Menu
▾
▴
astlinux-commits — Commits to the AstLinux SVN repository
You can subscribe to this list here.
| 2006 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(6) |
Jul
(14) |
Aug
(156) |
Sep
(35) |
Oct
(48) |
Nov
(55) |
Dec
(16) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2007 |
Jan
(24) |
Feb
(154) |
Mar
(139) |
Apr
(175) |
May
(87) |
Jun
(34) |
Jul
(42) |
Aug
(68) |
Sep
(41) |
Oct
(76) |
Nov
(77) |
Dec
(50) |
| 2008 |
Jan
(98) |
Feb
(43) |
Mar
(102) |
Apr
(27) |
May
(55) |
Jun
(13) |
Jul
(58) |
Aug
(62) |
Sep
(61) |
Oct
(43) |
Nov
(87) |
Dec
(134) |
| 2009 |
Jan
(175) |
Feb
(106) |
Mar
(58) |
Apr
(41) |
May
(74) |
Jun
(123) |
Jul
(252) |
Aug
(192) |
Sep
(69) |
Oct
(38) |
Nov
(117) |
Dec
(95) |
| 2010 |
Jan
(146) |
Feb
(76) |
Mar
(90) |
Apr
(60) |
May
(23) |
Jun
(19) |
Jul
(208) |
Aug
(140) |
Sep
(103) |
Oct
(114) |
Nov
(50) |
Dec
(47) |
| 2011 |
Jan
(59) |
Feb
(47) |
Mar
(61) |
Apr
(58) |
May
(41) |
Jun
(11) |
Jul
(17) |
Aug
(49) |
Sep
(34) |
Oct
(166) |
Nov
(38) |
Dec
(70) |
| 2012 |
Jan
(87) |
Feb
(37) |
Mar
(28) |
Apr
(25) |
May
(29) |
Jun
(30) |
Jul
(43) |
Aug
(27) |
Sep
(46) |
Oct
(27) |
Nov
(51) |
Dec
(70) |
| 2013 |
Jan
(92) |
Feb
(34) |
Mar
(58) |
Apr
(37) |
May
(46) |
Jun
(9) |
Jul
(38) |
Aug
(22) |
Sep
(28) |
Oct
(42) |
Nov
(44) |
Dec
(34) |
| 2014 |
Jan
(63) |
Feb
(39) |
Mar
(48) |
Apr
(31) |
May
(21) |
Jun
(43) |
Jul
(36) |
Aug
(69) |
Sep
(53) |
Oct
(56) |
Nov
(46) |
Dec
(49) |
| 2015 |
Jan
(63) |
Feb
(35) |
Mar
(30) |
Apr
(38) |
May
(27) |
Jun
(42) |
Jul
(42) |
Aug
(63) |
Sep
(18) |
Oct
(45) |
Nov
(65) |
Dec
(71) |
| 2016 |
Jan
(54) |
Feb
(79) |
Mar
(59) |
Apr
(38) |
May
(32) |
Jun
(46) |
Jul
(42) |
Aug
(30) |
Sep
(58) |
Oct
(33) |
Nov
(98) |
Dec
(59) |
| 2017 |
Jan
(79) |
Feb
(12) |
Mar
(43) |
Apr
(32) |
May
(76) |
Jun
(59) |
Jul
(44) |
Aug
(14) |
Sep
|
Oct
|
Nov
|
Dec
|
|
From: <abe...@us...> - 2016-11-19 21:51:08
|
Revision: 7970
http://sourceforge.net/p/astlinux/code/7970
Author: abelbeck
Date: 2016-11-19 21:51:06 +0000 (Sat, 19 Nov 2016)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2016-11-19 17:58:51 UTC (rev 7969)
+++ branches/1.0/docs/ChangeLog.txt 2016-11-19 21:51:06 UTC (rev 7970)
@@ -43,6 +43,7 @@
CVE-2016-8619, CVE-2016-8620, CVE-2016-8621, CVE-2016-8622, CVE-2016-8623, CVE-2016-8624, CVE-2016-8625
-- strongSwan, version 5.5.1, new package, a more feature rich alternative for IPsec VPN support.
+ New rc.conf variables are: IPSEC_ALLOWED_ENDPOINTS and IPSEC_ALLOWED_VPN_NETS
More info: http://doc.astlinux.org/userdoc:tt_ipsec_vpn_strongswan
-- OpenVPN, version bump to 2.3.13
@@ -84,6 +85,7 @@
-- Network and Edit tab, add support for strongSwan IPsec VPN.
Note: "IPsec strongSwan" can only be enabled when "IPsec Peers" and "IPsec Mobile" are both disabled.
+ More info: http://doc.astlinux.org/userdoc:tt_ipsec_vpn_strongswan
-- Status tab, display "ipsec status" output in IPsec Associations (strongSwan).
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-19 17:58:54
|
Revision: 7969
http://sourceforge.net/p/astlinux/code/7969
Author: abelbeck
Date: 2016-11-19 17:58:51 +0000 (Sat, 19 Nov 2016)
Log Message:
-----------
web interface, Network tab, only show IPsec Configuration for strongSwan when files exist
Modified Paths:
--------------
branches/1.0/package/webinterface/altweb/admin/network.php
Modified: branches/1.0/package/webinterface/altweb/admin/network.php
===================================================================
--- branches/1.0/package/webinterface/altweb/admin/network.php 2016-11-19 16:43:34 UTC (rev 7968)
+++ branches/1.0/package/webinterface/altweb/admin/network.php 2016-11-19 17:58:51 UTC (rev 7969)
@@ -2001,7 +2001,8 @@
$sel = isVARtype('VPN', $db, $cur_db, 'openvpnclient') ? ' checked="checked"' : '';
putHtml('<input type="checkbox" value="openvpnclient" name="openvpnclient"'.$sel.' />');
putHtml('</td><td style="text-align: left;" colspan="5">');
- putHtml('OpenVPN Client –');
+ putHtml('OpenVPN Client');
+ putHtml('–');
putHtml('<input type="submit" value="OpenVPN Configuration" name="submit_edit_openvpnclient" class="button" />');
putHtml('</td></tr>');
@@ -2009,7 +2010,8 @@
$sel = isVARtype('VPN', $db, $cur_db, 'openvpn') ? ' checked="checked"' : '';
putHtml('<input type="checkbox" value="openvpn" name="openvpn"'.$sel.' />');
putHtml('</td><td style="text-align: left;" colspan="5">');
- putHtml('OpenVPN Server –');
+ putHtml('OpenVPN Server');
+ putHtml('–');
putHtml('<input type="submit" value="OpenVPN Configuration" name="submit_edit_openvpn" class="button" />');
putHtml('</td></tr>');
@@ -2017,7 +2019,8 @@
$sel = isVARtype('VPN', $db, $cur_db, 'racoon') ? ' checked="checked"' : '';
putHtml('<input type="checkbox" value="racoon" name="racoon"'.$sel.' />');
putHtml('</td><td style="text-align: left;" colspan="5">');
- putHtml('IPsec Peers –');
+ putHtml('IPsec Peers');
+ putHtml('–');
putHtml('<input type="submit" value="IPsec Configuration" name="submit_edit_racoon" class="button" />');
putHtml('</td></tr>');
@@ -2025,7 +2028,8 @@
$sel = isVARtype('VPN', $db, $cur_db, 'ipsecmobile') ? ' checked="checked"' : '';
putHtml('<input type="checkbox" value="ipsecmobile" name="ipsecmobile"'.$sel.' />');
putHtml('</td><td style="text-align: left;" colspan="5">');
- putHtml('IPsec Mobile –');
+ putHtml('IPsec Mobile');
+ putHtml('–');
putHtml('<input type="submit" value="IPsec Configuration" name="submit_edit_ipsecmobile" class="button" />');
putHtml('</td></tr>');
@@ -2034,8 +2038,11 @@
$sel = isVARtype('VPN', $db, $cur_db, 'ipsec') ? ' checked="checked"' : '';
putHtml('<input type="checkbox" value="ipsec" name="ipsec"'.$sel.' />');
putHtml('</td><td style="text-align: left;" colspan="5">');
- putHtml('IPsec strongSwan –');
- putHtml('<input type="submit" value="IPsec Configuration" name="submit_edit_ipsec" class="button" />');
+ putHtml('IPsec strongSwan');
+ if (is_writable('/mnt/kd/ipsec/strongswan/ipsec.conf')) {
+ putHtml('–');
+ putHtml('<input type="submit" value="IPsec Configuration" name="submit_edit_ipsec" class="button" />');
+ }
putHtml('</td></tr>');
}
@@ -2043,7 +2050,8 @@
$sel = isVARtype('VPN', $db, $cur_db, 'pptp') ? ' checked="checked"' : '';
putHtml('<input type="checkbox" value="pptp" name="pptp"'.$sel.' />');
putHtml('</td><td style="text-align: left;" colspan="5">');
- putHtml('PPTP Server –');
+ putHtml('PPTP Server');
+ putHtml('–');
putHtml('<input type="submit" value="PPTP Configuration" name="submit_edit_pptp" class="button" />');
putHtml('</td></tr>');
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-19 16:43:37
|
Revision: 7968
http://sourceforge.net/p/astlinux/code/7968
Author: abelbeck
Date: 2016-11-19 16:43:34 +0000 (Sat, 19 Nov 2016)
Log Message:
-----------
Add rc.conf comments related to strongSwan support
Modified Paths:
--------------
branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf
Modified: branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf
===================================================================
--- branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf 2016-11-19 15:20:05 UTC (rev 7967)
+++ branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf 2016-11-19 16:43:34 UTC (rev 7968)
@@ -599,11 +599,12 @@
#####################################################################
-## AstLinux supports five types of VPN's:
+## AstLinux supports many types of VPN's:
## openvpn (OpenVPN Server)
## openvpnclient (OpenVPN Client)
## racoon (ipsec w/static IP's)
## ipsecmobile (ipsec roadwarrior w/dynamic remote IP's)
+## ipsec (IPsec VPN using strongSwan, can not be mixed with racoon or ipsecmobile)
## pptp (PPTP VPN Server)
## Set your type here. If using multiple vpn types, space separate
## the values in the variable setting:
@@ -792,6 +793,14 @@
#IPSECM_CERT_DNSNAME="" # DNS name (or IP address) of public interface, required by iOS devices
##
+## strongSwan support - VPN above must include "ipsec"
+##
+## Note: strongSwan and racoon (racoon, ipsecmobile) can not be enabled at the same time.
+##
+#IPSEC_ALLOWED_ENDPOINTS="" # space separated list of IP addresses, defaults to any "0/0" endpoint
+#IPSEC_ALLOWED_VPN_NETS="" # space separated list of IPsec remote nets (CIDR notation), defaults to allow any remote network
+##
+
## PPTP VPN Server - VPN above must include "pptp"
##
## Note: Only use the PPTP VPN type when other VPN types are not supported by the desired client.
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-19 15:20:07
|
Revision: 7967
http://sourceforge.net/p/astlinux/code/7967
Author: abelbeck
Date: 2016-11-19 15:20:05 +0000 (Sat, 19 Nov 2016)
Log Message:
-----------
arnofw, for strongswan IPsec (VPN contains ipsec) add new rc.conf variables: IPSEC_ALLOWED_ENDPOINTS and IPSEC_ALLOWED_VPN_NETS
Modified Paths:
--------------
branches/1.0/package/arnofw/arnofw.serial
branches/1.0/package/arnofw/ipsec-vpn-astlinux.conf
Modified: branches/1.0/package/arnofw/arnofw.serial
===================================================================
--- branches/1.0/package/arnofw/arnofw.serial 2016-11-19 13:15:07 UTC (rev 7966)
+++ branches/1.0/package/arnofw/arnofw.serial 2016-11-19 15:20:05 UTC (rev 7967)
@@ -1 +1 @@
-0002~0029~0000~0000~0000~
+0002~0030~0000~0000~0000~
Modified: branches/1.0/package/arnofw/ipsec-vpn-astlinux.conf
===================================================================
--- branches/1.0/package/arnofw/ipsec-vpn-astlinux.conf 2016-11-19 13:15:07 UTC (rev 7966)
+++ branches/1.0/package/arnofw/ipsec-vpn-astlinux.conf 2016-11-19 15:20:05 UTC (rev 7967)
@@ -67,8 +67,8 @@
if [ $vpntype_ipsec -eq 1 ]; then
ENABLED=1
- IPSEC_ALLOWED_HOSTS="0/0"
- IPSEC_VPN_NETS=""
+ IPSEC_ALLOWED_HOSTS="${IPSEC_ALLOWED_ENDPOINTS:-0/0}"
+ IPSEC_VPN_NETS="$IPSEC_ALLOWED_VPN_NETS"
IPSEC_NAT_TRAVERSAL=1
fi
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-19 13:15:09
|
Revision: 7966
http://sourceforge.net/p/astlinux/code/7966
Author: abelbeck
Date: 2016-11-19 13:15:07 +0000 (Sat, 19 Nov 2016)
Log Message:
-----------
tiff, update website URL, Thanks Michael
Modified Paths:
--------------
branches/1.0/package/tiff/Config.in
Modified: branches/1.0/package/tiff/Config.in
===================================================================
--- branches/1.0/package/tiff/Config.in 2016-11-18 20:58:18 UTC (rev 7965)
+++ branches/1.0/package/tiff/Config.in 2016-11-19 13:15:07 UTC (rev 7966)
@@ -5,4 +5,4 @@
help
Library for handling TIFF (Tag Image File Format) images.
- http://www.libtiff.org/
+ http://simplesystems.org/libtiff/
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-18 20:58:21
|
Revision: 7965
http://sourceforge.net/p/astlinux/code/7965
Author: abelbeck
Date: 2016-11-18 20:58:18 +0000 (Fri, 18 Nov 2016)
Log Message:
-----------
strongswan, include the 'unity' plugin, if needed 'charon.cisco_unity=yes' must be added to /etc/strongswan.conf
Modified Paths:
--------------
branches/1.0/package/strongswan/strongswan.mk
Modified: branches/1.0/package/strongswan/strongswan.mk
===================================================================
--- branches/1.0/package/strongswan/strongswan.mk 2016-11-16 18:29:14 UTC (rev 7964)
+++ branches/1.0/package/strongswan/strongswan.mk 2016-11-18 20:58:18 UTC (rev 7965)
@@ -29,7 +29,7 @@
--enable-tnccs-dynamic=no \
--enable-xauth-generic=yes \
--enable-xauth-eap=yes \
- --enable-unity=no \
+ --enable-unity=yes \
--enable-stroke=yes \
--enable-sqlite=$(if $(BR2_PACKAGE_STRONGSWAN_SQLITE),yes,no) \
--enable-sql=$(if $(BR2_PACKAGE_STRONGSWAN_SQLITE),yes,no) \
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-16 18:29:17
|
Revision: 7964
http://sourceforge.net/p/astlinux/code/7964
Author: abelbeck
Date: 2016-11-16 18:29:14 +0000 (Wed, 16 Nov 2016)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2016-11-16 18:26:56 UTC (rev 7963)
+++ branches/1.0/docs/ChangeLog.txt 2016-11-16 18:29:14 UTC (rev 7964)
@@ -21,6 +21,8 @@
-- sqlite, version bump to 3.15.1
+-- Monit, version bump to 5.20.0
+
-- libxml2, security fixes: CVE-2016-5131, CVE-2016-4658
-- libusb, version bump to 1.0.21
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-16 18:26:59
|
Revision: 7963
http://sourceforge.net/p/astlinux/code/7963
Author: abelbeck
Date: 2016-11-16 18:26:56 +0000 (Wed, 16 Nov 2016)
Log Message:
-----------
monit, version bump to 5.20.0
Modified Paths:
--------------
branches/1.0/package/monit/monit-0001-no-force-static.patch
branches/1.0/package/monit/monit-0110-http-base-url.patch
branches/1.0/package/monit/monit-0120-style-sheet.patch
branches/1.0/package/monit/monit.mk
Added Paths:
-----------
branches/1.0/package/monit/monit-0100-localhost-sendmail-alert.patch
branches/1.0/package/monit/monit-0100-localhost-sendmail-spawn.patch
Removed Paths:
-------------
branches/1.0/package/monit/monit-0100-localhost-sendmail.patch
Modified: branches/1.0/package/monit/monit-0001-no-force-static.patch
===================================================================
--- branches/1.0/package/monit/monit-0001-no-force-static.patch 2016-11-15 19:22:06 UTC (rev 7962)
+++ branches/1.0/package/monit/monit-0001-no-force-static.patch 2016-11-16 18:26:56 UTC (rev 7963)
@@ -9,8 +9,8 @@
diff -durN monit-5.7.orig/Makefile.am monit-5.7/Makefile.am
--- monit-5.7.orig/Makefile.am 2014-02-20 09:00:42.000000000 +0100
+++ monit-5.7/Makefile.am 2014-09-05 12:49:43.711104001 +0200
-@@ -89,7 +89,7 @@
- src/ssl/Ssl.c
+@@ -91,7 +91,7 @@
+ src/terminal/Color.c
monit_LDADD = libmonit/libmonit.la
-monit_LDFLAGS = -static $(EXTLDFLAGS)
Added: branches/1.0/package/monit/monit-0100-localhost-sendmail-alert.patch
===================================================================
--- branches/1.0/package/monit/monit-0100-localhost-sendmail-alert.patch (rev 0)
+++ branches/1.0/package/monit/monit-0100-localhost-sendmail-alert.patch 2016-11-16 18:26:56 UTC (rev 7963)
@@ -0,0 +1,85 @@
+--- monit-5.20.0/src/alert.c.orig 2016-03-15 11:41:57.000000000 -0500
++++ monit-5.20.0/src/alert.c 2016-03-15 11:59:12.000000000 -0500
+@@ -202,6 +202,64 @@
+ }
+
+
++static FILE *_temp_file(char *tmpname)
++{
++ FILE *p = NULL;
++ int fd;
++
++ if ((fd = mkstemp(tmpname)) > -1) {
++ fchmod(fd, S_IRUSR | S_IWUSR);
++ if ((p = fdopen(fd, "w+")) == NULL) {
++ close(fd);
++ }
++ }
++ return p;
++}
++
++
++static boolean_t _sendmail_local(Mail_T mail) {
++ FILE *p;
++ const char *template = "/tmp/monitmail-XXXXXX";
++ const char *mailcmd = "/usr/sbin/sendmail -t";
++ char *tmpname = CALLOC(sizeof(char), strlen(template) + 1);
++ char *system_cmd = CALLOC(sizeof(char), STRLEN);
++ boolean_t failed = false;
++ extern void spawn_system_cmd(const char *cmd);
++
++ for (Mail_T m = mail; m; m = m->next) {
++ strcpy(tmpname, template);
++ if ((p = _temp_file(tmpname)) != NULL) {
++ if (m->from->name) {
++ fprintf(p, "From: \"%s\" <%s>\n", m->from->name, m->from->address);
++ } else {
++ fprintf(p, "From: %s\n", m->from->address);
++ }
++ if (m->replyto) {
++ if (m->replyto->name) {
++ fprintf(p, "Reply-To: \"%s\" <%s>\n", m->replyto->name, m->replyto->address);
++ } else {
++ fprintf(p, "Reply-To: %s\n", m->replyto->address);
++ }
++ }
++ fprintf(p, "To: %s\n", m->to);
++ fprintf(p, "Subject: %s\n", m->subject);
++ fprintf(p, "\n");
++ fprintf(p, "%s\n", m->message);
++ fclose(p);
++ snprintf(system_cmd, STRLEN, "( %s < %s ; rm -f %s ) &", mailcmd, tmpname, tmpname);
++ spawn_system_cmd(system_cmd);
++ } else {
++ failed = true;
++ LogError("Mail: Unable to launch '%s' (can't create temporary file)\n", mailcmd);
++ }
++ }
++
++ FREE(system_cmd);
++ FREE(tmpname);
++ return failed;
++}
++
++
+ static boolean_t _send(List_T list) {
+ boolean_t failed = false;
+ if (List_length(list)) {
+@@ -208,6 +266,17 @@
+ volatile Mail_T m = NULL;
+ volatile SMTP_T smtp = NULL;
+ volatile MailServer_T mta = NULL;
++
++ if (Run.mailservers && strcmp(Run.mailservers->host, "localhost") == 0) {
++ while ((m = List_pop(list))) {
++ if (_sendmail_local(m) == true) {
++ failed = true;
++ }
++ gc_mail_list((Mail_T *)&m);
++ }
++ return failed;
++ }
++
+ TRY
+ {
+ mta = _connectMTA();
Added: branches/1.0/package/monit/monit-0100-localhost-sendmail-spawn.patch
===================================================================
--- branches/1.0/package/monit/monit-0100-localhost-sendmail-spawn.patch (rev 0)
+++ branches/1.0/package/monit/monit-0100-localhost-sendmail-spawn.patch 2016-11-16 18:26:56 UTC (rev 7963)
@@ -0,0 +1,92 @@
+--- monit/src/spawn.c.orig 2014-12-13 12:50:23.000000000 -0600
++++ monit/src/spawn.c 2014-12-13 13:16:12.000000000 -0600
+@@ -271,3 +271,89 @@
+
+ }
+
++/**
++ * Execute the given command, like spawn() but for a single shell command
++ */
++void spawn_system_cmd(const char *cmd) {
++ pid_t pid;
++ sigset_t mask;
++ sigset_t save;
++ int stat_loc = 0;
++ int exit_status;
++
++ /*
++ * Block SIGCHLD
++ */
++ sigemptyset(&mask);
++ sigaddset(&mask, SIGCHLD);
++ pthread_sigmask(SIG_BLOCK, &mask, &save);
++
++ pid = fork();
++ if (pid < 0) {
++ LogError("Cannot fork a new process -- %s\n", STRERROR);
++ pthread_sigmask(SIG_SETMASK, &save, NULL);
++ return;
++ }
++
++ if (pid == 0) {
++
++ if (! (Run.flags & Run_Daemon)) {
++ for (int i = 0; i < 3; i++)
++ if (close(i) == -1 || open("/dev/null", O_RDWR) != i)
++ stat_loc |= redirect_ERROR;
++ }
++
++ Util_closeFds();
++
++ setsid();
++
++ pid = fork();
++ if (pid < 0) {
++ stat_loc |= fork_ERROR;
++ _exit(stat_loc);
++ }
++
++ if (pid == 0) {
++ /*
++ * Reset all signals, so the spawned process is *not* created
++ * with any inherited SIG_BLOCKs
++ */
++ sigemptyset(&mask);
++ pthread_sigmask(SIG_SETMASK, &mask, NULL);
++ signal(SIGINT, SIG_DFL);
++ signal(SIGHUP, SIG_DFL);
++ signal(SIGTERM, SIG_DFL);
++ signal(SIGUSR1, SIG_DFL);
++ signal(SIGPIPE, SIG_DFL);
++
++ (void) execl("/bin/sh", "/bin/sh", "-c", cmd, (char *) NULL);
++ _exit(errno);
++ }
++
++ /* Exit first child and return errors to parent */
++ _exit(stat_loc);
++ }
++
++ /* Wait for first child - aka second parent, to exit */
++ if (waitpid(pid, &stat_loc, 0) != pid) {
++ LogError("Waitpid error\n");
++ }
++
++ exit_status = WEXITSTATUS(stat_loc);
++ if (exit_status & fork_ERROR)
++ LogError("Cannot fork a new process for '%s'\n", cmd);
++ if (exit_status & redirect_ERROR)
++ LogError("Cannot redirect IO to /dev/null for '%s'\n", cmd);
++
++ /*
++ * Restore the signal mask
++ */
++ pthread_sigmask(SIG_SETMASK, &save, NULL);
++
++ /*
++ * We do not need to wait for the second child since we forked twice,
++ * the init system-process will wait for it. So we just return
++ */
++
++}
++
Deleted: branches/1.0/package/monit/monit-0100-localhost-sendmail.patch
===================================================================
--- branches/1.0/package/monit/monit-0100-localhost-sendmail.patch 2016-11-15 19:22:06 UTC (rev 7962)
+++ branches/1.0/package/monit/monit-0100-localhost-sendmail.patch 2016-11-16 18:26:56 UTC (rev 7963)
@@ -1,171 +0,0 @@
---- monit/src/spawn.c.orig 2014-12-13 12:50:23.000000000 -0600
-+++ monit/src/spawn.c 2014-12-13 13:16:12.000000000 -0600
-@@ -270,3 +270,89 @@
-
- }
-
-+/**
-+ * Execute the given command, like spawn() but for a single shell command
-+ */
-+void spawn_system_cmd(const char *cmd) {
-+ pid_t pid;
-+ sigset_t mask;
-+ sigset_t save;
-+ int stat_loc = 0;
-+ int exit_status;
-+
-+ /*
-+ * Block SIGCHLD
-+ */
-+ sigemptyset(&mask);
-+ sigaddset(&mask, SIGCHLD);
-+ pthread_sigmask(SIG_BLOCK, &mask, &save);
-+
-+ pid = fork();
-+ if (pid < 0) {
-+ LogError("Cannot fork a new process -- %s\n", STRERROR);
-+ pthread_sigmask(SIG_SETMASK, &save, NULL);
-+ return;
-+ }
-+
-+ if (pid == 0) {
-+
-+ if (! (Run.flags & Run_Daemon)) {
-+ for (int i = 0; i < 3; i++)
-+ if (close(i) == -1 || open("/dev/null", O_RDWR) != i)
-+ stat_loc |= redirect_ERROR;
-+ }
-+
-+ Util_closeFds();
-+
-+ setsid();
-+
-+ pid = fork();
-+ if (pid < 0) {
-+ stat_loc |= fork_ERROR;
-+ _exit(stat_loc);
-+ }
-+
-+ if (pid == 0) {
-+ /*
-+ * Reset all signals, so the spawned process is *not* created
-+ * with any inherited SIG_BLOCKs
-+ */
-+ sigemptyset(&mask);
-+ pthread_sigmask(SIG_SETMASK, &mask, NULL);
-+ signal(SIGINT, SIG_DFL);
-+ signal(SIGHUP, SIG_DFL);
-+ signal(SIGTERM, SIG_DFL);
-+ signal(SIGUSR1, SIG_DFL);
-+ signal(SIGPIPE, SIG_DFL);
-+
-+ (void) execl("/bin/sh", "/bin/sh", "-c", cmd, (char *) NULL);
-+ _exit(errno);
-+ }
-+
-+ /* Exit first child and return errors to parent */
-+ _exit(stat_loc);
-+ }
-+
-+ /* Wait for first child - aka second parent, to exit */
-+ if (waitpid(pid, &stat_loc, 0) != pid) {
-+ LogError("Waitpid error\n");
-+ }
-+
-+ exit_status = WEXITSTATUS(stat_loc);
-+ if (exit_status & fork_ERROR)
-+ LogError("Cannot fork a new process for '%s'\n", cmd);
-+ if (exit_status & redirect_ERROR)
-+ LogError("Cannot redirect IO to /dev/null for '%s'\n", cmd);
-+
-+ /*
-+ * Restore the signal mask
-+ */
-+ pthread_sigmask(SIG_SETMASK, &save, NULL);
-+
-+ /*
-+ * We do not need to wait for the second child since we forked twice,
-+ * the init system-process will wait for it. So we just return
-+ */
-+
-+}
-+
---- monit-5.17.1/src/alert.c.orig 2016-03-15 11:41:57.000000000 -0500
-+++ monit-5.17.1/src/alert.c 2016-03-15 11:59:12.000000000 -0500
-@@ -151,6 +151,64 @@
- }
-
-
-+static FILE *_temp_file(char *tmpname)
-+{
-+ FILE *p = NULL;
-+ int fd;
-+
-+ if ((fd = mkstemp(tmpname)) > -1) {
-+ fchmod(fd, S_IRUSR | S_IWUSR);
-+ if ((p = fdopen(fd, "w+")) == NULL) {
-+ close(fd);
-+ }
-+ }
-+ return p;
-+}
-+
-+
-+static boolean_t _sendmail_local(Mail_T mail) {
-+ FILE *p;
-+ const char *template = "/tmp/monitmail-XXXXXX";
-+ const char *mailcmd = "/usr/sbin/sendmail -t";
-+ char *tmpname = CALLOC(sizeof(char), strlen(template) + 1);
-+ char *system_cmd = CALLOC(sizeof(char), STRLEN);
-+ boolean_t failed = false;
-+ extern void spawn_system_cmd(const char *cmd);
-+
-+ for (Mail_T m = mail; m; m = m->next) {
-+ strcpy(tmpname, template);
-+ if ((p = _temp_file(tmpname)) != NULL) {
-+ if (m->from->name) {
-+ fprintf(p, "From: \"%s\" <%s>\n", m->from->name, m->from->address);
-+ } else {
-+ fprintf(p, "From: %s\n", m->from->address);
-+ }
-+ if (m->replyto) {
-+ if (m->replyto->name) {
-+ fprintf(p, "Reply-To: \"%s\" <%s>\n", m->replyto->name, m->replyto->address);
-+ } else {
-+ fprintf(p, "Reply-To: %s\n", m->replyto->address);
-+ }
-+ }
-+ fprintf(p, "To: %s\n", m->to);
-+ fprintf(p, "Subject: %s\n", m->subject);
-+ fprintf(p, "\n");
-+ fprintf(p, "%s\n", m->message);
-+ fclose(p);
-+ snprintf(system_cmd, STRLEN, "( %s < %s ; rm -f %s ) &", mailcmd, tmpname, tmpname);
-+ spawn_system_cmd(system_cmd);
-+ } else {
-+ failed = true;
-+ LogError("Mail: Unable to launch '%s' (can't create temporary file)\n", mailcmd);
-+ }
-+ }
-+
-+ FREE(system_cmd);
-+ FREE(tmpname);
-+ return failed;
-+}
-+
-+
- static boolean_t _sendMail(Mail_T mail) {
- ASSERT(mail);
- boolean_t failed = false;
-@@ -156,6 +156,11 @@
- boolean_t failed = false;
- volatile SMTP_T smtp = NULL;
- volatile MailServer_T mta = NULL;
-+
-+ if (Run.mailservers && strcmp(Run.mailservers->host, "localhost") == 0) {
-+ return _sendmail_local(mail);
-+ }
-+
- TRY
- {
- mta = _connectMTA();
Modified: branches/1.0/package/monit/monit-0110-http-base-url.patch
===================================================================
--- branches/1.0/package/monit/monit-0110-http-base-url.patch 2016-11-15 19:22:06 UTC (rev 7962)
+++ branches/1.0/package/monit/monit-0110-http-base-url.patch 2016-11-16 18:26:56 UTC (rev 7963)
@@ -9,7 +9,7 @@
#ifdef HAVE_STDIO_H
#include <stdio.h>
#endif
-@@ -531,6 +533,11 @@
+@@ -548,6 +550,11 @@
internal_error(S, SC_BAD_REQUEST, "[error] URL too long");
return NULL;
}
Modified: branches/1.0/package/monit/monit-0120-style-sheet.patch
===================================================================
--- branches/1.0/package/monit/monit-0120-style-sheet.patch 2016-11-15 19:22:06 UTC (rev 7962)
+++ branches/1.0/package/monit/monit-0120-style-sheet.patch 2016-11-16 18:26:56 UTC (rev 7963)
@@ -1,6 +1,6 @@
--- monit-5.10/src/http/cervlet.c.orig 2014-12-18 15:56:05.000000000 -0600
+++ monit-5.10/src/http/cervlet.c 2014-12-18 15:57:08.000000000 -0600
-@@ -322,10 +322,10 @@
+@@ -519,10 +519,10 @@
" a:hover {text-decoration: none;} "\
" a {text-decoration: underline;color:#222} "\
" table {border-collapse:collapse; border:0;} "\
@@ -14,8 +14,8 @@
+ " .green-text {color:#008000;} "\
" .gray-text {color:#999999;} "\
" .blue-text {color:#0000ff;} "\
- " .orange-text {color:#ff8800;} "\
-@@ -335,16 +335,16 @@
+ " .yellow-text {color:#ffff00;} "\
+@@ -533,16 +533,16 @@
" /*Opera Fix*/body:before {content:\"\";height:100%%;float:left;width:0;margin-top:-32767px;/} "\
" #footer {position: relative;margin-top: -50px; height: 50px; clear:both; font-size:11px;color:#777;text-align:center;} "\
" #footer a {color:#333;} #footer a:hover {text-decoration: none;} "\
Modified: branches/1.0/package/monit/monit.mk
===================================================================
--- branches/1.0/package/monit/monit.mk 2016-11-15 19:22:06 UTC (rev 7962)
+++ branches/1.0/package/monit/monit.mk 2016-11-16 18:26:56 UTC (rev 7963)
@@ -4,7 +4,7 @@
#
################################################################################
-MONIT_VERSION = 5.17.1
+MONIT_VERSION = 5.20.0
MONIT_SITE = https://mmonit.com/monit/dist
MONIT_DEPENDENCIES = host-bison host-flex
#
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-15 19:22:08
|
Revision: 7962
http://sourceforge.net/p/astlinux/code/7962
Author: abelbeck
Date: 2016-11-15 19:22:06 +0000 (Tue, 15 Nov 2016)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2016-11-15 19:08:44 UTC (rev 7961)
+++ branches/1.0/docs/ChangeLog.txt 2016-11-15 19:22:06 UTC (rev 7962)
@@ -40,6 +40,9 @@
-- libcurl (curl) version bump to 7.51.0, security fixes: CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618,
CVE-2016-8619, CVE-2016-8620, CVE-2016-8621, CVE-2016-8622, CVE-2016-8623, CVE-2016-8624, CVE-2016-8625
+-- strongSwan, version 5.5.1, new package, a more feature rich alternative for IPsec VPN support.
+ More info: http://doc.astlinux.org/userdoc:tt_ipsec_vpn_strongswan
+
-- OpenVPN, version bump to 2.3.13
-- prosody, version bump to 0.9.11
@@ -52,6 +55,10 @@
-- stunnel, version bump to 5.37
+-- shellinabox, version bump to 2.20
+
+-- msmtp, version bump to 1.6.6
+
-- iproute2 (ip, tc, bridge, etc.) version bump to version 3.16.0, now including the 'bridge' utility.
No longer use 'brctl' for managing bridge interfaces, instead use iproute2 tools.
@@ -73,9 +80,12 @@
** Web Interface
--- no change
+-- Network and Edit tab, add support for strongSwan IPsec VPN.
+ Note: "IPsec strongSwan" can only be enabled when "IPsec Peers" and "IPsec Mobile" are both disabled.
+-- Status tab, display "ipsec status" output in IPsec Associations (strongSwan).
+
Additions for AstLinux 1.2.8:
=============================
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-15 19:08:46
|
Revision: 7961
http://sourceforge.net/p/astlinux/code/7961
Author: abelbeck
Date: 2016-11-15 19:08:44 +0000 (Tue, 15 Nov 2016)
Log Message:
-----------
strongswan, enable package for default builds
Modified Paths:
--------------
branches/1.0/astlinux-ast11.config
branches/1.0/astlinux-ast13.config
branches/1.0/x86_64-configs/astlinux-ast11.config
branches/1.0/x86_64-configs/astlinux-ast13.config
Modified: branches/1.0/astlinux-ast11.config
===================================================================
--- branches/1.0/astlinux-ast11.config 2016-11-15 16:22:54 UTC (rev 7960)
+++ branches/1.0/astlinux-ast11.config 2016-11-15 19:08:44 UTC (rev 7961)
@@ -790,7 +790,12 @@
# BR2_PACKAGE_SOCAT is not set
# BR2_PACKAGE_SPAWN_FCGI is not set
# BR2_PACKAGE_SQUID is not set
-# BR2_PACKAGE_STRONGSWAN is not set
+BR2_PACKAGE_STRONGSWAN=y
+# BR2_PACKAGE_STRONGSWAN_AF_ALG is not set
+BR2_PACKAGE_STRONGSWAN_CHARON=y
+BR2_PACKAGE_STRONGSWAN_EAP=y
+# BR2_PACKAGE_STRONGSWAN_SQLITE is not set
+BR2_PACKAGE_STRONGSWAN_VICI=y
BR2_PACKAGE_STUNNEL=y
BR2_PACKAGE_TCPDUMP=y
# BR2_PACKAGE_TCPDUMP_SMB is not set
Modified: branches/1.0/astlinux-ast13.config
===================================================================
--- branches/1.0/astlinux-ast13.config 2016-11-15 16:22:54 UTC (rev 7960)
+++ branches/1.0/astlinux-ast13.config 2016-11-15 19:08:44 UTC (rev 7961)
@@ -790,7 +790,12 @@
# BR2_PACKAGE_SOCAT is not set
# BR2_PACKAGE_SPAWN_FCGI is not set
# BR2_PACKAGE_SQUID is not set
-# BR2_PACKAGE_STRONGSWAN is not set
+BR2_PACKAGE_STRONGSWAN=y
+# BR2_PACKAGE_STRONGSWAN_AF_ALG is not set
+BR2_PACKAGE_STRONGSWAN_CHARON=y
+BR2_PACKAGE_STRONGSWAN_EAP=y
+# BR2_PACKAGE_STRONGSWAN_SQLITE is not set
+BR2_PACKAGE_STRONGSWAN_VICI=y
BR2_PACKAGE_STUNNEL=y
BR2_PACKAGE_TCPDUMP=y
# BR2_PACKAGE_TCPDUMP_SMB is not set
Modified: branches/1.0/x86_64-configs/astlinux-ast11.config
===================================================================
--- branches/1.0/x86_64-configs/astlinux-ast11.config 2016-11-15 16:22:54 UTC (rev 7960)
+++ branches/1.0/x86_64-configs/astlinux-ast11.config 2016-11-15 19:08:44 UTC (rev 7961)
@@ -771,7 +771,12 @@
# BR2_PACKAGE_SOCAT is not set
# BR2_PACKAGE_SPAWN_FCGI is not set
# BR2_PACKAGE_SQUID is not set
-# BR2_PACKAGE_STRONGSWAN is not set
+BR2_PACKAGE_STRONGSWAN=y
+# BR2_PACKAGE_STRONGSWAN_AF_ALG is not set
+BR2_PACKAGE_STRONGSWAN_CHARON=y
+BR2_PACKAGE_STRONGSWAN_EAP=y
+# BR2_PACKAGE_STRONGSWAN_SQLITE is not set
+BR2_PACKAGE_STRONGSWAN_VICI=y
BR2_PACKAGE_STUNNEL=y
BR2_PACKAGE_TCPDUMP=y
# BR2_PACKAGE_TCPDUMP_SMB is not set
Modified: branches/1.0/x86_64-configs/astlinux-ast13.config
===================================================================
--- branches/1.0/x86_64-configs/astlinux-ast13.config 2016-11-15 16:22:54 UTC (rev 7960)
+++ branches/1.0/x86_64-configs/astlinux-ast13.config 2016-11-15 19:08:44 UTC (rev 7961)
@@ -771,7 +771,12 @@
# BR2_PACKAGE_SOCAT is not set
# BR2_PACKAGE_SPAWN_FCGI is not set
# BR2_PACKAGE_SQUID is not set
-# BR2_PACKAGE_STRONGSWAN is not set
+BR2_PACKAGE_STRONGSWAN=y
+# BR2_PACKAGE_STRONGSWAN_AF_ALG is not set
+BR2_PACKAGE_STRONGSWAN_CHARON=y
+BR2_PACKAGE_STRONGSWAN_EAP=y
+# BR2_PACKAGE_STRONGSWAN_SQLITE is not set
+BR2_PACKAGE_STRONGSWAN_VICI=y
BR2_PACKAGE_STUNNEL=y
BR2_PACKAGE_TCPDUMP=y
# BR2_PACKAGE_TCPDUMP_SMB is not set
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-15 16:22:56
|
Revision: 7960
http://sourceforge.net/p/astlinux/code/7960
Author: abelbeck
Date: 2016-11-15 16:22:54 +0000 (Tue, 15 Nov 2016)
Log Message:
-----------
shellinabox, version bump to 2.20
Modified Paths:
--------------
branches/1.0/package/shellinabox/shellinabox.mk
Modified: branches/1.0/package/shellinabox/shellinabox.mk
===================================================================
--- branches/1.0/package/shellinabox/shellinabox.mk 2016-11-15 15:49:40 UTC (rev 7959)
+++ branches/1.0/package/shellinabox/shellinabox.mk 2016-11-15 16:22:54 UTC (rev 7960)
@@ -3,7 +3,7 @@
# shellinabox
#
#############################################################
-SHELLINABOX_VERSION = 2.19
+SHELLINABOX_VERSION = 2.20
SHELLINABOX_SOURCE = shellinabox-$(SHELLINABOX_VERSION).tar.gz
#SHELLINABOX_SITE = https://github.com/shellinabox/shellinabox
SHELLINABOX_SITE = http://files.astlinux-project.org
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-15 15:49:42
|
Revision: 7959
http://sourceforge.net/p/astlinux/code/7959
Author: abelbeck
Date: 2016-11-15 15:49:40 +0000 (Tue, 15 Nov 2016)
Log Message:
-----------
msmtp, version bump to 1.6.6
Modified Paths:
--------------
branches/1.0/package/msmtp/msmtp.mk
Modified: branches/1.0/package/msmtp/msmtp.mk
===================================================================
--- branches/1.0/package/msmtp/msmtp.mk 2016-11-15 01:00:34 UTC (rev 7958)
+++ branches/1.0/package/msmtp/msmtp.mk 2016-11-15 15:49:40 UTC (rev 7959)
@@ -4,7 +4,7 @@
#
#############################################################
-MSMTP_VERSION = 1.6.5
+MSMTP_VERSION = 1.6.6
MSMTP_SOURCE = msmtp-$(MSMTP_VERSION).tar.xz
MSMTP_SITE = http://downloads.sourceforge.net/project/msmtp/msmtp/$(MSMTP_VERSION)
MSMTP_DEPENDENCIES = openssl
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-15 01:00:37
|
Revision: 7958
http://sourceforge.net/p/astlinux/code/7958
Author: abelbeck
Date: 2016-11-15 01:00:34 +0000 (Tue, 15 Nov 2016)
Log Message:
-----------
web interface, add IPsec strongSwan support
Modified Paths:
--------------
branches/1.0/package/webinterface/altweb/admin/edit.php
branches/1.0/package/webinterface/altweb/admin/network.php
branches/1.0/package/webinterface/altweb/common/functions.php
branches/1.0/package/webinterface/altweb/common/license-packages.txt
branches/1.0/package/webinterface/altweb/common/status.inc
Modified: branches/1.0/package/webinterface/altweb/admin/edit.php
===================================================================
--- branches/1.0/package/webinterface/altweb/admin/edit.php 2016-11-15 00:44:52 UTC (rev 7957)
+++ branches/1.0/package/webinterface/altweb/admin/edit.php 2016-11-15 01:00:34 UTC (rev 7958)
@@ -13,6 +13,7 @@
// 09-06-2013, Added Shortcut support
// 06-07-2016, Added Avahi mDNS/DNS-SD support
// 09-21-2016, Added Reload Firewall Blocklist
+// 11-14-2016, Added IPsec strongSwan support
//
$myself = $_SERVER['PHP_SELF'];
@@ -29,6 +30,7 @@
'openvpn' => 'Restart OpenVPN Server',
'openvpnclient' => 'Restart OpenVPN Client',
'racoon' => 'Restart IPsec VPN',
+ 'ipsec' => 'Restart IPsec strongSwan',
'pptpd' => 'Restart PPTP VPN Server',
'fossil' => 'Restart Fossil Server',
'ldap' => 'Reload LDAP Client',
@@ -262,6 +264,8 @@
$result = restartPROCESS($process, 47, $result, 'init');
} elseif ($process === 'avahi') {
$result = restartPROCESS($process, 48, $result, 'init');
+ } elseif ($process === 'ipsec') {
+ $result = restartPROCESS($process, 49, $result, 'init');
} elseif ($process === 'IPTABLES') {
$result = restartPROCESS('iptables', 66, $result, 'reload');
} elseif ($process === 'cron') {
@@ -301,6 +305,7 @@
$dir === '/mnt/kd/dahdi' ||
$dir === '/mnt/kd/openvpn' ||
$dir === '/mnt/kd/openvpn/ccd' ||
+ $dir === '/mnt/kd/ipsec/strongswan' ||
$dir === '/mnt/kd/rc.conf.d' ||
$dir === '/mnt/kd/crontabs' ||
$dir === '/mnt/kd/snmp' ||
@@ -405,6 +410,8 @@
putHtml('<p style="color: green;">Fossil Server'.statusPROCESS('fossil').'.</p>');
} elseif ($result == 48) {
putHtml('<p style="color: green;">mDNS/DNS-SD (Avahi)'.statusPROCESS('avahi').'.</p>');
+ } elseif ($result == 49) {
+ putHtml('<p style="color: green;">IPsec VPN (strongSwan)'.statusPROCESS('ipsec').'.</p>');
} elseif ($result == 66) {
putHtml('<p style="color: green;">Firewall Blocklist has been Reloaded.</p>');
} elseif ($result == 99) {
@@ -587,6 +594,16 @@
}
putHtml('</optgroup>');
}
+ if (is_dir('/mnt/kd/ipsec/strongswan') && count($globfiles = glob('/mnt/kd/ipsec/strongswan/*')) > 0) {
+ putHtml('<optgroup label="———— IPsec strongSwan Configs ————">');
+ foreach ($globfiles as $globfile) {
+ if (is_file($globfile) && is_writable($globfile)) {
+ $sel = ($globfile === $openfile) ? ' selected="selected"' : '';
+ putHtml('<option value="'.$globfile.'"'.$sel.'>'.basename($globfile).' - IPsec strongSwan Config</option>');
+ }
+ }
+ putHtml('</optgroup>');
+ }
if (is_dir('/mnt/kd/avahi') && count($globfiles = glob('/mnt/kd/avahi/*')) > 0) {
putHtml('<optgroup label="———— Avahi mDNS/DNS-SD Configs ————">');
foreach ($globfiles as $globfile) {
Modified: branches/1.0/package/webinterface/altweb/admin/network.php
===================================================================
--- branches/1.0/package/webinterface/altweb/admin/network.php 2016-11-15 00:44:52 UTC (rev 7957)
+++ branches/1.0/package/webinterface/altweb/admin/network.php 2016-11-15 01:00:34 UTC (rev 7958)
@@ -39,6 +39,7 @@
// 11-01-2015, Added DHCPv6 support
// 06-07-2016, Added Avahi mDNS/DNS-SD support
// 07-15-2016, Added 4th LAN Interface
+// 11-14-2016, Added IPsec strongSwan support
//
// System location of rc.conf file
$CONFFILE = '/etc/rc.conf';
@@ -583,12 +584,15 @@
if (isset($_POST['openvpnclient'])) {
$x_value .= ' openvpnclient';
}
- if (isset($_POST['ipsec'])) {
+ if (isset($_POST['racoon'])) {
$x_value .= ' racoon';
}
if (isset($_POST['ipsecmobile'])) {
$x_value .= ' ipsecmobile';
}
+ if (isset($_POST['ipsec']) && ! isset($_POST['racoon']) && ! isset($_POST['ipsecmobile'])) {
+ $x_value .= ' ipsec';
+ }
if (isset($_POST['pptp'])) {
$x_value .= ' pptp';
}
@@ -1002,7 +1006,7 @@
header('Location: /admin/edit.php?file='.$file);
exit;
}
- } elseif (isset($_POST['submit_edit_ipsec'])) {
+ } elseif (isset($_POST['submit_edit_racoon'])) {
$result = saveNETWORKsettings($NETCONFDIR, $NETCONFFILE);
header('Location: /admin/ipsec.php');
exit;
@@ -1010,6 +1014,12 @@
$result = saveNETWORKsettings($NETCONFDIR, $NETCONFFILE);
header('Location: /admin/ipsecmobile.php');
exit;
+ } elseif (isset($_POST['submit_edit_ipsec'])) {
+ $result = saveNETWORKsettings($NETCONFDIR, $NETCONFFILE);
+ if (is_writable($file = '/mnt/kd/ipsec/strongswan/ipsec.conf')) {
+ header('Location: /admin/edit.php?file='.$file);
+ exit;
+ }
} elseif (isset($_POST['submit_edit_pptp'])) {
$result = saveNETWORKsettings($NETCONFDIR, $NETCONFFILE);
header('Location: /admin/pptp.php');
@@ -1115,6 +1125,8 @@
$result = restartPROCESS($process, 47, $result, 'init');
} elseif ($process === 'avahi') {
$result = restartPROCESS($process, 48, $result, 'init');
+ } elseif ($process === 'ipsec') {
+ $result = restartPROCESS($process, 49, $result, 'init');
}
} else {
$result = 2;
@@ -1207,6 +1219,8 @@
putHtml('<p style="color: green;">Fossil Server'.statusPROCESS('fossil').'.</p>');
} elseif ($result == 48) {
putHtml('<p style="color: green;">mDNS/DNS-SD (Avahi)'.statusPROCESS('avahi').'.</p>');
+ } elseif ($result == 49) {
+ putHtml('<p style="color: green;">IPsec VPN (strongSwan)'.statusPROCESS('ipsec').'.</p>');
} elseif ($result == 99) {
putHtml('<p style="color: red;">Action Failed.</p>');
} elseif ($result == 100) {
@@ -1280,6 +1294,8 @@
putHtml('<option value="openvpnclient"'.$sel.'>Restart OpenVPN Client</option>');
$sel = ($reboot_restart === 'racoon') ? ' selected="selected"' : '';
putHtml('<option value="racoon"'.$sel.'>Restart IPsec VPN</option>');
+ $sel = ($reboot_restart === 'ipsec') ? ' selected="selected"' : '';
+ putHtml('<option value="ipsec"'.$sel.'>Restart IPsec strongSwan</option>');
$sel = ($reboot_restart === 'pptpd') ? ' selected="selected"' : '';
putHtml('<option value="pptpd"'.$sel.'>Restart PPTP VPN Server</option>');
$sel = ($reboot_restart === 'fossil') ? ' selected="selected"' : '';
@@ -1999,10 +2015,10 @@
putHtml('<tr class="dtrow1"><td style="text-align: right;">');
$sel = isVARtype('VPN', $db, $cur_db, 'racoon') ? ' checked="checked"' : '';
- putHtml('<input type="checkbox" value="ipsec" name="ipsec"'.$sel.' />');
+ putHtml('<input type="checkbox" value="racoon" name="racoon"'.$sel.' />');
putHtml('</td><td style="text-align: left;" colspan="5">');
putHtml('IPsec Peers –');
- putHtml('<input type="submit" value="IPsec Configuration" name="submit_edit_ipsec" class="button" />');
+ putHtml('<input type="submit" value="IPsec Configuration" name="submit_edit_racoon" class="button" />');
putHtml('</td></tr>');
putHtml('<tr class="dtrow1"><td style="text-align: right;">');
@@ -2013,6 +2029,16 @@
putHtml('<input type="submit" value="IPsec Configuration" name="submit_edit_ipsecmobile" class="button" />');
putHtml('</td></tr>');
+ if (is_file('/etc/init.d/ipsec')) {
+ putHtml('<tr class="dtrow1"><td style="text-align: right;">');
+ $sel = isVARtype('VPN', $db, $cur_db, 'ipsec') ? ' checked="checked"' : '';
+ putHtml('<input type="checkbox" value="ipsec" name="ipsec"'.$sel.' />');
+ putHtml('</td><td style="text-align: left;" colspan="5">');
+ putHtml('IPsec strongSwan –');
+ putHtml('<input type="submit" value="IPsec Configuration" name="submit_edit_ipsec" class="button" />');
+ putHtml('</td></tr>');
+ }
+
putHtml('<tr class="dtrow1"><td style="text-align: right;">');
$sel = isVARtype('VPN', $db, $cur_db, 'pptp') ? ' checked="checked"' : '';
putHtml('<input type="checkbox" value="pptp" name="pptp"'.$sel.' />');
Modified: branches/1.0/package/webinterface/altweb/common/functions.php
===================================================================
--- branches/1.0/package/webinterface/altweb/common/functions.php 2016-11-15 00:44:52 UTC (rev 7957)
+++ branches/1.0/package/webinterface/altweb/common/functions.php 2016-11-15 01:00:34 UTC (rev 7958)
@@ -74,12 +74,13 @@
$cmd .= ';service '.$process.' stop >/dev/null 2>/dev/null';
$cmd .= ';sleep '.$wait;
$cmd .= ';/usr/sbin/gen-rc-conf';
- if ($process === 'openvpn' || $process === 'openvpnclient' || $process === 'racoon' || $process === 'pptpd') {
+ if ($process === 'openvpn' || $process === 'openvpnclient' ||
+ $process === 'racoon' || $process === 'ipsec' || $process === 'pptpd') {
$cmd .= ';service iptables restart >/dev/null 2>/dev/null';
}
$cmd .= ';service '.$process.' '.$start.' >/dev/null 2>/dev/null';
}
-
+
if ($pathOK) {
putenv('PATH='.$path.':/sbin:/usr/sbin');
}
@@ -122,6 +123,12 @@
} else {
$str = $stopped;
}
+ } elseif ($process === 'ipsec') {
+ if (is_file($path.'charon.pid')) {
+ $str = $running;
+ } else {
+ $str = $stopped;
+ }
} elseif ($process === 'ups') {
if (is_file($path.'upsmon.pid')) {
$str = $running;
Modified: branches/1.0/package/webinterface/altweb/common/license-packages.txt
===================================================================
--- branches/1.0/package/webinterface/altweb/common/license-packages.txt 2016-11-15 00:44:52 UTC (rev 7957)
+++ branches/1.0/package/webinterface/altweb/common/license-packages.txt 2016-11-15 01:00:34 UTC (rev 7958)
@@ -63,3 +63,4 @@
avahi~Copyright (c) 2004-2016 Lennart Poettering, Trent Lloyd, Avahi developers.
Linux Kernel~Copyright (c) 1997-2016 The Linux Kernel Organization, Inc.; Linux is a Registered Trademark of Linus Torvalds.
whois~Copyright (c) 1999-2016 Marco d'Itri.
+strongSwan~Copyright (c) 2006-2016 Andreas Steffen, Tobias Brunner, et al.
Modified: branches/1.0/package/webinterface/altweb/common/status.inc
===================================================================
--- branches/1.0/package/webinterface/altweb/common/status.inc 2016-11-15 00:44:52 UTC (rev 7957)
+++ branches/1.0/package/webinterface/altweb/common/status.inc 2016-11-15 01:00:34 UTC (rev 7958)
@@ -78,6 +78,7 @@
$status['dnsmasq'] = 0;
$status['openvpn'] = 0;
$status['racoon'] = 0;
+ $status['charon'] = 0;
$status['pptpd'] = 0;
$status['upsmon'] = 0;
$status['syslogd'] = 0;
@@ -884,6 +885,21 @@
}
}
+if ($daemon['charon'] > 0) {
+ if (getPREFdef($global_prefs, 'status_ipsec_associations') !== 'no') {
+ putHtml("<h2>IPsec Associations (strongSwan):</h2>");
+ putHtml("<pre>");
+
+ $output = array();
+ @exec('/usr/sbin/ipsec status', $output);
+ foreach ($output as $line) {
+ putText(rtrim($line));
+ }
+ unset($output);
+ putHtml("</pre>");
+ }
+}
+
if ($daemon['pptpd'] > 0) {
if (getPREFdef($global_prefs, 'status_pptp_server') !== 'no') {
putHtml("<h2>PPTP VPN Server Status:</h2>");
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-15 00:44:54
|
Revision: 7957
http://sourceforge.net/p/astlinux/code/7957
Author: abelbeck
Date: 2016-11-15 00:44:52 +0000 (Tue, 15 Nov 2016)
Log Message:
-----------
strongswan, wait for strongSwan to fully startup
Modified Paths:
--------------
branches/1.0/package/strongswan/ipsec.init
Modified: branches/1.0/package/strongswan/ipsec.init
===================================================================
--- branches/1.0/package/strongswan/ipsec.init 2016-11-14 16:52:32 UTC (rev 7956)
+++ branches/1.0/package/strongswan/ipsec.init 2016-11-15 00:44:52 UTC (rev 7957)
@@ -44,6 +44,13 @@
fi
/usr/sbin/ipsec start >/dev/null
+
+ # Wait for strongSwan to startup
+ cnt=10
+ while [ $cnt -gt 0 ] && [ ! -f $PIDFILE ]; do
+ cnt=$((cnt - 1))
+ sleep 1
+ done
fi
}
@@ -53,7 +60,7 @@
/usr/sbin/ipsec stop
- # strongswan is known to leave PID files behind when something goes wrong, cleanup here
+ # strongSwan is known to leave PID files behind when something goes wrong, cleanup here
cnt=5
while [ $cnt -gt 0 ] && [ -f $PIDFILE ]; do
cnt=$((cnt - 1))
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-14 16:52:34
|
Revision: 7956
http://sourceforge.net/p/astlinux/code/7956
Author: abelbeck
Date: 2016-11-14 16:52:32 +0000 (Mon, 14 Nov 2016)
Log Message:
-----------
strongswan, add AIF support for 'ipsec' VPN type, keep both racoon and strongswan from running at the same time
Modified Paths:
--------------
branches/1.0/package/arnofw/arnofw.serial
branches/1.0/package/arnofw/arnofw.wrapper
branches/1.0/package/arnofw/ipsec-vpn-astlinux.conf
branches/1.0/package/ipsec-tools/racoon.init
branches/1.0/package/strongswan/ipsec.init
Modified: branches/1.0/package/arnofw/arnofw.serial
===================================================================
--- branches/1.0/package/arnofw/arnofw.serial 2016-11-13 21:41:18 UTC (rev 7955)
+++ branches/1.0/package/arnofw/arnofw.serial 2016-11-14 16:52:32 UTC (rev 7956)
@@ -1 +1 @@
-0002~0028~0000~0000~0000~
+0002~0029~0000~0000~0000~
Modified: branches/1.0/package/arnofw/arnofw.wrapper
===================================================================
--- branches/1.0/package/arnofw/arnofw.wrapper 2016-11-13 21:41:18 UTC (rev 7955)
+++ branches/1.0/package/arnofw/arnofw.wrapper 2016-11-14 16:52:32 UTC (rev 7956)
@@ -233,7 +233,7 @@
EXTERNAL_DHCP_SERVER=1
fi
- if isVPNtype racoon || isVPNtype ipsecmobile; then
+ if isVPNtype racoon || isVPNtype ipsecmobile || isVPNtype ipsec; then
RP_FILTER=0
fi
Modified: branches/1.0/package/arnofw/ipsec-vpn-astlinux.conf
===================================================================
--- branches/1.0/package/arnofw/ipsec-vpn-astlinux.conf 2016-11-13 21:41:18 UTC (rev 7955)
+++ branches/1.0/package/arnofw/ipsec-vpn-astlinux.conf 2016-11-14 16:52:32 UTC (rev 7956)
@@ -20,12 +20,14 @@
IPSEC_NAT_TRAVERSAL=0
vpntype_racoon=0
vpntype_ipsecmobile=0
+ vpntype_ipsec=0
unset IFS
for vpntype in $VPN; do
case $vpntype in
racoon) vpntype_racoon=1 ;;
ipsecmobile) vpntype_ipsecmobile=1 ;;
+ ipsec) vpntype_ipsec=1 ;;
esac
done
@@ -63,5 +65,12 @@
fi
fi
+ if [ $vpntype_ipsec -eq 1 ]; then
+ ENABLED=1
+ IPSEC_ALLOWED_HOSTS="0/0"
+ IPSEC_VPN_NETS=""
+ IPSEC_NAT_TRAVERSAL=1
+ fi
+
unset IFS
Modified: branches/1.0/package/ipsec-tools/racoon.init
===================================================================
--- branches/1.0/package/ipsec-tools/racoon.init 2016-11-13 21:41:18 UTC (rev 7955)
+++ branches/1.0/package/ipsec-tools/racoon.init 2016-11-14 16:52:32 UTC (rev 7956)
@@ -11,25 +11,23 @@
start()
{
+ if SYS_is_vpn_type racoon || SYS_is_vpn_type ipsecmobile; then
- if SYS_is_vpn_type racoon || \
- SYS_is_vpn_type ipsecmobile; then
+ ## Stop strongSwan IPsec if it is running
+ if [ -f /etc/init.d/ipsec -a -f /var/run/charon.pid ]; then
+ service ipsec stop
+ fi
/usr/sbin/racoon-ipsec start
-
fi
-
}
stop()
{
-
if [ -f /tmp/etc/racoon.conf ]; then
/usr/sbin/racoon-ipsec stop
-
fi
-
}
case $1 in
Modified: branches/1.0/package/strongswan/ipsec.init
===================================================================
--- branches/1.0/package/strongswan/ipsec.init 2016-11-13 21:41:18 UTC (rev 7955)
+++ branches/1.0/package/strongswan/ipsec.init 2016-11-14 16:52:32 UTC (rev 7956)
@@ -6,8 +6,8 @@
PIDFILE="/var/run/charon.pid"
-init () {
-
+init ()
+{
if ! SYS_is_vpn_type ipsec; then
exit
fi
@@ -33,7 +33,16 @@
start ()
{
if SYS_is_vpn_type ipsec; then
+ if SYS_is_vpn_type racoon || SYS_is_vpn_type ipsecmobile; then
+ echo "Failed starting strongSwan IPsec, racoon IPsec is also enabled." >&2
+ exit 1
+ fi
+ ## Stop racoon IPsec if it is running
+ if [ -f /etc/init.d/racoon -a -f /var/run/racoon.pid ]; then
+ service racoon stop
+ fi
+
/usr/sbin/ipsec start >/dev/null
fi
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-13 21:41:20
|
Revision: 7955
http://sourceforge.net/p/astlinux/code/7955
Author: abelbeck
Date: 2016-11-13 21:41:18 +0000 (Sun, 13 Nov 2016)
Log Message:
-----------
strongswan, reference /stat/etc/strongswan/ plugins .conf by default, disable firewall updown, remove /usr/share/strongswan (again)
Modified Paths:
--------------
branches/1.0/package/strongswan/ipsec.init
branches/1.0/package/strongswan/strongswan.mk
Added Paths:
-----------
branches/1.0/package/strongswan/strongswan-default-strongswan-conf.patch
Modified: branches/1.0/package/strongswan/ipsec.init
===================================================================
--- branches/1.0/package/strongswan/ipsec.init 2016-11-13 16:07:33 UTC (rev 7954)
+++ branches/1.0/package/strongswan/ipsec.init 2016-11-13 21:41:18 UTC (rev 7955)
@@ -16,6 +16,11 @@
mkdir -p /mnt/kd/ipsec/strongswan
if [ -d /stat/etc/strongswan ]; then
cp -a /stat/etc/strongswan/* /mnt/kd/ipsec/strongswan/
+
+ ## Remove /mnt/kd/ipsec/strongswan/ plugin .conf files so they don't get stale.
+ ## File strongswan.conf references the /stat/etc/strongswan/ versions by default.
+ rm /mnt/kd/ipsec/strongswan/strongswan.d/*.conf
+ rm /mnt/kd/ipsec/strongswan/strongswan.d/charon/*.conf
fi
fi
Added: branches/1.0/package/strongswan/strongswan-default-strongswan-conf.patch
===================================================================
--- branches/1.0/package/strongswan/strongswan-default-strongswan-conf.patch (rev 0)
+++ branches/1.0/package/strongswan/strongswan-default-strongswan-conf.patch 2016-11-13 21:41:18 UTC (rev 7955)
@@ -0,0 +1,15 @@
+--- strongswan-5.5.1/conf/strongswan.conf.orig 2016-11-13 14:37:20.044511922 -0600
++++ strongswan-5.5.1/conf/strongswan.conf 2016-11-13 14:39:31.565086615 -0600
+@@ -7,8 +7,10 @@
+ charon {
+ load_modular = yes
+ plugins {
+- include strongswan.d/charon/*.conf
++ include /stat/etc/strongswan/strongswan.d/charon/*.conf
++ #include strongswan.d/charon/*.conf
+ }
+ }
+
+-include strongswan.d/*.conf
++include /stat/etc/strongswan/strongswan.d/*.conf
++#include strongswan.d/*.conf
Modified: branches/1.0/package/strongswan/strongswan.mk
===================================================================
--- branches/1.0/package/strongswan/strongswan.mk 2016-11-13 16:07:33 UTC (rev 7954)
+++ branches/1.0/package/strongswan/strongswan.mk 2016-11-13 21:41:18 UTC (rev 7955)
@@ -13,6 +13,7 @@
STRONGSWAN_CONF_OPT += \
--disable-static \
--without-lib-prefix \
+ --enable-updown=no \
--enable-led=no \
--enable-pkcs11=no \
--enable-kernel-netlink=yes \
@@ -73,6 +74,7 @@
rm -rf $(TARGET_DIR)/etc/$$i ; \
ln -s /tmp/etc/strongswan/$$i $(TARGET_DIR)/etc/$$i ; \
done
+ rm -rf $(TARGET_DIR)/usr/share/strongswan
$(INSTALL) -m 0755 -D package/strongswan/ipsec.init $(TARGET_DIR)/etc/init.d/ipsec
ln -sf ../../init.d/ipsec $(TARGET_DIR)/etc/runlevels/default/S31ipsec
ln -sf ../../init.d/ipsec $(TARGET_DIR)/etc/runlevels/default/K20ipsec
@@ -86,7 +88,6 @@
rm -rf $(TARGET_DIR)/stat/etc/strongswan
rm -rf $(TARGET_DIR)/usr/lib/ipsec
rm -rf $(TARGET_DIR)/usr/libexec/ipsec
- rm -rf $(TARGET_DIR)/usr/share/strongswan
rm -f $(addprefix $(TARGET_DIR)/etc/, $(STRONGSWAN_TARGET_ETC))
rm -f $(TARGET_DIR)/etc/init.d/ipsec
rm -f $(TARGET_DIR)/etc/runlevels/default/S31ipsec
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-13 16:07:36
|
Revision: 7954
http://sourceforge.net/p/astlinux/code/7954
Author: abelbeck
Date: 2016-11-13 16:07:33 +0000 (Sun, 13 Nov 2016)
Log Message:
-----------
strongswan, disable some crypto plugins so OpenSSL handles them, as per Debian and others
Modified Paths:
--------------
branches/1.0/package/strongswan/strongswan.mk
Modified: branches/1.0/package/strongswan/strongswan.mk
===================================================================
--- branches/1.0/package/strongswan/strongswan.mk 2016-11-13 14:33:23 UTC (rev 7953)
+++ branches/1.0/package/strongswan/strongswan.mk 2016-11-13 16:07:33 UTC (rev 7954)
@@ -38,6 +38,7 @@
--enable-scripts=no \
--enable-vici=$(if $(BR2_PACKAGE_STRONGSWAN_VICI),yes,no) \
--enable-swanctl=$(if $(BR2_PACKAGE_STRONGSWAN_VICI),yes,no) \
+ --enable-addrblock=yes \
--enable-cmd=yes
ifeq ($(BR2_PACKAGE_STRONGSWAN_EAP),y)
@@ -50,6 +51,16 @@
--enable-eap-peap
endif
+# Diable plugins so OpenSSL handles them
+STRONGSWAN_CONF_OPT += \
+ --disable-aes \
+ --disable-des \
+ --disable-rc2 \
+ --disable-md5 \
+ --disable-sha1 \
+ --disable-sha2 \
+ --disable-hmac
+
ifeq ($(BR2_PACKAGE_STRONGSWAN_SQLITE),y)
STRONGSWAN_DEPENDENCIES += \
$(if $(BR2_PACKAGE_SQLITE),sqlite)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-13 14:33:26
|
Revision: 7953
http://sourceforge.net/p/astlinux/code/7953
Author: abelbeck
Date: 2016-11-13 14:33:23 +0000 (Sun, 13 Nov 2016)
Log Message:
-----------
strongswan, disable building static libs
Modified Paths:
--------------
branches/1.0/package/strongswan/strongswan.mk
Modified: branches/1.0/package/strongswan/strongswan.mk
===================================================================
--- branches/1.0/package/strongswan/strongswan.mk 2016-11-13 12:46:47 UTC (rev 7952)
+++ branches/1.0/package/strongswan/strongswan.mk 2016-11-13 14:33:23 UTC (rev 7953)
@@ -11,6 +11,7 @@
STRONGSWAN_TARGET_ETC = ipsec.conf ipsec.d ipsec.secrets strongswan.conf strongswan.d $(if $(BR2_PACKAGE_STRONGSWAN_VICI),swanctl)
STRONGSWAN_CONF_OPT += \
+ --disable-static \
--without-lib-prefix \
--enable-led=no \
--enable-pkcs11=no \
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-13 12:46:50
|
Revision: 7952
http://sourceforge.net/p/astlinux/code/7952
Author: abelbeck
Date: 2016-11-13 12:46:47 +0000 (Sun, 13 Nov 2016)
Log Message:
-----------
strongswan, add back /usr/share/strongswan templates
Modified Paths:
--------------
branches/1.0/package/strongswan/strongswan.mk
Modified: branches/1.0/package/strongswan/strongswan.mk
===================================================================
--- branches/1.0/package/strongswan/strongswan.mk 2016-11-12 23:42:38 UTC (rev 7951)
+++ branches/1.0/package/strongswan/strongswan.mk 2016-11-13 12:46:47 UTC (rev 7952)
@@ -61,7 +61,6 @@
rm -rf $(TARGET_DIR)/etc/$$i ; \
ln -s /tmp/etc/strongswan/$$i $(TARGET_DIR)/etc/$$i ; \
done
- rm -rf $(TARGET_DIR)/usr/share/strongswan
$(INSTALL) -m 0755 -D package/strongswan/ipsec.init $(TARGET_DIR)/etc/init.d/ipsec
ln -sf ../../init.d/ipsec $(TARGET_DIR)/etc/runlevels/default/S31ipsec
ln -sf ../../init.d/ipsec $(TARGET_DIR)/etc/runlevels/default/K20ipsec
@@ -75,6 +74,7 @@
rm -rf $(TARGET_DIR)/stat/etc/strongswan
rm -rf $(TARGET_DIR)/usr/lib/ipsec
rm -rf $(TARGET_DIR)/usr/libexec/ipsec
+ rm -rf $(TARGET_DIR)/usr/share/strongswan
rm -f $(addprefix $(TARGET_DIR)/etc/, $(STRONGSWAN_TARGET_ETC))
rm -f $(TARGET_DIR)/etc/init.d/ipsec
rm -f $(TARGET_DIR)/etc/runlevels/default/S31ipsec
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-12 23:42:41
|
Revision: 7951
http://sourceforge.net/p/astlinux/code/7951
Author: abelbeck
Date: 2016-11-12 23:42:38 +0000 (Sat, 12 Nov 2016)
Log Message:
-----------
strongswan, make /etc/swanctl symlink conditional on BR2_PACKAGE_STRONGSWAN_VICI value
Modified Paths:
--------------
branches/1.0/package/strongswan/strongswan.mk
Modified: branches/1.0/package/strongswan/strongswan.mk
===================================================================
--- branches/1.0/package/strongswan/strongswan.mk 2016-11-12 19:36:06 UTC (rev 7950)
+++ branches/1.0/package/strongswan/strongswan.mk 2016-11-12 23:42:38 UTC (rev 7951)
@@ -8,7 +8,7 @@
STRONGSWAN_SOURCE = strongswan-$(STRONGSWAN_VERSION).tar.bz2
STRONGSWAN_SITE = https://download.strongswan.org
STRONGSWAN_DEPENDENCIES = openssl host-pkg-config
-STRONGSWAN_TARGET_ETC = ipsec.conf ipsec.d ipsec.secrets strongswan.conf strongswan.d swanctl
+STRONGSWAN_TARGET_ETC = ipsec.conf ipsec.d ipsec.secrets strongswan.conf strongswan.d $(if $(BR2_PACKAGE_STRONGSWAN_VICI),swanctl)
STRONGSWAN_CONF_OPT += \
--without-lib-prefix \
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-12 19:36:08
|
Revision: 7950
http://sourceforge.net/p/astlinux/code/7950
Author: abelbeck
Date: 2016-11-12 19:36:06 +0000 (Sat, 12 Nov 2016)
Log Message:
-----------
strongswan, a usable /etc/init.d/ipsec script and symlink /etc/ strongswan files/dirs to /mnt/kd/ipsec/strongswan/
Modified Paths:
--------------
branches/1.0/package/strongswan/ipsec.init
branches/1.0/package/strongswan/strongswan.mk
Modified: branches/1.0/package/strongswan/ipsec.init
===================================================================
--- branches/1.0/package/strongswan/ipsec.init 2016-11-12 04:50:08 UTC (rev 7949)
+++ branches/1.0/package/strongswan/ipsec.init 2016-11-12 19:36:06 UTC (rev 7950)
@@ -2,21 +2,64 @@
. /etc/rc.conf
-init ()
-{
- :
+. /etc/init.d/functions.d/misc
+
+PIDFILE="/var/run/charon.pid"
+
+init () {
+
+ if ! SYS_is_vpn_type ipsec; then
+ exit
+ fi
+
+ if [ ! -d /mnt/kd/ipsec/strongswan ]; then
+ mkdir -p /mnt/kd/ipsec/strongswan
+ if [ -d /stat/etc/strongswan ]; then
+ cp -a /stat/etc/strongswan/* /mnt/kd/ipsec/strongswan/
+ fi
+ fi
+
+ ln -snf /mnt/kd/ipsec/strongswan /tmp/etc/strongswan
+
+ # Create lock dir managed by 'ipsec'
+ mkdir -p /var/lock/subsys
}
start ()
{
- :
+ if SYS_is_vpn_type ipsec; then
+
+ /usr/sbin/ipsec start >/dev/null
+ fi
}
stop ()
{
- :
+ if [ -f $PIDFILE ]; then
+
+ /usr/sbin/ipsec stop
+
+ # strongswan is known to leave PID files behind when something goes wrong, cleanup here
+ cnt=5
+ while [ $cnt -gt 0 ] && [ -f $PIDFILE ]; do
+ cnt=$((cnt - 1))
+ sleep 1
+ done
+ rm -f $PIDFILE
+ # and just to make sure they are really really dead at this point...
+ killall -9 charon >/dev/null 2>&1
+ fi
}
+reload ()
+{
+ if [ -f $PIDFILE ]; then
+ /usr/sbin/ipsec reload
+ else
+ start
+ fi
+}
+
case $1 in
init)
@@ -38,8 +81,12 @@
start
;;
+reload)
+ reload
+ ;;
+
*)
- echo "Usage: start|stop|restart" >&2
+ echo "Usage: start|stop|restart|reload" >&2
exit 1
;;
Modified: branches/1.0/package/strongswan/strongswan.mk
===================================================================
--- branches/1.0/package/strongswan/strongswan.mk 2016-11-12 04:50:08 UTC (rev 7949)
+++ branches/1.0/package/strongswan/strongswan.mk 2016-11-12 19:36:06 UTC (rev 7950)
@@ -8,6 +8,8 @@
STRONGSWAN_SOURCE = strongswan-$(STRONGSWAN_VERSION).tar.bz2
STRONGSWAN_SITE = https://download.strongswan.org
STRONGSWAN_DEPENDENCIES = openssl host-pkg-config
+STRONGSWAN_TARGET_ETC = ipsec.conf ipsec.d ipsec.secrets strongswan.conf strongswan.d swanctl
+
STRONGSWAN_CONF_OPT += \
--without-lib-prefix \
--enable-led=no \
@@ -53,6 +55,13 @@
endif
define STRONGSWAN_POST_INSTALL
+ mkdir -p $(TARGET_DIR)/stat/etc/strongswan
+ for i in $(STRONGSWAN_TARGET_ETC); do \
+ cp -a $(TARGET_DIR)/etc/$$i $(TARGET_DIR)/stat/etc/strongswan/ ; \
+ rm -rf $(TARGET_DIR)/etc/$$i ; \
+ ln -s /tmp/etc/strongswan/$$i $(TARGET_DIR)/etc/$$i ; \
+ done
+ rm -rf $(TARGET_DIR)/usr/share/strongswan
$(INSTALL) -m 0755 -D package/strongswan/ipsec.init $(TARGET_DIR)/etc/init.d/ipsec
ln -sf ../../init.d/ipsec $(TARGET_DIR)/etc/runlevels/default/S31ipsec
ln -sf ../../init.d/ipsec $(TARGET_DIR)/etc/runlevels/default/K20ipsec
@@ -63,12 +72,10 @@
STRONGSWAN_UNINSTALL_STAGING_OPT = --version
define STRONGSWAN_UNINSTALL_TARGET_CMDS
+ rm -rf $(TARGET_DIR)/stat/etc/strongswan
rm -rf $(TARGET_DIR)/usr/lib/ipsec
rm -rf $(TARGET_DIR)/usr/libexec/ipsec
- rm -rf $(TARGET_DIR)/etc/strongswan.*
- rm -rf $(TARGET_DIR)/etc/ipsec.*
- rm -rf $(TARGET_DIR)/etc/swanctl
- rm -rf $(TARGET_DIR)/usr/share/strongswan
+ rm -f $(addprefix $(TARGET_DIR)/etc/, $(STRONGSWAN_TARGET_ETC))
rm -f $(TARGET_DIR)/etc/init.d/ipsec
rm -f $(TARGET_DIR)/etc/runlevels/default/S31ipsec
rm -f $(TARGET_DIR)/etc/runlevels/default/K20ipsec
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-12 04:50:11
|
Revision: 7949
http://sourceforge.net/p/astlinux/code/7949
Author: abelbeck
Date: 2016-11-12 04:50:08 +0000 (Sat, 12 Nov 2016)
Log Message:
-----------
strongswan, 'stroke' must be enabled
Modified Paths:
--------------
branches/1.0/package/strongswan/strongswan.mk
Modified: branches/1.0/package/strongswan/strongswan.mk
===================================================================
--- branches/1.0/package/strongswan/strongswan.mk 2016-11-12 01:15:17 UTC (rev 7948)
+++ branches/1.0/package/strongswan/strongswan.mk 2016-11-12 04:50:08 UTC (rev 7949)
@@ -26,7 +26,7 @@
--enable-xauth-generic=yes \
--enable-xauth-eap=yes \
--enable-unity=no \
- --enable-stroke=no \
+ --enable-stroke=yes \
--enable-sqlite=$(if $(BR2_PACKAGE_STRONGSWAN_SQLITE),yes,no) \
--enable-sql=$(if $(BR2_PACKAGE_STRONGSWAN_SQLITE),yes,no) \
--enable-attr-sql=$(if $(BR2_PACKAGE_STRONGSWAN_SQLITE),yes,no) \
@@ -65,9 +65,10 @@
define STRONGSWAN_UNINSTALL_TARGET_CMDS
rm -rf $(TARGET_DIR)/usr/lib/ipsec
rm -rf $(TARGET_DIR)/usr/libexec/ipsec
- rm -rf $(TARGET_DIR)/etc/strongswan.d
+ rm -rf $(TARGET_DIR)/etc/strongswan.*
+ rm -rf $(TARGET_DIR)/etc/ipsec.*
+ rm -rf $(TARGET_DIR)/etc/swanctl
rm -rf $(TARGET_DIR)/usr/share/strongswan
- rm -f $(TARGET_DIR)/etc/strongswan.conf
rm -f $(TARGET_DIR)/etc/init.d/ipsec
rm -f $(TARGET_DIR)/etc/runlevels/default/S31ipsec
rm -f $(TARGET_DIR)/etc/runlevels/default/K20ipsec
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-12 01:15:19
|
Revision: 7948
http://sourceforge.net/p/astlinux/code/7948
Author: abelbeck
Date: 2016-11-12 01:15:17 +0000 (Sat, 12 Nov 2016)
Log Message:
-----------
strongswan, new package, disabled and no configuration yet, for testing. Adds 741 kB compressed 2292 kB uncompressed to image
Modified Paths:
--------------
branches/1.0/astlinux-ast11.config
branches/1.0/astlinux-ast13.config
branches/1.0/initrd.config
branches/1.0/package/Config.in
branches/1.0/runnix-iso.config
branches/1.0/runnix.config
branches/1.0/x86_64-configs/astlinux-ast11.config
branches/1.0/x86_64-configs/astlinux-ast13.config
branches/1.0/x86_64-configs/initrd.config
Added Paths:
-----------
branches/1.0/package/strongswan/
branches/1.0/package/strongswan/Config.in
branches/1.0/package/strongswan/ipsec.init
branches/1.0/package/strongswan/strongswan.mk
Modified: branches/1.0/astlinux-ast11.config
===================================================================
--- branches/1.0/astlinux-ast11.config 2016-11-11 18:22:40 UTC (rev 7947)
+++ branches/1.0/astlinux-ast11.config 2016-11-12 01:15:17 UTC (rev 7948)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot astlinux-1.x-svn7910-dirty Configuration
-# Thu Nov 3 08:17:06 2016
+# Buildroot astlinux-1.x-svn7947-dirty Configuration
+# Fri Nov 11 18:59:27 2016
#
BR2_HAVE_DOT_CONFIG=y
# BR2_arm is not set
@@ -790,6 +790,7 @@
# BR2_PACKAGE_SOCAT is not set
# BR2_PACKAGE_SPAWN_FCGI is not set
# BR2_PACKAGE_SQUID is not set
+# BR2_PACKAGE_STRONGSWAN is not set
BR2_PACKAGE_STUNNEL=y
BR2_PACKAGE_TCPDUMP=y
# BR2_PACKAGE_TCPDUMP_SMB is not set
Modified: branches/1.0/astlinux-ast13.config
===================================================================
--- branches/1.0/astlinux-ast13.config 2016-11-11 18:22:40 UTC (rev 7947)
+++ branches/1.0/astlinux-ast13.config 2016-11-12 01:15:17 UTC (rev 7948)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot astlinux-1.x-svn7910-dirty Configuration
-# Thu Nov 3 08:17:08 2016
+# Buildroot astlinux-1.x-svn7947-dirty Configuration
+# Fri Nov 11 18:59:28 2016
#
BR2_HAVE_DOT_CONFIG=y
# BR2_arm is not set
@@ -790,6 +790,7 @@
# BR2_PACKAGE_SOCAT is not set
# BR2_PACKAGE_SPAWN_FCGI is not set
# BR2_PACKAGE_SQUID is not set
+# BR2_PACKAGE_STRONGSWAN is not set
BR2_PACKAGE_STUNNEL=y
BR2_PACKAGE_TCPDUMP=y
# BR2_PACKAGE_TCPDUMP_SMB is not set
Modified: branches/1.0/initrd.config
===================================================================
--- branches/1.0/initrd.config 2016-11-11 18:22:40 UTC (rev 7947)
+++ branches/1.0/initrd.config 2016-11-12 01:15:17 UTC (rev 7948)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot astlinux-1.x-svn7910-dirty Configuration
-# Thu Nov 3 08:17:13 2016
+# Buildroot astlinux-1.x-svn7947-dirty Configuration
+# Fri Nov 11 18:59:29 2016
#
BR2_HAVE_DOT_CONFIG=y
# BR2_arm is not set
@@ -637,6 +637,7 @@
# BR2_PACKAGE_SOCAT is not set
# BR2_PACKAGE_SPAWN_FCGI is not set
# BR2_PACKAGE_SQUID is not set
+# BR2_PACKAGE_STRONGSWAN is not set
# BR2_PACKAGE_STUNNEL is not set
# BR2_PACKAGE_TCPDUMP is not set
# BR2_PACKAGE_TCPREPLAY is not set
Modified: branches/1.0/package/Config.in
===================================================================
--- branches/1.0/package/Config.in 2016-11-11 18:22:40 UTC (rev 7947)
+++ branches/1.0/package/Config.in 2016-11-12 01:15:17 UTC (rev 7948)
@@ -534,6 +534,7 @@
source "package/socat/Config.in"
source "package/spawn-fcgi/Config.in"
source "package/squid/Config.in"
+source "package/strongswan/Config.in"
source "package/stunnel/Config.in"
source "package/tcpdump/Config.in"
source "package/tcpreplay/Config.in"
Added: branches/1.0/package/strongswan/Config.in
===================================================================
--- branches/1.0/package/strongswan/Config.in (rev 0)
+++ branches/1.0/package/strongswan/Config.in 2016-11-12 01:15:17 UTC (rev 7948)
@@ -0,0 +1,51 @@
+menuconfig BR2_PACKAGE_STRONGSWAN
+ bool "strongswan"
+ select BR2_PACKAGE_OPENSSL
+ help
+ strongSwan is an OpenSource IPsec implementation for the
+ Linux operating system. It is based on the discontinued
+ FreeS/WAN project and the X.509 patch.
+
+ The focus is on:
+ - simplicity of configuration
+ - strong encryption and authentication methods
+ - powerful IPsec policies supporting large and complex VPN networks
+
+ strongSwan provide many plugins. Only a few are presented here.
+
+ https://www.strongswan.org/
+
+if BR2_PACKAGE_STRONGSWAN
+
+config BR2_PACKAGE_STRONGSWAN_AF_ALG
+ bool "Enable AF_ALG crypto interface to Linux Crypto API"
+
+config BR2_PACKAGE_STRONGSWAN_CHARON
+ bool "Enable the IKEv1/IKEv2 keying daemon charon"
+ default y
+
+if BR2_PACKAGE_STRONGSWAN_CHARON
+
+config BR2_PACKAGE_STRONGSWAN_EAP
+ bool "Enable EAP protocols"
+ default y
+ help
+ Enable various EAP protocols:
+ - mschapv2
+ - tls
+ - ttls
+ - peap
+ - identity
+ - md5
+
+config BR2_PACKAGE_STRONGSWAN_SQLITE
+ bool "Enable SQLite database support"
+ depends on BR2_PACKAGE_SQLITE
+
+config BR2_PACKAGE_STRONGSWAN_VICI
+ bool "Enable vici/swanctl"
+ default y
+
+endif
+
+endif
Added: branches/1.0/package/strongswan/ipsec.init
===================================================================
--- branches/1.0/package/strongswan/ipsec.init (rev 0)
+++ branches/1.0/package/strongswan/ipsec.init 2016-11-12 01:15:17 UTC (rev 7948)
@@ -0,0 +1,46 @@
+#!/bin/sh
+
+. /etc/rc.conf
+
+init ()
+{
+ :
+}
+
+start ()
+{
+ :
+}
+
+stop ()
+{
+ :
+}
+
+case $1 in
+
+init)
+ init
+ start
+ ;;
+
+start)
+ start
+ ;;
+
+stop)
+ stop
+ ;;
+
+restart)
+ stop
+ sleep 2
+ start
+ ;;
+
+*)
+ echo "Usage: start|stop|restart" >&2
+ exit 1
+ ;;
+
+esac
Property changes on: branches/1.0/package/strongswan/ipsec.init
___________________________________________________________________
Added: svn:executable
## -0,0 +1 ##
+*
\ No newline at end of property
Added: branches/1.0/package/strongswan/strongswan.mk
===================================================================
--- branches/1.0/package/strongswan/strongswan.mk (rev 0)
+++ branches/1.0/package/strongswan/strongswan.mk 2016-11-12 01:15:17 UTC (rev 7948)
@@ -0,0 +1,76 @@
+################################################################################
+#
+# strongswan
+#
+################################################################################
+
+STRONGSWAN_VERSION = 5.5.1
+STRONGSWAN_SOURCE = strongswan-$(STRONGSWAN_VERSION).tar.bz2
+STRONGSWAN_SITE = https://download.strongswan.org
+STRONGSWAN_DEPENDENCIES = openssl host-pkg-config
+STRONGSWAN_CONF_OPT += \
+ --without-lib-prefix \
+ --enable-led=no \
+ --enable-pkcs11=no \
+ --enable-kernel-netlink=yes \
+ --enable-socket-default=yes \
+ --enable-openssl=yes \
+ --enable-gcrypt=no \
+ --enable-gmp=no \
+ --enable-af-alg=$(if $(BR2_PACKAGE_STRONGSWAN_AF_ALG),yes,no) \
+ --enable-curl=no \
+ --enable-charon=$(if $(BR2_PACKAGE_STRONGSWAN_CHARON),yes,no) \
+ --enable-tnccs-11=no \
+ --enable-tnccs-20=no \
+ --enable-tnccs-dynamic=no \
+ --enable-xauth-generic=yes \
+ --enable-xauth-eap=yes \
+ --enable-unity=no \
+ --enable-stroke=no \
+ --enable-sqlite=$(if $(BR2_PACKAGE_STRONGSWAN_SQLITE),yes,no) \
+ --enable-sql=$(if $(BR2_PACKAGE_STRONGSWAN_SQLITE),yes,no) \
+ --enable-attr-sql=$(if $(BR2_PACKAGE_STRONGSWAN_SQLITE),yes,no) \
+ --enable-pki=no \
+ --enable-scepclient=no \
+ --enable-scripts=no \
+ --enable-vici=$(if $(BR2_PACKAGE_STRONGSWAN_VICI),yes,no) \
+ --enable-swanctl=$(if $(BR2_PACKAGE_STRONGSWAN_VICI),yes,no) \
+ --enable-cmd=yes
+
+ifeq ($(BR2_PACKAGE_STRONGSWAN_EAP),y)
+STRONGSWAN_CONF_OPT += \
+ --enable-eap-identity \
+ --enable-eap-md5 \
+ --enable-eap-mschapv2 \
+ --enable-eap-tls \
+ --enable-eap-ttls \
+ --enable-eap-peap
+endif
+
+ifeq ($(BR2_PACKAGE_STRONGSWAN_SQLITE),y)
+STRONGSWAN_DEPENDENCIES += \
+ $(if $(BR2_PACKAGE_SQLITE),sqlite)
+endif
+
+define STRONGSWAN_POST_INSTALL
+ $(INSTALL) -m 0755 -D package/strongswan/ipsec.init $(TARGET_DIR)/etc/init.d/ipsec
+ ln -sf ../../init.d/ipsec $(TARGET_DIR)/etc/runlevels/default/S31ipsec
+ ln -sf ../../init.d/ipsec $(TARGET_DIR)/etc/runlevels/default/K20ipsec
+endef
+
+STRONGSWAN_POST_INSTALL_TARGET_HOOKS = STRONGSWAN_POST_INSTALL
+
+STRONGSWAN_UNINSTALL_STAGING_OPT = --version
+
+define STRONGSWAN_UNINSTALL_TARGET_CMDS
+ rm -rf $(TARGET_DIR)/usr/lib/ipsec
+ rm -rf $(TARGET_DIR)/usr/libexec/ipsec
+ rm -rf $(TARGET_DIR)/etc/strongswan.d
+ rm -rf $(TARGET_DIR)/usr/share/strongswan
+ rm -f $(TARGET_DIR)/etc/strongswan.conf
+ rm -f $(TARGET_DIR)/etc/init.d/ipsec
+ rm -f $(TARGET_DIR)/etc/runlevels/default/S31ipsec
+ rm -f $(TARGET_DIR)/etc/runlevels/default/K20ipsec
+endef
+
+$(eval $(call AUTOTARGETS,package,strongswan))
Modified: branches/1.0/runnix-iso.config
===================================================================
--- branches/1.0/runnix-iso.config 2016-11-11 18:22:40 UTC (rev 7947)
+++ branches/1.0/runnix-iso.config 2016-11-12 01:15:17 UTC (rev 7948)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot astlinux-1.x-svn7910-dirty Configuration
-# Thu Nov 3 08:17:16 2016
+# Buildroot astlinux-1.x-svn7947-dirty Configuration
+# Fri Nov 11 18:59:32 2016
#
BR2_HAVE_DOT_CONFIG=y
# BR2_arm is not set
@@ -673,6 +673,7 @@
# BR2_PACKAGE_SOCAT is not set
# BR2_PACKAGE_SPAWN_FCGI is not set
# BR2_PACKAGE_SQUID is not set
+# BR2_PACKAGE_STRONGSWAN is not set
# BR2_PACKAGE_STUNNEL is not set
# BR2_PACKAGE_TCPDUMP is not set
# BR2_PACKAGE_TCPREPLAY is not set
Modified: branches/1.0/runnix.config
===================================================================
--- branches/1.0/runnix.config 2016-11-11 18:22:40 UTC (rev 7947)
+++ branches/1.0/runnix.config 2016-11-12 01:15:17 UTC (rev 7948)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot astlinux-1.x-svn7910-dirty Configuration
-# Thu Nov 3 08:17:15 2016
+# Buildroot astlinux-1.x-svn7947-dirty Configuration
+# Fri Nov 11 18:59:31 2016
#
BR2_HAVE_DOT_CONFIG=y
# BR2_arm is not set
@@ -674,6 +674,7 @@
# BR2_PACKAGE_SOCAT is not set
# BR2_PACKAGE_SPAWN_FCGI is not set
# BR2_PACKAGE_SQUID is not set
+# BR2_PACKAGE_STRONGSWAN is not set
# BR2_PACKAGE_STUNNEL is not set
# BR2_PACKAGE_TCPDUMP is not set
# BR2_PACKAGE_TCPREPLAY is not set
Modified: branches/1.0/x86_64-configs/astlinux-ast11.config
===================================================================
--- branches/1.0/x86_64-configs/astlinux-ast11.config 2016-11-11 18:22:40 UTC (rev 7947)
+++ branches/1.0/x86_64-configs/astlinux-ast11.config 2016-11-12 01:15:17 UTC (rev 7948)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot astlinux-1.x-svn7910-dirty Configuration
-# Thu Nov 3 08:17:19 2016
+# Buildroot astlinux-1.x-svn7947-dirty Configuration
+# Fri Nov 11 18:59:33 2016
#
BR2_HAVE_DOT_CONFIG=y
BR2_ARCH_IS_64=y
@@ -771,6 +771,7 @@
# BR2_PACKAGE_SOCAT is not set
# BR2_PACKAGE_SPAWN_FCGI is not set
# BR2_PACKAGE_SQUID is not set
+# BR2_PACKAGE_STRONGSWAN is not set
BR2_PACKAGE_STUNNEL=y
BR2_PACKAGE_TCPDUMP=y
# BR2_PACKAGE_TCPDUMP_SMB is not set
Modified: branches/1.0/x86_64-configs/astlinux-ast13.config
===================================================================
--- branches/1.0/x86_64-configs/astlinux-ast13.config 2016-11-11 18:22:40 UTC (rev 7947)
+++ branches/1.0/x86_64-configs/astlinux-ast13.config 2016-11-12 01:15:17 UTC (rev 7948)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot astlinux-1.x-svn7910-dirty Configuration
-# Thu Nov 3 08:17:27 2016
+# Buildroot astlinux-1.x-svn7947-dirty Configuration
+# Fri Nov 11 18:59:35 2016
#
BR2_HAVE_DOT_CONFIG=y
BR2_ARCH_IS_64=y
@@ -771,6 +771,7 @@
# BR2_PACKAGE_SOCAT is not set
# BR2_PACKAGE_SPAWN_FCGI is not set
# BR2_PACKAGE_SQUID is not set
+# BR2_PACKAGE_STRONGSWAN is not set
BR2_PACKAGE_STUNNEL=y
BR2_PACKAGE_TCPDUMP=y
# BR2_PACKAGE_TCPDUMP_SMB is not set
Modified: branches/1.0/x86_64-configs/initrd.config
===================================================================
--- branches/1.0/x86_64-configs/initrd.config 2016-11-11 18:22:40 UTC (rev 7947)
+++ branches/1.0/x86_64-configs/initrd.config 2016-11-12 01:15:17 UTC (rev 7948)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot astlinux-1.x-svn7910-dirty Configuration
-# Thu Nov 3 08:17:28 2016
+# Buildroot astlinux-1.x-svn7947-dirty Configuration
+# Fri Nov 11 18:59:36 2016
#
BR2_HAVE_DOT_CONFIG=y
BR2_ARCH_IS_64=y
@@ -618,6 +618,7 @@
# BR2_PACKAGE_SOCAT is not set
# BR2_PACKAGE_SPAWN_FCGI is not set
# BR2_PACKAGE_SQUID is not set
+# BR2_PACKAGE_STRONGSWAN is not set
# BR2_PACKAGE_STUNNEL is not set
# BR2_PACKAGE_TCPDUMP is not set
# BR2_PACKAGE_TCPREPLAY is not set
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-11 18:22:43
|
Revision: 7947
http://sourceforge.net/p/astlinux/code/7947
Author: abelbeck
Date: 2016-11-11 18:22:40 +0000 (Fri, 11 Nov 2016)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2016-11-11 18:21:07 UTC (rev 7946)
+++ branches/1.0/docs/ChangeLog.txt 2016-11-11 18:22:40 UTC (rev 7947)
@@ -17,6 +17,8 @@
** System
+-- php, version bump to 5.6.28
+
-- sqlite, version bump to 3.15.1
-- libxml2, security fixes: CVE-2016-5131, CVE-2016-4658
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-11 18:21:10
|
Revision: 7946
http://sourceforge.net/p/astlinux/code/7946
Author: abelbeck
Date: 2016-11-11 18:21:07 +0000 (Fri, 11 Nov 2016)
Log Message:
-----------
php, version bump to 5.6.28
Modified Paths:
--------------
branches/1.0/package/php/php.mk
Modified: branches/1.0/package/php/php.mk
===================================================================
--- branches/1.0/package/php/php.mk 2016-11-11 16:08:37 UTC (rev 7945)
+++ branches/1.0/package/php/php.mk 2016-11-11 18:21:07 UTC (rev 7946)
@@ -4,7 +4,7 @@
#
#############################################################
-PHP_VERSION = 5.6.27
+PHP_VERSION = 5.6.28
PHP_SITE = http://www.php.net/distributions
PHP_SOURCE = php-$(PHP_VERSION).tar.xz
PHP_INSTALL_STAGING = YES
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
1 message has been excluded from this view by a project administrator.
