webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-24 18:03:06 +02:00
Code Issues Packages Projects Releases Wiki Activity
14,866 Commits 2 Branches 1 Tag
d9c1908f64e6d3e1adcd2c400f7c2b939f1393aa
Commit Graph

14866 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Matthias Fischer
b11b4842c2 gmp 6.2.0: Fixed rootfile for i586 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-06-19 17:14:58 +00:00
Matthias Fischer
a5427e456c libgpg-error: Update to 1.38 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-06-19 17:14:58 +00:00
Matthias Fischer
2944c59ea9 libassuan: Update to 2.5.3 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-06-19 17:14:58 +00:00
Matthias Fischer
acef0b81d3 libgcrypt: Update to 1.8.5 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-06-19 17:14:58 +00:00
Matthias Fischer
32e4819b77 gmp 6.2.0: Fixed lfs for i586 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-06-19 17:14:58 +00:00
Matthias Fischer
63eacedabc gmp: Update to 6.2.0 
Needed for gnutls 3.6.14

For details see:
https://gmplib.org/gmp6.2

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-06-19 17:14:58 +00:00
Matthias Fischer
44d2f538e1 gnutls: Update to 3.6.14 
For details see:
https://lists.gnupg.org/pipermail/gnutls-help/2020-June/004648.html

"** libgnutls: Fixed insecure session ticket key construction, since 3.6.4.
   The TLS server would not bind the session ticket encryption key with a
   value supplied by the application until the initial key rotation, allowing
   attacker to bypass authentication in TLS 1.3 and recover previous
   conversations in TLS 1.2 (#1011).
   [GNUTLS-SA-2020-06-03, CVSS: high]

** libgnutls: Fixed handling of certificate chain with cross-signed
   intermediate CA certificates (#1008).

** libgnutls: Fixed reception of empty session ticket under TLS 1.2 (#997).

** libgnutls: gnutls_x509_crt_print() is enhanced to recognizes commonName
   (2.5.4.3), decodes certificate policy OIDs (!1245), and prints Authority
   Key Identifier (AKI) properly (#989, #991).

** certtool: PKCS #7 attributes are now printed with symbolic names (!1246).

** libgnutls: Added several improvements on Windows Vista and later releases
   (!1257, !1254, !1256). Most notably the system random number generator now
   uses Windows BCrypt* API if available (!1255).

** libgnutls: Use accelerated AES-XTS implementation if possible (!1244).
   Also both accelerated and non-accelerated implementations check key block
   according to FIPS-140-2 IG A.9 (!1233).

** libgnutls: Added support for AES-SIV ciphers (#463).

** libgnutls: Added support for 192-bit AES-GCM cipher (!1267).

** libgnutls: No longer use internal symbols exported from Nettle (!1235)

** API and ABI modifications:
GNUTLS_CIPHER_AES_128_SIV: Added
GNUTLS_CIPHER_AES_256_SIV: Added
GNUTLS_CIPHER_AES_192_GCM: Added
gnutls_pkcs7_print_signature_info: Added"

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-06-19 17:14:58 +00:00
Matthias Fischer
c9f49bc693 borgbackup: Update to 1.1.13 
For details see:
https://borgbackup.readthedocs.io/en/stable/changes.html#changelog

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-06-19 17:14:58 +00:00
Matthias Fischer
ea791f45b4 haproxy: Update to 2.1.7 
For details see:
http://www.haproxy.org/download/2.1/src/CHANGELOG

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-06-19 17:14:58 +00:00
Michael Tremer
73c084b6a7 core147: Ship squid 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-06-19 17:14:58 +00:00
Matthias Fischer
3a40d33583 squid: Update to 4.12 
For details see:
http://www.squid-cache.org/Versions/v4/changesets/

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-06-19 17:14:58 +00:00
Michael Tremer
47686b1b6e Start Core Update 147 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-06-19 17:14:58 +00:00
Michael Tremer
9bdf5e71af networking: Set configured MTU to all network zones 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-06-19 17:14:58 +00:00
Michael Tremer
bf1ae6aa6a gcp: Google Cloud only supports an MTU of 1460 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-06-19 17:14:58 +00:00
Michael Tremer
68e060cb22 aws: Configure MTU to maximum of 9001 on GREEN/ORANGE 
AWS supports jumbo-frames which IPFire can take advantage of
to increase network throughput internally.

The MTU for RED was left as 1500 to avoid packet fragmentation
in the cloud network and have IPFire do that job.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-06-19 17:14:58 +00:00
Michael Tremer
46b0f9ab44 web: Hide certain menu items when running in cloud environments 
This used to be only hidden on AWS.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-06-19 17:14:58 +00:00
Michael Tremer
e7978f5671 gcloud: Add function to detect whether we are running on GCP 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-06-19 17:14:58 +00:00
Michael Tremer
4e58ab4bbf aws-functions.pl: Drop file and move functions to general-functions.pl 
There is not enough stuff that it is justified to have an own file.

This patch therefore merges everything into general-functions.pl.

There are no functional changes.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-06-19 17:14:58 +00:00
Michael Tremer
b6a5888105 gcp: Add host route for gateway during initialisation 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-06-19 17:14:58 +00:00
Michael Tremer
45a2dcd09a gcp: Always automatically enable serial console 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-06-19 17:14:58 +00:00
Michael Tremer
89b10e7095 gcp: Add initscript to import configuration 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-06-19 17:14:58 +00:00
Michael Tremer
86c6459873 cloud-init: Launch custom script when detecting Google Cloud 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-06-19 17:14:58 +00:00
Arne Fitzenreiter
46bccfc219 core146: add openvpn 
openvpn was missed in core145 so add it again.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-06-16 11:36:20 +00:00
Stefan Schantl
45f4de2bbc libloc: Update to 0.9.2 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-06-15 19:47:07 +02:00
Stefan Schantl
f1d982cce6 Add convert-to-location converter. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-06-15 18:21:57 +02:00
Stefan Schantl
d3f7af8144 fwhosts.cgi: Fix function call. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-06-13 19:10:38 +02:00
Stefan Schantl
18c9fd2820 firewall-lib.pl: Fix typo. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-06-13 19:10:15 +02:00
Arne Fitzenreiter
e9c62e37f4 vulnerabilities.cgi: add srdbs (CVE-2020-0543) 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-06-13 12:23:46 +02:00
Stefan Schantl
942b662b6b credits.cgi: Remove hint about used MaxMind database and software. 
We do not rely anymore on data and software from this vendor, so
we safely can drop this notice.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-06-12 20:04:21 +02:00
Stefan Schantl
d0faaf61d6 Rootfiles update. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-06-12 20:01:48 +02:00
Stefan Schantl
987d09658e configroot: Create and install location related files. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-06-12 19:54:13 +02:00
Stefan Schantl
1e36360e19 langs: Replace geoip in string names with location. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-06-12 19:52:03 +02:00
Stefan Schantl
9aadc465a3 fwhosts.cgi: Rework code to use location-functions.pl 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-06-12 19:46:24 +02:00
Stefan Schantl
10ef824bb7 firewall.cgi: Rework to use location-functions.pl 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-06-12 19:31:41 +02:00
Stefan Schantl
006e3c6c31 firewall-lib.pl: Rework code to use location-functions.pl 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-06-12 19:21:27 +02:00
Stefan Schantl
b1229cf610 50-firewall.menu: Rename geoipblock to locationblock 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-06-12 19:12:00 +02:00
Stefan Schantl
46269ee5fb Transform geoipblock into locationblock settings file. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-06-12 19:09:29 +02:00
Stefan Schantl
5730a5bcdf firewall/rules.pl: Rework code to use location-functions.pl 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-06-12 19:06:01 +02:00
Stefan Schantl
69d431e41a remote.cgi: Use location-functions.pl 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-06-12 18:52:19 +02:00
Stefan Schantl
e2e270e1db ovpnmain.cgi: Use location-functions.pl 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-06-12 18:51:03 +02:00
Stefan Schantl
0893eef4cc tor.cgi: Use location-functions.pl 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-06-12 18:48:24 +02:00
Stefan Schantl
e43b7b7b2d netexternal.cgi: Remove GeoIP related code. 
The CGI only loaded geoip-functions.pl and initiated libloc but did no
further actions. So we are safe to completely remove this code.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-06-12 18:45:56 +02:00
Stefan Schantl
4f6d5b3ef3 logs.cgi/showrequestfromcountry.dat: Use location-functions.pl 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-06-12 18:44:29 +02:00
Stefan Schantl
43970d7cfc logs.cgi/firewalllogip.dat: Use location-functions.pl 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-06-12 18:42:23 +02:00
Stefan Schantl
1b024e999e logs.cgi/firewalllogcountry.dat: Use location-functions.pl 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-06-12 18:09:46 +02:00
Stefan Schantl
e4f1e36c9f logs.cgi/firewalllog.dat: Use location-functions.pl 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-06-12 18:07:55 +02:00
Stefan Schantl
dca3f2075b ipinfo.cgi: Use location-functions.pl 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-06-12 18:02:51 +02:00
Stefan Schantl
4346cb6660 dns.cgi: Use location-functions.pl 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-06-12 17:59:43 +02:00
Stefan Schantl
d1a23835db country.cgi: Use location-functions.pl 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-06-12 17:53:29 +02:00
Stefan Schantl
3d3fbe7dc4 connections.cgi: Use location-functions.pl 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2020-06-12 17:51:00 +02:00