The chrony interface hotplug script reuses the handle_allow function
from the init script to allow NTP access on interfaces specified in uci.
The function requires /lib/functions/network.sh. Include the file in the
hotplug script to make the function work as expected.
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
This should prevent some resolving issues by other router app.
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry picked from commit 1d1eca32db)
Dropped patches:
0004-Replace-EVP_CIPHER_CTX_cleanup-with-EVP_CIPHER_CTX_r.patch
0005-Switch-get_-Update-APIs-to-get0.patch
Reworked patches:
0001-Add-new-ASN1_STRING_get0_data-API.patch
0006-Add-X509_STORE_CTX_trusted_stack-compatibility-macro.patch
These 2 require that we keep only the CUSTOMIZATIONS stuff for now. Maybe
later we can drop this.
Ran 'make package/python-cryptography/refresh'.
Added patch:
0004-disable-rust.patch
upstream did a sloppy job with the CRYPTOGRAPHY_DONT_BUILD_RUST logic; we
need to patch it, to make sure the setuptools-rust isn't installed.
We may need to carry this patch in our tree for a bit longer than upstream,
because in newer versions, CRYPTOGRAPHY_DONT_BUILD_RUST logic gets removed.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry picked from commit 01d1b4581e)
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* fix issue with nginx search pattern reported in forum support thread
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 0c16840e26)
Using strcmp() to compare a version string doesn't work well.
Use verrevcmp() function from opkg instead.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 794cf3ac59,
as it was previously skipped also switch PKG_REVISION back to manual
to keep it in sync with master branch)
No longer fail in case a package is part of multiple lists (which may
happen temporarily in case it becomes 'nonshared').
Bump version to prepare for sync accross branches.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 9150e82768)
* don't segfault if server reply is incomplete
* always request 'generic' image on x86/generic and x86/64
* make SNAPSHOT branches sticky, eg. stay on 21.02-SNAPSHOT and do
not 'upgrade' to 21.02.0-rc2.
* output requested server URL when debugging
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 02bc1fc929)
This change makes the handling of adding and deleting interface, device
bridge and firewall more robust.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 0fded274ec)
* fix a small json syntax issue in adblock.sources
* add easylist addon to reg_fr source
* add switch 'adb_fetchinsecure' to allow insecure downloads
without certificate check (disabled by default)
* better explain 'adb_fetchparm' in readme
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 74dec65b61)
Python3 comes with a built-in readline module. It wasn't included up until
now; mostly because it wasn't considered.
This change introduces it as a sub-package of the main Python3 package.
readline support is included in Python.
libreadline pulls libncursesw as a package, so python3-ncurses was
updated to pull libncursesw as well.
It should be the same package; mostly done for consistency.
Resolves the issue reported here:
https://forum.openwrt.org/t/python3-repl-missing-readline/90039
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry picked from commit 49faf5d7ca)
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Explicitly add libdaemon configure flag. It seems the default was
changed.
Add AUTORELEASE for simplicity.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 94bc8a127c)
By adding these dependencies, it is much easier for users (both
applications that use Twisted and end users) to have secure
communications by default.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 8349546208)
This is a security and bugfix release.
Full release notes: https://mosquitto.org/blog/2021/06/version-2-0-11-released/
Fixes a remotely triggered memory leak
Fixes broker reconnections in certain failure situations
Fixes (non-standard) qos0 queuing
Signed-off-by: Karl Palsson <karlp@etactica.com>
Updating Eneas' email as requested on Github:
https://github.com/openwrt/packages/pull/15622
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry picked from commit 6185156e69)
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
1.16.1 included fixes for:
* CVE-2021-27918 - encoding/xml: infinite loop when using
xml.NewTokenDecoder with a custom TokenReader
* CVE-2021-27919 - archive/zip: can panic when calling Reader.Open
1.16.4 included fixes for:
* CVE-2021-31525 - net/http: ReadRequest can stack overflow due to
recursion with very large headers
1.16.5 includes fixes for:
* CVE-2021-33195 - net: Lookup functions may return invalid host names
* CVE-2021-33196 - archive/zip: malformed archive may cause panic or
memory exhaustion
* CVE-2021-33197 - net/http/httputil: ReverseProxy forwards Connection
headers if first one is empty
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit fe3c49fe07)
Samplicator receives UDP datagrams on a given port and resends those
datagrams to a specified set of receivers.
Use Cases:
- replicate Flow Samples to multiple receivers
- use with conntrackd to synchronize via unicast to multiple targets
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 41534e5a19)
