lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-18 18:44:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
16,566 Commits 1 Branch 0 Tags
Commit Graph

16566 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stephan de Wit
d27eb4261c webui: fix previous 
configuration requires forward slashes here
 2024-03-22 10:25:20 +01:00
Ad Schellevis
f25e1214dc webui - In order to allow streaming to the client, we like to prevent Lighttpd buffering our responses. This commit is a proposal to only enable streaming responses on api endpoints, as we do need to wait for the script to exit anyway. In theory we could do the same for /ui, but that's less important at the moment. 
Documented in https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_stream-response-bodyDetails
 2024-03-21 14:42:29 +01:00
Ad Schellevis
ff1991cdee Interfaces - change help text to reflect reality. closes https://github.com/opnsense/core/issues/7339 
For dhcp type interfaces, gateways are being pushed by the server and we automatically assume these are "external". For static ones you can configure similar behavior, but only explicit. When selecting a gateway, both reply-to and source nat rules are affected.
When nothing is chosen (now default, earlier "auto-detect"), normal routing rules apply and nothing special happens.
 2024-03-21 14:09:12 +01:00
Stephan de Wit
fd35aee95d dashboard: use 'super' for clarity, also minor cleanup 2024-03-20 16:11:55 +01:00
Ad Schellevis
fb2a9b8391 Service: IDS - query all fields for searchBase actions (implemented by 2d45b78f74) 
sample for for https://github.com/opnsense/core/issues/7094
 2024-03-20 15:10:46 +01:00
Ad Schellevis
1d03941718 Firewall: Categories / cleanup search action. 
* remove searchNoCategoryItemAction() introduced in c7d2488034
* use new "return all fields" introduced in 2d45b78f74
 2024-03-20 14:56:02 +01:00
Ad Schellevis
2d45b78f74 mvc/controller - extend searchBase() to return all fields when no list is provided, for https://github.com/opnsense/core/issues/7094 2024-03-20 14:32:24 +01:00
Stephan de Wit
3b138c3dad dashboard: async call should be awaited, make sure observer can trigger on content load 2024-03-20 13:56:10 +01:00
Franco Fichtner
ea90af0434 src: style sweep 2024-03-20 11:50:07 +01:00
Franco Fichtner
92bd601a7b make: remove the sourceMapping awareness 
It's been a couple of years and Chrome should behave now.
 2024-03-20 11:46:21 +01:00
Stephan de Wit
419fec650f
Dashboard: boilerplate for new widgets (#7328) 2024-03-20 11:44:07 +01:00
Ad Schellevis
16a6dcbd4c System/Trust/Certificates - oops, there is no toggle on certs... 2024-03-20 10:46:02 +01:00
Ad Schellevis
7fa69acbdc undo diag.log change in 3210c15676 2024-03-20 10:00:19 +01:00
Ad Schellevis
3210c15676 System: Trust: Authorities - call system_trust_configure() via configd on authority changes and fix a regression linking authorities to their parent and certificates (https://github.com/opnsense/core/issues/7248) 2024-03-19 13:53:38 +01:00
Ad Schellevis
dce0617c89 System: Access: Users - prevent empty user <user/> item to crash bootup. Although this shouldn't happen, it's pretty annoying when you're not able to login and fix anything when these invalid entries exist. 2024-03-18 15:30:04 +01:00
Franco Fichtner
6de05e0437 mvc: fix lang= hint in HTML; closes #7336 2024-03-18 11:29:35 +01:00
Franco Fichtner
df5680b123 system: remove get_current_theme() and align code for safety related to #7336 
This was more work than expected. -.-  Fortunately this is all just
legacy cruft.
 2024-03-18 10:25:02 +01:00
Franco Fichtner
16085a24c9 src: first half of #7336 
We need to adjust get_current_lang() as it also depends on the
currently logged in user if found.
 2024-03-18 09:01:31 +01:00
Franco Fichtner
cd5cfc95c0 src: style sweep 2024-03-18 08:08:29 +01:00
Ad Schellevis
fc6aae60a2 Services: Kea DHCP: Kea DHCPv4 / Subnets - add the following client options: 
* [119] domain-search
* [4] time-servers
* [33] static-routes

cc @mimugmail (42 = ntp, which is already there)
 2024-03-17 17:31:57 +01:00
Ad Schellevis
27c66f665f plist 2024-03-17 13:37:34 +01:00
Ad Schellevis
bc2ca23c93 VPN: WireGuard: Peers - add instances column and move backreference logic to model using the volatile switch recently introduced for the Trust section. closes https://github.com/opnsense/core/issues/7221 2024-03-17 13:36:26 +01:00
Ad Schellevis
8faa33eeba Firewall: Diagnostics: Statistics - fix incorrect packet counters, closes https://github.com/opnsense/core/issues/7332 2024-03-16 20:00:02 +01:00
Ad Schellevis
15e477393f VPN: WireGuard: Status - show proper name when public keys overlap between instances. closes https://github.com/opnsense/core/issues/7265 
With this commit, each peer is identified by its interface name and its public key
 2024-03-16 09:42:29 +01:00
Ad Schellevis
8071c278e1 ApiControllerBase - fix ' rewind(): Stream does not support seeking (errno=2)' for configd socket. Since we start reading from the start, a rewind wouldn't do much anywy, it's only a bit strange this didn't crash earlier on stable. 2024-03-15 18:51:44 +01:00
Ad Schellevis
e172d9222d Trust - move ocsp_validate() from legacy certs.inc to Trust class and refactor its currently single user (openvpn). 2024-03-15 18:41:36 +01:00
Franco Fichtner
53e5a4f7d7 src: style sweep and plist fix 2024-03-14 20:32:36 +01:00
Ad Schellevis
cddd11ceb1 System: Trust: - cleanup legacy files and functions, closes https://github.com/opnsense/core/issues/7248 
move functions that are only used in a single spot in core to that spot for clarity, certs.inc remaining functions are now:

function &lookup_ca($refid)
function &lookup_ca_by_subject($subject)
function &lookup_cert($refid)
function &lookup_crl($refid)
function ca_chain_array(&$cert)
function ca_chain(&$cert)
function cert_import(&$cert, $crt_str, $key_str)
function certs_build_name($dn)
function cert_get_subject($str_crt, $decode = true)
function cert_get_subject_array($crt)
function cert_get_issuer($str_crt, $decode = true)
function cert_get_modulus($str_crt, $decode = true, $type = 'crt')
function cert_get_purpose($str_crt, $decode = true)
function cert_get_serial($str_crt, $decode = true)
function cert_in_use($certref)
function cert_compare($cert1, $cert2)
function is_cert_revoked($cert, $crlref = "")
function ocsp_validate($ca_filename, $serial)

some of it used in plugins, mostly AcmeClient which may inherit the functions at some point when core doesn't need them anymore.
 2024-03-14 19:11:28 +01:00
Ad Schellevis
62b639fced System: Trust: Certificates - work in progress for https://github.com/opnsense/core/issues/7248 2024-03-14 18:16:55 +01:00
Ad Schellevis
298fe4d306 System: Trust: Certificates - work in progress for https://github.com/opnsense/core/issues/7248 
Add option to only sign a certificate using the same logic already available.
 2024-03-14 16:25:38 +01:00
Franco Fichtner
cf569e81eb mvc: style sweep 2024-03-14 15:01:17 +01:00
Ad Schellevis
f89117c243 System: Trust: Revocation - work in progress for https://github.com/opnsense/core/issues/7248 
add crl download button, might not be frequently used, but can be offered using existing api calls anyway.
 2024-03-14 14:34:14 +01:00
Ad Schellevis
87c1d69bdb System: Trust: Revocation - work in progress for https://github.com/opnsense/core/issues/7248 
add ocsp index.txt sample download to align with documentation (https://docs.opnsense.org/manual/certificates.html)
 2024-03-14 14:27:37 +01:00
Ad Schellevis
0591ff28a6 System: Trust: Revocation - work in progress for https://github.com/opnsense/core/issues/7248 
move download_content() to opnsense.js for easier re-use.
 2024-03-14 14:27:37 +01:00
Franco Fichtner
d48dd6f9a3 dhcrelay: fine-tune service presentation and handling 2024-03-14 13:25:38 +01:00
Franco Fichtner
8b87c8caba dhcrelay: 'inet' unused now #6983 2024-03-14 13:03:51 +01:00
Franco Fichtner
0eb267f048 dhcrelay: patch the last spot for rule generation #6983 2024-03-14 13:00:13 +01:00
Franco Fichtner
e1b313852a dhcrelay: provide backend IPv6 support #6983 
One complication here is that dhcrelay6 requires an interface
given to the server IP address which we do by simply looking
up the route to it.  I'm a bit pessimistic here aboutr link-local
usage which would require a user to input the interface which
very likely ends up in flames for more than one reason:

1. device names need to be used (at least from a technical POV)
2. the device names may contain "." which breaks our IP family detect
3. no no no

As a side note the agent option was not handled in IPv6 previously.
 2024-03-14 11:12:13 +01:00
Franco Fichtner
b0087d5606 dhcrelay: switch ordering of bootgrids 
While the main operation are the interfaces we can't add them before we have
a destination set up.  So by reordering we are hinting at this work flow and
the destination table should always be a bit shorter anyway.
 2024-03-14 08:06:08 +01:00
Franco Fichtner
2a3e0a782b mvc: style sweep 2024-03-13 21:43:30 +01:00
Ad Schellevis
288dd9cb7f System: Trust: Revocation - work in progress for https://github.com/opnsense/core/issues/7248 
* register menu item and acl
 2024-03-13 21:05:35 +01:00
Ad Schellevis
bed2e66cf0 System: Trust: Revocation - work in progress for https://github.com/opnsense/core/issues/7248 
* add raw dump button
* generate CRL and store text
* remove add/del footer buttons
 2024-03-13 21:01:33 +01:00
Franco Fichtner
ad5fed3c4d dhcrelay: migrate IPv6 data, consolidation cleanups #6983 
Menu, ACL and XMLRPC wer consolidated into the IPv4 flag.  IPv6 is
no longer functional and operates from the shared reimplementation
now.  Syslog doesn't work on OpenBSD dhcrelay especially since we
start it with -d so it tries to spam to stderr which is ignored by
daemon -f to background it properly with a pid file (it's a long
story, don't ask).
 2024-03-13 18:00:31 +01:00
Franco Fichtner
53a95b0190 dhcrelay: split out plugin file, move some more around #6983 2024-03-13 16:56:44 +01:00
Franco Fichtner
0256a2754f dhcrelay: add bootgrid headers as requested by @adschellevis #6983 2024-03-13 15:59:35 +01:00
Franco Fichtner
972f6ce347 dhcrelay: dial this back for consistency #6983 2024-03-13 15:37:08 +01:00
Franco Fichtner
b09e5c3d22 dhcrelay: validate unqiue per address family for each interface #6983 2024-03-13 15:20:40 +01:00
Franco Fichtner
52e0dd48fa dhcrelay: custom validation to make ip4/ivp6 in the same model possible #6983 
This can live in NetworkField in the future, but no reason not to test
drive this sooner.
 2024-03-13 13:49:46 +01:00
Franco Fichtner
666222651c dhcrelay: minor adjustments due to discussion #6983 2024-03-13 12:59:52 +01:00
Franco Fichtner
b6352ce80d system: meh, typo 2024-03-13 09:17:48 +01:00