Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge branch 'openwrt:master' into master

Browse source
This commit is contained in:
Hayzam Sherif 2023-11-07 08:05:11 +04:00 committed by GitHub
commit b242ceee99
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
17 changed files with 496 additions and 347 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
lang/python/micropython-lib/Makefile
View file

@ -8,13 +8,13 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=micropython-lib
PKG_RELEASE:=2
PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/micropython/micropython-lib.git
PKG_SOURCE_VERSION:=7128d423c2e7c0309ac17a1e6ba873b909b24fcc
PKG_SOURCE_DATE:=20230522
PKG_MIRROR_HASH:=1f094aac257d2094ee91b457164f845f6461df1cf1d0ed7ee556c98f273f5afb
PKG_SOURCE_VERSION:=d8e163bb5f3ef45e71e145c27bc4f207beaad70f
PKG_SOURCE_DATE:=20231031
PKG_MIRROR_HASH:=6abb0a1460984c6fde99986971517121ac0207dabeb43cfb1855f6d7d1fd9ae5
PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
PKG_LICENSE:=MIT Python-2.0.1
@ -23,8 +23,8 @@ PKG_LICENSE_FILES:=LICENSE
PKG_BUILD_DEPENDS:=python3/host
PKG_BUILD_PARALLEL:=1
# keep in sync with micropython
MP_MPY_FILE_VERSION:=6
# keep in sync with micropython (MPY_VERSION in py/persistentcode.h)
MICROPYTHON_MPY_VERSION:=6
include $(INCLUDE_DIR)/package.mk
@ -111,7 +111,7 @@ define Build/Compile
endef
define Package/micropython-lib/install
$(call MicroPythonLib/Install,,$(MP_MPY_FILE_VERSION),$(1)/usr/lib/micropython)
$(call MicroPythonLib/Install,,$(MICROPYTHON_MPY_VERSION),$(1)/usr/lib/micropython)
endef
define Package/micropython-lib-src/install
@ -119,7 +119,7 @@ define Package/micropython-lib-src/install
endef
define Package/micropython-lib-unix/install
$(call MicroPythonLib/Install,unix-ffi-index,$(MP_MPY_FILE_VERSION),$(1)/usr/lib/micropython/unix)
$(call MicroPythonLib/Install,unix-ffi-index,$(MICROPYTHON_MPY_VERSION),$(1)/usr/lib/micropython/unix)
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) ./files/micropython-unix $(1)/usr/bin/

148
lang/python/micropython-lib/patches/004-unix-ffi-re-convert-to-PCRE2.patch
View file

@ -1,148 +0,0 @@
From 1cbe8c4dd653336c5766dfd75eb379ad37f04249 Mon Sep 17 00:00:00 2001
From: Christian Marangi <ansuelsmth@gmail.com>
Date: Thu, 28 Sep 2023 20:59:26 +0200
Subject: [PATCH] unix-ffi: re: convert to PCRE2
PCRE is marked as EOL and won't receive any new security update.
Convert the re module to PCRE2 API to enforce security.
Additional dependency is now needed with uctypes due to changes in how
PCRE2 return the match_data in a pointer and require special handling.
The converted module is tested with the test_re.py with no regression.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
---
unix-ffi/re/re.py | 73 +++++++++++++++++++++++++++++++----------------
1 file changed, 48 insertions(+), 25 deletions(-)
--- a/unix-ffi/re/re.py
+++ b/unix-ffi/re/re.py
@@ -1,36 +1,55 @@
import sys
import ffilib
import array
+import uctypes
+pcre2 = ffilib.open("libpcre2-8")
-pcre = ffilib.open("libpcre")
-
-# pcre *pcre_compile(const char *pattern, int options,
-# const char **errptr, int *erroffset,
-# const unsigned char *tableptr);
-pcre_compile = pcre.func("p", "pcre_compile", "sipps")
-
-# int pcre_exec(const pcre *code, const pcre_extra *extra,
-# const char *subject, int length, int startoffset,
-# int options, int *ovector, int ovecsize);
-pcre_exec = pcre.func("i", "pcre_exec", "PPsiiipi")
-
-# int pcre_fullinfo(const pcre *code, const pcre_extra *extra,
-# int what, void *where);
-pcre_fullinfo = pcre.func("i", "pcre_fullinfo", "PPip")
-
-
-IGNORECASE = I = 1
-MULTILINE = M = 2
-DOTALL = S = 4
-VERBOSE = X = 8
-PCRE_ANCHORED = 0x10
+# pcre2_code *pcre2_compile(PCRE2_SPTR pattern, PCRE2_SIZE length,
+# uint32_t options, int *errorcode, PCRE2_SIZE *erroroffset,
+# pcre2_compile_context *ccontext);
+pcre2_compile = pcre2.func("p", "pcre2_compile_8", "siippp")
+
+# int pcre2_match(const pcre2_code *code, PCRE2_SPTR subject,
+# PCRE2_SIZE length, PCRE2_SIZE startoffset, uint32_t options,
+# pcre2_match_data *match_data, pcre2_match_context *mcontext);
+pcre2_match = pcre2.func("i", "pcre2_match_8", "Psiiipp")
+
+# int pcre2_pattern_info(const pcre2_code *code, uint32_t what,
+# void *where);
+pcre2_pattern_info = pcre2.func("i", "pcre2_pattern_info_8", "Pip")
+
+# PCRE2_SIZE *pcre2_get_ovector_pointer(pcre2_match_data *match_data);
+pcre2_get_ovector_pointer = pcre2.func("p", "pcre2_get_ovector_pointer_8", "p")
+
+# pcre2_match_data *pcre2_match_data_create_from_pattern(const pcre2_code *code,
+# pcre2_general_context *gcontext);
+pcre2_match_data_create_from_pattern = pcre2.func(
+ "p", "pcre2_match_data_create_from_pattern_8", "Pp"
+)
+
+# PCRE2_SIZE that is of type size_t.
+# Use ULONG as type to support both 32bit and 64bit.
+PCRE2_SIZE_SIZE = uctypes.sizeof({"field": 0 | uctypes.ULONG})
+PCRE2_SIZE_TYPE = "L"
+
+# Real value in pcre2.h is 0xFFFFFFFF for 32bit and
+# 0x0xFFFFFFFFFFFFFFFF for 64bit that is equivalent
+# to -1
+PCRE2_ZERO_TERMINATED = -1
+
+
+IGNORECASE = I = 0x8
+MULTILINE = M = 0x400
+DOTALL = S = 0x20
+VERBOSE = X = 0x80
+PCRE2_ANCHORED = 0x80000000
# TODO. Note that Python3 has unicode by default
ASCII = A = 0
UNICODE = U = 0
-PCRE_INFO_CAPTURECOUNT = 2
+PCRE2_INFO_CAPTURECOUNT = 0x4
class PCREMatch:
@@ -67,19 +86,23 @@ class PCREPattern:
def search(self, s, pos=0, endpos=-1, _flags=0):
assert endpos == -1, "pos: %d, endpos: %d" % (pos, endpos)
buf = array.array("i", [0])
- pcre_fullinfo(self.obj, None, PCRE_INFO_CAPTURECOUNT, buf)
+ pcre2_pattern_info(self.obj, PCRE2_INFO_CAPTURECOUNT, buf)
cap_count = buf[0]
- ov = array.array("i", [0, 0, 0] * (cap_count + 1))
- num = pcre_exec(self.obj, None, s, len(s), pos, _flags, ov, len(ov))
+ match_data = pcre2_match_data_create_from_pattern(self.obj, None)
+ num = pcre2_match(self.obj, s, len(s), pos, _flags, match_data, None)
if num == -1:
# No match
return None
+ ov_ptr = pcre2_get_ovector_pointer(match_data)
+ # pcre2_get_ovector_pointer return PCRE2_SIZE
+ ov_buf = uctypes.bytearray_at(ov_ptr, PCRE2_SIZE_SIZE * (cap_count + 1) * 2)
+ ov = array.array(PCRE2_SIZE_TYPE, ov_buf)
# We don't care how many matching subexpressions we got, we
# care only about total # of capturing ones (including empty)
return PCREMatch(s, cap_count + 1, ov)
def match(self, s, pos=0, endpos=-1):
- return self.search(s, pos, endpos, PCRE_ANCHORED)
+ return self.search(s, pos, endpos, PCRE2_ANCHORED)
def sub(self, repl, s, count=0):
if not callable(repl):
@@ -141,9 +164,9 @@ class PCREPattern:
def compile(pattern, flags=0):
- errptr = bytes(4)
+ errcode = bytes(4)
erroffset = bytes(4)
- regex = pcre_compile(pattern, flags, errptr, erroffset, None)
+ regex = pcre2_compile(pattern, PCRE2_ZERO_TERMINATED, flags, errcode, erroffset, None)
assert regex
return PCREPattern(regex)
@@ -154,7 +177,7 @@ def search(pattern, string, flags=0):
def match(pattern, string, flags=0):
- r = compile(pattern, flags | PCRE_ANCHORED)
+ r = compile(pattern, flags | PCRE2_ANCHORED)
return r.search(string)

2
net/nmap/Makefile
View file

@ -14,7 +14,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=nmap
PKG_VERSION:=7.93
PKG_RELEASE:=2
PKG_RELEASE:=3
PKG_MAINTAINER:=Nuno Gonçalves <nunojpg@gmail.com>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2

295
net/nmap/patches/010-Build-based-on-OpenSSL-version.patch Normal file
View file

@ -0,0 +1,295 @@
From d6bea8dcdee36a3902cece14097993350306f1b6 Mon Sep 17 00:00:00 2001
From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Tue, 6 Sep 2022 22:39:34 +0000
Subject: [PATCH] Build based on OpenSSL version, not API level. Fixes #2516
---
ncat/http_digest.c | 2 +-
ncat/ncat_connect.c | 4 ++--
ncat/ncat_ssl.c | 6 +++---
ncat/ncat_ssl.h | 12 ------------
ncat/test/test-wildcard.c | 4 ++--
nse_openssl.cc | 28 +++++++---------------------
nse_ssl_cert.cc | 24 ++++++------------------
nsock/src/nsock_ssl.c | 4 ++--
nsock/src/nsock_ssl.h | 15 +--------------
9 files changed, 24 insertions(+), 75 deletions(-)
--- a/ncat/http_digest.c
+++ b/ncat/http_digest.c
@@ -133,7 +133,7 @@ int http_digest_init_secret(void)
return 0;
}
-#if OPENSSL_API_LEVEL < 10100
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
#define EVP_MD_CTX_new EVP_MD_CTX_create
#define EVP_MD_CTX_free EVP_MD_CTX_destroy
#endif
--- a/ncat/ncat_connect.c
+++ b/ncat/ncat_connect.c
@@ -82,8 +82,8 @@
#include <openssl/err.h>
/* Deprecated in OpenSSL 3.0 */
-#if OPENSSL_API_LEVEL >= 30000
-#define SSL_get_peer_certificate SSL_get1_peer_certificate
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+# define SSL_get_peer_certificate SSL_get1_peer_certificate
#endif
#endif
--- a/ncat/ncat_ssl.c
+++ b/ncat/ncat_ssl.c
@@ -80,7 +80,7 @@
#define FUNC_ASN1_STRING_data ASN1_STRING_data
#endif
-#if OPENSSL_API_LEVEL >= 30000
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
#include <openssl/provider.h>
/* Deprecated in OpenSSL 3.0 */
#define SSL_get_peer_certificate SSL_get1_peer_certificate
@@ -117,7 +117,7 @@ SSL_CTX *setup_ssl_listen(void)
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
SSL_load_error_strings();
-#elif OPENSSL_API_LEVEL >= 30000
+#elif OPENSSL_VERSION_NUMBER >= 0x30000000L
if (NULL == OSSL_PROVIDER_load(NULL, "legacy"))
{
loguser("OpenSSL legacy provider failed to load.\n");
@@ -477,7 +477,7 @@ static int ssl_gen_cert(X509 **cert, EVP
const char *commonName = "localhost";
char dNSName[128];
int rc;
-#if OPENSSL_API_LEVEL < 30000
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
int ret = 0;
RSA *rsa = NULL;
BIGNUM *bne = NULL;
--- a/ncat/ncat_ssl.h
+++ b/ncat/ncat_ssl.h
@@ -67,18 +67,6 @@
#include <openssl/ssl.h>
#include <openssl/err.h>
-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
-#ifndef OPENSSL_API_LEVEL
-# if OPENSSL_API_COMPAT < 0x900000L
-# define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
-# else
-# define OPENSSL_API_LEVEL \
- (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000 \
- + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
- + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
-# endif
-#endif
-
#define NCAT_CA_CERTS_FILE "ca-bundle.crt"
enum {
--- a/ncat/test/test-wildcard.c
+++ b/ncat/test/test-wildcard.c
@@ -20,7 +20,7 @@ are rejected. The SSL transactions happe
#include "ncat_core.h"
#include "ncat_ssl.h"
-#if OPENSSL_API_LEVEL < 30000
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
#include <openssl/bn.h>
#endif
@@ -294,7 +294,7 @@ stack_err:
static int gen_cert(X509 **cert, EVP_PKEY **key,
const struct lstr commonNames[], const struct lstr dNSNames[])
{
-#if OPENSSL_API_LEVEL < 30000
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
int rc, ret=0;
RSA *rsa = NULL;
BIGNUM *bne = NULL;
--- a/nse_openssl.cc
+++ b/nse_openssl.cc
@@ -20,6 +20,9 @@
#define FUNC_EVP_CIPHER_CTX_init EVP_CIPHER_CTX_reset
#define FUNC_EVP_CIPHER_CTX_cleanup EVP_CIPHER_CTX_reset
#define PASS_EVP_CTX(ctx) (ctx)
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+# include <openssl/provider.h>
+#endif
#else
#define FUNC_EVP_MD_CTX_init EVP_MD_CTX_init
#define FUNC_EVP_MD_CTX_cleanup EVP_MD_CTX_cleanup
@@ -37,23 +40,6 @@ extern NmapOps o;
#include "nse_openssl.h"
-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
-#ifndef OPENSSL_API_LEVEL
-# if OPENSSL_API_COMPAT < 0x900000L
-# define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
-# else
-# define OPENSSL_API_LEVEL \
- (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000 \
- + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
- + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
-# endif
-#endif
-
-
-#if OPENSSL_API_LEVEL >= 30000
-#include <openssl/provider.h>
-#endif
-
#define NSE_SSL_LUA_ERR(_L) \
luaL_error(_L, "OpenSSL error: %s", ERR_error_string(ERR_get_error(), NULL))
@@ -184,7 +170,7 @@ static int l_bignum_is_prime( lua_State
bignum_data_t * p = (bignum_data_t *) luaL_checkudata( L, 1, "BIGNUM" );
BN_CTX * ctx = BN_CTX_new();
int is_prime =
-#if OPENSSL_API_LEVEL < 30000
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
BN_is_prime_ex( p->bn, BN_prime_checks, ctx, NULL );
#else
BN_check_prime( p->bn, ctx, NULL );
@@ -199,7 +185,7 @@ static int l_bignum_is_safe_prime( lua_S
bignum_data_t * p = (bignum_data_t *) luaL_checkudata( L, 1, "BIGNUM" );
BN_CTX * ctx = BN_CTX_new();
int is_prime =
-#if OPENSSL_API_LEVEL < 30000
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
BN_is_prime_ex( p->bn, BN_prime_checks, ctx, NULL );
#else
BN_check_prime( p->bn, ctx, NULL );
@@ -210,7 +196,7 @@ static int l_bignum_is_safe_prime( lua_S
BN_sub_word( n, (BN_ULONG)1 );
BN_div_word( n, (BN_ULONG)2 );
is_safe =
-#if OPENSSL_API_LEVEL < 30000
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
BN_is_prime_ex( n, BN_prime_checks, ctx, NULL );
#else
BN_check_prime( n, ctx, NULL );
@@ -582,7 +568,7 @@ LUALIB_API int luaopen_openssl(lua_State
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined LIBRESSL_VERSION_NUMBER
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
-#elif OPENSSL_API_LEVEL >= 30000
+#elif OPENSSL_VERSION_NUMBER >= 0x30000000L
if (NULL == OSSL_PROVIDER_load(NULL, "legacy") && o.debugging > 1)
{
// Legacy provider may not be available.
--- a/nse_ssl_cert.cc
+++ b/nse_ssl_cert.cc
@@ -89,19 +89,7 @@
#define X509_get0_notAfter X509_get_notAfter
#endif
-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
-#ifndef OPENSSL_API_LEVEL
-# if OPENSSL_API_COMPAT < 0x900000L
-# define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
-# else
-# define OPENSSL_API_LEVEL \
- (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000 \
- + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
- + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
-# endif
-#endif
-
-#if OPENSSL_API_LEVEL >= 30000
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
#include <openssl/core_names.h>
/* Deprecated in OpenSSL 3.0 */
#define SSL_get_peer_certificate SSL_get1_peer_certificate
@@ -459,7 +447,7 @@ static const char *pkey_type_to_string(i
}
int lua_push_ecdhparams(lua_State *L, EVP_PKEY *pubkey) {
-#if OPENSSL_API_LEVEL >= 30000
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
char tmp[64] = {0};
size_t len = 0;
/* This structure (ecdhparams.curve_params) comes from tls.lua */
@@ -634,7 +622,7 @@ static int parse_ssl_cert(lua_State *L,
else
#endif
if (pkey_type == EVP_PKEY_RSA) {
-#if OPENSSL_API_LEVEL < 30000
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
RSA *rsa = EVP_PKEY_get1_RSA(pubkey);
if (rsa) {
#endif
@@ -643,7 +631,7 @@ static int parse_ssl_cert(lua_State *L,
luaL_getmetatable( L, "BIGNUM" );
lua_setmetatable( L, -2 );
#if HAVE_OPAQUE_STRUCTS
-#if OPENSSL_API_LEVEL < 30000
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
const BIGNUM *n = NULL, *e = NULL;
data->should_free = false;
RSA_get0_key(rsa, &n, &e, NULL);
@@ -663,7 +651,7 @@ static int parse_ssl_cert(lua_State *L,
luaL_getmetatable( L, "BIGNUM" );
lua_setmetatable( L, -2 );
#if HAVE_OPAQUE_STRUCTS
-#if OPENSSL_API_LEVEL < 30000
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
data->should_free = false;
#else
data->should_free = true;
@@ -673,7 +661,7 @@ static int parse_ssl_cert(lua_State *L,
data->bn = rsa->n;
#endif
lua_setfield(L, -2, "modulus");
-#if OPENSSL_API_LEVEL < 30000
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
RSA_free(rsa);
}
#endif
--- a/nsock/src/nsock_ssl.c
+++ b/nsock/src/nsock_ssl.c
@@ -64,7 +64,7 @@
#include "netutils.h"
#if HAVE_OPENSSL
-#if OPENSSL_API_LEVEL >= 30000
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
#include <openssl/provider.h>
#endif
@@ -120,7 +120,7 @@ static SSL_CTX *ssl_init_helper(const SS
SSL_library_init();
#else
OPENSSL_atexit(nsock_ssl_atexit);
-#if OPENSSL_API_LEVEL >= 30000
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
if (NULL == OSSL_PROVIDER_load(NULL, "legacy"))
{
nsock_log_error("OpenSSL legacy provider failed to load.\n");
--- a/nsock/src/nsock_ssl.h
+++ b/nsock/src/nsock_ssl.h
@@ -69,20 +69,7 @@
#include <openssl/err.h>
#include <openssl/rand.h>
-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
-#ifndef OPENSSL_API_LEVEL
-# if OPENSSL_API_COMPAT < 0x900000L
-# define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
-# else
-# define OPENSSL_API_LEVEL \
- (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000 \
- + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
- + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
-# endif
-#endif
-
-
-#if OPENSSL_API_LEVEL >= 30000
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
/* Deprecated in OpenSSL 3.0 */
#define SSL_get_peer_certificate SSL_get1_peer_certificate
#endif

2
net/pptpd/Makefile
View file

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=pptpd
PKG_VERSION:=1.4.0
PKG_RELEASE:=5
PKG_RELEASE:=6
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@SF/poptop

4
net/pptpd/files/pptpd.init
View file

@ -18,11 +18,11 @@ validate_login_section() {
validate_pptpd_section() {
uci_load_validate pptpd service "$1" "$2" \
'enabled:uinteger' \
'enabled:bool:1' \
'localip:string' \
'remoteip:string' \
'mppe:list(string):required no40 no56 stateless' \
'logwtmp:uinteger'
'logwtmp:bool:0'
}
setup_login() {

10
net/ser2net/Makefile
View file

@ -8,12 +8,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=ser2net
PKG_VERSION:=4.3.6
PKG_RELEASE:=2
PKG_VERSION:=4.5.0
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@SF/ser2net
PKG_HASH:=65515c7e9a5289167ae64c4032450904449a87ce20653241022af4f5db2e9510
PKG_HASH:=6ee1b217aad026948fd17ea00c5ecf6e982de822384c4349118461ad83caa0da
PKG_LICENSE:=GPL-2.0-or-later
PKG_LICENSE_FILES:=COPYING
@ -44,7 +44,7 @@ endef
define Package/ser2net/conffiles
/etc/config/ser2net
/etc/ser2net.conf
/etc/ser2net.yaml
endef
define Package/ser2net/install
@ -52,7 +52,7 @@ define Package/ser2net/install
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ser2net $(1)/usr/sbin/
$(INSTALL_DIR) $(1)/etc
$(INSTALL_CONF) ./files/ser2net.conf $(1)/etc/
$(INSTALL_CONF) ./files/ser2net.yaml $(1)/etc/
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_CONF) ./files/ser2net.config $(1)/etc/config/ser2net

70
net/ser2net/files/ser2net.conf
View file

@ -1,70 +0,0 @@
#
# This is a minimal example configuration file for ser2net. For a version with
# detailed comments and all possible configuration directives, please visit:
# https://github.com/cminyard/ser2net/blob/master/ser2net.conf
#
# On OpenWrt/LEDE systems, this configuration serves as a base configuration.
# During boot of the system, the UCI configuration file /etc/config/ser2net is
# parsed and converted to additional configuration lines which are _appended_
# to this file. The ser2net daemon is then started with the combined
# configuration file /tmp/ser2net.conf.
#
# A basic service configuration line has the following format:
# <network port>:<state>:<timeout>:<device>:<options>
# network port
# Name or number of the port to accept connections
# from for this device. A port number may be of the form
# [ipv4,|ipv6,][tcp,|udp,][host,]port, such as
# 127.0.0.1,2000 or ipv4,tcp,localhost,2000. If the host is
# specified, it will only bind to the IP address
# specified. Otherwise it will bind to all the ports on the
# machine. If ipv4 or ipv6 is specified, it will only bind
# to that network type.
#
# state
# Either raw or rawlp or telnet or off. off disables
# the port from accepting connections. It can be
# turned on later from the control port. raw enables
# the port and transfers all data as-is between the
# port and the long. rawlp enables the port and
# transfers all input data to device, device is open
# without any termios setting. It allow to use
# /dev/lpX devices and printers connected to them.
# telnet enables the port and runs the telnet proto-
# col on the port to set up telnet parameters. This
# is most useful for using telnet.
#
# timeout
# The time (in seconds) before the port will be dis-
# connected if there is no activity on it. A zero
# value disables this function.
#
# device
# The name of the device to connect to. This
# must be in the form of /dev/<device>.
#
# options
# Sets operational parameters for the serial port.
# For a serial device (not IPMI SOL):
# Options 300, 1200, 2400, 4800, 9600, 19200, 38400,
# 57600, 115200 set the various baud rates. EVEN,
# ODD, NONE (MARK and SPACE if supported) set the parity.
# Note that MARK and SPACE are not available on all systems
# or hardware, if it is not supported then it will be
# silently set to ODD or EVEN parity.
# 1STOPBIT, 2STOPBITS set
# the number of stop bits. 5DATABITS, 6DATABITS,
# 7DATABITS, 8DATABITS set the number of data bits.
# [-]XONXOFF turns on (- off) XON/XOFF support.
# [-]RTSCTS turns on (- off) hardware flow control,
# [-]LOCAL turns off (- on) monitoring of the modem lines,
# and [-]HANGUP_WHEN_DONE turns on (- off) lowering the
# modem control lines when the connection is done.
# [-]NOBREAK disables automatic setting of the break
# setting of the serial port.
#
# The "[-]remctl" option allow remote control (ala RFC
# 2217) of serial-port configuration.
#
# Example:
# 5000:telnet:0:/dev/ttyAPP0:115200 8DATABITS NONE 1STOPBIT -XONXOFF -LOCAL -RTSCTS remctl

218
net/ser2net/files/ser2net.init
View file

@ -7,55 +7,71 @@ STOP=10
USE_PROCD=1
PROG=/usr/sbin/ser2net
STATICCFGFILE="/etc/ser2net.conf"
DYNAMICCFGFILE="/tmp/ser2net.conf"
STATICCFGFILE="/etc/ser2net.yaml"
DYNAMICCFGFILE="/tmp/ser2net.yaml"
list_cb_append() {
local var="$2"
local value="$1"
local sep="${3:- }"
local sep="${3:-,}"
eval "export ${NO_EXPORT:+-n} -- \"$var=\${$var:+\${$var}\${value:+\$sep}}\$value\""
}
append_bool() {
local var="$1"
local key="$2"
local val="$3"
local uc="$4"
local s=""
[ "$uc" -eq 1 ] && key=`echo "$key" | tr '[a-z]' '[A-Z]'`
[ "$val" -eq 0 ] && s="-"
append "$var" "$s$key"
}
ser2net_default() {
local cfg="$1"
local key val
local baudrate parity databits stopbits
for key in speed baudrate databits stopbits parity chardelay_scale chardelay_min; do
config_get val "$cfg" "$key"
[ -n "$val" ] || continue
case "$key" in
baudrate) key="speed" ;;
hangup_when_done) ;;
telnet_brk_on_sync) ;;
deassert_CTS_DCD_DSR_on_connect) ;;
*) key=`echo "$key" | tr '_' '-'`
config_get baudrate "$cfg" speed
if [ -n "$baudrate" ]; then
config_get parity "$cfg" parity
case "$parity" in
[Nn]one) parity=n ;;
[Oo]dd) parity=o ;;
[Ee]ven) parity=e ;;
"") ;;
*) return 1
esac
echo "DEFAULT:$key:$val"
if [ -n "$parity" ]; then
config_get databits "$cfg" databits 8
[ "$databits" -ge 5 ] && [ "$databits" -le 9 ] || return 1
config_get stopbits "$cfg" stopbits 1
case "$stopbits" in
1) ;;
2) ;;
*) return 1
esac
fi
echo "default:"
echo " name: speed"
echo " value: $baudrate${parity:+$parity$databits$stopbits}"
fi
for key in chardelay_scale chardelay_min; do
config_get val "$cfg" "$key"
[ -n "$val" ] || continue
key=`echo "$key" | tr '_' '-'`
echo "default:"
echo " name: $key"
echo " value: $val"
done
for key in chardelay deassert_CTS_DCD_DSR_on_connect hangup_when_done kickolduser \
local nobreak remctl rtscts telnet_brk_on_sync xonxoff; do
case "$key" in
remctl) key=rfc2217 ;;
esac
config_get_bool val "$cfg" "$key"
[ -n "$val" ] || continue
key=`echo "$key" | tr '_' '-'`
[ "$val" -eq 0 ] && val="false" || val="true"
echo "DEFAULT:$key:$val"
echo "default:"
echo " name: $key"
echo " value: $val"
done
echo
@ -70,8 +86,12 @@ ser2net_controlport() {
config_get host "$cfg" host
config_get port "$cfg" port
[ "$port" -ge 1 ] && [ "$port" -le 65535 ] || return 1
echo -e "CONTROLPORT:${host:+$host,}$port\n"
echo "admin:"
echo " accepter: tcp,${host:+$host,}$port"
echo
}
ser2net_led() {
@ -80,84 +100,114 @@ ser2net_led() {
config_get driver "$cfg" driver sysfs
config_get device "$cfg" device
config_get state "$cfg" state 1
config_get duration "$cfg" duration 20
[ -z "$device" ] && return 1
config_get duration "$cfg" duration
config_get state "$cfg" state
echo -e "LED:$cfg:$driver:device=$device state=$state duration=$duration\n"
echo "led: &$cfg"
echo " driver: $driver"
echo " options:"
echo " device: \"$device\""
[ -n "$duration" ] && echo " duration: $duration"
[ -n "$state" ] && echo " state: $state"
echo
}
ser2net_proxy() {
local cfg="$1"
local enabled port protocol timeout device baudrate databits parity stopbits
local led_tx led_rx key boolval options
local key boolval options custom_options
local echo_options=1
config_get_bool enabled "$cfg" enabled 0
[ "$enabled" -eq 0 ] && return 0
config_get port "$cfg" port
[ "$port" -le 0 -o "$port" -gt 65535 ] && return 1
config_get protocol "$cfg" protocol
case "$protocol" in
raw|rawlp|telnet|off) ;;
*) return 1
esac
config_get timeout "$cfg" timeout 0
config_get device "$cfg" device
[ -z "$device" ] && return 1
config_get baudrate "$cfg" baudrate
[ -n "$baudrate" ] && append options "$baudrate"
config_get port "$cfg" port
[ "$port" -ge 1 ] && [ "$port" -le 65535 ] || return 1
config_get databits "$cfg" databits
if [ -n "$databits" ]; then
[ "$databits" -lt 5 -o "$databits" -gt 8 ] && return 1
append options "${databits}DATABITS"
config_get protocol "$cfg" protocol
case "$protocol" in
raw)
protocol="tcp"
;;
rawlp)
protocol="tcp"
options="wronly"
;;
telnet)
protocol="telnet,tcp"
config_get_bool boolval "$cfg" remctl 0
[ "$boolval" -eq 1 ] && protocol="telnet(rfc2217),tcp"
;;
off)
enabled=0
;;
*) return 1
esac
config_get baudrate "$cfg" baudrate
if [ -n "$baudrate" ]; then
config_get parity "$cfg" parity
case "$parity" in
[Nn]one) parity=n ;;
[Oo]dd) parity=o ;;
[Ee]ven) parity=e ;;
"") ;;
*) return 1
esac
if [ -n "$parity" ]; then
config_get databits "$cfg" databits 8
[ "$databits" -ge 5 ] && [ "$databits" -le 9 ] || return 1
config_get stopbits "$cfg" stopbits 1
case "$stopbits" in
1) ;;
2) ;;
*) return 1
esac
fi
fi
config_get parity "$cfg" parity
parity=`echo "$parity" | tr '[a-z]' '[A-Z]'`
case "$parity" in
EVEN|ODD|NONE|MARK|SPACE) append options "$parity" ;;
"") ;;
*) return 1
esac
config_get stopbits "$cfg" stopbits
case "$stopbits" in
1) append options "${stopbits}STOPBIT" ;;
2) append options "${stopbits}STOPBITS" ;;
"") ;;
*) return 1
esac
config_get led_tx "$cfg" led_tx
[ -n "$led_tx" ] && append options "led-tx=$led_tx"
config_get led_rx "$cfg" led_rx
[ -n "$led_rx" ] && append options "led-rx=$led_rx"
config_get timeout "$cfg" timeout 0
for key in rtscts local xonxoff nobreak hangup_when_done; do
config_get_bool boolval "$cfg" "$key"
[ -n "$boolval" ] || continue
append_bool options "$key" "$boolval" 1
key=`echo "$key" | tr '_' '-'`
options="${options:+$options,}$key"
[ "$boolval" -eq 0 ] && options="$options=false"
done
for key in chardelay telnet_brk_on_sync kickolduser remctl; do
config_list_foreach "$cfg" options list_cb_append custom_options
echo "connection: &$cfg"
echo " accepter: $protocol,$port"
echo " timeout: $timeout"
[ "$enabled" -eq 0 ] && echo " enable: off"
echo " connector: serialdev,$device${baudrate:+,$baudrate${parity:+$parity$databits$stopbits}}${options:+,$options}${custom_options:+,$custom_options}"
for key in led_tx led_rx; do
config_get val "$cfg" "$key"
[ -n "$val" ] || continue
[ "$echo_options" -eq 1 ] && echo " options:" && echo_options=0
key=`echo "$key" | tr '_' '-'`
echo " $key: *$val"
done
for key in chardelay telnet_brk_on_sync kickolduser; do
config_get_bool boolval "$cfg" "$key"
[ -n "$boolval" ] || continue
append_bool options "$key" "$boolval" 0
[ "$echo_options" -eq 1 ] && echo " options:" && echo_options=0
key=`echo "$key" | tr '_' '-'`
echo " $key: $boolval"
done
config_list_foreach "$cfg" options list_cb_append options
if [ "`echo "$device" | sed 's/://g'`" != "$device" ]; then
echo "DEVICE:$cfg:$device"
device="$cfg"
fi
echo -e "$port:$protocol:$timeout:$device:$options\n"
echo
}
start_service() {
@ -169,15 +219,15 @@ start_service() {
[ "$enabled" -gt 0 ] || return 0
cat "$STATICCFGFILE" - 2>/dev/null <<-EOF > "$DYNAMICCFGFILE"
#
# Following part is auto-generated from UCI settings in /etc/config/ser2net
#
EOF
config_foreach ser2net_controlport controlport >> "$DYNAMICCFGFILE"
config_foreach ser2net_default default >> "$DYNAMICCFGFILE"
config_foreach ser2net_led led >> "$DYNAMICCFGFILE"
config_foreach ser2net_controlport controlport >> "$DYNAMICCFGFILE"
config_foreach ser2net_proxy proxy >> "$DYNAMICCFGFILE"
procd_open_instance

10
net/ser2net/files/ser2net.yaml Normal file
View file

@ -0,0 +1,10 @@
# This is a minimal example configuration file for ser2net. For a version with
# detailed comments and all possible configuration directives, please visit:
# https://github.com/cminyard/ser2net/blob/master/ser2net.yaml
#
# On OpenWrt/LEDE systems, this configuration serves as a base configuration.
# During boot of the system, the UCI configuration file /etc/config/ser2net is
# parsed and converted to additional configuration lines which are _appended_
# to this file. The ser2net daemon is then started with the combined
# configuration file /tmp/ser2net.yaml.

11
net/ser2net/patches/001-fix-disabling-pam.patch
View file

@ -1,11 +0,0 @@
--- a/configure.ac
+++ b/configure.ac
@@ -39,7 +39,7 @@ AC_ARG_WITH(pam,
fi,
)
-if test "use_pam" != "no"; then
+if test "$use_pam" != "no"; then
have_pam=yes
AC_CHECK_HEADER(security/pam_appl.h, [], [have_pam=no])
if test "$have_pam" = "yes"; then

2
net/tinc/Makefile
View file

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=tinc
PKG_VERSION:=1.1pre18
PKG_RELEASE:=2
PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://tinc-vpn.org/packages

39
net/tinc/files/tinc.init
View file

@ -91,11 +91,16 @@ prepare_host() {
HOST_CONF_FILE="$TMP_TINC/$n/hosts/$s"
MANDATORY_PARAM_IN_UCI=0
[ ! -f "/etc/tinc/$n/hosts/$s" ] && {
config_get pk "$s" "PublicKey"
config_get pk_i "$s" "PublicKey"
config_get pk_f "$s" "PublicKeyFile"
config_get pked_i "$s" "Ed25519PublicKey"
config_get pked_f "$s" "Ed25519PublicKeyFile"
config_get na "$s" "Name"
if [ -n "$pk" -a -n "$na" ] ; then
HOST_CONF_FILE="$TMP_TINC/$n/hosts/$na"
MANDATORY_PARAM_IN_UCI=1
if [ -n "$na" ] ; then
HOST_CONF_FILE="$TMP_TINC/$n/hosts/$na"
fi
if [ -n "$pk_i$pk_f$pked_i$pked_f" ] ; then
MANDATORY_PARAM_IN_UCI=1
fi
}
@ -107,7 +112,7 @@ prepare_host() {
[ ! -f "/etc/tinc/$n/hosts/$s" ] && {
if [ "$MANDATORY_PARAM_IN_UCI" -eq 1 ] ; then
touch "$HOST_CONF_FILE" ;
touch "$HOST_CONF_FILE"
else
echo -n "tinc: Warning, public key for $s for network $n "
echo -n "missing in /etc/tinc/$n/hosts/$s, "
@ -118,12 +123,25 @@ prepare_host() {
# append flags
append_conf_bools "$s" "$HOST_CONF_FILE" \
ClampMSS IndirectData PMTUDiscovery TCPOnly
ClampMSS \
IndirectData \
PMTUDiscovery \
TCPOnly
# append params
append_conf_params "$s" "$HOST_CONF_FILE" \
Address Cipher Compression Digest Ed25519PublicKey MACLength Name PMTU \
Port PublicKey PublicKeyFile Subnet
Address \
Cipher \
Compression \
Digest \
Ed25519PublicKey \
Ed25519PublicKeyFile \
MACLength \
PMTU \
Port \
PublicKey \
PublicKeyFile \
Subnet
}
check_gen_own_key() {
@ -139,9 +157,9 @@ check_gen_own_key() {
config_get k "$s" key_size
if [ -z "$k" ]; then
$BIN -c "$TMP_TINC/$s" --generate-keys </dev/null
$BIN -c "$TMP_TINC/$s" generate-keys </dev/null
else
$BIN -c "$TMP_TINC/$s" "--generate-keys=$k" </dev/null
$BIN -c "$TMP_TINC/$s" generate-keys "$k" </dev/null
fi
[ ! -d "/etc/tinc/$s/hosts" ] && mkdir -p "/etc/tinc/$s/hosts"
@ -187,7 +205,6 @@ prepare_net() {
Device \
DeviceType \
Ed25519PrivateKeyFile \
ECDSAPublicKey \
Forwarding \
Interface \
ListenAddress \

2
net/udp-broadcast-relay-redux-openwrt/Makefile
View file

@ -1,7 +1,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=udp-broadcast-relay-redux
PKG_RELEASE:=2
PKG_RELEASE:=3
PKG_LICENSE:=GPL-2.0
PKG_SOURCE_PROTO:=git

9
net/udp-broadcast-relay-redux-openwrt/files/udp-broadcast-relay-redux.init
View file

@ -15,7 +15,8 @@ validate_section_udp_broadcast_relay_redux()
'port:port' \
'network:list(string)' \
'src_override:ip4addr' \
'dest_override:ip4addr'
'dest_override:ip4addr' \
'multicast:ip4addr'
[ -z "$id" ] && return 1
@ -27,7 +28,7 @@ validate_section_udp_broadcast_relay_redux()
}
udp_broadcast_relay_redux_instance() {
local net network ifname id port src_override dest_override
local net network ifname id port src_override dest_override multicast
validate_section_udp_broadcast_relay_redux "${1}" || {
echo "Validation failed"
@ -58,6 +59,10 @@ udp_broadcast_relay_redux_instance() {
procd_append_param command "-t" "$dest_override"
fi
if [ -n "$multicast" ] ; then
procd_append_param command "--multicast" "$multicast"
fi
procd_add_jail ubr-${PIDCOUNT} cgroupsns
procd_close_instance
}

1
net/udp-broadcast-relay-redux-openwrt/files/udp_broadcast_relay_redux.config
View file

@ -4,3 +4,4 @@
# list network lan
# list network vpnsrv
# option dest_override 10.66.2.13
# option multicast 239.255.255.250

4
net/v2ray-core/Makefile
View file

@ -5,12 +5,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=v2ray-core
PKG_VERSION:=5.8.0
PKG_VERSION:=5.11.0
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/v2fly/v2ray-core/tar.gz/v$(PKG_VERSION)?
PKG_HASH:=340798554d2c7f0e5fb719f9d9dd6a667dfe93ccdd3b1d653c3a3bdb04ed2d00
PKG_HASH:=c25490d6b0600cd316409f112d39e10f5d7c66bb89f18dafcd3a95d26f889bc2
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=LICENSE