lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-15 09:04:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
9,093 Commits 1 Branch 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Robin Schneider d1e90d3cee Print SSH and X.509 fingerprints in console banner without need to login (#2481) 
Example output:

```
$ /usr/local/etc/rc.initial.banner

*** test-fw.localdomain: OPNsense 18.1.10 (amd64/OpenSSL) ***

 WAN (vtnet0)    -> v4/DHCP4: 172.30.23.2/24

 SSH: 256 SHA256:fcMIAgT/vZR/TWP0j8AFROTNnudkU1tP9sRhbsIa8vM (ECDSA)
 SSH: 256 SHA256:lDenOc5wy2WU0e6sSz2hR9nEFnMqx5c3u1F/pHxgJlY (ED25519)
 SSH: 2048 SHA256:dsw9srlQHL0hPJlEdR9rL769N30BTZgXG9gXbdZGOkU (RSA)
 HTTPS X.509 cert: SHA256 Fingerprint=F0:E6:EB:31:E8:87:AF:52:16:4E:84:05:3B:6C:03:2C:C1:DF:5A:E7:36:F4:32:44:3B:B5:57:63:97:45:C3:77
```

The list of fingerprints is appended after the interface list because
the interface list might be pretty long and thus would move the
fingerprints out of the screen which we don’t want.

Previously (#2427) I suggested to extract the X.509 certificate from the
xml config but the difficult part for me who is not so familiar with the
implementation of OPNsense is to find the certificate which is actually
used by the local web server. I found that `/var/etc/cert.pem` is used
in the configuration of the local web server and assume that this is the
easier way to implement this in the expectation that the file name does
not change without being also changed in this script and that the file
exists. If it does not exist, OpenSSL would complain with a useful error
message.

This commit is one piece to make fully trusted bootstrapping easier.
Related to: https://github.com/opnsense/core/issues/2427
Tested on: OPNsense 18.1.10-amd64
2018-07-06 21:55:15 +02:00
contrib
widget: fix another typo reported via translation project
2018-06-20 12:54:38 +02:00
Keywords
Keywords: do not hint at deleting files needed
2018-06-11 08:41:00 +02:00
Mk
man: allow to enroll and install man pages
2018-05-19 15:57:16 +02:00
Scripts
LICENSE: small fix on script, man pages are different
2018-05-19 17:32:01 +02:00
src
Print SSH and X.509 fingerprints in console banner without need to login (#2481)
2018-07-06 21:55:15 +02:00
work
make: improve previous and add `upgrade' target while at it
2016-03-12 09:26:20 +01:00
.editorconfig
accidentally removed .editorconfig
2017-07-30 15:14:59 +02:00
.gitignore
rc: add changelog fetch script for #341
2016-11-10 20:27:22 +01:00
+POST_INSTALL
rc: sprinkle more exec, better rc.syshook usage in shutdown
2018-06-11 00:03:43 +02:00
+PRE_DEINSTALL
rc: rc.initital is now opnsense-shell
2018-05-19 15:23:36 +02:00
CONTRIBUTING.md
CONTRIBUTING: small update
2017-09-21 09:36:18 +02:00
LICENSE
LICENSE: sync
2018-05-18 17:02:11 +02:00
Makefile
make: simplify MFC run
2018-07-04 17:24:01 +02:00
plist
pkg: fix plist
2018-07-06 21:33:50 +02:00
README.md
make: preliminary `collect' target
2018-02-28 19:57:00 +00:00
ruleset.xml
make: enable new sniff for codesniffer
2017-12-27 11:56:00 +00:00

README.md

OPNsense GUI and system management

The OPNsense project invites developers to start contributing to the code base. For your own purpose or even better to join us in creating the best open source firewall available.

The build process has been designed to make it easy for anyone to build and write code. The main outline of the new codebase is available at:

https://docs.opnsense.org/development/architecture.html

Our aim is to gradually evolve to a new codebase instead of using a big bang approach into something new.

Build tools

To create working software like OPNsense you need the sources and the tools to build it. The build tools for OPNsense are freely available.

Notes on how to build OPNsense can be found in the tools repository:

https://github.com/opnsense/tools

Contribute

You can contribute to the project in many ways, e.g. testing functionality, sending in bug reports or creating pull requests directly via GitHub. Any help is always very welcome!

License

OPNsense is and will always be available under the 2-Clause BSD license:

http://opensource.org/licenses/BSD-2-Clause

Every contribution made to the project must be licensed under the same conditions in order to keep OPNsense truly free and accessible for everybody.

Makefile targets

The repository offers a couple of targets that either tie into tools.git build processes or are aimed at fast development.

make package

A package of the current state of the repository can be created using this target. It may require several packages to be installed. The target will try to assist in case of failure, e.g. when a missing file needs to be fetched from an external location.

Several OPTIONS exist to customise the package, e.g.:

  • CORE_DEPENDS: a list of required dependencies for the package
  • CORE_DEPENDS_ARCH: a list of special -required packages
  • CORE_ORIGIN: sets a FreeBSD compatible package/ports origin
  • FLAVOUR: can be set to "OpenSSL" (default) or "LibreSSL"
  • CORE_COMMENT: a short description of the package
  • CORE_MAINTAINER: email of the package maintainer
  • CORE_WWW: web url of the package
  • CORE_NAME: sets a package name

Options are passed in the following form:

# make package CORE_NAME=my_new_name

make update

Update will pull the latest commits from the current branch from the upstream repository.

make upgrade

Upgrade will run the package build and replace the currently installed package in the system.

make collect

Fetch changes from the running system for all known files.

make lint

Run serveral syntax checks on the repository. This is recommended before issuing a pull request on GitHub.

make style

Run the CodeSniffer PSR2 style checks on the MVC code base.

make sweep

Run Linux Kernel cleanfile witespace sanitiser on all files.

Description
No description provided
Readme BSD-2-Clause 88 MiB
Languages
PHP 60.2%
Volt 11.3%
Python 9%
JavaScript 7%
SCSS 5.1%
Other 7.2%