* [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 7ea54fee01f1fa8c206dfaab20e434a545189a9a
@ 2018-06-18 14:10 git
0 siblings, 0 replies; only message in thread
From: git @ 2018-06-18 14:10 UTC (permalink / raw)
To: ipfire-scm
[-- Attachment #1: Type: text/plain, Size: 6530 bytes --]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
via 7ea54fee01f1fa8c206dfaab20e434a545189a9a (commit)
via 425465ede9a9206efb00aabd954373d780710366 (commit)
from 35db8d06fa7d0c625395c4051c659cfcdd48fabf (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 7ea54fee01f1fa8c206dfaab20e434a545189a9a
Author: Erik Kapfer <erik.kapfer(a)ipfire.org>
Date: Mon Jun 18 16:01:34 2018 +0200
ipset: Update to 6.38
Signed-off-by: Erik Kapfer <erik.kapfer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 425465ede9a9206efb00aabd954373d780710366
Author: Erik Kapfer <erik.kapfer(a)ipfire.org>
Date: Fri Jun 15 08:35:13 2018 +0200
OpenVPN: Valid til days is required with OpenVPN-2.4.x
Check has been integrated that the OpenSSL maximum of '999999' valid days can not be exceeded.
Check for needed entry in 'Valid til days' field has been integrated.
Asterisk for 'Valid til days' field has been set to mark it as required field.
Signed-off-by: Erik Kapfer <erik.kapfer(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
config/rootfiles/common/ipset | 5 +++--
html/cgi-bin/ovpnmain.cgi | 24 +++++++++++++++++++++---
lfs/ipset | 6 +++---
3 files changed, 27 insertions(+), 8 deletions(-)
Difference in files:
diff --git a/config/rootfiles/common/ipset b/config/rootfiles/common/ipset
index 50ebed59b..24f5e95f5 100644
--- a/config/rootfiles/common/ipset
+++ b/config/rootfiles/common/ipset
@@ -1,5 +1,6 @@
etc/ipset
#usr/include/libipset
+#usr/include/libipset/args.h
#usr/include/libipset/data.h
#usr/include/libipset/errcode.h
#usr/include/libipset/linux_ip_set.h
@@ -19,8 +20,8 @@ etc/ipset
#usr/include/libipset/utils.h
#usr/lib/libipset.la
#usr/lib/libipset.so
-usr/lib/libipset.so.3
-usr/lib/libipset.so.3.6.0
+usr/lib/libipset.so.11
+usr/lib/libipset.so.11.1.0
#usr/lib/pkgconfig/libipset.pc
usr/sbin/ipset
#usr/share/man/man8/ipset.8
diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index bf8c8bf2f..1c2a81002 100644
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -3980,6 +3980,16 @@ if ($cgiparams{'TYPE'} eq 'net') {
goto VPNCONF_ERROR;
}
+ # Check for N2N that OpenSSL maximum of valid days will not be exceeded
+ if ($cgiparams{'TYPE'} eq 'net') {
+ if ($cgiparams{'DAYS_VALID'} >= '999999') {
+ $errormessage = $Lang::tr{'invalid input for valid till days'};
+ unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
+ rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
+ goto VPNCONF_ERROR;
+ }
+ }
+
if ($cgiparams{'ENABLED'} !~ /^(on|off)$/) {
$errormessage = $Lang::tr{'invalid input'};
goto VPNCONF_ERROR;
@@ -4157,11 +4167,19 @@ if ($cgiparams{'TYPE'} eq 'net') {
$errormessage = $Lang::tr{'passwords do not match'};
goto VPNCONF_ERROR;
}
- if ($cgiparams{'DAYS_VALID'} ne '' && $cgiparams{'DAYS_VALID'} !~ /^[0-9]+$/) {
+ if ($cgiparams{'DAYS_VALID'} eq '' && $cgiparams{'DAYS_VALID'} !~ /^[0-9]+$/) {
$errormessage = $Lang::tr{'invalid input for valid till days'};
goto VPNCONF_ERROR;
}
+ # Check for RW that OpenSSL maximum of valid days will not be exceeded
+ if ($cgiparams{'TYPE'} eq 'host') {
+ if ($cgiparams{'DAYS_VALID'} >= '999999') {
+ $errormessage = $Lang::tr{'invalid input for valid till days'};
+ goto VPNCONF_ERROR;
+ }
+ }
+
# Replace empty strings with a .
(my $ou = $cgiparams{'CERT_OU'}) =~ s/^\s*$/\./;
(my $city = $cgiparams{'CERT_CITY'}) =~ s/^\s*$/\./;
@@ -4813,7 +4831,7 @@ END
if ($cgiparams{'TYPE'} eq 'host') {
print <<END;
</select></td></tr>
- <td> </td><td class='base'>$Lang::tr{'valid till'} (days):</td>
+ <td> </td><td class='base'>$Lang::tr{'valid till'} (days): <img src='/blob.gif' alt='*' /</td>
<td class='base' nowrap='nowrap'><input type='text' name='DAYS_VALID' value='$cgiparams{'DAYS_VALID'}' size='32' $cakeydisabled /></td></tr>
<tr><td> </td>
<td class='base'>$Lang::tr{'pkcs12 file password'}:</td>
@@ -4828,7 +4846,7 @@ END
}else{
print <<END;
</select></td></tr>
- <td> </td><td class='base'>$Lang::tr{'valid till'} (days):</td>
+ <td> </td><td class='base'>$Lang::tr{'valid till'} (days): <img src='/blob.gif' alt='*' /</td>
<td class='base' nowrap='nowrap'><input type='text' name='DAYS_VALID' value='$cgiparams{'DAYS_VALID'}' size='32' $cakeydisabled /></td></tr>
<tr><td> </td><td> </td><td> </td></tr>
<tr><td> </td><td> </td><td> </td></tr>
diff --git a/lfs/ipset b/lfs/ipset
index 7c43b308c..62d683d99 100644
--- a/lfs/ipset
+++ b/lfs/ipset
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2017 IPFire Team <info(a)ipfire.org> #
+# Copyright (C) 2018 IPFire Team <info(a)ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 6.32
+VER = 6.38
THISAPP = ipset-$(VER)
DL_FILE = $(THISAPP).tar.bz2
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 857a5c6a6d645196865a82bf6fd7f567
+$(DL_FILE)_MD5 = 0e5d9c85f6b78e7dff0c996e2900574b
install : $(TARGET)
hooks/post-receive
--
IPFire 2.x development tree
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2018-06-18 14:10 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-06-18 14:10 [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 7ea54fee01f1fa8c206dfaab20e434a545189a9a git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox