Merge remote-tracking branch 'origin/master' into next

config/ovpn/openvpn-crl-updater

@@ -43,7 +43,6 @@ OVPN="/var/ipfire/ovpn"
 CRL="${OVPN}/crls/cacrl.pem"
 CAKEY="${OVPN}/ca/cakey.pem"
 CACERT="${OVPN}/ca/cacert.pem"
-OPENSSLCONF="${OVPN}/openssl/ovpn.cnf"
 
 # Check if CRL is presant or if OpenVPN is active
 if [ ! -e "${CAKEY}" ]; then
@@ -76,7 +75,7 @@ UPDATE="14"
 ## Mainpart
 # Check if OpenVPNs CRL needs to be renewed
 if [ ${NEXTUPDATE} -le ${UPDATE} ]; then
-    if openssl ca -gencrl -keyfile "${CAKEY}" -cert "${CACERT}" -out "${CRL}" -config "${OPENSSLCONF}"; then
+    if openssl ca -gencrl -keyfile "${CAKEY}" -cert "${CACERT}" -out "${CRL}" -config "/usr/share/openvpn/ovpn.cnf"; then
 		logger -t openvpn "CRL has been updated"
     else
 		logger -t openvpn "error: Could not update CRL"

config/rootfiles/common/openssl

@@ -797,6 +797,7 @@ usr/lib/ossl-modules/legacy.so
 #usr/share/doc/openssl/html/man3/SSL_set_incoming_stream_policy.html
 #usr/share/doc/openssl/html/man3/SSL_set_retry_verify.html
 #usr/share/doc/openssl/html/man3/SSL_set_session.html
+#usr/share/doc/openssl/html/man3/SSL_set_session_secret_cb.html
 #usr/share/doc/openssl/html/man3/SSL_set_shutdown.html
 #usr/share/doc/openssl/html/man3/SSL_set_verify_result.html
 #usr/share/doc/openssl/html/man3/SSL_shutdown.html
@@ -966,6 +967,7 @@ usr/lib/ossl-modules/legacy.so
 #usr/share/doc/openssl/html/man7/OSSL_PROVIDER-default.html
 #usr/share/doc/openssl/html/man7/OSSL_PROVIDER-legacy.html
 #usr/share/doc/openssl/html/man7/OSSL_PROVIDER-null.html
+#usr/share/doc/openssl/html/man7/OSSL_STORE-winstore.html
 #usr/share/doc/openssl/html/man7/RAND.html
 #usr/share/doc/openssl/html/man7/RSA-PSS.html
 #usr/share/doc/openssl/html/man7/X25519.html
@@ -5515,6 +5517,7 @@ usr/lib/ossl-modules/legacy.so
 #usr/share/man/man3/SSL_set_security_level.3ossl
 #usr/share/man/man3/SSL_set_session.3ossl
 #usr/share/man/man3/SSL_set_session_id_context.3ossl
+#usr/share/man/man3/SSL_set_session_secret_cb.3ossl
 #usr/share/man/man3/SSL_set_shutdown.3ossl
 #usr/share/man/man3/SSL_set_split_send_fragment.3ossl
 #usr/share/man/man3/SSL_set_srp_server_param.3ossl
@@ -6703,6 +6706,7 @@ usr/lib/ossl-modules/legacy.so
 #usr/share/man/man3/sk_TYPE_value.3ossl
 #usr/share/man/man3/sk_TYPE_zero.3ossl
 #usr/share/man/man3/ssl_ct_validation_cb.3ossl
+#usr/share/man/man3/tls_session_secret_cb_fn.3ossl
 #usr/share/man/man5/config.5ossl
 #usr/share/man/man5/fips_config.5ossl
 #usr/share/man/man5/x509v3_config.5ossl
@@ -6828,6 +6832,7 @@ usr/lib/ossl-modules/legacy.so
 #usr/share/man/man7/OSSL_PROVIDER-default.7ossl
 #usr/share/man/man7/OSSL_PROVIDER-legacy.7ossl
 #usr/share/man/man7/OSSL_PROVIDER-null.7ossl
+#usr/share/man/man7/OSSL_STORE-winstore.7ossl
 #usr/share/man/man7/RAND.7ossl
 #usr/share/man/man7/RSA-PSS.7ossl
 #usr/share/man/man7/RSA.7ossl

config/rootfiles/common/openvpn

@@ -25,6 +25,7 @@ usr/sbin/openvpn-authenticator
 #usr/share/doc/openvpn/openvpn.8.html
 #usr/share/man/man5/openvpn-examples.5
 #usr/share/man/man8/openvpn.8
+usr/share/openvpn/ovpn.cnf
 var/ipfire/ovpn/ca
 var/ipfire/ovpn/caconfig
 var/ipfire/ovpn/ccd
@@ -35,7 +36,6 @@ var/ipfire/ovpn/certs/serial
 var/ipfire/ovpn/crls
 var/ipfire/ovpn/n2nconf
 #var/ipfire/ovpn/openssl
-var/ipfire/ovpn/openssl/ovpn.cnf
 var/ipfire/ovpn/openvpn-authenticator
 var/ipfire/ovpn/ovpn-leases.db
 var/ipfire/ovpn/ovpnconfig

config/rootfiles/oldcore/186/filelists/files

@@ -12,8 +12,10 @@ etc/rc.d/init.d/grub-btrfsd
 etc/rc.d/rc0.d/K01grub-btrfsd
 etc/rc.d/rc3.d/S99grub-btrfsd
 etc/rc.d/rc6.d/K01grub-btrfsd
+srv/web/ipfire/cgi-bin/ovpnmain.cgi
 srv/web/ipfire/cgi-bin/vulnerabilities.cgi
 usr/local/bin/ipsec-interfaces
 usr/sbin/unbound-dhcp-leases-bridge
+usr/share/openvpn/ovpn.cnf
 var/ipfire/header.pl
 var/ipfire/ipblocklist/sources

config/rootfiles/oldcore/186/filelists/openssl

@@ -0,0 +1 @@
+../../../common/openssl

config/rootfiles/oldcore/186/update.sh

@@ -104,8 +104,8 @@ done
 extract_files
 
 # Remove files
-#rm -rvf \
-#	/XXX
+rm -rvf \
+	/var/ipfire/ovpn/openssl
 
 # update linker config
 ldconfig