diff --git a/config/rootfiles/common/strongswan b/config/rootfiles/common/strongswan index 978802917..1f5c6a0bc 100644 --- a/config/rootfiles/common/strongswan +++ b/config/rootfiles/common/strongswan @@ -31,6 +31,11 @@ usr/lib/ipsec/libradius.so.0.0.0 usr/lib/ipsec/libstrongswan.so usr/lib/ipsec/libstrongswan.so.0 usr/lib/ipsec/libstrongswan.so.0.0.0 +#usr/lib/ipsec/libtls.a +#usr/lib/ipsec/libtls.la +usr/lib/ipsec/libtls.so +usr/lib/ipsec/libtls.so.0 +usr/lib/ipsec/libtls.so.0.0.0 #usr/lib/ipsec/plugins usr/lib/ipsec/plugins/libstrongswan-aes.so usr/lib/ipsec/plugins/libstrongswan-attr.so @@ -39,7 +44,12 @@ usr/lib/ipsec/plugins/libstrongswan-constraints.so usr/lib/ipsec/plugins/libstrongswan-curl.so usr/lib/ipsec/plugins/libstrongswan-des.so usr/lib/ipsec/plugins/libstrongswan-dnskey.so +usr/lib/ipsec/plugins/libstrongswan-eap-identity.so +usr/lib/ipsec/plugins/libstrongswan-eap-mschapv2.so +usr/lib/ipsec/plugins/libstrongswan-eap-peap.so usr/lib/ipsec/plugins/libstrongswan-eap-radius.so +usr/lib/ipsec/plugins/libstrongswan-eap-tls.so +usr/lib/ipsec/plugins/libstrongswan-eap-ttls.so usr/lib/ipsec/plugins/libstrongswan-fips-prf.so usr/lib/ipsec/plugins/libstrongswan-gmp.so usr/lib/ipsec/plugins/libstrongswan-hmac.so diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi index 76d52b425..870042ae5 100644 --- a/html/cgi-bin/proxy.cgi +++ b/html/cgi-bin/proxy.cgi @@ -3071,6 +3071,12 @@ icp_port 0 END ; + + # Include file with user defined settings. + if (-e "/etc/squid/squid.conf.pre.local") { + print FILE "include /etc/squid/squid.conf.pre.local\n\n"; + } + print FILE "http_port $netsettings{'GREEN_ADDRESS'}:$proxysettings{'PROXY_PORT'}"; if ($proxysettings{'TRANSPARENT'} eq 'on') { print FILE " transparent" } if ($proxysettings{'NO_CONNECTION_AUTH'} eq 'on') { print FILE " no-connection-auth" } diff --git a/lfs/squidclamav b/lfs/squidclamav index 79bf5d010..7d9e6afec 100644 --- a/lfs/squidclamav +++ b/lfs/squidclamav @@ -80,7 +80,8 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/squidclamav-5.11-dont_use_ipv6.patch cd $(DIR_APP) && ./configure --prefix=/usr cd $(DIR_APP) && make install - install -v -m 755 $(DIR_CONF)/squidclamav/squidclamav.conf /etc/squidclamav.conf + install -v -m 664 $(DIR_CONF)/squidclamav/squidclamav.conf /etc/squidclamav.conf + chown -v root:nobody /etc/squidclamav.conf install -v -m 644 $(DIR_SRC)/config/backup/includes/squidclamav /var/ipfire/backup/addons/includes/squidclamav chmod 755 /srv/web/ipfire/html/clwarn.cgi @rm -rf $(DIR_APP) diff --git a/lfs/strongswan b/lfs/strongswan index 372320705..df71a3d29 100644 --- a/lfs/strongswan +++ b/lfs/strongswan @@ -85,7 +85,13 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) --sysconfdir="/etc" \ --enable-curl \ --enable-openssl \ + --enable-xauth-eap \ --enable-eap-radius \ + --enable-eap-tls \ + --enable-eap-ttls \ + --enable-eap-peap \ + --enable-eap-mschapv2 \ + --enable-eap-identity \ $(PADLOCK) cd $(DIR_APP) && make $(MAKETUNING) LDFLAGS="-lrt" diff --git a/src/paks/squidclamav/update.sh b/src/paks/squidclamav/update.sh index 4b542164e..43760856c 100644 --- a/src/paks/squidclamav/update.sh +++ b/src/paks/squidclamav/update.sh @@ -28,21 +28,26 @@ extract_files VERSION=$(cat /opt/pakfire/db/installed/meta-squidclamav | grep Release | cut -d" " -f2) if [ "$VERSION" -gt "10" ]; then - restore_backup ${NAME} + restore_backup ${NAME} fi if [ "$VERSION" -lt "11" ]; then - sed -e "s|logfile.*|logfile /var/log/squid/squidclamav.log|g" /etc/squidclamav.conf + sed -e "s|logfile.*|logfile /var/log/squid/squidclamav.log|g" /etc/squidclamav.conf fi if [ "$VERSION" -lt "16" ]; then - sed -e "s/proxy none//g" -i /etc/squidclamav.conf - sed -e "s/^#squid_ip 127\.0\.0\.1/squid_ip 127\.0\.0\.1/g" \ - -e "s/^#squid_port 3128/squid_port 800/g" \ - -e "s/^#trust_cache 1/trust_cache 1/g" -i /etc/squidclamav.conf + sed -i /etc/squidclamav.conf \ + -e "s/proxy none//g" \ + -e "s/^#squid_ip 127\.0\.0\.1/squid_ip 127\.0\.0\.1/g" \ + -e "s/^#squid_port 3128/squid_port 800/g" \ + -e "s/^#trust_cache 1/trust_cache 1/g" - # Regenerate configuration files. - perl /srv/web/ipfire/cgi-bin/proxy.cgi + # Fix permissions. + chmod 664 /etc/squidclamav.conf + chown root.nobody /etc/squidclamav.conf + + # Regenerate configuration files. + perl /srv/web/ipfire/cgi-bin/proxy.cgi fi /etc/init.d/squid restart