart
# Remove deprecated SSH configuration option
sed -e "/UsePrivilegeSeparation/d" -i /etc/ssh/sshd_config
# Import new Pakfire key
gpg --import /opt/pakfire/pakfire.key
# This update needs a reboot...
touch /var/run/need_reboot
# Finish
/etc/init.d/fireinfo start
sendprofile
# Update grub config to display new core version
if [ -e /boot/grub/grub.cfg ]; then
grub-mkconfig -o /boot/grub/grub.cfg
fi
sync
# Don't report the exitcode last command
exit 0

30
config/rootfiles/oldcore/119/exclude Normal file
View File

@@ -0,0 +1,30 @@
boot/config.txt
boot/grub/grub.cfg
boot/grub/grubenv
etc/alternatives
etc/collectd.custom
etc/default/grub
etc/ipsec.conf
etc/ipsec.secrets
etc/ipsec.user.conf
etc/ipsec.user.secrets
etc/localtime
etc/shadow
etc/snort/snort.conf
etc/ssh/ssh_config
etc/ssh/sshd_config
etc/ssl/openssl.cnf
etc/sudoers
etc/sysconfig/firewall.local
etc/sysconfig/rc.local
etc/udev/rules.d/30-persistent-network.rules
srv/web/ipfire/html/proxy.pac
var/ipfire/dma
var/ipfire/time
var/ipfire/ovpn
var/lib/alternatives
var/log/cache
var/log/dhcpcd.log
var/log/messages
var/state/dhcp/dhcpd.leases
var/updatecache

0
config/rootfiles/core/119/filelists/armv5tel/binutils → config/rootfiles/oldcore/119/filelists/armv5tel/binutils
View File

0
config/rootfiles/core/119/filelists/armv5tel/gcc → config/rootfiles/oldcore/119/filelists/armv5tel/gcc
View File

0
config/rootfiles/core/119/filelists/armv5tel/glibc → config/rootfiles/oldcore/119/filelists/armv5tel/glibc
View File

1
config/rootfiles/oldcore/119/filelists/dma Symbolic link
View File

@@ -0,0 +1 @@
../../../common/dma

0
config/rootfiles/core/119/filelists/files → config/rootfiles/oldcore/119/filelists/files
View File

0
config/rootfiles/core/119/filelists/hostname → config/rootfiles/oldcore/119/filelists/hostname
View File

0
config/rootfiles/core/119/filelists/i2c-tools → config/rootfiles/oldcore/119/filelists/i2c-tools
View File

0
config/rootfiles/core/119/filelists/i586/binutils → config/rootfiles/oldcore/119/filelists/i586/binutils
View File

0
config/rootfiles/core/119/filelists/i586/gcc → config/rootfiles/oldcore/119/filelists/i586/gcc
View File

0
config/rootfiles/core/119/filelists/i586/glibc → config/rootfiles/oldcore/119/filelists/i586/glibc
View File

0
config/rootfiles/core/119/filelists/iproute2 → config/rootfiles/oldcore/119/filelists/iproute2
View File

0
config/rootfiles/core/119/filelists/pam → config/rootfiles/oldcore/119/filelists/pam
View File

0
config/rootfiles/core/119/filelists/setup → config/rootfiles/oldcore/119/filelists/setup
View File

1
config/rootfiles/oldcore/119/filelists/strongswan Symbolic link
View File

@@ -0,0 +1 @@
../../../common/strongswan

0
config/rootfiles/core/119/filelists/x86_64/binutils → config/rootfiles/oldcore/119/filelists/x86_64/binutils
View File

0
config/rootfiles/core/119/filelists/x86_64/gcc → config/rootfiles/oldcore/119/filelists/x86_64/gcc
View File

0
config/rootfiles/core/119/filelists/x86_64/glibc → config/rootfiles/oldcore/119/filelists/x86_64/glibc
View File

1
config/rootfiles/oldcore/119/meta Normal file
View File

@@ -0,0 +1 @@
DEPS=""

0
config/rootfiles/core/119/update.sh → config/rootfiles/oldcore/119/update.sh
View File

8
config/rootfiles/packages/asterisk
View File

@@ -591,10 +591,10 @@ var/ipfire/backup/addons/includes/asterisk
#var/lib/asterisk
var/lib/asterisk/agi-bin
#var/lib/asterisk/documentation
#var/lib/asterisk/documentation/appdocsxml.dtd
#var/lib/asterisk/documentation/appdocsxml.xslt
#var/lib/asterisk/documentation/core-en_US.xml
#var/lib/asterisk/documentation/thirdparty
var/lib/asterisk/documentation/appdocsxml.dtd
var/lib/asterisk/documentation/appdocsxml.xslt
var/lib/asterisk/documentation/core-en_US.xml
var/lib/asterisk/documentation/thirdparty
#var/lib/asterisk/firmware
var/lib/asterisk/firmware/iax
#var/lib/asterisk/images

16
config/rootfiles/packages/ffmpeg
View File

@@ -125,19 +125,19 @@ usr/bin/ffserver
#usr/include/libswscale/version.h
#usr/lib/libavcodec.a
#usr/lib/libavcodec.so
#usr/lib/libavcodec.so.57
usr/lib/libavcodec.so.57
usr/lib/libavcodec.so.57.107.100
#usr/lib/libavdevice.a
#usr/lib/libavdevice.so
#usr/lib/libavdevice.so.57
usr/lib/libavdevice.so.57
usr/lib/libavdevice.so.57.10.100
#usr/lib/libavfilter.a
#usr/lib/libavfilter.so
#usr/lib/libavfilter.so.6
usr/lib/libavfilter.so.6
usr/lib/libavfilter.so.6.107.100
#usr/lib/libavformat.a
#usr/lib/libavformat.so
#usr/lib/libavformat.so.57
usr/lib/libavformat.so.57
usr/lib/libavformat.so.57.83.100
#usr/lib/libavresample.a
#usr/lib/libavresample.so
@@ -145,19 +145,19 @@ usr/lib/libavresample.so.3
usr/lib/libavresample.so.3.7.0
#usr/lib/libavutil.a
#usr/lib/libavutil.so
#usr/lib/libavutil.so.55
usr/lib/libavutil.so.55
usr/lib/libavutil.so.55.78.100
#usr/lib/libpostproc.a
#usr/lib/libpostproc.so
#usr/lib/libpostproc.so.54
usr/lib/libpostproc.so.54
usr/lib/libpostproc.so.54.7.100
#usr/lib/libswresample.a
#usr/lib/libswresample.so
#usr/lib/libswresample.so.2
usr/lib/libswresample.so.2
usr/lib/libswresample.so.2.9.100
#usr/lib/libswscale.a
#usr/lib/libswscale.so
#usr/lib/libswscale.so.4
usr/lib/libswscale.so.4
usr/lib/libswscale.so.4.8.100
#usr/lib/pkgconfig/libavcodec.pc
#usr/lib/pkgconfig/libavdevice.pc

8
config/rootfiles/packages/krb5
View File

@@ -82,12 +82,12 @@ usr/lib/libk5crypto.so.3
usr/lib/libk5crypto.so.3.1
#usr/lib/libkadm5clnt.so
#usr/lib/libkadm5clnt_mit.so
usr/lib/libkadm5clnt_mit.so.10
usr/lib/libkadm5clnt_mit.so.10.0
usr/lib/libkadm5clnt_mit.so.11
usr/lib/libkadm5clnt_mit.so.11.0
#usr/lib/libkadm5srv.so
#usr/lib/libkadm5srv_mit.so
usr/lib/libkadm5srv_mit.so.10
usr/lib/libkadm5srv_mit.so.10.0
usr/lib/libkadm5srv_mit.so.11
usr/lib/libkadm5srv_mit.so.11.0
#usr/lib/libkdb5.so
usr/lib/libkdb5.so.8
usr/lib/libkdb5.so.8.0

87
html/cgi-bin/ovpnmain.cgi
View File

@@ -216,7 +216,7 @@ sub writeserverconf {
print CONF "dev tun\n";
print CONF "proto $sovpnsettings{'DPROTOCOL'}\n";
print CONF "port $sovpnsettings{'DDEST_PORT'}\n";
print CONF "script-security 3 system\n";
print CONF "script-security 3\n";
print CONF "ifconfig-pool-persist /var/ipfire/ovpn/ovpn-leases.db 3600\n";
print CONF "client-config-dir /var/ipfire/ovpn/ccd\n";
print CONF "tls-server\n";
@@ -289,6 +289,7 @@ sub writeserverconf {
}
print CONF "status-version 1\n";
print CONF "status /var/run/ovpnserver.log 30\n";
print CONF "ncp-disable\n";
print CONF "cipher $sovpnsettings{DCIPHER}\n";
if ($sovpnsettings{'DAUTH'} eq '') {
print CONF "";
@@ -969,12 +970,18 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General
print SERVERCONF "dh ${General::swroot}/ovpn/ca/$cgiparams{'DH_NAME'}\n";
print SERVERCONF "# Cipher\n";
print SERVERCONF "cipher $cgiparams{'DCIPHER'}\n";
if ($cgiparams{'DAUTH'} eq '') {
print SERVERCONF "auth SHA1\n";
# If GCM cipher is used, do not use --auth
if (($cgiparams{'DCIPHER'} eq 'AES-256-GCM') ||
($cgiparams{'DCIPHER'} eq 'AES-192-GCM') ||
($cgiparams{'DCIPHER'} eq 'AES-128-GCM')) {
print SERVERCONF unless "# HMAC algorithm\n";
print SERVERCONF unless "auth $cgiparams{'DAUTH'}\n";
} else {
print SERVERCONF "# HMAC algorithm\n";
print SERVERCONF "auth $cgiparams{'DAUTH'}\n";
print SERVERCONF "# HMAC algorithm\n";
print SERVERCONF "auth $cgiparams{'DAUTH'}\n";
}
if ($cgiparams{'COMPLZO'} eq 'on') {
print SERVERCONF "# Enable Compression\n";
print SERVERCONF "comp-lzo\n";
@@ -1075,12 +1082,18 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General
print CLIENTCONF "# Cipher\n";
print CLIENTCONF "cipher $cgiparams{'DCIPHER'}\n";
print CLIENTCONF "pkcs12 ${General::swroot}/ovpn/certs/$cgiparams{'NAME'}.p12\r\n";
if ($cgiparams{'DAUTH'} eq '') {
print CLIENTCONF "auth SHA1\n";
# If GCM cipher is used, do not use --auth
if (($cgiparams{'DCIPHER'} eq 'AES-256-GCM') ||
($cgiparams{'DCIPHER'} eq 'AES-192-GCM') ||
($cgiparams{'DCIPHER'} eq 'AES-128-GCM')) {
print CLIENTCONF unless "# HMAC algorithm\n";
print CLIENTCONF unless "auth $cgiparams{'DAUTH'}\n";
} else {
print CLIENTCONF "# HMAC algorithm\n";
print CLIENTCONF "auth $cgiparams{'DAUTH'}\n";
print CLIENTCONF "# HMAC algorithm\n";
print CLIENTCONF "auth $cgiparams{'DAUTH'}\n";
}
if ($cgiparams{'COMPLZO'} eq 'on') {
print CLIENTCONF "# Enable Compression\n";
print CLIENTCONF "comp-lzo\n";
@@ -2197,13 +2210,18 @@ if ($confighash{$cgiparams{'KEY'}}[3] eq 'net'){
print CLIENTCONF "pkcs12 ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12\r\n";
$zip->addFile( "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12", "$confighash{$cgiparams{'KEY'}}[1].p12") or die "Can't add file $confighash{$cgiparams{'KEY'}}[1].p12\n";
}
if ($confighash{$cgiparams{'KEY'}}[39] eq '') {
print CLIENTCONF "# HMAC algorithm\n";
print CLIENTCONF "auth SHA1\n";
# If GCM cipher is used, do not use --auth
if (($confighash{$cgiparams{'KEY'}}[40] eq 'AES-256-GCM') ||
($confighash{$cgiparams{'KEY'}}[40] eq 'AES-192-GCM') ||
($confighash{$cgiparams{'KEY'}}[40] eq 'AES-128-GCM')) {
print CLIENTCONF unless "# HMAC algorithm\n";
print CLIENTCONF unless "auth $confighash{$cgiparams{'KEY'}}[39]\n";
} else {
print CLIENTCONF "# HMAC algorithm\n";
print CLIENTCONF "auth $confighash{$cgiparams{'KEY'}}[39]\n";
print CLIENTCONF "# HMAC algorithm\n";
print CLIENTCONF "auth $confighash{$cgiparams{'KEY'}}[39]\n";
}
if ($confighash{$cgiparams{'KEY'}}[30] eq 'on') {
print CLIENTCONF "# Enable Compression\n";
print CLIENTCONF "comp-lzo\n";
@@ -4543,6 +4561,9 @@ if ($cgiparams{'TYPE'} eq 'net') {
}
$checked{'PMTU_DISCOVERY'}{$cgiparams{'PMTU_DISCOVERY'}} = 'checked=\'checked\'';
$selected{'DCIPHER'}{'AES-256-GCM'} = '';
$selected{'DCIPHER'}{'AES-192-GCM'} = '';
$selected{'DCIPHER'}{'AES-128-GCM'} = '';
$selected{'DCIPHER'}{'CAMELLIA-256-CBC'} = '';
$selected{'DCIPHER'}{'CAMELLIA-192-CBC'} = '';
$selected{'DCIPHER'}{'CAMELLIA-128-CBC'} = '';
@@ -4628,6 +4649,15 @@ if ($cgiparams{'TYPE'} eq 'net') {
} else {
print "<td width='25%'><input type='text' name='NAME' value='$cgiparams{'NAME'}' maxlength='20' /></td>";
}
# If GCM ciphers are in usage, HMAC menu is disabled
my $hmacdisabled;
if (($confighash{$cgiparams{'KEY'}}[40] eq 'AES-256-GCM') ||
($confighash{$cgiparams{'KEY'}}[40] eq 'AES-192-GCM') ||
($confighash{$cgiparams{'KEY'}}[40] eq 'AES-128-GCM')) {
$hmacdisabled = "disabled='disabled'";
};
print <<END;
<td width='25%'>&nbsp;</td>
<td width='25%'>&nbsp;</td></tr>
@@ -4706,7 +4736,10 @@ if ($cgiparams{'TYPE'} eq 'net') {
</tr>
<tr><td class='boldbase'>$Lang::tr{'cipher'}</td>
<td><select name='DCIPHER'>
<td><select name='DCIPHER' id="n2ncipher" required>
<option value='AES-256-GCM' $selected{'DCIPHER'}{'AES-256-GCM'}>AES-GCM (256 $Lang::tr{'bit'})</option>
<option value='AES-192-GCM' $selected{'DCIPHER'}{'AES-192-GCM'}>AES-GCM (192 $Lang::tr{'bit'})</option>
<option value='AES-128-GCM' $selected{'DCIPHER'}{'AES-128-GCM'}>AES-GCM (128 $Lang::tr{'bit'})</option>
<option value='CAMELLIA-256-CBC' $selected{'DCIPHER'}{'CAMELLIA-256-CBC'}>CAMELLIA-CBC (256 $Lang::tr{'bit'})</option>
<option value='CAMELLIA-192-CBC' $selected{'DCIPHER'}{'CAMELLIA-192-CBC'}>CAMELLIA-CBC (192 $Lang::tr{'bit'})</option>
<option value='CAMELLIA-128-CBC' $selected{'DCIPHER'}{'CAMELLIA-128-CBC'}>CAMELLIA-CBC (128 $Lang::tr{'bit'})</option>
@@ -4723,7 +4756,7 @@ if ($cgiparams{'TYPE'} eq 'net') {
</td>
<td class='boldbase'>$Lang::tr{'ovpn ha'}:</td>
<td><select name='DAUTH'>
<td><select name='DAUTH' id="n2nhmac" $hmacdisabled>
<option value='whirlpool' $selected{'DAUTH'}{'whirlpool'}>Whirlpool (512 $Lang::tr{'bit'})</option>
<option value='SHA512' $selected{'DAUTH'}{'SHA512'}>SHA2 (512 $Lang::tr{'bit'})</option>
<option value='SHA384' $selected{'DAUTH'}{'SHA384'}>SHA2 (384 $Lang::tr{'bit'})</option>
@@ -4737,6 +4770,22 @@ if ($cgiparams{'TYPE'} eq 'net') {
END
;
}
#### JAVA SCRIPT ####
# Validate N2N cipher. If GCM will be used, HMAC menu will be disabled onchange
print<<END;
<script>
var disable_options = false;
document.getElementById('n2ncipher').onchange = function () {
if((this.value == "AES-256-GCM"||this.value == "AES-192-GCM"||this.value == "AES-128-GCM")) {
document.getElementById('n2nhmac').setAttribute('disabled', true);
} else {
document.getElementById('n2nhmac').removeAttribute('disabled');
}
}
</script>
END
#jumper
print "<tr><td class='boldbase'>$Lang::tr{'remark title'}</td>";
print "<td colspan='3'><input type='text' name='REMARK' value='$cgiparams{'REMARK'}' size='55' maxlength='50' /></td></tr></table>";
@@ -5108,6 +5157,9 @@ END
$selected{'DPROTOCOL'}{'tcp'} = '';
$selected{'DPROTOCOL'}{$cgiparams{'DPROTOCOL'}} = 'SELECTED';
$selected{'DCIPHER'}{'AES-256-GCM'} = '';
$selected{'DCIPHER'}{'AES-192-GCM'} = '';
$selected{'DCIPHER'}{'AES-128-GCM'} = '';
$selected{'DCIPHER'}{'CAMELLIA-256-CBC'} = '';
$selected{'DCIPHER'}{'CAMELLIA-192-CBC'} = '';
$selected{'DCIPHER'}{'CAMELLIA-128-CBC'} = '';
@@ -5204,6 +5256,9 @@ END
<td class='boldbase' nowrap='nowrap'>$Lang::tr{'cipher'}</td>
<td><select name='DCIPHER'>
<option value='AES-256-GCM' $selected{'DCIPHER'}{'AES-256-GCM'}>AES-GCM (256 $Lang::tr{'bit'})</option>
<option value='AES-192-GCM' $selected{'DCIPHER'}{'AES-192-GCM'}>AES-GCM (192 $Lang::tr{'bit'})</option>
<option value='AES-128-GCM' $selected{'DCIPHER'}{'AES-128-GCM'}>AES-GCM (128 $Lang::tr{'bit'})</option>
<option value='CAMELLIA-256-CBC' $selected{'DCIPHER'}{'CAMELLIA-256-CBC'}>CAMELLIA-CBC (256 $Lang::tr{'bit'})</option>
<option value='CAMELLIA-192-CBC' $selected{'DCIPHER'}{'CAMELLIA-192-CBC'}>CAMELLIA-CBC (192 $Lang::tr{'bit'})</option>
<option value='CAMELLIA-128-CBC' $selected{'DCIPHER'}{'CAMELLIA-128-CBC'}>CAMELLIA-CBC (128 $Lang::tr{'bit'})</option>

12
html/cgi-bin/proxy.cgi
View File

@@ -401,8 +401,7 @@ if (($proxysettings{'ACTION'} eq $Lang::tr{'save'}) || ($proxysettings{'ACTION'}
$errormessage = $Lang::tr{'proxy errmsg filedescriptors'};
goto ERROR;
}
if (!($proxysettings{'CACHE_MEM'} =~ /^\d+/) ||
($proxysettings{'CACHE_MEM'} < 1))
if (!($proxysettings{'CACHE_MEM'} =~ /^\d+/))
{
$errormessage = $Lang::tr{'advproxy errmsg mem cache size'};
goto ERROR;
@@ -3172,7 +3171,7 @@ END
}
}
if ($proxysettings{'CACHE_SIZE'} > 0)
if (($proxysettings{'CACHE_SIZE'} > 0) || ($proxysettings{'CACHE_MEM'} > 0))
{
print FILE "\n";
@@ -3269,7 +3268,12 @@ cache_dir aufs /var/log/cache $proxysettings{'CACHE_SIZE'} $proxysettings{'L1_DI
END
;
} else {
print FILE "cache deny all\n\n";
if ($proxysettings{'CACHE_MEM'} > 0) {
# always 2% of CACHE_MEM defined as max object size
print FILE "maximum_object_size_in_memory " . int($proxysettings{'CACHE_MEM'} * 1024 * 0.02) . " KB\n\n";
} else {
print FILE "cache deny all\n\n";
}
}
print FILE <<END

8
html/cgi-bin/qos.cgi
View File

@@ -510,17 +510,17 @@ elsif ($qossettings{'ACTION'} eq $Lang::tr{'template'} )
}
open( FILE, "> $classfile" ) or die "Unable to write $classfile";
print FILE <<END
imq0;200;1;$DOWN[10];$DOWN[1];;;8;VoIP;
imq0;200;1;$DOWN[20];$DOWN[1];;;8;VoIP;
imq0;203;4;$DOWN[20];$DOWN[1];;;0;VPN;
imq0;204;5;$DOWN[20];$DOWN[1];;;8;Webtraffic;
imq0;210;6;1;$DOWN[1];;;0;Default;
imq0;220;7;1;$DOWN[1];;;1;P2P;
$qossettings{'RED_DEV'};101;1;$UP[2];$UP[1];;;8;ACKs;
$qossettings{'RED_DEV'};102;2;$UP[3];$UP[1];;;8;VoIP;
$qossettings{'RED_DEV'};101;1;$UP[10];$UP[1];;;8;ACKs;
$qossettings{'RED_DEV'};102;2;$UP[10];$UP[1];;;8;VoIP;
$qossettings{'RED_DEV'};103;4;$UP[10];$UP[1];;;2;VPN;
$qossettings{'RED_DEV'};104;5;$UP[10];$UP[1];;;8;Webtraffic;
$qossettings{'RED_DEV'};110;6;1;$UP[1];;;0;Default;
$qossettings{'RED_DEV'};120;7;1;$UP[1];;;1;P2P;
$qossettings{'RED_DEV'};103;4;$UP[2];$UP[1];;;2;VPN;
END
;
close FILE;

6
html/cgi-bin/vpnmain.cgi
View File

@@ -199,10 +199,10 @@ sub callssl ($) {
sub getCNfromcert ($) {
#&General::log("ipsec", "Extracting name from $_[0]...");
my $temp = `/usr/bin/openssl x509 -text -in $_[0]`;
$temp =~ /Subject:.*CN=(.*)[\n]/;
$temp =~ /Subject:.*CN = (.*)[\n]/;
$temp = $1;
$temp =~ s+/Email+, E+;
$temp =~ s/ ST=/ S=/;
$temp =~ s/ ST = / S = /;
$temp =~ s/,//g;
$temp =~ s/\'//g;
return $temp;
@@ -216,7 +216,7 @@ sub getsubjectfromcert ($) {
$temp =~ /Subject: (.*)[\n]/;
$temp = $1;
$temp =~ s+/Email+, E+;
$temp =~ s/ ST=/ S=/;
$temp =~ s/ ST = / S = /;
return $temp;
}
###

4
lfs/Net_SSLeay
View File

@@ -24,7 +24,7 @@
include Config
VER = 1.55
VER = 1.82
THISAPP = Net-SSLeay-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = 473b8d66ca69d5784bb0e428721f58e0
$(DL_FILE)_MD5 = 2170469d929d5173bacffd0cb2d7fafa
install : $(TARGET)

2
lfs/asterisk
View File

@@ -28,7 +28,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = asterisk
PAK_VER = 22
PAK_VER = 24
DEPS = "jansson libsrtp opus"

2
lfs/bacula
View File

@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = bacula
PAK_VER = 3
PAK_VER = 4
DEPS = ""

4
lfs/bind
View File

@@ -25,7 +25,7 @@
include Config
VER = 9.11.2-P1
VER = 9.11.3
THISAPP = bind-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -43,7 +43,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = 8877d7bf09abc0d186717e560c29ccfb
$(DL_FILE)_MD5 = 4ed2a3f235595eadbd763b7ecb687ca0
install : $(TARGET)

7
lfs/clamav
View File

@@ -24,7 +24,7 @@
include Config
VER = 0.99.3
VER = 0.99.4
THISAPP = clamav-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = clamav
PAK_VER = 35
PAK_VER = 37
DEPS = ""
@@ -48,7 +48,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = 5272f127312e987b3e10c155cf1d84df
$(DL_FILE)_MD5 = b9359b90086948b3c4eb97c84cf4b400
install : $(TARGET)
@@ -82,7 +82,6 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/clamav/llvm-glibc.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/clamav/clamav-0.99.3-gcc-6.patch
cd $(DIR_APP) && ./configure \
--prefix=/usr \
--disable-zlib-vcheck \

8
lfs/curl
View File

@@ -24,10 +24,10 @@
include Config
VER = 7.49.1
VER = 7.59.0
THISAPP = curl-$(VER)
DL_FILE = $(THISAPP).tar.lzma
DL_FILE = $(THISAPP).tar.gz
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = ae5e5e395da413d1fa0864e1d0a3fa57
$(DL_FILE)_MD5 = a44f98c25c7506e7103039b542aa5ad8
install : $(TARGET)
@@ -69,7 +69,7 @@ $(subst %,%_MD5,$(objects)) :
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar xf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && ./configure \
--prefix=/usr \
--disable-ipv6 \

2
lfs/cyrus-imapd
View File

@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = cyrus-imapd
PAK_VER = 6
PAK_VER = 7
DEPS = ""

3
lfs/cyrus-sasl
View File

@@ -90,7 +90,8 @@ ifeq "$(PASS)" ""
cd $(DIR_APP) && ./configure --prefix=/usr --sysconfdir=/etc \
--with-dbpath=/var/lib/sasl/sasldb2 \
--with-saslauthd=/var/run/saslauthd \
--with-des=no --with-rc4=no
--with-des=no --with-rc4=no \
--disable-otp
cd $(DIR_APP) && make
cd $(DIR_APP) && make install
install -v -m700 -d /var/lib/sasl

3
lfs/dmidecode
View File

@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
# Copyright (C) 2016 IPFire Team <info@ipfire.org> #
# Copyright (C) 2018 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -71,6 +71,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dmidecode/0005-nothing-should-go-into-usr-local.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dmidecode/add_support_for_structure_type_43_tpm_device.patch
cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE)
cd $(DIR_APP) && make install
@rm -rf $(DIR_APP)

4
lfs/elinks
View File

@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = elinks
PAK_VER = 5
PAK_VER = 7
DEPS = ""
@@ -78,6 +78,8 @@ dist:
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/elinks-0.12pre6-openssl11.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/elinks-0.11.0-ssl-noegd.patch
cd $(DIR_APP) && ./configure
cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE)
cd $(DIR_APP) && make install

4
lfs/fetchmail
View File

@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = fetchmail
PAK_VER = 7
PAK_VER = 9
DEPS = ""
@@ -77,6 +77,8 @@ $(subst %,%_MD5,$(objects)) :
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar Jxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/fetchmail-6.3.26-permit-build-without-ssl3.patch
cd $(DIR_APP) && ./configure \
--prefix=/usr \
--with-ssl \

2
lfs/ffmpeg
View File

@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = ffmpeg
PAK_VER = 7
PAK_VER = 8
DEPS = "sdl lame libvorbis xvid"

2
lfs/freeradius
View File

@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = freeradius
PAK_VER = 2
PAK_VER = 3
DEPS = "samba"

2
lfs/git
View File

@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = git
PAK_VER = 14
PAK_VER = 15
DEPS = "perl-Authen-SASL perl-MIME-Base64 perl-Net-SMTP-SSL"

4
lfs/gnupg
View File

@@ -24,7 +24,7 @@
include Config
VER = 1.4.21
VER = 1.4.22
THISAPP = gnupg-$(VER)
DL_FILE = $(THISAPP).tar.bz2
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = 9bdeabf3c0f87ff21cb3f9216efdd01d
$(DL_FILE)_MD5 = 082bda3951a94743e76b83fcf3627547
install : $(TARGET)

2
lfs/haproxy
View File

@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = haproxy
PAK_VER = 3
PAK_VER = 4
DEPS = ""

6
lfs/hdparm
View File

@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
# Copyright (C) 2007-2017 IPFire Team <info@ipfire.org> #
# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
VER = 9.53
VER = 9.55
THISAPP = hdparm-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = 1e54b52e0c8cb79389d4d47eacba411d
$(DL_FILE)_MD5 = adae46e9564075ae288af8082d5ad9fd
install : $(TARGET)

2
lfs/hostapd
View File

@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = hostapd
PAK_VER = 40
PAK_VER = 41
DEPS = ""

8
lfs/htop
View File

@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
# Copyright (C) 2007-2016 IPFire Team <info@ipfire.org> #
# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
VER = 2.0.2
VER = 2.1.0
THISAPP = htop-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = htop
PAK_VER = 9
PAK_VER = 10
DEPS = ""
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = 7d354d904bad591a931ad57e99fea84a
$(DL_FILE)_MD5 = f262b66ad6c194782f4d3a80627e84c8
install : $(TARGET)

2
lfs/icecast
View File

@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = icecast
PAK_VER = 2
PAK_VER = 3
DEPS = "libshout lame sox libvorbis libogg"

1
lfs/initscripts
View File

@@ -175,6 +175,7 @@ $(TARGET) :
ln -sf ../init.d/console /etc/rc.d/rcsysinit.d/S70console
ln -sf ../init.d/firstsetup /etc/rc.d/rcsysinit.d/S75firstsetup
ln -sf ../init.d/localnet /etc/rc.d/rcsysinit.d/S80localnet
ln -sf ../init.d/pakfire /etc/rc.d/rcsysinit.d/S81pakfire
ln -sf ../init.d/firewall /etc/rc.d/rcsysinit.d/S85firewall
ln -sf ../init.d/network-trigger /etc/rc.d/rcsysinit.d/S90network-trigger
ln -sf ../init.d/rngd /etc/rc.d/rcsysinit.d/S92rngd

2
lfs/keepalived
View File

@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = keepalived
PAK_VER = 2
PAK_VER = 3
DEPS = ""

6
lfs/krb5
View File

@@ -24,7 +24,7 @@
include Config
VER = 1.14.4
VER = 1.15.2
THISAPP = krb5-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)/src
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = krb5
PAK_VER = 2
PAK_VER = 3
DEPS = ""
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = ba90f5701fc2dda76133c1f34ba4ee80
$(DL_FILE)_MD5 = b160f72161c730897dc7689f876b6e2a
install : $(TARGET)

2
lfs/libvirt
View File

@@ -33,7 +33,7 @@ DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
SUP_ARCH = i586 x86_64
PROG = libvirt
PAK_VER = 14
PAK_VER = 15
DEPS = "libpciaccess libyajl ncat qemu"

Some files were not shown because too many files have changed in this diff Show More