* allows building as mips16 (fixes broken mips16/32 mixed static linking)
* add some static link related flags to reduce target binary size
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
(cherry-picked from a558b20944)
On GCC9, it throws a Wformat-nonliteral error. Unfortunately, there's no
easy was to fix it as it is fortify-headers where the warning ultimately
comes from.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from abdec8939e)
* rename smbd->ksmbd (upstream name change)
* ksmbd-tools: build with static glib2 (usmbd = ~90kb, smbuseradd = ~40kb)
* new etc folder location = /etc/ksmbd/smb.conf
* new database name = /etc/ksmbd/ksmbdpwd.db
* fixes "map to guest = Bad User" while userdb is also used
* fixes missing ipv6 support
* update/rename to "luci-app-ksmbd"
* remove UCI samba compatibility code for section names (ksmbd uses [share] + [globals] not [sambashare] + [global])
* ksmbd: release 3.1.1 version
* ksmbd: does not work if ipv6 module is not loaded or compiled in
* ksmbd: capsule ifdef CONFIG_SMB_INSECURE_SERVER with smb1 codes
* ksmbd: release 3.1.0 version
* ksmbd: fix over 80 character warnings
* ksmbd: rename smbd-tools to ksmbd-tools in travis.yml
* ksmbd: fix password db file location in travis.yml
* ksmbd: rename smbd prefix function to ksmbd
* ksmbd: rename smbd prefix source files to ksmbd
* Revert "smbd: set connection status with SMBD_SESS_EXITING instead of direct destory"
* ksmbd: rename smbd to ksmbd in .travis.yml
* smbd: rename module name to ksmbd.ko
* smbd: set connection status with SMBD_SESS_EXITING instead of direct destory
* smbd: previous session with same user and same password should be deleted
* smbd: only use global session table in smb2 session
* smbd: add support for ipv6
* smbd: fix empty macro issue from smbd_debug
* cifsd: fix printing of file names in find_next
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
Latest stable release, contains security fixes for EAP-PWD (side-channel leak), logrotate settings (CVE-2019-10143) and a DoS issue due to multithreaded BN_CTX access (CVE-2019-17185).
Also refreshed patches/002-disable-session-cache-CVE-2017-9148.patch due to the following changes/commits in freeradius:
bf1a1eda23a3c46544b3
Signed-off-by: Robby K <robbyke@gmail.com>
This allows custom config parameters to be added to the generated config
files, enabling the original intended functionality per
https://openwrt.org/docs/guide-user/services/ups/software.nut.
Example usage from /etc/config/nut_server:
config driver 'apc'
option driver 'snmp-ups'
option snmp_version 'v3'
option port '172.16.100.5'
list other 'secLevel'
list other 'secName'
list other 'authPassword'
list otherflag 'notransferoids'
config other 'other_secLevel'
option value 'authNoPriv'
config other 'other_secName'
option value 'some_username'
config other 'other_authPassword'
option value 'some_password'
config other 'otherflag_notransferoids'
option value '1'
Signed-off-by: Matt Merhar <mattmerhar@protonmail.com>
(cherry-picked from 0b04dd34a0)
Replaces OpenWrt patch with upstream patch. Also removes
0002-Fix-check-for-empty-string.patch as this is included in upstream
OpenSSL 1.1.0 patch.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
(cherry-picked from 7d4f1b8589)
This commit makes
- the libgd dependency (as well as specifying libs and includes)
- the configure argument "--with-cgi"
dependant on whether the package nut-web-cgi is selected.
nut-web-cgi is also added to PKG_CONFIG_DEPENDS.
Resolves: #10641
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
(cherry-picked from cdd660a41d)
This version is up to 20% faster than 1.0.1.
Build without cryptouser information, which is not available in 19.07.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Use a fixed ENGINES_DIR location, instead of trying to read it from the
openssl Makefile.
It also fixes the zero-copy config option not being passed down to the
cmake options.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry-picked from 6a5f7920e9)
This is an alternate AF_ALG engine for openssl, based on the devcrypto
engine, but using the AF_ALG interface instead of /dev/crypto.
It is different than the AF_ALG engine that ships with OpenSSL:
- it uses sync calls, instead of async
- it suports more algorithms
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 0e0bd6da4b)
This version adds a new RegSet API, and fixes the following:
- CVE-2019-19012
- CVE-2019-19203
- CVE-2019-19204
- CVE-2019-19246
- some problems (found by libFuzzer test)
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry-picked from 94895ec818)
This fixes how GOARM is selected for arm platforms, based on support for
VFP/VFPv3 rather than CPU version.
Fixes#10967.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
