diff --git a/lang/perl-mail-spamassassin/Makefile b/lang/perl-mail-spamassassin/Makefile index 4771d0544..26475a0d7 100644 --- a/lang/perl-mail-spamassassin/Makefile +++ b/lang/perl-mail-spamassassin/Makefile @@ -1,9 +1,9 @@ include $(TOPDIR)/rules.mk PKG_NAME:=perl-mail-spamassassin -PKG_RELEASE:=$(AUTORELEASE) -PKG_VERSION:=3.4.6 -PKG_HASH:=500c7e2a7cdf3aa4dd822d97aaff2ab22235a60cf17a68ab817861d215a4e568 +PKG_RELEASE:=1 +PKG_VERSION:=4.0.0 +PKG_HASH:=65979da7d103e3c37563f23a1a24f470090afb33664348968a00bf3d09a84f36 PKG_SOURCE_NAME:=Mail-SpamAssassin PKG_SOURCE_URL:=@APACHE/spamassassin/source diff --git a/lang/perl-mail-spamassassin/patches/010-openssl-deprecated.patch b/lang/perl-mail-spamassassin/patches/010-openssl-deprecated.patch deleted file mode 100644 index 819eb1536..000000000 --- a/lang/perl-mail-spamassassin/patches/010-openssl-deprecated.patch +++ /dev/null @@ -1,28 +0,0 @@ ---- a/spamc/libspamc.c -+++ b/spamc/libspamc.c -@@ -1213,9 +1213,11 @@ int message_filter(struct transport *tp, - - if (flags & SPAMC_USE_SSL) { - #ifdef SPAMC_SSL -+#if 0 - SSLeay_add_ssl_algorithms(); -- meth = SSLv23_client_method(); - SSL_load_error_strings(); -+#endif -+ meth = SSLv23_client_method(); - ctx = SSL_CTX_new(meth); - #else - UNUSED_VARIABLE(ssl); -@@ -1600,9 +1602,11 @@ int message_tell(struct transport *tp, c - - if (flags & SPAMC_USE_SSL) { - #ifdef SPAMC_SSL -+#if 0 - SSLeay_add_ssl_algorithms(); -- meth = SSLv23_client_method(); - SSL_load_error_strings(); -+#endif -+ meth = SSLv23_client_method(); - ctx = SSL_CTX_new(meth); - #else - UNUSED_VARIABLE(ssl); diff --git a/libs/libowfat/Makefile b/libs/libowfat/Makefile index 9f9fc742d..94f177711 100644 --- a/libs/libowfat/Makefile +++ b/libs/libowfat/Makefile @@ -5,12 +5,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=libowfat -PKG_VERSION:=0.32 -PKG_RELEASE:=6 +PKG_VERSION:=0.33 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://www.fefe.de/libowfat -PKG_HASH:=f4b9b3d9922dc25bc93adedf9e9ff8ddbebaf623f14c8e7a5f2301bfef7998c1 +PKG_HASH:=311ec8b3f4b72bb442e323fb013a98f956fa745547f2bc9456287b20d027cd7d PKG_MAINTAINER:=Daniel Golle PKG_LICENSE:=GPL-2.0 PKG_LICENSE_FILES:=COPYING @@ -36,6 +36,7 @@ endef TARGET_CFLAGS += $(FPIC) LOWFAT_MAKEOPTS = $(TARGET_CONFIGURE_OPTS) \ + AR="ar" \ CFLAGS="$(TARGET_CFLAGS) -I$(PKG_BUILD_DIR) -I$(STAGING_DIR)/usr/include" \ CCC="$(TARGET_CC)" \ CROSS="$(TARGET_CROSS)" \ @@ -49,16 +50,12 @@ LOWFAT_HOST_MAKEOPTS = $(HOST_CONFIGURE_OPTS) \ VERSION="$(PKG_VERSION)" \ OS="Linux" -# work around a nasty gcc bug -ifneq ($(CONFIG_GCC_VERSION_4_2_4),) - LOWFAT_MAKEOPTS += WOPTS="" -endif - define Build/Compile $(MAKE) -C $(PKG_BUILD_DIR) $(LOWFAT_MAKEOPTS) endef define Host/Compile + $(LN) . $(HOST_BUILD_DIR)/libowfat $(MAKE) -C $(HOST_BUILD_DIR) $(LOWFAT_HOST_MAKEOPTS) ent endef diff --git a/libs/libowfat/patches/001-fixbuild.patch b/libs/libowfat/patches/001-fixbuild.patch index 804b6e490..ebd9aca10 100644 --- a/libs/libowfat/patches/001-fixbuild.patch +++ b/libs/libowfat/patches/001-fixbuild.patch @@ -1,15 +1,15 @@ --- a/GNUmakefile +++ b/GNUmakefile -@@ -357,6 +357,8 @@ socket_accept4.o socket_accept6.o socket +@@ -368,6 +368,8 @@ socket_accept4.o socket_accept6.o socket socket_local6.o socket_recv4.o socket_recv6.o socket_remote4.o \ - socket_remote6.o: havesl.h + socket_remote6.o socket_accept4_flags.o socket_accept6_flags.o: havesl.h +socket_remote4.o: havescope.h + dns_nd6.o fmt_xlong.o scan_xlong.o fmt_ip6_flat.o $(TEXTCODE_OBJS): haveinline.h iob_send.o scan_ip6if.o: havealloca.h -@@ -386,6 +388,6 @@ update: +@@ -397,7 +399,7 @@ update: dl -n http://www.w3.org/TR/html5/entities.json entities.h: entities.json ent @@ -17,3 +17,4 @@ + libowfat-ent scan_html.o: entities.h + diff --git a/libs/libowfat/patches/010-gcc10.patch b/libs/libowfat/patches/010-gcc10.patch deleted file mode 100644 index eca1a60e5..000000000 --- a/libs/libowfat/patches/010-gcc10.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/io_internal.h -+++ b/io_internal.h -@@ -83,7 +83,7 @@ my_extern array io_pollfds; - my_extern long first_readable; - my_extern long first_writeable; - --my_extern long first_deferred; -+extern long first_deferred; - - my_extern enum __io_waitmode { - UNDECIDED, diff --git a/libs/libowfat/patches/012-remove-deprecated.patch b/libs/libowfat/patches/012-remove-deprecated.patch deleted file mode 100644 index 49e3c824c..000000000 --- a/libs/libowfat/patches/012-remove-deprecated.patch +++ /dev/null @@ -1,16 +0,0 @@ ---- a/scan/scan_iso8601.c -+++ b/scan/scan_iso8601.c -@@ -1,5 +1,4 @@ - #define _GNU_SOURCE --#define __deprecated__ - #include "scan.h" - #include "byte.h" - #include "case.h" ---- a/scan/scan_httpdate.c -+++ b/scan/scan_httpdate.c -@@ -1,5 +1,4 @@ - #define _GNU_SOURCE --#define __deprecated__ - #include "scan.h" - #include "byte.h" - #include "case.h" diff --git a/libs/libowfat/patches/020-cflags.patch b/libs/libowfat/patches/020-cflags.patch index 78ff58324..54555f70e 100644 --- a/libs/libowfat/patches/020-cflags.patch +++ b/libs/libowfat/patches/020-cflags.patch @@ -1,6 +1,6 @@ --- a/Makefile +++ b/Makefile -@@ -37,8 +37,8 @@ OPT_PLUS=-O3 $(NATIVE) +@@ -42,8 +42,8 @@ OPT_PLUS=-O3 $(NATIVE) DEFINE=-D_REENTRANT diff --git a/libs/libowfat/patches/030-pure.patch b/libs/libowfat/patches/030-pure.patch deleted file mode 100644 index 690e42251..000000000 --- a/libs/libowfat/patches/030-pure.patch +++ /dev/null @@ -1,291 +0,0 @@ ---- a/byte.h -+++ b/byte.h -@@ -9,17 +9,24 @@ - extern "C" { - #endif - --#ifndef __pure__ --#define __pure__ -+#ifndef ATTR_PURE -+# if defined __has_attribute -+# if __has_attribute (pure) -+# define ATTR_PURE __attribute__ ((pure)) -+# endif -+# endif -+#endif -+#ifndef ATTR_PURE -+# define ATTR_PURE - #endif - - /* byte_chr returns the smallest integer i between 0 and len-1 - * inclusive such that one[i] equals needle, or len if not found. */ --size_t byte_chr(const void* haystack, size_t len, char needle) __pure__; -+size_t byte_chr(const void* haystack, size_t len, char needle) ATTR_PURE; - - /* byte_rchr returns the largest integer i between 0 and len-1 inclusive - * such that one[i] equals needle, or len if not found. */ --size_t byte_rchr(const void* haystack,size_t len,char needle) __pure__; -+size_t byte_rchr(const void* haystack,size_t len,char needle) ATTR_PURE; - - /* byte_copy copies in[0] to out[0], in[1] to out[1], ... and in[len-1] - * to out[len-1]. */ -@@ -34,14 +41,14 @@ void byte_copyr(void* out, size_t len, c - * than, equal to, or greater than the string b[0], b[1], ..., - * b[len-1]. When the strings are different, byte_diff does not read - * bytes past the first difference. */ --int byte_diff(const void* a, size_t len, const void* b) __pure__; -+int byte_diff(const void* a, size_t len, const void* b) ATTR_PURE; - - /* byte_zero sets the bytes out[0], out[1], ..., out[len-1] to 0 */ - void byte_zero(void* out, size_t len); - - #define byte_equal(s,n,t) (!byte_diff((s),(n),(t))) - --int byte_equal_notimingattack(const void* a, size_t len,const void* b) __pure__; -+int byte_equal_notimingattack(const void* a, size_t len,const void* b) ATTR_PURE; - - #if defined(__i386__) || defined(__x86_64__) - #define UNALIGNED_ACCESS_OK ---- a/critbit.h -+++ b/critbit.h -@@ -5,18 +5,25 @@ - extern "C" { - #endif - --/* for __pure__ if we are compiling under dietlibc */ -+/* for ATTR_PURE if we are compiling under dietlibc */ - #include - --#ifndef __pure__ --#define __pure__ -+#ifndef ATTR_PURE -+# if defined __has_attribute -+# if __has_attribute (pure) -+# define ATTR_PURE __attribute__ ((pure)) -+# endif -+# endif -+#endif -+#ifndef ATTR_PURE -+# define ATTR_PURE - #endif - - typedef struct { - void *root; - } critbit0_tree; - --int critbit0_contains(critbit0_tree *t, const char *u) __pure__; -+int critbit0_contains(critbit0_tree *t, const char *u) ATTR_PURE; - int critbit0_insert(critbit0_tree *t, const char *u); - int critbit0_delete(critbit0_tree *t, const char *u); - void critbit0_clear(critbit0_tree *t); ---- a/scan.h -+++ b/scan.h -@@ -15,8 +15,15 @@ - extern "C" { - #endif - --#ifndef __pure__ --#define __pure__ -+#ifndef ATTR_PURE -+# if defined __has_attribute -+# if __has_attribute (pure) -+# define ATTR_PURE __attribute__ ((pure)) -+# endif -+# endif -+#endif -+#ifndef ATTR_PURE -+# define ATTR_PURE - #endif - - /* This file declared functions used to decode / scan / unmarshal -@@ -84,18 +91,18 @@ size_t scan_double(const char *in, doubl - size_t scan_plusminus(const char *src,signed int *dest); - - /* return the highest integer n<=limit so that isspace(in[i]) for all 0<=i<=n */ --size_t scan_whitenskip(const char *in,size_t limit) __pure__; -+size_t scan_whitenskip(const char *in,size_t limit) ATTR_PURE; - - /* return the highest integer n<=limit so that !isspace(in[i]) for all 0<=i<=n */ --size_t scan_nonwhitenskip(const char *in,size_t limit) __pure__; -+size_t scan_nonwhitenskip(const char *in,size_t limit) ATTR_PURE; - - /* return the highest integer n<=limit so that in[i] is element of - * charset (ASCIIZ string) for all 0<=i<=n */ --size_t scan_charsetnskip(const char *in,const char *charset,size_t limit) __pure__; -+size_t scan_charsetnskip(const char *in,const char *charset,size_t limit) ATTR_PURE; - - /* return the highest integer n<=limit so that in[i] is not element of - * charset (ASCIIZ string) for all 0<=i<=n */ --size_t scan_noncharsetnskip(const char *in,const char *charset,size_t limit) __pure__; -+size_t scan_noncharsetnskip(const char *in,const char *charset,size_t limit) ATTR_PURE; - - /* try to parse ASCII GMT date; does not understand time zones. */ - /* example dates: -@@ -103,17 +110,17 @@ size_t scan_noncharsetnskip(const char * - * "Sunday, 06-Nov-94 08:49:37 GMT" - * "Sun Nov 6 08:49:37 1994" - */ --size_t scan_httpdate(const char *in,time_t *t) __pure__; -+size_t scan_httpdate(const char *in,time_t *t) ATTR_PURE; - - /* try to parse ASCII ISO-8601 date; does not understand time zones. */ - /* example date: "2014-05-27T19:22:16Z" */ --size_t scan_iso8601(const char* in,struct timespec* t) __pure__; -+size_t scan_iso8601(const char* in,struct timespec* t) ATTR_PURE; - - /* some variable length encodings for integers */ --size_t scan_utf8(const char* in,size_t len,uint32_t* n) __pure__; --size_t scan_utf8_sem(const char* in,size_t len,uint32_t* n) __pure__; --size_t scan_asn1derlength(const char* in,size_t len,unsigned long long* n) __pure__; --size_t scan_asn1dertag(const char* in,size_t len,unsigned long long* n) __pure__; -+size_t scan_utf8(const char* in,size_t len,uint32_t* n) ATTR_PURE; -+size_t scan_utf8_sem(const char* in,size_t len,uint32_t* n) ATTR_PURE; -+size_t scan_asn1derlength(const char* in,size_t len,unsigned long long* n) ATTR_PURE; -+size_t scan_asn1dertag(const char* in,size_t len,unsigned long long* n) ATTR_PURE; - - /* Google protocol buffers */ - /* A protocol buffer is a sequence of (tag,value). -@@ -122,15 +129,15 @@ size_t scan_asn1dertag(const char* in,si - * 0, double type 1, strings type 2 and floats type 5. However, you - * have to check this yourself. - */ --size_t scan_varint(const char* in,size_t len, unsigned long long* n) __pure__; /* internal */ --size_t scan_pb_tag(const char* in,size_t len, size_t* fieldno,unsigned char* type) __pure__; -+size_t scan_varint(const char* in,size_t len, unsigned long long* n) ATTR_PURE; /* internal */ -+size_t scan_pb_tag(const char* in,size_t len, size_t* fieldno,unsigned char* type) ATTR_PURE; - - /* Then, depending on the field number, validate the type and call the - * corresponding of these functions to parse the value */ --size_t scan_pb_type0_int(const char* in,size_t len,unsigned long long* l) __pure__; --size_t scan_pb_type0_sint(const char* in,size_t len,signed long long* l) __pure__; --size_t scan_pb_type1_double(const char* in,size_t len,double* d) __pure__; --size_t scan_pb_type1_fixed64(const char* in,size_t len,uint64_t* b) __pure__; -+size_t scan_pb_type0_int(const char* in,size_t len,unsigned long long* l) ATTR_PURE; -+size_t scan_pb_type0_sint(const char* in,size_t len,signed long long* l) ATTR_PURE; -+size_t scan_pb_type1_double(const char* in,size_t len,double* d) ATTR_PURE; -+size_t scan_pb_type1_fixed64(const char* in,size_t len,uint64_t* b) ATTR_PURE; - /* NOTE: scan_pb_type2_stringlen only parses the length of the string, - * not the string itself. It will return the number of bytes parsed in - * the length, then set slen to the value of the length integer it just -@@ -141,9 +148,9 @@ size_t scan_pb_type1_fixed64(const char* - * parsing early without having to read and allocate memory for the rest - * (potentially gigabytes) of the data announced by one unreasonable - * string length value. */ --size_t scan_pb_type2_stringlen(const char* in,size_t len,const char** string, size_t* slen) __pure__; --size_t scan_pb_type5_float(const char* in,size_t len,float* f) __pure__; --size_t scan_pb_type5_fixed32(const char* in,size_t len,uint32_t* b) __pure__; -+size_t scan_pb_type2_stringlen(const char* in,size_t len,const char** string, size_t* slen) ATTR_PURE; -+size_t scan_pb_type5_float(const char* in,size_t len,float* f) ATTR_PURE; -+size_t scan_pb_type5_fixed32(const char* in,size_t len,uint32_t* b) ATTR_PURE; - - /* parse a netstring, input buffer is in (len bytes). - * if parsing is successful: -@@ -153,7 +160,7 @@ size_t scan_pb_type5_fixed32(const char* - * return 0 - * Note: *dest will point inside the input buffer! - */ --size_t scan_netstring(const char* in,size_t len,char** dest,size_t* slen) __pure__; -+size_t scan_netstring(const char* in,size_t len,char** dest,size_t* slen) ATTR_PURE; - - /* internal function that might be useful independently */ - /* convert from hex ASCII, return 0 to 15 for success or -1 for failure */ ---- a/str.h -+++ b/str.h -@@ -8,8 +8,15 @@ - extern "C" { - #endif - --#ifndef __pure__ --#define __pure__ -+#ifndef ATTR_PURE -+# if defined __has_attribute -+# if __has_attribute (pure) -+# define ATTR_PURE __attribute__ ((pure)) -+# endif -+# endif -+#endif -+#ifndef ATTR_PURE -+# define ATTR_PURE - #endif - - /* str_copy copies leading bytes from in to out until \0. -@@ -21,7 +28,7 @@ size_t str_copy(char *out,const char *in - * equal to, or greater than the string b[0], b[1], ..., b[m-1]=='\0'. - * If the strings are different, str_diff does not read bytes past the - * first difference. */ --int str_diff(const char *a,const char *b) __pure__; -+int str_diff(const char *a,const char *b) ATTR_PURE; - - /* str_diffn returns negative, 0, or positive, depending on whether the - * string a[0], a[1], ..., a[n]=='\0' is lexicographically smaller than, -@@ -29,24 +36,24 @@ int str_diff(const char *a,const char *b - * If the strings are different, str_diffn does not read bytes past the - * first difference. The strings will be considered equal if the first - * limit characters match. */ --int str_diffn(const char *a,const char *b,size_t limit) __pure__; -+int str_diffn(const char *a,const char *b,size_t limit) ATTR_PURE; - - #ifdef __dietlibc__ - #include - #define str_len(foo) strlen(foo) - #else - /* str_len returns the index of \0 in s */ --size_t str_len(const char *s) __pure__; -+size_t str_len(const char *s) ATTR_PURE; - #endif - - /* str_chr returns the index of the first occurance of needle or \0 in haystack */ --size_t str_chr(const char *haystack,char needle) __pure__; -+size_t str_chr(const char *haystack,char needle) ATTR_PURE; - - /* str_rchr returns the index of the last occurance of needle or \0 in haystack */ --size_t str_rchr(const char *haystack,char needle) __pure__; -+size_t str_rchr(const char *haystack,char needle) ATTR_PURE; - - /* str_start returns 1 if the b is a prefix of a, 0 otherwise */ --int str_start(const char *a,const char *b) __pure__; -+int str_start(const char *a,const char *b) ATTR_PURE; - - /* convenience shortcut to test for string equality */ - #define str_equal(s,t) (!str_diff((s),(t))) ---- a/stralloc.h -+++ b/stralloc.h -@@ -8,8 +8,15 @@ - extern "C" { - #endif - --#ifndef __pure__ --#define __pure__ -+#ifndef ATTR_PURE -+# if defined __has_attribute -+# if __has_attribute (pure) -+# define ATTR_PURE __attribute__ ((pure)) -+# endif -+# endif -+#endif -+#ifndef ATTR_PURE -+# define ATTR_PURE - #endif - - /* stralloc is the internal data structure all functions are working on. -@@ -101,17 +108,17 @@ static inline int stralloc_APPEND(strall - /* stralloc_starts returns 1 if the \0-terminated string in "in", without - * the terminating \0, is a prefix of the string stored in sa. Otherwise - * it returns 0. sa must already be allocated. */ --int stralloc_starts(stralloc* sa,const char* in) __pure__; -+int stralloc_starts(stralloc* sa,const char* in) ATTR_PURE; - - /* stralloc_diff returns negative, 0, or positive, depending on whether - * a is lexicographically smaller than, equal to, or greater than the - * string b. */ --int stralloc_diff(const stralloc* a,const stralloc* b) __pure__; -+int stralloc_diff(const stralloc* a,const stralloc* b) ATTR_PURE; - - /* stralloc_diffs returns negative, 0, or positive, depending on whether - * a is lexicographically smaller than, equal to, or greater than the - * string b[0], b[1], ..., b[n]=='\0'. */ --int stralloc_diffs(const stralloc* a,const char* b) __pure__; -+int stralloc_diffs(const stralloc* a,const char* b) ATTR_PURE; - - #define stralloc_equal(a,b) (!stralloc_diff((a),(b))) - #define stralloc_equals(a,b) (!stralloc_diffs((a),(b))) diff --git a/libs/postgresql/Makefile b/libs/postgresql/Makefile index a4bba598b..793c0cfd1 100644 --- a/libs/postgresql/Makefile +++ b/libs/postgresql/Makefile @@ -5,8 +5,8 @@ include $(TOPDIR)/rules.mk PKG_NAME:=postgresql -PKG_VERSION:=14.5 -PKG_RELEASE:=$(AUTORELEASE) +PKG_VERSION:=14.6 +PKG_RELEASE:=1 PKG_MAINTAINER:=Daniel Golle PKG_LICENSE:=PostgreSQL PKG_CPE_ID:=cpe:/a:postgresql:postgresql @@ -17,7 +17,7 @@ PKG_SOURCE_URL:=\ http://ftp.postgresql.org/pub/source/v$(PKG_VERSION) \ ftp://ftp.postgresql.org/pub/source/v$(PKG_VERSION) -PKG_HASH:=d4f72cb5fb857c9a9f75ec8cf091a1771272802f2178f0b2e65b7b6ff64f4a30 +PKG_HASH:=508840fc1809d39ab72274d5f137dabb9fd7fb4f933da4168aeebb20069edf22 PKG_USE_MIPS16:=0 PKG_FIXUP:=autoreconf diff --git a/libs/postgresql/patches/700-no-arm-crc-march-change.patch b/libs/postgresql/patches/700-no-arm-crc-march-change.patch index 05d3198c2..9c4dcaae2 100644 --- a/libs/postgresql/patches/700-no-arm-crc-march-change.patch +++ b/libs/postgresql/patches/700-no-arm-crc-march-change.patch @@ -1,6 +1,6 @@ --- a/configure.ac +++ b/configure.ac -@@ -2141,9 +2141,9 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [ +@@ -2156,9 +2156,9 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [ # flags. If not, check if adding -march=armv8-a+crc flag helps. # CFLAGS_ARMV8_CRC32C is set if the extra flag is required. PGAC_ARMV8_CRC32C_INTRINSICS([]) diff --git a/mail/emailrelay/Makefile b/mail/emailrelay/Makefile index 7b377438e..7ec681bc3 100644 --- a/mail/emailrelay/Makefile +++ b/mail/emailrelay/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=emailrelay -PKG_VERSION:=2.2 -PKG_RELEASE:=$(AUTORELEASE) +PKG_VERSION:=2.4.1 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-src.tar.gz PKG_SOURCE_URL:=@SF/emailrelay/$(PKG_VERSION) -PKG_HASH:=41da9f4356eb6c6935a32f2940edb7af04b202e531c1028f700b93a36a03b0ac +PKG_HASH:=cff8cf5bff19fd1721cefdbd6207da67af01d2b1b4a51d147c33f4429a79766e PKG_MAINTAINER:=Federico Di Marco PKG_LICENSE:=GPL-3.0-or-later diff --git a/mail/emailrelay/patches/010-gcc11.patch b/mail/emailrelay/patches/010-gcc11.patch deleted file mode 100644 index 29ad358e8..000000000 --- a/mail/emailrelay/patches/010-gcc11.patch +++ /dev/null @@ -1,20 +0,0 @@ ---- a/src/gnet/gsocket.h -+++ b/src/gnet/gsocket.h -@@ -27,6 +27,7 @@ - #include "gevent.h" - #include "gdescriptor.h" - #include "greadwrite.h" -+#include - #include - #include - ---- a/src/gssl/gssl.h -+++ b/src/gssl/gssl.h -@@ -26,6 +26,7 @@ - #include "gdef.h" - #include "gstrings.h" - #include "greadwrite.h" -+#include - #include - #include - diff --git a/net/pbr/Makefile b/net/pbr/Makefile index 4a7255c48..e5b967ff0 100644 --- a/net/pbr/Makefile +++ b/net/pbr/Makefile @@ -4,8 +4,8 @@ include $(TOPDIR)/rules.mk PKG_NAME:=pbr -PKG_VERSION:=1.0.0 -PKG_RELEASE:=2 +PKG_VERSION:=1.0.1 +PKG_RELEASE:=1 PKG_LICENSE:=GPL-3.0-or-later PKG_MAINTAINER:=Stan Grishin @@ -20,7 +20,7 @@ define Package/pbr/default URL:=https://docs.openwrt.melmac.net/pbr/ DEPENDS:=+ip-full +jshn +jsonfilter +resolveip CONFLICTS:=vpnbypass vpn-policy-routing - PROVIDES:=vpnbypass vpn-policy-routing + PROVIDES:=pbr vpnbypass vpn-policy-routing PKGARCH:=all endef diff --git a/net/pbr/files/etc/init.d/pbr.init b/net/pbr/files/etc/init.d/pbr.init index 22c8b03a2..3ee9a9b8c 100755 --- a/net/pbr/files/etc/init.d/pbr.init +++ b/net/pbr/files/etc/init.d/pbr.init @@ -121,7 +121,7 @@ get_text() { errorPolicyNoSrcDest) r="Policy '%s' has no source/destination parameters!";; errorPolicyNoInterface) r="Policy '%s' has no assigned interface!";; errorPolicyUnknownInterface) r="Policy '%s' has an unknown interface!";; - errorPolicyProcess) r="%s";; + errorPolicyProcessCMD) r="%s";; errorFailedSetup) r="Failed to set up '%s'!";; errorFailedReload) r="Failed to reload '%s'!";; errorUserFileNotFound) r="Custom user file '%s' not found or empty!";; @@ -129,9 +129,20 @@ get_text() { errorUserFileRunning) r="Error running custom user file '%s'!";; errorUserFileNoCurl) r="Use of 'curl' is detected in custom user file '%s', but 'curl' isn't installed!";; errorNoGateways) r="Failed to set up any gateway!";; + errorResolver) r="Resolver %s";; + errorPolicyProcessNoIpv6) r="Skipping IPv6 policy '%s' as IPv6 support is disabled";; + errorPolicyProcessUnknownFwmark) r="Unknown packet mark for interface '%s'";; + errorPolicyProcessMismatchFamily) r="Mismatched IP family between in policy %s";; + errorPolicyProcessUnknownProtocol) r="Unknown protocol in policy %s";; + errorPolicyProcessInsertionFailed) r="Insertion failed for both IPv4 and IPv6 for policy %s";; + errorPolicyProcessInsertionFailedIpv4) r="Insertion failed for IPv4 for policy %s";; warningResolverNotSupported) r="Resolver set (${resolver_set}) is not supported on this system.";; warningAGHVersionTooLow) r="Installed AdGuardHome (%s) doesn't support 'ipset_file' option.";; - warningPolicyProcess) r="%s";; + warningPolicyProcessCMD) r="%s";; + warningTorUnsetParams) r="Please unset 'src_addr', 'src_port' and 'dest_port' for policy '%s'";; + warningTorUnsetProto) r="Please unset 'proto' or set 'proto' to 'all' for policy '%s'";; + warningTorUnsetChainIpt) r="Please unset 'chain' or set 'chain' to 'PREROUTING' for policy '%s'";; + warningTorUnsetChainNft) r="Please unset 'chain' or set 'chain' to 'prerouting' for policy '%s'";; esac echo "$r" } @@ -141,6 +152,7 @@ output_ok() { output 1 "$_OK_"; output 2 "$__OK__\\n"; } output_okn() { output 1 "$_OK_\\n"; output 2 "$__OK__\\n"; } output_fail() { s=1; output 1 "$_FAIL_"; output 2 "$__FAIL__\\n"; } output_failn() { output 1 "$_FAIL_\\n"; output 2 "$__FAIL__\\n"; } +# shellcheck disable=SC2317 str_replace() { printf "%b" "$1" | sed -e "s/$(printf "%b" "$2")/$(printf "%b" "$3")/g"; } str_replace() { echo "${1//$2/$3}"; } str_contains() { [ -n "$1" ] &&[ -n "$2" ] && [ "${1//$2}" != "$1" ]; } @@ -192,10 +204,8 @@ pbr_find_iface() { pbr_get_gateway() { local iface="$2" dev="$3" gw network_get_gateway gw "$iface" true -# if [ -z "$gw" ] || [ "$gw" = '0.0.0.0' ]; then -# gw="$(ubus call "network.interface.${iface}" status | jsonfilter -e "@.route[0].nexthop")" -# fi if [ -z "$gw" ] || [ "$gw" = '0.0.0.0' ]; then +# gw="$(ubus call "network.interface.${iface}" status | jsonfilter -e "@.route[0].nexthop")" gw="$($ip_full -4 a list dev "$dev" 2>/dev/null | grep inet | awk '{print $2}' | awk -F "/" '{print $1}')" fi eval "$1"='$gw' @@ -464,7 +474,7 @@ ips() { case "$type" in ip|net) ips4 -q -! create "$ipset4" "hash:$type" comment && ipv4_error=0 - ips6 -q -! create "$ipset6" "hash:$type" comment family inet6 && ipv4_error=0 + ips6 -q -! create "$ipset6" "hash:$type" comment family inet6 && ipv6_error=0 case "$target" in dst) ipt4 -t mangle -A "${iptPrefix}_PREROUTING" -m set --match-set "$ipset4" dst -g "${iptPrefix}_MARK_${mark}" && ipv4_error=0 @@ -515,7 +525,11 @@ ips() { ips6 -q -! flush "$ipset6" && ipv6_error=0 ;; esac - return $ipv4_error || $ipv6_error + if [ "$ipv4_error" -eq '0' ] || [ "$ipv6_error" -eq '0' ]; then + return 0 + else + return 1 + fi } # atomic @@ -549,7 +563,6 @@ nftset() { nft4 add element inet "$nftTable" "$nftset4" "{ $param }" && ipv4_error=0 nft6 add element inet "$nftTable" "$nftset6" "{ $param }" && ipv6_error=0 else -# elif is_domain "$param"; then if [ "$target" = 'src' ]; then param4="$(ipv4_leases_to_nftset "$param")" param6="$(ipv6_leases_to_nftset "$param")" @@ -637,7 +650,11 @@ nftset() { esac # nft6 returns true if IPv6 support is not enabled [ -z "$ipv6_enabled" ] && ipv6_error='1' - return $ipv4_error || $ipv6_error + if [ "$ipv4_error" -eq '0' ] || [ "$ipv6_error" -eq '0' ]; then + return 0 + else + return 1 + fi } cleanup_dnsmasq() { [ -s "$dnsmasqFile" ] && resolverStoredHash="$(md5sum $dnsmasqFile | awk '{ print $1; }')" && rm "$dnsmasqFile" >/dev/null 2>&1; } @@ -700,8 +717,6 @@ state() { if [ -n "$(eval echo "\$$param")" ]; then while read -r line; do if str_contains "$line" ' '; then -# url="${c##*|}" -# c="${c%|*}" error_id="${line% *}" error_extra="${line#* }" else @@ -1006,7 +1021,6 @@ resolver() { } trap_process() { -# verbosity=0 output "\\n" output "Unexpected exit or service termination: '${1}'!\\n" state add 'errorSummary' 'errorUnexpectedExit' "$1" @@ -1029,7 +1043,6 @@ traffic_killswitch() { if is_nft; then nft add chain inet "$nftTable" "${nftPrefix}_killswitch" '{ type filter hook forward priority 0; policy accept; }' || s=1 nft add rule inet "$nftTable" "${nftPrefix}_killswitch" oifname "$wan_device" ip saddr "$lan_subnet" counter reject || s=1 -# nft add rule inet "$nftTable" "${nftPrefix}_killswitch" oifname '$wan_devices' ip saddr '$lan_subnet' counter reject || s=1 else ipt -N "${iptPrefix}_KILLSWITCH" || s=1 ipt -A "${iptPrefix}_KILLSWITCH" -s "$lan_subnet" -o "$wan_device" -j REJECT || s=1 @@ -1073,16 +1086,19 @@ policy_routing_tor_iptables() { chain="$(str_to_upper "$8")" chain="${chain:-PREROUTING}" if [ -n "${src_addr}${src_port}${dest_port}" ]; then - processPolicyWarning="${processPolicyWarning}${_WARNING_}: Please unset 'src_addr', 'src_port' and 'dest_port' for policy '$comment'\\n" + state add 'warningSummary' 'warningTorUnsetParams' "$comment" fi if [ -n "$proto" ] && [ "$proto" != "all" ]; then - processPolicyWarning="${processPolicyWarning}${_WARNING_}: Please unset 'proto' or set 'proto' to 'all' for policy '$comment'\\n" + state add 'warningSummary' 'warningTorUnsetProto' "$comment" fi if [ "$chain" != "PREROUTING" ]; then - processPolicyWarning="${processPolicyWarning}${_WARNING_}: Please unset 'chain' or set 'chain' to 'PREROUTING' for policy '$comment'\\n" + state add 'warningSummary' 'warningTorUnsetChainIpt' "$comment" + fi + if ! resolver 'add_resolver_element' "$iface" 'dst' 'ip' '' "${comment}: $dest_addr" "$dest_addr"; then + processPolicyError='true' + state add 'errorSummary' 'errorResolver' "'add_resolver_element' '$iface' 'dst' 'ip' '${comment}: $dest_addr' '$dest_addr'" + return 1 fi - resolver 'add_resolver_element' "$iface" 'dst' 'ip' '' "${comment}: $dest_addr" "$dest_addr" || \ - processPolicyError="${processPolicyError}${_ERROR_}: resolver 'add_resolver_element' '$iface' 'dst' 'ip' '${comment}: $dest_addr' '$dest_addr'\\n" return 0 } policy_routing_tor_nft() { @@ -1091,16 +1107,19 @@ policy_routing_tor_nft() { chain="$(str_to_lower "$8")" chain="${chain:-prerouting}" if [ -n "${src_addr}${src_port}${dest_port}" ]; then - processPolicyWarning="${processPolicyWarning}${_WARNING_}: Please unset 'src_addr', 'src_port' and 'dest_port' for policy '$comment'\\n" + state add 'warningSummary' 'warningTorUnsetParams' "$comment" fi if [ -n "$proto" ] && [ "$proto" != "all" ]; then - processPolicyWarning="${processPolicyWarning}${_WARNING_}: Please unset 'proto' or set 'proto' to 'all' for policy '$comment'\\n" + state add 'warningSummary' 'warningTorUnsetProto' "$comment" fi if [ "$chain" != "prerouting" ]; then - processPolicyWarning="${processPolicyWarning}${_WARNING_}: Please unset 'chain' or set 'chain' to 'prerouting' for policy '$comment'\\n" + state add 'warningSummary' 'warningTorUnsetChainNft' "$comment" + fi + if ! resolver 'add_resolver_element' "$iface" 'dst' 'ip' '' "${comment}: $dest_addr" "$dest_addr"; then + processPolicyError='true' + state add 'errorSummary' 'errorResolver' "'add_resolver_element' '$iface' 'dst' 'ip' '${comment}: $dest_addr' '$dest_addr'" + return 1 fi - resolver 'add_resolver_element' "$iface" 'dst' 'ip' '' "${comment}: $dest_addr" "$dest_addr" || \ - processPolicyError="${processPolicyError}${_ERROR_}: resolver 'add_resolver_element' '$iface' 'dst' 'ip' '${comment}: $dest_addr' '$dest_addr'\\n" return 0 } @@ -1115,7 +1134,8 @@ policy_routing_iptables() { mark=$(eval echo "\$mark_${iface//-/_}") if [ -n "$ipv6_enabled" ] && { is_ipv6 "$laddr" || is_ipv6 "$raddr"; }; then - processPolicyError="${processPolicyError}${_ERROR_}: Skipping IPv6 policy '$name' as IPv6 support is disabled\\n" + processPolicyError='true' + state add 'errorSummary' 'errorPolicyProcessNoIpv6' "$name" return 1 fi @@ -1124,7 +1144,8 @@ policy_routing_iptables() { elif [ "$iface" = "ignore" ]; then dest="-j RETURN" else - processPolicyError="${processPolicyError}${_ERROR_}: Unknown fw_mark for ${iface}\\n" + processPolicyError='true' + state add 'errorSummary' 'errorPolicyProcessUnknownFwmark' "$iface" return 1 fi @@ -1137,7 +1158,8 @@ policy_routing_iptables() { fi if is_family_mismatch "$laddr" "$raddr"; then - processPolicyError="${processPolicyError}${_ERROR_}: Mismatched IP family between '$laddr' and '$raddr' in policy '$name'\\n" + processPolicyError='true' + state add 'errorSummary' 'errorPolicyProcessMismatchFamily' "${name}: '$laddr' '$raddr'" return 1 fi @@ -1146,7 +1168,8 @@ policy_routing_iptables() { param4="-t mangle ${ipInsertOption} ${iptPrefix}_${chain} $dest" param6="-t mangle ${ipInsertOption} ${iptPrefix}_${chain} $dest" elif ! is_supported_protocol "$i"; then - processPolicyError="${processPolicyError}${_ERROR_}: Unknown protocol '$i' in policy '$name'\\n" + processPolicyError='true' + state add 'errorSummary' 'errorPolicyProcessUnknownProtocol' "${name}: '$i'" return 1 else param4="-t mangle ${ipInsertOption} ${iptPrefix}_${chain} $dest -p $i" @@ -1275,11 +1298,14 @@ policy_routing_iptables() { [ -z "$ipv6_enabled" ] && ipv6_error='1' if [ "$ipv4_error" -eq '1' ] && [ "$ipv6_error" -eq '1' ]; then if [ -n "$ipv6_enabled" ]; then - processPolicyError="${processPolicyError}${_ERROR_}: Policy insertion failed for both IPv4 and IPv6!\\n" - processPolicyError="${processPolicyError}${_ERROR_}: iptables $param4\\n" - processPolicyError="${processPolicyError}${_ERROR_}: iptables $param6\\n" + processPolicyError='true' + state add 'errorSummary' 'errorPolicyProcessInsertionFailed' "$name" + state add 'errorSummary' 'errorPolicyProcessCMD' "iptables $param4" + state add 'errorSummary' 'errorPolicyProcessCMD' "iptables $param6" else - processPolicyError="${processPolicyError}${_ERROR_}: iptables $param4\\n" + processPolicyError='true' + state add 'errorSummary' 'errorPolicyProcessInsertionFailedIpv4' "$name" + state add 'errorSummary' 'errorPolicyProcessCMD' "iptables $param4" fi fi @@ -1295,7 +1321,8 @@ policy_routing_nft() { mark=$(eval echo "\$mark_${iface//-/_}") if [ -z "$ipv6_enabled" ] && { is_ipv6 "$src_addr" || is_ipv6 "$dest_addr"; }; then - processPolicyError="${processPolicyError}${_ERROR_}: Skipping IPv6 policy '$name' as IPv6 support is disabled\\n" + processPolicyError='true' + state add 'errorSummary' 'errorPolicyProcessNoIpv6' "$name" return 1 fi @@ -1304,17 +1331,20 @@ policy_routing_nft() { elif [ "$iface" = "ignore" ]; then dest="return" else - processPolicyError="${processPolicyError}${_ERROR_}: Unknown packet mark for ${iface}\\n" + processPolicyError='true' + state add 'errorSummary' 'errorPolicyProcessUnknownFwmark' "$iface" return 1 fi if is_family_mismatch "$src_addr" "$dest_addr"; then - processPolicyError="${processPolicyError}${_ERROR_}: Mismatched IP family between '$src_addr' and '$dest_addr' in policy '$name'\\n" + processPolicyError='true' + state add 'errorSummary' 'errorPolicyProcessMismatchFamily' "${name}: '$laddr' '$raddr'" return 1 fi if [ -n "$proto" ] && ! is_supported_protocol "$proto"; then - processPolicyError="${processPolicyError}${_ERROR_}: Unknown protocol '$i' in policy '$name'\\n" + processPolicyError='true' + state add 'errorSummary' 'errorPolicyProcessUnknownProtocol' "${name}: '$i'" return 1 fi @@ -1427,11 +1457,14 @@ policy_routing_nft() { [ -z "$ipv6_enabled" ] && ipv6_error='1' if [ "$ipv4_error" -eq '1' ] && [ "$ipv6_error" -eq '1' ]; then if [ -n "$ipv6_enabled" ]; then - processPolicyError="${processPolicyError}${_ERROR_}: Policy insertion failed for both IPv4 and IPv6!\\n" - processPolicyError="${processPolicyError}${_ERROR_}: nft '$param4'\\n" - processPolicyError="${processPolicyError}${_ERROR_}: nft '$param6'\\n" + processPolicyError='true' + state add 'errorSummary' 'errorPolicyProcessInsertionFailed' "$name" + state add 'errorSummary' 'errorPolicyProcessCMD' "nft '$param4'" + state add 'errorSummary' 'errorPolicyProcessCMD' "nft '$param6'" else - processPolicyError="${processPolicyError}${_ERROR_}: nft '$param4'\\n" + processPolicyError='true' + state add 'errorSummary' 'errorPolicyProcessInsertionFailedIpv4' "$name" + state add 'errorSummary' 'errorPolicyProcessCMD' "nft '$param4'" fi fi } @@ -1440,7 +1473,6 @@ policy_process() { local i j uid="$9" if [ -z "$uid" ]; then # first non-recursive call [ "$enabled" -gt 0 ] || return 0 - unset processPolicyWarning unset processPolicyError uid="$1" if is_nft; then @@ -1466,22 +1498,18 @@ policy_process() { fi src_port="${src_port// / }"; src_port="${src_port// /,}"; src_port="${src_port//,\!/ !}"; dest_port="${dest_port// / }"; dest_port="${dest_port// /,}"; dest_port="${dest_port//,\!/ !}"; - if is_nft; then - nftset 'flush' "$interface" "dst" "ip" "$uid" - nftset 'flush' "$interface" "src" "ip" "$uid" - nftset 'flush' "$interface" "src" "mac" "$uid" - else - ips 'flush' "$interface" "dst" "ip" "$uid" - ips 'flush' "$interface" "src" "ip" "$uid" - ips 'flush' "$interface" "src" "mac" "$uid" - fi +# if is_nft; then +# nftset 'flush' "$interface" "dst" "ip" "$uid" +# nftset 'flush' "$interface" "src" "ip" "$uid" +# nftset 'flush' "$interface" "src" "mac" "$uid" +# else +# ips 'flush' "$interface" "dst" "ip" "$uid" +# ips 'flush' "$interface" "src" "ip" "$uid" +# ips 'flush' "$interface" "src" "mac" "$uid" +# fi policy_process "$name" "$interface" "$src_addr" "$src_port" "$dest_addr" "$dest_port" "$proto" "$chain" "$uid" - if [ -n "$processPolicyWarning" ]; then - state add 'warningSummary' 'warningPolicyProcess' "$processPolicyWarning" - fi if [ -n "$processPolicyError" ]; then output_fail - state add 'errorSummary' 'errorPolicyProcess' "$processPolicyError" else output_ok fi @@ -1641,7 +1669,7 @@ interface_routing() { else $ip_full -4 route add default via "$gw4" dev "$dev" table "$tid" >/dev/null 2>&1 || ipv4_error=1 fi - # shellcheck disable=SC2086 +# shellcheck disable=SC2086 while read -r i; do i="$(echo "$i" | sed 's/ linkdown$//')" i="$(echo "$i" | sed 's/ onlink$//')" @@ -1709,7 +1737,6 @@ EOF return "$s" ;; create_user_set) - [ -z "$createUserSets" ] && return 0; if is_nft; then nftset 'create_user_set' "$iface" 'dst' 'ip' 'user' '' "$mark" || s=1 nftset 'create_user_set' "$iface" 'src' 'ip' 'user' '' "$mark" || s=1 @@ -1833,8 +1860,7 @@ interface_process() { case "$action" in create) output 2 "Setting up routing for '$displayText' " - if interface_routing 'create' "$ifaceTableID" "$ifaceMark" "$iface" "$gw4" "$dev" "$gw6" "$dev6" "$ifacePriority" && \ - interface_routing 'create_user_set' "$ifaceTableID" "$ifaceMark" "$iface" "$gw4" "$dev" "$gw6" "$dev6" "$ifacePriority"; then + if interface_routing 'create' "$ifaceTableID" "$ifaceMark" "$iface" "$gw4" "$dev" "$gw6" "$dev6" "$ifacePriority"; then json_add_gateway 'create' "$ifaceTableID" "$ifaceMark" "$iface" "$gw4" "$dev" "$gw6" "$dev6" "$ifacePriority" "$dispStatus" gatewaySummary="${gatewaySummary}${displayText}${dispStatus:+ $dispStatus}\\n" output_ok @@ -1843,9 +1869,9 @@ interface_process() { output_fail fi ;; -# create_user_set) -# interface_routing 'create_user_set' "$ifaceTableID" "$ifaceMark" "$iface" "$gw4" "$dev" "$gw6" "$dev6" "$ifacePriority" -# ;; + create_user_set) + interface_routing 'create_user_set' "$ifaceTableID" "$ifaceMark" "$iface" "$gw4" "$dev" "$gw6" "$dev6" "$ifacePriority" + ;; destroy) displayText="${iface}/${dispDev:+$dispDev/}${dispGw4}${ipv6_enabled:+/$dispGw6}" output 2 "Removing routing for '$displayText' " @@ -1917,7 +1943,6 @@ on_interface_reload() { rc_procd start_service 'on_interface_reload' "$1"; } start_service() { local resolverStoredHash resolverNewHash i reloadedIface param="$1" - local createUserSets load_environment 'on_start' "$(load_validate_config)" || return 1 is_wan_up || return 1 @@ -1964,10 +1989,6 @@ start_service() { serviceStartTrigger="${serviceStartTrigger:-on_start}" fi - if is_config_enabled 'include'; then - createUserSets='true' - fi - procd_open_instance "main" procd_set_param command /bin/true procd_set_param stdout 1 @@ -2011,18 +2032,16 @@ start_service() { output 1 '\n' fi if is_config_enabled 'include'; then - traffic_killswitch 'remove' + interface_process 'all' 'prepare' + config_foreach interface_process 'interface' 'create_user_set' output 1 'Processing user file(s) ' config_load "$packageName" config_foreach load_validate_include 'include' user_file_process output 1 '\n' - resolver 'init_end' - resolver 'compare_hash' && resolver 'restart' - else - resolver 'init_end' - resolver 'compare_hash' && resolver 'restart' - traffic_killswitch 'remove' fi + resolver 'init_end' + resolver 'compare_hash' && resolver 'restart' + traffic_killswitch 'remove' ;; on_start|*) traffic_killswitch 'insert' @@ -2056,18 +2075,16 @@ start_service() { output 1 '\n' fi if is_config_enabled 'include'; then - traffic_killswitch 'remove' + interface_process 'all' 'prepare' + config_foreach interface_process 'interface' 'create_user_set' output 1 'Processing user file(s) ' config_load "$packageName" config_foreach load_validate_include 'include' user_file_process output 1 '\n' - resolver 'init_end' - resolver 'compare_hash' && resolver 'restart' - else - resolver 'init_end' - resolver 'compare_hash' && resolver 'restart' - traffic_killswitch 'remove' fi + resolver 'init_end' + resolver 'compare_hash' && resolver 'restart' + traffic_killswitch 'remove' ;; esac @@ -2213,7 +2230,7 @@ status_service_nft() { echo "$_SEPARATOR_" tableCount="$(grep -c "${packageName}_" /etc/iproute2/rt_tables)" || tableCount=0 wan_tid=$(($(get_rt_tables_next_id)-tableCount)) - i=0; while [ $i -lt $tableCount ]; do + i=0; while [ $i -lt "$tableCount" ]; do echo "IPv4 table $((wan_tid + i)) route: $($ip_full -4 route show table $((wan_tid + i)) | grep default)" echo "IPv4 table $((wan_tid + i)) rule(s):" $ip_full -4 rule list table "$((wan_tid + i))" @@ -2257,7 +2274,7 @@ status_service_iptables() { if [ -n "$set_d" ]; then route; else route | grep '^default'; fi if [ -n "$set_d" ]; then ip rule list; fi wan_tid=$(($(get_rt_tables_next_id)-tableCount)) - i=0; while [ $i -lt $tableCount ]; do + i=0; while [ $i -lt "$tableCount" ]; do echo "IPv4 table $((wan_tid + i)) route: $($ip_full -4 route show table $((wan_tid + i)) | grep default)" echo "IPv4 table $((wan_tid + i)) rule(s):" $ip_full -4 rule list table "$((wan_tid + i))" @@ -2265,7 +2282,7 @@ status_service_iptables() { done if [ -n "$ipv6_enabled" ]; then - i=0; while [ $i -lt $tableCount ]; do + i=0; while [ $i -lt "$tableCount" ]; do $ip_full -6 route show table $((wan_tid + i)) | while read -r param; do echo "IPv6 Table $((wan_tid + i)): $param" done @@ -2299,7 +2316,7 @@ status_service_iptables() { fi fi i=0; ifaceMark="$wan_mark"; - while [ $i -lt $tableCount ]; do + while [ $i -lt "$tableCount" ]; do if iptables -v -t "$(str_to_lower $j)" -S "${iptPrefix}_MARK_${ifaceMark}" >/dev/null 2>&1; then echo "$_SEPARATOR_" echo "$j IP Table MARK Chain: ${iptPrefix}_MARK_${ifaceMark}" diff --git a/net/unbound/files/iptools.sh b/net/unbound/files/iptools.sh index 9524f4ffe..6726ed360 100644 --- a/net/unbound/files/iptools.sh +++ b/net/unbound/files/iptools.sh @@ -164,7 +164,7 @@ local_subnet() { # local subnet 2nd place is limited to one digit to improve the filter case "$1" in 127"."[0-9]"."[0-9]*) echo "ok" ;; - ::1) echo "ok" ;; + ::1|::1@*|::1#*) echo "ok" ;; *) echo "not" ;; esac } diff --git a/utils/ccid/Makefile b/utils/ccid/Makefile index 7f4726150..1af6e97a5 100644 --- a/utils/ccid/Makefile +++ b/utils/ccid/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=ccid -PKG_VERSION:=1.5.0 -PKG_RELEASE:=$(AUTORELEASE) +PKG_VERSION:=1.5.1 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=https://ccid.apdu.fr/files/ -PKG_HASH:=81549b3422469d503996d03a3aed2ef1375b359167f10d66be9e3844e729322e +PKG_HASH:=e7a78c398ec0d617a4f98bac70d5b64f78689284dd0ae87d4692e2857f117377 PKG_MAINTAINER:=Daniel Golle PKG_LICENSE:=LGPL-2.1-or-later PKG_LICENSE_FILES:=COPYING diff --git a/utils/cni-plugins/Makefile b/utils/cni-plugins/Makefile index 3c6336f44..31495b68c 100644 --- a/utils/cni-plugins/Makefile +++ b/utils/cni-plugins/Makefile @@ -1,14 +1,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=cni-plugins -PKG_VERSION:=1.0.1 -PKG_RELEASE:=$(AUTORELEASE) +PKG_VERSION:=1.1.1 +PKG_RELEASE:=1 PKG_LICENSE:=Apache-2.0 PKG_LICENSE_FILES:=LICENSE PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/containernetworking/plugins/archive/v$(PKG_VERSION) -PKG_HASH:=2ba3cd9f341a7190885b60d363f6f23c6d20d975a7a0ab579dd516f8c6117619 +PKG_HASH:=c86c44877c47f69cd23611e22029ab26b613f620195b76b3ec20f589367a7962 PKG_MAINTAINER:=Daniel Golle , Paul Spooren diff --git a/utils/cni/Makefile b/utils/cni/Makefile index 1fccc8de8..8a04e5843 100644 --- a/utils/cni/Makefile +++ b/utils/cni/Makefile @@ -1,14 +1,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=cni -PKG_VERSION:=1.1.0 -PKG_RELEASE:=$(AUTORELEASE) +PKG_VERSION:=1.1.2 +PKG_RELEASE:=1 PKG_LICENSE:=Apache-2.0 PKG_LICENSE_FILES:=LICENSE PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/containernetworking/$(PKG_NAME)/archive/v$(PKG_VERSION) -PKG_HASH:=d06305d6daf271838964c00591ddc53a9cc506e1e249b435ec31b0ea3353cbc5 +PKG_HASH:=7d4bcaf83acdd54b3dc216f7aa5b5e1b32cb797d9c6af601a2c26b97470ed743 PKG_MAINTAINER:=Daniel Golle , Paul Spooren , Oskari Rauta diff --git a/utils/cryptsetup/Makefile b/utils/cryptsetup/Makefile index 4318ca1c2..f9a76e6c4 100644 --- a/utils/cryptsetup/Makefile +++ b/utils/cryptsetup/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=cryptsetup -PKG_VERSION:=2.5.0 -PKG_RELEASE:=$(AUTORELEASE) +PKG_VERSION:=2.6.0 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz -PKG_SOURCE_URL:=@KERNEL/linux/utils/cryptsetup/v2.5 -PKG_HASH:=9184a6ebbd9ce7eb211152e7f741a6c82f2d1cc0e24a84ec9c52939eee0f0542 +PKG_SOURCE_URL:=@KERNEL/linux/utils/cryptsetup/v2.6 +PKG_HASH:=44397ba76e75a9cde5b02177bc63cd7af428a785788e3a7067733e7761842735 PKG_MAINTAINER:=Daniel Golle PKG_LICENSE:=GPL-2.0-or-later LGPL-2.1-or-later diff --git a/utils/exfatprogs/Makefile b/utils/exfatprogs/Makefile index b967dabd0..d7f4ee9ba 100644 --- a/utils/exfatprogs/Makefile +++ b/utils/exfatprogs/Makefile @@ -1,12 +1,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=exfatprogs -PKG_VERSION:=1.1.3 -PKG_RELEASE:=$(AUTORELEASE) +PKG_VERSION:=1.2.0 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/$(PKG_NAME)/$(PKG_NAME)/tar.gz/$(PKG_VERSION)? -PKG_HASH:=e3ee4fb5af4abc9335aed7a749c319917c652ac1af687ba40aabd04a6b71f1ca +PKG_HASH:=afeaf10c99f70204941427d9cdc62b0219ff7f7d5eb0f1a179b0d7bf6cfedbad PKG_MAINTAINER:=Daniel Golle PKG_LICENSE:=GPL-2.0-only diff --git a/utils/gawk/Makefile b/utils/gawk/Makefile index b4361f1be..a8bd99f5d 100644 --- a/utils/gawk/Makefile +++ b/utils/gawk/Makefile @@ -5,12 +5,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=gawk -PKG_VERSION:=5.2.0 +PKG_VERSION:=5.2.1 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=@GNU/gawk -PKG_HASH:=e4ddbad1c2ef10e8e815ca80208d0162d4c983e6cca16f925e8418632d639018 +PKG_HASH:=673553b91f9e18cc5792ed51075df8d510c9040f550a6f74e09c9add243a7e4f PKG_MAINTAINER:=Daniel Golle PKG_LICENSE:=GPL-3.0-or-later diff --git a/utils/lvm2/Makefile b/utils/lvm2/Makefile index b307cc54b..3ee3868eb 100644 --- a/utils/lvm2/Makefile +++ b/utils/lvm2/Makefile @@ -9,12 +9,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=LVM2 -PKG_VERSION:=2.03.16 -PKG_RELEASE:=$(AUTORELEASE) +PKG_VERSION:=2.03.17 +PKG_VERSION_DM:=1.02.187 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME).$(PKG_VERSION).tgz PKG_SOURCE_URL:=https://sourceware.org/pub/lvm2 -PKG_HASH:=e661ece15b5d88d8abe39a4c1e1db2f43e1896f019948bb98b0e15d777680786 +PKG_HASH:=7286cfa9651828c589389509546333b8da965dfa84a1a4c8ab3e681a47fabae7 PKG_BUILD_DIR:=$(BUILD_DIR)/lvm2-$(BUILD_VARIANT)/$(PKG_NAME).$(PKG_VERSION) PKG_MAINTAINER:=Daniel Golle @@ -31,6 +32,7 @@ define Package/libdevmapper/Default CATEGORY:=Libraries TITLE:=The Linux Kernel Device Mapper userspace library URL:=https://sourceware.org/dm/ + VERSION:=$(PKG_VERSION_DM) DEPENDS:=+kmod-dm +libpthread +libuuid +librt +libblkid endef diff --git a/utils/lvm2/patches/002-const-stdio.patch b/utils/lvm2/patches/002-const-stdio.patch index 070e83498..b93d7b052 100644 --- a/utils/lvm2/patches/002-const-stdio.patch +++ b/utils/lvm2/patches/002-const-stdio.patch @@ -1,6 +1,6 @@ --- a/lib/commands/toolcontext.c +++ b/lib/commands/toolcontext.c -@@ -1673,7 +1673,7 @@ struct cmd_context *create_toolcontext(u +@@ -1667,7 +1667,7 @@ struct cmd_context *create_toolcontext(u /* FIXME Make this configurable? */ reset_lvm_errno(1); @@ -9,7 +9,7 @@ /* Set in/out stream buffering before glibc */ if (set_buffering #ifdef SYS_gettid -@@ -2053,7 +2053,7 @@ void destroy_toolcontext(struct cmd_cont +@@ -2045,7 +2045,7 @@ void destroy_toolcontext(struct cmd_cont dm_hash_destroy(cmd->cft_def_hash); dm_device_list_destroy(&cmd->cache_dm_devs); @@ -20,7 +20,7 @@ if (is_valid_fd(STDIN_FILENO) && --- a/tools/lvmcmdline.c +++ b/tools/lvmcmdline.c -@@ -3398,6 +3398,7 @@ int lvm_split(char *str, int *argc, char +@@ -3419,6 +3419,7 @@ int lvm_split(char *str, int *argc, char /* Make sure we have always valid filedescriptors 0,1,2 */ static int _check_standard_fds(void) { @@ -28,7 +28,7 @@ int err = is_valid_fd(STDERR_FILENO); if (!is_valid_fd(STDIN_FILENO) && -@@ -3424,6 +3425,12 @@ static int _check_standard_fds(void) +@@ -3445,6 +3446,12 @@ static int _check_standard_fds(void) strerror(errno)); return 0; } diff --git a/utils/lvm2/patches/003-no-mallinfo.patch b/utils/lvm2/patches/003-no-mallinfo.patch index e46ead5da..82259c59b 100644 --- a/utils/lvm2/patches/003-no-mallinfo.patch +++ b/utils/lvm2/patches/003-no-mallinfo.patch @@ -1,11 +1,11 @@ --- a/lib/mm/memlock.c +++ b/lib/mm/memlock.c -@@ -187,12 +187,15 @@ static void _allocate_memory(void) +@@ -198,12 +198,15 @@ static void _allocate_memory(void) * memory on free(), this is good enough for our purposes. */ while (missing > 0) { +#ifdef __GLIBC__ - struct mallinfo inf = mallinfo(); + struct MALLINFO inf = MALLINFO(); hblks = inf.hblks; +#endif @@ -13,10 +13,10 @@ _touch_memory(areas[area], _size_malloc_tmp); +#ifdef __GLIBC__ - inf = mallinfo(); + inf = MALLINFO(); if (hblks < inf.hblks) { -@@ -202,9 +205,12 @@ static void _allocate_memory(void) +@@ -213,9 +216,12 @@ static void _allocate_memory(void) free(areas[area]); _size_malloc_tmp /= 2; } else { @@ -29,7 +29,7 @@ if (area == max_areas && missing > 0) { /* Too bad. Warn the user and proceed, as things are -@@ -525,8 +531,13 @@ static void _lock_mem(struct cmd_context +@@ -536,8 +542,13 @@ static void _lock_mem(struct cmd_context * will not block memory locked thread * Note: assuming _memlock_count_daemon is updated before _memlock_count */ diff --git a/utils/lvm2/patches/004-missing-includes.patch b/utils/lvm2/patches/004-missing-includes.patch new file mode 100644 index 000000000..5fff3922e --- /dev/null +++ b/utils/lvm2/patches/004-missing-includes.patch @@ -0,0 +1,10 @@ +--- a/tools/vgimportdevices.c ++++ b/tools/vgimportdevices.c +@@ -15,6 +15,7 @@ + #include "tools.h" + #include "lib/cache/lvmcache.h" + #include "lib/device/device_id.h" ++#include + + struct vgimportdevices_params { + uint32_t added_devices;