diff options
-rwxr-xr-x | config/arpwatch_reports.php | 3 | ||||
-rw-r--r-- | config/openbgpd/openbgpd.inc | 9 | ||||
-rw-r--r-- | config/openbgpd/openbgpd_status.php | 12 | ||||
-rwxr-xr-x | config/openvpn-client-export/openvpn-client-export.inc | 54 | ||||
-rwxr-xr-x | config/openvpn-client-export/vpn_openvpn_export.php | 2 | ||||
-rw-r--r-- | config/quagga_ospfd/status_ospfd.php | 10 | ||||
-rw-r--r-- | config/squid-reverse/squid_reverse.inc | 2 | ||||
-rw-r--r-- | config/syslog-ng/syslog-ng.inc | 10 | ||||
-rw-r--r-- | config/syslog-ng/syslog-ng_advanced.xml | 1 | ||||
-rw-r--r-- | pkg_config.8.xml | 2 | ||||
-rw-r--r-- | pkg_config.8.xml.amd64 | 2 |
11 files changed, 62 insertions, 45 deletions
diff --git a/config/arpwatch_reports.php b/config/arpwatch_reports.php index d66b1a46..c2b4401e 100755 --- a/config/arpwatch_reports.php +++ b/config/arpwatch_reports.php @@ -29,7 +29,8 @@ POSSIBILITY OF SUCH DAMAGE. */ -require("guiconfig.inc"); +require_once("guiconfig.inc"); +require_once("service-utils.inc"); $logfile = "/var/log/arp.dat"; diff --git a/config/openbgpd/openbgpd.inc b/config/openbgpd/openbgpd.inc index 573745be..eff2855b 100644 --- a/config/openbgpd/openbgpd.inc +++ b/config/openbgpd/openbgpd.inc @@ -34,6 +34,12 @@ require_once("service-utils.inc"); define('PKG_BGPD_CONFIG_BASE', '/var/etc/openbgpd'); +$pf_version=substr(trim(file_get_contents("/etc/version")),0,3); +if ($pf_version > 2.0) + define('PKG_BGPD_BIN', '/usr/pbi/openbgpd-' . php_uname("m") . '/sbin'); +else + define('PKG_BGPD_BIN','/usr/local/sbin'); + define('PKG_BGPD_LOGIN', "_bgpd"); define('PKG_BGPD_UID', "130"); define('PKG_BGPD_GROUP', "_bgpd"); @@ -51,6 +57,7 @@ function openbgpd_install_conf() { $pkg_gecos = PKG_BGPD_GECOS; $pkg_homedir = PKG_BGPD_HOMEDIR; $pkg_shell = PKG_BGPD_SHELL; + $pkg_bin = PKG_BGPD_BIN; conf_mount_rw(); @@ -193,7 +200,7 @@ chmod u+rw,go-rw {$bgpd_config_base}/bgpd.conf NUMBGPD=`ps auxw | grep -c '[b]gpd.*parent'` if [ \${NUMBGPD} -lt 1 ] ; then - /usr/local/sbin/bgpd -f {$bgpd_config_base}/bgpd.conf + {$pkg_bin}/bgpd -f {$bgpd_config_base}/bgpd.conf fi EOF; write_rcfile(array( diff --git a/config/openbgpd/openbgpd_status.php b/config/openbgpd/openbgpd_status.php index b493236f..3db2781a 100644 --- a/config/openbgpd/openbgpd_status.php +++ b/config/openbgpd/openbgpd_status.php @@ -59,15 +59,11 @@ function doCmdT($title, $command) { } fclose($fd); } else { - $execOutput = ""; - $execStatus = ""; - exec ($command . " 2>&1", $execOutput, $execStatus); - for ($i = 0; isset($execOutput[$i]); $i++) { - if ($i > 0) { - echo "\n"; - } - echo htmlspecialchars($execOutput[$i],ENT_NOQUOTES); + $fd = popen("{$command} 2>&1", "r"); + while (($line = fgets($fd)) !== FALSE) { + echo htmlspecialchars($line, ENT_NOQUOTES); } + pclose($fd); } echo "</pre></tr>\n"; echo "</table>\n"; diff --git a/config/openvpn-client-export/openvpn-client-export.inc b/config/openvpn-client-export/openvpn-client-export.inc index 1ab962da..710c5539 100755 --- a/config/openvpn-client-export/openvpn-client-export.inc +++ b/config/openvpn-client-export/openvpn-client-export.inc @@ -61,7 +61,7 @@ function openvpn_client_export_deinstall() { conf_mount_ro(); } -function openvpn_client_export_prefix($srvid, $usrid = null) { +function openvpn_client_export_prefix($srvid, $usrid = null, $crtid = null) { global $config; // lookup server settings @@ -75,12 +75,13 @@ function openvpn_client_export_prefix($srvid, $usrid = null) { $prot = ($settings['protocol'] == 'UDP' ? 'udp' : $settings['protocol']); $port = $settings['local_port']; - $username = ""; - //$config['openvpn']['openvpn-server']; + $filename_addition = ""; if ($usrid && is_numeric($usrid)) - $username = "-".$config['system']['user'][$usrid]['name']; + $filename_addition = "-".$config['system']['user'][$usrid]['name']; + if ($crtid && is_numeric($crtid) && function_exists("cert_get_cn")) + $filename_addition = "-".cert_get_cn($config['cert'][$crtid]['crt']); - return "{$host}-{$prot}-{$port}{$username}"; + return "{$host}-{$prot}-{$port}{$filename_addition}"; } function openvpn_client_pem_to_pk12($outpath, $outpass, $crtpath, $keypath, $capath = false) { @@ -116,13 +117,17 @@ function openvpn_client_export_validate_config($srvid, $usrid, $crtid) { // lookup server certificate info $server_cert = lookup_cert($settings['certref']); - $server_ca = lookup_ca($server_cert['caref']); - if (!$server_cert || !$server_ca) { - $input_errors[] = "Could not locate certificate."; - return false; - } - if (function_exists("cert_get_cn")) { - $servercn = cert_get_cn($server_cert['crt']); + if (!$server_cert) + { + $input_errors[] = "Could not locate server certificate."; + } else { + $server_ca = lookup_ca($server_cert['caref']); + if (!$server_ca) { + $input_errors[] = "Could not locate the CA reference for the server certificate."; + } + if (function_exists("cert_get_cn")) { + $servercn = cert_get_cn($server_cert['crt']); + } } // lookup user info @@ -130,7 +135,6 @@ function openvpn_client_export_validate_config($srvid, $usrid, $crtid) { $user = $config['system']['user'][$usrid]; if (!$user) { $input_errors[] = "Could not find user settings."; - return false; } } @@ -142,17 +146,23 @@ function openvpn_client_export_validate_config($srvid, $usrid, $crtid) { $cert = $config['cert'][$crtid]; } if (!$cert) - return false; - // If $cert is not an array, it's a certref not a cert. - if (!is_array($cert)) - $cert = lookup_cert($cert); + { + $input_errors[] = "Could not find client certificate."; + } else { + // If $cert is not an array, it's a certref not a cert. + if (!is_array($cert)) + $cert = lookup_cert($cert); + } } elseif (($settings['mode'] == "server_tls") || (($settings['mode'] == "server_tls_user") && ($settings['authmode'] != "Local Database"))) { $cert = $config['cert'][$crtid]; if (!$cert) - return false; + $input_errors[] = "Could not find client certifficate."; } else $nokeys = true; + if ($input_errors) + return false; + return array($settings, $server_cert, $server_ca, $servercn, $user, $cert, $nokeys); } @@ -216,7 +226,7 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $quotese $conf .= "http-proxy {$proxy['ip']} {$proxy['port']} "; if ($proxy['proxy_authtype'] != "none") { if (!isset($proxy['passwdfile'])) - $proxy['passwdfile'] = openvpn_client_export_prefix($srvid, $usrid) . "-proxy"; + $proxy['passwdfile'] = openvpn_client_export_prefix($srvid, $usrid, $crtid) . "-proxy"; $conf .= " {$proxy['passwdfile']} {$proxy['proxy_authtype']}"; } $conf .= "{$nl}"; @@ -231,7 +241,7 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $quotese } // add key settings - $prefix = openvpn_client_export_prefix($srvid, $usrid); + $prefix = openvpn_client_export_prefix($srvid, $usrid, $crtid); $cafile = "{$prefix}-ca.crt"; if($nokeys == false) { if ($expformat == "inline") { @@ -478,7 +488,7 @@ function openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $quot exec("/bin/cp {$tempdir}/{$client_install_exe} {$tempdir}/openvpn-install.exe"); // write configuration file - $prefix = openvpn_client_export_prefix($srvid, $usrid); + $prefix = openvpn_client_export_prefix($srvid, $usrid, $crtid); $cfgfile = "{$confdir}/{$prefix}-config.ovpn"; if (!empty($proxy) && $proxy['proxy_authtype'] != "none") { $proxy['passwdfile'] = "{$prefix}-password"; @@ -580,7 +590,7 @@ function viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $usead $tempdir = $tempdir . "/Viscosity.visc/"; // write cofiguration file - $prefix = openvpn_client_export_prefix($srvid, $usrid); + $prefix = openvpn_client_export_prefix($srvid, $usrid, $crtid); if (!empty($proxy) && $proxy['proxy_authtype'] != "none") { $proxy['passwdfile'] = "config-password"; $pwdfle = "{$proxy['user']}\n"; diff --git a/config/openvpn-client-export/vpn_openvpn_export.php b/config/openvpn-client-export/vpn_openvpn_export.php index e7c94ae6..85d44177 100755 --- a/config/openvpn-client-export/vpn_openvpn_export.php +++ b/config/openvpn-client-export/vpn_openvpn_export.php @@ -172,7 +172,7 @@ if (!empty($act)) { } } - $exp_name = openvpn_client_export_prefix($srvid, $usrid); + $exp_name = openvpn_client_export_prefix($srvid, $usrid, $crtid); if(substr($act, 0, 4) == "conf") { switch ($act) { diff --git a/config/quagga_ospfd/status_ospfd.php b/config/quagga_ospfd/status_ospfd.php index 438347ff..dc6c6aea 100644 --- a/config/quagga_ospfd/status_ospfd.php +++ b/config/quagga_ospfd/status_ospfd.php @@ -68,13 +68,11 @@ function doCmdT($title, $command) { $execOutput = ""; $execStatus = ""; - exec ($command . " 2>&1", $execOutput, $execStatus); - for ($i = 0; isset($execOutput[$i]); $i++) { - if ($i > 0) { - echo "\n"; - } - echo htmlspecialchars($execOutput[$i],ENT_NOQUOTES); + $fd = popen("{$command} 2>&1", "r"); + while (($line = fgets($fd)) !== FALSE) { + echo htmlspecialchars($line, ENT_NOQUOTES); } + pclose($fd); echo "</pre></tr>\n"; echo "</table>\n"; } diff --git a/config/squid-reverse/squid_reverse.inc b/config/squid-reverse/squid_reverse.inc index 21b6c668..81d1c8f9 100644 --- a/config/squid-reverse/squid_reverse.inc +++ b/config/squid-reverse/squid_reverse.inc @@ -133,7 +133,7 @@ function squid_resync_reverse() { array_push($owa_dirs,'owa','exchange','public','exchweb','ecp','OAB'); if($settings['reverse_owa_activesync']) array_push($owa_dirs,'Microsoft-Server-ActiveSync'); - if($settngs['reverse_owa_rpchttp']) + if($settings['reverse_owa_rpchttp']) array_push($owa_dirs,'rpc/rpcproxy.dll','rpcwithcert/rpcproxy.dll'); if($settings['reverse_owa_autodiscover']) array_push($owa_dirs,'autodiscover'); diff --git a/config/syslog-ng/syslog-ng.inc b/config/syslog-ng/syslog-ng.inc index b56cef39..75d5bb4d 100644 --- a/config/syslog-ng/syslog-ng.inc +++ b/config/syslog-ng/syslog-ng.inc @@ -109,6 +109,7 @@ function syslogng_validate_advanced($post, $input_errors) { $input_errors[] = 'Creation or modification of \'_DEFAULT\' objects not permitted. Change default settings under \'General\' tab.'; } + $post['objectparameters'] = base64_encode($post['objectparameters']); $new_object[] = array("objecttype"=>$post['objecttype'], "objectname"=>$post['objectname'], "objectparameters"=>$post['objectparameters']); if(empty($objects)) { @@ -192,8 +193,11 @@ function syslogng_build_default_objects($settings) { } } $default_objects[0]['objectparameters'] .= "); };"; + $default_objects[0]['objectparameters'] = base64_encode($default_objects[0]['objectparameters']); $default_objects[1] = array("objecttype"=>"destination", "objectname"=>"_DEFAULT", "objectparameters"=>"{ file(\"$default_logdir/$default_logfile\"); };"); + $default_objects[1]['objectparameters'] = base64_encode($default_objects[1]['objectparameters']); $default_objects[2] = array("objecttype"=>"log", "objectname"=>"_DEFAULT", "objectparameters"=>"{ source(_DEFAULT); destination(_DEFAULT); };"); + $default_objects[2]['objectparameters'] = base64_encode($default_objects[2]['objectparameters']); return $default_objects; } @@ -231,7 +235,7 @@ function syslogng_get_log_files($objects) { foreach($objects as $object) { if($object['objecttype'] == 'destination') { - preg_match("/file\(['\"]([^'\"]*)['\"]/", $object['objectparameters'], $match); + preg_match("/file\(['\"]([^'\"]*)['\"]/", base64_decode($object['objectparameters']), $match); if($match) { $log_file = $match[1]; array_push($log_files, $log_file); @@ -249,9 +253,9 @@ function syslogng_build_conf($objects) { foreach($objects as $object) { if($object['objecttype'] == 'log' || $object['objecttype'] == 'options') { - $conf .= $object['objecttype'] . " " . $object['objectparameters'] . "\n"; + $conf .= $object['objecttype'] . " " . base64_decode($object['objectparameters']) . "\n"; } else { - $conf .= $object['objecttype'] . " " . $object['objectname'] . " " . $object['objectparameters'] . "\n"; + $conf .= $object['objecttype'] . " " . $object['objectname'] . " " . base64_decode($object['objectparameters']) . "\n"; } } diff --git a/config/syslog-ng/syslog-ng_advanced.xml b/config/syslog-ng/syslog-ng_advanced.xml index 36a02a07..2ddcf1e0 100644 --- a/config/syslog-ng/syslog-ng_advanced.xml +++ b/config/syslog-ng/syslog-ng_advanced.xml @@ -112,6 +112,7 @@ <fieldname>objectparameters</fieldname> <description>Enter the object parameters</description> <type>textarea</type> + <encoding>base64</encoding> <cols>65</cols> <rows>5</rows> <required/> diff --git a/pkg_config.8.xml b/pkg_config.8.xml index 5e511811..f4294060 100644 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -1233,7 +1233,7 @@ <pkginfolink>http://forum.pfsense.org/index.php/topic,48347.0.html</pkginfolink> <website>http://www.squid-cache.org/</website> <category>Network</category> - <version>3.1.20 pkg 2.0.5_5</version> + <version>3.1.20 pkg 2.0.5_6</version> <status>beta</status> <required_version>2.0</required_version> <maintainer>marcellocoutinho@gmail.com fernando@netfilter.com.br seth.mos@dds.nl mfuchs77@googlemail.com jimp@pfsense.org</maintainer> diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64 index 8caf5758..c99be5f9 100644 --- a/pkg_config.8.xml.amd64 +++ b/pkg_config.8.xml.amd64 @@ -1220,7 +1220,7 @@ <pkginfolink>http://forum.pfsense.org/index.php/topic,48347.0.html</pkginfolink> <website>http://www.squid-cache.org/</website> <category>Network</category> - <version>3.1.20 pkg 2.0.5_5</version> + <version>3.1.20 pkg 2.0.5_6</version> <status>beta</status> <required_version>2.0</required_version> <maintainer>marcellocoutinho@gmail.com fernando@netfilter.com.br seth.mos@dds.nl mfuchs77@googlemail.com jimp@pfsense.org</maintainer> |