bpfire

mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-19 07:23:03 +02:00

Author	SHA1	Message	Date
Alexander Marx	3f3974b711	Network-functions: add check if variables are defined in function network_equal and network2bin a check for undefined variables were missing. added them. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-07 16:19:23 +00:00
Michael Tremer	d6b92a118e	core117: Ship updated network-functions.pl Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-07 16:16:50 +00:00
Alexander Marx	1047805dba	BUG11466: Fix network_equal function The network_equal function only tested the subnet addresses of two given networks which lead to errormessages saying "This is the green network" The fix tests netwok and subnet IP's to fix this Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-07 16:16:18 +00:00
Michael Tremer	b3d2f86b87	core117: Ship changed files of the webUI Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-07 16:14:36 +00:00
Michael Tremer	bb3272dad3	Start Core Update 117 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-07 16:14:36 +00:00
Arne Fitzenreiter	5c8acc789b	core116: stop apache before extracting updated files Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-11-03 16:40:23 +01:00
Arne Fitzenreiter	9843bb7b5a	core116: replace apache restart by stop and start restart seems not work after replace apache... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-11-03 14:28:22 +01:00
Arne Fitzenreiter	ae8e242bc1	core116: ship updated wget Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-11-03 14:22:19 +01:00
Arne Fitzenreiter	578171927d	core116: set need_reboot flag Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-11-02 22:48:43 +01:00
Arne Fitzenreiter	ee328f16bf	core116: ship openssh Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-11-02 22:46:47 +01:00
Arne Fitzenreiter	6744cd4d68	core116: fix openssl symlink Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-11-02 22:45:25 +01:00
Michael Tremer	4a510319ca	openssl: Update to 1.0.2m * bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736) * Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735) Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-02 15:31:04 +00:00
Michael Tremer	7dadc13829	core116: Ship updated apache Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-28 13:36:27 +01:00
Wolfgang Apolinarski	bf24eeec20	Update to Apache 2.4.29 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-28 13:35:43 +01:00
Michael Tremer	63420a96b6	core116: Ship updated proxy.cgi Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-23 16:29:09 +01:00
Michael Tremer	b47d4bc1ea	core116: Ship snort Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-23 16:26:39 +01:00
Matthias Fischer	49f7ee5d72	snort: Update to 2.9.11 For details see: Release notes: https://snort.org/downloads/snort/release_notes_2.9.11.txt Changelog: https://snort.org/downloads/snort/changelog_2.9.11.txt Best, Matthias Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-23 16:24:46 +01:00
Michael Tremer	cd8a7fc1eb	Start Core Update 116 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-23 16:24:10 +01:00
Matthias Fischer	a809d7fa68	xz: Update to 5.2.3 For details see: https://git.tukaani.org/?p=xz.git;a=blob;f=NEWS;hb=HEAD Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-23 13:22:01 +01:00
Arne Fitzenreiter	9064ba72fe	drop httpscert and merge to apache initskript Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-10-22 15:50:38 +02:00
Michael Tremer	0d6b6a219f	core115: Add missing parameter to actually generate new certificates Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-21 11:20:02 +01:00
Arne Fitzenreiter	fb1eb40f9b	core115: add extrahd.cgi to updater this file was missing in early core114 testbuilds so ship it again. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-10-18 21:25:45 +02:00
Arne Fitzenreiter	fcd8ab4c23	Merge branch 'master' into core115	2017-10-18 21:20:23 +02:00
Peter Müller	6c6c1e3f04	redirect to TLS WebUI if authorisation required Do not allow credentials being submitted in plaintext to Apache. Instead, redirect the user with a 301 to the TLS version of IPFire's web interface. Signed-off-by: Peter Müller <peter.mueller@link38.eu> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-18 15:57:57 +01:00
Michael Tremer	440cd2cbfd	Rootfile update Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-17 12:29:22 +01:00
Michael Tremer	7207d80c4e	core115: Ship logrotate Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-16 19:20:20 +01:00
Michael Tremer	b62c826fd8	PDF-API2: Add optional dependencies to read TrueType fonts Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-16 17:43:32 +01:00
Michael Tremer	e3c3625c34	Make perl-PDF-API2 part of the base system Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-16 17:31:51 +01:00
Michael Tremer	30b0e0ca1b	PDF-API2: Update to 2.033 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-16 17:28:51 +01:00
Michael Tremer	c484679bb3	Download sources via HTTPS Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-12 15:56:34 +01:00
Matthias Fischer	e735d91f03	unbound: Update to 1.6.7 For details see: http://www.unbound.net/download.html Best, Matthias Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-11 20:06:48 +01:00
Peter Müller	50846453cb	also force TLS when requiring user authentication in WebUI Force TLS _and_ a valid login when accessing protected directories. Signed-off-by: Peter Müller <peter.mueller@link38.eu> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-11 20:06:27 +01:00
Peter Müller	78fa47700d	generate ECDSA key on existing installations This is required since Apache crashes if any of the key/certificate files does not exist. Signed-off-by: Peter Müller <peter.mueller@link38.eu> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-11 20:05:55 +01:00
Peter Müller	fbc9cfd769	ship changed files for Apache and ECDSA Signed-off-by: Peter Müller <peter.mueller@link38.eu> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-11 20:05:53 +01:00
Peter Müller	73ba228620	enable dual-stack ECDSA and RSA certificates in Apache Note: Apache crashes if any of these files does not exist. Thereof it is necessary to generate missing keys on existing installations. Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-11 20:05:37 +01:00
Peter Müller	f227ae4fd2	prefer ECDSA over RSA and remove clutter Priorize ECDSA before RSA and remove unused cipher suites. Remove redundant OpenSSL directives to make SSL configuration more readable. Signed-off-by: Peter Müller <peter.mueller@link38.eu> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-11 20:05:16 +01:00
Michael Tremer	2f27148cbb	core115: Ship updated extrahd.pl Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-11 12:20:44 +01:00
Matthias Fischer	3c3dfd165e	Remove PRINT-line in extrahd.pl As shown in https://forum.ipfire.org/viewtopic.php?f=50&t=19563#p111055 PRINT-output somehow garbles bash-prompt. Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-11 12:19:58 +01:00
Michael Tremer	ebf697a097	core115: Ship latest OpenVPN changes Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-11 11:56:07 +01:00
Erik Kapfer	b66b02ab73	OpenVPN: Fix for '--ns-cert-type server is deprecated' . - Added extended key usage based on RFC3280 TLS rules for OpenVPNs OpenSSL configuration, so '--remote-cert-tls' can be used instead of the old and deprecated '--ns-cert-type' if the host certificate are newely generated with this options. Nevertheless both directives (old and new) will work also with old CAs. - Automatic detection if the host certificate uses the new options. If it does, '--remote-cert-tls server' will be automatically set into the client configuration files for Net-to-Net and Roadwarriors connections. If it does NOT, the old '--ns-cert-type server' directive will be set in the client configuration file. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-11 11:55:16 +01:00
Peter Müller	b0b4d09c56	remove unused dial.cgi directives from Apache vhosts config Remove configuration lines in Apache vhosts files which are not used anymore (old dial.cgi stuff). Signed-off-by: Peter Müller <peter.mueller@link38.eu> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-11 11:12:00 +01:00
Peter Müller	dc6ed83537	delete unused dial.cgi file Signed-off-by: Peter Müller <peter.mueller@link38.eu> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-10 12:22:19 +01:00
Michael Tremer	436479a29f	core115: No need to reload apache after it has been restarted Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-09 14:58:41 +01:00
Michael Tremer	c8e03c7c53	core115: Regenerate IPsec configuration Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-09 14:58:26 +01:00
Michael Tremer	bfa0f1dfc0	core115: Rebuild language cache during update Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-09 14:50:29 +01:00
Michael Tremer	2ac90665e8	core115: Ship updated apache Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-09 14:49:34 +01:00
Michael Tremer	6772cc8035	Download ISO images from https://downloads.ipfire.org Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-06 13:03:40 +01:00
Michael Tremer	1294c52ca5	core115: Include captive portal in updater Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-06 11:48:49 +01:00
Michael Tremer	112a09508e	core115: Add captive portal cron jobs to updater Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-05 11:38:05 +01:00
Michael Tremer	027614d2dc	Merge branch 'captive-portal' into next	2017-10-04 16:10:07 +01:00

1 2 3 4 5 ...

5592 Commits