From 0f280d2adc9a4fccef532dcb810398238366617b Mon Sep 17 00:00:00 2001
From: jim-p <jimp@pfsense.org>
Date: Mon, 26 Jul 2010 17:35:39 -0400
Subject: Disable SSL peer verification in cURL. Also, explicitly set
 FOLLOWLOCATION to make sure that we can redirect properly. Both of these are
 needed to fix snort rule downloads.

---
 etc/inc/pfsense-utils.inc | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc
index 3d12fa9..14a2579 100644
--- a/etc/inc/pfsense-utils.inc
+++ b/etc/inc/pfsense-utils.inc
@@ -1542,6 +1542,9 @@ function download_file_with_progress_bar($url_file, $destination_file, $readbody
         $ch = curl_init();
         curl_setopt($ch, CURLOPT_URL, $url_file);
         curl_setopt($ch, CURLOPT_HEADERFUNCTION, 'read_header');
+        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
+        /* Don't verify SSL peers since we don't have the certificates to do so. */
+        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
         curl_setopt($ch, CURLOPT_WRITEFUNCTION, $readbody);
         curl_setopt($ch, CURLOPT_NOPROGRESS, '1');
         curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, '5');
-- 
cgit v1.1


From 09fec59d1abbfa403aa4d6808403070938a32f3b Mon Sep 17 00:00:00 2001
From: jim-p <jimp@pfsense.org>
Date: Tue, 27 Jul 2010 08:56:19 -0400
Subject: Fix path to dhcpd.conf in status.php

---
 usr/local/www/status.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/usr/local/www/status.php b/usr/local/www/status.php
index bc2656d..d1985e3 100755
--- a/usr/local/www/status.php
+++ b/usr/local/www/status.php
@@ -168,7 +168,7 @@ defCmdT("pftop -w 150 -a -b -v speed","/usr/local/sbin/pftop -w 150 -a -b -v spe
 defCmdT("resolv.conf","cat /etc/resolv.conf");
 
 defCmdT("Processes","ps xauww");
-defCmdT("dhcpd.conf","cat /var/etc/dhcpd.conf");
+defCmdT("dhcpd.conf","cat /var/dhcpd/etc/dhcpd.conf");
 defCmdT("ez-ipupdate.cache","cat /conf/ez-ipupdate.cache");
 
 defCmdT("df","/bin/df");
-- 
cgit v1.1


From 1ca3ccd499f05ba77c1334490f3461591a788785 Mon Sep 17 00:00:00 2001
From: jim-p <jimp@pfsense.org>
Date: Tue, 27 Jul 2010 09:16:41 -0400
Subject: Fix test for checking the prefer old IPsec SA box.

---
 usr/local/www/system_advanced_misc.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/usr/local/www/system_advanced_misc.php b/usr/local/www/system_advanced_misc.php
index 41f0979..1bdefe9 100644
--- a/usr/local/www/system_advanced_misc.php
+++ b/usr/local/www/system_advanced_misc.php
@@ -224,7 +224,7 @@ include("head.inc");
 							<tr>
 								<td width="22%" valign="top" class="vncell"><?=gettext("Security Assocications"); ?></td>
 								<td width="78%" class="vtable">
-									<input name="preferoldsa_enable" type="checkbox" id="preferoldsa_enable" value="yes" <?php if ($pconfig['preferoldsa_enable']) echo "checked"; ?> />
+									<input name="preferoldsa_enable" type="checkbox" id="preferoldsa_enable" value="yes" <?php if (isset($pconfig['preferoldsa_enable'])) echo "checked"; ?> />
 									<strong><?=gettext("Prefer older IPsec SAs"); ?></strong>
 									<br />
 									<?=gettext("By default, if several SAs match, the newest one is " .
-- 
cgit v1.1


From 72b7647fb507c216fd5af02beb3805e80f4df39c Mon Sep 17 00:00:00 2001
From: jim-p <jimp@pfsense.org>
Date: Tue, 27 Jul 2010 09:18:22 -0400
Subject: Fix test of preferoldsa to check the proper variable name.

---
 etc/inc/vpn.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc
index 68e1064..1933e9f 100644
--- a/etc/inc/vpn.inc
+++ b/etc/inc/vpn.inc
@@ -86,7 +86,7 @@ function vpn_ipsec_configure($ipchg = false)
 	unlink_if_exists("{$g['vardb_path']}/ipsecpinghosts");
 	touch("{$g['vardb_path']}/ipsecpinghosts");
 
-	if(isset($config['ipsec']['preferredoldsa']))
+	if(isset($config['ipsec']['preferoldsa']))
 		mwexec("/sbin/sysctl -w net.key.preferred_oldsa=-30");
 	else
 		mwexec("/sbin/sysctl net.key.preferred_oldsa=0");
-- 
cgit v1.1


From bb890d383c853543e75a9d0a3e69da4aa01f14e8 Mon Sep 17 00:00:00 2001
From: jim-p <jimp@pfsense.org>
Date: Tue, 27 Jul 2010 09:19:59 -0400
Subject: Fix variable name for consistency.

---
 conf.default/config.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/conf.default/config.xml b/conf.default/config.xml
index 06513de..2296a42 100644
--- a/conf.default/config.xml
+++ b/conf.default/config.xml
@@ -566,7 +566,7 @@
 		-->
 	</shaper>
 	<ipsec>
-		<preferredoldsa/>
+		<preferoldsa/>
 		<!-- <enable/> -->
 		<!-- syntax:
 		<tunnel>
-- 
cgit v1.1


From 4a71c0873c237ecd4c6e50337b8550e3bb4184c2 Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Tue, 27 Jul 2010 19:15:39 +0000
Subject: Fixes #745. Validate group name against existing interfaces.

---
 usr/local/www/interfaces_groups_edit.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/usr/local/www/interfaces_groups_edit.php b/usr/local/www/interfaces_groups_edit.php
index 51feffd..430bd7b 100755
--- a/usr/local/www/interfaces_groups_edit.php
+++ b/usr/local/www/interfaces_groups_edit.php
@@ -71,6 +71,11 @@ if ($_POST) {
 	if (preg_match("/([^a-zA-Z])+/", $_POST['ifname'], $match))
 		$input_errors[] = "Only letters A-Z are allowed as the group name.";
 
+	$ifaces = get_configured_interface_with_descr();
+	foreach ($ifaces as $gif => $gdescr) {
+		if ($gdescr == $_POST['ifname'] || $gif == $_POST['ifname'])
+			$input_errors[] = "The specified group name is already used by an interface. Please choose another name.";
+	}
 	$ifgroupentry = array();
 	$ifgroupentry['ifname'] = $_POST['ifname'];
 	$members = "";
-- 
cgit v1.1