include $(TOPDIR)/rules.mk
PKG_NAME:=sudo
-PKG_VERSION:=1.9.12p2
+PKG_VERSION:=1.9.13p3
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.sudo.ws/dist
-PKG_HASH:=b9a0b1ae0f1ddd9be7f3eafe70be05ee81f572f6f536632c44cd4101bb2a8539
+PKG_HASH:=92334a12bb93e0c056b09f53e255ccb7d6f67c6350e2813cd9593ceeca78560b
PKG_MAINTAINER:=Alexandru Ardelean <ardeleanalex@gmail.com>
--- a/Makefile.in
+++ b/Makefile.in
-@@ -75,7 +75,7 @@ GREP = @GREP@
+@@ -73,7 +73,7 @@ EGREP = @EGREP@
SED = @SED@
INSTALL = $(SHELL) $(scriptdir)/install-sh -c
--- /dev/null
+# SPDX-License-Identifier: GPL-2.0-only
+#
+# Copyright (C) 2023 Luca Barbato
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=maturin
+PKG_VERSION:=0.14.15
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://codeload.github.com/PyO3/maturin/tar.gz/v$(PKG_VERSION)?
+PKG_HASH:=60cbf8ff73a36333c3f5483ca679a52169839db381f06683d8e61a6c00c28cf7
+
+PKG_MAINTAINER:=Luca Barbato <lu_zero@luminem.org>
+PKG_LICENSE:=Apache-2.0 MIT
+PKG_LICENSE_FILES:=license-apache license-mit
+
+HOST_BUILD_DEPENDS:=rust/host
+PKG_HOST_ONLY:=1
+
+include $(INCLUDE_DIR)/host-build.mk
+include $(INCLUDE_DIR)/package.mk
+include ../rust/rust-host-build.mk
+
+define Package/maturin
+ SECTION:=lang
+ CATEGORY:=Languages
+ SUBMENU:=Rust
+ TITLE:=Build and publish crates as python packages
+ DEPENDS:=$(RUST_ARCH_DEPENDS)
+ URL:=https://maturin.rs
+endef
+
+define Package/maturin/description
+ Build and publish crates with pyo3, rust-cpython, cffi and uniffi
+ bindings as well as rust binaries as python packages.
+endef
+
+$(eval $(call RustBinHostBuild))
+$(eval $(call HostBuild))
+$(eval $(call BuildPackage,maturin))
include $(TOPDIR)/rules.mk
PKG_NAME:=node
-PKG_VERSION:=v18.14.2
+PKG_VERSION:=v18.15.0
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://nodejs.org/dist/$(PKG_VERSION)
-PKG_HASH:=fbc364dd25fee2cacc0f2033db2d86115fc07575310ea0e64408b8170d09c685
+PKG_HASH:=8e44d65018ff973284195c23186469a0ea4082e97ec4200e5f5706d5584daa37
PKG_MAINTAINER:=Hirokazu MORIKAWA <morikw2@gmail.com>, Adrian Panella <ianchi74@outlook.com>
PKG_LICENSE:=MIT
'dependencies': [
'v8_base_without_compiler',
'v8_compiler_for_mksnapshot',
-@@ -1442,6 +1445,7 @@
+@@ -1450,6 +1453,7 @@
{
'target_name': 'torque',
'type': 'executable',
'dependencies': [
'torque_base',
# "build/win:default_exe_manifest",
-@@ -1480,6 +1484,7 @@
+@@ -1488,6 +1492,7 @@
{
'target_name': 'torque-language-server',
'type': 'executable',
'conditions': [
['want_separate_host_toolset', {
'toolsets': ['host'],
-@@ -1507,6 +1512,8 @@
+@@ -1515,6 +1520,8 @@
{
'target_name': 'gen-regexp-special-case',
'type': 'executable',
'include_dirs': [
'<(V8_ROOT)/include',
],
-@@ -1729,6 +1736,7 @@
+@@ -1737,6 +1744,7 @@
}],
],
'direct_dependent_settings': {
'include_dirs': [
'<(V8_ROOT)/include',
],
-@@ -1909,15 +1917,19 @@
+@@ -1917,15 +1925,19 @@
}],
],
'direct_dependent_settings': {
--- /dev/null
+--- a/tools/v8_gypfiles/v8.gyp
++++ b/tools/v8_gypfiles/v8.gyp
+@@ -242,6 +242,7 @@
+ 'sources': [
+ '<(V8_ROOT)/src/init/setup-isolate-full.cc',
+ ],
++ 'include_dirs': [ '<!@(echo "$STAGING_DIR"/usr/../usr/include)' ],
+ }, # v8_init
+ {
+ 'target_name': 'v8_initializers',
+@@ -714,6 +715,7 @@
+ 'v8_shared_internal_headers',
+ ],
+ 'sources': ['<@(v8_compiler_sources)'],
++ 'include_dirs': [ '<!@(echo "$STAGING_DIR"/usr/../usr/include)' ],
+ 'conditions': [
+ ['OS=="win"', {
+ 'msvs_precompiled_header': '<(V8_ROOT)/../../tools/msvs/pch/v8_pch.h',
+@@ -1431,6 +1433,7 @@
+ 'type': 'executable',
+ 'libraries!':[ '-lcrypto', '-lssl', '-lz', '-lhttp_parser', '-luv', '-lnghttp2', '-lcares' ],
+ 'library_dirs':[ '../../../../staging_dir/hostpkg/share/icu/current/lib' ],
++ 'include_dirs': [ '<!@(echo "$STAGING_DIR"/usr/../usr/include)' ],
+ 'dependencies': [
+ 'v8_base_without_compiler',
+ 'v8_compiler_for_mksnapshot',
+++ /dev/null
---- a/tools/v8_gypfiles/v8.gyp
-+++ b/tools/v8_gypfiles/v8.gyp
-@@ -714,6 +714,7 @@
- 'v8_shared_internal_headers',
- ],
- 'sources': ['<@(v8_compiler_sources)'],
-+ 'include_dirs': [ '<!@(echo "$STAGING_DIR"/usr/../usr/include)' ],
- 'conditions': [
- ['OS=="win"', {
- 'msvs_precompiled_header': '<(V8_ROOT)/../../tools/msvs/pch/v8_pch.h',
#
-# Copyright (C) 2022 Julien Malik <julien.malik@paraiso.me>
+# Copyright (C) 2023 Julien Malik <julien.malik@paraiso.me>
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(TOPDIR)/rules.mk
PKG_NAME:=borgbackup
-PKG_VERSION:=1.2.3
+PKG_VERSION:=1.2.4
PKG_RELEASE:=1
PYPI_NAME:=borgbackup
-PKG_HASH:=e32418f8633c96fa9681352a56eb63b98e294203472c114a5242709d36966785
+PKG_HASH:=a4bd54e9469e81b7a30a6711423115abc818d9cd844ecb1ca0e6104bc5374da8
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=LICENSE
include $(INCLUDE_DIR)/package.mk
include ../python3-package.mk
+# see #20462 and #12942: email and urllib shall come with python3-light
define Package/borgbackup
SECTION:=lang
CATEGORY:=Languages
URL:=https://github.com/borgbackup/borg
DEPENDS:= \
+python3-light \
+ +python3-codecs \
+ +python3-email \
+ +python3-logging \
+ +python3-lzma \
+python3-msgpack \
+ +python3-packaging \
+python3-pyfuse3 \
+ +python3-readline \
+ +python3-unittest \
+ +python3-urllib \
+ +python3-uuid \
+libacl \
+libopenssl \
+liblz4 \
+++ /dev/null
-# Rust Language Options
-menu "Compiler Options"
- visible if PACKAGE_rust
-
- config RUST_DEBUG
- bool "Enables Debugging Environment (--enable-debug)"
-
- config RUST_DOCS
- bool "Build standard library documentation (--enable-docs)"
-
- config RUST_COMPILER_DOCS
- bool "Build compiler documentation (--enable-compiler-docs)"
-
- config RUST_OPTIMIZE_TESTS
- bool "Build tests with optimizations (--enable-optimized-tests)"
-
- config RUST_PARALLEL
- bool "Build with multi-threaded support (--enable-parallel-compiler)"
-
- config RUST_VERBOSE_TESTS
- bool "Enable verbose output when running tests (--enable-verbose-tests)"
-
- config RUST_CCACHE
- bool "Build with ccache enabled (--enable-ccache)"
-
- config RUST_LLVM_STATIC
- bool "Statically link to libstdc++ to LLVM (--enable-llvm-static-stdccp)"
-
- config RUST_LLVM_SHARED
- bool "Prefer shared linking to LLVM (--enable-llvm-link-shared)"
-
- config RUST_CODEGEN_TESTS
- bool "Run the src/test/codegen tests (--enable-codegen-tests)"
-
- config RUST_OPTION_CHECKING
- bool "Complain about unrecognized options in this configure script (--enable-option-checking)"
- default y
-
- config RUST_ENABLE_NINJA
- bool "Build LLVM using the Ninja generator (--enable-ninja)"
- default y
-
- config RUST_LOCKED_DEPS
- bool "Force Cargo.lock to be up to date (--enable-locked-deps)"
-
- config RUST_VENDOR
- bool "Enable usage of vendored Rust crates (--enable-vendor)"
-
- config RUST_SANITIZERS
- bool "Build the sanitizer runtimes (asan, lsan, msan, tsan) (--enable-sanitizers)"
-
- config RUST_DIST_SRC
- bool "When building tarballs enables building a source tarball (--enable-dist-src)"
-
- config RUST_CARGO_NATIVE_STATIC
- bool "Build static native libraries in Cargo (--enable-cargo-native-static)"
-
- config RUST_PROFILER
- bool "Build the profiler runtime (--enable-profiler)"
-
- config RUST_FULL_TOOLS
- bool "Build all tools (--enable-full-tools)"
-
- config RUST_MISSING_TOOLS
- bool "Allow failures when building tools (--enable-missing-tools)"
- default y
-
- config RUST_USE_LIBCXX
- bool "Build LLVM with libc++ (--enable-use-libcxx)"
-
- config RUST_CONTROL_FLOW_GUARD
- bool "Enable Control Flow Guard (--enable-control-flow-guard)"
-
- config RUST_OPTIMIZE_LLVM
- bool "Build optimized LLVM (--enable-optimize-llvm)"
- default y
-
- config RUST_LLVM_ASSERTIONS
- bool "Build LLVM with assertions (--enable-llvm-assertions)"
-
- config RUST_DEBUG_ASSERTIONS
- bool "Build with debugging assertions (--enable-debug-assertions)"
-
- config RUST_LLVM_RELEASE_DEBUGINFO
- bool "Build LLVM with debugger metadata (--enable-llvm-release-debuginfo)"
-
- config RUST_MANAGE_SUBMODULES
- bool "Let the build manage the git submodules (--enable-manage-submodules)"
- default y
-
- config RUST_FULL_BOOTSTRAP
- bool "Full Bootstrap - Build three compilers instead of two (--enable-full-bootstrap)"
-
-endmenu
-
PKG_SOURCE:=rustc-$(PKG_VERSION)-src.tar.gz
PKG_SOURCE_URL:=https://static.rust-lang.org/dist/
PKG_HASH:=eaf4d8b19f23a232a4770fb53ab5e7acdedec11da1d02b0e5d491ca92ca96d62
-HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/rustc-$(PKG_VERSION)-src/
+HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/rustc-$(PKG_VERSION)-src
PKG_MAINTAINER:=Luca Barbato <lu_zero@luminem.org>
PKG_LICENSE:=Apache-2.0 MIT
HOST_BUILD_DEPENDS:=python3/host
PKG_HOST_ONLY:=1
-include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/host-build.mk
+include $(INCLUDE_DIR)/package.mk
+include ./rust-values.mk
-# rust environment variables
-include ./rust-host.mk
-
-# Rust Temp Directory
-RUST_TMP_DIR:=$(TMP_DIR)/rust-install
+define Package/rust
+ SECTION:=lang
+ CATEGORY:=Languages
+ SUBMENU:=Rust
+ TITLE:=Rust Programming Language Compiler
+ URL:=https://www.rust-lang.org/
+ DEPENDS:=$(RUST_ARCH_DEPENDS)
+endef
-RUST_INSTALL_HOST_FILENAME:=$(PKG_NAME)-$(PKG_VERSION)-$(RUSTC_HOST_ARCH)-install.tar.xz
-RUST_INSTALL_TARGET_FILENAME:=$(PKG_NAME)-$(PKG_VERSION)-$(RUSTC_TARGET_ARCH)-install.tar.xz
+define Package/rust/description
+ Rust is a multi-paradigm, general-purpose programming language designed for performance
+ and safety, especially safe concurrency. Rust is syntactically similar to C++, but can
+ guarantee memory safety by using a borrow checker to validate references.
+endef
# Rust-lang has an uninstall script
RUST_UNINSTALL:=$(CARGO_HOME)/lib/rustlib/uninstall.sh
--set=target.$(RUSTC_TARGET_ARCH).cc=$(TARGET_CC_NOCACHE) \
--set=target.$(RUSTC_TARGET_ARCH).cxx=$(TARGET_CXX_NOCACHE) \
--set=target.$(RUSTC_TARGET_ARCH).linker=$(TARGET_CC_NOCACHE) \
- --set=target.$(RUSTC_TARGET_ARCH).musl-root=$(TOOLCHAIN_DIR) \
- --set=target.$(RUSTC_TARGET_ARCH).ranlib=$(TARGET_RANLIB)
+ --set=target.$(RUSTC_TARGET_ARCH).ranlib=$(TARGET_RANLIB) \
+ $(if $(CONFIG_USE_MUSL),--set=target.$(RUSTC_TARGET_ARCH).musl-root=$(TOOLCHAIN_DIR))
# CARGO_HOME is an environmental
HOST_CONFIGURE_OPTS += CARGO_HOME="$(CARGO_HOME)"
--datadir=$(CARGO_HOME)/share \
--mandir=$(CARGO_HOME)/man \
--dist-compression-formats=xz \
- --enable-llvm-link-shared \
- --enable-llvm-plugins \
--enable-missing-tools \
- --enable-ninja \
--disable-sanitizers \
--release-channel=stable \
--enable-cargo-native-static \
+ --set=llvm.download-ci-llvm=true \
$(TARGET_CONFIGURE_ARGS)
-define Host/Prepare
- # Ensure rust temp directory
- [ -d $(RUST_TMP_DIR) ] || \
- mkdir -p $(RUST_TMP_DIR)
-
- $(call Host/Prepare/Default)
-endef
-
define Host/Uninstall
# Call the Uninstall script
[ -f $(RUST_UNINSTALL) ] && \
- $(BASH) $(RUST_UNINSTALL) || echo No Uninstall
-
- rm -rf $(RUST_TMP_DIR)
+ $(BASH) $(RUST_UNINSTALL) || echo No Uninstall
endef
-# Makes and then packages the dist artifacts
define Host/Compile
- cd $(HOST_BUILD_DIR) && \
- $(PYTHON) x.py --config ./config.toml dist build-manifest cargo llvm-tools \
- rustc rust-std rust-src
-
- $(call Host/PackageDist)
+ ( \
+ cd $(HOST_BUILD_DIR) ; \
+ $(PYTHON) x.py --config ./config.toml dist build-manifest cargo llvm-tools \
+ rustc rust-std rust-src ; \
+ )
endef
-# Distribution Artifacts are packaged by Host/PackageDist
-# We just need to extract and install
define Host/Install
- $(TAR) -C $(RUST_TMP_DIR) -xJf $(DL_DIR)/$(RUST_INSTALL_HOST_FILENAME) && \
- $(TAR) -C $(RUST_TMP_DIR) -xJf $(DL_DIR)/$(RUST_INSTALL_TARGET_FILENAME)
-
- cd $(RUST_TMP_DIR) && \
- find -iname "*.xz" -exec tar -xJf {} ";" && \
- find ./* -type f -name install.sh -execdir sh {} --prefix=$(CARGO_HOME) --disable-ldconfig \;
-
- echo -e "[target.$(RUSTC_TARGET_ARCH)]\nlinker = \"$(TARGET_CC_NOCACHE)\"\nrustflags = [\"-Ctarget-feature=-crt-static\", \"-Clink-args=$(RUSTC_LDFLAGS)\"]" > $(CARGO_HOME)/config
- echo -e "\n[profile.stripped]\ninherits = \"release\"\nopt-level = \"s\"\nstrip = true" >> $(CARGO_HOME)/config
-endef
-
-# Packages the Distribution Artifacts into HOST and TARGET bundles.
-define Host/PackageDist
( \
cd $(HOST_BUILD_DIR)/build/dist ; \
- $(TAR) -cJf $(DL_DIR)/$(RUST_INSTALL_TARGET_FILENAME) \
- rust-*-$(RUSTC_TARGET_ARCH).tar.xz ; \
- $(TAR) -cJf $(DL_DIR)/$(RUST_INSTALL_HOST_FILENAME) \
- --exclude rust-*-$(RUSTC_TARGET_ARCH).tar.xz *.xz ; \
+ find -iname "*.xz" -exec tar -xJf {} \; ; \
+ find ./* -type f -name install.sh -execdir sh {} --prefix=$(CARGO_HOME) --disable-ldconfig \; ; \
+ \
+ sed -e 's|@RUSTC_TARGET_ARCH@|$(RUSTC_TARGET_ARCH)|g' \
+ -e 's|@TARGET_CC_NOCACHE@|$(TARGET_CC_NOCACHE)|g' \
+ -e 's|@RUSTC_LDFLAGS@|$(RUSTC_LDFLAGS)|g' \
+ $(CURDIR)/files/cargo-config > $(CARGO_HOME)/config ; \
)
endef
-define Package/rust
- SECTION:=lang
- CATEGORY:=Languages
- TITLE:=Rust Programming Language Compiler
- URL:=https://www.rust-lang.org/
- DEPENDS:=$(RUST_ARCH_DEPENDS) \
- +pkg-config +libunwind +libopenssl +liblzma +libc
-endef
-
-define Package/rust/description
- Rust is a multi-paradigm, general-purpose programming language designed for performance
- and safety, especially safe concurrency. Rust is syntactically similar to C++, but can
- guarantee memory safety by using a borrow checker to validate references.
-endef
-
-define Package/rust/config
- source "$(SOURCE)/Config.in"
-endef
-
$(eval $(call HostBuild))
$(eval $(call BuildPackage,rust))
--- /dev/null
+[target.@RUSTC_TARGET_ARCH@]
+linker = "@TARGET_CC_NOCACHE@"
+rustflags = ["-Ctarget-feature=-crt-static", "-Clink-args=@RUSTC_LDFLAGS@"]
+
+[profile.stripped]
+inherits = "release"
+opt-level = "s"
+strip = true
+++ /dev/null
-# SPDX-License-Identifier: GPL-2.0-only
-#
-# Copyright (C) 2023 Luca Barbato
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=maturin
-PKG_VERSION:=0.14.10
-PKG_RELEASE:=1
-
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://codeload.github.com/PyO3/maturin/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=8fc9bcdcb7f1535d5e3e8bb500c348ca1bff5a6dce87b0ab7dbc5a49723da28a
-
-PKG_MAINTAINER:=Luca Barbato <lu_zero@luminem.org>
-PKG_LICENSE:=Apache-2.0 MIT
-PKG_LICENSE_FILES:=license-apache license-mit
-
-HOST_BUILD_DEPENDS:=rust/host
-PKG_BUILD_DEPENDS:=rust/host
-
-PKG_BUILD_PARALLEL:=1
-PKG_HOST_ONLY:=1
-
-include ../rust-package.mk
-include $(INCLUDE_DIR)/host-build.mk
-include $(INCLUDE_DIR)/package.mk
-
-define Package/maturin
- SECTION:=lang
- CATEGORY:=Languages
- SUBMENU:=Rust
- TITLE:=Build and publish crates as python packages
- DEPENDS:=$(RUST_ARCH_DEPENDS)
- URL:=https://maturin.rs
-endef
-
-define Host/Compile
- $(call Host/Compile/Cargo)
-endef
-
-define Package/maturin/description
- Build and publish crates with pyo3, rust-cpython, cffi and uniffi
- bindings as well as rust binaries as python packages.
-endef
-
-define Host/Install
- $(INSTALL_DIR) $(STAGING_DIR_HOSTPKG)/bin
- $(INSTALL_BIN) $(HOST_INSTALL_DIR)/bin/maturin $(STAGING_DIR_HOSTPKG)/bin/maturin
-endef
-
-$(eval $(call HostBuild))
-$(eval $(call BuildPackage,maturin))
--- /dev/null
+# SPDX-License-Identifier: GPL-2.0-only
+#
+# Copyright (C) 2023 Luca Barbato and Donald Hoskins
+
+ifeq ($(origin RUST_INCLUDE_DIR),undefined)
+ RUST_INCLUDE_DIR:=$(dir $(lastword $(MAKEFILE_LIST)))
+endif
+include $(RUST_INCLUDE_DIR)/rust-values.mk
+
+# $(1) path to the package (optional)
+# $(2) additional arguments to cargo (optional)
+define Host/Compile/Cargo
+ ( \
+ cd $(HOST_BUILD_DIR) ; \
+ export PATH="$(CARGO_HOME)/bin:$(PATH)" ; \
+ CARGO_HOME=$(CARGO_HOME) \
+ CC=$(HOSTCC_NOCACHE) \
+ cargo install -v \
+ --profile stripped \
+ $(if $(RUST_PKG_FEATURES),--features "$(RUST_PKG_FEATURES)") \
+ --root $(HOST_INSTALL_DIR) \
+ --path "$(if $(strip $(1)),$(strip $(1)),.)" $(2) ; \
+ )
+endef
+
+define Host/Uninstall/Cargo
+ ( \
+ cd $(HOST_BUILD_DIR) ; \
+ export PATH="$(CARGO_HOME)/bin:$(PATH)" ; \
+ CARGO_HOME=$(CARGO_HOME) \
+ CC=$(HOSTCC_NOCACHE) \
+ cargo uninstall -v \
+ --root $(HOST_INSTALL_DIR) || true ; \
+ )
+endef
+
+define RustBinHostBuild
+ define Host/Install
+ $(INSTALL_DIR) $(STAGING_DIR_HOSTPKG)/bin
+ $(INSTALL_BIN) $(HOST_INSTALL_DIR)/bin/* $(STAGING_DIR_HOSTPKG)/bin/
+ endef
+endef
+
+Host/Compile=$(call Host/Compile/Cargo)
+Host/Uninstall=$(call Host/Uninstall/Cargo)
+++ /dev/null
-# SPDX-License-Identifier: GPL-2.0-only
-#
-# Copyright (C) 2023 Luca Barbato and Donald Hoskins
-
-# Rust Environmental Vars
-CONFIG_HOST_SUFFIX:=$(word 4, $(subst -, ,$(GNU_HOST_NAME)))
-RUSTC_HOST_ARCH:=$(HOST_ARCH)-unknown-linux-$(CONFIG_HOST_SUFFIX)
-CARGO_HOME:=$(STAGING_DIR_HOST)/cargo
-
-# Support only a subset for now.
-RUST_ARCH_DEPENDS:=@(aarch64||arm||i386||i686||mips||mipsel||mips64||mips64el||mipsel||powerpc64||x86_64)
-
-# Common Build Flags
-RUST_BUILD_FLAGS = \
- CARGO_HOME="$(CARGO_HOME)"
-
-# This adds the rust environmental variables to Make calls
-MAKE_FLAGS += $(RUST_BUILD_FLAGS)
-
-# Force linking of the SSP library
-ifdef CONFIG_PKG_CC_STACKPROTECTOR_REGULAR
- ifeq ($(strip $(PKG_SSP)),1)
- RUSTC_LDFLAGS += -lssp_nonshared
- endif
-endif
-ifdef CONFIG_PKG_CC_STACKPROTECTOR_STRONG
- ifeq ($(strip $(PKG_SSP)),1)
- TARGET_CFLAGS += -lssp_nonshared
- endif
-endif
-
-# mips64 openwrt has a specific targed in rustc
-ifeq ($(ARCH),mips64)
- RUSTC_TARGET_ARCH:=$(REAL_GNU_TARGET_NAME)
-else
- RUSTC_TARGET_ARCH:=$(subst openwrt,unknown,$(REAL_GNU_TARGET_NAME))
-endif
-
-RUSTC_TARGET_ARCH:=$(subst muslgnueabi,musleabi,$(RUSTC_TARGET_ARCH))
-
-ifeq ($(ARCH),i386)
- RUSTC_TARGET_ARCH:=$(subst i486,i586,$(RUSTC_TARGET_ARCH))
-endif
-
-# ARM Logic
-ifeq ($(ARCH),arm)
- ifeq ($(CONFIG_arm_v7),y)
- RUSTC_TARGET_ARCH:=$(subst arm,armv7,$(RUSTC_TARGET_ARCH))
- endif
-
- ifeq ($(CONFIG_HAS_FPU),y)
- RUSTC_TARGET_ARCH:=$(subst musleabi,musleabihf,$(RUSTC_TARGET_ARCH))
- endif
-endif
-
-ifeq ($(ARCH),aarch64)
- RUST_CFLAGS:=-mno-outline-atomics
-endif
#
# Copyright (C) 2023 Luca Barbato and Donald Hoskins
-rust_mk_path:=$(dir $(lastword $(MAKEFILE_LIST)))
-include $(rust_mk_path)rust-host.mk
+# Variables (all optional) to be set in package Makefiles:
+#
+# RUST_PKG_FEATURES - list of options, default empty
+#
+# Space or comma separated list of features to activate
+#
+# e.g. RUST_PKG_FEATURES:=enable-foo,with-bar
-# $(1) path to the package
-# $(2) additional arguments to cargo
-define Host/Compile/Cargo
- ( \
- cd $(HOST_BUILD_DIR) ; \
- export PATH="$(CARGO_HOME)/bin:$(PATH)" ; \
- CARGO_HOME=$(CARGO_HOME) CC=$(HOSTCC) \
- cargo install -v --profile stripped --root $(HOST_INSTALL_DIR) --path "$(if $(strip $(1)),$(strip $(1)),.)" $(2) ; \
- )
-endef
+ifeq ($(origin RUST_INCLUDE_DIR),undefined)
+ RUST_INCLUDE_DIR:=$(dir $(lastword $(MAKEFILE_LIST)))
+endif
+include $(RUST_INCLUDE_DIR)/rust-values.mk
+
+# Support only a subset for now.
+RUST_ARCH_DEPENDS:=@(aarch64||arm||i386||i686||mips||mipsel||mips64||mips64el||mipsel||powerpc64||x86_64)
-# $(1) path to the package
-# $(2) additional arguments to cargo
+# $(1) path to the package (optional)
+# $(2) additional arguments to cargo (optional)
define Build/Compile/Cargo
( \
cd $(PKG_BUILD_DIR) ; \
export PATH="$(CARGO_HOME)/bin:$(PATH)" ; \
- CARGO_HOME=$(CARGO_HOME) TARGET_CFLAGS="$(TARGET_CFLAGS) $(RUST_CFLAGS)" TARGET_CC=$(TARGET_CC_NOCACHE) CC=cc \
- cargo install -v --profile stripped --target $(RUSTC_TARGET_ARCH) --root $(PKG_INSTALL_DIR) --path "$(if $(strip $(1)),$(strip $(1)),.)" $(2) ; \
+ CARGO_HOME=$(CARGO_HOME) \
+ TARGET_CFLAGS="$(TARGET_CFLAGS) $(RUST_CFLAGS)" \
+ TARGET_CC=$(TARGET_CC_NOCACHE) \
+ CC=$(HOSTCC) \
+ cargo install -v \
+ --profile stripped \
+ --target $(RUSTC_TARGET_ARCH) \
+ $(if $(strip $(RUST_PKG_FEATURES)),--features "$(strip $(RUST_PKG_FEATURES))") \
+ --root $(PKG_INSTALL_DIR) \
+ --path "$(if $(strip $(1)),$(strip $(1)),.)" \
+ $(2) ; \
)
endef
+
+define RustBinPackage
+ ifndef Package/$(1)/install
+ define Package/$(1)/install
+ $$(INSTALL_DIR) $$(1)/usr/bin/
+ $$(INSTALL_BIN) $$(PKG_INSTALL_DIR)/bin/* $$(1)/usr/bin/
+ endef
+ endif
+endef
+
+Build/Compile=$(call Build/Compile/Cargo)
--- /dev/null
+# SPDX-License-Identifier: GPL-2.0-only
+#
+# Copyright (C) 2023 Luca Barbato and Donald Hoskins
+
+# Rust Environmental Vars
+CONFIG_HOST_SUFFIX:=$(word 4, $(subst -, ,$(GNU_HOST_NAME)))
+RUSTC_HOST_ARCH:=$(HOST_ARCH)-unknown-linux-$(CONFIG_HOST_SUFFIX)
+CARGO_HOME:=$(STAGING_DIR_HOSTPKG)/cargo
+
+ifeq ($(CONFIG_USE_MUSL),y)
+# Force linking of the SSP library for musl
+ifdef CONFIG_PKG_CC_STACKPROTECTOR_REGULAR
+ ifeq ($(strip $(PKG_SSP)),1)
+ RUSTC_LDFLAGS += -lssp_nonshared
+ endif
+endif
+ifdef CONFIG_PKG_CC_STACKPROTECTOR_STRONG
+ ifeq ($(strip $(PKG_SSP)),1)
+ TARGET_CFLAGS += -lssp_nonshared
+ endif
+endif
+endif
+
+# mips64 openwrt has a specific targed in rustc
+ifeq ($(ARCH),mips64)
+ RUSTC_TARGET_ARCH:=$(REAL_GNU_TARGET_NAME)
+else
+ RUSTC_TARGET_ARCH:=$(subst openwrt,unknown,$(REAL_GNU_TARGET_NAME))
+endif
+
+RUSTC_TARGET_ARCH:=$(subst muslgnueabi,musleabi,$(RUSTC_TARGET_ARCH))
+
+ifeq ($(ARCH),i386)
+ RUSTC_TARGET_ARCH:=$(subst i486,i586,$(RUSTC_TARGET_ARCH))
+endif
+
+# ARM Logic
+ifeq ($(ARCH),arm)
+ ifeq ($(CONFIG_arm_v7),y)
+ RUSTC_TARGET_ARCH:=$(subst arm,armv7,$(RUSTC_TARGET_ARCH))
+ endif
+
+ ifeq ($(CONFIG_HAS_FPU),y)
+ RUSTC_TARGET_ARCH:=$(subst musleabi,musleabihf,$(RUSTC_TARGET_ARCH))
+ endif
+endif
+
+ifeq ($(ARCH),aarch64)
+ RUST_CFLAGS:=-mno-outline-atomics
+endif
+++ /dev/null
-ifeq ($(CONFIG_RUST_DEBUG),y)
-CONFIGURE_ARGS += --enable-debug
-endif
-
-ifeq ($(CONFIG_RUST_DOCS),y)
-CONFIGURE_ARGS += --enable-docs
-else
-CONFIGURE_ARGS += --disable-docs
-endif
-
-ifeq ($(CONFIG_RUST_COMPILER_DOCS),y)
-CONFIGURE_ARGS += --enable-compiler-docs
-else
-CONFIGURE_ARGS += --disable-compiler-docs
-endif
-
-ifeq ($(CONFIG_RUST_OPTIMIZE_TESTS),y)
-CONFIGURE_ARGS += --enable-optimize-tests
-endif
-
-ifeq ($(CONFIG_RUST_PARALLEL),y)
-CONFIGURE_ARGS += --enable-parallel-compiler
-endif
-
-ifeq ($(CONFIG_RUST_VERBOSE_TESTS),y)
-CONFIGURE_ARGS += --enable-verbose-tests
-endif
-
-ifeq ($(filter $(CONFIG_RUST_CCACHE) $(CCACHE),y),)
-CONFIGURE_ARGS += --enable-ccache
-endif
-
-ifeq ($(CONFIG_RUST_CCACHE),y)
-CONFIGURE_ARGS += --enable-ccache
-endif
-
-ifeq ($(CONFIG_RUST_LLVM_STATIC),y)
-CONFIGURE_ARGS += --enable-llvm-static-stdcpp
-endif
-
-ifeq ($(CONFIG_RUST_LLVM_SHARED),y)
-CONFIGURE_ARGS += --enable-llvm-link-shared
-endif
-
-ifeq ($(CONFIG_RUST_CODEGEN_TESTS),y)
-CONFIGURE_ARGS += --enable-codegen-tests
-endif
-
-ifeq ($(CONFIG_RUST_OPTION_CHECKING),y)
-CONFIGURE_ARGS += --enable-option-checking
-endif
-
-ifeq ($(CONFIG_RUST_ENABLE_NINJA),y)
-CONFIGURE_ARGS += --enable-ninja
-endif
-
-ifeq ($(CONFIG_RUST_LOCKED_DEPS),y)
-CONFIGURE_ARGS += --enable-locked-deps
-endif
-
-ifeq ($(CONFIG_RUST_VENDOR),y)
-CONFIGURE_ARGS += --enable-vendor
-endif
-
-ifeq ($(CONFIG_RUST_SANITIZERS),y)
-CONFIGURE_ARGS += --enable-sanitizers
-endif
-
-ifeq ($(CONFIG_RUST_DIST_SRC),y)
-CONFIGURE_ARGS += --enable-dist-src
-endif
-
-ifeq ($(CONFIG_RUST_CARGO_NATIVE_STATIC),y)
-CONFIGURE_ARGS += --enable-cargo-native-static
-endif
-
-ifeq ($(CONFIG_RUST_PROFILER),y)
-CONFIGURE_ARGS += --enable-profiler
-endif
-
-ifeq ($(CONFIG_RUST_FULL_TOOLS),y)
-CONFIGURE_ARGS += --enable-full-tools
-endif
-
-ifeq ($(CONFIG_RUST_MISSING_TOOLS),y)
-CONFIGURE_ARGS += --enable-missing-tools
-endif
-
-ifeq ($(CONFIG_RUST_USE_LIBCXX),y)
-CONFIGURE_ARGS += --enable-use-libcxx
-endif
-
-ifeq ($(CONFIG_RUST_CONTROL_FLOW_GUARD),y)
-CONFIGURE_ARGS += --enable-control-flow-guard
-endif
-
-ifeq ($(CONFIG_RUST_OPTIMIZE_LLVM),y)
-CONFIGURE_ARGS += --enable-optimize-llvm
-endif
-
-ifeq ($(CONFIG_RUST_LLVM_ASSERTIONS),y)
-CONFIGURE_ARGS += --enable-llvm-assertions
-endif
-
-ifeq ($(CONFIG_RUST_DEBUG_ASSERTIONS),y)
-CONFIGURE_ARGS += --enable-debug-assertions
-endif
-
-ifeq ($(CONFIG_RUST_LLVM_RELEASE_DEBUGINFO),y)
-CONFIGURE_ARGS += --enable-llvm-release-debuginfo
-endif
-
-ifeq ($(CONFIG_RUST_MANAGE_SUBMODULES),y)
-CONFIGURE_ARGS += --enable-manage-submodules
-endif
-
-ifeq ($(CONFIG_RUST_FULL_BOOTSTRAP),y)
-CONFIGURE_ARGS += --enable-full-bootstrap
-endif
PKG_NAME:=pcre2
PKG_VERSION:=10.37
-PKG_RELEASE:=$(AUTORELEASE)
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=@SF/pcre/$(PKG_NAME)/$(PKG_VERSION)
PKG_BUILD_DEPENDS:=zlib
include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/host-build.mk
include $(INCLUDE_DIR)/cmake.mk
define Package/libpcre2/default
TITLE:=A Perl Compatible Regular Expression library (32bit support)
endef
+CMAKE_HOST_OPTIONS += \
+ -DBUILD_SHARED_LIBS=ON \
+ -DPCRE2_BUILD_PCRE2_8=ON \
+ -DPCRE2_BUILD_PCRE2_16=ON \
+ -DPCRE2_BUILD_PCRE2_32=ON \
+ -DPCRE2_DEBUG=OFF \
+ -DPCRE2_DISABLE_PERCENT_ZT=ON \
+ -DPCRE2_SUPPORT_JIT=OFF \
+ -DPCRE2_SHOW_REPORT=OFF \
+ -DPCRE2_BUILD_PCRE2GREP=OFF \
+ -DPCRE2_BUILD_TESTS=OFF
+
CMAKE_OPTIONS += \
-DBUILD_SHARED_LIBS=ON \
-DPCRE2_BUILD_PCRE2_8=ON \
$(eval $(call BuildPackage,libpcre2))
$(eval $(call BuildPackage,libpcre2-16))
$(eval $(call BuildPackage,libpcre2-32))
+$(eval $(call HostBuild))
PKG_NAME:=rpcsvc-proto
PKG_VERSION:=1.4.3
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://github.com/thkukuk/rpcsvc-proto/releases/download/v$(PKG_VERSION)
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
+PKG_FIXUP:=autoreconf
HOST_BUILD_DEPENDS:=gettext-full/host
PKG_BUILD_DEPENDS:=rpcsvc-proto/host
PKG_NAME:=adblock
PKG_VERSION:=4.1.5
-PKG_RELEASE:=6
+PKG_RELEASE:=7
PKG_LICENSE:=GPL-3.0-or-later
PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>
#!/bin/sh
# dns based ad/abuse domain blocking
-# Copyright (c) 2015-2022 Dirk Brenken (dev@brenken.org)
+# Copyright (c) 2015-2023 Dirk Brenken (dev@brenken.org)
# This is free software, licensed under the GNU General Public License v3.
# disable (s)hellcheck in release
set firewall."adblock_${zone}${port}".src_dport="${port}"
set firewall."adblock_${zone}${port}".dest_port="${port}"
set firewall."adblock_${zone}${port}".target="DNAT"
+ set firewall."adblock_${zone}${port}".family="any"
EOC
fi
fwcfg="${fwcfg/adblock_${zone}${port}[ |\$]/}"
src_name="${mode}"
if [ "${src_name}" = "blacklist" ] && [ -f "${adb_blacklist}" ]; then
rset="/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}"
- "${adb_awk}" "${rset}" "${adb_blacklist}" |
- "${adb_awk}" 'BEGIN{FS="."}{for(f=NF;f>1;f--)printf "%s.",$f;print $1}' >"${adb_tmpdir}/tmp.raw.${src_name}"
+ "${adb_awk}" "${rset}" "${adb_blacklist}" >"${adb_tmpdir}/tmp.raw.${src_name}"
+ if [ -s "${adb_whitelist}" ]; then
+ "${adb_awk}" 'NR==FNR{member[$1];next}!($1 in member)' "${adb_whitelist}" "${adb_tmpdir}/tmp.raw.${src_name}" >"${adb_tmpdir}/tmp.deduplicate.${src_name}"
+ else
+ cat "${adb_tmpdir}/tmp.raw.${src_name}" >"${adb_tmpdir}/tmp.deduplicate.${src_name}"
+ fi
+ "${adb_awk}" 'BEGIN{FS="."}{for(f=NF;f>1;f--)printf "%s.",$f;print $1}' "${adb_tmpdir}/tmp.deduplicate.${src_name}" >"${adb_tmpdir}/tmp.raw.${src_name}"
"${adb_sort}" ${adb_srtopts} -u "${adb_tmpdir}/tmp.raw.${src_name}" 2>/dev/null >"${adb_tmpfile}.${src_name}"
out_rc="${?}"
rm -f "${adb_tmpdir}/tmp.raw.${src_name}"
"descurl": "https://github.com/hoshsadiq/adblock-nocoin-list"
},
"cpbl": {
- "url": "https://raw.githubusercontent.com/bongochong/CombinedPrivacyBlockLists/master/NoFormatting/BlacklistedDomains.txt",
+ "url": "https://raw.githubusercontent.com/bongochong/CombinedPrivacyBlockLists/master/NoFormatting/cpbl-ctld.txt",
"rule": "/^([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}",
"size": "XL",
"focus": "compilation",
PKG_NAME:=banip
PKG_VERSION:=0.8.2
-PKG_RELEASE:=2
+PKG_RELEASE:=4
PKG_LICENSE:=GPL-3.0-or-later
PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>
| ban_dev | list | - / autodetect | wan device(s), e.g. 'eth2' |
| ban_trigger | list | - | logical startup trigger interface(s), e.g. 'wan' |
| ban_triggerdelay | option | 10 | trigger timeout before banIP processing begins |
+| ban_triggeraction | option | start | trigger action on ifup events, e.g. start, restart or reload |
| ban_deduplicate | option | 1 | deduplicate IP addresses across all active sets |
| ban_splitsize | option | 0 | split ext. sets after every n lines/members (saves RAM) |
| ban_cores | option | - / autodetect | limit the cpu cores used by banIP (saves RAM) |
| ban_mailsender | option | no-reply@banIP | sender address for banIP related notification E-Mails |
| ban_mailtopic | option | banIP notification | topic for banIP related notification E-Mails |
| ban_mailprofile | option | ban_notify | mail profile used in 'msmtp' for banIP related notification E-Mails |
+| ban_mailnotification | option | 0 | receive E-Mail notifications with every banIP run |
| ban_reportelements | option | 1 | list set elements in the report, disable this to speed up the report significantly |
| ban_resolver | option | - | external resolver used for DNS lookups |
ban_mailreceiver=""
ban_mailtopic="banIP notification"
ban_mailprofile="ban_notify"
+ban_mailnotifcation="0"
ban_reportelements="1"
ban_nftloglevel="warn"
ban_nftpriority="-200"
fi
fi
if [ "${class}" = "err" ]; then
- f_genstatus "error"
+ "${ban_nftcmd}" delete table inet banIP >/dev/null 2>&1
+ if [ "${ban_enabled}" = "1" ]; then
+ f_genstatus "error"
+ [ "${ban_mailnotification}" = "1" ] && [ -n "${ban_mailreceiver}" ] && [ -x "${ban_mailcmd}" ] && f_mail
+ else
+ f_genstatus "disabled"
+ fi
f_rmdir "${ban_tmpdir}"
+ f_rmpid
rm -rf "${ban_lock}"
exit 1
fi
# get wan devices
#
f_getdev() {
- local dev iface update="0" cnt="0" cnt_max="10"
+ local dev iface update="0" cnt="0" cnt_max="30"
if [ "${ban_autodetect}" = "1" ]; then
- while [ -z "${ban_dev}" ] && [ "${cnt}" -le "${cnt_max}" ]; do
+ while [ "${cnt}" -lt "${cnt_max}" ] && [ -z "${ban_dev}" ]; do
network_flush_cache
for iface in ${ban_ifv4} ${ban_ifv6}; do
network_get_device dev "${iface}"
fi
runtime="action: ${ban_action:-"-"}, duration: ${duration:-"-"}, date: $(date "+%Y-%m-%d %H:%M:%S")"
fi
- f_system
[ ${ban_splitsize:-"0"} -gt "0" ] && split="1"
: >"${ban_rtfile}"
[ -s "${report_jsn}" ] && cat "${report_jsn}"
;;
"mail")
- [ -x "${ban_mailcmd}" ] && f_mail
+ [ -n "${ban_mailreceiver}" ] && [ -x "${ban_mailcmd}" ] && f_mail
;;
esac
+ rm -f "${report_txt}"
}
# set search
f_search() {
local table_sets ip proto run_search search="${1}"
- f_system
- run_search="/var/run/banIP.search"
-
if [ -n "${search}" ]; then
ip="$(printf "%s" "${search}" | "${ban_awkcmd}" 'BEGIN{RS="(([0-9]{1,3}\\.){3}[0-9]{1,3})+"}{printf "%s",RT}')"
[ -n "${ip}" ] && proto="v4"
printf "%s\n%s\n%s\n" ":::" "::: banIP Search" ":::"
printf "%s\n" " Looking for IP '${ip}' on $(date "+%Y-%m-%d %H:%M:%S")"
printf "%s\n" " ---"
- cnt=1
+ cnt="1"
+ run_search="/var/run/banIP.search"
for set in ${table_sets}; do
(
if "${ban_nftcmd}" get element inet banIP "${set}" "{ ${ip} }" >/dev/null 2>&1; then
f_survey() {
local set_elements set="${1}"
- f_system
[ -n "${set}" ] && set_elements="$("${ban_nftcmd}" -j list set inet banIP "${set}" 2>/dev/null | jsonfilter -qe '@.nftables[*].set.elem[*]')"
if [ -z "${set}" ] || [ -z "${set_elements}" ]; then
# load mail template
#
- [ ! -r "${ban_mailtemplate}" ] && f_log "err" "the mail template is missing"
- . "${ban_mailtemplate}"
-
- [ -z "${ban_mailreceiver}" ] && f_log "err" "the option 'ban_mailreceiver' is missing"
- [ -z "${mail_text}" ] && f_log "err" "the 'mail_text' is empty"
+ [ -r "${ban_mailtemplate}" ] && . "${ban_mailtemplate}" || f_log "info" "the mail template is missing"
+ [ -z "${mail_text}" ] && f_log "info" "the 'mail_text' template variable is empty"
[ "${ban_debug}" = "1" ] && msmtp_debug="--debug"
# send mail
f_log "info" "failed to send status mail (${?})"
fi
- f_log "debug" "f_mail ::: template: ${ban_mailtemplate}, profile: ${ban_mailprofile}, receiver: ${ban_mailreceiver}, rc: ${?}"
+ f_log "debug" "f_mail ::: notification: ${ban_mailnotification}, template: ${ban_mailtemplate}, profile: ${ban_mailprofile}, receiver: ${ban_mailreceiver}, rc: ${?}"
}
# check banIP availability and initial sourcing
#
+f_system
if [ "${ban_action}" != "stop" ]; then
if [ -r "/lib/functions.sh" ] && [ -r "/lib/functions/network.sh" ] && [ -r "/usr/share/libubox/jshn.sh" ]; then
. "/lib/functions.sh"
#
if [ "${ban_action}" != "reload" ]; then
if [ -x "${ban_fw4cmd}" ]; then
- cnt=0
- while [ "${cnt}" -lt "10" ] && ! /etc/init.d/firewall status | grep -q "^active"; do
+ cnt="0"
+ while [ "${cnt}" -lt "30" ] && ! /etc/init.d/firewall status >/dev/null 2>&1; do
cnt="$((cnt + 1))"
sleep 1
done
- if ! /etc/init.d/firewall status | grep -q "^active"; then
+ if ! /etc/init.d/firewall status >/dev/null 2>&1; then
f_log "err" "nft based firewall/fw4 not functional"
fi
else
done
wait
-# start domain lookup
+# start background domain lookup
#
f_log "info" "start detached banIP domain lookup"
(f_lookup "allowlist") &
[ "${hold}" = "0" ] && wait
(f_lookup "blocklist") &
-# tidy up
+# end processing
#
f_rmset
f_rmdir "${ban_tmpdir}"
f_genstatus "active"
+[ "${ban_mailnotification}" = "1" ] && [ -n "${ban_mailreceiver}" ] && [ -x "${ban_mailcmd}" ] && f_mail
f_log "info" "finished banIP download processes"
rm -rf "${ban_lock}"
-# start log service
+# start detached log service
#
if [ -x "${ban_logreadcmd}" ] && [ -n "${ban_logterm%%??}" ]; then
f_log "info" "start detached banIP log service"
fi
done
-# start no-op service loop
+# start detached no-op service loop
#
else
f_log "info" "start detached no-op banIP service (logterms are missing)"
}
service_triggers() {
- local iface trigger delay
+ local iface trigger trigger_action delay
trigger="$(uci_get banip global ban_trigger)"
+ trigger_action="$(uci_get banip global ban_triggeraction "start")"
delay="$(uci_get banip global ban_triggerdelay "10")"
PROCD_RELOAD_DELAY=$((delay * 1000))
for iface in ${trigger}; do
- procd_add_interface_trigger "interface.*.up" "${iface}" "${ban_init}" "start"
+ procd_add_interface_trigger "interface.*.up" "${iface}" "${ban_init}" "${trigger_action}"
done
procd_add_reload_trigger "banip"
}
include $(TOPDIR)/rules.mk
PKG_NAME:=cloudflared
-PKG_VERSION:=2023.3.0
+PKG_VERSION:=2023.3.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/cloudflare/cloudflared/tar.gz/$(PKG_VERSION)?
-PKG_HASH:=90fad1f6eb59689e06d09837c5ec9a3e7e3d177fea15190027f60c5b9e7950be
+PKG_HASH:=cdd0f02fc4170842c8210db2b700bad88d8a7b5d00fb8f7336073737f11fc718
PKG_LICENSE:=Apache-2.0
PKG_LICENSE_FILES:=LICENSE
config LIBCURL_UNIX_SOCKETS
bool "Enable unix domain socket support"
- default n
+ default y
help
Enable HTTP over unix domain sockets.
To use this with the curl command line, you specify the socket path to the new --unix-domain option.
PKG_NAME:=curl
PKG_VERSION:=7.88.1
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://github.com/curl/curl/releases/download/curl-$(subst .,_,$(PKG_VERSION))/ \
include $(TOPDIR)/rules.mk
PKG_NAME:=dnslookup
-PKG_VERSION:=1.8.1
+PKG_VERSION:=1.9.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/ameshkov/dnslookup/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=51b9cbc626e091eb7a98bc326ad026f36d95f8b5917f71f13011466fcdddb3f9
+PKG_HASH:=ac108b80f5d7b510ce1fdb1880470d177c5b89cf228c34302442527cf68bb76e
PKG_MAINTAINER:=Tianling Shen <cnsztl@immortalwrt.org>
PKG_LICENSE:=MIT
include $(TOPDIR)/rules.mk
PKG_NAME:=dnsproxy
-PKG_VERSION:=0.48.0
+PKG_VERSION:=0.48.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/AdguardTeam/dnsproxy/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=b63d10b0f7d4ede68aae9bda9ef306a0673c8ca97ef9d57b838edb53e0023f8b
+PKG_HASH:=fd385b3414e616aef5d96b7b007d5fc4fd21b73d6bc097811508e9ddb9b3f4cb
PKG_MAINTAINER:=Tianling Shen <cnsztl@immortalwrt.org>
PKG_LICENSE:=Apache-2.0
CONFIG_GENSIO_TCL \
CONFIG_GENSIO_SSHD
-PKG_BUILD_DEPENDS:=PACKAGE_python3-gensio:swig
+PKG_BUILD_DEPENDS:=PACKAGE_python3-gensio:swig/host
include $(INCLUDE_DIR)/package.mk
include ../../lang/python/python3-package.mk
define Package/python3-gensio
$(call Package/gensio/Default)
- TITLE+= (Python3-bindings)
+ TITLE+= (Python bindings)
SECTION:=lang
CATEGORY:=Languages
- DEPENDS:=+PACKAGE_python3-gensio:python3-light +libgensio
+ SUBMENU:=Python
+ DEPENDS:=+PACKAGE_python3-gensio:python3-light +libgensiocpp
endef
define Package/python3-gensio/description
include $(TOPDIR)/rules.mk
PKG_NAME:=haproxy
-PKG_VERSION:=2.6.9
+PKG_VERSION:=2.6.11
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.haproxy.org/download/2.6/src
-PKG_HASH:=f01a1c5f465dc1b5cd175d0b28b98beb4dfe82b5b5b63ddcc68d1df433641701
+PKG_HASH:=e0bc430ac407747b077bc88ee6922b4616fa55a9e0f3ec84438dfb055eb9a715
PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>, \
Christian Lachner <gladiac@gmail.com>
#!/bin/sh
CLONEURL=https://git.haproxy.org/git/haproxy-2.6.git
-BASE_TAG=v2.6.9
+BASE_TAG=v2.6.11
TMP_REPODIR=tmprepo
PATCHESDIR=patches
include $(TOPDIR)/rules.mk
PKG_NAME:=natmap
-PKG_VERSION:=20221225
+PKG_VERSION:=20230322
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/heiher/natmap/releases/download/$(PKG_VERSION)
-PKG_HASH:=cc19a5b876fd75424619ae90aa6b0414a438c1f6f55537b9b28f1c23d925f6ff
+PKG_HASH:=d1abe36eb4deac725e2d20674590fc726b8c79d21b053b40059b093592fd8b8a
PKG_MAINTAINER:=Richard Yu <yurichard3839@gmail.com>
PKG_LICENSE:=MIT
option udp_mode '1'
option interface ''
option interval ''
- option stun_server 'stun.stunprotocol.org'
+ option stun_server 'stunserver.stunprotocol.org'
option http_server 'example.com'
option port '8080'
option forward_target ''
include $(TOPDIR)/rules.mk
PKG_NAME:=netbird
-PKG_VERSION:=0.14.3
+PKG_VERSION:=0.14.5
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/netbirdio/netbird/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=ce56a0419cea1296f4b61d1ecb04e5f812805538e17f5211c5f05ed2b5b98dbc
+PKG_HASH:=2ea6be9c50a5ac241fbae35934c9c710697de39e8a0393f8e1800285a7904d0d
PKG_MAINTAINER:=Oskari Rauta <oskari.rauta@gmail.com>
PKG_LICENSE:=BSD-3-Clause
include $(TOPDIR)/rules.mk
PKG_NAME:=samba
-PKG_VERSION:=4.17.5
+PKG_VERSION:=4.18.0
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
http://www.nic.funet.fi/index/samba/pub/samba/stable/ \
http://samba.mirror.bit.nl/samba/ftp/stable/ \
https://download.samba.org/pub/samba/stable/
-PKG_HASH:=ebb7880d474ffc09d73b5fc77bcbd657f6235910337331a9c24d7f69ca11442b
+PKG_HASH:=70348656ef807be9c8be4465ca157cef4d99818e234253d2c684cc18b8408149
PKG_LICENSE:=GPL-3.0-only
PKG_LICENSE_FILES:=COPYING
+
+check_system_heimdal_binary("compile_et")
+check_system_heimdal_binary("asn1_compile")
---- a/wscript_configure_system_heimdal
-+++ b/wscript_configure_system_heimdal
-@@ -37,14 +37,6 @@ def check_system_heimdal_lib(name, funct
- conf.define('USING_SYSTEM_%s' % name.upper(), 1)
- return True
-
--def check_system_heimdal_binary(name):
-- if conf.LIB_MAY_BE_BUNDLED(name):
-- return False
-- if not conf.find_program(name, var=name.upper()):
-- return False
-- conf.define('USING_SYSTEM_%s' % name.upper(), 1)
-- return True
--
- check_system_heimdal_lib("com_err", "com_right_r com_err", "com_err.h")
-
- if check_system_heimdal_lib("roken", "rk_socket_set_reuseaddr", "roken.h"):
-@@ -86,9 +78,6 @@ finally:
- #if conf.CHECK_BUNDLED_SYSTEM('tommath', checkfunctions='mp_init', headers='tommath.h'):
- # conf.define('USING_SYSTEM_TOMMATH', 1)
-
--check_system_heimdal_binary("compile_et")
--check_system_heimdal_binary("asn1_compile")
--
- conf.env.KRB5_VENDOR = 'heimdal'
- conf.define('USING_SYSTEM_KRB5', 1)
- conf.define('USING_SYSTEM_HEIMDAL', 1)
--- a/source4/lib/messaging/messaging.c
+++ b/source4/lib/messaging/messaging.c
-@@ -525,7 +525,7 @@ static struct imessaging_context *imessa
+@@ -526,7 +526,7 @@ static struct imessaging_context *imessa
goto fail;
}
--- a/lib/replace/wscript
+++ b/lib/replace/wscript
-@@ -436,22 +436,13 @@ def configure(conf):
+@@ -434,22 +434,13 @@ def configure(conf):
conf.CHECK_FUNCS('prctl dirname basename')
conf.CHECK_CODE('''
struct ucred cred;
-@@ -834,9 +825,6 @@ syscall(SYS_copy_file_range,0,NULL,0,NUL
+@@ -832,9 +823,6 @@ syscall(SYS_copy_file_range,0,NULL,0,NUL
# look for a method of finding the list of network interfaces
for method in ['HAVE_IFACE_GETIFADDRS', 'HAVE_IFACE_AIX', 'HAVE_IFACE_IFCONF', 'HAVE_IFACE_IFREQ']:
if conf.CHECK_CODE('''
#define %s 1
#define NO_CONFIG_H 1
-@@ -849,7 +837,7 @@ syscall(SYS_copy_file_range,0,NULL,0,NUL
+@@ -847,7 +835,7 @@ syscall(SYS_copy_file_range,0,NULL,0,NUL
#include "tests/getifaddrs.c"
''' % method,
method,
addmain=False,
execute=True):
break
-@@ -897,7 +885,6 @@ def build(bld):
+@@ -895,7 +883,6 @@ def build(bld):
break
extra_libs = ''
include $(TOPDIR)/rules.mk
PKG_NAME:=sing-box
-PKG_VERSION:=1.1.6
+PKG_VERSION:=1.2.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/SagerNet/sing-box/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=2fdf93fd49c9375cd14b2fe2e2163cbad4b65d0cfa422c592855e7810036ef56
+PKG_HASH:=0f304b75c2e9f61e3f7808f23fe8fbe08161553475d9bec0dea4a5acf4452d2d
PKG_LICENSE:=GPL-3.0-or-later
PKG_LICENSE_FILES:=LICENSE
GO_PKG:=github.com/sagernet/sing-box
GO_PKG_BUILD_PKG:=$(GO_PKG)/cmd/sing-box
+GO_PKG_LDFLAGS_X:=$(GO_PKG)/constant.Version=$(PKG_VERSION)
+
include $(INCLUDE_DIR)/package.mk
include ../../lang/golang/golang-package.mk
bool "Build with Clash API support"
default y
+ config SINGBOX_WITH_DHCP
+ bool "Build with DHCP support, see DHCP DNS transport."
+
config SINGBOX_WITH_ECH
bool "Build with TLS ECH extension support for TLS outbound"
bool "Build with QUIC support"
default y
+ config SINGBOX_WITH_REALITY_SERVER
+ bool "Build with reality TLS server support, see TLS."
+ default y
+
config SINGBOX_WITH_SHADOWSOCKSR
bool "Build with ShadowsocksR support"
PKG_CONFIG_DEPENDS:= \
CONFIG_SINGBOX_WITH_ACME \
CONFIG_SINGBOX_WITH_CLASH_API \
+ CONFIG_SINGBOX_WITH_DHCP \
CONFIG_SINGBOX_WITH_ECH \
CONFIG_SINGBOX_WITH_EMBEDDED_TOR \
CONFIG_SINGBOX_WITH_GRPC \
CONFIG_SINGBOX_WITH_GVISOR \
CONFIG_SINGBOX_WITH_LWIP \
CONFIG_SINGBOX_WITH_QUIC \
+ CONFIG_SINGBOX_WITH_REALITY_SERVER \
CONFIG_SINGBOX_WITH_SHADOWSOCKSR \
CONFIG_SINGBOX_WITH_UTLS \
CONFIG_SINGBOX_WITH_V2RAY_API \
GO_PKG_TAGS:=$(subst $(space),$(comma),$(strip \
$(if $(CONFIG_SINGBOX_WITH_ACME),with_acme) \
$(if $(CONFIG_SINGBOX_WITH_CLASH_API),with_clash_api) \
+ $(if $(CONFIG_SINGBOX_WITH_DHCP),with_dhcp) \
$(if $(CONFIG_SINGBOX_WITH_ECH),with_ech) \
$(if $(CONFIG_SINGBOX_WITH_EMBEDDED_TOR),with_embedded_tor) \
$(if $(CONFIG_SINGBOX_WITH_GRPC),with_grpc) \
$(if $(CONFIG_SINGBOX_WITH_LWIP),with_lwip) \
$(if $(CONFIG_SINGBOX_WITH_QUIC),with_quic) \
$(if $(CONFIG_SINGBOX_WITH_SHADOWSOCKSR),with_shadowsocksr) \
+ $(if $(CONFIG_SINGBOX_WITH_REALITY_SERVER),with_reality_server) \
$(if $(CONFIG_SINGBOX_WITH_UTLS),with_utls) \
$(if $(CONFIG_SINGBOX_WITH_V2RAY_API),with_v2ray_api) \
$(if $(CONFIG_SINGBOX_WITH_WIREGUARD),with_wireguard) \
include $(TOPDIR)/rules.mk
PKG_NAME:=transmission
-PKG_VERSION:=4.0.1
+PKG_VERSION:=4.0.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://github.com/transmission/transmission/releases/download/$(PKG_VERSION)/
-PKG_HASH:=8fc5aef23638c983406f6a3ee9918369e4cdc84e3228bd2fb3d01dd55cdad900
+PKG_HASH:=39bf7a104a722805a9dc089cdaaffe33bf90b82230a7ea7f340cae59f00a2ee8
PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
PKG_LICENSE:=GPL-2.0-or-later
include $(TOPDIR)/rules.mk
PKG_NAME:=v2rayA
-PKG_VERSION:=1.5.9.1698.1
-PKG_RELEASE:=4
+PKG_VERSION:=2.0.4
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/v2rayA/v2rayA/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=247a357230c616bf48309c61d119686e4ad56939c05afef584c45051e9dc6220
+PKG_HASH:=fb0c60d95cd208e3306cf9c5488f41fe7cf6697d58dc377e5e7d471e37ce9060
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)/service
PKG_LICENSE:=AGPL-3.0-only
PKG_USE_MIPS16:=0
GO_PKG:=github.com/v2rayA/v2rayA
-GO_PKG_LDFLAGS_X:=$(GO_PKG)/conf.Version=$(PKG_VERSION)
+GO_PKG_LDFLAGS_X:= \
+ $(GO_PKG)/conf.Version=$(PKG_VERSION) \
+ $(GO_PKG)/core/iptables.TproxyNotSkipBr=true
include $(INCLUDE_DIR)/package.mk
include ../../lang/golang/golang-package.mk
URL:=https://codeload.github.com/v2rayA/v2raya-web/tar.gz/v$(PKG_VERSION)?
URL_FILE:=$(WEB_FILE)
FILE:=$(WEB_FILE)
- HASH:=149097a42c3e5fa6f5c3cd46d1bf7ec4546e79ad37c1446b759539e700bd75e2
+ HASH:=39eacb70753b309a0f44ede282ad01b5c6a13d51bed72d0f5563574de9bea0b7
endef
define Build/Prepare
# Make sure your IPv6 network works fine before you turn it on.
# Optional values: auto, on, off.
- option ipv6_support 'on'
+ option ipv6_support 'auto'
# Experimental feature. Make sure you have installed nftables.
# Optional values: auto, on, off.
- option nftables_support 'on'
+ option nftables_support 'auto'
# Optional values: trace, debug, info, warn or error
option log_level 'info'
# v2rayA will pass in the --stage (pre-start, post-start, pre-stop, post-stop) argument.
option plugin_manager ''
- # Specify the certification path instead of automatically generating a self-signed certificate.
- # Example: /etc/v2raya/grpc_certificate.crt,/etc/v2raya/grpc_private.key
- option vless_grpc_inbound_cert_key ''
-
append_env_arg "config" "address" "0.0.0.0:2017"
append_env_arg "config" "config" "/etc/v2raya"
- append_env_arg "config" "ipv6_support" "on"
- append_env_arg "config" "nftables_support" "on"
+ append_env_arg "config" "ipv6_support" "auto"
+ append_env_arg "config" "nftables_support" "auto"
append_env_arg "config" "log_level" "info"
append_env_arg "config" "log_file" "/var/log/v2raya/v2raya.log"
append_env_arg "config" "log_max_days" "3"
append_env_arg "config" "transparent_hook"
append_env_arg "config" "core_hook"
append_env_arg "config" "plugin_manager"
- append_env_arg "config" "vless_grpc_inbound_cert_key"
append_env_bool "config" "log_disable_color"
append_env_bool "config" "log_disable_timestamp"
+++ /dev/null
-From ca6a05273284daa04856a840e64f3936f700b7c3 Mon Sep 17 00:00:00 2001
-From: mzz2017 <mzz@tuta.io>
-Date: Fri, 16 Sep 2022 15:13:11 +0800
-Subject: [PATCH] fix: we should skip interface ppp+ to avoid to break net
-
----
- service/core/iptables/tproxy.go | 6 +++++-
- 1 file changed, 5 insertions(+), 1 deletion(-)
-
---- a/core/iptables/tproxy.go
-+++ b/core/iptables/tproxy.go
-@@ -16,7 +16,7 @@ var Tproxy tproxy
- func (t *tproxy) AddIPWhitelist(cidr string) {
- // avoid duplication
- t.RemoveIPWhitelist(cidr)
-- pos := 5
-+ pos := 7
- if configure.GetSettingNotNil().AntiPollution != configure.AntipollutionClosed {
- pos += 3
- }
-@@ -67,6 +67,8 @@ iptables -w 2 -t mangle -A TP_RULE -j CO
- iptables -w 2 -t mangle -A TP_RULE -m mark --mark 0x40/0xc0 -j RETURN
- iptables -w 2 -t mangle -A TP_RULE -i docker+ -j RETURN
- iptables -w 2 -t mangle -A TP_RULE -i veth+ -j RETURN
-+iptables -w 2 -t mangle -A TP_RULE -i ppp+ -j RETURN
-+iptables -w 2 -t mangle -A TP_RULE -i dn42-+ -j RETURN
- `
- if configure.GetSettingNotNil().AntiPollution != configure.AntipollutionClosed {
- commands += `
-@@ -125,6 +127,8 @@ ip6tables -w 2 -t mangle -A TP_RULE -j C
- ip6tables -w 2 -t mangle -A TP_RULE -m mark --mark 0x40/0xc0 -j RETURN
- ip6tables -w 2 -t mangle -A TP_RULE -i docker+ -j RETURN
- ip6tables -w 2 -t mangle -A TP_RULE -i veth+ -j RETURN
-+ip6tables -w 2 -t mangle -A TP_RULE -i ppp+ -j RETURN
-+ip6tables -w 2 -t mangle -A TP_RULE -i dn42-+ -j RETURN
- `
- if configure.GetSettingNotNil().AntiPollution != configure.AntipollutionClosed {
- commands += `
+++ /dev/null
-From 5db722b22b39642280572a62b149d4e1efa21ce3 Mon Sep 17 00:00:00 2001
-From: mzz2017 <mzz@tuta.io>
-Date: Mon, 8 Aug 2022 22:30:36 +0800
-Subject: [PATCH] fix: seed cannot be read from vless sharing-link and add
- missing sni field. #616
-
----
- service/core/serverObj/v2ray.go | 24 +++++++++++-------------
- 1 file changed, 11 insertions(+), 13 deletions(-)
-
---- a/core/serverObj/v2ray.go
-+++ b/core/serverObj/v2ray.go
-@@ -12,7 +12,6 @@ import (
- "time"
-
- jsoniter "github.com/json-iterator/go"
-- "github.com/tidwall/gjson"
- "github.com/v2rayA/v2rayA/common"
- "github.com/v2rayA/v2rayA/core/coreObj"
- "github.com/v2rayA/v2rayA/core/v2ray/service"
-@@ -39,6 +38,7 @@ type V2Ray struct {
- Net string `json:"net"`
- Type string `json:"type"`
- Host string `json:"host"`
-+ SNI string `json:"sni"`
- Path string `json:"path"`
- TLS string `json:"tls"`
- Flow string `json:"flow,omitempty"`
-@@ -69,7 +69,8 @@ func ParseVlessURL(vless string) (data *
- ID: u.User.String(),
- Net: u.Query().Get("type"),
- Type: u.Query().Get("headerType"),
-- Host: u.Query().Get("sni"),
-+ Host: u.Query().Get("host"),
-+ SNI: u.Query().Get("sni"),
- Path: u.Query().Get("path"),
- TLS: u.Query().Get("security"),
- Flow: u.Query().Get("flow"),
-@@ -86,16 +87,13 @@ func ParseVlessURL(vless string) (data *
- if data.Type == "" {
- data.Type = "none"
- }
-- if data.Host == "" {
-- data.Host = u.Query().Get("host")
-- }
- if data.TLS == "" {
- data.TLS = "none"
- }
- if data.Flow == "" {
- data.Flow = "xtls-rprx-direct"
- }
-- if data.Type == "mkcp" || data.Type == "kcp" {
-+ if data.Net == "mkcp" || data.Net == "kcp" {
- data.Path = u.Query().Get("seed")
- }
- return data, nil
-@@ -145,6 +143,7 @@ func ParseVmessURL(vmess string) (data *
- if aid == "" {
- aid = q.Get("aid")
- }
-+ sni := q.Get("sni")
- info = V2Ray{
- ID: subMatch[1],
- Add: subMatch[2],
-@@ -152,6 +151,7 @@ func ParseVmessURL(vmess string) (data *
- Ps: ps,
- Host: obfsParam,
- Path: path,
-+ SNI: sni,
- Net: obfs,
- Aid: aid,
- TLS: map[string]string{"1": "tls"}[q.Get("tls")],
-@@ -165,12 +165,6 @@ func ParseVmessURL(vmess string) (data *
- if err != nil {
- return
- }
-- if info.Host == "" {
-- sni := gjson.Get(raw, "sni")
-- if sni.Exists() {
-- info.Host = sni.String()
-- }
-- }
- }
- // correct the wrong vmess as much as possible
- if strings.HasPrefix(info.Host, "/") && info.Path == "" {
-@@ -328,7 +322,9 @@ func (v *V2Ray) Configuration(info Prior
- core.StreamSettings.TLSSettings.AllowInsecure = true
- }
- // SNI
-- if v.Host != "" {
-+ if v.SNI != "" {
-+ core.StreamSettings.TLSSettings.ServerName = v.SNI
-+ } else if v.Host != "" {
- core.StreamSettings.TLSSettings.ServerName = v.Host
- }
- // Alpn
-@@ -345,6 +341,8 @@ func (v *V2Ray) Configuration(info Prior
- // SNI
- if v.Host != "" {
- core.StreamSettings.XTLSSettings.ServerName = v.Host
-+ } else if v.Host != "" {
-+ core.StreamSettings.TLSSettings.ServerName = v.Host
- }
- if v.AllowInsecure {
- core.StreamSettings.XTLSSettings.AllowInsecure = true
+++ /dev/null
-From 3f78422f81f3abc2668fc3938b31d213bfe4dfff Mon Sep 17 00:00:00 2001
-From: mzz2017 <mzz@tuta.io>
-Date: Sun, 28 Aug 2022 17:54:36 +0800
-Subject: [PATCH] fix: a problem that supervisor cannot exit normally
-
----
- service/core/specialMode/infra/handle.go | 11 ++++++----
- service/core/specialMode/infra/supervisor.go | 22 ++++++++------------
- 2 files changed, 16 insertions(+), 17 deletions(-)
-
---- a/core/specialMode/infra/handle.go
-+++ b/core/specialMode/infra/handle.go
-@@ -127,10 +127,13 @@ func (interfaceHandle *handle) handleRec
- return results, msg
- }
-
--func packetFilter(portCache *portCache, pPacket *gopacket.Packet, whitelistDnsServers *v2router.GeoIPMatcher) (m *dnsmessage.Message, pSAddr, pSPort, pDAddr, pDPort *gopacket.Endpoint) {
-- packet := *pPacket
-- trans := packet.TransportLayer()
-+func packetFilter(portCache *portCache, packet gopacket.Packet, whitelistDnsServers *v2router.GeoIPMatcher) (m *dnsmessage.Message, pSAddr, pSPort, pDAddr, pDPort *gopacket.Endpoint) {
-+ //跳过非网络层的包
-+ if packet.NetworkLayer() == nil {
-+ return
-+ }
- //跳过非传输层的包
-+ trans := packet.TransportLayer()
- if trans == nil {
- return
- }
-@@ -180,7 +183,7 @@ func packetFilter(portCache *portCache,
- }
-
- func (interfaceHandle *handle) handlePacket(packet gopacket.Packet, ifname string, whitelistDnsServers *v2router.GeoIPMatcher, whitelistDomains *strmatcher.MatcherGroup) {
-- m, sAddr, sPort, dAddr, dPort := packetFilter(interfaceHandle.portCache, &packet, whitelistDnsServers)
-+ m, sAddr, sPort, dAddr, dPort := packetFilter(interfaceHandle.portCache, packet, whitelistDnsServers)
- if m == nil {
- return
- }
---- a/core/specialMode/infra/supervisor.go
-+++ b/core/specialMode/infra/supervisor.go
-@@ -9,7 +9,6 @@ import (
- v2router "github.com/v2rayA/v2ray-lib/router"
- "github.com/v2rayA/v2rayA/pkg/util/log"
- "sync"
-- "time"
- )
-
- type DnsSupervisor struct {
-@@ -70,7 +69,7 @@ func (d *DnsSupervisor) DeleteHandles(if
- }
- close(d.handles[ifname].done)
- delete(d.handles, ifname)
-- log.Trace("DnsSupervisor:%v closed", ifname)
-+ log.Trace("DnsSupervisor:%v deleted", ifname)
- return
- }
-
-@@ -81,28 +80,24 @@ func (d *DnsSupervisor) Run(ifname strin
- d.inner.Lock()
- handle, ok := d.handles[ifname]
- if !ok {
-+ d.inner.Unlock()
- return fmt.Errorf("Run: %v not exsits", ifname)
- }
- if handle.running {
-+ d.inner.Unlock()
- return fmt.Errorf("Run: %v is running", ifname)
- }
- handle.running = true
- log.Trace("[DnsSupervisor] " + ifname + ": running")
-- pkgsrc := gopacket.NewPacketSource(handle, layers.LayerTypeEthernet)
-+ // we only decode UDP packets
-+ pkgsrc := gopacket.NewPacketSource(handle, layers.LayerTypeDNS)
- pkgsrc.NoCopy = true
-+ //pkgsrc.Lazy = true
- d.inner.Unlock()
- packets := pkgsrc.Packets()
- go func() {
-- for {
-- //心跳包,防止内存泄漏
-- packets <- gopacket.NewPacket(nil, layers.LinkTypeEthernet, gopacket.DecodeOptions{})
-- select {
-- case <-handle.done:
-- return
-- default:
-- time.Sleep(2 * time.Second)
-- }
-- }
-+ <-handle.done
-+ packets <- gopacket.NewPacket(nil, layers.LinkTypeEthernet, pkgsrc.DecodeOptions)
- }()
- out:
- for packet := range packets {
-@@ -113,5 +108,6 @@ out:
- }
- go handle.handlePacket(packet, ifname, whitelistDnsServers, whitelistDomains)
- }
-+ log.Trace("DnsSupervisor:%v closed", ifname)
- return
- }
+++ /dev/null
-From 153b72ed623876ad73b731c2ec2344e9057d3c35 Mon Sep 17 00:00:00 2001
-From: mzz2017 <mzz@tuta.io>
-Date: Wed, 21 Sep 2022 16:50:24 +0800
-Subject: [PATCH] fix: unexpected exit does not apply stop steps
-
----
- service/core/v2ray/process.go | 4 ++--
- service/core/v2ray/processManager.go | 8 +++-----
- 2 files changed, 5 insertions(+), 7 deletions(-)
-
---- a/core/v2ray/process.go
-+++ b/core/v2ray/process.go
-@@ -35,7 +35,7 @@ type Process struct {
- tag2WhichIndex map[string]int
- }
-
--func NewProcess(tmpl *Template, prestart func() error, poststart func() error) (process *Process, err error) {
-+func NewProcess(tmpl *Template, prestart func() error, poststart func() error, stopfunc func(p *Process)) (process *Process, err error) {
- process = &Process{
- template: tmpl,
- }
-@@ -111,7 +111,7 @@ func NewProcess(tmpl *Template, prestart
- // canceled by v2rayA
- return
- }
-- defer ProcessManager.Stop(false)
-+ defer stopfunc(process)
- var t []string
- if p != nil {
- if p.Success() {
---- a/core/v2ray/processManager.go
-+++ b/core/v2ray/processManager.go
-@@ -245,16 +245,14 @@ func (m *CoreProcessManager) Start(t *Te
- return m.beforeStart(t)
- }, func() error {
- return m.afterStart(t)
-+ }, func(p *Process) {
-+ m.p = p
-+ ProcessManager.Stop(false)
- })
- if err != nil {
- return err
- }
- m.p = process
-- defer func() {
-- if err != nil {
-- m.stop(true)
-- }
-- }()
-
- configure.SetRunning(true)
- return nil
+++ /dev/null
-From 00366b224b2e28861b80f677e8aa604c5d08dae3 Mon Sep 17 00:00:00 2001
-From: Kelo <meetkelo@outlook.com>
-Date: Sat, 29 Oct 2022 16:27:26 +0800
-Subject: [PATCH] optimize: reduce disk writes
-
----
- service/db/boltdb.go | 43 +++++++++++++++++++++++++++++++----
- service/db/listOp.go | 48 +++++++++++++++++++++------------------
- service/db/plainOp.go | 52 ++++++++++++++++++++++++-------------------
- service/db/setOp.go | 20 +++++++++--------
- 4 files changed, 105 insertions(+), 58 deletions(-)
-
---- a/db/boltdb.go
-+++ b/db/boltdb.go
-@@ -1,13 +1,14 @@
- package db
-
- import (
-- "go.etcd.io/bbolt"
-- "github.com/v2rayA/v2rayA/conf"
-- "github.com/v2rayA/v2rayA/pkg/util/copyfile"
-- "github.com/v2rayA/v2rayA/pkg/util/log"
- "os"
- "path/filepath"
- "sync"
-+
-+ "github.com/v2rayA/v2rayA/conf"
-+ "github.com/v2rayA/v2rayA/pkg/util/copyfile"
-+ "github.com/v2rayA/v2rayA/pkg/util/log"
-+ "go.etcd.io/bbolt"
- )
-
- var once sync.Once
-@@ -46,3 +47,37 @@ func DB() *bbolt.DB {
- once.Do(initDB)
- return db
- }
-+
-+// The function should return a dirty flag.
-+// If the dirty flag is true and there is no error then the transaction is commited.
-+// Otherwise, the transaction is rolled back.
-+func Transaction(db *bbolt.DB, fn func(*bbolt.Tx) (bool, error)) error {
-+ tx, err := db.Begin(true)
-+ if err != nil {
-+ return err
-+ }
-+ defer tx.Rollback()
-+ dirty, err := fn(tx)
-+ if err != nil {
-+ _ = tx.Rollback()
-+ return err
-+ }
-+ if !dirty {
-+ return nil
-+ }
-+ return tx.Commit()
-+}
-+
-+// If the bucket does not exist, the dirty flag is setted
-+func CreateBucketIfNotExists(tx *bbolt.Tx, name []byte, dirty *bool) (*bbolt.Bucket, error) {
-+ bkt := tx.Bucket(name)
-+ if bkt != nil {
-+ return bkt, nil
-+ }
-+ bkt, err := tx.CreateBucket(name)
-+ if err != nil {
-+ return nil, err
-+ }
-+ *dirty = true
-+ return bkt, nil
-+}
---- a/db/listOp.go
-+++ b/db/listOp.go
-@@ -2,13 +2,14 @@ package db
-
- import (
- "fmt"
-- "go.etcd.io/bbolt"
-- jsoniter "github.com/json-iterator/go"
-- "github.com/tidwall/gjson"
-- "github.com/tidwall/sjson"
- "reflect"
- "sort"
- "strconv"
-+
-+ jsoniter "github.com/json-iterator/go"
-+ "github.com/tidwall/gjson"
-+ "github.com/tidwall/sjson"
-+ "go.etcd.io/bbolt"
- )
-
- func ListSet(bucket string, key string, index int, val interface{}) (err error) {
-@@ -31,20 +32,21 @@ func ListSet(bucket string, key string,
- }
-
- func ListGet(bucket string, key string, index int) (b []byte, err error) {
-- err = DB().Update(func(tx *bbolt.Tx) error {
-- if bkt, err := tx.CreateBucketIfNotExists([]byte(bucket)); err != nil {
-- return err
-+ err = Transaction(DB(), func(tx *bbolt.Tx) (bool, error) {
-+ dirty := false
-+ if bkt, err := CreateBucketIfNotExists(tx, []byte(bucket), &dirty); err != nil {
-+ return dirty, err
- } else {
- v := bkt.Get([]byte(key))
- if v == nil {
-- return fmt.Errorf("ListGet: can't get element from an empty list")
-+ return dirty, fmt.Errorf("ListGet: can't get element from an empty list")
- }
- r := gjson.GetBytes(v, strconv.Itoa(index))
- if r.Exists() {
- b = []byte(r.Raw)
-- return nil
-+ return dirty, nil
- } else {
-- return fmt.Errorf("ListGet: no such element")
-+ return dirty, fmt.Errorf("ListGet: no such element")
- }
- }
- })
-@@ -79,24 +81,25 @@ func ListAppend(bucket string, key strin
- }
-
- func ListGetAll(bucket string, key string) (list [][]byte, err error) {
-- err = DB().Update(func(tx *bbolt.Tx) error {
-- if bkt, err := tx.CreateBucketIfNotExists([]byte(bucket)); err != nil {
-- return err
-+ err = Transaction(DB(), func(tx *bbolt.Tx) (bool, error) {
-+ dirty := false
-+ if bkt, err := CreateBucketIfNotExists(tx, []byte(bucket), &dirty); err != nil {
-+ return dirty, err
- } else {
- b := bkt.Get([]byte(key))
- if b == nil {
-- return nil
-+ return dirty, nil
- }
- parsed := gjson.ParseBytes(b)
- if !parsed.IsArray() {
-- return fmt.Errorf("ListGetAll: is not array")
-+ return dirty, fmt.Errorf("ListGetAll: is not array")
- }
- results := parsed.Array()
- for _, r := range results {
- list = append(list, []byte(r.Raw))
- }
- }
-- return nil
-+ return dirty, nil
- })
- return list, err
- }
-@@ -143,21 +146,22 @@ func ListRemove(bucket, key string, inde
- }
-
- func ListLen(bucket string, key string) (length int, err error) {
-- err = DB().Update(func(tx *bbolt.Tx) error {
-- if bkt, err := tx.CreateBucketIfNotExists([]byte(bucket)); err != nil {
-- return err
-+ err = Transaction(DB(), func(tx *bbolt.Tx) (bool, error) {
-+ dirty := false
-+ if bkt, err := CreateBucketIfNotExists(tx, []byte(bucket), &dirty); err != nil {
-+ return dirty, err
- } else {
- b := bkt.Get([]byte(key))
- if b == nil {
-- return nil
-+ return dirty, nil
- }
- parsed := gjson.ParseBytes(b)
- if !parsed.IsArray() {
-- return fmt.Errorf("ListLen: is not array")
-+ return dirty, fmt.Errorf("ListLen: is not array")
- }
- length = len(parsed.Array())
- }
-- return nil
-+ return dirty, nil
- })
- return length, err
- }
---- a/db/plainOp.go
-+++ b/db/plainOp.go
-@@ -2,50 +2,54 @@ package db
-
- import (
- "fmt"
-- "go.etcd.io/bbolt"
-+
- jsoniter "github.com/json-iterator/go"
- "github.com/v2rayA/v2rayA/common"
- "github.com/v2rayA/v2rayA/pkg/util/log"
-+ "go.etcd.io/bbolt"
- )
-
- func Get(bucket string, key string, val interface{}) (err error) {
-- return DB().Update(func(tx *bbolt.Tx) error {
-- if bkt, err := tx.CreateBucketIfNotExists([]byte(bucket)); err != nil {
-- return err
-+ return Transaction(DB(), func(tx *bbolt.Tx) (bool, error) {
-+ dirty := false
-+ if bkt, err := CreateBucketIfNotExists(tx, []byte(bucket), &dirty); err != nil {
-+ return dirty, err
- } else {
- if v := bkt.Get([]byte(key)); v == nil {
-- return fmt.Errorf("Get: key is not found")
-+ return dirty, fmt.Errorf("Get: key is not found")
- } else {
-- return jsoniter.Unmarshal(v, val)
-+ return dirty, jsoniter.Unmarshal(v, val)
- }
- }
- })
- }
-
- func GetRaw(bucket string, key string) (b []byte, err error) {
-- err = DB().Update(func(tx *bbolt.Tx) error {
-- if bkt, err := tx.CreateBucketIfNotExists([]byte(bucket)); err != nil {
-- return err
-+ err = Transaction(DB(), func(tx *bbolt.Tx) (bool, error) {
-+ dirty := false
-+ if bkt, err := CreateBucketIfNotExists(tx, []byte(bucket), &dirty); err != nil {
-+ return dirty, err
- } else {
- v := bkt.Get([]byte(key))
- if v == nil {
-- return fmt.Errorf("GetRaw: key is not found")
-+ return dirty, fmt.Errorf("GetRaw: key is not found")
- }
- b = common.BytesCopy(v)
-- return nil
-+ return dirty, nil
- }
- })
- return b, err
- }
-
- func Exists(bucket string, key string) (exists bool) {
-- if err := DB().Update(func(tx *bbolt.Tx) error {
-- if bkt, err := tx.CreateBucketIfNotExists([]byte(bucket)); err != nil {
-- return err
-+ if err := Transaction(DB(), func(tx *bbolt.Tx) (bool, error) {
-+ dirty := false
-+ if bkt, err := CreateBucketIfNotExists(tx, []byte(bucket), &dirty); err != nil {
-+ return dirty, err
- } else {
- v := bkt.Get([]byte(key))
- exists = v != nil
-- return nil
-+ return dirty, nil
- }
- }); err != nil {
- log.Warn("%v", err)
-@@ -55,23 +59,25 @@ func Exists(bucket string, key string) (
- }
-
- func GetBucketLen(bucket string) (length int, err error) {
-- err = DB().Update(func(tx *bbolt.Tx) error {
-- if bkt, err := tx.CreateBucketIfNotExists([]byte(bucket)); err != nil {
-- return err
-+ err = Transaction(DB(), func(tx *bbolt.Tx) (bool, error) {
-+ dirty := false
-+ if bkt, err := CreateBucketIfNotExists(tx, []byte(bucket), &dirty); err != nil {
-+ return dirty, err
- } else {
- length = bkt.Stats().KeyN
- }
-- return nil
-+ return dirty, nil
- })
- return length, err
- }
-
- func GetBucketKeys(bucket string) (keys []string, err error) {
-- err = DB().Update(func(tx *bbolt.Tx) error {
-- if bkt, err := tx.CreateBucketIfNotExists([]byte(bucket)); err != nil {
-- return err
-+ err = Transaction(DB(), func(tx *bbolt.Tx) (bool, error) {
-+ dirty := false
-+ if bkt, err := CreateBucketIfNotExists(tx, []byte(bucket), &dirty); err != nil {
-+ return dirty, err
- } else {
-- return bkt.ForEach(func(k, v []byte) error {
-+ return dirty, bkt.ForEach(func(k, v []byte) error {
- keys = append(keys, string(k))
- return nil
- })
---- a/db/setOp.go
-+++ b/db/setOp.go
-@@ -4,8 +4,9 @@ import (
- "bytes"
- "crypto/sha256"
- "encoding/gob"
-- "go.etcd.io/bbolt"
-+
- "github.com/v2rayA/v2rayA/common"
-+ "go.etcd.io/bbolt"
- )
-
- type set map[[32]byte]interface{}
-@@ -28,26 +29,27 @@ func toSha256(val interface{}) (hash [32
- }
-
- func setOp(bucket string, key string, f func(m set) (readonly bool, err error)) (err error) {
-- return DB().Update(func(tx *bbolt.Tx) error {
-- if bkt, err := tx.CreateBucketIfNotExists([]byte(bucket)); err != nil {
-- return err
-+ return Transaction(DB(), func(tx *bbolt.Tx) (bool, error) {
-+ dirty := false
-+ if bkt, err := CreateBucketIfNotExists(tx, []byte(bucket), &dirty); err != nil {
-+ return dirty, err
- } else {
- var m set
- v := bkt.Get([]byte(key))
- if v == nil {
- m = make(set)
- } else if err := gob.NewDecoder(bytes.NewReader(v)).Decode(&m); err != nil {
-- return err
-+ return dirty, err
- }
- if readonly, err := f(m); err != nil {
-- return err
-+ return dirty, err
- } else if readonly {
-- return nil
-+ return dirty, nil
- }
- if b, err := common.ToBytes(m); err != nil {
-- return err
-+ return dirty, err
- } else {
-- return bkt.Put([]byte(key), b)
-+ return true, bkt.Put([]byte(key), b)
- }
- }
- })
+++ /dev/null
-From 451912074ba1ba4000c66874876bc0a6b64cb5da Mon Sep 17 00:00:00 2001
-From: Kelo <meetkelo@outlook.com>
-Date: Sun, 30 Oct 2022 16:49:22 +0800
-Subject: [PATCH] fix: do not rollback closed transaction
-
----
- service/db/boltdb.go | 3 +--
- 1 file changed, 1 insertion(+), 2 deletions(-)
-
---- a/db/boltdb.go
-+++ b/db/boltdb.go
-@@ -56,14 +56,13 @@ func Transaction(db *bbolt.DB, fn func(*
- if err != nil {
- return err
- }
-- defer tx.Rollback()
- dirty, err := fn(tx)
- if err != nil {
- _ = tx.Rollback()
- return err
- }
- if !dirty {
-- return nil
-+ return tx.Rollback()
- }
- return tx.Commit()
- }
+++ /dev/null
-From 58a6cf270e43ec3eaeef7d1c65de76278dd6d349 Mon Sep 17 00:00:00 2001
-From: mzz2017 <2017@duck.com>
-Date: Mon, 13 Feb 2023 14:42:07 +0800
-Subject: [PATCH] fix: simple-obfs
-
----
- service/pkg/plugin/simpleobfs/http.go | 8 +++++++-
- service/pkg/plugin/simpleobfs/tls.go | 7 +++++++
- 2 files changed, 14 insertions(+), 1 deletion(-)
-
---- a/pkg/plugin/simpleobfs/http.go
-+++ b/pkg/plugin/simpleobfs/http.go
-@@ -12,6 +12,7 @@ import (
- "net"
- "net/http"
- "strings"
-+ "sync"
- )
-
- // HTTPObfs is shadowsocks http simple-obfs implementation
-@@ -24,9 +25,13 @@ type HTTPObfs struct {
- offset int
- firstRequest bool
- firstResponse bool
-+ rMu sync.Mutex
-+ wMu sync.Mutex
- }
-
- func (ho *HTTPObfs) Read(b []byte) (int, error) {
-+ ho.rMu.Lock()
-+ defer ho.rMu.Unlock()
- if ho.buf != nil {
- n := copy(b, ho.buf[ho.offset:])
- ho.offset += n
-@@ -64,6 +69,8 @@ func (ho *HTTPObfs) Read(b []byte) (int,
- }
-
- func (ho *HTTPObfs) Write(b []byte) (int, error) {
-+ ho.wMu.Lock()
-+ defer ho.wMu.Unlock()
- if ho.firstRequest {
- randBytes := make([]byte, 16)
- rand.Read(randBytes)
-@@ -71,7 +78,6 @@ func (ho *HTTPObfs) Write(b []byte) (int
- req.Header.Set("User-Agent", fmt.Sprintf("curl/7.%d.%d", rand.Int()%54, rand.Int()%2))
- req.Header.Set("Upgrade", "websocket")
- req.Header.Set("Connection", "Upgrade")
-- req.Host = ho.host
- if ho.port != "80" {
- req.Host = fmt.Sprintf("%s:%s", ho.host, ho.port)
- }
---- a/pkg/plugin/simpleobfs/tls.go
-+++ b/pkg/plugin/simpleobfs/tls.go
-@@ -8,6 +8,7 @@ import (
- "io"
- "math/rand"
- "net"
-+ "sync"
- "time"
- )
-
-@@ -26,6 +27,8 @@ type TLSObfs struct {
- remain int
- firstRequest bool
- firstResponse bool
-+ rMu sync.Mutex
-+ wMu sync.Mutex
- }
-
- func (to *TLSObfs) read(b []byte, discardN int) (int, error) {
-@@ -54,6 +57,8 @@ func (to *TLSObfs) read(b []byte, discar
- }
-
- func (to *TLSObfs) Read(b []byte) (int, error) {
-+ to.rMu.Lock()
-+ defer to.rMu.Unlock()
- if to.remain > 0 {
- length := to.remain
- if length > len(b) {
-@@ -77,6 +82,8 @@ func (to *TLSObfs) Read(b []byte) (int,
- return to.read(b, 3)
- }
- func (to *TLSObfs) Write(b []byte) (int, error) {
-+ to.wMu.Lock()
-+ defer to.wMu.Unlock()
- length := len(b)
- for i := 0; i < length; i += chunkSize {
- end := i + chunkSize
+++ /dev/null
-From d10cf52839e848870df0ea852d9a818ac03e7aa3 Mon Sep 17 00:00:00 2001
-From: cubercsl <2014cais01@gmail.com>
-Date: Thu, 19 Jan 2023 16:43:30 +0800
-Subject: [PATCH 1/5] feat: add nftables support
-
-fix: use iptables-nft if nftables-support is on
-fix: save nft to V2RAYA_CONFIG
-fix: tproxy for ipv6
-chore: small change in table format
----
- service/conf/environmentConfig.go | 1 +
- service/core/iptables/dropSpoofing.go | 4 +-
- service/core/iptables/iptables.go | 7 +-
- service/core/iptables/redirect.go | 142 +++++++++++++++++--
- service/core/iptables/tproxy.go | 195 +++++++++++++++++++++++++-
- service/core/iptables/utils.go | 23 ++-
- service/core/iptables/watcher.go | 1 +
- service/core/v2ray/asset/asset.go | 17 ++-
- service/core/v2ray/transparent.go | 9 +-
- 9 files changed, 367 insertions(+), 32 deletions(-)
-
---- a/conf/environmentConfig.go
-+++ b/conf/environmentConfig.go
-@@ -24,6 +24,7 @@ type Params struct {
- WebDir string `id:"webdir" desc:"v2rayA web files directory. use embedded files if not specify."`
- VlessGrpcInboundCertKey []string `id:"vless-grpc-inbound-cert-key" desc:"Specify the certification path instead of automatically generating a self-signed certificate. Example: /etc/v2raya/grpc_certificate.crt,/etc/v2raya/grpc_private.key"`
- IPV6Support string `id:"ipv6-support" default:"auto" desc:"Optional values: auto, on, off. Make sure your IPv6 network works fine before you turn it on."`
-+ NFTablesSupport string `id:"nftables-support" default:"off" desc:"Optional values: auto, on, off. Experimental feature. Make sure you have installed nftables."`
- PassCheckRoot bool `desc:"Skip privilege checking. Use it only when you cannot start v2raya but confirm you have root privilege"`
- ResetPassword bool `id:"reset-password"`
- LogLevel string `id:"log-level" default:"info" desc:"Optional values: trace, debug, info, warn or error"`
---- a/core/iptables/dropSpoofing.go
-+++ b/core/iptables/dropSpoofing.go
-@@ -34,7 +34,7 @@ ip6tables -w 2 -I FORWARD -j DROP_SPOOFI
- `
- }
- return Setter{
-- Cmds: commands,
-+ Cmds: commands,
- }
- }
-
-@@ -54,6 +54,6 @@ ip6tables -w 2 -X DROP_SPOOFING
- `
- }
- return Setter{
-- Cmds: commands,
-+ Cmds: commands,
- }
- }
---- a/core/iptables/iptables.go
-+++ b/core/iptables/iptables.go
-@@ -1,11 +1,12 @@
- package iptables
-
- import (
-- "github.com/v2rayA/v2rayA/common"
-- "github.com/v2rayA/v2rayA/common/cmds"
- "strings"
- "sync"
- "time"
-+
-+ "github.com/v2rayA/v2rayA/common"
-+ "github.com/v2rayA/v2rayA/common/cmds"
- )
-
- // http://briteming.hatenablog.com/entry/2019/06/18/175518
-@@ -56,6 +57,10 @@ func (c Setter) Run(stopAtError bool) er
- if common.IsDocker() {
- commands = strings.ReplaceAll(commands, "iptables", "iptables-legacy")
- commands = strings.ReplaceAll(commands, "ip6tables", "ip6tables-legacy")
-+ } else if (!cmds.IsCommandValid("iptables") || IsNFTablesSupported()) &&
-+ cmds.IsCommandValid("iptables-nft") {
-+ commands = strings.ReplaceAll(commands, "iptables", "iptables-nft")
-+ commands = strings.ReplaceAll(commands, "ip6tables", "ip6tables-nft")
- }
- var errs []error
- if c.PreFunc != nil {
---- a/core/iptables/redirect.go
-+++ b/core/iptables/redirect.go
-@@ -2,15 +2,34 @@ package iptables
-
- import (
- "fmt"
-- "github.com/v2rayA/v2rayA/common/cmds"
-+ "os"
- "strings"
-+
-+ "github.com/v2rayA/v2rayA/common/cmds"
-+ "github.com/v2rayA/v2rayA/core/v2ray/asset"
- )
-
--type redirect struct{}
-+type redirect interface {
-+ AddIPWhitelist(cidr string)
-+ RemoveIPWhitelist(cidr string)
-+ GetSetupCommands() Setter
-+ GetCleanCommands() Setter
-+}
-+
-+type legacyRedirect struct{}
-+type nftRedirect struct{}
-
- var Redirect redirect
-
--func (r *redirect) AddIPWhitelist(cidr string) {
-+func init() {
-+ if IsNFTablesSupported() {
-+ Redirect = &nftRedirect{}
-+ } else {
-+ Redirect = &legacyRedirect{}
-+ }
-+}
-+
-+func (r *legacyRedirect) AddIPWhitelist(cidr string) {
- // avoid duplication
- r.RemoveIPWhitelist(cidr)
- var commands string
-@@ -22,13 +41,13 @@ func (r *redirect) AddIPWhitelist(cidr s
- cmds.ExecCommands(commands, false)
- }
-
--func (r *redirect) RemoveIPWhitelist(cidr string) {
-+func (r *legacyRedirect) RemoveIPWhitelist(cidr string) {
- var commands string
- commands = fmt.Sprintf(`iptables -w 2 -t mangle -D TP_RULE -d %s -j RETURN`, cidr)
- cmds.ExecCommands(commands, false)
- }
-
--func (r *redirect) GetSetupCommands() Setter {
-+func (r *legacyRedirect) GetSetupCommands() Setter {
- commands := `
- iptables -w 2 -t nat -N TP_OUT
- iptables -w 2 -t nat -N TP_PRE
-@@ -84,11 +103,11 @@ ip6tables -w 2 -t nat -A TP_OUT -j TP_RU
- `
- }
- return Setter{
-- Cmds: commands,
-+ Cmds: commands,
- }
- }
-
--func (r *redirect) GetCleanCommands() Setter {
-+func (r *legacyRedirect) GetCleanCommands() Setter {
- commands := `
- iptables -w 2 -t nat -F TP_OUT
- iptables -w 2 -t nat -D OUTPUT -p tcp -j TP_OUT
-@@ -112,6 +131,113 @@ ip6tables -w 2 -t nat -X TP_RULE
- `
- }
- return Setter{
-- Cmds: commands,
-+ Cmds: commands,
-+ }
-+}
-+
-+func (t *nftRedirect) AddIPWhitelist(cidr string) {
-+ command := fmt.Sprintf("nft add element inet v2raya interface { %s }", cidr)
-+ if !strings.Contains(cidr, ".") {
-+ command = strings.Replace(command, "interface", "interface6", 1)
-+ }
-+ cmds.ExecCommands(command, false)
-+}
-+
-+func (t *nftRedirect) RemoveIPWhitelist(cidr string) {
-+ command := fmt.Sprintf("nft delete element inet v2raya interface { %s }", cidr)
-+ if !strings.Contains(cidr, ".") {
-+ command = strings.Replace(command, "interface", "interface6", 1)
- }
-+ cmds.ExecCommands(command, false)
-+}
-+
-+func (r *nftRedirect) GetSetupCommands() Setter {
-+ // 198.18.0.0/15 and fc00::/7 are reserved for private use but used by fakedns
-+ table := `
-+table inet v2raya {
-+ set whitelist {
-+ type ipv4_addr
-+ flags interval
-+ auto-merge
-+ elements = {
-+ 0.0.0.0/32,
-+ 10.0.0.0/8,
-+ 100.64.0.0/10,
-+ 127.0.0.0/8,
-+ 169.254.0.0/16,
-+ 172.16.0.0/12,
-+ 192.0.0.0/24,
-+ 192.0.2.0/24,
-+ 192.88.99.0/24,
-+ 192.168.0.0/16,
-+ 198.51.100.0/24,
-+ 203.0.113.0/24,
-+ 224.0.0.0/4,
-+ 240.0.0.0/4
-+ }
-+ }
-+
-+ set whitelist6 {
-+ type ipv6_addr
-+ flags interval
-+ auto-merge
-+ elements = {
-+ ::/128,
-+ ::1/128,
-+ 64:ff9b::/96,
-+ 100::/64,
-+ 2001::/32,
-+ 2001:20::/28,
-+ fe80::/10,
-+ ff00::/8
-+ }
-+ }
-+
-+ set interface {
-+ type ipv4_addr
-+ flags interval
-+ auto-merge
-+ }
-+
-+ set interface6 {
-+ type ipv6_addr
-+ flags interval
-+ auto-merge
-+ }
-+
-+ chain tp_rule {
-+ ip daddr @whitelist return
-+ ip daddr @interface return
-+ ip6 daddr @whitelist6 return
-+ ip6 daddr @interface6 return
-+ meta mark & 0x80 == 0x80 return
-+ meta l4proto tcp redirect to :32345
-+ }
-+
-+ chain tp_pre {
-+ type nat hook prerouting priority dstnat - 5
-+ meta nfproto { ipv4, ipv6 } meta l4proto tcp jump tp_rule
-+ }
-+
-+ chain tp_out {
-+ type nat hook output priority -105
-+ meta nfproto { ipv4, ipv6 } meta l4proto tcp jump tp_rule
-+ }
-+}
-+`
-+ if !IsIPv6Supported() {
-+ table = strings.ReplaceAll(table, "meta nfproto { ipv4, ipv6 }", "meta nfproto ipv4")
-+ }
-+
-+ nftablesConf := asset.GetNFTablesConfigPath()
-+ os.WriteFile(nftablesConf, []byte(table), 0644)
-+
-+ command := `nft -f ` + nftablesConf
-+
-+ return Setter{Cmds: command}
-+}
-+
-+func (r *nftRedirect) GetCleanCommands() Setter {
-+ command := `nft delete table inet v2raya`
-+ return Setter{Cmds: command}
- }
---- a/core/iptables/tproxy.go
-+++ b/core/iptables/tproxy.go
-@@ -2,18 +2,36 @@ package iptables
-
- import (
- "fmt"
-+ "os"
-+ "strings"
-+
- "github.com/v2rayA/v2rayA/common/cmds"
-+ "github.com/v2rayA/v2rayA/core/v2ray/asset"
- "github.com/v2rayA/v2rayA/db/configure"
-- "strings"
- )
-
--type tproxy struct {
-- watcher *LocalIPWatcher
-+type tproxy interface {
-+ AddIPWhitelist(cidr string)
-+ RemoveIPWhitelist(cidr string)
-+ GetSetupCommands() Setter
-+ GetCleanCommands() Setter
- }
-
-+type legacyTproxy struct{}
-+
-+type nftTproxy struct{}
-+
- var Tproxy tproxy
-
--func (t *tproxy) AddIPWhitelist(cidr string) {
-+func init() {
-+ if IsNFTablesSupported() {
-+ Tproxy = &nftTproxy{}
-+ } else {
-+ Tproxy = &legacyTproxy{}
-+ }
-+}
-+
-+func (t *legacyTproxy) AddIPWhitelist(cidr string) {
- // avoid duplication
- t.RemoveIPWhitelist(cidr)
- pos := 7
-@@ -30,7 +48,7 @@ func (t *tproxy) AddIPWhitelist(cidr str
- cmds.ExecCommands(commands, false)
- }
-
--func (t *tproxy) RemoveIPWhitelist(cidr string) {
-+func (t *legacyTproxy) RemoveIPWhitelist(cidr string) {
- var commands string
- commands = fmt.Sprintf(`iptables -w 2 -t mangle -D TP_RULE -d %s -j RETURN`, cidr)
- if !strings.Contains(cidr, ".") {
-@@ -40,7 +58,7 @@ func (t *tproxy) RemoveIPWhitelist(cidr
- cmds.ExecCommands(commands, false)
- }
-
--func (t *tproxy) GetSetupCommands() Setter {
-+func (t *legacyTproxy) GetSetupCommands() Setter {
- commands := `
- ip rule add fwmark 0x40/0xc0 table 100
- ip route add local 0.0.0.0/0 dev lo table 100
-@@ -158,7 +176,7 @@ ip6tables -w 2 -t mangle -A TP_MARK -j C
- }
- }
-
--func (t *tproxy) GetCleanCommands() Setter {
-+func (t *legacyTproxy) GetCleanCommands() Setter {
- commands := `
- ip rule del fwmark 0x40/0xc0 table 100
- ip route del local 0.0.0.0/0 dev lo table 100
-@@ -195,3 +213,166 @@ ip6tables -w 2 -t mangle -X TP_MARK
- Cmds: commands,
- }
- }
-+
-+func (t *nftTproxy) AddIPWhitelist(cidr string) {
-+ command := fmt.Sprintf("nft add element inet v2raya interface { %s }", cidr)
-+ if !strings.Contains(cidr, ".") {
-+ command = strings.Replace(command, "interface", "interface6", 1)
-+ }
-+ cmds.ExecCommands(command, false)
-+}
-+
-+func (t *nftTproxy) RemoveIPWhitelist(cidr string) {
-+ command := fmt.Sprintf("nft delete element inet v2raya interface { %s }", cidr)
-+ if !strings.Contains(cidr, ".") {
-+ command = strings.Replace(command, "interface", "interface6", 1)
-+ }
-+ cmds.ExecCommands(command, false)
-+}
-+
-+func (t *nftTproxy) GetSetupCommands() Setter {
-+ // 198.18.0.0/15 and fc00::/7 are reserved for private use but used by fakedns
-+ table := `
-+table inet v2raya {
-+ set whitelist {
-+ type ipv4_addr
-+ flags interval
-+ auto-merge
-+ elements = {
-+ 0.0.0.0/32,
-+ 10.0.0.0/8,
-+ 100.64.0.0/10,
-+ 127.0.0.0/8,
-+ 169.254.0.0/16,
-+ 172.16.0.0/12,
-+ 192.0.0.0/24,
-+ 192.0.2.0/24,
-+ 192.88.99.0/24,
-+ 192.168.0.0/16,
-+ 198.51.100.0/24,
-+ 203.0.113.0/24,
-+ 224.0.0.0/4,
-+ 240.0.0.0/4
-+ }
-+ }
-+
-+ set whitelist6 {
-+ type ipv6_addr
-+ flags interval
-+ auto-merge
-+ elements = {
-+ ::/128,
-+ ::1/128,
-+ 64:ff9b::/96,
-+ 100::/64,
-+ 2001::/32,
-+ 2001:20::/28,
-+ fe80::/10,
-+ ff00::/8
-+ }
-+ }
-+
-+ set interface {
-+ type ipv4_addr
-+ flags interval
-+ auto-merge
-+ }
-+
-+ set interface6 {
-+ type ipv6_addr
-+ flags interval
-+ auto-merge
-+ }
-+
-+ chain tp_out {
-+ meta mark & 0x80 == 0x80 return
-+ meta l4proto { tcp, udp } fib saddr type local fib daddr type != local jump tp_rule
-+ }
-+
-+ chain tp_pre {
-+ iifname "lo" mark & 0xc0 != 0x40 return
-+ meta l4proto { tcp, udp } fib saddr type != local fib daddr type != local jump tp_rule
-+ meta l4proto { tcp, udp } mark & 0xc0 == 0x40 tproxy ip to 127.0.0.1:32345
-+ meta l4proto { tcp, udp } mark & 0xc0 == 0x40 tproxy ip6 to [::1]:32345
-+ }
-+
-+ chain output {
-+ type route hook output priority mangle - 5; policy accept;
-+ meta nfproto { ipv4, ipv6 } jump tp_out
-+ }
-+
-+ chain prerouting {
-+ type filter hook prerouting priority mangle - 5; policy accept;
-+ meta nfproto { ipv4, ipv6 } jump tp_pre
-+ }
-+
-+ chain tp_rule {
-+ meta mark set ct mark
-+ meta mark & 0xc0 == 0x40 return
-+ iifname "docker*" return
-+ iifname "veth*" return
-+ iifname "wg*" return
-+ iifname "ppp*" return
-+ # anti-pollution
-+ ip daddr @interface return
-+ ip daddr @whitelist return
-+ ip6 daddr @interface6 return
-+ ip6 daddr @whitelist6 return
-+ jump tp_mark
-+ }
-+
-+ chain tp_mark {
-+ tcp flags & (fin | syn | rst | ack) == syn meta mark set mark | 0x40
-+ meta l4proto udp ct state new meta mark set mark | 0x40
-+ ct mark set mark
-+ }
-+}
-+`
-+ if configure.GetSettingNotNil().AntiPollution != configure.AntipollutionClosed {
-+ table = strings.ReplaceAll(table, "# anti-pollution", `
-+ meta l4proto { tcp, udp } th dport 53 jump tp_mark
-+ meta mark & 0xc0 == 0x40 return
-+ `)
-+ }
-+
-+ if !IsIPv6Supported() {
-+ // drop ipv6 packets hooks
-+ table = strings.ReplaceAll(table, "meta nfproto { ipv4, ipv6 }", "meta nfproto ipv4")
-+ }
-+
-+ nftablesConf := asset.GetNFTablesConfigPath()
-+ os.WriteFile(nftablesConf, []byte(table), 0644)
-+
-+ command := `
-+ip rule add fwmark 0x40/0xc0 table 100
-+ip route add local 0.0.0.0/0 dev lo table 100
-+`
-+ if IsIPv6Supported() {
-+ command += `
-+ip -6 rule add fwmark 0x40/0xc0 table 100
-+ip -6 route add local ::/0 dev lo table 100
-+`
-+ }
-+
-+ command += `nft -f ` + nftablesConf
-+ return Setter{Cmds: command}
-+}
-+
-+func (t *nftTproxy) GetCleanCommands() Setter {
-+ command := `
-+ip rule del fwmark 0x40/0xc0 table 100
-+ip route del local 0.0.0.0/0 dev lo table 100
-+`
-+ if IsIPv6Supported() {
-+ command += `
-+ip -6 rule del fwmark 0x40/0xc0 table 100
-+ip -6 route del local ::/0 dev lo table 100
-+ `
-+ }
-+
-+ command += `nft delete table inet v2raya`
-+ if !IsIPv6Supported() {
-+ command = strings.Replace(command, "inet", "ip", 1)
-+ }
-+ return Setter{Cmds: command}
-+}
---- a/core/iptables/utils.go
-+++ b/core/iptables/utils.go
-@@ -1,12 +1,13 @@
- package iptables
-
- import (
-+ "net"
-+ "strconv"
-+
- "github.com/v2rayA/v2rayA/common"
- "github.com/v2rayA/v2rayA/common/cmds"
- "github.com/v2rayA/v2rayA/conf"
- "golang.org/x/net/nettest"
-- "net"
-- "strconv"
- )
-
- func IPNet2CIDR(ipnet *net.IPNet) string {
-@@ -44,3 +45,21 @@ func IsIPv6Supported() bool {
- }
- return cmds.IsCommandValid("ip6tables")
- }
-+
-+func IsNFTablesSupported() bool {
-+
-+ switch conf.GetEnvironmentConfig().NFTablesSupport {
-+ // Warning:
-+ // This is an experimental feature for nftables support.
-+ // The default value is "off" for now but may be changed to "auto" in the future
-+ case "on":
-+ return true
-+ case "off":
-+ return false
-+ default:
-+ }
-+ if common.IsDocker() {
-+ return false
-+ }
-+ return cmds.IsCommandValid("nft")
-+}
---- a/core/iptables/watcher.go
-+++ b/core/iptables/watcher.go
-@@ -10,6 +10,7 @@ type LocalIPWatcher struct {
- cidrPool map[string]struct{}
- AddedFunc func(cidr string)
- RemovedFunc func(cidr string)
-+ UpdateFunc func(cidrs []string)
- }
-
- func NewLocalIPWatcher(interval time.Duration, AddedFunc func(cidr string), RemovedFunc func(cidr string)) *LocalIPWatcher {
---- a/core/v2ray/asset/asset.go
-+++ b/core/v2ray/asset/asset.go
-@@ -3,12 +3,6 @@ package asset
- import (
- "errors"
- "fmt"
-- "github.com/adrg/xdg"
-- "github.com/muhammadmuzzammil1998/jsonc"
-- "github.com/v2rayA/v2rayA/common/files"
-- "github.com/v2rayA/v2rayA/conf"
-- "github.com/v2rayA/v2rayA/core/v2ray/where"
-- "github.com/v2rayA/v2rayA/pkg/util/log"
- "io"
- "io/fs"
- "net/http"
-@@ -17,6 +11,13 @@ import (
- "path/filepath"
- "runtime"
- "time"
-+
-+ "github.com/adrg/xdg"
-+ "github.com/muhammadmuzzammil1998/jsonc"
-+ "github.com/v2rayA/v2rayA/common/files"
-+ "github.com/v2rayA/v2rayA/conf"
-+ "github.com/v2rayA/v2rayA/core/v2ray/where"
-+ "github.com/v2rayA/v2rayA/pkg/util/log"
- )
-
- func GetV2rayLocationAssetOverride() string {
-@@ -140,6 +141,10 @@ func GetV2rayConfigDirPath() (p string)
- return conf.GetEnvironmentConfig().V2rayConfigDirectory
- }
-
-+func GetNFTablesConfigPath() (p string) {
-+ return path.Join(conf.GetEnvironmentConfig().Config, "v2raya.nft")
-+}
-+
- func Download(url string, to string) (err error) {
- log.Info("Downloading %v to %v", url, to)
- c := http.Client{Timeout: 90 * time.Second}
---- a/core/v2ray/transparent.go
-+++ b/core/v2ray/transparent.go
-@@ -2,13 +2,14 @@ package v2ray
-
- import (
- "fmt"
-+ "strings"
-+ "time"
-+
- "github.com/v2rayA/v2rayA/conf"
- "github.com/v2rayA/v2rayA/core/iptables"
- "github.com/v2rayA/v2rayA/core/specialMode"
- "github.com/v2rayA/v2rayA/db/configure"
- "github.com/v2rayA/v2rayA/pkg/util/log"
-- "strings"
-- "time"
- )
-
- func deleteTransparentProxyRules() {
-@@ -45,12 +46,12 @@ func writeTransparentProxyRules() (err e
- }
- return fmt.Errorf("not support \"tproxy\" mode of transparent proxy: %w", err)
- }
-- iptables.SetWatcher(&iptables.Tproxy)
-+ iptables.SetWatcher(iptables.Tproxy)
- case configure.TransparentRedirect:
- if err = iptables.Redirect.GetSetupCommands().Run(true); err != nil {
- return fmt.Errorf("not support \"redirect\" mode of transparent proxy: %w", err)
- }
-- iptables.SetWatcher(&iptables.Redirect)
-+ iptables.SetWatcher(iptables.Redirect)
- case configure.TransparentSystemProxy:
- if err = iptables.SystemProxy.GetSetupCommands().Run(true); err != nil {
- return fmt.Errorf("not support \"system proxy\" mode of transparent proxy: %w", err)
include $(TOPDIR)/rules.mk
PKG_NAME:=cni-plugins-nft
-PKG_VERSION:=1.0.11
-PKG_RELEASE:=$(AUTORELEASE)
+PKG_VERSION:=1.0.12
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/greenpau/cni-plugins/archive/v$(PKG_VERSION)
-PKG_HASH:=f6c68268893c9d9967dd4d8f3684df0f4f989e7ebf373e72b20d1f290ff9e240
+PKG_HASH:=51c4b41c61f46c7dfc691d52dba301e7d8189589e1a625772f761ea3ae804fb3
PKG_MAINTAINER:=Oskari Rauta <oskari.rauta@gmail.com>
PKG_LICENSE:=Apache-2.0
$(eval $(call BuildPlugin,write-http,HTTP POST output,write_http,+PACKAGE_collectd-mod-write-http:libcurl))
$(eval $(call BuildScriptPlugin,sqm,SQM/qdisc collection,sqm_collectd,+PACKAGE_collectd-mod-sqm:collectd-mod-exec))
-$(eval $(call BuildScriptLuaPlugin,ltq-dsl,Lantiq DSL collection,dsl,ltq-dsl-app +PACKAGE_collectd-mod-ltq-dsl:collectd-mod-lua +libubus-lua))
+$(eval $(call BuildScriptLuaPlugin,ltq-dsl,Lantiq DSL collection,dsl,@ltq-dsl-app +PACKAGE_collectd-mod-ltq-dsl:collectd-mod-lua +libubus-lua))
include $(TOPDIR)/rules.mk
PKG_NAME:=compose
-PKG_VERSION:=2.16.0
+PKG_VERSION:=2.17.2
PKG_RELEASE:=1
PKG_LICENSE:=Apache-2.0
PKG_LICENSE_FILES:=LICENSE
PKG_SOURCE:=v$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/docker/compose/tar.gz/v${PKG_VERSION}?
-PKG_HASH:=556dc59075280442128f5b45a8ff37638fb357c2a956bd751dd0ba747c93e71d
+PKG_HASH:=d6e6de858ecdb0104991c86c66dde5dd4fb6a1160d707308d8ad3167450c8094
PKG_MAINTAINER:=Javier Marcet <javier@marcet.info>
include $(TOPDIR)/rules.mk
PKG_NAME:=gummiboot
-PKG_VERSION:=45
-PKG_RELEASE:=$(AUTORELEASE)
+PKG_VERSION:=48.1
+PKG_RELEASE:=1
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://github.com/rzr/gummiboot.git
-PKG_SOURCE_DATE:=2021-04-11
-PKG_SOURCE_VERSION:=eb3daf2ca4cb1657cf1f780957485d690a552bf6
-PKG_MIRROR_HASH:=4c57791693b57bbe36e85b49d70310728b8008c4c545006a71c5a5f71b8df501
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://dev.alpinelinux.org/archive/gummiboot/
+PKG_HASH:=2b649a6eb22007cd34bb355ba4ca6c1a8058e115c13048985f09a0f11f3d5295
PKG_LICENSE:=LGPL-2.1-or-later
PKG_LICENSE_FILES:=LICENSE
CONFIGURE_ARGS += \
--with-efi-libdir=$(STAGING_DIR)/usr/lib \
--with-efi-ldsdir=$(STAGING_DIR)/usr/lib \
- --with-efi-includedir=$(STAGING_DIR)/usr/include
+ --with-efi-includedir=$(STAGING_DIR)/usr/include \
+ --disable-manpages
define Build/Compile
+$(MAKE_VARS) EFI_CFLAGS="-I$(TOOLCHAIN_DIR)/include $(TARGET_CFLAGS)" \
--- /dev/null
+From koen.kooi at linaro.org Sat Apr 11 01:23:22 2015
+From: koen.kooi at linaro.org (Koen Kooi)
+Date: Sat, 11 Apr 2015 10:23:22 +0200
+Subject: [systemd-devel] [gummiboot][PATCH 1/5] Makefile: support non-x86
+ builds
+Message-ID: <1428740606-30060-1-git-send-email-koen.kooi@linaro.org>
+
+Move the no-mmx/no-sse CFLAGS to X86-64 and IA32 defines in preparation
+for ARM32 and Aarch64 support.
+
+Signed-off-by: Koen Kooi <koen.kooi at linaro.org>
+---
+ Makefile.am | 12 +++++++++---
+ 1 file changed, 9 insertions(+), 3 deletions(-)
+
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -94,17 +94,23 @@ efi_cflags = \
+ -ffreestanding \
+ -fno-strict-aliasing \
+ -fno-stack-protector \
+- -Wsign-compare \
+- -mno-sse \
+- -mno-mmx
++ -Wsign-compare
+
+ if ARCH_X86_64
+ efi_cflags += \
+ -mno-red-zone \
++ -mno-sse \
++ -mno-mmx
+ -DEFI_FUNCTION_WRAPPER \
+ -DGNU_EFI_USE_MS_ABI
+ endif
+
++if ARCH_IA32
++efi_cflags += \
++ -mno-sse \
++ -mno-mmx
++endif
++
+ efi_ldflags = \
+ $(EFI_LDFLAGS) \
+ -T $(EFI_LDS_DIR)/elf_$(ARCH)_efi.lds \
+@@ -115,6 +121,17 @@ efi_ldflags = \
+ -L $(EFI_LIB_DIR) \
+ $(EFI_LDS_DIR)/crt0-efi-$(ARCH).o
+
++# Aarch64 and ARM32 don't have an EFI capable objcopy
++if ARCH_AARCH64
++efi_ldflags += \
++ --defsym=EFI_SUBSYSTEM=0xa
++
++FORMAT = -O binary
++else
++FORMAT = --target=efi-app-$(ARCH)
++endif
++
++
+ # ------------------------------------------------------------------------------
+ gummiboot_headers = \
+ src/efi/util.h \
+@@ -150,7 +167,7 @@ $(gummiboot_solib): $(gummiboot_objects)
+ $(gummiboot): $(gummiboot_solib)
+ $(AM_V_GEN) objcopy -j .text -j .sdata -j .data -j .dynamic \
+ -j .dynsym -j .rel -j .rela -j .reloc \
+- --target=efi-app-$(ARCH) $< $@
++ $(FORMAT) $< $@
+
+ # ------------------------------------------------------------------------------
+ stub_headers = \
+@@ -185,7 +202,7 @@ $(stub_solib): $(stub_objects)
+ $(stub): $(stub_solib)
+ $(AM_V_GEN) objcopy -j .text -j .sdata -j .data -j .dynamic \
+ -j .dynsym -j .rel -j .rela -j .reloc \
+- --target=efi-app-$(ARCH) $< $@
++ $(FORMAT) $< $@
+
+ # ------------------------------------------------------------------------------
+ CLEANFILES += test-disk.img
+--- a/src/efi/util.c
++++ b/src/efi/util.c
+@@ -33,12 +33,17 @@ UINT64 ticks_read(VOID) {
+ __asm__ volatile ("rdtsc" : "=a" (a), "=d" (d));
+ return (d << 32) | a;
+ }
+-#else
++#elif __i386__
+ UINT64 ticks_read(VOID) {
+ UINT64 val;
+ __asm__ volatile ("rdtsc" : "=A" (val));
+ return val;
+ }
++#else
++UINT64 ticks_read(VOID) {
++ UINT64 val = 1;
++ return val;
++}
+ #endif
+
+ /* count TSC ticks during a millisecond delay */
+--- a/configure.ac
++++ b/configure.ac
+@@ -51,6 +51,7 @@ dnl Define ARCH_<NAME> conditionals
+ SET_ARCH(IA32, i*86*)
+ SET_ARCH(X86_64, x86_64*)
+ SET_ARCH(IA64, ia64*)
++SET_ARCH(AARCH64, aarch64*)
+
+ ARCH=`echo $host | sed "s/\(-\).*$//"`
+
+@@ -61,6 +62,9 @@ AM_COND_IF(ARCH_IA32, [
+ AM_COND_IF(ARCH_X86_64, [
+ MACHINE_TYPE_NAME=x64])
+
++AM_COND_IF(ARCH_AARCH64, [
++ MACHINE_TYPE_NAME=aa64])
++
+ AC_SUBST([ARCH])
+ AC_SUBST([MACHINE_TYPE_NAME])
+
include $(TOPDIR)/rules.mk
PKG_NAME:=open-vm-tools
-PKG_VERSION:=12.1.5
+PKG_VERSION:=12.2.0
PKG_RELEASE:=1
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-20735119.tar.gz
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-21223074.tar.gz
PKG_SOURCE_URL:=https://github.com/vmware/open-vm-tools/releases/download/stable-$(PKG_VERSION)
-PKG_HASH:=72cb68c71c59fd429bcb357926f41f07e21c737a341534b707fc1df010ed4868
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)-20735119
+PKG_HASH:=ddc797cb75c435ad03c197ee0753156add148d06aefb14587dd31bff7556479a
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)-21223074
PKG_LICENSE:=LGPL-2.1-or-later
PKG_LICENSE_FILES:=LICENSE
PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
-PKG_BUILD_DEPENDS:=glib2/host
+PKG_BUILD_DEPENDS:=glib2/host rpcsvc-proto/host
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/nls.mk
--- a/configure.ac
+++ b/configure.ac
-@@ -1451,7 +1451,17 @@ AC_C_VOLATILE
+@@ -1461,7 +1461,17 @@ AC_C_VOLATILE
### General flags / actions
CFLAGS="$CFLAGS -Wall"
--- a/configure.ac
+++ b/configure.ac
-@@ -1441,6 +1441,7 @@ AC_TYPE_OFF_T
+@@ -1451,6 +1451,7 @@ AC_TYPE_OFF_T
AC_TYPE_PID_T
AC_TYPE_SIZE_T
AC_CHECK_MEMBERS([struct stat.st_rdev])
--- a/configure.ac
+++ b/configure.ac
-@@ -1169,6 +1169,7 @@ AC_CHECK_FUNCS(
+@@ -1179,6 +1179,7 @@ AC_CHECK_FUNCS(
AC_CHECK_FUNCS([ecvt])
AC_CHECK_FUNCS([fcvt])
AC_CHECK_FUNC([mkdtemp], [have_mkdtemp=yes])
-@@ -1378,10 +1379,13 @@ fi
+@@ -1388,10 +1389,13 @@ fi
###
AC_CHECK_HEADERS([crypt.h])
#ifdef __APPLE__
#include <sys/socket.h>
#include <TargetConditionals.h>
-@@ -1025,31 +1022,32 @@ Id_EndSuperUser(uid_t uid) // IN:
+@@ -1025,24 +1022,23 @@ Id_EndSuperUser(uid_t uid) // IN:
static Bool
IdIsSetUGid(void)
{
* We use __secure_getenv, which returns NULL if the binary is
- * setuid or setgid. Alternatives include,
+ * setuid or setgid, when issetugid or getauxval(AT_SECURE) is not
-+ * available. Alternatives include,
++ * available. Alternatives included
*
- * a) getauxval(AT_SECURE); not available until glibc 2.16.
- * b) __libc_enable_secure; may not be exported.
+ * a) issetugid(); not (yet?) available in glibc.
+ * b) getauxval(AT_SECURE); not available until glibc 2.16.
-+ * c) __libc_enable_secure; may not be exported.
++ * c) c) __libc_enable_secure; may not be exported.
*
- * Use (a) when we are based on glibc 2.16, or newer.
+ * Use (b) when we are based on glibc 2.16, or newer.
+#elif HAVE___SECURE_GETENV
static const char envName[] = "VMW_SETUGID_TEST";
- if (setenv(envName, "1", TRUE) == -1) {
- return TRUE; /* Conservative */
+ /*
+@@ -1062,7 +1058,9 @@ IdIsSetUGid(void)
+ return secure_getenv(envName) == NULL;
}
- return __secure_getenv(envName) == NULL;
+ return TRUE;
-#endif
+#else
+ /* Android does not have a secure_getenv, so be conservative. */
#include "unicodeOperations.h"
--- a/lib/include/asyncsocket.h
+++ b/lib/include/asyncsocket.h
-@@ -171,7 +171,7 @@ typedef struct AsyncSocket AsyncSocket;
+@@ -175,7 +175,7 @@ typedef struct AsyncSocket AsyncSocket;
* Or the client can specify its favorite poll class and locking behavior.
* Use of IVmdbPoll is only supported for regular sockets and for Attach.
*/
#include <stdlib.h>
#include <stdio.h>
#include <unistd.h>
-@@ -2573,7 +2574,7 @@ HgfsStatToFileAttr(struct stat *stats,
+@@ -2566,7 +2567,7 @@ HgfsStatToFileAttr(struct stat *stats,
# define FMTTIMET "l"
# endif
#else
#endif
LOG(4, "access: %"FMTTIMET"d/%"FMT64"u \nwrite: %"FMTTIMET"d/%"FMT64"u \n"
"attr: %"FMTTIMET"d/%"FMT64"u\n",
-@@ -5301,7 +5302,7 @@ HgfsWriteCheckIORange(off_t offset,
+@@ -5294,7 +5295,7 @@ HgfsWriteCheckIORange(off_t offset,
goto exit;
}
PKG_NAME:=ripgrep
PKG_VERSION:=13.0.0
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/BurntSushi/ripgrep/tar.gz/$(PKG_VERSION)?
PKG_BUILD_DEPENDS:=rust/host
-include ../../lang/rust/rust-package.mk
-include $(INCLUDE_DIR)/package.mk
+RUST_PKG_FEATURES:=pcre2
-define Build/Compile
- $(call Build/Compile/Cargo,, --features 'pcre2')
-endef
+include $(INCLUDE_DIR)/package.mk
+include ../../lang/rust/rust-package.mk
define Package/ripgrep
SECTION:=utils
while respecting your gitignore
endef
-define Package/ripgrep/install
- $(INSTALL_DIR) $(1)/bin
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/target/$(RUSTC_TARGET_ARCH)/stripped/rg $(1)/bin/rg
-endef
-
+$(eval $(call RustBinPackage,ripgrep))
$(eval $(call BuildPackage,ripgrep))
PKG_HOST_ONLY:=1
HOST_BUILD_PARALLEL:=1
+HOST_BUILD_DEPENDS:=pcre2/host
include $(INCLUDE_DIR)/host-build.mk
include $(INCLUDE_DIR)/package.mk
endef
HOST_CONFIGURE_ARGS += \
- --without-pcre
+ --with-pcre
define Package/swig/description
tool that generates bindings for various languages
include $(TOPDIR)/rules.mk
PKG_NAME:=syncthing
-PKG_VERSION:=1.23.0
+PKG_VERSION:=1.23.2
PKG_RELEASE:=1
PKG_SOURCE:=syncthing-source-v$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/syncthing/syncthing/releases/download/v$(PKG_VERSION)
-PKG_HASH:=0f66d3dd2a7915a6f3ca6773c1dc02345444b2644a533211ce1ee57b371ae458
+PKG_HASH:=3d0eca0e6f4eaaeba4879918b3f54f47d59fb5f4288a83af821d509271ada189
PKG_BUILD_DIR=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)/$(PKG_NAME)
include $(TOPDIR)/rules.mk
PKG_NAME:=xz
-PKG_VERSION:=5.4.1
+PKG_VERSION:=5.4.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=@SF/lzmautils
-PKG_HASH:=dd172acb53867a68012f94c17389401b2f274a1aa5ae8f84cbfb8b7e383ea8d3
+PKG_HASH:=aa49909cbd9028c4666a35fa4975f9a6203ed98154fbb8223ee43ef9ceee97c3
PKG_MAINTAINER:=
PKG_LICENSE:=Public-Domain LGPL-2.1-or-later GPL-2.0-or-later GPL-3.0-or-later
include $(TOPDIR)/rules.mk
PKG_NAME:=yq
-PKG_VERSION:=4.31.2
+PKG_VERSION:=4.33.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/mikefarah/yq/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=82d5ef2ab01bc5065e7efe671d92fb82e53f41dc67b04cab6c3b22fd144bd009
+PKG_HASH:=c38b8210fb5a80ac88314fa346ea31f3dc9324cae9fe93cb334cacf909e09bc3
PKG_MAINTAINER:=Tianling Shen <cnsztl@immortalwrt.org>
PKG_LICENSE:=MIT