lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-15 09:04:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
8,988 Commits 1 Branch 0 Tags
Commit Graph

3026 Commits

Author SHA1 Message Date
Justin Coffman
246bd932c6 Further KU/EKU fixes. (#2465) 
The matching KUs for EKU "TLS Web Server Authentication" are Digital Signature AND
(Key Encipherment OR Key Agreement). Added for compatibility with externally-generated
certificates.
 2018-06-19 08:08:03 +02:00
Franco Fichtner
18422bd9fc system: tweak previous 2018-06-19 06:06:01 +00:00
Franco Fichtner
79bf33a1ca system: better dhparam support including RFC 7919 2018-06-19 07:51:29 +02:00
Franco Fichtner
6c6b3e107e webgui: load mod_setenv for new config parameter 2018-06-18 07:34:04 +02:00
Franco Fichtner
3a518cf680 src: style sweep et al 2018-06-17 18:45:51 +00:00
Franco Fichtner
e64f0d0b51 firmware: test for sample file, not target 
PR: https://github.com/opnsense/update/issues/35
 2018-06-17 18:20:30 +00:00
Franco Fichtner
1f522b2ed6 system: prepare origin.conf -> OPNsense.conf move 
PR: https://github.com/opnsense/update/issues/35
 2018-06-16 18:34:40 +02:00
Ad Schellevis
eaa5428591 and reformat 2018-06-15 09:21:36 +02:00
Ad Schellevis
680b13f10e fix previous 2018-06-15 09:14:19 +02:00
Justin Coffman
ec9b710b68 Confirm KU/EKU for server certs (#2463) 2018-06-15 08:27:45 +02:00
Franco Fichtner
c3dc31a793 rc: log gateway down for dpinger earlier 2018-06-14 20:43:03 +02:00
Ad Schellevis
85f98d121d oops, switched client/server, in https://github.com/opnsense/core/issues/2459 2018-06-14 20:16:41 +02:00
Franco Fichtner
6c2432a4c7 system: make gateway alarm a bit more prominent 2018-06-14 12:56:28 +02:00
Franco Fichtner
4fe4d8aab5 rc: redirect dpinger alarm message to gateway log 2018-06-14 09:41:48 +02:00
Franco Fichtner
12dae7ec64 rc: better rrd backup, avoids writing empty files 2018-06-13 17:59:49 +00:00
Ad Schellevis
cf82c4092b drop nsCertType lookup in cert_get_purpose() and replace with check for "TLS Web Client Authentication" on extendedKeyUsage, for https://github.com/opnsense/core/issues/2459 2018-06-13 18:39:24 +02:00
Franco Fichtner
9f407a85d3 rc: rrd backup script fix closes #2462 2018-06-13 15:46:12 +00:00
Franco Fichtner
192f137cf9 rc: RRD XML export formerly known as 58c923b7 #2462 2018-06-13 17:40:37 +02:00
Franco Fichtner
dd1376df62 system: this is way cooler for console 2018-06-13 15:58:19 +02:00
Franco Fichtner
aa3523263d rc: improve netflow backup, closes #2461 2018-06-13 15:39:12 +02:00
Franco Fichtner
f59f778f05 rc: clarify that installer is for installing when SSH is off 
It's only an issue with config imports in live mode.  Not sure
why this wasn't shared text before.
 2018-06-13 13:20:06 +02:00
Franco Fichtner
00429edb99 system: use non-sample DH files if users request it 2018-06-12 18:19:51 +02:00
Franco Fichtner
baf292e91a interfaces: reconfigure radvd on PPPoE change #2394 2018-06-12 08:39:54 +02:00
Franco Fichtner
cf91b51633 rc: migrate files to new rc.syshook layout 2018-06-11 05:24:41 +00:00
Franco Fichtner
bd691df008 rc: rc.syshook ordering issue old vs. new layout 
Migrate all scripts in order to not break sorting.
 2018-06-11 05:18:25 +00:00
Franco Fichtner
5dd6901b2b rc: sprinkle more exec, better rc.syshook usage in shutdown 2018-06-11 00:03:43 +02:00
Franco Fichtner
a738f9f7ee rc: expire was weird... 
We modified $index and $count but that is not what helps
iterate over all accounts.  Furthermore, if accounts are
disabled, not only write the config but also let the system
know that accounts need to be disabled...  ;)
 2018-06-11 00:01:57 +02:00
Franco Fichtner
fab3238a16 rc: move cron jobs as well 2018-06-10 23:39:10 +02:00
Franco Fichtner
185d8fab90 rc: do not leak banner.php script location 2018-06-10 20:00:23 +00:00
Franco Fichtner
177ca71909 system: move carp to rc.syshook 
Cut out the middleman that is rc.carp and allow fully
plugabble calls to rc.syshook carp instead...

Make the "return" statements actual errors, and change
the level for the devd script to 101 to align with the
other custom hooks that we use.

CC: @adschellevis
 2018-06-10 19:44:17 +00:00
Franco Fichtner
43966ce7b7 rc: pluggable backup via rc.syshook 
To achieve this pass additional arguments and also parse
a subdirectory to find the appropriate scripts.  Eventually
it should make exclusive use of the directories.
 2018-06-10 19:08:05 +00:00
Franco Fichtner
86d9bbb267 rc: typo in previous 2018-06-07 11:56:09 +02:00
Franco Fichtner
0008970cdc rc: merge carp scripts 2018-06-07 09:54:23 +00:00
Franco Fichtner
4e7b97cc39 rc: small carp audit, we should merge both scripts and use $type in devd 2018-06-07 11:30:39 +02:00
Franco Fichtner
5a388966dc openvpn: audit creation process #2440 2018-06-07 08:38:01 +00:00
Franco Fichtner
4e1cddf3bb openvpn: why not delete the interface? #2450 2018-06-06 22:16:03 +02:00
Franco Fichtner
d8ba407978 system: rework this again #2443 2018-06-05 14:37:07 +02:00
Franco Fichtner
38a6867085 system: fix for % usage in exec_safe/mwexecf #2443 2018-06-05 14:31:06 +02:00
Franco Fichtner
35f8d6e4ca system: rework slightly, do not use SSH keys on "locked" users 2018-06-03 17:46:35 +02:00
Franco Fichtner
0c287f3ba8 system: regenerate DH parameters 2018-06-03 10:22:56 +02:00
Franco Fichtner
ded0fee3f4 system: mention need to unlock a locked root account 
When all actions are privilege-separated we can probably strip
this part again.
 2018-06-02 16:58:44 +02:00
Franco Fichtner
0124f1024e system: weekly/monthly settings for DH parameters #2431 
Also allow custom schedule.  Not sure if we should have a manual run
or delete.  Best way would be to use a file creation time magic between
our sample and maybe user file.
 2018-06-02 12:18:27 +00:00
Franco Fichtner
118bedc5df system: disable root, but do not lock it; closes #2246 
Set password to unreachable "*" instead.  Our auth framework
already checks for disabled elsewhere.

While here inline two functions that are not used anywhere else.
 2018-06-02 11:24:58 +00:00
Franco Fichtner
ac1e8f17af system: move autocron item to plugin spots, loosely #2431 2018-06-01 17:06:01 +00:00
Franco Fichtner
d840e9acad system: samplify dh-parameter files #2431 2018-06-01 16:58:34 +02:00
Franco Fichtner
aea5021912 system: style in gateway code 2018-05-30 07:32:39 +02:00
Ad Schellevis
0b6a41dc38 fix typo 2018-05-29 19:19:56 +02:00
Franco Fichtner
ef426e436e system: use uppercase gateway names for compat #2419 2018-05-29 17:03:45 +00:00
Ad Schellevis
4e0ce9b193 webgui, opt-in for htst, for https://github.com/opnsense/core/issues/1722 2018-05-27 20:01:40 +02:00
Franco Fichtner
64c4a1fa19 openvpn: fix for fix #2422 2018-05-27 11:08:05 +00:00