From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.haj.ipfire.org (localhost [IPv6:::1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4c2gqj0qy8z2xQd for ; Thu, 14 Aug 2025 10:06:09 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519) (Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4c2gqj0ZWFz2xLm for ; Thu, 14 Aug 2025 10:06:09 +0000 (UTC) Received: from people01.haj.ipfire.org (people01.haj.ipfire.org [172.28.1.161]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519) (Client CN "people01.haj.ipfire.org", Issuer "E5" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4c2gqh33Xbz7D for ; Thu, 14 Aug 2025 10:06:08 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1755165968; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc; bh=mBCZiSw/3TIluJzB3CrcMiGruS9yTL7FVQjPa5/CmEU=; b=EGX3p0W2L1+quJO7Txa6WE2gQDsPgRyUs0iHE6+ZGuGlDLNxjrtADC3tG+VGv/r9fQOONP uCYsK0frPK4CVCAw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1755165968; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc; bh=mBCZiSw/3TIluJzB3CrcMiGruS9yTL7FVQjPa5/CmEU=; b=IXY+MjXaUrlWIONSGnNLJNiIeuZCvc3bmOQcRg7haG691AALI1uSXPDEn6u/r7UXrl+QWw 1sp4FRN+l+WsdJkOydIRcOMbRmlsF1GkSJ6d9lv2n6Bdo8iLJk+RTyzC208JK/apzoGkBj /ELunD4UCs4BNvIou4U/93hUgut5SZiWpHlN9Ug4eD24ryWLV7wnK3YIqFOENGwXNXgJCE EwOU8NHxlCrK/et3mAEMrMYA4iQkBWGWrBMZek+xbP8x3AKOrsiR7qFq5HhR3G5P/5G/gl JBcTjpGNxePUkhZ1vqyvt5uPd7jXJZBFaU2He/xU6YWhkXv3qscW/qAvsD3JtQ== Received: by people01.haj.ipfire.org (Postfix, from userid 1000) id 4c2gqh2DMnz2xHR; Thu, 14 Aug 2025 10:06:08 +0000 (UTC) To: ipfire-scm@lists.ipfire.org Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 750377a96a2a380449d6612ddc2661cb782215ab X-Git-Refname: refs/heads/next X-Git-Reftype: branch X-Git-Oldrev: eefffac970c071a6626fbfb431e29387b14a1b46 X-Git-Newrev: 750377a96a2a380449d6612ddc2661cb782215ab Message-Id: <4c2gqh2DMnz2xHR@people01.haj.ipfire.org> Date: Thu, 14 Aug 2025 10:06:08 +0000 (UTC) From: Michael Tremer Precedence: list List-Id: List-Subscribe: , List-Unsubscribe: , List-Post: List-Help: Sender: Mail-Followup-To: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, next has been updated via 750377a96a2a380449d6612ddc2661cb782215ab (commit) via 8d611ffd0424ba20aac45f63f5bdaa398b4cb557 (commit) via 3e82d9990cbdd4b0f022e16aecec164008926717 (commit) via 4c0b4194ff24e4ddeb8a1311facfec71d2101a39 (commit) via 87e1047a08ca522f28807b3fde7a2f2faa75b733 (commit) via 1f200cb1c9ec0f4c9196d44f2f2c92d3403a8aae (commit) from eefffac970c071a6626fbfb431e29387b14a1b46 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 750377a96a2a380449d6612ddc2661cb782215ab Merge: eefffac97 8d611ffd0 Author: Michael Tremer Date: Thu Aug 14 10:06:01 2025 +0000 Merge branch 'master' into next ----------------------------------------------------------------------- Summary of changes: config/backup/backup.pl | 27 +-------------------------- config/rootfiles/oldcore/196/filelists/files | 1 + config/rootfiles/oldcore/197/update.sh | 27 +-------------------------- html/cgi-bin/ovpnmain.cgi | 10 ++++++++-- 4 files changed, 11 insertions(+), 54 deletions(-) Difference in files: diff --git a/config/backup/backup.pl b/config/backup/backup.pl index ed7a68455..c9bc14355 100644 --- a/config/backup/backup.pl +++ b/config/backup/backup.pl @@ -350,32 +350,7 @@ restore_backup() { fi # Update the OpenVPN configuration - sed -r \ - -e "s/^writepid .*/writepid \/var\/run\/openvpn-rw.pid/" \ - -e "/ncp-disable/d" \ - -e "s/^cipher (.*)/data-ciphers-fallback \1/" \ - -e "s/^status .*/status \/var\/run\/openvpn-rw.log/" \ - -i /var/ipfire/ovpn/server.conf - - # Change to the subnet topology - if ! grep -q "topology subnet" /var/ipfire/ovpn/server.conf; then - echo "topology subnet" >> /var/ipfire/ovpn/server.conf - fi - - # Migrate away from compression - if ! grep -q "compress migrate" /var/ipfire/ovpn/server.conf; then - echo "compress migrate" >> /var/ipfire/ovpn/server.conf - fi - - # Enable the legacy provider (just in case) - if ! grep -q "providers legacy default" /var/ipfire/ovpn/server.conf; then - echo "providers legacy default" >> /var/ipfire/ovpn/server.conf - fi - - # Enable explicit exit notification - if ! grep -q "explicit-exit-notify" /var/ipfire/ovpn/server.conf; then - echo "explicit-exit-notify" >> /var/ipfire/ovpn/server.conf - fi + sudo -u nobody /srv/web/ipfire/cgi-bin/ovpnmain.cgi return 0 } diff --git a/config/rootfiles/oldcore/196/filelists/files b/config/rootfiles/oldcore/196/filelists/files index e383a991d..a4be28a89 100644 --- a/config/rootfiles/oldcore/196/filelists/files +++ b/config/rootfiles/oldcore/196/filelists/files @@ -16,4 +16,5 @@ var/ipfire/graphs.pl var/ipfire/header.pl var/ipfire/ipblocklist-functions.pl var/ipfire/langs/list +var/ipfire/main/manualpages var/ipfire/wireguard-functions.pl diff --git a/config/rootfiles/oldcore/197/update.sh b/config/rootfiles/oldcore/197/update.sh index dc9149499..0fd5cc6f0 100644 --- a/config/rootfiles/oldcore/197/update.sh +++ b/config/rootfiles/oldcore/197/update.sh @@ -123,32 +123,7 @@ ldconfig /usr/local/bin/filesystem-cleanup # Update the OpenVPN configuration -sed -r \ - -e "s/^writepid .*/writepid \/var\/run\/openvpn-rw.pid/" \ - -e "/ncp-disable/d" \ - -e "s/^cipher (.*)/data-ciphers-fallback \1/" \ - -e "s/^status .*/status \/var\/run\/openvpn-rw.log/" \ - -i /var/ipfire/ovpn/server.conf - -# Change to the subnet topology -if ! grep -q "topology subnet" /var/ipfire/ovpn/server.conf; then - echo "topology subnet" >> /var/ipfire/ovpn/server.conf -fi - -# Migrate away from compression -if ! grep -q "compress migrate" /var/ipfire/ovpn/server.conf; then - echo "compress migrate" >> /var/ipfire/ovpn/server.conf -fi - -# Enable the legacy provider (just in case) -if ! grep -q "providers legacy default" /var/ipfire/ovpn/server.conf; then - echo "providers legacy default" >> /var/ipfire/ovpn/server.conf -fi - -# Enable explicit exit notification -if ! grep -q "explicit-exit-notify" /var/ipfire/ovpn/server.conf; then - echo "explicit-exit-notify" >> /var/ipfire/ovpn/server.conf -fi +sudo -u nobody /srv/web/ipfire/cgi-bin/ovpnmain.cgi # Apply SSH configuration /usr/local/bin/sshctrl diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index 1fe0978c6..83f9fdc02 100644 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -41,8 +41,8 @@ require "${General::swroot}/countries.pl"; require "${General::swroot}/location-functions.pl"; # enable only the following on debugging purpose -use warnings; -use CGI::Carp 'fatalsToBrowser'; +#use warnings; +#use CGI::Carp 'fatalsToBrowser'; my %mainsettings = (); &General::readhash("${General::swroot}/main/settings", \%mainsettings); @@ -1001,6 +1001,12 @@ sub openvpn_status($) { return $status; } +# Hook to regenerate the configuration files +if ($ENV{"REMOTE_ADDR"} eq "") { + &writeserverconf(); + exit(0); +} + ### ### Save Advanced options ### hooks/post-receive -- IPFire 2.x development tree