webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-27 11:13:24 +02:00
Code Issues Packages Projects Releases Wiki Activity
10,429 Commits 2 Branches 1 Tag
544cc6c7259ca8de4dbf5686bb9b896ccfcd69c6
Commit Graph

10429 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Arne Fitzenreiter
c6bc0fb03e Merge remote-tracking branch 'origin/master' into next 2016-11-04 21:12:25 +01:00
Arne Fitzenreiter
34f6a3f1b5 Merge remote-tracking branch 'origin/core107' 2016-11-04 20:52:00 +01:00
Arne Fitzenreiter
2d646e9838 ntp: init with hardcoded ip if dns not work 
DNSSec need the correct time to validate the zones so we need
a workaround to init the time without dns.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-11-04 19:31:07 +01:00
Michael Tremer
d4af85f252 unbound: Send out replies from where they came in 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-11-04 18:23:25 +00:00
Michael Tremer
08fc1aa43b core107: Restart unbound to activate configuration changes 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-11-04 17:46:24 +00:00
Michael Tremer
7ebc0a16e2 unbound: Allow list of INSECURE_ZONES being set in sysconfig 
A list of DNS zones can be given for which DNSSEC validation
will be disabled.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-11-04 17:43:05 +00:00
Michael Tremer
3ddad158cd unbound: Allow recursion from everywhere 
Users use the IPFire DNS service from VPNs and other
routed networks.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-11-04 17:08:13 +00:00
Arne Fitzenreiter
2872f345b0 guardian: add path to update-lang-cache 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-11-03 06:51:49 +01:00
Arne Fitzenreiter
f8571e07be guardian: add languange cache regeneration at (un)install 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-11-02 20:26:58 +01:00
Michael Tremer
a6dcc5bb77 unbound: Fix for DNS forwarding of .local zones 
These are traditionally used for Windows domains and should not
be used for that. However if they are used like this, DNSSEC
validation cannot be used.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-11-02 15:51:49 +00:00
Michael Tremer
f8aa041f1a unbound: Fix for DNS forwarding of .local zones 
These are traditionally used for Windows domains and should not
be used for that. However if they are used like this, DNSSEC
validation cannot be used.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-11-02 15:42:40 +00:00
Arne Fitzenreiter
f95b8b9f7b set pakfire version to 107 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-10-31 21:31:09 +01:00
Arne Fitzenreiter
38183e52dd start core107 updater 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-10-27 21:07:55 +02:00
Matthias Fischer
5e818d6afb log.dat: cosmetical upgrade 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-25 12:15:07 +01:00
Matthias Fischer
76fd8bcf7b hdparm: Update to 9.50 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-25 12:15:01 +01:00
Arne Fitzenreiter
4bdbf22ee4 kernel: fix CVE-2016-5159 (Dirty COW) 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-10-22 20:20:22 +02:00
Arne Fitzenreiter
ed7a7f77db kernel: add support aes-ni support for aes-192 and 256 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-10-22 16:52:40 +02:00
Arne Fitzenreiter
5a2ebd32c0 Merge branch 'master' into next 2016-10-22 10:33:46 +02:00
Arne Fitzenreiter
86667d0c7a core106: set version to 106 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-10-15 23:52:07 +02:00
Michael Tremer
96473f525d Revert "setup: Store passwords in SHA format" 
This reverts commit eef9b2529c.

It appears that htpasswd is not salting any passwords that are
stored with the SHA (-s) algorithm. MD5 passwords however are
salted.

That leads us to the conclusion that the "MD5 algorithm" in htpasswd
is more secure than the "SHA algorithm" although the hash function
itself should be stronger.

With a rainbow table, cracking "SHA" is easily done.

A rainbow table for "MD5" + salt would be way too large to be
efficiently stored.

Hence this commit is reverted to old behaviour to avoid the clear
failure of design in SHA.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org>
 2016-10-15 22:38:01 +01:00
Michael Tremer
6920fbe86d unbound: Omit reverse PTRs if address equals GREEN 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-15 22:34:43 +01:00
Michael Tremer
13e6019b92 unbound-dhcp-bridge: Make leases unique by IP address 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-15 22:34:35 +01:00
Michael Tremer
9324732071 unbound-dhcp-bridge: Only update cache when lease was added/removed 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-15 22:34:29 +01:00
Michael Tremer
a3f77ded65 unbound-dhcp-bridge: Rewrite update algorithm 
Before the bridge tries reading any existing leases from unbound
but this makes it difficult to destinguish between what is a DHCP lease,
static host entry or anything else.

This patch will change the bridge back to just remember what has been
added to the cache already which makes it easier to keep track.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-15 22:34:23 +01:00
Michael Tremer
cd4437eaa7 unbound-dhcp-bridge: Skip processing leases with empty hostname 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-15 22:34:15 +01:00
Michael Tremer
901e172c91 unbound-dhcp-bridge: Reading in static hosts 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-15 22:34:08 +01:00
Arne Fitzenreiter
9f9d4e3c74 unbound/dhcp: stop lease bridge if dhcp was needed to killed 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-15 22:33:54 +01:00
Michael Tremer
868d2a1fff unbound: Omit reverse PTRs if address equals GREEN 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-15 22:32:21 +01:00
Michael Tremer
8b1eb795ac unbound-dhcp-bridge: Make leases unique by IP address 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-15 22:32:05 +01:00
Michael Tremer
3ec5ba501e unbound-dhcp-bridge: Only update cache when lease was added/removed 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-15 19:17:44 +02:00
Michael Tremer
c7b83f9bed unbound-dhcp-bridge: Rewrite update algorithm 
Before the bridge tries reading any existing leases from unbound
but this makes it difficult to destinguish between what is a DHCP lease,
static host entry or anything else.

This patch will change the bridge back to just remember what has been
added to the cache already which makes it easier to keep track.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-15 19:08:22 +02:00
Michael Tremer
5d4f3a42ce unbound-dhcp-bridge: Skip processing leases with empty hostname 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-15 19:06:27 +02:00
Michael Tremer
7354d2947a unbound-dhcp-bridge: Reading in static hosts 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-15 19:05:11 +02:00
Michael Tremer
b8a5c2fc7b netpbm: Bump release version to 2 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-14 00:05:55 +01:00
Marcel Lorenz
894fea37d4 netpbm: update to 10.47.61 
To keep the files in the right place, the files are installed into the build directory
and only the files which are useful are copied to the usual places in /usr.

Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Reviewed-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-14 00:05:55 +01:00
Marcel Lorenz
71a95ee330 libjpeg: update to 1.5.1 
The old libjpeg is renamed to libjpeg-compat
The compat makes the old libs maintainable

Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Reviewed-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-14 00:05:55 +01:00
Marcel Lorenz
1cd30812d6 texinfo: update to 6.3 
Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Reviewed-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-14 00:05:55 +01:00
Arne Fitzenreiter
d1778a773e unbound/dhcp: stop lease bridge if dhcp was needed to killed 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-10-13 17:21:28 +02:00
Matthias Fischer
11073720a2 squid: Update to 3.5.22 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-12 22:40:42 +01:00
Michael Tremer
1b4d5ad9af unbound: Move "listen on all" to main configuration file 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-12 22:37:26 +01:00
Matthias Fischer
b06187f5b6 Midnight Commander: Update to 4.8.18 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-12 22:35:50 +01:00
Arne Fitzenreiter
693928d781 unbound: start prior network 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-10-12 23:01:51 +02:00
Arne Fitzenreiter
0fa8a4e98e Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next 2016-10-12 22:52:34 +02:00
Arne Fitzenreiter
11ecfb92a0 backup: add unbound config 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-10-12 22:51:35 +02:00
Arne Fitzenreiter
d221f41fbe unbound: bind to all interfaces 
this allow to add interfaces without restart unbound.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-10-12 22:43:21 +02:00
Arne Fitzenreiter
3a6752d928 setup: restart unbound after network config change 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-10-12 22:39:41 +02:00
Daniel Weismüller
d653b433ec drop of the obsolete and deprecated vdr addon vdr_vnsiserver3 
Signed-off-by: Daniel Weismüller <daniel.weismueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-12 11:21:24 +01:00
Michael Tremer
86c9deb2ea unbound: Public static leases in DNS, too 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-11 19:14:33 +02:00
Michael Tremer
998e880b61 unbound: Skip invalid hostnames 
If there are any invalid hostnames in the DHCP leases
table, we just skip them and do not create and RRs for
them.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-10 20:11:57 +01:00
Matthias Fischer
5eeea64237 guardian 2.0: fixes for rootfile 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-10-10 12:08:33 +01:00