diff --git a/.github/workflows/multi-arch-test-build.yml b/.github/workflows/multi-arch-test-build.yml index c1d2df73f..57182b96b 100644 --- a/.github/workflows/multi-arch-test-build.yml +++ b/.github/workflows/multi-arch-test-build.yml @@ -15,12 +15,12 @@ jobs: fail-fast: false matrix: include: - - arch: aarch64_cortex-a53 - target: mvebu-cortexa53 + - arch: aarch64_generic + target: armsr-armv8 runtime_test: true - arch: arm_cortex-a15_neon-vfpv4 - target: armvirt-32 + target: armsr-armv7 runtime_test: true - arch: arm_cortex-a9_vfpv3-d16 diff --git a/devel/gitlab-runner/Makefile b/devel/gitlab-runner/Makefile index 575db4707..801119e07 100644 --- a/devel/gitlab-runner/Makefile +++ b/devel/gitlab-runner/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=gitlab-runner -PKG_VERSION:=14.3.2 -PKG_RELEASE:=2 +PKG_VERSION:=16.0.2 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-v$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://gitlab.com/gitlab-org/gitlab-runner/-/archive/v$(PKG_VERSION) -PKG_HASH:=f67aeae05349f5c612ea5d8772407237caf4da586c0365e3c7edceec6b853d8c +PKG_HASH:=f874b9babe21ae04007abfc901e9ad4c0c1ec22095d4de3e22e176914683cb5d PKG_MAINTAINER:=Jan Pavlinec PKG_LICENSE:=MIT @@ -23,7 +23,9 @@ PKG_BUILD_DIR:=$(BUILD_DIR)/gitlab-runner-v$(PKG_VERSION) PKG_BUILD_DEPENDS:=golang/host PKG_BUILD_PARALLEL:=1 PKG_BUILD_FLAGS:=no-mips16 + GO_PKG:=gitlab.com/gitlab-org/gitlab-runner +GO_PKG_LDFLAGS_X:=$(GO_PKG)/common.VERSION=$(PKG_VERSION) include $(INCLUDE_DIR)/package.mk include ../../lang/golang/golang-package.mk @@ -41,5 +43,12 @@ define Package/gitlab-runner/description GitLab CI/CD to run jobs in a pipeline. endef +define Package/gitlab-runner/install + $(call GoPackage/Package/Install/Bin,$(PKG_INSTALL_DIR)) + $(INSTALL_DIR) $(1)/usr/bin/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/gitlab-runner $(1)/usr/bin/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/gitlab-runner-helper $(1)/usr/bin/ +endef + $(eval $(call GoBinPackage,gitlab-runner)) $(eval $(call BuildPackage,gitlab-runner)) diff --git a/devel/gitlab-runner/patches/010-test.patch b/devel/gitlab-runner/patches/010-test.patch index 5bf5dfbe8..f66940508 100644 --- a/devel/gitlab-runner/patches/010-test.patch +++ b/devel/gitlab-runner/patches/010-test.patch @@ -1,6 +1,6 @@ --- a/common/buildtest/masking.go +++ b/common/buildtest/masking.go -@@ -45,7 +45,7 @@ func RunBuildWithMasking(t *testing.T, c +@@ -55,7 +55,7 @@ func RunBuildWithMasking(t *testing.T, c buf.Finish() diff --git a/devel/gitlab-runner/test.sh b/devel/gitlab-runner/test.sh new file mode 100644 index 000000000..151714709 --- /dev/null +++ b/devel/gitlab-runner/test.sh @@ -0,0 +1,3 @@ +#!/bin/sh + +gitlab-runner --version | grep "$PKG_VERSION" diff --git a/lang/node/Makefile b/lang/node/Makefile index a0cf9f928..f924d1c78 100644 --- a/lang/node/Makefile +++ b/lang/node/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=node -PKG_VERSION:=v18.16.0 +PKG_VERSION:=v18.16.1 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://nodejs.org/dist/$(PKG_VERSION) -PKG_HASH:=33d81a233e235a509adda4a4f2209008d04591979de6b3f0f67c1c906093f118 +PKG_HASH:=e8404f8c8d89fdfdf7e95bbbc6066bd0e571acba58f54492599b615fbeefe272 PKG_MAINTAINER:=Hirokazu MORIKAWA , Adrian Panella PKG_LICENSE:=MIT diff --git a/lang/node/patches/003-path.patch b/lang/node/patches/003-path.patch index a1103be0d..8e390d88c 100644 --- a/lang/node/patches/003-path.patch +++ b/lang/node/patches/003-path.patch @@ -1,6 +1,6 @@ --- a/lib/internal/modules/cjs/loader.js +++ b/lib/internal/modules/cjs/loader.js -@@ -1389,7 +1389,8 @@ Module._initPaths = function() { +@@ -1391,7 +1391,8 @@ Module._initPaths = function() { path.resolve(process.execPath, '..') : path.resolve(process.execPath, '..', '..'); diff --git a/lang/php8/Makefile b/lang/php8/Makefile index fbe33886c..7c01b6c72 100644 --- a/lang/php8/Makefile +++ b/lang/php8/Makefile @@ -6,7 +6,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=php -PKG_VERSION:=8.2.6 +PKG_VERSION:=8.2.7 PKG_RELEASE:=1 PKG_MAINTAINER:=Michael Heimpold @@ -16,7 +16,7 @@ PKG_CPE_ID:=cpe:/a:php:php PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=http://www.php.net/distributions/ -PKG_HASH:=10b796f0ed45574229851212b30a596a76e70ae365322bcaaaf9c00fa7d58cca +PKG_HASH:=4b9fb3dcd7184fe7582d7e44544ec7c5153852a2528de3b6754791258ffbdfa0 PKG_BUILD_PARALLEL:=1 PKG_BUILD_FLAGS:=no-mips16 diff --git a/lang/python/click/Makefile b/lang/python/click/Makefile index 7babd28b3..39bf92981 100644 --- a/lang/python/click/Makefile +++ b/lang/python/click/Makefile @@ -11,7 +11,7 @@ PKG_RELEASE:=1 PYPI_NAME:=click PKG_HASH:=7682dc8afb30297001674575ea00d1814d808d6a36af415a82bd481d37ba7b8e -PKG_MAINTAINER:=Daniel Golle +PKG_MAINTAINER:=Jeffery To PKG_LICENSE:=BSD-3-Clause PKG_LICENSE_FILES:=LICENSE diff --git a/lang/python/itsdangerous/Makefile b/lang/python/itsdangerous/Makefile index 6a364eb80..f6408bf0d 100644 --- a/lang/python/itsdangerous/Makefile +++ b/lang/python/itsdangerous/Makefile @@ -11,7 +11,7 @@ PKG_RELEASE:=1 PYPI_NAME:=$(PKG_NAME) PKG_HASH:=5dbbc68b317e5e42f327f9021763545dc3fc3bfe22e6deb96aaf1fc38874156a -PKG_MAINTAINER:=Daniel Golle +PKG_MAINTAINER:=Jeffery To PKG_LICENSE:=BSD-3-Clause PKG_LICENSE_FILES:=LICENSE diff --git a/lang/python/pyodbc/Makefile b/lang/python/pyodbc/Makefile index 33b32f094..4f10f91ec 100644 --- a/lang/python/pyodbc/Makefile +++ b/lang/python/pyodbc/Makefile @@ -13,7 +13,7 @@ PKG_HASH:=e528bb70dd6d6299ee429868925df0866e3e919c772b9eff79c8e17920d8f116 PKG_LICENSE:=MIT PKG_LICENSE_FILES:=LICENSE.txt -PKG_MAINTAINER:=Daniel Golle +PKG_MAINTAINER:=Jeffery To PKG_BUILD_DEPENDS:=unixodbc/host diff --git a/lang/python/python-ble2mqtt/Makefile b/lang/python/python-ble2mqtt/Makefile index 851684688..8e78d36ee 100644 --- a/lang/python/python-ble2mqtt/Makefile +++ b/lang/python/python-ble2mqtt/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=python-ble2mqtt PKG_VERSION:=0.1.7 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PYPI_NAME:=ble2mqtt PKG_HASH:=c57d6823f1133ce0b5e0e3d9f7d2b3fd58d2ad64c0cc86cb3fa180b178999fa6 @@ -38,6 +38,8 @@ endef define Py3Package/python3-ble2mqtt/install $(INSTALL_DIR) $(1)/etc/init.d $(INSTALL_BIN) ./files/ble2mqtt.init $(1)/etc/init.d/ble2mqtt + $(INSTALL_DIR) $(1)/usr/bin + $(CP) $(PKG_INSTALL_DIR)/usr/bin/* $(1)/usr/bin/ endef $(eval $(call Py3Package,python3-ble2mqtt)) diff --git a/lang/python/python-docker/Makefile b/lang/python/python-docker/Makefile index de278aac6..1ce4defb1 100644 --- a/lang/python/python-docker/Makefile +++ b/lang/python/python-docker/Makefile @@ -1,11 +1,11 @@ include $(TOPDIR)/rules.mk PKG_NAME:=python-docker -PKG_VERSION:=6.0.1 -PKG_RELEASE:=3 +PKG_VERSION:=6.1.3 +PKG_RELEASE:=1 PYPI_NAME:=docker -PKG_HASH:=896c4282e5c7af5c45e8b683b0b0c33932974fe6e50fc6906a0a83616ab3da97 +PKG_HASH:=aa6d17830045ba5ef0168d5eaa34d37beeb113948c413affe1d5991fc11f9a20 PKG_MAINTAINER:=Javier Marcet PKG_LICENSE:=Apache-2.0 diff --git a/lang/python/python-dotenv/Makefile b/lang/python/python-dotenv/Makefile index e8ef61b1b..d24138dc0 100644 --- a/lang/python/python-dotenv/Makefile +++ b/lang/python/python-dotenv/Makefile @@ -1,11 +1,11 @@ include $(TOPDIR)/rules.mk PKG_NAME:=python-dotenv -PKG_VERSION:=0.21.0 +PKG_VERSION:=1.0.0 PKG_RELEASE:=1 PYPI_NAME:=python-dotenv -PKG_HASH:=b77d08274639e3d34145dfa6c7008e66df0f04b7be7a75fd0d5292c191d79045 +PKG_HASH:=a8df96034aae6d2d50a4ebe8216326c61c3eb64836776504fcca410e5937a3ba PKG_MAINTAINER:=Javier Marcet PKG_LICENSE:=BSD-3-Clause diff --git a/lang/python/python-gnupg/Makefile b/lang/python/python-gnupg/Makefile index c04a5de74..898a4048f 100644 --- a/lang/python/python-gnupg/Makefile +++ b/lang/python/python-gnupg/Makefile @@ -5,15 +5,15 @@ include $(TOPDIR)/rules.mk PKG_NAME:=python-gnupg -PKG_VERSION:=0.4.7 +PKG_VERSION:=0.5.0 PKG_RELEASE:=1 -PYPI_NAME:=$(PKG_NAME) -PKG_HASH:=2061f56b1942c29b92727bf9aecbd3cea3893acc9cccbdc7eb4604285efe4ac7 +PYPI_NAME:=python-gnupg +PKG_HASH:=70758e387fc0e0c4badbcb394f61acbe68b34970a8fed7e0f7c89469fe17912a PKG_LICENSE:=BSD-3-Clause PKG_LICENSE_FILES:=LICENSE.txt -PKG_MAINTAINER:=Daniel Golle +PKG_MAINTAINER:=Jeffery To PKG_CPE_ID:=cpe:/a:python:python-gnupg include ../pypi.mk @@ -25,8 +25,8 @@ define Package/python3-gnupg CATEGORY:=Languages SUBMENU:=Python TITLE:=A wrapper for GnuPG - URL:=https://docs.red-dove.com/python-gnupg/ - DEPENDS:=+gnupg +python3-light +python3-logging + URL:=https://github.com/vsajip/python-gnupg + DEPENDS:=+python3-light +python3-logging endef define Package/python3-gnupg/description diff --git a/lang/python/python-hatchling/Makefile b/lang/python/python-hatchling/Makefile index e7765d86a..b44b7774b 100644 --- a/lang/python/python-hatchling/Makefile +++ b/lang/python/python-hatchling/Makefile @@ -8,11 +8,11 @@ include $(TOPDIR)/rules.mk PKG_NAME:=python-hatchling -PKG_VERSION:=1.17.1 +PKG_VERSION:=1.18.0 PKG_RELEASE:=1 PYPI_NAME:=hatchling -PKG_HASH:=76dee5108f929b7eb9102df0a1bf88fa3247d68a44ff1f395e1cf32eaab0c6fa +PKG_HASH:=50e99c3110ce0afc3f7bdbadff1c71c17758e476731c27607940cfa6686489ca PKG_LICENSE:=MIT PKG_LICENSE_FILES:=LICENSE.txt diff --git a/lang/python/python-libmodbus/Makefile b/lang/python/python-libmodbus/Makefile index 8f582e6c5..79de68987 100644 --- a/lang/python/python-libmodbus/Makefile +++ b/lang/python/python-libmodbus/Makefile @@ -2,14 +2,15 @@ include $(TOPDIR)/rules.mk include $(INCLUDE_DIR)/kernel.mk PKG_NAME:=python-libmodbus -PKG_VERSION:=0.5.0 -PKG_RELEASE:=2 - -PKG_LICENSE:=BSD-3-Clause -PKG_MAINTAINER:=Daniel Golle +PKG_VERSION:=0.6.2 +PKG_RELEASE:=1 PYPI_NAME:=pylibmodbus -PKG_HASH:=80f837304ffa8476145ea643f6b98aa94b205013a96f1e5173d7bdc776426aee +PKG_HASH:=7989af81f57cc7593c86b2d74201978e931bc80f6bbe62564273477fc7059c20 + +PKG_LICENSE:=BSD-3-Clause +PKG_LICENSE_FILES:=LICENSE +PKG_MAINTAINER:=Jeffery To include ../pypi.mk include $(INCLUDE_DIR)/package.mk @@ -19,8 +20,8 @@ define Package/python3-libmodbus SUBMENU:=Python SECTION:=lang CATEGORY:=Languages - TITLE:=pylibmodbus - URL:=https://pypi.org/project/pylibmodbus + TITLE:=Wrapper for libmodbus + URL:=https://github.com/stephane/pylibmodbus DEPENDS:=+libmodbus \ +python3-light \ +python3-cffi @@ -32,3 +33,4 @@ endef $(eval $(call Py3Package,python3-libmodbus)) $(eval $(call BuildPackage,python3-libmodbus)) +$(eval $(call BuildPackage,python3-libmodbus-src)) diff --git a/lang/python/python-markupsafe/Makefile b/lang/python/python-markupsafe/Makefile index 5b495d79d..63e5309d5 100644 --- a/lang/python/python-markupsafe/Makefile +++ b/lang/python/python-markupsafe/Makefile @@ -5,19 +5,23 @@ include $(TOPDIR)/rules.mk PKG_NAME:=python-markupsafe -PKG_VERSION:=2.1.2 +PKG_VERSION:=2.1.3 PKG_RELEASE:=1 PYPI_NAME:=MarkupSafe -PKG_HASH:=abcabc8c2b26036d62d4c746381a6f7cf60aafcc653198ad678306986b09450d +PKG_HASH:=af598ed32d6ae86f1b747b82783958b1a4ab8f617b06fe68795c7f026abbdcad -PKG_MAINTAINER:=Daniel Golle +PKG_MAINTAINER:=Jeffery To PKG_LICENSE:=BSD-3-Clause PKG_LICENSE_FILES:=LICENSE.rst +HOST_BUILD_DEPENDS:=python3/host python-build/host python-installer/host python-wheel/host + include ../pypi.mk include $(INCLUDE_DIR)/package.mk +include $(INCLUDE_DIR)/host-build.mk include ../python3-package.mk +include ../python3-host-build.mk define Package/python3-markupsafe SECTION:=lang @@ -39,3 +43,4 @@ endef $(eval $(call Py3Package,python3-markupsafe)) $(eval $(call BuildPackage,python3-markupsafe)) $(eval $(call BuildPackage,python3-markupsafe-src)) +$(eval $(call HostBuild)) diff --git a/lang/python/python-pluggy/Makefile b/lang/python/python-pluggy/Makefile index d035c9abe..8fcc74dc9 100644 --- a/lang/python/python-pluggy/Makefile +++ b/lang/python/python-pluggy/Makefile @@ -8,11 +8,11 @@ include $(TOPDIR)/rules.mk PKG_NAME:=python-pluggy -PKG_VERSION:=1.0.0 +PKG_VERSION:=1.2.0 PKG_RELEASE:=1 PYPI_NAME:=pluggy -PKG_HASH:=4224373bacce55f955a878bf9cfa763c1e360858e330072059e10bad68531159 +PKG_HASH:=d12f0c4b579b15f5e054301bb226ee85eeeba08ffec228092f8defbaa3a4c4b3 PKG_MAINTAINER:=Jan Pavlinec , Jeffery To PKG_LICENSE:=MIT diff --git a/lang/python/python3-libselinux/Makefile b/lang/python/python-selinux/Makefile similarity index 58% rename from lang/python/python3-libselinux/Makefile rename to lang/python/python-selinux/Makefile index f56483b44..5736ef09a 100644 --- a/lang/python/python3-libselinux/Makefile +++ b/lang/python/python-selinux/Makefile @@ -5,38 +5,38 @@ include $(TOPDIR)/rules.mk -SRC_NAME:=libselinux -PKG_NAME:=python3-$(SRC_NAME) -PKG_VERSION:=3.3 -PKG_RELEASE:=3 +PKG_NAME:=python-selinux +PKG_VERSION:=3.5 +PKG_RELEASE:=1 -PKG_BUILD_DIR:=$(BUILD_DIR)/python-libselinux/$(SRC_NAME)-$(PKG_VERSION) +SRC_NAME:=libselinux PKG_SOURCE:=$(SRC_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/SELinuxProject/selinux/releases/download/$(PKG_VERSION) -PKG_HASH:=acfdee27633d2496508c28727c3d41d3748076f66d42fccde2e6b9f3463a7057 -PKG_BUILD_DEPENDS:=swig/host +PKG_HASH:=9a3a3705ac13a2ccca2de6d652b6356fead10f36fb33115c185c5ccdf29eec19 +PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)/$(SRC_NAME)-$(PKG_VERSION) PKG_MAINTAINER:=Thomas Petazzoni PKG_LICENSE:=libselinux-1.0 PKG_LICENSE_FILES:=LICENSE PKG_CPE_ID:=cpe:/a:selinuxproject:libselinux + +PKG_BUILD_DEPENDS:=swig/host +PKG_BUILD_PARALLEL:=1 PYTHON3_PKG_BUILD:=0 -PKG_INSTALL:=1 -MAKE_PATH:=src include $(INCLUDE_DIR)/package.mk include ../python3-package.mk -define Package/python3-libselinux - TITLE:=Python bindings for the runtime SELinux library +define Package/python3-selinux SUBMENU:=Python SECTION:=lang CATEGORY:=Languages - DEPENDS:=+libpcre +musl-fts +python3 +libselinux + TITLE:=SELinux runtime library bindings + DEPENDS:=+python3-light +libselinux URL:=http://selinuxproject.org/page/Main_Page endef -define Package/python3-libselinux/description +define Package/python3-selinux/description libselinux is the runtime SELinux library that provides interfaces (e.g. library functions for the SELinux kernel APIs like getcon(), other support functions like @@ -48,34 +48,27 @@ define Package/python3-libselinux/description This package provides the Python bindings for libselinux. endef +MAKE_VARS += \ + $(PYTHON3_VARS) \ + $(HOST_PYTHON3_PIP_VARS) \ + PYTHON_SETUP_ARGS=--no-compile + +MAKE_FLAGS += \ + SHLIBDIR=/usr/lib + ifneq ($(CONFIG_USE_MUSL),) + MAKE_FLAGS += FTS_LDLIBS=-lfts TARGET_CFLAGS += -D_LARGEFILE64_SOURCE endif -MAKE_FLAGS += \ - FTS_LDLIBS=-lfts \ - SHLIBDIR=/usr/lib \ - PYTHON=$(PYTHON3) \ - PYINC="-I $(PYTHON3_INC_DIR)" \ - PYLIBS="-lpython$(PYTHON3_VERSION)" \ - $(PYTHON3_VARS) - define Build/Compile - $(call Build/Compile/Default,swigify pywrap) + $(call Build/Compile/Default,pywrap) endef define Build/Install $(call Build/Install/Default,install-pywrap) endef -define Build/InstallDev - $(INSTALL_DIR) $(1)$(PYTHON3_PKG_DIR) - $(CP) $(PKG_INSTALL_DIR)$(PYTHON3_PKG_DIR)/* $(1)$(PYTHON3_PKG_DIR) -endef - -define Package/python3-libselinux/install - $(INSTALL_DIR) $(1)$(PYTHON3_PKG_DIR) - $(CP) $(PKG_INSTALL_DIR)$(PYTHON3_PKG_DIR)/* $(1)$(PYTHON3_PKG_DIR) -endef - -$(eval $(call BuildPackage,python3-libselinux)) +$(eval $(call Py3Package,python3-selinux)) +$(eval $(call BuildPackage,python3-selinux)) +$(eval $(call BuildPackage,python3-selinux-src)) diff --git a/lang/python/python3-libsemanage/Makefile b/lang/python/python-semanage/Makefile similarity index 56% rename from lang/python/python3-libsemanage/Makefile rename to lang/python/python-semanage/Makefile index c1a825767..33e148cf2 100644 --- a/lang/python/python3-libsemanage/Makefile +++ b/lang/python/python-semanage/Makefile @@ -5,38 +5,38 @@ include $(TOPDIR)/rules.mk -SRC_NAME:=libsemanage -PKG_NAME:=python3-$(SRC_NAME) -PKG_VERSION:=3.2 +PKG_NAME:=python-semanage +PKG_VERSION:=3.5 PKG_RELEASE:=1 -PKG_BUILD_DIR:=$(BUILD_DIR)/python-libsemanage/$(SRC_NAME)-$(PKG_VERSION) +SRC_NAME:=libsemanage PKG_SOURCE:=$(SRC_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/SELinuxProject/selinux/releases/download/$(PKG_VERSION) -PKG_HASH:=d722a55ca4fe2d4e2b30527720db657e6238b28079e69e2e4affeb8e733ee511 -PKG_BUILD_DEPENDS:=swig/host +PKG_HASH:=f53534e50247538280ed0d76c6ce81d8fb3939bd64cadb89da10dba42e40dd9c +PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)/$(SRC_NAME)-$(PKG_VERSION) PKG_MAINTAINER:=Thomas Petazzoni PKG_LICENSE:=LGPL-2.1-or-later -PKG_LICENSE_FILES:=COPYING +PKG_LICENSE_FILES:=LICENSE PKG_CPE_ID:=cpe:/a:selinuxproject:libsemanage + +PKG_BUILD_DEPENDS:=swig/host +PKG_BUILD_PARALLEL:=1 PYTHON3_PKG_BUILD:=0 -PKG_INSTALL:=1 -MAKE_PATH:=src include $(INCLUDE_DIR)/package.mk include ../python3-package.mk -define Package/python3-libsemanage - TITLE:=Python bindings for the SELinux policy management library +define Package/python3-semanage SUBMENU:=Python SECTION:=lang CATEGORY:=Languages - DEPENDS:=+python3 +libsemanage + TITLE:=SELinux policy management library bindings + DEPENDS:=+python3-light +libsemanage URL:=http://selinuxproject.org/page/Main_Page endef -define Package/python3-libsemanage/description +define Package/python3-semanage/description libsemanage is the policy management library. It uses libsepol for binary policy manipulation and libselinux for interacting with the SELinux system. It also exec's helper @@ -46,33 +46,19 @@ define Package/python3-libsemanage/description change at least for the bootstrapping case (for rpm). This package provides the Python bindings for libsemanage. -endef #' +endef -MAKE_FLAGS += \ - PYTHON=$(PYTHON3) \ - PYINC="-I $(PYTHON3_INC_DIR)" \ - PYLIBS="-lpython$(PYTHON3_VERSION)" \ +MAKE_VARS += \ $(PYTHON3_VARS) define Build/Compile - $(call Build/Compile/Default,swigify pywrap) + $(call Build/Compile/Default,pywrap) endef define Build/Install $(call Build/Install/Default,install-pywrap) endef -define Build/Configure -endef - -define Build/InstallDev - $(INSTALL_DIR) $(1)$(PYTHON3_PKG_DIR) - $(CP) $(PKG_INSTALL_DIR)$(PYTHON3_PKG_DIR)/* $(1)$(PYTHON3_PKG_DIR) -endef - -define Package/python3-libsemanage/install - $(INSTALL_DIR) $(1)$(PYTHON3_PKG_DIR) - $(CP) $(PKG_INSTALL_DIR)$(PYTHON3_PKG_DIR)/* $(1)$(PYTHON3_PKG_DIR) -endef - -$(eval $(call BuildPackage,python3-libsemanage)) +$(eval $(call Py3Package,python3-semanage)) +$(eval $(call BuildPackage,python3-semanage)) +$(eval $(call BuildPackage,python3-semanage-src)) diff --git a/lang/python/python-service-identity/Makefile b/lang/python/python-service-identity/Makefile index 8e1c1475c..eb51e3a40 100644 --- a/lang/python/python-service-identity/Makefile +++ b/lang/python/python-service-identity/Makefile @@ -1,5 +1,5 @@ # -# Copyright (C) 2016-2018 OpenWrt.org +# Copyright (C) 2015, 2018-2020, 2023 Jeffery To # # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. @@ -8,16 +8,19 @@ include $(TOPDIR)/rules.mk PKG_NAME:=python-service-identity -PKG_VERSION:=18.1.0 -PKG_RELEASE:=2 +PKG_VERSION:=23.1.0 +PKG_RELEASE:=1 -PYPI_NAME:=service_identity -PKG_HASH:=0858a54aabc5b459d1aafa8a518ed2081a285087f349fe3e55197989232e2e2d +PYPI_NAME:=service-identity +PYPI_SOURCE_NAME:=service_identity +PKG_HASH:=ecb33cd96307755041e978ab14f8b14e13b40f1fbd525a4dc78f46d2b986431d PKG_LICENSE:=MIT PKG_LICENSE_FILES:=LICENSE PKG_MAINTAINER:=Jeffery To +PKG_BUILD_DEPENDS:=python-hatchling/host python-hatch-vcs/host python-hatch-fancy-pypi-readme/host + include ../pypi.mk include $(INCLUDE_DIR)/package.mk include ../python3-package.mk diff --git a/lang/python/python-setuptools/Makefile b/lang/python/python-setuptools/Makefile index fa6ec74e9..aafc5d762 100644 --- a/lang/python/python-setuptools/Makefile +++ b/lang/python/python-setuptools/Makefile @@ -8,11 +8,11 @@ include $(TOPDIR)/rules.mk PKG_NAME:=python-setuptools -PKG_VERSION:=67.8.0 +PKG_VERSION:=68.0.0 PKG_RELEASE:=1 PYPI_NAME:=setuptools -PKG_HASH:=62642358adc77ffa87233bc4d2354c4b2682d214048f500964dbe760ccedf102 +PKG_HASH:=baf1fdb41c6da4cd2eae722e135500da913332ab3f2f5c7d33af9b492acb5235 PKG_LICENSE:=MIT PKG_LICENSE_FILES:=LICENSE diff --git a/lang/python/python-stem/Makefile b/lang/python/python-stem/Makefile index 03ef35633..a8701fd01 100644 --- a/lang/python/python-stem/Makefile +++ b/lang/python/python-stem/Makefile @@ -1,11 +1,11 @@ include $(TOPDIR)/rules.mk PKG_NAME:=python-stem -PKG_VERSION:=1.8.1 -PKG_RELEASE:=2 +PKG_VERSION:=1.8.2 +PKG_RELEASE:=1 PYPI_NAME:=stem -PKG_HASH:=81d43a7c668ba9d7bc1103b2e7a911e9d148294b373d27a59ae8da79ef7a3e2f +PKG_HASH:=83fb19ffd4c9f82207c006051480389f80af221a7e4783000aedec4e384eb582 PKG_MAINTAINER:=Javier Marcet PKG_LICENSE:=LGPL-3.0-only diff --git a/lang/python/python-typing-extensions/Makefile b/lang/python/python-typing-extensions/Makefile index 7ba2f612f..a317eb55c 100644 --- a/lang/python/python-typing-extensions/Makefile +++ b/lang/python/python-typing-extensions/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=python-typing-extensions -PKG_VERSION:=4.6.3 +PKG_VERSION:=4.7.1 PKG_RELEASE:=1 PYPI_NAME:=typing-extensions PYPI_SOURCE_NAME:=typing_extensions -PKG_HASH:=d91d5919357fe7f681a9f2b5b4cb2a5f1ef0a1e9f59c4d8ff0d3491e05c0ffd5 +PKG_HASH:=b75ddc264f0ba5615db7ba217daeb99701ad295353c45f9e95963337ceeeffb2 PKG_MAINTAINER:=Jan Pavlinec , Jeffery To PKG_LICENSE:=Python-2.0.1 0BSD diff --git a/lang/python/python-websocket-client/Makefile b/lang/python/python-websocket-client/Makefile index 473065474..f84bd1844 100644 --- a/lang/python/python-websocket-client/Makefile +++ b/lang/python/python-websocket-client/Makefile @@ -1,11 +1,11 @@ include $(TOPDIR)/rules.mk PKG_NAME:=python-websocket-client -PKG_VERSION:=1.5.1 +PKG_VERSION:=1.6.1 PKG_RELEASE:=1 PYPI_NAME:=websocket-client -PKG_HASH:=3f09e6d8230892547132177f575a4e3e73cfdf06526e20cc02aa1c3b47184d40 +PKG_HASH:=c951af98631d24f8df89ab1019fc365f2227c0892f12fd150e935607c79dd0dd PKG_MAINTAINER:=Javier Marcet PKG_LICENSE:=Apache-2.0 diff --git a/lang/python/python-werkzeug/Makefile b/lang/python/python-werkzeug/Makefile index 082b3bb73..08c67d772 100644 --- a/lang/python/python-werkzeug/Makefile +++ b/lang/python/python-werkzeug/Makefile @@ -5,15 +5,16 @@ include $(TOPDIR)/rules.mk PKG_NAME:=python-werkzeug -PKG_VERSION:=2.3.4 +PKG_VERSION:=2.3.6 PKG_RELEASE:=1 PYPI_NAME:=Werkzeug -PKG_HASH:=1d5a58e0377d1fe39d061a5de4469e414e78ccb1e1e59c0f5ad6fa1c36c52b76 +PKG_HASH:=98c774df2f91b05550078891dee5f0eb0cb797a522c757a2452b9cee5b202330 -PKG_MAINTAINER:=Daniel Golle +PKG_MAINTAINER:=Jeffery To PKG_LICENSE:=BSD-3-Clause PKG_LICENSE_FILES:=LICENSE.rst +PKG_CPE_ID:=cpe:/a:palletsprojects:werkzeug include ../pypi.mk include $(INCLUDE_DIR)/package.mk diff --git a/lang/python/python3-libselinux/patches/010-setup-py-custom-cc.patch b/lang/python/python3-libselinux/patches/010-setup-py-custom-cc.patch deleted file mode 100644 index 8fe816588..000000000 --- a/lang/python/python3-libselinux/patches/010-setup-py-custom-cc.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/src/Makefile -+++ b/src/Makefile -@@ -139,7 +139,7 @@ SWIGRUBY = swig -Wall -ruby -o $(SWIGRUB - all: $(LIBA) $(LIBSO) $(LIBPC) - - pywrap: all selinuxswig_python_exception.i -- CFLAGS="$(CFLAGS) $(SWIG_CFLAGS)" $(PYTHON) setup.py build_ext -+ LDSHARED="$(CC) -shared" CFLAGS="$(CFLAGS) $(SWIG_CFLAGS)" $(PYTHON) setup.py build_ext - - rubywrap: all $(SWIGRUBYSO) - diff --git a/lang/python/python3-libselinux/patches/020-Make-use-of-variables-when-defining-libdir-and-inclu.patch b/lang/python/python3-libselinux/patches/020-Make-use-of-variables-when-defining-libdir-and-inclu.patch deleted file mode 100644 index c900ff143..000000000 --- a/lang/python/python3-libselinux/patches/020-Make-use-of-variables-when-defining-libdir-and-inclu.patch +++ /dev/null @@ -1,21 +0,0 @@ -Pkg-config definitions commonly make use of ${exec_prefix} and ${prefix} -when defining libdir and includedir, respectively. OpenWrt, for example, -relies on this when it adjusts things for cross compiling. - -Signed-off-by: W. Michael Petullo ---- - src/libselinux.pc.in | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - ---- a/src/libselinux.pc.in -+++ b/src/libselinux.pc.in -@@ -1,7 +1,7 @@ - prefix=@prefix@ - exec_prefix=${prefix} --libdir=@libdir@ --includedir=@includedir@ -+libdir=${exec_prefix}/lib -+includedir=${prefix}/include - - Name: libselinux - Description: SELinux utility library diff --git a/lang/vala/Makefile b/lang/vala/Makefile index c61c86c24..577bc588e 100644 --- a/lang/vala/Makefile +++ b/lang/vala/Makefile @@ -15,7 +15,7 @@ PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=@GNOME/vala/$(basename $(PKG_VERSION)) PKG_HASH:=e1066221bf7b89cb1fa7327a3888645cb33b604de3bf45aa81132fd040b699bf -PKG_MAINTAINER:= +PKG_MAINTAINER:=W. Michael Petullo PKG_LICENSE:=LGPL-2.1-or-later PKG_LICENSE_FILES:=COPYING diff --git a/lang/vala/patches/001-circumvent-glib-pkgconf-bug.patch b/lang/vala/patches/001-circumvent-glib-pkgconf-bug.patch new file mode 100644 index 000000000..fb6099235 --- /dev/null +++ b/lang/vala/patches/001-circumvent-glib-pkgconf-bug.patch @@ -0,0 +1,73 @@ +This patch circumvents an apparent bug in pkgconf 1.9 that prevents +building the OpenWrt Vala package. For a discussion of this, see: + +https://github.com/openwrt/packages/issues/21359 + +The pkgconf bug seems similar to the one discussed here: + +https://github.com/pkgconf/pkgconf/issues/268 + +--- a/configure ++++ b/configure +@@ -13598,11 +13598,11 @@ if test -n "$GLIB_CFLAGS"; then + elif test -n "$PKG_CONFIG"; then + if test -n "$PKG_CONFIG" && \ + { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"glib-2.0 >= \$GLIB_REQUIRED gobject-2.0 >= \$GLIB_REQUIRED\""; } >&5 +- ($PKG_CONFIG --exists --print-errors "glib-2.0 >= $GLIB_REQUIRED gobject-2.0 >= $GLIB_REQUIRED") 2>&5 ++ ($PKG_CONFIG --exists --print-errors "gobject-2.0 >= $GLIB_REQUIRED glib-2.0 >= $GLIB_REQUIRED") 2>&5 + ac_status=$? + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then +- pkg_cv_GLIB_CFLAGS=`$PKG_CONFIG --cflags "glib-2.0 >= $GLIB_REQUIRED gobject-2.0 >= $GLIB_REQUIRED" 2>/dev/null` ++ pkg_cv_GLIB_CFLAGS=`$PKG_CONFIG --cflags "gobject-2.0 >= $GLIB_REQUIRED glib-2.0 >= $GLIB_REQUIRED" 2>/dev/null` + test "x$?" != "x0" && pkg_failed=yes + else + pkg_failed=yes +@@ -13615,11 +13615,11 @@ if test -n "$GLIB_LIBS"; then + elif test -n "$PKG_CONFIG"; then + if test -n "$PKG_CONFIG" && \ + { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"glib-2.0 >= \$GLIB_REQUIRED gobject-2.0 >= \$GLIB_REQUIRED\""; } >&5 +- ($PKG_CONFIG --exists --print-errors "glib-2.0 >= $GLIB_REQUIRED gobject-2.0 >= $GLIB_REQUIRED") 2>&5 ++ ($PKG_CONFIG --exists --print-errors "gobject-2.0 >= $GLIB_REQUIRED glib-2.0 >= $GLIB_REQUIRED") 2>&5 + ac_status=$? + printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then +- pkg_cv_GLIB_LIBS=`$PKG_CONFIG --libs "glib-2.0 >= $GLIB_REQUIRED gobject-2.0 >= $GLIB_REQUIRED" 2>/dev/null` ++ pkg_cv_GLIB_LIBS=`$PKG_CONFIG --libs "gobject-2.0 >= $GLIB_REQUIRED glib-2.0 >= $GLIB_REQUIRED" 2>/dev/null` + test "x$?" != "x0" && pkg_failed=yes + else + pkg_failed=yes +@@ -13640,9 +13640,9 @@ else + _pkg_short_errors_supported=no + fi + if test $_pkg_short_errors_supported = yes; then +- GLIB_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "glib-2.0 >= $GLIB_REQUIRED gobject-2.0 >= $GLIB_REQUIRED" 2>&1` ++ GLIB_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "gobject-2.0 >= $GLIB_REQUIRED glib-2.0 >= $GLIB_REQUIRED" 2>&1` + else +- GLIB_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "glib-2.0 >= $GLIB_REQUIRED gobject-2.0 >= $GLIB_REQUIRED" 2>&1` ++ GLIB_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "gobject-2.0 >= $GLIB_REQUIRED glib-2.0 >= $GLIB_REQUIRED" 2>&1` + fi + # Put the nasty error message in config.log where it belongs + echo "$GLIB_PKG_ERRORS" >&5 +--- a/gobject-introspection/Makefile.in ++++ b/gobject-introspection/Makefile.in +@@ -383,8 +383,8 @@ libgidl_la_SOURCES = \ + $(NULL) + + libgidl_la_LIBADD = \ +- $(GLIB_LIBS) \ + $(GMODULE_LIBS) \ ++ $(GLIB_LIBS) \ + $(NULL) + + BUILT_SOURCES = scannerparser.h +@@ -400,8 +400,8 @@ gen_introspect_SOURCES = \ + $(NULL) + + gen_introspect_LDADD = \ +- $(GLIB_LIBS) \ + $(GMODULE_LIBS) \ ++ $(GLIB_LIBS) \ + libgidl.la \ + $(NULL) + diff --git a/libs/c-ares/Makefile b/libs/c-ares/Makefile index 4c13927b2..9f5a9424b 100644 --- a/libs/c-ares/Makefile +++ b/libs/c-ares/Makefile @@ -9,12 +9,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=c-ares -PKG_VERSION:=1.18.1 +PKG_VERSION:=1.19.1 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://c-ares.org/download -PKG_HASH:=1a7d52a8a84a9fbffb1be9133c0f6e17217d91ea5a6fa61f6b4729cda78ebbcf +PKG_HASH:=321700399b72ed0e037d0074c629e7741f6b2ec2dda92956abe3e9671d3e268e PKG_LICENSE:=MIT PKG_LICENSE_FILES:=LICENSE.md @@ -48,6 +48,13 @@ CMAKE_OPTIONS += \ -DCARES_BUILD_TESTS=OFF \ -DCARES_BUILD_TOOLS=OFF +define Build/InstallDev + $(call Build/InstallDev/cmake,$(1)) + $(SED) 's,/usr/bin,$$$${prefix}/lib,g' $(1)/usr/lib/pkgconfig/libcares.pc + $(SED) 's,/usr/include,$$$${prefix}/include,g' $(1)/usr/lib/pkgconfig/libcares.pc + $(SED) 's,/usr/lib,$$$${prefix}/lib,g' $(1)/usr/lib/pkgconfig/libcares.pc +endef + define Package/libcares/install $(INSTALL_DIR) $(1)/usr/lib $(CP) $(PKG_INSTALL_DIR)/usr/lib/libcares.so.* $(1)/usr/lib/ diff --git a/libs/gost_engine/Makefile b/libs/gost_engine/Makefile index d15a36f39..dd13d4219 100644 --- a/libs/gost_engine/Makefile +++ b/libs/gost_engine/Makefile @@ -5,8 +5,7 @@ PKG_NAME:=gost_engine PKG_VERSION:=3.0.1 PKG_HASH:=bfeac85883724cfbe0ecc6d942ac0524b908143e019ab3d3b6abe47a3466a628 PKG_LICENSE:=Apache-2.0 -PATCH_DIR=./patches-3 -PKG_RELEASE:=8 +PKG_RELEASE:=9 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/gost-engine/engine/archive/v$(PKG_VERSION) diff --git a/libs/gost_engine/patches-1.1/010-openssl-deprecated.patch b/libs/gost_engine/patches-1.1/010-openssl-deprecated.patch deleted file mode 100644 index c28748a91..000000000 --- a/libs/gost_engine/patches-1.1/010-openssl-deprecated.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/gost_pmeth.c -+++ b/gost_pmeth.c -@@ -608,7 +608,7 @@ static int pkey_gost_mac_ctrl_str(EVP_PK - if (strcmp(type, hexkey_ctrl_string) == 0) { - long keylen; - int ret; -- unsigned char *keybuf = string_to_hex(value, &keylen); -+ unsigned char *keybuf = OPENSSL_hexstr2buf(value, &keylen); - if (!keybuf || keylen != 32) { - GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR, - GOST_R_INVALID_MAC_KEY_LENGTH); diff --git a/libs/gost_engine/patches-3/020-cmake-allow-cross-compile.patch b/libs/gost_engine/patches/020-cmake-allow-cross-compile.patch similarity index 100% rename from libs/gost_engine/patches-3/020-cmake-allow-cross-compile.patch rename to libs/gost_engine/patches/020-cmake-allow-cross-compile.patch diff --git a/libs/gost_engine/patches-3/030-dont-build-provider.patch b/libs/gost_engine/patches/030-dont-build-provider.patch similarity index 100% rename from libs/gost_engine/patches-3/030-dont-build-provider.patch rename to libs/gost_engine/patches/030-dont-build-provider.patch diff --git a/libs/gost_engine/patches/040-dont-build-tests.patch b/libs/gost_engine/patches/040-dont-build-tests.patch new file mode 100644 index 000000000..13caf6388 --- /dev/null +++ b/libs/gost_engine/patches/040-dont-build-tests.patch @@ -0,0 +1,131 @@ +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -213,128 +213,6 @@ set(GOST_PROV_SOURCE_FILES + gost_prov_mac.c + ) + +-set(TEST_ENVIRONMENT_COMMON +- CMAKE_CURRENT_SOURCE_DIR=${CMAKE_CURRENT_SOURCE_DIR} +- PERL5LIB=${CMAKE_CURRENT_SOURCE_DIR}/test +- OPENSSL_PROGRAM=${OPENSSL_PROGRAM} +- OPENSSL_CRYPTO_LIBRARY=${OPENSSL_CRYPTO_LIBRARY} +- ) +- +-set(TEST_ENVIRONMENT_ENGINE +- ${TEST_ENVIRONMENT_COMMON} +- OPENSSL_ENGINES=${CMAKE_RUNTIME_OUTPUT_DIRECTORY} +- OPENSSL_CONF=${CMAKE_CURRENT_SOURCE_DIR}/test/engine.cnf +- ) +- +-set(TEST_ENVIRONMENT_PROVIDER +- ${TEST_ENVIRONMENT_COMMON} +- OPENSSL_MODULES=${CMAKE_RUNTIME_OUTPUT_DIRECTORY} +- OPENSSL_CONF=${CMAKE_CURRENT_SOURCE_DIR}/test/provider.cnf +- ) +- +-add_executable(test_digest test_digest.c) +-target_link_libraries(test_digest OpenSSL::Crypto) +-add_test(NAME digest-with-engine COMMAND test_digest) +-set_tests_properties(digest-with-engine +- PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_ENGINE}") +-add_test(NAME digest-with-provider COMMAND test_digest) +-set_tests_properties(digest-with-provider +- PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_PROVIDER}") +- +-add_executable(test_ciphers test_ciphers.c) +-target_link_libraries(test_ciphers OpenSSL::Crypto) +-add_test(NAME ciphers-with-engine COMMAND test_ciphers) +-set_tests_properties(ciphers-with-engine +- PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_ENGINE}") +-add_test(NAME ciphers-with-provider COMMAND test_ciphers) +-set_tests_properties(ciphers-with-provider +- PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_PROVIDER}") +- +-# test_curves is an internals testing program, it doesn't need a test env +-add_executable(test_curves test_curves.c) +-target_link_libraries(test_curves gost_core gost_err) +-add_test(NAME curves COMMAND test_curves) +- +-add_executable(test_params test_params.c) +-target_link_libraries(test_params OpenSSL::Crypto) +-add_test(NAME parameters-with-engine COMMAND test_params) +-set_tests_properties(parameters-with-engine +- PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_ENGINE}") +- +-add_executable(test_derive test_derive.c) +-target_link_libraries(test_derive OpenSSL::Crypto) +-add_test(NAME derive-with-engine COMMAND test_derive) +-set_tests_properties(derive-with-engine +- PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_ENGINE}") +- +-add_executable(test_sign test_sign.c) +-target_link_libraries(test_sign OpenSSL::Crypto) +-add_test(NAME sign/verify-with-engine COMMAND test_sign) +-set_tests_properties(sign/verify-with-engine +- PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_ENGINE}") +- +-add_executable(test_tls test_tls.c) +-target_link_libraries(test_tls OpenSSL::SSL) +-add_test(NAME TLS-with-engine COMMAND test_tls) +-set_tests_properties(TLS-with-engine +- PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_ENGINE}") +- +-add_executable(test_context test_context.c) +-target_link_libraries(test_context OpenSSL::Crypto) +-add_test(NAME context-with-engine COMMAND test_context) +-set_tests_properties(context-with-engine +- PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_ENGINE}") +-add_test(NAME context-with-provider COMMAND test_context) +-set_tests_properties(context-with-provider +- PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_PROVIDER}") +- +-# test_keyexpimp is an internals testing program, it doesn't need a test env +-add_executable(test_keyexpimp test_keyexpimp.c) +-#target_compile_definitions(test_keyexpimp PUBLIC -DOPENSSL_LOAD_CONF) +-target_link_libraries(test_keyexpimp gost_core gost_err) +-add_test(NAME keyexpimp COMMAND test_keyexpimp) +- +-# test_gost89 is an internals testing program, it doesn't need a test env +-add_executable(test_gost89 test_gost89.c) +-target_link_libraries(test_gost89 gost_core gost_err) +-add_test(NAME gost89 COMMAND test_gost89) +- +-if(NOT SKIP_PERL_TESTS) +- execute_process(COMMAND perl -MTest2::V0 -e "" +- ERROR_QUIET RESULT_VARIABLE MISSING_TEST2_V0) +- find_program(HAVE_PROVE NAMES prove) +- if(NOT MISSING_TEST2_V0 AND HAVE_PROVE) +- add_test(NAME engine +- COMMAND prove --merge -PWrapOpenSSL ${CMAKE_CURRENT_SOURCE_DIR}/test :: engine) +- set_tests_properties(engine PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_ENGINE}") +- add_test(NAME provider +- COMMAND prove --merge -PWrapOpenSSL ${CMAKE_CURRENT_SOURCE_DIR}/test :: provider) +- set_tests_properties(provider PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_PROVIDER}") +- else() +- message(STATUS "No Test2::V0 perl module (engine and provider tests skipped)") +- endif() +-endif() +- +-if(NOT MSVC) +- add_executable(sign benchmark/sign.c) +- target_link_libraries(sign gost_core gost_err ${CLOCK_GETTIME_LIB}) +-endif() +- +-# All that may need to load just built engine will have path to it defined. +-set(BINARY_TESTS_TARGETS +- test_digest +- test_ciphers +- test_curves +- test_params +- test_derive +- test_sign +- test_context +- test_keyexpimp +- test_gost89 +- test_tls +- ) +-set_property(TARGET ${BINARY_TESTS_TARGETS} APPEND PROPERTY COMPILE_DEFINITIONS ENGINE_DIR="${OUTPUT_DIRECTORY}") +- + add_library(gost_core STATIC ${GOST_LIB_SOURCE_FILES}) + set_target_properties(gost_core PROPERTIES POSITION_INDEPENDENT_CODE ON) + target_link_libraries(gost_core PRIVATE OpenSSL::Crypto) diff --git a/libs/h2o/Makefile b/libs/h2o/Makefile index e7529d1e2..30241356f 100644 --- a/libs/h2o/Makefile +++ b/libs/h2o/Makefile @@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=h2o PKG_VERSION:=2.2.6 -PKG_RELEASE:=13 +PKG_RELEASE:=14 PKG_SOURCE_URL:=https://codeload.github.com/h2o/h2o/tar.gz/v${PKG_VERSION}? PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz @@ -26,7 +26,7 @@ define Package/libh2o-evloop CATEGORY:=Libraries TITLE:=H2O Library compiled with its own event loop URL:=https://h2o.examp1e.net/ - DEPENDS:=+libopenssl +zlib +libyaml + DEPENDS:=+libopenssl +zlib endef define Package/libh2o diff --git a/libs/h2o/patches/700-no-mime-map.patch b/libs/h2o/patches/700-no-mime-map.patch new file mode 100644 index 000000000..7fccfa6fb --- /dev/null +++ b/libs/h2o/patches/700-no-mime-map.patch @@ -0,0 +1,73 @@ +--- a/lib/core/config.c ++++ b/lib/core/config.c +@@ -1,3 +1,4 @@ ++ + /* + * Copyright (c) 2014-2016 DeNA Co., Ltd. + * +@@ -37,7 +38,9 @@ static h2o_hostconf_t *create_hostconf(h + hostconf->http2.push_preload = 1; /* enabled by default */ + h2o_config_init_pathconf(&hostconf->fallback_path, globalconf, NULL, globalconf->mimemap); + hostconf->mimemap = globalconf->mimemap; +- h2o_mem_addref_shared(hostconf->mimemap); ++ if (hostconf->mimemap) { ++ h2o_mem_addref_shared(hostconf->mimemap); ++ } + return hostconf; + } + +@@ -54,7 +57,9 @@ static void destroy_hostconf(h2o_hostcon + } + free(hostconf->paths.entries); + h2o_config_dispose_pathconf(&hostconf->fallback_path); +- h2o_mem_release_shared(hostconf->mimemap); ++ if (hostconf->mimemap) { ++ h2o_mem_release_shared(hostconf->mimemap); ++ } + + free(hostconf); + } +@@ -136,8 +141,10 @@ void h2o_config_init_pathconf(h2o_pathco + h2o_chunked_register(pathconf); + if (path != NULL) + pathconf->path = h2o_strdup(NULL, path, SIZE_MAX); +- h2o_mem_addref_shared(mimemap); +- pathconf->mimemap = mimemap; ++ if (mimemap) { ++ h2o_mem_addref_shared(mimemap); ++ pathconf->mimemap = mimemap; ++ } + pathconf->error_log.emit_request_errors = 1; + } + +@@ -190,7 +197,7 @@ void h2o_config_init(h2o_globalconf_t *c + config->http2.latency_optimization.max_additional_delay = 10; + config->http2.latency_optimization.max_cwnd = 65535; + config->http2.callbacks = H2O_HTTP2_CALLBACKS; +- config->mimemap = h2o_mimemap_create(); ++ // config->mimemap = h2o_mimemap_create(); + + h2o_configurator__init_core(config); + } +@@ -279,7 +286,9 @@ void h2o_config_dispose(h2o_globalconf_t + } + free(config->hosts); + +- h2o_mem_release_shared(config->mimemap); ++ if (config->mimemap) { ++ h2o_mem_release_shared(config->mimemap); ++ } + h2o_configurator__dispose_configurators(config); + } + +--- a/lib/core/request.c ++++ b/lib/core/request.c +@@ -486,7 +486,7 @@ void h2o_req_fill_mime_attributes(h2o_re + ssize_t content_type_index; + h2o_mimemap_type_t *mime; + +- if (req->res.mime_attr != NULL) ++ if (req->res.mime_attr != NULL || req->pathconf->mimemap == NULL) + return; + + if ((content_type_index = h2o_find_header(&req->res.headers, H2O_TOKEN_CONTENT_TYPE, -1)) != -1 && diff --git a/libs/h2o/patches/800-smaller-write-buffer.patch b/libs/h2o/patches/800-smaller-write-buffer.patch new file mode 100644 index 000000000..5527ad57d --- /dev/null +++ b/libs/h2o/patches/800-smaller-write-buffer.patch @@ -0,0 +1,11 @@ +--- a/include/h2o/http2_internal.h ++++ b/include/h2o/http2_internal.h +@@ -33,7 +33,7 @@ + typedef struct st_h2o_http2_conn_t h2o_http2_conn_t; + typedef struct st_h2o_http2_stream_t h2o_http2_stream_t; + +-#define H2O_HTTP2_DEFAULT_OUTBUF_SIZE 81920 /* the target size of each write call; connection flow control window + alpha */ ++#define H2O_HTTP2_DEFAULT_OUTBUF_SIZE 8192 /* the target size of each write call; connection flow control window + alpha */ + #define H2O_HTTP2_DEFAULT_OUTBUF_SOFT_MAX_SIZE 524288 /* 512KB; stops reading if size exceeds this value */ + + /* hpack */ diff --git a/libs/icu/Makefile b/libs/icu/Makefile index cc6b86fc3..310dc354c 100644 --- a/libs/icu/Makefile +++ b/libs/icu/Makefile @@ -9,13 +9,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=icu4c MAJOR_VERSION:=73 -MINOR_VERSION:=1 +MINOR_VERSION:=2 PKG_VERSION:=$(MAJOR_VERSION).$(MINOR_VERSION) PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(MAJOR_VERSION)_$(MINOR_VERSION)-src.tgz PKG_SOURCE_URL:=https://github.com/unicode-org/icu/releases/download/release-$(MAJOR_VERSION)-$(MINOR_VERSION) -PKG_HASH:=a457431de164b4aa7eca00ed134d00dfbf88a77c6986a10ae7774fc076bb8c45 +PKG_HASH:=818a80712ed3caacd9b652305e01afc7fa167e6f2e94996da44b90c2ab604ce1 PKG_LICENSE:=ICU PKG_LICENSE_FILES:=LICENSE diff --git a/libs/libdaq3/Makefile b/libs/libdaq3/Makefile index a97eb7755..59caff951 100644 --- a/libs/libdaq3/Makefile +++ b/libs/libdaq3/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=libdaq3 -PKG_VERSION:=3.0.11 +PKG_VERSION:=3.0.12 PKG_RELEASE:=1 PKG_MAINTAINER:=W. Michael Petullo @@ -17,7 +17,7 @@ PKG_LICENSE:=GPL-2.0-only PKG_SOURCE:=libdaq-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/snort3/libdaq/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=c9b691e113960cc19c4df6e93eacbdb45c96491da9c81471f3e419b91c04579a +PKG_HASH:=dedfdb88de151d61009bdb365322853687b1add4adec248952d2a93b70f584af PKG_BUILD_DIR:=$(BUILD_DIR)/libdaq-$(PKG_VERSION) PKG_FIXUP:=autoreconf diff --git a/libs/libpfring/Makefile b/libs/libpfring/Makefile index f02e3ed48..0ef774b79 100644 --- a/libs/libpfring/Makefile +++ b/libs/libpfring/Makefile @@ -9,12 +9,12 @@ include $(TOPDIR)/rules.mk include $(INCLUDE_DIR)/kernel.mk PKG_NAME:=libpfring -PKG_VERSION:=8.0.0 +PKG_VERSION:=8.4.0 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/ntop/PF_RING/tar.gz/$(PKG_VERSION)? -PKG_HASH:=8e733899b736fe2536ef785b2b7d719abe652297fe7fe3a03fc495a87a9b6e82 +PKG_HASH:=2756a45ab250da11850160beb62aa879075aedfb49bf8f323b404f02b0c36670 PKG_BUILD_DIR:=$(KERNEL_BUILD_DIR)/PF_RING-$(PKG_VERSION) PKG_MAINTAINER:=Banglang Huang diff --git a/libs/libpfring/patches/0001-fix-cross-compiling.patch b/libs/libpfring/patches/0001-fix-cross-compiling.patch index 9b52fbe9f..021162bbb 100644 --- a/libs/libpfring/patches/0001-fix-cross-compiling.patch +++ b/libs/libpfring/patches/0001-fix-cross-compiling.patch @@ -1,6 +1,6 @@ --- a/userland/configure +++ b/userland/configure -@@ -3875,12 +3875,6 @@ $as_echo "no" >&6; } +@@ -3868,12 +3868,6 @@ $as_echo "no" >&6; } if test "$IS_FREEBSD" != "1" && test "$cross_compiling" != "yes" ; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking if r/w locks are supported" >&5 $as_echo_n "checking if r/w locks are supported... " >&6; } @@ -13,7 +13,7 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -@@ -3893,7 +3887,7 @@ else +@@ -3886,7 +3880,7 @@ else _ACEOF @@ -22,7 +22,7 @@ { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } cat >>confdefs.h <<_ACEOF -@@ -3907,7 +3901,6 @@ $as_echo "no" >&6; } +@@ -3900,7 +3894,6 @@ $as_echo "no" >&6; } fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext diff --git a/libs/libpfring/patches/002-implement-probabilistic-sampling.patch b/libs/libpfring/patches/002-implement-probabilistic-sampling.patch new file mode 100644 index 000000000..d7b3e8339 --- /dev/null +++ b/libs/libpfring/patches/002-implement-probabilistic-sampling.patch @@ -0,0 +1,89 @@ +From 405caa1424358032574230ec5479e64834869298 Mon Sep 17 00:00:00 2001 +From: Alfredo Cardigliano +Date: Thu, 13 Apr 2023 13:03:28 +0200 +Subject: [PATCH] Implement probabilistic sampling + +--- + kernel/linux/pf_ring.h | 4 +++- + kernel/pf_ring.c | 34 ++++++++++++++++++++++++---------- + 2 files changed, 27 insertions(+), 11 deletions(-) + +--- a/kernel/linux/pf_ring.h ++++ b/kernel/linux/pf_ring.h +@@ -1310,7 +1310,9 @@ struct pf_ring_socket { + u_char *ring_slots; /* Points to ring_memory+sizeof(FlowSlotInfo) */ + + /* Packet Sampling */ +- u_int32_t pktToSample, sample_rate; ++ u_int32_t sample_rate; ++ u_int32_t pkts_to_sample; ++ u_int32_t sample_rnd_shift; + + /* Virtual Filtering Device */ + virtual_filtering_device_element *v_filtering_dev; +--- a/kernel/pf_ring.c ++++ b/kernel/pf_ring.c +@@ -3695,6 +3695,26 @@ int bpf_filter_skb(struct sk_buff *skb, + + /* ********************************** */ + ++int sample_packet(struct pf_ring_socket *pfr) { ++ if(pfr->pkts_to_sample <= 1) { ++ u_int32_t rnd = 0; ++ ++ get_random_bytes(&rnd, sizeof(u_int32_t)); ++ rnd = rnd % pfr->sample_rate; ++ ++ pfr->pkts_to_sample = pfr->sample_rate - pfr->sample_rnd_shift + rnd; ++ ++ pfr->sample_rnd_shift = rnd; ++ ++ return 1; /* Pass packet */ ++ } else { ++ pfr->pkts_to_sample--; ++ return 0; /* Discard packet */ ++ } ++} ++ ++/* ********************************** */ ++ + u_int32_t default_rehash_rss_func(struct sk_buff *skb, struct pfring_pkthdr *hdr) + { + return hash_pkt_header(hdr, 0); +@@ -3805,12 +3825,9 @@ static int add_skb_to_ring(struct sk_buf + if(pfr->sample_rate > 1) { + spin_lock_bh(&pfr->ring_index_lock); + +- if(pfr->pktToSample <= 1) { +- pfr->pktToSample = pfr->sample_rate; +- } else { ++ if(!sample_packet(pfr)) { ++ /* Discard packet */ + pfr->slots_info->tot_pkts++; +- pfr->pktToSample--; +- + spin_unlock_bh(&pfr->ring_index_lock); + atomic_dec(&pfr->num_ring_users); + return(-1); +@@ -4161,11 +4178,8 @@ int pf_ring_skb_ring_handler(struct sk_b + + if(pfr->sample_rate > 1) { + spin_lock_bh(&pfr->ring_index_lock); +- if(pfr->pktToSample <= 1) { +- pfr->pktToSample = pfr->sample_rate; +- } else { ++ if (!sample_packet(pfr)) { + pfr->slots_info->tot_pkts++; +- pfr->pktToSample--; + rc = 0; + } + spin_unlock_bh(&pfr->ring_index_lock); +@@ -7957,7 +7971,7 @@ static int ring_getsockopt(struct socket + if(copy_to_user(optval, lowest_if_mac, ETH_ALEN)) + return(-EFAULT); + } else { +- char *dev_addr = pfr->ring_dev->dev->dev_addr; ++ const char *dev_addr = pfr->ring_dev->dev->dev_addr; + + if (dev_addr == NULL) /* e.g. 'any' device */ + dev_addr = empty_mac; diff --git a/libs/libpfring/patches/100-fix-compilation-warning.patch b/libs/libpfring/patches/100-fix-compilation-warning.patch index 18c72e734..97115b176 100644 --- a/libs/libpfring/patches/100-fix-compilation-warning.patch +++ b/libs/libpfring/patches/100-fix-compilation-warning.patch @@ -1,6 +1,6 @@ --- a/kernel/pf_ring.c +++ b/kernel/pf_ring.c -@@ -3940,7 +3940,7 @@ static int hash_pkt_cluster(ring_cluster_element *cluster_ptr, +@@ -3902,7 +3902,7 @@ static int hash_pkt_cluster(ring_cluster break; } /* else, fall through, because it's like 2-tuple for non-TCP packets */ @@ -9,22 +9,3 @@ case cluster_per_flow_2_tuple: case cluster_per_inner_flow_2_tuple: flags |= mask_2_tuple; -@@ -5485,8 +5485,7 @@ static int ring_release(struct socket *sock) - remove_cluster_referee(pfr); - - if((pfr->zc_device_entry != NULL) -- && pfr->zc_device_entry->zc_dev.dev -- && pfr->zc_device_entry->zc_dev.dev->name) { -+ && pfr->zc_device_entry->zc_dev.dev) { - pfring_release_zc_dev(pfr); - } - -@@ -5617,8 +5616,6 @@ static int ring_bind(struct socket *sock, struct sockaddr *sa, int addr_len) - return(-EINVAL); - if(sa->sa_family != PF_RING) - return(-EINVAL); -- if(sa->sa_data == NULL) -- return(-EINVAL); - - memcpy(name, sa->sa_data, sizeof(sa->sa_data)); - diff --git a/libs/libuv/Makefile b/libs/libuv/Makefile index 37738c6fd..5b4bface1 100644 --- a/libs/libuv/Makefile +++ b/libs/libuv/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=libuv -PKG_VERSION:=1.44.1 +PKG_VERSION:=1.45.0 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-v$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://dist.libuv.org/dist/v$(PKG_VERSION)/ -PKG_HASH:=9d37b63430fe3b92a9386b949bebd8f0b4784a39a16964c82c9566247a76f64a +PKG_HASH:=f5b07f65a1e8166e47983a7ed1f42fae0bee08f7458142170c37332fc676a748 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-v$(PKG_VERSION) PKG_MAINTAINER:=Marko Ratkaj diff --git a/libs/libwebsockets/Makefile b/libs/libwebsockets/Makefile index c71510b01..34e7abd3d 100644 --- a/libs/libwebsockets/Makefile +++ b/libs/libwebsockets/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=libwebsockets PKG_VERSION:=4.3.2 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) diff --git a/libs/libwebsockets/patches/010-fix-enum-int-mismatch-openssl.patch b/libs/libwebsockets/patches/010-fix-enum-int-mismatch-openssl.patch new file mode 100644 index 000000000..5f2ee86e0 --- /dev/null +++ b/libs/libwebsockets/patches/010-fix-enum-int-mismatch-openssl.patch @@ -0,0 +1,26 @@ +From 722e44cb5b74cae206f47a6dc0d985eba8ed1b2e Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Thu, 26 Jan 2023 17:17:49 -0800 +Subject: [PATCH] Fix -Werror=enum-int-mismatch in + lws_tls_server_abort_connection() + +GCC 13 is findinf this function signature mismatch. + +../git/lib/tls/openssl/openssl-server.c:713:1: error: conflicting types for 'lws_tls_server_abort_connection' due to enum/integer mismatch; have 'int(struct lws *)' [-Werror=enum-int-mismatch] + +Signed-off-by: Khem Raj +--- + lib/tls/openssl/openssl-server.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/lib/tls/openssl/openssl-server.c ++++ b/lib/tls/openssl/openssl-server.c +@@ -709,7 +709,7 @@ lws_tls_server_new_nonblocking(struct lw + return 0; + } + +-int ++enum lws_ssl_capable_status + lws_tls_server_abort_connection(struct lws *wsi) + { + if (wsi->tls.use_ssl) diff --git a/libs/libwebsockets/patches/011-fix-enum-int-mismatch-mbedtls.patch b/libs/libwebsockets/patches/011-fix-enum-int-mismatch-mbedtls.patch new file mode 100644 index 000000000..ce4d44a37 --- /dev/null +++ b/libs/libwebsockets/patches/011-fix-enum-int-mismatch-mbedtls.patch @@ -0,0 +1,14 @@ +--- a/lib/tls/mbedtls/mbedtls-server.c ++++ b/lib/tls/mbedtls/mbedtls-server.c +@@ -264,11 +264,7 @@ lws_tls_server_new_nonblocking(struct lw + return 0; + } + +-#if defined(LWS_AMAZON_RTOS) + enum lws_ssl_capable_status +-#else +-int +-#endif + lws_tls_server_abort_connection(struct lws *wsi) + { + if (wsi->tls.use_ssl) diff --git a/libs/xr_usb_serial_common/Makefile b/libs/xr_usb_serial_common/Makefile index b8e7ee62f..24ebf2603 100644 --- a/libs/xr_usb_serial_common/Makefile +++ b/libs/xr_usb_serial_common/Makefile @@ -2,13 +2,13 @@ include $(TOPDIR)/rules.mk include $(INCLUDE_DIR)/kernel.mk PKG_NAME:=usb-serial-xr_usb_serial_common -PKG_SOURCE_DATE:=2022-03-30 -PKG_SOURCE_VERSION:=ecc6ebe0141b97942d774e6c6be37a330cc11a74 +PKG_SOURCE_DATE:=2023-03-21 +PKG_SOURCE_VERSION:=90ad530166f096347a5a57b6f9eb21c422a40fd9 PKG_RELEASE:=1 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://github.com/kasbert/epsolar-tracer -PKG_MIRROR_HASH:=487c4259211411d3c435284016f90c6770539c0a6f904f3327f18381a33c23e3 +PKG_MIRROR_HASH:=0cea56120542d3d546028d17389a3419ca930448005a9208728c40583ccf027d PKG_MAINTAINER:=Daniel Golle PKG_LICENSE:=GPL-2.0-or-later diff --git a/libs/xr_usb_serial_common/patches/100-fix-compilation-warning-unused-function.patch b/libs/xr_usb_serial_common/patches/100-fix-compilation-warning-unused-function.patch deleted file mode 100644 index 4e92f7a1d..000000000 --- a/libs/xr_usb_serial_common/patches/100-fix-compilation-warning-unused-function.patch +++ /dev/null @@ -1,42 +0,0 @@ ---- a/xr_usb_serial_common-1a/xr_usb_serial_common.c -+++ b/xr_usb_serial_common-1a/xr_usb_serial_common.c -@@ -258,7 +258,9 @@ static void xr_usb_serial_ctrl_irq(struct urb *urb) - { - struct xr_usb_serial *xr_usb_serial = urb->context; - struct usb_cdc_notification *dr = urb->transfer_buffer; -+#if LINUX_VERSION_CODE <= KERNEL_VERSION(3, 9, 0) - struct tty_struct *tty; -+#endif - unsigned char *data; - int newctrl; - int retval; -@@ -390,7 +392,9 @@ static int xr_usb_serial_submit_read_urbs(struct xr_usb_serial *xr_usb_serial, g - } - static void xr_usb_serial_process_read_urb(struct xr_usb_serial *xr_usb_serial, struct urb *urb) - { -+#if LINUX_VERSION_CODE <= KERNEL_VERSION(3, 9, 0) - struct tty_struct *tty; -+#endif - if (!urb->actual_length) - return; - #if LINUX_VERSION_CODE > KERNEL_VERSION(3, 9, 0) -@@ -465,7 +469,9 @@ static void xr_usb_serial_write_bulk(struct urb *urb) - static void xr_usb_serial_softint(struct work_struct *work) - { - struct xr_usb_serial *xr_usb_serial = container_of(work, struct xr_usb_serial, work); -+#if LINUX_VERSION_CODE <= KERNEL_VERSION(3, 9, 0) - struct tty_struct *tty; -+#endif - - dev_vdbg(&xr_usb_serial->data->dev, "%s\n", __func__); - #if LINUX_VERSION_CODE > KERNEL_VERSION(3, 9, 0) -@@ -1631,7 +1637,9 @@ err_out: - static int xr_usb_serial_reset_resume(struct usb_interface *intf) - { - struct xr_usb_serial *xr_usb_serial = usb_get_intfdata(intf); -+#if LINUX_VERSION_CODE <= KERNEL_VERSION(3, 9, 0) - struct tty_struct *tty; -+#endif - if (tty_port_initialized(&xr_usb_serial->port)){ - #if LINUX_VERSION_CODE > KERNEL_VERSION(3, 9, 0) - tty_port_tty_hangup(&xr_usb_serial->port, false); diff --git a/mail/alpine/Makefile b/mail/alpine/Makefile index b11d4aa30..83969b8cc 100644 --- a/mail/alpine/Makefile +++ b/mail/alpine/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=alpine PKG_VERSION:=2.25 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://alpineapp.email/alpine/release/src/Old @@ -20,7 +20,6 @@ PKG_LICENSE:=Apache-2.0 PKG_LICENSE_FILES:=LICENSE PKG_INSTALL:=1 -PKG_BUILD_PARALLEL:=1 include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/nls.mk diff --git a/multimedia/grilo-plugins/Makefile b/multimedia/grilo-plugins/Makefile index 8b69e6b5a..616f34643 100644 --- a/multimedia/grilo-plugins/Makefile +++ b/multimedia/grilo-plugins/Makefile @@ -6,12 +6,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=grilo-plugins -PKG_VERSION:=0.3.14 +PKG_VERSION:=0.3.16 PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=@GNOME/grilo-plugins/0.3/ -PKG_HASH:=686844b34ec73b24931ff6cc4f6033f0072947a6db60acdc7fb3eaf157a581c8 +PKG_HASH:=fe6f4dbe586c6b8ba2406394e202f22d009d642a96eb3a54f32f6a21d084cdcb PKG_MAINTAINER:=W. Michael Petullo PKG_LICENSE:=LGPL-2.1-or-later @@ -55,7 +55,6 @@ MESON_ARGS += \ -Denable-lua-factory=no \ -Denable-magnatune=$(if $(CONFIG_PACKAGE_grilo-plugins-magnatune),yes,no) \ -Denable-metadata-store=$(if $(CONFIG_PACKAGE_grilo-plugins-metadata-store),yes,no) \ - -Denable-opensubtitles=$(if $(CONFIG_PACKAGE_grilo-plugins-opensubtitles),yes,no) \ -Denable-optical-media=no \ -Denable-podcasts=no \ -Denable-raitv=$(if $(CONFIG_PACKAGE_grilo-plugins-raitv),yes,no) \ @@ -99,7 +98,6 @@ $(eval $(call BuildPlugin,dmap,DAAP and DPAP sharing,daap dpap,libdmapsharing,30 $(eval $(call BuildPlugin,gravatar,Gravatar provider,gravatar,,30)) $(eval $(call BuildPlugin,magnatune,Magnatune sharing,magnatune,,30)) $(eval $(call BuildPlugin,metadata-store,Metadata Store,metadatastore,,30)) -$(eval $(call BuildPlugin,opensubtitles,Open subtitles provider,opensubtitles,,30)) $(eval $(call BuildPlugin,raitv,Rai.tv sharing,raitv,,30)) $(eval $(call BuildPlugin,shoutcast,SHOUTcast sharing,shoutcast,,30)) $(eval $(call BuildPlugin,tmdb,TMDb,tmdb,+json-glib,30)) diff --git a/multimedia/grilo/Makefile b/multimedia/grilo/Makefile index ea5850109..088835074 100644 --- a/multimedia/grilo/Makefile +++ b/multimedia/grilo/Makefile @@ -6,12 +6,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=grilo -PKG_VERSION:=0.3.14 +PKG_VERSION:=0.3.16 PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=@GNOME/grilo/0.3/ -PKG_HASH:=0369d0b00bb0f59ba5f7aea8cfc665f38df14a5b4182d28c7c1e2cd15b518743 +PKG_HASH:=884580e8c5ece280df23aa63ff5234b7d48988a404df7d6bfccd1e77b473bd96 PKG_MAINTAINER:=W. Michael Petullo PKG_LICENSE:=LGPL-2.1-or-later @@ -28,7 +28,7 @@ define Package/grilo CATEGORY:=Multimedia TITLE:=grilo URL:=https://wiki.gnome.org/Projects/Grilo - DEPENDS:=+glib2 +libsoup +libxml2 + DEPENDS:=+glib2 +libsoup3 +libxml2 endef define Package/grilo/decription diff --git a/multimedia/minidlna/Makefile b/multimedia/minidlna/Makefile index d5343edbd..8d5d51a9d 100644 --- a/multimedia/minidlna/Makefile +++ b/multimedia/minidlna/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=minidlna -PKG_VERSION:=1.3.2 +PKG_VERSION:=1.3.3 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=@SF/minidlna -PKG_HASH:=222ce45a1a60c3ce3de17527955d38e5ff7a4592d61db39577e6bf88e0ae1cb0 +PKG_HASH:=39026c6d4a139b9180192d1c37225aa3376fdf4f1a74d7debbdbb693d996afa4 PKG_MAINTAINER:= PKG_LICENSE:=GPL-2.0-or-later BSD-3-Clause diff --git a/multimedia/minidlna/patches/030-mark_all_instances_of_magic_container_s_as_const.patch b/multimedia/minidlna/patches/030-mark_all_instances_of_magic_container_s_as_const.patch index 84a818835..92c521f64 100644 --- a/multimedia/minidlna/patches/030-mark_all_instances_of_magic_container_s_as_const.patch +++ b/multimedia/minidlna/patches/030-mark_all_instances_of_magic_container_s_as_const.patch @@ -105,7 +105,7 @@ Subject: [PATCH] Mark all instances of magic_container_s as const { int ret; -@@ -1301,7 +1301,7 @@ BrowseContentDirectory(struct upnphttp * +@@ -1305,7 +1305,7 @@ BrowseContentDirectory(struct upnphttp * "" "<DIDL-Lite" CONTENT_DIRECTORY_SCHEMAS; @@ -114,7 +114,7 @@ Subject: [PATCH] Mark all instances of magic_container_s as const char *zErrMsg = NULL; char *sql, *ptr; struct Response args; -@@ -1823,7 +1823,7 @@ SearchContentDirectory(struct upnphttp * +@@ -1828,7 +1828,7 @@ SearchContentDirectory(struct upnphttp * "" "<DIDL-Lite" CONTENT_DIRECTORY_SCHEMAS; diff --git a/multimedia/tvheadend/Makefile b/multimedia/tvheadend/Makefile index 1af5b6dd2..f33b66662 100644 --- a/multimedia/tvheadend/Makefile +++ b/multimedia/tvheadend/Makefile @@ -1,22 +1,22 @@ include $(TOPDIR)/rules.mk PKG_NAME:=tvheadend -PKG_VERSION:=2022-11-20 -PKG_RELEASE:=3 +PKG_VERSION:=2023-06-05 +PKG_RELEASE:=1 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://github.com/tvheadend/tvheadend.git -PKG_MIRROR_HASH:=9c1bb3eea3f3539454d17e4c6aabc774a104a772aa34ed39f248521cf6488ce5 -PKG_SOURCE_VERSION:=0ff96106aa2e0f9a384c3a2662ca005797a6b399 -PKG_SOURCE_DATE:=2022-11-20 +PKG_MIRROR_HASH:=921506f54a93fa78ba17578a0ef127f4eebd4df0691aef5905cd1eb2eae52bef +PKG_SOURCE_VERSION:=003fd92707531bdf7ad1753ab028db8748ac5ab8 +PKG_SOURCE_DATE:=2023-06-05 PKG_LICENSE:=GPL-3.0 PKG_LICENSE_FILES:=LICENSE.md PKG_BUILD_PARALLEL:=1 PKG_FIXUP:=autoreconf - PKG_BUILD_FLAGS:=no-mips16 +PKG_BUILD_DEPENDS:=gettext-full/host include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/nls.mk diff --git a/multimedia/tvheadend/patches/040-fortify.patch b/multimedia/tvheadend/patches/040-fortify.patch deleted file mode 100644 index 429791ad1..000000000 --- a/multimedia/tvheadend/patches/040-fortify.patch +++ /dev/null @@ -1,9 +0,0 @@ ---- a/src/intlconv.c -+++ b/src/intlconv.c -@@ -1,3 +1,6 @@ -+#ifndef _GNU_SOURCE -+#define _GNU_SOURCE -+#endif - #include - #include "tvheadend.h" - #include "intlconv.h" diff --git a/multimedia/tvheadend/patches/050-iconv-test-continue.patch b/multimedia/tvheadend/patches/050-iconv-test-continue.patch index 2e46b5113..bdfc4359c 100644 --- a/multimedia/tvheadend/patches/050-iconv-test-continue.patch +++ b/multimedia/tvheadend/patches/050-iconv-test-continue.patch @@ -1,6 +1,6 @@ --- a/src/intlconv.c +++ b/src/intlconv.c -@@ -36,9 +36,8 @@ intlconv_test( void ) +@@ -37,9 +37,8 @@ intlconv_test( void ) (strcmp(s, "ZlutouckyKun") && strcmp(s, "Zlutouck'yKun") && strcmp(s, "?lu?ou?k?K??"))) { diff --git a/net/adblock/Makefile b/net/adblock/Makefile index 6eda908a4..0e11de105 100644 --- a/net/adblock/Makefile +++ b/net/adblock/Makefile @@ -7,7 +7,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=adblock PKG_VERSION:=4.1.5 -PKG_RELEASE:=7 +PKG_RELEASE:=8 PKG_LICENSE:=GPL-3.0-or-later PKG_MAINTAINER:=Dirk Brenken diff --git a/net/adblock/files/README.md b/net/adblock/files/README.md index 95cbfeedc..463965b0f 100644 --- a/net/adblock/files/README.md +++ b/net/adblock/files/README.md @@ -12,7 +12,7 @@ A lot of people already use adblocker plugins within their desktop browsers, but | :------------------ | :-----: | :--- | :--------------- | :-------------------------------------------------------------------------------- | | adaway | x | S | mobile | [Link](https://github.com/AdAway/adaway.github.io) | | adguard | x | L | general | [Link](https://adguard.com) | -| adguard_tracking | | S | tracking | [Link](https://github.com/AdguardTeam/cname-trackers) | +| adguard_tracking | | L | tracking | [Link](https://github.com/AdguardTeam/cname-trackers) | | android_tracking | | S | tracking | [Link](https://github.com/Perflyst/PiHoleBlocklist) | | andryou | | L | compilation | [Link](https://gitlab.com/andryou/block/-/blob/master/readme.md) | | anti_ad | | L | compilation | [Link](https://github.com/privacy-protection-tools/anti-AD/blob/master/README.md) | diff --git a/net/adblock/files/adblock.sources b/net/adblock/files/adblock.sources index 85af8602b..b7f8f8b11 100644 --- a/net/adblock/files/adblock.sources +++ b/net/adblock/files/adblock.sources @@ -14,9 +14,9 @@ "descurl": "https://adguard.com" }, "adguard_tracking": { - "url": "https://raw.githubusercontent.com/AdguardTeam/cname-trackers/master/combined_disguised_trackers_justdomains.txt", + "url": "https://raw.githubusercontent.com/AdguardTeam/cname-trackers/master/data/combined_disguised_trackers_justdomains.txt", "rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}", - "size": "S", + "size": "L", "focus": "tracking", "descurl": "https://github.com/AdguardTeam/cname-trackers" }, diff --git a/net/banip/Makefile b/net/banip/Makefile index 7ca6d9de3..95dc36641 100644 --- a/net/banip/Makefile +++ b/net/banip/Makefile @@ -5,8 +5,8 @@ include $(TOPDIR)/rules.mk PKG_NAME:=banip -PKG_VERSION:=0.8.7 -PKG_RELEASE:=1 +PKG_VERSION:=0.8.8 +PKG_RELEASE:=2 PKG_LICENSE:=GPL-3.0-or-later PKG_MAINTAINER:=Dirk Brenken diff --git a/net/banip/files/README.md b/net/banip/files/README.md index c30b7865f..88e437437 100644 --- a/net/banip/files/README.md +++ b/net/banip/files/README.md @@ -61,12 +61,14 @@ IP address blocking is commonly used to protect against brute force attacks, pre * Full IPv4 and IPv6 support * Supports nft atomic Set loading * Supports blocking by ASN numbers and by iso country codes -* Supports local allow- and blocklist (IPv4, IPv6, CIDR notation or domain names) +* Supports local allow- and blocklist with MAC/IPv4/IPv6 addresses or domain names +* Supports concatenation of local MAC addresses with IPv4/IPv6 addresses, e.g. to enforce dhcp assignments +* All local input types support ranges in CIDR notation * Auto-add the uplink subnet or uplink IP to the local allowlist -* Provides a small background log monitor to ban unsuccessful login attempts in real-time +* Provides a small background log monitor to ban unsuccessful login attempts in real-time (like fail2ban, crowdsec etc.) * Auto-add unsuccessful LuCI, nginx, Asterisk or ssh login attempts to the local blocklist * Auto-add entire subnets to the blocklist Sets based on an additional RDAP request with the monitored suspicious IP -* Fast feed processing as they are handled in parallel as background jobs +* Fast feed processing as they are handled in parallel as background jobs (on capable multi-core hardware) * Per feed it can be defined whether the wan-input chain, the wan-forward chain or the lan-forward chain should be blocked (default: all chains) * Automatic blocklist backup & restore, the backups will be used in case of download errors or during startup * Automatically selects one of the following download utilities with ssl support: aria2c, curl, uclient-fetch or full wget @@ -188,62 +190,54 @@ Available commands: ::: ::: banIP Set Statistics ::: - Timestamp: 2023-02-25 08:35:37 + Timestamp: 2023-06-21 07:03:23 ------------------------------ - auto-added to allowlist: 0 - auto-added to blocklist: 4 + auto-added to allowlist today: 0 + auto-added to blocklist today: 0 Set | Elements | WAN-Input (packets) | WAN-Forward (packets) | LAN-Forward (packets) ---------------------+--------------+-----------------------+-----------------------+------------------------ - allowlistvMAC | 0 | - | - | OK: 0 - allowlistv4 | 15 | OK: 0 | OK: 0 | OK: 0 + allowlistv4MAC | 0 | - | - | OK: 0 + allowlistv6MAC | 0 | - | - | OK: 0 + allowlistv4 | 1 | OK: 0 | OK: 0 | OK: 0 allowlistv6 | 1 | OK: 0 | OK: 0 | OK: 0 - torv4 | 800 | OK: 0 | OK: 0 | OK: 0 - torv6 | 432 | OK: 0 | OK: 0 | OK: 0 - countryv6 | 34282 | OK: 0 | OK: 1 | - - countryv4 | 35508 | OK: 1872 | OK: 0 | - - dohv6 | 343 | - | - | OK: 0 - dohv4 | 540 | - | - | OK: 3 - firehol1v4 | 1670 | OK: 296 | OK: 0 | OK: 16 - deblv4 | 12402 | OK: 4 | OK: 0 | OK: 0 - deblv6 | 41 | OK: 0 | OK: 0 | OK: 0 - adguardv6 | 12742 | - | - | OK: 161 - adguardv4 | 23183 | - | - | OK: 212 - adguardtrackersv6 | 169 | - | - | OK: 0 - adguardtrackersv4 | 633 | - | - | OK: 0 - adawayv6 | 2737 | - | - | OK: 15 - adawayv4 | 6542 | - | - | OK: 137 - oisdsmallv6 | 10569 | - | - | OK: 0 - oisdsmallv4 | 18800 | - | - | OK: 74 - stevenblackv6 | 11901 | - | - | OK: 4 - stevenblackv4 | 16776 | - | - | OK: 139 - yoyov6 | 215 | - | - | OK: 0 - yoyov4 | 309 | - | - | OK: 0 - antipopadsv4 | 1872 | - | - | OK: 0 - urlhausv4 | 7431 | OK: 0 | OK: 0 | OK: 0 - antipopadsv6 | 2081 | - | - | OK: 2 - blocklistvMAC | 0 | - | - | OK: 0 - blocklistv4 | 1174 | OK: 1 | OK: 0 | OK: 0 - blocklistv6 | 40 | OK: 0 | OK: 0 | OK: 0 + cinsscorev4 | 13115 | OK: 142 | OK: 0 | - + deblv4 | 8076 | OK: 5 | OK: 0 | OK: 0 + countryv6 | 37313 | OK: 0 | OK: 1 | - + countryv4 | 36155 | OK: 33 | OK: 0 | - + deblv6 | 15 | OK: 0 | OK: 0 | OK: 0 + dropv6 | 35 | OK: 0 | OK: 0 | OK: 0 + dropv4 | 620 | OK: 0 | OK: 0 | OK: 0 + dohv6 | 598 | - | - | OK: 0 + dohv4 | 902 | - | - | OK: 0 + edropv4 | 247 | OK: 0 | OK: 0 | OK: 0 + threatviewv4 | 571 | OK: 0 | OK: 0 | OK: 0 + firehol1v4 | 877 | OK: 8 | OK: 0 | OK: 0 + ipthreatv4 | 5751 | OK: 0 | OK: 0 | OK: 0 + urlvirv4 | 169 | OK: 0 | OK: 0 | OK: 0 + blocklistv4MAC | 0 | - | - | OK: 0 + blocklistv6MAC | 0 | - | - | OK: 0 + blocklistv4 | 3 | OK: 0 | OK: 0 | OK: 0 + blocklistv6 | 0 | OK: 0 | OK: 0 | OK: 0 ---------------------+--------------+-----------------------+-----------------------+------------------------ - 30 | 203208 | 12 (2173) | 12 (1) | 28 (763) + 22 | 104449 | 16 (188) | 16 (1) | 19 (0) ``` **banIP runtime information** ``` -~# /etc/init.d/banip status +root@blackhole:~# /etc/init.d/banip status ::: banIP runtime information + status : active (nft: ✔, monitor: ✔) - + version : 0.8.6-2 - + element_count : 172309 - + active_feeds : allowlistvMAC, allowlistv6, allowlistv4, adawayv4, adguardtrackersv4, adawayv6, adguardv6, adguardv4, urlvirv4, adguardtrackersv6, oisdbigv6, oisdbigv4, blocklistvMAC, blocklistv4, blocklistv6 + + version : 0.8.8-1 + + element_count : 104449 + + active_feeds : allowlistv4MAC, allowlistv6MAC, allowlistv4, allowlistv6, cinsscorev4, deblv4, countryv6, countryv4, deblv6, dropv6, dropv4, dohv6, dohv4, edropv4, threatviewv4, firehol1v4, ipthreatv4, urlvirv4, blocklistv4MAC, blocklistv6MAC, blocklistv4, blocklistv6 + active_devices : br-wan ::: wan, wan6 - + active_uplink : 91.64.173.145, 2a12:610c:0:80:848b:3ad0:4e05:abb + + active_uplink : 91.63.198.120, 2a12:810c:0:80:a20d:52c3:5cf:f4f + nft_info : priority: -200, policy: performance, loglevel: warn, expiry: - + run_info : base: /mnt/data/banIP, backup: /mnt/data/banIP/backup, report: /mnt/data/banIP/report, custom feed: ✘ + run_flags : auto: ✔, proto (4/6): ✔/✔, log (wan-inp/wan-fwd/lan-fwd): ✔/✔/✔, dedup: ✔, split: ✘, allowed only: ✘ - + last_run : action: restart, duration: 0m 22s, date: 2023-05-15 22:39:15 - + system_info : cores: 4, memory: 1798, device: Bananapi BPI-R3, OpenWrt SNAPSHOT r22784-1645c34d56 + + last_run : action: restart, duration: 0m 19s, date: 2023-06-21 06:45:52 + + system_info : cores: 4, memory: 1634, device: Bananapi BPI-R3, OpenWrt SNAPSHOT r23398-c4be106f4d ``` **banIP search information** @@ -292,14 +286,35 @@ list ban_logterm 'SecurityEvent=\"InvalidAccountID\".*RemoteAddress=' ``` **allow-/blocklist handling** -banIP supports local allow and block lists (IPv4, IPv6, CIDR notation or domain names), located in /etc/banip/banip.allowlist and /etc/banip/banip.blocklist. +banIP supports local allow and block lists, MAC/IPv4/IPv6 addresses (incl. ranges in CIDR notation) or domain names. These files are located in /etc/banip/banip.allowlist and /etc/banip/banip.blocklist. Unsuccessful login attempts or suspicious requests will be tracked and added to the local blocklist (see the 'ban_autoblocklist' option). The blocklist behaviour can be further tweaked with the 'ban_nftexpiry' option. Depending on the options 'ban_autoallowlist' and 'ban_autoallowuplink' the uplink subnet or the uplink IP will be added automatically to local allowlist. Furthermore, you can reference external Allowlist URLs with additional IPv4 and IPv6 feeds (see 'ban_allowurl'). Both local lists also accept domain names as input to allow IP filtering based on these names. The corresponding IPs (IPv4 & IPv6) will be extracted and added to the Sets. You can also start the domain lookup separately via /etc/init.d/banip lookup at any time. +**MAC/IP-binding** +banIP supports concatenation of local MAC addresses with IPv4/IPv6 addresses, e.g. to enforce dhcp assignments. Following notations in the local allow and block lists are allowed: +``` +MAC-address only: +C8:C2:9B:F7:80:12 => this will be populated to the v4MAC- and v6MAC-Sets with the IP-wildcards 0.0.0.0/0 and ::/0 + +MAC-address with IPv4 concatenation: +C8:C2:9B:F7:80:12 192.168.1.10 => this will be populated only to v4MAC-Set with the certain IP, no entry in the v6MAC-Set + +MAC-address with IPv6 concatenation: +C8:C2:9B:F7:80:12 2a02:810c:0:80:a10e:62c3:5af:f3f => this will be populated only to v6MAC-Set with the certain IP, no entry in the v4MAC-Set + +MAC-address with IPv4 and IPv6 concatenation: +C8:C2:9B:F7:80:12 192.168.1.10 => this will be populated to v4MAC-Set with the certain IP +C8:C2:9B:F7:80:12 2a02:810c:0:80:a10e:62c3:5af:f3f => this will be populated to v6MAC-Set with the certain IP + +MAC-address with IPv4 and IPv6 wildcard concatenation: +C8:C2:9B:F7:80:12 192.168.1.10 => this will be populated to v4MAC-Set with the certain IP +C8:C2:9B:F7:80:12 => this will be populated to v6MAC-Set with the IP-wildcard ::/0 +``` + **allowlist-only mode** -banIP supports an "allowlist only" mode. This option restricts the internet access from/to a small number of secure websites/IPs, and block access from/to the rest of the internet. All IPs and Domains which are _not_ listed in the allowlist are blocked. +banIP supports an "allowlist only" mode. This option restricts the internet access from/to a small number of secure MACs, IPs or domains, and block access from/to the rest of the internet. All IPs and Domains which are _not_ listed in the allowlist are blocked. **redirect Asterisk security logs to lodg/logread** banIP only supports logfile scanning via logread, so to monitor attacks on Asterisk, its security log must be available via logread. To do this, edit '/etc/asterisk/logger.conf' and add the line 'syslog.local0 = security', then run 'asterisk -rx reload logger' to update the running Asterisk configuration. diff --git a/net/banip/files/banip-functions.sh b/net/banip/files/banip-functions.sh index 9731c7164..a04265f65 100644 --- a/net/banip/files/banip-functions.sh +++ b/net/banip/files/banip-functions.sh @@ -23,9 +23,6 @@ ban_rtfile="/var/run/banip_runtime.json" ban_rdapfile="/var/run/banip_rdap.json" ban_rdapurl="https://rdap.db.ripe.net/ip/" ban_lock="/var/run/banip.lock" -ban_fetchcmd="" -ban_fetchparm="" -ban_rdapparm="" ban_logreadcmd="$(command -v logread)" ban_logcmd="$(command -v logger)" ban_ubuscmd="$(command -v ubus)" @@ -77,8 +74,11 @@ ban_ifv4="" ban_ifv6="" ban_dev="" ban_uplink="" +ban_fetchcmd="" +ban_fetchparm="" ban_fetchinsecure="" ban_fetchretry="5" +ban_rdapparm="" ban_cores="" ban_memory="" ban_packages="" @@ -189,6 +189,7 @@ f_rmpid() { for pid in ${pids}; do kill -INT "${pid}" >/dev/null 2>&1 done + : >"${ban_rdapfile}" : >"${ban_pidfile}" } @@ -282,7 +283,7 @@ f_conf() { f_actual() { local nft monitor - if "${ban_nftcmd}" -t list set inet banIP allowlistvMAC >/dev/null 2>&1; then + if "${ban_nftcmd}" -t list set inet banIP allowlistv4MAC >/dev/null 2>&1; then nft="$(f_char "1")" else nft="$(f_char "0")" @@ -510,7 +511,7 @@ f_nftinit() { # nft header (tables and chains) # printf "%s\n\n" "#!/usr/sbin/nft -f" - if "${ban_nftcmd}" -t list set inet banIP allowlistvMAC >/dev/null 2>&1; then + if "${ban_nftcmd}" -t list set inet banIP allowlistv4MAC >/dev/null 2>&1; then printf "%s\n" "delete table inet banIP" fi printf "%s\n" "add table inet banIP" @@ -644,12 +645,16 @@ f_down() { { printf "%s\n\n" "#!/usr/sbin/nft -f" [ -s "${tmp_flush}" ] && "${ban_catcmd}" "${tmp_flush}" - if [ "${proto}" = "MAC" ]; then - "${ban_awkcmd}" '/^([0-9A-f]{2}:){5}[0-9A-f]{2}([[:space:]]|$)/{printf "%s, ",tolower($1)}' "${tmp_allow}" >"${tmp_file}" - printf "%s\n" "add set inet banIP ${feed} { type ether_addr; policy ${ban_nftpolicy}; $(f_getelements "${tmp_file}") }" - [ -z "${feed_direction##*forwardlan*}" ] && printf "%s\n" "add rule inet banIP lan-forward ether saddr @${feed} counter accept" + if [ "${proto}" = "4MAC" ]; then + "${ban_awkcmd}" '/^([0-9A-f]{2}:){5}[0-9A-f]{2}(\/([0-9]|[1-3][0-9]|4[0-8]))?([[:space:]]+([0-9]{1,3}\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\/(1?[0-9]|2?[0-9]|3?[0-2]))?[[:space:]]*$|[[:space:]]+$|$)/{if(!$2)$2="0.0.0.0/0";if(!seen[$1]++)printf "%s . %s, ",tolower($1),$2}' "${tmp_allow}" >"${tmp_file}" + printf "%s\n" "add set inet banIP ${feed} { type ether_addr . ipv4_addr; flags interval; auto-merge; policy ${ban_nftpolicy}; $(f_getelements "${tmp_file}") }" + [ -z "${feed_direction##*forwardlan*}" ] && printf "%s\n" "add rule inet banIP lan-forward ether saddr . ip saddr @${feed} counter accept" + elif [ "${proto}" = "6MAC" ]; then + "${ban_awkcmd}" '/^([0-9A-f]{2}:){5}[0-9A-f]{2}(\/([0-9]|[1-3][0-9]|4[0-8]))?([[:space:]]+([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\/(1?[0-2][0-8]|[0-9][0-9]))?[[:space:]]*$|[[:space:]]+$|$)/{if(!$2)$2="::/0";if(!seen[$1]++)printf "%s . %s, ",tolower($1),$2}' "${tmp_allow}" >"${tmp_file}" + printf "%s\n" "add set inet banIP ${feed} { type ether_addr . ipv6_addr; flags interval; auto-merge; policy ${ban_nftpolicy}; $(f_getelements "${tmp_file}") }" + [ -z "${feed_direction##*forwardlan*}" ] && printf "%s\n" "add rule inet banIP lan-forward ether saddr . ip6 saddr @${feed} counter accept" elif [ "${proto}" = "4" ]; then - "${ban_awkcmd}" '/^(([0-9]{1,3}\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{printf "%s, ",$1}' "${tmp_allow}" >"${tmp_file}" + "${ban_awkcmd}" '/^(([0-9]{1,3}\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]].*|$)/{printf "%s, ",$1}' "${tmp_allow}" >"${tmp_file}" printf "%s\n" "add set inet banIP ${feed} { type ipv4_addr; flags interval; auto-merge; policy ${ban_nftpolicy}; $(f_getelements "${tmp_file}") }" if [ -z "${feed_direction##*input*}" ]; then if [ "${ban_allowlistonly}" = "1" ]; then @@ -673,8 +678,8 @@ f_down() { fi fi elif [ "${proto}" = "6" ]; then - "${ban_awkcmd}" '!/^([0-9A-f]{2}:){5}[0-9A-f]{2}([[:space:]]|$)/{printf "%s\n",$1}' "${tmp_allow}" | - "${ban_awkcmd}" '/^(([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\/(1?[0-2][0-8]|[0-9][0-9]))?)([[:space:]]|$)/{printf "%s, ",tolower($1)}' >"${tmp_file}" + "${ban_awkcmd}" '!/^([0-9A-f]{2}:){5}[0-9A-f]{2}.*/{printf "%s\n",$1}' "${tmp_allow}" | + "${ban_awkcmd}" '/^(([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\/(1?[0-2][0-8]|[0-9][0-9]))?)([[:space:]].*|$)/{printf "%s, ",tolower($1)}' >"${tmp_file}" printf "%s\n" "add set inet banIP ${feed} { type ipv6_addr; flags interval; auto-merge; policy ${ban_nftpolicy}; $(f_getelements "${tmp_file}") }" if [ -z "${feed_direction##*input*}" ]; then if [ "${ban_allowlistonly}" = "1" ]; then @@ -704,18 +709,22 @@ f_down() { { printf "%s\n\n" "#!/usr/sbin/nft -f" [ -s "${tmp_flush}" ] && "${ban_catcmd}" "${tmp_flush}" - if [ "${proto}" = "MAC" ]; then - "${ban_awkcmd}" '/^([0-9A-f]{2}:){5}[0-9A-f]{2}([[:space:]]|$)/{printf "%s, ",tolower($1)}' "${ban_blocklist}" >"${tmp_file}" - printf "%s\n" "add set inet banIP ${feed} { type ether_addr; policy ${ban_nftpolicy}; $(f_getelements "${tmp_file}") }" - [ -z "${feed_direction##*forwardlan*}" ] && printf "%s\n" "add rule inet banIP lan-forward ether saddr @${feed} ${log_forwardlan} counter reject" + if [ "${proto}" = "4MAC" ]; then + "${ban_awkcmd}" '/^([0-9A-f]{2}:){5}[0-9A-f]{2}(\/([0-9]|[1-3][0-9]|4[0-8]))?([[:space:]]+([0-9]{1,3}\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\/(1?[0-9]|2?[0-9]|3?[0-2]))?[[:space:]]*$|[[:space:]]+$|$)/{if(!$2)$2="0.0.0.0/0";if(!seen[$1]++)printf "%s . %s, ",tolower($1),$2}' "${ban_blocklist}" >"${tmp_file}" + printf "%s\n" "add set inet banIP ${feed} { type ether_addr . ipv4_addr; flags interval; auto-merge; policy ${ban_nftpolicy}; $(f_getelements "${tmp_file}") }" + [ -z "${feed_direction##*forwardlan*}" ] && printf "%s\n" "add rule inet banIP lan-forward ether saddr . ip saddr @${feed} counter reject" + elif [ "${proto}" = "6MAC" ]; then + "${ban_awkcmd}" '/^([0-9A-f]{2}:){5}[0-9A-f]{2}(\/([0-9]|[1-3][0-9]|4[0-8]))?([[:space:]]+([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\/(1?[0-2][0-8]|[0-9][0-9]))?[[:space:]]*$|[[:space:]]+$|$)/{if(!$2)$2="::/0";if(!seen[$1]++)printf "%s . %s, ",tolower($1),$2}' "${ban_blocklist}" >"${tmp_file}" + printf "%s\n" "add set inet banIP ${feed} { type ether_addr . ipv6_addr; flags interval; auto-merge; policy ${ban_nftpolicy}; $(f_getelements "${tmp_file}") }" + [ -z "${feed_direction##*forwardlan*}" ] && printf "%s\n" "add rule inet banIP lan-forward ether saddr . ip6 saddr @${feed} counter reject" elif [ "${proto}" = "4" ]; then if [ "${ban_deduplicate}" = "1" ]; then - "${ban_awkcmd}" '/^(([0-9]{1,3}\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{printf "%s,\n",$1}' "${ban_blocklist}" >"${tmp_raw}" + "${ban_awkcmd}" '/^(([0-9]{1,3}\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]].*|$)/{printf "%s,\n",$1}' "${ban_blocklist}" >"${tmp_raw}" "${ban_awkcmd}" 'NR==FNR{member[$0];next}!($0 in member)' "${ban_tmpfile}.deduplicate" "${tmp_raw}" 2>/dev/null >"${tmp_split}" "${ban_awkcmd}" 'BEGIN{FS="[ ,]"}NR==FNR{member[$1];next}!($1 in member)' "${ban_tmpfile}.deduplicate" "${ban_blocklist}" 2>/dev/null >"${tmp_raw}" "${ban_catcmd}" "${tmp_raw}" 2>/dev/null >"${ban_blocklist}" else - "${ban_awkcmd}" '/^(([0-9]{1,3}\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]]|$)/{printf "%s,\n",$1}' "${ban_blocklist}" >"${tmp_split}" + "${ban_awkcmd}" '/^(([0-9]{1,3}\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\/(1?[0-9]|2?[0-9]|3?[0-2]))?)([[:space:]].*|$)/{printf "%s,\n",$1}' "${ban_blocklist}" >"${tmp_split}" fi "${ban_awkcmd}" '{ORS=" ";print}' "${tmp_split}" 2>/dev/null >"${tmp_file}" printf "%s\n" "add set inet banIP ${feed} { type ipv4_addr; flags interval, timeout; auto-merge; policy ${ban_nftpolicy}; $(f_getelements "${tmp_file}") }" @@ -724,14 +733,14 @@ f_down() { [ -z "${feed_direction##*forwardlan*}" ] && printf "%s\n" "add rule inet banIP lan-forward ip daddr @${feed} ${log_forwardlan} counter reject with icmp type admin-prohibited" elif [ "${proto}" = "6" ]; then if [ "${ban_deduplicate}" = "1" ]; then - "${ban_awkcmd}" '!/^([0-9A-f]{2}:){5}[0-9A-f]{2}([[:space:]]|$)/{printf "%s\n",$1}' "${ban_blocklist}" | - "${ban_awkcmd}" '/^(([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\/(1?[0-2][0-8]|[0-9][0-9]))?)([[:space:]]|$)/{printf "%s,\n",tolower($1)}' >"${tmp_raw}" + "${ban_awkcmd}" '!/^([0-9A-f]{2}:){5}[0-9A-f]{2}.*/{printf "%s\n",$1}' "${ban_blocklist}" | + "${ban_awkcmd}" '/^(([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\/(1?[0-2][0-8]|[0-9][0-9]))?)([[:space:]].*|$)/{printf "%s,\n",tolower($1)}' >"${tmp_raw}" "${ban_awkcmd}" 'NR==FNR{member[$0];next}!($0 in member)' "${ban_tmpfile}.deduplicate" "${tmp_raw}" 2>/dev/null >"${tmp_split}" "${ban_awkcmd}" 'BEGIN{FS="[ ,]"}NR==FNR{member[$1];next}!($1 in member)' "${ban_tmpfile}.deduplicate" "${ban_blocklist}" 2>/dev/null >"${tmp_raw}" "${ban_catcmd}" "${tmp_raw}" 2>/dev/null >"${ban_blocklist}" else - "${ban_awkcmd}" '!/^([0-9A-f]{2}:){5}[0-9A-f]{2}([[:space:]]|$)/{printf "%s\n",$1}' "${ban_blocklist}" | - "${ban_awkcmd}" '/^(([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\/(1?[0-2][0-8]|[0-9][0-9]))?)([[:space:]]|$)/{printf "%s,\n",tolower($1)}' >"${tmp_split}" + "${ban_awkcmd}" '!/^([0-9A-f]{2}:){5}[0-9A-f]{2}.*/{printf "%s\n",$1}' "${ban_blocklist}" | + "${ban_awkcmd}" '/^(([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\/(1?[0-2][0-8]|[0-9][0-9]))?)([[:space:]].*|$)/{printf "%s,\n",tolower($1)}' >"${tmp_split}" fi "${ban_awkcmd}" '{ORS=" ";print}' "${tmp_split}" 2>/dev/null >"${tmp_file}" printf "%s\n" "add set inet banIP ${feed} { type ipv6_addr; flags interval, timeout; auto-merge; policy ${ban_nftpolicy}; $(f_getelements "${tmp_file}") }" @@ -1300,10 +1309,10 @@ f_search() { local item table_sets ip proto hold cnt result_flag="/var/run/banIP.search" input="${1}" if [ -n "${input}" ]; then - ip="$(printf "%s" "${input}" | "${ban_awkcmd}" 'BEGIN{RS="(([0-9]{1,3}\\.){3}[0-9]{1,3})+"}{printf "%s",RT}')" + ip="$(printf "%s" "${input}" | "${ban_awkcmd}" 'BEGIN{RS="(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\/(1?[0-9]|2?[0-9]|3?[0-2]))?[[:space:]]*$)"}{printf "%s",RT}')" [ -n "${ip}" ] && proto="v4" if [ -z "${proto}" ]; then - ip="$(printf "%s" "${input}" | "${ban_awkcmd}" 'BEGIN{RS="([A-Fa-f0-9]{1,4}::?){3,7}[A-Fa-f0-9]{1,4}"}{printf "%s",RT}')" + ip="$(printf "%s" "${input}" | "${ban_awkcmd}" 'BEGIN{RS="(([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\/(1?[0-2][0-8]|[0-9][0-9]))?)([[:space:]].*|$)"}{printf "%s",RT}')" [ -n "${ip}" ] && proto="v6" fi fi @@ -1318,10 +1327,7 @@ f_search() { printf " %s\n" "---" cnt="1" for item in ${table_sets}; do - if [ -f "${result_flag}" ]; then - rm -f "${result_flag}" - return - fi + [ -f "${result_flag}" ] && break ( if "${ban_nftcmd}" get element inet banIP "${item}" "{ ${ip} }" >/dev/null 2>&1; then printf " %s\n" "IP found in Set '${item}'" @@ -1333,7 +1339,7 @@ f_search() { cnt="$((cnt + 1))" done wait - printf " %s\n" "IP not found" + [ -f "${result_flag}" ] && rm -f "${result_flag}" || printf " %s\n" "IP not found" } # Set survey diff --git a/net/banip/files/banip-service.sh b/net/banip/files/banip-service.sh index 3f43ef34c..47abf43ca 100755 --- a/net/banip/files/banip-service.sh +++ b/net/banip/files/banip-service.sh @@ -45,7 +45,7 @@ fi # init nft namespace # -if [ "${ban_action}" != "reload" ] || ! "${ban_nftcmd}" -t list set inet banIP allowlistvMAC >/dev/null 2>&1; then +if [ "${ban_action}" != "reload" ] || ! "${ban_nftcmd}" -t list set inet banIP allowlistv4MAC >/dev/null 2>&1; then if f_nftinit "${ban_tmpfile}".init.nft; then f_log "info" "initialize nft namespace" else @@ -56,31 +56,22 @@ fi # handle downloads # f_log "info" "start banIP download processes" -if [ "${ban_allowlistonly}" = "1" ]; then - ban_feed="" -else - f_getfeed - [ "${ban_deduplicate}" = "1" ] && printf "\n" >"${ban_tmpfile}.deduplicate" -fi +[ "${ban_allowlistonly}" = "1" ] && ban_feed="" || f_getfeed +[ "${ban_deduplicate}" = "1" ] && printf "\n" >"${ban_tmpfile}.deduplicate" cnt="1" for feed in allowlist ${ban_feed} blocklist; do - # local feeds + # local feeds (sequential processing) # if [ "${feed}" = "allowlist" ] || [ "${feed}" = "blocklist" ]; then - for proto in MAC 4 6; do + for proto in 4MAC 6MAC 4 6; do [ "${feed}" = "blocklist" ] && wait - (f_down "${feed}" "${proto}") & - [ "${feed}" = "blocklist" ] || { [ "${feed}" = "allowlist" ] && [ "${proto}" = "MAC" ]; } && wait - hold="$((cnt % ban_cores))" - [ "${hold}" = "0" ] && wait - cnt="$((cnt + 1))" + f_down "${feed}" "${proto}" done - wait continue fi - # external feeds + # external feeds (parallel processing on multicore hardware) # if ! json_select "${feed}" >/dev/null 2>&1; then f_log "info" "remove unknown feed '${feed}'" diff --git a/net/bind/Makefile b/net/bind/Makefile index f98a4fd2c..ff397921d 100644 --- a/net/bind/Makefile +++ b/net/bind/Makefile @@ -9,8 +9,8 @@ include $(TOPDIR)/rules.mk PKG_NAME:=bind -PKG_VERSION:=9.18.11 -PKG_RELEASE:=3 +PKG_VERSION:=9.18.16 +PKG_RELEASE:=1 USERID:=bind=57:bind=57 PKG_MAINTAINER:=Noah Meyerhans @@ -22,7 +22,7 @@ PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:= \ https://www.mirrorservice.org/sites/ftp.isc.org/isc/bind9/$(PKG_VERSION) \ https://ftp.isc.org/isc/bind9/$(PKG_VERSION) -PKG_HASH:=8ff3352812230cbcbda42df87cad961f94163d3da457c5e4bef8057fd5df2158 +PKG_HASH:=c88234fe07ee75c3c8a9e59152fee64b714643de8e22cf98da3db4d0b57e0775 PKG_FIXUP:=autoreconf PKG_REMOVE_FILES:=aclocal.m4 libtool.m4 diff --git a/net/cloudflared/Makefile b/net/cloudflared/Makefile index 88f6c5a94..bb4106927 100644 --- a/net/cloudflared/Makefile +++ b/net/cloudflared/Makefile @@ -5,12 +5,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=cloudflared -PKG_VERSION:=2023.5.1 +PKG_VERSION:=2023.6.1 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/cloudflare/cloudflared/tar.gz/$(PKG_VERSION)? -PKG_HASH:=ee2c2a4b0c290c39475f79ab74972dfbce817df8e5090813cad0e58f33836194 +PKG_HASH:=7f7509bb364f107541dc810410b763721c39cdfab85799080ccae96d1c4a9cff PKG_LICENSE:=Apache-2.0 PKG_LICENSE_FILES:=LICENSE diff --git a/net/coova-chilli/Makefile b/net/coova-chilli/Makefile index b96fccbc1..97d2acf38 100644 --- a/net/coova-chilli/Makefile +++ b/net/coova-chilli/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=coova-chilli PKG_VERSION:=1.6 -PKG_RELEASE:=9.1 +PKG_RELEASE:=10 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/coova/coova-chilli/tar.gz/$(PKG_VERSION)? diff --git a/net/coova-chilli/patches/011-kernel517.patch b/net/coova-chilli/patches/011-kernel517.patch new file mode 100644 index 000000000..e66a7c147 --- /dev/null +++ b/net/coova-chilli/patches/011-kernel517.patch @@ -0,0 +1,34 @@ +From: John Thomson +Date: 21 Oct 2022 13:00:00 +1000 +Subject: [PATCH] xt_coova: fix kernel>=5.17 + +Linux kernel 5.17 removed PDE_DATA, and replaced it with pde_data [0] + +[0]: https://github.com/torvalds/linux/commit/359745d78351c6f5442435f81549f0207ece28aa + +Signed-off-by: John Thomson + +--- a/src/linux/xt_coova.c ++++ b/src/linux/xt_coova.c +@@ -470,7 +470,9 @@ static int coova_seq_open(struct inode * + if (st == NULL) + return -ENOMEM; + +-#if LINUX_VERSION_CODE >= KERNEL_VERSION(3,10,0) ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(5,17,0) ++ st->table = pde_data(inode); ++#elif LINUX_VERSION_CODE >= KERNEL_VERSION(3,10,0) + st->table = PDE_DATA(inode); + #else + st->table = pde->data; +@@ -482,7 +484,9 @@ static ssize_t + coova_mt_proc_write(struct file *file, const char __user *input, + size_t size, loff_t *loff) + { +-#if LINUX_VERSION_CODE >= KERNEL_VERSION(3,10,0) ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(5,17,0) ++ struct coova_table *t = pde_data(file_inode(file)); ++#elif LINUX_VERSION_CODE >= KERNEL_VERSION(3,10,0) + struct coova_table *t = PDE_DATA(file_inode(file)); + #else + const struct proc_dir_entry *pde = PDE(file->f_path.dentry->d_inode); diff --git a/net/dnsdist/Config.in b/net/dnsdist/Config.in new file mode 100644 index 000000000..7eaec7ae9 --- /dev/null +++ b/net/dnsdist/Config.in @@ -0,0 +1,202 @@ +menu "Configuration" + depends on PACKAGE_dnsdist + + comment "SSL Support" + choice + prompt "Selected SSL library" + default DNSDIST_OPENSSL + + config DNSDIST_GNUTLS + bool "GnuTLS" + + config DNSDIST_OPENSSL + bool "OpenSSL" + + config DNSDIST_NOSSL + bool "No SSL support" + + endchoice + + comment "DNS over HTTPS/TLS Support" + depends on !DNSDIST_NOSSL + + config DNSDIST_DNS_OVER_HTTPS + depends on DNSDIST_OPENSSL + depends on !DNSDIST_NOSSL + bool "DNS over HTTPS Support" + help + "Enables DNS over HTTPS Support for dnsdist" + default y + + config DNSDIST_DNS_OVER_HTTPS_OUTGOING + depends on DNSDIST_OPENSSL + depends on !DNSDIST_NOSSL + bool "Outgoing DNS over HTTPS Support" + help + "Enables Outgoing DNS over HTTPS Support for dnsdist" + default y + + config DNSDIST_DNS_OVER_TLS + depends on !DNSDIST_NOSSL + bool "DNS over TLS Support" + help + "Enabled DNS over TLS Support for dnsdist" + default y + + config DNSDIST_CARBON + bool "CARBON support" + help + "Enable Carbon (Graphite) support for dnsdist" + default n + + config DNSDIST_LMDB + bool "LMDB support" + help + "Enable LMDB support for dnsdist" + default n + + config DNSDIST_COMPLETION + bool "Console completion support" + help + "Enable console completion for dnsdist" + default n + + config DNSDIST_DEBUG_SYMBOLS + bool "Debug symbols" + help + "Enable debug symbols in the dnsdist binary" + default n + + config DNSDIST_DELAY_PIPE + bool "Delay action support" + help + "Enable delay action support for dnsdist" + default n + + config DNSDIST_DYNBLOCKS + bool "Dynamic blocks support" + help + "Enable dynamic blocks support for dnsdist" + default n + + config DNSDIST_DNSTAP + bool "DNSTAP support" + help + "Enable DNSTAP support for dnsdist" + default n + + config DNSDIST_EBPF + bool "eBPF support" + help + "Enable eBPF support for dnsdist" + default n + + config DNSDIST_ECS_ACTIONS + bool "ECS actions" + help + "Enable actions that control EDNS Client Subnet support for dnsdist" + default n + + config DNSDIST_HASHED + bool "Hashed credentials" + help + "Enable credentials hashing support for dnsdist" + default n + + config DNSDIST_IPCIPHER + bool "IP cipher support" + help + "Enable IP cipher support for dnsdist" + default n + + config DNSDIST_LIBEDIT + bool "Build with libedit" + help + "Build with libedit - for completion, history and line editing" + default n + + config DNSDIST_LMDB + bool "LMDB support" + help + "Enable LMDB support for dnsdist" + default n + + config DNSDIST_LUA_ADVANCED + bool "Lua advanced bindings" + help + "Enable Lua bindings for queries and responses manipulation in dnsdist" + default n + + config DNSDIST_MAC + bool "MAC address support" + help + "Enable MAC address in ring buffers support for dnsdist" + default y + + config DNSDIST_NET_SNMP + bool "Net-SNMP support" + help + "Enable Net-SNMP support for dnsdist" + default n + + config DNSDIST_OCSP_STAPLING + bool "OCSP Stapling support" + help + "Enable OCSP Stapling support for dnsdist" + default n + + config DNSDIST_PIE + bool "Position Independent Executable" + help + "Build dnsdist as a Position-Independent executable. This is required to benefit from ASLR, but significantly increases the required disk space and memory usage" + default n + + config DNSDIST_PROTOBUF + bool "Protobuf support" + help + "Enable exporting queries and responses over Protocol Buffer for dnsdist" + default n + + config DNSDIST_PROMETHEUS + bool "Prometheus support" + help + "Enable Prometheus support for dnsdist" + default n + + config DNSDIST_RE2 + bool "RE2 support" + help + "Enable RE2 support for dnsdist" + default n + + config DNSDIST_RULES_ALTER + bool "Rules altering queries" + help + "Enable rules altering queries for dnsdist" + default n + + config DNSDIST_SECPOLL + bool "Security polling" + help + "Enable security polling support for dnsdist" + default n + + config DNSDIST_SODIUM + bool "Build with libsodium" + help + "Build with libsodium - for encrypted console connections, and DNSCrypt" + default n + + config DNSDIST_TOP_N + bool "Top N bindings" + help + "Enable bindings to get the top N queries and responses in dnsdist" + default n + + config DNSDIST_WEB + bool "Internal web server" + help + "Enable support for the internal web server in dnsdist" + default n + +endmenu diff --git a/net/dnsdist/Makefile b/net/dnsdist/Makefile index 33ff21eea..52d1373e9 100644 --- a/net/dnsdist/Makefile +++ b/net/dnsdist/Makefile @@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dnsdist PKG_VERSION:=1.8.0 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=https://downloads.powerdns.com/releases/ @@ -16,7 +16,6 @@ PKG_CPE_ID:=cpe:/a:powerdns:dnsdist PKG_INSTALL:=1 PKG_BUILD_PARALLEL:=1 -PKG_ASLR_PIE:=0 PKG_BUILD_DEPENDS:=boost PKG_CONFIG_DEPENDS:= \ @@ -25,138 +24,42 @@ PKG_CONFIG_DEPENDS:= \ include $(INCLUDE_DIR)/package.mk -define Package/dnsdist/config -menu "Configuration" - depends on PACKAGE_dnsdist - - comment "SSL Support" - choice - prompt "Selected SSL library" - default DNSDIST_OPENSSL - - config DNSDIST_OPENSSL - bool "OpenSSL" - - config DNSDIST_GNUTLS - bool "GnuTLS" - - config DNSDIST_NOSSL - bool "No SSL support" - - endchoice - - comment "DNS over HTTPS/TLS Support" - depends on !DNSDIST_NOSSL - - config DNSDIST_DNS_OVER_HTTPS - depends on DNSDIST_OPENSSL - depends on !DNSDIST_NOSSL - bool "DNS over HTTPS Support" - help - "Enables DNS over HTTPS Support for dnsdist" - default y - - config DNSDIST_DNS_OVER_HTTPS_OUTGOING - depends on !DNSDIST_NOSSL - bool "Outgoing DNS over HTTPS Support" - help - "Enables Outgoing DNS over HTTPS Support for dnsdist" - default y - - config DNSDIST_DNS_OVER_TLS - depends on !DNSDIST_NOSSL - bool "DNS over TLS Support" - help - "Enabled DNS over TLS Support for dnsdist" - default y - - config DNSDIST_NET_SNMP - bool "Net-SNMP support" - help - "Enable Net-SNMP support for dnsdist" - default y - - config DNSDIST_RE2 - bool "RE2 support" - help - "Enable RE2 support for dnsdist" - default y - - config DNSDIST_DNSTAP - bool "DNSTAP support" - help - "Enable DNSTAP support for dnsdist" - default y - - config DNSDIST_SODIUM - bool "Build with libsodium" - help - "Build with libsodium - for encrypted console connections, and DNSCrypt" - default y -endmenu -endef - -define Package/dnsdist +define Package/dnsdist/Default SECTION:=net CATEGORY:=Network SUBMENU:=IP Addresses and Names - TITLE:=dnsdist DNS-, DOS- and abuse-aware loadbalancer + TITLE:=dnsdist DNS-, DOS- and abuse-aware loadbalancer $(2) + USERID:=dnsdist:dnsdist DEPENDS:= \ - +DNSDIST_DNS_OVER_HTTPS:libh2o-evloop \ - +DNSDIST_DNS_OVER_HTTPS_OUTGOING:libnghttp2 \ - +DNSDIST_GNUTLS:libgnutls \ - +DNSDIST_OPENSSL:libopenssl \ - +DNSDIST_NET_SNMP:libnetsnmp \ - +DNSDIST_RE2:re2 \ - +DNSDIST_DNSTAP:libfstrm \ - +DNSDIST_SODIUM:libsodium \ + +ca-bundle \ +libatomic \ +libcap \ - +libedit \ +libstdcpp \ - +lmdb \ - +luajit \ - +tinycdb + +luajit URL:=https://dnsdist.org/ + VARIANT:=$(1) + PROVIDES:=dnsdist endef -define Package/dnsdist/description +define Package/dnsdist/description/Default dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life is to route traffic to the best server, delivering top performance to legitimate users while shunting or blocking abusive traffic. endef -define Package/dnsdist/conffiles +define Package/dnsdist/conffiles/Default /etc/dnsdist.conf /etc/config/dnsdist /etc/init.d/dnsdist endef -# not everything groks --disable-nls -DISABLE_NLS:= +define Package/dnsdist/config + source "$(SOURCE)/Config.in" +endef -# OpenWRT's setting of CXX destroys dnsdist's -std=c++17 -# --with-re2 compensates for that because it compensates for a bug in re2.pc that also destroys it -# so this addition is for the --without-re2 case -# -# none of this is pretty -TARGET_CXX+=-std=c++17 - -CONFIGURE_ARGS+= \ - --with-pic \ - --with-lua=luajit \ - $(if $(CONFIG_DNSDIST_SODIUM),--enable-dnscrypt --with-libsodium,--disable-dnscrypt --without-libsodium) \ - $(if $(CONFIG_DNSDIST_DNSTAP),--enable-dnstap=yes,--enable-dnstap=no) \ - $(if $(CONFIG_DNSDIST_RE2),--with,--without)-re2 \ - $(if $(CONFIG_DNSDIST_NET_SNMP),--with,--without)-net-snmp \ - $(if $(CONFIG_DNSDIST_GNUTLS),--with,--without)-gnutls \ - $(if $(CONFIG_DNSDIST_OPENSSL),--with,--without)-libssl \ - $(if $(CONFIG_DNSDIST_DNS_OVER_TLS),--enable-dns-over-tls,) \ - $(if $(CONFIG_DNSDIST_DNS_OVER_HTTPS),--enable-dns-over-https,) \ - $(if $(CONFIG_DNSDIST_DNS_OVER_HTTPS_OUTGOING),--with,--without)-nghttp2 - -define Package/dnsdist/install +define Package/dnsdist/install/Default $(INSTALL_DIR) $(1)/etc + $(INSTALL_DIR) $(1)/etc/dnsdist.conf.d $(INSTALL_CONF) ./files/dnsdist.conf $(1)/etc/dnsdist.conf $(INSTALL_DIR) $(1)/etc/config $(INSTALL_CONF) ./files/dnsdist.config $(1)/etc/config/dnsdist @@ -166,4 +69,103 @@ define Package/dnsdist/install $(INSTALL_BIN) $(PKG_BUILD_DIR)/dnsdist $(1)/usr/bin/ endef +define Package/dnsdist + $(call Package/dnsdist/Default,mini,- minimal version with a restricted feature set) + DEPENDS+= \ + +DNSDIST_LIBEDIT:libedit \ + +DNSDIST_DNSTAP:libfstrm \ + +DNSDIST_GNUTLS:libgnutls \ + +DNSDIST_DNS_OVER_HTTPS:libh2o-evloop \ + +DNSDIST_NET_SNMP:libnetsnmp \ + +DNSDIST_DNS_OVER_HTTPS_OUTGOING:libnghttp2 \ + +DNSDIST_OPENSSL:libopenssl \ + +DNSDIST_SODIUM:libsodium \ + +DNSDIST_LMDB:lmdb \ + +DNSDIST_CDB:tinycdb \ + +DNSDIST_RE2:re2 +endef + +Package/dnsdist/description=$(call Package/dnsdist/description/Default) +Package/dnsdist/conffiles=$(call Package/dnsdist/conffiles/Default) +Package/dnsdist/install=$(call Package/dnsdist/install/Default,$1) + +define Package/dnsdist-full + $(call Package/dnsdist/Default,full,- full version with all the features built in) + DEPENDS+= \ + +libedit \ + +libfstrm \ + +libgnutls \ + +libh2o-evloop \ + +libnetsnmp \ + +libnghttp2 \ + +libopenssl \ + +libsodium \ + +lmdb \ + +tinycdb \ + +re2 +endef +Package/dnsdist-full/description=$(call Package/dnsdist/description/Default) +Package/dnsdist-full/conffiles=$(call Package/dnsdist/conffiles/Default) +Package/dnsdist-full/install=$(call Package/dnsdist/install/Default,$1) + +# not everything groks --disable-nls +DISABLE_NLS:= + +# disable PIE for this package, see CONFIG_DNSDIST_PIE +PKG_ASLR_PIE:=0 + +ifneq ($(CONFIG_DNSDIST_DEBUG_SYMBOLS),) + RSTRIP:=: + STRIP:=: +endif + +IsEnabled = $(or $(filter full,$(BUILD_VARIANT)),$(CONFIG_$(1))) + +# OpenWRT's setting of CXX destroys dnsdist's -std=c++17 +# --with-re2 compensates for that because it compensates for a bug in re2.pc that also destroys it +# so this addition is for the --without-re2 case +# +# none of this is pretty +TARGET_CXX+=-std=c++17 +TARGET_CFLAGS+=-Os -fvisibility=hidden -flto -fno-ipa-cp -DNDEBUG +TARGET_CXXFLAGS+=-Os -fvisibility=hidden -flto -fno-ipa-cp -DNDEBUG \ + -DDISABLE_DEPRECATED_DYNBLOCK -DDISABLE_RECVMMSG -DDISABLE_NPN -DDISABLE_FALSE_SHARING_PADDING -DUSE_SINGLE_ACCEPTOR_THREAD -DOPENSSL_NO_ENGINE -DDISABLE_OPENSSL_ERROR_STRINGS \ + $(if $(call IsEnabled,DNSDIST_CARBON),,-DDISABLE_CARBON) \ + $(if $(call IsEnabled,DNSDIST_COMPLETION),,-DDISABLE_COMPLETION) \ + $(if $(call IsEnabled,DNSDIST_DEBUG_SYMBOLS),-g3,) \ + $(if $(call IsEnabled,DNSDIST_DELAY_PIPE),,-DDISABLE_DELAY_PIPE) \ + $(if $(call IsEnabled,DNSDIST_DYNBLOCKS),,-DDISABLE_DYNBLOCKS) \ + $(if $(call IsEnabled,DNSDIST_ECS_ACTIONS),,-DDISABLE_ECS_ACTIONS) \ + $(if $(call IsEnabled,DNSDIST_HASHED),,-DDISABLE_HASHED_CREDENTIALS) \ + $(if $(call IsEnabled,DNSDIST_LUA_ADVANCED),,-DDISABLE_NON_FFI_DQ_BINDINGS -DDISABLE_POLICIES_BINDINGS -DDISABLE_DOWNSTREAM_BINDINGS -DDISABLE_DNSHEADER_BINDINGS -DDISABLE_COMBO_ADDR_BINDINGS -DDISABLE_QPS_LIMITER_BINDINGS -DDISABLE_PACKETCACHE_BINDINGS -DDISABLE_CLIENT_STATE_BINDINGS -DDISABLE_DNSPACKET_BINDINGS -DDISABLE_LUA_BINDINGS_RINGS) \ + $(if $(call IsEnabled,DNSDIST_MAC),-DDNSDIST_RINGS_WITH_MACADDRESS,) \ + $(if $(call IsEnabled,DNSDIST_OCSP_STAPLING),,-DDISABLE_OCSP_STAPLING) \ + $(if $(call IsEnabled,DNSDIST_PROTOBUF),,-DDISABLE_PROTOBUF) \ + $(if $(call IsEnabled,DNSDIST_PROMETHEUS),,-DDISABLE_PROMETHEUS) \ + $(if $(call IsEnabled,DNSDIST_RULES_ALTER),,-DDISABLE_RULES_ALTERING_QUERIES) \ + $(if $(call IsEnabled,DNSDIST_SECPOLL),,-DDISABLE_SECPOLL) \ + $(if $(call IsEnabled,DNSDIST_TOP_N),,-DDISABLE_TOP_N_BINDINGS) \ + $(if $(call IsEnabled,DNSDIST_WEB),,-DDISABLE_WEB_CONFIG -DDISABLE_BUILTIN_HTML -DDISABLE_LUA_WEB_HANDLERS) + +CONFIGURE_ARGS+= \ + --with-pic \ + --with-lua=luajit \ + --with-libcap \ + $(if $(call IsEnabled,DNSDIST_PIE),,--disable-hardening) \ + $(if $(call IsEnabled,DNSDIST_SODIUM),--enable-dnscrypt --with-libsodium,--disable-dnscrypt --without-libsodium) \ + $(if $(call IsEnabled,DNSDIST_DNSTAP),--enable-dnstap=yes,--enable-dnstap=no) \ + $(if $(call IsEnabled,DNSDIST_RE2),--with,--without)-re2 \ + $(if $(call IsEnabled,DNSDIST_NET_SNMP),--with,--without)-net-snmp \ + $(if $(call IsEnabled,DNSDIST_GNUTLS),--with,--without)-gnutls \ + $(if $(call IsEnabled,DNSDIST_OPENSSL),--with,--without)-libssl \ + $(if $(call IsEnabled,DNSDIST_DNS_OVER_TLS),--enable-dns-over-tls,) \ + $(if $(call IsEnabled,DNSDIST_CDB),--with,--without)-cdb \ + $(if $(call IsEnabled,DNSDIST_LMDB),--with,--without)-lmdb \ + $(if $(call IsEnabled,DNSDIST_LIBEDIT),--with,--without)-libedit \ + $(if $(call IsEnabled,DNSDIST_IPCIPHER),--enable,--disable)-ipcipher \ + $(if $(call IsEnabled,DNSDIST_EBPF),--with,--without)-ebpf \ + $(if $(call IsEnabled,DNSDIST_DNS_OVER_HTTPS),--enable-dns-over-https,) \ + $(if $(call IsEnabled,DNSDIST_DNS_OVER_HTTPS_OUTGOING),--with,--without)-nghttp2 + $(eval $(call BuildPackage,dnsdist)) +$(eval $(call BuildPackage,dnsdist-full)) diff --git a/net/dnsproxy/Makefile b/net/dnsproxy/Makefile index 754da1d68..5832087cf 100644 --- a/net/dnsproxy/Makefile +++ b/net/dnsproxy/Makefile @@ -5,12 +5,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dnsproxy -PKG_VERSION:=0.50.2 +PKG_VERSION:=0.51.0 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/AdguardTeam/dnsproxy/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=f65764a196508bc134e05cdb9d282b790641dfe0e8e8aa99b01544317f791487 +PKG_HASH:=230f13bcfe48a650c0ffd0574092fd956f5fb6351c622ae869d2bd0058a539b4 PKG_MAINTAINER:=Tianling Shen PKG_LICENSE:=Apache-2.0 diff --git a/net/haproxy/Makefile b/net/haproxy/Makefile index 70b776f6a..217684d71 100644 --- a/net/haproxy/Makefile +++ b/net/haproxy/Makefile @@ -10,12 +10,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=haproxy -PKG_VERSION:=2.6.13 +PKG_VERSION:=2.8.1 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=https://www.haproxy.org/download/2.6/src -PKG_HASH:=d69ff5233dbca657132ef280d111222ec1e33f5be1c1937d4e9ff516f63f5243 +PKG_SOURCE_URL:=https://www.haproxy.org/download/2.8/src +PKG_HASH:=485552fcd9d5d5f41aad046f131fc0a7e849bef25a349a040750af0c6fc56807 PKG_MAINTAINER:=Thomas Heil , \ Christian Lachner diff --git a/net/haproxy/get-latest-patches.sh b/net/haproxy/get-latest-patches.sh index 2e312cc0a..e36680e64 100755 --- a/net/haproxy/get-latest-patches.sh +++ b/net/haproxy/get-latest-patches.sh @@ -1,7 +1,7 @@ #!/bin/sh -CLONEURL=https://git.haproxy.org/git/haproxy-2.6.git -BASE_TAG=v2.6.13 +CLONEURL=https://git.haproxy.org/git/haproxy-2.8.git +BASE_TAG=v2.8.1 TMP_REPODIR=tmprepo PATCHESDIR=patches diff --git a/net/https-dns-proxy/Makefile b/net/https-dns-proxy/Makefile index af172e4af..ce7d70eeb 100644 --- a/net/https-dns-proxy/Makefile +++ b/net/https-dns-proxy/Makefile @@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=https-dns-proxy PKG_VERSION:=2023-05-25 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://github.com/aarond10/https_dns_proxy/ diff --git a/net/https-dns-proxy/files/https-dns-proxy.init b/net/https-dns-proxy/files/https-dns-proxy.init index 1495592e0..d63dad9c5 100755 --- a/net/https-dns-proxy/files/https-dns-proxy.init +++ b/net/https-dns-proxy/files/https-dns-proxy.init @@ -133,7 +133,7 @@ boot() { } start_instance() { - local cfg="$1" param listen_addr listen_port ipv6_resolvers_only p url + local cfg="$1" param listen_addr listen_port ipv6_resolvers_only p url iface config_get url "$cfg" 'resolver_url' config_get_bool ipv6_resolvers_only "$cfg" 'use_ipv6_resolvers_only' '0' @@ -158,32 +158,36 @@ start_instance() { procd_set_param stdout 1 procd_set_param respawn procd_open_data - procd_add_mdns_service "$packageName" 'udp' "$port" "DNS over HTTPS proxy" + json_add_object mdns + procd_add_mdns_service "$packageName" 'udp' "$port" "DNS over HTTPS proxy" + json_close_object json_add_string url "$url" if [ "$force_dns" -ne 0 ]; then json_add_array firewall - for p in $force_dns_port; do - if netstat -tuln | grep 'LISTEN' | grep ":${p}" >/dev/null 2>&1 || [ "$p" = '53' ]; then - json_add_object '' - json_add_string type redirect - json_add_string target DNAT - json_add_string src lan - json_add_string proto 'tcp udp' - json_add_string src_dport "$p" - json_add_string dest_port "$p" - json_add_string family any - json_add_boolean reflection 0 - json_close_object - else - json_add_object '' - json_add_string type rule - json_add_string src lan - json_add_string dest '*' - json_add_string proto 'tcp udp' - json_add_string dest_port "$p" - json_add_string target REJECT - json_close_object - fi + for iface in $procd_fw_src_interfaces; do + for p in $force_dns_port; do + if netstat -tuln | grep 'LISTEN' | grep ":${p}" >/dev/null 2>&1 || [ "$p" = '53' ]; then + json_add_object '' + json_add_string type redirect + json_add_string target DNAT + json_add_string src "$iface" + json_add_string proto 'tcp udp' + json_add_string src_dport "$p" + json_add_string dest_port "$p" + json_add_string family any + json_add_boolean reflection 0 + json_close_object + else + json_add_object '' + json_add_string type rule + json_add_string src "$iface" + json_add_string dest '*' + json_add_string proto 'tcp udp' + json_add_string dest_port "$p" + json_add_string target REJECT + json_close_object + fi + done done json_close_array fi @@ -216,14 +220,17 @@ start_instance() { start_service() { local canaryDomains canary_domains_icloud canary_domains_mozilla local dnsmasq_config_update force_dns force_dns_port + local procd_fw_src_interfaces + local port=5053 output "Starting $serviceName " config_load "$packageName" - config_get dnsmasq_config_update 'config' 'dnsmasq_config_update' '*' - config_get_bool canary_domains_icloud 'config' 'canary_domains_icloud' '1' - config_get_bool canary_domains_mozilla 'config' 'canary_domains_mozilla' '1' - config_get_bool force_dns 'config' 'force_dns' '1' - config_get force_dns_port 'config' 'force_dns_port' '53 853' + config_get_bool canary_domains_icloud 'config' 'canary_domains_icloud' '1' + config_get_bool canary_domains_mozilla 'config' 'canary_domains_mozilla' '1' + config_get_bool force_dns 'config' 'force_dns' '1' + config_get dnsmasq_config_update 'config' 'dnsmasq_config_update' '*' + config_get force_dns_port 'config' 'force_dns_port' '53 853' + config_get procd_fw_src_interfaces 'config' 'procd_fw_src_interfaces' 'lan' if [ "$canary_domains_icloud" -ne 0 ]; then canaryDomains="${canaryDomains:+$canaryDomains }${canaryDomainsiCloud}" fi diff --git a/net/inadyn/Makefile b/net/inadyn/Makefile index f6f6421ec..9cba4adcc 100644 --- a/net/inadyn/Makefile +++ b/net/inadyn/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=inadyn -PKG_VERSION:=2.9.1 +PKG_VERSION:=2.11.0 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://github.com/troglobit/inadyn/releases/download/v$(PKG_VERSION) -PKG_HASH:=0094d20cfcd431674b8d658e93169c7589bf8f2b351b2860818a1ca05f0218c5 +PKG_HASH:=9c8b2a425acb9681564e9fc25a319f2109c7d2ebe1ffe99b06d4a722efb6ecba PKG_MAINTAINER:= PKG_LICENSE:=GPL-2.0-or-later diff --git a/net/isc-dhcp/Makefile b/net/isc-dhcp/Makefile index b326d48a0..d35609e38 100644 --- a/net/isc-dhcp/Makefile +++ b/net/isc-dhcp/Makefile @@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=isc-dhcp UPSTREAM_NAME:=dhcp PKG_VERSION:=4.4.3-P1 -PKG_RELEASE:=1 +PKG_RELEASE:=3 PKG_LICENSE:=BSD-3-Clause PKG_LICENSE_FILES:=LICENSE diff --git a/net/isc-dhcp/files/dhcpd.init b/net/isc-dhcp/files/dhcpd.init index 7eb3dc3af..fd036c6ea 100755 --- a/net/isc-dhcp/files/dhcpd.init +++ b/net/isc-dhcp/files/dhcpd.init @@ -274,6 +274,7 @@ static_srvhosts() { static_host_add() { local cfg="$1" local broadcast hostid macn macs mac name ip ips revip leasetime + local force_send extra_options option config_get macs "$cfg" "mac" [ -n "$macs" ] || return 0 @@ -296,6 +297,23 @@ static_host_add() { hex_to_hostid hostid "$hostid" || return 1 fi + config_get force_send "$cfg" "force_send" + extra_options= + local _IFS="$IFS" IFS=',' + for option in $force_send; do + case "$option" in + hostname) + extra_options="$extra_options${extra_options:+ }0c" ;; + domain-name) + extra_options="$extra_options${extra_options:+ }0f" ;; + fqdn) + extra_options="$extra_options${extra_options:+ }51" ;; + *) + echo "unknown option: $option" >&2 ;; + esac + done + IFS="$_IFS" + macn=0 for mac in $macs; do macn=$(( macn + 1 )) @@ -328,6 +346,9 @@ static_host_add() { fi config_list_foreach "$cfg" "routes" append_routes config_list_foreach "$cfg" "dhcp_option" append_dhcp_options + if [ -n "$extra_options" ]; then + echo -e " if exists dhcp-parameter-request-list {\n option dhcp-parameter-request-list = concat(option dhcp-parameter-request-list, $extra_options);\n }" + fi echo "}" done @@ -348,7 +369,9 @@ gen_dhcp_subnet() { local cfg="$1" echo "subnet $NETWORK netmask $NETMASK {" - echo " range $START $END;" + if [ -n "$START" ] && [ -n "$END" ]; then + echo " range $START $END;" + fi echo " option subnet-mask $netmask;" if [ "$BROADCAST" != "0.0.0.0" ] ; then echo " option broadcast-address $BROADCAST;" @@ -387,10 +410,13 @@ dhcpd_add() { [ -n "$net" ] || return 0 config_get start "$cfg" "start" - [ -n "$start" ] || return 0 - config_get limit "$cfg" "limit" - [ -n "$limit" ] || return 0 + + case "$start:$limit" in + ":*"|"*:") + echo "dhcpd: start/limit must be used together in $cfg" >&2 + return 0 + esac network_get_subnet subnet "$net" || return 0 network_get_device ifname "$net" || return 0 diff --git a/net/knot/Makefile b/net/knot/Makefile index c9797cc16..3ed0c35bf 100644 --- a/net/knot/Makefile +++ b/net/knot/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=knot -PKG_VERSION:=3.2.7 +PKG_VERSION:=3.2.8 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://secure.nic.cz/files/knot-dns/ -PKG_HASH:=d3b7872ac8aa80f7f54ddb1bb3b1e2f90ec55f7270a2c4a9338eab42b7d2767b +PKG_HASH:=ef419a428f327def77780bc90eda763b51e6121fe548543da84b9eb96a261a6e PKG_MAINTAINER:=Daniel Salzman PKG_LICENSE:=GPL-3.0 LGPL-2.0 0BSD BSD-3-Clause OLDAP-2.8 diff --git a/net/krb5/Makefile b/net/krb5/Makefile index e02337b50..c3d0e5fd6 100644 --- a/net/krb5/Makefile +++ b/net/krb5/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=krb5 -PKG_VERSION:=1.20.1 +PKG_VERSION:=1.21 PKG_RELEASE:=1 PKG_MAINTAINER:=W. Michael Petullo @@ -18,8 +18,8 @@ PKG_LICENSE_FILES:=NOTICE PKG_CPE_ID:=cpe:/a:mit:kerberos PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=https://web.mit.edu/kerberos/dist/krb5/1.20 -PKG_HASH:=704aed49b19eb5a7178b34b2873620ec299db08752d6a8574f95d41879ab8851 +PKG_SOURCE_URL:=https://web.mit.edu/kerberos/dist/krb5/1.21 +PKG_HASH:=69f8aaff85484832df67a4bbacd99b9259bd95aab8c651fbbe65cdc9620ea93b PKG_BUILD_PARALLEL:=1 PKG_INSTALL:=1 diff --git a/net/linuxptp/Makefile b/net/linuxptp/Makefile index 762d5db6d..ca1732c25 100644 --- a/net/linuxptp/Makefile +++ b/net/linuxptp/Makefile @@ -8,15 +8,15 @@ include $(TOPDIR)/rules.mk PKG_NAME:=linuxptp -PKG_VERSION:=3.1.1 -PKG_RELEASE:=2 +PKG_VERSION:=4.0 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tgz PKG_SOURCE_URL:=@SF/$(PKG_NAME)/v$(PKG_VERSION) -PKG_HASH:=94d6855f9b7f2d8e9b0ca6d384e3fae6226ce6fc012dbad02608bdef3be1c0d9 +PKG_HASH:=d27d5ef296bb3d285e22e69f75ae023b4b42a2f4655130d6d390d8afcbc3d933 PKG_MAINTAINER:=Wojciech Dubowik -PKG_LICENSE:=GPL-2.0 +PKG_LICENSE:=GPL-2.0-only PKG_LICENSE_FILES:=COPYING include $(INCLUDE_DIR)/package.mk diff --git a/net/linuxptp/patches/010-64bit.patch b/net/linuxptp/patches/010-64bit.patch index 043c35e59..3529978dd 100644 --- a/net/linuxptp/patches/010-64bit.patch +++ b/net/linuxptp/patches/010-64bit.patch @@ -1,5 +1,5 @@ ---- a/ts2phc_slave.c -+++ b/ts2phc_slave.c +--- a/ts2phc_pps_sink.c ++++ b/ts2phc_pps_sink.c @@ -4,6 +4,9 @@ * @note Copyright (C) 2019 Balint Ferencz * @note SPDX-License-Identifier: GPL-2.0+ diff --git a/net/modemmanager/Makefile b/net/modemmanager/Makefile index a79f65f67..3c021b44d 100644 --- a/net/modemmanager/Makefile +++ b/net/modemmanager/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=modemmanager PKG_SOURCE_VERSION:=1.20.6 -PKG_RELEASE:=1 +PKG_RELEASE:=3 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://gitlab.freedesktop.org/mobile-broadband/ModemManager.git diff --git a/net/modemmanager/files/modemmanager.common b/net/modemmanager/files/modemmanager.common index 6367eb32b..a931717fd 100644 --- a/net/modemmanager/files/modemmanager.common +++ b/net/modemmanager/files/modemmanager.common @@ -273,6 +273,14 @@ mm_report_event() { local subsystem="$3" local sysfspath="$4" + # Do not save virtual devices + local virtual + virtual="$(echo "$sysfspath" | cut -d'/' -f4)" + [ "$virtual" = "virtual" ] && { + mm_log "debug" "sysfspath is a virtual device ($sysfspath)" + return + } + # Track/untrack events in cache case "${action}" in "add") diff --git a/net/modemmanager/files/modemmanager.proto b/net/modemmanager/files/modemmanager.proto index e6ec9e203..2a61f5178 100755 --- a/net/modemmanager/files/modemmanager.proto +++ b/net/modemmanager/files/modemmanager.proto @@ -368,11 +368,6 @@ proto_modemmanager_setup() { proto_set_available "${interface}" 0 return 1 } - [ -e "${device}" ] || { - echo "Device not found in sysfs" - proto_set_available "${interface}" 0 - return 1 - } # validate that ModemManager is handling the modem at the sysfs path modemstatus=$(mmcli --modem="${device}" --output-keyvalue) diff --git a/net/netbird/Makefile b/net/netbird/Makefile index 30d6e1386..d5c5ab722 100644 --- a/net/netbird/Makefile +++ b/net/netbird/Makefile @@ -1,12 +1,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=netbird -PKG_VERSION:=0.21.1 +PKG_VERSION:=0.21.7 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/netbirdio/netbird/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=e305bd2f49565e365a5022f0f0e9e9cabf273718fe2aec5f2380ef9a4d528b6e +PKG_HASH:=f2a18a6b9e6af15c182fd023cc47aecb2062d3da586820746f4987856d20f0ac PKG_MAINTAINER:=Oskari Rauta PKG_LICENSE:=BSD-3-Clause @@ -18,7 +18,7 @@ PKG_BUILD_FLAGS:=no-mips16 GO_PKG:=github.com/netbirdio/netbird GO_PKG_BUILD_PKG:=$(GO_PKG)/client -GO_PKG_LDFLAGS_X:=$(GO_PKG)/client/system.version=$(PKG_VERSION) +GO_PKG_LDFLAGS_X:=$(GO_PKG)/version.version=$(PKG_VERSION) include $(INCLUDE_DIR)/package.mk include ../../lang/golang/golang-package.mk @@ -40,6 +40,10 @@ define Package/netbird/description gateways, and so forth. endef +define Package/netbird/conffiles +/etc/netbird/config.json +endef + define Package/netbird/install $(call GoPackage/Package/Install/Bin,$(PKG_INSTALL_DIR)) $(INSTALL_DIR) $(1)/usr/bin $(1)/etc/init.d diff --git a/net/netsniff-ng/Makefile b/net/netsniff-ng/Makefile index aa6dfc420..60f228043 100644 --- a/net/netsniff-ng/Makefile +++ b/net/netsniff-ng/Makefile @@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=netsniff-ng PKG_VERSION:=0.6.8 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/netsniff-ng/netsniff-ng/tar.gz/v$(PKG_VERSION)? diff --git a/net/netsniff-ng/patches/0004-mausezahn-use-getopt_long-instead-of-getopt.patch b/net/netsniff-ng/patches/0004-mausezahn-use-getopt_long-instead-of-getopt.patch new file mode 100644 index 000000000..528d201b2 --- /dev/null +++ b/net/netsniff-ng/patches/0004-mausezahn-use-getopt_long-instead-of-getopt.patch @@ -0,0 +1,57 @@ +From 519aae7b91454e45b0528809e94c5008cdf0c060 Mon Sep 17 00:00:00 2001 +From: Zahari Doychev +Date: Thu, 8 Dec 2022 17:40:17 +0100 +Subject: [PATCH] mausezahn: use getopt_long instead of getopt + +The musl getopt stops processing the options at the first non-option +argument comapared to the glibc variant. Using getopt_long fixes this +problem. + +Signed-off-by: Zahari Doychev +--- + staging/mausezahn.c | 13 ++++++------- + 1 file changed, 6 insertions(+), 7 deletions(-) + +--- a/staging/mausezahn.c ++++ b/staging/mausezahn.c +@@ -23,7 +23,8 @@ + #include + #include + #include +- ++#include ++ + #include "mz.h" + #include "cli.h" + #include "mops.h" +@@ -447,9 +448,7 @@ int getopts (int argc, char *argv[]) + char unit; + + opterr = 1; // let getopt print error message if necessary +- +- +- while ((c = getopt(argc, argv, short_options)) != -1) ++ while ((c = getopt_long(argc, argv, short_options, NULL, NULL)) != -1) { + switch (c) { + case '4': + tx.eth_type = 0x0800; +@@ -646,7 +645,7 @@ int getopts (int argc, char *argv[]) + fprintf (stderr," mz/getopts: Could not handle arguments properly!\n"); + return 1; + } +- ++ } + // ******************************************** + // Handle additional arguments + // ******************************************** +@@ -660,8 +659,8 @@ int getopts (int argc, char *argv[]) + "-- Verbose mode --\n" + "\n"); + } +- +- if (argc<2) { ++ ++ if (optind+2 < argc) { + help(); + } + diff --git a/net/openelp/Makefile b/net/openelp/Makefile new file mode 100644 index 000000000..e2822df9d --- /dev/null +++ b/net/openelp/Makefile @@ -0,0 +1,73 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=openelp +PKG_VERSION:=0.9.2 +PKG_RELEASE:=1 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=https://codeload.github.com/cottsay/openelp/tar.gz/v$(PKG_VERSION)? +PKG_HASH:=1427a2fe6f22856a66b9c687d7f14b7915abeeed64951ae596084f9366ec4256 + +PKG_MAINTAINER:=Scott K Logan +PKG_LICENSE:=BSD-3-Clause +PKG_LICENSE_FILES:=LICENSE + +CMAKE_INSTALL:=1 + +include $(INCLUDE_DIR)/package.mk +include $(INCLUDE_DIR)/cmake.mk + +define Package/libopenelp + SECTION:=libs + CATEGORY:=Libraries + TITLE:=Open Source EchoLink Proxy Library + URL:=https://github.com/cottsay/openelp + DEPENDS:=+libpcre2 + ABI_VERSION:=0 +endef + +define Package/openelp + SECTION:=net + CATEGORY:=Network + TITLE:=Open Source EchoLink Proxy + URL:=https://github.com/cottsay/openelp + DEPENDS:=+libopenelp +endef + +define Package/libopenelp/description + Library backing OpenELP - an open source EchoLink proxy. +endef + +define Package/openelp/description + OpenELP is an open source EchoLink proxy for Linux and Windows. It aims + to be efficient and maintain a small footprint, while still implementing + all of the features present in the official EchoLink proxy. + + OpenELP also has the ability to bind to multiple network interfaces + which are routed to unique external IP addresses, and therefore is + capable of accepting connections from multiple clients simultaneously. +endef + +CMAKE_OPTIONS += \ + -DSYSCONF_INSTALL_DIR=/etc + +define Package/openelp/conffiles +/etc/ELProxy.conf +endef + +define Package/libopenelp/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libopenelp.so.* $(1)/usr/lib/ +endef + +define Package/openelp/install + $(INSTALL_DIR) $(1)/etc + $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/ELProxy.conf $(1)/etc/ + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/openelpd $(1)/usr/bin/ + $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_BIN) ./files/openelp.init $(1)/etc/init.d/openelp +endef + +$(eval $(call BuildPackage,libopenelp)) +$(eval $(call BuildPackage,openelp)) diff --git a/net/openelp/files/openelp.init b/net/openelp/files/openelp.init new file mode 100755 index 000000000..a6640eb5c --- /dev/null +++ b/net/openelp/files/openelp.init @@ -0,0 +1,30 @@ +#!/bin/sh /etc/rc.common + +START=90 +STOP=10 + +USE_PROCD=1 + +NAME="openelp" +PROG="/usr/bin/openelpd" +CONFFILE="/etc/ELProxy.conf" + +extra_command "close" "Close the proxy to new connections" +extra_command "version" "Show version information" + +start_service() { + procd_open_instance + procd_set_param command "$PROG" + procd_append_param command -F -q -S "$CONFFILE" + procd_set_param stderr 1 + procd_set_param file "$CONFFILE" + procd_close_instance +} + +close() { + procd_send_signal openelp '*' USR1 +} + +version() { + "$PROG" -V +} diff --git a/net/openelp/test.sh b/net/openelp/test.sh new file mode 100644 index 000000000..fe9d27eeb --- /dev/null +++ b/net/openelp/test.sh @@ -0,0 +1,7 @@ +#!/bin/sh + +case "$1" in + "openelp") + openelpd -V | grep "$2" + ;; +esac diff --git a/net/rclone/Makefile b/net/rclone/Makefile index 731a0582e..cd5e4d02c 100644 --- a/net/rclone/Makefile +++ b/net/rclone/Makefile @@ -6,15 +6,15 @@ include $(TOPDIR)/rules.mk PKG_NAME:=rclone -PKG_VERSION:=1.62.2 +PKG_VERSION:=1.63.0 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/rclone/rclone/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=6741c81ae5b5cb48a04055f280f6e220ed4b35d26fe43f59510d0f7740044748 +PKG_HASH:=755af528052f946e8d41a3e96e5dbf8f03ecfe398f9d0fdeb7ca1a59208a75db PKG_LICENSE:=MIT -PKG_LICENSE_FILE:=LICENSE +PKG_LICENSE_FILES:=LICENSE PKG_MAINTAINER:=Elon Huang \ Tianling Shen diff --git a/net/sing-box/Makefile b/net/sing-box/Makefile index 2db8c7887..cbd4b4ac6 100644 --- a/net/sing-box/Makefile +++ b/net/sing-box/Makefile @@ -1,12 +1,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=sing-box -PKG_VERSION:=1.2.6 +PKG_VERSION:=1.3.0 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/SagerNet/sing-box/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=8f7adf55ed9afe6ec0dd8b04ed64dd3a6243578ee779f909dfb3778fa2dbda10 +PKG_HASH:=e89ffdadf11d4b34d12b2c0659efea0f0786b2396ea4638c61a06e7772783ca5 PKG_LICENSE:=GPL-3.0-or-later PKG_LICENSE_FILES:=LICENSE diff --git a/net/snort3/Makefile b/net/snort3/Makefile index 1645f6c00..bd888ec47 100644 --- a/net/snort3/Makefile +++ b/net/snort3/Makefile @@ -6,12 +6,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=snort3 -PKG_VERSION:=3.1.63.0 +PKG_VERSION:=3.1.64.0 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/snort3/snort3/archive/refs/tags/ -PKG_HASH:=7ca415ac8098cd5ee001dc751966d4a6028961ca9cfc788447b7ea7048f53f85 +PKG_HASH:=57be62557178526059ded86d0bebf8a57aa4a46db9390a48ae030b6e45f1dc61 PKG_MAINTAINER:=W. Michael Petullo PKG_LICENSE:=GPL-2.0-only diff --git a/net/strongswan/Makefile b/net/strongswan/Makefile index b05b42501..c106257bf 100644 --- a/net/strongswan/Makefile +++ b/net/strongswan/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=strongswan -PKG_VERSION:=5.9.10 -PKG_RELEASE:=5 +PKG_VERSION:=5.9.11 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=https://download.strongswan.org/ https://download2.strongswan.org/ -PKG_HASH:=3b72789e243c9fa6f0a01ccaf4f83766eba96a5e5b1e071d36e997572cf34654 +PKG_HASH:=ddf53f1f26ad26979d5f55e8da95bd389552f5de3682e35593f9a70b2584ed2d PKG_LICENSE:=GPL-2.0-or-later PKG_MAINTAINER:=Philip Prindeville , Noel Kuntze PKG_CPE_ID:=cpe:/a:strongswan:strongswan diff --git a/net/strongswan/files/swanctl.init b/net/strongswan/files/swanctl.init index e05c7228d..dcc065d2e 100644 --- a/net/strongswan/files/swanctl.init +++ b/net/strongswan/files/swanctl.init @@ -154,14 +154,16 @@ is_aead() { return 1 } -add_esp_proposal() { +config_esp_proposal() { + local conf="$1" + local encryption_algorithm local hash_algorithm local dh_group - config_get encryption_algorithm "$1" encryption_algorithm - config_get hash_algorithm "$1" hash_algorithm - config_get dh_group "$1" dh_group + config_get encryption_algorithm "$conf" encryption_algorithm + config_get hash_algorithm "$conf" hash_algorithm + config_get dh_group "$conf" dh_group # check for AEAD and clobber hash_algorithm if set if is_aead "$encryption_algorithm" && [ -n "$hash_algorithm" ]; then @@ -173,27 +175,29 @@ add_esp_proposal() { crypto="${crypto:+${crypto},}${encryption_algorithm}${hash_algorithm:+-${hash_algorithm}}${dh_group:+-${dh_group}}" } -parse_esp_proposal() { +iter_esp_proposal() { local conf="$1" local var="$2" local crypto="" - config_list_foreach "$conf" crypto_proposal add_esp_proposal + config_list_foreach "$conf" crypto_proposal config_esp_proposal export -n "$var=$crypto" } -add_ike_proposal() { +config_ike_proposal() { + local conf="$1" + local encryption_algorithm local hash_algorithm local dh_group local prf_algorithm - config_get encryption_algorithm "$1" encryption_algorithm - config_get hash_algorithm "$1" hash_algorithm - config_get dh_group "$1" dh_group - config_get prf_algorithm "$1" prf_algorithm + config_get encryption_algorithm "$conf" encryption_algorithm + config_get hash_algorithm "$conf" hash_algorithm + config_get dh_group "$conf" dh_group + config_get prf_algorithm "$conf" prf_algorithm # check for AEAD and clobber hash_algorithm if set if is_aead "$encryption_algorithm" && [ -n "$hash_algorithm" ]; then @@ -205,20 +209,20 @@ add_ike_proposal() { crypto="${crypto:+${crypto},}${encryption_algorithm}${hash_algorithm:+-${hash_algorithm}}${prf_algorithm:+-${prf_algorithm}}${dh_group:+-${dh_group}}" } -parse_ike_proposal() { +iter_ike_proposal() { local conf="$1" local var="$2" local crypto="" - config_list_foreach "$conf" crypto_proposal add_ike_proposal + config_list_foreach "$conf" crypto_proposal config_ike_proposal export -n "$var=$crypto" } config_child() { # Generic ipsec conn section shared by tunnel and transport - local config_name="$1" + local conf="$1" local mode="$2" local hw_offload @@ -241,29 +245,29 @@ config_child() { local rekeypackets local lifepackets - config_get startaction "$1" startaction "route" - config_get local_nat "$1" local_nat "" - config_get updown "$1" updown "" - config_get firewall "$1" firewall "" - config_get lifetime "$1" lifetime "" - config_get dpdaction "$1" dpdaction "none" - config_get closeaction "$1" closeaction "none" - config_get if_id "$1" if_id "" - config_get rekeytime "$1" rekeytime "" - config_get_bool ipcomp "$1" ipcomp 0 - config_get interface "$1" interface "" - config_get hw_offload "$1" hw_offload "" - config_get priority "$1" priority "" - config_get rekeybytes "$1" rekeybytes "" - config_get lifebytes "$1" lifebytes "" - config_get rekeypackets "$1" rekeypackets "" - config_get lifepackets "$1" lifepackets "" + config_get startaction "$conf" startaction "route" + config_get local_nat "$conf" local_nat "" + config_get updown "$conf" updown "" + config_get firewall "$conf" firewall "" + config_get lifetime "$conf" lifetime "" + config_get dpdaction "$conf" dpdaction "none" + config_get closeaction "$conf" closeaction "none" + config_get if_id "$conf" if_id "" + config_get rekeytime "$conf" rekeytime "" + config_get_bool ipcomp "$conf" ipcomp 0 + config_get interface "$conf" interface "" + config_get hw_offload "$conf" hw_offload "" + config_get priority "$conf" priority "" + config_get rekeybytes "$conf" rekeybytes "" + config_get lifebytes "$conf" lifebytes "" + config_get rekeypackets "$conf" rekeypackets "" + config_get lifepackets "$conf" lifepackets "" - config_list_foreach "$1" local_subnet append_var local_subnet "," - config_list_foreach "$1" remote_subnet append_var remote_subnet "," + config_list_foreach "$conf" local_subnet append_var local_subnet "," + config_list_foreach "$conf" remote_subnet append_var remote_subnet "," local esp_proposal - parse_esp_proposal "$1" esp_proposal + iter_esp_proposal "$conf" esp_proposal # translate from ipsec to swanctl case "$startaction" in @@ -329,7 +333,7 @@ config_child() { [ -n "$local_nat" ] && local_subnet="$local_nat" - swanctl_xappend3 "$config_name {" + swanctl_xappend3 "$conf {" [ -n "$local_subnet" ] && swanctl_xappend4 "local_ts = $local_subnet" [ -n "$remote_subnet" ] && swanctl_xappend4 "remote_ts = $remote_subnet" @@ -380,6 +384,7 @@ config_transport() { config_pool() { local conf="$1" + local addrs local dns local nbns @@ -390,15 +395,15 @@ config_pool() { local split_include local split_exclude - config_get addrs "$1" addrs - config_list_foreach "$1" dns append_var dns "," - config_list_foreach "$1" nbns append_var nbns "," - config_list_foreach "$1" dhcp append_var dhcp "," - config_list_foreach "$1" netmask append_var netmask "," - config_list_foreach "$1" server append_var server "," - config_list_foreach "$1" subnet append_var subnet "," - config_list_foreach "$1" split_include append_var split_include "," - config_list_foreach "$1" split_exclude append_var split_exclude "," + config_get addrs "$conf" addrs + config_list_foreach "$conf" dns append_var dns "," + config_list_foreach "$conf" nbns append_var nbns "," + config_list_foreach "$conf" dhcp append_var dhcp "," + config_list_foreach "$conf" netmask append_var netmask "," + config_list_foreach "$conf" server append_var server "," + config_list_foreach "$conf" subnet append_var subnet "," + config_list_foreach "$conf" split_include append_var split_include "," + config_list_foreach "$conf" split_exclude append_var split_exclude "," swanctl_xappend1 "$conf {" [ -n "$addrs" ] && swanctl_xappend2 "addrs = $addrs" @@ -413,8 +418,8 @@ config_pool() { swanctl_xappend1 "}" } -config_connection() { - local config_name="$1" +config_remote() { + local conf="$1" local enabled local gateway @@ -436,30 +441,30 @@ config_connection() { local remote_ca_certs local pools - config_get_bool enabled "$1" enabled 0 + config_get_bool enabled "$conf" enabled 0 [ $enabled -eq 0 ] && return - config_get gateway "$1" gateway - config_get pre_shared_key "$1" pre_shared_key - config_get auth_method "$1" authentication_method - config_get local_identifier "$1" local_identifier "" - config_get remote_identifier "$1" remote_identifier "" - config_get local_ip "$1" local_ip "%any" - config_get keyingtries "$1" keyingtries "3" - config_get dpddelay "$1" dpddelay "30s" - config_get inactivity "$1" inactivity - config_get keyexchange "$1" keyexchange "ikev2" - config_get fragmentation "$1" fragmentation "yes" - config_get_bool mobike "$1" mobike 1 - config_get local_cert "$1" local_cert "" - config_get local_key "$1" local_key "" - config_get ca_cert "$1" ca_cert "" - config_get rekeytime "$1" rekeytime - config_get overtime "$1" overtime + config_get gateway "$conf" gateway + config_get pre_shared_key "$conf" pre_shared_key + config_get auth_method "$conf" authentication_method + config_get local_identifier "$conf" local_identifier "" + config_get remote_identifier "$conf" remote_identifier "" + config_get local_ip "$conf" local_ip "%any" + config_get keyingtries "$conf" keyingtries "3" + config_get dpddelay "$conf" dpddelay "30s" + config_get inactivity "$conf" inactivity + config_get keyexchange "$conf" keyexchange "ikev2" + config_get fragmentation "$conf" fragmentation "yes" + config_get_bool mobike "$conf" mobike 1 + config_get local_cert "$conf" local_cert "" + config_get local_key "$conf" local_key "" + config_get ca_cert "$conf" ca_cert "" + config_get rekeytime "$conf" rekeytime + config_get overtime "$conf" overtime - config_list_foreach "$1" local_sourceip append_var local_sourceip "," - config_list_foreach "$1" remote_ca_certs append_var remote_ca_certs "," - config_list_foreach "$1" pools append_var pools "," + config_list_foreach "$conf" local_sourceip append_var local_sourceip "," + config_list_foreach "$conf" remote_ca_certs append_var remote_ca_certs "," + config_list_foreach "$conf" pools append_var pools "," case "$fragmentation" in 0) @@ -485,7 +490,7 @@ config_connection() { fi local ike_proposal - parse_ike_proposal "$1" ike_proposal + iter_ike_proposal "$conf" ike_proposal [ -n "$firewall" ] && fatal "Firewall not supported" @@ -505,9 +510,9 @@ config_connection() { fi fi - swanctl_xappend0 "# config for $config_name" + swanctl_xappend0 "# config for $conf" swanctl_xappend0 "connections {" - swanctl_xappend1 "$config_name {" + swanctl_xappend1 "$conf {" swanctl_xappend2 "local_addrs = $local_ip" swanctl_xappend2 "remote_addrs = $remote_gateway" @@ -531,9 +536,9 @@ config_connection() { swanctl_xappend2 "children {" - config_list_foreach "$1" tunnel config_tunnel + config_list_foreach "$conf" tunnel config_tunnel - config_list_foreach "$1" transport config_transport + config_list_foreach "$conf" transport config_transport swanctl_xappend2 "}" @@ -573,7 +578,7 @@ config_connection() { if [ -n "$ca_cert" ]; then swanctl_xappend0 "authorities {" - swanctl_xappend1 "$config_name {" + swanctl_xappend1 "$conf {" swanctl_xappend2 "cacert = $ca_cert" swanctl_xappend1 "}" swanctl_xappend0 "}" @@ -583,7 +588,7 @@ config_connection() { swanctl_xappend0 "" swanctl_xappend0 "secrets {" - swanctl_xappend1 "ike-$config_name {" + swanctl_xappend1 "ike-$conf {" swanctl_xappend2 "secret = $pre_shared_key" if [ -n "$local_identifier" ]; then swanctl_xappend2 "id1 = $local_identifier" @@ -598,7 +603,7 @@ config_connection() { fi swanctl_xappend0 "pools {" - config_list_foreach "$1" pools config_pool + config_list_foreach "$conf" pools config_pool swanctl_xappend0 "}" swanctl_xappend0 "" @@ -609,18 +614,20 @@ do_preamble() { } config_ipsec() { + local conf="$1" + local rtinstall_enabled local routing_table local routing_table_id local interface local interface_list - config_get debug "$1" debug 0 - config_get_bool rtinstall_enabled "$1" rtinstall_enabled 1 + config_get debug "$conf" debug 0 + config_get_bool rtinstall_enabled "$conf" rtinstall_enabled 1 [ $rtinstall_enabled -eq 1 ] && install_routes=yes || install_routes=no # prepare extra charon config option ignore_routing_tables - for routing_table in $(config_get "$1" "ignore_routing_tables"); do + for routing_table in $(config_get "$conf" "ignore_routing_tables"); do if [ "$routing_table" -ge 0 ] 2>/dev/null; then routing_table_id=$routing_table else @@ -630,7 +637,7 @@ config_ipsec() { [ -n "$routing_table_id" ] && append routing_tables_ignored "$routing_table_id" done - config_list_foreach "$1" interface append_var interface_list + config_list_foreach "$conf" interface append_var interface_list if [ -z "$interface_list" ]; then WAIT_FOR_INTF=0 @@ -673,7 +680,7 @@ prepare_env() { config_load ipsec config_foreach config_ipsec ipsec - config_foreach config_connection remote + config_foreach config_remote remote do_postamble } diff --git a/net/v2ray-geodata/Makefile b/net/v2ray-geodata/Makefile index 7e83c3663..1224c037c 100644 --- a/net/v2ray-geodata/Makefile +++ b/net/v2ray-geodata/Makefile @@ -12,22 +12,22 @@ PKG_MAINTAINER:=Tianling Shen include $(INCLUDE_DIR)/package.mk -GEOIP_VER:=202306010100 +GEOIP_VER:=202306150049 GEOIP_FILE:=geoip.dat.$(GEOIP_VER) define Download/geoip URL:=https://github.com/v2fly/geoip/releases/download/$(GEOIP_VER)/ URL_FILE:=geoip.dat FILE:=$(GEOIP_FILE) - HASH:=033864e77e40f8b9c1a5254bf85881515c51340d3d11e142a4e01594eb151914 + HASH:=811085edc67057690c783e735182db32e5a4b446ee5f6d70ef9e12960ce910da endef -GEOSITE_VER:=20230601044045 +GEOSITE_VER:=20230620033122 GEOSITE_FILE:=dlc.dat.$(GEOSITE_VER) define Download/geosite URL:=https://github.com/v2fly/domain-list-community/releases/download/$(GEOSITE_VER)/ URL_FILE:=dlc.dat FILE:=$(GEOSITE_FILE) - HASH:=d20bcd23c185dd3102a2106ad5370bc615cfb33d9a818daaadefe7a2068fb9ef + HASH:=caecb282d72bf6bfc7977257cadd436e59cb7eea8f6aabb0eae656ae4bf57d76 endef define Package/v2ray-geodata/template diff --git a/net/vsftpd/Makefile b/net/vsftpd/Makefile index ad74c7f92..52853052f 100644 --- a/net/vsftpd/Makefile +++ b/net/vsftpd/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=vsftpd PKG_VERSION:=3.0.5 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://security.appspot.com/downloads/ @@ -52,6 +52,7 @@ Package/vsftpd-tls/conffiles=$(Package/vsftpd/conffiles) ifneq ($(CONFIG_USE_MUSL),) NLSSTRING:=-lcrypt + TARGET_CFLAGS += -D_LARGEFILE64_SOURCE else ifneq ($(CONFIG_USE_GLIBC),) NLSSTRING:=-lcrypt else diff --git a/net/xray-core/Makefile b/net/xray-core/Makefile index 45a114120..a34aa0f1c 100644 --- a/net/xray-core/Makefile +++ b/net/xray-core/Makefile @@ -1,12 +1,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=xray-core -PKG_VERSION:=1.8.1 +PKG_VERSION:=1.8.3 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/XTLS/Xray-core/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=477ad92b80700b4742e59ad7848ca4726201841a57339e4c1bf9012e395622e2 +PKG_HASH:=bdfa65c15cd25f931745d9c70c753503db5d119ff11960ca7b3a2e19c4b0a8d1 PKG_MAINTAINER:=Tianling Shen PKG_LICENSE:=MPL-2.0 diff --git a/utils/acpica-unix/Makefile b/utils/acpica-unix/Makefile index fd5a11ce3..b1471c7c0 100644 --- a/utils/acpica-unix/Makefile +++ b/utils/acpica-unix/Makefile @@ -8,13 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=acpica-unix -PKG_VERSION:=20230331 +PKG_VERSION:=20230628 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_CAT:=gzip -dc PKG_SOURCE_URL:=https://acpica.org/sites/$(patsubst %-unix,%,$(PKG_NAME))/files/ -PKG_HASH:=0c5d695d605aaa61709f3c63f57a1a99b8902291723998446b0813b57ac310e2 +PKG_HASH:=86876a745e3d224dcfd222ed3de465b47559e85811df2db9820ef09a9dff5cce PKG_MAINTAINER:=Philip Prindeville PKG_LICENSE:=GPL-2.0 diff --git a/utils/acpica-unix/patches/0004-need-stdint.h-for-uintptr_t.patch b/utils/acpica-unix/patches/0004-need-stdint.h-for-uintptr_t.patch deleted file mode 100644 index c137560e3..000000000 --- a/utils/acpica-unix/patches/0004-need-stdint.h-for-uintptr_t.patch +++ /dev/null @@ -1,13 +0,0 @@ -We use the type uintptr_t but we don't directly include the header -file from which it comes. - ---- a/source/include/platform/aclinux.h -+++ b/source/include/platform/aclinux.h -@@ -312,6 +312,7 @@ - #ifdef ACPI_USE_STANDARD_HEADERS - #include - #include -+#include - - #define ACPI_OFFSET(d, f) offsetof(d, f) - #endif diff --git a/utils/acpica-unix/patches/0005-pragma-dangling-pointer-CurrentSp.patch b/utils/acpica-unix/patches/0005-pragma-dangling-pointer-CurrentSp.patch deleted file mode 100644 index cd903238f..000000000 --- a/utils/acpica-unix/patches/0005-pragma-dangling-pointer-CurrentSp.patch +++ /dev/null @@ -1,16 +0,0 @@ -Storing the address of an ephemeral variable into a persistent pointer -is flagged by GCC 12 as a dangling-pointer error. - ---- a/source/components/utilities/utdebug.c -+++ b/source/components/utilities/utdebug.c -@@ -185,7 +185,10 @@ AcpiUtInitStackPtrTrace ( - ACPI_SIZE CurrentSp; - - -+#pragma GCC diagnostic push -+#pragma GCC diagnostic ignored "-Wdangling-pointer=" - AcpiGbl_EntryStackPointer = &CurrentSp; -+#pragma GCC diagnostic pop - } - - diff --git a/utils/arp-whisper/Makefile b/utils/arp-whisper/Makefile new file mode 100644 index 000000000..23461f998 --- /dev/null +++ b/utils/arp-whisper/Makefile @@ -0,0 +1,53 @@ +# SPDX-License-Identifier: GPL-3.0-only +# +# Copyright (C) 2023 Facundo Acevedo + +include $(TOPDIR)/rules.mk + +PKG_NAME:=arp-whisper +PKG_VERSION:=0.1.2 +PKG_RELEASE:=1 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=https://codeload.github.com/FacundoAcevedo/arp-whisper/tar.gz/v$(PKG_VERSION)? +PKG_HASH:=13b393c64505d62b5abf7ace244eed0ce62f4b1562a688ddb5651bd42cc7c305 + +PKG_MAINTAINER:=Facundo Acevedo +PKG_LICENSE:=GPL-3.0-or-later +PKG_LICENSE_FILES:=LICENCE + +PKG_BUILD_DEPENDS:=rust/host + +include $(INCLUDE_DIR)/package.mk +include ../../lang/rust/rust-package.mk + +define Package/arp-whisper + SECTION:=utils + CATEGORY:=Utilities + TITLE:=ARP responses based on MAC-IP pairs + DEPENDS:=$(RUST_ARCH_DEPENDS) + URL:=https://github.com/FacundoAcevedo/arp-whisper +endef + +define Package/arp-whisper/description + arp-whisper listens to ARP requests on a network interface and responds + to them based on a list of IP-MAC address mappings defined in a + configuration file. +endef + +define Package/arp-whisper/conffiles +/etc/arp-whisper/arp-whisper +endef + +define Package/arp-whisper/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/bin/arp-whisper $(1)/usr/sbin/ + $(INSTALL_DIR) $(1)/etc + $(INSTALL_DIR) $(1)/etc/arp-whisper + $(INSTALL_CONF) ./files/etc/arp-whisper/arp-whisper $(1)/etc/arp-whisper + $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_BIN) ./files/arp-whisper.init $(1)/etc/init.d/arp-whisper +endef + +$(eval $(call RustBinPackage,arp-whisper)) +$(eval $(call BuildPackage,arp-whisper)) diff --git a/utils/arp-whisper/files/arp-whisper.init b/utils/arp-whisper/files/arp-whisper.init new file mode 100644 index 000000000..f5a29773d --- /dev/null +++ b/utils/arp-whisper/files/arp-whisper.init @@ -0,0 +1,14 @@ +#!/bin/sh /etc/rc.common + +START=60 +USE_PROCD=1 +PROG=/usr/sbin/arp-whisper +CONF_FILE=/etc/arp-whisper/arp-whisper + +start_service() { + procd_open_instance + procd_set_param command "$PROG" "$CONF_FILE" + procd_set_param stdout 1 + procd_set_param stderr 1 + procd_close_instance +} diff --git a/utils/arp-whisper/files/etc/arp-whisper/arp-whisper b/utils/arp-whisper/files/etc/arp-whisper/arp-whisper new file mode 100644 index 000000000..d2d8de71f --- /dev/null +++ b/utils/arp-whisper/files/etc/arp-whisper/arp-whisper @@ -0,0 +1,8 @@ +logging_level = "info" +[Network] +interface = br-lan + +[Hosts] +; ip = mac_address +; 192.168.1.2 = aa:bb:cc:dd:ee:ff +; 192.168.1.3 = 00:11:22:33:44:55 diff --git a/utils/collectd/Makefile b/utils/collectd/Makefile index f6d28ee85..1c8a04bc0 100644 --- a/utils/collectd/Makefile +++ b/utils/collectd/Makefile @@ -459,7 +459,7 @@ $(eval $(call BuildPlugin,chrony,chrony status input,chrony,)) $(eval $(call BuildPlugin,conntrack,connection tracking table size input,conntrack,)) $(eval $(call BuildPlugin,contextswitch,context switch input,contextswitch,)) $(eval $(call BuildPlugin,cpu,CPU input,cpu,)) -$(eval $(call BuildPlugin,cpufreq,CPU Freq input,cpufreq,@(TARGET_x86||TARGET_x86_64||TARGET_mvebu||TARGET_ipq806x||TARGET_armvirt||TARGET_ipq40xx||TARGET_bcm27xx_bcm2709||TARGET_rockchip||TARGET_mediatek||TARGET_ipq807x))) # Only enable on targets with CPUs supporting frequency scaling +$(eval $(call BuildPlugin,cpufreq,CPU Freq input,cpufreq,@(TARGET_x86||TARGET_x86_64||TARGET_mvebu||TARGET_ipq806x||TARGET_armsr||TARGET_ipq40xx||TARGET_bcm27xx_bcm2709||TARGET_rockchip||TARGET_mediatek||TARGET_qualcommax))) # Only enable on targets with CPUs supporting frequency scaling $(eval $(call BuildPlugin,csv,CSV output,csv,)) $(eval $(call BuildPlugin,curl,cURL input,curl,+PACKAGE_collectd-mod-curl:libcurl)) #$(eval $(call BuildPlugin,dbi,relational database input,dbi,+PACKAGE_collectd-mod-dbi:libdbi)) diff --git a/utils/docker-compose/Makefile b/utils/docker-compose/Makefile index fa7d7838e..f5383c7ac 100644 --- a/utils/docker-compose/Makefile +++ b/utils/docker-compose/Makefile @@ -1,14 +1,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=compose -PKG_VERSION:=2.18.1 +PKG_VERSION:=2.19.1 PKG_RELEASE:=1 PKG_LICENSE:=Apache-2.0 PKG_LICENSE_FILES:=LICENSE PKG_SOURCE:=v$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/docker/compose/tar.gz/v${PKG_VERSION}? -PKG_HASH:=192c47c177d9bfd8492ed0c49214af0c740586da6db0b7e9c9a07da37c9dc722 +PKG_HASH:=869d4ffd3f6b6835dcbb5cd627e98a9d2f1d30a9ae2c8e712275db9aa3e6e97d PKG_MAINTAINER:=Javier Marcet diff --git a/utils/fatresize/Makefile b/utils/fatresize/Makefile index ce91f1444..d385584e3 100644 --- a/utils/fatresize/Makefile +++ b/utils/fatresize/Makefile @@ -1,14 +1,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=fatresize -PKG_VERSION:=1.1.0 PKG_RELEASE:=1 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://github.com/ya-mouse/fatresize.git -PKG_SOURCE_DATE:=2021-11-24 -PKG_SOURCE_VERSION:=316981e43b14f42a9aa7b461c97e1f61f6f2390b -PKG_MIRROR_HASH:=5a7eabaf5896a92c72b9bdf1cacc5aa1bd19335d8c617c8c9bd0f02699b91548 +PKG_SOURCE_DATE:=2023-06-11 +PKG_SOURCE_VERSION:=ab78c48fe46d0eb29fcdfa3c6586ade223218433 +PKG_MIRROR_HASH:=a74ffa8c2327993d0c1d033229ef768dc69bacad8530ffc4b840017e8f436d22 PKG_FIXUP:=autoreconf PKG_BUILD_PARALLEL:=1 diff --git a/utils/gl-mifi-mcu/Makefile b/utils/gl-mifi-mcu/Makefile deleted file mode 100755 index 08183d91e..000000000 --- a/utils/gl-mifi-mcu/Makefile +++ /dev/null @@ -1,36 +0,0 @@ -include $(TOPDIR)/rules.mk -include $(INCLUDE_DIR)/kernel.mk - -PKG_NAME:=gl-mifi-mcu -PKG_VERSION:=1 -PKG_RELEASE:=1 - -PKG_MAINTAINER:=Nuno Goncalves -PKG_LICENSE:=GPL-3.0-or-later - -include $(INCLUDE_DIR)/package.mk - -define KernelPackage/gl-mifi-mcu - SUBMENU:=Hardware Monitoring Support - TITLE:=GL.iNet GL-MiFI Power monitoring support - AUTOLOAD:=$(call AutoLoad,60,gl-mifi-mcu) - FILES:=$(PKG_BUILD_DIR)/gl-mifi-mcu.ko -endef - -define KernelPackage/gl-mifi-mcu/description - Interfaces with GL-MiFI Power monitoring MCU with a soft UART - and provides Battery SOC, Temperature and charging data at - /proc/gl_mifi_mcu. - This feature is supported from GL-MiFi PCB revision v2.6.2. - The content of /proc/gl_mifi_mcu is JSON as received from the - UART and will frequenty contain corrupted data due to soft UART - unreliability. User application must validate the data. -endef - -define Build/Compile - $(KERNEL_MAKE) \ - M="$(PKG_BUILD_DIR)" \ - modules -endef - -$(eval $(call KernelPackage,gl-mifi-mcu)) diff --git a/utils/gl-mifi-mcu/src/Makefile b/utils/gl-mifi-mcu/src/Makefile deleted file mode 100755 index bce424b1b..000000000 --- a/utils/gl-mifi-mcu/src/Makefile +++ /dev/null @@ -1,4 +0,0 @@ -obj-m += gl-mifi-mcu.o - -gl-mifi-mcu-objs := module.o - diff --git a/utils/gl-mifi-mcu/src/module.c b/utils/gl-mifi-mcu/src/module.c deleted file mode 100755 index 98fc7fab8..000000000 --- a/utils/gl-mifi-mcu/src/module.c +++ /dev/null @@ -1,210 +0,0 @@ -#include -#include -#include -#include -#include -#include -#include -#include - -MODULE_LICENSE("GPL"); -MODULE_AUTHOR("Nuno Goncalves"); -MODULE_DESCRIPTION("GL-MiFi power monitoring MCU interface"); -MODULE_VERSION("0.1"); - -static int gpio_tx = 19; -static int gpio_rx = 8; -static int baudrate = 1200; -static int query_interval_sec = 4; - -static struct hrtimer timer_tx; -static struct hrtimer timer_rx; -static ktime_t period; -static int rx_bit_index = -1; - -static unsigned read_buf_ready = 0; -static unsigned read_buf_size = 0; -static char read_buf[2][64] = {{0},{0}}; - -static int proc_show(struct seq_file *m, void *v) -{ - seq_printf(m, "%s\n", read_buf[read_buf_ready]); - return 0; -} - -static int proc_open(struct inode *inode, struct file *file) -{ - return single_open(file, proc_show, NULL); -} - -#if LINUX_VERSION_CODE >= KERNEL_VERSION(5,6,0) -static const struct proc_ops hello_proc_ops = { - .proc_open = proc_open, - .proc_read = seq_read, - .proc_lseek = seq_lseek, - .proc_release = single_release, -}; -#else -static const struct file_operations hello_proc_ops = { - .owner = THIS_MODULE, - .open = proc_open, - .read = seq_read, - .llseek = seq_lseek, - .release = single_release, -}; -#endif - -static irq_handler_t handle_rx_start(unsigned int irq, void* device, struct pt_regs* registers) -{ - if (rx_bit_index == -1) - { - hrtimer_start(&timer_rx, ktime_set(0, period / 2), HRTIMER_MODE_REL); - } - return (irq_handler_t) IRQ_HANDLED; -} - -static enum hrtimer_restart handle_tx(struct hrtimer* timer) -{ - ktime_t current_time = ktime_get(); - const unsigned char character = 'g'; - static int bit_index = -1; - - // Start bit. - if (bit_index == -1) - { - gpio_set_value(gpio_tx, 0); - bit_index++; - } - - // Data bits. - else if (0 <= bit_index && bit_index < 8) - { - gpio_set_value(gpio_tx, 1 & (character >> bit_index)); - bit_index++; - } - - // Stop bit. - else if (bit_index == 8) - { - gpio_set_value(gpio_tx, 1); - bit_index = -1; - } - - hrtimer_forward(&timer_tx, current_time, bit_index == 8 - ? ktime_set(query_interval_sec, 0) //wait for next query cycle - : period); //wait for next bit period - - return HRTIMER_RESTART; -} - -void receive_character(unsigned char character) -{ - if(character == '{') - read_buf_size = 0; - - if(read_buf_size < (sizeof(read_buf[0])-1) || character == '}') - { - read_buf[!read_buf_ready][read_buf_size++] = character; - if(character == '}') - { - read_buf[!read_buf_ready][read_buf_size] = '\0'; - read_buf_ready = !read_buf_ready; - read_buf_size = 0; - } - } -} - -static enum hrtimer_restart handle_rx(struct hrtimer* timer) -{ - ktime_t current_time = ktime_get(); - static unsigned int character = 0; - int bit_value = gpio_get_value(gpio_rx); - enum hrtimer_restart result = HRTIMER_NORESTART; - bool must_restart_timer = false; - - // Start bit. - if (rx_bit_index == -1) - { - rx_bit_index++; - character = 0; - must_restart_timer = true; - } - - // Data bits. - else if (0 <= rx_bit_index && rx_bit_index < 8) - { - if (bit_value == 0) - { - character &= 0xfeff; - } - else - { - character |= 0x0100; - } - - rx_bit_index++; - character >>= 1; - must_restart_timer = true; - } - - // Stop bit. - else if (rx_bit_index == 8) - { - receive_character(character); - rx_bit_index = -1; - } - - // Restarts the RX timer. - if (must_restart_timer) - { - hrtimer_forward(&timer_rx, current_time, period); - result = HRTIMER_RESTART; - } - - return result; -} - -static int __init gl_mifi_mcu_init(void) -{ - bool success = true; - - proc_create("gl_mifi_mcu", 0, NULL, &hello_proc_ops); - - success &= gpio_request(gpio_tx, "soft_uart_tx") == 0; - success &= gpio_direction_output(gpio_tx, 1) == 0; - success &= gpio_request(gpio_rx, "soft_uart_rx") == 0; - success &= gpio_direction_input(gpio_rx) == 0; - success &= gpio_set_debounce(gpio_rx, 1000/baudrate/2); - - success &= request_irq( - gpio_to_irq(gpio_rx), - (irq_handler_t) handle_rx_start, - IRQF_TRIGGER_FALLING, - "gl_mifi_mcu_irq_handler", - NULL) == 0; - - hrtimer_init(&timer_tx, CLOCK_MONOTONIC, HRTIMER_MODE_REL); - timer_tx.function = &handle_tx; - hrtimer_init(&timer_rx, CLOCK_MONOTONIC, HRTIMER_MODE_REL); - timer_rx.function = &handle_rx; - period = ktime_set(0, 1000000000/baudrate); - hrtimer_start(&timer_tx, period, HRTIMER_MODE_REL); - - return success; -} - -static void __exit gl_mifi_mcu_exit(void) -{ - disable_irq(gpio_to_irq(gpio_rx)); - hrtimer_cancel(&timer_tx); - hrtimer_cancel(&timer_rx); - free_irq(gpio_to_irq(gpio_rx), NULL); - gpio_set_value(gpio_tx, 0); - gpio_free(gpio_tx); - gpio_free(gpio_rx); - remove_proc_entry("gl_mifi_mcu", NULL); -} - -module_init(gl_mifi_mcu_init); -module_exit(gl_mifi_mcu_exit); - diff --git a/utils/mhz/Makefile b/utils/mhz/Makefile new file mode 100644 index 000000000..fa8108917 --- /dev/null +++ b/utils/mhz/Makefile @@ -0,0 +1,33 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=mhz +PKG_RELEASE:=1 + +PKG_SOURCE_PROTO:=git +PKG_SOURCE_URL=https://github.com/wtarreau/mhz.git +PKG_SOURCE_DATE:=2023-06-17 +PKG_SOURCE_VERSION:=11aac2399780a1f7ea9f007b14af0464797d5cf1 +PKG_MIRROR_HASH:=b3ea0c9e6f111755c4207addef0ea210ace86bc6910c959c6fc489026897676f + +PKG_MAINTAINER:=Robert Marko +PKG_LICENSE:=MIT +PKG_LICENSE_FILES:=LICENSE + +include $(INCLUDE_DIR)/package.mk + +define Package/mhz + SECTION:=utils + CATEGORY:=Utilities + TITLE:=CPU frequency measurement utility +endef + +define Package/mhz/description + Tool to mathematically calculate the current CPU frequency. +endef + +define Package/mhz/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_BUILD_DIR)/mhz $(1)/usr/sbin/mhz +endef + +$(eval $(call BuildPackage,mhz)) diff --git a/utils/qemu/Makefile b/utils/qemu/Makefile index 509b03f38..ba6da4e1c 100644 --- a/utils/qemu/Makefile +++ b/utils/qemu/Makefile @@ -9,10 +9,10 @@ include $(TOPDIR)/rules.mk PKG_NAME:=qemu -PKG_VERSION:=8.0.0 +PKG_VERSION:=8.0.2 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz -PKG_HASH:=bb60f0341531181d6cc3969dd19a013d0427a87f918193970d9adb91131e56d0 +PKG_HASH:=f060abd435fbe6794125e2c398568ffc3cfa540042596907a8b18edca34cf6a5 PKG_SOURCE_URL:=http://download.qemu.org/ PKG_LICENSE:=GPL-2.0-only PKG_LICENSE_FILES:=LICENSE tcg/LICENSE @@ -28,7 +28,7 @@ PKG_BUILD_DEPENDS+=spice-protocol include $(INCLUDE_DIR)/nls.mk include $(INCLUDE_DIR)/package.mk -QEMU_DEPS_IN_GUEST := @(TARGET_x86_64||TARGET_armvirt||TARGET_malta) +QEMU_DEPS_IN_GUEST := @(TARGET_x86_64||TARGET_armsr||TARGET_malta) QEMU_DEPS_IN_HOST := @(TARGET_x86_64||TARGET_sunxi) QEMU_DEPS_IN_HOST += +libstdcpp QEMU_DEPS_IN_HOST += $(ICONV_DEPENDS) diff --git a/utils/qemu/patches/0001-configure-allow-disable-fortify_source.patch b/utils/qemu/patches/0001-configure-allow-disable-fortify_source.patch index 42d41305e..434b3d15a 100644 --- a/utils/qemu/patches/0001-configure-allow-disable-fortify_source.patch +++ b/utils/qemu/patches/0001-configure-allow-disable-fortify_source.patch @@ -11,7 +11,7 @@ OpenWrt base build system decide flavor of fortify_source to use --- a/configure +++ b/configure -@@ -895,6 +895,8 @@ for opt do +@@ -896,6 +896,8 @@ for opt do ;; --disable-vfio-user-server) vfio_user_server="disabled" ;; diff --git a/utils/qemu/patches/0010-no-tests.patch b/utils/qemu/patches/0010-no-tests.patch index c5e99a1bf..9c36a3914 100644 --- a/utils/qemu/patches/0010-no-tests.patch +++ b/utils/qemu/patches/0010-no-tests.patch @@ -1,6 +1,6 @@ --- a/meson.build +++ b/meson.build -@@ -3191,10 +3191,6 @@ subdir('common-user') +@@ -3192,10 +3192,6 @@ subdir('common-user') subdir('bsd-user') subdir('linux-user') @@ -11,7 +11,7 @@ # accel modules tcg_real_module_ss = ss.source_set() tcg_real_module_ss.add_all(when: 'CONFIG_TCG_MODULAR', if_true: tcg_module_ss) -@@ -3682,10 +3678,6 @@ subdir('scripts') +@@ -3687,10 +3683,6 @@ subdir('scripts') subdir('tools') subdir('pc-bios') subdir('docs') diff --git a/utils/selinux-python/Makefile b/utils/selinux-python/Makefile index ffaa99c7f..ababbae95 100644 --- a/utils/selinux-python/Makefile +++ b/utils/selinux-python/Makefile @@ -6,18 +6,20 @@ include $(TOPDIR)/rules.mk PKG_NAME:=selinux-python -PKG_VERSION:=3.2 +PKG_VERSION:=3.5 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/SELinuxProject/selinux/releases/download/$(PKG_VERSION) -PKG_HASH:=770855ea8120ef23007fdb9db94b1ed6e8cd77917b584ed8877bbee9c16e74fb +PKG_HASH:=8245bb4dae59333461f19ca0c79a829081f07972fa5e3ad4c2b2b917dd71d96b PKG_MAINTAINER:=Thomas Petazzoni PKG_LICENSE:=GPL-2.0-only -PKG_LICENSE_FILES:=COPYING -PYTHON3_PKG_BUILD:=0 +PKG_LICENSE_FILES:=LICENSE + +PKG_BUILD_PARALLEL:=1 PKG_INSTALL:=1 +PYTHON3_PKG_BUILD:=0 include $(INCLUDE_DIR)/package.mk include ../../lang/python/python3-package.mk @@ -27,107 +29,87 @@ include ../../lang/python/python3-package.mk # define Package/selinux-python/Default - SECTION:=utils - DEPENDS:=+python3 +python3-libselinux - CATEGORY:=Utilities URL:=http://selinuxproject.org/page/Main_Page + DEPENDS:=+python3-light +endef + +define Package/selinux-python/Default/python +$(call Package/selinux-python/Default) + SUBMENU:=Python + SECTION:=lang + CATEGORY:=Languages +endef + +define Package/selinux-python/Default/util +$(call Package/selinux-python/Default) + SECTION:=utils + CATEGORY:=Utilities + TITLE:=SELinux management utility endef define Package/selinux-python/Default/description - A set of SELinux tools written in python that help with - managing a system with SELinux enabled. +A set of SELinux tools written in Python that help with managing a +system with SELinux enabled. endef MAKE_VARS = \ - PYTHON=$(HOST_PYTHON3_BIN) \ - PYTHONLIBDIR=$(PYTHON3_PKG_DIR) \ - $(PYTHON3_VARS) + $(PYTHON3_VARS) \ + $(HOST_PYTHON3_PIP_VARS) \ + PYTHON_SETUP_ARGS=--no-compile define Build/Compile $(call Build/Compile/Default,all) endef # -# selinux-audit2allow +# python3-seobject # -define Package/selinux-audit2allow -$(call Package/selinux-python/Default) - TITLE:=selinux-audit2allow - DEPENDS+=+python3-sepolgen +libselinux +libsepol +define Package/python3-seobject +$(call Package/selinux-python/Default/python) + TITLE:=SELinux seobject library + DEPENDS+= +python3-selinux +python3-semanage +python3-sepolicy +python3-setools endef -define Package/selinux-audit2allow/description +define Package/python3-seobject/description $(call Package/selinux-python/Default/description) - This package contains the audit2allow and audit2why tools. + +This package contains the seobject library. endef -define Package/selinux-audit2allow/install - $(MAKE_VARS) $(MAKE) -C $(PKG_BUILD_DIR)/audit2allow DESTDIR=$(1) install - rm -rf $(1)/usr/share/man +define Py3Package/python3-seobject/filespec ++|$(PYTHON3_PKG_DIR)/seobject.py endef -# -# selinux-chchat -# - -define Package/selinux-chcat -$(call Package/selinux-python/Default) - TITLE:=selinux-chcat -endef - -define Package/selinux-chcat/description -$(call Package/selinux-python/Default/description) - This package contains the chcat tool. -endef - -define Package/selinux-chcat/install - $(MAKE_VARS) $(MAKE) -C $(PKG_BUILD_DIR)/chcat DESTDIR=$(1) install - rm -rf $(1)/usr/share -endef - -# -# selinux-semanage -# - -define Package/selinux-semanage -$(call Package/selinux-python/Default) - TITLE:=selinux-semanage - DEPENDS+=+python3-sepolicy +python3-libsemanage +setools -endef - -define Package/selinux-semanage/description -$(call Package/selinux-python/Default/description) - This package contains the semanage tool. -endef - -define Package/selinux-semanage/install - $(MAKE_VARS) $(MAKE) -C $(PKG_BUILD_DIR)/semanage DESTDIR=$(1) install - rm -rf $(1)/usr/share -endef +Py3Package/python3-seobject/install:=: # # python3-sepolgen # define Package/python3-sepolgen -$(call Package/selinux-python/Default) - SUBMENU:=Python - SECTION:=lang - CATEGORY:=Languages - TITLE:=python3-sepolgen +$(call Package/selinux-python/Default/python) + TITLE:=SELinux policy generation library + DEPENDS+= +python3-selinux endef define Package/python3-sepolgen/description $(call Package/selinux-python/Default/description) - This package contains the sepolgen Python library. + +This package contains the SELinux policy generation Python library. endef -define Package/python3-sepolgen/install - $(MAKE_VARS) $(MAKE) -C $(PKG_BUILD_DIR)/sepolgen DESTDIR=$(1) install - $(INSTALL_DIR) $(1)/usr/share/sepolgen/ - $(INSTALL_DATA) $(1)/var/lib/sepolgen/perm_map $(1)/usr/share/sepolgen/perm_map - $(RM) -rf $(1)/var +define Package/python3-sepolgen/conffiles +/etc/sepolgen/ +endef + +define Py3Package/python3-sepolgen/filespec ++|$(PYTHON3_PKG_DIR)/sepolgen +endef + +define Py3Package/python3-sepolgen/install + $(INSTALL_DIR) $(1)/etc/sepolgen + $(INSTALL_DATA) $(PKG_INSTALL_DIR)/var/lib/sepolgen/perm_map $(1)/etc/sepolgen/ endef # @@ -135,25 +117,173 @@ endef # define Package/python3-sepolicy -$(call Package/selinux-python/Default) - SUBMENU:=Python - SECTION:=lang - CATEGORY:=Languages - TITLE:=python3-sepolicy +$(call Package/selinux-python/Default/python) + TITLE:=SELinux Policy Analyses binding + DEPENDS+= +python3-selinux +python3-sepolgen +python3-xml +python3-setools endef define Package/python3-sepolicy/description $(call Package/selinux-python/Default/description) - This package contains the sepolicy Python library. + +This package contains a Python binding for SELinux Policy Analyses. endef -define Package/python3-sepolicy/install - $(MAKE_VARS) $(MAKE) -C $(PKG_BUILD_DIR)/sepolicy DESTDIR=$(1) install - rm -rf $(1)/usr/share +define Py3Package/python3-sepolicy/filespec ++|$(PYTHON3_PKG_DIR)/sepolicy +-|$(PYTHON3_PKG_DIR)/sepolicy/gui.py +-|$(PYTHON3_PKG_DIR)/sepolicy/sedbus.py ++|$(PYTHON3_PKG_DIR)/sepolicy-$(PKG_VERSION).dist-info endef +Py3Package/python3-sepolicy/install:=: + +# +# selinux-audit2allow +# + +define Package/selinux-audit2allow +$(call Package/selinux-python/Default/util) + TITLE+= audit2allow + DEPENDS+= +python3-selinux +python3-sepolgen +endef + +define Package/selinux-audit2allow/description +$(call Package/selinux-python/Default/description) + +This package contains the audit2allow and audit2why tools. +endef + +define Package/selinux-audit2allow/install + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/audit2allow $(1)/usr/bin/ + $(LN) audit2allow $(1)/usr/bin/audit2why +endef + +# +# selinux-chchat +# + +define Package/selinux-chcat +$(call Package/selinux-python/Default/util) + TITLE+= chcat + DEPENDS+= +python3-selinux +python3-seobject +selinux-semanage +endef + +define Package/selinux-chcat/description +$(call Package/selinux-python/Default/description) + +This package contains the chcat tool. +endef + +define Package/selinux-chcat/install + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/chcat $(1)/usr/bin/ +endef + +# +# selinux-python +# + +define Package/selinux-python +$(call Package/selinux-python/Default/util) + TITLE+= meta-package + DEPENDS:= \ + +selinux-audit2allow \ + +selinux-chcat \ + +selinux-semanage \ + +selinux-sepolgen-ifgen \ + +selinux-sepolicy +endef + +define Package/selinux-python/description +$(call Package/selinux-python/Default/description) + +This is a meta-package that installs all of the SELinux management +utilities. +endef + +Package/selinux-python/install:=: + +# +# selinux-semanage +# + +define Package/selinux-semanage +$(call Package/selinux-python/Default/util) + TITLE+= semanage + DEPENDS+= +python3-seobject +endef + +define Package/selinux-semanage/description +$(call Package/selinux-python/Default/description) + +This package contains the semanage tool. +endef + +define Package/selinux-semanage/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/semanage $(1)/usr/sbin/ +endef + +# +# selinux-sepolgen-ifgen +# + +define Package/selinux-sepolgen-ifgen +$(call Package/selinux-python/Default/util) + TITLE+= sepolgen-ifgen + DEPENDS+= +python3-selinux +python3-sepolgen +libselinux +endef + +define Package/selinux-sepolgen-iften/description +$(call Package/selinux-python/Default/description) + +This package contains the sepolgen-ifgen tool. +endef + +define Package/selinux-sepolgen-ifgen/install + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/sepolgen-ifgen $(1)/usr/bin/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/sepolgen-ifgen-attr-helper $(1)/usr/bin/ +endef + +# +# selinux-sepolicy +# + +define Package/selinux-sepolicy +$(call Package/selinux-python/Default/util) + TITLE+= sepolicy + DEPENDS+= +python3-multiprocessing +python3-selinux +python3-sepolicy +endef + +define Package/selinux-sepolicy/description +$(call Package/selinux-python/Default/description) + +This package contains the sepolicy and sepolgen tools. +endef + +define Package/selinux-sepolicy/install + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/sepolicy $(1)/usr/bin/ + $(LN) sepolicy $(1)/usr/bin/sepolgen +endef + +$(eval $(call Py3Package,python3-seobject)) +$(eval $(call Py3Package,python3-sepolgen)) +$(eval $(call Py3Package,python3-sepolicy)) + +$(eval $(call BuildPackage,python3-seobject)) +$(eval $(call BuildPackage,python3-sepolgen)) +$(eval $(call BuildPackage,python3-sepolicy)) + +$(eval $(call BuildPackage,python3-seobject-src)) +$(eval $(call BuildPackage,python3-sepolgen-src)) +$(eval $(call BuildPackage,python3-sepolicy-src)) + $(eval $(call BuildPackage,selinux-audit2allow)) $(eval $(call BuildPackage,selinux-chcat)) +$(eval $(call BuildPackage,selinux-python)) $(eval $(call BuildPackage,selinux-semanage)) -$(eval $(call BuildPackage,python3-sepolgen)) -$(eval $(call BuildPackage,python3-sepolicy)) +$(eval $(call BuildPackage,selinux-sepolgen-ifgen)) +$(eval $(call BuildPackage,selinux-sepolicy)) diff --git a/utils/selinux-python/patches/0001-sepolgen-adjust-data_dir.patch b/utils/selinux-python/patches/0001-sepolgen-adjust-data_dir.patch index 2589f2f99..5b866f199 100644 --- a/utils/selinux-python/patches/0001-sepolgen-adjust-data_dir.patch +++ b/utils/selinux-python/patches/0001-sepolgen-adjust-data_dir.patch @@ -4,6 +4,8 @@ Date: Wed, 2 Oct 2019 12:04:24 +0200 Subject: [PATCH] sepolgen: adjust data_dir() Signed-off-by: Thomas Petazzoni +(changed data_dir prefix from /usr/share to /etc) +Signed-off-by: Jeffery To --- sepolgen/src/sepolgen/defaults.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) @@ -15,7 +17,7 @@ Signed-off-by: Thomas Petazzoni def data_dir(): - return "/var/lib/sepolgen" -+ return "/usr/share/sepolgen" ++ return "/etc/sepolgen" def perm_map(): return data_dir() + "/perm_map" diff --git a/utils/selinux-python/patches/0003-sepolicy-no-gui.patch b/utils/selinux-python/patches/0003-sepolicy-no-gui.patch new file mode 100644 index 000000000..a822d4c5f --- /dev/null +++ b/utils/selinux-python/patches/0003-sepolicy-no-gui.patch @@ -0,0 +1,23 @@ +--- a/sepolicy/sepolicy.py ++++ b/sepolicy/sepolicy.py +@@ -685,7 +685,6 @@ if __name__ == '__main__': + gen_booleans_args(subparsers) + gen_communicate_args(subparsers) + gen_generate_args(subparsers) +- gen_gui_args(subparsers) + gen_interface_args(subparsers) + gen_manpage_args(subparsers) + gen_network_args(subparsers) +--- a/sepolicy/setup.py ++++ b/sepolicy/setup.py +@@ -13,10 +13,5 @@ setup( + packages=[ + "sepolicy", + "sepolicy.templates", +- "sepolicy.help" + ], +- package_data={ +- 'sepolicy': ['*.glade'], +- 'sepolicy.help': ['*.txt', '*.png'] +- } + ) diff --git a/utils/selinux-python/patches/0004-sepolicy-fix-get_os_version-except.patch b/utils/selinux-python/patches/0004-sepolicy-fix-get_os_version-except.patch new file mode 100644 index 000000000..f035846d5 --- /dev/null +++ b/utils/selinux-python/patches/0004-sepolicy-fix-get_os_version-except.patch @@ -0,0 +1,39 @@ +commit 80ba6c49dec9c2c48775e70a4d4564ba5e59eea1 +Author: Jeffery To +Date: Mon Jun 19 14:15:45 2023 +0800 + + python/sepolicy: Fix get_os_version except clause + + This adds more exceptions to be handled by the except clause in + `get_os_version()`: + + * If the `distro` package is not installed, then `import distro` raises + a `ModuleNotFoundError` exception. + + * The distro documentation[1] lists `OSError` and `UnicodeError` as + exceptions that can be raised. + + * Older versions of distro (<= 1.6.0) may also raise + `subprocessCalledProcessError`[2]. + + [1]: https://github.com/python-distro/distro/blob/v1.8.0/src/distro/distro.py#L749-L753 + [2]: https://github.com/python-distro/distro/blob/v1.6.0/distro.py#L726-L728 + + Signed-off-by: Jeffery To + +--- a/sepolicy/sepolicy/__init__.py ++++ b/sepolicy/sepolicy/__init__.py +@@ -1240,11 +1240,12 @@ def boolean_desc(boolean): + + + def get_os_version(): ++ import subprocess + system_release = "" + try: + import distro + system_release = distro.name(pretty=True) +- except IOError: ++ except (ModuleNotFoundError, OSError, IOError, UnicodeError, subprocess.CalledProcessError): + system_release = "Misc" + + return system_release diff --git a/utils/selinux-python/patches/0005-no-translations.patch b/utils/selinux-python/patches/0005-no-translations.patch new file mode 100644 index 000000000..9b1cb8cfe --- /dev/null +++ b/utils/selinux-python/patches/0005-no-translations.patch @@ -0,0 +1,8 @@ +--- a/Makefile ++++ b/Makefile +@@ -1,4 +1,4 @@ +-SUBDIRS = sepolicy audit2allow semanage sepolgen chcat po ++SUBDIRS = sepolicy audit2allow semanage sepolgen chcat + + all install relabel clean indent test: + @for subdir in $(SUBDIRS); do \ diff --git a/utils/semodule-utils/Makefile b/utils/semodule-utils/Makefile index 99ccf4d51..bfd94baac 100644 --- a/utils/semodule-utils/Makefile +++ b/utils/semodule-utils/Makefile @@ -6,46 +6,76 @@ include $(TOPDIR)/rules.mk PKG_NAME:=semodule-utils -PKG_VERSION:=3.3 +PKG_VERSION:=3.5 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/SELinuxProject/selinux/releases/download/$(PKG_VERSION) -PKG_HASH:=3098ec5e5f04a1dbbf4aa569b63a4570750a9fe0d4da14ce45954aa300a17063 +PKG_HASH:=c9a550a737051ebaf2c102f665c7ec2f85e7232870980aa0067998459b414283 PKG_MAINTAINER:=W. Michael Petullo PKG_LICENSE:=GPL-2.0-only -PKG_LICENSE_FILES:=COPYING +PKG_LICENSE_FILES:=LICENSE PKG_INSTALL:=1 PKG_BUILD_PARALLEL:=1 -HOST_BUILD_DEPENDS:=libsemanage/host include $(INCLUDE_DIR)/package.mk -include $(INCLUDE_DIR)/host-build.mk -define Package/semodule-utils +define Package/semodule-utils/Default SECTION:=utils CATEGORY:=Utilities DEPENDS:=+libsepol - TITLE:=SELinux policy utilities for dealing with modules + TITLE:=SELinux policy module utility URL:=http://selinuxproject.org/page/Main_Page endef +define Package/semodule-utils/Default/description +semodule-utils is a collection of utilities for dealing with policy +modules. +endef + +define Package/semodule-utils +$(call Package/semodule-utils/Default) + TITLE+= meta-package + DEPENDS:= \ + semodule-expand \ + semodule-link \ + semodule-package \ + semodule-unpackage +endef + define Package/semodule-utils/description - Semodule-utils is a collection of utilities for dealing with - policy modules. +$(call Package/semodule-utils/Default/description) + +This is a meta-package that installs all of the semodule-utils tools. endef -HOST_MAKE_FLAGS += \ - PREFIX=$(STAGING_DIR_HOSTPKG) \ - SBINDIR=$(STAGING_DIR_HOSTPKG)/sbin \ - ETCDIR=$(STAGING_DIR_HOSTPKG)/etc +Package/semodule-utils/install:=: -define Package/semodule-utils/install - $(INSTALL_DIR) $(1)/usr/bin - $(CP) $(PKG_INSTALL_DIR)/usr/bin/* $(1)/usr/bin/ +define BuildUtil + define Package/semodule-$(1) + $(call Package/semodule-utils/Default) + TITLE+= semodule_$(1) + endef + + define Package/semodule-$(1)/description +$(call Package/semodule-utils/Default/description) + +This contains the semodule_$(1) tool. + endef + + define Package/semodule-$(1)/install + $$(INSTALL_DIR) $$(1)/usr/bin + $$(INSTALL_BIN) $$(PKG_INSTALL_DIR)/usr/bin/semodule_$(1) $$(1)/usr/bin/ + endef + + $$(eval $$(call BuildPackage,semodule-$(1))) endef -$(eval $(call HostBuild)) $(eval $(call BuildPackage,semodule-utils)) + +$(eval $(call BuildUtil,expand)) +$(eval $(call BuildUtil,link)) +$(eval $(call BuildUtil,package)) +$(eval $(call BuildUtil,unpackage)) diff --git a/utils/setools/Makefile b/utils/setools/Makefile index 2e6d3f915..2bb4c7ff4 100644 --- a/utils/setools/Makefile +++ b/utils/setools/Makefile @@ -6,36 +6,109 @@ include $(TOPDIR)/rules.mk PKG_NAME:=setools -PKG_VERSION:=4.4.0 -PKG_RELEASE:=2 +PKG_VERSION:=4.4.2 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=https://github.com/SELinuxProject/setools/releases/download/$(PKG_VERSION) -PKG_HASH:=f3786677e40b7f16a226f48f233dcf835e700739614a7dbed2ff61cc9607814e -PKG_BUILD_DIR:=$(BUILD_DIR)/setools +PKG_HASH:=f23e3c8635aa289096ca0218ca6f4568a4346e088bc46f374cb0917b7fb66f05 PKG_BUILD_DEPENDS:=python-cython/host # Cython>=0.27 PKG_MAINTAINER:=W. Michael Petullo -PKG_LICENSE:=GPL-2.0-or-later LGPL-2.1-or-later +PKG_LICENSE:=GPL-2.0-only LGPL-2.1-only PKG_LICENSE_FILES:=COPYING COPYING.GPL COPYING.LGPL PKG_CPE_ID:=cpe:/a:selinuxproject:setools include $(INCLUDE_DIR)/package.mk include ../../lang/python/python3-package.mk -define Package/setools +TAR_OPTIONS+= --strip-components 1 +TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS) + +define Package/setools/Default SECTION:=utils CATEGORY:=Utilities - DEPENDS:=+python3 +python3-pkg-resources +python3-networkx +libselinux +libsepol - TITLE:=Policy analysis tools for SELinux + TITLE:=SELinux policy analysis tool URL:=http://selinuxproject.org/page/Main_Page + DEPENDS:=+python3-light +python3-logging +python3-setools +endef + +define Package/setools/Default/description +SETools is a collection of tools and libraries designed to facilitate +SELinux policy analysis. +endef + +define Package/python3-setools + SECTION:=lang + CATEGORY:=Languages + SUBMENU:=Python + TITLE:=SETools Python bindings + URL:=http://selinuxproject.org/page/Main_Page + DEPENDS:=+python3-light +python3-logging +python3-pkg-resources +libselinux +libsepol +endef + +define Package/python3-setools/description +$(call Package/setools/Default/description) + +This contains the SETools Python binding. +endef + +Py3Package/python3-setools/install:=: + +define Package/setools +$(call Package/setools/Default) + TITLE+= meta-package + DEPENDS:= \ + setools-sechecker \ + setools-sediff \ + setools-sedta \ + setools-seinfo \ + setools-seinfoflow \ + setools-sesearch endef define Package/setools/description - SETools is a collection of tools and libraries designed to facilitate - SELinux policy analysis. +$(call Package/setools/Default/description) + +This is a meta-package that installs all of the SETools tools. endef -$(eval $(call Py3Package,setools)) +Package/setools/install:=: + +define BuildUtil + define Package/setools-$(1) + $(call Package/setools/Default) + TITLE+= $(1) + DEPENDS+= $(2) + endef + + define Package/setools-$(1)/description +$(call Package/setools/Default/description) + +This contains the $(1) tool. + endef + + define Py3Package/setools-$(1)/install + $$(INSTALL_DIR) $$(1)/usr/bin + $$(INSTALL_BIN) $$(PKG_INSTALL_DIR)/usr/bin/$(1) $$(1)/usr/bin/ + endef + + Py3Package/setools-$(1)/filespec:= + + $$(eval $$(call Py3Package,setools-$(1))) + $$(eval $$(call BuildPackage,setools-$(1))) +endef + +$(eval $(call Py3Package,python3-setools)) +$(eval $(call BuildPackage,python3-setools)) +$(eval $(call BuildPackage,python3-setools-src)) + $(eval $(call BuildPackage,setools)) + +$(eval $(call BuildUtil,sechecker)) +$(eval $(call BuildUtil,sediff)) +$(eval $(call BuildUtil,sedta,+python3-networkx)) +$(eval $(call BuildUtil,seinfo)) +$(eval $(call BuildUtil,seinfoflow,+python3-networkx)) +$(eval $(call BuildUtil,sesearch)) diff --git a/utils/setools/patches/010-no-gui.patch b/utils/setools/patches/010-no-gui.patch new file mode 100644 index 000000000..54f03c316 --- /dev/null +++ b/utils/setools/patches/010-no-gui.patch @@ -0,0 +1,16 @@ +--- a/setup.py ++++ b/setup.py +@@ -139,10 +139,10 @@ setup(name='setools', + author_email='pebenito@ieee.org', + url='https://github.com/SELinuxProject/setools', + cmdclass={'build_qhc': QtHelpCommand, 'clean': CleanCommand}, +- packages=['setools', 'setools.checker', 'setools.diff', 'setoolsgui', 'setoolsgui.apol'], +- scripts=['apol', 'sediff', 'seinfo', 'seinfoflow', 'sesearch', 'sedta', 'sechecker'], ++ packages=['setools', 'setools.checker', 'setools.diff'], ++ scripts=['sediff', 'seinfo', 'seinfoflow', 'sesearch', 'sedta', 'sechecker'], + data_files=installed_data, +- package_data={'': ['*.ui', '*.qhc', '*.qch'], 'setools': ['perm_map', ++ package_data={'setools': ['perm_map', + 'policyrep.pyi', + 'py.typed']}, + ext_modules=cythonize(ext_py_mods, include_path=['setools/policyrep'], diff --git a/utils/setools/patches/030-remove-host-paths.patch b/utils/setools/patches/030-remove-host-paths.patch index 94553004d..bec9be9d6 100644 --- a/utils/setools/patches/030-remove-host-paths.patch +++ b/utils/setools/patches/030-remove-host-paths.patch @@ -1,12 +1,11 @@ --- a/setup.py +++ b/setup.py -@@ -79,7 +79,8 @@ class QtHelpCommand(Command): +@@ -79,7 +79,7 @@ class QtHelpCommand(Command): # Library linkage -lib_dirs = ['.', '/usr/lib64', '/usr/lib', '/usr/local/lib'] -+owrt_staging_dir = os.environ["STAGING_DIR"] -+lib_dirs = ['.', owrt_staging_dir + '/usr/lib64', owrt_staging_dir + '/usr/lib', owrt_staging_dir + '/usr/local/lib' ] ++lib_dirs = ['.', os.environ["STAGING_DIR"] + '/usr/lib'] include_dirs = [] with suppress(KeyError): diff --git a/utils/shared-mime-info/Makefile b/utils/shared-mime-info/Makefile index 919962511..b1b7a8a91 100644 --- a/utils/shared-mime-info/Makefile +++ b/utils/shared-mime-info/Makefile @@ -6,7 +6,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=shared-mime-info -PKG_VERSION:=2.1 +PKG_VERSION:=2.2 PKG_RELEASE:=2 PKG_MAINTAINER:=W. Michael Petullo @@ -16,7 +16,9 @@ PKG_LICENSE_FILES:=COPYING PKG_SOURCE:=shared-mime-info-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=https://gitlab.freedesktop.org/xdg/$(PKG_NAME)/-/archive/$(PKG_VERSION) -PKG_HASH:=37df6475da31a8b5fc63a54ba0770a3eefa0a708b778cb6366dccee96393cb60 +PKG_HASH:=418c480019d9865f67f922dfb88de00e9f38bf971205d55cdffab50432919e61 + +PKG_BUILD_DEPENDS:=gettext-full/host include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/nls.mk diff --git a/utils/shared-mime-info/patches/001-no-xmllint.patch b/utils/shared-mime-info/patches/001-no-xmllint.patch new file mode 100644 index 000000000..f5200bab8 --- /dev/null +++ b/utils/shared-mime-info/patches/001-no-xmllint.patch @@ -0,0 +1,11 @@ +--- a/meson.build ++++ b/meson.build +@@ -20,7 +20,7 @@ config.set_quoted('VERSION', meson.proje + ############################################################################### + # Find tools + +-xmllint = find_program('xmllint') ++xmllint = find_program('xmllint', required: false) + xmlto = find_program('xmlto', required: false) + + ############################################################################### diff --git a/utils/shared-mime-info/patches/001-shared-mime-info-2.1-fix-build.patch b/utils/shared-mime-info/patches/001-shared-mime-info-2.1-fix-build.patch deleted file mode 100644 index 38479a3a5..000000000 --- a/utils/shared-mime-info/patches/001-shared-mime-info-2.1-fix-build.patch +++ /dev/null @@ -1,75 +0,0 @@ -From 5a406b06792e26a83c7346b3c2443c0bd8d4cdb2 Mon Sep 17 00:00:00 2001 -From: Eli Schwartz -Date: Mon, 8 Nov 2021 18:22:47 -0500 -Subject: [PATCH] migrate from custom itstool to builtin msgfmt for creating - translated XML - -gettext upstream has supported this for a very long time (since 0.19.7 -via commit b3c2a5a242c36fbbaa0c5b17f975d6c638598a23, released in 2015), -and itstool is (mostly) a legacy of the time before gettext had proper -support for these sorts of use cases. - -This is similar to the state of intltool, which is described at -https://wiki.gnome.org/MigratingFromIntltoolToGettext - -During the port from autotools to meson, the legacy use of itstool was -faithfully translated to meson in the only way possible: by jumping -through hoops to run ninja inside ninja in order to generate the .mo -files for itstool, because meson's i18n module used a flawed design and -there was no "real" target to create those files, only a .PHONY -run_target which other rules cannot depend on. - -Although meson 0.60.0 added support for real targets for the built .mo -files, this changed the rules for output filenames, breaking the script. - -But msgfmt does not care, and anyways comes with builtin meson functions -for convenient use with XML files. So let's take this opportunity to -drop legacy dependencies and use the modern, builtin tooling, which -fixes this bug as a side effect. - -Fixes #170 ---- - .gitlab-ci.yml | 2 -- - README.md | 2 +- - data/freedesktop_generate.sh | 12 ------------ - data/meson.build | 16 +++++----------- - meson.build | 1 - - 5 files changed, 6 insertions(+), 27 deletions(-) - delete mode 100755 data/freedesktop_generate.sh - ---- a/data/meson.build -+++ b/data/meson.build -@@ -1,18 +1,12 @@ - - install_man('update-mime-database.1') - --freedesktop_org_xml = custom_target('freedesktop.org.xml', -- input : files( -- 'freedesktop.org.xml.in', -- 'its/shared-mime-info.its', -- 'its/shared-mime-info.loc', -- ), -+freedesktop_org_xml = i18n.merge_file( -+ input: 'freedesktop.org.xml.in', - output: 'freedesktop.org.xml', -- command: [ -- find_program('freedesktop_generate.sh'), -- meson.source_root(), -- meson.build_root() -- ], -+ data_dirs: '.', -+ po_dir: '../po', -+ type: 'xml', - install: true, - install_dir: get_option('datadir') / 'mime' / 'packages', - ) ---- a/meson.build -+++ b/meson.build -@@ -20,7 +20,6 @@ config.set_quoted('VERSION', meson.proje - ############################################################################### - # Find tools - --itstool = find_program('itstool') - xmllint = find_program('xmllint') - xmlto = find_program('xmlto') - diff --git a/utils/shared-mime-info/patches/002-shared-mime-info-2.1-no-xmlto.patch b/utils/shared-mime-info/patches/002-shared-mime-info-2.1-no-xmlto.patch deleted file mode 100644 index 59e6f037a..000000000 --- a/utils/shared-mime-info/patches/002-shared-mime-info-2.1-no-xmlto.patch +++ /dev/null @@ -1,33 +0,0 @@ ---- a/data/meson.build -+++ b/data/meson.build -@@ -15,15 +15,3 @@ install_data( - [ 'its/shared-mime-info.loc', 'its/shared-mime-info.its', ], - install_dir : get_option('datadir') / 'gettext/its' - ) -- --custom_target('shared-mime-info-spec-html', -- input : 'shared-mime-info-spec.xml', -- output: 'shared-mime-info-spec-html', -- command: [ -- xmlto, -- '-o', '@OUTPUT@', -- 'html-nochunks', -- '@INPUT@', -- ], -- build_by_default: true, --) ---- a/meson.build -+++ b/meson.build -@@ -18,12 +18,6 @@ config.set_quoted('PACKAGE', meson.proje - config.set_quoted('VERSION', meson.project_version()) - - ############################################################################### --# Find tools -- --xmllint = find_program('xmllint') --xmlto = find_program('xmlto') -- --############################################################################### - # Find xdgmime - - xdgmime = get_option('xdgmime-path') / 'src'