This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, master has been updated via 9ea8de7c39ee35d6fcabc3bfca4a7754344e6610 (commit) via bbbb0b9e01d342a5a5b4db14a37641a427786844 (commit) via ee7944fe32e49c73abcaeb2509c1f1630b645b32 (commit) via 6619aed611693d4bca7c009867c838b2fbaf85ac (commit) via 6d4110d214cd2b7bae59a560f01a3ed3501a98c8 (commit) via 4acb701b84f2f6a950e0d03d8e2234018bacb9df (commit) via 7ec3664c320707b51407fce854e19b6254eb4836 (commit) via d7618ccba8ba312916593e6ebbadee1d90575c0f (commit) via 92a9ce54bc63ebea153fc46365a1aa299856fbbe (commit) via 9e7d4102b84c17e7f743e0c8ce6aae92ae0d53d8 (commit) via 19a417c2a10df279b2aa0e0644838bf892410a07 (commit) via e9062718d1247375422920a7d69ca8fd00b8b949 (commit) via 7a22b050fa84ffef05dff3b145282ecfbfea9734 (commit) from eb9e29f9a742d5472180371b99c2e17b966852f1 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 9ea8de7c39ee35d6fcabc3bfca4a7754344e6610 Author: Peter Müller peter.mueller@ipfire.org Date: Sat Dec 17 14:48:00 2022 +0000
Revert "lsof: Update to version 4.96.4"
This reverts commit 80274cc875304fa2c1e83b9e25ca8cbcb9805e33.
See: #13015 Signed-off-by: Peter Müller peter.mueller@ipfire.org
commit bbbb0b9e01d342a5a5b4db14a37641a427786844 Author: Peter Müller peter.mueller@ipfire.org Date: Sat Dec 17 14:46:32 2022 +0000
backup(.pl): Replace OpenVPN DH parameter with ffdhe4096
This ensures restoring a backup won't silently bring back an insecure Diffie-Hellman parameter (which could also not be inspected through the web interface anymore).
Reported-by: Michael Tremer michael.tremer@ipfire.org Signed-off-by: Peter Müller peter.mueller@ipfire.org
commit ee7944fe32e49c73abcaeb2509c1f1630b645b32 Author: Peter Müller peter.mueller@ipfire.org Date: Sat Dec 17 14:44:49 2022 +0000
Core Updatr 172: Properly replace DH parameter in /var/ipfire/ovpn/n2nconf/*/*.conf
https://lists.ipfire.org/pipermail/development/2022-December/015001.html
Reported-by: Michael Tremer michael.tremer@ipfire.org Signed-off-by: Peter Müller peter.mueller@ipfire.org
commit 6619aed611693d4bca7c009867c838b2fbaf85ac Author: Peter Müller peter.mueller@ipfire.org Date: Tue Dec 13 15:27:30 2022 +0000
Revert "openvpn-authenticator: Avoid infinite loop when losing socket connection"
This reverts commit 92a9ce54bc63ebea153fc46365a1aa299856fbbe.
commit 6d4110d214cd2b7bae59a560f01a3ed3501a98c8 Author: Peter Müller peter.mueller@ipfire.org Date: Tue Dec 13 15:26:45 2022 +0000
Revert "openvpn-authenticator: Break read loop when daemon goes away"
This reverts commit 7ec3664c320707b51407fce854e19b6254eb4836.
commit 4acb701b84f2f6a950e0d03d8e2234018bacb9df Author: Peter Müller peter.mueller@ipfire.org Date: Sun Dec 11 11:57:34 2022 +0000
Tor: Update to 0.4.7.12
Full changelog:
Changes in version 0.4.7.12 - 2022-12-06 This version contains a major change that is a new key for moria1. Also, new metrics are exported on the MetricsPort for the congestion control subsystem.
o Directory authority changes (moria1): - Rotate the relay identity key and v3 identity key for moria1. They have been online for more than a decade and refreshing keys periodically is good practice. Advertise new ports too, to avoid confusion. Closes ticket 40722.
o Minor feature (Congestion control metrics): - Add additional metricsport relay metrics for congestion control. Closes ticket 40724.
o Minor features (fallbackdir): - Regenerate fallback directories generated on December 06, 2022.
o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2022/12/06.
o Minor bugfixes (cpuworker, relay): - Fix an off by one overload calculation on the number of CPUs being used by our thread pool. Fixes bug 40719; bugfix on 0.3.5.1-alpha.
Signed-off-by: Peter Müller peter.mueller@ipfire.org
commit 7ec3664c320707b51407fce854e19b6254eb4836 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Dec 6 10:01:44 2022 +0000
openvpn-authenticator: Break read loop when daemon goes away
Fixes: #12963 Signed-off-by: Michael Tremer michael.tremer@ipfire.org Tested-by: Adolf Belka adolf.belka@ipfire.org
commit d7618ccba8ba312916593e6ebbadee1d90575c0f Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Dec 6 10:01:43 2022 +0000
openvpn-authenticator: Drop some dead code
Signed-off-by: Michael Tremer michael.tremer@ipfire.org Tested-by: Adolf Belka adolf.belka@ipfire.org
commit 92a9ce54bc63ebea153fc46365a1aa299856fbbe Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Dec 6 10:01:42 2022 +0000
openvpn-authenticator: Avoid infinite loop when losing socket connection
This patch will gracefully terminate the daemon when it loses its connection to the OpenVPN daemon.
Fixes: #12963 Signed-off-by: Michael Tremer michael.tremer@ipfire.org Tested-by: Adolf Belka adolf.belka@ipfire.org
commit 9e7d4102b84c17e7f743e0c8ce6aae92ae0d53d8 Author: Adolf Belka adolf.belka@ipfire.org Date: Mon Dec 5 09:40:15 2022 +0100
Language files update:
Signed-off-by: Adolf Belka adolf.belka@ipfire.org
commit 19a417c2a10df279b2aa0e0644838bf892410a07 Author: Adolf Belka adolf.belka@ipfire.org Date: Mon Dec 5 09:40:14 2022 +0100
ovpnmain.cgi: Fix for bug in WUI menu on CU172 Testing
- On CU172 Testing Build: master/eb9e29f9 when selecting the OpenVPN menu it showed the Diffie-Hellman info and pressing back took you to the same DH page. - Tested patch suggestion from Erik on vm testbed and confirmed that it worked.
Suggested-by: Erik Kapfer erik.kapfer@ipfire.org Tested-by: Adolf Belka adolf.belka@ipfire.org Signed-off-by: Adolf Belka adolf.belka@ipfire.org
commit e9062718d1247375422920a7d69ca8fd00b8b949 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Dec 6 10:07:19 2022 +0000
Revert "Core Update 172: Remove powertop add-on, if installed"
This reverts commit d3a4fcc7097a3df6e45f4d2b15960ccb61f0152f.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 7a22b050fa84ffef05dff3b145282ecfbfea9734 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Dec 6 10:05:47 2022 +0000
Revert "Drop powertop"
This reverts commit f7b0247e02ed5af880f03932807d039ef9008d91.
https://community.ipfire.org/t/will-the-powertop-add-on-be-available-in-futu...
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
-----------------------------------------------------------------------
Summary of changes: config/backup/backup.pl | 3 +++ config/ovpn/openvpn-authenticator | 12 ------------ config/rootfiles/core/172/update.sh | 12 +++--------- config/rootfiles/packages/powertop | 23 +++++++++++++++++++++++ doc/language_issues.de | 2 -- doc/language_issues.en | 6 +++--- doc/language_issues.fr | 4 ++-- doc/language_issues.it | 4 ++-- doc/language_issues.nl | 4 ++-- doc/language_issues.pl | 4 ++-- doc/language_issues.ru | 4 ++-- doc/language_issues.tr | 4 ++-- doc/language_missings | 12 ++++++++++++ html/cgi-bin/ovpnmain.cgi | 4 ++-- langs/de/cgi-bin/de.pl | 2 ++ langs/en/cgi-bin/en.pl | 2 ++ lfs/lsof | 10 +++++----- lfs/{spandsp => powertop} | 13 +++++++------ lfs/tor | 6 +++--- make.sh | 1 + 20 files changed, 78 insertions(+), 54 deletions(-) create mode 100644 config/rootfiles/packages/powertop copy lfs/{spandsp => powertop} (90%)
Difference in files: diff --git a/config/backup/backup.pl b/config/backup/backup.pl index 6fd9e45bb..96e794439 100644 --- a/config/backup/backup.pl +++ b/config/backup/backup.pl @@ -184,6 +184,9 @@ restore_backup() { # move nobeeps if exist [ -e "/var/ipfire/ppp/nobeeps" ] && mv /var/ipfire/ppp/nobeeps /var/ipfire/red/nobeeps
+ # Replace previously used OpenVPN Diffie-Hellman parameter by ffdhe4096 + sed -i 's|/var/ipfire/ovpn/ca/dh1024.pem|/etc/ssl/ffdhe4096.pem|' /var/ipfire/ovpn/server.conf /var/ipfire/ovpn/n2nconf/*/*.conf + # Update OpenVPN CRL /etc/fcron.daily/openvpn-crl-updater
diff --git a/config/ovpn/openvpn-authenticator b/config/ovpn/openvpn-authenticator index 65844012b..36374caf8 100644 --- a/config/ovpn/openvpn-authenticator +++ b/config/ovpn/openvpn-authenticator @@ -97,18 +97,6 @@ class OpenVPNAuthenticator(object): # Send the command self._write_line(command)
- return # XXX Code below doesn't work - - # Read response - response = self._read_line() - - # Handle response - if not response.startswith("SUCCESS:"): - log.error("Command '%s' returned an error:" % command) - log.error(" %s" % response) - - return response - def run(self): # Connect to socket self.sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) diff --git a/config/rootfiles/core/172/update.sh b/config/rootfiles/core/172/update.sh index d66156f16..dffe090d8 100644 --- a/config/rootfiles/core/172/update.sh +++ b/config/rootfiles/core/172/update.sh @@ -129,8 +129,8 @@ rm -rvf \ /usr/libexec/ipsec/scepclient \ /var/ipfire/ca/dh1024.pem
-# Remove gnu-netcat and powertop add-on, if installed -for addon in gnu-netcat powertop; do +# Remove gnu-netcat add-on, if installed +for addon in gnu-netcat; do if [ -e "/opt/pakfire/db/installed/meta-${addon}" ]; then for i in $(</opt/pakfire/db/rootfiles/${addon}); do rm -rfv "/${i}" @@ -155,13 +155,7 @@ done chown -Rv root:root /var/ipfire/connscheduler/lib.pl /var/ipfire/updatexlrator/updxlrator-lib.pl /var/ipfire/menu.d/*
# Replace existing OpenVPN Diffie-Hellman parameter by ffdhe4096, as specified in RFC 7919 -if [ -f /var/ipfire/ovpn/server.conf ]; then - sed -i 's|/var/ipfire/ovpn/ca/dh1024.pem|/etc/ssl/ffdhe4096.pem|' /var/ipfire/ovpn/server.conf -fi - -if [ -f "/var/ipfire/ovpn/n2nconf/*/*.conf" ]; then - sed -i 's|/var/ipfire/ovpn/ca/dh1024.pem|/etc/ssl/ffdhe4096.pem|' /var/ipfire/ovpn/n2nconf/*/*.conf -fi +sed -i 's|/var/ipfire/ovpn/ca/dh1024.pem|/etc/ssl/ffdhe4096.pem|' /var/ipfire/ovpn/server.conf /var/ipfire/ovpn/n2nconf/*/*.conf
# Start services if grep -q "ENABLE_IDS=on" /var/ipfire/suricata/settings; then diff --git a/config/rootfiles/packages/powertop b/config/rootfiles/packages/powertop new file mode 100644 index 000000000..3ec61dd8e --- /dev/null +++ b/config/rootfiles/packages/powertop @@ -0,0 +1,23 @@ +usr/sbin/powertop +#usr/share/bash-completion/completions/powertop +#usr/share/locale/ca/LC_MESSAGES/powertop.mo +#usr/share/locale/cs_CZ/LC_MESSAGES/powertop.mo +#usr/share/locale/de_DE +#usr/share/locale/de_DE/LC_MESSAGES +#usr/share/locale/de_DE/LC_MESSAGES/powertop.mo +#usr/share/locale/en_GB/LC_MESSAGES/powertop.mo +#usr/share/locale/en_US/LC_MESSAGES/powertop.mo +#usr/share/locale/es_ES +#usr/share/locale/es_ES/LC_MESSAGES +#usr/share/locale/es_ES/LC_MESSAGES/powertop.mo +#usr/share/locale/hu_HU +#usr/share/locale/hu_HU/LC_MESSAGES +#usr/share/locale/hu_HU/LC_MESSAGES/powertop.mo +#usr/share/locale/id_ID +#usr/share/locale/id_ID/LC_MESSAGES +#usr/share/locale/id_ID/LC_MESSAGES/powertop.mo +#usr/share/locale/nl_NL +#usr/share/locale/nl_NL/LC_MESSAGES +#usr/share/locale/nl_NL/LC_MESSAGES/powertop.mo +#usr/share/locale/zh_TW/LC_MESSAGES/powertop.mo +#usr/share/man/man8/powertop.8 diff --git a/doc/language_issues.de b/doc/language_issues.de index 5cbcb1111..c3db84863 100644 --- a/doc/language_issues.de +++ b/doc/language_issues.de @@ -885,7 +885,6 @@ WARNING: untranslated string: cake profile pppoe-ptm 27 = PPPoE PTM (27 bytes) WARNING: untranslated string: cake profile pppoe-vcmux 32 = PPPoE VC-MUX (32 bytes) WARNING: untranslated string: cake profile raw 0 = Raw (no overhead compensation) WARNING: untranslated string: desired = Desired -WARNING: untranslated string: dh = unknown string WARNING: untranslated string: dh parameter = unknown string WARNING: untranslated string: disable = Disable WARNING: untranslated string: download apple profile = Download Apple Configuration Profile @@ -939,7 +938,6 @@ WARNING: untranslated string: routing config added = unknown string WARNING: untranslated string: routing config changed = unknown string WARNING: untranslated string: samba server role member = Domain Member WARNING: untranslated string: samba server role standalone = Standalone -WARNING: untranslated string: show dh = unknown string WARNING: untranslated string: show tls-auth key = Show tls-auth key WARNING: untranslated string: smb daemon = SMB Daemon WARNING: untranslated string: subscription code = Subscription code diff --git a/doc/language_issues.en b/doc/language_issues.en index c559c62a7..0bf7bf977 100644 --- a/doc/language_issues.en +++ b/doc/language_issues.en @@ -570,7 +570,7 @@ WARNING: untranslated string: detail level = Detail level WARNING: untranslated string: details = Details WARNING: untranslated string: device = Device WARNING: untranslated string: devices on blue = Devices on BLUE -WARNING: untranslated string: dh = unknown string +WARNING: untranslated string: dh = Diffie-Hellman-Parameter WARNING: untranslated string: dh parameter = unknown string WARNING: untranslated string: dhcp advopt add = Add a DHCP option WARNING: untranslated string: dhcp advopt added = DHCP option added @@ -1638,7 +1638,7 @@ WARNING: untranslated string: show ajax speedmeter in footer = Show Ajax speedme WARNING: untranslated string: show ca certificate = Show CA certificate WARNING: untranslated string: show certificate = Show file WARNING: untranslated string: show crl = Show certificate revocation list -WARNING: untranslated string: show dh = unknown string +WARNING: untranslated string: show dh = Show Diffie-Hellman parameters WARNING: untranslated string: show host certificate = Show host certificate WARNING: untranslated string: show otp qrcode = Show OTP QRCode WARNING: untranslated string: show root certificate = Show root certificate @@ -2118,7 +2118,7 @@ WARNING: untranslated string: volup10 = Increase volume by 10 WARNING: untranslated string: volup5 = Increase volume by 5 WARNING: untranslated string: vpi number = VPI number: WARNING: untranslated string: vpn = VPN -WARNING: untranslated string: vpn altname syntax = SubjectAltName is a comma separated list of e-mail, dns, uri, rid and ip objects.<br />email:an email address. Syntax email:copy takes the email field from the cert to be used.<br />DNS:a valid domain name.<br />URI:any valid uri.<br />RID:registered object identifier.<br />IP:an IP address.<br />Note:charset is limited and case is significant.<br />Example:<br /><b>e-mail:</b>ipfire@foo.org<b>,email:</b>copy<b>,DNS:</b>www.ipfire.org<b>,IP:</b>127.0.0.1<b>,URI:</b>http://url/to/something +WARNING: untranslated string: vpn altname syntax = SubjectAltName is a comma separated list of email, dns, uri, rid and ip objects.<br />email:an email address. Syntax email:copy takes the email field from the cert to be used.<br />DNS:a valid domain name.<br />URI:any valid uri.<br />RID:registered object identifier.<br />IP:an IP address.<br />Note:charset is limited and case is significant.<br />Example:<br /><b>email:</b>ipfire@foo.org<b>,email:</b>copy<b>,DNS:</b>www.ipfire.org<b>,IP:</b>127.0.0.1<b>,URI:</b>http://url/to/something WARNING: untranslated string: vpn auth-dn = Peer is identified by either IPV4_ADDR, FQDN, USER_FQDN or DER_ASN1_DN string in remote ID field WARNING: untranslated string: vpn broken = Broken WARNING: untranslated string: vpn connecting = CONNECTING diff --git a/doc/language_issues.fr b/doc/language_issues.fr index 1ad14cd34..1a6a877d7 100644 --- a/doc/language_issues.fr +++ b/doc/language_issues.fr @@ -912,7 +912,7 @@ WARNING: translation string unused: zoneconf val vlan tag range error WARNING: translation string unused: zoneconf val zoneslave amount error WARNING: untranslated string: advproxy errmsg invalid url = Invalid URL WARNING: untranslated string: core notice 3 = available. -WARNING: untranslated string: dh = unknown string +WARNING: untranslated string: dh = Diffie-Hellman-Parameter WARNING: untranslated string: dh parameter = unknown string WARNING: untranslated string: email recipient invalid = Invalid email recipient WARNING: untranslated string: error message = unknown string @@ -954,4 +954,4 @@ WARNING: untranslated string: route config changed = unknown string WARNING: untranslated string: routing config added = unknown string WARNING: untranslated string: routing config changed = unknown string WARNING: untranslated string: service boot setting unavailable = No valid runlevel symlink was found for the initscript of this service. -WARNING: untranslated string: show dh = unknown string +WARNING: untranslated string: show dh = Show Diffie-Hellman parameters diff --git a/doc/language_issues.it b/doc/language_issues.it index c7638dbd6..e0c87ea2c 100644 --- a/doc/language_issues.it +++ b/doc/language_issues.it @@ -941,7 +941,7 @@ WARNING: untranslated string: crypto warning = Cryptographic warning WARNING: untranslated string: dangerous = Dangerous WARNING: untranslated string: default IP address = Default IP Address WARNING: untranslated string: desired = Desired -WARNING: untranslated string: dh = unknown string +WARNING: untranslated string: dh = Diffie-Hellman-Parameter WARNING: untranslated string: dh parameter = unknown string WARNING: untranslated string: dhcp deny known clients: = Deny known clients: WARNING: untranslated string: dhcp dns enable update = Enable DNS Update (RFC2136): @@ -1222,7 +1222,7 @@ WARNING: untranslated string: search = Search WARNING: untranslated string: secret = Secret WARNING: untranslated string: sent = Sent WARNING: untranslated string: service boot setting unavailable = No valid runlevel symlink was found for the initscript of this service. -WARNING: untranslated string: show dh = unknown string +WARNING: untranslated string: show dh = Show Diffie-Hellman parameters WARNING: untranslated string: show otp qrcode = Show OTP QRCode WARNING: untranslated string: smb daemon = SMB Daemon WARNING: untranslated string: smt disabled = Simultaneous Multi-Threading (SMT) is disabled diff --git a/doc/language_issues.nl b/doc/language_issues.nl index 4ef506798..da08fb913 100644 --- a/doc/language_issues.nl +++ b/doc/language_issues.nl @@ -944,7 +944,7 @@ WARNING: untranslated string: dangerous = Dangerous WARNING: untranslated string: default = Default WARNING: untranslated string: default IP address = Default IP Address WARNING: untranslated string: desired = Desired -WARNING: untranslated string: dh = unknown string +WARNING: untranslated string: dh = Diffie-Hellman-Parameter WARNING: untranslated string: dh parameter = unknown string WARNING: untranslated string: dhcp dns enable update = Enable DNS Update (RFC2136): WARNING: untranslated string: dhcp dns key name = Key Name @@ -1243,7 +1243,7 @@ WARNING: untranslated string: samba server role standalone = Standalone WARNING: untranslated string: search = Search WARNING: untranslated string: secret = Secret WARNING: untranslated string: sent = Sent -WARNING: untranslated string: show dh = unknown string +WARNING: untranslated string: show dh = Show Diffie-Hellman parameters WARNING: untranslated string: show otp qrcode = Show OTP QRCode WARNING: untranslated string: show tls-auth key = Show tls-auth key WARNING: untranslated string: smb daemon = SMB Daemon diff --git a/doc/language_issues.pl b/doc/language_issues.pl index ffea51ab3..5de989453 100644 --- a/doc/language_issues.pl +++ b/doc/language_issues.pl @@ -916,7 +916,7 @@ WARNING: untranslated string: default = Default WARNING: untranslated string: default IP address = Default IP Address WARNING: untranslated string: desired = Desired WARNING: untranslated string: details = Details -WARNING: untranslated string: dh = unknown string +WARNING: untranslated string: dh = Diffie-Hellman-Parameter WARNING: untranslated string: dh parameter = unknown string WARNING: untranslated string: dhcp deny known clients: = Deny known clients: WARNING: untranslated string: dhcp dns enable update = Enable DNS Update (RFC2136): @@ -1430,7 +1430,7 @@ WARNING: untranslated string: secret = Secret WARNING: untranslated string: sent = Sent WARNING: untranslated string: server restart = You are not able to save any changes while the OpenVPN server is running. WARNING: untranslated string: service boot setting unavailable = No valid runlevel symlink was found for the initscript of this service. -WARNING: untranslated string: show dh = unknown string +WARNING: untranslated string: show dh = Show Diffie-Hellman parameters WARNING: untranslated string: show otp qrcode = Show OTP QRCode WARNING: untranslated string: show tls-auth key = Show tls-auth key WARNING: untranslated string: smb daemon = SMB Daemon diff --git a/doc/language_issues.ru b/doc/language_issues.ru index 4257c0291..81a492358 100644 --- a/doc/language_issues.ru +++ b/doc/language_issues.ru @@ -912,7 +912,7 @@ WARNING: untranslated string: default = Default WARNING: untranslated string: default IP address = Default IP Address WARNING: untranslated string: desired = Desired WARNING: untranslated string: details = Details -WARNING: untranslated string: dh = unknown string +WARNING: untranslated string: dh = Diffie-Hellman-Parameter WARNING: untranslated string: dh parameter = unknown string WARNING: untranslated string: dhcp deny known clients: = Deny known clients: WARNING: untranslated string: dhcp dns enable update = Enable DNS Update (RFC2136): @@ -1425,7 +1425,7 @@ WARNING: untranslated string: secret = Secret WARNING: untranslated string: sent = Sent WARNING: untranslated string: server restart = You are not able to save any changes while the OpenVPN server is running. WARNING: untranslated string: service boot setting unavailable = No valid runlevel symlink was found for the initscript of this service. -WARNING: untranslated string: show dh = unknown string +WARNING: untranslated string: show dh = Show Diffie-Hellman parameters WARNING: untranslated string: show otp qrcode = Show OTP QRCode WARNING: untranslated string: show tls-auth key = Show tls-auth key WARNING: untranslated string: smb daemon = SMB Daemon diff --git a/doc/language_issues.tr b/doc/language_issues.tr index da7241f22..d1bd0f4e9 100644 --- a/doc/language_issues.tr +++ b/doc/language_issues.tr @@ -927,7 +927,7 @@ WARNING: untranslated string: crypto warning = Cryptographic warning WARNING: untranslated string: dangerous = Dangerous WARNING: untranslated string: default IP address = Default IP Address WARNING: untranslated string: desired = Desired -WARNING: untranslated string: dh = unknown string +WARNING: untranslated string: dh = Diffie-Hellman-Parameter WARNING: untranslated string: dh parameter = unknown string WARNING: untranslated string: dhcp deny known clients: = Deny known clients: WARNING: untranslated string: dhcp make fixed lease = Add to fix leases @@ -1128,7 +1128,7 @@ WARNING: untranslated string: samba server role standalone = Standalone WARNING: untranslated string: secret = Secret WARNING: untranslated string: sent = Sent WARNING: untranslated string: service boot setting unavailable = No valid runlevel symlink was found for the initscript of this service. -WARNING: untranslated string: show dh = unknown string +WARNING: untranslated string: show dh = Show Diffie-Hellman parameters WARNING: untranslated string: show otp qrcode = Show OTP QRCode WARNING: untranslated string: smb daemon = SMB Daemon WARNING: untranslated string: smt disabled = Simultaneous Multi-Threading (SMT) is disabled diff --git a/doc/language_missings b/doc/language_missings index e5fad0a6a..47b314981 100644 --- a/doc/language_missings +++ b/doc/language_missings @@ -110,12 +110,14 @@ < ansi t1.483 < bewan adsl pci st < bewan adsl usb +< dh < email recipient invalid < g.dtm < g.lite < guaranteed bandwidth < retbleed < service boot setting unavailable +< show dh < upload fcdsl.o ############################################################################ # Checking cgi-bin translations for language: it # @@ -231,6 +233,7 @@ < dangerous < default IP address < desired +< dh < dhcp deny known clients: < dhcp dns enable update < dhcp dns key name @@ -499,6 +502,7 @@ < secret < sent < service boot setting unavailable +< show dh < show otp qrcode < smb daemon < smt disabled @@ -731,6 +735,7 @@ < default < default IP address < desired +< dh < dhcp dns enable update < dhcp dns key name < dhcp dns update @@ -1022,6 +1027,7 @@ < search < secret < sent +< show dh < show otp qrcode < show tls-auth key < smb daemon @@ -1322,6 +1328,7 @@ < deprecated fs warn < desired < details +< dh < dhcp deny known clients: < dhcp dns enable update < dhcp dns key name @@ -1889,6 +1896,7 @@ < sent < server restart < service boot setting unavailable +< show dh < show otp qrcode < show tls-auth key < smb daemon @@ -2294,6 +2302,7 @@ < deprecated fs warn < desired < details +< dh < dhcp deny known clients: < dhcp dns enable update < dhcp dns key name @@ -2864,6 +2873,7 @@ < sent < server restart < service boot setting unavailable +< show dh < show otp qrcode < show tls-auth key < smb daemon @@ -3137,6 +3147,7 @@ < dangerous < default IP address < desired +< dh < dhcp deny known clients: < dhcp make fixed lease < dhcp valid range required when deny known clients checked @@ -3314,6 +3325,7 @@ < secret < sent < service boot setting unavailable +< show dh < show otp qrcode < smb daemon < smt disabled diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index dc429d90c..ecfd4fdaf 100644 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -977,7 +977,7 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General print SERVERCONF "ca ${General::swroot}/ovpn/ca/cacert.pem\n"; print SERVERCONF "cert ${General::swroot}/ovpn/certs/servercert.pem\n"; print SERVERCONF "key ${General::swroot}/ovpn/certs/serverkey.pem\n"; - print SERVERCONF "dh ${General::swroot}/ovpn/ca/$cgiparams{'DH_NAME'}\n"; + print SERVERCONF "dh $dhparameter\n"; print SERVERCONF "# Cipher\n"; print SERVERCONF "cipher $cgiparams{'DCIPHER'}\n";
@@ -5700,7 +5700,7 @@ END
print <<END; <tr> - <td class='base' $col3>$Lang::tr{'dh parameter'}</td> + <td class='base' $col3>$Lang::tr{'dh'}</td> <td class='base' $col3>$dhsubject</td> <form method='post' name='frmdhparam'><td width='3%' align='center' $col3> <input type='hidden' name='ACTION' value='$Lang::tr{'show dh'}' /> diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index a52d41531..457a7108c 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -760,6 +760,7 @@ 'details' => 'Mehr', 'device' => 'Gerät', 'devices on blue' => 'Geräte auf BLAU', +'dh' => 'Diffie-Hellman-Parameter', 'dhcp advopt add' => 'DHCP Option hinzufügen', 'dhcp advopt added' => 'DHCP Option hinzugefügt', 'dhcp advopt blank value' => 'Wert für DHCP Option darf nicht leer sein', @@ -2256,6 +2257,7 @@ 'show ca certificate' => 'CA Zertifikat anzeigen', 'show certificate' => 'Datei anzeigen', 'show crl' => 'Certificate Revocation List anzeigen', +'show dh' => 'Diffie-Hellman-Parameter anzeigen', 'show host certificate' => 'Host-Zertifikat anzeigen', 'show last x lines' => 'die letzten x Zeilen anzeigen', 'show otp qrcode' => 'Zeige OTP QRCode', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index bcba77aa4..72cef9a11 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -795,6 +795,7 @@ 'details' => 'Details', 'device' => 'Device', 'devices on blue' => 'Devices on BLUE', +'dh' => 'Diffie-Hellman-Parameter', 'dhcp advopt add' => 'Add a DHCP option', 'dhcp advopt added' => 'DHCP option added', 'dhcp advopt blank value' => 'DHCP Option value cannot be empty.', @@ -2313,6 +2314,7 @@ 'show ca certificate' => 'Show CA certificate', 'show certificate' => 'Show file', 'show crl' => 'Show certificate revocation list', +'show dh' => 'Show Diffie-Hellman parameters', 'show host certificate' => 'Show host certificate', 'show last x lines' => 'Show last x lines', 'show lines' => 'Show lines', diff --git a/lfs/lsof b/lfs/lsof index 055643870..eefaf35f5 100644 --- a/lfs/lsof +++ b/lfs/lsof @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2022 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2018 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,10 +24,10 @@
include Config
-VER = 4.96.4 +VER = 4.95.0.linux
-THISAPP = lsof-$(VER) -DL_FILE = $(THISAPP).tar.gz +THISAPP = lsof_$(VER) +DL_FILE = $(THISAPP).tar.bz2 DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = c420e2f928ffa8148a62298ba7176f860b15f9e78f4c2dc299162614a1d9b94a85c42ee93ef5e92b8a99f1c67e496cf2c848874b844c22c287aab53bfe211c58 +$(DL_FILE)_BLAKE2 = 6a7d6353ec7f0f1e14416bff98867e64009c3f3901110c947f845bb3dcf9af3d40755c7ac6d586412a61778bc8ac355d2388cf2cfa8a975dbf4870c339c75a8c
install : $(TARGET)
diff --git a/lfs/powertop b/lfs/powertop new file mode 100644 index 000000000..c909a73bf --- /dev/null +++ b/lfs/powertop @@ -0,0 +1,90 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007-2018 IPFire Team info@ipfire.org # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see http://www.gnu.org/licenses/. # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +SUMMARY = A Linux Tool to Find out What is Using Power on a Laptop + +VER = 2.14 + +THISAPP = powertop-$(VER) +DL_FILE = $(THISAPP).tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) +PROG = powertop +PAK_VER = 4 + +DEPS = + +SERVICES = + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_BLAKE2 = 5f53f81b01e83004f6436f497818d2a552b5e7ffda5007749aad415773adeab2a256aeffbacbf9e5fe803ff343a0c1954b5264aebdffa841bb70406b8b9611bc + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +b2 : $(subst %,%_BLAKE2,$(objects)) + +dist: + $(PAK) + +############################################################################### +# Downloading, checking, b2sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_BLAKE2,$(objects)) : + @$(B2SUM) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + $(UPDATE_AUTOMAKE) + cd $(DIR_APP) && ./autogen.sh + cd $(DIR_APP) && ./configure --prefix=/usr + cd $(DIR_APP) && make $(MAKETUNING) + cd $(DIR_APP) && make install + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/lfs/tor b/lfs/tor index f31261244..0bbfd3541 100644 --- a/lfs/tor +++ b/lfs/tor @@ -26,7 +26,7 @@ include Config
SUMMARY = Anonymizing overlay network for TCP (The onion router)
-VER = 0.4.7.11 +VER = 0.4.7.12
THISAPP = tor-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = tor -PAK_VER = 73 +PAK_VER = 74
DEPS = libseccomp
@@ -48,7 +48,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 2d743e7d0aea63e76f6e24aa235792af8691fde419f56bbdf8c6ee865250a09ec06454ec84abac8ba47e3d61a363c937fc050376172d3ec6b0815998d1c8679e +$(DL_FILE)_BLAKE2 = 13e9a796d9e5b024aa01b9aaab389b580df41641013721e4c2821cfee4edc6fb562d997be70ecc3908ac5e43187978b1be63f78ac72c73e8ea3617d6b5cf1ea9
install : $(TARGET)
diff --git a/make.sh b/make.sh index 413d04491..7d9a278b5 100755 --- a/make.sh +++ b/make.sh @@ -1593,6 +1593,7 @@ buildipfire() { lfsmake2 zerofree lfsmake2 minicom lfsmake2 ddrescue + lfsmake2 powertop lfsmake2 parted lfsmake2 swig lfsmake2 dtc
hooks/post-receive -- IPFire 2.x development tree