The previous commit left an unwanted string in the options passed
to xl2tpd-control. Remove that as well.
Also set procd respawn parameter now that I'm at it.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Overriding DEFAULT to 'n' prevents packages being build unless
explicitely selected even if ALL is set.
Instead, set 'DEFAULT:=y if PACKAGE_gnunet' for the default
packages and otherweise don't touch DEFAULT.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Directly call /usr/lib/gnunet/libexec/gnunet-service-arm instead
of /usr/bin/gnunet-arm, so it remains attached to procd.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
gnurl's README states quite excatly which CONFIGURE_ARGS to pass,
so disable lots of unneeded stuff.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The autoconf issue when detecting libmicrohttpd was fixed upstream in
SVN revision 35845. Use that and remove the dirty work-around.
See also:
https://gnunet.org/bugs/view.php?id=3805#c9201
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This is definitely one of the ugliest things I ever got my
hands on. If it even did the job properly, but no, it tries
to install it's headers in /usr/include/curl collidings with
actual curl's headers. Fixed that by installing them into
/usr/include/gnurl instead. Now gnunet can use gnurl.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The single 'gnunet' package built should be further split up,
meta-packages for common use-cases should be added.
However, it's not too big to run on devices with 8MB of flash or more,
even in the current monolithic package.
Integration with procd and netifd is not yet implemented.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Building nfs-kernel-server with --enable-ipv6 requires not yet packaged
libtirpc, therfore unconditionally disable IPv6 support again for now.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
With upstream commit
https://git.kernel.org/cgit/network/ethtool/ethtool.git/commit/?id=875616dfcbe57ea0f639a20d85fcbad2172ad744
there is now an option to produce a smaller ethtool build which will
disable pretty printing (Ethernet drivers, SFP diagnostics...) for
platforms that do not need it.
Hook a menu configuration option to control that option. Build size
differences on ar71xx:
With:
-rw-r--r-- 1 florian florian 79K mai 23 10:43
bin/ar71xx/packages/packages/ethtool_3.18-1_ar71xx.ipk
Without:
-rw-r--r-- 1 florian florian 23K mai 23 10:43
bin/ar71xx/packages/packages/ethtool_3.18-1_ar71xx.ipk
Signed-off-by: Florian Fainelli <florian@openwrt.org>
* add a patch to fix a null pointer dereference in src/racoon/gssapi.c (CVE-2015-4047)
* refresh patches
* bumb release number
Signed-off-by: Nicolas Thill <nico@openwrt.org>
- Use netifd no_proto_task for notifying that xl2tpd does not have a
protocol task running.
- Use procd for xl2tpd service management.
- Refreshed 2xx patches to
- Prevent leftover regular type control result file.
- Allow xl2tpd run as foreground process while logging via syslog.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
- bumped version
- removed dependency on `ip` package as routes are setup by netifd
if iproute2 is actually required, please depend on
`@(PACKAGE_ip||PACKAGE_ip-full)` instead of `ip`
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
gcc complains about atexit() being implicitely defined in
xl2tpd-control.c
Fix that by including stdlib.h in xl2tpd-control.c
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Yousong Zhou <yszhou4tech@gmail.com> made a couple of useful fixes
mostly for the xl2tpd-control tool which was broken.
imported them (patches/2*) here.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* fix Makefile to force compression of tld_names.dat reported in OpenWrt Ticket 19597
* change default of retry_count to "0" (retry endless) suggested by Henning Schild
* updated tld_names.dat include changes until 07.05.2015
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
It used to require 1+ IPv4 addresses to start on Linux. Now it starts
up with 0 addresses (of any type), as netlink can provide us more
later. This way, no stupid restart loop with procd if it is racing
with netifd at startup.
Signed-off-by: Steven Barth <steven@midlink.org>
[RELEASE] Released version 1.5.12
Released version 1.5.12 with the following main changes :
- BUG/MINOR: ssl: Display correct filename in error message
- DOC: Fix L4TOUT typo in documentation
- BUG/MEDIUM: Do not consider an agent check as failed on L7 error
- BUG/MINOR: pattern: error message missing
- BUG/MEDIUM: pattern: some entries are not deleted with case insensitive match
- BUG/MEDIUM: buffer: one byte miss in buffer free space check
- BUG/MAJOR: http: don't read past buffer's end in http_replace_value
- BUG/MEDIUM: http: the function "(req|res)-replace-value" doesn't respect the HTTP syntax
- BUG/MEDIUM: peers: correctly configure the client timeout
- BUG/MINOR: compression: consider the expansion factor in init
- BUG/MEDIUM: http: hdr_cnt would not count any header when called without name
- BUG/MEDIUM: listener: don't report an error when resuming unbound listeners
- BUG/MEDIUM: init: don't limit cpu-map to the first 32 processes only
- BUG/MEDIUM: stream-int: always reset si->ops when si->end is nullified
- BUG/MEDIUM: http: remove content-length from chunked messages
- DOC: http: update the comments about the rules for determining transfer-length
- BUG/MEDIUM: http: do not restrict parsing of transfer-encoding to HTTP/1.1
- BUG/MEDIUM: http: incorrect transfer-coding in the request is a bad request
- BUG/MEDIUM: http: remove content-length form responses with bad transfer-encoding
- MEDIUM: http: restrict the HTTP version token to 1 digit as per RFC7230
- MEDIUM: http: add option-ignore-probes to get rid of the floods of 408
- BUG/MINOR: config: clear proxy->table.peers.p for disabled proxies
- MINOR: stick-table: don't attach to peers in stopped state
- MEDIUM: config: initialize stick-tables after peers, not before
- MEDIUM: peers: add the ability to disable a peers section
- DOC: document option http-ignore-probes
- DOC: fix the comments about the meaning of msg->sol in HTTP
- BUG/MEDIUM: http: wait for the exact amount of body bytes in wait_for_request_body
- BUG/MAJOR: http: prevent risk of reading past end with balance url_param
- DOC: update the doc on the proxy protocol
Signed-off-by: heil <heil@terminal-consulting.de>
seccomp is only supported on x86, amd64 and arm in tor.
This deactivated it currently completely which should close#935,
#1097, #1147 and #1161.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This adds a patch for ser2net, so that ser2net can be configured
to flash leds on serial traffic. This could -for example- be used
to have an activity indicator, like netdev trigger.
Internally, the linux kernel's 'transient' led trigger is used.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Updated the package to the latest upstream version.
Removed a patch that was merged upstream.
Bumped copyright notice to 2015.
Signed-off-by: Martin Rowe <martin.p.rowe@gmail.com>
This commit brings back Wifidog from the oldpackages
repository.
Changes:
* Wifidog version 1.2.1
* Add wifidog-tls package
* Init script uses procd
Signed-off-by: Michael Haas <haas@computerlinguist.org>
Inspired by OpenWrt Ticket System Ticket 9119
Python3 package currently marked as @BROKEN because no time for testing.
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
As Hnyman noted in https://github.com/dtaht/ceropackages-3.10/issues/13
we carry a few unnecessary dependecies in sqm-scripts, so remove one of
them (iptables-mod-filter) as we neither use it nor plan to use it.
Signed-off-by: Sebastian Moeller <moeller0@gmx.de>
- update to latest version (v1.0.16)
- add license info
- add myself as maintainer
- install dev files the proper way in Build/InstallDev
- rename sctp package to libsctp
- add an sctp-tools package and an sctp transitional meta package
Signed-off-by: Nicolas Thill <nico@openwrt.org>
- [PATCH 3/9] BUG/MEDIUM: Do not consider an agent check as failed on
- [PATCH 4/9] BUG/MEDIUM: peers: correctly configure the client timeout
- [PATCH 5/9] BUG/MEDIUM: buffer: one byte miss in buffer free space
- [PATCH 6/9] BUG/MAJOR: http: don't read past buffer's end in
- [PATCH 7/9] BUG/MEDIUM: http: the function "(req|res)-replace-value"
- [PATCH 8/9] BUG/MINOR: compression: consider the expansion factor in
- [PATCH 9/9] BUG/MEDIUM: http: hdr_cnt would not count any header when
Signed-off-by: heil <heil@terminal-consulting.de>
* fix problem with lucihelper script reported in OpenWrt Ticket 19419
* rewritten split_FQDN fixing detection errors and using zcat
* updated tld_names.dat and .gz compressed to save space
* add LoopiaDNS (loopia.se) to services_ipv6
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Alarm Pinger (apinger) is a little tool which monitors various IP devices by
simple ICMP echo requests. There are various other tools, that can do this,
but most of them are shell or perl scripts, spawning many processes, thus much
CPU-expensive, especially when one wants continuous monitoring and fast
response on target failure.
Signed-off-by: Alex Samorukov <samm@os2.kiev.ua>
Some VPN servers might be configured in a way that a CSD wrapper script
is mandatory to complete the authentication process, allow that to be
specified for openconnect.
Signed-off-by: Florian Fainelli <florian@openwrt.org>
Some servers might be implementing ACLs based on the value specified by
openconnect for "os", allow that to be configured.
Signed-off-by: Florian Fainelli <florian@openwrt.org>
- Ensure only valid UTF-8 is passed to libidn. It was found
(CVE-2015-2059) that libidn can read beyond the boundaries of the
provided buffer when an input string contains invalid UTF-8 sequences.
Signed-off-by: Thomas Heil <heil@terminal-consulting.de>
This patch removes some autoconf goo which is causing bind to use the host's ar
instead the ar from the toolchain. If they're both elf platforms this is fine,
but it's no good if host is darwin.
Signed-off-by: Lawrence D'Anna <larry@elder-gods.org>
The initial conversion to restart sqm on interfaces it is configured
for in case of (transient) dis- and reappearance was half finished.
These changes clean up the handling of exlicitly passed interfaces
in run.sh: no second argument defaults to all configured interfaces
the alternative is an individual interface name passed as 2nd
argument to run.sh. The first argument either is start or stop.
No argument at all will behave as if start was passed.
Survives light testing...
Signed-off-by: Sebastian Moeller <moeller0@gmx.de>
Alan Jenkins noted a bug in the smq luci GUI that effectively
erased several configuration paramters if two checkboxes were deselected.
This behaviour seems consistent in luci but certainly has the potential
to confuse users. While confusion can not really be avoided generally
it seems wise to change the default interpretation for empty or non-existent
itarget and etarget variables from the qdisc's default (5ms in the case of
one of the codels) to automatic determination of tghis variable dependent on
the configured bandwidth, as codels target variable should be large enough
to contain at least one full packet. With this change sqm-scripts will
do the right thing by default, but will yet allow the user to specify
over-ridding values (as long as the user does not un-check the
entry-field exposing check boxes). Survives light testing...
This change set also changes the sqm-scripts luci gui to note the user
of the change. For compatibility with existing setups sqm-scripts
will still honor "auto" as an alternative explicit way of requesting
automatic target selection. This might turn into a warning in the future
and might be phased out...
Signed-off-by: Sebastian Moeller <moeller0@gmx.de>
Package ethtool is missing dependencies for the following libraries:
libssp.so.0
Makefile:45: recipe for target '/home/zero/development/openwrt/bin/ar71xx/packages/packages/ethtool_3.18-1_ar71xx.ipk' failed
Signed-off-by: Rick Farina (Zero_Chaos) <zerochaos@gentoo.org>
From: Michael Haas <haas@computerlinguist.org>
* init script no longer creates certificates (consider client mode as use
case)
* patches/010_fix_getnameinfo.patch: Fix getnameinfo signature
* patches/011_disable_ssp_linking.patch: Disable -fstack-protector as it
is not always available in OpenWRT
* old patches (in oldpackages) no longer necessary
* remove libwrap dependency
* remove libpthread dependency
* respect CONFIG_IPV6
* init script uses procd
* sample stunnel.conf runs in client mode - prevents start failure,
does not require cert
Possible enhancement: automatically generate certificate as done in
uhttpd. However, as client mode is a possible use case, I'd rather not.
Additionally, stunnel may use several certs with user-defined locations
and we can't easily set a cert location via command-line args.
The package is based on
https://sites.google.com/site/twisteroidambassador/openwrt/stunnel
Signed-off-by: Michael Haas <haas@computerlinguist.org>
This patch add a new package, git-http, that contains all
http related commands (and ftp as extra). All http/ftp
depends on libcurl. Even without SSL suport in libcurl,
git compiles and it returns an informative error only
at runtime.
The use of symlinks now are trigged using NO_INSTALL_HARDLINKS env
and not based only on Makefile patch.
imap-send was kept builtin and idependent of curl (just as it was
before)
Template files, which are not necessary, where removed.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Previously, ./configure was running checking local system and not
OpenWRT target. This would avoid any configure test about OpenWRT
libraries.
With a patch in configure, non cross-compiling-friend test are
ignored and Makefile can use default configure.
As side effect, git commands are now at /usr/lib/git-core and not
/usr/libexec/git-core.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
- use https URL for fetching sources from GitHub, otherwise cloning
sources could stall buildbots by asking to accept a/the SSH host key
- do not _depend_ on DEPENDS but _select_ them, so the package(s) always
appear in menuconfig, not only when all dependencies are already
selected --> dependencies are automatically pulled in when package
is selected by user
- use PKG_INSTALL
- factor out the libeibclient library as own package
- use CONFIGURE_ARGS instead of dedicated Build/Configure
- same for TARGET_CFLAGS and Build/Compile
- do not include /etc/functions, already included by /etc/rc.common
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
During system start up pppoe devices seem to receice ifup events before
the interface actually exists. This commit makes sqm's run.sh script
test whether the sys files for an interface exist before actually trying
to start an SQM instance on an interface. This seems to nicely avoid
starting on an not fully established pppoe interface and avoids a number
of error messages during startup.
In addition, debug logging is disabled.
Signed-off-by: Sebastian Moeller <moeller0@gmx.de>
fix build errors on Arch Linux/Fedora 20
config.log trying to link with /usr/lib/libcrypt.so
/usr/lib/libcrypt.so: undefined reference to `memset@GLIBC_2.2.5'
linkage is AC_LIB_HAVE_LINKFLAGS macro behaviour
see http://marc.info/?l=gnulib-bug&m=129660262901148
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
config.log reports
WARNING: uuid support disabled as libblkid is too old
because the test macro AC_BLKID_VERS is not cross compile friendly
resulting in libblkid_cv_is_recent=unknown
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
Some interfaces like wan-pppoe go away, when the ppp connection is lost
and get recreated once the link is established again. SQM now
has its own hotplug script to re-enable itself on the interfae just hotplugged.
SQM will not touch other instances of itself running on other interfaces
if called by hotplug.d. The implementation now allows this functionality by
calling run.sh like:
/usr/lib/sqm/run.sh interface YOUR_INTERFACE_NAME_HERE
e.g.: /usr/lib/sqm/run.sh interface ge00-pppoe
If called with a specific interface SQM will only try to disable itself
on that interface to clean up all left over state and the re-enable
itself on just that interface. Hopefully that allows for better service
with instable interfaces like pppoe. The current code passes a simple manual
stop start test of the ge00-pppoe interface from the GUI and does seem
to do the right thing, at least on cerowrt 3.10.50-1...
The cross-compiling patch is no longer necessary. Also added librt as a
dependency, since it is required. This also fixes an issue where
support for linux/errqueue.h was not being detected correctly and
causing a build failure with 3.18.
Signed-off-by: John Szakmeister <john@szakmeister.net>
* new service "bind-nsupdate" using nsupdate to directly updates a PowerDNS or Bind server via nsupdate.
suggested by Jan Riechers (Pull #957) many thanks!
* updated tld-names.dat
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Patch suggested from upstream. Bumping release and including the patch
directly until a point release is available.
Signed-off-by: Karl Palsson <karlp@remake.is>
Redsocks is a daemon running on the local system, that will transparently
tunnel any TCP connection via a remote SOCKS4, SOCKS5 or HTTP proxy server. It
uses the system firewall's redirection facility to intercept TCP connections,
thus the redirection is system-wide, with fine-grained control, and does
not depend on LD_PRELOAD libraries.
Signed-off-by: Johannes Morgenroth <jm@m-network.de>
Support more options that came with mosquitto 1.4
Use more built in functions to make script simpler to read and easier to
extend.
Signed-off-by: Karl Palsson <karlp@remake.is>
Of particular note, this adds optional support for websockets. This
defaults to enabled, as it's the biggest new feature in this release.
A config item is provided to disable it for manual use.
Full release notes: http://mosquitto.org/2015/02/version-1-4-released/
This also remove some build workarounds that are no longer required for
newer versions of mosquitto.
Signed-off-by: Karl Palsson <karlp@remake.is>
When an ifindex for an interface changes, some monitoring tools can no
longer find the interface and send alerts. Monitor all network
interfaces via the procd netdev parameter, so that
/etc/init.d/snmpd reload will restart snmpd if any ifindex changed.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
- Refactor RUN_C into CONFIGFILE, as used in dnsmasq and igmpproxy init
scripts.
- Add a newline after each function definition.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* remove upgrade handling for version 3.0.21 or older packages. Also fix#726
* added user.action, user.filter and user.trust files to conffiles (might be modified by user on running system)
* move permission setting from Makefile (install) to initscript because permissions are overwritten during/inside buildroot
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- BUG/MEDIUM: backend: correctly detect the domain when use_domain_only is used
- MINOR: ssl: load certificates in alphabetical order
- BUG/MINOR: checks: prevent http keep-alive with http-check expect
- BUG/MEDIUM: Do not set agent health to zero if server is disabled in config
- MEDIUM/BUG: Only explicitly report "DOWN (agent)" if the agent health is zero
- BUG/MINOR: stats:Fix incorrect printf type.
- DOC: add missing entry for log-format and clarify the text
- BUG/MEDIUM: http: fix header removal when previous header ends with pure LF
- BUG/MEDIUM: channel: fix possible integer overflow on reserved size computation
- BUG/MINOR: channel: compare to_forward with buf->i, not buf->size
- MINOR: channel: add channel_in_transit()
- MEDIUM: channel: make buffer_reserved() use channel_in_transit()
- MEDIUM: channel: make bi_avail() use channel_in_transit()
- BUG/MEDIUM: channel: don't schedule data in transit for leaving until connected
- BUG/MAJOR: log: don't try to emit a log if no logger is set
- BUG/MINOR: args: add missing entry for ARGT_MAP in arg_type_names
- BUG/MEDIUM: http: make http-request set-header compute the string before removal
- BUG/MINOR: http: fix incorrect header value offset in replace-hdr/replace-value
- BUG/MINOR: http: abort request processing on filter failure
- BUG/MINOR: pattern: error message missing
- BUG/MEDIUM: pattern: some entries are not deleted with case insensitive match
Signed-off-by: Thomas Heil <heil@terminal-consulting.de>
new option "use_curl" to force the use of curl if GNU Wget and curl are installed
fix initscript reload(): reload and not restart if killall -1 fails
BusyBox nc not support -v in every compiled version
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Use the generic autoreconf facility to pickup proper variants of
autoconf, automake and libtool.
Remove the unneeded Build/Configure override.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
The Makefile already uses the proper autoreconf fixup but leaves a manual
autoconf invocation in place.
The bad autoconf call leads to the following build error in the SDK:
( cd .../rtorrent-0.9.4-git; ./autogen.sh );
aclocal...
autoheader...
libtoolize... libtoolize nor glibtoolize not found
make[2]: *** [.../rtorrent-0.9.4-git/.configured_] Error 1
Remove the entire Build/Configure override to let rtorrent build correctly.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
modified source directory structure
- files for production files
- samples for sample files (not installed in final build)
modified Makefile
- separate options for additional provider scripts
- remove comments and empty lines from final build
add IPv4 100.64/10 (RFC 6598) and 169.254/16 (RFC 5735) to the range of default blocked IP's.
new option "bind_network" to force GNU Wget or cURL to use specific network/interface for communication
new "domains.google.com" as IPv4 DDNS provider #822
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
The SSH transport can trigger interactive prompts during the build,
this is failing all build bots atm.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
The Open Lighting Architecture is a framework for lighting control information.
It supports a range of protocols and over a dozen USB devices. It can run as a
standalone service, which is useful for converting signals between protocols,
or alternatively using the OLA API, it can be used as the backend for lighting
control software. OLA runs on many different platforms including ARM, which
makes it a perfect fit for low cost Ethernet to DMX gateways.
Signed-off-by: Christian Beier <dontmind@freeshell.org>
restructure startup of dnymaic_dns_updater.sh
- first run load_all_config_options (it returns 1 if SECTION_ID not found) #779
- set all defaults if necessary
- verify if username and/or password is needed inside update_url #779
- remove wait - will be done by retry_interval and retry_count if communication fails
provider specific update scripts
- verify if username/password are needed
services_ipv6
- added freedns.afraid.org
- IPv6 should work due to their documentation
minor fixes
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Fixed issue in mwan3 status output with mwan3 interfaces not yet configuerd in network config
Removed nexthop argument as it is no longer used
Signed-off-by: Jeroen Louwes <jeroen.louwes@gmail.com>
* Makefile
- modified to support new LuCI build structure when building i18n support
- increase "patch" version
* privoxy.lua detail.lua apperror.lua
- modified version detection
- removed function ipgk_version()
* new file build/i18n-po2lua.pl
- copied from luci build system to create lmo language files
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
* remove CHANGELOG from distribution
* fix syslog output printing "\n" or other formating chars
* ddns configuration
- new UCI-config value ddns.global.allow_local_ip "0" or "1"
(default "0") - (OpenWrt Ticket 18642)
* dynamic_dns_functions.sh
- new function split_FQDN() splits a given FQDN into host,
(registerable) domainname, and TLD using
https://publicsuffix.org/list/effective_tld_names.dat
- verify_host_port() use BIND host, if installed
- verify_host_port() not detecting ip, if already given
- fixed regexp for IP detection from nslookup's answer - (OpenWrt
Ticket 16363)
- support ddns.global.allow_local_ip to allow sending non public IP's
to DDNS provider like 127.x, 192.168.x.x or fxxx - (OpenWrt Ticket
18642)
* new file tld_names.dat
- used by dynamic_dns_functions.sh inside split_FQDN() function to
find valid TLD's
* update_cloudflare.sh
- modified subdomain/domain splitting using split_FQDN()
- modified support for AA12.09 (json_get_keys())
- minor fixes and cleanup
- many thanks to Aaron Tanner for testing
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- update to latest version (v2.10.0)
- add a patch to fix compilation failures due to missing TIOCSRS485 macro
- add license info
- add myself as maintainer
Signed-off-by: Nicolas Thill <nico@openwrt.org>
When updating fastd, some added and renamed CMake options had been forgotten, so
it was impossible to disable some feature to reduce its size.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
- DOC: fix a few typos
- BUG/MINOR: http: fix typo: "401 Unauthorized" => "407 Unauthorized"
- BUG/MINOR: parse: refer curproxy instead of proxy
- DOC: httplog does not support 'no'
- MINOR: map/acl/dumpstats: remove the "Done." message
- BUG/MEDIUM: sample: fix random number upper-bound
- BUG/MEDIUM: patterns: previous fix was incomplete
- BUG/MEDIUM: payload: ensure that a request channel is available
- BUG/MINOR: tcp-check: don't condition data polling on check type
- BUG/MEDIUM: tcp-check: don't rely on random memory contents
- BUG/MEDIUM: tcp-checks: disable quick-ack unless next rule is an expect
- BUG/MINOR: config: fix typo in condition when propagating process binding
- BUG/MEDIUM: config: do not propagate processes between stopped processes
- BUG/MAJOR: stream-int: properly check the memory allocation return
- BUG/MEDIUM: memory: fix freeing logic in pool_gc2()
- BUG/MEDIUM: compression: correctly report zlib_mem
Signed-off-by: Thomas Heil <heil@terminal-consulting.de>
* go back to "old" initscript not using procd
* privoxy running --no-daemon only logging to STDERR
* procd do not support redirection of STDOUT/STDERR, '2>file' as a command parameter does not work
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
* Use the correct path for the pidfile
* Start a multithreaded daemon instead of pre-forking worker processes.
This avoids consuming too much memory and makes context switches faster
Signed-off-by: Gergely Kiss <mail.gery@gmail.com>
Fix issue where config file would be overwritten in some cases
Fix issue where local address of wan point-to-point links were unreachable from lan
Signed-off-by: Jeroen Louwes <jeroen.louwes@gmail.com>
This release contains a patch which is supposed to improve musl compatiblity. I
haven't tested it with musl though.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* Restore hooks support from vpnc-script
* Use consistent style for tests and blocks in openconnect.sh
* Cleanup code that writes banner to syslog
Signed-off-by: Matthew Sykes <matthew.sykes@gmail.com>
Avoids source filename conflicts and the need to delete source packages
at the end of the prepare stage. This has forced the buildenv to rebuild
the packages even if they were built already.
Signed-off-by: Gergely Kiss <mail.gery@gmail.com>
- moved from oldpackages to github
- set maintainer
- update pkg source to new version 3.0.22
- run privoxy as non root user privoxy:privoxy
- using procd including network events to restart on changes
- log start and stop to syslog, privoxy not using syslog
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Add a new build configuration option for openconnect and let it link
against libstoken if instructed to. Two new uci configuration variables
are introduced: "token_mode" and "token_secret" to allow openconnect to
use those.
Signed-off-by: Florian Fainelli <florian@openwrt.org>
- BUILD: fix "make install" to support spaces in the install dirs
- BUG/MEDIUM: checks: fix conflicts between agent checks and ssl healthchecks
- BUG/MEDIUM: ssl: fix bad ssl context init can cause segfault in case of OOM.
- BUG/MINOR: samples: fix unnecessary memcopy converting binary to string.
- BUG/MEDIUM: connection: sanitize PPv2 header length before parsing address information
- BUG/MEDIUM: pattern: don't load more than once a pattern list.
- BUG/MEDIUM: ssl: force a full GC in case of memory shortage
- BUG/MINOR: config: don't inherit the default balance algorithm in frontends
- BUG/MAJOR: frontend: initialize capture pointers earlier
- BUG/MINOR: stats: correctly set the request/response analysers
- DOC: fix typo in the body parser documentation for msg.sov
- BUG/MINOR: peers: the buffer size is global.tune.bufsize, not trash.size
- MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping)
- BUG/MAJOR: sessions: unlink session from list on out of memory
- BUG/MEDIUM: patterns: previous fix was incomplete
- BUG/MEDIUM: payload: ensure that a request channel is available
Signed-off-by: Thomas Heil <heil@terminal-consulting.de>
Chilli proxy is used when one does not want to setup AAA server
but want to handle AAA through http.
Developer's Certificate of Origin 1.1
By making a contribution to this project, I certify that:
(a) The contribution was created in whole or in part by me and I
have the right to submit it under the open source license
indicated in the file; or
(b) The contribution is based upon previous work that, to the best
of my knowledge, is covered under an appropriate open source
license and I have the right under that license to submit that
work with modifications, whether created in whole or in part
by me, under the same open source license (unless I am
permitted to submit under a different license), as indicated
in the file; or
(c) The contribution was provided directly to me by some other
person who certified (a), (b) or (c) and I have not modified
it.
(d) I understand and agree that this project and the contribution
are public and that a record of the contribution (including all
personal information I submit with it, including my sign-off) is
maintained indefinitely and may be redistributed consistent with
this project or the open source license(s) involved.
Signed-off-by: Ramanathan Sivagurunathan ramzthecoder@gmail.com
After a few discussions with the guys working on OpenVSwitch
they've recommended we use the EXTRA_CFLAGS env var for setting
flags for the kernel module.
They've updated the trunk with a patch to accomodate that.
That patch is also in this commit, and replaces a patch that I proposed.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
ZNC uses a map to cache channel memebers on join. Unfortunately uclibc++
uses a naive linked-list implementation with horrible performance, which
can cause joins to take a few minutes on popular channels.
Therefore Switch to libstdc++ which uses a much more performant hashmap.
ZNC by itself is already rather large, so the added footprint of
libstd++ vs uclibc++ does not matter that much anyway.
Should fix#11778.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
- [PATCH 1/6] BUILD: fix "make install" to support spaces in the
- [PATCH 2/6] BUG/MEDIUM: ssl: fix bad ssl context init can cause
- [PATCH 3/6] BUG/MEDIUM: ssl: force a full GC in case of memory
- [PATCH 4/6] BUG/MEDIUM: checks: fix conflicts between agent checks
- [PATCH 5/6] BUG/MINOR: config: don't inherit the default balance
- [PATCH 6/6] BUG/MAJOR: frontend: initialize capture pointers earlier
Signed-off-by: Thomas Heil <heil@terminal-consulting.de>
- moved /usr/lib/ddns/dynamic_dns_lucihelper.sh from luci-app-ddns into this package
(Github openwrt/luci issue 251)
(OpenWrt Trac tickets 18326 18347)
- fix: dynamic_dns_update.sh did not loop
(OpenWrt Trac ticket 18336)
- add provider cloudflare.com IPv4 and IPv6 (Thanks to Paul for support and testing)
(OpenWrt Trac ticket 12500)
- modified detection, if dynamic_dns_fuctions are used by dynamic_dns_lucihelper.sh
- redirect stdout of wget,curl,host,nslookup,nc etc to /tmp/ddns_$$.dat and *.err instead of variables
- extended error detection in get_local_ip function
- modified verify of option ip_script to allow parameters, when calling
- add provider selfhost.de IPv4
- add provider no-ip.pl (nothing to do with no-ip.com)
(Github openwrt/packages issue #542)
IPv4 (tested) and also added for
IPv6 (NOT tested) because client IP is autodetected be provider
- add getlocalip_sample.sh as sample script for usage of
option ip_source 'script' together with
option ip_script '/usr/lib/ddns/getlocalip.sh -4'
- cleanup whitespaces at line ends
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
When libncursesw is available, bmon uses it instead of libncurses. This
commit adapts the dependencies accordingly.
Signed-off-by: Baptiste Jonglez <bjonglez@illyse.org>
- fixed postinst and prerm in Makefile
- implementation of provider specific update scripts into services and
services_ipv6 file.
first Provider "no-ip.com" - Thanks to DarkStarXxX for
request and testing
- finished uci/ddns wiki at http://wiki.openwrt.org/doc/uci/ddns
- rewritten retry management
- rewritten logging including following Issue 469
https://github.com/openwrt/packages/issues/469
- stop running sections on hotplug ifdown event (like start on ifup)
- implement trap detection
also kill "sleep" child processes
SIGHUP to reload configuration (not really reloading, simply
starting a new process)
/etc/init.d/ddns reload implemented
- code optimization
- new provider LoopiaDNS.se Issue 494
https://github.com/openwrt/packages/issues/494
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Use INSTALL_BIN & INSTALL_DATA macros instead of cp
to ensure correct file permissions for the executable files.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Released version 1.5.8 with the following main changes :
- BUG/MAJOR: buffer: check the space left is enough or not
when input data in a buffer is wrapped
- BUG/BUILD: revert accidental change in the
makefile from latest SSL fix
Signed-off-by: Thomas Heil <heil@terminal-consulting.de>
When OVS detects a kernel version >= 3.12 it does not build
it's own vxlan module and tries to use the kernel's, when building
the OVS kernel module.
I also pushed a patch to the OpenWRT trunk to add a +kmod-vxlan package.
This will add the kernel's vxlan.ko kernel module if it exists.
So, for kernel >= 3.12, this package should exist and be installed
when installing OVS.
Tested on OpenWRT trunk with kernel 3.14.18.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Seems that while fixing the build for GCC 4.9
I broke the build for GCC 4.8, because that KCFLAG I added
causes a build error (since it's not recognized).
The fix is to add KCFLAG only when GCC 4.9 is used.
OpenVSwitch now builds successfully with GCC 4.8 and 4.9.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
The update fixes CVE-2014-4877 which allows malicious FTP servers
to modify local filesystem contents through specificially crafted
symlinks.
Please backport to for-14.07 too.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Merge upstream commit 5ae2a70a135062a025d8fabc104eeae3a2c53a7a to relax the
SSL library version check at runtime.
The objective is to avoid the need for rebuilding freeradius2 whenever we push
binary updates for libopenssl. See https://dev.openwrt.org/ticket/18169 for
reference.
Please backport this change to the for-14.07 branch as well.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
knot-utils consists of kdig, khost, knsec3hash and knsupdate. In order
to reduce the size of software installed on a device it is useful to
include a minimal collection of software and thus it should be possible
to install the utilities individually. bind also creates a subpackage
for each utility.
Signed-off-by: Matthias-Christian Ott <ott@mirix.org>
Changes committed to the cerowrt original repo after the initial import here:
- Better license & copyright statements, as requested
- Fixed a minor bug in stopping sqm
- Logging improvements
- Dead code removed
- Typos corrected
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Requires python package.
Required by other openvswitch subpackages (like openvswitch-python).
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
An older version of nut is in oldpackages. This commit is based on that
package and bumps the version to the latest release along with unifying
the server and client packages. More build options are provided for any
custom configuration but the defaults provide a working client and
server install which only needs a UPS driver. Drivers still build as
individual packages to minimise bloat. SSL support has also been added.
Signed-off-by: Martin Rowe <cyanidium@users.noreply.github.com>
