Use gettext-version PKG_FIXUP to install up-to-date gettext
infrastructure. autoreconf is still run implicitely as well.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Source homepage has changed, and sources are updated to version 1.1.1
released 25 August 2015.
Patch adjtimex still applies.
Changes in version 1.1.1:
- Fixed out of bound issue and a missing null-terminated string (thanks
to Tobias Stöckmann)
Signed-off-by: Tijs Van Buggenhout <tvbuggen@netzerk.be>
- [PATCH 05/13] BUG/MINOR: http/sample: gmtime/localtime can fail
- [PATCH 06/13] DOC: typo in 'redirect', 302 code meaning
- [PATCH 07/13] DOC: mention that %ms is left-padded with zeroes.
- [PATCH 08/13] CLEANUP: .gitignore: ignore more test files
- [PATCH 09/13] CLEANUP: .gitignore: finally ignore everything but what
- [PATCH 10/13] MEDIUM: config: emit a warning on a frontend without
- [PATCH 11/13] BUG/MEDIUM: counters: ensure that src_{inc,clr}_gpc0
- [PATCH 12/13] DOC: ssl: missing LF
- [PATCH 13/13] DOC: fix example of http-request using
Signed-off-by: heil <heil@terminal-consulting.de>
Adds init.d and config files for nbd-client. Each section holds
parameters of one block device, where section name (eg. nbd0) is NBD
device name.
Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
Network block device server allows to export a block device from router
to remote host. This is particularly useful if no network filesystem
server is feasible or direct access to a block device is needed.
It's been tested for nearly a month on ar71xx (TL-WR842ND) and proved to
be very stable and efficient solution.
The package comes with init.d script and conf.d file allowing to
configure most nbd-server options using standard uci interface.
Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
Makes kmod-ipsec6 requirement dependent on IPv6 support for packages.
This allows to disable unnecessary IPv6 kernel modules, saving
considerable amount of space.
Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
This brings IoTivity to version 0.9.2 in addition it does the following:
* split C and C++ Stack into two packages
* backport some patches which are adding missing dependencies to the shared libs
* remove patches merged upstream
* add some other patches fixing some problems, most of them are already merged upstream
* activate security and logging support
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@lantiq.com>
Enables bind to do ECDSA DNSSEC validation. Depends on OpenSSL support
for ECDSA. Increases size of bind-libs package by about 2kB.
Signed-off-by: Janusz Dziemidowicz <rraptorr@nails.eu.org>
Without this, produces an error :
<code>/etc/rc.common: line 1: contentscannertimeout:uinteger: not found
validation failed
/etc/rc.common: line 1: contentscannertimeout:uinteger: not found</code>
Signed-off-by: Julien Paquit julien@databeille.com
- Update copyright year.
- Add PKG_LICENSE:=GPL-2.0 from the Google Code project page.
- Add autoreconf as the PKG_FIXUP method.
- Add myself as the package maintainer.
- Add a patch to fix building with musl-libc.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
When only strongswan-minimal is selected, libtls.so will not be built
yet package strongswan will still try to copy the file causing build
failure.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Update vsftpd to 3.0.3 released in July 2015.
Changelog: https://security.appspot.com/vsftpd/Changelog.txt
Release blog: http://scarybeastsecurity.blogspot.fi/2015/07/vsftpd-303-released-and-horrors-of-ftp.html
- Increase VSFTP_AS_LIMIT to 200MB; various reports.
- Make the PWD response more RFC compliant; report from Barry Kelly
<barry@modeltwozero.com>.
- Remove the trailing period from EPSV response to work around BT Internet
issues; report from Tim Bishop <tdb@mirrorservice.org>.
- Fix syslog_enable issues vs. seccomp filtering. Report from Michal Vyskocil
<mvyskocil@suse.cz>. At least, syslogging seems to work on my Fedora now.
- Allow gettimeofday() in the seccomp sandbox. I can't repro failures, but I
probably have a different distro / libc / etc. and there are multiple reports.
- Some kernels support PR_SET_NO_NEW_PRIVS but not PR_SET_SECCOMP, so handle
this case gracefully. Report from Vasily Averin <vvs@odin.com>.
- List the TLS1.2 cipher AES128-GCM-SHA256 as first preference by default.
- Make some compile-time SSL defaults (such as correct client shutdown
handling) stricter.
- Disable Nagle algorithm during SSL data connection shutdown, to avoid 200ms
delays. From Tim Kosse <tim.kosse@filezilla-project.org>.
- Kill the FTP session if we see HTTP protocol commands, to avoid
cross-protocol attacks. A report from Jann Horn <jann@thejh.net>.
- Kill the FTP session if we see session re-use failure. A report from
Tim Kosse <tim.kosse@filezilla-project.org>.
(vsftpd-3.0.3pre1)
- Enable ECDHE, Tim Kosse <tim.kosse@filezilla-project.org>.
- Default cipher list is now just ECDHE-RSA-AES256-GCM-SHA384.
- Minor SSL logging improvements.
- Un-default tunable_strict_ssl_write_shutdown again. We still have
tunable_strict_ssl_read_eof defaulted now, which is the important one to prove
upload integrity.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Several patches here and pull requests at the upstream github project
page were merged into the devel branch. Switch to that until the next
stable release.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
This change aims to address the following 2 issues
- The control file was there yet xl2tpd process was not
- The control file's existence prevented xl2tpd from start
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
L2TP with xl2tpd has no proto_task in the context of netifd and because
of this there is no valid $ERROR to check for when doing tearing down.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
sqm-scripts and luci-app-sqm now live in the same Makefile and are built
from the upstream git repository, rather than having the files included
here.
Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
* 010_fix_getnameinfo.patch is no longer needed
* 011-cron-without-pthread-fix.patch added, fixes incorrect
ifdef when building without pthreads
Signed-off-by: Michael Haas <haas@computerlinguist.org>
Fixes regression already fixed in oldpackages commit
012eec3f60a24db1a568d64868a48ea95aedcc87
but re-introduced in commit 6636e13f2ab8992d4eb03a48919ae9ae8da98cee.
This patch also enables IPv6 support.
Signed-off-by: Ondřej Caletka <ondrej@caletka.cz>
being based on curl 0.70.0 gnurl is affected by
CVE-2015-3144
CVE-2015-3145
CVE-2015-3153
CVE-2015-3236
Import patches from curl package to fix that.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* always re-create config-file when service is started
* use /lib/upgrade/keep.d instead of /etc/sysupgrade.conf sed'ery
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* add gnunet-vpn binary, it was missing
* clean-up -datastore, it contained files already packaged in -mysql
* remove gnunet-import-gns.sh from -utils, it can live in -gns
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
ntripcaster developer agency (http://igs.bkg.bund.de/) no longer provides sources for download.
Created a github repository to provide sources and allow contributions.
Fixed install location for configuration files.
Signed-off-by: Nuno Goncalves <nunojpg@gmail.com>
ntripserver developer agency http://igs.bkg.bund.de/ does not reliably provide a source mirror with version naming.
Created a github repository to provide sources and allow contributions.
Signed-off-by: Nuno Goncalves <nunojpg@gmail.com>
ntripclient developer agency http://igs.bkg.bund.de/ does not reliably provide a source mirror with version naming.
Created a github repository to provide sources and allow contributions.
Signed-off-by: Nuno Goncalves <nunojpg@gmail.com>
simple.qos had accidentally set up the egress shaper twice, once
with the true egress parameters and a second time using the ingress
parameters, effectively misconfiguring both directions. This bub
only affected situations where 3-tier ingress classification was
used.
Signed-off-by: Sebastian Moeller <moeller0@gmx.de>
sqm_logger tried tro wait indefinitely if passed an empty string.
This in turn makes sqm-scripts hang. Quoting the input argument in sqm_logger
seems to fix the problem.
Signed-off-by: Sebastian Moeller <moeller0@gmx.de>
The last batch of changes tried to teach the GUI to pass link layer
options to cake but forgot to actually call the function that parses
the GUI variables and used it as a string insteead. So this fixes that
it also tries to allow the use of the tc_stab link layer adjustment
method with cake so the implementations can be validated against each other
easily. Needs testing...
Signed-off-by: Sebastian Moeller <moeller0@gmx.de>
The cake traffic-shaper qdisc omne stop solution knows how to handle
link layer adjustments for ATM and can account for per packet overhead.
This commit adds cake as link layer adjustment mechanism in the GUI and
passes numerically specified overhead as well as the ATM linklayer
keywords on to cake. This change also passes the "advanced option strings"
from the Queue Discipline tab to cake. But as before no error checking.
This needs testing, as I have no working cake qdisc available so
caveat emptor...
Signed-off-by: Sebastian Moeller <moeller0@gmx.de>
Make clear that configuration options guarded by checkboxes are only
effective as long as those boxes are checked.
The sqm gui has giarded some advanced configuration options behind exposing
checkboxes, meaning these optiopn's values were only used as long
as those boxes were checked. This commit just improves the description of
the checkboxes to included this useage instruction...
Signed-off-by: Sebastian Moeller <moeller0@gmx.de>
The SQM gui has confused its users with an enable button, that only served to
selecively activate/de-activate sqm instances instead of controlling sqm's
initscript (which needs to be enabled so the sqm properly starts up after a reboot
and also for hotplug to work properly). luci-app-sqm will now enable sqm's
initscript when a single sqm instance get enabled. It also informs the user about
this fact in the top margin of the sqm page. Note sqm will not disable the
initscript behind the user's back if sqm instances get disabled.
While I would have prefered this notice to be more prominent an attentive user
should notice, and most users should not care anyway. This also increases the
package release number.
Signed-off-by: Sebastian Moeller <moeller0@gmx.de>
Backport upstream commit 3aefaf3 which allows sslh to be built without
libpcre support. This was brought about by the move to musl which
doesn't support the non-POSIX REG_STARTEND regexec eflag.
Fixes: #1506
Signed-off-by: Jonathan McCrohan <jmccrohan@gmail.com>
* fix two typos in Makefile
* package transports seperately
* enable all installed transports by default
* use logfile so we don't stdio-choke gnunet-service-arm
-> should use syslog instead...
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Fixed two issues in Chaos Calmer and trunk:
-troubleshooting page not displaying
-UCI arguments out of order because of switch to musl c library from uclibc
Signed-off-by: Aedan "arfett" Renner <chipdankly@gmail.com>
- BUILD/MINOR: tools: rename popcount to my_popcountl
- BUG/MAJOR: buffers: make the buffer_slow_realign() function respect output data
Signed-off-by: heil <heil@terminal-consulting.de>
IoTivity is a Internet of Things framework implementing the Open
Interconnect Consortium Specification.
The current version of IoTivity is still in heavy development and does
not support all its intended features, but I still want to add it to
the packages feed to make it easier for others to extend the OpenWrt
support.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@lantiq.com>
ZNC 1.6.0 now verifies SSL certificates on connect, and some Servers
do not use a valid one (e.g. freenode).
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
The current mtr does not build if IPv6 is disabled globally, add a patch to
fix the build in this case.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
- Add header tests for `error.h`, `sys/types.h` and `sys/select.h`
- Add function tests for `canonicalize_file_name()` and `fopencookie()`
- Add `compat.h` header to provide replacements for `error()`,
`error_at_line()` and `canonicalize_file_name()` as well as the
`_PATH_MOUNTED` and `_PATH_MNTTAB` defines
- Add missing includes for `sys/select.h` and `sys/types.h`
- Disable libneon debugging if no `fopencookie()` implementation is
available
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Add missing `sys/types.h` include to `strnstr()` replacement code in
`compat.c` in order to declare `ssize_t` type under musl.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Add missing `sys/types.h` include to `strnstr()` replacement code in
`compat.c` in order to declare `ssize_t` type under musl.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
If no explicit CA file is given, gnurl fails to setup HTTPS connections
as it doesn't looks for certificates in /etc/ssl/certs/ in any way.
Fix that by utilizing GnuTLS' gnutls_certificate_set_x509_system_trust
as a fall-back if neither CA file, CA path nor SRP is declared.
Reported upstream: https://github.com/bagder/curl/issues/330
Fix suggested upstream: https://github.com/bagder/curl/pull/331
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This patch enables support for validating ECDSA signatures, which
are being deployed more and more in DNSSEC.
Proper validating can be tested by observing the AD flag in following
query (courtesy of Olafur Gudmundsson, CloudFlare):
$ dig ds-4.alg-14-nsec.dnssec-test.org
Signed-off-by: Ondřej Caletka <ondrej@caletka.cz>
Released version 1.5.13 with the following main changes :
- BUG/MINOR: check: fix tcpcheck error message
- CLEANUP: deinit: remove codes for cleaning p->block_rules
- DOC: Update doc about weight, act and bck fields in the statistics
- MINOR: ssl: add a destructor to free allocated SSL ressources
- BUG/MEDIUM: ssl: fix tune.ssl.default-dh-param value being overwritten
- MEDIUM: ssl: replace standards DH groups with custom ones
- BUG/MINOR: debug: display (null) in place of "meth"
- BUG/MINOR: cfgparse: fix typo in 'option httplog' error message
- BUG/MEDIUM: cfgparse: segfault when userlist is misused
- BUG/MEDIUM: stats: properly initialize the scope before dumping stats
- BUG/MEDIUM: http: don't forward client shutdown without NOLINGER except for tunnels
- CLEANUP: checks: fix double usage of cur / current_step in tcp-checks
- BUG/MEDIUM: checks: do not dereference head of a tcp-check at the end
- CLEANUP: checks: simplify the loop processing of tcp-checks
- BUG/MAJOR: checks: always check for end of list before proceeding
- BUG/MEDIUM: checks: do not dereference a list as a tcpcheck struct
- BUG/MEDIUM: peers: apply a random reconnection timeout
- BUG/MINOR: ssl: fix smp_fetch_ssl_fc_session_id
- MEDIUM: init: don't stop proxies in parent process when exiting
- MINOR: peers: store the pointer to the signal handler
- MEDIUM: peers: unregister peers that were never started
- MEDIUM: config: propagate the table's process list to the peers sections
- MEDIUM: init: stop any peers section not bound to the correct process
- MEDIUM: config: validate that peers sections are bound to exactly one process
- MAJOR: peers: allow peers section to be used with nbproc > 1
- DOC: relax the peers restriction to single-process
- CLEANUP: config: fix misleading information in error message.
- MINOR: config: report the number of processes using a peers section in the error case
- BUG/MEDIUM: config: properly compute the default number of processes for a proxy
Signed-off-by: heil <heil@terminal-consulting.de>
The ntpd package ships autoconf macros which attempt to test for the C99
compliance of `snprintf()` and `vsnprintf()`.
Those macros unconditionally consider the functions not compliant in a cross
compile setting and therfore break all subsequent configure tests because
the `snprintf` and `vsnprintf` symbols are shadowed with `#define` directives
redirecting them to their respectiv gnulib replacements.
The fortify source headers in turn will `#undef` those defines when wrapping
the associated functions and therfore cause all `conftest` programs to emit
a failure.
Pass the required magic autoconf cache variables via `CONFIGURE_VARS` to let
`./configure` assume C99 compliance of the affected functions, thus fixing
the build.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Add missing `sys/select.h` include to `ntripclient.c` to provide
declarations for `struct timeval` and `fd_set` under musl.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
- Add `fcntl.h` to `nrhp/opennhrp.c` for `open()`, `O_WRONLY` etc.
- Add missing `sys/types.h` include to `nrhp/nrhp_common.h` to provide
required `u_int*_t` types under musl
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
The shadowsocks source uses the name `encrypt` which is already reserved by
the `unistd.h` header. Rename the local `encrypt` and `decrypt` functions to
`crypto_encrypt` and `crypto_decrypt` in order to prevent clashes with the
standard headers.
Fixes the following build error oberserved on the buildbot:
In file included from client.c:19:0:
crypto.h:18:5: error: conflicting types for 'encrypt'
int encrypt(int sockfd, struct link *ln);
^
In file included from .../staging_dir/toolchain-mipsel_mips32_gcc-4.8-linaro_musl-1.1.10/include/fortify/unistd.h:20:0,
from client.c:12:
.../staging_dir/toolchain-mipsel_mips32_gcc-4.8-linaro_musl-1.1.10/include/unistd.h:145:6: note: previous declaration of 'encrypt' was here
void encrypt(char *, int);
^
make[3]: *** [sslocal] Error 1
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
The configure script incorrectly mangles `CFLAGS` by attempting to remove
`-Werror` from it, thus turning `-Werror=format-security` into just
`=format-security` which will cause subsequent autoconf tests to fail.
Patch out the custom `CFLAGS` mangling to fix the build.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Change `sys/signal.h` include to just `signal.h`. The build otherwise fails
due to `-Werror` with the following message:
In file included from rfcnb-io.c:43:0:
.../staging_dir/toolchain-mipsel_mips32_gcc-4.8-linaro_musl-1.1.10/include/sys/signal.h:1:2: error: #warning redirecting incorrect #include <sys/signal.h> to <signal.h> [-Werror=cpp]
#warning redirecting incorrect #include <sys/signal.h> to <signal.h>
^
cc1: all warnings being treated as errors
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
- Ship a `net/ppp_defs.h` replacement header since musl does not provide one
but `pppd/pppd.h` provided by pppd is needing it.
- Add missing `sys/types.h` includes
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Replace the nonstandard `SIGCLD` signal name with the proper `SIGCHLD` spelling
as the `SIGCLD` alias is not provided by musl.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
fixed sed when filtering IP address from nslookup output
because "Server:" block might have multiple address lines.
Thanks to Arjen de Korte
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Prefer linux/if_ether.h over netinet/if_ether.h if available since the
musl libc if_ether.h header does not allow mixing with kernel headers,
it will result in a struct ethhdr redefinition error.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
- Include `sys/user.h` if `__WORDSIZE` is undefined
- Add `fcntl.h` to `libscc.c` in order to declare `loff_t`
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Let configure include `sys/if_tun.h` when testing for `netinet/if_ether.h`
to detect the Kernel/libc header conflict on musl.
After this patch, configure will correctly detect `netinet/if_ether.h` as
unusable and the subsequent compilation will not attempt to use it.
Fixes the following compatibility error:
In file included from .../staging_dir/toolchain-mips_mips32_gcc-4.8-linaro_musl-1.1.9/include/linux/if_tun.h:20:0,
from linux/device.c:24:
.../staging_dir/toolchain-mips_mips32_gcc-4.8-linaro_musl-1.1.9/include/linux/if_ether.h:137:8: error: redefinition of 'struct ethhdr'
struct ethhdr {
^
In file included from .../staging_dir/toolchain-mips_mips32_gcc-4.8-linaro_musl-1.1.9/include/net/ethernet.h:10:0,
from linux/../have.h:180,
from linux/../system.h:26,
from linux/device.c:21:
.../staging_dir/toolchain-mips_mips32_gcc-4.8-linaro_musl-1.1.9/include/netinet/if_ether.h:96:8: note: originally defined here
struct ethhdr {
^
make[5]: *** [linux/device.o] Error 1
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Switch the mtr package to the upstream `newdns` git branch.
This will fix compilation on Glibc, uClibc and musl without requiring
further patches.
Note that the base version of this branch is 0.85, not 0.86 so the
lower version number is intentional.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
- Avoid non-pointer use of `FILE` type since its just a forward declaration
- Build with -D_GNU_SOURCE to expose required `struct tcphdr` members
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
- Add missing `sys/ttydefaults.h` include to `config.c`
- Restrict usage of `error.h` to glibc and uclibc only
- Avoid including `linux/if_tun.h` on non-glibc/uclibc to prevent
musl kernel/libc header conflicts
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Pass HAVE_RLIM_T via TARGET_CPPFLAGS since configure uses that define
but never actually declares it.
Without doing that, `config.h` tries to declare `rlim_t` itself which
leads to `config.h:126:16: error: 'long long long' is too long for GCC`
with musl on at least x86_64.
Also refresh patches while we're at it.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
sqm-scripts for a long time interprets a "Down- or Upload speed" of zero as
an indication that the shaper should be disabled. Note that really shaping
an individual direction down o zero will make the link effectively dead
for tcp (think reverse ACK traffic). Son instead of allowing the user to
configure something broken, 0 was "over-loaded" to denote no shaping
since several years, but that information has not been documented visibly
to the users. This commit aims at fixing that oversight.
Signed-off-by: Sebastian Moeller <moeller0@gmx.de>
- Ship a net/ppp_defs.h replacement header since musl does not provide one
but pppd/pppd.h provided by pppd is needing it.
- Replace deprecated MSG_TRYHARD flag with the proper MSG_DONTROUTE one
- Unconditionally include string.h in bcrelay to avoid undeclared memset()
and strcpy() warnings.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Make vsftpd to compile with musl, while preserving uclibc compatibility.
When using musl:
* disable UTMPX functionality
* disable -lnsl option in upstream Makefile
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Add missing includes to libbridge.h to define struct timeval and the
required u_int*_t types under musl.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Do not include netinet/if_ether.h for musl to prevent struct ethhdr
redeclarations.
Also define NETDB_INTERNAL if needed to fix compilation of the network
backends.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
This fixes multiple issues like upload/download problems on seahub
and also makes it possible to use the new HTTP syncing feature
which doesn't work with libevhtp 1.2.10 at all.
That allows to restart transmission when it crashes, to limit
the memory used by it, as well as be jailed in the directories
it is supposed to access.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
- [PATCH 1/2] BUG/MEDIUM: stats: properly initialize the scope before
- [PATCH 2/2] BUG/MEDIUM: http: don't forward client shutdown without
- [PATCH 3/8] BUG/MINOR: check: fix tcpcheck error message
- [PATCH 4/8] CLEANUP: checks: fix double usage of cur / current_step
- [PATCH 5/8] BUG/MEDIUM: checks: do not dereference head of a
- [PATCH 6/8] CLEANUP: checks: simplify the loop processing of
- [PATCH 7/8] BUG/MAJOR: checks: always check for end of list before
- [PATCH 8/8] BUG/MEDIUM: checks: do not dereference a list as a
- [PATCH 09/10] BUG/MEDIUM: peers: apply a random reconnection timeout
- [PATCH 10/10] DOC: Update doc about weight, act and bck fields in the
- [PATCH 11/14] MINOR: ssl: add a destructor to free allocated SSL
- [PATCH 12/14] BUG/MEDIUM: ssl: fix tune.ssl.default-dh-param value
- [PATCH 13/14] BUG/MINOR: cfgparse: fix typo in 'option httplog' error
- [PATCH 14/14] BUG/MEDIUM: cfgparse: segfault when userlist is misused
Signed-off-by: heil <heil@terminal-consulting.de>
The previous commit left an unwanted string in the options passed
to xl2tpd-control. Remove that as well.
Also set procd respawn parameter now that I'm at it.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Overriding DEFAULT to 'n' prevents packages being build unless
explicitely selected even if ALL is set.
Instead, set 'DEFAULT:=y if PACKAGE_gnunet' for the default
packages and otherweise don't touch DEFAULT.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Directly call /usr/lib/gnunet/libexec/gnunet-service-arm instead
of /usr/bin/gnunet-arm, so it remains attached to procd.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
gnurl's README states quite excatly which CONFIGURE_ARGS to pass,
so disable lots of unneeded stuff.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The autoconf issue when detecting libmicrohttpd was fixed upstream in
SVN revision 35845. Use that and remove the dirty work-around.
See also:
https://gnunet.org/bugs/view.php?id=3805#c9201
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This is definitely one of the ugliest things I ever got my
hands on. If it even did the job properly, but no, it tries
to install it's headers in /usr/include/curl collidings with
actual curl's headers. Fixed that by installing them into
/usr/include/gnurl instead. Now gnunet can use gnurl.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The single 'gnunet' package built should be further split up,
meta-packages for common use-cases should be added.
However, it's not too big to run on devices with 8MB of flash or more,
even in the current monolithic package.
Integration with procd and netifd is not yet implemented.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Building nfs-kernel-server with --enable-ipv6 requires not yet packaged
libtirpc, therfore unconditionally disable IPv6 support again for now.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
With upstream commit
https://git.kernel.org/cgit/network/ethtool/ethtool.git/commit/?id=875616dfcbe57ea0f639a20d85fcbad2172ad744
there is now an option to produce a smaller ethtool build which will
disable pretty printing (Ethernet drivers, SFP diagnostics...) for
platforms that do not need it.
Hook a menu configuration option to control that option. Build size
differences on ar71xx:
With:
-rw-r--r-- 1 florian florian 79K mai 23 10:43
bin/ar71xx/packages/packages/ethtool_3.18-1_ar71xx.ipk
Without:
-rw-r--r-- 1 florian florian 23K mai 23 10:43
bin/ar71xx/packages/packages/ethtool_3.18-1_ar71xx.ipk
Signed-off-by: Florian Fainelli <florian@openwrt.org>
* add a patch to fix a null pointer dereference in src/racoon/gssapi.c (CVE-2015-4047)
* refresh patches
* bumb release number
Signed-off-by: Nicolas Thill <nico@openwrt.org>
- Use netifd no_proto_task for notifying that xl2tpd does not have a
protocol task running.
- Use procd for xl2tpd service management.
- Refreshed 2xx patches to
- Prevent leftover regular type control result file.
- Allow xl2tpd run as foreground process while logging via syslog.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
- bumped version
- removed dependency on `ip` package as routes are setup by netifd
if iproute2 is actually required, please depend on
`@(PACKAGE_ip||PACKAGE_ip-full)` instead of `ip`
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
gcc complains about atexit() being implicitely defined in
xl2tpd-control.c
Fix that by including stdlib.h in xl2tpd-control.c
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Yousong Zhou <yszhou4tech@gmail.com> made a couple of useful fixes
mostly for the xl2tpd-control tool which was broken.
imported them (patches/2*) here.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* fix Makefile to force compression of tld_names.dat reported in OpenWrt Ticket 19597
* change default of retry_count to "0" (retry endless) suggested by Henning Schild
* updated tld_names.dat include changes until 07.05.2015
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
It used to require 1+ IPv4 addresses to start on Linux. Now it starts
up with 0 addresses (of any type), as netlink can provide us more
later. This way, no stupid restart loop with procd if it is racing
with netifd at startup.
Signed-off-by: Steven Barth <steven@midlink.org>
[RELEASE] Released version 1.5.12
Released version 1.5.12 with the following main changes :
- BUG/MINOR: ssl: Display correct filename in error message
- DOC: Fix L4TOUT typo in documentation
- BUG/MEDIUM: Do not consider an agent check as failed on L7 error
- BUG/MINOR: pattern: error message missing
- BUG/MEDIUM: pattern: some entries are not deleted with case insensitive match
- BUG/MEDIUM: buffer: one byte miss in buffer free space check
- BUG/MAJOR: http: don't read past buffer's end in http_replace_value
- BUG/MEDIUM: http: the function "(req|res)-replace-value" doesn't respect the HTTP syntax
- BUG/MEDIUM: peers: correctly configure the client timeout
- BUG/MINOR: compression: consider the expansion factor in init
- BUG/MEDIUM: http: hdr_cnt would not count any header when called without name
- BUG/MEDIUM: listener: don't report an error when resuming unbound listeners
- BUG/MEDIUM: init: don't limit cpu-map to the first 32 processes only
- BUG/MEDIUM: stream-int: always reset si->ops when si->end is nullified
- BUG/MEDIUM: http: remove content-length from chunked messages
- DOC: http: update the comments about the rules for determining transfer-length
- BUG/MEDIUM: http: do not restrict parsing of transfer-encoding to HTTP/1.1
- BUG/MEDIUM: http: incorrect transfer-coding in the request is a bad request
- BUG/MEDIUM: http: remove content-length form responses with bad transfer-encoding
- MEDIUM: http: restrict the HTTP version token to 1 digit as per RFC7230
- MEDIUM: http: add option-ignore-probes to get rid of the floods of 408
- BUG/MINOR: config: clear proxy->table.peers.p for disabled proxies
- MINOR: stick-table: don't attach to peers in stopped state
- MEDIUM: config: initialize stick-tables after peers, not before
- MEDIUM: peers: add the ability to disable a peers section
- DOC: document option http-ignore-probes
- DOC: fix the comments about the meaning of msg->sol in HTTP
- BUG/MEDIUM: http: wait for the exact amount of body bytes in wait_for_request_body
- BUG/MAJOR: http: prevent risk of reading past end with balance url_param
- DOC: update the doc on the proxy protocol
Signed-off-by: heil <heil@terminal-consulting.de>
seccomp is only supported on x86, amd64 and arm in tor.
This deactivated it currently completely which should close#935,
#1097, #1147 and #1161.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This adds a patch for ser2net, so that ser2net can be configured
to flash leds on serial traffic. This could -for example- be used
to have an activity indicator, like netdev trigger.
Internally, the linux kernel's 'transient' led trigger is used.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Updated the package to the latest upstream version.
Removed a patch that was merged upstream.
Bumped copyright notice to 2015.
Signed-off-by: Martin Rowe <martin.p.rowe@gmail.com>
This commit brings back Wifidog from the oldpackages
repository.
Changes:
* Wifidog version 1.2.1
* Add wifidog-tls package
* Init script uses procd
Signed-off-by: Michael Haas <haas@computerlinguist.org>
Inspired by OpenWrt Ticket System Ticket 9119
Python3 package currently marked as @BROKEN because no time for testing.
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
As Hnyman noted in https://github.com/dtaht/ceropackages-3.10/issues/13
we carry a few unnecessary dependecies in sqm-scripts, so remove one of
them (iptables-mod-filter) as we neither use it nor plan to use it.
Signed-off-by: Sebastian Moeller <moeller0@gmx.de>
- update to latest version (v1.0.16)
- add license info
- add myself as maintainer
- install dev files the proper way in Build/InstallDev
- rename sctp package to libsctp
- add an sctp-tools package and an sctp transitional meta package
Signed-off-by: Nicolas Thill <nico@openwrt.org>
- [PATCH 3/9] BUG/MEDIUM: Do not consider an agent check as failed on
- [PATCH 4/9] BUG/MEDIUM: peers: correctly configure the client timeout
- [PATCH 5/9] BUG/MEDIUM: buffer: one byte miss in buffer free space
- [PATCH 6/9] BUG/MAJOR: http: don't read past buffer's end in
- [PATCH 7/9] BUG/MEDIUM: http: the function "(req|res)-replace-value"
- [PATCH 8/9] BUG/MINOR: compression: consider the expansion factor in
- [PATCH 9/9] BUG/MEDIUM: http: hdr_cnt would not count any header when
Signed-off-by: heil <heil@terminal-consulting.de>
* fix problem with lucihelper script reported in OpenWrt Ticket 19419
* rewritten split_FQDN fixing detection errors and using zcat
* updated tld_names.dat and .gz compressed to save space
* add LoopiaDNS (loopia.se) to services_ipv6
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Alarm Pinger (apinger) is a little tool which monitors various IP devices by
simple ICMP echo requests. There are various other tools, that can do this,
but most of them are shell or perl scripts, spawning many processes, thus much
CPU-expensive, especially when one wants continuous monitoring and fast
response on target failure.
Signed-off-by: Alex Samorukov <samm@os2.kiev.ua>
Some VPN servers might be configured in a way that a CSD wrapper script
is mandatory to complete the authentication process, allow that to be
specified for openconnect.
Signed-off-by: Florian Fainelli <florian@openwrt.org>
Some servers might be implementing ACLs based on the value specified by
openconnect for "os", allow that to be configured.
Signed-off-by: Florian Fainelli <florian@openwrt.org>
- Ensure only valid UTF-8 is passed to libidn. It was found
(CVE-2015-2059) that libidn can read beyond the boundaries of the
provided buffer when an input string contains invalid UTF-8 sequences.
Signed-off-by: Thomas Heil <heil@terminal-consulting.de>
This patch removes some autoconf goo which is causing bind to use the host's ar
instead the ar from the toolchain. If they're both elf platforms this is fine,
but it's no good if host is darwin.
Signed-off-by: Lawrence D'Anna <larry@elder-gods.org>
The initial conversion to restart sqm on interfaces it is configured
for in case of (transient) dis- and reappearance was half finished.
These changes clean up the handling of exlicitly passed interfaces
in run.sh: no second argument defaults to all configured interfaces
the alternative is an individual interface name passed as 2nd
argument to run.sh. The first argument either is start or stop.
No argument at all will behave as if start was passed.
Survives light testing...
Signed-off-by: Sebastian Moeller <moeller0@gmx.de>
Alan Jenkins noted a bug in the smq luci GUI that effectively
erased several configuration paramters if two checkboxes were deselected.
This behaviour seems consistent in luci but certainly has the potential
to confuse users. While confusion can not really be avoided generally
it seems wise to change the default interpretation for empty or non-existent
itarget and etarget variables from the qdisc's default (5ms in the case of
one of the codels) to automatic determination of tghis variable dependent on
the configured bandwidth, as codels target variable should be large enough
to contain at least one full packet. With this change sqm-scripts will
do the right thing by default, but will yet allow the user to specify
over-ridding values (as long as the user does not un-check the
entry-field exposing check boxes). Survives light testing...
This change set also changes the sqm-scripts luci gui to note the user
of the change. For compatibility with existing setups sqm-scripts
will still honor "auto" as an alternative explicit way of requesting
automatic target selection. This might turn into a warning in the future
and might be phased out...
Signed-off-by: Sebastian Moeller <moeller0@gmx.de>
Package ethtool is missing dependencies for the following libraries:
libssp.so.0
Makefile:45: recipe for target '/home/zero/development/openwrt/bin/ar71xx/packages/packages/ethtool_3.18-1_ar71xx.ipk' failed
Signed-off-by: Rick Farina (Zero_Chaos) <zerochaos@gentoo.org>
From: Michael Haas <haas@computerlinguist.org>
* init script no longer creates certificates (consider client mode as use
case)
* patches/010_fix_getnameinfo.patch: Fix getnameinfo signature
* patches/011_disable_ssp_linking.patch: Disable -fstack-protector as it
is not always available in OpenWRT
* old patches (in oldpackages) no longer necessary
* remove libwrap dependency
* remove libpthread dependency
* respect CONFIG_IPV6
* init script uses procd
* sample stunnel.conf runs in client mode - prevents start failure,
does not require cert
Possible enhancement: automatically generate certificate as done in
uhttpd. However, as client mode is a possible use case, I'd rather not.
Additionally, stunnel may use several certs with user-defined locations
and we can't easily set a cert location via command-line args.
The package is based on
https://sites.google.com/site/twisteroidambassador/openwrt/stunnel
Signed-off-by: Michael Haas <haas@computerlinguist.org>
This patch add a new package, git-http, that contains all
http related commands (and ftp as extra). All http/ftp
depends on libcurl. Even without SSL suport in libcurl,
git compiles and it returns an informative error only
at runtime.
The use of symlinks now are trigged using NO_INSTALL_HARDLINKS env
and not based only on Makefile patch.
imap-send was kept builtin and idependent of curl (just as it was
before)
Template files, which are not necessary, where removed.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Previously, ./configure was running checking local system and not
OpenWRT target. This would avoid any configure test about OpenWRT
libraries.
With a patch in configure, non cross-compiling-friend test are
ignored and Makefile can use default configure.
As side effect, git commands are now at /usr/lib/git-core and not
/usr/libexec/git-core.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
- use https URL for fetching sources from GitHub, otherwise cloning
sources could stall buildbots by asking to accept a/the SSH host key
- do not _depend_ on DEPENDS but _select_ them, so the package(s) always
appear in menuconfig, not only when all dependencies are already
selected --> dependencies are automatically pulled in when package
is selected by user
- use PKG_INSTALL
- factor out the libeibclient library as own package
- use CONFIGURE_ARGS instead of dedicated Build/Configure
- same for TARGET_CFLAGS and Build/Compile
- do not include /etc/functions, already included by /etc/rc.common
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
During system start up pppoe devices seem to receice ifup events before
the interface actually exists. This commit makes sqm's run.sh script
test whether the sys files for an interface exist before actually trying
to start an SQM instance on an interface. This seems to nicely avoid
starting on an not fully established pppoe interface and avoids a number
of error messages during startup.
In addition, debug logging is disabled.
Signed-off-by: Sebastian Moeller <moeller0@gmx.de>
fix build errors on Arch Linux/Fedora 20
config.log trying to link with /usr/lib/libcrypt.so
/usr/lib/libcrypt.so: undefined reference to `memset@GLIBC_2.2.5'
linkage is AC_LIB_HAVE_LINKFLAGS macro behaviour
see http://marc.info/?l=gnulib-bug&m=129660262901148
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
config.log reports
WARNING: uuid support disabled as libblkid is too old
because the test macro AC_BLKID_VERS is not cross compile friendly
resulting in libblkid_cv_is_recent=unknown
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
Some interfaces like wan-pppoe go away, when the ppp connection is lost
and get recreated once the link is established again. SQM now
has its own hotplug script to re-enable itself on the interfae just hotplugged.
SQM will not touch other instances of itself running on other interfaces
if called by hotplug.d. The implementation now allows this functionality by
calling run.sh like:
/usr/lib/sqm/run.sh interface YOUR_INTERFACE_NAME_HERE
e.g.: /usr/lib/sqm/run.sh interface ge00-pppoe
If called with a specific interface SQM will only try to disable itself
on that interface to clean up all left over state and the re-enable
itself on just that interface. Hopefully that allows for better service
with instable interfaces like pppoe. The current code passes a simple manual
stop start test of the ge00-pppoe interface from the GUI and does seem
to do the right thing, at least on cerowrt 3.10.50-1...
The cross-compiling patch is no longer necessary. Also added librt as a
dependency, since it is required. This also fixes an issue where
support for linux/errqueue.h was not being detected correctly and
causing a build failure with 3.18.
Signed-off-by: John Szakmeister <john@szakmeister.net>
* new service "bind-nsupdate" using nsupdate to directly updates a PowerDNS or Bind server via nsupdate.
suggested by Jan Riechers (Pull #957) many thanks!
* updated tld-names.dat
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Patch suggested from upstream. Bumping release and including the patch
directly until a point release is available.
Signed-off-by: Karl Palsson <karlp@remake.is>
Redsocks is a daemon running on the local system, that will transparently
tunnel any TCP connection via a remote SOCKS4, SOCKS5 or HTTP proxy server. It
uses the system firewall's redirection facility to intercept TCP connections,
thus the redirection is system-wide, with fine-grained control, and does
not depend on LD_PRELOAD libraries.
Signed-off-by: Johannes Morgenroth <jm@m-network.de>
Support more options that came with mosquitto 1.4
Use more built in functions to make script simpler to read and easier to
extend.
Signed-off-by: Karl Palsson <karlp@remake.is>
Of particular note, this adds optional support for websockets. This
defaults to enabled, as it's the biggest new feature in this release.
A config item is provided to disable it for manual use.
Full release notes: http://mosquitto.org/2015/02/version-1-4-released/
This also remove some build workarounds that are no longer required for
newer versions of mosquitto.
Signed-off-by: Karl Palsson <karlp@remake.is>
When an ifindex for an interface changes, some monitoring tools can no
longer find the interface and send alerts. Monitor all network
interfaces via the procd netdev parameter, so that
/etc/init.d/snmpd reload will restart snmpd if any ifindex changed.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
- Refactor RUN_C into CONFIGFILE, as used in dnsmasq and igmpproxy init
scripts.
- Add a newline after each function definition.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* remove upgrade handling for version 3.0.21 or older packages. Also fix#726
* added user.action, user.filter and user.trust files to conffiles (might be modified by user on running system)
* move permission setting from Makefile (install) to initscript because permissions are overwritten during/inside buildroot
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- BUG/MEDIUM: backend: correctly detect the domain when use_domain_only is used
- MINOR: ssl: load certificates in alphabetical order
- BUG/MINOR: checks: prevent http keep-alive with http-check expect
- BUG/MEDIUM: Do not set agent health to zero if server is disabled in config
- MEDIUM/BUG: Only explicitly report "DOWN (agent)" if the agent health is zero
- BUG/MINOR: stats:Fix incorrect printf type.
- DOC: add missing entry for log-format and clarify the text
- BUG/MEDIUM: http: fix header removal when previous header ends with pure LF
- BUG/MEDIUM: channel: fix possible integer overflow on reserved size computation
- BUG/MINOR: channel: compare to_forward with buf->i, not buf->size
- MINOR: channel: add channel_in_transit()
- MEDIUM: channel: make buffer_reserved() use channel_in_transit()
- MEDIUM: channel: make bi_avail() use channel_in_transit()
- BUG/MEDIUM: channel: don't schedule data in transit for leaving until connected
- BUG/MAJOR: log: don't try to emit a log if no logger is set
- BUG/MINOR: args: add missing entry for ARGT_MAP in arg_type_names
- BUG/MEDIUM: http: make http-request set-header compute the string before removal
- BUG/MINOR: http: fix incorrect header value offset in replace-hdr/replace-value
- BUG/MINOR: http: abort request processing on filter failure
- BUG/MINOR: pattern: error message missing
- BUG/MEDIUM: pattern: some entries are not deleted with case insensitive match
Signed-off-by: Thomas Heil <heil@terminal-consulting.de>
new option "use_curl" to force the use of curl if GNU Wget and curl are installed
fix initscript reload(): reload and not restart if killall -1 fails
BusyBox nc not support -v in every compiled version
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Use the generic autoreconf facility to pickup proper variants of
autoconf, automake and libtool.
Remove the unneeded Build/Configure override.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
The Makefile already uses the proper autoreconf fixup but leaves a manual
autoconf invocation in place.
The bad autoconf call leads to the following build error in the SDK:
( cd .../rtorrent-0.9.4-git; ./autogen.sh );
aclocal...
autoheader...
libtoolize... libtoolize nor glibtoolize not found
make[2]: *** [.../rtorrent-0.9.4-git/.configured_] Error 1
Remove the entire Build/Configure override to let rtorrent build correctly.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
modified source directory structure
- files for production files
- samples for sample files (not installed in final build)
modified Makefile
- separate options for additional provider scripts
- remove comments and empty lines from final build
add IPv4 100.64/10 (RFC 6598) and 169.254/16 (RFC 5735) to the range of default blocked IP's.
new option "bind_network" to force GNU Wget or cURL to use specific network/interface for communication
new "domains.google.com" as IPv4 DDNS provider #822
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
The SSH transport can trigger interactive prompts during the build,
this is failing all build bots atm.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
The Open Lighting Architecture is a framework for lighting control information.
It supports a range of protocols and over a dozen USB devices. It can run as a
standalone service, which is useful for converting signals between protocols,
or alternatively using the OLA API, it can be used as the backend for lighting
control software. OLA runs on many different platforms including ARM, which
makes it a perfect fit for low cost Ethernet to DMX gateways.
Signed-off-by: Christian Beier <dontmind@freeshell.org>
restructure startup of dnymaic_dns_updater.sh
- first run load_all_config_options (it returns 1 if SECTION_ID not found) #779
- set all defaults if necessary
- verify if username and/or password is needed inside update_url #779
- remove wait - will be done by retry_interval and retry_count if communication fails
provider specific update scripts
- verify if username/password are needed
services_ipv6
- added freedns.afraid.org
- IPv6 should work due to their documentation
minor fixes
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Fixed issue in mwan3 status output with mwan3 interfaces not yet configuerd in network config
Removed nexthop argument as it is no longer used
Signed-off-by: Jeroen Louwes <jeroen.louwes@gmail.com>
* Makefile
- modified to support new LuCI build structure when building i18n support
- increase "patch" version
* privoxy.lua detail.lua apperror.lua
- modified version detection
- removed function ipgk_version()
* new file build/i18n-po2lua.pl
- copied from luci build system to create lmo language files
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
* remove CHANGELOG from distribution
* fix syslog output printing "\n" or other formating chars
* ddns configuration
- new UCI-config value ddns.global.allow_local_ip "0" or "1"
(default "0") - (OpenWrt Ticket 18642)
* dynamic_dns_functions.sh
- new function split_FQDN() splits a given FQDN into host,
(registerable) domainname, and TLD using
https://publicsuffix.org/list/effective_tld_names.dat
- verify_host_port() use BIND host, if installed
- verify_host_port() not detecting ip, if already given
- fixed regexp for IP detection from nslookup's answer - (OpenWrt
Ticket 16363)
- support ddns.global.allow_local_ip to allow sending non public IP's
to DDNS provider like 127.x, 192.168.x.x or fxxx - (OpenWrt Ticket
18642)
* new file tld_names.dat
- used by dynamic_dns_functions.sh inside split_FQDN() function to
find valid TLD's
* update_cloudflare.sh
- modified subdomain/domain splitting using split_FQDN()
- modified support for AA12.09 (json_get_keys())
- minor fixes and cleanup
- many thanks to Aaron Tanner for testing
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- update to latest version (v2.10.0)
- add a patch to fix compilation failures due to missing TIOCSRS485 macro
- add license info
- add myself as maintainer
Signed-off-by: Nicolas Thill <nico@openwrt.org>
When updating fastd, some added and renamed CMake options had been forgotten, so
it was impossible to disable some feature to reduce its size.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
- DOC: fix a few typos
- BUG/MINOR: http: fix typo: "401 Unauthorized" => "407 Unauthorized"
- BUG/MINOR: parse: refer curproxy instead of proxy
- DOC: httplog does not support 'no'
- MINOR: map/acl/dumpstats: remove the "Done." message
- BUG/MEDIUM: sample: fix random number upper-bound
- BUG/MEDIUM: patterns: previous fix was incomplete
- BUG/MEDIUM: payload: ensure that a request channel is available
- BUG/MINOR: tcp-check: don't condition data polling on check type
- BUG/MEDIUM: tcp-check: don't rely on random memory contents
- BUG/MEDIUM: tcp-checks: disable quick-ack unless next rule is an expect
- BUG/MINOR: config: fix typo in condition when propagating process binding
- BUG/MEDIUM: config: do not propagate processes between stopped processes
- BUG/MAJOR: stream-int: properly check the memory allocation return
- BUG/MEDIUM: memory: fix freeing logic in pool_gc2()
- BUG/MEDIUM: compression: correctly report zlib_mem
Signed-off-by: Thomas Heil <heil@terminal-consulting.de>
* go back to "old" initscript not using procd
* privoxy running --no-daemon only logging to STDERR
* procd do not support redirection of STDOUT/STDERR, '2>file' as a command parameter does not work
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
* Use the correct path for the pidfile
* Start a multithreaded daemon instead of pre-forking worker processes.
This avoids consuming too much memory and makes context switches faster
Signed-off-by: Gergely Kiss <mail.gery@gmail.com>
Fix issue where config file would be overwritten in some cases
Fix issue where local address of wan point-to-point links were unreachable from lan
Signed-off-by: Jeroen Louwes <jeroen.louwes@gmail.com>
This release contains a patch which is supposed to improve musl compatiblity. I
haven't tested it with musl though.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* Restore hooks support from vpnc-script
* Use consistent style for tests and blocks in openconnect.sh
* Cleanup code that writes banner to syslog
Signed-off-by: Matthew Sykes <matthew.sykes@gmail.com>
Avoids source filename conflicts and the need to delete source packages
at the end of the prepare stage. This has forced the buildenv to rebuild
the packages even if they were built already.
Signed-off-by: Gergely Kiss <mail.gery@gmail.com>
- moved from oldpackages to github
- set maintainer
- update pkg source to new version 3.0.22
- run privoxy as non root user privoxy:privoxy
- using procd including network events to restart on changes
- log start and stop to syslog, privoxy not using syslog
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Add a new build configuration option for openconnect and let it link
against libstoken if instructed to. Two new uci configuration variables
are introduced: "token_mode" and "token_secret" to allow openconnect to
use those.
Signed-off-by: Florian Fainelli <florian@openwrt.org>
- BUILD: fix "make install" to support spaces in the install dirs
- BUG/MEDIUM: checks: fix conflicts between agent checks and ssl healthchecks
- BUG/MEDIUM: ssl: fix bad ssl context init can cause segfault in case of OOM.
- BUG/MINOR: samples: fix unnecessary memcopy converting binary to string.
- BUG/MEDIUM: connection: sanitize PPv2 header length before parsing address information
- BUG/MEDIUM: pattern: don't load more than once a pattern list.
- BUG/MEDIUM: ssl: force a full GC in case of memory shortage
- BUG/MINOR: config: don't inherit the default balance algorithm in frontends
- BUG/MAJOR: frontend: initialize capture pointers earlier
- BUG/MINOR: stats: correctly set the request/response analysers
- DOC: fix typo in the body parser documentation for msg.sov
- BUG/MINOR: peers: the buffer size is global.tune.bufsize, not trash.size
- MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping)
- BUG/MAJOR: sessions: unlink session from list on out of memory
- BUG/MEDIUM: patterns: previous fix was incomplete
- BUG/MEDIUM: payload: ensure that a request channel is available
Signed-off-by: Thomas Heil <heil@terminal-consulting.de>
Chilli proxy is used when one does not want to setup AAA server
but want to handle AAA through http.
Developer's Certificate of Origin 1.1
By making a contribution to this project, I certify that:
(a) The contribution was created in whole or in part by me and I
have the right to submit it under the open source license
indicated in the file; or
(b) The contribution is based upon previous work that, to the best
of my knowledge, is covered under an appropriate open source
license and I have the right under that license to submit that
work with modifications, whether created in whole or in part
by me, under the same open source license (unless I am
permitted to submit under a different license), as indicated
in the file; or
(c) The contribution was provided directly to me by some other
person who certified (a), (b) or (c) and I have not modified
it.
(d) I understand and agree that this project and the contribution
are public and that a record of the contribution (including all
personal information I submit with it, including my sign-off) is
maintained indefinitely and may be redistributed consistent with
this project or the open source license(s) involved.
Signed-off-by: Ramanathan Sivagurunathan ramzthecoder@gmail.com
After a few discussions with the guys working on OpenVSwitch
they've recommended we use the EXTRA_CFLAGS env var for setting
flags for the kernel module.
They've updated the trunk with a patch to accomodate that.
That patch is also in this commit, and replaces a patch that I proposed.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
ZNC uses a map to cache channel memebers on join. Unfortunately uclibc++
uses a naive linked-list implementation with horrible performance, which
can cause joins to take a few minutes on popular channels.
Therefore Switch to libstdc++ which uses a much more performant hashmap.
ZNC by itself is already rather large, so the added footprint of
libstd++ vs uclibc++ does not matter that much anyway.
Should fix#11778.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
- [PATCH 1/6] BUILD: fix "make install" to support spaces in the
- [PATCH 2/6] BUG/MEDIUM: ssl: fix bad ssl context init can cause
- [PATCH 3/6] BUG/MEDIUM: ssl: force a full GC in case of memory
- [PATCH 4/6] BUG/MEDIUM: checks: fix conflicts between agent checks
- [PATCH 5/6] BUG/MINOR: config: don't inherit the default balance
- [PATCH 6/6] BUG/MAJOR: frontend: initialize capture pointers earlier
Signed-off-by: Thomas Heil <heil@terminal-consulting.de>
- moved /usr/lib/ddns/dynamic_dns_lucihelper.sh from luci-app-ddns into this package
(Github openwrt/luci issue 251)
(OpenWrt Trac tickets 18326 18347)
- fix: dynamic_dns_update.sh did not loop
(OpenWrt Trac ticket 18336)
- add provider cloudflare.com IPv4 and IPv6 (Thanks to Paul for support and testing)
(OpenWrt Trac ticket 12500)
- modified detection, if dynamic_dns_fuctions are used by dynamic_dns_lucihelper.sh
- redirect stdout of wget,curl,host,nslookup,nc etc to /tmp/ddns_$$.dat and *.err instead of variables
- extended error detection in get_local_ip function
- modified verify of option ip_script to allow parameters, when calling
- add provider selfhost.de IPv4
- add provider no-ip.pl (nothing to do with no-ip.com)
(Github openwrt/packages issue #542)
IPv4 (tested) and also added for
IPv6 (NOT tested) because client IP is autodetected be provider
- add getlocalip_sample.sh as sample script for usage of
option ip_source 'script' together with
option ip_script '/usr/lib/ddns/getlocalip.sh -4'
- cleanup whitespaces at line ends
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
When libncursesw is available, bmon uses it instead of libncurses. This
commit adapts the dependencies accordingly.
Signed-off-by: Baptiste Jonglez <bjonglez@illyse.org>
- fixed postinst and prerm in Makefile
- implementation of provider specific update scripts into services and
services_ipv6 file.
first Provider "no-ip.com" - Thanks to DarkStarXxX for
request and testing
- finished uci/ddns wiki at http://wiki.openwrt.org/doc/uci/ddns
- rewritten retry management
- rewritten logging including following Issue 469
https://github.com/openwrt/packages/issues/469
- stop running sections on hotplug ifdown event (like start on ifup)
- implement trap detection
also kill "sleep" child processes
SIGHUP to reload configuration (not really reloading, simply
starting a new process)
/etc/init.d/ddns reload implemented
- code optimization
- new provider LoopiaDNS.se Issue 494
https://github.com/openwrt/packages/issues/494
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Use INSTALL_BIN & INSTALL_DATA macros instead of cp
to ensure correct file permissions for the executable files.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Released version 1.5.8 with the following main changes :
- BUG/MAJOR: buffer: check the space left is enough or not
when input data in a buffer is wrapped
- BUG/BUILD: revert accidental change in the
makefile from latest SSL fix
Signed-off-by: Thomas Heil <heil@terminal-consulting.de>
When OVS detects a kernel version >= 3.12 it does not build
it's own vxlan module and tries to use the kernel's, when building
the OVS kernel module.
I also pushed a patch to the OpenWRT trunk to add a +kmod-vxlan package.
This will add the kernel's vxlan.ko kernel module if it exists.
So, for kernel >= 3.12, this package should exist and be installed
when installing OVS.
Tested on OpenWRT trunk with kernel 3.14.18.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Seems that while fixing the build for GCC 4.9
I broke the build for GCC 4.8, because that KCFLAG I added
causes a build error (since it's not recognized).
The fix is to add KCFLAG only when GCC 4.9 is used.
OpenVSwitch now builds successfully with GCC 4.8 and 4.9.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
The update fixes CVE-2014-4877 which allows malicious FTP servers
to modify local filesystem contents through specificially crafted
symlinks.
Please backport to for-14.07 too.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Merge upstream commit 5ae2a70a135062a025d8fabc104eeae3a2c53a7a to relax the
SSL library version check at runtime.
The objective is to avoid the need for rebuilding freeradius2 whenever we push
binary updates for libopenssl. See https://dev.openwrt.org/ticket/18169 for
reference.
Please backport this change to the for-14.07 branch as well.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
knot-utils consists of kdig, khost, knsec3hash and knsupdate. In order
to reduce the size of software installed on a device it is useful to
include a minimal collection of software and thus it should be possible
to install the utilities individually. bind also creates a subpackage
for each utility.
Signed-off-by: Matthias-Christian Ott <ott@mirix.org>
Changes committed to the cerowrt original repo after the initial import here:
- Better license & copyright statements, as requested
- Fixed a minor bug in stopping sqm
- Logging improvements
- Dead code removed
- Typos corrected
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Requires python package.
Required by other openvswitch subpackages (like openvswitch-python).
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
An older version of nut is in oldpackages. This commit is based on that
package and bumps the version to the latest release along with unifying
the server and client packages. More build options are provided for any
custom configuration but the defaults provide a working client and
server install which only needs a UPS driver. Drivers still build as
individual packages to minimise bloat. SSL support has also been added.
Signed-off-by: Martin Rowe <cyanidium@users.noreply.github.com>
add support for "disk <partition> <size>" option
example for /etc/config/snmpd
===========
config disk
option partition '/'
option size '500'
===========
Changed the verify of DNS server and proxy at script start to retry the
verify if there are connection problems during verify
plus some minor changes.
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
recent changes in trunk allow us to specify the userid inside the openwrt makefile.
the info is stored int he meta data of the IPK contorl file and users are generated
by the new generic postinst trigger.
Signed-off-by: John Crispin <blogic@openwrt.org>
fixes problem CRITICAL ERROR - custom update_script not found
when extracting url and script from services / services_ipv6 file
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Squashed commit of the following:
commit 2701c8868e1ef4949db57e53b27958edba6abb59
Author: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Date: Sun Oct 5 11:01:57 2014 +0200
ddns-scripts: Added support for custom update scripts
Sample script
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
commit e07ecb90fa2c7404a97cf64024e89bd9d88aacd4
Author: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Date: Sun Oct 5 11:00:11 2014 +0200
ddns-scripts: Added support for custom update scripts
Added support for custom update scripts with new option update_script.
function get_service_url() renamed to get_service_data() and extended to detect scripts inside service / service_ipv6 for later use
function send_update() modified to support custom update scripts.
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
commit 39e41b2151a79a7ace71a9d40b87cd4d6ce09503
Author: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Date: Sun Oct 5 10:52:44 2014 +0200
ddns-scripts: Added support for custom update scripts
Added support for custom update scripts with new option update_script
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
commit 33f264768e37d8a6fe564faaafa51a7b45a0ee19
Author: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Date: Sun Oct 5 10:48:21 2014 +0200
ddns-scripts: Insert description for NEW option update_script
Insert description for NEW option update_script
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
commit 6f6a60244df53e0556f5c75845c69aa832f97e4c
Author: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Date: Sun Oct 5 10:43:52 2014 +0200
ddns-scripts: Update PKG_RELEASE
Update_PKG_RELEASE to reflect changes
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
new naming/wording - more generically mwan than mwan3
renamed cryptic variables/functions/etc everywhere
removed unused and unnecessary variables everywhere
cleaned up ugly and inefficient Lua and Javascript
Signed-off-by: Aedan Renner chipdankly@gmail.com
This patch will first check if the generated configuration folder exists and then delete it, after that it will always create the configuration folder.
Fixed issue where an manual ifup-ed interface would immediatly go down again
Remove from init as mwan3 is not a service
Signed-off-by: Jeroen Louwes <jeroen.louwes@gmail.com>
New function __urlencode() to remove special chars used in send_update() for username and password.
username might have email address and password might have special chars for security reasons.
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
corrected name of last_resort option from "main" to "default"
added blackhole option to policy selection on rule configuration
Signed-off-by: Aedan Renner <chipdankly@gmail.com>
added support for new last_resort option for policy configuration
added dependencies for luci-mod-admin-full and luci-lib-nixio
shortened length of menuconfig description lines
reworded things on various pages
changed date formatting in custom hotplug script
default route checks now verify both destination/netmask are 0.0.0.0
condensed messy javascript lines and removed -F' ' from awk commands
Signed-off-by: Aedan Renner <chipdankly@gmail.com>
Thanks to "eqsun" for report and offer of fix.
Otherwise the ip address starts with 100~109 will be treated as invalid.
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
4.1 has an important bugfix for platforms (such as ARM cns3xxx) where "char"
does not default to "signed char" and other bugfixes.
Also build with debugging enabled (-D flag) to enable debugging, the size
increase is just +336B (on platform au1000).
Fixed issue where mwan3 would not immediately set interface down on link-loss event
Added feature to define last-resort action on policies with no members
Signed-off-by: Jeroen Louwes <jeroen.louwes@gmail.com>
According to Issue #342 here is a proposal to add a nossl variant to
that builts haproxy without ssl
Add pending patch from upstream
- [PATCH 14/14] MEDIUM: systemd-wrapper: support multiple executable
Signed-off-by: Thomas Heil <heil@terminal-consulting.de>
This is default if ovs is started through ovs-ctl but we start it directly, hence
tell procd to use nice -10 for ovs.
Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
new extraction of IP inside function get_registered_ip for host and nslookup
thanks to jow for the sed
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Squashed commit of the following:
commit fc1d42f069ff930180c5f067c2eb88c9e9df7003
Author: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Date: Sun Sep 21 18:01:43 2014 +0200
[ddns-scripts] Update to Version 2.0.1-1
commit 731f9b4df00a8f29df2c17f102356c4d6980918a
Author: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Date: Sun Sep 21 17:59:25 2014 +0200
[ddns-scripts] Update to Version 2.0.1-1
personal helper script to create hashes for CA-Certificates for Wget and cURL using https protocol without errors.
Sorry GitHub web interface only supports single commits that will be summarized into one pull request.
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
commit df8f6c9d5d31fde24fe1d673949d272d887505e1
Author: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Date: Sun Sep 21 17:56:05 2014 +0200
[ddns-scripts] Update to Version 2.0.1-1
rewritten
Sorry GitHub web interface only supports single commits that will be summarized into one pull request.
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
commit 50cdf5acb9caecfd9b65ab79696c40fb2bc7037b
Author: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Date: Sun Sep 21 17:54:40 2014 +0200
[ddns-scripts] Update to Version 2.0.1-1
rewritten
Sorry GitHub web interface only supports single commits that will be summarized into one pull request.
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
commit b1d650a345fb06402c1eac01138cbafcca123a8c
Author: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Date: Sun Sep 21 17:52:52 2014 +0200
[ddns-scripts] Update to Version 2.0.1-1
not needed in this version
Sorry GitHub web interface only supports single commits that will be summarized into one pull request.
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
commit 9532114b03d428a3162b16e06706d3aa50e601bb
Author: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Date: Sun Sep 21 17:51:39 2014 +0200
[ddns-scripts] Update to Version 2.0.1-1
same function as existing services file but used for IPv6
Sorry GitHub web interface only supports single commits that will be summarized into one pull request.
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
commit a636bc25c62e23694c009886c13253c9cecc548c
Author: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Date: Sun Sep 21 17:46:56 2014 +0200
[ddns-scripts] Update to Version 2.0.1-1
New file explaining availible parameters.
Sorry GitHub web interface only supports single commits that will be summarized into one pull request.
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
commit 52332354fc245861e17c898aa6b806f6c174e9a5
Author: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Date: Sun Sep 21 17:44:45 2014 +0200
[ddns-scripts] Update to Version 2.0.1-1
Sorry GitHub web interface only supports single commits that will be summarized into one pull request.
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
According to the NEWS message from the main OVS site:
http://openvswitch.org/releases/NEWS-2.3.0
Excerpt:
- ovs-controller has been renamed test-controller. It is no longer
packaged or installed by default, because too many users assumed
incorrectly that ovs-controller was a necessary or desirable part
of an Open vSwitch deployment.
Current feed was updated based on a feed that packaged OVS 1.9,
and subsequently updated.
For now, we'll remove it, since it's not required.
When I tested the feed, I tested it on a setup that has been configured
some time ago, and does not have that package enabled.
So, I'll remove it to prevent confusion.
Signed-off-by: Alexandru Ardelean ardeleanalex@gmail.com
- [PATCH 01/13] DOC: clearly state that the "show sess" output format
- [PATCH 02/13] MINOR: stats: fix minor typo fix in
- [PATCH 03/13] MEDIUM: Improve signal handling in systemd wrapper.
- [PATCH 04/13] MINOR: Also accept SIGHUP/SIGTERM in systemd-wrapper
- [PATCH 05/13] DOC: indicate in the doc that track-sc* can wait if
- [PATCH 06/13] MEDIUM: http: enable header manipulation for 101
- [PATCH 07/13] BUG/MEDIUM: config: propagate frontend to backend
- [PATCH 08/13] MEDIUM: config: properly propagate process binding
- [PATCH 09/13] MEDIUM: config: make the frontends automatically bind
- [PATCH 10/13] MEDIUM: config: compute the exact bind-process before
- [PATCH 11/13] MEDIUM: config: only warn if stats are attached to
- [PATCH 12/13] MEDIUM: config: report it when tcp-request rules are
- [PATCH 13/13] MINOR: config: detect the case where a tcp-request
Signed-off-by: Thomas Heil <heil@terminal-consulting.de>
By default the package detects the presence of pdflatex and builds documentation automatically.
During the OpenWrt build this behavior is not acceptable. The added patch introduces a configure
option to explicitly enable the build of the documentation on request.
Signed-off-by: Johannes Morgenroth <morgenroth@ibr.cs.tu-bs.de>
Add a patch to prevent use of LD_LIBRARY_PATH when checking for BDB libs
This caused build failure when host = target
Signed-off-by: Nicolas Thill <nico@openwrt.org>
rsync, by default, includes a patched zlib within its source tarball. The patch
enables a better compression ratio for rsync streams. However, the client and
server need the same featureset in their zlib in order to understand the
compression stream, or the server will abort the transfer. Older versions have
no understanding of the new compression standard used.
This patch allows the builder to choose whether to use the bundled or system
zlib. It defautls to using the system zlib, as is the default before this
patch.
Signed-off-by: Ian Leonard <antonlacon@gmail.com>
This package adds the mac-telnet server, client, ping and discovery utilities.
See https://github.com/aouyar/MAC-Telnet for details.
This package uses the fork from https://github.com/jow-/MAC-Telnet as source,
the code there has a number of bugfixes and results in smaller binaries since
most core functionality has been ported to libubox facilities provided by
OpenWrt.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
- BUG: config: error in http-response replace-header number of arguments
- BUG/MINOR: Fix search for -p argument in systemd wrapper.
- BUG/MEDIUM: auth: fix segfault with http-auth and a configuration with an unknown encryption algorithm
- BUG/MEDIUM: config: userlists should ensure that encrypted passwords are supported
- MEDIUM: connection: add new bit in Proxy Protocol V2
- BUG/MINOR: server: move the directive #endif to the end of file
- BUG/MEDIUM: http: tarpit timeout is reset
- BUG/MAJOR: tcp: fix a possible busy spinning loop in content track-sc*
- BUG/MEDIUM: http: fix inverted condition in pat_match_meth()
- BUG/MEDIUM: http: fix improper parsing of HTTP methods for use with ACLs
- BUG/MINOR: pattern: remove useless allocation of unused trash in pat_parse_reg()
- BUG/MEDIUM: acl: correctly compute the output type when a converter is used
- CLEANUP: acl: cleanup some of the redundancy and spaghetti after last fix
- BUG/CRITICAL: http: don't update msg->sov once data start to leave the buffer
Signed-off-by: Thomas Heil <heil@terminal-consulting.de>
The git-daemon command currently doesn't work and displays the following
error whenever a repository is cloned:
error: cannot run daemon: No such file or directory
[10920] unable to fork
On the client side the connection is simply terminated. The problem is,
that git-daemon tries to start a new instance of itself for every
new client that is connecting. It expects argv[0] to contain
"git-daemon", but since it is converted into a builtin command, argv[0]
only contains "daemon", which does not exist and causes the above error.
The fix simply prepends "git" to the list of arguments, so that the
resulting call looks something like "git daemon --serve ..."
Signed-off-by: Andreas Rohner <andreas.rohner@gmx.net>
- [PATCH 5/6] BUG/MEDIUM: http: tarpit timeout is reset
- [PATCH 6/6] MEDIUM: connection: add new bit in Proxy Protocol V2
Signed-off-by: Thomas Heil <heil@terminal-consulting.de>
Since the current release of the package does not provide a
configure option to disable this dependency, a patch is necessary
to add this option.
Signed-off-by: Johannes Morgenroth <morgenroth@ibr.cs.tu-bs.de>
Since the current release of the package does not provide
configure options to disable these dependencies, a patch is necessary.
Signed-off-by: Johannes Morgenroth <morgenroth@ibr.cs.tu-bs.de>
- update to latest version (v2.0.4)
- use PKG_INSTALL
- add DBI plugin
- convert init script to procd
- add license info
- add myself as maintainer
Signed-off-by: Nicolas Thill <nico@openwrt.org>
This package contains the tools (dtnsend, dtnrecv, dtnping, ...) of IBR-DTN, a modular
and lightweight implementation of the bundle protocol (RFC 5050).
https://github.com/ibrdtn/ibrdtn
Signed-off-by: Johannes Morgenroth <morgenroth@ibr.cs.tu-bs.de>
This package contains the daemon (dtnd) of IBR-DTN, a modular and lightweight
implementation of the bundle protocol (RFC 5050). https://github.com/ibrdtn/ibrdtn
Signed-off-by: Johannes Morgenroth <morgenroth@ibr.cs.tu-bs.de>
This is an import of the net/unbound package from Subversion
revision 40658 (May 2, 2014). The only change is the addition of
PKG_LICENSE, PKG_LICENSE_FILE and PKG_MAINTAINER to Makefile.
Unbound 1.4.22 is the current upstream release.
Signed-off-by: Michael Hanselmann <public@hansmi.ch>
Use right size of addresses in bind() call. Also use getpeername addresses when
connecting to ident service to prevent address family mismatch between socket(),
bind() and connect() calls.
---
Christian Schoenebeck via github pull request #205:
Reported for a long time in the web. Still exists in the current sources.
Already reported and offert on TRAC Ticket #15821.
You can find a lot of entries on "Google" about the reported problem.
I got the same error on my WNDR3800 and von VirtualBox X86.
I copied the patch to my local trunk build system and recompiled.
The problem was fixed.
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Signed-off-by: Jonathan McCrohan <jmccrohan@gmail.com>
Replace the MAINTAINER lines in packages that I maintain with
PKG_MAINTAINER lines, to be consistent with the rest of the packages
tree.
Signed-off-by: Jonathan McCrohan <jmccrohan@gmail.com>
smartsnmpd is an implementation of SNMP Agent developed by Credo Semi. It
use Lua as script language to write SNMP MIB nodes to improve the efficiency
of developtment.
This package add native support for OpenWrt. Include using ubus and uci to
get status/info. And, it use uloop as low level event library. So it's
some sort of desgin for OpenWrt.
Website: https://github.com/credosemi/smartsnmp
Signed-off-by: Leo Ma <leoma@credosemi.com>
Signed-off-by: Xiongfei Guo <xfguo@credosemi.com>
Set PKG_LICENSE as written inside dynamic_dns_updater.sh and dynamic_dns_functions.sh.
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
A minor point release.
* Don’t ask client for certificate when require_certificate is false.
* Fix incorrect handling of anonymous bridges on the local broker.
* backout incomplete functionality incorrectly added in 1.3.2
Signed-off-by: Karl Palsson <karlp@remake.is>
