This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, core78 has been updated
via 69a324f0bb14e65c9e0a6b24b3bd9db8b57ff3b5 (commit)
via f7fb5bc5c9b5831729669c35cd9a934f516db471 (commit)
via 92bed25016aa2f4054723e4d607680a3354d8d96 (commit)
via fc5dd098c2c70d76ca6f3b35576bd8b062afde71 (commit)
via 520fd2431bfccddd30489653ba9024f2d214205a (commit)
from 05a48c2b2a09e8a5c67276dd2c372d4fbc023017 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 69a324f0bb14e65c9e0a6b24b3bd9db8b57ff3b5
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Wed May 28 20:21:29 2014 +0200
squid: Disable -march=native.
This produces a binary that cannot be executed on
all systems that we support.
(cherry picked from commit 5930a368ad783c21e4e5542aea64561f409cbd68)
commit f7fb5bc5c9b5831729669c35cd9a934f516db471
Author: Erik Kapfer <erik.kapfer(a)ipfire.org>
Date: Wed May 28 08:12:52 2014 +0200
openvpn: Added DH parameter to CA chart.
Added also a 'Default' mark in N2N cipher menu for AES-256-CBC.
(cherry picked from commit c16d97c617b8a7a663f536da61f7b161251c6500)
commit 92bed25016aa2f4054723e4d607680a3354d8d96
Author: Erik Kapfer <erik.kapfer(a)ipfire.org>
Date: Mon May 26 14:14:44 2014 +0200
openvpn: Fixed some typos
(cherry picked from commit b585282abfc3666feedd9e1464095297e76a8aaf)
commit fc5dd098c2c70d76ca6f3b35576bd8b062afde71
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Wed May 28 20:23:41 2014 +0200
core78: Add sudo to update.
commit 520fd2431bfccddd30489653ba9024f2d214205a
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Mon May 26 23:44:53 2014 +0200
sudo: Update to 1.8.10p3.
Disable linking against PAM which is not configured
in IPFire 2.
-----------------------------------------------------------------------
Summary of changes:
config/rootfiles/core/78/filelists/sudo | 1 +
doc/language_issues.es | 3 ++
doc/language_issues.fr | 3 ++
doc/language_issues.nl | 3 ++
doc/language_issues.pl | 3 ++
doc/language_issues.ru | 3 ++
doc/language_issues.tr | 3 ++
doc/language_missings | 12 +++++++
html/cgi-bin/ovpnmain.cgi | 60 ++++++++++++++++++++++++++++-----
langs/de/cgi-bin/de.pl | 3 ++
langs/en/cgi-bin/en.pl | 3 ++
lfs/squid | 3 +-
lfs/sudo | 7 ++--
13 files changed, 94 insertions(+), 13 deletions(-)
create mode 120000 config/rootfiles/core/78/filelists/sudo
Difference in files:
diff --git a/config/rootfiles/core/78/filelists/sudo b/config/rootfiles/core/78/filelists/sudo
new file mode 120000
index 0000000..0d3c45e
--- /dev/null
+++ b/config/rootfiles/core/78/filelists/sudo
@@ -0,0 +1 @@
+../../../common/sudo
\ No newline at end of file
diff --git a/doc/language_issues.es b/doc/language_issues.es
index e13636b..7b59a5e 100644
--- a/doc/language_issues.es
+++ b/doc/language_issues.es
@@ -632,12 +632,14 @@ WARNING: untranslated string: countries
WARNING: untranslated string: country codes and flags
WARNING: untranslated string: countrycode
WARNING: untranslated string: dead peer detection
+WARNING: untranslated string: default
WARNING: untranslated string: deprecated fs warn
WARNING: untranslated string: details
WARNING: untranslated string: dh
WARNING: untranslated string: dh key move failed
WARNING: untranslated string: dh key warn
WARNING: untranslated string: dh key warn1
+WARNING: untranslated string: dh parameter
WARNING: untranslated string: dnat address
WARNING: untranslated string: dns servers
WARNING: untranslated string: dnsforward
@@ -648,6 +650,7 @@ WARNING: untranslated string: dnsforward entries
WARNING: untranslated string: dnsforward forward_server
WARNING: untranslated string: dnsforward zone
WARNING: untranslated string: downlink
+WARNING: untranslated string: download dh parameter
WARNING: untranslated string: dpd delay
WARNING: untranslated string: dpd timeout
WARNING: untranslated string: drop action
diff --git a/doc/language_issues.fr b/doc/language_issues.fr
index 759c18d..2446583 100644
--- a/doc/language_issues.fr
+++ b/doc/language_issues.fr
@@ -642,12 +642,14 @@ WARNING: untranslated string: countries
WARNING: untranslated string: country codes and flags
WARNING: untranslated string: countrycode
WARNING: untranslated string: dead peer detection
+WARNING: untranslated string: default
WARNING: untranslated string: deprecated fs warn
WARNING: untranslated string: details
WARNING: untranslated string: dh
WARNING: untranslated string: dh key move failed
WARNING: untranslated string: dh key warn
WARNING: untranslated string: dh key warn1
+WARNING: untranslated string: dh parameter
WARNING: untranslated string: dnat address
WARNING: untranslated string: dns address deleted txt
WARNING: untranslated string: dns servers
@@ -659,6 +661,7 @@ WARNING: untranslated string: dnsforward entries
WARNING: untranslated string: dnsforward forward_server
WARNING: untranslated string: dnsforward zone
WARNING: untranslated string: downlink
+WARNING: untranslated string: download dh parameter
WARNING: untranslated string: dpd delay
WARNING: untranslated string: dpd timeout
WARNING: untranslated string: drop action
diff --git a/doc/language_issues.nl b/doc/language_issues.nl
index c1173f7..8dd0a3c 100644
--- a/doc/language_issues.nl
+++ b/doc/language_issues.nl
@@ -650,11 +650,14 @@ WARNING: untranslated string: Scan for Songs
WARNING: untranslated string: atm device
WARNING: untranslated string: bytes
WARNING: untranslated string: capabilities
+WARNING: untranslated string: default
WARNING: untranslated string: dh
WARNING: untranslated string: dh key move failed
WARNING: untranslated string: dh key warn
WARNING: untranslated string: dh key warn1
+WARNING: untranslated string: dh parameter
WARNING: untranslated string: dns servers
+WARNING: untranslated string: download dh parameter
WARNING: untranslated string: drop outgoing
WARNING: untranslated string: firewall logs country
WARNING: untranslated string: fwhost err hostip
diff --git a/doc/language_issues.pl b/doc/language_issues.pl
index e13636b..7b59a5e 100644
--- a/doc/language_issues.pl
+++ b/doc/language_issues.pl
@@ -632,12 +632,14 @@ WARNING: untranslated string: countries
WARNING: untranslated string: country codes and flags
WARNING: untranslated string: countrycode
WARNING: untranslated string: dead peer detection
+WARNING: untranslated string: default
WARNING: untranslated string: deprecated fs warn
WARNING: untranslated string: details
WARNING: untranslated string: dh
WARNING: untranslated string: dh key move failed
WARNING: untranslated string: dh key warn
WARNING: untranslated string: dh key warn1
+WARNING: untranslated string: dh parameter
WARNING: untranslated string: dnat address
WARNING: untranslated string: dns servers
WARNING: untranslated string: dnsforward
@@ -648,6 +650,7 @@ WARNING: untranslated string: dnsforward entries
WARNING: untranslated string: dnsforward forward_server
WARNING: untranslated string: dnsforward zone
WARNING: untranslated string: downlink
+WARNING: untranslated string: download dh parameter
WARNING: untranslated string: dpd delay
WARNING: untranslated string: dpd timeout
WARNING: untranslated string: drop action
diff --git a/doc/language_issues.ru b/doc/language_issues.ru
index 0589067..2d12fc6 100644
--- a/doc/language_issues.ru
+++ b/doc/language_issues.ru
@@ -636,12 +636,14 @@ WARNING: untranslated string: countries
WARNING: untranslated string: country codes and flags
WARNING: untranslated string: countrycode
WARNING: untranslated string: dead peer detection
+WARNING: untranslated string: default
WARNING: untranslated string: deprecated fs warn
WARNING: untranslated string: details
WARNING: untranslated string: dh
WARNING: untranslated string: dh key move failed
WARNING: untranslated string: dh key warn
WARNING: untranslated string: dh key warn1
+WARNING: untranslated string: dh parameter
WARNING: untranslated string: disk access per
WARNING: untranslated string: dnat address
WARNING: untranslated string: dns servers
@@ -653,6 +655,7 @@ WARNING: untranslated string: dnsforward entries
WARNING: untranslated string: dnsforward forward_server
WARNING: untranslated string: dnsforward zone
WARNING: untranslated string: downlink
+WARNING: untranslated string: download dh parameter
WARNING: untranslated string: dpd delay
WARNING: untranslated string: dpd timeout
WARNING: untranslated string: drop action
diff --git a/doc/language_issues.tr b/doc/language_issues.tr
index 2d9ebf7..7ce95e0 100644
--- a/doc/language_issues.tr
+++ b/doc/language_issues.tr
@@ -648,10 +648,13 @@ WARNING: untranslated string: Number of Countries for the pie chart
WARNING: untranslated string: Scan for Songs
WARNING: untranslated string: bytes
WARNING: untranslated string: capabilities
+WARNING: untranslated string: default
WARNING: untranslated string: dh
WARNING: untranslated string: dh key move failed
WARNING: untranslated string: dh key warn
WARNING: untranslated string: dh key warn1
+WARNING: untranslated string: dh parameter
+WARNING: untranslated string: download dh parameter
WARNING: untranslated string: firewall logs country
WARNING: untranslated string: fwhost err hostip
WARNING: untranslated string: gen dh
diff --git a/doc/language_missings b/doc/language_missings
index 2def481..7ae53f8 100644
--- a/doc/language_missings
+++ b/doc/language_missings
@@ -76,6 +76,7 @@
< countries
< countrycode
< country codes and flags
+< default
< default ip
< deprecated fs warn
< details
@@ -83,6 +84,7 @@
< dh key move failed
< dh key warn
< dh key warn1
+< dh parameter
< dnat address
< dns address deleted txt
< dnsforward
@@ -93,6 +95,7 @@
< dnsforward forward_server
< dnsforward zone
< dns servers
+< download dh parameter
< dpd delay
< dpd timeout
< drop action
@@ -593,6 +596,7 @@
< countries
< countrycode
< country codes and flags
+< default
< default ip
< deprecated fs warn
< details
@@ -600,6 +604,7 @@
< dh key move failed
< dh key warn
< dh key warn1
+< dh parameter
< dnat address
< dnsforward
< dnsforward add a new entry
@@ -609,6 +614,7 @@
< dnsforward forward_server
< dnsforward zone
< dns servers
+< download dh parameter
< dpd delay
< dpd timeout
< drop action
@@ -1101,6 +1107,7 @@
< countries
< countrycode
< country codes and flags
+< default
< default ip
< deprecated fs warn
< details
@@ -1108,6 +1115,7 @@
< dh key move failed
< dh key warn
< dh key warn1
+< dh parameter
< dnat address
< dnsforward
< dnsforward add a new entry
@@ -1117,6 +1125,7 @@
< dnsforward forward_server
< dnsforward zone
< dns servers
+< download dh parameter
< dpd delay
< dpd timeout
< drop action
@@ -1587,6 +1596,7 @@
< countrycode
< country codes and flags
< day-graph
+< default
< default ip
< deprecated fs warn
< details
@@ -1594,6 +1604,7 @@
< dh key move failed
< dh key warn
< dh key warn1
+< dh parameter
< disk access per
< dnat address
< dnsforward
@@ -1604,6 +1615,7 @@
< dnsforward forward_server
< dnsforward zone
< dns servers
+< download dh parameter
< dpd delay
< dpd timeout
< drop action
diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index 0e8fad8..921009f 100644
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -1023,7 +1023,6 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General
### Save main settings
###
-
if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cgiparams{'KEY'} eq '') {
&General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
#DAN do we really need (to to check) this value? Besides if we listen on blue and orange too,
@@ -1034,8 +1033,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cg
goto SETTINGS_ERROR;
}
}
- if ($errormessage) { goto SETTINGS_ERROR; }
-
+
if (! &General::validipandmask($cgiparams{'DOVPN_SUBNET'})) {
$errormessage = $Lang::tr{'ovpn subnet is invalid'};
goto SETTINGS_ERROR;
@@ -1520,6 +1518,18 @@ END
print `/usr/bin/openssl x509 -in ${General::swroot}/ovpn/certs/servercert.pem`;
exit(0);
}
+
+###
+### Download Diffie-Hellman parameter
+###
+}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'download dh parameter'}) {
+ if ( -f "${General::swroot}/ovpn/ca/dh1024.pem" ) {
+ print "Content-Type: application/octet-stream\r\n";
+ print "Content-Disposition: filename=dh1024.pem\r\n\r\n";
+ print `/usr/bin/openssl dhparam -in ${General::swroot}/ovpn/ca/dh1024.pem`;
+ exit(0);
+ }
+
###
### Form for generating a root certificate
###
@@ -4470,7 +4480,7 @@ if ($cgiparams{'TYPE'} eq 'net') {
<option value='CAMELLIA-256-CBC' $selected{'DCIPHER'}{'CAMELLIA-256-CBC'}>CAMELLIA-CBC (256 $Lang::tr{'bit'})</option>
<option value='CAMELLIA-192-CBC' $selected{'DCIPHER'}{'CAMELLIA-192-CBC'}>CAMELLIA-CBC (192 $Lang::tr{'bit'})</option>
<option value='CAMELLIA-128-CBC' $selected{'DCIPHER'}{'CAMELLIA-128-CBC'}>CAMELLIA-CBC (128 $Lang::tr{'bit'})</option>
- <option value='AES-256-CBC' $selected{'DCIPHER'}{'AES-256-CBC'}>AES-CBC (256 $Lang::tr{'bit'})</option>
+ <option value='AES-256-CBC' $selected{'DCIPHER'}{'AES-256-CBC'}>AES-CBC (256 $Lang::tr{'bit'}, $Lang::tr{'default'})</option>
<option value='AES-192-CBC' $selected{'DCIPHER'}{'AES-192-CBC'}>AES-CBC (192 $Lang::tr{'bit'})</option>
<option value='AES-128-CBC' $selected{'DCIPHER'}{'AES-128-CBC'}>AES-CBC (128 $Lang::tr{'bit'})</option>
<option value='DES-EDE3-CBC' $selected{'DCIPHER'}{'DES-EDE3-CBC'}>DES-EDE3-CBC (192 $Lang::tr{'bit'})</option>
@@ -5216,7 +5226,9 @@ END
END
;
my $col1="bgcolor='$color{'color22'}'";
- my $col2="bgcolor='$color{'color20'}'";
+ my $col2="bgcolor='$color{'color20'}'";
+ my $col3="bgcolor='$color{'color22'}'";
+
if (-f "${General::swroot}/ovpn/ca/cacert.pem") {
my $casubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/cacert.pem`;
$casubject =~ /Subject: (.*)[\n]/;
@@ -5282,6 +5294,39 @@ END
;
}
+ # Adding DH parameter to chart
+ if (-f "${General::swroot}/ovpn/ca/dh1024.pem") {
+ my $dhsubject = `/usr/bin/openssl dhparam -text -in ${General::swroot}/ovpn/ca/dh1024.pem`;
+ $dhsubject =~ /PKCS#3 (.*)[\n]/;
+ $dhsubject = $1;
+
+
+ print <<END;
+ <tr>
+ <td class='base' $col3>$Lang::tr{'dh parameter'}</td>
+ <td class='base' $col3>$dhsubject</td>
+ <form method='post' name='frmdhparam'><td width='3%' align='center' $col3>
+ <input type='hidden' name='ACTION' value='$Lang::tr{'show dh'}' />
+ <input type='image' name='$Lang::tr{'show dh'}' src='/images/info.gif' alt='$Lang::tr{'show dh'}' title='$Lang::tr{'show dh'}' width='20' height='20' border='0' />
+ </td></form>
+ <form method='post' name='frmdhparam'><td width='3%' align='center' $col3>
+ <input type='image' name="$Lang::tr{'download dh parameter'}" src='/images/media-floppy.png' alt="$Lang::tr{'download dh parameter'}" title="$Lang::tr{'download dh parameter'}" border='0' />
+ <input type='hidden' name='ACTION' value="$Lang::tr{'download dh parameter'}" />
+ </td></form>
+ <td width='4%' $col3> </td></tr>
+END
+ ;
+ } else {
+ # Nothing
+ print <<END;
+ <tr>
+ <td width='25%' class='base' $col3>$Lang::tr{'dh parameter'}:</td>
+ <td class='base' $col3>$Lang::tr{'not present'}</td>
+ </td><td colspan='3' $col3> </td></tr>
+END
+ ;
+ }
+
if (! -f "${General::swroot}/ovpn/ca/cacert.pem") {
print "<tr><td colspan='5' align='center'><form method='post'>";
print "<input type='submit' name='ACTION' value='$Lang::tr{'generate root/host certificates'}' />";
@@ -5353,7 +5398,7 @@ END
<tr><td colspan=4><hr /></td></tr><tr>
<tr>
- <td class'base'><b>$Lang::tr{'ovpn dh parameters'}:</b></td>
+ <td class'base'><b>$Lang::tr{'ovpn dh parameters'}</b></td>
</tr>
<tr>
@@ -5367,9 +5412,6 @@ END
<td nowrap='nowrap'><size='15' align='left'/></td>
<td nowrap='nowrap'><input type='submit' name='ACTION' value='$Lang::tr{'generate dh key'}' /></td>
</tr>
- <tr>
- <td colspan='4' align='right'><input type='submit' name='ACTION' value='$Lang::tr{'show dh'}' /></td>
- </tr>
</table>
<tr><td colspan=4><hr /></td></tr><tr>
diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index 6d27012..5df9ba8 100644
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -635,6 +635,7 @@
'december' => 'Dezember',
'deep scan directories' => 'rekursiv scannen',
'def lease time' => 'Standardzeit für Zuordnung',
+'default' => 'Voreinstellung',
'default ip' => 'Standard IP-Adresse',
'default lease time' => 'Haltezeit-Voreinstellung in min:',
'default networks' => 'Standard Netzwerke',
@@ -666,6 +667,7 @@
'dh key move failed' => 'Verschieben der Diffie-Hellman-Parameter fehlgeschlagen.',
'dh key warn' => 'Das Generieren der Diffie-Hellman-Parameter mit 1024 oder 2048 Bit dauert üblicherweise mehrere Minuten. Schlüssellängen von 3072 oder 4096 Bit beanspruchen mehrere Stunden. Bitte haben Sie etwas Geduld.',
'dh key warn1' => 'Bei schwachen Systemen oder Systeme mit wenig Entropie wird empfohlen lange Diffie-Hellman-Parameter über die Upload-Funktion hochzuladen.',
+'dh parameter' => 'Diffie-Hellman-Parameter',
'dhcp advopt add' => 'DHCP Option hinzufügen',
'dhcp advopt added' => 'DHCP Option hinzugefügt',
'dhcp advopt blank value' => 'Wert für DHCP Option darf nicht leer sein',
@@ -768,6 +770,7 @@
'download' => 'herunterladen',
'download ca certificate' => 'CA-Zertifikat herunterladen',
'download certificate' => 'Zertifikate herunterladen',
+'download dh parameter' => 'Diffie-Hellman-Parameter herunterladen',
'download host certificate' => 'Host-Zertifikat herunterladen',
'download new ruleset' => 'Neuen Regelsatz herunterladen',
'download pkcs12 file' => 'PKCS12-Datei herunterladen',
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index f7bfcd8..e0686f3 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -657,6 +657,7 @@
'december' => 'December',
'deep scan directories' => 'Scan recursive',
'def lease time' => 'Default Lease Time',
+'default' => 'Default',
'default ip' => 'Default IP address',
'default lease time' => 'Default lease time (mins):',
'default networks' => 'Default networks',
@@ -689,6 +690,7 @@
'dh key warn' => 'Creating Diffie-Hellman parameters with lengths of 1024 or 2048 bits takes up to several minutes. Lengths of 3072 or 4096 bits might needs several hours. Please be patient.',
'dh key warn1' => 'For weak systems or systems with little entropy, it is recommended to upload long Diffie-Hellman parameters by usage of the upload function.',
'dh name is invalid' => 'Name is invalid, please use "dh1024.pem".',
+'dh parameter' => 'Diffie-Hellman parameters',
'dhcp advopt add' => 'Add a DHCP option',
'dhcp advopt added' => 'DHCP option added',
'dhcp advopt blank value' => 'DHCP Option value cannot be empty.',
@@ -794,6 +796,7 @@
'download' => 'download',
'download ca certificate' => 'Download CA certificate',
'download certificate' => 'Download certificate',
+'download dh parameter' => 'Download Diffie-Hellman parameters',
'download host certificate' => 'Download host certificate',
'download new ruleset' => 'Download new ruleset',
'download pkcs12 file' => 'Download PKCS12 file',
diff --git a/lfs/squid b/lfs/squid
index 1f1589d..e050b17 100644
--- a/lfs/squid
+++ b/lfs/squid
@@ -118,7 +118,8 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
--disable-wccpv2 \
--enable-icap-client \
--disable-esi \
- --enable-zph-qos
+ --enable-zph-qos \
+ --disable-arch-native
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
diff --git a/lfs/sudo b/lfs/sudo
index 7c3feab..9dd72fe 100644
--- a/lfs/sudo
+++ b/lfs/sudo
@@ -24,7 +24,7 @@
include Config
-VER = 1.8.10p1
+VER = 1.8.10p3
THISAPP = sudo-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 1d9c2bc5aaf02608343d17b9a666e8e1
+$(DL_FILE)_MD5 = fcd8d0d9f9f0397d076ee901e242ed39
install : $(TARGET)
@@ -79,7 +79,8 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
--with-env-editor \
--with-ignore-dot \
--with-tty-tickets \
- --with-passpromt="[sudo] password for %p: "
+ --with-passpromt="[sudo] password for %p: " \
+ --without-pam
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
@rm -rf $(DIR_APP)
hooks/post-receive
--
IPFire 2.x development tree