Development October 2017

development@lists.ipfire.org

14 participants
88 discussions

[PATCH] delete unused dial.cgi file
by Peter Müller 10 Oct '17

10 Oct '17

Delete unused dial.cgi CGI file from git (this probably still needs to be deleted on running systems). Signed-off-by: Peter Müller <peter.mueller(a)link38.eu> --- diff --git a/html/html/dial.cgi b/html/html/dial.cgi deleted file mode 100644 index 7c7b7db3c..000000000 --- a/html/html/dial.cgi +++ /dev/null @@ -1,4 +0,0 @@ -#!/usr/bin/perl - -print "Status: 302 Moved\n"; -print "Location: /cgi-bin/dial/index.cgi\n\n";

2 1

[PATCH] proxy.cgi: Fix typo in 'cachemgr'-link
by Matthias Fischer 09 Oct '17

09 Oct '17

Hi, I had a backslash left over and he cheated in between... No good reason just one too many. Best, Matthias Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org> --- html/cgi-bin/proxy.cgi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi index ab490c3d3..611c6ba4e 100644 --- a/html/cgi-bin/proxy.cgi +++ b/html/cgi-bin/proxy.cgi @@ -1118,7 +1118,7 @@ print <<END <td colspan='4'><b>$Lang::tr{'advproxy cache management'}</b></td> </tr> <tr> - <td class='base'><a href='/cgi-bin/cachemgr.cgi\' target=\'_blank\'>$Lang::tr{'proxy cachemgr'}</a>:</td> + <td class='base'><a href='/cgi-bin/cachemgr.cgi' target=\'_blank\'>$Lang::tr{'proxy cachemgr'}</a>:</td> <td><input type='checkbox' name='CACHEMGR' $checked{'CACHEMGR'}{'on'} /></td> <td class='base'>$Lang::tr{'advproxy admin mail'}:</td> <td><input type='text' name='ADMIN_MAIL_ADDRESS' value='$proxysettings{'ADMIN_MAIL_ADDRESS'}' /></td> -- 2.14.2

2 1

[PATCH] proxy.cgi: Even more cosmetics for lazy ones (V3)
by Matthias Fischer 09 Oct '17

09 Oct '17

Another clickable link, this time for the 'Cache Manager Interface' - this one opens in a new window. Best, Matthias Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org> --- html/cgi-bin/proxy.cgi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi index dd83bba73..ab490c3d3 100644 --- a/html/cgi-bin/proxy.cgi +++ b/html/cgi-bin/proxy.cgi @@ -1118,7 +1118,7 @@ print <<END <td colspan='4'><b>$Lang::tr{'advproxy cache management'}</b></td> </tr> <tr> - <td class='base'>$Lang::tr{'proxy cachemgr'}:</td> + <td class='base'><a href='/cgi-bin/cachemgr.cgi\' target=\'_blank\'>$Lang::tr{'proxy cachemgr'}</a>:</td> <td><input type='checkbox' name='CACHEMGR' $checked{'CACHEMGR'}{'on'} /></td> <td class='base'>$Lang::tr{'advproxy admin mail'}:</td> <td><input type='text' name='ADMIN_MAIL_ADDRESS' value='$proxysettings{'ADMIN_MAIL_ADDRESS'}' /></td> -- 2.14.2

2 2

Question concerning ipfire-2.x/html/html/dial.cgi
by Peter Müller 09 Oct '17

09 Oct '17

Hello Michael, can we safely remove "ipfire-2.x/html/html/dial.cgi" (SHA256 checksum: b4a34124b478d25c805379acd9ffa35ec3558e41e45b22c5ddf8ab3f20c6aeda)? It appeared in the Apache vhost configuration, and seems to be defunct - redirects with 302 to a non-existing file. If yes, I will send in another patch to clean this up. Best regards, Peter Müller

2 1

[PATCH] add missing check for Curve25519 in vpnmain.cgi
by Peter Müller 09 Oct '17

09 Oct '17

This fixes bug #11501 which causes IPsec connections to crash if Curve25519 has been enabled. Signed-off-by: Peter Müller <peter.mueller(a)link38.eu> --- diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi index f9508b53d..25551008f 100644 --- a/html/cgi-bin/vpnmain.cgi +++ b/html/cgi-bin/vpnmain.cgi @@ -3125,6 +3125,8 @@ sub make_algos($$$$$) { if ($grp =~ m/^e(.*)$/) { push(@algo, "ecp$1"); + } elsif ($grp =~ m/curve25519/) { + push(@algo, "$grp"); } else { push(@algo, "modp$grp"); } @@ -3140,6 +3142,8 @@ sub make_algos($$$$$) { # noop } elsif ($grp =~ m/^e(.*)$/) { push(@algo, "ecp$1"); + } elsif ($grp =~ m/curve25519/) { + push(@algo, "$grp"); } else { push(@algo, "modp$grp"); }

2 1

[PATCH] apache: Update to 2.4.28
by Matthias Fischer 09 Oct '17

09 Oct '17

For details see: http://apache.mirror.digionline.de//httpd/CHANGES_2.4.28 Second try, based on current 'next'. I sent a similar patch a few days ago, but somehow it didn't find its way. Best, Matthias Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org> --- lfs/apache2 | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/lfs/apache2 b/lfs/apache2 index 138ede8de..4276a8880 100644 --- a/lfs/apache2 +++ b/lfs/apache2 @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2014 IPFire Team <info(a)ipfire.org> # +# Copyright (C) 2007-2017 IPFire Team <info(a)ipfire.org> # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -25,7 +25,7 @@ include Config -VER = 2.4.27 +VER = 2.4.28 THISAPP = httpd-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -45,7 +45,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 97b6bbfa83c866dbe20ef317e3afd108 +$(DL_FILE)_MD5 = 49007ffe8e37a0834255b279810edf24 install : $(TARGET) @@ -75,8 +75,6 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/apache-2.4.27-PR61382-fix.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/apache-2.4.27-CVE-2017-9798-fix.patch ### Add IPFire's layout, too echo "# IPFire layout" >> $(DIR_APP)/config.layout echo "<Layout IPFire>" >> $(DIR_APP)/config.layout -- 2.14.2

2 1

[PATCH] Add a Dockerfile
by Jonatan Schlag 07 Oct '17

07 Oct '17

To create a container for our pbs service we add a Docker image based on ipfire/pakfire:latest. Signed-off-by: Jonatan Schlag <jonatan.schlag(a)ipfire.org> --- Dockerfile | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 Dockerfile diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..4665311 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,27 @@ +FROM ipfire/pakfire:latest +MAINTAINER jonatanschlag + +RUN yum update -y && \ + yum install -y epel-release && \ + yum install -y python python-tornado python-daemon python-psycopg2 pytz-2016.10 python-memcached python-textile && \ + groupadd -g 2000 pbs && \ + useradd --system --no-create-home --shell /bin/bash --uid 2000 --gid 2000 pbs && \ + yum autoremove -y && \ + yum clean all && \ + rm -rf /var/tmp/* /var/cache/yum/* /opt/dev/* && \ + mkdir -p /opt/pbs + +COPY . /opt/pbs + +RUN chown -R pbs:pbs /opt/pbs && \ + chmod +x /opt/pbs/pakfire-web && \ + chmod +x /opt/pbs/pakfire-hub && \ + chmod +x /opt/pbs/pakfire-manager + +WORKDIR /opt/pbs + +USER pbs + +# Define default command. +CMD ["/bin/bash"] + -- 2.11.0

1 0

[PATCH] Added language support for chpasswd.cgi
by Erik Kapfer 06 Oct '17

06 Oct '17

--- html/cgi-bin/chpasswd.cgi | 57 +++++++++++++++++++++++++++-------------------- 1 file changed, 33 insertions(+), 24 deletions(-) diff --git a/html/cgi-bin/chpasswd.cgi b/html/cgi-bin/chpasswd.cgi index 0a66062..00494f2 100644 --- a/html/cgi-bin/chpasswd.cgi +++ b/html/cgi-bin/chpasswd.cgi @@ -19,15 +19,26 @@ # # ############################################################################### +use strict; + +#usable only the following on debugging purpose +#use warnings; +#use CGI::Carp 'fatalsToBrowser'; + use CGI qw(param); use Apache::Htpasswd; use Crypt::PasswdMD5; -$swroot = "/var/ipfire"; - my %cgiparams; my %mainsettings; my %proxysettings; +my %netsettings; +my %temp; +my $swroot; +my $errormessage; +my $language; + +$swroot = "/var/ipfire"; $proxysettings{'NCSA_MIN_PASS_LEN'} = 6; @@ -38,12 +49,10 @@ $language = $mainsettings{'LANGUAGE'}; ### Initialize language if ($language =~ /^(\w+)$/) {$language = $1;} - # - # Uncomment this to force a certain language: - # $language='en'; - # -require "${swroot}/langs/en.pl"; -require "${swroot}/langs/${language}.pl"; + +require '/var/ipfire/general-functions.pl'; +require "${General::swroot}/lang.pl"; +require "${General::swroot}/header.pl"; my $userdb = "$swroot/proxy/advanced/ncsa/passwd"; @@ -53,26 +62,26 @@ my $success = 0; &getcgihash(\%cgiparams); -if ($cgiparams{'SUBMIT'} eq $tr{'advproxy chgwebpwd change password'}) +if ($cgiparams{'SUBMIT'} eq $Lang::tr{'advproxy chgwebpwd change password'}) { if ($cgiparams{'USERNAME'} eq '') { - $errormessage = $tr{'advproxy errmsg no username'}; + $errormessage = $Lang::tr{'advproxy errmsg no username'}; goto ERROR; } if (($cgiparams{'OLD_PASSWORD'} eq '') || ($cgiparams{'NEW_PASSWORD_1'} eq '') || ($cgiparams{'NEW_PASSWORD_2'} eq '')) { - $errormessage = $tr{'advproxy errmsg no password'}; + $errormessage = $Lang::tr{'advproxy errmsg no password'}; goto ERROR; } if (!($cgiparams{'NEW_PASSWORD_1'} eq $cgiparams{'NEW_PASSWORD_2'})) { - $errormessage = $tr{'advproxy errmsg passwords different'}; + $errormessage = $Lang::tr{'advproxy errmsg passwords different'}; goto ERROR; } if (length($cgiparams{'NEW_PASSWORD_1'}) < $proxysettings{'NCSA_MIN_PASS_LEN'}) { - $errormessage = $tr{'advproxy errmsg password length 1'}.$proxysettings{'NCSA_MIN_PASS_LEN'}.$tr{'advproxy errmsg password length 2'}; + $errormessage = $Lang::tr{'advproxy errmsg password length 1'}.$proxysettings{'NCSA_MIN_PASS_LEN'}.$Lang::tr{'advproxy errmsg password length 2'}; goto ERROR; } @@ -81,14 +90,14 @@ if ($cgiparams{'SUBMIT'} eq $tr{'advproxy chgwebpwd change password'}) # Check if a user with this name exists my $old_password = $htpasswd->fetchPass($cgiparams{'USERNAME'}); if (!$old_password) { - $errormessage = $tr{'advproxy errmsg invalid user'}; + $errormessage = $Lang::tr{'advproxy errmsg invalid user'}; goto ERROR; } # Reset password if (!$htpasswd->htpasswd($cgiparams{'USERNAME'}, $cgiparams{'NEW_PASSWORD_1'}, $cgiparams{'OLD_PASSWORD'})) { - $errormessage = $tr{'advproxy errmsg password incorrect'}; + $errormessage = $Lang::tr{'advproxy errmsg password incorrect'}; goto ERROR; } @@ -103,7 +112,7 @@ print "Cache-control: no-cache\n"; print "Connection: close\n"; print "Content-type: text/html\n\n"; -print <<END +print <<END; <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> @@ -124,7 +133,7 @@ print <<END <tr> <td nowrap bgcolor="#993333" align="center" > <font face="trebuchet ms, helvetica, sans-serif" color="#FFFFFF" size="4"> - <b>$tr{'advproxy chgwebpwd change web password'}</b> + <b>$Lang::tr{'advproxy chgwebpwd change web password'}</b> </font> </td> </tr> @@ -134,7 +143,7 @@ print <<END <tr> <td nowrap bgcolor="#FFFFFF" align="left"> <font face="trebuchet ms, helvetica, sans-serif" color="#666666" size="2"> - <b>$tr{'advproxy chgwebpwd username'}:</b> + <b>$Lang::tr{'advproxy chgwebpwd username'}:</b> </font> </td> <td ><input type="text" name="USERNAME" value="$cgiparams{'USERNAME'}" size="30"></td> @@ -142,7 +151,7 @@ print <<END <tr> <td nowrap bgcolor="#FFFFFF" align="left"> <font face="trebuchet ms, helvetica, sans-serif" color="#666666" size="2"> - <b>$tr{'advproxy chgwebpwd old password'}:</b> + <b>$Lang::tr{'advproxy chgwebpwd old password'}:</b> </font> </td> <td><input type="password" name="OLD_PASSWORD" value="$cgiparams{'OLD_PASSWORD'}" size="30"></td> @@ -150,7 +159,7 @@ print <<END <tr> <td nowrap bgcolor="#FFFFFF" align="left"> <font face="trebuchet ms, helvetica, sans-serif" color="#666666" size="2"> - <b>$tr{'advproxy chgwebpwd new password'}:</b> + <b>$Lang::tr{'advproxy chgwebpwd new password'}:</b> </font> </td> <td><input type="password" name="NEW_PASSWORD_1" value="$cgiparams{'NEW_PASSWORD_1'}" size="30"></td> @@ -158,7 +167,7 @@ print <<END <tr> <td nowrap bgcolor="#FFFFFF" align="left"> <font face="trebuchet ms, helvetica, sans-serif" color="#666666" size="2"> - <b>$tr{'advproxy chgwebpwd new password confirm'}:</b> + <b>$Lang::tr{'advproxy chgwebpwd new password confirm'}:</b> </font> </td> <td><input type="password" name="NEW_PASSWORD_2" value="$cgiparams{'NEW_PASSWORD_2'}" size="30"></td> @@ -166,7 +175,7 @@ print <<END </table> <table width="100%" cellspacing="7" cellpadding="7"> <tr> - <td align="center"><br><input type='submit' name='SUBMIT' value="$tr{'advproxy chgwebpwd change password'}"></td> + <td align="center"><br><input type='submit' name='SUBMIT' value="$Lang::tr{'advproxy chgwebpwd change password'}"></td> </tr> </table> </td> @@ -180,7 +189,7 @@ if ($errormessage) <tr> <td nowrap bgcolor="#FF0000" align="center"> <font face="trebuchet ms, helvetica, sans-serif" color="#FFFFFF" size="2"> - <b>$tr{'advproxy chgwebpwd ERROR'}</b> $errormessage + <b>$Lang::tr{'advproxy chgwebpwd ERROR'}</b> $errormessage </font> </td> </tr> @@ -194,7 +203,7 @@ if ($success) <tr> <td nowrap bgcolor="#00C000" align="center"> <font face="trebuchet ms, helvetica, sans-serif" color="#FFFFFF" size="2"> - <b>$tr{'advproxy chgwebpwd SUCCESS'}</b> $tr{'advproxy errmsg change success'} + <b>$Lang::tr{'advproxy chgwebpwd SUCCESS'}</b> $Lang::tr{'advproxy errmsg change success'} </font> </td> </tr> -- 2.7.4

3 4

Captive Portal
by Michael Tremer 06 Oct '17

06 Oct '17

Hi, the captive portal development needs a few more hands. Below you can download the latest ISO image (and other image formats) with the captive portal integrated. So far this seems to work fine. I have given it a good test and despite a few design things, I couldn't find any bigger issues. http://people.ipfire.org/~ms/captive-portal/ Who would like to give it a try and help testing so that we can ship this with 115? Best, -Michael

2 3

FYI: patchwork.ipfire.org returns "500 internal server error"
by Peter Müller 04 Oct '17

04 Oct '17

Hello Michael, hello list (if interested), http://patchwork.ipfire.org/ returns a "500 internal server error" message here. Just thought you might want to know. :-) Best regards, Peter Müller

2 2

← Newer
1
2
3
4
5
6
7
8
9
Older →

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

Development October 2017