The ssl module assumes OpenSSL can load the default trust anchors (root
CA certificates).
From https://github.com/openwrt/packages/issues/12209
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Add -rpath linker option to host build, pointing to staging/hostpkh/lib.
It's needed to find the correct host libs during runtime, without it the
hosts libs may be used instaead, causing failures.
Signed-off-by: Jan Kardell <jan.kardell@telliq.com>
(cherry picked from commit 0311e58bb6)
The linker option -rpath is required to find libs in staging_dir. Now it
is included when building host modules. Without it the import test of
the _ctypes and _uuid modules would fail. The _ctypes module uses
libffi.so.6 from staging, but OpenSUSE LEAP 15 has libffi.so.7.
It will also fail on LEAP 42.x, Fedora28 and 29 and future or old
versions of Ubuntu.
Fix needed in master and 18.06 branches.
Signed-off-by: Jan Kardell <jan.kardell@telliq.com>
(cherry picked from commit 6ade5a1e3a)
Fixes:
CVE-2020-2752
CVE-2020-2812
CVE-2020-2814
This commit also moves mysql_upgrade to the client package and installs
the configuration files readable for all, so that the clients can read
them.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Sometimes the return value of `ubus -S call network.interface.wan status`
cause `json_load` to return `Failed to parse message data` error.
To avoid this, the JSON data always should be quoted with double quotes.
Signed-off-by: Evren Yurtesen <eyurtese@abo.fi>
Removed quoatation marks from commit heading
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 94e0c78826)
Switch to normal tarballs. Remove autoreconf as a result.
Several Makefile cleanups for consistency.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit c22dd1bf74)
(cherry picked from commit 2085b990ff)
When during the build the openssl extension is also selected, then
the mysqlnd extension depends on it, too.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit 50b1cd3757)
This is to address the need for specifying dependency on a wget
implementation with ssl support.
Now we have a game of names for opkg
1. uclient-fetch: minimal version by openwrt project
2. wget-nossl: gnu wget w/o ssl support
3. wget-ssl: for the moment since this commit, gnu wget w/ ssl support
4. wget: uclient-fetch, wget-nossl, or wget-ssl
5. gnu-wget: wget-nossl or wget-ssl
By the time we provide some dummy package like uclient-fetch-ssl and
make it also provide wget-ssl, I guess by then we will also need
gnu-wget-ssl...
Ref: https://github.com/openwrt/packages/issues/11534
Ref: https://github.com/openwrt/packages/pull/9941
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit 585e4a38fe &
resolved conflict)
The package wget should not say that it provides itself.
This also make gnu-wget provide general so it is not written in Makefile
twice.
Signed-off-by: Karel Kočí <karel.koci@nic.cz>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit 75f2be7d50 &
resolved conflict)
e921ca0a Add further commonly used protocols to the protocol file.
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
(cherry picked from commit 5e140462e4)
Not all interfaces may have been allocated address at nlbwmon startup so
it may not collect statistics as expected/configured.
Add interface triggers to catch dhcp events and restart as required.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 662d3f16d2)
Even on a powerful platform a nlbwmon process'
activities are sometimes affecting throoughput and
latency. This is a backgroud process, that should not
be running with default priority.
Even if it is a little deplayed, that is not a worry in
this case. The routing should be the main priority,
bandwidth stats collection can wait a bit.
Tested on Netgear R7800
Signed-off-by: Marc Benoit <marcb62185@gmail.com>
(cherry picked from commit 9b3ecbd64a)
