webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-14 13:02:58 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'ms/ddns.cgi-fixes' into next

Browse Source 
Conflicts:
	html/cgi-bin/ddns.cgi
This commit is contained in:
Michael Tremer
2014-08-07 21:06:13 +02:00
parent 80a5cc5609 4851bc81f3
commit 935c2f233b
21 changed files with 439 additions and 88 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
config/rootfiles/common/ddns
View File

@@ -60,4 +60,7 @@ usr/lib/python2.7/site-packages/ddns/system.pyo
#usr/share/locale/uz@Latn/LC_MESSAGES
#usr/share/locale/uz@Latn/LC_MESSAGES/ddns.mo
#usr/share/locale/vi/LC_MESSAGES/ddns.mo
#usr/share/locale/zh
#usr/share/locale/zh/LC_MESSAGES
#usr/share/locale/zh/LC_MESSAGES/ddns.mo
#var/ipfire/ddns/ddns.conf.sample

1
config/rootfiles/core/80/filelists/files
View File

@@ -8,6 +8,7 @@ etc/rc.d/init.d/firewall
etc/rc.d/init.d/networking/red.up/30-ddns
etc/rc.d/init.d/rngd
srv/web/ipfire/cgi-bin/ddns.cgi
srv/web/ipfire/cgi-bin/ids.cgi
srv/web/ipfire/cgi-bin/logs.cgi/firewalllogcountry.dat
srv/web/ipfire/cgi-bin/logs.cgi/log.dat
srv/web/ipfire/cgi-bin/netexternal.cgi

20
config/rootfiles/core/81/exclude Normal file
View File

@@ -0,0 +1,20 @@
boot/config.txt
etc/collectd.custom
etc/ipsec.conf
etc/ipsec.secrets
etc/ipsec.user.conf
etc/ipsec.user.secrets
etc/localtime
etc/shadow
etc/ssh/ssh_config
etc/ssh/sshd_config
etc/ssl/openssl.cnf
etc/sudoers
etc/sysconfig/firewall.local
etc/sysconfig/rc.local
etc/udev/rules.d/30-persistent-network.rules
srv/web/ipfire/html/proxy.pac
var/ipfire/ovpn
var/log/cache
var/state/dhcp/dhcpd.leases
var/updatecache

1
config/rootfiles/core/81/filelists/ddns Symbolic link
View File

@@ -0,0 +1 @@
../../../common/ddns

5
config/rootfiles/core/81/filelists/files Normal file
View File

@@ -0,0 +1,5 @@
etc/system-release
etc/issue
etc/rc.d/init.d/firewall
srv/web/ipfire/cgi-bin/ddns.cgi
srv/web/ipfire/cgi-bin/ovpnmain.cgi

1
config/rootfiles/core/81/filelists/lzo Symbolic link
View File

@@ -0,0 +1 @@
../../../common/lzo

1
config/rootfiles/core/81/filelists/openssh Symbolic link
View File

@@ -0,0 +1 @@
../../../common/openssh

1
config/rootfiles/core/81/filelists/openssl Symbolic link
View File

@@ -0,0 +1 @@
../../../common/openssl

1
config/rootfiles/core/81/meta Normal file
View File

@@ -0,0 +1 @@
DEPS=""

101
config/rootfiles/core/81/update.sh Normal file
View File

@@ -0,0 +1,101 @@
#!/bin/bash
############################################################################
# #
# This file is part of the IPFire Firewall. #
# #
# IPFire is free software; you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation; either version 3 of the License, or #
# (at your option) any later version. #
# #
# IPFire is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
# along with IPFire; if not, write to the Free Software #
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
# #
# Copyright (C) 2014 IPFire-Team <info@ipfire.org>. #
# #
############################################################################
#
. /opt/pakfire/lib/functions.sh
/usr/local/bin/backupctrl exclude >/dev/null 2>&1
# Remove old core updates from pakfire cache to save space...
core=80
for (( i=1; i<=$core; i++ ))
do
rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire
done
# Stop services
/etc/init.d/ipsec stop
# Remove old strongswan files
rm -f \
/etc/strongswan.d/charon/unity.conf \
/usr/lib/ipsec/plugins/libstrongswan-unity.so \
/usr/share/strongswan/templates/config/plugins/unity.conf
rm -f /usr/local/bin/setddns.pl
# Extract files
extract_files
# Start services
/etc/init.d/dnsmasq restart
if [ `grep "ENABLED=on" /var/ipfire/vpn/settings` ]; then
/etc/init.d/ipsec start
fi
# Update Language cache
perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang"
# Uninstall the libgpg-error package.
rm -f \
/opt/pakfire/db/installed/meta-libgpg-error \
/opt/pakfire/db/rootfiles/libgpg-error
# Fix broken proxy configuration permissions
chown -R nobody.nobody \
/var/ipfire/proxy/advanced \
/var/ipfire/proxy/acl-1.4 \
/var/ipfire/proxy/enable \
/var/ipfire/proxy/settings \
/var/ipfire/proxy/squid.conf \
/var/ipfire/proxy/transparent
# Regenerate squid configuration file
sudo -u nobody /srv/web/ipfire/cgi-bin/proxy.cgi
# Generate ddns configuration file
sudo -u nobody /srv/web/ipfire/cgi-bin/ddns.cgi
# Update crontab
sed -i /var/spool/cron/root.orig -e "/setddns.pl/d"
grep -q /usr/bin/ddns /var/spool/cron/root.orig || cat <<EOF >> /var/spool/cron/root.orig
# Update dynamic DNS records every five minutes.
# Force an update once a month
*/5 * * * * [ -f "/var/ipfire/red/active" ] && /usr/bin/ddns update-all
3 2 1 * * [ -f "/var/ipfire/red/active" ] && /usr/bin/ddns update-all --force
EOF
fcrontab -z &>/dev/null
sync
# This update need a reboot...
#touch /var/run/need_reboot
# Finish
/etc/init.d/fireinfo start
sendprofile
# Don't report the exitcode last command
exit 0

88
html/cgi-bin/ddns.cgi
View File

@@ -89,7 +89,6 @@ close (FILE);
# Save General Settings.
#
if ($settings{'ACTION'} eq $Lang::tr{'save'}) {
# Open /var/ipfire/ddns/settings for writing.
open(FILE, ">$settingsfile") or die "Unable to open $settingsfile.";
@@ -104,9 +103,6 @@ if ($settings{'ACTION'} eq $Lang::tr{'save'}) {
# Close file after writing.
close(FILE);
# Unset given CGI parmas.
undef %settings;
# Update ddns config file.
&GenerateDDNSConfigFile();
}
@@ -115,7 +111,6 @@ if ($settings{'ACTION'} eq $Lang::tr{'save'}) {
# Toggle enable/disable field. Field is in second position
#
if ($settings{'ACTION'} eq $Lang::tr{'toggle enable disable'}) {
# Open /var/ipfire/ddns/config for writing.
open(FILE, ">$datafile") or die "Unable to open $datafile.";
@@ -127,23 +122,19 @@ if ($settings{'ACTION'} eq $Lang::tr{'toggle enable disable'}) {
# Read file line by line.
foreach my $line (@current) {
# Remove newlines.
chomp($line);
if ($settings{'ID'} eq $id) {
# Splitt lines (splitting element is a single ",") and save values into temp array.
@temp = split(/\,/,$line);
# Check if we want to toggle ENABLED or WILDCARDS.
if ($settings{'ENABLED'} ne '') {
# Update ENABLED.
print FILE "$temp[0],$temp[1],$temp[2],$temp[3],$temp[4],$temp[5],$temp[6],$settings{'ENABLED'}\n";
}
} else {
# Print unmodified line.
print FILE "$line\n";
}
@@ -151,13 +142,11 @@ if ($settings{'ACTION'} eq $Lang::tr{'toggle enable disable'}) {
# Increase $id.
$id++;
}
undef $settings{'ID'};
# Close file after writing.
close(FILE);
# Unset given CGI params.
undef %settings;
# Write out logging notice.
&General::log($Lang::tr{'ddns hostname modified'});
@@ -169,7 +158,6 @@ if ($settings{'ACTION'} eq $Lang::tr{'toggle enable disable'}) {
# Add new accounts, or edit existing ones.
#
if (($settings{'ACTION'} eq $Lang::tr{'add'}) || ($settings{'ACTION'} eq $Lang::tr{'update'})) {
# Check if a hostname has been given.
if ($settings{'HOSTNAME'} eq '') {
$errormessage = $Lang::tr{'hostname not set'};
@@ -187,19 +175,23 @@ if (($settings{'ACTION'} eq $Lang::tr{'add'}) || ($settings{'ACTION'} eq $Lang::
# Check if a password has been typed in.
# freedns.afraid.org does not require this field.
if (($settings{'PASSWORD'} eq '') && ($settings{'SERVICE'} ne 'freedns.afraid.org')) {
if (($settings{'PASSWORD'} eq '') && ($settings{'SERVICE'} ne 'freedns.afraid.org') && ($settings{'SERVICE'} ne 'regfish.com')) {
$errormessage = $Lang::tr{'password not set'};
}
# Go furter if there was no error.
if ( ! $errormessage) {
if (!$errormessage) {
# Splitt hostname field into 2 parts for storrage.
my($hostname, $domain) = split(/\./, $settings{'HOSTNAME'}, 2);
# Handle enabled checkbox. When the checkbox is selected a "on" will be returned,
# if the checkbox is not checked nothing is returned in this case we set the value to "off".
if ($settings{'ENABLED'} ne 'on') {
$settings{'ENABLED'} = 'off';
}
# Handle adding new accounts.
if ($settings{'ACTION'} eq $Lang::tr{'add'}) {
# Open /var/ipfire/ddns/config for writing.
open(FILE, ">>$datafile") or die "Unable to open $datafile.";
@@ -215,11 +207,8 @@ if (($settings{'ACTION'} eq $Lang::tr{'add'}) || ($settings{'ACTION'} eq $Lang::
# Write out notice to logfile.
&General::log($Lang::tr{'ddns hostname added'});
# Update ddns config file.
# Handle account edditing.
} elsif ($settings{'ACTION'} eq $Lang::tr{'update'}) {
# Open /var/ipfire/ddns/config for writing.
open(FILE, ">$datafile") or die "Unable to open $datafile.";
@@ -230,7 +219,6 @@ if (($settings{'ACTION'} eq $Lang::tr{'add'}) || ($settings{'ACTION'} eq $Lang::
# Read file line by line.
foreach my $line (@current) {
if ($settings{'ID'} eq $id) {
print FILE "$settings{'SERVICE'},$hostname,$domain,$settings{'PROXY'},$settings{'WILDCARDS'},$settings{'LOGIN'},$settings{'PASSWORD'},$settings{'ENABLED'}\n";
} else {
@@ -247,9 +235,7 @@ if (($settings{'ACTION'} eq $Lang::tr{'add'}) || ($settings{'ACTION'} eq $Lang::
# Write out notice to logfile.
&General::log($Lang::tr{'ddns hostname modified'});
}
# Unset given CGI params.
undef %settings;
undef $settings{'ID'};
# Update ddns config file.
&GenerateDDNSConfigFile();
@@ -260,7 +246,6 @@ if (($settings{'ACTION'} eq $Lang::tr{'add'}) || ($settings{'ACTION'} eq $Lang::
# Remove existing accounts.
#
if ($settings{'ACTION'} eq $Lang::tr{'remove'}) {
# Open /var/ipfire/ddns/config for writing.
open(FILE, ">$datafile") or die "Unable to open $datafile.";
@@ -271,7 +256,6 @@ if ($settings{'ACTION'} eq $Lang::tr{'remove'}) {
# Read file line by line.
foreach my $line (@current) {
# Write back every line, except the one we want to drop
# (identified by the ID)
unless ($settings{'ID'} eq $id) {
@@ -281,13 +265,11 @@ if ($settings{'ACTION'} eq $Lang::tr{'remove'}) {
# Increase id.
$id++;
}
undef $settings{'ID'};
# Close file after writing.
close(FILE);
# Unset given CGI params.
undef %settings;
# Write out notice to logfile.
&General::log($Lang::tr{'ddns hostname removed'});
@@ -299,15 +281,12 @@ if ($settings{'ACTION'} eq $Lang::tr{'remove'}) {
# Read items for editing.
#
if ($settings{'ACTION'} eq $Lang::tr{'edit'}) {
my $id = 0;
my @temp;
# Read file line by line.
foreach my $line (@current) {
if ($settings{'ID'} eq $id) {
# Remove newlines.
chomp($line);
@@ -331,10 +310,12 @@ if ($settings{'ACTION'} eq $Lang::tr{'edit'}) {
$settings{'PASSWORD'} = $temp[6];
$settings{'ENABLED'} = $temp[7];
}
# Increase $id.
$id++;
# Increase $id.
$id++;
}
&GenerateDDNSConfigFile();
}
#
@@ -347,9 +328,10 @@ if ($settings{'ACTION'} eq $Lang::tr{'instant update'}) {
#
# Set default values.
#
if (! $settings{'ACTION'}) {
if (!$settings{'ACTION'}) {
$settings{'SERVICE'} = 'dyndns.org';
$settings{'ENABLED'} = 'on';
$settings{'ID'} = '';
}
&Header::openpage($Lang::tr{'dynamic dns'}, 1, '');
@@ -363,7 +345,9 @@ $checked{'BEHINDROUTER'}{'RED_IP'} = '';
$checked{'BEHINDROUTER'}{'FETCH_IP'} = '';
$checked{'BEHINDROUTER'}{$settings{'BEHINDROUTER'}} = "checked='checked'";
$checked{'ENABLED'}{'on'} = ($settings{'ENABLED'} eq '' ) ? '' : "checked='checked'";
$checked{'ENABLED'}{'on'} = '';
$checked{'ENABLED'}{'off'} = '';
$checked{'ENABLED'}{$settings{'ENABLED'}} = "checked='checked'";
# Show box for errormessages..
if ($errormessage) {
@@ -413,18 +397,15 @@ my $buttontext = $Lang::tr{'add'};
# Change buttontext and headline if we edit an account.
if ($settings{'ACTION'} eq $Lang::tr{'edit'}) {
# Rename button and print headline for updating.
$buttontext = $Lang::tr{'update'};
&Header::openbox('100%', 'left', $Lang::tr{'edit an existing host'});
} else {
# Otherwise use default button text and show headline for adding a new account.
&Header::openbox('100%', 'left', $Lang::tr{'add a host'});
}
print <<END
<form method='post' action='$ENV{'SCRIPT_NAME'}'>
<input type='hidden' name='ID' value='$settings{'ID'}' />
<table width='100%'>
@@ -440,7 +421,6 @@ END
# Loop to print the providerlist.
foreach my $provider (@providers) {
# Check if the current provider needs to be selected.
if ($provider eq $settings{'SERVICE'}) {
$selected = 'selected';
@@ -460,7 +440,7 @@ print <<END
<tr>
<td class='base'>$Lang::tr{'enabled'}</td>
<td><input type='checkbox' name='ENABLED' value='on' $checked{'ENABLED'}{'on'} /></td>
<td><input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td>
<td class='base'>$Lang::tr{'username'}</td>
<td><input type='text' name='LOGIN' value='$settings{'LOGIN'}' /></td>
</tr>
@@ -516,17 +496,32 @@ END
chomp(@current);
my @temp = split(/\,/,$line);
# Handle hostname details. Only connect the values with a dott if both are available.
my $hostname="";
if (($temp[1]) && ($temp[2])) {
$hostname="$temp[1].$temp[2]";
} else {
$hostname="$temp[1]";
}
# Generate value for enable/disable checkbox.
my $sync = "<font color='blue'>";
my $sync = '';
my $gif = '';
my $gdesc = '';
if ($temp[7] eq "on") {
$gif = 'on.gif';
$gdesc = $Lang::tr{'click to disable'};
$sync = (&General::DyndnsServiceSync ($ip,$temp[1], $temp[2]) ? "<font color='green'>": "<font color='red'>") ;
# Check if the given hostname is a FQDN before doing a nslookup.
if (&General::validfqdn($hostname)) {
$sync = (&General::DyndnsServiceSync ($ip,$temp[1], $temp[2]) ? "<font color='green'>": "<font color='red'>") ;
}
$toggle_enabled = 'off';
} else {
$sync = "<font color='blue'>";
$gif = 'off.gif';
$gdesc = $Lang::tr{'click to enable'};
$toggle_enabled = 'on';
@@ -648,6 +643,7 @@ sub GenerateDDNSConfigFile {
while (<SETTINGS>) {
my $line = $_;
chomp($line);
# Generate array based on the line content (seperator is a single or multiple space's)
my @settings = split(/,/, $line);
@@ -657,7 +653,7 @@ sub GenerateDDNSConfigFile {
next unless ($provider ~~ @providers);
# Skip disabled entries.
next if ($enabled eq "off");
next unless ($enabled eq "on");
# Handle hostname details. Only connect the values with a dott if both are available.
if (($hostname) && ($domain)) {
@@ -674,8 +670,8 @@ sub GenerateDDNSConfigFile {
if ($provider ~~ ["dns.lightningwirelabs.com", "entrydns.net", "regfish.com"] && $username eq "token") {
$use_token = 1;
# Handle token auth for freedns.afraid.org.
} elsif ($provider eq "freedns.afraid.org" && $password eq "") {
# Handle token auth for freedns.afraid.org and regfish.com.
} elsif ($provider ~~ ["freedns.afraid.org", "regfish.com"] && $password eq "") {
$use_token = 1;
$password = $username;

6
html/cgi-bin/ids.cgi
View File

@@ -263,11 +263,11 @@ if (-e "/etc/snort/snort.conf") {
####################### End added for snort rules control #################################
if ($snortsettings{'RULES'} eq 'subscripted') {
$url=" http://www.snort.org/sub-rules/snortrules-snapshot-2961.tar.gz/$snortsettings{'OINKCODE'}";
$url=" https://www.snort.org/rules/snortrules-snapshot-2961.tar.gz?oinkcode=$snortsettings{'OINKCODE'}";
} elsif ($snortsettings{'RULES'} eq 'registered') {
$url=" http://www.snort.org/reg-rules/snortrules-snapshot-2960.tar.gz/$snortsettings{'OINKCODE'}";
$url=" https://www.snort.org/rules/snortrules-snapshot-2961.tar.gz?oinkcode=$snortsettings{'OINKCODE'}";
} elsif ($snortsettings{'RULES'} eq 'community') {
$url=" http://s3.amazonaws.com/snort-org/www/rules/community/community-rules.tar.gz";
$url=" https://www.snort.org/rules/community";
} else {
$url="http://rules.emergingthreats.net/open/snort-2.9.0/emerging.rules.tar.gz";
}

2
lfs/check_mk_agent
View File

@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/check_mk-${VER}
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = check_mk_agent
PAK_VER = 3
PAK_VER = 4
DEPS = ""

6
lfs/ddns
View File

@@ -24,7 +24,7 @@
include Config
VER = 003
VER = 004
THISAPP = ddns-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = 9ff8ab5fa716859b51f63b0a241f1337
$(DL_FILE)_MD5 = ff77cb72d0cb06c73bde70419b15bae8
install : $(TARGET)
@@ -71,8 +71,6 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/ddns-003-Add-a-program-prefix-to-syslog-messages.patch
cd $(DIR_APP) && [ -x "configure" ] || sh ./autogen.sh
cd $(DIR_APP) && ./configure --prefix=/usr --sysconfdir=/var/ipfire
cd $(DIR_APP) && make $(MAKETUNING)

5
lfs/lzo
View File

@@ -24,7 +24,7 @@
include Config
VER = 2.08
VER = 2.06
THISAPP = lzo-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = fcec64c26a0f4f4901468f360029678f
$(DL_FILE)_MD5 = 95380bd4081f85ef08c5209f4107e9f8
install : $(TARGET)
@@ -70,6 +70,7 @@ $(subst %,%_MD5,$(objects)) :
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/lzo-2.06-CVE-2014-4607.patch
cd $(DIR_APP) && ./configure --prefix=/usr --enable-shared
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install

4
lfs/openssl
View File

@@ -24,7 +24,7 @@
include Config
VER = 1.0.1h
VER = 1.0.1i
THISAPP = openssl-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -51,7 +51,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = 8d6d684a9430d5cc98a62a5d8fbda8cf
$(DL_FILE)_MD5 = c8dc151a671b9b92ff3e4c118b174972
install : $(TARGET)

6
lfs/tor
View File

@@ -24,7 +24,7 @@
include Config
VER = 0.2.4.22
VER = 0.2.4.23
THISAPP = tor-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = tor
PAK_VER = 7
PAK_VER = 8
DEPS = "libevent2"
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = 5a7eee0d9df87233255d78b25c6f8270
$(DL_FILE)_MD5 = 9e39928e310612c3bffee727f554c63f
install : $(TARGET)

4
make.sh
View File

@@ -25,8 +25,8 @@
NAME="IPFire" # Software name
SNAME="ipfire" # Short name
VERSION="2.15" # Version number
CORE="80" # Core Level (Filename)
PAKFIRE_CORE="80" # Core Level (PAKFIRE)
CORE="81" # Core Level (Filename)
PAKFIRE_CORE="81" # Core Level (PAKFIRE)
GIT_BRANCH=`git rev-parse --abbrev-ref HEAD` # Git Branch
SLOGAN="www.ipfire.org" # Software slogan
CONFIG_ROOT=/var/ipfire # Configuration rootdir

1
src/paks/check_mk_agent/uninstall.sh
View File

@@ -22,6 +22,7 @@
############################################################################
#
. /opt/pakfire/lib/functions.sh
extract_backup_includes
make_backup ${NAME}
remove_files

25
src/patches/ddns-003-Add-a-program-prefix-to-syslog-messages.patch
View File

@@ -1,25 +0,0 @@
From 21fd4b8d26d01d622185ab8de971a9ee934220a3 Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu, 24 Jul 2014 13:23:36 +0200
Subject: [PATCH] Add a program prefix to syslog messages.
---
src/ddns/__init__.py | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/ddns/__init__.py b/src/ddns/__init__.py
index 22764e6..6fe3a33 100644
--- a/src/ddns/__init__.py
+++ b/src/ddns/__init__.py
@@ -42,6 +42,8 @@ def setup_logging():
handler = logging.handlers.SysLogHandler(address="/dev/log",
facility=logging.handlers.SysLogHandler.LOG_DAEMON
)
+ formatter = logging.Formatter("ddns[%(process)d]: %(message)s")
+ handler.setFormatter(formatter)
handler.setLevel(logging.INFO)
rootlogger.addHandler(handler)
--
1.9.3

245
src/patches/lzo-2.06-CVE-2014-4607.patch Executable file
View File

@@ -0,0 +1,245 @@
diff --git a/minilzo/minilzo.c b/minilzo/minilzo.c
index 34ce0f0..ecfdf66 100644
--- a/minilzo/minilzo.c
+++ b/minilzo/minilzo.c
@@ -3547,6 +3547,8 @@ DO_COMPRESS ( const lzo_bytep in , lzo_uint in_len,
#undef TEST_LBO
#undef NEED_IP
#undef NEED_OP
+#undef TEST_IV
+#undef TEST_OV
#undef HAVE_TEST_IP
#undef HAVE_TEST_OP
#undef HAVE_NEED_IP
@@ -3561,6 +3563,7 @@ DO_COMPRESS ( const lzo_bytep in , lzo_uint in_len,
# if (LZO_TEST_OVERRUN_INPUT >= 2)
# define NEED_IP(x) \
if ((lzo_uint)(ip_end - ip) < (lzo_uint)(x)) goto input_overrun
+# define TEST_IV(x) if ((x) > (lzo_uint)0 - (511)) goto input_overrun
# endif
#endif
@@ -3572,6 +3575,7 @@ DO_COMPRESS ( const lzo_bytep in , lzo_uint in_len,
# undef TEST_OP
# define NEED_OP(x) \
if ((lzo_uint)(op_end - op) < (lzo_uint)(x)) goto output_overrun
+# define TEST_OV(x) if ((x) > (lzo_uint)0 - (511)) goto output_overrun
# endif
#endif
@@ -3602,11 +3606,13 @@ DO_COMPRESS ( const lzo_bytep in , lzo_uint in_len,
# define HAVE_NEED_IP 1
#else
# define NEED_IP(x) ((void) 0)
+# define TEST_IV(x) ((void) 0)
#endif
#if defined(NEED_OP)
# define HAVE_NEED_OP 1
#else
# define NEED_OP(x) ((void) 0)
+# define TEST_OV(x) ((void) 0)
#endif
#if defined(HAVE_TEST_IP) || defined(HAVE_NEED_IP)
@@ -3687,6 +3693,7 @@ DO_DECOMPRESS ( const lzo_bytep in , lzo_uint in_len,
{
t += 255;
ip++;
+ TEST_IV(t);
NEED_IP(1);
}
t += 15 + *ip++;
@@ -3835,6 +3842,7 @@ match:
{
t += 255;
ip++;
+ TEST_OV(t);
NEED_IP(1);
}
t += 31 + *ip++;
@@ -3879,6 +3887,7 @@ match:
{
t += 255;
ip++;
+ TEST_OV(t);
NEED_IP(1);
}
t += 7 + *ip++;
@@ -4073,6 +4082,8 @@ lookbehind_overrun:
#undef TEST_LBO
#undef NEED_IP
#undef NEED_OP
+#undef TEST_IV
+#undef TEST_OV
#undef HAVE_TEST_IP
#undef HAVE_TEST_OP
#undef HAVE_NEED_IP
@@ -4087,6 +4098,7 @@ lookbehind_overrun:
# if (LZO_TEST_OVERRUN_INPUT >= 2)
# define NEED_IP(x) \
if ((lzo_uint)(ip_end - ip) < (lzo_uint)(x)) goto input_overrun
+# define TEST_IV(x) if ((x) > (lzo_uint)0 - (511)) goto input_overrun
# endif
#endif
@@ -4098,6 +4110,7 @@ lookbehind_overrun:
# undef TEST_OP
# define NEED_OP(x) \
if ((lzo_uint)(op_end - op) < (lzo_uint)(x)) goto output_overrun
+# define TEST_OV(x) if ((x) > (lzo_uint)0 - (511)) goto output_overrun
# endif
#endif
@@ -4128,11 +4141,13 @@ lookbehind_overrun:
# define HAVE_NEED_IP 1
#else
# define NEED_IP(x) ((void) 0)
+# define TEST_IV(x) ((void) 0)
#endif
#if defined(NEED_OP)
# define HAVE_NEED_OP 1
#else
# define NEED_OP(x) ((void) 0)
+# define TEST_OV(x) ((void) 0)
#endif
#if defined(HAVE_TEST_IP) || defined(HAVE_NEED_IP)
@@ -4213,6 +4228,7 @@ DO_DECOMPRESS ( const lzo_bytep in , lzo_uint in_len,
{
t += 255;
ip++;
+ TEST_IV(t);
NEED_IP(1);
}
t += 15 + *ip++;
@@ -4361,6 +4377,7 @@ match:
{
t += 255;
ip++;
+ TEST_OV(t);
NEED_IP(1);
}
t += 31 + *ip++;
@@ -4405,6 +4422,7 @@ match:
{
t += 255;
ip++;
+ TEST_OV(t);
NEED_IP(1);
}
t += 7 + *ip++;
diff --git a/src/lzo1_d.ch b/src/lzo1_d.ch
index 40a5bfd..c442d9c 100644
--- a/src/lzo1_d.ch
+++ b/src/lzo1_d.ch
@@ -76,6 +76,8 @@
#undef TEST_LBO
#undef NEED_IP
#undef NEED_OP
+#undef TEST_IV
+#undef TEST_OV
#undef HAVE_TEST_IP
#undef HAVE_TEST_OP
#undef HAVE_NEED_IP
@@ -91,6 +93,7 @@
# if (LZO_TEST_OVERRUN_INPUT >= 2)
# define NEED_IP(x) \
if ((lzo_uint)(ip_end - ip) < (lzo_uint)(x)) goto input_overrun
+# define TEST_IV(x) if ((x) > (lzo_uint)0 - (511)) goto input_overrun
# endif
#endif
@@ -102,6 +105,7 @@
# undef TEST_OP /* don't need both of the tests here */
# define NEED_OP(x) \
if ((lzo_uint)(op_end - op) < (lzo_uint)(x)) goto output_overrun
+# define TEST_OV(x) if ((x) > (lzo_uint)0 - (511)) goto output_overrun
# endif
#endif
@@ -135,11 +139,13 @@
# define HAVE_NEED_IP 1
#else
# define NEED_IP(x) ((void) 0)
+# define TEST_IV(x) ((void) 0)
#endif
#if defined(NEED_OP)
# define HAVE_NEED_OP 1
#else
# define NEED_OP(x) ((void) 0)
+# define TEST_OV(x) ((void) 0)
#endif
diff --git a/src/lzo1b_d.ch b/src/lzo1b_d.ch
index fe5f361..36b4b6b 100644
--- a/src/lzo1b_d.ch
+++ b/src/lzo1b_d.ch
@@ -187,6 +187,7 @@ match:
{
t += 255;
ip++;
+ TEST_OV(t);
NEED_IP(1);
}
t += (M4_MIN_LEN - M3_MIN_LEN) + *ip++;
diff --git a/src/lzo1f_d.ch b/src/lzo1f_d.ch
index 9e942f5..0c2199e 100644
--- a/src/lzo1f_d.ch
+++ b/src/lzo1f_d.ch
@@ -84,6 +84,7 @@ DO_DECOMPRESS ( const lzo_bytep in , lzo_uint in_len,
{
t += 255;
ip++;
+ TEST_IV(t);
NEED_IP(1);
}
t += 31 + *ip++;
@@ -138,6 +139,7 @@ match:
{
t += 255;
ip++;
+ TEST_OV(t);
NEED_IP(1);
}
t += 31 + *ip++;
diff --git a/src/lzo1x_d.ch b/src/lzo1x_d.ch
index 49cf326..c804cc7 100644
--- a/src/lzo1x_d.ch
+++ b/src/lzo1x_d.ch
@@ -120,6 +120,7 @@ DO_DECOMPRESS ( const lzo_bytep in , lzo_uint in_len,
{
t += 255;
ip++;
+ TEST_IV(t);
NEED_IP(1);
}
t += 15 + *ip++;
@@ -273,6 +274,7 @@ match:
{
t += 255;
ip++;
+ TEST_OV(t);
NEED_IP(1);
}
t += 31 + *ip++;
@@ -317,6 +319,7 @@ match:
{
t += 255;
ip++;
+ TEST_OV(t);
NEED_IP(1);
}
t += 7 + *ip++;
diff --git a/src/lzo2a_d.ch b/src/lzo2a_d.ch
index 48e51ca..954f07e 100644
--- a/src/lzo2a_d.ch
+++ b/src/lzo2a_d.ch
@@ -131,6 +131,7 @@ DO_DECOMPRESS ( const lzo_bytep in , lzo_uint in_len,
{
t += 255;
ip++;
+ TEST_OV(t);
NEED_IP(1);
}
t += *ip++;