OpenVPN: Add validation for selecting username as CN without setting any authentication (#9878)
Added validation to openvpn to ensure a user can't select username as CN without setting any authentication when adding/editing an openvpn instance.
make: move assingments to proper include files
Most of this is versioning stuff except for the Python one
which can live in the space where the parent variable is
filled.
System: Gateways: Configuration - ensure proper types are emitted in searchGatewayAction() when configd action fails.
should prevent hard failures like:
TypeError: array_key_exists(): Argument #2 ($array) must be of type array, null given in /usr/local/opnsense/mvc/app/controllers/OPNsense/Routing/Api/SettingsController.php:122 Stack trace: #0
(cherry picked from commit a19a72cda8a9eb82ea4646f3b2a31f374e760a8c)
System: Gateways: Configuration - ensure proper types are emitted in searchGatewayAction() when configd action fails.
should prevent hard failures like:
TypeError: array_key_exists(): Argument #2 ($array) must be of type array, null given in /usr/local/opnsense/mvc/app/controllers/OPNsense/Routing/Api/SettingsController.php:122 Stack trace: #0
Firewall: Rules [new]: adjust row selection behavior for internal rules
re-use the same logic that decides checkbox rendering to disable the
relevant hover CSS and disable tabulator internal selection functionality
(cherry picked from commit 4bc542cc7fad2ccd11e08bcd7bd2266f2accefd1)
Firewall: Rules [new]: adjust row selection behavior for internal rules
re-use the same logic that decides checkbox rendering to disable the
relevant hover CSS and disable tabulator internal selection functionality
config: ignore future backups when they exist, closes https://github.com/opnsense/core/issues/9802
Although this is quite uncommon, having a machine with its clock set in the future for some time may leave backups that prevent future backups being made (because of the configured number of backups).
Usually diskspace is not really an issue and just removing future backups without knowing what the actual time is has downsides too, so lets leave them there and ignore them to warrant normal operation.
(cherry picked from commit 52a2dea4a54998bd01e687a8f5b3880bdec31b05)
configd: remove constant cleanups as they may influence requests from other threads executing different commands. As the file operations are already locked, we can simply trust these and close https://github.com/opnsense/core/issues/9864
In theory we might require a bit more temp space by not removing the already executed commands, but in practice that's likely not a huge issue.
If we would like to cleanup periodically, we would require the communication to stall for a bit when performing these cleanups on cached commands or flush their contents instead of removing them (so we can lock the files in the process). For now we assume the amount of cached commands is not very large and their content is managable.
(cherry picked from commit c8cd5565ec135a0111497fde2e20e3cb79324f0d)
config: ignore future backups when they exist, closes https://github.com/opnsense/core/issues/9802
Although this is quite uncommon, having a machine with its clock set in the future for some time may leave backups that prevent future backups being made (because of the configured number of backups).
Usually diskspace is not really an issue and just removing future backups without knowing what the actual time is has downsides too, so lets leave them there and ignore them to warrant normal operation.
Firewall: Diagnostics: States - minor glitch in searching, when no specific networks are selected, match all and offered filter. closes https://github.com/opnsense/core/issues/9876
configd: remove constant cleanups as they may influence requests from other threads executing different commands. As the file operations are already locked, we can simply trust these and close https://github.com/opnsense/core/issues/9864
In theory we might require a bit more temp space by not removing the already executed commands, but in practice that's likely not a huge issue.
If we would like to cleanup periodically, we would require the communication to stall for a bit when performing these cleanups on cached commands or flush their contents instead of removing them (so we can lock the files in the process). For now we assume the amount of cached commands is not very large and their content is managable.
Firewall: Diagnostics: States - replacement of SanitizeFilter() seems to have killed our state network lookup, strings should be safe to pass here, closes https://github.com/opnsense/core/issues/9876
