diff --git a/config/rootfiles/common/configroot b/config/rootfiles/common/configroot index 087443aab..b1097cd89 100644 --- a/config/rootfiles/common/configroot +++ b/config/rootfiles/common/configroot @@ -155,6 +155,7 @@ var/ipfire/proxy #var/ipfire/proxy/calamaris #var/ipfire/proxy/calamaris/bin #var/ipfire/proxy/settings +#var/ipfire/proxy/squid.conf var/ipfire/qos #var/ipfire/qos/bin #var/ipfire/qos/bin/RRD-func.pl diff --git a/config/rootfiles/common/i586/strongswan-padlock b/config/rootfiles/common/i586/strongswan-padlock index 4ebfc75b9..02aa457d3 100644 --- a/config/rootfiles/common/i586/strongswan-padlock +++ b/config/rootfiles/common/i586/strongswan-padlock @@ -1,2 +1 @@ usr/lib/ipsec/plugins/libstrongswan-padlock.so -usr/lib/ipsec/plugins/libstrongswan-rdrand.so diff --git a/config/rootfiles/core/74/filelists/files b/config/rootfiles/core/74/filelists/files index 5a874e7b3..52d01785d 100644 --- a/config/rootfiles/core/74/filelists/files +++ b/config/rootfiles/core/74/filelists/files @@ -2,5 +2,6 @@ etc/system-release etc/issue srv/web/ipfire/cgi-bin/dnsforward.cgi srv/web/ipfire/cgi-bin/proxy.cgi +usr/local/bin/httpscert var/ipfire/header.pl var/ipfire/langs diff --git a/lfs/configroot b/lfs/configroot index f73453d91..98e7af320 100644 --- a/lfs/configroot +++ b/lfs/configroot @@ -68,7 +68,7 @@ $(TARGET) : fwhosts/customnetworks fwhosts/customhosts fwhosts/customgroups fwhosts/customservicegrp fwlogs/ipsettings fwlogs/portsettings \ isdn/settings mac/settings main/disable_nf_sip main/hosts main/routing main/settings net-traffic/settings optionsfw/settings \ ovpn/ccd.conf ovpn/ccdroute ovpn/ccdroute2 pakfire/settings portfw/config ppp/settings-1 ppp/settings-2 ppp/settings-3 ppp/settings-4 \ - ppp/settings-5 ppp/settings proxy/settings proxy/advanced/settings proxy/advanced/cre/enable remote/settings qos/settings qos/classes qos/subclasses qos/level7config qos/portconfig \ + ppp/settings-5 ppp/settings proxy/settings proxy/squid.conf proxy/advanced/settings proxy/advanced/cre/enable remote/settings qos/settings qos/classes qos/subclasses qos/level7config qos/portconfig \ qos/tosconfig snort/settings tripwire/settings upnp/settings vpn/config vpn/settings vpn/ipsec.conf \ vpn/ipsec.secrets vpn/caconfig wakeonlan/clients.conf wireless/config wireless/settings; do \ touch $(CONFIG_ROOT)/$$i; \ diff --git a/lfs/strongswan b/lfs/strongswan index 948db5b1d..5c411a333 100644 --- a/lfs/strongswan +++ b/lfs/strongswan @@ -34,12 +34,10 @@ TARGET = $(DIR_INFO)/$(THISAPP) ifeq "$(MACHINE)" "i586" CONFIGURE_OPTIONS = \ - --enable-padlock \ - --enable-rdrand + --enable-padlock else CONFIGURE_OPTIONS = \ - --disable-padlock \ - --disable-rdrand + --disable-padlock endif ############################################################################### diff --git a/make.sh b/make.sh index 8de509725..8e7252fbc 100755 --- a/make.sh +++ b/make.sh @@ -26,7 +26,7 @@ NAME="IPFire" # Software name SNAME="ipfire" # Short name VERSION="2.13" # Version number CORE="74" # Core Level (Filename) -PAKFIRE_CORE="73" # Core Level (PAKFIRE) +PAKFIRE_CORE="74" # Core Level (PAKFIRE) GIT_BRANCH=`git status | head -n1 | cut -d" " -f4` # Git Branch SLOGAN="www.ipfire.org" # Software slogan CONFIG_ROOT=/var/ipfire # Configuration rootdir diff --git a/src/scripts/httpscert b/src/scripts/httpscert index fb2d64bac..d0e23fa7f 100644 --- a/src/scripts/httpscert +++ b/src/scripts/httpscert @@ -6,13 +6,9 @@ # See how we were called. case "$1" in new) - # set temporary random file - export RANDFILE=/root/.rnd if [ ! -f /etc/httpd/server.key ]; then echo "Generating https server key." - /usr/bin/openssl genrsa -rand \ - /boot/vmlinuz:CONFIG_ROOT/ethernet/settings -out \ - /etc/httpd/server.key 1024 + /usr/bin/openssl genrsa -out /etc/httpd/server.key 4096 fi echo "Generating CSR" /bin/cat /etc/certparams | sed "s/HOSTNAME/`hostname -f`/" | /usr/bin/openssl \ @@ -21,9 +17,6 @@ case "$1" in /usr/bin/openssl x509 -req -days 999999 -in \ /etc/httpd/server.csr -signkey /etc/httpd/server.key -out \ /etc/httpd/server.crt - # unset and remove random file - export -n RANDFILE - rm -f /root/.rnd ;; read) if [ -f /etc/httpd/server.key -a -f /etc/httpd/server.crt -a -f /etc/httpd/server.csr ]; then