Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

vpnmain.cgi: Moved inclusion of ipsec.user.conf to the end of ipsec.conf... #46

Closed
wants to merge 3 commits into from

Conversation

andec
Copy link
Contributor

@andec andec commented Mar 2, 2015

Hi

... in order to allow connection parameters to be overwritten in ipsec.user.conf.

My use case requires me to "patch" the IPSec connection created in the GUI (or do it entierly in the user.conf, of course). It turns out that this only works if the include for the user conf is after the connections in ipsec.conf.

So I moved the corresponding code down in vpnmain.cgi.

I hope this can be included into IPFire.

Best regards
Christoph

…onf in order to allow connection parameters to be overwritten in ipsec.user.conf.
@mtremer
Copy link
Member

mtremer commented Mar 2, 2015

Hi Christoph,

unfortunately not. Your patch would break already existing setups which overwrite conn %default.

You could create a second include file which is included at the end. We have the same for squid.

-Michael

@andec
Copy link
Contributor Author

andec commented Mar 2, 2015

Hi Michael

I see. Breaking existing setups is no option.

Having a second include file solves the problem of course. Would you
merge a patch containing such a reference to, let's say
/etc/ipsec.user-end.conf ?

/Christoph

On 02.03.2015 18:57, Michael Tremer wrote:

Hi Christoph,

unfortunately not. Your patch would break already existing setups
which overwrite conn %default.

You could create a second include file which is included at the end.
We have the same for squid.

-Michael


Reply to this email directly or view it on GitHub
#46 (comment).

@mtremer
Copy link
Member

mtremer commented Mar 2, 2015

Yes of course. I would recommend to call it "post" instead of "end" to
be consistent with the squid configuration.

andec added 2 commits March 2, 2015 22:03
… ipsec.conf in order to allow connection parameters to be overwritten in ipsec.user.conf."

This reverts commit dd6b513.
…sec.conf in order to allow connection parameters to be overwritten in ipsec.user.conf.
@andec
Copy link
Contributor Author

andec commented Mar 2, 2015

I changed the code as discussed. The include file is called /etc/ipsec.user-post.conf.

/Christoph

@mtremer
Copy link
Member

mtremer commented Mar 4, 2015

I already merge this the other day. Apparently github didn't notice. Closing this issue.

http://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff;h=165b25b2dc8fce3dbba64711eab1eed709ffb0a5

@mtremer mtremer closed this Mar 4, 2015
mtremer pushed a commit that referenced this pull request Apr 14, 2021
- Update from 2.3.3 to 2.3.3op2
- OpenPrinting statement from March 2021:-
   CUPS has new home at OpenPrinting
   Due to the fact that CUPS development at Apple has stopped since the
   beginning of 2020 we had forked CUPS some months ago to incorporate
   patches and fixes from the distributions. As Apple did not resume the
   upstream work on CUPS, we have made OpenPrinting now the official
   upstream home for CUPS.
   This especially means that we can now continue developing CUPS,
   independent of Apple. So we can add features and lead CUPS into the new
   architecture without PPD files and with Printer Applications.
   CUPS has a new home page now and what was formerly our fork is now the
   official CUPS repository. Upcoming releases will be of the new 2.4.x
   series, without “opX” suffix as now. Also all documentation files which
   come with it are updated to point to the OpenPrinting resources.
- Update of rootfile not required.
- Changelog
   Changes in CUPS v2.3.3op2
    - Security: Fixed a buffer (read) overflow in the `ippReadIO` function
      (CVE-2020-10001)
    - Clarified the documentation for the "Listen" directive (Issue #53)
    - Fixed duplicate ColorModel entries for AirPrint printers (Issue 59)
    - Fixed directory/permission defaults for Debian kfreebsd-based systems
      (Issue #60, Issue #61)
    - Fixed crash bug in `ppdOpen` (Issue #64, Issue #78)
    - Fixed regression in `snprintf` emulation function (Issue #67)
    - The scheduler's systemd service file now waits for the nslcd service to start
      (Issue #69)
    - The libusb-based USB backend now uses a simpler read timer implementation to
      avoid a regression in a previous change (Issue #72)
    - The PPD caching code now only tracks the `APPrinterIconPath` value on macOS
      (Issue #73)
    - Fixed segfault in help.cgi when searching in man pages (Issue #81)
    - Root certificates were incorrectly stored in "~/.cups/ssl".
Changes in CUPS v2.3.3op1
    - The automated test suite can now be activated using `make test` for
      consistency with other projects and CI environments - the old `make check`
      continues to work as well, and the previous test server behavior can be
      accessed by running `make testserver`.
    - ippeveprinter now supports multiple icons and strings files.
    - ippeveprinter now uses the system's FQDN with Avahi.
    - ippeveprinter now supports Get-Printer-Attributes on "/".
    - ippeveprinter now uses a deterministic "printer-uuid" value.
    - ippeveprinter now uses system sounds on macOS for Identify-Printer.
    - Updated ippfind to look for files in "~/Desktop" on Windows.
    - Updated ippfind to honor `SKIP-XXX` directives with `PAUSE`.
    - Updated IPP Everywhere support to work around printers that only advertise
      color raster support but really also support grayscale (Issue #1)
    - ipptool now supports DNS-SD URIs like `ipps://My%20Printer._ipps._tcp.local`
      (Issue #5)
    - The scheduler now allows root backends to have world read permissions but not
      world execute permissions (Issue #21)
    - Failures to bind IPv6 listener sockets no longer cause errors if IPv6 is
      disabled on the host (Issue #25)
    - The SNMP backend now supports the HP and Ricoh vendor MIBs (Issue #28)
    - The scheduler no longer includes a timestamp in files it writes (Issue #29)
    - The systemd service names are now "cups.service" and "cups-lpd.service"
      (Issue #30, Issue #31)
    - The scheduler no longer adds the local hostname to the ServerAlias list
      (Issue #32)
    - Added `LogFileGroup` directive in "cups-files.conf" to control the group
      owner of log files (Issue #34)
    - Added `--with-max-log-size` configure option (Issue #35)
    - Added `--enable-sync-on-close` configure option (Issue #37)
    - Added `--with-error-policy` configure option (Issue #38)
    - IPP Everywhere PPDs could have an "unknown" default InputSlot (Issue #44)
    - The `httpAddrListen` function now uses a listen backlog of 128.
    - Added USB quirks (Apple issue #5789, #5823, #5831)
    - Fixed IPP Everywhere v1.1 conformance issues in ippeveprinter.
    - Fixed DNS-SD name collision support in ippeveprinter.
    - Fixed compiler and code analyzer warnings.
    - Fixed TLS support on Windows.
    - Fixed ippfind sub-type searches with Avahi.
    - Fixed the default hostname used by ippeveprinter on macOS.
    - Fixed resolution of local IPP-USB printers with Avahi.
    - Fixed coverity issues (Issue #2)
    - Fixed `httpAddrConnect` issues (Issue #3)
    - Fixed web interface device URI issue (Issue #4)
    - Fixed lp/lpr "printer/class not found" error reporting (Issue #6)
    - Fixed xinetd support for LPD clients (Issue #7)
    - Fixed libtool build issue (Issue #11)
    - Fixed a memory leak in the scheduler (Issue #12)
    - Fixed a potential integer overflow in the PPD hashing code (Issue #13)
    - Fixed output-bin and print-quality handling issues (Issue #18)
    - Fixed PPD options getting mapped to odd IPP values like "tray---4" (Issue #23)
    - Fixed remote access to the cupsd.conf and log files (Issue #24)
    - Fixed the automated test suite when running in certain build/CI environments
      (Issue #25)
    - Fixed a logging regression caused by a previous change for Apple issue #5604
      (Issue #25)
    - Fixed fax phone number handling with GNOME (Issue #40)
    - Fixed potential rounding error in rastertopwg filter (Issue #41)
    - Fixed the "uri-security-supported" value from the scheduler (Issue #42)
    - Fixed IPP backend crash bug with "printer-alert" values (Issue #43)
    - Removed old Solaris inetconv(1m) reference in cups-lpd man page (Issue #46)
    - Fixed default options that incorrectly use the "custom" prefix (Issue #48)
    - Fixed a memory leak when resolving DNS-SD URIs (Issue #49)
    - Fixed systemd status reporting by adopting the notify interface (Issue #51)
    - Fixed crash in rastertopwg (Apple issue #5773)
    - Fixed cupsManualCopies values in IPP Everywhere PPDs (Apple issue #5807)

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
mtremer pushed a commit that referenced this pull request Apr 24, 2022
- Update from 10.39 to 10.40
- Update of rootfile
- Changelog
   Version 10.40 15-April-2022
	1. Merged patch from @carenas (GitHub #35, 7db87842) to fix pcre2grep incorrect
	   handling of multiple passes.
	2. Merged patch from @carenas (GitHub #36, dae47509) to fix portability issue
	   in pcre2grep with buffered fseek(stdin).
	3. Merged patch from @carenas (GitHub #37, acc520924) to fix tests when -S is
	   not supported.
	4. Revert an unintended change in JIT repeat detection.
	5. Merged patch from @carenas (GitHub #52, b037bfa1) to fix build on GNU Hurd.
	6. Merged documentation and comments patches from @carenas (GitHub #47).
	7. Merged patch from @carenas (GitHub #49) to remove obsolete JFriedl test code
	   from pcre2grep.
	8. Merged patch from @carenas (GitHub #48) to fix CMake install issue #46.
	9. Merged patch from @carenas (GitHub #53) fixing NULL checks in matching and
	   substituting.
	10. Add null_subject and null_replacement modifiers to pcre2test.
	11. Add check for NULL subject to POSIX regexec() function.
	12. Add check for NULL replacement to pcre2_substitute().
	13. For the subject arguments of pcre2_match(), pcre2_dfa_match(), and
	    pcre2_substitute(), and the replacement argument of the latter, if the pointer
	    is NULL and the length is zero, treat as an empty string. Apparently a number
	    of applications treat NULL/0 in this way.
	14. Added support for Bidi_Class and a number of binary Unicode properties,
	    including Bidi_Control.
	15. Fix some minor issues raised by clang sanitize.
	16. Very minor code speed up for maximizing character property matches.
	17. A number of changes to script matching for \p and \P:
	    (a) Script extensions for a character are now coded as a bitmap instead of
	        a list of script numbers, which should be faster and does not need a
	        loop.
	    (b) Added the syntax \p{script:xxx} and \p{script_extensions:xxx} (synonyms
	        sc and scx).
	    (c) Changed \p{scriptname} from being the same as \p{sc:scriptname} to being
	        the same as \p{scx:scriptname} because this change happened in Perl at
	        release 5.26.
	    (d) The standard Unicode 4-letter abbreviations for script names are now
	        recognized.
	    (e) In accordance with Unicode and Perl's "loose matching" rules, spaces,
	        hyphens, and underscores are ignored in property names, which are then
	        matched independent of case.
	18. The Python scripts in the maint directory have been refactored. There are
	    now three scripts that generate pcre2_ucd.c, pcre2_ucp.h, and pcre2_ucptables.c
	    (which is #included by pcre2_tables.c). The data lists that used to be
	    duplicated are now held in a single common Python module.
	19. On CHERI, and thus Arm's Morello prototype, pointers are represented as
	    hardware capabilities, which consist of both an integer address and additional
	    metadata, meaning they are twice the size of the platform's size_t type, i.e.
	    16 bytes on a 64-bit system. The ovector member of heapframe happens to only be
	    8 byte aligned, and so computing frame_size ended up with a multiple of 8 but
	    not 16. Whilst the first frame was always suitably aligned, this then
	    misaligned the frame that follows, resulting in an alignment fault when storing
	    a pointer to Fecode at the start of match. Patch to fix this issue by Jessica
	    Clarke PR#72.
	20. Added -LP and -LS listing options to pcre2test.
	21. A user discovered that the library names in CMakeLists.txt for MSVC
	    debugger (PDB) files were incorrect - perhaps never tried for PCRE2?
	22. An item such as [Aa] is optimized into a caseless single character match.
	    When this was quantified (e.g. [Aa]{2}) and was also the last literal item in a
	    pattern, the optimizing "must be present for a match" character check was not
	    being flagged as caseless, causing some matches that should have succeeded to
	    fail.
	23. Fixed a unicode properrty matching issue in JIT. The character was not
	    fully read in caseless matching.
	24. Fixed an issue affecting recursions in JIT caused by duplicated data
	    transfers.
	25. Merged patch from @carenas (GitHub #96) which fixes some problems with
	    pcre2test and readline/readedit:
	      * Use the right header for libedit in FreeBSD with autoconf
	      * Really allow libedit with cmake
	      * Avoid using readline headers with libedit

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
mtremer pushed a commit that referenced this pull request Sep 3, 2024
- Update from version 1.22 to 1.26
- Update of rootfile not required
- Changelog
    1.26
	Add clock in upper right corner
    1.25

	Fix bug when iotop busy loops after pressing ESC key
	Change the condition of displaying processes in only mode
    1.24

	Fix a bug with graphs in ASCII mode
	Show the status of the configuration in the help window
	Support ancient compilers by @bbonev in #52
    1.23

	Changes by @bbonev in #43
	Fix some issues reported by lintian by @debian-janitor in #42
	Revert syscall count stuff by @bbonev in #44
	Fix empty archlinux package by @bokunodev in #46

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants