Menu
▾
▴
astlinux-commits — Commits to the AstLinux SVN repository
You can subscribe to this list here.
| 2006 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(6) |
Jul
(14) |
Aug
(156) |
Sep
(35) |
Oct
(48) |
Nov
(55) |
Dec
(16) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2007 |
Jan
(24) |
Feb
(154) |
Mar
(139) |
Apr
(175) |
May
(87) |
Jun
(34) |
Jul
(42) |
Aug
(68) |
Sep
(41) |
Oct
(76) |
Nov
(77) |
Dec
(50) |
| 2008 |
Jan
(98) |
Feb
(43) |
Mar
(102) |
Apr
(27) |
May
(55) |
Jun
(13) |
Jul
(58) |
Aug
(62) |
Sep
(61) |
Oct
(43) |
Nov
(87) |
Dec
(134) |
| 2009 |
Jan
(175) |
Feb
(106) |
Mar
(58) |
Apr
(41) |
May
(74) |
Jun
(123) |
Jul
(252) |
Aug
(192) |
Sep
(69) |
Oct
(38) |
Nov
(117) |
Dec
(95) |
| 2010 |
Jan
(146) |
Feb
(76) |
Mar
(90) |
Apr
(60) |
May
(23) |
Jun
(19) |
Jul
(208) |
Aug
(140) |
Sep
(103) |
Oct
(114) |
Nov
(50) |
Dec
(47) |
| 2011 |
Jan
(59) |
Feb
(47) |
Mar
(61) |
Apr
(58) |
May
(41) |
Jun
(11) |
Jul
(17) |
Aug
(49) |
Sep
(34) |
Oct
(166) |
Nov
(38) |
Dec
(70) |
| 2012 |
Jan
(87) |
Feb
(37) |
Mar
(28) |
Apr
(25) |
May
(29) |
Jun
(30) |
Jul
(43) |
Aug
(27) |
Sep
(46) |
Oct
(27) |
Nov
(51) |
Dec
(70) |
| 2013 |
Jan
(92) |
Feb
(34) |
Mar
(58) |
Apr
(37) |
May
(46) |
Jun
(9) |
Jul
(38) |
Aug
(22) |
Sep
(28) |
Oct
(42) |
Nov
(44) |
Dec
(34) |
| 2014 |
Jan
(63) |
Feb
(39) |
Mar
(48) |
Apr
(31) |
May
(21) |
Jun
(43) |
Jul
(36) |
Aug
(69) |
Sep
(53) |
Oct
(56) |
Nov
(46) |
Dec
(49) |
| 2015 |
Jan
(63) |
Feb
(35) |
Mar
(30) |
Apr
(38) |
May
(27) |
Jun
(42) |
Jul
(42) |
Aug
(63) |
Sep
(18) |
Oct
(45) |
Nov
(65) |
Dec
(71) |
| 2016 |
Jan
(54) |
Feb
(79) |
Mar
(59) |
Apr
(38) |
May
(32) |
Jun
(46) |
Jul
(42) |
Aug
(30) |
Sep
(58) |
Oct
(33) |
Nov
(98) |
Dec
(59) |
| 2017 |
Jan
(79) |
Feb
(12) |
Mar
(43) |
Apr
(32) |
May
(76) |
Jun
(59) |
Jul
(44) |
Aug
(14) |
Sep
|
Oct
|
Nov
|
Dec
|
|
From: <abe...@us...> - 2017-01-14 22:29:34
|
Revision: 8095
http://sourceforge.net/p/astlinux/code/8095
Author: abelbeck
Date: 2017-01-14 22:29:31 +0000 (Sat, 14 Jan 2017)
Log Message:
-----------
acme, build system, add /etc/acme symlink and keep dns_nsupdate.sh if BIND is enabled
Modified Paths:
--------------
branches/1.0/package/acme/acme.mk
Modified: branches/1.0/package/acme/acme.mk
===================================================================
--- branches/1.0/package/acme/acme.mk 2017-01-14 19:46:18 UTC (rev 8094)
+++ branches/1.0/package/acme/acme.mk 2017-01-14 22:29:31 UTC (rev 8095)
@@ -8,6 +8,8 @@
ACME_SOURCE = acme.sh-$(ACME_VERSION).tar.gz
ACME_SITE = http://files.astlinux-project.org
+ACME_REMOVE_TARGET_DNSAPI = dns_myapi.sh $(if $(BR2_PACKAGE_BIND),,dns_nsupdate.sh) README.md
+
##
## curl -L -o dl/acme.sh-2.6.5-2017-01-13.tar.gz https://github.com/Neilpang/acme.sh/archive/master.tar.gz
## ./scripts/upload-dl-pair dl/acme.sh-2.6.5-2017-01-13.tar.gz
@@ -18,14 +20,16 @@
$(INSTALL) -D -m 0755 package/acme/astlinux.sh $(TARGET_DIR)/stat/etc/acme/deploy/astlinux.sh
$(INSTALL) -D -m 0755 $(@D)/acme.sh $(TARGET_DIR)/stat/etc/acme/acme.sh
cp -a $(@D)/dnsapi $(TARGET_DIR)/stat/etc/acme/
+ ln -s /mnt/kd/acme $(TARGET_DIR)/etc/acme
+ # Remove non-required dnsapi files
+ rm -f $(addprefix $(TARGET_DIR)/stat/etc/acme/dnsapi/, $(ACME_REMOVE_TARGET_DNSAPI))
+ # Make sure the dnsapi scripts are executable
find $(TARGET_DIR)/stat/etc/acme/dnsapi/ -name '*.sh' -print0 | xargs -0 chmod 755
- # We don't enable BIND, so no nsupdate, and remove sample
- rm -f $(TARGET_DIR)/stat/etc/acme/dnsapi/dns_nsupdate.sh
- rm -f $(TARGET_DIR)/stat/etc/acme/dnsapi/dns_myapi.sh
endef
define ACME_UNINSTALL_TARGET_CMDS
rm -f $(TARGET_DIR)/usr/sbin/acme-client
+ rm -f $(TARGET_DIR)/etc/acme
rm -rf $(TARGET_DIR)/stat/etc/acme
endef
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-01-14 19:46:21
|
Revision: 8094
http://sourceforge.net/p/astlinux/code/8094
Author: abelbeck
Date: 2017-01-14 19:46:18 +0000 (Sat, 14 Jan 2017)
Log Message:
-----------
acme, add account.opts support, no longer write to account.conf, add rc.conf ACME_ACCOUNT_EMAIL variable
Modified Paths:
--------------
branches/1.0/package/acme/acme-client.sh
Modified: branches/1.0/package/acme/acme-client.sh
===================================================================
--- branches/1.0/package/acme/acme-client.sh 2017-01-14 16:23:16 UTC (rev 8093)
+++ branches/1.0/package/acme/acme-client.sh 2017-01-14 19:46:18 UTC (rev 8094)
@@ -8,7 +8,7 @@
ACME_WORKING_DIR="/mnt/kd/acme"
-export LE_WORKING_DIR="$ACME_WORKING_DIR"
+ACME_OPTS="--home $ACME_WORKING_DIR --useragent AstLinux"
LOCKFILE="/var/lock/acme-client.lock"
@@ -31,26 +31,41 @@
exit 9
fi
-gen_account_conf()
+add_account_opts()
{
- if [ -f "$ACME_WORKING_DIR/account.static" ]; then
- echo "# Autogenerated. Edit $ACME_WORKING_DIR/account.static file.
-"
- cat "$ACME_WORKING_DIR/account.static"
- return
- fi
+ local file="$1" line opt value IFS
- echo "# Autogenerated. Do not edit.
-# A manually generated acme.sh config will use $ACME_WORKING_DIR/account.static if it exists.
-"
- echo "USER_AGENT=\"AstLinux\""
+ IFS=$'\n'
+ for line in $(cat "$file" | sed -e 's/#.*//' -e 's/ *$//' -e '/^$/d'); do
+ opt="$(echo "$line" | awk -F' ' '/^[a-z]/ { print $1; }')"
+ value="$(echo "$line" | awk -F' ' '/^[a-z]/ { print $2; }')"
+ if [ -n "$opt" ]; then
+ if [ -n "$value" ]; then
+ ACME_OPTS="$ACME_OPTS --$opt $value"
+ else
+ ACME_OPTS="$ACME_OPTS --$opt"
+ fi
+ fi
+ done
}
+accountemail="$ACME_ACCOUNT_EMAIL"
+
+# Extract from possible <a@b.tld> format
+accountemail="${accountemail##*<}"
+accountemail="${accountemail%%>*}"
+
+if [ -n "$accountemail" ]; then
+ ACME_OPTS="$ACME_OPTS --accountemail $accountemail"
+fi
+
+if [ -f "$ACME_WORKING_DIR/account.opts" ]; then
+ add_account_opts "$ACME_WORKING_DIR/account.opts"
+fi
+
trap 'rm -f "$LOCKFILE"; exit $?' INT TERM EXIT
-gen_account_conf > "$ACME_WORKING_DIR/account.conf"
-
-$ACME_PROG "$@"
+$ACME_PROG $ACME_OPTS "$@"
rtn=$?
rm -f "$LOCKFILE"
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-01-14 16:23:18
|
Revision: 8093
http://sourceforge.net/p/astlinux/code/8093
Author: abelbeck
Date: 2017-01-14 16:23:16 +0000 (Sat, 14 Jan 2017)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2017-01-14 16:22:12 UTC (rev 8092)
+++ branches/1.0/docs/ChangeLog.txt 2017-01-14 16:23:16 UTC (rev 8093)
@@ -82,7 +82,7 @@
-- ipset, version bump to 6.30
--- lighttpd, version bump to 1.4.44
+-- lighttpd, version bump to 1.4.45
New rc.conf variable: HTTPSCHAIN, optional path to the CA file for support of chained certificates.
-- dnscrypt-proxy, version bump to 1.9.1
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-01-14 16:22:14
|
Revision: 8092
http://sourceforge.net/p/astlinux/code/8092
Author: abelbeck
Date: 2017-01-14 16:22:12 +0000 (Sat, 14 Jan 2017)
Log Message:
-----------
lighttpd, version bump to 1.4.45
Modified Paths:
--------------
branches/1.0/package/lighttpd/lighttpd.mk
Modified: branches/1.0/package/lighttpd/lighttpd.mk
===================================================================
--- branches/1.0/package/lighttpd/lighttpd.mk 2017-01-13 20:02:36 UTC (rev 8091)
+++ branches/1.0/package/lighttpd/lighttpd.mk 2017-01-14 16:22:12 UTC (rev 8092)
@@ -4,7 +4,7 @@
#
#############################################################
-LIGHTTPD_VERSION = 1.4.44
+LIGHTTPD_VERSION = 1.4.45
LIGHTTPD_SITE = http://download.lighttpd.net/lighttpd/releases-1.4.x
LIGHTTPD_DEPENDENCIES = host-pkg-config
LIGHTTPD_CONF_OPT = \
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-01-13 20:02:38
|
Revision: 8091
http://sourceforge.net/p/astlinux/code/8091
Author: abelbeck
Date: 2017-01-13 20:02:36 +0000 (Fri, 13 Jan 2017)
Log Message:
-----------
acme, new package, disabled, a work in progress. Thanks to David Kerr
Modified Paths:
--------------
branches/1.0/astlinux-ast11.config
branches/1.0/astlinux-ast13.config
branches/1.0/package/Config.in
branches/1.0/x86_64-configs/astlinux-ast11.config
branches/1.0/x86_64-configs/astlinux-ast13.config
Added Paths:
-----------
branches/1.0/package/acme/
branches/1.0/package/acme/Config.in
branches/1.0/package/acme/acme-client.sh
branches/1.0/package/acme/acme.mk
branches/1.0/package/acme/astlinux.sh
Modified: branches/1.0/astlinux-ast11.config
===================================================================
--- branches/1.0/astlinux-ast11.config 2017-01-11 18:14:34 UTC (rev 8090)
+++ branches/1.0/astlinux-ast11.config 2017-01-13 20:02:36 UTC (rev 8091)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot astlinux-1.x-svn8061-dirty Configuration
-# Mon Jan 2 10:45:16 2017
+# Buildroot astlinux-1.x-svn8090-dirty Configuration
+# Fri Jan 13 13:49:22 2017
#
BR2_HAVE_DOT_CONFIG=y
# BR2_arm is not set
@@ -517,6 +517,7 @@
#
# Crypto
#
+# BR2_PACKAGE_ACME is not set
# BR2_PACKAGE_BEECRYPT is not set
BR2_PACKAGE_CA_CERTIFICATES=y
# BR2_PACKAGE_GNUTLS is not set
Modified: branches/1.0/astlinux-ast13.config
===================================================================
--- branches/1.0/astlinux-ast13.config 2017-01-11 18:14:34 UTC (rev 8090)
+++ branches/1.0/astlinux-ast13.config 2017-01-13 20:02:36 UTC (rev 8091)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot astlinux-1.x-svn8061-dirty Configuration
-# Mon Jan 2 10:45:16 2017
+# Buildroot astlinux-1.x-svn8090-dirty Configuration
+# Fri Jan 13 13:49:24 2017
#
BR2_HAVE_DOT_CONFIG=y
# BR2_arm is not set
@@ -517,6 +517,7 @@
#
# Crypto
#
+# BR2_PACKAGE_ACME is not set
# BR2_PACKAGE_BEECRYPT is not set
BR2_PACKAGE_CA_CERTIFICATES=y
# BR2_PACKAGE_GNUTLS is not set
Modified: branches/1.0/package/Config.in
===================================================================
--- branches/1.0/package/Config.in 2017-01-11 18:14:34 UTC (rev 8090)
+++ branches/1.0/package/Config.in 2017-01-13 20:02:36 UTC (rev 8091)
@@ -286,6 +286,7 @@
endmenu
menu "Crypto"
+source "package/acme/Config.in"
source "package/beecrypt/Config.in"
source "package/ca-certificates/Config.in"
source "package/gnutls/Config.in"
Added: branches/1.0/package/acme/Config.in
===================================================================
--- branches/1.0/package/acme/Config.in (rev 0)
+++ branches/1.0/package/acme/Config.in 2017-01-13 20:02:36 UTC (rev 8091)
@@ -0,0 +1,7 @@
+config BR2_PACKAGE_ACME
+ bool "acme"
+ depends on BR2_PACKAGE_OPENSSL
+ help
+ An ACME (Automated Certificate Management Environment) protocol client
+
+ https://github.com/Neilpang/acme.sh
Added: branches/1.0/package/acme/acme-client.sh
===================================================================
--- branches/1.0/package/acme/acme-client.sh (rev 0)
+++ branches/1.0/package/acme/acme-client.sh 2017-01-13 20:02:36 UTC (rev 8091)
@@ -0,0 +1,59 @@
+#!/usr/bin/env bash
+
+. /etc/rc.conf
+
+ACME_REPO="/stat/etc/acme"
+
+ACME_PROG="$ACME_REPO/acme.sh"
+
+ACME_WORKING_DIR="/mnt/kd/acme"
+
+export LE_WORKING_DIR="$ACME_WORKING_DIR"
+
+LOCKFILE="/var/lock/acme-client.lock"
+
+if [ ! -x "$ACME_PROG" ]; then
+ echo "acme-client: executable file \"$ACME_PROG\" not found." >&2
+ exit 1
+fi
+
+if [ ! -d "$ACME_WORKING_DIR" ]; then
+ mkdir "$ACME_WORKING_DIR"
+fi
+
+if ! cd "$ACME_WORKING_DIR"; then
+ exit 1
+fi
+
+# Robust 'bash' method of creating/testing for a lockfile
+if ! ( set -o noclobber; echo "$$" > "$LOCKFILE" ) 2>/dev/null; then
+ echo "acme-client: already running, lockfile \"$LOCKFILE\" exists, process id: $(cat "$LOCKFILE")." >&2
+ exit 9
+fi
+
+gen_account_conf()
+{
+ if [ -f "$ACME_WORKING_DIR/account.static" ]; then
+ echo "# Autogenerated. Edit $ACME_WORKING_DIR/account.static file.
+"
+ cat "$ACME_WORKING_DIR/account.static"
+ return
+ fi
+
+ echo "# Autogenerated. Do not edit.
+# A manually generated acme.sh config will use $ACME_WORKING_DIR/account.static if it exists.
+"
+ echo "USER_AGENT=\"AstLinux\""
+}
+
+trap 'rm -f "$LOCKFILE"; exit $?' INT TERM EXIT
+
+gen_account_conf > "$ACME_WORKING_DIR/account.conf"
+
+$ACME_PROG "$@"
+rtn=$?
+
+rm -f "$LOCKFILE"
+trap - INT TERM EXIT
+
+exit $rtn
Property changes on: branches/1.0/package/acme/acme-client.sh
___________________________________________________________________
Added: svn:executable
## -0,0 +1 ##
+*
\ No newline at end of property
Added: branches/1.0/package/acme/acme.mk
===================================================================
--- branches/1.0/package/acme/acme.mk (rev 0)
+++ branches/1.0/package/acme/acme.mk 2017-01-13 20:02:36 UTC (rev 8091)
@@ -0,0 +1,32 @@
+################################################################################
+#
+# acme
+#
+################################################################################
+
+ACME_VERSION = 2.6.5-2017-01-13
+ACME_SOURCE = acme.sh-$(ACME_VERSION).tar.gz
+ACME_SITE = http://files.astlinux-project.org
+
+##
+## curl -L -o dl/acme.sh-2.6.5-2017-01-13.tar.gz https://github.com/Neilpang/acme.sh/archive/master.tar.gz
+## ./scripts/upload-dl-pair dl/acme.sh-2.6.5-2017-01-13.tar.gz
+##
+
+define ACME_INSTALL_TARGET_CMDS
+ $(INSTALL) -D -m 0755 package/acme/acme-client.sh $(TARGET_DIR)/usr/sbin/acme-client
+ $(INSTALL) -D -m 0755 package/acme/astlinux.sh $(TARGET_DIR)/stat/etc/acme/deploy/astlinux.sh
+ $(INSTALL) -D -m 0755 $(@D)/acme.sh $(TARGET_DIR)/stat/etc/acme/acme.sh
+ cp -a $(@D)/dnsapi $(TARGET_DIR)/stat/etc/acme/
+ find $(TARGET_DIR)/stat/etc/acme/dnsapi/ -name '*.sh' -print0 | xargs -0 chmod 755
+ # We don't enable BIND, so no nsupdate, and remove sample
+ rm -f $(TARGET_DIR)/stat/etc/acme/dnsapi/dns_nsupdate.sh
+ rm -f $(TARGET_DIR)/stat/etc/acme/dnsapi/dns_myapi.sh
+endef
+
+define ACME_UNINSTALL_TARGET_CMDS
+ rm -f $(TARGET_DIR)/usr/sbin/acme-client
+ rm -rf $(TARGET_DIR)/stat/etc/acme
+endef
+
+$(eval $(call GENTARGETS,package,acme))
Added: branches/1.0/package/acme/astlinux.sh
===================================================================
--- branches/1.0/package/acme/astlinux.sh (rev 0)
+++ branches/1.0/package/acme/astlinux.sh 2017-01-13 20:02:36 UTC (rev 8091)
@@ -0,0 +1,57 @@
+#!/usr/bin/env sh
+
+# acme.sh deploy script for AstLinux
+# This file name is "astlinux.sh"
+# So, here must be a method astlinux_deploy()
+# Which will be called by acme.sh to deploy the cert
+# returns 0 means success, otherwise error.
+
+. /etc/rc.conf
+
+######## Public functions #####################
+
+#domain keyfile certfile cafile fullchain
+astlinux_deploy() {
+ _cdomain="$1"
+ _ckey="$2"
+ _ccert="$3"
+ _cca="$4"
+ _cfullchain="$5"
+
+ _debug _cdomain "$_cdomain"
+ _debug _ckey "$_ckey"
+ _debug _ccert "$_ccert"
+ _debug _cca "$_cca"
+ _debug _cfullchain "$_cfullchain"
+
+ if [ -n "$HTTPSCERT" -a "$HTTPS_ACME" = "yes" ]; then
+ service lighttpd stop
+ cat "$_ckey" "$_ccert" > "$HTTPSCERT"
+ chmod 600 "$HTTPSCERT"
+ if [ -n "$HTTPSCHAIN" ]; then
+ if [ -f "$_cfullchain" ]; then
+ cat "$_cfullchain" > "$HTTPSCHAIN"
+ else
+ rm -f "$HTTPSCHAIN"
+ fi
+ fi
+ sleep 1
+ service lighttpd init
+ fi
+
+ if [ "$SIPTLSCERT_ACME" = "yes" ]; then
+# TODO. Not sure what the right files to use are. Need to test.
+# See..
+# https://web.johncook.uk/articles/computing/lets-encrypt-launch
+# https://www.jedwarddurrett.com/20160604162607.php
+
+ mkdir -p /mnt/kd/ssl/sip-tls/keys
+ cat "$_cfullchain" > /mnt/kd/ssl/sip-tls/keys/server.crt
+ cat "$_ckey" > /mnt/kd/ssl/sip-tls/keys/server.key
+ chmod 600 /mnt/kd/ssl/sip-tls/keys/server.key
+# How to tell Asterisk to reload certificate?
+# Hopefully just a reload (of just SIP or PJSIP?) and not a restart
+ fi
+
+ return 0
+}
Property changes on: branches/1.0/package/acme/astlinux.sh
___________________________________________________________________
Added: svn:executable
## -0,0 +1 ##
+*
\ No newline at end of property
Modified: branches/1.0/x86_64-configs/astlinux-ast11.config
===================================================================
--- branches/1.0/x86_64-configs/astlinux-ast11.config 2017-01-11 18:14:34 UTC (rev 8090)
+++ branches/1.0/x86_64-configs/astlinux-ast11.config 2017-01-13 20:02:36 UTC (rev 8091)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot astlinux-1.x-svn8061-dirty Configuration
-# Mon Jan 2 10:45:17 2017
+# Buildroot astlinux-1.x-svn8090-dirty Configuration
+# Fri Jan 13 13:49:27 2017
#
BR2_HAVE_DOT_CONFIG=y
BR2_ARCH_IS_64=y
@@ -498,6 +498,7 @@
#
# Crypto
#
+# BR2_PACKAGE_ACME is not set
# BR2_PACKAGE_BEECRYPT is not set
BR2_PACKAGE_CA_CERTIFICATES=y
# BR2_PACKAGE_GNUTLS is not set
Modified: branches/1.0/x86_64-configs/astlinux-ast13.config
===================================================================
--- branches/1.0/x86_64-configs/astlinux-ast13.config 2017-01-11 18:14:34 UTC (rev 8090)
+++ branches/1.0/x86_64-configs/astlinux-ast13.config 2017-01-13 20:02:36 UTC (rev 8091)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot astlinux-1.x-svn8061-dirty Configuration
-# Mon Jan 2 10:45:17 2017
+# Buildroot astlinux-1.x-svn8090-dirty Configuration
+# Fri Jan 13 13:49:29 2017
#
BR2_HAVE_DOT_CONFIG=y
BR2_ARCH_IS_64=y
@@ -498,6 +498,7 @@
#
# Crypto
#
+# BR2_PACKAGE_ACME is not set
# BR2_PACKAGE_BEECRYPT is not set
BR2_PACKAGE_CA_CERTIFICATES=y
# BR2_PACKAGE_GNUTLS is not set
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-01-11 18:14:36
|
Revision: 8090
http://sourceforge.net/p/astlinux/code/8090
Author: abelbeck
Date: 2017-01-11 18:14:34 +0000 (Wed, 11 Jan 2017)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2017-01-11 18:11:47 UTC (rev 8089)
+++ branches/1.0/docs/ChangeLog.txt 2017-01-11 18:14:34 UTC (rev 8090)
@@ -83,6 +83,7 @@
-- ipset, version bump to 6.30
-- lighttpd, version bump to 1.4.44
+ New rc.conf variable: HTTPSCHAIN, optional path to the CA file for support of chained certificates.
-- dnscrypt-proxy, version bump to 1.9.1
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-01-11 18:11:49
|
Revision: 8089
http://sourceforge.net/p/astlinux/code/8089
Author: abelbeck
Date: 2017-01-11 18:11:47 +0000 (Wed, 11 Jan 2017)
Log Message:
-----------
lighttpd, add rc.conf variable HTTPSCHAIN, path to the CA file for support of chained certificates
Modified Paths:
--------------
branches/1.0/package/lighttpd/lighttpd.conf
branches/1.0/package/lighttpd/lighttpd.init
branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf
Modified: branches/1.0/package/lighttpd/lighttpd.conf
===================================================================
--- branches/1.0/package/lighttpd/lighttpd.conf 2017-01-10 23:46:03 UTC (rev 8088)
+++ branches/1.0/package/lighttpd/lighttpd.conf 2017-01-11 18:11:47 UTC (rev 8089)
@@ -84,6 +84,7 @@
ssl.engine = "enable"
ssl.cipher-list = "aRSA+HIGH !3DES +kEDH +kRSA !kSRP !kPSK"
ssl.pemfile = "@HTTPSCERT@"
+ ssl.ca-file = "@HTTPSCHAIN@"
server.document-root = "/var/www"
accesslog.filename = "@HTTPS_ACCESSLOG@"
url.access-deny = ( "~", ".inc", ".htpasswd", ".htaccess"@HTTPSCGI@ )
@@ -101,6 +102,7 @@
@IPV6@ ssl.engine = "enable"
@IPV6@ ssl.cipher-list = "aRSA+HIGH !3DES +kEDH +kRSA !kSRP !kPSK"
@IPV6@ ssl.pemfile = "@HTTPSCERT@"
+@IPV6@ ssl.ca-file = "@HTTPSCHAIN@"
@IPV6@ server.document-root = "/var/www"
@IPV6@ accesslog.filename = "@HTTPS_ACCESSLOG@"
@IPV6@ url.access-deny = ( "~", ".inc", ".htpasswd", ".htaccess"@HTTPSCGI@ )
Modified: branches/1.0/package/lighttpd/lighttpd.init
===================================================================
--- branches/1.0/package/lighttpd/lighttpd.init 2017-01-10 23:46:03 UTC (rev 8088)
+++ branches/1.0/package/lighttpd/lighttpd.init 2017-01-11 18:11:47 UTC (rev 8089)
@@ -55,6 +55,11 @@
httpdir="/dev/null"
fi
httpscert="${HTTPSCERT:-/etc/ssl/default_https.pem}"
+ if [ -n "$HTTPSCHAIN" -a -f "$HTTPSCHAIN" ]; then
+ httpschain="$HTTPSCHAIN"
+ else
+ httpschain=""
+ fi
if [ "$HTTP_LISTING" = "no" ]; then
http_listing="disable"
else
@@ -144,6 +149,7 @@
sed -i -e "s|@HOSTNAME@|${HOSTNAME}|g" \
-e "s|@HTTPDIR@|${httpdir}|g" \
-e "s|@HTTPSCERT@|${httpscert}|g" \
+ -e "s|@HTTPSCHAIN@|${httpschain}|g" \
-e "s|@HTTP_LISTING@|${http_listing}|g" \
-e "s|@HTTPS_LISTING@|${https_listing}|g" \
-e "s|@HTTP_ACCESSLOG@|${http_accesslog}|g" \
Modified: branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf
===================================================================
--- branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf 2017-01-10 23:46:03 UTC (rev 8088)
+++ branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf 2017-01-11 18:11:47 UTC (rev 8089)
@@ -368,6 +368,7 @@
HTTPS_ACCESSLOG="no" # Enable access logging in /var/log/lighttpd/ssl-access.log
HTTPSCGI="yes" # Define yes|no to enable CGI
HTTPSCERT="/etc/ssl/default_https.pem" # Path to the https certificate
+HTTPSCHAIN="" # Path to the CA file for support of chained certificates
## HTTP Server
## If you set HTTPDIR, serve files from that directory.
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-01-10 23:46:05
|
Revision: 8088
http://sourceforge.net/p/astlinux/code/8088
Author: abelbeck
Date: 2017-01-10 23:46:03 +0000 (Tue, 10 Jan 2017)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2017-01-10 23:43:54 UTC (rev 8087)
+++ branches/1.0/docs/ChangeLog.txt 2017-01-10 23:46:03 UTC (rev 8088)
@@ -48,7 +48,7 @@
-- kexec, version bump to 2.0.14
--- nano, version bump to 2.7.3
+-- nano, version bump to 2.7.4
-- strace, version bump to 4.15
@@ -78,7 +78,7 @@
-- OpenVPN, major version bump to 2.4.0, new features include AEAD (GCM) cipher and Elliptic Curve DH key exchange support.
--- prosody, version bump to 0.9.11
+-- prosody, version bump to 0.9.12
-- ipset, version bump to 6.30
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-01-10 23:43:56
|
Revision: 8087
http://sourceforge.net/p/astlinux/code/8087
Author: abelbeck
Date: 2017-01-10 23:43:54 +0000 (Tue, 10 Jan 2017)
Log Message:
-----------
prosody, version bump to 0.9.12
Modified Paths:
--------------
branches/1.0/package/prosody/prosody.mk
Modified: branches/1.0/package/prosody/prosody.mk
===================================================================
--- branches/1.0/package/prosody/prosody.mk 2017-01-10 20:41:06 UTC (rev 8086)
+++ branches/1.0/package/prosody/prosody.mk 2017-01-10 23:43:54 UTC (rev 8087)
@@ -4,7 +4,7 @@
#
#############################################################
-PROSODY_VERSION = 0.9.11
+PROSODY_VERSION = 0.9.12
PROSODY_SOURCE = prosody-$(PROSODY_VERSION).tar.gz
PROSODY_SITE = http://prosody.im/downloads/source
PROSODY_DEPENDENCIES = lua libidn openssl luafilesystem luaexpat luasocket luasec
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-01-10 20:41:09
|
Revision: 8086
http://sourceforge.net/p/astlinux/code/8086
Author: abelbeck
Date: 2017-01-10 20:41:06 +0000 (Tue, 10 Jan 2017)
Log Message:
-----------
nano, version bump to 2.7.4
Modified Paths:
--------------
branches/1.0/package/nano/nano.mk
Modified: branches/1.0/package/nano/nano.mk
===================================================================
--- branches/1.0/package/nano/nano.mk 2017-01-07 17:36:42 UTC (rev 8085)
+++ branches/1.0/package/nano/nano.mk 2017-01-10 20:41:06 UTC (rev 8086)
@@ -4,7 +4,7 @@
#
#############################################################
-NANO_VERSION = 2.7.3
+NANO_VERSION = 2.7.4
NANO_SITE = http://www.nano-editor.org/dist/v2.7
NANO_MAKE_ENV = CURSES_LIB="-lncurses"
NANO_CONF_ENV = ac_cv_prog_NCURSESW_CONFIG=false
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-01-07 17:36:44
|
Revision: 8085
http://sourceforge.net/p/astlinux/code/8085
Author: abelbeck
Date: 2017-01-07 17:36:42 +0000 (Sat, 07 Jan 2017)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2017-01-07 17:35:37 UTC (rev 8084)
+++ branches/1.0/docs/ChangeLog.txt 2017-01-07 17:36:42 UTC (rev 8085)
@@ -23,7 +23,7 @@
-- php, version bump to 5.6.29
--- sqlite, version bump to 3.16.1
+-- sqlite, version bump to 3.16.2
-- sqliteodbc, version bump to 0.9995
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-01-07 17:35:40
|
Revision: 8084
http://sourceforge.net/p/astlinux/code/8084
Author: abelbeck
Date: 2017-01-07 17:35:37 +0000 (Sat, 07 Jan 2017)
Log Message:
-----------
sqlite, version bump to 3.16.2
Modified Paths:
--------------
branches/1.0/package/sqlite/sqlite.mk
Modified: branches/1.0/package/sqlite/sqlite.mk
===================================================================
--- branches/1.0/package/sqlite/sqlite.mk 2017-01-06 15:42:48 UTC (rev 8083)
+++ branches/1.0/package/sqlite/sqlite.mk 2017-01-07 17:35:37 UTC (rev 8084)
@@ -4,7 +4,7 @@
#
#############################################################
-SQLITE_VERSION = 3160100
+SQLITE_VERSION = 3160200
SQLITE_SOURCE = sqlite-autoconf-$(SQLITE_VERSION).tar.gz
SQLITE_SITE = http://www.sqlite.org/2017
SQLITE_INSTALL_STAGING = YES
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-01-06 15:42:50
|
Revision: 8083
http://sourceforge.net/p/astlinux/code/8083
Author: abelbeck
Date: 2017-01-06 15:42:48 +0000 (Fri, 06 Jan 2017)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2017-01-06 15:42:03 UTC (rev 8082)
+++ branches/1.0/docs/ChangeLog.txt 2017-01-06 15:42:48 UTC (rev 8083)
@@ -71,7 +71,7 @@
New rc.conf variables are: IPSEC_ALLOWED_ENDPOINTS and IPSEC_ALLOWED_VPN_NETS
More info: http://doc.astlinux-project.org/userdoc:tt_ipsec_vpn_strongswan
--- chrony, version 3.0-pre2, new package to replace 'ntpd' as the NTP daemon, NTPv4 client and server.
+-- chrony, version 3.0-pre3, new package to replace 'ntpd' as the NTP daemon, NTPv4 client and server.
Note: No configuration change for most users, though if you had a custom /mnt/kd/ntpd.conf file
you will have to generate a new /mnt/kd/chrony.conf file with similar but different syntax.
More info: http://doc.astlinux-project.org/userdoc:tt_ntp_client_server
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-01-06 15:42:05
|
Revision: 8082
http://sourceforge.net/p/astlinux/code/8082
Author: abelbeck
Date: 2017-01-06 15:42:03 +0000 (Fri, 06 Jan 2017)
Log Message:
-----------
chrony, the third and last prerelease for chrony-3.0
Modified Paths:
--------------
branches/1.0/package/chrony/chrony.mk
Modified: branches/1.0/package/chrony/chrony.mk
===================================================================
--- branches/1.0/package/chrony/chrony.mk 2017-01-05 16:54:56 UTC (rev 8081)
+++ branches/1.0/package/chrony/chrony.mk 2017-01-06 15:42:03 UTC (rev 8082)
@@ -4,7 +4,7 @@
#
################################################################################
-CHRONY_VERSION = 3.0-pre2
+CHRONY_VERSION = 3.0-pre3
CHRONY_SITE = http://download.tuxfamily.org/chrony
CHRONY_DEPENDENCIES = libcap
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-01-05 16:54:58
|
Revision: 8081
http://sourceforge.net/p/astlinux/code/8081
Author: abelbeck
Date: 2017-01-05 16:54:56 +0000 (Thu, 05 Jan 2017)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2017-01-05 16:49:50 UTC (rev 8080)
+++ branches/1.0/docs/ChangeLog.txt 2017-01-05 16:54:56 UTC (rev 8081)
@@ -110,6 +110,8 @@
-- arnofw (AIF), "adaptive-ban" plugin, asterisk filter, add chan_sip 'Not a local domain' regex and
chan_pjsip 'No matching endpoint found' regex.
+-- arnofw (AIF), add support for BLOCKED_HOST_LOG inbound/outbound selectively.
+
** Asterisk
-- Asterisk 11.25.1 (version bump) and 13.12.2 (version bump)
@@ -136,7 +138,9 @@
-- System tab, add View System Files: [ IPsec strongSwan log ]
+-- Firewall sub-tab, add "Log Denied attempts by a blocked host" inbound/outbound selectively.
+
Additions for AstLinux 1.2.8:
=============================
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-01-05 16:49:53
|
Revision: 8080
http://sourceforge.net/p/astlinux/code/8080
Author: abelbeck
Date: 2017-01-05 16:49:50 +0000 (Thu, 05 Jan 2017)
Log Message:
-----------
web interface, Firewall sub-tab, add 'Log Denied attempts by a blocked host' inbound/outbound selectively
Modified Paths:
--------------
branches/1.0/package/webinterface/altweb/admin/firewall.php
Modified: branches/1.0/package/webinterface/altweb/admin/firewall.php
===================================================================
--- branches/1.0/package/webinterface/altweb/admin/firewall.php 2017-01-05 14:38:12 UTC (rev 8079)
+++ branches/1.0/package/webinterface/altweb/admin/firewall.php 2017-01-05 16:49:50 UTC (rev 8080)
@@ -1,6 +1,6 @@
<?php
-// Copyright (C) 2008-2016 Lonnie Abelbeck
+// Copyright (C) 2008-2017 Lonnie Abelbeck
// This is free software, licensed under the GNU General Public License
// version 3 as published by the Free Software Foundation; you can
// redistribute it and/or modify it under the terms of the GNU
@@ -23,6 +23,7 @@
// 06-12-2016, Added "Pass LAN->LAN" action
// 07-10-2016, Added Deny LAN to DMZ for specified LAN Interfaces
// 09-14-2016, Added BLOCK_NETSET_DIR support
+// 01-05-2017, Added BLOCKED_HOST_LOG direction support
//
// System location of /mnt/kd/rc.conf.d directory
$FIREWALLCONFDIR = '/mnt/kd/rc.conf.d';
@@ -144,6 +145,13 @@
'1' => 'Deny DMZ->EXT'
);
+$log_blocked_label = array (
+ '0' => 'Disabled',
+ '1' => 'Inbound & Outbound',
+ '2' => 'Inbound only',
+ '3' => 'Outbound only'
+);
+
// Get arno firewall version
//$MY_VERSION = trim(shell_exec('grep -m1 \'^MY_VERSION=\' /usr/sbin/arno-iptables-firewall | sed -e \'s/MY_VERSION=//\' -e \'s/"//g\''));
//$arno_vers = (strncmp($MY_VERSION, '1.8.', 4) == 0) ? 18 : 19;
@@ -384,7 +392,7 @@
$value = 'BLOCK_NETSET_DIR="/mnt/kd/blocklists"';
fwrite($fp, $value."\n");
}
- $value = 'BLOCKED_HOST_LOG='.(isset($_POST['log_blocked']) ? '1' : '0');
+ $value = 'BLOCKED_HOST_LOG="'.$_POST['log_blocked'].'"';
fwrite($fp, $value."\n");
fwrite($fp, "### gui.firewall.conf - end ###\n");
@@ -1120,11 +1128,19 @@
putHtml('<tr class="dtrow1"><td width="75" style="text-align: right;">');
$sel = (getVARdef($vars, 'BLOCK_NETSET_DIR') === '/mnt/kd/blocklists') ? ' checked="checked"' : '';
putHtml('<input type="checkbox" value="block_netset_dir" name="block_netset_dir"'.$sel.' /></td><td>Block Host/CIDR using *.netset file(s) in the directory /mnt/kd/blocklists</td></tr>');
- putHtml('<tr class="dtrow1"><td style="text-align: right;">');
- $sel = (getVARdef($vars, 'BLOCKED_HOST_LOG') == 1) ? ' checked="checked"' : '';
- putHtml('<input type="checkbox" value="log_blocked" name="log_blocked"'.$sel.' /></td><td>Log Denied attempts by a blocked host</td></tr>');
+
+ putHtml('<tr class="dtrow1"><td width="75" style="text-align: right;"> </td><td>');
+ putHtml('Log Denied attempts by a blocked host:');
+ $log_blocked = getVARdef($vars, 'BLOCKED_HOST_LOG');
+ putHtml('<select name="log_blocked">');
+ foreach ($log_blocked_label as $key => $value) {
+ $sel = ($log_blocked == $key) ? ' selected="selected"' : '';
+ putHtml('<option value="'.$key.'"'.$sel.'>'.$value.'</option>');
+ }
+ putHtml('</select>');
+ putHtml('</td></tr>');
+
putHtml('</table>');
-
putHtml('</form>');
putHtml('</center></td></tr></table>');
putHtml('</center>');
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-01-05 14:38:14
|
Revision: 8079
http://sourceforge.net/p/astlinux/code/8079
Author: abelbeck
Date: 2017-01-05 14:38:12 +0000 (Thu, 05 Jan 2017)
Log Message:
-----------
arnofw, add upstream patch to selectively log blocked hosts by inbound and outbound direction
Added Paths:
-----------
branches/1.0/package/arnofw/arnofw-0001-HOST_BLOCK_SRC_DROP-HOST_BLOCK_DST_DROP.patch
Added: branches/1.0/package/arnofw/arnofw-0001-HOST_BLOCK_SRC_DROP-HOST_BLOCK_DST_DROP.patch
===================================================================
--- branches/1.0/package/arnofw/arnofw-0001-HOST_BLOCK_SRC_DROP-HOST_BLOCK_DST_DROP.patch (rev 0)
+++ branches/1.0/package/arnofw/arnofw-0001-HOST_BLOCK_SRC_DROP-HOST_BLOCK_DST_DROP.patch 2017-01-05 14:38:12 UTC (rev 8079)
@@ -0,0 +1,145 @@
+diff --git a/bin/arno-iptables-firewall b/bin/arno-iptables-firewall
+index 74ff982..fa872ab 100755
+--- a/bin/arno-iptables-firewall
++++ b/bin/arno-iptables-firewall
+@@ -886,12 +886,19 @@ setup_default_policies()
+ ###########################################################
+ iptables -A POST_INPUT_DROP_CHAIN -j DROP
+
+- # The HOST_BLOCK_DROP chain should always DROP
++ # The HOST_BLOCK_SRC_DROP chain should always DROP
+ ###########################################################
+- if [ "$BLOCKED_HOST_LOG" != "0" ]; then
+- iptables -A HOST_BLOCK_DROP -m limit --limit 1/m --limit-burst 1 -j LOG --log-level $LOGLEVEL --log-prefix "AIF:Blocked host(s): "
++ if [ "$BLOCKED_HOST_LOG" = "1" -o "$BLOCKED_HOST_LOG" = "2" ]; then
++ iptables -A HOST_BLOCK_SRC_DROP -m limit --limit 1/m --limit-burst 1 -j LOG --log-level $LOGLEVEL --log-prefix "AIF:Blocked host(s) Inbound: "
+ fi
+- iptables -A HOST_BLOCK_DROP -j DROP
++ iptables -A HOST_BLOCK_SRC_DROP -j DROP
++
++ # The HOST_BLOCK_DST_DROP chain should always DROP
++ ###########################################################
++ if [ "$BLOCKED_HOST_LOG" = "1" -o "$BLOCKED_HOST_LOG" = "3" ]; then
++ iptables -A HOST_BLOCK_DST_DROP -m limit --limit 1/m --limit-burst 1 -j LOG --log-level $LOGLEVEL --log-prefix "AIF:Blocked host(s) Outbound: "
++ fi
++ iptables -A HOST_BLOCK_DST_DROP -j DROP
+
+ # The LINK_LOCAL_DROP chain should always DROP
+ ###########################################################
+@@ -2734,8 +2741,12 @@ setup_ext_input_chain()
+
+ # Enable logging of blocked hosts?
+ ##################################
+- if [ "$BLOCKED_HOST_LOG" != "0" ]; then
+- echo " Logging of explicitly blocked hosts enabled"
++ if [ "$BLOCKED_HOST_LOG" = "1" ]; then
++ echo " Logging of explicitly blocked hosts inbound/outbound enabled"
++ elif [ "$BLOCKED_HOST_LOG" = "2" ]; then
++ echo " Logging of explicitly blocked hosts inbound enabled"
++ elif [ "$BLOCKED_HOST_LOG" = "3" ]; then
++ echo " Logging of explicitly blocked hosts outbound enabled"
+ else
+ echo " Logging of explicitly blocked hosts disabled"
+ fi
+@@ -4205,14 +4216,14 @@ setup_ipset_netset()
+ ipset create -exist ${set_name} hash:net family $family hashsize $hashsize maxelem $maxelem
+
+ if [ "$family" = "inet" ]; then
+- ip4tables -A HOST_BLOCK_SRC -m set --match-set ${set_name} src -j HOST_BLOCK_DROP
++ ip4tables -A HOST_BLOCK_SRC -m set --match-set ${set_name} src -j HOST_BLOCK_SRC_DROP
+ if [ "$BLOCK_HOSTS_BIDIRECTIONAL" != "0" ]; then
+- ip4tables -A HOST_BLOCK_DST -m set --match-set ${set_name} dst -j HOST_BLOCK_DROP
++ ip4tables -A HOST_BLOCK_DST -m set --match-set ${set_name} dst -j HOST_BLOCK_DST_DROP
+ fi
+ else
+- ip6tables -A HOST_BLOCK_SRC -m set --match-set ${set_name} src -j HOST_BLOCK_DROP
++ ip6tables -A HOST_BLOCK_SRC -m set --match-set ${set_name} src -j HOST_BLOCK_SRC_DROP
+ if [ "$BLOCK_HOSTS_BIDIRECTIONAL" != "0" ]; then
+- ip6tables -A HOST_BLOCK_DST -m set --match-set ${set_name} dst -j HOST_BLOCK_DROP
++ ip6tables -A HOST_BLOCK_DST -m set --match-set ${set_name} dst -j HOST_BLOCK_DST_DROP
+ fi
+ fi
+ done
+@@ -4378,16 +4389,16 @@ if ipset_check; then
+ if [ -n "$BLOCK_HOSTS" -o -n "$BLOCK_HOSTS_FILE" ]; then
+ ipset create -exist aif_blocklist hash:net family inet hashsize $hashsize maxelem $maxelem
+
+- ip4tables -A HOST_BLOCK_SRC -m set --match-set aif_blocklist src -j HOST_BLOCK_DROP
++ ip4tables -A HOST_BLOCK_SRC -m set --match-set aif_blocklist src -j HOST_BLOCK_SRC_DROP
+ if [ "$BLOCK_HOSTS_BIDIRECTIONAL" != "0" ]; then
+- ip4tables -A HOST_BLOCK_DST -m set --match-set aif_blocklist dst -j HOST_BLOCK_DROP
++ ip4tables -A HOST_BLOCK_DST -m set --match-set aif_blocklist dst -j HOST_BLOCK_DST_DROP
+ fi
+ if [ "$IPV6_SUPPORT" = "1" ]; then
+ ipset create -exist aif_blocklistv6 hash:net family inet6 hashsize $hashsize maxelem $maxelem
+
+- ip6tables -A HOST_BLOCK_SRC -m set --match-set aif_blocklistv6 src -j HOST_BLOCK_DROP
++ ip6tables -A HOST_BLOCK_SRC -m set --match-set aif_blocklistv6 src -j HOST_BLOCK_SRC_DROP
+ if [ "$BLOCK_HOSTS_BIDIRECTIONAL" != "0" ]; then
+- ip6tables -A HOST_BLOCK_DST -m set --match-set aif_blocklistv6 dst -j HOST_BLOCK_DROP
++ ip6tables -A HOST_BLOCK_DST -m set --match-set aif_blocklistv6 dst -j HOST_BLOCK_DST_DROP
+ fi
+ fi
+ fi
+@@ -4551,16 +4562,16 @@ else
+ get_numeric_ip_version "$host"
+ case $? in
+ 4)
+- ip4tables_batch -A HOST_BLOCK_SRC -s $host -j HOST_BLOCK_DROP
++ ip4tables_batch -A HOST_BLOCK_SRC -s $host -j HOST_BLOCK_SRC_DROP
+ if [ "$BLOCK_HOSTS_BIDIRECTIONAL" != "0" ]; then
+- ip4tables_batch -A HOST_BLOCK_DST -d $host -j HOST_BLOCK_DROP
++ ip4tables_batch -A HOST_BLOCK_DST -d $host -j HOST_BLOCK_DST_DROP
+ fi
+ ;;
+ 6)
+ if [ "$IPV6_SUPPORT" = "1" ]; then
+- ip6tables_batch -A HOST_BLOCK_SRC -s $host -j HOST_BLOCK_DROP
++ ip6tables_batch -A HOST_BLOCK_SRC -s $host -j HOST_BLOCK_SRC_DROP
+ if [ "$BLOCK_HOSTS_BIDIRECTIONAL" != "0" ]; then
+- ip6tables_batch -A HOST_BLOCK_DST -d $host -j HOST_BLOCK_DROP
++ ip6tables_batch -A HOST_BLOCK_DST -d $host -j HOST_BLOCK_DST_DROP
+ fi
+ fi
+ ;;
+@@ -4593,16 +4604,16 @@ else
+ get_numeric_ip_version "$host"
+ case $? in
+ 4)
+- ip4tables_batch -A HOST_BLOCK_SRC -s $host -j HOST_BLOCK_DROP
++ ip4tables_batch -A HOST_BLOCK_SRC -s $host -j HOST_BLOCK_SRC_DROP
+ if [ "$BLOCK_HOSTS_BIDIRECTIONAL" != "0" ]; then
+- ip4tables_batch -A HOST_BLOCK_DST -d $host -j HOST_BLOCK_DROP
++ ip4tables_batch -A HOST_BLOCK_DST -d $host -j HOST_BLOCK_DST_DROP
+ fi
+ ;;
+ 6)
+ if [ "$IPV6_SUPPORT" = "1" ]; then
+- ip6tables_batch -A HOST_BLOCK_SRC -s $host -j HOST_BLOCK_DROP
++ ip6tables_batch -A HOST_BLOCK_SRC -s $host -j HOST_BLOCK_SRC_DROP
+ if [ "$BLOCK_HOSTS_BIDIRECTIONAL" != "0" ]; then
+- ip6tables_batch -A HOST_BLOCK_DST -d $host -j HOST_BLOCK_DROP
++ ip6tables_batch -A HOST_BLOCK_DST -d $host -j HOST_BLOCK_DST_DROP
+ fi
+ fi
+ ;;
+@@ -5462,7 +5473,8 @@ create_user_chains()
+ # General chains
+ iptables -N HOST_BLOCK_SRC
+ iptables -N HOST_BLOCK_DST
+- iptables -N HOST_BLOCK_DROP
++ iptables -N HOST_BLOCK_SRC_DROP
++ iptables -N HOST_BLOCK_DST_DROP
+ iptables -N VALID_CHK
+ iptables -N RESERVED_NET_CHK
+ iptables -N SPOOF_CHK
+@@ -5516,7 +5528,8 @@ flush_user_chains()
+ # General chains
+ iptables -F HOST_BLOCK_SRC
+ iptables -F HOST_BLOCK_DST
+- iptables -F HOST_BLOCK_DROP
++ iptables -F HOST_BLOCK_SRC_DROP
++ iptables -F HOST_BLOCK_DST_DROP
+ iptables -F VALID_CHK
+ iptables -F RESERVED_NET_CHK
+ iptables -F SPOOF_CHK
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-01-04 21:54:47
|
Revision: 8078
http://sourceforge.net/p/astlinux/code/8078
Author: abelbeck
Date: 2017-01-04 21:54:45 +0000 (Wed, 04 Jan 2017)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2017-01-04 21:54:01 UTC (rev 8077)
+++ branches/1.0/docs/ChangeLog.txt 2017-01-04 21:54:45 UTC (rev 8078)
@@ -120,7 +120,7 @@
-- (Custom Build Only) wanpipe, version 7.0.20 (no change)
--- FOP2, available version bump to 2.31.06.
+-- FOP2, available version bump to 2.31.07.
Note: If you have a license, you may need to purchase an "Annual Software Maintenance" license if you upgrade.
More info: http://doc.astlinux-project.org/userdoc:tt_asterisk-fop2-upgrade
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-01-04 21:54:03
|
Revision: 8077
http://sourceforge.net/p/astlinux/code/8077
Author: abelbeck
Date: 2017-01-04 21:54:01 +0000 (Wed, 04 Jan 2017)
Log Message:
-----------
FOP2, version bump to 2.31.07
Modified Paths:
--------------
branches/1.0/package/asterisk-fop2/asterisk-fop2.mk
branches/1.0/project/astlinux/target_skeleton/usr/sbin/upgrade-package
Modified: branches/1.0/package/asterisk-fop2/asterisk-fop2.mk
===================================================================
--- branches/1.0/package/asterisk-fop2/asterisk-fop2.mk 2017-01-04 02:23:11 UTC (rev 8076)
+++ branches/1.0/package/asterisk-fop2/asterisk-fop2.mk 2017-01-04 21:54:01 UTC (rev 8077)
@@ -3,7 +3,7 @@
# asterisk-fop2
#
#############################################################
-ASTERISK_FOP2_VERSION = 2.31.06
+ASTERISK_FOP2_VERSION = 2.31.07
ASTERISK_FOP2_SOURCE = fop2-$(ASTERISK_FOP2_VERSION)-debian-i386.tgz
ASTERISK_FOP2_SITE = http://download2.fop2.com
# Note: be sure to edit "project/astlinux/target_skeleton/usr/sbin/upgrade-package" on version change
Modified: branches/1.0/project/astlinux/target_skeleton/usr/sbin/upgrade-package
===================================================================
--- branches/1.0/project/astlinux/target_skeleton/usr/sbin/upgrade-package 2017-01-04 02:23:11 UTC (rev 8076)
+++ branches/1.0/project/astlinux/target_skeleton/usr/sbin/upgrade-package 2017-01-04 21:54:01 UTC (rev 8077)
@@ -248,7 +248,7 @@
if ! RAM_needed_MB 475; then
finish $RED "Not enough RAM installed. Minimum: 512 MB, Recommended: 1024+ MB"
fi
- SRC_URL="https://files.astlinux-project.org/fop2-2.31.06-debian-$(uname -m | sed -e 's/i.86/i386/').tgz"
+ SRC_URL="https://files.astlinux-project.org/fop2-2.31.07-debian-$(uname -m | sed -e 's/i.86/i386/').tgz"
;;
show)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-01-04 02:23:13
|
Revision: 8076
http://sourceforge.net/p/astlinux/code/8076
Author: abelbeck
Date: 2017-01-04 02:23:11 +0000 (Wed, 04 Jan 2017)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2017-01-04 02:21:38 UTC (rev 8075)
+++ branches/1.0/docs/ChangeLog.txt 2017-01-04 02:23:11 UTC (rev 8076)
@@ -23,7 +23,7 @@
-- php, version bump to 5.6.29
--- sqlite, version bump to 3.16.0
+-- sqlite, version bump to 3.16.1
-- sqliteodbc, version bump to 0.9995
@@ -40,7 +40,7 @@
-- libedit, version 20160903-3.1, new package, commonly used instead of the somewhat bloated readline (no longer enabled).
Utilized by commands: asterisk -r, sqlite3, chronyc, sftp, bc
--- zlib, version bump to 1.2.9
+-- zlib, version bump to 1.2.10
-- lzo, version bump to 2.09
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-01-04 02:21:40
|
Revision: 8075
http://sourceforge.net/p/astlinux/code/8075
Author: abelbeck
Date: 2017-01-04 02:21:38 +0000 (Wed, 04 Jan 2017)
Log Message:
-----------
zlib, version bump to 1.2.10, fixes major bugs in 1.2.9
Ref: http://www.zlib.net
Modified Paths:
--------------
branches/1.0/package/zlib/zlib.mk
Modified: branches/1.0/package/zlib/zlib.mk
===================================================================
--- branches/1.0/package/zlib/zlib.mk 2017-01-04 02:16:28 UTC (rev 8074)
+++ branches/1.0/package/zlib/zlib.mk 2017-01-04 02:21:38 UTC (rev 8075)
@@ -3,7 +3,7 @@
# zlib
#
#############################################################
-ZLIB_VERSION = 1.2.9
+ZLIB_VERSION = 1.2.10
ZLIB_SOURCE = zlib-$(ZLIB_VERSION).tar.gz
ZLIB_SITE = http://downloads.sourceforge.net/project/libpng/zlib/$(ZLIB_VERSION)
ZLIB_INSTALL_STAGING = YES
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-01-04 02:16:31
|
Revision: 8074
http://sourceforge.net/p/astlinux/code/8074
Author: abelbeck
Date: 2017-01-04 02:16:28 +0000 (Wed, 04 Jan 2017)
Log Message:
-----------
sqlite, version bump to 3.16.1
Modified Paths:
--------------
branches/1.0/package/sqlite/sqlite.mk
Modified: branches/1.0/package/sqlite/sqlite.mk
===================================================================
--- branches/1.0/package/sqlite/sqlite.mk 2017-01-03 21:42:16 UTC (rev 8073)
+++ branches/1.0/package/sqlite/sqlite.mk 2017-01-04 02:16:28 UTC (rev 8074)
@@ -4,7 +4,7 @@
#
#############################################################
-SQLITE_VERSION = 3160000
+SQLITE_VERSION = 3160100
SQLITE_SOURCE = sqlite-autoconf-$(SQLITE_VERSION).tar.gz
SQLITE_SITE = http://www.sqlite.org/2017
SQLITE_INSTALL_STAGING = YES
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-01-03 21:42:18
|
Revision: 8073
http://sourceforge.net/p/astlinux/code/8073
Author: abelbeck
Date: 2017-01-03 21:42:16 +0000 (Tue, 03 Jan 2017)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2017-01-03 21:40:28 UTC (rev 8072)
+++ branches/1.0/docs/ChangeLog.txt 2017-01-03 21:42:16 UTC (rev 8073)
@@ -120,7 +120,7 @@
-- (Custom Build Only) wanpipe, version 7.0.20 (no change)
--- FOP2, available version bump to 2.31.05.
+-- FOP2, available version bump to 2.31.06.
Note: If you have a license, you may need to purchase an "Annual Software Maintenance" license if you upgrade.
More info: http://doc.astlinux-project.org/userdoc:tt_asterisk-fop2-upgrade
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-01-03 21:40:31
|
Revision: 8072
http://sourceforge.net/p/astlinux/code/8072
Author: abelbeck
Date: 2017-01-03 21:40:28 +0000 (Tue, 03 Jan 2017)
Log Message:
-----------
FOP2, version bump to 2.31.06
Modified Paths:
--------------
branches/1.0/package/asterisk-fop2/asterisk-fop2.mk
branches/1.0/project/astlinux/target_skeleton/usr/sbin/upgrade-package
Modified: branches/1.0/package/asterisk-fop2/asterisk-fop2.mk
===================================================================
--- branches/1.0/package/asterisk-fop2/asterisk-fop2.mk 2017-01-03 21:10:58 UTC (rev 8071)
+++ branches/1.0/package/asterisk-fop2/asterisk-fop2.mk 2017-01-03 21:40:28 UTC (rev 8072)
@@ -3,7 +3,7 @@
# asterisk-fop2
#
#############################################################
-ASTERISK_FOP2_VERSION = 2.31.05
+ASTERISK_FOP2_VERSION = 2.31.06
ASTERISK_FOP2_SOURCE = fop2-$(ASTERISK_FOP2_VERSION)-debian-i386.tgz
ASTERISK_FOP2_SITE = http://download2.fop2.com
# Note: be sure to edit "project/astlinux/target_skeleton/usr/sbin/upgrade-package" on version change
Modified: branches/1.0/project/astlinux/target_skeleton/usr/sbin/upgrade-package
===================================================================
--- branches/1.0/project/astlinux/target_skeleton/usr/sbin/upgrade-package 2017-01-03 21:10:58 UTC (rev 8071)
+++ branches/1.0/project/astlinux/target_skeleton/usr/sbin/upgrade-package 2017-01-03 21:40:28 UTC (rev 8072)
@@ -248,7 +248,7 @@
if ! RAM_needed_MB 475; then
finish $RED "Not enough RAM installed. Minimum: 512 MB, Recommended: 1024+ MB"
fi
- SRC_URL="https://files.astlinux-project.org/fop2-2.31.05-debian-$(uname -m | sed -e 's/i.86/i386/').tgz"
+ SRC_URL="https://files.astlinux-project.org/fop2-2.31.06-debian-$(uname -m | sed -e 's/i.86/i386/').tgz"
;;
show)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-01-03 21:11:00
|
Revision: 8071
http://sourceforge.net/p/astlinux/code/8071
Author: abelbeck
Date: 2017-01-03 21:10:58 +0000 (Tue, 03 Jan 2017)
Log Message:
-----------
web interface, Update Copyright to 2017, label OpenVPN cipher as 'Legacy Cipher:'
Modified Paths:
--------------
branches/1.0/package/webinterface/altweb/admin/openvpn.php
branches/1.0/package/webinterface/altweb/admin/openvpnclient.php
branches/1.0/package/webinterface/altweb/common/license-astlinux.txt
branches/1.0/package/webinterface/altweb/common/license-packages.txt
Modified: branches/1.0/package/webinterface/altweb/admin/openvpn.php
===================================================================
--- branches/1.0/package/webinterface/altweb/admin/openvpn.php 2017-01-03 15:42:51 UTC (rev 8070)
+++ branches/1.0/package/webinterface/altweb/admin/openvpn.php 2017-01-03 21:10:58 UTC (rev 8071)
@@ -1,6 +1,6 @@
<?php
-// Copyright (C) 2008-2013 Lonnie Abelbeck
+// Copyright (C) 2008-2017 Lonnie Abelbeck
// This is free software, licensed under the GNU General Public License
// version 3 as published by the Free Software Foundation; you can
// redistribute it and/or modify it under the terms of the GNU
@@ -644,7 +644,7 @@
putHtml('<option value="yes"'.$sel.'>Yes</option>');
putHtml('</select>');
putHtml('</td><td style="text-align: right;" colspan="1">');
- putHtml('Cipher:');
+ putHtml('Legacy Cipher:');
putHtml('</td><td style="text-align: left;" colspan="2">');
$cipher = getVARdef($db, 'OVPN_CIPHER');
putHtml('<select name="cipher_menu">');
Modified: branches/1.0/package/webinterface/altweb/admin/openvpnclient.php
===================================================================
--- branches/1.0/package/webinterface/altweb/admin/openvpnclient.php 2017-01-03 15:42:51 UTC (rev 8070)
+++ branches/1.0/package/webinterface/altweb/admin/openvpnclient.php 2017-01-03 21:10:58 UTC (rev 8071)
@@ -1,6 +1,6 @@
<?php
-// Copyright (C) 2008-2013 Lonnie Abelbeck
+// Copyright (C) 2008-2017 Lonnie Abelbeck
// This is free software, licensed under the GNU General Public License
// version 3 as published by the Free Software Foundation; you can
// redistribute it and/or modify it under the terms of the GNU
@@ -378,7 +378,7 @@
putHtml('<option value="yes"'.$sel.'>Yes</option>');
putHtml('</select>');
putHtml('</td><td style="text-align: right;" colspan="1">');
- putHtml('Cipher:');
+ putHtml('Legacy Cipher:');
putHtml('</td><td style="text-align: left;" colspan="2">');
$cipher = getVARdef($db, 'OVPNC_CIPHER');
putHtml('<select name="cipher_menu">');
Modified: branches/1.0/package/webinterface/altweb/common/license-astlinux.txt
===================================================================
--- branches/1.0/package/webinterface/altweb/common/license-astlinux.txt 2017-01-03 15:42:51 UTC (rev 8070)
+++ branches/1.0/package/webinterface/altweb/common/license-astlinux.txt 2017-01-03 21:10:58 UTC (rev 8071)
@@ -1,4 +1,4 @@
-AstLinux is Copyright (c) 2004-2016 by Kristian Kielhofner.
+AstLinux is Copyright (c) 2004-2017 by Kristian Kielhofner.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
Modified: branches/1.0/package/webinterface/altweb/common/license-packages.txt
===================================================================
--- branches/1.0/package/webinterface/altweb/common/license-packages.txt 2017-01-03 15:42:51 UTC (rev 8070)
+++ branches/1.0/package/webinterface/altweb/common/license-packages.txt 2017-01-03 21:10:58 UTC (rev 8071)
@@ -6,19 +6,19 @@
## 3) Lines beginning with a '#' are treated as comments
##
ex-vi~Copyright (c) 2001-2002 Caldera International Inc. All rights reserved.
-RUNNIX~Copyright (c) 2006-2016 Kristian Kielhofner, AstLinux Project.
+RUNNIX~Copyright (c) 2006-2017 Kristian Kielhofner, AstLinux Project.
libSRTP~Copyright (c) 2001-2016 Cisco Systems, Inc. All rights reserved.
iLBC CODEC~Copyright (c) 2011 The WebRTC project authors. All rights reserved.
-Web Interface~Copyright (c) 2008-2016 Lonnie Abelbeck.
+Web Interface~Copyright (c) 2008-2017 Lonnie Abelbeck.
shellinabox~Copyright (c) 2008-2015 Markus Gutschke, Luka Krajger.
-Asterisk~Copyright (c) 1999-2016 Digium, Inc.
+Asterisk~Copyright (c) 1999-2017 Digium, Inc.
DAHDI~Copyright (c) 2001-2015 Digium, Inc.
libPRI~Copyright (c) 2001-2015 Digium, Inc.
Arno's Firewall~Copyright (c) 2001-2016 Arno van Amersfoort.
dnsmasq~Copyright (c) 2000-2015 Simon Kelley.
OpenSSL~Copyright (c) 1998-2016 The OpenSSL Project. All rights reserved.
OpenSSH~Copyright (c) 1995-2015 Tatu Ylonen, Espoo, Finland. All rights reserved.
-OpenVPN~Copyright (c) 2002-2016 OpenVPN Technologies, Inc.
+OpenVPN~Copyright (c) 2002-2017 OpenVPN Technologies, Inc.
PHP~Copyright (c) 1999-2016 The PHP Group. All rights reserved.
vsftpd~Copyright (c) 2001-2015 Daniel Jacobowitz.
lighttpd~Copyright (c) 2004-2016 Jan Kneschke.
@@ -46,12 +46,12 @@
darkstat~Copyright (c) 2001-2015 Emil Mikulic, et al.
NUT~Copyright (c) 1999-2016 Russell Kroll, Arnaud Quette, et al.
iftop~Copyright (c) 2002-2014 Paul Warren, Chris Lightfoot, et al.
-dnscrypt-proxy~Copyright (c) 2011-2016 Frank Denis.
+dnscrypt-proxy~Copyright (c) 2011-2017 Frank Denis.
libsodium~Copyright (c) 2013-2016 Frank Denis.
phoneprov-tools~Copyright (c) 2015-2016 Lonnie Abelbeck and Michael Keuter.
smartmontools~Copyright (c) 2002-2016 Bruce Allen, Christian Franke, et al.
Monit~Copyright (c) 2001-2016 Tildeslash. All rights reserved.
-sqlite~Copyright (c) 1995-2016 SQLite Consortium.
+sqlite~Copyright (c) 1995-2017 SQLite Consortium.
sqliteodbc~Copyright (c) 2001-2016 Christian Werner.
Fossil~Copyright (c) 2007-2016 D. Richard Hipp. All rights reserved.
BusyBox~Copyright (c) 1998-2011 Erik Andersen, Rob Landley, Denys Vlasenko, et al.
@@ -63,4 +63,4 @@
Linux Kernel~Copyright (c) 1997-2016 The Linux Kernel Organization, Inc.; Linux is a Registered Trademark of Linus Torvalds.
whois~Copyright (c) 1999-2016 Marco d'Itri.
strongSwan~Copyright (c) 2006-2016 Andreas Steffen, Tobias Brunner, et al.
-chrony~Copyright (c) 1997-2016 Richard P. Curnow, Miroslav Lichvar.
+chrony~Copyright (c) 1997-2017 Richard P. Curnow, Miroslav Lichvar.
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
1 message has been excluded from this view by a project administrator.
