BSD Commit Log Search

interfaces: fixes found during backport audit

interfaces: safer interfaces_pfsync_configure() handling

backend: extend mwexecfb() to take pidfile and/or logfile

This allows to hide the daemon command completely making the calls
look like normal mwexecf() invokes.

interfaces: to shell_safe to mwexecf(b)

interfaces: interface_carp_configure() conversion

The use of str_replace+addslashes+escapeshellarg is very odd:

https://github.com/pfsense/pfsense/commit/942fdd555964d48
https://redmine.pfsense.org/issues/213

To avoid bugs leave this for now.  escapeshellarg should be able
to handle this on its own.  The password parsing is not more special
than anything else passed to the command line unless there is a bug
somewhere else which I doubt.

interfaces: convert interface_ipalias_configure()

interfaces: limit execution of sysctl scope in PPP device code

(cherry picked from commit 14658bd794376075d0ad4b8ba9130269b82d27a7)

mvc: edge case comments and shims for exec() and shell_safe()

(cherry picked from commit c380799cd4e27af80db4edac19a79aabded6df6a)

interfaces: limit execution of sysctl scope in PPP device code

mvc: edge case comments and shims for exec() and shell_safe()

rc: do not error on impossible beep

(cherry picked from commit 1b7a970304d8d90e83ba62713535461737b2aa7e)

rc: do not error on impossible beep

shell: make HTTPS fingerprint command more readable and fix lower case "sha256"

This makes it match the OpenSSH fingerprint output.

(cherry picked from commit d6031bf593161b1fa79ef5971a188056a7de75d5)

shell: make HTTPS fingerprint command more readable and fix lower case "sha256"

This makes it match the OpenSSH fingerprint output.

shell: script consolidation and safety changes

shell: it was so nice they require_once'd it twice

Interfaces: Diagnostics: Ping - move grid init/reload to tab show event, https://forum.opnsense.org/index.php?topic=49693.0

Ideally we should also move the button actions, but as that feature is not yet available, let's make sure we fix the current situation first with minimal changes.

(cherry picked from commit d9d3a548414748be9b7b18a03328ba16a76d1970)

captive portal: move grid init to tab show event

(cherry picked from commit bc8e2a7f61e9cb353937a65fff96954f5bb830ed)

VPN: WireGuard - fix wrong max PersistentKeepalive (1...65535), closes https://github.com/opnsense/core/issues/9406

(cherry picked from commit f31afb436d42de089e48a66098a3c0095a08fea8)

VPN: OpenVPN: Instances / Static Keys - require description to prevent items being lost easily. closes https://github.com/opnsense/core/issues/9287

(cherry picked from commit f4d29ca734aca6407d1b95a733990fe70f309686)

Services: Kea DHCP: Kea DHCPv4 - case insensitive mac address comparison

PR: https://github.com/opnsense/core/issues/9199
PR: https://github.com/opnsense/core/pull/9202

(cherry picked from commit c06452de79b219af7a2c4deb0a17e3e008e9462c)
(cherry picked from commit fbc403bcf8eba0389b6812140b66432000e8859f)
(cherry picked from commit 1d060380a56153f62609be01573b2399a6b4cc70)

system: missed array return in trust store call

ipsec: style

firmware: use exec() instead of shell_exec() for post-update sync call

xmlrpc: replace realif with device

(cherry picked from commit b166a44efd0c35c29d82a9e26c539c19e0e7f1d7)

system: add a user for pass_safe()

backend: replace mwexecf_bg() with mwexecfb() for clarity

system: reduce diff to master

interfaces: replace a few shell executions in static pages

interfaces: inline this shell execution as well