Previous we had not configured it so the ssh default order was used.
Now we define it to disable dsa so we had to give the correct order but
in the example cfg rsa is prefered.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
This update contains the latest upstream changes which are
a better SSL error handling and support for desec.io.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
If an IPsec VPN connections is not established, there are
rare cases when packets are supposed to be sent through
that said tunnel and incorrectly handled.
Those packets are sent to the default gateway an entry
for this connection is created in the connection tracking
table (usually only happens to UDP). All following packets
are sent the same route even after the tunnel has been
brought up. That leads to SIP phones not being able to
register among other things.
This patch adds firewall rules that these packets are
rejected. That will sent a notification to the client
that the tunnel is not up and avoid the connection to
be added to the connection tracking table.
Apart from a small performance penalty there should
be no other side-effects.
Fixes: #10908
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Cc: tomvend@rymes.com
Cc: daniel.weismueller@ipfire.org
Cc: morlix@morlix.de
Reviewed-by: Timo Eissler <timo.eissler@ipfire.org>
The CGI now is using the GeoIP::get_flag_icon function provided by the
geoip-functions.pl, which takes care of the changed flag icons shipped
by core update 90.
Fixes#10919.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Tested-by: Jan Paul Tuecking <jan.paul.tuecking@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Builds of this package crash randomly on all architectures
which might be related to the parallel build.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
* configure.ac: Set LT version to C16/A16/R0.
Add new version macros.
* src/gpg-error.h.in (GPGRT_VERSION): New.
(GPGRT_VERSION_NUMBER): New.
(GPG_ERROR_VERSION, GPG_ERROR_VERSION_NUMBER): Move to top of file.
Add macro GPGRT_INLINE and avoid -Wundef warnings.
* src/gpg-error.h.in (GPG_ERR_INLINE): Use #if defined for possible
undefined macros to avoid warning with GCC's -Wundef option.
(GPGRT_INLINE): New.
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
* configure.ac: Change LT version to C20/A0/R4.
w32: Avoid a few compiler warnings.
* cipher/cipher-selftest.c (_gcry_selftest_helper_cbc)
(_gcry_selftest_helper_cfb, _gcry_selftest_helper_ctr): Mark variable
as unused.
* random/rndw32.c (slow_gatherer): Avoid signed pointer mismatch
warning.
* src/secmem.c (init_pool): Avoid unused variable warning.
* tests/random.c (writen, readn): Include on if needed.
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
