entrouvert
/
univnautes
Archived
17
0
Fork 0
Code Issues Pull Requests Releases Activity

Commit Graph

  • ccb2af234a config.xml: use idps-only renater federation v2.0.1 UNIVNAUTES_2_1 Thomas NOËL 2015-03-17 16:47:31 +0100
  • 16b9c78e8e add UnivNautes in version v2.0 Thomas NOËL 2015-03-17 15:04:08 +0100
  • f9a5d44bb6 config.xml: add idp group & firmwareurl Thomas NOËL 2015-03-17 14:36:52 +0100
  • 95282bb281 idp: syncdata when federations are updated Thomas NOËL 2015-01-27 12:09:28 +0100
  • 16d78fb81c config.xml: prepare idp by default (disable but ready) Thomas NOËL 2015-01-27 12:07:34 +0100
  • b62e4e4d33 local idp (beta) Thomas NOËL 2015-01-26 18:01:44 +0100
  • 4af9283c39 rc.bootup: start idp Thomas NOËL 2015-01-26 16:20:48 +0100
  • 145eb9907c Fixes #4257 With the platform_booting() fixes a regression was done on openvpn tap interfaces or dynamic ones that are part of a bridge. RELENG_2_2_0 Ermal LUÇI 2015-01-22 20:52:29 +0100
  • 69f21f641b idp: management interface Thomas NOËL 2015-01-22 15:26:20 +0100
  • 8e24d1dacd Make sure radvd is reconfigured when CARP is enabled/disabled. It should fix #4252 Renato Botelho 2015-01-22 10:01:19 -0200
  • b711bfac32 Save the tradition and point to used binaries here Ermal LUÇI 2015-01-21 22:05:56 +0100
  • 150d479bc5 When configuring radvd, check if carp is enabled. Ticket #4252 Renato Botelho 2015-01-22 09:00:54 -0200
  • 42cc62a2e7 Do not translate function return string Renato Botelho 2015-01-22 09:00:29 -0200
  • 44763e5823 Fix typo in function name Renato Botelho 2015-01-22 08:59:29 -0200
  • 7684d66fad Strict comparison not necessary here, and makes this fail to work as intended. Fixes #4258 Chris Buechler 2015-01-21 18:02:54 -0600
  • 005fd63af3 Ticket #4254 do not put duplicate interface names Ermal LUÇI 2015-01-21 21:45:51 +0100
  • 44085a6555 Ticket #4254 Actually use proper variables allover to have correct route added Ermal LUÇI 2015-01-21 21:40:13 +0100
  • 3ad33c0e25 Ticket #4254 Actually use proper interface to check if gateway exists Ermal LUÇI 2015-01-21 21:33:56 +0100
  • cde88d5ed1 Ticket #4254 Use proper variable Ermal LUÇI 2015-01-21 21:25:45 +0100
  • 39e3b27b78 Ticket #4254 actually use the info on the protocol of the vpn sepcification to be more sure on the family to use Ermal LUÇI 2015-01-21 21:09:35 +0100
  • 4e1fd3b6f0 Ticket #4254 Handle even hosts specified throguh dns name Ermal LUÇI 2015-01-21 21:04:49 +0100
  • c7edf1f8e8 Ticket #4524 Bring back static routes on ipsec to make sure charon does not send traffic through wrong iface. This handles properly ipv6 Ermal LUÇI 2015-01-21 21:00:25 +0100
  • 260c6a7eeb Be compliant with gatway groups specified on ipsec. Ticket #4254 Ermal LUÇI 2015-01-21 20:31:16 +0100
  • 083ec796a8 Ticket #4254 Actually fix this on 2.2 branch since vips are not handled by get_real_interface apparently! Ermal LUÇI 2015-01-21 19:32:03 +0100
  • a693440176 When radvd is configured on a CARP interface, enable it when it is MASTER and disable when go to BACKUP. It should fix #4252 Renato Botelho 2015-01-21 14:36:38 -0200
  • 89ac17e338 Ticket #4254 specify the list of interfaces to be used by charon. This is a workaround for now. Being investigated the fix. Ermal LUÇI 2015-01-21 09:31:54 +0100
  • 94efc59dff Use the parent NIC rather than the VIP. Fixes part of Ticket #4252 Chris Buechler 2015-01-21 00:35:57 -0600
  • de16863d9e The reset button check should happen on all platforms, not only NanoBSD jim-p 2015-01-20 16:53:59 -0500
  • ca276264ee Add missing require for filter.inc since vpn_ipsec_configure() calls filter_configure(). It should fix #4236 Renato Botelho 2015-01-19 09:25:36 -0200
  • 7f3601524d Add reset button support for APU and FW7541 Renato Botelho 2015-01-19 09:08:37 -0200
  • ef9ef75fe1 add detection for 7541, APU Chris Buechler 2015-01-16 23:15:21 -0600
  • 1195a12d3b move jquery ui css to theme folders Jared Dillard 2015-01-16 18:01:34 -0600
  • b1fef27fcf Set $arch accordingly to release Renato Botelho 2015-01-16 17:42:30 -0200
  • 6aac31ef76 change update URLs for release Chris Buechler 2015-01-16 13:40:48 -0600
  • 6434d5be0c Bump to 2.2-RELEASE Chris Buechler 2015-01-16 13:36:09 -0600
  • 17c982555a Validate if both IP address and subnet are valid and the same version. Fixes #4223 Renato Botelho 2015-01-16 11:50:23 -0200
  • 5b7c33fc7e Firewall Rules Apply be friendly to other languages Phil Davis 2015-01-16 00:00:42 +0545
  • 8d4e768a27 Time to let these go Ermal LUÇI 2015-01-15 21:42:00 +0100
  • 05071b6541 Just do an update since it will handle itself properly. Ermal LUÇI 2015-01-15 20:18:24 +0100
  • 9344d387ed univnautes: custom templates&static (#5570) Thomas NOËL 2015-01-15 19:01:00 +0100
  • 202e2f2c04 Merge branch 'RELENG_2_1' into UNIVNAUTES_2_1 Thomas NOËL 2015-01-15 16:34:41 +0100
  • 4e8eacfd7c Revert "Move to specifically specifying the ID type apart when an ip address to have strongswan do proper behaviour. Also for DynDNS names use the dns type id so strongswan does the resolving by its own." Ermal LUÇI 2015-01-15 10:13:57 +0100
  • 23de1f0dec Revert "Fix typos introduced by chaning to explicit id specification when necessary. Fixes #4202" Ermal LUÇI 2015-01-15 10:13:46 +0100
  • bc62f818e9 Add RSA keys even for eap-mschapv2 Ermal LUÇI 2015-01-15 08:45:53 +0100
  • f579c0fb42 Add EAP-MSChapv2 implementation for Windows ipsec support as reported here https://forum.pfsense.org/index.php?topic=81657.15 Ermal LUÇI 2015-01-14 12:27:48 +0100
  • 88a46519d9 Oops add missing curly Ermal LUÇI 2015-01-14 17:02:59 +0100
  • eb26d3102d Also take care of ph1 mobile settings for eap-tls Ermal LUÇI 2015-01-14 17:02:19 +0100
  • 6e0a0ab347 Obsolete libpng15 in favour of libpng16 Renato Botelho 2015-01-14 12:09:58 -0200
  • 9eec3be339 Correctly handle number of cores and power of 2. Merged from the package already had this. Fixes #4212 Warren Baker 2015-01-14 13:09:31 +0200
  • 3a56c14663 Actually remove rekey/reauth from config to avoid strange issues. Ticket #4208 Ermal LUÇI 2015-01-13 20:43:59 +0100
  • 656fd270f0 Add some saftey belts here to be safe Ermal LUÇI 2015-01-13 20:21:19 +0100
  • a2feea3744 Heh bump the config version Ermal LUÇI 2015-01-13 20:19:25 +0100
  • b40137258e To avoid issues with clashing SAIDs go back to specifying the reqid in strongswan config. Ermal LUÇI 2015-01-13 16:38:12 +0100
  • 6db7ee23db Improving aesthetics. xbipin 2015-01-13 18:37:52 +0400
  • 156938a87e Where the P1 is disabled, show the P2s as disabled since they will be, same as in previous versions. Chris Buechler 2015-01-12 19:25:15 -0600
  • d71f979475 Fix IPsec widget for multiple P2, it fixes #4164 Renato Botelho 2015-01-12 21:50:26 -0200
  • 324a2387d0 Unbound is compiled with libevent so setting this to always be 4096. Warren Baker 2015-01-09 10:51:27 +0200
  • ad9148aefa Allow for overhead and up maximum limit from 8 to 32, also only set it if its set to 4 or above. Fixes https://forum.pfsense.org/index.php?topic=78356.msg472781#msg472781 Warren Baker 2015-01-09 10:23:54 +0200
  • bdb8fbffb0 Remove old write caching tunable as well. Ticket #4203 Chris Buechler 2015-01-12 12:43:13 -0600
  • f66bcbaf4c Remove the settings to disable DMA, which have changed in FreeBSD 10. Ticket #4203 Chris Buechler 2015-01-12 12:34:55 -0600
  • 35e3d35016 Do not leak firewall rules as well when (re)creating rules Ermal LUÇI 2015-01-12 19:25:24 +0100
  • eab9d9c142 Fix spell typo spotted by phil-davis Renato Botelho 2015-01-12 12:35:59 -0200
  • 3243110433 Fix typos introduced by chaning to explicit id specification when necessary. Fixes #4202 Ermal LUÇI 2015-01-12 15:14:08 +0100
  • 0c5e61b155 Fix cut paste brain fade Phil Davis 2015-01-11 21:00:59 +0545
  • 3fbfbe902e Restart PHP-FPM allow to setup ini file Phil Davis 2015-01-10 21:38:50 +0545
  • 2ea976b71c Properly handle large passthrough entries even here. Ermal LUÇI 2015-01-12 12:30:45 +0100
  • 9b255a367d Use this generation now of committing pipes directly and only rules to put on ruleset to avoid memory pressure and the timelimit will than be enforced by the caller Ermal LUÇI 2015-01-12 12:27:41 +0100
  • 124299a347 Revert "Ticket #3932 Use array_map to get more parallelism when there are many entries. This makes it not reach the execution timeout with large entries." Ermal LUÇI 2015-01-12 12:26:00 +0100
  • 0fc3c465cd Actually improve the previous resource leak commit since the function is there but it was not being used during init_rules process. Ermal LUÇI 2015-01-12 12:20:57 +0100
  • 339e2fe5e6 * Try to autodetect if the execution limit needs to be raised on big number of passthrough entries. Set the time limit to 0 and restore it back to default value when this is detected. Ermal LUÇI 2015-01-12 12:17:00 +0100
  • 6a752ca21a Put the value of password under double quotes(") to avoid issues with special characters in passwords. Ticket #4177 Ermal LUÇI 2015-01-12 11:49:12 +0100
  • 545c4435ef Do not override the passwd string. First it prevents the md5 working if the crypt() check fails and also is useless to override it since the parameter is passed by value and not by reference. Ermal LUÇI 2015-01-12 11:43:21 +0100
  • 21165e6455 Prevent echo to insert a newline(\n) at the secret string. Fixes #4177 Ermal LUÇI 2015-01-12 11:40:46 +0100
  • aa685f7a6d Ticket #3932 Use array_map to get more parallelism when there are many entries. This makes it not reach the execution timeout with large entries. Ermal LUÇI 2015-01-12 10:38:17 +0100
  • 7001542e3e Fix typos and set needed variable Ermal LUÇI 2015-01-12 09:33:20 +0100
  • c9f04cd055 properly apply the passthrough entries when apply is hitr. Ermal LUÇI 2015-01-12 09:30:46 +0100
  • 64ed3e60f5 Fix inherent issues with isset and empty values set as true by our parser. This made the piep configuration to be wrong at least for passthrough entries. Ticket #3932 Ermal LUÇI 2015-01-12 09:27:09 +0100
  • ab54ec9f8d Bring back showing of default value like previous versions. Chris Buechler 2015-01-11 19:33:46 -0600
  • 4fc1c68f14 Do not return disabled dynamic gateways Phil Davis 2015-01-11 20:54:31 +0545
  • 7025c4fa7a Remove debug code Ermal LUÇI 2015-01-11 16:36:54 +0100
  • 30656f6640 Fixes #4177 convert password to base64 to be submitted to avoid issues with special chars in shell and HTTP GET parameter passing. Probably should add POST support to fcgicli. Ermal LUÇI 2015-01-10 22:17:28 +0100
  • fc03ca0112 Fix POST typo in interfaces_assign.php Phil Davis 2015-01-11 18:40:09 +0545
  • 31cf5a9315 Fixes #3281 do not undo any changes already done for gif/gre interface. Ermal LUÇI 2015-01-10 22:34:47 +0100
  • 83b0a21ac4 Properly rename the var Ticket #4164 Ermal LUÇI 2015-01-10 21:49:19 +0100
  • ed5c6e894e Default to only AES and SHA1 for new P2s. Chris Buechler 2015-01-09 22:08:27 -0600
  • 6f7960c3a0 Default IPsec to AES Chris Buechler 2015-01-09 22:00:53 -0600
  • c182616905 Default IPsec to main mode, unless mobile client. Chris Buechler 2015-01-09 21:59:00 -0600
  • 422a2007d5 Do not count twice the phase2 entries Ermal LUÇI 2015-01-09 23:12:21 +0100
  • 832ec9fee9 Just some reshufling and cleanup Ermal LUÇI 2015-01-09 22:47:38 +0100
  • 9218ecb6e7 Let the kernel handle REQID rather than handling it manually. The connection name is the one needed here. Ermal LUÇI 2015-01-09 22:32:07 +0100
  • 57963e4baf Add tracker and label to IPv4 Link-Local block rules. jim-p 2015-01-09 16:06:57 -0500
  • 557c21dae0 After the other set of changes had unexpected complications, let's back this out too. Revert "PEAR static method call warning" Chris Buechler 2015-01-09 01:14:14 -0600
  • 0515117ed7 This broke a variety of things. Revert "Deprecated and non-static method messages" Chris Buechler 2015-01-09 00:40:18 -0600
  • 0391b39b90 PEAR static method call warning Phil Davis 2015-01-09 10:04:28 +0545
  • ecefba29ec disable this PHP error logging, errors that are really significant end up with a crash report, this is more noise than useful at this stage in 2.2. Chris Buechler 2015-01-09 00:17:10 -0600
  • d97dd42437 Make this code less memory hungry and fix route command generation Ermal LUÇI 2015-01-08 23:57:47 +0100
  • ac8f75f1e0 Catch packets on all iunterfaces and send them out the correct one. Fixes #4174 Ermal LUÇI 2015-01-08 22:49:19 +0100
  • bad9dec5e6 Deprecated and non-static method messages Phil Davis 2015-01-09 01:20:05 +0545
  • 7c1c70d5ea Improve URL and URL ports alias update data: Renato Botelho 2015-01-08 16:15:46 -0200
  • 1776d19e58 Change OpenVPN CARP VIP test to be more accurate. The client should also not be run if the VIP is in the INIT state. jim-p 2015-01-08 10:40:44 -0500