lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-14 00:24:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
14,935 Commits 1 Branch 0 Tags
Commit Graph

14935 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stephan de Wit
4f02754dfc MVC / CSVListField: add MaskPerItem toggle to allow regex validation per CSV 2023-02-13 17:00:11 +01:00
Franco Fichtner
e08a49332a interfaces: sync up these changes 
Better push 'none' than '' down the code, it is more concise for debugging.
 2023-02-13 09:02:33 +01:00
Ad Schellevis
54693d9153 php8.x - fixed an init too much here 2023-02-13 08:55:09 +01:00
Franco Fichtner
c638b25bce ipsec: fix eap_id placement for eap-mschapv2 
PR: https://forum.opnsense.org/index.php?topic=32440.0
 2023-02-13 07:40:26 +01:00
Ad Schellevis
08fb2ea495 php8.x - fix some deprecation / array key warnings 2023-02-12 20:12:35 +01:00
Ad Schellevis
a9ecea3dcd php8.x - fix some deprecation warnings 2023-02-12 19:12:30 +01:00
Ad Schellevis
9d5e1edb95 VPN: IPsec: Connections - missing remapping pool uuid to name, closes https://github.com/opnsense/core/issues/6324 2023-02-12 18:48:46 +01:00
Ad Schellevis
991f27ee94 Services: Intrusion Detection: Policy - properly reset metdata response when no metadata is found. closes https://github.com/opnsense/core/issues/6322 2023-02-12 14:35:21 +01:00
Ad Schellevis
9a0bc2e79b Interfaces/Virtual IPs/Settings - allow vhid reusage as it was before 23.1. closes https://github.com/opnsense/core/issues/6318 2023-02-10 16:17:56 +01:00
Stephan de Wit
35090ecee1 unbound: missing global, cache is never flushed when enabled 2023-02-10 10:08:56 +01:00
Franco Fichtner
53fefd47a3 openvpn: style sweep 2023-02-10 10:08:09 +01:00
Ad Schellevis
c0a6d22e58 VPN: IPsec: Pre-Shared Keys - faulty unique constraint. closes https://github.com/opnsense/core/issues/6316 2023-02-09 21:29:25 +01:00
Ad Schellevis
89da198d62 VPN/OpenVPN/Servers - when using auth_control_file, success seems to be '1' according to the source (documentation doesn't seem to be explicit about this) 
reference : ccf9d57249/src/openvpn/ssl_verify.c (L1079-L1082)
 2023-02-09 16:21:32 +01:00
Ad Schellevis
69e424acec boot: offer template generation max 10 seconds to wait for configd socket, for some reason it still fails on some platforms (not yet available) 2023-02-09 14:54:22 +01:00
Ad Schellevis
6d33df1bb9 Interfaces: Other Types: VLAN - missing a config lock on delete, preventing multiple delete to function properly 2023-02-09 13:21:24 +01:00
Ad Schellevis
63bac3c6ca MVC/ApiControllerBase - cleanse $record input in searchRecordsetBase before usage, older php versions allowed to send null, which will crash out on later versions. 
Although we do silently ignore the issue now, most callers likely are sending null when trapping into this issue and the user should receive an empty grid anyway in these cases.

```
/usr/local/opnsense/mvc/app/controllers/OPNsense/Base/ApiControllerBase.php:60: array_keys(): Argument #1 ($array) must be of type array, null given
```
 2023-02-09 10:49:11 +01:00
Franco Fichtner
7609985e69 ipsec: some style and reduce indent since disable if returns anyway 2023-02-09 09:50:41 +01:00
Franco Fichtner
b73e5dd641 system: protect against more scripts on bootup 
All of these could trigger routing or filter reconfiguration (in turn
also routing).
 2023-02-09 09:39:05 +01:00
Franco Fichtner
f8a9e5b990 openvpn: minor adjustments 2023-02-09 08:22:10 +01:00
Franco Fichtner
0dfa6c44af ipsec: oops for #6309 2023-02-08 17:14:26 +01:00
Franco Fichtner
a9dcd3f825 ipsec: migrate duplicated cron job; closes #6309 2023-02-08 17:11:15 +01:00
Franco Fichtner
748b46b393 system: bring ZFS to front of cron job description 2023-02-08 16:28:07 +01:00
Franco Fichtner
d017169a7e system: configctl plugins configure %s %s is too broad and unused 2023-02-08 16:16:09 +01:00
Franco Fichtner
90495e946a system: remove stray fclose() 2023-02-08 10:29:11 +01:00
Franco Fichtner
85fe552d5f firewall: better fix for previous 2023-02-08 07:27:25 +01:00
Franco Fichtner
02a05a4d4c src: style et al 2023-02-08 07:07:15 +01:00
Ad Schellevis
1e28d5b352 VPN:OpenVPN: Servers - deferred authentication, work in progress for https://github.com/opnsense/core/issues/6293 
This initial commit focusses on structuring the event flow around user and client registration, moving events to our new ovpn_event.py handler.
By supporting both deferred and direct authentication in user_pass_verify.php, we should be able to start with a cleanup patch for OpenVPN 2.5.x and work our way up to
a smaller fix for 2.6.x.

In preperation for 2.6, this commit also moves --cipher to --data-ciphers-fallback as suggested by the warning "DEPRECATED OPTION: --cipher set to '' but missing in --data-ciphers". Rename the option in the gui while there and add a note in the help text.
 2023-02-07 19:26:29 +01:00
Franco Fichtner
f984b7af16 system: style sweep 2023-02-07 16:47:41 +01:00
Franco Fichtner
655c4024ff system: prevent local issues with gif route 2023-02-07 16:36:04 +01:00
Franco Fichtner
13583073bf system: prevent bad address like host route case 2023-02-07 15:59:41 +01:00
Franco Fichtner
2618c2b91b system: prevent spurious far gateway detect 
Reported for DHCP in #5493 consider that all connectivity modes
that create a router file to be eligable for this only.  VIPs
do overcomplicate this but that is also where the gateway has
to be explicit instead of being provided at a later time, which
makes the validations fail which is why we end up here.

Also move the current route check to avoid some work.  The check
is not 100% when flipping the far behaviour but doing less work
and keeping the current behaviour is fine.
 2023-02-07 15:59:41 +01:00
Franco Fichtner
3e749e1132 system: use singleton implementation everywhere 2023-02-07 15:42:31 +01:00
Franco Fichtner
0e286b3a34 firewall: do not switch gateway on bootup 2023-02-07 14:45:27 +01:00
Franco Fichtner
09b2bec389 pkg: remove CORE_FLAVOUR handling 2023-02-07 09:22:33 +01:00
Stephan de Wit
3170c77880 Unbound: small optimizations 
No need to register callbacks when stats are not enabled and no need to use
a circular buffer on the logger side since we don't need to append left. This avoids
the need for converting it to a list.
 2023-02-07 09:13:42 +01:00
Ad Schellevis
fa72225d8d Services: Unbound DNS: Advanced - extend logging, fix for 707779fbf4 (https://github.com/opnsense/core/issues/6296) 2023-02-06 15:22:46 +01:00
Stephan de Wit
27f4c6fa6f Firewall: Rules: spelling 2023-02-06 11:01:39 +01:00
Stephan de Wit
75807588ed Reporting: Unbound DNS: fix style issues 2023-02-06 10:43:43 +01:00
FingerlessGloves
0af31b474d
Interfaces: Virtual IPs: Settings / Make description field show for all types of VIP (#6304) 
Currently description only shows for CARP type, but the description should show for all.
 2023-02-05 11:53:30 +01:00
Franco Fichtner
eb1367cc57 dhcp: curious why #6263 happens 2023-02-04 15:09:36 +01:00
Stephan de Wit
0ff715f827 Reporting: Unbound: Remove debug msg 2023-02-03 10:16:34 +01:00
Stephan de Wit
dd720b45b4 Reporting: Unbound: save logarithmic setting in localstorage 2023-02-03 10:05:30 +01:00
Stephan de Wit
9966db9946 Unbound: Advanced: Add serve-expired settings 2023-02-03 09:22:21 +01:00
Stephan de Wit
e0469001a6 Unbound: dnsbl_module: add HTTPS record type 2023-02-03 09:11:18 +01:00
Ad Schellevis
7a434a6845 Reporting: Unbound DNS - minor logger cleanups and don't try to "delete" every 10 seconds. 2023-02-02 13:44:43 +01:00
Franco Fichtner
0c92ec5935 firewall: roll this back for now 
The problem is htmlspecialchars() most likely and html_safe() is fixed now.
 2023-02-02 12:20:57 +01:00
Franco Fichtner
a0e3b6865a ui: solve deprecation in PHP via html_safe() wrapper 2023-02-02 12:17:31 +01:00
Ad Schellevis
02f44d9024 Reporting: Unbound DNS - duckdb consuming a lot of time doing index maintenance, this should lower the cpu load significantly. 2023-02-02 12:02:59 +01:00
Ad Schellevis
958ff5b7ca Lobby: Dashboard / IPsec - refactor widget to use new data format. closes https://github.com/opnsense/core/issues/6297 2023-02-02 08:57:29 +01:00
Ad Schellevis
707779fbf4 Services: Unbound DNS: Advanced - extend logging , closes https://github.com/opnsense/core/issues/6296 
Add log-servfail to identify why queries return SERVFAIL to clients, log-local-actions to debug local zone actions when enabled and val-log-level to log validation failures.
 2023-02-01 21:27:38 +01:00