This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, next has been updated via 61681636815f07d657e099636620a5d65cdb3ecc (commit) via 9b3465584083c724df748beb8bf538cd121d2d9c (commit) via 8d25e59811706818350b2084b8e610f9e1447a68 (commit) via 6992457365975db987b56a792d017099b71a995a (commit) via db376b589597d87afa7ab3322468e302316a2559 (commit) via 2fa9dfa8d9a0f15c3a3b9508dadc356a5f9c5024 (commit) via 62e68ad323c51c08d93dc3d1f8ca4cb7e1decb92 (commit) via 942446b553235db212d1dfda63bd9ab52eef4c29 (commit) via 0d1054abc955eb6a0b772fd089d23f8b4af31f9a (commit) via 80dd69380d19e8153a7a56d7b7ca01476f99f69f (commit) via ba50f66da3dd6ef7c28157d662e97df7acba5685 (commit) via b970ae902a2514c14c1569fa5ea81cc7bf5a64a7 (commit) via fa8edb9bd7c2bf275b19f8e8b6be8cf43ae189f0 (commit) via c0fe5ea57925e453a7e733b08f3688554da69367 (commit) via 6408a43c0d809f6ac238110548c703806c20d3b0 (commit) via 6a73c7b94c35026970cce6a603be7e19c51a3811 (commit) via 48aae162c65f508dee4ec2b7ad3c00f5dc5ca2cd (commit) via 159cab272a8e470b6764c680db22e2bc12488a70 (commit) from 44bfc406407fcba783b532ce5e5bcd91092e08d0 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 61681636815f07d657e099636620a5d65cdb3ecc Author: Michael Tremer michael.tremer@ipfire.org Date: Mon Aug 17 15:09:51 2020 +0000
u-boot: Fix build with GCC 10
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 9b3465584083c724df748beb8bf538cd121d2d9c Author: Michael Tremer michael.tremer@ipfire.org Date: Mon Aug 17 15:09:24 2020 +0000
grub: Run autoreconf after applying patches
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 8d25e59811706818350b2084b8e610f9e1447a68 Author: Michael Tremer michael.tremer@ipfire.org Date: Mon Aug 17 10:19:47 2020 +0000
core149: Ship everything that was recently updated
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 6992457365975db987b56a792d017099b71a995a Author: Marcel Follert smooky@v16.de Date: Fri Jul 31 00:22:11 2020 +0200
socat: New package
Signed-off-by: Marcel Follert (Smooky) smooky@v16.de Reviewed-by: Michael Tremer michael.tremer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit db376b589597d87afa7ab3322468e302316a2559 Author: Matthias Fischer matthias.fischer@ipfire.org Date: Sat Aug 15 20:29:27 2020 +0200
iproute2: Update to 5.8.0
For details see: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/log/?h=v5.8.0
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 2fa9dfa8d9a0f15c3a3b9508dadc356a5f9c5024 Author: Matthias Fischer matthias.fischer@ipfire.org Date: Sat Aug 15 20:11:39 2020 +0200
apache: Update to 2.4.46
For details see: https://mirrors.ae-online.de/apache//httpd/CHANGES_2.4.46
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 62e68ad323c51c08d93dc3d1f8ca4cb7e1decb92 Author: Matthias Fischer matthias.fischer@ipfire.org Date: Sat Aug 15 17:43:13 2020 +0200
logrotate: Update to 3.17.0
For details see: https://github.com/logrotate/logrotate/releases/tag/3.17.0
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 942446b553235db212d1dfda63bd9ab52eef4c29 Author: Erik Kapfer ummeegge@ipfire.org Date: Sat Aug 15 17:08:45 2020 +0200
OpenVPN: Add tls-version-min for TLSv1.2
ovpnmain.cgi delivers now 'tls-version-min 1.2' for Roadwarrior and N2N. Since the server needs it only on server side, this patch do not includes it for Roadwarrior clients. N2N do not uses push options therefor this directive will be included on both sides.
To integrate the new directive into actual working OpenVPN server environment, the following commands should be executed via update.sh.
Code block start:
if test -f "/var/ipfire/ovpn/server.conf"; then # Add tls-version-minimum to OpenVPN server if not already there if ! grep -q '^tls-version-min' /var/ipfire/ovpn/server.conf > /dev/null 2>&1; then # Stop server before append the line /usr/local/bin/openvpnctrl -k # Append new directive echo >> "tls-version-min 1.2" /var/ipfire/ovpn/server.conf # Make sure server.conf have the correct permissions to prevent such # --> https://community.ipfire.org/t/unable-to-start-the-openvpn-server/2465/54?u=... # case chown nobody:nobody /var/ipfire/ovpn/server.conf # Start server again /usr/local/bin/openvpnctrl -s fi fi
Code block end
Signed-off-by: Erik Kapfer ummeegge@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 0d1054abc955eb6a0b772fd089d23f8b4af31f9a Author: Erik Kapfer ummeegge@ipfire.org Date: Tue Aug 11 08:15:58 2020 +0000
curl: Update to version 7.71.1
Several bugfixes and vulnerabilities has been fixed since the current available version 7.64.0 .
For a full overview, the changelog is located in here --> https://curl.haxx.se/changes.html, a security problem overview in here --> https://curl.haxx.se/docs/security.html .
Signed-off-by: Erik Kapfer ummeegge@ipfire.org Reviewed-by: Michael Tremer michael.tremer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 80dd69380d19e8153a7a56d7b7ca01476f99f69f Author: Stefan Schantl stefan.schantl@ipfire.org Date: Sat Aug 8 21:20:42 2020 +0200
hyperscan: Update to 5.3.0
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org Reviewed-by: Michael Tremer Michael.tremer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit ba50f66da3dd6ef7c28157d662e97df7acba5685 Author: Erik Kapfer ummeegge@ipfire.org Date: Mon Aug 10 19:12:19 2020 +0200
OpenVPN: max-clients value has been enhanced
The --max-client value has been enhanced from 255 clients to 1024 clients. Error message gives now explanation if the maximum has been reached.
Patch has been triggered by https://community.ipfire.org/t/openvpn-max-vpn-clients-quantity-and-connecti... .
Signed-off-by: Erik Kapfer ummeegge@ipfire.org Reviewed-by: Michael Tremer michael.tremer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit b970ae902a2514c14c1569fa5ea81cc7bf5a64a7 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Aug 5 12:35:20 2020 +0000
haproxy: Update to 2.2.2
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit fa8edb9bd7c2bf275b19f8e8b6be8cf43ae189f0 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Aug 5 12:23:07 2020 +0000
index.cgi: Show a note to people who are running IPFire on i?86
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit c0fe5ea57925e453a7e733b08f3688554da69367 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Aug 5 12:23:06 2020 +0000
index.cgi: Drop Reiser4 warning
We have dropped Reiser4 in 2013. There won't be any systems out there any more running it. We can safely drop this warning.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 6408a43c0d809f6ac238110548c703806c20d3b0 Author: Stephan Feddersen sfeddersen@ipfire.org Date: Tue Aug 4 21:31:15 2020 +0200
WIO. new version
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 6a73c7b94c35026970cce6a603be7e19c51a3811 Author: Stephan Feddersen sfeddersen@ipfire.org Date: Tue Aug 4 21:31:14 2020 +0200
WIO: new french translation
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 48aae162c65f508dee4ec2b7ad3c00f5dc5ca2cd Author: Stephan Feddersen sfeddersen@ipfire.org Date: Tue Aug 4 21:31:13 2020 +0200
WIO: code cleanup
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 159cab272a8e470b6764c680db22e2bc12488a70 Author: Peter Müller peter.mueller@ipfire.org Date: Sat Aug 1 12:13:47 2020 +0000
OpenSSL: remove ciphers without Forward Secrecy from default ciphersuite
Ciphers not supplying (Perfect) Forward Secrecy are considered dangerous since they allow content decryption in retrospect, if an attacker is able to gain access to the servers' private key used for the corresponding TLS session.
Since IPFire machines establish very few TLS connections by themselves, and destinations (IPFire.org infrastructure, mirrors, IPS rule sources, etc.) provide support for Forward Secrecy ciphers - some are even enforcing them -, it is safe to drop support for anything else.
This patch reduces the OpenSSL default cipher list to: TLS_AES_256_GCM_SHA384 TLSv1.3 Kx=any Au=any Enc=AESGCM(256) Mac=AEAD TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any Au=any Enc=CHACHA20/POLY1305(256) Mac=AEAD TLS_AES_128_GCM_SHA256 TLSv1.3 Kx=any Au=any Enc=AESGCM(128) Mac=AEAD ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) Mac=AEAD ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384 ECDHE-ECDSA-CAMELLIA256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=Camellia(256) Mac=SHA384 ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384 ECDHE-RSA-CAMELLIA256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=Camellia(256) Mac=SHA384 ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA256 ECDHE-ECDSA-CAMELLIA128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=Camellia(128) Mac=SHA256 ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256 ECDHE-RSA-CAMELLIA128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=Camellia(128) Mac=SHA256 DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD DHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=DH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(128) Mac=AEAD DHE-RSA-AES256-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(256) Mac=SHA256 DHE-RSA-CAMELLIA256-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=Camellia(256) Mac=SHA256 DHE-RSA-AES128-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(128) Mac=SHA256 DHE-RSA-CAMELLIA128-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=Camellia(128) Mac=SHA256 ECDHE-ECDSA-AES256-SHA TLSv1 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA1 ECDHE-ECDSA-AES128-SHA TLSv1 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA1 ECDHE-RSA-AES256-SHA TLSv1 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA1 ECDHE-RSA-AES128-SHA TLSv1 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA1 DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1 DHE-RSA-CAMELLIA256-SHA SSLv3 Kx=DH Au=RSA Enc=Camellia(256) Mac=SHA1 DHE-RSA-AES128-SHA SSLv3 Kx=DH Au=RSA Enc=AES(128) Mac=SHA1 DHE-RSA-CAMELLIA128-SHA SSLv3 Kx=DH Au=RSA Enc=Camellia(128) Mac=SHA1
Signed-off-by: Peter Müller peter.mueller@ipfire.org Acked-by: Michael Tremer michael.tremer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
-----------------------------------------------------------------------
Summary of changes: config/rootfiles/common/curl | 18 +++++++++++- config/rootfiles/common/i586/hyperscan | 4 +-- config/rootfiles/common/iproute2 | 3 +- config/rootfiles/common/x86_64/hyperscan | 4 +-- .../133 => core/149}/filelists/aarch64/gcc | 0 .../125 => core/149}/filelists/aarch64/glibc | 0 .../147 => core/149}/filelists/aarch64/gmp | 0 .../{oldcore/114 => core/149}/filelists/apache2 | 0 .../100 => core/149}/filelists/armv5tel/gcc | 0 .../100 => core/149}/filelists/armv5tel/glibc | 0 .../101 => core/149}/filelists/armv5tel/gmp | 0 .../{oldcore/104 => core/149}/filelists/curl | 0 config/rootfiles/core/149/filelists/files | 2 ++ .../{oldcore/110 => core/149}/filelists/gnutls | 0 .../{oldcore/111 => core/149}/filelists/gzip | 0 .../{oldcore/100 => core/149}/filelists/i586/gcc | 0 .../{oldcore/100 => core/149}/filelists/i586/glibc | 0 .../{oldcore/101 => core/149}/filelists/i586/gmp | 0 .../133 => core/149}/filelists/i586/hyperscan | 0 .../100 => core/149}/filelists/i586/openssl-sse2 | 0 .../{oldcore/106 => core/149}/filelists/iproute2 | 0 .../{oldcore/112 => core/149}/filelists/kbd | 0 .../{oldcore/148 => core/149}/filelists/libloc | 0 .../{oldcore/111 => core/149}/filelists/logrotate | 0 .../{oldcore/101 => core/149}/filelists/mpfr | 0 .../{oldcore/100 => core/149}/filelists/openssl | 0 .../{oldcore/136 => core/149}/filelists/perl | 0 .../{oldcore/100 => core/149}/filelists/squid | 0 .../{oldcore/106 => core/149}/filelists/strongswan | 0 .../{oldcore/131 => core/149}/filelists/suricata | 0 .../{oldcore/100 => core/149}/filelists/x86_64/gcc | 0 .../100 => core/149}/filelists/x86_64/glibc | 0 .../{oldcore/101 => core/149}/filelists/x86_64/gmp | 0 .../133 => core/149}/filelists/x86_64/hyperscan | 0 .../{oldcore/100 => core/149}/filelists/xz | 0 config/rootfiles/core/149/update.sh | 3 +- config/rootfiles/packages/socat | 4 +++ doc/language_issues.de | 1 + doc/language_issues.en | 2 +- doc/language_issues.es | 2 +- doc/language_issues.fr | 2 ++ doc/language_issues.it | 2 ++ doc/language_issues.nl | 2 ++ doc/language_issues.pl | 2 +- doc/language_issues.ru | 2 +- doc/language_issues.tr | 2 ++ doc/language_missings | 7 +++++ html/cgi-bin/index.cgi | 13 ++++----- html/cgi-bin/ovpnmain.cgi | 10 ++++++- langs/de/cgi-bin/de.pl | 3 +- langs/en/cgi-bin/en.pl | 3 +- langs/es/cgi-bin/es.pl | 2 +- langs/fr/cgi-bin/fr.pl | 2 +- langs/it/cgi-bin/it.pl | 2 +- langs/nl/cgi-bin/nl.pl | 2 +- langs/pl/cgi-bin/pl.pl | 2 +- langs/ru/cgi-bin/ru.pl | 2 +- langs/tr/cgi-bin/tr.pl | 2 +- lfs/apache2 | 4 +-- lfs/curl | 8 +++--- lfs/grub | 1 + lfs/haproxy | 6 ++-- lfs/hyperscan | 4 +-- lfs/iproute2 | 4 +-- lfs/logrotate | 6 ++-- lfs/{libshout => socat} | 16 +++++------ lfs/u-boot-friendlyarm | 2 ++ lfs/wio | 6 ++-- .../openssl-1.1.1d-default-cipherlist.patch | 2 +- src/wio/lang/wio.fr.pl | 32 +++++++++++----------- src/wio/wio.cgi | 9 +++--- 71 files changed, 128 insertions(+), 77 deletions(-) copy config/rootfiles/{oldcore/133 => core/149}/filelists/aarch64/gcc (100%) copy config/rootfiles/{oldcore/125 => core/149}/filelists/aarch64/glibc (100%) copy config/rootfiles/{oldcore/147 => core/149}/filelists/aarch64/gmp (100%) copy config/rootfiles/{oldcore/114 => core/149}/filelists/apache2 (100%) copy config/rootfiles/{oldcore/100 => core/149}/filelists/armv5tel/gcc (100%) copy config/rootfiles/{oldcore/100 => core/149}/filelists/armv5tel/glibc (100%) copy config/rootfiles/{oldcore/101 => core/149}/filelists/armv5tel/gmp (100%) copy config/rootfiles/{oldcore/104 => core/149}/filelists/curl (100%) copy config/rootfiles/{oldcore/110 => core/149}/filelists/gnutls (100%) copy config/rootfiles/{oldcore/111 => core/149}/filelists/gzip (100%) copy config/rootfiles/{oldcore/100 => core/149}/filelists/i586/gcc (100%) copy config/rootfiles/{oldcore/100 => core/149}/filelists/i586/glibc (100%) copy config/rootfiles/{oldcore/101 => core/149}/filelists/i586/gmp (100%) copy config/rootfiles/{oldcore/133 => core/149}/filelists/i586/hyperscan (100%) copy config/rootfiles/{oldcore/100 => core/149}/filelists/i586/openssl-sse2 (100%) copy config/rootfiles/{oldcore/106 => core/149}/filelists/iproute2 (100%) copy config/rootfiles/{oldcore/112 => core/149}/filelists/kbd (100%) copy config/rootfiles/{oldcore/148 => core/149}/filelists/libloc (100%) copy config/rootfiles/{oldcore/111 => core/149}/filelists/logrotate (100%) copy config/rootfiles/{oldcore/101 => core/149}/filelists/mpfr (100%) copy config/rootfiles/{oldcore/100 => core/149}/filelists/openssl (100%) copy config/rootfiles/{oldcore/136 => core/149}/filelists/perl (100%) copy config/rootfiles/{oldcore/100 => core/149}/filelists/squid (100%) copy config/rootfiles/{oldcore/106 => core/149}/filelists/strongswan (100%) copy config/rootfiles/{oldcore/131 => core/149}/filelists/suricata (100%) copy config/rootfiles/{oldcore/100 => core/149}/filelists/x86_64/gcc (100%) copy config/rootfiles/{oldcore/100 => core/149}/filelists/x86_64/glibc (100%) copy config/rootfiles/{oldcore/101 => core/149}/filelists/x86_64/gmp (100%) copy config/rootfiles/{oldcore/133 => core/149}/filelists/x86_64/hyperscan (100%) copy config/rootfiles/{oldcore/100 => core/149}/filelists/xz (100%) create mode 100644 config/rootfiles/packages/socat copy lfs/{libshout => socat} (92%)
Difference in files: diff --git a/config/rootfiles/common/curl b/config/rootfiles/common/curl index 1eb9f6f37..68926a0bb 100644 --- a/config/rootfiles/common/curl +++ b/config/rootfiles/common/curl @@ -13,7 +13,7 @@ usr/bin/curl #usr/lib/libcurl.la #usr/lib/libcurl.so usr/lib/libcurl.so.4 -usr/lib/libcurl.so.4.5.0 +usr/lib/libcurl.so.4.6.0 #usr/lib/pkgconfig/libcurl.pc #usr/share/aclocal/libcurl.m4 #usr/share/man/man1/curl-config.1 @@ -60,6 +60,7 @@ usr/lib/libcurl.so.4.5.0 #usr/share/man/man3/CURLINFO_REDIRECT_URL.3 #usr/share/man/man3/CURLINFO_REQUEST_SIZE.3 #usr/share/man/man3/CURLINFO_RESPONSE_CODE.3 +#usr/share/man/man3/CURLINFO_RETRY_AFTER.3 #usr/share/man/man3/CURLINFO_RTSP_CLIENT_CSEQ.3 #usr/share/man/man3/CURLINFO_RTSP_CSEQ_RECV.3 #usr/share/man/man3/CURLINFO_RTSP_SERVER_CSEQ.3 @@ -84,6 +85,7 @@ usr/lib/libcurl.so.4.5.0 #usr/share/man/man3/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3 #usr/share/man/man3/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3 #usr/share/man/man3/CURLMOPT_MAXCONNECTS.3 +#usr/share/man/man3/CURLMOPT_MAX_CONCURRENT_STREAMS.3 #usr/share/man/man3/CURLMOPT_MAX_HOST_CONNECTIONS.3 #usr/share/man/man3/CURLMOPT_MAX_PIPELINE_LENGTH.3 #usr/share/man/man3/CURLMOPT_MAX_TOTAL_CONNECTIONS.3 @@ -100,6 +102,8 @@ usr/lib/libcurl.so.4.5.0 #usr/share/man/man3/CURLOPT_ACCEPTTIMEOUT_MS.3 #usr/share/man/man3/CURLOPT_ACCEPT_ENCODING.3 #usr/share/man/man3/CURLOPT_ADDRESS_SCOPE.3 +#usr/share/man/man3/CURLOPT_ALTSVC.3 +#usr/share/man/man3/CURLOPT_ALTSVC_CTRL.3 #usr/share/man/man3/CURLOPT_APPEND.3 #usr/share/man/man3/CURLOPT_AUTOREFERER.3 #usr/share/man/man3/CURLOPT_BUFFERSIZE.3 @@ -190,6 +194,7 @@ usr/lib/libcurl.so.4.5.0 #usr/share/man/man3/CURLOPT_IOCTLFUNCTION.3 #usr/share/man/man3/CURLOPT_IPRESOLVE.3 #usr/share/man/man3/CURLOPT_ISSUERCERT.3 +#usr/share/man/man3/CURLOPT_ISSUERCERT_BLOB.3 #usr/share/man/man3/CURLOPT_KEEP_SENDING_ON_ERROR.3 #usr/share/man/man3/CURLOPT_KEYPASSWD.3 #usr/share/man/man3/CURLOPT_KRBLEVEL.3 @@ -201,6 +206,8 @@ usr/lib/libcurl.so.4.5.0 #usr/share/man/man3/CURLOPT_MAIL_AUTH.3 #usr/share/man/man3/CURLOPT_MAIL_FROM.3 #usr/share/man/man3/CURLOPT_MAIL_RCPT.3 +#usr/share/man/man3/CURLOPT_MAIL_RCPT_ALLLOWFAILS.3 +#usr/share/man/man3/CURLOPT_MAXAGE_CONN.3 #usr/share/man/man3/CURLOPT_MAXCONNECTS.3 #usr/share/man/man3/CURLOPT_MAXFILESIZE.3 #usr/share/man/man3/CURLOPT_MAXFILESIZE_LARGE.3 @@ -246,13 +253,17 @@ usr/lib/libcurl.so.4.5.0 #usr/share/man/man3/CURLOPT_PROXY_CAINFO.3 #usr/share/man/man3/CURLOPT_PROXY_CAPATH.3 #usr/share/man/man3/CURLOPT_PROXY_CRLFILE.3 +#usr/share/man/man3/CURLOPT_PROXY_ISSUERCERT.3 +#usr/share/man/man3/CURLOPT_PROXY_ISSUERCERT_BLOB.3 #usr/share/man/man3/CURLOPT_PROXY_KEYPASSWD.3 #usr/share/man/man3/CURLOPT_PROXY_PINNEDPUBLICKEY.3 #usr/share/man/man3/CURLOPT_PROXY_SERVICE_NAME.3 #usr/share/man/man3/CURLOPT_PROXY_SSLCERT.3 #usr/share/man/man3/CURLOPT_PROXY_SSLCERTTYPE.3 +#usr/share/man/man3/CURLOPT_PROXY_SSLCERT_BLOB.3 #usr/share/man/man3/CURLOPT_PROXY_SSLKEY.3 #usr/share/man/man3/CURLOPT_PROXY_SSLKEYTYPE.3 +#usr/share/man/man3/CURLOPT_PROXY_SSLKEY_BLOB.3 #usr/share/man/man3/CURLOPT_PROXY_SSLVERSION.3 #usr/share/man/man3/CURLOPT_PROXY_SSL_CIPHER_LIST.3 #usr/share/man/man3/CURLOPT_PROXY_SSL_OPTIONS.3 @@ -283,6 +294,7 @@ usr/lib/libcurl.so.4.5.0 #usr/share/man/man3/CURLOPT_RTSP_SESSION_ID.3 #usr/share/man/man3/CURLOPT_RTSP_STREAM_URI.3 #usr/share/man/man3/CURLOPT_RTSP_TRANSPORT.3 +#usr/share/man/man3/CURLOPT_SASL_AUTHZID.3 #usr/share/man/man3/CURLOPT_SASL_IR.3 #usr/share/man/man3/CURLOPT_SEEKDATA.3 #usr/share/man/man3/CURLOPT_SEEKFUNCTION.3 @@ -303,10 +315,12 @@ usr/lib/libcurl.so.4.5.0 #usr/share/man/man3/CURLOPT_SSH_PUBLIC_KEYFILE.3 #usr/share/man/man3/CURLOPT_SSLCERT.3 #usr/share/man/man3/CURLOPT_SSLCERTTYPE.3 +#usr/share/man/man3/CURLOPT_SSLCERT_BLOB.3 #usr/share/man/man3/CURLOPT_SSLENGINE.3 #usr/share/man/man3/CURLOPT_SSLENGINE_DEFAULT.3 #usr/share/man/man3/CURLOPT_SSLKEY.3 #usr/share/man/man3/CURLOPT_SSLKEYTYPE.3 +#usr/share/man/man3/CURLOPT_SSLKEY_BLOB.3 #usr/share/man/man3/CURLOPT_SSLVERSION.3 #usr/share/man/man3/CURLOPT_SSL_CIPHER_LIST.3 #usr/share/man/man3/CURLOPT_SSL_CTX_DATA.3 @@ -407,6 +421,7 @@ usr/lib/libcurl.so.4.5.0 #usr/share/man/man3/curl_multi_info_read.3 #usr/share/man/man3/curl_multi_init.3 #usr/share/man/man3/curl_multi_perform.3 +#usr/share/man/man3/curl_multi_poll.3 #usr/share/man/man3/curl_multi_remove_handle.3 #usr/share/man/man3/curl_multi_setopt.3 #usr/share/man/man3/curl_multi_socket.3 @@ -415,6 +430,7 @@ usr/lib/libcurl.so.4.5.0 #usr/share/man/man3/curl_multi_strerror.3 #usr/share/man/man3/curl_multi_timeout.3 #usr/share/man/man3/curl_multi_wait.3 +#usr/share/man/man3/curl_multi_wakeup.3 #usr/share/man/man3/curl_share_cleanup.3 #usr/share/man/man3/curl_share_init.3 #usr/share/man/man3/curl_share_setopt.3 diff --git a/config/rootfiles/common/i586/hyperscan b/config/rootfiles/common/i586/hyperscan index 945c2b68c..a091e22b5 100644 --- a/config/rootfiles/common/i586/hyperscan +++ b/config/rootfiles/common/i586/hyperscan @@ -5,10 +5,10 @@ #usr/include/hs/hs_runtime.h #usr/lib/libhs.so usr/lib/libhs.so.5 -usr/lib/libhs.so.5.2.1 +usr/lib/libhs.so.5.3.0 usr/lib/libhs_runtime.so usr/lib/libhs_runtime.so.5 -usr/lib/libhs_runtime.so.5.2.1 +usr/lib/libhs_runtime.so.5.3.0 #usr/lib/pkgconfig/libhs.pc #usr/share/doc/hyperscan #usr/share/doc/hyperscan/examples diff --git a/config/rootfiles/common/iproute2 b/config/rootfiles/common/iproute2 index e22f1649c..9be1212f6 100644 --- a/config/rootfiles/common/iproute2 +++ b/config/rootfiles/common/iproute2 @@ -63,6 +63,7 @@ usr/share/bash-completion/completions/tc #usr/share/man/man8/ip-macsec.8 #usr/share/man/man8/ip-maddress.8 #usr/share/man/man8/ip-monitor.8 +#usr/share/man/man8/ip-mptcp.8 #usr/share/man/man8/ip-mroute.8 #usr/share/man/man8/ip-neighbour.8 #usr/share/man/man8/ip-netconf.8 @@ -118,6 +119,7 @@ usr/share/bash-completion/completions/tc #usr/share/man/man8/tc-fq_codel.8 #usr/share/man/man8/tc-fq_pie.8 #usr/share/man/man8/tc-fw.8 +#usr/share/man/man8/tc-gate.8 #usr/share/man/man8/tc-hfsc.8 #usr/share/man/man8/tc-htb.8 #usr/share/man/man8/tc-ife.8 @@ -160,4 +162,3 @@ usr/share/bash-completion/completions/tc #usr/share/man/man8/tipc-socket.8 #usr/share/man/man8/tipc.8 #var/lib/arpd - diff --git a/config/rootfiles/common/x86_64/hyperscan b/config/rootfiles/common/x86_64/hyperscan index 945c2b68c..a091e22b5 100644 --- a/config/rootfiles/common/x86_64/hyperscan +++ b/config/rootfiles/common/x86_64/hyperscan @@ -5,10 +5,10 @@ #usr/include/hs/hs_runtime.h #usr/lib/libhs.so usr/lib/libhs.so.5 -usr/lib/libhs.so.5.2.1 +usr/lib/libhs.so.5.3.0 usr/lib/libhs_runtime.so usr/lib/libhs_runtime.so.5 -usr/lib/libhs_runtime.so.5.2.1 +usr/lib/libhs_runtime.so.5.3.0 #usr/lib/pkgconfig/libhs.pc #usr/share/doc/hyperscan #usr/share/doc/hyperscan/examples diff --git a/config/rootfiles/core/149/filelists/aarch64/gcc b/config/rootfiles/core/149/filelists/aarch64/gcc new file mode 120000 index 000000000..97678cc16 --- /dev/null +++ b/config/rootfiles/core/149/filelists/aarch64/gcc @@ -0,0 +1 @@ +../../../../common/aarch64/gcc \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/aarch64/glibc b/config/rootfiles/core/149/filelists/aarch64/glibc new file mode 120000 index 000000000..d13849ff9 --- /dev/null +++ b/config/rootfiles/core/149/filelists/aarch64/glibc @@ -0,0 +1 @@ +../../../../common/aarch64/glibc \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/aarch64/gmp b/config/rootfiles/core/149/filelists/aarch64/gmp new file mode 120000 index 000000000..418f2f98b --- /dev/null +++ b/config/rootfiles/core/149/filelists/aarch64/gmp @@ -0,0 +1 @@ +../../../../common/aarch64/gmp \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/apache2 b/config/rootfiles/core/149/filelists/apache2 new file mode 120000 index 000000000..eef95efa7 --- /dev/null +++ b/config/rootfiles/core/149/filelists/apache2 @@ -0,0 +1 @@ +../../../common/apache2 \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/armv5tel/gcc b/config/rootfiles/core/149/filelists/armv5tel/gcc new file mode 120000 index 000000000..84f7b9344 --- /dev/null +++ b/config/rootfiles/core/149/filelists/armv5tel/gcc @@ -0,0 +1 @@ +../../../../common/armv5tel/gcc \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/armv5tel/glibc b/config/rootfiles/core/149/filelists/armv5tel/glibc new file mode 120000 index 000000000..4c70d724b --- /dev/null +++ b/config/rootfiles/core/149/filelists/armv5tel/glibc @@ -0,0 +1 @@ +../../../../common/armv5tel/glibc \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/armv5tel/gmp b/config/rootfiles/core/149/filelists/armv5tel/gmp new file mode 120000 index 000000000..2bdf30dac --- /dev/null +++ b/config/rootfiles/core/149/filelists/armv5tel/gmp @@ -0,0 +1 @@ +../../../../common/armv5tel/gmp \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/curl b/config/rootfiles/core/149/filelists/curl new file mode 120000 index 000000000..4b84bef53 --- /dev/null +++ b/config/rootfiles/core/149/filelists/curl @@ -0,0 +1 @@ +../../../common/curl \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/files b/config/rootfiles/core/149/filelists/files index 95a56178b..7348df2b6 100644 --- a/config/rootfiles/core/149/filelists/files +++ b/config/rootfiles/core/149/filelists/files @@ -1,6 +1,8 @@ etc/system-release etc/issue srv/web/ipfire/cgi-bin/credits.cgi +srv/web/ipfire/cgi-bin/index.cgi +srv/web/ipfire/cgi-bin/ovpnmain.cgi var/ipfire/langs etc/rc.d/helper/oci-setup etc/rc.d/init.d/cloud-init diff --git a/config/rootfiles/core/149/filelists/gnutls b/config/rootfiles/core/149/filelists/gnutls new file mode 120000 index 000000000..8dbe60bc3 --- /dev/null +++ b/config/rootfiles/core/149/filelists/gnutls @@ -0,0 +1 @@ +../../../common/gnutls \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/gzip b/config/rootfiles/core/149/filelists/gzip new file mode 120000 index 000000000..aebcccd87 --- /dev/null +++ b/config/rootfiles/core/149/filelists/gzip @@ -0,0 +1 @@ +../../../common/gzip \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/i586/gcc b/config/rootfiles/core/149/filelists/i586/gcc new file mode 120000 index 000000000..ba328e3b6 --- /dev/null +++ b/config/rootfiles/core/149/filelists/i586/gcc @@ -0,0 +1 @@ +../../../../common/i586/gcc \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/i586/glibc b/config/rootfiles/core/149/filelists/i586/glibc new file mode 120000 index 000000000..943021f19 --- /dev/null +++ b/config/rootfiles/core/149/filelists/i586/glibc @@ -0,0 +1 @@ +../../../../common/i586/glibc \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/i586/gmp b/config/rootfiles/core/149/filelists/i586/gmp new file mode 120000 index 000000000..52a09cd0b --- /dev/null +++ b/config/rootfiles/core/149/filelists/i586/gmp @@ -0,0 +1 @@ +../../../../common/i586/gmp \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/i586/hyperscan b/config/rootfiles/core/149/filelists/i586/hyperscan new file mode 120000 index 000000000..85730b04f --- /dev/null +++ b/config/rootfiles/core/149/filelists/i586/hyperscan @@ -0,0 +1 @@ +../../../../common/i586/hyperscan \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/i586/openssl-sse2 b/config/rootfiles/core/149/filelists/i586/openssl-sse2 new file mode 120000 index 000000000..f424713d6 --- /dev/null +++ b/config/rootfiles/core/149/filelists/i586/openssl-sse2 @@ -0,0 +1 @@ +../../../../common/i586/openssl-sse2 \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/iproute2 b/config/rootfiles/core/149/filelists/iproute2 new file mode 120000 index 000000000..05f0f71fb --- /dev/null +++ b/config/rootfiles/core/149/filelists/iproute2 @@ -0,0 +1 @@ +../../../common/iproute2 \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/kbd b/config/rootfiles/core/149/filelists/kbd new file mode 120000 index 000000000..9b85839b1 --- /dev/null +++ b/config/rootfiles/core/149/filelists/kbd @@ -0,0 +1 @@ +../../../common/kbd \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/libloc b/config/rootfiles/core/149/filelists/libloc new file mode 120000 index 000000000..ff4a92429 --- /dev/null +++ b/config/rootfiles/core/149/filelists/libloc @@ -0,0 +1 @@ +../../../common/libloc \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/logrotate b/config/rootfiles/core/149/filelists/logrotate new file mode 120000 index 000000000..bc192c05d --- /dev/null +++ b/config/rootfiles/core/149/filelists/logrotate @@ -0,0 +1 @@ +../../../common/logrotate \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/mpfr b/config/rootfiles/core/149/filelists/mpfr new file mode 120000 index 000000000..c8468bf42 --- /dev/null +++ b/config/rootfiles/core/149/filelists/mpfr @@ -0,0 +1 @@ +../../../common/mpfr \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/openssl b/config/rootfiles/core/149/filelists/openssl new file mode 120000 index 000000000..e011a9266 --- /dev/null +++ b/config/rootfiles/core/149/filelists/openssl @@ -0,0 +1 @@ +../../../common/openssl \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/perl b/config/rootfiles/core/149/filelists/perl new file mode 120000 index 000000000..478292aa5 --- /dev/null +++ b/config/rootfiles/core/149/filelists/perl @@ -0,0 +1 @@ +../../../common/perl \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/squid b/config/rootfiles/core/149/filelists/squid new file mode 120000 index 000000000..2dc8372a0 --- /dev/null +++ b/config/rootfiles/core/149/filelists/squid @@ -0,0 +1 @@ +../../../common/squid \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/strongswan b/config/rootfiles/core/149/filelists/strongswan new file mode 120000 index 000000000..90c727e26 --- /dev/null +++ b/config/rootfiles/core/149/filelists/strongswan @@ -0,0 +1 @@ +../../../common/strongswan \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/suricata b/config/rootfiles/core/149/filelists/suricata new file mode 120000 index 000000000..f671f6993 --- /dev/null +++ b/config/rootfiles/core/149/filelists/suricata @@ -0,0 +1 @@ +../../../common/suricata \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/x86_64/gcc b/config/rootfiles/core/149/filelists/x86_64/gcc new file mode 120000 index 000000000..d1616d377 --- /dev/null +++ b/config/rootfiles/core/149/filelists/x86_64/gcc @@ -0,0 +1 @@ +../../../../common/x86_64/gcc \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/x86_64/glibc b/config/rootfiles/core/149/filelists/x86_64/glibc new file mode 120000 index 000000000..111909966 --- /dev/null +++ b/config/rootfiles/core/149/filelists/x86_64/glibc @@ -0,0 +1 @@ +../../../../common/x86_64/glibc \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/x86_64/gmp b/config/rootfiles/core/149/filelists/x86_64/gmp new file mode 120000 index 000000000..7c59c60c6 --- /dev/null +++ b/config/rootfiles/core/149/filelists/x86_64/gmp @@ -0,0 +1 @@ +../../../../common/x86_64/gmp \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/x86_64/hyperscan b/config/rootfiles/core/149/filelists/x86_64/hyperscan new file mode 120000 index 000000000..ee1858dca --- /dev/null +++ b/config/rootfiles/core/149/filelists/x86_64/hyperscan @@ -0,0 +1 @@ +../../../../common/x86_64/hyperscan \ No newline at end of file diff --git a/config/rootfiles/core/149/filelists/xz b/config/rootfiles/core/149/filelists/xz new file mode 120000 index 000000000..734e926c7 --- /dev/null +++ b/config/rootfiles/core/149/filelists/xz @@ -0,0 +1 @@ +../../../common/xz \ No newline at end of file diff --git a/config/rootfiles/core/149/update.sh b/config/rootfiles/core/149/update.sh index d7067a4cc..6db2e9a02 100644 --- a/config/rootfiles/core/149/update.sh +++ b/config/rootfiles/core/149/update.sh @@ -49,6 +49,7 @@ ldconfig /usr/local/bin/filesystem-cleanup
# Start services +/etc/init.d/apache2 restart
# Update crontab sed -i /var/spool/cron/root.orig \ @@ -63,7 +64,7 @@ if [ -e /boot/grub/grub.cfg ]; then fi
# This update needs a reboot... -#touch /var/run/need_reboot +touch /var/run/need_reboot
# Finish /etc/init.d/fireinfo start diff --git a/config/rootfiles/packages/socat b/config/rootfiles/packages/socat new file mode 100644 index 000000000..6a984e892 --- /dev/null +++ b/config/rootfiles/packages/socat @@ -0,0 +1,4 @@ +usr/bin/filan +usr/bin/procan +usr/bin/socat +#usr/share/man/man1/socat.1 diff --git a/doc/language_issues.de b/doc/language_issues.de index df5df895e..f2a7ba8ae 100644 --- a/doc/language_issues.de +++ b/doc/language_issues.de @@ -180,6 +180,7 @@ WARNING: translation string unused: default networks WARNING: translation string unused: default services WARNING: translation string unused: defaultwarning WARNING: translation string unused: delete cron +WARNING: translation string unused: deprecated fs warn WARNING: translation string unused: description WARNING: translation string unused: destination ip bad WARNING: translation string unused: destination ip or net diff --git a/doc/language_issues.en b/doc/language_issues.en index 6417d5382..40cba2292 100644 --- a/doc/language_issues.en +++ b/doc/language_issues.en @@ -551,7 +551,6 @@ WARNING: untranslated string: delete pc = Delete workstation WARNING: untranslated string: delete share = Delete share WARNING: untranslated string: delete user = Delete user WARNING: untranslated string: demon login script = Demon login script -WARNING: untranslated string: deprecated fs warn = Deprecated filesystem! Newer kernel drop the support. Backup and reformat! WARNING: untranslated string: dest ip and port = Dest. IP: Port WARNING: untranslated string: destination = Destination WARNING: untranslated string: destination ip = Destination IP @@ -1183,6 +1182,7 @@ WARNING: untranslated string: last = Last WARNING: untranslated string: last activity = Last Activity WARNING: untranslated string: lease expires = Lease expires WARNING: untranslated string: least preferred = least preferred +WARNING: untranslated string: legacy architecture warning = You are running IPFire on a legacy architecture and it is recommended to upgrade WARNING: untranslated string: legend = Legend WARNING: untranslated string: lifetime = Lifetime: WARNING: untranslated string: linkq = Link Quality diff --git a/doc/language_issues.es b/doc/language_issues.es index 475db4953..f7431f692 100644 --- a/doc/language_issues.es +++ b/doc/language_issues.es @@ -804,7 +804,6 @@ WARNING: untranslated string: dangerous = Dangerous WARNING: untranslated string: dead peer detection = Dead Peer Detection WARNING: untranslated string: default = Default WARNING: untranslated string: default IP address = Default IP Address -WARNING: untranslated string: deprecated fs warn = Deprecated filesystem! Newer kernel drop the support. Backup and reformat! WARNING: untranslated string: details = Details WARNING: untranslated string: dh = Diffie-Hellman parameters WARNING: untranslated string: dh key move failed = Diffie-Hellman parameters move failed. @@ -1155,6 +1154,7 @@ WARNING: untranslated string: ipsec settings = IPsec Settings WARNING: untranslated string: itlb multihit = iTLB MultiHit WARNING: untranslated string: last = Last WARNING: untranslated string: least preferred = least preferred +WARNING: untranslated string: legacy architecture warning = You are running IPFire on a legacy architecture and it is recommended to upgrade WARNING: untranslated string: lifetime = Lifetime: WARNING: untranslated string: local ip address = Local IP Address WARNING: untranslated string: log server protocol = protocol: diff --git a/doc/language_issues.fr b/doc/language_issues.fr index 9470597af..597883693 100644 --- a/doc/language_issues.fr +++ b/doc/language_issues.fr @@ -203,6 +203,7 @@ WARNING: translation string unused: default networks WARNING: translation string unused: default services WARNING: translation string unused: defaultwarning WARNING: translation string unused: delete cron +WARNING: translation string unused: deprecated fs warn WARNING: translation string unused: description WARNING: translation string unused: destination ip bad WARNING: translation string unused: destination ip or net @@ -837,6 +838,7 @@ WARNING: untranslated string: guardian logtarget_file = unknown string WARNING: untranslated string: guardian logtarget_syslog = unknown string WARNING: untranslated string: guardian no entries = unknown string WARNING: untranslated string: guardian service = unknown string +WARNING: untranslated string: legacy architecture warning = You are running IPFire on a legacy architecture and it is recommended to upgrade WARNING: untranslated string: pakfire ago = ago. WARNING: untranslated string: route config changed = unknown string WARNING: untranslated string: routing config added = unknown string diff --git a/doc/language_issues.it b/doc/language_issues.it index 93e4b097f..c943da739 100644 --- a/doc/language_issues.it +++ b/doc/language_issues.it @@ -178,6 +178,7 @@ WARNING: translation string unused: default networks WARNING: translation string unused: default services WARNING: translation string unused: defaultwarning WARNING: translation string unused: delete cron +WARNING: translation string unused: deprecated fs warn WARNING: translation string unused: description WARNING: translation string unused: destination ip bad WARNING: translation string unused: destination ip or net @@ -982,6 +983,7 @@ WARNING: untranslated string: ipsec mode tunnel = Tunnel WARNING: untranslated string: ipsec routing table entries = IPsec Routing Table Entries WARNING: untranslated string: ipsec settings = IPsec Settings WARNING: untranslated string: itlb multihit = iTLB MultiHit +WARNING: untranslated string: legacy architecture warning = You are running IPFire on a legacy architecture and it is recommended to upgrade WARNING: untranslated string: local ip address = Local IP Address WARNING: untranslated string: location = Location WARNING: untranslated string: locationblock = Location Block diff --git a/doc/language_issues.nl b/doc/language_issues.nl index ad76bf228..7496d647c 100644 --- a/doc/language_issues.nl +++ b/doc/language_issues.nl @@ -177,6 +177,7 @@ WARNING: translation string unused: default networks WARNING: translation string unused: default services WARNING: translation string unused: defaultwarning WARNING: translation string unused: delete cron +WARNING: translation string unused: deprecated fs warn WARNING: translation string unused: description WARNING: translation string unused: destination ip bad WARNING: translation string unused: destination ip or net @@ -991,6 +992,7 @@ WARNING: untranslated string: ipsec mode tunnel = Tunnel WARNING: untranslated string: ipsec routing table entries = IPsec Routing Table Entries WARNING: untranslated string: ipsec settings = IPsec Settings WARNING: untranslated string: itlb multihit = iTLB MultiHit +WARNING: untranslated string: legacy architecture warning = You are running IPFire on a legacy architecture and it is recommended to upgrade WARNING: untranslated string: local ip address = Local IP Address WARNING: untranslated string: location = Location WARNING: untranslated string: locationblock = Location Block diff --git a/doc/language_issues.pl b/doc/language_issues.pl index 475db4953..f7431f692 100644 --- a/doc/language_issues.pl +++ b/doc/language_issues.pl @@ -804,7 +804,6 @@ WARNING: untranslated string: dangerous = Dangerous WARNING: untranslated string: dead peer detection = Dead Peer Detection WARNING: untranslated string: default = Default WARNING: untranslated string: default IP address = Default IP Address -WARNING: untranslated string: deprecated fs warn = Deprecated filesystem! Newer kernel drop the support. Backup and reformat! WARNING: untranslated string: details = Details WARNING: untranslated string: dh = Diffie-Hellman parameters WARNING: untranslated string: dh key move failed = Diffie-Hellman parameters move failed. @@ -1155,6 +1154,7 @@ WARNING: untranslated string: ipsec settings = IPsec Settings WARNING: untranslated string: itlb multihit = iTLB MultiHit WARNING: untranslated string: last = Last WARNING: untranslated string: least preferred = least preferred +WARNING: untranslated string: legacy architecture warning = You are running IPFire on a legacy architecture and it is recommended to upgrade WARNING: untranslated string: lifetime = Lifetime: WARNING: untranslated string: local ip address = Local IP Address WARNING: untranslated string: log server protocol = protocol: diff --git a/doc/language_issues.ru b/doc/language_issues.ru index f99fd4d9a..a3eb33669 100644 --- a/doc/language_issues.ru +++ b/doc/language_issues.ru @@ -807,7 +807,6 @@ WARNING: untranslated string: dangerous = Dangerous WARNING: untranslated string: dead peer detection = Dead Peer Detection WARNING: untranslated string: default = Default WARNING: untranslated string: default IP address = Default IP Address -WARNING: untranslated string: deprecated fs warn = Deprecated filesystem! Newer kernel drop the support. Backup and reformat! WARNING: untranslated string: details = Details WARNING: untranslated string: dh = Diffie-Hellman parameters WARNING: untranslated string: dh key move failed = Diffie-Hellman parameters move failed. @@ -1150,6 +1149,7 @@ WARNING: untranslated string: ipsec settings = IPsec Settings WARNING: untranslated string: itlb multihit = iTLB MultiHit WARNING: untranslated string: last = Last WARNING: untranslated string: least preferred = least preferred +WARNING: untranslated string: legacy architecture warning = You are running IPFire on a legacy architecture and it is recommended to upgrade WARNING: untranslated string: lifetime = Lifetime: WARNING: untranslated string: local ip address = Local IP Address WARNING: untranslated string: location = Location diff --git a/doc/language_issues.tr b/doc/language_issues.tr index b6e3426f3..60a646e5f 100644 --- a/doc/language_issues.tr +++ b/doc/language_issues.tr @@ -200,6 +200,7 @@ WARNING: translation string unused: default networks WARNING: translation string unused: default services WARNING: translation string unused: defaultwarning WARNING: translation string unused: delete cron +WARNING: translation string unused: deprecated fs warn WARNING: translation string unused: description WARNING: translation string unused: destination ip bad WARNING: translation string unused: destination ip or net @@ -915,6 +916,7 @@ WARNING: untranslated string: ipsec mode tunnel = Tunnel WARNING: untranslated string: ipsec routing table entries = IPsec Routing Table Entries WARNING: untranslated string: ipsec settings = IPsec Settings WARNING: untranslated string: itlb multihit = iTLB MultiHit +WARNING: untranslated string: legacy architecture warning = You are running IPFire on a legacy architecture and it is recommended to upgrade WARNING: untranslated string: local ip address = Local IP Address WARNING: untranslated string: meltdown = Meltdown WARNING: untranslated string: mitigated = Mitigated diff --git a/doc/language_missings b/doc/language_missings index 913970113..3fbaad77b 100644 --- a/doc/language_missings +++ b/doc/language_missings @@ -575,6 +575,7 @@ < itlb multihit < last < least preferred +< legacy architecture warning < lifetime < local ip address < log server protocol @@ -921,6 +922,7 @@ < bewan adsl usb < g.dtm < g.lite +< legacy architecture warning < upload fcdsl.o ############################################################################ # Checking cgi-bin translations for language: it # @@ -1127,6 +1129,7 @@ < ipsec routing table entries < ipsec settings < itlb multihit +< legacy architecture warning < local ip address < location < locationblock @@ -1501,6 +1504,7 @@ < ipsec routing table entries < ipsec settings < itlb multihit +< legacy architecture warning < local ip address < location < locationblock @@ -2200,6 +2204,7 @@ < itlb multihit < last < least preferred +< legacy architecture warning < lifetime < local ip address < location @@ -3056,6 +3061,7 @@ < itlb multihit < last < least preferred +< legacy architecture warning < lifetime < local ip address < location @@ -3474,6 +3480,7 @@ < ipsec routing table entries < ipsec settings < itlb multihit +< legacy architecture warning < local ip address < meltdown < mitigated diff --git a/html/cgi-bin/index.cgi b/html/cgi-bin/index.cgi index bd6a02ef5..8e7207d0c 100644 --- a/html/cgi-bin/index.cgi +++ b/html/cgi-bin/index.cgi @@ -545,6 +545,12 @@ if ( ! -e "/var/ipfire/main/send_profile") { $warnmessage .= "<li><a style='color: white;' href='fireinfo.cgi'>$Lang::tr{'fireinfo please enable'}</a></li>"; }
+# Legacy architecture +my ($sysname, $nodename, $release, $version, $machine) = &POSIX::uname(); +if ($machine =~ m/^i?86$/) { + $warnmessage .= "<li>$Lang::tr{'legacy architecture warning'}</li>"; +} + # Memory usage warning my @free = `/usr/bin/free`; $free[1] =~ m/(\d+)/; @@ -593,13 +599,6 @@ foreach my $file (@files) { } }
-# Reiser4 warning -my @files = `mount | grep " reiser4 (" 2>/dev/null`; -foreach my $disk (@files) { - chomp ($disk); - $warnmessage .= "<li>$disk - $Lang::tr{'deprecated fs warn'}</li>"; -} - if ($warnmessage) { &Header::openbox('100%','center', ); print "<table class='tbl' style='width:80%;'>"; diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index 457ebcf1f..e7bc505e7 100644 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -333,6 +333,8 @@ sub writeserverconf { print CONF "ncp-disable\n"; print CONF "cipher $sovpnsettings{DCIPHER}\n"; print CONF "auth $sovpnsettings{'DAUTH'}\n"; + # Set TLSv2 as minimum + print CONF "tls-version-min 1.2\n";
if ($sovpnsettings{'TLSAUTH'} eq 'on') { print CONF "tls-auth ${General::swroot}/ovpn/certs/ta.key\n"; @@ -890,7 +892,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save-adv-options'}) { undef $vpnsettings{'ROUTES_PUSH'}; &write_routepushfile; } - if ((length($cgiparams{'MAX_CLIENTS'}) == 0) || (($cgiparams{'MAX_CLIENTS'}) < 1 ) || (($cgiparams{'MAX_CLIENTS'}) > 255 )) { + if ((length($cgiparams{'MAX_CLIENTS'}) == 0) || (($cgiparams{'MAX_CLIENTS'}) < 1 ) || (($cgiparams{'MAX_CLIENTS'}) > 1024 )) { $errormessage = $Lang::tr{'invalid input for max clients'}; goto ADV_ERROR; } @@ -996,6 +998,9 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General print SERVERCONF "auth $cgiparams{'DAUTH'}\n"; }
+ # Set TLSv1.2 as minimum + print SERVERCONF "tls-version-min 1.2\n"; + if ($cgiparams{'COMPLZO'} eq 'on') { print SERVERCONF "# Enable Compression\n"; print SERVERCONF "comp-lzo\n"; @@ -1098,6 +1103,9 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General print CLIENTCONF "auth $cgiparams{'DAUTH'}\n"; }
+ # Set TLSv1.2 as minimum + print CLIENTCONF "tls-version-min 1.2\n"; + if ($cgiparams{'COMPLZO'} eq 'on') { print CLIENTCONF "# Enable Compression\n"; print CLIENTCONF "comp-lzo\n"; diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index f73b373b8..ef4e4e6c8 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -1457,7 +1457,7 @@ 'invalid input for keepalive 1:2' => 'Ungültige Eingabe für Keepalive (mindestens ein Verhältnis von 1:2)', 'invalid input for keepalive 2' => 'Ungültige Eingabe für Keepalive ping-restart', 'invalid input for local ip address' => 'Ungültige Eingabe für die lokale IP-Adresse', -'invalid input for max clients' => 'Ungültige Eingabe für Max Clients', +'invalid input for max clients' => 'Ungültige Eingabe für Max Clients. Das Maximum von 1024 Clients wurde überschritten', 'invalid input for mode' => 'Ungültige Eingabe des Modus', 'invalid input for name' => 'Ungültige Eingabe für vollen Namen des Benutzers oder des System Hostnamens', 'invalid input for oink code' => 'Ungültige Eingabe für Oink Code', @@ -1549,6 +1549,7 @@ 'lateprompting' => 'Late prompting', 'lease expires' => 'Zuordnung verfällt', 'least preferred' => 'weniger präferiert', +'legacy architecture warning' => 'Sie betreiben IPFire auf einer überholten Architektur und ein Update ist empfohlen', 'legend' => 'Legende', 'length' => 'Länge', 'lifetime' => 'Lebensdauer:', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index 7e3bbec89..0b1b304a9 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -1481,7 +1481,7 @@ 'invalid input for keepalive 1:2' => 'Invalid input for Keepalive use at least a ratio of 1:2', 'invalid input for keepalive 2' => 'Invalid input for Keepalive ping-restart', 'invalid input for local ip address' => 'Invalid input for local IP address', -'invalid input for max clients' => 'Invalid input for Max Clients', +'invalid input for max clients' => 'Invalid input for Max Clients. The maximum of 1024 clients has been exceeded', 'invalid input for mode' => 'Invalid input for mode', 'invalid input for name' => 'Invalid input for user's full name or system hostname', 'invalid input for oink code' => 'Invalid input for Oink code', @@ -1573,6 +1573,7 @@ 'lateprompting' => 'Lateprompting', 'lease expires' => 'Lease expires', 'least preferred' => 'least preferred', +'legacy architecture warning' => 'You are running IPFire on a legacy architecture and it is recommended to upgrade', 'legend' => 'Legend', 'length' => 'Length', 'lifetime' => 'Lifetime:', diff --git a/langs/es/cgi-bin/es.pl b/langs/es/cgi-bin/es.pl index c75a47324..8a611e181 100644 --- a/langs/es/cgi-bin/es.pl +++ b/langs/es/cgi-bin/es.pl @@ -980,7 +980,7 @@ 'invalid input for keepalive 1' => 'Entrada no válida para ping Keepalive', 'invalid input for keepalive 1:2' => 'Entrada no válida para Keepalive, use por lo menos una relación 1:2', 'invalid input for keepalive 2' => 'Entrada no válida para reinicio de ping Keepalive', -'invalid input for max clients' => 'Entrada no válida para Máximo número de Clientes', +'invalid input for max clients' => 'Entrada no válida para Máximo número de Clientes. Se superó el máximo de 1024 clientes.', 'invalid input for name' => 'Entrada no válida para nombre completo de usuario o nombre de host del sistema', 'invalid input for oink code' => 'Entrada no válida para código Oink', 'invalid input for organization' => 'Entrada no válida para organización', diff --git a/langs/fr/cgi-bin/fr.pl b/langs/fr/cgi-bin/fr.pl index d9930230f..fc19257bf 100644 --- a/langs/fr/cgi-bin/fr.pl +++ b/langs/fr/cgi-bin/fr.pl @@ -1487,7 +1487,7 @@ 'invalid input for keepalive 1:2' => 'Keepalive non valide, utilisez au minimum un ratio de 1:2', 'invalid input for keepalive 2' => 'Redémarrage ping keepalive non valide', 'invalid input for local ip address' => 'Entrée non valide pour l'adresse IP locale', -'invalid input for max clients' => 'Nombre de clients maximum non valide', +'invalid input for max clients' => 'Nombre de clients maximum non valide. Le maximum de 1024 clients a été dépassé.', 'invalid input for mode' => 'Entrée non valide pour le mode', 'invalid input for name' => 'Mauvaise saisie pour le nom d'utilisateur ou le nom d'hôte du système', 'invalid input for oink code' => 'Oink code non valide', diff --git a/langs/it/cgi-bin/it.pl b/langs/it/cgi-bin/it.pl index 6c9137c28..fa4591b67 100644 --- a/langs/it/cgi-bin/it.pl +++ b/langs/it/cgi-bin/it.pl @@ -1298,7 +1298,7 @@ 'invalid input for keepalive 1' => 'Invalid input for Keepalive ping', 'invalid input for keepalive 1:2' => 'Invalid input for Keepalive use at least a ratio of 1:2', 'invalid input for keepalive 2' => 'Invalid input for Keepalive ping-restart', -'invalid input for max clients' => 'Invalid input for Max Clients', +'invalid input for max clients' => 'Invalid input for Max Clients. È stato superato il massimo di 1024 client.', 'invalid input for name' => 'Invalid input for user's full name or system hostname', 'invalid input for oink code' => 'Invalid input for Oink code', 'invalid input for organization' => 'Invalid input for organization', diff --git a/langs/nl/cgi-bin/nl.pl b/langs/nl/cgi-bin/nl.pl index 5fa89b1ac..4be11d5c1 100644 --- a/langs/nl/cgi-bin/nl.pl +++ b/langs/nl/cgi-bin/nl.pl @@ -1277,7 +1277,7 @@ 'invalid input for keepalive 1' => ' Ongeldige invoer voor keepalive ping', 'invalid input for keepalive 1:2' => ' Ongeldige invoer voor keepalive gebruik tenminste een ratio van 1:2', 'invalid input for keepalive 2' => ' Ongeldige invoer voor keepalive ping-herstart', -'invalid input for max clients' => ' Ongeldige invoer voor max. clients', +'invalid input for max clients' => ' Ongeldige invoer voor max. clients. Het maximum van 1024 clients is overschreden.', 'invalid input for name' => ' Ongeldige invoer voor gebruikersnaam of systeemhostnaam', 'invalid input for oink code' => ' Ongeldige invoer voor Oink code', 'invalid input for organization' => ' Ongeldige invoer voor organisatie', diff --git a/langs/pl/cgi-bin/pl.pl b/langs/pl/cgi-bin/pl.pl index 521381af2..e77120273 100644 --- a/langs/pl/cgi-bin/pl.pl +++ b/langs/pl/cgi-bin/pl.pl @@ -989,7 +989,7 @@ 'invalid input for keepalive 1' => 'Niepoprawna wartość w polu Keepalive ping', 'invalid input for keepalive 1:2' => 'Niepoprawna wartość w polu Keepalive. Używaj min. współczynnika 1:2', 'invalid input for keepalive 2' => 'Niepoprawna wartość w polu Keepalive ping-restart', -'invalid input for max clients' => 'Niepoprawna wartość w polu Max Klientów', +'invalid input for max clients' => 'Niepoprawna wartość w polu Max Klientów. Przekroczono maksymalną liczbę 1024 klientów.', 'invalid input for name' => 'Niepoprawna wartość w polu pełna nazwa użytkownika lub nazwa hosta systemu', 'invalid input for oink code' => 'Niepoprawny OINKCODE', 'invalid input for organization' => 'Niepoprawna wartość w polu organizacja', diff --git a/langs/ru/cgi-bin/ru.pl b/langs/ru/cgi-bin/ru.pl index 9ac46d459..29e6b5f93 100644 --- a/langs/ru/cgi-bin/ru.pl +++ b/langs/ru/cgi-bin/ru.pl @@ -982,7 +982,7 @@ 'invalid input for keepalive 1' => 'Неверно указан Keepalive ping.', 'invalid input for keepalive 1:2' => 'Invalid input for Keepalive use at least a ratio of 1:2.', 'invalid input for keepalive 2' => 'Неверно указан Keepalive ping-restart.', -'invalid input for max clients' => 'Неверно указано максимальное число клиентов.', +'invalid input for max clients' => 'Неверно указано максимальное число клиентов. Превышено максимально 1024 клиентов.', 'invalid input for name' => 'Неверно указано полное имя пользователя или системное имя хоста.', 'invalid input for oink code' => 'Неверно указан Oink code', 'invalid input for organization' => 'Неверно указана организация', diff --git a/langs/tr/cgi-bin/tr.pl b/langs/tr/cgi-bin/tr.pl index c23ff5df6..ea2047609 100644 --- a/langs/tr/cgi-bin/tr.pl +++ b/langs/tr/cgi-bin/tr.pl @@ -1415,7 +1415,7 @@ 'invalid input for keepalive 1' => 'Ping komutunu canlı tutma için geçersiz giriş.', 'invalid input for keepalive 1:2' => '1:2 oranında, en az bir oranı canlı tutma kullanım için geçersiz giriş', 'invalid input for keepalive 2' => 'Ping komutunu yeniden başlatmada canlı tutmak için geçersiz giriş.', -'invalid input for max clients' => 'En fazla istemci için geçersiz giriş.', +'invalid input for max clients' => 'En fazla istemci için geçersiz giriş. Maksimum 1024 müşteri aşıldı.', 'invalid input for name' => 'Kullanıcının tam adı veya sistem ana bilgisayar adı için geçersiz giriş', 'invalid input for oink code' => 'Oink kodu için geçersiz giriş.', 'invalid input for organization' => 'Kuruluş için geçersiz giriş.', diff --git a/lfs/apache2 b/lfs/apache2 index d82932f4b..772ac6018 100644 --- a/lfs/apache2 +++ b/lfs/apache2 @@ -25,7 +25,7 @@
include Config
-VER = 2.4.43 +VER = 2.4.46
THISAPP = httpd-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -45,7 +45,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 791c986b1e70fe61eb44060aacc89a64 +$(DL_FILE)_MD5 = 7d661ea5e736dac5e2761d9f49fe8361
install : $(TARGET)
diff --git a/lfs/curl b/lfs/curl index e57bbbf45..34dfe90e8 100644 --- a/lfs/curl +++ b/lfs/curl @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2018 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2020 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,10 +24,10 @@
include Config
-VER = 7.64.0 +VER = 7.71.1
THISAPP = curl-$(VER) -DL_FILE = $(THISAPP).tar.gz +DL_FILE = $(THISAPP).tar.xz DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = a026740d599a32bcbbe6e70679397899 +$(DL_FILE)_MD5 = b54b386057846ce3edd3584b19741569
install : $(TARGET)
diff --git a/lfs/grub b/lfs/grub index ac6de68a4..811c2f745 100644 --- a/lfs/grub +++ b/lfs/grub @@ -100,6 +100,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/grub/grub-2.04-BootHole.patch cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/grub-2.02_disable_vga_fallback.patch + cd $(DIR_APP) && autoreconf -vfi
# Install unifont cp -v $(DIR_DL)/unifont-7.0.03.pcf.gz $(DIR_APP)/unifont.pcf.gz diff --git a/lfs/haproxy b/lfs/haproxy index bc5ef8021..ce44f8154 100644 --- a/lfs/haproxy +++ b/lfs/haproxy @@ -24,7 +24,7 @@
include Config
-VER = 2.1.7 +VER = 2.2.2
THISAPP = haproxy-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = haproxy -PAK_VER = 15 +PAK_VER = 16
DEPS =
@@ -48,7 +48,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = f0ddf67e2be18cfe1b996f9914cfa67e +$(DL_FILE)_MD5 = dfef423ff9f191c401d6b29e7eb9d6e2
install : $(TARGET)
diff --git a/lfs/hyperscan b/lfs/hyperscan index b63c6ecbe..96979c718 100644 --- a/lfs/hyperscan +++ b/lfs/hyperscan @@ -24,7 +24,7 @@
include Config
-VER = 5.2.1 +VER = 5.3.0
THISAPP = hyperscan-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -46,7 +46,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = e722ec217282d38b1457cc751f0a4bb6 +$(DL_FILE)_MD5 = 6acab4b242dd81b3cede211d4a9e7101
install : $(TARGET)
diff --git a/lfs/iproute2 b/lfs/iproute2 index f07a125cf..53fd4a59e 100644 --- a/lfs/iproute2 +++ b/lfs/iproute2 @@ -24,7 +24,7 @@
include Config
-VER = 5.7.0 +VER = 5.8.0
THISAPP = iproute2-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = da22ab8562eda56ae232872fa72e4870 +$(DL_FILE)_MD5 = e2016acc07d91b2508916c459a8435af
install : $(TARGET)
diff --git a/lfs/logrotate b/lfs/logrotate index d23a6f80d..45a0d47e2 100644 --- a/lfs/logrotate +++ b/lfs/logrotate @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2019 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2020 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 3.15.1 +VER = 3.17.0
THISAPP = logrotate-$(VER) DL_FILE = logrotate-$(VER).tar.gz @@ -42,7 +42,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 629cb3b933a281f25741e385bc030203 +$(DL_FILE)_MD5 = 6bd4d3102ae9c86d37e46ca93bcffa66
install : $(TARGET)
diff --git a/lfs/socat b/lfs/socat new file mode 100644 index 000000000..7b001e9d1 --- /dev/null +++ b/lfs/socat @@ -0,0 +1,85 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007-2020 IPFire Team info@ipfire.org # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see http://www.gnu.org/licenses/. # +# # +############################################################################### + + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 1.7.3.4 + +THISAPP = socat-$(VER) +DL_FILE = $(THISAPP).tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) +PROG = socat +PAK_VER = 1 + +DEPS = + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = c9e71d0136c88a01d6fd30a13a3936ed + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +dist: + @$(PAK) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar xzf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && ./configure --prefix=/usr + cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE) + cd $(DIR_APP) && make install + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/lfs/u-boot-friendlyarm b/lfs/u-boot-friendlyarm index 5945ef6c5..b4a925961 100644 --- a/lfs/u-boot-friendlyarm +++ b/lfs/u-boot-friendlyarm @@ -33,6 +33,8 @@ DIR_APP = $(DIR_SRC)/u-boot-$(VER)* TARGET = $(DIR_INFO)/$(THISAPP) SUP_ARCH = armv5tel
+CFLAGS += -fcommon + ############################################################################### # Top-level Rules ############################################################################### diff --git a/lfs/wio b/lfs/wio index 29581dca6..e0dd53689 100644 --- a/lfs/wio +++ b/lfs/wio @@ -1,6 +1,6 @@ ############################################################################### -# IPFire.org - An Open Source Firewall Solution # -# Copyright (C) 2007-2020 IPFire Team info@ipfire.org # +# IPFire.org - An Open Source Firewall Solution # +# Copyright (C) 2007-2020 IPFire Team info@ipfire.org # ###############################################################################
############################################################################### @@ -15,7 +15,7 @@ THISAPP = wio-$(VER) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = wio -PAK_VER = 9 +PAK_VER = 10
############################################################################### # Top-level Rules diff --git a/src/patches/openssl-1.1.1d-default-cipherlist.patch b/src/patches/openssl-1.1.1d-default-cipherlist.patch index 5ad7829e7..a3a48933e 100644 --- a/src/patches/openssl-1.1.1d-default-cipherlist.patch +++ b/src/patches/openssl-1.1.1d-default-cipherlist.patch @@ -5,7 +5,7 @@ * This applies to ciphersuites for TLSv1.2 and below. */ -# define SSL_DEFAULT_CIPHER_LIST "ALL:!COMPLEMENTOFDEFAULT:!eNULL" -+# define SSL_DEFAULT_CIPHER_LIST "HIGH:+aRSA:+SHA384:+SHA256:+DH:+SHA:+kRSA:!eNULL:!aNULL:!PSK:!SRP:!AESCCM:!DSS" ++# define SSL_DEFAULT_CIPHER_LIST "HIGH:+aRSA:+SHA384:+SHA256:+DH:+SHA:!kRSA:!eNULL:!aNULL:!PSK:!SRP:!AESCCM:!DSS" /* This is the default set of TLSv1.3 ciphersuites */ # if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) # define TLS_DEFAULT_CIPHERSUITES "TLS_AES_256_GCM_SHA384:" \ diff --git a/src/wio/lang/wio.fr.pl b/src/wio/lang/wio.fr.pl index 9e8bdbc22..4085fa092 100644 --- a/src/wio/lang/wio.fr.pl +++ b/src/wio/lang/wio.fr.pl @@ -24,8 +24,8 @@ 'wio cron' => 'Interval de temps pour la mise à jour :', 'wio_ovpn_cron' => 'Interval de temps pour vérifier l'état d'OpenVPN RW et IPsec :', 'wio_save' => 'Sauvegarder', -'wio_error' => 'message d'erreur :', -'wio_info' => 'message :', +'wio_error' => 'Message d'erreur :', +'wio_info' => 'Message d'info :', 'wio_back' => 'Retour', 'wio_use' => 'Importer cette config ?', 'wio_ip_error' => 'Adresse IP invalide.', @@ -38,30 +38,30 @@ 'wio_import_leases' => 'Import settings :', 'wio network' => 'Réseau', 'wio_refresh' => 'maj de tous les clients maintenant', -'wio_fqdn_error' => 'Nom de domaine (FQDN) invalide ! Veuillez ne pas utiliser de caractères spéciaux ni de blancs dans le nom de domaine.', +'wio_fqdn_error' => 'Nom de domaine (FQDN) invalide ! Veuillez ne pas utiliser de caractères spéciaux ou d'espace dans le nom de domaine.', 'wio_edit' => 'Modifier les paramètres :', 'wio_dyndns' => 'DynDNS ', 'wio_dyndns_hosts' => 'Nom(s) DynDNS', 'wio_dyndns_refresh' => 'Mise à jour IP de l'hôte DynDNS', -'wio_dyndns_on' => 'DynDNS Host activé (cliquer pour désactiver)', +'wio_dyndns_on' => 'Hôte DynDNS activé (cliquer pour désactiver)', 'wio_dyndns_off' => 'Hôte DynDNS désactivé (cliquer pour activer)', 'wio_dyndns_info' => 'Aucune adresse IP enregistrée, car apparemment aucune connexion n’existe sur Internet. Avec la prochaine connexion Internet est réalisée une actualisation de l'IP des hôtes DynDNS.', 'wio_no_csv' => 'Le fichier n'a pas l'extension .csv', -'wio_no_csv_error' => 'Veuillez ne pas utiliser de caractères spéciaux ou vides dans le nom de fichier.', +'wio_no_csv_error' => 'Veuillez ne pas utiliser de caractères spéciaux ou d'espace dans le nom de fichier.', 'wio_no_file_selected' => 'Aucun fichier choisi !', 'wio_import_infos' => 'Importer les configurations :', -'wio_import_infos_csv' => 'NOTE : Seuls les enregistrements de données marqués "Importer ces paramètres ?" sont considérés comme importants ! Si des enregistrements de données avec une double adresse IP ou des noms d'hôte doivent se faire, seul le premier enregistrement de données sera importé et les autres enregistrements de données (avec les adresses IP ou noms d'hôte doubles) ne seront pas pris en compte !', +'wio_import_infos_csv' => 'NOTE : Seuls les enregistrements de données marqués "Importer cette config ?" seront traités ! Si des enregistrements de données avec une double adresse IP ou plusieurs noms d'hôte sont présents, seul le premier sera importé et les autres (avec les adresses IP ou noms d'hôte doubles) ne seront pas pris en compte !', 'enable disable dyndns' => 'Activer ou désactiver l'hôte DynDNS', 'wio_msg' => 'L'état du ou des clients examinés est mis à jour...', -'wio_lanname' => 'Nom LAN', -'wio_wanname' => 'Nom WAN', +'wio_lanname' => 'Nom d'hôte LAN', +'wio_wanname' => 'Nom d'hôte WAN', 'wio_sc_refresh' => 'Mettre à jour le client maintenant', 'wio_edit_settings' => 'Ajout manuel d'un client :', -'wio_edit_client' => 'Edition client :', +'wio_edit_client' => 'Modification du client :', 'wio_graphs' => 'Afficher le graphique', 'wio_no_graphs' => 'Pas de graphique disponible', 'wio_graphs_stat' => 'Graphique pour', -'wio_vpn_con' => 'Connexion(s) IPsec :', +'wio_vpn_con' => 'Connexion(s) VPN :', 'wio_wan_con' => 'Connexion WAN :', 'wio_clients' => 'Clients :', 'wio click to disable' => 'Activé', @@ -84,7 +84,7 @@ 'wio_wan_down' => 'NON CONNECTE', 'wio_n2n' => 'Connexion site-à-site', 'wio_rw' => 'Connexion client nomade', -'wio_mailremark_enabled' => 'Ajouter une remarque du client au corps de l'email ?', +'wio_mailremark_enabled' => 'Ajouter la remarque du client au corps de l'email ?', 'wio_mail_online_on' => 'Email en ligne activé (cliquer pour désactiver)', 'wio_mail_online_off' => 'Email en ligne désactivé (cliquer pour activer)', 'wio_mail_offline_on' => 'Email hors ligne activé (cliquer pour désactiver)', @@ -138,18 +138,18 @@ 'wio_msg_blue' => 'bleu', 'wio_msg_red' => 'rouge', 'wio_msg_orange' => 'orange', -'wio_msg_center' => 'l'interface', +'wio_msg_center' => 'sur son interface', 'wio_msg_right' => 'est en cours.', 'wio_msg_hint' => 'Un moment SVP...', 'wio_last_update' => 'Dernière mise à jour', -'wio_disable_hint' => 'Attention ! Tous les paramètres vont être réinitialisés , y compris le client à vérifier !', -'wio_clientremark' => 'Afficher la remarque ?', +'wio_disable_hint' => 'Attention ! Tous les paramètres vont être réinitialisés, y compris le client à vérifier !', +'wio_clientremark' => 'Afficher les remarques ?', 'wio_already_running' => 'Cette vérification est déjà en cours d'exécution !', -'wio_error_function' => 'Cette fonction est temporairement indisponible, car en arrière-plan les états du client sont mis à jour (actif / inactif).', +'wio_error_function' => 'Cette action est temporairement indisponible, car les statuts des clients sont actuellement mis à jour en arrière-plan (actif / inactif).', 'wio_unknown_lan' => 'INCONNU', 'wio_red_lan' => 'ROUGE', 'wio_search' => 'Recherche d'hôtes actifs sur le réseau local...', -'wio_answer' => 'Answer', +'wio_answer' => 'Réponse', 'wio_answer_time' => 'Temps de réponse', 'wio_scriptruntime' => 'Temps d'exécution du script', 'wio_show_table_off' => 'Cacher la table', diff --git a/src/wio/wio.cgi b/src/wio/wio.cgi index a92a44473..a5d3d149e 100644 --- a/src/wio/wio.cgi +++ b/src/wio/wio.cgi @@ -21,7 +21,7 @@ # # ############################################################################### # -# Version: 2020/06/01 13:29:23 +# Version: 2020/08/04 21:12:23 # # This wio.cgi is based on the code from the IPCop WIO Addon # and is extremly adapted to work with IPFire. @@ -1152,7 +1152,7 @@ close (FILE);
foreach (@ddns) { chomp; - + @temp = split (/,/, $_);
if ( $temp[7] eq "on" ) { @@ -1161,7 +1161,7 @@ close (FILE); else { $bgcolor = "blue"; } - + print"<font color='$bgcolor'>$temp[1].$temp[2]</font>"; if ( $iddyndns++ ne (@ddns-1) ) { print"<br />\n"; } } @@ -1334,7 +1334,7 @@ foreach $key (keys %ovpnconfighash) { if (-e "/var/run/$ovpnconfighash{$key}[1]n2n.pid") { my ( @output, @tustate ) = ''; my $tport = $ovpnconfighash{$key}[22]; - my $tnet = new Net::Telnet ( Timeout=>5, Errmode=>'return', Port=>$tport); + my $tnet = new Net::Telnet ( Timeout=>5, Errmode=>'return', Port=>$tport); if ($tport ne '') { $tnet->open('127.0.0.1'); @output = $tnet->cmd(String => 'state', Prompt => '/(END.*\n|ERROR:.*\n)/'); @@ -1535,7 +1535,6 @@ my $dotip = length($ipaddresses[$a]) - rindex($ipaddresses[$a],'.'); } else { print"<td align='center' height='20'><img src='$imgstatic/$devs_img[$in]' alt='$Lang::tr{$devs_alt[$in]}' title='$Lang::tr{$devs_alt[$in]}' /></td>"; - } last SWITCH; }
hooks/post-receive -- IPFire 2.x development tree