This replaces the use of uci_validate_section() with
uci_load_validate(), which removes the need to declare local variables
for every config option.
This also lets procd trigger the validation function directly, and
removes some unnecessary curly brackets.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
The reworked init script:
* Loads and validates options using uci_validate_section() (through
uci_load_validate())
* Allows service options be specified in the globals section
* Hard-codes less global options (debug, syslog), as their default
values already work
* Adds support for almost all options (up to the current package
version, 5.49)
* Moves the pid file into a subdirectory (/var/run/stunnel) so that it
can be created successfully when setuid is used
Certain options are omitted:
* chroot - requires more setup than the init script can manage
* fips, libwrap - disabled at compile-time
* iconActive, iconError, iconIdle, taskbar - gui/win32 only
* verify - obsolete, verifyChain and/or verifyPeer should be used
instead
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Current dropbear is sufficient for gitolite purposes, so don't
require openssh (we don't do a dependency on either dropbear or
openssh as they are not yet drop-in replacements in terms of
packaging for the functions shared between them). To achieve
tihs we also eliminate the dependency on ssh-keygen. Previously
gitolite used ssh-keygen to generate fingerprints from OpenSSH
keys to ensure non-duplication of keys when processing them to
create / manage user ssh access to the git repositories.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
The previous solution was incorrect. The issue was that the macro was not
defined as the header defining it was not included. GCC warns if -Wunder
is passed and does not error by default, leading to the confusion.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Add a forgotten patch which was part of the original PR to switch ct tools
to libtirpc.
Fixes: ecebe0ed1 ("conntrack-tools: update to 1.4.5 and link against libtirpc")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
In order to allow for the switch from librpc to libtirpc, we need to
relocate the conntrack-tools package here.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Small but important tweaks to fix the operation of the nut initscripts
and hotplug scripts. All hail shellcheck and proofreading and
dogfooding.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
This upstream release adds support for trust_anchors_backoff_time
configuration parameter. UCI support has been added for this.
This commit also includes a number of clean-ups:
o change START=50 to START=30 in init file
Starting earlier in the boot means less chance of missing interface
trigger events. See: https://github.com/openwrt/packages/pull/4675
o remove unused variables from init file
o separate local declarations and assignments in init file
o add defensive quoting in init file
o use default values for procd respawn in init file
o make use of {} in variables consistent in init file
o remove unused variable from init file
Signed-off-by: Jonathan G. Underwood <jonathan.underwood@gmail.com>
* the DNS Report now displays the hostname, MAC-Address or
client IP (CLI & LuCI)
* Filter the DNS Query result set for a particular domain, client or
time frame (CLI & LuCI)
* remove needless XHR.Poll-Events from Reporting page in LuCI
* remove needless 'force sort' option in LuCI
Signed-off-by: Dirk Brenken <dev@brenken.org>
The configure script uses a deprecated function to check for libssl. I tried patching configure.ac
and adding PKG_FIXUP:=autoreconf but that causes a different error. This is the simplest fix.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
lighttpd-mod-auth has to be installed with lighttpd-mod-authn_file,
otherwise an error will appear even when auth.backend is not "plain".
(plugin.c.229) dlopen() failed for: /usr/lib/lighttpd/mod_authn_file.so Error loading shared library /usr/lib/lighttpd/mod_authn_file.so: No such file or directory
Signed-off-by: David Yang <mmyangfl@gmail.com>
Since 4.9.3, Samba AD-DC with MIT Kerberos will refuse to build unless
--with-experimental-mit-ad-dc is provided to the configure command.
The mandatory requirement was introduced in response to a report that
a user in a Samba AD domain can crash the KDC when Samba is built in
the non-default MIT Kerberos configuration:
https://www.samba.org/samba/security/CVE-2018-16853.html
This requirement was introduced in Samba commit
c5370a4349d381ba3b64b063dc28a2c54cfacdfc.
Signed-off-by: Val Kulkov <val.kulkov@gmail.com>
* fix launcher.sh installation for client, bridge
* link libreadline as static for host helper (hamcorebuilder)
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* enhance the query function to search in adblock backups as well,
to get back the set of blocking lists sources for a certain domain
* add "Latest DNS Queries" report to commandline version as well
(already in LuCI)
* made the tld compression (the error handling) more robust,
remove the needless 'adb_forcesrt' option
* removed abandoned 'feodo' list source
* updated readme
Signed-off-by: Dirk Brenken <dev@brenken.org>
Radicale 2.x adds support for many new clients,
bug-fixes, etc so add v2 of this application.
We do it as a separate package for those not
ready to switch (it's not an straight inplace
upgrade from 1.x).
We do however CONFLICT with 1.x as they can't
be run side-by-side on the same host (without
containers for somesuch).
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
