Fixed a denial-of-service and potential remote code execution vulnerability
triggered by IKEv1/IKEv2 messages that contain payloads for the respective
other IKE version. Such payload are treated specially since 5.2.2 but because
they were still identified by their original payload type they were used as
such in some places causing invalid function pointer dereferences.
The vulnerability has been registered as CVE-2015-3991.
https://www.strongswan.org/blog/2015/06/01/strongswan-vulnerability-%28cve-2015-3991%29.html
The increased buffer size has been fixed in bug #943 upstream
https://wiki.strongswan.org/issues/943
Some strings for PPTP were hardcoded instead of using i18n features.
Signed-off-by: Lars Schuhmacher <larsen007@web.de>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Fix bug 10869 as the code has been removed by mistake by the
previous commit dfea4f86c2.
It also includes ipsec.user.conf only when it exists.
Signed-off-by: Lars Schuhmacher <larsen007@web.de>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
The hosts file was not regenerated when RED was not connected
which should not be happening.
This patch checks if the file exists. If not, the gateway
line will not be written to /etc/hosts.
Add information about probable causes when pakfire cannot connect. This
includes port 11371 TCP and incorrect date/time settings.
Signed-off-by: Lars Schuhmacher <larsen007@web.de>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
After a lease has been added from the list of leases it is often
desirable to edit it right away. It appeared that the system
was in edit mode after the lease has been added because the form
had the values of the recently added lease, but hitting the
"Add" button cause an error message that stated that this is
a duplicate entry.
This patch will switch to edit more where the user can change
the values and hit "Update". If he or she chooses to ignore
that the entry is still saved.
