libwebsockets: fix recursive dependency

While running `make menuconfig`, it was discovered then there is a
recursive dependency like this:
tmp/.config-package.in:59138:error: recursive dependency detected!
tmp/.config-package.in:59138:	symbol PACKAGE_libwebsockets-openssl is selected by PACKAGE_libwebsockets-mbedtls
tmp/.config-package.in:59122:	symbol PACKAGE_libwebsockets-mbedtls depends on PACKAGE_libwebsockets-openssl

It is not possible with the recently added conflicts that two packages
(OpenSSL and full variant, which uses OpenSSL as well), which are almost the same
provides the same named package libwebsockets as their conflict - Mbed
TLS.

Fixes: 676c5c72b5 ("libwebsockets: OpenSSL
and mbedTLS variants should conflict")

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit a4e8cbb89a)

.circleci/Dockerfile

@@ -1,93 +0,0 @@
-FROM debian:10
-
-
-# Configuration version history
-# v1.0   - Initial version by Etienne Champetier
-# v1.0.1 - Run as non-root, add unzip, xz-utils
-# v1.0.2 - Add bzr
-# v1.0.3 - Verify usign signatures
-# v1.0.4 - Add support for Python3
-# v1.0.5 - Add 19.07 public keys, verify keys
-# v1.0.6 - Add 21.02 public keys, update Debian image to version 10, add rsync
-# v1.0.7 - Add 22.03 public keys, 18.06 v2 gpg key, 18.06 usign key
-
-RUN apt update && apt install -y \
-build-essential \
-bzr \
-curl \
-jq \
-gawk \
-gettext \
-git \
-libncurses5-dev \
-libssl-dev \
-python \
-python3 \
-signify-openbsd \
-subversion \
-rsync \
-time \
-unzip \
-wget \
-xz-utils \
-zlib1g-dev \
-&& rm -rf /var/lib/apt/lists/*
-
-RUN useradd -c "OpenWrt Builder" -m -d /home/build -s /bin/bash build
-USER build
-ENV HOME /home/build
-
-# OpenWrt Build System (PGP key for unattended snapshot builds)
-RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/626471F1.asc' | gpg --import \
- && gpg --fingerprint --with-colons '<pgpsign-snapshots@openwrt.org>' | grep '^fpr:::::::::54CC74307A2C6DC9CE618269CD84BCED626471F1:$' \
- && echo '54CC74307A2C6DC9CE618269CD84BCED626471F1:6:' | gpg --import-ownertrust
-
-# OpenWrt Build System (PGP key for 17.01 "Reboot" release builds)
-RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/D52BBB6B.asc' | gpg --import \
- && gpg --fingerprint --with-colons '<pgpsign-17.01@openwrt.org>' | grep '^fpr:::::::::B09BE781AE8A0CD4702FDCD3833C6010D52BBB6B:$' \
- && echo 'B09BE781AE8A0CD4702FDCD3833C6010D52BBB6B:6:' | gpg --import-ownertrust
-
-# OpenWrt Release Builder (18.06 Signing Key)
-RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/17E1CE16.asc' | gpg --import \
- && gpg --fingerprint --with-colons '<openwrt-devel@lists.openwrt.org>' | grep '^fpr:::::::::6768C55E79B032D77A28DA5F0F20257417E1CE16:$' \
- && echo '6768C55E79B032D77A28DA5F0F20257417E1CE16:6:' | gpg --import-ownertrust
-
-# OpenWrt Build System (PGP key for 18.06 release builds)
-RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/15807931.asc' | gpg --import \
- && gpg --fingerprint --with-colons '<pgpsign-18.06@openwrt.org>' | grep '^fpr:::::::::AD0507363D2BCE9C9E36CEC4FBCB78F015807931:$' \
- && echo 'AD0507363D2BCE9C9E36CEC4FBCB78F015807931:6:' | gpg --import-ownertrust
-
-# OpenWrt Build System (PGP key for 19.07 release builds)
-RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/2074BE7A.asc' | gpg --import \
- && gpg --fingerprint --with-colons '<pgpsign-19.07@openwrt.org>' | grep '^fpr:::::::::D9C6901F45C9B86858687DFF28A39BC32074BE7A:$' \
- && echo 'D9C6901F45C9B86858687DFF28A39BC32074BE7A:6:' | gpg --import-ownertrust
-
-# OpenWrt Build System (PGP key for 21.02 release builds)
-RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/88CA59E8.asc' | gpg --import \
- && gpg --fingerprint --with-colons '<pgpsign-21.02@openwrt.org>' | grep '^fpr:::::::::667205E379BAF348863A5C6688CA59E88F681580:$' \
- && echo '667205E379BAF348863A5C6688CA59E88F681580:6:' | gpg --import-ownertrust
-
-# OpenWrt Build System (GnuPGP key for 22.03 release builds)
-RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/CD54E82DADB3684D.asc' | gpg --import \
- && gpg --fingerprint --with-colons '<pgpsign-22.03@openwrt.org>' | grep '^fpr:::::::::BF856781A01293C8409ABE72CD54E82DADB3684D:$' \
- && echo 'BF856781A01293C8409ABE72CD54E82DADB3684D:6:' | gpg --import-ownertrust
-
-# untrusted comment: Public usign key for unattended snapshot builds
-RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=usign/b5043e70f9a75cde' --create-dirs -o /home/build/usign/b5043e70f9a75cde \
- && echo 'd7ac10f9ed1b38033855f3d27c9327d558444fca804c685b17d9dcfb0648228f */home/build/usign/b5043e70f9a75cde' | sha256sum --check
-
-# untrusted comment: Public usign key for 18.06 release builds
-RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=usign/1035ac73cc4e59e3' --create-dirs -o /home/build/usign/1035ac73cc4e59e3 \
- && echo '8dc2e7f5c4e634437e6641f4df77a18bf59f0c8e9016c8ba4be5d4a0111e68c2 */home/build/usign/1035ac73cc4e59e3' | sha256sum --check
-
-# untrusted comment: Public usign key for 19.07 release builds
-RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=usign/f94b9dd6febac963' --create-dirs -o /home/build/usign/f94b9dd6febac963 \
- && echo 'b1d09457cfbc36fccfe18382d65c54a2ade3e7fd3902da490a53aa517b512755 */home/build/usign/f94b9dd6febac963' | sha256sum --check
-
-# untrusted comment: Public usign key for 21.02 release builds
-RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=usign/2f8b0b98e08306bf' --create-dirs -o /home/build/usign/2f8b0b98e08306bf \
- && echo 'd102bdd75421c62490b97f520f9db06aadb44ad408b244755d26e96ea5cd3b7f */home/build/usign/2f8b0b98e08306bf' | sha256sum --check
-
-# untrusted comment: Public usign key for 22.03 release builds
-RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=usign/4d017e6f1ed5d616' --create-dirs -o /home/build/usign/4d017e6f1ed5d616 \
- && echo 'f3c5fdf447d7c2743442e68077d60acc7c3e91754849e1f4b6be837b4204b7e2 */home/build/usign/4d017e6f1ed5d616' | sha256sum --check

.circleci/README

@@ -1,6 +0,0 @@
-# Build/update the docker image
-
-docker pull debian:10
-docker build --rm -t docker.io/openwrtorg/packages-cci:latest .
-docker tag <IMAGE ID> docker.io/openwrtorg/packages-cci:<VERSION-TAG>
-docker push docker.io/openwrtorg/packages-cci

.circleci/config.yml

@@ -2,12 +2,11 @@ version: 2.0
 jobs:
   build:
     docker:
-      - image: docker.io/openwrtorg/packages-cci:v1.0.7
+      - image: docker.io/openwrtorg/packages-cci:v1.0.1
     environment:
-      - SDK_HOST: "downloads.openwrt.org"
-      - SDK_PATH: "snapshots/targets/ath79/generic"
-      - SDK_FILE: "openwrt-sdk-ath79-generic_*.Linux-x86_64.tar.xz"
-      - BRANCH: "master"
+      - SDK_BASE_URL: "https://downloads.openwrt.org/releases/18.06.1/targets/ar71xx/generic"
+      - SDK_FILE: "openwrt-sdk-18.06.1-ar71xx-generic_gcc-7.3.0_musl.Linux-x86_64.tar.xz"
+      - BRANCH: "openwrt-18.06"
     steps:
       - checkout:
           path: ~/openwrt_packages
@@ -40,7 +39,7 @@ jobs:
                fi
 
                subject="$(git show -s --format=%s $commit)"
-               if echo "$subject" | grep -q -e '^[0-9A-Za-z,+/_-]\+: ' -e '^Revert '; then
+               if echo "$subject" | grep -q -e '^[0-9A-Za-z,/_-]\+: ' -e '^Revert '; then
                  echo_green "Commit subject line seems ok ($subject)"
                else
                  echo_red "Commit subject line MUST start with '<package name>: ' ($subject)"
@@ -63,42 +62,17 @@ jobs:
           name: Download the SDK
           working_directory: ~/sdk
           command: |
-             curl "https://$SDK_HOST/$SDK_PATH/sha256sums" -sS -o sha256sums
-             curl "https://$SDK_HOST/$SDK_PATH/sha256sums.asc" -fs -o sha256sums.asc || true
-             curl "https://$SDK_HOST/$SDK_PATH/sha256sums.sig" -fs -o sha256sums.sig || true
-             if [ ! -f sha256sums.asc ] && [ ! -f sha256sums.sig ]; then
-                 echo_red "Missing sha256sums signature files"
-                 exit 1
-             fi
-             [ ! -f sha256sums.asc ] || gpg --with-fingerprint --verify sha256sums.asc sha256sums
-             if [ -f sha256sums.sig ]; then
-                 VERIFIED=
-                 for KEY in ~/usign/*; do
-                     echo "Trying $KEY..."
-                     if signify-openbsd -V -q -p "$KEY" -x sha256sums.sig -m sha256sums; then
-                         echo "...verified"
-                         VERIFIED=1
-                         break
-                     fi
-                 done
-                 if [ -z "$VERIFIED" ]; then
-                     echo_red "Could not verify usign signature"
-                     exit 1
-                 fi
-             fi
-             rsync -av "$SDK_HOST::downloads/$SDK_PATH/$SDK_FILE" .
+             curl "$SDK_BASE_URL/sha256sums" -sS -o sha256sums
+             curl "$SDK_BASE_URL/sha256sums.asc" -sS -o sha256sums.asc
+             gpg --with-fingerprint --verify sha256sums.asc sha256sums
+             curl "$SDK_BASE_URL/$SDK_FILE" -sS -o "$SDK_FILE"
              sha256sum -c --ignore-missing sha256sums
 
       - run:
-          name: Prepare build_dir
-          working_directory: ~/build_dir
+          name: Prepare work_dir
+          working_directory: ~/work_dir
           command: |
              tar Jxf ~/sdk/$SDK_FILE --strip=1
-             touch .config
-             make prepare-tmpinfo scripts/config/conf
-             ./scripts/config/conf --defconfig=.config Config.in
-             make prereq
-             rm .config
              cat > feeds.conf <<EOF
              src-git base https://github.com/openwrt/openwrt.git;$BRANCH
              src-link packages $HOME/openwrt_packages
@@ -106,16 +80,17 @@ jobs:
              EOF
              cat feeds.conf
              ./scripts/feeds update -a > /dev/null
+             ./scripts/feeds install -a > /dev/null
              make defconfig > /dev/null
              # enable BUILD_LOG
              sed -i 's/# CONFIG_BUILD_LOG is not set/CONFIG_BUILD_LOG=y/' .config
 
       - run:
-          name: Install & download source, check package, compile
-          working_directory: ~/build_dir
+          name: Download source, check package, compile
+          working_directory: ~/work_dir
           command: |
              set +o pipefail
-             PKGS=$(cd ~/openwrt_packages; git diff --diff-filter=d --name-only "origin/$BRANCH..." | grep 'Makefile$' | grep -Ev '/files/|/src/' | awk -F/ '{ print $(NF-1) }')
+             PKGS=$(cd ~/openwrt_packages; git diff --diff-filter=d --name-only "origin/$BRANCH..." | grep 'Makefile$' | grep -v '/files/' | awk -F/ '{ print $(NF-1) }')
              if [ -z "$PKGS" ] ; then
                  echo_blue "WARNING: No new or modified packages found!"
                  exit 0
@@ -123,9 +98,6 @@ jobs:
 
              echo_blue "=== Found new/modified packages: $PKGS"
              for PKG in $PKGS ; do
-                 echo_blue "===+ Install: $PKG"
-                 ./scripts/feeds install "$PKG"
-
                  echo_blue "===+ Download: $PKG"
                  make "package/$PKG/download" V=s
 
@@ -148,29 +120,16 @@ jobs:
                  echo_green "=> Package check OK"
              done
 
-             make \
-                 -f .config \
-                 -f tmp/.packagedeps \
-                 -f <(echo '$(info $(sort $(package-y) $(package-m)))'; echo -en 'a:\n\t@:') \
-              | tr ' ' '\n' >enabled-package-subdirs.txt
              for PKG in $PKGS ; do
-                 if ! grep -m1 -qE "(^|/)$PKG$" enabled-package-subdirs.txt; then
-                        echo_red "===+ Building: $PKG skipped. It cannot be enabled with $SDK_FILE"
-                        continue
-                 fi
                  echo_blue "===+ Building: $PKG"
-                 make "package/$PKG/compile" -j3 V=s || {
-                        RET=$?
-                        echo_red "===+ Building: $PKG failed, rebuilding with -j1 for human readable error log"
-                        make "package/$PKG/compile" -j1 V=s; exit $RET
-                 }
+                 make "package/$PKG/compile" -j3 V=s
              done
 
       - store_artifacts:
-          path: ~/build_dir/logs
+          path: ~/work_dir/logs
 
       - store_artifacts:
-          path: ~/build_dir/bin
+          path: ~/work_dir/bin
 
 workflows:
   version: 2

.github/issue_template

@@ -1,8 +1,9 @@
 Please make sure that the issue subject starts with `<package-name>: `
 
-Also make sure that the package is maintained in this repository and not in base which should be submitted at https://bugs.openwrt.org or in the LuCI repository which should be submitted at https://github.com/openwrt/luci/issues.
+This repo here is only for packages maintained in this repo.  For base packages residing in the same repo as the build system and maintained by core devs, please consider opening tickets there for more timely responses
 
-Issues related to releases below 18.06 and forks are not supported or maintained and will be closed.
+ - OpenWrt base system: https://bugs.openwrt.org
+ - Most LuCI packages: https://github.com/openwrt/luci/issues
 
 # Issue template (remove lines from top till here)
 
@@ -12,5 +13,5 @@ Environment: (put here arch, model, OpenWrt version)
 Description:
 
 ```
-Format code blocks by wrapping them with pairs of ```
+Formating code blocks by wrapping them with pairs of ```
 ```

.github/workflows/Dockerfile

@@ -1,6 +0,0 @@
-ARG ARCH=x86-64
-FROM openwrt/rootfs:$ARCH
-
-ADD entrypoint.sh /entrypoint.sh
-
-CMD ["/entrypoint.sh"]

.github/workflows/check-autorelease-deprecation.yml

@@ -1,91 +0,0 @@
-name: Check autorelease deprecation
-
-on:
-  pull_request_target:
-    types: [opened, synchronize, converted_to_draft, ready_for_review, edited]
-
-jobs:
-  build:
-    name: Check autorelease deprecation
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-
-    permissions:
-      pull-requests: write
-
-    steps:
-      - uses: actions/checkout@v3
-        with:
-          ref: ${{ github.event.pull_request.head.sha }}
-          fetch-depth: 0
-
-      - name: Determine branch name
-        run: |
-          BRANCH="${GITHUB_BASE_REF#refs/heads/}"
-          echo "Building for $BRANCH"
-          echo "BRANCH=$BRANCH" >> $GITHUB_ENV
-
-      - name: Determine changed packages
-        run: |
-          RET=0
-
-          # only detect packages with changes
-          PKG_ROOTS=$(find . -name Makefile | \
-            grep -v ".*/src/Makefile" | \
-            sed -e 's@./\(.*\)/Makefile@\1/@')
-          CHANGES=$(git diff --diff-filter=d --name-only origin/$BRANCH...)
-
-          for ROOT in $PKG_ROOTS; do
-            for CHANGE in $CHANGES; do
-              if [[ "$CHANGE" == "$ROOT"* ]]; then
-                if grep -q '$(AUTORELEASE)' "$ROOT/Makefile"; then
-                  CONTAINS_AUTORELEASE+="$ROOT"
-                fi
-                break
-              fi
-            done
-          done
-
-          if [ -n "$CONTAINS_AUTORELEASE" ]; then
-            RET=1
-            cat > "$GITHUB_WORKSPACE/pr_comment.md" << EOF
-          Please do no longer set *PKG_RELEASE* to *AUTORELEASE* as the
-          feature is deprecated. Please use an integer instead. Below is a
-          list of affected packages including correct *PKG_RELEASE*:
-
-          EOF
-          fi
-
-          for ROOT in $CONTAINS_AUTORELEASE; do
-            echo -n "  - ${ROOT}Makefile: PKG_RELEASE:=" >> "$GITHUB_WORKSPACE/pr_comment.md"
-            last_bump="$(git log --pretty=format:'%h %s' "$ROOT" |
-              grep --max-count=1 -e ': [uU]pdate to ' -e ': [bB]ump to ' |
-              cut -f 1 -d ' ')"
-
-            if [ -n "$last_bump" ]; then
-              echo -n $(($(git rev-list --count "$last_bump..HEAD" "$ROOT") + 2)) >> "$GITHUB_WORKSPACE/pr_comment.md"
-            else
-              echo -n $(($(git rev-list --count HEAD "$ROOT") + 2)) >> "$GITHUB_WORKSPACE/pr_comment.md"
-            fi
-            echo >> "$GITHUB_WORKSPACE/pr_comment.md"
-          done
-
-          exit $RET
-
-      - name: Find Comment
-        uses: peter-evans/find-comment@v2
-        if: ${{ failure() }}
-        id: fc
-        with:
-          issue-number: ${{ github.event.pull_request.number }}
-          comment-author: 'github-actions[bot]'
-
-      - name: Create or update comment
-        uses: peter-evans/create-or-update-comment@v2
-        if: ${{ failure() }}
-        with:
-          comment-id: ${{ steps.fc.outputs.comment-id }}
-          issue-number: ${{ github.event.pull_request.number }}
-          body-file: 'pr_comment.md'
-          edit-mode: replace

.github/workflows/ci_helpers.sh

@@ -1,26 +0,0 @@
-#!/bin/sh
-
-color_out() {
-	printf "\e[0;$1m$PKG_NAME: %s\e[0;0m\n" "$2"
-}
-
-success() {
-	color_out 32 "$1"
-}
-
-info() {
-	color_out 36 "$1"
-}
-
-err() {
-	color_out 31 "$1"
-}
-
-warn() {
-	color_out 33 "$1"
-}
-
-err_die() {
-	err "$1"
-	exit 1
-}

.github/workflows/entrypoint.sh

@@ -1,70 +0,0 @@
-#!/bin/sh
-
-# not enabling `errtrace` and `pipefail` since those are bash specific
-set -o errexit # failing commands causes script to fail
-set -o nounset # undefined variables causes script to fail
-
-echo "src/gz packages_ci file:///ci" >> /etc/opkg/distfeeds.conf
-
-FINGERPRINT="$(usign -F -p /ci/packages_ci.pub)"
-cp /ci/packages_ci.pub "/etc/opkg/keys/$FINGERPRINT"
-
-mkdir -p /var/lock/
-
-opkg update
-
-export CI_HELPER="/ci/.github/workflows/ci_helpers.sh"
-
-for PKG in /ci/*.ipk; do
-	tar -xzOf "$PKG" ./control.tar.gz | tar xzf - ./control
-	# package name including variant
-	PKG_NAME=$(sed -ne 's#^Package: \(.*\)$#\1#p' ./control)
-	# package version without release
-	PKG_VERSION=$(sed -ne 's#^Version: \(.*\)$#\1#p' ./control)
-	PKG_VERSION="${PKG_VERSION%-[!-]*}"
-	# package source containing test.sh script
-	PKG_SOURCE=$(sed -ne 's#^Source: \(.*\)$#\1#p' ./control)
-	PKG_SOURCE="${PKG_SOURCE#/feed/}"
-
-	echo
-	echo "Testing package $PKG_NAME in version $PKG_VERSION from $PKG_SOURCE"
-
-	if ! [ -d "/ci/$PKG_SOURCE" ]; then
-		echo "$PKG_SOURCE is not a directory"
-		exit 1
-	fi
-
-	PRE_TEST_SCRIPT="/ci/$PKG_SOURCE/pre-test.sh"
-	TEST_SCRIPT="/ci/$PKG_SOURCE/test.sh"
-
-	if ! [ -f "$TEST_SCRIPT" ]; then
-		echo "No test.sh script available"
-		continue
-	fi
-
-	export PKG_NAME PKG_VERSION
-
-	if [ -f "$PRE_TEST_SCRIPT" ]; then
-		echo "Use package specific pre-test.sh"
-		if sh "$PRE_TEST_SCRIPT" "$PKG_NAME" "$PKG_VERSION"; then
-			echo "Pre-test successful"
-		else
-			echo "Pre-test failed"
-			exit 1
-		fi
-	else
-		echo "No pre-test.sh script available"
-	fi
-
-	opkg install "$PKG"
-
-	echo "Use package specific test.sh"
-	if sh "$TEST_SCRIPT" "$PKG_NAME" "$PKG_VERSION"; then
-		echo "Test successful"
-	else
-		echo "Test failed"
-		exit 1
-	fi
-
-	opkg remove "$PKG_NAME" --force-removal-of-dependent-packages --force-remove --autoremove || true
-done

.github/workflows/formal.yml

@@ -1,55 +0,0 @@
-name: Test Formalities
-
-on:
-  pull_request:
-
-jobs:
-  build:
-    name: Test Formalities
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-
-    steps:
-      - uses: actions/checkout@v3
-        with:
-          ref: ${{ github.event.pull_request.head.sha }}
-          fetch-depth: 0
-
-      - name: Determine branch name
-        run: |
-          BRANCH="${GITHUB_BASE_REF#refs/heads/}"
-          echo "Building for $BRANCH"
-          echo "BRANCH=$BRANCH" >> $GITHUB_ENV
-
-      - name: Test formalities
-        run: |
-          source .github/workflows/ci_helpers.sh
-
-          RET=0
-          for commit in $(git rev-list HEAD ^origin/$BRANCH); do
-            info "=== Checking commit '$commit'"
-            if git show --format='%P' -s $commit | grep -qF ' '; then
-              err "Pull request should not include merge commits"
-              RET=1
-            fi
-
-            subject="$(git show -s --format=%s $commit)"
-            if echo "$subject" | grep -q -e '^[0-9A-Za-z,+/_-]\+: ' -e '^Revert ' -e '^CONTRIBUTING.md' -e '^README.md'; then
-              success "Commit subject line seems ok ($subject)"
-            else
-              err "Commit subject line MUST start with '<package name>: ' ($subject)"
-              RET=1
-            fi
-
-            body="$(git show -s --format=%b $commit)"
-            sob="$(git show -s --format='Signed-off-by: %aN <%aE>' $commit)"
-            if echo "$body" | grep -qF "$sob"; then
-              success "Signed-off-by match author"
-            else
-              err "Signed-off-by is missing or doesn't match author (should be '$sob')"
-              RET=1
-            fi
-          done
-
-          exit $RET

.github/workflows/multi-arch-test-build.yml

@@ -1,206 +0,0 @@
-name: Test Build
-
-on:
-  pull_request:
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
-
-jobs:
-  build:
-    name: Test ${{ matrix.arch }}
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        include:
-          - arch: aarch64_generic
-            target: armsr-armv8
-            runtime_test: true
-
-          - arch: arm_cortex-a15_neon-vfpv4
-            target: armsr-armv7
-            runtime_test: true
-
-          - arch: arm_cortex-a9_vfpv3-d16
-            target: mvebu-cortexa9
-            runtime_test: false
-
-          - arch: i386_pentium-mmx
-            target: x86-geode
-            runtime_test: true
-
-          - arch: mips_24kc
-            target: ath79-generic
-            runtime_test: true
-
-          - arch: mipsel_24kc
-            target: mt7621
-            runtime_test: false
-
-          - arch: powerpc_464fp
-            target: apm821xx-nand
-            runtime_test: false
-
-          - arch: powerpc_8548
-            target: mpc85xx-p1010
-            runtime_test: false
-
-          - arch: riscv64_riscv64
-            target: sifiveu-generic
-            runtime_test: false
-
-          - arch: x86_64
-            target: x86-64
-            runtime_test: true
-
-    steps:
-      - uses: actions/checkout@v3
-        with:
-          fetch-depth: 0
-
-      - name: Determine branch name
-        run: |
-          BRANCH="${GITHUB_BASE_REF#refs/heads/}"
-          echo "Building for $BRANCH"
-          echo "BRANCH=$BRANCH" >> $GITHUB_ENV
-
-      - name: Determine changed packages
-        run: |
-          # only detect packages with changes
-          PKG_ROOTS=$(find . -name Makefile | \
-            grep -v ".*/src/Makefile" | \
-            sed -e 's@./\(.*\)/Makefile@\1/@')
-          CHANGES=$(git diff --diff-filter=d --name-only origin/$BRANCH...)
-
-          for ROOT in $PKG_ROOTS; do
-            for CHANGE in $CHANGES; do
-              if [[ "$CHANGE" == "$ROOT"* ]]; then
-                PACKAGES+=$(echo "$ROOT" | sed -e 's@.*/\(.*\)/@\1 @')
-                break
-              fi
-            done
-          done
-
-          # fallback to test packages if nothing explicitly changes this is
-          # should run if other mechanics in packages.git changed
-          PACKAGES="${PACKAGES:-vim attendedsysupgrade-common bmon}"
-
-          echo "Building $PACKAGES"
-          echo "PACKAGES=$PACKAGES" >> $GITHUB_ENV
-
-      - name: Generate build keys
-        run: |
-          sudo apt-get update
-          sudo apt-get install -y signify-openbsd
-          signify-openbsd -G -n -c 'DO NOT USE - OpenWrt packages feed CI' -p packages_ci.pub -s packages_ci.sec
-          EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64)
-          echo "KEY_BUILD<<$EOF" >> $GITHUB_ENV
-          cat packages_ci.sec >> $GITHUB_ENV
-          echo "$EOF" >> $GITHUB_ENV
-
-      - name: Build
-        uses: openwrt/gh-action-sdk@v7
-        env:
-          ARCH: ${{ matrix.arch }}-${{ env.BRANCH }}
-          FEEDNAME: packages_ci
-          INDEX: 1
-          KEY_BUILD: ${{ env.KEY_BUILD }}
-          V: s
-
-      - name: Move created packages to project dir
-        if: always()
-        run: cp bin/packages/${{ matrix.arch }}/packages_ci/* . || true
-
-      - name: Collect metadata
-        if: always()
-        run: |
-          MERGE_ID=$(git rev-parse --short HEAD)
-          echo "MERGE_ID=$MERGE_ID" >> $GITHUB_ENV
-          echo "BASE_ID=$(git rev-parse --short HEAD^1)" >> $GITHUB_ENV
-          echo "HEAD_ID=$(git rev-parse --short HEAD^2)" >> $GITHUB_ENV
-          PRNUMBER=${GITHUB_REF_NAME%/merge}
-          echo "PRNUMBER=$PRNUMBER" >> $GITHUB_ENV
-          echo "ARCHIVE_NAME=${{matrix.arch}}-PR$PRNUMBER-$MERGE_ID" >> $GITHUB_ENV
-
-      - name: Generate metadata
-        if: always()
-        run: |
-          cat << _EOF_ > PKG-INFO
-          Metadata-Version: 2.1
-          Name: ${{env.ARCHIVE_NAME}}
-          Version: $BRANCH
-          Author: $GITHUB_ACTOR
-          Home-page: $GITHUB_SERVER_URL/$GITHUB_REPOSITORY/pull/$PRNUMBER
-          Download-URL: $GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID
-          Summary: $PACKAGES
-          Platform: ${{ matrix.arch }}
-
-          Packages for OpenWrt $BRANCH running on ${{matrix.arch}}, built from PR $PRNUMBER
-          at commit $HEAD_ID, against $BRANCH at commit $BASE_ID, with merge SHA $MERGE_ID.
-
-          Modified packages:
-          _EOF_
-          for p in $PACKAGES
-          do
-            echo "  "$p >> PKG-INFO
-          done
-          echo >> PKG-INFO
-          echo Full file listing: >> PKG-INFO
-          ls -al *.ipk >> PKG-INFO || true
-          cat PKG-INFO
-
-      - name: Store packages
-        if: always()
-        uses: actions/upload-artifact@v3
-        with:
-          name: ${{env.ARCHIVE_NAME}}-packages
-          path: |
-            Packages
-            Packages.*
-            *.ipk
-            PKG-INFO
-
-      - name: Store logs
-        if: always()
-        uses: actions/upload-artifact@v3
-        with:
-          name: ${{env.ARCHIVE_NAME}}-logs
-          path: |
-            logs/
-            PKG-INFO
-
-      - name: Remove logs
-        if: always()
-        run: sudo rm -rf logs/ || true
-
-      - name: Check if any packages were built
-        run: |
-          if [ -n "$(find . -maxdepth 1 -type f -name '*.ipk' -print -quit)" ]; then
-            echo "Found *.ipk files"
-            HAVE_IPKS=true
-          else
-            echo "No *.ipk files found"
-            HAVE_IPKS=false
-          fi
-          echo "HAVE_IPKS=$HAVE_IPKS" >> $GITHUB_ENV
-
-      - name: Register QEMU
-        if: ${{ matrix.runtime_test && fromJSON(env.HAVE_IPKS) }}
-        run: |
-          sudo apt-get update
-          sudo apt-get install -y qemu-user-static binfmt-support
-          sudo update-binfmts --import
-
-      - name: Build Docker container
-        if: ${{ matrix.runtime_test && fromJSON(env.HAVE_IPKS) }}
-        run: |
-          docker build -t test-container --build-arg ARCH .github/workflows/
-        env:
-          ARCH: ${{ matrix.arch }}-${{ env.BRANCH }}
-
-      - name: Test via Docker container
-        if: ${{ matrix.runtime_test && fromJSON(env.HAVE_IPKS) }}
-        run: |
-          docker run --rm -v $GITHUB_WORKSPACE:/ci test-container

.travis.yml

@@ -0,0 +1,16 @@
+git:
+  depth: 10
+  quiet: true
+
+language: c
+dist: trusty
+sudo: false
+cache:
+  directories:
+    - $HOME/sdk
+
+before_script:
+  - ./.travis_do.sh download_sdk
+
+script:
+  - ./.travis_do.sh test_packages

.travis_do.sh

@@ -0,0 +1,241 @@
+#!/bin/bash
+#
+# MIT Alexander Couzens <lynxis@fe80.eu>
+
+set -e
+
+SDK_HOME="$HOME/sdk"
+SDK_PATH=https://downloads.lede-project.org/snapshots/targets/ar71xx/generic/
+SDK=-sdk-ar71xx-generic_
+PACKAGES_DIR="$PWD"
+
+echo_red()   { printf "\033[1;31m$*\033[m\n"; }
+echo_green() { printf "\033[1;32m$*\033[m\n"; }
+echo_blue()  { printf "\033[1;34m$*\033[m\n"; }
+
+exec_status() {
+	PATTERN="$1"
+	shift
+	while :;do sleep 590;echo "still running (please don't kill me Travis)";done &
+	("$@" 2>&1) | tee logoutput
+	R=${PIPESTATUS[0]}
+	kill $! && wait $! 2>/dev/null
+	if [ $R -ne 0 ]; then
+		echo_red   "=> '$*' failed (return code $R)"
+		return 1
+	fi
+	if grep -qE "$PATTERN" logoutput; then
+		echo_red   "=> '$*' failed (log matched '$PATTERN')"
+		return 1
+	fi
+
+	echo_green "=> '$*' successful"
+	return 0
+}
+
+get_sdk_file() {
+	if [ -e "$SDK_HOME/sha256sums" ] ; then
+		grep -- "$SDK" "$SDK_HOME/sha256sums" | awk '{print $2}' | sed 's/*//g'
+	else
+		false
+	fi
+}
+
+# download will run on the `before_script` step
+# The travis cache will be used (all files under $HOME/sdk/). Meaning
+# We don't have to download the file again
+download_sdk() {
+	mkdir -p "$SDK_HOME"
+	cd "$SDK_HOME"
+
+	echo_blue "=== download SDK"
+	wget "$SDK_PATH/sha256sums" -O sha256sums
+	wget "$SDK_PATH/sha256sums.gpg" -O sha256sums.asc
+
+	# LEDE Build System (LEDE GnuPG key for unattended build jobs)
+	gpg --import $PACKAGES_DIR/.keys/626471F1.asc
+	echo '54CC74307A2C6DC9CE618269CD84BCED626471F1:6:' | gpg --import-ownertrust
+	# LEDE Release Builder (17.01 "Reboot" Signing Key)
+	gpg --import $PACKAGES_DIR/.keys/D52BBB6B.asc
+	echo 'B09BE781AE8A0CD4702FDCD3833C6010D52BBB6B:6:' | gpg --import-ownertrust
+
+	echo_blue "=== Verifying sha256sums signature"
+	gpg --verify sha256sums.asc
+	echo_blue "=== Verified sha256sums signature."
+	if ! grep -- "$SDK" sha256sums > sha256sums.small ; then
+		echo_red "=== Can not find $SDK file in sha256sums."
+		echo_red "=== Is \$SDK out of date?"
+		false
+	fi
+
+	# if missing, outdated or invalid, download again
+	if ! sha256sum -c ./sha256sums.small ; then
+		local sdk_file
+		sdk_file="$(get_sdk_file)"
+		echo_blue "=== sha256 doesn't match or SDK file wasn't downloaded yet."
+		echo_blue "=== Downloading a fresh version"
+		wget "$SDK_PATH/$sdk_file" -O "$sdk_file"
+	fi
+
+	# check again and fail here if the file is still bad
+	echo_blue "Checking sha256sum a second time"
+	if ! sha256sum -c ./sha256sums.small ; then
+		echo_red "=== SDK can not be verified!"
+		false
+	fi
+	echo_blue "=== SDK is up-to-date"
+}
+
+# test_package will run on the `script` step.
+# test_package call make download check for very new/modified package
+test_packages2() {
+	local commit_range=$TRAVIS_COMMIT_RANGE
+	if [ -z "$TRAVIS_PULL_REQUEST_SHA" ]; then
+		echo_blue "Using only the latest commit, since we're not in a Pull Request"
+		commit_range=HEAD~1
+	fi
+
+	# search for new or modified packages. PKGS will hold a list of package like 'admin/muninlite admin/monit ...'
+	PKGS=$(git diff --diff-filter=d --name-only "$commit_range" | grep 'Makefile$' | grep -v '/files/' | awk -F'/Makefile' '{ print $1 }')
+
+	if [ -z "$PKGS" ] ; then
+		echo_blue "No new or modified packages found!"
+		return 0
+	fi
+
+	echo_blue "=== Found new/modified packages:"
+	for pkg in $PKGS ; do
+		echo "===+ $pkg"
+	done
+
+	echo_blue "=== Setting up SDK"
+	tmp_path=$(mktemp -d)
+	cd "$tmp_path"
+	tar Jxf "$SDK_HOME/$(get_sdk_file)" --strip=1
+
+	# use github mirrors to spare lede servers
+	cat > feeds.conf <<EOF
+src-git base https://github.com/lede-project/source.git
+src-link packages $PACKAGES_DIR
+src-git luci https://github.com/openwrt/luci.git
+EOF
+
+	# enable BUILD_LOG
+	sed -i '1s/^/config BUILD_LOG\n\tbool\n\tdefault y\n\n/' Config-build.in
+
+	./scripts/feeds update -a > /dev/null
+	./scripts/feeds install -a > /dev/null
+	make defconfig > /dev/null
+	echo_blue "=== Setting up SDK done"
+
+	RET=0
+	# E.g: pkg_dir => admin/muninlite
+	# pkg_name => muninlite
+	for pkg_dir in $PKGS ; do
+		pkg_name=$(echo "$pkg_dir" | awk -F/ '{ print $NF }')
+		echo_blue "=== $pkg_name: Starting quick tests"
+
+		exec_status '^ERROR' make "package/$pkg_name/download" V=s || RET=1
+		exec_status '^ERROR' make "package/$pkg_name/check" V=s || RET=1
+
+		echo_blue "=== $pkg_name: quick tests done"
+	done
+
+	[ $RET -ne 0 ] && return $RET
+
+	for pkg_dir in $PKGS ; do
+		pkg_name=$(echo "$pkg_dir" | awk -F/ '{ print $NF }')
+		echo_blue "=== $pkg_name: Starting compile test"
+
+		# we can't enable verbose built else we often hit Travis limits
+		# on log size and the job get killed
+		exec_status '^ERROR' make "package/$pkg_name/compile" -j3 || RET=1
+
+		echo_blue "=== $pkg_name: compile test done"
+
+		echo_blue "=== $pkg_name: begin compile logs"
+		for f in $(find logs/package/feeds/packages/$pkg_name/ -type f); do
+			echo_blue "Printing last 200 lines of $f"
+			tail -n200 "$f"
+		done
+		echo_blue "=== $pkg_name: end compile logs"
+
+		echo_blue "=== $pkg_name: begin packages sizes"
+		du -ba bin/
+		echo_blue "=== $pkg_name: end packages sizes"
+	done
+
+	return $RET
+}
+
+test_commits() {
+	RET=0
+	if [ -z "$TRAVIS_PULL_REQUEST_SHA" ]; then
+		echo_blue "Skipping commits tests (not in a Pull Request)"
+		return 0
+	fi
+	for commit in $(git rev-list ${TRAVIS_COMMIT_RANGE/.../..}); do
+		echo_blue "=== Checking commit '$commit'"
+		if git show --format='%P' -s $commit | grep -qF ' '; then
+			echo_red "Pull request should not include merge commits"
+			RET=1
+		fi
+
+		author="$(git show -s --format=%aN $commit)"
+		if echo $author | grep -q '\S\+\s\+\S\+'; then
+			echo_green "Author name ($author) seems ok"
+		else
+			echo_red "Author name ($author) need to be your real name 'firstname lastname'"
+			RET=1
+		fi
+
+		subject="$(git show -s --format=%s $commit)"
+		if echo "$subject" | grep -q -e '^[0-9A-Za-z,/_-]\+: ' -e '^Revert '; then
+			echo_green "Commit subject line seems ok ($subject)"
+		else
+			echo_red "Commit subject line MUST start with '<package name>: ' ($subject)"
+			RET=1
+		fi
+
+		body="$(git show -s --format=%b $commit)"
+		sob="$(git show -s --format='Signed-off-by: %aN <%aE>' $commit)"
+		if echo "$body" | grep -qF "$sob"; then
+			echo_green "Signed-off-by match author"
+		else
+			echo_red "Signed-off-by is missing or doesn't match author (should be '$sob')"
+			RET=1
+		fi
+	done
+
+	return $RET
+}
+
+test_packages() {
+	test_commits && test_packages2 || return 1
+}
+
+echo_blue "=== Travis ENV"
+env
+echo_blue "=== Travis ENV"
+
+if [ -n "$TRAVIS_PULL_REQUEST_SHA" ]; then
+	while true; do
+		# if clone depth is too small, git rev-list / diff return incorrect or empty results
+		C="$(git rev-list ${TRAVIS_COMMIT_RANGE/.../..} | tail -n1)" 2>/dev/null
+		[ -n "$C" -a "$C" != "a22de9b74cf9579d1ce7e6cf1845b4afa4277b00" ] && break
+		echo_blue "Fetching 50 commits more"
+		git fetch origin --deepen=50
+	done
+fi
+
+if [ $# -ne 1 ] ; then
+	cat <<EOF
+Usage: $0 (download_sdk|test_packages)
+
+download_sdk - download the SDK to $HOME/sdk.tar.xz
+test_packages - do a make check on the package
+EOF
+	exit 1
+fi
+
+$@

CONTRIBUTING.md

@@ -1,218 +1,115 @@
-# Contributing Guidelines
+# Contributing Guidelines  
+(See <https://openwrt.org/docs/guide-developer/packages> for overall format and construction)
 
-Ref: <https://openwrt.org/docs/guide-developer/packages> for overall format and construction
 
-## Basic guidelines
+### Basic guidelines
 
-All packages you commit or submit by pull-request should follow these simple
-guidelines:
+All packages you commit or submit by pull-request should follow these simple guidelines:
+* Package a version which is still maintained by the upstream author.
+* Will be updated regularly to maintained and supported versions.
+* Have no dependencies outside the OpenWrt core packages or this repository feed.
+* Have been tested to compile with the correct includes and dependencies. Please also test with "Compile with full language support" found under "General Build Settings" set if language support is relevant to your package.
+* Do NOT use a rolling source file (e.g. foo-latest.tar.gz) or the head of a branch as source for the package since that would create unpredictable builds which change over time.
+* Best of all -- it works as expected!
 
-- Package a version which is still maintained by the upstream author and will
-  be updated regularly with supported versions.
-- Have no dependencies outside the OpenWrt core packages or this repository
-  feed.
-- Have been tested to compile with the correct includes and dependencies.
-  Please also test with "Compile with full language support" found under
-  "General Build Settings" set if language support is relevant to your package.
-- Best of all -- it works as expected!
+#### Makefile contents should contain:
 
-## Package Sources (archives and repositories)
+* An up-to-date copyright notice. Use OpenWrt if no other present or supply your own.
+* A (PKG_)MAINTAINER definition listing either yourself or another person in the field.
+    (E.g.: PKG_MAINTAINER:= Joe D. Hacker `<jdh@jdhs-email-provider.org`>)
+* A PKG_LICENSE tag declaring the main license of the package.
+    (E.g.: PKG_LICENSE:=GPL-2.0+) Please use SPDX identifiers if possible (see list at the bottom).
+* An optional PKG_LICENSE_FILES tag including the filenames of the license-files in the source-package.
+    (E.g.: PKG_LICENSE_FILES:=COPYING)
+* PKG_RELEASE should be initially set to 1 or reset to 1 if the software version is changed. You should increment it if the package itself has changed. For example, modifying a support script, changing configure options like --disable* or --enable* switches, or if you changed something in the package which causes the resulting binaries to be different. Changes like correcting md5sums, changing mirror URLs, adding a maintainer field or updating a comment or copyright year in a Makefile do not require a change to PKG_RELEASE.
+* Avoid reuse of PKG_NAME in call, define and eval lines to improve readability.
 
-- PKG_SOURCE should reference the smallest available archive. In order of
-  preference: xz (most compressed), bzip2, gz and zip. As a last resort,
-  downloads from source repositories can be used.
-- PKG_SOURCE_URL should link to an official release archive. Use of HTTPS&#x3A;
-  is preferred. If a source archive is not available, a locally generated
-  archive fetched using git, svn, cvs or in rare circumstances, hg or bzr.
-- Convenience macros for popular mirrors are defined. Using these macros will
-  make your package downloads more robust by mapping to a list of possible
-  source mirrors for archive availability.
-  - @SF - Sourceforge (downloads.sourceforge.net) with 5 retries due to
-    re-directs
-  - @GITHUB - Github (raw.githubusercontent.com) with 5 retries due to
-    re-directs
-  - @GNU - 8 regional servers
-  - @GNOME - 8 regional servers
-  - @SAVANNAH - 8 regional servers
-  - @APACHE - 8 regional servers
-  - @KERNEL - Linux kernel archives & mirrors
-- Please _DO NOT_ use an archive which changes over time. A version labeled
-  "latest" is not constant each download. Also, using the head of a branch will
-  create unpredictable results which can be different each build.
+#### Commits in your pull-requests should:
 
-### Makefile contents should contain
+* Have a useful description prefixed with the package name
+    (E.g.: "foopkg: Add libzot dependency")
+* Include Signed-off-by in the comment
+    (See <https://openwrt.org/submitting-patches#sign_your_work>)
 
-- Provide an up-to-date Copyright notice or **none**. Copyright should not be
-  assigned to OpenWrt unless you are explicitly requested by or working under
-  contract to OpenWrt. Assigning a Copyright to yourself or organization you
-  represent is acceptable.
-- A (PKG\_)MAINTAINER definition listing either yourself and/or another person
-  responsible for this package (E.g.: PKG_MAINTAINER:= Joe D. Hacker
-  `<jdh@jdhs-email-provider.org`>). Listing multiple maintainers is encouraged in
-  order to keep the package active and up-to-date. Leaving this blank will also
-  be accepted, however the review process may not be as quick as one with a
-  maintainer.
-- A PKG_LICENSE tag declaring the main license of the package.  (E.g.:
-  PKG_LICENSE:=GPL-2.0-or-later) Please use SPDX identifiers if possible (see
-  list at the bottom).
-- An optional PKG_LICENSE_FILES tag including the filenames of the
-  license-files in the source-package.  (E.g.: PKG_LICENSE_FILES:=COPYING)
-- PKG_RELEASE should be initially set to 1 or reset to 1 if the software
-  version is changed. You should increment it if the package itself has
-  changed. For example, modifying a support script, changing configure options
-  like --disable_ or --enable\_ switches, or if you changed something in the
-  package which causes the resulting binaries to be different. Changes like
-  correcting md5sums, changing mirror URLs, adding a maintainer field or updating
-  a comment or copyright year in a Makefile do not require a change to
-  PKG_RELEASE.
-- Avoid reuse of PKG_NAME in call, define and eval lines to improve
-  readability.
+### Advice on pull requests:
 
-### Commits in your pull-requests should
+Pull requests are the easiest way to contribute changes to git repos at Github. They are the preferred contribution method, as they offer a nice way for commenting and amending the proposed changes.
 
-- Have a useful description prefixed with the package name (E.g.: "foopkg: Add
-  libzot dependency")
-- Include Signed-off-by tag in the commit comments.  See: [Sign your
-  work](https://openwrt.org/submitting-patches#sign_your_work)
-
-## Advice on pull requests
-
-Pull requests are the easiest way to contribute changes to git repos at Github.
-They are the preferred contribution method, as they offer a nice way for
-commenting and amending the proposed changes.
-
-- You need a local "fork" of the Github repo.
-
-- Use a "feature branch" for your changes. That separates the changes in the
-  pull request from your other changes and makes it easy to edit/amend commits
-  in the pull request. Workflow using "feature_x" as the example:
+* You need a local "fork" of the Github repo.
+* Use a "feature branch" for your changes. That separates the changes in the pull request from your other changes and makes it easy to edit/amend commits in the pull request. Workflow using "feature_x" as the example:
   - Update your local git fork to the tip (of the master, usually)
   - Create the feature branch with `git checkout -b feature_x`
   - Edit changes and commit them locally
-  - Push them to your Github fork by `git push -u origin feature_x`. That
-    creates the "feature_x" branch at your Github fork and sets it as the
-    remote of this branch
-  - When you now visit Github, you should see a proposal to create a pull
-    request
+  - Push them to your Github fork by `git push -u origin feature_x`. That creates the "feature_x" branch at your Github fork and sets it as the remote of this branch
+  - When you now visit Github, you should see a proposal to create a pull request
 
-- If you later need to add new commits to the pull request, you can simply
-  commit the changes to the local branch and then use `git push` to
-  automatically update the pull request.
+* If you later need to add new commits to the pull request, you can simply commit the changes to the local branch and then use `git push` to automatically update the pull request.
 
-- If you need to change something in the existing pull request (e.g. to add a
-  missing signed-off-by line to the commit message), you can use `git push -f`
-  to overwrite the original commits. That is easy and safe when using a feature
-  branch. Example workflow:
+* If you need to change something in the existing pull request (e.g. to add a missing signed-off-by line to the commit message), you can use `git push -f` to overwrite the original commits. That is easy and safe when using a feature branch. Example workflow:
   - Checkout the feature branch by `git checkout feature_x`
-  - Edit changes and commit them locally. If you are just updating the commit
-    message in the last commit, you can use `git commit --amend` to do that
-  - If you added several new commits or made other changes that require
-    cleaning up, you can use `git rebase -i HEAD~X` (X = number of commits to
-    edit) to possibly squash some commits
-  - Push the changed commits to Github with `git push -f` to overwrite the
-    original commits in the "feature_x" branch with the new ones. The pull
-    request gets automatically updated
+  - Edit changes and commit them locally. If you are just updating the commit message in the last commit, you can use `git commit --amend` to do that
+  - If you added several new commits or made other changes that require cleaning up, you can use `git rebase -i HEAD~X` (X = number of commits to edit) to possibly squash some commits
+  - Push the changed commits to Github with `git push -f` to overwrite the original commits in the "feature_x" branch with the new ones. The pull request gets automatically updated
 
-## If you have commit access
+### If you have commit access:
 
-- Do NOT use git push --force.
-- Do NOT commit to other maintainer's packages without their consent.
-- Use Pull Requests if you are unsure and to suggest changes to other
-  maintainers.
+* Do NOT use git push --force.
+* Do NOT commit to other maintainer's packages without their consent.
+* Use Pull Requests if you are unsure and to suggest changes to other maintainers.
 
-### Gaining commit access
+#### Gaining commit access:
 
-- We will gladly grant commit access to responsible contributors who have made
+* We will gladly grant commit access to responsible contributors who have made
   useful pull requests and / or feedback or patches to this repository or
-  OpenWrt in general. Please include your request for commit access in your next
-  pull request or ticket.
+  OpenWrt in general. Please include your request for commit access in your
+  next pull request or ticket.
 
-## Release Branches
+### Release Branches:
 
-- Old stable branches were named after the following pattern "for-XX.YY" (e.g.
-  for-14.07) before the LEDE split.  During the LEDE split there was only one
-  release branch with the name "lede-17.01".  After merging the LEDE fork with
-  OpenWrt the release branches are named according to the following pattern
-  "openwrt-XX.YY" (e.g. openwrt-18.06).
-- These branches are built with the respective OpenWrt release and are created
+* Branches named "for-XX.YY" (e.g. for-14.07) are release branches.
+* These branches are built with the respective OpenWrt release and are created
   during the release stabilisation phase.
-- Please ONLY cherry-pick or commit security and bug-fixes to these branches.
-- Do NOT add new packages and do NOT do major upgrades of packages here.
-- If you are unsure if your change is suitable, please use a pull request.
+* Please ONLY cherry-pick or commit security and bug-fixes to these branches.
+* Do NOT add new packages and do NOT do major upgrades of packages here.
+* If you are unsure if your change is suitable, please use a pull request.
 
-## Common LICENSE tags (short list)
+### Common LICENSE tags (short list)  
+(Complete list can be found at: <http://spdx.org/licenses>)
 
-(Complete list can be found at: <https://spdx.org/licenses>)
-
-| Full Name                                        | Identifier               |
-| ------------------------------------------------ | :----------------------- |
-| Apache License 1.0                               | Apache-1.0               |
-| Apache License 1.1                               | Apache-1.1               |
-| Apache License 2.0                               | Apache-2.0               |
-| Artistic License 1.0                             | Artistic-1.0             |
-| Artistic License 1.0 w/clause 8                  | Artistic-1.0-cl8         |
-| Artistic License 1.0 (Perl)                      | Artistic-1.0-Perl        |
-| Artistic License 2.0                             | Artistic-2.0             |
-| BSD 2-Clause "Simplified" License                | BSD-2-Clause             |
-| BSD 2-Clause FreeBSD License                     | BSD-2-Clause-FreeBSD     |
-| BSD 2-Clause NetBSD License                      | BSD-2-Clause-NetBSD      |
-| BSD 3-Clause "New" or "Revised" License          | BSD-3-Clause             |
-| BSD with attribution                             | BSD-3-Clause-Attribution |
-| BSD 3-Clause Clear License                       | BSD-3-Clause-Clear       |
-| BSD 4-Clause "Original" or "Old" License         | BSD-4-Clause             |
-| BSD-4-Clause (University of California-Specific) | BSD-4-Clause-UC          |
-| BSD Protection License                           | BSD-Protection           |
-| GNU General Public License v1.0 only             | GPL-1.0-only             |
-| GNU General Public License v1.0 or later         | GPL-1.0-or-later         |
-| GNU General Public License v2.0 only             | GPL-2.0-only             |
-| GNU General Public License v2.0 or later         | GPL-2.0-or-later         |
-| GNU General Public License v3.0 only             | GPL-3.0-only             |
-| GNU General Public License v3.0 or later         | GPL-3.0-or-later         |
-| GNU Lesser General Public License v2.1 only      | LGPL-2.1-only            |
-| GNU Lesser General Public License v2.1 or later  | LGPL-2.1-or-later        |
-| GNU Lesser General Public License v3.0 only      | LGPL-3.0-only            |
-| GNU Lesser General Public License v3.0 or later  | LGPL-3.0-or-later        |
-| GNU Library General Public License v2 only       | LGPL-2.0-only            |
-| GNU Library General Public License v2 or later   | LGPL-2.0-or-later        |
-| Fair License                                     | Fair                     |
-| ISC License                                      | ISC                      |
-| MIT License                                      | MIT                      |
-| No Limit Public License                          | NLPL                     |
-| OpenSSL License                                  | OpenSSL                  |
-| X11 License                                      | X11                      |
-| zlib License                                     | Zlib                     |
-
-## Continuous Integration
-
-To simplify review and require less human resources, a CI tests all packages.
-Passing CI tests are not a hard requirement but a good indicator what the
-Buildbots will think about the proposed patch.
-
-The CI builds modified packages for multiple architectures using the latest
-snapshot SDK. For supported architectures (`aarch64_generic`,
-`arm_cortex-a15_neon-vfpv4`, `i386_pentium4` and `x86_64`) an additional
-runtime test is executed. A running OpenWrt is simulated which tries to install
-created packages and runs a script called `test.sh` located next to the package
-Makefile. The script is executed with the two arguments `PKG_NAME` and
-`PKG_VERSION`. The `PKG_NAME` can be used to distinguish package variants, e.g.
-`foobar` vs. `foobar-full`. The `PKG_VERSION` can be used for a trivial test
-checking if `foobar --version` prints the correct version. `PKG_VERSION` is the
-OpenWrt version and therefore includes the `PKG_RELEASE`, which isn't usually
-part of the running programs version.
-
-The following snippet shows a script that tests different binaries depending on
-what IPK package was installed. The `gpsd` Makefile produces both a `gpsd` and
-a `gpsd-clients` IPK packages.
-
-```shell
- #!/bin/sh
-
-case "$1" in
-    "gpsd")
-        gpsd -V 2>&1 | grep "$2"
-        ;;
-    "gpsd-clients")
-        cgps -V 2>&1 | grep "$2"
-        ;;
-esac
-```
+| Full Name | Identifier  |
+|---|:---|
+|Apache License 1.0|Apache-1.0|
+|Apache License 1.1|Apache-1.1|
+|Apache License 2.0|Apache-2.0|
+|Artistic License 1.0|Artistic-1.0|
+|Artistic License 1.0 (Perl)|Artistic-1.0-Perl|
+|Artistic License 1.0 w/clause 8|Artistic-1.0-cl8|
+|Artistic License 2.0|Artistic-2.0|
+|BSD 2-clause "Simplified" License|BSD-2-Clause|
+|BSD 2-clause FreeBSD License|BSD-2-Clause-FreeBSD|
+|BSD 2-clause NetBSD License|BSD-2-Clause-NetBSD|
+|BSD 3-clause "New" or "Revised" License|BSD-3-Clause|
+|BSD 3-clause Clear License|BSD-3-Clause-Clear|
+|BSD 4-clause "Original" or "Old" License|BSD-4-Clause|
+|BSD Protection License|BSD-Protection|
+|BSD with attribution|BSD-3-Clause-Attribution|
+|BSD-4-Clause (University of California-Specific)|BSD-4-Clause-UC|
+|GNU General Public License v1.0 only|GPL-1.0|
+|GNU General Public License v1.0 or later|GPL-1.0+|
+|GNU General Public License v2.0 only|GPL-2.0|
+|GNU General Public License v2.0 or later|GPL-2.0+|
+|GNU General Public License v3.0 only|GPL-3.0|
+|GNU General Public License v3.0 or later|GPL-3.0+|
+|GNU Lesser General Public License v2.1 only|LGPL-2.1|
+|GNU Lesser General Public License v2.1 or later|LGPL-2.1+|
+|GNU Lesser General Public License v3.0 only|LGPL-3.0|
+|GNU Lesser General Public License v3.0 or later|LGPL-3.0+|
+|GNU Library General Public License v2 only|LGPL-2.0|
+|GNU Library General Public License v2 or later|LGPL-2.0+|
+|Fair License|Fair|
+|ISC License|ISC|
+|MIT License|MIT|
+|No Limit Public License|NLPL|
+|OpenSSL License|OpenSSL|
+|X11 License|X11|
+|zlib License|Zlib|

admin/atop/Makefile

@@ -1,54 +0,0 @@
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=atop
-PKG_RELEASE:=1
-PKG_VERSION:=2.7.1
-
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://www.atoptool.nl/download/
-PKG_HASH:=ca48d2f17e071deead5e6e9cc9e388bf6a3270d695e61976b3794d4d927b5c4e
-
-PKG_MAINTAINER:=Toni Uhlig <matzeton@googlemail.com>
-PKG_LICENSE:=GPL-2.0-or-later
-PKG_LICENSE_FILES:=COPYING
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/atop
-  SECTION:=admin
-  CATEGORY:=Administration
-  TITLE:=System and process monitor for Linux
-  DEPENDS:=+zlib +libncurses
-  URL:=https://www.atoptool.nl/
-endef
-
-define Package/atop/description
-  Atop is an ASCII full-screen performance monitor for
-  Linux that is capable of reporting the activity of all
-  processes (even if processes have finished during the
-  interval), daily logging of system and process activity
-  for long-term analysis, highlighting overloaded system
-  resources by using colors, etcetera. At regular
-  intervals, it shows system-level activity related to the
-  CPU, memory, swap, disks (including LVM) and network
-  layers, and for every process (and thread) it shows e.g.
-  the CPU utilization, memory growth, disk utilization,
-  priority, username, state, and exit code. In combination
-  with the optional kernel module netatop, it even shows
-  network activity per process/thread.
-endef
-
-MAKE_FLAGS += \
-	CFLAGS+="-Wno-misleading-indentation -Wno-unused-const-variable -Wno-format-truncation"
-
-define Package/atop/install
-	$(INSTALL_DIR) $(1)/usr/bin
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/atop $(1)/usr/bin/
-endef
-
-$(eval $(call BuildPackage,atop))

admin/atop/patches/010-makefile-missing-cflags.patch

@@ -1,11 +0,0 @@
---- a/Makefile
-+++ b/Makefile
-@@ -33,7 +33,7 @@ VERS     = $(shell ./atop -V 2>/dev/null
- all: 		atop atopsar atopacctd atopconvert atopcat
- 
- atop:		atop.o    $(ALLMODS) Makefile
--		$(CC) atop.o $(ALLMODS) -o atop -lncursesw -lz -lm -lrt $(LDFLAGS)
-+		$(CC) $(CFLAGS) atop.o $(ALLMODS) -o atop -lncursesw -lz -lm -lrt $(LDFLAGS)
- 
- atopsar:	atop
- 		ln -sf atop atopsar

admin/backuppc/Makefile

@@ -1,69 +0,0 @@
-# Copyright (C) 2018 OpenWrt
-#
-# Ideas used from the backuppc packaging in Debian GNU/Linux
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=backuppc
-PKG_VERSION:=3.3.2
-PKG_RELEASE:=3
-
-PKG_SOURCE:=BackupPC-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=@SF/backuppc
-PKG_HASH:=fbade2c8d8039297e826a75d2c39d5ac9a6f66e0c84c0cf8c4cef0bcf64d2152
-PKG_BUILD_DIR:=$(BUILD_DIR)/BackupPC-$(PKG_VERSION)
-
-PKG_MAINTAINER:=Carsten Wolff <carsten@wolffcarsten.de>
-PKG_LICENSE:=GPL-2.0-or-later
-PKG_LICENSE_FILES:=LICENSE
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/backuppc
-  SECTION:=admin
-  CATEGORY:=Administration
-  TITLE:=high-performance, enterprise-grade system for backing up PCs
-  URL:=https://sourceforge.net/projects/backuppc/
-  DEPENDS:=+perl +perl-www +perl-cgi +perlbase-digest +perlbase-compress +perlbase-archive +perlbase-data +perlbase-storable +perlbase-getopt +perl-file-rsyncp +openssh-client +tar +bzip2 +samba4-client +rsync +iputils-ping
-endef
-
-define Package/backuppc/description
-  BackupPC is a disk based backup system featuring a clever pooling scheme and
-  compression to minimize disk storage and disk I/O. It can use SMB, rsync or tar
-  to access the clients without any additional client software and offers a
-  powerful http/cgi user interface.
-endef
-
-define Build/Configure
-	true
-endef
-
-define Build/Compile
-	$(TARGET_CC) $(TARGET_CFLAGS) $(TARGET_CPPFLAGS) $(TARGET_LDFLAGS) -Wall -o $(PKG_BUILD_DIR)/BackupPC_Admin ./files/setuidwrapper.c
-endef
-
-define Package/backuppc/install
-	$(INSTALL_DIR) $(strip $(1))/etc/init.d
-	$(INSTALL_BIN) ./files/backuppc.init $(strip $(1))/etc/init.d/backuppc
-	cd $(PKG_BUILD_DIR) && ./configure.pl --batch --html-dir-url=/backuppc/ \
-	    --html-dir=/www/backuppc/ --cgi-dir=/www/cgi-bin/ --no-fhs --uid-ignore \
-	    --dest-dir=$(strip $(1)) --install-dir /usr/share/backuppc \
-	    --hostname=XXXXXX --data-dir=/data/backuppc --log-dir=/data/backuppc/log \
-	    --bin-path perl=/usr/bin/perl --bin-path tar=/bin/tar \
-	    --bin-path smbclient=/usr/sbin/smbclient --bin-path nmblookup=/usr/sbin/nmblookup \
-	    --bin-path rsync=/usr/bin/rsync --bin-path ping=/usr/bin/ping --bin-path df=/bin/df \
-	    --bin-path ssh=/usr/bin/ssh --bin-path gzip=/bin/gzip \
-	    --bin-path sendmail=/usr/sbin/sendmail --bin-path bzip2=/usr/bin/bzip2 \
-	    --bin-path par2=
-	$(INSTALL_DIR) $(strip $(1))/usr/share/backuppc/conf
-	chmod 755 $(strip $(1))/data
-	mv $(strip $(1))/data/backuppc/conf/config.pl $(strip $(1))/usr/share/backuppc/conf/config.pl
-	patch --no-backup-if-mismatch $(strip $(1))/usr/share/backuppc/conf/config.pl ./files/fixup-config-pl.patch
-	mv $(strip $(1))/www/cgi-bin/BackupPC_Admin $(strip $(1))/usr/share/backuppc/bin/BackupPC_Admin_real
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/BackupPC_Admin $(strip $(1))/www/cgi-bin/BackupPC_Admin
-	$(INSTALL_DIR) $(strip $(1))/lib/upgrade/keep.d
-	$(INSTALL_DATA) files/backuppc.upgrade  $(strip $(1))/lib/upgrade/keep.d/backuppc
-endef
-
-$(eval $(call BuildPackage,backuppc))

admin/backuppc/files/backuppc.init

@@ -1,66 +0,0 @@
-#!/bin/sh /etc/rc.common
-
-. /lib/functions.sh
-
-START=95
-STOP=10
-
-USE_PROCD=1
-BACKUPPC_BIN="/usr/share/backuppc/bin/BackupPC"
-BACKUPPC_USER=backuppc
-
-# it would be better if it was possible to do this at install time, but we
-# can't, because in case of an openwrt image bundled with backuppc, all
-# ownerships other than root are lost.
-preconfigure() {
-    # create backuppc group and user if needed
-    if ! group_exists backuppc; then
-        group_add backuppc 864
-    fi
-    if ! user_exists backuppc; then
-        user_add backuppc 864 864 "BackupPC user" /data/backuppc /bin/sh
-    fi
-    # install default config if none exists, yet
-    if [ ! -e /data/backuppc/conf/config.pl ]; then
-        cp /usr/share/backuppc/conf/config.pl /data/backuppc/conf/config.pl
-    fi
-    # ensure proper ownerships and rights
-    chown backuppc:backuppc /data/backuppc /data/backuppc/* \
-                            /www/cgi-bin/BackupPC_Admin
-    chmod 750 /data/backuppc /data/backuppc/*
-    chmod 755 /usr/share/backuppc/bin/BackupPC_Admin_real
-    # The CGI needs to be world-executable, because uhttpd-cgi.c:386 checks
-    # for exactly that. We don't want that, but can't avoid it, currently.
-    chmod 6751 /www/cgi-bin/BackupPC_Admin
-    chown -R :backuppc /data/backuppc/conf
-    chmod 2770 /data/backuppc/conf
-    # protect webinterface with a random password by default
-    if [ -x /usr/sbin/uhttpd ] && ! grep -q backuppc /etc/httpd.conf >/dev/null 2>&1; then
-        PASS=$(perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..8)')
-        PASSHASH=$(/usr/sbin/uhttpd -m "${PASS}")
-        echo "/cgi-bin/BackupPC_Admin:backuppc:${PASSHASH}" >> /etc/httpd.conf
-        uci set uhttpd.main.config=/etc/httpd.conf
-        /etc/init.d/uhttpd restart
-        # inform user
-        echo
-        echo "To protect access to the backuppc web interface, HTTP basic authentication in"
-        echo "uhttpd for http://$(/sbin/uci get "system.@system[0].hostname")/cgi-bin/BackupPC_Admin has been configured:"
-        echo "user: backuppc"
-        echo "pass: ${PASS}"
-        echo
-        echo "It is also recommended to follow the steps in"
-        echo "https://openwrt.org/docs/guide-user/services/webserver/uhttpd#securing_uhttpd"
-        echo "to secure access to uhttpd."
-    fi
-}
-
-start_service() {
-    # don't run preconfigure steps if called during image build
-    if [ -z "${IPKG_INSTROOT}" ]; then
-        preconfigure
-    fi
-    procd_open_instance
-    procd_set_param user $BACKUPPC_USER
-    procd_set_param reload_signal 1
-    procd_set_param command $BACKUPPC_BIN
-}

admin/backuppc/files/backuppc.upgrade

@@ -1,2 +0,0 @@
-/etc/httpd.conf
-/data/backuppc/conf/

admin/backuppc/files/fixup-config-pl.patch

@@ -1,67 +0,0 @@
---- config.pl	2018-03-11 09:30:28.000000000 +0100
-+++ config.pl.new	2018-04-05 08:40:29.180000000 +0200
-@@ -41,7 +41,10 @@
- #
- # Host name on which the BackupPC server is running.
- #
--$Conf{ServerHost} = 'XXXXXX';
-+$ENV{'PATH'} = '/bin:/usr/bin';
-+delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
-+$Conf{ServerHost} = $ENV{'HOSTNAME'};
-+chomp($Conf{ServerHost});
- 
- #
- # TCP port number on which the BackupPC server listens for and accepts
-@@ -223,7 +226,7 @@
- #
- # Full path to various commands for archiving
- #
--$Conf{SplitPath} = '/usr/bin/split';
-+$Conf{SplitPath} = '/usr/bin/split' if ( -x '/usr/bin/split' );
- $Conf{ParPath}   = '';
- $Conf{CatPath}   = '/bin/cat';
- $Conf{GzipPath}  = '/bin/gzip';
-@@ -1572,7 +1575,7 @@
- # Full path for ssh. Security caution: normal users should not
- # allowed to write to this file or directory.
- #
--$Conf{SshPath} = '/usr/bin/ssh';
-+$Conf{SshPath} = '/usr/bin/ssh' if ( -x '/usr/bin/ssh' );
- 
- #
- # Full path for nmblookup. Security caution: normal users should not
-@@ -1874,7 +1877,7 @@
- # Full path to the sendmail command.  Security caution: normal users
- # should not allowed to write to this file or directory.
- #
--$Conf{SendmailPath} = '/usr/sbin/sendmail';
-+$Conf{SendmailPath} = '/usr/sbin/sendmail' if ( -x '/usr/sbin/sendmail' );
- 
- #
- # Minimum period between consecutive emails to a single user.
-@@ -2028,13 +2031,13 @@
- #    $Conf{CgiAdminUsers}     = 'craig celia';
- #    --> administrative users are only craig and celia'.
- #
--$Conf{CgiAdminUserGroup} = '';
--$Conf{CgiAdminUsers}     = '';
-+$Conf{CgiAdminUserGroup} = 'backuppc';
-+$Conf{CgiAdminUsers}     = 'backuppc';
- 
- #
- # URL of the BackupPC_Admin CGI script.  Used for email messages.
- #
--$Conf{CgiURL} = 'http://XXXXXX/cgi-bin//BackupPC_Admin';
-+$Conf{CgiURL} = 'http://' . $Conf{ServerHost} . '/cgi-bin//BackupPC_Admin';
- 
- #   
- # Language to use.  See lib/BackupPC/Lang for the list of supported
-@@ -2076,7 +2079,7 @@
- # dates (MM/DD), a value of 2 uses full YYYY-MM-DD format, and zero
- # for international dates (DD/MM).
- #
--$Conf{CgiDateFormatMMDD} = 1;
-+$Conf{CgiDateFormatMMDD} = 2;
- 
- #
- # If set, the complete list of hosts appears in the left navigation

admin/backuppc/files/setuidwrapper.c

@@ -1,8 +0,0 @@
-#include <unistd.h>
-
-int main(int argc, char* argv[])
-{
-    execv("/usr/share/backuppc/bin/BackupPC_Admin_real", argv);
-    return 0;
-}
-

admin/backuppc/patches/001-debian-fixes.patch

@@ -1,99 +0,0 @@
---- a/bin/BackupPC_archive
-+++ b/bin/BackupPC_archive
-@@ -299,7 +299,7 @@ sub ArchiveCleanup
-     if ( $NeedPostCmd ) {
-         UserCommandRun("ArchivePostUserCmd");
-         if ( $? && $Conf{UserCmdCheckStatus} ) {
--            $stat{hostError} = "RestorePreUserCmd returned error status $?";
-+            $stat{hostError} = "ArchivePostUserCmd returned error status $?";
-             $stat{xferOK} = 0;
-         }
-     }
---- a/bin/BackupPC_dump
-+++ b/bin/BackupPC_dump
-@@ -1067,7 +1067,7 @@ sub catch_signal
- 	    # Send ALRMs to BackupPC_tarExtract if we are using it
- 	    #
- 	    if ( $tarPid > 0 ) {
--		kill($bpc->sigName2num("ARLM"), $tarPid);
-+		kill($bpc->sigName2num("ALRM"), $tarPid);
- 	    }
- 
- 	    #
---- a/configure.pl
-+++ b/configure.pl
-@@ -333,7 +333,10 @@ while ( 1 ) {
-                                  $Conf{BackupPCUser} || "backuppc",
-                                  "backuppc-user");
-     if ( $opts{"set-perms"} ) {
--        ($name, $passwd, $Uid, $Gid) = getpwnam($Conf{BackupPCUser});
-+        #($name, $passwd, $Uid, $Gid) = getpwnam($Conf{BackupPCUser});
-+        $name = 'backuppc';
-+        $Uid=`id -u`;
-+        $Gid=`id -g`;
-         last if ( $name ne "" );
-         print <<EOF;
- 
-@@ -800,6 +803,7 @@ $Conf{ParPath} = '' if ( $Conf{ParPath}
- #
- # Figure out sensible arguments for the ping command
- #
-+$Conf{PingArgs} = '-c 1 $host';
- if ( defined($Conf{PingArgs}) ) {
-     $Conf{PingCmd} = '$pingPath ' . $Conf{PingArgs};
- } elsif ( !defined($Conf{PingCmd}) ) {
---- a/lib/BackupPC/CGI/View.pm
-+++ b/lib/BackupPC/CGI/View.pm
-@@ -46,7 +46,7 @@ sub action
-     my $compress = 0;
-     my $fh;
-     my $host = $In{host};
--    my $num  = $In{num};
-+    my $num  = ${EscHTML($In{num})};
-     my $type = $In{type};
-     my $linkHosts = 0;
-     my($file, $comment);
-@@ -136,6 +136,10 @@ sub action
- 		    }
- 		    $s =~ s/[\n\r]+//g;
- 		    if ( $s =~ /smb: \\>/
-+			    || $s =~ /^tar:\d+\s/
-+			    || $s =~ /^  NTLMSSP_/
-+			    || $s =~ /^GENSEC backend /
-+			    || $s =~ /^doing parameter /
- 			    || $s =~ /^\s*(\d+) \(\s*\d+\.\d kb\/s\) (.*)$/
- 			    || $s =~ /^tar: dumped \d+ files/
- 			    || $s =~ /^\s*added interface/i
---- a/lib/BackupPC/Lib.pm
-+++ b/lib/BackupPC/Lib.pm
-@@ -512,7 +512,8 @@ sub dirRead
-     }
-     if ( $IODirentOk ) {
-         @entries = sort({ $a->{inode} <=> $b->{inode} } readdirent($fh));
--        map { $_->{type} = 0 + $_->{type} } @entries;   # make type numeric
-+        #map { $_->{type} = 0 + $_->{type} } @entries;   # make type numeric
-+        map { $_->{type} = 0 + $_->{type}; $_->{type} = undef if ($_->{type} eq BPC_DT_UNKNOWN); } @entries;   # make type numeric, unset unknown types
-     } else {
-         @entries = map { { name => $_} } readdir($fh);
-     }
---- a/lib/BackupPC/Xfer/Smb.pm
-+++ b/lib/BackupPC/Xfer/Smb.pm
-@@ -219,7 +219,7 @@ sub readOutput
-         #
-         # MAKSYM 14082016: The next regex will never match on Samba-4.3, as
-         # smbclient doesn't produce output required; keeping it for older Sambas
--        if ( /^\s*(-?\d+) \(\s*\d+[.,]\d kb\/s\) (.*)$/ ) {
-+        if ( /^\s*(-?\d+) \(\s*\d+[.,]\d kb\/s\) (.*)$/ || /^tar:(\d+)\s+\+\+\+ (.*)$/ ) {
-             my $sambaFileSize = $1;
-             my $pcFileName    = $2;
-             (my $fileName = $pcFileName) =~ s/\\/\//g;
-@@ -281,6 +281,9 @@ sub readOutput
-         } elsif ( /smb: \\>/
-                 || /^\s*tar:\d+/ # MAKSYM 14082016: ignoring 2 more Samba-4.3 specific lines
-                 || /^\s*WARNING:/i
-+                || /^  NTLMSSP_/
-+                || /^GENSEC backend /
-+                || /^doing parameter /
-                 || /^\s*added interface/i
-                 || /^\s*tarmode is now/i
-                 || /^\s*Total bytes written/i

admin/bottom/Makefile

@@ -1,39 +0,0 @@
-# SPDX-License-Identifier: GPL-2.0-only
-#
-# Copyright (C) 2023 Luca Barbato
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=bottom
-PKG_VERSION:=0.9.4
-PKG_RELEASE:=1
-
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://codeload.github.com/ClementTsang/bottom/tar.gz/$(PKG_VERSION)?
-PKG_HASH:=199123ef354bcabaa8a2e3b7b477b324f5b647d503a2599d08296733846eea6e
-
-PKG_MAINTAINER:=Luca Barbato <lu_zero@luminem.org>
-PKG_LICENSE:=MIT
-PKG_LICENSE_FILES:=LICENSE
-
-PKG_BUILD_DEPENDS:=rust/host
-PKG_BUILD_PARALLEL:=1
-
-include $(INCLUDE_DIR)/package.mk
-include ../../lang/rust/rust-package.mk
-
-define Package/bottom
-  SECTION:=admin
-  CATEGORY:=Administration
-  TITLE:=Interactive processes viewer
-  DEPENDS:=$(RUST_ARCH_DEPENDS)
-  URL:=https://github.com/ClementTsang/bottom
-endef
-
-define Package/bottom/description
-  A customizable cross-platform graphical process/system monitor
-  for the terminal.
-endef
-
-$(eval $(call RustBinPackage,bottom))
-$(eval $(call BuildPackage,bottom))

admin/btop/Makefile

@@ -1,55 +0,0 @@
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=btop
-PKG_VERSION:=1.3.0
-PKG_RELEASE:=1
-
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL=https://codeload.github.com/aristocratos/btop/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=375e078ce2091969f0cd14030620bd1a94987451cf7a73859127a786006a32cf
-
-PKG_MAINTAINER:=Tianling Shen <cnsztl@immortalwrt.org>
-PKG_LICENSE:=Apache-2.0
-PKG_LICENSE_FILES:=LICENSE
-
-PKG_BUILD_FLAGS:=no-lto
-PKG_BUILD_PARALLEL:=1
-PKG_INSTALL:=1
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/btop
-  SECTION:=admin
-  CATEGORY:=Administration
-  TITLE:=A monitor of resources
-  URL:=https://github.com/aristocratos/btop
-  DEPENDS:=+libstdcpp
-endef
-
-define Package/btop/description
-  Resource monitor that shows usage and stats for processor, memory,
-  disks, network and processes.
-
-  C++ version and continuation of bashtop and bpytop.
-endef
-
-MAKE_FLAGS+= \
-	PLATFORM=Linux \
-	OPTFLAGS="$(TARGET_CXXFLAGS)" \
-	LDCXXFLAGS="$(TARGET_LDFLAGS) -pthread"
-
-ifneq ($(CONFIG_USE_MUSL),)
-  TARGET_CFLAGS += -D_LARGEFILE64_SOURCE
-endif
-
-define Package/btop/install
-	$(INSTALL_DIR) $(1)/usr/bin
-	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/local/bin/btop $(1)/usr/bin/
-	$(INSTALL_DIR) $(1)/usr/share
-	$(CP) $(PKG_INSTALL_DIR)/usr/local/share/btop $(1)/usr/share/
-
-	$(INSTALL_DIR) $(1)/etc/profile.d
-	$(CP) $(CURDIR)/files/btop.sh $(1)/etc/profile.d/
-endef
-
-$(eval $(call BuildPackage,btop))

admin/btop/files/btop.sh

@@ -1 +0,0 @@
-alias btop="btop --utf-force"

admin/btop/test.sh

@@ -1,3 +0,0 @@
-#!/bin/sh
-
-btop --version | grep "$PKG_VERSION"

admin/debian-archive-keyring/Makefile

@@ -1,42 +0,0 @@
-include $(TOPDIR)/rules.mk
-include $(INCLUDE_DIR)/kernel.mk
-
-PKG_NAME:=debian-archive-keyring
-PKG_VERSION:=2023.4
-PKG_HASH:=6e93a87b9e50bd81518880ec07a62f95d7d8452f4aa703f5b0a3076439f1022c
-PKG_RELEASE:=1
-
-PKG_SOURCE:=$(PKG_NAME)_$(PKG_VERSION)_all.deb
-PKG_SOURCE_URL:=http://ftp.debian.org/debian/pool/main/d/$(PKG_NAME)/
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
-
-PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
-PKG_LICENSE:=Unique
-PKG_LICENSE_FILES:=usr/share/doc/debian-archive-keyring/copyright
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/debian-archive-keyring
-  SECTION:=admin
-  CATEGORY:=Administration
-  TITLE:=Debian Archive keyring
-  URL:=https://salsa.debian.org/release-team/debian-archive-keyring
-  PKGARCH:=all
-endef
-
-define Build/Prepare
-	$(AR) p $(DL_DIR)/$(PKG_SOURCE) data.tar.xz | $(TAR) -xJC $(PKG_BUILD_DIR)
-endef
-
-define Build/Configure
-endef
-
-define Build/Compile
-endef
-
-define Package/debian-archive-keyring/install
-	$(INSTALL_DIR) $(1)/usr/share/keyrings
-	$(INSTALL_DATA) $(PKG_BUILD_DIR)/usr/share/keyrings/*.gpg $(1)/usr/share/keyrings
-endef
-
-$(eval $(call BuildPackage,debian-archive-keyring))

admin/debootstrap/Makefile

@@ -9,14 +9,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=debootstrap
-PKG_VERSION:=1.0.128+nmu2+deb12u1
+PKG_VERSION:=1.0.92
 PKG_RELEASE:=1
+PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
 
 PKG_SOURCE:=$(PKG_NAME)-udeb_$(PKG_VERSION)_all.udeb
-PKG_SOURCE_URL:=@DEBIAN/pool/main/d/debootstrap
-PKG_HASH:=4fa4ec7c144ed047c47d0d8eb9b91b56eaa9b2db2b52510777abbabf5965d268
-
-PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
+PKG_SOURCE_URL:=http://ftp.debian.org/debian/pool/main/d/debootstrap
+PKG_HASH:=fa58c00529912d2cc187aa5434962376bd5ec00d3e7e9693f505a27b8848fdcf
 PKG_LICENSE:=Unique
 PKG_LICENSE_FILES:=debian/copyright
 
@@ -28,8 +27,8 @@ define Package/debootstrap
   SECTION:=admin
   CATEGORY:=Administration
   TITLE:=Bootstrap a basic Debian system
-  URL:=https://wiki.debian.org/Debootstrap
-  DEPENDS:= +coreutils +coreutils-chroot +coreutils-sha1sum +ar +xz-utils +xz
+  URL:=http://wiki.debian.org/Debootstrap
+  DEPENDS:= +coreutils +coreutils-chroot +coreutils-sha1sum +ar +xz
 endef
 
 define Package/debootstrap/description

admin/debootstrap/files/pkgdetails.c

@@ -1,4 +1,3 @@
-#define _GNU_SOURCE
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>

admin/debootstrap/patches/010-no-nvswitch.patch

@@ -1,10 +0,0 @@
---- a/usr/share/debootstrap/functions
-+++ b/usr/share/debootstrap/functions
-@@ -78,7 +78,6 @@ progress_next () {
- }
- 
- wgetprogress () {
--	[ ! "$VERBOSE" ] && NVSWITCH="-nv"
- 	local ret=0
- 	if [ "$USE_DEBIANINSTALLER_INTERACTION" ] && [ "$PROGRESS_NEXT" ]; then
- 		# The exit status of a pipeline is that of the last command in

admin/gkrellmd/Makefile

@@ -1,61 +0,0 @@
-#
-# Copyright (C) 2007-2018 OpenWrt.org
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=gkrellmd
-PKG_VERSION:=2.3.11
-PKG_RELEASE:=1
-
-PKG_SOURCE:=gkrellm-$(PKG_VERSION).tar.bz2
-PKG_SOURCE_URL:=http://gkrellm.srcbox.net/releases
-PKG_HASH:=1ee0643ed9ed99f88c1504c89d9ccb20780cf29319c904b68e80a8e7c8678c06
-PKG_BUILD_DIR:=$(BUILD_DIR)/gkrellm-$(PKG_VERSION)
-
-PKG_MAINTAINER:=Peter Denison <openwrt@marshadder.org>
-PKG_LICENSE:=GPL-2.0-or-later
-PKG_LICENSE_FILES:=COPYING
-
-include $(INCLUDE_DIR)/package.mk
-include $(INCLUDE_DIR)/nls.mk
-
-define Package/gkrellmd
-  SECTION:=admin
-  CATEGORY:=Administration
-  DEPENDS:=+glib2
-  TITLE:=The GNU Krell Monitors Server
-  URL:=http://gkrellm.net/
-endef
-
-define Package/gkrellmd/description
-	Gkrellmd listens for connections from gkrellm clients. When
-	a gkrellm client connects to a gkrellmd server all builtin
-	monitors collect their data from the server.
-endef
-
-define Package/gkrellmd/conffiles
-/etc/$(PKG_NAME).conf
-endef
-
-define Build/Compile
-	$(MAKE) -C $(PKG_BUILD_DIR)/server \
-		CC="$(TARGET_CC)" \
-		CFLAGS="$(TARGET_CFLAGS) $(TARGET_CPPFLAGS)" \
-		LDFLAGS="$(TARGET_LDFLAGS) " \
-		without-libsensors="yes"
-endef
-
-define Package/gkrellmd/install
-	$(INSTALL_DIR) $(1)/usr/bin
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/server/$(PKG_NAME) $(1)/usr/bin/
-	$(INSTALL_DIR) $(1)/etc
-	$(INSTALL_CONF) $(PKG_BUILD_DIR)/server/$(PKG_NAME).conf $(1)/etc/
-	$(INSTALL_DIR) $(1)/etc/init.d
-	$(INSTALL_BIN) ./files/$(PKG_NAME).init $(1)/etc/init.d/$(PKG_NAME)
-endef
-
-$(eval $(call BuildPackage,gkrellmd))

admin/gkrellmd/files/gkrellmd.init

@@ -1,16 +0,0 @@
-#!/bin/sh /etc/rc.common
-# Copyright (C) 2007 OpenWrt.org
-
-START=60
-BIN=gkrellmd
-RUN_D=/var/run
-PID_F=$RUN_D/$BIN.pid
-
-start() {
-	mkdir -p $RUN_D
-	$BIN $OPTIONS
-}
-
-stop() {
-	[ -f $PID_F ] && kill $(cat $PID_F)
-}

admin/gkrellmd/patches/100-conf.patch

@@ -1,33 +0,0 @@
---- a/server/gkrellmd.conf
-+++ b/server/gkrellmd.conf
-@@ -4,7 +4,7 @@
- # the client update frequency.  Values may be from 1 to 10 and should be
- # smaller values to reduce network traffic.
- #
--#update-hz 3
-+update-hz 10
- 
- # Limit number of simultaneous clients allowed to connect.
- #
-@@ -30,18 +30,18 @@
- # Drop privileges after startup (you must start gkrellmd as root to do it).
- # NOTE: Option ignored on Windows
- #
--#user	nobody
-+user	nobody
- #group	proc
- 
- # Create a PID file for the running gkrellmd.  Default is no PID file.
- # NOTE: Option ignored on Windows
- #
--#pidfile /var/run/gkrellmd.pid
-+pidfile /var/run/gkrellmd.pid
- 
- # Run in background and detach from the controlling terminal
- # NOTE: Option ignored on Windows
- #
--#detach
-+detach
- 
- # Enable writing logging message to the system syslog file
- # NOTE: On windows this enables logging to the windows event log

admin/htop/Makefile

@@ -8,25 +8,19 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=htop
-PKG_VERSION:=3.3.0
+PKG_VERSION:=2.2.0
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://codeload.github.com/htop-dev/htop/tar.gz/$(PKG_VERSION)?
-PKG_HASH:=1e5cc328eee2bd1acff89f860e3179ea24b85df3ac483433f92a29977b14b045
+PKG_SOURCE_URL:=http://hisham.hm/htop/releases/$(PKG_VERSION)/
+PKG_HASH:=d9d6826f10ce3887950d709b53ee1d8c1849a70fa38e91d5896ad8cbc6ba3c57
 
-PKG_LICENSE:=GPL-2.0-or-later
+PKG_LICENSE:=GPL-2.0
 PKG_LICENSE_FILES:=COPYING
-PKG_CPE_ID:=cpe:/a:htop:htop
-
 
 PKG_FIXUP:=autoreconf
-PKG_BUILD_PARALLEL:=1
 PKG_INSTALL:=1
 
-PKG_CONFIG_DEPENDS:= CONFIG_HTOP_LMSENSORS
-PKG_BUILD_DEPENDS:= HTOP_LMSENSORS:lm-sensors
-
 include $(INCLUDE_DIR)/package.mk
 
 define Package/htop
@@ -34,7 +28,7 @@ define Package/htop
   CATEGORY:=Administration
   TITLE:=Interactive processes viewer
   DEPENDS:=+libncurses
-  URL:=https://hisham.hm/htop/
+  URL:=http://htop.sourceforge.net/
   MAINTAINER:=Etienne CHAMPETIER <champetier.etienne@gmail.com>
 endef
 
@@ -44,24 +38,8 @@ define Package/htop/description
  see all processes and their full command lines.
 endef
 
-define Package/htop/config
-	config HTOP_LMSENSORS
-		bool "Compile Htop with lm-sensors support"
-		depends on PACKAGE_htop
-		default y if TARGET_x86
-		help
-			Build htop with lm-sensors support.
-			This doesn't add lm-sensors as dependency,
-			if present it'll loaded using dlopen().
-endef
-
 CONFIGURE_ARGS += \
-	--$(if $(CONFIG_HTOP_LMSENSORS),en,dis)able-sensors \
-	--enable-affinity \
-	--disable-capabilities \
-	--disable-delayacct \
 	--disable-unicode \
-	--disable-unwind \
 	--disable-hwloc
 
 CONFIGURE_VARS += \

admin/ipmitool/Makefile

@@ -9,14 +9,13 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ipmitool
 PKG_VERSION:=1.8.18
-PKG_RELEASE:=5
+PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:=@SF/$(PKG_NAME)
 PKG_HASH:=0c1ba3b1555edefb7c32ae8cd6a3e04322056bc087918f07189eeedfc8b81e01
 PKG_LICENSE:=BSD-3-clause
 PKG_LICENSE_FILES:=COPYING
-PKG_CPE_ID:=cpe:/a:ipmitool_project:ipmitool
 
 include $(INCLUDE_DIR)/package.mk
 
@@ -25,7 +24,7 @@ define Package/ipmitool
   CATEGORY:=Administration
   DEPENDS:=+libopenssl +libncurses +libreadline
   TITLE:=Command-line interface to IPMI-enabled devices
-  URL:=https://github.com/ipmitool/ipmitool
+  URL:=http://sourceforge.net/projects/ipmitool/
   MAINTAINER:=Alexander Couzens <lynxis@fe80.eu>
 endef
 
@@ -39,6 +38,9 @@ define Package/ipmitool/install
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ipmitool $(1)/usr/sbin/
 endef
 
+define Package/ipmitool/conffiles
+endef
+
 CONFIGURE_ARGS += \
 	--enable-intf-lan \
 	--enable-intf-lanplus \

admin/ipmitool/patches/0001-ID-461-OpenSSL-1.1-compatibility-error-storage-size-.patch

@@ -1,99 +0,0 @@
-From b57487e360916ab3eaa50aa6d021c73b6337a4a0 Mon Sep 17 00:00:00 2001
-From: Dennis Schridde <dennis.schridde@uni-heidelberg.de>
-Date: Wed, 30 Nov 2016 17:33:00 +0100
-Subject: [PATCH 1/4] ID:461 - OpenSSL 1.1 compatibility - "error: storage size
- of 'ctx' isn't known"
-
-In OpenSSL 1.1 EVP_CIPHER_CTX became opaque, cf. `man 3ssl EVP_EncryptInit`
-
-Fixes: ID:461
----
- src/plugins/lanplus/lanplus_crypt_impl.c | 28 ++++++++++++++--------------
- 1 file changed, 14 insertions(+), 14 deletions(-)
-
---- a/src/plugins/lanplus/lanplus_crypt_impl.c
-+++ b/src/plugins/lanplus/lanplus_crypt_impl.c
-@@ -164,10 +164,10 @@ lanplus_encrypt_aes_cbc_128(const uint8_
- 							uint8_t       * output,
- 							uint32_t        * bytes_written)
- {
--	EVP_CIPHER_CTX ctx;
--	EVP_CIPHER_CTX_init(&ctx);
--	EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);
--	EVP_CIPHER_CTX_set_padding(&ctx, 0);
-+	EVP_CIPHER_CTX* ctx;
-+	EVP_CIPHER_CTX_init(ctx);
-+	EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
-+	EVP_CIPHER_CTX_set_padding(ctx, 0);
- 	
- 
- 	*bytes_written = 0;
-@@ -191,7 +191,7 @@ lanplus_encrypt_aes_cbc_128(const uint8_
- 	assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);
- 
- 
--	if(!EVP_EncryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))
-+	if(!EVP_EncryptUpdate(ctx, output, (int *)bytes_written, input, input_length))
- 	{
- 		/* Error */
- 		*bytes_written = 0;
-@@ -201,7 +201,7 @@ lanplus_encrypt_aes_cbc_128(const uint8_
- 	{
- 		uint32_t tmplen;
- 
--		if(!EVP_EncryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen))
-+		if(!EVP_EncryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen))
- 		{
- 			*bytes_written = 0;
- 			return; /* Error */
-@@ -210,7 +210,7 @@ lanplus_encrypt_aes_cbc_128(const uint8_
- 		{
- 			/* Success */
- 			*bytes_written += tmplen;
--			EVP_CIPHER_CTX_cleanup(&ctx);
-+			EVP_CIPHER_CTX_cleanup(ctx);
- 		}
- 	}
- }
-@@ -239,10 +239,10 @@ lanplus_decrypt_aes_cbc_128(const uint8_
- 							uint8_t       * output,
- 							uint32_t        * bytes_written)
- {
--	EVP_CIPHER_CTX ctx;
--	EVP_CIPHER_CTX_init(&ctx);
--	EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);
--	EVP_CIPHER_CTX_set_padding(&ctx, 0);
-+	EVP_CIPHER_CTX* ctx;
-+	EVP_CIPHER_CTX_init(ctx);
-+	EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
-+	EVP_CIPHER_CTX_set_padding(ctx, 0);
- 
- 
- 	if (verbose >= 5)
-@@ -266,7 +266,7 @@ lanplus_decrypt_aes_cbc_128(const uint8_
- 	assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);
- 
- 
--	if (!EVP_DecryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))
-+	if (!EVP_DecryptUpdate(ctx, output, (int *)bytes_written, input, input_length))
- 	{
- 		/* Error */
- 		lprintf(LOG_DEBUG, "ERROR: decrypt update failed");
-@@ -277,7 +277,7 @@ lanplus_decrypt_aes_cbc_128(const uint8_
- 	{
- 		uint32_t tmplen;
- 
--		if (!EVP_DecryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen))
-+		if (!EVP_DecryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen))
- 		{
- 			char buffer[1000];
- 			ERR_error_string(ERR_get_error(), buffer);
-@@ -290,7 +290,7 @@ lanplus_decrypt_aes_cbc_128(const uint8_
- 		{
- 			/* Success */
- 			*bytes_written += tmplen;
--			EVP_CIPHER_CTX_cleanup(&ctx);
-+			EVP_CIPHER_CTX_cleanup(ctx);
- 		}
- 	}
- 

admin/ipmitool/patches/0002-ID-461-Make-compiler-happier-about-changes-related-t.patch

@@ -1,31 +0,0 @@
-From 77fe5635037ebaf411cae46cf5045ca819b5c145 Mon Sep 17 00:00:00 2001
-From: Zdenek Styblik <stybla@turnovfree.net>
-Date: Sun, 15 Jan 2017 15:11:25 +0100
-Subject: [PATCH 2/4] ID:461 - Make compiler happier about changes related to
- OpenSSL 1.1
-
-Complaint was that ctx isn't initialized.
----
- src/plugins/lanplus/lanplus_crypt_impl.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
---- a/src/plugins/lanplus/lanplus_crypt_impl.c
-+++ b/src/plugins/lanplus/lanplus_crypt_impl.c
-@@ -164,7 +164,7 @@ lanplus_encrypt_aes_cbc_128(const uint8_
- 							uint8_t       * output,
- 							uint32_t        * bytes_written)
- {
--	EVP_CIPHER_CTX* ctx;
-+	EVP_CIPHER_CTX *ctx = NULL;
- 	EVP_CIPHER_CTX_init(ctx);
- 	EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
- 	EVP_CIPHER_CTX_set_padding(ctx, 0);
-@@ -239,7 +239,7 @@ lanplus_decrypt_aes_cbc_128(const uint8_
- 							uint8_t       * output,
- 							uint32_t        * bytes_written)
- {
--	EVP_CIPHER_CTX* ctx;
-+	EVP_CIPHER_CTX *ctx = NULL;
- 	EVP_CIPHER_CTX_init(ctx);
- 	EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
- 	EVP_CIPHER_CTX_set_padding(ctx, 0);

admin/ipmitool/patches/0003-ID-480-ipmitool-coredumps-in-EVP_CIPHER_CTX_init.patch

@@ -1,48 +0,0 @@
-From f004b4b7197fc83e7d47ec8cbcaefffa9a922717 Mon Sep 17 00:00:00 2001
-From: Zdenek Styblik <stybla@turnovfree.net>
-Date: Sun, 12 Mar 2017 14:00:35 +0100
-Subject: [PATCH 3/4] ID:480 - ipmitool coredumps in EVP_CIPHER_CTX_init
-
-IPMI tool coredumps due to changes introduced in ID:461. This shouldn't be
-surprise as a NULL pointer is passed to init. Commit addresses this issue by
-calling EVP_CIPHER_CTX_new() instead of EVP_CIPHER_CTX_init(), which is
-deprecated, and by checking return value of call to former function.
----
- src/plugins/lanplus/lanplus_crypt_impl.c | 14 ++++++++++----
- 1 file changed, 10 insertions(+), 4 deletions(-)
-
---- a/src/plugins/lanplus/lanplus_crypt_impl.c
-+++ b/src/plugins/lanplus/lanplus_crypt_impl.c
-@@ -165,10 +165,13 @@ lanplus_encrypt_aes_cbc_128(const uint8_
- 							uint32_t        * bytes_written)
- {
- 	EVP_CIPHER_CTX *ctx = NULL;
--	EVP_CIPHER_CTX_init(ctx);
-+	ctx = EVP_CIPHER_CTX_new();
-+	if (ctx == NULL) {
-+		*bytes_written = 0;
-+		return;
-+	}
- 	EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
- 	EVP_CIPHER_CTX_set_padding(ctx, 0);
--	
- 
- 	*bytes_written = 0;
- 
-@@ -240,11 +243,14 @@ lanplus_decrypt_aes_cbc_128(const uint8_
- 							uint32_t        * bytes_written)
- {
- 	EVP_CIPHER_CTX *ctx = NULL;
--	EVP_CIPHER_CTX_init(ctx);
-+	ctx = EVP_CIPHER_CTX_new();
-+	if (ctx == NULL) {
-+		*bytes_written = 0;
-+		return;
-+	}
- 	EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
- 	EVP_CIPHER_CTX_set_padding(ctx, 0);
- 
--
- 	if (verbose >= 5)
- 	{
- 		printbuf(iv,  16, "decrypting with this IV");

admin/ipmitool/patches/0004-ID-480-Call-EVP_CIPHER_CTX_free-instead-of-EVP_CIPHE.patch

@@ -1,139 +0,0 @@
-From 1664902525a1c3771b4d8b3ccab7ea1ba6b2bdd1 Mon Sep 17 00:00:00 2001
-From: Holger Liebig <holger.liebig@ts.fujitsu.com>
-Date: Tue, 4 Apr 2017 20:43:05 +0200
-Subject: [PATCH 4/4] ID:480 - Call EVP_CIPHER_CTX_free() instead of
- EVP_CIPHER_CTX_cleanup()
-
-Call EVP_CIPHER_CTX_free() instead of EVP_CIPHER_CTX_cleanup() to fix memory
-leak.
----
- src/plugins/lanplus/lanplus_crypt_impl.c | 44 +++++++++++++++++---------------
- 1 file changed, 23 insertions(+), 21 deletions(-)
-
---- a/src/plugins/lanplus/lanplus_crypt_impl.c
-+++ b/src/plugins/lanplus/lanplus_crypt_impl.c
-@@ -165,13 +165,6 @@ lanplus_encrypt_aes_cbc_128(const uint8_
- 							uint32_t        * bytes_written)
- {
- 	EVP_CIPHER_CTX *ctx = NULL;
--	ctx = EVP_CIPHER_CTX_new();
--	if (ctx == NULL) {
--		*bytes_written = 0;
--		return;
--	}
--	EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
--	EVP_CIPHER_CTX_set_padding(ctx, 0);
- 
- 	*bytes_written = 0;
- 
-@@ -185,6 +178,14 @@ lanplus_encrypt_aes_cbc_128(const uint8_
- 		printbuf(input, input_length, "encrypting this data");
- 	}
- 
-+	ctx = EVP_CIPHER_CTX_new();
-+	if (ctx == NULL) {
-+		lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed");
-+		return;
-+	}
-+	EVP_CIPHER_CTX_init(ctx);
-+	EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
-+	EVP_CIPHER_CTX_set_padding(ctx, 0);
- 
- 	/*
- 	 * The default implementation adds a whole block of padding if the input
-@@ -198,7 +199,6 @@ lanplus_encrypt_aes_cbc_128(const uint8_
- 	{
- 		/* Error */
- 		*bytes_written = 0;
--		return;
- 	}
- 	else
- 	{
-@@ -206,16 +206,17 @@ lanplus_encrypt_aes_cbc_128(const uint8_
- 
- 		if(!EVP_EncryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen))
- 		{
-+			/* Error */
- 			*bytes_written = 0;
--			return; /* Error */
- 		}
- 		else
- 		{
- 			/* Success */
- 			*bytes_written += tmplen;
--			EVP_CIPHER_CTX_cleanup(ctx);
- 		}
- 	}
-+	/* performs cleanup and free */
-+	EVP_CIPHER_CTX_free(ctx);
- }
- 
- 
-@@ -243,13 +244,6 @@ lanplus_decrypt_aes_cbc_128(const uint8_
- 							uint32_t        * bytes_written)
- {
- 	EVP_CIPHER_CTX *ctx = NULL;
--	ctx = EVP_CIPHER_CTX_new();
--	if (ctx == NULL) {
--		*bytes_written = 0;
--		return;
--	}
--	EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
--	EVP_CIPHER_CTX_set_padding(ctx, 0);
- 
- 	if (verbose >= 5)
- 	{
-@@ -258,12 +252,20 @@ lanplus_decrypt_aes_cbc_128(const uint8_
- 		printbuf(input, input_length, "decrypting this data");
- 	}
- 
--
- 	*bytes_written = 0;
- 
- 	if (input_length == 0)
- 		return;
- 
-+	ctx = EVP_CIPHER_CTX_new();
-+	if (ctx == NULL) {
-+		lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed");
-+		return;
-+	}
-+	EVP_CIPHER_CTX_init(ctx);
-+	EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
-+	EVP_CIPHER_CTX_set_padding(ctx, 0);
-+
- 	/*
- 	 * The default implementation adds a whole block of padding if the input
- 	 * data is perfectly aligned.  We would like to keep that from happening.
-@@ -277,7 +279,6 @@ lanplus_decrypt_aes_cbc_128(const uint8_
- 		/* Error */
- 		lprintf(LOG_DEBUG, "ERROR: decrypt update failed");
- 		*bytes_written = 0;
--		return;
- 	}
- 	else
- 	{
-@@ -285,20 +286,21 @@ lanplus_decrypt_aes_cbc_128(const uint8_
- 
- 		if (!EVP_DecryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen))
- 		{
-+			/* Error */
- 			char buffer[1000];
- 			ERR_error_string(ERR_get_error(), buffer);
- 			lprintf(LOG_DEBUG, "the ERR error %s", buffer);
- 			lprintf(LOG_DEBUG, "ERROR: decrypt final failed");
- 			*bytes_written = 0;
--			return; /* Error */
- 		}
- 		else
- 		{
- 			/* Success */
- 			*bytes_written += tmplen;
--			EVP_CIPHER_CTX_cleanup(ctx);
- 		}
- 	}
-+	/* performs cleanup and free */
-+	EVP_CIPHER_CTX_free(ctx);
- 
- 	if (verbose >= 5)
- 	{

admin/ipmitool/patches/0005-ipmitool-Fix-compile-with-deprecated-APIs-disabled.patch

@@ -1,42 +0,0 @@
-From cf39da53236abf02d39c6a98a645488933f3e861 Mon Sep 17 00:00:00 2001
-From: Rosen Penev <rosenp@gmail.com>
-Date: Tue, 21 Aug 2018 19:29:07 -0700
-Subject: [PATCH] ipmitool: Fix compile with deprecated APIs disabled.
-
-From the man page:
-
-EVP_CIPHER_CTX was made opaque in OpenSSL 1.1.0. As a result,
-EVP_CIPHER_CTX_reset() appeared and EVP_CIPHER_CTX_cleanup() disappeared.
-EVP_CIPHER_CTX_init() remains as an alias for EVP_CIPHER_CTX_reset().
-
-Signed-off-by: Rosen Penev <rosenp@gmail.com>
----
- src/plugins/lanplus/lanplus_crypt_impl.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
---- a/src/plugins/lanplus/lanplus_crypt_impl.c
-+++ b/src/plugins/lanplus/lanplus_crypt_impl.c
-@@ -183,7 +183,11 @@ lanplus_encrypt_aes_cbc_128(const uint8_
- 		lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed");
- 		return;
- 	}
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- 	EVP_CIPHER_CTX_init(ctx);
-+#else
-+	EVP_CIPHER_CTX_reset(ctx);
-+#endif
- 	EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
- 	EVP_CIPHER_CTX_set_padding(ctx, 0);
- 
-@@ -262,7 +266,11 @@ lanplus_decrypt_aes_cbc_128(const uint8_
- 		lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed");
- 		return;
- 	}
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- 	EVP_CIPHER_CTX_init(ctx);
-+#else
-+	EVP_CIPHER_CTX_reset(ctx);
-+#endif
- 	EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
- 	EVP_CIPHER_CTX_set_padding(ctx, 0);
- 

admin/ipmitool/patches/0006-CVE-2020-5208-fru-Fix-buffer-overflow-vulnerabilities.patch

@@ -1,123 +0,0 @@
-From 960dbb956d9f9cb05b719087faed53c88dc80956 Mon Sep 17 00:00:00 2001
-From: Chrostoper Ertl <chertl@microsoft.com>
-Date: Thu, 28 Nov 2019 16:33:59 +0000
-Subject: [PATCH 06/11] fru: Fix buffer overflow vulnerabilities
-
-Partial fix for CVE-2020-5208, see
-https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp
-
-The `read_fru_area_section` function only performs size validation of
-requested read size, and falsely assumes that the IPMI message will not
-respond with more than the requested amount of data; it uses the
-unvalidated response size to copy into `frubuf`. If the response is
-larger than the request, this can result in overflowing the buffer.
-
-The same issue affects the `read_fru_area` function.
----
- lib/ipmi_fru.c | 33 +++++++++++++++++++++++++++++++--
- 1 file changed, 31 insertions(+), 2 deletions(-)
-
---- a/lib/ipmi_fru.c
-+++ b/lib/ipmi_fru.c
-@@ -615,7 +615,10 @@ int
- read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id,
- 			uint32_t offset, uint32_t length, uint8_t *frubuf)
- {
--	uint32_t off = offset, tmp, finish;
-+	uint32_t off = offset;
-+	uint32_t tmp;
-+	uint32_t finish;
-+	uint32_t size_left_in_buffer;
- 	struct ipmi_rs * rsp;
- 	struct ipmi_rq req;
- 	uint8_t msg_data[4];
-@@ -628,10 +631,12 @@ read_fru_area(struct ipmi_intf * intf, s
- 
- 	finish = offset + length;
- 	if (finish > fru->size) {
-+		memset(frubuf + fru->size, 0, length - fru->size);
- 		finish = fru->size;
- 		lprintf(LOG_NOTICE, "Read FRU Area length %d too large, "
- 			"Adjusting to %d",
- 			offset + length, finish - offset);
-+		length = finish - offset;
- 	}
- 
- 	memset(&req, 0, sizeof(req));
-@@ -667,6 +672,7 @@ read_fru_area(struct ipmi_intf * intf, s
- 		}
- 	}
- 
-+	size_left_in_buffer = length;
- 	do {
- 		tmp = fru->access ? off >> 1 : off;
- 		msg_data[0] = id;
-@@ -707,9 +713,18 @@ read_fru_area(struct ipmi_intf * intf, s
- 		}
- 
- 		tmp = fru->access ? rsp->data[0] << 1 : rsp->data[0];
-+		if(rsp->data_len < 1
-+		   || tmp > rsp->data_len - 1
-+		   || tmp > size_left_in_buffer)
-+		{
-+			printf(" Not enough buffer size");
-+			return -1;
-+		}
-+
- 		memcpy(frubuf, rsp->data + 1, tmp);
- 		off += tmp;
- 		frubuf += tmp;
-+		size_left_in_buffer -= tmp;
- 		/* sometimes the size returned in the Info command
- 		* is too large.  return 0 so higher level function
- 		* still attempts to parse what was returned */
-@@ -742,7 +757,9 @@ read_fru_area_section(struct ipmi_intf *
- 			uint32_t offset, uint32_t length, uint8_t *frubuf)
- {
- 	static uint32_t fru_data_rqst_size = 20;
--	uint32_t off = offset, tmp, finish;
-+	uint32_t off = offset;
-+	uint32_t tmp, finish;
-+	uint32_t size_left_in_buffer;
- 	struct ipmi_rs * rsp;
- 	struct ipmi_rq req;
- 	uint8_t msg_data[4];
-@@ -755,10 +772,12 @@ read_fru_area_section(struct ipmi_intf *
- 
- 	finish = offset + length;
- 	if (finish > fru->size) {
-+		memset(frubuf + fru->size, 0, length - fru->size);
- 		finish = fru->size;
- 		lprintf(LOG_NOTICE, "Read FRU Area length %d too large, "
- 			"Adjusting to %d",
- 			offset + length, finish - offset);
-+		length = finish - offset;
- 	}
- 
- 	memset(&req, 0, sizeof(req));
-@@ -773,6 +792,8 @@ read_fru_area_section(struct ipmi_intf *
- 	if (fru->access && fru_data_rqst_size > 16)
- #endif
- 		fru_data_rqst_size = 16;
-+
-+	size_left_in_buffer = length;
- 	do {
- 		tmp = fru->access ? off >> 1 : off;
- 		msg_data[0] = id;
-@@ -804,8 +825,16 @@ read_fru_area_section(struct ipmi_intf *
- 		}
- 
- 		tmp = fru->access ? rsp->data[0] << 1 : rsp->data[0];
-+		if(rsp->data_len < 1
-+		   || tmp > rsp->data_len - 1
-+		   || tmp > size_left_in_buffer)
-+		{
-+			printf(" Not enough buffer size");
-+			return -1;
-+		}
- 		memcpy((frubuf + off)-offset, rsp->data + 1, tmp);
- 		off += tmp;
-+		size_left_in_buffer -= tmp;
- 
- 		/* sometimes the size returned in the Info command
- 		* is too large.  return 0 so higher level function

admin/ipmitool/patches/0007-CVE-2020-5208-fru-Fix-buffer-overflow-in-ipmi_spd_print_fru.patch

@@ -1,43 +0,0 @@
-From 910e5782b7d9f222d4e34d3505d0d636ff757103 Mon Sep 17 00:00:00 2001
-From: Chrostoper Ertl <chertl@microsoft.com>
-Date: Thu, 28 Nov 2019 16:44:18 +0000
-Subject: [PATCH 07/11] fru: Fix buffer overflow in ipmi_spd_print_fru
-
-Partial fix for CVE-2020-5208, see
-https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp
-
-The `ipmi_spd_print_fru` function has a similar issue as the one fixed
-by the previous commit in `read_fru_area_section`. An initial request is
-made to get the `fru.size`, which is used as the size for the allocation
-of `spd_data`. Inside a loop, further requests are performed to get the
-copy sizes which are not checked before being used as the size for a
-copy into the buffer.
----
- lib/dimm_spd.c | 9 ++++++++-
- 1 file changed, 8 insertions(+), 1 deletion(-)
-
---- a/lib/dimm_spd.c
-+++ b/lib/dimm_spd.c
-@@ -1621,7 +1621,7 @@ ipmi_spd_print_fru(struct ipmi_intf * in
- 	struct ipmi_rq req;
- 	struct fru_info fru;
- 	uint8_t *spd_data, msg_data[4];
--	int len, offset;
-+	uint32_t len, offset;
- 
- 	msg_data[0] = id;
- 
-@@ -1697,6 +1697,13 @@ ipmi_spd_print_fru(struct ipmi_intf * in
- 		}
- 
- 		len = rsp->data[0];
-+		if(rsp->data_len < 1
-+		   || len > rsp->data_len - 1
-+		   || len > fru.size - offset)
-+		{
-+			printf(" Not enough buffer size");
-+			return -1;
-+		}
- 		memcpy(&spd_data[offset], rsp->data + 1, len);
- 		offset += len;
- 	} while (offset < fru.size);

admin/ipmitool/patches/0008-CVE-2020-5208-session-Fix-buffer-overflow-in-ipmi_get_session_info.patch

@@ -1,43 +0,0 @@
-From 4f7778ed232a92bde388f38917b94f458a82c78e Mon Sep 17 00:00:00 2001
-From: Chrostoper Ertl <chertl@microsoft.com>
-Date: Thu, 28 Nov 2019 16:51:49 +0000
-Subject: [PATCH 08/11] session: Fix buffer overflow in ipmi_get_session_info
-
-Partial fix for CVE-2020-5208, see
-https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp
-
-The `ipmi_get_session_info` function does not properly check the
-response `data_len`, which is used as a copy size, allowing stack buffer
-overflow.
----
- lib/ipmi_session.c | 12 ++++++++----
- 1 file changed, 8 insertions(+), 4 deletions(-)
-
---- a/lib/ipmi_session.c
-+++ b/lib/ipmi_session.c
-@@ -309,8 +309,10 @@ ipmi_get_session_info(struct ipmi_intf
- 		}
- 		else
- 		{
--			memcpy(&session_info,  rsp->data, rsp->data_len);
--			print_session_info(&session_info, rsp->data_len);
-+			memcpy(&session_info,  rsp->data,
-+			       __min(rsp->data_len, sizeof(session_info)));
-+			print_session_info(&session_info,
-+			                   __min(rsp->data_len, sizeof(session_info)));
- 		}
- 		break;
- 		
-@@ -341,8 +343,10 @@ ipmi_get_session_info(struct ipmi_intf
- 				break;
- 			}
- 
--			memcpy(&session_info,  rsp->data, rsp->data_len);
--			print_session_info(&session_info, rsp->data_len);
-+			memcpy(&session_info,  rsp->data,
-+			       __min(rsp->data_len, sizeof(session_info)));
-+			print_session_info(&session_info,
-+			                   __min(rsp->data_len, sizeof(session_info)));
- 			
- 		} while (i <= session_info.session_slot_count);
- 		break;

admin/ipmitool/patches/0009-CVE-2020-5208-channel-Fix-buffer-overflow.patch

@@ -1,32 +0,0 @@
-From 743dd4faa302f22950e4438cf684e1e398eb47eb Mon Sep 17 00:00:00 2001
-From: Chrostoper Ertl <chertl@microsoft.com>
-Date: Thu, 28 Nov 2019 16:56:38 +0000
-Subject: [PATCH 09/11] channel: Fix buffer overflow
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Partial fix for CVE-2020-5208, see
-https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp
-
-The `ipmi_get_channel_cipher_suites` function does not properly check
-the final response’s `data_len`, which can lead to stack buffer overflow
-on the final copy.
----
- lib/ipmi_channel.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
---- a/lib/ipmi_channel.c
-+++ b/lib/ipmi_channel.c
-@@ -413,7 +413,10 @@ ipmi_get_channel_cipher_suites(struct ip
- 			lprintf(LOG_ERR, "Unable to Get Channel Cipher Suites");
- 			return -1;
- 		}
--		if (rsp->ccode > 0) {
-+		if (rsp->ccode
-+		    || rsp->data_len < 1
-+		    || rsp->data_len > sizeof(uint8_t) + 0x10)
-+		{
- 			lprintf(LOG_ERR, "Get Channel Cipher Suites failed: %s",
- 					val2str(rsp->ccode, completion_code_vals));
- 			return -1;

admin/ipmitool/patches/0010-CVE-2020-5208-lanp-Fix-buffer-overflows-in-get_lan_param_select.patch

@@ -1,83 +0,0 @@
-From e048e9c65a52f0879d482531e70735c1d314d43a Mon Sep 17 00:00:00 2001
-From: Chrostoper Ertl <chertl@microsoft.com>
-Date: Thu, 28 Nov 2019 17:06:39 +0000
-Subject: [PATCH 10/11] lanp: Fix buffer overflows in get_lan_param_select
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Partial fix for CVE-2020-5208, see
-https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp
-
-The `get_lan_param_select` function is missing a validation check on the
-response’s `data_len`, which it then returns to caller functions, where
-stack buffer overflow can occur.
----
- lib/ipmi_lanp.c | 14 +++++++-------
- 1 file changed, 7 insertions(+), 7 deletions(-)
-
---- a/lib/ipmi_lanp.c
-+++ b/lib/ipmi_lanp.c
-@@ -1809,7 +1809,7 @@ ipmi_lan_alert_set(struct ipmi_intf * in
- 		if (p == NULL) {
- 			return (-1);
- 		}
--		memcpy(data, p->data, p->data_len);
-+		memcpy(data, p->data, __min(p->data_len, sizeof(data)));
- 		/* set new ipaddr */
- 		memcpy(data+3, temp, 4);
- 		printf("Setting LAN Alert %d IP Address to %d.%d.%d.%d\n", alert,
-@@ -1824,7 +1824,7 @@ ipmi_lan_alert_set(struct ipmi_intf * in
- 		if (p == NULL) {
- 			return (-1);
- 		}
--		memcpy(data, p->data, p->data_len);
-+		memcpy(data, p->data, __min(p->data_len, sizeof(data)));
- 		/* set new macaddr */
- 		memcpy(data+7, temp, 6);
- 		printf("Setting LAN Alert %d MAC Address to "
-@@ -1838,7 +1838,7 @@ ipmi_lan_alert_set(struct ipmi_intf * in
- 		if (p == NULL) {
- 			return (-1);
- 		}
--		memcpy(data, p->data, p->data_len);
-+		memcpy(data, p->data, __min(p->data_len, sizeof(data)));
- 
- 		if (strncasecmp(argv[1], "def", 3) == 0 ||
- 		    strncasecmp(argv[1], "default", 7) == 0) {
-@@ -1864,7 +1864,7 @@ ipmi_lan_alert_set(struct ipmi_intf * in
- 		if (p == NULL) {
- 			return (-1);
- 		}
--		memcpy(data, p->data, p->data_len);
-+		memcpy(data, p->data, __min(p->data_len, sizeof(data)));
- 
- 		if (strncasecmp(argv[1], "on", 2) == 0 ||
- 		    strncasecmp(argv[1], "yes", 3) == 0) {
-@@ -1889,7 +1889,7 @@ ipmi_lan_alert_set(struct ipmi_intf * in
- 		if (p == NULL) {
- 			return (-1);
- 		}
--		memcpy(data, p->data, p->data_len);
-+		memcpy(data, p->data, __min(p->data_len, sizeof(data)));
- 
- 		if (strncasecmp(argv[1], "pet", 3) == 0) {
- 			printf("Setting LAN Alert %d destination to PET Trap\n", alert);
-@@ -1917,7 +1917,7 @@ ipmi_lan_alert_set(struct ipmi_intf * in
- 		if (p == NULL) {
- 			return (-1);
- 		}
--		memcpy(data, p->data, p->data_len);
-+		memcpy(data, p->data, __min(p->data_len, sizeof(data)));
- 
- 		if (str2uchar(argv[1], &data[2]) != 0) {
- 			lprintf(LOG_ERR, "Invalid time: %s", argv[1]);
-@@ -1933,7 +1933,7 @@ ipmi_lan_alert_set(struct ipmi_intf * in
- 		if (p == NULL) {
- 			return (-1);
- 		}
--		memcpy(data, p->data, p->data_len);
-+		memcpy(data, p->data, __min(p->data_len, sizeof(data)));
- 
- 		if (str2uchar(argv[1], &data[3]) != 0) {
- 			lprintf(LOG_ERR, "Invalid retry: %s", argv[1]);

admin/ipmitool/patches/0011-CVE-2020-5208-fru-sdr-Fix-id_string-buffer-overflows.patch

@@ -1,130 +0,0 @@
-From 98b47424cf548f58c4d295fa8235210406ea85ca Mon Sep 17 00:00:00 2001
-From: Chrostoper Ertl <chertl@microsoft.com>
-Date: Thu, 28 Nov 2019 17:13:45 +0000
-Subject: [PATCH 11/11] fru, sdr: Fix id_string buffer overflows
-
-Final part of the fixes for CVE-2020-5208, see
-https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp
-
-9 variants of stack buffer overflow when parsing `id_string` field of
-SDR records returned from `CMD_GET_SDR` command.
-
-SDR record structs have an `id_code` field, and an `id_string` `char`
-array.
-
-The length of `id_string` is calculated as `(id_code & 0x1f) + 1`,
-which can be larger than expected 16 characters (if `id_code = 0xff`,
-then length will be `(0xff & 0x1f) + 1 = 32`).
-
-In numerous places, this can cause stack buffer overflow when copying
-into fixed buffer of size `17` bytes from this calculated length.
----
- lib/ipmi_fru.c |  2 +-
- lib/ipmi_sdr.c | 40 ++++++++++++++++++++++++----------------
- 2 files changed, 25 insertions(+), 17 deletions(-)
-
---- a/lib/ipmi_fru.c
-+++ b/lib/ipmi_fru.c
-@@ -3062,7 +3062,7 @@ ipmi_fru_print(struct ipmi_intf * intf,
- 		return 0;
- 
- 	memset(desc, 0, sizeof(desc));
--	memcpy(desc, fru->id_string, fru->id_code & 0x01f);
-+	memcpy(desc, fru->id_string, __min(fru->id_code & 0x01f, sizeof(desc)));
- 	desc[fru->id_code & 0x01f] = 0;
- 	printf("FRU Device Description : %s (ID %d)\n", desc, fru->device_id);
- 
---- a/lib/ipmi_sdr.c
-+++ b/lib/ipmi_sdr.c
-@@ -2084,7 +2084,7 @@ ipmi_sdr_print_sensor_eventonly(struct i
- 		return -1;
- 
- 	memset(desc, 0, sizeof (desc));
--	snprintf(desc, (sensor->id_code & 0x1f) + 1, "%s", sensor->id_string);
-+	snprintf(desc, sizeof(desc), "%.*s", (sensor->id_code & 0x1f) + 1, sensor->id_string);
- 
- 	if (verbose) {
- 		printf("Sensor ID              : %s (0x%x)\n",
-@@ -2135,7 +2135,7 @@ ipmi_sdr_print_sensor_mc_locator(struct
- 		return -1;
- 
- 	memset(desc, 0, sizeof (desc));
--	snprintf(desc, (mc->id_code & 0x1f) + 1, "%s", mc->id_string);
-+	snprintf(desc, sizeof(desc), "%.*s", (mc->id_code & 0x1f) + 1, mc->id_string);
- 
- 	if (verbose == 0) {
- 		if (csv_output)
-@@ -2228,7 +2228,7 @@ ipmi_sdr_print_sensor_generic_locator(st
- 	char desc[17];
- 
- 	memset(desc, 0, sizeof (desc));
--	snprintf(desc, (dev->id_code & 0x1f) + 1, "%s", dev->id_string);
-+	snprintf(desc, sizeof(desc), "%.*s", (dev->id_code & 0x1f) + 1, dev->id_string);
- 
- 	if (!verbose) {
- 		if (csv_output)
-@@ -2285,7 +2285,7 @@ ipmi_sdr_print_sensor_fru_locator(struct
- 	char desc[17];
- 
- 	memset(desc, 0, sizeof (desc));
--	snprintf(desc, (fru->id_code & 0x1f) + 1, "%s", fru->id_string);
-+	snprintf(desc, sizeof(desc), "%.*s", (fru->id_code & 0x1f) + 1, fru->id_string);
- 
- 	if (!verbose) {
- 		if (csv_output)
-@@ -2489,35 +2489,43 @@ ipmi_sdr_print_name_from_rawentry(struct
- 
-    int rc =0;
-    char desc[17];
-+   const char *id_string;
-+   uint8_t id_code;
-    memset(desc, ' ', sizeof (desc));
- 
-    switch ( type) {
-       case SDR_RECORD_TYPE_FULL_SENSOR:
-       record.full = (struct sdr_record_full_sensor *) raw;
--      snprintf(desc, (record.full->id_code & 0x1f) +1, "%s",
--               (const char *)record.full->id_string);
-+      id_code = record.full->id_code;
-+      id_string = record.full->id_string;
-       break;
-+
-       case SDR_RECORD_TYPE_COMPACT_SENSOR:
-       record.compact = (struct sdr_record_compact_sensor *) raw	;
--      snprintf(desc, (record.compact->id_code & 0x1f)  +1, "%s",
--               (const char *)record.compact->id_string);
-+      id_code = record.compact->id_code;
-+      id_string = record.compact->id_string;
-       break;
-+
-       case SDR_RECORD_TYPE_EVENTONLY_SENSOR:
-       record.eventonly  = (struct sdr_record_eventonly_sensor *) raw ;
--      snprintf(desc, (record.eventonly->id_code & 0x1f)  +1, "%s",
--               (const char *)record.eventonly->id_string);
--      break;            
-+      id_code = record.eventonly->id_code;
-+      id_string = record.eventonly->id_string;
-+      break;
-+
-       case SDR_RECORD_TYPE_MC_DEVICE_LOCATOR:
-       record.mcloc  = (struct sdr_record_mc_locator *) raw ;
--      snprintf(desc, (record.mcloc->id_code & 0x1f)  +1, "%s",
--               (const char *)record.mcloc->id_string);		
-+      id_code = record.mcloc->id_code;
-+      id_string = record.mcloc->id_string;
-       break;
-+
-       default:
-       rc = -1;
--      break;
--   }   
-+   }
-+   if (!rc) {
-+       snprintf(desc, sizeof(desc), "%.*s", (id_code & 0x1f) + 1, id_string);
-+   }
- 
--      lprintf(LOG_INFO, "ID: 0x%04x , NAME: %-16s", id, desc);
-+   lprintf(LOG_INFO, "ID: 0x%04x , NAME: %-16s", id, desc);
-    return rc;
- }
- 

admin/ipmitool/patches/0012-gcc10.patch

@@ -1,33 +0,0 @@
-From c3939dac2c060651361fc71516806f9ab8c38901 Mon Sep 17 00:00:00 2001
-From: Vaclav Dolezal <vdolezal@redhat.com>
-Date: Thu, 23 Jan 2020 11:26:32 +0100
-Subject: [PATCH] hpmfwupg: move variable definition to .c file
-
-Signed-off-by: Vaclav Dolezal <vdolezal@redhat.com>
----
- include/ipmitool/ipmi_hpmfwupg.h | 2 +-
- lib/ipmi_hpmfwupg.c              | 2 ++
- 2 files changed, 3 insertions(+), 1 deletion(-)
-
---- a/include/ipmitool/ipmi_hpmfwupg.h
-+++ b/include/ipmitool/ipmi_hpmfwupg.h
-@@ -800,7 +800,7 @@ typedef struct _VERSIONINFO {
- 	char descString[HPMFWUPG_DESC_STRING_LENGTH + 1];
- }VERSIONINFO, *PVERSIONINFO;
- 
--VERSIONINFO gVersionInfo[HPMFWUPG_COMPONENT_ID_MAX];
-+extern VERSIONINFO gVersionInfo[HPMFWUPG_COMPONENT_ID_MAX];
- 
- #define TARGET_VER (0x01)
- #define ROLLBACK_VER (0x02)
---- a/lib/ipmi_hpmfwupg.c
-+++ b/lib/ipmi_hpmfwupg.c
-@@ -58,6 +58,8 @@ ipmi_intf_get_max_request_data_size(stru
- 
- extern int verbose;
- 
-+VERSIONINFO gVersionInfo[HPMFWUPG_COMPONENT_ID_MAX];
-+
- int HpmfwupgUpgrade(struct ipmi_intf *intf, char *imageFilename,
- 		int activate, int, int);
- int HpmfwupgValidateImageIntegrity(struct HpmfwupgUpgradeCtx *pFwupgCtx);

admin/monit/Makefile

@@ -8,20 +8,18 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=monit
-PKG_VERSION:=5.33.0
+PKG_VERSION:=5.24.0
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://bitbucket.org/tildeslash/monit/downloads/
-PKG_HASH:=1ace889c0183473a9d70160df6533bb6e1338dc1354f5928507803e1e2a863b5
+PKG_HASH:=754d1f0e165e5a26d4639a6a83f44ccf839e381f2622e0946d5302fa1f2d2414
+PKG_SOURCE_URL:=https://mmonit.com/monit/dist
 
-PKG_MAINTAINER:=Yaroslav Petrov <info@lank.me>
 PKG_LICENSE:=AGPL-3.0
 PKG_LICENSE_FILES:=COPYING
-PKG_CPE_ID:=cpe:/a:tildeslash:monit
 
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
 PKG_INSTALL:=1
-PKG_BUILD_PARALLEL:=1
 
 include $(INCLUDE_DIR)/package.mk
 
@@ -31,6 +29,7 @@ define Package/monit/Default
   DEPENDS:= +libpthread +zlib
   TITLE:=System services monitoring utility
   URL:=https://mmonit.com/monit/
+  MAINTAINER:=Etienne CHAMPETIER <champetier.etienne@gmail.com>
 endef
 
 define Package/monit/Default/description
@@ -62,7 +61,6 @@ endef
 
 CONFIGURE_ARGS += \
 	--without-pam \
-	ac_cv_ipv6=$(if $(CONFIG_IPV6),yes,no) \
 	libmonit_cv_setjmp_available=yes \
 	libmonit_cv_vsnprintf_c99_conformant=yes
 
@@ -77,11 +75,6 @@ ifeq ($(BUILD_VARIANT),nossl)
 		--without-ssl
 endif
 
-define Build/Prepare
-	$(Build/Prepare/Default)
-	(cd $(PKG_BUILD_DIR) && ./bootstrap)
-endef
-
 define Package/monit/conffiles
 /etc/monitrc
 endef

admin/monit/patches/001-fix-default-piddir.patch

@@ -1,9 +1,9 @@
---- a/configure.ac
-+++ b/configure.ac
-@@ -477,14 +477,7 @@ AC_ARG_WITH(ipv6,
- 
+--- a/configure
++++ b/configure
+@@ -13852,14 +13852,7 @@ fi
  # Find the right directory to put the root-mode PID file in
- AC_MSG_CHECKING([pid file location])
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking pid file location" >&5
+ $as_echo_n "checking pid file location... " >&6; }
 -if test -d "/run"
 -then
 -	piddir="/run"
@@ -14,5 +14,5 @@
 -fi
 +piddir="/var/run"
  
- AC_DEFINE_UNQUOTED([PIDDIR], "$piddir",
- 	  [Define to the pid storage directory.])
+ 
+ cat >>confdefs.h <<_ACEOF

admin/muninlite/Makefile

@@ -8,15 +8,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=muninlite
-PKG_VERSION:=2.1.2
-PKG_RELEASE:=1
+PKG_VERSION:=1.0.4
+PKG_RELEASE:=8
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://github.com/munin-monitoring/$(PKG_NAME)/releases/download/$(PKG_VERSION)/
-PKG_HASH:=5a49da30944f3b85a0030b661a27e84c06c7f640050802e799304b11cc635ffc
-
-PKG_MAINTAINER:=Jonathan McCrohan <jmccrohan@gmail.com>
-PKG_LICENSE:=GPL-2.0-or-later
+PKG_SOURCE_URL:=@SF/$(PKG_NAME)
+PKG_HASH:=736482dd6d6849d014d975b1f5794f20dda6e123dbba2d8c2f169c8e787e6f7e
+PKG_LICENSE:=GPL-2.0+
 PKG_LICENSE_FILES:=LICENSE
 
 include $(INCLUDE_DIR)/package.mk
@@ -26,7 +24,8 @@ define Package/muninlite
   CATEGORY:=Administration
   DEPENDS:=+xinetd
   TITLE:=Munin node implemented in shell
-  URL:=https://github.com/munin-monitoring/muninlite
+  URL:=http://sourceforge.net/projects/muninlite/
+  PKG_MAINTAINER:=Jonathan McCrohan <jmccrohan@gmail.com>
 endef
 
 define Package/muninlite/Default/description
@@ -36,14 +35,20 @@ endef
 
 define Package/muninlite/install
 	$(INSTALL_DIR) $(1)/usr/sbin/
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/muninlite $(1)/usr/sbin/
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/munin-node $(1)/usr/sbin/
 	$(INSTALL_DIR) $(1)/etc/xinetd.d
-	$(INSTALL_DATA) ./files/etc/xinetd.d/muninlite $(1)/etc/xinetd.d/
-	$(INSTALL_DIR) $(1)/etc/munin/plugins
+	$(INSTALL_DATA) ./files/etc/xinetd.d/munin $(1)/etc/xinetd.d/
 endef
 
 define Package/muninlite/conffiles
-/etc/xinetd.d/muninlite
+/etc/xinetd.d/munin
+endef
+
+define Build/Configure
+endef
+
+define Build/Compile
+	$(MAKE) -C $(PKG_BUILD_DIR)
 endef
 
 $(eval $(call BuildPackage,muninlite))

admin/muninlite/files/etc/xinetd.d/munin

@@ -0,0 +1,10 @@
+service munin
+{
+	socket_type	= stream
+	protocol	= tcp
+	wait		= no
+	user		= root
+	group		= root
+	server		= /usr/sbin/munin-node
+	disable		= no
+}

admin/muninlite/files/etc/xinetd.d/muninlite

@@ -1,10 +0,0 @@
-service munin
-{
-	socket_type	= stream
-	protocol	= tcp
-	wait		= no
-	user		= root
-	group		= root
-	server		= /usr/sbin/muninlite
-	disable		= no
-}

admin/muninlite/patches/001-fix_disks.patch

@@ -0,0 +1,10 @@
+--- a/plugins/df
++++ b/plugins/df
+@@ -19,6 +19,6 @@ fetch_df() {
+   do
+     PINFO=$(df -P $PART | tail -1);
+     PNAME=$(echo $PINFO | cut -d\  -f1 | sed 's/[\/.-]/_/g')
+-    echo "$PNAME.value" $(echo $PINFO | cut -f5 -d\  | sed -e 's/\%//g')
++    echo "$PNAME.value" $(echo $PINFO | sed -e 's/\%//g' -e 's/  */ /g' | cut -f5 -d' ')
+   done
+ }

admin/muninlite/patches/002-hostname.patch

@@ -0,0 +1,11 @@
+--- a/munin-node.in
++++ b/munin-node.in
+@@ -113,7 +113,7 @@ PLUGINS=$RES
+ 
+ # ===== MAIN LOOP =====
+ FUNCTIONS="list nodes config fetch version quit"
+-HOSTNAME=$(hostname -f 2>/dev/null || hostname)
++HOSTNAME=$(/sbin/uci get "system.@system[0].hostname" 2>/dev/null || cat /proc/sys/kernel/hostname)
+ echo "# munin node at $HOSTNAME"
+ while read arg0 arg1 
+ do 

admin/muninlite/patches/100-fix-no-ethtool.patch

@@ -0,0 +1,21 @@
+--- a/plugins/if_
++++ b/plugins/if_
+@@ -15,10 +15,14 @@ config_if() {
+   echo "up.min 0"
+   echo "up.negative down"
+   echo "up.cdef up,8,*"
+-  if ethtool $1 | grep -q Speed; then
+-    MAX=$(($(ethtool $1 | grep Speed | sed -e 's/[[:space:]]\{1,\}/ /g' -e 's/^ //' -e 's/M.*//' | cut -d\  -f2) * 1000000))
+-    echo "up.max $MAX"
+-    echo "down.max $MAX"
++  if [ -n "$(which ethtool)" ]; then
++	if [ -x "$(which ethtool)" ]; then
++  		if ethtool $1 | grep -q Speed; then
++    			MAX=$(($(ethtool $1 | grep Speed | sed -e 's/[[:space:]]\{1,\}/ /g' -e 's/^ //' -e 's/M.*//' | cut -d\  -f2) * 1000000))
++    			echo "up.max $MAX"
++    			echo "down.max $MAX"
++		fi
++	fi
+   fi
+ }
+ fetch_if() {

admin/muninlite/patches/110-fix-uptime-days.patch

@@ -0,0 +1,12 @@
+--- a/plugins/uptime
++++ b/plugins/uptime
+@@ -4,8 +4,7 @@ config_uptime() {
+   echo "graph_vlabel uptime in days"
+   echo "uptime.label uptime"
+   echo "uptime.draw AREA"
+-  echo "uptime.cdef uptime,86400,/"
+ }
+ fetch_uptime() {
+-  echo "uptime.value" $(cut -d\  -f1 /proc/uptime)
++  awk '{printf "uptime.value %.2f",$1/86400; print ""}' /proc/uptime
+ }

admin/muninlite/patches/200-add-tap-dev.patch

@@ -0,0 +1,20 @@
+--- a/munin-node.in
++++ b/munin-node.in
+@@ -72,7 +72,7 @@ RES=""
+ for PLUG in $PLUGINS
+ do 
+   if [ "$PLUG" = "if_" ]; then  
+-    for INTER in $(grep '^ *\(ppp\|eth\|wlan\|ath\|ra\|ipsec\)\([^:]\)\{1,\}:' /proc/net/dev | cut -f1 -d: | sed 's/ //g');
++    for INTER in $(grep '^ *\(ppp\|eth\|wlan\|ath\|ra\|ipsec\|tap\)\([^:]\)\{1,\}:' /proc/net/dev | cut -f1 -d: | sed 's/ //g');
+     do
+       INTERRES=$(echo $INTER | sed 's/\./VLAN/')
+       RES="$RES if_$INTERRES"
+@@ -80,7 +80,7 @@ do
+       eval "config_if_${INTERRES}() { config_if $INTER $@; };"
+     done
+   elif [ "$PLUG" = "if_err_" ]; then
+-    for INTER in $(grep '^ *\(ppp\|eth\|wlan\|ath\|ra\|ipsec\)\([^:]\)\{1,\}:' /proc/net/dev | cut -f1 -d: | sed 's/ //g');
++    for INTER in $(grep '^ *\(ppp\|eth\|wlan\|ath\|ra\|ipsec\|tap\)\([^:]\)\{1,\}:' /proc/net/dev | cut -f1 -d: | sed 's/ //g');
+     do
+       INTERRES=$(echo $INTER | sed 's/\./VLAN/')
+       RES="$RES if_err_$INTERRES"

admin/muninlite/patches/210-add-bridge-devs.patch

@@ -0,0 +1,24 @@
+--- a/munin-node.in
++++ b/munin-node.in
+@@ -72,17 +72,17 @@ RES=""
+ for PLUG in $PLUGINS
+ do 
+   if [ "$PLUG" = "if_" ]; then  
+-    for INTER in $(grep '^ *\(ppp\|eth\|wlan\|ath\|ra\|ipsec\|tap\)\([^:]\)\{1,\}:' /proc/net/dev | cut -f1 -d: | sed 's/ //g');
++    for INTER in $(grep '^ *\(ppp\|eth\|wlan\|ath\|ra\|ipsec\|tap\|br-\)\([^:]\)\{1,\}:' /proc/net/dev | cut -f1 -d: | sed 's/ //g');
+     do
+-      INTERRES=$(echo $INTER | sed 's/\./VLAN/')
++      INTERRES=$(echo $INTER | sed -e 's/\./VLAN/' -e 's/\-/_/')
+       RES="$RES if_$INTERRES"
+       eval "fetch_if_${INTERRES}() { fetch_if $INTER $@; };"
+       eval "config_if_${INTERRES}() { config_if $INTER $@; };"
+     done
+   elif [ "$PLUG" = "if_err_" ]; then
+-    for INTER in $(grep '^ *\(ppp\|eth\|wlan\|ath\|ra\|ipsec\|tap\)\([^:]\)\{1,\}:' /proc/net/dev | cut -f1 -d: | sed 's/ //g');
++    for INTER in $(grep '^ *\(ppp\|eth\|wlan\|ath\|ra\|ipsec\|tap\|br-\)\([^:]\)\{1,\}:' /proc/net/dev | cut -f1 -d: | sed 's/ //g');
+     do
+-      INTERRES=$(echo $INTER | sed 's/\./VLAN/')
++      INTERRES=$(echo $INTER | sed -e 's/\./VLAN/' -e 's/\-/_/')
+       RES="$RES if_err_$INTERRES"
+       eval "fetch_if_err_${INTERRES}() { fetch_if_err $INTER $@; };"
+       eval "config_if_err_${INTERRES}() { config_if_err $INTER $@; };"

admin/muninlite/patches/220-modify-ifname-parser.patch

@@ -0,0 +1,22 @@
+--- a/plugins/if_
++++ b/plugins/if_
+@@ -26,7 +26,7 @@ config_if() {
+   fi
+ }
+ fetch_if() {
+-  IINFO=$(grep "$1:" /proc/net/dev | cut -d: -f2 | sed -e 's/  / /g')
++  IINFO=$(grep "$1:" /proc/net/dev | cut -d: -f2 | sed -e 's/  */ /g' -e 's/^[ \t]*//')
+   echo "down.value" $(echo $IINFO | cut -d\  -f1)
+   echo "up.value" $(echo $IINFO | cut -d\  -f9)
+ }
+--- a/plugins/if_err_
++++ b/plugins/if_err_
+@@ -15,7 +15,7 @@ config_if_err() {
+   echo "trans.warning 1"
+ }
+ fetch_if_err() {
+-  IINFO=$(grep "$1:" /proc/net/dev | cut -d: -f2 | sed -e 's/  / /g')
++  IINFO=$(grep "$1:" /proc/net/dev | cut -d: -f2 | sed -e 's/  */ /g' -e 's/^[ \t]*//')
+   echo "rcvd.value" $(echo $IINFO | cut -d\  -f3)
+   echo "trans.value" $(echo $IINFO | cut -d\  -f11)
+ }

admin/muninlite/patches/230-fix-available-interface-parsing.patch

@@ -0,0 +1,20 @@
+--- a/munin-node.in
++++ b/munin-node.in
+@@ -72,7 +72,7 @@ RES=""
+ for PLUG in $PLUGINS
+ do 
+   if [ "$PLUG" = "if_" ]; then  
+-    for INTER in $(grep '^ *\(ppp\|eth\|wlan\|ath\|ra\|ipsec\|tap\|br-\)\([^:]\)\{1,\}:' /proc/net/dev | cut -f1 -d: | sed 's/ //g');
++    for INTER in $(grep -E '^ *(ppp|eth|wlan|ath|ra|ipsec|tap|br-)[^:]{1,}:' /proc/net/dev | cut -f1 -d: | sed 's/ //g');
+     do
+       INTERRES=$(echo $INTER | sed -e 's/\./VLAN/' -e 's/\-/_/')
+       RES="$RES if_$INTERRES"
+@@ -80,7 +80,7 @@ do
+       eval "config_if_${INTERRES}() { config_if $INTER $@; };"
+     done
+   elif [ "$PLUG" = "if_err_" ]; then
+-    for INTER in $(grep '^ *\(ppp\|eth\|wlan\|ath\|ra\|ipsec\|tap\|br-\)\([^:]\)\{1,\}:' /proc/net/dev | cut -f1 -d: | sed 's/ //g');
++    for INTER in $(grep -E '^ *(ppp|eth|wlan|ath|ra|ipsec|tap|br-)[^:]{1,}:' /proc/net/dev | cut -f1 -d: | sed 's/ //g');
+     do
+       INTERRES=$(echo $INTER | sed -e 's/\./VLAN/' -e 's/\-/_/')
+       RES="$RES if_err_$INTERRES"

admin/netatop/Makefile

@@ -1,86 +0,0 @@
-#
-# This is free software, licensed under the GNU General Public License v2.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=netatop
-PKG_RELEASE:=1
-PKG_VERSION:=3.1
-PKG_LICENSE:=GPL-2.0
-PKG_SOURCE_URL:=https://www.atoptool.nl/download/
-PKG_HASH:=736f43572c31a90748f023f0a5a814bff58d44c0c3f060d776cfd6e6e8435c62
-
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_MAINTAINER:=Toni Uhlig <matzeton@googlemail.com>
-
-include $(INCLUDE_DIR)/package.mk
-include $(INCLUDE_DIR)/kernel.mk
-
-define KernelPackage/netatop
-  URL:=https://www.atoptool.nl/
-  CATEGORY:=Kernel modules
-  SUBMENU:=Netfilter Extensions
-  TITLE:=netatop netfilter module
-  FILES:= \
-		$(PKG_BUILD_DIR)/module/netatop.$(LINUX_KMOD_SUFFIX)
-  AUTOLOAD:=$(call AutoProbe,netatop)
-endef
-
-define KernelPackage/netatop/description
-  The optional kernel module netatop can be loaded to gather statistics about
-  the TCP and UDP packets that have been transmitted/received per process and
-  per thread. As soon as atop discovers that this module is active, it shows
-  the columns SNET and RNET in the generic screen for the number of transmitted
-  and received packets per process. When the 'n' key is pressed, it shows
-  detailed counters about the number packets transmitted/received via TCP and
-  UDP, the average sizes of these packets, and the total bandwidth consumed
-  for input and output per process/thread.
-endef
-
-define Package/netatop
-  SECTION:=admin
-  CATEGORY:=Administration
-  TITLE:=network counter for atop
-  DEPENDS:=+zlib +kmod-netatop
-  URL:=https://www.atoptool.nl/
-endef
-
-define Package/netatop/description
-  The daemon netatopd is packaged with the netatop kernel module. This
-  daemon takes care that information is gathered about processes that are
-  finished. For every finished process that has transferred network packets,
-  a binary record is written to a dedicated logfile. The added records in the
-  logfile are read by atop with every sample to show information about the
-  network activity of finished processes as well.
-endef
-
-NETATOP_KMOD_MAKEOPTS= \
-	ARCH="$(LINUX_KARCH)" \
-	CROSS_COMPILE="$(TARGET_CROSS)" \
-	KERNDIR="$(LINUX_DIR)"
-NETATOP_DAEMON_MAKEOPTS= \
-	CC="$(TARGET_CC)" \
-	CFLAGS="$(TARGET_CFLAGS)" \
-	LDFLAGS="$(TARGET_LDFLAGS)"
-
-define Build/Compile/netatop
-	$(MAKE) -C $(PKG_BUILD_DIR)/module \
-		$(NETATOP_KMOD_MAKEOPTS) \
-		netatop.$(LINUX_KMOD_SUFFIX)
-	$(MAKE) -C $(PKG_BUILD_DIR)/daemon \
-		$(NETATOP_DAEMON_MAKEOPTS) \
-		all
-endef
-
-define Build/Compile
-	$(call Build/Compile/netatop)
-endef
-
-define Package/netatop/install
-	$(INSTALL_DIR) $(1)/usr/sbin/
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/daemon/netatopd $(1)/usr/sbin/
-endef
-
-$(eval $(call KernelPackage,netatop))
-$(eval $(call BuildPackage,netatop))

admin/netatop/patches/010-daemon-makefile-ldflags.patch

@@ -1,11 +0,0 @@
---- a/daemon/Makefile
-+++ b/daemon/Makefile
-@@ -6,7 +6,7 @@ THISDIR  = $(shell pwd)
- all:		netatopd
- 
- netatopd:	netatopd.o Makefile
--		$(CC) netatopd.o -o netatopd -lz
-+		$(CC) $(LDFLAGS) netatopd.o -o netatopd -lz
- 
- clean:
- 		rm -f *.o netatopd

admin/netatop/patches/100-fix-compilation-warning-fallthrough.patch

@@ -1,11 +0,0 @@
---- a/module/netatop.c
-+++ b/module/netatop.c
-@@ -1617,7 +1617,7 @@ getsockopt(struct sock *sk, int cmd, void __user *user, int *len)
- 
-  	   case NETATOP_GETCNT_TGID:
- 		tasktype = 'g';		
--		// fall through
-+		fallthrough;
-  	   case NETATOP_GETCNT_PID:
- 		if (*len < sizeof(pid_t))
- 			return -EINVAL;

admin/netdata/Makefile

@@ -8,67 +8,50 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=netdata
-PKG_VERSION:=1.33.1
-PKG_RELEASE:=4
-
-PKG_MAINTAINER:=Josef Schlehofer <pepe.schlehofer@gmail.com>, Daniel Engberg <daniel.engberg.lists@pyret.net>
-PKG_LICENSE:=GPL-3.0-or-later
+PKG_VERSION:=1.12.2
+PKG_RELEASE:=1
+PKG_MAINTAINER:=
+PKG_LICENSE:=GPL-3.0+
 PKG_LICENSE_FILES:=COPYING
-PKG_CPE_ID:=cpe:/a:my-netdata:netdata
 
 PKG_SOURCE:=$(PKG_NAME)-v$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://github.com/netdata/netdata/releases/download/v$(PKG_VERSION)
-PKG_HASH:=20ba8695d87187787b27128ac3aab9b09aa29ca6b508c48542e0f7d50ec9322b
-PKG_BUILD_DIR=$(BUILD_DIR)/$(PKG_NAME)-v$(PKG_VERSION)
+PKG_HASH:=f8cd689ec1ab262903b5a54c8df2fd0fe6e5e7b0ab4a2c60fde4e88f37aa72b5
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-v$(PKG_VERSION)
 
 PKG_INSTALL:=1
-PKG_BUILD_PARALLEL:=1
 PKG_FIXUP:=autoreconf
-PKG_BUILD_FLAGS:=no-mips16 gc-sections
+PKG_USE_MIPS16:=0
 
 include $(INCLUDE_DIR)/package.mk
 
 define Package/netdata
   SECTION:=admin
   CATEGORY:=Administration
-  DEPENDS:=+zlib +libuuid +libuv +libmnl +libjson-c
+  DEPENDS:=+zlib +libuuid +libmnl
   TITLE:=Real-time performance monitoring tool
-  URL:=https://www.netdata.cloud/
+  URL:=https://my-netdata.io/
 endef
 
 define Package/netdata/description
   netdata is a highly optimized Linux daemon providing real-time performance
   monitoring for Linux systems, applications and SNMP devices over the web.
 
-  If you want to use Python plugins install python3, python3-yaml and
-  python3-urllib3
+ If you want to use Python plugins install python3, python3-yaml and
+ python3-urllib3
 endef
 
-TARGET_CFLAGS := $(filter-out -O%,$(TARGET_CFLAGS)) -O3
+TARGET_CFLAGS := $(filter-out -O%,$(TARGET_CFLAGS))
+TARGET_CFLAGS += -ffunction-sections -fdata-sections -O3
+TARGET_LDFLAGS += -Wl,--gc-sections
 
 CONFIGURE_ARGS += \
 	--with-zlib \
 	--with-math \
 	--disable-x86-sse \
 	--enable-lto \
-	--disable-ebpf \
 	--without-libcap \
-	--disable-https \
-	--disable-dbengine \
-	--disable-compression \
-	--disable-plugin-nfacct \
-	--disable-plugin-freeipmi \
-	--disable-plugin-cups \
-	--disable-plugin-xenstat \
-	--disable-backend-prometheus-remote-write \
-	--disable-unit-tests \
-	--disable-ml \
-	--disable-cloud
-
-define Build/Configure
-	$(SED) 's/m4_esyscmd(\[git describe .*\])/$(PKG_VERSION)/' $(PKG_BUILD_DIR)/configure.ac
-	$(Build/Configure/Default)
-endef
+	--disable-plugin-nfacct
 
 define Package/netdata/conffiles
 /etc/netdata/
@@ -78,11 +61,13 @@ define Package/netdata/install
 	$(INSTALL_DIR) $(1)/etc/netdata/custom-plugins.d
 	$(CP) $(PKG_INSTALL_DIR)/etc/netdata $(1)/etc
 	$(CP) ./files/netdata.conf $(1)/etc/netdata
-	touch $(1)/etc/netdata/.opt-out-from-anonymous-statistics
 	$(INSTALL_DIR) $(1)/usr/lib
 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/netdata $(1)/usr/lib
 	$(CP) $(1)/usr/lib/netdata/conf.d/fping.conf $(1)/etc
 	$(CP) $(1)/usr/lib/netdata/conf.d/health_alarm_notify.conf $(1)/etc
+	rm -rf $(1)/usr/lib/netdata/python.d/python_modules/pyyaml2
+	rm -rf $(1)/usr/lib/netdata/python.d/python_modules/pyyaml3
+	rm -rf $(1)/usr/lib/netdata/python.d/python_modules/urllib3
 	$(CP) $(1)/usr/lib/netdata/plugins.d/tc-qos-helper.sh $(1)/etc
 	$(INSTALL_DIR) $(1)/usr/sbin
 	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/netdata $(1)/usr/sbin
@@ -95,7 +80,6 @@ define Package/netdata/install
 	rm $(1)/usr/share/netdata/web/images/*.png
 	rm $(1)/usr/share/netdata/web/images/*.gif
 	rm $(1)/usr/share/netdata/web/images/*.ico
-	rm -rf $(1)/usr/share/netdata/web/old
 	$(INSTALL_DIR) $(1)/etc/init.d
 	$(INSTALL_BIN) ./files/netdata.init $(1)/etc/init.d/netdata
 endef

admin/netdata/files/netdata.conf

@@ -27,6 +27,3 @@
 
 [health]
 	enabled = no
-
-[plugin:proc:ipc]
-	shared memory totals = no

admin/netdata/files/netdata.init

@@ -6,7 +6,7 @@ USE_PROCD=1
 APPBINARY=/usr/sbin/netdata
 CONFIGFILE=/etc/netdata/netdata.conf
 
-start_service() {
+	start_service() {
 	mkdir -m 0755 -p /var/cache/netdata
 	chown nobody /var/cache/netdata
 	mkdir -m 0755 -p /var/lib/netdata
@@ -14,8 +14,8 @@ start_service() {
 	mkdir -m 0755 -p /var/log/netdata
 	chown nobody /var/log/netdata
 	procd_open_instance
-	procd_set_param command $APPBINARY -D -c $CONFIGFILE
+	procd_set_param command $APPBINARY -nd -c $CONFIGFILE
 	procd_set_param file $CONFIGFILE
 	procd_set_param respawn
 	procd_close_instance
-}
+	}

admin/netdata/patches/002-extra-patch-web_gui_main.js.patch

@@ -1,15 +0,0 @@
---- a/web/gui/main.js
-+++ b/web/gui/main.js
-@@ -759,11 +759,7 @@ function renderMyNetdataMenu(machinesArr
-     if (!isSignedIn()) {
-         if (!NETDATA.registry.isRegistryEnabled()) {
-             html += (
--                `<div class="info-item" style="white-space: nowrap">
--                    <span>Please <a href="#" onclick="signInDidClick(event); return false">sign in to netdata.cloud</a> to view your nodes!</span>
--                    <div></div>
--                </div>
--                <hr />`
-+                ``
-             );
-         }
-     }

admin/netdata/patches/002-force-python3.patch

@@ -0,0 +1,10 @@
+--- a/collectors/python.d.plugin/python.d.plugin.in
++++ b/collectors/python.d.plugin/python.d.plugin.in
+@@ -1,6 +1,4 @@
+-#!/usr/bin/env bash
+-'''':; exec "$(command -v python || command -v python3 || command -v python2 ||
+-echo "ERROR python IS NOT AVAILABLE IN THIS SYSTEM")" "$0" "$@" # '''
++#!/usr/bin/python3
+ 
+ # -*- coding: utf-8 -*-
+ # Description:

admin/netdata/patches/003-patch-collectors_python.d.plugin_Makefile.am.patch

@@ -1,112 +0,0 @@
---- a/collectors/python.d.plugin/Makefile.am
-+++ b/collectors/python.d.plugin/Makefile.am
-@@ -147,109 +147,3 @@ dist_third_party_DATA = \
-     python_modules/third_party/monotonic.py \
-     python_modules/third_party/filelock.py \
-     $(NULL)
--
--pythonyaml2dir=$(pythonmodulesdir)/pyyaml2
--dist_pythonyaml2_DATA = \
--    python_modules/pyyaml2/__init__.py \
--    python_modules/pyyaml2/composer.py \
--    python_modules/pyyaml2/constructor.py \
--    python_modules/pyyaml2/cyaml.py \
--    python_modules/pyyaml2/dumper.py \
--    python_modules/pyyaml2/emitter.py \
--    python_modules/pyyaml2/error.py \
--    python_modules/pyyaml2/events.py \
--    python_modules/pyyaml2/loader.py \
--    python_modules/pyyaml2/nodes.py \
--    python_modules/pyyaml2/parser.py \
--    python_modules/pyyaml2/reader.py \
--    python_modules/pyyaml2/representer.py \
--    python_modules/pyyaml2/resolver.py \
--    python_modules/pyyaml2/scanner.py \
--    python_modules/pyyaml2/serializer.py \
--    python_modules/pyyaml2/tokens.py \
--    $(NULL)
--
--pythonyaml3dir=$(pythonmodulesdir)/pyyaml3
--dist_pythonyaml3_DATA = \
--    python_modules/pyyaml3/__init__.py \
--    python_modules/pyyaml3/composer.py \
--    python_modules/pyyaml3/constructor.py \
--    python_modules/pyyaml3/cyaml.py \
--    python_modules/pyyaml3/dumper.py \
--    python_modules/pyyaml3/emitter.py \
--    python_modules/pyyaml3/error.py \
--    python_modules/pyyaml3/events.py \
--    python_modules/pyyaml3/loader.py \
--    python_modules/pyyaml3/nodes.py \
--    python_modules/pyyaml3/parser.py \
--    python_modules/pyyaml3/reader.py \
--    python_modules/pyyaml3/representer.py \
--    python_modules/pyyaml3/resolver.py \
--    python_modules/pyyaml3/scanner.py \
--    python_modules/pyyaml3/serializer.py \
--    python_modules/pyyaml3/tokens.py \
--    $(NULL)
--
--python_urllib3dir=$(pythonmodulesdir)/urllib3
--dist_python_urllib3_DATA = \
--    python_modules/urllib3/__init__.py \
--    python_modules/urllib3/_collections.py \
--    python_modules/urllib3/connection.py \
--    python_modules/urllib3/connectionpool.py \
--    python_modules/urllib3/exceptions.py \
--    python_modules/urllib3/fields.py \
--    python_modules/urllib3/filepost.py \
--    python_modules/urllib3/response.py \
--    python_modules/urllib3/poolmanager.py \
--    python_modules/urllib3/request.py \
--    $(NULL)
--
--python_urllib3_utildir=$(python_urllib3dir)/util
--dist_python_urllib3_util_DATA = \
--    python_modules/urllib3/util/__init__.py \
--    python_modules/urllib3/util/connection.py \
--    python_modules/urllib3/util/request.py \
--    python_modules/urllib3/util/response.py \
--    python_modules/urllib3/util/retry.py \
--    python_modules/urllib3/util/selectors.py \
--    python_modules/urllib3/util/ssl_.py \
--    python_modules/urllib3/util/timeout.py \
--    python_modules/urllib3/util/url.py \
--    python_modules/urllib3/util/wait.py \
--    $(NULL)
--
--python_urllib3_packagesdir=$(python_urllib3dir)/packages
--dist_python_urllib3_packages_DATA = \
--    python_modules/urllib3/packages/__init__.py \
--    python_modules/urllib3/packages/ordered_dict.py \
--    python_modules/urllib3/packages/six.py \
--    $(NULL)
--
--python_urllib3_backportsdir=$(python_urllib3_packagesdir)/backports
--dist_python_urllib3_backports_DATA = \
--    python_modules/urllib3/packages/backports/__init__.py \
--    python_modules/urllib3/packages/backports/makefile.py \
--    $(NULL)
--
--python_urllib3_ssl_match_hostnamedir=$(python_urllib3_packagesdir)/ssl_match_hostname
--dist_python_urllib3_ssl_match_hostname_DATA = \
--    python_modules/urllib3/packages/ssl_match_hostname/__init__.py \
--    python_modules/urllib3/packages/ssl_match_hostname/_implementation.py \
--    $(NULL)
--
--python_urllib3_contribdir=$(python_urllib3dir)/contrib
--dist_python_urllib3_contrib_DATA = \
--    python_modules/urllib3/contrib/__init__.py \
--    python_modules/urllib3/contrib/appengine.py \
--    python_modules/urllib3/contrib/ntlmpool.py \
--    python_modules/urllib3/contrib/pyopenssl.py \
--    python_modules/urllib3/contrib/securetransport.py \
--    python_modules/urllib3/contrib/socks.py \
--    $(NULL)
--
--python_urllib3_securetransportdir=$(python_urllib3_contribdir)/_securetransport
--dist_python_urllib3_securetransport_DATA = \
--    python_modules/urllib3/contrib/_securetransport/__init__.py \
--    python_modules/urllib3/contrib/_securetransport/bindings.py \
--    python_modules/urllib3/contrib/_securetransport/low_level.py \
--    $(NULL)

admin/netdata/patches/004-patch-collectors_python.d.plugin_python__modules_bases_loaders.py.patch

@@ -1,14 +0,0 @@
---- a/collectors/python.d.plugin/python_modules/bases/loaders.py
-+++ b/collectors/python.d.plugin/python_modules/bases/loaders.py
-@@ -10,9 +10,9 @@ PY_VERSION = version_info[:2]
- 
- try:
-     if PY_VERSION > (3, 1):
--        from pyyaml3 import SafeLoader as YamlSafeLoader
-+        from yaml import SafeLoader as YamlSafeLoader
-     else:
--        from pyyaml2 import SafeLoader as YamlSafeLoader
-+        from yaml import SafeLoader as YamlSafeLoader
- except ImportError:
-     from yaml import SafeLoader as YamlSafeLoader
- 

admin/netdata/test.sh

@@ -1,3 +0,0 @@
-#!/bin/sh
-
-netdata -version 2>&1 | grep "$2"

admin/nload/Makefile

@@ -1,40 +0,0 @@
-# SPDX-Identifier-License: GPL-2.0-only
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=nload
-PKG_VERSION:=0.7.4
-PKG_RELEASE:=1
-
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://codeload.github.com/rolandriegel/nload/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=a73b3a75356776860fc4c40daebce04c5022f73d39704a12fb0aeb88a751216a
-
-PKG_MAINTAINER:=Jacky Guo <leickwell@hotmail.com>
-PKG_LICENSE:=GPL-2.0-only
-PKG_LICENSE_FILES:=COPYING
-
-PKG_FIXUP:=autoreconf
-PKG_BUILD_PARALLEL:=1
-PKG_INSTALL:=1
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/nload
-  SECTION:=admin
-  CATEGORY:=Administration
-  TITLE:=A network traffic monitor
-  DEPENDS:=+libncurses +libstdcpp
-  URL:=https://github.com/rolandriegel/nload
-endef
-
-define Package/nload/description
-  Monitors network traffic and bandwidth usage.
-endef
-
-define Package/nload/install
-	$(INSTALL_DIR) $(1)/usr/bin
-	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/nload $(1)/usr/bin/
-endef
-
-$(eval $(call BuildPackage,nload))

admin/nload/test.sh

@@ -1,3 +0,0 @@
-#!/bin/sh
-
-nload -h | grep "$PKG_VERSION"

admin/nyx/Makefile

@@ -1,34 +0,0 @@
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=nyx
-PKG_VERSION:=2.1.0
-PKG_RELEASE:=3
-
-PYPI_NAME:=nyx
-PKG_HASH:=88521488d1c9052e457b9e66498a4acfaaa3adf3adc5a199892632f129a5390b
-
-PKG_MAINTAINER:=Javier Marcet <javier@marcet.info>
-PKG_LICENSE:=GPL-3.0-only
-PKG_LICENSE_FILES:=LICENSE
-
-include ../../lang/python/pypi.mk
-include $(INCLUDE_DIR)/package.mk
-include ../../lang/python/python3-package.mk
-
-define Package/nyx
-  SECTION:=admin
-  CATEGORY:=Administration
-  URL:=https://nyx.torproject.org/
-  TITLE:=Terminal status monitor for Tor
-  DEPENDS:=+python3 +python3-stem
-endef
-
-define Package/nyx/description
-  Nyx is a command-line monitor for Tor. With this you can get detailed real-time
-  information about your relay such as bandwidth usage, connections, logs, and
-  much more.
-endef
-
-$(eval $(call Py3Package,nyx))
-$(eval $(call BuildPackage,nyx))
-$(eval $(call BuildPackage,nyx-src))

admin/nyx/patches/01-python311.patch

@@ -1,32 +0,0 @@
-From dcaddf2ab7f9d2ef8649f98bb6870995ebe0b893 Mon Sep 17 00:00:00 2001
-From: Juan Orti Alcaine <jortialc@redhat.com>
-Date: Mon, 27 Jun 2022 19:38:34 +0200
-Subject: [PATCH] Replace inspect.getargspec usage to support python 3.11
-
----
- nyx/panel/__init__.py | 2 +-
- test/__init__.py      | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
---- a/nyx/panel/__init__.py
-+++ b/nyx/panel/__init__.py
-@@ -78,7 +78,7 @@ class KeyHandler(collections.namedtuple(
-       is_match = self._key_func(key) if self._key_func else key.match(self.key)
- 
-       if is_match:
--        if inspect.getargspec(self._action).args == ['key']:
-+        if inspect.getfullargspec(self._action).args == ['key']:
-           self._action(key)
-         else:
-           self._action()
---- a/test/__init__.py
-+++ b/test/__init__.py
-@@ -94,7 +94,7 @@ def render(func, *args, **kwargs):
-     nyx.curses.CURSES_SCREEN.erase()
-     start_time = time.time()
- 
--    func_args = inspect.getargspec(func).args
-+    func_args = inspect.getfullargspec(func).args
- 
-     if func_args[:1] == ['subwindow'] or func_args[:2] == ['self', 'subwindow']:
-       def _draw(subwindow):

admin/openwisp-config/Makefile

@@ -1,45 +1,63 @@
-# SPDX-Identifier-License: GPL-3.0-only
-#
 # openwisp.org
-
+#
+# This is free software, licensed under the GNU General Public License v3.
+# See /LICENSE for more information.
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openwisp-config
+PKG_VERSION:=0.4.5
 PKG_RELEASE:=2
 
-PKG_MAINTAINER:=Federico Capoano <f.capoano@openwisp.io>
-PKG_LICENSE:=GPL-3.0-or-later
-
-PKG_SOURCE_URL:=https://github.com/openwisp/openwisp-config.git
-PKG_MIRROR_HASH:=7daa10a9d170e665f33a5555a246b4da2223c2d8d0e8a047edb01701c8886986
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=1.0.1
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
+PKG_SOURCE_URL:=https://github.com/openwisp/openwisp-config.git
+PKG_SOURCE_VERSION:=0.4.5
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_SOURCE_VERSION)
+PKG_MIRROR_HASH:=017a8ed35ebfda2805426e7da02559d5cc2845ee9ded60fdae8e848d377424fb
+PKG_LICENSE:=GPL-3.0
+PKGARCH:=all
 
 include $(INCLUDE_DIR)/package.mk
 
-define Package/openwisp-config
-  TITLE:=Remote configuration management agent
-  CATEGORY:=Administration
-  SECTION:=admin
-  SUBMENU:=openwisp
-  DEPENDS:=+curl \
-    +lua \
-    +libuci-lua \
-    +luafilesystem \
-    +luci-lib-nixio \
-    +ca-certificates
-  PKGARCH:=all
-  URL:=https://openwisp.org
+define Package/openwisp-config/default
+	TITLE:=Remote configuration management agent ($(2) variant)
+	CATEGORY:=Administration
+	SECTION:=admin
+	SUBMENU:=openwisp
+	DEPENDS:=+curl +lua +libuci-lua +luafilesystem $(3)
+	VARIANT:=$(1)
+	MAINTAINER:=Federico Capoano <f.capoano@cineca.it>
+	URL:=http://openwisp.org
 endef
 
+Package/openwisp-config-openssl=$(call Package/openwisp-config/default,openssl,OpenSSL,+ca-certificates +libopenssl)
+Package/openwisp-config-mbedtls=$(call Package/openwisp-config/default,mbedtls,mbedTLS,+ca-certificates +libmbedtls)
+Package/openwisp-config-cyassl=$(call Package/openwisp-config/default,cyassl,CyaSSL,+ca-certificates +libcyassl)
+Package/openwisp-config-nossl=$(call Package/openwisp-config/default,nossl,No SSL)
+
 define Build/Compile
 endef
 
-define Package/openwisp-config/conffiles
+define Package/openwisp-config-$(BUILD_VARIANT)/conffiles
 /etc/config/openwisp
 endef
 
-define Package/openwisp-config/install
+ifeq ($(BUILD_VARIANT),openssl)
+CONFIG_OPENWISP_UCI:=ssl
+endif
+ifeq ($(BUILD_VARIANT),mbedtls)
+CONFIG_OPENWISP_UCI:=ssl
+endif
+ifeq ($(BUILD_VARIANT),cyassl)
+CONFIG_OPENWISP_UCI:=ssl
+endif
+ifeq ($(BUILD_VARIANT),nossl)
+CONFIG_OPENWISP_UCI:=nossl
+endif
+
+
+define Package/openwisp-config-$(BUILD_VARIANT)/install
 	$(INSTALL_DIR) \
 		$(1)/usr/sbin \
 		$(1)/etc/init.d \
@@ -55,7 +73,7 @@ define Package/openwisp-config/install
 		$(PKG_BUILD_DIR)/openwisp-config/files/openwisp.init \
 		$(1)/etc/init.d/openwisp_config
 
-	$(INSTALL_CONF) $(PKG_BUILD_DIR)/openwisp-config/files/openwisp.config \
+	$(INSTALL_CONF) $(PKG_BUILD_DIR)/openwisp-config/files/openwisp-$(CONFIG_OPENWISP_UCI).config \
 		$(1)/etc/config/openwisp
 
 	$(INSTALL_BIN) \
@@ -66,10 +84,6 @@ define Package/openwisp-config/install
 		$(PKG_BUILD_DIR)/openwisp-config/files/lib/openwisp/utils.lua \
 		$(1)/usr/lib/lua/openwisp/utils.lua
 
-	$(INSTALL_BIN) \
-		$(PKG_BUILD_DIR)/openwisp-config/files/lib/openwisp/net.lua \
-		$(1)/usr/lib/lua/openwisp/net.lua
-
 	$(INSTALL_BIN) \
 		$(PKG_BUILD_DIR)/openwisp-config/files/sbin/openwisp-store-unmanaged.lua \
 		$(1)/usr/sbin/openwisp-store-unmanaged
@@ -90,11 +104,10 @@ define Package/openwisp-config/install
 		$(PKG_BUILD_DIR)/openwisp-config/files/sbin/openwisp-update-config.lua \
 		$(1)/usr/sbin/openwisp-update-config
 
-	$(INSTALL_BIN) \
-		$(PKG_BUILD_DIR)/openwisp-config/files/sbin/openwisp-get-address.lua \
-		$(1)/usr/sbin/openwisp-get-address
-
 	$(CP) $(PKG_BUILD_DIR)/VERSION $(1)/etc/openwisp/
 endef
 
-$(eval $(call BuildPackage,openwisp-config))
+$(eval $(call BuildPackage,openwisp-config-openssl))
+$(eval $(call BuildPackage,openwisp-config-mbedtls))
+$(eval $(call BuildPackage,openwisp-config-cyassl))
+$(eval $(call BuildPackage,openwisp-config-nossl))

admin/openwisp-monitoring/Makefile

@@ -1,116 +0,0 @@
-# SPDX-Identifier-License: GPL-3.0-only
-#
-# openwisp.org
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=openwisp-monitoring
-PKG_RELEASE:=2
-
-PKG_MAINTAINER:=Federico Capoano <support@openwisp.io>
-PKG_LICENSE:=GPL-3.0-or-later
-PKG_LICENSE_FILES:=LICENSE
-
-PKG_SOURCE_URL:=https://github.com/openwisp/openwrt-openwisp-monitoring.git
-PKG_MIRROR_HASH:=ce2ed94d24f68c58320ca700a088471368e1097754be23ad6053842cf0aaa97e
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=0.1.1
-PKGARCH:=all
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/openwisp-monitoring
-  TITLE:=OpenWISP Monitoring agent
-  CATEGORY:=Administration
-  SECTION:=admin
-  SUBMENU:=openwisp
-  DEPENDS:=+netjson-monitoring +openwisp-config
-  URL:=http://openwisp.org
-endef
-
-define Package/netjson-monitoring
-  TITLE:=NetJson Monitoring
-  CATEGORY:=Administration
-  SECTION:=admin
-  SUBMENU:=openwisp
-  DEPENDS:=+libubus-lua +lua-cjson +rpcd +rpcd-mod-iwinfo
-  URL:=http://openwisp.org
-endef
-
-define Build/Compile
-endef
-
-define Package/openwisp-monitoring/conffiles
-/etc/config/openwisp-monitoring
-endef
-
-define Package/netjson-monitoring/install
-	$(INSTALL_DIR) \
-		$(1)/usr/sbin \
-		$(1)/usr/libexec \
-		$(1)/usr/lib/lua/openwisp-monitoring \
-		$(1)/etc/openwisp-monitoring
-
-	$(INSTALL_BIN) \
-		$(PKG_BUILD_DIR)/openwisp-monitoring/files/sbin/netjson-monitoring.lua \
-		$(1)/usr/libexec/netjson-monitoring
-
-	$(INSTALL_BIN) \
-		$(PKG_BUILD_DIR)/openwisp-monitoring/files/netjson-monitoring \
-		$(1)/usr/sbin/netjson-monitoring
-
-	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/openwisp-monitoring/files/lib/openwisp-monitoring/dhcp.lua \
-		$(1)/usr/lib/lua/openwisp-monitoring/dhcp.lua
-
-	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/openwisp-monitoring/files/lib/openwisp-monitoring/interfaces.lua \
-		$(1)/usr/lib/lua/openwisp-monitoring/interfaces.lua
-
-	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/openwisp-monitoring/files/lib/openwisp-monitoring/monitoring.lua \
-		$(1)/usr/lib/lua/openwisp-monitoring/monitoring.lua
-
-	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/openwisp-monitoring/files/lib/openwisp-monitoring/utils.lua \
-		$(1)/usr/lib/lua/openwisp-monitoring/utils.lua
-
-	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/openwisp-monitoring/files/lib/openwisp-monitoring/neighbors.lua \
-		$(1)/usr/lib/lua/openwisp-monitoring/neighbors.lua
-
-	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/openwisp-monitoring/files/lib/openwisp-monitoring/resources.lua \
-		$(1)/usr/lib/lua/openwisp-monitoring/resources.lua
-
-	$(INSTALL_DATA) \
-		$(PKG_BUILD_DIR)/openwisp-monitoring/files/lib/openwisp-monitoring/wifi.lua \
-		$(1)/usr/lib/lua/openwisp-monitoring/wifi.lua
-
-	$(CP) $(PKG_BUILD_DIR)/VERSION $(1)/etc/openwisp-monitoring/
-
-endef
-
-define Package/openwisp-monitoring/install
-	$(INSTALL_DIR) \
-		$(1)/usr/sbin \
-		$(1)/etc/init.d \
-		$(1)/etc/config \
-		$(1)/etc/openwisp-monitoring
-
-	$(INSTALL_BIN) \
-		$(PKG_BUILD_DIR)/openwisp-monitoring/files/monitoring.agent \
-		$(1)/usr/sbin/openwisp-monitoring
-
-	$(INSTALL_BIN) \
-		$(PKG_BUILD_DIR)/openwisp-monitoring/files/monitoring.init \
-		$(1)/etc/init.d/openwisp-monitoring
-
-	$(INSTALL_CONF) \
-		$(PKG_BUILD_DIR)/openwisp-monitoring/files/monitoring.config \
-		$(1)/etc/config/openwisp-monitoring
-
-endef
-
-$(eval $(call BuildPackage,openwisp-monitoring))
-$(eval $(call BuildPackage,netjson-monitoring))

admin/rsyslog/Config.in

@@ -1,62 +0,0 @@
-if PACKAGE_rsyslog
-	config RSYSLOG_gssapi_krb5
-		bool "Enable GSSAPI Kerberos 5 support"
-		default n
-		help
-		  Enable GSSAPI Kerberos 5 support in rsyslog
-	config RSYSLOG_mysql
-		bool "Enable MySQL support"
-		default n
-		help
-		  Enable MySQL support in rsyslog
-	config RSYSLOG_pgsql
-		bool "Enable PostgreSQL support"
-		default n
-		help
-		  Enable PostgreSQL support in rsyslog
-	config RSYSLOG_libdbi
-		bool "Enable libdbi support"
-		default n
-		help
-		  Enable libdbi support in rsyslog
-	config RSYSLOG_elasticsearch
-		bool "Enable ElasticSearch module support"
-		default n
-		help
-		  Enable ElasticSearch output module in rsyslog
-	config RSYSLOG_omhttp
-		bool "Enable HTTP output module support"
-		default n
-		help
-		  Enable HTTP output module in rsyslog
-	config RSYSLOG_openssl
-		bool "Enable OpenSSL support"
-		default n
-		help
-		  Enable OpenSSL support in rsyslog
-	config RSYSLOG_gnutls
-		bool "Enable GnuTLS support"
-		default n
-		help
-		  Enable GnuTLS support in rsyslog
-	config RSYSLOG_mail
-		bool "Enable Mail support"
-		default n
-		help
-		  Enable mail support in rsyslog
-	config RSYSLOG_mmjsonparse
-		bool "Enable JSON parsing module support"
-		default n
-		help
-		  Enable JSON parsing support in rsyslog
-	config RSYSLOG_mmdblookup
-		bool "Enable MaxMind DB lookup helper support"
-		default n
-		help
-		  Enable MaxMind DB lookup helper support in rsyslog
-	config RSYSLOG_imfile
-		bool "Enable file input module support"
-		default n
-		help
-		  Enable input file module in rsyslog
-endif

admin/rsyslog/Makefile

@@ -1,83 +0,0 @@
-#
-# Copyright (C) 2006-2014 OpenWrt.org
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=rsyslog
-PKG_VERSION:=8.2110.0
-PKG_RELEASE:=1
-
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:= \
-	https://fossies.org/linux/misc \
-	https://www.rsyslog.com/files/download/rsyslog
-PKG_HASH:=3f904ec137ca6412e8273f7896d962ecb589f7d0c589bdf16b1709ec27e24f31
-
-PKG_MAINTAINER:=
-PKG_LICENSE:=GPL-3.0-or-later
-PKG_LICENSE_FILES:=COPYING
-PKG_CPE_ID:=cpe:/a:rsyslog:rsyslog
-
-PKG_INSTALL:=1
-PKG_BUILD_PARALLEL:=1
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/rsyslog
-  SECTION:=admin
-  CATEGORY:=Administration
-  TITLE:=Enhanced system logging and kernel message trapping daemons
-  URL:=https://www.rsyslog.com/
-  DEPENDS:= \
-	+RSYSLOG_gssapi_krb5:krb5-libs +RSYSLOG_elasticsearch:libcurl \
-	+RSYSLOG_libdbi:libdbi +libestr +libfastjson +RSYSLOG_gnutls:libgnutls \
-	+RSYSLOG_mmdblookup:libmaxminddb +RSYSLOG_mysql:libmysqlclient \
-	+RSYSLOG_omhttp:libcurl +RSYSLOG_openssl:libopenssl \
-	+RSYSLOG_pgsql:libpq +libuuid +zlib
-  MENU:=1
-endef
-
-define Package/rsyslog/conffiles
-/etc/rsyslog.conf
-endef
-
-CONFIGURE_ARGS+= \
-	--disable-libgcrypt \
-	--disable-fmhttp \
-	--disable-default-tests \
-	--disable-libsystemd \
-	$(if $(CONFIG_RSYSLOG_gssapi_krb5),--enable-gssapi-krb5) \
-	$(if $(CONFIG_RSYSLOG_mysql),--enable-mysql) \
-	$(if $(CONFIG_RSYSLOG_pgsql),--enable-pgsql) \
-	$(if $(CONFIG_RSYSLOG_libdbi),--enable-libdbi) \
-	$(if $(CONFIG_RSYSLOG_elasticsearch),--enable-elasticsearch) \
-	$(if $(CONFIG_RSYSLOG_omhttp),--enable-omhttp) \
-	$(if $(CONFIG_RSYSLOG_openssl),--enable-openssl) \
-	$(if $(CONFIG_RSYSLOG_gnutls),--enable-gnutls) \
-	$(if $(CONFIG_RSYSLOG_mail),--enable-mail) \
-	$(if $(CONFIG_RSYSLOG_mmjsonparse),--enable-mmjsonparse) \
-	$(if $(CONFIG_RSYSLOG_mmdblookup),--enable-mmdblookup) \
-	$(if $(CONFIG_RSYSLOG_imfile),--enable-imfile)
-
-define Package/rsyslog/install
-	$(INSTALL_DIR) $(1)/usr/sbin
-	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/rsyslogd $(1)/usr/sbin/
-	$(INSTALL_DIR) $(1)/usr/lib/rsyslog
-	$(CP) $(PKG_INSTALL_DIR)/usr/lib/rsyslog/* $(1)/usr/lib/rsyslog/
-	$(INSTALL_DIR) $(1)/etc
-	$(INSTALL_CONF) ./files/rsyslog.conf $(1)/etc
-	$(INSTALL_DIR) $(1)/etc/init.d
-	$(INSTALL_BIN) ./files/rsyslog.init $(1)/etc/init.d/rsyslog
-	$(INSTALL_DIR) $(1)/etc/uci-defaults
-	$(INSTALL_CONF) ./files/20_rsyslog $(1)/etc/uci-defaults
-endef
-
-define Package/rsyslog/config
-  source "$(SOURCE)/Config.in"
-endef
-
-$(eval $(call BuildPackage,rsyslog))

admin/rsyslog/files/20_rsyslog

@@ -1,35 +0,0 @@
-#!/bin/sh
-
-grep -qv -e '^\s*#' -e '^\s*$' /etc/rsyslog.conf 2>/dev/null && exit 0
-[ "$(uci -q get rsyslog.syslog)" == "syslog" ] && exit 0
-
-uci -q import rsyslog << EOI
-config syslog 'syslog'
-	option tcp_input_port '514'
-	option udp_input '1'
-	option tcp_input '0'
-	option udp_input_port '514'
-	option default_template 'RSYSLOG_TraditionalFileFormat'
-	list modules 'imuxsock'
-	list modules 'imklog'
-
-config selector
-	option source '*.info;mail.none;authpriv.none;cron.none'
-	option destination '/var/log/messages'
-
-config selector
-	option source 'authpriv.*'
-	option destination '/var/log/secure'
-
-config selector
-	option source 'mail.*'
-	option destination '/var/log/maillog'
-
-config selector
-	option source 'cron.*'
-	option destination '/var/log/cron'
-
-config selector
-	option source 'local7.*'
-	option destination '/var/log/boot.log'
-EOI

admin/rsyslog/files/rsyslog.conf

@@ -1,18 +0,0 @@
-#
-# The preferred way to configure rsyslogd is now UCI.
-#
-# This file can be still used and will be included
-# on top of the final configuration inside /var/etc/rsyslog.conf
-#
-# Example of default configuration:
-#
-# module(load="imuxsock")
-# module(load="imklog")
-# module(load="imudp")
-# input(type="imudp" port="514")
-# $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
-# *.info;mail.none;authpriv.none;cron.none  /var/log/messages
-# authpriv.*                                /var/log/secure
-# mail.*                                    /var/log/maillog
-# cron.*                                    /var/log/cron
-# local7.*                                  /var/log/boot.log

admin/rsyslog/files/rsyslog.init

@@ -1,114 +0,0 @@
-#!/bin/sh /etc/rc.common
-# Copyright (C) 2014 OpenWrt.org
-
-# shellcheck disable=SC3043
-# shellcheck disable=SC2034
-# shellcheck disable=SC3037
-# shellcheck disable=SC2154
-# shellcheck disable=SC2129
-
-START=20
-
-USE_PROCD=1
-
-UCI_CONF="rsyslog"
-CONFIG_FILE="/var/etc/rsyslog.conf"
-BASE_CONFIG_FILE="/etc/rsyslog.conf"
-
-modules=""
-selectors=""
-forwarders=""
-
-handle_selector() {
-	local config="$1"
-	local src
-	local dst
-
-	config_get src "${config}" source
-	config_get dst "${config}" destination
-	if [ "${src}" != "" ] && [ "$dst" != "" ]; then
-		selectors="${selectors}\n${src}\t${dst}\n"
-	fi
-}
-
-handle_forwarder() {
-	local config="$1"
-	local src
-	local target
-	local protocol
-	local port
-	local rfc
-	local opts
-
-	config_get src "${config}" source
-	config_get target "${config}" target
-	config_get protocol "${config}" protocol "udp"
-	config_get port "${config}" port "514"
-	config_get rfc "${config}" rfc "3164"
-
-	if [ "$rfc" = "5424" ]; then
-		opts='Template="RSYSLOG_SyslogProtocol23Format" TCP_Framing="octet-counted"'
-	fi
-
-	if [ "${src}" != "" ] && [ "${target}" != "" ]; then
-		action="action(type=\"omfwd\" target=\"$target\" port=\"$port\" protocol=\"$protocol\" $opts action.resumeRetryCount=\"100\" queue.type=\"linkedList\" queue.size=\"10000\")"
-	   forwarders="${forwarders}\n${src}\t${action}\n"
-	fi
-}
-
-
-expand_config() {
-	local input_t=""
-	local input_u=""
-
-	config_load "${UCI_CONF}"
-	config_list_foreach syslog modules handle_module
-	config_get_bool tcp_input syslog tcp_input
-	if [ "${tcp_input}" -eq 1 ]; then
-		modules="${modules} imtcp"
-		config_get tcp_port syslog tcp_input_port
-		input_t="input(type=\"imtcp\" port=\"${tcp_port}\")"
-	fi
-
-	config_get_bool udp_input syslog udp_input
-	if [ "${udp_input}" -eq 1 ]; then
-		modules="${modules} imudp"
-		config_get udp_port syslog udp_input_port
-		input_u="input(type=\"imudp\" port=\"${udp_port}\")"
-
-	fi
-	config_get template syslog default_template
-	config_foreach handle_selector selector
-	config_foreach handle_forwarder forwarder
-
-	mkdir -p "$(dirname ${CONFIG_FILE})"
-	# shellcheck disable=SC2188
-	> ${CONFIG_FILE}
-	echo "include(file=\"${BASE_CONFIG_FILE}\" mode=\"optional\")" >> ${CONFIG_FILE}
-	for m in ${modules}; do
-		echo "module(load=\"${m}\")" >> ${CONFIG_FILE}
-	done
-	echo "${input_t}" >> ${CONFIG_FILE}
-	echo "${input_u}" >> ${CONFIG_FILE}
-	echo "\$ActionFileDefaultTemplate ${template}" >> ${CONFIG_FILE}
-	echo -e "${selectors}" >> ${CONFIG_FILE}
-	echo -e "${forwarders}" >> ${CONFIG_FILE}
-}
-
-handle_module() {
-	local module="$1"
-	modules="${modules} $module"
-}
-
-start_service() {
-	expand_config
-	procd_open_instance
-	procd_set_param command /usr/sbin/rsyslogd -f ${CONFIG_FILE} -n
-	procd_close_instance
-}
-
-
-service_triggers()
-{
-	procd_add_reload_trigger ${UCI_CONF}
-}

admin/schroot/Config.in

@@ -1,23 +0,0 @@
-menu "Configuration"
-
-config SCHROOT_BTRFS
-	bool "Enable support for btrfs snapshots"
-	select PACKAGE_btrfs-progs
-	default n
-
-config SCHROOT_LOOPBACK
-	bool "Enable support for loopback mounts"
-	select PACKAGE_losetup
-	default n
-
-config SCHROOT_LVM
-	bool "Enable support for LVM snapshots"
-	select PACKAGE_lvm2
-	default n
-
-config SCHROOT_UUID
-	bool "Enable support for UUIDs"
-	select PACKAGE_libuuid
-	default n
-
-endmenu

admin/schroot/Makefile

@@ -1,87 +0,0 @@
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=reschroot
-PKG_VERSION:=1.6.13
-PKG_RELEASE:=1
-
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://codeberg.org/shelter/reschroot/archive/release
-PKG_HASH:=c05d6a1bb0210d401e6522eee2c465e0b43c6c98f7101d671f9e9ef88b3accf5
-
-PKG_MAINTAINER:=Javier Marcet <javier@marcet.info>
-PKG_LICENSE:=GPL-3.0-only
-PKG_LICENSE_FILES:=COPYING
-
-CMAKE_INSTALL:=1
-
-CMAKE_BINARY_SUBDIR:=build
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)/$(PKG_NAME)
-
-include $(INCLUDE_DIR)/package.mk
-include $(INCLUDE_DIR)/cmake.mk
-include $(INCLUDE_DIR)/nls.mk
-
-define Package/schroot
-  SECTION:=admin
-  CATEGORY:=Administration
-  TITLE:=Securely enter a chroot and run a command or login shell.
-  DEPENDS:=$(ICONV_DEPENDS) \
-	+boost +boost-filesystem +boost-iostreams +boost-program_options +boost-regex \
-	+SCHROOT_BTRFS:btrfs-progs \
-	+SCHROOT_LOOPBACK:losetup \
-	+SCHROOT_LVM:lvm2 \
-	+SCHROOT_UUID:libuuid \
-	$(INTL_DEPENDS)
-  URL:=https://codeberg.org/shelter/reschroot
-endef
-
-define Package/schroot/description
-  Securely enter a chroot and run a command or login shell.
-endef
-
-define Package/schroot/conffiles
-/etc/schroot/
-endef
-
-define Package/schroot/config
-	source "$(SOURCE)/Config.in"
-endef
-
-PKG_CONFIG_DEPENDS := \
-	CONFIG_SCHROOT_BTRFS \
-	CONFIG_SCHROOT_LOOPBACK \
-	CONFIG_SCHROOT_LVM \
-	CONFIG_SCHROOT_UUID
-
-CMAKE_OPTIONS += \
-	-Dbtrfs-snapshot=$(if $(CONFIG_SCHROOT_BTRFS),ON,OFF) \
-	-Dloopback=$(if $(CONFIG_SCHROOT_LOOPBACK),ON,OFF) \
-	-Dlvm-snapshot=$(if $(CONFIG_SCHROOT_LVM),ON,OFF) \
-	-Duuid=$(if $(CONFIG_SCHROOT_UUID),ON,OFF) \
-	-Dblock-device=ON \
-	-Dunion=ON \
-	-Ddhcroot=OFF \
-	-Ddchroot-dsa=OFF \
-	-Ddebug=OFF \
-	-Ddoxygen=OFF \
-	-Dpam=OFF \
-	-Dtest=OFF \
-	-Duuid=OFF \
-	-Dzfs-snapshot=OFF
-
-define Package/schroot/install
-	$(INSTALL_DIR) $(1)/usr/bin
-	$(INSTALL_SUID) $(PKG_INSTALL_DIR)/usr/bin/schroot $(1)/usr/bin/
-	$(INSTALL_DIR) $(1)/etc/schroot
-	$(CP) -R $(PKG_INSTALL_DIR)/etc/schroot/* $(1)/etc/schroot
-	$(INSTALL_DIR) $(1)/usr/lib/schroot
-	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/libsbuild.* $(1)/usr/lib/
-	$(INSTALL_DIR) $(1)/usr/libexec/schroot
-	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/libexec/schroot/schroot-* $(1)/usr/libexec/schroot/
-	$(INSTALL_DIR) $(1)/usr/share/schroot
-	$(CP) -R $(PKG_INSTALL_DIR)/usr/share/schroot/* $(1)/usr/share/schroot/
-	$(INSTALL_DIR) $(1)/etc/init.d
-	$(INSTALL_BIN) ./files/schroot.init $(1)/etc/init.d/schroot
-endef
-
-$(eval $(call BuildPackage,schroot))

admin/schroot/files/schroot.init

@@ -1,10 +0,0 @@
-#!/bin/sh /etc/rc.common
-
-START=94
-
-start() {
-	[ -d /var/lib/schroot ] || {
-		mkdir -p /var/lib/schroot/session /var/lib/schroot/unpack /var/lib/schroot/union/overlay /var/lib/schroot/union/underlay
-		chmod 0700 /var/lib/schroot
-	}
-}

admin/schroot/patches/01-openwrt.patch

@@ -1,169 +0,0 @@
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -210,8 +210,8 @@ endif(BUILD_PAM)
- set(BLOCKDEV_DEFAULT ON)
- 
- # LVM snapshot mount feature
--find_program(LVCREATE_EXECUTABLE lvcreate PATHS /sbin /usr/sbin /usr/local/sbin)
--find_program(LVREMOVE_EXECUTABLE lvremove PATHS /sbin /usr/sbin /usr/local/sbin)
-+#find_program(LVCREATE_EXECUTABLE lvcreate PATHS /sbin /usr/sbin /usr/local/sbin)
-+#find_program(LVREMOVE_EXECUTABLE lvremove PATHS /sbin /usr/sbin /usr/local/sbin)
- set(LVMSNAP_DEFAULT OFF)
- if (LVCREATE_EXECUTABLE AND LVREMOVE_EXECUTABLE)
-   set (LVMSNAP_DEFAULT ON)
-@@ -224,7 +224,7 @@ if (lvm-snapshot)
- endif(lvm-snapshot)
- 
- # ZFS snapshot mount feature
--find_program(ZFS_EXECUTABLE zfs PATHS /sbin /usr/sbin /usr/local/sbin)
-+#find_program(ZFS_EXECUTABLE zfs PATHS /sbin /usr/sbin /usr/local/sbin)
- set(ZFSSNAP_DEFAULT OFF)
- if (ZFS_EXECUTABLE)
-   set (ZFSSNAP_DEFAULT ON)
-@@ -237,7 +237,7 @@ if (zfs-snapshot)
- endif(zfs-snapshot)
- 
- # Btrfs snapshot mount feature
--find_program(BTRFS_EXECUTABLE btrfs PATHS /sbin /usr/sbin /usr/local/sbin)
-+#find_program(BTRFS_EXECUTABLE btrfs PATHS /sbin /usr/sbin /usr/local/sbin)
- set(BTRFSSNAP_DEFAULT OFF)
- if (BTRFS_EXECUTABLE)
-   set (BTRFSSNAP_DEFAULT ON)
-@@ -310,15 +310,9 @@ include_directories(${PROJECT_BINARY_DIR
-                     ${PROJECT_BINARY_DIR}
-                     ${PROJECT_SOURCE_DIR})
- 
--enable_testing()
--
- add_subdirectory(sbuild)
- add_subdirectory(bin)
--add_subdirectory(test)
--add_subdirectory(doc)
- add_subdirectory(etc)
--add_subdirectory(po)
--add_subdirectory(man)
- 
- add_custom_target(check-news
-   COMMAND if grep -q "Welcome to ${CMAKE_PROJECT_NAME} ${GIT_RELEASE_VERSION}" "${PROJECT_SOURCE_DIR}/NEWS" \; then echo "NEWS current version ${GIT_RELEASE_VERSION}" \; else echo "NEWS current version does not match release version ${GIT_RELEASE_VERSION}" \; exit 1 \; fi
---- a/bin/schroot-base/schroot-base-run.h
-+++ b/bin/schroot-base/schroot-base-run.h
-@@ -61,8 +61,8 @@ namespace schroot_base
-         std::cout.imbue(std::locale());
-         std::cerr.imbue(std::locale());
- 
--        bindtextdomain (SBUILD_MESSAGE_CATALOGUE, SCHROOT_LOCALE_DIR);
--        textdomain (SBUILD_MESSAGE_CATALOGUE);
-+        //bindtextdomain (SBUILD_MESSAGE_CATALOGUE, SCHROOT_LOCALE_DIR);
-+        //textdomain (SBUILD_MESSAGE_CATALOGUE);
- 
-         typename options_type::ptr opts(new options_type);
-         main_type kit(opts);
---- a/sbuild/sbuild-feature.h
-+++ b/sbuild/sbuild-feature.h
-@@ -24,6 +24,7 @@
- #include <string>
- 
- #include <boost/format.hpp>
-+#include <libintl.h>
- 
- namespace sbuild
- {
---- a/etc/setup.d/20copyfiles
-+++ b/etc/setup.d/20copyfiles
-@@ -39,9 +39,9 @@ copy_file()
-         if [ -e "$2" ]; then
- 
-             # Device and inode
--            da=$(/usr/bin/stat --format="%d %i" "$1")
-+            da=$(/bin/stat --format="%d %i" "$1")
-             # This one can fail since it might not exist yet
--            db=$(/usr/bin/stat --format="%d %i" "$2" 2>/dev/null || :)
-+            db=$(/bin/stat --format="%d %i" "$2" 2>/dev/null || :)
- 
-             if [ "$da" = "$db" ]; then
-                 COPY="false"
---- a/etc/setup.d/20nssdatabases
-+++ b/etc/setup.d/20nssdatabases
-@@ -29,7 +29,7 @@ set -e
- dup_nss()
- {
-     info "Copying $1 database to $2"
--    getent "$1" > "$2"
-+    cat "/etc/$1" > "$2"
- }
- 
- if [ $STAGE = "setup-start" ] || [ $STAGE = "setup-recover" ]; then
-@@ -42,9 +42,9 @@ if [ $STAGE = "setup-start" ] || [ $STAG
-                 fi
- 
-                 # Device and inode
--                dr=$(/usr/bin/stat --format="%d %i" "/etc/$db")
-+                dr=$(/bin/stat --format="%d %i" "/etc/$db")
-                 # This one can fail since it might not exist yet
--                dc=$(/usr/bin/stat --format="%d %i" "${CHROOT_PATH}/etc/$db" 2>/dev/null || :)
-+                dc=$(/bin/stat --format="%d %i" "${CHROOT_PATH}/etc/$db" 2>/dev/null || :)
- 
-                 # If the database inside and outside the chroot is the
-                 # same, it's very likely that dup_nss would blank the
---- a/etc/profile-templates/all/all/nssdatabases
-+++ b/etc/profile-templates/all/all/nssdatabases
-@@ -3,5 +3,5 @@
- # <database name>
- passwd
- shadow
--group
--gshadow
-+#group
-+#gshadow
---- a/etc/profile-templates/buildd/all/nssdatabases
-+++ b/etc/profile-templates/buildd/all/nssdatabases
-@@ -3,5 +3,5 @@
- # <database name>
- passwd
- shadow
--group
--gshadow
-+#group
-+#gshadow
---- a/etc/profile-templates/default/all/nssdatabases
-+++ b/etc/profile-templates/default/all/nssdatabases
-@@ -1,4 +1,4 @@
- services
- protocols
--networks
-+#networks
- hosts
---- a/etc/profile-templates/desktop/all/nssdatabases
-+++ b/etc/profile-templates/desktop/all/nssdatabases
-@@ -1,4 +1,4 @@
- services
- protocols
--networks
-+#networks
- hosts
---- a/etc/profile-templates/default/linux/fstab
-+++ b/etc/profile-templates/default/linux/fstab
-@@ -7,7 +7,7 @@
- # to run additional services in the chroot.  However, note that this
- # may potentially cause undesirable behaviour on upgrades, such as
- # killing services on the host.
--#/run           /run            none    rw,bind         0       0
-+/run           /run            none    rw,bind         0       0
- #/run/lock      /run/lock       none    rw,bind         0       0
--#/dev/shm       /dev/shm        none    rw,bind         0       0
--#/run/shm       /run/shm        none    rw,bind         0       0
-+/tmp/shm       /dev/shm        none    rw,bind         0       0
-+/tmp/shm       /run/shm        none    rw,bind         0       0
---- a/etc/profile-templates/desktop/linux/fstab
-+++ b/etc/profile-templates/desktop/linux/fstab
-@@ -12,7 +12,7 @@
- # to run additional services in the chroot.  However, note that this
- # may potentially cause undesirable behaviour on upgrades, such as
- # killing services on the host.
--#/run           /run            none    rw,bind         0       0
-+/run           /run            none    rw,bind         0       0
- #/run/lock      /run/lock       none    rw,bind         0       0
--#/dev/shm       /dev/shm        none    rw,bind         0       0
--#/run/shm       /run/shm        none    rw,bind         0       0
-+/tmp/shm       /dev/shm        none    rw,bind         0       0
-+/tmp/shm       /run/shm        none    rw,bind         0       0

admin/sudo/Makefile

@@ -8,22 +8,21 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=sudo
-PKG_VERSION:=1.9.15p5
+PKG_VERSION:=1.8.28p1
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://www.sudo.ws/dist
-PKG_HASH:=558d10b9a1991fb3b9fa7fa7b07ec4405b7aefb5b3cb0b0871dbc81e3a88e558
-
-PKG_MAINTAINER:=Alexandru Ardelean <ardeleanalex@gmail.com>
+PKG_SOURCE_URL:=https://www.sudo.ws/dist/
+PKG_HASH:=23ba5a84af31e3b5ded58d4be6d3f6939a495a55561fba92c6941b79a6e8b027
 
+PKG_MAINTAINER:=
 PKG_LICENSE:=ISC
 PKG_LICENSE_FILES:=doc/LICENSE
 PKG_CPE_ID:=cpe:/a:todd_miller:sudo
 
 PKG_INSTALL:=1
-PKG_BUILD_PARALLEL:=1
-PKG_BUILD_FLAGS:=no-mips16
+
+PKG_BUILD_DEPENDS:=sudo/host
 
 include $(INCLUDE_DIR)/package.mk
 
@@ -46,32 +45,46 @@ define Package/sudo/conffiles
 /etc/sudoers.d/
 endef
 
-CONFIGURE_ARGS += \
+CONFIGURE_ARGS+= \
 	--without-pam \
 	--disable-pam-session \
 	--with-editor=/bin/vi \
 	--without-lecture \
 	--disable-zlib \
-	--disable-openssl \
 	--with-rundir=/var/lib/sudo \
 	--with-vardir=/var/lib/sudo
 
-CONFIGURE_VARS += \
+CONFIGURE_VARS+= \
 	sudo_cv_uid_t_len=10 \
 	sudo_cv_func_unsetenv_void=no
 
-define Package/sudo/install
-	$(INSTALL_DIR) \
-		$(1)/etc/{init.d,sudoers.d} \
-		$(1)/usr/{bin,sbin} \
-		$(1)/usr/lib/sudo
+include $(INCLUDE_DIR)/host-build.mk
 
+define Host/Compile
+	cd $(HOST_BUILD_DIR)/lib/util; \
+	    $(MAKE) mksiglist; $(MAKE) mksigname
+endef
+
+define Host/Install
+	$(INSTALL_DIR) $(STAGING_DIR_HOSTPKG)/bin
+	$(CP) $(HOST_BUILD_DIR)/lib/util/mksig{list,name} $(STAGING_DIR_HOSTPKG)/bin/
+endef
+
+$(eval $(call HostBuild))
+
+define Package/sudo/install
+	$(INSTALL_DIR) $(1)/usr/bin
 	$(CP) $(PKG_INSTALL_DIR)/usr/bin/sudo $(1)/usr/bin/
 	chmod 4755 $(1)/usr/bin/sudo
+	$(INSTALL_DIR) $(1)/usr/sbin
 	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/visudo $(1)/usr/sbin/
+	$(INSTALL_DIR) $(1)/etc
 	$(CP) $(PKG_INSTALL_DIR)/etc/sudoers $(1)/etc/
 	chmod 0440 $(1)/etc/sudoers
+	$(INSTALL_DIR) $(1)/etc/sudoers.d
+	$(INSTALL_DIR) $(1)/usr/lib/sudo
 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/sudo/*.so* $(1)/usr/lib/sudo/
+	$(INSTALL_DIR) $(1)/etc/init.d
 	$(INSTALL_BIN) ./files/sudo.init $(1)/etc/init.d/sudo
 endef
 

admin/sudo/patches/010-cross-compile-fixes.patch

@@ -0,0 +1,15 @@
+--- a/lib/util/Makefile.in
++++ b/lib/util/Makefile.in
+@@ -188,10 +188,10 @@ libsudo_util.la: $(LTOBJS) @LT_LDDEP@
+ 	esac
+ 
+ siglist.c: mksiglist
+-	./mksiglist > $@
++	mksiglist > $@
+ 
+ signame.c: mksigname
+-	./mksigname > $@
++	mksigname > $@
+ 
+ mksiglist: $(srcdir)/mksiglist.c $(srcdir)/mksiglist.h $(incdir)/sudo_compat.h $(top_builddir)/config.h
+ 	$(CC) $(CPPFLAGS) $(CFLAGS) $(srcdir)/mksiglist.c -o $@

admin/sudo/patches/020-no-owner-change.patch

@@ -1,9 +1,9 @@
 --- a/Makefile.in
 +++ b/Makefile.in
-@@ -75,7 +75,7 @@ EGREP = @EGREP@
+@@ -64,7 +64,7 @@ SHELL = @SHELL@
  SED = @SED@
  
- INSTALL = $(SHELL) $(scriptdir)/install-sh -c
+ INSTALL = $(SHELL) $(top_srcdir)/install-sh -c
 -INSTALL_OWNER = -o $(install_uid) -g $(install_gid)
 +INSTALL_OWNER =
  

admin/sudo/patches/030-musl-fix-missing-header.patch

@@ -0,0 +1,11 @@
+--- a/include/sudo_util.h
++++ b/include/sudo_util.h
+@@ -33,6 +33,8 @@
+ # endif
+ #endif
+ 
++#include <sys/types.h>
++
+ /*
+  * Macros for operating on struct timeval.
+  */

admin/sudo/test.sh

@@ -1,7 +0,0 @@
-#!/bin/sh
-
-case "$1" in
-	sudo)
-		sudo --version | grep "$2"
-		;;
-esac

admin/syslog-ng/Makefile

@@ -1,39 +1,26 @@
-include $(TOPDIR)/rules.mk
+include  $(TOPDIR)/rules.mk
 
 PKG_NAME:=syslog-ng
-PKG_VERSION:=4.4.0
-PKG_RELEASE:=1
+PKG_VERSION:=3.9.1
+PKG_RELEASE:=3
 
-PKG_MAINTAINER:=Josef Schlehofer <pepe.schlehofer@gmail.com>
-PKG_LICENSE:=LGPL-2.1-or-later GPL-2.0-or-later
-PKG_LICENSE_FILES:=COPYING LGPL.txt GPL.txt
-PKG_CPE_ID:=cpe:/a:balabit:syslog-ng
+PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org>
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://github.com/syslog-ng/syslog-ng/releases/download/$(PKG_NAME)-$(PKG_VERSION)/
-PKG_HASH:=583b147f3ec17fbc2dbbf31aafb1e3966237d7541313de5b41ea885dc16d932e
+PKG_SOURCE_URL:=https://github.com/balabit/syslog-ng/releases/download/$(PKG_NAME)-$(PKG_VERSION)/
+PKG_HASH:=5678856a550ae790618fabde9d1447f932ce7a9080d55dca8fc5df1202c70a17
 
-PKG_BUILD_PARALLEL:=1
 PKG_INSTALL:=1
 
-PKG_BUILD_DEPENDS:= \
-	HOST_OS_MACOS:fakeuname/host \
-
-PKG_CONFIG_DEPENDS:= \
-	CONFIG_IPV6 \
-
 include $(INCLUDE_DIR)/package.mk
 include $(INCLUDE_DIR)/nls.mk
-ifeq ($(CONFIG_HOST_OS_MACOS),y)
-    include ../../utils/fakeuname/fakeuname.mk
-endif
 
 define Package/syslog-ng
   SECTION:=admin
   CATEGORY:=Administration
+  DEPENDS:=+libpcre +glib2 +libeventlog +libopenssl +libuuid +libcurl
   TITLE:=A powerful syslog daemon
-  URL:=https://www.syslog-ng.com/products/open-source-log-management/
-  DEPENDS:=+libpcre2 +glib2 +libopenssl +libpthread +librt +zlib +libdbi +libjson-c +libcurl +libuuid +SYSLOGNG_LOGROTATE:logrotate
+  URL:=http://www.balabit.com/network-security/syslog-ng/opensource-logging-system/
 endef
 
 define Package/syslog-ng/description
@@ -45,32 +32,6 @@ endef
 define Package/syslog-ng/conffiles
 /etc/syslog-ng.conf
 /etc/syslog-ng.d/
-/etc/scl.conf
-endef
-
-define Package/syslog-ng/config
-config SYSLOGNG_LOGROTATE
-	bool "Logrotate support"
-	depends on PACKAGE_syslog-ng
-	default n
-	help
-	  It adds support for logrotate functionality.
-
-config SYSLOGNG_LOGROTATE_MAXSIZE
-	string "Maximum size of /var/log/messages log file"
-	depends on SYSLOGNG_LOGROTATE
-	default "1M"
-	help
-	  Log files are rotated when they grow bigger than defined size bytes.
-
-config SYSLOGNG_LOGROTATE_ROTATE_COUNT
-	int "Maximum rotation count for /var/log/messages log file"
-	depends on SYSLOGNG_LOGROTATE
-	default 1
-	help
-	  Log files are rotated count times before being removed or mailed to
-	  the address specified in a mail directive. If count is 0, old
-	  versions are removed rather than rotated.
 endef
 
 define Build/Configure
@@ -78,81 +39,39 @@ define Build/Configure
 	$(Build/Configure/Default)
 endef
 
-LOGROTATE_MAXSIZE:=$(call qstrip,$(CONFIG_SYSLOGNG_LOGROTATE_MAXSIZE))
-LOGROTATE_ROTATE:=$(call qstrip,$(CONFIG_SYSLOGNG_LOGROTATE_ROTATE_COUNT))
+CONFIGURE_ARGS += \
+  $(call autoconf_bool,CONFIG_IPV6,ipv6) \
+         --disable-dependency-tracking \
+         --disable-amqp \
+         --disable-tcp-wrapper \
+         --disable-glibtest \
+         --disable-mongodb \
+         --disable-java \
+         --disable-json \
+         --disable-python \
+         --disable-spoof-source \
+         --disable-sql \
+         --disable-linux-caps \
+	 --disable-smtp \
+	 --disable-redis \
+         --enable-prce \
 
-CONFIGURE_ARGS +=  \
-	--disable-afsnmp \
-	$(call autoconf_bool,CONFIG_IPV6,ipv6) \
-	--disable-tcp-wrapper \
-	--disable-spoof-source \
-	--disable-sql \
-	--disable-linux-caps \
-	--with-jsonc=system \
-	--enable-cpp=no \
-	--enable-json=yes \
-	--enable-http=yes \
-	--disable-smtp \
-	--disable-mqtt \
-	--disable-redis \
-	--disable-dependency-tracking \
-	--disable-python \
-	--disable-geoip2 \
-	--disable-java \
-	--disable-java-modules \
-	--with-librabbitmq-client=no \
-	--with-mongoc=no
+TARGET_CPPFLAGS += \
+  -I$(STAGING_DIR)/usr/include/eventlog
 
 CONFIGURE_VARS += \
-	$(if $(CONFIG_HOST_OS_MACOS),PATH=$(FAKEUNAME_PATH):$(PATH)) \
-	LIBDBI_CFLAGS="-I$(STAGING_DIR)/usr/include"
+  LIBDBI_CFLAGS="-I$(STAGING_DIR)/usr/include"
 
 define Package/syslog-ng/install
-	cd $(PKG_BUILD_DIR); make DESTDIR=$(1) install
-
-	$(call libtool_remove_files,$(1)) # This removes .la files in folder (including subfolders) /usr/lib
-	rm -rf $(1)/usr/lib/pkgconfig \
-	$(1)/usr/lib/*.a \
-	$(1)/usr/include \
-	$(1)/var
-
+	$(INSTALL_DIR) $(1)/usr/lib
+	$(MAKE) -C $(PKG_BUILD_DIR) \
+		install-sbinPROGRAMS install-libLTLIBRARIES \
+		install-moduleLTLIBRARIES DESTDIR="$(1)"
 	$(INSTALL_DIR) $(1)/etc/init.d
 	$(INSTALL_BIN) ./files/syslog-ng.init $(1)/etc/init.d/syslog-ng
-	$(INSTALL_DIR) $(1)/etc/syslog-ng.d
 	$(INSTALL_DATA) ./files/syslog-ng.conf $(1)/etc
-	touch $(1)/etc/syslog-ng.d/.keep
-
-	$(INSTALL_DIR) $(1)/sbin
-	$(INSTALL_BIN) ./files/logread $(1)/sbin
-
-	$(INSTALL_DIR) $(1)/usr/share/syslog-ng/include/
-	$(CP) -r ./files/scl $(1)/usr/share/syslog-ng/include/
-
-ifneq ($(strip $(CONFIG_SYSLOGNG_LOGROTATE)),)
-	$(INSTALL_DIR) $(1)/etc/logrotate.d
-	sed \
-		-e 's#@MAXSIZE@#$(LOGROTATE_MAXSIZE)#g' \
-		-e 's#@ROTATE@#$(LOGROTATE_ROTATE)#g' \
-		./files/syslog-ng.logrotate > $(1)/etc/logrotate.d/syslog-ng.conf
-endif
-endef
-
-define Package/syslog-ng/postinst
-#!/bin/sh
-
-[ -n "$$IPKG_INSTROOT" ] || {
-/etc/init.d/syslog-ng enable
-/etc/init.d/syslog-ng restart
-}
-endef
-
-define Package/syslog-ng/prerm
-#!/bin/sh
-
-[ -n "$$IPKG_INSTROOT" ] || {
-/etc/init.d/syslog-ng disable
-/etc/init.d/syslog-ng stop
-}
+	$(INSTALL_DIR) $(1)/etc/syslog-ng.d/
+	$(call libtool_remove_files,$(1))
 endef
 
 $(eval $(call BuildPackage,syslog-ng))

admin/syslog-ng/files/logread

@@ -1,76 +0,0 @@
-#!/bin/sh
-# Shell script compatibility wrapper for /sbin/logread
-#
-# Copyright (C) 2019 Dirk Brenken <dev@brenken.org>
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-#
-
-logfile="/var/log/messages"
-
-if [ ! -f "${logfile}" ]
-then
-	printf "%s\n" "Error: logfile not found!"
-	exit 2
-fi
-
-usage()
-{
-	printf "%s\n" "Usage: logread [options]"
-	printf "%s\n" "Options:"
-	printf "%5s %-10s%s\n" "-l" "<count>" "Got only the last 'count' messages"
-	printf "%5s %-10s%s\n" "-e" "<pattern>" "Filter messages with a regexp"
-	printf "%5s %-10s%s\n" "-f" "" "Follow log messages"
-	printf "%5s %-10s%s\n" "-h" "" "Print this help message"
-}
-
-if [ -z "${1}" ]
-then
-	cat "${logfile}"
-	exit 0
-else
-	while [ "${1}" ]
-	do
-		case "${1}" in
-			-l)
-				shift
-				count="${1//[^0-9]/}"
-				tail -n "${count:-50}" "${logfile}"
-				exit 0
-				;;
-			-e)
-				shift
-				pattern="${1}"
-				grep -E "${pattern}" "${logfile}"
-				exit 0
-				;;
-			-f)
-				tail -f "${logfile}"
-				exit 0
-				;;
-			-fe)
-				shift
-				pattern="${1}"
-				tail -f "${logfile}" | grep -E "${pattern}"
-				exit 0
-				;;
-			-h|*)
-				usage
-				exit 1
-				;;
-		esac
-		shift
-	done
-fi

admin/syslog-ng/files/scl/network_localhost/detect.sh

@@ -1,6 +0,0 @@
-#!/bin/sh
-if [ "$(sysctl -n net.ipv6.conf.lo.disable_ipv6)" = "0" ]; then
-	echo 'network(ip("::1") port(514) transport(udp) ip-protocol(6) )'
-else
-	echo 'network(ip("127.0.0.1") port(514) transport(udp) ip-protocol(4) )'
-fi

admin/syslog-ng/files/scl/network_localhost/plugin.conf

@@ -1 +0,0 @@
-@module confgen context(source) name(network_localhost) exec("`scl-root`/network_localhost/detect.sh")

admin/syslog-ng/files/syslog-ng.conf

@@ -1,45 +1,24 @@
-#############################################################################
-# OpenWrt syslog-ng.conf specific file
-# which collects all local logs into a single file called /var/log/messages.
-# More details about these settings can be found here:
-# https://www.syslog-ng.com/technical-documents/list/syslog-ng-open-source-edition
-
-@version: 4.4
-@include "scl.conf"
+@version:3.9
 
 options {
-	chain_hostnames(no); # Enable or disable the chained hostname format.
+	chain_hostnames(no);
 	create_dirs(yes);
-	keep_hostname(yes); # Enable or disable hostname rewriting.
-	log_fifo_size(256); # The number of messages that the output queue can store.
-	log_msg_size(1024); # Maximum length of a message in bytes.
-	stats_freq(0); # The period between two STATS messages (sent by syslog-ng, containing statistics about dropped logs) in seconds.
-	flush_lines(0); # How many lines are flushed to a destination at a time.
-	use_fqdn(no); # Add Fully Qualified Domain Name instead of short hostname.
+	flush_lines(0);
+	keep_hostname(yes);
+	log_fifo_size(256);
+	log_msg_size(1024);
+	stats_freq(0);
+	flush_lines(0);
+	use_fqdn(no);
 };
 
-# syslog-ng gets messages from syslog-ng (internal) and from /dev/log
-
 source src {
 	internal();
 	unix-dgram("/dev/log");
 };
 
 source net {
-	network_localhost();
-};
-
-source s_network {
-	default-network-drivers(
-		# NOTE: TLS support
-		#
-		# the default-network-drivers() source driver opens the TLS
-		# enabled ports as well, however without an actual key/cert
-		# pair they will not operate and syslog-ng would display a
-		# warning at startup.
-		#
-		#tls(key-file("/path/to/ssl-private-key") cert-file("/path/to/ssl-cert"))
-	);
+	udp(ip(0.0.0.0) port(514));
 };
 
 source kernel {
@@ -55,13 +34,8 @@ log {
 	source(net);
         source(kernel);
 	destination(messages);
-
-	# uncomment this line to open port 514 to receive messages
-	#source(s_network);
 };
 
-#
-# Finally, include any user settings last so that s/he can override or
-# supplement all "canned" settings inherited from the distribution.
-#
-@include "/etc/syslog-ng.d/" # Put any customization files in this directory
+# put any customization files in this directory
+@include "/etc/syslog-ng.d/"
+

admin/syslog-ng/files/syslog-ng.init

@@ -1,17 +1,31 @@
 #!/bin/sh /etc/rc.common
-# Copyright (C) 2006-2019 OpenWrt.org
+# Copyright (C) 2006-2016 OpenWrt.org
 
-START=50
+START=20
+PROG=/usr/sbin/syslog-ng
+PROG2=/usr/sbin/syslog-ng-ctl
 
-USE_PROCD=1
+SERVICE_USE_PID=1
+SERVICE_PID_FILE=/var/run/syslog-ng.pid
 
-start_service() {
-	[ -f /etc/syslog-ng.conf ] || return 1
-	procd_open_instance
-	procd_set_param command /usr/sbin/syslog-ng --foreground
-	procd_close_instance
+config_file=/etc/syslog-ng.conf
+
+start() {
+	[ -f $config_file ] || return 1
+
+	if ! $PROG -s 2>/dev/null ; then
+		echo "Couldn't parse $(basename $config_file)" >&2
+		exit 1
+	fi
+
+	service_start $PROG --process-mode background \
+		-p $SERVICE_PID_FILE
 }
 
-reload_service() {
-	/usr/sbin/syslog-ng-ctl reload
+stop() {
+	service_stop $PROG
+}
+
+reload() {
+	$PROG2 reload
 }

admin/syslog-ng/files/syslog-ng.logrotate

@@ -1,12 +0,0 @@
-/var/log/messages {
-	compress
-	copytruncate
-	delaycompress
-	notifempty
-	maxsize @MAXSIZE@
-	missingok
-	postrotate
-		/usr/sbin/syslog-ng-ctl reload > /dev/null
-	endscript
-	rotate @ROTATE@
-}

admin/syslog-ng/patches/100-use-1.0.2k-threadids.patch

@@ -0,0 +1,35 @@
+--- a/lib/crypto.c	2016-12-21 07:57:44.000000000 -0700
++++ b/lib/crypto.c	2017-03-24 13:19:34.188259018 -0600
+@@ -51,11 +51,20 @@
+     }
+ }
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10000000
+ static unsigned long
+ ssl_thread_id(void)
+ {
+   return (unsigned long) get_thread_id();
+ }
++
++#else
++static void
++ssl_thread_id2(CRYPTO_THREADID *id)
++{
++  CRYPTO_THREADID_set_numeric(id, get_thread_id());
++}
++#endif
+ 
+ static void
+ crypto_init_threading(void)
+@@ -68,7 +76,11 @@
+     {
+       g_static_mutex_init(&ssl_locks[i]);
+     }
++#if OPENSSL_VERSION_NUMBER < 0x10000000
+   CRYPTO_set_id_callback(ssl_thread_id);
++#else
++  CRYPTO_THREADID_set_callback(ssl_thread_id2);
++#endif
+   CRYPTO_set_locking_callback(ssl_locking_callback);
+ }
+ 

admin/zabbix/Makefile

@@ -8,80 +8,37 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=zabbix
-PKG_VERSION:=6.4.7
-PKG_RELEASE:=1
+PKG_VERSION:=3.2.7
+PKG_RELEASE:=3
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://cdn.zabbix.com/zabbix/sources/stable/$(basename $(PKG_VERSION))/ \
-	https://cdn.zabbix.com/zabbix/sources/oldstable/$(basename $(PKG_VERSION))/
-PKG_HASH:=6b4e81f07de4c82c7994871bea51be4d6427683fa9a7fbe112fd7559b3670e49
+PKG_HASH:=3ea0c299bd69bc728177128740f0476bc1a2c1de438330df5bbd8f5fc6090712
+PKG_SOURCE_URL:=@SF/zabbix
 
-PKG_MAINTAINER:=Etienne CHAMPETIER <champetier.etienne@gmail.com>
 PKG_LICENSE:=GPL-2.0
 PKG_LICENSE_FILES:=COPYING
-PKG_CPE_ID:=cpe:/a:zabbix:zabbix
 
 PKG_INSTALL:=1
-PKG_BUILD_PARALLEL:=1
 
-PKG_CONFIG_DEPENDS:= \
-  CONFIG_ZABBIX_MYSQL \
-  CONFIG_ZABBIX_POSTGRESQL \
-  CONFIG_ZABBIX_SQLITE
+PKG_FIXUP:=autoreconf
 
 include $(INCLUDE_DIR)/package.mk
 include $(INCLUDE_DIR)/nls.mk
 
-define Package/zabbix-proxy/config
-comment "Database Software"
-
-choice
-        prompt "Selected Database Software"
-        default ZABBIX_POSTGRESQL
-
-        config ZABBIX_MYSQL
-                bool "MySQL/MariaDB"
-
-        config ZABBIX_POSTGRESQL
-                bool "PostgreSQL"
-
-        config ZABBIX_SQLITE
-                bool "SQLite"
-endchoice
-endef
-
 define Package/zabbix/Default
   SECTION:=admin
   CATEGORY:=Administration
-  SUBMENU:=Zabbix
   TITLE:=Zabbix
-  URL:=https://www.zabbix.com/
+  URL:=http://www.zabbix.com/
+  SUBMENU:=zabbix
+  MAINTAINER:=Etienne CHAMPETIER <champetier.etienne@gmail.com>
   USERID:=zabbix=53:zabbix=53
-  DEPENDS+=$(ICONV_DEPENDS) +libpcre2 +zlib
+  DEPENDS += $(ICONV_DEPENDS)
 endef
 
 define Package/zabbix-agentd
   $(call Package/zabbix/Default)
   TITLE+= agentd
-  PROVIDES:=zabbix-agentd
-  VARIANT:=nossl
-  DEFAULT_VARIANT:=1
-endef
-
-define Package/zabbix-agentd-openssl
-  $(call Package/zabbix/Default)
-  TITLE+= agentd (with OpenSSL)
-  DEPENDS+= +libopenssl
-  PROVIDES:=zabbix-agentd
-  VARIANT:=openssl
-endef
-
-define Package/zabbix-agentd-gnutls
-  $(call Package/zabbix/Default)
-  TITLE+= agentd (with GnuTLS)
-  DEPENDS+= +libgnutls
-  PROVIDES:=zabbix-agentd
-  VARIANT:=gnutls
 endef
 
 define Package/zabbix-extra-mac80211
@@ -93,148 +50,35 @@ endef
 define Package/zabbix-extra-network
   $(call Package/zabbix/Default)
   TITLE+= discovery/userparameters for network
-  DEPENDS = +zabbix-agentd +libubus-lua +lua
+  DEPENDS = +zabbix-agentd +libuci-lua +lua
 endef
 
 define Package/zabbix-extra-wifi
   $(call Package/zabbix/Default)
   TITLE+= discovery/userparameters for wifi
-  DEPENDS = +zabbix-agentd +libiwinfo-lua +libubus-lua +lua
+  DEPENDS = +zabbix-agentd +libiwinfo-lua +libuci-lua +lua
 endef
 
 define Package/zabbix-sender
   $(call Package/zabbix/Default)
   TITLE+= sender
-  PROVIDES:=zabbix-sender
-  VARIANT:=nossl
-  DEFAULT_VARIANT:=1
-endef
-
-define Package/zabbix-sender-openssl
-  $(call Package/zabbix/Default)
-  TITLE+= sender (with OpenSSL)
-  DEPENDS+= +libopenssl
-  PROVIDES:=zabbix-sender
-  VARIANT:=openssl
-endef
-
-define Package/zabbix-sender-gnutls
-  $(call Package/zabbix/Default)
-  TITLE+= sender (with GnuTLS)
-  DEPENDS+= +libgnutls
-  PROVIDES:=zabbix-sender
-  VARIANT:=gnutls
 endef
 
 define Package/zabbix-get
   $(call Package/zabbix/Default)
   TITLE+= get
-  PROVIDES:=zabbix-get
-  VARIANT:=nossl
-  DEFAULT_VARIANT:=1
-endef
-
-define Package/zabbix-get-openssl
-  $(call Package/zabbix/Default)
-  TITLE+= get (with OpenSSL)
-  DEPENDS+= +libopenssl
-  PROVIDES:=zabbix-get
-  VARIANT:=openssl
-endef
-
-define Package/zabbix-get-gnutls
-  $(call Package/zabbix/Default)
-  TITLE+= get (with GnuTLS)
-  DEPENDS+= +libgnutls
-  PROVIDES:=zabbix-get
-  VARIANT:=gnutls
-endef
-
-define Package/zabbix-server/Default
-  $(call Package/zabbix/Default)
-  TITLE+= server
-  DEPENDS += +ZABBIX_POSTGRESQL:libpq \
-    +ZABBIX_MYSQL:libmariadbclient \
-    @(!ZABBIX_SQLITE) \
-    +libevent2 \
-    +libevent2-pthreads \
-    +fping
 endef
 
 define Package/zabbix-server
-  $(call Package/zabbix-server/Default)
-  PROVIDES:=zabbix-server
-  VARIANT:=nossl
-  DEFAULT_VARIANT:=1
-endef
-
-define Package/zabbix-server-openssl
-  $(call Package/zabbix-server/Default)
-  TITLE+= (with OpenSSL)
-  PROVIDES:=zabbix-server
-  DEPENDS+= +libopenssl
-  VARIANT:=openssl
-endef
-
-define Package/zabbix-server-gnutls
-  $(call Package/zabbix-server/Default)
-  TITLE+= (with GnuTLS)
-  PROVIDES:=zabbix-server
-  DEPENDS+= +libgnutls
-  VARIANT:=gnutls
-endef
-
-define Package/zabbix-server-frontend
   $(call Package/zabbix/Default)
-  TITLE+= server-frontend
-  DEPENDS += +php8 \
-    +php8-cgi \
-    +php8-mod-gd \
-    +php8-mod-bcmath \
-    +php8-mod-ctype \
-    +php8-mod-xmlreader \
-    +php8-mod-xmlwriter \
-    +php8-mod-session \
-    +php8-mod-sockets \
-    +php8-mod-mbstring \
-    +php8-mod-gettext \
-    +ZABBIX_POSTGRESQL:php8-mod-pgsql \
-    +ZABBIX_MYSQL:php8-mod-mysqli \
-    @(!ZABBIX_SQLITE)
-endef
-
-define Package/zabbix-proxy/Default
-  $(call Package/zabbix/Default)
-  TITLE+= proxy
-  DEPENDS += +ZABBIX_POSTGRESQL:libpq \
-    +ZABBIX_MYSQL:libmariadbclient \
-    +ZABBIX_SQLITE:libsqlite3 \
-    +libevent2 \
-    +libevent2-pthreads \
-    +fping
+  TITLE+= server
+  DEPENDS += +libsqlite3
 endef
 
 define Package/zabbix-proxy
-  $(call Package/zabbix-proxy/Default)
-  PROVIDES:=zabbix-proxy
-  VARIANT:=nossl
-  DEFAULT_VARIANT:=1
-endef
-
-define Package/zabbix-proxy-openssl
-  $(call Package/zabbix-proxy/Default)
-  TITLE+= (with OpenSSL)
-  PROVIDES:=zabbix-proxy
-  DEPENDS+= +libopenssl
-  VARIANT:=openssl
-endef
-
-define Package/zabbix-proxy-gnutls
-  $(call Package/zabbix-proxy/Default)
-  TITLE+= (with GnuTLS)
-  PROVIDES:=zabbix-proxy
-  DEPENDS+= +libgnutls
-  VARIANT:=gnutls
+  $(call Package/zabbix/Default)
+  TITLE+= proxy
+  DEPENDS += +libsqlite3
 endef
 
 define Package/zabbix-extra-mac80211/description
@@ -257,27 +101,11 @@ endef
 
 CONFIGURE_ARGS+= \
 	--enable-agent \
-	$(if $(CONFIG_ZABBIX_SQLITE),--disable-server,--enable-server) \
+	--enable-server \
 	--enable-proxy \
 	$(call autoconf_bool,CONFIG_IPV6,ipv6) \
 	--disable-java \
-	$(if $(CONFIG_ZABBIX_MYSQL),--with-mysql) \
-	$(if $(CONFIG_ZABBIX_POSTGRESQL),--with-postgresql) \
-	$(if $(CONFIG_ZABBIX_SQLITE),--with-sqlite3=$(STAGING_DIR)/usr) \
-	--with-libevent=$(STAGING_DIR)/usr/include \
-	--with-libpcre2=$(STAGING_DIR)/usr/include \
-	--with-zlib=$(STAGING_DIR)/usr/include
-
-ifeq ($(BUILD_VARIANT),openssl)
-	CONFIGURE_ARGS+= --with-openssl="$(STAGING_DIR)/usr"
-endif
-
-ifeq ($(BUILD_VARIANT),gnutls)
-	CONFIGURE_ARGS+= --with-gnutls="$(STAGING_DIR)/usr"
-endif
-
-CONFIGURE_VARS += \
-	ac_cv_header_sys_sysinfo_h=no
+	--with-sqlite3="$(STAGING_DIR)/usr"
 
 MAKE_FLAGS += ARCH="linux"
 
@@ -329,20 +157,12 @@ endef
 define Package/zabbix-agentd/conffiles
 /etc/zabbix_agentd.conf
 endef
-Package/zabbix-agentd-openssl/conffiles = $(Package/zabbix-agentd/conffiles)
-Package/zabbix-agentd-gnutls/conffiles = $(Package/zabbix-agentd/conffiles)
-
 define Package/zabbix-server/conffiles
 /etc/zabbix_server.conf
 endef
-Package/zabbix-server-openssl/conffiles = $(Package/zabbix-server/conffiles)
-Package/zabbix-server-gnutls/conffiles = $(Package/zabbix-server/conffiles)
-
 define Package/zabbix-proxy/conffiles
 /etc/zabbix_proxy.conf
 endef
-Package/zabbix-proxy-openssl/conffiles = $(Package/zabbix-proxy/conffiles)
-Package/zabbix-proxy-gnutls/conffiles = $(Package/zabbix-proxy/conffiles)
 
 ifdef CONFIG_PACKAGE_zabbix-extra-mac80211
 define Build/Prepare/zabbix-extra-mac80211
@@ -371,8 +191,6 @@ define Package/zabbix-agentd/install
 	$(call Package/zabbix/install/etc,$(1),agentd)
 	$(call Package/zabbix/install/init.d,$(1),agentd)
 endef
-Package/zabbix-agentd-openssl/install = $(Package/zabbix-agentd/install)
-Package/zabbix-agentd-gnutls/install = $(Package/zabbix-agentd/install)
 
 define Package/zabbix-extra-mac80211/install
 	$(call Package/zabbix/install/zabbix.conf.d,$(1),mac80211)
@@ -383,77 +201,35 @@ endef
 
 define Package/zabbix-extra-network/install
 	$(call Package/zabbix/install/zabbix.conf.d,$(1),network)
-	$(INSTALL_DIR) $(1)/usr/share/acl.d
-	$(INSTALL_DATA) ./files/zabbix-network-ubus-acl.json $(1)/usr/share/acl.d/zabbix-network.json
-endef
-
-define Package/zabbix-extra-network/postinst
-#!/bin/sh
-if [ -z "$${IPKG_INSTROOT}" ]; then
-	killall -s HUP ubusd
-fi
 endef
 
 define Package/zabbix-extra-wifi/install
 	$(call Package/zabbix/install/zabbix.conf.d,$(1),wifi)
-	$(INSTALL_DIR) $(1)/usr/share/acl.d
-	$(INSTALL_DATA) ./files/zabbix-wifi-ubus-acl.json $(1)/usr/share/acl.d/zabbix-wifi.json
-endef
-
-define Package/zabbix-extra-wifi/postinst
-#!/bin/sh
-if [ -z "$${IPKG_INSTROOT}" ]; then
-	killall -s HUP ubusd
-fi
 endef
 
 define Package/zabbix-sender/install
 	$(call Package/zabbix/install/bin,$(1),sender)
 endef
-Package/zabbix-sender-openssl/install = $(Package/zabbix-sender/install)
-Package/zabbix-sender-gnutls/install = $(Package/zabbix-sender/install)
 
 define Package/zabbix-get/install
 	$(call Package/zabbix/install/bin,$(1),get)
 endef
-Package/zabbix-get-openssl/install = $(Package/zabbix-get/install)
-Package/zabbix-get-gnutls/install = $(Package/zabbix-get/install)
 
 define Package/zabbix-server/install
 	$(call Package/zabbix/install/sbin,$(1),server)
 	$(call Package/zabbix/install/etc,$(1),server)
 endef
-Package/zabbix-server-openssl/install = $(Package/zabbix-server/install)
-Package/zabbix-server-gnutls/install = $(Package/zabbix-server/install)
-
-define Package/zabbix-server-frontend/install
-	$(INSTALL_DIR) $(1)/www/zabbix
-	$(CP) $(PKG_BUILD_DIR)/ui/* $(1)/www/zabbix
-endef
 
 define Package/zabbix-proxy/install
 	$(call Package/zabbix/install/sbin,$(1),proxy)
 	$(call Package/zabbix/install/etc,$(1),proxy)
 endef
-Package/zabbix-proxy-openssl/install = $(Package/zabbix-proxy/install)
-Package/zabbix-proxy-gnutls/install = $(Package/zabbix-proxy/install)
 
 $(eval $(call BuildPackage,zabbix-agentd))
-$(eval $(call BuildPackage,zabbix-agentd-openssl))
-$(eval $(call BuildPackage,zabbix-agentd-gnutls))
 $(eval $(call BuildPackage,zabbix-extra-mac80211))
 $(eval $(call BuildPackage,zabbix-extra-network))
 $(eval $(call BuildPackage,zabbix-extra-wifi))
 $(eval $(call BuildPackage,zabbix-sender))
-$(eval $(call BuildPackage,zabbix-sender-openssl))
-$(eval $(call BuildPackage,zabbix-sender-gnutls))
 $(eval $(call BuildPackage,zabbix-server))
-$(eval $(call BuildPackage,zabbix-server-openssl))
-$(eval $(call BuildPackage,zabbix-server-gnutls))
-$(eval $(call BuildPackage,zabbix-server-frontend))
 $(eval $(call BuildPackage,zabbix-proxy))
-$(eval $(call BuildPackage,zabbix-proxy-openssl))
-$(eval $(call BuildPackage,zabbix-proxy-gnutls))
 $(eval $(call BuildPackage,zabbix-get))
-$(eval $(call BuildPackage,zabbix-get-openssl))
-$(eval $(call BuildPackage,zabbix-get-gnutls))