diff options
Diffstat (limited to 'src/etc')
-rw-r--r-- | src/etc/inc/authgui.inc | 2 | ||||
-rw-r--r-- | src/etc/inc/smtp.inc | 16 | ||||
-rw-r--r-- | src/etc/inc/system.inc | 4 | ||||
-rw-r--r-- | src/etc/inc/upgrade_config.inc | 2 | ||||
-rw-r--r-- | src/etc/inc/util.inc | 54 | ||||
-rw-r--r-- | src/etc/pfSense.obsoletedfiles | 66 |
6 files changed, 104 insertions, 40 deletions
diff --git a/src/etc/inc/authgui.inc b/src/etc/inc/authgui.inc index c3536c8..47616ee 100644 --- a/src/etc/inc/authgui.inc +++ b/src/etc/inc/authgui.inc @@ -277,7 +277,7 @@ if (isset($config['system']['webgui']['webguicss'])) { <div class="form-group"> <label for="usernamefld" class="col-sm-3 control-label">Username</label> <div class="col-sm-9 col-md-7"> - <input type="text" class="form-control" name="usernamefld" id="usernamefld" placeholder="Enter your username"> + <input type="text" class="form-control" name="usernamefld" id="usernamefld" placeholder="Enter your username" autocorrect="off" autocapitalize="none" spellcheck="false"> </div> </div> diff --git a/src/etc/inc/smtp.inc b/src/etc/inc/smtp.inc index 54aa8cf..de5522c 100644 --- a/src/etc/inc/smtp.inc +++ b/src/etc/inc/smtp.inc @@ -2,7 +2,7 @@ /* * smtp.php * - * @(#) $Header: /opt2/ena/metal/smtp/smtp.php,v 1.48 2014/11/23 22:45:30 mlemos Exp $ + * @(#) $Header: /opt2/ena/metal/smtp/smtp.php,v 1.50 2016/01/19 00:16:06 mlemos Exp $ * */ @@ -12,7 +12,7 @@ <package>net.manuellemos.smtp</package> - <version>@(#) $Id: smtp.php,v 1.48 2014/11/23 22:45:30 mlemos Exp $</version> + <version>@(#) $Id: smtp.php,v 1.50 2016/01/19 00:16:06 mlemos Exp $</version> <copyright>Copyright (C) Manuel Lemos 1999-2011</copyright> <title>Sending e-mail messages via SMTP protocol</title> <author>Manuel Lemos</author> @@ -261,7 +261,7 @@ class smtp_class <variable> <name>user_agent</name> <type>STRING</type> - <value>SMTP Class (http://www.phpclasses.org/smtpclass $Revision: 1.48 $)</value> + <value>SMTP Class (http://www.phpclasses.org/smtpclass $Revision: 1.50 $)</value> <documentation> <purpose>Set the user agent used when connecting via an HTTP proxy.</purpose> <usage>Change this value only if for some reason you want emulate a @@ -270,7 +270,7 @@ class smtp_class </variable> {/metadocument} */ - var $user_agent='SMTP Class (http://www.phpclasses.org/smtpclass $Revision: 1.48 $)'; + var $user_agent='SMTP Class (http://www.phpclasses.org/smtpclass $Revision: 1.50 $)'; /* {metadocument} @@ -1265,12 +1265,14 @@ class smtp_class elseif($success = ($this->PutLine('STARTTLS') && $this->VerifyResultLines('220',$responses)>0)) { - $this->OutputDebug('Starting TLS cryptograpic protocol'); + if($this->debug) + $this->OutputDebug('Starting TLS cryptograpic protocol'); if(!($success = @stream_socket_enable_crypto($this->connection, 1, STREAM_CRYPTO_METHOD_TLS_CLIENT))) $this->error = 'could not start TLS connection encryption protocol'; else { - $this->OutputDebug('TLS started'); + if($this->debug) + $this->OutputDebug('TLS started'); $success = $this->StartSMTP($localhost); } } @@ -1887,4 +1889,4 @@ class smtp_class */ -?> +?>
\ No newline at end of file diff --git a/src/etc/inc/system.inc b/src/etc/inc/system.inc index 6d869e5..1a137d1 100644 --- a/src/etc/inc/system.inc +++ b/src/etc/inc/system.inc @@ -159,11 +159,11 @@ function system_resolvconf_generate($dynupdate = false) { $syscfg = $config['system']; if ((((isset($config['dnsmasq']['enable'])) && - (!isset($config['dnsmasq']['port']) || $config['dnsmasq']['port'] == "53") && + (empty($config['dnsmasq']['port']) || $config['dnsmasq']['port'] == "53") && (empty($config['dnsmasq']['interface']) || in_array("lo0", explode(",", $config['dnsmasq']['interface'])))) || ((isset($config['unbound']['enable'])) && - (!isset($config['unbound']['port']) || $config['unbound']['port'] == "53") && + (empty($config['unbound']['port']) || $config['unbound']['port'] == "53") && (empty($config['unbound']['active_interface']) || in_array("lo0", explode(",", $config['unbound']['active_interface'])) || in_array("all", explode(",", $config['unbound']['active_interface']), true)))) && diff --git a/src/etc/inc/upgrade_config.inc b/src/etc/inc/upgrade_config.inc index dedab7c..d627f11 100644 --- a/src/etc/inc/upgrade_config.inc +++ b/src/etc/inc/upgrade_config.inc @@ -654,7 +654,7 @@ function upgrade_039_to_040() { $config['system']['user'][0]['priv'][2]['descr'] = gettext("Indicates whether this user is able to login for example via SSH."); $config['system']['user'][0]['priv'][3]['id'] = "copyfiles"; $config['system']['user'][0]['priv'][3]['name'] = "Is allowed to copy files"; - $config['system']['user'][0]['priv'][3]['descr'] = sprintf(gettext("Indicates whether this user is allowed to copy files onto the %s appliance via SCP/SFTP. If you are going to use this privilege, you must install scponly on the appliance (Hint: pkg_add -r scponly)."), $g['product_name']); + $config['system']['user'][0]['priv'][3]['descr'] = sprintf(gettext("Indicates whether this user is allowed to copy files onto the %s appliance via SCP/SFTP."), $g['product_name']); $config['system']['user'][0]['priv'][4]['id'] = "isroot"; $config['system']['user'][0]['priv'][4]['name'] = "Is root user"; $config['system']['user'][0]['priv'][4]['descr'] = gettext("This user is associated with the UNIX root user (you should associate this privilege only with one single user)."); diff --git a/src/etc/inc/util.inc b/src/etc/inc/util.inc index b542566..c767f25 100644 --- a/src/etc/inc/util.inc +++ b/src/etc/inc/util.inc @@ -847,36 +847,44 @@ function subnetv4_expand($subnet) { return $result; } -/* find out whether two subnets overlap */ +/* find out whether two IPv4/IPv6 CIDR subnets overlap. + Note: CIDR overlap implies one is identical or included so largest sn will be the same */ function check_subnets_overlap($subnet1, $bits1, $subnet2, $bits2) { - - if (!is_numeric($bits1)) { - $bits1 = 32; - } - if (!is_numeric($bits2)) { - $bits2 = 32; - } - - if ($bits1 < $bits2) { - $relbits = $bits1; + if (is_ipaddrv4($subnet1)) { + return check_subnetsv4_overlap($subnet1, $bits1, $subnet2, $bits2); } else { - $relbits = $bits2; + return check_subnetsv6_overlap($subnet1, $bits1, $subnet2, $bits2); } +} - $sn1 = gen_subnet_mask_long($relbits) & ip2long($subnet1); - $sn2 = gen_subnet_mask_long($relbits) & ip2long($subnet2); - - return ($sn1 == $sn2); +/* find out whether two IPv4 CIDR subnets overlap. + Note: CIDR overlap means sn1/sn2 are identical or one is included in other. So sn using largest $bits will be the same */ +function check_subnetsv4_overlap($subnet1, $bits1, $subnet2, $bits2) { + $largest_sn = min($bits1, $bits2); + $subnetv4_start1 = gen_subnetv4($subnet1, $largest_sn); + $subnetv4_start2 = gen_subnetv4($subnet2, $largest_sn); + + if($subnetv4_start1 == '' || $subnetv4_start2 == '') { + // One or both args is not a valid IPv4 subnet + //FIXME: needs to return "bad data" not true/false if bad. For now return false, best we can do until fixed + return false; + } + return ($subnetv4_start1 == $subnetv4_start2); } -/* find out whether two IPv6 subnets overlap */ +/* find out whether two IPv6 CIDR subnets overlap. + Note: CIDR overlap means sn1/sn2 are identical or one is included in other. So sn using largest $bits will be the same */ function check_subnetsv6_overlap($subnet1, $bits1, $subnet2, $bits2) { - $sub1_min = gen_subnetv6($subnet1, $bits1); - $sub1_max = gen_subnetv6_max($subnet1, $bits1); - $sub2_min = gen_subnetv6($subnet2, $bits2); - $sub2_max = gen_subnetv6_max($subnet2, $bits2); - - return (is_inrange_v6($sub1_min, $sub2_min, $sub2_max) || is_inrange_v6($sub1_max, $sub2_min, $sub2_max) || is_inrange_v6($sub2_min, $sub1_min, $sub1_max)); + $largest_sn = min($bits1, $bits2); + $subnetv6_start1 = gen_subnetv6($subnet1, $largest_sn); + $subnetv6_start2 = gen_subnetv6($subnet2, $largest_sn); + + if($subnetv6_start1 == '' || $subnetv6_start2 == '') { + // One or both args is not a valid IPv6 subnet + //FIXME: needs to return "bad data" not true/false if bad. For now return false, best we can do until fixed + return false; + } + return ($subnetv6_start1 == $subnetv6_start2); } /* return true if $addr is in $subnet, false if not */ diff --git a/src/etc/pfSense.obsoletedfiles b/src/etc/pfSense.obsoletedfiles index 4f6f453..f389efc 100644 --- a/src/etc/pfSense.obsoletedfiles +++ b/src/etc/pfSense.obsoletedfiles @@ -445,7 +445,6 @@ /usr/local/bin/spawn-fcgi /usr/local/bin/tickadj /usr/local/bin/verifysig -/usr/local/etc/lighttpd /usr/local/etc/pkg.conf /usr/local/info /usr/local/lib/engines @@ -518,7 +517,66 @@ /usr/local/lib/libsyslog-ng-3.4.7.so /usr/local/lib/libsyslog-ng-3.5.4.1.so /usr/local/lib/libxml2.so.5 -/usr/local/lib/lighttpd +/usr/local/lib/lighttpd/mod_access.a +/usr/local/lib/lighttpd/mod_access.la +/usr/local/lib/lighttpd/mod_accesslog.a +/usr/local/lib/lighttpd/mod_accesslog.la +/usr/local/lib/lighttpd/mod_alias.a +/usr/local/lib/lighttpd/mod_alias.la +/usr/local/lib/lighttpd/mod_auth.a +/usr/local/lib/lighttpd/mod_auth.la +/usr/local/lib/lighttpd/mod_cgi.a +/usr/local/lib/lighttpd/mod_cgi.la +/usr/local/lib/lighttpd/mod_cml.a +/usr/local/lib/lighttpd/mod_cml.la +/usr/local/lib/lighttpd/mod_compress.a +/usr/local/lib/lighttpd/mod_compress.la +/usr/local/lib/lighttpd/mod_dirlisting.a +/usr/local/lib/lighttpd/mod_dirlisting.la +/usr/local/lib/lighttpd/mod_evasive.a +/usr/local/lib/lighttpd/mod_evasive.la +/usr/local/lib/lighttpd/mod_evhost.a +/usr/local/lib/lighttpd/mod_evhost.la +/usr/local/lib/lighttpd/mod_expire.a +/usr/local/lib/lighttpd/mod_expire.la +/usr/local/lib/lighttpd/mod_fastcgi.a +/usr/local/lib/lighttpd/mod_fastcgi.la +/usr/local/lib/lighttpd/mod_flv_streaming.a +/usr/local/lib/lighttpd/mod_flv_streaming.la +/usr/local/lib/lighttpd/mod_indexfile.a +/usr/local/lib/lighttpd/mod_indexfile.la +/usr/local/lib/lighttpd/mod_mysql_vhost.a +/usr/local/lib/lighttpd/mod_mysql_vhost.la +/usr/local/lib/lighttpd/mod_proxy.a +/usr/local/lib/lighttpd/mod_proxy.la +/usr/local/lib/lighttpd/mod_redirect.a +/usr/local/lib/lighttpd/mod_redirect.la +/usr/local/lib/lighttpd/mod_rewrite.a +/usr/local/lib/lighttpd/mod_rewrite.la +/usr/local/lib/lighttpd/mod_rrdtool.a +/usr/local/lib/lighttpd/mod_rrdtool.la +/usr/local/lib/lighttpd/mod_scgi.a +/usr/local/lib/lighttpd/mod_scgi.la +/usr/local/lib/lighttpd/mod_secdownload.a +/usr/local/lib/lighttpd/mod_secdownload.la +/usr/local/lib/lighttpd/mod_setenv.a +/usr/local/lib/lighttpd/mod_setenv.la +/usr/local/lib/lighttpd/mod_simple_vhost.a +/usr/local/lib/lighttpd/mod_simple_vhost.la +/usr/local/lib/lighttpd/mod_ssi.a +/usr/local/lib/lighttpd/mod_ssi.la +/usr/local/lib/lighttpd/mod_staticfile.a +/usr/local/lib/lighttpd/mod_staticfile.la +/usr/local/lib/lighttpd/mod_status.a +/usr/local/lib/lighttpd/mod_status.la +/usr/local/lib/lighttpd/mod_trigger_b4_dl.a +/usr/local/lib/lighttpd/mod_trigger_b4_dl.la +/usr/local/lib/lighttpd/mod_userdir.a +/usr/local/lib/lighttpd/mod_userdir.la +/usr/local/lib/lighttpd/mod_usertrack.a +/usr/local/lib/lighttpd/mod_usertrack.la +/usr/local/lib/lighttpd/mod_webdav.a +/usr/local/lib/lighttpd/mod_webdav.la /usr/local/lib/mysql/libmysqlclient.so.15 /usr/local/lib/olsrd_dot_draw.so.0.3 /usr/local/lib/olsrd_dyn_gw.so.0.4 @@ -578,8 +636,6 @@ /usr/local/sbin/ipfw_context /usr/local/sbin/ipfw-classifyd /usr/local/sbin/kbdcheck -/usr/local/sbin/lighttpd -/usr/local/sbin/lighttpd-angel /usr/local/sbin/mdnsd /usr/local/sbin/mini_httpd /usr/local/sbin/mpd @@ -968,7 +1024,5 @@ /var/db/rrd/index.html /var/dhcpd/lib/libc.so.6 /var/etc/pppoe-vpn -/var/log/lighttpd -/var/log/lighttpd.log /var/mail/_relayd /var/mail/unbound |