gitweb is missing a dependencies on perlbase-filetest and
perlbase-storable. It fails to start without these packages.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
This replaces the use of uci_validate_section() with
uci_load_validate(), which removes the need to declare local variables
for every config option.
This also corrects a variable name typo ("proxy" instead of
"proxy_host").
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This replaces the use of uci_validate_section() with
uci_load_validate(), which removes the need to declare local variables
for every config option.
This also removes some unnecessary curly brackets.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Since the functions in procd.sh invoke "initscript" variable which is
not defined when imported procd.sh from hotplug scripts. And this
results in error when calling basename utility.
Sun Jan 20 12:34:50 2019 daemon.debug dnsmasq-script[15340]: BusyBox v1.28.4 () multi-call binary.
Sun Jan 20 12:34:50 2019 daemon.debug dnsmasq-script[15340]:
Sun Jan 20 12:34:50 2019 daemon.debug dnsmasq-script[15340]: Usage: basename FILE [SUFFIX]
Sun Jan 20 12:34:50 2019 daemon.debug dnsmasq-script[15340]:
Sun Jan 20 12:34:50 2019 daemon.debug dnsmasq-script[15340]: Strip directory path and .SUFFIX from FILE
Sun Jan 20 12:34:50 2019 user.notice nft-qos-monitor: ACTION=update, MACADDR=xxxxxx, IPADDR=192.168.11.109, HOSTNAME=Honor_Play
Sun Jan 20 12:34:50 2019 daemon.info dnsmasq[15340]: 250 192.168.11.109/60566 reply www.google.com is 216.58.215.68
Sun Jan 20 12:34:50 2019 daemon.info dnsmasq[15340]: 251 192.168.11.109/43456 reply mtalk.google.com is <CNAME>
Sun Jan 20 12:34:50 2019 daemon.info dnsmasq[15340]: 251 192.168.11.109/43456 reply mobile-gtalk.l.google.com is 173.194.222.188
Sun Jan 20 12:34:50 2019 daemon.debug dnsmasq-script[15340]: BusyBox v1.28.4 () multi-call binary.
Sun Jan 20 12:34:50 2019 daemon.debug dnsmasq-script[15340]:
Sun Jan 20 12:34:50 2019 daemon.debug dnsmasq-script[15340]: Usage: basename FILE [SUFFIX]
Sun Jan 20 12:34:50 2019 daemon.debug dnsmasq-script[15340]:
Sun Jan 20 12:34:50 2019 daemon.debug dnsmasq-script[15340]: Strip directory path and .SUFFIX from FILE
Sun Jan 20 12:34:51 2019 daemon.debug dnsmasq-script[15340]: BusyBox v1.28.4 () multi-call binary.
Sun Jan 20 12:34:51 2019 daemon.debug dnsmasq-script[15340]:
Sun Jan 20 12:34:51 2019 daemon.debug dnsmasq-script[15340]: Usage: basename FILE [SUFFIX]
Sun Jan 20 12:34:51 2019 daemon.debug dnsmasq-script[15340]:
Sun Jan 20 12:34:51 2019 daemon.debug dnsmasq-script[15340]: Strip directory path and .SUFFIX from FILE
Sun Jan 20 12:34:51 2019 user.notice nft-qos-dynamic: ACTION=update, MACADDR=xxxxxx, IPADDR=192.168.11.109, HOSTNAME=Honor_Play
Signed-off-by: Rosy Song <rosysong@rosinson.com>
- Add new patches (see https://www.haproxy.org/bugs/bugs-1.8.17.html)
- Raise PKG_RELEASE to 2
- Prefix patches with 3-digit numbers instead of 4-digit numbers
Signed-off-by: Christian Lachner <gladiac@gmail.com>
This replaces the use of uci_validate_section() with
uci_load_validate(), which removes the need to declare local variables
for every config option.
This also lets procd trigger the validation function directly, and
removes some unnecessary curly brackets.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
The reworked init script:
* Loads and validates options using uci_validate_section() (through
uci_load_validate())
* Allows service options be specified in the globals section
* Hard-codes less global options (debug, syslog), as their default
values already work
* Adds support for almost all options (up to the current package
version, 5.49)
* Moves the pid file into a subdirectory (/var/run/stunnel) so that it
can be created successfully when setuid is used
Certain options are omitted:
* chroot - requires more setup than the init script can manage
* fips, libwrap - disabled at compile-time
* iconActive, iconError, iconIdle, taskbar - gui/win32 only
* verify - obsolete, verifyChain and/or verifyPeer should be used
instead
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Current dropbear is sufficient for gitolite purposes, so don't
require openssh (we don't do a dependency on either dropbear or
openssh as they are not yet drop-in replacements in terms of
packaging for the functions shared between them). To achieve
tihs we also eliminate the dependency on ssh-keygen. Previously
gitolite used ssh-keygen to generate fingerprints from OpenSSH
keys to ensure non-duplication of keys when processing them to
create / manage user ssh access to the git repositories.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
The previous solution was incorrect. The issue was that the macro was not
defined as the header defining it was not included. GCC warns if -Wunder
is passed and does not error by default, leading to the confusion.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Add a forgotten patch which was part of the original PR to switch ct tools
to libtirpc.
Fixes: ecebe0ed1 ("conntrack-tools: update to 1.4.5 and link against libtirpc")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
In order to allow for the switch from librpc to libtirpc, we need to
relocate the conntrack-tools package here.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Small but important tweaks to fix the operation of the nut initscripts
and hotplug scripts. All hail shellcheck and proofreading and
dogfooding.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
This upstream release adds support for trust_anchors_backoff_time
configuration parameter. UCI support has been added for this.
This commit also includes a number of clean-ups:
o change START=50 to START=30 in init file
Starting earlier in the boot means less chance of missing interface
trigger events. See: https://github.com/openwrt/packages/pull/4675
o remove unused variables from init file
o separate local declarations and assignments in init file
o add defensive quoting in init file
o use default values for procd respawn in init file
o make use of {} in variables consistent in init file
o remove unused variable from init file
Signed-off-by: Jonathan G. Underwood <jonathan.underwood@gmail.com>
* the DNS Report now displays the hostname, MAC-Address or
client IP (CLI & LuCI)
* Filter the DNS Query result set for a particular domain, client or
time frame (CLI & LuCI)
* remove needless XHR.Poll-Events from Reporting page in LuCI
* remove needless 'force sort' option in LuCI
Signed-off-by: Dirk Brenken <dev@brenken.org>
The configure script uses a deprecated function to check for libssl. I tried patching configure.ac
and adding PKG_FIXUP:=autoreconf but that causes a different error. This is the simplest fix.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
lighttpd-mod-auth has to be installed with lighttpd-mod-authn_file,
otherwise an error will appear even when auth.backend is not "plain".
(plugin.c.229) dlopen() failed for: /usr/lib/lighttpd/mod_authn_file.so Error loading shared library /usr/lib/lighttpd/mod_authn_file.so: No such file or directory
Signed-off-by: David Yang <mmyangfl@gmail.com>
Since 4.9.3, Samba AD-DC with MIT Kerberos will refuse to build unless
--with-experimental-mit-ad-dc is provided to the configure command.
The mandatory requirement was introduced in response to a report that
a user in a Samba AD domain can crash the KDC when Samba is built in
the non-default MIT Kerberos configuration:
https://www.samba.org/samba/security/CVE-2018-16853.html
This requirement was introduced in Samba commit
c5370a4349d381ba3b64b063dc28a2c54cfacdfc.
Signed-off-by: Val Kulkov <val.kulkov@gmail.com>
* fix launcher.sh installation for client, bridge
* link libreadline as static for host helper (hamcorebuilder)
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* enhance the query function to search in adblock backups as well,
to get back the set of blocking lists sources for a certain domain
* add "Latest DNS Queries" report to commandline version as well
(already in LuCI)
* made the tld compression (the error handling) more robust,
remove the needless 'adb_forcesrt' option
* removed abandoned 'feodo' list source
* updated readme
Signed-off-by: Dirk Brenken <dev@brenken.org>
Radicale 2.x adds support for many new clients,
bug-fixes, etc so add v2 of this application.
We do it as a separate package for those not
ready to switch (it's not an straight inplace
upgrade from 1.x).
We do however CONFLICT with 1.x as they can't
be run side-by-side on the same host (without
containers for somesuch).
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
This is not supported by letsencrypt, so issuing the certificate will fail.
Instead, add 3072 bits as an intermediate option.
Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
As pointed out by @andersk, acme.sh already supports ECC certificates, and
they can be set manually in the uci file, just not in Luci. Fix this by
changing the key size selector into a listbox, and adding ECC certs as
options.
Fixes#7825.
Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
Under certain circumstances nutshutdown was causing a forced
shutdown of the UPS even though killpower was not indicated.
Prevent that. Also clarify the logic for powering off server
by avoiding && || chains.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
Fix a crashloop under procd when attempting to bind
to any address when no interfaces are yet available.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
It hasn't been maintained for years and doesn't have recent features such as AEAD crypto and IPv6.
(The "recent" update is fix compilation without deprecated OpenSSL APIs, which is made by Rosen Penev)
It has been superseded by shadowsocks-libev, which is recently maintained by community and has LuCI frontend.
Despite its smaller size, it depends on OpenSSL, which is way larger than MbedTLS, the one shadowsocks-libev used. Thus, it doesn't really fit in space-constrained devices.
Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
The configure script checks for the existence of OpenSSL by checking a
deprecated function. This works around it. The other changes have been done
previously
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Now that the library has been updated, we can also update this.
Switched to codeload as we don't need the submodule anymore.
Various other Makefile consistency updates.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
* add automatic blocklist backup & restore, they will be used
in case of download errors or during startup in backup mode
* add a 'backup mode' to re-use blocklist backups during startup,
get fresh lists via reload or restart action
* procd interface trigger now supports multiple WAN interfaces
* change URL for abuse.ch/feodo list source in default config
* small fixes
* update readme
Signed-off-by: Dirk Brenken <dev@brenken.org>
This package install both server client and bridge app... This is useless if someone needs to run only the server on the device. Split the package in 3 subpackage and a base package that contains file needed by all 3. This also upgrade the package to latest release to fix some bug and memory leak.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
Update to 1.15.8. Also use HTTPS
PKG_VERSION (nginx version) in 3rd-party modules tarball filename is dispensable and can be dropped to avoid unnecessary downloading
Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
