summaryrefslogtreecommitdiffstats
path: root/src/usr/local/www
Commit message (Collapse)AuthorAgeFilesLines
* Picture widget corrections. Fixes #9610jim-p2019-07-011-9/+34
| | | | | | | | * Sanitize user input before using as path/filenames * Use a more accurate method of determining image type on read * More sanity checks before reading images. (cherry picked from commit 2c544ac61ce98f716d50b8e5961d7dfba66804b5)
* Encode error output in services_captiveportal_mac.php. Fixes #9609jim-p2019-07-011-2/+2
| | | | (cherry picked from commit d31362b69d5d52dc196dc72f66e830cd1e6e9a4f)
* Encode hostname in services_acb.php before use. Fixes #9584jim-p2019-06-131-1/+1
| | | | (cherry picked from commit fe482ccc1eaf59137b29008bc040faaad25088f0)
* Ensure NTP values are treated as numbers before use. Fixes #9558jim-p2019-05-282-16/+16
| | | | (cherry picked from commit c92dbfc189ee4cc66726d817f47e5473f8ffe147)
* Add GUI components for MDS mitigation. Implements #9532jim-p2019-05-222-2/+51
| | | | | | | While here, add option to disable PTI display in sysinfo widget. Implements #9323 (cherry picked from commit 42c48efe1c326273079ac38176098a1993f8ae88)
* Use correct variable in IP address validation check for DNS. Fixes #9543jim-p2019-05-221-1/+1
| | | | (cherry picked from commit 912562c4d76e9b629e99d44c56b363147d9ded0d)
* Remove wildcards incorrectly used in isAllowedPage(). Fixes #9541jim-p2019-05-211-2/+2
| | | | (cherry picked from commit cf529cbe33ae53f3f95b37a227da141b97465f20)
* Fix a potential source of PHP errors when saving per-log settings. Fixes #9540jim-p2019-05-201-3/+5
| | | | While here, fix save descriptions.
* Implement new OpenVPN advanced options privilege. Fixes #9511jim-p2019-05-133-26/+85
| | | | (cherry picked from commit 4a1841a1fabcba0100f6a4f505fc1e132c29da20)
* Remove Advanced box from OpenVPN Wizard. Issue #9511jim-p2019-05-132-9/+0
| | | | (cherry picked from commit b8ca6554d022e99921835a2fdb35103f41a7302e)
* Fix ACB privileges. Fixes #9519jim-p2019-05-113-3/+19
| | | | (cherry picked from commit 18c1de41332473dacd8a24ddf34e558f6366c714)
* Add back DNS over TLS host verification code. Fixes #8602jim-p2019-05-102-2/+51
| | | | | | | | Requires Unbound 1.9.0_1 from pfsense/freebsd-ports, which fixes a bug in Unbound 1.9.0 which did not fully implement OpenSSL 1.0.2 host validation support. See https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=4206#c5 (cherry picked from commit 7e8bfed216304b37342a0800eb35ef7c29546f5d)
* status.php updatesjim-p2019-05-101-1/+9
| | | | | | | * Ensure firewall info is generated when run from the CLI * For SG-1100, also include its public key (cherry picked from commit 2309b26a2b4643d9b4d0ea9be371004a781acc09)
* Fix another typojim-p2019-05-101-1/+1
| | | | (cherry picked from commit a0930ca608eb6b22b256c95ab2d829932b085f82)
* Fix typojim-p2019-05-101-1/+1
| | | | (cherry picked from commit 929cc874f6d32908739cc30e70c0eeba25127fb8)
* Update copyright notices to 2019. Happy New YearSteve Beaver2019-05-10283-283/+283
| | | | (cherry picked from commit 0b4c14a491664053aad3cc76e1ffd67b70ff2da1)
* Add warning for OpenVPN client, server, and override privileges.jim-p2019-05-093-0/+3
| | | | | | | | | | Since these can use OpenVPN advanced directives to call external scripts, they can be used to run commands that the user may not otherwise have access to run. Issue #9510 (cherry picked from commit f75b0eb8e781570a84e8700b150e09e081ccacfe)
* Encode download parameter before use. Fixes #9508jim-p2019-05-091-1/+1
| | | | (cherry picked from commit ce77c104eee92cfbbc0d84980e60899295dadeac)
* Encode descr in the WOL widget. Fixes #9507jim-p2019-05-081-2/+2
| | | | (cherry picked from commit 5789a02eab9b2ebbcb1f28d1d037b408b436a853)
* Encode output in status_filter_reload.php. Fixes #9499jim-p2019-05-031-1/+1
| | | | (cherry picked from commit 1af9400d594cd183d011f22fa9b3a7630570a250)
* Init array before usejim-p2019-05-031-0/+1
| | | | (cherry picked from commit a8a0b1321d2a477772aac4d0034d819b61f2c9bf)
* Do now show scheduler icon when scheduler tag is emptyRenato Botelho2019-03-251-1/+2
| | | | Spotted by: Oliveira MaisSecurity <oliveira@maissecurity.com.br>
* Initialized entries variable before use. Fixes #9359jim-p2019-03-121-0/+2
| | | | (cherry picked from commit 9146639e722b4d437d19b5ade1157ae01849a313)
* Use only sshguard table for blocking ssh/gui attacks. Issue #9223jim-p2019-03-122-3/+2
| | | | (cherry picked from commit 555a9ab5c01101ddab7daa41f35d379d1c39b26e)
* Fix output buffering when downloading config backups. Fixes #9390jim-p2019-03-101-1/+5
| | | | (cherry picked from commit 4015b03d4b184e546cb3590430fee6f9953ce23e)
* Update privilegesjim-p2019-02-211-1/+1
| | | | (cherry picked from commit 3b3e31c248b8185372251f8bd2fbc2a95652a7ec)
* Fix OU Name DN entry when creating a user cert. Fixes #9317jim-p2019-02-131-1/+1
| | | | (cherry picked from commit 354b1c750d9eeb9ccf0dc22033c9c813ec88e6f3)
* Correct syntax error in diag_backup.php. Fixes #9316jim-p2019-02-131-2/+2
| | | | (cherry picked from commit e0b32eb9e6b040fd14025b5c32644959ba67250e)
* Force the <enableserial> on when restoring a backup on a device with serial ↵Luiz Souza2019-02-131-2/+4
| | | | | | | | | | only console. Affects multiple devices. Ticket #1547 (cherry picked from commit c91af4ac6a6b501b59a542acb4ace05e2b10e3ea)
* Fix limiter selection validation.jim-p2019-02-121-2/+2
| | | | (cherry picked from commit d0e9c310708fe7be6de86fe082f57e1fc27ce143)
* Test $sform before use, fixes #9313jim-p2019-02-121-6/+8
| | | | (cherry picked from commit 069585172e6408195b16bbe3090aeba56699ee51)
* Ticket #9308: Replace use of /etc/ca_countries by get_cert_country_codes()Renato Botelho2019-02-073-37/+4
|
* Make get_countr_code() parameter default to 'ALL'Renato Botelho2019-02-072-2/+2
|
* Add validation and encoding to various firewall advanced values. Issue #9294jim-p2019-01-292-49/+85
| | | | (cherry picked from commit 62baf0777924b2c21c832db3c0040988e7451c61)
* Input validation and encoding of IGMP proxy addresses. Issue #9294jim-p2019-01-292-4/+9
| | | | (cherry picked from commit 261916e5d3f833a58d5cef1afdadc7495ec2c74b)
* Validate NTP GPS type, encode output. Issue #9294jim-p2019-01-291-10/+21
| | | | (cherry picked from commit 938988609c306fcd44e25a053745c4b8332eeeb5)
* Encode traceroute error message. Issue #9294jim-p2019-01-291-1/+1
| | | | (cherry picked from commit 57ccd08bf7ee05b9a00750a1fd9cf8f148e0c9ac)
* Validate submitted interfaces. Issue #9294jim-p2019-01-291-1/+5
| | | | (cherry picked from commit 5cc7d21dc08be6c65a2bf7f8f4481dc13f4ae115)
* Fix input validation of webguiproto. Issue #9294jim-p2019-01-291-1/+8
| | | | (cherry picked from commit 56888f24ca2715e678a1324633a08d3a611b4136)
* status.php optimizations. Implements #9290jim-p2019-01-251-32/+84
| | | | | | | | | | | | | | | * Rewrites the command output so it is first written to files, then read through line-by-line to PHP. Should be much more efficient and consume less memory, making the previously "too large" commands viable. * Increase verboseness of ifconfig output, add supported media * Add "Listen Queues" output * Wording fixes * Script can now be run from the console to create and save an archive only: "php /usr/local/www/status.php" * New parameter: archiveonly When present, output is suppressed. Creates tgz which can be downloaded * New parameter: nocleanup When present, the individual status output .txt files are not removed from /tmp/status_output/ before exiting. (cherry picked from commit 6c17da07bf1ce9bfc304c97a5afe3e2e26221319)
* Fix desc of OpenVPN sync to show that it also syncs certs. Fixes #9283jim-p2019-01-221-1/+1
| | | | (cherry picked from commit 9f3b87d898e1fa8a5bfa40758e5747515cc38ad4)
* Packet capture page fixes. Fixes #9239jim-p2019-01-211-4/+19
| | | | | | | | | * Add "None" output level * Detect large files and refuse to print them in the GUI textarea * Ensure output buffering is off before doing readfile to avoid PHP consuming memory while downloading a large capture. (cherry picked from commit 36192f4a459ec5d5baf06819102ba783c1725ba1)
* Init array for 6o4 tunneling Fixes #9264jim-p2019-01-211-0/+1
| | | | (cherry picked from commit 5345b25405101eba3112c1d5daef99bd3b308533)
* Allow a trailing dot in a hostname on diag_dns.php. Fixes #9276jim-p2019-01-211-2/+2
| | | | (cherry picked from commit e56c473d7c4c2e7de71c43420c844e452dbcfa82)
* Remove links to DNSStuf tools. Fixes #9275jim-p2019-01-211-5/+0
| | | | (cherry picked from commit 08c49b4d74b87bf34dd46a37837147b857eb8859)
* Fix saving IPv6 over IPv4 tunneling NAT setting. Fixes #9264jim-p2019-01-101-5/+4
| | | | (cherry picked from commit 3fcf5ad71216922921801d85d063d360fde5566f)
* Change alias name/pf keyword check to be case insensitive. Fixes #9231jim-p2018-12-271-1/+1
| | | | (cherry picked from commit 2c5d3b1e5002598cb799a182ccc1d6e66d3aac5d)
* Init filter rules in firewall_nat.php. Fixes #9193jim-p2018-12-181-0/+1
| | | | (cherry picked from commit 701728c0778cbb4ccf95ebfad30bf56339d1a7e3)
* Fix DigitalOcean DynDNS clientGrant Sheehan2018-12-111-1/+3
| | | | | | | | Fixes the check on the return value since it's been updated to use HTTP/2 syntax. Also adds logic to allow using `@` to denote updating the root domain A record as well. (cherry picked from commit 5878d529949aafef165acdce8e7daae234c9d2c4)
* Minor fixes related to #9121Steve Beaver2018-12-112-2/+2
| | | | (cherry picked from commit 6f9729c0a53be67ced6d52e6e33dba6b237083ab)
OpenPOWER on IntegriCloud