(See <http://wiki.openwrt.org/doc/devel/packages> for overall format and construction)
-All packages you commit or submit by pull-request should follow these simple guidelines:
+### Basic guidelines
+All packages you commit or submit by pull-request should follow these simple guidelines:
* Package a version which is still maintained by the upstream author.
* Will be updated regularly to maintained and supported versions.
* Have no dependencies outside the OpenWrt core packages or this repository feed.
* Do NOT use a rolling source file (e.g. foo-latest.tar.gz) or the head of a branch as source for the package since that would create unpredictable builds which change over time.
* Best of all -- it works as expected!
-Makefile contents should contain:
+#### Makefile contents should contain:
* An up-to-date copyright notice. Use OpenWrt if no other present or supply your own.
-* A (PKG_)MAINTAINER definition listing either yourself or another person in the field.
+* A (PKG_)MAINTAINER definition listing either yourself or another person in the field.
(E.g.: PKG_MAINTAINER:= Joe D. Hacker `<jdh@jdhs-email-provider.org`>)
* A PKG_LICENSE tag declaring the main license of the package.
(E.g.: PKG_LICENSE:=GPL-2.0+) Please use SPDX identifiers if possible (see list at the bottom).
(E.g.: PKG_LICENSE_FILES:=COPYING)
* PKG_RELEASE should be initially set to 1 or reset to 1 if the software version is changed. You should increment it if the package itself has changed. For example, modifying a support script, changing configure options like --disable* or --enable* switches, or if you changed something in the package which causes the resulting binaries to be different. Changes like correcting md5sums, changing mirror URLs, adding a maintainer field or updating a comment or copyright year in a Makefile do not require a change to PKG_RELEASE.
-Commits in your pull-requests should:
+#### Commits in your pull-requests should:
-* Have a useful description prefixed with the package name
+* Have a useful description prefixed with the package name
(E.g.: "foopkg: Add libzot dependency")
-* Include Signed-off-by in the comment
+* Include Signed-off-by in the comment
(See <https://dev.openwrt.org/wiki/SubmittingPatches#a10.Signyourwork>)
-If you have commit access:
+### Advice on pull requests:
+
+Pull requests are the easiest way to contribute changes to git repos at Github. They are the preferred contribution method, as they offer a nice way for commenting and amending the proposed changes.
+
+* You need a local "fork" of the Github repo.
+* Use a "feature branch" for your changes. That separates the changes in the pull request from your other changes and makes it easy to edit/amend commits in the pull request. Workflow using "feature_x" as the example:
+ - Update your local git fork to the tip (of the master, usually)
+ - Create the feature branch with `git checkout -b feature_x`
+ - Edit changes and commit them locally
+ - Push them to your Github fork by `git push -u origin feature_x`. That creates the "feature_x" branch at your Github fork and sets it as the remote of this branch
+ - When you now visit Github, you should see a proposal to create a pull request
+
+* If you later need to add new commits to the pull request, you can simply commit the changes to the local branch and then use `git push` to automatically update the pull request.
+
+* If you need to change something in the existing pull request (e.g. to add a missing signed-off-by line to the commit message), you can use `git push -f` to overwrite the original commits. That is easy and safe when using a feature branch. Example workflow:
+ - Checkout the feature branch by `git checkout feature_x`
+ - Edit changes and commit them locally. If you are just updating the commit message in the last commit, you can use `git commit --amend` to do that
+ - If you added several new commits or made other changes that require cleaning up, you can use `git rebase -i HEAD~X` (X = number of commits to edit) to possibly squash some commits
+ - Push the changed commits to Github with `git push -f` to overwrite the original commits in the "feature_x" branch with the new ones. The pull request gets automatically updated
+
+### If you have commit access:
* Do NOT use git push --force.
* Do NOT commit to other maintainer's packages without their consent.
* Use Pull Requests if you are unsure and to suggest changes to other maintainers.
-Gaining commit access:
+#### Gaining commit access:
* We will gladly grant commit access to responsible contributors who have made
useful pull requests and / or feedback or patches to this repository or
OpenWrt in general. Please include your request for commit access in your
next pull request or ticket.
-Release Branches:
+### Release Branches:
* Branches named "for-XX.YY" (e.g. for-14.07) are release branches.
* These branches are built with the respective OpenWrt release and are created
* Do NOT add new packages and do NOT do major upgrades of packages here.
* If you are unsure if your change is suitable, please use a pull request.
-####Common LICENSE tags (short list)
+### Common LICENSE tags (short list)
(Complete list can be found at: <http://spdx.org/licenses>)
-####
| Full Name | Identifier |
|---|:---|
include $(TOPDIR)/rules.mk
PKG_NAME:=debootstrap
-PKG_VERSION:=1.0.72
+PKG_VERSION:=1.0.75
PKG_RELEASE:=1
PKG_MAINTAINER=Daniel Golle <daniel@makrotopia.org>
PKG_SOURCE:=$(PKG_NAME)-udeb_$(PKG_VERSION)_all.udeb
PKG_SOURCE_URL:=http://ftp.debian.org/debian/pool/main/d/debootstrap
-PKG_MD5SUM:=49f24e3299352aa5453f725ec0d55566
+PKG_MD5SUM:=5b568d66390d76fba87b839984254730
PKG_LICENSE:=Unique
PKG_LICENSE_FILES:=debian/copyright
include $(TOPDIR)/rules.mk
PKG_NAME:=micropython-lib
-PKG_VERSION=0.5-20150827-$(PKG_SOURCE_VERSION)
+PKG_VERSION=0.5-20151122-$(PKG_SOURCE_VERSION)
PKG_RELEASE:=1
PKG_MAINTAINER:=Roger D <rogerdammit@gmail.com>
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/micropython/micropython-lib.git
-PKG_SOURCE_VERSION:=bfbbf85a181d84e2494ea6f15be311734666bf67
+PKG_SOURCE_VERSION:=9643541e6e89b96cb9785a618b19865f8c0f7215
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION)
PKG_SOURCE:=$(PKG_SOURCE_SUBDIR).tar.gz
include $(TOPDIR)/rules.mk
PKG_NAME:=micropython
-PKG_VERSION=1.4.5-20150827-$(PKG_SOURCE_VERSION)
+PKG_VERSION=1.5-20151122-$(PKG_SOURCE_VERSION)
PKG_RELEASE:=1
PKG_MAINTAINER:=Roger D <rogerdammit@gmail.com>
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/micropython/micropython.git
-PKG_SOURCE_VERSION:=936e25b164d837fc91e4bafd76580e747b235dff
+PKG_SOURCE_VERSION:=4120f32292090bd811165fe76780e4e74e3450b9
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE:=$(PKG_SOURCE_SUBDIR).tar.gz
PKG_SOURCE:=node-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://nodejs.org/dist/${PKG_VERSION}
+HOST_BUILD_DEPENDS:=python/host
PKG_BUILD_DEPENDS:=python/host
PKG_INSTALL:=1
PKG_USE_MIPS16:=0
PKG_NAME:=perl
PKG_VERSION:=5.22.0
-PKG_RELEASE:=3
+PKG_RELEASE:=5
PKG_SOURCE_URL:=ftp://ftp.cpan.org/pub/CPAN/src/5.0 \
http://www.cpan.org/src/5.0 \
# Target perl
define Build/Configure
$(PERL_CMD) files/perlconfig.pl -Dowrt:target_cc='$(TARGET_CC)' \
+ -Dowrt:gccversion=$(CONFIG_GCC_VERSION) \
-Dowrt:target_cross='$(TARGET_CROSS)' \
-Dowrt:cflags='$(TARGET_CFLAGS_PERL) $(TARGET_CPPFLAGS_PERL)' \
-Dowrt:ldflags='-rdynamic $(TARGET_LDFLAGS)' \
- -Dowrt:libc=$(CONFIG_LIBC) \
+ -Dowrt:libc=$(subst uClibc,uclibc,$(CONFIG_LIBC)) \
-Dowrt:ipv6=$(if $($(CONFIG_IPV6)),define,undef) \
-Dowrt:threads=$(if $(CONFIG_PERL_THREADS),yes,no) \
-Dowrt:staging_dir='$(STAGING_DIR)' \
owrt:ipv6 define/undef Whether to enable IPv6 support.
owrt:target_cross * Target architecture's host triplet.
owrt:target_cc * C compiler to use.
+owrt:gccversion * target_cc's version number.
owrt:cflags * Additional C compiler flags.
owrt:ldflags * Additional linker flags.
owrt:staging_dir * Same as OpenWRT buildroot's
ldflags="$ldflags -L$owrt:staging_dir/lib"
}
-# uclibc does not provide crypt_r(). Enable crypt() usage for glibc builds only
-($owrt:libc ne 'glibc') {
+# uclibc does not provide crypt_r().
+($owrt:libc eq 'uclibc') {
crypt_r_proto='0'
- i_crypt='undef'
- d_crypt='undef'
d_crypt_r='undef'
}
cf_email='naoir@gmx.net'
osvers='3.18.19'
-gccversion='4.8.0'
+gccversion="$owrt:gccversion"
myhostname='OpenWrt'
cf_time='Thu Jan 1 12:00:00 CEST 2015'
include $(TOPDIR)/rules.mk
PKG_NAME:=php
-PKG_VERSION:=5.6.15
+PKG_VERSION:=5.6.16
PKG_RELEASE:=1
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org>, Michael Heimpold <mhei@heimpold.de>
PKG_LICENSE:=PHPv3.01
PKG_LICENSE_FILES:=LICENSE
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://www.php.net/distributions/
-PKG_MD5SUM:=bdfa8fb1b895a25e1cc05c162f9ae5fc
+PKG_MD5SUM:=3f1d999ed1f9cb5713c9a0161c557f2f
PKG_FIXUP:=libtool autoreconf
PKG_BUILD_PARALLEL:=1
--- /dev/null
+#
+# Copyright (C) 2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=cffi
+PKG_VERSION:=1.3.0
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://pypi.python.org/packages/source/c/cffi
+PKG_MD5SUM:=a40ed8c8ac653c8fc7d5603711b06eaf
+
+PKG_BUILD_DEPENDS:=python python-setuptools
+
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=LICENSE
+PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
+
+include $(INCLUDE_DIR)/package.mk
+$(call include_mk, python-package.mk)
+
+define Package/python-cffi
+ SECTION:=lang
+ CATEGORY:=Languages
+ SUBMENU:=Python
+ TITLE:=python-cffi
+ URL:=http://cffi.readthedocs.org/
+ DEPENDS:=+libffi +python-light +python-pycparser
+endef
+
+define Package/python-cffi/description
+Foreign Function Interface for Python calling C code.
+endef
+
+define Build/Compile
+ $(call Build/Compile/PyMod,,install --prefix=/usr --root=$(PKG_INSTALL_DIR))
+endef
+
+$(eval $(call PyPackage,python-cffi))
+$(eval $(call BuildPackage,python-cffi))
--- /dev/null
+#
+# Copyright (C) 2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=enum34
+PKG_VERSION:=1.0.4
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://pypi.python.org/packages/source/e/enum34
+PKG_MD5SUM:=ac80f432ac9373e7d162834b264034b6
+
+PKG_LICENSE:=BSD-3-Clause
+PKG_LICENSE_FILES:=enum/LICENSE
+PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
+
+include $(INCLUDE_DIR)/package.mk
+$(call include_mk, python-package.mk)
+
+define Package/python-enum34
+ SECTION:=lang
+ CATEGORY:=Languages
+ SUBMENU:=Python
+ TITLE:=python-enum34
+ URL:=https://pypi.python.org/pypi/enum34/
+ DEPENDS:=+python-light
+endef
+
+define Package/python-enum34/description
+enum34 is the new Python stdlib enum module available in Python 3.4
+backported for previous versions of Python from 2.4 to 3.3.
+endef
+
+define Build/Compile
+ $(call Build/Compile/PyMod,,install --prefix=/usr --root=$(PKG_INSTALL_DIR))
+endef
+
+$(eval $(call PyPackage,python-enum34))
+$(eval $(call BuildPackage,python-enum34))
--- /dev/null
+#
+# Copyright (C) 2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=idna
+PKG_VERSION:=2.0
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://pypi.python.org/packages/source/i/idna
+PKG_MD5SUM:=bd17a9d15e755375f48a62c13b25b801
+
+PKG_BUILD_DEPENDS:=python python-setuptools
+
+PKG_LICENSE:=BSD-3-Clause
+PKG_LICENSE_FILES:=LICENSE.rst
+PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
+
+include $(INCLUDE_DIR)/package.mk
+$(call include_mk, python-package.mk)
+
+define Package/python-idna
+ SECTION:=lang
+ CATEGORY:=Languages
+ SUBMENU:=Python
+ TITLE:=python-idna
+ URL:=https://github.com/kjd/idna
+ DEPENDS:=+python-light
+endef
+
+define Package/python-idna/description
+A library to support the Internationalised Domain Names in Applications
+(IDNA) protocol as specified in RFC 5891. This version of the protocol
+is often referred to as "IDNA2008" and can produce different results
+from the earlier standard from 2003.
+endef
+
+define Build/Compile
+ $(call Build/Compile/PyMod,,install --prefix=/usr --root=$(PKG_INSTALL_DIR))
+endef
+
+$(eval $(call PyPackage,python-idna))
+$(eval $(call BuildPackage,python-idna))
--- /dev/null
+#
+# Copyright (C) 2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=ipaddress
+PKG_VERSION:=1.0.15
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://pypi.python.org/packages/source/i/ipaddress
+PKG_MD5SUM:=12915e923b738107e47827478d553ba1
+
+PKG_BUILD_DEPENDS:=python python-setuptools
+
+PKG_LICENSE:=Python-2.0
+PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
+
+include $(INCLUDE_DIR)/package.mk
+$(call include_mk, python-package.mk)
+
+define Package/python-ipaddress
+ SECTION:=lang
+ CATEGORY:=Languages
+ SUBMENU:=Python
+ TITLE:=python-ipaddress
+ URL:=https://github.com/phihag/ipaddress
+ DEPENDS:=+python-light
+endef
+
+define Package/python-ipaddress/description
+Python 3.3+'s ipaddress for Python 2.6, 2.7, 3.2.
+endef
+
+define Build/Compile
+ $(call Build/Compile/PyMod,,install --prefix=/usr --root=$(PKG_INSTALL_DIR))
+endef
+
+$(eval $(call PyPackage,python-ipaddress))
+$(eval $(call BuildPackage,python-ipaddress))
PKG_NAME:=python-pip
PKG_VERSION:=7.1.2
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=pip-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://pypi.python.org/packages/source/p/pip/
CATEGORY:=Languages
TITLE:=Tool for installing Python packages.
URL:=https://pip.pypa.io
- DEPENDS:=+python +python-setuptools
+ DEPENDS:=+python +python-setuptools +ca-certificates
MAINTAINER:=Alexandru Ardelean <ardeleanalex@gmail.com>
endef
--- /dev/null
+#
+# Copyright (C) 2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=ply
+PKG_VERSION:=3.8
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=http://www.dabeaz.com/ply
+PKG_MD5SUM:=94726411496c52c87c2b9429b12d5c50
+
+PKG_BUILD_DEPENDS:=python python-setuptools
+
+PKG_LICENSE:=BSD-3-Clause
+PKG_LICENSE_FILES:=README.md
+PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
+
+include $(INCLUDE_DIR)/package.mk
+$(call include_mk, python-package.mk)
+
+define Package/python-ply
+ SECTION:=lang
+ CATEGORY:=Languages
+ SUBMENU:=Python
+ TITLE:=python-ply
+ URL:=http://www.dabeaz.com/ply/
+ DEPENDS:=+python-light
+endef
+
+define Package/python-ply/description
+PLY is a 100% Python implementation of the common parsing tools lex
+and yacc.
+endef
+
+define Build/Compile
+ $(call Build/Compile/PyMod,,install --prefix=/usr --root=$(PKG_INSTALL_DIR))
+endef
+
+define Build/InstallDev
+ $(INSTALL_DIR) $(1)$(PYTHON_PKG_DIR)
+ $(CP) \
+ $(PKG_INSTALL_DIR)$(PYTHON_PKG_DIR)/* \
+ $(1)$(PYTHON_PKG_DIR)
+endef
+
+$(eval $(call PyPackage,python-ply))
+$(eval $(call BuildPackage,python-ply))
--- /dev/null
+#
+# Copyright (C) 2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=pyasn1
+PKG_VERSION:=0.1.9
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://pypi.python.org/packages/source/p/pyasn1
+PKG_MD5SUM:=f00a02a631d4016818659d1cc38d229a
+
+PKG_BUILD_DEPENDS:=python python-setuptools
+
+PKG_LICENSE:=BSD-2-Clause
+PKG_LICENSE_FILES:=LICENSE.txt
+PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
+
+include $(INCLUDE_DIR)/package.mk
+$(call include_mk, python-package.mk)
+
+define Package/python-pyasn1
+ SECTION:=lang
+ CATEGORY:=Languages
+ SUBMENU:=Python
+ TITLE:=python-pyasn1
+ URL:=http://pyasn1.sourceforge.net/
+ DEPENDS:=+python-light
+endef
+
+define Package/python-pyasn1/description
+This is an implementation of ASN.1 types and codecs in Python programming
+language. It has been first written to support particular protocol (SNMP)
+but then generalized to be suitable for a wide range of protocols
+based on ASN.1 specification.
+endef
+
+define Build/Compile
+ $(call Build/Compile/PyMod,,install --prefix=/usr --root=$(PKG_INSTALL_DIR))
+endef
+
+$(eval $(call PyPackage,python-pyasn1))
+$(eval $(call BuildPackage,python-pyasn1))
--- /dev/null
+#
+# Copyright (C) 2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=pycparser
+PKG_VERSION:=2.14
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://pypi.python.org/packages/source/p/pycparser
+PKG_MD5SUM:=a2bc8d28c923b4fe2b2c3b4b51a4f935
+
+PKG_BUILD_DEPENDS:=python python-setuptools
+
+PKG_LICENSE:=BSD-3-Clause
+PKG_LICENSE_FILES:=LICENSE
+PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
+
+include $(INCLUDE_DIR)/package.mk
+$(call include_mk, python-package.mk)
+
+define Package/python-pycparser
+ SECTION:=lang
+ CATEGORY:=Languages
+ SUBMENU:=Python
+ TITLE:=python-pycparser
+ URL:=https://github.com/eliben/pycparser
+ DEPENDS:=+python-light +python-ply
+endef
+
+define Package/python-pycparser/description
+pycparser is a parser for the C language, written in pure Python. It is a
+module designed to be easily integrated into applications that need to parse
+C source code.
+endef
+
+define PyPackage/python-pycparser/filespec
++|$(PYTHON_PKG_DIR)
+-|$(PYTHON_PKG_DIR)/pycparser/ply
+endef
+
+define Build/Compile
+ $(call Build/Compile/PyMod,,install --prefix=/usr --root=$(PKG_INSTALL_DIR))
+endef
+
+$(eval $(call PyPackage,python-pycparser))
+$(eval $(call BuildPackage,python-pycparser))
--- /dev/null
+diff --git a/pycparser/c_lexer.py b/pycparser/c_lexer.py
+index cbb9d26..cbd7742 100644
+--- a/pycparser/c_lexer.py
++++ b/pycparser/c_lexer.py
+@@ -9,8 +9,8 @@
+ import re
+ import sys
+
+-from .ply import lex
+-from .ply.lex import TOKEN
++from ply import lex
++from ply.lex import TOKEN
+
+
+ class CLexer(object):
+diff --git a/pycparser/c_parser.py b/pycparser/c_parser.py
+index f4f7453..5c0ca88 100644
+--- a/pycparser/c_parser.py
++++ b/pycparser/c_parser.py
+@@ -8,7 +8,7 @@
+ #------------------------------------------------------------------------------
+ import re
+
+-from .ply import yacc
++from ply import yacc
+
+ from . import c_ast
+ from .c_lexer import CLexer
+diff --git a/setup.py b/setup.py
+index fdccbb3..036a10b 100644
+--- a/setup.py
++++ b/setup.py
+@@ -49,7 +49,7 @@ setup(
+ classifiers = [
+ 'Programming Language :: Python :: 2',
+ 'Programming Language :: Python :: 3',],
+- packages=['pycparser', 'pycparser.ply'],
++ packages=['pycparser'],
+ package_data={'pycparser': ['*.cfg']},
+ cmdclass={'install': install, 'sdist': sdist},
+ )
include $(TOPDIR)/rules.mk
PKG_NAME:=python-setuptools
-PKG_VERSION:=18.5
+PKG_VERSION:=18.7
PKG_RELEASE:=1
PKG_SOURCE:=setuptools-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://pypi.python.org/packages/source/s/setuptools/
-PKG_MD5SUM:=533c868f01169a3085177dffe5e768bb
+PKG_MD5SUM:=295d7aaef2da7d6ff10b522581da0cf9
HOST_BUILD_DEPENDS:=python/host
CATEGORY:=Languages
TITLE:=Tool for installing Python packages.
URL:=https://bitbucket.org/pypa/setuptools
- DEPENDS:=+python
+ DEPENDS:=+python +ca-certificates
MAINTAINER:=Alexandru Ardelean <ardeleanalex@gmail.com>
endef
--- /dev/null
+#
+# Copyright (C) 2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=six
+PKG_VERSION:=1.10.0
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://pypi.python.org/packages/source/s/six
+PKG_MD5SUM:=34eed507548117b2ab523ab14b2f8b55
+
+PKG_BUILD_DEPENDS:=python python-setuptools
+
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=LICENSE
+PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
+
+include $(INCLUDE_DIR)/package.mk
+$(call include_mk, python-package.mk)
+
+define Package/python-six
+ SECTION:=lang
+ CATEGORY:=Languages
+ SUBMENU:=Python
+ TITLE:=python-six
+ URL:=https://pypi.python.org/pypi/six
+ DEPENDS:=+python-light
+endef
+
+define Package/python-six/description
+Six is a Python 2 and 3 compatibility library. It provides utility functions
+for smoothing over the differences between the Python versions with the goal of
+writing Python code that is compatible on both Python versions. See the
+documentation for more information on what is provided.
+endef
+
+define Build/Compile
+ $(call Build/Compile/PyMod,,install --prefix=/usr --root=$(PKG_INSTALL_DIR))
+endef
+
+$(eval $(call PyPackage,python-six))
+$(eval $(call BuildPackage,python-six))
HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/Python-$(PKG_VERSION)
PKG_BUILD_DEPENDS:=python/host
-HOST_BUILD_DEPENDS:=bzip2/host
+HOST_BUILD_DEPENDS:=bzip2/host expat/host
include $(INCLUDE_DIR)/host-build.mk
include $(INCLUDE_DIR)/package.mk
$(INSTALL_DIR) $(STAGING_DIR)/mk/
$(INSTALL_DIR) $(1)/usr/include/ $(1)/usr/lib/ $(1)/usr/lib/pkgconfig
$(INSTALL_DIR) $(1)/usr/lib/python$(PYTHON_VERSION)/
- $(INSTALL_DATA) ./files/python-package.mk $(STAGING_DIR)/mk/
+ $(INSTALL_DATA) \
+ ./files/python-package.mk \
+ ./files/python-host.mk \
+ $(STAGING_DIR)/mk/
$(CP) \
$(PKG_INSTALL_DIR)/usr/include/python$(PYTHON_VERSION) \
$(1)/usr/include/
--- /dev/null
+#
+# Copyright (C) 2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+HOST_PYTHON_INC_DIR:=$(STAGING_DIR_HOST)/include/python$(PYTHON_VERSION)
+
+HOST_PYTHON_PKG_DIR:=/lib/python$(PYTHON_VERSION)/site-packages
+
+HOST_PYTHONPATH:=$(HOST_PYTHON_LIB_DIR):$(STAGING_DIR_HOST)/$(HOST_PYTHON_PKG_DIR)
+define HostHostPython
+ ( export PYTHONPATH="$(HOST_PYTHONPATH)"; \
+ export PYTHONOPTIMIZE=""; \
+ export PYTHONDONTWRITEBYTECODE=1; \
+ export _python_sysroot="$(STAGING_DIR_HOST)"; \
+ export _python_prefix=""; \
+ export _python_exec_prefix=""; \
+ $(1) \
+ $(HOST_PYTHON_BIN) $(2); \
+ )
+endef
+
+# These configure args are needed in detection of path to Python header files
+# using autotools.
+HOST_CONFIGURE_ARGS += \
+ _python_sysroot="$(STAGING_DIR_HOST)" \
+ _python_prefix="" \
+ _python_exec_prefix=""
+
+# $(1) => build subdir
+# $(2) => additional arguments to setup.py
+# $(3) => additional variables
+define Build/Compile/HostPyMod
+ $(call HostHostPython, \
+ cd $(HOST_BUILD_DIR)/$(strip $(1)); \
+ CC="$(HOSTCC)" \
+ CCSHARED="$(HOSTCC) $(HOST_FPIC)" \
+ CXX="$(HOSTCXX)" \
+ LD="$(HOSTCC)" \
+ LDSHARED="$(HOSTCC) -shared" \
+ CFLAGS="$(HOST_CFLAGS)" \
+ CPPFLAGS="$(HOST_CPPFLAGS) -I$(HOST_PYTHON_INC_DIR)" \
+ LDFLAGS="$(HOST_LDFLAGS) -lpython$(PYTHON_VERSION)" \
+ _PYTHON_HOST_PLATFORM=linux2 \
+ __PYVENV_LAUNCHER__="/usr/bin/$(PYTHON)" \
+ $(3) \
+ , \
+ ./setup.py $(2) \
+ )
+endef
+
--- /dev/null
+#
+# Copyright (C) 2006-2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=zope.interface
+PKG_VERSION:=4.1.3
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://pypi.python.org/packages/source/z/zope.interface
+PKG_MD5SUM:=9ae3d24c0c7415deb249dd1a132f0f79
+
+PKG_BUILD_DEPENDS:=python python-setuptools
+
+PKG_LICENSE:=ZPL-2.1
+PKG_LICENSE_FILES:=LICENSE.txt
+PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
+
+include $(INCLUDE_DIR)/package.mk
+$(call include_mk, python-package.mk)
+
+define Package/zope-interface
+ SECTION:=lang
+ CATEGORY:=Languages
+ SUBMENU:=Python
+ TITLE:=Zope interface
+ URL:=https://github.com/zopefoundation/zope.interface
+ DEPENDS:=+python-light
+endef
+
+define Package/zope-interface/description
+This package provides an implementation of "object interfaces" for
+Python. Interfaces are a mechanism for labeling objects as conforming to
+a given API or contract. So, this package can be considered as
+implementation of the Design By Contract methodology support in Python.
+endef
+
+define PyPackage/zope-interface/filespec
++|$(PYTHON_PKG_DIR)
+-|$(PYTHON_PKG_DIR)/zope/interface/common/tests
+-|$(PYTHON_PKG_DIR)/zope/interface/tests
+endef
+
+define Build/Compile
+ $(call Build/Compile/PyMod,, \
+ install --prefix="/usr" --root="$(PKG_INSTALL_DIR)" --no-compile, \
+ )
+endef
+
+$(eval $(call PyPackage,zope-interface))
+$(eval $(call BuildPackage,zope-interface))
PKG_NAME:=boost
PKG_VERSION:=1_59_0
-PKG_RELEASE:=3
+PKG_RELEASE:=6
PKG_SOURCE:=$(PKG_NAME)_$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@SF/boost
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/host-build.mk
-# For now, the combination TARGET_mpc85xx&&USE_UCLIBC disables boost due to incompatibility
+
define Package/boost/Default
SECTION:=libs
CATEGORY:=Libraries
TITLE:=Boost C++ source library
URL:=http://www.boost.org
- DEPENDS:=@(!(TARGET_mpc85xx&&USE_UCLIBC)) +libstdcpp +libpthread +librt
+ DEPENDS:=+libstdcpp +libpthread +librt
endef
define Package/boost/description/Default
- Boost provides free peer-reviewed portable C++ source libraries
+ true
+endef
+
+define Package/boost/description
+This package provides the Boost v1.59 libraries.
+Boost is a set of free, peer-reviewed, portable C++ source libraries.
+This package provides the following libraries:
+ - atomic
+ - chrono
+ - container
+ - context
+ - coroutine
+ - - coroutine2 (requires GCC v5 and up)
+ - date_time
+ - exception
+ - filesystem
+ - graph
+ - - graph-parallel
+ - iostreams
+ - locale
+ - log
+ - math
+ - program_options
+ - python
+ - python3
+ - random
+ - regex
+ - serialization
+ - signals
+ - system
+ - thread
+ - timer
+ - wave
endef
BOOST_LIBS =
true
endef
-# For now, the combination TARGET_mpc85xx&&USE_UCLIBC disables boost due to incompatibility
+
define Package/boost
$(call Package/boost/Default)
TITLE+= packages
- DEPENDS:=@(!(TARGET_mpc85xx&&USE_UCLIBC)) +ALL:boost-libs +ALL:boost-test
+ DEPENDS:=+ALL:boost-libs +ALL:boost-test
endef
define Package/boost/config
- menu "Select Boost libraries"
+ menu "Select Boost Options"
depends on PACKAGE_boost
+ comment "Boost compilation options."
+ config boost-static-libs
+ bool "Compile Static Libraries"
+ help
+ Compile static version of all selected boost libraries.
+ default n
+
+ config boost-shared-libs
+ bool "Compile Shared Libraries"
+ help
+ Compile shared version of all selected boost libraries.
+ default y
+
+ config boost-runtime-static
+ bool "Use static version of C and C++ runtimes for static libraries."
+ help
+ Determines if shared or static version of C and C++ runtimes should be used for static libraries.
+ default n
+ select boost-static-libs
+
+ config boost-runtime-shared
+ bool "Use shared version of C and C++ runtimes for shared libraries."
+ help
+ Determines if shared or static version of C and C++ runtimes should be used for shared libraries.
+ default n
+ select boost-shared-libs
+
+
+ config boost-multi-threading
+ bool "Multithread Support"
+ help
+ Compile Boost libraries n multithread mode.
+ default y
+
+ config boost-single-thread
+ bool "Single thread Support"
+ help
+ Compile Boost libraries in single-thread mode.
+ default n
+
+ config boost-with-debug
+ bool "Boost Debug Support"
+ help
+ Compile Boost libraries with debug support.
+ default n
+ endmenu
- config boost-libs-all
- bool "Include all Boost libraries"
- select PACKAGE_boost-libs
-
- config boost-test-pkg
- bool "Boost test package"
- select PACKAGE_boost-test
-
- comment "Libraries"
-
- $(foreach lib,$(BOOST_LIBS), \
- config PACKAGE_boost-$(lib)
- prompt "Boost $(lib) library"
-
- )
-
- endmenu
+ menu "Select Boost libraries"
+ depends on PACKAGE_boost
+ comment "Libraries"
+
+ config boost-libs-all
+ bool "Include all Boost libraries."
+ select PACKAGE_boost-libs
+
+ config boost-test-pkg
+ bool "Boost test package."
+ select PACKAGE_boost-test
+
+ config boost-coroutine2
+ depends on @GCC_USE_VERSION_5
+ bool "Boost couroutine2 support."
+ select PACKAGE_boost-coroutine
+ default n
+
+ config boost-graph-parallel
+ bool "Boost parallel graph support."
+ select PACKAGE_boost-graph
+ default n
+
+ $(foreach lib,$(BOOST_LIBS), \
+ config PACKAGE_boost-$(lib)
+ prompt "Boost $(lib) library."
+ )
+ endmenu
endef
endef
endef
+
$(eval $(call DefineBoostLibrary,atomic,system,))
$(eval $(call DefineBoostLibrary,chrono,system,))
$(eval $(call DefineBoostLibrary,container,,))
#$(eval $(call DefineBoostLibrary,exception,,))
$(eval $(call DefineBoostLibrary,filesystem,system,))
$(eval $(call DefineBoostLibrary,graph,regex,))
-#$(eval $(call DefineBoostLibrary,graph_parallel,,))
$(eval $(call DefineBoostLibrary,iostreams,,+zlib))
$(eval $(call DefineBoostLibrary,locale,system,$(ICONV_DEPENDS) +@BUILD_NLS))
$(eval $(call DefineBoostLibrary,log,system chrono date_time thread filesystem regex,))
$(eval $(call DefineBoostLibrary,math,,))
-#$(eval $(call DefineBoostLibrary,mpi,,))
+#$(eval $(call DefineBoostLibrary,mpi,,)) # OpenMPI does no exist in OpenWRT at this time.
$(eval $(call DefineBoostLibrary,program_options,,))
+$(eval $(call DefineBoostLibrary,python,,+CONFIG_boost_python:python))
+$(eval $(call DefineBoostLibrary,python3,,+CONFIG_boost_python3:python3))
$(eval $(call DefineBoostLibrary,random,system,))
-
-# We need a beter way to provide this package, information regarding the Python packages
-# such as Python version and directories locations.
-# Python 2.7 version is for now hard-coded. Python 3 is (until this date) broken in the trunk tree.
-$(eval $(call DefineBoostLibrary,python,,+PACKAGE_boost-python:python))
$(eval $(call DefineBoostLibrary,regex,,))
$(eval $(call DefineBoostLibrary,serialization,,))
$(eval $(call DefineBoostLibrary,signals,,))
-$(eval $(call DefineBoostLibrary,system,,))
+$(eval $(call DefineBoostLibrary,system,,+@boost-multi-threading))
$(eval $(call DefineBoostLibrary,thread,system chrono atomic,))
$(eval $(call DefineBoostLibrary,timer,chrono))
$(eval $(call DefineBoostLibrary,wave,date_time thread filesystem,))
+
define Host/Compile
# bjam does not provide a configure-script nor a Makefile
( cd $(HOST_BUILD_DIR)/tools/build/src/engine ; ./build.sh gcc )
CONFIGURE_PREFIX:=$(PKG_INSTALL_DIR)
TARGET_LDFLAGS += -pthread -lrt
-TARGET_CFLAGS += $(if $(CONFIG_SOFT_FLOAT),-DBOOST_NO_FENV_H)
+TARGET_CFLAGS += \
+ $(if $(CONFIG_PACKAGE_boost-python), -I$(STAGING_DIR)/usr/include/python2.7/) \
+ $(if $(CONFIG_PACKAGE_boost-python3), -I$(STAGING_DIR)/usr/include/python3.5/) \
+ $(if $(CONFIG_SOFT_FLOAT),-DBOOST_NO_FENV_H) -fPIC
ifneq ($(findstring mips,$(ARCH)),)
BOOST_ABI = o32
$(info Selected Boost API $(BOOST_ABI) for architecture $(ARCH) and cpu $(CPU_TYPE) $(CPU_SUBTYPE))
( cd $(PKG_BUILD_DIR) ; \
echo "using gcc : $(ARCH) : $(GNU_TARGET_NAME)-gcc : <compileflags>\"$(TARGET_CFLAGS)\" <cxxflags>\"$(TARGET_CXXFLAGS)\" <linkflags>\"$(TARGET_LDFLAGS)\" ;" > tools/build/src/user-config.jam ; \
+ $(if $(CONFIG_PACKAGE_boost-python3), \
+ echo "using python : 3.5 : $(STAGING_DIR_ROOT)/usr/bin/python3 : $(STAGING_DIR)/usr/include/python3.5/ ;" >> \
+ tools/build/src/user-config.jam; \
+ ) \
$(if $(CONFIG_PACKAGE_boost-python), \
- echo "using python : : $(STAGING_DIR_ROOT)/usr/bin/python : $(STAGING_DIR)/usr/include/python2.7/ ;" >> \
+ echo "using python : 2.7 : $(STAGING_DIR_ROOT)/usr/bin/python : $(STAGING_DIR)/usr/include/python2.7/ ;" >> \
tools/build/src/user-config.jam; \
) \
bjam \
'-sBUILD=release <optimization>space <inlining>on <debug-symbols>off' \
--ignore-site-config \
- --toolset=gcc-$(ARCH) --build-type=minimal --layout=system abi=$(BOOST_ABI) \
+ --toolset=gcc-$(ARCH) abi=$(BOOST_ABI) \
--disable-long-double \
+ --layout=tagged \
+ $(if $(CONFIG_boost-with-debug),--build-type=complete,--build-type=minimal) \
+ $(if $(CONFIG_boost-static-libs),link=static,) \
+ $(if $(CONFIG_boost-runtime-static),runtime-link=static,runtime-link=shared) \
+ $(if $(CONFIG_boost-shared-libs),link=shared,) \
+ $(if $(CONFIG_boost-runtime-shared),runtime-link=shared,) \
+ $(if $(CONFIG_boost-single-thread),threading=single,) \
+ $(if $(CONFIG_boost-multi-threading),threading=multi,) \
$(CONFIGURE_ARGS) \
--without-mpi \
+ $(if $(CONFIG_boost-coroutine2),,--without-coroutine2) \
+ $(if $(CONFIG_boost-graph-parallel),,--without-graph_parallel) \
$(if $(CONFIG_PACKAGE_boost-test),,--without-test) \
$(foreach lib,$(BOOST_LIBS), \
- $(if $(CONFIG_PACKAGE_boost-$(lib)),,--without-$(lib)) \
+ $(if $(findstring python,$(lib)), \
+ $(if $(or $(CONFIG_PACKAGE_boost-python),$(CONFIG_PACKAGE_boost-python3)),,--without-python), \
+ $(if $(CONFIG_PACKAGE_boost-$(lib)),,--without-$(lib))) \
) \
- $(if $(CONFIG_PACKAGE_boost-locale),boost.locale.iconv=on -sICONV_PATH=$(ICONV_PREFIX) boost.locale.posix=$(if $(USE_UCLIBC),on,off), \
+ $(if $(CONFIG_PACKAGE_boost-locale),boost.locale.iconv=on -sICONV_PATH=$(ICONV_PREFIX) boost.locale.posix=$(if $(USE_MUSL),on,off), \
boost.locale.iconv=off) \
\
$(if $(CONFIG_PACKAGE_boost-iostreams),-sNO_BZIP2=1 -sZLIB_INCLUDE=$(STAGING_DIR)/usr/include \
# copies _all_ header files - independent of <--with-library>-argument above
$(INSTALL_DIR) $(1)/usr/lib
- -$(CP) $(PKG_INSTALL_DIR)/lib/*.a $(1)/usr/lib/
- -$(CP) $(PKG_INSTALL_DIR)/lib/*.so* $(1)/usr/lib/
+ $(CP) -v $(PKG_INSTALL_DIR)/lib/*.a $(1)/usr/lib/ # copies all compiled archive files
+ $(FIND) $(PKG_INSTALL_DIR)/lib/ -name '*.so*' -exec $(CP) {} $(1)/usr/lib/ \; # copies all the shared objects files
endef
define Host/Install
$(INSTALL_DIR) \
$(1)/usr/lib
- $(CP) \
- $(PKG_INSTALL_DIR)/lib/libboost_$(2)*.so* \
- $(1)/usr/lib/
+ $(FIND) \
+ $(PKG_INSTALL_DIR)/lib/ -name 'libboost_$(2)*.so*' -exec $(CP) {} $(1)/usr/lib/ \;
endef
-define Package/boost-test/install
- $(INSTALL_DIR) \
- $(1)/usr/lib
-
- $(CP) \
- $(PKG_INSTALL_DIR)/lib/libboost_unit_test_framework*.so* \
- $(1)/usr/lib/
+define Package/boost-test/install
+ $(INSTALL_DIR) \
+ $(1)/usr/lib
- $(CP) \
- $(PKG_INSTALL_DIR)/lib/libboost_prg_exec_monitor*.so* \
- $(1)/usr/lib/
+ $(FIND) \
+ $(PKG_INSTALL_DIR)/lib/ -name 'libboost_unit_test_framework*.so*' -exec $(CP) {} $(1)/usr/lib/ \;
+
+ $(FIND) \
+ $(PKG_INSTALL_DIR)/lib/ -name 'libboost_prg_exec_monitor*.so*' -exec $(CP) {} $(1)/usr/lib/ \;
endef
define BuildBoostLibrary
$(foreach lib,$(BOOST_LIBS),$(eval $(call BuildBoostLibrary,$(lib))))
$(eval $(call BuildPackage,boost-test))
-
$(eval $(call BuildPackage,boost-libs))
$(eval $(call BuildPackage,boost))
include $(TOPDIR)/rules.mk
PKG_NAME:=glpk
-PKG_VERSION:=4.55
+PKG_VERSION:=4.57
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@GNU/$(PKG_NAME)
-PKG_MD5SUM:=c632a7a631b8aed02e28eafcd99477f
+PKG_MD5SUM:=237531a54f73155842f8defe51aedb0f
PKG_LICENSE:=GPL-3.0
PKG_LICENSE_FILES:=COPYING
include $(TOPDIR)/rules.mk
PKG_NAME:=gnutls
-PKG_VERSION:=3.4.6
+PKG_VERSION:=3.4.7
PKG_RELEASE:=1
PKG_USE_MIPS16:=0
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=ftp://ftp.gnutls.org/gcrypt/gnutls/v3.4
-PKG_MD5SUM:=4f2c4b4483da65de7edfeb050911fafb
+PKG_MD5SUM:=e7556cec73c8b34fd2ff0b591e24e44c
#PKG_FIXUP:=autoreconf gettext-version
PKG_MAINTAINER:=Nikos Mavrogiannopoulos <nmav@gnutls.org>
PKG_LICENSE:=LGPLv2.1+
include $(TOPDIR)/rules.mk
PKG_NAME:=libevdev
-PKG_VERSION:=1.4.4
+PKG_VERSION:=1.4.5
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://www.freedesktop.org/software/libevdev/
-PKG_MD5SUM:=b66443bb664cfaf2ba7b3f8c238ea951
+PKG_MD5SUM:=b123d91e31d279ecb37bea774f17aae1
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=COPYING
$(INSTALL_DIR) $(1)/usr/include
$(CP) \
- $(PKG_INSTALL_DIR)/usr/lib/libffi-$(PKG_VERSION)/include/*.h \
+ $(PKG_INSTALL_DIR)/usr/include/*.h \
$(1)/usr/include/
endef
--- /dev/null
+--- a/libffi.pc.in
++++ b/libffi.pc.in
+@@ -1,10 +1,10 @@
+ prefix=@prefix@
+ exec_prefix=@exec_prefix@
+ libdir=@libdir@
+-includedir=${libdir}/@PACKAGE_NAME@-@PACKAGE_VERSION@/include
++includedir=@includedir@
+
+ Name: @PACKAGE_NAME@
+ Description: Library supporting Foreign Function Interfaces
+ Version: @PACKAGE_VERSION@
+-Libs: -L${libdir} -lffi
+-Cflags: -I${includedir}
++Libs: -lffi
++Cflags:
+--- a/include/Makefile.am
++++ b/include/Makefile.am
+@@ -5,5 +5,5 @@ AUTOMAKE_OPTIONS=foreign
+ DISTCLEANFILES=ffitarget.h
+ EXTRA_DIST=ffi.h.in ffi_common.h
+
+-includesdir = $(libdir)/@PACKAGE_NAME@-@PACKAGE_VERSION@/include
++includesdir = $(includedir)
+ nodist_includes_HEADERS = ffi.h ffitarget.h
+--- a/include/Makefile.in
++++ b/include/Makefile.in
+@@ -250,7 +250,7 @@ top_srcdir = @top_srcdir@
+ AUTOMAKE_OPTIONS = foreign
+ DISTCLEANFILES = ffitarget.h
+ EXTRA_DIST = ffi.h.in ffi_common.h
+-includesdir = $(libdir)/@PACKAGE_NAME@-@PACKAGE_VERSION@/include
++includesdir = $(includedir)
+ nodist_includes_HEADERS = ffi.h ffitarget.h
+ all: all-am
+
PKG_LICENSE_FILES:=COPYING
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=https://download.gnome.org/sources/libgee/0.18/
+PKG_SOURCE_URL:=@GNOME/libgee/0.18/
PKG_MD5SUM:=29ea6125e653d7e60b49a9a9544abc96
PKG_FIXUP:=autoreconf
$(INSTALL_DATA) \
$(PKG_INSTALL_DIR)/usr/lib/pkgconfig/*.pc \
$(1)/usr/lib/pkgconfig/
+ $(INSTALL_DIR) $(STAGING_DIR_HOST)/share/vala-0.30/vapi/
+ $(INSTALL_DATA) \
+ $(PKG_INSTALL_DIR)/usr/share/vala/vapi/* \
+ $(STAGING_DIR_HOST)/share/vala-0.30/vapi
endef
define Package/libgee/install
--- /dev/null
+From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+Date: Mon, 16 Mar 2015 17:40:12 +0000 (-0400)
+Subject: Avoid breakage with gcc 5
+X-Git-Tag: libgpg-error-1.19~7
+X-Git-Url: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgpg-error.git;a=commitdiff_plain;h=c01c8f0c4f55d76b037c7f6aa44ad25ede18d38a
+
+Avoid breakage with gcc 5
+
+* src/Makefile.am: Add -P to the C preprocessor when building
+mkerrcodes.h, to avoid a noisy intermediate pipeline.
+
+--
+
+With gcc 5 without this patch, we see many errors like the following:
+
+gcc -I. -I. -o mkerrcodes ./mkerrcodes.c
+In file included from ./mkerrcodes.c:26:0:
+./mkerrcodes.h:9:5: error: expected expression before ‘,’ token
+ { , "GPG_ERR_E2BIG" },
+ ^
+./mkerrcodes.h:10:5: error: expected expression before ‘,’ token
+ { , "GPG_ERR_EACCES" },
+ ^
+
+This patch cleans up the generated mkerrcodes.h by making the
+intermediate stage clean for all the versions of gcc i tested (4.x and
+5).
+
+Debian-Bug-Id: 777374
+Signed-Off-By: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+---
+
+--- a/src/Makefile.am
++++ b/src/Makefile.am
+@@ -140,7 +140,7 @@ code-to-errno.h: Makefile mkerrnos.awk e
+ # It is correct to use $(CPP). We want the host's idea of the error codes.
+ mkerrcodes.h: Makefile mkerrcodes.awk $(gpg_extra_headers)
+ $(AWK) -f $(srcdir)/mkerrcodes1.awk $(srcdir)/errnos.in >_$@
+- $(CPP) $(CPPFLAGS) $(extra_cppflags) _$@ | grep GPG_ERR_ | \
++ $(CPP) $(CPPFLAGS) $(extra_cppflags) -P _$@ | grep GPG_ERR_ | \
+ $(AWK) -f $(srcdir)/mkerrcodes.awk >$@
+ -rm _$@
+
+--- a/src/Makefile.in
++++ b/src/Makefile.in
+@@ -979,7 +979,7 @@ code-to-errno.h: Makefile mkerrnos.awk e
+ # It is correct to use $(CPP). We want the host's idea of the error codes.
+ mkerrcodes.h: Makefile mkerrcodes.awk $(gpg_extra_headers)
+ $(AWK) -f $(srcdir)/mkerrcodes1.awk $(srcdir)/errnos.in >_$@
+- $(CPP) $(CPPFLAGS) $(extra_cppflags) _$@ | grep GPG_ERR_ | \
++ $(CPP) $(CPPFLAGS) $(extra_cppflags) -P _$@ | grep GPG_ERR_ | \
+ $(AWK) -f $(srcdir)/mkerrcodes.awk >$@
+ -rm _$@
+
include $(TOPDIR)/rules.mk
PKG_NAME:=libinput
-PKG_VERSION:=1.0.1
+PKG_VERSION:=1.1.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://www.freedesktop.org/software/libinput/
-PKG_MD5SUM:=f390e592aa09f77dabceabeb2ddd4419
+PKG_MD5SUM:=4a3fc842ac0b7bf0fa306ea7badc31a0
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=COPYING
include $(TOPDIR)/rules.mk
PKG_NAME:=libmicrohttpd
-PKG_VERSION:=0.9.42
-PKG_RELEASE:=3
+PKG_VERSION:=0.9.44
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@GNU/libmicrohttpd
-PKG_MD5SUM:=3b9cf0b67fc8ebc9e69f53c6bc84a88d
+PKG_MD5SUM:=9101b5ebf8f71792938ae672da314da2
PKG_MAINTAINER:=Martijn Zilverschoon <martijn@friedzombie.com>
+++ /dev/null
---- a/ChangeLog
-+++ b/ChangeLog
-@@ -1,3 +1,14 @@
-+Thu Jun 4 13:37:05 CEST 2015
-+ Fixing memory leak in digest authentication. -AW
-+
-+Wed Jun 03 21:23:47 CEST 2015
-+ Add deprecation compiler messages for deprecated functions
-+ and macros. -EG
-+
-+Fri May 29 12:23:01 CEST 2015
-+ Fixing digest authentication when used in combination
-+ with escaped characters in URLs. -CG/AW
-+
- Wed May 13 11:49:09 CEST 2015
- Releasing libmicrohttpd 0.9.42. -CG
-
---- a/src/microhttpd/response.c
-+++ b/src/microhttpd/response.c
-@@ -24,6 +24,8 @@
- * @author Christian Grothoff
- */
-
-+#define MHD_NO_DEPRECATION 1
-+
- #include "internal.h"
- #include "response.h"
-
---- a/src/microhttpd/digestauth.c
-+++ b/src/microhttpd/digestauth.c
-@@ -1,6 +1,6 @@
- /*
- This file is part of libmicrohttpd
-- Copyright (C) 2010, 2011, 2012 Daniel Pittman and Christian Grothoff
-+ Copyright (C) 2010, 2011, 2012, 2015 Daniel Pittman and Christian Grothoff
-
- This library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public
-@@ -472,8 +472,8 @@ test_header (struct MHD_Connection *conn
- *
- * @param connection connections with headers to compare against
- * @param args argument URI string (after "?" in URI)
-- * @return MHD_YES if the arguments match,
-- * MHD_NO if not
-+ * @return #MHD_YES if the arguments match,
-+ * #MHD_NO if not
- */
- static int
- check_argument_match (struct MHD_Connection *connection,
-@@ -508,7 +508,10 @@ check_argument_match (struct MHD_Connect
- connection,
- argp);
- if (MHD_YES != test_header (connection, argp, NULL))
-- return MHD_NO;
-+ {
-+ free(argb);
-+ return MHD_NO;
-+ }
- num_headers++;
- break;
- }
-@@ -527,10 +530,16 @@ check_argument_match (struct MHD_Connect
- connection,
- equals);
- if (! test_header (connection, argp, equals))
-- return MHD_NO;
-+ {
-+ free(argb);
-+ return MHD_NO;
-+ }
-+
- num_headers++;
- argp = amper;
- }
-+
-+ free(argb);
-
- /* also check that the number of headers matches */
- for (pos = connection->headers_received; NULL != pos; pos = pos->next)
-@@ -632,10 +641,83 @@ MHD_digest_auth_check (struct MHD_Connec
- header value. */
- return MHD_NO;
- }
-+ /* 8 = 4 hexadecimal numbers for the timestamp */
-+ nonce_time = strtoul (nonce + len - 8, (char **)NULL, 16);
-+ t = (uint32_t) MHD_monotonic_time();
-+ /*
-+ * First level vetting for the nonce validity: if the timestamp
-+ * attached to the nonce exceeds `nonce_timeout', then the nonce is
-+ * invalid.
-+ */
-+ if ( (t > nonce_time + nonce_timeout) ||
-+ (nonce_time + nonce_timeout < nonce_time) )
-+ {
-+ /* too old */
-+ return MHD_INVALID_NONCE;
-+ }
-+
-+ calculate_nonce (nonce_time,
-+ connection->method,
-+ connection->daemon->digest_auth_random,
-+ connection->daemon->digest_auth_rand_size,
-+ connection->url,
-+ realm,
-+ noncehashexp);
-+ /*
-+ * Second level vetting for the nonce validity
-+ * if the timestamp attached to the nonce is valid
-+ * and possibly fabricated (in case of an attack)
-+ * the attacker must also know the random seed to be
-+ * able to generate a "sane" nonce, which if he does
-+ * not, the nonce fabrication process going to be
-+ * very hard to achieve.
-+ */
-+
-+ if (0 != strcmp (nonce, noncehashexp))
-+ {
-+ return MHD_INVALID_NONCE;
-+ }
-+ if ( (0 == lookup_sub_value (cnonce,
-+ sizeof (cnonce),
-+ header, "cnonce")) ||
-+ (0 == lookup_sub_value (qop, sizeof (qop), header, "qop")) ||
-+ ( (0 != strcmp (qop, "auth")) &&
-+ (0 != strcmp (qop, "")) ) ||
-+ (0 == lookup_sub_value (nc, sizeof (nc), header, "nc")) ||
-+ (0 == lookup_sub_value (response, sizeof (response), header, "response")) )
-+ {
-+#if HAVE_MESSAGES
-+ MHD_DLOG (connection->daemon,
-+ "Authentication failed, invalid format.\n");
-+#endif
-+ return MHD_NO;
-+ }
-+ nci = strtoul (nc, &end, 16);
-+ if ( ('\0' != *end) ||
-+ ( (LONG_MAX == nci) &&
-+ (ERANGE == errno) ) )
-+ {
-+#if HAVE_MESSAGES
-+ MHD_DLOG (connection->daemon,
-+ "Authentication failed, invalid format.\n");
-+#endif
-+ return MHD_NO; /* invalid nonce format */
-+ }
-+ /*
-+ * Checking if that combination of nonce and nc is sound
-+ * and not a replay attack attempt. Also adds the nonce
-+ * to the nonce-nc map if it does not exist there.
-+ */
-+
-+ if (MHD_YES != check_nonce_nc (connection, nonce, nci))
-+ {
-+ return MHD_NO;
-+ }
-+
- {
- char *uri;
--
-- uri = malloc(left + 1);
-+
-+ uri = malloc (left + 1);
- if (NULL == uri)
- {
- #if HAVE_MESSAGES
-@@ -648,24 +730,31 @@ MHD_digest_auth_check (struct MHD_Connec
- left + 1,
- header, "uri"))
- {
-- free(uri);
-+ free (uri);
- return MHD_NO;
- }
-
-- /* 8 = 4 hexadecimal numbers for the timestamp */
-- nonce_time = strtoul (nonce + len - 8, (char **)NULL, 16);
-- t = (uint32_t) MHD_monotonic_time();
-- /*
-- * First level vetting for the nonce validity: if the timestamp
-- * attached to the nonce exceeds `nonce_timeout', then the nonce is
-- * invalid.
-- */
-- if ( (t > nonce_time + nonce_timeout) ||
-- (nonce_time + nonce_timeout < nonce_time) )
-- {
-- free(uri);
-- return MHD_INVALID_NONCE;
-- }
-+ digest_calc_ha1("md5",
-+ username,
-+ realm,
-+ password,
-+ nonce,
-+ cnonce,
-+ ha1);
-+ digest_calc_response (ha1,
-+ nonce,
-+ nc,
-+ cnonce,
-+ qop,
-+ connection->method,
-+ uri,
-+ hentity,
-+ respexp);
-+
-+ /* Need to unescape URI before comparing with connection->url */
-+ connection->daemon->unescape_callback (connection->daemon->unescape_callback_cls,
-+ connection,
-+ uri);
- if (0 != strncmp (uri,
- connection->url,
- strlen (connection->url)))
-@@ -674,9 +763,10 @@ MHD_digest_auth_check (struct MHD_Connec
- MHD_DLOG (connection->daemon,
- "Authentication failed, URI does not match.\n");
- #endif
-- free(uri);
-+ free (uri);
- return MHD_NO;
- }
-+
- {
- const char *args = strchr (uri, '?');
-
-@@ -692,89 +782,11 @@ MHD_digest_auth_check (struct MHD_Connec
- MHD_DLOG (connection->daemon,
- "Authentication failed, arguments do not match.\n");
- #endif
-- free(uri);
-+ free (uri);
- return MHD_NO;
- }
- }
-- calculate_nonce (nonce_time,
-- connection->method,
-- connection->daemon->digest_auth_random,
-- connection->daemon->digest_auth_rand_size,
-- connection->url,
-- realm,
-- noncehashexp);
-- /*
-- * Second level vetting for the nonce validity
-- * if the timestamp attached to the nonce is valid
-- * and possibly fabricated (in case of an attack)
-- * the attacker must also know the random seed to be
-- * able to generate a "sane" nonce, which if he does
-- * not, the nonce fabrication process going to be
-- * very hard to achieve.
-- */
--
-- if (0 != strcmp (nonce, noncehashexp))
-- {
-- free(uri);
-- return MHD_INVALID_NONCE;
-- }
-- if ( (0 == lookup_sub_value (cnonce,
-- sizeof (cnonce),
-- header, "cnonce")) ||
-- (0 == lookup_sub_value (qop, sizeof (qop), header, "qop")) ||
-- ( (0 != strcmp (qop, "auth")) &&
-- (0 != strcmp (qop, "")) ) ||
-- (0 == lookup_sub_value (nc, sizeof (nc), header, "nc")) ||
-- (0 == lookup_sub_value (response, sizeof (response), header, "response")) )
-- {
--#if HAVE_MESSAGES
-- MHD_DLOG (connection->daemon,
-- "Authentication failed, invalid format.\n");
--#endif
-- free(uri);
-- return MHD_NO;
-- }
-- nci = strtoul (nc, &end, 16);
-- if ( ('\0' != *end) ||
-- ( (LONG_MAX == nci) &&
-- (ERANGE == errno) ) )
-- {
--#if HAVE_MESSAGES
-- MHD_DLOG (connection->daemon,
-- "Authentication failed, invalid format.\n");
--#endif
-- free(uri);
-- return MHD_NO; /* invalid nonce format */
-- }
-- /*
-- * Checking if that combination of nonce and nc is sound
-- * and not a replay attack attempt. Also adds the nonce
-- * to the nonce-nc map if it does not exist there.
-- */
--
-- if (MHD_YES != check_nonce_nc (connection, nonce, nci))
-- {
-- free(uri);
-- return MHD_NO;
-- }
--
-- digest_calc_ha1("md5",
-- username,
-- realm,
-- password,
-- nonce,
-- cnonce,
-- ha1);
-- digest_calc_response (ha1,
-- nonce,
-- nc,
-- cnonce,
-- qop,
-- connection->method,
-- uri,
-- hentity,
-- respexp);
-- free(uri);
-+ free (uri);
- return (0 == strcmp(response, respexp))
- ? MHD_YES
- : MHD_NO;
-@@ -835,7 +847,7 @@ MHD_queue_auth_fail_response (struct MHD
- : "");
- {
- char *header;
--
-+
- header = malloc(hlen + 1);
- if (NULL == header)
- {
---- a/src/microhttpd/daemon.c
-+++ b/src/microhttpd/daemon.c
-@@ -73,7 +73,7 @@
- /**
- * Default connection limit.
- */
--#ifndef WINDOWS
-+#ifndef MHD_WINSOCK_SOCKETS
- #define MHD_MAX_CONNECTIONS_DEFAULT FD_SETSIZE - 4
- #else
- #define MHD_MAX_CONNECTIONS_DEFAULT FD_SETSIZE
-@@ -1271,7 +1271,7 @@ internal_add_connection (struct MHD_Daem
- return MHD_NO;
- }
-
--#ifndef WINDOWS
-+#ifndef MHD_WINSOCK_SOCKETS
- if ( (client_socket >= FD_SETSIZE) &&
- (0 == (daemon->options & (MHD_USE_POLL | MHD_USE_EPOLL_LINUX_ONLY))) )
- {
-@@ -1418,7 +1418,7 @@ internal_add_connection (struct MHD_Daem
- #endif
- {
- /* make socket non-blocking */
--#if !defined(WINDOWS) || defined(CYGWIN)
-+#if !defined(MHD_WINSOCK_SOCKETS)
- int flags = fcntl (connection->socket_fd, F_GETFL);
- if ( (-1 == flags) ||
- (0 != fcntl (connection->socket_fd, F_SETFL, flags | O_NONBLOCK)) )
-@@ -1797,7 +1797,7 @@ static void
- make_nonblocking_noninheritable (struct MHD_Daemon *daemon,
- MHD_socket sock)
- {
--#ifdef WINDOWS
-+#ifdef MHD_WINSOCK_SOCKETS
- DWORD dwFlags;
- unsigned long flags = 1;
-
-@@ -3611,7 +3611,7 @@ MHD_start_daemon_va (unsigned int flags,
- daemon->socket_fd = MHD_INVALID_SOCKET;
- daemon->listening_address_reuse = 0;
- daemon->options = flags;
--#if WINDOWS
-+#if defined(MHD_WINSOCK_SOCKETS) || defined(CYGWIN)
- /* Winsock is broken with respect to 'shutdown';
- this disables us calling 'shutdown' on W32. */
- daemon->options |= MHD_USE_EPOLL_TURBO;
-@@ -3650,7 +3650,7 @@ MHD_start_daemon_va (unsigned int flags,
- free (daemon);
- return NULL;
- }
--#ifndef WINDOWS
-+#ifndef MHD_WINSOCK_SOCKETS
- if ( (0 == (flags & (MHD_USE_POLL | MHD_USE_EPOLL_LINUX_ONLY))) &&
- (1 == use_pipe) &&
- (daemon->wpipe[0] >= FD_SETSIZE) )
-@@ -3934,7 +3934,7 @@ MHD_start_daemon_va (unsigned int flags,
- (http://msdn.microsoft.com/en-us/library/ms738574%28v=VS.85%29.aspx);
- and may also be missing on older POSIX systems; good luck if you have any of those,
- your IPv6 socket may then also bind against IPv4 anyway... */
--#ifndef WINDOWS
-+#ifndef MHD_WINSOCK_SOCKETS
- const int
- #else
- const char
-@@ -4016,7 +4016,7 @@ MHD_start_daemon_va (unsigned int flags,
- {
- socket_fd = daemon->socket_fd;
- }
--#ifndef WINDOWS
-+#ifndef MHD_WINSOCK_SOCKETS
- if ( (socket_fd >= FD_SETSIZE) &&
- (0 == (flags & (MHD_USE_POLL | MHD_USE_EPOLL_LINUX_ONLY)) ) )
- {
-@@ -4121,7 +4121,7 @@ MHD_start_daemon_va (unsigned int flags,
- if ( (daemon->worker_pool_size > 0) &&
- (0 == (daemon->options & MHD_USE_NO_LISTEN_SOCKET)) )
- {
--#if !defined(WINDOWS) || defined(CYGWIN)
-+#if !defined(MHD_WINSOCK_SOCKETS)
- int sk_flags;
- #else
- unsigned long sk_flags;
-@@ -4140,7 +4140,7 @@ MHD_start_daemon_va (unsigned int flags,
- /* Accept must be non-blocking. Multiple children may wake up
- * to handle a new connection, but only one will win the race.
- * The others must immediately return. */
--#if !defined(WINDOWS) || defined(CYGWIN)
-+#if !defined(MHD_WINSOCK_SOCKETS)
- sk_flags = fcntl (socket_fd, F_GETFL);
- if (sk_flags < 0)
- goto thread_failed;
-@@ -4150,7 +4150,7 @@ MHD_start_daemon_va (unsigned int flags,
- sk_flags = 1;
- if (SOCKET_ERROR == ioctlsocket (socket_fd, FIONBIO, &sk_flags))
- goto thread_failed;
--#endif /* WINDOWS && !CYGWIN */
-+#endif /* MHD_WINSOCK_SOCKETS */
-
- /* Allocate memory for pooled objects */
- daemon->worker_pool = malloc (sizeof (struct MHD_Daemon)
-@@ -4182,7 +4182,7 @@ MHD_start_daemon_va (unsigned int flags,
- #endif
- goto thread_failed;
- }
--#ifndef WINDOWS
-+#ifndef MHD_WINSOCK_SOCKETS
- if ( (0 == (flags & (MHD_USE_POLL | MHD_USE_EPOLL_LINUX_ONLY))) &&
- (MHD_USE_SUSPEND_RESUME == (flags & MHD_USE_SUSPEND_RESUME)) &&
- (d->wpipe[0] >= FD_SETSIZE) )
-@@ -4343,7 +4343,7 @@ close_all_connections (struct MHD_Daemon
- {
- shutdown (pos->socket_fd,
- (pos->read_closed == MHD_YES) ? SHUT_WR : SHUT_RDWR);
--#if WINDOWS
-+#if MHD_WINSOCK_SOCKETS
- if ( (0 != (daemon->options & MHD_USE_THREAD_PER_CONNECTION)) &&
- (MHD_INVALID_PIPE_ != daemon->wpipe[1]) &&
- (1 != MHD_pipe_write_ (daemon->wpipe[1], "e", 1)) )
---- a/src/include/microhttpd.h
-+++ b/src/include/microhttpd.h
-@@ -130,7 +130,7 @@ typedef intptr_t ssize_t;
- * Current version of the library.
- * 0x01093001 = 1.9.30-1.
- */
--#define MHD_VERSION 0x00094200
-+#define MHD_VERSION 0x00094202
-
- /**
- * MHD-internal return code for "YES".
-@@ -194,6 +194,53 @@ typedef SOCKET MHD_socket;
- #endif /* MHD_SOCKET_DEFINED */
-
- /**
-+ * Define MHD_NO_DEPRECATION before including "microhttpd.h" to disable deprecation messages
-+ */
-+#ifdef MHD_NO_DEPRECATION
-+#define _MHD_DEPR_MACRO(msg)
-+#define _MHD_DEPR_FUNC(msg)
-+#endif /* MHD_NO_DEPRECATION */
-+
-+#ifndef _MHD_DEPR_MACRO
-+#if defined(_MSC_FULL_VER) && _MSC_VER+0 >= 1500
-+/* Stringify macros */
-+#define _MHD_INSTRMACRO(a) #a
-+#define _MHD_STRMACRO(a) _MHD_INSTRMACRO(a)
-+#define _MHD_DEPR_MACRO(msg) __pragma(message(__FILE__ "(" _MHD_STRMACRO(__LINE__)"): warning: " msg))
-+#elif defined(__clang__) || defined (__GNUC_PATCHLEVEL__)
-+#define _MHD_GCC_PRAG(x) _Pragma (#x)
-+#if __clang_major__+0 >= 5 || \
-+ (!defined(__apple_build_version__) && (__clang_major__+0 > 3 || (__clang_major__+0 == 3 && __clang_minor__ >= 3))) || \
-+ __GNUC__+0 > 4 || (__GNUC__+0 == 4 && __GNUC_MINOR__+0 >= 8)
-+#define _MHD_DEPR_MACRO(msg) _MHD_GCC_PRAG(GCC warning msg)
-+#else /* older clang or GCC */
-+#define _MHD_DEPR_MACRO(msg) _MHD_GCC_PRAG(message msg)
-+#endif
-+/* #elif defined(SOMEMACRO) */ /* add compiler-specific macros here if required */
-+#else /* other compilers */
-+#define _MHD_DEPR_MACRO(msg)
-+#endif
-+#endif /* _MHD_DEPR_MACRO */
-+
-+#ifndef _MHD_DEPR_FUNC
-+#if defined(_MSC_FULL_VER) && _MSC_VER+0 >= 1400
-+#define _MHD_DEPR_FUNC(msg) __declspec(deprecated(msg))
-+#elif defined(_MSC_FULL_VER) && _MSC_VER+0 >= 1310
-+/* VS .NET 2003 deprecation do not support custom messages */
-+#define _MHD_DEPR_FUNC(msg) __declspec(deprecated)
-+#elif defined (__clang__) && \
-+ (__clang_major__+0 >= 4 || (!defined(__apple_build_version__) && __clang_major__+0 >= 3))
-+#define _MHD_DEPR_FUNC(msg) __attribute__((deprecated(msg)))
-+#elif defined (__clang__) || __GNUC__+0 > 3 || (__GNUC__+0 == 3 && __GNUC_MINOR__+0 >= 1)
-+/* GCC-style deprecation do not support custom messages */
-+#define _MHD_DEPR_FUNC(msg) __attribute__((__deprecated__))
-+/* #elif defined(SOMEMACRO) */ /* add compiler-specific macros here if required */
-+#else /* other compilers */
-+#define _MHD_DEPR_FUNC(msg)
-+#endif
-+#endif /* _MHD_DEPR_FUNC */
-+
-+/**
- * Not all architectures and `printf()`'s support the `long long` type.
- * This gives the ability to replace `long long` with just a `long`,
- * standard `int` or a `short`.
-@@ -204,6 +251,8 @@ typedef SOCKET MHD_socket;
- */
- #define MHD_LONG_LONG long long
- #define MHD_UNSIGNED_LONG_LONG unsigned long long
-+#else /* MHD_LONG_LONG */
-+_MHD_DEPR_MACRO("Macro MHD_LONG_LONG is deprecated, use MHD_UNSIGNED_LONG_LONG")
- #endif
- /**
- * Format string for printing a variable of type #MHD_LONG_LONG.
-@@ -215,6 +264,8 @@ typedef SOCKET MHD_socket;
- */
- #define MHD_LONG_LONG_PRINTF "ll"
- #define MHD_UNSIGNED_LONG_LONG_PRINTF "%llu"
-+#else /* MHD_LONG_LONG_PRINTF */
-+_MHD_DEPR_MACRO("Macro MHD_LONG_LONG_PRINTF is deprecated, use MHD_UNSIGNED_LONG_LONG_PRINTF")
- #endif
-
-
-@@ -253,7 +304,8 @@ typedef SOCKET MHD_socket;
- #define MHD_HTTP_METHOD_NOT_ALLOWED 405
- #define MHD_HTTP_NOT_ACCEPTABLE 406
- /** @deprecated */
--#define MHD_HTTP_METHOD_NOT_ACCEPTABLE 406
-+#define MHD_HTTP_METHOD_NOT_ACCEPTABLE \
-+ _MHD_DEPR_MACRO("Value MHD_HTTP_METHOD_NOT_ACCEPTABLE is deprecated, use MHD_HTTP_NOT_ACCEPTABLE") 406
- #define MHD_HTTP_PROXY_AUTHENTICATION_REQUIRED 407
- #define MHD_HTTP_REQUEST_TIMEOUT 408
- #define MHD_HTTP_CONFLICT 409
-@@ -1953,6 +2005,7 @@ MHD_create_response_from_callback (uint6
- * @deprecated use #MHD_create_response_from_buffer instead
- * @ingroup response
- */
-+_MHD_DEPR_FUNC("MHD_create_response_from_data() is deprecated, use MHD_create_response_from_buffer()") \
- _MHD_EXTERN struct MHD_Response *
- MHD_create_response_from_data (size_t size,
- void *data,
-@@ -2023,6 +2076,8 @@ MHD_create_response_from_buffer (size_t
- * @return NULL on error (i.e. invalid arguments, out of memory)
- * @ingroup response
- */
-+/* NOTE: this should be 'uint64_t' instead of 'size_t', but changing
-+ this would break API compatibility. */
- _MHD_EXTERN struct MHD_Response *
- MHD_create_response_from_fd (size_t size,
- int fd);
-@@ -2044,6 +2099,8 @@ MHD_create_response_from_fd (size_t size
- * @return NULL on error (i.e. invalid arguments, out of memory)
- * @ingroup response
- */
-+/* NOTE: this should be 'uint64_t' instead of 'size_t', but changing
-+ this would break API compatibility. */
- _MHD_EXTERN struct MHD_Response *
- MHD_create_response_from_fd_at_offset (size_t size,
- int fd,
---- a/src/include/platform_interface.h
-+++ b/src/include/platform_interface.h
-@@ -82,14 +82,14 @@
-
-
- /* MHD_socket_close_(fd) close any FDs (non-W32) / close only socket FDs (W32) */
--#if !defined(_WIN32) || defined(__CYGWIN__)
-+#if !defined(MHD_WINSOCK_SOCKETS)
- #define MHD_socket_close_(fd) close((fd))
- #else
- #define MHD_socket_close_(fd) closesocket((fd))
- #endif
-
- /* MHD_socket_errno_ is errno of last function (non-W32) / errno of last socket function (W32) */
--#if !defined(_WIN32) || defined(__CYGWIN__)
-+#if !defined(MHD_WINSOCK_SOCKETS)
- #define MHD_socket_errno_ errno
- #else
- #define MHD_socket_errno_ MHD_W32_errno_from_winsock_()
-@@ -97,21 +97,21 @@
-
- /* MHD_socket_last_strerr_ is description string of last errno (non-W32) /
- * description string of last socket error (W32) */
--#if !defined(_WIN32) || defined(__CYGWIN__)
-+#if !defined(MHD_WINSOCK_SOCKETS)
- #define MHD_socket_last_strerr_() strerror(errno)
- #else
- #define MHD_socket_last_strerr_() MHD_W32_strerror_last_winsock_()
- #endif
-
- /* MHD_strerror_ is strerror (both non-W32/W32) */
--#if !defined(_WIN32) || defined(__CYGWIN__)
-+#if !defined(MHD_WINSOCK_SOCKETS)
- #define MHD_strerror_(errnum) strerror((errnum))
- #else
- #define MHD_strerror_(errnum) MHD_W32_strerror_((errnum))
- #endif
-
- /* MHD_set_socket_errno_ set errno to errnum (non-W32) / set socket last error to errnum (W32) */
--#if !defined(_WIN32) || defined(__CYGWIN__)
-+#if !defined(MHD_WINSOCK_SOCKETS)
- #define MHD_set_socket_errno_(errnum) errno=(errnum)
- #else
- #define MHD_set_socket_errno_(errnum) MHD_W32_set_last_winsock_error_((errnum))
---- a/src/testcurl/test_digestauth.c
-+++ b/src/testcurl/test_digestauth.c
-@@ -73,7 +73,8 @@ ahc_echo (void *cls,
- const char *url,
- const char *method,
- const char *version,
-- const char *upload_data, size_t *upload_data_size,
-+ const char *upload_data,
-+ size_t *upload_data_size,
- void **unused)
- {
- struct MHD_Response *response;
-@@ -82,44 +83,47 @@ ahc_echo (void *cls,
- const char *realm = "test@example.com";
- int ret;
-
-- username = MHD_digest_auth_get_username(connection);
-+ username = MHD_digest_auth_get_username (connection);
- if ( (username == NULL) ||
- (0 != strcmp (username, "testuser")) )
- {
-- response = MHD_create_response_from_buffer(strlen (DENIED),
-- DENIED,
-- MHD_RESPMEM_PERSISTENT);
-+ response = MHD_create_response_from_buffer (strlen (DENIED),
-+ DENIED,
-+ MHD_RESPMEM_PERSISTENT);
- ret = MHD_queue_auth_fail_response(connection, realm,
- MY_OPAQUE,
- response,
-- MHD_NO);
-- MHD_destroy_response(response);
-+ MHD_NO);
-+ MHD_destroy_response(response);
- return ret;
- }
- ret = MHD_digest_auth_check(connection, realm,
-- username,
-- password,
-+ username,
-+ password,
- 300);
- free(username);
- if ( (ret == MHD_INVALID_NONCE) ||
- (ret == MHD_NO) )
- {
-- response = MHD_create_response_from_buffer(strlen (DENIED),
-+ response = MHD_create_response_from_buffer(strlen (DENIED),
- DENIED,
-- MHD_RESPMEM_PERSISTENT);
-- if (NULL == response)
-+ MHD_RESPMEM_PERSISTENT);
-+ if (NULL == response)
- return MHD_NO;
- ret = MHD_queue_auth_fail_response(connection, realm,
- MY_OPAQUE,
- response,
-- (ret == MHD_INVALID_NONCE) ? MHD_YES : MHD_NO);
-- MHD_destroy_response(response);
-+ (ret == MHD_INVALID_NONCE) ? MHD_YES : MHD_NO);
-+ MHD_destroy_response(response);
- return ret;
- }
-- response = MHD_create_response_from_buffer(strlen(PAGE), PAGE,
-- MHD_RESPMEM_PERSISTENT);
-- ret = MHD_queue_response(connection, MHD_HTTP_OK, response);
-- MHD_destroy_response(response);
-+ response = MHD_create_response_from_buffer (strlen(PAGE),
-+ PAGE,
-+ MHD_RESPMEM_PERSISTENT);
-+ ret = MHD_queue_response (connection,
-+ MHD_HTTP_OK,
-+ response);
-+ MHD_destroy_response (response);
- return ret;
- }
-
-@@ -144,24 +148,24 @@ testDigestAuth ()
- fd = open("/dev/urandom", O_RDONLY);
- if (-1 == fd)
- {
-- fprintf(stderr, "Failed to open `%s': %s\n",
-- "/dev/urandom",
-- strerror(errno));
-- return 1;
-- }
-+ fprintf(stderr, "Failed to open `%s': %s\n",
-+ "/dev/urandom",
-+ strerror(errno));
-+ return 1;
-+ }
- while (off < 8)
-- {
-- len = read(fd, rnd, 8);
-- if (len == -1)
-- {
-- fprintf(stderr, "Failed to read `%s': %s\n",
-- "/dev/urandom",
-- strerror(errno));
-- (void) close(fd);
-- return 1;
-- }
-- off += len;
-- }
-+ {
-+ len = read(fd, rnd, 8);
-+ if (len == -1)
-+ {
-+ fprintf(stderr, "Failed to read `%s': %s\n",
-+ "/dev/urandom",
-+ strerror(errno));
-+ (void) close(fd);
-+ return 1;
-+ }
-+ off += len;
-+ }
- (void) close(fd);
- #else
- {
-@@ -193,7 +197,7 @@ testDigestAuth ()
- if (d == NULL)
- return 1;
- c = curl_easy_init ();
-- curl_easy_setopt (c, CURLOPT_URL, "http://127.0.0.1:1337/");
-+ curl_easy_setopt (c, CURLOPT_URL, "http://127.0.0.1:1337/bar%20 foo?a=bü%20");
- curl_easy_setopt (c, CURLOPT_WRITEFUNCTION, ©Buffer);
- curl_easy_setopt (c, CURLOPT_WRITEDATA, &cbc);
- curl_easy_setopt (c, CURLOPT_HTTPAUTH, CURLAUTH_DIGEST);
-@@ -225,7 +229,6 @@ testDigestAuth ()
- }
-
-
--
- int
- main (int argc, char *const *argv)
- {
---- a/src/testcurl/https/test_https_time_out.c
-+++ b/src/testcurl/https/test_https_time_out.c
-@@ -64,7 +64,7 @@ test_tls_session_time_out (gnutls_sessio
-
- gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) (intptr_t) sd);
-
-- ret = connect (sd, &sa, sizeof (struct sockaddr_in));
-+ ret = connect (sd, (struct sockaddr *) &sa, sizeof (struct sockaddr_in));
-
- if (ret < 0)
- {
#
-# Copyright (C) 2006-2014 OpenWrt.org
+# Copyright (C) 2006-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(TOPDIR)/rules.mk
PKG_NAME:=libpng
-PKG_VERSION:=1.2.52
+PKG_VERSION:=1.2.54
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@SF/libpng
-PKG_MD5SUM:=49d5c71929bf69a172147c47b9309fbe
+PKG_MD5SUM:=bbb7a7264f1c7d9c444fd16bf6f89832
PKG_MAINTAINER:=Jo-Philipp Wich <jow@openwrt.org>
PKG_LICENSE:=Libpng GPL-2.0+ BSD-3-Clause
PKG_NAME:=libshout
PKG_VERSION:=2.3.1
-PKG_RELEASE:=1
+PKG_RELEASE:=3
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://downloads.us.xiph.org/releases/libshout/
PKG_MD5SUM:=11765b2592e7ea623ccd93d3f8df172c
include $(INCLUDE_DIR)/package.mk
-define Package/libshout
+define Package/libshout/default
SECTION:=libs
CATEGORY:=Libraries
- TITLE:=Library which can be used to write a source client like ices
+ TITLE:=Shoutcast client library
URL:=http://www.icecast.org/download.php
- DEPENDS:= +libspeex +libtheora +libvorbis +libvorbisidec +libpthread
+ DEPENDS:= +libvorbis +libvorbisidec +libpthread
+endef
+
+define Package/libshout
+ $(call Package/libshout/default)
+ TITLE+= (no speex & theora)
+ VARIANT:=nospeex
+endef
+
+define Package/libshout-full
+ $(call Package/libshout/default)
+ TITLE+= (all codecs)
+ DEPENDS+= +libspeex +libtheora
+ VARIANT:=full
endef
define Package/libshout/description
details.
endef
+Package/libshout-full/description=Package/libshout/description
+
CONFIGURE_ARGS += \
--enable-shared \
- --enable-static \
+ --enable-static
+
+ifeq ($(BUILD_VARIANT),nospeex)
+ CONFIGURE_ARGS += --disable-theora --disable-speex
+endif
CONFIGURE_VARS += \
VORBIS_CFLAGS="-I$(STAGING_DIR)/usr/include/tremor/" \
TARGET_CFLAGS += $(FPIC) -Wl,-rpath-link="$(STAGING_DIR)/usr/lib"
+PACKAGE_CONFIG_FILE=shout$(if $(findstring $(BUILD_VARIANT),full),-full).pc
+
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include
$(CP) $(PKG_INSTALL_DIR)/usr/include/shout $(1)/usr/include/
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libshout.{a,so*} $(1)/usr/lib/
$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/shout.pc $(1)/usr/lib/pkgconfig/
- $(SED) 's| -I/usr/include||' $(1)/usr/lib/pkgconfig/shout.pc
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/shout.pc $(1)/usr/lib/pkgconfig/$(PACKAGE_CONFIG_FILE)
+ $(SED) 's| -I/usr/include||' $(1)/usr/lib/pkgconfig/$(PACKAGE_CONFIG_FILE)
endef
define Package/libshout/install
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libshout.so.* $(1)/usr/lib/
endef
+Package/libshout-full/install=$(Package/libshout/install)
$(eval $(call BuildPackage,libshout))
+$(eval $(call BuildPackage,libshout-full))
include $(TOPDIR)/rules.mk
PKG_NAME:=libsndfile
-PKG_VERSION:=1.0.25
+PKG_VERSION:=1.0.26
PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://www.mega-nerd.com/libsndfile/files/
-PKG_MD5SUM:=e2b7bb637e01022c7d20f95f9c3990a2
+PKG_MD5SUM:=ec810a0c60c08772a8a5552704b63393
PKG_LICENSE:=LGPLv2.1
PKG_LICENSE_FILES:=COPYING
+++ /dev/null
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -1,5 +1,7 @@
- ## Process this file with automake to produce Makefile.in
-
-+ACLOCAL_AMFLAGS = -I M4
-+
- DISTCHECK_CONFIGURE_FLAGS = --enable-gcc-werror
-
- if BUILD_OCTAVE_MOD
#
-# Copyright (C) 2006-2014 OpenWrt.org
+# Copyright (C) 2006-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(TOPDIR)/rules.mk
PKG_NAME:=libxml2
-PKG_VERSION:=2.9.2
-PKG_RELEASE:=3
+PKG_VERSION:=2.9.3
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://gd.tuwien.ac.at/languages/libxml/ \
http://xmlsoft.org/sources/ \
ftp://fr.rpmfind.net/pub/libxml/
-PKG_MD5SUM:=9e6a9aca9d155737868b3dc5fd82f788
+PKG_MD5SUM:=daece17e045f1c107610e137ab50c179
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=COPYING
+++ /dev/null
-From e3e04d254fb6bac49a285775b729e28b0500476c Mon Sep 17 00:00:00 2001
-From: Michael Heimpold <mhei@heimpold.de>
-Date: Sun, 21 Dec 2014 01:03:49 +0100
-Subject: [PATCH] threads: use forward declarations only for glibc (fixes
- #704908)
-
-The declarations of pthread functions, used to generate weak references
-to them, fail to suppress macros. Thus, if any pthread function has
-been provided as a macro, compiling threads.c will fail.
-This breaks on musl libc, which defines pthread_equal as a macro (in
-addition to providing the function, as required).
-
-Prevent the declarations for e.g. musl libc by refining the condition.
-
-The idea for this solution was borrowed from the alpine linux guys, see
-http://git.alpinelinux.org/cgit/aports/tree/main/libxml2/libxml2-pthread.patch
-
-Signed-off-by: Michael Heimpold <mhei@heimpold.de>
----
- threads.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
---- a/threads.c
-+++ b/threads.c
-@@ -47,7 +47,7 @@
- #ifdef HAVE_PTHREAD_H
-
- static int libxml_is_threaded = -1;
--#ifdef __GNUC__
-+#if defined(__GNUC__) && defined(__GLIBC__)
- #ifdef linux
- #if (__GNUC__ == 3 && __GNUC_MINOR__ >= 3) || (__GNUC__ > 3)
- extern int pthread_once (pthread_once_t *__once_control,
-@@ -89,7 +89,7 @@ extern int pthread_cond_signal ()
- __attribute((weak));
- #endif
- #endif /* linux */
--#endif /* __GNUC__ */
-+#endif /* defined(__GNUC__) && defined(__GLIBC__) */
- #endif /* HAVE_PTHREAD_H */
-
- /*
include $(TOPDIR)/rules.mk
PKG_NAME:=p11-kit
-PKG_VERSION:=0.20.7
+PKG_VERSION:=0.23.1
PKG_RELEASE:=1
PKG_MAINTAINER:=Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_MD5SUM:=6648cad01a3080b685b8b3bf7372c91a
+PKG_MD5SUM:=96f073270c489c9a594e1c9413f42db8
PKG_SOURCE_URL:=http://p11-glue.freedesktop.org/releases/
PKG_INSTALL:=1
--- /dev/null
+#
+# Copyright (C) 2006-2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=mutt
+PKG_VERSION:=1.5.24
+PKG_RELEASE:=1
+
+PKG_SOURCE_URL:=ftp://ftp.mutt.org/pub/mutt/
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_MD5SUM:=7f25d27f3c7c82285ac07aac35f5f0f2
+
+PKG_LICENSE:=GPL-2.0+
+PKG_LICENSE_FILES:=GPL
+PKG_MAINTAINER=Phil Eichinger <phil@zankapfel.net>
+
+
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/mutt
+ SECTION:=mail
+ CATEGORY:=Mail
+ DEPENDS:=+libopenssl +libncursesw
+ TITLE:=Console mail client
+ URL:=http://www.mutt.org/
+endef
+
+define Package/mutt/description
+ Mutt is a small but very powerful text-based mail client for Unix
+ operating systems.
+endef
+
+CONFIGURE_ARGS += \
+ --includedir=$(PKG_BUILD_DIR)/. \
+ --oldincludedir=$(PKG_BUILD_DIR)/. \
+ --enable-pop \
+ --enable-imap \
+ --with-ssl \
+ --without-idn
+
+define Package/mutt/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/mutt $(1)/usr/bin/
+endef
+
+$(eval $(call BuildPackage,mutt))
--- /dev/null
+From b0e285a8c7faaec8807fdd677da6750f341f0109 Mon Sep 17 00:00:00 2001
+From: Phil Eichinger <phil@zankapfel.net>
+Date: Thu, 19 Nov 2015 13:18:53 +0100
+Subject: [PATCH] no po and docs
+
+[adapted old patch and converted to git patch]
+Signed-off-by: Phil Eichinger <phil@zankapfel.net>
+---
+ Makefile.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Makefile.in b/Makefile.in
+index 1909835..cfa7ca0 100644
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -458,7 +458,7 @@ get_cs_cmdline = $(call get_cs_compile,$(1)) $(call get_cs_all_flags,$(1),check_
+ AUTOMAKE_OPTIONS = 1.6 foreign
+ @BUILD_IMAP_TRUE@IMAP_SUBDIR = imap
+ @BUILD_IMAP_TRUE@IMAP_INCLUDES = -I$(top_srcdir)/imap
+-SUBDIRS = m4 po intl doc contrib $(IMAP_SUBDIR)
++SUBDIRS = m4 intl contrib $(IMAP_SUBDIR)
+ bin_SCRIPTS = muttbug flea $(SMIMEAUX_TARGET)
+ @BUILD_HCACHE_TRUE@HCVERSION = hcversion.h
+ BUILT_SOURCES = keymap_defs.h patchlist.c reldate.h conststrings.c $(HCVERSION)
+--
+2.1.4
+
PKG_LICENSE_FILES:=COPYING
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=https://download.gnome.org/sources/grilo-plugins/0.2/
+PKG_SOURCE_URL:=@GNOME/grilo-plugins/0.2/
PKG_MD5SUM:=62ecaad877b485a950259eef1ef38c18
PKG_BUILD_DEPENDS:=glib2 grilo
PKG_LICENSE_FILES:=COPYING
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=https://download.gnome.org/sources/grilo/0.2/
+PKG_SOURCE_URL:=@GNOME/grilo/0.2/
PKG_MD5SUM:=7eba405ada20fefcb877d534d9d4f
PKG_BUILD_DEPENDS:=glib2 libsoup libxml2
PKG_NAME:=gst1-plugins-bad
PKG_VERSION:=1.4.5
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org>
--disable-resindvd \
--disable-faac \
--disable-faad \
- --disable-fbdev \
--disable-flite \
--disable-gsm \
--disable-kate \
$(eval $(call GstBuildPlugin,dataurisrc,dataurisrc support,,,))
$(eval $(call GstBuildPlugin,debugutilsbad,debugutils support,video,,))
$(eval $(call GstBuildPlugin,dvdspu,dvdspu support,video,,))
+$(eval $(call GstBuildPlugin,fbdevsink,fbdev support,video,,))
$(eval $(call GstBuildPlugin,festival,festival support,audio,,))
$(eval $(call GstBuildPlugin,frei0r,frei0r support,controller video,,))
$(eval $(call GstBuildPlugin,id3tag,id3tag support,tag,,))
PKG_NAME:=mjpg-streamer
PKG_REV:=182
PKG_VERSION:=r$(PKG_REV)
-PKG_RELEASE:=7
+PKG_RELEASE:=8
PKG_MAINTAINER:=Roger D <rogerdammit@gmail.com>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).1.tar.bz2
--- /dev/null
+--- a/plugins/input_uvc/v4l2uvc.c
++++ b/plugins/input_uvc/v4l2uvc.c
+@@ -130,7 +130,7 @@ int init_videoIn(struct vdIn *vd, char *
+ return -1;
+ }
+
+- memcpy(&pglobal->in[id].in_formats[pglobal->in[id].formatCount], &fmtdesc, sizeof(input_format));
++ memcpy(&pglobal->in[id].in_formats[pglobal->in[id].formatCount], &fmtdesc, sizeof(struct v4l2_fmtdesc));
+
+ if(fmtdesc.pixelformat == format)
+ pglobal->in[id].currentFormat = pglobal->in[id].formatCount;
PKG_NAME:=oggfwd
PKG_REV:=506088e5066abd086efc951670906187c120e9a3
PKG_VERSION:=20150412
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=git://r-w-x.org/oggfwd.git
SUBMENU:=Streaming
TITLE:=Pipe media into icecast
URL:=http://www.v2v.cc/~j/oggfwd
- DEPENDS:=+libpthread +libshout
+ DEPENDS:=+libpthread +libshout-full
endef
define Package/oggfwd/description
include $(TOPDIR)/rules.mk
PKG_NAME:=adblock
-PKG_VERSION:=0.20.3
+PKG_VERSION:=0.22.2
PKG_RELEASE:=1
PKG_LICENSE:=GPL-3.0+
PKG_MAINTAINER:=Dirk Brenken <dirk@brenken.org>
define Package/$(PKG_NAME)
SECTION:=net
CATEGORY:=Network
- TITLE:=powerful adblock script to block ad/abuse domains
+ TITLE:=Powerful adblock script to block ad/abuse domains
DEPENDS:=+curl +wget
PKGARCH:=all
endef
define Package/$(PKG_NAME)/description
-powerful adblock script to block ad/abuse domains
-When the dns server on your router receives dns requests, we will sort out queries that ask for the [A] resource records of ad servers
-and return the local ip address of your router and the internal web server delivers a transparent pixel instead.
+Powerful adblock script to block ad/abuse domains
+When the dns server on your router receives dns requests, we will sort out queries that ask for the [A]
+resource records of ad servers and return the local ip address of your router and the internal web server
+delivers a transparent pixel instead.
The script supports the following domain blacklist sites:
http://pgl.yoyo.org/adservers
http://malwaredomains.com
http://www.spam404.com
http://winhelp2002.mvps.org
+Please read README.md in /etc/adblock for further information.
+
endef
define Package/$(PKG_NAME)/conffiles
## Main Features
* support of the following domain blacklist sites (free for private usage, for commercial use please check their individual licenses):
- * [pgl.yoyo.org](http://pgl.yoyo.org/adservers)
- * [malwaredomains.com](http://malwaredomains.com)
- * [zeustracker.abuse.ch](https://zeustracker.abuse.ch)
- * [feodotracker.abuse.ch](https://feodotracker.abuse.ch)
- * [palevotracker.abuse.ch](https://palevotracker.abuse.ch)
- * [dshield.org](http://dshield.org)
- * [shallalist.de](http://www.shallalist.de) (tested with the categories "adv" "costtraps" "downloads" "spyware" "tracker" "warez")
- * [spam404.com](http://www.spam404.com)
- * [winhelp2002.mvps.org](http://winhelp2002.mvps.org)
+ * [pgl.yoyo.org](http://pgl.yoyo.org/adservers), approx. 2.500 entries
+ * [malwaredomains.com](http://malwaredomains.com), approx. 16.000 entries
+ * [zeustracker.abuse.ch](https://zeustracker.abuse.ch), approx. 420 entries
+ * [feodotracker.abuse.ch](https://feodotracker.abuse.ch), approx. 10 entries
+ * [palevotracker.abuse.ch](https://palevotracker.abuse.ch), approx. 10 entries
+ * [dshield.org](http://dshield.org), approx. 4.500 entries
+ * [shallalist.de](http://www.shallalist.de) (categories "adv" "costtraps" "spyware" "tracker" "warez" enabled by default), approx. 32.000 entries
+ * a short description of all shallalist categories can be found [online](http://www.shallalist.de/categories.html)
+ * [spam404.com](http://www.spam404.com), approx. 5.000 entries
+ * [winhelp2002.mvps.org](http://winhelp2002.mvps.org), approx. 15.000 entries
* blocklist parsing by fast & flexible regex rulesets
* additional white- and blacklist support for manual overrides
* separate dynamic adblock network interface
* separate dynamic uhttpd instance as pixel server
-* optional: quality checks and a powerful backup/restore handling to ensure a reliable dnsmasq service
-* optional: adblock updates only on pre-defined wan interfaces
-* optional: domain query logging as a background service to easily identify free and already blocked domains
+* adblock quality checks after list update to ensure a reliable dnsmasq service
+* optional: powerful adblock list backup/restore handling
+* optional: adblock updates only on pre-defined wan interfaces (useful for (mobile) multiwan setups)
+* optional: domain query logging as a background service to easily identify free and already blocked domains (see example output below)
+* optional: status & error logging to separate file (req. ntp time sync)
* optional: ntp time sync
-* optional: status & error logging (req. ntp time sync)
## Prerequisites
* [openwrt](https://openwrt.org) (tested only with trunk > r47025), CC should also work
* additional software packages:
* curl
* wget (due to an openwrt bug still needed for certain https requests - see ticket #19621)
- * busybox find with *-mtime* support for logfile housekeeping (enabled by default with r47362, will be disabled if not found)
-* optional: mounted usb stick or any other storage device to overcome limited memory resources on embedded router devices
-* the above dependencies will be checked during package installation & script runtime, please check *logread -e "adblock"* for errors
+ * optional: busybox find with *-mtime* support for logfile housekeeping (enabled by default with r47362, will be disabled if not found)
+ * optional: coreutils-sort for reliable sort results, even on low memory systems
+* recommended: add an usb stick or any other storage device to supersize your /tmp directory with a swap partition (see [openwrt wiki](https://wiki.openwrt.org/doc/uci/fstab))
+* the above dependencies and requirements will be checked during package installation & script startup, please check console output or *logread -e "adblock"* for errors
## Usage
* select & install adblock package (*opkg install adblock*)
-* configure /etc/config/adblock to your needs
-* start /usr/bin/adblock-update.sh and check *logread -e "adblock"* for errors
+* configure */etc/config/adblock* to your needs, see additional comments in *adblock.conf.sample*
+* at least configure the ip address of the local adblock interface/uhttpd instance, needs to be a different subnet from the normal LAN
+* optional: add additional domain white- or blacklist entries, one domain per line (wildcards & regex are not allowed!), both list are located in */etc/adblock*
+* by default openwrts main uhttpd instance is bind to all ports of your router. For a working adblock setup you have to bind uhttpd to the standard LAN port only, please change listen_http accordingly
+* start /usr/bin/adblock-update.sh and check console output or *logread -e "adblock"* for errors
## Distributed samples
-* all sample configuration files stored in */etc/adblock/samples*.
-* to enable/disable additional domain query logging set the dnsmasq option *logqueries* accordingly, see *dhcp.config.sample*.
-* for script autostart by rc.local and /tmp resizing on the fly see *rc.local.sample*.
-* for scheduled call of *adblock-update.sh* see *root.crontab.sample*.
-* to redirect/force all dns queries to your router see *firwall.user.sample*.
-* for further dnsmasq tweaks see *dnsmasq.conf.sample*.
+* all sample configuration files stored in */etc/adblock/samples*
+* to enable/disable additional domain query logging set the dnsmasq option *logqueries* accordingly, see *dhcp.config.sample*
+* to bind uhttpd to standard LAN port only, see *uhttpd.config.sample*
+* for script autostart by rc.local and /tmp resizing on the fly see *rc.local.sample*
+* for scheduled call of *adblock-update.sh* see *root.crontab.sample*
+* to redirect/force all dns queries to your router see *firwall.user.sample*
+* for further dnsmasq tweaks see *dnsmasq.conf.sample*
+
+## Examples
+
+ stdout excerpt for successful adblock run:
+
+ adblock[11541] info : domain adblock processing started (0.22.2, r47665, 29.11.2015 14:58:11)
+ adblock[11541] info : wan update check will be disabled
+ adblock[11541] info : get ntp time sync (192.168.254.254), after 0 loops
+ adblock[11541] info : shallalist (pre-)processing started ...
+ adblock[11541] info : shallalist (pre-)processing finished (adv costtraps spyware tracker warez)
+ adblock[11541] info : source download finished (http://pgl.yoyo.org/adservers/serverlist.php?hostformat=one-line&showintro=0&mimetype=plaintext, 2423 entries)
+ adblock[11541] info : source download finished (http://mirror1.malwaredomains.com/files/justdomains, 16016 entries)
+ adblock[11541] info : source download finished (https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist, 419 entries)
+ adblock[11541] info : source download finished (https://feodotracker.abuse.ch/blocklist/?download=domainblocklist, 0 entries)
+ adblock[11541] info : source download finished (https://palevotracker.abuse.ch/blocklists.php?download=domainblocklist, 12 entries)
+ adblock[11541] info : source download finished (http://www.dshield.org/feeds/suspiciousdomains_Low.txt, 4542 entries)
+ adblock[11541] info : source download finished (http://spam404bl.com/spam404scamlist.txt, 5193 entries)
+ adblock[11541] info : source download finished (http://winhelp2002.mvps.org/hosts.txt, 13635 entries)
+ adblock[11541] info : source download finished (file:////tmp/tmp.CgbMmO/shallalist.txt, 32446 entries)
+ adblock[11541] info : empty source download finished (file:///etc/adblock/adblock.blacklist)
+ adblock[11541] info : domain merging finished
+ adblock[11541] info : new adblock list with 69646 domains loaded, backup generated
+ adblock[11541] info : domain adblock processing finished (0.22.2, r47665, 29.11.2015 14:59:23)
+
+
+ generated domain blocklist for dnsmasq:
+
+ address=/0-29.com/192.168.2.1
+ address=/0-2u.com/192.168.2.1
+ address=/0.r.msn.com/192.168.2.1
+ address=/00.devoid.us/192.168.2.1
+ address=/000007.ru/192.168.2.1
+ [...]
+ address=/zzz.cn/192.168.2.1
+ address=/zzzjsh.com/192.168.2.1
+ ####################################################
+ # last adblock list update: 20.11.2015 - 18:00:02
+ # adblock-update.sh (0.21.0) - 73087 ad/abuse domains blocked
+ # domain blacklist sources:
+ # http://pgl.yoyo.org/adservers/serverlist.php?hostformat=one-line&showintro=0&mimetype=plaintext
+ # http://mirror1.malwaredomains.com/files/justdomains
+ # https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist
+ # https://feodotracker.abuse.ch/blocklist/?download=domainblocklist
+ # https://palevotracker.abuse.ch/blocklists.php?download=domainblocklist
+ # http://www.dshield.org/feeds/suspiciousdomains_Low.txt
+ # http://spam404bl.com/spam404scamlist.txt
+ # http://winhelp2002.mvps.org/hosts.txt
+ # file:////tmp/tmp.CLBLNF/shallalist.txt
+ # file:///etc/adblock/adblock.blacklist
+ #####
+ # /etc/adblock/adblock.whitelist
+ ####################################################
+
+
+ domain query log excerpt:
+
+ query[A] www.seenby.de from fe80::6257:18ff:fe6b:4667
+ query[A] tarifrechner.heise.de from 192.168.1.131
+ query[A] www.mittelstandswiki.de from fe80::6257:18ff:fe6b:4667
+ query[A] ad.doubleclick.net from 192.168.1.131
+ ad.doubleclick.net is 192.168.2.1
+
+
+The first three queries are OK (not blocked), the last one has been blocked and answered by local dnsmasq instance.
Have fun!
Dirk
then
. /lib/functions.sh
else
- /usr/bin/logger -t "adblock[${pid}]" "error: openwrt function library not found"
+ rc=510
+ f_log "openwrt function library not found" "${rc}"
f_deltemp
- exit 10
fi
# source in openwrt json helpers library
then
. "/usr/share/libubox/jshn.sh"
else
- /usr/bin/logger -t "adblock[${pid}]" "error: openwrt json helpers library not found"
+ rc=515
+ f_log "openwrt json helpers library not found" "${rc}"
f_deltemp
- exit 15
fi
# get list with all installed openwrt packages
pkg_list="$(opkg list-installed 2>/dev/null)"
if [ -z "${pkg_list}" ]
then
- /usr/bin/logger -t "adblock[${pid}]" "error: empty openwrt package list"
+ rc=520
+ f_log "empty openwrt package list" "${rc}"
f_deltemp
- exit 20
fi
}
#
f_envparse()
{
+ # set the C locale, characters are single bytes, the charset is ASCII
+ # speeds up sort, grep etc., guarantees unique domains
+ #
+ LC_ALL=C
+
+ # set initial defaults (may be overwritten by adblock config options)
+ #
+ adb_if="adblock"
+ adb_minspace="20000"
+ adb_maxtime="60"
+ adb_maxloop="5"
+
+ # adblock device name auto detection
+ # derived from first entry in openwrt lan ifname config
+ #
+ adb_dev="$(uci get network.lan.ifname 2>/dev/null)"
+ adb_dev="${adb_dev/ *}"
+
+ # adblock ntp server name auto detection
+ # derived from ntp list found in openwrt ntp server config
+ #
+ adb_ntpsrv="$(uci get system.ntp.server 2>/dev/null)"
+
# function to read/set global options by callback,
# prepare list items and build option list for all others
#
done
elif [ "${config}" = "wancheck" ]
then
- unset adb_wandev
+ unset adb_wandev 2>/dev/null
elif [ "${config}" = "ntpcheck" ]
then
- unset adb_ntpsrv
+ unset adb_ntpsrv 2>/dev/null
elif [ "${config}" = "shalla" ]
then
- unset adb_cat_shalla
+ unset adb_cat_shalla 2>/dev/null
fi
}
# set temp variables and counter
#
- adb_tmpfile="$(mktemp -tu)"
- adb_tmpdir="$(mktemp -d)"
- cnt=0
- max_cnt=30
- max_time=60
+ adb_tmpfile="$(mktemp -tu 2>/dev/null)"
+ adb_tmpdir="$(mktemp -p /tmp -d 2>/dev/null)"
# set adblock source ruleset definitions
#
#
f_envcheck()
{
+ # check required config variables
+ #
+ adb_varlist="adb_ip adb_dev adb_if adb_domain adb_minspace adb_maxloop adb_maxtime adb_blacklist adb_whitelist"
+ for var in ${adb_varlist}
+ do
+ if [ -z "$(eval printf \"\$"${var}"\")" ]
+ then
+ rc=525
+ f_log "missing adblock config option (${var})" "${rc}"
+ f_deltemp
+ fi
+ done
+
+ # check main uhttpd configuration
+ #
+ check_uhttpd="$(uci get uhttpd.main.listen_http 2>/dev/null | grep -Fo "0.0.0.0")"
+ if [ -n "${check_uhttpd}" ]
+ then
+ rc=530
+ lan_ip="$(uci get network.lan.ipaddr 2>/dev/null)"
+ f_log "main uhttpd instance listens to all network interfaces, please bind uhttpd to LAN only (${lan_ip})" "${rc}"
+ f_deltemp
+ fi
+
# check adblock network device configuration
#
if [ ! -d "/sys/class/net/${adb_dev}" ]
then
- /usr/bin/logger -t "adblock[${pid}]" "error: invalid adblock network device input (${adb_dev})"
+ rc=535
+ f_log "invalid adblock network device input (${adb_dev})" "${rc}"
f_deltemp
- exit 25
fi
# check adblock network interface configuration
#
- check_if="$(printf "${adb_if}" | sed -n '/[^_0-9A-Za-z]/p')"
+ check_if="$(printf "${adb_if}" | sed -n '/[^._0-9A-Za-z]/p')"
banned_if="$(printf "${adb_if}" | sed -n '/.*lan.*\|.*wan.*\|.*switch.*\|main\|globals\|loopback\|px5g/p')"
if [ -n "${check_if}" ] || [ -n "${banned_if}" ]
then
- /usr/bin/logger -t "adblock[${pid}]" "error: invalid adblock network interface input (${adb_if})"
+ rc=540
+ f_log "invalid adblock network interface input (${adb_if})" "${rc}"
f_deltemp
- exit 30
fi
# check adblock ip address configuration
check_ip="$(printf "${adb_ip}" | sed -n '/\([0-9]\{1,3\}\.\)\{3\}[0-9]\{1,3\}/p')"
if [ -z "${check_ip}" ]
then
- /usr/bin/logger -t "adblock[${pid}]" "error: invalid adblock ip address input (${adb_ip})"
+ rc=545
+ f_log "invalid adblock ip address input (${adb_ip})" "${rc}"
f_deltemp
- exit 35
fi
# check adblock blacklist/whitelist configuration
#
if [ ! -r "${adb_blacklist}" ]
then
- /usr/bin/logger -t "adblock[${pid}]" "error: adblock blacklist not found"
+ rc=550
+ f_log "adblock blacklist not found" "${rc}"
f_deltemp
- exit 40
elif [ ! -r "${adb_whitelist}" ]
then
- /usr/bin/logger -t "adblock[${pid}]" "error: adblock whitelist not found"
+ rc=555
+ f_log "adblock whitelist not found" "${rc}"
f_deltemp
- exit 45
fi
- # check wan update configuration
+ # check adblock temp directory
#
- if [ -n "${adb_wandev}" ]
+ if [ -n "${adb_tmpdir}" ] && [ -d "${adb_tmpdir}" ]
then
- wan_ok="true"
+ f_space "${adb_tmpdir}"
+ tmp_ok="true"
else
- wan_ok="false"
- /usr/bin/logger -t "adblock[${pid}]" "info: wan update check will be disabled"
+ rc=560
+ tmp_ok="false"
+ f_log "temp directory not found" "${rc}"
+ f_deltemp
fi
- # check ntp sync configuration
+ # check curl package dependency
#
- if [ -n "${adb_ntpsrv}" ]
+ check="$(printf "${pkg_list}" | grep "^curl -")"
+ if [ -z "${check}" ]
then
- ntp_ok="true"
- else
- ntp_ok="false"
- /usr/bin/logger -t "adblock[${pid}]" "info: ntp time sync will be disabled"
+ rc=565
+ f_log "curl package not found" "${rc}"
+ f_deltemp
fi
- # check backup configuration
+ # check wget package dependency
#
- adb_backupdir="${adb_backupfile%/*}"
- if [ -n "${adb_backupdir}" ] && [ -d "${adb_backupdir}" ]
+ check="$(printf "${pkg_list}" | grep "^wget -")"
+ if [ -z "${check}" ]
then
- backup_ok="true"
- adb_mounts="${adb_backupdir} ${adb_tmpdir}"
+ rc=570
+ f_log "wget package not found" "${rc}"
+ f_deltemp
+ fi
+
+ # check ca-certificates package and set wget/curl parms accordingly
+ #
+ check="$(printf "${pkg_list}" | grep "^ca-certificates -")"
+ if [ -z "${check}" ]
+ then
+ curl_parm="-q --insecure"
+ wget_parm="--no-config --no-hsts --no-check-certificate"
else
- backup_ok="false"
- /usr/bin/logger -t "adblock[${pid}]" "info: backup/restore will be disabled"
+ curl_parm="-q"
+ wget_parm="--no-config --no-hsts"
fi
- # check error log configuration
+ # check total and swap memory
#
- adb_logdir="${adb_logfile%/*}"
- if [ -n "${adb_logfile}" ] && [ "${adb_logfile}" = "/dev/stdout" ]
+ mem_total="$(cat /proc/meminfo | grep -F "MemTotal" | grep -o "[0-9]*")"
+ mem_free="$(cat /proc/meminfo | grep -F "MemFree" | grep -o "[0-9]*")"
+ swap_total="$(cat /proc/meminfo | grep -F "SwapTotal" | grep -o "[0-9]*")"
+ if [ $((mem_total)) -le 64000 ] && [ $((swap_total)) -eq 0 ]
then
- log_ok="true"
- adb_logfile="/proc/self/fd/1"
- elif [ -n "${adb_logdir}" ] && [ -d "${adb_logdir}" ] && [ "${ntp_ok}" = "true" ]
+ f_log "please consider adding an external swap device to supersize your /tmp directory (total: ${mem_total}, free: ${mem_free}, swap: ${mem_swap})"
+ fi
+
+ # check backup configuration
+ #
+ adb_backupdir="${adb_backupfile%/*}"
+ if [ -n "${adb_backupdir}" ] && [ -d "${adb_backupdir}" ]
then
- log_ok="true"
- adb_mounts="${adb_mounts} ${adb_logdir}"
+ f_space "${adb_backupdir}"
+ backup_ok="true"
else
- log_ok="false"
- adb_logfile="/dev/null"
- /usr/bin/logger -t "adblock[${pid}]" "info: error logging will be disabled"
+ backup_ok="false"
+ f_log "backup/restore will be disabled"
fi
# check dns query log configuration
#
adb_querydir="${adb_queryfile%/*}"
- query_pid="/var/run/adb_query.pid"
+ adb_querypid="/var/run/adb_query.pid"
if [ -n "${adb_querydir}" ] && [ -d "${adb_querydir}" ]
then
# check find capabilities
#
- check="$(find --help 2>&1 | grep "mtime")"
+ check="$(find --help 2>&1 | grep -F "mtime")"
if [ -z "${check}" ]
then
query_ok="false"
- /usr/bin/logger -t "adblock[${pid}]" "info: busybox without 'find/mtime' support (min. r47362), dns query logging will be disabled"
+ f_log "busybox without 'find/mtime' support (min. r47362), dns query logging will be disabled"
else
+ f_space "${adb_querydir}"
query_ok="true"
query_name="${adb_queryfile##*/}"
query_ip="${adb_ip//./\\.}"
- adb_mounts="${adb_mounts} ${adb_querydir}"
fi
else
query_ok="false"
- if [ -s "${query_pid}" ]
+ f_log "dns query logging will be disabled"
+ if [ -s "${adb_querypid}" ]
then
- kill -9 $(cat "${query_pid}") 2>/dev/null
- > "${query_pid}"
- /usr/bin/logger -t "adblock[${pid}]" "info: remove old dns query log background process"
+ kill -9 "$(cat "${adb_querypid}")" >/dev/null 2>&1
+ f_log "remove old dns query log background process (pid: $(cat "${adb_querypid}" 2>/dev/null))"
+ > "${adb_querypid}"
fi
- /usr/bin/logger -t "adblock[${pid}]" "info: dns query logging will be disabled"
fi
- # check mount points & space requirements
+ # check debug log configuration
#
- adb_mounts="${adb_mounts} ${adb_tmpdir}"
- for mp in ${adb_mounts}
- do
- df "${mp}" 2>/dev/null |\
- tail -n1 |\
- while read filesystem overall used available scrap
- do
- av_space="${available}"
- if [ $((av_space)) -eq 0 ]
- then
- /usr/bin/logger -t "adblock[${pid}]" "error: no space left on device/not mounted (${mp})"
- exit 50
- elif [ $((av_space)) -lt $((adb_minspace)) ]
- then
- /usr/bin/logger -t "adblock[${pid}]" "error: not enough space left on device (${mp})"
- exit 55
- fi
- done
- # subshell return code handling
- #
- rc=$?
- if [ $((rc)) -ne 0 ]
- then
- f_deltemp
- exit ${rc}
- fi
- done
+ adb_logdir="${adb_logfile%/*}"
+ if [ -n "${adb_logdir}" ] && [ -d "${adb_logdir}" ]
+ then
+ f_space "${adb_logdir}"
+ log_ok="true"
+ else
+ log_ok="false"
+ f_log "debug logging will be disabled"
+ fi
- # check curl package dependency
+ # check wan update configuration
#
- check="$(printf "${pkg_list}" | grep "^curl")"
- if [ -z "${check}" ]
+ if [ -n "${adb_wandev}" ]
then
- /usr/bin/logger -t "adblock[${pid}]" "error: curl package not found"
- f_deltemp
- exit 60
+ f_wancheck "${adb_maxloop}"
+ else
+ wan_ok="false"
+ f_log "wan update check will be disabled"
fi
- # check wget package dependency
+ # check ntp sync configuration
#
- check="$(printf "${pkg_list}" | grep "^wget")"
- if [ -z "${check}" ]
+ if [ -n "${adb_ntpsrv}" ]
then
- /usr/bin/logger -t "adblock[${pid}]" "error: wget package not found"
- f_deltemp
- exit 65
+ f_ntpcheck "${adb_maxloop}"
+ else
+ ntp_ok="false"
+ f_log "ntp time sync will be disabled"
fi
# check dynamic/volatile adblock network interface configuration
#
- rc="$(ifstatus "${adb_if}" >/dev/null 2>&1; printf $?)"
+ rc="$(ifstatus "${adb_if}" >/dev/null 2>&1; printf ${?})"
if [ $((rc)) -ne 0 ]
then
json_init
json_close_array
json_close_object
ubus call network add_dynamic "$(json_dump)"
- /usr/bin/logger -t "adblock[${pid}]" "info: created new dynamic/volatile network interface (${adb_if}, ${adb_ip})"
+ rc=${?}
+ if [ $((rc)) -eq 0 ]
+ then
+ f_log "created new dynamic/volatile network interface (${adb_if}, ${adb_ip})"
+ else
+ f_log "failed to initialize new dynamic/volatile network interface (${adb_if}, ${adb_ip})" "${rc}"
+ f_remove
+ fi
fi
# check dynamic/volatile adblock uhttpd instance configuration
#
- rc="$(ps | grep "[u]httpd.*\-r ${adb_if}" >/dev/null 2>&1; printf $?)"
+ rc="$(ps | grep "[u]httpd.*\-r ${adb_if}" >/dev/null 2>&1; printf ${?})"
if [ $((rc)) -ne 0 ]
then
- uhttpd -h "/www/adblock" -r "${adb_if}" -E "/adblock.html" -p "${adb_ip}:80"
- /usr/bin/logger -t "adblock[${pid}]" "info: created new dynamic/volatile uhttpd instance (${adb_if}, ${adb_ip})"
+ uhttpd -h "/www/adblock" -r "${adb_if}" -E "/adblock.html" -p "${adb_ip}:80" >/dev/null 2>&1
+ rc=${?}
+ if [ $((rc)) -eq 0 ]
+ then
+ f_log "created new dynamic/volatile uhttpd instance (${adb_if}, ${adb_ip})"
+ else
+ f_log "failed to initialize new dynamic/volatile uhttpd instance (${adb_if}, ${adb_ip})" "${rc}"
+ f_remove
+ fi
+ fi
+
+ # remove no longer used environment variables
+ #
+ env_list="$(set | grep -o "CONFIG_[A-Za-z0-9_]*")"
+ for var in ${env_list}
+ do
+ unset "${var}" 2>/dev/null
+ done
+ unset env_list 2>/dev/null
+ unset pkg_list 2>/dev/null
+}
+
+################################################
+# f_log: log messages to stdout, syslog, logfile
+#
+f_log()
+{
+ local log_msg="${1}"
+ local log_rc="${2}"
+ local class="info "
+ if [ -n "${log_msg}" ]
+ then
+ if [ $((log_rc)) -ne 0 ]
+ then
+ class="error"
+ log_rc=", rc: ${log_rc}"
+ log_msg="${log_msg}${log_rc}"
+ fi
+ /usr/bin/logger -s -t "adblock[${pid}] ${class}" "${log_msg}"
+ if [ "${log_ok}" = "true" ] && [ "${ntp_ok}" = "true" ]
+ then
+ printf "%s\n" "$(/bin/date "+%d.%m.%Y %H:%M:%S") adblock[${pid}] ${class}: ${log_msg}" >> "${adb_logfile}"
+ fi
+ fi
+}
+
+################################################
+# f_space: check mount points/space requirements
+#
+f_space()
+{
+ local mp="${1}"
+ if [ -d "${mp}" ]
+ then
+ df "${mp}" 2>/dev/null |\
+ tail -n1 |\
+ while read filesystem overall used available scrap
+ do
+ av_space="${available}"
+ if [ $((av_space)) -eq 0 ]
+ then
+ rc=575
+ f_log "no space left on device/not mounted (${mp})" "${rc}"
+ exit ${rc}
+ elif [ $((av_space)) -lt $((adb_minspace)) ]
+ then
+ rc=580
+ f_log "not enough space left on device (${mp})" "${rc}"
+ exit ${rc}
+ fi
+ done
+ rc=${?}
+ if [ $((rc)) -eq 0 ]
+ then
+ space_ok="true"
+ else
+ space_ok="false"
+ f_deltemp
+ fi
fi
}
-###################################################
-# f_deltemp: delete temporary files and directories
+####################################################
+# f_deltemp: delete temp files, directories and exit
#
f_deltemp()
{
if [ -f "${adb_tmpfile}" ]
then
- rm -f "${adb_tmpfile}" 2>/dev/null
+ rm -f "${adb_tmpfile}" >/dev/null 2>&1
fi
if [ -d "${adb_tmpdir}" ]
then
- rm -rf "${adb_tmpdir}" 2>/dev/null
+ rm -rf "${adb_tmpdir}" >/dev/null 2>&1
fi
+ f_log "domain adblock processing finished (${adb_version}, ${openwrt_version}, $(/bin/date "+%d.%m.%Y %H:%M:%S"))"
+ exit ${rc}
}
-################################################################
-# f_remove: remove temporary files, start and maintain query log
+####################################################
+# f_remove: maintain and (re-)start domain query log
#
f_remove()
{
- # delete temporary files and directories
- #
- f_deltemp
-
- # remove existing domain query log background process,
- # do housekeeping and start a new process on daily basis
- #
if [ "${query_ok}" = "true" ] && [ "${ntp_ok}" = "true" ]
then
query_date="$(date "+%Y%m%d")"
- if [ -s "${query_pid}" ] && [ ! -f "${adb_queryfile}.${query_date}" ]
+ if [ -s "${adb_querypid}" ] && [ ! -f "${adb_queryfile}.${query_date}" ]
then
- kill -9 $(cat "${query_pid}") 2>/dev/null
- > "${query_pid}"
- find "${adb_backupdir}" -maxdepth 1 -type f -mtime +${adb_queryhistory} -name "${query_name}.*" -exec rm -f {} \; 2>/dev/null
- /usr/bin/logger -t "adblock[${pid}]" "info: remove old dns query log background process and do logfile housekeeping"
+ kill -9 "$(cat "${adb_querypid}")" >/dev/null 2>&1
+ find "${adb_backupdir}" -maxdepth 1 -type f -mtime +"${adb_queryhistory}" -name "${query_name}.*" -exec rm -f {} \; 2>/dev/null
+ f_log "remove old domain query log background process (pid: $(cat "${adb_querypid}")) and do logfile housekeeping"
+ > "${adb_querypid}"
fi
- if [ ! -s "${query_pid}" ]
+ if [ ! -s "${adb_querypid}" ]
then
- ( logread -f 2>/dev/null & printf "$!" > "${query_pid}" ) | egrep -o "(query\[A\].*)|([a-z0-9\.\-]* is ${query_ip}$)" >> "${adb_queryfile}.${query_date}" &
- /usr/bin/logger -t "adblock[${pid}]" "info: start new domain query log background process"
+ (logread -f 2>/dev/null & printf ${!} > "${adb_querypid}") | grep -Eo "(query\[A\].*)|([a-z0-9\.\-]* is ${query_ip}$)" >> "${adb_queryfile}.${query_date}" &
+ f_log "new domain query log background process started"
fi
fi
-
- # final log entry
- #
- /usr/bin/logger -t "adblock[${pid}]" "info: domain adblock processing finished (${adb_version})"
+ f_deltemp
}
-#####################################################
-# f_restore: if available, restore last adlist backup
+################################################################
+# f_restore: restore last adblocklist backup and restart dnsmasq
#
f_restore()
{
- if [ -z "${restore_msg}" ]
- then
- restore_msg="unknown"
- fi
-
if [ "${backup_ok}" = "true" ] && [ -f "${adb_backupfile}" ]
then
- cp -f "${adb_backupfile}" "${adb_dnsfile}" 2>/dev/null
- /usr/bin/logger -t "adblock[${pid}]" "error: ${restore_msg}, adlist backup restored"
- printf "%s\n" "$(/bin/date "+%d.%m.%Y %H:%M:%S") - error: ${restore_msg}, adlist backup restored" >> "${adb_logfile}"
+ cp -f "${adb_backupfile}" "${adb_dnsfile}" >/dev/null 2>&1
+ f_log "adblocklist backup restored"
else
> "${adb_dnsfile}"
- /usr/bin/logger -t "adblock[${pid}]" "error: ${restore_msg}, empty adlist generated"
- printf "%s\n" "$(/bin/date "+%d.%m.%Y %H:%M:%S") - error: ${restore_msg}, empty adlist generated" >> "${adb_logfile}"
+ f_log="empty adblocklist generated"
fi
-
- # restart dnsmasq
- #
/etc/init.d/dnsmasq restart >/dev/null 2>&1
-
- # remove files and exit
- #
f_remove
- exit 100
}
#######################################################
#
f_wancheck()
{
- if [ "${wan_ok}" = "true" ]
- then
- # wait for wan update interface(s)
- #
- while [ $((cnt)) -le $((max_cnt)) ]
+ local cnt=0
+ local cnt_max="${1}"
+ local dev
+ local dev_out
+ while [ $((cnt)) -le $((cnt_max)) ]
+ do
+ for dev in ${adb_wandev}
do
- for dev in ${adb_wandev}
- do
- if [ -d "/sys/class/net/${dev}" ]
- then
- dev_out="$(cat /sys/class/net/${dev}/operstate 2>/dev/null)"
- if [ "${dev_out}" = "up" ]
- then
- /usr/bin/logger -t "adblock[${pid}]" "info: get wan/update interface: ${dev}, after ${cnt} loops"
- break 2
- fi
- fi
- if [ $((cnt)) -eq $((max_cnt)) ]
+ if [ -d "/sys/class/net/${dev}" ]
+ then
+ dev_out="$(cat /sys/class/net/${dev}/operstate 2>/dev/null)"
+ rc=${?}
+ if [ "${dev_out}" = "up" ]
then
- wan_ok="false"
- /usr/bin/logger -t "adblock[${pid}]" "error: no wan/update interface(s) found (${adb_wandev})"
- printf "%s\n" "$(/bin/date "+%d.%m.%Y %H:%M:%S") - error: no wan/update interface(s) found (${adb_wandev})" >> "${adb_logfile}"
- restore_msg="no wan/update interface(s)"
- f_restore
+ wan_ok="true"
+ f_log "get wan/update interface (${dev}), after ${cnt} loops"
+ break 2
fi
- done
- sleep 1
- cnt=$((cnt + 1))
+ fi
done
+ sleep 1
+ cnt=$((cnt + 1))
+ done
+ if [ -z "${wan_ok}" ]
+ then
+ rc=585
+ wan_ok="false"
+ f_log "no wan/update interface(s) found (${adb_wandev# })" "${rc}"
+ f_restore
fi
}
#
f_ntpcheck()
{
- if [ "${ntp_ok}" = "true" ]
+ local cnt=0
+ local cnt_max="${1}"
+ local ntp_pool
+ for srv in ${adb_ntpsrv}
+ do
+ ntp_pool="${ntp_pool} -p ${srv}"
+ done
+ while [ $((cnt)) -le $((cnt_max)) ]
+ do
+ /usr/sbin/ntpd -nq ${ntp_pool} >/dev/null 2>&1
+ rc=${?}
+ if [ $((rc)) -eq 0 ]
+ then
+ ntp_ok="true"
+ f_log "get ntp time sync (${adb_ntpsrv# }), after ${cnt} loops"
+ break
+ fi
+ sleep 1
+ cnt=$((cnt + 1))
+ done
+ if [ -z "${ntp_ok}" ]
then
- # prepare ntp server pool
- #
- unset ntp_pool
- for srv in ${adb_ntpsrv}
- do
- ntp_pool="${ntp_pool} -p ${srv}"
- done
-
- # wait for ntp time sync
- #
- while [ $((cnt)) -le $((max_cnt)) ]
- do
- /usr/sbin/ntpd -nq ${ntp_pool} >/dev/null 2>&1
- rc=$?
- if [ $((rc)) -eq 0 ]
- then
- /usr/bin/logger -t "adblock[${pid}]" "info: get ntp time sync (${adb_ntpsrv}), after ${cnt} loops"
- break
- fi
- if [ $((cnt)) -eq $((max_cnt)) ]
- then
- ntp_ok="false"
- /usr/bin/logger -t "adblock[${pid}]" "error: ntp time sync failed (${adb_ntpsrv})"
- printf "%s\n" "$(/bin/date "+%d.%m.%Y %H:%M:%S") - error: ntp time sync failed (${adb_ntpsrv})" >> "${adb_logfile}"
- restore_msg="time sync failed"
- f_restore
- fi
- sleep 1
- cnt=$((cnt + 1))
- done
+ rc=590
+ ntp_ok="false"
+ f_log "ntp time sync failed (${adb_ntpsrv# })" "${rc}"
+ f_restore
fi
}
-#################################################################
-# f_dnscheck: dnsmasq health check with newly generated blocklist
+####################################################################
+# f_dnscheck: dnsmasq health check with newly generated adblock list
#
f_dnscheck()
{
- # check 1: dnsmasq startup
- #
+ local dns_status
dns_status="$(logread -l 20 -e "dnsmasq" -e "FAILED to start up")"
+ rc=${?}
if [ -z "${dns_status}" ]
then
- # check 2: nslookup probe
- #
- dns_status="$(nslookup "${adb_domain}" 2>/dev/null | grep "${adb_ip}")"
+ dns_status="$(nslookup "${adb_domain}" 2>/dev/null | grep -F "${adb_ip}")"
+ rc=${?}
if [ -z "${dns_status}" ]
then
- # create backup of new block list only, if both checks are OK and backup enabled
- #
if [ "${backup_ok}" = "true" ]
then
- cp -f "${adb_dnsfile}" "${adb_backupfile}" 2>/dev/null
- /usr/bin/logger -t "adblock[${pid}]" "info: new block list with ${adb_count} domains loaded, backup generated"
+ cp -f "${adb_dnsfile}" "${adb_backupfile}" >/dev/null 2>&1
+ f_log "new adblock list with ${adb_count} domains loaded, backup generated"
else
- /usr/bin/logger -t "adblock[${pid}]" "info: new block list with ${adb_count} domains loaded, no backup"
+ f_log "new adblock list with ${adb_count} domains loaded, no backup"
fi
else
- restore_msg="nslookup probe failed"
+ f_log "nslookup probe failed" "${rc}"
f_restore
fi
else
- restore_msg="dnsmasq probe failed"
- f_restore
+ f_log "dnsmasq probe failed" "${rc}"
+ f_restore
fi
}
#
f_footer()
{
+ local url
adb_count="$(wc -l < "${adb_dnsfile}")"
- printf "%s\n" "###################################################" >> "${adb_dnsfile}"
- printf "%s\n" "# last adblock file update: $(date +"%d.%m.%Y - %T")" >> "${adb_dnsfile}"
+ printf "%s\n" "####################################################" >> "${adb_dnsfile}"
+ printf "%s\n" "# last adblock list update: $(date +"%d.%m.%Y - %T")" >> "${adb_dnsfile}"
printf "%s\n" "# ${0##*/} (${adb_version}) - ${adb_count} ad/abuse domains blocked" >> "${adb_dnsfile}"
printf "%s\n" "# domain blacklist sources:" >> "${adb_dnsfile}"
for src in ${adb_sources}
url="${src//\&ruleset=*/}"
printf "%s\n" "# ${url}" >> "${adb_dnsfile}"
done
- printf "%s\n" "###################################################" >> "${adb_dnsfile}"
- printf "%s\n" "# domain whitelist source:" >> "${adb_dnsfile}"
+ printf "%s\n" "#####" >> "${adb_dnsfile}"
printf "%s\n" "# ${adb_whitelist}" >> "${adb_dnsfile}"
- printf "%s\n" "###################################################" >> "${adb_dnsfile}"
+ printf "%s\n" "####################################################" >> "${adb_dnsfile}"
}
# set script version
#
-adb_version="0.20.3"
+adb_version="0.22.2"
-# get current pid and script directory
+# get current pid, script directory and openwrt version
#
-pid=$$
+pid=${$}
adb_scriptdir="${0%/*}"
+openwrt_version="$(cat /etc/openwrt_version 2>/dev/null)"
# source in adblock function library
#
then
. "${adb_scriptdir}/adblock-helper.sh"
else
- /usr/bin/logger -t "adblock[${pid}]" "error: adblock function library not found"
- exit 200
+ rc=500
+ /usr/bin/logger -s -t "adblock[${pid}] error" "adblock function library not found, rc: ${rc}"
+ exit ${rc}
fi
################
# call restore function on trap signals (HUP, INT, QUIT, BUS, SEGV, TERM)
#
-trap "restore_msg='trap error'; f_restore" 1 2 3 10 11 15
+trap "f_log 'trap error' '600'; f_restore" 1 2 3 10 11 15
# start logging
#
-/usr/bin/logger -t "adblock[${pid}]" "info: domain adblock processing started (${adb_version})"
+f_log "domain adblock processing started (${adb_version}, ${openwrt_version}, $(/bin/date "+%d.%m.%Y %H:%M:%S"))"
# load environment
#
#
f_envcheck
-# check ntp time sync
-#
-f_ntpcheck
-
-# check wan update interface(s)
-#
-f_wancheck
-
-# check/start shallalist (pre-)processing
+# start shallalist (pre-)processing
#
if [ -n "${adb_arc_shalla}" ]
then
# download shallalist archive
#
+ f_log "shallalist (pre-)processing started ..."
shalla_archive="${adb_tmpdir}/shallalist.tar.gz"
shalla_file="${adb_tmpdir}/shallalist.txt"
- curl --insecure --max-time "${max_time}" "${adb_arc_shalla}" -o "${shalla_archive}" 2>/dev/null
- rc=$?
- if [ $((rc)) -eq 0 ]
+ curl ${curl_parm} --max-time "${adb_maxtime}" "${adb_arc_shalla}" --output "${shalla_archive}" 2>/dev/null
+ rc=${?}
+ if [ $((rc)) -ne 0 ]
then
- /usr/bin/logger -t "adblock[${pid}]" "info: shallalist archive download finished"
- else
- /usr/bin/logger -t "adblock[${pid}]" "error: shallalist archive download failed (${adb_arc_shalla})"
- printf "%s\n" "$(/bin/date "+%d.%m.%Y %H:%M:%S") - error: shallalist archive download failed (${adb_arc_shalla})" >> "${adb_logfile}"
- restore_msg="archive download failed"
+ f_log "shallalist archive download failed (${adb_arc_shalla})" "${rc}"
f_restore
fi
- # extract shallalist archive
- #
- tar -xzf "${shalla_archive}" -C "${adb_tmpdir}" 2>/dev/null
- rc=$?
- if [ $((rc)) -eq 0 ]
- then
- /usr/bin/logger -t "adblock[${pid}]" "info: shallalist archive extraction finished"
- else
- /usr/bin/logger -t "adblock[${pid}]" "error: shallalist archive extraction failed"
- printf "%s\n" "$(/bin/date "+%d.%m.%Y %H:%M:%S") - error: shallalist archive extraction failed" >> "${adb_logfile}"
- restore_msg="archive extraction failed"
- f_restore
- fi
-
- # merge selected shallalist categories
+ # extract and merge only domains of selected shallalist categories
#
> "${shalla_file}"
for category in ${adb_cat_shalla}
do
- if [ -f "${adb_tmpdir}/BL/${category}/domains" ]
- then
- cat "${adb_tmpdir}/BL/${category}/domains" >> "${shalla_file}" 2>/dev/null
- rc=$?
- else
- rc=220
- fi
+ tar -xOzf "${shalla_archive}" BL/${category}/domains 2>/dev/null >> "${shalla_file}"
+ rc=${?}
if [ $((rc)) -ne 0 ]
then
- break
+ f_log "shallalist archive extraction failed (${category})" "${rc}"
+ f_restore
fi
done
# finish shallalist (pre-)processing
#
- if [ $((rc)) -eq 0 ]
- then
- adb_sources="${adb_sources} file:///${shalla_file}&ruleset=rset_shalla"
- /usr/bin/logger -t "adblock[${pid}]" "info: shallalist (pre-)processing finished (${adb_cat_shalla})"
- else
- /usr/bin/logger -t "adblock[${pid}]" "error: shallalist (pre-)processing failed (${rc}, ${adb_cat_shalla})"
- printf "%s\n" "$(/bin/date "+%d.%m.%Y %H:%M:%S") - error: shallalist (pre-)processing failed (${rc}, ${adb_cat_shalla})" >> "${adb_logfile}"
- restore_msg="shallalist merge failed"
- f_restore
- fi
+ rm -f "${shalla_archive}" >/dev/null 2>&1
+ rm -rf "${adb_tmpdir}/BL" >/dev/null 2>&1
+ adb_sources="${adb_sources} file:///${shalla_file}&ruleset=rset_shalla"
+ f_log "shallalist (pre-)processing finished (${adb_cat_shalla# })"
fi
# loop through active adblock domain sources,
check_url="$(printf "${url}" | sed -n '/^https:/p')"
if [ -n "${check_url}" ]
then
- tmp_var="$(wget --timeout="${max_time}" --tries=1 --output-document=- "${url}" 2>/dev/null)"
- rc=$?
+ tmp_var="$(wget ${wget_parm} --timeout="${adb_maxtime}" --tries=1 --output-document=- "${url}" 2>/dev/null)"
+ rc=${?}
else
- tmp_var="$(curl --insecure --max-time "${max_time}" "${url}" 2>/dev/null)"
- rc=$?
+ tmp_var="$(curl ${curl_parm} --max-time "${adb_maxtime}" "${url}" 2>/dev/null)"
+ rc=${?}
fi
# check download result and prepare domain output by regex patterns
then
eval "$(printf "${src}" | sed 's/\(.*\&ruleset=\)/ruleset=\$/g')"
tmp_var="$(printf "%s\n" "${tmp_var}" | tr '[A-Z]' '[a-z]')"
- adb_count="$(printf "%s\n" "${tmp_var}" | eval "${ruleset}" | tee -a "${adb_tmpfile}" | wc -l)"
- /usr/bin/logger -t "adblock[${pid}]" "info: source download finished (${url}, ${adb_count} entries)"
+ count="$(printf "%s\n" "${tmp_var}" | eval "${ruleset}" | tee -a "${adb_tmpfile}" | wc -l)"
+ f_log "source download finished (${url}, ${count} entries)"
+ if [ "${url}" = "file:///${shalla_file}" ]
+ then
+ rm -f "${shalla_file}" >/dev/null 2>&1
+ fi
+ unset tmp_var 2>/dev/null
elif [ $((rc)) -eq 0 ] && [ -z "${tmp_var}" ]
then
- /usr/bin/logger -t "adblock[${pid}]" "info: empty source download finished (${url})"
+ f_log "empty source download finished (${url})"
else
- /usr/bin/logger -t "adblock[${pid}]" "error: source download failed (${url})"
- printf "%s\n" "$(/bin/date "+%d.%m.%Y %H:%M:%S") - error: source download failed (${url})" >> "${adb_logfile}"
- restore_msg="download failed"
+ f_log "source download failed (${url})" "${rc}"
f_restore
fi
done
-# create empty destination file
+# remove whitelist domains, sort domains and make them unique
+# and finally rewrite ad/abuse domain information to dnsmasq file
#
-> "${adb_dnsfile}"
+if [ -s "${adb_whitelist}" ]
+then
+ grep -Fvxf "${adb_whitelist}" "${adb_tmpfile}" 2>/dev/null | sort -u 2>/dev/null | eval "${adb_dnsformat}" 2>/dev/null > "${adb_dnsfile}"
+ rc=${?}
+else
+ sort -u "${adb_tmpfile}" 2>/dev/null | eval "${adb_dnsformat}" 2>/dev/null > "${adb_dnsfile}"
+ rc=${?}
+fi
-# rewrite ad/abuse domain information to dns file,
-# remove duplicates and whitelist entries
-#
-grep -vxf "${adb_whitelist}" < "${adb_tmpfile}" | eval "${adb_dnsformat}" | sort -u 2>/dev/null >> "${adb_dnsfile}"
+if [ $((rc)) -eq 0 ]
+then
+ rm -f "${adb_tmpfile}" >/dev/null 2>&1
+ f_log "domain merging finished"
+else
+ f_log "domain merging failed" "${rc}"
+ f_restore
+fi
# write dns file footer
#
# remove files and exit
#
f_remove
-exit 0
#
config adblock "global"
option adb_ip "192.168.2.1"
- option adb_dev "eth0"
- option adb_if "adblock"
option adb_domain "heise.de"
- option adb_minspace "100000"
option adb_blacklist "/etc/adblock/adblock.blacklist"
option adb_whitelist "/etc/adblock/adblock.whitelist"
config service "ntpcheck"
option enabled "0"
- list adb_ntplist "0.pool.ntp.org"
- list adb_ntplist "1.pool.ntp.org"
- list adb_ntplist "2.pool.ntp.org"
- list adb_ntplist "3.pool.ntp.org"
config service "backup"
option enabled "0"
option adb_backupfile "/tmp/adlist.backup"
-config service "errorlog"
+config service "debuglog"
option enabled "0"
- option adb_logfile "/tmp/error.log"
+ option adb_logfile "/tmp/adb_debug.log"
config service "querylog"
option enabled "0"
- option adb_queryfile "/tmp/query.log"
+ option adb_queryfile "/tmp/adb_query.log"
option adb_queryhistory "1"
config source "yoyo"
option adb_arc_shalla "http://www.shallalist.de/Downloads/shallalist.tar.gz"
list adb_catlist "adv"
list adb_catlist "costtraps"
- list adb_catlist "downloads"
list adb_catlist "spyware"
list adb_catlist "tracker"
list adb_catlist "warez"
-downloads.openwrt.org
-ftp.de.debian.org
-download.eclipse.org
-dl.sourceforge.net
+
-# adblock configuration
+# adblock configuration sample
+#
+
+# generic options (always required)
#
config adblock "global"
+ # ip address of the local adblock interface/uhttpd instance,
+ # needs to be a different subnet from the normal LAN
option adb_ip "192.168.2.1"
- option adb_dev "eth0"
- option adb_if "adblock"
+
+ # name of an "always accessible" domain,
+ # this domain will be used for the final nslookup check
option adb_domain "heise.de"
- option adb_minspace "100000"
+
+ # full path to static domain blacklist file (one domain per line)
option adb_blacklist "/etc/adblock/adblock.blacklist"
+
+ # full path to static domain whitelist file (one domain per line)
option adb_whitelist "/etc/adblock/adblock.whitelist"
+# list of wan devices that are allowed for adblock updates (check /sys/class/net/<dev>),
+# if no one found the last adlist backup will be restored,
+# useful only for (mobile) multiwan setups
+# disabled by default
config service "wancheck"
option enabled "0"
list adb_wanlist "wan"
+# check that ntp has adjusted the system time on this device,
+# will be used for logfile writing and logfile housekeeping
+# disabled by default
config service "ntpcheck"
option enabled "0"
- list adb_ntplist "0.pool.ntp.org"
- list adb_ntplist "1.pool.ntp.org"
- list adb_ntplist "2.pool.ntp.org"
- list adb_ntplist "3.pool.ntp.org"
+# full path to backup file for adlist backups
+# disabled by default
config service "backup"
option enabled "0"
option adb_backupfile "/tmp/adlist.backup"
-config service "errorlog"
+# full path to debug logfile
+# by default adblock logs to syslog and stdout only
+# disabled by default
+config service "debuglog"
option enabled "0"
- option adb_logfile "/tmp/error.log"
+ option adb_logfile "/tmp/adb_debug.log"
+# full path to domain query logfile
+# a background task will trace every dns request to file, to easily identify free and already blocked domains,
+# for this to work, you've to enable the dnsmasq option "logqueries" too.
+# the "queryhistory" option deletes query logfiles older than n days (req. busybox find with mtime support)
+# disabled by default
config service "querylog"
option enabled "0"
- option adb_queryfile "/tmp/query.log"
+ option adb_queryfile "/tmp/adb_query.log"
option adb_queryhistory "1"
+# different adblock list sources
+# please do not change the urls listed below,
+# enable/disable sources as needed
+# for shallalist you can also enable/disable different ad categories
config source "yoyo"
option enabled "1"
option adb_src_yoyo "http://pgl.yoyo.org/adservers/serverlist.php?hostformat=one-line&showintro=0&mimetype=plaintext&ruleset=rset_yoyo"
--- /dev/null
+# main uhttpd instance listens only to internal LAN
+#
+ config uhttpd 'main'
+ list listen_http '192.168.1.1:80'
--- /dev/null
+--- a/src/system.h
++++ b/src/system.h
+@@ -78,11 +78,6 @@
+ #include <sys/stat.h>
+ #endif
+
+-#ifdef HAVE_LINUX_SYSINFO_H
+-#define _LINUX_KERNEL_H
+-#include <linux/sysinfo.h>
+-#endif
+-
+ #ifdef HAVE_TIME_H
+ #include <time.h>
+ #endif
+@@ -123,6 +118,11 @@
+ #include <signal.h>
+ #endif
+
++#ifdef HAVE_SYS_SYSINFO_H
++#define _LINUX_SYSINFO_H
++#include <sys/sysinfo.h>
++#endif
++
+ #if defined(__linux__)
+ #include <asm/types.h>
+ #include <linux/if.h>
+@@ -135,10 +135,6 @@
+ #include <linux/un.h>
+ #endif
+
+-#ifdef HAVE_SYS_SYSINFO_H
+-#include <sys/sysinfo.h>
+-#endif
+-
+ #elif defined (__FreeBSD__) || defined (__APPLE__) || defined (__OpenBSD__) || defined (__NetBSD__)
+ #include <net/if.h>
+ #include <net/bpf.h>
+@@ -170,10 +166,6 @@
+ #include <net/if_tun.h>
+ #endif
+
+-#ifdef HAVE_NET_ETHERNET_H
+-#include <net/ethernet.h>
+-#endif
+-
+ #ifdef HAVE_ASM_TYPES_H
+ #include <asm/types.h>
+ #endif
+--- a/src/chilli_limits.h
++++ b/src/chilli_limits.h
+@@ -18,8 +18,8 @@
+ *
+ */
+
+-#ifndef _LIMITS_H
+-#define _LIMITS_H
++#ifndef _CHILLI_LIMITS_H
++#define _CHILLI_LIMITS_H
+
+ /*
+ * extracted from various .h files, needs some cleanup.
include $(TOPDIR)/rules.mk
PKG_NAME:=cshark
-PKG_VERSION:=2015-03-13
+PKG_VERSION:=2015-11-24
PKG_RELEASE=$(PKG_SOURCE_VERSION)
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/cloudshark/cshark.git
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=ab2ae2fbd72b6cbd57c95e3192edc3c1f475412b
+PKG_SOURCE_VERSION:=e575ab3d35d75a6f70488001fcba45690ebe9b3e
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
PKG_BUILD_PARALLEL:=1
--- /dev/null
+#
+# Copyright (C) 2007-2011 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=daemonlogger
+PKG_VERSION:=1.2.1
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=@SF/daemonlogger
+PKG_MD5SUM:=acb64aa6cd5777e297569f100b5c39ee
+
+PKG_LICENSE:=GPL-2.0
+PKG_LICENSE_FILES:=COPYING
+
+PKG_MAINTAINER:=Mirko Vogt <mirko@openwrt.org>
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/daemonlogger
+ SECTION:=net
+ CATEGORY:=Network
+ DEPENDS:=+libpcap +libdnet
+ TITLE:=Software Network Tap
+ URL:=http://www.snort.org/snort-downloads/additional-downloads
+endef
+
+CONFIGURE_VARS += \
+ BUILD_CC="$(TARGET_CC)" \
+ HOSTCC="$(HOSTCC)"
+
+MAKE_FLAGS := CCOPT="$(TARGET_CFLAGS)" INCLS="-I. $(TARGET_CPPFLAGS)"
+
+define Package/daemonlogger/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/daemonlogger $(1)/usr/bin/
+endef
+
+$(eval $(call BuildPackage,daemonlogger))
include $(TOPDIR)/rules.mk
PKG_NAME:=gnunet
-PKG_SOURCE_VERSION:=36366
+PKG_SOURCE_VERSION:=36713
PKG_VERSION:=0.10.1-svn$(PKG_SOURCE_VERSION)
-PKG_RELEASE:=1
+PKG_RELEASE:=3
# ToDo:
# - break-out {peer,name,data}store for each backend
$(if $(CONFIG_PACKAGE_$(PKG_NAME)-mysql),--with-mysql="$(STAGING_DIR)/usr",--without-mysql) \
$(if $(CONFIG_PACKAGE_$(PKG_NAME)-pgsql),--with-postgresql="$(STAGING_DIR)/usr/bin/pg_config",--without-postgresql) \
$(if $(CONFIG_PACKAGE_$(PKG_NAME)-sqlite),--with-sqlite="$(STAGING_DIR)/usr",--without-sqlite) \
+ $(if $(CONFIG_PACKAGE_$(PKG_NAME)-experiments),--enable-experimental,--disable-experimental) \
--with-extractor=$(STAGING_DIR)/usr \
--with-gnutls=$(STAGING_DIR)/usr \
--with-libgnurl=$(STAGING_DIR)/usr \
$(INSTALL_DIR) $(1)/usr/bin $(1)/usr/lib/gnunet/libexec
$(INSTALL_DIR) $(1)/usr/share/gnunet/config.d $(1)/usr/share/gnunet/hellos
- ( for bin in arm ats core config ecc identity nat-server nse \
+ ( for bin in arm ats cadet core config ecc identity nat nat-server nse \
peerinfo peerstore revocation scalarproduct statistics transport uri; do \
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/gnunet-$$$$bin $(1)/usr/bin/ ; \
done )
service-core service-dht service-identity service-nse \
service-peerinfo service-peerstore service-regex \
service-revocation service-scalarproduct-alice \
- service-scalarproduct-bob service-set service-statistics \
+ service-scalarproduct-bob service-scalarproduct-ecc-alice \
+ service-scalarproduct-ecc-bob service-set service-statistics \
service-transport; do \
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/gnunet/libexec/gnunet-$$$$lex $(1)/usr/lib/gnunet/libexec ; \
done )
BIN_conversation:=conversation conversation-test
LIB_conversation:=conversation microphone speaker
PLUGIN_conversation:=gnsrecord_conversation
-LIBEXEC_conversation:=helper-audio-playback helper-audio-record
+LIBEXEC_conversation:=helper-audio-playback helper-audio-record service-conversation
CONF_conversation:=conversation
DEPENDS_transport-http_client:=+libgnurl
PLUGIN_transport-wlan:=transport_wlan
LIBEXEC_transport-wlan:=helper-transport-wlan
-DEPENDS_experiments:=+libglpk
-PLUGIN_experiments:=ats_mlp ats_ril
+DEPENDS_experiments:=+libglpk +gnunet-sqlite
+BIN_experiments:=multicast rps
+LIB_experiments:=consensus dv env multicast psyc psycstore psycutil rps secretsharing social
+PLUGIN_experiments:=ats_mlp ats_ril namecache_flat namestore_flat psycstore_sqlite transport_dv
+LIBEXEC_experiments:=service-consensus service-dv service-evil-consensus service-multicast service-psyc service-psycstore service-rps service-secretsharing service-social
+CONF_experiments:=consensus dv multicast psyc psycstore rps secretsharing social
DEPENDS_fs:=+gnunet-datastore +libextractor
BIN_fs:=auto-share directory download download-manager.scm fs publish unindex search
LIBEXEC_transport-bluetooth:=helper-transport-bluetooth
DEPENDS_utils:=+certtool +openssl-util
-BIN_utils:=gns-proxy-setup-ca transport-certificate-creation
+BIN_utils:=gns-proxy-setup-ca transport-certificate-creation scrypt
DEPENDS_vpn:=+kmod-tun +iptables
BIN_vpn:=vpn
# $1 "Type"
# $2 "Name"
local __TYPE="$1"
- local __NAME="$2"
+ local __NAME="${2/_/-}"
[ "${__TYPE}" = "gnunet-config" ] && _gnunet_section="${__NAME}"
[ "${__TYPE}" = "gnunet-exit-service" ] && _gnunet_section="${__NAME}.gnunet."
}
include $(TOPDIR)/rules.mk
PKG_NAME:=gnurl
-PKG_VERSION:=7.43.0
+PKG_VERSION:=7.45.0
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://gnunet.org/sites/default/files
-PKG_MD5SUM:=67c6667d8843cc514b230f2ce8d80f0e
+PKG_MD5SUM:=32b18f37d3a594dba9192e7e4254ce70
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=COPYING
include $(TOPDIR)/rules.mk
PKG_NAME:=haproxy
-PKG_VERSION:=1.5.14
-PKG_RELEASE:=16
+PKG_VERSION:=1.5.15
+PKG_RELEASE:=10
PKG_SOURCE:=haproxy-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://haproxy.1wt.eu/download/1.5/src/
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
-PKG_MD5SUM:=ad9d7262b96ba85a0f8c6acc6cb9edde
+PKG_MD5SUM:=eeaa35744f84c92184cd735ee56dd0a3
PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>
PKG_LICENSE:=GPL-2.0
--- /dev/null
+From 4818bc3035bccc00d8c3fc9b14ec37366cac3059 Mon Sep 17 00:00:00 2001
+From: Jerome Duval <jerome.duval@gmail.com>
+Date: Mon, 2 Nov 2015 17:47:43 +0000
+Subject: [PATCH 01/10] BUG/BUILD: replace haproxy-systemd-wrapper with
+ $(EXTRA) in install-bin.
+
+[wt: this should be backported to 1.6 and 1.5 as well since some platforms
+ don't build the systemd-wrapper]
+(cherry picked from commit 796d2fc136359c31c5c35f00c0751890ab42a016)
+(cherry picked from commit 9d0b47d96825b0584ea81c826a96ed8babcc016b)
+---
+ Makefile | 5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+
+diff --git a/Makefile b/Makefile
+index 9556069..e3199b2 100644
+--- a/Makefile
++++ b/Makefile
+@@ -719,10 +719,9 @@ install-doc:
+ install -m 644 doc/$$x.txt "$(DESTDIR)$(DOCDIR)" ; \
+ done
+
+-install-bin: haproxy haproxy-systemd-wrapper
++install-bin: haproxy $(EXTRA)
+ install -d "$(DESTDIR)$(SBINDIR)"
+- install haproxy "$(DESTDIR)$(SBINDIR)"
+- install haproxy-systemd-wrapper "$(DESTDIR)$(SBINDIR)"
++ install haproxy $(EXTRA) "$(DESTDIR)$(SBINDIR)"
+
+ install: install-bin install-man install-doc
+
+--
+2.4.10
+
+++ /dev/null
-From df0a5960987b3cb663dcfa93d29c21acc13cd3e3 Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Thu, 9 Jul 2015 11:20:00 +0200
-Subject: [PATCH 1/4] BUG/MINOR: log: missing some ARGC_* entries in
- fmt_directives()
-
-ARGC_CAP was not added to fmt_directives() which is used to format
-error messages when failing to parse log format expressions. The
-whole switch/case has been reorganized to match the declaration
-order making it easier to spot missing values. The default is not
-the "log" directive anymore but "undefined" asking to report the
-bug.
-
-Backport to 1.5 is not strictly needed but is desirable at least
-for code sanity.
-(cherry picked from commit 53e1a6d31743b1bef6063ff30b812521391ae3c3)
----
- src/log.c | 24 ++++++++++++++----------
- 1 file changed, 14 insertions(+), 10 deletions(-)
-
-diff --git a/src/log.c b/src/log.c
-index 1a5ad25..f0a3072 100644
---- a/src/log.c
-+++ b/src/log.c
-@@ -167,22 +167,26 @@ struct logformat_var_args var_args_list[] = {
- static inline const char *fmt_directive(const struct proxy *curproxy)
- {
- switch (curproxy->conf.args.ctx) {
-- case ARGC_UIF:
-- return "unique-id-format";
-+ case ARGC_ACL:
-+ return "acl";
-+ case ARGC_STK:
-+ return "stick";
-+ case ARGC_TRK:
-+ return "track-sc";
-+ case ARGC_LOG:
-+ return "log-format";
- case ARGC_HRQ:
- return "http-request";
- case ARGC_HRS:
- return "http-response";
-- case ARGC_STK:
-- return "stick";
-- case ARGC_TRK:
-- return "track-sc"; break;
-+ case ARGC_UIF:
-+ return "unique-id-format";
- case ARGC_RDR:
-- return "redirect"; break;
-- case ARGC_ACL:
-- return "acl"; break;
-+ return "redirect";
-+ case ARGC_CAP:
-+ return "capture";
- default:
-- return "log-format";
-+ return "undefined(please report this bug)"; /* must never happen */
- }
- }
-
---
-2.3.6
-
--- /dev/null
+From 1af6a324c3206902f69bd2c9838e94ffb4cee3ae Mon Sep 17 00:00:00 2001
+From: Lukas Tribus <luky-37@hotmail.com>
+Date: Thu, 5 Nov 2015 13:59:30 +0100
+Subject: [PATCH 02/10] BUG/MINOR: acl: don't use record layer in req_ssl_ver
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The initial record layer version in a SSL handshake may be set to TLSv1.0
+or similar for compatibility reasons, this is allowed as per RFC5246
+Appendix E.1 [1]. Some implementations are Openssl [2] and NSS [3].
+
+A related issue has been fixed some time ago in commit 57d229747
+("BUG/MINOR: acl: req_ssl_sni fails with SSLv3 record version").
+
+Fix this by using the real client hello version instead of the record
+layer version.
+
+This was reported by Julien Vehent and analyzed by Cyril Bonté.
+The initial patch is from Julien Vehent as well.
+
+This should be backported to stable series, the req_ssl_ver keyword was
+first introduced in 1.3.16.
+
+[1] https://tools.ietf.org/html/rfc5246#appendix-E.1
+[2] https://github.com/openssl/openssl/commit/4a1cf50187659e60c5867ecbbc36e37b2605d2c3
+[3] https://bugzilla.mozilla.org/show_bug.cgi?id=774547
+(cherry picked from commit c93242cab986087f06a4655d14fec18eecb7f5f4)
+(cherry picked from commit b048a6eb3d9cb518e4a378e20ba2a801afec553c)
+---
+ src/payload.c | 11 +++++++----
+ 1 file changed, 7 insertions(+), 4 deletions(-)
+
+diff --git a/src/payload.c b/src/payload.c
+index f62163c..b8f1ca3 100644
+--- a/src/payload.c
++++ b/src/payload.c
+@@ -148,21 +148,24 @@ smp_fetch_req_ssl_ver(struct proxy *px, struct session *s, void *l7, unsigned in
+ data = (const unsigned char *)s->req->buf->p;
+ if ((*data >= 0x14 && *data <= 0x17) || (*data == 0xFF)) {
+ /* SSLv3 header format */
+- if (bleft < 5)
++ if (bleft < 11)
+ goto too_short;
+
+- version = (data[1] << 16) + data[2]; /* version: major, minor */
++ version = (data[1] << 16) + data[2]; /* record layer version: major, minor */
+ msg_len = (data[3] << 8) + data[4]; /* record length */
+
+ /* format introduced with SSLv3 */
+ if (version < 0x00030000)
+ goto not_ssl;
+
+- /* message length between 1 and 2^14 + 2048 */
+- if (msg_len < 1 || msg_len > ((1<<14) + 2048))
++ /* message length between 6 and 2^14 + 2048 */
++ if (msg_len < 6 || msg_len > ((1<<14) + 2048))
+ goto not_ssl;
+
+ bleft -= 5; data += 5;
++
++ /* return the client hello client version, not the record layer version */
++ version = (data[4] << 16) + data[5]; /* client hello version: major, minor */
+ } else {
+ /* SSLv2 header format, only supported for hello (msg type 1) */
+ int rlen, plen, cilen, silen, chlen;
+--
+2.4.10
+
+++ /dev/null
-From ea31f225c2c93a25b8bef7a9241a89cecfd9d350 Mon Sep 17 00:00:00 2001
-From: Baptiste Assmann <bedis9@gmail.com>
-Date: Fri, 17 Jul 2015 21:59:42 +0200
-Subject: [PATCH 2/4] DOC: usesrc root privileges requirements
-
-The "usesrc" parameter of the source statement requires root privileges.
-(cherry picked from commit 91bd337d90cb347feda34b01402f3471c8a4833c)
----
- doc/configuration.txt | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/doc/configuration.txt b/doc/configuration.txt
-index 6714afb..64697a4 100644
---- a/doc/configuration.txt
-+++ b/doc/configuration.txt
-@@ -6117,6 +6117,8 @@ source <addr>[:<port>] [interface <name>]
- is possible at the server level using the "source" server option. Refer to
- section 5 for more information.
-
-+ In order to work, "usesrc" requires root privileges.
-+
- Examples :
- backend private
- # Connect to the servers using our 192.168.1.200 source address
---
-2.3.6
-
--- /dev/null
+From ef8a113d59e89b2214adf7ab9f9b0b75905a7050 Mon Sep 17 00:00:00 2001
+From: lsenta <laurent.senta@gmail.com>
+Date: Fri, 13 Nov 2015 10:44:22 +0100
+Subject: [PATCH 03/10] BUG: http: do not abort keep-alive connections on
+ server timeout
+
+When a server timeout is detected on the second or nth request of a keep-alive
+connection, HAProxy closes the connection without writing a response.
+Some clients would fail with a remote disconnected exception and some
+others would retry potentially unsafe requests.
+
+This patch removes the special case and makes sure a 504 timeout is
+written back whenever a server timeout is handled.
+
+Signed-off-by: lsenta <laurent.senta@gmail.com>
+(cherry picked from commit 1e1f41d0f3473d86da84dc3785b7d7cbef6e9044)
+(cherry picked from commit 1f279c0b116f7fbc208793fffbd256c3c736fc52)
+---
+ src/proto_http.c | 2 --
+ 1 file changed, 2 deletions(-)
+
+diff --git a/src/proto_http.c b/src/proto_http.c
+index 17742c6..e7e1785 100644
+--- a/src/proto_http.c
++++ b/src/proto_http.c
+@@ -5782,8 +5782,6 @@ int http_wait_for_response(struct session *s, struct channel *rep, int an_bit)
+ else if (rep->flags & CF_READ_TIMEOUT) {
+ if (msg->err_pos >= 0)
+ http_capture_bad_message(&s->be->invalid_rep, s, msg, msg->msg_state, s->fe);
+- else if (txn->flags & TX_NOT_FIRST)
+- goto abort_keep_alive;
+
+ s->be->be_counters.failed_resp++;
+ if (objt_server(s->target)) {
+--
+2.4.10
+
+++ /dev/null
-From eee374c28ea8ea22834ff14515b5584bc3e0c7b5 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?J=C3=A9r=C3=A9mie=20Courr=C3=A8ges-Anglas?= <jca@wxcvbn.org>
-Date: Sat, 25 Jul 2015 16:50:52 -0600
-Subject: [PATCH 3/4] BUILD: ssl: Allow building against libssl without SSLv3.
-
-If SSLv3 is explicitely requested but not available, warn the user and
-bail out.
-(cherry picked from commit 17c3f6284cf605e47f6525c077bc644c45272849)
----
- src/ssl_sock.c | 16 ++++++++++++++--
- 1 file changed, 14 insertions(+), 2 deletions(-)
-
-diff --git a/src/ssl_sock.c b/src/ssl_sock.c
-index 7d77d36..2ae45ec 100644
---- a/src/ssl_sock.c
-+++ b/src/ssl_sock.c
-@@ -1405,8 +1405,14 @@ int ssl_sock_prepare_ctx(struct bind_conf *bind_conf, SSL_CTX *ctx, struct proxy
- ssloptions |= SSL_OP_NO_TLSv1_2;
- if (bind_conf->ssl_options & BC_SSL_O_NO_TLS_TICKETS)
- ssloptions |= SSL_OP_NO_TICKET;
-- if (bind_conf->ssl_options & BC_SSL_O_USE_SSLV3)
-+ if (bind_conf->ssl_options & BC_SSL_O_USE_SSLV3) {
-+#ifndef OPENSSL_NO_SSL3
- SSL_CTX_set_ssl_version(ctx, SSLv3_server_method());
-+#else
-+ Alert("SSLv3 support requested but unavailable.\n");
-+ cfgerr++;
-+#endif
-+ }
- if (bind_conf->ssl_options & BC_SSL_O_USE_TLSV10)
- SSL_CTX_set_ssl_version(ctx, TLSv1_server_method());
- #if SSL_OP_NO_TLSv1_1
-@@ -1750,8 +1756,14 @@ int ssl_sock_prepare_srv_ctx(struct server *srv, struct proxy *curproxy)
- options |= SSL_OP_NO_TLSv1_2;
- if (srv->ssl_ctx.options & SRV_SSL_O_NO_TLS_TICKETS)
- options |= SSL_OP_NO_TICKET;
-- if (srv->ssl_ctx.options & SRV_SSL_O_USE_SSLV3)
-+ if (srv->ssl_ctx.options & SRV_SSL_O_USE_SSLV3) {
-+#ifndef OPENSSL_NO_SSL3
- SSL_CTX_set_ssl_version(srv->ssl_ctx.ctx, SSLv3_client_method());
-+#else
-+ Alert("SSLv3 support requested but unavailable.");
-+ cfgerr++;
-+#endif
-+ }
- if (srv->ssl_ctx.options & SRV_SSL_O_USE_TLSV10)
- SSL_CTX_set_ssl_version(srv->ssl_ctx.ctx, TLSv1_client_method());
- #if SSL_OP_NO_TLSv1_1
---
-2.3.6
-
--- /dev/null
+From c0d56134320e507c82952f3d2a03f76b701945cb Mon Sep 17 00:00:00 2001
+From: Willy Tarreau <w@1wt.eu>
+Date: Wed, 18 Nov 2015 11:59:55 +0100
+Subject: [PATCH 04/10] BUG/MEDIUM: http: switch the request channel to
+ no-delay once done.
+
+There's an issue when sending POST data that came in a second packet,
+the CF_NEVER_WAIT flag is not always set on the request channel, while
+the server is waiting for the request. We must always set this flag in
+this case since we're not going to shut down after sending, contrary
+to the response side.
+
+Note that option http-no-delay works around this issue.
+
+Reproducer :
+
+listen px
+ mode http
+ timeout client 10s
+ timeout server 5s
+ timeout connect 3s
+ option http-server-close
+ #option http-no-delay
+ bind :8001
+ server s1 127.0.0.1:8003
+
+$ (printf "POST / HTTP/1.1\r\nTransfer-encoding: chunked\r\n\r\n"; sleep 0.01; printf "10\r\nAZERTYUIOPQSDFGH\r\n0\r\n\r\n") | nc6 0 8001
+
+Before this fix :
+
+12:03:31.946763 epoll_wait(3, {{EPOLLIN, {u32=5, u64=5}}}, 200, 1000) = 1
+12:03:32.634175 accept4(5, {sa_family=AF_INET, sin_port=htons(53849), sin_addr=inet_addr("127.0.0.1")}, [16], SOCK_NONBLOCK) = 6
+12:03:32.634318 setsockopt(6, SOL_TCP, TCP_NODELAY, [1], 4) = 0
+12:03:32.634434 accept4(5, 0x7ffccfbb2cf0, [128], SOCK_NONBLOCK) = -1 EAGAIN (Resource temporarily unavailable)
+12:03:32.634574 recvfrom(6, "POST / HTTP/1.1\r\nTransfer-encodi"..., 8192, 0, NULL, NULL) = 47
+12:03:32.634809 setsockopt(6, SOL_TCP, TCP_QUICKACK, [1], 4) = 0
+12:03:32.634952 socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 7
+12:03:32.635031 fcntl(7, F_SETFL, O_RDONLY|O_NONBLOCK) = 0
+12:03:32.635089 setsockopt(7, SOL_TCP, TCP_NODELAY, [1], 4) = 0
+12:03:32.635153 connect(7, {sa_family=AF_INET, sin_port=htons(8003), sin_addr=inet_addr("127.0.0.1")}, 16) = -1 EINPROGRESS (Operation now in progress)
+12:03:32.635315 epoll_wait(3, {}, 200, 0) = 0
+12:03:32.635394 sendto(7, "POST / HTTP/1.1\r\nTransfer-encodi"..., 66, MSG_DONTWAIT|MSG_NOSIGNAL, NULL, 0) = 66
+12:03:32.635527 recvfrom(6, 0x7f0224e66024, 8192, 0, 0, 0) = -1 EAGAIN (Resource temporarily unavailable)
+12:03:32.635651 epoll_ctl(3, EPOLL_CTL_ADD, 6, {EPOLLIN|0x2000, {u32=6, u64=6}}) = 0
+12:03:32.635782 epoll_wait(3, {}, 200, 0) = 0
+12:03:32.635842 recvfrom(7, 0x7f0224e66024, 8192, 0, 0, 0) = -1 EAGAIN (Resource temporarily unavailable)
+12:03:32.635924 epoll_ctl(3, EPOLL_CTL_ADD, 7, {EPOLLIN|0x2000, {u32=7, u64=7}}) = 0
+12:03:32.636027 epoll_wait(3, {{EPOLLIN, {u32=6, u64=6}}}, 200, 1000) = 1
+12:03:32.644892 recvfrom(6, "10\r\nAZERTYUIOPQSDFGH\r\n0\r\n\r\n", 8192, 0, NULL, NULL) = 27
+12:03:32.645016 epoll_wait(3, {}, 200, 0) = 0
+12:03:32.645105 sendto(7, "10\r\nAZERTYUIOPQSDFGH\r\n0\r\n\r\n", 27, MSG_DONTWAIT|MSG_NOSIGNAL|MSG_MORE, NULL, 0) = 27
+
+After the fix :
+
+11:59:12.538617 connect(7, {sa_family=AF_INET, sin_port=htons(8003), sin_addr=inet_addr("127.0.0.1")}, 16) = -1 EINPROGRESS (Operation now in progress)
+11:59:12.538787 epoll_wait(3, {}, 200, 0) = 0
+11:59:12.538867 sendto(7, "POST / HTTP/1.1\r\nTransfer-encodi"..., 66, MSG_DONTWAIT|MSG_NOSIGNAL, NULL, 0) = 66
+11:59:12.539031 recvfrom(6, 0x7f832ce45024, 8192, 0, 0, 0) = -1 EAGAIN (Resource temporarily unavailable)
+11:59:12.539161 epoll_ctl(3, EPOLL_CTL_ADD, 6, {EPOLLIN|0x2000, {u32=6, u64=6}}) = 0
+11:59:12.539259 epoll_wait(3, {}, 200, 0) = 0
+11:59:12.539337 recvfrom(7, 0x7f832ce45024, 8192, 0, 0, 0) = -1 EAGAIN (Resource temporarily unavailable)
+11:59:12.539421 epoll_ctl(3, EPOLL_CTL_ADD, 7, {EPOLLIN|0x2000, {u32=7, u64=7}}) = 0
+11:59:12.539499 epoll_wait(3, {{EPOLLIN, {u32=6, u64=6}}}, 200, 1000) = 1
+11:59:12.548519 recvfrom(6, "10\r\nAZERTYUIOPQSDFGH\r\n0\r\n\r\n", 8192, 0, NULL, NULL) = 27
+11:59:12.548844 epoll_wait(3, {}, 200, 0) = 0
+11:59:12.549012 sendto(7, "10\r\nAZERTYUIOPQSDFGH\r\n0\r\n\r\n", 27, MSG_DONTWAIT|MSG_NOSIGNAL, NULL, 0) = 27
+11:59:12.549454 epoll_wait(3, {}, 200, 1000) = 0
+
+This fix must be backported to 1.6, 1.5 and 1.4.
+(cherry picked from commit 7f876a1eeb14ffae708327aad8a0b4b029da5e26)
+(cherry picked from commit 712a5339f384db62796aa4d4901e091dd7fd24dd)
+---
+ src/proto_http.c | 9 +++++++--
+ 1 file changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/src/proto_http.c b/src/proto_http.c
+index e7e1785..b32e778 100644
+--- a/src/proto_http.c
++++ b/src/proto_http.c
+@@ -5001,6 +5001,13 @@ int http_sync_req_state(struct session *s)
+ */
+ chn->cons->flags |= SI_FL_NOHALF;
+
++ /* In any case we've finished parsing the request so we must
++ * disable Nagle when sending data because 1) we're not going
++ * to shut this side, and 2) the server is waiting for us to
++ * send pending data.
++ */
++ chn->flags |= CF_NEVER_WAIT;
++
+ if (txn->rsp.msg_state == HTTP_MSG_ERROR)
+ goto wait_other_side;
+
+@@ -5015,7 +5022,6 @@ int http_sync_req_state(struct session *s)
+ /* if any side switches to tunnel mode, the other one does too */
+ channel_auto_read(chn);
+ txn->req.msg_state = HTTP_MSG_TUNNEL;
+- chn->flags |= CF_NEVER_WAIT;
+ goto wait_other_side;
+ }
+
+@@ -5048,7 +5054,6 @@ int http_sync_req_state(struct session *s)
+ if ((txn->flags & TX_CON_WANT_MSK) == TX_CON_WANT_TUN) {
+ channel_auto_read(chn);
+ txn->req.msg_state = HTTP_MSG_TUNNEL;
+- chn->flags |= CF_NEVER_WAIT;
+ }
+ }
+
+--
+2.4.10
+
+++ /dev/null
-From e4766ba031e1fea8f2ca139316dc4e8209e960c2 Mon Sep 17 00:00:00 2001
-From: Daniel Jakots <vigdis@chown.me>
-Date: Wed, 29 Jul 2015 08:03:08 +0200
-Subject: [PATCH 4/4] DOC/MINOR: fix OpenBSD versions where haproxy works
-
-(cherry picked from commit 17d228be14762b282e5262262c45ecee4c265552)
----
- README | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/README b/README
-index add7f06..e267730 100644
---- a/README
-+++ b/README
-@@ -39,7 +39,7 @@ and assign it to the TARGET variable :
- - solaris for Solaris 8 or 10 (others untested)
- - freebsd for FreeBSD 5 to 10 (others untested)
- - osx for Mac OS/X
-- - openbsd for OpenBSD 3.1 to 5.2 (others untested)
-+ - openbsd for OpenBSD 3.1 and above
- - aix51 for AIX 5.1
- - aix52 for AIX 5.2
- - cygwin for Cygwin
---
-2.3.6
-
+++ /dev/null
-From 955587271031d66e9b7a768e3bb18dae00b60cc6 Mon Sep 17 00:00:00 2001
-From: Thierry FOURNIER <tfournier@arpalert.org>
-Date: Wed, 8 Jul 2015 00:15:20 +0200
-Subject: [PATCH 05/13] BUG/MINOR: http/sample: gmtime/localtime can fail
-
-The man said that gmtime() and localtime() can return a NULL value.
-This is not tested. It appears that all the values of a 32 bit integer
-are valid, but it is better to check the return of these functions.
-
-However, if the integer move from 32 bits to 64 bits, some 64 values
-can be unsupported.
-(cherry picked from commit fac9ccfb705702f211f99e67d5f5d5129002086a)
-[wt: we only have sample_conv_date() in 1.5]
----
- src/proto_http.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/src/proto_http.c b/src/proto_http.c
-index 5db64b5..02dc42b 100644
---- a/src/proto_http.c
-+++ b/src/proto_http.c
-@@ -11249,6 +11249,8 @@ static int sample_conv_http_date(const struct arg *args, struct sample *smp)
- curr_date += args[0].data.sint;
-
- tm = gmtime(&curr_date);
-+ if (!tm)
-+ return 0;
-
- temp = get_trash_chunk();
- temp->len = snprintf(temp->str, temp->size - temp->len,
---
-2.4.6
-
--- /dev/null
+From e77015cdc18ab74aba61cdf57de56d06be5c2a4d Mon Sep 17 00:00:00 2001
+From: Willy Tarreau <w@1wt.eu>
+Date: Wed, 14 Jan 2015 11:48:58 +0100
+Subject: [PATCH 05/10] MINOR: config: extend the default max hostname length
+ to 64 and beyond
+
+Some users reported that the default max hostname length of 32 is too
+short in some environments. This patch does two things :
+
+ - it relies on the system's max hostname length as found in MAXHOSTNAMELEN
+ if it is set. This is the most logical thing to do as the system libs
+ generally present the appropriate value supported by the system. This
+ value is 64 on Linux and 256 on Solaris, to give a few examples.
+
+ - otherwise it defaults to 64
+
+It is still possible to override this value by defining MAX_HOSTNAME_LEN at
+build time. After some observation time, this patch may be backported to
+1.5 if it does not cause any build issue, as it is harmless and may help
+some users.
+(cherry picked from commit 75abcb3106e2c27ef983df885558cf94e01f717a)
+
+Cc: Lukas Tribus <luky-37@hotmail.com>
+Cc: jose.castro.leon@cern.ch
+
+[wt: no issue reported so far and Jose rightfully asked for it in 1.5]
+---
+ include/common/defaults.h | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/include/common/defaults.h b/include/common/defaults.h
+index 0075509..a191b8a 100644
+--- a/include/common/defaults.h
++++ b/include/common/defaults.h
+@@ -190,8 +190,12 @@
+
+ /* Maximum host name length */
+ #ifndef MAX_HOSTNAME_LEN
+-#define MAX_HOSTNAME_LEN 32
+-#endif
++#if MAXHOSTNAMELEN
++#define MAX_HOSTNAME_LEN MAXHOSTNAMELEN
++#else
++#define MAX_HOSTNAME_LEN 64
++#endif // MAXHOSTNAMELEN
++#endif // MAX_HOSTNAME_LEN
+
+ /* Maximum health check description length */
+ #ifndef HCHK_DESC_LEN
+--
+2.4.10
+
--- /dev/null
+From 3de8e7ab8d9125402cc1a8fb48ee475ee21d7d4c Mon Sep 17 00:00:00 2001
+From: Willy Tarreau <w@1wt.eu>
+Date: Wed, 25 Nov 2015 20:11:11 +0100
+Subject: [PATCH 06/10] BUG/MEDIUM: http: don't enable auto-close on the
+ response side
+
+There is a bug where "option http-keep-alive" doesn't force a response
+to stay in keep-alive if the server sends the FIN along with the response
+on the second or subsequent response. The reason is that the auto-close
+was forced enabled when recycling the HTTP transaction and it's never
+disabled along the response processing chain before the SHUTR gets a
+chance to be forwarded to the client side. The MSG_DONE state of the
+HTTP response properly disables it but too late.
+
+There's no more reason for enabling auto-close here, because either it
+doesn't matter in non-keep-alive modes because the connection is closed,
+or it is automatically enabled by process_stream() when it sees there's
+no analyser on the stream.
+
+This bug also affects 1.5 so a backport is desired.
+(cherry picked from commit 714ea78c9a09fe6a35a1f2d86af8f7fc9abb64d1)
+(cherry picked from commit a15091be17f27fcf4e3a84338df1a8b732e396a1)
+---
+ src/proto_http.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/src/proto_http.c b/src/proto_http.c
+index b32e778..5facfbb 100644
+--- a/src/proto_http.c
++++ b/src/proto_http.c
+@@ -4946,11 +4946,13 @@ void http_end_txn_clean_session(struct session *s)
+ s->rep->flags |= CF_EXPECT_MORE;
+ }
+
+- /* we're removing the analysers, we MUST re-enable events detection */
++ /* we're removing the analysers, we MUST re-enable events detection.
++ * We don't enable close on the response channel since it's either
++ * already closed, or in keep-alive with an idle connection handler.
++ */
+ channel_auto_read(s->req);
+ channel_auto_close(s->req);
+ channel_auto_read(s->rep);
+- channel_auto_close(s->rep);
+
+ /* we're in keep-alive with an idle connection, monitor it */
+ si_idle_conn(s->req->cons);
+--
+2.4.10
+
+++ /dev/null
-From 6c7351bdd0778bc171a2b54faed058eadc8c9d0d Mon Sep 17 00:00:00 2001
-From: Baptiste Assmann <bedis9@gmail.com>
-Date: Mon, 3 Aug 2015 11:42:50 +0200
-Subject: [PATCH 06/13] DOC: typo in 'redirect', 302 code meaning
-
-302 means a temprary move, not a permanent one
-(cherry picked from commit ea849c0cca63b1b56c9c36f9c3504caa5e826816)
----
- doc/configuration.txt | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/doc/configuration.txt b/doc/configuration.txt
-index 64697a4..e8d8b2a 100644
---- a/doc/configuration.txt
-+++ b/doc/configuration.txt
-@@ -5443,7 +5443,7 @@ redirect scheme <sch> [code <code>] <option> [{if | unless} <condition>]
- is desired. Only codes 301, 302, 303, 307 and 308 are supported,
- with 302 used by default if no code is specified. 301 means
- "Moved permanently", and a browser may cache the Location. 302
-- means "Moved permanently" and means that the browser should not
-+ means "Moved temporarily" and means that the browser should not
- cache the redirection. 303 is equivalent to 302 except that the
- browser will fetch the location with a GET method. 307 is just
- like 302 but makes it clear that the same method must be reused.
---
-2.4.6
-
--- /dev/null
+From 9154bc92ed11c6de75573dec341b6a0ce68bd0eb Mon Sep 17 00:00:00 2001
+From: Willy Tarreau <w@1wt.eu>
+Date: Wed, 25 Nov 2015 20:17:27 +0100
+Subject: [PATCH 07/10] BUG/MEDIUM: stream: fix half-closed timeout handling
+
+client-fin and server-fin are bogus. They are applied on the write
+side after a SHUTR was seen. The immediate effect is that sometimes
+if a SHUTR was seen after a SHUTW on the same side, the timeout is
+enabled again regardless of the fact that the output is already
+closed. This results in the timeout event not to be processed and
+a busy poll loop to happen until another timeout on the stream gets
+rid of it. Note that haproxy continues its job during this, it's just
+that it eats all the CPU trying to handle an event that it ignores.
+
+An reproducible case consists in having a client stop reading data from
+a server to ensure data remain in the response buffer, then the client
+sends a shutdown(write). If abortonclose is enabled on haproxy, the
+shutdown is passed to the server side and the server responds with a
+SHUTR that cannot immediately be forwarded to the client since the
+buffer is full. During this time the event is ignored and the task is
+woken again in loops.
+
+It is worth noting that the timeout handling since 1.5 is a bit fragile
+and that it might be possible that other similar conditions still exist,
+so the timeout handling should be audited regarding this issue.
+
+Many thanks to BaiYang for providing detailed information showing the
+problem in action.
+
+This bug also affects 1.5 thus the fix must be backported.
+(cherry picked from commit f25b3573d65fd2411c7537b7b0a4817b478df909)
+[Note for 1.5, it's in session.c here]
+(cherry picked from commit 44e86286159474a52dc74f80d3271504cc6f1550)
+---
+ src/session.c | 16 ----------------
+ 1 file changed, 16 deletions(-)
+
+diff --git a/src/session.c b/src/session.c
+index 7520a85..2b2ad78 100644
+--- a/src/session.c
++++ b/src/session.c
+@@ -2213,10 +2213,6 @@ struct task *process_session(struct task *t)
+ if (unlikely((s->req->flags & (CF_SHUTW|CF_SHUTW_NOW|CF_AUTO_CLOSE|CF_SHUTR)) ==
+ (CF_AUTO_CLOSE|CF_SHUTR))) {
+ channel_shutw_now(s->req);
+- if (tick_isset(s->fe->timeout.clientfin)) {
+- s->rep->wto = s->fe->timeout.clientfin;
+- s->rep->wex = tick_add(now_ms, s->rep->wto);
+- }
+ }
+
+ /* shutdown(write) pending */
+@@ -2241,10 +2237,6 @@ struct task *process_session(struct task *t)
+ if (s->req->prod->flags & SI_FL_NOHALF)
+ s->req->prod->flags |= SI_FL_NOLINGER;
+ si_shutr(s->req->prod);
+- if (tick_isset(s->fe->timeout.clientfin)) {
+- s->rep->wto = s->fe->timeout.clientfin;
+- s->rep->wex = tick_add(now_ms, s->rep->wto);
+- }
+ }
+
+ /* it's possible that an upper layer has requested a connection setup or abort.
+@@ -2391,10 +2383,6 @@ struct task *process_session(struct task *t)
+ if (unlikely((s->rep->flags & (CF_SHUTW|CF_SHUTW_NOW|CF_AUTO_CLOSE|CF_SHUTR)) ==
+ (CF_AUTO_CLOSE|CF_SHUTR))) {
+ channel_shutw_now(s->rep);
+- if (tick_isset(s->be->timeout.serverfin)) {
+- s->req->wto = s->be->timeout.serverfin;
+- s->req->wex = tick_add(now_ms, s->req->wto);
+- }
+ }
+
+ /* shutdown(write) pending */
+@@ -2417,10 +2405,6 @@ struct task *process_session(struct task *t)
+ if (s->rep->prod->flags & SI_FL_NOHALF)
+ s->rep->prod->flags |= SI_FL_NOLINGER;
+ si_shutr(s->rep->prod);
+- if (tick_isset(s->be->timeout.serverfin)) {
+- s->req->wto = s->be->timeout.serverfin;
+- s->req->wex = tick_add(now_ms, s->req->wto);
+- }
+ }
+
+ if (s->req->prod->state == SI_ST_DIS || s->req->cons->state == SI_ST_DIS)
+--
+2.4.10
+
+++ /dev/null
-From c3453d53f2862b22d8c8e7d2399dfc38ec966aa4 Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Sun, 9 Aug 2015 10:56:35 +0200
-Subject: [PATCH 07/13] DOC: mention that %ms is left-padded with zeroes.
-
-That's important to emit logs.
-(cherry picked from commit 812c88ec126e8fc4fc0f7853f265594d03c63956)
----
- doc/configuration.txt | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/doc/configuration.txt b/doc/configuration.txt
-index e8d8b2a..1d95b5b 100644
---- a/doc/configuration.txt
-+++ b/doc/configuration.txt
-@@ -12381,7 +12381,7 @@ Please refer to the table below for currently defined variables :
- | | %hrl | captured_request_headers CLF style | string list |
- | | %hs | captured_response_headers default style | string |
- | | %hsl | captured_response_headers CLF style | string list |
-- | | %ms | accept date milliseconds | numeric |
-+ | | %ms | accept date milliseconds (left-padded with 0) | numeric |
- | | %pid | PID | numeric |
- | H | %r | http_request | string |
- | | %rc | retries | numeric |
---
-2.4.6
-
--- /dev/null
+From 07ccb48add8c8cb0dd8a0f7d3f4994866d0ef32e Mon Sep 17 00:00:00 2001
+From: Willy Tarreau <w@1wt.eu>
+Date: Thu, 26 Nov 2015 18:32:39 +0100
+Subject: [PATCH 08/10] BUG/MEDIUM: cli: changing compression rate-limiting
+ must require admin level
+
+Right now it's possible to change the global compression rate limiting
+without the CLI being at the admin level.
+
+This fix must be backported to 1.6 and 1.5.
+(cherry picked from commit a1c2b2c4f3e65d198a0a4b25a4f655f7b307a855)
+(cherry picked from commit 9e5f1489c9f2d6926729890f249f7ebb9d3bfd43)
+---
+ src/dumpstats.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/dumpstats.c b/src/dumpstats.c
+index b4be2cd..b1bbf31 100644
+--- a/src/dumpstats.c
++++ b/src/dumpstats.c
+@@ -1695,6 +1695,12 @@ static int stats_sock_parse_request(struct stream_interface *si, char *line)
+ if (strcmp(args[3], "global") == 0) {
+ int v;
+
++ if (s->listener->bind_conf->level < ACCESS_LVL_ADMIN) {
++ appctx->ctx.cli.msg = stats_permission_denied_msg;
++ appctx->st0 = STAT_CLI_PRINT;
++ return 1;
++ }
++
+ if (!*args[4]) {
+ appctx->ctx.cli.msg = "Expects a maximum input byte rate in kB/s.\n";
+ appctx->st0 = STAT_CLI_PRINT;
+--
+2.4.10
+
+++ /dev/null
-From 1104336c0ba5f474fce8fe7c0125511b59f4dd3d Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Tue, 11 Aug 2015 11:20:45 +0200
-Subject: [PATCH 08/13] CLEANUP: .gitignore: ignore more test files
-
-Exclude from "git status" many of the files that often result from
-development tests and bug reports reproducers.
-(cherry picked from commit de365a320ead43168e78facfa337130759783515)
----
- .gitignore | 27 +++++++++++++++++++++++++++
- 1 file changed, 27 insertions(+)
-
-diff --git a/.gitignore b/.gitignore
-index 762f5ad..f6ccd0e 100644
---- a/.gitignore
-+++ b/.gitignore
-@@ -18,3 +18,30 @@ make-*
- dlmalloc.c
- 00*.patch
- *.service
-+*.bak
-+contrib/base64/base64rev
-+contrib/halog/halog
-+contrib/ip6range/ip6range
-+contrib/iprange/iprange
-+tests/test_hashes
-+/*.cfg
-+/*.conf
-+/*.diff
-+/*.patch
-+/*.c
-+/*.o
-+/*.so
-+/*.txt
-+/*.TXT
-+/*.txt.*
-+/*.prof
-+/*.gprof
-+/*.prof.*
-+/*.gprof.*
-+/*.tar
-+/*.tar.gz
-+/*.tgz
-+/*.mbox
-+/*.sh
-+/bug*
-+/TAGS
---
-2.4.6
-
--- /dev/null
+From 97ef6f99b8426ffdc97864fc8bb2d85c87cfdad0 Mon Sep 17 00:00:00 2001
+From: Thierry FOURNIER <tfournier@arpalert.org>
+Date: Tue, 3 Nov 2015 19:17:37 +0100
+Subject: [PATCH 09/10] BUILD: freebsd: double declaration
+
+On freebsd, the macro LIST_PREV already exists in the header file
+<sys/queue.h>, and this makes a build error.
+
+This patch removes the macros before declaring it. This ensure
+that the error doesn't occurs.
+(cherry picked from commit 1db96672c4cd264ebca8197bec93a5ce1b23aaa9)
+(cherry picked from commit 6cf9c6b270e57f05abf72cd61f4facb5b6980d57)
+---
+ include/common/mini-clist.h | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/include/common/mini-clist.h b/include/common/mini-clist.h
+index 3c3f001..404b6fa 100644
+--- a/include/common/mini-clist.h
++++ b/include/common/mini-clist.h
+@@ -144,6 +144,7 @@ struct cond_wordlist {
+ * which contains list head <lh>, which is known as element <el> in
+ * struct pt.
+ */
++#undef LIST_PREV
+ #define LIST_PREV(lh, pt, el) (LIST_ELEM((lh)->p, pt, el))
+
+ /*
+--
+2.4.10
+
+++ /dev/null
-From 5e077624951a65e6aae381c7213fc54984768dd4 Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Tue, 11 Aug 2015 11:21:47 +0200
-Subject: [PATCH 09/13] CLEANUP: .gitignore: finally ignore everything but what
- is known.
-
-Still too many files remain, it's easier to block everything but
-what we know.
-(cherry picked from commit d71f1766bdbb041f80394662b0d293f033f93005)
----
- .gitignore | 20 ++++++++++++++++++++
- 1 file changed, 20 insertions(+)
-
-diff --git a/.gitignore b/.gitignore
-index f6ccd0e..1953ba3 100644
---- a/.gitignore
-+++ b/.gitignore
-@@ -45,3 +45,23 @@ tests/test_hashes
- /*.sh
- /bug*
- /TAGS
-+# Below we forbid everything and only allow what we know, that's much easier
-+# than blocking about 500 different test files and bug report outputs.
-+/.*
-+/*
-+!/.gitignore
-+!/CHANGELOG
-+!/LICENSE
-+!/Makefile
-+!/README
-+!/ROADMAP
-+!/SUBVERS
-+!/VERDATE
-+!/VERSION
-+!/contrib
-+!/doc
-+!/ebtree
-+!/examples
-+!/include
-+!/src
-+!/tests
---
-2.4.6
-
--- /dev/null
+From 0f836e1361933721c5689c7943143fd6cd260148 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Cyril=20Bont=C3=A9?= <cyril.bonte@free.fr>
+Date: Thu, 26 Nov 2015 21:39:56 +0100
+Subject: [PATCH 10/10] BUG/MEDIUM: sample: urlp can't match an empty value
+
+Currently urlp fetching samples were able to find parameters with an empty
+value, but the return code depended on the value length. The final result was
+that acls using urlp couldn't match empty values.
+
+Example of acl which always returned "false":
+ acl MATCH_EMPTY urlp(foo) -m len 0
+
+The fix consists in unconditionally return 1 when the parameter is found.
+
+This fix must be backported to 1.6 and 1.5.
+(cherry picked from commit ce1ef4df0135f9dc1cb6691395eacb487015fe3e)
+(cherry picked from commit 6bd426cf35c95985712369ed528c10a5f80ad8fd)
+[ note: in 1.5 we have value+value_l instead of vstart+vend ]
+---
+ src/proto_http.c | 10 ++++++----
+ 1 file changed, 6 insertions(+), 4 deletions(-)
+
+diff --git a/src/proto_http.c b/src/proto_http.c
+index 5facfbb..3af7880 100644
+--- a/src/proto_http.c
++++ b/src/proto_http.c
+@@ -11050,9 +11050,11 @@ find_url_param_pos(char* query_string, size_t query_string_l,
+ }
+
+ /*
+- * Given a url parameter name, returns its value and size into *value and
+- * *value_l respectively, and returns non-zero. If the parameter is not found,
+- * zero is returned and value/value_l are not touched.
++ * Given a url parameter name and a query string, find the next value.
++ * An empty url_param_name matches the first available parameter.
++ * If the parameter is found, 1 is returned and *value / *value_l are updated
++ * to respectively provide a pointer to the value and its length.
++ * Otherwise, 0 is returned and value/value_l are not modified.
+ */
+ static int
+ find_url_param_value(char* path, size_t path_l,
+@@ -11082,7 +11084,7 @@ find_url_param_value(char* path, size_t path_l,
+
+ *value = value_start;
+ *value_l = value_end - value_start;
+- return value_end != value_start;
++ return 1;
+ }
+
+ static int
+--
+2.4.10
+
+++ /dev/null
-From c7c1e55f09839727ba7defd37347fc500dabb202 Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Tue, 11 Aug 2015 11:36:45 +0200
-Subject: [PATCH 10/13] MEDIUM: config: emit a warning on a frontend without
- listener
-
-Commit c6678e2 ("MEDIUM: config: authorize frontend and listen without bind")
-completely removed the test for bind lines in frontends in order to make it
-easier for automated tools to generate configs (eg: replacing a bind with
-another one passing via a temporary config without any bind line). The
-problem is that some common mistakes are totally hidden now. For example,
-this apparently valid entry is silently ignored :
-
- listen 1.2.3.4:8000
- server s1 127.0.0.1:8000
-
-Hint: 1.2.3.4:8000 is mistakenly the proxy name here.
-
-Thus instead we now emit a warning to indicate that a frontend was found
-with no listener. This should be backported to 1.5 to help spot abnormal
-configurations.
-(cherry picked from commit f82d1ca2d7ec83804d6b54e61a35747ad2f85188)
----
- src/cfgparse.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/src/cfgparse.c b/src/cfgparse.c
-index 2a5f178..d67edc5 100644
---- a/src/cfgparse.c
-+++ b/src/cfgparse.c
-@@ -6193,6 +6193,12 @@ int check_config_validity()
- break;
- }
-
-+ if ((curproxy->cap & PR_CAP_FE) && LIST_ISEMPTY(&curproxy->conf.listeners)) {
-+ Warning("config : %s '%s' has no 'bind' directive. Please declare it as a backend if this was intended.\n",
-+ proxy_type_str(curproxy), curproxy->id);
-+ err_code |= ERR_WARN;
-+ }
-+
- if ((curproxy->cap & PR_CAP_BE) && (curproxy->mode != PR_MODE_HEALTH)) {
- if (curproxy->lbprm.algo & BE_LB_KIND) {
- if (curproxy->options & PR_O_TRANSP) {
---
-2.4.6
-
+++ /dev/null
-From ee12145d38a7dee81a20cf232c724ccb7a46ad8b Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Tue, 18 Aug 2015 17:15:20 +0200
-Subject: [PATCH 11/13] BUG/MEDIUM: counters: ensure that src_{inc,clr}_gpc0
- creates a missing entry
-
-During 1.5-dev20 there was some code refactoring to make the src_* fetch
-function use the same code as sc_*. Unfortunately this introduced a
-regression where src_* doesn't create an entry anymore if it does not
-exist in the table. The reason is that smp_fetch_sc_stkctr() only calls
-stktable_lookup_key() while src_inc_*/src_clr_* used to make use of
-stktable_update_key() which additionally create the entry if it does
-not exist.
-
-There's no point modifying the common function for these two exceptions,
-so instead we now have a function dedicated to the creation of this entry
-for src_* only. It is called when the entry didn't exist, so that requires
-minimal modifications to existing code.
-
-Thanks to Thierry Fournier for helping diagnose the issue.
-
-This fix must be backported to 1.5.
-(cherry picked from commit 0f4eadd4830279f5ee83aa545728fb750f5c8185)
-
-[Note: the backport to 1.5 significantly differs from the version in 1.6
- since we need to use the table's type and to retrieve the source address
- directly from the connection. At least it matches the way other src_*
- fetch functions work, and it's been verified to work fine]
----
- src/session.c | 33 +++++++++++++++++++++++++++++++++
- 1 file changed, 33 insertions(+)
-
-diff --git a/src/session.c b/src/session.c
-index 5b9e407..6d62e36 100644
---- a/src/session.c
-+++ b/src/session.c
-@@ -2806,6 +2806,33 @@ smp_fetch_sc_stkctr(struct session *l4, const struct arg *args, const char *kw)
- return &l4->stkctr[num];
- }
-
-+/* same as smp_fetch_sc_stkctr() but dedicated to src_* and can create
-+ * the entry if it doesn't exist yet. This is needed for a few fetch
-+ * functions which need to create an entry, such as src_inc_gpc* and
-+ * src_clr_gpc*.
-+ */
-+struct stkctr *
-+smp_create_src_stkctr(struct session *sess, const struct arg *args, const char *kw)
-+{
-+ static struct stkctr stkctr;
-+ struct stktable_key *key;
-+ struct connection *conn = objt_conn(sess->si[0].end);
-+
-+ if (strncmp(kw, "src_", 4) != 0)
-+ return NULL;
-+
-+ if (!conn)
-+ return NULL;
-+
-+ key = addr_to_stktable_key(&conn->addr.from, args->data.prx->table.type);
-+ if (!key)
-+ return NULL;
-+
-+ stkctr.table = &args->data.prx->table;
-+ stkctr_set_entry(&stkctr, stktable_update_key(stkctr.table, key));
-+ return &stkctr;
-+}
-+
- /* set return a boolean indicating if the requested session counter is
- * currently being tracked or not.
- * Supports being called as "sc[0-9]_tracked" only.
-@@ -2887,6 +2914,9 @@ smp_fetch_sc_inc_gpc0(struct proxy *px, struct session *l4, void *l7, unsigned i
- if (!stkctr)
- return 0;
-
-+ if (stkctr_entry(stkctr) == NULL)
-+ stkctr = smp_create_src_stkctr(l4, args, kw);
-+
- smp->flags = SMP_F_VOL_TEST;
- smp->type = SMP_T_UINT;
- smp->data.uint = 0;
-@@ -2924,6 +2954,9 @@ smp_fetch_sc_clr_gpc0(struct proxy *px, struct session *l4, void *l7, unsigned i
- if (!stkctr)
- return 0;
-
-+ if (stkctr_entry(stkctr) == NULL)
-+ stkctr = smp_create_src_stkctr(l4, args, kw);
-+
- smp->flags = SMP_F_VOL_TEST;
- smp->type = SMP_T_UINT;
- smp->data.uint = 0;
---
-2.4.6
-
+++ /dev/null
-From 2272b4ffde38c836adfd9a9b43ff5c019ef4190a Mon Sep 17 00:00:00 2001
-From: Thierry FOURNIER <tfournier@arpalert.org>
-Date: Wed, 26 Aug 2015 08:21:26 +0200
-Subject: [PATCH 12/13] DOC: ssl: missing LF
-
-An error message miss LF
-(cherry picked from commit bc965348d7ccc0a306504232ab85dc240fd31fbf)
----
- src/ssl_sock.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/ssl_sock.c b/src/ssl_sock.c
-index 2ae45ec..8f698c0 100644
---- a/src/ssl_sock.c
-+++ b/src/ssl_sock.c
-@@ -1760,7 +1760,7 @@ int ssl_sock_prepare_srv_ctx(struct server *srv, struct proxy *curproxy)
- #ifndef OPENSSL_NO_SSL3
- SSL_CTX_set_ssl_version(srv->ssl_ctx.ctx, SSLv3_client_method());
- #else
-- Alert("SSLv3 support requested but unavailable.");
-+ Alert("SSLv3 support requested but unavailable.\n");
- cfgerr++;
- #endif
- }
---
-2.4.6
-
+++ /dev/null
-From d3a93a932430bc1a4cd5d1350820c2bec706e26d Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Thu, 27 Aug 2015 17:15:05 +0200
-Subject: [PATCH 13/13] DOC: fix example of http-request using
- ssl_fc_session_id
-
-It was missing the ",hex" resulting in raw binary data being dumped in
-the header or the logs. Now we know where these crazy logs originated
-from!
-(cherry picked from commit fca4261dacab51db960d30120f4bb4201f7e4a51)
----
- doc/configuration.txt | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/doc/configuration.txt b/doc/configuration.txt
-index 1d95b5b..67d273b 100644
---- a/doc/configuration.txt
-+++ b/doc/configuration.txt
-@@ -3135,7 +3135,7 @@ http-request { allow | deny | tarpit | auth [realm <realm>] | redirect <rule> |
- Example:
- http-request set-header X-Haproxy-Current-Date %T
- http-request set-header X-SSL %[ssl_fc]
-- http-request set-header X-SSL-Session_ID %[ssl_fc_session_id]
-+ http-request set-header X-SSL-Session_ID %[ssl_fc_session_id,hex]
- http-request set-header X-SSL-Client-Verify %[ssl_c_verify]
- http-request set-header X-SSL-Client-DN %{+Q}[ssl_c_s_dn]
- http-request set-header X-SSL-Client-CN %{+Q}[ssl_c_s_dn(cn)]
---
-2.4.6
-
+++ /dev/null
-From bcd033699c5a4904967652de4980e4f35f17ee34 Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Thu, 3 Sep 2015 17:15:21 +0200
-Subject: [PATCH 14/16] BUG/MINOR: http: remove stupid HTTP_METH_NONE entry
-
-When converting the "method" fetch to a string, we used to get an empty
-string if the first character was not an upper case. This was caused by
-the lookup function which returns HTTP_METH_NONE when a lookup is not
-possible, and this method being mapped to an empty string in the array.
-
-This is a totally stupid mechanism, there's no reason for having the
-result depend on the first char. In fact the message parser already
-checks that the syntax matches an HTTP token so we can only land there
-with a valid token, hence only HTTP_METH_OTHER should be returned.
-
-This fix should be backported to all actively supported branches.
-(cherry picked from commit b7ce424be2bc9df73a3b971fa9dd6daea0332bf1)
----
- include/types/proto_http.h | 1 -
- src/proto_http.c | 11 ++++-------
- 2 files changed, 4 insertions(+), 8 deletions(-)
-
-diff --git a/include/types/proto_http.h b/include/types/proto_http.h
-index a5a5d31..dbce972 100644
---- a/include/types/proto_http.h
-+++ b/include/types/proto_http.h
-@@ -219,7 +219,6 @@ enum {
-
- /* Known HTTP methods */
- enum http_meth_t {
-- HTTP_METH_NONE = 0,
- HTTP_METH_OPTIONS,
- HTTP_METH_GET,
- HTTP_METH_HEAD,
-diff --git a/src/proto_http.c b/src/proto_http.c
-index 02dc42b..46694cb 100644
---- a/src/proto_http.c
-+++ b/src/proto_http.c
-@@ -361,12 +361,11 @@ const struct http_method_desc http_methods[26][3] = {
- [0] = { .meth = HTTP_METH_TRACE , .len=5, .text="TRACE" },
- },
- /* rest is empty like this :
-- * [1] = { .meth = HTTP_METH_NONE , .len=0, .text="" },
-+ * [0] = { .meth = HTTP_METH_OTHER , .len=0, .text="" },
- */
- };
-
- const struct http_method_name http_known_methods[HTTP_METH_OTHER] = {
-- [HTTP_METH_NONE] = { "", 0 },
- [HTTP_METH_OPTIONS] = { "OPTIONS", 7 },
- [HTTP_METH_GET] = { "GET", 3 },
- [HTTP_METH_HEAD] = { "HEAD", 4 },
-@@ -793,8 +792,8 @@ struct chunk *http_error_message(struct session *s, int msgnum)
- }
-
- /*
-- * returns HTTP_METH_NONE if there is nothing valid to read (empty or non-text
-- * string), HTTP_METH_OTHER for unknown methods, or the identified method.
-+ * returns a known method among HTTP_METH_* or HTTP_METH_OTHER for all unknown
-+ * ones.
- */
- enum http_meth_t find_http_meth(const char *str, const int len)
- {
-@@ -810,10 +809,8 @@ enum http_meth_t find_http_meth(const char *str, const int len)
- if (likely(memcmp(str, h->text, h->len) == 0))
- return h->meth;
- };
-- return HTTP_METH_OTHER;
- }
-- return HTTP_METH_NONE;
--
-+ return HTTP_METH_OTHER;
- }
-
- /* Parse the URI from the given transaction (which is assumed to be in request
---
-2.4.6
-
+++ /dev/null
-From 3f34b5539e7ba31e44055d853b9ba496e73e0bae Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Mon, 7 Sep 2015 19:32:33 +0200
-Subject: [PATCH 15/16] BUG/MAJOR: http: don't call http_send_name_header()
- after an error
-
-A crash was reported when using the "famous" http-send-name-header
-directive. This time it's a bit tricky, it requires a certain number of
-conditions to be met including maxconn on a server, queuing, timeout in
-the queue and cookie-based persistence.
-
-The problem is that in stream.c, before calling http_send_name_header(),
-we check a number of conditions to know if we have to replace the header
-name. But prior to reaching this place, it's possible for
-sess_update_stream_int() to fail and change the stream-int's state to
-SI_ST_CLO, send an error 503 to the client, and flush all buffers. But
-http_send_name_header() can only be called with valid buffer contents
-matching the http_msg's description. So when it rewinds the stream to
-modify the header, buf->o becomes negative by the size of the incoming
-request and is used as the argument to memmove() which basically
-displaces 4GB of memory off a few bytes to write the new name, resulting
-in a core and a core file that's really not fun to play with.
-
-The solution obviously consists in refraining from calling this nasty
-function when the stream interface is already closed.
-
-This bug also affects 1.5 and possibly 1.4, so the fix must be backported
-there.
-(cherry picked from commit 9c03b33329cb4924716edc1c851913a18b0670dc)
----
- src/session.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/session.c b/src/session.c
-index 6d62e36..7520a85 100644
---- a/src/session.c
-+++ b/src/session.c
-@@ -2293,7 +2293,7 @@ struct task *process_session(struct task *t)
-
- /* Now we can add the server name to a header (if requested) */
- /* check for HTTP mode and proxy server_name_hdr_name != NULL */
-- if ((s->si[1].state >= SI_ST_CON) &&
-+ if ((s->si[1].state >= SI_ST_CON) && (s->si[1].state < SI_ST_CLO) &&
- (s->be->server_id_hdr_name != NULL) &&
- (s->be->mode == PR_MODE_HTTP) &&
- objt_server(s->target)) {
---
-2.4.6
-
+++ /dev/null
-From 36456071ea34546d98d3b66a696cd4c4c4643de5 Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Tue, 8 Sep 2015 16:01:25 +0200
-Subject: [PATCH 16/16] BUG/MINOR: tools: make str2sa_range() report
- unresolvable addresses
-
-If an environment variable is used in an address, and is not set, it's
-silently considered as ":" or "0.0.0.0:0" which is not correct as it
-can hide environment issues and lead to unexpected behaviours. Let's
-report this case when it happens.
-
-This fix should be backported to 1.5.
-(cherry picked from commit 9f69f46d1f1b1d116c00b4b0483c519747f977b7)
----
- src/standard.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/src/standard.c b/src/standard.c
-index f57724c..9299882 100644
---- a/src/standard.c
-+++ b/src/standard.c
-@@ -709,6 +709,11 @@ struct sockaddr_storage *str2sa_range(const char *str, int *low, int *high, char
- goto out;
- }
-
-+ if (!*str2) {
-+ memprintf(err, "'%s' resolves to an empty address (environment variable missing?)\n", str);
-+ goto out;
-+ }
-+
- memset(&ss, 0, sizeof(ss));
-
- if (strncmp(str2, "unix@", 5) == 0) {
---
-2.4.6
-
include $(TOPDIR)/rules.mk
PKG_NAME:=mwan3
-PKG_VERSION:=1.6
-PKG_RELEASE:=3
+PKG_VERSION:=2.0
+PKG_RELEASE:=0
PKG_MAINTAINER:=Jeroen Louwes <jeroen.louwes@gmail.com>
PKG_LICENSE:=GPLv2
-config interface 'wan'
+config interface 'wan1'
option enabled '1'
list track_ip '8.8.4.4'
- list track_ip '8.8.8.8'
- list track_ip '208.67.222.222'
- list track_ip '208.67.220.220'
- option reliability '2'
+ option reliability '1'
option count '1'
option timeout '2'
option interval '5'
option up '8'
config interface 'wan2'
- option enabled '0'
+ option enabled '1'
list track_ip '8.8.8.8'
- list track_ip '208.67.220.220'
option reliability '1'
option count '1'
option timeout '2'
option down '3'
option up '8'
-config member 'wan_m1_w3'
- option interface 'wan'
- option metric '1'
- option weight '3'
+config interface 'wan3'
+ option enabled '1'
+ list track_ip '208.67.222.222'
+ option reliability '1'
+ option count '1'
+ option timeout '2'
+ option interval '5'
+ option down '3'
+ option up '8'
-config member 'wan_m2_w3'
- option interface 'wan'
- option metric '2'
- option weight '3'
+config interface 'wan1_v6'
+ option family 'ipv6'
+ option enabled '1'
+ list track_ip '2001:7b8:1::2'
+ option reliability '1'
+ option count '1'
+ option timeout '2'
+ option interval '5'
+ option down '3'
+ option up '8'
-config member 'wan2_m1_w2'
- option interface 'wan2'
+config interface 'wan2_v6'
+ option family 'ipv6'
+ option enabled '1'
+ list track_ip '2001:7b8:2::2'
+ option reliability '1'
+ option count '1'
+ option timeout '2'
+ option interval '5'
+ option down '3'
+ option up '8'
+
+config interface 'wan3_v6'
+ option family 'ipv6'
+ option enabled '1'
+ list track_ip '2001:7b8:3::2'
+ option reliability '1'
+ option count '1'
+ option timeout '2'
+ option interval '5'
+ option down '3'
+ option up '8'
+
+config member 'wan1_m1_w1'
+ option interface 'wan1'
option metric '1'
- option weight '2'
+ option weight '1'
-config member 'wan2_m2_w2'
+config member 'wan2_m1_w1'
option interface 'wan2'
- option metric '2'
- option weight '2'
+ option metric '1'
+ option weight '1'
+
+config member 'wan3_m1_w1'
+ option interface 'wan3'
+ option metric '1'
+ option weight '1'
+
+config member 'wan1_v6_m1_w1'
+ option interface 'wan1_v6'
+ option metric '1'
+ option weight '1'
+
+config member 'wan2_v6_m1_w1'
+ option interface 'wan2_v6'
+ option metric '1'
+ option weight '1'
+
+config member 'wan3_v6_m1_w1'
+ option interface 'wan3_v6'
+ option metric '1'
+ option weight '1'
-config policy 'wan_only'
- list use_member 'wan_m1_w3'
+config policy 'wan1_only'
+ list use_member 'wan1_m1_w1'
config policy 'wan2_only'
- list use_member 'wan2_m1_w2'
+ list use_member 'wan2_m1_w1'
+
+config policy 'wan3_only'
+ list use_member 'wan3_m1_w1'
+
+config policy 'wan1_v6_only'
+ list use_member 'wan1_v6_m1_w1'
+
+config policy 'wan2_v6_only'
+ list use_member 'wan2_v6_m1_w1'
+
+config policy 'wan3_v6_only'
+ list use_member 'wan3_v6_m1_w1'
config policy 'balanced'
- list use_member 'wan_m1_w3'
- list use_member 'wan2_m1_w2'
+ list use_member 'wan1_m1_w1'
+ list use_member 'wan2_m1_w1'
+ list use_member 'wan3_m1_w1'
+ list use_member 'wan1_v6_m1_w1'
+ list use_member 'wan2_v6_m1_w1'
+ list use_member 'wan3_v6_m1_w1'
-config policy 'wan_wan2'
- list use_member 'wan_m1_w3'
- list use_member 'wan2_m2_w2'
+config rule 'https'
+ option src_ip '2001:3::/64'
+ option dest_port '443'
+ option proto 'tcp'
+ option use_policy 'balanced'
-config policy 'wan2_wan'
- list use_member 'wan_m2_w3'
- list use_member 'wan2_m1_w2'
+config rule 'https2'
+ option dest_port '19443'
+ option proto 'tcp'
+ option use_policy 'balanced'
+ option sticky '1'
-config rule 'youtube'
+config rule 'igs'
+ option proto 'icmp'
+ option family 'ipv4'
option sticky '1'
- option ipset 'youtube'
- option dest_port '80,443'
- option proto 'tcp'
+ option ipset 'google'
option use_policy 'balanced'
-config rule 'https'
+config rule 'i6gs'
+ option proto 'icmpv6'
+ option family 'ipv6'
option sticky '1'
- option dest_port '443'
- option proto 'tcp'
+ option ipset 'google'
option use_policy 'balanced'
config rule 'default_rule'
- option dest_ip '0.0.0.0/0'
option use_policy 'balanced'
#!/bin/sh
-local IP IPS IPT LOG
+[ "$ACTION" == "ifup" -o "$ACTION" == "ifdown" ] || exit 1
+[ -n "$INTERFACE" ] || exit 2
-[ -n "$ACTION" ] || exit 0
-[ -n "$INTERFACE" ] || exit 0
-
-if [ $ACTION == "ifup" ]; then
- [ -n "$DEVICE" ] || exit 0
-fi
-
-if [ -x /usr/sbin/ip ]; then
- IP="/usr/sbin/ip -4"
-elif [ -x /usr/bin/ip ]; then
- IP="/usr/bin/ip -4"
-else
- exit 1
-fi
-
-if [ -x /usr/sbin/ipset ]; then
- IPS="/usr/sbin/ipset"
-else
- exit 1
-fi
-
-if [ -x /usr/sbin/iptables ]; then
- IPT="/usr/sbin/iptables -t mangle -w"
-else
- exit 1
+if [ "$ACTION" == "ifup" ]; then
+ [ -n "$DEVICE" ] || exit 3
fi
-if [ -x /usr/bin/logger ]; then
- LOG="/usr/bin/logger -t mwan3 -p"
-else
- exit 1
-fi
-
-
-mwan3_get_iface_id()
-{
- let iface_count++
- [ "$1" == "$INTERFACE" ] && iface_id=$iface_count
-}
-
-mwan3_set_general_iptables()
-{
- if ! $IPT -S mwan3_ifaces &> /dev/null; then
- $IPT -N mwan3_ifaces
- fi
-
- if ! $IPT -S mwan3_connected &> /dev/null; then
- $IPT -N mwan3_connected
- $IPS create mwan3_connected hash:net
- $IPT -A mwan3_connected -m set --match-set mwan3_connected dst -j MARK --set-xmark 0xff00/0xff00
- fi
-
- if ! $IPT -S mwan3_track &> /dev/null; then
- $IPT -N mwan3_track
- fi
-
- if ! $IPT -S mwan3_rules &> /dev/null; then
- $IPT -N mwan3_rules
- fi
-
- if ! $IPT -S mwan3_hook &> /dev/null; then
- $IPT -N mwan3_hook
- $IPT -A mwan3_hook -j CONNMARK --restore-mark --nfmask 0xff00 --ctmask 0xff00
- $IPT -A mwan3_hook -m mark --mark 0x0/0xff00 -j mwan3_ifaces
- $IPT -A mwan3_hook -m mark --mark 0x0/0xff00 -j mwan3_connected
- $IPT -A mwan3_hook -m mark --mark 0x0/0xff00 -j mwan3_track
- $IPT -A mwan3_hook -m mark --mark 0x0/0xff00 -j mwan3_rules
- $IPT -A mwan3_hook -j CONNMARK --save-mark --nfmask 0xff00 --ctmask 0xff00
- $IPT -A mwan3_hook -m mark ! --mark 0xff00/0xff00 -j mwan3_connected
- fi
-
- if ! $IPT -S PREROUTING | grep mwan3_hook &> /dev/null; then
- $IPT -A PREROUTING -j mwan3_hook
- fi
-
- if ! $IPT -S OUTPUT | grep mwan3_hook &> /dev/null; then
- $IPT -A OUTPUT -j mwan3_hook
- fi
-
- $IPT -F mwan3_rules
-}
-
-mwan3_set_general_rules()
-{
- if [ -z "$($IP rule list | awk '$1 == "2253:"')" ]; then
- $IP rule add pref 2253 fwmark 0xfd00/0xff00 blackhole
- fi
-
- if [ -z "$($IP rule list | awk '$1 == "2254:"')" ]; then
- $IP rule add pref 2254 fwmark 0xfe00/0xff00 unreachable
- fi
-}
-
-mwan3_set_connected_iptables()
-{
- local connected_network
-
- if $IPT -S mwan3_connected &> /dev/null; then
-
- $IPS create mwan3_connected_temp hash:net
-
- for connected_network in $($IP route | awk '{print $1}' | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}'); do
- $IPS -! add mwan3_connected_temp $connected_network
- done
-
- for connected_network in $($IP route list table 0 | awk '{print $2}' | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}'); do
- $IPS -! add mwan3_connected_temp $connected_network
- done
-
- $IPS add mwan3_connected_temp 224.0.0.0/3
- $IPS swap mwan3_connected_temp mwan3_connected
- $IPS destroy mwan3_connected_temp
-
- fi
-}
-
-mwan3_set_iface_iptables()
-{
- if ! $IPT -S mwan3_iface_$INTERFACE &> /dev/null; then
- $IPT -N mwan3_iface_$INTERFACE
- fi
-
- $IPT -F mwan3_iface_$INTERFACE
- $IPT -D mwan3_ifaces -m mark --mark 0x0/0xff00 -j mwan3_iface_$INTERFACE &> /dev/null
-
- if [ $ACTION == "ifup" ]; then
- $IPT -I mwan3_iface_$INTERFACE -i $DEVICE -m set --match-set mwan3_connected src -m mark --mark 0x0/0xff00 -m comment --comment "default" -j MARK --set-xmark 0xff00/0xff00
- $IPT -A mwan3_iface_$INTERFACE -i $DEVICE -m mark --mark 0x0/0xff00 -m comment --comment "$INTERFACE" -j MARK --set-xmark $(($iface_id*256))/0xff00
- $IPT -A mwan3_ifaces -m mark --mark 0x0/0xff00 -j mwan3_iface_$INTERFACE
- fi
-
- if [ $ACTION == "ifdown" ]; then
- $IPT -X mwan3_iface_$INTERFACE
- fi
-}
-
-mwan3_set_iface_route()
-{
- $IP route flush table $iface_id
- [ $ACTION == "ifup" ] && $IP route add table $iface_id default $route_args
-}
-
-mwan3_set_iface_rules()
-{
- while [ -n "$($IP rule list | awk '$1 == "'$(($iface_id+1000)):'"')" ]; do
- $IP rule del pref $(($iface_id+1000))
- done
-
- while [ -n "$($IP rule list | awk '$1 == "'$(($iface_id+2000)):'"')" ]; do
- $IP rule del pref $(($iface_id+2000))
- done
-
- [ $ACTION == "ifup" ] && $IP rule add pref $(($iface_id+1000)) iif $DEVICE lookup main
- [ $ACTION == "ifup" ] && $IP rule add pref $(($iface_id+2000)) fwmark $(($iface_id*256))/0xff00 lookup $iface_id
-}
-
-mwan3_set_iface_ipset()
-{
- local setname entry
-
- for setname in $(ipset -n list | grep ^mwan3_sticky_); do
- for entry in $(ipset list $setname | grep "$(echo $(($iface_id*256)) | awk '{ printf "0x%08x", $1; }')" | cut -d ' ' -f 1); do
- $IPS del $setname $entry
- done
- done
-}
-
-mwan3_track()
-{
- local track_ip track_ips reliability count timeout interval down up
-
- mwan3_list_track_ips()
- {
- track_ips="$1 $track_ips"
- }
- config_list_foreach $INTERFACE track_ip mwan3_list_track_ips
-
- if [ -e /var/run/mwan3track-$INTERFACE.pid ] ; then
- kill $(cat /var/run/mwan3track-$INTERFACE.pid) &> /dev/null
- rm /var/run/mwan3track-$INTERFACE.pid &> /dev/null
- fi
-
- if [ -n "$track_ips" ]; then
- config_get reliability $INTERFACE reliability 1
- config_get count $INTERFACE count 1
- config_get timeout $INTERFACE timeout 4
- config_get interval $INTERFACE interval 10
- config_get down $INTERFACE down 5
- config_get up $INTERFACE up 5
-
- $IPS -! create mwan3_track_$INTERFACE hash:ip
- $IPS create mwan3_track_temp_$INTERFACE hash:ip
-
- for track_ip in $track_ips; do
- $IPS -! add mwan3_track_temp_$INTERFACE $track_ip
- done
-
- $IPS swap mwan3_track_temp_$INTERFACE mwan3_track_$INTERFACE
- $IPS destroy mwan3_track_temp_$INTERFACE
-
- $IPT -D mwan3_track -p icmp -m set --match-set mwan3_track_$INTERFACE dst -m icmp --icmp-type 8 -m length --length 32 -j MARK --set-xmark 0xff00/0xff00 &> /dev/null
- $IPT -A mwan3_track -p icmp -m set --match-set mwan3_track_$INTERFACE dst -m icmp --icmp-type 8 -m length --length 32 -j MARK --set-xmark 0xff00/0xff00
-
- [ -x /usr/sbin/mwan3track ] && /usr/sbin/mwan3track $INTERFACE $DEVICE $reliability $count $timeout $interval $down $up $track_ips &
- else
- $IPT -D mwan3_track -p icmp -m set --match-set mwan3_track_$INTERFACE dst -m icmp --icmp-type 8 -m length --length 32 -j MARK --set-xmark 0xff00/0xff00 &> /dev/null
- $IPS destroy mwan3_track_$INTERFACE
- fi
-}
-
-mwan3_set_policy()
-{
- local iface_count iface_id INTERFACE metric probability weight
-
- config_get INTERFACE $1 interface
- config_get metric $1 metric 1
- config_get weight $1 weight 1
-
- [ -n "$INTERFACE" ] || return 0
+[ -x /usr/bin/ip ] || exit 4
+[ -x /usr/sbin/ipset ] || exit 5
+[ -x /usr/sbin/iptables ] || exit 6
+[ -x /usr/sbin/ip6tables ] || exit 7
+[ -x /usr/bin/logger ] || exit 8
- config_foreach mwan3_get_iface_id interface
+. /lib/functions.sh
+. /lib/functions/network.sh
+. /lib/mwan3/mwan3.sh
- [ -n "$iface_id" ] || return 0
+config_load mwan3
- if $IPT -S mwan3_iface_$INTERFACE &> /dev/null; then
- if [ "$metric" -lt "$lowest_metric" ]; then
+config_get enabled $INTERFACE enabled 0
+[ "$enabled" == "1" ] || exit 0
- total_weight=$weight
- $IPT -F mwan3_policy_$policy
- $IPT -A mwan3_policy_$policy -m mark --mark 0x0/0xff00 -m comment --comment "$INTERFACE $weight $weight" -j MARK --set-xmark $(($iface_id*256))/0xff00
+$LOG notice "$ACTION interface $INTERFACE (${DEVICE:-unknown})"
- lowest_metric=$metric
-
- elif [ "$metric" -eq "$lowest_metric" ]; then
-
- total_weight=$(($total_weight+$weight))
- probability=$(($weight*1000/$total_weight))
-
- if [ "$probability" -lt 10 ]; then
- probability="0.00$probability"
- elif [ $probability -lt 100 ]; then
- probability="0.0$probability"
- elif [ $probability -lt 1000 ]; then
- probability="0.$probability"
- else
- probability="1"
- fi
-
- probability="-m statistic --mode random --probability $probability"
-
- $IPT -I mwan3_policy_$policy -m mark --mark 0x0/0xff00 $probability -m comment --comment "$INTERFACE $weight $total_weight" -j MARK --set-xmark $(($iface_id*256))/0xff00
- fi
- fi
-}
-
-mwan3_set_policies_iptables()
-{
- local last_resort lowest_metric policy total_weight
-
- policy=$1
-
- config_get last_resort $1 last_resort unreachable
-
- if [ "$policy" != $(echo "$policy" | cut -c1-15) ]; then
- $LOG warn "Policy $policy exceeds max of 15 chars. Not setting policy" && return 0
- fi
-
- if ! $IPT -S mwan3_policy_$policy &> /dev/null; then
- $IPT -N mwan3_policy_$policy
- fi
-
- $IPT -F mwan3_policy_$policy
-
- case "$last_resort" in
- blackhole)
- $IPT -A mwan3_policy_$policy -m mark --mark 0x0/0xff00 -m comment --comment "blackhole" -j MARK --set-xmark 0xfd00/0xff00
- ;;
- default)
- $IPT -A mwan3_policy_$policy -m mark --mark 0x0/0xff00 -m comment --comment "default" -j MARK --set-xmark 0xff00/0xff00
- ;;
- *)
- $IPT -A mwan3_policy_$policy -m mark --mark 0x0/0xff00 -m comment --comment "unreachable" -j MARK --set-xmark 0xfe00/0xff00
- ;;
- esac
-
- lowest_metric=256
- total_weight=0
-
- config_list_foreach $policy use_member mwan3_set_policy
-}
-
-mwan3_set_sticky_iptables()
-{
- local INTERFACE iface_count iface_id
-
- INTERFACE="$1"
-
- config_foreach mwan3_get_iface_id interface
- unset iface_count
-
- $IPS -! create mwan3_sticky_$rule hash:ip,mark markmask 0xff00 timeout $timeout
-
- if [ -n "$iface_id" ]; then
- if [ -n "$($IPT -S mwan3_iface_$1 2> /dev/null)" ]; then
- $IPT -I mwan3_rule_$rule -m set ! --match-set mwan3_sticky_$rule src,src -j MARK --set-xmark 0x0/0xff00
- $IPT -I mwan3_rule_$rule -m mark --mark 0/0xff00 -j MARK --set-xmark $(($iface_id*256))/0xff00
- fi
- fi
-
- unset iface_id
-}
-
-mwan3_set_user_rules_iptables()
-{
- local ipset proto src_ip src_port sticky dest_ip dest_port use_policy rule timeout
-
- config_get sticky $1 sticky 0
- config_get timeout $1 timeout 600
- config_get ipset $1 ipset
- config_get proto $1 proto all
- config_get src_ip $1 src_ip 0.0.0.0/0
- config_get src_port $1 src_port 0:65535
- config_get dest_ip $1 dest_ip 0.0.0.0/0
- config_get dest_port $1 dest_port 0:65535
- config_get use_policy $1 use_policy
-
- rule="$1"
-
- if [ "$rule" != $(echo "$rule" | cut -c1-15) ]; then
- $LOG warn "Rule $rule exceeds max of 15 chars. Not setting rule" && return 0
- fi
-
- if [ -n "$ipset" ]; then
- if [ -z "$($IPS -n list $ipset)" ]; then
- $IPS create $ipset hash:ip timeout 3600
- fi
-
- ipset="-m set --match-set $ipset dst"
- fi
-
- if [ -n "$use_policy" ]; then
- if [ "$use_policy" == "default" ]; then
- use_policy="MARK --set-xmark 0xff00/0xff00"
- elif [ "$use_policy" == "unreachable" ]; then
- use_policy="MARK --set-xmark 0xfe00/0xff00"
- elif [ "$use_policy" == "blackhole" ]; then
- use_policy="MARK --set-xmark 0xfd00/0xff00"
- else
- if [ "$sticky" -eq 1 ]; then
-
- if ! $IPT -S mwan3_rule_$rule &> /dev/null; then
- $IPT -N mwan3_rule_$rule
- fi
-
- $IPT -F mwan3_rule_$rule
-
- config_foreach mwan3_set_sticky_iptables interface
-
- $IPT -A mwan3_rule_$rule -m mark --mark 0/0xff00 -j mwan3_policy_$use_policy
- $IPT -A mwan3_rule_$rule -m mark ! --mark 0xfc00/0xfc00 -j SET --del-set mwan3_sticky_$rule src,src
- $IPT -A mwan3_rule_$rule -m mark ! --mark 0xfc00/0xfc00 -j SET --add-set mwan3_sticky_$rule src,src
-
- use_policy="mwan3_rule_$rule"
- else
- use_policy="mwan3_policy_$use_policy"
- fi
- fi
-
- case $proto in
- tcp|udp)
- $IPT -A mwan3_rules -p $proto -s $src_ip -d $dest_ip $ipset -m multiport --sports $src_port -m multiport --dports $dest_port -m mark --mark 0/0xff00 -m comment --comment "$1" -j $use_policy &> /dev/null
- ;;
- *)
- $IPT -A mwan3_rules -p $proto -s $src_ip -d $dest_ip $ipset -m mark --mark 0/0xff00 -m comment --comment "$1" -j $use_policy &> /dev/null
- ;;
- esac
- fi
-}
-
-mwan3_ifupdown()
-{
- local counter enabled iface_count iface_id route_args wan_metric
-
- config_load mwan3
- config_foreach mwan3_get_iface_id interface
-
- [ -n "$iface_id" ] || return 0
- [ "$iface_count" -le 250 ] || return 0
- unset iface_count
-
- config_get enabled $INTERFACE enabled 0
-
- counter=0
-
- if [ $ACTION == "ifup" ]; then
- [ "$enabled" -eq 1 ] || return 0
-
- while [ -z "$($IP route list dev $DEVICE default | head -1)" -a "$counter" -lt 10 ]; do
- sleep 1
- let counter++
- if [ "$counter" -ge 10 ]; then
- $LOG warn "Could not find gateway for interface $INTERFACE ($DEVICE)" && return 0
- fi
- done
-
- route_args=$($IP route list dev $DEVICE default | head -1 | sed '/.*via \([^ ]*\) .*$/!d;s//via \1/;q' | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}')
- route_args="$route_args dev $DEVICE"
- fi
-
- while [ "$(pgrep -f -o hotplug-call)" -ne $$ -a "$counter" -lt 60 ]; do
- sleep 1
- let counter++
- if [ "$counter" -ge 60 ]; then
- $LOG warn "Timeout waiting for older hotplug processes to finish. $ACTION interface $INTERFACE (${DEVICE:-unknown}) aborted" && return 0
- fi
- done
-
- $LOG notice "$ACTION interface $INTERFACE (${DEVICE:-unknown})"
-
- mwan3_set_general_iptables
- mwan3_set_general_rules
- mwan3_set_iface_iptables
- mwan3_set_iface_route
- mwan3_set_iface_rules
-
- [ $ACTION == "ifdown" ] && mwan3_set_iface_ipset
- [ $ACTION == "ifup" ] && mwan3_track
-
- config_foreach mwan3_set_policies_iptables policy
- config_foreach mwan3_set_user_rules_iptables rule
-}
+mwan3_set_connected_iptables
case "$ACTION" in
- ifup|ifdown)
- mwan3_ifupdown
- mwan3_set_connected_iptables
+ ifup)
+ mwan3_set_general_rules
+ mwan3_set_general_iptables
+ mwan3_create_iface_rules $INTERFACE $DEVICE
+ mwan3_create_iface_iptables $INTERFACE $DEVICE
+ mwan3_create_iface_route $INTERFACE $DEVICE
+ mwan3_track $INTERFACE $DEVICE
+ mwan3_set_user_rules
+ ;;
+ ifdown)
+ mwan3_delete_iface_rules $INTERFACE
+ mwan3_delete_iface_iptables $INTERFACE
+ mwan3_delete_iface_route $INTERFACE
+ mwan3_delete_iface_ipset_entries $INTERFACE
;;
esac
+config_foreach mwan3_create_policies_iptables policy
+
exit 0
--- /dev/null
+#!/bin/sh
+
+local IP4 IP6 IPS IPT4 IPT6 LOG
+
+IP4="/usr/bin/ip -4"
+IP6="/usr/bin/ip -6"
+IPS="/usr/sbin/ipset"
+IPT4="/usr/sbin/iptables -t mangle -w"
+IPT6="/usr/sbin/ip6tables -t mangle -w"
+LOG="/usr/bin/logger -t mwan3 -p"
+
+mwan3_get_iface_id()
+{
+ local _tmp _iface _iface_count
+
+ _iface="$2"
+
+ mwan3_get_id()
+ {
+ let _iface_count++
+ [ "$1" == "$_iface" ] && _tmp=$_iface_count
+ }
+ config_foreach mwan3_get_id interface
+ export "$1=$_tmp"
+}
+
+mwan3_set_connected_iptables()
+{
+ local connected_network_v4 connected_network_v6
+
+ $IPS -! create mwan3_connected_v4 hash:net
+ $IPS create mwan3_connected_v4_temp hash:net
+
+ for connected_network_v4 in $($IP4 route | awk '{print $1}' | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}'); do
+ $IPS -! add mwan3_connected_v4_temp $connected_network_v4
+ done
+
+ for connected_network_v4 in $($IP4 route list table 0 | awk '{print $2}' | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}'); do
+ $IPS -! add mwan3_connected_v4_temp $connected_network_v4
+ done
+
+ $IPS add mwan3_connected_v4_temp 224.0.0.0/3
+
+ $IPS swap mwan3_connected_v4_temp mwan3_connected_v4
+ $IPS destroy mwan3_connected_v4_temp
+
+ $IPS -! create mwan3_connected_v6 hash:net family inet6
+ $IPS create mwan3_connected_v6_temp hash:net family inet6
+
+ for connected_network_v6 in $($IP6 route | awk '{print $1}' | egrep '([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])'); do
+ $IPS -! add mwan3_connected_v6_temp $connected_network_v6
+ done
+
+ $IPS swap mwan3_connected_v6_temp mwan3_connected_v6
+ $IPS destroy mwan3_connected_v6_temp
+
+ $IPS -! create mwan3_connected list:set
+ $IPS -! add mwan3_connected mwan3_connected_v4
+ $IPS -! add mwan3_connected mwan3_connected_v6
+}
+
+mwan3_set_general_rules()
+{
+ local IP
+
+ for IP in "$IP4" "$IP6"; do
+
+ if [ -z "$($IP rule list | awk '$1 == "2253:"')" ]; then
+ $IP rule add pref 2253 fwmark 0xfd00/0xff00 blackhole
+ fi
+
+ if [ -z "$($IP rule list | awk '$1 == "2254:"')" ]; then
+ $IP rule add pref 2254 fwmark 0xfe00/0xff00 unreachable
+ fi
+ done
+}
+
+mwan3_set_general_iptables()
+{
+ local IPT
+
+ for IPT in "$IPT4" "$IPT6"; do
+
+ if ! $IPT -S mwan3_ifaces_in &> /dev/null; then
+ $IPT -N mwan3_ifaces_in
+ fi
+
+ if ! $IPT -S mwan3_ifaces_out &> /dev/null; then
+ $IPT -N mwan3_ifaces_out
+ fi
+
+ if ! $IPT -S mwan3_connected &> /dev/null; then
+ $IPT -N mwan3_connected
+ $IPS -! create mwan3_connected list:set
+ $IPT -A mwan3_connected -m set --match-set mwan3_connected dst -j MARK --set-xmark 0xff00/0xff00
+ fi
+
+ if ! $IPT -S mwan3_rules &> /dev/null; then
+ $IPT -N mwan3_rules
+ fi
+
+ if ! $IPT -S mwan3_hook &> /dev/null; then
+ $IPT -N mwan3_hook
+ $IPT -A mwan3_hook -j CONNMARK --restore-mark --nfmask 0xff00 --ctmask 0xff00
+ $IPT -A mwan3_hook -m mark --mark 0x0/0xff00 -j mwan3_ifaces_in
+ $IPT -A mwan3_hook -m mark --mark 0x0/0xff00 -j mwan3_ifaces_out
+ $IPT -A mwan3_hook -m mark --mark 0x0/0xff00 -j mwan3_connected
+ $IPT -A mwan3_hook -m mark --mark 0x0/0xff00 -j mwan3_rules
+ $IPT -A mwan3_hook -j CONNMARK --save-mark --nfmask 0xff00 --ctmask 0xff00
+ $IPT -A mwan3_hook -m mark ! --mark 0xff00/0xff00 -j mwan3_connected
+ fi
+
+ if ! $IPT -S PREROUTING | grep mwan3_hook &> /dev/null; then
+ $IPT -A PREROUTING -j mwan3_hook
+ fi
+
+ if ! $IPT -S OUTPUT | grep mwan3_hook &> /dev/null; then
+ $IPT -A OUTPUT -j mwan3_hook
+ fi
+ done
+}
+
+mwan3_create_iface_iptables()
+{
+ local id family src_ip src_ipv6
+
+ config_get family $1 family ipv4
+ mwan3_get_iface_id id $1
+
+ [ -n "$id" ] || return 0
+
+ if [ "$family" == "ipv4" ]; then
+
+ network_get_ipaddr src_ip $1
+
+ $IPS -! create mwan3_connected list:set
+
+ if ! $IPT4 -S mwan3_ifaces_in &> /dev/null; then
+ $IPT4 -N mwan3_ifaces_in
+ fi
+
+ if ! $IPT4 -S mwan3_ifaces_out &> /dev/null; then
+ $IPT4 -N mwan3_ifaces_out
+ fi
+
+ if ! $IPT4 -S mwan3_iface_in_$1 &> /dev/null; then
+ $IPT4 -N mwan3_iface_in_$1
+ fi
+
+ if ! $IPT4 -S mwan3_iface_out_$1 &> /dev/null; then
+ $IPT4 -N mwan3_iface_out_$1
+ fi
+
+ $IPT4 -F mwan3_iface_in_$1
+ $IPT4 -A mwan3_iface_in_$1 -i $2 -m set --match-set mwan3_connected src -m mark --mark 0x0/0xff00 -m comment --comment "default" -j MARK --set-xmark 0xff00/0xff00
+ $IPT4 -A mwan3_iface_in_$1 -i $2 -m mark --mark 0x0/0xff00 -m comment --comment "$1" -j MARK --set-xmark $(($id*256))/0xff00
+
+ $IPT4 -D mwan3_ifaces_in -m mark --mark 0x0/0xff00 -j mwan3_iface_in_$1 &> /dev/null
+ $IPT4 -A mwan3_ifaces_in -m mark --mark 0x0/0xff00 -j mwan3_iface_in_$1
+
+ $IPT4 -F mwan3_iface_out_$1
+ $IPT4 -A mwan3_iface_out_$1 -s $src_ip -m mark --mark 0x0/0xff00 -m comment --comment "$1" -j MARK --set-xmark $(($id*256))/0xff00
+
+ $IPT4 -D mwan3_ifaces_out -m mark --mark 0x0/0xff00 -j mwan3_iface_out_$1 &> /dev/null
+ $IPT4 -A mwan3_ifaces_out -m mark --mark 0x0/0xff00 -j mwan3_iface_out_$1
+ fi
+
+ if [ "$family" == "ipv6" ]; then
+
+ network_get_ipaddr6 src_ipv6 $1
+
+ $IPS -! create mwan3_connected_v6 hash:net family inet6
+
+ if ! $IPT6 -S mwan3_ifaces_in &> /dev/null; then
+ $IPT6 -N mwan3_ifaces_in
+ fi
+
+ if ! $IPT6 -S mwan3_ifaces_out &> /dev/null; then
+ $IPT6 -N mwan3_ifaces_out
+ fi
+
+ if ! $IPT6 -S mwan3_iface_in_$1 &> /dev/null; then
+ $IPT6 -N mwan3_iface_in_$1
+ fi
+
+ if ! $IPT6 -S mwan3_iface_out_$1 &> /dev/null; then
+ $IPT6 -N mwan3_iface_out_$1
+ fi
+
+ $IPT6 -F mwan3_iface_in_$1
+ $IPT6 -A mwan3_iface_in_$1 -i $2 -m set --match-set mwan3_connected_v6 src -m mark --mark 0x0/0xff00 -m comment --comment "default" -j MARK --set-xmark 0xff00/0xff00
+ $IPT6 -A mwan3_iface_in_$1 -i $2 -m mark --mark 0x0/0xff00 -m comment --comment "$1" -j MARK --set-xmark $(($id*256))/0xff00
+
+ $IPT6 -D mwan3_ifaces_in -m mark --mark 0x0/0xff00 -j mwan3_iface_in_$1 &> /dev/null
+ $IPT6 -A mwan3_ifaces_in -m mark --mark 0x0/0xff00 -j mwan3_iface_in_$1
+
+ $IPT6 -F mwan3_iface_out_$1
+ $IPT6 -A mwan3_iface_out_$1 -s $src_ipv6 -m mark --mark 0x0/0xff00 -m comment --comment "$1" -j MARK --set-xmark $(($id*256))/0xff00
+
+ $IPT6 -D mwan3_ifaces_out -m mark --mark 0x0/0xff00 -j mwan3_iface_out_$1 &> /dev/null
+ $IPT6 -A mwan3_ifaces_out -m mark --mark 0x0/0xff00 -j mwan3_iface_out_$1
+ fi
+}
+
+mwan3_delete_iface_iptables()
+{
+ config_get family $1 family ipv4
+
+ if [ "$family" == "ipv4" ]; then
+
+ $IPT4 -D mwan3_ifaces_in -m mark --mark 0x0/0xff00 -j mwan3_iface_in_$1 &> /dev/null
+ $IPT4 -F mwan3_iface_in_$1 &> /dev/null
+ $IPT4 -X mwan3_iface_in_$1 &> /dev/null
+
+ $IPT4 -D mwan3_ifaces_out -m mark --mark 0x0/0xff00 -j mwan3_iface_out_$1 &> /dev/null
+ $IPT4 -F mwan3_iface_out_$1 &> /dev/null
+ $IPT4 -X mwan3_iface_out_$1 &> /dev/null
+ fi
+
+ if [ "$family" == "ipv6" ]; then
+
+ $IPT6 -D mwan3_ifaces_in -m mark --mark 0x0/0xff00 -j mwan3_iface_in_$1 &> /dev/null
+ $IPT6 -F mwan3_iface_in_$1 &> /dev/null
+ $IPT6 -X mwan3_iface_in_$1 &> /dev/null
+
+ $IPT6 -D mwan3_ifaces_out -m mark --mark 0x0/0xff00 -j mwan3_iface_out_$1 &> /dev/null
+ $IPT6 -F mwan3_iface_out_$1 &> /dev/null
+ $IPT6 -X mwan3_iface_out_$1 &> /dev/null
+ fi
+}
+
+mwan3_create_iface_route()
+{
+ local id route_args
+
+ config_get family $1 family ipv4
+ mwan3_get_iface_id id $1
+
+ [ -n "$id" ] || return 0
+
+ if [ "$family" == "ipv4" ]; then
+
+ network_get_gateway route_args $1
+ route_args="via $route_args dev $2"
+
+ $IP4 route flush table $id
+ $IP4 route add table $id default $route_args
+ fi
+
+ if [ "$family" == "ipv6" ]; then
+
+ network_get_gateway6 route_args $1
+ route_args="via $route_args dev $2"
+
+ $IP6 route flush table $id
+ $IP6 route add table $id default $route_args
+ fi
+}
+
+mwan3_delete_iface_route()
+{
+ local id
+
+ config_get family $1 family ipv4
+ mwan3_get_iface_id id $1
+
+ [ -n "$id" ] || return 0
+
+ if [ "$family" == "ipv4" ]; then
+ $IP4 route flush table $id
+ fi
+
+ if [ "$family" == "ipv6" ]; then
+ $IP6 route flush table $id
+ fi
+}
+
+mwan3_create_iface_rules()
+{
+ local id family
+
+ config_get family $1 family ipv4
+ mwan3_get_iface_id id $1
+
+ [ -n "$id" ] || return 0
+
+ if [ "$family" == "ipv4" ]; then
+
+ while [ -n "$($IP4 rule list | awk '$1 == "'$(($id+1000)):'"')" ]; do
+ $IP4 rule del pref $(($id+1000))
+ done
+
+ while [ -n "$($IP4 rule list | awk '$1 == "'$(($id+2000)):'"')" ]; do
+ $IP4 rule del pref $(($id+2000))
+ done
+
+ $IP4 rule add pref $(($id+1000)) iif $2 lookup main
+ $IP4 rule add pref $(($id+2000)) fwmark $(($id*256))/0xff00 lookup $id
+ fi
+
+ if [ "$family" == "ipv6" ]; then
+
+ while [ -n "$($IP6 rule list | awk '$1 == "'$(($id+1000)):'"')" ]; do
+ $IP6 rule del pref $(($id+1000))
+ done
+
+ while [ -n "$($IP6 rule list | awk '$1 == "'$(($id+2000)):'"')" ]; do
+ $IP6 rule del pref $(($id+2000))
+ done
+
+ $IP6 rule add pref $(($id+1000)) iif $2 lookup main
+ $IP6 rule add pref $(($id+2000)) fwmark $(($id*256))/0xff00 lookup $id
+ fi
+}
+
+mwan3_delete_iface_rules()
+{
+ local id family
+
+ config_get family $1 family ipv4
+ mwan3_get_iface_id id $1
+
+ [ -n "$id" ] || return 0
+
+ if [ "$family" == "ipv4" ]; then
+
+ while [ -n "$($IP4 rule list | awk '$1 == "'$(($id+1000)):'"')" ]; do
+ $IP4 rule del pref $(($id+1000))
+ done
+
+ while [ -n "$($IP4 rule list | awk '$1 == "'$(($id+2000)):'"')" ]; do
+ $IP4 rule del pref $(($id+2000))
+ done
+ fi
+
+ if [ "$family" == "ipv6" ]; then
+
+ while [ -n "$($IP6 rule list | awk '$1 == "'$(($id+1000)):'"')" ]; do
+ $IP6 rule del pref $(($id+1000))
+ done
+
+ while [ -n "$($IP6 rule list | awk '$1 == "'$(($id+2000)):'"')" ]; do
+ $IP6 rule del pref $(($id+2000))
+ done
+ fi
+}
+
+mwan3_delete_iface_ipset_entries()
+{
+ local id setname entry
+
+ mwan3_get_iface_id id $1
+
+ [ -n "$id" ] || return 0
+
+ for setname in $(ipset -n list | grep ^mwan3_sticky_); do
+ for entry in $(ipset list $setname | grep "$(echo $(($id*256)) | awk '{ printf "0x%08x", $1; }')" | cut -d ' ' -f 1); do
+ $IPS del $setname $entry
+ done
+ done
+}
+
+mwan3_track()
+{
+ local track_ip track_ips reliability count timeout interval down up
+
+ mwan3_list_track_ips()
+ {
+ track_ips="$1 $track_ips"
+ }
+ config_list_foreach $1 track_ip mwan3_list_track_ips
+
+ if [ -e /var/run/mwan3track-$1.pid ] ; then
+ kill $(cat /var/run/mwan3track-$1.pid) &> /dev/null
+ rm /var/run/mwan3track-$1.pid &> /dev/null
+ fi
+
+ if [ -n "$track_ips" ]; then
+ config_get reliability $1 reliability 1
+ config_get count $1 count 1
+ config_get timeout $1 timeout 4
+ config_get interval $1 interval 10
+ config_get down $1 down 5
+ config_get up $1 up 5
+
+ [ -x /usr/sbin/mwan3track ] && /usr/sbin/mwan3track $1 $2 $reliability $count $timeout $interval $down $up $track_ips &
+ fi
+}
+
+mwan3_set_policy()
+{
+ local iface_count id iface family metric probability weight
+
+ config_get iface $1 interface
+ config_get metric $1 metric 1
+ config_get weight $1 weight 1
+
+ [ -n "$iface" ] || return 0
+
+ mwan3_get_iface_id id $iface
+
+ [ -n "$id" ] || return 0
+
+ config_get family $iface family ipv4
+
+ if [ "$family" == "ipv4" ]; then
+
+ if [ -n "$($IP4 route list table $id)" ]; then
+ if [ "$metric" -lt "$lowest_metric_v4" ]; then
+
+ total_weight_v4=$weight
+ $IPT4 -F mwan3_policy_$policy
+ $IPT4 -A mwan3_policy_$policy -m mark --mark 0x0/0xff00 -m comment --comment "$iface $weight $weight" -j MARK --set-xmark $(($id*256))/0xff00
+
+ lowest_metric_v4=$metric
+
+ elif [ "$metric" -eq "$lowest_metric_v4" ]; then
+
+ total_weight_v4=$(($total_weight_v4+$weight))
+ probability=$(($weight*1000/$total_weight_v4))
+
+ if [ "$probability" -lt 10 ]; then
+ probability="0.00$probability"
+ elif [ $probability -lt 100 ]; then
+ probability="0.0$probability"
+ elif [ $probability -lt 1000 ]; then
+ probability="0.$probability"
+ else
+ probability="1"
+ fi
+
+ probability="-m statistic --mode random --probability $probability"
+
+ $IPT4 -I mwan3_policy_$policy -m mark --mark 0x0/0xff00 $probability -m comment --comment "$iface $weight $total_weight_v4" -j MARK --set-xmark $(($id*256))/0xff00
+ fi
+ fi
+ fi
+
+ if [ "$family" == "ipv6" ]; then
+
+ if [ -n "$($IP6 route list table $id)" ]; then
+ if [ "$metric" -lt "$lowest_metric_v6" ]; then
+
+ total_weight_v6=$weight
+ $IPT6 -F mwan3_policy_$policy
+ $IPT6 -A mwan3_policy_$policy -m mark --mark 0x0/0xff00 -m comment --comment "$iface $weight $weight" -j MARK --set-xmark $(($id*256))/0xff00
+
+ lowest_metric_v6=$metric
+
+ elif [ "$metric" -eq "$lowest_metric_v6" ]; then
+
+ total_weight_v6=$(($total_weight_v6+$weight))
+ probability=$(($weight*1000/$total_weight_v6))
+
+ if [ "$probability" -lt 10 ]; then
+ probability="0.00$probability"
+ elif [ $probability -lt 100 ]; then
+ probability="0.0$probability"
+ elif [ $probability -lt 1000 ]; then
+ probability="0.$probability"
+ else
+ probability="1"
+ fi
+
+ probability="-m statistic --mode random --probability $probability"
+
+ $IPT6 -I mwan3_policy_$policy -m mark --mark 0x0/0xff00 $probability -m comment --comment "$iface $weight $total_weight_v6" -j MARK --set-xmark $(($id*256))/0xff00
+ fi
+ fi
+ fi
+}
+
+mwan3_create_policies_iptables()
+{
+ local last_resort lowest_metric_v4 lowest_metric_v6 total_weight_v4 total_weight_v6 policy IPT
+
+ policy="$1"
+
+ config_get last_resort $1 last_resort unreachable
+
+ if [ "$1" != $(echo "$1" | cut -c1-15) ]; then
+ $LOG warn "Policy $1 exceeds max of 15 chars. Not setting policy" && return 0
+ fi
+
+ for IPT in "$IPT4" "$IPT6"; do
+
+ if ! $IPT -S mwan3_policy_$1 &> /dev/null; then
+ $IPT -N mwan3_policy_$1
+ fi
+
+ $IPT -F mwan3_policy_$1
+
+ case "$last_resort" in
+ blackhole)
+ $IPT -A mwan3_policy_$1 -m mark --mark 0x0/0xff00 -m comment --comment "blackhole" -j MARK --set-xmark 0xfd00/0xff00
+ ;;
+ default)
+ $IPT -A mwan3_policy_$1 -m mark --mark 0x0/0xff00 -m comment --comment "default" -j MARK --set-xmark 0xff00/0xff00
+ ;;
+ *)
+ $IPT -A mwan3_policy_$1 -m mark --mark 0x0/0xff00 -m comment --comment "unreachable" -j MARK --set-xmark 0xfe00/0xff00
+ ;;
+ esac
+ done
+
+ lowest_metric_v4=256
+ total_weight_v4=0
+
+ lowest_metric_v6=256
+ total_weight_v6=0
+
+ config_list_foreach $1 use_member mwan3_set_policy
+}
+
+mwan3_set_sticky_iptables()
+{
+ local id
+
+ mwan3_get_iface_id id $1
+
+ [ -n "$id" ] || return 0
+
+ $IPS -! create mwan3_sticky_v4_$rule hash:ip,mark markmask 0xff00 timeout $timeout
+ $IPS -! create mwan3_sticky_v6_$rule hash:ip,mark markmask 0xff00 timeout $timeout family inet6
+ $IPS -! create mwan3_sticky_$rule list:set
+ $IPS -! add mwan3_sticky_$rule mwan3_sticky_v4_$rule
+ $IPS -! add mwan3_sticky_$rule mwan3_sticky_v6_$rule
+
+ for IPT in "$IPT4" "$IPT6"; do
+ if [ -n "$($IPT -S mwan3_iface_$1 2> /dev/null)" ]; then
+ $IPT -I mwan3_rule_$rule -m set ! --match-set mwan3_sticky_$rule src,src -j MARK --set-xmark 0x0/0xff00
+ $IPT -I mwan3_rule_$rule -m mark --mark 0/0xff00 -j MARK --set-xmark $(($id*256))/0xff00
+ fi
+ done
+}
+
+mwan3_set_user_iptables_rule()
+{
+ local ipset family proto policy src_ip src_port sticky dest_ip dest_port use_policy timeout rule policy IPT
+
+ rule="$1"
+
+ config_get sticky $1 sticky 0
+ config_get timeout $1 timeout 600
+ config_get ipset $1 ipset
+ config_get proto $1 proto all
+ config_get src_ip $1 src_ip 0.0.0.0/0
+ config_get src_port $1 src_port 0:65535
+ config_get dest_ip $1 dest_ip 0.0.0.0/0
+ config_get dest_port $1 dest_port 0:65535
+ config_get use_policy $1 use_policy
+ config_get family $1 family any
+
+ if [ "$1" != $(echo "$1" | cut -c1-15) ]; then
+ $LOG warn "Rule $1 exceeds max of 15 chars. Not setting rule" && return 0
+ fi
+
+ if [ -n "$ipset" ]; then
+ if [ -z "$($IPS -n list $ipset 2> /dev/null)" ]; then
+ $IPS create $ipset list:set
+ $IPS create v4_$ipset hash:ip timeout 3600
+ $IPS create v6_$ipset hash:ip timeout 3600 family inet6
+ $IPS add $ipset v4_$ipset
+ $IPS add $ipset v6_$ipset
+ fi
+
+ ipset="-m set --match-set $ipset dst"
+ fi
+
+ if [ -n "$use_policy" ]; then
+ if [ "$use_policy" == "default" ]; then
+ policy="MARK --set-xmark 0xff00/0xff00"
+ elif [ "$use_policy" == "unreachable" ]; then
+ policy="MARK --set-xmark 0xfe00/0xff00"
+ elif [ "$use_policy" == "blackhole" ]; then
+ policy="MARK --set-xmark 0xfd00/0xff00"
+ else
+ if [ "$sticky" -eq 1 ]; then
+
+ policy="mwan3_policy_$use_policy"
+
+ config_foreach mwan3_set_sticky_iptables interface
+
+ for IPT in "$IPT4" "$IPT6"; do
+ if ! $IPT -S $policy &> /dev/null; then
+ $IPT -N $policy
+ fi
+
+ if ! $IPT -S mwan3_rule_$1 &> /dev/null; then
+ $IPT -N mwan3_rule_$1
+ fi
+
+ $IPT -F mwan3_rule_$1
+
+ $IPT -A mwan3_rule_$1 -m mark --mark 0/0xff00 -j $policy
+ $IPT -A mwan3_rule_$1 -m mark ! --mark 0xfc00/0xfc00 -j SET --del-set mwan3_sticky_$rule src,src
+ $IPT -A mwan3_rule_$1 -m mark ! --mark 0xfc00/0xfc00 -j SET --add-set mwan3_sticky_$rule src,src
+ done
+
+ policy="mwan3_rule_$1"
+ else
+ policy="mwan3_policy_$use_policy"
+
+ for IPT in "$IPT4" "$IPT6"; do
+ if ! $IPT -S $policy &> /dev/null; then
+ $IPT -N $policy
+ fi
+ done
+
+ fi
+ fi
+
+ if [ "$family" == "any" ]; then
+
+ for IPT in "$IPT4" "$IPT6"; do
+ case $proto in
+ tcp|udp)
+ $IPT -A mwan3_rules -p $proto -s $src_ip -d $dest_ip $ipset -m multiport --sports $src_port -m multiport --dports $dest_port -m mark --mark 0/0xff00 -m comment --comment "$1" -j $policy &> /dev/null
+ ;;
+ *)
+ $IPT -A mwan3_rules -p $proto -s $src_ip -d $dest_ip $ipset -m mark --mark 0/0xff00 -m comment --comment "$1" -j $policy &> /dev/null
+ ;;
+ esac
+ done
+
+ elif [ "$family" == "ipv4" ]; then
+
+ case $proto in
+ tcp|udp)
+ $IPT4 -A mwan3_rules -p $proto -s $src_ip -d $dest_ip $ipset -m multiport --sports $src_port -m multiport --dports $dest_port -m mark --mark 0/0xff00 -m comment --comment "$1" -j $policy &> /dev/null
+ ;;
+ *)
+ $IPT4 -A mwan3_rules -p $proto -s $src_ip -d $dest_ip $ipset -m mark --mark 0/0xff00 -m comment --comment "$1" -j $policy &> /dev/null
+ ;;
+ esac
+
+ elif [ "$family" == "ipv6" ]; then
+
+ case $proto in
+ tcp|udp)
+ $IPT6 -A mwan3_rules -p $proto -s $src_ip -d $dest_ip $ipset -m multiport --sports $src_port -m multiport --dports $dest_port -m mark --mark 0/0xff00 -m comment --comment "$1" -j $policy &> /dev/null
+ ;;
+ *)
+ $IPT6 -A mwan3_rules -p $proto -s $src_ip -d $dest_ip $ipset -m mark --mark 0/0xff00 -m comment --comment "$1" -j $policy &> /dev/null
+ ;;
+ esac
+ fi
+ fi
+}
+
+mwan3_set_user_rules()
+{
+ local IPT
+
+ for IPT in "$IPT4" "$IPT6"; do
+
+ if ! $IPT -S mwan3_rules &> /dev/null; then
+ $IPT -N mwan3_rules
+ fi
+
+ $IPT -F mwan3_rules
+ done
+
+ config_foreach mwan3_set_user_iptables_rule rule
+}
+
+mwan3_report_iface_status()
+{
+ local device result track_ips tracking IP IPT
+
+ mwan3_get_iface_id id $1
+ network_get_device device $1
+ config_get enabled "$1" enabled 0
+ config_get family "$1" family ipv4
+
+ if [ "$family" == "ipv4" ]; then
+ IP="$IP4"
+ IPT="$IPT4"
+ fi
+
+ if [ "$family" == "ipv6" ]; then
+ IP="$IP6"
+ IPT="$IPT6"
+ fi
+
+ if [ -z "$id" -o -z "$device" ]; then
+ result="unknown"
+ elif [ -n "$($IP rule | awk '$1 == "'$(($id+1000)):'"')"i -a -n "$($IP rule | awk '$1 == "'$(($id+2000)):'"')" -a -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" -a -n "$($IPT -S mwan3_iface_out_$1 2> /dev/null)" -a -n "$($IP route list table $id default dev $device 2> /dev/null)" ]; then
+ result="online"
+ elif [ -n "$($IP rule | awk '$1 == "'$(($id+1000)):'"')" -o -n "$($IP rule | awk '$1 == "'$(($id+2000)):'"')" -o -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" -o -n "$($IPT -S mwan3_iface_out_$1 2> /dev/null)" -o -n "$($IP route list table $id default dev $device 2> /dev/null)" ]; then
+ result="error"
+ else
+ if [ "$enabled" == "1" ]; then
+ result="offline"
+ else
+ result="disabled"
+ fi
+ fi
+
+ mwan3_list_track_ips()
+ {
+ track_ips="$1 $track_ips"
+ }
+ config_list_foreach $1 track_ip mwan3_list_track_ips
+
+ if [ -n "$track_ips" ]; then
+ if [ -n "$(ps -w | grep mwan3track | grep -v grep | sed '/.*\/usr\/sbin\/mwan3track \([^ ]*\) .*$/!d;s//\1/' | awk '$1 == "'$1'"')" ]; then
+ tracking="active"
+ else
+ tracking="down"
+ fi
+ else
+ tracking="not enabled"
+ fi
+
+ echo " interface $1 is $result and tracking is $tracking"
+}
+
+mwan3_report_policies_v4()
+{
+ local percent policy share total_weight weight iface
+
+ for policy in $($IPT4 -S | awk '{print $2}' | grep mwan3_policy_ | sort -u); do
+ echo "$policy:" | sed 's/mwan3_policy_//'
+
+ [ -n "$total_weight" ] || total_weight=$($IPT4 -S $policy | cut -s -d'"' -f2 | head -1 | awk '{print $3}')
+
+ if [ ! -z "${total_weight##*[!0-9]*}" ]; then
+ for iface in $($IPT4 -S $policy | cut -s -d'"' -f2 | awk '{print $1}'); do
+ weight=$($IPT4 -S $policy | cut -s -d'"' -f2 | awk '$1 == "'$iface'"' | awk '{print $2}')
+ percent=$(($weight*100/$total_weight))
+ echo " $iface ($percent%)"
+ done
+ else
+ echo " $($IPT4 -S $policy | sed '/.*--comment \([^ ]*\) .*$/!d;s//\1/;q')"
+ fi
+
+ unset total_weight
+
+ echo -e
+ done
+}
+
+mwan3_report_policies_v6()
+{
+ local percent policy share total_weight weight iface
+
+ for policy in $($IPT6 -S | awk '{print $2}' | grep mwan3_policy_ | sort -u); do
+ echo "$policy:" | sed 's/mwan3_policy_//'
+
+ [ -n "$total_weight" ] || total_weight=$($IPT6 -S $policy | cut -s -d'"' -f2 | head -1 | awk '{print $3}')
+
+ if [ ! -z "${total_weight##*[!0-9]*}" ]; then
+ for iface in $($IPT6 -S $policy | cut -s -d'"' -f2 | awk '{print $1}'); do
+ weight=$($IPT6 -S $policy | cut -s -d'"' -f2 | awk '$1 == "'$iface'"' | awk '{print $2}')
+ percent=$(($weight*100/$total_weight))
+ echo " $iface ($percent%)"
+ done
+ else
+ echo " $($IPT6 -S $policy | sed '/.*--comment \([^ ]*\) .*$/!d;s//\1/;q')"
+ fi
+
+ unset total_weight
+
+ echo -e
+ done
+}
+
+mwan3_report_connected_v4()
+{
+ local address
+
+ if [ -n "$($IPT4 -S mwan3_connected 2> /dev/null)" ]; then
+ for address in $($IPS list mwan3_connected_v4 | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}'); do
+ echo " $address"
+ done
+ fi
+}
+
+mwan3_report_connected_v6()
+{
+ local address
+
+ if [ -n "$($IPT6 -S mwan3_connected 2> /dev/null)" ]; then
+ for address in $($IPS list mwan3_connected_v6 | egrep '([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])'); do
+ echo " $address"
+ done
+ fi
+}
+
+mwan3_report_rules_v4()
+{
+ if [ -n "$($IPT4 -S mwan3_rules 2> /dev/null)" ]; then
+ $IPT4 -L mwan3_rules -n -v 2> /dev/null | tail -n+3 | sed 's/mark.*//' | sed 's/mwan3_policy_/- /' | sed 's/mwan3_rule_/S /'
+ fi
+}
+
+mwan3_report_rules_v6()
+{
+ if [ -n "$($IPT6 -S mwan3_rules 2> /dev/null)" ]; then
+ $IPT6 -L mwan3_rules -n -v 2> /dev/null | tail -n+3 | sed 's/mark.*//' | sed 's/mwan3_policy_/- /' | sed 's/mwan3_rule_/S /'
+ fi
+}
#!/bin/sh
-if [ -x /usr/sbin/ip ]; then
- IP="/usr/sbin/ip -4"
-elif [ -x /usr/bin/ip ]; then
- IP="/usr/bin/ip -4"
-else
- exit 1
-fi
-
-if [ -x /usr/sbin/ipset ]; then
- IPS="/usr/sbin/ipset"
-else
- exit 1
-fi
-
-if [ -x /usr/sbin/iptables ]; then
- IPT="/usr/sbin/iptables -t mangle -w"
-else
- exit 1
-fi
+[ -x /usr/bin/ip ] || exit 4
+[ -x /usr/sbin/ipset ] || exit 5
+[ -x /usr/sbin/iptables ] || exit 6
+[ -x /usr/sbin/ip6tables ] || exit 7
+[ -x /usr/bin/logger ] || exit 8
. /lib/functions.sh
+. /lib/functions/network.sh
+. /lib/mwan3/mwan3.sh
help()
{
ifup <iface> Load rules and routes for specific interface
ifdown <iface> Unload rules and routes for specific interface
interfaces Show interfaces status
- policies Show policies status
- rules Show rules status
+ policies Show currently active policy
+ connected Show directly connected networks
+ rules Show active rules
status Show all status
EOF
echo "Error: Too many arguments. Usage: mwan3 ifdown <interface>" && exit 0
fi
+ ACTION=ifdown INTERFACE=$1 /sbin/hotplug-call iface
+
if [ -e /var/run/mwan3track-$1.pid ] ; then
kill $(cat /var/run/mwan3track-$1.pid)
rm /var/run/mwan3track-$1.pid
fi
-
- ACTION=ifdown INTERFACE=$1 /sbin/hotplug-call iface
}
ifup()
interfaces()
{
- local device enabled iface_id tracking
-
config_load mwan3
echo "Interface status:"
-
- check_iface_status()
- {
- let iface_id++
- device=$(uci -p /var/state get network.$1.ifname) &> /dev/null
-
- if [ -z "$device" ]; then
- echo " interface $1 is unknown"
- return 0
- fi
-
- config_get enabled "$1" enabled 0
-
- if [ -n "$(ps -w | grep mwan3track | grep -v grep | sed '/.*\/usr\/sbin\/mwan3track \([^ ]*\) .*$/!d;s//\1/' | awk '$1 == "'$1'"')" ]; then
- tracking="active"
- else
- tracking="down"
- fi
-
- if [ -n "$($IP rule | awk '$5 == "'$device'"')" -a -n "$($IPT -S mwan3_iface_$1 2> /dev/null)" -a -n "$($IP route list table $iface_id default dev $device 2> /dev/null)" ]; then
- if [ -n "$(uci -p /var/state get mwan3.$1.track_ip 2> /dev/null)" ]; then
- echo " interface $1 is online (tracking $tracking)"
- else
- echo " interface $1 is online"
- fi
- elif [ -n "$($IP rule | awk '$5 == "'$device'"')" -o -n "$($IPT -S mwan3_iface_$1 2> /dev/null)" -o -n "$($IP route list table $iface_id default dev $device 2> /dev/null)" ]; then
- echo " interface $1 error"
- else
- if [ "$enabled" -eq 1 ]; then
- if [ -n "$(uci -p /var/state get mwan3.$1.track_ip 2> /dev/null)" ]; then
- echo " interface $1 is offline (tracking $tracking)"
- else
- echo " interface $1 is offline"
- fi
- else
- echo " interface $1 is disabled"
- fi
- fi
- }
- config_foreach check_iface_status interface
+ config_foreach mwan3_report_iface_status interface
echo -e
}
policies()
{
- local percent policy share total_weight weight iface
-
- for policy in $($IPT -S | awk '{print $2}' | grep mwan3_policy_ | sort -u); do
- echo "Policy $policy:" | sed 's/mwan3_policy_//'
-
- [ -n "$total_weight" ] || total_weight=$($IPT -S $policy | cut -s -d'"' -f2 | head -1 | awk '{print $3}')
-
- if [ ! -z "${total_weight##*[!0-9]*}" ]; then
- for iface in $($IPT -S $policy | cut -s -d'"' -f2 | awk '{print $1}'); do
- weight=$($IPT -S $policy | cut -s -d'"' -f2 | awk '$1 == "'$iface'"' | awk '{print $2}')
- percent=$(($weight*100/$total_weight))
- echo " $iface ($percent%)"
- done
- else
- echo " $($IPT -S $policy | sed '/.*--comment \([^ ]*\) .*$/!d;s//\1/;q')"
- fi
-
- echo -e
+ echo "Current ipv4 policies:"
+ mwan3_report_policies_v4
+ echo "Current ipv6 policies:"
+ mwan3_report_policies_v6
+}
- unset iface
- unset total_weight
- done
+connected()
+{
+ echo "Directly connected ipv4 networks:"
+ mwan3_report_connected_v4
+ echo -e
+ echo "Directly connected ipv6 networks:"
+ mwan3_report_connected_v6
+ echo -e
}
+
rules()
{
- local address
-
- if [ -n "$($IPT -S mwan3_connected 2> /dev/null)" ]; then
- echo "Known networks:"
- for address in $($IPS list mwan3_connected | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}'); do
- echo " $address"
- done
- echo -e
- fi
-
- if [ -n "$($IPT -S mwan3_rules 2> /dev/null)" ]; then
- echo "Active rules:"
- $IPT -L mwan3_rules -n -v 2> /dev/null | tail -n+3 | sed 's/mark.*//' | sed 's/mwan3_policy_/- /' | sed 's/mwan3_rule_/S /'
- echo -e
- fi
+ echo "Active ipv4 user rules:"
+ mwan3_report_rules_v4
+ echo -e
+ echo "Active ipv6 user rules:"
+ mwan3_report_rules_v6
+ echo -e
}
status()
{
interfaces
policies
+ connected
rules
}
stop()
{
- local ipset route rule table
+ local ipset route rule table IP IPT
killall mwan3track &> /dev/null
rm /var/run/mwan3track-* &> /dev/null
- for route in $($IP route list table all | sed 's/.*table \([^ ]*\) .*/\1/' | awk '{print $1}' | awk '{for(i=1;i<=NF;i++) if($i+0>0) if($i+0<255) {print;break}}'); do
- $IP route flush table $route &> /dev/null
- done
+ for IP in "$IP4" "$IP6"; do
- for rule in $($IP rule list | egrep '^[1-2][0-9]{3}\:' | cut -d ':' -f 1); do
- $IP rule del pref $rule &> /dev/null
+ for route in $($IP route list table all | sed 's/.*table \([^ ]*\) .*/\1/' | awk '{print $1}' | awk '{for(i=1;i<=NF;i++) if($i+0>0) if($i+0<255) {print;break}}'); do
+ $IP route flush table $route &> /dev/null
+ done
+
+ for rule in $($IP rule list | egrep '^[1-2][0-9]{3}\:' | cut -d ':' -f 1); do
+ $IP rule del pref $rule &> /dev/null
+ done
done
- $IPT -D PREROUTING -j mwan3_hook &> /dev/null
- $IPT -D OUTPUT -j mwan3_hook &> /dev/null
+ for IPT in "$IPT4" "$IPT6"; do
- for table in $($IPT -S | awk '{print $2}' | grep mwan3 | sort -u); do
- $IPT -F $table &> /dev/null
- done
+ $IPT -D PREROUTING -j mwan3_hook &> /dev/null
+ $IPT -D OUTPUT -j mwan3_hook &> /dev/null
- for table in $($IPT -S | awk '{print $2}' | grep mwan3 | sort -u); do
- $IPT -X $table &> /dev/null
+ for table in $($IPT -S | awk '{print $2}' | grep mwan3 | sort -u); do
+ $IPT -F $table &> /dev/null
+ done
+
+ for table in $($IPT -S | awk '{print $2}' | grep mwan3 | sort -u); do
+ $IPT -X $table &> /dev/null
+ done
done
- for ipset in $(ipset -n list | grep mwan3); do
+ for ipset in $($IPS -n list | sort | grep mwan3); do
$IPS destroy $ipset
done
}
}
case "$1" in
- ifup|ifdown|interfaces|policies|rules|status|start|stop|restart)
+ ifup|ifdown|interfaces|policies|connected|rules|status|start|stop|restart)
$*
;;
*)
while true; do
for track_ip in $track_ips; do
- ping -I $2 -c $4 -W $5 -s 4 -q $track_ip &> /dev/null
+ ping -I $2 -c $4 -W $5 -q $track_ip &> /dev/null
if [ $? -eq 0 ]; then
let host_up_count++
else
echo "access $group $context $version $level $prefix $read $write $notify" >> $CONFIGFILE
}
+snmpd_trap_hostname_add() {
+ local cfg="$1"
+ config_get hostname "$cfg" HostName
+ config_get port "$cfg" Port
+ config_get community "$cfg" Community
+ config_get type "$cfg" Type
+ echo "$type $hostname $community $port" >> $CONFIGFILE
+}
+
+snmpd_trap_ip_add() {
+ local cfg="$1"
+ config_get host_ip "$cfg" HostIP
+ config_get port "$cfg" Port
+ config_get community "$cfg" Community
+ config_get type "$cfg" Type
+ echo "$type $host_ip $community $port" >> $CONFIGFILE
+}
+
+snmpd_access_default_add() {
+ local cfg="$1"
+ config_get mode "$cfg" Mode
+ config_get community "$cfg" CommunityName
+ config_get oidrestrict "$cfg" RestrictOID
+ config_get oid "$cfg" RestrictedOID
+ echo -n "$mode $community default" >> $CONFIGFILE
+ [ "$oidrestrict" == "yes" ] && echo " $oid" >> $CONFIGFILE
+ [ "$oidrestrict" == "no" ] && echo "" >> $CONFIGFILE
+}
+
+snmpd_access_HostName_add() {
+ local cfg="$1"
+ config_get hostname "$cfg" HostName
+ config_get mode "$cfg" Mode
+ config_get community "$cfg" CommunityName
+ config_get oidrestrict "$cfg" RestrictOID
+ config_get oid "$cfg" RestrictedOID
+ echo -n "$mode $community $hostname" >> $CONFIGFILE
+ [ "$oidrestrict" == "yes" ] && echo " $oid" >> $CONFIGFILE
+ [ "$oidrestrict" == "no" ] && echo "" >> $CONFIGFILE
+}
+
+snmpd_access_HostIP_add() {
+ local cfg="$1"
+ config_get host_ip "$cfg" HostIP
+ config_get ip_mask "$cfg" IPMask
+ config_get mode "$cfg" Mode
+ config_get community "$cfg" CommunityName
+ config_get oidrestrict "$cfg" RestrictOID
+ config_get oid "$cfg" RestrictedOID
+ echo -n "$mode $community $host_ip/$ip_mask" >> $CONFIGFILE
+ [ "$oidrestrict" == "yes" ] && echo " $oid" >> $CONFIGFILE
+ [ "$oidrestrict" == "no" ] && echo "" >> $CONFIGFILE
+}
+
snmpd_pass_add() {
local cfg="$1"
local pass='pass'
config_foreach snmpd_group_add group
config_foreach snmpd_view_add view
config_foreach snmpd_access_add access
+ config_foreach snmpd_trap_hostname_add trap_HostName
+ config_foreach snmpd_trap_ip_add trap_HostIP
+ config_foreach snmpd_access_default_add access_default
+ config_foreach snmpd_access_HostName_add access_HostName
+ config_foreach snmpd_access_HostIP_add access_HostIP
config_foreach snmpd_pass_add pass
config_foreach snmpd_exec_add exec
config_foreach snmpd_disk_add disk
stop_service() {
[ -f "$CONFIGFILE" ] && rm -f "$CONFIGFILE"
}
+
+service_triggers(){
+ procd_add_reload_trigger 'snmpd'
+}
#
-# Copyright (C) 2006-2014 OpenWrt.org
+# Copyright (C) 2006-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(TOPDIR)/rules.mk
PKG_NAME:=nmap
-PKG_VERSION:=6.47
-PKG_RELEASE:=2
+PKG_VERSION:=7.00
+PKG_RELEASE:=1
PKG_MAINTAINER=Nuno Goncalves <nunojpg@gmail.com>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=http://nmap.org/dist/
-PKG_MD5SUM:=edfe81f6763223c0a29bfa15a8526e2a
+PKG_MD5SUM:=6cdf5d03cc3294b99d69dfca83f2f2ee
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=COPYING
include $(TOPDIR)/rules.mk
PKG_NAME:=ntp
-PKG_VERSION:=4.2.8p2
-PKG_RELEASE:=3
+PKG_VERSION:=4.2.8p4
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/
-PKG_MD5SUM:=fa37049383316322d060ec9061ac23a9
+PKG_MD5SUM:=6af96862b09324a8ef965ca76b759c8b
PKG_LICENSE:=Unique
PKG_LICENSE_FILES:=COPYRIGHT html/copyright.html
define Package/ntp-utils
$(call Package/ntpd/Default)
TITLE+= utilities
+ DEPENDS+= +libcap
endef
define Package/ntp-utils/description
define Package/ntp-keygen
$(call Package/ntpd/Default)
TITLE+=keygen
+ DEPENDS+= +libcap +libevent2-core
endef
define Package/ntp-keygen/description
include $(TOPDIR)/rules.mk
PKG_NAME:=ocserv
-PKG_VERSION:=0.10.9
-PKG_RELEASE:=2
+PKG_VERSION:=0.10.10
+PKG_RELEASE:=3
PKG_USE_MIPS16:=0
PKG_BUILD_DIR :=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=ftp://ftp.infradead.org/pub/ocserv/
-PKG_MD5SUM:=74834c59aa96beaa222c21ee6521adb2
+PKG_MD5SUM:=1f73ccb66d36cd51279323e95ae99e68
PKG_LICENSE:=GPLv2
PKG_LICENSE_FILES:=COPYING
EXTRA_LDFLAGS+=-lncurses
CONFIGURE_ARGS+= \
+ --with-pager="" \
--enable-local-libopts \
--with-libreadline-prefix="$(STAGING_DIR)/" \
--without-libnl \
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ocserv $(1)/usr/sbin/
$(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ocserv-fw $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ocpasswd $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/occtl $(1)/usr/bin/
$(INSTALL_DIR) $(1)/etc/init.d
-----------------------------------------------------------------
```
+Setting up split-dns
+====================
+
+To allow the clients to resolv with the local domain add the following
+to the ocserv configuration file.
+
+```
+----/etc/config/ocserv-------------------------------------------
+config ocserv 'config'
+ option split_dns '1'
+ option default_domain 'mydomain'
+```
+
+The ```default_domain``` is optional and if not set, it will be autodetected
+from dnsmasq's configuration.
+
Setting up the firewall
=======================
# The domains over which the provided DNS should be used. Use
# multiple lines for multiple domains.
-#split-dns = example.com
+|ENABLE_SPLIT_DNS|split-dns = |DEFAULT_DOMAIN|
# Prior to leasing any IP from the pool ping it to verify that
# it is not in use by another (unrelated to this server) host.
# The following example is from linux systems. %{R} should be something
# like 192.168.2.0/24
-route-add-cmd = "/sbin/route add -net %{R} dev %{D}"
-route-del-cmd = "/sbin/route del -net %{R} dev %{D}"
+#route-add-cmd = "/usr/sbin/ip route add %{R} dev %{D}"
+#route-del-cmd = "/usr/sbin/ip route delete %{R} dev %{D}"
+
+route-add-cmd = "/sbin/route add -net %{RI} dev %{D}"
+route-del-cmd = "/sbin/route del -net %{RI} dev %{D}"
# This option allows to forward a proxy. The special strings '%{U}'
# and '%{G}', if present will be replaced by the username and group name.
# Option to allow sending arbitrary custom headers to the client after
# authentication and prior to VPN tunnel establishment.
#custom-header = "X-My-Header: hi there"
+
+expose-iroutes = true
config_get ip6addr $1 ip6addr ""
config_get proxy_arp $1 proxy_arp "0"
config_get ping_leases $1 ping_leases "0"
+ config_get split_dns $1 split_dns "0"
config_get default_domain $1 default_domain ""
# Enable proxy arp, and make sure that ping leases is set to true in that case,
enable_default_domain="#"
enable_udp="#"
enable_compression="#"
+ enable_split_dns="#"
test $predictable_ips = "0" && predictable_ips="false"
test $predictable_ips = "1" && predictable_ips="true"
test $cisco_compat = "0" && cisco_compat="false"
test $ping_leases = "0" && ping_leases="false"
test $ping_leases = "1" && ping_leases="true"
test $udp = "1" && enable_udp=""
+ test $split_dns = "1" && enable_split_dns=""
test $compression = "1" && enable_compression=""
- test -z $default_domain && enable_default_domain=""
+
+ test -z $default_domain && default_domain=$(uci get dhcp.@dnsmasq[0].domain)
+ test -n $default_domain && enable_default_domain=""
test -z $ip6addr && enable_ipv6="#"
test $auth = "plain" && authsuffix="\[passwd=/var/etc/ocpasswd\]"
-e "s/|PREDICTABLE_IPS|/$predictable_ips/g" \
-e "s/|DEFAULT_DOMAIN|/$default_domain/g" \
-e "s/|ENABLE_DEFAULT_DOMAIN|/$enable_default_domain/g" \
+ -e "s/|ENABLE_SPLIT_DNS|/$enable_split_dns/g" \
-e "s/|CISCO_COMPAT|/$cisco_compat/g" \
-e "s/|PING_LEASES|/$ping_leases/g" \
-e "s/|UDP|/$enable_udp/g" \
--- /dev/null
+#
+# Copyright (C) 2015 Bruno Randolf (br1@einfach.org)
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=pingcheck
+PKG_VERSION:=0.1
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE_URL:=https://github.com/br101/pingcheck.git
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_VERSION:=0f099998782f550e2abebdc65bcc3e969b798769
+
+PKG_MAINTAINER:=Bruno Randolf <br1@einfach.org>
+PKG_LICENSE:=GPL-2.0+
+PKG_LICENSE_FILES:=LICENSE
+
+PKG_BUILD_PARALLEL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/pingcheck
+ SECTION:=net
+ CATEGORY:=Network
+ DEPENDS:=+libubus +libuci
+ MAINTAINER:=Bruno Randolf <br1@einfach.org>
+ TITLE:=Check Internet and interface connectivity
+endef
+
+define Package/pingcheck/description
+Checks by using "ping" (ICMP echo) wether a configured host (normally on the
+internet) can be reached via a specific interface. Then makes this information
+available via ubus and triggers "online" and "offline" scripts.
+endef
+
+define Package/pingcheck/conffiles
+/etc/config/pingcheck
+endef
+
+define Package/pingcheck/install
+ $(INSTALL_DIR) $(1)/usr/sbin
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/pingcheck $(1)/usr/sbin/
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) ./pingcheck.init $(1)/etc/init.d/pingcheck
+ $(INSTALL_DIR) $(1)/etc/config
+ $(INSTALL_DATA) $(PKG_BUILD_DIR)/pingcheck.config $(1)/etc/config/pingcheck
+endef
+
+$(eval $(call BuildPackage,pingcheck))
--- /dev/null
+#!/bin/sh /etc/rc.common
+
+START=99
+
+USE_PROCD=1
+PROG=/usr/sbin/pingcheck
+CONFFILE=/etc/config/pingcheck
+
+start_service() {
+ procd_open_instance
+ procd_set_param command $PROG
+ procd_set_param file $CONFFILE
+ procd_set_param respawn
+ procd_close_instance
+}
include $(TOPDIR)/rules.mk
PKG_NAME:=redsocks
-PKG_VERSION:=0.4
+PKG_VERSION:=0.4-20150907
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_PROTO:=git
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE_URL:=https://github.com/darkk/redsocks.git
-PKG_SOURCE_VERSION:=release-0.4
+PKG_SOURCE_VERSION:=2118c616b4970a0436eceaa57a6e3451ec98ad2b
PKG_MAINTAINER:=Johannes Morgenroth <jm@m-network.de>
PKG_LICENSE:=Apache-2.0
+++ /dev/null
-From 290f19972e9f7b74f818ae211cb535e32f1f314f Mon Sep 17 00:00:00 2001
-From: Leonid Evdokimov <leon@darkk.net.ru>
-Date: Tue, 10 Apr 2012 00:57:26 +0400
-Subject: [PATCH 01/12] Fix bug in DNS resolution - results were ignored (since
- 8179a1ff).
-
----
- parser.c | 10 +++++-----
- 1 file changed, 5 insertions(+), 5 deletions(-)
-
-diff --git a/parser.c b/parser.c
-index 85d3533..6198828 100644
---- a/parser.c
-+++ b/parser.c
-@@ -295,22 +295,22 @@ static int vp_in_addr(parser_context *context, void *addr, const char *token)
- memcpy(addr, &ia, sizeof(ia));
- }
- else {
-- struct addrinfo *addr, hints;
-+ struct addrinfo *ainfo, hints;
- int err;
- memset(&hints, 0, sizeof(hints));
- hints.ai_family = AF_INET; /* IPv4-only */
- hints.ai_socktype = SOCK_STREAM; /* I want to have one address once and ONLY once, that's why I specify socktype and protocol */
- hints.ai_protocol = IPPROTO_TCP;
- hints.ai_flags = AI_ADDRCONFIG; /* I don't need IPv4 addrs without IPv4 connectivity */
-- err = getaddrinfo(token, NULL, &hints, &addr);
-+ err = getaddrinfo(token, NULL, &hints, &ainfo);
- if (err == 0) {
- int count, taken;
- struct addrinfo *iter;
- struct sockaddr_in *resolved_addr;
-- for (iter = addr, count = 0; iter; iter = iter->ai_next, ++count)
-+ for (iter = ainfo, count = 0; iter; iter = iter->ai_next, ++count)
- ;
- taken = rand() % count;
-- for (iter = addr; taken > 0; iter = iter->ai_next, --taken)
-+ for (iter = ainfo; taken > 0; iter = iter->ai_next, --taken)
- ;
- resolved_addr = (struct sockaddr_in*)iter->ai_addr;
- assert(resolved_addr->sin_family == iter->ai_family && iter->ai_family == AF_INET);
-@@ -318,7 +318,7 @@ static int vp_in_addr(parser_context *context, void *addr, const char *token)
- log_error(LOG_WARNING, "%s resolves to %d addresses, using %s",
- token, count, inet_ntoa(resolved_addr->sin_addr));
- memcpy(addr, &resolved_addr->sin_addr, sizeof(ia));
-- freeaddrinfo(addr);
-+ freeaddrinfo(ainfo);
- }
- else {
- if (err == EAI_SYSTEM)
---
-1.9.1
-
+++ /dev/null
-From 6015b3a6f26e04dd5d78cd6c1320886fc9035612 Mon Sep 17 00:00:00 2001
-From: Leonid Evdokimov <leon@darkk.net.ru>
-Date: Tue, 10 Apr 2012 01:37:34 +0400
-Subject: [PATCH 02/12] inet_ntop -> red_inet_ntop
-
----
- redsocks.c | 13 ++++---------
- redudp.c | 19 +++++++++++--------
- utils.c | 37 +++++++++++++++++++++++++++++++++----
- utils.h | 7 +++++++
- 4 files changed, 55 insertions(+), 21 deletions(-)
-
-diff --git a/redsocks.c b/redsocks.c
-index d085e10..ba5eab2 100644
---- a/redsocks.c
-+++ b/redsocks.c
-@@ -207,22 +207,17 @@ void redsocks_log_write_plain(
- int saved_errno = errno;
- struct evbuffer *fmt = evbuffer_new();
- va_list ap;
-- char clientaddr_str[INET6_ADDRSTRLEN], destaddr_str[INET6_ADDRSTRLEN];
-+ char clientaddr_str[RED_INET_ADDRSTRLEN], destaddr_str[RED_INET_ADDRSTRLEN];
-
- if (!fmt) {
- log_errno(LOG_ERR, "evbuffer_new()");
- // no return, as I have to call va_start/va_end
- }
-
-- if (!inet_ntop(clientaddr->sin_family, &clientaddr->sin_addr, clientaddr_str, sizeof(clientaddr_str)))
-- strncpy(clientaddr_str, "???", sizeof(clientaddr_str));
-- if (!inet_ntop(destaddr->sin_family, &destaddr->sin_addr, destaddr_str, sizeof(destaddr_str)))
-- strncpy(destaddr_str, "???", sizeof(destaddr_str));
--
- if (fmt) {
-- evbuffer_add_printf(fmt, "[%s:%i->%s:%i]: %s",
-- clientaddr_str, ntohs(clientaddr->sin_port),
-- destaddr_str, ntohs(destaddr->sin_port),
-+ evbuffer_add_printf(fmt, "[%s->%s]: %s",
-+ red_inet_ntop(clientaddr, clientaddr_str, sizeof(clientaddr_str)),
-+ red_inet_ntop(destaddr, destaddr_str, sizeof(destaddr_str)),
- orig_fmt);
- }
-
-diff --git a/redudp.c b/redudp.c
-index 0a97852..9516a50 100644
---- a/redudp.c
-+++ b/redudp.c
-@@ -436,10 +436,9 @@ static void redudp_pkt_from_socks(int fd, short what, void *_arg)
- return;
-
- if (memcmp(&udprelayaddr, &client->udprelayaddr, sizeof(udprelayaddr)) != 0) {
-- char buf[INET6_ADDRSTRLEN];
-- const char *addr = inet_ntop(udprelayaddr.sin_family, &udprelayaddr.sin_addr, buf, sizeof(buf));
-- redudp_log_error(client, LOG_NOTICE, "Got packet from unexpected address %s:%u.",
-- addr ? addr : "?", ntohs(udprelayaddr.sin_port));
-+ char buf[RED_INET_ADDRSTRLEN];
-+ redudp_log_error(client, LOG_NOTICE, "Got packet from unexpected address %s.",
-+ red_inet_ntop(&udprelayaddr, buf, sizeof(buf)));
- return;
- }
-
-@@ -459,10 +458,14 @@ static void redudp_pkt_from_socks(int fd, short what, void *_arg)
- if (pkt.header.ip.port != client->instance->config.destaddr.sin_port ||
- pkt.header.ip.addr != client->instance->config.destaddr.sin_addr.s_addr)
- {
-- char buf[INET6_ADDRSTRLEN];
-- const char *addr = inet_ntop(AF_INET, &pkt.header.ip.addr, buf, sizeof(buf));
-- redudp_log_error(client, LOG_NOTICE, "Socks5 server relayed packet from unexpected address %s:%u.",
-- addr ? addr : "?", ntohs(pkt.header.ip.port));
-+ char buf[RED_INET_ADDRSTRLEN];
-+ struct sockaddr_in pktaddr = {
-+ .sin_family = AF_INET,
-+ .sin_addr = { pkt.header.ip.addr },
-+ .sin_port = pkt.header.ip.port,
-+ };
-+ redudp_log_error(client, LOG_NOTICE, "Socks5 server relayed packet from unexpected address %s.",
-+ red_inet_ntop(&pktaddr, buf, sizeof(buf)));
- return;
- }
-
-diff --git a/utils.c b/utils.c
-index c6ced51..6e1f3af 100644
---- a/utils.c
-+++ b/utils.c
-@@ -18,6 +18,7 @@
- #include <errno.h>
- #include <assert.h>
- #include <fcntl.h>
-+#include <string.h>
- #include <sys/socket.h>
- #include <netinet/in.h>
- #include <arpa/inet.h>
-@@ -42,10 +43,9 @@ int red_recv_udp_pkt(int fd, char *buf, size_t buflen, struct sockaddr_in *inadd
- }
-
- if (pktlen >= buflen) {
-- char buf[INET6_ADDRSTRLEN];
-- const char *addr = inet_ntop(inaddr->sin_family, &inaddr->sin_addr, buf, sizeof(buf));
-- log_error(LOG_WARNING, "wow! Truncated udp packet of size %zd from %s:%u! impossible! dropping it...",
-- pktlen, addr ? addr : "?", ntohs(inaddr->sin_port));
-+ char buf[RED_INET_ADDRSTRLEN];
-+ log_error(LOG_WARNING, "wow! Truncated udp packet of size %zd from %s! impossible! dropping it...",
-+ pktlen, red_inet_ntop(inaddr, buf, sizeof(buf)));
- return -1;
- }
-
-@@ -176,4 +176,33 @@ int red_is_socket_connected_ok(struct bufferevent *buffev)
- }
- }
-
-+char *red_inet_ntop(const struct sockaddr_in* sa, char* buffer, size_t buffer_size)
-+{
-+ const char *retval = 0;
-+ size_t len = 0;
-+ uint16_t port;
-+ const char placeholder[] = "???:???";
-+
-+ assert(buffer_size >= sizeof(placeholder));
-+
-+ memset(buffer, buffer_size, 0);
-+ if (sa->sin_family == AF_INET) {
-+ retval = inet_ntop(AF_INET, &sa->sin_addr, buffer, buffer_size);
-+ port = ((struct sockaddr_in*)sa)->sin_port;
-+ }
-+ else if (sa->sin_family == AF_INET6) {
-+ retval = inet_ntop(AF_INET6, &((const struct sockaddr_in6*)sa)->sin6_addr, buffer, buffer_size);
-+ port = ((struct sockaddr_in6*)sa)->sin6_port;
-+ }
-+ if (retval) {
-+ assert(retval == buffer);
-+ len = strlen(retval);
-+ snprintf(buffer + len, buffer_size - len, ":%d", ntohs(port));
-+ }
-+ else {
-+ strcpy(buffer, placeholder);
-+ }
-+ return buffer;
-+}
-+
- /* vim:set tabstop=4 softtabstop=4 shiftwidth=4: */
-diff --git a/utils.h b/utils.h
-index f691b77..d3af00f 100644
---- a/utils.h
-+++ b/utils.h
-@@ -57,6 +57,13 @@ int fcntl_nonblock(int fd);
- (what) & EVBUFFER_TIMEOUT ? "EVBUFFER_TIMEOUT" : "0", \
- (what) & ~(EVBUFFER_READ|EVBUFFER_WRITE|EVBUFFER_EOF|EVBUFFER_ERROR|EVBUFFER_TIMEOUT)
-
-+#if INET6_ADDRSTRLEN < INET_ADDRSTRLEN
-+# error Impossible happens: INET6_ADDRSTRLEN < INET_ADDRSTRLEN
-+#else
-+# define RED_INET_ADDRSTRLEN (INET6_ADDRSTRLEN + 1 + 5 + 1) // addr + : + port + \0
-+#endif
-+char *red_inet_ntop(const struct sockaddr_in* sa, char* buffer, size_t buffer_size);
-+
- /* vim:set tabstop=4 softtabstop=4 shiftwidth=4: */
- /* vim:set foldmethod=marker foldlevel=32 foldmarker={,}: */
- #endif /* UTILS_H_SAT_FEB__2_02_24_05_2008 */
---
-1.9.1
-
+++ /dev/null
-From 709646d59d96cb73a7e70347f37de9823e4e5f14 Mon Sep 17 00:00:00 2001
-From: Leonid Evdokimov <leon@darkk.net.ru>
-Date: Fri, 13 Apr 2012 01:57:23 +0400
-Subject: [PATCH 03/12] Initial support for UDP + TPROXY redirection. No more
- dest_ip in redudp.
-
- * TPROXY requires Linux 2.6.29+ (see man 7 ip[1]).
- * all redsocks code is running as root to bind to arbitrary port.
- * Non-Linux and old-Linux builds are broken at the moment.
-
-[1] http://www.kernel.org/doc/man-pages/online/pages/man7/ip.7.html
----
- dnstc.c | 2 +-
- redudp.c | 197 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-----
- redudp.h | 2 +
- utils.c | 43 +++++++++++++-
- utils.h | 2 +-
- 5 files changed, 227 insertions(+), 19 deletions(-)
-
-diff --git a/dnstc.c b/dnstc.c
-index 43881d8..5f9fedd 100644
---- a/dnstc.c
-+++ b/dnstc.c
-@@ -68,7 +68,7 @@ static void dnstc_pkt_from_client(int fd, short what, void *_arg)
- ssize_t pktlen, outgoing;
-
- assert(fd == EVENT_FD(&self->listener));
-- pktlen = red_recv_udp_pkt(fd, buf.raw, sizeof(buf), &clientaddr);
-+ pktlen = red_recv_udp_pkt(fd, buf.raw, sizeof(buf), &clientaddr, NULL);
- if (pktlen == -1)
- return;
-
-diff --git a/redudp.c b/redudp.c
-index 9516a50..262af3e 100644
---- a/redudp.c
-+++ b/redudp.c
-@@ -15,6 +15,7 @@
- */
-
- #include <stdlib.h>
-+#include <search.h>
- #include <string.h>
- #include <sys/types.h>
- #include <sys/uio.h>
-@@ -33,30 +34,157 @@
- #include "redudp.h"
-
- #define redudp_log_error(client, prio, msg...) \
-- redsocks_log_write_plain(__FILE__, __LINE__, __func__, 0, &(client)->clientaddr, &(client)->instance->config.destaddr, prio, ## msg)
-+ redsocks_log_write_plain(__FILE__, __LINE__, __func__, 0, &(client)->clientaddr, get_destaddr(client), prio, ## msg)
- #define redudp_log_errno(client, prio, msg...) \
-- redsocks_log_write_plain(__FILE__, __LINE__, __func__, 1, &(client)->clientaddr, &(client)->instance->config.destaddr, prio, ## msg)
-+ redsocks_log_write_plain(__FILE__, __LINE__, __func__, 1, &(client)->clientaddr, get_destaddr(client), prio, ## msg)
-
- static void redudp_pkt_from_socks(int fd, short what, void *_arg);
- static void redudp_drop_client(redudp_client *client);
- static void redudp_fini_instance(redudp_instance *instance);
- static int redudp_fini();
-+static int redudp_transparent(int fd);
-
- typedef struct redudp_expected_assoc_reply_t {
- socks5_reply h;
- socks5_addr_ipv4 ip;
- } PACKED redudp_expected_assoc_reply;
-
-+struct bound_udp4_key {
-+ struct in_addr sin_addr;
-+ uint16_t sin_port;
-+};
-+
-+struct bound_udp4 {
-+ struct bound_udp4_key key;
-+ int ref;
-+ int fd;
-+};
-+
- /***********************************************************************
- * Helpers
- */
-+// TODO: separate binding to privileged process (this operation requires uid-0)
-+static void* root_bound_udp4 = NULL; // to avoid two binds to same IP:port
-+
-+static int bound_udp4_cmp(const void *a, const void *b)
-+{
-+ return memcmp(a, b, sizeof(struct bound_udp4_key));
-+}
-+
-+static void bound_udp4_mkkey(struct bound_udp4_key *key, const struct sockaddr_in *addr)
-+{
-+ memset(key, 0, sizeof(*key));
-+ key->sin_addr = addr->sin_addr;
-+ key->sin_port = addr->sin_port;
-+}
-+
-+static int bound_udp4_get(const struct sockaddr_in *addr)
-+{
-+ struct bound_udp4_key key;
-+ struct bound_udp4 *node, **pnode;
-+
-+ bound_udp4_mkkey(&key, addr);
-+ // I assume, that memory allocation for lookup is awful, so I use
-+ // tfind/tsearch pair instead of tsearch/check-result.
-+ pnode = tfind(&key, &root_bound_udp4, bound_udp4_cmp);
-+ if (pnode) {
-+ assert((*pnode)->ref > 0);
-+ (*pnode)->ref++;
-+ return (*pnode)->fd;
-+ }
-+
-+ node = calloc(1, sizeof(*node));
-+ if (!node) {
-+ log_errno(LOG_ERR, "calloc");
-+ goto fail;
-+ }
-+
-+ node->key = key;
-+ node->ref = 1;
-+ node->fd = socket(AF_INET, SOCK_DGRAM, 0);
-+ if (node->fd == -1) {
-+ log_errno(LOG_ERR, "socket");
-+ goto fail;
-+ }
-+
-+ if (0 != redudp_transparent(node->fd))
-+ goto fail;
-+
-+ if (0 != bind(node->fd, (struct sockaddr*)addr, sizeof(*addr))) {
-+ log_errno(LOG_ERR, "bind");
-+ goto fail;
-+ }
-+
-+ pnode = tsearch(node, &root_bound_udp4, bound_udp4_cmp);
-+ if (!pnode) {
-+ log_errno(LOG_ERR, "tsearch(%p) == %p", node, pnode);
-+ goto fail;
-+ }
-+ assert(node == *pnode);
-+
-+ return node->fd;
-+
-+fail:
-+ if (node) {
-+ if (node->fd != -1)
-+ redsocks_close(node->fd);
-+ free(node);
-+ }
-+ return -1;
-+}
-+
-+static void bound_udp4_put(const struct sockaddr_in *addr)
-+{
-+ struct bound_udp4_key key;
-+ struct bound_udp4 **pnode, *node;
-+ void *parent;
-+
-+ bound_udp4_mkkey(&key, addr);
-+ pnode = tfind(&key, &root_bound_udp4, bound_udp4_cmp);
-+ assert(pnode && (*pnode)->ref > 0);
-+
-+ node = *pnode;
-+
-+ node->ref--;
-+ if (node->ref)
-+ return;
-+
-+ parent = tdelete(node, &root_bound_udp4, bound_udp4_cmp);
-+ assert(parent);
-+
-+ redsocks_close(node->fd); // expanding `pnode` to avoid use after free
-+ free(node);
-+}
-+
-+static int redudp_transparent(int fd)
-+{
-+ int on = 1;
-+ int error = setsockopt(fd, SOL_IP, IP_TRANSPARENT, &on, sizeof(on));
-+ if (error)
-+ log_errno(LOG_ERR, "setsockopt(..., SOL_IP, IP_TRANSPARENT)");
-+ return error;
-+}
-+
-+static int do_tproxy(redudp_instance* instance)
-+{
-+ return instance->config.destaddr.sin_addr.s_addr == 0;
-+}
-+
-+static struct sockaddr_in* get_destaddr(redudp_client *client)
-+{
-+ if (do_tproxy(client->instance))
-+ return &client->destaddr;
-+ else
-+ return &client->instance->config.destaddr;
-+}
-+
- static void redudp_fill_preamble(socks5_udp_preabmle *preamble, redudp_client *client)
- {
- preamble->reserved = 0;
- preamble->frag_no = 0; /* fragmentation is not supported */
- preamble->addrtype = socks5_addrtype_ipv4;
-- preamble->ip.addr = client->instance->config.destaddr.sin_addr.s_addr;
-- preamble->ip.port = client->instance->config.destaddr.sin_port;
-+ preamble->ip.addr = get_destaddr(client)->sin_addr.s_addr;
-+ preamble->ip.port = get_destaddr(client)->sin_port;
- }
-
- static struct evbuffer* socks5_mkmethods_plain_wrapper(void *p)
-@@ -104,6 +232,8 @@ static void redudp_drop_client(redudp_client *client)
- redudp_log_errno(client, LOG_ERR, "event_del");
- redsocks_close(fd);
- }
-+ if (client->sender_fd != -1)
-+ bound_udp4_put(&client->destaddr);
- list_for_each_entry_safe(q, tmp, &client->queue, list) {
- list_del(&q->list);
- free(q);
-@@ -344,7 +474,8 @@ static void redudp_relay_connected(struct bufferevent *buffev, void *_arg)
- redudp_client *client = _arg;
- int do_password = socks5_is_valid_cred(client->instance->config.login, client->instance->config.password);
- int error;
-- redudp_log_error(client, LOG_DEBUG, "<trace>");
-+ char relayaddr_str[RED_INET_ADDRSTRLEN];
-+ redudp_log_error(client, LOG_DEBUG, "via %s", red_inet_ntop(&client->instance->config.relayaddr, relayaddr_str, sizeof(relayaddr_str)));
-
- if (!red_is_socket_connected_ok(buffev)) {
- redudp_log_errno(client, LOG_NOTICE, "red_is_socket_connected_ok");
-@@ -382,7 +513,7 @@ static void redudp_timeout(int fd, short what, void *_arg)
- redudp_drop_client(client);
- }
-
--static void redudp_first_pkt_from_client(redudp_instance *self, struct sockaddr_in *clientaddr, char *buf, size_t pktlen)
-+static void redudp_first_pkt_from_client(redudp_instance *self, struct sockaddr_in *clientaddr, struct sockaddr_in *destaddr, char *buf, size_t pktlen)
- {
- redudp_client *client = calloc(1, sizeof(*client));
-
-@@ -395,9 +526,13 @@ static void redudp_first_pkt_from_client(redudp_instance *self, struct sockaddr_
- INIT_LIST_HEAD(&client->queue);
- client->instance = self;
- memcpy(&client->clientaddr, clientaddr, sizeof(*clientaddr));
-+ if (destaddr)
-+ memcpy(&client->destaddr, destaddr, sizeof(client->destaddr));
- evtimer_set(&client->timeout, redudp_timeout, client);
- // XXX: self->relay_ss->init(client);
-
-+ client->sender_fd = -1; // it's postponed until socks-server replies to avoid trivial DoS
-+
- client->relay = red_connect_relay(&client->instance->config.relayaddr,
- redudp_relay_connected, redudp_relay_error, client);
- if (!client->relay)
-@@ -431,7 +566,7 @@ static void redudp_pkt_from_socks(int fd, short what, void *_arg)
-
- assert(fd == EVENT_FD(&client->udprelay));
-
-- pktlen = red_recv_udp_pkt(fd, pkt.buf, sizeof(pkt.buf), &udprelayaddr);
-+ pktlen = red_recv_udp_pkt(fd, pkt.buf, sizeof(pkt.buf), &udprelayaddr, NULL);
- if (pktlen == -1)
- return;
-
-@@ -455,8 +590,8 @@ static void redudp_pkt_from_socks(int fd, short what, void *_arg)
- return;
- }
-
-- if (pkt.header.ip.port != client->instance->config.destaddr.sin_port ||
-- pkt.header.ip.addr != client->instance->config.destaddr.sin_addr.s_addr)
-+ if (pkt.header.ip.port != get_destaddr(client)->sin_port ||
-+ pkt.header.ip.addr != get_destaddr(client)->sin_addr.s_addr)
- {
- char buf[RED_INET_ADDRSTRLEN];
- struct sockaddr_in pktaddr = {
-@@ -472,8 +607,18 @@ static void redudp_pkt_from_socks(int fd, short what, void *_arg)
- redsocks_time(&client->last_relay_event);
- redudp_bump_timeout(client);
-
-+ if (do_tproxy(client->instance) && client->sender_fd == -1) {
-+ client->sender_fd = bound_udp4_get(&client->destaddr);
-+ if (client->sender_fd == -1) {
-+ redudp_log_error(client, LOG_WARNING, "bound_udp4_get failure");
-+ return;
-+ }
-+ }
-+
- fwdlen = pktlen - sizeof(pkt.header);
-- outgoing = sendto(EVENT_FD(&client->instance->listener),
-+ outgoing = sendto(do_tproxy(client->instance)
-+ ? client->sender_fd
-+ : EVENT_FD(&client->instance->listener),
- pkt.buf + sizeof(pkt.header), fwdlen, 0,
- (struct sockaddr*)&client->clientaddr, sizeof(client->clientaddr));
- if (outgoing != fwdlen) {
-@@ -486,18 +631,21 @@ static void redudp_pkt_from_socks(int fd, short what, void *_arg)
- static void redudp_pkt_from_client(int fd, short what, void *_arg)
- {
- redudp_instance *self = _arg;
-- struct sockaddr_in clientaddr;
-+ struct sockaddr_in clientaddr, destaddr, *pdestaddr;
- char buf[0xFFFF]; // UDP packet can't be larger then that
- ssize_t pktlen;
- redudp_client *tmp, *client = NULL;
-
-+ pdestaddr = do_tproxy(self) ? &destaddr : NULL;
-+
- assert(fd == EVENT_FD(&self->listener));
-- pktlen = red_recv_udp_pkt(fd, buf, sizeof(buf), &clientaddr);
-+ pktlen = red_recv_udp_pkt(fd, buf, sizeof(buf), &clientaddr, pdestaddr);
- if (pktlen == -1)
- return;
-
- // TODO: this lookup may be SLOOOOOW.
- list_for_each_entry(tmp, &self->clients, list) {
-+ // TODO: check destaddr
- if (0 == memcmp(&clientaddr, &tmp->clientaddr, sizeof(clientaddr))) {
- client = tmp;
- break;
-@@ -515,7 +663,7 @@ static void redudp_pkt_from_client(int fd, short what, void *_arg)
- }
- }
- else {
-- redudp_first_pkt_from_client(self, &clientaddr, buf, pktlen);
-+ redudp_first_pkt_from_client(self, &clientaddr, pdestaddr, buf, pktlen);
- }
- }
-
-@@ -554,7 +702,6 @@ static int redudp_onenter(parser_section *section)
- instance->config.relayaddr.sin_family = AF_INET;
- instance->config.relayaddr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
- instance->config.destaddr.sin_family = AF_INET;
-- instance->config.destaddr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
- instance->config.max_pktqueue = 5;
- instance->config.udp_timeout = 30;
- instance->config.udp_timeout_stream = 180;
-@@ -614,6 +761,28 @@ static int redudp_init_instance(redudp_instance *instance)
- goto fail;
- }
-
-+ if (do_tproxy(instance)) {
-+ int on = 1;
-+ char buf[RED_INET_ADDRSTRLEN];
-+ // iptables TPROXY target does not send packets to non-transparent sockets
-+ if (0 != redudp_transparent(fd))
-+ goto fail;
-+
-+ error = setsockopt(fd, SOL_IP, IP_RECVORIGDSTADDR, &on, sizeof(on));
-+ if (error) {
-+ log_errno(LOG_ERR, "setsockopt(listener, SOL_IP, IP_RECVORIGDSTADDR)");
-+ goto fail;
-+ }
-+
-+ log_error(LOG_DEBUG, "redudp @ %s: TPROXY", red_inet_ntop(&instance->config.bindaddr, buf, sizeof(buf)));
-+ }
-+ else {
-+ char buf1[RED_INET_ADDRSTRLEN], buf2[RED_INET_ADDRSTRLEN];
-+ log_error(LOG_DEBUG, "redudp @ %s: destaddr=%s",
-+ red_inet_ntop(&instance->config.bindaddr, buf1, sizeof(buf1)),
-+ red_inet_ntop(&instance->config.destaddr, buf2, sizeof(buf2)));
-+ }
-+
- error = bind(fd, (struct sockaddr*)&instance->config.bindaddr, sizeof(instance->config.bindaddr));
- if (error) {
- log_errno(LOG_ERR, "bind");
-diff --git a/redudp.h b/redudp.h
-index 308bd33..3f1d9d1 100644
---- a/redudp.h
-+++ b/redudp.h
-@@ -24,6 +24,8 @@ typedef struct redudp_client_t {
- list_head list;
- redudp_instance *instance;
- struct sockaddr_in clientaddr;
-+ struct sockaddr_in destaddr;
-+ int sender_fd; // shared between several clients socket (bound to `destaddr`)
- struct event timeout;
- struct bufferevent *relay;
- struct event udprelay;
-diff --git a/utils.c b/utils.c
-index 6e1f3af..afdeea8 100644
---- a/utils.c
-+++ b/utils.c
-@@ -26,17 +26,54 @@
- #include "utils.h"
- #include "redsocks.h" // for redsocks_close
-
--int red_recv_udp_pkt(int fd, char *buf, size_t buflen, struct sockaddr_in *inaddr)
-+int red_recv_udp_pkt(int fd, char *buf, size_t buflen, struct sockaddr_in *inaddr, struct sockaddr_in *toaddr)
- {
- socklen_t addrlen = sizeof(*inaddr);
- ssize_t pktlen;
--
-- pktlen = recvfrom(fd, buf, buflen, 0, (struct sockaddr*)inaddr, &addrlen);
-+ struct msghdr msg;
-+ struct iovec io;
-+ char control[1024];
-+
-+ memset(&msg, 0, sizeof(msg));
-+ msg.msg_name = inaddr;
-+ msg.msg_namelen = sizeof(*inaddr);
-+ msg.msg_iov = &io;
-+ msg.msg_iovlen = 1;
-+ msg.msg_control = control;
-+ msg.msg_controllen = sizeof(control);
-+ io.iov_base = buf;
-+ io.iov_len = buflen;
-+
-+ pktlen = recvmsg(fd, &msg, 0);
- if (pktlen == -1) {
- log_errno(LOG_WARNING, "recvfrom");
- return -1;
- }
-
-+ if (toaddr) {
-+ memset(toaddr, 0, sizeof(*toaddr));
-+ for (struct cmsghdr* cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) {
-+ if (
-+ cmsg->cmsg_level == SOL_IP &&
-+ cmsg->cmsg_type == IP_ORIGDSTADDR &&
-+ cmsg->cmsg_len >= CMSG_LEN(sizeof(*toaddr))
-+ ) {
-+ struct sockaddr_in* cmsgaddr = (struct sockaddr_in*)CMSG_DATA(cmsg);
-+ char buf[RED_INET_ADDRSTRLEN];
-+ log_error(LOG_DEBUG, "IP_ORIGDSTADDR: %s", red_inet_ntop(cmsgaddr, buf, sizeof(buf)));
-+ memcpy(toaddr, cmsgaddr, sizeof(*toaddr));
-+ }
-+ else {
-+ log_error(LOG_WARNING, "unexepcted cmsg (level,type) = (%d,%d)",
-+ cmsg->cmsg_level, cmsg->cmsg_type);
-+ }
-+ }
-+ if (toaddr->sin_family != AF_INET) {
-+ log_error(LOG_WARNING, "(SOL_IP, IP_ORIGDSTADDR) not found");
-+ return -1;
-+ }
-+ }
-+
- if (addrlen != sizeof(*inaddr)) {
- log_error(LOG_WARNING, "unexpected address length %u instead of %zu", addrlen, sizeof(*inaddr));
- return -1;
-diff --git a/utils.h b/utils.h
-index d3af00f..c2277e9 100644
---- a/utils.h
-+++ b/utils.h
-@@ -44,7 +44,7 @@ char *redsocks_evbuffer_readline(struct evbuffer *buf);
- struct bufferevent* red_connect_relay(struct sockaddr_in *addr, evbuffercb writecb, everrorcb errorcb, void *cbarg);
- int red_socket_geterrno(struct bufferevent *buffev);
- int red_is_socket_connected_ok(struct bufferevent *buffev);
--int red_recv_udp_pkt(int fd, char *buf, size_t buflen, struct sockaddr_in *inaddr);
-+int red_recv_udp_pkt(int fd, char *buf, size_t buflen, struct sockaddr_in *fromaddr, struct sockaddr_in *toaddr);
-
- int fcntl_nonblock(int fd);
-
---
-1.9.1
-
+++ /dev/null
-From b60b492602448b59aea194afd4991910d3613e5c Mon Sep 17 00:00:00 2001
-From: Cody Schafer <jmesmon@gmail.com>
-Date: Tue, 24 Apr 2012 04:33:13 -0500
-Subject: [PATCH 04/12] Fix transposition of memset parameters.
-
----
- utils.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/utils.c b/utils.c
-index afdeea8..31c6894 100644
---- a/utils.c
-+++ b/utils.c
-@@ -222,7 +222,7 @@ char *red_inet_ntop(const struct sockaddr_in* sa, char* buffer, size_t buffer_si
-
- assert(buffer_size >= sizeof(placeholder));
-
-- memset(buffer, buffer_size, 0);
-+ memset(buffer, 0, buffer_size);
- if (sa->sin_family == AF_INET) {
- retval = inet_ntop(AF_INET, &sa->sin_addr, buffer, buffer_size);
- port = ((struct sockaddr_in*)sa)->sin_port;
---
-1.9.1
-
+++ /dev/null
-From 18e2b5ed1ffb3e7c5dfec8ff41b3027163f680ed Mon Sep 17 00:00:00 2001
-From: Leonid Evdokimov <leon@darkk.net.ru>
-Date: Wed, 12 Sep 2012 02:05:39 +0400
-Subject: [PATCH 09/12] Fix compilation on Ubuntu 10.04 LTS and (hopefully)
- Debian squeeze[1]
-
-fixes #28, fixes #22, fixes #24
-[1] current "stable" release
----
- libc-compat.h | 25 +++++++++++++++++++++++++
- libevent-compat.h | 11 +++++++++++
- redsocks.c | 1 +
- redudp.c | 1 +
- utils.c | 1 +
- 5 files changed, 39 insertions(+)
- create mode 100644 libc-compat.h
- create mode 100644 libevent-compat.h
-
-diff --git a/libc-compat.h b/libc-compat.h
-new file mode 100644
-index 0000000..adcf63b
---- /dev/null
-+++ b/libc-compat.h
-@@ -0,0 +1,25 @@
-+#ifndef UUID_67C91670_FCCB_4855_BDF7_609F1EECB8B4
-+#define UUID_67C91670_FCCB_4855_BDF7_609F1EECB8B4
-+
-+/* all these definitions, are included into bits/in.h from libc6-dev 2.15-0ubuntu10
-+ * from Ubuntu 12.04 and is not included into libc6-dev 2.11.1-0ubuntu7.10 from
-+ * Ubuntu 10.04.
-+ * linux/in.h is not included directly because of lots of redefinitions,
-+ * extracting single value from linux/in.h is not done because it looks like
-+ * autotools reinvention */
-+#ifndef IP_ORIGDSTADDR
-+# warning Using hardcoded value for IP_ORIGDSTADDR as libc headers do not define it.
-+# define IP_ORIGDSTADDR 20
-+#endif
-+
-+#ifndef IP_RECVORIGDSTADDR
-+# warning Using hardcoded value for IP_RECVORIGDSTADDR as libc headers do not define it.
-+# define IP_RECVORIGDSTADDR IP_ORIGDSTADDR
-+#endif
-+
-+#ifndef IP_TRANSPARENT
-+# warning Using hardcoded value for IP_TRANSPARENT as libc headers do not define it.
-+# define IP_TRANSPARENT 19
-+#endif
-+
-+#endif // 67C91670_FCCB_4855_BDF7_609F1EECB8B4
-diff --git a/libevent-compat.h b/libevent-compat.h
-new file mode 100644
-index 0000000..a7f1ca1
---- /dev/null
-+++ b/libevent-compat.h
-@@ -0,0 +1,11 @@
-+#ifndef UUID_FC148CFA_5ECC_488E_8A62_CD39406C9F1E
-+#define UUID_FC148CFA_5ECC_488E_8A62_CD39406C9F1E
-+
-+/* evutil_socket_t is macros in libevent-2.0, not typedef, libevent-1.4 is
-+ * still supported because of Ubuntu 10.04 LTS */
-+#ifndef evutil_socket_t
-+# warning Using hardcoded value for evutil_socket_t as libevent headers do not define it.
-+# define evutil_socket_t int
-+#endif
-+
-+#endif // FC148CFA_5ECC_488E_8A62_CD39406C9F1E
-diff --git a/redsocks.c b/redsocks.c
-index ba5eab2..878576f 100644
---- a/redsocks.c
-+++ b/redsocks.c
-@@ -33,6 +33,7 @@
- #include "base.h"
- #include "redsocks.h"
- #include "utils.h"
-+#include "libevent-compat.h"
-
-
- #define REDSOCKS_RELAY_HALFBUFF 4096
-diff --git a/redudp.c b/redudp.c
-index 262af3e..05460dc 100644
---- a/redudp.c
-+++ b/redudp.c
-@@ -32,6 +32,7 @@
- #include "main.h"
- #include "redsocks.h"
- #include "redudp.h"
-+#include "libc-compat.h"
-
- #define redudp_log_error(client, prio, msg...) \
- redsocks_log_write_plain(__FILE__, __LINE__, __func__, 0, &(client)->clientaddr, get_destaddr(client), prio, ## msg)
-diff --git a/utils.c b/utils.c
-index 31c6894..7de3969 100644
---- a/utils.c
-+++ b/utils.c
-@@ -25,6 +25,7 @@
- #include "log.h"
- #include "utils.h"
- #include "redsocks.h" // for redsocks_close
-+#include "libc-compat.h"
-
- int red_recv_udp_pkt(int fd, char *buf, size_t buflen, struct sockaddr_in *inaddr, struct sockaddr_in *toaddr)
- {
---
-1.9.1
-
Last-Update: 2013-04-23
--- a/main.c
+++ b/main.c
-@@ -39,7 +39,7 @@
+@@ -39,7 +39,7 @@ app_subsys *subsystems[] = {
&dnstc_subsys,
};
include $(TOPDIR)/rules.mk
PKG_NAME:=sqm-scripts
-PKG_SOURCE_VERSION:=b761c3d39fadd6b868e9417595ba4260c047bcd2
-PKG_VERSION:=1.0.4
-PKG_RELEASE:=1
+PKG_SOURCE_VERSION:=90399ffc4ddbe0b25374682d7914afee3d522328
+PKG_VERSION:=1.0.5
+PKG_RELEASE:=2
PKG_LICENSE:=GPLv2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_RELEASE).tar.xz
define Package/sqm-scripts
SECTION:=net
CATEGORY:=Base system
- DEPENDS:=+tc +kmod-sched +kmod-ifb iptables +ip \
+ DEPENDS:=+tc +kmod-sched +kmod-ifb +iptables \
+iptables-mod-ipopt +iptables-mod-conntrack-extra
TITLE:=SQM Scripts (QoS)
PKGARCH:=all
include $(TOPDIR)/rules.mk
PKG_NAME:=strongswan
-PKG_VERSION:=5.3.3
-PKG_RELEASE:=1
+PKG_VERSION:=5.3.4
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=http://download.strongswan.org/ http://download2.strongswan.org/
-PKG_MD5SUM:=5a25f3d1c31a77ef44d14a2e7b3eaad0
+PKG_MD5SUM:=655a632a515c74a99f2e9cc337ab2f33
PKG_LICENSE:=GPL-2.0+
PKG_MAINTAINER:=Steven Barth <cyrus@openwrt.org>
gcm \
gcrypt \
gmp \
+ gmpdh \
ha \
hmac \
kernel-libipsec \
This meta-package contains only dependencies to match upstream defaults.
endef
+
+define Package/strongswan-isakmp
+$(call Package/strongswan/Default)
+ TITLE+= (isakmp)
+ DEPENDS:= +strongswan \
+ +strongswan-charon \
+ +strongswan-mod-aes \
+ +strongswan-mod-des \
+ +strongswan-mod-gmpdh \
+ +strongswan-mod-hmac \
+ +strongswan-mod-kernel-netlink \
+ +strongswan-mod-md5 \
+ +strongswan-mod-nonce \
+ +strongswan-mod-pubkey \
+ +strongswan-mod-random \
+ +strongswan-mod-sha1 \
+ +strongswan-mod-socket-default \
+ +strongswan-mod-stroke \
+ +strongswan-mod-uci \
+ +strongswan-mod-updown \
+ +strongswan-utils
+endef
+
+define Package/strongswan-isakmp/description
+$(call Package/strongswan/description/Default)
+ This meta-package contains only dependencies to establish ISAKMP /
+ IKE PSK connections, dropping other capabilities in favor of small size
+ Can fit most routers even with 4Mb flash (after removing IPv6 support).
+endef
+
+
define Package/strongswan-minimal
$(call Package/strongswan/Default)
TITLE+= (minimal)
true
endef
+define Package/strongswan-isakmp/install
+ true
+endef
+
define Package/strongswan-minimal/install
true
endef
$(eval $(call BuildPackage,strongswan-default))
$(eval $(call BuildPackage,strongswan-full))
$(eval $(call BuildPackage,strongswan-minimal))
+$(eval $(call BuildPackage,strongswan-isakmp))
$(eval $(call BuildPackage,strongswan-charon))
$(eval $(call BuildPackage,strongswan-utils))
$(eval $(call BuildPackage,strongswan-libtls))
$(eval $(call BuildPlugin,gcm,GCM AEAD wrapper crypto,))
$(eval $(call BuildPlugin,gcrypt,libgcrypt,+PACKAGE_strongswan-mod-gcrypt:libgcrypt))
$(eval $(call BuildPlugin,gmp,libgmp,+PACKAGE_strongswan-mod-gmp:libgmp))
+$(eval $(call BuildPlugin,gmpdh,DH-Groups; no libgmp dep,))
$(eval $(call BuildPlugin,ha,high availability cluster,))
$(eval $(call BuildPlugin,hmac,HMAC crypto,))
$(eval $(call BuildPlugin,kernel-libipsec,libipsec kernel interface,))
--- /dev/null
+From ea651877c0bb6e129f52eb592cea3b10b2e3347b Mon Sep 17 00:00:00 2001
+From: Tobias Brunner <tobias@strongswan.org>
+Date: Thu, 19 Nov 2015 11:21:48 +0100
+Subject: [PATCH] sigwaitinfo() may fail with EINTR if an unblocked signal not
+ in the set is received
+
+ #1213.
+---
+ src/charon-cmd/charon-cmd.c | 9 ++++-----
+ src/charon-nm/charon-nm.c | 9 ++++-----
+ src/charon-systemd/charon-systemd.c | 9 ++++-----
+ src/charon-tkm/src/charon-tkm.c | 9 ++++-----
+ src/charon/charon.c | 11 +++++------
+ src/conftest/conftest.c | 2 +-
+ src/frontends/osx/charon-xpc/charon-xpc.c | 7 ++++---
+ src/libfast/fast_dispatcher.c | 6 +++++-
+ src/libstrongswan/utils/utils.c | 5 ++++-
+ 9 files changed, 35 insertions(+), 32 deletions(-)
+
+diff --git a/src/charon-cmd/charon-cmd.c b/src/charon-cmd/charon-cmd.c
+index b8f943f..d3b31cc 100644
+--- a/src/charon-cmd/charon-cmd.c
++++ b/src/charon-cmd/charon-cmd.c
+@@ -115,6 +115,10 @@ static int run()
+ sig = sigwaitinfo(&set, NULL);
+ if (sig == -1)
+ {
++ if (errno == EINTR)
++ { /* ignore signals we didn't wait for */
++ continue;
++ }
+ DBG1(DBG_DMN, "waiting for signal failed: %s", strerror(errno));
+ return 1;
+ }
+@@ -152,11 +156,6 @@ static int run()
+ charon->bus->alert(charon->bus, ALERT_SHUTDOWN_SIGNAL, sig);
+ return 1;
+ }
+- default:
+- {
+- DBG1(DBG_DMN, "unknown signal %d received. Ignored", sig);
+- break;
+- }
+ }
+ }
+ }
+diff --git a/src/charon-nm/charon-nm.c b/src/charon-nm/charon-nm.c
+index 1773e7c..fb090e5 100644
+--- a/src/charon-nm/charon-nm.c
++++ b/src/charon-nm/charon-nm.c
+@@ -85,6 +85,10 @@ static void run()
+ sig = sigwaitinfo(&set, NULL);
+ if (sig == -1)
+ {
++ if (errno == EINTR)
++ { /* ignore signals we didn't wait for */
++ continue;
++ }
+ DBG1(DBG_DMN, "waiting for signal failed: %s", strerror(errno));
+ return;
+ }
+@@ -102,11 +106,6 @@ static void run()
+ charon->bus->alert(charon->bus, ALERT_SHUTDOWN_SIGNAL, sig);
+ return;
+ }
+- default:
+- {
+- DBG1(DBG_DMN, "unknown signal %d received. Ignored", sig);
+- break;
+- }
+ }
+ }
+ }
+diff --git a/src/charon-systemd/charon-systemd.c b/src/charon-systemd/charon-systemd.c
+index f302d45..4286cde 100644
+--- a/src/charon-systemd/charon-systemd.c
++++ b/src/charon-systemd/charon-systemd.c
+@@ -254,6 +254,10 @@ static int run()
+ sig = sigwaitinfo(&set, NULL);
+ if (sig == -1)
+ {
++ if (errno == EINTR)
++ { /* ignore signals we didn't wait for */
++ continue;
++ }
+ DBG1(DBG_DMN, "waiting for signal failed: %s", strerror(errno));
+ return SS_RC_INITIALIZATION_FAILED;
+ }
+@@ -265,11 +269,6 @@ static int run()
+ charon->bus->alert(charon->bus, ALERT_SHUTDOWN_SIGNAL, sig);
+ return 0;
+ }
+- default:
+- {
+- DBG1(DBG_DMN, "unknown signal %d received. Ignored", sig);
+- break;
+- }
+ }
+ }
+ }
+diff --git a/src/charon-tkm/src/charon-tkm.c b/src/charon-tkm/src/charon-tkm.c
+index 52d82f3..3923c8a 100644
+--- a/src/charon-tkm/src/charon-tkm.c
++++ b/src/charon-tkm/src/charon-tkm.c
+@@ -104,6 +104,10 @@ static void run()
+ sig = sigwaitinfo(&set, NULL);
+ if (sig == -1)
+ {
++ if (errno == EINTR)
++ { /* ignore signals we didn't wait for */
++ continue;
++ }
+ DBG1(DBG_DMN, "waiting for signal failed: %s", strerror(errno));
+ return;
+ }
+@@ -121,11 +125,6 @@ static void run()
+ charon->bus->alert(charon->bus, ALERT_SHUTDOWN_SIGNAL, sig);
+ return;
+ }
+- default:
+- {
+- DBG1(DBG_DMN, "unknown signal %d received. Ignored", sig);
+- break;
+- }
+ }
+ }
+ }
+diff --git a/src/charon/charon.c b/src/charon/charon.c
+index f03b6e1..4c2a9a4 100644
+--- a/src/charon/charon.c
++++ b/src/charon/charon.c
+@@ -98,7 +98,7 @@ static void run()
+ {
+ sigset_t set;
+
+- /* handle SIGINT, SIGHUP ans SIGTERM in this handler */
++ /* handle SIGINT, SIGHUP and SIGTERM in this handler */
+ sigemptyset(&set);
+ sigaddset(&set, SIGINT);
+ sigaddset(&set, SIGHUP);
+@@ -112,6 +112,10 @@ static void run()
+ sig = sigwaitinfo(&set, NULL);
+ if (sig == -1)
+ {
++ if (errno == EINTR)
++ { /* ignore signals we didn't wait for */
++ continue;
++ }
+ DBG1(DBG_DMN, "waiting for signal failed: %s", strerror(errno));
+ return;
+ }
+@@ -144,11 +148,6 @@ static void run()
+ charon->bus->alert(charon->bus, ALERT_SHUTDOWN_SIGNAL, sig);
+ return;
+ }
+- default:
+- {
+- DBG1(DBG_DMN, "unknown signal %d received. Ignored", sig);
+- break;
+- }
+ }
+ }
+ }
+diff --git a/src/conftest/conftest.c b/src/conftest/conftest.c
+index 9348b64..edfe0ca 100644
+--- a/src/conftest/conftest.c
++++ b/src/conftest/conftest.c
+@@ -565,7 +565,7 @@ int main(int argc, char *argv[])
+ sigaddset(&set, SIGTERM);
+ sigprocmask(SIG_BLOCK, &set, NULL);
+
+- while ((sig = sigwaitinfo(&set, NULL)) != -1)
++ while ((sig = sigwaitinfo(&set, NULL)) != -1 || errno == EINTR)
+ {
+ switch (sig)
+ {
+diff --git a/src/libfast/fast_dispatcher.c b/src/libfast/fast_dispatcher.c
+index b4c6ce3..66a2ee5 100644
+--- a/src/libfast/fast_dispatcher.c
++++ b/src/libfast/fast_dispatcher.c
+@@ -21,6 +21,7 @@
+ #include <fcgiapp.h>
+ #include <signal.h>
+ #include <unistd.h>
++#include <errno.h>
+
+ #include <utils/debug.h>
+ #include <threading/thread.h>
+@@ -389,7 +390,10 @@ METHOD(fast_dispatcher_t, waitsignal, void,
+ sigaddset(&set, SIGTERM);
+ sigaddset(&set, SIGHUP);
+ sigprocmask(SIG_BLOCK, &set, NULL);
+- sigwaitinfo(&set, NULL);
++ while (sigwaitinfo(&set, NULL) == -1 && errno == EINTR)
++ {
++ /* wait for signal */
++ }
+ }
+
+ METHOD(fast_dispatcher_t, destroy, void,
+diff --git a/src/libstrongswan/utils/utils.c b/src/libstrongswan/utils/utils.c
+index 4e86165..40cb43d 100644
+--- a/src/libstrongswan/utils/utils.c
++++ b/src/libstrongswan/utils/utils.c
+@@ -124,7 +124,10 @@ void wait_sigint()
+ sigaddset(&set, SIGTERM);
+
+ sigprocmask(SIG_BLOCK, &set, NULL);
+- sigwaitinfo(&set, NULL);
++ while (sigwaitinfo(&set, NULL) == -1 && errno == EINTR)
++ {
++ /* wait for signal */
++ }
+ }
+
+ #ifndef HAVE_SIGWAITINFO
--- /dev/null
+--- a/configure.ac
++++ b/configure.ac
+@@ -135,6 +135,7 @@ ARG_DISBL_SET([fips-prf], [disable
+ ARG_ENABL_SET([gcm], [enables the GCM AEAD wrapper crypto plugin.])
+ ARG_ENABL_SET([gcrypt], [enables the libgcrypt plugin.])
+ ARG_DISBL_SET([gmp], [disable GNU MP (libgmp) based crypto implementation plugin.])
++ARG_DISBL_SET([gmpdh], [disable GNU MP (libgmp) based static-linked crypto DH minimal implementation plugin.])
+ ARG_DISBL_SET([hmac], [disable HMAC crypto implementation plugin.])
+ ARG_ENABL_SET([md4], [enable MD4 software implementation plugin.])
+ ARG_DISBL_SET([md5], [disable MD5 software implementation plugin.])
+@@ -1310,6 +1311,7 @@ ADD_PLUGIN([gcrypt], [s ch
+ ADD_PLUGIN([af-alg], [s charon scepclient pki scripts medsrv attest nm cmd aikgen])
+ ADD_PLUGIN([fips-prf], [s charon nm cmd])
+ ADD_PLUGIN([gmp], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen])
++ADD_PLUGIN([gmpdh], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen])
+ ADD_PLUGIN([agent], [s charon nm cmd])
+ ADD_PLUGIN([keychain], [s charon cmd])
+ ADD_PLUGIN([chapoly], [s charon scripts nm cmd])
+@@ -1441,6 +1443,7 @@ AM_CONDITIONAL(USE_SHA1, test x$sha1 = x
+ AM_CONDITIONAL(USE_SHA2, test x$sha2 = xtrue)
+ AM_CONDITIONAL(USE_FIPS_PRF, test x$fips_prf = xtrue)
+ AM_CONDITIONAL(USE_GMP, test x$gmp = xtrue)
++AM_CONDITIONAL(USE_GMPDH, test x$gmpdh = xtrue)
+ AM_CONDITIONAL(USE_RDRAND, test x$rdrand = xtrue)
+ AM_CONDITIONAL(USE_AESNI, test x$aesni = xtrue)
+ AM_CONDITIONAL(USE_RANDOM, test x$random = xtrue)
+@@ -1688,6 +1691,7 @@ AC_CONFIG_FILES([
+ src/libstrongswan/plugins/sha2/Makefile
+ src/libstrongswan/plugins/fips_prf/Makefile
+ src/libstrongswan/plugins/gmp/Makefile
++ src/libstrongswan/plugins/gmpdh/Makefile
+ src/libstrongswan/plugins/rdrand/Makefile
+ src/libstrongswan/plugins/aesni/Makefile
+ src/libstrongswan/plugins/random/Makefile
+--- a/src/libstrongswan/Makefile.am
++++ b/src/libstrongswan/Makefile.am
+@@ -295,6 +295,13 @@ if MONOLITHIC
+ endif
+ endif
+
++if USE_GMPDH
++ SUBDIRS += plugins/gmpdh
++if MONOLITHIC
++ libstrongswan_la_LIBADD += plugins/gmpdh/libstrongswan-gmpdh.la
++endif
++endif
++
+ if USE_RDRAND
+ SUBDIRS += plugins/rdrand
+ if MONOLITHIC
+--- /dev/null
++++ b/src/libstrongswan/plugins/gmpdh/Makefile.am
+@@ -0,0 +1,19 @@
++AM_CPPFLAGS = \
++ -I$(top_srcdir)/src/libstrongswan
++
++AM_CFLAGS = \
++ $(PLUGIN_CFLAGS)
++
++if MONOLITHIC
++noinst_LTLIBRARIES = libstrongswan-gmpdh.la
++else
++plugin_LTLIBRARIES = libstrongswan-gmpdh.la
++endif
++
++libstrongswan_gmpdh_la_SOURCES = \
++ gmpdh_plugin.h gmpdh_plugin.c \
++ ../gmp/gmp_diffie_hellman.c ../gmp/gmp_diffie_hellman.h
++
++
++libstrongswan_gmpdh_la_LDFLAGS = -module -avoid-version -Wl,-Bstatic -Wl,-lgmp -Wl,-Bdynamic -Wl,--as-needed
++libstrongswan_gmpdh_la_LIBADD =
+--- /dev/null
++++ b/src/libstrongswan/plugins/gmpdh/gmpdh_plugin.c
+@@ -0,0 +1,101 @@
++/*
++ * Copyright (C) 2008-2009 Martin Willi
++ * Hochschule fuer Technik Rapperswil
++ *
++ * This program is free software; you can redistribute it and/or modify it
++ * under the terms of the GNU General Public License as published by the
++ * Free Software Foundation; either version 2 of the License, or (at your
++ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
++ *
++ * This program is distributed in the hope that it will be useful, but
++ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
++ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
++ * for more details.
++ */
++
++#include "gmpdh_plugin.h"
++
++#include <library.h>
++#include "../gmp/gmp_diffie_hellman.h"
++
++typedef struct private_gmpdh_plugin_t private_gmpdh_plugin_t;
++
++/**
++ * private data of gmp_plugin
++ */
++struct private_gmpdh_plugin_t {
++
++ /**
++ * public functions
++ */
++ gmpdh_plugin_t public;
++};
++
++METHOD(plugin_t, get_name, char*,
++ private_gmpdh_plugin_t *this)
++{
++ return "gmpdh";
++}
++
++METHOD(plugin_t, get_features, int,
++ private_gmpdh_plugin_t *this, plugin_feature_t *features[])
++{
++ static plugin_feature_t f[] = {
++ /* DH groups */
++ PLUGIN_REGISTER(DH, gmp_diffie_hellman_create),
++ PLUGIN_PROVIDE(DH, MODP_2048_BIT),
++ PLUGIN_DEPENDS(RNG, RNG_STRONG),
++ PLUGIN_PROVIDE(DH, MODP_2048_224),
++ PLUGIN_DEPENDS(RNG, RNG_STRONG),
++ PLUGIN_PROVIDE(DH, MODP_2048_256),
++ PLUGIN_DEPENDS(RNG, RNG_STRONG),
++ PLUGIN_PROVIDE(DH, MODP_1536_BIT),
++ PLUGIN_DEPENDS(RNG, RNG_STRONG),
++ PLUGIN_PROVIDE(DH, MODP_3072_BIT),
++ PLUGIN_DEPENDS(RNG, RNG_STRONG),
++ PLUGIN_PROVIDE(DH, MODP_4096_BIT),
++ PLUGIN_DEPENDS(RNG, RNG_STRONG),
++ PLUGIN_PROVIDE(DH, MODP_6144_BIT),
++ PLUGIN_DEPENDS(RNG, RNG_STRONG),
++ PLUGIN_PROVIDE(DH, MODP_8192_BIT),
++ PLUGIN_DEPENDS(RNG, RNG_STRONG),
++ PLUGIN_PROVIDE(DH, MODP_1024_BIT),
++ PLUGIN_DEPENDS(RNG, RNG_STRONG),
++ PLUGIN_PROVIDE(DH, MODP_1024_160),
++ PLUGIN_DEPENDS(RNG, RNG_STRONG),
++ PLUGIN_PROVIDE(DH, MODP_768_BIT),
++ PLUGIN_DEPENDS(RNG, RNG_STRONG),
++ PLUGIN_REGISTER(DH, gmp_diffie_hellman_create_custom),
++ PLUGIN_PROVIDE(DH, MODP_CUSTOM),
++ PLUGIN_DEPENDS(RNG, RNG_STRONG),
++ };
++ *features = f;
++ return countof(f);
++}
++
++METHOD(plugin_t, destroy, void,
++ private_gmpdh_plugin_t *this)
++{
++ free(this);
++}
++
++/*
++ * see header file
++ */
++plugin_t *gmpdh_plugin_create()
++{
++ private_gmpdh_plugin_t *this;
++
++ INIT(this,
++ .public = {
++ .plugin = {
++ .get_name = _get_name,
++ .get_features = _get_features,
++ .destroy = _destroy,
++ },
++ },
++ );
++
++ return &this->public.plugin;
++}
++
+--- /dev/null
++++ b/src/libstrongswan/plugins/gmpdh/gmpdh_plugin.h
+@@ -0,0 +1,42 @@
++/*
++ * Copyright (C) 2008 Martin Willi
++ * Hochschule fuer Technik Rapperswil
++ *
++ * This program is free software; you can redistribute it and/or modify it
++ * under the terms of the GNU General Public License as published by the
++ * Free Software Foundation; either version 2 of the License, or (at your
++ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
++ *
++ * This program is distributed in the hope that it will be useful, but
++ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
++ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
++ * for more details.
++ */
++
++/**
++ * @defgroup gmpdh_p gmpdh
++ * @ingroup plugins
++ *
++ * @defgroup gmpdh_plugin gmpdh_plugin
++ * @{ @ingroup gmpdh_p
++ */
++
++#ifndef GMPDH_PLUGIN_H_
++#define GMPDH_PLUGIN_H_
++
++#include <plugins/plugin.h>
++
++typedef struct gmpdh_plugin_t gmpdh_plugin_t;
++
++/**
++ * Plugin implementing asymmetric crypto algorithms using the GNU MP library.
++ */
++struct gmpdh_plugin_t {
++
++ /**
++ * implements plugin interface
++ */
++ plugin_t plugin;
++};
++
++#endif /** GMPDH_PLUGIN_H_ @}*/
PKG_NAME:=vpnc-scripts
PKG_VERSION:=20150116
-PKG_RELEASE:=2
+PKG_RELEASE:=3
include $(INCLUDE_DIR)/package.mk
[[ "$addr" != "$mask" ]] && proto_add_ipv6_address "$addr" "$mask"
fi
+ DNSMASQ_FILE="/tmp/dnsmasq.d/openconnect.$TUNDEV"
+ LOCAL_DOMAIN=$(uci get dhcp.@dnsmasq[0].domain)
+ rm -f $DNSMASQ_FILE
if [ -n "$CISCO_SPLIT_DNS" ] && [ -d "/tmp/dnsmasq.d/" ];then
SDNS=`echo $CISCO_SPLIT_DNS|sed 's/,/\n/g'`
- DNSMASQ_FILE="/tmp/dnsmasq.d/openconnect.$TUNDEV"
- rm -f $DNSMASQ_FILE
echo "$SDNS" | while read i; do
+ if [ "$i" = "$LOCAL_DOMAIN" ];then
+ continue
+ fi
if [ -n "$INTERNAL_IP4_DNS" ];then
for dns in "$INTERNAL_IP4_DNS";do
echo "server=/$i/$dns" >> $DNSMASQ_FILE
proto_add_dns_server "$dns"
done
fi
- [ -n "$CISCO_DEF_DOMAIN" ] && proto_add_dns_search "$CISCO_DEF_DOMAIN"
+ if [ -n "$CISCO_DEF_DOMAIN" ] && [ "$CISCO_DEF_DOMAIN" != "$LOCAL_DOMAIN" ];then
+ if [ -n "$INTERNAL_IP4_DNS" ];then
+ for dns in "$INTERNAL_IP4_DNS";do
+ echo "server=/$CISCO_DEF_DOMAIN/$dns" >> $DNSMASQ_FILE
+ done
+ fi
+ if [ -n "$INTERNAL_IP6_DNS" ];then
+ for dns in "$INTERNAL_IP6_DNS";do
+ echo "server=/$CISCO_DEF_DOMAIN/$dns" >> $DNSMASQ_FILE
+ done
+ fi
+ proto_add_dns_search "$CISCO_DEF_DOMAIN"
+ fi
fi
if [ -n "$CISCO_SPLIT_INC" ]; then
include $(TOPDIR)/rules.mk
PKG_NAME:=wget
-PKG_VERSION:=1.16.3
-PKG_RELEASE:=1
+PKG_VERSION:=1.17
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@GNU/$(PKG_NAME)
-PKG_MD5SUM:=d2e4455781a70140ae83b54ca594ce21
+PKG_MD5SUM:=b8cff5a2f88f5ce60a2b0e361e030b46
PKG_MAINTAINER:=Maxim Storchak <m.storchak@gmail.com>
PKG_LICENSE:=GPL-3.0+
PKG_LICENSE_FILES:=COPYING
--- /dev/null
+From 1cb3af1e5b392ac2fae6d9ed8b5d7be399d9f37e Mon Sep 17 00:00:00 2001
+From: Ygal Blum <address@hidden>
+Date: Tue, 24 Nov 2015 11:24:54 +0200
+Subject: [PATCH] Fix compilation when without-ssl is selected
+
+---
+ src/ftp.c | 2 ++
+ src/main.c | 12 ++++++++++--
+ src/recur.c | 6 +++++-
+ src/retr.c | 18 +++++++++++++++---
+ src/url.c | 6 +++++-
+ 5 files changed, 37 insertions(+), 7 deletions(-)
+
+diff --git a/src/ftp.c b/src/ftp.c
+index 80420ef..5394b71 100644
+--- a/src/ftp.c
++++ b/src/ftp.c
+@@ -393,7 +393,9 @@ getftp (struct url *u, wgint passed_expected_bytes, wgint *qtyread,
+ if (!(cmd & DO_LOGIN))
+ {
+ csock = con->csock;
++#ifdef HAVE_SSL
+ using_data_security = con->st & DATA_CHANNEL_SECURITY;
++#endif
+ }
+ else /* cmd & DO_LOGIN */
+ {
+diff --git a/src/main.c b/src/main.c
+index 61a157a..4641008 100644
+--- a/src/main.c
++++ b/src/main.c
+@@ -1842,13 +1842,21 @@ only if outputting to a regular file.\n"));
+ else
+ {
+ if ((opt.recursive || opt.page_requisites)
+- && ((url_scheme (*t) != SCHEME_FTP && url_scheme (*t) != SCHEME_FTPS)
++ && ((url_scheme (*t) != SCHEME_FTP
++#ifdef HAVE_SSL
++ && url_scheme (*t) != SCHEME_FTPS
++#endif
++ )
+ || url_uses_proxy (url_parsed)))
+ {
+ int old_follow_ftp = opt.follow_ftp;
+
+ /* Turn opt.follow_ftp on in case of recursive FTP retrieval */
+- if (url_scheme (*t) == SCHEME_FTP || url_scheme (*t) == SCHEME_FTPS)
++ if (url_scheme (*t) == SCHEME_FTP
++#ifdef HAVE_SSL
++ || url_scheme (*t) == SCHEME_FTPS
++#endif
++ )
+ opt.follow_ftp = 1;
+
+ retrieve_tree (url_parsed, NULL);
+diff --git a/src/recur.c b/src/recur.c
+index 25cdbb7..b212ec6 100644
+--- a/src/recur.c
++++ b/src/recur.c
+@@ -610,7 +610,11 @@ download_child (const struct urlpos *upos, struct url *parent, int depth,
+ u_scheme_like_http = schemes_are_similar_p (u->scheme, SCHEME_HTTP);
+
+ /* 1. Schemes other than HTTP are normally not recursed into. */
+- if (!u_scheme_like_http && !((u->scheme == SCHEME_FTP || u->scheme == SCHEME_FTPS) && opt.follow_ftp))
++ if (!u_scheme_like_http && !((u->scheme == SCHEME_FTP
++#ifdef HAVE_SSL
++ || u->scheme == SCHEME_FTPS
++#endif
++ ) && opt.follow_ftp))
+ {
+ DEBUGP (("Not following non-HTTP schemes.\n"));
+ reason = WG_RR_NONHTTP;
+diff --git a/src/retr.c b/src/retr.c
+index 318b09c..a6a9bd7 100644
+--- a/src/retr.c
++++ b/src/retr.c
+@@ -837,7 +837,11 @@ retrieve_url (struct url * orig_parsed, const char *origurl, char **file,
+ FTP. In these cases we must decide whether the text is HTML
+ according to the suffix. The HTML suffixes are `.html',
+ `.htm' and a few others, case-insensitive. */
+- if (redirection_count && local_file && (u->scheme == SCHEME_FTP || u->scheme == SCHEME_FTPS))
++ if (redirection_count && local_file && (u->scheme == SCHEME_FTP
++#ifdef HAVE_SSL
++ || u->scheme == SCHEME_FTPS
++#endif
++ ))
+ {
+ if (has_html_suffix_p (local_file))
+ *dt |= TEXTHTML;
+@@ -1099,12 +1103,20 @@ retrieve_from_file (const char *file, bool html, int *count)
+
+ proxy = getproxy (cur_url->url);
+ if ((opt.recursive || opt.page_requisites)
+- && ((cur_url->url->scheme != SCHEME_FTP && cur_url->url->scheme != SCHEME_FTPS) || proxy))
++ && ((cur_url->url->scheme != SCHEME_FTP
++#ifdef HAVE_SSL
++ && cur_url->url->scheme != SCHEME_FTPS
++#endif
++ ) || proxy))
+ {
+ int old_follow_ftp = opt.follow_ftp;
+
+ /* Turn opt.follow_ftp on in case of recursive FTP retrieval */
+- if (cur_url->url->scheme == SCHEME_FTP || cur_url->url->scheme == SCHEME_FTPS)
++ if (cur_url->url->scheme == SCHEME_FTP
++#ifdef HAVE_SSL
++ || cur_url->url->scheme == SCHEME_FTPS
++#endif
++ )
+ opt.follow_ftp = 1;
+
+ status = retrieve_tree (parsed_url ? parsed_url : cur_url->url,
+diff --git a/src/url.c b/src/url.c
+index 56079cd..c62867f 100644
+--- a/src/url.c
++++ b/src/url.c
+@@ -1787,7 +1787,11 @@ path_simplify (enum url_scheme scheme, char *path)
+ for (--t; t > beg && t[-1] != '/'; t--)
+ ;
+ }
+- else if (scheme == SCHEME_FTP || scheme == SCHEME_FTPS)
++ else if (scheme == SCHEME_FTP
++#ifdef HAVE_SSL
++ || scheme == SCHEME_FTPS
++#endif
++ )
+ {
+ /* If we're at the beginning, copy the "../" literally
+ and move the beginning so a later ".." doesn't remove
+--
+1.9.1
+
--- /dev/null
+From 2cfcadf5e6d5c444765aa460915ae27109a8dbce Mon Sep 17 00:00:00 2001
+From: Darshit Shah <darnir@gmail.com>
+Date: Mon, 16 Nov 2015 23:16:25 +0000
+Subject: Fix compile error when IPv6 is disabled
+
+* src/ftp-basic.c: The code for the new FTPS functionality was unintentionally
+inside a #ifdef IPV6 block. Move the code around so that it is defined even when
+IPV6 isn't used
+---
+diff --git a/src/ftp-basic.c b/src/ftp-basic.c
+index bcb7847..378374c 100644
+--- a/src/ftp-basic.c
++++ b/src/ftp-basic.c
+@@ -429,6 +429,65 @@ ip_address_to_eprt_repr (const ip_address *addr, int port, char *buf,
+ buf[buflen - 1] = '\0';
+ }
+
++/* Bind a port and send the appropriate PORT command to the FTP
++ server. Use acceptport after RETR, to get the socket of data
++ connection. */
++uerr_t
++ftp_eprt (int csock, int *local_sock)
++{
++ uerr_t err;
++ char *request, *respline;
++ ip_address addr;
++ int nwritten;
++ int port;
++ /* Must contain the argument of EPRT (of the form |af|addr|port|).
++ * 4 chars for the | separators, INET6_ADDRSTRLEN chars for addr
++ * 1 char for af (1-2) and 5 chars for port (0-65535) */
++ char bytes[4 + INET6_ADDRSTRLEN + 1 + 5 + 1];
++
++ /* Get the address of this side of the connection. */
++ if (!socket_ip_address (csock, &addr, ENDPOINT_LOCAL))
++ return FTPSYSERR;
++
++ /* Setting port to 0 lets the system choose a free port. */
++ port = 0;
++
++ /* Bind the port. */
++ *local_sock = bind_local (&addr, &port);
++ if (*local_sock < 0)
++ return FTPSYSERR;
++
++ /* Construct the argument of EPRT (of the form |af|addr|port|). */
++ ip_address_to_eprt_repr (&addr, port, bytes, sizeof (bytes));
++
++ /* Send PORT request. */
++ request = ftp_request ("EPRT", bytes);
++ nwritten = fd_write (csock, request, strlen (request), -1);
++ if (nwritten < 0)
++ {
++ xfree (request);
++ fd_close (*local_sock);
++ return WRITEFAILED;
++ }
++ xfree (request);
++ /* Get appropriate response. */
++ err = ftp_response (csock, &respline);
++ if (err != FTPOK)
++ {
++ fd_close (*local_sock);
++ return err;
++ }
++ if (*respline != '2')
++ {
++ xfree (respline);
++ fd_close (*local_sock);
++ return FTPPORTERR;
++ }
++ xfree (respline);
++ return FTPOK;
++}
++#endif
++
+ #ifdef HAVE_SSL
+ /*
+ * The following three functions defined into this #ifdef block
+@@ -542,65 +601,6 @@ bail:
+ }
+ #endif /* HAVE_SSL */
+
+-/* Bind a port and send the appropriate PORT command to the FTP
+- server. Use acceptport after RETR, to get the socket of data
+- connection. */
+-uerr_t
+-ftp_eprt (int csock, int *local_sock)
+-{
+- uerr_t err;
+- char *request, *respline;
+- ip_address addr;
+- int nwritten;
+- int port;
+- /* Must contain the argument of EPRT (of the form |af|addr|port|).
+- * 4 chars for the | separators, INET6_ADDRSTRLEN chars for addr
+- * 1 char for af (1-2) and 5 chars for port (0-65535) */
+- char bytes[4 + INET6_ADDRSTRLEN + 1 + 5 + 1];
+-
+- /* Get the address of this side of the connection. */
+- if (!socket_ip_address (csock, &addr, ENDPOINT_LOCAL))
+- return FTPSYSERR;
+-
+- /* Setting port to 0 lets the system choose a free port. */
+- port = 0;
+-
+- /* Bind the port. */
+- *local_sock = bind_local (&addr, &port);
+- if (*local_sock < 0)
+- return FTPSYSERR;
+-
+- /* Construct the argument of EPRT (of the form |af|addr|port|). */
+- ip_address_to_eprt_repr (&addr, port, bytes, sizeof (bytes));
+-
+- /* Send PORT request. */
+- request = ftp_request ("EPRT", bytes);
+- nwritten = fd_write (csock, request, strlen (request), -1);
+- if (nwritten < 0)
+- {
+- xfree (request);
+- fd_close (*local_sock);
+- return WRITEFAILED;
+- }
+- xfree (request);
+- /* Get appropriate response. */
+- err = ftp_response (csock, &respline);
+- if (err != FTPOK)
+- {
+- fd_close (*local_sock);
+- return err;
+- }
+- if (*respline != '2')
+- {
+- xfree (respline);
+- fd_close (*local_sock);
+- return FTPPORTERR;
+- }
+- xfree (respline);
+- return FTPOK;
+-}
+-#endif
+-
+ /* Similar to ftp_port, but uses `PASV' to initiate the passive FTP
+ transfer. Reads the response from server and parses it. Reads the
+ host and port addresses and returns them. */
+--
+cgit v0.9.0.2
include $(TOPDIR)/rules.mk
PKG_NAME:=xl2tpd
-PKG_VERSION:=devel-20150930
+PKG_VERSION:=devel-20151125
PKG_RELEASE:=1
PKG_MAINTAINER:=Yousong Zhou <yszhou4tech@gmail.com>
PKG_LICENSE:=GPL-2.0
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/xelerance/xl2tpd.git
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=5faece38704ae32063abe1d25e199c03e6f44669
+PKG_SOURCE_VERSION:=e2065bf0fc22ba33001ad503c01bba01648024a8
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_INSTALL:=1
proto_l2tp_setup() {
local interface="$1"
local optfile="/tmp/l2tp/options.${interface}"
+ local ip serv_addr server host
- local ip serv_addr server
- json_get_var server server && {
- for ip in $(resolveip -t 5 "$server"); do
- ( proto_add_host_dependency "$interface" "$ip" )
- serv_addr=1
- done
- }
+ json_get_var server server
+ host="${server%:*}"
+ for ip in $(resolveip -t 5 "$host"); do
+ ( proto_add_host_dependency "$interface" "$ip" )
+ serv_addr=1
+ done
[ -n "$serv_addr" ] || {
echo "Could not resolve server address" >&2
sleep 5
IPFLAGS?= -DIP_ALLOCATION
--CFLAGS+= $(DFLAGS) -O2 -fno-builtin -Wall -DSANITY $(OSFLAGS) $(IPFLAGS)
-+OFLAGS=-O2
+-CFLAGS+= $(DFLAGS) -Os -fno-builtin -Wall -DSANITY $(OSFLAGS) $(IPFLAGS)
++OFLAGS=-Os
+CFLAGS+= $(DFLAGS) $(OFLAGS) -fno-builtin -Wall -DSANITY $(OSFLAGS) $(IPFLAGS)
HDRS=l2tp.h avp.h misc.h control.h call.h scheduler.h file.h aaa.h md5.h
OBJS=xl2tpd.o pty.o misc.o control.o avp.o call.o network.o avpsend.o scheduler.o file.o aaa.o md5.o
define Package/znc
$(Package/znc/default)
- DEPENDS:=+libopenssl +libpthread +libstdcpp @GCC_VERSION_4_8||GCC_VERSION_4_9
+ DEPENDS:=+libopenssl +libpthread +libstdcpp
MENU:=1
endef
include $(TOPDIR)/rules.mk
PKG_NAME:=mpd
-PKG_VERSION:=0.19.10
-PKG_RELEASE:=2
+PKG_VERSION:=0.19.11
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://www.musicpd.org/download/mpd/0.19/
-PKG_MD5SUM:=da4bc3e47afd0faf9e7a67168e012102
+PKG_MD5SUM:=78935f6c464b67e19b4dc65bdb80319e
PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
PKG_LICENSE:=GPL-2.0
--- /dev/null
+Add a patch from the Alpine Linux project to fix a musl build issue with gcc 5:
+
+Problem has been reported upstream and closed with WONTFIX:
+http://bugs.musicpd.org/view.php?id=4387
+http://bugs.musicpd.org/view.php?id=4110
+
+however...
+
+POSIX does not permit using PTHREAD_COND_INITIALIZER except for static
+initialization, and certainly does not permit using it as a value
+
+POSIX does not specify the type of the object (it's opaque) so if
+there are any types for which their code would be invalid C++, then their
+code is invalid
+
+Volatile in the type is necessary. without that, LTO can break the code.
+
+--- a/src/notify.hxx
++++ b/src/notify.hxx
+@@ -28,7 +28,7 @@ struct notify {
+ Cond cond;
+ bool pending;
+
+-#if !defined(WIN32) && !defined(__NetBSD__) && !defined(__BIONIC__)
++#if defined(__GLIBC__)
+ constexpr
+ #endif
+ notify():pending(false) {}
+--- a/src/thread/PosixCond.hxx
++++ b/src/thread/PosixCond.hxx
+@@ -41,7 +41,7 @@ class PosixCond {
+ pthread_cond_t cond;
+
+ public:
+-#if defined(__NetBSD__) || defined(__BIONIC__)
++#if !defined(__GLIBC__)
+ /* NetBSD's PTHREAD_COND_INITIALIZER is not compatible with
+ "constexpr" */
+ PosixCond() {
+--- a/src/thread/PosixMutex.hxx
++++ b/src/thread/PosixMutex.hxx
+@@ -41,7 +41,7 @@ class PosixMutex {
+ pthread_mutex_t mutex;
+
+ public:
+-#if defined(__NetBSD__) || defined(__BIONIC__)
++#if !defined(__GLIBC__)
+ /* NetBSD's PTHREAD_MUTEX_INITIALIZER is not compatible with
+ "constexpr" */
+ PosixMutex() {
--- a/src/decoder/plugins/FfmpegDecoderPlugin.cxx
+++ b/src/decoder/plugins/FfmpegDecoderPlugin.cxx
-@@ -765,6 +765,7 @@ static const char *const ffmpeg_mime_typ
+@@ -774,6 +774,7 @@ static const char *const ffmpeg_mime_typ
"audio/qcelp",
"audio/vorbis",
"audio/vorbis+ogg",
--- a/src/decoder/plugins/FfmpegDecoderPlugin.cxx
+++ b/src/decoder/plugins/FfmpegDecoderPlugin.cxx
-@@ -458,6 +458,13 @@ ffmpeg_probe(Decoder *decoder, InputStre
+@@ -467,6 +467,13 @@ ffmpeg_probe(Decoder *decoder, InputStre
unsigned char buffer[BUFFER_SIZE];
size_t nbytes = decoder_read(decoder, is, buffer, BUFFER_SIZE);
include $(TOPDIR)/rules.mk
PKG_NAME:=pulseaudio
-PKG_VERSION:=7.0
+PKG_VERSION:=7.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://freedesktop.org/software/pulseaudio/releases/
-PKG_MD5SUM:=09668b660ffb32f2639cfd6fdc9d3b37
+PKG_MD5SUM:=9d0a9817b632cac8e3f3834d7eb1c99d
PKG_LICENSE:=LGPL-2.1+
PKG_LICENSE_FILES:=GPL LICENSE
#!/bin/sh /etc/rc.common
# Copyright (C) 2011 OpenWrt.org
-START=65
+START=99
STOP=65
USE_PROCD=1
PKG_NAME:=at
PKG_VERSION:=3.1.16
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)_$(PKG_VERSION).orig.tar.gz
PKG_SOURCE_URL:=http://ftp.debian.org/debian/pool/main/a/at
#!/bin/sh /etc/rc.common
-# Copyright (C) 2011 OpenWrt.org
+# Copyright (C) 2015 OpenWrt.org
START=50
-SERVICE_USE_PID=1
+USE_PROCD=1
-start() {
+start_service() {
[ -d /var/spool/cron/atjobs ] || {
mkdir -m 0755 -p /var/spool/cron/atjobs
touch /var/spool/cron/atjobs/.SEQ
mkdir -m 0755 -p /var/spool/cron/atspool
chown -R nobody:nogroup /var/spool/cron/atspool
}
- service_start /usr/sbin/atd
-}
+ procd_open_instance
+
+ procd_set_param command /usr/sbin/atd -f
+ procd_set_param respawn ${respawn_threshold:-3600} ${respawn_timeout:-5} ${respawn_retry:-5}
+ procd_set_param stdout 1 # forward stdout of the command to logd
+ procd_set_param stderr 1 # same for stderr
-stop() {
- service_stop /usr/sbin/atd
+ procd_close_instance
}
ac_cv_file__usr_local_pgsql_include=no
endif
-EXTRA_CFLAGS+= $(TARGET_CPPFLAGS)
+EXTRA_CFLAGS+= $(TARGET_CPPFLAGS) -std=gnu89
EXTRA_LDFLAGS+= $(TARGET_LDFLAGS) -Wl,-rpath-link,$(STAGING_DIR)/usr/lib
define Package/bandwidthd/install
#!/bin/sh /etc/rc.common
-# Copyright (C) 2008-2011 OpenWrt.org
+# Copyright (C) 2008-2015 OpenWrt.org
START=99
PKG_NAME:=btrfs-progs
PKG_VERSION:=3.19.1
-PKG_RELEASE:=3
+PKG_RELEASE:=4
PKG_SOURCE:=$(PKG_NAME)-v$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@KERNEL/linux/kernel/people/kdave/btrfs-progs/
+++ /dev/null
-Index: btrfs-progs-v3.19.1/mkfs.c
-===================================================================
---- btrfs-progs-v3.19.1.orig/mkfs.c
-+++ btrfs-progs-v3.19.1/mkfs.c
-@@ -31,7 +31,7 @@
- #include <getopt.h>
- #include <uuid/uuid.h>
- #include <ctype.h>
--#include <sys/xattr.h>
-+#include <attr/xattr.h>
- #include <limits.h>
- #include <linux/limits.h>
- #include <blkid/blkid.h>
-Index: btrfs-progs-v3.19.1/props.c
-===================================================================
---- btrfs-progs-v3.19.1.orig/props.c
-+++ btrfs-progs-v3.19.1/props.c
-@@ -17,7 +17,7 @@
- #include <sys/stat.h>
- #include <sys/ioctl.h>
- #include <sys/types.h>
--#include <sys/xattr.h>
-+#include <attr/xattr.h>
- #include <fcntl.h>
- #include <unistd.h>
-
-Index: btrfs-progs-v3.19.1/cmds-receive.c
-===================================================================
---- btrfs-progs-v3.19.1.orig/cmds-receive.c
-+++ btrfs-progs-v3.19.1/cmds-receive.c
-@@ -34,7 +34,7 @@
- #include <sys/ioctl.h>
- #include <sys/time.h>
- #include <sys/types.h>
--#include <sys/xattr.h>
-+#include <attr/xattr.h>
- #include <uuid/uuid.h>
-
- #include "ctree.h"
-Index: btrfs-progs-v3.19.1/cmds-restore.c
-===================================================================
---- btrfs-progs-v3.19.1.orig/cmds-restore.c
-+++ btrfs-progs-v3.19.1/cmds-restore.c
-@@ -32,7 +32,7 @@
- #include <regex.h>
- #include <getopt.h>
- #include <sys/types.h>
--#include <sys/xattr.h>
-+#include <attr/xattr.h>
-
- #include "ctree.h"
- #include "disk-io.h"
-Index: btrfs-progs-v3.19.1/Makefile.in
-===================================================================
---- btrfs-progs-v3.19.1.orig/Makefile.in
-+++ btrfs-progs-v3.19.1/Makefile.in
-@@ -21,7 +21,7 @@ CFLAGS = @CFLAGS@ \
- LDFLAGS = @LDFLAGS@ \
- -rdynamic
-
--LIBS = @UUID_LIBS@ @BLKID_LIBS@ @ZLIB_LIBS@ @LZO2_LIBS@ -L. -pthread
-+LIBS = @ATTR_LIBS@ @UUID_LIBS@ @BLKID_LIBS@ @ZLIB_LIBS@ @LZO2_LIBS@ -L. -pthread
- LIBBTRFS_LIBS = $(LIBS)
-
- # Static compilation flags
-Index: btrfs-progs-v3.19.1/configure.ac
-===================================================================
---- btrfs-progs-v3.19.1.orig/configure.ac
-+++ btrfs-progs-v3.19.1/configure.ac
-@@ -115,6 +115,9 @@ dnl
- dnl The default PKG_CHECK_MODULES() action-if-not-found is end the
- dnl execution with error. The static libs are optional.
-
-+PKG_CHECK_MODULES(ATTR, [libattr])
-+PKG_STATIC(BLKID_LIBS_STATIC, [libattr])
-+
- PKG_CHECK_MODULES(BLKID, [blkid])
- PKG_STATIC(BLKID_LIBS_STATIC, [blkid])
-
notify_desktop \
notify_email \
numa \
- nut \
openldap \
openvz \
oracle \
network \
nginx \
ntpd \
+ nut \
olsrd \
onewire \
openvpn \
$(eval $(call BuildPlugin,network,network input/output,network))
$(eval $(call BuildPlugin,nginx,nginx status input,nginx,+PACKAGE_collectd-mod-nginx:libcurl))
$(eval $(call BuildPlugin,ntpd,NTP daemon status input,ntpd,))
-#$(eval $(call BuildPlugin,nut,UPS monitoring input,nut,+PACKAGE_collectd-mod-nut:nut))
+$(eval $(call BuildPlugin,nut,UPS monitoring input,nut,+PACKAGE_collectd-mod-nut:nut))
$(eval $(call BuildPlugin,olsrd,OLSRd status input,olsrd,))
$(eval $(call BuildPlugin,onewire,onewire sensor input,onewire,+PACKAGE_collectd-mod-onewire:libow-capi @BROKEN))
$(eval $(call BuildPlugin,openvpn,OpenVPN traffic/compression input,openvpn,))
include $(TOPDIR)/rules.mk
PKG_NAME:=cryptsetup
-PKG_VERSION:=1.6.7
+PKG_VERSION:=1.7.0
PKG_RELEASE:=1
PKG_LICENSE:=GPL-2.0+ LGPL-2.1+
PKG_LICENSE_FILES:=COPYING COPYING.LGPL
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=@KERNEL/linux/utils/cryptsetup/v1.6
-PKG_MD5SUM:=918406eb5d2e2f5a7348c432ea9b1473
+PKG_SOURCE_URL:=@KERNEL/linux/utils/cryptsetup/v1.7
+PKG_MD5SUM:=56c385fe87fc2b6873df4b7f89202d0f
PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
# Make sure to also update the dbus-x package
PKG_NAME:=dbus
-PKG_VERSION:=1.10.0
+PKG_VERSION:=1.10.4
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://dbus.freedesktop.org/releases/dbus/
-PKG_MD5SUM:=5af6297348107a906c8449817a728b3b
+PKG_MD5SUM:=27b8e99ffad603b8acfa25201c6e3d5c
PKG_MAINTAINER:=Steven Barth <cyrus@openwrt.org>
PKG_LICENSE:=AFL-2.1
include $(TOPDIR)/rules.mk
PKG_NAME:=dosfstools
-PKG_VERSION:=3.0.27
+PKG_VERSION:=3.0.28
PKG_RELEASE:=1
PKG_LICENSE:=GPL-3.0+
PKG_MAINTAINER:=David Bonnes <david.bonnes@gmail.com>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=http://daniel-baumann.ch/files/software/dosfstools \
+PKG_SOURCE_URL:=https://github.com/dosfstools/dosfstools/releases/download/v$(PKG_VERSION)/ \
http://fossies.org/linux/misc
-PKG_MD5SUM:=2e31e7bdf92998e41ed17de505a4a552
+PKG_MD5SUM:=64e3b3a59b51d2a97d7ac38b23a124bb
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/nls.mk
define Package/dosfstools/Default
SECTION:=utils
CATEGORY:=Utilities
- URL:=http://www.daniel-baumann.ch/software/dosfstools/
+ URL:=https://github.com/dosfstools
SUBMENU:=Filesystem
DEPENDS:=$(ICONV_DEPENDS)
endef
--- /dev/null
+Index: dosfstools-3.0.28/src/mkfs.fat.c
+===================================================================
+--- dosfstools-3.0.28.orig/src/mkfs.fat.c
++++ dosfstools-3.0.28/src/mkfs.fat.c
+@@ -1412,7 +1412,7 @@ int main(int argc, char **argv)
+
+ gettimeofday(&create_timeval, NULL);
+ create_time = create_timeval.tv_sec;
+- volume_id = (u_int32_t) ((create_timeval.tv_sec << 20) | create_timeval.tv_usec); /* Default volume ID = creation time, fudged for more uniqueness */
++ volume_id = (uint32_t) ((create_timeval.tv_sec << 20) | create_timeval.tv_usec); /* Default volume ID = creation time, fudged for more uniqueness */
+ check_atari();
+
+ printf("mkfs.fat " VERSION " (" VERSION_DATE ")\n");
include $(TOPDIR)/rules.mk
PKG_NAME:=dump1090
-PKG_VERSION:=2015-10-08
+PKG_VERSION:=2015-11-22
PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=git://github.com/mutability/dump1090.git
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=c55c71b57cf34e90d95afd52449a05a4b6dbda03
+PKG_SOURCE_VERSION:=497f88fe1c597652aca23c1035ddb55a9f6c274d
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
PKG_MAINTAINER:=Álvaro Fernández Rojas <noltari@gmail.com>
option no_fix '0'
option no_crc_check '0'
option phase_enhance '0'
- option agressive '0'
+ option aggressive '0'
option mlat '0'
option stats '0'
option stats_range '0'
append_bool "$cfg" no_fix "--no-fix"
append_bool "$cfg" no_crc_check "--no-crc-check"
append_bool "$cfg" phase_enhance "--phase-enhance"
- append_bool "$cfg" agressive "--agressive"
+ append_bool "$cfg" aggressive "--aggressive"
append_bool "$cfg" mlat "--mlat"
append_bool "$cfg" stats "--stats"
append_bool "$cfg" stats_range "--stats-range"
include $(TOPDIR)/rules.mk
PKG_NAME:=gammu
-PKG_VERSION:=1.36.6
+PKG_VERSION:=1.36.7
PKG_RELEASE:=1
PKG_SOURCE_URL:=http://dl.cihar.com/gammu/releases/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_MD5SUM:=9047f0598602144a99153f5e61104529
+PKG_MD5SUM:=3687d789fd0697a1ea4f4ef57024e865
PKG_MAINTAINER:=Vitaly Protsko <villy@sft.ru>
PKG_LICENCE:=GPL-2.0
libgpsmm=no \
libQgpsmm=no \
bluez=no \
- strip=no \
+ nostrip=yes \
python=no \
implicit_link=no \
chrpath=no
}
:windows Bindings common to all windows
-type ^@ TO ÿ
abort ^C
abort ^K Q
abort ^K ^Q
:query Single-key query window
:inherit windows
-:querya Single-key query window for quoting
-type ^@ TO ÿ
-
-:querysr Search & replace query window
-type ^@ TO ÿ
-
:shell Input to shell windows
:inherit main
"\ 3" ^C Abort
include $(TOPDIR)/rules.mk
PKG_NAME:=LVM2
-PKG_VERSION:=2.02.132
+PKG_VERSION:=2.02.136
PKG_RELEASE:=1
PKG_LICENSE:=GPL-2.0 LGPL-2.1
PKG_SOURCE:=$(PKG_NAME).$(PKG_VERSION).tgz
PKG_SOURCE_URL:=ftp://sources.redhat.com/pub/lvm2
-PKG_MD5SUM:=80af5af726949bbbb2aceb15b24b7d20
+PKG_MD5SUM:=f1ac794d1cf44e863a7fa614f4c28410
PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME).$(PKG_VERSION)
config MC_SUBSHELL
bool "Enable concurrent subshell"
- default n
+ default y
help
This option enables concurrent subshell support.
- Disabled by default.
+ Enabled by default.
config MC_LARGEFILE
bool "Enable largefile support"
PKG_NAME:=mc
PKG_VERSION:=4.8.15
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_MAINTAINER:=Dirk Brenken <dirk@brenken.org>
PKG_LICENSE:=GPL-3.0+
--- /dev/null
+--- a/lib/global.c
++++ b/lib/global.c
+@@ -97,6 +97,7 @@ mc_global_t mc_global = {
+ #endif /* !ENABLE_SUBSHELL */
+
+ .shell = NULL,
++ .shell_realpath = NULL,
+
+ .xterm_flag = FALSE,
+ .disable_x11 = FALSE,
+--- a/lib/global.h
++++ b/lib/global.h
+@@ -255,6 +255,7 @@ typedef struct
+
+ /* The user's shell */
+ char *shell;
++ char *shell_realpath;
+
+ /* This flag is set by xterm detection routine in function main() */
+ /* It is used by function view_other_cmd() */
+--- a/lib/mcconfig/paths.c
++++ b/lib/mcconfig/paths.c
+@@ -84,6 +84,7 @@ static const struct
+ /* data */
+ { "skins", &mc_data_str, MC_SKINS_SUBDIR},
+ { "fish", &mc_data_str, FISH_PREFIX},
++ { "ashrc", &mc_data_str, "ashrc"},
+ { "bashrc", &mc_data_str, "bashrc"},
+ { "inputrc", &mc_data_str, "inputrc"},
+ { "extfs.d", &mc_data_str, MC_EXTFS_DIR},
+--- a/src/main.c
++++ b/src/main.c
+@@ -87,6 +87,9 @@
+ /*** file scope variables ************************************************************************/
+
+ /*** file scope functions ************************************************************************/
++
++static char rp_shell[PATH_MAX];
++
+ /* --------------------------------------------------------------------------------------------- */
+
+ static void
+@@ -118,6 +121,44 @@ check_codeset (void)
+ }
+
+ /* --------------------------------------------------------------------------------------------- */
++/**
++ * Get a system shell.
++ *
++ * @return newly allocated string with shell name
++ */
++
++static char *
++mc_get_system_shell (void)
++{
++ char *sh_str;
++ /* 3rd choice: look for existing shells supported as MC subshells. */
++ if (access ("/bin/bash", X_OK) == 0)
++ sh_str = g_strdup ("/bin/bash");
++ else if (access ("/bin/ash", X_OK) == 0)
++ sh_str = g_strdup ("/bin/ash");
++ else if (access ("/bin/dash", X_OK) == 0)
++ sh_str = g_strdup ("/bin/dash");
++ else if (access ("/bin/busybox", X_OK) == 0)
++ sh_str = g_strdup ("/bin/busybox");
++ else if (access ("/bin/zsh", X_OK) == 0)
++ sh_str = g_strdup ("/bin/zsh");
++ else if (access ("/bin/tcsh", X_OK) == 0)
++ sh_str = g_strdup ("/bin/tcsh");
++ /* No fish as fallback because it is so much different from other shells and
++ * in a way exotic (even though user-friendly by name) that we should not
++ * present it as a subshell without the user's explicit intention. We rather
++ * will not use a subshell but just a command line.
++ * else if (access("/bin/fish", X_OK) == 0)
++ * mc_global.tty.shell = g_strdup ("/bin/fish");
++ */
++ else
++ /* Fallback and last resort: system default shell */
++ sh_str = g_strdup ("/bin/sh");
++
++ return sh_str;
++}
++
++/* --------------------------------------------------------------------------------------------- */
+
+ /** POSIX version. The only version we support. */
+ static void
+@@ -126,9 +167,11 @@ OS_Setup (void)
+ const char *shell_env;
+ const char *datadir_env;
+
++
+ shell_env = getenv ("SHELL");
+ if ((shell_env == NULL) || (shell_env[0] == '\0'))
+ {
++ /* 2nd choice: user login shell */
+ struct passwd *pwd;
+
+ pwd = getpwuid (geteuid ());
+@@ -136,13 +179,15 @@ OS_Setup (void)
+ mc_global.tty.shell = g_strdup (pwd->pw_shell);
+ }
+ else
++ /* 1st choice: SHELL environment variable */
+ mc_global.tty.shell = g_strdup (shell_env);
+
+ if ((mc_global.tty.shell == NULL) || (mc_global.tty.shell[0] == '\0'))
+ {
+ g_free (mc_global.tty.shell);
+- mc_global.tty.shell = g_strdup ("/bin/sh");
++ mc_global.tty.shell = mc_get_system_shell ();
+ }
++ mc_global.tty.shell_realpath = mc_realpath (mc_global.tty.shell, rp_shell);
+
+ /* This is the directory, where MC was installed, on Unix this is DATADIR */
+ /* and can be overriden by the MC_DATADIR environment variable */
+--- a/src/subshell.c
++++ b/src/subshell.c
+@@ -114,6 +114,8 @@ enum
+ static enum
+ {
+ BASH,
++ ASH_BUSYBOX, /* BusyBox default shell (ash) */
++ DASH, /* Debian variant of ash */
+ TCSH,
+ ZSH,
+ FISH
+@@ -209,6 +211,7 @@ static void
+ init_subshell_child (const char *pty_name)
+ {
+ char *init_file = NULL;
++ char *putenv_str = NULL;
+ pid_t mc_sid;
+
+ (void) pty_name;
+@@ -257,32 +260,53 @@ init_subshell_child (const char *pty_nam
+ switch (subshell_type)
+ {
+ case BASH:
++ /* Do we have a custom init file ~/.local/share/mc/bashrc? */
+ init_file = mc_config_get_full_path ("bashrc");
+
++ /* Otherwise use ~/.bashrc */
+ if (access (init_file, R_OK) == -1)
+ {
+ g_free (init_file);
+ init_file = g_strdup (".bashrc");
+ }
+
+- /* Make MC's special commands not show up in bash's history */
+- putenv ((char *) "HISTCONTROL=ignorespace");
++ /* Make MC's special commands not show up in bash's history and also suppress
++ * consecutive identical commands*/
++ putenv ((char *) "HISTCONTROL=ignoreboth");
+
+ /* Allow alternative readline settings for MC */
+ {
+ char *input_file = mc_config_get_full_path ("inputrc");
+ if (access (input_file, R_OK) == 0)
+ {
+- char *putenv_str = g_strconcat ("INPUTRC=", input_file, NULL);
++ putenv_str = g_strconcat ("INPUTRC=", input_file, NULL);
+ putenv (putenv_str);
+- g_free (putenv_str);
+ }
+ g_free (input_file);
+ }
+
+ break;
+
+- /* TODO: Find a way to pass initfile to TCSH and ZSH */
++ case ASH_BUSYBOX:
++ case DASH:
++ /* Do we have a custom init file ~/.local/share/mc/ashrc? */
++ init_file = mc_config_get_full_path ("ashrc");
++
++ /* Otherwise use ~/.profile */
++ if (access (init_file, R_OK) == -1)
++ {
++ g_free (init_file);
++ init_file = g_strdup (".profile");
++ }
++
++ /* Put init file to ENV variable used by ash */
++ putenv_str = g_strconcat ("ENV=", init_file, NULL);
++ putenv (putenv_str);
++ /* Do not use "g_free (putenv_str)" here, otherwise ENV will be undefined! */
++
++ break;
++
++ /* TODO: Find a way to pass initfile to TCSH, ZSH and FISH */
+ case TCSH:
+ case ZSH:
+ case FISH:
+@@ -320,10 +344,6 @@ init_subshell_child (const char *pty_nam
+ execl (mc_global.tty.shell, "bash", "-rcfile", init_file, (char *) NULL);
+ break;
+
+- case TCSH:
+- execl (mc_global.tty.shell, "tcsh", (char *) NULL);
+- break;
+-
+ case ZSH:
+ /* Use -g to exclude cmds beginning with space from history
+ * and -Z to use the line editor on non-interactive term */
+@@ -331,8 +351,11 @@ init_subshell_child (const char *pty_nam
+
+ break;
+
++ case ASH_BUSYBOX:
++ case DASH:
++ case TCSH:
+ case FISH:
+- execl (mc_global.tty.shell, "fish", (char *) NULL);
++ execl (mc_global.tty.shell, mc_global.tty.shell, (char *) NULL);
+ break;
+
+ default:
+@@ -341,6 +364,7 @@ init_subshell_child (const char *pty_nam
+
+ /* If we get this far, everything failed miserably */
+ g_free (init_file);
++ g_free (putenv_str);
+ my_exit (FORK_FAILURE);
+ }
+
+@@ -742,6 +766,171 @@ pty_open_slave (const char *pty_name)
+ }
+ #endif /* !HAVE_GRANTPT */
+
++
++/* --------------------------------------------------------------------------------------------- */
++/**
++ * Get a subshell type and store in subshell_type variable
++ *
++ * @return TRUE if subtype was gotten, FALSE otherwise
++ */
++
++static gboolean
++init_subshell_type (void)
++{
++ gboolean result = TRUE;
++
++ /* Find out what type of shell we have. Also consider real paths (resolved symlinks)
++ * because e.g. csh might point to tcsh, ash to dash or busybox, sh to anything. */
++
++ if (strstr (mc_global.tty.shell, "/zsh") || strstr (mc_global.tty.shell_realpath, "/zsh")
++ || getenv ("ZSH_VERSION"))
++ /* Also detects ksh symlinked to zsh */
++ subshell_type = ZSH;
++ else if (strstr (mc_global.tty.shell, "/tcsh")
++ || strstr (mc_global.tty.shell_realpath, "/tcsh"))
++ /* Also detects csh symlinked to tcsh */
++ subshell_type = TCSH;
++ else if (strstr (mc_global.tty.shell, "/fish")
++ || strstr (mc_global.tty.shell_realpath, "/fish"))
++ subshell_type = FISH;
++ else if (strstr (mc_global.tty.shell, "/dash")
++ || strstr (mc_global.tty.shell_realpath, "/dash"))
++ /* Debian ash (also found if symlinked to by ash/sh) */
++ subshell_type = DASH;
++ else if (strstr (mc_global.tty.shell_realpath, "/busybox"))
++ {
++ /* If shell is symlinked to busybox, assume it is an ash, even though theoretically
++ * it could also be a hush (a mini shell for non-MMU systems deactivated by default).
++ * For simplicity's sake we assume that busybox always contains an ash, not a hush.
++ * On embedded platforms or on server systems, /bin/sh often points to busybox.
++ * Sometimes even bash is symlinked to busybox (CONFIG_FEATURE_BASH_IS_ASH option),
++ * so we need to check busybox symlinks *before* checking for the name "bash"
++ * in order to avoid that case. */
++ subshell_type = ASH_BUSYBOX;
++ }
++ else if (strstr (mc_global.tty.shell, "/bash") || getenv ("BASH"))
++ /* If bash is not symlinked to busybox, it is safe to assume it is a real bash */
++ subshell_type = BASH;
++ else
++ {
++ mc_global.tty.use_subshell = FALSE;
++ result = FALSE;
++ }
++ return result;
++}
++
++/* --------------------------------------------------------------------------------------------- */
++/**
++ * Set up `precmd' or equivalent for reading the subshell's CWD.
++ *
++ * Attention! Never forget that these are *one-liners* even though the concatenated
++ * substrings contain line breaks and indentation for better understanding of the
++ * shell code. It is vital that each one-liner ends with a line feed character ("\n" ).
++ *
++ * @return initialized pre-command string
++ */
++
++static void
++init_subshell_precmd (char *precmd, size_t buff_size)
++{
++
++ switch (subshell_type)
++ {
++ case BASH:
++ g_snprintf (precmd, buff_size,
++ " PROMPT_COMMAND='pwd>&%d; kill -STOP $$';\n", subshell_pipe[WRITE]);
++ break;
++
++ case ASH_BUSYBOX:
++ /* BusyBox ash needs a somewhat complicated precmd emulation via PS1, and it is vital
++ * that BB be built with active CONFIG_ASH_EXPAND_PRMT, but this is the default anyway.
++ *
++ * A: This leads to a stopped subshell (=frozen mc) if user calls "ash" command
++ * "PS1='$(pwd>&%d; kill -STOP $$)\\u@\\h:\\w\\$ '\n",
++ *
++ * B: This leads to "sh: precmd: not found" in sub-subshell if user calls "ash" command
++ * "precmd() { pwd>&%d; kill -STOP $$; }; "
++ * "PS1='$(precmd)\\u@\\h:\\w\\$ '\n",
++ *
++ * C: This works if user calls "ash" command because in sub-subshell
++ * PRECMD is unfedined, thus evaluated to empty string - no damage done.
++ * Attention: BusyBox must be built with FEATURE_EDITING_FANCY_PROMPT to
++ * permit \u, \w, \h, \$ escape sequences. Unfortunately this cannot be guaranteed,
++ * especially on embedded systems where people try to save space, so let's use
++ * the dash version below. It should work on virtually all systems.
++ * "precmd() { pwd>&%d; kill -STOP $$; }; "
++ * "PRECMD=precmd; "
++ * "PS1='$(eval $PRECMD)\\u@\\h:\\w\\$ '\n",
++ */
++ case DASH:
++ /* Debian ash needs a precmd emulation via PS1, similar to BusyBox ash,
++ * but does not support escape sequences for user, host and cwd in prompt.
++ * Attention! Make sure that the buffer for precmd is big enough.
++ *
++ * We want to have a fancy dynamic prompt with user@host:cwd just like in the BusyBox
++ * examples above, but because replacing the home directory part of the path by "~" is
++ * complicated, it bloats the precmd to a size > BUF_SMALL (128).
++ *
++ * The following example is a little less fancy (home directory not replaced)
++ * and shows the basic workings of our prompt for easier understanding:
++ *
++ * "precmd() { "
++ * "echo \"$USER@$(hostname -s):$PWD\"; "
++ * "pwd>&%d; "
++ * "kill -STOP $$; "
++ * "}; "
++ * "PRECMD=precmd; "
++ * "PS1='$($PRECMD)$ '\n",
++ */
++ g_snprintf (precmd, buff_size,
++ "precmd() { "
++ "if [ ! \"${PWD##$HOME}\" ]; then "
++ "MC_PWD=\"~\"; "
++ "else "
++ "[ \"${PWD##$HOME/}\" = \"$PWD\" ] && MC_PWD=\"$PWD\" || MC_PWD=\"~/${PWD##$HOME/}\"; "
++ "fi; "
++ "echo \"$USER@openwrt:$MC_PWD\"; "
++ "pwd>&%d; "
++ "kill -STOP $$; "
++ "}; " "PRECMD=precmd; " "PS1='$($PRECMD)$ '\n", subshell_pipe[WRITE]);
++ break;
++
++ case ZSH:
++ g_snprintf (precmd, buff_size,
++ " precmd() { pwd>&%d; kill -STOP $$; }; "
++ "PS1='%%n@%%m:%%~%%# '\n", subshell_pipe[WRITE]);
++ break;
++
++ case TCSH:
++ g_snprintf (precmd, buff_size,
++ "set echo_style=both; "
++ "set prompt='%%n@%%m:%%~%%# '; "
++ "alias precmd 'echo $cwd:q >>%s; kill -STOP $$'\n", tcsh_fifo);
++ break;
++
++ case FISH:
++ /* We also want a fancy user@host:cwd prompt here, but fish makes it very easy to also
++ * use colours, which is what we will do. But first here is a simpler, uncoloured version:
++ * "function fish_prompt; "
++ * "echo (whoami)@(hostname -s):(pwd)\\$\\ ; "
++ * "echo \"$PWD\">&%d; "
++ * "kill -STOP %%self; "
++ * "end\n",
++ *
++ * TODO: fish prompt is shown when panel is hidden (Ctrl-O), but not when it is visible.
++ * Find out how to fix this.
++ */
++ g_snprintf (precmd, buff_size,
++ "function fish_prompt; "
++ "echo (whoami)@(hostname -s):(set_color $fish_color_cwd)(pwd)(set_color normal)\\$\\ ; "
++ "echo \"$PWD\">&%d; " "kill -STOP %%self; " "end\n", subshell_pipe[WRITE]);
++ break;
++
++ default:
++ break;
++ }
++}
++
+ /* --------------------------------------------------------------------------------------------- */
+ /*** public functions ****************************************************************************/
+ /* --------------------------------------------------------------------------------------------- */
+@@ -761,6 +950,7 @@ init_subshell (void)
+ {
+ /* This must be remembered across calls to init_subshell() */
+ static char pty_name[BUF_SMALL];
++ /* Must be considerably longer than BUF_SMALL (128) to support fancy shell prompts */
+ char precmd[BUF_MEDIUM];
+
+ switch (check_sid ())
+@@ -782,23 +972,8 @@ init_subshell (void)
+
+ if (mc_global.tty.subshell_pty == 0)
+ { /* First time through */
+- /* Find out what type of shell we have */
+-
+- if (strstr (mc_global.tty.shell, "/zsh") || getenv ("ZSH_VERSION"))
+- subshell_type = ZSH;
+- else if (strstr (mc_global.tty.shell, "/tcsh"))
+- subshell_type = TCSH;
+- else if (strstr (mc_global.tty.shell, "/csh"))
+- subshell_type = TCSH;
+- else if (strstr (mc_global.tty.shell, "/bash") || getenv ("BASH"))
+- subshell_type = BASH;
+- else if (strstr (mc_global.tty.shell, "/fish"))
+- subshell_type = FISH;
+- else
+- {
+- mc_global.tty.use_subshell = FALSE;
++ if (!init_subshell_type ())
+ return;
+- }
+
+ /* Open a pty for talking to the subshell */
+
+@@ -844,7 +1019,7 @@ init_subshell (void)
+ return;
+ }
+ }
+- else /* subshell_type is BASH or ZSH */ if (pipe (subshell_pipe))
++ else if (pipe (subshell_pipe)) /* subshell_type is BASH, ASH_BUSYBOX, DASH or ZSH */
+ {
+ perror (__FILE__ ": couldn't create pipe");
+ mc_global.tty.use_subshell = FALSE;
+@@ -872,39 +1047,116 @@ init_subshell (void)
+ init_subshell_child (pty_name);
+ }
+
+- /* Set up 'precmd' or equivalent for reading the subshell's CWD */
++ init_subshell_precmd (precmd, BUF_MEDIUM);
++
++ /* Set up `precmd' or equivalent for reading the subshell's CWD
++ *
++ * Attention! Never forget that these are *one-liners* even though the concatenated
++ * substrings contain line breaks and indentation for better understanding of the
++ * shell code. It is vital that each one-liner ends with a line feed character ("\n" ).
++ */
+
+ switch (subshell_type)
+ {
+ case BASH:
+ g_snprintf (precmd, sizeof (precmd),
+- " PROMPT_COMMAND=${PROMPT_COMMAND:+$PROMPT_COMMAND\n}'pwd>&%d;kill -STOP $$'\n",
+- subshell_pipe[WRITE]);
++ " PROMPT_COMMAND=${PROMPT_COMMAND:+$PROMPT_COMMAND\n}'pwd>&%d;kill -STOP $$'\n"
++ "PS1='\\u@\\h:\\w\\$ '\n", subshell_pipe[WRITE]);
++ break;
++
++ case ASH_BUSYBOX:
++ /* BusyBox ash needs a somewhat complicated precmd emulation via PS1, and it is vital
++ * that BB be built with active CONFIG_ASH_EXPAND_PRMT, but this is the default anyway.
++ *
++ * A: This leads to a stopped subshell (=frozen mc) if user calls "ash" command
++ * "PS1='$(pwd>&%d; kill -STOP $$)\\u@\\h:\\w\\$ '\n",
++ *
++ * B: This leads to "sh: precmd: not found" in sub-subshell if user calls "ash" command
++ * "precmd() { pwd>&%d; kill -STOP $$; }; "
++ * "PS1='$(precmd)\\u@\\h:\\w\\$ '\n",
++ *
++ * C: This works if user calls "ash" command because in sub-subshell
++ * PRECMD is unfedined, thus evaluated to empty string - no damage done.
++ * Attention: BusyBox must be built with FEATURE_EDITING_FANCY_PROMPT to
++ * permit \u, \w, \h, \$ escape sequences. Unfortunately this cannot be guaranteed,
++ * especially on embedded systems where people try to save space, so let's use
++ * the dash version below. It should work on virtually all systems.
++ * "precmd() { pwd>&%d; kill -STOP $$; }; "
++ * "PRECMD=precmd; "
++ * "PS1='$(eval $PRECMD)\\u@\\h:\\w\\$ '\n",
++ */
++ case DASH:
++ /* Debian ash needs a precmd emulation via PS1, similar to BusyBox ash,
++ * but does not support escape sequences for user, host and cwd in prompt.
++ * Attention! Make sure that the buffer for precmd is big enough.
++ *
++ * We want to have a fancy dynamic prompt with user@host:cwd just like in the BusyBox
++ * examples above, but because replacing the home directory part of the path by "~" is
++ * complicated, it bloats the precmd to a size > BUF_SMALL (128).
++ *
++ * The following example is a little less fancy (home directory not replaced)
++ * and shows the basic workings of our prompt for easier understanding:
++ *
++ * "precmd() { "
++ * "echo \"$USER@$(hostname -s):$PWD\"; "
++ * "pwd>&%d; "
++ * "kill -STOP $$; "
++ * "}; "
++ * "PRECMD=precmd; "
++ * "PS1='$($PRECMD)$ '\n",
++ */
++ g_snprintf (precmd, sizeof (precmd),
++ "precmd() { "
++ "if [ ! \"${PWD##$HOME}\" ]; then "
++ "MC_PWD=\"~\"; "
++ "else "
++ "[ \"${PWD##$HOME/}\" = \"$PWD\" ] && MC_PWD=\"$PWD\" || MC_PWD=\"~/${PWD##$HOME/}\"; "
++ "fi; "
++ "echo \"$USER@openwrt:$MC_PWD\"; "
++ "pwd>&%d; "
++ "kill -STOP $$; "
++ "}; " "PRECMD=precmd; " "PS1='$($PRECMD)$ '\n", subshell_pipe[WRITE]);
+ break;
+
+ case ZSH:
+ g_snprintf (precmd, sizeof (precmd),
+- " _mc_precmd(){ pwd>&%d;kill -STOP $$ }; precmd_functions+=(_mc_precmd)\n",
+- subshell_pipe[WRITE]);
++ " _mc_precmd(){ pwd>&%d;kill -STOP $$ }; precmd_functions+=(_mc_precmd)\n"
++ "PS1='%%n@%%m:%%~%%# '\n", subshell_pipe[WRITE]);
+ break;
+
+ case TCSH:
+ g_snprintf (precmd, sizeof (precmd),
+- "set echo_style=both;"
+- "alias precmd 'echo $cwd:q >>%s;kill -STOP $$'\n", tcsh_fifo);
++ "set echo_style=both; "
++ "set prompt='%%n@%%m:%%~%%# '; "
++ "alias precmd 'echo $cwd:q >>%s; kill -STOP $$'\n", tcsh_fifo);
+ break;
++
+ case FISH:
+ /* Use fish_prompt_mc function for prompt, if not present then copy fish_prompt to it. */
++ /* We also want a fancy user@host:cwd prompt here, but fish makes it very easy to also
++ * use colours, which is what we will do. But first here is a simpler, uncoloured version:
++ * "function fish_prompt; "
++ * "echo (whoami)@(hostname -s):(pwd)\\$\\ ; "
++ * "echo \"$PWD\">&%d; "
++ * "kill -STOP %%self; "
++ * "end\n",
++ *
++ * TODO: fish prompt is shown when panel is hidden (Ctrl-O), but not when it is visible.
++ * Find out how to fix this.
++ */
+ g_snprintf (precmd, sizeof (precmd),
+ "if not functions -q fish_prompt_mc;"
+ "functions -c fish_prompt fish_prompt_mc; end;"
+- "function fish_prompt; echo $PWD>&%d; fish_prompt_mc; kill -STOP %%self; end\n",
++ "function fish_prompt;"
++ "echo (whoami)@(hostname -s):(set_color $fish_color_cwd)(pwd)(set_color normal)\\$\\ ; "
++ "echo \"$PWD\">&%d; fish_prompt_mc; kill -STOP %%self; end\n",
+ subshell_pipe[WRITE]);
+ break;
+
+ default:
+ break;
+ }
++
+ write_all (mc_global.tty.subshell_pty, precmd, strlen (precmd));
+
+ /* Wait until the subshell has started up and processed the command */
+@@ -1108,6 +1360,13 @@ subshell_name_quote (const char *s)
+ quote_cmd_start = "(printf \"%b\" '";
+ quote_cmd_end = "')";
+ }
++ /* TODO: When BusyBox printf is fixed, get rid of this "else if", see
++ http://lists.busybox.net/pipermail/busybox/2012-March/077460.html */
++ /* else if (subshell_type == ASH_BUSYBOX)
++ {
++ quote_cmd_start = "\"`echo -en '";
++ quote_cmd_end = "'`\"";
++ } */
+ else
+ {
+ quote_cmd_start = "\"`printf \"%b\" '";
--- /dev/null
+#
+# Copyright (C) 2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=mt-st
+PKG_VERSION:=1.1
+PKG_RELEASE:=1
+
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)
+PKG_SOURCE_VERSION:=$(PKG_VERSION)
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.gz
+PKG_SOURCE_URL:=http://ftp.ibiblio.org/pub/Linux/system/backup/
+PKG_MD5SUM:=fdd5f5ec673c9f630a102ceff7612774
+
+PKG_LICENSE:=GPL-2.0
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/mt-st
+ SECTION:=utils
+ CATEGORY:=Utilities
+ TITLE:=Magnetic tape control tools for Linux SCSI tapes
+ URL:=http://ftp.ibiblio.org/pub/Linux/system/backup/
+ MAINTAINER:=Giuseppe Magnotta <giuseppe.magnotta@gmail.com>
+endef
+
+define Package/mt-st/description
+ Includes a mt-like program supporting additional commands using ioctls
+ specific to the Linux SCSI tape driver (up to kernel 2.6.26), and the program
+ stinit to define the SCSI tape devices in system startup scripts.
+endef
+
+define Build/Compile
+ $(MAKE) -C $(PKG_BUILD_DIR) \
+ LDFLAGS="$(TARGET_LDFLAGS)" \
+ CFLAGS="$(TARGET_CFLAGS) $(TARGET_CPPFLAGS)" \
+ CC="$(TARGET_CC)"
+endef
+
+define Package/mt-st/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/mt $(1)/usr/bin/
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/stinit $(1)/usr/bin/
+endef
+
+$(eval $(call BuildPackage,mt-st))
--- /dev/null
+ menu "Customize libow"
+ depends on PACKAGE_libow
+
+ menu "Bus master and adapter support"
+ config LIBOW_MASTER_USB
+ bool "USB bus master support (requires libusb)"
+ help
+ Include support for USB adapters (NOT usb-serial adapters, which use
+ kernel driver and are supported anyway).
+ Turning this off will save ~13kB (and ~50kB weighting libusb dependency).
+ default y
+
+ config LIBOW_MASTER_I2C
+ bool "I2C bus master (DS2482) support"
+ default y
+ help
+ Include support for I2C adapters.
+ Turning this feature off will save ~6kB.
+
+ config LIBOW_MASTER_W1
+ bool "Kernel W1 bus master support (requires kmod-w1)"
+ help
+ Support kernel 1-Wire bus masters (requires KConfig CONFIG_CONNECTOR=y
+ and CONFIG_W1_CON=y).
+ Turning this on will increase libow size by about 10kB.
+ default n
+ endmenu
+
+ config LIBOW_ZEROCONF
+ bool "Zeroconf/bonjour support"
+ default y
+ help
+ Enable server process announcement using Zeroconf (Bonjour) protocol.
+ Turning this feature on will increase owlib size by about 12kB.
+
+ config LIBOW_DEBUG
+ bool "Enable debug output (100+ kB)"
+ default y
+ help
+ If you don't need to debug your 1-wire network, you can save as much as
+ 137kB disabling debug output.
+
+ config LIBOW_OWTRAFFIC
+ bool "Enable bus traffic reports"
+ default n
+ help
+ Enable owfs traffic monitor. It's here purely for debugging purposes.
+ Turning this on will increase libow size by about 3kB.
+ endmenu
PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
+PKG_CONFIG_DEPENDS:= \
+ CONFIG_LIBOW_MASTER_USB \
+ CONFIG_LIBOW_MASTER_I2C \
+ CONFIG_LIBOW_MASTER_W1 \
+ CONFIG_LIBOW_ZEROCONF \
+ CONFIG_LIBOW_DEBUG \
+ CONFIG_LIBOW_OWTRAFFIC
+
include $(INCLUDE_DIR)/package.mk
#
define Package/libow
$(call Package/owfs/Library)
- DEPENDS:=+libusb-compat +libpthread
+ DEPENDS:= \
+ +libpthread \
+ +LIBOW_MASTER_USB:libusb-compat \
+ +LIBOW_MASTER_W1:kmod-w1
TITLE:=OWFS - common shared library
endef
+define Package/libow/config
+ source "$(SOURCE)/Config.in"
+endef
+
define Package/libow/description
$(call Package/$(PKG_NAME)/Default/description)
--with-fuseinclude="$(STAGING_DIR)/usr/include" \
--with-fuselib="$(STAGING_DIR)/usr/lib" \
--enable-shared \
- --enable-zero \
--disable-parport \
--disable-ownet \
--disable-owpython \
--disable-owphp \
--disable-owtcl \
--disable-swig \
+ $(if $(CONFIG_LIBOW_MASTER_USB),--enable-usb,--disable-usb) \
+ $(if $(CONFIG_LIBOW_MASTER_W1),--enable-w1,--disable-w1) \
+ $(if $(CONFIG_LIBOW_MASTER_I2C),--enable-i2c,--disable-i2c) \
+ $(if $(CONFIG_LIBOW_ZEROCONF),--enable-zero,--disable-zero) \
+ $(if $(CONFIG_LIBOW_DEBUG),--enable-debug,--disable-debug) \
+ $(if $(CONFIG_LIBOW_OWTRAFFIC),--enable-owtraffic,--disable-owtraffic)
CONFIGURE_VARS += \
LDFLAGS="$(TARGET_LDFLAGS) -Wl,-rpath-link=$(STAGING_DIR)/usr/lib -Wl,-rpath-link=$(TOOLCHAIN_DIR)/usr/lib" \
define Package/owfs/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/owfs $(1)/usr/bin/
+ $(INSTALL_DIR) $(1)/etc/config
+ $(INSTALL_DATA) ./files/owfs.conf $(1)/etc/config/owfs
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) ./files/owfs.init $(1)/etc/init.d/owfs
+ mkdir -p $(1)/mnt/owfs
+endef
+
+define Package/owfs/conffiles
+/etc/config/owfs
endef
define Package/owshell/install
define Package/owserver/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/owserver $(1)/usr/bin/
+ $(INSTALL_DIR) $(1)/etc/config
+ $(INSTALL_DATA) ./files/owserver.conf $(1)/etc/config/owserver
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) ./files/owserver.init $(1)/etc/init.d/owserver
+endef
+
+define Package/owserver/conffiles
+/etc/config/owserver
endef
define Package/owhttpd/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/owhttpd $(1)/usr/bin/
+ $(INSTALL_DIR) $(1)/etc/config
+ $(INSTALL_DATA) ./files/owhttpd.conf $(1)/etc/config/owhttpd
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) ./files/owhttpd.init $(1)/etc/init.d/owhttpd
+endef
+
+define Package/owhttpd/conffiles
+/etc/config/owhttpd
endef
define Package/owftpd/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/owftpd $(1)/usr/bin/
+ $(INSTALL_DIR) $(1)/etc/config
+ $(INSTALL_DATA) ./files/owftpd.conf $(1)/etc/config/owftpd
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) ./files/owftpd.init $(1)/etc/init.d/owftpd
endef
+define Package/owftpd/conffiles
+/etc/config/owftpd
+endef
define Package/libow/install
$(INSTALL_DIR) $(1)/usr/lib
--- /dev/null
+config owfs 'owfs'
+ option enabled 0
+ option user root
+ option readonly 0
+ option mountpoint '/mnt/owfs'
+ option fuse_allow_other 0
+ option fuse_open_opt ''
+ option error_level 0
+ list devices '-s'
+ list devices 'localhost:4304'
--- /dev/null
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2009-2015 OpenWrt.org
+
+START=95
+USE_PROCD=1
+
+PROG=/usr/bin/owfs
+
+append_arg() {
+ local cfg="$1"
+ local var="$2"
+ local opt="$3"
+ local def="$4"
+ local val
+
+ config_get val "$cfg" "$var"
+ [ -n "$val" -o -n "$def" ] && procd_append_param command $opt "${val:-$def}"
+}
+
+append_bool() {
+ local cfg="$1"
+ local var="$2"
+ local opt="$3"
+ local def="$4"
+ local val
+
+ config_get_bool val "$cfg" "$var" "$def"
+ [ "$val" = 1 ] && procd_append_param command "$opt"
+}
+
+append_plain() {
+ procd_append_param command "$1"
+}
+
+append_param() {
+ local cfg="$1"
+ local var="$2"
+ local opt="$3"
+ local def="$4"
+ local val
+
+ config_get val "$cfg" "$var"
+ [ -n "$val" -o -n "$def" ] && procd_append_param "$opt" "${val:-$def}"
+}
+
+start_instance() {
+ local cfg="$1"
+ local enabled
+
+ config_get_bool enabled "$cfg" 'enabled' '0'
+ [ "$enabled" = 0 ] && return 1
+
+ procd_open_instance
+
+ procd_set_param command "$PROG" --foreground --error_print=1
+
+ # common parameters
+ append_bool "$cfg" readonly "--readonly"
+ append_arg "$cfg" error_level "--error_level"
+ config_list_foreach "$cfg" options append_plain
+ config_list_foreach "$cfg" devices append_plain
+ append_param "$cfg" user user
+
+ # owfs-specific
+ append_arg "$cfg" mountpoint "--mountpoint" /mnt/owfs
+ append_bool "$cfg" fuse_allow_other "--allow_other"
+ append_arg "$cfg" fuse_open_opt "--fuse_open_opt"
+
+ # don't respawn fuse
+
+ procd_close_instance
+
+}
+
+service_triggers() {
+ procd_add_reload_trigger owfs
+}
+
+start_service() {
+ config_load owfs
+ config_foreach start_instance owfs
+}
--- /dev/null
+config owftpd 'owftpd'
+ option enabled 0
+ option user root
+ option readonly 0
+ option port 21
+ option error_level 0
+ list devices '-s'
+ list devices 'localhost:4304'
--- /dev/null
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2009-2015 OpenWrt.org
+
+START=95
+USE_PROCD=1
+
+PROG=/usr/bin/owftpd
+
+append_arg() {
+ local cfg="$1"
+ local var="$2"
+ local opt="$3"
+ local def="$4"
+ local val
+
+ config_get val "$cfg" "$var"
+ [ -n "$val" -o -n "$def" ] && procd_append_param command $opt "${val:-$def}"
+}
+
+append_bool() {
+ local cfg="$1"
+ local var="$2"
+ local opt="$3"
+ local def="$4"
+ local val
+
+ config_get_bool val "$cfg" "$var" "$def"
+ [ "$val" = 1 ] && procd_append_param command "$opt"
+}
+
+append_plain() {
+ procd_append_param command "$1"
+}
+
+append_param() {
+ local cfg="$1"
+ local var="$2"
+ local opt="$3"
+ local def="$4"
+ local val
+
+ config_get val "$cfg" "$var"
+ [ -n "$val" -o -n "$def" ] && procd_append_param "$opt" "${val:-$def}"
+}
+
+start_instance() {
+ local cfg="$1"
+ local enabled
+
+ config_get_bool enabled "$cfg" 'enabled' '0'
+ [ "$enabled" = 0 ] && return 1
+
+ procd_open_instance
+
+ procd_set_param command "$PROG" --foreground --error_print=1
+
+ # common parameters
+ append_bool "$cfg" readonly "--readonly"
+ append_arg "$cfg" error_level "--error_level"
+ config_list_foreach "$cfg" options append_plain
+ config_list_foreach "$cfg" devices append_plain
+ append_param "$cfg" user user
+
+ # owftpd-specific
+ append_arg "$cfg" port "--port"
+ append_arg "$cfg" max_connections "--max_connections"
+
+ procd_set_param respawn
+
+ procd_close_instance
+
+}
+
+service_triggers() {
+ procd_add_reload_trigger owftpd
+}
+
+start_service() {
+ config_load owftpd
+ config_foreach start_instance owftpd
+}
--- /dev/null
+config owhttpd 'owhttpd'
+ option enabled 0
+ option user root
+ option readonly 0
+ option port 3001
+ option error_level 0
+ list devices '-s'
+ list devices 'localhost:4304'
--- /dev/null
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2009-2015 OpenWrt.org
+
+START=95
+USE_PROCD=1
+
+PROG=/usr/bin/owhttpd
+
+append_arg() {
+ local cfg="$1"
+ local var="$2"
+ local opt="$3"
+ local def="$4"
+ local val
+
+ config_get val "$cfg" "$var"
+ [ -n "$val" -o -n "$def" ] && procd_append_param command $opt "${val:-$def}"
+}
+
+append_bool() {
+ local cfg="$1"
+ local var="$2"
+ local opt="$3"
+ local def="$4"
+ local val
+
+ config_get_bool val "$cfg" "$var" "$def"
+ [ "$val" = 1 ] && procd_append_param command "$opt"
+}
+
+append_plain() {
+ procd_append_param command "$1"
+}
+
+append_param() {
+ local cfg="$1"
+ local var="$2"
+ local opt="$3"
+ local def="$4"
+ local val
+
+ config_get val "$cfg" "$var"
+ [ -n "$val" -o -n "$def" ] && procd_append_param "$opt" "${val:-$def}"
+}
+
+start_instance() {
+ local cfg="$1"
+ local enabled
+
+ config_get_bool enabled "$cfg" 'enabled' '0'
+ [ "$enabled" = 0 ] && return 1
+
+ procd_open_instance
+
+ procd_set_param command "$PROG" --foreground --error_print=1
+
+ # common parameters
+ append_bool "$cfg" readonly "--readonly"
+ append_arg "$cfg" error_level "--error_level"
+ config_list_foreach "$cfg" options append_plain
+ config_list_foreach "$cfg" devices append_plain
+ append_param "$cfg" user user
+
+ # owhttpd-specific
+ append_arg "$cfg" port "--port"
+ append_arg "$cfg" max_connections "--max_connections"
+
+ procd_set_param respawn
+
+ procd_close_instance
+
+}
+
+service_triggers() {
+ procd_add_reload_trigger owhttpd
+}
+
+start_service() {
+ config_load owhttpd
+ config_foreach start_instance owhttpd
+}
--- /dev/null
+config owserver 'owserver'
+ option enabled 0
+ option user root
+ option readonly 0
+ option port 4304
+ option error_level 0
+ list devices '-d'
+ list devices '/dev/ttyUSB0'
--- /dev/null
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2009-2015 OpenWrt.org
+
+START=90
+USE_PROCD=1
+
+PROG=/usr/bin/owserver
+
+append_arg() {
+ local cfg="$1"
+ local var="$2"
+ local opt="$3"
+ local def="$4"
+ local val
+
+ config_get val "$cfg" "$var"
+ [ -n "$val" -o -n "$def" ] && procd_append_param command $opt "${val:-$def}"
+}
+
+append_bool() {
+ local cfg="$1"
+ local var="$2"
+ local opt="$3"
+ local def="$4"
+ local val
+
+ config_get_bool val "$cfg" "$var" "$def"
+ [ "$val" = 1 ] && procd_append_param command "$opt"
+}
+
+append_plain() {
+ procd_append_param command "$1"
+}
+
+append_param() {
+ local cfg="$1"
+ local var="$2"
+ local opt="$3"
+ local def="$4"
+ local val
+
+ config_get val "$cfg" "$var"
+ [ -n "$val" -o -n "$def" ] && procd_append_param "$opt" "${val:-$def}"
+}
+
+start_instance() {
+ local cfg="$1"
+ local enabled
+
+ config_get_bool enabled "$cfg" 'enabled' '0'
+ [ "$enabled" = 0 ] && return 1
+
+ procd_open_instance
+
+ procd_set_param command "$PROG" --foreground --error_print=1
+
+ # common parameters
+ append_bool "$cfg" readonly "--readonly"
+ append_arg "$cfg" error_level "--error_level"
+ config_list_foreach "$cfg" options append_plain
+ config_list_foreach "$cfg" devices append_plain
+ append_param "$cfg" user user
+
+ # owserver-specific
+ append_arg "$cfg" port "--port"
+ append_arg "$cfg" max_connections "--max_connections"
+
+ procd_set_param respawn
+
+ procd_close_instance
+
+}
+
+service_triggers() {
+ procd_add_reload_trigger owserver
+}
+
+start_service() {
+ config_load owserver
+ config_foreach start_instance owserver
+}
--- /dev/null
+AaAA
+--- a/module/owlib/src/c/ow_w1_parse.c
++++ b/module/owlib/src/c/ow_w1_parse.c
+@@ -237,7 +237,7 @@ enum Netlink_Read_Status W1_Process_Resp
+ owfree(nlp.nlm) ;
+ return nrs_nodev ;
+ }
+- if ( nrs_callback == NULL ) { // status message
++ if ( nrs_callback == NULL ) { // bus reset
+ owfree(nlp.nlm) ;
+ return nrs_complete ;
+ }
+@@ -246,7 +246,7 @@ enum Netlink_Read_Status W1_Process_Resp
+ nrs_callback( &nlp, v, pn ) ;
+ LEVEL_DEBUG("Called nrs_callback");
+ owfree(nlp.nlm) ;
+- if ( nlp.cn->ack != 0 ) {
++ if ( nlp.cn->seq != nlp.cn->ack ) {
+ if ( nlp.w1m->type == W1_LIST_MASTERS ) {
+ continue ; // look for more data
+ }
+@@ -254,7 +254,7 @@ enum Netlink_Read_Status W1_Process_Resp
+ continue ; // look for more data
+ }
+ }
+- nrs_callback = NULL ; // now look for status message
++ return nrs_complete ; // status message
+ }
+ return nrs_timeout ;
+ }
--- /dev/null
+--- a/module/owlib/src/c/ow_reset.c
++++ b/module/owlib/src/c/ow_reset.c
+@@ -21,6 +21,10 @@ RESET_TYPE BUS_reset(const struct parsed
+ struct connection_in * in = pn->selected_connection ;
+ STAT_ADD1_BUS(e_bus_resets, in);
+
++ if ( in->iroutines.reset == NO_RESET_ROUTINE ) {
++ return BUS_RESET_OK;
++ }
++
+ switch ( (in->iroutines.reset) (pn) ) {
+ case BUS_RESET_OK:
+ in->reconnect_state = reconnect_ok; // Flag as good!
PKG_NAME:=smstools3
PKG_VERSION:=3.1.15
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_MAINTAINER:=Gérald Kerma <dreagle@doukki.net>
PKG_LICENSE:=GPL-2.0
PKG_MD5SUM:=0241ef60e646fac1a06254a848e61ed7
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)
-PKG_BUILD_DEPENDS:=libiconv-full iconv
include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/nls.mk
define Package/smstools3
SECTION:=utils
CATEGORY:=Utilities
TITLE:=SMS Server Tools 3
- DEPENDS:=+libiconv-full +iconv
+ DEPENDS:=$(ICONV_DEPENDS)
URL:=http://smstools3.kekekasvi.com/
endef
short messages through GSM modems and mobile phones.
endef
-TARGET_CFLAGS = -D NUMBER_OF_MODEMS=1
+TARGET_CFLAGS += -D NUMBER_OF_MODEMS=1
TARGET_CFLAGS += -D USE_ICONV
TARGET_CFLAGS += -D DISABLE_INET_SOCKET
TARGET_CFLAGS += -W -Wall
TARGET_CFLAGS += -D_FILE_OFFSET_BITS=64
-TARGET_LDFLAGS += -liconv
+MAKE_VARS += LFLAGS="$(TARGET_LDFLAGS) $(if $(ICONV_FULL),-liconv)"
BINDIR=/usr/local/bin
-define Build/Compile
- $(MAKE) -C "$(PKG_BUILD_DIR)/src" \
- CC="$(TARGET_CC)" \
- CFLAGS='$(TARGET_CFLAGS) $(EXTRA_CFLAGS) $(TARGET_CPPFLAGS) $(EXTRA_CPPFLAGS) \
- -I"$(STAGING_DIR)/usr/lib/libiconv-full/include"' \
- LFLAGS='$(TARGET_LDFLAGS) $(EXTRA_LDFLAGS) -L"$(STAGING_DIR)/usr/lib/libiconv-full/lib"' \
- all
+define Package/smstools3/configure
endef
define Package/smstools3/install
---- a/src/Makefile 2014-12-20 18:33:55.654252867 +0100
-+++ b/src/Makefile 2014-12-20 18:31:10.241359741 +0100
-@@ -43,7 +43,7 @@
+--- a/src/Makefile
++++ b/src/Makefile
+@@ -1,7 +1,7 @@
+ # In case of windows, use os_cygwin=yes setting in the configuration file (smsd.conf).
+
+ # Select your setup size:
+-CFLAGS = -D NUMBER_OF_MODEMS=64
++CFLAGS ?= -D NUMBER_OF_MODEMS=64
+
+ # Uncomment for Solaris
+ # CFLAGS += -D SOLARIS
+@@ -43,7 +43,7 @@ smsd: smsd.c extras.o locking.o cfgfile.
ifneq (,$(findstring SOLARIS,$(CFLAGS)))
ifeq (,$(findstring DISABLE_INET_SOCKET,$(CFLAGS)))
endif
endif
-
--- /dev/null
+#
+# Copyright (C) 2006-2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=stress
+PKG_VERSION:=1.0.4
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=http://people.seas.harvard.edu/~apw/stress/
+PKG_MD5SUM:=a607afa695a511765b40993a64c6e2f4
+
+PKG_LICENSE:=GPL-2.0
+PKG_LICENSE_FILES:=COPYING
+
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/stress
+ SECTION:=utils
+ CATEGORY:=Utilities
+ TITLE:=stress is a simple stress utility
+ URL:=http://people.seas.harvard.edu/~apw/stress/
+ MAINTAINER:=Alexandru Ardelean <ardeleanalex@gmail.com>
+endef
+
+define Package/stress/description
+stress is a simple tool that imposes certain types of compute \ stress on
+UNIX-like operating systems.
+endef
+
+CONFIGURE_ARGS += \
+ --prefix="/usr"
+
+MAKE_FLAGS += \
+ CFLAGS="$(TARGET_CFLAGS)"
+
+define Package/stress/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/stress $(1)/usr/bin/
+endef
+
+$(eval $(call BuildPackage,stress))
PKG_NAME:=zile
PKG_VERSION:=2.3.24
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@GNU/zile
PKG_LICENSE:=GPL-3.0+
PKG_LICENSE_FILES:=COPYING
+PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
+PKG_BUILD_DEPENDS += libncurses
+
include $(INCLUDE_DIR)/package.mk
define Package/zile
endef
CONFIGURE_VARS += \
- gl_cv_func_getopt_gnu=yes
+ gl_cv_func_getopt_gnu=yes \
+ gl_cv_warn__Wmudflap=no \
+ gl_cv_warn__fmudflap=no
define Package/zile/install
$(INSTALL_DIR) $(1)/usr/bin
--- /dev/null
+--- a/lib/stdio.in.h
++++ b/lib/stdio.in.h
+@@ -733,7 +733,7 @@ _GL_CXXALIASWARN (gets);
+ /* It is very rare that the developer ever has full control of stdin,
+ so any use of gets warrants an unconditional warning. Assume it is
+ always declared, since it is required by C89. */
+-_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
++#define gets(a) fgets( a, sizeof(*(a)), stdin)
+ #endif
+
+