Merge remote-tracking branch 'origin/next' into fifteen

config/rootfiles/common/configroot

@@ -155,6 +155,7 @@ var/ipfire/proxy
 #var/ipfire/proxy/calamaris
 #var/ipfire/proxy/calamaris/bin
 #var/ipfire/proxy/settings
+#var/ipfire/proxy/squid.conf
 var/ipfire/qos
 #var/ipfire/qos/bin
 #var/ipfire/qos/bin/RRD-func.pl

config/rootfiles/common/i586/strongswan-padlock

@@ -1,2 +1 @@
 usr/lib/ipsec/plugins/libstrongswan-padlock.so
-usr/lib/ipsec/plugins/libstrongswan-rdrand.so

config/rootfiles/core/74/filelists/files

@@ -2,5 +2,6 @@ etc/system-release
 etc/issue
 srv/web/ipfire/cgi-bin/dnsforward.cgi
 srv/web/ipfire/cgi-bin/proxy.cgi
+usr/local/bin/httpscert
 var/ipfire/header.pl
 var/ipfire/langs

lfs/configroot

@@ -68,7 +68,7 @@ $(TARGET) :
 	    fwhosts/customnetworks fwhosts/customhosts fwhosts/customgroups fwhosts/customservicegrp fwlogs/ipsettings fwlogs/portsettings \
 	    isdn/settings mac/settings main/disable_nf_sip main/hosts main/routing main/settings net-traffic/settings optionsfw/settings \
 	    ovpn/ccd.conf ovpn/ccdroute ovpn/ccdroute2 pakfire/settings portfw/config ppp/settings-1 ppp/settings-2 ppp/settings-3 ppp/settings-4 \
-	    ppp/settings-5 ppp/settings proxy/settings proxy/advanced/settings proxy/advanced/cre/enable remote/settings qos/settings qos/classes qos/subclasses qos/level7config qos/portconfig \
+	    ppp/settings-5 ppp/settings proxy/settings proxy/squid.conf proxy/advanced/settings proxy/advanced/cre/enable remote/settings qos/settings qos/classes qos/subclasses qos/level7config qos/portconfig \
 	    qos/tosconfig snort/settings tripwire/settings upnp/settings vpn/config vpn/settings vpn/ipsec.conf \
 	    vpn/ipsec.secrets vpn/caconfig wakeonlan/clients.conf wireless/config wireless/settings; do \
 	    touch $(CONFIG_ROOT)/$$i; \

lfs/strongswan

@@ -34,12 +34,10 @@ TARGET     = $(DIR_INFO)/$(THISAPP)
 
 ifeq "$(MACHINE)" "i586"
 	CONFIGURE_OPTIONS = \
-		--enable-padlock \
+		--enable-padlock
-		--enable-rdrand
 else
 	CONFIGURE_OPTIONS = \
-		--disable-padlock \
+		--disable-padlock
-		--disable-rdrand
 endif
 
 ###############################################################################

make.sh

@@ -26,7 +26,7 @@ NAME="IPFire"							# Software name
 SNAME="ipfire"							# Short name
 VERSION="2.13"							# Version number
 CORE="74"							# Core Level (Filename)
-PAKFIRE_CORE="73"						# Core Level (PAKFIRE)
+PAKFIRE_CORE="74"						# Core Level (PAKFIRE)
 GIT_BRANCH=`git status | head -n1 | cut -d" " -f4`		# Git Branch
 SLOGAN="www.ipfire.org"						# Software slogan
 CONFIG_ROOT=/var/ipfire						# Configuration rootdir

src/scripts/httpscert

@@ -6,13 +6,9 @@
 # See how we were called.
 case "$1" in
   new)
-	# set temporary random file
-	export RANDFILE=/root/.rnd
 	if [ ! -f /etc/httpd/server.key ]; then
 		echo "Generating https server key."
-		/usr/bin/openssl genrsa -rand \
+		/usr/bin/openssl genrsa -out /etc/httpd/server.key 4096
-			/boot/vmlinuz:CONFIG_ROOT/ethernet/settings -out \
-			/etc/httpd/server.key 1024
 	fi
 	echo "Generating CSR"
 	/bin/cat /etc/certparams | sed "s/HOSTNAME/`hostname -f`/" | /usr/bin/openssl \
@@ -21,9 +17,6 @@ case "$1" in
 	/usr/bin/openssl x509 -req -days 999999 -in \
 		/etc/httpd/server.csr -signkey /etc/httpd/server.key -out \
 		/etc/httpd/server.crt
-	# unset and remove random file
-	export -n RANDFILE
-	rm -f /root/.rnd
  	;;
   read)
 	if [ -f /etc/httpd/server.key -a -f /etc/httpd/server.crt -a -f /etc/httpd/server.csr ]; then