This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, next has been updated via d701756a83e3fcf2fda0b85accc601b9799f7a0a (commit) via eb2cf5d0f3971431d60c0d2e8b5807f8f112a983 (commit) via 0562cdb360b28802427fc9f51d2e467788222109 (commit) via f6557ced12d4e6137c8d2fa6d1a376aefb2a0052 (commit) via 7d425e7cfa9767fedc460cf5e452a736163e738a (commit) via 211b6bc16e3d1c383e63835572c21d8f7ed63822 (commit) via 02037c964fade3d58b0e4d9a05d3034955e8f5bc (commit) via 6f20cb9688535efaf22cc490ffdcbed99088e67a (commit) via 35b8dc552ddf08bd3d2290621076e323859b23cd (commit) via 8468f164abec32309e7c09bf044face0a153c56a (commit) via 34866cace5ffbd587bab91a00d763fa18853746b (commit) via 6ae847429ed258ce3f7f50317bec3d4ed3efe6cc (commit) via 84e4274e59912b854363597c97602432a9a5f615 (commit) via 248902f8c9a9ea1a8b549aff87344e024e1a1d8d (commit) via 1a886f57d865e6cb568bb6bfe3e043cdd7c2dd0f (commit) via 36f253d2911c56715b435acee2c14dd14a7cc828 (commit) via 81790c8a002363bd4bddf46c3621e051c549f702 (commit) via 1a79ef8e43a4e406a79344341055dd9fa79ce57d (commit) via f0c39f17390ce71960cf3c6fb06498a20634b263 (commit) via 7908de2a952edc91b1effa6245dbb6dc80b7dafc (commit) via 5cef36ccb14424270a451c11d235ece4dc3be946 (commit) via b37678e92231a7497820b2f39f040cccacfd808e (commit) via 241bf919fc2d056124c1082a0488bfa4c3fe8298 (commit) from d0a16dba2835fc1c27c1d12765d7461a9d48c04c (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit d701756a83e3fcf2fda0b85accc601b9799f7a0a Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Jan 6 17:27:36 2021 +0000
make.sh: Build gettext earlier
msgmerge is needed by attr
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit eb2cf5d0f3971431d60c0d2e8b5807f8f112a983 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Jan 6 15:33:36 2021 +0000
core154: Ship ddns.cgi
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 0562cdb360b28802427fc9f51d2e467788222109 Author: Stefan Schantl stefan.schantl@ipfire.org Date: Wed Jan 6 15:18:27 2021 +0100
ddns.cgi: Make dealing with auth tokens more user-friendly.
If a provider supports authentication with a token, now the username and password fileds will be swapped by some Java Script code in favour of an input field for the token.
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit f6557ced12d4e6137c8d2fa6d1a376aefb2a0052 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Jan 6 15:32:41 2021 +0000
core154: Ship ddns
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 7d425e7cfa9767fedc460cf5e452a736163e738a Author: Stefan Schantl stefan.schantl@ipfire.org Date: Wed Jan 6 15:16:41 2021 +0100
ddns: Add latest upstream patches.
* Add patch to support listing of token providers. * Add fix to proper encode python string.
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 211b6bc16e3d1c383e63835572c21d8f7ed63822 Author: Jonatan Schlag jonatan.schlag@ipfire.org Date: Wed Jan 6 10:16:49 2021 +0000
unbound: keep probing when servers are down
Till now when a server was in the "blocking regime" there was one probe made every 15 min, to see if this server is up again. In situations where all servers where down (e.g. because of a massive package loss) it could take up to 15 min to have a working dns again.
This patch changes this behaviour in a way that a server marked down is probed every 2 min.
Fixes: #12557
Signed-off-by: Jonatan Schlag jonatan.schlag@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 02037c964fade3d58b0e4d9a05d3034955e8f5bc Author: Adolf Belka ahb.ipfire@gmail.com Date: Tue Jan 5 15:20:57 2021 +0100
sshfs: Update to 3.7.1
- Update sshfs from 2.2 to 3.7.1 - Changelog is available at https://github.com/libfuse/sshfs/releases - Build had to be changed from autotools to meson/ninja - Change in rootfiles
Signed-off-by: Adolf Belka ahb.ipfire@gmail.com Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 6f20cb9688535efaf22cc490ffdcbed99088e67a Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Jan 6 15:21:32 2021 +0000
core154: Ship fuse
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 35b8dc552ddf08bd3d2290621076e323859b23cd Author: Adolf Belka ahb.ipfire@gmail.com Date: Tue Jan 5 15:21:19 2021 +0100
fuse: Update to 3.10.1
- Update fuse from 2.9.7 to 3.10.1 - Update also required by sshfs update - Changelog is available at https://github.com/libfuse/libfuse/releases - Build had to be changed from autools to meson/ninja - Rootfiles changed - namespace conflict fix patch no longer required. Fix now built into kernel.h
Signed-off-by: Adolf Belka ahb.ipfire@gmail.com Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 8468f164abec32309e7c09bf044face0a153c56a Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Jan 6 15:17:50 2021 +0000
core154: Ship iproute2
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 34866cace5ffbd587bab91a00d763fa18853746b Author: Adolf Belka ahb.ipfire@gmail.com Date: Wed Jan 6 14:43:59 2021 +0100
iproute2: Update to 5.10.0
- Update from 5.8.0 to 5.10.0 - No changelog available - No changes to the rootfiles
Signed-off-by: Adolf Belka ahb.ipfire@gmail.com Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 6ae847429ed258ce3f7f50317bec3d4ed3efe6cc Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Jan 6 15:15:22 2021 +0000
core154: Ship iptables
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 84e4274e59912b854363597c97602432a9a5f615 Author: Adolf Belka ahb.ipfire@gmail.com Date: Wed Jan 6 14:43:27 2021 +0100
iptables: Update to 1.8.6
- Update from 1.8.5 to 1.8.6 - Changelog info Arturo Borrero Gonzalez (1): xtables-translate: don't fail if help was requested
Giuseppe Scrivano (1): iptables: accept lock file name at runtime
Jan Engelhardt (2): doc: document danger of applying REJECT to INVALID CTs build: resolve iptables-apply not getting installed
Maciej Żenczykowski (1): libxtables: compiler warning fixes for NO_SHARED_LIBS
Pablo Neira Ayuso (4): extensions: libxt_conntrack: provide translation for DNAT and SNAT --ctstate iptables: replace libnftnl table list by linux list iptables-nft: fix basechain policy configuration configure: bump version for 1.8.6 release
Phil Sutter (31): xtables-restore: Fix verbose mode table flushing build: Fix for failing 'make uninstall' xtables-translate: Use proper clear_cs function tests: shell: Add help output to run-tests.sh nft: Make table creation purely implicit nft: Be lazy when flushing nft: cache: Drop duplicate chain check nft: Drop pointless nft_xt_builtin_init() call nft: Turn nft_chain_save() into a foreach-callback nft: Use nft_chain_find() in two more places nft: Reorder enum nft_table_type nft: Eliminate table list from cache nft: Fix command name in ip6tables error message tests: shell: Merge and extend return codes test xtables-monitor: Fix ip6tables rule printing nft: Fix for ruleset flush while restoring Makefile: Add missing man pages to CLEANFILES nft: cache: Check consistency with NFT_CL_FAKE, too nft: Extend use of nftnl_chain_list_foreach() nft: Fold nftnl_rule_list_chain_save() into caller nft: Use nft_chain_find() in nft_chain_builtin_init() nft: Fix for broken address mask match detection extensions: libipt_icmp: Fix translation of type 'any' libxtables: Make sure extensions register in revision order libxtables: Simplify pending extension registration libxtables: Register multiple extensions in ascending order nft: Make batch_add_chain() return the added batch object nft: Fix error reporting for refreshed transactions libiptc: Avoid gcc-10 zero-length array warning nft: Fix for concurrent noflush restore calls tests: shell: Improve concurrent noflush restore test a bit - Rootfiles updated
Signed-off-by: Adolf Belka ahb.ipfire@gmail.com Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 248902f8c9a9ea1a8b549aff87344e024e1a1d8d Author: Adolf Belka ahb.ipfire@gmail.com Date: Tue Jan 5 18:35:16 2021 +0100
stunnel: Update to 5.57
- Update of stunnel from 5.56 to 5.57 - Changelog Version 5.57, 2020.10.11, urgency: HIGH Security bugfixes The "redirect" option was fixed to properly handle "verifyChain = yes" (thx to Rob Hoes). OpenSSL DLLs updated to version 1.1.1h. New features New securityLevel configuration file option. FIPS support for RHEL-based distributions. Support for modern PostgreSQL clients (thx to Bram Geron). Windows tooltip texts updated to mention "stunnel". TLS 1.3 configuration updated for better compatibility. Bugfixes Fixed a transfer() loop bug. Fixed memory leaks on configuration reloading errors. DH/ECDH initialization restored for client sections. Delay startup with systemd until network is online. bin\libssp-0.dll removed when uninstalling. A number of testing framework fixes and improvements. - No change to rootfiles
Signed-off-by: Adolf Belka ahb.ipfire@gmail.com Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 1a886f57d865e6cb568bb6bfe3e043cdd7c2dd0f Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Jan 6 11:51:36 2021 +0000
misc-progs: ipfirereboot: Remove unused cron functions
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 36f253d2911c56715b435acee2c14dd14a7cc828 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Jan 6 11:39:32 2021 +0000
configroot: Make extrahd.pl executable
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 81790c8a002363bd4bddf46c3621e051c549f702 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Jan 6 11:19:18 2021 +0000
misc-progs: Set some defaults for CONFIG_ROOT and SNAME
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 1a79ef8e43a4e406a79344341055dd9fa79ce57d Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 5 17:17:33 2021 +0000
misc-progs: Drop unused upnpctrl
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit f0c39f17390ce71960cf3c6fb06498a20634b263 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 5 17:15:11 2021 +0000
misc-progs: Drop unused updxsetperms
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 7908de2a952edc91b1effa6245dbb6dc80b7dafc Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 5 17:02:44 2021 +0000
misc-progs: Drop unused ipfiredeath & ipfirerebirth
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 5cef36ccb14424270a451c11d235ece4dc3be946 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 5 16:59:14 2021 +0000
misc-progs: Drop unused applejuicectrl
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit b37678e92231a7497820b2f39f040cccacfd808e Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 5 16:53:36 2021 +0000
Package extended attributes in distro.img and Core Updates
System capabilities are stored in extended file system attributes which are by default not stored in tar balls.
This patch ensures that they are packaged and extracted.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 241bf919fc2d056124c1082a0488bfa4c3fe8298 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jan 5 16:09:16 2021 +0000
make.sh: Build acl and attr earlier
These libraries are needed to link tar against them for extended attribute support
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
-----------------------------------------------------------------------
Summary of changes: config/rootfiles/common/configroot | 4 +- config/rootfiles/common/fuse | 68 ++--- config/rootfiles/common/iptables | 1 + config/rootfiles/common/misc-progs | 2 - config/rootfiles/common/sshfs | 2 + .../{oldcore/104 => core/154}/filelists/ddns | 0 config/rootfiles/core/154/filelists/files | 3 + .../{oldcore/112 => core/154}/filelists/fuse | 0 .../{oldcore/106 => core/154}/filelists/iproute2 | 0 .../{oldcore/123 => core/154}/filelists/iptables | 0 .../{oldcore/121 => core/154}/filelists/tar | 0 config/rootfiles/core/154/update.sh | 2 + config/unbound/unbound.conf | 3 + html/cgi-bin/ddns.cgi | 112 +++++++- langs/de/cgi-bin/de.pl | 2 + langs/en/cgi-bin/en.pl | 2 + lfs/Config | 5 +- lfs/cdrom | 12 +- lfs/configroot | 3 + lfs/core-updates | 7 +- lfs/ddns | 2 + lfs/flash-images | 4 +- lfs/fuse | 20 +- lfs/iproute2 | 4 +- lfs/iptables | 4 +- lfs/sshfs | 14 +- lfs/stunnel | 6 +- make.sh | 6 +- src/installer/main.c | 2 +- src/misc-progs/Makefile | 5 +- src/misc-progs/applejuicectrl.c | 44 ---- src/misc-progs/ipfiredeath.c | 25 -- src/misc-progs/ipfirerebirth.c | 25 -- src/misc-progs/ipfirereboot.c | 49 ---- src/misc-progs/setuid.h | 8 + src/misc-progs/updxsetperms.c | 28 -- src/misc-progs/upnpctrl.c | 54 ---- src/pakfire/lib/functions.sh | 3 +- ...dns-013-add-option-to-list-token-provider.patch | 292 +++++++++++++++++++++ src/patches/ddns-013-proper-encode-string.patch | 24 ++ .../fuse-2.9.2-namespace-conflict-fix.patch | 21 -- 41 files changed, 528 insertions(+), 340 deletions(-) copy config/rootfiles/{oldcore/104 => core/154}/filelists/ddns (100%) copy config/rootfiles/{oldcore/112 => core/154}/filelists/fuse (100%) copy config/rootfiles/{oldcore/106 => core/154}/filelists/iproute2 (100%) copy config/rootfiles/{oldcore/123 => core/154}/filelists/iptables (100%) copy config/rootfiles/{oldcore/121 => core/154}/filelists/tar (100%) delete mode 100644 src/misc-progs/applejuicectrl.c delete mode 100644 src/misc-progs/ipfiredeath.c delete mode 100644 src/misc-progs/ipfirerebirth.c delete mode 100644 src/misc-progs/updxsetperms.c delete mode 100644 src/misc-progs/upnpctrl.c create mode 100644 src/patches/ddns-013-add-option-to-list-token-provider.patch create mode 100644 src/patches/ddns-013-proper-encode-string.patch delete mode 100644 src/patches/fuse-2.9.2-namespace-conflict-fix.patch
Difference in files: diff --git a/config/rootfiles/common/configroot b/config/rootfiles/common/configroot index 1027b5139..8c91ca5d5 100644 --- a/config/rootfiles/common/configroot +++ b/config/rootfiles/common/configroot @@ -51,8 +51,8 @@ var/ipfire/ethernet #var/ipfire/ethernet/vlans #var/ipfire/ethernet/wireless var/ipfire/extrahd -#var/ipfire/extrahd/bin -#var/ipfire/extrahd/bin/extrahd.pl +var/ipfire/extrahd/bin +var/ipfire/extrahd/bin/extrahd.pl #var/ipfire/extrahd/devices #var/ipfire/extrahd/partitions #var/ipfire/extrahd/scan diff --git a/config/rootfiles/common/fuse b/config/rootfiles/common/fuse index 2cd91cb0c..bae55b321 100644 --- a/config/rootfiles/common/fuse +++ b/config/rootfiles/common/fuse @@ -1,30 +1,38 @@ -#etc/rc.d/init.d/fuse -etc/udev/rules.d/99-fuse.rules -sbin/mount.fuse -usr/bin/fusermount -usr/bin/ulockmgr_server -#usr/include/fuse -#usr/include/fuse.h -#usr/include/fuse/cuse_lowlevel.h -#usr/include/fuse/fuse.h -#usr/include/fuse/fuse_common.h -#usr/include/fuse/fuse_common_compat.h -#usr/include/fuse/fuse_compat.h -#usr/include/fuse/fuse_lowlevel.h -#usr/include/fuse/fuse_lowlevel_compat.h -#usr/include/fuse/fuse_opt.h -#usr/include/ulockmgr.h -#usr/lib/libfuse.a -#usr/lib/libfuse.la -usr/lib/libfuse.so -usr/lib/libfuse.so.2 -usr/lib/libfuse.so.2.9.7 -#usr/lib/libulockmgr.a -#usr/lib/libulockmgr.la -usr/lib/libulockmgr.so -usr/lib/libulockmgr.so.1 -usr/lib/libulockmgr.so.1.0.1 -#usr/lib/pkgconfig/fuse.pc -#usr/share/man/man1/fusermount.1 -#usr/share/man/man1/ulockmgr_server.1 -#usr/share/man/man8/mount.fuse.8 +#etc/rc.d/init.d/fuse3 +#lib/udev/rules.d/99-fuse3.rules +etc/udev/rules.d/99-fuse3.rules +sbin/mount.fuse3 +usr/bin/fusermount3 +#usr/local/bin/fusermount3 +#usr/local/etc +#usr/local/etc/fuse.conf +#usr/local/include/fuse3 +#usr/local/include/fuse3/cuse_lowlevel.h +#usr/local/include/fuse3/fuse.h +#usr/local/include/fuse3/fuse_common.h +#usr/local/include/fuse3/fuse_log.h +#usr/local/include/fuse3/fuse_lowlevel.h +#usr/local/include/fuse3/fuse_opt.h +#usr/local/lib/libfuse3.so +#usr/local/lib/libfuse3.so.3 +#usr/local/lib/libfuse3.so.3.10.1 +#usr/local/lib/pkgconfig +#usr/local/lib/pkgconfig/fuse3.pc +#usr/local/sbin/mount.fuse3 +#usr/local/share/man/man1/fusermount3.1 +#usr/local/share/man/man8/mount.fuse3.8 +#etc/fuse.conf +#usr/include/fuse3 +#usr/include/fuse3/cuse_lowlevel.h +#usr/include/fuse3/fuse.h +#usr/include/fuse3/fuse_common.h +#usr/include/fuse3/fuse_log.h +#usr/include/fuse3/fuse_lowlevel.h +#usr/include/fuse3/fuse_opt.h +#usr/lib/libfuse3.so +usr/lib/libfuse3.so.3 +usr/lib/libfuse3.so.3.10.1 +#usr/lib/pkgconfig/fuse3.pc +#usr/sbin/mount.fuse3 +#usr/share/man/man1/fusermount3.1 +#usr/share/man/man8/mount.fuse3.8 diff --git a/config/rootfiles/common/iptables b/config/rootfiles/common/iptables index 2246ee17c..564578216 100644 --- a/config/rootfiles/common/iptables +++ b/config/rootfiles/common/iptables @@ -133,6 +133,7 @@ sbin/ip6tables-apply sbin/ip6tables-restore sbin/ip6tables-save sbin/iptables +sbin/iptables-apply #sbin/iptables-legacy #sbin/iptables-legacy-restore #sbin/iptables-legacy-save diff --git a/config/rootfiles/common/misc-progs b/config/rootfiles/common/misc-progs index c48a474b2..a335dba7a 100644 --- a/config/rootfiles/common/misc-progs +++ b/config/rootfiles/common/misc-progs @@ -1,5 +1,4 @@ usr/local/bin/addonctrl -#usr/local/bin/applejuicectrl usr/local/bin/backupctrl usr/local/bin/captivectrl #usr/local/bin/clamavctrl @@ -34,7 +33,6 @@ usr/local/bin/timectrl #usr/local/bin/torctrl usr/local/bin/unboundctrl usr/local/bin/updxlratorctrl -usr/local/bin/upnpctrl usr/local/bin/urlfilterctrl #usr/local/bin/wiohelper #usr/local/bin/wioscan diff --git a/config/rootfiles/common/sshfs b/config/rootfiles/common/sshfs index 2cafa3e24..579b938f5 100644 --- a/config/rootfiles/common/sshfs +++ b/config/rootfiles/common/sshfs @@ -1,2 +1,4 @@ usr/bin/sshfs +#usr/sbin/mount.fuse.sshfs +#usr/sbin/mount.sshfs #usr/share/man/man1/sshfs.1 diff --git a/config/rootfiles/core/154/filelists/ddns b/config/rootfiles/core/154/filelists/ddns new file mode 120000 index 000000000..739516420 --- /dev/null +++ b/config/rootfiles/core/154/filelists/ddns @@ -0,0 +1 @@ +../../../common/ddns \ No newline at end of file diff --git a/config/rootfiles/core/154/filelists/files b/config/rootfiles/core/154/filelists/files index 1861bb925..8151a145a 100644 --- a/config/rootfiles/core/154/filelists/files +++ b/config/rootfiles/core/154/filelists/files @@ -1,8 +1,10 @@ etc/system-release etc/issue etc/os-release +opt/pakfire/lib/functions.sh srv/web/ipfire/cgi-bin/country.cgi srv/web/ipfire/cgi-bin/credits.cgi +srv/web/ipfire/cgi-bin/ddns.cgi srv/web/ipfire/cgi-bin/dhcp.cgi srv/web/ipfire/cgi-bin/extrahd.cgi srv/web/ipfire/cgi-bin/gpl.cgi @@ -12,5 +14,6 @@ srv/web/ipfire/cgi-bin/pakfire.cgi srv/web/ipfire/cgi-bin/remote.cgi srv/web/ipfire/cgi-bin/services.cgi usr/local/bin/sshctrl +var/ipfire/extrahd/bin/extrahd.pl var/ipfire/general-functions.pl var/ipfire/langs diff --git a/config/rootfiles/core/154/filelists/fuse b/config/rootfiles/core/154/filelists/fuse new file mode 120000 index 000000000..570edaade --- /dev/null +++ b/config/rootfiles/core/154/filelists/fuse @@ -0,0 +1 @@ +../../../common/fuse \ No newline at end of file diff --git a/config/rootfiles/core/154/filelists/iproute2 b/config/rootfiles/core/154/filelists/iproute2 new file mode 120000 index 000000000..05f0f71fb --- /dev/null +++ b/config/rootfiles/core/154/filelists/iproute2 @@ -0,0 +1 @@ +../../../common/iproute2 \ No newline at end of file diff --git a/config/rootfiles/core/154/filelists/iptables b/config/rootfiles/core/154/filelists/iptables new file mode 120000 index 000000000..8caf12bcc --- /dev/null +++ b/config/rootfiles/core/154/filelists/iptables @@ -0,0 +1 @@ +../../../common/iptables \ No newline at end of file diff --git a/config/rootfiles/core/154/filelists/tar b/config/rootfiles/core/154/filelists/tar new file mode 120000 index 000000000..3e585d2eb --- /dev/null +++ b/config/rootfiles/core/154/filelists/tar @@ -0,0 +1 @@ +../../../common/tar \ No newline at end of file diff --git a/config/rootfiles/core/154/update.sh b/config/rootfiles/core/154/update.sh index 37348e0df..a1523f742 100644 --- a/config/rootfiles/core/154/update.sh +++ b/config/rootfiles/core/154/update.sh @@ -32,6 +32,8 @@ for (( i=1; i<=$core; i++ )); do done
# Remove files +rm -vf \ + /usr/local/bin/upnpctrl
# Stop services
diff --git a/config/unbound/unbound.conf b/config/unbound/unbound.conf index 3aab6ea46..f78aaae8c 100644 --- a/config/unbound/unbound.conf +++ b/config/unbound/unbound.conf @@ -60,6 +60,9 @@ server: # Allow access from everywhere access-control: 0.0.0.0/0 allow
+ # Timeout behaviour + infra-keep-probing: yes + # Bootstrap root servers root-hints: "/etc/unbound/root.hints"
diff --git a/html/cgi-bin/ddns.cgi b/html/cgi-bin/ddns.cgi index 024eaf7f6..9b58db895 100644 --- a/html/cgi-bin/ddns.cgi +++ b/html/cgi-bin/ddns.cgi @@ -59,14 +59,18 @@ $settings{'HOSTNAME'} = ''; $settings{'DOMAIN'} = ''; $settings{'LOGIN'} = ''; $settings{'PASSWORD'} = ''; +$settings{'TOKEN'} = ''; $settings{'ENABLED'} = ''; $settings{'PROXY'} = ''; $settings{'SERVICE'} = '';
$settings{'ACTION'} = '';
-# Get supported ddns providers. -my @providers = &GetProviders(); +# Get all supported ddns providers. +my @providers = &GetProviders("all"); + +# Get provider which support a token based authentication mechanism. +my @token_provider = &GetProviders("token-providers");
# Hook to regenerate the configuration files, if cgi got called from command line. if ($ENV{"REMOTE_ADDR"} eq "") { @@ -178,6 +182,11 @@ if (($settings{'ACTION'} eq $Lang::tr{'add'}) || ($settings{'ACTION'} eq $Lang:: $errormessage = $Lang::tr{'password not set'}; }
+ # Check if a token has been given for provider which support tokens. + if (($settings{'SERVICE'} ~~ @token_provider) && ($settings{'TOKEN'} eq '')) { + $errormessage = $Lang::tr{'token not set'}; + } + # Go furter if there was no error. if (!$errormessage) { # Splitt hostname field into 2 parts for storrage. @@ -189,6 +198,16 @@ if (($settings{'ACTION'} eq $Lang::tr{'add'}) || ($settings{'ACTION'} eq $Lang:: $settings{'ENABLED'} = 'off'; }
+ # Handle token provider. + if($settings{'SERVICE'} ~~ @token_provider) { + # Clear username and password if they contain values. + undef($settings{'LOGIN'}); + undef($settings{'PASSWORD'}); + + # Assign the token as a password for saving. + $settings{'PASSWORD'} = $settings{'TOKEN'}; + } + # Handle adding new accounts. if ($settings{'ACTION'} eq $Lang::tr{'add'}) { # Open /var/ipfire/ddns/config for writing. @@ -234,7 +253,8 @@ if (($settings{'ACTION'} eq $Lang::tr{'add'}) || ($settings{'ACTION'} eq $Lang:: # Write out notice to logfile. &General::log($Lang::tr{'ddns hostname modified'}); } - undef $settings{'ID'}; + # Clear settings hash. + %settings = '';
# Update ddns config file. &GenerateDDNSConfigFile(); @@ -307,6 +327,7 @@ if ($settings{'ACTION'} eq $Lang::tr{'edit'}) { $settings{'WILDCARDS'} = $temp[4]; $settings{'LOGIN'} = $temp[5]; $settings{'PASSWORD'} = $temp[6]; + $settings{'TOKEN'} = $temp[6]; $settings{'ENABLED'} = $temp[7]; }
@@ -334,6 +355,58 @@ if (!$settings{'ACTION'}) { }
&Header::openpage($Lang::tr{'dynamic dns'}, 1, ''); + +### Java Script ### +print"<script>\n"; + +# Generate Java Script Array which contains the provider that support token. +my $line = ""; +$line = join("', '", @token_provider); + +print "\t// Array which contains the providers that support token.\n"; +print "\ttoken_provider = ['$line'];\n\n"; + +print <<END + // Java Script function to swap the text input fields for + // username and password or token. + var update_auth = function() { + if(inArray($('#SERVICE').val(), token_provider)) { + $('.username').hide(); + $('.password').hide(); + $('.token').show(); + } else { + $('.username').show(); + $('.password').show(); + $('.token').hide(); + } + }; + + // Java Script function to check if a given value is part of + // an array. + function inArray(value,array) { + var count=array.length; + + for(var i=0;i<count;i++) { + if(array[i]===value){ + return true; + } + } + + return false; + } + + // JQuery function to call corresponding function when + // the service provider is changed or the page is loaded for showing/hiding + // the username/password or token area. + $(document).ready(function() { + $('#SERVICE').change(update_auth); + update_auth(); + }); + +</script> +END +; + &Header::openbigbox('100%', 'left', '', $errormessage);
# Read file for general ddns settings. @@ -414,7 +487,7 @@ print <<END END ; # Generate dropdown menu for service selection. - print"<select size='1' name='SERVICE'>\n"; + print"<select size='1' name='SERVICE' id='SERVICE'>\n";
my $selected;
@@ -440,11 +513,15 @@ print <<END <tr> <td class='base'>$Lang::tr{'enabled'}</td> <td><input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td> - <td class='base'>$Lang::tr{'username'}</td> - <td><input type='text' name='LOGIN' value='$settings{'LOGIN'}' /></td> + + <td class='username'>$Lang::tr{'username'}</td> + <td class='username'><input type='text' name='LOGIN' value='$settings{'LOGIN'}' /></td> + + <td class='token' style='display:none'>$Lang::tr{'token'}</td> + <td class='token' style='display:none'><input type='text' name='TOKEN' value='$settings{'TOKEN'}' /></td> </tr>
- <tr> + <tr class='password'> <td class='base'></td> <td></td> <td class='base'>$Lang::tr{'password'}</td> @@ -665,8 +742,8 @@ sub GenerateDDNSConfigFile {
my $use_token = 0;
- # Check if token based auth is configured. - if ($username eq "token") { + # Handle token based auth for various providers. + if ($provider ~~ @token_provider) { $use_token = 1; }
@@ -707,9 +784,20 @@ sub GenerateDDNSConfigFile { }
# Function which generates an array (@providers) which contains the supported providers. -sub GetProviders { - # Get supported providers. - open(PROVIDERS, "/usr/bin/ddns list-providers |"); +sub GetProviders ($) { + my ($type) = @_; + + # Set default type to get all providers + $type = $type ? $type : "all"; + + # Check if the requested type is "token-providers". + if ($type eq "token-providers") { + # Call ddns util to only get providers which supports token based auth. + open(PROVIDERS, "/usr/bin/ddns list-token-providers |"); + } else { + # Get all supported providers. + open(PROVIDERS, "/usr/bin/ddns list-providers |"); + }
# Create new array to store the providers. my @providers = (); diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index 87181c184..307b8a97c 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -2374,6 +2374,8 @@ 'to warn email bad' => 'An E-Mail-Adresse ist nicht gültig', 'toggle' => 'Pause/Resume', 'toggle enable disable' => 'Aktivieren oder Deaktivieren', +'token' => 'Token:', +'token not set' => 'Kein Token angegeben.', 'tone' => 'Ton', 'tone dial' => 'Tonwahl:', 'too long 80 char max' => ' ist zu lang, es sind maximal 80 Zeichen erlaubt', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index 625c6899f..4d23f7aac 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -2412,6 +2412,8 @@ 'to warn email bad' => 'To e-mail address is not valid', 'toggle' => 'pause/resume', 'toggle enable disable' => 'Enable or disable', +'token' => 'Token:', +'token not set' => 'No Token has been given.', 'tone' => 'Tone', 'tone dial' => 'Tone dial:', 'too long 80 char max' => ' is too long, maximum allowed is 80 characters', diff --git a/lfs/Config b/lfs/Config index b16da91bd..524ba35c0 100644 --- a/lfs/Config +++ b/lfs/Config @@ -70,7 +70,10 @@ else PREFIX = /usr endif
-TAR_OPTIONS = --xz +TAR_OPTIONS = \ + --format=pax \ + --acls \ + --xattrs --xattrs-include='*'
# URLs that are common sources of downloads. If you're having trouble with # a site you should change its URL to that of a suitable mirror site. diff --git a/lfs/cdrom b/lfs/cdrom index f18b80a03..a764416d0 100644 --- a/lfs/cdrom +++ b/lfs/cdrom @@ -32,12 +32,6 @@ TARGET = $(DIR_INFO)/$(THISAPP) # Fail when there is an error in the tar pipe SHELL=/bin/bash -o pipefail
-ifeq "$(BUILD_PLATFORM)" "arm" - TAR_OPTIONS = -else - TAR_OPTIONS = --lzma -endif - HAS_MEMTEST = 0 HAS_IPXE = 0 HAS_ISOLINUX = 0 @@ -166,12 +160,12 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) # Compress root filesystem # Reason for this tar+untar+tar is removing of entries listed two or more in src/ROOTFILES rm -rf $(DIR_TMP)/root && mkdir -p $(DIR_TMP)/root - tar -c --exclude='#*' --exclude='proc/*' --exclude='dev/pts/*' --exclude='tmp/*' \ + tar $(TAR_OPTIONS) -c --exclude='#*' --exclude='proc/*' --exclude='dev/pts/*' --exclude='tmp/*' \ --exclude='__pycache__' \ - -C / --files-from=$(DIR_TMP)/ROOTFILES | tar -x -C $(DIR_TMP)/root + -C / --files-from=$(DIR_TMP)/ROOTFILES | tar $(TAR_OPTIONS) -x -C $(DIR_TMP)/root rm -f $(DIR_TMP)/ROOTFILES mkdir $(DIR_TMP)/root/sys - cd $(DIR_TMP)/root && tar cf - * | xz $(XZ_OPT) > $(DIR_TMP)/cdrom/distro.img + cd $(DIR_TMP)/root && tar $(TAR_OPTIONS) -cf - * | xz $(XZ_OPT) > $(DIR_TMP)/cdrom/distro.img rm -rf $(DIR_TMP)/root
# Other files diff --git a/lfs/configroot b/lfs/configroot index a37c2c401..bc8c0283f 100644 --- a/lfs/configroot +++ b/lfs/configroot @@ -151,6 +151,9 @@ $(TARGET) : # set converters executable chmod 755 /usr/sbin/convert-*
+ # Make extrahd.pl executable + chmod 755 /var/ipfire/extrahd/bin/extrahd.pl + # Modify variables in header.pl sed -i -e "s+CONFIG_ROOT+$(CONFIG_ROOT)+g" \ -e "s+VERSION+$(VERSION)+g" \ diff --git a/lfs/core-updates b/lfs/core-updates index e0dfa69f4..fa8b36d50 100644 --- a/lfs/core-updates +++ b/lfs/core-updates @@ -28,7 +28,6 @@ VER = ipfire
THISAPP = core-updates TARGET = $(DIR_INFO)/$(THISAPP) -TAR_OPTIONS = --xz
############################################################################### # Top-level Rules @@ -72,13 +71,13 @@ core/%: sed -e "s/KVER/$(KVER)/g" -i /tmp/ROOTFILES
#Remove doubled files with tar/untar/tar to save space - tar -c --exclude='proc/*' --exclude='tmp/ROOTFILES' --exclude='__pycache__' --exclude='#*' --exclude='dev/pts/*' \ + tar $(TAR_OPTIONS) -c --exclude='proc/*' --exclude='tmp/ROOTFILES' --exclude='__pycache__' --exclude='#*' --exclude='dev/pts/*' \ --exclude-from=$(DIR_SRC)/config/rootfiles/$@/exclude \ -C / --files-from=/tmp/ROOTFILES -f /$(SNAME).tar mv -f /tmp/ROOTFILES /install/packages/package/ROOTFILES - tar -p --numeric-owner -x -C /tmp -f /$(SNAME).tar + tar $(TAR_OPTIONS) -p --numeric-owner -x -C /tmp -f /$(SNAME).tar rm -f /$(SNAME).tar - cd /tmp && XZ_OPT="$(XZ_OPT)" tar cJf /install/packages/package/files.tar.xz $(TAR_OPTIONS) * && rm -rf * + cd /tmp && XZ_OPT="$(XZ_OPT)" tar $(TAR_OPTIONS) -cJf /install/packages/package/files.tar.xz $(TAR_OPTIONS) * && rm -rf * cat /install/packages/package/ROOTFILES | grep -v "#" > /install/packages/package/ROOTFILES.tmp rm /install/packages/package/ROOTFILES mv /install/packages/package/ROOTFILES.tmp /install/packages/package/ROOTFILES diff --git a/lfs/ddns b/lfs/ddns index 2a6dbca2b..98b374ed1 100644 --- a/lfs/ddns +++ b/lfs/ddns @@ -75,6 +75,8 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/ddns-013-dyfi-use-https.patch cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/ddns-013-ddnss-fix-unhandled-exeption-on-update-patch cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/ddns-013-duckdns-new-api.patch + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/ddns-013-add-option-to-list-token-provider.patch + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/ddns-013-proper-encode-string.patch
cd $(DIR_APP) && [ -x "configure" ] || sh ./autogen.sh cd $(DIR_APP) && ./configure \ diff --git a/lfs/flash-images b/lfs/flash-images index 5f39c488f..9fd925055 100644 --- a/lfs/flash-images +++ b/lfs/flash-images @@ -152,9 +152,9 @@ endif
# Install IPFire ifneq "$(BUILD_PLATFORM)" "arm" - tar -x --xz -C $(MNThdd)/ -f $(DIR_TMP)/cdrom/distro.img + tar $(TAR_OPTIONS) -x --xz -C $(MNThdd)/ -f $(DIR_TMP)/cdrom/distro.img else - tar -x -C $(MNThdd)/ -f $(DIR_TMP)/cdrom/distro.img + tar $(TAR_OPTIONS) -x -C $(MNThdd)/ -f $(DIR_TMP)/cdrom/distro.img endif -touch $(MNThdd)/lib/modules/$(KVER)-ipfire/modules.dep mkdir $(MNThdd)/proc diff --git a/lfs/fuse b/lfs/fuse index db649a880..167612f68 100644 --- a/lfs/fuse +++ b/lfs/fuse @@ -24,10 +24,10 @@
include Config
-VER = 2.9.7 +VER = 3.10.1
THISAPP = fuse-$(VER) -DL_FILE = $(THISAPP).tar.gz +DL_FILE = $(THISAPP).tar.xz DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 9bd4ce8184745fd3d000ca2692adacdb +$(DL_FILE)_MD5 = e973012119e98b048307558271b5b296
install : $(TARGET)
@@ -72,12 +72,14 @@ $(subst %,%_MD5,$(objects)) :
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) - @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/fuse-2.9.2-namespace-conflict-fix.patch - cd $(DIR_APP) && ./configure \ - --prefix=/usr + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && meson --prefix=/usr builddir && cd builddir && ninja && ninja install + + # Move mount.fuse3 to same location as mount.fuse was in previous version + mv -v /usr/sbin/mount.fuse3 /sbin + + # Move 99-fuse3 rules to same udev location as in previous version of fuse + mv -v /lib/udev/rules.d/99-fuse3.rules /etc/udev/rules.d
- cd $(DIR_APP) && make $(MAKETUNING) - cd $(DIR_APP) && make install @rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/lfs/iproute2 b/lfs/iproute2 index 53fd4a59e..27e246d23 100644 --- a/lfs/iproute2 +++ b/lfs/iproute2 @@ -24,7 +24,7 @@
include Config
-VER = 5.8.0 +VER = 5.10.0
THISAPP = iproute2-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = e2016acc07d91b2508916c459a8435af +$(DL_FILE)_MD5 = 19ffea480a21e600453776b7225f3319
install : $(TARGET)
diff --git a/lfs/iptables b/lfs/iptables index afe452f10..852cde6cc 100644 --- a/lfs/iptables +++ b/lfs/iptables @@ -24,7 +24,7 @@
include Config
-VER = 1.8.5 +VER = 1.8.6
THISAPP = iptables-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -41,7 +41,7 @@ objects = $(DL_FILE) \ $(DL_FILE) = $(DL_FROM)/$(DL_FILE) netfilter-layer7-v2.23.tar.gz = $(URL_IPFIRE)/netfilter-layer7-v2.23.tar.gz
-$(DL_FILE)_MD5 = 42cfa96d4ac5eb93ee7ed8dd85cfe8fb +$(DL_FILE)_MD5 = bc0f0adccc93c09dc5b7507ccba93148 netfilter-layer7-v2.23.tar.gz_MD5 = 10910b6173d18e426cb56ae7e1300eeb
install : $(TARGET) diff --git a/lfs/sshfs b/lfs/sshfs index 23fbd18ca..1e7706194 100644 --- a/lfs/sshfs +++ b/lfs/sshfs @@ -24,10 +24,10 @@
include Config
-VER = 2.2 +VER = 3.7.1
-THISAPP = sshfs-fuse-$(VER) -DL_FILE = $(THISAPP).tar.gz +THISAPP = sshfs-$(VER) +DL_FILE = $(THISAPP).tar.xz DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 26e9206eb5169e87e6f95f54bc005a4f +$(DL_FILE)_MD5 = 22ac23d05ca7c56fb568627f086374d0
install : $(TARGET)
@@ -72,9 +72,7 @@ $(subst %,%_MD5,$(objects)) :
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) - @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && ./configure --prefix=/usr - cd $(DIR_APP) && make $(MAKETUNING) - cd $(DIR_APP) && make install + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && meson --prefix=/usr builddir && cd builddir && ninja && ninja install @rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/lfs/stunnel b/lfs/stunnel index 1ddb2a963..eab56e721 100644 --- a/lfs/stunnel +++ b/lfs/stunnel @@ -24,7 +24,7 @@
include Config
-VER = 5.56 +VER = 5.57
THISAPP = stunnel-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = stunnel -PAK_VER = 5 +PAK_VER = 6
DEPS =
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 01b0ca9e071f582ff803a85d5ed72166 +$(DL_FILE)_MD5 = 6bbe921f8d2ab4967dc7ff42f6e5d45a
install : $(TARGET)
diff --git a/make.sh b/make.sh index cf4e779e4..86359ce15 100755 --- a/make.sh +++ b/make.sh @@ -1104,6 +1104,9 @@ buildbase() { lfsmake2 xz lfsmake2 pcre lfsmake2 pcre-compat + lfsmake2 gettext + lfsmake2 attr + lfsmake2 acl lfsmake2 bash lfsmake2 diffutils lfsmake2 e2fsprogs @@ -1111,7 +1114,6 @@ buildbase() { lfsmake2 findutils lfsmake2 flex lfsmake2 gawk - lfsmake2 gettext lfsmake2 go lfsmake2 grep lfsmake2 groff @@ -1269,8 +1271,6 @@ buildipfire() { lfsmake2 slang lfsmake2 newt lfsmake2 libsmooth - lfsmake2 attr - lfsmake2 acl lfsmake2 libcap lfsmake2 libcap-ng lfsmake2 pciutils diff --git a/src/installer/main.c b/src/installer/main.c index 3eff481b0..00d172888 100644 --- a/src/installer/main.c +++ b/src/installer/main.c @@ -781,7 +781,7 @@ int main(int argc, char *argv[]) {
// Extract files... snprintf(commandstring, STRING_SIZE, - "/bin/tar -C /harddisk -xvf /cdrom/distro.img --xz 2>/dev/null"); + "/bin/tar --acls --xattrs --xattrs-include='*' -C /harddisk -xvf /cdrom/distro.img --xz 2>/dev/null");
if (runcommandwithprogress(60, 4, title, commandstring, INST_FILECOUNT, _("Installing the system..."), logfile)) { diff --git a/src/misc-progs/Makefile b/src/misc-progs/Makefile index bea54e773..896b1e916 100644 --- a/src/misc-progs/Makefile +++ b/src/misc-progs/Makefile @@ -25,15 +25,14 @@ LIBS = -lsmooth -lnewt PROGS = iowrap SUID_PROGS = squidctrl sshctrl ipfirereboot \ ipsecctrl timectrl dhcpctrl suricatactrl \ - applejuicectrl rebuildhosts backupctrl collectdctrl \ + rebuildhosts backupctrl collectdctrl \ logwatch wioscan wiohelper openvpnctrl firewallctrl \ wirelessctrl getipstat qosctrl launch-ether-wake \ - redctrl syslogdctrl extrahdctrl sambactrl upnpctrl \ + redctrl syslogdctrl extrahdctrl sambactrl \ smartctrl clamavctrl addonctrl pakfire mpfirectrl wlanapctrl \ setaliases urlfilterctrl updxlratorctrl fireinfoctrl rebuildroutes \ getconntracktable wirelessclient torctrl ddnsctrl unboundctrl \ captivectrl -SUID_UPDX = updxsetperms
OBJS = $(patsubst %,%.o,$(PROGS) $(SUID_PROGS))
diff --git a/src/misc-progs/applejuicectrl.c b/src/misc-progs/applejuicectrl.c deleted file mode 100644 index 9d63e51f2..000000000 --- a/src/misc-progs/applejuicectrl.c +++ /dev/null @@ -1,44 +0,0 @@ -/* This file is part of the IPFire Firewall. - * - * This program is distributed under the terms of the GNU General Public - * Licence. See the file COPYING for details. - * - */ - -#include <stdlib.h> -#include <stdio.h> -#include <string.h> -#include <unistd.h> -#include <sys/types.h> -#include <fcntl.h> -#include "setuid.h" - -int main(int argc, char *argv[]) { - - if (!(initsetuid())) - exit(1); - - if (argc < 2) { - fprintf(stderr, "\nNo argument given.\n\napplejuicectrl (start|stop|restart)\n\n"); - exit(1); - } - - if (strcmp(argv[1], "start") == 0) { - safe_system("/etc/rc.d/init.d/applejuice start"); - } else if (strcmp(argv[1], "stop") == 0) { - safe_system("/etc/rc.d/init.d/applejuice stop"); - } else if (strcmp(argv[1], "restart") == 0) { - safe_system("/etc/rc.d/init.d/applejuice restart"); - } else if (strcmp(argv[1], "enable") == 0) { - safe_system("ln -fs ../init.d/applejuice /etc/rc.d/rc3.d/S99applejuice >/dev/null 2>&1"); - safe_system("ln -fs ../init.d/applejuice /etc/rc.d/rc0.d/K00applejuice >/dev/null 2>&1"); - safe_system("ln -fs ../init.d/applejuice /etc/rc.d/rc6.d/K00applejuice >/dev/null 2>&1"); - } else if (strcmp(argv[1], "disable") == 0) { - safe_system("rm -f /etc/rc.d/rc*.d/*applejuice >/dev/null 2>&1"); - } else { - fprintf(stderr, "\nBad argument given.\n\napplejuicectrl (start|stop|restart)\n\n"); - exit(1); - } - - return 0; -} diff --git a/src/misc-progs/ipfiredeath.c b/src/misc-progs/ipfiredeath.c deleted file mode 100644 index 8a13fa60a..000000000 --- a/src/misc-progs/ipfiredeath.c +++ /dev/null @@ -1,25 +0,0 @@ -/* SmoothWall helper program - smoothiedeath - * - * This program is distributed under the terms of the GNU General Public - * Licence. See the file COPYING for details. - * - * (c) Lawrence Manning, 2001 - * Simple program intended to be installed setuid(0) that can be used for - * starting shutdown. - * - * $Id: ipcopdeath.c,v 1.2 2003/12/11 10:57:34 riddles Exp $ - * - */ - -#include <stdlib.h> -#include "setuid.h" - -int main(void) -{ - if (!(initsetuid())) - exit(1); - - safe_system("/sbin/shutdown -h now"); - - return 0; -} diff --git a/src/misc-progs/ipfirerebirth.c b/src/misc-progs/ipfirerebirth.c deleted file mode 100644 index 10230c3e1..000000000 --- a/src/misc-progs/ipfirerebirth.c +++ /dev/null @@ -1,25 +0,0 @@ -/* SmoothWall helper program - smoothierebirth - * - * This program is distributed under the terms of the GNU General Public - * Licence. See the file COPYING for details. - * - * (c) Lawrence Manning, 2001 - * Simple program intended to be installed setuid(0) that can be used for - * starting reboot. - * - * $Id: ipcoprebirth.c,v 1.2 2003/12/11 10:57:34 riddles Exp $ - * - */ - -#include <stdlib.h> -#include "setuid.h" - -int main(void) -{ - if (!(initsetuid())) - exit(1); - - safe_system("/sbin/shutdown -r now"); - - return 0; -} diff --git a/src/misc-progs/ipfirereboot.c b/src/misc-progs/ipfirereboot.c index 5e758791c..6f5ecf89a 100644 --- a/src/misc-progs/ipfirereboot.c +++ b/src/misc-progs/ipfirereboot.c @@ -31,9 +31,6 @@ #define OP_REBOOT "boot" #define OP_REBOOT_FS "bootfs" // add filesystem check option (not yet in GUI) #define OP_SHUTDOWN "down" -#define OP_SCHEDULE_ADD "cron+" -#define OP_SCHEDULE_REM "cron-" -#define OP_SCHEDULE_GET "cron?"
int main(int argc, char**argv) { @@ -66,52 +63,6 @@ int main(int argc, char**argv) return 0; }
- // output schedule to stdout - if (argc==2 && strcmp(argv[1], OP_SCHEDULE_GET)==0) - { - safe_system("/bin/grep /sbin/shutdown /var/spool/cron/root.orig"); - return 0; - } - - if (argc==2 && strcmp(argv[1], OP_SCHEDULE_REM)==0) - { - safe_system("/usr/bin/perl -i -p -e 's/^.*\/sbin\/shutdown.*$//s' /var/spool/cron/root.orig"); - safe_system("/usr/bin/fcrontab -u root -z"); - return 0; - } - - if (argc==6 && strcmp(argv[1], OP_SCHEDULE_ADD)==0) - { - // check args - if (!( strlen(argv[2])<3 && - strspn(argv[2], "0123456789") == strlen (argv[2]) && - strlen(argv[3])<3 && - strspn(argv[3], "0123456789") == strlen (argv[3]) && - strlen(argv[4])<14 && - strspn(argv[4], "1234567,*") == strlen (argv[4]) && - ((strcmp(argv[5], "-r")==0) || //reboot - (strcmp(argv[5], "-h")==0)) ) //hangup - ) { - fprintf (stderr, "Bad cron+ parameters!\n"); - return 1; - } - - // remove old entry - safe_system("/usr/bin/perl -i -p -e 's/^.*\/sbin\/shutdown.*$//s' /var/spool/cron/root.orig"); - - // add new entry - FILE *fd = NULL; - if ((fd = fopen("/var/spool/cron/root.orig", "a"))) - { - fprintf (fd,"%s %s * * %s /sbin/shutdown %s 1\n",argv[2],argv[3],argv[4],argv[5]); - fclose (fd); - } - - // inform cron - safe_system("/usr/bin/fcrontab -u root -z"); - return 0; - } - fprintf (stderr, "Bad reboot command!\n"); return 1; } diff --git a/src/misc-progs/setuid.h b/src/misc-progs/setuid.h index 2e90537a6..7f3fda308 100644 --- a/src/misc-progs/setuid.h +++ b/src/misc-progs/setuid.h @@ -18,6 +18,14 @@ #define STRING_SIZE 1024 #endif
+#ifndef CONFIG_ROOT +#define CONFIG_ROOT "/var/ipfire" +#endif + +#ifndef SNAME +#define SNAME "SNAME to be filled" +#endif + extern char * trusted_env[4];
int system_core(char* command, uid_t uid, gid_t gid, char *error); diff --git a/src/misc-progs/updxsetperms.c b/src/misc-progs/updxsetperms.c deleted file mode 100644 index be7d0e171..000000000 --- a/src/misc-progs/updxsetperms.c +++ /dev/null @@ -1,28 +0,0 @@ -/* This file is part of the IPFire Firewall. - * - * This program is distributed under the terms of the GNU General Public - * Licence. See the file COPYING for details. - * - */ - -#include <stdlib.h> -#include <stdio.h> -#include <string.h> -#include <unistd.h> -#include <sys/types.h> -#include <fcntl.h> -#include "setuid.h" - -int main(int argc, char *argv[]) { - - if (!(initsetuid())) - exit(1); - - if (argc > 1) { - fprintf(stderr, "\nNo argument should be given.\n"); - exit(1); - } - - safe_system("/etc/rc.d/init.d/squid setperms"); - return 0; -} diff --git a/src/misc-progs/upnpctrl.c b/src/misc-progs/upnpctrl.c deleted file mode 100644 index f42502ddd..000000000 --- a/src/misc-progs/upnpctrl.c +++ /dev/null @@ -1,54 +0,0 @@ -#include <stdio.h> -#include <string.h> -#include <stdlib.h> -#include <unistd.h> -#include <sys/types.h> -#include <fcntl.h> -#include "setuid.h" - -#define BUFFER_SIZE 1024 - -char command[BUFFER_SIZE]; - -int main(int argc, char *argv[]) -{ - - if (!(initsetuid())) - exit(1); - - // Check what command is asked - if (argc==1) - { - fprintf (stderr, "Missing smbctrl command!\n"); - return 1; - } - - if (strcmp(argv[1], "upnpstart")==0) - { - snprintf(command, BUFFER_SIZE-1, "route add -net 239.0.0.0 netmask 255.0.0.0 %s", argv[3]); - safe_system(command); - printf(command); - snprintf(command, BUFFER_SIZE-1, "/usr/sbin/upnpd %s %s", argv[2], argv[3] ); - safe_system(command); - printf(command); - return 0; - } - - if (strcmp(argv[1], "upnpstop")==0) - { - snprintf(command, BUFFER_SIZE-1, "killall upnpd"); - safe_system(command); - printf(command); - snprintf(command, BUFFER_SIZE-1, "route del -net 239.0.0.0 netmask 255.0.0.0 %s", argv[3]); - safe_system(command); - printf(command); - return 0; - } - if (strcmp(argv[1], "upnpxml")==0) - { - snprintf(command, BUFFER_SIZE-1, "sed 's/<friendlyName>.*</friendlyName>/<friendlyName>%s</friendlyName>/gi' %s/%s > tmp && mv tmp %s/%s", argv[2], argv[3], argv[4], argv[3], argv[4]); - safe_system(command); - printf(command); - return 0; - } -} diff --git a/src/pakfire/lib/functions.sh b/src/pakfire/lib/functions.sh index 375169760..5918649db 100644 --- a/src/pakfire/lib/functions.sh +++ b/src/pakfire/lib/functions.sh @@ -24,7 +24,8 @@
extract_files() { echo "Extracting files..." - tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p --numeric-owner -C / + tar --acls --xattrs --xattrs-include='*' \ + -xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p --numeric-owner -C / echo "...Finished." }
diff --git a/src/patches/ddns-013-add-option-to-list-token-provider.patch b/src/patches/ddns-013-add-option-to-list-token-provider.patch new file mode 100644 index 000000000..7603422a2 --- /dev/null +++ b/src/patches/ddns-013-add-option-to-list-token-provider.patch @@ -0,0 +1,292 @@ +commit 287b2bfe7bf5e0639da9227a8c7893ce40d298ae +Author: Stefan Schantl stefan.schantl@ipfire.org +Date: Wed Dec 2 20:31:19 2020 +0100 + + Add option to list provider with token support. + + This option can be used to get a list of all known provider which support + a token based authentication method. + + In order to provide this feature the provider details has been extended + to contain the information if a provider supports this authentication + method or not. + + Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org + +diff --git a/ddns.in b/ddns.in +old mode 100644 +new mode 100755 +index 0e377e7..538e4b0 +--- a/ddns.in ++++ b/ddns.in +@@ -49,6 +49,10 @@ def main(): + p_list_providers = subparsers.add_parser("list-providers", + help=_("List all available providers")) + ++ # list-token-provider ++ p_list_token_provider = subparsers.add_parser("list-token-provider", ++ help=_("List all providers which supports authentication via token")) ++ + # update + p_update = subparsers.add_parser("update", help=_("Update DNS record")) + p_update.add_argument("hostname") +@@ -85,6 +89,10 @@ def main(): + provider_names = d.get_provider_names() + print("\n".join(provider_names)) + ++ elif args.subparsers_name == "list-token-providers": ++ token_provider = d.get_provider_with_token_support() ++ print("\n".join(token_provider)) ++ + elif args.subparsers_name == "update": + d.updateone(hostname=args.hostname, force=args.force) + +diff --git a/src/ddns/__init__.py b/src/ddns/__init__.py +index 3e43fa7..ca232bf 100644 +--- a/src/ddns/__init__.py ++++ b/src/ddns/__init__.py +@@ -86,6 +86,20 @@ class DDNSCore(object): + """ + return sorted(self.providers.keys()) + ++ def get_provider_with_token_support(self): ++ """ ++ Returns a list with names of all registered providers ++ which support token based authtentication. ++ """ ++ ++ token_provider = [] ++ ++ for handle, provider in sorted(self.providers.items()): ++ if provider.supports_token_auth is True: ++ token_provider.append(handle) ++ ++ return sorted(token_provider) ++ + def load_configuration(self, filename): + logger.debug(_("Loading configuration file %s") % filename) + +diff --git a/src/ddns/providers.py b/src/ddns/providers.py +index a1ca3f3..b0066d5 100644 +--- a/src/ddns/providers.py ++++ b/src/ddns/providers.py +@@ -73,6 +73,10 @@ class DDNSProvider(object): + # Required to remove AAAA records if IPv6 is absent again. + can_remove_records = True + ++ # True if the provider supports authentication via a random ++ # generated token instead of username and password. ++ supports_token_auth = True ++ + @staticmethod + def supported(): + """ +@@ -352,6 +356,10 @@ class DDNSProtocolDynDNS2(object): + # The DynDNS protocol version 2 does not allow to remove records + can_remove_records = False + ++ # The DynDNS protocol version 2 only supports authentication via ++ # username and password. ++ supports_token_auth = False ++ + def prepare_request_data(self, proto): + data = { + "hostname" : self.hostname, +@@ -440,6 +448,7 @@ class DDNSProviderAllInkl(DDNSProvider): + + url = "http://dyndns.kasserver.com" + can_remove_records = False ++ supports_token_auth = False + + def update(self): + # There is no additional data required so we directly can +@@ -464,6 +473,8 @@ class DDNSProviderBindNsupdate(DDNSProvider): + + DEFAULT_TTL = 60 + ++ supports_token_auth = False ++ + @staticmethod + def supported(): + # Search if the nsupdate utility is available +@@ -550,6 +561,7 @@ class DDNSProviderChangeIP(DDNSProvider): + + url = "https://nic.changeip.com/nic/update" + can_remove_records = False ++ supports_token_auth = False + + def update_protocol(self, proto): + data = { +@@ -616,6 +628,7 @@ class DDNSProviderDDNSS(DDNSProvider): + + url = "http://www.ddnss.de/upd.php" + can_remove_records = False ++ supports_token_auth = False + + def update_protocol(self, proto): + data = { +@@ -678,6 +691,7 @@ class DDNSProviderDHS(DDNSProvider): + + url = "http://members.dhs.org/nic/hosts" + can_remove_records = False ++ supports_token_auth = False + + def update_protocol(self, proto): + data = { +@@ -710,6 +724,7 @@ class DDNSProviderDNSpark(DDNSProvider): + + url = "https://control.dnspark.com/api/dynamic/update.php" + can_remove_records = False ++ supports_token_auth = False + + def update_protocol(self, proto): + data = { +@@ -758,6 +773,7 @@ class DDNSProviderDtDNS(DDNSProvider): + + url = "https://www.dtdns.com/api/autodns.cfm" + can_remove_records = False ++ supports_token_auth = False + + def update_protocol(self, proto): + data = { +@@ -813,6 +829,7 @@ class DDNSProviderDuckDNS(DDNSProvider): + + url = "https://www.duckdns.org/update" + can_remove_records = False ++ supports_token_auth = True + + def update(self): + # Raise an error if no auth details are given. +@@ -914,6 +931,7 @@ class DDNSProviderDynUp(DDNSProvider): + + url = "https://dynup.de/dyn.php" + can_remove_records = False ++ supports_token_auth = False + + def update_protocol(self, proto): + data = { +@@ -979,6 +997,8 @@ class DDNSProviderEasyDNS(DDNSProvider): + + url = "http://api.cp.easydns.com/dyn/tomato.php" + ++ supports_token_auth = False ++ + def update_protocol(self, proto): + data = { + "myip" : self.get_address(proto, "-"), +@@ -1032,6 +1052,7 @@ class DDNSProviderDynsNet(DDNSProvider): + website = "http://www.dyns.net/" + protocols = ("ipv4",) + can_remove_records = False ++ supports_token_auth = False + + # There is very detailed informatio about how to send the update request and + # the possible response codes. (Currently we are using the v1.1 proto) +@@ -1083,6 +1104,7 @@ class DDNSProviderEnomCom(DDNSResponseParserXML, DDNSProvider): + + url = "https://dynamic.name-services.com/interface.asp" + can_remove_records = False ++ supports_token_auth = False + + def update_protocol(self, proto): + data = { +@@ -1125,6 +1147,7 @@ class DDNSProviderEntryDNS(DDNSProvider): + # here: https://entrydns.net/help + url = "https://entrydns.net/records/modify" + can_remove_records = False ++ supports_token_auth = True + + def update_protocol(self, proto): + data = { +@@ -1165,6 +1188,7 @@ class DDNSProviderFreeDNSAfraidOrg(DDNSProvider): + # page. All used values have been collected by testing. + url = "https://freedns.afraid.org/dynamic/update.php" + can_remove_records = False ++ supports_token_auth = True + + def update_protocol(self, proto): + data = { +@@ -1246,6 +1270,7 @@ class DDNSProviderKEYSYSTEMS(DDNSProvider): + + url = "https://dynamicdns.key-systems.net/update.php" + can_remove_records = False ++ supports_token_auth = False + + def update_protocol(self, proto): + address = self.get_address(proto) +@@ -1297,6 +1322,8 @@ class DDNSProviderLightningWireLabs(DDNSProvider): + # Information about the format of the HTTPS request is to be found + # https://dns.lightningwirelabs.com/knowledge-base/api/ddns + ++ supports_token_auth = True ++ + url = "https://dns.lightningwirelabs.com/update" + + def update(self): +@@ -1365,6 +1392,7 @@ class DDNSProviderNamecheap(DDNSResponseParserXML, DDNSProvider): + + url = "https://dynamicdns.park-your-domain.com/update" + can_remove_records = False ++ supports_token_auth = False + + def update_protocol(self, proto): + # Namecheap requires the hostname splitted into a host and domain part. +@@ -1458,6 +1486,8 @@ class DDNSProviderNsupdateINFO(DDNSProtocolDynDNS2, DDNSProvider): + # has not been implemented here, yet. + can_remove_records = False + ++ supports_token_auth = True ++ + # After a failed update, there will be no retries + # https://bugzilla.ipfire.org/show_bug.cgi?id=10603 + holdoff_failure_days = None +@@ -1534,6 +1564,7 @@ class DDNSProviderRegfish(DDNSProvider): + + url = "https://dyndns.regfish.de/" + can_remove_records = False ++ supports_token_auth = True + + def update(self): + data = { +@@ -1630,6 +1661,7 @@ class DDNSProviderServercow(DDNSProvider): + + url = "https://www.servercow.de/dnsupdate/update.php" + can_remove_records = False ++ supports_token_auth = False + + def update_protocol(self, proto): + data = { +@@ -1671,6 +1703,8 @@ class DDNSProviderSPDNS(DDNSProtocolDynDNS2, DDNSProvider): + + url = "https://update.spdyn.de/nic/update" + ++ supports_token_auth = True ++ + @property + def username(self): + return self.get("username") or self.hostname +@@ -1774,6 +1808,8 @@ class DDNSProviderZoneedit(DDNSProvider): + website = "http://www.zoneedit.com" + protocols = ("ipv4",) + ++ supports_token_auth = False ++ + # Detailed information about the request and the response codes can be + # obtained here: + # http://www.zoneedit.com/doc/api/other.html +@@ -1821,6 +1857,7 @@ class DDNSProviderDNSmadeEasy(DDNSProvider): + + url = "https://cp.dnsmadeeasy.com/servlet/updateip?" + can_remove_records = False ++ supports_token_auth = False + + def update_protocol(self, proto): + data = { +@@ -1871,6 +1908,7 @@ class DDNSProviderZZZZ(DDNSProvider): + + url = "https://zzzz.io/api/v1/update" + can_remove_records = False ++ supports_token_auth = True + + def update_protocol(self, proto): + data = { diff --git a/src/patches/ddns-013-proper-encode-string.patch b/src/patches/ddns-013-proper-encode-string.patch new file mode 100644 index 000000000..b101913e8 --- /dev/null +++ b/src/patches/ddns-013-proper-encode-string.patch @@ -0,0 +1,24 @@ +commit 27aea61ba3c8e561c4a5921aeb0ea0986d4d234c +Author: Johannes Schwietzke johannes.schwietzke@web.de +Date: Tue Dec 29 12:07:19 2020 +0100 + + providers.py: Proper encode string. + + Python 3 memoryview requires an encoded string. + + Signed-off-by: Johannes Schwietzke johannes.schwietzke@web.de + Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org + +diff --git a/src/ddns/providers.py b/src/ddns/providers.py +index b0066d5..56e6620 100644 +--- a/src/ddns/providers.py ++++ b/src/ddns/providers.py +@@ -547,7 +547,7 @@ class DDNSProviderBindNsupdate(DDNSProvider): + + logger.debug(" %s" % line) + +- return "\n".join(scriptlet) ++ return "\n".join(scriptlet).encode() + + + class DDNSProviderChangeIP(DDNSProvider): diff --git a/src/patches/fuse-2.9.2-namespace-conflict-fix.patch b/src/patches/fuse-2.9.2-namespace-conflict-fix.patch deleted file mode 100644 index ae67e7d45..000000000 --- a/src/patches/fuse-2.9.2-namespace-conflict-fix.patch +++ /dev/null @@ -1,21 +0,0 @@ -diff -up fuse-2.9.2/include/fuse_kernel.h.conflictfix fuse-2.9.2/include/fuse_kernel.h ---- fuse-2.9.2/include/fuse_kernel.h.conflictfix 2013-06-26 09:31:57.862198038 -0400 -+++ fuse-2.9.2/include/fuse_kernel.h 2013-06-26 09:32:19.679198365 -0400 -@@ -88,12 +88,16 @@ - #ifndef _LINUX_FUSE_H - #define _LINUX_FUSE_H - --#include <sys/types.h> -+#ifdef __linux__ -+#include <linux/types.h> -+#else -+#include <stdint.h> - #define __u64 uint64_t - #define __s64 int64_t - #define __u32 uint32_t - #define __s32 int32_t - #define __u16 uint16_t -+#endif - - /* - * Version negotiation:
hooks/post-receive -- IPFire 2.x development tree