From: git@ipfire.org
To: ipfire-scm@lists.ipfire.org
Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated. c16d97c617b8a7a663f536da61f7b161251c6500
Date: Wed, 28 May 2014 15:07:08 +0200 [thread overview]
Message-ID: <20140528130709.2739520C37@argus.ipfire.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 18857 bytes --]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
via c16d97c617b8a7a663f536da61f7b161251c6500 (commit)
via b585282abfc3666feedd9e1464095297e76a8aaf (commit)
from 38d45f0154f828e7c9fc99149800a6f99b165d27 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit c16d97c617b8a7a663f536da61f7b161251c6500
Author: Erik Kapfer <erik.kapfer(a)ipfire.org>
Date: Wed May 28 08:12:52 2014 +0200
openvpn: Added DH parameter to CA chart.
Added also a 'Default' mark in N2N cipher menu for AES-256-CBC.
commit b585282abfc3666feedd9e1464095297e76a8aaf
Author: Erik Kapfer <erik.kapfer(a)ipfire.org>
Date: Mon May 26 14:14:44 2014 +0200
openvpn: Fixed some typos
-----------------------------------------------------------------------
Summary of changes:
doc/language_issues.es | 3 +++
doc/language_issues.fr | 3 +++
doc/language_issues.nl | 3 +++
doc/language_issues.pl | 3 +++
doc/language_issues.ru | 3 +++
doc/language_issues.tr | 3 +++
doc/language_missings | 12 ++++++++++
html/cgi-bin/ovpnmain.cgi | 60 ++++++++++++++++++++++++++++++++++++++++-------
langs/de/cgi-bin/de.pl | 3 +++
langs/en/cgi-bin/en.pl | 3 +++
10 files changed, 87 insertions(+), 9 deletions(-)
Difference in files:
diff --git a/doc/language_issues.es b/doc/language_issues.es
index e13636b..7b59a5e 100644
--- a/doc/language_issues.es
+++ b/doc/language_issues.es
@@ -632,12 +632,14 @@ WARNING: untranslated string: countries
WARNING: untranslated string: country codes and flags
WARNING: untranslated string: countrycode
WARNING: untranslated string: dead peer detection
+WARNING: untranslated string: default
WARNING: untranslated string: deprecated fs warn
WARNING: untranslated string: details
WARNING: untranslated string: dh
WARNING: untranslated string: dh key move failed
WARNING: untranslated string: dh key warn
WARNING: untranslated string: dh key warn1
+WARNING: untranslated string: dh parameter
WARNING: untranslated string: dnat address
WARNING: untranslated string: dns servers
WARNING: untranslated string: dnsforward
@@ -648,6 +650,7 @@ WARNING: untranslated string: dnsforward entries
WARNING: untranslated string: dnsforward forward_server
WARNING: untranslated string: dnsforward zone
WARNING: untranslated string: downlink
+WARNING: untranslated string: download dh parameter
WARNING: untranslated string: dpd delay
WARNING: untranslated string: dpd timeout
WARNING: untranslated string: drop action
diff --git a/doc/language_issues.fr b/doc/language_issues.fr
index 759c18d..2446583 100644
--- a/doc/language_issues.fr
+++ b/doc/language_issues.fr
@@ -642,12 +642,14 @@ WARNING: untranslated string: countries
WARNING: untranslated string: country codes and flags
WARNING: untranslated string: countrycode
WARNING: untranslated string: dead peer detection
+WARNING: untranslated string: default
WARNING: untranslated string: deprecated fs warn
WARNING: untranslated string: details
WARNING: untranslated string: dh
WARNING: untranslated string: dh key move failed
WARNING: untranslated string: dh key warn
WARNING: untranslated string: dh key warn1
+WARNING: untranslated string: dh parameter
WARNING: untranslated string: dnat address
WARNING: untranslated string: dns address deleted txt
WARNING: untranslated string: dns servers
@@ -659,6 +661,7 @@ WARNING: untranslated string: dnsforward entries
WARNING: untranslated string: dnsforward forward_server
WARNING: untranslated string: dnsforward zone
WARNING: untranslated string: downlink
+WARNING: untranslated string: download dh parameter
WARNING: untranslated string: dpd delay
WARNING: untranslated string: dpd timeout
WARNING: untranslated string: drop action
diff --git a/doc/language_issues.nl b/doc/language_issues.nl
index c1173f7..8dd0a3c 100644
--- a/doc/language_issues.nl
+++ b/doc/language_issues.nl
@@ -650,11 +650,14 @@ WARNING: untranslated string: Scan for Songs
WARNING: untranslated string: atm device
WARNING: untranslated string: bytes
WARNING: untranslated string: capabilities
+WARNING: untranslated string: default
WARNING: untranslated string: dh
WARNING: untranslated string: dh key move failed
WARNING: untranslated string: dh key warn
WARNING: untranslated string: dh key warn1
+WARNING: untranslated string: dh parameter
WARNING: untranslated string: dns servers
+WARNING: untranslated string: download dh parameter
WARNING: untranslated string: drop outgoing
WARNING: untranslated string: firewall logs country
WARNING: untranslated string: fwhost err hostip
diff --git a/doc/language_issues.pl b/doc/language_issues.pl
index e13636b..7b59a5e 100644
--- a/doc/language_issues.pl
+++ b/doc/language_issues.pl
@@ -632,12 +632,14 @@ WARNING: untranslated string: countries
WARNING: untranslated string: country codes and flags
WARNING: untranslated string: countrycode
WARNING: untranslated string: dead peer detection
+WARNING: untranslated string: default
WARNING: untranslated string: deprecated fs warn
WARNING: untranslated string: details
WARNING: untranslated string: dh
WARNING: untranslated string: dh key move failed
WARNING: untranslated string: dh key warn
WARNING: untranslated string: dh key warn1
+WARNING: untranslated string: dh parameter
WARNING: untranslated string: dnat address
WARNING: untranslated string: dns servers
WARNING: untranslated string: dnsforward
@@ -648,6 +650,7 @@ WARNING: untranslated string: dnsforward entries
WARNING: untranslated string: dnsforward forward_server
WARNING: untranslated string: dnsforward zone
WARNING: untranslated string: downlink
+WARNING: untranslated string: download dh parameter
WARNING: untranslated string: dpd delay
WARNING: untranslated string: dpd timeout
WARNING: untranslated string: drop action
diff --git a/doc/language_issues.ru b/doc/language_issues.ru
index 0589067..2d12fc6 100644
--- a/doc/language_issues.ru
+++ b/doc/language_issues.ru
@@ -636,12 +636,14 @@ WARNING: untranslated string: countries
WARNING: untranslated string: country codes and flags
WARNING: untranslated string: countrycode
WARNING: untranslated string: dead peer detection
+WARNING: untranslated string: default
WARNING: untranslated string: deprecated fs warn
WARNING: untranslated string: details
WARNING: untranslated string: dh
WARNING: untranslated string: dh key move failed
WARNING: untranslated string: dh key warn
WARNING: untranslated string: dh key warn1
+WARNING: untranslated string: dh parameter
WARNING: untranslated string: disk access per
WARNING: untranslated string: dnat address
WARNING: untranslated string: dns servers
@@ -653,6 +655,7 @@ WARNING: untranslated string: dnsforward entries
WARNING: untranslated string: dnsforward forward_server
WARNING: untranslated string: dnsforward zone
WARNING: untranslated string: downlink
+WARNING: untranslated string: download dh parameter
WARNING: untranslated string: dpd delay
WARNING: untranslated string: dpd timeout
WARNING: untranslated string: drop action
diff --git a/doc/language_issues.tr b/doc/language_issues.tr
index 2d9ebf7..7ce95e0 100644
--- a/doc/language_issues.tr
+++ b/doc/language_issues.tr
@@ -648,10 +648,13 @@ WARNING: untranslated string: Number of Countries for the pie chart
WARNING: untranslated string: Scan for Songs
WARNING: untranslated string: bytes
WARNING: untranslated string: capabilities
+WARNING: untranslated string: default
WARNING: untranslated string: dh
WARNING: untranslated string: dh key move failed
WARNING: untranslated string: dh key warn
WARNING: untranslated string: dh key warn1
+WARNING: untranslated string: dh parameter
+WARNING: untranslated string: download dh parameter
WARNING: untranslated string: firewall logs country
WARNING: untranslated string: fwhost err hostip
WARNING: untranslated string: gen dh
diff --git a/doc/language_missings b/doc/language_missings
index 2def481..7ae53f8 100644
--- a/doc/language_missings
+++ b/doc/language_missings
@@ -76,6 +76,7 @@
< countries
< countrycode
< country codes and flags
+< default
< default ip
< deprecated fs warn
< details
@@ -83,6 +84,7 @@
< dh key move failed
< dh key warn
< dh key warn1
+< dh parameter
< dnat address
< dns address deleted txt
< dnsforward
@@ -93,6 +95,7 @@
< dnsforward forward_server
< dnsforward zone
< dns servers
+< download dh parameter
< dpd delay
< dpd timeout
< drop action
@@ -593,6 +596,7 @@
< countries
< countrycode
< country codes and flags
+< default
< default ip
< deprecated fs warn
< details
@@ -600,6 +604,7 @@
< dh key move failed
< dh key warn
< dh key warn1
+< dh parameter
< dnat address
< dnsforward
< dnsforward add a new entry
@@ -609,6 +614,7 @@
< dnsforward forward_server
< dnsforward zone
< dns servers
+< download dh parameter
< dpd delay
< dpd timeout
< drop action
@@ -1101,6 +1107,7 @@
< countries
< countrycode
< country codes and flags
+< default
< default ip
< deprecated fs warn
< details
@@ -1108,6 +1115,7 @@
< dh key move failed
< dh key warn
< dh key warn1
+< dh parameter
< dnat address
< dnsforward
< dnsforward add a new entry
@@ -1117,6 +1125,7 @@
< dnsforward forward_server
< dnsforward zone
< dns servers
+< download dh parameter
< dpd delay
< dpd timeout
< drop action
@@ -1587,6 +1596,7 @@
< countrycode
< country codes and flags
< day-graph
+< default
< default ip
< deprecated fs warn
< details
@@ -1594,6 +1604,7 @@
< dh key move failed
< dh key warn
< dh key warn1
+< dh parameter
< disk access per
< dnat address
< dnsforward
@@ -1604,6 +1615,7 @@
< dnsforward forward_server
< dnsforward zone
< dns servers
+< download dh parameter
< dpd delay
< dpd timeout
< drop action
diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index 0e8fad8..921009f 100644
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -1023,7 +1023,6 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General
### Save main settings
###
-
if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cgiparams{'KEY'} eq '') {
&General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
#DAN do we really need (to to check) this value? Besides if we listen on blue and orange too,
@@ -1034,8 +1033,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cg
goto SETTINGS_ERROR;
}
}
- if ($errormessage) { goto SETTINGS_ERROR; }
-
+
if (! &General::validipandmask($cgiparams{'DOVPN_SUBNET'})) {
$errormessage = $Lang::tr{'ovpn subnet is invalid'};
goto SETTINGS_ERROR;
@@ -1520,6 +1518,18 @@ END
print `/usr/bin/openssl x509 -in ${General::swroot}/ovpn/certs/servercert.pem`;
exit(0);
}
+
+###
+### Download Diffie-Hellman parameter
+###
+}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'download dh parameter'}) {
+ if ( -f "${General::swroot}/ovpn/ca/dh1024.pem" ) {
+ print "Content-Type: application/octet-stream\r\n";
+ print "Content-Disposition: filename=dh1024.pem\r\n\r\n";
+ print `/usr/bin/openssl dhparam -in ${General::swroot}/ovpn/ca/dh1024.pem`;
+ exit(0);
+ }
+
###
### Form for generating a root certificate
###
@@ -4470,7 +4480,7 @@ if ($cgiparams{'TYPE'} eq 'net') {
<option value='CAMELLIA-256-CBC' $selected{'DCIPHER'}{'CAMELLIA-256-CBC'}>CAMELLIA-CBC (256 $Lang::tr{'bit'})</option>
<option value='CAMELLIA-192-CBC' $selected{'DCIPHER'}{'CAMELLIA-192-CBC'}>CAMELLIA-CBC (192 $Lang::tr{'bit'})</option>
<option value='CAMELLIA-128-CBC' $selected{'DCIPHER'}{'CAMELLIA-128-CBC'}>CAMELLIA-CBC (128 $Lang::tr{'bit'})</option>
- <option value='AES-256-CBC' $selected{'DCIPHER'}{'AES-256-CBC'}>AES-CBC (256 $Lang::tr{'bit'})</option>
+ <option value='AES-256-CBC' $selected{'DCIPHER'}{'AES-256-CBC'}>AES-CBC (256 $Lang::tr{'bit'}, $Lang::tr{'default'})</option>
<option value='AES-192-CBC' $selected{'DCIPHER'}{'AES-192-CBC'}>AES-CBC (192 $Lang::tr{'bit'})</option>
<option value='AES-128-CBC' $selected{'DCIPHER'}{'AES-128-CBC'}>AES-CBC (128 $Lang::tr{'bit'})</option>
<option value='DES-EDE3-CBC' $selected{'DCIPHER'}{'DES-EDE3-CBC'}>DES-EDE3-CBC (192 $Lang::tr{'bit'})</option>
@@ -5216,7 +5226,9 @@ END
END
;
my $col1="bgcolor='$color{'color22'}'";
- my $col2="bgcolor='$color{'color20'}'";
+ my $col2="bgcolor='$color{'color20'}'";
+ my $col3="bgcolor='$color{'color22'}'";
+
if (-f "${General::swroot}/ovpn/ca/cacert.pem") {
my $casubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/cacert.pem`;
$casubject =~ /Subject: (.*)[\n]/;
@@ -5282,6 +5294,39 @@ END
;
}
+ # Adding DH parameter to chart
+ if (-f "${General::swroot}/ovpn/ca/dh1024.pem") {
+ my $dhsubject = `/usr/bin/openssl dhparam -text -in ${General::swroot}/ovpn/ca/dh1024.pem`;
+ $dhsubject =~ /PKCS#3 (.*)[\n]/;
+ $dhsubject = $1;
+
+
+ print <<END;
+ <tr>
+ <td class='base' $col3>$Lang::tr{'dh parameter'}</td>
+ <td class='base' $col3>$dhsubject</td>
+ <form method='post' name='frmdhparam'><td width='3%' align='center' $col3>
+ <input type='hidden' name='ACTION' value='$Lang::tr{'show dh'}' />
+ <input type='image' name='$Lang::tr{'show dh'}' src='/images/info.gif' alt='$Lang::tr{'show dh'}' title='$Lang::tr{'show dh'}' width='20' height='20' border='0' />
+ </td></form>
+ <form method='post' name='frmdhparam'><td width='3%' align='center' $col3>
+ <input type='image' name="$Lang::tr{'download dh parameter'}" src='/images/media-floppy.png' alt="$Lang::tr{'download dh parameter'}" title="$Lang::tr{'download dh parameter'}" border='0' />
+ <input type='hidden' name='ACTION' value="$Lang::tr{'download dh parameter'}" />
+ </td></form>
+ <td width='4%' $col3> </td></tr>
+END
+ ;
+ } else {
+ # Nothing
+ print <<END;
+ <tr>
+ <td width='25%' class='base' $col3>$Lang::tr{'dh parameter'}:</td>
+ <td class='base' $col3>$Lang::tr{'not present'}</td>
+ </td><td colspan='3' $col3> </td></tr>
+END
+ ;
+ }
+
if (! -f "${General::swroot}/ovpn/ca/cacert.pem") {
print "<tr><td colspan='5' align='center'><form method='post'>";
print "<input type='submit' name='ACTION' value='$Lang::tr{'generate root/host certificates'}' />";
@@ -5353,7 +5398,7 @@ END
<tr><td colspan=4><hr /></td></tr><tr>
<tr>
- <td class'base'><b>$Lang::tr{'ovpn dh parameters'}:</b></td>
+ <td class'base'><b>$Lang::tr{'ovpn dh parameters'}</b></td>
</tr>
<tr>
@@ -5367,9 +5412,6 @@ END
<td nowrap='nowrap'><size='15' align='left'/></td>
<td nowrap='nowrap'><input type='submit' name='ACTION' value='$Lang::tr{'generate dh key'}' /></td>
</tr>
- <tr>
- <td colspan='4' align='right'><input type='submit' name='ACTION' value='$Lang::tr{'show dh'}' /></td>
- </tr>
</table>
<tr><td colspan=4><hr /></td></tr><tr>
diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index 6d27012..5df9ba8 100644
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -635,6 +635,7 @@
'december' => 'Dezember',
'deep scan directories' => 'rekursiv scannen',
'def lease time' => 'Standardzeit für Zuordnung',
+'default' => 'Voreinstellung',
'default ip' => 'Standard IP-Adresse',
'default lease time' => 'Haltezeit-Voreinstellung in min:',
'default networks' => 'Standard Netzwerke',
@@ -666,6 +667,7 @@
'dh key move failed' => 'Verschieben der Diffie-Hellman-Parameter fehlgeschlagen.',
'dh key warn' => 'Das Generieren der Diffie-Hellman-Parameter mit 1024 oder 2048 Bit dauert üblicherweise mehrere Minuten. Schlüssellängen von 3072 oder 4096 Bit beanspruchen mehrere Stunden. Bitte haben Sie etwas Geduld.',
'dh key warn1' => 'Bei schwachen Systemen oder Systeme mit wenig Entropie wird empfohlen lange Diffie-Hellman-Parameter über die Upload-Funktion hochzuladen.',
+'dh parameter' => 'Diffie-Hellman-Parameter',
'dhcp advopt add' => 'DHCP Option hinzufügen',
'dhcp advopt added' => 'DHCP Option hinzugefügt',
'dhcp advopt blank value' => 'Wert für DHCP Option darf nicht leer sein',
@@ -768,6 +770,7 @@
'download' => 'herunterladen',
'download ca certificate' => 'CA-Zertifikat herunterladen',
'download certificate' => 'Zertifikate herunterladen',
+'download dh parameter' => 'Diffie-Hellman-Parameter herunterladen',
'download host certificate' => 'Host-Zertifikat herunterladen',
'download new ruleset' => 'Neuen Regelsatz herunterladen',
'download pkcs12 file' => 'PKCS12-Datei herunterladen',
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index f7bfcd8..e0686f3 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -657,6 +657,7 @@
'december' => 'December',
'deep scan directories' => 'Scan recursive',
'def lease time' => 'Default Lease Time',
+'default' => 'Default',
'default ip' => 'Default IP address',
'default lease time' => 'Default lease time (mins):',
'default networks' => 'Default networks',
@@ -689,6 +690,7 @@
'dh key warn' => 'Creating Diffie-Hellman parameters with lengths of 1024 or 2048 bits takes up to several minutes. Lengths of 3072 or 4096 bits might needs several hours. Please be patient.',
'dh key warn1' => 'For weak systems or systems with little entropy, it is recommended to upload long Diffie-Hellman parameters by usage of the upload function.',
'dh name is invalid' => 'Name is invalid, please use "dh1024.pem".',
+'dh parameter' => 'Diffie-Hellman parameters',
'dhcp advopt add' => 'Add a DHCP option',
'dhcp advopt added' => 'DHCP option added',
'dhcp advopt blank value' => 'DHCP Option value cannot be empty.',
@@ -794,6 +796,7 @@
'download' => 'download',
'download ca certificate' => 'Download CA certificate',
'download certificate' => 'Download certificate',
+'download dh parameter' => 'Download Diffie-Hellman parameters',
'download host certificate' => 'Download host certificate',
'download new ruleset' => 'Download new ruleset',
'download pkcs12 file' => 'Download PKCS12 file',
hooks/post-receive
--
IPFire 2.x development tree
reply other threads:[~2014-05-28 13:07 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140528130709.2739520C37@argus.ipfire.org \
--to=git@ipfire.org \
--cc=ipfire-scm@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox