This fixes misleading errors in the status file, and increases buffer
sizes to match the python implementation.
Signed-off-by: Karl Palsson <karlp@etactica.com>
At the moment ss-server seems to be the only component using these two
options. It also accepts "local_address" of either ip4 or ip6 address,
but the meaning is different from that of ss-local, ss-tunnel etc.
where it is for listen bind
With this commit, we start deprecation process of uci option
"bind_address". The name was replaced with "local_addr" in upstream
project commit 5fa98a66 ("Fix #1911") and available as json config
option "local_address". This upstream change was released in 3.2.0
Link: 4a42da641b
Link: https://github.com/openwrt/packages/issues/12931
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Config files
/etc/freeradius3/policy.d/accounting
/etc/freeradius3/policy.d/filter
/etc/freeradius3/proxy.conf
/etc/freeradius3/sites-available/default
and link
/etc/freeradius3/sites-enabled/default
are in the freeradius3 package and are mentioned in the main config file
/etc/freeradius3/radiusd.conf
Thus, they must be explicitly specified in the Makefile.
File
/etc/freeradius3/sites/default
is not included in the package, is not created during installation,
is not mentioned in the main config file and should therefore be excluded
from the Makefile.
Signed-off-by: Alexey Dobrovolsky <dobrovolskiy.alexey@gmail.com>
netifd is clever enough to handle the peerdns and default route
arguments, so we can just let them get passed along, and when
ppp-up invokes proto_send_update, netifd will only apply what
is needed
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
Do not manually overwrite the paths of gdbus-codegen or glib-mkenums
in the ModemManager package build, as modifying the configure.ac ends
up requiring a full autoreconf.
Since MM 1.14, git builds or autoreconf-ed source package builds
require autoconf-archive installed in the build system, and so the
build would fail if this happens.
The update to overwrite the paths was to force using the gdbus-codegen
and glib-mkenums provided by the "host" glib2 package instead of the
"target" glib2 package (see fa8ad6e69c),
but these tools are really the same in both as they're python
programs, arch independent.
Tested in a local build where the setup detects and uses the correct
glib tool paths from the target:
/home/user/openwrt/staging_dir/target-mips_24kc_musl/usr/bin/gdbus-codegen
/home/user/openwrt/staging_dir/target-mips_24kc_musl/usr/bin/glib-mkenums
Fixes https://github.com/openwrt/packages/issues/12958
Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
This is to make explicit the conditional select of libunwind is only
needed for libopenvswitch. If we spill it over other packages, the
generated kconfig will have recursive dependency issue. 2 new patches
were made for this goal
The other thing is that "+libunwind" will cause it to be built if any of the
packages defined in this Makefile is enabled (y or m). This is at the moment
by-design of the build system.
Libunwind does not support architectures like arc. Use conditional select To
avoid (libunwind) build failures like the following,
checking for ELF helper width... configure: error: Unknown ELF target: arc
make[3]: *** [Makefile:65: /data/openwrt/build_dir/target-arc_arc700_uClibc/
libunwind-1.3.1/.configured_68b329da9893e34099c7d8ad5cb9c940] Error 1
Things like "+PACKAGE_openvswitch-libopenvswitch:libunwind" will also result in
recursive deps error for chains of 3 nodes. Kconfig construct like the
following will be made
config A
tristate
select B
depends on !(C) || (x)
config B
tristate
select C
config C
tristate
config x
bool
Other changes include
- Shared use of variable ovs__common_depends was removed
- Ovn doc build was patched out
Link: https://github.com/openwrt/packages/pull/12959#issuecomment-665021413
Reported-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Simplified Makefile as a result of meson transition.
Fixed license information.
Updated URL.
Added patch to fix linking issue.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
If two openfortivpn scripts are started at the same time, a race
condition can occur where the conditional evaluates to true, but the
symlink exists by the time the other script tries to create it
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
Block restart of the interface if the openfortivpn fails to authenticate.
Without this check, with a bad password, netifd will continually
hit the VPN endpoint with connection attempts
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
Add a hotplug script to reload nlbwmon's config after interface
ifup actions.
That should improve the detection of the IPv6 LAN address
that can get enabled a bit later in the boot process.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
This reverts commit cde2a77ed3.
Applying this change has shown that it is even quicker to provoke the
race condtition on simultan mwan3 commands execution.
By reversing the change we have the same behaviour as before.
But the race condition on mwan3 execute at the same time still exists.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
This adjustment of the locks fixes the race condition when a mwan3
hotplug script and a mwan3 command are running at the same time.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
This new config section in package openvswitch
supports creating a named bridge, and setting
its' OpenFlow controller end-point.
An example config is included in /rom/etc/config/openvswitch
Signed-off-by: Simon Kinane <skinane@fb.com>
- New major version (LTS release)
- Update haproxy download URL and hash
- Remove obsolete dladdr1-dependency-patch as it has been upstreamed
- USE_REGPARM is obsolete and therefore removed from our Makefile
Signed-off-by: Christian Lachner <gladiac@gmail.com>
Make the plain nginx version the same as nginx-ssl.
In a further change we will replace nginx by a dummy package,
depending on +nginx-ssl instead. This allows a smooth upgrade.
For nginx-util leave the ssl and the ssl-nopcre versions only.
For nginx-mod-luci remove the duplicate ssl version.
Replace the removed packages by dummies for a smooth upgrade.
The dummy packages will be removed after a transition period.
Additionally, enable the http2 module for nginx-ssl by default
and cleanup the nginx.init file.
Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at>
- Fixes CVEs:
CVE-2019-12519
CVE-2019-12520
CVE-2019-12521
CVE-2019-12523
CVE-2019-12524
CVE-2019-12525
CVE-2019-12526
CVE-2019-12527
CVE-2019-12528
CVE-2019-12529
CVE-2019-12824
CVE-2019-12854
CVE-2019-13345
CVE-2019-18676
CVE-2019-18677
CVE-2019-18678
CVE-2019-18679
CVE-2020-8449
CVE-2020-8450
CVE-2020-11945
CVE-2020-14058
CVE-2020-15049
- Remove patch for cross-compilation
The patch should not be included in the OpenWrt at all without any
commit message/description.
Is not needed and there should be used HOST variables instead of BUILD variables (e.g.
HOSTCXX)
However, the BUILDCXX is set in Makefile to HOSTCXX
- Renumber glibc patch and refresh it
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
If the uci option family is not set in the interface section, then there
is no default value set as in the `config_load / config_get` API.
The problem here is that if the family is not set, the default value ipv4
is normaly assumed. But the comparison fails here because the value is empty
and therefore the dedicated routing table for this interface is not compared
with the other routes from the main table and so not updated.
To fix this set the default value for this config option which is`false`
for enabled and `ipv4` for family.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
This fixes routing handling. Introduced with the last version update.
The following message disappears on the shell
when mwan3 is called with 'mwna3 restart`.
`Error: Invalid gateway address.`
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
[aaronjg@stanford.edu: fully unset variable and handle ipv4 as well]
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
default rule only applied to ipv4 with dest_ip 0.0.0.0/0
and error was hidden when trying to apply it in ip6table
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
allow use of curl rather than ping to test if a host
is up since a host may not respond to ping, but an
https request is part of the openfortivpn connection,
so this is a more reliable test
also clean up overly verbose logging
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
