lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-13 16:14:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
16,557 Commits 1 Branch 0 Tags
Commit Graph

15249 Commits

Author SHA1 Message Date
Stephan de Wit
419fec650f
Dashboard: boilerplate for new widgets (#7328) 2024-03-20 11:44:07 +01:00
Ad Schellevis
16a6dcbd4c System/Trust/Certificates - oops, there is no toggle on certs... 2024-03-20 10:46:02 +01:00
Ad Schellevis
7fa69acbdc undo diag.log change in 3210c15676 2024-03-20 10:00:19 +01:00
Ad Schellevis
3210c15676 System: Trust: Authorities - call system_trust_configure() via configd on authority changes and fix a regression linking authorities to their parent and certificates (https://github.com/opnsense/core/issues/7248) 2024-03-19 13:53:38 +01:00
Ad Schellevis
dce0617c89 System: Access: Users - prevent empty user <user/> item to crash bootup. Although this shouldn't happen, it's pretty annoying when you're not able to login and fix anything when these invalid entries exist. 2024-03-18 15:30:04 +01:00
Franco Fichtner
6de05e0437 mvc: fix lang= hint in HTML; closes #7336 2024-03-18 11:29:35 +01:00
Franco Fichtner
df5680b123 system: remove get_current_theme() and align code for safety related to #7336 
This was more work than expected. -.-  Fortunately this is all just
legacy cruft.
 2024-03-18 10:25:02 +01:00
Franco Fichtner
16085a24c9 src: first half of #7336 
We need to adjust get_current_lang() as it also depends on the
currently logged in user if found.
 2024-03-18 09:01:31 +01:00
Franco Fichtner
cd5cfc95c0 src: style sweep 2024-03-18 08:08:29 +01:00
Ad Schellevis
fc6aae60a2 Services: Kea DHCP: Kea DHCPv4 / Subnets - add the following client options: 
* [119] domain-search
* [4] time-servers
* [33] static-routes

cc @mimugmail (42 = ntp, which is already there)
 2024-03-17 17:31:57 +01:00
Ad Schellevis
bc2ca23c93 VPN: WireGuard: Peers - add instances column and move backreference logic to model using the volatile switch recently introduced for the Trust section. closes https://github.com/opnsense/core/issues/7221 2024-03-17 13:36:26 +01:00
Ad Schellevis
8faa33eeba Firewall: Diagnostics: Statistics - fix incorrect packet counters, closes https://github.com/opnsense/core/issues/7332 2024-03-16 20:00:02 +01:00
Ad Schellevis
15e477393f VPN: WireGuard: Status - show proper name when public keys overlap between instances. closes https://github.com/opnsense/core/issues/7265 
With this commit, each peer is identified by its interface name and its public key
 2024-03-16 09:42:29 +01:00
Ad Schellevis
8071c278e1 ApiControllerBase - fix ' rewind(): Stream does not support seeking (errno=2)' for configd socket. Since we start reading from the start, a rewind wouldn't do much anywy, it's only a bit strange this didn't crash earlier on stable. 2024-03-15 18:51:44 +01:00
Ad Schellevis
e172d9222d Trust - move ocsp_validate() from legacy certs.inc to Trust class and refactor its currently single user (openvpn). 2024-03-15 18:41:36 +01:00
Franco Fichtner
53e5a4f7d7 src: style sweep and plist fix 2024-03-14 20:32:36 +01:00
Ad Schellevis
cddd11ceb1 System: Trust: - cleanup legacy files and functions, closes https://github.com/opnsense/core/issues/7248 
move functions that are only used in a single spot in core to that spot for clarity, certs.inc remaining functions are now:

function &lookup_ca($refid)
function &lookup_ca_by_subject($subject)
function &lookup_cert($refid)
function &lookup_crl($refid)
function ca_chain_array(&$cert)
function ca_chain(&$cert)
function cert_import(&$cert, $crt_str, $key_str)
function certs_build_name($dn)
function cert_get_subject($str_crt, $decode = true)
function cert_get_subject_array($crt)
function cert_get_issuer($str_crt, $decode = true)
function cert_get_modulus($str_crt, $decode = true, $type = 'crt')
function cert_get_purpose($str_crt, $decode = true)
function cert_get_serial($str_crt, $decode = true)
function cert_in_use($certref)
function cert_compare($cert1, $cert2)
function is_cert_revoked($cert, $crlref = "")
function ocsp_validate($ca_filename, $serial)

some of it used in plugins, mostly AcmeClient which may inherit the functions at some point when core doesn't need them anymore.
 2024-03-14 19:11:28 +01:00
Ad Schellevis
62b639fced System: Trust: Certificates - work in progress for https://github.com/opnsense/core/issues/7248 2024-03-14 18:16:55 +01:00
Ad Schellevis
298fe4d306 System: Trust: Certificates - work in progress for https://github.com/opnsense/core/issues/7248 
Add option to only sign a certificate using the same logic already available.
 2024-03-14 16:25:38 +01:00
Franco Fichtner
cf569e81eb mvc: style sweep 2024-03-14 15:01:17 +01:00
Ad Schellevis
f89117c243 System: Trust: Revocation - work in progress for https://github.com/opnsense/core/issues/7248 
add crl download button, might not be frequently used, but can be offered using existing api calls anyway.
 2024-03-14 14:34:14 +01:00
Ad Schellevis
87c1d69bdb System: Trust: Revocation - work in progress for https://github.com/opnsense/core/issues/7248 
add ocsp index.txt sample download to align with documentation (https://docs.opnsense.org/manual/certificates.html)
 2024-03-14 14:27:37 +01:00
Ad Schellevis
0591ff28a6 System: Trust: Revocation - work in progress for https://github.com/opnsense/core/issues/7248 
move download_content() to opnsense.js for easier re-use.
 2024-03-14 14:27:37 +01:00
Franco Fichtner
d48dd6f9a3 dhcrelay: fine-tune service presentation and handling 2024-03-14 13:25:38 +01:00
Franco Fichtner
8b87c8caba dhcrelay: 'inet' unused now #6983 2024-03-14 13:03:51 +01:00
Franco Fichtner
0eb267f048 dhcrelay: patch the last spot for rule generation #6983 2024-03-14 13:00:13 +01:00
Franco Fichtner
e1b313852a dhcrelay: provide backend IPv6 support #6983 
One complication here is that dhcrelay6 requires an interface
given to the server IP address which we do by simply looking
up the route to it.  I'm a bit pessimistic here aboutr link-local
usage which would require a user to input the interface which
very likely ends up in flames for more than one reason:

1. device names need to be used (at least from a technical POV)
2. the device names may contain "." which breaks our IP family detect
3. no no no

As a side note the agent option was not handled in IPv6 previously.
 2024-03-14 11:12:13 +01:00
Franco Fichtner
b0087d5606 dhcrelay: switch ordering of bootgrids 
While the main operation are the interfaces we can't add them before we have
a destination set up.  So by reordering we are hinting at this work flow and
the destination table should always be a bit shorter anyway.
 2024-03-14 08:06:08 +01:00
Franco Fichtner
2a3e0a782b mvc: style sweep 2024-03-13 21:43:30 +01:00
Ad Schellevis
288dd9cb7f System: Trust: Revocation - work in progress for https://github.com/opnsense/core/issues/7248 
* register menu item and acl
 2024-03-13 21:05:35 +01:00
Ad Schellevis
bed2e66cf0 System: Trust: Revocation - work in progress for https://github.com/opnsense/core/issues/7248 
* add raw dump button
* generate CRL and store text
* remove add/del footer buttons
 2024-03-13 21:01:33 +01:00
Franco Fichtner
ad5fed3c4d dhcrelay: migrate IPv6 data, consolidation cleanups #6983 
Menu, ACL and XMLRPC wer consolidated into the IPv4 flag.  IPv6 is
no longer functional and operates from the shared reimplementation
now.  Syslog doesn't work on OpenBSD dhcrelay especially since we
start it with -d so it tries to spam to stderr which is ignored by
daemon -f to background it properly with a pid file (it's a long
story, don't ask).
 2024-03-13 18:00:31 +01:00
Franco Fichtner
53a95b0190 dhcrelay: split out plugin file, move some more around #6983 2024-03-13 16:56:44 +01:00
Franco Fichtner
0256a2754f dhcrelay: add bootgrid headers as requested by @adschellevis #6983 2024-03-13 15:59:35 +01:00
Franco Fichtner
972f6ce347 dhcrelay: dial this back for consistency #6983 2024-03-13 15:37:08 +01:00
Franco Fichtner
b09e5c3d22 dhcrelay: validate unqiue per address family for each interface #6983 2024-03-13 15:20:40 +01:00
Franco Fichtner
52e0dd48fa dhcrelay: custom validation to make ip4/ivp6 in the same model possible #6983 
This can live in NetworkField in the future, but no reason not to test
drive this sooner.
 2024-03-13 13:49:46 +01:00
Franco Fichtner
666222651c dhcrelay: minor adjustments due to discussion #6983 2024-03-13 12:59:52 +01:00
Franco Fichtner
b6352ce80d system: meh, typo 2024-03-13 09:17:48 +01:00
Franco Fichtner
c149ac2cfb system: fix syslog access for legacy moves 
This reverts commit 022ab7ad75a994eb92d8e923ba904e033c593392.
 2024-03-13 09:05:50 +01:00
Franco Fichtner
a38b887e29 dhcrelay: finish v4 and remove legacy page #6983 2024-03-13 08:51:29 +01:00
Franco Fichtner
6a4274a5e0 mvc: style sweep 2024-03-13 08:51:29 +01:00
Franco Fichtner
19f32d435c pluginctl: dead switch statement 2024-03-13 08:51:29 +01:00
Franco Fichtner
6fe993d187 ui: add a grid-reload helper to SimpleActionButton for #6983 2024-03-13 08:51:29 +01:00
Franco Fichtner
a87a82f2f4 ui: add a 'statusled' formatter to bootgrid for #6983 
Let it just encode the colors given.  For now these are service colors
but they could be any colors, especially the bootstrap encoded ones
through the -sucess, etc. macros although for other themes this could
get a bit wild...
 2024-03-13 08:51:29 +01:00
Ad Schellevis
022ab7ad75 System: Settings: Administration - possible issue when syslog container doesn't exist in the config. closes https://github.com/opnsense/core/issues/7323 2024-03-13 08:45:47 +01:00
Ad Schellevis
661e55de99 System: Trust: Revocation - work in progress for https://github.com/opnsense/core/issues/7248 2024-03-12 21:24:07 +01:00
Ad Schellevis
4dccc49525 System: Trust: Revocation - work in progress for https://github.com/opnsense/core/issues/7248 
* fix self (not being $self)
* add serial and lifetime fields
 2024-03-12 21:00:19 +01:00
Ad Schellevis
d3f661a74c System: Trust: Revocation - work in progress for https://github.com/opnsense/core/issues/7248 
* add CRL validation when importing an existing
* hook phpseclib3 into initialize()
 2024-03-12 20:46:38 +01:00
Franco Fichtner
0b4c0bcb2f mvc: style sweep/magic number avoidance 2024-03-12 20:28:34 +01:00