Refreshed patch.
Added PKG_LICENSE_FILES.
Added --as-needed linker flag for slightly smaller size.
Removed -O2 hack to get it to compile. As part of this, removed a bunch of
CFLAGS that are normally passed which potentially affect compilation with
Os.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
1.) Fix the handling of XTinyproxy option to avoid syntax error when starting tinyproxy:
example:
Syntax error on line 15
Unable to parse config file. Not starting.
Signed-off-by: Mathieu Coupe <eagle.pounains@gmail.com>
The protobuf 3.7 update broke ola due to API changes. Backported a few
patches from upstream to deal with this.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Correct option is "password_file" not "passwd_file"
Originally reported as: https://github.com/openwrt/packages/pull/8642
Added the package bump.
Signed-off-by: Karl Palsson <karlp@etactica.com>
Buildbots are failing on kea because kea/host is failing:
checking for OpenSSL library... configure: error: OpenSSL auto detection
failed
I'm guessing the buildbots do not have OpenSSL installed and the
configure script does not find the proper location for OpenSSL.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
* add a 'Net Error Check' which treats a missing
internet availability as an error (disabled by default)
* add a 'List Auto Expiry' which automatically resets
the 'Faulty Stations' list after n minutes,
default is '0' which means no expiry (old behaviour).
* rework major parts of the check subroutine
* add both features to LuCI frontend (separate PR/commit)
Signed-off-by: Dirk Brenken <dev@brenken.org>
Libreswan is a free software implementation of the most widely
supported and standardized VPN protocol based on ("IPsec") and
the Internet Key Exchange ("IKE"). These standards are produced
and maintained by the Internet Engineering Task Force ("IETF").
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
This is causing linking errors on i3486 and maybe other platforms. Linking
with LD does not seem to be very portable.
Also cleaned up the Makefile by getting rid of whitespace, HTTPS,
duplicated entries, etc...
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Remove libopenssl dep from NGINX_HTTP_CACHE and NGINX_HTTP_AUTH_BASIC config flag
The documentation doesn't mention that openssl is required for this 2 modules. This also permit to use nginx no-ssl variant without libopenssl as this 2 module are selected by default. Also make OPENSSL_ENGINE flag a dep to recompile nginx on change of openssl compilation flag.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
This patch updates the aircrack-ng package to their git revision
42f2b48d. This commit is the latest for the upcoming 1.6 release.
Signed-off-by: Joseph Benden <joe@benden.us>
There's a build race condition with other packages which sometimes results in:
Package libnetsnmp is missing dependencies for the following libraries:
libpci.so.3
Add ability to configure a static remote ip in pptp config file
This change has backward compatibility with old config files
Also remove the MAINTAINER as intructed
Signed-off-by: Thiago Pereira Ricciardi <thiago.ricciardi@gmail.com>
Kea is an open source DHCPv4/DHCPv6 server being developed by
Internet Systems Consortium. Kea is a high-performance, extensible
DHCP server engine that is designed to be easily modified and extended
with hooks libraries.
Kea is free open source, and we welcome community engagement, via the
Kea-users mailing list, this wiki, and our Github
repository. There is a small core team of dedicated software engineers
developing it and we need your contributions and support
contracts to support them.
DHCP Standardization efforts: The lead developer on KEA is
co-chair of the Dynamic Host Configuration working group in the
IETF. We are committed to providing a standards-compliant
implementation and are closely tracking developments in this working
group and evaluating them for inclusion in KEA.
wiki : http://kea.isc.org/wiki
official : https://www.isc.org/kea/
Signed-off-by: BangLang Huang <banglang.huang@foxmail.com>
ENGINE_cleanup is unavailable when deprecated APIs and ENGINE support are
disabled. The cleanup functions are unnecessary with OpenSSL 1.1.
The getm functions use a faulty if directive. Work around it.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Openssl 1.1.1 package in openwrt enabled more than just the devcrypto
engine, so the engine support in openssh should be enabled when general
engine support is enabled in openssl.
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Added a dependency to OPENSSL_WITH_EC to prevent any build failures.
Switched URLs to HTTPS.
Added PKG_CPE_ID for proper CVE tracking.
Some Makefile reorganization for consistency between packages.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Packages such as Perl, Lua, shell scripts don't generate binary files.
Add PKGARCH:=all to them.
Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
Django 1.11 is supported, but seafile-admin was still looking for v. 1.8.
Replaced current patch with the patch from haiwen/seafile-server#147.
Cleaned up unsupported configure options, including riak backend.
Check that the seafile-server version is the same as seafile-seanet's at
build time, removing the static EXTRA_DEPENDS check done at install
time.
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Fixes compilation when both libbsd and ptunnel-ng are selected.
libbsd is used for arc4random with a fallback to /dev/random. musl does
not support arc4random.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
This replaces the use of uci_validate_section() with
uci_load_validate(), which removes the need to declare local variables
for every config option.
This also lets procd trigger the validation function directly, and
removes some unnecessary curly brackets.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Note: this should prevent wget to writing to /root/.wget-hsts
which can lead to flash memory degradation.
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
The variables can be empty if not set in the UCI config.
Reported-by: Petr Novák <petrn@me.com>
Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
This bug was introduced since dd206b7d0b
mwan3_remon_ipv4 and mwan3_remon_ipv6 is command to run not a variable
I add some comments on them hopefully people will notice it
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
The Go compiler can now manage the build dependencies by itself, as
obfs4proxy has been ported to a Go module.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* fix a json related ressource leak
* add a reload trigger when the wireless config gets changed
* set an interface default 'trm_wwan' (like the LuCI frontend)
* reordered nested loops to optimize the connection handling
Signed-off-by: Dirk Brenken <dev@brenken.org>
Yggdrasil builds end-to-end encrypted networks with IPv6. Beyond the
similarities with cjdns is a different routing algorithm. This
globally-agreed spanning tree uses greedy routing in a metric space.
Back-pressure routing techniques allow advanced link aggregation bonding
on per-stream basis. In turn, a single stream will span across multiple
network interfaces simultaneously with much greater throughput.
Authored by: William Fleurant <meshnet@protonmail.com>
Signed-off-by: Paul Spooren <mail@aparcar.org>
This one contains only a few CVEs + bugfixes.
* CVE-2019-8381 memory access in do_checksum() (#538)
* CVE-2019-8376 NULL pointer dereference get_layer4_v6() (#537)
* CVE-2019-8377 NULL pointer dereference get_ipv6_l4proto() (#536)
* Rename Ethereal to Wireshark (#545)
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
trafficshaper create QoS rules to limit (or reserve) traffic used
by classes of clients.
Uplink and downlink can be controled (or not controlled) independently.
Client classes are defined by its network addresses (IPv4 or IPv6). Each
client class can define absolute or relative (to wan) bandwith, and also
the use (or not) of spare wan bandwidth when avaiable.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Using shorewall-lite {en|dis}able instead of completely restarting
Shorewall is much more efficient.
But it also makes sense to move the starting of Shorewall from init
to an interface hotplug event. The "lan" interface should be a good
indicator that networking it ready. Besides, Shorewall won't start
until br-lan is available.
Signed-off-by: Brian J. Murrell <brian@interlinx.bc.ca>
