IPFire-SCM August 2024

ipfire-scm@lists.ipfire.org

1 participants
55 discussions

[git.ipfire.org] IPFire 2.x development tree branch, next, updated. 924ba58b50d59c3a8f2e5776fb51f088424a54a0
by Michael Tremer 09 Aug '24

09 Aug '24

This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, next has been updated via 924ba58b50d59c3a8f2e5776fb51f088424a54a0 (commit) via 99b2ac48afff1995a7e466b0ccfdabec97b1edb0 (commit) via 8057ad996567449419ea5bcb9e6b5f35121d2593 (commit) via 3192cd30368735257d1980caae7b3ed5a4d8f2d3 (commit) from 3341244feff069a4259f086a814ed6c1e2171146 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 924ba58b50d59c3a8f2e5776fb51f088424a54a0 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Fri Aug 9 14:23:50 2024 +0000 core188: Ship libcap Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 99b2ac48afff1995a7e466b0ccfdabec97b1edb0 Author: Adolf Belka <adolf.belka(a)ipfire.org> Date: Fri Aug 9 13:23:12 2024 +0200 libcap: Update to version 2.70 - Update from version 2.69 to 2.70 - Update of rootfile - sobump means following core packages need to be shipped arping cdrkit iproute2 iputils ntp squid udev and the following addons will be shipped with the pak_ver increments in the other patches that are part ofg this set avahi bacula cifs-utils dnsdist freeradius frr htop nfs rng-tools samba tor tshark vdr wavemon - Changelog 2.70 setcap changes to make it harder to set invalid file capabilities (Bug 217592\ reported by parke.nexus) Lots of documentation fixes (contributions from Jakub Wilk and Carlos Rodriguez-Fernandez) Fix c89 compilation syntax for the C code in the libraries. libpam has deprecated providing the _pam_overwrite() function, so use memset() instead Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org> Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 8057ad996567449419ea5bcb9e6b5f35121d2593 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Fri Aug 9 14:21:51 2024 +0000 core188: Ship libnet Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 3192cd30368735257d1980caae7b3ed5a4d8f2d3 Author: Adolf Belka <adolf.belka(a)ipfire.org> Date: Fri Aug 9 12:53:11 2024 +0200 libnet: Update to version 1.3 - Update from version 1.1.6 to 1.3 - Update of rootfile - sobump gives suricata and arping as dependencies so those packages also need to be shipped. - Changelog 1.3 ### Changes - License change of critical files from 4-clause BSD to 3-clause and 2-clause BSD. This fixes issue #85: "GPL license compatibility". - Migrate from Travis-CI (Linux) and Appveyor (Win32) to GitHub Actions - Win32 changes: - switch to npcap from winpcap - Simplify and update build scripts - Encode version in DLL instead of in filename - Add support for LLDP, mandatory TLVs. - Add support for Cisco UniDirectional Link Detection (UDLD), RFC5171 - Initial support for unit tests: - `libnet-build_ethernet()` - Complete UDLD API tests - Initial "devcontainer": provide VS Code development environment for rapid setup of a development environment - Run unit tests in GitHub Actions - New GitHub Action for FreeBSD 13 clang/gcc - Calling `libnet_init()` with a RAW type no longer sets a TX buffer max size. Use the new `libnet_setfd_max_sndbuf()` instead when needed. - Remove support for `SOCK_PACKET` sockets causing invalid builds on, e.g., musl libc. We assume everyone on Linux has `PF_PACKET` now. ### Fixes - Fix #139: fail-to-build-from-source on FreeBSD - Fix #122: unused parameter warnings - Fix #123: potential memory leak in `libnet_cq_add()` - Fix #124: potential name conflict with C++ keyword `new` - Fix #96: pointer type warnings when dumping raw data with `%p` - Fix #97: non-standard types: - `int64_t` instead of `__int64_t` for mingw cross build - `uint32_t` instead of `u_int` and `uint16_t` instead of `u_short` - Fix #98: lots of signed vs unsigned comparisons - Fix #102: possible buffer overflows in `libnet_plist_chain_dump_string()` - Reproducible build fixes for man-page generation, use LC_ALL=C and UTC - Simplify `fixmanpages` - Fix #120: possible NULL pointer dereference in `libnet_cq_add()` - Fix #120: memory leak in `libnet_plist_chain_new()` - Fix segmentation fault in `libnet_ifaddrlist()` - Fix #150: segfault when number of IPs > 512 1.2 ### Changes - Removed Lua bindings from repo and dist files, now available separately - Removed generated HTML and Nroff (man pages) documentation files, must be regenerated with Doxygen using `make doc` - Add `pkg-config` support with `libnet.pc`, replaces `libnet-config` tool, although it is kept for compatibility for now - Factorize socket setup code for socket opening to provide output device selection for IPv4 - Make `libnet_get_hwaddr()` work with 802.1q interfaces in bpf (BSD) - New API for OSPF HELLO messages, with neighbor ### Fixes - Use `getifaddrs()` on OpnBSD and Linux - For samples, `netinet/in.h` is not on windows - Fix errors with missing `IPPROTO_MH` on windows - Fix build error on Mac OS X - Fix #34 checksum caculation when IPv6 extension headers being used - Remove unneeded trailing `-Wl` from `-version-info` line - `libnet_build_snmp()` fix warning - Use `LIBNET_*RESOLVE` const in `libnet_name2addr*` - Fix i486 sample synflood6 warning - Some samples need `#include<netinet/in.h>` for `IPPROTO_*` on OpenBSD 5.2 - Fix gcc warnings - Check for `socklen_t`. Suggested by g.esp and Stefanos Harhalakis - libnet: update for obsolete INCLUDE directive - Fix warning inside comment - Automatic link options `#pragma comment(lib, ...)` are only for MSVC - Fix several warnings for MS C/C++ compiler - `libnet_open_raw4()` doesn't return a SOCKET on win32 - Fixes error messages sometimes include newline, sometimes not - Properly set `l->err_buf` if `libnet_ifaddrlist()` fails - dlpi: Try harder to find the device for the interface - dlpi: Correctly extract unit number from devices with numbers in their name - Make interface selection work for interfaces with multiple addresses - Fix memory leak, device list needs to freed after use - Fix file descriptor leak in `libnet_ifaddrlist()` - Fix `libnet_get_hwaddr()` for large(!) number of interfaces - Fix to support musl libc, removes support for GLIBC <2.1 - Fix win32 buffer overrun in `libnet_get_ipaddr4()` - Interface selection was ignoring interfaces with IPv6 - Use `LIBNET_API` on public functions, instead of an export file - Add Visual Studio 2010 project files, with build instructions - Define INET6 on IRIX, making libnet compile cleanly - Check for FreeBSD pre-11 before enabling `LIBNET_BSD_BYTE_SWAP` - Use `LIBNET_BSDISH_OS` and `LIBNET_BSD_BYTE_SWAP` on Darwin - Add BSD byteswap for Darwin. Otherwise `sendto(` returns `EINVAL` - `netinet/in.h` is needed for `IPPROTO_` and `sockaddr_in` Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org> Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> ----------------------------------------------------------------------- Summary of changes: config/rootfiles/common/libcap | 8 +++++--- config/rootfiles/common/libnet | 14 ++++++++------ .../rootfiles/{oldcore/104 => core/188}/filelists/libcap | 0 config/rootfiles/{oldcore/91 => core/188}/filelists/libnet | 0 lfs/libcap | 6 +++--- lfs/libnet | 9 +++++---- 6 files changed, 21 insertions(+), 16 deletions(-) copy config/rootfiles/{oldcore/104 => core/188}/filelists/libcap (100%) copy config/rootfiles/{oldcore/91 => core/188}/filelists/libnet (100%) Difference in files: diff --git a/config/rootfiles/common/libcap b/config/rootfiles/common/libcap index f331e2a43..ea90c7564 100644 --- a/config/rootfiles/common/libcap +++ b/config/rootfiles/common/libcap @@ -4,12 +4,12 @@ sbin/getpcaps sbin/setcap #usr/include/sys/capability.h #usr/include/sys/psx_syscall.h -usr/lib/libcap.so +#usr/lib/libcap.so usr/lib/libcap.so.2 -usr/lib/libcap.so.2.69 +usr/lib/libcap.so.2.70 #usr/lib/libpsx.so #usr/lib/libpsx.so.2 -usr/lib/libpsx.so.2.69 +usr/lib/libpsx.so.2.70 #usr/lib/pkgconfig/libcap.pc #usr/lib/pkgconfig/libpsx.pc #usr/lib/security @@ -88,7 +88,9 @@ usr/lib/security/pam_cap.so #usr/share/man/man3/psx_syscall.3 #usr/share/man/man3/psx_syscall3.3 #usr/share/man/man3/psx_syscall6.3 +#usr/share/man/man5/capability.conf.5 #usr/share/man/man8/captree.8 #usr/share/man/man8/getcap.8 #usr/share/man/man8/getpcaps.8 +#usr/share/man/man8/pam_cap.8 #usr/share/man/man8/setcap.8 diff --git a/config/rootfiles/common/libnet b/config/rootfiles/common/libnet index ffa20fd0e..07d741391 100644 --- a/config/rootfiles/common/libnet +++ b/config/rootfiles/common/libnet @@ -9,9 +9,11 @@ #usr/include/libnet/libnet-types.h #usr/lib/libnet.a #usr/lib/libnet.la -usr/lib/libnet.so -usr/lib/libnet.so.1 -usr/lib/libnet.so.1.7.0 -#usr/share/man/man3/libnet-functions.h.3 -#usr/share/man/man3/libnet-macros.h.3 -#usr/share/man/man3/libnet.h.3 +#usr/lib/libnet.so +usr/lib/libnet.so.9 +usr/lib/libnet.so.9.0.0 +#usr/lib/pkgconfig/libnet.pc +#usr/share/doc/libnet +#usr/share/doc/libnet/ChangeLog.md +#usr/share/doc/libnet/LICENSE +#usr/share/doc/libnet/README.md diff --git a/config/rootfiles/core/188/filelists/libcap b/config/rootfiles/core/188/filelists/libcap new file mode 120000 index 000000000..ed67d950a --- /dev/null +++ b/config/rootfiles/core/188/filelists/libcap @@ -0,0 +1 @@ +../../../common/libcap \ No newline at end of file diff --git a/config/rootfiles/core/188/filelists/libnet b/config/rootfiles/core/188/filelists/libnet new file mode 120000 index 000000000..26e5f7924 --- /dev/null +++ b/config/rootfiles/core/188/filelists/libnet @@ -0,0 +1 @@ +../../../common/libnet \ No newline at end of file diff --git a/lfs/libcap b/lfs/libcap index 951ed80dc..51e32f9c6 100644 --- a/lfs/libcap +++ b/lfs/libcap @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2023 IPFire Team <info(a)ipfire.org> # +# Copyright (C) 2007-2024 IPFire Team <info(a)ipfire.org> # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@ include Config -VER = 2.69 +VER = 2.70 THISAPP = libcap-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 94d1fef7666a1c383a8b96f1f6092bd242164631532868b628d2f5de71b42a371d041a978ef7fbadfee3eeb433165444995d1078cd790275bc0433a7875a697e +$(DL_FILE)_BLAKE2 = 77b72acee53032117ea481e3380d1b497f9264b6193b9523542508c7c3e46070248ca4ed910d35809ce6e52caa60cbb31edb125c47221627eeda35c61bd0914b install : $(TARGET) diff --git a/lfs/libnet b/lfs/libnet index 7768d9fae..7f44f2f1e 100644 --- a/lfs/libnet +++ b/lfs/libnet @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2018 IPFire Team <info(a)ipfire.org> # +# Copyright (C) 2007-2024 IPFire Team <info(a)ipfire.org> # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@ include Config -VER = 1.1.6 +VER = 1.3 THISAPP = libnet-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 328ff98701fc19dc4f717e47ad5bc490741b248588eadc196de16b66ffa2df27ce58105c704d640fa6d93ba254259d4e90d03babdb33fc0f1f0e2b18ed448c4b +$(DL_FILE)_BLAKE2 = b43f15143e6a1de3350b814d7acd4a41d61eb08e6dfeb729868e55f65c445942ae52905953f3a4fad00402b47fc5119634233ea3ae28806c1869bb34ef6fba9b install : $(TARGET) @@ -71,7 +71,8 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) $(UPDATE_AUTOMAKE) - cd $(DIR_APP) && ./configure --prefix=/usr + cd $(DIR_APP) && ./configure \ + --prefix=/usr cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install @rm -rf $(DIR_APP) hooks/post-receive -- IPFire 2.x development tree

1 0

[git.ipfire.org] IPFire 2.x development tree branch, next, updated. 3341244feff069a4259f086a814ed6c1e2171146
by Michael Tremer 09 Aug '24

09 Aug '24

This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, next has been updated via 3341244feff069a4259f086a814ed6c1e2171146 (commit) via 0382036f71b1f57ebcb7fc9ca82178cb80d33869 (commit) via 05971bd7d0d9a6195824c54afe970f2791125971 (commit) via efd4db4bb016bd282e1f9442f908a1c61139bca5 (commit) via 31f0c0b2896d6c2c49cf22f9444df03ee26424dc (commit) via f389d702dc647df2b72c440fb5cb0bce2ac640ac (commit) via 42d514370a4ebf063f8153e36dcc045f645d075e (commit) via c80163aad261230f981a99da753cdcc3f70be454 (commit) via 157b603528ae0f02a34f396cd49371ac35e3b2a2 (commit) via b2d848bd819ce551ff3b58d27507c18a1e1aa491 (commit) via 0a942376687049e6bcce8c1e5f18c5c505d0810b (commit) via 1e639a1dfa86011656001c9612d11d7bdcfca1cb (commit) via 7e6ba7113752e724ce5dc92e432af9b05eb0aef0 (commit) via f6e2ccf3ab33e8680705f82aed54218ca6675b71 (commit) from ecacbaacbad42545e2e41838ed9c50ac5ae42cb0 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 3341244feff069a4259f086a814ed6c1e2171146 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Fri Aug 9 10:41:37 2024 +0000 core188: Ship libgcrypt Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 0382036f71b1f57ebcb7fc9ca82178cb80d33869 Author: Adolf Belka <adolf.belka(a)ipfire.org> Date: Fri Aug 9 12:37:34 2024 +0200 netatalk: Update to version 3.2.5 - Update from version 3.1.2 to 3.2.5 - Update of rootfile - Change to meson build - Bundled libevent was removed in 3.1.13 so configure option no longer needed. - The latest netatalk places the prefix value onto all other directories. No way to change this via the meson options. So sysconfdir and localstatedir would end up being under /usr. Patch created to remove the prefix value at the beginning of sysconfdir and localstatedir so that the locations stay the same as for the previous versions. - The default value for pam.d is in /usr/etc/ but option available to change this. - Large number of CVE fixes in some of the updates - 3.2.1, 3.1.18, 3.1.17, 3.1.16, 3.1.15, 3.1.13, 3.1.12, - Changelog 3.2.5 * BREAKING: meson: Allow choosing shared or static libraries to build, GitHub #1321 In practice, only shared libraries are built by default now. Use the `default_library' option to control what is built. * FIX: meson: Control the MySQL CNID backend, and support MariaDB, GitHub #1341 Introduces a new boolean `with-cnid-mysql-backend' option. * FIX: meson: Implement with-init-dir option, GitHub #1346 * FIX: autotools/meson: Install FreeBSD init script into correct location, GitHub #1345 * FIX: meson: Fix syntax error with libiconv path, GitHub #1279 * FIX: meson: Correct description for with-manual option, GitHub #1282 * FIX: meson: Correct prefix lookup for tracker-control, GitHub #1284 * FIX: meson: default OPEN_NOFOLLOW_ERRNO overwrites platform customization, GitHub #1286 * FIX: meson: Don't make dtags depend on rpath, GitHub #1293 * FIX: meson: Remove duplicate dependency check for posix threads, GitHub #1297 * FIX: meson: Better output when cryptographic UAMs aren't built, GitHub #1302 * FIX: meson: Prioritize tests and run single-threaded to avoid race condition, GitHub #1312 * FIX: meson: Better way to handle rpath executable targets, GitHub #1315 * FIX: meson: Refactor libcrypto check and print better status messages, GitHub #1299 * FIX: meson: Look for libmariadb dependency to appease Fedora, GitHub #1348 * FIX: meson: Declare have_atfuncs globally to avoid failure later, GitHub #1357 * FIX: meson: Do a compiler sanity check before header checks, GitHub #1356 * FIX: Avoid using reserved keyword to build the tests on NetBSD, GitHub #1328 3.2.4 * UPD: autotools: Restore ABI versioning of libatalk, and set it to 18.0.0, GitHub #1261 * UPD: meson: Define long-form soversion as 18.0.0, GitHub #1256 Previously, only `18' was defined. * NEW: meson: Introduce pkgconfdir override option, GitHub #1241 The new option is called `with-pkgconfdir-path' and is analogous to the `with-pkgconfdir' Autotools option. Additionally, the hard-coded "netatalk" path suffix has been removed. * NEW: meson: Introduce `debian' init style option that installs both sysv and systemd, GitHub #1239 * FIX: meson: Add have_atfuncs check, and make dtags dependent on rpath flag, GitHub #1236 * FIX: meson: Correct overwrite install logic for config files, GitHub #1253 * FIX: Fix typo in netatalk_conf.c log message 3.2.3 * UPD: Record note of permission to upgrade CNID code to a later GPL, GitHub #1194 * UPD: Remove long-obsoleted cnid2_create script, GitHub #1203 * UPD: docker: Add option to enable ClearText and Guest UAMs, GitHub #1202 * FIX: docs: Standardize reference entry naming for netatalk-config man page, GitHub #1208 * FIX: meson: Generate afppasswd manual html page, GitHub #1210 * UPD: meson: Remove obsolete 64 bit library check, GitHub #1207 * FIX: meson: Enable rpath for binaries only when with-rpath is enabled, GitHub #1214 * FIX: meson: Require kerberos before enabling krb5 UAM, not just GSSAPI, GitHub #1218 * FIX: meson: Restore linking with 64-bit libdb on Solaris, GitHub #1222 * FIX: meson: Fixing linking when building with the `with-ssl-override' option, GitHub #1227 3.2.2 * UPD: meson: Use external SSL dependency to provide cast header, GitHub #1186 This reintroduces OpenSSL/LibreSSL as a dependency for the DHX UAM, while removing all source files with the SSLeay copyright notice. * UPD: meson: Add option to override system WolfSSL with embedded WolfSSL: `with-ssl-override', GitHub #1176 * UPD: Remove obsolete Red Hat Upstart and SuSE SysV init scripts, GitHub #1163 * FIX: meson: Fix errors in PAM support macro, GitHub #1178 * FIX: meson: Fix perl shebang substitution in cnid2_create script, GitHub #1183 * FIX: meson: Fix operation of D-Bus path macros, GitHub #1182 * FIX: meson: Fix errors in shadow password macro, GitHub #1192 * FIX: autotools: gcc 8.5 expects explicit library flags for libgcrypt, GitHub #1188 * NEW: Create a security policy, GitHub #1166 3.2.1 * FIX: CVE-2024-38439,CVE-2024-38440,CVE-2024-38441: Harden user login, GitHub #1158 * BREAKING: meson: Rework option semantics and feature macros, GitHub #1099 - Consistent syntax of the build options to make them user-friendly - Standardises the syntax of the feature macros - Fixes the logic of the largefile support macro - Disables gssapi support if the Kerberos V UAM is not required - All options are now defined either as `with-*' or `with-*-path' - Please see the Release Notes for a full list of changed options * UPD: meson: Enable building with system WolfSSL library, GitHub #1160 - Build system will attempt to detect that all required headers and symbols are supported - Falls back to the bundled WolfSSL library * FIX: meson: Fix -Doption paths on systems where rpath is enabled by default, GitHub #1053 * FIX: meson: Fix library search macro on OmniOS hosts, GitHub #1056 * FIX: meson: Fix rules for installing scripts, GitHub #1070 - Install afpstats only when Perl is detected - Don't install scripts only used by netatalk developers * FIX: meson: set setuid bit to allow user afppasswd changing, GitHub #1071 * FIX: meson: Fix logic of libiconv detection macro, GitHub #1075 * FIX: meson: Address various issues with the meson build system, GitHub #1082 - Enables quota support on all flavours of linux and BSD, plus macOS - Adds the quota provider to the configuration summary - Adds a user option to disable LDAP support - Sets dependencies according to user configuration - Improves the syntax of the ACL macro * FIX: meson: Further refinements to meson build system, GitHub #1086 - Adds user options to disable cracklib and GSSAPI support - Automates Berkeley DB library detection on macOS * FIX: meson: Fix issues with quota support on linux and macOS, GitHub #1092 - Enables quota support on macOS hosts - Restores missing configuration option for linux hosts - Removes obsolete quota configuration data for linux and macOS hosts * FIX: meson: Set executable flags when installing scripts, GitHub #1117 * UPD: autotools and meson: Use pkg-config to find libgcrypt, GitHub #1132 - This removes dependency on the now-obsolete libgcrypt-config * FIX: Use portable linux macro in etc/afpd header, GitHub #1083 * UPD: Debian Trixie expects systemd scripts in /usr/lib, GitHub #1135 * UPD: Add copyright for mac_roman.h, GitHub #1137 * FIX: Cleanup of copyright headers to make them scanner friendly, GitHub #1142 * FIX: Remove unused atalk/talloc.h header, GitHub #1154 * FIX: docker: Don't bail out when password is longer than 8 chars, GitHub #1067 * UPD: docker: Bump to Alpine 3.20 base image, GitHub #1111 * FIX: docker: Rework AFP user's GROUP and GID settings, GitHub #1116 - GID now requires GROUP to be set, and applies to that group rather than that of the user. * UPD: docs: Indicate license for software package, and add SSLeay notice, GitHub #1125 * FIX: docs: Rephrase tarball section of manual, GitHub #1164 3.2.0 * NEW: BREAKING: Introduce the Meson build system, GitHub #707 GNU Autotools is still supported, but will be removed in a future release. See the newly added INSTALL file. * NEW: BREAKING: Bundle WolfSSL for DHX/RandNum UAM encryption, GitHub #358 This is enabled by default, controlled by option "-Dwith-embedded-ssl" Requires the Meson build system. External OpenSSL 1.1 and LibreSSL are still supported. * NEW: BREAKING: LDAP API bump, OpenLDAP v2.3 or later required, GitHub #762 afp.conf option "ldap server" has been replaced with "ldap uri" and has a new syntax. See the manual for details. * UPD: BREAKING: Remove legacy cdb and tdb CNID backends, GitHub #508 * UPD: BREAKING: Remove Andrew File System (AFS) support, GitHub #554 * UPD: BREAKING: Remove bundled talloc, GitHub #479 For Spotlight support, use the talloc library supplied by your OS, or get the source code from the Samba project and build it yourself. * UPD: BREAKING: Remove generated SPARQL code, GitHub #337 This introduces a compile time dependency on a yacc parser and a lexer to build with Spotlight support. * UPD: BREAKING: Rename macOS launchd plist to io.netatalk.*, GitHub #778 Note: Only the Meson build system will clean up the old plist. * UPD: BREAKING: Renamed Gentoo init script to openrc, GitHub #868 OpenRC is cross platform; confirmed working on Alpine Linux. * NEW: FreeBSD init script, borrowed from FreeBSD ports, GitHub #876 Special thanks to the author, Joe Marcus Clarke. * NEW: OpenBSD init script, GitHub #870 * NEW: Introduce an official Dockerfile and entry script, GitHub #713 * NEW: Option to log to file with second (not us) accuracy, GitHub #580 Enable with afp.conf option: "log microseconds = no" * NEW: Option to add delay to FCE event emission, GitHub #849 Set a ms delay with afp.conf option: "fce sendwait" * NEW: afppasswd: Add -w option to set password from the CLI, GitHub #936 * NEW: docs: Distribute a manual appendix with the GNU GPL v2, GitHub #745 * NEW: docs: Distribute the Japanese localization of the manual, GitHub #806 * NEW: docs: Generate a manual appendix with build instructions, GitHub #791 The appendix is generated from the GitHub CI workflow yaml file. * UPD: docs: Document libraries, init scripts in manual, GitHub #808 * UPD: docs: Remove substituted file system paths from manual, GitHub #514 * FIX: afpd: Prevent theoretical crash in FPSetACL, GitHub #364 * FIX: libatalk: Fix parsing of macOS-created AppleDouble files, GitHub #270 * FIX: libatalk: Restore invalid EA metadata cleanup, GitHub #400 * FIX: quota: Use the NetBSD 6 quota API, GitHub #1028 * FIX: quota: Workaround for rquota.h symbol name on Fedora 40, GitHub #1040 * FIX: uams: Allow linking of the PGP UAM, GitHub #548 * FIX: Shore up error handling and type safety, GitHub #952 * UPD: Rewrite the afpstats script in Perl, GitHub #893 And, improve the formatting of the standard output. Requires the Net::DBus Perl extension. This removes the effective dependency on a Python runtime. * UPD: Make Perl and grep optional requirements, GitHub #886 When either is missing, do not install the optional Perl scripts. * NEW: Build system option "disable-init-hooks", GitHub #796 Will skip init script enablement commands that require elevated privileges on the system. * FIX: Make cracklib macro properly detect dictionary, GitHub #940 * FIX: Build with PAM support on FreeBSD 14, GitHub #560 * FIX: Allow libevent2 linking on OpenIndiana, GitHub #512 * FIX: Control all Spotlight dependencies at compile time, GitHub #571 * UPD: Remove redundant AUTHORS file, GitHub #538 3.1.18 * FIX: CVE-2022-22995: Harden create_appledesktop_folder(), GitHub #480 * FIX: Disable dtrace support on aarch64 FreeBSD hosts, Github #498 * FIX: Correct syntax for libwrap check in tcp-wrappers.m4, GitHub #500 * FIX: Correct syntax for libiconv check in iconv.m4, GitHub #491 * FIX: quota is not supported on macOS, GitHub #492 3.1.17 * FIX: CVE-2023-42464: Validate data type in dalloc_value_for_key(), GitHub #486 * FIX: Declare a variable before using it in a loop, which was throwing off the default compiler on RHEL7, GitHub #481 * UPD: Distribute tarballs with xz compression by default, not gzip, GitHub #478 * UPD: Add AUTHOR sections to all man pages with a reference to CONTRIBUTORS, and standardize headers and footers, GitHub #462 3.1.16 * FIX: libatalk: Fix CVE-2022-23121, CVE-2022-23123 regression - Added guard check before access ad_entry(), GitHub#357 - Allow zero length entry, for AppleDouble specification, GitHub#368 - Remove special handling for COMMENT entries, GitHub#236 - The assertion for invalid entires is still enabled, so please report any future "Invalid metadata EA" errors! * FIX: build system: Fix autoconf warnings and modernize bootstrap and configure.ac, GitHub#331 * FIX: build system: Correct syntax in libevent search macro, summary macro and netatalk executable makefile, GitHub#342 * FIX: build system: Fix native libiconv detection on macOS, GitHub#343 * FIX: build system: Use non-interactive PAM session when available, GitHub#361 * FIX: build system: Fix detection of Berkeley DB installed in multiarch location, GitHub#380 * FIX: build system: Fix support for cross-compilation with mysql_config and dtrace, GitHub#384 * FIX: build system: Support building quota against libtirpc, GitHub#385 * FIX: build system: Fix variable substitution in configure summary, GitHub#443 * UPD: build system: Remove ABI checks and the --enable-developer option, GitHub#262 * FIX: initscript: Improvements to Debian SysV init script - Source init-functions, GitHub#386 - Add a Description and Short-Description, GitHub#428 * FIX: docs: Clarify localstate dir configurability in manual, GitHub#401 * UPD: docs: Make BerkeleyDB 5.3.x the recommended version, GitHub#8 * FIX: docs: Update SourceForge URLs to fix CSS styles and download links * FIX: docs: Remove obsoleted bug reporting sections, GitHub#455 * FIX: Sundry typo fixes in user visible strings and docs, GitHub#381, GitHub#382 * UPD: Rename asip-status.pl as asip-status to make naming implementation-agnostic, GitHub#379 * UPD: Remove redundant uid.c|h files in etc/afpd * UPD: Don't build and distribute deprecated cnid2_create tool, GitHub#412 * UPD: Remove deprecated megatron code and man page, GitHub#456 * UPD: Remove deprecated uniconv code and man page, GitHub#457 * UPD: Improvements to the GitHub CI workflow 3.1.15 * FIX: CVE-2022-43634 * FIX: CVE-2022-45188 * NEW: Support for macOS hosts, Intel and Apple silicon, GitHub#281 * FIX: configure.ac: update deprecated autoconf syntax * UPD: configure.ac: Support linking with system shared libraries Introduces the --with-talloc option * FIX: macros: largefile-check macro for largefile (clang 16) * UPD: macros: Update pthread macro to the latest from gnu.org * FIX: initscripts: Modernize Systemd service file. * FIX: libatalk/conf: include sys/file.h for LOCK_EX * FIX: libatalk: Change log level for realpath() error, SF bug#666 * FIX: libatalk: Change log level for real_name error, SF bug#596 * FIX: libatalk: The my_bool type is deprecated as of MySQL 8.0.1, GitHub#129 * UPD: libatalk: allow afpd to read read-protected afp.conf, SF bug#546 * UPD: libatalk: Make the "valid users" option work in the Homes section, SF bug#449 * UPD: libatalk: Check that FPDisconnectOldSession is successful, SF bug#634 * UPD: libatalk: Bring iniparser library codebase in line with current version 4.1 * FIX: afpd: Provide MNTTYPE_NFS on OmniOS to make quota work, GitHub#117 * FIX: afpd: Avoid triggering realpath() lookups with empty path, GitHub#277 * FIX: spotlight: Spotlight searches can cause afpd to segfault, GitHub#56 * UPD: spotlight: add support for tracker3, SF patch#147 * FIX: macusers: Fix output for long usernames * FIX: macusers: account for usernames with non-word characters * FIX: macusers: Support NetBSD * FIX: Fix all function declarations without a prototype * FIX: Fix C99 compliance issues * FIX: Fix gcc10 compiler warnings * UPD: Remove acsiidocs sources and release notes script * FIX: manpages: afp.conf: Parameters are not quoted, SF bug#617 * FIX: manpages: afp.conf: Document $u in home name, GitHub#123 * FIX: manpages: afp.conf: Document the usage of guest user, GitHub#298 * FIX: Document how the mysql cnid backend is configured, GitHub#69 * FIX: Fix user-visible typos in log output and man pages. * FIX: Fix spelling, syntax, and dead URLs in html manual. * NEW: Create README.md * NEW: Set up GitHub workflow and static analysis with Sonarcloud 3.1.14 * FIX: fix build with libressl >= 2.7.0, GitHub#105 * NEW: Added Ignore Directories Feature * UPD: Generate Unicode source code based on Unicode 14.0, GitHub#114 * FIX: Protect against removing AFP metadata xattr * FIX: avoid setting adouble entries on symlinks * FIX: add handling for cases where ad_entry() returns NULL, GitHub#175 * FIX: Fix setting of LD_LIBRARY_FLAGS ($shlibpath_var). * FIX: afpstats: Fedora migrating away from IO::Socket::INET6, GitHub#130 * FIX: afpd: check return values from setXXid() functions, GitHub#115 * FIX: afpd: drop groups in become_user_permanently(), GitHub#126 * FIX: Fix use after free in get_tm_used() * FIX: Fix sign extension problem in bsd_attr_list() * FIX: Fix garbage read in bsd_attr_list * FIX: make afpstats python 3 compatible * UPD: docs: manual: Remove wrong TCP-over-TCP info; minor copy editing * FIX: configure.ac: fix macro ordering for CentOS 6 * FIX: configure.ac: fix typo * FIX: configure.ac: remove some trailing whitespace * FIX: configure.ac: fix deprecated macro invocation * FIX: configure.ac: replace obsolete macro * FIX: libatalk/dsi/Makefile.am: fix deprecation warning * FIX: Store AutoMake helper script in build-aux/ * FIX: configure.ac: define a dir for macros * FIX: configure.ac: AM_CONFIG_HEADER is deprecated * FIX: autotools: Fix another deprecation warning * FIX: libgcrypt typo in configuration error message * UPD: Various CI improvements * FIX: libatalk/conf: re-generation of afp_voluuid.conf * UPD: libatalk/conf: code cleanup and add locking to get_vol_uuid() * UPD: add documentation for the lv_flags_t * FIX: No need to check for attropen on Solaris, GitHub#44 3.1.13 * FIX: CVE-2021-31439 * FIX: CVE-2022-23121 * FIX: CVE-2022-23123 * FIX: CVE-2022-23122 * FIX: CVE-2022-23125 * FIX: CVE-2022-23124 * FIX: CVE-2022-0194 * FIX: afpd: make a variable declaration a definition * UPD: Remove bundled libevent 3.1.12 * FIX: dhx uams: build with LibreSSL, GitHub#91 * FIX: various spelling errors * FIX: CVE-2018-1160 3.1.11 * NEW: Global option "zeroconf name", FR#99 * NEW: show Zeroconf support by "netatalk -V", FR#100 * UPD: gentoo: Switch openrc init script to openrc-run, GitHub#77 * FIX: log message: name of function doese not match, GitHub#78 * UPD: volume capacity reporting to match Samba behavior, GitHub#83 * FIX: debian: sysv init status command exits with proper exit code, GitHub#84 * FIX: dsi_stream_read: len:0, unexpected EOF, GitHub#82 * UPD: dhx uams: OpenSSL 1.1 support, GitHub#87 3.1.10 * FIX: cannot build when ldap is not defined, bug #630 * FIX: SIGHUP can cause core dump when mdns is enabled, bug #72 * FIX: Solaris: stale pid file puts netatalk into maintenance mode, bug #73 * FIX: dsi_stream_read: len:0, unexpected EOF, bug #633 3.1.9 * FIX: afpd: fix "admin group" option * NEW: afpd: new options "force user" and "force group" * FIX: listening on IPv6 wildcard address may fail if IPv6 is disabled, bug #606 * NEW: LibreSSL support, FR #98 * FIX: cannot build when acl is not defined, bug #574 * UPD: configure option "--with-init-style=" for Gentoo. "gentoo" is renamed to "gentoo-openrc". "gentoo-openrc" is same as "openrc". "gentoo-systemd" is same as "systemd". * NEW: configure option "--with-dbus-daemon=PATH" for Spotlight feature * UPD: use "tracker daemon" command instead of "tracker-control" command if Gnome Tracker is the recent version. * NEW: configure options "--enable-rpath" and "--disable-rpath" which can be used to force setting of RPATH (default on Solaris/NetBSD) or disable it. * NEW: configure option "--with-tracker-install-prefix" allows setting an alternate install prefix for tracker when cross-compiling. * UPD: asip-status.pl: IPv6 support * UPD: asip-status.pl: show GSS-UAM SPNEGO blob * FIX: afpd: don't use network IDs without LDAP, bug #621 * FIX: afpd: reading from file may fail, bug #619 * NEW: AFP clients should not be able to copy or manipulate special extended attributes set by NFS and SMB servers on Solaris, issue #36 * FIX: ad: ad cp may crash, bug #622 * UPD: Update Unicode support to version 9.0.0 3.1.8 * FIX: CNID/MySQL: Quote UUID table names. https://sourceforge.net/p/netatalk/bugs/585/ * FIX: Crash in cnid_metad, bug #593 * UPD: Update Unicode support to version 8.0.0 * FIX: larger server side copyfile buffer for improved IO performance, bug #599 * NEW: afpd: new option "ea = samba". Use Samba vfs_streams_xattr compatible xattrs which means adding a 0 byte at the end of xattrs. * FIX: remove #541 workaround patch. There was this problem with only early Fedora 20. * FIX: rpmbuild fails on Fedora x86_64, bug #598 * FIX: Listen on IPv6 wildcard address by default, bug #602 * FIX: FCE protocol version 1 packets, bug #603 * UPD: Update list of BerkeleyDB versions searched at configure time 3.1.7 * UPD: Spotlight: enhance behaviour for long running queries, client will now show "progress wheel" while waiting for first results. * FIX: netatalk: fix a crash on Solaris when registering with mDNS * FIX: netatalk: SIGHUP would kill the process instead of being resent to the other Netatalk processes, bug #579 * FIX: afpd: Solaris locking problem, bug #559 * FIX: Handling of malformed UTF8 strings, bug #524 * FIX: afpd: umask handling, bug #576 * FIX: Spotlight: Limiting searches to subfolders, bug #581 * FIX: afpd: reloading logging config may result in privilege escalation in afpd processes * FIX: afpd: ACL related error messages, now logged with loglevel debug instead of error * FIX: cnid_metad: fix tsockfd_create() return value on error * FIX: CNID/MySQL: volume table name generation, bug #566. 3.1.6 * FIX: Spotlight: fix for long running queries * UPD: afpd: distribute SIGHUP from parent afpd to children and force reload shares * FIX: netatalk: refresh Zeroconf registration when receiving SIGHUP * NEW: configure option "--with-init-style=debian-systemd" for Debian 8 jessie and later. "--with-init-style=debian" is renamed "--with-init-style=debian-sysv". 3.1.5 * FIX: Spotlight: several important fixes 3.1.4 * FIX: afpd: Hangs in Netatalk which causes it to stop responding to connections, bug #572. * NEW: afpd: new option "force xattr with sticky bit = yes|no" (default: no), FR #94 * UPD: afpd: FCE version 2 with new event types and new config options "fce ignore names" and "fce notify script" * UPD: afpd: check for modified included config file, FR #95. * UPD: libatalk: logger: remove flood protection and allocate messages * UPD: Spotlight: use async Tracker SPARQL API * NEW: afpd: new option "case sensitive = yes|no" (default: yes) In spite of being case sensitive as a matter of fact, netatalk 3.1.3 and earlier did not notify kCaseSensitive flag to the client. Now, it is notified correctly by default, FR #62. 3.1.3 * UPD: Spotlight: more SPARQL query optimisations * UPD: Spotlight: new options "sparql results limit", "spotlight attributes" and "spotlight expr" * FIX: afpd: Unarchiving certain ZIP archives fails, bug #569 * UPD: Update Unicode support to version 7.0.0 * FIX: Memory overflow caused by 'basedir regex', bug #567 * NEW: afpd: delete empty resource forks, from FR #92 * FIX: afpd: fix a crash when accessing ._ AppleDouble files created by OS X via SMB, bug #564 * FIX: afpd and dbd: Converting from AppleDouble v2 to ea may corrupt the resource fork. In some circumstances an offset calculation is wrong resulting in corrupt resource forks after the conversion. Bug #568. * FIX: ad: fix for bug #563 broke ad file utilities, bug #570. * NEW: afpd: new advanced option controlling permissions and ACLs, from FR #93 Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org> Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 05971bd7d0d9a6195824c54afe970f2791125971 Author: Adolf Belka <adolf.belka(a)ipfire.org> Date: Fri Aug 9 12:37:33 2024 +0200 libgcrypt: Update to version 1.11.0 - Update from version 1.10.3 to 1.11.0 - Update of rootfile - Update of libgcrypt requires an update of netatalk as old version will not build with libgcrypt-1.11.0 - Changelog 1.11.0 * New and extended interfaces: - Add an API for Key Encapsulation Mechanism (KEM). [T6755] - Add Streamlined NTRU Prime sntrup761 algorithm. [rCcf9923e1a5] - Add Kyber algorithm according to FIPS 203 ipd 2023-08-24. [rC18e5c0d268] - Add Classic McEliece algorithm. [rC003367b912] - Add One-Step KDF with hash and MAC. [T5964] - Add KDF algorithm HKDF of RFC-5869. [T5964] - Add KDF algorithm X963KDF for use in CMS. [rC3abac420b3] - Add GMAC-SM4 and Poly1305-SM4. [rCd1ccc409d4] - Add ARIA block cipher algorithm. [rC316c6d7715] - Add explicit FIPS indicators for MD and MAC algorithms. [T6376] - Add support for SHAKE as MGF in RSA. [T6557] - Add gcry_md_read support for SHAKE algorithms. [T6539] - Add gcry_md_hash_buffers_ext function. [T7035] - Add cSHAKE hash algorithm. [rC065b3f4e02] - Support internal generation of IV for AEAD cipher mode. [T4873] * Performance: - Add SM3 ARMv8/AArch64/CE assembly implementation. [rCfe891ff4a3] - Add SM4 ARMv8/AArch64 assembly implementation. [rCd8825601f1] - Add SM4 GFNI/AVX2 and GFI/AVX512 implementation. [rC5095d60af4,rCeaed633c16] - Add SM4 ARMv9 SVE CE assembly implementation. [rC2dc2654006] - Add PowerPC vector implementation of SM4. [rC0b2da804ee] - Optimize ChaCha20 and Poly1305 for PPC P10 LE. [T6006] - Add CTR32LE bulk acceleration for AES on PPC. [rC84f2e2d0b5] - Add generic bulk acceleration for CTR32LE mode (GCM-SIV) for SM4 and Camellia. [rCcf956793af] - Add GFNI/AVX2 implementation of Camellia. [rC4e6896eb9f] - Add AVX2 and AVX512 accelerated implementations for GHASH (GCM) and POLYVAL (GCM-SIV). [rCd857e85cb4, rCe6f3600193] - Add AVX512 implementation for SHA512. [rC089223aa3b] - Add AVX512 implementation for Serpent. [rCce95b6ec35] - Add AVX512 implementation for Poly1305 and ChaCha20 [rCcd3ed49770, rC9a63cfd617] - Add AVX512 accelerated implementation for SHA3 and Blake2 [rCbeaad75f46,rC909daa700e] - Add VAES/AVX2 accelerated i386 implementation for AES. [rC4a42a042bc] - Add bulk processing for XTS mode of Camellia and SM4. [rC32b18cdb87, rCaad3381e93] - Accelerate XTS and ECB modes for Twofish and Serpent. [rCd078a928f5,rC8a1fe5f78f] - Add AArch64 crypto/SHA512 extension implementation for SHA512. [rCe51d3b8330] - Add AArch64 crypto-extension implementation for Camellia. [rC898c857206] - Accelerate OCB authentication on AMD with AVX2. [rC6b47e85d65] * Bug fixes: - For PowerPC check for missing optimization level for vector register usage. [T5785] - Fix EdDSA secret key check. [T6511] - Fix decoding of PKCS#1-v1.5 and OAEP padding. [rC34c2042792] - Allow use of PKCS#1-v1.5 with SHA3 algorithms. [T6976] - Fix AESWRAP padding length check. [T7130] * Other: - Allow empty password for Argon2 KDF. [rCa20700c55f] - Various constant time operation imporvements. - Add "bp256", "bp384", "bp512" aliases for Brainpool curves. - Support for the random server has been removed. [T5811] - The control code GCRYCTL_ENABLE_M_GUARD is deprecated and not supported any more. Please use valgrind or other tools. [T5822] - Logging is now done via the libgpg-error logging functions. [rCab0bdc72c7] Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org> Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit efd4db4bb016bd282e1f9442f908a1c61139bca5 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Fri Aug 9 10:40:43 2024 +0000 core188: Ship libjpeg Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 31f0c0b2896d6c2c49cf22f9444df03ee26424dc Author: Adolf Belka <adolf.belka(a)ipfire.org> Date: Fri Aug 9 12:05:38 2024 +0200 libjpeg: Update to version 3.0.3 - Update from version 2.1.4 to 3.0.3 - Update of rootfile - CVE fix in 3.0.0 - Changelog 3.0.3 1. Fixed an issue in the build system, introduced in 3.0.2, that caused all libjpeg-turbo components to depend on the Visual C++ run-time DLL when built with Visual C++ and CMake 3.15 or later, regardless of value of the `WITH_CRT_DLL` CMake variable. 2. The x86-64 SIMD extensions now include support for Intel Control-flow Enforcement Technology (CET), which is enabled automatically if CET is enabled in the C compiler. 3. Fixed a regression introduced by 3.0 beta2[6] that made it impossible for calling applications to supply custom Huffman tables when generating 12-bit-per-component lossy JPEG images using the libjpeg API. 4. Fixed a segfault that occurred when attempting to use the jpegtran `-drop` option with a specially-crafted malformed input image or drop image (specifically an image in which all of the scans contain fewer components than the number of components specified in the Start Of Frame segment.) 3.0.2 1. Fixed a signed integer overflow in the `tj3CompressFromYUV8()`, `tj3DecodeYUV8()`, `tj3DecompressToYUV8()`, and `tj3EncodeYUV8()` functions, detected by the Clang and GCC undefined behavior sanitizers, that could be triggered by setting the `align` parameter to an unreasonably large value. This issue did not pose a security threat, but removing the warning made it easier to detect actual security issues, should they arise in the future. 2. Introduced a new parameter (`TJPARAM_MAXMEMORY` in the TurboJPEG C API and `TJ.PARAM_MAXMEMORY` in the TurboJPEG Java API) and a corresponding TJBench option (`-maxmemory`) for specifying the maximum amount of memory (in megabytes) that will be allocated for intermediate buffers, which are used with progressive JPEG compression and decompression, optimized baseline entropy coding, lossless JPEG compression, and lossless transformation. The new parameter and option serve the same purpose as the `max_memory_to_use` field in the `jpeg_memory_mgr` struct in the libjpeg API, the `JPEGMEM` environment variable, and the cjpeg/djpeg/jpegtran `-maxmemory` option. 3. Introduced a new parameter (`TJPARAM_MAXPIXELS` in the TurboJPEG C API and `TJ.PARAM_MAXPIXELS` in the TurboJPEG Java API) and a corresponding TJBench option (`-maxpixels`) for specifying the maximum number of pixels that the decompression, lossless transformation, and packed-pixel image loading functions/methods will process. 4. Fixed an error ("Unsupported color conversion request") that occurred when attempting to decompress a 3-component lossless JPEG image without an Adobe APP14 marker. The decompressor now assumes that a 3-component lossless JPEG image without an Adobe APP14 marker uses the RGB colorspace if its component IDs are 1, 2, and 3. 3.0.1 1. The x86-64 SIMD functions now use a standard stack frame, prologue, and epilogue so that debuggers and profilers can reliably capture backtraces from within the functions. 2. Fixed two minor issues in the interblock smoothing algorithm that caused mathematical (but not necessarily perceptible) edge block errors when decompressing progressive JPEG images exactly two MCU blocks in width or that use vertical chrominance subsampling. 3. Fixed a regression introduced by 3.0 beta2[6] that, in rare cases, caused the C Huffman encoder (which is not used by default on x86 and Arm CPUs) to generate incorrect results if the Neon SIMD extensions were explicitly disabled at build time (by setting the `WITH_SIMD` CMake variable to `0`) in an AArch64 build of libjpeg-turbo. 3.0.0 1. The TurboJPEG API now supports 4:4:1 (transposed 4:1:1) chrominance subsampling, which allows losslessly transposed or rotated 4:1:1 JPEG images to be losslessly cropped, partially decompressed, or decompressed to planar YUV images. 2. Fixed various segfaults and buffer overruns (CVE-2023-2804) that occurred when attempting to decompress various specially-crafted malformed 12-bit-per-component and 16-bit-per-component lossless JPEG images using color quantization or merged chroma upsampling/color conversion. The underlying cause of these issues was that the color quantization and merged chroma upsampling/color conversion algorithms were not designed with lossless decompression in mind. Since libjpeg-turbo explicitly does not support color conversion when compressing or decompressing lossless JPEG images, merged chroma upsampling/color conversion never should have been enabled for such images. Color quantization is a legacy feature that serves little or no purpose with lossless JPEG images, so it is also now disabled when decompressing such images. (As a result, djpeg can no longer decompress a lossless JPEG image into a GIF image.) 3. Fixed an oversight in 1.4 beta1[8] that caused various segfaults and buffer overruns when attempting to decompress various specially-crafted malformed 12-bit-per-component JPEG images using djpeg with both color quantization and RGB565 color conversion enabled. 4. Fixed an issue whereby `jpeg_crop_scanline()` sometimes miscalculated the downsampled width for components with 4x2 or 2x4 subsampling factors if decompression scaling was enabled. This caused the components to be upsampled incompletely, which caused the color converter to read from uninitialized memory. With 12-bit data precision, this caused a buffer overrun or underrun and subsequent segfault if the sample value read from uninitialized memory was outside of the valid sample range. 5. Fixed a long-standing issue whereby the `tj3Transform()` function, when used with the `TJXOP_TRANSPOSE`, `TJXOP_TRANSVERSE`, `TJXOP_ROT90`, or `TJXOP_ROT270` transform operation and without automatic JPEG destination buffer (re)allocation or lossless cropping, computed the worst-case transformed JPEG image size based on the source image dimensions rather than the transformed image dimensions. If a calling program allocated the JPEG destination buffer based on the transformed image dimensions, as the API documentation instructs, and attempted to transform a specially-crafted 4:2:2, 4:4:0, 4:1:1, or 4:4:1 JPEG source image containing a large amount of metadata, the issue caused `tj3Transform()` to overflow the JPEG destination buffer rather than fail gracefully. The issue could be worked around by setting `TJXOPT_COPYNONE`. Note that, irrespective of this issue, `tj3Transform()` cannot reliably transform JPEG source images that contain a large amount of metadata unless automatic JPEG destination buffer (re)allocation is used or `TJXOPT_COPYNONE` is set. 6. Fixed a regression introduced by 3.0 beta2[6] that prevented the djpeg `-map` option from working when decompressing 12-bit-per-component lossy JPEG images. 7. Fixed an issue that caused the C Huffman encoder (which is not used by default on x86 and Arm CPUs) to read from uninitialized memory when attempting to transform a specially-crafted malformed arithmetic-coded JPEG source image into a baseline Huffman-coded JPEG destination image. 2.1.91 1. Significantly sped up the computation of optimal Huffman tables. This speeds up the compression of tiny images by as much as 2x and provides a noticeable speedup for images as large as 256x256 when using optimal Huffman tables. 2. All deprecated fields, constructors, and methods in the TurboJPEG Java API have been removed. 3. Arithmetic entropy coding is now supported with 12-bit-per-component JPEG images. 4. Overhauled the TurboJPEG API to address long-standing limitations and to make the API more extensible and intuitive: - All C function names are now prefixed with `tj3`, and all version suffixes have been removed from the function names. Future API overhauls will increment the prefix to `tj4`, etc., thus retaining backward API/ABI compatibility without versioning each individual function. - Stateless boolean flags have been replaced with stateful integer API parameters, the values of which persist between function calls. New functions/methods (`tj3Set()`/`TJCompressor.set()`/`TJDecompressor.set()` and `tj3Get()`/`TJCompressor.get()`/`TJDecompressor.get()`) can be used to set and query the value of a particular API parameter. - The JPEG quality and subsampling are now implemented using API parameters rather than stateless function arguments (C) or dedicated set/get methods (Java.) - `tj3DecompressHeader()` now stores all relevant information about the JPEG image, including the width, height, subsampling type, entropy coding algorithm, etc., in API parameters rather than returning that information through pointer arguments. - `TJFLAG_LIMITSCANS`/`TJ.FLAG_LIMITSCANS` has been reimplemented as an API parameter (`TJPARAM_SCANLIMIT`/`TJ.PARAM_SCANLIMIT`) that allows the number of scans to be specified. - Optimized baseline entropy coding (the computation of optimal Huffman tables, as opposed to using the default Huffman tables) can now be specified, using a new API parameter (`TJPARAM_OPTIMIZE`/`TJ.PARAM_OPTIMIZE`), a new transform option (`TJXOPT_OPTIMIZE`/`TJTransform.OPT_OPTIMIZE`), and a new TJBench option (`-optimize`.) - Arithmetic entropy coding can now be specified or queried, using a new API parameter (`TJPARAM_ARITHMETIC`/`TJ.PARAM_ARITHMETIC`), a new transform option (`TJXOPT_ARITHMETIC`/`TJTransform.OPT_ARITHMETIC`), and a new TJBench option (`-arithmetic`.) - The restart marker interval can now be specified, using new API parameters (`TJPARAM_RESTARTROWS`/`TJ.PARAM_RESTARTROWS` and `TJPARAM_RESTARTBLOCKS`/`TJ.PARAM_RESTARTBLOCKS`) and a new TJBench option (`-restart`.) - Pixel density can now be specified or queried, using new API parameters (`TJPARAM_XDENSITY`/`TJ.PARAM_XDENSITY`, `TJPARAM_YDENSITY`/`TJ.PARAM_YDENSITY`, and `TJPARAM_DENSITYUNITS`/`TJ.PARAM_DENSITYUNITS`.) - The accurate DCT/IDCT algorithms are now the default for both compression and decompression, since the "fast" algorithms are considered to be a legacy feature. (The "fast" algorithms do not pass the ISO compliance tests, and those algorithms are not any faster than the accurate algorithms on modern x86 CPUs.) - All C initialization functions have been combined into a single function (`tj3Init()`) that accepts an integer argument specifying the subsystems to initialize. - All C functions now use the `const` keyword for pointer arguments that point to unmodified buffers (and for both dimensions of pointer arguments that point to sets of unmodified buffers.) - All C functions now use `size_t` rather than `unsigned long` to represent buffer sizes, for compatibility with `malloc()` and to avoid disparities in the size of `unsigned long` between LP64 (Un*x) and LLP64 (Windows) operating systems. - All C buffer size functions now return 0 if an error occurs, rather than trying to awkwardly return -1 in an unsigned data type (which could easily be misinterpreted as a very large value.) - Decompression scaling is now enabled explicitly, using a new function/method (`tj3SetScalingFactor()`/`TJDecompressor.setScalingFactor()`), rather than implicitly using awkward "desired width"/"desired height" arguments. - Partial image decompression has been implemented, using a new function/method (`tj3SetCroppingRegion()`/`TJDecompressor.setCroppingRegion()`) and a new TJBench option (`-crop`.) - The JPEG colorspace can now be specified explicitly when compressing, using a new API parameter (`TJPARAM_COLORSPACE`/`TJ.PARAM_COLORSPACE`.) This allows JPEG images with the RGB and CMYK colorspaces to be created. - TJBench no longer generates error/difference images, since identical functionality is already available in ImageMagick. - JPEG images with unknown subsampling configurations can now be fully decompressed into packed-pixel images or losslessly transformed (with the exception of lossless cropping.) They cannot currently be partially decompressed or decompressed into planar YUV images. - `tj3Destroy()` now silently accepts a NULL handle. - `tj3Alloc()` and `tj3Free()` now return/accept void pointers, as `malloc()` and `free()` do. - The C image I/O functions now accept a TurboJPEG instance handle, which is used to transmit/receive API parameter values and to receive error information. 5. Added support for 8-bit-per-component, 12-bit-per-component, and 16-bit-per-component lossless JPEG images. A new libjpeg API function (`jpeg_enable_lossless()`), TurboJPEG API parameters (`TJPARAM_LOSSLESS`/`TJ.PARAM_LOSSLESS`, `TJPARAM_LOSSLESSPSV`/`TJ.PARAM_LOSSLESSPSV`, and `TJPARAM_LOSSLESSPT`/`TJ.PARAM_LOSSLESSPT`), and a cjpeg/TJBench option (`-lossless`) can be used to create a lossless JPEG image. (Decompression of lossless JPEG images is handled automatically.) Refer to [libjpeg.txt](libjpeg.txt), [usage.txt](usage.txt), and the TurboJPEG API documentation for more details. 6. Added support for 12-bit-per-component (lossy and lossless) and 16-bit-per-component (lossless) JPEG images to the libjpeg and TurboJPEG APIs: - The existing `data_precision` field in `jpeg_compress_struct` and `jpeg_decompress_struct` has been repurposed to enable the creation of 12-bit-per-component and 16-bit-per-component JPEG images or to detect whether a 12-bit-per-component or 16-bit-per-component JPEG image is being decompressed. - New 12-bit-per-component and 16-bit-per-component versions of `jpeg_write_scanlines()` and `jpeg_read_scanlines()`, as well as new 12-bit-per-component versions of `jpeg_write_raw_data()`, `jpeg_skip_scanlines()`, `jpeg_crop_scanline()`, and `jpeg_read_raw_data()`, provide interfaces for compressing from/decompressing to 12-bit-per-component and 16-bit-per-component packed-pixel and planar YUV image buffers. - New 12-bit-per-component and 16-bit-per-component compression, decompression, and image I/O functions/methods have been added to the TurboJPEG API, and a new API parameter (`TJPARAM_PRECISION`/`TJ.PARAM_PRECISION`) can be used to query the data precision of a JPEG image. (YUV functions are currently limited to 8-bit data precision but can be expanded to accommodate 12-bit data precision in the future, if such is deemed beneficial.) - A new cjpeg and TJBench command-line argument (`-precision`) can be used to create a 12-bit-per-component or 16-bit-per-component JPEG image. (Decompression and transformation of 12-bit-per-component and 16-bit-per-component JPEG images is handled automatically.) 2.1.5.1 1. The SIMD dispatchers in libjpeg-turbo 2.1.4 and prior stored the list of supported SIMD instruction sets in a global variable, which caused an innocuous race condition whereby the variable could have been initialized multiple times if `jpeg_start_*compress()` was called simultaneously in multiple threads. libjpeg-turbo 2.1.5 included an undocumented attempt to fix this race condition by making the SIMD support variable thread-local. However, that caused another issue whereby, if `jpeg_start_*compress()` was called in one thread and `jpeg_read_*()` or `jpeg_write_*()` was called in a second thread, the SIMD support variable was never initialized in the second thread. On x86 systems, this led the second thread to incorrectly assume that AVX2 instructions were always available, and when it attempted to use those instructions on older x86 CPUs that do not support them, an illegal instruction error occurred. The SIMD dispatchers now ensure that the SIMD support variable is initialized before dispatching based on its value. 2.1.5 1. Fixed issues in the build system whereby, when using the Ninja Multi-Config CMake generator, a static build of libjpeg-turbo (a build in which `ENABLE_SHARED` is `0`) could not be installed, a Windows installer could not be built, and the Java regression tests failed. 2. Fixed a regression introduced by 2.0 beta1[15] that caused a buffer overrun in the progressive Huffman encoder when attempting to transform a specially-crafted malformed 12-bit-per-component JPEG image into a progressive 12-bit-per-component JPEG image using a 12-bit-per-component build of libjpeg-turbo (`-DWITH_12BIT=1`.) Given that the buffer overrun was fully contained within the progressive Huffman encoder structure and did not cause a segfault or other user-visible errant behavior, given that the lossless transformer (unlike the decompressor) is not generally exposed to arbitrary data exploits, and given that 12-bit-per-component builds of libjpeg-turbo are uncommon, this issue did not likely pose a security risk. 3. Fixed an issue whereby, when using a 12-bit-per-component build of libjpeg-turbo (`-DWITH_12BIT=1`), passing samples with values greater than 4095 or less than 0 to `jpeg_write_scanlines()` caused a buffer overrun or underrun in the RGB-to-YCbCr color converter. 4. Fixed a floating point exception that occurred when attempting to use the jpegtran `-drop` and `-trim` options to losslessly transform a specially-crafted malformed JPEG image. 5. Fixed an issue in `tjBufSizeYUV2()` whereby it returned a bogus result, rather than throwing an error, if the `align` parameter was not a power of 2. Fixed a similar issue in `tjCompressFromYUV()` whereby it generated a corrupt JPEG image in certain cases, rather than throwing an error, if the `align` parameter was not a power of 2. 6. Fixed an issue whereby `tjDecompressToYUV2()`, which is a wrapper for `tjDecompressToYUVPlanes()`, used the desired YUV image dimensions rather than the actual scaled image dimensions when computing the plane pointers and strides to pass to `tjDecompressToYUVPlanes()`. This caused a buffer overrun and subsequent segfault if the desired image dimensions exceeded the scaled image dimensions. 7. Fixed an issue whereby, when decompressing a 12-bit-per-component JPEG image (`-DWITH_12BIT=1`) using an alpha-enabled output color space such as `JCS_EXT_RGBA`, the alpha channel was set to 255 rather than 4095. 8. Fixed an issue whereby the Java version of TJBench did not accept a range of quality values. 9. Fixed an issue whereby, when `-progressive` was passed to TJBench, the JPEG input image was not transformed into a progressive JPEG image prior to decompression. Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org> Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit f389d702dc647df2b72c440fb5cb0bce2ac640ac Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Fri Aug 9 10:40:16 2024 +0000 core188: Ship libinih Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 42d514370a4ebf063f8153e36dcc045f645d075e Author: Adolf Belka <adolf.belka(a)ipfire.org> Date: Fri Aug 9 12:05:37 2024 +0200 libinih: Update to version 58 - Update from version 56 to 58 - Update of rootfile not required - Changelog 58 [oss-fuzz] fuzzing support by @0x34d in #153 [Fuzzing] fix harness by @0x34d in #156 [Fuzzing] using cifuzz for PR by @0x34d in #154 Specify C++11 std in meson build by @DownerCase in #157 Add ini_ prefix even to static names so inih can be used as an #include by @benhoyt in #164 57 MSVC throws C4244 by @AbsintheScripting in #142 Added a GetUnsigned function for getting unsigned values. by @jcormier in #147 meson.build: fix start-of-line_comment_prefix variable name by @ihilt in #149 Added GetInteger64 and GetUnsigned64 to read 64-bit integers by @natcat256 in #151 Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org> Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit c80163aad261230f981a99da753cdcc3f70be454 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Fri Aug 9 10:39:52 2024 +0000 core188: Ship libcap-ng Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 157b603528ae0f02a34f396cd49371ac35e3b2a2 Author: Adolf Belka <adolf.belka(a)ipfire.org> Date: Fri Aug 9 12:05:35 2024 +0200 libcap-ng: Update to version 0.8.5 - Update from version 0.8.3 to 0.8.5 - Update of rootfile not required - Changelog 0.8.5 - Remove python global exception handler since it's deprecated - Make the utilities link against just built libraries - Remove unused macro in cap-ng.h 0.8.4 - In capng_change_id, clear PR_SET_KEEPCAPS if returning an error - pscap: add -p option for reporting a specified process (Masatake Yamato) - Annotate function prototypes to warn if results are unused - Drop python2 support Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org> Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit b2d848bd819ce551ff3b58d27507c18a1e1aa491 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Fri Aug 9 10:39:26 2024 +0000 core188: Ship libgpg-error Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 0a942376687049e6bcce8c1e5f18c5c505d0810b Author: Adolf Belka <adolf.belka(a)ipfire.org> Date: Fri Aug 9 12:05:36 2024 +0200 libgpg-error: Update to version 1.50 - Update from version 1.48 to 1.50 - Update of rootfile - Changelog 1.50 * New set of process spawn functions. [T6249] * Fixed return type for gpgrt_b64dec_proc and gpgrt_b64dec_finish to gpg_err_code_t. This enum return type is in almost all cases compatible to the formerly used gpg_error_t (i.e. unsigned int). * Interface changes relative to the 1.49 release: gpgrt_process_t CHANGED (never used). gpgrt_spawn_actions_t NEW type. gpgrt_process_requests NEW enum. gpgrt_process_spawn NEW. gpgrt_process_terminate NEW. gpgrt_process_get_streams NEW. gpgrt_process_ctl NEW. gpgrt_process_wait NEW. gpgrt_process_release NEW. gpgrt_spawn_actions_new NEW. gpgrt_spawn_actions_release NEW. gpgrt_spawn_actions_set_redirect NEW. gpgrt_spawn_actions_set_environ NEW (posix only). gpgrt_spawn_actions_set_inherit_fds NEW (posix only). gpgrt_spawn_actions_set_atfork NEW (posix only). gpgrt_spawn_actions_set_envvars NEW (w32 only). gpgrt_spawn_actions_set_inherit_handles NEW (w32 only). GPGRT_PROCESS_DETACHED NEW. GPGRT_PROCESS_NO_CONSOLE NEW. GPGRT_PROCESS_NO_EUID_CHECK NEW. GPGRT_PROCESS_STDIN_PIPE NEW. GPGRT_PROCESS_STDOUT_PIPE NEW. GPGRT_PROCESS_STDERR_PIPE NEW. GPGRT_PROCESS_STDINOUT_SOCKETPAIR NEW. GPGRT_PROCESS_STDIN_KEEP NEW. GPGRT_PROCESS_STDOUT_KEEP NEW. GPGRT_PROCESS_STDERR_KEEP NEW. GPGRT_PROCESS_STDFDS_SETTING NEW. GPGRT_SPAWN_INHERIT_FILE REMOVED (never used). GPGRT_SPAWN_NONBLOCK REMOVED (never used). GPGRT_SPAWN_RUN_ASFW REMOVED (never used). GPGRT_SPAWN_DETACHED REMOVED (never used). GPGRT_SPAWN_KEEP_STDIN REMOVED (never used). GPGRT_SPAWN_KEEP_STDOUT REMOVED (never used). GPGRT_SPAWN_KEEP_STDERR REMOVED (never used). 1.49 * Two new functions to improve the logging interface. The gpgrt_logv_domain is currently the same as gpgrt_logv_prefix but allows to pass a domain string so that in future we will be able to select log output by domain. It also provide a non yet functional feature to include a hex dump. * Add a "trunc" keyword to gpgrt_log_printhex. [rE0a39fbefcb] * Avoid an endless loop in the argparser due to a conf file read error. [rE2dc93cfecc] * Interface changes relative to the 1.48 release: gpgrt_add_post_log_func NEW. gpgrt_logv_domain NEW. Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org> Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 1e639a1dfa86011656001c9612d11d7bdcfca1cb Author: Adolf Belka <adolf.belka(a)ipfire.org> Date: Thu Aug 8 21:32:17 2024 +0200 libassuan: Update to version 3.0.1 - Update from version 2.5.5 to 3.0.1 - Update of rootfile - Changelog 3.0.1 * Change Unix symbol versioning to help the Debian transitioning process. 3.0.0 * API change: For new code, which uses libassuan with nPTH, please use gpgrt_get_syscall_clamp and assuan_control, instead of the system_hooks API. Use of ASSUAN_SYSTEM_NPTH is deprecated with new API version 3. If it's really needed to keep using old implementation of ASSUAN_SYSTEM_NPTH, you need to change your your application code, to define ASSUAN_REALLY_REQUIRE_V2_NPTH_SYSTEM_HOOKS before including <assuan.h>. For an application which uses version 2 API (NEED_LIBASSUAN_API=2 in its configure.ac), use of ASSUAN_SYSTEM_NPTH is still supported. [T5914] * New function assuan_control. [T6625] * New function assuan_sock_accept. [T5925] * New functions assuan_pipe_wait_server_termination and assuan_pipe_kill_server to support abstraction of process. [T6487] * Windows support for sendfd/recvfd. [T6236] * Implement timeout in assuan_sock_connect_byname. [T3302] * No support for WindowsCE, any more. [T6170] * New socket flags "linger" and "reuseaddr". [rA87f92fe962] * Interface changes relative to the 2.5.0 release: assuan_sock_accept NEW. assuan_pipe_wait_server_termination NEW. assuan_pipe_kill_server NEW. assuan_sock_set_flag EXTENDED. assuan_sock_get_flag EXTENDED. 2.5.7 New configure option --with-libtool-modification. [T6619] Change the naming of the 64 bit Windows DLL from libassuan6-0.dll to libassuan-0.dll to sync this with what we did for libgpg-error. 2.5.6 * Fix logging of confidential data. [rA0fc31770fa] * Fix memory wiping. [T5977] * Fix macOS build problem. [T5440,T5610] * Upgrade autoconf stuff. Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org> Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 7e6ba7113752e724ce5dc92e432af9b05eb0aef0 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Fri Aug 9 10:38:28 2024 +0000 core188: Ship libarchive Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit f6e2ccf3ab33e8680705f82aed54218ca6675b71 Author: Adolf Belka <adolf.belka(a)ipfire.org> Date: Thu Aug 8 21:32:16 2024 +0200 libarchive: Update to version 3.7.4 - Update from version 3.7.0 to 3.7.4 - Update of rootfile - CVE fix in 3.7.4 - Changelog 3.7.4 Security fixes: rar: Fix OOB in rar e8 filter (#2135) (CVE-2024-26256) zip: Fix out of boundary access (#2145) Important bugfixes: 7zip: Limit amount of properties (#2131) bsdtar: Fix error handling around strtol() usages (#2110) passphrase: Improve newline handling on Windows (#2115) passphrase: Never allow empty passwords (#2116) rar: Fix "File CRC Error" when extracting specific rar4 archives (#2124) xar: Avoid infinite link loop (#2123) zip: Update AppleDouble support for directories (#2108) zstd: Implement core detection (#2083, #2071) 3.7.3 New features: PCRE2 support (#2031) add trailing letter b to bsdtar(1) substitute pattern (#2012) add support for long options "--group" and "--owner" to tar(1) (#2054) Security fixes: Fix possible vulnerability in tar error reporting introduced in f27c173 (#2101) Important bugfixes: ISO9660: preserve the natural order of links (#1974) rar5: fix decoding unicode filenames on Windows (#1978) rar5: fix infinite loop if during rar5 decompression the last block produced no data (#2105) xz filter: fix incorrect eof at the end of an lzip member (#2027) zip: fix end-of-data marker processing when decompressing zip archives (#2042) multiple bsdunzip(1) fixes (#2022, #2030) filetime truncation fix on Windows (#2050) 3.7.2 Security fixes: Multiple vulnerabilities have been fixed in the PAX writer (1b4e0d0) Important bugfixes: bsdunzip(1) now correctly handles arguments following an -x after the zipfile New features: bsdunzip(1) now supports the "--version" flag 7-zip reader now translates Windows permissions into UNIX permissions (#1943) uudecode filter in raw mode now supports file name and file mode zstd filter now supports the "long" write option (#1962) 3.7.1 Security fixes: SEGV and stack buffer overflow in verbose mode of cpio (#1934, #1935) Feature updates: bsdunzip updated to match latest upstream code (#1926) Important bugfixes: miscellaneous functional bugfixes (#1731, #1929, #1930) build fixes on multiple platforms (Android #1921, older MacOS X #1919, #1933 and others) Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org> Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> ----------------------------------------------------------------------- Summary of changes: config/rootfiles/common/libarchive | 2 +- config/rootfiles/common/libgcrypt | 3 +-- config/rootfiles/common/libgpg-error | 2 +- config/rootfiles/common/libjpeg | 6 ++--- .../{oldcore/104 => core/188}/filelists/libarchive | 0 .../{oldcore/131 => core/188}/filelists/libcap-ng | 0 .../{oldcore/105 => core/188}/filelists/libgcrypt | 0 .../106 => core/188}/filelists/libgpg-error | 0 .../{oldcore/168 => core/188}/filelists/libinih | 0 .../{oldcore/107 => core/188}/filelists/libjpeg | 0 config/rootfiles/packages/libassuan | 7 +++--- config/rootfiles/packages/netatalk | 28 ++++------------------ lfs/libarchive | 10 ++++---- lfs/libassuan | 11 +++++---- lfs/libcap-ng | 6 ++--- lfs/libgcrypt | 4 ++-- lfs/libgpg-error | 7 +++--- lfs/libinih | 6 ++--- lfs/libjpeg | 6 ++--- lfs/netatalk | 28 ++++++++++++---------- ..._prefix_from_sysconfdir_and_localstatedir.patch | 15 ++++++++++++ 21 files changed, 70 insertions(+), 71 deletions(-) copy config/rootfiles/{oldcore/104 => core/188}/filelists/libarchive (100%) copy config/rootfiles/{oldcore/131 => core/188}/filelists/libcap-ng (100%) copy config/rootfiles/{oldcore/105 => core/188}/filelists/libgcrypt (100%) copy config/rootfiles/{oldcore/106 => core/188}/filelists/libgpg-error (100%) copy config/rootfiles/{oldcore/168 => core/188}/filelists/libinih (100%) copy config/rootfiles/{oldcore/107 => core/188}/filelists/libjpeg (100%) create mode 100644 src/patches/netatalk-3.2.5_remove_prefix_from_sysconfdir_and_localstatedir.patch Difference in files: diff --git a/config/rootfiles/common/libarchive b/config/rootfiles/common/libarchive index 81089e9e2..2f38c29a7 100644 --- a/config/rootfiles/common/libarchive +++ b/config/rootfiles/common/libarchive @@ -7,7 +7,7 @@ #usr/lib/libarchive.la #usr/lib/libarchive.so usr/lib/libarchive.so.13 -usr/lib/libarchive.so.13.7.0 +usr/lib/libarchive.so.13.7.4 #usr/lib/pkgconfig/libarchive.pc #usr/share/man/man1/bsdcat.1 #usr/share/man/man1/bsdcpio.1 diff --git a/config/rootfiles/common/libgcrypt b/config/rootfiles/common/libgcrypt index f08cf1db3..d00f191b7 100644 --- a/config/rootfiles/common/libgcrypt +++ b/config/rootfiles/common/libgcrypt @@ -1,12 +1,11 @@ #usr/bin/dumpsexp #usr/bin/hmac256 -#usr/bin/libgcrypt-config #usr/bin/mpicalc #usr/include/gcrypt.h #usr/lib/libgcrypt.la #usr/lib/libgcrypt.so usr/lib/libgcrypt.so.20 -usr/lib/libgcrypt.so.20.4.3 +usr/lib/libgcrypt.so.20.5.0 #usr/lib/pkgconfig/libgcrypt.pc #usr/share/aclocal/libgcrypt.m4 #usr/share/info/gcrypt.info diff --git a/config/rootfiles/common/libgpg-error b/config/rootfiles/common/libgpg-error index ce3492a24..b6742cde6 100644 --- a/config/rootfiles/common/libgpg-error +++ b/config/rootfiles/common/libgpg-error @@ -6,7 +6,7 @@ usr/bin/gpg-error #usr/lib/libgpg-error.la #usr/lib/libgpg-error.so usr/lib/libgpg-error.so.0 -usr/lib/libgpg-error.so.0.35.0 +usr/lib/libgpg-error.so.0.37.0 #usr/lib/pkgconfig/gpg-error.pc #usr/share/aclocal/gpg-error.m4 #usr/share/aclocal/gpgrt.m4 diff --git a/config/rootfiles/common/libjpeg b/config/rootfiles/common/libjpeg index 74c101854..740df676a 100644 --- a/config/rootfiles/common/libjpeg +++ b/config/rootfiles/common/libjpeg @@ -16,17 +16,17 @@ #usr/lib/cmake/libjpeg-turbo/libjpeg-turboTargets.cmake #usr/lib/libjpeg.so usr/lib/libjpeg.so.8 -usr/lib/libjpeg.so.8.2.2 +usr/lib/libjpeg.so.8.3.2 #usr/lib/libturbojpeg.so usr/lib/libturbojpeg.so.0 -usr/lib/libturbojpeg.so.0.2.0 +usr/lib/libturbojpeg.so.0.3.0 #usr/lib/pkgconfig/libjpeg.pc #usr/lib/pkgconfig/libturbojpeg.pc #usr/share/doc/libjpeg-turbo #usr/share/doc/libjpeg-turbo/LICENSE.md #usr/share/doc/libjpeg-turbo/README.ijg #usr/share/doc/libjpeg-turbo/README.md -#usr/share/doc/libjpeg-turbo/example.txt +#usr/share/doc/libjpeg-turbo/example.c #usr/share/doc/libjpeg-turbo/libjpeg.txt #usr/share/doc/libjpeg-turbo/structure.txt #usr/share/doc/libjpeg-turbo/tjexample.c diff --git a/config/rootfiles/core/188/filelists/libarchive b/config/rootfiles/core/188/filelists/libarchive new file mode 120000 index 000000000..551f1f743 --- /dev/null +++ b/config/rootfiles/core/188/filelists/libarchive @@ -0,0 +1 @@ +../../../common/libarchive \ No newline at end of file diff --git a/config/rootfiles/core/188/filelists/libcap-ng b/config/rootfiles/core/188/filelists/libcap-ng new file mode 120000 index 000000000..f58b21141 --- /dev/null +++ b/config/rootfiles/core/188/filelists/libcap-ng @@ -0,0 +1 @@ +../../../common/libcap-ng \ No newline at end of file diff --git a/config/rootfiles/core/188/filelists/libgcrypt b/config/rootfiles/core/188/filelists/libgcrypt new file mode 120000 index 000000000..2df12a20e --- /dev/null +++ b/config/rootfiles/core/188/filelists/libgcrypt @@ -0,0 +1 @@ +../../../common/libgcrypt \ No newline at end of file diff --git a/config/rootfiles/core/188/filelists/libgpg-error b/config/rootfiles/core/188/filelists/libgpg-error new file mode 120000 index 000000000..cad431339 --- /dev/null +++ b/config/rootfiles/core/188/filelists/libgpg-error @@ -0,0 +1 @@ +../../../common/libgpg-error \ No newline at end of file diff --git a/config/rootfiles/core/188/filelists/libinih b/config/rootfiles/core/188/filelists/libinih new file mode 120000 index 000000000..7f703bed7 --- /dev/null +++ b/config/rootfiles/core/188/filelists/libinih @@ -0,0 +1 @@ +../../../common/libinih \ No newline at end of file diff --git a/config/rootfiles/core/188/filelists/libjpeg b/config/rootfiles/core/188/filelists/libjpeg new file mode 120000 index 000000000..3b1a782fb --- /dev/null +++ b/config/rootfiles/core/188/filelists/libjpeg @@ -0,0 +1 @@ +../../../common/libjpeg \ No newline at end of file diff --git a/config/rootfiles/packages/libassuan b/config/rootfiles/packages/libassuan index fd57c7dd6..625cd061a 100644 --- a/config/rootfiles/packages/libassuan +++ b/config/rootfiles/packages/libassuan @@ -1,9 +1,8 @@ -usr/bin/libassuan-config #usr/include/assuan.h #usr/lib/libassuan.la -usr/lib/libassuan.so -usr/lib/libassuan.so.0 -usr/lib/libassuan.so.0.8.5 +#usr/lib/libassuan.so +usr/lib/libassuan.so.9 +usr/lib/libassuan.so.9.0.1 #usr/lib/pkgconfig/libassuan.pc #usr/share/aclocal/libassuan.m4 #usr/share/info/assuan.info diff --git a/config/rootfiles/packages/netatalk b/config/rootfiles/packages/netatalk index 074ae442d..d23b05390 100644 --- a/config/rootfiles/packages/netatalk +++ b/config/rootfiles/packages/netatalk @@ -1,4 +1,5 @@ etc/afp.conf +#etc/dbus-1/system.d/netatalk-dbus.conf etc/dbus-session.conf etc/extmap.conf etc/pam.d/netatalk @@ -8,8 +9,7 @@ usr/bin/afpldaptest usr/bin/afppasswd usr/bin/afpstats usr/bin/apple_dump -usr/bin/asip-status.pl -usr/bin/cnid2_create +usr/bin/asip-status usr/bin/dbd usr/bin/macusers #usr/bin/netatalk-config @@ -19,7 +19,6 @@ usr/bin/macusers #usr/include/atalk/afp.h #usr/include/atalk/bstrlib.h #usr/include/atalk/cnid.h -#usr/include/atalk/compat.h #usr/include/atalk/dictionary.h #usr/include/atalk/ea.h #usr/include/atalk/globals.h @@ -36,8 +35,6 @@ usr/bin/macusers #usr/include/atalk/util.h #usr/include/atalk/vfs.h #usr/include/atalk/volume.h -#usr/lib/libatalk.a -#usr/lib/libatalk.la #usr/lib/libatalk.so usr/lib/libatalk.so.18 usr/lib/libatalk.so.18.0.0 @@ -45,45 +42,28 @@ usr/lib/libatalk.so.18.0.0 #usr/lib/netatalk/uams_clrtxt.so usr/lib/netatalk/uams_dhx.so usr/lib/netatalk/uams_dhx2.so -#usr/lib/netatalk/uams_dhx2_pam.a -#usr/lib/netatalk/uams_dhx2_pam.la usr/lib/netatalk/uams_dhx2_pam.so -#usr/lib/netatalk/uams_dhx2_passwd.a -#usr/lib/netatalk/uams_dhx2_passwd.la usr/lib/netatalk/uams_dhx2_passwd.so -#usr/lib/netatalk/uams_dhx_pam.a -#usr/lib/netatalk/uams_dhx_pam.la usr/lib/netatalk/uams_dhx_pam.so -#usr/lib/netatalk/uams_dhx_passwd.a -#usr/lib/netatalk/uams_dhx_passwd.la usr/lib/netatalk/uams_dhx_passwd.so -#usr/lib/netatalk/uams_guest.a -#usr/lib/netatalk/uams_guest.la +usr/lib/netatalk/uams_gss.so usr/lib/netatalk/uams_guest.so -#usr/lib/netatalk/uams_pam.a -#usr/lib/netatalk/uams_pam.la usr/lib/netatalk/uams_pam.so -#usr/lib/netatalk/uams_passwd.a -#usr/lib/netatalk/uams_passwd.la usr/lib/netatalk/uams_passwd.so -#usr/lib/netatalk/uams_randnum.a -#usr/lib/netatalk/uams_randnum.la usr/lib/netatalk/uams_randnum.so usr/sbin/afpd usr/sbin/cnid_dbd usr/sbin/cnid_metad usr/sbin/netatalk -#usr/share/aclocal/netatalk.m4 #usr/share/man/man1/ad.1 #usr/share/man/man1/afpldaptest.1 #usr/share/man/man1/afppasswd.1 #usr/share/man/man1/afpstats.1 #usr/share/man/man1/apple_dump.1 -#usr/share/man/man1/asip-status.pl.1 +#usr/share/man/man1/asip-status.1 #usr/share/man/man1/dbd.1 #usr/share/man/man1/macusers.1 #usr/share/man/man1/netatalk-config.1 -#usr/share/man/man1/uniconv.1 #usr/share/man/man5/afp.conf.5 #usr/share/man/man5/afp_signature.conf.5 #usr/share/man/man5/afp_voluuid.conf.5 diff --git a/lfs/libarchive b/lfs/libarchive index 91041023b..668f2a87e 100644 --- a/lfs/libarchive +++ b/lfs/libarchive @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2023 IPFire Team <info(a)ipfire.org> # +# Copyright (C) 2007-2024 IPFire Team <info(a)ipfire.org> # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@ include Config -VER = 3.7.0 +VER = 3.7.4 THISAPP = libarchive-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -41,7 +41,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 8fb72a0504038c71584c0416c1d747b7f5c82266518704353e7fdf794bd9f9e2dc22b8fa2538fa8d12a3b9776581077040371d25647fe72c02a4ec5f3bb8d950 +$(DL_FILE)_BLAKE2 = 128f72235da61e112201046c0cfe62a8c580cf73b426c4cfe270ae913356f6ad430ba33a663dcd617b082c7baf45ada8d1c9928c45fea16fd57e8020693a60bc install : $(TARGET) @@ -74,7 +74,9 @@ $(subst %,%_BLAKE2,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && ./configure --prefix=/usr --disable-static + cd $(DIR_APP) && ./configure \ + --prefix=/usr \ + --disable-static cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install @rm -rf $(DIR_APP) diff --git a/lfs/libassuan b/lfs/libassuan index 4b59508ab..d796c6055 100644 --- a/lfs/libassuan +++ b/lfs/libassuan @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2020 IPFire Team <info(a)ipfire.org> # +# Copyright (C) 2007-2024 IPFire Team <info(a)ipfire.org> # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -26,7 +26,7 @@ include Config SUMMARY = IPC library used by GnuPG version 2 -VER = 2.5.5 +VER = 3.0.1 THISAPP = libassuan-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = libassuan -PAK_VER = 7 +PAK_VER = 8 DEPS = @@ -48,7 +48,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 24952e97c757b97c387ab4c2c4bf7b040f2874e9326c129805c7f5326fa14d80e083b0842e336a635531a2c8d4a66d428c816bae6b175f1c4518add1ffa3554d +$(DL_FILE)_BLAKE2 = 5d6a7e4e9ce1b196bc7d126786716d95896de6145b8d753e2289bd36cbc96efa216360ac127fadb7be2d577e7fa203c8c8695d4aa11afcca6ed5397dd40209cb install : $(TARGET) @@ -82,7 +82,8 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) $(UPDATE_AUTOMAKE) - cd $(DIR_APP) && ./configure --prefix=/usr + cd $(DIR_APP) && ./configure \ + --prefix=/usr cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install @rm -rf $(DIR_APP) diff --git a/lfs/libcap-ng b/lfs/libcap-ng index 1bf9945c4..8bd5ba6fb 100644 --- a/lfs/libcap-ng +++ b/lfs/libcap-ng @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2018 IPFire Team <info(a)ipfire.org> # +# Copyright (C) 2007-2024 IPFire Team <info(a)ipfire.org> # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@ include Config -VER = 0.8.3 +VER = 0.8.5 THISAPP = libcap-ng-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = c54dd753e0ef6dd21bcf6af7b003f85ded9faf2fbf1ea834cda6b181b165ff4b11a0284c23c73d0e6f97a810b3e6a63fceeb57ff583a2b32f23924bdee597ef5 +$(DL_FILE)_BLAKE2 = ce0fc4ebceaa66d6f888f8b752e501bed7513d45231425054340016a6215ce52f0cd81b3a4a54c7c9ec0b623965002d66316c6c37844f0bd132b186ff7c6a41f install : $(TARGET) diff --git a/lfs/libgcrypt b/lfs/libgcrypt index dfd7a9a2f..341683bfb 100644 --- a/lfs/libgcrypt +++ b/lfs/libgcrypt @@ -24,7 +24,7 @@ include Config -VER = 1.10.3 +VER = 1.11.0 THISAPP = libgcrypt-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 1a228e02820e886016eb55dee75936c4422a15fb4f95a2f9bcd1e4faac4015d4321c7c8d23f164eb08ece5d62935ab3b3d3104eabfdd22db997ab3e5689dfa6f +$(DL_FILE)_BLAKE2 = fe3f42480c0b9a0c50c24f4c54197404b4e1056d8baa9c0c07c671c9c05b90777580b4cbcde931b50ecb4dd93f5ddad89cea99aa36a35f86f796a003e3816f7d install : $(TARGET) diff --git a/lfs/libgpg-error b/lfs/libgpg-error index c402d0bf8..e06a34937 100644 --- a/lfs/libgpg-error +++ b/lfs/libgpg-error @@ -24,7 +24,7 @@ include Config -VER = 1.48 +VER = 1.50 THISAPP = libgpg-error-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 4ced63058586558f4d001bcc468f4bd419b8ec29fbd7dbcaa1a21f959d847c9e12c10c548a0038fd4eac0bdfc9907b61e9f6be71c95fc61c964c649e2415dfd7 +$(DL_FILE)_BLAKE2 = 621d9a604585daa1fbd08aaa94f3b177f6265046ccf452317e126e73079c567c555cbb8ab8b63e09b76bdf4f11a1aad7effd118651fe9e9cbcf01229f20ab297 install : $(TARGET) @@ -70,7 +70,8 @@ $(subst %,%_BLAKE2,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && ./configure --prefix=/usr + cd $(DIR_APP) && ./configure \ + --prefix=/usr cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install @rm -rf $(DIR_APP) diff --git a/lfs/libinih b/lfs/libinih index 6cd9d353a..2df1d7799 100644 --- a/lfs/libinih +++ b/lfs/libinih @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2022 IPFire Team <info(a)ipfire.org> # +# Copyright (C) 2007-2024 IPFire Team <info(a)ipfire.org> # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@ include Config -VER = 56 +VER = 58 THISAPP = inih-r$(VER) DL_FILE = $(THISAPP).tar.gz @@ -42,7 +42,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 51935959a9eb4e393b17302f0932a232963883680f10d404c63d5f2ebbd3bf0b740f44edfa1b2541d0e130016eb853ebedf68a1c40797f658496e2a8c966af3d +$(DL_FILE)_BLAKE2 = ba71b21b30c039df026adbd29b422b064934046ced21a37479421e866b73969826dc1fea4e3bc0c5ea427248c774d8f80b83056c54769d454bafa2f336d08024 install : $(TARGET) diff --git a/lfs/libjpeg b/lfs/libjpeg index b9c9d3cd8..311ce4bc9 100644 --- a/lfs/libjpeg +++ b/lfs/libjpeg @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2022 IPFire Team <info(a)ipfire.org> # +# Copyright (C) 2007-2024 IPFire Team <info(a)ipfire.org> # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@ include Config -VER = 2.1.4 +VER = 3.0.3 THISAPP = libjpeg-turbo-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 80ffd77d58a37eae0bdc1868d994f34ea52c13e2624c720b1d0b6ec4d6d14b16911163ccd4009c8d6eda214f31e1fff78bb7eb4739ae6589d0fd8c7008c0e972 +$(DL_FILE)_BLAKE2 = 9d141dadd0dce970bf857b51352c57a8e15180438abd7d6d66f9dfd24e23889add8c6c89120b84026e40ab61611516b0567984bd1db37e9c45b41917cf32e9a6 install : $(TARGET) diff --git a/lfs/netatalk b/lfs/netatalk index 5875fb1b2..57f6bcaf9 100644 --- a/lfs/netatalk +++ b/lfs/netatalk @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2023 IPFire Team <info(a)ipfire.org> # +# Copyright (C) 2007-2024 IPFire Team <info(a)ipfire.org> # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -26,15 +26,15 @@ include Config SUMMARY = AppleShare file server -VER = 3.1.12 +VER = 3.2.5 THISAPP = netatalk-$(VER) -DL_FILE = $(THISAPP).tar.gz +DL_FILE = $(THISAPP).tar.xz DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = netatalk -PAK_VER = 8 +PAK_VER = 9 DEPS = avahi dbus @@ -50,7 +50,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 912bb85045952202becc42899f87ada33427ded987de6c7a6b56c061c1eb6d1a96d95a1700522bfe2119c6db8bbec94eeb4c64c480f59ff7d406542390705efc +$(DL_FILE)_BLAKE2 = 017c8390f4d6e7f81fcc9ddde459af48a47acd9e3fdf3b230887d36ebf96518a96e3483ac063ee734b20e9bca39c7cc2c9c1720265fb05d49358447bedc2976d install : $(TARGET) @@ -82,15 +82,17 @@ $(subst %,%_BLAKE2,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) - @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) $(UPDATE_AUTOMAKE) - cd $(DIR_APP) && ./configure \ - --prefix=/usr \ - --sysconfdir=/etc \ - --localstatedir=/var/state \ - --without-libevent - cd $(DIR_APP) && make $(MAKETUNING) - cd $(DIR_APP) && make install + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/netatalk-3.2.5_remove_prefix_from_sysconfdir_and_localstatedir.patch + cd $(DIR_APP) && meson setup \ + --prefix=/usr \ + --sysconfdir=/etc \ + --localstatedir=/var/state \ + -Dwith-pam-config-path=/etc/pam.d \ + builddir/ + cd $(DIR_APP) && ninja -C builddir/ $(MAKETUNING) + cd $(DIR_APP) && ninja -C builddir/ install # Backup install -v -m 644 $(DIR_SRC)/config/backup/includes/netatalk \ diff --git a/src/patches/netatalk-3.2.5_remove_prefix_from_sysconfdir_and_localstatedir.patch b/src/patches/netatalk-3.2.5_remove_prefix_from_sysconfdir_and_localstatedir.patch new file mode 100644 index 000000000..51ce3d648 --- /dev/null +++ b/src/patches/netatalk-3.2.5_remove_prefix_from_sysconfdir_and_localstatedir.patch @@ -0,0 +1,15 @@ +--- netatalk-3.2.5/meson.build.orig 2024-08-01 12:16:47.000000000 +0200 ++++ netatalk-3.2.5/meson.build 2024-08-08 16:07:31.337732788 +0200 +@@ -39,10 +39,10 @@ + datadir = prefix / get_option('datadir') + includedir = prefix / get_option('includedir') + libdir = prefix / get_option('libdir') +-localstatedir = prefix / get_option('localstatedir') ++localstatedir = get_option('localstatedir') + mandir = prefix / get_option('mandir') + sbindir = prefix / get_option('sbindir') +-sysconfdir = prefix / get_option('sysconfdir') ++sysconfdir = get_option('sysconfdir') + + pkgconfdir = get_option('with-pkgconfdir-path') + if pkgconfdir == '' hooks/post-receive -- IPFire 2.x development tree

1 0

[git.ipfire.org] IPFire 2.x development tree branch, next, updated. ecacbaacbad42545e2e41838ed9c50ac5ae42cb0
by Michael Tremer 08 Aug '24

08 Aug '24

This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, next has been updated via ecacbaacbad42545e2e41838ed9c50ac5ae42cb0 (commit) via 3e0719398a3ad0368c90dc32060afa10c8e29d02 (commit) from a68afb6b7b632c6cbd79a39ac0f2e6d1428d82e4 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit ecacbaacbad42545e2e41838ed9c50ac5ae42cb0 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Thu Aug 8 18:31:01 2024 +0000 make.sh: Cleanup the images directory, too Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 3e0719398a3ad0368c90dc32060afa10c8e29d02 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Thu Aug 8 18:30:15 2024 +0000 make.sh: Fix passing the build directory find-dependencies Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> ----------------------------------------------------------------------- Summary of changes: make.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) Difference in files: diff --git a/make.sh b/make.sh index 922fc4b4c..370e616a2 100755 --- a/make.sh +++ b/make.sh @@ -2368,8 +2368,7 @@ clean) # Cleanup build files rm -rf \ "${BUILD_DIR}" \ - "${BASEDIR}/cdrom" \ - "${BASEDIR}/packages" \ + "${IMAGES_DIR}" \ "${LOG_DIR}" # Remove the /tools symlink @@ -2463,7 +2462,7 @@ update-contributors) ;; find-dependencies) shift - exec "${BASEDIR}/tools/find-dependencies" "${BASEDIR}/build" "$@" + exec "${BASEDIR}/tools/find-dependencies" "${BUILD_DIR}" "$@" ;; check-manualpages) echo "Checking the manual pages for broken links..." hooks/post-receive -- IPFire 2.x development tree

1 0

[git.ipfire.org] IPFire 2.x development tree branch, next, updated. a68afb6b7b632c6cbd79a39ac0f2e6d1428d82e4
by Michael Tremer 07 Aug '24

07 Aug '24

This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, next has been updated via a68afb6b7b632c6cbd79a39ac0f2e6d1428d82e4 (commit) via a0d7f366c9ba343e519868da240417b028af88ea (commit) via 005efd4e29a0f2c4fbc12f84ec6b0f16d64c3bc8 (commit) via 75732eb18066cb564a9b94aa635bcabe20aa903e (commit) via f73de15117b377a86b8895bfff1a2281ce8a8354 (commit) via 06345fbc0dc706bdfc52b005dc96e12af4b27c02 (commit) via 824f4c97096c33cf0de248cb7ce0d8940b0ed9bc (commit) via 21cef199759a75bfe0d9ea26d7d3f6480fcf126a (commit) via 3cfe40fa65fb69430d7a3825c6f207f188661e98 (commit) via 4f0f0a9d2a62ccdad8230fa0405f31b08b4123a8 (commit) via 6fa4cdf7e3dcfa0ede6e5b976e185dff6893f8b3 (commit) via 1392ccfe30b4b62b7638ef1a8fa78102b5f6498f (commit) via 094b9c66de4cd6a08e998675cefc72d2ed5d2c51 (commit) via 33e76e6e2c22000ba0d210265e03f03c124a7e4a (commit) via b66718b334336c8589291c67af9d4e68dee7627f (commit) via 185f0a9b40bef44ee590ec337cb0b7845eeea86c (commit) via 4d0a12624de2e1d1eddf28bb0fba927999b1d8ae (commit) via 0221bacb7417a3c4406aebd14e6b88ac877f342a (commit) via 81784657c9b95b22912e78cfe06dfda3e3c81bed (commit) via aaa9c561c1101155be48e99837f8e85c6e12ae65 (commit) via dd66b39d6bdc0d10f21d3f56347c11625508da1e (commit) via 69dcb9bd659bbde4e738b6db24795c5646dcbf48 (commit) via 0e8bb539ce38221154a3e35a108849b371c26e27 (commit) via 60d90975114bff2c351161ae138b563aa750d38c (commit) via 7f2fbf2767167e250d8fe48b33102ed04a11efc0 (commit) via 8e592614462cf081219badf61869b5fb7786c11e (commit) via d33000e9918e6f50478439eed1bf19fc2c2c598e (commit) via c0c3fd55265b837fcc33c99dba6bde5a4bd9f4fe (commit) via c895b0fb522d49b61ef5b4689c079c8780d652a2 (commit) via e9427470af119f2f6d0ce661a49396eb22eba34c (commit) via 2682a1d17af8a1eeb309bbb04df5a97a3c7c55cb (commit) via 3fb09506ae1682adc2e12bd4ffe5ad438197da2d (commit) from 6c6959694ac55969e320e30247a799f6acc9accc (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit a68afb6b7b632c6cbd79a39ac0f2e6d1428d82e4 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Wed Aug 7 16:36:24 2024 +0200 extrahd.cgi: Make table use the full width Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit a0d7f366c9ba343e519868da240417b028af88ea Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Wed Aug 7 16:35:02 2024 +0200 qos.cgi: Make all tables use the full width Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 005efd4e29a0f2c4fbc12f84ec6b0f16d64c3bc8 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Wed Aug 7 16:29:23 2024 +0200 firewall.cgi: Merge the ID and policy columns This saves us a little bit of space and looks tidier to me. Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 75732eb18066cb564a9b94aa635bcabe20aa903e Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Wed Aug 7 16:24:48 2024 +0200 firewall.cgi: Fix policy colours for rules Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit f73de15117b377a86b8895bfff1a2281ce8a8354 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Wed Aug 7 16:20:30 2024 +0200 firewall.cgi: Remove box around top buttons Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 06345fbc0dc706bdfc52b005dc96e12af4b27c02 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Wed Aug 7 16:18:01 2024 +0200 firewall.cgi: Fix colouring of the rule actions Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 824f4c97096c33cf0de248cb7ce0d8940b0ed9bc Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Wed Aug 7 16:10:48 2024 +0200 firewall.cgi: Fix colouring of the default firewall policy Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 21cef199759a75bfe0d9ea26d7d3f6480fcf126a Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Wed Aug 7 15:45:24 2024 +0200 ovpnmain.cgi: Fix connection status colours Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 3cfe40fa65fb69430d7a3825c6f207f188661e98 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Wed Aug 7 15:39:40 2024 +0200 vpnmain.cgi: Fix connection status colours Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 4f0f0a9d2a62ccdad8230fa0405f31b08b4123a8 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Wed Aug 7 15:31:11 2024 +0200 services.cgi: Remove showing the PIDs for add-on services This was only showing one PID and I don't see any reason why anyone would need this. Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 6fa4cdf7e3dcfa0ede6e5b976e185dff6893f8b3 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Wed Aug 7 15:29:57 2024 +0200 services.cgi: Use new functions to figure out memory usage Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 1392ccfe30b4b62b7638ef1a8fa78102b5f6498f Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Wed Aug 7 15:27:22 2024 +0200 services.cgi: Fix colouring of the add-on status Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 094b9c66de4cd6a08e998675cefc72d2ed5d2c51 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Wed Aug 7 15:24:14 2024 +0200 services.cgi: Remove manual table striping Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 33e76e6e2c22000ba0d210265e03f03c124a7e4a Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Wed Aug 7 15:20:56 2024 +0200 services.cgi: Remove excessive styling that has no effect Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit b66718b334336c8589291c67af9d4e68dee7627f Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Wed Aug 7 15:14:14 2024 +0200 connections.cgi: Only evaluate value networks Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 185f0a9b40bef44ee590ec337cb0b7845eeea86c Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Wed Aug 7 14:32:55 2024 +0200 langs: Add translation for WireGuard Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 4d0a12624de2e1d1eddf28bb0fba927999b1d8ae Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Sat Apr 27 19:15:19 2024 +0200 connections.cgi: Remove country headline This takes way more space than the actual flag and therefore makes the table wider which we don't want. Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 0221bacb7417a3c4406aebd14e6b88ac877f342a Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Sat Apr 27 19:13:28 2024 +0200 connections.cgi: Refactor reading networks This is still a total nightmare because we are yet again writing functions that read the same configuration files all over again. Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 81784657c9b95b22912e78cfe06dfda3e3c81bed Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Sat Apr 27 14:02:31 2024 +0200 connections.cgi: Remove the extra box Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit aaa9c561c1101155be48e99837f8e85c6e12ae65 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Sat Apr 27 13:59:03 2024 +0200 connections.cgi: Use &General::format_time() Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit dd66b39d6bdc0d10f21d3f56347c11625508da1e Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Sat Apr 27 13:55:53 2024 +0200 connections.cgi: Make it clearer which direction traffic is flowing Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 69dcb9bd659bbde4e738b6db24795c5646dcbf48 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Sat Apr 27 13:50:31 2024 +0200 connections.cgi: Use &General::formatBytes() for format usage Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 0e8bb539ce38221154a3e35a108849b371c26e27 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Sat Apr 27 13:47:53 2024 +0200 connections.cgi: Use the .tbl class for the main table Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 60d90975114bff2c351161ae138b563aa750d38c Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Sat Apr 27 13:43:49 2024 +0200 connections.cgi: Parse conntrack table without loading it all first We used to load the entire table into memory which is very unnecessary because we can parse it one line at a time. Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 7f2fbf2767167e250d8fe48b33102ed04a11efc0 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Sat Apr 27 13:33:11 2024 +0200 connections.cgi: Remove sorting This has first of all very little benefit and the code is too messy. Why would anyone want to sort by port? I think we might want a search here. Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 8e592614462cf081219badf61869b5fb7786c11e Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Sat Apr 27 13:28:19 2024 +0200 connections.cgi: Define colours for WG address space Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit d33000e9918e6f50478439eed1bf19fc2c2c598e Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Sat Apr 27 13:27:56 2024 +0200 header.pl: Define a colour for WireGuard Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit c0c3fd55265b837fcc33c99dba6bde5a4bd9f4fe Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Thu Apr 25 20:36:23 2024 +0200 CSS: Don't try to justify any text Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit c895b0fb522d49b61ef5b4689c079c8780d652a2 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Wed Aug 7 14:21:09 2024 +0200 Revert "CSS: Make all <select> and <textarea> use all available space" This reverts commit 17c29ce7fefe36be09d05e42a8b50d10e7ca5d17. Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit e9427470af119f2f6d0ce661a49396eb22eba34c Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Wed Aug 7 14:20:58 2024 +0200 Revert "CSS: Make text/number inputs 100% wide, too" This reverts commit 8eb016da793e623ab5b5b7b05556f9c5dfa8faa2. Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 2682a1d17af8a1eeb309bbb04df5a97a3c7c55cb Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Wed Aug 7 14:16:43 2024 +0200 ids.cgi: Use the PID file to find suricata The process changes it name to "Suricata-Main" which is why the previous method did not work. Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 3fb09506ae1682adc2e12bd4ffe5ad438197da2d Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Sat Mar 23 19:16:48 2024 +0100 ids.cgi: Use new services function Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> ----------------------------------------------------------------------- Summary of changes: config/cfgroot/header.pl | 1 + doc/language_issues.de | 7 + doc/language_issues.en | 7 +- doc/language_issues.es | 7 +- doc/language_issues.fr | 7 + doc/language_issues.it | 7 +- doc/language_issues.nl | 7 +- doc/language_issues.pl | 7 +- doc/language_issues.ru | 7 +- doc/language_issues.tr | 7 +- doc/language_missings | 16 + html/cgi-bin/connections.cgi | 468 +++++++------------------- html/cgi-bin/extrahd.cgi | 2 +- html/cgi-bin/firewall.cgi | 171 +++++----- html/cgi-bin/ids.cgi | 91 +---- html/cgi-bin/ovpnmain.cgi | 20 +- html/cgi-bin/qos.cgi | 20 +- html/cgi-bin/services.cgi | 66 ++-- html/cgi-bin/vpnmain.cgi | 16 +- html/html/themes/ipfire/include/css/style.css | 69 +++- langs/en/cgi-bin/en.pl | 2 + 21 files changed, 381 insertions(+), 624 deletions(-) Difference in files: diff --git a/config/cfgroot/header.pl b/config/cfgroot/header.pl index a4a4f5d03..1d1146978 100644 --- a/config/cfgroot/header.pl +++ b/config/cfgroot/header.pl @@ -40,6 +40,7 @@ $Header::colourblue = '#333399'; $Header::colourovpn = '#339999'; $Header::colourfw = '#000000'; $Header::colourvpn = '#990099'; +$Header::colourwg = '#ff007f'; $Header::colourerr = '#FF0000'; $Header::viewsize = 150; $Header::errormessage = ''; diff --git a/doc/language_issues.de b/doc/language_issues.de index e2ca260de..9227a02fc 100644 --- a/doc/language_issues.de +++ b/doc/language_issues.de @@ -140,6 +140,7 @@ WARNING: translation string unused: bitrate WARNING: translation string unused: bleeding rules WARNING: translation string unused: blue access use hint WARNING: translation string unused: blue interface +WARNING: translation string unused: bytes WARNING: translation string unused: cache management WARNING: translation string unused: cache size WARNING: translation string unused: calamaris report interval (in minutes) @@ -276,6 +277,7 @@ WARNING: translation string unused: encrypted WARNING: translation string unused: enter ack class WARNING: translation string unused: entropy WARNING: translation string unused: entropy graphs +WARNING: translation string unused: eol architecture warning WARNING: translation string unused: err bk 1 WARNING: translation string unused: err bk 10 password WARNING: translation string unused: err bk 2 key @@ -382,6 +384,7 @@ WARNING: translation string unused: guest ok WARNING: translation string unused: gz with key WARNING: translation string unused: harddisk temperature WARNING: translation string unused: harddisk temperature graphs +WARNING: translation string unused: high memory usage WARNING: translation string unused: hint WARNING: translation string unused: host WARNING: translation string unused: host allow @@ -710,6 +713,8 @@ WARNING: translation string unused: smbstop WARNING: translation string unused: smtphost WARNING: translation string unused: smtpport WARNING: translation string unused: socket options +WARNING: translation string unused: sort ascending +WARNING: translation string unused: sort descending WARNING: translation string unused: source ip bad WARNING: translation string unused: source ip in use WARNING: translation string unused: source ip or net @@ -904,6 +909,7 @@ WARNING: untranslated string: cake profile pppoe-llcsnap 40 = PPPoE LLC SNAP (40 WARNING: untranslated string: cake profile pppoe-ptm 27 = PPPoE PTM (27 bytes) WARNING: untranslated string: cake profile pppoe-vcmux 32 = PPPoE VC-MUX (32 bytes) WARNING: untranslated string: cake profile raw 0 = Raw (no overhead compensation) +WARNING: untranslated string: data transfer = Data Transfer WARNING: untranslated string: desired = Desired WARNING: untranslated string: disable = Disable WARNING: untranslated string: download apple profile = Download Apple Configuration Profile @@ -1107,6 +1113,7 @@ WARNING: untranslated string: wio_wan_up = unknown string WARNING: untranslated string: wio_wanname = unknown string WARNING: untranslated string: wio_webinterface = unknown string WARNING: untranslated string: wio_webinterface_link = unknown string +WARNING: untranslated string: wireguard = WireGuard WARNING: untranslated string: wlan client encryption wpa3 = WPA3 WARNING: untranslated string: wlan client management frame protection = Management Frame Protection WARNING: untranslated string: wlanap 802.11w disabled = Disabled diff --git a/doc/language_issues.en b/doc/language_issues.en index 443c2a951..7cd36aff3 100644 --- a/doc/language_issues.en +++ b/doc/language_issues.en @@ -362,7 +362,6 @@ WARNING: untranslated string: broken = Broken WARNING: untranslated string: broken pipe = Broken pipe WARNING: untranslated string: buffered memory = Buffered Memory WARNING: untranslated string: buffers = buffers -WARNING: untranslated string: bytes = unknown string WARNING: untranslated string: bytes per second = Bytes per Second WARNING: untranslated string: bytes received = Bytes Received WARNING: untranslated string: bytes sent = Bytes Sent @@ -540,6 +539,7 @@ WARNING: untranslated string: current playlist = Current Playlist WARNING: untranslated string: current rules = Current rules: WARNING: untranslated string: daemon login script = Daemon login script WARNING: untranslated string: dangerous = Dangerous +WARNING: untranslated string: data transfer = Data Transfer WARNING: untranslated string: date = Date WARNING: untranslated string: date not in logs = No (or only partial) logs exist for the day queried WARNING: untranslated string: day = Day @@ -736,7 +736,6 @@ WARNING: untranslated string: encapsulation = Encapsulation WARNING: untranslated string: encryption = Encryption: WARNING: untranslated string: end address = End address: WARNING: untranslated string: enter data = Enter your settings <br /> and then press <i>Save</i>. -WARNING: untranslated string: eol architecture warning = You are running an architecture of IPFire which reached its end of life. You will not receive updates anymore. This is a security risk. WARNING: untranslated string: error = Error WARNING: untranslated string: error message = unknown string WARNING: untranslated string: error messages = Error messages @@ -1023,7 +1022,6 @@ WARNING: untranslated string: hardware vulnerabilities = Hardware Vulnerabilitie WARNING: untranslated string: hdd temperature in = Harddisk temperature in WARNING: untranslated string: help = Help WARNING: untranslated string: high = High -WARNING: untranslated string: high memory usage = High memory usage WARNING: untranslated string: holdoff = Holdoff time (in seconds) WARNING: untranslated string: host certificate = Host Certificate WARNING: untranslated string: host ip = Host IP address @@ -1667,8 +1665,6 @@ WARNING: untranslated string: smt enabled = Simultaneous Multi-Threading (SMT) i WARNING: untranslated string: smt not supported = Simultaneous Multi-Threading (SMT) is not supported WARNING: untranslated string: snat new source ip address = New source IP address WARNING: untranslated string: software version = Software Version -WARNING: untranslated string: sort ascending = Sort ascending -WARNING: untranslated string: sort descending = Sort descending WARNING: untranslated string: sound = Sound WARNING: untranslated string: source = Source WARNING: untranslated string: source ip = Source IP @@ -2294,6 +2290,7 @@ WARNING: untranslated string: wio_wan_up = unknown string WARNING: untranslated string: wio_wanname = unknown string WARNING: untranslated string: wio_webinterface = unknown string WARNING: untranslated string: wio_webinterface_link = unknown string +WARNING: untranslated string: wireguard = WireGuard WARNING: untranslated string: wireless = Wireless WARNING: untranslated string: wireless config added = Wireless config added WARNING: untranslated string: wireless config changed = Wireless config changed diff --git a/doc/language_issues.es b/doc/language_issues.es index f949d8a03..4b04f49a1 100644 --- a/doc/language_issues.es +++ b/doc/language_issues.es @@ -310,6 +310,7 @@ WARNING: translation string unused: encrypted WARNING: translation string unused: enter ack class WARNING: translation string unused: entropy WARNING: translation string unused: entropy graphs +WARNING: translation string unused: eol architecture warning WARNING: translation string unused: err bk 1 WARNING: translation string unused: err bk 10 password WARNING: translation string unused: err bk 2 key @@ -422,6 +423,7 @@ WARNING: translation string unused: guest ok WARNING: translation string unused: gz with key WARNING: translation string unused: harddisk temperature WARNING: translation string unused: harddisk temperature graphs +WARNING: translation string unused: high memory usage WARNING: translation string unused: hint WARNING: translation string unused: host WARNING: translation string unused: host allow @@ -774,6 +776,8 @@ WARNING: translation string unused: smtpport WARNING: translation string unused: snort hits WARNING: translation string unused: snort working WARNING: translation string unused: socket options +WARNING: translation string unused: sort ascending +WARNING: translation string unused: sort descending WARNING: translation string unused: source ip bad WARNING: translation string unused: source ip in use WARNING: translation string unused: source ip or net @@ -963,8 +967,8 @@ WARNING: untranslated string: Scan for Songs = unknown string WARNING: untranslated string: access point name = Access Point Name WARNING: untranslated string: access point name is invalid = Access Point Name is invalid WARNING: untranslated string: access point name is required = Access Point Name is required -WARNING: untranslated string: bytes = unknown string WARNING: untranslated string: cpu frequency = CPU frequency +WARNING: untranslated string: data transfer = Data Transfer WARNING: untranslated string: dhcp fixed ip address in dynamic range = Fixed IP Address in dynamic range WARNING: untranslated string: dns servers = DNS Servers WARNING: untranslated string: downfall gather data sampling = Downfall/Gather Data Sampling @@ -1168,5 +1172,6 @@ WARNING: untranslated string: wio_wan_up = unknown string WARNING: untranslated string: wio_wanname = unknown string WARNING: untranslated string: wio_webinterface = unknown string WARNING: untranslated string: wio_webinterface_link = unknown string +WARNING: untranslated string: wireguard = WireGuard WARNING: untranslated string: wlan client configuration = Wireless Client Configuration WARNING: untranslated string: wlanap = Access Point diff --git a/doc/language_issues.fr b/doc/language_issues.fr index ef480a19e..b9c7c429e 100644 --- a/doc/language_issues.fr +++ b/doc/language_issues.fr @@ -160,6 +160,7 @@ WARNING: translation string unused: bitrate WARNING: translation string unused: bleeding rules WARNING: translation string unused: blue access use hint WARNING: translation string unused: blue interface +WARNING: translation string unused: bytes WARNING: translation string unused: cache management WARNING: translation string unused: cache size WARNING: translation string unused: calamaris report interval (in minutes) @@ -303,6 +304,7 @@ WARNING: translation string unused: encrypted WARNING: translation string unused: enter ack class WARNING: translation string unused: entropy WARNING: translation string unused: entropy graphs +WARNING: translation string unused: eol architecture warning WARNING: translation string unused: err bk 1 WARNING: translation string unused: err bk 10 password WARNING: translation string unused: err bk 2 key @@ -409,6 +411,7 @@ WARNING: translation string unused: guest ok WARNING: translation string unused: gz with key WARNING: translation string unused: harddisk temperature WARNING: translation string unused: harddisk temperature graphs +WARNING: translation string unused: high memory usage WARNING: translation string unused: hint WARNING: translation string unused: host WARNING: translation string unused: host allow @@ -745,6 +748,8 @@ WARNING: translation string unused: smbstop WARNING: translation string unused: smtphost WARNING: translation string unused: smtpport WARNING: translation string unused: socket options +WARNING: translation string unused: sort ascending +WARNING: translation string unused: sort descending WARNING: translation string unused: source ip bad WARNING: translation string unused: source ip in use WARNING: translation string unused: source ip or net @@ -926,6 +931,7 @@ WARNING: translation string unused: zoneconf val vlan tag assignment error WARNING: translation string unused: zoneconf val vlan tag range error WARNING: translation string unused: zoneconf val zoneslave amount error WARNING: untranslated string: core notice 3 = available. +WARNING: untranslated string: data transfer = Data Transfer WARNING: untranslated string: enable disable client = unknown string WARNING: untranslated string: enable disable dyndns = unknown string WARNING: untranslated string: error message = unknown string @@ -1104,3 +1110,4 @@ WARNING: untranslated string: wio_wan_up = unknown string WARNING: untranslated string: wio_wanname = unknown string WARNING: untranslated string: wio_webinterface = unknown string WARNING: untranslated string: wio_webinterface_link = unknown string +WARNING: untranslated string: wireguard = WireGuard diff --git a/doc/language_issues.it b/doc/language_issues.it index 44387439c..6a6acf00b 100644 --- a/doc/language_issues.it +++ b/doc/language_issues.it @@ -377,6 +377,7 @@ WARNING: translation string unused: guest ok WARNING: translation string unused: gz with key WARNING: translation string unused: harddisk temperature WARNING: translation string unused: harddisk temperature graphs +WARNING: translation string unused: high memory usage WARNING: translation string unused: hint WARNING: translation string unused: host WARNING: translation string unused: host allow @@ -702,6 +703,8 @@ WARNING: translation string unused: smtpport WARNING: translation string unused: snort hits WARNING: translation string unused: snort working WARNING: translation string unused: socket options +WARNING: translation string unused: sort ascending +WARNING: translation string unused: sort descending WARNING: translation string unused: source ip bad WARNING: translation string unused: source ip in use WARNING: translation string unused: source ip or net @@ -933,7 +936,6 @@ WARNING: untranslated string: autonomous system = Autonomous System WARNING: untranslated string: available = available WARNING: untranslated string: block = Block WARNING: untranslated string: broken = Broken -WARNING: untranslated string: bytes = unknown string WARNING: untranslated string: cake profile bridged-llcsnap 32 = Bridged LLC SNAP (32 bytes) WARNING: untranslated string: cake profile bridged-ptm 19 = Bridged PTM (19 bytes) WARNING: untranslated string: cake profile bridged-vcmux 24 = Bridged VC-MUX (24 bytes) @@ -955,6 +957,7 @@ WARNING: untranslated string: cpu frequency = CPU frequency WARNING: untranslated string: crypto error = Cryptographic error WARNING: untranslated string: crypto warning = Cryptographic warning WARNING: untranslated string: dangerous = Dangerous +WARNING: untranslated string: data transfer = Data Transfer WARNING: untranslated string: default IP address = Default IP Address WARNING: untranslated string: desired = Desired WARNING: untranslated string: dh = Diffie-Hellman-Parameter @@ -1017,7 +1020,6 @@ WARNING: untranslated string: enable disable client = unknown string WARNING: untranslated string: enable disable dyndns = unknown string WARNING: untranslated string: enable otp = Enable OTP WARNING: untranslated string: enable smt = Enable Simultaneous Multi-Threading (SMT) -WARNING: untranslated string: eol architecture warning = You are running an architecture of IPFire which reached its end of life. You will not receive updates anymore. This is a security risk. WARNING: untranslated string: error = Error WARNING: untranslated string: error message = unknown string WARNING: untranslated string: error the to date has to be later than the from date = The to date has to be later than the from date! @@ -1460,6 +1462,7 @@ WARNING: untranslated string: wio_wan_up = unknown string WARNING: untranslated string: wio_wanname = unknown string WARNING: untranslated string: wio_webinterface = unknown string WARNING: untranslated string: wio_webinterface_link = unknown string +WARNING: untranslated string: wireguard = WireGuard WARNING: untranslated string: wireless network = WiFi Network WARNING: untranslated string: wlan client anonymous identity = Anonymous Identity WARNING: untranslated string: wlan client auth auto = Auto diff --git a/doc/language_issues.nl b/doc/language_issues.nl index 57edc0f5b..5d15b7f58 100644 --- a/doc/language_issues.nl +++ b/doc/language_issues.nl @@ -379,6 +379,7 @@ WARNING: translation string unused: gz with key WARNING: translation string unused: harddisk temperature WARNING: translation string unused: harddisk temperature graphs WARNING: translation string unused: hardware support +WARNING: translation string unused: high memory usage WARNING: translation string unused: hint WARNING: translation string unused: host WARNING: translation string unused: host allow @@ -702,6 +703,8 @@ WARNING: translation string unused: smtpport WARNING: translation string unused: snort hits WARNING: translation string unused: snort working WARNING: translation string unused: socket options +WARNING: translation string unused: sort ascending +WARNING: translation string unused: sort descending WARNING: translation string unused: source ip bad WARNING: translation string unused: source ip in use WARNING: translation string unused: source ip or net @@ -935,7 +938,6 @@ WARNING: untranslated string: autonomous system = Autonomous System WARNING: untranslated string: available = available WARNING: untranslated string: block = Block WARNING: untranslated string: broken = Broken -WARNING: untranslated string: bytes = unknown string WARNING: untranslated string: cake profile bridged-llcsnap 32 = Bridged LLC SNAP (32 bytes) WARNING: untranslated string: cake profile bridged-ptm 19 = Bridged PTM (19 bytes) WARNING: untranslated string: cake profile bridged-vcmux 24 = Bridged VC-MUX (24 bytes) @@ -958,6 +960,7 @@ WARNING: untranslated string: crypto error = Cryptographic error WARNING: untranslated string: crypto warning = Cryptographic warning WARNING: untranslated string: daemon login script = Daemon login script WARNING: untranslated string: dangerous = Dangerous +WARNING: untranslated string: data transfer = Data Transfer WARNING: untranslated string: default = Default WARNING: untranslated string: default IP address = Default IP Address WARNING: untranslated string: desired = Desired @@ -1023,7 +1026,6 @@ WARNING: untranslated string: enable disable client = unknown string WARNING: untranslated string: enable disable dyndns = unknown string WARNING: untranslated string: enable otp = Enable OTP WARNING: untranslated string: enable smt = Enable Simultaneous Multi-Threading (SMT) -WARNING: untranslated string: eol architecture warning = You are running an architecture of IPFire which reached its end of life. You will not receive updates anymore. This is a security risk. WARNING: untranslated string: error = Error WARNING: untranslated string: error message = unknown string WARNING: untranslated string: error the to date has to be later than the from date = The to date has to be later than the from date! @@ -1483,6 +1485,7 @@ WARNING: untranslated string: wio_wan_up = unknown string WARNING: untranslated string: wio_wanname = unknown string WARNING: untranslated string: wio_webinterface = unknown string WARNING: untranslated string: wio_webinterface_link = unknown string +WARNING: untranslated string: wireguard = WireGuard WARNING: untranslated string: wireless network = WiFi Network WARNING: untranslated string: wlan client anonymous identity = Anonymous Identity WARNING: untranslated string: wlan client auth auto = Auto diff --git a/doc/language_issues.pl b/doc/language_issues.pl index 0b3ce39a5..b4fc5df68 100644 --- a/doc/language_issues.pl +++ b/doc/language_issues.pl @@ -318,6 +318,7 @@ WARNING: translation string unused: guest ok WARNING: translation string unused: gz with key WARNING: translation string unused: harddisk temperature WARNING: translation string unused: harddisk temperature graphs +WARNING: translation string unused: high memory usage WARNING: translation string unused: hint WARNING: translation string unused: host WARNING: translation string unused: host allow @@ -628,6 +629,8 @@ WARNING: translation string unused: smtpport WARNING: translation string unused: snort hits WARNING: translation string unused: snort working WARNING: translation string unused: socket options +WARNING: translation string unused: sort ascending +WARNING: translation string unused: sort descending WARNING: translation string unused: source ip bad WARNING: translation string unused: source ip in use WARNING: translation string unused: source ip or net @@ -861,7 +864,6 @@ WARNING: untranslated string: available = available WARNING: untranslated string: bit = bit WARNING: untranslated string: block = Block WARNING: untranslated string: broken = Broken -WARNING: untranslated string: bytes = unknown string WARNING: untranslated string: cake profile bridged-llcsnap 32 = Bridged LLC SNAP (32 bytes) WARNING: untranslated string: cake profile bridged-ptm 19 = Bridged PTM (19 bytes) WARNING: untranslated string: cake profile bridged-vcmux 24 = Bridged VC-MUX (24 bytes) @@ -925,6 +927,7 @@ WARNING: untranslated string: cpu frequency = CPU frequency WARNING: untranslated string: crypto error = Cryptographic error WARNING: untranslated string: crypto warning = Cryptographic warning WARNING: untranslated string: dangerous = Dangerous +WARNING: untranslated string: data transfer = Data Transfer WARNING: untranslated string: dead peer detection = Dead Peer Detection WARNING: untranslated string: default = Default WARNING: untranslated string: default IP address = Default IP Address @@ -1010,7 +1013,6 @@ WARNING: untranslated string: enable disable dyndns = unknown string WARNING: untranslated string: enable otp = Enable OTP WARNING: untranslated string: enable smt = Enable Simultaneous Multi-Threading (SMT) WARNING: untranslated string: encryption = Encryption: -WARNING: untranslated string: eol architecture warning = You are running an architecture of IPFire which reached its end of life. You will not receive updates anymore. This is a security risk. WARNING: untranslated string: error = Error WARNING: untranslated string: error message = unknown string WARNING: untranslated string: error the to date has to be later than the from date = The to date has to be later than the from date! @@ -1726,6 +1728,7 @@ WARNING: untranslated string: wio_wan_up = unknown string WARNING: untranslated string: wio_wanname = unknown string WARNING: untranslated string: wio_webinterface = unknown string WARNING: untranslated string: wio_webinterface_link = unknown string +WARNING: untranslated string: wireguard = WireGuard WARNING: untranslated string: wireless network = WiFi Network WARNING: untranslated string: wlan client = Wireless client WARNING: untranslated string: wlan client advanced settings = Advanced settings diff --git a/doc/language_issues.ru b/doc/language_issues.ru index 73823a7a8..9cb5e2a15 100644 --- a/doc/language_issues.ru +++ b/doc/language_issues.ru @@ -315,6 +315,7 @@ WARNING: translation string unused: guest ok WARNING: translation string unused: gz with key WARNING: translation string unused: harddisk temperature WARNING: translation string unused: harddisk temperature graphs +WARNING: translation string unused: high memory usage WARNING: translation string unused: hint WARNING: translation string unused: host WARNING: translation string unused: host allow @@ -623,6 +624,8 @@ WARNING: translation string unused: smtpport WARNING: translation string unused: snort hits WARNING: translation string unused: snort working WARNING: translation string unused: socket options +WARNING: translation string unused: sort ascending +WARNING: translation string unused: sort descending WARNING: translation string unused: source ip bad WARNING: translation string unused: source ip in use WARNING: translation string unused: source ip or net @@ -856,7 +859,6 @@ WARNING: untranslated string: available = available WARNING: untranslated string: bit = bit WARNING: untranslated string: block = Block WARNING: untranslated string: broken = Broken -WARNING: untranslated string: bytes = unknown string WARNING: untranslated string: cake profile bridged-llcsnap 32 = Bridged LLC SNAP (32 bytes) WARNING: untranslated string: cake profile bridged-ptm 19 = Bridged PTM (19 bytes) WARNING: untranslated string: cake profile bridged-vcmux 24 = Bridged VC-MUX (24 bytes) @@ -920,6 +922,7 @@ WARNING: untranslated string: cpu frequency = CPU frequency WARNING: untranslated string: crypto error = Cryptographic error WARNING: untranslated string: crypto warning = Cryptographic warning WARNING: untranslated string: dangerous = Dangerous +WARNING: untranslated string: data transfer = Data Transfer WARNING: untranslated string: dead peer detection = Dead Peer Detection WARNING: untranslated string: default = Default WARNING: untranslated string: default IP address = Default IP Address @@ -1005,7 +1008,6 @@ WARNING: untranslated string: enable disable dyndns = unknown string WARNING: untranslated string: enable otp = Enable OTP WARNING: untranslated string: enable smt = Enable Simultaneous Multi-Threading (SMT) WARNING: untranslated string: encryption = Encryption: -WARNING: untranslated string: eol architecture warning = You are running an architecture of IPFire which reached its end of life. You will not receive updates anymore. This is a security risk. WARNING: untranslated string: error = Error WARNING: untranslated string: error message = unknown string WARNING: untranslated string: error the to date has to be later than the from date = The to date has to be later than the from date! @@ -1719,6 +1721,7 @@ WARNING: untranslated string: wio_wan_up = unknown string WARNING: untranslated string: wio_wanname = unknown string WARNING: untranslated string: wio_webinterface = unknown string WARNING: untranslated string: wio_webinterface_link = unknown string +WARNING: untranslated string: wireguard = WireGuard WARNING: untranslated string: wireless network = WiFi Network WARNING: untranslated string: wlan client = Wireless client WARNING: untranslated string: wlan client advanced settings = Advanced settings diff --git a/doc/language_issues.tr b/doc/language_issues.tr index 9cc962515..4f9792a1a 100644 --- a/doc/language_issues.tr +++ b/doc/language_issues.tr @@ -403,6 +403,7 @@ WARNING: translation string unused: guest ok WARNING: translation string unused: gz with key WARNING: translation string unused: harddisk temperature WARNING: translation string unused: harddisk temperature graphs +WARNING: translation string unused: high memory usage WARNING: translation string unused: hint WARNING: translation string unused: host WARNING: translation string unused: host allow @@ -732,6 +733,8 @@ WARNING: translation string unused: smtpport WARNING: translation string unused: snort hits WARNING: translation string unused: snort working WARNING: translation string unused: socket options +WARNING: translation string unused: sort ascending +WARNING: translation string unused: sort descending WARNING: translation string unused: source ip bad WARNING: translation string unused: source ip in use WARNING: translation string unused: source ip or net @@ -920,7 +923,6 @@ WARNING: untranslated string: asn lookup failed = AS lookup failed WARNING: untranslated string: autonomous system = Autonomous System WARNING: untranslated string: available = available WARNING: untranslated string: broken = Broken -WARNING: untranslated string: bytes = unknown string WARNING: untranslated string: cake profile bridged-llcsnap 32 = Bridged LLC SNAP (32 bytes) WARNING: untranslated string: cake profile bridged-ptm 19 = Bridged PTM (19 bytes) WARNING: untranslated string: cake profile bridged-vcmux 24 = Bridged VC-MUX (24 bytes) @@ -941,6 +943,7 @@ WARNING: untranslated string: cpu frequency = CPU frequency WARNING: untranslated string: crypto error = Cryptographic error WARNING: untranslated string: crypto warning = Cryptographic warning WARNING: untranslated string: dangerous = Dangerous +WARNING: untranslated string: data transfer = Data Transfer WARNING: untranslated string: default IP address = Default IP Address WARNING: untranslated string: desired = Desired WARNING: untranslated string: dh = Diffie-Hellman-Parameter @@ -980,7 +983,6 @@ WARNING: untranslated string: enable disable client = unknown string WARNING: untranslated string: enable disable dyndns = unknown string WARNING: untranslated string: enable otp = Enable OTP WARNING: untranslated string: enable smt = Enable Simultaneous Multi-Threading (SMT) -WARNING: untranslated string: eol architecture warning = You are running an architecture of IPFire which reached its end of life. You will not receive updates anymore. This is a security risk. WARNING: untranslated string: error = Error WARNING: untranslated string: error message = unknown string WARNING: untranslated string: error the to date has to be later than the from date = The to date has to be later than the from date! @@ -1344,6 +1346,7 @@ WARNING: untranslated string: wio_wan_up = unknown string WARNING: untranslated string: wio_wanname = unknown string WARNING: untranslated string: wio_webinterface = unknown string WARNING: untranslated string: wio_webinterface_link = unknown string +WARNING: untranslated string: wireguard = WireGuard WARNING: untranslated string: wlan client encryption wpa3 = WPA3 WARNING: untranslated string: wlan client management frame protection = Management Frame Protection WARNING: untranslated string: wlanap 802.11w disabled = Disabled diff --git a/doc/language_missings b/doc/language_missings index 05fff37d1..4f166b440 100644 --- a/doc/language_missings +++ b/doc/language_missings @@ -46,6 +46,7 @@ < choose media < could not connect to www ipfire org < cryptographic settings +< data transfer < desired < dhcp server disabled on blue interface < dhcp server enabled on blue interface @@ -102,6 +103,7 @@ < user management < vpn configuration main < winbind daemon +< wireguard < wlanap 802.11w disabled < wlanap 802.11w enforced < wlanap 802.11w optional @@ -115,6 +117,7 @@ < access point name is required < addon < cpu frequency +< data transfer < dhcp fixed ip address in dynamic range < dns servers < downfall gather data sampling @@ -147,6 +150,7 @@ < system time < timeformat < transport mode does not support vti +< wireguard < wlanap < wlan client configuration ############################################################################ @@ -155,6 +159,7 @@ < ansi t1.483 < bewan adsl pci st < bewan adsl usb +< data transfer < extrahd because it it outside the allowed mount path < fwdfw syn flood protection < g.dtm @@ -169,6 +174,7 @@ < system time < timeformat < upload fcdsl.o +< wireguard ############################################################################ # Checking cgi-bin translations for language: it # ############################################################################ @@ -283,6 +289,7 @@ < crypto warning < Daily < dangerous +< data transfer < default IP address < desired < dh @@ -647,6 +654,7 @@ < Weekly < whois results from < winbind daemon +< wireguard < wireless network < wlanap < wlanap 802.11w disabled @@ -812,6 +820,7 @@ < daemon login script < Daily < dangerous +< data transfer < default < default IP address < desired @@ -1201,6 +1210,7 @@ < Weekly < whois results from < winbind daemon +< wireguard < wireless network < wlanap < wlanap 802.11w disabled @@ -1428,6 +1438,7 @@ < crypto warning < Daily < dangerous +< data transfer < dead peer detection < default < default ip @@ -2170,6 +2181,7 @@ < Weekly < whois results from < winbind daemon +< wireguard < wireless network < wlanap < wlanap 802.11w disabled @@ -2429,6 +2441,7 @@ < crypto warning < Daily < dangerous +< data transfer < day-graph < dead peer detection < default @@ -3176,6 +3189,7 @@ < Weekly < whois results from < winbind daemon +< wireguard < wireless network < wlanap < wlanap 802.11w disabled @@ -3308,6 +3322,7 @@ < crypto warning < Daily < dangerous +< data transfer < default IP address < desired < dh @@ -3559,6 +3574,7 @@ < Weekly < whois results from < winbind daemon +< wireguard < wlanap 802.11w disabled < wlanap 802.11w enforced < wlanap 802.11w optional diff --git a/html/cgi-bin/connections.cgi b/html/cgi-bin/connections.cgi index 24702980c..badc1f395 100644 --- a/html/cgi-bin/connections.cgi +++ b/html/cgi-bin/connections.cgi @@ -20,246 +20,127 @@ ############################################################################### use strict; -use experimental 'smartmatch'; - -use Net::IPv4Addr qw( :all ); use Switch; # enable only the following on debugging purpose -#use warnings; -#use CGI::Carp 'fatalsToBrowser'; +use warnings; +use CGI::Carp 'fatalsToBrowser'; require '/var/ipfire/general-functions.pl'; require "${General::swroot}/lang.pl"; require "${General::swroot}/header.pl"; +require "${General::swroot}/ids-functions.pl"; require "${General::swroot}/location-functions.pl"; my $colour_multicast = "#A0A0A0"; -# sort arguments for connection tracking table -# the sort field. eg. 1=src IP, 2=dst IP, 3=src port, 4=dst port -my $SORT_FIELD = 0; -# the sort order. (a)scending orr (d)escending -my $SORT_ORDER = 0; -# cgi query arguments -my %cgiin; -# debug mode -my $debug = 0; - -# retrieve query arguments -# note: let a-z A-Z and 0-9 pass as value only -if (length ($ENV{'QUERY_STRING'}) > 0){ - my $name; - my $value; - my $buffer = $ENV{'QUERY_STRING'}; - my @pairs = split(/&/, $buffer); - foreach my $pair (@pairs){ - ($name, $value) = split(/=/, $pair); - $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; # e.g. "%20" => " " - $value =~ s/[^a-zA-Z0-9]*//g; # a-Z 0-9 will pass - $cgiin{$name} = $value; - } -} +my %settings = (); +&General::readhash("/var/ipfire/ethernet/settings", \%settings); &Header::showhttpheaders(); -my @network=(); -my @masklen=(); -my @colour=(); +# Collect all known networks +my %networks = ( + # Localhost + "127.0.0.0/8" => ${Header::colourfw}, -my %netsettings=(); -&General::readhash("${General::swroot}/ethernet/settings", \%netsettings); + # Multicast + "224.0.0.0/3" => $colour_multicast, -# output cgi query arrguments to browser on debug -if ( $debug ){ - &Header::openbox('100%', 'center', 'DEBUG'); - my $debugCount = 0; - foreach my $line (sort keys %cgiin) { - print "$line = '$cgiin{$line}'<br />\n"; - $debugCount++; - } - print " Count: $debugCount\n"; - &Header::closebox(); -} + # GREEN + "$settings{'GREEN_ADDRESS'}/32" => ${Header::colourfw}, + "$settings{'GREEN_NETADDRESS'}/$settings{'GREEN_NETMASK'}" => ${Header::colourgreen}, -#workaround to suppress a warning when a variable is used only once -my @dummy = ( ${Header::table1colour} ); -undef (@dummy); + # BLUE + "$settings{'BLUE_ADDRESS'}/32" => ${Header::colourfw}, + "$settings{'BLUE_NETADDRESS'}/$settings{'BLUE_NETMASK'}" => ${Header::colourblue}, -# check sorting arguments -if ( $cgiin{'sort_field'} ~~ [ '1','2','3','4','5','6','7','8','9' ] ) { - $SORT_FIELD = $cgiin{'sort_field'}; + # ORANGE + "$settings{'ORANGE_ADDRESS'}/32" => ${Header::colourfw}, + "$settings{'ORANGE_NETADDRESS'}/$settings{'ORANGE_NETMASK'}" => ${Header::colourorange}, +); - if ( $cgiin{'sort_order'} ~~ [ 'a','d','A','D' ] ) { - $SORT_ORDER = lc($cgiin{'sort_order'}); - } +# RED Address +my $address = &IDS::get_red_address(); +if ($address) { + $networks{"${address}/32"} = ${Header::colourfw}; } -# Read and sort the connection tracking table -# do sorting -if ($SORT_FIELD and $SORT_ORDER) { - # field sorting when sorting arguments are sane - open(CONNTRACK, "/usr/local/bin/getconntracktable | /usr/local/bin/consort.sh $SORT_FIELD $SORT_ORDER |") or die "Unable to read conntrack table"; -} else { - # default sorting with no query arguments - open(CONNTRACK, "/usr/local/bin/getconntracktable | sort -k 5,5 --numeric-sort --reverse |") or die "Unable to read conntrack table"; +# Add all aliases +my @aliases = &IDS::get_aliases(); +for my $alias (@aliases) { + $networks{"${alias}/32"} = ${Header::colourfw}; } -my @conntrack = <CONNTRACK>; -close(CONNTRACK); -# Collect data for the @network array. +my %interfaces = ( + $settings{'GREEN_DEV'} => ${Header::colourgreen}, + $settings{'BLUE_DEV'} => ${Header::colourblue}, + $settings{'ORANGE_DEV'} => ${Header::colourorange}, -# Add Firewall Localhost 127.0.0.1 -push(@network, '127.0.0.1'); -push(@masklen, '255.255.255.255'); -push(@colour, ${Header::colourfw}); + # IPsec + "gre[0-9]+" => ${Header::colourvpn}, + "vti[0-9]+" => ${Header::colourvpn}, -if (open(IP, "${General::swroot}/red/local-ipaddress")) { - my $redip = <IP>; - close(IP); + # OpenVPN + "tun[0-9]+" => ${Header::colourovpn}, +); - chomp $redip; - push(@network, $redip); - push(@masklen, '255.255.255.255'); - push(@colour, ${Header::colourfw}); -} +my @routes = &General::system_output("ip", "route", "show"); -# Add STATIC RED aliases -if ($netsettings{'RED_DEV'}) { - my $aliasfile = "${General::swroot}/ethernet/aliases"; - open(ALIASES, $aliasfile) or die 'Unable to open aliases file.'; - my @aliases = <ALIASES>; - close(ALIASES); - - # We have a RED eth iface - if ($netsettings{'RED_TYPE'} eq 'STATIC') { - # We have a STATIC RED eth iface - foreach my $line (@aliases) { - chomp($line); - my @temp = split(/\,/,$line); - if ($temp[0]) { - push(@network, $temp[0]); - push(@masklen, $netsettings{'RED_NETMASK'} ); - push(@colour, ${Header::colourfw} ); - } +# Find all routes +foreach my $intf (keys %interfaces) { + foreach my $route (grep(/dev ${intf}/, @routes)) { + if ($route =~ m/^(\d+\.\d+\.\d+\.\d+\/\d+)/) { + $networks{$1} = $interfaces{$intf}; } } } -# Call safe system_output function to get all available routes. -my @all_routes = &General::system_output("/sbin/route", "-n"); - -# Add Green Firewall Interface -push(@network, $netsettings{'GREEN_ADDRESS'}); -push(@masklen, "255.255.255.255" ); -push(@colour, ${Header::colourfw} ); - -if ($netsettings{'GREEN_DEV'}) { - # Add Green Network to Array - push(@network, $netsettings{'GREEN_NETADDRESS'}); - push(@masklen, $netsettings{'GREEN_NETMASK'} ); - push(@colour, ${Header::colourgreen} ); - - # Add Green Routes to Array - my @routes = grep (/$netsettings{'GREEN_DEV'}/, @all_routes); - foreach my $route (@routes) { - chomp($route); - my @temp = split(/[\t ]+/, $route); - push(@network, $temp[0]); - push(@masklen, $temp[2]); - push(@colour, ${Header::colourgreen} ); - } -} +# Load the WireGuard client pool +if (-e "/var/ipfire/wireguard/settings") { + my %wgsettings = (); -# Add Blue Firewall Interface -push(@network, $netsettings{'BLUE_ADDRESS'}); -push(@masklen, "255.255.255.255" ); -push(@colour, ${Header::colourfw} ); - -# Add Blue Network -if ($netsettings{'BLUE_DEV'}) { - push(@network, $netsettings{'BLUE_NETADDRESS'}); - push(@masklen, $netsettings{'BLUE_NETMASK'} ); - push(@colour, ${Header::colourblue} ); - - # Add Blue Routes to Array - my @routes = grep(/$netsettings{'BLUE_DEV'}/, @all_routes); - foreach my $route (@routes) { - chomp($route); - my @temp = split(/[\t ]+/, $route); - push(@network, $temp[0]); - push(@masklen, $temp[2]); - push(@colour, ${Header::colourblue} ); - } + &General::readhash("/var/ipfire/wireguard/settings", \%wgsettings); + + $networks{$wgsettings{'CLIENT_POOL'}} = ${Header::colourwg}; } -# Add Orange Firewall Interface -push(@network, $netsettings{'ORANGE_ADDRESS'}); -push(@masklen, "255.255.255.255" ); -push(@colour, ${Header::colourfw} ); - -# Add Orange Network -if ($netsettings{'ORANGE_DEV'}) { - push(@network, $netsettings{'ORANGE_NETADDRESS'}); - push(@masklen, $netsettings{'ORANGE_NETMASK'} ); - push(@colour, ${Header::colourorange} ); - # Add Orange Routes to Array - my @routes = grep(/$netsettings{'ORANGE_DEV'}/, @all_routes); - foreach my $route (@routes) { - chomp($route); - my @temp = split(/[\t ]+/, $route); - push(@network, $temp[0]); - push(@masklen, $temp[2]); - push(@colour, ${Header::colourorange} ); +# Load routed WireGuard networks +if (-e "/var/ipfire/wireguard/peers") { + my %wgpeers = (); + + # Load all peers + &General::readhasharray("/var/ipfire/wireguard/peers", \%wgpeers); + + foreach my $key (keys %wgpeers) { + my $networks = $wgpeers{$key}[6]; + + # Split the string + my @networks = split(/\|/, $networks); + + foreach my $network (@networks) { + $networks[$network] = ${Header::colourwg}; + } } } -# Highlight multicast connections. -push(@network, "224.0.0.0"); -push(@masklen, "239.0.0.0"); -push(@colour, $colour_multicast); - # Add OpenVPN net and RED/BLUE/ORANGE entry (when appropriate) if (-e "${General::swroot}/ovpn/settings") { my %ovpnsettings = (); &General::readhash("${General::swroot}/ovpn/settings", \%ovpnsettings); - my @tempovpnsubnet = split("\/",$ovpnsettings{'DOVPN_SUBNET'}); - - # add OpenVPN net - push(@network, $tempovpnsubnet[0]); - push(@masklen, $tempovpnsubnet[1]); - push(@colour, ${Header::colourovpn} ); - - # add BLUE:port / proto - if (($ovpnsettings{'ENABLED_BLUE'} eq 'on') && $netsettings{'BLUE_DEV'}) { - push(@network, $netsettings{'BLUE_ADDRESS'} ); - push(@masklen, '255.255.255.255' ); - push(@colour, ${Header::colourovpn}); - } - # add ORANGE:port / proto - if (($ovpnsettings{'ENABLED_ORANGE'} eq 'on') && $netsettings{'ORANGE_DEV'}) { - push(@network, $netsettings{'ORANGE_ADDRESS'} ); - push(@masklen, '255.255.255.255' ); - push(@colour, ${Header::colourovpn} ); - } + $networks{$ovpnsettings{'DOVPN_SUBNET'}} = ${Header::colourovpn}; } # Add OpenVPN net for custom OVPNs if (-e "${General::swroot}/ovpn/ccd.conf") { open(OVPNSUB, "${General::swroot}/ovpn/ccd.conf"); - my @ovpnsub = <OVPNSUB>; - close(OVPNSUB); - - foreach (@ovpnsub) { - my ($network, $mask) = split '/', (split ',', $_)[2]; - - $mask = ipv4_cidr2msk($mask) unless &General::validip($mask); + foreach my $line (<OVPNSUB>) { + my @ovpn = split(',', $line); - push(@network, $network); - push(@masklen, $mask); - push(@colour, ${Header::colourovpn}); + $networks{$ovpn[3]} = ${Header::colourovpn}; } + close(OVPNSUB); } open(IPSEC, "${General::swroot}/vpn/config"); @@ -271,42 +152,25 @@ foreach my $line (@ipsec) { my @subnets = split(/\|/, $vpn[12]); for my $subnet (@subnets) { - my ($network, $mask) = split("/", $subnet); - - if (!&General::validip($mask)) { - $mask = ipv4_cidr2msk($mask); - } - - push(@network, $network); - push(@masklen, $mask); - push(@colour, ${Header::colourvpn}); + $networks{$subnet} = ${Header::colourvpn}; } } if (-e "${General::swroot}/ovpn/n2nconf") { open(OVPNN2N, "${General::swroot}/ovpn/ovpnconfig"); - my @ovpnn2n = <OVPNN2N>; - close(OVPNN2N); - - foreach my $line (@ovpnn2n) { + foreach my $line (<OVPNN2N>) { my @ovpn = split(',', $line); next if ($ovpn[4] ne 'net'); - my ($network, $mask) = split("/", $ovpn[12]); - if (!&General::validip($mask)) { - $mask = ipv4_cidr2msk($mask); - } - - push(@network, $network); - push(@masklen, $mask); - push(@colour, ${Header::colourovpn}); + $networks{$ovpn[12]} = ${Header::colourovpn}; } + close(OVPNN2N); } # Show the page. &Header::openpage($Lang::tr{'connections'}, 1, ''); &Header::openbigbox('100%', 'left'); -&Header::openbox('100%', 'left', $Lang::tr{'connection tracking'}); +&Header::opensection(); # Print legend. print <<END; @@ -333,6 +197,9 @@ print <<END; <td style='text-align:center; color:#FFFFFF; background-color:${Header::colourvpn};'> <b>$Lang::tr{'vpn'}</b> </td> + <td style='text-align:center; color:#FFFFFF; background-color:${Header::colourwg};'> + <b>$Lang::tr{'wireguard'}</b> + </td> <td style='text-align:center; color:#FFFFFF; background-color:${Header::colourovpn};'> <b>$Lang::tr{'OpenVPN'}</b> </td> @@ -344,103 +211,38 @@ print <<END; <br> END -if ($SORT_FIELD and $SORT_ORDER) { - my @sort_field_name = ( - $Lang::tr{'source ip'}, - $Lang::tr{'destination ip'}, - $Lang::tr{'source port'}, - $Lang::tr{'destination port'}, - $Lang::tr{'protocol'}, - $Lang::tr{'connection'}.' '.$Lang::tr{'status'}, - $Lang::tr{'expires'}.' ('.$Lang::tr{'hours:minutes:seconds'}.')', - $Lang::tr{'download'}, - $Lang::tr{'upload'} - ); - my $sort_order_name; - if (lc($SORT_ORDER) eq "a") { - $sort_order_name = $Lang::tr{'sort ascending'}; - } else { - $sort_order_name = $Lang::tr{'sort descending'}; - } - -print <<END - <div style="font-weight:bold;margin:10px;font-size: 70%"> - $sort_order_name: $sort_field_name[$SORT_FIELD-1] - </div> -END -; -} - -# Print table header. +# Print table header print <<END; - <table style='width:100%'> - <tr> - <th style='text-align:center'> - <a href="?sort_field=5&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> - <a href="?sort_field=5&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> - </th> - <th style='text-align:center' colspan='2'> - <a href="?sort_field=1&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> - <a href="?sort_field=1&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> -          - <a href="?sort_field=3&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> - <a href="?sort_field=3&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> - </th> - <th> </th> - <th style='text-align:center' colspan='2'> - <a href="?sort_field=2&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> - <a href="?sort_field=2&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> -        - <a href="?sort_field=4&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> - <a href="?sort_field=4&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> - </th> - <th> </th> - <th style='text-align:center'> - <a href="?sort_field=8&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> - <a href="?sort_field=8&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> -      - <a href="?sort_field=9&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> - <a href="?sort_field=9&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> - </th> - <th style='text-align:center'> - <a href="?sort_field=6&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> - <a href="?sort_field=6&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> - </th> - <th style='text-align:center'> - <a href="?sort_field=7&sort_order=d"><img style="width:10px" src="/images/up.gif" alt=""></a> - <a href="?sort_field=7&sort_order=a"><img style="width:10px" src="/images/down.gif" alt=""></a> - </th> - </tr> + <table class="tbl"> <tr> - <th style='text-align:center'> + <th> $Lang::tr{'protocol'} </th> - <th style='text-align:center' colspan='2'> + <th colspan='2'> $Lang::tr{'source ip and port'} </th> - <th style='text-align:center'> - $Lang::tr{'country'} - </th> - <th style='text-align:center' colspan='2'> + <th></th> + <th colspan='2'> $Lang::tr{'dest ip and port'} </th> - <th style='text-align:center'> - $Lang::tr{'country'} + <th></th> + <th colspan='2'> + $Lang::tr{'data transfer'} </th> - <th style='text-align:center'> - $Lang::tr{'download'} / - <br>$Lang::tr{'upload'} - </th> - <th style='text-align:center'> + <th> $Lang::tr{'connection'}<br>$Lang::tr{'status'} </th> - <th style='text-align:center'> + <th> $Lang::tr{'expires'}<br>($Lang::tr{'hours:minutes:seconds'}) </th> </tr> END -foreach my $line (@conntrack) { +# Read and sort the connection tracking table +open(CONNTRACK, "/usr/local/bin/getconntracktable | sort -k 5,5 --numeric-sort --reverse |") + or die "Unable to read conntrack table"; + +foreach my $line (<CONNTRACK>) { my @conn = split(' ', $line); # The first bit is the l3 protocol. @@ -552,8 +354,9 @@ foreach my $line (@conntrack) { $dserv = uc(getservbyport($dport, lc($l4proto))); } - my $bytes_in = format_bytes($bytes[0]); - my $bytes_out = format_bytes($bytes[1]); + # Format bytes + my $bytes_in = &General::formatBytes($bytes[0]); + my $bytes_out = &General::formatBytes($bytes[1]); # enumerate location information my $srcccode = &Location::Functions::lookup_country_code($sip_ret); @@ -562,7 +365,7 @@ foreach my $line (@conntrack) { my $dst_flag_icon = &Location::Functions::get_flag_icon($dstccode); # Format TTL - $ttl = format_time($ttl); + $ttl = &General::format_time($ttl); my $sip_extra; if ($sip_ret && $sip ne $sip_ret) { @@ -580,7 +383,6 @@ foreach my $line (@conntrack) { $dip_extra .= "</a>"; } - my $sport_extra; if ($sport ne $sport_ret) { my $sserv_ret = ''; @@ -640,8 +442,11 @@ foreach my $line (@conntrack) { <td style='text-align:center; background-color:$sip_colour;'> <a href='country.cgi#$dstccode'><img src='$dst_flag_icon' border='0' align='absmiddle' alt='$dstccode' title='$dstccode' /></a> </td> - <td style='text-align:center'> - $bytes_in / $bytes_out + <td class="text-right"> + > $bytes_in + </td> + <td class="text-right"> + < $bytes_out </td> <td style='text-align:center'>$state</td> <td style='text-align:center'>$ttl</td> @@ -649,64 +454,35 @@ foreach my $line (@conntrack) { END } +close(CONNTRACK); + # Close the main table. print "</table>"; -&Header::closebox(); +&Header::closesection(); &Header::closebigbox(); &Header::closepage(); -sub format_bytes($) { - my $bytes = shift; - my @units = ("B", "k", "M", "G", "T"); - - foreach my $unit (@units) { - if ($bytes < 1024) { - return sprintf("%d%s", $bytes, $unit); - } - - $bytes /= 1024; - } - - return sprintf("%d%s", $bytes, $units[$#units]); -} - -sub format_time($) { - my $time = shift; - - my $seconds = $time % 60; - my $minutes = $time / 60; - - my $hours = 0; - if ($minutes >= 60) { - $hours = $minutes / 60; - $minutes %= 60; - } - - return sprintf("%3d:%02d:%02d", $hours, $minutes, $seconds); -} - sub ipcolour($) { - my $id = 0; - my $colour = ${Header::colourred}; - my ($ip) = $_[0]; - my $found = 0; - - if ($ip) { - foreach my $line (@network) { - if ($network[$id] eq '') { - $id++; - } else { - if (!$found && ipv4_in_network($network[$id], $masklen[$id], $ip) ) { - $found = 1; - $colour = $colour[$id]; + my $address = shift; + + # Sort all networks so we find the best match + my @networks = reverse sort { + &Network::get_prefix($a) <=> &Network::get_prefix($b) + } keys %networks; + + foreach my $network (@networks) { + if (defined $network) { + if (&Network::check_ip_address_and_netmask($network)) { + if (&Network::ip_address_in_network($address, $network)) { + return $networks{$network}; } - $id++; } } } - return $colour; + # If we don't know the network, the address must be from the RED network + return ${Header::colourred}; } 1; diff --git a/html/cgi-bin/extrahd.cgi b/html/cgi-bin/extrahd.cgi index afe79479b..363d3d9ff 100644 --- a/html/cgi-bin/extrahd.cgi +++ b/html/cgi-bin/extrahd.cgi @@ -216,7 +216,7 @@ if ($errormessage) { close(FILE); print <<END - <table border='0' width='600' cellspacing="0"> + <table border='0' width='100%' cellspacing="0"> END ; foreach my $device (sort @devices) { diff --git a/html/cgi-bin/firewall.cgi b/html/cgi-bin/firewall.cgi index 226d00838..6d983cb23 100644 --- a/html/cgi-bin/firewall.cgi +++ b/html/cgi-bin/firewall.cgi @@ -432,7 +432,8 @@ sub addrule { &error; - &Header::openbox('100%', 'left', ""); + &Header::opensection(); + print <<END; <form method="POST" action=""> <table border='0' width="100%"> @@ -452,11 +453,9 @@ END </tr> </table> </form> - - <br> END - &Header::closebox(); + &Header::closesection(); &viewtablerule; } sub base @@ -1987,41 +1986,28 @@ END &Header::closebox; $checked{"RULE_ACTION"}{$fwdfwsettings{'RULE_ACTION'}} = 'CHECKED'; print <<END; - <center> - <table width="80%" class='tbl' id='actions'> - <tr> - <td width="33%" align="center" bgcolor="$color{'color17'}"> -  <br>  - </td> - <td width="33%" align="center" bgcolor="$color{'color25'}"> -  <br>  - </td> - <td width="33%" align="center" bgcolor="$color{'color16'}"> -  <br>  - </td> - </tr> - <tr> - <td width="33%" align="center"> - <label> - <input type="radio" name="RULE_ACTION" value="ACCEPT" $checked{"RULE_ACTION"}{"ACCEPT"}> - <strong>$Lang::tr{'fwdfw ACCEPT'}</strong> - </label> - </td> - <td width="33%" align="center"> - <label> - <input type="radio" name="RULE_ACTION" value="DROP" $checked{"RULE_ACTION"}{"DROP"}> - <strong>$Lang::tr{'fwdfw DROP'}</strong> - </label> - </td> - <td width="33%" align="center"> - <label> - <input type="radio" name="RULE_ACTION" value="REJECT" $checked{"RULE_ACTION"}{"REJECT"}> - <strong>$Lang::tr{'fwdfw REJECT'}</strong> - </label> - </td> - </tr> - </table> - </center> + <table class='tbl' id='actions'> + <tr> + <td width="33%" class="policy is-allowed"> + <label> + <input type="radio" name="RULE_ACTION" value="ACCEPT" $checked{"RULE_ACTION"}{"ACCEPT"}> + <strong>$Lang::tr{'fwdfw ACCEPT'}</strong> + </label> + </td> + <td width="33%" class="policy is-blocked"> + <label> + <input type="radio" name="RULE_ACTION" value="DROP" $checked{"RULE_ACTION"}{"DROP"}> + <strong>$Lang::tr{'fwdfw DROP'}</strong> + </label> + </td> + <td width="33%" class="policy is-rejected"> + <label> + <input type="radio" name="RULE_ACTION" value="REJECT" $checked{"RULE_ACTION"}{"REJECT"}> + <strong>$Lang::tr{'fwdfw REJECT'}</strong> + </label> + </td> + </tr> + </table> <br> END @@ -2512,23 +2498,22 @@ sub viewtablenew print <<END; <tr> - <th align='right' width='3%'> + <th width='3%'> # </th> - <th width='2%'></th> - <th align='center'> + <th> <b>$Lang::tr{'protocol'}</b> </th> - <th align='center' width='30%'> + <th width='30%'> <b>$Lang::tr{'fwdfw source'}</b> </th> - <th align='center'> + <th> <b>$Lang::tr{'fwdfw log'}</b> </th> - <th align='center' width='30%'> + <th width='30%'> <b>$Lang::tr{'fwdfw target'}</b> </th> - <th align='center' colspan='6' width='18%'> + <th colspan='6' width='18%'> <b>$Lang::tr{'fwdfw action'}</b> </th> </tr> @@ -2609,29 +2594,26 @@ END } print<<END; <tr bgcolor='$color'> - <td align='right' width='3%'> - <b>$key </b> - </td> END #RULETYPE (A,R,D) if ($$hash{$key}[0] eq 'ACCEPT'){ $ruletype='A'; $tooltip='ACCEPT'; - $rulecolor=$color{'color17'}; + $rulecolor="policy is-allowed"; }elsif($$hash{$key}[0] eq 'DROP'){ $ruletype='D'; $tooltip='DROP'; - $rulecolor=$color{'color25'}; + $rulecolor="policy is-blocked"; }elsif($$hash{$key}[0] eq 'REJECT'){ $ruletype='R'; $tooltip='REJECT'; - $rulecolor=$color{'color16'}; + $rulecolor="policy is-rejected"; } print <<END; - <td bgcolor='$rulecolor' align='center' width='2%'> - <span title='$tooltip'>  </span> + <td class='$rulecolor'> + <span title='$tooltip'>$key</span> </td> END @@ -2897,7 +2879,6 @@ END } } } - print"<tr bgcolor='FFFFFF'><td colspan='13' height='1'></td></tr>"; } } elsif ($optionsfw{'SHOWTABLES'} eq 'on') { print <<END; @@ -2907,40 +2888,36 @@ END END } + print "</table>"; + print "<br>"; + #SHOW FINAL RULE my $policy = 'fwdfw ' . $fwdfwsettings{'POLICY'}; - my $colour = "bgcolor='green'"; + my $colour = "class='policy is-allowed'"; if ($fwdfwsettings{'POLICY'} eq 'MODE1') { - $colour = "bgcolor='darkred'"; + $colour = "class='policy is-blocked'"; } + print "<table class='tbl'>\n"; + my $message; if (($config eq '/var/ipfire/firewall/config') && ($fwdfwsettings{'POLICY'} ne 'MODE1')) { - print <<END; - <tr> - <td colspan='13'> </td> - </tr> - <tr> - <td colspan='13' style="padding-left:0px;padding-right:0px"> - <table width="100%" border='1' rules="cols" cellspacing='0'> -END - # GREEN print <<END; <tr> - <td align='center'> - <font color="$Header::colourgreen">$Lang::tr{'green'}</font> + <td class="intf green"> + $Lang::tr{'green'} > </td> - <td align='center'> - <font color="$Header::colourred">$Lang::tr{'red'}</font> + <td class="intf red"> + $Lang::tr{'red'} ($Lang::tr{'fwdfw pol allow'}) </td> END if (&Header::orange_used()) { print <<END; - <td align='center'> - <font color="$Header::colourorange">$Lang::tr{'orange'}</font> + <td class="intf orange"> + $Lang::tr{'orange'} ($Lang::tr{'fwdfw pol allow'}) </td> END @@ -2948,8 +2925,8 @@ END if (&Header::blue_used()) { print <<END; - <td align='center'> - <font color="$Header::colourblue">$Lang::tr{'blue'}</font> + <td class='intf blue'> + $Lang::tr{'blue'} ($Lang::tr{'fwdfw pol allow'}) </td> END @@ -2961,23 +2938,23 @@ END if (&Header::orange_used()) { print <<END; <tr> - <td align='center' width='20%'> - <font color="$Header::colourorange">$Lang::tr{'orange'}</font> + <td class='intf orange'> + $Lang::tr{'orange'} > </td> - <td align='center'> - <font color="$Header::colourred">$Lang::tr{'red'}</font> + <td class='intf red'> + $Lang::tr{'red'} ($Lang::tr{'fwdfw pol allow'}) </td> - <td align='center'> - <font color="$Header::colourgreen">$Lang::tr{'green'}</font> + <td class='intf green'> + $Lang::tr{'green'} ($Lang::tr{'fwdfw pol block'}) </td> END if (&Header::blue_used()) { print <<END; - <td align='center'> - <font color="$Header::colourblue">$Lang::tr{'blue'}</font> + <td class='intf blue'> + $Lang::tr{'blue'} ($Lang::tr{'fwdfw pol block'}) </td> END @@ -2989,27 +2966,27 @@ END if (&Header::blue_used()) { print <<END; <tr> - <td align='center'> - <font color="$Header::colourblue">$Lang::tr{'blue'}</font> + <td class='intf blue'> + $Lang::tr{'blue'} > </td> - <td align='center'> - <font color="$Header::colourred">$Lang::tr{'red'}</font> + <td class='intf red'> + $Lang::tr{'red'} ($Lang::tr{'fwdfw pol allow'}) </td> END if (&Header::orange_used()) { print <<END; - <td align='center'> - <font color="$Header::colourorange">$Lang::tr{'orange'}</font> + <td class='intf orange'> + $Lang::tr{'orange'} ($Lang::tr{'fwdfw pol block'}) </td> END } print <<END; - <td align='center'> - <font color="$Header::colourgreen">$Lang::tr{'green'}</font> + <td class='intf green'> + $Lang::tr{'green'} ($Lang::tr{'fwdfw pol block'}) </td> </tr> @@ -3017,7 +2994,6 @@ END } print <<END; - </table> </td> </tr> END @@ -3026,24 +3002,27 @@ END } elsif ($config eq '/var/ipfire/firewall/outgoing' && ($fwdfwsettings{'POLICY1'} ne 'MODE1')) { $message = $Lang::tr{'fwdfw pol allow'}; - $colour = "bgcolor='green'"; + $colour = "class='policy is-allowed'"; } else { $message = $Lang::tr{'fwdfw pol block'}; - $colour = "bgcolor='darkred'"; + $colour = "class='policy is-blocked'"; } if ($message) { + my @available_zones = &Network::get_available_network_zones(); + + my $colspan = scalar @available_zones; + print <<END; <tr> - <td $colour align='center' colspan='13'> - <font color='#FFFFFF'>$Lang::tr{'policy'}: $message</font> + <td $colour colspan='$colspan'> + $Lang::tr{'policy'}: $message </td> </tr> END } print "</table>"; - print "<br>"; &Header::closebox(); } diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi index 8ace30b02..502e2a125 100644 --- a/html/cgi-bin/ids.cgi +++ b/html/cgi-bin/ids.cgi @@ -1005,53 +1005,11 @@ sub show_mainpage() { # Draw current state of the IDS &Header::openbox('100%', 'left', $Lang::tr{'intrusion detection system'}); - # Check if the IDS is running and obtain the process-id. - my $pid = &IDS::ids_is_running(); - - # Display some useful information, if suricata daemon is running. - if ($pid) { - # Gather used memory. - my $memory = &get_memory_usage($pid); - - print <<END; - <table width='95%' cellspacing='0' class='tbl'> - <tr> - <th bgcolor='$color{'color20'}' colspan='3' align='left'><strong>$Lang::tr{'intrusion detection'}</strong></th> - </tr> - - <tr> - <td class='base'>$Lang::tr{'guardian daemon'}</td> - <td align='center' colspan='2' width='75%' bgcolor='${Header::colourgreen}'><font color='white'><strong>$Lang::tr{'running'}</strong></font></td> - </tr> - - <tr> - <td class='base'></td> - <td bgcolor='$color{'color20'}' align='center'><strong>PID</strong></td> - <td bgcolor='$color{'color20'}' align='center'><strong>$Lang::tr{'memory'}</strong></td> - </tr> - - <tr> - <td class='base'></td> - <td bgcolor='$color{'color22'}' align='center'>$pid</td> - <td bgcolor='$color{'color22'}' align='center'>$memory KB</td> - </tr> - </table> -END - } else { - # Otherwise display a hint that the service is not launched. - print <<END; - <table width='95%' cellspacing='0' class='tbl'> - <tr> - <th bgcolor='$color{'color20'}' colspan='3' align='left'><strong>$Lang::tr{'intrusion detection'}</strong></th> - </tr> - - <tr> - <td class='base'>$Lang::tr{'guardian daemon'}</td> - <td align='center' width='75%' bgcolor='${Header::colourred}'><font color='white'><strong>$Lang::tr{'stopped'}</strong></font></td> - </tr> - </table> -END - } + &Header::ServiceStatus({ + $Lang::tr{'intrusion prevention system'} => { + "pidfile" => "/var/run/suricata.pid", + }, + }); # Only show this area, if at least one ruleset provider is configured. if (%used_providers) { @@ -1998,45 +1956,6 @@ sub readrulesfile ($) { } } -# -## Function to get the used memory of a given process-id. -# -sub get_memory_usage($) { - my ($pid) = @_; - - my $memory = 0; - - # Try to open the status file for the given process-id on the pseudo - # file system proc. - if (open(FILE, "/proc/$pid/status")) { - # Loop through the entire file. - while (<FILE>) { - # Splitt current line content and store them into variables. - my ($key, $value) = split(":", $_, 2); - - # Check if the current key is the one which contains the memory usage. - # The wanted one is VmRSS which contains the Real-memory (resident set) - # of the entire process. - if ($key eq "VmRSS") { - # Found the memory usage add it to the memory variable. - $memory += $value; - - # Break the loop. - last; - } - } - - # Close file handle. - close(FILE); - - # Return memory usage. - return $memory; - } - - # If the file could not be open, return nothing. - return; -} - # ## Function to get the provider handle by a given ID. # diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index 5cf2f5eab..b89fe432d 100755 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -5462,12 +5462,12 @@ END print "</td>"; print "<td align='center' nowrap='nowrap' $col>" . $Lang::tr{"$confighash{$key}[3]"} . " (" . $Lang::tr{"$confighash{$key}[4]"} . ")</td>"; print "<td align='center' $col>$confighash{$key}[25]</td>"; - $col1="bgcolor='${Header::colourred}'"; - my $active = "<b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b>"; + $col1="class='status is-disconnected'"; + my $active = "$Lang::tr{'capsclosed'}"; if ($confighash{$key}[0] eq 'off') { - $col1="bgcolor='${Header::colourblue}'"; - $active = "<b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b>"; + $col1="class='status is-disabled'"; + $active = "$Lang::tr{'capsclosed'}"; } else { ### @@ -5498,11 +5498,11 @@ END #### if (($tustate[1] eq 'CONNECTED') || ($tustate[1] eq 'WAIT')) { - $col1="bgcolor='${Header::colourgreen}'"; - $active = "<b><font color='#FFFFFF'>$Lang::tr{'capsopen'}</font></b>"; + $col1="class='status is-connected'"; + $active = "$Lang::tr{'capsopen'}"; }else { - $col1="bgcolor='${Header::colourred}'"; - $active = "<b><font color='#FFFFFF'>$tustate[1]</font></b>"; + $col1="class='status is-disconnected'"; + $active = "$tustate[1]"; } } } @@ -5518,8 +5518,8 @@ END $cn = $match[1]; } if ($cn eq "$confighash{$key}[2]") { - $col1="bgcolor='${Header::colourgreen}'"; - $active = "<b><font color='#FFFFFF'>$Lang::tr{'capsopen'}</font></b>"; + $col1="class='status is-connected'"; + $active = "$Lang::tr{'capsopen'}"; } } } diff --git a/html/cgi-bin/qos.cgi b/html/cgi-bin/qos.cgi index f3bbd1bf4..52392be08 100644 --- a/html/cgi-bin/qos.cgi +++ b/html/cgi-bin/qos.cgi @@ -652,7 +652,7 @@ if ($errormessage) { print <<END <form method='post' action='$ENV{'SCRIPT_NAME'}'> - <table width='66%'> + <table width='100%'> END ; if ( $message ne "" ) { @@ -673,7 +673,7 @@ END if (($qossettings{'OUT_SPD'} ne '') && ($qossettings{'INC_SPD'} ne '')) { print <<END <form method='post' action='$ENV{'SCRIPT_NAME'}'> - <table width='66%'> + <table width='100%'> <tr><td colspan='3'>  <tr><td width='50%' align='right'>$Lang::tr{'downlink speed'}: <td width='30%' align='left'>$qossettings{'INC_SPD'} <td width='20%' rowspan='2' align='center' valign='middle'><input type='submit' name='ACTIONBW' value='$Lang::tr{'modify'}' /> @@ -685,7 +685,7 @@ END if (($qossettings{'DEFCLASS_OUT'} ne '') && ($qossettings{'DEFCLASS_INC'} ne '')) { print <<END <form method='post' action='$ENV{'SCRIPT_NAME'}'> - <table width='66%'> + <table width='100%'> <tr><td colspan='3'><hr /> <tr><td width='50%' align='right'>$Lang::tr{'downlink std class'}: <td width='30%' align='left'>$qossettings{'DEFCLASS_INC'} <td width='20%' rowspan='3' align='center' valign='middle'><input type='submit' name='ACTIONDEF' value='$Lang::tr{'modify'}' /> @@ -695,7 +695,7 @@ END </table> </form> <form method='post' action='$ENV{'SCRIPT_NAME'}'> - <table width='66%' border='0'> + <table width='100%' border='0'> <tr><td width='100%' align='center'> <input type='submit' name='ACTION' value='$Lang::tr{'parentclass add'}' /> <input type='submit' name='ACTION' value='$Lang::tr{'status'}' /> @@ -740,7 +740,7 @@ sub changedefclasses { &Header::openbox('100%', 'center', $Lang::tr{'std classes'}); print <<END <form method='post' action='$ENV{'SCRIPT_NAME'}'> - <table width='66%'> + <table width='100%'> <tr><td width='100%' colspan='3'>$Lang::tr{'no filter pass'} <tr><td width='33%' align='right'>$Lang::tr{'download'}:<td width='33%' align='left'><select name='DEFCLASS_INC'> END @@ -781,7 +781,7 @@ sub changebandwidth { print <<END; <form method='post' action='$ENV{'SCRIPT_NAME'}'> <input type='hidden' name='DEF_OUT_SPD' value='' /><input type='hidden' name='DEF_INC_SPD' value='' /> - <table width='66%'> + <table width='100%'> <tr> <td width='100%' colspan='2'>$Lang::tr{'down and up speed'}</td> </tr> @@ -843,7 +843,7 @@ sub parentclass { &Header::openbox('100%', 'center', $Lang::tr{'parentclass'}); print <<END <form method='post' action='$ENV{'SCRIPT_NAME'}'> - <table width='66%'> + <table width='100%'> END ; if ( $message ne "" ) { @@ -936,7 +936,7 @@ sub level7rule { &Header::openbox('100%', 'center', $Lang::tr{'Level7 Rule'}); print <<END <form method='post' action='$ENV{'SCRIPT_NAME'}'> - <table width='66%'> + <table width='100%'> END ; if ( $message ne "" ) { @@ -982,7 +982,7 @@ sub portrule { &Header::openbox('100%', 'center', $Lang::tr{'Add Port Rule'}); print <<END <form method='post' action='$ENV{'SCRIPT_NAME'}'> - <table width='66%'> + <table width='100%'> <tr><td width='100%' colspan='3'>$Lang::tr{'enter data'} <tr><td width='33%' align='right'>$Lang::tr{'protocol'}: <td width='33%' align='left'><select name='PPROT'> @@ -1028,7 +1028,7 @@ sub tosrule { } print <<END <form method='post' action='$ENV{'SCRIPT_NAME'}'> - <table width='66%'> + <table width='100%'> END ; if ( $message ne "" ) { diff --git a/html/cgi-bin/services.cgi b/html/cgi-bin/services.cgi index a95c69e10..4b929c716 100644 --- a/html/cgi-bin/services.cgi +++ b/html/cgi-bin/services.cgi @@ -135,22 +135,17 @@ $querry[1] = 'hour' unless defined $querry[1]; } print <<END -<div align='center'> -<table width='80%' cellspacing='1' class='tbl'> +<table class='tbl'> <tr> <th align='left'><b>$Lang::tr{addon} $Lang::tr{service}</b></th> <th align='center'><b>Boot</b></th> <th align='center' colspan=2><b>$Lang::tr{'action'}</b></th> <th align='center'><b>$Lang::tr{'status'}</b></th> - <th align='center'><b>PID</b></th> <th align='center'><b>$Lang::tr{'memory'}</b></th> </tr> END ; - my $lines=0; # Used to count the outputlines to make different bgcolor - my $col; - my @paks; my @addon_services; @@ -164,26 +159,17 @@ END if ("$metadata{'Services'}") { foreach $service (split(/ /, "$metadata{'Services'}")) { - $lines++; - if ($lines % 2) { - print "<tr>"; - $col="bgcolor='$color{'color22'}'"; - } else { - print "<tr>"; - $col="bgcolor='$color{'color20'}'"; - } - # Add addon name to displayname of service if servicename differs from addon my $displayname = ($pak ne $service) ? "$service ($pak)" : $service; if ( -e "/srv/web/ipfire/cgi-bin/$pak.cgi" ) { $displayname = ($pak ne $service) ? "$service (<a href=\'$pak.cgi\'>$pak</a>)" : "<a href=\'$pak.cgi\'>$service</a>"; } - print "<td align='left' $col width='31%'>$displayname</td> "; + print "<td align='left' width='31%'>$displayname</td> "; - my $status = isautorun($pak,$service,$col); + my $status = isautorun($pak,$service); print "$status "; - my $status = isrunningaddon($pak,$service,$col); + my $status = isrunningaddon($pak,$service); $status =~ s/\\[[0-1]\;[0-9]+m//g; chomp($status); @@ -193,25 +179,26 @@ END } } - print "</table></div>\n"; + print "</table>\n"; + &Header::closebox(); &Header::closebigbox(); &Header::closepage(); sub isautorun (@) { - my ($pak, $service, $col) = @_; + my ($pak, $service) = @_; my @testcmd = &General::system_output("/usr/local/bin/addonctrl", "$pak", "boot-status", "$service"); my $testcmd = @testcmd[0]; - my $status = "<td align='center' $col><img alt='$Lang::tr{'service boot setting unavailable'}' title='$Lang::tr{'service boot setting unavailable'}' src='/images/dialog-warning.png' border='0' width='16' height='16' /></td>"; + my $status = "<td align='center'><img alt='$Lang::tr{'service boot setting unavailable'}' title='$Lang::tr{'service boot setting unavailable'}' src='/images/dialog-warning.png' border='0' width='16' height='16' /></td>"; # Check if autorun for the given service is enabled. if ( $testcmd =~ /enabled\ on\ boot/ ) { # Adjust status. - $status = "<td align='center' $col><a href='services.cgi?$pak!disable!$service'><img alt='$Lang::tr{'deactivate'}' title='$Lang::tr{'deactivate'}' src='/images/on.gif' border='0' width='16' height='16' /></a></td>"; + $status = "<td align='center'><a href='services.cgi?$pak!disable!$service'><img alt='$Lang::tr{'deactivate'}' title='$Lang::tr{'deactivate'}' src='/images/on.gif' border='0' width='16' height='16' /></a></td>"; } elsif ( $testcmd =~ /disabled\ on\ boot/ ) { # Adjust status. - $status = "<td align='center' $col><a href='services.cgi?$pak!enable!$service'><img alt='$Lang::tr{'activate'}' title='$Lang::tr{'activate'}' src='/images/off.gif' border='0' width='16' height='16' /></a></td>"; + $status = "<td align='center'><a href='services.cgi?$pak!enable!$service'><img alt='$Lang::tr{'activate'}' title='$Lang::tr{'activate'}' src='/images/off.gif' border='0' width='16' height='16' /></a></td>"; } # Return the status. @@ -219,21 +206,19 @@ sub isautorun (@) { } sub isrunningaddon (@) { - my ($pak, $service, $col) = @_; + my ($pak, $service) = @_; - my $status = "<td align='center' bgcolor='${Header::colourred}'><font color='white'><b>$Lang::tr{'stopped'}</b></font></td><td colspan='2' $col></td>"; - my $pid = ''; + my $status = "<td class='status is-stopped'>$Lang::tr{'stopped'}</td><td colspan='2'></td>"; my $testcmd = ''; my $exename; - my @memory; my @testcmd = &General::system_output("/usr/local/bin/addonctrl", "$pak", "status", "$service"); my $testcmd = @testcmd[0]; if ( $testcmd =~ /is\ running/ && $testcmd !~ /is\ not\ running/){ - $status = "<td align='center' $col width='8%'><a href='services.cgi?$pak!stop!$service'><img alt='$Lang::tr{'stop'}' title='$Lang::tr{'stop'}' src='/images/go-down.png' border='0' /></a></td> "; - $status .= "<td align='center' $col width='8%'><a href='services.cgi?$pak!restart!$service'><img alt='$Lang::tr{'restart'}' title='$Lang::tr{'restart'}' src='/images/reload.gif' border='0' /></a></td> "; - $status .= "<td align='center' bgcolor='${Header::colourgreen}'><font color='white'><b>$Lang::tr{'running'}</b></font></td>"; + $status = "<td align='center' width='8%'><a href='services.cgi?$pak!stop!$service'><img alt='$Lang::tr{'stop'}' title='$Lang::tr{'stop'}' src='/images/go-down.png' border='0' /></a></td> "; + $status .= "<td align='center' width='8%'><a href='services.cgi?$pak!restart!$service'><img alt='$Lang::tr{'restart'}' title='$Lang::tr{'restart'}' src='/images/reload.gif' border='0' /></a></td> "; + $status .= "<td class='status is-running'>$Lang::tr{'running'}</td>"; $testcmd =~ s/.* //gi; $testcmd =~ s/[a-z_]//gi; $testcmd =~ s/\[[0-1]\;[0-9]+//gi; @@ -242,22 +227,17 @@ sub isrunningaddon (@) { $testcmd =~ s///gi; my @pid = split(/\s/,$testcmd); - $status .="<td align='center' $col>$pid[0]</td>"; - my $memory = 0; + # Fetch the memory consumption + my $memory = &General::get_memory_consumption(@pid); - foreach (@pid){ - chomp($_); - if (open(FILE, "/proc/$_/statm")){ - my $temp = <FILE>; - @memory = split(/ /,$temp); - } - $memory+=$memory[0]; - } - $status .="<td align='center' $col>$memory KB</td>"; + # Format memory + $memory = &General::formatBytes($memory); + + $status .="<td align='right'>$memory</td>"; }else{ - $status = "<td align='center' $col width='16%' colspan=2><a href='services.cgi?$pak!start!$service'><img alt='$Lang::tr{'start'}' title='$Lang::tr{'start'}' src='/images/go-up.png' border='0' /></a></td>"; - $status .= "<td align='center' bgcolor='${Header::colourred}'><font color='white'><b>$Lang::tr{'stopped'}</b></font></td><td colspan='2' $col></td>"; + $status = "<td align='center' width='16%' colspan=2><a href='services.cgi?$pak!start!$service'><img alt='$Lang::tr{'start'}' title='$Lang::tr{'start'}' src='/images/go-up.png' border='0' /></a></td>"; + $status .= "<td class='status is-stopped'>$Lang::tr{'stopped'}</td><td colspan='2'></td>"; } return $status; } diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi index 25e0f0a53..4423a29a8 100644 --- a/html/cgi-bin/vpnmain.cgi +++ b/html/cgi-bin/vpnmain.cgi @@ -3402,21 +3402,21 @@ END foreach my $line (@status) { if (($line =~ /\"$confighash{$key}[1]\".*IPsec SA established/) || ($line =~ /$confighash{$key}[1]\{.*INSTALLED/)) { - $col1="bgcolor='${Header::colourgreen}'"; - $active = "<b><font color='#FFFFFF'>$Lang::tr{'capsopen'}</font></b>"; + $col1="class='status is-connected'"; + $active = "$Lang::tr{'capsopen'}"; last; } elsif ($line =~ /$confighash{$key}[1]\[.*CONNECTING/) { - $col1="bgcolor='${Header::colourorange}'"; - $active = "<b><font color='#FFFFFF'>$Lang::tr{'vpn connecting'}</font></b>"; + $col1="class='status is-connecting'"; + $active = "$Lang::tr{'vpn connecting'}"; } elsif ($line =~ /$confighash{$key}[1]\{.*ROUTED/) { - $col1="bgcolor='${Header::colourorange}'"; - $active = "<b><font color='#FFFFFF'>$Lang::tr{'vpn on-demand'}</font></b>"; + $col1="class='status is-connecting'"; + $active = "$Lang::tr{'vpn on-demand'}"; } } # move to blue if really down if ($confighash{$key}[0] eq 'off' && $col1 =~ /${Header::colourred}/ ) { - $col1="bgcolor='${Header::colourblue}'"; - $active = "<b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b>"; + $col1="class='status is-disabled'"; + $active = "$Lang::tr{'capsclosed'}"; } print <<END <td align='center' $col1>$active</td> diff --git a/html/html/themes/ipfire/include/css/style.css b/html/html/themes/ipfire/include/css/style.css index 49d13ffd2..c935f2ff4 100644 --- a/html/html/themes/ipfire/include/css/style.css +++ b/html/html/themes/ipfire/include/css/style.css @@ -5,6 +5,10 @@ --color-red-invert : #ffffff; --color-blue : #333399; --color-blue-invert : #ffffff; + --color-orange : #ff9933; + --color-orange-invert : #ffffff; + --color-black : #000000; + --color-black-invert : #ffffff; --color-grey : #d6d6d6; --color-light-grey : #f0f0f0; @@ -96,10 +100,6 @@ h1, h2, h3, h4, h5, h6 { font-size: 20px; } -select, textarea, input[type=text], input[type=number] { - width: 100%; -} - br.clear { clear: both; } @@ -204,7 +204,6 @@ section .title { } #main_inner p { - text-align: justify; margin-bottom: 2em; } @@ -390,24 +389,29 @@ table { font-weight: bold; } -.tbl .status.is-running { +.tbl .status.is-running, .tbl .status.is-connected { background-color: var(--color-green); color: var(--color-green-invert); } -.tbl .status.is-stopped { +.tbl .status.is-stopped, .tbl .status.is-disconnected { background-color: var(--color-red); color: var(--color-red-invert); width: 33%; } +.tbl .status.is-connecting { + background-color: var(--color-orange); + color: var(--color-orange-invert); +} + .tbl .status.is-vulnerable { background-color: var(--color-red); color: var(--color-red-invert); } -.tbl .status.is-mitigation { +.tbl .status.is-disabled, .tbl .status.is-mitigation { background-color: var(--color-blue); color: var(--color-blue-invert); } @@ -417,6 +421,55 @@ table { color: var(--color-green-invert); } +/* Interfaces */ + +.tbl .intf { + text-align: center; + font-weight: bold; +} + +.tbl .intf.red { + background-color: var(--color-red); + color: var(--color-red-invert); +} + +.tbl .intf.green { + background-color: var(--color-green); + color: var(--color-green-invert); +} + +.tbl .intf.orange { + background-color: var(--color-orange); + color: var(--color-orange-invert); +} + +.tbl .intf.blue { + background-color: var(--color-blue); + color: var(--color-blue-invert); +} + +/* Policies */ + +.tbl .policy { + text-align: center; + font-weight: bold; +} + +.tbl .policy.is-blocked { + background-color: var(--color-red); + color: var(--color-red-invert); +} + +.tbl .policy.is-allowed { + background-color: var(--color-green); + color: var(--color-green-invert); +} + +.tbl .policy.is-rejected { + background-color: var(--color-black); + color: var(--color-black-invert); +} + /* Notes */ .notes .is-warning { diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index 4b5d0779a..26c11b2f6 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -745,6 +745,7 @@ 'daily firewallhits' => 'daily firewallhits', 'dangerous' => 'Dangerous', 'dat without key' => 'An encrypted archive cannot be restored without the key.', +'data transfer' => 'Data Transfer', 'date' => 'Date', 'date not in logs' => 'No (or only partial) logs exist for the day queried', 'day' => 'Day', @@ -3022,6 +3023,7 @@ 'winbind daemon' => 'Winbind Daemon', 'wins server' => 'Wins Server', 'wins support' => 'Wins Support', +'wireguard' => 'WireGuard', 'wireless' => 'Wireless', 'wireless config added' => 'Wireless config added', 'wireless config changed' => 'Wireless config changed', hooks/post-receive -- IPFire 2.x development tree

1 0

[git.ipfire.org] IPFire 2.x development tree branch, next, updated. 6c6959694ac55969e320e30247a799f6acc9accc
by Michael Tremer 07 Aug '24

07 Aug '24

This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, next has been updated via 6c6959694ac55969e320e30247a799f6acc9accc (commit) from f5160566b202677ffee1423aadc2ce7d87c03114 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 6c6959694ac55969e320e30247a799f6acc9accc Author: Adolf Belka <adolf.belka(a)ipfire.org> Date: Wed Aug 7 10:22:56 2024 +0200 hostapd: Update to version 2_11 - Update from version 2_10 to 2_11 - Update of rootfile not required - Update of patches to latest source tarball - Changelog 2_11 * Wi-Fi Easy Connect - add support for DPP release 3 - allow Configurator parameters to be provided during config exchange * HE/IEEE 802.11ax/Wi-Fi 6 - various fixes * EHT/IEEE 802.11be/Wi-Fi 7 - add preliminary support * SAE: add support for fetching the password from a RADIUS server * support OpenSSL 3.0 API changes * support background radar detection and CAC with some additional drivers * support RADIUS ACL/PSK check during 4-way handshake (wpa_psk_radius=3) * EAP-SIM/AKA: support IMSI privacy * improve 4-way handshake operations - use Secure=1 in message 3 during PTK rekeying * OCV: do not check Frequency Segment 1 Channel Number for 160 MHz cases to avoid interoperability issues * support new SAE AKM suites with variable length keys * support new AKM for 802.1X/EAP with SHA384 * extend PASN support for secure ranging * FT: Use SHA256 to derive PMKID for AKM 00-0F-AC:3 (FT-EAP) - this is based on additional details being added in the IEEE 802.11 standard - the new implementation is not backwards compatible * improved ACS to cover additional channel types/bandwidths * extended Multiple BSSID support * fix beacon protection with FT protocol (incorrect BIGTK was provided) * support unsynchronized service discovery (USD) * add preliminary support for RADIUS/TLS * add support for explicit SSID protection in 4-way handshake (a mitigation for CVE-2023-52424; disabled by default for now, can be enabled with ssid_protection=1) * fix SAE H2E rejected groups validation to avoid downgrade attacks * use stricter validation for some RADIUS messages * a large number of other fixes, cleanup, and extensions Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org> Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> ----------------------------------------------------------------------- Summary of changes: lfs/hostapd | 12 ++++----- ... => hostapd-2.11-increase_EAPOL-timeouts.patch} | 11 ++++---- ...-2.9-noscan.patch => hostapd-2.11-noscan.patch} | 30 ++++++++++++---------- 3 files changed, 28 insertions(+), 25 deletions(-) rename src/patches/hostapd/{hostapd-2.9-increase_EAPOL-timeouts.patch => hostapd-2.11-increase_EAPOL-timeouts.patch} (61%) rename src/patches/hostapd/{hostapd-2.9-noscan.patch => hostapd-2.11-noscan.patch} (56%) Difference in files: diff --git a/lfs/hostapd b/lfs/hostapd index 5db99891d3..2efa5a605c 100644 --- a/lfs/hostapd +++ b/lfs/hostapd @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2023 IPFire Team <info(a)ipfire.org> # +# Copyright (C) 2007-2024 IPFire Team <info(a)ipfire.org> # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -25,7 +25,7 @@ include Config SUMMARY = Daemon for running a WPA capable Access Point -VER = 2_10 +VER = 2_11 THISAPP = hostap_$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -33,7 +33,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = hostapd -PAK_VER = 63 +PAK_VER = 64 DEPS = @@ -47,7 +47,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = de474630835a1208ce456d3151759cd3411dc63b2470de7144117634d4985aba1c878fd2cc2388cf6226bc0674eb2bf48cc4b4491f85f3461966b0278f75ea1e +$(DL_FILE)_BLAKE2 = de98a3634ff937b0068329219e4fa5dece34c9eeb27fa81a9e7de689d5dd2936ceb0ea43923a0e994e0a7bfcd71709b5f739df2f3efdd7c6ec5c765171711a19 install : $(TARGET) @@ -81,8 +81,8 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/hostapd/hostapd-2.9-increase_EAPOL-timeouts.patch - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/hostapd/hostapd-2.9-noscan.patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/hostapd/hostapd-2.11-increase_EAPOL-timeouts.patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/hostapd/hostapd-2.11-noscan.patch cd $(DIR_APP)/hostapd && cp $(DIR_SRC)/config/hostapd/config ./.config cd $(DIR_APP)/hostapd && sed -e "s@/usr/local@/usr@g" -i Makefile diff --git a/src/patches/hostapd/hostapd-2.9-increase_EAPOL-timeouts.patch b/src/patches/hostapd/hostapd-2.11-increase_EAPOL-timeouts.patch similarity index 61% rename from src/patches/hostapd/hostapd-2.9-increase_EAPOL-timeouts.patch rename to src/patches/hostapd/hostapd-2.11-increase_EAPOL-timeouts.patch index 67d9d4f22a..d6f04cd123 100644 --- a/src/patches/hostapd/hostapd-2.9-increase_EAPOL-timeouts.patch +++ b/src/patches/hostapd/hostapd-2.11-increase_EAPOL-timeouts.patch @@ -1,9 +1,8 @@ -diff U3 src/ap/wpa_auth.c src/ap/wpa_auth.c ---- a/src/ap/wpa_auth.c Wed Aug 7 15:25:25 2019 -+++ b/src/ap/wpa_auth.c Fri Sep 20 17:35:23 2019 -@@ -68,9 +68,9 @@ - static int ieee80211w_kde_len(struct wpa_state_machine *sm); - static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos); +--- hostap_2_11/src/ap/wpa_auth.c.orig 2024-07-20 20:04:37.000000000 +0200 ++++ hostap_2_11/src/ap/wpa_auth.c 2024-08-06 12:51:22.849029559 +0200 +@@ -75,9 +75,9 @@ + struct wpa_group *group); + -static const u32 eapol_key_timeout_first = 100; /* ms */ -static const u32 eapol_key_timeout_subseq = 1000; /* ms */ diff --git a/src/patches/hostapd/hostapd-2.9-noscan.patch b/src/patches/hostapd/hostapd-2.11-noscan.patch similarity index 56% rename from src/patches/hostapd/hostapd-2.9-noscan.patch rename to src/patches/hostapd/hostapd-2.11-noscan.patch index 01a33d0d03..ba3a714194 100644 --- a/src/patches/hostapd/hostapd-2.9-noscan.patch +++ b/src/patches/hostapd/hostapd-2.11-noscan.patch @@ -1,6 +1,7 @@ ---- a/hostapd/config_file.c -+++ b/hostapd/config_file.c -@@ -3474,6 +3474,10 @@ static int hostapd_config_fill(struct ho +diff -Naur hostap_2_11.orig/hostapd/config_file.c hostap_2_11/hostapd/config_file.c +--- hostap_2_11.orig/hostapd/config_file.c 2024-07-20 20:04:37.000000000 +0200 ++++ hostap_2_11/hostapd/config_file.c 2024-08-06 12:55:53.750009117 +0200 +@@ -3678,6 +3678,10 @@ if (bss->ocv && !bss->ieee80211w) bss->ieee80211w = 1; #endif /* CONFIG_OCV */ @@ -11,9 +12,10 @@ } else if (os_strcmp(buf, "ieee80211n") == 0) { conf->ieee80211n = atoi(pos); } else if (os_strcmp(buf, "ht_capab") == 0) { ---- a/src/ap/ap_config.h -+++ b/src/ap/ap_config.h -@@ -1014,6 +1014,8 @@ struct hostapd_config { +diff -Naur hostap_2_11.orig/src/ap/ap_config.h hostap_2_11/src/ap/ap_config.h +--- hostap_2_11.orig/src/ap/ap_config.h 2024-07-20 20:04:37.000000000 +0200 ++++ hostap_2_11/src/ap/ap_config.h 2024-08-06 12:57:06.779631503 +0200 +@@ -1108,6 +1108,8 @@ int ht_op_mode_fixed; u16 ht_capab; @@ -22,9 +24,10 @@ int ieee80211n; int secondary_channel; int no_pri_sec_switch; ---- a/src/ap/hw_features.c -+++ b/src/ap/hw_features.c -@@ -517,7 +517,8 @@ static int ieee80211n_check_40mhz(struct +diff -Naur hostap_2_11.orig/src/ap/hw_features.c hostap_2_11/src/ap/hw_features.c +--- hostap_2_11.orig/src/ap/hw_features.c 2024-07-20 20:04:37.000000000 +0200 ++++ hostap_2_11/src/ap/hw_features.c 2024-08-06 12:58:29.122962573 +0200 +@@ -551,7 +551,8 @@ int ret; /* Check that HT40 is used and PRI / SEC switch is allowed */ @@ -34,9 +37,10 @@ return 0; hostapd_set_state(iface, HAPD_IFACE_HT_SCAN); ---- a/src/ap/ieee802_11_ht.c -+++ b/src/ap/ieee802_11_ht.c -@@ -230,6 +230,9 @@ void hostapd_2040_coex_action(struct hos +diff -Naur hostap_2_11.orig/src/ap/ieee802_11_ht.c hostap_2_11/src/ap/ieee802_11_ht.c +--- hostap_2_11.orig/src/ap/ieee802_11_ht.c 2024-07-20 20:04:37.000000000 +0200 ++++ hostap_2_11/src/ap/ieee802_11_ht.c 2024-08-06 13:00:31.237899938 +0200 +@@ -230,6 +230,9 @@ return; } @@ -46,7 +50,7 @@ if (len < IEEE80211_HDRLEN + 2 + sizeof(*bc_ie)) { wpa_printf(MSG_DEBUG, "Ignore too short 20/40 BSS Coexistence Management frame"); -@@ -390,6 +393,9 @@ void ht40_intolerant_add(struct hostapd_ +@@ -390,6 +393,9 @@ if (iface->current_mode->mode != HOSTAPD_MODE_IEEE80211G) return; hooks/post-receive -- IPFire 2.x development tree

1 0

[git.ipfire.org] IPFire 2.x development tree branch, next, updated. f5160566b202677ffee1423aadc2ce7d87c03114
by Michael Tremer 06 Aug '24

06 Aug '24

This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, next has been updated via f5160566b202677ffee1423aadc2ce7d87c03114 (commit) from ae7d1ef99721f6e3b7dadeb1e3ae13fd08c48e57 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit f5160566b202677ffee1423aadc2ce7d87c03114 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Tue Aug 6 16:17:00 2024 +0000 make.sh: Bring up the loopback device in the new namespace Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> ----------------------------------------------------------------------- Summary of changes: make.sh | 4 ++++ html/cgi-bin/vdr.cgi => tools/execute.sh | 14 +++++++++----- 2 files changed, 13 insertions(+), 5 deletions(-) copy html/cgi-bin/vdr.cgi => tools/execute.sh (81%) mode change 100644 => 100755 Difference in files: diff --git a/make.sh b/make.sh index 3a3590305..922fc4b4c 100755 --- a/make.sh +++ b/make.sh @@ -786,6 +786,10 @@ execute() { ) fi + # Call a setup script in the new namespaces to perform + # further set up, but before we change root. + execute+=( "${BASEDIR}/tools/execute.sh" ) + # Run in chroot? if [ "${chroot}" = "true" ]; then execute+=( "chroot" "${BUILD_DIR}" ) diff --git a/tools/execute.sh b/tools/execute.sh new file mode 100755 index 000000000..b3bf42f22 --- /dev/null +++ b/tools/execute.sh @@ -0,0 +1,29 @@ +#!/bin/bash +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2024 IPFire Team <info(a)ipfire.org> # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see <http://www.gnu.org/licenses/>. # +# # +############################################################################### +# +# This is a helper script that is called after we have created the new +# namespaces to perform further setup. This will be executed on the host. + +# Bring up the loopback interface +ip link set lo up &>/dev/null + +# Execute the given command +exec "$@" hooks/post-receive -- IPFire 2.x development tree

1 0

[git.ipfire.org] IPFire 2.x development tree branch, next, updated. ae7d1ef99721f6e3b7dadeb1e3ae13fd08c48e57
by Michael Tremer 06 Aug '24

06 Aug '24

This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, next has been updated via ae7d1ef99721f6e3b7dadeb1e3ae13fd08c48e57 (commit) via 86ca826ff133eb00b94ae47ac4ab27ac69f037c2 (commit) via bdfaa8177fb1735e0d6c5b09f5f055c3fd827b9c (commit) via 9cbdd6b2e88ffe86ac59fa4dd82602b6360aec8e (commit) via 21884cc749bbe1fd49b992211939a1a6efc7b00c (commit) via 38077d69a964f7cc9b2759ea8840de8a1a3f397d (commit) via 4a04ad26b4c7c8389b444f5875941f11a351325d (commit) via aca5f661c2440ff16f9cb11de2061ad341d9190c (commit) via 0b16963484967977709bf21bcf2deb4adaaf4ee9 (commit) via b5e6a2c56fd905588d52e2e0845af6c2803cce26 (commit) via 42201c17bd5ca6442f1d8eb9117b22655314a927 (commit) via bdb8ef8db2d53a20fe1b9015f30899cd68124112 (commit) via f0bf24319352612b2b52ca49cfcac5ba6d49e62f (commit) via 864b47bf796e28ede22b90de49b1fd3bc49f555b (commit) via 0869a6f5f3bbc1bbaed02511c3996d942bc60c7a (commit) via 76f429d5d89e8da6ebdd26c6bff8d62877225b7b (commit) from f7879935a58e1420f632c64b98b21b08d6f8b046 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit ae7d1ef99721f6e3b7dadeb1e3ae13fd08c48e57 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Tue Aug 6 17:49:13 2024 +0200 core188: Remove recently deleted files Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 86ca826ff133eb00b94ae47ac4ab27ac69f037c2 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Tue Aug 6 17:45:58 2024 +0200 header.pl: Bump the CSS version so that browsers reload the file Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit bdfaa8177fb1735e0d6c5b09f5f055c3fd827b9c Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Tue Aug 6 17:36:20 2024 +0200 index.cgi: Remove all the boxes Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 9cbdd6b2e88ffe86ac59fa4dd82602b6360aec8e Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Tue Aug 6 17:33:56 2024 +0200 CSS: Keep links in the same colour in notes sections Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 21884cc749bbe1fd49b992211939a1a6efc7b00c Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Tue Aug 6 17:33:35 2024 +0200 index.cgi: Move all warnings into the new system Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 38077d69a964f7cc9b2759ea8840de8a1a3f397d Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Tue Aug 6 17:28:13 2024 +0200 index.cgi: Remove the warnings box and show a list of warnings instead Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 4a04ad26b4c7c8389b444f5875941f11a351325d Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Tue Aug 6 17:17:21 2024 +0200 index.cgi: Remove hard-coded 80% table width Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit aca5f661c2440ff16f9cb11de2061ad341d9190c Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Tue Aug 6 17:14:41 2024 +0200 services.cgi: Drop the process graphs These are utterly broken and incomplete. I don't want to fix this now, so I am dropping it. Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 0b16963484967977709bf21bcf2deb4adaaf4ee9 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Sat Mar 23 18:42:13 2024 +0100 web: Create a function to show the service status Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit b5e6a2c56fd905588d52e2e0845af6c2803cce26 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Sat Mar 23 20:14:19 2024 +0100 services.cgi: Remove unused variables Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 42201c17bd5ca6442f1d8eb9117b22655314a927 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Sat Mar 23 20:13:15 2024 +0100 services.cgi: Use a section for the main services Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit bdb8ef8db2d53a20fe1b9015f30899cd68124112 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Sat Mar 23 18:55:52 2024 +0100 services.cgi: Use the new service status function Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit f0bf24319352612b2b52ca49cfcac5ba6d49e62f Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Tue Aug 6 16:57:41 2024 +0200 langs: Add translations for the systems graphs Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 864b47bf796e28ede22b90de49b1fd3bc49f555b Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Tue Aug 6 16:54:06 2024 +0200 Run "./make.sh lang" Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 0869a6f5f3bbc1bbaed02511c3996d942bc60c7a Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Tue Aug 6 16:51:06 2024 +0200 graphs: Highlight the default range before the user clicks anything Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 76f429d5d89e8da6ebdd26c6bff8d62877225b7b Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Tue Aug 6 16:44:53 2024 +0200 licenses: Remove the braindead GPL acception stage The GPL is not an EULA and so there is no value in having users accept it. The UI is very broken and so I believe it is best to drop this entirely. Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> ----------------------------------------------------------------------- Summary of changes: config/cfgroot/general-functions.pl | 76 +++++++++ config/cfgroot/graphs.pl | 95 +----------- config/cfgroot/header.pl | 93 ++++++++++- config/collectd/collectd.conf | 13 -- config/rootfiles/common/aarch64/stage2 | 2 - config/rootfiles/common/riscv64/stage2 | 2 - config/rootfiles/common/web-user-interface | 1 - config/rootfiles/common/x86_64/stage2 | 2 - config/rootfiles/core/188/update.sh | 4 +- doc/language_issues.de | 22 ++- doc/language_issues.en | 24 +-- doc/language_issues.es | 24 ++- doc/language_issues.fr | 24 ++- doc/language_issues.it | 24 ++- doc/language_issues.nl | 24 ++- doc/language_issues.pl | 24 ++- doc/language_issues.ru | 24 ++- doc/language_issues.tr | 24 ++- doc/language_missings | 22 +++ html/cgi-bin/gpl.cgi | 101 ------------ html/cgi-bin/index.cgi | 97 +++++------- html/cgi-bin/ovpnmain.cgi | 9 ++ html/cgi-bin/services.cgi | 213 ++++++++------------------ html/html/index.cgi | 6 - html/html/themes/ipfire/include/css/style.css | 30 ++++ langs/de/cgi-bin/de.pl | 2 + langs/en/cgi-bin/en.pl | 3 + lfs/stage2 | 4 - src/installer/main.c | 57 ------- 29 files changed, 525 insertions(+), 521 deletions(-) delete mode 100644 html/cgi-bin/gpl.cgi Difference in files: diff --git a/config/cfgroot/general-functions.pl b/config/cfgroot/general-functions.pl index a87e5c070a..8ba6e3f79f 100644 --- a/config/cfgroot/general-functions.pl +++ b/config/cfgroot/general-functions.pl @@ -97,6 +97,82 @@ sub system($) { return $rc; } +sub read_pids($) { + my $pidfile = shift; + + # Open the PID file + open(PIDFILE, "<${pidfile}"); + + # Store all PIDs here + my @pids = (); + + # Read all PIDs + while (<PIDFILE>) { + chomp $_; + + if (-d "/proc/$_") { + push(@pids, $_); + } + } + + # Close the PID file + close(PIDFILE); + + return @pids; +} + +sub find_pids($) { + my $process = shift; + + # Store all PIDs here + my @pids = (); + + foreach my $status (</proc/*/status>) { + # Open the status file + open(STATUS, "<${status}"); + + # Read the status file + while (<STATUS>) { + # If the name does not match, we break the loop immediately + if ($_ =~ m/^Name:\s+(.*)$/) { + last if ($process ne $1); + + # Push the PID onto the list + } elsif ($_ =~ m/^Pid:\s+(\d+)$/) { + push(@pids, $1); + + # Once we got here, we are done + last; + } + } + + # Close the status file + close(STATUS); + } + + return @pids; +} + +sub get_memory_consumption() { + my $memory = 0; + + foreach my $pid (@_) { + # Open the status file or skip on error + open(STATUS, "/proc/${pid}/status") or next; + + while (<STATUS>) { + if ($_ =~ m/^VmRSS:\s+(\d+) kB/) { + $memory += $1 * 1024; + last; + } + } + + close(STATUS); + } + + return $memory; +} + # Function to remove duplicates from an array sub uniq { my %seen; grep !$seen{$_}++, @_ } diff --git a/config/cfgroot/graphs.pl b/config/cfgroot/graphs.pl index 4bf1a57794..2439c5bf62 100644 --- a/config/cfgroot/graphs.pl +++ b/config/cfgroot/graphs.pl @@ -119,9 +119,11 @@ END # Print range select buttons foreach my $range (@time_ranges) { + my $selected = ($range eq $default_range) ? "class=\"selected\"" : ""; + print <<END; <li> - <button data-range="$range" onclick="rrdimage_selectRange(this)"> + <button data-range="$range" onclick="rrdimage_selectRange(this)" $selected> $Lang::tr{$range} </button> </li> @@ -397,97 +399,6 @@ sub updateswapgraph { return "Error in RRD::graph for memory: ".$ERROR."\n" if $ERROR; } -# Generate the Process Cpu Graph for the current period of time for values given by collecd - -sub updateprocessescpugraph { - my @processesgraph = getprocesses(); - my $period = $_[0]; - my $count="0"; - - my @command = ( - @GRAPH_ARGS, - "-", - "--start", - "-1".$period, - "-l 0", - "-r", - "--color=SHADEA".$color{"color19"}, - "--color=SHADEB".$color{"color19"}, - "--color=BACK".$color{"color21"} - ); - - foreach(@processesgraph){ - chomp($_);my @name=split(/\-/,$_);chop($name[1]); - push(@command,"DEF:".$name[1]."user=".$_."ps_cputime.rrd:user:AVERAGE"); - push(@command,"DEF:".$name[1]."system=".$_."ps_cputime.rrd:syst:AVERAGE"); - push(@command,"CDEF:".$name[1]."=".$name[1]."user,".$name[1]."system,+"); - } - - push(@command,"COMMENT:".$Lang::tr{'caption'}."\\j"); - - my $colorIndex = 0; - foreach(@processesgraph){ - my $colorIndex = 10 + $count % 15; - my $color="$color{\"color$colorIndex\"}"; - chomp($_);my @name=split(/\-/,$_);chop($name[1]); - if ($count eq "0"){ - push(@command,"AREA:".$name[1].$color."A0:".$name[1]); - }else{ - push(@command,"STACK:".$name[1].$color."A0:".$name[1]); - } - $count++; - } - - RRDs::graph (@command); - $ERROR = RRDs::error; - return "Error in RRD::graph for processes: ".$ERROR."\n" if $ERROR; -} - -# Generate the Process Memory Graph for the current period of time for values given by collecd - -sub updateprocessesmemorygraph { - my @processesgraph = getprocesses(); - my $period = $_[0]; - my $count="0"; - - my @command = ( - @GRAPH_ARGS, - "-", - "--start", - "-1".$period, - "-l 0", - "-r", - "-v ".$Lang::tr{'bytes'}, - "--color=SHADEA".$color{"color19"}, - "--color=SHADEB".$color{"color19"}, - "--color=BACK".$color{"color21"} - ); - - foreach(@processesgraph){ - chomp($_);my @name=split(/\-/,$_);chop($name[1]); - push(@command,"DEF:".$name[1]."=".$_."ps_rss.rrd:value:AVERAGE"); - } - - push(@command,"COMMENT:".$Lang::tr{'caption'}."\\j"); - - my $colorIndex = 0; - foreach(@processesgraph){ - chomp($_);my @name=split(/\-/,$_);chop($name[1]); - my $colorIndex = 10 + $count % 15; - my $color="$color{\"color$colorIndex\"}"; - if ($count eq "0"){ - push(@command,"AREA:".$name[1].$color."A0:".$name[1]); - }else{ - push(@command,"STACK:".$name[1].$color."A0:".$name[1]); - } - $count++; - } - - RRDs::graph (@command); - $ERROR = RRDs::error; - return "Error in RRD::graph for processesmemory: ".$ERROR."\n" if $ERROR; -} - # Generate the Disk Graph for the current period of time for values given by collecd sub updatediskgraph { diff --git a/config/cfgroot/header.pl b/config/cfgroot/header.pl index af524af53e..a4a4f5d03f 100644 --- a/config/cfgroot/header.pl +++ b/config/cfgroot/header.pl @@ -236,7 +236,7 @@ print <<END; END -print "<link href=\"/themes/ipfire/include/css/style.css?v=20240125\" rel=\"stylesheet\" type=\"text/css\" />\n"; +print "<link href=\"/themes/ipfire/include/css/style.css?v=20240806\" rel=\"stylesheet\" type=\"text/css\" />\n"; if ($settings{'SPEED'} ne 'off') { @@ -440,8 +440,6 @@ sub genmenu { my %sublogshash = (); my $sublogs = \%sublogshash; - if ( -e "/var/ipfire/main/gpl_accepted") { - eval `/bin/cat /var/ipfire/menu.d/*.menu`; eval `/bin/cat /var/ipfire/menu.d/*.main`; @@ -472,7 +470,6 @@ sub genmenu { $menu->{'03.network'}{'subMenu'}->{'80.macadressmenu'}{'enabled'} = 0; $menu->{'03.network'}{'subMenu'}->{'90.wakeonlan'}{'enabled'} = 0; } - } } sub showhttpheaders($) { @@ -899,4 +896,92 @@ sub _read_manualpage_hash() { close($file); } +sub ServiceStatus() { + my $services = shift; + my %services = %{ $services }; + + # Write the table header + print <<EOF; + <table class="tbl"> +  + + <tbody> +EOF + + foreach my $service (sort keys %services) { + my %config = %{ $services{$service} }; + + my $pidfile = $config{"pidfile"}; + my $process = $config{"process"}; + + # Collect all pids + my @pids = (); + + # Read the PID file or go search... + if (defined $pidfile) { + @pids = &General::read_pids("${pidfile}"); + } else { + @pids = &General::find_pids("${process}"); + } + + # Get memory consumption + my $mem = &General::get_memory_consumption(@pids); + + print <<EOF; + <tr> + <th scope="row"> + $service + </th> +EOF + + # Running? + if (scalar @pids) { + # Format memory + $mem = &General::formatBytes($mem); + + print <<EOF; + <td class="status is-running"> + $Lang::tr{'running'} + </td> + + <td class="text-right"> + ${mem} + </td> +EOF + + # Not Running + } else { + print <<EOF; + <td class="status is-stopped" colspan="2"> + $Lang::tr{'stopped'} + </td> +EOF + } + + print <<EOF; + </tr> +EOF + + } + + print <<EOF; + </tbody> + </table> +EOF +} + 1; # End of package "Header" diff --git a/config/collectd/collectd.conf b/config/collectd/collectd.conf index cc49f0ba7d..27e1fe984a 100644 --- a/config/collectd/collectd.conf +++ b/config/collectd/collectd.conf @@ -22,7 +22,6 @@ LoadPlugin load #LoadPlugin logfile LoadPlugin memory LoadPlugin ping -LoadPlugin processes LoadPlugin rrdtool LoadPlugin sensors LoadPlugin swap @@ -66,18 +65,6 @@ include "/etc/collectd.precache" timeout 10 </Plugin> -<Plugin processes> - Process "sshd" - Process "smbd" - Process "nmbd" - Process "squid" - Process "squidguard" - Process "charon" - Process "openvpn" - Process "qemu" - Process "mpd" -</Plugin> - <Plugin rrdtool> DataDir "/var/log/rrd/collectd" </Plugin> diff --git a/config/rootfiles/common/aarch64/stage2 b/config/rootfiles/common/aarch64/stage2 index e8cdeab9f0..3ac85638fa 100644 --- a/config/rootfiles/common/aarch64/stage2 +++ b/config/rootfiles/common/aarch64/stage2 @@ -132,8 +132,6 @@ usr/local/bin/update-location-database usr/sbin/openvpn-metrics #usr/share #usr/share/doc -#usr/share/doc/licenses -usr/share/doc/licenses/GPLv3 #usr/share/info #usr/share/locale #usr/share/man diff --git a/config/rootfiles/common/riscv64/stage2 b/config/rootfiles/common/riscv64/stage2 index f70c737140..fdccf0d337 100644 --- a/config/rootfiles/common/riscv64/stage2 +++ b/config/rootfiles/common/riscv64/stage2 @@ -133,8 +133,6 @@ usr/local/bin/update-location-database usr/sbin/openvpn-metrics #usr/share #usr/share/doc -#usr/share/doc/licenses -usr/share/doc/licenses/GPLv3 #usr/share/info #usr/share/locale #usr/share/man diff --git a/config/rootfiles/common/web-user-interface b/config/rootfiles/common/web-user-interface index 7ec076d2d8..7678c1e5d0 100644 --- a/config/rootfiles/common/web-user-interface +++ b/config/rootfiles/common/web-user-interface @@ -20,7 +20,6 @@ srv/web/ipfire/cgi-bin/fireinfo.cgi srv/web/ipfire/cgi-bin/firewall.cgi srv/web/ipfire/cgi-bin/fwhosts.cgi srv/web/ipfire/cgi-bin/getrrdimage.cgi -srv/web/ipfire/cgi-bin/gpl.cgi #srv/web/ipfire/cgi-bin/guardian.cgi srv/web/ipfire/cgi-bin/gui.cgi srv/web/ipfire/cgi-bin/hardwaregraphs.cgi diff --git a/config/rootfiles/common/x86_64/stage2 b/config/rootfiles/common/x86_64/stage2 index f6678fc407..c0decfc279 100644 --- a/config/rootfiles/common/x86_64/stage2 +++ b/config/rootfiles/common/x86_64/stage2 @@ -132,8 +132,6 @@ usr/local/bin/update-location-database usr/sbin/openvpn-metrics #usr/share #usr/share/doc -#usr/share/doc/licenses -usr/share/doc/licenses/GPLv3 #usr/share/info #usr/share/locale #usr/share/man diff --git a/config/rootfiles/core/188/update.sh b/config/rootfiles/core/188/update.sh index a31e3617a5..f76b8659d5 100644 --- a/config/rootfiles/core/188/update.sh +++ b/config/rootfiles/core/188/update.sh @@ -38,8 +38,10 @@ extract_files # Remove files rm -vrf \ + /srv/web/ipfire/cgi-bin/gpl.cgi \ /srv/web/ipfire/html/themes/ipfire/include/functions.pl \ - /usr/bin/br2684ctl + /usr/bin/br2684ctl \ + /usr/share/doc/licenses # update linker config ldconfig diff --git a/doc/language_issues.de b/doc/language_issues.de index 757b566e64..e2ca260def 100644 --- a/doc/language_issues.de +++ b/doc/language_issues.de @@ -34,6 +34,7 @@ WARNING: translation string unused: Remote VPN IP WARNING: translation string unused: Resolv WARNING: translation string unused: Subclass WARNING: translation string unused: TOS Bits +WARNING: translation string unused: Utilization on WARNING: translation string unused: Verbose WARNING: translation string unused: Weekly WARNING: translation string unused: access allowed @@ -41,6 +42,7 @@ WARNING: translation string unused: access refused with this oinkcode WARNING: translation string unused: accounting WARNING: translation string unused: accounting user nonpdc WARNING: translation string unused: accounting user pdc +WARNING: translation string unused: acpitemp WARNING: translation string unused: activate user WARNING: translation string unused: add a new rule WARNING: translation string unused: add cron @@ -168,6 +170,8 @@ WARNING: translation string unused: could not download the available updates lis WARNING: translation string unused: could not open available updates file WARNING: translation string unused: could not open installed updates file WARNING: translation string unused: could not open update information file +WARNING: translation string unused: cpu frequency per +WARNING: translation string unused: cpu usage per WARNING: translation string unused: create WARNING: translation string unused: create mask WARNING: translation string unused: create new backup @@ -214,6 +218,7 @@ WARNING: translation string unused: directory mask WARNING: translation string unused: directory writeable WARNING: translation string unused: disconnect WARNING: translation string unused: disconnects +WARNING: translation string unused: disk access WARNING: translation string unused: display charset WARNING: translation string unused: display traffic at home WARNING: translation string unused: display webinterface effects @@ -301,6 +306,7 @@ WARNING: translation string unused: extrahd to root WARNING: translation string unused: extrahd unable to read WARNING: translation string unused: extrahd unable to write WARNING: translation string unused: filename +WARNING: translation string unused: firewall hits per WARNING: translation string unused: firmware WARNING: translation string unused: firmware upload WARNING: translation string unused: force update @@ -366,9 +372,15 @@ WARNING: translation string unused: generatekeys WARNING: translation string unused: generatepolicy WARNING: translation string unused: generatereport WARNING: translation string unused: genkey +WARNING: translation string unused: gpl i accept these terms and conditions +WARNING: translation string unused: gpl license agreement +WARNING: translation string unused: gpl please read carefully the general public license and accept it below +WARNING: translation string unused: gpl unofficial translation of the general public license v3 +WARNING: translation string unused: graph per WARNING: translation string unused: green interface WARNING: translation string unused: guest ok WARNING: translation string unused: gz with key +WARNING: translation string unused: harddisk temperature WARNING: translation string unused: harddisk temperature graphs WARNING: translation string unused: hint WARNING: translation string unused: host @@ -403,7 +415,6 @@ WARNING: translation string unused: installed updates WARNING: translation string unused: interfaces WARNING: translation string unused: intrusion detection system log viewer WARNING: translation string unused: intrusion detection system2 -WARNING: translation string unused: intrusion prevention system WARNING: translation string unused: invalid cache size WARNING: translation string unused: invalid date entered WARNING: translation string unused: invalid downlink speed @@ -438,6 +449,7 @@ WARNING: translation string unused: lateprompting WARNING: translation string unused: legacy architecture warning WARNING: translation string unused: length WARNING: translation string unused: line +WARNING: translation string unused: linkq WARNING: translation string unused: load printer WARNING: translation string unused: loaded modules WARNING: translation string unused: local hard disk @@ -475,11 +487,15 @@ WARNING: translation string unused: marked WARNING: translation string unused: max incoming size WARNING: translation string unused: max outgoing size WARNING: translation string unused: max size +WARNING: translation string unused: mbmon fan WARNING: translation string unused: mbmon fan in WARNING: translation string unused: mbmon graphs +WARNING: translation string unused: mbmon temp WARNING: translation string unused: mbmon temp in WARNING: translation string unused: mbmon value +WARNING: translation string unused: mbmon volt WARNING: translation string unused: meaning +WARNING: translation string unused: memory usage per WARNING: translation string unused: messages logging WARNING: translation string unused: min size WARNING: translation string unused: missing dat @@ -723,6 +739,7 @@ WARNING: translation string unused: subnet WARNING: translation string unused: subnet is invalid WARNING: translation string unused: subscripted user rules WARNING: translation string unused: successfully refreshed updates list +WARNING: translation string unused: swap usage per WARNING: translation string unused: system graphs WARNING: translation string unused: system log viewer WARNING: translation string unused: system status information @@ -755,6 +772,7 @@ WARNING: translation string unused: traffic calc time WARNING: translation string unused: traffic calc time bad WARNING: translation string unused: traffic info messages WARNING: translation string unused: traffic monitor +WARNING: translation string unused: traffic on WARNING: translation string unused: traffic shaping WARNING: translation string unused: traffic shaping settings WARNING: translation string unused: traffic warn level bad @@ -810,6 +828,7 @@ WARNING: translation string unused: upstream proxy host:port WARNING: translation string unused: upstream username WARNING: translation string unused: uptime WARNING: translation string unused: uptime and users +WARNING: translation string unused: uptime load average WARNING: translation string unused: urlfilter background image WARNING: translation string unused: urlfilter background text WARNING: translation string unused: urlfilter enable jpeg @@ -940,6 +959,7 @@ WARNING: untranslated string: log drop hostile out = Log dropped packets TO host WARNING: untranslated string: netbios nameserver daemon = NetBIOS Nameserver Daemon WARNING: untranslated string: no entries = No entries at the moment. WARNING: untranslated string: optional = Optional +WARNING: untranslated string: ovpn roadwarrior server = OpenVPN Roadwarrior Server WARNING: untranslated string: pakfire invalid tree = Invalid repository selected WARNING: untranslated string: reg_file_data_sampling = Register File Data Sampling (RFDS) WARNING: untranslated string: regenerate host certificate = Renew Host Certificate diff --git a/doc/language_issues.en b/doc/language_issues.en index 4f2b8a03c0..443c2a9512 100644 --- a/doc/language_issues.en +++ b/doc/language_issues.en @@ -83,7 +83,6 @@ WARNING: untranslated string: TOS rule = TOS rule WARNING: untranslated string: The class number does not match the specified interface. = The class number does not match the specified interface. WARNING: untranslated string: The destination IP address is invalid. = The destination IP address is invalid. WARNING: untranslated string: The source IP address is invalid. = The source IP address is invalid. -WARNING: untranslated string: Utilization on = Utilization on WARNING: untranslated string: WakeOnLan = Wake On Lan WARNING: untranslated string: a ca certificate with this name already exists = A CA certificate with this name already exists. WARNING: untranslated string: a connection with this common name already exists = A connection with this common name already exists. @@ -92,7 +91,6 @@ WARNING: untranslated string: abort = abort WARNING: untranslated string: access point name = Access Point Name WARNING: untranslated string: access point name is invalid = Access Point Name is invalid WARNING: untranslated string: access point name is required = Access Point Name is required -WARNING: untranslated string: acpitemp = ACPI - Temperatures WARNING: untranslated string: action = Action WARNING: untranslated string: activate = Activate WARNING: untranslated string: active = Active @@ -517,7 +515,6 @@ WARNING: untranslated string: country = Country WARNING: untranslated string: country codes and flags = Country Codes and Flags: WARNING: untranslated string: countrycode = Code WARNING: untranslated string: cpu frequency = CPU frequency -WARNING: untranslated string: cpu frequency per = CPU frequency per WARNING: untranslated string: cpu idle usage = Idle CPU Usage WARNING: untranslated string: cpu interrupt usage = Interrupt CPU Usage WARNING: untranslated string: cpu iowait usage = CPU waiting for IO @@ -525,7 +522,6 @@ WARNING: untranslated string: cpu irq usage = IRQ CPU Usage WARNING: untranslated string: cpu nice usage = Nice CPU Usage WARNING: untranslated string: cpu steal usage = Steal CPU Usage WARNING: untranslated string: cpu system usage = System CPU Usage -WARNING: untranslated string: cpu usage per = CPU Usage per WARNING: untranslated string: cpu user usage = User CPU Usage WARNING: untranslated string: credits = Credits WARNING: untranslated string: crl = Certificate Revocation List @@ -613,7 +609,6 @@ WARNING: untranslated string: dialup red not ppp = Dialup profiles can only used WARNING: untranslated string: disable = Disable WARNING: untranslated string: disabled = disabled WARNING: untranslated string: disconnected = Disconnected -WARNING: untranslated string: disk access = Disk Access WARNING: untranslated string: disk usage = Disk usage WARNING: untranslated string: display = Display WARNING: untranslated string: display hostname in window title = Display hostname in window title @@ -794,7 +789,6 @@ WARNING: untranslated string: firewall graph country = Firewall-Diagram (Country WARNING: untranslated string: firewall graph ip = Firewall-Diagram (IP) WARNING: untranslated string: firewall graph port = Firewall-Diagram (Port) WARNING: untranslated string: firewall hits = Total number of firewall hits for -WARNING: untranslated string: firewall hits per = firewallhits per WARNING: untranslated string: firewall log = Firewall log WARNING: untranslated string: firewall log country = Firewall log (Country) WARNING: untranslated string: firewall log ip = Firewall log (IP) @@ -987,12 +981,7 @@ WARNING: untranslated string: generate root/host certificates = Generate root/ho WARNING: untranslated string: generating the root and host certificates may take a long time. it can take up to several minutes on older hardware. please be patient = Generating the root and host certificates may take a long time. It can take up to several minutes on older hardware. Please be patient. WARNING: untranslated string: genre = Genre WARNING: untranslated string: global settings = Global Settings -WARNING: untranslated string: gpl i accept these terms and conditions = I accept these terms and conditions -WARNING: untranslated string: gpl license agreement = License Agreement -WARNING: untranslated string: gpl please read carefully the general public license and accept it below = Please read carefully the General Public License and accept it below -WARNING: untranslated string: gpl unofficial translation of the general public license v3 = Unofficial translation of the General Public License v3 WARNING: untranslated string: graph = Graph -WARNING: untranslated string: graph per = per WARNING: untranslated string: green = GREEN WARNING: untranslated string: grouptype = Grouptype: WARNING: untranslated string: guaranteed bandwidth = Guaranteed bandwidth @@ -1029,7 +1018,6 @@ WARNING: untranslated string: guardian service = unknown string WARNING: untranslated string: gui settings = GUI Settings WARNING: untranslated string: hangup = Disconnect WARNING: untranslated string: hangup string = Hangup: -WARNING: untranslated string: harddisk temperature = Harddisk Temperature WARNING: untranslated string: hardware graphs = Hardware Graphs WARNING: untranslated string: hardware vulnerabilities = Hardware Vulnerabilities WARNING: untranslated string: hdd temperature in = Harddisk temperature in @@ -1115,6 +1103,7 @@ WARNING: untranslated string: internet = INTERNET WARNING: untranslated string: intrusion detection = Intrusion Prevention WARNING: untranslated string: intrusion detection system = Intrusion Prevention System WARNING: untranslated string: intrusion detection system rules = Ruleset +WARNING: untranslated string: intrusion prevention system = Intrusion Prevention System WARNING: untranslated string: invalid broadcast ip = Invalid broadcast IP WARNING: untranslated string: invalid characters found in pre-shared key = Invalid characters found in pre-shared key. WARNING: untranslated string: invalid default lease time = Invalid default lease time. @@ -1237,7 +1226,7 @@ WARNING: untranslated string: least preferred = least preferred WARNING: untranslated string: legend = Legend WARNING: untranslated string: lifetime = Lifetime: WARNING: untranslated string: link-layer encapsulation = Link-Layer Encapsulation -WARNING: untranslated string: linkq = Link Quality +WARNING: untranslated string: load average = Load Average WARNING: untranslated string: local ip address = Local IP Address WARNING: untranslated string: local ntp server specified but not enabled = Local NTP server specified but not enabled WARNING: untranslated string: local subnet = Local subnet: @@ -1307,18 +1296,14 @@ WARNING: untranslated string: maximum = Maximum WARNING: untranslated string: maximum retries = Maximum retries: WARNING: untranslated string: may = May WARNING: untranslated string: mbmon display = Display -WARNING: untranslated string: mbmon fan = Fan Speed WARNING: untranslated string: mbmon label = Label WARNING: untranslated string: mbmon settings = mbmongraph settings -WARNING: untranslated string: mbmon temp = Temperature -WARNING: untranslated string: mbmon volt = Voltage WARNING: untranslated string: media = Media WARNING: untranslated string: media information = Media information WARNING: untranslated string: medium = Medium WARNING: untranslated string: meltdown = Meltdown WARNING: untranslated string: memory = Memory WARNING: untranslated string: memory information = Memory information -WARNING: untranslated string: memory usage per = Memory Usage per WARNING: untranslated string: messages = Messages WARNING: untranslated string: method = Method: WARNING: untranslated string: min costs = Minimum costs @@ -1471,6 +1456,7 @@ WARNING: untranslated string: ovpn on blue = OpenVPN on BLUE: WARNING: untranslated string: ovpn on orange = OpenVPN on ORANGE: WARNING: untranslated string: ovpn on red = OpenVPN on RED: WARNING: untranslated string: ovpn port in root range = A port number of 1024 or higher is required. +WARNING: untranslated string: ovpn roadwarrior server = OpenVPN Roadwarrior Server WARNING: untranslated string: ovpn routes push = Routes (one per line) e.g. 192.168.10.0/255.255.255.0 192.168.20.0/24 WARNING: untranslated string: ovpn routes push options = Route push options WARNING: untranslated string: ovpn rw connection log = OpenVPN Roadwarrior Connections Log @@ -1539,6 +1525,7 @@ WARNING: untranslated string: primary wins server address = Primary WINS server WARNING: untranslated string: priority = Priority WARNING: untranslated string: processes = Processes WARNING: untranslated string: processor vulnerability mitigations = Processor Vulnerability Mitigations +WARNING: untranslated string: processors = Processors WARNING: untranslated string: profile = Profile WARNING: untranslated string: profile deleted = Profile deleted: WARNING: untranslated string: profile has errors = Profile has errors @@ -1742,7 +1729,6 @@ WARNING: untranslated string: summaries kept = Keep summaries for WARNING: untranslated string: sunday = Sunday WARNING: untranslated string: support donation = Support the IPFire project with your donation WARNING: untranslated string: swap = Swap -WARNING: untranslated string: swap usage per = Swap usage per WARNING: untranslated string: system = System WARNING: untranslated string: system information = System Information WARNING: untranslated string: system is offline = The system is offline. @@ -1824,7 +1810,6 @@ WARNING: untranslated string: tor use exit nodes = Use only these exit nodes (on WARNING: untranslated string: tor use guard nodes = Use only these guard nodes (one fingerprint per line) WARNING: untranslated string: total connection time = Total Connection Time WARNING: untranslated string: total hits for log section = Total hits for log section -WARNING: untranslated string: traffic on = Traffic on WARNING: untranslated string: traffic stat in = In WARNING: untranslated string: traffic stat out = Out WARNING: untranslated string: traffic stat title = RED Traffic @@ -1922,7 +1907,6 @@ WARNING: untranslated string: upload a certificate = Upload a certificate: WARNING: untranslated string: upload a certificate request = Upload a certificate request: WARNING: untranslated string: upload ca certificate = Upload CA certificate WARNING: untranslated string: upload p12 file = Upload PKCS12 file -WARNING: untranslated string: uptime load average = Load average WARNING: untranslated string: url filter = URL Filter WARNING: untranslated string: urlfilter access = Access WARNING: untranslated string: urlfilter activity detection = Activity detection diff --git a/doc/language_issues.es b/doc/language_issues.es index b124927aa0..f949d8a033 100644 --- a/doc/language_issues.es +++ b/doc/language_issues.es @@ -36,6 +36,7 @@ WARNING: translation string unused: Remote VPN IP WARNING: translation string unused: Resolv WARNING: translation string unused: Subclass WARNING: translation string unused: TOS Bits +WARNING: translation string unused: Utilization on WARNING: translation string unused: Verbose WARNING: translation string unused: Weekly WARNING: translation string unused: access allowed @@ -43,6 +44,7 @@ WARNING: translation string unused: access refused with this oinkcode WARNING: translation string unused: accounting WARNING: translation string unused: accounting user nonpdc WARNING: translation string unused: accounting user pdc +WARNING: translation string unused: acpitemp WARNING: translation string unused: activate user WARNING: translation string unused: add a new rule WARNING: translation string unused: add cron @@ -189,6 +191,8 @@ WARNING: translation string unused: could not download the available updates lis WARNING: translation string unused: could not open available updates file WARNING: translation string unused: could not open installed updates file WARNING: translation string unused: could not open update information file +WARNING: translation string unused: cpu frequency per +WARNING: translation string unused: cpu usage per WARNING: translation string unused: create WARNING: translation string unused: create mask WARNING: translation string unused: create new backup @@ -243,6 +247,7 @@ WARNING: translation string unused: directory mask WARNING: translation string unused: directory writeable WARNING: translation string unused: disconnect WARNING: translation string unused: disconnects +WARNING: translation string unused: disk access WARNING: translation string unused: display charset WARNING: translation string unused: display traffic at home WARNING: translation string unused: display webinterface effects @@ -336,6 +341,7 @@ WARNING: translation string unused: extrahd unable to read WARNING: translation string unused: extrahd unable to write WARNING: translation string unused: filename WARNING: translation string unused: firewall graphs +WARNING: translation string unused: firewall hits per WARNING: translation string unused: firewall log viewer WARNING: translation string unused: firmware WARNING: translation string unused: firmware upload @@ -406,9 +412,15 @@ WARNING: translation string unused: generatekeys WARNING: translation string unused: generatepolicy WARNING: translation string unused: generatereport WARNING: translation string unused: genkey +WARNING: translation string unused: gpl i accept these terms and conditions +WARNING: translation string unused: gpl license agreement +WARNING: translation string unused: gpl please read carefully the general public license and accept it below +WARNING: translation string unused: gpl unofficial translation of the general public license v3 +WARNING: translation string unused: graph per WARNING: translation string unused: green interface WARNING: translation string unused: guest ok WARNING: translation string unused: gz with key +WARNING: translation string unused: harddisk temperature WARNING: translation string unused: harddisk temperature graphs WARNING: translation string unused: hint WARNING: translation string unused: host @@ -448,7 +460,6 @@ WARNING: translation string unused: installed updates WARNING: translation string unused: interfaces WARNING: translation string unused: intrusion detection system log viewer WARNING: translation string unused: intrusion detection system2 -WARNING: translation string unused: intrusion prevention system WARNING: translation string unused: invalid cache size WARNING: translation string unused: invalid date entered WARNING: translation string unused: invalid downlink speed @@ -487,6 +498,7 @@ WARNING: translation string unused: lateprompting WARNING: translation string unused: legacy architecture warning WARNING: translation string unused: length WARNING: translation string unused: line +WARNING: translation string unused: linkq WARNING: translation string unused: load printer WARNING: translation string unused: loaded modules WARNING: translation string unused: local hard disk @@ -524,11 +536,15 @@ WARNING: translation string unused: marked WARNING: translation string unused: max incoming size WARNING: translation string unused: max outgoing size WARNING: translation string unused: max size +WARNING: translation string unused: mbmon fan WARNING: translation string unused: mbmon fan in WARNING: translation string unused: mbmon graphs +WARNING: translation string unused: mbmon temp WARNING: translation string unused: mbmon temp in WARNING: translation string unused: mbmon value +WARNING: translation string unused: mbmon volt WARNING: translation string unused: meaning +WARNING: translation string unused: memory usage per WARNING: translation string unused: messages logging WARNING: translation string unused: min size WARNING: translation string unused: missing dat @@ -787,6 +803,7 @@ WARNING: translation string unused: subnet WARNING: translation string unused: subnet is invalid WARNING: translation string unused: subscripted user rules WARNING: translation string unused: successfully refreshed updates list +WARNING: translation string unused: swap usage per WARNING: translation string unused: system graphs WARNING: translation string unused: system log viewer WARNING: translation string unused: system status information @@ -822,6 +839,7 @@ WARNING: translation string unused: traffic calc time WARNING: translation string unused: traffic calc time bad WARNING: translation string unused: traffic info messages WARNING: translation string unused: traffic monitor +WARNING: translation string unused: traffic on WARNING: translation string unused: traffic shaping WARNING: translation string unused: traffic shaping settings WARNING: translation string unused: traffic warn level bad @@ -880,6 +898,7 @@ WARNING: translation string unused: upstream proxy host:port WARNING: translation string unused: upstream username WARNING: translation string unused: uptime WARNING: translation string unused: uptime and users +WARNING: translation string unused: uptime load average WARNING: translation string unused: urlfilter background image WARNING: translation string unused: urlfilter background text WARNING: translation string unused: urlfilter enable jpeg @@ -996,12 +1015,15 @@ WARNING: untranslated string: hostile networks total = Total Hostile Networks WARNING: untranslated string: ids provider eol = (EOL) WARNING: untranslated string: info messages = unknown string WARNING: untranslated string: invalid ip or hostname = Invalid IP Address or Hostname +WARNING: untranslated string: load average = Load Average WARNING: untranslated string: log drop hostile in = Log dropped packets FROM hostile networks WARNING: untranslated string: log drop hostile out = Log dropped packets TO hostile networks WARNING: untranslated string: no data = unknown string WARNING: untranslated string: openvpn cert expires soon = Expires Soon WARNING: untranslated string: openvpn cert has expired = Expired +WARNING: untranslated string: ovpn roadwarrior server = OpenVPN Roadwarrior Server WARNING: untranslated string: pakfire ago = ago. +WARNING: untranslated string: processors = Processors WARNING: untranslated string: reg_file_data_sampling = Register File Data Sampling (RFDS) WARNING: untranslated string: regenerate host certificate = Renew Host Certificate WARNING: untranslated string: reiserfs warning1 = Reiserfs is deprecated and scheduled to be removed from the kernel in 2025. diff --git a/doc/language_issues.fr b/doc/language_issues.fr index 9a290fb58f..ef480a19e5 100644 --- a/doc/language_issues.fr +++ b/doc/language_issues.fr @@ -38,6 +38,7 @@ WARNING: translation string unused: Remote VPN IP WARNING: translation string unused: Resolv WARNING: translation string unused: Subclass WARNING: translation string unused: TOS Bits +WARNING: translation string unused: Utilization on WARNING: translation string unused: Verbose WARNING: translation string unused: Weekly WARNING: translation string unused: access allowed @@ -45,6 +46,7 @@ WARNING: translation string unused: access refused with this oinkcode WARNING: translation string unused: accounting WARNING: translation string unused: accounting user nonpdc WARNING: translation string unused: accounting user pdc +WARNING: translation string unused: acpitemp WARNING: translation string unused: activate user WARNING: translation string unused: add a new rule WARNING: translation string unused: add cron @@ -190,6 +192,8 @@ WARNING: translation string unused: could not download the available updates lis WARNING: translation string unused: could not open available updates file WARNING: translation string unused: could not open installed updates file WARNING: translation string unused: could not open update information file +WARNING: translation string unused: cpu frequency per +WARNING: translation string unused: cpu usage per WARNING: translation string unused: create WARNING: translation string unused: create mask WARNING: translation string unused: create new backup @@ -239,6 +243,7 @@ WARNING: translation string unused: directory mask WARNING: translation string unused: directory writeable WARNING: translation string unused: disconnect WARNING: translation string unused: disconnects +WARNING: translation string unused: disk access WARNING: translation string unused: display charset WARNING: translation string unused: display traffic at home WARNING: translation string unused: display webinterface effects @@ -328,6 +333,7 @@ WARNING: translation string unused: extrahd to root WARNING: translation string unused: extrahd unable to read WARNING: translation string unused: extrahd unable to write WARNING: translation string unused: filename +WARNING: translation string unused: firewall hits per WARNING: translation string unused: firmware WARNING: translation string unused: firmware upload WARNING: translation string unused: force update @@ -393,9 +399,15 @@ WARNING: translation string unused: generatekeys WARNING: translation string unused: generatepolicy WARNING: translation string unused: generatereport WARNING: translation string unused: genkey +WARNING: translation string unused: gpl i accept these terms and conditions +WARNING: translation string unused: gpl license agreement +WARNING: translation string unused: gpl please read carefully the general public license and accept it below +WARNING: translation string unused: gpl unofficial translation of the general public license v3 +WARNING: translation string unused: graph per WARNING: translation string unused: green interface WARNING: translation string unused: guest ok WARNING: translation string unused: gz with key +WARNING: translation string unused: harddisk temperature WARNING: translation string unused: harddisk temperature graphs WARNING: translation string unused: hint WARNING: translation string unused: host @@ -431,7 +443,6 @@ WARNING: translation string unused: installed updates WARNING: translation string unused: interfaces WARNING: translation string unused: intrusion detection system log viewer WARNING: translation string unused: intrusion detection system2 -WARNING: translation string unused: intrusion prevention system WARNING: translation string unused: invalid cache size WARNING: translation string unused: invalid date entered WARNING: translation string unused: invalid downlink speed @@ -466,6 +477,7 @@ WARNING: translation string unused: lateprompting WARNING: translation string unused: legacy architecture warning WARNING: translation string unused: length WARNING: translation string unused: line +WARNING: translation string unused: linkq WARNING: translation string unused: load printer WARNING: translation string unused: loaded modules WARNING: translation string unused: local hard disk @@ -503,11 +515,15 @@ WARNING: translation string unused: marked WARNING: translation string unused: max incoming size WARNING: translation string unused: max outgoing size WARNING: translation string unused: max size +WARNING: translation string unused: mbmon fan WARNING: translation string unused: mbmon fan in WARNING: translation string unused: mbmon graphs +WARNING: translation string unused: mbmon temp WARNING: translation string unused: mbmon temp in WARNING: translation string unused: mbmon value +WARNING: translation string unused: mbmon volt WARNING: translation string unused: meaning +WARNING: translation string unused: memory usage per WARNING: translation string unused: messages logging WARNING: translation string unused: min size WARNING: translation string unused: missing dat @@ -758,6 +774,7 @@ WARNING: translation string unused: subnet WARNING: translation string unused: subnet is invalid WARNING: translation string unused: subscripted user rules WARNING: translation string unused: successfully refreshed updates list +WARNING: translation string unused: swap usage per WARNING: translation string unused: system graphs WARNING: translation string unused: system log viewer WARNING: translation string unused: system status information @@ -793,6 +810,7 @@ WARNING: translation string unused: traffic calc time WARNING: translation string unused: traffic calc time bad WARNING: translation string unused: traffic info messages WARNING: translation string unused: traffic monitor +WARNING: translation string unused: traffic on WARNING: translation string unused: traffic shaping WARNING: translation string unused: traffic shaping settings WARNING: translation string unused: traffic warn level bad @@ -849,6 +867,7 @@ WARNING: translation string unused: upstream proxy host:port WARNING: translation string unused: upstream username WARNING: translation string unused: uptime WARNING: translation string unused: uptime and users +WARNING: translation string unused: uptime load average WARNING: translation string unused: urlfilter background image WARNING: translation string unused: urlfilter background text WARNING: translation string unused: urlfilter enable jpeg @@ -945,7 +964,10 @@ WARNING: untranslated string: guardian no entries = unknown string WARNING: untranslated string: guardian service = unknown string WARNING: untranslated string: hostile networks total = Total Hostile Networks WARNING: untranslated string: ids provider eol = (EOL) +WARNING: untranslated string: load average = Load Average +WARNING: untranslated string: ovpn roadwarrior server = OpenVPN Roadwarrior Server WARNING: untranslated string: pakfire ago = ago. +WARNING: untranslated string: processors = Processors WARNING: untranslated string: reg_file_data_sampling = Register File Data Sampling (RFDS) WARNING: untranslated string: routing config added = unknown string WARNING: untranslated string: routing config changed = unknown string diff --git a/doc/language_issues.it b/doc/language_issues.it index b85041c743..44387439ce 100644 --- a/doc/language_issues.it +++ b/doc/language_issues.it @@ -12,6 +12,7 @@ WARNING: translation string unused: Remote VPN IP WARNING: translation string unused: Resolv WARNING: translation string unused: Subclass WARNING: translation string unused: TOS Bits +WARNING: translation string unused: Utilization on WARNING: translation string unused: Verbose WARNING: translation string unused: access allowed WARNING: translation string unused: access refused with this oinkcode @@ -163,6 +164,8 @@ WARNING: translation string unused: could not download the available updates lis WARNING: translation string unused: could not open available updates file WARNING: translation string unused: could not open installed updates file WARNING: translation string unused: could not open update information file +WARNING: translation string unused: cpu frequency per +WARNING: translation string unused: cpu usage per WARNING: translation string unused: create WARNING: translation string unused: create mask WARNING: translation string unused: create new backup @@ -211,6 +214,7 @@ WARNING: translation string unused: directory mask WARNING: translation string unused: directory writeable WARNING: translation string unused: disconnect WARNING: translation string unused: disconnects +WARNING: translation string unused: disk access WARNING: translation string unused: display charset WARNING: translation string unused: display traffic at home WARNING: translation string unused: display webinterface effects @@ -295,6 +299,7 @@ WARNING: translation string unused: extrahd unable to read WARNING: translation string unused: extrahd unable to write WARNING: translation string unused: filename WARNING: translation string unused: firewall graphs +WARNING: translation string unused: firewall hits per WARNING: translation string unused: firewall log viewer WARNING: translation string unused: firmware WARNING: translation string unused: firmware upload @@ -362,9 +367,15 @@ WARNING: translation string unused: generatekeys WARNING: translation string unused: generatepolicy WARNING: translation string unused: generatereport WARNING: translation string unused: genkey +WARNING: translation string unused: gpl i accept these terms and conditions +WARNING: translation string unused: gpl license agreement +WARNING: translation string unused: gpl please read carefully the general public license and accept it below +WARNING: translation string unused: gpl unofficial translation of the general public license v3 +WARNING: translation string unused: graph per WARNING: translation string unused: green interface WARNING: translation string unused: guest ok WARNING: translation string unused: gz with key +WARNING: translation string unused: harddisk temperature WARNING: translation string unused: harddisk temperature graphs WARNING: translation string unused: hint WARNING: translation string unused: host @@ -428,6 +439,7 @@ WARNING: translation string unused: lang WARNING: translation string unused: lateprompting WARNING: translation string unused: length WARNING: translation string unused: line +WARNING: translation string unused: linkq WARNING: translation string unused: load printer WARNING: translation string unused: loaded modules WARNING: translation string unused: local hard disk @@ -462,11 +474,15 @@ WARNING: translation string unused: marked WARNING: translation string unused: max incoming size WARNING: translation string unused: max outgoing size WARNING: translation string unused: max size +WARNING: translation string unused: mbmon fan WARNING: translation string unused: mbmon fan in WARNING: translation string unused: mbmon graphs +WARNING: translation string unused: mbmon temp WARNING: translation string unused: mbmon temp in WARNING: translation string unused: mbmon value +WARNING: translation string unused: mbmon volt WARNING: translation string unused: meaning +WARNING: translation string unused: memory usage per WARNING: translation string unused: messages logging WARNING: translation string unused: min size WARNING: translation string unused: missing dat @@ -715,6 +731,7 @@ WARNING: translation string unused: subnet WARNING: translation string unused: subnet is invalid WARNING: translation string unused: subscripted user rules WARNING: translation string unused: successfully refreshed updates list +WARNING: translation string unused: swap usage per WARNING: translation string unused: system graphs WARNING: translation string unused: system log viewer WARNING: translation string unused: system status information @@ -749,6 +766,7 @@ WARNING: translation string unused: traffic calc time WARNING: translation string unused: traffic calc time bad WARNING: translation string unused: traffic info messages WARNING: translation string unused: traffic monitor +WARNING: translation string unused: traffic on WARNING: translation string unused: traffic shaping WARNING: translation string unused: traffic shaping settings WARNING: translation string unused: traffic warn level bad @@ -805,6 +823,7 @@ WARNING: translation string unused: upstream proxy host:port WARNING: translation string unused: upstream username WARNING: translation string unused: uptime WARNING: translation string unused: uptime and users +WARNING: translation string unused: uptime load average WARNING: translation string unused: urlfilter background image WARNING: translation string unused: urlfilter background text WARNING: translation string unused: urlfilter enable jpeg @@ -887,7 +906,6 @@ WARNING: untranslated string: Scan for Songs = unknown string WARNING: untranslated string: access point name = Access Point Name WARNING: untranslated string: access point name is invalid = Access Point Name is invalid WARNING: untranslated string: access point name is required = Access Point Name is required -WARNING: untranslated string: acpitemp = ACPI - Temperatures WARNING: untranslated string: administrator password = Administrator password WARNING: untranslated string: administrator username = Administrator username WARNING: untranslated string: advproxy AUTH method ntlm auth = Windows Active Directory @@ -1113,6 +1131,7 @@ WARNING: untranslated string: incoming overhead in bytes per second = Incoming O WARNING: untranslated string: info messages = unknown string WARNING: untranslated string: inodes = Index-Nodes WARNING: untranslated string: interface mode = Interface +WARNING: untranslated string: intrusion prevention system = Intrusion Prevention System WARNING: untranslated string: invalid input for inactivity timeout = Invalid input for Inactivity Timeout WARNING: untranslated string: invalid input for interface address = Invalid input for interface address WARNING: untranslated string: invalid input for interface mode = Invalid input for interface mode @@ -1154,6 +1173,7 @@ WARNING: untranslated string: ipsec routing table entries = IPsec Routing Table WARNING: untranslated string: ipsec settings = IPsec Settings WARNING: untranslated string: itlb multihit = iTLB MultiHit WARNING: untranslated string: link-layer encapsulation = Link-Layer Encapsulation +WARNING: untranslated string: load average = Load Average WARNING: untranslated string: local ip address = Local IP Address WARNING: untranslated string: location = Location WARNING: untranslated string: locationblock = Location Block @@ -1197,6 +1217,7 @@ WARNING: untranslated string: outgoing overhead in bytes per second = Outgoing O WARNING: untranslated string: ovpn add conf = Additional configuration WARNING: untranslated string: ovpn connection name = Connection Name WARNING: untranslated string: ovpn error md5 = You host certificate uses MD5 for the signature which is not accepted anymore. <br>Please update to the latest IPFire version and generate a new root and host certificate.</br><br>All OpenVPN clients needs then to be renewed!</br> +WARNING: untranslated string: ovpn roadwarrior server = OpenVPN Roadwarrior Server WARNING: untranslated string: ovpn rw connection log = OpenVPN Roadwarrior Connections Log WARNING: untranslated string: ovpn tls auth = TLS Channel Protection: WARNING: untranslated string: ovpn warning rfc3280 = Your host certificate is not RFC3280 compliant. <br>Please update to the latest IPFire version and generate as soon as possible a new root and host certificate.</br><br>All OpenVPN clients needs then to be renewed!</br> @@ -1215,6 +1236,7 @@ WARNING: untranslated string: pptp netconfig = My Net Config WARNING: untranslated string: pptp peer = Peer WARNING: untranslated string: pptp route = PPTP Route WARNING: untranslated string: processor vulnerability mitigations = Processor Vulnerability Mitigations +WARNING: untranslated string: processors = Processors WARNING: untranslated string: ptr = PTR WARNING: untranslated string: rdns = rDNS WARNING: untranslated string: reboot fsck = Reboot & run ‘fsck’ diff --git a/doc/language_issues.nl b/doc/language_issues.nl index adf28c0368..57edc0f5b7 100644 --- a/doc/language_issues.nl +++ b/doc/language_issues.nl @@ -12,6 +12,7 @@ WARNING: translation string unused: Remote VPN IP WARNING: translation string unused: Resolv WARNING: translation string unused: Subclass WARNING: translation string unused: TOS Bits +WARNING: translation string unused: Utilization on WARNING: translation string unused: Verbose WARNING: translation string unused: access allowed WARNING: translation string unused: access refused with this oinkcode @@ -163,6 +164,8 @@ WARNING: translation string unused: could not download the available updates lis WARNING: translation string unused: could not open available updates file WARNING: translation string unused: could not open installed updates file WARNING: translation string unused: could not open update information file +WARNING: translation string unused: cpu frequency per +WARNING: translation string unused: cpu usage per WARNING: translation string unused: create WARNING: translation string unused: create mask WARNING: translation string unused: create new backup @@ -212,6 +215,7 @@ WARNING: translation string unused: directory mask WARNING: translation string unused: directory writeable WARNING: translation string unused: disconnect WARNING: translation string unused: disconnects +WARNING: translation string unused: disk access WARNING: translation string unused: display charset WARNING: translation string unused: display traffic at home WARNING: translation string unused: display webinterface effects @@ -296,6 +300,7 @@ WARNING: translation string unused: extrahd unable to read WARNING: translation string unused: extrahd unable to write WARNING: translation string unused: filename WARNING: translation string unused: firewall graphs +WARNING: translation string unused: firewall hits per WARNING: translation string unused: firewall log viewer WARNING: translation string unused: firmware WARNING: translation string unused: firmware upload @@ -363,9 +368,15 @@ WARNING: translation string unused: generatekeys WARNING: translation string unused: generatepolicy WARNING: translation string unused: generatereport WARNING: translation string unused: genkey +WARNING: translation string unused: gpl i accept these terms and conditions +WARNING: translation string unused: gpl license agreement +WARNING: translation string unused: gpl please read carefully the general public license and accept it below +WARNING: translation string unused: gpl unofficial translation of the general public license v3 +WARNING: translation string unused: graph per WARNING: translation string unused: green interface WARNING: translation string unused: guest ok WARNING: translation string unused: gz with key +WARNING: translation string unused: harddisk temperature WARNING: translation string unused: harddisk temperature graphs WARNING: translation string unused: hardware support WARNING: translation string unused: hint @@ -430,6 +441,7 @@ WARNING: translation string unused: lang WARNING: translation string unused: lateprompting WARNING: translation string unused: length WARNING: translation string unused: line +WARNING: translation string unused: linkq WARNING: translation string unused: load printer WARNING: translation string unused: loaded modules WARNING: translation string unused: local hard disk @@ -464,11 +476,15 @@ WARNING: translation string unused: marked WARNING: translation string unused: max incoming size WARNING: translation string unused: max outgoing size WARNING: translation string unused: max size +WARNING: translation string unused: mbmon fan WARNING: translation string unused: mbmon fan in WARNING: translation string unused: mbmon graphs +WARNING: translation string unused: mbmon temp WARNING: translation string unused: mbmon temp in WARNING: translation string unused: mbmon value +WARNING: translation string unused: mbmon volt WARNING: translation string unused: meaning +WARNING: translation string unused: memory usage per WARNING: translation string unused: messages logging WARNING: translation string unused: min size WARNING: translation string unused: missing dat @@ -715,6 +731,7 @@ WARNING: translation string unused: subnet WARNING: translation string unused: subnet is invalid WARNING: translation string unused: subscripted user rules WARNING: translation string unused: successfully refreshed updates list +WARNING: translation string unused: swap usage per WARNING: translation string unused: system graphs WARNING: translation string unused: system has hwrng WARNING: translation string unused: system has rdrand @@ -750,6 +767,7 @@ WARNING: translation string unused: traffic calc time WARNING: translation string unused: traffic calc time bad WARNING: translation string unused: traffic info messages WARNING: translation string unused: traffic monitor +WARNING: translation string unused: traffic on WARNING: translation string unused: traffic shaping WARNING: translation string unused: traffic shaping settings WARNING: translation string unused: traffic warn level bad @@ -806,6 +824,7 @@ WARNING: translation string unused: upstream proxy host:port WARNING: translation string unused: upstream username WARNING: translation string unused: uptime WARNING: translation string unused: uptime and users +WARNING: translation string unused: uptime load average WARNING: translation string unused: urlfilter background image WARNING: translation string unused: urlfilter background text WARNING: translation string unused: urlfilter enable jpeg @@ -888,7 +907,6 @@ WARNING: untranslated string: Scan for Songs = unknown string WARNING: untranslated string: access point name = Access Point Name WARNING: untranslated string: access point name is invalid = Access Point Name is invalid WARNING: untranslated string: access point name is required = Access Point Name is required -WARNING: untranslated string: acpitemp = ACPI - Temperatures WARNING: untranslated string: administrator password = Administrator password WARNING: untranslated string: administrator username = Administrator username WARNING: untranslated string: advproxy AUTH method ntlm auth = Windows Active Directory @@ -1121,6 +1139,7 @@ WARNING: untranslated string: incoming overhead in bytes per second = Incoming O WARNING: untranslated string: info messages = unknown string WARNING: untranslated string: inodes = Index-Nodes WARNING: untranslated string: interface mode = Interface +WARNING: untranslated string: intrusion prevention system = Intrusion Prevention System WARNING: untranslated string: invalid input for inactivity timeout = Invalid input for Inactivity Timeout WARNING: untranslated string: invalid input for interface address = Invalid input for interface address WARNING: untranslated string: invalid input for interface mode = Invalid input for interface mode @@ -1162,6 +1181,7 @@ WARNING: untranslated string: ipsec routing table entries = IPsec Routing Table WARNING: untranslated string: ipsec settings = IPsec Settings WARNING: untranslated string: itlb multihit = iTLB MultiHit WARNING: untranslated string: link-layer encapsulation = Link-Layer Encapsulation +WARNING: untranslated string: load average = Load Average WARNING: untranslated string: local ip address = Local IP Address WARNING: untranslated string: location = Location WARNING: untranslated string: locationblock = Location Block @@ -1223,6 +1243,7 @@ WARNING: untranslated string: ovpn connection name = Connection Name WARNING: untranslated string: ovpn crypt options = Cryptographic options WARNING: untranslated string: ovpn error md5 = You host certificate uses MD5 for the signature which is not accepted anymore. <br>Please update to the latest IPFire version and generate a new root and host certificate.</br><br>All OpenVPN clients needs then to be renewed!</br> WARNING: untranslated string: ovpn ha = Hash algorithm +WARNING: untranslated string: ovpn roadwarrior server = OpenVPN Roadwarrior Server WARNING: untranslated string: ovpn rw connection log = OpenVPN Roadwarrior Connections Log WARNING: untranslated string: ovpn tls auth = TLS Channel Protection: WARNING: untranslated string: ovpn warning rfc3280 = Your host certificate is not RFC3280 compliant. <br>Please update to the latest IPFire version and generate as soon as possible a new root and host certificate.</br><br>All OpenVPN clients needs then to be renewed!</br> @@ -1240,6 +1261,7 @@ WARNING: untranslated string: pptp netconfig = My Net Config WARNING: untranslated string: pptp peer = Peer WARNING: untranslated string: pptp route = PPTP Route WARNING: untranslated string: processor vulnerability mitigations = Processor Vulnerability Mitigations +WARNING: untranslated string: processors = Processors WARNING: untranslated string: ptr = PTR WARNING: untranslated string: rdns = rDNS WARNING: untranslated string: rebooting ipfire fsck = Rebooting IPFire, forcing filesystem check diff --git a/doc/language_issues.pl b/doc/language_issues.pl index d15f00f917..0b3ce39a5b 100644 --- a/doc/language_issues.pl +++ b/doc/language_issues.pl @@ -12,6 +12,7 @@ WARNING: translation string unused: Remote VPN IP WARNING: translation string unused: Resolv WARNING: translation string unused: Subclass WARNING: translation string unused: TOS Bits +WARNING: translation string unused: Utilization on WARNING: translation string unused: Verbose WARNING: translation string unused: access allowed WARNING: translation string unused: access refused with this oinkcode @@ -155,6 +156,8 @@ WARNING: translation string unused: could not download the available updates lis WARNING: translation string unused: could not open available updates file WARNING: translation string unused: could not open installed updates file WARNING: translation string unused: could not open update information file +WARNING: translation string unused: cpu frequency per +WARNING: translation string unused: cpu usage per WARNING: translation string unused: create WARNING: translation string unused: create mask WARNING: translation string unused: create new backup @@ -201,6 +204,7 @@ WARNING: translation string unused: directory mask WARNING: translation string unused: directory writeable WARNING: translation string unused: disconnect WARNING: translation string unused: disconnects +WARNING: translation string unused: disk access WARNING: translation string unused: display charset WARNING: translation string unused: display traffic at home WARNING: translation string unused: display webinterface effects @@ -278,6 +282,7 @@ WARNING: translation string unused: external access rule removed WARNING: translation string unused: extrahd WARNING: translation string unused: filename WARNING: translation string unused: firewall graphs +WARNING: translation string unused: firewall hits per WARNING: translation string unused: firewall log viewer WARNING: translation string unused: firmware WARNING: translation string unused: firmware upload @@ -303,9 +308,15 @@ WARNING: translation string unused: generatekeys WARNING: translation string unused: generatepolicy WARNING: translation string unused: generatereport WARNING: translation string unused: genkey +WARNING: translation string unused: gpl i accept these terms and conditions +WARNING: translation string unused: gpl license agreement +WARNING: translation string unused: gpl please read carefully the general public license and accept it below +WARNING: translation string unused: gpl unofficial translation of the general public license v3 +WARNING: translation string unused: graph per WARNING: translation string unused: green interface WARNING: translation string unused: guest ok WARNING: translation string unused: gz with key +WARNING: translation string unused: harddisk temperature WARNING: translation string unused: harddisk temperature graphs WARNING: translation string unused: hint WARNING: translation string unused: host @@ -368,6 +379,7 @@ WARNING: translation string unused: lang WARNING: translation string unused: lateprompting WARNING: translation string unused: length WARNING: translation string unused: line +WARNING: translation string unused: linkq WARNING: translation string unused: load printer WARNING: translation string unused: loaded modules WARNING: translation string unused: local hard disk @@ -402,11 +414,15 @@ WARNING: translation string unused: marked WARNING: translation string unused: max incoming size WARNING: translation string unused: max outgoing size WARNING: translation string unused: max size +WARNING: translation string unused: mbmon fan WARNING: translation string unused: mbmon fan in WARNING: translation string unused: mbmon graphs +WARNING: translation string unused: mbmon temp WARNING: translation string unused: mbmon temp in WARNING: translation string unused: mbmon value +WARNING: translation string unused: mbmon volt WARNING: translation string unused: meaning +WARNING: translation string unused: memory usage per WARNING: translation string unused: messages logging WARNING: translation string unused: min size WARNING: translation string unused: missing dat @@ -641,6 +657,7 @@ WARNING: translation string unused: subnet WARNING: translation string unused: subnet is invalid WARNING: translation string unused: subscripted user rules WARNING: translation string unused: successfully refreshed updates list +WARNING: translation string unused: swap usage per WARNING: translation string unused: system graphs WARNING: translation string unused: system log viewer WARNING: translation string unused: system status information @@ -667,6 +684,7 @@ WARNING: translation string unused: traffic calc time WARNING: translation string unused: traffic calc time bad WARNING: translation string unused: traffic info messages WARNING: translation string unused: traffic monitor +WARNING: translation string unused: traffic on WARNING: translation string unused: traffic shaping WARNING: translation string unused: traffic shaping settings WARNING: translation string unused: traffic warn level bad @@ -806,7 +824,6 @@ WARNING: untranslated string: Scan for Songs = unknown string WARNING: untranslated string: access point name = Access Point Name WARNING: untranslated string: access point name is invalid = Access Point Name is invalid WARNING: untranslated string: access point name is required = Access Point Name is required -WARNING: untranslated string: acpitemp = ACPI - Temperatures WARNING: untranslated string: addons = Add-Ons WARNING: untranslated string: administrator password = Administrator password WARNING: untranslated string: administrator username = Administrator username @@ -1263,6 +1280,7 @@ WARNING: untranslated string: info messages = unknown string WARNING: untranslated string: inodes = Index-Nodes WARNING: untranslated string: integrity = Integrity: WARNING: untranslated string: interface mode = Interface +WARNING: untranslated string: intrusion prevention system = Intrusion Prevention System WARNING: untranslated string: invalid input for dpd delay = Invalid input for DPD delay WARNING: untranslated string: invalid input for dpd timeout = Invalid input for DPD timeout WARNING: untranslated string: invalid input for inactivity timeout = Invalid input for Inactivity Timeout @@ -1311,6 +1329,7 @@ WARNING: untranslated string: last = Last WARNING: untranslated string: least preferred = least preferred WARNING: untranslated string: lifetime = Lifetime: WARNING: untranslated string: link-layer encapsulation = Link-Layer Encapsulation +WARNING: untranslated string: load average = Load Average WARNING: untranslated string: local ip address = Local IP Address WARNING: untranslated string: location = Location WARNING: untranslated string: locationblock = Location Block @@ -1393,6 +1412,7 @@ WARNING: untranslated string: ovpn ha = Hash algorithm WARNING: untranslated string: ovpn mgmt in root range = A port number of 1024 or higher is required. WARNING: untranslated string: ovpn no connections = No active OpenVPN connections WARNING: untranslated string: ovpn port in root range = A port number of 1024 or higher is required. +WARNING: untranslated string: ovpn roadwarrior server = OpenVPN Roadwarrior Server WARNING: untranslated string: ovpn routes push = Routes (one per line) e.g. 192.168.10.0/255.255.255.0 192.168.20.0/24 WARNING: untranslated string: ovpn routes push options = Route push options WARNING: untranslated string: ovpn rw connection log = OpenVPN Roadwarrior Connections Log @@ -1413,6 +1433,7 @@ WARNING: untranslated string: pptp netconfig = My Net Config WARNING: untranslated string: pptp peer = Peer WARNING: untranslated string: pptp route = PPTP Route WARNING: untranslated string: processor vulnerability mitigations = Processor Vulnerability Mitigations +WARNING: untranslated string: processors = Processors WARNING: untranslated string: proxy reports = Proxy Reports WARNING: untranslated string: proxy reports daily = Daily reports WARNING: untranslated string: proxy reports monthly = Monthly reports @@ -1550,7 +1571,6 @@ WARNING: untranslated string: unlimited = Unlimited WARNING: untranslated string: updxlrtr passive mode = Delivery only/no download mode WARNING: untranslated string: uplink = Uplink WARNING: untranslated string: uplink bit rate = Uplink Bit Rate -WARNING: untranslated string: uptime load average = Load average WARNING: untranslated string: urlfilter redirect template = Redirect page template WARNING: untranslated string: user management = User Management WARNING: untranslated string: vendor = Vendor diff --git a/doc/language_issues.ru b/doc/language_issues.ru index d052eefac8..73823a7a81 100644 --- a/doc/language_issues.ru +++ b/doc/language_issues.ru @@ -12,6 +12,7 @@ WARNING: translation string unused: Remote VPN IP WARNING: translation string unused: Resolv WARNING: translation string unused: Subclass WARNING: translation string unused: TOS Bits +WARNING: translation string unused: Utilization on WARNING: translation string unused: Verbose WARNING: translation string unused: access allowed WARNING: translation string unused: access refused with this oinkcode @@ -155,6 +156,8 @@ WARNING: translation string unused: could not download the available updates lis WARNING: translation string unused: could not open available updates file WARNING: translation string unused: could not open installed updates file WARNING: translation string unused: could not open update information file +WARNING: translation string unused: cpu frequency per +WARNING: translation string unused: cpu usage per WARNING: translation string unused: create WARNING: translation string unused: create mask WARNING: translation string unused: create new backup @@ -277,6 +280,7 @@ WARNING: translation string unused: external access rule removed WARNING: translation string unused: extrahd WARNING: translation string unused: filename WARNING: translation string unused: firewall graphs +WARNING: translation string unused: firewall hits per WARNING: translation string unused: firewall log viewer WARNING: translation string unused: firmware WARNING: translation string unused: firmware upload @@ -301,9 +305,15 @@ WARNING: translation string unused: generatekeys WARNING: translation string unused: generatepolicy WARNING: translation string unused: generatereport WARNING: translation string unused: genkey +WARNING: translation string unused: gpl i accept these terms and conditions +WARNING: translation string unused: gpl license agreement +WARNING: translation string unused: gpl please read carefully the general public license and accept it below +WARNING: translation string unused: gpl unofficial translation of the general public license v3 +WARNING: translation string unused: graph per WARNING: translation string unused: green interface WARNING: translation string unused: guest ok WARNING: translation string unused: gz with key +WARNING: translation string unused: harddisk temperature WARNING: translation string unused: harddisk temperature graphs WARNING: translation string unused: hint WARNING: translation string unused: host @@ -365,6 +375,7 @@ WARNING: translation string unused: lang WARNING: translation string unused: lateprompting WARNING: translation string unused: length WARNING: translation string unused: line +WARNING: translation string unused: linkq WARNING: translation string unused: load printer WARNING: translation string unused: loaded modules WARNING: translation string unused: local hard disk @@ -399,11 +410,15 @@ WARNING: translation string unused: marked WARNING: translation string unused: max incoming size WARNING: translation string unused: max outgoing size WARNING: translation string unused: max size +WARNING: translation string unused: mbmon fan WARNING: translation string unused: mbmon fan in WARNING: translation string unused: mbmon graphs +WARNING: translation string unused: mbmon temp WARNING: translation string unused: mbmon temp in WARNING: translation string unused: mbmon value +WARNING: translation string unused: mbmon volt WARNING: translation string unused: meaning +WARNING: translation string unused: memory usage per WARNING: translation string unused: messages logging WARNING: translation string unused: min size WARNING: translation string unused: missing dat @@ -637,6 +652,7 @@ WARNING: translation string unused: subnet WARNING: translation string unused: subnet is invalid WARNING: translation string unused: subscripted user rules WARNING: translation string unused: successfully refreshed updates list +WARNING: translation string unused: swap usage per WARNING: translation string unused: system graphs WARNING: translation string unused: system log viewer WARNING: translation string unused: system status information @@ -663,6 +679,7 @@ WARNING: translation string unused: traffic calc time WARNING: translation string unused: traffic calc time bad WARNING: translation string unused: traffic info messages WARNING: translation string unused: traffic monitor +WARNING: translation string unused: traffic on WARNING: translation string unused: traffic shaping WARNING: translation string unused: traffic shaping settings WARNING: translation string unused: traffic warn level bad @@ -802,7 +819,6 @@ WARNING: untranslated string: Scan for Songs = unknown string WARNING: untranslated string: access point name = Access Point Name WARNING: untranslated string: access point name is invalid = Access Point Name is invalid WARNING: untranslated string: access point name is required = Access Point Name is required -WARNING: untranslated string: acpitemp = ACPI - Temperatures WARNING: untranslated string: addons = Add-Ons WARNING: untranslated string: administrator password = Administrator password WARNING: untranslated string: administrator username = Administrator username @@ -921,7 +937,6 @@ WARNING: untranslated string: dhcp make fixed lease = Add to fix leases WARNING: untranslated string: dhcp valid range required when deny known clients checked = Valid range required when "Deny known clients:" is checked WARNING: untranslated string: disable = Disable WARNING: untranslated string: disconnected = Disconnected -WARNING: untranslated string: disk access = Disk Access WARNING: untranslated string: dl client arch insecure = Download insecure Client Package (zip) WARNING: untranslated string: dnat address = Firewall Interface WARNING: untranslated string: dns check servers = Check DNS Servers @@ -1261,6 +1276,7 @@ WARNING: untranslated string: info messages = unknown string WARNING: untranslated string: inodes = Index-Nodes WARNING: untranslated string: integrity = Integrity: WARNING: untranslated string: interface mode = Interface +WARNING: untranslated string: intrusion prevention system = Intrusion Prevention System WARNING: untranslated string: invalid input for dpd delay = Invalid input for DPD delay WARNING: untranslated string: invalid input for dpd timeout = Invalid input for DPD timeout WARNING: untranslated string: invalid input for inactivity timeout = Invalid input for Inactivity Timeout @@ -1309,6 +1325,7 @@ WARNING: untranslated string: last = Last WARNING: untranslated string: least preferred = least preferred WARNING: untranslated string: lifetime = Lifetime: WARNING: untranslated string: link-layer encapsulation = Link-Layer Encapsulation +WARNING: untranslated string: load average = Load Average WARNING: untranslated string: local ip address = Local IP Address WARNING: untranslated string: location = Location WARNING: untranslated string: locationblock = Location Block @@ -1390,6 +1407,7 @@ WARNING: untranslated string: ovpn ha = Hash algorithm WARNING: untranslated string: ovpn mgmt in root range = A port number of 1024 or higher is required. WARNING: untranslated string: ovpn no connections = No active OpenVPN connections WARNING: untranslated string: ovpn port in root range = A port number of 1024 or higher is required. +WARNING: untranslated string: ovpn roadwarrior server = OpenVPN Roadwarrior Server WARNING: untranslated string: ovpn rw connection log = OpenVPN Roadwarrior Connections Log WARNING: untranslated string: ovpn tls auth = TLS Channel Protection: WARNING: untranslated string: ovpn warning rfc3280 = Your host certificate is not RFC3280 compliant. <br>Please update to the latest IPFire version and generate as soon as possible a new root and host certificate.</br><br>All OpenVPN clients needs then to be renewed!</br> @@ -1408,6 +1426,7 @@ WARNING: untranslated string: pptp netconfig = My Net Config WARNING: untranslated string: pptp peer = Peer WARNING: untranslated string: pptp route = PPTP Route WARNING: untranslated string: processor vulnerability mitigations = Processor Vulnerability Mitigations +WARNING: untranslated string: processors = Processors WARNING: untranslated string: proxy reports = Proxy Reports WARNING: untranslated string: proxy reports daily = Daily reports WARNING: untranslated string: proxy reports monthly = Monthly reports @@ -1545,7 +1564,6 @@ WARNING: untranslated string: unlimited = Unlimited WARNING: untranslated string: updxlrtr passive mode = Delivery only/no download mode WARNING: untranslated string: uplink = Uplink WARNING: untranslated string: uplink bit rate = Uplink Bit Rate -WARNING: untranslated string: uptime load average = Load average WARNING: untranslated string: urlfilter redirect template = Redirect page template WARNING: untranslated string: user management = User Management WARNING: untranslated string: vendor = Vendor diff --git a/doc/language_issues.tr b/doc/language_issues.tr index 6e077d5863..9cc962515b 100644 --- a/doc/language_issues.tr +++ b/doc/language_issues.tr @@ -33,6 +33,7 @@ WARNING: translation string unused: Remote VPN IP WARNING: translation string unused: Resolv WARNING: translation string unused: Subclass WARNING: translation string unused: TOS Bits +WARNING: translation string unused: Utilization on WARNING: translation string unused: Verbose WARNING: translation string unused: access allowed WARNING: translation string unused: access refused with this oinkcode @@ -185,6 +186,8 @@ WARNING: translation string unused: could not download the available updates lis WARNING: translation string unused: could not open available updates file WARNING: translation string unused: could not open installed updates file WARNING: translation string unused: could not open update information file +WARNING: translation string unused: cpu frequency per +WARNING: translation string unused: cpu usage per WARNING: translation string unused: create WARNING: translation string unused: create mask WARNING: translation string unused: create new backup @@ -233,6 +236,7 @@ WARNING: translation string unused: directory mask WARNING: translation string unused: directory writeable WARNING: translation string unused: disconnect WARNING: translation string unused: disconnects +WARNING: translation string unused: disk access WARNING: translation string unused: display charset WARNING: translation string unused: display traffic at home WARNING: translation string unused: display webinterface effects @@ -321,6 +325,7 @@ WARNING: translation string unused: extrahd to root WARNING: translation string unused: extrahd unable to read WARNING: translation string unused: extrahd unable to write WARNING: translation string unused: filename +WARNING: translation string unused: firewall hits per WARNING: translation string unused: firmware WARNING: translation string unused: firmware upload WARNING: translation string unused: force update @@ -388,9 +393,15 @@ WARNING: translation string unused: generatekeys WARNING: translation string unused: generatepolicy WARNING: translation string unused: generatereport WARNING: translation string unused: genkey +WARNING: translation string unused: gpl i accept these terms and conditions +WARNING: translation string unused: gpl license agreement +WARNING: translation string unused: gpl please read carefully the general public license and accept it below +WARNING: translation string unused: gpl unofficial translation of the general public license v3 +WARNING: translation string unused: graph per WARNING: translation string unused: green interface WARNING: translation string unused: guest ok WARNING: translation string unused: gz with key +WARNING: translation string unused: harddisk temperature WARNING: translation string unused: harddisk temperature graphs WARNING: translation string unused: hint WARNING: translation string unused: host @@ -454,6 +465,7 @@ WARNING: translation string unused: lang WARNING: translation string unused: lateprompting WARNING: translation string unused: length WARNING: translation string unused: line +WARNING: translation string unused: linkq WARNING: translation string unused: load printer WARNING: translation string unused: loaded modules WARNING: translation string unused: local hard disk @@ -491,11 +503,15 @@ WARNING: translation string unused: marked WARNING: translation string unused: max incoming size WARNING: translation string unused: max outgoing size WARNING: translation string unused: max size +WARNING: translation string unused: mbmon fan WARNING: translation string unused: mbmon fan in WARNING: translation string unused: mbmon graphs +WARNING: translation string unused: mbmon temp WARNING: translation string unused: mbmon temp in WARNING: translation string unused: mbmon value +WARNING: translation string unused: mbmon volt WARNING: translation string unused: meaning +WARNING: translation string unused: memory usage per WARNING: translation string unused: messages logging WARNING: translation string unused: min size WARNING: translation string unused: missing dat @@ -745,6 +761,7 @@ WARNING: translation string unused: subnet WARNING: translation string unused: subnet is invalid WARNING: translation string unused: subscripted user rules WARNING: translation string unused: successfully refreshed updates list +WARNING: translation string unused: swap usage per WARNING: translation string unused: system graphs WARNING: translation string unused: system log viewer WARNING: translation string unused: system status information @@ -779,6 +796,7 @@ WARNING: translation string unused: traffic calc time WARNING: translation string unused: traffic calc time bad WARNING: translation string unused: traffic info messages WARNING: translation string unused: traffic monitor +WARNING: translation string unused: traffic on WARNING: translation string unused: traffic shaping WARNING: translation string unused: traffic shaping settings WARNING: translation string unused: traffic warn level bad @@ -835,6 +853,7 @@ WARNING: translation string unused: upstream proxy host:port WARNING: translation string unused: upstream username WARNING: translation string unused: uptime WARNING: translation string unused: uptime and users +WARNING: translation string unused: uptime load average WARNING: translation string unused: urlfilter background image WARNING: translation string unused: urlfilter background text WARNING: translation string unused: urlfilter enable jpeg @@ -881,7 +900,6 @@ WARNING: untranslated string: Scan for Songs = unknown string WARNING: untranslated string: access point name = Access Point Name WARNING: untranslated string: access point name is invalid = Access Point Name is invalid WARNING: untranslated string: access point name is required = Access Point Name is required -WARNING: untranslated string: acpitemp = ACPI - Temperatures WARNING: untranslated string: advproxy asbased anomaly detection = Anomaly detections based on Autonomous Systems information WARNING: untranslated string: advproxy errmsg invalid url = Invalid URL WARNING: untranslated string: advproxy errmsg wpad invalid ip or mask = WPAD: Invalid IP or subnet for excluded IP subnet @@ -1053,6 +1071,7 @@ WARNING: untranslated string: ids working = Changes are being applied. Please wa WARNING: untranslated string: info messages = unknown string WARNING: untranslated string: inodes = Index-Nodes WARNING: untranslated string: interface mode = Interface +WARNING: untranslated string: intrusion prevention system = Intrusion Prevention System WARNING: untranslated string: invalid input for interface address = Invalid input for interface address WARNING: untranslated string: invalid input for interface mode = Invalid input for interface mode WARNING: untranslated string: invalid input for interface mtu = Invalid input to interface MTU @@ -1091,6 +1110,7 @@ WARNING: untranslated string: ipsec routing table entries = IPsec Routing Table WARNING: untranslated string: ipsec settings = IPsec Settings WARNING: untranslated string: itlb multihit = iTLB MultiHit WARNING: untranslated string: link-layer encapsulation = Link-Layer Encapsulation +WARNING: untranslated string: load average = Load Average WARNING: untranslated string: local ip address = Local IP Address WARNING: untranslated string: log drop hostile in = Log dropped packets FROM hostile networks WARNING: untranslated string: log drop hostile out = Log dropped packets TO hostile networks @@ -1111,6 +1131,7 @@ WARNING: untranslated string: optional = Optional WARNING: untranslated string: otp qrcode = OTP QRCode WARNING: untranslated string: ovpn connection name = Connection Name WARNING: untranslated string: ovpn error md5 = You host certificate uses MD5 for the signature which is not accepted anymore. <br>Please update to the latest IPFire version and generate a new root and host certificate.</br><br>All OpenVPN clients needs then to be renewed!</br> +WARNING: untranslated string: ovpn roadwarrior server = OpenVPN Roadwarrior Server WARNING: untranslated string: ovpn rw connection log = OpenVPN Roadwarrior Connections Log WARNING: untranslated string: ovpn tls auth = TLS Channel Protection: WARNING: untranslated string: ovpn warning rfc3280 = Your host certificate is not RFC3280 compliant. <br>Please update to the latest IPFire version and generate as soon as possible a new root and host certificate.</br><br>All OpenVPN clients needs then to be renewed!</br> @@ -1126,6 +1147,7 @@ WARNING: untranslated string: pakfire tree testing = Testing WARNING: untranslated string: pakfire tree unstable = Unstable WARNING: untranslated string: please reboot to apply your changes = Please reboot to apply your changes WARNING: untranslated string: processor vulnerability mitigations = Processor Vulnerability Mitigations +WARNING: untranslated string: processors = Processors WARNING: untranslated string: ptr = PTR WARNING: untranslated string: reboot fsck = Reboot & run ‘fsck’ WARNING: untranslated string: rebooting ipfire fsck = Rebooting IPFire, forcing filesystem check diff --git a/doc/language_missings b/doc/language_missings index 4c657f0997..05fff37d10 100644 --- a/doc/language_missings +++ b/doc/language_missings @@ -78,6 +78,7 @@ < notes < okay < optional +< ovpn roadwarrior server < quick control < random number generator daemon < regenerate host certificate @@ -130,10 +131,13 @@ < ids provider eol < ids unsupported provider < invalid ip or hostname +< load average < log drop hostile in < log drop hostile out < openvpn cert expires soon < openvpn cert has expired +< ovpn roadwarrior server +< processors < regenerate host certificate < reg_file_data_sampling < reiserfs warning1 @@ -158,6 +162,9 @@ < hostile networks total < ids provider eol < ids unsupported provider +< load average +< ovpn roadwarrior server +< processors < reg_file_data_sampling < system time < timeformat @@ -478,6 +485,7 @@ < itlb multihit < legacy architecture warning < link-layer encapsulation +< load average < local ip address < location < locationblock @@ -526,6 +534,7 @@ < ovpn add conf < ovpn connection name < ovpn error md5 +< ovpn roadwarrior server < ovpn rw connection log < ovpn tls auth < ovpn warning rfc3280 @@ -543,6 +552,7 @@ < pptp netconfig < pptp peer < pptp route +< processors < processor vulnerability mitigations < ptr < random number generator daemon @@ -1010,6 +1020,7 @@ < itlb multihit < legacy architecture warning < link-layer encapsulation +< load average < local ip address < location < locationblock @@ -1079,6 +1090,7 @@ < ovpn generating the root and host certificates < ovpn ha < ovpn reneg sec +< ovpn roadwarrior server < ovpn rw connection log < ovpn tls auth < ovpn warning rfc3280 @@ -1095,6 +1107,7 @@ < pptp netconfig < pptp peer < pptp route +< processors < processor vulnerability mitigations < ptr < random number generator daemon @@ -1855,6 +1868,7 @@ < legacy architecture warning < lifetime < link-layer encapsulation +< load average < local ip address < location < locationblock @@ -1959,6 +1973,7 @@ < ovpn no connections < ovpn port in root range < ovpn reneg sec +< ovpn roadwarrior server < ovpn routes push < ovpn routes push options < ovpn rw connection log @@ -1978,6 +1993,7 @@ < pptp netconfig < pptp peer < pptp route +< processors < processor vulnerability mitigations < proxy reports < proxy reports daily @@ -2859,6 +2875,7 @@ < legacy architecture warning < lifetime < link-layer encapsulation +< load average < local ip address < location < locationblock @@ -2963,6 +2980,7 @@ < ovpn no connections < ovpn port in root range < ovpn reneg sec +< ovpn roadwarrior server < ovpn rw connection log < ovpn tls auth < ovpn warning rfc3280 @@ -2980,6 +2998,7 @@ < pptp netconfig < pptp peer < pptp route +< processors < processor vulnerability mitigations < proxy reports < proxy reports daily @@ -3436,6 +3455,7 @@ < itlb multihit < legacy architecture warning < link-layer encapsulation +< load average < local ip address < log drop hostile in < log drop hostile out @@ -3456,6 +3476,7 @@ < otp qrcode < ovpn connection name < ovpn error md5 +< ovpn roadwarrior server < ovpn rw connection log < ovpn tls auth < ovpn warning rfc3280 @@ -3470,6 +3491,7 @@ < pakfire tree unstable < pak update < please reboot to apply your changes +< processors < processor vulnerability mitigations < ptr < random number generator daemon diff --git a/html/cgi-bin/gpl.cgi b/html/cgi-bin/gpl.cgi deleted file mode 100644 index 029b048e8c..0000000000 --- a/html/cgi-bin/gpl.cgi +++ /dev/null @@ -1,101 +0,0 @@ -#!/usr/bin/perl -############################################################################### -# # -# IPFire.org - A linux based firewall # -# Copyright (C) 2007-2012 IPFire Team <info(a)ipfire.org> # -# # -# This program is free software: you can redistribute it and/or modify # -# it under the terms of the GNU General Public License as published by # -# the Free Software Foundation, either version 3 of the License, or # -# (at your option) any later version. # -# # -# This program is distributed in the hope that it will be useful, # -# but WITHOUT ANY WARRANTY; without even the implied warranty of # -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # -# GNU General Public License for more details. # -# # -# You should have received a copy of the GNU General Public License # -# along with this program. If not, see <http://www.gnu.org/licenses/>. # -# # -############################################################################### - -use strict; -# enable only the following on debugging purpose -#use warnings; -#use CGI::Carp 'fatalsToBrowser'; - -require '/var/ipfire/general-functions.pl'; -require "${General::swroot}/lang.pl"; -require "${General::swroot}/header.pl"; -require "/opt/pakfire/lib/functions.pl"; - -# If the license has already been accepted. -if ( -e "/var/ipfire/main/gpl_accepted" ) { - &redirect(); -} - -my %cgiparams; -$cgiparams{'ACTION'} = ''; - -&Header::getcgihash(\%cgiparams); - -# Check if the license agreement has been accepted. -if ($cgiparams{'ACTION'} eq "$Lang::tr{'yes'}" && $cgiparams{'gpl_accepted'} eq '1') { - open(FILE, ">/var/ipfire/main/gpl_accepted"); - close(FILE); - - &redirect(); -} - -&Header::showhttpheaders(); - -&Header::openpage($Lang::tr{'main page'}, 1); -&Header::openbigbox('', 'center'); - -&Header::openbox('100%', 'left', $Lang::tr{'gpl license agreement'}); -print <<END; - $Lang::tr{'gpl please read carefully the general public license and accept it below'}. - <br /><br /> -END -; -if ( -e "/usr/share/doc/licenses/GPLv3" ) { - print '<textarea rows=\'25\' cols=\'75\' readonly=\'readonly\'>'; - - # Open and read-in GPL file content. - open(FILE, "/usr/share/doc/licenses/GPLv3"); - - # Grab license. - my @license = <FILE>; - - # Close filehandle. - close(FILE); - - # Print license to textarea. - print "@license"; - - print '</textarea>'; -} -else { - print '<br /><a href=\'http://www.gnu.org/licenses/gpl-3.0.txt\' target=\'_blank\'>GNU GENERAL PUBLIC LICENSE</a><br />'; -} -print <<END; - <p> - <form method='post' action='$ENV{'SCRIPT_NAME'}'> - <input type='checkbox' name='gpl_accepted' value='1'/> $Lang::tr{'gpl i accept these terms and conditions'}. - <br/ > - <input type='submit' name='ACTION' value='$Lang::tr{'yes'}' /> - </form> - </p> - <a href='http://www.gnu.org/licenses/translations.html' target='_blank'>$Lang::tr{'gpl unofficial translation of the general public license v3'}</a> - -END - -&Header::closebox(); -&Header::closebigbox(); -&Header::closepage(); - -sub redirect { - print "Status: 302 Moved Temporarily\n"; - print "Location: index.cgi\n\n"; - exit (0); -} diff --git a/html/cgi-bin/index.cgi b/html/cgi-bin/index.cgi index 5e32ce0381..ed186cd1f0 100644 --- a/html/cgi-bin/index.cgi +++ b/html/cgi-bin/index.cgi @@ -48,12 +48,6 @@ my $showbox=0; my $showipsec=0; my $showovpn=0; -if ( ! -e "/var/ipfire/main/gpl_accepted" ) { - print "Status: 302 Moved Temporarily\n"; - print "Location: gpl.cgi\n\n"; - exit (0); -} - &Header::showhttpheaders(); $cgiparams{'ACTION'} = ''; @@ -74,12 +68,10 @@ my %mainsettings = (); my $connstate = &Header::connectionstatus(); -if ( -e "/var/ipfire/main/gpl_accepted" ) { - if ($connstate =~ /$Lang::tr{'connecting'}/ || /$Lang::tr{'connection closed'}/ ){ - $refresh = "<meta http-equiv='refresh' content='5;'>"; - }elsif ($connstate =~ /$Lang::tr{'dod waiting'}/ || -e "${General::swroot}/main/refreshindex") { - $refresh = "<meta http-equiv='refresh' content='30;'>"; - } +if ($connstate =~ /$Lang::tr{'connecting'}/ || /$Lang::tr{'connection closed'}/ ){ + $refresh = "<meta http-equiv='refresh' content='5;'>"; +} elsif ($connstate =~ /$Lang::tr{'dod waiting'}/ || -e "${General::swroot}/main/refreshindex") { + $refresh = "<meta http-equiv='refresh' content='30;'>"; } if ($cgiparams{'ACTION'} eq $Lang::tr{'dial profile'}) @@ -151,7 +143,7 @@ if (open(IPADDR,"${General::swroot}/red/local-ipaddress")) { chomp ($ipaddr); } -&Header::openbox('100%', 'center', ''); +&Header::opensection(); if ( ( $pppsettings{'VALID'} eq 'yes' && $modemsettings{'VALID'} eq 'yes' ) || ( $netsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/ && $netsettings{'RED_TYPE'} =~ /^(DHCP|STATIC)$/ )) { if (open(IPADDR,"${General::swroot}/ddns/ipcache")) { $ipaddr = <IPADDR>; @@ -171,7 +163,7 @@ if ( ( $pppsettings{'VALID'} eq 'yes' && $modemsettings{'VALID'} eq 'yes' ) || ( print <<END;  -<table class='tbl' style='width:80%;'> +<table class='tbl'> <tr> <th>$Lang::tr{'network'}</th> <th>$Lang::tr{'ip address'}</th> @@ -247,7 +239,7 @@ if ( $netsettings{'RED_TYPE'} ne "STATIC" && $netsettings{'RED_TYPE'} ne "DHCP" if ( ( $pppsettings{'VALID'} eq 'yes' ) || ( $netsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/ && $netsettings{'RED_TYPE'} =~ /^(DHCP|STATIC)$/ ) ) { print <<END; <br/> - <table style='width:80%;'> + <table> <tr><td> <form method='post' action='$ENV{'SCRIPT_NAME'}'>$Lang::tr{'profile'}: <select name='PROFILE'> @@ -292,7 +284,7 @@ END print <<END; <br/> -<table class='tbl' style='width:80%;'> +<table class='tbl'> <tr> <th>$Lang::tr{'network'}</th> <th>$Lang::tr{'ip address'}</th> @@ -380,7 +372,7 @@ print <<END; END } print"</table>"; -&Header::closebox(); +&Header::closesection(); #Check if there are any vpns configured (ipsec and openvpn) &General::readhasharray("${General::swroot}/vpn/config", \%vpnconfig); @@ -402,7 +394,7 @@ foreach my $dkey (sort { ncmp($ovpnconfig{$a}[1],$ovpnconfig{$b}[1])} keys %ovpn if ($showbox){ # Start of Box wich contains all vpn connections - &Header::openbox('100%', 'center', $Lang::tr{'vpn'}); + &Header::opensection(); #show ipsec connectiontable if ( $showipsec ) { @@ -414,7 +406,7 @@ if ($showbox){ my $col=""; my $count=0; print <<END; - <table class='tbl' style='width:80%;'> + <table class='tbl'> <tr> <th style='width:40%;'>$Lang::tr{'ipsec network'}</th> <th style='width:30%;'>$Lang::tr{'ip address'}</th> @@ -478,7 +470,7 @@ END if ( $showovpn ){ print <<END; <br/> - <table class='tbl' style='width:80%;'> + <table class='tbl'> <tr> <th style='width:40%;'>$Lang::tr{'openvpn network'}</th> <th style='width:30%;'>$Lang::tr{'ip address'}</th> @@ -533,29 +525,15 @@ END } print"</table>"; } -&Header::closebox(); -} -# Fireinfo -if ( ! -e "/var/ipfire/main/send_profile") { - $warnmessage .= "<li><a style='color: white;' href='fireinfo.cgi'>$Lang::tr{'fireinfo please enable'}</a></li>"; + &Header::closesection(); } -# EOL architecture -my ($sysname, $nodename, $release, $version, $machine) = &POSIX::uname(); -if ($machine =~ m/^arm/) { - $warnmessage .= "<li><a href='https://wiki.ipfire.org/hardware/requirements' style='color:white;'>$Lang::tr{'eol architecture warning'}</a></li>"; -} +my @warnings = (); -# Memory usage warning -my @free = `/usr/bin/free`; -$free[1] =~ m/(\d+)/; -my $mem = $1; -$free[2] =~ m/(\d+)/; -my $used = $1; -my $pct = int 100 * ($mem - $used) / $mem; -if ($used / $mem > 90) { - $warnmessage .= "<li>$Lang::tr{'high memory usage'}: $pct% !</li>"; +# Fireinfo +if ( ! -e "/var/ipfire/main/send_profile") { + push(@warnings, "<a href='fireinfo.cgi'>$Lang::tr{'fireinfo please enable'}</a>"); } # Diskspace usage warning @@ -571,7 +549,7 @@ foreach my $line (@df) { if ($1<5) { # available:plain value in MB, and not %used as 10% is too much to waste on small disk # and root size should not vary during time - $warnmessage .= "<li>$Lang::tr{'filesystem full'}: $temp[0] <b>$Lang::tr{'free'}=$1M</b> !</li>"; + push(@warnings, "$Lang::tr{'filesystem full'}: $temp[0] <b>$Lang::tr{'free'}=$1M</b>"); } } else { @@ -580,7 +558,7 @@ foreach my $line (@df) { if ($1>90) { @temp = split(/ /,$line); $temp2=int(100-$1); - $warnmessage .= "<li>$Lang::tr{'filesystem full'}: $temp[0] <b>$Lang::tr{'free'}=$temp2%</b> !</li>"; + push(@warnings, "$Lang::tr{'filesystem full'}: $temp[0] <b>$Lang::tr{'free'}=$temp2%</b>"); } } } @@ -592,35 +570,36 @@ foreach my $file (@files) { my $disk=`echo $file | cut -d"-" -f2`; chomp ($disk); if (`/bin/grep "SAVE ALL DATA" $file`) { - $warnmessage .= "<li>$Lang::tr{'smartwarn1'} /dev/$disk $Lang::tr{'smartwarn2'} !</li>"; + push(@warnings, "$Lang::tr{'smartwarn1'} /dev/$disk $Lang::tr{'smartwarn2'}"); } } -if ($warnmessage) { - &Header::openbox('100%','center', ); - print "<table class='tbl' style='width:80%;'>"; - print "<tr><th>$Lang::tr{'fwhost hint'}</th></tr>"; - print "<tr><td style='color:white; background-color:$Header::colourred;'>$warnmessage</td></tr>"; - print "</table>"; - &Header::closebox(); -} - my %coredb = &Pakfire::coredbinfo(); if (defined $coredb{'AvailableRelease'}) { - print "<br /><br /><br /><a href='pakfire.cgi'>$Lang::tr{'core notice 1'} $coredb{'Release'} $Lang::tr{'core notice 2'} $coredb{'AvailableRelease'} $Lang::tr{'core notice 3'}</a>"; + push(@warnings, "<a href='pakfire.cgi'>$Lang::tr{'core notice 1'} $coredb{'Release'} $Lang::tr{'core notice 2'} $coredb{'AvailableRelease'} $Lang::tr{'core notice 3'}</a>"); } if ( -e "/var/run/need_reboot" ) { - print "<div style='text-align:center; color:red;'>"; - print "<br/><br/>$Lang::tr{'needreboot'}!"; - print "</div>"; + push(@warnings, $Lang::tr{'needreboot'}); } if ( `/bin/grep -c "reiserfs" /proc/self/mounts` > 0 ) { - print "<div style='text-align:center; color:blue;'>"; - print "<br/><br/>$Lang::tr{'reiserfs warning1'}"; - print "<br/>$Lang::tr{'reiserfs warning2'}"; - print "</div>"; + push (@warnings, $Lang::tr{'reiserfs warning1'} . " " . $Lang::tr{'reiserfs warning2'}); +} + +# Show any warnings +if (@warnings) { + &Header::opensection(); + + print "<ul class=\"notes\">\n"; + + foreach my $warning (@warnings) { + print "<li class=\"is-warning\">$warning</li>\n"; + } + + print "</ul>\n"; + + &Header::closesection(); } &Header::closebigbox(); diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index f0172978f0..5cf2f5eab0 100755 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -5247,6 +5247,15 @@ END $activeonrun = "disabled='disabled'"; } &Header::openbox('100%', 'LEFT', $Lang::tr{'global settings'}); + + # Show the service status + &Header::ServiceStatus({ + $Lang::tr{'ovpn roadwarrior server'} => { + "process" => "openvpn", + "pidfile" => "/var/run/openvpn.pid", + } + }); + print <<END; <table width='100%' border='0'> <form method='post'> diff --git a/html/cgi-bin/services.cgi b/html/cgi-bin/services.cgi index e1e901c4ee..a95c69e10c 100644 --- a/html/cgi-bin/services.cgi +++ b/html/cgi-bin/services.cgi @@ -43,101 +43,82 @@ my %netsettings=(); my @dummy = ( ${Header::colourred} ); undef (@dummy); - my %cgiparams=(); -# Maps a nice printable name to the changing part of the pid file, which -# is also the name of the program -my %servicenames =( - $Lang::tr{'dhcp server'} => 'dhcpd', - $Lang::tr{'web server'} => 'httpd', - $Lang::tr{'cron server'} => 'fcron', - $Lang::tr{'dns proxy server'} => 'unbound', - $Lang::tr{'logging server'} => 'syslogd', - $Lang::tr{'kernel logging server'} => 'klogd', - $Lang::tr{'ntp server'} => 'ntpd', - $Lang::tr{'secure shell server'} => 'sshd', - $Lang::tr{'vpn'} => 'charon', - $Lang::tr{'web proxy'} => 'squid', - $Lang::tr{'intrusion detection system'} => 'suricata', - 'OpenVPN' => 'openvpn' -); - -my %link =( - $Lang::tr{'dhcp server'} => "<a href=\'dhcp.cgi\'>$Lang::tr{'dhcp server'}</a>", - $Lang::tr{'web server'} => $Lang::tr{'web server'}, - $Lang::tr{'cron server'} => $Lang::tr{'cron server'}, - $Lang::tr{'dns proxy server'} => "<a href=\'dns.cgi\'>$Lang::tr{'dns proxy server'}</a>", - $Lang::tr{'logging server'} => $Lang::tr{'logging server'}, - $Lang::tr{'kernel logging server'} => $Lang::tr{'kernel logging server'}, - $Lang::tr{'ntp server'} => "<a href=\'time.cgi\'>$Lang::tr{'ntp server'}</a>", - $Lang::tr{'secure shell server'} => "<a href=\'remote.cgi\'>$Lang::tr{'secure shell server'}</a>", - $Lang::tr{'vpn'} => "<a href=\'vpnmain.cgi\'>$Lang::tr{'vpn'}</a>", - $Lang::tr{'web proxy'} => "<a href=\'proxy.cgi\'>$Lang::tr{'web proxy'}</a>", - 'OpenVPN' => "<a href=\'ovpnmain.cgi\'>OpenVPN</a>", - "$Lang::tr{'intrusion detection system'}" => "<a href=\'ids.cgi\'>$Lang::tr{'intrusion detection system'}</a>", -); - -# Hash to overwrite the process name of a process if it differs fromt the launch command. -my %overwrite_exename_hash = ( - "suricata" => "Suricata-Main" -); - -my $lines=0; # Used to count the outputlines to make different bgcolor my @querry = split(/\?/,$ENV{'QUERY_STRING'}); $querry[0] = '' unless defined $querry[0]; $querry[1] = 'hour' unless defined $querry[1]; -if ( $querry[0] =~ "processescpu"){ - print "Content-type: image/png\n\n"; - binmode(STDOUT); - &Graphs::updateprocessescpugraph($querry[1]); -}elsif ( $querry[0] =~ "processesmemory"){ - print "Content-type: image/png\n\n"; - binmode(STDOUT); - &Graphs::updateprocessesmemorygraph($querry[1]); -}else{ &Header::showhttpheaders(); &Header::openpage($Lang::tr{'status information'}, 1, ''); &Header::openbigbox('100%', 'left'); - &Header::openbox('100%', 'left', $Lang::tr{'services'}); - print <<END -<div align='center'> -<table width='80%' cellspacing='1' class='tbl'> -<tr> - <th align='left'><b>$Lang::tr{'service'}</b></th> - <th align='center' ><b>$Lang::tr{'status'}</b></th> - <th align='center'><b>PID</b></th> - <th align='center'><b>$Lang::tr{'memory'}</b></th> -</tr> -END -; - my $key = ''; - my $col=""; - foreach $key (sort keys %servicenames){ - $lines++; - if ($lines % 2){ - $col="bgcolor='$color{'color22'}'"; - print "<tr><td align='left' $col>"; - print $link{$key}; - print "</td>"; - }else{ - $col="bgcolor='$color{'color20'}'"; - print "<tr><td align='left' $col>"; - print $link{$key}; - print "</td>"; + &Header::opensection(); + + &Header::ServiceStatus({ + # DHCP Server + $Lang::tr{'dhcp server'} => { + "process" => "dhcpd", + }, + + # Web Server + $Lang::tr{'web server'} => { + "process" => "httpd", + }, + + # Cron Server + $Lang::tr{'cron server'} => { + "process" => "fcron", + }, + + # DNS Proxy + $Lang::tr{'dns proxy server'} => { + "process" => "unbound", + }, + + # Syslog + $Lang::tr{'logging server'} => { + "process" => "syslogd", + }, + + # Kernel Logger + $Lang::tr{'kernel logging server'} => { + "process" => "klogd", + }, + + # Time Server + $Lang::tr{'ntp server'} => { + "process" => "ntpd", + }, + + # SSH Server + $Lang::tr{'secure shell server'} => { + "process" => "sshd", + }, + + # IPsec + $Lang::tr{'vpn'} => { + "process" => "charon", + }, + + # Web Proxy + $Lang::tr{'web proxy'} => { + "process" => "squid", + }, + + # IPS + $Lang::tr{'intrusion prevention system'} => { + "process" => "suricata", + }, + + # OpenVPN Roadwarrior + $Lang::tr{'ovpn roadwarrior server'} => { + "process" => "openvpn", + "pidfile" => "/var/run/openvpn.pid", } + }); - my $shortname = $servicenames{$key}; - my $status = &isrunning($shortname,$col); - - print "$status\n"; - print "</tr>\n"; - } - - print "</table></div>\n"; - &Header::closebox(); + &Header::closesection(); &Header::openbox('100%', 'left', "$Lang::tr{addon} - $Lang::tr{services}"); my $paramstr=$ENV{QUERY_STRING}; @@ -168,6 +149,7 @@ END ; my $lines=0; # Used to count the outputlines to make different bgcolor + my $col; my @paks; my @addon_services; @@ -177,7 +159,7 @@ END foreach my $pak (sort keys %paklist) { my %metadata = &Pakfire::getmetadata($pak, "installed"); - + my $service; if ("$metadata{'Services'}") { @@ -195,7 +177,7 @@ END my $displayname = ($pak ne $service) ? "$service ($pak)" : $service; if ( -e "/srv/web/ipfire/cgi-bin/$pak.cgi" ) { $displayname = ($pak ne $service) ? "$service (<a href=\'$pak.cgi\'>$pak</a>)" : "<a href=\'$pak.cgi\'>$service</a>"; - } + } print "<td align='left' $col width='31%'>$displayname</td> "; @@ -214,17 +196,8 @@ END print "</table></div>\n"; &Header::closebox(); - &Header::opensection('100%', 'center', "$Lang::tr{'processes'} $Lang::tr{'graph'}"); - &Graphs::makegraphbox("services.cgi","processescpu","day"); - &Header::closebox(); - - &Header::openbox('100%', 'center', "$Lang::tr{'processes'} $Lang::tr{'memory'} $Lang::tr{'graph'}"); - &Graphs::makegraphbox("services.cgi","processesmemory","day"); - &Header::closebox(); - &Header::closebigbox(); &Header::closepage(); -} sub isautorun (@) { my ($pak, $service, $col) = @_; @@ -245,58 +218,6 @@ sub isautorun (@) { return $status; } -sub isrunning (@) { - my ($cmd, $col) = @_; - my $status = "<td align='center' bgcolor='${Header::colourred}'><font color='white'><b>$Lang::tr{'stopped'}</b></font></td><td colspan='2' $col></td>"; - my $pid = ''; - my $testcmd = ''; - my $exename; - my $memory; - - $cmd =~ /(^[a-z]+)/; - - # Check if the exename needs to be overwritten. - # This happens if the expected process name string - # differs from the real one. This may happened if - # a service uses multiple processes or threads. - if (exists($overwrite_exename_hash{$1})) { - # Grab the string which will be reported by - # the process from the corresponding hash. - $exename = $overwrite_exename_hash{$1}; - } else { - # Directly expect the launched command as - # process name. - $exename = $1; - } - - if (open(FILE, "/var/run/${cmd}.pid")){ - $pid = <FILE>; chomp $pid; - close FILE; - if (open(FILE, "/proc/${pid}/status")){ - while (<FILE>){ - if (/^Name:\W+(.*)/) { - $testcmd = $1; - } - } - close FILE; - } - if (open(FILE, "/proc/${pid}/status")) { - while (<FILE>) { - my ($key, $val) = split(":", $_, 2); - if ($key eq 'VmRSS') { - $memory = $val; - last; - } - } - close(FILE); - } - if ($testcmd =~ /$exename/){ - $status = "<td align='center' bgcolor='${Header::colourgreen}'><font color='white'><b>$Lang::tr{'running'}</b></font></td><td align='center' $col>$pid</td><td align='center' $col>$memory</td>"; - } - } - return $status; -} - sub isrunningaddon (@) { my ($pak, $service, $col) = @_; diff --git a/html/html/index.cgi b/html/html/index.cgi index f33f7019e8..b7e1012e16 100644 --- a/html/html/index.cgi +++ b/html/html/index.cgi @@ -19,11 +19,5 @@ # # ############################################################################### -if (! -e "/var/ipfire/main/gpl_accepted" ) { - print "Status: 302 Moved Temporarily\n"; - print "Location: /cgi-bin/gpl.cgi\n\n"; - exit (0); -} - print "Status: 302 Moved Temporarily\n"; print "Location: /cgi-bin/index.cgi\n\n"; diff --git a/html/html/themes/ipfire/include/css/style.css b/html/html/themes/ipfire/include/css/style.css index 8fb3432639..49d13ffd22 100644 --- a/html/html/themes/ipfire/include/css/style.css +++ b/html/html/themes/ipfire/include/css/style.css @@ -133,6 +133,22 @@ iframe { float: right !important; } +/* + Text Alignment +*/ + +.text-left { + text-align: left; +} + +.text-center { + text-align: center; +} + +.text-right { + text-align: right; +} + /* Header */ #header { @@ -296,6 +312,10 @@ table { border-spacing: 0; } +.tbl { + width: 100%; +} + .tbl th { color: #ffffff; border-top: 1px solid #363636; @@ -397,6 +417,16 @@ table { color: var(--color-green-invert); } +/* Notes */ + +.notes .is-warning { + color: var(--color-yellow); +} + +.notes a { + color: inherit; +} + table.fw-nat tbody tr td { height: 2.25em; } diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index 4dbd049c9c..3888ef7439 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -1612,6 +1612,7 @@ 'lifetime' => 'Lebensdauer:', 'line' => 'Leitung', 'linkq' => 'Antwortzeit', +'load average' => 'Load Average', 'load printer' => 'Lade Drucker', 'loaded modules' => 'Geladene Module:', 'local hard disk' => 'Festplatte', @@ -2092,6 +2093,7 @@ 'priority' => 'Priorität', 'processes' => 'Prozesse', 'processor vulnerability mitigations' => 'Prozessorverwundbarkeitsentschärfungen', +'processors' => 'Prozessoren', 'profile' => 'Profil', 'profile deleted' => 'Profil gelöscht: ', 'profile has errors' => 'Profil fehlerhaft', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index a9fb3a6f76..4b5d0779af 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -1669,6 +1669,7 @@ 'line' => 'Line', 'link-layer encapsulation' => 'Link-Layer Encapsulation', 'linkq' => 'Link Quality', +'load average' => 'Load Average', 'load printer' => 'Load Printer', 'loaded modules' => 'Loaded modules:', 'local hard disk' => 'Hard disk', @@ -2043,6 +2044,7 @@ 'ovpn on red' => 'OpenVPN on RED:', 'ovpn port in root range' => 'A port number of 1024 or higher is required.', 'ovpn reneg sec' => 'Session key lifetime:', +'ovpn roadwarrior server' => 'OpenVPN Roadwarrior Server', 'ovpn routes push' => 'Routes (one per line) e.g. 192.168.10.0/255.255.255.0 192.168.20.0/24', 'ovpn routes push options' => 'Route push options', 'ovpn rw connection log' => 'OpenVPN Roadwarrior Connections Log', @@ -2153,6 +2155,7 @@ 'priority' => 'Priority', 'processes' => 'Processes', 'processor vulnerability mitigations' => 'Processor Vulnerability Mitigations', +'processors' => 'Processors', 'profile' => 'Profile', 'profile deleted' => 'Profile deleted: ', 'profile has errors' => 'Profile has errors', diff --git a/lfs/stage2 b/lfs/stage2 index b2ae5d0fff..64904fad53 100644 --- a/lfs/stage2 +++ b/lfs/stage2 @@ -143,10 +143,6 @@ endif # A small hack to include /root to the iso but not all of it's files. touch /root/ipfire - # License agreement - -mkdir -pv /usr/share/doc/licenses/ - cp -vf $(DIR_SRC)/doc/COPYING /usr/share/doc/licenses/GPLv3 - # System release echo "$(SYSTEM_RELEASE)" > /etc/system-release diff --git a/src/installer/main.c b/src/installer/main.c index 70a240ccbc..9e3f4af833 100644 --- a/src/installer/main.c +++ b/src/installer/main.c @@ -24,7 +24,6 @@ #define _(x) dgettext("installer", x) #define INST_FILECOUNT 30000 -#define LICENSE_FILE "/cdrom/COPYING" #define SOURCE_TEMPFILE "/tmp/downloads/image.iso" extern char url[STRING_SIZE]; @@ -162,36 +161,6 @@ static int newtWinOkCancel(const char* title, const char* message, int width, in return ret; } -static int newtLicenseBox(const char* title, const char* text, int width, int height) { - int ret = 1; - - newtCenteredWindow(width, height, title); - - newtComponent form = newtForm(NULL, NULL, 0); - - newtComponent textbox = newtTextbox(1, 1, width - 2, height - 7, - NEWT_FLAG_WRAP|NEWT_FLAG_SCROLL); - newtTextboxSetText(textbox, text); - newtFormAddComponent(form, textbox); - - char choice; - newtComponent checkbox = newtCheckbox(3, height - 3, _("I accept this license"), - ' ', " *", &choice); - - newtComponent btn = newtButton(width - 15, height - 4, _("OK")); - - newtFormAddComponents(form, checkbox, btn, NULL); - - newtComponent answer = newtRunForm(form); - if (answer == btn && choice == '*') - ret = 0; - - newtFormDestroy(form); - newtPopWindow(); - - return ret; -} - int write_lang_configs(const char* lang) { struct keyvalue *kv = initkeyvalues(); @@ -365,8 +334,6 @@ int main(int argc, char *argv[]) { // Read /etc/system-release char* system_release = get_system_release(); - char discl_msg[40000] = "Disclaimer\n"; - char* sourcedrive = NULL; struct hw_destination* destination = NULL; struct hw_disk** selected_disks = NULL; @@ -376,7 +343,6 @@ int main(int argc, char *argv[]) { char message[STRING_SIZE]; char title[STRING_SIZE]; int allok = 0; - FILE *copying; setlocale(LC_ALL, ""); sethostname(DISTRO_SNAME, strlen(DISTRO_SNAME)); @@ -570,23 +536,6 @@ int main(int argc, char *argv[]) { goto EXIT; } - if (!config.unattended) { - // Read the license file. - if (!(copying = fopen(LICENSE_FILE, "r"))) { - sprintf(discl_msg, "Could not open license file: %s\n", LICENSE_FILE); - fprintf(flog, "%s", discl_msg); - } else { - fread(discl_msg, 1, 40000, copying); - fclose(copying); - - if (newtLicenseBox(_("License Agreement"), discl_msg, 75, 20)) { - errorbox(_("License not accepted!")); - - goto EXIT; - } - } - } - int part_type = HW_PART_TYPE_NORMAL; // Scan for disks to install on. @@ -865,12 +814,6 @@ int main(int argc, char *argv[]) { newtPopWindow(); - /* Set marker that the user has already accepted the GPL if the license has been shown - * in the installation process. In unatteded mode, the user will be presented the - * license when he or she logs on to the web user interface for the first time. */ - if (!config.unattended) - mysystem(logfile, "/usr/bin/touch /harddisk/var/ipfire/main/gpl_accepted"); - /* Copy restore file from cdrom */ char* backup_file = hw_find_backup_file(logfile, SOURCE_MOUNT_PATH); if (backup_file) { hooks/post-receive -- IPFire 2.x development tree

1 0

[git.ipfire.org] IPFire 2.x development tree branch, next, updated. f7879935a58e1420f632c64b98b21b08d6f8b046
by Michael Tremer 06 Aug '24

06 Aug '24

This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, next has been updated via f7879935a58e1420f632c64b98b21b08d6f8b046 (commit) via 07358a9fc5ef0cb9ae7e386158bac5d5a21340ec (commit) from cf6ab4e56944fcc39f707d87af411270bccc9dae (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit f7879935a58e1420f632c64b98b21b08d6f8b046 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Tue Aug 6 14:17:39 2024 +0000 core-updates: Fix release number Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 07358a9fc5ef0cb9ae7e386158bac5d5a21340ec Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Tue Aug 6 14:11:04 2024 +0000 make.sh: Grant network access when downloading packages Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> ----------------------------------------------------------------------- Summary of changes: lfs/core-updates | 6 +++--- make.sh | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) Difference in files: diff --git a/lfs/core-updates b/lfs/core-updates index e56ada70c..a6478b5e0 100644 --- a/lfs/core-updates +++ b/lfs/core-updates @@ -27,11 +27,11 @@ include Config THISAPP = core-updates TARGET = $(DIR_INFO)/$(THISAPP) -PROG = core-upgrade +PROG = core-upgrade VER = $(VERSION) -RELEASE = $(CORE) +PAK_VER = $(CORE) -SUMMARY = IPFire Core Update $(CORE) +SUMMARY = IPFire Core Update $(CORE) ############################################################################### # Top-level Rules diff --git a/make.sh b/make.sh index 2f629d73d..3a3590305 100755 --- a/make.sh +++ b/make.sh @@ -915,7 +915,7 @@ lfsmake1() { [ $? == 1 ] && return 0 # Download source outside of the toolchain - if ! make_pkg "${pkg}" download "$@"; then + if ! make_pkg --network "${pkg}" download "$@"; then exiterror "Downloading ${pkg}" fi @@ -937,7 +937,7 @@ lfsmake2() { [ $? == 1 ] && return 0 # Download source outside of the toolchain - if ! make_pkg "${pkg}" download "$@"; then + if ! make_pkg --network "${pkg}" download "$@"; then exiterror "Downloading ${pkg}" fi @@ -1144,7 +1144,7 @@ download_sources() { [ $? == 1 ] && continue # Download and check the package - if ! make_pkg "${pkg}" download b2; then + if ! make_pkg --network "${pkg}" download b2; then failed_packages+=( "${pkg}" ) print_status FAIL continue hooks/post-receive -- IPFire 2.x development tree

1 0

[git.ipfire.org] IPFire 2.x development tree branch, next, updated. cf6ab4e56944fcc39f707d87af411270bccc9dae
by Michael Tremer 06 Aug '24

06 Aug '24

This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, next has been updated via cf6ab4e56944fcc39f707d87af411270bccc9dae (commit) via 41bc16ac0b18d19e9c34854890fb6e920a6c5584 (commit) via dae1ac41e3294bcf3997a007dc245602ea9c87e2 (commit) via 91942800f96fbac354eba56714814831badfc88e (commit) from c00286b609e7721782a233b551dcb988567dd442 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit cf6ab4e56944fcc39f707d87af411270bccc9dae Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Tue Aug 6 13:49:31 2024 +0000 core188: Remove the old version of br2486ctl This is now installed in /usr/sbin instead of /usr/bin. Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 41bc16ac0b18d19e9c34854890fb6e920a6c5584 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Tue Aug 6 13:48:39 2024 +0000 br2684ctl: Remove rootfile, too Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit dae1ac41e3294bcf3997a007dc245602ea9c87e2 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Tue Aug 6 13:45:08 2024 +0000 make.sh: Bind-mount /etc/resolv.conf and /etc/hosts This allows us to have name resolution in the shell without any manual configuration. Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 91942800f96fbac354eba56714814831badfc88e Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Tue Aug 6 13:38:30 2024 +0000 make.sh: Entirely disable network access in the build environment Except when in the shell. Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> ----------------------------------------------------------------------- Summary of changes: config/rootfiles/common/br2684ctl | 1 - config/rootfiles/core/188/update.sh | 3 ++- make.sh | 40 +++++++++++++++++++++++++++++++++++-- 3 files changed, 40 insertions(+), 4 deletions(-) delete mode 100644 config/rootfiles/common/br2684ctl Difference in files: diff --git a/config/rootfiles/common/br2684ctl b/config/rootfiles/common/br2684ctl deleted file mode 100644 index 7ce61a985..000000000 --- a/config/rootfiles/common/br2684ctl +++ /dev/null @@ -1 +0,0 @@ -usr/bin/br2684ctl diff --git a/config/rootfiles/core/188/update.sh b/config/rootfiles/core/188/update.sh index d904a400b..a31e3617a 100644 --- a/config/rootfiles/core/188/update.sh +++ b/config/rootfiles/core/188/update.sh @@ -38,7 +38,8 @@ extract_files # Remove files rm -vrf \ - /srv/web/ipfire/html/themes/ipfire/include/functions.pl + /srv/web/ipfire/html/themes/ipfire/include/functions.pl \ + /usr/bin/br2684ctl # update linker config ldconfig diff --git a/make.sh b/make.sh index f5dc2a649..2f629d73d 100755 --- a/make.sh +++ b/make.sh @@ -313,6 +313,8 @@ exiterror() { } prepareenv() { + local network="false" + # Are we running the right shell? if [ -z "${BASH}" ]; then exiterror "BASH environment variable is not set. You're probably running the wrong shell." @@ -339,6 +341,10 @@ prepareenv() { required_space="${1#--required-space=}" ;; + --network) + network="true" + ;; + *) exiterror "Unknown argument: ${1}" ;; @@ -461,6 +467,26 @@ prepareenv() { # Mount the images directory mount --bind "${IMAGES_DIR}" "${BUILD_DIR}/usr/src/images" + # Bind-mount files requires for networking if requested + if [ "${network}" = "true" ]; then + local file + + for file in /etc/resolv.conf /etc/hosts; do + # Skip if the source files does not exist + if [ ! -e "${file}" ]; then + continue + fi + + # Create the destination if it does not exist + if [ ! -e "${BUILD_DIR}/${file}" ]; then + touch "${BUILD_DIR}/${file}" + fi + + # Mount the file read-only + mount --bind -o ro "${file}" "${BUILD_DIR}/${file}" + done + fi + # Configure the ccache export CCACHE_TEMPDIR="/tmp" export CCACHE_COMPILERCHECK="string:toolchain-${TOOLCHAINVER} ${BUILD_ARCH}" @@ -514,7 +540,7 @@ entershell() { local PS1="ipfire build chroot (${BUILD_ARCH}) \u:\w\$ " # Run an interactive shell - execute --chroot --interactive bash -i + execute --chroot --interactive --network bash -i } lfsmakecommoncheck() { @@ -547,6 +573,7 @@ execute() { local command=() local interactive="false" local timer + local network="false" # Collect environment variables local -A environ=( @@ -685,6 +712,10 @@ execute() { ) ;; + --network) + network="true" + ;; + --timer=*) timer="${1#--timer=}" ;; @@ -740,6 +771,11 @@ execute() { esac fi + # Network + if [ "${network}" = "false" ]; then + unshare+=( "--net" ) + fi + local execute=() local env @@ -2319,7 +2355,7 @@ shell) # enter a shell inside LFS chroot # may be used to changed kernel settings - prepareenv + prepareenv --network entershell ;; clean) hooks/post-receive -- IPFire 2.x development tree

1 0

[git.ipfire.org] IPFire 2.x development tree branch, next, updated. c00286b609e7721782a233b551dcb988567dd442
by Michael Tremer 06 Aug '24

06 Aug '24

This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, next has been updated via c00286b609e7721782a233b551dcb988567dd442 (commit) via fd4ee381367337bb6211190efc56ab46b69a3c75 (commit) via 552cf4e825bb55a7a4f05d1e96cfe57bdc109013 (commit) via 869102c0a9969cc3882ca08ba7c495e24c163d24 (commit) via d44788101b573f05583255a5fb541e76964235b8 (commit) via 64feedbcf66bedebb7750d1582862ed4bbaac9b1 (commit) via 095b258b97fdb7940549147d8567f6aa73492083 (commit) via b734e6f7b68f6b8e875e6ce9cc6c059a738d866d (commit) via acf27548808ab085d0519d055439c89e34552cbc (commit) from 7b77ed8c9432c0f550904e5a1c6d049d12517e04 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit c00286b609e7721782a233b551dcb988567dd442 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Tue Aug 6 09:13:54 2024 +0000 core188: Ship cyrus-sasl Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit fd4ee381367337bb6211190efc56ab46b69a3c75 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Sat Aug 3 10:01:23 2024 +0000 cyrus-sasl: Update to 2.1.28 Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 552cf4e825bb55a7a4f05d1e96cfe57bdc109013 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Sat Aug 3 09:51:46 2024 +0000 cyrus-sasl: Remove unsed PASS build instructions Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 869102c0a9969cc3882ca08ba7c495e24c163d24 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Tue Aug 6 09:13:08 2024 +0000 core188: Ship libxslt Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit d44788101b573f05583255a5fb541e76964235b8 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Sat Aug 3 09:49:42 2024 +0000 libxslt: Update to 1.1.42 Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 64feedbcf66bedebb7750d1582862ed4bbaac9b1 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Sat Aug 3 09:24:41 2024 +0000 br2684ctl: Drop package This tool is now part of linux-atm. Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit 095b258b97fdb7940549147d8567f6aa73492083 Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Tue Aug 6 09:12:27 2024 +0000 core188: Ship linux-atm Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit b734e6f7b68f6b8e875e6ce9cc6c059a738d866d Author: Michael Tremer <michael.tremer(a)ipfire.org> Date: Sat Aug 3 09:22:48 2024 +0000 linux-atm: Update to 2.5.2 Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> commit acf27548808ab085d0519d055439c89e34552cbc Author: Adolf Belka <adolf.belka(a)ipfire.org> Date: Tue May 21 16:56:21 2024 +0200 openssl: Update to version 3.3.0 - Update from version 3.2.1 to 3.3.0 - Update of rootfile - Changelog 3.3 This release adds the following new features: * Support for qlog for tracing QUIC connections has been added * Added APIs to allow configuring the negotiated idle timeout for QUIC connections, and to allow determining the number of additional streams that can currently be created for a QUIC connection. * Added APIs to allow disabling implicit QUIC event processing for QUIC SSL objects * Added APIs to allow querying the size and utilisation of a QUIC stream's write buffer * New API `SSL_write_ex2`, which can be used to send an end-of-stream (FIN) condition in an optimised way when using QUIC. * Limited support for polling of QUIC connection and stream objects in a non-blocking manner. * Added a new EVP_DigestSqueeze() API. This allows SHAKE to squeeze multiple times with different output sizes. * Added exporter for CMake on Unix and Windows, alongside the pkg-config exporter. * The BLAKE2s hash algorithm matches BLAKE2b's support for configurable output length. * The EVP_PKEY_fromdata function has been augmented to allow for the derivation of CRT (Chinese Remainder Theorem) parameters when requested * Added API functions SSL_SESSION_get_time_ex(), SSL_SESSION_set_time_ex() using time_t which is Y2038 safe on 32 bit systems when 64 bit time is enabled * Unknown entries in TLS SignatureAlgorithms, ClientSignatureAlgorithms config options and the respective calls to SSL[_CTX]_set1_sigalgs() and SSL[_CTX]_set1_client_sigalgs() that start with `?` character are ignored and the configuration will still be used. * Added `-set_issuer` and `-set_subject` options to `openssl x509` to override the Issuer and Subject when creating a certificate. The `-subj` option now is an alias for `-set_subject`. * Added several new features of CMPv3 defined in RFC 9480 and RFC 9483 * New option `SSL_OP_PREFER_NO_DHE_KEX`, which allows configuring a TLS1.3 server to prefer session resumption using PSK-only key exchange over PSK with DHE, if both are available. * New atexit configuration switch, which controls whether the OPENSSL_cleanup is registered when libcrypto is unloaded. * Added X509_STORE_get1_objects to avoid issues with the existing X509_STORE_get0_objects API in multi-threaded applications. This release incorporates the following potentially significant or incompatible changes: * Applied AES-GCM unroll8 optimisation to Microsoft Azure Cobalt 100 * Optimized AES-CTR for ARM Neoverse V1 and V2 * Enable AES and SHA3 optimisations on Applie Silicon M3-based MacOS systems similar to M1/M2. * Various optimizations for cryptographic routines using RISC-V vector crypto extensions * Added assembly implementation for md5 on loongarch64 * Accept longer context for TLS 1.2 exporters * The activate and soft_load configuration settings for providers in openssl.cnf have been updated to require a value of [1|yes|true|on] (in lower or UPPER case) to enable the setting. Conversely a value of [0|no|false|off] will disable the setting. * In `openssl speed`, changed the default hash function used with `hmac` from `md5` to `sha256`. * The `-verify` option to the `openssl crl` and `openssl req` will make the program exit with 1 on failure. * The d2i_ASN1_GENERALIZEDTIME(), d2i_ASN1_UTCTIME(), ASN1_TIME_check(), and related functions have been augmented to check for a minimum length of the input string, in accordance with ITU-T X.690 section 11.7 and 11.8. * OPENSSL_sk_push() and sk_<TYPE>_push() functions now return 0 instead of -1 if called with a NULL stack argument. * New limit on HTTP response headers is introduced to HTTP client. The default limit is set to 256 header lines. This release incorporates the following bug fixes and mitigations: * The BIO_get_new_index() function can only be called 127 times before it reaches its upper bound of BIO_TYPE_MASK and will now return -1 once its exhausted. Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org> Reviewed-by: Michael Tremer <michael.tremer(a)ipfire.org> Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org> ----------------------------------------------------------------------- Summary of changes: config/rootfiles/common/cyrus-sasl | 1 + config/rootfiles/common/libxslt | 5 +- config/rootfiles/common/linux-atm | 50 ++-- config/rootfiles/common/openssl | 104 ++++++++ .../{oldcore/120 => core/188}/filelists/cyrus-sasl | 0 .../{oldcore/157 => core/188}/filelists/libxslt | 0 .../{oldcore/159 => core/188}/filelists/linux-atm | 0 lfs/br2684ctl | 54 ---- lfs/cyrus-sasl | 26 +- lfs/libxslt | 4 +- lfs/linux-atm | 10 +- lfs/openssl | 4 +- make.sh | 1 - src/br2684ctl/br2684ctl.c | 271 --------------------- src/patches/linux-atm-2.4.1-arpd_includes.patch | 42 ---- src/patches/linux-atm-2.4.1-gcc-4.patch | 161 ------------ src/patches/linux-atm-2.5.2-headers.patch | 30 +++ src/patches/linux-atm-remove-define-hacks.patch | 22 ++ src/patches/linux-atm-use_socklen_t.patch | 13 + 19 files changed, 218 insertions(+), 580 deletions(-) copy config/rootfiles/{oldcore/120 => core/188}/filelists/cyrus-sasl (100%) copy config/rootfiles/{oldcore/157 => core/188}/filelists/libxslt (100%) copy config/rootfiles/{oldcore/159 => core/188}/filelists/linux-atm (100%) delete mode 100644 lfs/br2684ctl delete mode 100644 src/br2684ctl/br2684ctl.c delete mode 100644 src/patches/linux-atm-2.4.1-arpd_includes.patch delete mode 100644 src/patches/linux-atm-2.4.1-gcc-4.patch create mode 100644 src/patches/linux-atm-2.5.2-headers.patch create mode 100644 src/patches/linux-atm-remove-define-hacks.patch create mode 100644 src/patches/linux-atm-use_socklen_t.patch Difference in files: diff --git a/config/rootfiles/common/cyrus-sasl b/config/rootfiles/common/cyrus-sasl index 411c68d7a2..5a61b1355d 100644 --- a/config/rootfiles/common/cyrus-sasl +++ b/config/rootfiles/common/cyrus-sasl @@ -90,4 +90,5 @@ usr/sbin/testsaslauthd #usr/share/man/man8/saslauthd.8 #usr/share/man/man8/sasldblistusers2.8 #usr/share/man/man8/saslpasswd2.8 +#usr/share/man/man8/testsaslauthd.8 var/lib/sasl diff --git a/config/rootfiles/common/libxslt b/config/rootfiles/common/libxslt index a41c536b43..86e1c0cce5 100644 --- a/config/rootfiles/common/libxslt +++ b/config/rootfiles/common/libxslt @@ -32,16 +32,15 @@ usr/bin/xsltproc #usr/lib/libexslt.la #usr/lib/libexslt.so usr/lib/libexslt.so.0 -usr/lib/libexslt.so.0.8.20 +usr/lib/libexslt.so.0.8.23 #usr/lib/libxslt-plugins #usr/lib/libxslt.la #usr/lib/libxslt.so usr/lib/libxslt.so.1 -usr/lib/libxslt.so.1.1.37 +usr/lib/libxslt.so.1.1.42 #usr/lib/pkgconfig/libexslt.pc #usr/lib/pkgconfig/libxslt.pc #usr/lib/xsltConf.sh -#usr/share/aclocal/libxslt.m4 #usr/share/doc/libxslt #usr/share/doc/libxslt/tutorial #usr/share/doc/libxslt/tutorial/images diff --git a/config/rootfiles/common/linux-atm b/config/rootfiles/common/linux-atm index 70df5fc8a6..7c9e43dc7c 100644 --- a/config/rootfiles/common/linux-atm +++ b/config/rootfiles/common/linux-atm @@ -1,11 +1,17 @@ #etc/atmsigd.conf #etc/hosts.atm +#lib/firmware/pca200e.bin +#lib/firmware/pca200e_ecd.bin2 +#lib/firmware/sba200e_ecd.bin2 #usr/bin/aread #usr/bin/atmdiag #usr/bin/atmdump +#usr/bin/atmswitch #usr/bin/awrite #usr/bin/saaldump #usr/bin/sonetdiag +#usr/bin/svc_recv +#usr/bin/svc_send #usr/bin/ttcp_atm #usr/include/atm.h #usr/include/atmarp.h @@ -14,41 +20,43 @@ #usr/include/atmsap.h #usr/lib/libatm.a #usr/lib/libatm.la -usr/lib/libatm.so +#usr/lib/libatm.so usr/lib/libatm.so.1 usr/lib/libatm.so.1.0.0 -#usr/man/man4 -#usr/man/man4/atmsigd.conf.4 -#usr/man/man7 -#usr/man/man7/qos.7 -#usr/man/man7/sap.7 -#usr/man/man8 -#usr/man/man8/atmaddr.8 -#usr/man/man8/atmarp.8 -#usr/man/man8/atmarpd.8 -#usr/man/man8/atmdiag.8 -#usr/man/man8/atmdump.8 -#usr/man/man8/atmloop.8 -#usr/man/man8/atmsigd.8 -#usr/man/man8/atmtcp.8 -#usr/man/man8/bus.8 -#usr/man/man8/esi.8 -#usr/man/man8/lecs.8 -#usr/man/man8/les.8 -#usr/man/man8/mpcd.8 -#usr/man/man8/zeppelin.8 #usr/sbin/atmaddr #usr/sbin/atmarp #usr/sbin/atmarpd #usr/sbin/atmloop #usr/sbin/atmsigd #usr/sbin/atmtcp +usr/sbin/br2684ctl #usr/sbin/bus #usr/sbin/enitune #usr/sbin/esi +#usr/sbin/hediag #usr/sbin/ilmid +#usr/sbin/ilmidiag #usr/sbin/lecs #usr/sbin/les #usr/sbin/mpcd #usr/sbin/zeppelin #usr/sbin/zntune +#usr/share/man/man4/atmsigd.conf.4 +#usr/share/man/man7/qos.7 +#usr/share/man/man7/sap.7 +#usr/share/man/man8/atmaddr.8 +#usr/share/man/man8/atmarp.8 +#usr/share/man/man8/atmarpd.8 +#usr/share/man/man8/atmdiag.8 +#usr/share/man/man8/atmdump.8 +#usr/share/man/man8/atmloop.8 +#usr/share/man/man8/atmsigd.8 +#usr/share/man/man8/atmtcp.8 +#usr/share/man/man8/br2684ctl.8 +#usr/share/man/man8/bus.8 +#usr/share/man/man8/esi.8 +#usr/share/man/man8/ilmid.8 +#usr/share/man/man8/lecs.8 +#usr/share/man/man8/les.8 +#usr/share/man/man8/mpcd.8 +#usr/share/man/man8/zeppelin.8 diff --git a/config/rootfiles/common/openssl b/config/rootfiles/common/openssl index d5f4f38144..d9595bef94 100644 --- a/config/rootfiles/common/openssl +++ b/config/rootfiles/common/openssl @@ -152,6 +152,10 @@ usr/bin/openssl #usr/include/openssl/x509err.h #usr/include/openssl/x509v3.h #usr/include/openssl/x509v3err.h +#usr/lib/cmake +usr/lib/cmake/OpenSSL +usr/lib/cmake/OpenSSL/OpenSSLConfig.cmake +usr/lib/cmake/OpenSSL/OpenSSLConfigVersion.cmake #usr/lib/engines-3 usr/lib/engines-3/afalg.so usr/lib/engines-3/capi.so @@ -769,6 +773,7 @@ usr/lib/ossl-modules/legacy.so #usr/share/doc/openssl/html/man3/SSL_get_shared_sigalgs.html #usr/share/doc/openssl/html/man3/SSL_get_stream_id.html #usr/share/doc/openssl/html/man3/SSL_get_stream_read_state.html +#usr/share/doc/openssl/html/man3/SSL_get_value_uint.html #usr/share/doc/openssl/html/man3/SSL_get_verify_result.html #usr/share/doc/openssl/html/man3/SSL_get_version.html #usr/share/doc/openssl/html/man3/SSL_group_to_name.html @@ -781,6 +786,7 @@ usr/lib/ossl-modules/legacy.so #usr/share/doc/openssl/html/man3/SSL_new.html #usr/share/doc/openssl/html/man3/SSL_new_stream.html #usr/share/doc/openssl/html/man3/SSL_pending.html +#usr/share/doc/openssl/html/man3/SSL_poll.html #usr/share/doc/openssl/html/man3/SSL_read.html #usr/share/doc/openssl/html/man3/SSL_read_early_data.html #usr/share/doc/openssl/html/man3/SSL_rstate_string.html @@ -994,6 +1000,7 @@ usr/lib/ossl-modules/legacy.so #usr/share/doc/openssl/html/man7/openssl-core_names.h.html #usr/share/doc/openssl/html/man7/openssl-env.html #usr/share/doc/openssl/html/man7/openssl-glossary.html +#usr/share/doc/openssl/html/man7/openssl-qlog.html #usr/share/doc/openssl/html/man7/openssl-quic.html #usr/share/doc/openssl/html/man7/openssl-threads.html #usr/share/doc/openssl/html/man7/openssl_user_macros.html @@ -2421,6 +2428,7 @@ usr/lib/ossl-modules/legacy.so #usr/share/man/man3/ERR_peek_last_error_func.3ossl #usr/share/man/man3/ERR_peek_last_error_line.3ossl #usr/share/man/man3/ERR_peek_last_error_line_data.3ossl +#usr/share/man/man3/ERR_pop.3ossl #usr/share/man/man3/ERR_pop_to_mark.3ossl #usr/share/man/man3/ERR_print_errors.3ossl #usr/share/man/man3/ERR_print_errors_cb.3ossl @@ -2589,6 +2597,7 @@ usr/lib/ossl-modules/legacy.so #usr/share/man/man3/EVP_DigestSignInit.3ossl #usr/share/man/man3/EVP_DigestSignInit_ex.3ossl #usr/share/man/man3/EVP_DigestSignUpdate.3ossl +#usr/share/man/man3/EVP_DigestSqueeze.3ossl #usr/share/man/man3/EVP_DigestUpdate.3ossl #usr/share/man/man3/EVP_DigestVerify.3ossl #usr/share/man/man3/EVP_DigestVerifyFinal.3ossl @@ -3590,6 +3599,7 @@ usr/lib/ossl-modules/legacy.so #usr/share/man/man3/OPENSSL_LH_delete.3ossl #usr/share/man/man3/OPENSSL_LH_doall.3ossl #usr/share/man/man3/OPENSSL_LH_doall_arg.3ossl +#usr/share/man/man3/OPENSSL_LH_doall_arg_thunk.3ossl #usr/share/man/man3/OPENSSL_LH_error.3ossl #usr/share/man/man3/OPENSSL_LH_flush.3ossl #usr/share/man/man3/OPENSSL_LH_free.3ossl @@ -3603,6 +3613,7 @@ usr/lib/ossl-modules/legacy.so #usr/share/man/man3/OPENSSL_LH_num_items.3ossl #usr/share/man/man3/OPENSSL_LH_retrieve.3ossl #usr/share/man/man3/OPENSSL_LH_set_down_load.3ossl +#usr/share/man/man3/OPENSSL_LH_set_thunks.3ossl #usr/share/man/man3/OPENSSL_LH_stats.3ossl #usr/share/man/man3/OPENSSL_LH_stats_bio.3ossl #usr/share/man/man3/OPENSSL_LINE.3ossl @@ -3701,6 +3712,7 @@ usr/lib/ossl-modules/legacy.so #usr/share/man/man3/OSSL_CMP_CR.3ossl #usr/share/man/man3/OSSL_CMP_CTX_build_cert_chain.3ossl #usr/share/man/man3/OSSL_CMP_CTX_free.3ossl +#usr/share/man/man3/OSSL_CMP_CTX_get0_geninfo_ITAVs.3ossl #usr/share/man/man3/OSSL_CMP_CTX_get0_libctx.3ossl #usr/share/man/man3/OSSL_CMP_CTX_get0_newCert.3ossl #usr/share/man/man3/OSSL_CMP_CTX_get0_newPkey.3ossl @@ -3765,6 +3777,7 @@ usr/lib/ossl-modules/legacy.so #usr/share/man/man3/OSSL_CMP_CTX_set_transfer_cb_arg.3ossl #usr/share/man/man3/OSSL_CMP_CTX_setup_CRM.3ossl #usr/share/man/man3/OSSL_CMP_CTX_snprint_PKIStatus.3ossl +#usr/share/man/man3/OSSL_CMP_HDR_get0_geninfo_ITAVs.3ossl #usr/share/man/man3/OSSL_CMP_HDR_get0_recipNonce.3ossl #usr/share/man/man3/OSSL_CMP_HDR_get0_transactionID.3ossl #usr/share/man/man3/OSSL_CMP_IR.3ossl @@ -3772,10 +3785,12 @@ usr/lib/ossl-modules/legacy.so #usr/share/man/man3/OSSL_CMP_ITAV_dup.3ossl #usr/share/man/man3/OSSL_CMP_ITAV_free.3ossl #usr/share/man/man3/OSSL_CMP_ITAV_get0_caCerts.3ossl +#usr/share/man/man3/OSSL_CMP_ITAV_get0_certProfile.3ossl #usr/share/man/man3/OSSL_CMP_ITAV_get0_rootCaCert.3ossl #usr/share/man/man3/OSSL_CMP_ITAV_get0_rootCaKeyUpdate.3ossl #usr/share/man/man3/OSSL_CMP_ITAV_get0_type.3ossl #usr/share/man/man3/OSSL_CMP_ITAV_get0_value.3ossl +#usr/share/man/man3/OSSL_CMP_ITAV_new0_certProfile.3ossl #usr/share/man/man3/OSSL_CMP_ITAV_new_caCerts.3ossl #usr/share/man/man3/OSSL_CMP_ITAV_new_rootCaCert.3ossl #usr/share/man/man3/OSSL_CMP_ITAV_new_rootCaKeyUpdate.3ossl @@ -3793,6 +3808,7 @@ usr/lib/ossl-modules/legacy.so #usr/share/man/man3/OSSL_CMP_LOG_WARNING.3ossl #usr/share/man/man3/OSSL_CMP_MSG_dup.3ossl #usr/share/man/man3/OSSL_CMP_MSG_free.3ossl +#usr/share/man/man3/OSSL_CMP_MSG_get0_certreq_publickey.3ossl #usr/share/man/man3/OSSL_CMP_MSG_get0_header.3ossl #usr/share/man/man3/OSSL_CMP_MSG_get_bodytype.3ossl #usr/share/man/man3/OSSL_CMP_MSG_http_perform.3ossl @@ -3814,6 +3830,7 @@ usr/lib/ossl-modules/legacy.so #usr/share/man/man3/OSSL_CMP_SRV_CTX_get0_cmp_ctx.3ossl #usr/share/man/man3/OSSL_CMP_SRV_CTX_get0_custom_ctx.3ossl #usr/share/man/man3/OSSL_CMP_SRV_CTX_init.3ossl +#usr/share/man/man3/OSSL_CMP_SRV_CTX_init_trans.3ossl #usr/share/man/man3/OSSL_CMP_SRV_CTX_new.3ossl #usr/share/man/man3/OSSL_CMP_SRV_CTX_set_accept_raverified.3ossl #usr/share/man/man3/OSSL_CMP_SRV_CTX_set_accept_unprotected.3ossl @@ -3821,6 +3838,8 @@ usr/lib/ossl-modules/legacy.so #usr/share/man/man3/OSSL_CMP_SRV_CTX_set_send_unprotected_errors.3ossl #usr/share/man/man3/OSSL_CMP_SRV_certConf_cb_t.3ossl #usr/share/man/man3/OSSL_CMP_SRV_cert_request_cb_t.3ossl +#usr/share/man/man3/OSSL_CMP_SRV_clean_transaction_cb_t.3ossl +#usr/share/man/man3/OSSL_CMP_SRV_delayed_delivery_cb_t.3ossl #usr/share/man/man3/OSSL_CMP_SRV_error_cb_t.3ossl #usr/share/man/man3/OSSL_CMP_SRV_genm_cb_t.3ossl #usr/share/man/man3/OSSL_CMP_SRV_pollReq_cb_t.3ossl @@ -4044,6 +4063,7 @@ usr/lib/ossl-modules/legacy.so #usr/share/man/man3/OSSL_HTTP_REQ_CTX_new.3ossl #usr/share/man/man3/OSSL_HTTP_REQ_CTX_set1_req.3ossl #usr/share/man/man3/OSSL_HTTP_REQ_CTX_set_expected.3ossl +#usr/share/man/man3/OSSL_HTTP_REQ_CTX_set_max_response_hdr_lines.3ossl #usr/share/man/man3/OSSL_HTTP_REQ_CTX_set_max_response_length.3ossl #usr/share/man/man3/OSSL_HTTP_REQ_CTX_set_request_line.3ossl #usr/share/man/man3/OSSL_HTTP_adapt_proxy.3ossl @@ -4187,6 +4207,27 @@ usr/lib/ossl-modules/legacy.so #usr/share/man/man3/OSSL_PROVIDER_try_load_ex.3ossl #usr/share/man/man3/OSSL_PROVIDER_unload.3ossl #usr/share/man/man3/OSSL_PROVIDER_unquery_operation.3ossl +#usr/share/man/man3/OSSL_QUIC_ERR_AEAD_LIMIT_REACHED.3ossl +#usr/share/man/man3/OSSL_QUIC_ERR_APPLICATION_ERROR.3ossl +#usr/share/man/man3/OSSL_QUIC_ERR_CONNECTION_ID_LIMIT_ERROR.3ossl +#usr/share/man/man3/OSSL_QUIC_ERR_CONNECTION_REFUSED.3ossl +#usr/share/man/man3/OSSL_QUIC_ERR_CRYPTO_BUFFER_EXCEEDED.3ossl +#usr/share/man/man3/OSSL_QUIC_ERR_CRYPTO_ERR.3ossl +#usr/share/man/man3/OSSL_QUIC_ERR_CRYPTO_ERR_BEGIN.3ossl +#usr/share/man/man3/OSSL_QUIC_ERR_CRYPTO_ERR_END.3ossl +#usr/share/man/man3/OSSL_QUIC_ERR_FINAL_SIZE_ERROR.3ossl +#usr/share/man/man3/OSSL_QUIC_ERR_FLOW_CONTROL_ERROR.3ossl +#usr/share/man/man3/OSSL_QUIC_ERR_FRAME_ENCODING_ERROR.3ossl +#usr/share/man/man3/OSSL_QUIC_ERR_INTERNAL_ERROR.3ossl +#usr/share/man/man3/OSSL_QUIC_ERR_INVALID_TOKEN.3ossl +#usr/share/man/man3/OSSL_QUIC_ERR_KEY_UPDATE_ERROR.3ossl +#usr/share/man/man3/OSSL_QUIC_ERR_NO_ERROR.3ossl +#usr/share/man/man3/OSSL_QUIC_ERR_NO_VIABLE_PATH.3ossl +#usr/share/man/man3/OSSL_QUIC_ERR_PROTOCOL_VIOLATION.3ossl +#usr/share/man/man3/OSSL_QUIC_ERR_STREAM_LIMIT_ERROR.3ossl +#usr/share/man/man3/OSSL_QUIC_ERR_STREAM_STATE_ERROR.3ossl +#usr/share/man/man3/OSSL_QUIC_ERR_TRANSPORT_PARAMETER_ERROR.3ossl +#usr/share/man/man3/OSSL_QUIC_LOCAL_ERR_IDLE_TIMEOUT.3ossl #usr/share/man/man3/OSSL_QUIC_client_method.3ossl #usr/share/man/man3/OSSL_QUIC_client_thread_method.3ossl #usr/share/man/man3/OSSL_SELF_TEST_free.3ossl @@ -5145,6 +5186,29 @@ usr/lib/ossl-modules/legacy.so #usr/share/man/man3/SSL_INCOMING_STREAM_POLICY_AUTO.3ossl #usr/share/man/man3/SSL_INCOMING_STREAM_POLICY_REJECT.3ossl #usr/share/man/man3/SSL_OP_BIT.3ossl +#usr/share/man/man3/SSL_POLL_EVENT_E.3ossl +#usr/share/man/man3/SSL_POLL_EVENT_EC.3ossl +#usr/share/man/man3/SSL_POLL_EVENT_ECD.3ossl +#usr/share/man/man3/SSL_POLL_EVENT_ER.3ossl +#usr/share/man/man3/SSL_POLL_EVENT_EW.3ossl +#usr/share/man/man3/SSL_POLL_EVENT_F.3ossl +#usr/share/man/man3/SSL_POLL_EVENT_I.3ossl +#usr/share/man/man3/SSL_POLL_EVENT_IS.3ossl +#usr/share/man/man3/SSL_POLL_EVENT_ISB.3ossl +#usr/share/man/man3/SSL_POLL_EVENT_ISE.3ossl +#usr/share/man/man3/SSL_POLL_EVENT_ISU.3ossl +#usr/share/man/man3/SSL_POLL_EVENT_NONE.3ossl +#usr/share/man/man3/SSL_POLL_EVENT_OS.3ossl +#usr/share/man/man3/SSL_POLL_EVENT_OSB.3ossl +#usr/share/man/man3/SSL_POLL_EVENT_OSE.3ossl +#usr/share/man/man3/SSL_POLL_EVENT_OSU.3ossl +#usr/share/man/man3/SSL_POLL_EVENT_R.3ossl +#usr/share/man/man3/SSL_POLL_EVENT_RE.3ossl +#usr/share/man/man3/SSL_POLL_EVENT_RW.3ossl +#usr/share/man/man3/SSL_POLL_EVENT_RWE.3ossl +#usr/share/man/man3/SSL_POLL_EVENT_W.3ossl +#usr/share/man/man3/SSL_POLL_EVENT_WE.3ossl +#usr/share/man/man3/SSL_POLL_FLAG_NO_HANDLE_EVENTS.3ossl #usr/share/man/man3/SSL_SESSION_dup.3ossl #usr/share/man/man3/SSL_SESSION_free.3ossl #usr/share/man/man3/SSL_SESSION_get0_alpn_selected.3ossl @@ -5166,6 +5230,7 @@ usr/lib/ossl-modules/legacy.so #usr/share/man/man3/SSL_SESSION_get_protocol_version.3ossl #usr/share/man/man3/SSL_SESSION_get_ticket_lifetime_hint.3ossl #usr/share/man/man3/SSL_SESSION_get_time.3ossl +#usr/share/man/man3/SSL_SESSION_get_time_ex.3ossl #usr/share/man/man3/SSL_SESSION_get_timeout.3ossl #usr/share/man/man3/SSL_SESSION_has_ticket.3ossl #usr/share/man/man3/SSL_SESSION_is_resumable.3ossl @@ -5185,6 +5250,7 @@ usr/lib/ossl-modules/legacy.so #usr/share/man/man3/SSL_SESSION_set_max_early_data.3ossl #usr/share/man/man3/SSL_SESSION_set_protocol_version.3ossl #usr/share/man/man3/SSL_SESSION_set_time.3ossl +#usr/share/man/man3/SSL_SESSION_set_time_ex.3ossl #usr/share/man/man3/SSL_SESSION_set_timeout.3ossl #usr/share/man/man3/SSL_SESSION_up_ref.3ossl #usr/share/man/man3/SSL_STREAM_FLAG_ADVANCE.3ossl @@ -5201,6 +5267,23 @@ usr/lib/ossl-modules/legacy.so #usr/share/man/man3/SSL_STREAM_TYPE_NONE.3ossl #usr/share/man/man3/SSL_STREAM_TYPE_READ.3ossl #usr/share/man/man3/SSL_STREAM_TYPE_WRITE.3ossl +#usr/share/man/man3/SSL_VALUE_CLASS_FEATURE_NEGOTIATED.3ossl +#usr/share/man/man3/SSL_VALUE_CLASS_FEATURE_PEER_REQUEST.3ossl +#usr/share/man/man3/SSL_VALUE_CLASS_FEATURE_REQUEST.3ossl +#usr/share/man/man3/SSL_VALUE_CLASS_GENERIC.3ossl +#usr/share/man/man3/SSL_VALUE_EVENT_HANDLING_MODE.3ossl +#usr/share/man/man3/SSL_VALUE_EVENT_HANDLING_MODE_EXPLICIT.3ossl +#usr/share/man/man3/SSL_VALUE_EVENT_HANDLING_MODE_IMPLICIT.3ossl +#usr/share/man/man3/SSL_VALUE_EVENT_HANDLING_MODE_INHERIT.3ossl +#usr/share/man/man3/SSL_VALUE_QUIC_IDLE_TIMEOUT.3ossl +#usr/share/man/man3/SSL_VALUE_QUIC_STREAM_BIDI_LOCAL_AVAIL.3ossl +#usr/share/man/man3/SSL_VALUE_QUIC_STREAM_BIDI_REMOTE_AVAIL.3ossl +#usr/share/man/man3/SSL_VALUE_QUIC_STREAM_UNI_LOCAL_AVAIL.3ossl +#usr/share/man/man3/SSL_VALUE_QUIC_STREAM_UNI_REMOTE_AVAIL.3ossl +#usr/share/man/man3/SSL_VALUE_STREAM_WRITE_BUF_AVAIL.3ossl +#usr/share/man/man3/SSL_VALUE_STREAM_WRITE_BUF_SIZE.3ossl +#usr/share/man/man3/SSL_VALUE_STREAM_WRITE_BUF_USED.3ossl +#usr/share/man/man3/SSL_WRITE_FLAG_CONCLUDE.3ossl #usr/share/man/man3/SSL_accept.3ossl #usr/share/man/man3/SSL_accept_stream.3ossl #usr/share/man/man3/SSL_add0_chain_cert.3ossl @@ -5312,12 +5395,17 @@ usr/lib/ossl-modules/legacy.so #usr/share/man/man3/SSL_get_default_timeout.3ossl #usr/share/man/man3/SSL_get_early_data_status.3ossl #usr/share/man/man3/SSL_get_error.3ossl +#usr/share/man/man3/SSL_get_event_handling_mode.3ossl #usr/share/man/man3/SSL_get_event_timeout.3ossl #usr/share/man/man3/SSL_get_ex_data.3ossl #usr/share/man/man3/SSL_get_ex_data_X509_STORE_CTX_idx.3ossl #usr/share/man/man3/SSL_get_ex_new_index.3ossl #usr/share/man/man3/SSL_get_extms_support.3ossl #usr/share/man/man3/SSL_get_fd.3ossl +#usr/share/man/man3/SSL_get_feature_negotiated_uint.3ossl +#usr/share/man/man3/SSL_get_feature_peer_request_uint.3ossl +#usr/share/man/man3/SSL_get_feature_request_uint.3ossl +#usr/share/man/man3/SSL_get_generic_value_uint.3ossl #usr/share/man/man3/SSL_get_handshake_rtt.3ossl #usr/share/man/man3/SSL_get_info_callback.3ossl #usr/share/man/man3/SSL_get_key_update_type.3ossl @@ -5340,6 +5428,10 @@ usr/lib/ossl-modules/legacy.so #usr/share/man/man3/SSL_get_privatekey.3ossl #usr/share/man/man3/SSL_get_psk_identity.3ossl #usr/share/man/man3/SSL_get_psk_identity_hint.3ossl +#usr/share/man/man3/SSL_get_quic_stream_bidi_local_avail.3ossl +#usr/share/man/man3/SSL_get_quic_stream_bidi_remote_avail.3ossl +#usr/share/man/man3/SSL_get_quic_stream_uni_local_avail.3ossl +#usr/share/man/man3/SSL_get_quic_stream_uni_remote_avail.3ossl #usr/share/man/man3/SSL_get_quiet_shutdown.3ossl #usr/share/man/man3/SSL_get_rbio.3ossl #usr/share/man/man3/SSL_get_read_ahead.3ossl @@ -5375,6 +5467,9 @@ usr/lib/ossl-modules/legacy.so #usr/share/man/man3/SSL_get_stream_read_error_code.3ossl #usr/share/man/man3/SSL_get_stream_read_state.3ossl #usr/share/man/man3/SSL_get_stream_type.3ossl +#usr/share/man/man3/SSL_get_stream_write_buf_avail.3ossl +#usr/share/man/man3/SSL_get_stream_write_buf_size.3ossl +#usr/share/man/man3/SSL_get_stream_write_buf_used.3ossl #usr/share/man/man3/SSL_get_stream_write_error_code.3ossl #usr/share/man/man3/SSL_get_stream_write_state.3ossl #usr/share/man/man3/SSL_get_time.3ossl @@ -5382,6 +5477,7 @@ usr/lib/ossl-modules/legacy.so #usr/share/man/man3/SSL_get_tlsext_status_ocsp_resp.3ossl #usr/share/man/man3/SSL_get_tlsext_status_type.3ossl #usr/share/man/man3/SSL_get_tmp_key.3ossl +#usr/share/man/man3/SSL_get_value_uint.3ossl #usr/share/man/man3/SSL_get_verify_callback.3ossl #usr/share/man/man3/SSL_get_verify_depth.3ossl #usr/share/man/man3/SSL_get_verify_mode.3ossl @@ -5419,6 +5515,7 @@ usr/lib/ossl-modules/legacy.so #usr/share/man/man3/SSL_peek.3ossl #usr/share/man/man3/SSL_peek_ex.3ossl #usr/share/man/man3/SSL_pending.3ossl +#usr/share/man/man3/SSL_poll.3ossl #usr/share/man/man3/SSL_psk_client_cb_func.3ossl #usr/share/man/man3/SSL_psk_find_session_cb_func.3ossl #usr/share/man/man3/SSL_psk_server_cb_func.3ossl @@ -5483,9 +5580,12 @@ usr/lib/ossl-modules/legacy.so #usr/share/man/man3/SSL_set_default_stream_mode.3ossl #usr/share/man/man3/SSL_set_dh_auto.3ossl #usr/share/man/man3/SSL_set_ecdh_auto.3ossl +#usr/share/man/man3/SSL_set_event_handling_mode.3ossl #usr/share/man/man3/SSL_set_ex_data.3ossl #usr/share/man/man3/SSL_set_fd.3ossl +#usr/share/man/man3/SSL_set_feature_request_uint.3ossl #usr/share/man/man3/SSL_set_generate_session_id.3ossl +#usr/share/man/man3/SSL_set_generic_value_uint.3ossl #usr/share/man/man3/SSL_set_hostflags.3ossl #usr/share/man/man3/SSL_set_incoming_stream_policy.3ossl #usr/share/man/man3/SSL_set_info_callback.3ossl @@ -5534,6 +5634,7 @@ usr/lib/ossl-modules/legacy.so #usr/share/man/man3/SSL_set_tmp_dh_callback.3ossl #usr/share/man/man3/SSL_set_tmp_ecdh.3ossl #usr/share/man/man3/SSL_set_trust.3ossl +#usr/share/man/man3/SSL_set_value_uint.3ossl #usr/share/man/man3/SSL_set_verify.3ossl #usr/share/man/man3/SSL_set_verify_depth.3ossl #usr/share/man/man3/SSL_set_verify_result.3ossl @@ -5575,6 +5676,7 @@ usr/lib/ossl-modules/legacy.so #usr/share/man/man3/SSL_write.3ossl #usr/share/man/man3/SSL_write_early_data.3ossl #usr/share/man/man3/SSL_write_ex.3ossl +#usr/share/man/man3/SSL_write_ex2.3ossl #usr/share/man/man3/SSLv23_client_method.3ossl #usr/share/man/man3/SSLv23_method.3ossl #usr/share/man/man3/SSLv23_server_method.3ossl @@ -6011,6 +6113,7 @@ usr/lib/ossl-modules/legacy.so #usr/share/man/man3/X509_STORE_get0_objects.3ossl #usr/share/man/man3/X509_STORE_get0_param.3ossl #usr/share/man/man3/X509_STORE_get1_all_certs.3ossl +#usr/share/man/man3/X509_STORE_get1_objects.3ossl #usr/share/man/man3/X509_STORE_get_cert_crl.3ossl #usr/share/man/man3/X509_STORE_get_check_crl.3ossl #usr/share/man/man3/X509_STORE_get_check_issued.3ossl @@ -6857,6 +6960,7 @@ usr/lib/ossl-modules/legacy.so #usr/share/man/man7/openssl-core_names.h.7ossl #usr/share/man/man7/openssl-env.7ossl #usr/share/man/man7/openssl-glossary.7ossl +#usr/share/man/man7/openssl-qlog.7ossl #usr/share/man/man7/openssl-quic.7ossl #usr/share/man/man7/openssl-threads.7ossl #usr/share/man/man7/openssl_user_macros.7ossl diff --git a/config/rootfiles/core/188/filelists/cyrus-sasl b/config/rootfiles/core/188/filelists/cyrus-sasl new file mode 120000 index 0000000000..bb51b4c92c --- /dev/null +++ b/config/rootfiles/core/188/filelists/cyrus-sasl @@ -0,0 +1 @@ +../../../common/cyrus-sasl \ No newline at end of file diff --git a/config/rootfiles/core/188/filelists/libxslt b/config/rootfiles/core/188/filelists/libxslt new file mode 120000 index 0000000000..bf9d76609b --- /dev/null +++ b/config/rootfiles/core/188/filelists/libxslt @@ -0,0 +1 @@ +../../../common/libxslt \ No newline at end of file diff --git a/config/rootfiles/core/188/filelists/linux-atm b/config/rootfiles/core/188/filelists/linux-atm new file mode 120000 index 0000000000..8adccafbd6 --- /dev/null +++ b/config/rootfiles/core/188/filelists/linux-atm @@ -0,0 +1 @@ +../../../common/linux-atm \ No newline at end of file diff --git a/lfs/br2684ctl b/lfs/br2684ctl deleted file mode 100644 index f8ac496ec3..0000000000 --- a/lfs/br2684ctl +++ /dev/null @@ -1,54 +0,0 @@ -############################################################################### -# # -# IPFire.org - A linux based firewall # -# Copyright (C) 2007-2018 IPFire Team <info(a)ipfire.org> # -# # -# This program is free software: you can redistribute it and/or modify # -# it under the terms of the GNU General Public License as published by # -# the Free Software Foundation, either version 3 of the License, or # -# (at your option) any later version. # -# # -# This program is distributed in the hope that it will be useful, # -# but WITHOUT ANY WARRANTY; without even the implied warranty of # -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # -# GNU General Public License for more details. # -# # -# You should have received a copy of the GNU General Public License # -# along with this program. If not, see <http://www.gnu.org/licenses/>. # -# # -############################################################################### - -############################################################################### -# Definitions -############################################################################### - -include Config - -VER = ipfire - -THISAPP = br2684ctl -TARGET = $(DIR_INFO)/$(THISAPP) - -############################################################################### -# Top-level Rules -############################################################################### - -install : $(TARGET) - -check : - -download : - -b2 : - -############################################################################### -# Installation Details -############################################################################### - -$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) - @$(PREBUILD) - @rm -rf $(DIR_SRC)/br2684ctl - cd $(DIR_SRC) && gcc $(CFLAGS) -latm $(DIR_SRC)/src/br2684ctl/br2684ctl.c -o br2684ctl - cd $(DIR_SRC) && install -v -m 755 br2684ctl /usr/bin/br2684ctl - @rm -rf $(DIR_SRC)/br2684ctl - @$(POSTBUILD) diff --git a/lfs/cyrus-sasl b/lfs/cyrus-sasl index 060b9ad09a..98fa0a183b 100644 --- a/lfs/cyrus-sasl +++ b/lfs/cyrus-sasl @@ -26,7 +26,7 @@ include Config SUMMARY = Implementation of Cyrus SASL API -VER = 2.1.26 +VER = 2.1.28 THISAPP = cyrus-sasl-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -53,7 +53,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 08fe5c1624e7cccb4b5e562f6987fddd047e1221b671cedbbb684d5a2f39e09a438ad14ffcedb5f398c203ca0b6e23574106c87f43a632028d50a69619c54970 +$(DL_FILE)_BLAKE2 = 6cca8c26cebb9c2ee5d539c43797d30b6309a476ec4233225789978e1d7315c4ea5d2abbc7f5464be0f3c0de5fd9212706b43fbc92f40b76cd0b1013cc00f823 install : $(TARGET) @@ -86,12 +86,12 @@ $(subst %,%_BLAKE2,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) - $(UPDATE_AUTOMAKE) - cd $(DIR_APP) && sed -i '/sasl_global/s/^static //' lib/client.c - cd $(DIR_APP) && sed -i 's/cat8/man8/' saslauthd/Makefile.am - cd $(DIR_APP) && autoconf -ifeq "$(PASS)" "" + # Fix build with GCC 14 + cd $(DIR_APP) && sed '/saslint/a #include <time.h>' -i lib/saslutil.c + cd $(DIR_APP) && sed '/plugin_common/a #include <time.h>' -i plugins/cram.c + cd $(DIR_APP) && sed '/plugin_common/a #include <time.h>' -i plugins/digestmd5.c + cd $(DIR_APP) && ./configure --prefix=/usr --sysconfdir=/etc \ --with-dbpath=/var/lib/sasl/sasldb2 \ --with-saslauthd=/var/run/saslauthd \ @@ -106,17 +106,5 @@ ifeq "$(PASS)" "" #install initscripts $(call INSTALL_INITSCRIPTS,$(SERVICES)) -else - # WITH LDAP SUPPORT AT THIS TIME - cd $(DIR_APP) && ./configure --prefix=/usr --sysconfdir=/etc \ - --with-dbpath=/var/lib/sasl/sasldb2 \ - --with-saslauthd=/var/run \ - --with-ldap --enable-ldapdb - cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE) - cd $(DIR_APP) && make -C include - cd $(DIR_APP) && make -C sasldb - cd $(DIR_APP) && make -C plugins - cd $(DIR_APP) && libtool --mode=install install plugins/libldapdb.la /usr/lib/sasl2 -endif @rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/lfs/libxslt b/lfs/libxslt index 7100884181..12ee998008 100644 --- a/lfs/libxslt +++ b/lfs/libxslt @@ -24,7 +24,7 @@ include Config -VER = 1.1.37 +VER = 1.1.42 THISAPP = libxslt-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 096d93dd7178bf4483207514b1435f5bf426eea4952ffab7cc00c3e85aa736534c4acb5377af9647aa77a0cd793205194509d997a7bb5cae692f65e326566cd8 +$(DL_FILE)_BLAKE2 = 91b2ca38807ae21b6629b8e19f4ab9d7d19bc0af17f2546e1cf278b2f2fff62b86bbbd996085fff322f3d5ae6c2b20bcfc4e9fb501c301d3fd5d56cf5b205ede install : $(TARGET) diff --git a/lfs/linux-atm b/lfs/linux-atm index c027044ae6..e2bbd06983 100644 --- a/lfs/linux-atm +++ b/lfs/linux-atm @@ -24,7 +24,7 @@ include Config -VER = 2.4.1 +VER = 2.5.2 THISAPP = linux-atm-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -42,7 +42,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = cc3d04d25198a811ebc3c98a28005b1ff62732f59ac1a9979492f5666c0d41dde8545e24b43e17a5b0e7151143802ce7196a2b668b39f59171276b3d53113e0e +$(DL_FILE)_BLAKE2 = 329aad437a1e6a17fd7d7d2b81c976a76c684aaf127006ed3af1e998a0f52df056747cc84fc13c933dc15c07246f1f00e4ff101ac98ef1dd1bea102830a83625 install : $(TARGET) @@ -73,9 +73,11 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) $(UPDATE_AUTOMAKE) - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-atm-2.4.1-gcc-4.patch - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-atm-2.4.1-arpd_includes.patch cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-atm-2.4.1-linux-5.2-SIOCGSTAMP.patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-atm-2.5.2-headers.patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-atm-use_socklen_t.patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-atm-remove-define-hacks.patch + cd $(DIR_APP) && autoreconf -vfi cd $(DIR_APP) && ./configure --prefix=/usr --sysconfdir=/etc --disable-nls cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE) cd $(DIR_APP) && make install diff --git a/lfs/openssl b/lfs/openssl index d6f565df2c..a714d4dcd1 100644 --- a/lfs/openssl +++ b/lfs/openssl @@ -24,7 +24,7 @@ include Config -VER = 3.2.2 +VER = 3.3.0 THISAPP = openssl-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -72,7 +72,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = f42d44f31dc9ccf26ffe1fdd4a0119506a211808f92e860a34118109eae2ee7bcb5b0f43cbdf9eb811cd185cb53e092e62d652f7c0c0ce55b13289f7489073c9 +$(DL_FILE)_BLAKE2 = c68efaf8aca87961f396e305acc767b56d651b9adf4fd2c9d9b5a3266e35da4b856c6ed34be47d656c782aade975f20317a6759913b33d29d7eb088e638fa501 install : $(TARGET) diff --git a/make.sh b/make.sh index 10ec607b16..f5dc2a6491 100755 --- a/make.sh +++ b/make.sh @@ -1793,7 +1793,6 @@ build_system() { lfsmake2 strongswan lfsmake2 rng-tools lfsmake2 lsof - lfsmake2 br2684ctl lfsmake2 lm_sensors lfsmake2 libstatgrab lfsmake2 liboping diff --git a/src/br2684ctl/br2684ctl.c b/src/br2684ctl/br2684ctl.c deleted file mode 100644 index 67734d0b84..0000000000 --- a/src/br2684ctl/br2684ctl.c +++ /dev/null @@ -1,271 +0,0 @@ -#include <stdio.h> -#include <stdlib.h> -#include <unistd.h> -#include <errno.h> -#include <sys/ioctl.h> -#include <string.h> -#include <syslog.h> -#include <atm.h> -#include <linux/atmdev.h> -#include <linux/atmbr2684.h> - -/* Written by Marcell GAL <cell(a)sch.bme.hu> to make use of the */ -/* ioctls defined in the br2684... kernel patch */ -/* Compile with cc -o br2684ctl br2684ctl.c -latm */ - -/* - Modified feb 2001 by Stephen Aaskov (saa(a)lasat.com) - - Added daemonization code - - Added syslog - - TODO: Delete interfaces after exit? -*/ - - -#define LOG_NAME "RFC1483/2684 bridge" -#define LOG_OPTION LOG_PERROR -#define LOG_FACILITY LOG_LOCAL0 - - -int lastsock, lastitf; - - -void fatal(const char *str, int i) -{ - syslog (LOG_ERR,"Fatal: %s",str); - exit(-2); -}; - - -void exitFunc(void) -{ - syslog (LOG_PID,"Daemon terminated\n"); -} - - -int create_pidfile(int num) -{ - FILE *pidfile = NULL; - char name[32]; - - if (num < 0) return -1; - - snprintf(name, 20, "/var/run/nas%d.pid", num); - pidfile = fopen(name, "w"); - if (pidfile == NULL) return -1; - fprintf(pidfile, "%d", getpid()); - fclose(pidfile); - - return 0; -} - -int create_br(char *nstr) -{ - int num, err; - - if(lastsock<0) { - lastsock = socket(PF_ATMPVC, SOCK_DGRAM, ATM_AAL5); - } - if (lastsock<0) { - syslog(LOG_ERR, "socket creation failed: %s",strerror(errno)); - } else { - /* create the device with ioctl: */ - num=atoi(nstr); - if( num>=0 && num<1234567890){ - struct atm_newif_br2684 ni; - ni.backend_num = ATM_BACKEND_BR2684; - ni.media = BR2684_MEDIA_ETHERNET; - ni.mtu = 1500; - sprintf(ni.ifname, "nas%d", num); - err=ioctl (lastsock, ATM_NEWBACKENDIF, &ni); - - if (err == 0) - syslog(LOG_INFO, "Interface \"%s\" created sucessfully\n",ni.ifname); - else - syslog(LOG_INFO, "Interface \"%s\" could not be created, reason: %s\n", - ni.ifname, - strerror(errno)); - lastitf=num; /* even if we didn't create, because existed, assign_vcc wil want to know it! */ - } else { - syslog(LOG_ERR,"err: strange interface number %d", num ); - } - } - return 0; -} - - -int assign_vcc(char *astr, int encap, int bufsize, struct atm_qos qos) -{ - int err; - struct sockaddr_atmpvc addr; - int fd; - struct atm_backend_br2684 be; - - memset(&addr, 0, sizeof(addr)); - err=text2atm(astr,(struct sockaddr *)(&addr), sizeof(addr), T2A_PVC); - if (err!=0) - syslog(LOG_ERR,"Could not parse ATM parameters (error=%d)\n",err); - -#if 0 - addr.sap_family = AF_ATMPVC; - addr.sap_addr.itf = itf; - addr.sap_addr.vpi = 0; - addr.sap_addr.vci = vci; -#endif - syslog(LOG_INFO,"Communicating over ATM %d.%d.%d, encapsulation: %s\n", addr.sap_addr.itf, - addr.sap_addr.vpi, - addr.sap_addr.vci, - encap?"VC mux":"LLC"); - - if ((fd = socket(PF_ATMPVC, SOCK_DGRAM, ATM_AAL5)) < 0) - syslog(LOG_ERR,"failed to create socket %d, reason: %s", errno,strerror(errno)); - - if (qos.aal == 0) { - qos.aal = ATM_AAL5; - qos.txtp.traffic_class = ATM_UBR; - qos.txtp.max_sdu = 1524; - qos.txtp.pcr = ATM_MAX_PCR; - qos.rxtp = qos.txtp; - } - - if ( (err=setsockopt(fd,SOL_SOCKET,SO_SNDBUF, &bufsize ,sizeof(bufsize))) ) - syslog(LOG_ERR,"setsockopt SO_SNDBUF: (%d) %s\n",err, strerror(err)); - - if (setsockopt(fd, SOL_ATM, SO_ATMQOS, &qos, sizeof(qos)) < 0) - syslog(LOG_ERR,"setsockopt SO_ATMQOS %d", errno); - - err = connect(fd, (struct sockaddr*)&addr, sizeof(struct sockaddr_atmpvc)); - - if (err < 0) - fatal("failed to connect on socket", err); - - /* attach the vcc to device: */ - - be.backend_num = ATM_BACKEND_BR2684; - be.ifspec.method = BR2684_FIND_BYIFNAME; - sprintf(be.ifspec.spec.ifname, "nas%d", lastitf); - be.fcs_in = BR2684_FCSIN_NO; - be.fcs_out = BR2684_FCSOUT_NO; - be.fcs_auto = 0; - be.encaps = encap ? BR2684_ENCAPS_VC : BR2684_ENCAPS_LLC; - be.has_vpiid = 0; - be.send_padding = 0; - be.min_size = 0; - err=ioctl (fd, ATM_SETBACKEND, &be); - if (err == 0) - syslog (LOG_INFO,"Interface configured"); - else { - syslog (LOG_ERR,"Could not configure interface:%s",strerror(errno)); - exit(2); - } - return fd ; -} - - -void usage(char *s) -{ - printf("usage: %s [-b] [[-c number] [-e 0|1] [-s sndbuf] [-q qos] [-a [itf.]vpi.vci]*]*\n", s); - exit(1); -} - - - -int main (int argc, char **argv) -{ - int c, background=0, encap=0, sndbuf=8192; - struct atm_qos reqqos; - int itfnum; - lastsock=-1; - lastitf=0; - - /* st qos to 0 */ - memset(&reqqos, 0, sizeof(reqqos)); - - openlog (LOG_NAME,LOG_OPTION,LOG_FACILITY); - if (argc>1) - while ((c = getopt(argc, argv,"q:a:bc:e:s:?h")) !=EOF) - switch (c) { - case 'q': - printf ("optarg : %s",optarg); - if (text2qos(optarg,&reqqos,0)) fprintf(stderr,"QOS parameter invalid\n"); - break; - case 'a': - assign_vcc(optarg, encap, sndbuf, reqqos); - break; - case 'b': - background=1; - break; - case 'c': - create_br(optarg); - itfnum = atoi(optarg); - break; - case 'e': - encap=(atoi(optarg)); - if(encap<0){ - syslog (LOG_ERR, "invalid encapsulation: %s:\n",optarg); - encap=0; - } - break; - case 's': - sndbuf=(atoi(optarg)); - if(sndbuf<0){ - syslog(LOG_ERR, "Invalid sndbuf: %s, using size of 8192 instead\n",optarg); - sndbuf=8192; - } - break; - case '?': - case 'h': - default: - usage(argv[0]); - } - else - usage(argv[0]); - - if (argc != optind) usage(argv[0]); - - if(lastsock>=0) close(lastsock); - - if (background) { - pid_t pid; - - pid=fork(); - if (pid < 0) { - fprintf(stderr,"Error detaching\n"); - exit(2); - } else if (pid) - exit(0); // This is the parent - - // Become a process group and session group leader - if (setsid()<0) { - fprintf (stderr,"Could not set process group\n"); - exit(2); - } - - // Fork again to let process group leader exit - pid = fork(); - if (pid < 0) { - fprintf(stderr,"Error detaching during second fork\n"); - exit(2); - } else if (pid) - exit(0); // This is the parent - - // Now we're ready for buisness - chdir("/"); // Don't keep directories in use - close(0); close(1); close(2); // Close stdin, -out and -error - /* - Note that this implementation does not keep an open - stdout/err. - If we need them they can be opened now - */ - - } - - create_pidfile(itfnum); - - syslog (LOG_INFO, "RFC 1483/2684 bridge daemon started\n"); - atexit (exitFunc); - - while (1) sleep(30); /* to keep the sockets... */ - return 0; -} - diff --git a/src/patches/linux-atm-2.4.1-arpd_includes.patch b/src/patches/linux-atm-2.4.1-arpd_includes.patch deleted file mode 100644 index 1a74ecf81c..0000000000 --- a/src/patches/linux-atm-2.4.1-arpd_includes.patch +++ /dev/null @@ -1,42 +0,0 @@ -Index: linux-atm-2.4.1/src/arpd/arp.c -=================================================================== ---- linux-atm-2.4.1.orig/src/arpd/arp.c 2007-10-20 19:19:10.002198470 +0200 -+++ linux-atm-2.4.1/src/arpd/arp.c 2007-10-20 19:19:19.138719139 +0200 -@@ -15,7 +15,6 @@ - #include <sys/types.h> - #include <sys/socket.h> /* for linux/if_arp.h */ - #include <netinet/in.h> /* for ntohs, etc. */ --#define _LINUX_NETDEVICE_H /* very crude hack for glibc2 */ - #include <linux/if_arp.h> - #include <linux/if_ether.h> - #include <atm.h> -Index: linux-atm-2.4.1/src/arpd/io.c -=================================================================== ---- linux-atm-2.4.1.orig/src/arpd/io.c 2007-10-20 19:19:09.994198016 +0200 -+++ linux-atm-2.4.1/src/arpd/io.c 2007-10-20 19:19:19.154720039 +0200 -@@ -16,12 +16,11 @@ - #include <sys/types.h> - #include <sys/socket.h> - #include <sys/ioctl.h> --#include <net/if.h> -+#include <linux/if.h> - #include <netinet/in.h> - #include <atm.h> - #include <linux/atmclip.h> /* for CLIP_DEFAULT_IDLETIMER */ - #include <linux/atmarp.h> --#define _LINUX_NETDEVICE_H /* glibc2 */ - #include <linux/if_arp.h> - - #include "atmd.h" -Index: linux-atm-2.4.1/src/arpd/itf.c -=================================================================== ---- linux-atm-2.4.1.orig/src/arpd/itf.c 2007-10-20 19:19:10.010198930 +0200 -+++ linux-atm-2.4.1/src/arpd/itf.c 2007-10-20 19:19:19.186721859 +0200 -@@ -12,7 +12,6 @@ - #include <sys/types.h> - #include <linux/atmclip.h> - #include <sys/socket.h> --#define _LINUX_NETDEVICE_H /* glibc2 */ - #include <linux/if_arp.h> - - #include "atmd.h" diff --git a/src/patches/linux-atm-2.4.1-gcc-4.patch b/src/patches/linux-atm-2.4.1-gcc-4.patch deleted file mode 100644 index f6be9d2f60..0000000000 --- a/src/patches/linux-atm-2.4.1-gcc-4.patch +++ /dev/null @@ -1,161 +0,0 @@ -diff -Naur linux-atm-2.4.1-orig/src/ilmid/atmf_uni.c linux-atm-2.4.1/src/ilmid/atmf_uni.c ---- linux-atm-2.4.1-orig/src/ilmid/atmf_uni.c 2001-09-03 19:41:06.000000000 +0100 -+++ linux-atm-2.4.1/src/ilmid/atmf_uni.c 2005-08-13 10:22:44.000000000 +0100 -@@ -187,7 +187,7 @@ - newPrefix->name = alloc_t(AsnOid); - newPrefix->name->octs = alloc(varBindName->octetLen); - AsnOidCopy(newPrefix->name, varBindName); -- Q_INSERT_BEFORE((NetPrefixNode *) var->value, newPrefix, prefix); -+ Q_INSERT_BEFORE((*((NetPrefixNode **)&var->value)), newPrefix, prefix); - if(atmNetPrefix.octs == NULL) - { - atmNetPrefix.octetLen = varBindName->octetLen - NETPREFIX_LEN - 2; -@@ -197,7 +197,7 @@ - } - else if (varbind->value->a.simple->a.number == INVALID && cmp == AsnOidEqual) - { -- Q_REMOVE((NetPrefixNode *) var->value, prefix); -+ Q_REMOVE((*((NetPrefixNode **) &var->value)), prefix); - } - - return NOERROR; -diff -Naur linux-atm-2.4.1-orig/src/lib/sapequal.c linux-atm-2.4.1/src/lib/sapequal.c ---- linux-atm-2.4.1-orig/src/lib/sapequal.c 2001-09-03 19:41:05.000000000 +0100 -+++ linux-atm-2.4.1/src/lib/sapequal.c 2005-02-06 19:24:37.000000000 +0000 -@@ -65,6 +65,7 @@ - CHECK(l2.itu.window,a.l2.itu.window > b.l2.itu.window); - break; - default: -+ ; - } - switch (a.l3_proto) { - case ATM_L3_X25: -@@ -83,6 +84,7 @@ - if (a.l3.user != b.l3.user) return 0; - break; - default: -+ ; - } - return 1; - } -diff -Naur linux-atm-2.4.1-orig/src/maint/atmtcp.c linux-atm-2.4.1/src/maint/atmtcp.c ---- linux-atm-2.4.1-orig/src/maint/atmtcp.c 2001-09-03 19:41:06.000000000 +0100 -+++ linux-atm-2.4.1/src/maint/atmtcp.c 2005-08-13 10:22:44.000000000 +0100 -@@ -60,7 +60,7 @@ - static IN *inputs = NULL; - static fd_set in_set; - static int fds = 0; --static int debug = 0; -+int debug = 0; - static int links = 0; - - -diff -Naur linux-atm-2.4.1-orig/src/maint/enitune.c linux-atm-2.4.1/src/maint/enitune.c ---- linux-atm-2.4.1-orig/src/maint/enitune.c 2001-09-03 19:41:06.000000000 +0100 -+++ linux-atm-2.4.1/src/maint/enitune.c 2005-02-06 19:24:37.000000000 +0000 -@@ -44,6 +44,7 @@ - if (*end || mult.rx <= 100) usage(name); - break; - default: -+ ; - } - if (argc != optind+1) usage(name); - sioc.number = strtol(argv[optind],&end,0); -diff -Naur linux-atm-2.4.1-orig/src/mpoad/p_factory.c linux-atm-2.4.1/src/mpoad/p_factory.c ---- linux-atm-2.4.1-orig/src/mpoad/p_factory.c 2001-09-03 19:41:06.000000000 +0100 -+++ linux-atm-2.4.1/src/mpoad/p_factory.c 2005-08-13 10:22:44.000000000 +0100 -@@ -31,16 +31,17 @@ - * beginning at location "addr". - */ - uint32_t sum = 0; -+ uint16_t *addr16 = addr; - - while( count > 1 ) { - /* This is the inner loop */ -- sum += * ((uint16_t *) addr)++; -+ sum += * addr16++; - count -= 2; - } - - /* Add left-over byte, if any */ - if( count > 0 ) -- sum += * (unsigned char *) addr; -+ sum += * (unsigned char *) addr16; - - /* Fold 32-bit sum to 16 bits */ - while (sum>>16) -diff -Naur linux-atm-2.4.1-orig/src/qgen/qlib.c linux-atm-2.4.1/src/qgen/qlib.c ---- linux-atm-2.4.1-orig/src/qgen/qlib.c 2001-09-03 19:41:05.000000000 +0100 -+++ linux-atm-2.4.1/src/qgen/qlib.c 2005-08-13 10:22:44.000000000 +0100 -@@ -26,8 +26,6 @@ - #include "op.h" - - --static int debug = 0; -- - - void PREFIX(report)(int severity,const char *msg,...) - { -@@ -830,6 +828,8 @@ - - #ifdef STANDALONE - -+int debug = 0; -+ - int main(int argc,const char **argv) - { - unsigned char msg[5000]; /* should be large enough for that */ -diff -Naur linux-atm-2.4.1-orig/src/qgen/qlib.h linux-atm-2.4.1/src/qgen/qlib.h ---- linux-atm-2.4.1-orig/src/qgen/qlib.h 2001-09-03 19:41:05.000000000 +0100 -+++ linux-atm-2.4.1/src/qgen/qlib.h 2005-08-13 10:22:44.000000000 +0100 -@@ -23,7 +23,6 @@ - #define Q_FATAL -1 - - --extern int q_dump; - extern void q_report(int severity,const char *msg,...); - - #ifdef DUMP_MODE -diff -Naur linux-atm-2.4.1-orig/src/sigd/proto.c linux-atm-2.4.1/src/sigd/proto.c ---- linux-atm-2.4.1-orig/src/sigd/proto.c 2001-09-03 19:41:06.000000000 +0100 -+++ linux-atm-2.4.1/src/sigd/proto.c 2005-02-06 19:24:37.000000000 +0000 -@@ -259,6 +259,7 @@ - break; - } - default: -+ ; - } - va_end(ap); - if ((size = q_close(&dsc)) >= 0) to_signaling(sock->sig,q_buffer,size); -@@ -288,6 +289,7 @@ - } - break; - default: -+ ; - } - va_end(ap); - } -diff -Naur linux-atm-2.4.1-orig/src/switch/debug/debug.c linux-atm-2.4.1/src/switch/debug/debug.c ---- linux-atm-2.4.1-orig/src/switch/debug/debug.c 2001-09-03 19:41:06.000000000 +0100 -+++ linux-atm-2.4.1/src/switch/debug/debug.c 2005-08-13 10:22:44.000000000 +0100 -@@ -18,7 +18,7 @@ - #define COMPONENT "FAB(debug)" - - --#define PRV(call) ((FAB *) (call)->fab) -+#define PRV(call) (*((FAB **) &(call)->fab)) - - - typedef struct _fab { -diff -Naur linux-atm-2.4.1-orig/src/switch/tcp/tcpsw.c linux-atm-2.4.1/src/switch/tcp/tcpsw.c ---- linux-atm-2.4.1-orig/src/switch/tcp/tcpsw.c 2001-09-03 19:41:06.000000000 +0100 -+++ linux-atm-2.4.1/src/switch/tcp/tcpsw.c 2005-08-13 10:22:44.000000000 +0100 -@@ -27,7 +27,7 @@ - - #define COMPONENT "FAB(tcp)" - --#define PRV(call) ((FAB *) (call)->fab) -+#define PRV(call) (*((FAB **) &(call)->fab)) - - #define MAX_VCI 1024 - diff --git a/src/patches/linux-atm-2.5.2-headers.patch b/src/patches/linux-atm-2.5.2-headers.patch new file mode 100644 index 0000000000..edfb38d68b --- /dev/null +++ b/src/patches/linux-atm-2.5.2-headers.patch @@ -0,0 +1,30 @@ +--- linux-atm/src/maint/hediag.c.orig ++++ linux-atm/src/maint/hediag.c +@@ -1,5 +1,6 @@ + #include <stdio.h> + #include <stdlib.h> ++#include <string.h> + #include <unistd.h> + #include <sys/ioctl.h> + #include <sys/types.h> +--- linux-atm/src/qgen/ql_y.y ++++ linux-atm/src/qgen/ql_y.y +@@ -17,6 +17,8 @@ + static STRUCTURE *structures = NULL; + static const char *abort_id; /* indicates abort flag */ + ++void yyerror(const char *s); ++int yylex ( void ); + + static NAME_LIST *get_name_list(const char *name) + { +--- linux-atm/src/test/ispl_y.y ++++ linux-atm/src/test/ispl_y.y +@@ -16,6 +16,7 @@ + + static struct atmsvc_msg msg; + ++int yylex ( void ); + + %} + diff --git a/src/patches/linux-atm-remove-define-hacks.patch b/src/patches/linux-atm-remove-define-hacks.patch new file mode 100644 index 0000000000..cfac43c039 --- /dev/null +++ b/src/patches/linux-atm-remove-define-hacks.patch @@ -0,0 +1,22 @@ +diff -up linux-atm-2.5.1/src/arpd/arp.c.ftbfs linux-atm-2.5.1/src/arpd/arp.c +--- linux-atm-2.5.1/src/arpd/arp.c.ftbfs 2007-07-11 11:27:15.000000000 -0400 ++++ linux-atm-2.5.1/src/arpd/arp.c 2019-05-02 20:15:45.497338836 -0400 +@@ -15,7 +15,6 @@ + #include <sys/types.h> + #include <sys/socket.h> /* for linux/if_arp.h */ + #include <netinet/in.h> /* for ntohs, etc. */ +-#define _LINUX_NETDEVICE_H /* very crude hack for glibc2 */ + #include <linux/types.h> + #include <linux/if_arp.h> + #include <linux/if_ether.h> +diff -up linux-atm-2.5.1/src/arpd/itf.c.ftbfs linux-atm-2.5.1/src/arpd/itf.c +--- linux-atm-2.5.1/src/arpd/itf.c.ftbfs 2007-07-11 11:27:15.000000000 -0400 ++++ linux-atm-2.5.1/src/arpd/itf.c 2019-05-02 20:19:08.046499027 -0400 +@@ -12,7 +12,6 @@ + #include <sys/types.h> + #include <linux/atmclip.h> + #include <sys/socket.h> +-#define _LINUX_NETDEVICE_H /* glibc2 */ + #include <linux/types.h> + #include <linux/if_arp.h> + diff --git a/src/patches/linux-atm-use_socklen_t.patch b/src/patches/linux-atm-use_socklen_t.patch new file mode 100644 index 0000000000..cb630dc9f1 --- /dev/null +++ b/src/patches/linux-atm-use_socklen_t.patch @@ -0,0 +1,13 @@ +diff --git a/src/led/conn.c b/src/led/conn.c +index 99da5e4..89639e1 100644 +--- a/src/led/conn.c ++++ b/src/led/conn.c +@@ -405,7 +405,7 @@ Conn_t *accept_conn(Conn_t *conn) + { + Conn_t *new; + struct sockaddr_atmsvc addr; +- size_t len; ++ socklen_t len; + int fd; + char buff[MAX_ATM_ADDR_LEN+1]; + hooks/post-receive -- IPFire 2.x development tree

1 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

IPFire-SCM August 2024