Re: Fwd: [FAILED] Nightly Build of next (6351c81) for riscv64 on riscv64-01.haj.ipfire.org

Hi All, I just noticed that libgcrypt was reverted. So I will do a v2 version patch with the missing riscv header file added back in. I am running the build also on the riscv builder to confirm that it builds successfully. Regards, Adolf. On 26/05/2025 20:41, Adolf Belka wrote: Hi All, A

Fwd: [FAILED] Nightly Build of next (6351c81) for riscv64 on riscv64-01.haj.ipfire.org

Hi All, A riscv header file was forgotten in the libgrypt-1.11.1 tarball so it can't be built for riscv64. A patch has been added in the repo to fix the problem so the missing file is in the repo but not in any tarball yet. It will be in the next released version. I can get a copy of the re

[PATCH v2 2/2] Core Update 196: Adjust existing IPsec connections using ML-KEM

This causes existing IPsec connections using ML-KEM to always use it in conjunction with Curve 25519, in line with the changes dfa7cd2bbac3c746569368d70fefaf1ff4e1fed2 implements for newly configured IPsec connections. Again, we can reasonably assume an IPsec peer supporting ML-KEM also supports

[PATCH v2 1/2] vpnmain.cgi: Use ML-KEM only as a hybrid with Curve 25519

In commit 887778e0888d51eb9942ae310a43f6d2813efad3, the post-quantum key exchange algorithm ML-KEM was introduced, due to its support being added in strongSwan 6.0. However, using PQC key exchanges is commonly recommended only in conjunction with a traditional one, to avoid encrypted traffic becomi

Re: [PATCH 2/2] Core Update 196: Adjust existing IPsec connections using ML-KEM

Hello Michael, > Hello Peter, > > Thanks for this patch. > >> On 15 May 2025, at 09:09, Peter Müller wrote: >> >> This causes existing IPsec connections using ML-KEM to always use it in >> conjunction with Curve 25519, in line with the changes >> dfa7cd2bbac3c746569368d70fefaf1ff4e1fed2 >> imp

Re: [PATCH] index.cgi: Add wireguard status to home screen

Hi Michael, On 26/05/2025 15:43, Michael Tremer wrote: Hello, On 26 May 2025, at 13:10, Adolf Belka wrote: Hi Michael, On 26/05/2025 12:12, Michael Tremer wrote: Hello Adolf, Thank you for this patch. I have made some further changes to this, but in essence I agree with it: https://git

Re: [PATCH] index.cgi: Add wireguard status to home screen

Hello, > On 26 May 2025, at 13:10, Adolf Belka wrote: > > Hi Michael, > > On 26/05/2025 12:12, Michael Tremer wrote: >> Hello Adolf, >> Thank you for this patch. >> I have made some further changes to this, but in essence I agree with it: >> >> https://git.ipfire.org/?p=ipfire-2.x.git;a=comm

Re: [PATCH] index.cgi: Add wireguard status to home screen

Hi Michael, On 26/05/2025 12:12, Michael Tremer wrote: Hello Adolf, Thank you for this patch. I have made some further changes to this, but in essence I agree with it: https://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff;h=c29a07b2ee505811a6cd78ca643bf816beb77375 https://git.ipfire.o

Re: Suppress display of dependencies on pakfire.cgi main page

Hello Stephen, Apologies for the late response. May mailbox is overflowing as usual. > On 12 May 2025, at 20:15, step...@firemypi.org wrote: > > Hello, > > One of the changes that I want to make to pakfire.cgi is to remove the > dependencies from the 'install' and 'remove' boxes on the main p

Re: How to find green IP that is sending traffic to hostile network

Hello Tim, We should not really bring any forum conversations here, but I see that Adolf has asked you to… > On 23 May 2025, at 16:33, Tim Zakharov > wrote: > > At Status->Network (other)->Firewall Hits Graph I sometimes see values in the > 'To Hostile Networks' line beneath the graph, which

Re: [PATCH 2/2] Core Update 196: Adjust existing IPsec connections using ML-KEM

Hello Peter, Thanks for this patch. > On 15 May 2025, at 09:09, Peter Müller wrote: > > This causes existing IPsec connections using ML-KEM to always use it in > conjunction with Curve 25519, in line with the changes > dfa7cd2bbac3c746569368d70fefaf1ff4e1fed2 > implements for newly configured

Re: ruby build now failing in aarch64

Hello, I have no idea why we are running into this problem. Others have too, but there seems to be other circumstances. I pushed a patch the other day that fixes the problem for us: https://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff;h=e6791a9e4a3210201188daa981d3b2d2c092846e This is a wo

Re: dhcpcd has removed the rapid_commit option

Hello Adolf, That is not surprising at all then. I was wondering how the default would work in other places when it could not have. I suppose all the downsides are still there, so making it configurable is not a bad idea. This would reflect our current implementation. Best, -Michael > On 19 M

Re: [PATCH] index.cgi: Add wireguard status to home screen

Hello Adolf, Thank you for this patch. I have made some further changes to this, but in essence I agree with it: https://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff;h=c29a07b2ee505811a6cd78ca643bf816beb77375 https://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff;h=9f1f3da8f5866098177edd68

Re: [PATCH v2] screen: Update to version 5.0.1

Thank you. This seems to iron out any problems from the first tarball. Best, -Michael > On 23 May 2025, at 17:03, Adolf Belka wrote: > > - This v2 version is with the correct tarball, without the binary object > files. > - Update from version 5.0.0 to 5.0.1 > - Update of rootfile > - 5 CVE fix