Merge remote-tracking branch 'origin/next' into fifteen

config/rootfiles/common/openvpn

@@ -5,6 +5,7 @@
 usr/lib/openvpn/plugins/openvpn-plugin-auth-pam.so
 #usr/lib/openvpn/plugins/openvpn-plugin-down-root.la
 usr/lib/openvpn/plugins/openvpn-plugin-down-root.so
+usr/lib/openvpn/verify
 usr/sbin/openvpn
 #usr/share/doc/openvpn
 #usr/share/doc/openvpn/COPYING
@@ -31,4 +32,3 @@ var/ipfire/ovpn/ovpn-leases.db
 var/ipfire/ovpn/ovpnconfig
 var/ipfire/ovpn/scripts
 var/ipfire/ovpn/settings
-var/ipfire/ovpn/verify

config/rootfiles/core/75/exclude

@@ -0,0 +1,17 @@
+srv/web/ipfire/html/proxy.pac
+boot/config.txt
+etc/udev/rules.d/30-persistent-network.rules
+etc/collectd.custom
+etc/shadow
+etc/ipsec.conf
+etc/ipsec.secrets
+etc/ipsec.user.conf
+etc/ipsec.user.secrets
+var/log/cache
+var/updatecache
+etc/localtime
+var/ipfire/ovpn
+etc/ssh/ssh_config
+etc/ssh/sshd_config
+etc/ssl/openssl.cnf
+var/state/dhcp/dhcpd.leases

config/rootfiles/core/75/filelists/files

@@ -0,0 +1,6 @@
+etc/system-release
+etc/issue
+opt/pakfire/lib/functions.pl
+usr/lib/openvpn/verify
+var/ipfire/header.pl
+var/ipfire/langs

config/rootfiles/core/75/meta

@@ -0,0 +1 @@
+DEPS=""

config/rootfiles/core/75/update.sh

@@ -0,0 +1,60 @@
+#!/bin/bash
+############################################################################
+#                                                                          #
+# This file is part of the IPFire Firewall.                                #
+#                                                                          #
+# IPFire is free software; you can redistribute it and/or modify           #
+# it under the terms of the GNU General Public License as published by     #
+# the Free Software Foundation; either version 3 of the License, or        #
+# (at your option) any later version.                                      #
+#                                                                          #
+# IPFire is distributed in the hope that it will be useful,                #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of           #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the            #
+# GNU General Public License for more details.                             #
+#                                                                          #
+# You should have received a copy of the GNU General Public License        #
+# along with IPFire; if not, write to the Free Software                    #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA #
+#                                                                          #
+# Copyright (C) 2013 IPFire-Team <info@ipfire.org>.                        #
+#                                                                          #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh
+/usr/local/bin/backupctrl exclude >/dev/null 2>&1
+
+# Remove old core updates from pakfire cache to save space...
+core=75
+for (( i=1; i<=$core; i++ ))
+do
+	rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire
+done
+
+# Stop services
+
+# Extract files
+extract_files
+
+# Start services
+
+# Replace path to verify script.
+if [ -r "/var/ipfire/ovpn/server.conf" ]; then
+	sed -e "s@^tls-verify.*@tls-verify /usr/lib/openvpn/verify@g" \
+		-i /var/ipfire/ovpn/server.conf
+fi
+
+# Update Language cache
+perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang"
+
+sync
+
+# This update need a reboot...
+#touch /var/run/need_reboot
+
+# Finish
+/etc/init.d/fireinfo start
+sendprofile
+
+# Don't report the exitcode last command
+exit 0

html/cgi-bin/ovpnmain.cgi

@@ -380,7 +380,7 @@ sub writeserverconf {
     if ($sovpnsettings{DHCP_WINS} ne '') {
 	print CONF "max-clients $sovpnsettings{MAX_CLIENTS}\n";
     }	
-    print CONF "tls-verify /var/ipfire/ovpn/verify\n";
+    print CONF "tls-verify /usr/lib/openvpn/verify\n";
     print CONF "crl-verify /var/ipfire/ovpn/crls/cacrl.pem\n";
     print CONF "user nobody\n";
     print CONF "group nobody\n";

lfs/openvpn

@@ -93,8 +93,9 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	chown -R root:root /var/ipfire/ovpn/scripts
 	chown -R nobody:nobody /var/ipfire/ovpn
 	chown root.nobody /var/log/ovpnserver.log
-	chmod 755 /var/ipfire/ovpn/verify
 	chmod 660 /var/log/ovpnserver.log
 	chmod 700 /var/ipfire/ovpn/certs
+	mv -v /var/ipfire/ovpn/verify /usr/lib/openvpn/verify
+	chmod 755 /usr/lib/openvpn/verify
 	@rm -rf $(DIR_APP)
 	@$(POSTBUILD)

make.sh

@@ -25,7 +25,7 @@
 NAME="IPFire"							# Software name
 SNAME="ipfire"							# Short name
 VERSION="2.13"							# Version number
-CORE="74"							# Core Level (Filename)
+CORE="75"							# Core Level (Filename)
 PAKFIRE_CORE="74"						# Core Level (PAKFIRE)
 GIT_BRANCH=`git status | head -n1 | cut -d" " -f4`		# Git Branch
 SLOGAN="www.ipfire.org"						# Software slogan