lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-13 08:09:41 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,477 Commits 1 Branch 0 Tags
Commit Graph

17477 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Franco Fichtner
b2d26c16b5 LICENSE: sync 2024-10-23 09:57:14 +02:00
Franco Fichtner
4219e86305 reporting: squelch a RRD warning 2024-10-23 09:32:50 +02:00
Franco Fichtner
bc2c878ec9 firmware: better naming for firmware crls; closes #7995 2024-10-22 14:30:44 +02:00
Franco Fichtner
30b8bfedbf firmware: for CRL verify to work need to explicitly set trust store 2024-10-22 13:14:48 +02:00
Franco Fichtner
c1d8bf6277 firmware: add a newline to CRLs just in case 2024-10-22 13:13:51 +02:00
Franco Fichtner
100c4870f4 system: fix hashval from capture 2024-10-22 12:56:34 +02:00
Ad Schellevis
316dd33855 MVC: add missing requests->hasQuery(), required for OPNcentral 2024-10-22 12:18:01 +02:00
Ad Schellevis
6cad352ca8 MVC: add missing requests->getScheme(), required for OPNcentral 2024-10-22 12:11:52 +02:00
Franco Fichtner
387e75b4a5 src: style sweep and plist 2024-10-22 12:08:26 +02:00
Ad Schellevis
dc25dbc5fb MVC - add missing request->getURI() 2024-10-22 11:53:25 +02:00
Ad Schellevis
aa8fe94ce0 Services: Unbound DNS: Overrides - move domain overrides to Query Forwarding, closes https://github.com/opnsense/core/issues/7243 2024-10-22 11:23:36 +02:00
Ad Schellevis
e33c4ab513 Services: Unbound DNS: Query Forwarding - add forward_tcp_upstream optioni and a description field, these are requirements for https://github.com/opnsense/core/issues/7243 2024-10-22 11:13:01 +02:00
Ad Schellevis
d9a22ba8d9 Services: Unbound DNS: Overrides - allow rfc2181 compatible names in host overrides. closes https://github.com/opnsense/core/issues/7976 2024-10-22 09:30:44 +02:00
Franco Fichtner
a5504ee744 firmware: missing HOSTS too #7995 2024-10-22 09:15:38 +02:00
Franco Fichtner
ddd78295b5 firmware: typo in previous #7995 2024-10-22 09:13:49 +02:00
Franco Fichtner
b7e7df8a1b firmware: use the trust store for CRL verification #7995 2024-10-22 09:10:12 +02:00
Franco Fichtner
3b09bc73f8 system: sync certctl to FreeBSD 14.1 base code 2024-10-22 08:27:10 +02:00
Franco Fichtner
8e41be2ebe src: styke sweep 2024-10-21 19:46:49 +02:00
Monviech
3a7cd41868
vpn: ipsec: Add swanctl.conf download button to settings.volt view (#7972) 
* vpn: ipsec: Add swanctl.conf download button to settings.volt view. Bootstrap dialogue warns user about sensitive file contents. Error scenarios like missing file or API errors are handled gracefully with error messages.

* Update src/opnsense/mvc/app/views/OPNsense/IPsec/settings.volt

Co-authored-by: Franco Fichtner <franco@lastsummer.de>

* vpn: ipsec: make plist-fix

---------

Co-authored-by: Franco Fichtner <franco@lastsummer.de>
 2024-10-21 14:55:41 +02:00
Franco Fichtner
786bc2cf05 firmware: improve the health check a bit 
Allow for an extra argument as sometimes we just want one
component.  There's no way to access this easily but it makes
sense for testing.

Squelch the CRL warnings in the rquery as we want to parse
it correctly anyway intead of reading error messages.

Add version annotation to core check.
 2024-10-21 12:11:04 +02:00
Franco Fichtner
50a6cc86ba firmware: guard rm with -f to avoid spurious errors 2024-10-21 12:11:04 +02:00
Ad Schellevis
e78e243919 system: CRL/cert subject hash mismatch in certctl.py, closes https://github.com/opnsense/core/issues/7993 
Since pyOpenSSL doesn't support generating hashses for CRL's, we calculated one with the functions available in the libraries.
Unfortunately X509Name doesn't seem to support duplicate attributes, causing mismatches on our end.

This commit replaces the previous logic with a direct call to openssl, although it's slower, it will deliver the expected outcome.
 2024-10-21 11:52:17 +02:00
Franco Fichtner
3d34e7e54e firmware: restart cron on updates 
Specifically to deal with new RRD situation but it looks like an
old oversight not to reload here anyway.
 2024-10-21 09:50:52 +02:00
Ad Schellevis
ab0fc39a40 interfaces - parse part of sfp module information in legacy_interfaces_details(), adds 'module temperature' and 'lane X' information as well. 
`ifconfig` passes the information from `sfp.c` [1], which is has a fixed structure we can parse on our end.

[1] 6fbe7e4dd1/sbin/ifconfig/sfp.c (L75-L76)
 2024-10-20 17:29:32 +02:00
Ad Schellevis
cca972c05b interfaces - parse part of sfp module information in legacy_interfaces_details(), closes https://github.com/opnsense/core/pull/7986 
`ifconfig` passes the information from `sfp.c` [1], which is has a fixed structure we can parse on our end.

[1] 6fbe7e4dd1/sbin/ifconfig/sfp.c (L75-L76)
 2024-10-19 10:02:01 +02:00
Stephan de Wit
77036e161c firewall: cleanup previous 2024-10-18 15:49:51 +02:00
Stephan de Wit
c6a828f46e firewall: embed event count into throttled live log (https://github.com/opnsense/core/issues/7975) 2024-10-18 15:37:12 +02:00
Stephan de Wit
2e50dc12de firewall: throttle live logging (https://github.com/opnsense/core/issues/7975) 2024-10-18 10:43:18 +02:00
Franco Fichtner
a05e1c32fe src: style sweep 2024-10-18 09:35:39 +02:00
Ad Schellevis
8e234dc241 library / Firewall\Util::isIPInCIDR extend sanity checks, closes https://github.com/opnsense/core/pull/7978 
The existing sanity checks only prevented a non-ip address from being accepted, but ignored the fact a netmaskt might either be faulty or of a different ip familily.
This commit extends the test to the cidr part and ip family.
 2024-10-18 08:57:04 +02:00
Ad Schellevis
70df0a15f7 firmware: fix timeout in update-crl-fetch.py 2024-10-17 20:05:13 +02:00
Ad Schellevis
372c9c9806 firmware: move debug exception messages to regular message flow for clarity (https://forum.opnsense.org/index.php?topic=43474) 2024-10-17 19:43:18 +02:00
Franco Fichtner
b72c6087a6 system: untrusted directory changed in FreeBSD 14 2024-10-16 14:48:10 +02:00
Franco Fichtner
26089150d8 firmware: make a permanent note about GUI snapshot feature 2024-10-16 11:12:02 +02:00
Franco Fichtner
c5f02d2a86 system: style update 2024-10-16 09:04:09 +02:00
Ad Schellevis
07985a3db3 Config - fix file open mode in overwrite(), to prevent trying to open a lock on a boolean. 
This is a bit of an edge case, but when someone removes /conf/config.xml and backups exists, we can not construct a config object anymore.
 2024-10-15 15:26:25 +02:00
Franco Fichtner
7eb9e3f541 system: style 2024-10-15 12:09:16 +02:00
Franco Fichtner
986b58d108 system: fix syntax for sshd rekey 2024-10-15 12:05:41 +02:00
Monviech
77cd7a8133 Base: Cleanup this->sessionClose 2024-10-15 10:32:59 +02:00
Monviech
a71f226b44 Base: Cleanup this->sessionClose 2024-10-15 10:32:59 +02:00
Monviech
5165ac625b Unbound: Cleanup this->sessionClose 2024-10-15 10:32:59 +02:00
Monviech
e81fe6f604 Unbound: Cleanup this->sessionClose 2024-10-15 10:32:59 +02:00
Monviech
b2cee80ada Interfaces: Cleanup this->sessionClose 2024-10-15 10:32:59 +02:00
Monviech
47eb71fa54 Firewall: Cleanup this->sessionClose 2024-10-15 10:32:59 +02:00
Monviech
3d0f228509 Firewall: Cleanup this->sessionClose 2024-10-15 10:32:59 +02:00
Monviech
be66f982ce Firewall: Cleanup this->sessionClose 2024-10-15 10:32:59 +02:00
Monviech
ba1c7530d3 DHCPv6: Cleanup this->sessionClose 2024-10-15 10:32:59 +02:00
Monviech
9041ce55e5 Routes: Cleanup this->sessionClose 2024-10-15 10:32:59 +02:00
Monviech
fe8e77379c Syslog: Cleanup this->sessionClose 2024-10-15 10:32:59 +02:00
Monviech
55880b7920 DHCRelay: Cleanup this->sessionClose 2024-10-15 10:32:59 +02:00