This initial commit focusses on structuring the event flow around user and client registration, moving events to our new ovpn_event.py handler.
By supporting both deferred and direct authentication in user_pass_verify.php, we should be able to start with a cleanup patch for OpenVPN 2.5.x and work our way up to
a smaller fix for 2.6.x.
In preperation for 2.6, this commit also moves --cipher to --data-ciphers-fallback as suggested by the warning "DEPRECATED OPTION: --cipher set to '' but missing in --data-ciphers". Rename the option in the gui while there and add a note in the help text.
Reported for DHCP in #5493 consider that all connectivity modes
that create a router file to be eligable for this only. VIPs
do overcomplicate this but that is also where the gateway has
to be explicit instead of being provided at a later time, which
makes the validations fail which is why we end up here.
Also move the current route check to avoid some work. The check
is not 100% when flipping the far behaviour but doing less work
and keeping the current behaviour is fine.
No need to register callbacks when stats are not enabled and no need to use
a circular buffer on the logger side since we don't need to append left. This avoids
the need for converting it to a list.
Add log-servfail to identify why queries return SERVFAIL to clients, log-local-actions to debug local zone actions when enabled and val-log-level to log validation failures.
'proto' was set on to be deleted VLANs preventing them to be
deleted and also causing the new VLAN not to gain the proper
settings. Likely needs a reboot on systems where this bad
state was reached since the system will not delete stray VLAN
devices it does not know about anymore/failed to delete before.
PR: https://forum.opnsense.org/index.php?topic=32225.0
There is no point in adding control flow to callers that lead
to the same result in edge cases anyway.
Some parts of the code seem to be abusing ip_in_subnet() but
we can just return false in that case as the IP is not in the
empty subnet.
- Fixes the recently added tooltips to only trigger on hover
- Makes sure the "command" button on both the overview and details pages are direct reflections of the current state of a domain. Automatically updates the icons on a switch
This fixes subdomains potentially tagging along from a switch of white/blocklist to its counterpart. e.g.: if both an.facebook.com and facebook.com are on the whitelist, switching facebook.com to the blocklists would also move an.facebook.com.
