This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, core115 has been created at 7207d80c4ecf070495b3d3e65c9f50dfad6d6a1a (commit) - Log ----------------------------------------------------------------- commit 7207d80c4ecf070495b3d3e65c9f50dfad6d6a1a Author: Michael Tremer Date: Mon Oct 16 19:20:20 2017 +0100 core115: Ship logrotate Signed-off-by: Michael Tremer commit 5ed7bbd52fe8fc124100ece71df0052e23276569 Author: Matthias Fischer Date: Sat Oct 14 11:14:17 2017 +0200 logrotate: Update to 3.13.0 For details see: https://github.com/logrotate/logrotate/releases Best, Matthias Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit b62c826fd8f9b41ac6006d4af8d0d5851f3ba1b4 Author: Michael Tremer Date: Mon Oct 16 17:43:32 2017 +0100 PDF-API2: Add optional dependencies to read TrueType fonts Signed-off-by: Michael Tremer commit e3c3625c34f2ea370014b1a3798edd9909b03497 Author: Michael Tremer Date: Mon Oct 16 17:31:51 2017 +0100 Make perl-PDF-API2 part of the base system Signed-off-by: Michael Tremer commit 30b0e0ca1bd991d737e527b11f3cf83c446104e3 Author: Michael Tremer Date: Mon Oct 16 17:28:51 2017 +0100 PDF-API2: Update to 2.033 Signed-off-by: Michael Tremer commit d7d5774529358c4ccbfc841f7ac1726d384a6bc9 Author: Michael Tremer Date: Mon Oct 16 15:49:35 2017 +0100 KRACK attack: Patch wpa_supplicant & hostapd A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys. Such reinstallation of the encryption key can result in two different types of vulnerabilities: disabling replay protection and significantly reducing the security of encryption to the point of allowing frames to be decrypted or some parts of the keys to be determined by an attacker depending on which cipher is used. This fixes: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088 Signed-off-by: Michael Tremer commit a54350cdb9d56691644486a49b7e5b7594d8d504 Author: Michael Tremer Date: Mon Oct 16 16:36:24 2017 +0200 captive: Allow PDF export of coupons Signed-off-by: Michael Tremer commit ebfb8996930ec1e3b4f7d09208d2ab60a8f30603 Author: Michael Tremer Date: Mon Oct 16 15:03:39 2017 +0200 captive: Add headline to T&C box Signed-off-by: Michael Tremer commit c484679bb3ea4672bf34ba3fd1d5d7596f00a11a Author: Michael Tremer Date: Thu Oct 12 15:56:34 2017 +0100 Download sources via HTTPS Signed-off-by: Michael Tremer commit fb76fc5144d9b072cace93c008da90aa4ccfcbfa Author: Michael Tremer Date: Thu Oct 12 15:50:31 2017 +0100 installer: Fix detection if we have the correct ISO image mounted Signed-off-by: Michael Tremer commit f754146b1eee3f7a78424959633680f593f36d92 Author: Michael Tremer Date: Thu Oct 12 15:32:21 2017 +0100 installer: Allow download of ISO images over HTTPS Signed-off-by: Michael Tremer commit 7ef43add025bd53142cb31c17240e1b3b031115b Author: Michael Tremer Date: Wed Oct 11 21:02:44 2017 +0100 ipfire-netboot: Update to v2.0 Signed-off-by: Michael Tremer commit e735d91f03adf2e0eed8780de52473fe40419bb3 Author: Matthias Fischer Date: Wed Oct 11 17:37:23 2017 +0200 unbound: Update to 1.6.7 For details see: http://www.unbound.net/download.html Best, Matthias Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 50846453cb2dee4bd80220a01c714ea7add2e7a3 Author: Peter Müller Date: Wed Oct 11 18:30:50 2017 +0200 also force TLS when requiring user authentication in WebUI Force TLS _and_ a valid login when accessing protected directories. Signed-off-by: Peter Müller Signed-off-by: Michael Tremer commit 78fa47700d39c3f84a5c31e72140472564328aea Author: Peter Müller Date: Wed Oct 11 19:46:35 2017 +0200 generate ECDSA key on existing installations This is required since Apache crashes if any of the key/certificate files does not exist. Signed-off-by: Peter Müller Signed-off-by: Michael Tremer commit fbc9cfd7697ad09d6022c2c858f0d942d35ee388 Author: Peter Müller Date: Wed Oct 11 19:47:19 2017 +0200 ship changed files for Apache and ECDSA Signed-off-by: Peter Müller Signed-off-by: Michael Tremer commit 73ba2286201fbcf2bfb9786f29d2758e6aa380c6 Author: Peter Müller Date: Wed Oct 11 19:45:19 2017 +0200 enable dual-stack ECDSA and RSA certificates in Apache Note: Apache crashes if any of these files does not exist. Thereof it is necessary to generate missing keys on existing installations. Signed-off-by: Peter Müller Signed-off-by: Michael Tremer commit 5760f93a74dc8569f206b742b3aa3035d9d582fd Author: Peter Müller Date: Wed Oct 11 19:45:33 2017 +0200 generate ECDSA key on existing installations Generate ECDSA key (and sign it) in case it does not exist. That way, httpscert can be ran on existing installations without breaking already generated (RSA) keys. Signed-off-by: Peter Müller Signed-off-by: Michael Tremer commit f227ae4fd2336f86b2e0ada26144bca7190e0548 Author: Peter Müller Date: Wed Oct 11 19:24:10 2017 +0200 prefer ECDSA over RSA and remove clutter Priorize ECDSA before RSA and remove unused cipher suites. Remove redundant OpenSSL directives to make SSL configuration more readable. Signed-off-by: Peter Müller Signed-off-by: Michael Tremer commit 5c6ae344fc30101566d82fa44dbb7d11a3b7ee9b Author: Matthias Fischer Date: Wed Oct 11 18:08:30 2017 +0200 web-user-interface: Removed 'dial.cgi' from lfs-file 'dial.cgi' was removed in https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=dc6ed83537e1bcc1347ad16bee095ef4d641bc69 Best, Matthias Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 0b289b3af01080c802a8559a1c86327b77b1f7b9 Author: Michael Tremer Date: Wed Oct 11 19:59:48 2017 +0100 netboot: Update to 1.2 Signed-off-by: Michael Tremer commit e2bd5a6eb9385b82970c0e0afff5825950772fe1 Author: Michael Tremer Date: Wed Oct 11 14:52:03 2017 +0100 captive: Allow editing terms in coupon mode Since the terms are always shown when set, we need a way to edit them in coupon mode as well. Signed-off-by: Michael Tremer commit 2f27148cbbf9482a11bc05c1afb410e3bb1bebb0 Author: Michael Tremer Date: Wed Oct 11 12:20:44 2017 +0100 core115: Ship updated extrahd.pl Signed-off-by: Michael Tremer commit 3c3dfd165eec77898bd9e0bf72ee92dbe9987d61 Author: Matthias Fischer Date: Tue Oct 3 15:40:25 2017 +0200 Remove PRINT-line in extrahd.pl As shown in https://forum.ipfire.org/viewtopic.php?f=50&t=19563#p111055 PRINT-output somehow garbles bash-prompt. Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit ebf697a097f38c11a603e22f7f742e24bba601a2 Author: Michael Tremer Date: Wed Oct 11 11:56:07 2017 +0100 core115: Ship latest OpenVPN changes Signed-off-by: Michael Tremer commit b66b02ab73863bcb9130300d8ef0eecdc51efde3 Author: Erik Kapfer Date: Fri Oct 6 15:14:48 2017 +0200 OpenVPN: Fix for '--ns-cert-type server is deprecated' . - Added extended key usage based on RFC3280 TLS rules for OpenVPNs OpenSSL configuration, so '--remote-cert-tls' can be used instead of the old and deprecated '--ns-cert-type' if the host certificate are newely generated with this options. Nevertheless both directives (old and new) will work also with old CAs. - Automatic detection if the host certificate uses the new options. If it does, '--remote-cert-tls server' will be automatically set into the client configuration files for Net-to-Net and Roadwarriors connections. If it does NOT, the old '--ns-cert-type server' directive will be set in the client configuration file. Signed-off-by: Michael Tremer commit b0b4d09c56774e84938109963a32916716e96f85 Author: Peter Müller Date: Tue Oct 10 15:31:07 2017 +0200 remove unused dial.cgi directives from Apache vhosts config Remove configuration lines in Apache vhosts files which are not used anymore (old dial.cgi stuff). Signed-off-by: Peter Müller Signed-off-by: Michael Tremer commit dc6ed83537e1bcc1347ad16bee095ef4d641bc69 Author: Peter Müller Date: Mon Oct 9 22:06:33 2017 +0200 delete unused dial.cgi file Signed-off-by: Peter Müller Signed-off-by: Michael Tremer commit 436479a29fb81a66e66304a76862e48cddfaf424 Author: Michael Tremer Date: Mon Oct 9 14:58:41 2017 +0100 core115: No need to reload apache after it has been restarted Signed-off-by: Michael Tremer commit c8e03c7c53ba59acf4aed8dca38d23a88f2167c9 Author: Michael Tremer Date: Mon Oct 9 14:58:26 2017 +0100 core115: Regenerate IPsec configuration Signed-off-by: Michael Tremer commit e34e72b6e1d0e4ac5b4e08b661b1ab6e7062d2f5 Author: Peter Müller Date: Sun Oct 8 20:41:10 2017 +0200 add missing check for Curve25519 in vpnmain.cgi This fixes bug #11501 which causes IPsec connections to crash if Curve25519 has been enabled. Signed-off-by: Peter Müller Signed-off-by: Michael Tremer commit bfa0f1dfc0b85d81ff500cac4f13175fc260ba65 Author: Michael Tremer Date: Mon Oct 9 14:50:29 2017 +0100 core115: Rebuild language cache during update Signed-off-by: Michael Tremer commit 2ac90665e8ca5684e811012f2923b0cfec93e065 Author: Michael Tremer Date: Mon Oct 9 14:49:34 2017 +0100 core115: Ship updated apache Signed-off-by: Michael Tremer commit e3fc1d0a2b13e866ec2043c2c5309d4add2423da Author: Matthias Fischer Date: Sun Oct 8 16:37:21 2017 +0200 apache: Update to 2.4.28 http://apache.mirror.digionline.de//httpd/CHANGES_2.4.28 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit bef7ad5bbecbb3ed36d8c3c38fcca67b84487213 Author: Michael Tremer Date: Mon Oct 9 14:34:21 2017 +0100 captive: Fix saving empty terms Signed-off-by: Michael Tremer commit 6772cc8035ba6a03b2251380f61cc9a4100d9229 Author: Michael Tremer Date: Fri Oct 6 13:03:40 2017 +0100 Download ISO images from https://downloads.ipfire.org Signed-off-by: Michael Tremer commit 5e6fcc884403ee428dec544b32565a33af54ba94 Author: Michael Tremer Date: Fri Oct 6 12:15:26 2017 +0100 Pull latest translations for installer & setup from Transifex Signed-off-by: Michael Tremer commit 1294c52ca5d01e9293b37b2f301c0c873098ab83 Author: Michael Tremer Date: Fri Oct 6 11:48:49 2017 +0100 core115: Include captive portal in updater Signed-off-by: Michael Tremer commit 112a09508e9538d67af9e60c207724eca49b1c51 Author: Michael Tremer Date: Thu Oct 5 11:38:05 2017 +0100 core115: Add captive portal cron jobs to updater Signed-off-by: Michael Tremer commit bbc69f228db9e050e1b585a1ac09c495d32ef41a Author: Michael Tremer Date: Thu Oct 5 10:42:04 2017 +0100 captive portal: Correctly initialise an array for 8h timeout Signed-off-by: Michael Tremer commit cb40ff6027c8eb06d4f2446c4a606084a39addc0 Author: Michael Tremer Date: Thu Oct 5 12:09:58 2017 +0200 captive portal: Reload firewall rules after cleanup This is not necessary to stop any clients from accessing the Internet, but if we know that we don't need a line for certain any more, we can as well remove the firewall rule straight away. Signed-off-by: Michael Tremer commit 9c8395456753ac6b7fd0141a6b0be83415841bf0 Author: Michael Tremer Date: Thu Oct 5 12:06:45 2017 +0200 captivectrl: Remove unused code Signed-off-by: Michael Tremer commit b1773d1a37700ce2b07290750052d91983a65620 Author: Michael Tremer Date: Thu Oct 5 12:04:29 2017 +0200 captive portal: Don't remove unlimited access after one hour Reported-by: Daniel Weismüller Signed-off-by: Michael Tremer commit 027614d2dc3107a4e071e8dac49ce8a74c36e4ea Merge: e2d934c 0a21916 Author: Michael Tremer Date: Wed Oct 4 16:10:07 2017 +0100 Merge branch 'captive-portal' into next commit 0a219160ac7dfe243c94c1f04c182d29206df8ec Author: Michael Tremer Date: Wed Oct 4 14:21:12 2017 +0100 captive portal: Allow sessions to expire after 8 hours Signed-off-by: Michael Tremer commit 1f06098ba7f4894c9e3dfb744c38f6ef5c576743 Author: Michael Tremer Date: Wed Oct 4 12:55:17 2017 +0100 captive-portal: Serve Ubuntu font files locally Signed-off-by: Michael Tremer commit 70f6cba43efc1269712ed17020c2e1cf9d6fe86e Author: Michael Tremer Date: Wed Oct 4 12:47:28 2017 +0100 Add Ubuntu font family package Signed-off-by: Michael Tremer commit e2d934cf2bbc9409e878b719a6688476ab9b6874 Author: Michael Tremer Date: Sat Sep 30 12:34:37 2017 +0100 core115: Ship update for OpenVPN Signed-off-by: Michael Tremer commit 67970637d0965ee01255a4d3a27dfa186c57f54c Author: Matthias Fischer Date: Sat Sep 30 07:41:56 2017 +0200 openvpn: Update to 2.3.18 Fixes CVE-2017-12166: out of bounds write in key-method 1 For details see: https://community.openvpn.net/openvpn/wiki/CVE-2017-12166 Changelog: https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23#OpenVPN2.3.18 Removed an unrecognized 'configure'-option. Best, Matthias Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit fc9a434cbcef07ab3c5a81d5514036ac3962219c Author: Matthias Fischer Date: Fri Sep 29 20:42:31 2017 +0200 tor: Update to 3.1.7 Fixes TROVE-2017-008 and CVE-2017-0380 and others.... For details see https://gitweb.torproject.org/tor.git/plain/ReleaseNotes?id=tor-0.3.1.7 "Tor 0.3.1.7 is the first stable release in the 0.3.1 series." Best, Matthias Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 36f5d20ef73844906b557808ecb651097238683f Author: Michael Tremer Date: Sun Sep 24 20:23:06 2017 +0100 core115: Ship cosmetic improvements in proxy.cgi Signed-off-by: Michael Tremer commit 082771c1f4d61fd633c04081ddbfebe25494db14 Author: Matthias Fischer Date: Thu Sep 21 01:46:27 2017 +0200 proxy.cgi: Some cosmetics for the absolutely lazy ones (V2) Added clickable links for 'URL filter' and 'Update accelerator' for faster access, this time without the need to alter the language-files. Best, Matthias Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit c42237247aec6de190d135b61213054b8b7e2e22 Author: Arne Fitzenreiter Date: Sun Sep 24 15:51:12 2017 +0200 start core115 Signed-off-by: Arne Fitzenreiter commit d62fd7553da8699bd60e3decb6b646d4436d372d Merge: 1b0ff72 2083519 Author: Arne Fitzenreiter Date: Sun Sep 24 15:45:04 2017 +0200 Merge branch 'master' into next commit 1b0ff72dad0225f1b636605e17a42c465f96d884 Author: Matthias Fischer Date: Sat Sep 23 01:34:55 2017 +0200 wpa_supplicant: Update to 2.6 For details see: https://w1.fi/cgit/hostap/plain/wpa_supplicant/ChangeLog Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit fb96829a746d5a7ace9835c1aa566f5b0d8bc406 Author: Michael Tremer Date: Fri Sep 22 19:34:29 2017 +0100 captive: Update configuration for Apache 2.4 Signed-off-by: Michael Tremer commit afd0cd232fa0d545ebdb70a114f044cde7b99985 Author: Michael Tremer Date: Fri May 5 11:48:03 2017 +0100 Rootfile update Signed-off-by: Michael Tremer commit 5f1b9511022bca252c27b9e60284bf4f4486af46 Author: Michael Tremer Date: Wed May 3 15:39:50 2017 +0200 captive: Show access page in browser language Signed-off-by: Michael Tremer Tested-by: Daniel Weismüller commit 1d68e28753c7eae374924e0b4ba5ee7cc985c711 Author: Michael Tremer Date: Wed May 3 15:11:30 2017 +0200 captive: Do not try to execute the favicon Signed-off-by: Michael Tremer commit 963beecdb8bf374d71f22fb0aaf39e5f215318d7 Author: Michael Tremer Date: Wed May 3 15:01:02 2017 +0200 captive: Fix passing redirection URL Reported-by: Daniel Weismüller Signed-off-by: Michael Tremer commit 78148cc1e55b0fc85e8433ef30e7e4652e6c6c63 Author: Michael Tremer Date: Wed May 3 14:58:23 2017 +0200 captive: Run apache in HTTP/1.0 mode Reported-by: Daniel Weismüller Tested-by: Daniel Weismüller Signed-off-by: Michael Tremer commit 5511fa319a68abcccd68e575f68383f58cb1a388 Author: Michael Tremer Date: Tue May 2 11:04:06 2017 +0100 captive: Fix another typo in captivectrl Signed-off-by: Michael Tremer commit 94e1d35c541d7cbba43c1703a4a590b441bfd3e5 Author: Michael Tremer Date: Tue May 2 11:02:21 2017 +0100 captive: Fix typo in German translation Signed-off-by: Michael Tremer commit 9b6227cc2a961148d007a3f5a2d388c231af47b4 Author: Michael Tremer Date: Tue May 2 10:58:57 2017 +0100 captive: Let apache follow symlinks to load bootstrap Signed-off-by: Michael Tremer commit 445b43f87732df392776964a82e3ed3058cfee6b Author: Michael Tremer Date: Tue May 2 10:55:58 2017 +0100 captive: Fix directory permissions Signed-off-by: Michael Tremer commit c91899797b58c719132445778b3b1f1b017a80f4 Author: Michael Tremer Date: Tue May 2 10:55:19 2017 +0100 captive: Logo directory no longer exists Signed-off-by: Michael Tremer commit b020b6190f8dd8c5728731148ab11ded9687dcd0 Author: Michael Tremer Date: Tue May 2 10:37:54 2017 +0100 Rootfile update Signed-off-by: Michael Tremer commit 22ce4c3ad6d93879955060e5582384f334ef15f6 Author: Michael Tremer Date: Tue May 2 10:37:41 2017 +0100 apache2: Create captive portal logging directory Signed-off-by: Michael Tremer commit 6033b2710346f9bf4e1182db706775ccde59e5c1 Author: Michael Tremer Date: Tue May 2 10:36:43 2017 +0100 Actually build bootstrap Signed-off-by: Michael Tremer commit 4eecd722b746fa325d126849c3f3cc0e743bf70c Author: Michael Tremer Date: Mon May 1 16:13:06 2017 +0100 Update German translation for captive portal Signed-off-by: Michael Tremer commit 02de682e2118769f1e80fab42f3adb284f60d7c6 Author: Michael Tremer Date: Mon May 1 16:08:24 2017 +0100 captive: Link .map files as well Signed-off-by: Michael Tremer commit 733de0e4a0b16d4b03f193f7eec7ce51de071a30 Author: Michael Tremer Date: Mon May 1 16:07:40 2017 +0100 bootstrap: Install map files, too Signed-off-by: Michael Tremer commit 115b5e624e22212b0b0ba8db852bfec7a402c3fe Author: Michael Tremer Date: Mon May 1 12:39:42 2017 +0100 captive: Show message when an invalid coupon code was entered Signed-off-by: Michael Tremer commit 45b1b7cf65ed067d4df4560716e401e4915e02d8 Author: Michael Tremer Date: Mon May 1 12:37:44 2017 +0100 captive: Do not show checkbox when in coupon mode Signed-off-by: Michael Tremer commit 497b9108559e8eac8daba6e8e9e8ff83d5040c69 Author: Michael Tremer Date: Mon May 1 12:35:45 2017 +0100 captive: Verify that the user actually accepted the terms and conditions Signed-off-by: Michael Tremer commit eb3e3017cbd65d3b46bf1ca69195e72e56f64442 Author: Michael Tremer Date: Mon May 1 12:24:07 2017 +0100 captive: Style any error messages Signed-off-by: Michael Tremer commit aed55ef9f81ea07da49b5b051354911d87d428ce Author: Michael Tremer Date: Mon May 1 12:06:11 2017 +0100 captive: Show a message when no coupon code was entered Signed-off-by: Michael Tremer commit 8b0679cc89926ccd7e6f8b42e4a20dd3b3c4e371 Author: Michael Tremer Date: Mon May 1 11:47:04 2017 +0100 captive: Fix some template updates that I forgot Signed-off-by: Michael Tremer commit 792f1a3bdf47eba051a752f27e30a92d53a523b3 Author: Michael Tremer Date: Mon May 1 11:41:51 2017 +0100 captive: Drop duplicate function to list active clients There was a function with different name but essentially same functionality which is already existant in &show_clients(). Therefore this patch drops the old function without any functional changes. Signed-off-by: Michael Tremer commit 41964aba093a6b37f7534c0990b25c29e38ea371 Author: Michael Tremer Date: Mon May 1 11:40:06 2017 +0100 captive: Redesign clients list box Mostly code cleanup Signed-off-by: Michael Tremer commit a0b271e4745dafb7daade5dcf4d18406daaddee9 Author: Michael Tremer Date: Mon May 1 11:26:04 2017 +0100 captive: Redesign generated coupons table Signed-off-by: Michael Tremer commit 733932de749c1c92f8f4b38a53cdbf876dd7fe6e Author: Michael Tremer Date: Fri Apr 28 15:39:05 2017 +0100 captive: Correctly set coupon lifetime Signed-off-by: Michael Tremer commit 9cba29f119459e3ebf5964ee265edd8194042b5a Author: Michael Tremer Date: Fri Apr 28 15:12:08 2017 +0100 captive: Remember selected coupon expiry time Signed-off-by: Michael Tremer commit 5cd9e28bc407f9c3f01a2512a14adda83f89f92e Author: Michael Tremer Date: Fri Apr 28 15:09:56 2017 +0100 captive: Allow creating multiple coupons in bulk Signed-off-by: Michael Tremer commit 58fd5dd482d1e4fdf4a5eb554dd9c4a6ad93369b Author: Michael Tremer Date: Fri Apr 28 14:56:48 2017 +0100 captive: Reformat times Signed-off-by: Michael Tremer commit 4f75fbfe12ba48d8f4275d76259db8dd02bfe0fa Author: Michael Tremer Date: Fri Apr 28 14:54:26 2017 +0100 captive: Cleanup coupon generation block No functional changes Signed-off-by: Michael Tremer commit 810198110e60d29c6ca9e73b622ab350ae9f9f82 Author: Michael Tremer Date: Fri Apr 28 14:41:57 2017 +0100 captive: Cleanup logo upload Signed-off-by: Michael Tremer commit e7d16ea553d56ad24240f1f6fe1276ecadaa647f Author: Michael Tremer Date: Fri Apr 28 14:38:59 2017 +0100 captive: Cleanup authentication selection Signed-off-by: Michael Tremer commit a41fe924aefb1237c546fdebb55a4fd4c13d580c Author: Michael Tremer Date: Fri Apr 28 14:34:14 2017 +0100 captive: Code cleanup No functional changes Signed-off-by: Michael Tremer commit b7a126d9c8bfb9d03752672b90750a23bdd9119a Author: Michael Tremer Date: Fri Apr 28 14:29:15 2017 +0100 captive: Allow uploading JPEG images, too Signed-off-by: Michael Tremer commit 8802d70a2836012e8e7a8c17eb5fbc589a944e5c Author: Michael Tremer Date: Fri Apr 28 14:21:18 2017 +0100 captive: Serve logo through an extra CGI script This CGI script makes saving the logo easier (especially for backup purposes). Signed-off-by: Michael Tremer commit e2752bfe719b51b1cb2f9153b8ddfab5d4483938 Author: Michael Tremer Date: Fri Apr 28 13:53:57 2017 +0100 captive: Save logo in /var/ipfire/captive Signed-off-by: Michael Tremer commit 278309b9ef3d1a053b9cc201f1b6e0284334d233 Author: Michael Tremer Date: Wed Apr 26 16:44:27 2017 +0100 captive: Allow selecting the session expiry time for terms Signed-off-by: Michael Tremer commit 297ebdd47bbe5170c57f7ea0079c37830da61827 Author: Michael Tremer Date: Wed Apr 26 12:59:36 2017 +0100 captive: Group settings together and create branding section Signed-off-by: Michael Tremer commit 827d3f61da96ebc8881f3fbf283fd67c8bad6809 Author: Michael Tremer Date: Wed Apr 26 12:55:40 2017 +0100 captive: Some more CGI cleanup Signed-off-by: Michael Tremer commit 97b91e8a946233d1a5cf90ed36d744dd07f434f9 Author: Michael Tremer Date: Wed Apr 26 12:50:43 2017 +0100 captive: Rename "Voucher" mode to "Coupon" Signed-off-by: Michael Tremer commit 9735e1670aa846e8e022a88260943bfc348927fc Author: Michael Tremer Date: Wed Apr 26 12:27:35 2017 +0100 captive: Rename "License" mode to "Terms & Conditions" Signed-off-by: Michael Tremer commit f8d35875d8c83347c71a724e1d5af06d1660d4c9 Author: Michael Tremer Date: Wed Apr 26 12:03:08 2017 +0100 captive: Allow selecting highlight colour in web interface To be able to customise the access page, we now allow the user to select a brand colour. Signed-off-by: Michael Tremer commit 4b33d29de7ea95d2ae9a128d6fb2304331d9bdc1 Author: Michael Tremer Date: Wed Apr 26 11:53:15 2017 +0100 captive: Refactor the access page This brings no functional changes, but cleans up the code to re-use more and write less. Signed-off-by: Michael Tremer commit dbfd2622f58727f4b0f9bed8934a770a2050491f Author: Michael Tremer Date: Tue Apr 25 12:52:29 2017 +0100 captive: Get MAC address of a device without calling arp Signed-off-by: Michael Tremer commit 966971e58914ef254595532118d37dd604231a5c Author: Michael Tremer Date: Tue Apr 25 12:32:05 2017 +0100 captive: Don't compare action string Signed-off-by: Michael Tremer commit 48fb1d3b6935e0c94f022df389e1212ef2dbf9d7 Author: Michael Tremer Date: Tue Apr 25 12:24:45 2017 +0100 captive: Import new design This is the new design of the access page of the captive portal. It is based on the Bootstrap 4 grid system and reboot but does not use anything else from it. It is responsive and customisable. Signed-off-by: Michael Tremer commit 050ce7567826a0a45f092a74d8bdb180daa6a86d Author: Michael Tremer Date: Mon Apr 24 12:25:53 2017 +0100 bootstrap: New package Signed-off-by: Michael Tremer commit a2c26388dbc9cd388da37aa326bb9e6806d94f12 Author: Michael Tremer Date: Fri Apr 21 17:34:59 2017 +0100 captive-portal: Use template engine to render HTML template Signed-off-by: Michael Tremer commit 0a02d9bb0c0dd52d2d0f3f45264bdf512eb66380 Author: Michael Tremer Date: Fri Apr 21 16:46:49 2017 +0100 captive-portal: Move CGI files to CGI directory Previously the assets directory has ExecCGI privileges which is not at all required and potentially dangerous. Signed-off-by: Michael Tremer commit d57e8c67bc7ef3d71cb0c339734e49d9912cf581 Author: Michael Tremer Date: Fri Apr 21 16:29:39 2017 +0100 captive-portal: Code cleanup No functional changes Signed-off-by: Michael Tremer commit 11fc9575d79644d7830eca59cf90b0d0393bf32b Author: Michael Tremer Date: Sun Sep 4 09:57:26 2016 +0100 captive: Fix bug with multiple license clients If one active client with a license existed, any other client authenticating will overwrite the configuration line. Signed-off-by: Michael Tremer commit abc41f02dd31774d3bc311b4631fb5cf7f8992cd Author: Michael Tremer Date: Sun Sep 4 09:45:53 2016 +0100 captive: Do not generally allow access to TCP/1013 Signed-off-by: Michael Tremer commit 43834c49693a6c2ce25e31509e9ab2f8d6f32bd7 Author: Michael Tremer Date: Sun Sep 4 09:31:46 2016 +0100 captive: Only make CGI script executable in document root Signed-off-by: Michael Tremer commit 4ddf453804d10c387297fb1a5acb1e6694daddbc Author: Michael Tremer Date: Sun Sep 4 09:27:29 2016 +0100 captive: Reindent apache configuration Signed-off-by: Michael Tremer commit a79b220c5a6ad33126276958a506befe8b437a25 Author: Michael Tremer Date: Sun Sep 4 09:25:41 2016 +0100 captive: Log into default apache log files Signed-off-by: Michael Tremer commit 59a2d9c2d5ab9be52d437f890dcb513a0b4af0c1 Author: Alexander Marx Date: Tue Jul 12 08:13:04 2016 +0200 Captive-portal: Design changes When choosing voucher as authentication type there is no need to display the license agreement textbox Signed-off-by: Alexander Marx Signed-off-by: Michael Tremer commit 0806170370f87f949efd327e1ad7377050b3626f Author: Alexander Marx Date: Thu Jul 7 11:27:40 2016 +0200 BUG11141: Redesign of configuration website To improve the user experience, the configuration part of generating new vouchers has been reworked. Signed-off-by: Alexander Marx Signed-off-by: Michael Tremer commit 213335372da6a5cb106e6ded17521b9a70d84d40 Author: Alexander Marx Date: Tue Jul 5 11:39:16 2016 +0200 BUG11140: Captive logo dimensions Now the min and max logo dimensions are shown in webinterface. Signed-off-by: Alexander Marx Signed-off-by: Michael Tremer commit 6945954c445ff0af6196571bd352e8c8fe0e286b Author: Alexander Marx Date: Wed Jun 29 12:47:55 2016 +0200 BUG11137: Captive save action messes up the form When configuring the captiveportal for the first time the form will be empty after clicking on save button if not all relevant fields are set. Now the settings are stored even if there is an error. Signed-off-by: Alexander Marx Signed-off-by: Michael Tremer commit 1d77d1262a0b4b1d0fc975da799d7e85d29c94d3 Author: Alexander Marx Date: Wed Jun 29 12:36:18 2016 +0200 BUG11139: Captive voucher table too wide Set table to 100% and the remark textfield to 96% (cellwidth) Signed-off-by: Alexander Marx Signed-off-by: Michael Tremer commit 7ab3f84b2ab7a6bbf1428a1e04755ebd3742830f Author: Michael Tremer Date: Mon Jun 20 20:26:00 2016 +0100 Improve the wording of the Captive Portal configuration site Signed-off-by: Michael Tremer commit 2d92a4eca4768b79c6cb2ce4604c0eced3f59a2c Author: Michael Tremer Date: Mon Jun 20 15:50:05 2016 +0100 Update translations Signed-off-by: Michael Tremer commit f339af27044567c36ddc8f27a15a0e4b90297c0b Author: Michael Tremer Date: Mon Jun 20 15:49:26 2016 +0100 Rootfile update Signed-off-by: Michael Tremer commit 45129439bc2b16b712f015a661af4bdfbd815f60 Author: Alexander Marx Date: Thu Feb 11 07:21:29 2016 +0100 Captive-Portal: fix fontsize of generated voucher Signed-off-by: Alexander Marx commit 6820454e5436954c56f28116ee06d5266cd8484f Author: Alexander Marx Date: Wed Feb 10 15:36:49 2016 +0100 Captive-Portal: Fix folder permissions Signed-off-by: Alexander Marx commit 52383f583ed7602a7822564dd497165a1b0084f7 Author: Alexander Marx Date: Wed Feb 10 15:05:35 2016 +0100 Captive-Portal: fix some typos and missing dir Signed-off-by: Alexander Marx commit b32d9e92bee391e172236e4ee4d7661bfd5a1f11 Author: Alexander Marx Date: Wed Feb 10 10:20:52 2016 +0100 Captive-Portal: Add logo upload feature Signed-off-by: Alexander Marx commit 83ba0896f6240a9110198e19a936e86b492cb766 Author: Alexander Marx Date: Wed Feb 10 10:09:23 2016 +0100 Captive-portal: Add directory for logo upload Signed-off-by: Alexander Marx commit fb1d26d1bc50a7a453026a600f763309150320ce Author: Michael Tremer Date: Mon Feb 8 16:38:34 2016 +0000 captivectrl: Add protection against DNS tunnels Limit the amount of DNS traffic for each client that has not registered, yet. Signed-off-by: Michael Tremer commit 76ece3236237626450838b2fb18d5ca213549f51 Author: Michael Tremer Date: Mon Feb 8 16:37:21 2016 +0000 captivectrl: Skip all lines that start with # Signed-off-by: Michael Tremer commit 07d56062a90d84c8504783b1c70fb06466a90dc2 Author: Alexander Marx Date: Mon Feb 8 10:56:01 2016 +0100 Captive-Portal: fix cleanup script The cleanup-script did not write back the hash after the expired voucher was delted Signed-off-by: Alexander Marx commit 5dc32e5877f7cd8bb96ef6becc9a9370490a1c15 Author: Alexander Marx Date: Thu Feb 4 13:26:35 2016 +0100 Captive-Portal: add Errormessage when wrong code is entered Signed-off-by: Alexander Marx commit f3802750ac9b03d7bfdb767e71436a1387607ec0 Author: Alexander Marx Date: Thu Feb 4 12:04:47 2016 +0100 Captive-Portal: fix wrong expiretime of unused vouchers Signed-off-by: Alexander Marx commit facfdcd040d158b529da6134140bf42a1c5a2fca Author: Alexander Marx Date: Thu Feb 4 12:01:30 2016 +0100 Captive-Portal: fix voucher form Signed-off-by: Alexander Marx commit 6d31cfdd58e5826373da4f5eaa07fd31dbcbee7d Author: Alexander Marx Date: Thu Feb 4 08:10:11 2016 +0100 Captive-Portal: add logging to syslog Signed-off-by: Alexander Marx commit e14adf759ae830dc6f36c97d31e42a449529c502 Author: Alexander Marx Date: Thu Feb 4 07:30:05 2016 +0100 Captive-Portal: SHow always licencebox in config Also fix index.cgi to show individual title Signed-off-by: Alexander Marx commit c7e78cc62e6699f00962caf440ed25270c461334 Author: Alexander Marx Date: Tue Feb 2 14:30:13 2016 +0100 Captive-Portal: several design changes Signed-off-by: Alexander Marx commit e01c5ab71a78b4061cf98fd03be76112842a6bf2 Author: Alexander Marx Date: Mon Feb 1 16:14:50 2016 +0100 Captive-Portal: redesign Webinterface Signed-off-by: Alexander Marx commit 47406df0fea9108a9b921884c58c53ca6ce6cb37 Author: Alexander Marx Date: Fri Jan 29 12:52:27 2016 +0100 Captive-Portal: fix some rootfiles Signed-off-by: Alexander Marx commit a6c985284d0d1a56ba8646a817b6bcd85aaa68e3 Author: Alexander Marx Date: Fri Jan 29 09:17:22 2016 +0100 Captive-Portal: add backup-part Signed-off-by: Alexander Marx commit 8ef627839fa3e7fd636a243153ed68126f967871 Author: Alexander Marx Date: Fri Jan 29 09:02:31 2016 +0100 Captive-Portal: add captive logdir to apache2 rootfile Signed-off-by: Alexander Marx commit c04d2de74ee3b300b59dacdb29d0c174ed269025 Author: Alexander Marx Date: Fri Jan 29 08:56:16 2016 +0100 Captive-Portal: add files to configroot rootfile Signed-off-by: Alexander Marx commit 585703d8a3da1ec4952851efa53d3ab926870b14 Author: Alexander Marx Date: Fri Jan 29 08:52:32 2016 +0100 Captive-Portal: Add files for webinterface tio rootfile Signed-off-by: Alexander Marx commit 19cd2b6a7cd5951bb2c74004f27c5be82924880a Author: Alexander Marx Date: Fri Jan 29 08:44:01 2016 +0100 Captive-Portal: add vhost config to apache2 rootfile Signed-off-by: Alexander Marx commit 1fc9a43056d516e335e6761443d77bba77ba44d9 Author: Alexander Marx Date: Thu Jan 28 16:21:51 2016 +0100 Captive-Portal: create dir for cative logfiles Signed-off-by: Alexander Marx commit 5ca163cd82d651f5036cda30a4fa4c54c1559439 Author: Alexander Marx Date: Thu Jan 28 16:14:34 2016 +0100 Captive-Portal: add captive dirs and files to configroot Signed-off-by: Alexander Marx commit bbaa3613b4e779fed958dc3f7918a65c57576fe8 Author: Alexander Marx Date: Thu Jan 28 16:08:32 2016 +0100 Captive-Portal: add captive chains to firewall initscript When loading the initscript of the firewall the neccessary chains for the captive portalneed to be created. Signed-off-by: Alexander Marx commit 4d9002279f6cd5c73f0e6092c22ae2bfa49460bb Author: Alexander Marx Date: Thu Jan 28 16:05:53 2016 +0100 Captive-Portal: add crontab and cleanup scripts The cleanup script is called every hour and deletes expired clients from the clients file. every night the captivectrl warpper runs once to flush the chains and reload rules for active clients Signed-off-by: Alexander Marx commit 8b92078917ab3c3fdbdd2070ba803f23aff237d7 Author: Alexander Marx Date: Thu Jan 28 11:18:59 2016 +0100 Captive-Portal: add web-part Introduce new Captive-Portal. Here we add the menu, apache configuration (vhost), IPFire configuration website and Captive-Portal Access site. Also the languagefiles are updated. Signed-off-by: Alexander Marx commit cec16b8242f27a7718cb54477403651f752c109e Author: Michael Tremer Date: Thu Feb 4 14:34:11 2016 +0000 captivectrl: Move sure that the settings are always initialised This just removes a compiler warning. Signed-off-by: Michael Tremer commit 5906c96206c934e55883390aa0f931b851b4a8b3 Author: Michael Tremer Date: Thu Feb 4 14:29:57 2016 +0000 wirelessctrl: Disable MAC filter on blue if captive portal is enabled Fixes #11038 Signed-off-by: Michael Tremer commit 0d6a599aba381244bd67de8bf6d6a7ed812cbe9e Author: Michael Tremer Date: Sun Jan 31 21:38:26 2016 +0000 captivectrl: Add missing space character The iptables argument list was botched. Oops. Sorry. Signed-off-by: Michael Tremer commit 0c24f0a9df0cee1c7c7e1cf804fe23856ea7bb6b Author: Michael Tremer Date: Sat Jan 30 14:46:55 2016 +0000 captivectrl: Support unlimited leases When the expiry time equals zero, the lease will have no time constraints. The IP address will also be removed as it might probably change. Signed-off-by: Michael Tremer commit 5fbeaf133312d0ca8e28b842f6eb7d31a172d8ab Author: Michael Tremer Date: Sat Jan 30 14:30:13 2016 +0000 captivectrl: Allow empty IP addresses Probably required for very long leases Signed-off-by: Michael Tremer commit 7ef66b6199e6215fd3b2b0fb42ec3e03ff1bddc7 Author: Michael Tremer Date: Sat Jan 30 13:55:44 2016 +0000 captivectrl: Change format of clients configuration We store the start of the lease now and the time in seconds after the lease expires Signed-off-by: Michael Tremer commit ee40139d9ad0f5b1f07c5735641e45ebb6bd573a Author: Michael Tremer Date: Thu Jan 28 14:24:07 2016 +0100 Captive Portal: add c-wrapper captivectrl This wrapper reads the captive settings and clients and sets the firewall access rules. It is called every time the config changed or everytime that a client changes. Also this wrapper is later called once hourly to flush the chains and rebuild rules for actual clients. Signed-off-by: Michael Tremer Signed-off-by: Alexander Marx ----------------------------------------------------------------------- hooks/post-receive -- IPFire 2.x development tree