webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-12 12:15:52 +02:00
Code Issues Packages Projects Releases Wiki Activity
6,322 Commits 2 Branches 1 Tag
4436bc0e2fa74e48b638838ea295fc307f0fc85b
Commit Graph

6322 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Tremer
4436bc0e2f core75: Add OpenVPN CCD conversion to updater. 2014-01-09 12:27:07 +01:00
Michael Tremer
d9f2ad8489 Move openvpn CCD CN converter to scripts directory. 2014-01-09 12:26:43 +01:00
Alexander Marx
4d5247bdd0 fix ccd config name for openvpn 2.3 2014-01-09 11:47:44 +01:00
Alexander Marx
33f297c92b fix ccd files for openvpn 2.3 update (core75) 2014-01-09 10:02:13 +01:00
Michael Tremer
ea6d6642a9 OpenVPN verify script must be owned by root. 2014-01-02 17:37:53 +01:00
Michael Tremer
61719727b4 core75: Include ovpnmain.cgi. 2014-01-02 17:36:28 +01:00
Arne Fitzenreiter
b447d23666 close core75. 2013-12-30 13:01:49 +01:00
Michael Tremer
b71c52dd6f Move Core Updates 70-74 to oldcore directory. 2013-12-30 13:00:13 +01:00
Michael Tremer
1d0a260a8b openvpn: Move verify script out of configuration directory. 2013-12-29 21:13:55 +01:00
Michael Tremer
4f2aca6d2b Create core update 75. 2013-12-29 20:41:25 +01:00
Michael Tremer
d58c41f1ef pakfire: Prevent an infinite loop with empty server list. 2013-12-29 15:11:33 +01:00
Michael Tremer
aa29e9e46c openvpn: Fix verify script. 
Former versions of openvpn called the script where the arguments
in the certificate's common name where separated by /.
Now, those are separated by ", " (comma, space).
 2013-12-29 15:11:25 +01:00
Arne Fitzenreiter
5cd3a05bf0 finalize core 74. 2013-12-14 22:01:16 +01:00
Michael Tremer
6c859e0382 core74: Add httpscert script. 2013-12-12 21:20:56 +01:00
Michael Tremer
325aa1e1f4 httpscert: Increase size of the RSA key to 4096. 
RSA keys with length of 1024 bits are considered weak.
 2013-12-12 21:18:56 +01:00
Michael Tremer
a1365ee37c httpscert: Use regular random source. 
Previous to this patch, the kernel image file and internal
configuration settings have been used as a source for random
data, which is not random at all.
 2013-12-12 21:17:53 +01:00
Michael Tremer
cfb00625b8 strongswan: Disable rdrand plugin. 
Disabled because of security concerns.
 2013-12-12 21:15:24 +01:00
Michael Tremer
dfb1bfaf7b Always create squid.conf. 
In some cases, /var/ipfire/proxy/squid.conf does not belong to
nobody:nobody, so we do this explicitely.
 2013-12-11 21:59:22 +01:00
Arne Fitzenreiter
9fa1849586 Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next 2013-12-10 00:14:12 +01:00
Arne Fitzenreiter
afa7593932 Merge branch 'master' into next 2013-12-10 00:13:20 +01:00
Arne Fitzenreiter
af2dcb40f6 samba: update to 3.6.22. 
Samba 3.6.22 have been issued as security releases in order
to address CVE-2013-4408 (DCE-RPC fragment length field is incorrectly checked)
and CVE-2012-6150 (pam_winbind login without require_membership_of
restrictions).
 2013-12-10 00:07:36 +01:00
Michael Tremer
3868dc2a0c Merge remote-tracking branch 'earl/tor' into next 2013-12-05 00:00:28 +01:00
Michael Tremer
a408e02da2 squid: Update to 3.3.11. 2013-12-03 14:42:30 +01:00
Michael Tremer
6003c4bbdb strongswan: Rootfile update. 2013-12-03 14:00:29 +01:00
Michael Tremer
4ea955c544 core74: Fix incrementation. 2013-12-02 21:41:12 +01:00
Michael Tremer
9f9e43dcdd core74: Ship dnsforward.cgi in update as well. 
Adds the CGI file on systems which have been installed
with an ISO image where dnsforward.cgi was not included.
 2013-12-02 21:35:12 +01:00
Michael Tremer
bdbfbac6b4 core74: Add strongswan update. 2013-12-02 20:55:58 +01:00
Michael Tremer
57c8392d1c core74: Add dnsforward.cgi to ISO. 
Bug #10447.
 2013-12-02 20:48:58 +01:00
Michael Tremer
c0a4b92839 core74: Add updated proxy.cgi. 
Reflects the FD changes.
 2013-12-02 20:45:20 +01:00
Michael Tremer
ec4a4fafb2 core74: Add openvpn. 
This package has been updated before.
 2013-12-02 20:44:28 +01:00
Michael Tremer
b1c17c7a95 core74: Add squid. 
Covers the filedescriptors issues.
 2013-12-02 20:43:58 +01:00
Michael Tremer
fce512dce3 Create Core Update 74. 
Will automatically increase the transparent proxy port
if it is set to 81.
 2013-12-02 20:41:25 +01:00
Arne Fitzenreiter
532b997c65 Merge branch 'master' into next 2013-11-30 12:39:33 +01:00
Arne Fitzenreiter
352495313d samba: update to 3.6.21. 2013-11-30 12:38:16 +01:00
Michael Tremer
78c2b230d4 squid: Apply patch for properly detect rlimit. 
https://bugzilla.ipfire.org/show_bug.cgi?id=10445
 2013-11-26 11:43:11 +01:00
Michael Tremer
4f160f04cb proxy: Set number of file descriptors much higher. 
Some users are hitting the 65k limit regularly, so
we set the limit to a much higher number.
 2013-11-21 21:36:02 +01:00
Jan Paul Tuecking
0fffd0e763 tor: update to 0.2.4.18-rc 2013-11-21 09:28:44 +01:00
Erik Kapfer
1e6ce289bd openvpn: Update to version 2.3.2 
Fixes #10440
 2013-11-20 21:53:29 +01:00
Michael Tremer
8cb142e76d Merge branch 'master' into next 2013-11-20 21:43:02 +01:00
Michael Tremer
303b81f19c Add openssh update to core update 73. 2013-11-20 21:41:42 +01:00
Ersan Yildirim
e2fedc9a47 Updates for Turkish translation. 2013-11-18 11:39:51 +01:00
Arne Fitzenreiter
d48c456fa2 samba: update to 3.6.20. 
These are security releases in order to address CVE-2013-4475
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475
(ACLs are not checked on opening an alternate data stream on
a file or directory) and CVE-2013-4476
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4476
(Private key in key.pem world readable).
 2013-11-13 13:56:40 +01:00
Arne Fitzenreiter
1a386bb9d8 samba: update to 3.6.20. 
These are security releases in order to address CVE-2013-4475
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475
(ACLs are not checked on opening an alternate data stream on
a file or directory) and CVE-2013-4476
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4476
(Private key in key.pem world readable).
 2013-11-13 13:39:35 +01:00
Michael Tremer
c648458609 strongswan: Delay sending DPD packets after rekeying. 2013-11-13 00:25:27 +01:00
Michael Tremer
34daf4dbf8 Merge branch 'master' into next 2013-11-09 14:33:16 +01:00
Michael Tremer
33590570fb openssh: Update to 6.4p1. 
Security fix because of
 http://www.openssh.com/txt/gcmrekey.adv
 2013-11-09 14:16:52 +01:00
Michael Tremer
d3527a38c1 Multiple CGI files: Check if BLUE or ORANGE are actually configured. 2013-11-08 14:32:08 +01:00
Michael Tremer
36b1c19138 squid: Update to 3.3.10 + SSL options fix. 2013-11-08 14:13:30 +01:00
Michael Tremer
ec985733a5 strongswan: Update to 5.1.1. 2013-11-07 20:56:43 +01:00
Michael Tremer
6fb9681c24 strongswan: Update to 5.1.1rc1. 2013-10-28 21:00:03 +01:00