PKG_NAME:=backuppc
PKG_VERSION:=3.3.2
-PKG_RELEASE:=1
+PKG_RELEASE:=3
PKG_SOURCE:=BackupPC-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@SF/backuppc
CATEGORY:=Administration
TITLE:=high-performance, enterprise-grade system for backing up PCs
URL:=https://sourceforge.net/projects/backuppc/
- DEPENDS:=+perl +perl-www +perl-cgi +perlbase-digest +perlbase-compress +perlbase-archive +perlbase-data +perlbase-storable +perlbase-getopt +perl-file-rsyncp +openssh-client +tar +bzip2 +samba36-client +rsync +iputils-ping
+ DEPENDS:=+perl +perl-www +perl-cgi +perlbase-digest +perlbase-compress +perlbase-archive +perlbase-data +perlbase-storable +perlbase-getopt +perl-file-rsyncp +openssh-client +tar +bzip2 +samba4-client +rsync +iputils-ping
endef
define Package/backuppc/description
echo "pass: ${PASS}"
echo
echo "It is also recommended to follow the steps in"
- echo "https://wiki.openwrt.org/doc/uci/uhttpd#securing_uhttpd"
+ echo "https://openwrt.org/docs/guide-user/services/webserver/uhttpd#securing_uhttpd"
echo "to secure access to uhttpd."
fi
}
include $(TOPDIR)/rules.mk
PKG_NAME:=debootstrap
-PKG_VERSION:=1.0.115~bpo10+1
+PKG_VERSION:=1.0.116
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-udeb_$(PKG_VERSION)_all.udeb
PKG_SOURCE_URL:=http://ftp.debian.org/debian/pool/main/d/debootstrap
-PKG_HASH:=cf0107f88199f83a72730faeaaa54b218a19ea1dd35ed473e5d0387c42aee07d
+PKG_HASH:=2325cbad6fac19cec7db34cff8fc06f9d9781862621b6e91f10549cf7c7c66af
PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
PKG_LICENSE:=Unique
include $(TOPDIR)/rules.mk
PKG_NAME:=netdata
-PKG_VERSION:=1.18.1
+PKG_VERSION:=1.19.0
PKG_RELEASE:=1
PKG_MAINTAINER:=Josef Schlehofer <pepe.schlehofer@gmail.com>, Daniel Engberg <daniel.engberg.lists@pyret.net>
PKG_SOURCE:=$(PKG_NAME)-v$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/netdata/netdata/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=c788ec01f5228768cbf5032324e041defbac3aaa57a074b98038444fc46ba2d4
+PKG_HASH:=007656f639d3544698af503f35550aeb4d4d5a06b81801bf5acf4ac21db68f6e
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
include $(TOPDIR)/rules.mk
PKG_NAME:=syslog-ng
-PKG_VERSION:=3.24.1
+PKG_VERSION:=3.25.1
PKG_RELEASE:=1
PKG_MAINTAINER:=Josef Schlehofer <josef.schlehofer@nic.cz>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/balabit/syslog-ng/releases/download/$(PKG_NAME)-$(PKG_VERSION)/
-PKG_HASH:=d4d0a0357b452be96b69d6f741129275530d8f0451e35adc408ad5635059fa3d
+PKG_HASH:=34cb9673bcde58d543890e6c1189f466f938e199f227c524a6fa2f47f4db6817
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
# More details about these settings can be found here:
# https://www.syslog-ng.com/technical-documents/list/syslog-ng-open-source-edition
-@version: 3.24
+@version: 3.25
@include "scl.conf"
@include "/etc/syslog-ng.d/" # Put any customization files in this directory
include $(TOPDIR)/rules.mk
PKG_NAME:=zabbix
-PKG_VERSION:=4.0.11
-PKG_RELEASE:=1
+PKG_VERSION:=4.0.16
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@SF/zabbix
-PKG_HASH:=b0af25c31c622d14cb7780db5941d76579b9f9a6ee449613d847b0b505628409
+PKG_HASH:=a8d7e18230e62a7bd3fd9af5830a2b1b22818468b5da3deb673865ce40dc4d42
PKG_MAINTAINER:=Etienne CHAMPETIER <champetier.etienne@gmail.com>
PKG_LICENSE:=GPL-2.0
-#see http://wiki.openwrt.org/doc/howto/zabbix for ready to use templates
+#see https://openwrt.org/docs/guide-user/services/network_monitoring/zabbix for ready to use templates
# If you want to know the exact meaning of an UserParameter, you can search in the ieee80211 standard:
-# http://standards.ieee.org/getieee802/download/802.11-2012.pdf
+# https://standards.ieee.org/getieee802/download/802.11-2012.pdf
# example: for mac80211.ACKFailureCount search for dot11ACKFailureCount (page 2145)
# mac80211 phy discovery (like 'phy0')
-#see http://wiki.openwrt.org/doc/howto/zabbix for ready to use templates
+#see https://openwrt.org/docs/guide-user/services/network_monitoring/zabbix for ready to use templates
# network interface discovery
# example: {"data":[{"{#IF}":"lo", "{#NET}":"loopback"},{"{#IF}":"br-lan", "{#NET}":"lan"},{"{#IF}":"eth0.1", "{#NET}":"wan"}]}
-#see http://wiki.openwrt.org/doc/howto/zabbix for ready to use templates
+#see https://openwrt.org/docs/guide-user/services/network_monitoring/zabbix for ready to use templates
# wifi interface discovery
# example: {"data":[{"{#IF}":"wlan0", "{#MODE}":"ap", "{#SSID}":"Openwrt", "{#NET}":"lan", "{#DEV}":"radio0", "{#ENC}":"psk2+ccmp", "{#TYPE}":"mac80211", "{#HWMODE}":"11ng", "{#CHANNEL}":"11", "{#BSSID}":"xx:xx:xx:xx:xx:xx"}]}
--- /dev/null
+--- a/src/libs/zbxsysinfo/common/net.c
++++ b/src/libs/zbxsysinfo/common/net.c
+@@ -547,7 +547,7 @@ static int dns_query(AGENT_REQUEST *request, AGENT_RESULT *result, int short_ans
+ return SYSINFO_RET_FAIL;
+ }
+
+-#if defined(HAVE_RES_NINIT) && !defined(_AIX)
++#if defined(HAVE_RES_NINIT) && !defined(_AIX) && !defined(__UCLIBC__)
+ if (-1 == (res = res_nmkquery(&res_state_local, QUERY, zone, C_IN, type, NULL, 0, NULL, buf, sizeof(buf))))
+ #else
+ if (-1 == (res = res_mkquery(QUERY, zone, C_IN, type, NULL, 0, NULL, buf, sizeof(buf))))
+@@ -643,7 +643,11 @@ static int dns_query(AGENT_REQUEST *request, AGENT_RESULT *result, int short_ans
+ res_state_local.retrans = retrans;
+ res_state_local.retry = retry;
+
++#ifndef __UCLIBC__
+ res = res_nsend(&res_state_local, buf, res, answer.buffer, sizeof(answer.buffer));
++#else
++ res = res_search(*res_state_local.dnsrch, res, 0, answer.buffer, sizeof(answer.buffer));
++#endif
+
+ # ifdef HAVE_RES_U_EXT /* Linux */
+ if (NULL != ip && '\0' != *ip && AF_INET6 == ip_type)
@x86_64 +bash +bzip2 +coreutils +coreutils-stat +diffutils +file \
+gawk +gcc +getopt +git +git-http +libncurses +make +patch +perl \
+perlbase-attributes +perlbase-findbin +perlbase-getopt \
- +perlbase-thread +python-light +tar +unzip +wget +xz +xzdiff \
+ +perlbase-thread +python3-light +tar +unzip +wget +xz +xzdiff \
+xzgrep +xzless +xz-utils +zlib-dev
define Package/asu
URL:=http://github.com/aparcar/gsoc17-attended-sysupgrade/
DEPENDS:=$(IMAGEBUILDER_DEPENDS) +pgsql-server +psqlodbcw \
+python3-ctypes +python3-distutils +python3-flask \
- +gunicorn +python3-openssl +python3-pyodbc +python3-yaml \
+ +gunicorn3 +python3-openssl +python3-pyodbc +python3-yaml \
+libustream-mbedtls +ca-certificates +gnupg
USERID:=asu:asu
VARIANT:=python3
procd_open_instance asu_main
procd_set_param user asu
procd_set_param group asu
- procd_set_param command gunicorn asu:app
+ procd_set_param command gunicorn3 asu:app
procd_close_instance
procd_open_instance main_worker
include $(TOPDIR)/rules.mk
PKG_NAME:=meson
-PKG_VERSION:=0.52.0
+PKG_VERSION:=0.52.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/mesonbuild/meson/releases/download/$(PKG_VERSION)/
-PKG_HASH:=d60f75f0dedcc4fd249dbc7519d6f3ce6df490033d276ef1cf27453ef4938d32
+PKG_HASH:=0c277472e49950a5537e3de3e60c57b80dbf425788470a1a8ed27446128fc035
PKG_MAINTAINER:=Andre Heider <a.heider@gmail.com>
PKG_LICENSE:=Apache-2.0
define Meson/CreateNativeFile
$(STAGING_DIR_HOST)/bin/sed \
- -e "s|@CC@|$(HOSTCC)|" \
- -e "s|@CXX@|$(HOSTCXX)|" \
+ -e "s|@CC@|$(foreach BIN,$(HOSTCC),'$(BIN)',)|" \
+ -e "s|@CXX@|$(foreach BIN,$(HOSTCXX),'$(BIN)',)|" \
-e "s|@PKGCONFIG@|$(PKG_CONFIG)|" \
-e "s|@CFLAGS@|$(foreach FLAG,$(HOST_CFLAGS) $(HOST_CPPFLAGS),'$(FLAG)',)|" \
-e "s|@CXXFLAGS@|$(foreach FLAG,$(HOST_CXXFLAGS) $(HOST_CPPFLAGS),'$(FLAG)',)|" \
define Meson/CreateCrossFile
$(STAGING_DIR_HOST)/bin/sed \
- -e "s|@CC@|$(TARGET_CC)|" \
- -e "s|@CXX@|$(TARGET_CXX)|" \
+ -e "s|@CC@|$(foreach BIN,$(TARGET_CC),'$(BIN)',)|" \
+ -e "s|@CXX@|$(foreach BIN,$(TARGET_CXX),'$(BIN)',)|" \
-e "s|@AR@|$(TARGET_AR)|" \
-e "s|@STRIP@|$(TARGET_CROSS)strip|" \
-e "s|@NM@|$(TARGET_NM)|" \
[binaries]
-c = '@CC@'
-cpp = '@CXX@'
+c = [@CC@]
+cpp = [@CXX@]
ar = '@AR@'
strip = '@STRIP@'
nm = '@NM@'
[binaries]
-c = '@CC@'
-cpp = '@CXX@'
+c = [@CC@]
+cpp = [@CXX@]
pkgconfig = '@PKGCONFIG@'
[properties]
include $(TOPDIR)/rules.mk
PKG_NAME:=scons
-PKG_VERSION:=3.1.1
+PKG_VERSION:=3.1.2
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=@SF/scons \
- https://fossies.org/linux/misc/
-PKG_HASH:=4cea417fdd7499a36f407923d03b4b7000b0f9e8fd7b31b316b9ce7eba9143a5
+PKG_SOURCE:=$(PKG_NAME)-local-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=@SF/scons
+PKG_HASH:=642e90860b746fa18fac08c7a22de6bfa86110ae7c56d7f136f7e5fb0d8f4f44
PKG_LICENSE:=MIT
-PKG_LICENSE_FILES:=LICENSE
+PKG_LICENSE_FILES:=scons-LICENSE
PKG_MAINTAINER:=
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/host-build.mk
+HOST_UNPACK:=$(DECOMPRESS_CMD) $(HOST_TAR) -C $(HOST_BUILD_DIR) $(TAR_OPTIONS)
+
define Package/scons
SECTION:=devel
CATEGORY:=Development
endef
define Host/Install
- ./files/pywrap.sh $(HOST_BUILD_DIR)/setup.py install --prefix=$(STAGING_DIR_HOST)
- rm -f $(STAGING_DIR_HOST)/bin/scons*.py
- for bin in $(STAGING_DIR_HOST)/bin/scons*; do \
- mv "$$$$bin" "$$$$bin.py"; \
- cp ./files/pywrap.sh "$$$$bin"; \
+ $(INSTALL_DIR) $(STAGING_DIR_HOSTPKG)/bin
+ for py in $(HOST_BUILD_DIR)/*.py; do \
+ bin=$$$${py%.py} ; \
+ $(CP) $$$$py $$$$bin ; \
+ $(SED) '1c#!$(STAGING_DIR_HOST)/bin/python' $$$$bin ; \
+ $(INSTALL_BIN) $$$$bin $(STAGING_DIR_HOSTPKG)/bin/ ; \
done
+
+ $(INSTALL_DIR) $(STAGING_DIR_HOSTPKG)/lib/scons
+ $(CP) $(HOST_BUILD_DIR)/scons-local-$(PKG_VERSION)/* $(STAGING_DIR_HOSTPKG)/lib/scons/
endef
$(eval $(call BuildPackage,scons))
+++ /dev/null
-#!/bin/sh
-
-case "${0##*/}" in
- pywrap.sh) arg1="";;
- *) arg1="$0.py" ;;
-esac
-
-for bin in python python3; do
- case "$($bin -V 2>&1)" in
- "Python 3"*) exec $bin $arg1 "$@" ;;
- esac
-done
-
-echo "Unable to find a Python 3.x interpreter for executing ${arg1:+$arg1 }$* !" >&2
-exit 1
---- a/engine/SCons/Platform/__init__.py
-+++ b/engine/SCons/Platform/__init__.py
+--- a/scons-local-3.1.2/SCons/Platform/__init__.py
++++ b/scons-local-3.1.2/SCons/Platform/__init__.py
@@ -65,6 +65,8 @@ def platform_default():
care about the machine architecture.
"""
+++ /dev/null
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=cifsd
-PKG_RELEASE:=1
-
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://github.com/cifsd-team/cifsd.git
-PKG_SOURCE_DATE:=2019-11-27
-PKG_SOURCE_VERSION:=b8675c8ac144ece00f3e6bcc5436c8ace99e23e9
-PKG_MIRROR_HASH:=3d67af87f30d837f95510663efc42f1451651dc235987408924b56cb277fc8e8
-
-PKG_MAINTAINER:=Andy Walsh <andy.walsh44+github@gmail.com>
-PKG_LICENSE:=GPL-2.0-or-later
-PKG_LICENSE_FILES:=COPYING
-
-include $(INCLUDE_DIR)/kernel.mk
-include $(INCLUDE_DIR)/package.mk
-
-define KernelPackage/fs-cifsd
- SUBMENU:=Filesystems
- TITLE:=CIFS/SMB kernel server support
- URL:=https://github.com/cifsd-team/cifsd
- FILES:=$(PKG_BUILD_DIR)/cifsd.ko
- DEPENDS:= \
- +kmod-nls-base \
- +kmod-nls-utf8 \
- +kmod-crypto-md4 \
- +kmod-crypto-md5 \
- +kmod-crypto-hmac \
- +kmod-crypto-ecb \
- +kmod-crypto-des \
- +kmod-crypto-sha256 \
- +kmod-crypto-cmac \
- +kmod-crypto-sha512 \
- +kmod-crypto-aead \
- +kmod-crypto-ccm
-endef
-
-define KernelPackage/fs-cifsd/description
- Kernel module for a CIFS/SMBv2,3 fileserver.
-endef
-
-# broken atm (needs CONFIG_KEYS=y)
-#EXTRA_CFLAGS+=-DCONFIG_CIFSD_ACL
-
-define Build/Compile
- $(KERNEL_MAKE) SUBDIRS="$(PKG_BUILD_DIR)" \
- EXTRA_CFLAGS="$(EXTRA_CFLAGS)" \
- CONFIG_CIFS_SERVER=m \
- modules
-endef
-
-$(eval $(call KernelPackage,fs-cifsd))
--- /dev/null
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=smbd
+PKG_VERSION:=3.0.2
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://github.com/cifsd-team/$(PKG_NAME)/archive/$(PKG_VERSION)/
+PKG_HASH:=13e256fed6992fddec5027d0866bc1eb4ff8da1e5f6a41b3296007f5cceb1a0a
+
+PKG_MAINTAINER:=Andy Walsh <andy.walsh44+github@gmail.com>
+PKG_LICENSE:=GPL-2.0-or-later
+PKG_LICENSE_FILES:=COPYING
+
+include $(INCLUDE_DIR)/kernel.mk
+include $(INCLUDE_DIR)/package.mk
+
+define KernelPackage/fs-smbd
+ SUBMENU:=Filesystems
+ TITLE:=SMB kernel server support
+ URL:=https://github.com/cifsd-team/smbd
+ FILES:=$(PKG_BUILD_DIR)/smbd.ko
+ DEPENDS:= \
+ +kmod-nls-base \
+ +kmod-nls-utf8 \
+ +kmod-crypto-md4 \
+ +kmod-crypto-md5 \
+ +kmod-crypto-hmac \
+ +kmod-crypto-arc4 \
+ +kmod-crypto-ecb \
+ +kmod-crypto-des \
+ +kmod-crypto-sha256 \
+ +kmod-crypto-cmac \
+ +kmod-crypto-sha512 \
+ +kmod-crypto-aead \
+ +kmod-crypto-ccm \
+ +kmod-crypto-gcm
+endef
+
+define KernelPackage/fs-smbd/description
+ Smbd is an In-kernel SMB2/3 fileserver.
+ It's an implementation of the SMB protocol in kernel space for sharing files and IPC services over network.
+endef
+
+define Build/Compile
+ $(KERNEL_MAKE) SUBDIRS="$(PKG_BUILD_DIR)" \
+ EXTRA_CFLAGS="$(EXTRA_CFLAGS)" \
+ CONFIG_SMB_SERVER=m \
+ modules
+endef
+
+$(eval $(call KernelPackage,fs-smbd))
--- /dev/null
+--- a/glob.h 2019-12-08
++++ b/glob.h 2019-12-08
+@@ -7,6 +7,8 @@
+ #ifndef __SMBD_GLOB_H
+ #define __SMBD_GLOB_H
+
++#undef CONFIG_MODULE_STRIPPED
++
+ #include <linux/ctype.h>
+ #include <linux/version.h>
#
-# Copyright (C) 2018 Jeffery To
+# Copyright (C) 2018, 2020 Jeffery To
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
# $(2) destination prefix
# $(3) go version id
# $(4) GOOS_GOARCH
+# $(5) install suffix (optional)
define GoCompiler/Default/Install/Bin
$(call GoCompiler/Default/Install/make-dirs,$(2),$(3))
endif
$(INSTALL_DIR) $(2)/lib/go-$(3)/pkg
- $(CP) $(1)/pkg/$(4) $(2)/lib/go-$(3)/pkg/
+ $(CP) $(1)/pkg/$(4)$(if $(5),_$(5)) $(2)/lib/go-$(3)/pkg/
$(INSTALL_DIR) $(2)/lib/go-$(3)/pkg/tool/$(4)
$(INSTALL_BIN) -p $(1)/pkg/tool/$(4)/* $(2)/lib/go-$(3)/pkg/tool/$(4)/
# $(3) destination prefix
# $(4) go version id
# $(5) GOOS_GOARCH
+# $(6) install suffix (optional)
define GoCompiler/AddProfile
# $$(1) valid GOOS_GOARCH combinations
# $$(1) override install prefix (optional)
define GoCompiler/$(1)/Install/Bin
- $$(call GoCompiler/Default/Install/Bin,$(2),$$(or $$(1),$(3)),$(4),$(5))
+ $$(call GoCompiler/Default/Install/Bin,$(2),$$(or $$(1),$(3)),$(4),$(5),$(6))
endef
# $$(1) override install prefix (optional)
# for building packages, not user code
GO_PKG_PATH:=/usr/share/gocode
-GO_PKG_BUILD_PKG?=$(GO_PKG)/...
+GO_PKG_BUILD_PKG?=$(strip $(GO_PKG))/...
GO_PKG_WORK_DIR_NAME:=.go_work
GO_PKG_WORK_DIR:=$(PKG_BUILD_DIR)/$(GO_PKG_WORK_DIR_NAME)
GO_PKG_CACHE_DIR:=$(GO_PKG_WORK_DIR)/cache
GO_PKG_TMP_DIR:=$(GO_PKG_WORK_DIR)/tmp
-GO_PKG_BUILD_BIN_DIR:=$(GO_PKG_BUILD_DIR)/bin$(if \
- $(GO_HOST_TARGET_DIFFERENT),/$(GO_OS)_$(GO_ARCH))
+GO_PKG_BUILD_BIN_DIR:=$(GO_PKG_BUILD_DIR)/bin$(if $(GO_HOST_TARGET_DIFFERENT),/$(GO_OS_ARCH))
GO_PKG_BUILD_DEPENDS_SRC:=$(STAGING_DIR)$(GO_PKG_PATH)/src
+ifdef CONFIG_PKG_ASLR_PIE_ALL
+ ifeq ($(strip $(PKG_ASLR_PIE)),1)
+ ifeq ($(GO_TARGET_PIE_SUPPORTED),1)
+ GO_PKG_ENABLE_PIE:=1
+ else
+ $(warning PIE buildmode is not supported for $(GO_OS)/$(GO_ARCH))
+ endif
+ endif
+endif
+
+ifdef CONFIG_PKG_ASLR_PIE_REGULAR
+ ifeq ($(strip $(PKG_ASLR_PIE_REGULAR)),1)
+ ifeq ($(GO_TARGET_PIE_SUPPORTED),1)
+ GO_PKG_ENABLE_PIE:=1
+ else
+ $(warning PIE buildmode is not supported for $(GO_OS)/$(GO_ARCH))
+ endif
+ endif
+endif
+
# sstrip causes corrupted section header size
ifneq ($(CONFIG_USE_SSTRIP),)
ifneq ($(CONFIG_DEBUG),)
CGO_CXXFLAGS="$(filter-out $(GO_CFLAGS_TO_REMOVE),$(TARGET_CXXFLAGS))"
endef
-GoPackage/Environment=$(call GoPackage/Environment/Default,)
+GoPackage/Environment=$(call GoPackage/Environment/Default)
# false if directory does not exist
GoPackage/is_dir_not_empty=$$$$($(FIND) $(1) -maxdepth 0 -type d \! -empty 2>/dev/null)
\! -type d -print | \
sed 's|^\./||') ; \
\
- if [ "$(GO_PKG_INSTALL_ALL)" != 1 ]; then \
+ if [ "$(strip $(GO_PKG_INSTALL_ALL))" != 1 ]; then \
code=$$$$(echo "$$$$files" | grep '\.\(c\|cc\|cpp\|go\|h\|hh\|hpp\|proto\|s\)$$$$') ; \
testdata=$$$$(echo "$$$$files" | grep '\(^\|/\)testdata/') ; \
gomod=$$$$(echo "$$$$files" | grep '\(^\|/\)go\.\(mod\|sum\)$$$$') ; \
\
IFS=$$$$'\n' ; \
\
- echo "Copying files from $(PKG_BUILD_DIR) into $(GO_PKG_BUILD_DIR)/src/$(GO_PKG)" ; \
+ echo "Copying files from $(PKG_BUILD_DIR) into $(GO_PKG_BUILD_DIR)/src/$(strip $(GO_PKG))" ; \
for file in $$$$files; do \
echo $$$$file ; \
- dest=$(GO_PKG_BUILD_DIR)/src/$(GO_PKG)/$$$$file ; \
+ dest=$(GO_PKG_BUILD_DIR)/src/$(strip $(GO_PKG))/$$$$file ; \
mkdir -p $$$$(dirname $$$$dest) ; \
$(CP) $$$$file $$$$dest ; \
done ; \
base=$$$$(basename $$$$dir) ; \
if [ -d $$$$dest/$$$$base ]; then \
case $$$$dir in \
- *$(GO_PKG_PATH)/src/$(GO_PKG)) \
- echo "$(GO_PKG) is already installed. Please check for circular dependencies." ;; \
+ *$(GO_PKG_PATH)/src/$(strip $(GO_PKG))) \
+ echo "$(strip $(GO_PKG)) is already installed. Please check for circular dependencies." ;; \
*) \
link_contents $$$$src/$$$$base $$$$dest/$$$$base ;; \
esac ; \
done ; \
} ; \
\
- if [ "$(GO_PKG_SOURCE_ONLY)" != 1 ]; then \
+ if [ "$(strip $(GO_PKG_SOURCE_ONLY))" != 1 ]; then \
if [ -d $(GO_PKG_BUILD_DEPENDS_SRC) ]; then \
echo "Symlinking directories from $(GO_PKG_BUILD_DEPENDS_SRC) into $(GO_PKG_BUILD_DIR)/src" ; \
link_contents $(GO_PKG_BUILD_DEPENDS_SRC) $(GO_PKG_BUILD_DIR)/src ; \
done ; \
echo ; \
\
- if [ "$(GO_PKG_GO_GENERATE)" = 1 ]; then \
+ if [ "$(strip $(GO_PKG_GO_GENERATE))" = 1 ]; then \
echo "Calling go generate" ; \
go generate -v $(1) $$$$targets ; \
echo ; \
fi ; \
\
- if [ "$(GO_PKG_SOURCE_ONLY)" != 1 ]; then \
+ if [ "$(strip $(GO_PKG_SOURCE_ONLY))" != 1 ]; then \
echo "Building targets" ; \
case $(GO_ARCH) in \
arm) installsuffix="v$(GO_ARM)" ;; \
mips|mipsle) installsuffix="$(GO_MIPS)" ;; \
mips64|mips64le) installsuffix="$(GO_MIPS64)" ;; \
esac ; \
- ldflags="all=-linkmode external -extldflags '$(TARGET_LDFLAGS)'" ; \
- pkg_gcflags="$(GO_PKG_GCFLAGS)" ; \
- pkg_ldflags="$(GO_PKG_LDFLAGS)" ; \
+ ldflags="-linkmode external -extldflags '$(TARGET_LDFLAGS:-z%=-Wl,-z,%)'" ; \
+ pkg_gcflags="$(strip $(GO_PKG_GCFLAGS))" ; \
+ pkg_ldflags="$(strip $(GO_PKG_LDFLAGS))" ; \
for def in $(GO_PKG_LDFLAGS_X); do \
pkg_ldflags="$$$$pkg_ldflags -X $$$$def" ; \
done ; \
go install \
+ $(if $(GO_PKG_ENABLE_PIE),-buildmode pie) \
$$$${installsuffix:+-installsuffix $$$$installsuffix} \
-trimpath \
- -ldflags "$$$$ldflags" \
+ -ldflags "all=$$$$ldflags" \
-v \
$$$${pkg_gcflags:+-gcflags "$$$$pkg_gcflags"} \
- $$$${pkg_ldflags:+-ldflags "$$$$pkg_ldflags"} \
+ $$$${pkg_ldflags:+-ldflags "$$$$pkg_ldflags $$$$ldflags"} \
$(1) \
$$$$targets ; \
retval=$$$$? ; \
define GoPackage/Package/Install/Src
dir=$$$$(dirname $(GO_PKG)) ; \
$(INSTALL_DIR) $(1)$(GO_PKG_PATH)/src/$$$$dir ; \
- $(CP) $(GO_PKG_BUILD_DIR)/src/$(GO_PKG) $(1)$(GO_PKG_PATH)/src/$$$$dir/
+ $(CP) $(GO_PKG_BUILD_DIR)/src/$(strip $(GO_PKG)) $(1)$(GO_PKG_PATH)/src/$$$$dir/
endef
define GoPackage/Package/Install
endef
-ifneq ($(GO_PKG),)
+ifneq ($(strip $(GO_PKG)),)
Build/Configure=$(call GoPackage/Build/Configure)
Build/Compile=$(call GoPackage/Build/Compile)
Build/InstallDev=$(call GoPackage/Build/InstallDev,$(1))
#
-# Copyright (C) 2018 Jeffery To
+# Copyright (C) 2018, 2020 Jeffery To
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(GO_INCLUDE_DIR)/golang-version.mk
+# Unset environment variables
+# There are more magic variables to track down, but ain't nobody got time for that
+
+# From https://golang.org/cmd/go/#hdr-Environment_variables
+
+# General-purpose environment variables:
+unexport \
+ GCCGO \
+ GOARCH \
+ GOBIN \
+ GOCACHE \
+ GODEBUG \
+ GOENV \
+ GOFLAGS \
+ GOOS \
+ GOPATH \
+ GOROOT \
+ GOTMPDIR
+# Unmodified:
+# GOPRIVATE
+# GOPROXY
+# GONOPROXY
+# GOSUMDB
+# GONOSUMDB
+
+# Environment variables for use with cgo:
unexport \
- GOARCH GOBIN GOCACHE GOFLAGS GOHOSTARCH GOOS GOPATH GORACE GOROOT GOTMPDIR GCCGO \
- GOGC GODEBUG GOMAXPROCS GOTRACEBACK \
+ AR \
+ CC \
CGO_ENABLED \
- CGO_CFLAGS CGO_CFLAGS_ALLOW CGO_CFLAGS_DISALLOW \
+ CGO_CFLAGS CGO_CFLAGS_ALLOW CGO_CFLAGS_DISALLOW \
CGO_CPPFLAGS CGO_CPPFLAGS_ALLOW CGO_CPPFLAGS_DISALLOW \
CGO_CXXFLAGS CGO_CXXFLAGS_ALLOW CGO_CXXFLAGS_DISALLOW \
- CGO_FFLAGS CGO_FFLAGS_ALLOW CGO_FFLAGS_DISALLOW \
- CGO_LDFLAGS CGO_LDFLAGS_ALLOW CGO_LDFLAGS_DISALLOW \
- GOARM GO386 GOMIPS GOMIPS64 \
- GO111MODULE \
- GOROOT_FINAL GO_EXTLINK_ENABLED GIT_ALLOW_PROTOCOL \
- CC_FOR_TARGET CXX_FOR_TARGET GO_DISTFLAGS GO_GCFLAGS GO_LDFLAGS GOBUILDTIMELOGFILE GOROOT_BOOTSTRAP \
- BOOT_GO_GCFLAGS GOEXPERIMENT GOBOOTSTRAP_TOOLEXEC
- # there are more magic environment variables to track down, but ain't nobody got time for that
- # deliberately left untouched: GOPROXY GONOPROXY GOSUMDB GONOSUMDB GOPRIVATE
+ CGO_FFLAGS CGO_FFLAGS_ALLOW CGO_FFLAGS_DISALLOW \
+ CGO_LDFLAGS CGO_LDFLAGS_ALLOW CGO_LDFLAGS_DISALLOW \
+ CXX \
+ FC
+# Unmodified:
+# PKG_CONFIG
+
+# Architecture-specific environment variables:
+unexport \
+ GOARM \
+ GO386 \
+ GOMIPS \
+ GOMIPS64 \
+ GOWASM
+
+# Special-purpose environment variables:
+unexport \
+ GCCGOTOOLDIR \
+ GOROOT_FINAL \
+ GO_EXTLINK_ENABLED
+# Unmodified:
+# GIT_ALLOW_PROTOCOL
+
+# From https://golang.org/cmd/go/#hdr-Module_support
+unexport \
+ GO111MODULE
+
+# From https://golang.org/pkg/runtime/#hdr-Environment_Variables
+unexport \
+ GOGC \
+ GOMAXPROCS \
+ GORACE \
+ GOTRACEBACK
+
+# From https://golang.org/cmd/cgo/#hdr-Using_cgo_with_the_go_command
+unexport \
+ CC_FOR_TARGET \
+ CXX_FOR_TARGET
+# Todo:
+# CC_FOR_${GOOS}_${GOARCH}
+# CXX_FOR_${GOOS}_${GOARCH}
+
+# From https://golang.org/doc/install/source#environment
+unexport \
+ GOHOSTOS \
+ GOHOSTARCH \
+ GOPPC64
+
+# From https://golang.org/src/make.bash
+unexport \
+ GO_GCFLAGS \
+ GO_LDFLAGS \
+ GO_LDSO \
+ GO_DISTFLAGS \
+ GOBUILDTIMELOGFILE \
+ GOROOT_BOOTSTRAP
+
+# From https://golang.org/doc/go1.9#parallel-compile
+unexport \
+ GO19CONCURRENTCOMPILATION
+
+# From https://golang.org/src/cmd/dist/build.go
+unexport \
+ BOOT_GO_GCFLAGS \
+ BOOT_GO_LDFLAGS
+
+# From https://golang.org/src/cmd/dist/buildtool.go
+unexport \
+ GOBOOTSTRAP_TOOLEXEC
+
+# From https://golang.org/src/cmd/internal/objabi/util.go
+unexport \
+ GOEXPERIMENT
+
+
+# GOOS / GOARCH
go_arch=$(subst \
aarch64,arm64,$(subst \
GO_HOST_ARCH:=$(call go_arch,$(subst \
armv6l,arm,$(subst \
armv7l,arm,$(subst \
- i486,i386,$(subst \
- i586,i386,$(subst \
- i686,i386,$(HOST_ARCH)))))))
+ i686,i386,$(HOST_ARCH)))))
GO_HOST_OS_ARCH:=$(GO_HOST_OS)_$(GO_HOST_ARCH)
-GO_HOST_TARGET_SAME:=$(if $(and $(findstring $(GO_OS_ARCH),$(GO_HOST_OS_ARCH)),$(findstring $(GO_HOST_OS_ARCH),$(GO_OS_ARCH))),1)
-GO_HOST_TARGET_DIFFERENT:=$(if $(GO_HOST_TARGET_SAME),,1)
+ifeq ($(GO_OS_ARCH),$(GO_HOST_OS_ARCH))
+ GO_HOST_TARGET_SAME:=1
+else
+ GO_HOST_TARGET_DIFFERENT:=1
+endif
+
+ifeq ($(GO_ARCH),386)
+ # ensure binaries can run on older CPUs
+ GO_386:=387
+
+ # -fno-plt: causes "unexpected GOT reloc for non-dynamic symbol" errors
+ GO_CFLAGS_TO_REMOVE:=-fno-plt
+
+else ifeq ($(GO_ARCH),arm)
+ GO_TARGET_FPU:=$(word 2,$(subst +,$(space),$(call qstrip,$(CONFIG_CPU_TYPE))))
-# ensure binaries can run on older CPUs
-GO_386:=387
+ # FPU names from https://gcc.gnu.org/onlinedocs/gcc-8.3.0/gcc/ARM-Options.html#index-mfpu-1
+ # see also https://github.com/gcc-mirror/gcc/blob/gcc-8_3_0-release/gcc/config/arm/arm-cpus.in
+ #
+ # Assumptions:
+ #
+ # * -d16 variants (16 instead of 32 double-precision registers) acceptable
+ # Go doesn't appear to check the HWCAP_VFPv3D16 flag in
+ # https://github.com/golang/go/blob/release-branch.go1.13/src/runtime/os_linux_arm.go
+ #
+ # * Double-precision required
+ # Based on no evidence(!)
+ # Excludes vfpv3xd, vfpv3xd-fp16, fpv4-sp-d16, fpv5-sp-d16
-GO_ARM:=$(if $(CONFIG_arm_v7),7,$(if $(CONFIG_arm_v6),6,$(if $(findstring $(GO_ARCH),arm),5,)))
+ GO_ARM_7_FPUS:= \
+ vfpv3 vfpv3-fp16 vfpv3-d16 vfpv3-d16-fp16 neon neon-vfpv3 neon-fp16 \
+ vfpv4 vfpv4-d16 neon-vfpv4 \
+ fpv5-d16 fp-armv8 neon-fp-armv8 crypto-neon-fp-armv8
-GO_MIPS:=$(if $(filter $(GO_ARCH),mips mipsle),$(if $(CONFIG_HAS_FPU),hardfloat,softfloat),)
+ GO_ARM_6_FPUS:=vfp vfpv2
-GO_MIPS64:=$(if $(filter $(GO_ARCH),mips64 mips64le),$(if $(CONFIG_HAS_FPU),hardfloat,softfloat),)
+ ifneq ($(filter $(GO_TARGET_FPU),$(GO_ARM_7_FPUS)),)
+ GO_ARM:=7
+ else ifneq ($(filter $(GO_TARGET_FPU),$(GO_ARM_6_FPUS)),)
+ GO_ARM:=6
+ else
+ GO_ARM:=5
+ endif
-# -fno-plt: causes "unexpected GOT reloc for non-dynamic symbol" errors
-# -mips32r2: conflicts with -march=mips32 set by go
-GO_CFLAGS_TO_REMOVE:=$(if \
-$(filter $(GO_ARCH),386),-fno-plt,$(if \
-$(filter $(GO_ARCH),mips mipsle),-mips32r2,))
+else ifneq ($(filter $(GO_ARCH),mips mipsle),)
+ ifeq ($(CONFIG_HAS_FPU),y)
+ GO_MIPS:=hardfloat
+ else
+ GO_MIPS:=softfloat
+ endif
+
+ # -mips32r2: conflicts with -march=mips32 set by go
+ GO_CFLAGS_TO_REMOVE:=-mips32r2
+
+else ifneq ($(filter $(GO_ARCH),mips64 mips64le),)
+ ifeq ($(CONFIG_HAS_FPU),y)
+ GO_MIPS64:=hardfloat
+ else
+ GO_MIPS64:=softfloat
+ endif
+
+endif
+
+
+# Target Go
GO_ARCH_DEPENDS:=@(aarch64||arm||i386||i686||mips||mips64||mips64el||mipsel||powerpc64||x86_64)
GO_TARGET_PREFIX:=/usr
GO_TARGET_VERSION_ID:=$(GO_VERSION_MAJOR_MINOR)
GO_TARGET_ROOT:=$(GO_TARGET_PREFIX)/lib/go-$(GO_TARGET_VERSION_ID)
+
+
+# ASLR/PIE
+
+GO_PIE_SUPPORTED_OS_ARCH:= \
+ android_386 android_amd64 android_arm android_arm64 \
+ linux_386 linux_amd64 linux_arm linux_arm64 \
+ \
+ darwin_amd64 \
+ freebsd_amd64 \
+ \
+ aix_ppc64 \
+ \
+ linux_ppc64le linux_s390x
+
+go_pie_install_suffix=$(if $(filter $(1),aix_ppc64),,shared)
+
+ifneq ($(filter $(GO_HOST_OS_ARCH),$(GO_PIE_SUPPORTED_OS_ARCH)),)
+ GO_HOST_PIE_SUPPORTED:=1
+ GO_HOST_PIE_INSTALL_SUFFIX:=$(call go_pie_install_suffix,$(GO_HOST_OS_ARCH))
+endif
+
+ifneq ($(filter $(GO_OS_ARCH),$(GO_PIE_SUPPORTED_OS_ARCH)),)
+ GO_TARGET_PIE_SUPPORTED:=1
+ GO_TARGET_PIE_INSTALL_SUFFIX:=$(call go_pie_install_suffix,$(GO_OS_ARCH))
+endif
GO_VERSION_MAJOR_MINOR:=1.13
-GO_VERSION_PATCH:=4
+GO_VERSION_PATCH:=6
#
-# Copyright (C) 2018 Jeffery To
+# Copyright (C) 2018, 2020 Jeffery To
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
PKG_SOURCE:=go$(PKG_VERSION).src.tar.gz
PKG_SOURCE_URL:=$(GO_SOURCE_URLS)
-PKG_HASH:=95dbeab442ee2746b9acf0934c8e2fc26414a0565c008631b04addb8c02e7624
+PKG_HASH:=aae5be954bdc40bcf8006eb77e8d8a5dde412722bc8effcdaf9772620d06420c
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=LICENSE
HOST_GO_ROOT:=$(HOST_GO_PREFIX)/lib/go-$(HOST_GO_VERSION_ID)
HOST_GO_VALID_OS_ARCH:= \
- android_arm \
- darwin_386 darwin_amd64 darwin_arm darwin_arm64 \
- dragonfly_amd64 \
- freebsd_386 freebsd_amd64 freebsd_arm \
- linux_386 linux_amd64 linux_arm linux_arm64 \
- netbsd_386 netbsd_amd64 netbsd_arm \
- openbsd_386 openbsd_amd64 openbsd_arm \
- plan9_386 plan9_amd64 \
- solaris_amd64 \
+ android_386 android_amd64 android_arm android_arm64 \
+ darwin_386 darwin_amd64 darwin_arm darwin_arm64 \
+ linux_386 linux_amd64 linux_arm linux_arm64 \
+ openbsd_386 openbsd_amd64 openbsd_arm openbsd_arm64 \
+ \
+ freebsd_386 freebsd_amd64 freebsd_arm \
+ netbsd_386 netbsd_amd64 netbsd_arm \
+ plan9_386 plan9_amd64 plan9_arm \
+ \
windows_386 windows_amd64 \
\
- linux_ppc64 linux_ppc64le linux_mips linux_mipsle linux_mips64 linux_mips64le
+ dragonfly_amd64 \
+ illumos_amd64 \
+ solaris_amd64 \
+ \
+ aix_ppc64 \
+ js_wasm \
+ \
+ linux_ppc64 linux_ppc64le linux_mips linux_mipsle linux_mips64 linux_mips64le linux_s390x
BOOTSTRAP_SOURCE:=go1.4-bootstrap-20171003.tar.gz
BOOTSTRAP_SOURCE_URL:=$(GO_SOURCE_URLS)
RSTRIP:=:
STRIP:=:
+ifdef CONFIG_PKG_ASLR_PIE_ALL
+ ifeq ($(GO_TARGET_PIE_SUPPORTED),1)
+ PKG_GO_ENABLE_PIE:=1
+ PKG_GO_INSTALL_SUFFIX:=$(GO_TARGET_PIE_INSTALL_SUFFIX)
+ else
+ $(warning PIE buildmode is not supported for $(GO_OS)/$(GO_ARCH))
+ endif
+endif
+
+ifeq ($(GO_HOST_PIE_SUPPORTED),1)
+ HOST_GO_ENABLE_PIE:=1
+ HOST_GO_INSTALL_SUFFIX:=$(GO_HOST_PIE_INSTALL_SUFFIX)
+endif
+
define Package/golang/Default
$(call GoPackage/GoSubMenu)
TITLE:=Go programming language
$(eval $(call Download,golang-bootstrap))
$(eval $(call GoCompiler/AddProfile,Bootstrap,$(BOOTSTRAP_BUILD_DIR),,bootstrap,$(GO_HOST_OS_ARCH)))
-$(eval $(call GoCompiler/AddProfile,Host,$(HOST_BUILD_DIR),$(HOST_GO_PREFIX),$(HOST_GO_VERSION_ID),$(GO_HOST_OS_ARCH)))
-$(eval $(call GoCompiler/AddProfile,Package,$(PKG_BUILD_DIR),$(GO_TARGET_PREFIX),$(GO_TARGET_VERSION_ID),$(GO_OS_ARCH)))
+$(eval $(call GoCompiler/AddProfile,Host,$(HOST_BUILD_DIR),$(HOST_GO_PREFIX),$(HOST_GO_VERSION_ID),$(GO_HOST_OS_ARCH),$(HOST_GO_INSTALL_SUFFIX)))
+$(eval $(call GoCompiler/AddProfile,Package,$(PKG_BUILD_DIR),$(GO_TARGET_PREFIX),$(GO_TARGET_VERSION_ID),$(GO_OS_ARCH),$(PKG_GO_INSTALL_SUFFIX)))
define Host/Prepare
$(call Host/Prepare/Default)
$(BOOTSTRAP_UNPACK)
endef
+# when https://github.com/golang/go/issues/31544 is fixed,
+# we should be able to set GO_LDFLAGS=-buildmode=pie for host make
+# instead of doing a rebuild for pie
define Host/Compile
$(call GoCompiler/Bootstrap/CheckHost,$(BOOTSTRAP_GO_VALID_OS_ARCH))
$(call GoCompiler/Host/CheckHost,$(HOST_GO_VALID_OS_ARCH))
CC=$(HOSTCC_NOCACHE) \
CXX=$(HOSTCXX_NOCACHE) \
)
+
+ ifneq ($(HOST_GO_ENABLE_PIE),)
+ @echo "Rebuilding host Go with PIE"
+
+ ( \
+ cd $(HOST_BUILD_DIR)/bin ; \
+ $(CP) go go-nopie ; \
+ CC=$(HOSTCC_NOCACHE) \
+ CXX=$(HOSTCXX_NOCACHE) \
+ ./go-nopie install -a -buildmode=pie std cmd ; \
+ retval=$$$$? ; \
+ rm -f go-nopie ; \
+ exit $$$$retval ; \
+ )
+ endif
endef
# if host and target os/arch are the same,
$(call GoCompiler/Host/Install/BinLinks,)
- rm -rf $(HOST_GO_ROOT)/pkg/$(GO_HOST_OS_ARCH)
+ rm -rf $(HOST_GO_ROOT)/pkg/$(GO_HOST_OS_ARCH)$(if $(HOST_GO_INSTALL_SUFFIX),_$(HOST_GO_INSTALL_SUFFIX))
$(INSTALL_DIR) $(HOST_GO_ROOT)/openwrt
$(INSTALL_BIN) ./files/go-gcc-helper $(HOST_GO_ROOT)/openwrt/
PKG_CONFIG=pkg-config \
PATH=$(HOST_GO_ROOT)/openwrt:$$$$PATH \
$(call GoPackage/Environment) \
- ./go-host install -a -v std cmd ; \
+ ./go-host install -a $(if $(PKG_GO_ENABLE_PIE),-buildmode=pie) std cmd ; \
retval=$$$$? ; \
rm -f go-host ; \
exit $$$$retval ; \
include $(TOPDIR)/rules.mk
PKG_NAME:=lua-penlight
-PKG_VERSION:=1.6.0
+PKG_VERSION:=1.7.0
PKG_RELEASE:=1
PKG_BUILD_DIR:=$(BUILD_DIR)/Penlight-$(PKG_VERSION)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://codeload.github.com/stevedonovan/Penlight/tar.gz/$(PKG_VERSION)?
-PKG_HASH:=a552d0a314f7aa94c9579746996a7aad4ed59f3187f33b4735d3e323e27354b0
+PKG_SOURCE_URL:=https://codeload.github.com/Tieske/Penlight/tar.gz/$(PKG_VERSION)?
+PKG_HASH:=5b793fc93fa7227190e191e5b24a8f0ce9dd5958ccebe7a53842a58b5d46057f
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=LICENSE.md
SECTION:=lang
CATEGORY:=Languages
TITLE:=Penlight
- URL:=http://stevedonovan.github.io/Penlight/api/manual/01-introduction.md.html
+ URL:=http://tieske.github.io/Penlight/manual/01-introduction.md.html
DEPENDS:=+luafilesystem
MAINTAINER:=Karl Palsson <karlp@etactica.com>
endef
include $(TOPDIR)/rules.mk
PKG_NAME:=lua-rs232
+PKG_SOURCE_DATE:=2019-11-20
+PKG_SOURCE_VERSION:=c106c94d1a5a84e8582c936528303528608776c2
PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/srdgame/librs232
-PKG_SOURCE_DATE:=2019-09-17
-PKG_SOURCE_VERSION:=1c29a279484ee4850611b76a6571566e0ec133bb
-PKG_MIRROR_HASH:=c9063a729935135278f17dd98ca31757acfd4405bdf9f6e49d77ed0df8ddc823
+PKG_MIRROR_HASH:=6fcabfd1501b3a7719229334ce73f1cc74f5ac5795b8faf6d65eb2ae6b14f9a5
PKG_MAINTAINER:=Dirk Chang <dirk@kooiot.com>
PKG_LICENSE:=MIT
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/include/librs232/rs232* $(1)/usr/include/librs232
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/librs232* $(1)/usr/lib/
- $(INSTALL_DIR) $(1)/usr/lib/lua/5.1
- $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/lua/5.1/luars232* $(1)/usr/lib/lua/5.1
+ $(INSTALL_DIR) $(1)/usr/lib/lua
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/lua/5.1/luars232* $(1)/usr/lib/lua
$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/librs232.pc $(1)/usr/lib/pkgconfig
endef
define Package/lua-rs232/install
$(INSTALL_DIR) $(1)/usr/lib/
$(CP) $(PKG_INSTALL_DIR)/usr/lib/librs232.so* $(1)/usr/lib/
- $(INSTALL_DIR) $(1)/usr/lib/lua/5.1
- $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/lua/5.1/luars232* $(1)/usr/lib/lua/5.1
+ $(INSTALL_DIR) $(1)/usr/lib/lua
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/lua/5.1/luars232* $(1)/usr/lib/lua
endef
$(eval $(call BuildPackage,lua-rs232))
#define MODULE_NAMESPACE "luars232"
#define MODULE_VERSION "1.0.3"
#define MODULE_BUILD "$Id: luars232.c 15 2011-02-23 09:02:20Z sp $"
-@@ -552,9 +551,6 @@
+@@ -553,9 +552,6 @@
lua_pushstring(L, MODULE_BUILD);
lua_setfield(L, -2, "_BUILD");
+++ /dev/null
---- a/bindings/lua/luars232.c
-+++ b/bindings/lua/luars232.c
-@@ -529,7 +529,7 @@ static void create_metatables(lua_State *L, const char *name, const luaL_reg *me
- #endif
- }
-
--RS232_LIB int luaopen_luars232(lua_State *L)
-+RS232_LIB static int luaopen_luars232(lua_State *L)
- {
- int i;
- create_metatables(L, MODULE_NAMESPACE, port_methods);
-@@ -560,6 +560,7 @@ RS232_LIB int luaopen_luars232(lua_State *L)
- return 1;
- }
-
--RS232_LIB int luaopen_rs232_core(lua_State *L){
-+__attribute__((unused))
-+RS232_LIB static int luaopen_rs232_core(lua_State *L){
- return luaopen_luars232(L);
- }
---- a/include/librs232/rs232.h
-+++ b/include/librs232/rs232.h
-@@ -134,7 +134,7 @@ enum rs232_flow_e {
-
- enum rs232_status_e {
- RS232_PORT_CLOSED,
-- RS232_PORT_OPEN,
-+ RS232_PORT_OPEN
- };
-
- enum rs232_dtr_e {
PKG_NAME:=luajit
PKG_VERSION:=2.1.0-beta3
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=LuaJIT-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://luajit.org/download
DPREFIX=$(PKG_INSTALL_DIR)/usr \
PREFIX=/usr \
TARGET_SYS=Linux \
- TARGET_CFLAGS="$(TARGET_CFLAGS)"
+ TARGET_CFLAGS="$(TARGET_CFLAGS)" \
+ BUILDMODE=dynamic
rm -rf $(PKG_INSTALL_DIR)
mkdir -p $(PKG_INSTALL_DIR)
$(MAKE) -C $(PKG_BUILD_DIR) \
$(INSTALL_DIR) $(1)/usr/include/luajit-2.1
$(CP) $(PKG_INSTALL_DIR)/usr/include/luajit-2.1/*.{h,hpp} $(1)/usr/include/luajit-2.1
$(INSTALL_DIR) $(1)/usr/lib
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/*.{a,so*} $(1)/usr/lib/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/*so* $(1)/usr/lib/
$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
$(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/luajit.pc $(1)/usr/lib/pkgconfig/
$(CP) $(PKG_INSTALL_DIR)/usr/bin/luajit-$(PKG_VERSION) $(PKG_INSTALL_DIR)/usr/bin/$(PKG_NAME)
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
-PKG_BUILD_DEPENDS:=lua/host zip/host
+PKG_BUILD_DEPENDS:=lua/host
HOST_BUILD_DEPENDS:=$(PKG_BUILD_DEPENDS)
HOST_BUILD_PARALLEL:=1
include $(TOPDIR)/rules.mk
PKG_NAME:=luasec
-PKG_VERSION:=0.8.2
+PKG_VERSION:=0.9
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://codeload.github.com/brunoos/luasec/tar.gz/luasec-$(PKG_VERSION)?
-PKG_HASH:=591c35c425d8518bb7d343cde1500606266f76de913d3116c765f5f21ef24d6d
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE_URL:=https://codeload.github.com/brunoos/luasec/tar.gz/v$(PKG_VERSION)?
+PKG_HASH:=6b6b94e8517bf6baf545fad29a2112f9ac7957ad85b4aae8e0727bec77d7a325
MAINTAINER:=W. Michael Petullo <mike@flyn.org>
PKG_LICENSE:=MIT
+++ /dev/null
---- a/src/context.c
-+++ b/src/context.c
-@@ -17,6 +17,7 @@
- #include <openssl/err.h>
- #include <openssl/x509.h>
- #include <openssl/x509v3.h>
-+#include <openssl/dh.h>
-
- #include <lua.h>
- #include <lauxlib.h>
-@@ -819,7 +820,9 @@ LSEC_API int luaopen_ssl_context(lua_State *L)
- luaL_newlib(L, meta_index);
- lua_setfield(L, -2, "__index");
-
-+#ifndef OPENSSL_NO_EC
- lsec_load_curves(L);
-+#endif
-
- /* Return the module */
- luaL_newlib(L, funcs);
---- a/src/ssl.c
-+++ b/src/ssl.c
-@@ -857,6 +857,7 @@ static luaL_Reg funcs[] = {
- */
- LSEC_API int luaopen_ssl_core(lua_State *L)
- {
-+#if OPENSSL_VERSION_NUMBER<0x10100000L
- /* Initialize SSL */
- if (!SSL_library_init()) {
- lua_pushstring(L, "unable to initialize SSL library");
-@@ -864,6 +865,7 @@ LSEC_API int luaopen_ssl_core(lua_State *L)
- }
- OpenSSL_add_all_algorithms();
- SSL_load_error_strings();
-+#endif
-
- #if defined(WITH_LUASOCKET)
- /* Initialize internal library */
---- a/src/x509.c
-+++ b/src/x509.c
-@@ -42,6 +42,10 @@
- #define LSEC_ASN1_STRING_data(x) ASN1_STRING_data(x)
- #endif
-
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#define X509_get0_notBefore X509_get_notBefore
-+#define X509_get0_notAfter X509_get_notAfter
-+#endif
-
- static const char* hex_tab = "0123456789abcdef";
-
-@@ -174,7 +178,7 @@ static void push_asn1_string(lua_State* L, ASN1_STRING *string, int encode)
- /**
- * Return a human readable time.
- */
--static int push_asn1_time(lua_State *L, ASN1_UTCTIME *tm)
-+static int push_asn1_time(lua_State *L, const ASN1_UTCTIME *tm)
- {
- char *tmp;
- long size;
-@@ -490,8 +494,8 @@ static int meth_valid_at(lua_State* L)
- {
- X509* cert = lsec_checkx509(L, 1);
- time_t time = luaL_checkinteger(L, 2);
-- lua_pushboolean(L, (X509_cmp_time(X509_get_notAfter(cert), &time) >= 0
-- && X509_cmp_time(X509_get_notBefore(cert), &time) <= 0));
-+ lua_pushboolean(L, (X509_cmp_time(X509_get0_notAfter(cert), &time) >= 0
-+ && X509_cmp_time(X509_get0_notBefore(cert), &time) <= 0));
- return 1;
- }
-
-@@ -519,7 +523,7 @@ static int meth_serial(lua_State *L)
- static int meth_notbefore(lua_State *L)
- {
- X509* cert = lsec_checkx509(L, 1);
-- return push_asn1_time(L, X509_get_notBefore(cert));
-+ return push_asn1_time(L, X509_get0_notBefore(cert));
- }
-
- /**
-@@ -528,7 +532,7 @@ static int meth_notbefore(lua_State *L)
- static int meth_notafter(lua_State *L)
- {
- X509* cert = lsec_checkx509(L, 1);
-- return push_asn1_time(L, X509_get_notAfter(cert));
-+ return push_asn1_time(L, X509_get0_notAfter(cert));
- }
-
- /**
PKG_NPM_NAME:=node-hid
PKG_NAME:=$(PKG_NPM_NAME)
-PKG_VERSION:=0.7.9
+PKG_VERSION:=1.1.0
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NPM_NAME)-$(PKG_VERSION).tgz
PKG_SOURCE_URL:=https://registry.npmjs.org/$(PKG_NPM_NAME)/-/
-PKG_HASH:=a13710ebff0a2d0e60e08442db192a4e891db89d535306d461b8a95ede7dbd90
+PKG_HASH:=a128331388b9a0ac443fb55493e37a9b8043f34699c60453f395ad37b7d5f145
PKG_BUILD_DEPENDS:=node/host
PKG_USE_MIPS16:=0
PKG_LICENSE_FILES:=
include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/nls.mk
define Package/node-hid
SUBMENU:=Node.js
CATEGORY:=Languages
TITLE:=Node.js package to access HID devices
URL:=https://github.com/node-hid/node-hid
- DEPENDS:=+node +node-npm +libusb-1.0 +hidapi +libudev-fbsd
+ DEPENDS:=+node +node-npm +libusb-1.0 +hidapi +libudev-fbsd $(ICONV_DEPENDS)
endef
define Package/node-hid/description
TMPNPM:=$(shell mktemp -u XXXXXXXXXX)
TARGET_CFLAGS+=$(FPIC) -I$(STAGING_DIR)/usr/include/libusb-1.0
+TARGET_LDFLAGS+=$(if $(ICONV_FULL),-liconv)
define Build/Compile
git init $(PKG_BUILD_DIR)
$(CP) $(PKG_INSTALL_DIR)/usr/lib/node_modules/$(PKG_NPM_NAME)/{node_modules,src} \
$(1)/usr/lib/node/$(PKG_NPM_NAME)/
$(INSTALL_DIR) $(1)/usr/lib/node/$(PKG_NPM_NAME)/build/Release
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/node_modules/$(PKG_NPM_NAME)/build/Release/HID.node \
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/node_modules/$(PKG_NPM_NAME)/build/Release/HID*.node \
$(1)/usr/lib/node/$(PKG_NPM_NAME)/build/Release/
$(INSTALL_DIR) $(1)/usr/bin
$(LN) ../lib/node/node-hid/src/show-devices.js $(1)/usr/bin/hid-showdevices
--- /dev/null
+diff -urN a/hidapi/linux/hid.c b/hidapi/linux/hid.c
+--- a/hidapi/linux/hid.c 1985-10-26 17:15:00.000000000 +0900
++++ b/hidapi/linux/hid.c 2019-12-12 11:15:11.164454207 +0900
+@@ -24,6 +24,7 @@
+ /* C */
+ #include <stdio.h>
+ #include <string.h>
++#include <stdarg.h>
+ #include <stdlib.h>
+ #include <locale.h>
+ #include <errno.h>
PKG_NPM_SCOPE:=serialport
PKG_NPM_NAME:=bindings
PKG_NAME:=node-$(PKG_NPM_SCOPE)-$(PKG_NPM_NAME)
-PKG_VERSION:=2.0.8
+PKG_VERSION:=8.0.4
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NPM_NAME)-$(PKG_VERSION).tgz
PKG_SOURCE_URL:=https://registry.npmjs.org/@$(PKG_NPM_SCOPE)/$(PKG_NPM_NAME)/-/
-PKG_HASH:=2e0d0ca6168ba104fe60692e33c76ec44ff9533bf7b657dfc6e00da410728df4
+PKG_HASH:=fd48dba7fd4de42d9908e33c21cd028345c3d481eff668511966313cfac61695
PKG_BUILD_DEPENDS:=node/host
PKG_USE_MIPS16:=0
PKG_NPM_NAME:=serialport
PKG_NAME:=node-$(PKG_NPM_NAME)
-PKG_VERSION:=7.1.5
-PKG_RELEASE:=2
+PKG_VERSION:=8.0.5
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NPM_NAME)-$(PKG_VERSION).tgz
PKG_SOURCE_URL:=https://registry.npmjs.org/$(PKG_NPM_NAME)/-/
-PKG_HASH:=96996a97a5ba9cb2ad5fc5b249e2f653657e9c2bd6a45c8188ad64a76bf93340
+PKG_HASH:=d06e67edcc2d2c6489d8634b3bcef46325ecee0b9f8d9243af3518505608213e
PKG_BUILD_DEPENDS:=node/host
PKG_USE_MIPS16:=0
--- a/package.json
+++ b/package.json
-@@ -41,7 +41,6 @@
+@@ -46,7 +46,6 @@
],
"dependencies": {
- "@serialport/binding-mock": "^2.0.5",
-- "@serialport/bindings": "^2.0.8",
- "@serialport/parser-byte-length": "^2.0.2",
- "@serialport/parser-cctalk": "^2.0.2",
- "@serialport/parser-delimiter": "^2.0.2",
+ "@serialport/binding-mock": "^8.0.4",
+- "@serialport/bindings": "^8.0.4",
+ "@serialport/parser-byte-length": "^8.0.4",
+ "@serialport/parser-cctalk": "^8.0.4",
+ "@serialport/parser-delimiter": "^8.0.4",
include $(TOPDIR)/rules.mk
PKG_NAME:=perl-www
-PKG_VERSION:=6.41
+PKG_VERSION:=6.43
PKG_RELEASE:=1
PKG_SOURCE_URL:=https://cpan.metacpan.org/authors/id/O/OA/OALDERS
PKG_SOURCE:=libwww-perl-$(PKG_VERSION).tar.gz
-PKG_HASH:=8e271add59a2b773839b902a58a9c955b42008700df93eae1aa37167483a064a
+PKG_HASH:=e9849d7ee6fd0e89cc999e63d7612c951afd6aeea6bc721b767870d9df4ac40d
PKG_BUILD_DIR:=$(BUILD_DIR)/perl/libwww-perl-$(PKG_VERSION)
PKG_MAINTAINER:=Marcel Denia <naoir@gmx.net>
+$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)
endef
+ifeq ($(CONFIG_arc),)
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/lib/perl5/$(PERL_VERSION)
$(CP) $(PKG_INSTALL_DIR)/usr/lib/perl5/$(PERL_VERSION) $(1)/usr/lib/perl5/
endef
+endif
define Package/perl/install
$(INSTALL_DIR) $(1)/usr/bin
PECL_LONGNAME:=Direct I/O functions
PKG_VERSION:=0.1.0
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_HASH:=aab985e374604379d99c9c93207f2c2959ff141740d1a648c0fbd07e0e08a73e
PKG_NAME:=php7-pecl-$(PECL_NAME)
PKG_LICENSE:=PHP-3.01
PKG_LICENSE_FILES:=LICENSE
-PKG_FIXUP:=autoreconf
-
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/nls.mk
include ../php7/pecl.mk
PECL_NAME:=pecl_http
PECL_LONGNAME:=Extended HTTP Support
-PKG_VERSION:=3.2.1
-PKG_RELEASE:=1
-PKG_HASH:=9c5ab5ace7f232699bf4d8997dd9135c92bb630357c51d968d1baca698fadc92
+PKG_VERSION:=3.2.3
+PKG_RELEASE:=2
+PKG_HASH:=cf9d2a2ed335e572366025eca1d69e86c585f96ca07db341839a06f52ee4aa88
PKG_NAME:=php7-pecl-http
PKG_SOURCE:=$(PECL_NAME)-$(PKG_VERSION).tgz
PKG_BUILD_DIR:=$(BUILD_DIR)/pecl-php7/$(PECL_NAME)-$(PKG_VERSION)
PKG_BUILD_PARALLEL:=1
-PKG_FIXUP:=autoreconf
-
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/nls.mk
include ../php7/pecl.mk
--with-http-libidnkit-dir=no \
--with-http-libidnkit2-dir=no
-$(eval $(call PECLPackage,http,$(PECL_LONGNAME),+icu +libcurl +librt +libevent2 +PACKAGE_libidn:libidn +libidn2 +php7-mod-hash +php7-mod-iconv +php7-mod-session +php7-pecl-raphf +php7-pecl-propro,30))
+$(eval $(call PECLPackage,http,$(PECL_LONGNAME),+icu +libcurl +librt +libevent2 +PACKAGE_libidn:libidn +libidn2 +php7-mod-iconv +php7-mod-session +php7-pecl-raphf +php7-pecl-propro,30))
$(eval $(call BuildPackage,$(PKG_NAME)))
PECL_LONGNAME:=Bindings for the Kerberos library
PKG_VERSION:=1.1.2
-PKG_RELEASE:=2
+PKG_RELEASE:=4
PKG_HASH:=3301e047fc7dc3574da19b2a4b18e15feca5ad39db9335c3353a8e16b855c35b
PKG_NAME:=php7-pecl-krb5
PKG_BUILD_DIR:=$(BUILD_DIR)/pecl-php7/$(PECL_NAME)-$(PKG_VERSION)
PKG_BUILD_PARALLEL:=1
-PKG_FIXUP:=autoreconf
-
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/nls.mk
include ../php7/pecl.mk
-CONFIGURE_ARGS+= --with-krb5=shared,"$(STAGING_DIR)/usr"
+CONFIGURE_ARGS+= \
+ --with-krb5=shared,"$(STAGING_DIR)/usr" \
+ --with-krb5config=$(STAGING_DIR)/usr/bin/krb5-config
$(eval $(call PECLPackage,krb5,$(PECL_LONGNAME),+krb5-libs,30))
$(eval $(call BuildPackage,$(PKG_NAME)))
PKG_NAME:=php7-pecl-$(PECL_NAME)
PKG_VERSION=2019-05-30-$(PKG_SOURCE_VERSION)
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/expressif/pecl-event-libevent.git
PKG_BUILD_DIR:=$(BUILD_DIR)/pecl-php7/$(PECL_NAME)-$(PKG_SOURCE_VERSION)
PKG_BUILD_PARALLEL:=1
-PKG_FIXUP:=autoreconf
-
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/nls.mk
include ../php7/pecl.mk
PECL_LONGNAME:=Bindings for the libmcrypt library
PKG_VERSION:=1.0.3
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_HASH:=affd675843a079e9efd49ac2f723286dd5bcb0916315aa53e2ae5edd5eadb034
PKG_NAME:=php7-pecl-mcrypt
PKG_BUILD_DIR:=$(BUILD_DIR)/pecl-php7/$(PECL_NAME)-$(PKG_VERSION)
PKG_BUILD_PARALLEL:=1
-PKG_FIXUP:=autoreconf
-
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/nls.mk
include ../php7/pecl.mk
PKG_BUILD_DIR:=$(BUILD_DIR)/pecl-php7/$(PECL_NAME)-$(PKG_VERSION)
PKG_BUILD_PARALLEL:=1
-PKG_FIXUP:=autoreconf
+#PKG_FIXUP:=autoreconf
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/nls.mk
PECL_NAME:=raphf
PECL_LONGNAME:=Resource and persistent handles factory
-PKG_VERSION:=2.0.0
+PKG_VERSION:=2.0.1
PKG_RELEASE:=2
-PKG_HASH:=95a59ea0dc3fc172805a6acd8327b122dd159b0a85b253826166457a05efa411
+PKG_HASH:=da3566db17422e5ef08b7ff144162952aabc14cb22407cc6b1d2a2d095812bd0
PKG_NAME:=php7-pecl-raphf
PKG_SOURCE:=$(PECL_NAME)-$(PKG_VERSION).tgz
PKG_BUILD_DIR:=$(BUILD_DIR)/pecl-php7/$(PECL_NAME)-$(PKG_VERSION)
PKG_BUILD_PARALLEL:=1
-PKG_FIXUP:=autoreconf
-
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/nls.mk
include ../php7/pecl.mk
PECL_NAME:=redis
PECL_LONGNAME:=PHP extension for interfacing with Redis
-PKG_VERSION:=5.0.2
-PKG_RELEASE:=1
-PKG_HASH:=4e18d7ebe032a562c358d79f94efa5f187ea90db7a56ef648476e24f4fe0b72c
+PKG_VERSION:=5.1.1
+PKG_RELEASE:=2
+PKG_HASH:=621c9d2b4054c797b0e5d5bc5e0f1eeb49bedb37f20e46f838aa4d17d2fe8180
PKG_NAME:=php7-pecl-redis
PKG_SOURCE:=$(PECL_NAME)-$(PKG_VERSION).tgz
PKG_BUILD_DIR:=$(BUILD_DIR)/pecl-php7/$(PECL_NAME)-$(PKG_VERSION)
PKG_BUILD_PARALLEL:=1
-PKG_FIXUP:=autoreconf
-
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/nls.mk
include ../php7/pecl.mk
CONFIGURE_ARGS+= \
--enable-redis \
+ --enable-redis-json \
--disable-redis-igbinary \
- --disable-redis-lzf
+ --disable-redis-lzf \
+ --disable-redis-msgpack
-$(eval $(call PECLPackage,$(PECL_NAME),$(PECL_LONGNAME),+php7-mod-hash +php7-mod-session,25))
+$(eval $(call PECLPackage,$(PECL_NAME),$(PECL_LONGNAME),+php7-mod-json +php7-mod-session,25))
$(eval $(call BuildPackage,$(PKG_NAME)))
include $(TOPDIR)/rules.mk
PKG_NAME:=php
-PKG_VERSION:=7.2.25
-PKG_RELEASE:=1
+PKG_VERSION:=7.4.1
+PKG_RELEASE:=2
PKG_MAINTAINER:=Michael Heimpold <mhei@heimpold.de>
-
PKG_LICENSE:=PHP-3.01
PKG_LICENSE_FILES:=LICENSE
PKG_CPE_ID:=cpe:/a:php:php
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://www.php.net/distributions/
-PKG_HASH:=746efeedc38e6ff7b1ec1432440f5fa801537adf6cd21e4afb3f040e5b0760a9
+PKG_HASH:=561bb866bdd509094be00f4ece7c3543ec971c4d878645ee81437e291cffc762
-PKG_FIXUP:=libtool autoreconf
PKG_BUILD_PARALLEL:=1
PKG_USE_MIPS16:=0
-PHP7_MODULES = \
+PHP7_MODULES= \
bcmath \
calendar ctype curl \
- fileinfo \
dom \
exif \
- ftp \
+ fileinfo filter ftp \
gettext gd gmp \
- hash \
iconv imap intl \
json \
ldap \
pcntl pdo pdo-mysql pdo-pgsql pdo-sqlite pgsql phar \
session shmop simplexml snmp soap sockets sqlite3 sysvmsg sysvsem sysvshm \
tokenizer \
- xml xmlreader xmlwriter zip \
+ xml xmlreader xmlwriter \
+ zip
PKG_CONFIG_DEPENDS:= \
$(patsubst %,CONFIG_PACKAGE_php7-mod-%,$(PHP7_MODULES)) \
- CONFIG_PHP7_FILTER CONFIG_PHP7_LIBXML CONFIG_PHP7_SYSTEMTZDATA CONFIG_PHP7_LIBFREETYPE
+ CONFIG_PHP7_LIBXML CONFIG_PHP7_SYSTEMTZDATA
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/nls.mk
endef
define Package/php7/config
- config PHP7_FILTER
- bool "PHP7 Filter support"
- depends on PACKAGE_php7-cli || PACKAGE_php7-cgi
- default y
-
config PHP7_LIBXML
bool "PHP7 LIBXML support"
depends on PACKAGE_php7-cli || PACKAGE_php7-cgi
define Package/php7
$(call Package/php7/Default)
- DEPENDS:=+libpcre +zlib \
+ DEPENDS:=+libpcre2 +zlib \
+PHP7_LIBXML:libxml2 \
+PHP7_SYSTEMTZDATA:zoneinfo-core
endef
This package contains the FastCGI Process Manager of the PHP7 interpreter.
endef
-define Package/php7-mod-gd/config
- config PHP7_LIBFREETYPE
- bool "Enable Freetype 2 support in php7-mod-gd"
- depends on PACKAGE_php7-mod-gd
- default y
-endef
-
define Package/php7-mod-intl/config
config PHP7_FULLICUDATA
bool "Add dependency to full ICU Data"
--disable-short-tags \
\
--without-valgrind \
- --with-pcre-regex="$(STAGING_DIR)/usr" \
- --with-zlib="$(STAGING_DIR)/usr" \
- --with-zlib-dir="$(STAGING_DIR)/usr"
+ --with-external-pcre \
+ --with-zlib="$(STAGING_DIR)/usr"
ifneq ($(SDK)$(CONFIG_PACKAGE_php7-mod-bcmath),)
CONFIGURE_ARGS+= --enable-bcmath=shared
endif
ifneq ($(SDK)$(CONFIG_PACKAGE_php7-mod-curl),)
- CONFIGURE_ARGS+= --with-curl=shared,"$(STAGING_DIR)/usr"
+ CONFIGURE_ARGS+= --with-curl=shared
else
CONFIGURE_ARGS+= --without-curl
endif
-ifneq ($(SDK)$(CONFIG_PACKAGE_php7-mod-fileinfo),)
- CONFIGURE_ARGS+= --enable-fileinfo=shared
-else
- CONFIGURE_ARGS+= --disable-fileinfo
-endif
-
-ifneq ($(SDK)$(CONFIG_PACKAGE_php7-mod-gettext),)
- CONFIGURE_ARGS+= --with-gettext=shared,"$(STAGING_DIR)/usr/lib/libintl-full"
-else
- CONFIGURE_ARGS+= --without-gettext
-endif
-
ifneq ($(SDK)$(CONFIG_PACKAGE_php7-mod-dom),)
CONFIGURE_ARGS+= --enable-dom=shared
else
CONFIGURE_ARGS+= --disable-exif
endif
+ifneq ($(SDK)$(CONFIG_PACKAGE_php7-mod-fileinfo),)
+ CONFIGURE_ARGS+= --enable-fileinfo=shared,"$(STAGING_DIR)/usr"
+else
+ CONFIGURE_ARGS+= --disable-fileinfo
+endif
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_php7-mod-filter),)
+ CONFIGURE_ARGS+= --enable-filter=shared,"$(STAGING_DIR)/usr"
+else
+ CONFIGURE_ARGS+= --disable-filter
+endif
+
ifneq ($(SDK)$(CONFIG_PACKAGE_php7-mod-ftp),)
CONFIGURE_ARGS+= --enable-ftp=shared
else
ifneq ($(SDK)$(CONFIG_PACKAGE_php7-mod-gd),)
CONFIGURE_ARGS+= \
- --with-gd=shared \
- --with-jpeg-dir="$(STAGING_DIR)/usr" \
- --with-png-dir="$(STAGING_DIR)/usr" \
- --with-webp-dir="$(STAGING_DIR)/usr" \
- --without-xpm-dir \
- --enable-gd-native-ttf \
- --disable-gd-jis-conv
+ --enable-gd=shared,"$(STAGING_DIR)/usr" \
+ --with-external-gd
else
- CONFIGURE_ARGS+= --without-gd
+ CONFIGURE_ARGS+= --disable-gd
endif
-ifneq ($(CONFIG_PHP7_LIBFREETYPE),)
- CONFIGURE_ARGS+= --with-freetype-dir="$(STAGING_DIR)"
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_php7-mod-gettext),)
+ CONFIGURE_ARGS+= --with-gettext=shared,"$(STAGING_DIR)/usr/lib/libintl-full"
else
- CONFIGURE_ARGS+= --without-freetype-dir
+ CONFIGURE_ARGS+= --without-gettext
endif
ifneq ($(SDK)$(CONFIG_PACKAGE_php7-mod-gmp),)
CONFIGURE_ARGS+= --without-gmp
endif
-ifneq ($(SDK)$(CONFIG_PACKAGE_php7-mod-hash),)
- CONFIGURE_ARGS+= --enable-hash=shared
-else
- CONFIGURE_ARGS+= --disable-hash
-endif
-
ifneq ($(SDK)$(CONFIG_PACKAGE_php7-mod-iconv),)
CONFIGURE_ARGS+= --with-iconv=shared,"$(ICONV_PREFIX)"
else
ifneq ($(SDK)$(CONFIG_PACKAGE_php7-mod-imap),)
CONFIGURE_ARGS+= \
--with-imap=shared,"$(STAGING_DIR)/usr" \
- --with-imap-kerberos=no \
+ --with-kerberos=no \
--with-imap-ssl="$(STAGING_DIR)/usr"
else
CONFIGURE_ARGS+= --without-imap
ifneq ($(SDK)$(CONFIG_PACKAGE_php7-mod-ldap),)
CONFIGURE_ARGS+= \
--with-ldap=shared,"$(STAGING_DIR)/usr" \
- --with-ldap-sasl="$(STAGING_DIR)/usr"
+ --with-ldap-sasl
else
CONFIGURE_ARGS+= --without-ldap
endif
ifneq ($(SDK)$(CONFIG_PACKAGE_php7-mod-mbstring),)
- CONFIGURE_ARGS+= --enable-mbstring=shared --enable-mbregex
+ CONFIGURE_ARGS+= \
+ --enable-mbstring=shared \
+ --enable-mbregex
else
CONFIGURE_ARGS+= --disable-mbstring
endif
ifneq ($(SDK)$(CONFIG_PACKAGE_php7-mod-openssl)$(CONFIG_PACKAGE_php7-mod-ftp)$(CONFIG_PACKAGE_php7-mod-imap)$(CONFIG_PACKAGE_php7-mod-snmp),)
CONFIGURE_ARGS+= \
- --with-openssl=shared,"$(STAGING_DIR)/usr" \
+ --with-openssl=shared \
--with-kerberos=no \
--with-openssl-dir="$(STAGING_DIR)/usr"
else
CONFIGURE_ARGS+= --without-pdo-pgsql
endif
ifneq ($(SDK)$(CONFIG_PACKAGE_php7-mod-pdo-sqlite),)
- CONFIGURE_ARGS+= --with-pdo-sqlite=shared,"$(STAGING_DIR)/usr"
+ CONFIGURE_ARGS+= --with-pdo-sqlite=shared
else
CONFIGURE_ARGS+= --without-pdo-sqlite
endif
endif
ifneq ($(SDK)$(CONFIG_PACKAGE_php7-mod-sqlite3),)
- CONFIGURE_ARGS+= --with-sqlite3=shared,"$(STAGING_DIR)/usr"
+ CONFIGURE_ARGS+= --with-sqlite3=shared
else
CONFIGURE_ARGS+= --without-sqlite3
endif
ifneq ($(SDK)$(CONFIG_PACKAGE_php7-mod-xml),)
CONFIGURE_ARGS+= --enable-xml=shared,"$(STAGING_DIR)/usr"
- ifneq ($(CONFIG_PHP7_LIBXML),)
- CONFIGURE_ARGS+= --with-libxml-dir="$(STAGING_DIR)/usr/include/libxml2"
- else
- CONFIGURE_ARGS+= --with-libexpat-dir="$(STAGING_DIR)/usr"
+ ifneq ($(CONFIG_PHP7_LIBXML),y)
+ CONFIGURE_ARGS+= --with-expat
endif
else
CONFIGURE_ARGS+= --disable-xml
endif
ifneq ($(CONFIG_PACKAGE_php7-mod-zip),)
- CONFIGURE_ARGS+= --enable-zip=shared
+ CONFIGURE_ARGS+= --with-zip=shared,"$(STAGING_DIR)/usr"
else
- CONFIGURE_ARGS+= --disable-zip
-endif
-
-ifneq ($(SDK)$(CONFIG_PHP7_FILTER),)
- CONFIGURE_ARGS+= --enable-filter
-else
- CONFIGURE_ARGS+= --disable-filter
+ CONFIGURE_ARGS+= --without-zip
endif
ifneq ($(SDK)$(CONFIG_PHP7_LIBXML),)
- CONFIGURE_ARGS+= --enable-libxml
- CONFIGURE_ARGS+= --with-libxml-dir="$(STAGING_DIR)/usr/include/libxml2"
+ CONFIGURE_ARGS+= --with-libxml
else
- CONFIGURE_ARGS+= --disable-libxml
+ CONFIGURE_ARGS+= --without-libxml
endif
ifneq ($(CONFIG_PHP7_SYSTEMTZDATA),)
php_cv_cc_rpath="no" \
iconv_impl_name="gnu_libiconv" \
ac_cv_php_xml2_config_path="$(STAGING_DIR)/host/bin/xml2-config" \
- ac_cv_u8t_decompose=yes
+ ac_cv_u8t_decompose=yes \
+ ac_cv_have_pcre2_jit=no
define Package/php7/conffiles
/etc/php.ini
define Build/Prepare
$(call Build/Prepare/Default)
- ( cd $(PKG_BUILD_DIR); touch configure.in; ./buildconf --force )
+ ( cd $(PKG_BUILD_DIR); touch configure.ac; ./buildconf --force )
endef
define Build/InstallDev
$(eval $(call BuildModule,dom,DOM,+@PHP7_LIBXML +PACKAGE_php7-mod-dom:libxml2))
$(eval $(call BuildModule,exif,EXIF))
$(eval $(call BuildModule,fileinfo,Fileinfo))
+$(eval $(call BuildModule,filter,Filter))
$(eval $(call BuildModule,ftp,FTP,+PACKAGE_php7-mod-ftp:libopenssl))
-$(eval $(call BuildModule,gd,GD graphics,+PACKAGE_php7-mod-gd:libjpeg +PACKAGE_php7-mod-gd:libpng +PACKAGE_php7-mod-gd:libwebp +PHP7_LIBFREETYPE:libfreetype))
+$(eval $(call BuildModule,gd,GD graphics,+PACKAGE_php7-mod-gd:libgd-full))
$(eval $(call BuildModule,gettext,Gettext,+PACKAGE_php7-mod-gettext:libintl-full))
$(eval $(call BuildModule,gmp,GMP,+PACKAGE_php7-mod-gmp:libgmp))
-$(eval $(call BuildModule,hash,Hash))
$(eval $(call BuildModule,iconv,iConv,$(ICONV_DEPENDS)))
$(eval $(call BuildModule,imap,IMAP,+PACKAGE_php7-mod-imap:libopenssl +PACKAGE_libpam:libpam +PACKAGE_php7-mod-imap:uw-imap))
$(eval $(call BuildModule,intl,Internationalization Functions,+PACKAGE_php7-mod-intl:icu +PHP7_FULLICUDATA:icu-full-data))
$(eval $(call BuildModule,json,JSON))
$(eval $(call BuildModule,ldap,LDAP,+PACKAGE_php7-mod-ldap:libopenldap +PACKAGE_php7-mod-ldap:libsasl2))
-$(eval $(call BuildModule,mbstring,MBString))
+$(eval $(call BuildModule,mbstring,MBString,+PACKAGE_php7-mod-mbstring:oniguruma))
$(eval $(call BuildModule,mysqli,MySQL Improved Extension,+PACKAGE_php7-mod-mysqli:php7-mod-mysqlnd,30))
-$(eval $(call BuildModule,mysqlnd,MySQL Native Driver,+php7-mod-hash))
+$(eval $(call BuildModule,mysqlnd,MySQL Native Driver))
$(eval $(call BuildModule,opcache,OPcache,,,zend))
$(eval $(call BuildModule,openssl,OpenSSL,+PACKAGE_php7-mod-openssl:libopenssl,15))
$(eval $(call BuildModule,pcntl,PCNTL))
$(eval $(call BuildModule,pdo-pgsql,PDO driver for PostgreSQL,+php7-mod-pdo +PACKAGE_php7-mod-pdo-pgsql:libpq))
$(eval $(call BuildModule,pdo-sqlite,PDO driver for SQLite 3.x,+php7-mod-pdo +PACKAGE_php7-mod-pdo-sqlite:libsqlite3 +PACKAGE_php7-mod-pdo-sqlite:librt))
$(eval $(call BuildModule,pgsql,PostgreSQL,+PACKAGE_php7-mod-pgsql:libpq))
-$(eval $(call BuildModule,phar,Phar Archives,+php7-mod-hash))
+$(eval $(call BuildModule,phar,Phar Archives))
$(eval $(call BuildModule,session,Session))
$(eval $(call BuildModule,shmop,Shared Memory))
$(eval $(call BuildModule,simplexml,SimpleXML,+@PHP7_LIBXML +PACKAGE_php7-mod-simplexml:libxml2))
$(eval $(call BuildModule,xml,XML,+PHP7_LIBXML:libxml2 +!PHP7_LIBXML:libexpat))
$(eval $(call BuildModule,xmlreader,XMLReader,+@PHP7_LIBXML +PACKAGE_php7-mod-dom:php7-mod-dom +PACKAGE_php7-mod-xmlreader:libxml2))
$(eval $(call BuildModule,xmlwriter,XMLWriter,+@PHP7_LIBXML +PACKAGE_php7-mod-xmlwriter:libxml2))
-$(eval $(call BuildModule,zip,ZIP,+PACKAGE_php7-mod-zip:zlib))
+$(eval $(call BuildModule,zip,ZIP,+PACKAGE_php7-mod-zip:libzip))
From: Debian PHP Maintainers <team+pkg-php@tracker.debian.org>
-Date: Thu, 7 Mar 2019 19:36:30 +0000
+Date: Thu, 7 Mar 2019 19:42:35 +0000
Subject: Add-support-for-use-of-the-system-timezone-database
# License: MIT
than embedding a copy. Discussed upstream but was not desired.
History:
-r17: adapt for autotool change in 7.2.16RC1
+r18: adapt for autotool change in 7.3.3RC1
+r17: adapt for timelib 2018.01 (in 7.3.2RC1)
r16: adapt for timelib 2017.06 (in 7.2.3RC1)
r15: adapt for timelib 2017.05beta7 (in 7.2.0RC1)
r14: improve check for valid tz file
r1: initial revision
---
ext/date/config0.m4 | 13 ++
- ext/date/lib/parse_tz.c | 536 +++++++++++++++++++++++++++++++++++++++++++++++-
- 2 files changed, 546 insertions(+), 3 deletions(-)
+ ext/date/lib/parse_tz.c | 535 +++++++++++++++++++++++++++++++++++++++++++++++-
+ 2 files changed, 545 insertions(+), 3 deletions(-)
diff --git a/ext/date/config0.m4 b/ext/date/config0.m4
-index e464156..00dae8b 100644
+index 20e4164..a612436 100644
--- a/ext/date/config0.m4
+++ b/ext/date/config0.m4
-@@ -10,6 +10,19 @@ io.h
+@@ -4,6 +4,19 @@ AC_CHECK_HEADERS([io.h])
dnl Check for strtoll, atoll
AC_CHECK_FUNCS(strtoll atoll)
timelib_sources="lib/astro.c lib/dow.c lib/parse_date.c lib/parse_tz.c
lib/timelib.c lib/tm2unixtime.c lib/unixtime2tm.c lib/parse_iso_intervals.c lib/interval.c"
diff --git a/ext/date/lib/parse_tz.c b/ext/date/lib/parse_tz.c
-index 960e528..501b09e 100644
+index 020da31..9b39c6e 100644
--- a/ext/date/lib/parse_tz.c
+++ b/ext/date/lib/parse_tz.c
-@@ -25,8 +25,21 @@
+@@ -26,8 +26,21 @@
#include "timelib.h"
#include "timelib_private.h"
#if (defined(__APPLE__) || defined(__APPLE_CC__)) && (defined(__BIG_ENDIAN__) || defined(__LITTLE_ENDIAN__))
# if defined(__LITTLE_ENDIAN__)
-@@ -67,6 +80,11 @@ static int read_php_preamble(const unsigned char **tzf, timelib_tzinfo *tz)
+@@ -88,6 +101,11 @@ static int read_php_preamble(const unsigned char **tzf, timelib_tzinfo *tz)
{
uint32_t version;
/* read ID */
version = (*tzf)[3] - '0';
*tzf += 4;
-@@ -374,7 +392,429 @@ void timelib_dump_tzinfo(timelib_tzinfo *tz)
+@@ -412,7 +430,429 @@ void timelib_dump_tzinfo(timelib_tzinfo *tz)
}
}
{
int left = 0, right = tzdb->index_size - 1;
-@@ -400,9 +840,48 @@ static int seek_to_tz_position(const unsigned char **tzf, char *timezone, const
+@@ -438,9 +878,48 @@ static int seek_to_tz_position(const unsigned char **tzf, char *timezone, const
return 0;
}
}
const timelib_tzdb_index_entry *timelib_timezone_identifiers_list(const timelib_tzdb *tzdb, int *count)
-@@ -414,7 +893,30 @@ const timelib_tzdb_index_entry *timelib_timezone_identifiers_list(const timelib_
+@@ -452,7 +931,30 @@ const timelib_tzdb_index_entry *timelib_timezone_identifiers_list(const timelib_
int timelib_timezone_id_is_valid(char *timezone, const timelib_tzdb *tzdb)
{
const unsigned char *tzf;
}
static int skip_64bit_preamble(const unsigned char **tzf, timelib_tzinfo *tz)
-@@ -456,12 +958,14 @@ static timelib_tzinfo* timelib_tzinfo_ctor(char *name)
+@@ -494,12 +996,14 @@ static timelib_tzinfo* timelib_tzinfo_ctor(char *name)
timelib_tzinfo *timelib_parse_tzfile(char *timezone, const timelib_tzdb *tzdb, int *error_code)
{
const unsigned char *tzf;
tmp = timelib_tzinfo_ctor(timezone);
version = read_preamble(&tzf, tmp, &type);
-@@ -484,6 +988,29 @@ timelib_tzinfo *timelib_parse_tzfile(char *timezone, const timelib_tzdb *tzdb, i
- timelib_tzinfo_dtor(tmp);
- return NULL;
+@@ -534,11 +1038,36 @@ timelib_tzinfo *timelib_parse_tzfile(char *timezone, const timelib_tzdb *tzdb, i
}
-+
+ skip_posix_string(&tzf, tmp);
+
+#ifdef HAVE_SYSTEM_TZDATA
+ if (memmap) {
+ const struct location_info *li;
+ munmap(memmap, maplen);
+ } else {
+#endif
- if (version == 2 || version == 3) {
- if (!skip_64bit_preamble(&tzf, tmp)) {
- /* 64 bit preamble is not in place */
-@@ -501,6 +1028,9 @@ timelib_tzinfo *timelib_parse_tzfile(char *timezone, const timelib_tzdb *tzdb, i
+ if (type == TIMELIB_TZINFO_PHP) {
+ read_location(&tzf, tmp);
} else {
set_default_location_and_comments(&tzf, tmp);
}
+++ /dev/null
-From: Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>
-Date: Sat, 2 May 2015 10:26:53 +0200
-Subject: dont-gitclean-in-build
-
----
- build/build.mk | 1 -
- 1 file changed, 1 deletion(-)
-
-diff --git a/build/build.mk b/build/build.mk
-index 9452984..b964def 100644
---- a/build/build.mk
-+++ b/build/build.mk
-@@ -63,6 +63,5 @@ gitclean-work:
- @if (test ! -f '.git/info/exclude' || grep -s "git-ls-files" .git/info/exclude); then \
- (echo "Rebuild .git/info/exclude" && echo '*.o' > .git/info/exclude && git svn propget svn:ignore | grep -v config.nice >> .git/info/exclude); \
- fi; \
-- git clean -X -f -d;
-
- .PHONY: $(ALWAYS) snapshot
1 file changed, 17 insertions(+)
diff --git a/ext/date/php_date.c b/ext/date/php_date.c
-index cbe6e91..1999c83 100644
+index f049ae2..6a044ce 100644
--- a/ext/date/php_date.c
+++ b/ext/date/php_date.c
-@@ -1016,6 +1016,23 @@ static char* guess_timezone(const timelib_tzdb *tzdb)
+@@ -1030,6 +1030,23 @@ static char* guess_timezone(const timelib_tzdb *tzdb)
DATEG(timezone_valid) = 1;
return DATEG(default_timezone);
}
From: Thijs Kinkhorst <thijs@debian.org>
-Date: Wed, 15 Jun 2016 09:18:03 +0200
+Date: Mon, 2 Dec 2019 22:18:43 +0100
Subject: Add patch to remove build timestamps from generated binaries.
---
--- a/ext/standard/info.c
+++ b/ext/standard/info.c
-@@ -830,7 +830,6 @@ PHPAPI void php_print_info(int flag)
+@@ -802,7 +802,6 @@ PHPAPI ZEND_COLD void php_print_info(int flag)
php_info_print_box_end();
php_info_print_table_start();
php_info_print_table_row(2, "System", ZSTR_VAL(php_uname));
#endif
--- a/sapi/apache2handler/config.m4
+++ b/sapi/apache2handler/config.m4
-@@ -67,18 +67,9 @@ if test "$PHP_APXS2" != "no"; then
+@@ -64,18 +64,9 @@ if test "$PHP_APXS2" != "no"; then
fi
APXS_LIBEXECDIR='$(INSTALL_ROOT)'`$APXS -q LIBEXECDIR`
*aix*)
--- a/sapi/cgi/cgi_main.c
+++ b/sapi/cgi/cgi_main.c
-@@ -2442,9 +2442,9 @@ consult the installation file that came
- SG(request_info).no_headers = 1;
- }
+@@ -2392,9 +2392,9 @@ parent_loop_end:
+ SG(headers_sent) = 1;
+ SG(request_info).no_headers = 1;
#if ZEND_DEBUG
-- php_printf("PHP %s (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2018 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
-+ php_printf("PHP %s (%s) (DEBUG)\nCopyright (c) 1997-2018 The PHP Group\n%s", PHP_VERSION, sapi_module.name, get_zend_version());
+- php_printf("PHP %s (%s) (built: %s %s) (DEBUG)\nCopyright (c) The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
++ php_printf("PHP %s (%s) (DEBUG)\nCopyright (c) The PHP Group\n%s", PHP_VERSION, sapi_module.name, get_zend_version());
#else
-- php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) 1997-2018 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
-+ php_printf("PHP %s (%s)\nCopyright (c) 1997-2018 The PHP Group\n%s", PHP_VERSION, sapi_module.name, get_zend_version());
+- php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
++ php_printf("PHP %s (%s)\nCopyright (c) The PHP Group\n%s", PHP_VERSION, sapi_module.name, get_zend_version());
#endif
php_request_shutdown((void *) 0);
fcgi_shutdown();
--- a/sapi/cli/php_cli.c
+++ b/sapi/cli/php_cli.c
-@@ -697,8 +697,8 @@ static int do_cli(int argc, char **argv)
+@@ -645,8 +645,8 @@ static int do_cli(int argc, char **argv) /* {{{ */
goto out;
case 'v': /* show php version & quit */
-- php_printf("PHP %s (%s) (built: %s %s) ( %s)\nCopyright (c) 1997-2018 The PHP Group\n%s",
+- php_printf("PHP %s (%s) (built: %s %s) ( %s)\nCopyright (c) The PHP Group\n%s",
- PHP_VERSION, cli_sapi_module.name, __DATE__, __TIME__,
-+ php_printf("PHP %s (%s) ( %s)\nCopyright (c) 1997-2018 The PHP Group\n%s",
++ php_printf("PHP %s (%s) ( %s)\nCopyright (c) The PHP Group\n%s",
+ PHP_VERSION, cli_sapi_module.name,
#if ZTS
"ZTS "
#else
--- a/sapi/fpm/fpm/fpm_main.c
+++ b/sapi/fpm/fpm/fpm_main.c
-@@ -1755,9 +1755,9 @@ int main(int argc, char *argv[])
+@@ -1722,9 +1722,9 @@ int main(int argc, char *argv[])
SG(request_info).no_headers = 1;
#if ZEND_DEBUG
-- php_printf("PHP %s (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2018 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
-+ php_printf("PHP %s (%s) (DEBUG)\nCopyright (c) 1997-2018 The PHP Group\n%s", PHP_VERSION, sapi_module.name, get_zend_version());
+- php_printf("PHP %s (%s) (built: %s %s) (DEBUG)\nCopyright (c) The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
++ php_printf("PHP %s (%s) (DEBUG)\nCopyright (c) The PHP Group\n%s", PHP_VERSION, sapi_module.name, get_zend_version());
#else
-- php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) 1997-2018 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
-+ php_printf("PHP %s (%s)\nCopyright (c) 1997-2018 The PHP Group\n%s", PHP_VERSION, sapi_module.name, get_zend_version());
+- php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
++ php_printf("PHP %s (%s)\nCopyright (c) The PHP Group\n%s", PHP_VERSION, sapi_module.name, get_zend_version());
#endif
php_request_shutdown((void *) 0);
fcgi_shutdown();
--- a/sapi/phpdbg/phpdbg.c
+++ b/sapi/phpdbg/phpdbg.c
-@@ -1697,10 +1697,8 @@ phpdbg_main:
+@@ -1695,10 +1695,8 @@ phpdbg_main:
phpdbg_do_help_cmd(exec);
} else if (show_version) {
phpdbg_out(
-- "phpdbg %s (built: %s %s)\nPHP %s, Copyright (c) 1997-2018 The PHP Group\n%s",
-+ "phpdbg %s\nPHP %s, Copyright (c) 1997-2018 The PHP Group\n%s",
+- "phpdbg %s (built: %s %s)\nPHP %s, Copyright (c) The PHP Group\n%s",
++ "phpdbg %s\nPHP %s, Copyright (c) The PHP Group\n%s",
PHPDBG_VERSION,
- __DATE__,
- __TIME__,
index 86492d7..31c31ff 100644
--- a/sapi/fpm/status.html.in
+++ b/sapi/fpm/status.html.in
-@@ -71,11 +71,6 @@
+@@ -70,11 +70,6 @@
<tr class="h"><th>PID↓</th><th>Start Time</th><th>Start Since</th><th>Requests Served</th><th>Request Duration</th><th>Request method</th><th>Request URI</th><th>Content Length</th><th>User</th><th>Script</th><th>Last Request %CPU</th><th>Last Request Memory</th></tr>
</table>
</div>
--- a/ext/opcache/ZendAccelerator.c
+++ b/ext/opcache/ZendAccelerator.c
-@@ -2484,11 +2484,6 @@ static void accel_gen_system_id(void)
+@@ -2652,11 +2652,6 @@ static void accel_gen_system_id(void)
PHP_MD5Update(&context, PHP_VERSION, sizeof(PHP_VERSION)-1);
PHP_MD5Update(&context, ZEND_EXTENSION_BUILD_ID, sizeof(ZEND_EXTENSION_BUILD_ID)-1);
PHP_MD5Update(&context, ZEND_BIN_ID, sizeof(ZEND_BIN_ID)-1);
- PHP_MD5Update(&context, __TIME__, sizeof(__TIME__)-1);
- }
PHP_MD5Final(digest, &context);
- for (i = 0; i < 16; i++) {
- c = digest[i] >> 4;
+ php_hash_bin2hex(accel_system_id, digest, sizeof digest);
+ }
--- a/sapi/litespeed/lsapi_main.c
+++ b/sapi/litespeed/lsapi_main.c
-@@ -1057,9 +1057,9 @@ static int cli_main( int argc, char * ar
+@@ -1284,9 +1284,9 @@ static int cli_main( int argc, char * ar
case 'v':
if (php_request_startup() != FAILURE) {
#if ZEND_DEBUG
-- php_printf("PHP %s (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2018 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
-+ php_printf("PHP %s (%s) (DEBUG)\nCopyright (c) 1997-2018 The PHP Group\n%s", PHP_VERSION, sapi_module.name, get_zend_version());
+- php_printf("PHP %s (%s) (built: %s %s) (DEBUG)\nCopyright (c) The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
++ php_printf("PHP %s (%s) (DEBUG)\nCopyright (c) The PHP Group\n%s", PHP_VERSION, sapi_module.name, get_zend_version());
#else
-- php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) 1997-2018 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
-+ php_printf("PHP %s (%s)\nCopyright (c) 1997-2018 The PHP Group\n%s", PHP_VERSION, sapi_module.name, get_zend_version());
+- php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
++ php_printf("PHP %s (%s)\nCopyright (c) The PHP Group\n%s", PHP_VERSION, sapi_module.name, get_zend_version());
#endif
#ifdef PHP_OUTPUT_NEWAPI
php_output_end_all();
+++ /dev/null
---- a/ext/standard/php_crypt_r.c
-+++ b/ext/standard/php_crypt_r.c
-@@ -96,6 +96,8 @@ void _crypt_extended_init_r(void)
- InterlockedIncrement(&initialized);
- #elif defined(HAVE_SYNC_FETCH_AND_ADD)
- __sync_fetch_and_add(&initialized, 1);
-+#elif (defined(__GNUC__) && (__GNUC__ == 3))
-+ initialized = 1;
- #elif defined(HAVE_ATOMIC_H) /* Solaris 10 defines atomic API within */
- membar_producer();
- atomic_add_int(&initialized, 1);
-From dc8bb6a53bfdfe42d9ae81d4e78c6155ad4bfd6e Mon Sep 17 00:00:00 2001
+From dd6ee0fb6715881b204fb4cb124db9134c1a6c7d Mon Sep 17 00:00:00 2001
From: Michael Heimpold <mhei@heimpold.de>
-Date: Sun, 17 May 2015 16:50:50 +0200
+Date: Mon, 2 Dec 2019 22:42:28 +0100
Subject: [PATCH] ext/opcache: fix detection of shm/mmap
The detection of sysvipc and mmap doesn't work well when cross-compiling,
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
---
- ext/opcache/config.m4 | 122 ++-----------------------------------------------
- 1 file changed, 4 insertions(+), 118 deletions(-)
+ ext/opcache/config.m4 | 10 ++++++++--
+ 1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/ext/opcache/config.m4 b/ext/opcache/config.m4
-index b7e4835..7b6c0aa 100644
+index 6c40cafc1..63fa5bb55 100644
--- a/ext/opcache/config.m4
+++ b/ext/opcache/config.m4
-@@ -28,127 +28,13 @@ if test "$PHP_OPCACHE" != "no"; then
-
- AC_CHECK_HEADERS([unistd.h sys/uio.h])
-
-- AC_MSG_CHECKING(for sysvipc shared memory support)
-- AC_TRY_RUN([
--#include <sys/types.h>
--#include <sys/wait.h>
--#include <sys/ipc.h>
--#include <sys/shm.h>
--#include <unistd.h>
--#include <string.h>
--
--int main() {
-- pid_t pid;
-- int status;
-- int ipc_id;
-- char *shm;
-- struct shmid_ds shmbuf;
--
-- ipc_id = shmget(IPC_PRIVATE, 4096, (IPC_CREAT | SHM_R | SHM_W));
-- if (ipc_id == -1) {
-- return 1;
-- }
--
-- shm = shmat(ipc_id, NULL, 0);
-- if (shm == (void *)-1) {
-- shmctl(ipc_id, IPC_RMID, NULL);
-- return 2;
-- }
--
-- if (shmctl(ipc_id, IPC_STAT, &shmbuf) != 0) {
-- shmdt(shm);
-- shmctl(ipc_id, IPC_RMID, NULL);
-- return 3;
-- }
--
-- shmbuf.shm_perm.uid = getuid();
-- shmbuf.shm_perm.gid = getgid();
-- shmbuf.shm_perm.mode = 0600;
--
-- if (shmctl(ipc_id, IPC_SET, &shmbuf) != 0) {
-- shmdt(shm);
-- shmctl(ipc_id, IPC_RMID, NULL);
-- return 4;
-- }
--
-- shmctl(ipc_id, IPC_RMID, NULL);
--
-- strcpy(shm, "hello");
--
-- pid = fork();
-- if (pid < 0) {
-- return 5;
-- } else if (pid == 0) {
-- strcpy(shm, "bye");
-- return 6;
-- }
-- if (wait(&status) != pid) {
-- return 7;
-- }
-- if (!WIFEXITED(status) || WEXITSTATUS(status) != 6) {
-- return 8;
-- }
-- if (strcmp(shm, "bye") != 0) {
-- return 9;
-- }
-- return 0;
--}
--],dnl
-+ AC_CHECK_FUNC(shmget,[
+@@ -89,7 +89,10 @@ int main() {
+ }
+ ]])],[dnl
AC_DEFINE(HAVE_SHM_IPC, 1, [Define if you have SysV IPC SHM support])
-- msg=yes,msg=no,msg=no)
-- AC_MSG_RESULT([$msg])
--
-- AC_MSG_CHECKING(for mmap() using MAP_ANON shared memory support)
-- AC_TRY_RUN([
--#include <sys/types.h>
--#include <sys/wait.h>
--#include <sys/mman.h>
--#include <unistd.h>
--#include <string.h>
--
--#ifndef MAP_ANON
--# ifdef MAP_ANONYMOUS
--# define MAP_ANON MAP_ANONYMOUS
--# endif
--#endif
--#ifndef MAP_FAILED
--# define MAP_FAILED ((void*)-1)
--#endif
--
--int main() {
-- pid_t pid;
-- int status;
-- char *shm;
--
-- shm = mmap(NULL, 4096, PROT_READ | PROT_WRITE, MAP_SHARED | MAP_ANON, -1, 0);
-- if (shm == MAP_FAILED) {
-- return 1;
-- }
--
-- strcpy(shm, "hello");
-+ ])
+- msg=yes],[msg=no],[msg=no])
++ msg=yes],[msg=no],[dnl
++ AC_CHECK_FUNC(shmget,[dnl
++ AC_DEFINE(HAVE_SHM_IPC, 1, [Define if you have SysV IPC SHM support])
++ msg=yes],[msg=no])])
+ AC_MSG_RESULT([$msg])
-- pid = fork();
-- if (pid < 0) {
-- return 5;
-- } else if (pid == 0) {
-- strcpy(shm, "bye");
-- return 6;
-- }
-- if (wait(&status) != pid) {
-- return 7;
-- }
-- if (!WIFEXITED(status) || WEXITSTATUS(status) != 6) {
-- return 8;
-- }
-- if (strcmp(shm, "bye") != 0) {
-- return 9;
-- }
-- return 0;
--}
--],dnl
-+ AC_CHECK_FUNC(mmap,[
+ AC_MSG_CHECKING(for mmap() using MAP_ANON shared memory support)
+@@ -141,7 +144,10 @@ int main() {
+ }
+ ]])],[dnl
AC_DEFINE(HAVE_SHM_MMAP_ANON, 1, [Define if you have mmap(MAP_ANON) SHM support])
-- msg=yes,msg=no,msg=no)
-- AC_MSG_RESULT([$msg])
-+ ])
+- msg=yes],[msg=no],[msg=no])
++ msg=yes],[msg=no],[dnl
++ AC_CHECK_FUNC(mmap,[dnl
++ AC_DEFINE(HAVE_SHM_MMAP_ANON, 1, [Define if you have mmap(MAP_ANON) SHM support])
++ msg=yes],[msg=no])])
+ AC_MSG_RESULT([$msg])
- AC_MSG_CHECKING(for mmap() using /dev/zero shared memory support)
- AC_TRY_RUN([
+ PHP_CHECK_FUNC_LIB(shm_open, rt)
--
-1.7.10.4
+2.17.1
+++ /dev/null
---- a/ext/gd/libgd/gdkanji.c
-+++ b/ext/gd/libgd/gdkanji.c
-@@ -9,6 +9,11 @@
- #include "gdhelpers.h"
-
- #include <stdarg.h>
-+
-+/* force usage of internal conversation routine */
-+#undef HAVE_ICONV_H
-+#undef HAVE_ICONV
-+
- #if defined(HAVE_ICONV_H) || defined(HAVE_ICONV)
- #include <iconv.h>
- #ifdef HAVE_ERRNO_H
+++ /dev/null
---- a/configure.ac
-+++ b/configure.ac
-@@ -422,7 +422,10 @@ PHP_CHECK_FUNC(gethostname, nsl)
- PHP_CHECK_FUNC(gethostbyaddr, nsl)
- PHP_CHECK_FUNC(yp_get_default_domain, nsl)
-
--PHP_CHECK_FUNC(dlopen, dl)
-+PHP_ADD_LIBRARY(dl)
-+PHP_DEF_HAVE(dlopen)
-+PHP_DEF_HAVE(libdl)
-+ac_cv_func_dlopen=yes
- if test "$ac_cv_func_dlopen" = "yes"; then
- AC_DEFINE(HAVE_LIBDL, 1, [ ])
- fi
---- a/ext/fileinfo/config.m4
-+++ b/ext/fileinfo/config.m4
-@@ -46,6 +46,10 @@ int main(void)
- AC_MSG_RESULT(no)
- AC_MSG_NOTICE(using libmagic strcasestr implementation)
- libmagic_sources="$libmagic_sources libmagic/strcasestr.c"
-+ ],[
-+ dnl cross-compiling; assume not present
-+ AC_MSG_NOTICE(using libmagic strcasestr implementation)
-+ libmagic_sources="$libmagic_sources libmagic/strcasestr.c"
- ])
-
- PHP_NEW_EXTENSION(fileinfo, fileinfo.c $libmagic_sources, $ext_shared,,-I@ext_srcdir@/libmagic)
--- a/ext/phar/config.m4 2016-08-17 21:50:58.000000000 +0200
+++ b/ext/phar/config.m4 2016-09-20 22:21:28.494934775 +0200
-@@ -26,7 +26,7 @@
+@@ -19,7 +19,7 @@
fi
PHP_ADD_EXTENSION_DEP(phar, hash, true)
PHP_ADD_EXTENSION_DEP(phar, spl, true)
--- a/configure.ac 2016-09-20 22:26:38.000000000 +0200
+++ b/configure.ac 2016-09-20 22:42:30.380101556 +0200
-@@ -1454,13 +1454,13 @@
+@@ -1430,13 +1430,13 @@
INLINE_CFLAGS="$INLINE_CFLAGS $standard_libtool_flag"
CXXFLAGS="$CXXFLAGS $standard_libtool_flag \$(PROF_FLAGS)"
+++ /dev/null
-commit f11d40ef88f640fe4764d2731d3061472aefe556
-Author: Philip Prindeville <philipp@redfish-solutions.com>
-Date: Wed Aug 9 20:55:25 2017 -0600
-
- Turn php_syslog() into wrapper for syslog and split lines
-
-diff --git a/Zend/zend_smart_string.h b/Zend/zend_smart_string.h
-index 2282202..12d755e 100644
---- a/Zend/zend_smart_string.h
-+++ b/Zend/zend_smart_string.h
-@@ -136,6 +136,10 @@ static zend_always_inline void smart_string_setl(smart_string *dest, char *src,
- dest->c = src;
- }
-
-+static zend_always_inline void smart_string_reset(smart_string *str) {
-+ str->len = 0;
-+}
-+
- #endif
-
- /*
-diff --git a/configure.ac b/configure.ac
-index cb95d86..a63354f 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -1478,7 +1478,7 @@ PHP_ADD_SOURCES(main, main.c snprintf.c spprintf.c php_sprintf.c \
- php_ini.c SAPI.c rfc1867.c php_content_types.c strlcpy.c \
- strlcat.c explicit_bzero.c mergesort.c reentrancy.c php_variables.c php_ticks.c \
- network.c php_open_temporary_file.c \
-- output.c getopt.c, -DZEND_ENABLE_STATIC_TSRMLS_CACHE=1)
-+ output.c getopt.c php_syslog.c, -DZEND_ENABLE_STATIC_TSRMLS_CACHE=1)
-
- PHP_ADD_SOURCES_X(main, fastcgi.c, -DZEND_ENABLE_STATIC_TSRMLS_CACHE=1, PHP_FASTCGI_OBJS, no)
-
-diff --git a/main/php_syslog.c b/main/php_syslog.c
-new file mode 100644
-index 0000000..c351951
---- /dev/null
-+++ b/main/php_syslog.c
-@@ -0,0 +1,81 @@
-+/*
-+ +----------------------------------------------------------------------+
-+ | PHP Version 7 |
-+ +----------------------------------------------------------------------+
-+ | Copyright (c) 2017 The PHP Group |
-+ +----------------------------------------------------------------------+
-+ | This source file is subject to version 3.01 of the PHP license, |
-+ | that is bundled with this package in the file LICENSE, and is |
-+ | available through the world-wide-web at the following url: |
-+ | http://www.php.net/license/3_01.txt |
-+ | If you did not receive a copy of the PHP license and are unable to |
-+ | obtain it through the world-wide-web, please send a note to |
-+ | license@php.net so we can mail you a copy immediately. |
-+ +----------------------------------------------------------------------+
-+ | Author: Philip Prindeville <philipp@redfish-solutions.com> |
-+ +----------------------------------------------------------------------+
-+*/
-+
-+/* $Id$ */
-+
-+#include <stdio.h>
-+#include <string.h>
-+#include <assert.h>
-+#include <stdlib.h>
-+#include "php.h"
-+#include "php_syslog.h"
-+
-+#include "zend.h"
-+#include "zend_smart_string.h"
-+
-+/*
-+ * The SCO OpenServer 5 Development System (not the UDK)
-+ * defines syslog to std_syslog.
-+ */
-+
-+#ifdef HAVE_STD_SYSLOG
-+#define syslog std_syslog
-+#endif
-+
-+PHPAPI void php_syslog(int priority, const char *format, ...) /* {{{ */
-+{
-+ const char *ptr;
-+ unsigned char c;
-+ smart_string fbuf = {0};
-+ smart_string sbuf = {0};
-+ va_list args;
-+
-+ va_start(args, format);
-+ zend_printf_to_smart_string(&fbuf, format, args);
-+ smart_string_0(&fbuf);
-+ va_end(args);
-+
-+ for (ptr = fbuf.c; ; ++ptr) {
-+ c = *ptr;
-+ if (c == '\0') {
-+ syslog(priority, "%.*s", (int)sbuf.len, sbuf.c);
-+ break;
-+ }
-+
-+ if (c != '\n')
-+ smart_string_appendc(&sbuf, c);
-+ else {
-+ syslog(priority, "%.*s", (int)sbuf.len, sbuf.c);
-+ smart_string_reset(&sbuf);
-+ }
-+ }
-+
-+ smart_string_free(&fbuf);
-+ smart_string_free(&sbuf);
-+}
-+
-+/* }}} */
-+
-+/*
-+ * Local variables:
-+ * tab-width: 4
-+ * c-basic-offset: 4
-+ * End:
-+ * vim600: sw=4 ts=4 fdm=marker
-+ * vim<600: sw=4 ts=4
-+ */
-diff --git a/main/php_syslog.h b/main/php_syslog.h
-index be68cc4..4c4ca4e 100644
---- a/main/php_syslog.h
-+++ b/main/php_syslog.h
-@@ -21,6 +21,8 @@
- #ifndef PHP_SYSLOG_H
- #define PHP_SYSLOG_H
-
-+#include "php.h"
-+
- #ifdef PHP_WIN32
- #include "win32/syslog.h"
- #else
-@@ -30,26 +32,12 @@
- #endif
- #endif
-
--/*
-- * The SCO OpenServer 5 Development System (not the UDK)
-- * defines syslog to std_syslog.
-- */
--
--#ifdef syslog
--
--#ifdef HAVE_STD_SYSLOG
--#define php_syslog std_syslog
--#endif
--
--#undef syslog
-+BEGIN_EXTERN_C()
-+PHPAPI void php_syslog(int, const char *format, ...);
-+END_EXTERN_C()
-
- #endif
-
--#ifndef php_syslog
--#define php_syslog syslog
--#endif
--
--#endif
- /*
- * Local variables:
- * tab-width: 4
-diff --git a/win32/build/config.w32 b/win32/build/config.w32
-index 6cbb18b..71cf491 100644
---- a/win32/build/config.w32
-+++ b/win32/build/config.w32
-@@ -241,7 +241,8 @@ ADD_FLAG("CFLAGS_BD_ZEND", "/D ZEND_ENABLE_STATIC_TSRMLS_CACHE=1");
- ADD_SOURCES("main", "main.c snprintf.c spprintf.c getopt.c fopen_wrappers.c \
- php_scandir.c php_ini.c SAPI.c rfc1867.c php_content_types.c strlcpy.c \
- strlcat.c mergesort.c reentrancy.c php_variables.c php_ticks.c network.c \
-- php_open_temporary_file.c output.c internal_functions.c php_sprintf.c");
-+ php_open_temporary_file.c output.c internal_functions.c php_sprintf.c \
-+ php_syslog.c");
- ADD_FLAG("CFLAGS_BD_MAIN", "/D ZEND_ENABLE_STATIC_TSRMLS_CACHE=1");
-
- AC_DEFINE('HAVE_STRNLEN', 1);
+++ /dev/null
---- a/ext/pcre/pcrelib/sljit/sljitNativeMIPS_common.c 2017-11-28 02:22:57.000000000 -0700
-+++ b/ext/pcre/pcrelib/sljit/sljitNativeMIPS_common.c 2017-12-29 17:35:44.231934114 -0700
-@@ -498,12 +498,13 @@ SLJIT_API_FUNC_ATTRIBUTE void* sljit_gen
-
- SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_has_cpu_feature(sljit_s32 feature_type)
- {
-+ sljit_sw fir = 0;
-+
- switch (feature_type) {
- case SLJIT_HAS_FPU:
- #ifdef SLJIT_IS_FPU_AVAILABLE
- return SLJIT_IS_FPU_AVAILABLE;
- #elif defined(__GNUC__)
-- sljit_sw fir;
- asm ("cfc1 %0, $0" : "=r"(fir));
- return (fir >> 22) & 0x1;
- #else
--- /dev/null
+--- a/Zend/zend_alloc.h
++++ b/Zend/zend_alloc.h
+@@ -27,12 +27,12 @@
+ #include "zend.h"
+
+ #ifndef ZEND_MM_ALIGNMENT
+-# define ZEND_MM_ALIGNMENT ((size_t) 8)
++# define ZEND_MM_ALIGNMENT (8)
+ # define ZEND_MM_ALIGNMENT_LOG2 Z_L(3)
+ #elif ZEND_MM_ALIGNMENT < 4
+ # undef ZEND_MM_ALIGNMENT
+ # undef ZEND_MM_ALIGNMENT_LOG2
+-# define ZEND_MM_ALIGNMENT ((size_t) 4)
++# define ZEND_MM_ALIGNMENT (4)
+ # define ZEND_MM_ALIGNMENT_LOG2 Z_L(2)
+ #endif
+
+++ /dev/null
-commit 3763c8f1645983b5abc37c60597e1ecc1bf89019
-Author: Philip Prindeville <philipp@redfish-solutions.com>
-Date: Thu Jan 25 14:18:00 2018 -0700
-
- Always free out_buf in php_iconv_string()
-
-diff --git a/ext/iconv/iconv.c b/ext/iconv/iconv.c
-index 4289242..807bb14 100644
---- a/ext/iconv/iconv.c
-+++ b/ext/iconv/iconv.c
-@@ -699,6 +699,7 @@ PHP_ICONV_API php_iconv_err_t php_iconv_string(const char *in_p, size_t in_len,
- iconv_close(cd);
-
- if (result == (size_t)(-1)) {
-+ zend_string_free(out_buf);
- switch (errno) {
- case EINVAL:
- retval = PHP_ICONV_ERR_ILLEGAL_CHAR;
-@@ -715,7 +716,6 @@ PHP_ICONV_API php_iconv_err_t php_iconv_string(const char *in_p, size_t in_len,
-
- default:
- /* other error */
-- zend_string_free(out_buf);
- return PHP_ICONV_ERR_UNKNOWN;
- }
- }
-@@ -988,9 +988,6 @@ static php_iconv_err_t _php_iconv_strpos(size_t *pretval,
- err = php_iconv_string(ndl, ndl_nbytes, &ndl_buf, GENERIC_SUPERSET_NAME, enc);
-
- if (err != PHP_ICONV_ERR_SUCCESS) {
-- if (ndl_buf != NULL) {
-- zend_string_free(ndl_buf);
-- }
- return err;
- }
-
-@@ -2494,9 +2491,6 @@ PHP_NAMED_FUNCTION(php_if_iconv)
- if (err == PHP_ICONV_ERR_SUCCESS && out_buffer != NULL) {
- RETVAL_STR(out_buffer);
- } else {
-- if (out_buffer != NULL) {
-- zend_string_free(out_buffer);
-- }
- RETURN_FALSE;
- }
- }
+++ /dev/null
---- a/ext/ftp/php_ftp.c
-+++ b/ext/ftp/php_ftp.c
-@@ -320,12 +320,14 @@ static void ftp_destructor_ftpbuf(zend_resource *rsrc)
- PHP_MINIT_FUNCTION(ftp)
- {
- #ifdef HAVE_FTP_SSL
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- SSL_library_init();
- OpenSSL_add_all_ciphers();
- OpenSSL_add_all_digests();
- OpenSSL_add_all_algorithms();
-
- SSL_load_error_strings();
-+#endif
- #endif
-
- le_ftpbuf = zend_register_list_destructors_ex(ftp_destructor_ftpbuf, NULL, le_ftpbuf_name, module_number);
---- a/ext/openssl/openssl.c
-+++ b/ext/openssl/openssl.c
-@@ -683,6 +683,12 @@ static const unsigned char *ASN1_STRING_get0_data(const ASN1_STRING *asn1)
- return M_ASN1_STRING_data(asn1);
- }
-
-+#define OpenSSL_version OpenSSL_version
-+#define OPENSSL_VERSION OPENSSL_VERSION
-+#define X509_getm_notBefore X509_get_notBefore
-+#define X509_getm_notAfter X509_get_notAfter
-+#define EVP_CIPHER_CTX_reset EVP_CIPHER_CTX_cleanup
-+
- #if PHP_OPENSSL_API_VERSION < 0x10002
-
- static int X509_get_signature_nid(const X509 *x)
-@@ -1587,7 +1593,7 @@ PHP_MINFO_FUNCTION(openssl)
- {
- php_info_print_table_start();
- php_info_print_table_row(2, "OpenSSL support", "enabled");
-- php_info_print_table_row(2, "OpenSSL Library Version", SSLeay_version(SSLEAY_VERSION));
-+ php_info_print_table_row(2, "OpenSSL Library Version", OpenSSL_version(OPENSSL_VERSION));
- php_info_print_table_row(2, "OpenSSL Header Version", OPENSSL_VERSION_TEXT);
- php_info_print_table_row(2, "Openssl default config", default_ssl_conf_filename);
- php_info_print_table_end();
-@@ -2361,11 +2367,11 @@ PHP_FUNCTION(openssl_x509_parse)
- add_assoc_string(return_value, "serialNumberHex", hex_serial);
- OPENSSL_free(hex_serial);
-
-- php_openssl_add_assoc_asn1_string(return_value, "validFrom", X509_get_notBefore(cert));
-- php_openssl_add_assoc_asn1_string(return_value, "validTo", X509_get_notAfter(cert));
-+ php_openssl_add_assoc_asn1_string(return_value, "validFrom", X509_getm_notBefore(cert));
-+ php_openssl_add_assoc_asn1_string(return_value, "validTo", X509_getm_notAfter(cert));
-
-- add_assoc_long(return_value, "validFrom_time_t", php_openssl_asn1_time_to_time_t(X509_get_notBefore(cert)));
-- add_assoc_long(return_value, "validTo_time_t", php_openssl_asn1_time_to_time_t(X509_get_notAfter(cert)));
-+ add_assoc_long(return_value, "validFrom_time_t", php_openssl_asn1_time_to_time_t(X509_getm_notBefore(cert)));
-+ add_assoc_long(return_value, "validTo_time_t", php_openssl_asn1_time_to_time_t(X509_getm_notAfter(cert)));
-
- tmpstr = (char *)X509_alias_get0(cert, NULL);
- if (tmpstr) {
-@@ -3455,8 +3461,8 @@ PHP_FUNCTION(openssl_csr_sign)
- php_openssl_store_errors();
- goto cleanup;
- }
-- X509_gmtime_adj(X509_get_notBefore(new_cert), 0);
-- X509_gmtime_adj(X509_get_notAfter(new_cert), 60*60*24*(long)num_days);
-+ X509_gmtime_adj(X509_getm_notBefore(new_cert), 0);
-+ X509_gmtime_adj(X509_getm_notAfter(new_cert), 60*60*24*(long)num_days);
- i = X509_set_pubkey(new_cert, key);
- if (!i) {
- php_openssl_store_errors();
-@@ -6072,7 +6078,7 @@ PHP_FUNCTION(openssl_seal)
-
- /* allocate one byte extra to make room for \0 */
- buf = emalloc(data_len + EVP_CIPHER_CTX_block_size(ctx));
-- EVP_CIPHER_CTX_cleanup(ctx);
-+ EVP_CIPHER_CTX_reset(ctx);
-
- if (EVP_SealInit(ctx, cipher, eks, eksl, &iv_buf[0], pkeys, nkeys) <= 0 ||
- !EVP_SealUpdate(ctx, buf, &len1, (unsigned char *)data, (int)data_len) ||
-@@ -6622,7 +6628,7 @@ PHP_FUNCTION(openssl_encrypt)
- if (free_iv) {
- efree(iv);
- }
-- EVP_CIPHER_CTX_cleanup(cipher_ctx);
-+ EVP_CIPHER_CTX_reset(cipher_ctx);
- EVP_CIPHER_CTX_free(cipher_ctx);
- }
- /* }}} */
-@@ -6709,7 +6715,7 @@ PHP_FUNCTION(openssl_decrypt)
- if (base64_str) {
- zend_string_release(base64_str);
- }
-- EVP_CIPHER_CTX_cleanup(cipher_ctx);
-+ EVP_CIPHER_CTX_reset(cipher_ctx);
- EVP_CIPHER_CTX_free(cipher_ctx);
- }
- /* }}} */
---- a/ext/openssl/xp_ssl.c
-+++ b/ext/openssl/xp_ssl.c
-@@ -56,8 +56,21 @@
- #define HAVE_SSL3 1
- #endif
-
-+#if PHP_OPENSSL_API_VERSION >= 0x10100
-+#define HAVE_TLS 1
-+#endif
-+
-+#ifndef OPENSSL_NO_TLS1_METHOD
-+#define HAVE_TLS1 1
-+#endif
-+
-+#ifndef OPENSSL_NO_TLS1_1_METHOD
- #define HAVE_TLS11 1
-+#endif
-+
-+#ifndef OPENSSL_NO_TLS1_2_METHOD
- #define HAVE_TLS12 1
-+#endif
-
- #ifndef OPENSSL_NO_ECDH
- #define HAVE_ECDH 1
-@@ -78,9 +91,10 @@
- #define STREAM_CRYPTO_IS_CLIENT (1<<0)
- #define STREAM_CRYPTO_METHOD_SSLv2 (1<<1)
- #define STREAM_CRYPTO_METHOD_SSLv3 (1<<2)
--#define STREAM_CRYPTO_METHOD_TLSv1_0 (1<<3)
--#define STREAM_CRYPTO_METHOD_TLSv1_1 (1<<4)
--#define STREAM_CRYPTO_METHOD_TLSv1_2 (1<<5)
-+#define STREAM_CRYPTO_METHOD_TLS (1<<3)
-+#define STREAM_CRYPTO_METHOD_TLSv1_0 (1<<4)
-+#define STREAM_CRYPTO_METHOD_TLSv1_1 (1<<5)
-+#define STREAM_CRYPTO_METHOD_TLSv1_2 (1<<6)
-
- /* Simplify ssl context option retrieval */
- #define GET_VER_OPT(name) \
-@@ -960,9 +974,23 @@ static const SSL_METHOD *php_openssl_select_crypto_method(zend_long method_value
- php_error_docref(NULL, E_WARNING,
- "SSLv3 unavailable in the OpenSSL library against which PHP is linked");
- return NULL;
-+#endif
-+ } else if (method_value == STREAM_CRYPTO_METHOD_TLS) {
-+#ifdef HAVE_TLS
-+ return is_client ? TLS_client_method() : TLS_server_method();
-+#else
-+ php_error_docref(NULL, E_WARNING,
-+ "TLS unavailable in the OpenSSL library against which PHP is linked");
-+ return NULL;
- #endif
- } else if (method_value == STREAM_CRYPTO_METHOD_TLSv1_0) {
-+#ifdef HAVE_TLS1
- return is_client ? TLSv1_client_method() : TLSv1_server_method();
-+#else
-+ php_error_docref(NULL, E_WARNING,
-+ "TLSv1 unavailable in the OpenSSL library against which PHP is linked");
-+ return NULL;
-+#endif
- } else if (method_value == STREAM_CRYPTO_METHOD_TLSv1_1) {
- #ifdef HAVE_TLS11
- return is_client ? TLSv1_1_client_method() : TLSv1_1_server_method();
-@@ -1014,9 +1042,11 @@ static int php_openssl_get_crypto_method_ctx_flags(int method_flags) /* {{{ */
- ssl_ctx_options |= SSL_OP_NO_SSLv3;
- }
- #endif
-+#ifdef HAVE_TLS1
- if (!(method_flags & STREAM_CRYPTO_METHOD_TLSv1_0)) {
- ssl_ctx_options |= SSL_OP_NO_TLSv1;
- }
-+#endif
- #ifdef HAVE_TLS11
- if (!(method_flags & STREAM_CRYPTO_METHOD_TLSv1_1)) {
- ssl_ctx_options |= SSL_OP_NO_TLSv1_1;
include $(TOPDIR)/rules.mk
PKG_NAME:=django
-PKG_VERSION:=2.2.7
+PKG_VERSION:=3.0.2
PKG_RELEASE:=1
PYPI_NAME:=Django
-PKG_HASH:=16040e1288c6c9f68c6da2fe75ebde83c0a158f6f5d54f4c5177b0c1478c5b86
+PKG_HASH:=8c3575f81e11390893860d97e1e0154c47512f180ea55bd84ce8fa69ba8051ca
PKG_MAINTAINER:=Alexandru Ardelean <ardeleanalex@gmail.com>
PKG_LICENSE:=BSD-3-Clause
define Package/python3-django
$(call Package/django/Default)
- DEPENDS:= \
- +PACKAGE_python3-django:python3 \
- +PACKAGE_python3-django:python3-pytz \
- +PACKAGE_python3-django:python3-sqlparse
+ DEPENDS:= +python3 +python3-pytz +python3-sqlparse
VARIANT:=python3
endef
include $(TOPDIR)/rules.mk
PKG_NAME:=django1
-PKG_VERSION:=1.11.26
+PKG_VERSION:=1.11.27
PKG_RELEASE:=1
PYPI_NAME:=Django
-PKG_HASH:=861db7f82436ab43e1411832ed8dca81fc5fc0f7c2039c7e07a080a63092fb44
+PKG_HASH:=20111383869ad1b11400c94b0c19d4ab12975316cd058eabd17452e0546169b8
PKG_MAINTAINER:=Alexandru Ardelean <ardeleanalex@gmail.com>
PKG_LICENSE:=BSD-3-Clause
include $(TOPDIR)/rules.mk
PKG_NAME:=passlib
-PKG_VERSION:=1.7.1
+PKG_VERSION:=1.7.2
PKG_RELEASE:=1
PKG_LICENSE:=BSD-3-Clause
PYPI_NAME:=$(PKG_NAME)
-PKG_HASH:=3d948f64138c25633613f303bcc471126eae67c04d5e3f6b7b8ce6242f8653e0
+PKG_HASH:=8d666cef936198bc2ab47ee9b0410c94adf2ba798e5a84bf220be079ae7ab6a8
include ../pypi.mk
include $(INCLUDE_DIR)/package.mk
--- /dev/null
+#
+# Copyright (C) Alexandru Ardelean <ardeleanalex@gmail.com>
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=pymysql
+PKG_VERSION:=0.9.3
+PKG_RELEASE:=1
+
+PYPI_NAME:=PyMySQL
+PKG_HASH:=d8c059dcd81dedb85a9f034d5e22dcb4442c0b201908bede99e306d65ea7c8e7
+
+PKG_MAINTAINER:=Alexandru Ardelean <ardeleanalex@gmail.com>
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=LICENSE
+
+include ../pypi.mk
+include $(INCLUDE_DIR)/package.mk
+include ../python3-package.mk
+
+define Package/python3-pymysql
+ SUBMENU:=Python
+ SECTION:=lang
+ CATEGORY:=Languages
+ TITLE:=Pure Python MySQL Client
+ URL:=https://pymysql.readthedocs.io/
+ DEPENDS:=+python3 +python3-cryptography
+ VARIANT:=python3
+endef
+
+define Package/python3-pymysql/description
+ This package contains a pure-Python MySQL client library, based on PEP 249.
+endef
+
+$(eval $(call Py3Package,python3-pymysql))
+$(eval $(call BuildPackage,python3-pymysql))
+$(eval $(call BuildPackage,python3-pymysql-src))
#
-# Copyright (C) 2019 CZ.NIC, z. s. p. o. (https://www.nic.cz/)
+# Copyright (C) 2019-2020 CZ.NIC, z. s. p. o. (https://www.nic.cz/)
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(TOPDIR)/rules.mk
PKG_NAME:=aiohttp
-PKG_VERSION:=3.5.4
+PKG_VERSION:=3.6.1
PKG_RELEASE:=1
PYPI_NAME:=$(PKG_NAME)
-PKG_HASH:=9c4c83f4fa1938377da32bc2d59379025ceeee8e24b89f72fcbccd8ca22dc9bf
+PKG_HASH:=fc55b1fec0e4cc1134ffb09ea3970783ee2906dc5dfd7cd16917913f2cfed65b
PKG_MAINTAINER:=Josef Schlehofer <pepe.schlehofer@gmail.com>
PKG_LICENSE:=Apache-2.0
endef
define Package/python3-aiohttp/description
-Asynchronous HTTP client/server framework for asyncio and Python3
+ Asynchronous HTTP client/server framework for asyncio and Python3.
endef
$(eval $(call Py3Package,python3-aiohttp))
include $(TOPDIR)/rules.mk
PKG_NAME:=python-asn1crypto
-PKG_VERSION:=1.2.0
+PKG_VERSION:=1.3.0
PKG_RELEASE:=1
-PKG_SOURCE:=asn1crypto-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://pypi.io/packages/source/a/asn1crypto
-PKG_HASH:=87620880a477123e01177a1f73d0f327210b43a3cdbd714efcd2fa49a8d7b384
+PYPI_NAME:=asn1crypto
+PKG_HASH:=5a215cb8dc12f892244e3a113fe05397ee23c5c4ca7a69cd6e69811755efc42d
-PKG_LICENSE:=MIT
PKG_MAINTAINER:=Alexandru Ardelean <ardeleanalex@gmail.com>
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=LICENSE
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(BUILD_VARIANT)-asn1crypto-$(PKG_VERSION)
-
+include ../pypi.mk
include $(INCLUDE_DIR)/package.mk
-include ../python-package.mk
include ../python3-package.mk
-PKG_UNPACK:=$(HOST_TAR) -C $(PKG_BUILD_DIR) --strip-components=1 -xzf $(DL_DIR)/$(PKG_SOURCE)
-
-define Package/python-asn1crypto/Default
+define Package/python3-asn1crypto
SECTION:=lang
CATEGORY:=Languages
SUBMENU:=Python
URL:=https://github.com/wbond/asn1crypto
-endef
-
-define Package/python-asn1crypto
-$(call Package/python-asn1crypto/Default)
- TITLE:=python-asn1crypto
- DEPENDS:=+PACKAGE_python-asn1crypto:python-light
- VARIANT:=python
-endef
-
-define Package/python3-asn1crypto
-$(call Package/python-asn1crypto/Default)
- TITLE:=python3-asn1crypto
- DEPENDS:=+PACKAGE_python3-asn1crypto:python3-light
+ TITLE:=Fast pure Python lib for ASN1 structures
+ DEPENDS:=+python3-light
VARIANT:=python3
endef
-define Package/python-asn1crypto/description
+define Package/python3-asn1crypto/description
Fast ASN.1 parser and serializer with definitions for
private keys, public keys, certificates, CRL, OCSP,
CMS, PKCS#3, PKCS#7, PKCS#8, PKCS#12, PKCS#5, X.509 and TSP
endef
-define Package/python3-asn1crypto/description
-$(call Package/python-asn1crypto/description)
-.
-(Variant for Python3)
-endef
-
-$(eval $(call PyPackage,python-asn1crypto))
-$(eval $(call BuildPackage,python-asn1crypto))
-$(eval $(call BuildPackage,python-asn1crypto-src))
-
$(eval $(call Py3Package,python3-asn1crypto))
$(eval $(call BuildPackage,python3-asn1crypto))
$(eval $(call BuildPackage,python3-asn1crypto-src))
include $(TOPDIR)/rules.mk
PKG_NAME:=python-certifi
-PKG_VERSION:=2019.9.11
+PKG_VERSION:=2019.11.28
PKG_RELEASE:=1
PKG_MAINTAINER:=Eneas U de Queiroz <cote2004-github@yahoo.com>
PKG_LICENSE_FILES:=LICENSE
PYPI_NAME:=certifi
-PKG_HASH:=e4f3620cfea4f83eedc95b24abd9cd56f3c4b146dd0177e83a21b4eb49e21e50
+PKG_HASH:=25b64c7da4cd7479594d035c08c2d809eb4aab3a26e5a990ea98cc450c320f1f
include ../pypi.mk
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/kernel.mk
PKG_NAME:=python-evdev
-PKG_VERSION:=1.2.0
+PKG_VERSION:=1.3.0
PKG_RELEASE:=1
PKG_LICENSE:=BSD-3-Clause
PKG_MAINTAINER:=Paulo Costa <me@paulo.costa.nom.br>, Alexandru Ardelean <ardeleanalex@gmail.com>
PYPI_NAME:=evdev
-PKG_HASH:=b03f5e1be5b4a5327494a981b831d251a142b09e8778eda1a8b53eba91100166
+PKG_HASH:=b1c649b4fed7252711011da235782b2c260b32e004058d62473471e5cd30634d
include ../pypi.mk
include $(INCLUDE_DIR)/package.mk
include $(TOPDIR)/rules.mk
PKG_NAME:=python-lxml
-PKG_VERSION:=4.4.1
+PKG_VERSION:=4.4.2
PKG_RELEASE:=1
PYPI_NAME:=lxml
-PKG_HASH:=c81cb40bff373ab7a7446d6bbca0190bccc5be3448b47b51d729e37799bb5692
+PKG_HASH:=eff69ddbf3ad86375c344339371168640951c302450c5d3e9936e98d6459db06
PKG_LICENSE:=BSD
PKG_LICENSE_FILES:=LICENSES.txt
#
-# Copyright (C) 2019 CZ.NIC, z. s. p. o. (https://www.nic.cz/)
+# Copyright (C) 2019-2020 CZ.NIC, z. s. p. o. (https://www.nic.cz/)
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(TOPDIR)/rules.mk
PKG_NAME:=python-more-itertools
-PKG_VERSION:=7.2.0
+PKG_VERSION:=8.1.0
PKG_RELEASE:=1
PYPI_NAME:=more-itertools
-PKG_HASH:=409cd48d4db7052af495b09dec721011634af3753ae1ef92d2b32f73a745f832
+PKG_HASH:=c468adec578380b6281a114cb8a5db34eb1116277da92d7c46f904f0b52d3288
PKG_MAINTAINER:=Jan Pavlinec <jan.pavlinec@nic.cz>
PKG_LICENSE:=MIT
include $(TOPDIR)/rules.mk
PKG_NAME:=python-mysqlclient
-PKG_VERSION:=1.4.5
+PKG_VERSION:=1.4.6
PKG_RELEASE:=1
PKG_LICENSE:=GPL-2.0
PYPI_NAME:=mysqlclient
-PKG_HASH:=e80109b0ae8d952b900b31b623181532e5e89376d707dcbeb63f99e69cefe559
+PKG_HASH:=f3fdaa9a38752a3b214a6fe79d7cae3653731a53e577821f9187e67cbecb2e16
PKG_MAINTAINER:=Alexandru Ardelean <ardeleanalex@gmail.com>
include ../pypi.mk
include $(TOPDIR)/rules.mk
PKG_NAME:=python-pyasn1-modules
-PKG_VERSION:=0.2.7
+PKG_VERSION:=0.2.8
PKG_RELEASE:=1
PYPI_NAME:=pyasn1-modules
-PKG_HASH:=0c35a52e00b672f832e5846826f1fb7507907f7d52fba6faa9e3c4cbe874fe4b
+PKG_HASH:=905f84c712230b2c592c19470d3ca8d552de726050d1d1716282a1f6146be65e
PKG_LICENSE:=BSD-2-Clause
PKG_LICENSE_FILES:=LICENSE.txt
include $(TOPDIR)/rules.mk
PKG_NAME:=pyotp
-PKG_VERSION:=2.2.7
+PKG_VERSION:=2.3.0
PKG_RELEASE:=1
PYPI_NAME:=$(PKG_NAME)
-PKG_HASH:=be0ffeabddaa5ee53e7204e7740da842d070cf69168247a3d0c08541b84de602
+PKG_HASH:=fc537e8acd985c5cbf51e11b7d53c42276fee017a73aec7c07380695671ca1a1
PKG_MAINTAINER:=Josef Schlehofer <josef.schlehofer@nic.cz>
PKG_LICENSE:=MIT
include $(TOPDIR)/rules.mk
PKG_NAME:=python-sentry-sdk
-PKG_VERSION:=0.13.2
+PKG_VERSION:=0.13.5
PKG_RELEASE:=1
PYPI_NAME:=sentry-sdk
-PKG_HASH:=ff1fa7fb85703ae9414c8b427ee73f8363232767c9cd19158f08f6e4f0b58fc7
+PKG_HASH:=c6b919623e488134a728f16326c6f0bcdab7e3f59e7f4c472a90eea4d6d8fe82
PKG_MAINTAINER:=Josef Schlehofer <josef.schlehofer@nic.cz>
PKG_LICENSE:=BSD-2-Clause
include $(TOPDIR)/rules.mk
PKG_NAME:=python-simplejson
-PKG_VERSION:=3.16.0
-PKG_RELEASE:=3
+PKG_VERSION:=3.17.0
+PKG_RELEASE:=1
PKG_LICENSE:=MIT
PKG_CPE_ID:=cpe:/a:simplejson_project:simplejson
PYPI_NAME:=simplejson
-PKG_HASH:=b1f329139ba647a9548aa05fb95d046b4a677643070dc2afc05fa2e975d09ca5
+PKG_HASH:=2b4b2b738b3b99819a17feaf118265d0753d5536049ea570b3c43b51c4701e81
include ../pypi.mk
include $(INCLUDE_DIR)/package.mk
include $(TOPDIR)/rules.mk
PKG_NAME:=python-six
-PKG_VERSION:=1.13.0
+PKG_VERSION:=1.14.0
PKG_RELEASE:=1
PYPI_NAME:=six
-PKG_HASH:=30f610279e8b2578cab6db20741130331735c781b56053c59c4076da27f06b66
+PKG_HASH:=236bdbdce46e6e6a3d61a337c0f8b763ca1e8717c03b369e87a7ec7ce1319c0a
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=LICENSE
#
-# Copyright (C) 2019 CZ.NIC, z. s. p. o. (https://www.nic.cz/)
+# Copyright (C) 2019-2020 CZ.NIC, z. s. p. o. (https://www.nic.cz/)
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(TOPDIR)/rules.mk
PKG_NAME:=python-slugify
-PKG_VERSION:=3.0.3
+PKG_VERSION:=4.0.0
PKG_RELEASE:=1
PYPI_NAME:=$(PKG_NAME)
-PKG_HASH:=a9f468227cb11e20e251670d78e1b5f6b0b15dd37bbd5c9814a25a904e44ff66
+PKG_HASH:=a8fc3433821140e8f409a9831d13ae5deccd0b033d4744d94b31fea141bdd84c
PKG_MAINTAINER:=Josef Schlehofer <josef.schlehofer@nic.cz>
PKG_LICENSE:=MIT
include $(TOPDIR)/rules.mk
PKG_NAME:=python-sqlalchemy
-PKG_VERSION:=1.3.7
+PKG_VERSION:=1.3.12
PKG_RELEASE:=1
PYPI_NAME:=SQLAlchemy
-PKG_HASH:=0459bf0ea6478f3e904de074d65769a11d74cdc34438ab3159250c96d089aef0
+PKG_HASH:=bfb8f464a5000b567ac1d350b9090cf081180ec1ab4aa87e7bca12dab25320ec
PKG_MAINTAINER:=Josef Schlehofer <josef.schlehofer@nic.cz>
PKG_LICENSE:=MIT
include $(TOPDIR)/rules.mk
PKG_NAME:=python-urllib3
-PKG_VERSION:=1.25.6
+PKG_VERSION:=1.25.7
PKG_RELEASE:=1
PKG_MAINTAINER:=Josef Schlehofer <pepe.schlehofer@gmail.com>
PKG_CPE_ID:=cpe:/a:urllib3_project:urllib3
PYPI_NAME:=urllib3
-PKG_HASH:=9a107b99a5393caf59c7aa3c1249c16e6879447533d0887f4336dde834c7be86
+PKG_HASH:=f3c5fd51747d450d4dcf6f923c81f78f811aab8205fda64b0aba34a4e48b0745
include ../pypi.mk
include $(INCLUDE_DIR)/package.mk
#
-# Copyright (C) 2019 CZ.NIC, z. s. p. o. (https://www.nic.cz/)
+# Copyright (C) 2019-2020 CZ.NIC, z. s. p. o. (https://www.nic.cz/)
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(TOPDIR)/rules.mk
PKG_NAME:=voluptuous-serialize
-PKG_VERSION:=2.2.0
+PKG_VERSION:=2.3.0
PKG_RELEASE:=1
PYPI_NAME:=$(PKG_NAME)
-PKG_HASH:=8b31660c7efdba0eb97ba65390b63cc62cc99ae3cd25d00e1873b183b38ef13d
+PKG_HASH:=740cd00ce2ecf0f3345d550163fdd2f20de2e0a60c3c678450e68314c2f592f5
PKG_MAINTAINER:=Josef Schlehofer <josef.schlehofer@nic.cz>
PKG_LICENSE:=Apache-2.0
endef
define Package/python3-voluptuous-serialize/description
-Convert Voluptuous schemas to dictionaries so they can be serialized.
+ Convert Voluptuous schemas to dictionaries so they can be serialized.
endef
$(eval $(call Py3Package,python3-voluptuous-serialize))
include $(TOPDIR)/rules.mk
PKG_NAME:=python-yaml
-PKG_VERSION:=5.1.2
+PKG_VERSION:=5.3
PKG_RELEASE:=1
PYPI_NAME:=PyYAML
-PKG_HASH:=01adf0b6c6f61bd11af6e10ca52b7d4057dd0be0343eb9283c878cf3af56aee4
+PKG_HASH:=e9f45bd5b92c7974e59bcd2dcc8631a6b6cc380a904725fce7bc08872e691615
PKG_MAINTAINER:=Josef Schlehofer <josef.schlehofer@nic.cz>
PKG_LICENSE:=MIT
include $(TOPDIR)/rules.mk
PKG_NAME:=python-zipp
-PKG_VERSION:=0.6.0
-PKG_RELEASE:=2
+PKG_VERSION:=2.0.1
+PKG_RELEASE:=1
PYPI_NAME:=zipp
-PKG_HASH:=3718b1cbcd963c7d4c5511a8240812904164b7f381b647143a89d3b98f9bcd8e
+PKG_HASH:=b338014b9bc7102ca69e0fb96ed07215a8954d2989bc5d83658494ab2ba634af
PKG_MAINTAINER:=Paul Spooren <mail@aparcar.org>, Jan Pavlinec <jan.pavlinec@nic.cz>
PKG_LICENSE:=MIT
#
-# Copyright (C) 2019 CZ.NIC z.s.p.o. (http://www.nic.cz/)
+# Copyright (C) 2019-2020 CZ.NIC z.s.p.o. (http://www.nic.cz/)
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(TOPDIR)/rules.mk
PKG_NAME:=maxminddb
-PKG_VERSION:=1.5.1
+PKG_VERSION:=1.5.2
PKG_RELEASE:=1
PYPI_NAME:=$(PKG_NAME)
-PKG_HASH:=449a1713d37320d777d0db286286ab22890f0a176492ecf3ad8d9319108f2f79
+PKG_HASH:=d0ce131d901eb11669996b49a59f410efd3da2c6dbe2c0094fe2fef8d85b6336
PKG_MAINTAINER:=Jan Pavlinec <jan.pavlinec@nic.cz>
PKG_LICENSE:=Apache-2.0
include $(TOPDIR)/rules.mk
PKG_NAME:=python3-pyroute2
-PKG_VERSION:=0.5.6
+PKG_VERSION:=0.5.7
PKG_RELEASE:=1
PYPI_NAME:=pyroute2
-PKG_HASH:=deae0e6191a04c3ee213c6fae6ed779602ef5da5ca5e2fa533f27bc04326bfbe
+PKG_HASH:=963fce07da2841456d39e3b932b071f6de28d23dadfae014022d67a752916f98
PKG_MAINTAINER:=Martin Matějek <martin.matejek@nic.cz>
PKG_LICENSE:=GPL-2.0-or-later Apache-2.0
# Note: keep in sync with setuptools & pip
PYTHON3_VERSION_MAJOR:=3
PYTHON3_VERSION_MINOR:=8
-PYTHON3_VERSION_MICRO:=0
+PYTHON3_VERSION_MICRO:=1
PYTHON3_VERSION:=$(PYTHON3_VERSION_MAJOR).$(PYTHON3_VERSION_MINOR)
PYTHON_VERSION_MICRO:=$(PYTHON3_VERSION_MICRO)
PKG_NAME:=python3
-PKG_RELEASE:=3
+PKG_RELEASE:=2
PKG_VERSION:=$(PYTHON_VERSION).$(PYTHON_VERSION_MICRO)
PKG_SOURCE:=Python-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://www.python.org/ftp/python/$(PKG_VERSION)
-PKG_HASH:=b356244e13fb5491da890b35b13b2118c3122977c2cd825e3eb6e7d462030d84
+PKG_HASH:=75894117f6db7051c1b34f37410168844bbb357c139a8a10a352e9bf8be594e8
PKG_MAINTAINER:=Alexandru Ardelean <ardeleanalex@gmail.com>, Jeffery To <jeffery.to@gmail.com>
PKG_LICENSE:=Python/2.0
+++ /dev/null
---- a/Modules/_hashopenssl.c
-+++ b/Modules/_hashopenssl.c
-@@ -42,7 +42,7 @@
- #define PY_OPENSSL_HAS_SHAKE 1
- #endif
-
--#ifdef NID_blake2b512
-+#if defined(NID_blake2b512) && !defined(OPENSSL_NO_BLAKE2)
- #define PY_OPENSSL_HAS_BLAKE2 1
- #endif
-
--- /dev/null
+From 991f0176e188227647bf4c993d8da81cf794b3ae Mon Sep 17 00:00:00 2001
+From: Christian Heimes <christian@python.org>
+Date: Sun, 25 Feb 2018 20:03:07 +0100
+Subject: [PATCH] bpo-30008: SSL module: emulate tls methods
+
+OpenSSL 1.1 compatility: emulate version specific TLS methods with
+SSL_CTX_set_min/max_proto_version().
+---
+ .../2018-02-25-20-05-51.bpo-30008.6Bmyhr.rst | 4 +
+ Modules/_ssl.c | 134 ++++++++++++++----
+ 2 files changed, 108 insertions(+), 30 deletions(-)
+ create mode 100644 Misc/NEWS.d/next/Library/2018-02-25-20-05-51.bpo-30008.6Bmyhr.rst
+
+diff --git a/Misc/NEWS.d/next/Library/2018-02-25-20-05-51.bpo-30008.6Bmyhr.rst b/Misc/NEWS.d/next/Library/2018-02-25-20-05-51.bpo-30008.6Bmyhr.rst
+new file mode 100644
+index 000000000000..e0a08464a1e1
+--- /dev/null
++++ b/Misc/NEWS.d/next/Library/2018-02-25-20-05-51.bpo-30008.6Bmyhr.rst
+@@ -0,0 +1,4 @@
++The ssl module no longer uses function that are deprecated since OpenSSL
++1.1.0. The version specific TLS methods are emulated with TLS_method() plus
++SSL_CTX_set_min/max_proto_version(). Pseudo random numbers are generated
++with RAND_bytes().
+diff --git a/Modules/_ssl.c b/Modules/_ssl.c
+index f50823e6947a..827026e3bf5c 100644
+--- a/Modules/_ssl.c
++++ b/Modules/_ssl.c
+@@ -45,14 +45,6 @@ static PySocketModule_APIObject PySocketModule;
+ #include <sys/poll.h>
+ #endif
+
+-/* Don't warn about deprecated functions */
+-#ifdef __GNUC__
+-#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+-#endif
+-#ifdef __clang__
+-#pragma clang diagnostic ignored "-Wdeprecated-declarations"
+-#endif
+-
+ /* Include OpenSSL header files */
+ #include "openssl/rsa.h"
+ #include "openssl/crypto.h"
+@@ -205,6 +197,7 @@ static void _PySSLFixErrno(void) {
+ #ifndef PY_OPENSSL_1_1_API
+ /* OpenSSL 1.1 API shims for OpenSSL < 1.1.0 and LibreSSL < 2.7.0 */
+
++#define ASN1_STRING_get0_data ASN1_STRING_data
+ #define TLS_method SSLv23_method
+ #define TLS_client_method SSLv23_client_method
+ #define TLS_server_method SSLv23_server_method
+@@ -896,7 +889,7 @@ _ssl_configure_hostname(PySSLSocket *self, const char* server_hostname)
+ goto error;
+ }
+ } else {
+- if (!X509_VERIFY_PARAM_set1_ip(param, ASN1_STRING_data(ip),
++ if (!X509_VERIFY_PARAM_set1_ip(param, ASN1_STRING_get0_data(ip),
+ ASN1_STRING_length(ip))) {
+ _setSSLError(NULL, 0, __FILE__, __LINE__);
+ goto error;
+@@ -1372,8 +1365,9 @@ _get_peer_alt_names (X509 *certificate) {
+ goto fail;
+ }
+ PyTuple_SET_ITEM(t, 0, v);
+- v = PyUnicode_FromStringAndSize((char *)ASN1_STRING_data(as),
+- ASN1_STRING_length(as));
++ v = PyUnicode_FromStringAndSize(
++ (char *)ASN1_STRING_get0_data(as),
++ ASN1_STRING_length(as));
+ if (v == NULL) {
+ Py_DECREF(t);
+ goto fail;
+@@ -3031,44 +3025,124 @@ _ssl__SSLContext_impl(PyTypeObject *type, int proto_version)
+ long options;
+ SSL_CTX *ctx = NULL;
+ X509_VERIFY_PARAM *params;
+- int result;
++ int result = 0;
+ #if defined(SSL_MODE_RELEASE_BUFFERS)
+ unsigned long libver;
+ #endif
+
+ PySSL_BEGIN_ALLOW_THREADS
+- if (proto_version == PY_SSL_VERSION_TLS1)
++ switch (proto_version) {
++#if OPENSSL_VERSION_NUMBER <= 0x10100000L
++ /* OpenSSL < 1.1.0 or not LibreSSL
++ * Use old-style methods for OpenSSL 1.0.2
++ */
++#if defined(SSL2_VERSION) && !defined(OPENSSL_NO_SSL2)
++ case PY_SSL_VERSION_SSL2:
++ ctx = SSL_CTX_new(SSLv2_method());
++ break;
++#endif
++#if defined(SSL3_VERSION) && !defined(OPENSSL_NO_SSL3)
++ case PY_SSL_VERSION_SSL3:
++ ctx = SSL_CTX_new(SSLv3_method());
++ break;
++#endif
++#if defined(TLS1_VERSION) && !defined(OPENSSL_NO_TLS1)
++ case PY_SSL_VERSION_TLS1:
+ ctx = SSL_CTX_new(TLSv1_method());
+-#if HAVE_TLSv1_2
+- else if (proto_version == PY_SSL_VERSION_TLS1_1)
++ break;
++#endif
++#if defined(TLS1_1_VERSION) && !defined(OPENSSL_NO_TLS1_1)
++ case PY_SSL_VERSION_TLS1_1:
+ ctx = SSL_CTX_new(TLSv1_1_method());
+- else if (proto_version == PY_SSL_VERSION_TLS1_2)
++ break;
++#endif
++#if defined(TLS1_2_VERSION) && !defined(OPENSSL_NO_TLS1_2)
++ case PY_SSL_VERSION_TLS1_2:
+ ctx = SSL_CTX_new(TLSv1_2_method());
++ break;
+ #endif
+-#ifndef OPENSSL_NO_SSL3
+- else if (proto_version == PY_SSL_VERSION_SSL3)
+- ctx = SSL_CTX_new(SSLv3_method());
++#else
++ /* OpenSSL >= 1.1 or LibreSSL
++ * create context with TLS_method for all protocols
++ * no SSLv2_method in OpenSSL 1.1.
++ */
++#if defined(SSL3_VERSION) && !defined(OPENSSL_NO_SSL3)
++ case PY_SSL_VERSION_SSL3:
++ ctx = SSL_CTX_new(TLS_method());
++ if (ctx != NULL) {
++ /* OpenSSL 1.1.0 sets SSL_OP_NO_SSLv3 for TLS_method by default */
++ SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv3);
++ if (!SSL_CTX_set_min_proto_version(ctx, SSL3_VERSION))
++ result = -2;
++ if (!SSL_CTX_set_max_proto_version(ctx, SSL3_VERSION))
++ result = -2;
++ }
++ break;
+ #endif
+-#ifndef OPENSSL_NO_SSL2
+- else if (proto_version == PY_SSL_VERSION_SSL2)
+- ctx = SSL_CTX_new(SSLv2_method());
++#if defined(TLS1_VERSION) && !defined(OPENSSL_NO_TLS1)
++ case PY_SSL_VERSION_TLS1:
++ ctx = SSL_CTX_new(TLS_method());
++ if (ctx != NULL) {
++ SSL_CTX_clear_options(ctx, SSL_OP_NO_TLSv1);
++ if (!SSL_CTX_set_min_proto_version(ctx, TLS1_VERSION))
++ result = -2;
++ if (!SSL_CTX_set_max_proto_version(ctx, TLS1_VERSION))
++ result = -2;
++ }
++ break;
++#endif
++#if defined(TLS1_1_VERSION) && !defined(OPENSSL_NO_TLS1_1)
++ case PY_SSL_VERSION_TLS1_1:
++ ctx = SSL_CTX_new(TLS_method());
++ if (ctx != NULL) {
++ SSL_CTX_clear_options(ctx, SSL_OP_NO_TLSv1_1);
++ if (!SSL_CTX_set_min_proto_version(ctx, TLS1_1_VERSION))
++ result = -2;
++ if (!SSL_CTX_set_max_proto_version(ctx, TLS1_1_VERSION))
++ result = -2;
++ }
++ break;
++#endif
++#if defined(TLS1_2_VERSION) && !defined(OPENSSL_NO_TLS1_2)
++ case PY_SSL_VERSION_TLS1_2:
++ ctx = SSL_CTX_new(TLS_method());
++ if (ctx != NULL) {
++ SSL_CTX_clear_options(ctx, SSL_OP_NO_TLSv1_2);
++ if (!SSL_CTX_set_min_proto_version(ctx, TLS1_2_VERSION))
++ result = -2;
++ if (!SSL_CTX_set_max_proto_version(ctx, TLS1_2_VERSION))
++ result = -2;
++ }
++ break;
+ #endif
+- else if (proto_version == PY_SSL_VERSION_TLS) /* SSLv23 */
++#endif /* OpenSSL >= 1.1 */
++ case PY_SSL_VERSION_TLS:
++ /* SSLv23 */
+ ctx = SSL_CTX_new(TLS_method());
+- else if (proto_version == PY_SSL_VERSION_TLS_CLIENT)
++ break;
++ case PY_SSL_VERSION_TLS_CLIENT:
+ ctx = SSL_CTX_new(TLS_client_method());
+- else if (proto_version == PY_SSL_VERSION_TLS_SERVER)
++ break;
++ case PY_SSL_VERSION_TLS_SERVER:
+ ctx = SSL_CTX_new(TLS_server_method());
+- else
+- proto_version = -1;
++ break;
++ default:
++ result = -1;
++ break;
++ }
+ PySSL_END_ALLOW_THREADS
+
+- if (proto_version == -1) {
++ if (result == -1) {
+ PyErr_SetString(PyExc_ValueError,
+ "invalid protocol version");
+ return NULL;
+ }
+- if (ctx == NULL) {
++ else if (result == -2) {
++ PyErr_SetString(PyExc_ValueError,
++ "protocol configuration error");
++ return NULL;
++ }
++ else if (ctx == NULL) {
+ _setSSLError(NULL, 0, __FILE__, __LINE__);
+ return NULL;
+ }
+@@ -5241,7 +5315,7 @@ PySSL_RAND(int len, int pseudo)
+ if (bytes == NULL)
+ return NULL;
+ if (pseudo) {
+- ok = RAND_pseudo_bytes((unsigned char*)PyBytes_AS_STRING(bytes), len);
++ ok = (_PyOS_URandom((unsigned char*)PyBytes_AS_STRING(bytes), len) == 0 ? 1 : 0);
+ if (ok == 0 || ok == 1)
+ return Py_BuildValue("NO", bytes, ok == 1 ? Py_True : Py_False);
+ }
--- /dev/null
+--- a/Modules/_ssl.c
++++ b/Modules/_ssl.c
+@@ -201,6 +202,11 @@ static void _PySSLFixErrno(void) {
+ #define TLS_method SSLv23_method
+ #define TLS_client_method SSLv23_client_method
+ #define TLS_server_method SSLv23_server_method
++#define X509_getm_notBefore X509_get_notBefore
++#define X509_getm_notAfter X509_get_notAfter
++#define OpenSSL_version_num SSLeay
++#define OpenSSL_version SSLeay_version
++#define OPENSSL_VERSION SSLEAY_VERSION
+
+ static int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne)
+ {
+@@ -1677,7 +1683,7 @@ _decode_certificate(X509 *certificate) {
+ Py_DECREF(sn_obj);
+
+ (void) BIO_reset(biobuf);
+- notBefore = X509_get_notBefore(certificate);
++ notBefore = X509_getm_notBefore(certificate);
+ ASN1_TIME_print(biobuf, notBefore);
+ len = BIO_gets(biobuf, buf, sizeof(buf)-1);
+ if (len < 0) {
+@@ -1694,7 +1700,7 @@ _decode_certificate(X509 *certificate) {
+ Py_DECREF(pnotBefore);
+
+ (void) BIO_reset(biobuf);
+- notAfter = X509_get_notAfter(certificate);
++ notAfter = X509_getm_notAfter(certificate);
+ ASN1_TIME_print(biobuf, notAfter);
+ len = BIO_gets(biobuf, buf, sizeof(buf)-1);
+ if (len < 0) {
+@@ -3235,7 +3241,7 @@ _ssl__SSLContext_impl(PyTypeObject *type, int proto_version)
+ conservative and assume it wasn't fixed until release. We do this check
+ at runtime to avoid problems from the dynamic linker.
+ See #25672 for more on this. */
+- libver = SSLeay();
++ libver = OpenSSL_version_num();
+ if (!(libver >= 0x10001000UL && libver < 0x1000108fUL) &&
+ !(libver >= 0x10000000UL && libver < 0x100000dfUL)) {
+ SSL_CTX_set_mode(self->ctx, SSL_MODE_RELEASE_BUFFERS);
+@@ -6403,10 +6409,10 @@ PyInit__ssl(void)
+ return NULL;
+
+ /* OpenSSL version */
+- /* SSLeay() gives us the version of the library linked against,
++ /* OpenSSL_version_num() gives us the version of the library linked against,
+ which could be different from the headers version.
+ */
+- libver = SSLeay();
++ libver = OpenSSL_version_num();
+ r = PyLong_FromUnsignedLong(libver);
+ if (r == NULL)
+ return NULL;
+@@ -6416,7 +6422,7 @@ PyInit__ssl(void)
+ r = Py_BuildValue("IIIII", major, minor, fix, patch, status);
+ if (r == NULL || PyModule_AddObject(m, "OPENSSL_VERSION_INFO", r))
+ return NULL;
+- r = PyUnicode_FromString(SSLeay_version(SSLEAY_VERSION));
++ r = PyUnicode_FromString(OpenSSL_version(OPENSSL_VERSION));
+ if (r == NULL || PyModule_AddObject(m, "OPENSSL_VERSION", r))
+ return NULL;
+
include $(TOPDIR)/rules.mk
PKG_NAME:=python-text-unidecode
-PKG_VERSION:=1.2
+PKG_VERSION:=1.3
PKG_RELEASE:=1
PYPI_NAME:=text-unidecode
-PKG_HASH:=5a1375bb2ba7968740508ae38d92e1f889a0832913cb1c447d5e2046061a396d
+PKG_HASH:=bad6603bb14d279193107714b288be206cac565dfa49aa5b105294dd5c4aab93
PKG_LICENSE:=Artistic-1.0-cl8
PKG_LICENSE_FILES:=LICENSE
PKG_NAME:=ruby
PKG_VERSION:=2.6.5
-PKG_RELEASE:=1
+PKG_RELEASE:=3
# First two numbes
PKG_ABI_VERSION:=$(subst $(space),.,$(wordlist 1, 2, $(subst .,$(space),$(PKG_VERSION))))
--disable-install-rdoc \
--disable-install-capi \
--without-gmp \
- --with-out-ext=-test-/array/resize,-test-/bignum,-test-/bug-3571,-test-/bug-5832,-test-/bug_reporter,-test-/class,-test-/debug,-test-/dln/empty,-test-/exception,-test-/fatal,-test-/file,-test-/float,-test-/funcall,-test-/gvl/call_without_gvl,-test-/hash,-test-/integer,-test-/iseq_load,-test-/iter,-test-/load/dot.dot,-test-/marshal/compat,-test-/marshal/internal_ivar,-test-/marshal/usr,-test-/memory_status,-test-/method,-test-/notimplement,-test-/num2int,-test-/path_to_class,-test-/popen_deadlock,-test-/postponed_job,-test-/printf,-test-/proc,-test-/rational,-test-/recursion,-test-/st/foreach,-test-/st/numhash,-test-/st/update,-test-/string,-test-/struct,-test-/symbol,-test-/time,-test-/tracepoint,-test-/typeddata,-test-/vm,-test-/wait_for_single_fd,-test-/win32/console,-test-/win32/dln,-test-/win32/fd_setsize,bigdecimal,cgi/escape,continuation,coverage,dbm,etc,fcntl,fiber,fiddle,gdbm,io/console,io/nonblock,io/wait,json,json/generator,json/parser,mathn/complex,mathn/rational,nkf,objspace,openssl,pathname,pty,racc/cparse,rbconfig/sizeof,readline,ripper,rubyvm,sdbm,socket,syslog,win32,win32ole,win32/resolv,zlib
+ --with-out-ext=-test-/array/resize,-test-/bignum,-test-/bug-3571,-test-/bug-5832,-test-/bug_reporter,-test-/class,-test-/debug,-test-/dln/empty,-test-/exception,-test-/fatal,-test-/file,-test-/float,-test-/funcall,-test-/gvl/call_without_gvl,-test-/hash,-test-/integer,-test-/iseq_load,-test-/iter,-test-/load/dot.dot,-test-/marshal/compat,-test-/marshal/internal_ivar,-test-/marshal/usr,-test-/memory_status,-test-/method,-test-/notimplement,-test-/num2int,-test-/path_to_class,-test-/popen_deadlock,-test-/postponed_job,-test-/printf,-test-/proc,-test-/rational,-test-/recursion,-test-/st/foreach,-test-/st/numhash,-test-/st/update,-test-/string,-test-/struct,-test-/symbol,-test-/time,-test-/tracepoint,-test-/typeddata,-test-/vm,-test-/wait_for_single_fd,-test-/win32/console,-test-/win32/dln,-test-/win32/fd_setsize,bigdecimal,cgi/escape,continuation,coverage,dbm,etc,fcntl,fiber,fiddle,gdbm,io/console,json,json/generator,json/parser,mathn/complex,mathn/rational,nkf,objspace,pty,racc/cparse,rbconfig/sizeof,readline,rubyvm,sdbm,syslog,win32,win32ole,win32/resolv
# Does not compile with this. Workaround is --without-gmp
# https://bugs.ruby-lang.org/issues/11940
$(eval $(call RubyBuildPackage,csv,CSV Reading and Writing,+ruby-date +ruby-forwardable +ruby-misc +ruby-stringio +ruby-strscan))
$(eval $(call RubyBuildPackage,date,Comparable module for handling dates,))
$(eval $(call RubyBuildPackage,dbm,Wrapper for the UNIX-style Database Manager Library,+libdb47))
-$(eval $(call RubyBuildPackage,debuglib,debug library,+ruby-misc +ruby-prettyprint +ruby-tracer))
+$(eval $(call RubyBuildPackage,debuglib,debug library,+ruby-filelib +ruby-prettyprint +ruby-tracer))
$(eval $(call RubyBuildPackage,did-you-mean,did you mean? experience,+ruby-misc))
$(eval $(call RubyBuildPackage,digest,Digest Library,+RUBY_DIGEST_USE_OPENSSL:libopenssl))
$(eval $(call RubyBuildPackage,drb,distributed object system,+ruby-filelib +ruby-ipaddr +ruby-patterns))
$(eval $(call RubyBuildPackage,net,Network Protocols Library,+ruby-time +ruby-digest +ruby-filelib +ruby-socket +ruby-stringio +ruby-strscan +ruby-uri))
$(eval $(call RubyBuildPackage,net-telnet,telnet client,+ruby-net))
$(eval $(call RubyBuildPackage,nkf,Network Kanji Filter,+ruby-enc))
-$(eval $(call RubyBuildPackage,openssl,SSL TLS and general purpose cryptography,+ruby-enc +ruby-ipaddr +ruby-stringio +libopenssl))
+$(eval $(call RubyBuildPackage,openssl,SSL TLS and general purpose cryptography,+ruby-digest +ruby-enc +ruby-ipaddr +ruby-stringio +libopenssl))
$(eval $(call RubyBuildPackage,ostruct,build custom data structures,))
$(eval $(call RubyBuildPackage,optparse,command-line option analysis,+ruby-misc +ruby-time))
$(eval $(call RubyBuildPackage,patterns,design patterns implementation,))
end
exit(1) if failed
-# Add deps from .so
+# From ruby source: grep -E 'rb_require' -R . | grep -E '\.c:.*rb_require.*'
+# Add dependencies of ruby files from ruby lib.so
package_files.each do |(pkg,files)| files.each do |file|
case file
- when /\/nkf\.so$/
- files_requires[file]= files_requires[file] + ["enc/encdb"]
+ when /\/nkf\.so$/ ; files_requires[file]=files_requires[file] + ["enc/encdb"]
+ when /\/objspace\.so$/; files_requires[file]=files_requires[file] + ["tempfile"] # dump_output from ext/objspace/objspace_dump.c
+ when /\/openssl\.so$/; files_requires[file]=files_requires[file] + ["digest"] # Init_ossl_digest from ext/openssl/ossl_digest.c
end
end; end
PKG_NAME:=tcl
TCL_MAJOR_VERSION:=8.6
PKG_VERSION:=${TCL_MAJOR_VERSION}.9
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)$(PKG_VERSION)-src.tar.gz
PKG_SOURCE_URL:=@SF/$(PKG_NAME)
$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
$(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/tcl.pc \
$(1)/usr/lib/pkgconfig
+ $(SED) 's,/usr/include,$$$${prefix}/include,g' $(1)/usr/lib/pkgconfig/tcl.pc
+ $(SED) 's,/usr/lib,$$$${prefix}/lib,g' $(1)/usr/lib/pkgconfig/tcl.pc
endef
define Package/tcl/install
include $(TOPDIR)/rules.mk
PKG_NAME:=afalg_engine
-PKG_VERSION:=1.0.1
+PKG_VERSION:=1.1.0
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/cotequeiroz/afalg_engine/archive/v$(PKG_VERSION)
-PKG_HASH:=ef3ee1ba3cb4e9145f9a0dea5bc6d3fe6cb7b5b9e68053d474829e84dc1c4988
+PKG_HASH:=0c0304558e9450752656522a8f9036130f4e745c4818f02f92cb8d6c99357ed6
PKG_MAINTAINER:=Eneas U de Queiroz <cotequeiroz@gmail.com>
PKG_LICENSE:=Apache-2.0
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/cmake.mk
-$(eval $(shell grep "^ENGINES_DIR" "$(TOPDIR)/package/libs/openssl/Makefile"))
-ifeq ($(ENGINES_DIR),)
- ENGINES_DIR:=engines-1.1
-endif
+ENGINES_DIR:=engines-1.1
define Package/libopenssl-afalg_sync
SECTION:=libs
CMAKE_OPTIONS += \
-DOPENSSL_ENGINES_DIR=/usr/lib/$(ENGINES_DIR) \
- -DUSE_ZERO_COPY=$(if $(AFALG_ZERO_COPY),ON,OFF)
+ -DUSE_ZERO_COPY=$(if $(CONFIG_AFALG_ZERO_COPY),ON,OFF)
define Package/libopenssl-afalg_sync/install
$(INSTALL_DIR) $(1)/usr/lib/$(ENGINES_DIR)
PKG_NAME:=apr-util
PKG_VERSION:=1.6.1
-PKG_RELEASE:=1
+PKG_RELEASE:=4
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=@APACHE/apr/
PKG_HASH:=d3e12f7b6ad12687572a3a39475545a072608f4ba03a6ce8a3778f607dd0035b
-PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>
-PKG_LICENSE:=Apache License
+PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>, \
+ Sebastian Kemper <sebastian_ml@gmx.net>
+
+PKG_LICENSE:=Apache-2.0
+PKG_LICENSE_FILES:=LICENSE
+
PKG_CPE_ID:=cpe:/a:apache:apr-util
+PKG_BUILD_PARALLEL:=1
+
+PKG_CONFIG_DEPENDS := \
+ CONFIG_PACKAGE_libaprutil-crypto-openssl \
+ CONFIG_PACKAGE_libaprutil-dbd-mysql \
+ CONFIG_PACKAGE_libaprutil-dbd-odbc \
+ CONFIG_PACKAGE_libaprutil-dbd-pgsql \
+ CONFIG_PACKAGE_libaprutil-dbd-sqlite3 \
+ CONFIG_PACKAGE_libaprutil-dbm-gdbm \
+ CONFIG_PACKAGE_libaprutil-ldap
+
PKG_FIXUP:=autoreconf
-PKG_REMOVE_FILES:=aclocal.m4 build/ltmain.sh
PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/nls.mk
-define Package/libaprutil
+define Package/libaprutil/Default
SECTION:=libs
CATEGORY:=Libraries
- DEPENDS:=+libapr +libexpat +libsqlite3 +libuuid $(ICONV_DEPENDS)
- TITLE:=Apache Portable Runtime Utility Library
URL:=http://apr.apache.org/
endef
-TARGET_CFLAGS += $(FPIC)
-TARGET_CPPFLAGS += -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE
+define Package/libaprutil
+$(call Package/libaprutil/Default)
+ DEPENDS:=+libapr +libexpat +libuuid $(ICONV_DEPENDS)
+ TITLE:=Apache Portable Runtime Utility Library
+endef
CONFIGURE_ARGS += \
- --with-pgsql=no \
--with-apr="$(STAGING_DIR)/usr/bin/apr-1-config" \
--with-expat="$(STAGING_DIR)/usr" \
- --without-sqlite2 \
- --with-sqlite3="$(STAGING_DIR)/usr"
+ --with-iconv="$(ICONV_PREFIX)" \
+ --without-sqlite2
+
+ifneq ($(CONFIG_PACKAGE_libaprutil-crypto-openssl),)
+CONFIGURE_ARGS += --with-crypto --with-openssl="$(STAGING_DIR)/usr"
+else
+CONFIGURE_ARGS += --without-crypto
+endif
+
+ifneq ($(CONFIG_PACKAGE_libaprutil-dbd-mysql),)
+CONFIGURE_ARGS += --with-mysql="$(STAGING_DIR)/usr"
+else
+CONFIGURE_ARGS += --without-mysql
+endif
+
+ifneq ($(CONFIG_PACKAGE_libaprutil-dbd-odbc),)
+CONFIGURE_ARGS += --with-odbc="$(STAGING_DIR)/usr"
+else
+CONFIGURE_ARGS += --without-odbc
+endif
-ifdef $(CONFIG_BUILD_NLS)
- CONFIGURE_ARGS += --with-iconv="$(ICONV_PREFIX)"
+ifneq ($(CONFIG_PACKAGE_libaprutil-dbd-pgsql),)
+CONFIGURE_ARGS += --with-pgsql="$(STAGING_DIR)/usr"
else
- CONFIGURE_ARGS += --without-iconv
+CONFIGURE_ARGS += --without-pgsql
+endif
+
+ifneq ($(CONFIG_PACKAGE_libaprutil-dbd-sqlite3),)
+CONFIGURE_ARGS += --with-sqlite3="$(STAGING_DIR)/usr"
+else
+CONFIGURE_ARGS += --without-sqlite3
+endif
+
+ifneq ($(CONFIG_PACKAGE_libaprutil-dbm-gdbm),)
+CONFIGURE_ARGS += --with-gdbm="$(STAGING_DIR)/usr"
+else
+CONFIGURE_ARGS += --without-gdbm
+endif
+
+ifneq ($(CONFIG_PACKAGE_libaprutil-ldap),)
+CONFIGURE_ARGS += \
+ --with-ldap \
+ --with-ldap-include="$(STAGING_DIR)/usr/include" \
+ --with-ldap-lib="$(STAGING_DIR)/usr/lib"
+else
+CONFIGURE_ARGS += \
+ --without-ldap
endif
CONFIGURE_VARS += \
- ac_cv_file_dbd_apr_dbd_mysql_c=no \
ac_cv_path_ODBC_CONFIG= \
APR_BUILD_DIR="$(STAGING_DIR)/usr/share/build-1"
-MAKE_FLAGS += \
- APRUTIL_LIBS="-lsqlite3 $(TARGET_LDFLAGS) -lexpat $(if $(ICONV_FULL),-liconv) -lapr-1 -luuid -lm -lcrypt"
+define Package/libaprutil/install/driver
+ $(INSTALL_DIR) $(1)/usr/lib/apr-util-1
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/apr-util-1/apr_$(2)*.so \
+ $(1)/usr/lib/apr-util-1
+endef
+
+define Package/libaprutil/Driver
+define Package/libaprutil-$(subst _,-,$(1))
+$(call Package/libaprutil/Default)
+ TITLE:=libaprutil - $(2) driver
+ DEPENDS:=libaprutil $(patsubst +%,+PACKAGE_libaprutil-$(subst _,-,$(1)):%,$(3))
+endef
+define Package/libaprutil-$(subst _,-,$(1))/install
+$(foreach d,$(1),$(call Package/libaprutil/install/driver,$$(1),$(d));)
+endef
+$$(eval $$(call BuildPackage,libaprutil-$(subst _,-,$(1))))
+endef
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/bin $(1)/usr/include/apr-1/ $(1)/usr/lib $(1)/usr/lib/pkgconfig/
$(1)/usr/bin/
$(CP) $(PKG_INSTALL_DIR)/usr/include/apr-1/* \
$(1)/usr/include/apr-1/
+ifneq ($(CONFIG_PACKAGE_libaprutil-crypto-openssl)$(CONFIG_PACKAGE_libaprutil-dbd-pgsql)$(CONFIG_PACKAGE_libaprutil-dbd-sqlite3)$(CONFIG_PACKAGE_libaprutil-ldap),)
+ $(INSTALL_DIR) $(1)/usr/lib/apr-util-1
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/apr-util-1/apr_*{la,a,so*} \
+ $(1)/usr/lib/apr-util-1
+endif
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libaprutil-1.{la,a,so*} \
$(1)/usr/lib/
$(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/apr-util-1.pc \
endef
$(eval $(call BuildPackage,libaprutil))
+$(eval $(call Package/libaprutil/Driver,crypto_openssl,OpenSSL,+libopenssl))
+$(eval $(call Package/libaprutil/Driver,dbd_mysql,MySQL,+libmariadb))
+$(eval $(call Package/libaprutil/Driver,dbd_odbc,ODBC,+unixodbc))
+$(eval $(call Package/libaprutil/Driver,dbd_pgsql,PostgreSQL,+libpq))
+$(eval $(call Package/libaprutil/Driver,dbd_sqlite3,SQLite3,+libsqlite3))
+$(eval $(call Package/libaprutil/Driver,dbm_gdbm,GDBM dbm,+libgdbm))
+$(eval $(call Package/libaprutil/Driver,ldap,LDAP,+libopenldap))
--- /dev/null
+# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889170
+# needs to be submitted upstream
+--- apr-util.orig/dbm/apr_dbm_gdbm.c
++++ apr-util/dbm/apr_dbm_gdbm.c
+@@ -36,13 +36,22 @@
+ static apr_status_t g2s(int gerr)
+ {
+ if (gerr == -1) {
+- /* ### need to fix this */
+- return APR_EGENERAL;
++ return APR_OS_START_USEERR + gdbm_errno;
+ }
+
+ return APR_SUCCESS;
+ }
+
++static apr_status_t gdat2s(datum d)
++{
++ if (d.dptr == NULL) {
++ return APR_OS_START_USEERR + gdbm_errno;
++ }
++
++ return APR_SUCCESS;
++}
++
++
+ static apr_status_t datum_cleanup(void *dptr)
+ {
+ if (dptr)
+@@ -55,19 +64,15 @@ static apr_status_t set_error(apr_dbm_t
+ {
+ apr_status_t rv = APR_SUCCESS;
+
+- /* ### ignore whatever the DBM said (dbm_said); ask it explicitly */
+-
+- if ((dbm->errcode = gdbm_errno) == GDBM_NO_ERROR) {
++ if (dbm_said == APR_SUCCESS) {
++ dbm->errcode = GDBM_NO_ERROR;
+ dbm->errmsg = NULL;
+ }
+ else {
++ dbm->errcode = dbm_said;
+ dbm->errmsg = gdbm_strerror(gdbm_errno);
+- rv = APR_EGENERAL; /* ### need something better */
+ }
+
+- /* captured it. clear it now. */
+- gdbm_errno = GDBM_NO_ERROR;
+-
+ return rv;
+ }
+
+@@ -144,7 +149,7 @@ static apr_status_t vt_gdbm_fetch(apr_db
+
+ /* store the error info into DBM, and return a status code. Also, note
+ that *pvalue should have been cleared on error. */
+- return set_error(dbm, APR_SUCCESS);
++ return set_error(dbm, gdat2s(rd));
+ }
+
+ static apr_status_t vt_gdbm_store(apr_dbm_t *dbm, apr_datum_t key,
+@@ -203,7 +208,7 @@ static apr_status_t vt_gdbm_firstkey(apr
+ apr_pool_cleanup_null);
+
+ /* store any error info into DBM, and return a status code. */
+- return set_error(dbm, APR_SUCCESS);
++ return set_error(dbm, gdat2s(rd));
+ }
+
+ static apr_status_t vt_gdbm_nextkey(apr_dbm_t *dbm, apr_datum_t *pkey)
+@@ -223,7 +228,7 @@ static apr_status_t vt_gdbm_nextkey(apr_
+ apr_pool_cleanup_null);
+
+ /* store any error info into DBM, and return a status code. */
+- return set_error(dbm, APR_SUCCESS);
++ return set_error(dbm, gdat2s(rd));
+ }
+
+ static void vt_gdbm_freedatum(apr_dbm_t *dbm, apr_datum_t data)
--- /dev/null
+# patch by Kris Karas fom
+# https://bz.apache.org/bugzilla/attachment.cgi?id=35326&action=diff
+--- a/build/dbd.m4
++++ b/build/dbd.m4
+@@ -163,10 +163,15 @@ AC_DEFUN([APU_CHECK_DBD_MYSQL], [
+ old_cppflags="$CPPFLAGS"
+ old_ldflags="$LDFLAGS"
+
++ my_library="mysqlclient"
++
+ AC_ARG_WITH([mysql], APR_HELP_STRING([--with-mysql=DIR], [enable MySQL DBD driver]),
+ [
+ if test "$withval" = "yes"; then
+ AC_PATH_PROG([MYSQL_CONFIG],[mysql_config])
++ if test "x$MYSQL_CONFIG" = "x"; then
++ AC_PATH_PROG([MYSQL_CONFIG],[mariadb_config])
++ fi
+ if test "x$MYSQL_CONFIG" != 'x'; then
+ mysql_CPPFLAGS="`$MYSQL_CONFIG --include`"
+ mysql_LDFLAGS="`$MYSQL_CONFIG --libs_r | sed -e 's/-l[[^ ]]\+//g'`"
+@@ -174,32 +179,40 @@ AC_DEFUN([APU_CHECK_DBD_MYSQL], [
+
+ APR_ADDTO(CPPFLAGS, [$mysql_CPPFLAGS])
+ APR_ADDTO(LIBS, [$mysql_LIBS])
++
++ if $MYSQL_CONFIG --libs_r | grep -q mariadb; then
++ my_library="mariadb"
++ fi
+ fi
+
+- AC_CHECK_HEADERS([mysql.h my_global.h my_sys.h],
+- AC_CHECK_LIB(mysqlclient, mysql_init, [apu_have_mysql=1]),
+- [apu_have_mysql=0; break],
+- [#include <my_global.h>])
+- if test "$apu_have_mysql" = "0"; then
+- AC_CHECK_HEADERS([mysql/mysql.h mysql/my_global.h mysql/my_sys.h],
+- AC_CHECK_LIB(mysqlclient, mysql_init, [apu_have_mysql=1]),
+- [apu_have_mysql=0; break],
+- [#include <mysql/my_global.h>])
++ AC_CHECK_HEADERS([mysql.h errmsg.h], [apu_have_mysql=1], [apu_have_mysql=0; break])
++ if test "$apr_have_mysql" = "0"; then
++ AC_CHECK_HEADERS([mysql/mysql.h mysql/errmsg.h], [apu_have_mysql=1], [apu_have_mysql=0; break])
+ fi
+- if test "$apu_have_mysql" != "0" && test "x$MYSQL_CONFIG" != 'x'; then
+- APR_ADDTO(APRUTIL_PRIV_INCLUDES, [$mysql_CPPFLAGS])
++ if test "$apr_have_mysql" = "1"; then
++ AC_CHECK_HEADERS([my_global.h my_sys.h mysql/my_global.h mysql/my_sys.h])
++ AC_CHECK_LIB($my_library, mysql_init,, [apu_have_mysql=0])
++ fi
++ if test "$apu_have_mysql" = "1" && test "x$MYSQL_CONFIG" != 'x'; then
++ APR_ADDTO(APRUTIL_PRIV_INCLUDES, [$mysql_CPPFLAGS])
+ fi
+ elif test "$withval" = "no"; then
+ :
+ else
+ AC_PATH_PROG([MYSQL_CONFIG],[mysql_config],,[$withval/bin])
++ if test "x$MYSQL_CONFIG" = "x"; then
++ AC_PATH_PROG([MYSQL_CONFIG],[mariadb_config],,[$withval/bin])
++ fi
+ if test "x$MYSQL_CONFIG" != 'x'; then
+- mysql_CPPFLAGS="`$MYSQL_CONFIG --include`"
+- mysql_LDFLAGS="`$MYSQL_CONFIG --libs_r | sed -e 's/-l[[^ ]]\+//g'`"
+- mysql_LIBS="`$MYSQL_CONFIG --libs_r`"
++ mysql_CPPFLAGS="`$MYSQL_CONFIG --include`"
++ mysql_LDFLAGS="`$MYSQL_CONFIG --libs_r | sed -e 's/-l[[^ ]]\+//g'`"
++ mysql_LIBS="`$MYSQL_CONFIG --libs_r`"
++ if $MYSQL_CONFIG --libs_r | grep -q mariadb; then
++ my_library="mariadb"
++ fi
+ else
+- mysql_CPPFLAGS="-I$withval/include"
+- mysql_LDFLAGS="-L$withval/lib "
++ mysql_CPPFLAGS="-I$withval/include"
++ mysql_LDFLAGS="-L$withval/lib "
+ fi
+
+ APR_ADDTO(CPPFLAGS, [$mysql_CPPFLAGS])
+@@ -207,18 +220,15 @@ AC_DEFUN([APU_CHECK_DBD_MYSQL], [
+ APR_ADDTO(LIBS, [$mysql_LIBS])
+
+ AC_MSG_NOTICE(checking for mysql in $withval)
+- AC_CHECK_HEADERS([mysql.h my_global.h my_sys.h],
+- AC_CHECK_LIB(mysqlclient, mysql_init, [apu_have_mysql=1]),
+- [apu_have_mysql=0; break],
+- [#include <my_global.h>])
+-
+- if test "$apu_have_mysql" != "1"; then
+- AC_CHECK_HEADERS([mysql/mysql.h mysql/my_global.h mysql/my_sys.h],
+- AC_CHECK_LIB(mysqlclient, mysql_init, [apu_have_mysql=1]),
+- [apu_have_mysql=0; break],
+- [#include <mysql/my_global.h>])
++ AC_CHECK_HEADERS([mysql.h errmsg.h], [apu_have_mysql=1], [apu_have_mysql=0; break])
++ if test "$apr_have_mysql" = "0"; then
++ AC_CHECK_HEADERS([mysql/mysql.h mysql/errmsg.h], [apu_have_mysql=1], [apu_have_mysql=0; break])
++ fi
++ if test "$apr_have_mysql" = "1"; then
++ AC_CHECK_HEADERS([my_global.h my_sys.h mysql/my_global.h mysql/my_sys.h])
++ AC_CHECK_LIB($my_library, mysql_init,, [apu_have_mysql=0])
+ fi
+- if test "$apu_have_mysql" != "0"; then
++ if test "$apu_have_mysql" = "1"; then
+ APR_ADDTO(APRUTIL_PRIV_INCLUDES, [$mysql_CPPFLAGS])
+ fi
+ fi
+@@ -229,7 +239,7 @@ AC_DEFUN([APU_CHECK_DBD_MYSQL], [
+ dnl Since we have already done the AC_CHECK_LIB tests, if we have it,
+ dnl we know the library is there.
+ if test "$apu_have_mysql" = "1"; then
+- APR_ADDTO(LDADD_dbd_mysql, [$mysql_LDFLAGS -lmysqlclient $mysql_LIBS])
++ APR_ADDTO(LDADD_dbd_mysql, [$mysql_LDFLAGS -l$my_library $mysql_LIBS])
+ fi
+ AC_SUBST(LDADD_dbd_mysql)
+
+--- a/dbd/apr_dbd_mysql.c
++++ b/dbd/apr_dbd_mysql.c
+@@ -1262,7 +1262,9 @@ static apr_status_t thread_end(void *dat
+
+ static void dbd_mysql_init(apr_pool_t *pool)
+ {
++#if MYSQL_VERSION_ID < 100000
+ my_init();
++#endif
+ mysql_thread_init();
+
+ /* FIXME: this is a guess; find out what it really does */
--- /dev/null
+From: Ryan Niebur <ryanryan52@gmail.com>
+Subject: by default --avoid-ldap since apache2 is the only user, and we don't
+ want to add extra dependencies to other apr-utils rdepends
+
+--- a/apu-config.in
++++ b/apu-config.in
+@@ -30,7 +30,8 @@ includedir="@includedir@"
+ LIBS="@APRUTIL_EXPORT_LIBS@"
+ INCLUDES="@APRUTIL_INCLUDES@"
+ LDFLAGS="@APRUTIL_LDFLAGS@"
+-LDAP_LIBS="@LDADD_ldap@"
++ORIG_LDAP_LIBS="@LDADD_ldap@"
++LDAP_LIBS=""
+ DBM_LIBS="@LDADD_dbm_db@ @LDADD_dbm_gdbm@ @LDADD_dbm_ndbm@"
+
+ APRUTIL_LIBNAME="@APRUTIL_LIBNAME@"
+@@ -55,7 +56,7 @@ Known values for OPTION are:
+ --includedir print location where headers are installed
+ --ldflags print linker flags
+ --libs print library information
+- --avoid-ldap do not include ldap library information with --libs
++ --avoid-ldap do not include ldap library information with --libs (default on OpenWrt)
+ --ldap-libs print library information to link with ldap
+ --avoid-dbm do not include DBM library information with --libs
+ --dbm-libs print additional library information to link with DBM
+@@ -121,7 +122,7 @@ while test $# -gt 0; do
+ flags="$flags $LDAP_LIBS $DBM_LIBS $LIBS"
+ ;;
+ --ldap-libs)
+- flags="$flags $LDAP_LIBS"
++ flags="$flags $ORIG_LDAP_LIBS"
+ ;;
+ --dbm-libs)
+ flags="$flags $DBM_LIBS"
--- /dev/null
+From: Peter Samuelson <peter@p12n.org>
+Subject: Prevent recursive linking of dependent libraries by apr-util users.
+
+---
+ apr-util.pc.in | 5 +++--
+ apu-config.in | 2 +-
+ 2 files changed, 4 insertions(+), 3 deletions(-)
+
+--- a/apr-util.pc.in
++++ b/apr-util.pc.in
+@@ -8,6 +8,7 @@ Name: APR Utils
+ Description: Companion library for APR
+ Version: @APRUTIL_DOTTED_VERSION@
+ # assume that apr-util requires libapr of same major version
+-Requires: apr-@APRUTIL_MAJOR_VERSION@
+-Libs: -L${libdir} -l@APRUTIL_LIBNAME@ @LDADD_ldap@ @APRUTIL_EXPORT_LIBS@
++Requires.private: apr-@APRUTIL_MAJOR_VERSION@
++Libs: -L${libdir} -l@APRUTIL_LIBNAME@ @LDADD_ldap@
++Libs.private: @APRUTIL_EXPORT_LIBS@
+ Cflags: -I${includedir}
+--- a/apu-config.in
++++ b/apu-config.in
+@@ -27,7 +27,7 @@ bindir="@bindir@"
+ libdir="@libdir@"
+ includedir="@includedir@"
+
+-LIBS="@APRUTIL_EXPORT_LIBS@"
++LIBS=
+ INCLUDES="@APRUTIL_INCLUDES@"
+ LDFLAGS="@APRUTIL_LDFLAGS@"
+ ORIG_LDAP_LIBS="@LDADD_ldap@"
--- /dev/null
+From: Stefan Fritsch <sf@debian.org>
+Subject: Make apu-config not output dbm libs by default. See #622081
+
+--- a/apu-config.in
++++ b/apu-config.in
+@@ -32,7 +32,8 @@ INCLUDES="@APRUTIL_INCLUDES@"
+ LDFLAGS="@APRUTIL_LDFLAGS@"
+ ORIG_LDAP_LIBS="@LDADD_ldap@"
+ LDAP_LIBS=""
+-DBM_LIBS="@LDADD_dbm_db@ @LDADD_dbm_gdbm@ @LDADD_dbm_ndbm@"
++ORIG_DBM_LIBS="@LDADD_dbm_db@ @LDADD_dbm_gdbm@ @LDADD_dbm_ndbm@"
++DBM_LIBS=""
+
+ APRUTIL_LIBNAME="@APRUTIL_LIBNAME@"
+
+@@ -58,8 +59,8 @@ Known values for OPTION are:
+ --libs print library information
+ --avoid-ldap do not include ldap library information with --libs (default on OpenWrt)
+ --ldap-libs print library information to link with ldap
+- --avoid-dbm do not include DBM library information with --libs
+- --dbm-libs print additional library information to link with DBM
++ --avoid-dbm do not include DBM library information with --libs (default on OpenWrt)
++ --dbm-libs print library information to link with DBM
+ --srcdir print APR-util source directory
+ --link-ld print link switch(es) for linking to APR-util
+ --link-libtool print the libtool inputs for linking to APR-util
+@@ -125,7 +126,7 @@ while test $# -gt 0; do
+ flags="$flags $ORIG_LDAP_LIBS"
+ ;;
+ --dbm-libs)
+- flags="$flags $DBM_LIBS"
++ flags="$flags $ORIG_DBM_LIBS"
+ ;;
+ --includedir)
+ if test "$location" = "installed"; then
PKG_NAME:=apr
PKG_VERSION:=1.6.5
-PKG_RELEASE:=3
+PKG_RELEASE:=4
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=@APACHE/apr/
PKG_HASH:=a67ca9fcf9c4ff59bce7f428a323c8b5e18667fdea7b0ebad47d194371b0a105
-PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>
+PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>, \
+ Sebastian Kemper <sebastian_ml@gmx.net>
PKG_LICENSE:=Apache-2.0
+PKG_BUILD_PARALLEL:=1
+
PKG_FIXUP:=autoreconf
-PKG_REMOVE_FILES:=aclocal.m4 build/ltmain.sh
PKG_INSTALL:=1
URL:=https://apr.apache.org/
endef
-TARGET_CFLAGS += $(FPIC)
-
CONFIGURE_ARGS += \
- --without-pic \
--with-devrandom=/dev/urandom \
$(call autoconf_bool,CONFIG_IPV6,ipv6)
include $(TOPDIR)/rules.mk
PKG_NAME:=boost
-PKG_VERSION:=1.71.0
-PKG_SOURCE_VERSION:=1_71_0
-PKG_RELEASE:=5
+PKG_VERSION:=1.72.0
+PKG_SOURCE_VERSION:=1_72_0
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)_$(PKG_SOURCE_VERSION).tar.bz2
PKG_SOURCE_URL:=@SF/$(PKG_NAME)/$(PKG_NAME)/$(PKG_VERSION) https://dl.bintray.com/boostorg/release/$(PKG_VERSION)/source/
-PKG_HASH:=d73a8da01e8bf8c7eda40b4c84915071a8c8a0df4a6734537ddde4a8580524ee
+PKG_HASH:=59c9b274bc451cf91a9ba1dd2c7fdcaf5d60b1b3aa83f2c9fa143417cc660722
PKG_MAINTAINER:=Carlos M. Ferreira <carlosmf.pt@gmail.com>
PKG_LICENSE:=BSL-1.0
endef
define Package/boost/description
-This package provides the Boost v1.71.0 libraries.
+This package provides the Boost v1.72.0 libraries.
Boost is a set of free, peer-reviewed, portable C++ source libraries.
This package provides the following run-time libraries:
- wave
There are many more header-only libraries supported by Boost.
-See more at http://www.boost.org/doc/libs/1_71_0/
+See more at http://www.boost.org/doc/libs/1_72_0/
endef
PKG_BUILD_DEPENDS:=boost/host PACKAGE_python:python PACKAGE_python3:python3
# Invisible config dependency
config boost-context-exclude
bool
- default y if (TARGET_arc700 || TARGET_archs38 || TARGET_octeon || TARGET_octeontx)
+ default y if (TARGET_arc770 || TARGET_archs38 || TARGET_octeon || TARGET_octeontx)
default n
config boost-coroutine-exclude
--- /dev/null
+From 5f7cda29add367c5381775a314ec9f90e311457a Mon Sep 17 00:00:00 2001
+From: Rosen Penev <rosenp@gmail.com>
+Date: Fri, 15 Nov 2019 12:43:50 -0800
+Subject: [PATCH] cpu_relax: Fix MIPS check
+
+BOOST_ARCH_MIPS as a macro is totally broken. It always gets defined to either 32
+or 64 with a bunch of zeroes depending on the architecture.
+
+Use GCC's internal define to check the architecture properly.
+
+Signed-off-by: Rosen Penev <rosenp@gmail.com>
+---
+ boost/fiber/detail/cpu_relax.hpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/boost/fiber/detail/cpu_relax.hpp b/boost/fiber/detail/cpu_relax.hpp
+index 72564394..f40545c2 100644
+--- a/boost/fiber/detail/cpu_relax.hpp
++++ b/boost/fiber/detail/cpu_relax.hpp
+@@ -47,7 +47,7 @@ namespace detail {
+ # else
+ # define cpu_relax() asm volatile ("nop" ::: "memory");
+ # endif
+-#elif BOOST_ARCH_MIPS
++#elif BOOST_ARCH_MIPS && (__mips_isa_rev > 1)
+ # define cpu_relax() asm volatile ("pause" ::: "memory");
+ #elif BOOST_ARCH_PPC
+ // http://code.metager.de/source/xref/gnu/glibc/sysdeps/powerpc/sys/platform/ppc.h
+++ /dev/null
-From 83b989ecee478be083db8dc0cc7a5387615bd3cb Mon Sep 17 00:00:00 2001
-From: Andrey Semashev <andrey.semashev@gmail.com>
-Date: Wed, 31 Jul 2019 16:28:05 +0300
-Subject: [PATCH] Added support for utimensat for better POSIX.1-2008
- compliance.
-
-POSIX.1-2008 marks utime as obsolete and replaces it with utimensat.
-uClibc-ng has an option for removing utime, including the corresponding
-header.
-
-Closes https://github.com/boostorg/filesystem/pull/115.
----
- libs/filesystem/src/operations.cpp | 24 ++++++++++++++++++++++--
- 1 file changed, 22 insertions(+), 2 deletions(-)
-
-diff --git a/src/operations.cpp b/src/operations.cpp
-index 9bba1cf7a..038109d35 100644
---- a/libs/filesystem/src/operations.cpp
-+++ b/libs/filesystem/src/operations.cpp
-@@ -62,7 +62,7 @@
- #endif
-
- #ifndef _POSIX_PTHREAD_SEMANTICS
--# define _POSIX_PTHREAD_SEMANTICS // Sun readdir_r()needs this
-+# define _POSIX_PTHREAD_SEMANTICS // Sun readdir_r() needs this
- #endif
-
- #include <boost/filesystem/operations.hpp>
-@@ -119,7 +119,9 @@ using std::wstring;
- # include <dirent.h>
- # include <unistd.h>
- # include <fcntl.h>
--# include <utime.h>
-+# if _POSIX_C_SOURCE < 200809L
-+# include <utime.h>
-+# endif
- # include "limits.h"
-
- # else // BOOST_WINDOW_API
-@@ -1459,6 +1461,22 @@ namespace detail
- system::error_code* ec)
- {
- # ifdef BOOST_POSIX_API
-+# if _POSIX_C_SOURCE >= 200809L
-+
-+ struct timespec times[2] = {};
-+
-+ // Keep the last access time unchanged
-+ times[0].tv_nsec = UTIME_OMIT;
-+
-+ times[1].tv_sec = new_time;
-+
-+ if (BOOST_UNLIKELY(::utimensat(AT_FDCWD, p.c_str(), times, 0) != 0))
-+ {
-+ error(BOOST_ERRNO, p, ec, "boost::filesystem::last_write_time");
-+ return;
-+ }
-+
-+# else // _POSIX_C_SOURCE >= 200809L
-
- struct stat path_stat;
- if (error(::stat(p.c_str(), &path_stat)!= 0,
-@@ -1470,6 +1488,8 @@ namespace detail
- error(::utime(p.c_str(), &buf)!= 0 ? BOOST_ERRNO : 0,
- p, ec, "boost::filesystem::last_write_time");
-
-+# endif // _POSIX_C_SOURCE >= 200809L
-+
- # else
-
- handle_wrapper hw(
+++ /dev/null
-From 5f7cda29add367c5381775a314ec9f90e311457a Mon Sep 17 00:00:00 2001
-From: Rosen Penev <rosenp@gmail.com>
-Date: Fri, 15 Nov 2019 12:43:50 -0800
-Subject: [PATCH] cpu_relax: Fix MIPS check
-
-BOOST_ARCH_MIPS as a macro is totally broken. It always gets defined to either 32
-or 64 with a bunch of zeroes depending on the architecture.
-
-Use GCC's internal define to check the architecture properly.
-
-Signed-off-by: Rosen Penev <rosenp@gmail.com>
----
- boost/fiber/detail/cpu_relax.hpp | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/boost/fiber/detail/cpu_relax.hpp b/boost/fiber/detail/cpu_relax.hpp
-index 72564394..f40545c2 100644
---- a/boost/fiber/detail/cpu_relax.hpp
-+++ b/boost/fiber/detail/cpu_relax.hpp
-@@ -47,7 +47,7 @@ namespace detail {
- # else
- # define cpu_relax() asm volatile ("nop" ::: "memory");
- # endif
--#elif BOOST_ARCH_MIPS
-+#elif BOOST_ARCH_MIPS && (__mips_isa_rev > 1)
- # define cpu_relax() asm volatile ("pause" ::: "memory");
- #elif BOOST_ARCH_PPC
- // http://code.metager.de/source/xref/gnu/glibc/sysdeps/powerpc/sys/platform/ppc.h
--- /dev/null
+From 436e1dbe6fcd31523d261d18ad011392f1d6fbbc Mon Sep 17 00:00:00 2001
+From: Oliver Kowalke <oliver.kowalke@gmail.com>
+Date: Sun, 1 Dec 2019 20:40:28 +0100
+Subject: [PATCH] Revert "Cease dependence on Range"
+
+This reverts commit 0c556bb59241e682bbcd3f572815149c5a9b17db.
+
+see #44 (One test fails to compile after boostorg/coroutine submodule updated)
+---
+ boost/coroutine/asymmetric_coroutine.hpp | 12 +++---------
+ 1 file changed, 3 insertions(+), 9 deletions(-)
+
+diff --git a/boost/coroutine/asymmetric_coroutine.hpp b/boost/coroutine/asymmetric_coroutine.hpp
+index ea96981..640896f 100644
+--- a/boost/coroutine/asymmetric_coroutine.hpp
++++ b/boost/coroutine/asymmetric_coroutine.hpp
+@@ -14,6 +14,7 @@
+ #include <boost/assert.hpp>
+ #include <boost/config.hpp>
+ #include <boost/move/move.hpp>
++#include <boost/range.hpp>
+ #include <boost/throw_exception.hpp>
+ #include <boost/utility/explicit_operator_bool.hpp>
+
+@@ -2354,19 +2355,12 @@ end( push_coroutine< R > & c)
+
+ }
+
+-// forward declaration of Boost.Range traits to break dependency on it
+-template<typename C, typename Enabler>
+-struct range_mutable_iterator;
+-
+-template<typename C, typename Enabler>
+-struct range_const_iterator;
+-
+ template< typename Arg >
+-struct range_mutable_iterator< coroutines::push_coroutine< Arg >, void >
++struct range_mutable_iterator< coroutines::push_coroutine< Arg > >
+ { typedef typename coroutines::push_coroutine< Arg >::iterator type; };
+
+ template< typename R >
+-struct range_mutable_iterator< coroutines::pull_coroutine< R >, void >
++struct range_mutable_iterator< coroutines::pull_coroutine< R > >
+ { typedef typename coroutines::pull_coroutine< R >::iterator type; };
+
+ }
+--
+2.24.1
+
--- /dev/null
+From 5f19fd7dc6c4dd37fb0409f08a0b7dbb887dd516 Mon Sep 17 00:00:00 2001
+From: Rosen Penev <rosenp@gmail.com>
+Date: Thu, 19 Dec 2019 17:46:46 -0800
+Subject: [PATCH] roots: Fix fma_workaround
+
+fma takes three parameters, not one.
+
+Signed-off-by: Rosen Penev <rosenp@gmail.com>
+---
+ include/boost/math/tools/roots.hpp | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/boost/math/tools/roots.hpp b/boost/math/tools/roots.hpp
+index 8b3ab7eb9..5d7936bb2 100644
+--- a/boost/math/tools/roots.hpp
++++ b/boost/math/tools/roots.hpp
+@@ -861,10 +861,10 @@ Complex complex_newton(F g, Complex guess, int max_iterations = std::numeric_lim
+ namespace detail
+ {
+ #if defined(BOOST_GNU_STDLIB) && !defined(_GLIBCXX_USE_C99_MATH_TR1)
+-float fma_workaround(float f) { return ::fmaf(f); }
+-double fma_workaround(double f) { return ::fma(f); }
++inline float fma_workaround(float x, float y, float z) { return ::fmaf(x, y, z); }
++inline double fma_workaround(double x, double y, double z) { return ::fma(x, y, z); }
+ #ifndef BOOST_MATH_NO_LONG_DOUBLE_MATH_FUNCTIONS
+-long double fma_workaround(long double f) { return ::fmal(f); }
++inline long double fma_workaround(long double x, long double y, long double z) { return ::fmal(x, y, z); }
+ #endif
+ #endif
+ template<class T>
--- /dev/null
+Index: boost_1_72_0/boost/math/tools/roots.hpp
+===================================================================
+--- boost_1_72_0.orig/boost/math/tools/roots.hpp
++++ boost_1_72_0/boost/math/tools/roots.hpp
+@@ -884,7 +884,11 @@ inline T discriminant(T const& a, T cons
+ template<class T>
+ std::pair<T, T> quadratic_roots_imp(T const& a, T const& b, T const& c)
+ {
+- using std::copysign;
++ #if defined(BOOST_GNU_STDLIB) && !defined(_GLIBCXX_USE_C99_MATH_TR1)
++ using boost::math::copysign;
++ #else
++ using std::copysign;
++ #endif
+ using std::sqrt;
+ if constexpr (std::is_floating_point<T>::value)
+ {
PKG_NAME:=cyrus-sasl
PKG_VERSION:=2.1.27
-PKG_RELEASE:=1
+PKG_RELEASE:=3
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org>
ln -sf libsasl2.so $(1)/usr/lib/libsasl.so
$(INSTALL_DIR) $(1)/usr/lib/sasl2
$(CP) $(PKG_INSTALL_DIR)/usr/lib/sasl2/lib*.{a,so*} $(1)/usr/lib/sasl2/
+ $(INSTALL_DIR) $(1)/usr/lib/pkgconfig
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libsasl2.pc $(1)/usr/lib/pkgconfig/
endef
define Package/libsasl2/install
$(INSTALL_DIR) $(1)/usr/lib/
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/libsasl2.so* $(1)/usr/lib/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libsasl2.so.* $(1)/usr/lib/
$(INSTALL_DIR) $(1)/usr/lib/sasl2
$(CP) $(PKG_INSTALL_DIR)/usr/lib/sasl2/lib*.so* $(1)/usr/lib/sasl2/
endef
PKG_NAME:=glib2
PKG_VERSION:=2.58.3
-PKG_RELEASE:=3
+PKG_RELEASE:=5
PKG_SOURCE:=glib-$(PKG_VERSION).tar.xz
PKG_BUILD_DIR:=$(BUILD_DIR)/glib-$(PKG_VERSION)
PKG_BUILD_DEPENDS:=gettext
HOST_BUILD_DEPENDS:=gettext-full/host libiconv/host libffi/host
PKG_INSTALL:=1
-PKG_USE_MIPS16:=0
PKG_CPE_ID:=cpe:/a:gnome:glib
The GLib library of C routines
endef
-TARGET_CFLAGS += -Wno-error=implicit-function-declaration
+TARGET_CFLAGS += $(FPIC) -ffunction-sections -fdata-sections -flto
HOST_CONFIGURE_ARGS += \
--disable-libelf \
--disable-fam \
--disable-gtk-doc-html \
--disable-man \
+ --disable-compile-warnings \
--with-libiconv=gnu \
--with-pcre=internal
--- /dev/null
+--- a/glib/valgrind.h 2019-12-12 14:53:26.000200499 +0100
++++ b/glib/valgrind.h 2019-12-12 14:49:45.056163300 +0100
+@@ -157,7 +157,7 @@
+ # define PLAT_s390x_linux 1
+ #elif defined(__linux__) && defined(__mips__) && (__mips==64)
+ # define PLAT_mips64_linux 1
+-#elif defined(__linux__) && defined(__mips__) && (__mips!=64)
++#elif defined(__linux__) && defined(__mips__) && (__mips!=64) && !defined(__mips16)
+ # define PLAT_mips32_linux 1
+ #elif defined(__sun) && defined(__i386__)
+ # define PLAT_x86_solaris 1
include $(TOPDIR)/rules.mk
PKG_NAME:=gnutls
-PKG_VERSION:=3.6.9
-PKG_RELEASE:=2
+PKG_VERSION:=3.6.11.1
+PKG_RELEASE:=1
PKG_USE_MIPS16:=0
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://www.gnupg.org/ftp/gcrypt/gnutls/v3.6
-PKG_HASH:=4331fca55817ecdd74450b908a6c29b4f05bb24dd13144c6284aa34d872e1fcb
+PKG_HASH:=fbba12f3db9a55dbf027e14111755817ec44b57eabec3e8089aac8ac6f533cf8
#PKG_FIXUP:=autoreconf gettext-version
PKG_MAINTAINER:=Nikos Mavrogiannopoulos <nmav@gnutls.org>
PKG_LICENSE:=LGPL-2.1-or-later
include $(TOPDIR)/rules.mk
PKG_NAME:=google-authenticator-libpam
-PKG_VERSION:=1.06
+PKG_VERSION:=1.07
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/google/google-authenticator-libpam/tar.gz/$(PKG_VERSION)?
-PKG_HASH:=52f03ec746e8deb1af37911697d096f0fa87583491b7cc460cdf09a6ef0d6b06
+PKG_HASH:=104a158e013585e20287f8d33935e93c711b96281e6dda621a5c19575d0b0405
PKG_MAINTAINER:=Lucian Cristian <lucian.cristian@gmail.com>
PKG_LICENSE:=Apache-2.0
--- /dev/null
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=h2o
+PKG_VERSION:=2.2.6
+PKG_RELEASE:=3
+
+PKG_SOURCE_URL:=https://codeload.github.com/h2o/h2o/tar.gz/v${PKG_VERSION}?
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_HASH:=f8cbc1b530d85ff098f6efc2c3fdbc5e29baffb30614caac59d5c710f7bda201
+
+PKG_MAINTAINER:=James Taylor <james@jtaylor.id.au
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=LICENSE
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
+
+PKG_BUILD_DEPENDS:=ruby/host
+PKG_BUILD_PARALLEL:=1
+
+CMAKE_OPTIONS:= \
+ -DBUILD_SHARED_LIBS=ON \
+ -DWITH_MRUBY=OFF
+
+CMAKE_INSTALL:=1
+
+define Package/libh2o-evloop
+ SECTION:=libs
+ CATEGORY:=Libraries
+ TITLE:=H2O Library compiled with its own event loop
+ URL:=https://h2o.examp1e.net/
+ DEPENDS:=+libwslay +libopenssl +zlib +libyaml +ruby
+endef
+
+define Package/libh2o
+ SECTION:=libs
+ CATEGORY:=Libraries
+ TITLE:=H2O Library compiled with libuv
+ URL:=https://h2o.examp1e.net/
+ DEPENDS:=+libuv +libwslay +libopenssl +zlib +libyaml +ruby
+endef
+
+define Package/libh2o-evloop/install
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/libh2o-evloop.so* $(1)/usr/lib/
+endef
+
+define Package/libh2o/install
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/libh2o.so* $(1)/usr/lib/
+endef
+
+$(eval $(call BuildPackage,libh2o-evloop))
+$(eval $(call BuildPackage,libh2o))
--- /dev/null
+--- a/include/h2o/socket.h
++++ b/include/h2o/socket.h
+@@ -29,6 +29,7 @@
+ #include <stdint.h>
+ #include <sys/socket.h>
+ #include <openssl/ssl.h>
++#include <openssl/opensslconf.h>
+ #include "h2o/cache.h"
+ #include "h2o/memory.h"
+ #include "h2o/openssl_backport.h"
+@@ -45,7 +44,11 @@
+
+ #if OPENSSL_VERSION_NUMBER >= 0x10002000L
+ #define H2O_USE_ALPN 1
++#ifndef OPENSSL_NO_NEXTPROTONEG
+ #define H2O_USE_NPN 1
++#else
++#define H2O_USE_NPN 0
++#endif
+ #elif OPENSSL_VERSION_NUMBER >= 0x10001000L
+ #define H2O_USE_ALPN 0
+ #define H2O_USE_NPN 1
--- /dev/null
+From f7d5cb83826c7e2b1a3dc618b434d85df130a4d5 Mon Sep 17 00:00:00 2001
+From: James Taylor <james@jtaylor.id.au>
+Date: Tue, 10 Dec 2019 21:58:45 +1100
+Subject: [PATCH] Explicitly link against WSLAY when available
+
+When other libraries attempt to link against libh2o and libh2o-evloop that was
+compiled with libwslay available, there are errors from missing symbols
+associated with code which makes use of the wslay library. To rectify this,
+explicitly link against libwslay during the build process.
+
+Fixes #2105
+
+Signed-off-by: James Taylor <james@jtaylor.id.au>
+---
+ CMakeLists.txt | 12 ++++++++++--
+ 1 file changed, 10 insertions(+), 2 deletions(-)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index a68613081..13c2f8a9f 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -519,13 +519,21 @@ SET_TARGET_PROPERTIES(libh2o PROPERTIES
+ OUTPUT_NAME h2o
+ VERSION ${LIBRARY_VERSION}
+ SOVERSION ${LIBRARY_SOVERSION})
+-TARGET_LINK_LIBRARIES(libh2o ${LIBUV_LIBRARIES} ${EXTRA_LIBS})
++IF (WSLAY_FOUND)
++ TARGET_LINK_LIBRARIES(libh2o ${WSLAY_LIBRARIES} ${LIBUV_LIBRARIES} ${EXTRA_LIBS})
++ELSE ()
++ TARGET_LINK_LIBRARIES(libh2o ${LIBUV_LIBRARIES} ${EXTRA_LIBS})
++ENDIF (WSLAY_FOUND)
+ SET_TARGET_PROPERTIES(libh2o-evloop PROPERTIES
+ OUTPUT_NAME h2o-evloop
+ COMPILE_FLAGS "-DH2O_USE_LIBUV=0"
+ VERSION ${LIBRARY_VERSION}
+ SOVERSION ${LIBRARY_SOVERSION})
+-TARGET_LINK_LIBRARIES(libh2o-evloop ${EXTRA_LIBS})
++IF (WSLAY_FOUND)
++ TARGET_LINK_LIBRARIES(libh2o-evloop ${WSLAY_LIBRARIES} ${EXTRA_LIBS})
++ELSE ()
++ TARGET_LINK_LIBRARIES(libh2o-evloop ${EXTRA_LIBS})
++ENDIF (WSLAY_FOUND)
+
+ TARGET_INCLUDE_DIRECTORIES(libh2o PUBLIC ${OPENSSL_INCLUDE_DIR})
+ TARGET_INCLUDE_DIRECTORIES(libh2o-evloop PUBLIC ${OPENSSL_INCLUDE_DIR})
--- /dev/null
+--- a/deps/picotls/include/picotls/openssl.h
++++ b/deps/picotls/include/picotls/openssl.h
+@@ -26,11 +26,14 @@
+ #include <openssl/evp.h>
+ #include <openssl/hmac.h>
+ #include <openssl/x509.h>
++#include <openssl/opensslconf.h>
+ #include "../picotls.h"
+
+ #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
++#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
+ #define PTLS_OPENSSL_HAVE_CHACHA20_POLY1305
+ #endif
++#endif
+
+ extern ptls_key_exchange_algorithm_t ptls_openssl_secp256r1;
+ extern ptls_key_exchange_algorithm_t *ptls_openssl_key_exchanges[];
--- /dev/null
+From 03dbd6757d043581b5d250107b6f1cda6ae203a9 Mon Sep 17 00:00:00 2001
+From: Frederik Deweerdt <fdeweerdt@fastly.com>
+Date: Wed, 25 Oct 2017 13:52:28 -0700
+Subject: [PATCH] Autodetect backtrace and backtrace_symbols_fd
+
+---
+ CMakeLists.txt | 13 +++++++++++++
+ src/main.c | 10 ++++++----
+ 2 files changed, 19 insertions(+), 4 deletions(-)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index abfab1f19..2a26fb98a 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -58,6 +58,19 @@ __sync_add_and_fetch(&a, 1);
+ return 0;
+ }" ARCH_SUPPORTS_64BIT_ATOMICS)
+
++CHECK_C_SOURCE_COMPILES("
++#include <execinfo.h>
++int main(void) {
++void *p[10];
++int ret = backtrace(p, 10);
++backtrace_symbols_fd(p, ret, 2);
++return 0;
++}" LIBC_HAS_BACKTRACE)
++
++IF (LIBC_HAS_BACKTRACE)
++ ADD_DEFINITIONS("-DLIBC_HAS_BACKTRACE")
++ENDIF ()
++
+ SET(WITH_BUNDLED_SSL_DEFAULT "ON")
+ IF ((NOT UNIX) OR CYGWIN)
+ SET(WITH_BUNDLED_SSL_DEFAULT "OFF")
+diff --git a/src/main.c b/src/main.c
+index 7c346af18..edc7d5eb3 100644
+--- a/src/main.c
++++ b/src/main.c
+@@ -48,7 +48,7 @@
+ #include <openssl/crypto.h>
+ #include <openssl/err.h>
+ #include <openssl/ssl.h>
+-#ifdef __GLIBC__
++#ifdef LIBC_HAS_BACKTRACE
+ #include <execinfo.h>
+ #endif
+ #if H2O_USE_PICOTLS
+@@ -1435,7 +1435,8 @@ static void on_sigterm(int signo)
+ notify_all_threads();
+ }
+
+-#ifdef __GLIBC__
++#ifdef LIBC_HAS_BACKTRACE
++
+ static int popen_crash_handler(void)
+ {
+ char *cmd_fullpath = h2o_configurator_get_cmd_path(conf.crash_handler), *argv[] = {cmd_fullpath, NULL};
+@@ -1487,13 +1488,14 @@ static void on_sigfatal(int signo)
+
+ raise(signo);
+ }
+-#endif
++
++#endif /* LIBC_HAS_BACKTRACE */
+
+ static void setup_signal_handlers(void)
+ {
+ h2o_set_signal_handler(SIGTERM, on_sigterm);
+ h2o_set_signal_handler(SIGPIPE, SIG_IGN);
+-#ifdef __GLIBC__
++#ifdef LIBC_HAS_BACKTRACE
+ if ((crash_handler_fd = popen_crash_handler()) == -1)
+ crash_handler_fd = 2;
+ h2o_set_signal_handler(SIGABRT, on_sigfatal);
MAJOR_VERSION:=65
MINOR_VERSION:=1
PKG_VERSION:=$(MAJOR_VERSION).$(MINOR_VERSION)
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(MAJOR_VERSION)_$(MINOR_VERSION)-src.tgz
PKG_SOURCE_URL:=https://github.com/unicode-org/icu/releases/download/release-$(MAJOR_VERSION)-$(MINOR_VERSION)
--- /dev/null
+From 8fda72f6d8e442c5382f21cdd884e2c962bb53bd Mon Sep 17 00:00:00 2001
+From: Rosen Penev <rosenp@gmail.com>
+Date: Wed, 11 Dec 2019 13:25:32 -0800
+Subject: [PATCH] ICU-20877 i18n: Don't use C++11 math
+
+It's not available with some libc implementations. Specifically,
+BIONIC and uClibc-ng. uprv_ variants are available.
+
+Signed-off-by: Rosen Penev <rosenp@gmail.com>
+---
+ i18n/decimfmt.cpp | 2 +-
+ i18n/number_decimalquantity.cpp | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/i18n/decimfmt.cpp b/i18n/decimfmt.cpp
+index 4015250e273..0cbaca7e099 100644
+--- a/i18n/decimfmt.cpp
++++ b/i18n/decimfmt.cpp
+@@ -1801,7 +1801,7 @@ bool DecimalFormat::fastFormatDouble(double input, UnicodeString& output) const
+ return false;
+ }
+ if (std::isnan(input)
+- || std::trunc(input) != input
++ || uprv_trunc(input) != input
+ || input <= INT32_MIN
+ || input > INT32_MAX) {
+ return false;
+diff --git a/i18n/number_decimalquantity.cpp b/i18n/number_decimalquantity.cpp
+index abbc23de032..778feb141b4 100644
+--- a/i18n/number_decimalquantity.cpp
++++ b/i18n/number_decimalquantity.cpp
+@@ -452,7 +452,7 @@ void DecimalQuantity::_setToDoubleFast(double n) {
+ for (; i <= -22; i += 22) n /= 1e22;
+ n /= DOUBLE_MULTIPLIERS[-i];
+ }
+- auto result = static_cast<int64_t>(std::round(n));
++ auto result = static_cast<int64_t>(uprv_round(n));
+ if (result != 0) {
+ _setToLong(result);
+ scale -= fracLength;
include $(TOPDIR)/rules.mk
PKG_NAME:=keyutils
-PKG_VERSION:=1.6
-PKG_RELEASE:=3
+PKG_VERSION:=1.6.1
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://people.redhat.com/dhowells/keyutils/
-PKG_HASH:=d3aef20cec0005c0fa6b4be40079885567473185b1a57b629b030e67942c7115
+PKG_HASH:=c8b15722ae51d95b9ad76cc6d49a4c2cc19b0c60f72f61fb9bf43eea7cbd64ce
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
include $(TOPDIR)/rules.mk
PKG_NAME:=ldns
-PKG_VERSION:=1.7.0
-PKG_RELEASE:=5
+PKG_VERSION:=1.7.1
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://www.nlnetlabs.nl/downloads/ldns
-PKG_HASH:=c19f5b1b4fb374cfe34f4845ea11b1e0551ddc67803bd6ddd5d2a20f0997a6cc
+PKG_HASH:=8ac84c16bdca60e710eea75782356f3ac3b55680d40e1530d7cea474ac208229
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=LICENSE
-PKG_MAINTAINER:=
+PKG_MAINTAINER:=Eric Luehrsen <ericluehrsen@gmail.com>
PKG_CPE_ID:=cpe:/a:nlnetlabs:ldns
PKG_FIXUP:=autoreconf
endef
define Package/drill/description
- drill is a tool to designed to get all sorts of information out of the DNS. It
- is specificly designed to be used with DNSSEC.
+ ldns includes the drill tool, which is much like dig from BIND. It was
+ designed with DNSSEC in mind and should be a useful debugging/query tool
+ for DNSSEC.
+endef
+
+define Package/ldns-examples
+ $(call Package/libldns/Default)
+ SECTION:=net
+ CATEGORY:=Network
+ SUBMENU:=IP Addresses and Names
+ TITLE:=Example programs from NLNetLabs ldns library
+ DEPENDS+= +libldns +libpcap +drill
+endef
+
+define Package/ldns-examples/description
+ A few example programs are included in the source of ldns. They include tools
+ which can create DNSSEC keys and DNSSEC zone files.
endef
CONFIGURE_ARGS += \
- --disable-dane-ta-usage \
- --disable-ecdsa \
+ --disable-dsa \
--disable-gost \
+ --enable-ecdsa \
--with-drill \
+ --with-examples \
--with-ssl="$(STAGING_DIR)/usr"
define Build/InstallDev
$(CP) $(PKG_INSTALL_DIR)/usr/bin/drill $(1)/usr/bin/
endef
+define Package/ldns-examples/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/ldns-chaos $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/ldns-compare-zones $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/ldns-dane $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/ldns-dpa $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/ldns-gen-zone $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/ldns-key2ds $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/ldns-keyfetcher $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/ldns-keygen $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/ldns-mx $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/ldns-notify $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/ldns-nsec3-hash $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/ldns-read-zone $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/ldns-revoke $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/ldns-rrsig $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/ldns-signzone $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/ldns-test-edns $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/ldns-testns $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/ldns-update $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/ldns-verify-zone $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/ldns-version $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/ldns-walk $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/ldns-zcat $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/ldns-zsplit $(1)/usr/bin/
+endef
+
$(eval $(call BuildPackage,libldns))
$(eval $(call BuildPackage,drill))
+$(eval $(call BuildPackage,ldns-examples))
--- /dev/null
+--- a/configure.ac
++++ b/configure.ac
+@@ -859,10 +859,10 @@
+ AC_ARG_WITH(xcode-sdk, AC_HELP_STRING([--with-xcode-sdk],
+ [Set xcode SDK version. Default is autodetect]),
+ [],[with_xcode_sdk="yes"])
+ if test "x_$with_xcode_sdk" != "x_no" ; then
+ # check OSX deployment target, if needed
+- if echo $build_os | grep darwin > /dev/null; then
++ if echo $target_os | grep darwin > /dev/null; then
+ sdk_p=`xcode-select -print-path`;
+ if test "x_$with_xcode_sdk" = "x_yes" ; then
+ sdk_v="$( /usr/bin/xcrun --show-sdk-version 2>/dev/null )"
+++ /dev/null
---- a/configure.ac
-+++ b/configure.ac
-@@ -842,7 +842,7 @@ ACX_CHECK_FORMAT_ATTRIBUTE
- ACX_CHECK_UNUSED_ATTRIBUTE
-
- # check OSX deployment target, if needed
--if echo $build_os | grep darwin > /dev/null; then
-+if echo $target_os | grep darwin > /dev/null; then
- sdk_p=`xcode-select -print-path`;
- sdk_v="$( /usr/bin/xcrun --show-sdk-version )";
- case $sdk_v in
+++ /dev/null
-From c8391790c96d4c8a2c10f9ab1460fda83b509fc2 Mon Sep 17 00:00:00 2001
-From: Willem Toorop <willem@nlnetlabs.nl>
-Date: Thu, 27 Apr 2017 00:14:58 +0200
-Subject: [PATCH] Check parse limit before t increment
-
-Thanks Stephan Zeisberg
----
- parse.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/parse.c b/parse.c
-index e68627c..947dbb8 100644
---- a/parse.c
-+++ b/parse.c
-@@ -118,6 +118,10 @@ ldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *li
- if (line_nr) {
- *line_nr = *line_nr + 1;
- }
-+ if (limit > 0 && (i >= limit || (size_t)(t-token) >= limit)) {
-+ *t = '\0';
-+ return -1;
-+ }
- *t++ = ' ';
- prev_c = c;
- continue;
---
-2.9.5
-
+++ /dev/null
-From 3bdeed02505c9bbacb3b64a97ddcb1de967153b7 Mon Sep 17 00:00:00 2001
-From: Willem Toorop <willem@nlnetlabs.nl>
-Date: Thu, 27 Apr 2017 00:25:20 +0200
-Subject: [PATCH] bugfix #1257: Free after reallocing to 0 size
-
-Thanks Stephan Zeisberg
----
- str2host.c | 6 ++++--
- 1 file changed, 4 insertions(+), 2 deletions(-)
-
-diff --git a/str2host.c b/str2host.c
-index b274b17..f2a317b 100644
---- a/str2host.c
-+++ b/str2host.c
-@@ -1525,8 +1525,10 @@ ldns_str2rdf_long_str(ldns_rdf **rd, const char *str)
- if (! str) {
- return LDNS_STATUS_SYNTAX_BAD_ESCAPE;
- }
-- length = (size_t)(dp - data);
--
-+ if (!(length = (size_t)(dp - data))) {
-+ LDNS_FREE(data);
-+ return LDNS_STATUS_SYNTAX_EMPTY;
-+ }
- /* Lose the overmeasure */
- data = LDNS_XREALLOC(dp = data, uint8_t, length);
- if (! data) {
---
-2.9.5
-
+++ /dev/null
---- a/dnssec.c
-+++ b/dnssec.c
-@@ -23,6 +23,9 @@
- #include <openssl/rand.h>
- #include <openssl/err.h>
- #include <openssl/md5.h>
-+#include <openssl/bn.h>
-+#include <openssl/rsa.h>
-+#include <openssl/dsa.h>
- #endif
-
- ldns_rr *
---- a/dnssec_sign.c
-+++ b/dnssec_sign.c
-@@ -17,6 +17,9 @@
- #include <openssl/rand.h>
- #include <openssl/err.h>
- #include <openssl/md5.h>
-+#include <openssl/bn.h>
-+#include <openssl/rsa.h>
-+#include <openssl/dsa.h>
- #endif /* HAVE_SSL */
-
- ldns_rr *
---- a/dnssec_verify.c
-+++ b/dnssec_verify.c
-@@ -594,7 +594,9 @@ ldns_dnssec_trust_tree_print_sm_fmt(FILE
- if (tree->parent_status[i]
- == LDNS_STATUS_SSL_ERR) {
- printf("; SSL Error: ");
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- ERR_load_crypto_strings();
-+#endif
- ERR_print_errors_fp(stdout);
- printf("\n");
- }
---- a/drill/drill.c
-+++ b/drill/drill.c
-@@ -1013,7 +1013,7 @@ main(int argc, char *argv[])
- xfree(tsig_data);
- xfree(tsig_algorithm);
-
--#ifdef HAVE_SSL
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- CRYPTO_cleanup_all_ex_data();
- ERR_free_strings();
- EVP_cleanup();
---- a/host2str.c
-+++ b/host2str.c
-@@ -28,6 +28,12 @@
- #include <time.h>
- #include <sys/time.h>
-
-+#ifdef HAVE_SSL
-+#include <openssl/bn.h>
-+#include <openssl/rsa.h>
-+#include <openssl/dsa.h>
-+#endif
-+
- #ifndef INET_ADDRSTRLEN
- #define INET_ADDRSTRLEN 16
- #endif
---- a/keys.c
-+++ b/keys.c
-@@ -16,8 +16,12 @@
-
- #ifdef HAVE_SSL
- #include <openssl/ssl.h>
--#include <openssl/engine.h>
- #include <openssl/rand.h>
-+#include <openssl/bn.h>
-+#include <openssl/rsa.h>
-+#include <openssl/dsa.h>
-+#include <openssl/engine.h>
-+#include <openssl/ui.h>
- #endif /* HAVE_SSL */
-
- ldns_lookup_table ldns_signing_algorithms[] = {
+++ /dev/null
---- a/keys.c
-+++ b/keys.c
-@@ -20,8 +20,10 @@
- #include <openssl/bn.h>
- #include <openssl/rsa.h>
- #include <openssl/dsa.h>
--#include <openssl/engine.h>
- #include <openssl/ui.h>
-+#ifndef OPENSSL_NO_ENGINE
-+#include <openssl/engine.h>
-+#endif
- #endif /* HAVE_SSL */
-
- ldns_lookup_table ldns_signing_algorithms[] = {
-@@ -103,7 +105,7 @@ ldns_key_new_frm_fp(ldns_key **k, FILE *fp)
- return ldns_key_new_frm_fp_l(k, fp, NULL);
- }
-
--#ifdef HAVE_SSL
-+#if defined(HAVE_SSL) && !defined(OPENSSL_NO_ENGINE)
- ldns_status
- ldns_key_new_frm_engine(ldns_key **key, ENGINE *e, char *key_id, ldns_algorithm alg)
- {
include $(TOPDIR)/rules.mk
PKG_NAME:=libarchive
-PKG_VERSION:=3.4.0
+PKG_VERSION:=3.4.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/libarchive/libarchive/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=c160d3c45010a51a924208f13f6b7b956dabdf8c5c60195df188a599028caa7c
+PKG_HASH:=772e8b066d84d2f15c89a6cfcba482878eb1270f56aa1d484710e904d84cc4c1
PKG_MAINTAINER:=Johannes Morgenroth <morgenroth@ibr.cs.tu-bs.de>
PKG_LICENSE:=BSD-2-Clause
include $(TOPDIR)/rules.mk
PKG_NAME:=libcap
-PKG_VERSION:=2.27
-PKG_RELEASE:=3
+PKG_VERSION:=2.30
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@KERNEL/linux/libs/security/linux-privs/libcap2
-PKG_HASH:=dac1792d0118bee6aae6ba7fb93ff1602c6a9bda812fd63916eee1435b9c486a
+PKG_HASH:=a287bae0b0d95e5230a1c4177b835c70774511b631f87c7bd29e91a03e027f11
PKG_MAINTAINER:=Paul Wassi <p.wassi@gmx.at>
-PKG_LICENSE:=GPL-2.0
+PKG_LICENSE:=GPL-2.0-only
PKG_LICENSE_FILES:=License
PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/kernel.mk
LD="$(TARGET_CC) -Wl,-x -shared" \
LDFLAGS="$(TARGET_LDFLAGS)" \
INDENT="| true" \
+ GOLANG="no" \
PAM_CAP="no" \
RAISE_SETFCAP="no" \
DYNAMIC="yes" \
--- a/libcap/_makenames.c
+++ b/libcap/_makenames.c
-@@ -7,7 +7,6 @@
-
+@@ -8,7 +8,6 @@
#include <stdio.h>
#include <stdlib.h>
+ #include <string.h>
-#include <sys/capability.h>
/*
* #include 'sed' generated array
-@@ -22,7 +21,7 @@ struct {
+@@ -23,7 +22,7 @@ struct {
};
/* this should be more than big enough (factor of three at least) */
--- a/progs/capsh.c
+++ b/progs/capsh.c
-@@ -24,6 +24,9 @@
+@@ -25,6 +25,9 @@
#include <sys/wait.h>
- #include <sys/prctl.h>
+ #include <unistd.h>
+#ifndef SHELL
+#define SHELL "/bin/sh"
#define MAX_GROUPS 100 /* max number of supplementary groups for user */
static char *binary(unsigned long value)
-@@ -692,10 +695,10 @@ int main(int argc, char *argv[], char *envp[])
+@@ -756,10 +759,10 @@ int main(int argc, char *argv[], char *envp[])
} else if (!strcmp("--print", argv[i])) {
arg_print();
} else if ((!strcmp("--", argv[i])) || (!strcmp("==", argv[i]))) {
exit(1);
} else {
usage:
-@@ -720,7 +723,7 @@ int main(int argc, char *argv[], char *envp[])
+@@ -789,7 +792,7 @@ int main(int argc, char *argv[], char *envp[])
" --killit=<n> send signal(n) to child\n"
" --forkfor=<n> fork and make child sleep for <n> sec\n"
" == re-exec(capsh) with args as for --\n"
--- /dev/null
+--- a/tests/Makefile
++++ b/tests/Makefile
+@@ -32,7 +32,7 @@ run_libcap_psx_test: libcap_psx_test
+ ./libcap_psx_test
+
+ libcap_psx_test: libcap_psx_test.c $(DEPS)
+- $(CC) $(CFLAGS) $(IPATH) $< -o $@ $(LIBCAPLIB) $(LIBPSXLIB) -Wl,-wrap,pthread_create --static
++ $(CC) $(CFLAGS) $(IPATH) $< -o $@ $(LIBCAPLIB) $(LIBPSXLIB) -Wl,-wrap,pthread_create
+
+ clean:
+ rm -f psx_test psx_test_wrap libcap_psx_test
include $(TOPDIR)/rules.mk
PKG_NAME:=libev
-PKG_VERSION:=4.27
+PKG_VERSION:=4.31
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://dist.schmorp.de/libev/Attic/
-PKG_HASH:=2d5526fc8da4f072dd5c73e18fbb1666f5ef8ed78b73bba12e195cfdd810344e
+PKG_HASH:=ed855d2b52118e32c0c1a6a32bd18c97f9e6711ca511f5ee12de3b9eccc66e5a
PKG_LICENSE:=BSD-2-Clause
PKG_MAINTAINER:=Karl Palsson <karlp@tweak.net.au>
include $(TOPDIR)/rules.mk
PKG_NAME:=libfmt
-PKG_VERSION:=6.0.0
+PKG_VERSION:=6.1.2
PKG_RELEASE:=1
PKG_SOURCE_NAME:=fmt
PKG_SOURCE:=$(PKG_SOURCE_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/fmtlib/$(PKG_SOURCE_NAME)/tar.gz/$(PKG_VERSION)?
-PKG_HASH:=f1907a58d5e86e6c382e51441d92ad9e23aea63827ba47fd647eacc0d3a16c78
+PKG_HASH:=1cafc80701b746085dddf41bd9193e6d35089e1c6ec1940e037fcb9c98f62365
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_SOURCE_NAME)-$(PKG_VERSION)
PKG_MAINTAINER:=Othmar Truniger <github@truniger.ch>
include $(TOPDIR)/rules.mk
PKG_NAME:=libfstrm
-PKG_VERSION:=0.5.0
-PKG_RELEASE:=3
+PKG_VERSION:=0.6.0
+PKG_RELEASE:=1
PKG_SOURCE:=fstrm-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://dl.farsightsecurity.com/dist/fstrm/
-PKG_HASH:=10ee7792a86face1d2271dc591652ab8c7af6976883887c69fdb11f10da135fc
+PKG_HASH:=a7049089eb0861ecaa21150a05613caa6dee4e8545b91191eff2269caa923910
PKG_BUILD_DIR:=$(BUILD_DIR)/fstrm-$(PKG_VERSION)
CMAKE_OPTIONS += \
-DBoost_NO_BOOST_CMAKE=ON \
-DBUILD_TESTS=OFF \
+ -DDOCUMENTATION=OFF \
-DEXAMPLES=OFF
define Build/InstallDev
PKG_NAME:=libgd
PKG_VERSION:=2.2.5
-PKG_RELEASE:=4
+PKG_RELEASE:=6
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://github.com/$(PKG_NAME)/$(PKG_NAME)/releases/download/gd-$(PKG_VERSION)/
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/cmake.mk
-define Package/libgd
+define Package/libgd/default
SECTION:=libs
CATEGORY:=Libraries
DEPENDS:=+libjpeg +libpng +libwebp +LIBGD_TIFF:libtiff +LIBGD_FREETYPE:libfreetype
TITLE:=The GD graphics library
URL:=https://libgd.github.io/
+endef
+
+define Package/libgd
+ $(call Package/libgd/default)
MENU:=1
+ DEPENDS+=+LIBGD_TIFF:libtiff +LIBGD_FREETYPE:libfreetype
+ VARIANT:=default
endef
-define Package/libgd/description
+define Package/libgd-full
+ $(call Package/libgd/default)
+ DEPENDS+=+libtiff +libfreetype
+ TITLE+=(full)
+ VARIANT:=full
+endef
+
+define Package/libgd/description/default
GD is an open source code library for the dynamic creation of images by
programmers. GD creates PNG, JPEG and GIF images, among other formats.
endef
+Package/libgd/description=$(Package/libgd/description/default)
+
+define Package/libgd-full/description
+ $(call Package/libgd/description/default)
+ .
+ This variant of the libgd package is compiled will all features enabled.
+endef
+
define Package/libgd/config
if PACKAGE_libgd
config LIBGD_TIFF
-DENABLE_XPM=OFF \
-DZLIB_INCLUDE_DIR="$(STAGING_DIR)/usr"
+ifeq ($(BUILD_VARIANT),full)
+ CMAKE_OPTIONS += \
+ -DENABLE_TIFF=ON \
+ -DFREETYPE_INCLUDE_DIRS=$(STAGING_DIR)/usr/include/freetype2/ \
+ -DENABLE_FREETYPE=ON
+
+else
+
ifdef CONFIG_LIBGD_TIFF
CMAKE_OPTIONS += \
-DENABLE_TIFF=ON
ifdef CONFIG_LIBGD_FREETYPE
CMAKE_OPTIONS += \
+ -DFREETYPE_INCLUDE_DIRS=$(STAGING_DIR)/usr/include/freetype2/ \
-DENABLE_FREETYPE=ON
else
CMAKE_OPTIONS += \
-DENABLE_FREETYPE=OFF
endif
+endif
+
define Package/libgd/install
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libgd.so* $(1)/usr/lib/
endef
+Package/libgd-full/install=$(Package/libgd/install)
+
$(eval $(call BuildPackage,libgd))
+$(eval $(call BuildPackage,libgd-full))
--- /dev/null
+--- a/config/gdlib.pc.cmake
++++ b/config/gdlib.pc.cmake
+@@ -5,7 +5,7 @@ includedir=${prefix}/@CMAKE_INSTALL_INCL
+
+ Name: gd
+ Description: GD graphics library
+-Version: @GDLIB_VERSION@
++Version: @GD_VERSION@
+ Cflags: -I${includedir}
+ Libs.private: @LIBGD_DEP_LIBS@
+ Libs: -L${libdir} -lgd
include $(TOPDIR)/rules.mk
PKG_NAME:=libical
-PKG_VERSION:=3.0.4
+PKG_VERSION:=3.0.6
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_HASH:=72b216e10233c3f60cb06062facf41f3b0f70615e5a60b47f9853341a0d5d145
+PKG_HASH:=5c8a21c2b732ece4a33e5c862970b4f35a8548bbcda50de5695f6fc211ac4d97
PKG_SOURCE_URL:=https://github.com/libical/libical/releases/download/v$(PKG_VERSION)/
-PKG_LICENSE:=LGPL-2.1 MPL-2.0
-PKG_LICENSE_FILES:=COPYING
PKG_MAINTAINER:=Jose Zapater <jzapater@gmail.com>
+PKG_LICENSE:=LGPL-2.1-or-later MPL-2.0
+PKG_LICENSE_FILES:=COPYING
+
+CMAKE_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/cmake.mk
CMAKE_OPTIONS += -DWITH_CXX_BINDINGS=false -DICAL_BUILD_DOCS=false -DICAL_GLIB=false
-define Build/InstallDev
- $(INSTALL_DIR) $(1)/usr/include/libical
- $(CP) $(PKG_INSTALL_DIR)/usr/include/libical/* $(1)/usr/include/libical/
- $(INSTALL_DIR) $(1)/usr/lib
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/libical{,ss,vcal}.{a,so*} $(1)/usr/lib/
- $(INSTALL_DIR) $(1)/usr/lib/pkgconfig
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libical.pc $(1)/usr/lib/pkgconfig/
-endef
-
define Package/libical/install
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libical{,ss,vcal}.so.* $(1)/usr/lib/
-diff --git a/CMakeLists.txt b/CMakeLists.txt
-index 1cc7180..295bc20 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
-@@ -161,43 +161,43 @@ endif()
+@@ -170,43 +170,43 @@ endif()
# libicu is highly recommended for RSCALE support
# libicu can be found at http://www.icu-project.org
# RSCALE info at http://tools.ietf.org/html/rfc7529
include $(TOPDIR)/rules.mk
PKG_NAME:=libidn2
-PKG_VERSION:=2.0.5
+PKG_VERSION:=2.3.0
PKG_RELEASE:=1
-PKG_LICENSE:=GPL-2.0-or-later LGPL-3.0-or-later
-PKG_LICENSE_FILES:=COPYING COPYINGv2 COPYING.LESSERv3
-PKG_CPE_ID:=cpe:/a:libidn2_project:libidn2
PKG_SOURCE_URL:=@GNU/libidn
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_HASH:=53f69170886f1fa6fa5b332439c7a77a7d22626a82ef17e2c1224858bb4ca2b8
+PKG_HASH:=e1cb1db3d2e249a6a3eb6f0946777c2e892d5c5dc7bd91c74394fc3a01cab8b5
+
+PKG_MAINTAINER:=
+PKG_CPE_ID:=cpe:/a:libidn2_project:libidn2
PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/nls.mk
SUBMENU:=IP Addresses and Names
TITLE:=GNU IDN2 (Internationalized Domain Name) tool
DEPENDS:=+libidn2
+ LICENSE:=GPL-2.0-or-later
+ LICENSE_FILES:=COPYINGv2
endef
define Package/idn2/description
DEPENDS:=+libunistring $(ICONV_DEPENDS) $(INTL_DEPENDS)
TITLE:=International domain name library (IDNA2008, Punycode and TR46)
URL:=https://www.gnu.org/software/libidn/#libidn2
+ LICENSE:=LGPL-3.0-or-later
+ LICENSE_FILES:=COPYING.LESSERv3
endef
define Package/libidn2/description
include $(TOPDIR)/rules.mk
PKG_NAME:=libimobiledevice
-PKG_SOURCE_DATE:=2019-02-16
-PKG_SOURCE_VERSION:=0584aa90c93ff6ce46927b8d67887cb987ab9545
-PKG_RELEASE:=2
+PKG_SOURCE_DATE:=2019-12-16
+PKG_SOURCE_VERSION:=d04f8ff2e20c42f74161c9cd66502da17b8b0e70
+PKG_RELEASE:=1
-PKG_MAINTAINER:=
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://github.com/libimobiledevice/libimobiledevice
+PKG_MIRROR_HASH:=f3ea7b5cd9789dc23ddc464bd00f39813116239cfe4ea1f13f58ce5a8413c361
+
+PKG_MAINTAINER:=Rosen Penev <rosenp@gmail.com>
PKG_LICENSE:=LGPL-2.1-or-later
PKG_LICENSE_FILES:=COPYING.LESSER
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_DATE).tar.gz
-PKG_SOURCE_URL:=https://codeload.github.com/libimobiledevice/libimobiledevice/tar.gz/$(PKG_SOURCE_VERSION)?
-PKG_HASH:=286e294aad60ef04a39ce70512a0e816415167c982f3e6c2988d9a6b8c5ee29b
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_SOURCE_VERSION)
-
PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
-include $(INCLUDE_DIR)/nls.mk
define Package/libimobiledevice/Default
TITLE:=A library that talks to Apple devices.
URL:=https://www.libimobiledevice.org/
+ SUBMENU:=libimobiledevice
endef
define Package/libimobiledevice/Default/description
$(call Package/libimobiledevice/Default)
SECTION:=libs
CATEGORY:=Libraries
- DEPENDS:=$(ICONV_DEPENDS) +libplist +libusbmuxd +libopenssl
+ DEPENDS:=+libplist +libusbmuxd +libopenssl
+ LICENSE:=LGPL-2.1-or-later
+ LICENSE_FILES:=COPYING.LESSER
endef
define Package/libimobiledevice/description
SECTION:=utils
CATEGORY:=Utilities
DEPENDS:=+libimobiledevice
+ LICENSE:=GPL-2.0-or-later
+ ICENSE_FILES:=COPYING
endef
define Package/libimobiledevice-utils/description
This package contains the libimobiledevice utilities.
endef
-CONFIGURE_VARS += ac_cv_sys_file_offset_bits=64
CONFIGURE_ARGS += --without-cython
define Build/InstallDev
--- /dev/null
+From ec2bba4ffe5a0939ba192b014ba594eaa964412f Mon Sep 17 00:00:00 2001
+From: Rosen Penev <rosenp@gmail.com>
+Date: Sun, 8 Dec 2019 15:45:19 -0800
+Subject: [PATCH] idevicedate: Fix -Wformat=2 warning
+
+Format functions expect a constant expression, not a variable.
+
+Simplified the code slightly.
+---
+ tools/idevicedate.c | 17 ++++-------------
+ 1 file changed, 4 insertions(+), 13 deletions(-)
+
+diff --git a/tools/idevicedate.c b/tools/idevicedate.c
+index 4de90b63..6dddc185 100644
+--- a/tools/idevicedate.c
++++ b/tools/idevicedate.c
+@@ -38,9 +38,9 @@
+ #include <libimobiledevice/lockdown.h>
+
+ #ifdef _DATE_FMT
+-#define DATE_FMT_LANGINFO() nl_langinfo (_DATE_FMT)
++#define DATE_FMT_LANGINFO nl_langinfo (_DATE_FMT)
+ #else
+-#define DATE_FMT_LANGINFO() ""
++#define DATE_FMT_LANGINFO "%a %b %e %H:%M:%S %Z %Y"
+ #endif
+
+ static void print_usage(int argc, char **argv)
+@@ -75,7 +75,6 @@ int main(int argc, char *argv[])
+ uint64_t datetime = 0;
+ time_t rawtime;
+ struct tm * tmp;
+- char const *format = NULL;
+ char buffer[80];
+ int result = 0;
+
+@@ -131,14 +130,6 @@ int main(int argc, char *argv[])
+ }
+ }
+
+- /* determine a date format */
+- if (!format) {
+- format = DATE_FMT_LANGINFO ();
+- if (!*format) {
+- format = "%a %b %e %H:%M:%S %Z %Y";
+- }
+- }
+-
+ ret = idevice_new(&device, udid);
+ if (ret != IDEVICE_E_SUCCESS) {
+ if (udid) {
+@@ -195,7 +186,7 @@ int main(int argc, char *argv[])
+ tmp = localtime(&rawtime);
+
+ /* finally we format and print the current date */
+- strftime(buffer, 80, format, tmp);
++ strftime(buffer, 80, DATE_FMT_LANGINFO, tmp);
+ puts(buffer);
+ } else {
+ datetime = setdate;
+@@ -217,7 +208,7 @@ int main(int argc, char *argv[])
+
+ if(lockdownd_set_value(client, NULL, "TimeIntervalSince1970", node) == LOCKDOWN_E_SUCCESS) {
+ tmp = localtime(&setdate);
+- strftime(buffer, 80, format, tmp);
++ strftime(buffer, 80, DATE_FMT_LANGINFO, tmp);
+ puts(buffer);
+ } else {
+ printf("ERROR: Failed to set date on device.\n");
+++ /dev/null
---- a/common/userpref.c
-+++ b/common/userpref.c
-@@ -37,6 +37,7 @@
- #include <unistd.h>
- #include <usbmuxd.h>
- #ifdef HAVE_OPENSSL
-+#include <openssl/bn.h>
- #include <openssl/pem.h>
- #include <openssl/rsa.h>
- #include <openssl/x509.h>
-@@ -73,6 +74,11 @@ const ASN1_ARRAY_TYPE pkcs1_asn1_tab[] = {
- };
- #endif
-
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#define X509_set1_notBefore X509_set_notBefore
-+#define X509_set1_notAfter X509_set_notAfter
-+#endif
-+
- #ifdef WIN32
- #define DIR_SEP '\\'
- #define DIR_SEP_S "\\"
-@@ -420,9 +426,9 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da
- /* set key validity */
- ASN1_TIME* asn1time = ASN1_TIME_new();
- ASN1_TIME_set(asn1time, time(NULL));
-- X509_set_notBefore(root_cert, asn1time);
-+ X509_set1_notBefore(root_cert, asn1time);
- ASN1_TIME_set(asn1time, time(NULL) + (60 * 60 * 24 * 365 * 10));
-- X509_set_notAfter(root_cert, asn1time);
-+ X509_set1_notAfter(root_cert, asn1time);
- ASN1_TIME_free(asn1time);
-
- /* use root public key for root cert */
-@@ -453,9 +459,9 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da
- /* set key validity */
- ASN1_TIME* asn1time = ASN1_TIME_new();
- ASN1_TIME_set(asn1time, time(NULL));
-- X509_set_notBefore(host_cert, asn1time);
-+ X509_set1_notBefore(host_cert, asn1time);
- ASN1_TIME_set(asn1time, time(NULL) + (60 * 60 * 24 * 365 * 10));
-- X509_set_notAfter(host_cert, asn1time);
-+ X509_set1_notAfter(host_cert, asn1time);
- ASN1_TIME_free(asn1time);
-
- /* use host public key for host cert */
-@@ -533,9 +539,9 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da
-
- ASN1_TIME* asn1time = ASN1_TIME_new();
- ASN1_TIME_set(asn1time, time(NULL));
-- X509_set_notBefore(dev_cert, asn1time);
-+ X509_set1_notBefore(dev_cert, asn1time);
- ASN1_TIME_set(asn1time, time(NULL) + (60 * 60 * 24 * 365 * 10));
-- X509_set_notAfter(dev_cert, asn1time);
-+ X509_set1_notAfter(dev_cert, asn1time);
- ASN1_TIME_free(asn1time);
-
- EVP_PKEY* pkey = EVP_PKEY_new();
---- a/src/idevice.c
-+++ b/src/idevice.c
-@@ -36,6 +36,7 @@
- #include <usbmuxd.h>
- #ifdef HAVE_OPENSSL
- #include <openssl/err.h>
-+#include <openssl/rsa.h>
- #include <openssl/ssl.h>
-
- #else
-@@ -49,6 +50,10 @@
-
- #ifdef HAVE_OPENSSL
-
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#define TLS_method TLSv1_method
-+#endif
-+
- #if OPENSSL_VERSION_NUMBER < 0x10002000L
- static void SSL_COMP_free_compression_methods(void)
- {
-@@ -721,7 +726,7 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_enable_ssl(idevice_conne
- }
- BIO_set_fd(ssl_bio, (int)(long)connection->data, BIO_NOCLOSE);
-
-- SSL_CTX *ssl_ctx = SSL_CTX_new(TLSv1_method());
-+ SSL_CTX *ssl_ctx = SSL_CTX_new(TLS_method());
- if (ssl_ctx == NULL) {
- debug_info("ERROR: Could not create SSL context.");
- BIO_free(ssl_bio);
--- /dev/null
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=libirecovery
+PKG_SOURCE_DATE:=2019-12-16
+PKG_SOURCE_VERSION:=db36196d8d9db5a1f92e6934cf931cd00a6ead2d
+PKG_RELEASE:=1
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://github.com/libimobiledevice/libirecovery
+PKG_MIRROR_HASH:=635f790b97b7e0001050df6a604c2bcd5cc896213f2a2441f58cf0aa4e00f773
+
+PKG_MAINTAINER:=Rosen Penev <rosenp@gmail.com>
+PKG_LICENSE:=LGPL-2.1-or-later
+PKG_LICENSE_FILES:=COPYING
+
+PKG_FIXUP:=autoreconf
+PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/libirecovery/Default
+ URL:=https://github.com/libimobiledevice/libirecovery
+ SUBMENU:=libimobiledevice
+endef
+
+define Package/libirecovery/Default/description
+ libirecovery is a cross-platform library which implements communication
+ to iBoot/iBSS found on Apple's iOS devices via USB.
+endef
+
+define Package/libirecovery
+ $(call Package/libirecovery/Default)
+ TITLE:=A library that talks to Apple iBoot/iBSS
+ SECTION:=libs
+ CATEGORY:=Libraries
+ DEPENDS:=+libreadline +libusb-1.0
+endef
+
+define Package/libirecovery/description
+ $(call Package/libirecovery/Default/description)
+endef
+
+define Package/irecovery
+ $(call Package/libirecovery/Default)
+ TITLE:=A utility that talks to Apple iBoot/iBSS
+ SECTION:=utils
+ CATEGORY:=Utilities
+ DEPENDS:=+libirecovery
+endef
+
+define Package/irecovery/description
+ $(call Package/libirecovery/Default/description)
+ This package contains the libirecovery utilities.
+endef
+
+CONFIGURE_ARGS += --without-udev
+
+define Build/InstallDev
+ $(INSTALL_DIR) $(1)/usr/include
+ $(CP) $(PKG_INSTALL_DIR)/usr/include/libirecovery.h $(1)/usr/include/
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libirecovery.{a,la,so*} $(1)/usr/lib/
+ $(INSTALL_DIR) $(1)/usr/lib/pkgconfig
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libirecovery.pc $(1)/usr/lib/pkgconfig/
+endef
+
+define Package/libirecovery/install
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libirecovery.so.* $(1)/usr/lib/
+endef
+
+define Package/irecovery/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/irecovery $(1)/usr/bin/
+endef
+
+$(eval $(call BuildPackage,libirecovery))
+$(eval $(call BuildPackage,irecovery))
include $(TOPDIR)/rules.mk
PKG_NAME:=libmbim
-PKG_VERSION:=1.20.2
-PKG_RELEASE:=3
+PKG_VERSION:=1.22.0
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://www.freedesktop.org/software/libmbim
-PKG_HASH:=550fb69e5e57f7646f8eb9ed8d24e44ea869ad846be9c162893f12e43528059b
+PKG_HASH:=5c0778eb1cd12c3604523134e55183f5147b0cae71150e875b583768f7aa1f38
PKG_MAINTAINER:=Nicholas Smith <nicholas.smith@telcoantennas.com.au>
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
-PKG_FIXUP:=autoreconf
-
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/nls.mk
include $(TOPDIR)/rules.mk
PKG_NAME:=libmicrohttpd
-PKG_VERSION:=0.9.68
+PKG_VERSION:=0.9.69
PKG_RELEASE:=1
PKG_MAINTAINER:=Alexander Couzens <lynxis@fe80.eu>
PKG_LICENSE:=LGPL-2.1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@GNU/libmicrohttpd
-PKG_HASH:=c5716e2a2899abc9e16c8fa7a1a58da88f81aca96a0b7e68a5d4d89e21610b61
+PKG_HASH:=fb9b6b148b787493e637d3083588711e65cbcb726fa02cee2cd543c5de27e37e
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
+++ /dev/null
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=libmstch
-PKG_VERSION:=1.0.2
-PKG_RELEASE:=2
-
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://codeload.github.com/no1msd/mstch/tar.gz/$(PKG_VERSION)?
-PKG_HASH:=811ed61400d4e9d4f9ae0f7679a2ffd590f0b3c06b16f2798e1f89ab917cba6c
-PKG_BUILD_DIR:=$(BUILD_DIR)/mstch-$(PKG_VERSION)
-HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/mstch-$(PKG_VERSION)
-
-PKG_MAINTAINER:=Amol Bhave <ambhave@fb.com>
-PKG_LICENSE:=MIT
-PKG_LICENSE_FILES:=LICENSE
-
-HOST_BUILD_DEPENDS:=boost/host
-PKG_BUILD_PARALLEL:=1
-CMAKE_INSTALL:=1
-
-include $(INCLUDE_DIR)/package.mk
-include $(INCLUDE_DIR)/host-build.mk
-include $(INCLUDE_DIR)/cmake.mk
-
-define Package/libmstch
- SECTION:=libs
- CATEGORY:=Libraries
- TITLE:=Complete implementation of {{mustache}} templates using modern C++
- DEPENDS:=+boost +boost-container
- URL:=https://github.com/no1msd/mstch
-endef
-
-define Package/libmstch/description
- mstch is a complete implementation of {{mustache}} templates using modern C++
-endef
-
-CMAKE_OPTIONS += \
- -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE
-
-$(eval $(call BuildPackage,libmstch))
-$(eval $(call HostBuild))
include $(TOPDIR)/rules.mk
PKG_NAME:=libplist
-PKG_VERSION:=2.0.0
-PKG_RELEASE:=5
+PKG_SOURCE_VERSION:=2.1.0
+PKG_RELEASE:=2
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_SOURCE_URL:=https://www.libimobiledevice.org/downloads
-PKG_HASH:=3a7e9694c2d9a85174ba1fa92417cfabaea7f6d19631e544948dc7e17e82f602
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://github.com/libimobiledevice/libplist
+PKG_MIRROR_HASH:=452ef5d6e87461a8b7a47a2274878cf200ccf480b4e81924f22ec1c445e353d0
-PKG_MAINTAINER:=Lukasz Baj <l.baj@radytek.com>
-PKG_LICENSE:=LGPL-2.1-or-later
-PKG_LICENSE_FILES:=COPYING.LESSER
+PKG_MAINTAINER:=Rosen Penev <rosenp@gmail.com>
+PKG_CPE_ID:=cpe:/a:libimobiledevice:libplist
+PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
define Package/libplist/Default
TITLE:=Apple property list
URL:=https://www.libimobiledevice.org/
+ SUBMENU:=libimobiledevice
endef
define Package/libplist/Default/description
CATEGORY:=Libraries
DEPENDS:=+libxml2
TITLE+= library
+ PKG_LICENSE:=LGPL-2.1-or-later
+ PKG_LICENSE_FILES:=COPYING.LESSER
endef
define Package/libplist/description
CATEGORY:=Libraries
DEPENDS:=+libplist $(CXX_DEPENDS)
TITLE+= C++ library
+ PKG_LICENSE:=LGPL-2.1-or-later
+ PKG_LICENSE_FILES:=COPYING.LESSER
endef
define Package/libplistcxx/description
This package contains the libplist C++ shared library.
endef
-define Package/libplist-utils
+define Package/plistutil
$(call Package/libplist/Default)
SECTION:=utils
CATEGORY:=Utilities
DEPENDS:=+libplist
TITLE+= converter
+ LICENSE:=GPL-2.0-or-later
+ LICENSE_FILES:=COPYING
endef
-define Package/libplist-utils/description
+define Package/plistutil/description
$(call Package/libplist/Default/description)
This package contains the libplist utilities.
endef
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libplist++.so.* $(1)/usr/lib/
endef
-define Package/libplist-utils/install
+define Package/plistutil/install
$(INSTALL_DIR) $(1)/usr/bin
$(CP) $(PKG_INSTALL_DIR)/usr/bin/plistutil $(1)/usr/bin/
endef
$(eval $(call BuildPackage,libplist))
$(eval $(call BuildPackage,libplistcxx))
-$(eval $(call BuildPackage,libplist-utils))
+$(eval $(call BuildPackage,plistutil))
include $(TOPDIR)/rules.mk
PKG_NAME:=libqmi
-PKG_VERSION:=1.24.0
-PKG_RELEASE:=3
+PKG_VERSION:=1.24.4
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://www.freedesktop.org/software/libqmi
-PKG_HASH:=aeb69f90c273467cce246176cba0967c6413f1995a976992770a597c4fe28c79
+PKG_HASH:=0316badec92ff32f51fe6278e6046968d2272a26608995deedd8e4afb563918a
PKG_MAINTAINER:=Nicholas Smith <nicholas.smith@telcoantennas.com.au>
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
-PKG_FIXUP:=autoreconf
-
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/nls.mk
include $(TOPDIR)/rules.mk
PKG_NAME:=libseccomp
-PKG_VERSION:=2.4.1
-PKG_RELEASE:=1
+PKG_VERSION:=2.4.2
+PKG_RELEASE:=2
PKG_USE_MIPS16:=0
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/seccomp/libseccomp/releases/download/v$(PKG_VERSION)/
-PKG_HASH:=1ca3735249af66a1b2f762fe6e710fcc294ad7185f1cc961e5bd83f9988006e8
+PKG_HASH:=b54f27b53884caacc932e75e6b44304ac83586e2abe7a83eca6daecc5440585b
PKG_MAINTAINER:=Nikos Mavrogiannopoulos <nmav@gnutls.org>
PKG_CPE_ID:=cpe:/a:libseccomp_project:libseccomp
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include $(1)/usr/lib/pkgconfig
$(CP) \
- $(PKG_INSTALL_DIR)/usr/include/seccomp.h \
+ $(PKG_INSTALL_DIR)/usr/include/seccomp*.h \
$(1)/usr/include/
$(CP) \
$(PKG_INSTALL_DIR)/usr/lib/libseccomp.{a,so*} \
PKG_MAINTAINER:=Mislav Novakovic <mislav.novakovic@sartura.hr>
PKG_NAME:=libssh
-PKG_VERSION:=0.7.6
-PKG_RELEASE:=4
+PKG_VERSION:=0.9.3
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=https://www.libssh.org/files/0.7/
-PKG_HASH:=1d607d3859274f755942324afb0f887ee22edd157f9596a2e69e3a28ec6d1092
+PKG_SOURCE_URL:=https://www.libssh.org/files/0.9/
+PKG_HASH:=2c8b5f894dced58b3d629f16f3afa6562c20b4bdc894639163cf657833688f0c
PKG_CPE_ID:=cpe:/a:libssh:libssh
CMAKE_INSTALL:=1
+CMAKE_BINARY_SUBDIR:=build
PKG_BUILD_PARALLEL:=1
PKG_USE_MIPS16:=0
+++ /dev/null
-From f81ca6161223e3566ce78a427571235fb6848fe9 Mon Sep 17 00:00:00 2001
-From: Andreas Schneider <asn@cryptomilk.org>
-Date: Wed, 29 Aug 2018 18:41:15 +0200
-Subject: [PATCH 1/8] misc: Add strndup implementation if not provides by the
- OS
-
-Fixes T112
-
-Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
-(cherry picked from commit 247983e9820fd264cb5a59c14cc12846c028bd08)
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- ConfigureChecks.cmake | 1 +
- config.h.cmake | 3 +++
- include/libssh/priv.h | 4 ++++
- src/misc.c | 21 +++++++++++++++++++++
- 4 files changed, 29 insertions(+)
-
---- a/ConfigureChecks.cmake
-+++ b/ConfigureChecks.cmake
-@@ -115,6 +115,7 @@ endif (NOT WITH_GCRYPT)
-
- check_function_exists(isblank HAVE_ISBLANK)
- check_function_exists(strncpy HAVE_STRNCPY)
-+check_function_exists(strndup HAVE_STRNDUP)
- check_function_exists(strtoull HAVE_STRTOULL)
-
- if (NOT WIN32)
---- a/config.h.cmake
-+++ b/config.h.cmake
-@@ -103,6 +103,9 @@
- /* Define to 1 if you have the `strncpy' function. */
- #cmakedefine HAVE_STRNCPY 1
-
-+/* Define to 1 if you have the `strndup' function. */
-+#cmakedefine HAVE_STRNDUP 1
-+
- /* Define to 1 if you have the `cfmakeraw' function. */
- #cmakedefine HAVE_CFMAKERAW 1
-
---- a/include/libssh/priv.h
-+++ b/include/libssh/priv.h
-@@ -43,6 +43,10 @@
- # endif
- #endif /* !defined(HAVE_STRTOULL) */
-
-+#if !defined(HAVE_STRNDUP)
-+char *strndup(const char *s, size_t n);
-+#endif /* ! HAVE_STRNDUP */
-+
- #ifdef HAVE_BYTESWAP_H
- #include <byteswap.h>
- #endif
---- a/src/misc.c
-+++ b/src/misc.c
-@@ -1028,6 +1028,27 @@ int ssh_match_group(const char *group, c
- return 0;
- }
-
-+#if !defined(HAVE_STRNDUP)
-+char *strndup(const char *s, size_t n)
-+{
-+ char *x = NULL;
-+
-+ if (n + 1 < n) {
-+ return NULL;
-+ }
-+
-+ x = malloc(n + 1);
-+ if (x == NULL) {
-+ return NULL;
-+ }
-+
-+ memcpy(x, s, n);
-+ x[n] = '\0';
-+
-+ return x;
-+}
-+#endif /* ! HAVE_STRNDUP */
-+
- /** @} */
-
- /* vim: set ts=4 sw=4 et cindent: */
+++ /dev/null
-From e4c6d591df6a9c34c1ff3ec9f367c7257122bef3 Mon Sep 17 00:00:00 2001
-From: Andreas Schneider <asn@cryptomilk.org>
-Date: Wed, 17 Oct 2018 07:23:10 +0200
-Subject: [PATCH 2/8] packet: Add missing break in ssh_packet_incoming_filter()
-
-CID 1396239
-
-Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
-(cherry picked from commit fe618a35dc4be3e73ddf29d0c4a96b98d3b9c48f)
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/packet.c | 1 +
- 1 file changed, 1 insertion(+)
-
---- a/src/packet.c
-+++ b/src/packet.c
-@@ -285,6 +285,7 @@ static enum ssh_packet_filter_result_e s
- (session->dh_handshake_state != DH_STATE_FINISHED))
- {
- rc = SSH_PACKET_DENIED;
-+ break;
- }
-
- rc = SSH_PACKET_ALLOWED;
+++ /dev/null
-From 734e3ce6747a5ed120b93a1ff253b3fde5f20024 Mon Sep 17 00:00:00 2001
-From: Meng Tan <mtan@wallix.com>
-Date: Wed, 17 Oct 2018 14:50:08 +0200
-Subject: [PATCH 3/8] server: Set correct state after sending INFO_REQUEST (Kbd
- Interactive)
-
-Signed-off-by: Meng Tan <mtan@wallix.com>
-Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
-(cherry picked from commit 4ea46eecce9f4e676150fe27fec34e1570b70ace)
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/server.c | 1 +
- 1 file changed, 1 insertion(+)
-
---- a/src/server.c
-+++ b/src/server.c
-@@ -976,6 +976,7 @@ int ssh_message_auth_interactive_request
- msg->session->kbdint->prompts = NULL;
- msg->session->kbdint->echo = NULL;
- }
-+ msg->session->auth.state = SSH_AUTH_STATE_INFO;
-
- return rc;
- }
+++ /dev/null
-From 3fe7510b261098e3937ab5417935916a46e6727b Mon Sep 17 00:00:00 2001
-From: Andreas Schneider <asn@cryptomilk.org>
-Date: Fri, 19 Oct 2018 11:40:44 +0200
-Subject: [PATCH 4/8] messages: Check that the requested service is
- 'ssh-connection'
-
-Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
-(cherry picked from commit 9c200d3ef4f62d724d3bae2563b81c38cc31e215)
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/messages.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
---- a/src/messages.c
-+++ b/src/messages.c
-@@ -649,6 +649,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_
- ssh_message msg = NULL;
- char *service = NULL;
- char *method = NULL;
-+ int cmp;
- int rc;
-
- (void)user;
-@@ -675,6 +676,13 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_
- service, method,
- msg->auth_request.username);
-
-+ cmp = strcmp(service, "ssh-connection");
-+ if (cmp != 0) {
-+ SSH_LOG(SSH_LOG_WARNING,
-+ "Invalid service request: %s",
-+ service);
-+ goto end;
-+ }
-
- if (strcmp(method, "none") == 0) {
- msg->auth_request.method = SSH_AUTH_METHOD_NONE;
+++ /dev/null
-From acb0e4f401440ca325e441064d2cb4b896fb9a3d Mon Sep 17 00:00:00 2001
-From: Andreas Schneider <asn@cryptomilk.org>
-Date: Wed, 17 Oct 2018 17:32:54 +0200
-Subject: [PATCH 5/8] examples: Explicitly track auth state in
- samplesshd-kbdint
-
-Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
-(cherry picked from commit 0ff566b6dde5cd27653aa35280feceefad5d5224)
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- examples/samplesshd-kbdint.c | 20 ++++++++++++++++----
- 1 file changed, 16 insertions(+), 4 deletions(-)
-
---- a/examples/samplesshd-kbdint.c
-+++ b/examples/samplesshd-kbdint.c
-@@ -23,6 +23,7 @@ clients must be made or how a client sho
- #include <stdlib.h>
- #include <string.h>
- #include <stdio.h>
-+#include <stdbool.h>
-
- #define SSHD_USER "libssh"
- #define SSHD_PASSWORD "libssh"
-@@ -36,6 +37,7 @@ clients must be made or how a client sho
- #endif
-
- static int port = 22;
-+static bool authenticated = false;
-
- #ifdef WITH_PCAP
- static const char *pcap_file = "debug.server.pcap";
-@@ -61,11 +63,20 @@ static void cleanup_pcap(void) {
- #endif
-
-
--static int auth_password(const char *user, const char *password){
-- if(strcmp(user, SSHD_USER))
-+static int auth_password(const char *user, const char *password)
-+{
-+ int cmp;
-+
-+ cmp = strcmp(user, SSHD_USER);
-+ if (cmp != 0) {
- return 0;
-- if(strcmp(password, SSHD_PASSWORD))
-+ }
-+ cmp = strcmp(password, SSHD_PASSWORD);
-+ if (cmp != 0) {
- return 0;
-+ }
-+
-+ authenticated = true;
- return 1; // authenticated
- }
- #ifdef HAVE_ARGP_H
-@@ -200,6 +211,7 @@ static int kbdint_check_response(ssh_ses
- return 0;
- }
-
-+ authenticated = true;
- return 1;
- }
-
-@@ -328,7 +340,7 @@ int main(int argc, char **argv){
-
- /* proceed to authentication */
- auth = authenticate(session);
-- if(!auth){
-+ if (!auth || !authenticated) {
- printf("Authentication error: %s\n", ssh_get_error(session));
- ssh_disconnect(session);
- return 1;
+++ /dev/null
-From 7ad80ba1cc48f7af1f192692d100a6255d97b843 Mon Sep 17 00:00:00 2001
-From: Andreas Schneider <asn@cryptomilk.org>
-Date: Wed, 24 Oct 2018 19:57:17 +0200
-Subject: [PATCH 6/8] server: Fix compile error
-
-Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/server.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
---- a/src/server.c
-+++ b/src/server.c
-@@ -976,7 +976,7 @@ int ssh_message_auth_interactive_request
- msg->session->kbdint->prompts = NULL;
- msg->session->kbdint->echo = NULL;
- }
-- msg->session->auth.state = SSH_AUTH_STATE_INFO;
-+ msg->session->auth_state = SSH_AUTH_STATE_INFO;
-
- return rc;
- }
+++ /dev/null
-From 103973215443f6e02e010114a3f7ac19eb6f3c8c Mon Sep 17 00:00:00 2001
-From: Meng Tan <mtan@wallix.com>
-Date: Thu, 25 Oct 2018 17:06:06 +0200
-Subject: [PATCH 7/8] gssapi: Set correct state after sending GSSAPI_RESPONSE
- (select mechanism OID)
-
-Signed-off-by: Meng Tan <mtan@wallix.com>
-Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
-(cherry picked from commit bce8d567053232debd6ec490af5a7d27e1160f39)
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/gssapi.c | 1 +
- 1 file changed, 1 insertion(+)
-
---- a/src/gssapi.c
-+++ b/src/gssapi.c
-@@ -120,6 +120,7 @@ static int ssh_gssapi_send_response(ssh_
- ssh_set_error_oom(session);
- return SSH_ERROR;
- }
-+ session->auth_state = SSH_AUTH_STATE_GSSAPI_TOKEN;
-
- packet_send(session);
- SSH_LOG(SSH_LOG_PACKET,
+++ /dev/null
-From 9d5cf209df4c260546e1468cc15fbbbfba3097c6 Mon Sep 17 00:00:00 2001
-From: Andreas Schneider <asn@cryptomilk.org>
-Date: Sat, 27 Oct 2018 22:15:56 +0200
-Subject: [PATCH 8/8] libcrypto: Fix memory leak in evp_final()
-
-Fixes T116
-
-Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
-(cherry picked from commit a2807474621e51b386ea26ce2a01d2b1aa295c7b)
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/libcrypto.c | 1 +
- 1 file changed, 1 insertion(+)
-
---- a/src/libcrypto.c
-+++ b/src/libcrypto.c
-@@ -165,6 +165,7 @@ void evp_update(EVPCTX ctx, const void *
- void evp_final(EVPCTX ctx, unsigned char *md, unsigned int *mdlen)
- {
- EVP_DigestFinal(ctx, md, mdlen);
-+ EVP_MD_CTX_free(ctx);
- }
- #endif
-
+++ /dev/null
-From a8523d83c242c6f71dbf69fab0ca91d768e78f05 Mon Sep 17 00:00:00 2001
-From: Andreas Schneider <asn@cryptomilk.org>
-Date: Sun, 6 Nov 2016 12:07:32 +0100
-Subject: [PATCH] threads: Use new API call for OpenSSL CRYPTO THREADID
-
-BUG: https://red.libssh.org/issues/222
-
-Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
----
- ConfigureChecks.cmake | 4 ++++
- config.h.cmake | 3 +++
- src/threads.c | 19 +++++++++++++++++--
- 3 files changed, 24 insertions(+), 2 deletions(-)
-
-diff --git a/ConfigureChecks.cmake b/ConfigureChecks.cmake
-index 0a53c5b1..43179d8f 100644
---- a/ConfigureChecks.cmake
-+++ b/ConfigureChecks.cmake
-@@ -95,6 +95,10 @@ if (OPENSSL_FOUND)
- set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
- set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_CRYPTO_LIBRARY})
- check_function_exists(CRYPTO_ctr128_encrypt HAVE_OPENSSL_CRYPTO_CTR128_ENCRYPT)
-+
-+ set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
-+ set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_CRYPTO_LIBRARY})
-+ check_function_exists(CRYPTO_THREADID_set_callback HAVE_OPENSSL_CRYPTO_THREADID_SET_CALLBACK)
- endif()
-
- if (CMAKE_HAVE_PTHREAD_H)
-diff --git a/config.h.cmake b/config.h.cmake
-index 3e7f7939..b87fea5c 100644
---- a/config.h.cmake
-+++ b/config.h.cmake
-@@ -79,6 +79,9 @@
- /* Define to 1 if you have the `CRYPTO_ctr128_encrypt' function. */
- #cmakedefine HAVE_OPENSSL_CRYPTO_CTR128_ENCRYPT 1
-
-+/* Define to 1 if you have the `CRYPTO_THREADID_set_callback' function. */
-+#cmakedefine HAVE_OPENSSL_CRYPTO_THREADID_SET_CALLBACK 1
-+
- /* Define to 1 if you have the `snprintf' function. */
- #cmakedefine HAVE_SNPRINTF 1
-
-diff --git a/src/threads.c b/src/threads.c
-index 7f3a304e..062c3b84 100644
---- a/src/threads.c
-+++ b/src/threads.c
-@@ -116,6 +116,15 @@ static void libcrypto_lock_callback(int mode, int i, const char *file, int line)
- }
- }
-
-+#ifdef HAVE_OPENSSL_CRYPTO_THREADID_SET_CALLBACK
-+static void libcrypto_THREADID_callback(CRYPTO_THREADID *id)
-+{
-+ unsigned long thread_id = (*user_callbacks->thread_id)();
-+
-+ CRYPTO_THREADID_set_numeric(id, thread_id);
-+}
-+#endif /* HAVE_OPENSSL_CRYPTO_THREADID_SET_CALLBACK */
-+
- static int libcrypto_thread_init(void){
- int n=CRYPTO_num_locks();
- int i;
-@@ -127,8 +136,14 @@ static int libcrypto_thread_init(void){
- for (i=0;i<n;++i){
- user_callbacks->mutex_init(&libcrypto_mutexes[i]);
- }
-- CRYPTO_set_id_callback(user_callbacks->thread_id);
-- CRYPTO_set_locking_callback(libcrypto_lock_callback);
-+
-+#ifdef HAVE_OPENSSL_CRYPTO_THREADID_SET_CALLBACK
-+ CRYPTO_THREADID_set_callback(libcrypto_THREADID_callback);
-+#else
-+ CRYPTO_set_id_callback(user_callbacks->thread_id);
-+#endif
-+
-+ CRYPTO_set_locking_callback(libcrypto_lock_callback);
-
- return SSH_OK;
- }
---
-2.19.1
-
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -35,10 +35,6 @@ include(DefineInstallationPaths)
- include(DefineOptions.cmake)
- include(CPackConfig.cmake)
-
--# disallow in-source build
--include(MacroEnsureOutOfSourceBuild)
--macro_ensure_out_of_source_build("${PROJECT_NAME} requires an out of source build. Please create a separate build directory and run 'cmake /path/to/${PROJECT_NAME} [options]' there.")
--
- # search for libraries
- if (WITH_ZLIB)
- find_package(ZLIB REQUIRED)
+diff --git a/ConfigureChecks.cmake b/ConfigureChecks.cmake
+index c8bb2aa..344ba59 100644
--- a/ConfigureChecks.cmake
+++ b/ConfigureChecks.cmake
@@ -5,7 +5,6 @@ include(CheckFunctionExists)
include(CheckLibraryExists)
include(CheckTypeSize)
- include(CheckCXXSourceCompiles)
+ include(CheckStructHasMember)
-include(TestBigEndian)
- set(PACKAGE ${APPLICATION_NAME})
- set(VERSION ${APPLICATION_VERSION})
-@@ -276,6 +275,8 @@ if (WITH_GSSAPI AND NOT GSSAPI_FOUND)
+ set(PACKAGE ${PROJECT_NAME})
+ set(VERSION ${PROJECT_VERSION})
+@@ -465,6 +464,8 @@ if (WITH_GSSAPI AND NOT GSSAPI_FOUND)
endif (WITH_GSSAPI AND NOT GSSAPI_FOUND)
# ENDIAN
- test_big_endian(WORDS_BIGENDIAN)
-endif (NOT WIN32)
+if (WITH_BIG_ENDIAN)
-+ set(WORDS_BIGENDIAN 1)
++ set(WORDS_BIGENDIAN 1)
+else (WITH_BIG_ENDIAN)
-+ set(WORDS_BIGENDIAN 0)
++ set(WORDS_BIGENDIAN 0)
+endif (WITH_BIG_ENDIAN)
+++ /dev/null
-From 8d5cf617d53d0545a0d141abf94396c28ca7e736 Mon Sep 17 00:00:00 2001
-From: Andreas Schneider <asn@cryptomilk.org>
-Date: Sun, 29 Oct 2017 16:06:14 +0100
-Subject: [PATCH] pki_crypto: Don't use deprecated function with newer
- OpenSSL
-
-Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
----
- src/pki_crypto.c | 13 +++++++++++++
- 1 file changed, 13 insertions(+)
-
-diff --git a/src/pki_crypto.c b/src/pki_crypto.c
-index 9e27436c..34d6e81c 100644
---- a/src/pki_crypto.c
-+++ b/src/pki_crypto.c
-@@ -451,11 +451,24 @@ int pki_key_generate_rsa(ssh_key key, int parameter){
-
- int pki_key_generate_dss(ssh_key key, int parameter){
- int rc;
-+#if OPENSSL_VERSION_NUMBER > 0x10100000L
-+ rc = DSA_generate_parameters_ex(key->dsa,
-+ parameter,
-+ NULL, /* seed */
-+ 0, /* seed_len */
-+ NULL, /* counter_ret */
-+ NULL, /* h_ret */
-+ NULL); /* cb */
-+ if (rc != 1) {
-+ return SSH_ERROR;
-+ }
-+#else
- key->dsa = DSA_generate_parameters(parameter, NULL, 0, NULL, NULL,
- NULL, NULL);
- if(key->dsa == NULL){
- return SSH_ERROR;
- }
-+#endif
- rc = DSA_generate_key(key->dsa);
- if (rc != 1){
- DSA_free(key->dsa);
---
-2.19.1
-
+++ /dev/null
-From ab67e42d6a0529f5fb81ee86049bf10abe99f839 Mon Sep 17 00:00:00 2001
-From: Jakub Jelen <jjelen@redhat.com>
-Date: Tue, 7 Nov 2017 09:38:40 +0100
-Subject: [PATCH] pki_crypto: Avoid segfault with OpenSSL 1.1.0
-
-Signed-off-by: Jakub Jelen <jjelen@redhat.com>
-Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
----
- src/pki_crypto.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/src/pki_crypto.c b/src/pki_crypto.c
-index 34d6e81c..30f49a81 100644
---- a/src/pki_crypto.c
-+++ b/src/pki_crypto.c
-@@ -452,6 +452,10 @@ int pki_key_generate_rsa(ssh_key key, int parameter){
- int pki_key_generate_dss(ssh_key key, int parameter){
- int rc;
- #if OPENSSL_VERSION_NUMBER > 0x10100000L
-+ key->dsa = DSA_new();
-+ if (!key->dsa) {
-+ return SSH_ERROR;
-+ }
- rc = DSA_generate_parameters_ex(key->dsa,
- parameter,
- NULL, /* seed */
---
-2.19.1
-
+++ /dev/null
-From c39f7578765859d7416e4140c92d034c8cae3341 Mon Sep 17 00:00:00 2001
-From: Jakub Jelen <jjelen@redhat.com>
-Date: Wed, 8 Nov 2017 15:35:08 +0100
-Subject: [PATCH] pki_crypto: Avoid potential memory leak
-
-Signed-off-by: Jakub Jelen <jjelen@redhat.com>
-Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
----
- src/pki_crypto.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/src/pki_crypto.c b/src/pki_crypto.c
-index 30f49a81..d9f7753a 100644
---- a/src/pki_crypto.c
-+++ b/src/pki_crypto.c
-@@ -453,7 +453,7 @@ int pki_key_generate_dss(ssh_key key, int parameter){
- int rc;
- #if OPENSSL_VERSION_NUMBER > 0x10100000L
- key->dsa = DSA_new();
-- if (!key->dsa) {
-+ if (key->dsa == NULL) {
- return SSH_ERROR;
- }
- rc = DSA_generate_parameters_ex(key->dsa,
-@@ -464,6 +464,8 @@ int pki_key_generate_dss(ssh_key key, int parameter){
- NULL, /* h_ret */
- NULL); /* cb */
- if (rc != 1) {
-+ DSA_free(key->dsa);
-+ key->dsa = NULL;
- return SSH_ERROR;
- }
- #else
---
-2.19.1
-
+++ /dev/null
-From 8349ff1ec3d001aa85cc94a9004509cca8ebf036 Mon Sep 17 00:00:00 2001
-From: Rosen Penev <rosenp@gmail.com>
-Date: Wed, 7 Nov 2018 17:17:53 -0800
-Subject: [PATCH] crypto: Fix compilation for OpenSSL without deprecated
- APIs
-
-Added missing bn.h include.
-
-Made engine.h include conditional, otherwise it would fail.
-
-DSA_generate_parameters was deprecated long before 1.1.0.
-
-Signed-off-by: Rosen Penev <rosenp@gmail.com>
----
- src/libcrypto-compat.c | 5 ++++-
- src/libcrypto-compat.h | 1 +
- src/pki_crypto.c | 2 +-
- 3 files changed, 6 insertions(+), 2 deletions(-)
-
-diff --git a/src/libcrypto-compat.c b/src/libcrypto-compat.c
-index 4b1f36a5..b8b4f11a 100644
---- a/src/libcrypto-compat.c
-+++ b/src/libcrypto-compat.c
-@@ -8,9 +8,12 @@
- */
-
- #include <string.h>
--#include <openssl/engine.h>
- #include "libcrypto-compat.h"
-
-+#ifndef OPENSSL_NO_ENGINE
-+#include <openssl/engine.h>
-+#endif
-+
- static void *OPENSSL_zalloc(size_t num)
- {
- void *ret = OPENSSL_malloc(num);
-diff --git a/src/libcrypto-compat.h b/src/libcrypto-compat.h
-index 21542c65..00e4f2a3 100644
---- a/src/libcrypto-compat.h
-+++ b/src/libcrypto-compat.h
-@@ -10,6 +10,7 @@
- #include <openssl/dh.h>
- #include <openssl/evp.h>
- #include <openssl/hmac.h>
-+#include <openssl/bn.h>
-
- int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
- int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
-diff --git a/src/pki_crypto.c b/src/pki_crypto.c
-index d9f7753a..c1aac409 100644
---- a/src/pki_crypto.c
-+++ b/src/pki_crypto.c
-@@ -451,7 +451,7 @@ int pki_key_generate_rsa(ssh_key key, int parameter){
-
- int pki_key_generate_dss(ssh_key key, int parameter){
- int rc;
--#if OPENSSL_VERSION_NUMBER > 0x10100000L
-+#if OPENSSL_VERSION_NUMBER > 0x00908000L
- key->dsa = DSA_new();
- if (key->dsa == NULL) {
- return SSH_ERROR;
---
-2.19.1
-
+++ /dev/null
---- a/cmake/Modules/DefineCompilerFlags.cmake
-+++ b/cmake/Modules/DefineCompilerFlags.cmake
-@@ -1,7 +1,6 @@
- # define system dependent compiler flags
-
- include(CheckCCompilerFlag)
--include(CheckCCompilerFlagSSP)
-
- if (UNIX AND NOT WIN32)
- #
-@@ -21,11 +20,6 @@ if (UNIX AND NOT WIN32)
- set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIC")
- endif (WITH_FPIC)
-
-- check_c_compiler_flag_ssp("-fstack-protector" WITH_STACK_PROTECTOR)
-- if (WITH_STACK_PROTECTOR)
-- set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fstack-protector")
-- endif (WITH_STACK_PROTECTOR)
--
- if (CMAKE_BUILD_TYPE)
- string(TOLOWER "${CMAKE_BUILD_TYPE}" CMAKE_BUILD_TYPE_LOWER)
- if (CMAKE_BUILD_TYPE_LOWER MATCHES (release|relwithdebinfo|minsizerel))
+++ /dev/null
---- a/src/dh.c
-+++ b/src/dh.c
-@@ -131,11 +131,15 @@ int ssh_get_random(void *where, int len, int strong){
-
- return 1;
- #elif defined HAVE_LIBCRYPTO
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- if (strong) {
- return RAND_bytes(where,len);
- } else {
- return RAND_pseudo_bytes(where,len);
- }
-+#else
-+ return RAND_bytes(where,len);
-+#endif
- #endif
-
- /* never reached */
-@@ -198,7 +202,9 @@ int ssh_crypto_init(void) {
- }
- bignum_bin2bn(p_group14_value, P_GROUP14_LEN, p_group14);
-
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- OpenSSL_add_all_algorithms();
-+#endif
-
- #endif
-
-@@ -219,8 +225,10 @@ void ssh_crypto_finalize(void) {
- #ifdef HAVE_LIBGCRYPT
- gcry_control(GCRYCTL_TERM_SECMEM);
- #elif defined HAVE_LIBCRYPTO
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- EVP_cleanup();
- CRYPTO_cleanup_all_ex_data();
-+#endif
- #endif
- ssh_crypto_initialized=0;
- }
+++ /dev/null
---- a/src/threads.c
-+++ b/src/threads.c
-@@ -106,6 +106,8 @@ static int libgcrypt_thread_init(void){
-
- static void **libcrypto_mutexes;
-
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+
- static void libcrypto_lock_callback(int mode, int i, const char *file, int line){
- (void)file;
- (void)line;
-@@ -160,6 +162,16 @@ static void libcrypto_thread_finalize(void){
-
- }
-
-+#else
-+
-+static int libcrypto_thread_init(void){
-+ return SSH_OK;
-+}
-+
-+static void libcrypto_thread_finalize(void){
-+}
-+#endif
-+
- #endif
-
- /** @internal
include $(TOPDIR)/rules.mk
PKG_NAME:=libtasn1
-PKG_VERSION:=4.14
+PKG_VERSION:=4.15.0
PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@GNU/$(PKG_NAME)
-PKG_HASH:=9e604ba5c5c8ea403487695c2e407405820d98540d9de884d6e844f9a9c5ba08
+PKG_HASH:=dd77509fe8f5304deafbca654dc7f0ea57f5841f41ba530cff9a5bf71382739e
PKG_MAINTAINER:=Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
PKG_LICENSE:=LGPL-2.1-or-later
PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/host-build.mk
define Package/libtasn1
SECTION:=libs
--disable-valgrind-tests
define Build/InstallDev
- $(INSTALL_DIR) $(1)/usr/bin
+ # $(INSTALL_DIR) $(1)/usr/bin
+ # $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/* $(1)/usr/bin/
$(INSTALL_DIR) $(1)/usr/include
$(CP) $(PKG_INSTALL_DIR)/usr/include/libtasn1.h $(1)/usr/include/
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libtasn1.so.* $(1)/usr/lib/
endef
+$(eval $(call HostBuild))
$(eval $(call BuildPackage,libtasn1))
-#
-# Copyright (C) 2006-2018 OpenWrt.org
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
include $(TOPDIR)/rules.mk
PKG_NAME:=libtirpc
-PKG_VERSION:=1.1.4
+PKG_VERSION:=1.2.5
PKG_RELEASE:=2
PKG_SOURCE_URL:=@SF/libtirpc
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_HASH:=2ca529f02292e10c158562295a1ffd95d2ce8af97820e3534fe1b0e3aec7561d
+PKG_HASH:=f3b6350c7e9c3cd9c58fc7a5e5f8e6be469cc571bb5eb31eb9790b3e675186ca
PKG_MAINTAINER:=Andy Walsh <andy.walsh44+github@gmail.com>
PKG_LICENSE:=BSD-3-Clause
+PKG_LICENSE_FILES:=COPYING
-PKG_FIXUP:=autoreconf
-PKG_REMOVE_FILES:=autogen.sh aclocal.m4
PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/host-build.mk
+++ /dev/null
-Consider musl provided built-in defines
-
-Helps compile libtirpc with musl
-
-Upstream-Status: Pending
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-
---- ./tirpc/rpc/types.h.orig 2018-03-17 10:23:10.022055255 +0100
-+++ ./tirpc/rpc/types.h 2018-03-17 10:23:30.877751656 +0100
-@@ -66,7 +66,7 @@
- #define mem_free(ptr, bsize) free(ptr)
-
-
--#if defined __APPLE_CC__ || defined __FreeBSD__
-+#if defined __APPLE_CC__ || defined __FreeBSD__ || !defined(__GLIBC__)
- # define __u_char_defined
- # define __daddr_t_defined
- #endif
+++ /dev/null
---- a/src/auth_des.c
-+++ b/src/auth_des.c
-@@ -396,7 +396,7 @@ authdes_validate(AUTH *auth, struct opaque_auth *rverf)
- /*
- * validate
- */
-- if (bcmp((char *)&ad->ad_timestamp, (char *)&verf.adv_timestamp,
-+ if (memcmp((char *)&ad->ad_timestamp, (char *)&verf.adv_timestamp,
- sizeof(struct timeval)) != 0) {
- LIBTIRPC_DEBUG(1, ("authdes_validate: verifier mismatch"));
- return (FALSE);
---- a/src/auth_time.c
-+++ b/src/auth_time.c
-@@ -104,7 +104,7 @@ static int uaddr_to_sockaddr(uaddr, sin)
- p_bytes[1] = (unsigned char)a[5] & 0x000000FF;
-
- sin->sin_family = AF_INET; /* always */
-- bcopy((char *)&p_bytes, (char *)&sin->sin_port, 2);
-+ memcpy((char *)&sin->sin_port, (char *)&p_bytes, 2);
-
- return (0);
- }
---- a/src/crypt_client.c
-+++ b/src/crypt_client.c
-@@ -75,8 +75,8 @@ _des_crypt_call(buf, len, dparms)
- des_crypt_1_arg.desbuf.desbuf_val = buf;
- des_crypt_1_arg.des_dir = dparms->des_dir;
- des_crypt_1_arg.des_mode = dparms->des_mode;
-- bcopy(dparms->des_ivec, des_crypt_1_arg.des_ivec, 8);
-- bcopy(dparms->des_key, des_crypt_1_arg.des_key, 8);
-+ memcpy(des_crypt_1_arg.des_ivec, dparms->des_ivec, 8);
-+ memcpy(des_crypt_1_arg.des_key, dparms->des_key, 8);
-
- result_1 = des_crypt_1(&des_crypt_1_arg, clnt);
- if (result_1 == (desresp *) NULL) {
-@@ -88,8 +88,8 @@ _des_crypt_call(buf, len, dparms)
-
- if (result_1->stat == DESERR_NONE ||
- result_1->stat == DESERR_NOHWDEVICE) {
-- bcopy(result_1->desbuf.desbuf_val, buf, len);
-- bcopy(result_1->des_ivec, dparms->des_ivec, 8);
-+ memcpy(buf, result_1->desbuf.desbuf_val, len);
-+ memcpy(dparms->des_ivec, result_1->des_ivec, 8);
- }
-
- clnt_freeres(clnt, (xdrproc_t)xdr_desresp, result_1);
---- a/src/svc_auth_des.c
-+++ b/src/svc_auth_des.c
-@@ -145,7 +145,7 @@ _svcauth_des(rqst, msg)
- return (AUTH_BADCRED);
- }
- cred->adc_fullname.name = area->area_netname;
-- bcopy((char *)ixdr, cred->adc_fullname.name,
-+ memcpy(cred->adc_fullname.name, (char *)ixdr,
- (u_int)namelen);
- cred->adc_fullname.name[namelen] = 0;
- ixdr += (RNDUP(namelen) / BYTES_PER_XDR_UNIT);
-@@ -419,7 +419,7 @@ cache_spot(key, name, timestamp)
- if (cp->key.key.high == hi &&
- cp->key.key.low == key->key.low &&
- cp->rname != NULL &&
-- bcmp(cp->rname, name, strlen(name) + 1) == 0) {
-+ memcmp(cp->rname, name, strlen(name) + 1) == 0) {
- if (BEFORE(timestamp, &cp->laststamp)) {
- svcauthdes_stats.ncachereplays++;
- return (-1); /* replay */
--- /dev/null
+From d04f4d6f0e682f16b0ce96839ab4eadade591eb1 Mon Sep 17 00:00:00 2001
+From: Rosen Penev <rosenp@gmail.com>
+Date: Tue, 21 Jan 2020 11:51:16 -0500
+Subject: [PATCH] xdr_float: do not include bits/endian.h
+
+bits/endian.h is an internal header. endian.h should be included.
+
+Fixes compilation with recent musl.
+
+Signed-off-by: Rosen Penev <rosenp@gmail.com>
+Signed-off-by: Steve Dickson <steved@redhat.com>
+---
+ src/xdr_float.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/xdr_float.c b/src/xdr_float.c
+index 26bc865..349d48f 100644
+--- a/src/xdr_float.c
++++ b/src/xdr_float.c
+@@ -83,7 +83,7 @@ static struct sgl_limits {
+ };
+ #else
+
+-#include <bits/endian.h>
++#include <endian.h>
+ #define IEEEFP
+
+ #endif /* vax */
+--
+2.20.1
+
include $(TOPDIR)/rules.mk
PKG_NAME:=libugpio
-PKG_VERSION:=0.0.6
-PKG_RELEASE:=2
+PKG_VERSION:=0.0.7
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://github.com/mhei/libugpio/releases/download/v$(PKG_VERSION)
-PKG_HASH:=07d96b46560f42843e46869f45f53d48afee71f9bbcf06f43267fafad0d50b05
+PKG_HASH:=4e0ae6f9cd3d670eb5ba9595a24696a034fda3c7c1900aa9d2cae5a4cd9dab64
PKG_LICENSE:=LGPL-2.1-or-later
PKG_LICENSE_FILES:=COPYING.LESSER
define Package/libugpio/install
$(INSTALL_DIR) $(1)/usr/lib
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/libugpio.so* $(1)/usr/lib/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libugpio.so.* $(1)/usr/lib/
endef
define Package/gpioctl-sysfs/install
CATEGORY:=Libraries
TITLE:=User-space Read-Copy-Update library
URL:=https://lttng.org/
- DEPENDS:=+libpthread @!TARGET_arc770 @!TARGET_archs38
+ DEPENDS:=+libpthread @!arc
endef
define Package/liburcu/description
Userspace Read-Copy-Update library.
endef
+ifeq ($(CONFIG_arc),)
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include
$(CP) $(PKG_INSTALL_DIR)/usr/include/urcu* $(1)/usr/include/
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/liburcu*.{a,so*} $(1)/usr/lib/
endef
+endif
define Package/liburcu/install
$(INSTALL_DIR) $(1)/usr/lib
include $(TOPDIR)/rules.mk
PKG_NAME:=libusbmuxd
-PKG_SOURCE_DATE:=2019-03-23
-PKG_SOURCE_VERSION:=873252dc8b4e469c7dc692064ac616104fca5f65
+PKG_SOURCE_VERSION:=2.0.1
PKG_RELEASE:=2
-PKG_MAINTAINER:=Lukasz Baj <l.baj@radytek.com>
-PKG_LICENSE:=LGPL-2.1-or-later
-PKG_LICENSE_FILES:=COPYING.LGPLv2.1
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://github.com/libimobiledevice/libusbmuxd
+PKG_MIRROR_HASH:=5078125cd4fe8c7294d4f195a8adfd1fc302101daf5d53e4cc242c3097eef8b6
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_DATE).tar.gz
-PKG_SOURCE_URL:=https://codeload.github.com/libimobiledevice/libusbmuxd/tar.gz/$(PKG_SOURCE_VERSION)?
-PKG_HASH:=47e39ce87b05ca873c16efaa517247aa9db137625dd910d566fb3cd99b4a1d18
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_SOURCE_VERSION)
+PKG_MAINTAINER:=Rosen Penev <rosenp@gmail.com>
+PKG_CPE_ID:=cpe:/a:libimobiledevice:libusbmuxd
PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
define Package/libusbmuxd/Default
TITLE:=USB multiplexing daemon
URL:=https://www.libimobiledevice.org/
+ SUBMENU:=libimobiledevice
endef
define Package/libusbmuxd/Default/description
CATEGORY:=Libraries
TITLE+= library
DEPENDS:=+libplist +libpthread +libxml2 +zlib
+ PKG_LICENSE:=LGPL-2.1-or-later
+ PKG_LICENSE_FILES:=COPYING
endef
define Package/libusbmuxd/description
CATEGORY:=Utilities
TITLE+= utilies
DEPENDS:=+libusbmuxd
+ LICENSE:=GPL-2.0-or-later
endef
define Package/libusbmuxd-utils/description
This package contains the libusbmuxd utilities.
endef
-CONFIGURE_ARGS += --with-pic
+TARGET_CFLAGS += $(FPIC)
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include
define Package/libusbmuxd-utils/install
$(INSTALL_DIR) $(1)/usr/bin
- $(CP) $(PKG_INSTALL_DIR)/usr/bin/iproxy $(1)/usr/bin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/iproxy $(1)/usr/bin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/inetcat $(1)/usr/bin/
endef
$(eval $(call BuildPackage,libusbmuxd))
--- /dev/null
+--- a/tools/inetcat.c
++++ b/tools/inetcat.c
+@@ -33,6 +33,7 @@
+ #include <windows.h>
+ #include <winsock2.h>
+ #else
++#include <sys/select.h>
+ #include <sys/socket.h>
+ #include <sys/un.h>
+ #include <sys/ioctl.h>
include $(TOPDIR)/rules.mk
PKG_NAME:=libuwifi
-PKG_VERSION:=2019-05-27
-PKG_RELEASE:=2
+PKG_VERSION:=2019-12-05
+PKG_RELEASE:=3
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/br101/libuwifi.git
-PKG_SOURCE_VERSION:=bb92bc9b041a077488f2fa5a1716902c7bb23e5b
-PKG_MIRROR_HASH:=c6dc795ef6c2cc87d411d3f907974f634a132c3e732db2597f96ff25a05faa05
+PKG_SOURCE_VERSION:=089bfebd3a8da6e39fd93e33c44368b044c23dde
+PKG_MIRROR_HASH:=a99801ad1dfcf459b00adc582d5e6a31dae9ed10529d114e1e26f5760c6a74f8
PKG_MAINTAINER:=Bruno Randolf <br1@einfach.org>, Nick Hainke <vincent@systemli.org>
PKG_LICENSE:=LGPL-3.0-only
$(CP) $(PKG_BUILD_DIR)/include/uwifi/*.h $(1)/usr/include/uwifi
$(CP) $(PKG_BUILD_DIR)/linux/*.h $(1)/usr/include/uwifi
- $(CP) $(PKG_BUILD_DIR)/ccan $(1)/usr/include/
- $(CP) $(PKG_BUILD_DIR)/config.h $(1)/usr/include/ccan/
-
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_BUILD_DIR)/build/libuwifi.{a,so*} $(1)/usr/lib/
endef
+++ /dev/null
-Index: libuwifi-2019-05-27/ccan/build_assert/_info
-===================================================================
---- libuwifi-2019-05-27.orig/ccan/build_assert/_info
-+++ libuwifi-2019-05-27/ccan/build_assert/_info
-@@ -1,4 +1,4 @@
--#include "config.h"
-+#include "../config.h"
- #include <stdio.h>
- #include <string.h>
-
-Index: libuwifi-2019-05-27/ccan/check_type/_info
-===================================================================
---- libuwifi-2019-05-27.orig/ccan/check_type/_info
-+++ libuwifi-2019-05-27/ccan/check_type/_info
-@@ -1,4 +1,4 @@
--#include "config.h"
-+#include "../config.h"
- #include <stdio.h>
- #include <string.h>
-
-Index: libuwifi-2019-05-27/ccan/check_type/check_type.h
-===================================================================
---- libuwifi-2019-05-27.orig/ccan/check_type/check_type.h
-+++ libuwifi-2019-05-27/ccan/check_type/check_type.h
-@@ -1,7 +1,7 @@
- /* CC0 (Public domain) - see LICENSE file for details */
- #ifndef CCAN_CHECK_TYPE_H
- #define CCAN_CHECK_TYPE_H
--#include "config.h"
-+#include "../config.h"
-
- /**
- * check_type - issue a warning or build failure if type is not correct.
-Index: libuwifi-2019-05-27/ccan/container_of/_info
-===================================================================
---- libuwifi-2019-05-27.orig/ccan/container_of/_info
-+++ libuwifi-2019-05-27/ccan/container_of/_info
-@@ -1,4 +1,4 @@
--#include "config.h"
-+#include "../config.h"
- #include <stdio.h>
- #include <string.h>
-
-Index: libuwifi-2019-05-27/ccan/container_of/container_of.h
-===================================================================
---- libuwifi-2019-05-27.orig/ccan/container_of/container_of.h
-+++ libuwifi-2019-05-27/ccan/container_of/container_of.h
-@@ -3,7 +3,7 @@
- #define CCAN_CONTAINER_OF_H
- #include <stddef.h>
-
--#include "config.h"
-+#include "../config.h"
- #include <ccan/check_type/check_type.h>
-
- /**
-Index: libuwifi-2019-05-27/ccan/list/_info
-===================================================================
---- libuwifi-2019-05-27.orig/ccan/list/_info
-+++ libuwifi-2019-05-27/ccan/list/_info
-@@ -1,4 +1,4 @@
--#include "config.h"
-+#include "../config.h"
- #include <stdio.h>
- #include <string.h>
-
-Index: libuwifi-2019-05-27/ccan/str/_info
-===================================================================
---- libuwifi-2019-05-27.orig/ccan/str/_info
-+++ libuwifi-2019-05-27/ccan/str/_info
-@@ -1,4 +1,4 @@
--#include "config.h"
-+#include "../config.h"
- #include <stdio.h>
- #include <string.h>
-
-Index: libuwifi-2019-05-27/ccan/str/debug.c
-===================================================================
---- libuwifi-2019-05-27.orig/ccan/str/debug.c
-+++ libuwifi-2019-05-27/ccan/str/debug.c
-@@ -1,5 +1,5 @@
- /* CC0 (Public domain) - see LICENSE file for details */
--#include "config.h"
-+#include "../config.h"
- #include <ccan/str/str_debug.h>
- #include <assert.h>
- #include <ctype.h>
-Index: libuwifi-2019-05-27/ccan/str/str.h
-===================================================================
---- libuwifi-2019-05-27.orig/ccan/str/str.h
-+++ libuwifi-2019-05-27/ccan/str/str.h
-@@ -1,7 +1,7 @@
- /* CC0 (Public domain) - see LICENSE file for details */
- #ifndef CCAN_STR_H
- #define CCAN_STR_H
--#include "config.h"
-+#include "../config.h"
- #include <string.h>
- #include <stdbool.h>
- #include <limits.h>
PKG_NAME:=libwebp
PKG_VERSION:=1.0.3
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://storage.googleapis.com/downloads.webmproject.org/releases/webp
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
-PKG_USE_MIPS16:=0
include $(INCLUDE_DIR)/package.mk
--- /dev/null
+--- a/src/dsp/dsp.h
++++ b/src/dsp/dsp.h
+@@ -95,7 +95,7 @@ extern "C" {
+ #define WEBP_USE_INTRINSICS
+ #endif
+
+-#if defined(__mips__) && !defined(__mips64) && \
++#if defined(__mips__) && !defined(__mips16) && !defined(__mips64) && \
+ defined(__mips_isa_rev) && (__mips_isa_rev >= 1) && (__mips_isa_rev < 6)
+ #define WEBP_USE_MIPS32
+ #if (__mips_isa_rev >= 2)
include $(TOPDIR)/rules.mk
PKG_NAME:=libwebsockets
-PKG_VERSION:=3.1.0
+PKG_VERSION:=3.2.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE_URL:=https://codeload.github.com/warmcat/libwebsockets/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=db948be74c78fc13f1f1a55e76707d7baae3a1c8f62b625f639e8f2736298324
+PKG_HASH:=5b1521002771420bc91e1c91f36bc51f54bf4035c4bebde296dec235a45c33df
PKG_SOURCE_VERSION:=v$(PKG_VERSION)
CMAKE_OPTIONS += -DLWS_WITH_SERVER_STATUS=ON
CMAKE_OPTIONS += -DLWS_WITH_ACCESS_LOG=ON
CMAKE_OPTIONS += -DLWS_WITH_CGI=ON
+ CMAKE_OPTIONS += -DLWS_UNIX_SOCK=ON
endif
define Package/libwebsockets/install
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
-@@ -1233,9 +1233,9 @@ if (CMAKE_COMPILER_IS_GNUCC OR CMAKE_COM
- endif()
+@@ -1482,9 +1482,9 @@ if (CMAKE_COMPILER_IS_GNUCC OR CMAKE_COM
+ endif()
if (UNIX AND NOT LWS_WITH_ESP32)
-- set(CMAKE_C_FLAGS "-Wall -Wsign-compare -Wignored-qualifiers -Wtype-limits -Wuninitialized -Werror ${VISIBILITY_FLAG} -Wundef ${GCOV_FLAGS} ${CMAKE_C_FLAGS} ${ASAN_FLAGS}" )
-+ set(CMAKE_C_FLAGS "-Wall -Wsign-compare -Wignored-qualifiers -Wtype-limits -Wuninitialized ${VISIBILITY_FLAG} -Wundef ${GCOV_FLAGS} ${CMAKE_C_FLAGS} ${ASAN_FLAGS}" )
+- set(CMAKE_C_FLAGS "-Wall -Wsign-compare -Wuninitialized -Werror ${VISIBILITY_FLAG} -Wundef ${GCOV_FLAGS} ${CMAKE_C_FLAGS} ${ASAN_FLAGS}" )
++ set(CMAKE_C_FLAGS "-Wall -Wsign-compare -Wuninitialized ${VISIBILITY_FLAG} -Wundef ${GCOV_FLAGS} ${CMAKE_C_FLAGS} ${ASAN_FLAGS}" )
else()
-- set(CMAKE_C_FLAGS "-Wall -Wsign-compare -Wignored-qualifiers -Wtype-limits -Wuninitialized -Werror ${VISIBILITY_FLAG} ${GCOV_FLAGS} ${CMAKE_C_FLAGS}" )
-+ set(CMAKE_C_FLAGS "-Wall -Wsign-compare -Wignored-qualifiers -Wtype-limits -Wuninitialized ${VISIBILITY_FLAG} ${GCOV_FLAGS} ${CMAKE_C_FLAGS}" )
+- set(CMAKE_C_FLAGS "-Wall -Wsign-compare -Wuninitialized -Werror ${VISIBILITY_FLAG} ${GCOV_FLAGS} ${CMAKE_C_FLAGS}" )
++ set(CMAKE_C_FLAGS "-Wall -Wsign-compare -Wuninitialized ${VISIBILITY_FLAG} ${GCOV_FLAGS} ${CMAKE_C_FLAGS}" )
endif()
endif ()
--- /dev/null
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=libwslay
+PKG_VERSION:=1.1.0
+PKG_RELEASE=1
+
+PKG_SOURCE:=release-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://codeload.github.com/tatsuhiro-t/wslay/tar.gz/release-$(PKG_VERSION)?
+PKG_HASH:=df5dca9f03614073cd8bdd22aa3c9b116f841ed3120b2d4463d2382cc44fc594
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/wslay-release-$(PKG_VERSION)
+
+PKG_MAINTAINER:=James Taylor <james@jtaylor.id.au>
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=COPYING
+
+PKG_BUILD_PARALLEL:=1
+PKG_INSTALL:=1
+
+PKG_FIXUP:=autoreconf
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/libwslay
+ SECTION:=libs
+ CATEGORY:=Libraries
+ TITLE:=Wslay is a WebSocket library written in C
+ URL:=https://tatsuhiro-t.github.io/wslay/
+endef
+
+define Package/libwslay/description
+ Wslay is a WebSocket library written in C. It implements the protocol version 13 described
+ in RFC 6455. This library offers 2 levels of API: event-based API and frame-based low-level
+ API. For event-based API, it is suitable for non-blocking reactor pattern style. You can set
+ callbacks in various events. For frame-based API, you can send WebSocket frame directly.
+ Wslay only supports data transfer part of WebSocket protocol and does not perform opening
+ handshake in HTTP.
+endef
+
+define Build/InstallDev
+ $(INSTALL_DIR) $(1)/usr/include/wslay
+ $(CP) $(PKG_INSTALL_DIR)/usr/include/wslay/*.h $(1)/usr/include/wslay/
+
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libwslay.{a,so*} $(1)/usr/lib/
+
+ $(INSTALL_DIR) $(1)/usr/lib/pkgconfig
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libwslay.pc $(1)/usr/lib/pkgconfig/
+endef
+
+define Package/libwslay/install
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libwslay.so* $(1)/usr/lib/
+endef
+
+$(eval $(call BuildPackage,libwslay))
--- /dev/null
+diff --git a/Makefile.am b/Makefile.am
+index ae8b02f..2e86973 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -20,6 +20,6 @@
+ # LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+ # OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+ # WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+-SUBDIRS = lib tests examples doc
++SUBDIRS = lib tests
+
+ ACLOCAL_AMFLAGS = -I m4
+diff --git a/configure.ac b/configure.ac
+index 5e83cbf..88f4f03 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -123,9 +123,6 @@ AC_CONFIG_FILES([
+ lib/includes/Makefile
+ lib/includes/wslay/wslayver.h
+ tests/Makefile
+- examples/Makefile
+- doc/Makefile
+- doc/sphinx/conf.py
+ ])
+ AC_OUTPUT
+
include $(TOPDIR)/rules.mk
PKG_NAME:=libxml2
-PKG_VERSION:=2.9.9
-PKG_RELEASE:=4
+PKG_VERSION:=2.9.10
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://xmlsoft.org/sources/
-PKG_HASH:=94fb70890143e3c6549f265cee93ec064c80a84c42ad0f23e85ee1fd6540a871
+PKG_HASH:=aafee193ffb8fe0c82d4afef6ef91972cbaf5feea100edc2f262750611b4be1f
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=COPYING
--- /dev/null
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=libzip
+PKG_VERSION:=1.5.2
+PKG_RELEASE:=2
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
+PKG_SOURCE_URL:=https://libzip.org/download/
+PKG_HASH:=b3de4d4bd49a01e0cab3507fc163f88e1651695b6b9cb25ad174dbe319d4a3b4
+
+PKG_MAINTAINER:=Michael Heimpold <mhei@heimpold.de>
+
+PKG_LICENSE:=BSD-3-Clause
+PKG_LICENSE_FILES:=LICENSE
+
+PKG_BUILD_PARALLEL:=1
+CMAKE_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
+
+define Package/libzip/Default
+ TITLE:=libzip ($(2))
+ URL:=https://libzip.org/
+ SECTION:=libs
+ CATEGORY:=Libraries
+ SUBMENU:=Compression
+ DEPENDS:=+zlib $(3)
+ VARIANT:=$(1)
+ PROVIDES:=libzip
+endef
+
+define Package/libzip-$(BUILD_VARIANT)/description
+ A C library for reading, creating, and modifying zip archives.
+endef
+
+Package/libzip-nossl=$(call Package/libzip/Default,nossl,w/o encryption support)
+Package/libzip-openssl=$(call Package/libzip/Default,openssl,OpenSSL,+PACKAGE_libzip-openssl:libopenssl)
+Package/libzip-gnutls=$(call Package/libzip/Default,gnutls,GnuTLS,+PACKAGE_libzip-gnutls:libgnutls)
+Package/libzip-mbedtls=$(call Package/libzip/Default,mbedtls,mbedTLS,+PACKAGE_libzip-mbedtls:libmbedtls)
+
+define Package/zipcmp
+ TITLE:=zipcmp
+ URL:=https://libzip.org/
+ SECTION:=utils
+ CATEGORY:=Utilities
+ SUBMENU:=Compression
+ DEPENDS:=+libzip +USE_MUSL:musl-fts
+endef
+
+define Package/zipcmp/description
+ This package contains the command line tool zipcmp from libzip.
+endef
+
+define Package/zipmerge
+ TITLE:=zipmerge
+ URL:=https://libzip.org/
+ SECTION:=utils
+ CATEGORY:=Utilities
+ SUBMENU:=Compression
+ DEPENDS:=+libzip
+endef
+
+define Package/zipmerge/description
+ This package contains the command line tool zipmerge from libzip.
+endef
+
+define Package/ziptool
+ TITLE:=ziptool
+ URL:=https://libzip.org/
+ SECTION:=utils
+ CATEGORY:=Utilities
+ SUBMENU:=Compression
+ DEPENDS:=+libzip
+endef
+
+define Package/ziptool/description
+ This package contains the command line tool ziptool from libzip.
+endef
+
+CMAKE_OPTIONS += -DENABLE_COMMONCRYPTO=OFF
+ifeq ($(BUILD_VARIANT),gnutls)
+ CMAKE_OPTIONS += -DENABLE_GNUTLS=ON
+else
+ CMAKE_OPTIONS += -DENABLE_GNUTLS=OFF
+endif
+ifeq ($(BUILD_VARIANT),openssl)
+ CMAKE_OPTIONS += -DENABLE_OPENSSL=ON
+else
+ CMAKE_OPTIONS += -DENABLE_OPENSSL=OFF
+endif
+ifeq ($(BUILD_VARIANT),mbedtls)
+ CMAKE_OPTIONS += -DENABLE_MBEDTLS=ON
+else
+ CMAKE_OPTIONS += -DENABLE_MBEDTLS=OFF
+endif
+
+CMAKE_OPTIONS += -DENABLE_BZIP2=OFF
+CMAKE_OPTIONS += -DBUILD_REGRESS=OFF
+CMAKE_OPTIONS += -DBUILD_EXAMPLES=OFF
+CMAKE_OPTIONS += -DBUILD_DOC=OFF
+CMAKE_OPTIONS += -DBUILD_TOOLS=ON
+
+define Package/libzip-$(BUILD_VARIANT)/install
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libzip.so.* $(1)/usr/lib/
+endef
+
+define Package/zipcmp/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/zipcmp $(1)/usr/bin/
+endef
+
+define Package/zipmerge/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/zipmerge $(1)/usr/bin/
+endef
+
+define Package/ziptool/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/ziptool $(1)/usr/bin/
+endef
+
+$(eval $(call BuildPackage,libzip-gnutls))
+$(eval $(call BuildPackage,libzip-mbedtls))
+$(eval $(call BuildPackage,libzip-openssl))
+$(eval $(call BuildPackage,libzip-nossl))
+$(eval $(call BuildPackage,zipcmp))
+$(eval $(call BuildPackage,zipmerge))
+$(eval $(call BuildPackage,ziptool))
--- /dev/null
+--- a/src/CMakeLists.txt
++++ b/src/CMakeLists.txt
+@@ -6,7 +6,7 @@ IF(NOT HAVE_GETOPT)
+ ENDIF(NOT HAVE_GETOPT)
+
+ ADD_EXECUTABLE(zipcmp zipcmp.c ${SRC_EXTRA_FILES})
+-TARGET_LINK_LIBRARIES(zipcmp zip)
++TARGET_LINK_LIBRARIES(zipcmp zip ${FTS_LIB})
+ INSTALL(TARGETS zipcmp RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
+
+ ADD_EXECUTABLE(zipmerge zipmerge.c ${SRC_EXTRA_FILES})
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -22,6 +22,7 @@ OPTION(BUILD_DOC "Build documentation" O
+
+ INCLUDE(CheckFunctionExists)
+ INCLUDE(CheckIncludeFiles)
++INCLUDE(CheckLibraryExists)
+ INCLUDE(CheckSymbolExists)
+ INCLUDE(CheckTypeSize)
+ INCLUDE(CheckCSourceRuns)
+@@ -158,6 +159,20 @@ CHECK_FUNCTION_EXISTS(strtoll HAVE_STRTO
+ CHECK_FUNCTION_EXISTS(strtoull HAVE_STRTOULL)
+
+ CHECK_INCLUDE_FILES("sys/types.h;sys/stat.h;fts.h" HAVE_FTS_H)
++# fts functions may be in external library
++IF(HAVE_FTS_H)
++ CHECK_FUNCTION_EXISTS(fts_open HAVE_FTS_OPEN)
++ IF(NOT HAVE_FTS_OPEN)
++ CHECK_LIBRARY_EXISTS(fts fts_open "" HAVE_LIB_FTS)
++ ENDIF(NOT HAVE_FTS_OPEN)
++ENDIF(HAVE_FTS_H)
++
++IF(HAVE_LIB_FTS)
++ SET(FTS_LIB fts)
++ELSE()
++ SET(FTS_LIB "")
++ENDIF()
++
+ CHECK_INCLUDE_FILES(stdbool.h HAVE_STDBOOL_H)
+ CHECK_INCLUDE_FILES(strings.h HAVE_STRINGS_H)
+ CHECK_INCLUDE_FILES(unistd.h HAVE_UNISTD_H)
PKG_NAME:=lmdb
PKG_VERSION:=0.9.24
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=LMDB_$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/LMDB/lmdb/tar.gz/LMDB_$(PKG_VERSION)?
CC="$(TARGET_CC)" \
CFLAGS+="$(TARGET_CFLAGS)" \
LDFLAGS+="$(TARGET_LDFLAGS)" \
- FPIC="$(FPIC)"
+ FPIC="$(FPIC)" \
+ AR="$(TARGET_AR)"
endef
define Build/InstallDev
#
-# Copyright (C) 2019 CZ.NIC z.s.p.o. (http://www.nic.cz/)
+# Copyright (C) 2019-2020 CZ.NIC z.s.p.o. (http://www.nic.cz/)
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(TOPDIR)/rules.mk
PKG_NAME:=measurement-kit
-PKG_VERSION:=0.10.6
+PKG_VERSION:=0.10.9
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/measurement-kit/measurement-kit/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=5ec94e522c3bc43cbf749659c18d4b13bcfbb2874db4d6b4e21b160d76dd5bd0
+PKG_HASH:=8ac160fe1f318983b6784d78f612b657ddeed73ddc6371aaa299326196a381e5
PKG_MAINTAINER:=Jan Pavlinec <jan.pavlinec@nic.cz>
PKG_LICENSE:=BSD-2-Clause
$(call Build/Configure/Default)
endef
+define Build/InstallDev
+ $(INSTALL_DIR) $(1)/usr/include
+ $(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/* $(1)/usr/lib/
+endef
+
define Package/measurement-kit/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/measurement_kit $(1)/usr/bin/
+ $(INSTALL_DIR) $(1)/etc/measurement_kit
+ $(CP) $(PKG_BUILD_DIR)/*.mmdb $(1)/etc/measurement_kit
endef
$(eval $(call BuildPackage,measurement-kit))
+++ /dev/null
---- a/autogen.sh
-+++ b/autogen.sh
-@@ -3,7 +3,7 @@
- set -e
- export LC_ALL=C # Stable sorting regardless of the locale
-
--. script/autogen.d/ca-bundle
-+#. script/autogen.d/ca-bundle
- . script/autogen.d/geoip
-
- no_geoip=0
-@@ -82,7 +82,7 @@ gen_executables noinst_PROGRAMS example
- gen_executables ALL_TESTS test libtest_main.la >> include.am
-
- if [ $no_geoip -ne 1 ]; then
-- autogen_get_ca_bundle
-+ #autogen_get_ca_bundle
- autogen_get_geoip
- fi
-
+++ /dev/null
---- a/script/autogen.d/geoip
-+++ b/script/autogen.d/geoip
-@@ -5,13 +5,13 @@ autogen_get_geoip() {
- echo "* Fetching geoip databases"
- base=https://geolite.maxmind.com/download/geoip/database
- if [ ! -f "country.mmdb" ]; then
-- curl -fsSLO $base/GeoLite2-Country.tar.gz
-+ command -v curl && curl -fsSLO $base/GeoLite2-Country.tar.gz || wget $base/GeoLite2-Country.tar.gz
- tar -xf GeoLite2-Country.tar.gz
- mv GeoLite2-Country_20??????/GeoLite2-Country.mmdb country.mmdb
- rm -rf GeoLite2-Country_20??????
- fi
- if [ ! -f "asn.mmdb" ]; then
-- curl -fsSLO $base/GeoLite2-ASN.tar.gz
-+ command -v curl && curl -fsSLO $base/GeoLite2-ASN.tar.gz || wget $base/GeoLite2-ASN.tar.gz
- tar -xf GeoLite2-ASN.tar.gz
- mv GeoLite2-ASN_20??????/GeoLite2-ASN.mmdb asn.mmdb
- rm -rf GeoLite2-ASN_20??????
+++ /dev/null
---- a/include/private/catch.hpp
-+++ b/include/private/catch.hpp
-@@ -11095,7 +11095,11 @@ bool almostEqualUlps(FP lhs, FP rhs, int maxUlpDiff) {
- template <typename FP>
- FP step(FP start, FP direction, int steps) {
- for (int i = 0; i < steps; ++i) {
-+#ifndef __UCLIBC__
- start = std::nextafter(start, direction);
-+#else
-+ start = ::nextafterf(start, direction);
-+#endif
- }
- return start;
- }
include $(TOPDIR)/rules.mk
PKG_NAME:=nspr
-PKG_VERSION:=4.23
+PKG_VERSION:=4.24
PKG_RELEASE:=1
PKG_MAINTAINER:=Lucian Cristian <lucian.cristian@gmail.com>
PKG_LICENCE:=MPL-2.0
PKG_SOURCE_URL:= \
https://download.cdn.mozilla.net/pub/$(PKG_NAME)/releases/v$(PKG_VERSION)/src/ \
https://archive.mozilla.org/pub/$(PKG_NAME)/releases/v$(PKG_VERSION)/src/
-PKG_HASH:=4b9d821037faf5723da901515ed9cac8b23ef1ea3729022259777393453477a4
+PKG_HASH:=90a59a0df6a11528749647fe18401cc7e03881e3e63c309f8c520ce06dd413d0
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
include $(TOPDIR)/rules.mk
PKG_NAME:=nss
-PKG_VERSION:=3.47
-PKG_RELEASE:=1
+PKG_VERSION:=3.48
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:= \
https://download.cdn.mozilla.net/pub/security/$(PKG_NAME)/releases/NSS_$(subst .,_,$(PKG_VERSION))_RTM/src \
https://archive.mozilla.org/pub/security/$(PKG_NAME)/releases/NSS_$(subst .,_,$(PKG_VERSION))_RTM/src
-PKG_HASH:=6cd0c4438b616bdacc0b5f25ff1506b0d07ee97ea6c95d514c5487200a155fa7
+PKG_HASH:=3f9c822a86a4e3e1bfe63e2ed0f922d8b7c2e0b7cafe36774b1c627970d0f8ac
PKG_MAINTAINER:=Lucian Cristian <lucian.cristian@gmail.com>
PKG_LICENCE:=MPL-2.0
export USE_64=1
endif
+ifeq ($(CONFIG_CPU_TYPE),"xscale")
+TARGET_CFLAGS+= -mfloat-abi=softfp
+endif
+
+TARGET_CFLAGS += -D_GNU_SOURCE
TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed
export CROSS_COMPILE=1
$(CP) $(PKG_BUILD_DIR)/dist/build_dir/lib/libfreebl3.so $(1)/usr/lib/
$(CP) $(PKG_BUILD_DIR)/dist/build_dir/lib/libnss3.so $(1)/usr/lib/
+ $(CP) $(PKG_BUILD_DIR)/dist/build_dir/lib/libnssckbi.so $(1)/usr/lib/
$(CP) $(PKG_BUILD_DIR)/dist/build_dir/lib/libnssutil3.so $(1)/usr/lib/
$(CP) $(PKG_BUILD_DIR)/dist/build_dir/lib/libsmime3.so $(1)/usr/lib/
$(CP) $(PKG_BUILD_DIR)/dist/build_dir/lib/libsoftokn3.so $(1)/usr/lib/
diff -Naurp nss-3.28-orig/nss/Makefile nss-3.28/nss/Makefile
--- nss-3.28-orig/nss/Makefile 2016-12-21 05:56:27.000000000 -0600
+++ nss-3.28/nss/Makefile 2016-12-26 22:24:52.695146032 -0600
-@@ -46,7 +46,7 @@ include $(CORE_DEPTH)/coreconf/rules.mk
+@@ -47,7 +47,7 @@ include $(CORE_DEPTH)/coreconf/rules.mk
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
ifeq (,$(filter-out WIN%,$(OS_TARGET)))
--- a/nss/coreconf/Linux.mk 2019-04-01 10:08:59.129269177 +0300
+++ b/nss/coreconf/Linux.mk 2019-04-01 10:09:15.557782574 +0300
-@@ -139,6 +139,7 @@
+@@ -143,6 +143,7 @@
DEFINES += -D_REENTRANT
endif
DSO_CFLAGS = -fPIC
DSO_LDOPTS = -shared $(ARCHFLAG) -Wl,--gc-sections
# The linker on Red Hat Linux 7.2 and RHEL 2.1 (GNU ld version 2.11.90.0.8)
-@@ -149,6 +150,7 @@
+@@ -153,6 +154,7 @@
ZDEFS_FLAG = -Wl,-z,defs
DSO_LDOPTS += $(if $(findstring 2.11.90.0.8,$(shell ld -v)),,$(ZDEFS_FLAG))
LDFLAGS += $(ARCHFLAG) -z noexecstack
# library directories.
--- a/nss/coreconf/Linux.mk 2019-04-01 23:10:19.091912203 +0300
+++ b/nss/coreconf/Linux.mk 2019-04-06 14:07:13.499169075 +0300
-@@ -140,7 +140,7 @@
+@@ -144,7 +144,7 @@
endif
ifndef USE_NATIVE
--- a/nss/lib/sqlite/sqlite3.c
+++ b/nss/lib/sqlite/sqlite3.c
-@@ -33761,7 +33761,8 @@ static int proxyConchLock(unixFile *pFile, uuid_t myHostID, int lockType){
+@@ -39626,7 +39626,8 @@ static int proxyConchLock(unixFile *pFile, uuid_t myHostID, int lockType){
if( nTries==1 ){
conchModTime = buf.st_mtimespec;
continue;
}
-@@ -33787,7 +33788,7 @@ static int proxyConchLock(unixFile *pFile, uuid_t myHostID, int lockType){
+@@ -39652,7 +39653,7 @@ static int proxyConchLock(unixFile *pFile, uuid_t myHostID, int lockType){
/* don't break the lock on short read or a version mismatch */
return SQLITE_BUSY;
}
include $(TOPDIR)/rules.mk
PKG_NAME:=oniguruma
-PKG_VERSION:=6.9.3
+PKG_VERSION:=6.9.4
PKG_RELEASE:=1
PKG_SOURCE:=onig-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/kkos/oniguruma/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=dc6dec742941e24b761cea1b9a2f12e750879107ae69fd80ae1046459d4fb1db
+PKG_HASH:=aea68e5843b627f5fe6d3d6b598845b7f3622910e0568408e7cc2fa6b3690b87
PKG_MAINTAINER:=Eneas U de Queiroz <cotequeiroz@gmail.com>
PKG_LICENSE:=BSD-2-Clause
include $(TOPDIR)/rules.mk
PKG_NAME:=opencv
-PKG_VERSION:=4.1.1
-PKG_RELEASE:=2
+PKG_VERSION:=4.1.2
+PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/opencv/opencv
PKG_SOURCE_VERSION:=$(PKG_VERSION)
-PKG_MIRROR_HASH:=c8587820421d2f22acdafe4712d068ae490897dc445bdb4aa128ecaa8e65d3a1
+PKG_MIRROR_HASH:=1bd1cad4fa5c8f21499a45869fea40b7886026c048129a01be87b092178258c1
PKG_MAINTAINER:=
PKG_LICENSE:=BSD-3-Clause
+++ /dev/null
---- a/modules/gapi/include/opencv2/gapi/core.hpp
-+++ b/modules/gapi/include/opencv2/gapi/core.hpp
-@@ -392,8 +392,8 @@ namespace core {
- {
- GAPI_Assert(fx != 0. && fy != 0.);
- return in.withSize
-- (Size(static_cast<int>(std::round(in.size.width * fx)),
-- static_cast<int>(std::round(in.size.height * fy))));
-+ (Size(static_cast<int>(round(in.size.width * fx)),
-+ static_cast<int>(round(in.size.height * fy))));
- }
- }
- };
---- a/modules/gapi/include/opencv2/gapi/own/saturate.hpp
-+++ b/modules/gapi/include/opencv2/gapi/own/saturate.hpp
-@@ -81,8 +81,8 @@ static inline DST saturate(SRC x, R round)
- // explicit suffix 'd' for double type
- inline double ceild(double x) { return std::ceil(x); }
- inline double floord(double x) { return std::floor(x); }
--inline double roundd(double x) { return std::round(x); }
--inline double rintd(double x) { return std::rint(x); }
-+inline double roundd(double x) { return round(x); }
-+inline double rintd(double x) { return rint(x); }
-
- } //namespace own
- } //namespace gapi
---- a/modules/gapi/src/backends/fluid/gfluidcore.cpp
-+++ b/modules/gapi/src/backends/fluid/gfluidcore.cpp
-@@ -389,7 +389,7 @@ static void run_arithm_s1(uchar out[], const float in[], int width, const float
- cv::util::suppress_unused_warning(v_op);
- for (; w < width; w++)
- {
-- out[w] = saturate<uchar>(s_op(in[w], scalar[0]), std::roundf);
-+ out[w] = saturate<uchar>(s_op(in[w], scalar[0]), roundf);
- }
- }
-
-@@ -1954,7 +1954,7 @@ GAPI_FLUID_KERNEL(GFluidCartToPolar, cv::gapi::core::GCartToPolar, false)
- {
- float x = in1[l];
- float y = in2[l];
-- float magnitude = std::hypot(y, x);
-+ float magnitude = hypot(y, x);
- float angle_rad = std::atan2(y, x);
- float angle = angleInDegrees?
- angle_rad * static_cast<float>(180 / CV_PI):
+++ /dev/null
---- a/3rdparty/libjasper/jas_stream.c
-+++ b/3rdparty/libjasper/jas_stream.c
-@@ -86,6 +86,10 @@
- #include <io.h>
- #endif
-
-+#ifndef L_tmpnam
-+#define L_tmpnam 20
-+#endif
-+
- #include "jasper/jas_types.h"
- #include "jasper/jas_stream.h"
- #include "jasper/jas_malloc.h"
PKG_NAME:=p11-kit
PKG_VERSION:=0.23.18.1
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/p11-glue/p11-kit/releases/download/$(PKG_VERSION)
--without-libffi \
--without-systemd
+CONFIGURE_VARS += \
+ ac_cv_have_decl_program_invocation_short_name=yes
+
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include/p11-kit-1/p11-kit/
$(CP) $(PKG_INSTALL_DIR)/usr/include/p11-kit-1/p11-kit/* $(1)/usr/include/p11-kit-1/p11-kit/
--- /dev/null
+config PCRE2_JIT_ENABLED
+ bool
+ depends on PACKAGE_libpcre2 && (aarch64 || aarch64_be || arm || i386 || i686 || x86_64 || mips || mipsel || mips64 || mips64el || powerpc || powerpc64 || powerpcle || sparc)
+ default y if (arm || i686 || x86_64)
+ prompt "Enable JIT compiler support"
+ help
+ Enable JIT (Just-In-Time) compiler support.
+
+ Just-in-time compiling is a heavyweight optimization that can greatly
+ speed up pattern matching. However, it comes at the cost of extra
+ processing before the match is performed, so it is of most benefit when
+ the same pattern is going to be matched many times. This does not
+ necessarily mean many calls of a matching function; if the pattern is
+ not anchored, matching attempts may take place many times at various
+ positions in the subject, even for a single call. Therefore, if the
+ subject string is very long, it may still pay to use JIT even for
+ one-off matches. JIT support is available for all of the 8-bit, 16-bit
+ and 32-bit PCRE2 libraries and adds about 100KB to the resulting
+ libpcre2.so. JIT support applies only to the traditional Perl-compatible
+ matching function. It does not apply when the DFA matching function is
+ being used.
+
+ Enabling this option can give an about 10x performance increase on JIT
+ operations. It can be desireable for e.g. high performance Apache
+ mod_rewrite or HA-Proxy reqrep operations.
+
+ However, JIT should _only_ be enabled on architectures that are supported.
+ Enabling JIT on unsupported platforms will result in a compilation
+ failure. A list of supported architectures can be found here:
+ https://pcre.org/current/doc/html/pcre2jit.html#SEC2
include $(TOPDIR)/rules.mk
PKG_NAME:=pcre2
-PKG_VERSION:=10.32
+PKG_VERSION:=10.34
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=@SF/pcre/$(PKG_NAME)/$(PKG_VERSION)
-PKG_HASH:=f29e89cc5de813f45786580101aaee3984a65818631d4ddbda7b32f699b87c2e
+PKG_HASH:=74c473ffaba9e13db6951fd146e0143fe9887852ce73406a03277af1d9b798ca
PKG_MAINTAINER:=Shane Peelar <lookatyouhacker@gmail.com>
PKG_LICENSE:=BSD-3-Clause
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
+PKG_CONFIG_DEPENDS:=\
+ CONFIG_PCRE2_JIT_ENABLED
+
include $(INCLUDE_DIR)/package.mk
define Package/libpcre2/default
URL:=https://www.pcre.org/
endef
+define Package/libpcre2/config
+ source "$(SOURCE)/Config.in"
+endef
+
define Package/libpcre2
$(call Package/libpcre2/default)
TITLE:=A Perl Compatible Regular Expression library
CONFIGURE_ARGS += \
--enable-pcre2-16 \
- --enable-pcre2-32
+ --enable-pcre2-32 \
+ $(if $(CONFIG_PCRE2_JIT_ENABLED),--enable-jit,--disable-jit)
MAKE_FLAGS += \
CFLAGS="$(TARGET_CFLAGS)"
include $(TOPDIR)/rules.mk
PKG_NAME:=postgresql
-PKG_VERSION:=11.3
+PKG_VERSION:=12.1
PKG_RELEASE:=1
PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
PKG_LICENSE:=PostgreSQL
http://ftp.postgresql.org/pub/source/v$(PKG_VERSION) \
ftp://ftp.postgresql.org/pub/source/v$(PKG_VERSION)
-PKG_HASH:=2a85e082fc225944821dfd23990e32dfcd2284c19060864b0ad4ca537d30522d
+PKG_HASH:=a09bf3abbaf6763980d0f8acbb943b7629a8b20073de18d867aecdb7988483ed
PKG_USE_MIPS16:=0
PKG_FIXUP:=autoreconf
USE_PROCD=1
-EXTRA_COMMANDS="status"
-EXTRA_HELP=" status Show current status of the PostgreSQL server"
-
fix_hosts() {
# make sure localhost (without a dot) is in /etc/hosts
grep -q 'localhost$' /etc/hosts || echo '127.0.0.1 localhost' >> /etc/hosts
/usr/bin/pg_ctl stop -U postgres -D "${pgdata}" -s
}
-status() {
+status_service() {
config_load "postgresql"
config_get pgdata config PGDATA
/usr/bin/pg_ctl status -U postgres -D "${pgdata}"
PKG_NAME:=protobuf
PKG_VERSION:=3.8.0
-PKG_RELEASE:=4
+PKG_RELEASE:=5
PKG_SOURCE:=$(PKG_NAME)-cpp-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/google/protobuf/releases/download/v$(PKG_VERSION)
-Dprotobuf_BUILD_TESTS=OFF \
-DBUILD_SHARED_LIBS=ON \
-DCMAKE_SKIP_RPATH=OFF \
+ -DCMAKE_INSTALL_LIBDIR=lib \
-DCMAKE_INSTALL_RPATH="${STAGING_DIR_HOSTPKG}/lib"
CMAKE_OPTIONS += \
include $(TOPDIR)/rules.mk
PKG_NAME:=redis
-PKG_VERSION:=5.0.6
+PKG_VERSION:=5.0.7
PKG_RELEASE:=1
PKG_SOURCE_URL:=http://download.redis.io/releases/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_HASH:=6624841267e142c5d5d5be292d705f8fb6070677687c5aad1645421a936d22b3
+PKG_HASH:=61db74eabf6801f057fd24b590232f2f337d422280fd19486eca03be87d3a82b
PKG_MAINTAINER:=Jan Pavlinec <jan.pavlinec@nic.cz>
PKG_LICENSE:=BSD-3-Clause
--- /dev/null
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=rpcsvc-proto
+PKG_VERSION:=1.4
+PKG_RELEASE:=3
+
+PKG_SOURCE_URL:=https://github.com/thkukuk/rpcsvc-proto/releases/download/v$(PKG_VERSION)/
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_HASH:=867e46767812784d8dda6d8d931d6fabb30168abb02d87a2a205be6d5a2934a7
+
+PKG_MAINTAINER:=Andy Walsh <andy.walsh44+github@gmail.com>
+PKG_LICENSE:=BSD-3-clause
+PKG_LICENSE_FILES:=COPYING
+
+PKG_FIXUP:=autoreconf
+PKG_REMOVE_FILES:=autogen.sh
+PKG_INSTALL:=1
+
+PKG_BUILD_DEPENDS:=rpcsvc-proto/host
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/nls.mk
+include $(INCLUDE_DIR)/host-build.mk
+
+define Package/rpcsvc-proto
+ SECTION:=libs
+ CATEGORY:=Libraries
+ TITLE:=rpcgen and rpcsvc proto.x files from glibc
+ URL:=https://github.com/thkukuk/rpcsvc-proto
+ DEPENDS:=$(INTL_DEPENDS)
+ BUILDONLY:=1
+endef
+
+define Package/rpcsvc-proto/description
+ This package contains rpcsvc proto.x files from glibc, which are missing in libtirpc.
+ Additional it contains rpcgen, which is needed to create header files and sources from protocol files.
+endef
+
+# need to use host tool
+define Build/Prepare
+ $(Build/Prepare/Default)
+ $(SED) 's,.*/rpcgen/rpcgen,\t$(STAGING_DIR_HOSTPKG)/bin/rpcgen,' $(PKG_BUILD_DIR)/rpcsvc/Makefile.am
+endef
+
+define Build/InstallDev
+ $(INSTALL_DIR) $(1)/usr/include
+ $(CP) $(PKG_INSTALL_DIR)/usr/include/rpcsvc $(1)/usr/include/
+endef
+
+$(eval $(call HostBuild))
+$(eval $(call BuildPackage,rpcsvc-proto))
PKG_NAME:=spice
PKG_VERSION:=0.14.2
-PKG_RELEASE:=2
+PKG_RELEASE:=4
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://www.spice-space.org/download/releases/spice-server
PKG_HASH:=b203b3882e06f4c7249a3150d90c84e1a90490d41ead255a3d2cede46f4a29a7
--disable-gstreamer \
--disable-smartcard \
--disable-statistics \
+ --without-sasl \
+ --disable-silent-rules \
$(eval $(call BuildPackage,libspice-server))
--- /dev/null
+Tests build can fail for arc700 for the following causes
+
+ - Missing -stack-protector-all argument when building test progs
+ - Missing linker flag -lgmodule-2.0 -lffi
+
+--- a/server/Makefile.am.orig 2019-12-25 18:31:59.133981942 +0800
++++ b/server/Makefile.am 2019-12-25 18:32:06.308976585 +0800
+@@ -1,5 +1,5 @@
+ NULL =
+-SUBDIRS = . tests
++SUBDIRS = .
+
+ check-valgrind:
+ $(MAKE) -C tests check-valgrind
--- /dev/null
+Tools build can fail because -stack-protector-all is missing
+
+--- a/tools/Makefile.am.orig 2019-12-25 18:51:48.947959673 +0800
++++ b/tools/Makefile.am 2019-12-25 18:51:56.165952726 +0800
+@@ -8,6 +8,7 @@ AM_CPPFLAGS = \
+
+ AM_LDFLAGS = \
+ $(LIBRT) \
++ $(WARN_LDFLAGS) \
+ $(NULL)
+
+ noinst_PROGRAMS = \
include $(TOPDIR)/rules.mk
PKG_NAME:=tinycdb
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE_URL:=http://www.corpit.ru/mjt/tinycdb/
PKG_VERSION:=0.78
PKG_HASH:=50678f432d8ada8d69f728ec11c3140e151813a7847cf30a62d86f3a720ed63c
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_INSTALL:=1
+
include $(INCLUDE_DIR)/package.mk
+# Pass CPPFLAGS in the CFLAGS as otherwise the build system will
+# ignore them.
+TARGET_CFLAGS+=$(TARGET_CPPFLAGS)
+
+MAKE_FLAGS+= \
+ CFLAGS="$(TARGET_CFLAGS)" \
+ LDFLAGS="$(TARGET_LDFLAGS)"
+
+CDB_INST_STRING:=prefix=/usr install install-sharedlib install-piclib
+
define Package/tinycdb
SECTION:=libs
CATEGORY:=Libraries
TITLE:=a Constant DataBase
URL:=http://www.corpit.ru/mjt/tinycdb.html
+ ABI_VERSION=1
endef
define Package/tinycdb/description
TinyCDB is a very fast and simple package for creating and reading constant data bases
endef
-define Build/InstallDev
- cd $(PKG_BUILD_DIR); $(MAKE) DESTDIR=$(1) prefix=/usr install
+define Package/tinycdb/install
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libcdb.so.$(ABI_VERSION) $(1)/usr/lib
endef
+define Build/Compile
+ $(call Build/Compile/Default,shared staticlib piclib)
+endef
+
+define Build/Install
+ $(call Build/Install/Default,$(CDB_INST_STRING))
+endef
+define Build/InstallDev
+ cd $(PKG_BUILD_DIR); $(MAKE) DESTDIR=$(1) $(CDB_INST_STRING)
+endef
$(eval $(call BuildPackage,tinycdb))
include $(TOPDIR)/rules.mk
PKG_NAME:=dovecot
-PKG_VERSION:=2.3.8
-PKG_RELEASE:=1
+PKG_VERSION:=2.3.9
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://dovecot.org/releases/2.3
-PKG_HASH:=c5778d03bf26ab34a605854098035badec455d07adfab38d974f610c8f78b649
+PKG_HASH:=df2c53e5a0463c5c52af682fb11c17eb7f79115d95a861a63cd09329fd7daa9f
PKG_MAINTAINER:=Lucian Cristian <lucian.cristian@gmail.com>
PKG_LICENSE:=LGPL-2.1-only MIT BSD-3-Clause
CONFIGURE_ARGS += \
--libexecdir=/usr/libexec \
+ --without-libunwind \
--without-pam \
--with-notify=dnotify \
--without-lzma \
+++ /dev/null
-#
-# Copyright (C) 2009 David Cooper <dave@kupesoft.com>
-# Copyright (C) 2016-2019 Daniel Dickinson <cshored@thecshore.com>
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=msmtp-scripts
-PKG_VERSION:=1.2.5.1
-PKG_RELEASE:=1
-
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://launchpad.net/$(PKG_NAME)/1.2/$(PKG_VERSION)/+download
-PKG_HASH:=757aa297a0e0283399fffdc460044bfeb653673695fc02c92215a5e32d104151
-PKG_MAINTAINER:=Daniel F. Dickinson <cshored@thecshore.com>
-
-PKG_LICENSE:=GPL-3.0-or-later
-PKG_LICENSE_FILES:=COPYING
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/msmtp-scripts/Default
- SECTION:=mail
- CATEGORY:=Mail
- TITLE:=Forwarding only SMTP with queuing
- URL:=https://msmtp-scripts.thecshore.com
-endef
-
-define Package/msmtp-scripts/Default/description
- msmtp-scripts are scripts wrappers around the msmtp SMTP client that
- add queueing, logging to syslog or file, and a subset of sendmail/postfix
- mailq/postsuper/postqueue commands implemented in a compatible fashion.
-endef
-
-define Package/msmtpq-ng
-$(call Package/msmtp-scripts/Default)
- DEPENDS+= +msmtp
- TITLE+= (common)
-endef
-
-define Package/msmtpq-ng/conffiles
-/etc/msmtpq-ng.rc
-endef
-
-define Package/msmtpq-ng/description
- $(call Package/msmtp-scripts/Default/description)
- This package contains the msmtpq-ng and msmtpq-ng-queue
- wrappers around msmtp, which provide the bulk of the
- functionality.
-endef
-
-define Package/msmtpq-ng-mta
-$(call Package/msmtp-scripts/Default)
- TITLE+= (as MTA)
- DEPENDS+=+msmtpq-ng
- ALTERNATIVES:=\
- 400:/usr/sbin/sendmail:/usr/sbin/msmtpq-ng-mta \
- 400:/usr/lib/sendmail:/usr/sbin/msmtpq-ng-mta \
- 400:/usr/sbin/mailq:/usr/sbin/msmtpq-ng-queue-mta \
- 400:/usr/sbin/postqueue:/usr/sbin/msmtpq-ng-queue-mta \
- 400:/usr/sbin/postsuper:/usr/sbin/msmtpq-ng-queue-mta
-endef
-
-define Package/msmtpq-ng-mta/conffiles
-/etc/msmtpq-ng-mta.rc
-endef
-
-define Package/msmtpq-ng-mta/description
- $(call Package/msmtp-scripts/Default/description)
- This package provides sendmail, mailq, postfix,
- and postsuper symlinks to wrappers that configure
- msmtpq-ng for use as the system mail transport
- agent via the sendmail command.
-
-**NB**: In order for msmtpq-ng-mta aka sendmail to
-send mail for non-root users (not just queue it
-after failing), the user must have permissions to
-access /etc/msmtprc -- package msmtp sets msmtprc
-to rw only by root by default as a security measure
-(it _can_ contain information like passwords with
-which to send mail through your email server).
-
-There are a couple of choices. One is to leave
-the default permissions (in which cases the mail
-will queue and fail to send until the mailq -q
-runner which runs in a root crontab sends the mail).
-Another is to give any non-root daemon users (or
-any other users) group access (i.e. create a
-group for all the users who should be able to
-send mail, add the users to it, and give the
-group read-only permissions on the msmtrpc).
-A final option (which is only resonable if you
-have no secrets in msmtprc because you are
-sending unauthenticated mail to a server that
-accepts mail directly for the intended user --
-usually that means a self-hosted system mail
-server, rather than trying to send mail to
-public servers (which don't typically accept
-mail from normal user IP addresses, even if
-you ISP doesn't block the traffic) is to
-make msmtprc world readable.
-
-The first option is probably the best choice
-for most users, as it just means a 15
-minute delay in the mail getting off the
-system, and doesn't involve special permissions
-for non-root daemons or users.
-endef
-
-define Package/msmtpq-ng-mta-smtpd
-$(call Package/msmtp-scripts/Default)
- DEPENDS+= +msmtpq-ng-mta +xinetd
- TITLE+= (localhost SMTPd)
- USERID:=msmtp=482:msmtp=482
-endef
-
-define Package/msmtp-ng-mta-smtpd/description
- $(call Package/msmtp-scripts/Default/description)
- This package uses the -bs option to msmtpq-ng
- (which, like the sendmail -bs command, provides
- SMTP over stdin/stdout) combined with xinetd to
- provide a basic SMTP server. In it's default
- configuration it only accepts connections from
- localhost AND network mail must be released from
- the hold queue before it can be delivered.
-endef
-
-define Package/msmtpq-ng-mta-smtpd/conffiles
-/etc/xinetd.d/ms-mta-smtpd
-endef
-
-define Package/msmtpq-ng-mta/postinst
- mkdir -p $${IPKG_INSTROOT}/etc/crontabs
- if ! grep -q msmtpq-ng-mta $${IPKG_INSTROOT}/etc/crontabs/root 2>/dev/null; then echo $$'\n'"*/60 * * * * /usr/bin/msmtpq-ng-mta -q" >>$${IPKG_INSTROOT}/etc/crontabs/root; fi
-endef
-
-define Build/Configure
- true
-endef
-
-define Build/Compile
- true
-endef
-
-define Package/msmtpq-ng/install
- $(INSTALL_DIR) $(1)/etc
- $(INSTALL_DATA) ./files/msmtpq-ng.rc $(1)/etc/msmtpq-ng.rc
- $(INSTALL_DIR) $(1)/usr/bin
- $(CP) $(PKG_BUILD_DIR)/src/usr/bin/msmtpq-ng $(1)/usr/bin/
- $(SED) "s,nc -vz,printf \"HEAD / HTTP/1.1\\\\r\\\\nHost: \$$$${EMAIL_CONN_TEST_SITE}\\\\r\\\\n\\\\r\\\\n\"|nc," $(1)/usr/bin/msmtpq-ng
- $(CP) $(PKG_BUILD_DIR)/src/usr/bin/msmtpq-ng-queue $(1)/usr/bin/
-endef
-
-define Package/msmtpq-ng-mta/install
- $(INSTALL_DIR) $(1)/usr/bin $(1)/usr/sbin $(1)/usr/lib $(1)/etc/init.d
- $(INSTALL_DATA) ./files/msmtpq-ng-mta.rc $(1)/etc/
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/usr/sbin/msmtpq-ng-mta $(1)/usr/sbin/
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/usr/sbin//msmtpq-ng-queue-mta $(1)/usr/sbin/
- $(INSTALL_DIR) $(1)/etc/crontabs
- $(INSTALL_BIN) ./files/msmtpq-ng-mta.init $(1)/etc/init.d/msmtpq-ng-mta
-endef
-
-define Package/msmtpq-ng-mta-smtpd/install
- $(INSTALL_DIR) $(1)/etc/xinetd.d
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/etc/xinetd.d/ms-mta-smtpd $(1)/etc/xinetd.d/ms-mta-smtpd
-endef
-
-
-$(eval $(call BuildPackage,msmtpq-ng))
-$(eval $(call BuildPackage,msmtpq-ng-mta))
-$(eval $(call BuildPackage,msmtpq-ng-mta-smtpd))
+++ /dev/null
-#!/bin/sh /etc/rc.common
-# Copyright (C) 2006-2016 OpenWrt.org
-
-START=90
-
-boot() {
- if [ ! -d /var/spool/msmtp ]; then
- mkdir -m1777 -p /var/spool/msmtp
- else
- chmod 1777 /var/spool/msmtp
- fi
-
- if [ ! -d /var/lock/msmtp ]; then
- mkdir -m1777 -p /var/lock/msmtp
- else
- chmod 1777 /var/spool/msmtp
- fi
-}
-
+++ /dev/null
-#!/bin/sh
-
-#Q=/var/spool/msmtp/"$(id -un)"
-#LOG=syslog
-#MAXLOGLEVEL=7
-#MSMTP_LOCK_DIR=/var/lock/msmtp/"$(id -un)"
-#MSMTP_UMASK=077
-#MSMTP_LOG_UMASK=007
-#MSMTP_QUEUE_QUIET=true
-#MSMTP_IGNORE_NO_RECIPIENTS=true
-#MSMTP_QUEUE_ONLY=false
-#MSMTP_SEND_DELAY=0
-#MSMTP_MAXIMUM_QUEUE_LIFETIME=345600 # Four days
-#MSMTPQ_NG=msmtpq-ng
-#MSMTPQ_NG_QUEUE=msmtpq-ng-queue
-#MSMTP_CONF=/etc/msmtprc
-EMAIL_CONN_TEST=n
-#EMAIL_CONN_TEST_PING=openwrt.org
-#EMAIL_CONN_TEST_IP=8.8.8.8
-EMAIL_CONN_TEST_SITE=openwrt.org
-#MSMTP_HOLD_SMTP_MAIL=true
-#MSMTP_HOLD_CLI_MAIL=false
+++ /dev/null
-#!/bin/sh
-
-#Q=~/msmtp.queue
-#LOG=~/log/.msmtp.queue.log
-#MAXLOGLEVEL=7
-#MSMTP_LOCK_DIR=~/.msmtp.lock
-EMAIL_CONN_TEST=n
-#EMAIL_CONN_TEST_PING=openwrt.org
-#EMAIL_CONN_TEST_IP=8.8.8.8
-EMAIL_CONN_TEST_SITE=openwrt.org
-#MSMTP_UMASK=077
-#MSMTP_LOG_UMASK=077
-#MSMTP_QUEUE_QUIET=false
-#MSMTP_IGNORE_NO_RECIPIENTS=true
-#MSMTP_QUEUE_ONLY=false
-#MSMTP_SEND_DELAY=0
-#MSMTP_MAXIMUM_QUEUE_LIFETIME=345600 # Four days
-#MSMTP=msmtp
-#MSMTPQ_NG_QUEUE=msmtpq-ng-queue
-#MSMTP_HOLD_SMTP_MAIL=true
-#MSMTP_HOLD_CLI_MAIL=false
-#MSMTP_CONF=/etc/msmtprc
-#LOCK_CMD=flock
include $(TOPDIR)/rules.mk
PKG_NAME:=msmtp
-PKG_VERSION:=1.8.6
+PKG_VERSION:=1.8.7
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://marlam.de/msmtp/releases
-PKG_HASH:=6625f147430c65ba8527f52c4fe5d4d33552d3c0fb6d793ba7df819a3b3042e1
+PKG_HASH:=9a53bcdc244ec5b1a806934ecc7746d9d09db581f587bedf597e9da2f48c51f1
PKG_MAINTAINER:=Rosen Penev <rosenp@gmail.com>
PKG_LICENSE:=GPL-3.0-or-later
include $(TOPDIR)/rules.mk
PKG_NAME:=dovecot-pigeonhole
-PKG_VERSION_PLUGIN:=0.5.8
+PKG_VERSION_PLUGIN:=0.5.9
PKG_VERSION_DOVECOT:=$(shell make --no-print-directory -C ../dovecot/ val.PKG_VERSION V=s)
PKG_VERSION:=$(PKG_VERSION_DOVECOT)-$(PKG_VERSION_PLUGIN)
PKG_RELEASE:=1
PKG_SOURCE:=dovecot-$(DOVECOT_VERSION)-pigeonhole-$(PKG_VERSION_PLUGIN).tar.gz
PKG_SOURCE_URL:=https://pigeonhole.dovecot.org/releases/$(DOVECOT_VERSION)
-PKG_HASH:=8fb860d50c1b1a09aea9e25f8ee89c22e34ecedfb0e11a1c48a7f67310759022
+PKG_HASH:=36da68aae5157b83e21383f711b8977e5b6f5477f369f71e7e22e76a738bbd05
+
+PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org>
PKG_LICENSE:=LGPL-2.1-or-later
PKG_LICENSE_FILES:=COPYING COPYING.LGPL
PKG_CPE_ID:=cpe:/a:dovecot:pigeonhole
DEPENDS:=+dovecot
EXTRA_DEPENDS:=dovecot (>= $(PKG_VERSION_DOVECOT))
TITLE:=Mail filtering facilities for Dovecot
- MAINTAINER:=W. Michael Petullo <mike@flyn.org>
URL:=https://wiki2.dovecot.org/Pigeonhole
endef
include $(TOPDIR)/rules.mk
PKG_NAME:=postfix
-PKG_RELEASE:=1
+PKG_RELEASE:=3
PKG_VERSION:=3.4.6
PKG_SOURCE_URL:= \
https://cdn.postfix.johnriley.me/mirrors/postfix-release/official/ \
PKG_LICENSE_FILES:=LICENSE
PKG_CPE_ID:=cpe:/a:postfix:postfix
-PKG_BUILD_DEPENDS:=POSTFIX_CDB:tinycdb
PKG_CONFIG_DEPENDS:= \
CONFIG_POSTFIX_TLS \
CONFIG_POSTFIX_SASL \
postfix=25:postfix=25 \
postdrop=26:postdrop=26
URL:=http://www.postfix.org/
- DEPENDS:=+POSTFIX_TLS:libopenssl +POSTFIX_SASL:libsasl2 +POSTFIX_LDAP:libopenldap +POSTFIX_DB:libdb47 +POSTFIX_SQLITE:libsqlite3 +POSTFIX_MYSQL:libmysqlclient +POSTFIX_PGSQL:libpq +POSTFIX_EAI:icu +POSTFIX_PCRE:libpcre
+ DEPENDS:=+POSTFIX_CDB:tinycdb +POSTFIX_TLS:libopenssl +POSTFIX_SASL:libsasl2 +POSTFIX_LDAP:libopenldap +POSTFIX_DB:libdb47 +POSTFIX_SQLITE:libsqlite3 +POSTFIX_MYSQL:libmysqlclient +POSTFIX_PGSQL:libpq +POSTFIX_EAI:icu +POSTFIX_PCRE:libpcre
endef
define Package/postfix/description
+++ /dev/null
---- a/src/smtpd/smtpd_check.c
-+++ b/src/smtpd/smtpd_check.c
-@@ -5325,7 +5325,7 @@ char *smtpd_check_queue(SMTPD_STATE *state)
- */
- #define BLOCKS(x) ((x) / fsbuf.block_size)
-
-- fsspace(".", &fsbuf);
-+ fsspace("/overlay", &fsbuf);
- if (msg_verbose)
- msg_info("%s: blocks %lu avail %lu min_free %lu msg_size_limit %lu",
- myname,
include $(TOPDIR)/rules.mk
PKG_NAME:=ffmpeg
-PKG_VERSION:=3.4.6
-PKG_RELEASE:=5
+PKG_VERSION:=3.4.7
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://ffmpeg.org/releases/
-PKG_HASH:=3572279cb139d9e39dcfbc23edf438ff5311ec3fc5d0dcb3558e49591e5cb83e
+PKG_HASH:=efd01782fd29b62505c973f5b61a65632d7b435dc9f4a6c97e92e6afd36cf5c8
PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>, \
Ian Leonard <antonlacon@gmail.com>
include $(TOPDIR)/rules.mk
PKG_NAME:=grilo-plugins
-PKG_VERSION:=0.3.7
-PKG_RELEASE:=3
+PKG_VERSION:=0.3.10
+PKG_RELEASE:=1
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org>
PKG_LICENSE:=LGPLv2.1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@GNOME/grilo-plugins/0.3/
-PKG_HASH:=fc2f3bbc319136e53e1efb6659fa65b6af45db114b6621008f9abba64fad6820
+PKG_HASH:=803b360fdb6d5fde1e647bdc40c16de3031b1a95b347b48b65fe4fc27a548d4a
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
-PKG_FIXUP:=autoreconf
+PKG_BUILD_DEPENDS:=meson/host
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/nls.mk
+include ../../devel/meson/meson.mk
define Package/grilo-plugins/Default
SECTION:=multimedia
plugins to get information from a number of sources.
endef
-CONFIGURE_ARGS += \
- --enable-static \
- --disable-compile-warnings \
- --disable-goa \
- --disable-filesystem \
- --disable-optical-media \
- --disable-youtube \
- --disable-flickr \
- --disable-podcasts \
- --disable-bookmarks \
- --disable-lua-factory \
- --disable-metadata-store \
- --disable-vimeo \
- --disable-tracker \
- --disable-local-metadata \
- --disable-chromaprint \
- --disable-thetvdb \
- --disable-tmdb \
- --disable-freebox
-
-MAKE_FLAGS += \
- GLIB_COMPILE_RESOURCES="$(STAGING_DIR_HOSTPKG)/bin/glib-compile-resources"
+MESON_ARGS += \
+ -Denable-filesystem=no \
+ -Denable-optical-media=no \
+ -Denable-youtube=no \
+ -Denable-flickr=no \
+ -Denable-podcasts=no \
+ -Denable-bookmarks=no \
+ -Denable-lua-factory=no \
+ -Denable-metadata-store=no \
+ -Denable-vimeo=no \
+ -Denable-tracker=no \
+ -Denable-local-metadata=no \
+ -Denable-chromaprint=no \
+ -Denable-thetvdb=no \
+ -Denable-tmdb=no \
+ -Denable-freebox=no \
+
define Package/grilo-plugins/install
$(INSTALL_DIR) $(1)/usr/lib/grilo-0.3
endef
--- /dev/null
+Fix build error on OpenWrt build servers. See:
+
+ https://github.com/openwrt/packages/pull/10433#issuecomment-549242840
+ https://github.com/mesonbuild/meson/issues/821
+
+diff -u --recursive grilo-plugins-0.3.10-vanilla/meson.build grilo-plugins-0.3.10/meson.build
+--- grilo-plugins-0.3.10-vanilla/meson.build 2019-09-12 11:48:29.000000000 -0400
++++ grilo-plugins-0.3.10/meson.build 2020-01-20 11:17:22.803149935 -0500
+@@ -173,6 +173,3 @@
+ rootdir = include_directories('.')
+
+ subdir('src')
+-subdir('help')
+-subdir('po')
+-subdir('tests')
+++ /dev/null
---- a/configure.ac
-+++ b/configure.ac
-@@ -1316,7 +1316,7 @@ AC_SUBST(DEPS_OPENSUBTITLES_LIBS)
- # GETTEXT/INTLTOOL
- # ----------------------------------------------------------
-
--IT_PROG_INTLTOOL([0.40.0])
-+IT_PROG_INTLTOOL([0.40.0], [no-xml])
- GETTEXT_PACKAGE=grilo-plugins
- AC_SUBST(GETTEXT_PACKAGE)
- AC_DEFINE_UNQUOTED(GETTEXT_PACKAGE,"$GETTEXT_PACKAGE", [The domain to use with gettext])
-@@ -1334,7 +1334,7 @@ AC_SUBST([builddir])
- # DOCUMENTATION
- # ----------------------------------------------------------
-
--YELP_HELP_INIT
-+#YELP_HELP_INIT
-
- # ----------------------------------------------------------
- # OUTPUT
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -10,7 +10,7 @@ include $(top_srcdir)/release.mk
-
- ACLOCAL_AMFLAGS = -I m4
-
--SUBDIRS = src help po tests
-+SUBDIRS = src po
-
- MAINTAINERCLEANFILES = \
- $(GITIGNORE_MAINTAINERCLEANFILES_TOPLEVEL) \
+++ /dev/null
-# gnome-common.m4
-#
-# serial 3
-#
-
-AU_DEFUN([GNOME_DEBUG_CHECK],
-[
- AX_CHECK_ENABLE_DEBUG([no],[GNOME_ENABLE_DEBUG])
-],
-[[$0: This macro is deprecated. You should use AX_CHECK_ENABLE_DEBUG instead and
-replace uses of GNOME_ENABLE_DEBUG with ENABLE_DEBUG.
-See: http://www.gnu.org/software/autoconf-archive/ax_check_enable_debug.html#ax_check_enable_debug]])
-
-dnl GNOME_MAINTAINER_MODE_DEFINES ()
-dnl define DISABLE_DEPRECATED
-dnl
-AU_DEFUN([GNOME_MAINTAINER_MODE_DEFINES],
-[
- AC_REQUIRE([AM_MAINTAINER_MODE])
-
- DISABLE_DEPRECATED=""
- if test $USE_MAINTAINER_MODE = yes; then
- DOMAINS="GCONF BONOBO BONOBO_UI GNOME LIBGLADE GNOME_VFS WNCK LIBSOUP"
- for DOMAIN in $DOMAINS; do
- DISABLE_DEPRECATED="$DISABLE_DEPRECATED -D${DOMAIN}_DISABLE_DEPRECATED -D${DOMAIN}_DISABLE_SINGLE_INCLUDES"
- done
- fi
-
- AC_SUBST(DISABLE_DEPRECATED)
-],
-[[$0: This macro is deprecated. All of the modules it disables deprecations for
-are obsolete. Remove it and all uses of DISABLE_DEPRECATED.]])
+++ /dev/null
-# gnome-compiler-flags.m4
-#
-# serial 4
-#
-
-dnl GNOME_COMPILE_WARNINGS
-dnl Turn on many useful compiler warnings and substitute the result into
-dnl WARN_CFLAGS
-dnl For now, only works on GCC
-dnl Pass the default value of the --enable-compile-warnings configure option as
-dnl the first argument to the macro, defaulting to 'yes'.
-dnl Additional warning/error flags can be passed as an optional second argument.
-dnl
-dnl For example: GNOME_COMPILE_WARNINGS([maximum],[-Werror=some-flag -Wfoobar])
-AU_DEFUN([GNOME_COMPILE_WARNINGS],[
- dnl ******************************
- dnl More compiler warnings
- dnl ******************************
-
- AC_ARG_ENABLE(compile-warnings,
- AS_HELP_STRING([--enable-compile-warnings=@<:@no/minimum/yes/maximum/error@:>@],
- [Turn on compiler warnings]),,
- [enable_compile_warnings="m4_default([$1],[yes])"])
-
- if test "x$GCC" != xyes; then
- enable_compile_warnings=no
- fi
-
- warning_flags=
- realsave_CFLAGS="$CFLAGS"
-
- dnl These are warning flags that aren't marked as fatal. Can be
- dnl overridden on a per-project basis with -Wno-foo.
- base_warn_flags=" \
- -Wall \
- -Wstrict-prototypes \
- -Wnested-externs \
- "
-
- dnl These compiler flags typically indicate very broken or suspicious
- dnl code. Some of them such as implicit-function-declaration are
- dnl just not default because gcc compiles a lot of legacy code.
- dnl We choose to make this set into explicit errors.
- base_error_flags=" \
- -Werror=missing-prototypes \
- -Werror=implicit-function-declaration \
- -Werror=pointer-arith \
- -Werror=init-self \
- -Werror=format-security \
- -Werror=format=2 \
- -Werror=missing-include-dirs \
- -Werror=return-type \
- "
-
- dnl Additional warning or error flags provided by the module author to
- dnl allow stricter standards to be imposed on a per-module basis.
- dnl The author can pass -W or -Werror flags here as they see fit.
- additional_flags="m4_default([$2],[])"
-
- case "$enable_compile_warnings" in
- no)
- warning_flags="-w"
- ;;
- minimum)
- warning_flags="-Wall"
- ;;
- yes|maximum|error)
- warning_flags="$base_warn_flags $base_error_flags $additional_flags"
- ;;
- *)
- AC_MSG_ERROR(Unknown argument '$enable_compile_warnings' to --enable-compile-warnings)
- ;;
- esac
-
- if test "$enable_compile_warnings" = "error" ; then
- warning_flags="$warning_flags -Werror"
- fi
-
- dnl Check whether GCC supports the warning options
- for option in $warning_flags; do
- save_CFLAGS="$CFLAGS"
- CFLAGS="$CFLAGS $option"
- AC_MSG_CHECKING([whether gcc understands $option])
- AC_TRY_COMPILE([], [],
- has_option=yes,
- has_option=no,)
- CFLAGS="$save_CFLAGS"
- AC_MSG_RESULT([$has_option])
- if test $has_option = yes; then
- tested_warning_flags="$tested_warning_flags $option"
- fi
- unset has_option
- unset save_CFLAGS
- done
- unset option
- CFLAGS="$realsave_CFLAGS"
- AC_MSG_CHECKING(what warning flags to pass to the C compiler)
- AC_MSG_RESULT($tested_warning_flags)
-
- AC_ARG_ENABLE(iso-c,
- AS_HELP_STRING([--enable-iso-c],
- [Try to warn if code is not ISO C ]),,
- [enable_iso_c=no])
-
- AC_MSG_CHECKING(what language compliance flags to pass to the C compiler)
- complCFLAGS=
- if test "x$enable_iso_c" != "xno"; then
- if test "x$GCC" = "xyes"; then
- case " $CFLAGS " in
- *[\ \ ]-ansi[\ \ ]*) ;;
- *) complCFLAGS="$complCFLAGS -ansi" ;;
- esac
- case " $CFLAGS " in
- *[\ \ ]-pedantic[\ \ ]*) ;;
- *) complCFLAGS="$complCFLAGS -pedantic" ;;
- esac
- fi
- fi
- AC_MSG_RESULT($complCFLAGS)
-
- WARN_CFLAGS="$tested_warning_flags $complCFLAGS"
- AC_SUBST(WARN_CFLAGS)
-],
-[[$0: This macro is deprecated. You should use AX_COMPILER_FLAGS instead and
-eliminate use of --enable-iso-c.
-See: http://www.gnu.org/software/autoconf-archive/ax_compiler_flags.html#ax_compiler_flags]])
-
-dnl For C++, do basically the same thing.
-
-AU_DEFUN([GNOME_CXX_WARNINGS],[
- AC_ARG_ENABLE(cxx-warnings,
- AS_HELP_STRING([--enable-cxx-warnings=@<:@no/minimum/yes@:>@]
- [Turn on compiler warnings.]),,
- [enable_cxx_warnings="m4_default([$1],[minimum])"])
-
- AC_MSG_CHECKING(what warning flags to pass to the C++ compiler)
- warnCXXFLAGS=
- if test "x$GXX" != xyes; then
- enable_cxx_warnings=no
- fi
- if test "x$enable_cxx_warnings" != "xno"; then
- if test "x$GXX" = "xyes"; then
- case " $CXXFLAGS " in
- *[\ \ ]-Wall[\ \ ]*) ;;
- *) warnCXXFLAGS="-Wall -Wno-unused" ;;
- esac
-
- ## -W is not all that useful. And it cannot be controlled
- ## with individual -Wno-xxx flags, unlike -Wall
- if test "x$enable_cxx_warnings" = "xyes"; then
- warnCXXFLAGS="$warnCXXFLAGS -Wshadow -Woverloaded-virtual"
- fi
- fi
- fi
- AC_MSG_RESULT($warnCXXFLAGS)
-
- AC_ARG_ENABLE(iso-cxx,
- AS_HELP_STRING([--enable-iso-cxx],
- [Try to warn if code is not ISO C++ ]),,
- [enable_iso_cxx=no])
-
- AC_MSG_CHECKING(what language compliance flags to pass to the C++ compiler)
- complCXXFLAGS=
- if test "x$enable_iso_cxx" != "xno"; then
- if test "x$GXX" = "xyes"; then
- case " $CXXFLAGS " in
- *[\ \ ]-ansi[\ \ ]*) ;;
- *) complCXXFLAGS="$complCXXFLAGS -ansi" ;;
- esac
-
- case " $CXXFLAGS " in
- *[\ \ ]-pedantic[\ \ ]*) ;;
- *) complCXXFLAGS="$complCXXFLAGS -pedantic" ;;
- esac
- fi
- fi
- AC_MSG_RESULT($complCXXFLAGS)
-
- WARN_CXXFLAGS="$CXXFLAGS $warnCXXFLAGS $complCXXFLAGS"
- AC_SUBST(WARN_CXXFLAGS)
-],
-[[$0: This macro is deprecated. You should use AX_COMPILER_FLAGS instead and
-eliminate use of --enable-iso-cxx.
-See: http://www.gnu.org/software/autoconf-archive/ax_compiler_flags.html#ax_compiler_flags]])
include $(TOPDIR)/rules.mk
PKG_NAME:=grilo
-PKG_VERSION:=0.3.6
-PKG_RELEASE:=4
+PKG_VERSION:=0.3.10
+PKG_RELEASE:=1
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@GNOME/grilo/0.3/
-PKG_HASH:=1e65ca82dd58020451417fde79310d4b940adc3f63ab59997419c52ed3bc9c91
+PKG_HASH:=7e44b2e74c31ed24eb97e43265a9e41effe8660287b02295111805c7bda7f1e8
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
-PKG_BUILD_DEPENDS:=vala/host
+PKG_BUILD_DEPENDS:=meson/host vala/host
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/nls.mk
+include ../../devel/meson/meson.mk
define Package/grilo
SECTION:=multimedia
multimedia content, using a pluggable system.
endef
-CONFIGURE_ARGS += \
- --disable-compile-warnings \
- --disable-debug \
- --disable-gtk-doc-html \
- --disable-introspection \
- --disable-test-ui \
- --disable-vala
+MESON_ARGS += \
+ -Denable-grl-pls=false \
+ -Denable-gtk-doc=false \
+ -Denable-introspection=false \
+ -Denable-test-ui=false \
+ -Denable-vala=false \
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include/
+++ /dev/null
---- a/configure
-+++ b/configure
-@@ -14433,16 +14433,6 @@ else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $IT_PERL_VERSION" >&5
- $as_echo "$IT_PERL_VERSION" >&6; }
- fi
--if test "x" != "xno-xml"; then
-- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for XML::Parser" >&5
--$as_echo_n "checking for XML::Parser... " >&6; }
-- if `$INTLTOOL_PERL -e "require XML::Parser" 2>/dev/null`; then
-- { $as_echo "$as_me:${as_lineno-$LINENO}: result: ok" >&5
--$as_echo "ok" >&6; }
-- else
-- as_fn_error $? "XML::Parser perl module is required for intltool" "$LINENO" 5
-- fi
--fi
-
- # Substitute ALL_LINGUAS so we can use it in po/Makefile
-
PKG_NAME:=gst1-plugins-bad
PKG_VERSION:=1.16.1
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org> \
Ted Hess <thess@kitschensync.net>
--disable-zbar \
--disable-srtp \
\
+ --with-hls-crypto=nettle \
--without-html-dir \
--without-libiconv-prefix \
--without-libintl-prefix \
include $(TOPDIR)/rules.mk
PKG_NAME:=minidlna
-PKG_RELEASE:=1
+PKG_RELEASE:=2
-PKG_SOURCE_URL=git://minidlna.git.sourceforge.net/gitroot/minidlna/minidlna
PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://git.code.sf.net/p/minidlna/git
PKG_SOURCE_DATE:=2018-04-10
PKG_SOURCE_VERSION:=799e6cf505ec470b2bf0ae4118143380aa16b837
PKG_MIRROR_HASH:=67cc817e671de99e5a3f5ed237f89e22470f1de94819bcaba86c0ba821104af5
option serial '12345678'
option model_number '1'
option root_container '.'
+ option uuid ''
list media_dir '/mnt'
option album_art_names 'Cover.jpg/cover.jpg/AlbumArtSmall.jpg/albumartsmall.jpg/AlbumArt.jpg/albumart.jpg/Album.jpg/album.jpg/Folder.jpg/folder.jpg/Thumb.jpg/thumb.jpg'
minidlna_cfg_addstr "$cfg" model_number '1'
minidlna_cfg_addstr "$cfg" minissdpsocket
minidlna_cfg_addstr "$cfg" root_container '.'
+ minidlna_cfg_addstr "$cfg" uuid '019f9a56-ff60-44c0-9edc-eae88d09fa05'
config_list_foreach "$cfg" "media_dir" minidlna_cfg_add_media_dir
return 0
local db_dir
local log_dir
local user
+ local var
config_load 'minidlna'
config_get_bool enabled config 'enabled' '0'
[ "$enabled" -gt 0 ] || return 1
+ config_get val "config" uuid
+ [ "$val" = '' ] && uci set minidlna.config.uuid=$(cat /proc/sys/kernel/random/uuid) && uci commit
+
minidlna_create_config config || return 1
-
+
config_get db_dir config 'db_dir' '/var/run/minidlna'
config_get log_dir config 'log_dir' '/var/log/minidlna'
config_get user config 'user' 'root'
include $(TOPDIR)/rules.mk
PKG_NAME:=mjpg-streamer
-PKG_VERSION:=2018-10-25
-PKG_RELEASE:=3
-PKG_MAINTAINER:=Roger D <rogerdammit@gmail.com>, \
- Ted Hess <thess@kitschensync.net>
+PKG_VERSION:=2019-05-24
+PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://github.com/jacksonliam/mjpg-streamer.git
-PKG_SOURCE_VERSION:=ddb69b7b4f114f3c2ca01adf55712792ca8aed43
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_MIRROR_HASH:=d87ebff5de0c17a35a5b81adad5aa234bc70fe2bb17d1c6277c726845dc043bb
+PKG_SOURCE_URL:=https://github.com/jacksonliam/mjpg-streamer
+PKG_SOURCE_VERSION:=501f6362c5afddcfb41055f97ae484252c85c912
+PKG_MIRROR_HASH:=9e1f098c5092ae6cc70916caf9d45808a312333973524725ae5e729a4af18657
-PKG_LICENSE:=GPL-2.0
+PKG_MAINTAINER:=Roger D <rogerdammit@gmail.com>, \
+ Ted Hess <thess@kitschensync.net>
+PKG_LICENSE:=GPL-2.0-or-later
PKG_LICENSE_FILES:=LICENSE
+PKG_BUILD_PARALLEL:=1
+PKG_BUILD_DEPENDS:=MJPG_STREAMER_V4L2:libv4l zmq protobuf-c/host
+
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/cmake.mk
-PKG_BUILD_DEPENDS:=MJPG_STREAMER_V4L2:libv4l zmq protobuf-c/host
-
define Package/mjpg-streamer
SECTION:=multimedia
CATEGORY:=Multimedia
This package provides simple version of the web content.
endef
+CMAKE_OPTIONS += -DCMAKE_SKIP_RPATH=FALSE
+
CAMBOZOLA:=cambozola-0.936.tar.gz
# Distribution URL doesn't always have the correct version
start_instance() {
local s="$1"
+ local enabled
config_get_bool enabled "$1" 'enabled' 0
- [ $enabled -eq 0 ] && return
+ [ "$enabled" ] || return
+ local input
config_get input "$s" 'input'
- if [ -z "$input" ]; then
+ [ -z "$input" ] && {
error "in section '$s' option input is missing"
return 1
- fi
+ }
+ local output
config_get output "$s" 'output'
- if [ -z "$output" ]; then
+ [ -z "$output" ] && {
error "in section '$s' option output is missing"
return 1
- fi
+ }
local input_arg
- if [ "x$input" = 'xuvc' ]; then
+ [ "x$input" = 'xuvc' ] && {
input_arg="input_uvc.so"
+ local device
config_get device "$s" 'device'
- if [ ! -c "$device" ]; then
+ [ -c "$device" ] || {
error "device '$device' does not exist"
return 1
- fi
+ }
input_arg="${input_arg} --device $device"
+ local fps
config_get fps "$s" 'fps'
[ -n "$fps" ] && input_arg="${input_arg} --fps $fps"
+ local yuv
config_get_bool yuv "$s" 'yuv' 0
- if [ $yuv -ne 0 ]; then
+ [ "$yuv" -ne 0 ] && {
input_arg="${input_arg} --yuv"
+ local quality
config_get quality "$s" 'quality'
[ -n "$quality" ] && input_arg="${input_arg} --quality $quality"
- fi
+ }
+ local resolution
config_get resolution "$s" 'resolution'
[ -n "$resolution" ] && input_arg="${input_arg} --resolution $resolution"
+ local led
config_get led "$s" 'led'
[ -n "$led" ] && input_arg="${input_arg} --led $led"
- fi
+ }
- if [ -z "$input_arg" ]; then
+ [ -z "$input_arg" ] && {
error "unsuported input option '$input' in section '$s'"
return 1
- fi
+ }
local output_arg
- if [ "x$output" = 'xhttp' ]; then
+ [ "x$output" = 'xhttp' ] && {
output_arg="output_http.so"
+ local port
config_get port "$s" 'port'
[ -n "$port" ] && output_arg="${output_arg} --port $port"
+ local listen_ip
config_get listen_ip "$s" 'listen_ip'
[ -n "$listen_ip" ] && output_arg="${output_arg} --listen $listen_ip"
+ local www
config_get www "$s" 'www'
[ -n "$www" ] && output_arg="${output_arg} --www $www"
+ local username
config_get username "$s" 'username'
+ local password
config_get password "$s" 'password'
[ -n "$username" ] && [ -n "$password" ] && output_arg="${output_arg} --credentials $username:$password"
- fi
+ }
- if [ "x$output" = 'xfile' ]; then
+ [ "x$output" = 'xfile' ] && {
output_arg="output_file.so"
+ local folder
config_get folder "$s" 'folder'
[ -n "$folder" ] && output_arg="${output_arg} --folder $folder"
+ local delay
config_get delay "$s" 'delay'
[ -n "$delay" ] && output_arg="${output_arg} --delay $delay"
+ local link
config_get link "$s" 'link'
[ -n "$link" ] && output_arg="${output_arg} --link $link"
+ local ringbuffer
config_get ringbuffer "$s" 'ringbuffer'
[ -n "$ringbuffer" ] && output_arg="${output_arg} --size $ringbuffer"
+ local exceed
config_get exceed "$s" 'exceed'
[ -n "$exceed" ] && output_arg="${output_arg} --exceed $exceed"
+ local command
config_get command "$s" 'command'
[ -n "$command" ] && output_arg="${output_arg} --command $command"
- fi
+ }
- if [ -z "$output_arg" ]; then
+ [ -z "$output_arg" ] && {
error "unsuported output option '$output' in section '$s'"
return 1
- fi
+ }
procd_open_instance
procd_set_param command "$PROG" --input "$input_arg" --output "$output_arg"
PKG_NAME:=motion
PKG_VERSION:=4.2.2
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_MAINTAINER:=Roger D <rogerdammit@gmail.com>
PKG_LICENSE:=GPLv2
endef
define Package/motion/conffiles
+/etc/config/motion
/etc/motion.conf
endef
--without-webp
define Package/motion/install
- $(INSTALL_DIR) $(1)/etc
+ $(INSTALL_DIR) $(1)/etc/config $(1)/etc/init.d
+ $(INSTALL_CONF) ./files/motion.conf $(1)/etc/config/motion
+ $(INSTALL_BIN) ./files/motion.init $(1)/etc/init.d/motion
$(CP) $(PKG_BUILD_DIR)/motion-dist.conf $(1)/etc/motion.conf
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/motion $(1)/usr/bin/
--- /dev/null
+config motion general
+ option enabled '0'
--- /dev/null
+#!/bin/sh /etc/rc.common
+
+START=94
+USE_PROCD=1
+
+PROG="/usr/bin/motion"
+CONF="/etc/motion.conf"
+
+start_service() {
+ local enabled
+
+ config_load "motion"
+ config_get_bool enabled "general" "enabled" 0
+ [ "$enabled" -gt 0 ] || return 1
+
+ procd_open_instance
+
+ procd_set_param command "$PROG"
+ procd_append_param command -c "$CONF"
+
+ procd_close_instance
+}
--- /dev/null
+From c9bef916853c709fbf7f305da36da33ac4881660 Mon Sep 17 00:00:00 2001
+From: Mr-DaveDev <MotionMrDaveDev@gmail.com>
+Date: Sun, 1 Dec 2019 14:30:10 -0700
+Subject: [PATCH] Remove poll option for mhd
+
+closes #1063
+---
+ webu.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/webu.c
++++ b/webu.c
+@@ -1828,7 +1828,7 @@ static void webu_mhd_opts(struct mhdstar
+ static void webu_mhd_flags(struct mhdstart_ctx *mhdst){
+
+ /* This sets the MHD startup flags based upon what user put into configuration */
+- mhdst->mhd_flags = MHD_USE_THREAD_PER_CONNECTION | MHD_USE_POLL| MHD_USE_SELECT_INTERNALLY;
++ mhdst->mhd_flags = MHD_USE_THREAD_PER_CONNECTION;
+
+ if (mhdst->ipv6) mhdst->mhd_flags = mhdst->mhd_flags | MHD_USE_DUAL_STACK;
+
include $(TOPDIR)/rules.mk
PKG_NAME:=v4l2rtspserver
-PKG_VERSION:=0.1.8
+PKG_VERSION:=0.1.9
PKG_RELEASE:=1
#cannot use codeload as this uses submodules
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/mpromonet/v4l2rtspserver
PKG_SOURCE_VERSION:=v$(PKG_VERSION)
-PKG_MIRROR_HASH:=2df448435fa169b1611e619496ec529baa4caa59627a8a508fb6db59c31e42be
+PKG_MIRROR_HASH:=bcb68170f6b6a3560902673c4145d0311d4f661b2ed3d71ed1ee1a58bdde96d2
-LIVE555_VERSION:=2019.08.28
-LIVE555_HASH:=a3dcd157865186cf883c3a80b4bb09637e91fff96b234b2c780a7f7dcc7a35dc
+LIVE555_VERSION:=2019.11.22
+LIVE555_HASH:=cd10fbd2d28d0bc39c12ec57b9f6b13fab3bfc7005f5ac8f9c94a9eb34179e90
LIVE555_FILE:=live.$(LIVE555_VERSION).tar.gz
PKG_MAINTAINER:=Roger Dammit <rogerdammit@gmail.com>
TARGET_CFLAGS += -ffunction-sections -fdata-sections -flto
TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed
-CMAKE_OPTIONS += -DALSA=OFF -DLIVE555CFLAGS="$(TARGET_CFLAGS) -DSOCKLEN_T=socklen_t -D_LARGEFILE_SOURCE=1 -D_FILE_OFFSET_BITS=64 -DLOCALE_NOT_USED -DNO_SSTREAM=1 -DALLOW_RTSP_SERVER_PORT_REUSE=1"
+CMAKE_OPTIONS += -DALSA=OFF -DLIVE555CFLAGS="$(TARGET_CFLAGS) -DSOCKLEN_T=socklen_t -D_LARGEFILE_SOURCE=1 -D_FILE_OFFSET_BITS=64 -DLOCALE_NOT_USED -DNO_SSTREAM=1 -DALLOW_RTSP_SERVER_PORT_REUSE=1 -DVERSION=\\\"$(PKG_VERSION)\\\""
define Build/Prepare
$(Build/Prepare/Default)
include $(TOPDIR)/rules.mk
PKG_NAME:=youtube-dl
-PKG_VERSION:=2019.11.22
+PKG_VERSION:=2020.1.24
PKG_RELEASE:=1
PYPI_NAME:=youtube_dl
-PKG_HASH:=0575efd332cb9817f5a1fffd2a1e569e5a7d3642e7c24c7a5c47cbf70f301f25
+PKG_HASH:=82189f971fbe3f4b2e66a9aba7fb5bdd1b4b8c0876d7cd55382045f5555a5e44
PKG_MAINTAINER:=Adrian Panella <ianchi74@outlook.com>, Josef Schlehofer <pepe.schlehofer@gmail.com>
PKG_LICENSE:=Unlicense
PKG_NAME:=acme
PKG_VERSION:=2.8.3
-PKG_RELEASE:=2
+PKG_RELEASE:=4
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/Neilpang/acme.sh/tar.gz/$(PKG_VERSION)?
option update_uhttpd 1
option update_nginx 1
option webroot ""
+ option dns ""
list domains example.org
is_staging()
{
- local main_domain="$1"
+ local main_domain
+ local domain_dir
+ main_domain="$1"
+ domain_dir="$2"
- grep -q "acme-staging" "$STATE_DIR/$main_domain/${main_domain}.conf"
+ grep -q "acme-staging" "${domain_dir}/${main_domain}.conf"
return $?
}
local webroot
local dns
local ret
+ local domain_dir
config_get_bool enabled "$section" enabled 0
config_get_bool use_staging "$section" use_staging
[ -n "$webroot" ] || [ -n "$dns" ] || pre_checks "$main_domain" || return 1
+ if echo $keylength | grep -q "^ec-"; then
+ domain_dir="$STATE_DIR/${main_domain}_ecc"
+ else
+ domain_dir="$STATE_DIR/${main_domain}"
+ fi
+
log "Running ACME for $main_domain"
handle_credentials() {
}
config_list_foreach "$section" credentials handle_credentials
- if [ -e "$STATE_DIR/$main_domain" ]; then
- if [ "$use_staging" -eq "0" ] && is_staging "$main_domain"; then
+ if [ -e "$domain_dir" ]; then
+ if [ "$use_staging" -eq "0" ] && is_staging "$main_domain" "$domain_dir"; then
log "Found previous cert issued using staging server. Moving it out of the way."
- mv "$STATE_DIR/$main_domain" "$STATE_DIR/$main_domain.staging"
+ mv "$domain_dir" "${domain_dir}.staging"
moved_staging=1
else
log "Found previous cert config. Issuing renew."
fi
if ! run_acme --home "$STATE_DIR" --issue $acme_args; then
- failed_dir="$STATE_DIR/${main_domain}.failed-$(date +%s)"
+ failed_dir="${domain_dir}.failed-$(date +%s)"
err "Issuing cert for $main_domain failed. Moving state to $failed_dir"
- [ -d "$STATE_DIR/$main_domain" ] && mv "$STATE_DIR/$main_domain" "$failed_dir"
+ [ -d "$domain_dir" ] && mv "$domain_dir" "$failed_dir"
if [ "$moved_staging" -eq "1" ]; then
err "Restoring staging certificate"
- mv "$STATE_DIR/${main_domain}.staging" "$STATE_DIR/${main_domain}"
+ mv "${domain_dir}.staging" "${domain_dir}"
fi
post_checks
return 1
fi
if [ -e /etc/init.d/uhttpd ] && [ "$update_uhttpd" -eq "1" ]; then
- uci set uhttpd.main.key="$STATE_DIR/${main_domain}/${main_domain}.key"
- uci set uhttpd.main.cert="$STATE_DIR/${main_domain}/fullchain.cer"
+ uci set uhttpd.main.key="${domain_dir}/${main_domain}.key"
+ uci set uhttpd.main.cert="${domain_dir}/fullchain.cer"
# commit and reload is in post_checks
fi
if [ -e /etc/init.d/nginx ] && [ "$update_nginx" -eq "1" ]; then
- sed -i "s#ssl_certificate\ .*#ssl_certificate $STATE_DIR/${main_domain}/fullchain.cer;#g" /etc/nginx/nginx.conf
- sed -i "s#ssl_certificate_key\ .*#ssl_certificate_key $STATE_DIR/${main_domain}/${main_domain}.key;#g" /etc/nginx/nginx.conf
+ sed -i "s#ssl_certificate\ .*#ssl_certificate ${domain_dir}/fullchain.cer;#g" /etc/nginx/nginx.conf
+ sed -i "s#ssl_certificate_key\ .*#ssl_certificate_key ${domain_dir}/${main_domain}.key;#g" /etc/nginx/nginx.conf
# commit and reload is in post_checks
fi
include $(TOPDIR)/rules.mk
PKG_NAME:=adblock
-PKG_VERSION:=3.8.12
+PKG_VERSION:=3.8.14
PKG_RELEASE:=1
PKG_LICENSE:=GPL-3.0-or-later
PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>
* Daily updates, approx. 1.500 entries
* [openphish](https://openphish.com)
* Numerous updates on the same day, approx. 1.800 entries
- * [ransomware tracker](https://ransomwaretracker.abuse.ch)
- * Daily updates, approx. 150 entries
* [reg_cn](https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt)
* Regional blocklist for China, daily updates, approx. 1.600 entries
* [reg_cz](https://raw.githubusercontent.com/qxstyles/turris-hole-czech-block-list/master/turris-hole-czech-block-list)
* Weekly updates, approx. 21.000 entries
* [ut_capitole](https://dsi.ut-capitole.fr/blacklists) (categories "cryptojacking" "ddos" "malware" "phishing" "warez" enabled by default)
* Daily updates, approx. 64.000 entries (a short description of all categories can be found [online](https://dsi.ut-capitole.fr/blacklists/index_en.php))
- * [whocares](http://someonewhocares.org)
+ * [whocares](https://someonewhocares.org)
* Weekly updates, approx. 12.000 entries
* [winhelp](http://winhelp2002.mvps.org)
* Infrequent updates, approx. 15.000 entries
option adb_src_desc 'focus on phishing, numerous updates on the same day, approx. 2.400 entries'
option enabled '0'
-config source 'ransomware'
- option adb_src 'https://ransomwaretracker.abuse.ch/downloads/RW_DOMBL.txt'
- option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
- option adb_src_desc 'focus on ransomware by abuse.ch, numerous updates on the same day, approx. 1900 entries'
- option enabled '0'
-
config source 'reg_cn'
option adb_src 'https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt'
option adb_src_rset 'BEGIN{FS=\"[|^]\"}/^\|\|([[:alnum:]_-]+\.)+[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
option enabled '0'
config source 'whocares'
- option adb_src 'http://someonewhocares.org/hosts/hosts'
+ option adb_src 'https://someonewhocares.org/hosts/hosts'
option adb_src_rset '/^127\.0\.0\.1[[:space:]]+([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
option adb_src_desc 'broad blocklist, weekly updates, approx. 10.000 entries'
option enabled '0'
#
LC_ALL=C
PATH="/usr/sbin:/usr/bin:/sbin:/bin"
-adb_ver="3.8.12"
+adb_ver="3.8.14"
adb_basever=""
adb_enabled=0
adb_debug=0
adb_blacklist="/etc/adblock/adblock.blacklist"
adb_whitelist="/etc/adblock/adblock.whitelist"
adb_rtfile="/tmp/adb_runtime.json"
+adb_sorttmpdir="/tmp"
adb_portlist="53 853 5353"
adb_report=0
adb_repiface="br-lan"
f_log "err" "backup directory '${adb_backupdir}' does not exist/is not mounted yet, please create the directory or raise the 'adb_triggerdelay' to defer the adblock start"
fi
+ # check sort temp directory
+ #
+ if [ ! -d "${adb_sorttmpdir}" ]
+ then
+ f_log "err" "sort temp directory '${adb_sorttmpdir}' does not exist/is not mounted yet, please create the directory or raise the 'adb_triggerdelay' to defer the adblock start"
+ fi
+
# check fetch utility
#
case "${adb_fetchutil}" in
adb_fetchparm="${adb_fetchparm:-"-O"}"
;;
"curl")
- adb_fetchparm="${adb_fetchparm:-"--connect-timeout 10 --insecure -o"}"
+ adb_fetchparm="${adb_fetchparm:-"--connect-timeout 10 --silent --show-error --location --insecure -o"}"
ssl_lib="built-in"
;;
"aria2c")
out_rc="${?}"
if [ "${out_rc}" -eq 0 ]
then
- adb_whitelist_rset="/^([[:alnum:]_-]+\\.)+[[:alpha:]]+([[:space:]]|$)/{gsub(\"\\\\.\",\"\\\\.\",\$1);print tolower(\"^\"\$1\"\\\\|\\\\.\"\$1)}"
+ adb_whitelist_rset="/^([[:alnum:]_-]+\\.)+[[:alpha:]]+([[:space:]]|$)/{gsub(\"\\\\.\",\"\\\\.\",\$1);print tolower(\"^(|.*\\\\.)\"\$1\"$\")}"
awk "${adb_whitelist_rset}" "${adb_tmpdir}/tmp.raw.${mode}" > "${adb_tmpdir}/tmp.rem.${mode}"
out_rc="${?}"
if [ "${out_rc}" -eq 0 ] && [ -n "${adb_dnsallow}" ]
out_rc="${?}"
fi
fi
+ rm -f "${adb_tmpdir}/tmp.raw.${mode}"
fi
;;
"backup")
fi
if [ -s "${adb_tmpdir}/tmp.rem.whitelist" ]
then
- grep -vf "${adb_tmpdir}/tmp.rem.whitelist" "${adb_tmpdir}/${adb_dnsfile}" | eval "${adb_dnsdeny}" >> "${adb_dnsdir}/${adb_dnsfile}"
+ egrep -vf "${adb_tmpdir}/tmp.rem.whitelist" "${adb_tmpdir}/${adb_dnsfile}" | eval "${adb_dnsdeny}" >> "${adb_dnsdir}/${adb_dnsfile}"
else
eval "${adb_dnsdeny}" "${adb_tmpdir}/${adb_dnsfile}" >> "${adb_dnsdir}/${adb_dnsfile}"
fi
awk 'BEGIN{FS="."}{for(f=NF;f>1;f--)printf "%s.",$f;print $1}' "${source}" > "${temp_tld}"
if [ "${?}" -eq 0 ]
then
- sort -u "${temp_tld}" > "${source}"
+ sort -T "${adb_sorttmpdir}" -u "${temp_tld}" > "${source}"
if [ "${?}" -eq 0 ]
then
cnt_srt="$(wc -l 2>/dev/null < "${source}")"
fi
fi
else
- sort -u "${source}" > "${temp_tld}"
+ sort -T "${adb_sorttmpdir}" -u "${source}" > "${temp_tld}"
if [ "${?}" -eq 0 ]
then
mv -f "${temp_tld}" "${source}"
mem_total="$(awk '/^MemTotal/ {print int($2/1000)}' "/proc/meminfo" 2>/dev/null)"
mem_free="$(awk '/^MemFree/ {print int($2/1000)}' "/proc/meminfo" 2>/dev/null)"
f_log "debug" "f_main ::: dns: ${adb_dns}, fetch_util: ${adb_fetchinfo}, force_dns: ${adb_forcedns}, mem_total: ${mem_total:-0}, mem_free: ${mem_free:-0}, max_queue: ${adb_maxqueue}"
-
+
# main loop
#
f_list blacklist
if [ -s "${adb_repdir}/adb_report.raw" ]
then
awk '{printf("%s\t%s\t%s\t%s\t%s\t%s\n", $4,$5,$1,$2,$3,$4)}' "${adb_repdir}/adb_report.raw" | \
- sort -ur | uniq -uf2 | awk '{currA=($6+0);currB=$6;currC=substr($6,length($6),1);
- if(reqA==currB){reqA=0;printf("%s\t%s\n",d,$2)}else if(currC=="+"){reqA=currA;d=$3"\t"$4"\t"$5"\t"$2}}' | sort -ur > "${adb_repdir}/adb_report"
+ sort -T "${adb_sorttmpdir}" -ur | uniq -uf2 | awk '{currA=($6+0);currB=$6;currC=substr($6,length($6),1);
+ if(reqA==currB){reqA=0;printf("%s\t%s\n",d,$2)}else if(currC=="+"){reqA=currA;d=$3"\t"$4"\t"$5"\t"$2}}' | sort -T "${adb_sorttmpdir}" -ur > "${adb_repdir}/adb_report"
fi
if [ -s "${adb_repdir}/adb_report" ]
total="$(wc -l < "${adb_repdir}/adb_report")"
blocked="$(awk '{if($5=="NX")print $4}' "${adb_repdir}/adb_report" | wc -l)"
percent="$(awk -v t="${total}" -v b="${blocked}" 'BEGIN{printf("%.2f %s\n",b/t*100, "%")}')"
- rep_clients="$(awk '{print $3}' "${adb_repdir}/adb_report" | sort | uniq -c | sort -r | awk '{ORS=" ";if(NR<=10) printf("%s_%s ",$1,$2)}')"
- rep_domains="$(awk '{if($5!="NX")print $4}' "${adb_repdir}/adb_report" | sort | uniq -c | sort -r | awk '{ORS=" ";if(NR<=10)printf("%s_%s ",$1,$2)}')"
- rep_blocked="$(awk '{if($5=="NX")print $4}' "${adb_repdir}/adb_report" | sort | uniq -c | sort -r | awk '{ORS=" ";if(NR<=10)printf("%s_%s ",$1,$2)}')"
+ rep_clients="$(awk '{print $3}' "${adb_repdir}/adb_report" | sort -T "${adb_sorttmpdir}" | uniq -c | sort -T "${adb_sorttmpdir}" -r | awk '{ORS=" ";if(NR<=10) printf("%s_%s ",$1,$2)}')"
+ rep_domains="$(awk '{if($5!="NX")print $4}' "${adb_repdir}/adb_report" | sort -T "${adb_sorttmpdir}" | uniq -c | sort -T "${adb_sorttmpdir}" -r | awk '{ORS=" ";if(NR<=10)printf("%s_%s ",$1,$2)}')"
+ rep_blocked="$(awk '{if($5=="NX")print $4}' "${adb_repdir}/adb_report" | sort -T "${adb_sorttmpdir}" | uniq -c | sort -T "${adb_sorttmpdir}" -r | awk '{ORS=" ";if(NR<=10)printf("%s_%s ",$1,$2)}')"
> "${adb_repdir}/adb_report.json"
json_load_file "${adb_repdir}/adb_report.json" >/dev/null 2>&1
PKG_NAME:=addrwatch
PKG_VERSION:=1.0.1
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/fln/addrwatch/tar.gz/v$(PKG_VERSION)?
--- /dev/null
+--- a/src/addrwatch.c
++++ b/src/addrwatch.c
+@@ -4,6 +4,7 @@
+ #include <signal.h>
+ #include <strings.h>
+ #include <unistd.h>
++#include <limits.h>
+ #include <pwd.h>
+ #include <grp.h>
+ #include <argp.h>
+++ /dev/null
-menu "Configuration"
- depends on PACKAGE_apache
-
-config APACHE_HTTP2
- bool
- prompt "Enable HTTP2"
- help
- Enable HTTPS2 support.
- default n
-
-endmenu
include $(TOPDIR)/rules.mk
PKG_NAME:=apache
-PKG_VERSION:=2.4.37
-PKG_RELEASE:=2
+PKG_VERSION:=2.4.41
+PKG_RELEASE:=3
PKG_SOURCE_NAME:=httpd
PKG_SOURCE:=$(PKG_SOURCE_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=@APACHE/httpd/
-PKG_HASH:=3498dc5c6772fac2eb7307dc7963122ffe243b5e806e0be4fb51974ff759d726
+PKG_HASH:=133d48298fe5315ae9366a0ec66282fa4040efa5d566174481077ade7d18ea40
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_SOURCE_NAME)-$(PKG_VERSION)
-PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>
-PKG_LICENSE:=Apache License
+PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>, \
+ Sebastian Kemper <sebastian_ml@gmx.net>
+PKG_LICENSE:=Apache-2.0
+PKG_LICENSE_FILES:=LICENSE
+
PKG_CPE_ID:=cpe:/a:apache:http_server
-PKG_INSTALL:=1
+PKG_BUILD_DEPENDS:=openssl
+
+PKG_BUILD_PARALLEL:=1
PKG_CONFIG_DEPENDS:= \
- CONFIG_APACHE_HTTP2
+ CONFIG_PACKAGE_apache-mod-deflate \
+ CONFIG_PACKAGE_apache-mod-http2 \
+ CONFIG_PACKAGE_apache-mod-ldap \
+ CONFIG_PACKAGE_apache-mod-lua \
+ CONFIG_PACKAGE_apache-mod-md \
+ CONFIG_PACKAGE_apache-mod-proxy \
+ CONFIG_PACKAGE_apache-mod-proxy-html \
+ CONFIG_PACKAGE_apache-mod-session-crypto \
+ CONFIG_PACKAGE_apache-mod-suexec \
+ CONFIG_PACKAGE_apache-mod-webdav \
+ CONFIG_PACKAGE_apache-suexec
-ADDITIONAL_MODULES:=
-ifeq ($(CONFIG_APACHE_HTTP2),y)
- ADDITIONAL_MODULES += --enable-http2
-endif
-ifneq ($(CONFIG_APACHE_HTTP2),y)
- ADDITIONAL_MODULES += --enable-http2=no
-endif
+PKG_FIXUP:=autoreconf
+
+PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
+# without nls.mk mod_xml2enc might not find the iconv headers
+include $(INCLUDE_DIR)/nls.mk
define Package/apache/Default
SECTION:=net
endef
define Package/apache/Default/description
- The Apache Web Server is a powerful and flexible HTTP/1.1 compliant
- web server. Originally designed as a replacement for the NCSA HTTP
- Server, it has grown to be the most popular web server on the Internet.
-endef
-
-define Package/apache/config
- source "$(SOURCE)/Config.in"
+The Apache HTTP Server Project is a collaborative software development
+effort aimed at creating a robust, commercial-grade, featureful, and
+freely-available source code implementation of an HTTP (Web) server.
endef
define Package/apache
$(call Package/apache/Default)
- DEPENDS:=+libapr +libaprutil +libpcre +libopenssl +unixodbc +zlib +APACHE_HTTP2:libnghttp2
+ USERID:=apache=377:apache=377
+ DEPENDS:=+libapr +libaprutil +libpcre
endef
define Package/apache/description
$(call Package/apache/Default/description)
- .
- This package contains the Apache web server and utility programs.
- .
- Take care that you don't include apache at the moment into your image
- please select it only as module because busybox will override
- /usr/sbin/httpd. It'll be solved soon. If you need to include this
- package in the image anyway, remove httpd from busybox
- (Base system --> Configuration --> Networking Utilities --> httpd).
- Also you should take care for the initscripts, apache's httpd isn't
- compatible with the one from busybox, so if you want to use apache
- for running your webif, you'll need to change the parameters in the
- scripts and configure the rest in /etc/httpd.conf.
+
+This package contains the Apache web server and utility programs.
+
endef
define Package/apache/conffiles
-/etc/apache/httpd.conf
-/etc/apache/extra/httpd-autoindex.conf
-/etc/apache/extra/httpd-dav.conf
-/etc/apache/extra/httpd-default.conf
-/etc/apache/extra/httpd-info.conf
-/etc/apache/extra/httpd-languages.conf
-/etc/apache/extra/httpd-manual.conf
-/etc/apache/extra/httpd-mpm.conf
-/etc/apache/extra/httpd-multilang-errordoc.conf
-/etc/apache/extra/httpd-ssl.conf
-/etc/apache/extra/httpd-userdir.conf
-/etc/apache/extra/httpd-vhosts.conf
-/etc/apache/magic
-/etc/apache/mime.types
+/etc/apache2/httpd.conf
+/etc/apache2/extra/httpd-autoindex.conf
+/etc/apache2/extra/httpd-dav.conf
+/etc/apache2/extra/httpd-default.conf
+/etc/apache2/extra/httpd-info.conf
+/etc/apache2/extra/httpd-languages.conf
+/etc/apache2/extra/httpd-manual.conf
+/etc/apache2/extra/httpd-mpm.conf
+/etc/apache2/extra/httpd-multilang-errordoc.conf
+/etc/apache2/extra/httpd-ssl.conf
+/etc/apache2/extra/httpd-userdir.conf
+/etc/apache2/extra/httpd-vhosts.conf
+/etc/apache2/extra/proxy-html.conf
+/etc/apache2/magic
+/etc/apache2/mime.types
+/etc/init.d/apache
+endef
+
+define Package/apache-ab
+$(call Package/apache/Default)
+ TITLE:=Apache benchmark utility
+ DEPENDS:=apache +libopenssl
+endef
+
+define Package/apache-ab/description
+$(call Package/apache/Default/description)
+
+Apache server benchmarking utility.
+
+endef
+
+define Package/apache-error
+$(call Package/apache/Default)
+ TITLE:=Error documents
+ DEPENDS:=apache
+endef
+
+define Package/apache-error/description
+$(call Package/apache/Default/description)
+
+Apache multi language custom error documents.
+
endef
define Package/apache-icons
define Package/apache-icons/description
$(call Package/apache/Default/description)
- .
- This package contains the icons from Apache.
-endef
-
-TARGET_CFLAGS += $(FPIC) -Wno-error
-TARGET_CPPFLAGS += -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE
-TARGET_LDFLAGS += -lpthread
-
-define Build/Configure
- $(call Build/Configure/Default, \
- --with-apr="$(STAGING_DIR)/usr/bin/apr-1-config" \
- --with-apr-util="$(STAGING_DIR)/usr/bin/apu-1-config" \
- --with-pcre="$(STAGING_DIR)/usr/bin/pcre-config" \
- $(ADDITIONAL_MODULES) \
- --enable-http \
- --with-crypto \
- --with-sqlit3="$(STAGING_DIR)/usr" \
- --with-openssl="$(STAGING_DIR)/usr" \
- --enable-ssl \
- --enable-proxy \
- --disable-md \
- --disable-disk-cache \
- --enable-maintainer-mode \
- --with-mpm=prefork \
- --with-mpm=worker \
- --enable-mime-magic \
- --without-suexec-bin \
- --sysconfdir=/etc/apache \
- ap_cv_void_ptr_lt_long=no \
- logfiledir="/var/log" \
- runtimedir="/var/run" \
- EXTRA_LIBS="-ldl -lpthread -lcrypto -lrt -lssl" \
- )
+
+This package contains the icons from Apache.
+
endef
-define Build/InstallDev
- rm -rf $(PKG_INSTALL_DIR)/usr/man/ \
- $(PKG_INSTALL_DIR)/usr/share/manual/
- # if you need docs take a look into the build-dir :)
- $(INSTALL_DIR) $(1)/etc
- $(CP) $(PKG_INSTALL_DIR)/etc/* \
- $(1)/etc
- $(INSTALL_DIR) $(1)/usr/include/apache
- $(CP) $(PKG_INSTALL_DIR)/usr/include/* \
- $(1)/usr/include/apache
- $(INSTALL_DIR) $(1)/usr/lib
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/httpd.exp \
- $(1)/usr/lib
- $(INSTALL_DIR) $(1)/usr/sbin
- $(CP) $(PKG_INSTALL_DIR)/usr/sbin/* \
- $(1)/usr/sbin
- $(INSTALL_DIR) $(1)/usr/share
- $(CP) $(PKG_INSTALL_DIR)/usr/share/* \
- $(1)/usr/share
+define Package/apache-suexec
+$(call Package/apache/Default)
+ TITLE:=Apache suEXEC
+ DEPENDS:=apache
+endef
+
+define Package/apache-suexec/description
+$(call Package/apache/Default/description)
+
+This package contains the suEXEC utility from Apache.
+
+endef
+
+define Package/apache-utils
+$(call Package/apache/Default)
+ TITLE:=Apache utilities
+ DEPENDS:=apache
endef
-define Package/apache/preinst
- rm /usr/sbin/httpd
- echo -e "You should take a look in the initscripts, busybox's httpd \n\
- uses some parameters which are maybe unsupported by apache."
+define Package/apache-utils/description
+$(call Package/apache/Default/description)
+
+Apache utility programs for webservers.
+
+endef
+
+define Package/apache/install/mod
+ $(INSTALL_DIR) $(1)/usr/lib/apache2
+ $(INSTALL_BIN) \
+ $(PKG_INSTALL_DIR)/usr/lib/apache2/mod_$(2).so \
+ $(1)/usr/lib/apache2
+endef
+
+CONFIGURE_ARGS+= \
+ --$(if $(CONFIG_PACKAGE_apache-mod-http2),en,dis)able-http2 \
+ --$(if $(CONFIG_PACKAGE_apache-mod-lua),en,dis)able-lua \
+ --$(if $(CONFIG_PACKAGE_apache-mod-md),en,dis)able-md \
+ --$(if $(CONFIG_PACKAGE_apache-mod-proxy),en,dis)able-proxy \
+ --$(if $(CONFIG_PACKAGE_apache-mod-session-crypto),en,dis)able-session-crypto \
+ --$(if $(CONFIG_PACKAGE_apache-mod-ssl),en,dis)able-ssl \
+ --datadir=/usr/share/apache2 \
+ --disable-imagemap \
+ --disable-luajit \
+ --enable-authn-alias \
+ --enable-authn-anon \
+ --enable-cache \
+ --enable-cgi \
+ --enable-cgid \
+ --enable-dbd \
+ --enable-disk-cache \
+ --enable-exception-hook \
+ --enable-file-cache \
+ --enable-layout=OpenWrt \
+ --enable-mem-cache \
+ --enable-mods-shared=all \
+ --enable-mpms-shared=all \
+ --enable-so \
+ --libexecdir=/usr/lib/apache2 \
+ --sysconfdir=/etc/apache2 \
+ --with-apr-util="$(STAGING_DIR)/usr/bin/apu-1-config" \
+ --with-apr="$(STAGING_DIR)/usr/bin/apr-1-config" \
+ --with-mpm=prefork \
+ --with-pcre="$(STAGING_DIR)/usr/bin/pcre-config" \
+ --with-ssl
+
+ifneq ($(CONFIG_PACKAGE_apache-mod-deflate),)
+CONFIGURE_ARGS+= \
+ --enable-deflate \
+ --with-z="$(STAGING_DIR)/usr"
+else
+CONFIGURE_ARGS+= \
+ --disable-deflate \
+ --without-z
+endif
+
+ifneq ($(CONFIG_PACKAGE_apache-mod-ldap),)
+CONFIGURE_ARGS+= \
+ --enable-authnz-ldap \
+ --enable-ldap
+else
+CONFIGURE_ARGS+= \
+ --disable-authnz-ldap \
+ --disable-ldap
+endif
+
+ifneq ($(CONFIG_PACKAGE_apache-mod-proxy),)
+CONFIGURE_ARGS+= \
+ --enable-proxy \
+ --enable-proxy-connect \
+ --enable-proxy-ftp \
+ --enable-proxy-http
+else
+CONFIGURE_ARGS+= \
+ --disable-proxy
+endif
+
+ifneq ($(CONFIG_PACKAGE_apache-mod-proxy-html),)
+CONFIGURE_ARGS+= \
+ --enable-proxy-html \
+ --enable-xml2enc \
+ --with-libxml2="$(STAGING_DIR)/usr"
+else
+CONFIGURE_ARGS+= \
+ --disable-proxy-html \
+ --disable-xml2enc
+endif
+
+ifneq ($(CONFIG_PACKAGE_apache-mod-suexec)$(CONFIG_PACKAGE_apache-suexec),)
+CONFIGURE_ARGS+= \
+ --enable-suexec \
+ --with-suexec-bin=/usr/sbin/suexec \
+ --with-suexec-caller=apache \
+ --with-suexec-docroot=/var/www \
+ --with-suexec-logfile=/var/log/apache2/suexec.log \
+ --with-suexec-uidmin=99 \
+ --with-suexec-gidmin=99
+else
+CONFIGURE_ARGS+= \
+ --disable-suexec
+endif
+
+ifneq ($(CONFIG_PACKAGE_apache-mod-webdav),)
+CONFIGURE_ARGS+= \
+ --enable-dav \
+ --enable-dav-fs \
+ --enable-dav-lock
+else
+CONFIGURE_ARGS+= \
+ --disable-dav
+endif
+
+CONFIGURE_VARS += \
+ ap_cv_void_ptr_lt_long=no
+
+define Build/Prepare
+ $(call Build/Prepare/Default)
+ $(INSTALL_DATA) ./files/openwrt.layout $(PKG_BUILD_DIR)/config.layout
+endef
+
+define Build/InstallDev
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/apxs $(1)/usr/bin
+ $(INSTALL_DIR) $(1)/usr/include/apache2
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/include/apache2/* \
+ $(1)/usr/include/apache2
+ $(INSTALL_DIR) $(1)/usr/lib/apache2
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/apache2/httpd.exp \
+ $(1)/usr/lib/apache2
+ $(INSTALL_DIR) $(1)/usr/share/apache2/build
+ $(CP) $(PKG_INSTALL_DIR)/usr/share/apache2/build/* \
+ $(1)/usr/share/apache2/build
+ $(SED) 's%/usr/share/apache2/build%$(STAGING_DIR)/usr/share/apache2/build%' \
+ $(1)/usr/bin/apxs
+ $(SED) 's%^prefix =.*%prefix = $(STAGING_DIR)/usr%' \
+ $(1)/usr/share/apache2/build/config_vars.mk
endef
define Package/apache/install
- $(INSTALL_DIR) $(1)/usr/sbin
- # we don't need apxs on the router, it's just for building apache modules.
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{ab,dbmmanage,htdbm,htdigest,htpasswd,httxt2dbm,logresolve} $(1)/usr/sbin/
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/{apachectl,checkgid,envvars,envvars-std,htcacheclean,httpd,rotatelogs} $(1)/usr/sbin/
- $(INSTALL_DIR) $(1)/usr/lib
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/httpd.exp $(1)/usr/lib/
- $(INSTALL_DIR) $(1)/usr/share
- $(CP) $(PKG_INSTALL_DIR)/usr/share/{error,htdocs,cgi-bin,build} $(1)/usr/share/
- $(INSTALL_DIR) $(1)/etc/apache
- $(CP) $(PKG_INSTALL_DIR)/etc/apache/{httpd.conf,magic,mime.types,extra} $(1)/etc/apache/
+ $(INSTALL_DIR) $(1)/etc/apache2/extra
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/apache2/extra/* \
+ $(1)/etc/apache2/extra
+ $(INSTALL_DATA) \
+ $(PKG_INSTALL_DIR)/etc/apache2/{httpd.conf,magic,mime.types} \
+ $(1)/etc/apache2
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) ./files/apache.init $(1)/etc/init.d/apache
+ $(INSTALL_DIR) $(1)/usr/lib/apache2
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/apache2/*.so \
+ $(1)/usr/lib/apache2
+ rm -f $(1)/usr/lib/apache2/mod_{*ldap,dav*,deflate,http2,lbmethod_*,lua,md,proxy*,proxy_html,session_crypto,ssl,suexec,xml2enc}.so
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/apache2/httpd.exp \
+ $(1)/usr/lib/apache2
+ $(INSTALL_DIR) $(1)/usr/share/apache2/{cgi-bin,htdocs}
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/apache2/cgi-bin/* \
+ $(1)/usr/share/apache2/cgi-bin
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/apache2/htdocs/* \
+ $(1)/usr/share/apache2/htdocs
+ $(INSTALL_DIR) $(1)/usr/{,s}bin
+ $(INSTALL_BIN) \
+ $(PKG_INSTALL_DIR)/usr/bin/{dbmmanage,htdbm,htdigest,htpasswd,httxt2dbm,logresolve} \
+ $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/{apachectl,httpd} \
+ $(1)/usr/sbin
+endef
+
+define Package/apache-ab/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/ab $(1)/usr/bin
endef
-define Package/apache/postrm
- rm -rf /usr/sbin/httpd
- ln -s /bin/busybox /usr/sbin/httpd
- echo -e "You may need to change your initscripts back for the use \n\
- with busybox's httpd."
+define Package/apache-error/install
+ $(INSTALL_DIR) $(1)/usr/share/apache2/error
+ $(CP) $(PKG_INSTALL_DIR)/usr/share/apache2/error/* \
+ $(1)/usr/share/apache2/error
endef
define Package/apache-icons/install
- $(INSTALL_DIR) $(1)/usr/share
- $(CP) $(PKG_INSTALL_DIR)/usr/share/icons $(1)/usr/share/
+ $(INSTALL_DIR) $(1)/usr/share/apache2
+ $(CP) $(PKG_INSTALL_DIR)/usr/share/apache2/icons \
+ $(1)/usr/share/apache2
+endef
+
+define Package/apache-suexec/install
+ $(INSTALL_DIR) $(1)/usr/sbin
+ $(CP) $(PKG_INSTALL_DIR)/usr/sbin/suexec $(1)/usr/sbin
+endef
+
+define Package/apache-utils/install
+ $(INSTALL_DIR) $(1)/usr/sbin
+ $(INSTALL_BIN) \
+ $(PKG_INSTALL_DIR)/usr/sbin/{checkgid,envvars*,htcacheclean,rotatelogs} \
+ $(1)/usr/sbin
+endef
+
+define Package/apache/Module
+define Package/apache-mod-$(1)
+$(call Package/apache/Default)
+ TITLE:=$(2) module
+ DEPENDS:=apache $(patsubst +%,+PACKAGE_apache-mod-$(1):%,$(4))
+endef
+define Package/apache-mod-$(1)/description
+$(subst \n,$(newline),$(3))
+endef
+define Package/apache-mod-$(1)/install
+$(foreach m,$(5),$(call Package/apache/install/mod,$$(1),$(m));)
+endef
+$$(eval $$(call BuildPackage,apache-mod-$(1)))
endef
$(eval $(call BuildPackage,apache))
+$(eval $(call BuildPackage,apache-ab))
+$(eval $(call BuildPackage,apache-error))
$(eval $(call BuildPackage,apache-icons))
+$(eval $(call BuildPackage,apache-suexec))
+$(eval $(call BuildPackage,apache-utils))
+$(eval $(call Package/apache/Module,deflate,Deflate,Deflate support for the Apache HTTP server.,+zlib,deflate))
+$(eval $(call Package/apache/Module,http2,HTTP2,HTTP/2 transport layer for the Apache HTTP Server.,+libnghttp2 +libopenssl,http2))
+$(eval $(call Package/apache/Module,ldap,LDAP,LDAP authentication/authorization module for the Apache HTTP Server.,+libaprutil-ldap,authnz_ldap ldap))
+$(eval $(call Package/apache/Module,lua,Lua,Lua support for the Apache HTTP server.,+liblua,lua))
+$(eval $(call Package/apache/Module,md,Managed Domain handling,Managed Domain handling.,+libcurl +jansson +libopenssl,md))
+$(eval $(call Package/apache/Module,proxy,Proxy,Proxy modules for the Apache HTTP Server.,,proxy proxy_ajp proxy_balancer proxy_connect proxy_express proxy_fcgi proxy_fdpass proxy_ftp proxy_hcheck proxy_http proxy_scgi proxy_uwsgi proxy_wstunnel lbmethod_byrequests lbmethod_heartbeat lbmethod_bytraffic lbmethod_bybusyness))
+$(eval $(call Package/apache/Module,proxy-html,Proxy HTML,HTML and XML content filters for the Apache HTTP Server.,+apache-mod-proxy +libxml2,proxy_html xml2enc))
+$(eval $(call Package/apache/Module,session-crypto,Session crypto,Session encryption support for the Apache HTTP Server.,+libaprutil-crypto-openssl,session_crypto))
+$(eval $(call Package/apache/Module,ssl,SSL/TLS,SSL/TLS module for the Apache HTTP Server.,+libopenssl,ssl))
+$(eval $(call Package/apache/Module,suexec,suEXEC,suEXEC module for the Apache HTTP Server.,+apache-suexec,suexec))
+$(eval $(call Package/apache/Module,webdav,WebDAV,WebDAV support for the Apache HTTP Server.,,dav dav_fs dav_lock))
--- /dev/null
+#!/bin/sh /etc/rc.common
+
+START=99
+
+reload() {
+ apachectl -k restart
+}
+
+restart() {
+ apachectl -k restart
+}
+
+start() {
+ mkdir -p /var/log/apache2 /var/run/apache2
+ apachectl -k start
+}
+
+stop() {
+ apachectl -k stop
+}
--- /dev/null
+
+<Layout OpenWrt>
+ prefix: /usr
+ exec_prefix: ${prefix}
+ bindir: ${prefix}/bin
+ sbindir: ${prefix}/sbin
+ libdir: ${prefix}/lib
+ libexecdir: ${prefix}/lib+
+ mandir: ${prefix}/share/man
+ sysconfdir: /etc+
+ datadir: ${prefix}/share+
+ installbuilddir: ${datadir}/build
+ errordir: ${datadir}/error
+ iconsdir: ${datadir}/icons
+ htdocsdir: ${datadir}/htdocs
+ manualdir: /usr/share/doc/apache2/manual
+ cgidir: ${datadir}/cgi-bin
+ includedir: ${prefix}/include+
+ localstatedir: /var
+ runtimedir: ${localstatedir}/run+
+ logfiledir: ${localstatedir}/log+
+ proxycachedir: ${localstatedir}/cache/apache2
+</Layout>
+
+++ /dev/null
---- a/server/Makefile.in
-+++ b/server/Makefile.in
-@@ -29,7 +29,10 @@ gen_test_char: $(gen_test_char_OBJECTS)
- $(LINK) $(EXTRA_LDFLAGS) $(gen_test_char_OBJECTS) $(EXTRA_LIBS)
-
- test_char.h: gen_test_char
-- ./gen_test_char > test_char.h
-+ true
-+# ./gen_test_char > test_char.h
-+# doesn't matter if you run it on the buildhost or on an wl500gd,
-+# same output on both, so i just patched in the test_char.h :).
-
- util.lo: test_char.h
-
--- /dev/null
+Fix cross-compilation
+
+Fetched httpd-2.4.x-cross_compile.diff from upstream bugtracker:
+https://issues.apache.org/bugzilla/show_bug.cgi?id=51257#c6
+
+which is a bundle of upstream revisions:
+ http://svn.apache.org/viewvc?view=revision&revision=1327907
+ http://svn.apache.org/viewvc?view=revision&revision=1328390
+ http://svn.apache.org/viewvc?view=revision&revision=1328714
+
+Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
+
+--- a/server/Makefile.in
++++ b/server/Makefile.in
+@@ -24,9 +24,14 @@ TARGETS = delete-exports $(LTLIBRARY_NAM
+ include $(top_builddir)/build/rules.mk
+ include $(top_srcdir)/build/library.mk
+
++ifdef CC_FOR_BUILD
++gen_test_char: gen_test_char.c
++ $(CC_FOR_BUILD) $(CFLAGS_FOR_BUILD) -DCROSS_COMPILE -o $@ $<
++else
+ gen_test_char_OBJECTS = gen_test_char.lo
+ gen_test_char: $(gen_test_char_OBJECTS)
+ $(LINK) $(EXTRA_LDFLAGS) $(gen_test_char_OBJECTS) $(EXTRA_LIBS)
++endif
+
+ test_char.h: gen_test_char
+ ./gen_test_char > test_char.h
+--- a/configure.in
++++ b/configure.in
+@@ -206,6 +206,14 @@ AC_PROG_CPP
+ dnl Try to get c99 support for variadic macros
+ ifdef([AC_PROG_CC_C99], [AC_PROG_CC_C99])
+
++dnl In case of cross compilation we set CC_FOR_BUILD to cc unless
++dnl we got already CC_FOR_BUILD from environment.
++if test "x${build_alias}" != "x${host_alias}"; then
++ if test "x${CC_FOR_BUILD}" = "x"; then
++ CC_FOR_BUILD=cc
++ fi
++fi
++
+ if test "x${cache_file}" = "x/dev/null"; then
+ # Likewise, ensure that CC and CPP are passed through to the pcre
+ # configure script iff caching is disabled (the autoconf 2.5x default).
+--- a/acinclude.m4
++++ b/acinclude.m4
+@@ -55,6 +55,8 @@ AC_DEFUN([APACHE_GEN_CONFIG_VARS],[
+ APACHE_SUBST(CPPFLAGS)
+ APACHE_SUBST(CFLAGS)
+ APACHE_SUBST(CXXFLAGS)
++ APACHE_SUBST(CC_FOR_BUILD)
++ APACHE_SUBST(CFLAGS_FOR_BUILD)
+ APACHE_SUBST(LTFLAGS)
+ APACHE_SUBST(LDFLAGS)
+ APACHE_SUBST(LT_LDFLAGS)
+++ /dev/null
-Index: httpd-2.4.25/server/test_char.h
-===================================================================
---- /dev/null
-+++ httpd-2.4.25/server/test_char.h
-@@ -0,0 +1,23 @@
-+/* this file is automatically generated by gen_test_char, do not edit */
-+#define T_ESCAPE_SHELL_CMD (1)
-+#define T_ESCAPE_PATH_SEGMENT (2)
-+#define T_OS_ESCAPE_PATH (4)
-+#define T_HTTP_TOKEN_STOP (8)
-+#define T_ESCAPE_LOGITEM (16)
-+#define T_ESCAPE_FORENSIC (32)
-+
-+static const unsigned char test_char_table[256] = {
-+ 32,62,62,62,62,62,62,62,62,62,63,62,62,62,62,62,62,62,62,62,
-+ 62,62,62,62,62,62,62,62,62,62,62,62,14,0,23,6,1,38,1,1,
-+ 9,9,1,0,8,0,0,10,0,0,0,0,0,0,0,0,0,0,40,15,
-+ 15,8,15,15,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-+ 0,0,0,0,0,0,0,0,0,0,0,15,31,15,7,0,7,0,0,0,
-+ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-+ 0,0,0,15,39,15,1,62,54,54,54,54,54,54,54,54,54,54,54,54,
-+ 54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,
-+ 54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,
-+ 54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,
-+ 54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,
-+ 54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,
-+ 54,54,54,54,54,54,54,54,54,54,54,54,54,54,54,54
-+};
-Index: httpd-2.4.25/server/util.c
-===================================================================
---- httpd-2.4.25.orig/server/util.c
-+++ httpd-2.4.25/server/util.c
-@@ -96,6 +96,16 @@
- #undef APLOG_MODULE_INDEX
- #define APLOG_MODULE_INDEX AP_CORE_MODULE_INDEX
-
-+#define T_ESCAPE_SHELL_CMD (0x01)
-+#define T_ESCAPE_PATH_SEGMENT (0x02)
-+#define T_OS_ESCAPE_PATH (0x04)
-+#define T_HTTP_TOKEN_STOP (0x08)
-+#define T_ESCAPE_LOGITEM (0x10)
-+#define T_ESCAPE_FORENSIC (0x20)
-+#define T_ESCAPE_URLENCODED (0x40)
-+#define T_HTTP_CTRLS (0x80)
-+#define T_VCHAR_OBSTEXT (0x100)
-+
- /*
- * Examine a field value (such as a media-/content-type) string and return
- * it sans any parameters; e.g., strip off any ';charset=foo' and the like.
+++ /dev/null
-Index: httpd-2.4.25/build/mkconfNW.awk
-===================================================================
---- httpd-2.4.25.orig/build/mkconfNW.awk
-+++ httpd-2.4.25/build/mkconfNW.awk
-@@ -23,7 +23,7 @@ BEGIN {
- A["sysconfdir"] = "conf"
- A["iconsdir"] = "icons"
- A["manualdir"] = "manual"
-- A["runtimedir"] = "logs"
-+ A["runtimedir"] = "log"
- A["errordir"] = "error"
- A["proxycachedir"] = "proxy"
-
-Index: httpd-2.4.25/config.layout
-===================================================================
---- httpd-2.4.25.orig/config.layout
-+++ httpd-2.4.25/config.layout
-@@ -28,8 +28,8 @@
- cgidir: ${datadir}/cgi-bin
- includedir: ${prefix}/include
- localstatedir: ${prefix}
-- runtimedir: ${localstatedir}/logs
-- logfiledir: ${localstatedir}/logs
-+ runtimedir: ${localstatedir}/log
-+ logfiledir: ${localstatedir}/log
- proxycachedir: ${localstatedir}/proxy
- </Layout>
-
-@@ -174,7 +174,7 @@
- includedir: ${prefix}/include
- localstatedir: /var${prefix}
- runtimedir: ${localstatedir}/run
-- logfiledir: ${localstatedir}/logs
-+ logfiledir: ${localstatedir}/log
- proxycachedir: ${localstatedir}/proxy
- </Layout>
-
--- /dev/null
+--- a/include/scoreboard.h
++++ b/include/scoreboard.h
+@@ -40,7 +40,7 @@ extern "C" {
+
+ /* Scoreboard file, if there is one */
+ #ifndef DEFAULT_SCOREBOARD
+-#define DEFAULT_SCOREBOARD "logs/apache_runtime_status"
++#define DEFAULT_SCOREBOARD "log/apache2/apache_runtime_status"
+ #endif
+
+ /* Scoreboard info on a process is, for now, kept very brief ---
+++ /dev/null
-Index: httpd-2.4.25/include/scoreboard.h
-===================================================================
---- httpd-2.4.25.orig/include/scoreboard.h
-+++ httpd-2.4.25/include/scoreboard.h
-@@ -40,7 +40,7 @@ extern "C" {
-
- /* Scoreboard file, if there is one */
- #ifndef DEFAULT_SCOREBOARD
--#define DEFAULT_SCOREBOARD "logs/apache_runtime_status"
-+#define DEFAULT_SCOREBOARD "log/apache_runtime_status"
- #endif
-
- /* Scoreboard info on a process is, for now, kept very brief ---
-Index: httpd-2.4.25/docs/conf/httpd.conf.in
-===================================================================
---- httpd-2.4.25.orig/docs/conf/httpd.conf.in
-+++ httpd-2.4.25/docs/conf/httpd.conf.in
-@@ -63,7 +63,6 @@ Listen @@Port@@
- # Example:
- # LoadModule foo_module modules/mod_foo.so
- #
--@@LoadModule@@
-
- <IfModule unixd_module>
- #
-@@ -74,8 +73,8 @@ Listen @@Port@@
+--- a/docs/conf/httpd.conf.in
++++ b/docs/conf/httpd.conf.in
+@@ -74,8 +74,8 @@ Listen @@Port@@
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
#
-User daemon
-Group daemon
-+User nobody
-+Group nogroup
++User apache
++Group apache
</IfModule>
-@@ -188,7 +187,7 @@ ErrorLog "@rel_logfiledir@/error_log"
- # Possible values include: debug, info, notice, warn, error, crit,
- # alert, emerg.
- #
--LogLevel warn
-+LogLevel debug
-
- <IfModule log_config_module>
- #
-@@ -330,7 +329,7 @@ LogLevel warn
- # contents of the file itself to determine its type. The MIMEMagicFile
- # directive tells the module where the hint definitions are located.
- #
--#MIMEMagicFile @rel_sysconfdir@/magic
-+MIMEMagicFile @rel_sysconfdir@/magic
-
- #
- # Customizable error responses come in three flavors:
-@@ -360,7 +359,7 @@ LogLevel warn
- # Defaults: EnableMMAP On, EnableSendfile Off
- #
- #EnableMMAP off
--#EnableSendfile on
-+EnableSendfile off
-
- # Supplemental configuration
- #
-@@ -411,8 +410,8 @@ Include @rel_sysconfdir@/extra/proxy-htm
- # starting without SSL on platforms with no /dev/random equivalent
- # but a statically compiled-in mod_ssl.
- #
--<IfModule ssl_module>
--SSLRandomSeed startup builtin
--SSLRandomSeed connect builtin
--</IfModule>
-+#<IfModule ssl_module>
-+#SSLRandomSeed startup builtin
-+#SSLRandomSeed connect builtin
-+#</IfModule>
-
Forwarded: no
Last-Update: 2015-08-11
-Index: apache2/server/buildmark.c
-===================================================================
---- apache2.orig/server/buildmark.c
-+++ apache2/server/buildmark.c
+--- a/server/buildmark.c
++++ b/server/buildmark.c
@@ -17,11 +17,7 @@
#include "ap_config.h"
#include "httpd.h"
AP_DECLARE(const char *) ap_get_server_built()
{
-Index: apache2/server/Makefile.in
-===================================================================
---- apache2.orig/server/Makefile.in
-+++ apache2/server/Makefile.in
+--- a/server/Makefile.in
++++ b/server/Makefile.in
@@ -1,3 +1,4 @@
+export LC_ALL = C
CLEAN_TARGETS = gen_test_char test_char.h \
ApacheCoreOS2.def httpd.exp export_files \
-@@ -85,8 +86,8 @@ httpd.exp: exports.c export_vars.h
+@@ -87,8 +88,8 @@ httpd.exp: exports.c export_vars.h
@echo "#! ." > $@
@echo "* This file was AUTOGENERATED at build time." >> $@
@echo "* Please do not edit by hand." >> $@
PKG_NAME:=apfree-wifidog
PKG_VERSION:=3.11.1716
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/liudf0716/apfree_wifidog.git
procd_close_instance
}
-status() {
+status_service() {
/usr/bin/wdctlx status
}
PKG_NAME:=aria2
PKG_VERSION:=1.35.0
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://github.com/aria2/aria2/releases/download/release-$(PKG_VERSION)/
PKG_HASH:=1e2b7fd08d6af228856e51c07173cfcf987528f1ac97e04c5af4a47642617dfd
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
-PKG_USE_MIPS16:=0
PKG_MAINTAINER:=Imre Kaloz <kaloz@openwrt.org>, \
Hsing-Wang Liao <kuoruan@gmail.com>
include $(TOPDIR)/rules.mk
PKG_NAME:=ariang
-PKG_VERSION:=1.1.1
+PKG_VERSION:=1.1.4
PKG_RELEASE:=1
PKG_SOURCE_URL:=https://codeload.github.com/mayswind/AriaNg-DailyBuild/tar.gz/$(PKG_VERSION)?
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_HASH:=48f3f737a6a79ab140f6bc75b0b6fd377ccbb75c7b7260b38ad4e64dee97d9e8
+PKG_HASH:=0a591564ffb863d5ce55694d26ad63934d364b9408119c191a2f8276f286f2b6
PKG_BUILD_DIR:=$(BUILD_DIR)/AriaNg-DailyBuild-$(PKG_VERSION)
PKG_LICENSE:=MIT
include $(TOPDIR)/rules.mk
PKG_NAME:=arp-scan
-PKG_VERSION:=1.9.6
+PKG_VERSION:=1.9.7
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/royhills/arp-scan/tar.gz/$(PKG_VERSION)?
-PKG_HASH:=971b45c3369816467994797fbcd0076eb8f0ffb9c42764ea6dba25ab3fd490da
+PKG_HASH:=e03c36e4933c655bd0e4a841272554a347cd0136faf42c4a6564059e0761c039
PKG_MAINTAINER:=Sergey Urushkin <urusha.v1.0@gmail.com>
PKG_LICENSE:=GPL-3.0-or-later
include $(TOPDIR)/rules.mk
PKG_NAME:=banip
-PKG_VERSION:=0.3.10
+PKG_VERSION:=0.3.11
PKG_RELEASE:=1
PKG_LICENSE:=GPL-3.0-or-later
PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>
then
f_log "info" "log/banIP service started"
"${ban_logread}" -f -e "${ban_sshdaemon}\|luci: failed login" | \
- { grep -qE "Exit before auth|luci: failed login|[0-9]+ \[preauth\]$"; [ $? -eq 0 ] && /etc/init.d/banip refresh; }
+ { grep -q "Exit before auth\|luci: failed login\|error: maximum authentication attempts exceeded"; [ $? -eq 0 ] && /etc/init.d/banip refresh; }
else
f_log "err" "can't start log/banIP service"
fi
#
LC_ALL=C
PATH="/usr/sbin:/usr/bin:/sbin:/bin"
-ban_ver="0.3.10"
+ban_ver="0.3.11"
ban_basever=""
ban_enabled=0
ban_automatic="1"
#
if [ -z "${ban_sshdaemon}" ]
then
- utils="dropbear sshd"
+ utils="sshd dropbear"
for util in ${utils}
do
if [ -x "$(command -v "${util}")" ]
then
- ban_sshdaemon="${util}"
- break
+ if [ "$("/etc/init.d/${util}" enabled; printf "%u" ${?})" -eq 0 ]
+ then
+ ban_sshdaemon="${util}"
+ break
+ fi
fi
done
fi
local src_name src_on src_url src_rset src_setipv src_settype src_ruletype src_cat src_log src_addon src_ts src_rc
local wan_input wan_forward lan_input lan_forward target_src target_dst ssh_log luci_log
- ssh_log="$(logread -e "${ban_sshdaemon}" | grep -o "${ban_sshdaemon}.*" | sed 's/:[0-9]*$//g')"
+ if [ "${ban_sshdaemon}" = "dropbear" ]
+ then
+ ssh_log="$(logread -e "${ban_sshdaemon}" | grep -o "${ban_sshdaemon}.*" | sed 's/:[0-9]*$//g')"
+ elif [ "${ban_sshdaemon}" = "sshd" ]
+ then
+ ssh_log="$(logread -e "${ban_sshdaemon}" | grep -o "${ban_sshdaemon}.*" | sed 's/ port.*$//g')"
+ fi
luci_log="$(logread -e "luci: failed login" | grep -o "luci:.*")"
mem_total="$(awk '/^MemTotal/ {print int($2/1000)}' "/proc/meminfo" 2>/dev/null)"
mem_free="$(awk '/^MemFree/ {print int($2/1000)}' "/proc/meminfo" 2>/dev/null)"
done
elif [ "${ban_sshdaemon}" = "sshd" ]
then
- src_addon="$(printf "%s\\n" "${ssh_log}" | grep -E "[0-9]+ \[preauth\]$" | awk 'match($0,/([0-9]{1,3}\.){3}[0-9]{1,3}$/){ORS=" ";print substr($0,RSTART,RLENGTH)}')"
+ src_addon="$(printf "%s\\n" "${ssh_log}" | grep -F "error: maximum authentication attempts exceeded" | awk 'match($0,/([0-9]{1,3}\.){3}[0-9]{1,3}$/){ORS=" ";print substr($0,RSTART,RLENGTH)}')"
fi
src_addon="${src_addon} $(printf "%s\\n" "${luci_log}" | awk 'match($0,/([0-9]{1,3}\.){3}[0-9]{1,3}$/){ORS=" ";print substr($0,RSTART,RLENGTH)}')"
;;
done
elif [ "${ban_sshdaemon}" = "sshd" ]
then
- src_addon="$(printf "%s\\n" "${ssh_log}" | grep -E "[0-9]+ \[preauth\]$" | awk 'match($0,/(([0-9A-f]{0,4}::?){1,7}[0-9A-f]{0,4}$)/){ORS=" ";print substr($0,RSTART,RLENGTH)}')"
+ src_addon="$(printf "%s\\n" "${ssh_log}" | grep -F "error: maximum authentication attempts exceeded" | awk 'match($0,/(([0-9A-f]{0,4}::?){1,7}[0-9A-f]{0,4}$)/){ORS=" ";print substr($0,RSTART,RLENGTH)}')"
fi
src_addon="${src_addon} $(printf "%s\\n" "${luci_log}" | awk 'match($0,/(([0-9A-f]{0,4}::?){1,7}[0-9A-f]{0,4}$)/){ORS=" ";print substr($0,RSTART,RLENGTH)}')"
;;
PKG_NAME:=bfdd
PKG_SOURCE_DATE:=2019-08-22
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE_VERSION:=c54534beb524afc3972039f57b56ec65332b43f7
PKG_SOURCE_URL:=https://codeload.github.com/rzalamena/bfdd/tar.gz/$(PKG_SOURCE_VERSION)?
/etc/bfdd/bfdd.json
endef
+TARGET_CFLAGS += -D_GNU_SOURCE
+
define Package/bfdd/install
$(INSTALL_DIR) \
$(1)/usr/sbin \
--- /dev/null
+diff --git a/bfd_packet.c b/bfd_packet.c
+index e8f99f9..2c9fa91 100644
+--- a/bfd_packet.c
++++ b/bfd_packet.c
+@@ -29,6 +29,8 @@
+ #define _UAPI_IPV6_H
+ #endif /* _UAPI_IPV6_H */
+
++#define _GNU_SOURCE
++
+ #include <linux/filter.h>
+ #include <linux/if_ether.h>
+ #include <linux/if_packet.h>
include $(TOPDIR)/rules.mk
PKG_NAME:=cgi-io
-PKG_RELEASE:=14
+PKG_RELEASE:=16
PKG_LICENSE:=GPL-2.0-or-later
$(LN) ../../usr/libexec/cgi-io $(1)/www/cgi-bin/cgi-upload
$(LN) ../../usr/libexec/cgi-io $(1)/www/cgi-bin/cgi-download
$(LN) ../../usr/libexec/cgi-io $(1)/www/cgi-bin/cgi-backup
+ $(LN) ../../usr/libexec/cgi-io $(1)/www/cgi-bin/cgi-exec
endef
$(eval $(call BuildPackage,cgi-io))
return -1;
default:
+ close(fds[1]);
+
now = time(NULL);
strftime(datestr, sizeof(datestr) - 1, "%Y-%m-%d", localtime(&now));
waitpid(pid, &status, 0);
+ close(fds[0]);
+
+ return 0;
+ }
+}
+
+
+static const char *
+lookup_executable(const char *cmd)
+{
+ size_t plen = 0, clen = strlen(cmd) + 1;
+ static char path[PATH_MAX];
+ char *search, *p;
+ struct stat s;
+
+ if (!stat(cmd, &s) && S_ISREG(s.st_mode))
+ return cmd;
+
+ search = getenv("PATH");
+
+ if (!search)
+ search = "/bin:/usr/bin:/sbin:/usr/sbin";
+
+ p = search;
+
+ do {
+ if (*p != ':' && *p != '\0')
+ continue;
+
+ plen = p - search;
+
+ if ((plen + clen) >= sizeof(path))
+ continue;
+
+ strncpy(path, search, plen);
+ sprintf(path + plen, "/%s", cmd);
+
+ if (!stat(path, &s) && S_ISREG(s.st_mode))
+ return path;
+
+ search = p + 1;
+ } while (*p++);
+
+ return NULL;
+}
+
+static char **
+parse_command(const char *cmdline)
+{
+ const char *p = cmdline, *s;
+ char **argv = NULL, *out;
+ size_t arglen = 0;
+ int argnum = 0;
+ bool esc;
+
+ while (isspace(*cmdline))
+ cmdline++;
+
+ for (p = cmdline, s = p, esc = false; p; p++) {
+ if (esc) {
+ esc = false;
+ }
+ else if (*p == '\\' && p[1] != 0) {
+ esc = true;
+ }
+ else if (isspace(*p) || *p == 0) {
+ if (p > s) {
+ argnum += 1;
+ arglen += sizeof(char *) + (p - s) + 1;
+ }
+
+ s = p + 1;
+ }
+
+ if (*p == 0)
+ break;
+ }
+
+ if (arglen == 0)
+ return NULL;
+
+ argv = calloc(1, arglen + sizeof(char *));
+
+ if (!argv)
+ return NULL;
+
+ out = (char *)argv + sizeof(char *) * (argnum + 1);
+ argv[0] = out;
+
+ for (p = cmdline, s = p, esc = false, argnum = 0; p; p++) {
+ if (esc) {
+ esc = false;
+ *out++ = *p;
+ }
+ else if (*p == '\\' && p[1] != 0) {
+ esc = true;
+ }
+ else if (isspace(*p) || *p == 0) {
+ if (p > s) {
+ *out++ = ' ';
+ argv[++argnum] = out;
+ }
+
+ s = p + 1;
+ }
+ else {
+ *out++ = *p;
+ }
+
+ if (*p == 0)
+ break;
+ }
+
+ argv[argnum] = NULL;
+ out[-1] = 0;
+
+ return argv;
+}
+
+static int
+main_exec(int argc, char **argv)
+{
+ char *fields[] = { "sessionid", NULL, "command", NULL, "filename", NULL, "mimetype", NULL };
+ int i, devnull, status, fds[2];
+ bool allowed = false;
+ ssize_t len = 0;
+ const char *exe;
+ char *p, **args;
+ pid_t pid;
+
+ postdecode(fields, 4);
+
+ if (!fields[1] || !session_access(fields[1], "cgi-io", "exec", "read"))
+ return failure(403, 0, "Exec permission denied");
+
+ for (p = fields[5]; p && *p; p++)
+ if (!isalnum(*p) && !strchr(" ()<>@,;:[]?.=%-", *p))
+ return failure(400, 0, "Invalid characters in filename");
+
+ for (p = fields[7]; p && *p; p++)
+ if (!isalnum(*p) && !strchr(" .;=/-", *p))
+ return failure(400, 0, "Invalid characters in mimetype");
+
+ args = fields[3] ? parse_command(fields[3]) : NULL;
+
+ if (!args)
+ return failure(400, 0, "Invalid command parameter");
+
+ /* First check if we find an ACL match for the whole cmdline ... */
+ allowed = session_access(fields[1], "file", args[0], "exec");
+
+ /* Now split the command vector... */
+ for (i = 1; args[i]; i++)
+ args[i][-1] = 0;
+
+ /* Find executable... */
+ exe = lookup_executable(args[0]);
+
+ if (!exe) {
+ free(args);
+ return failure(404, 0, "Executable not found");
+ }
+
+ /* If there was no ACL match, check for a match on the executable */
+ if (!allowed && !session_access(fields[1], "file", exe, "exec")) {
+ free(args);
+ return failure(403, 0, "Access to command denied by ACL");
+ }
+
+ if (pipe(fds)) {
+ free(args);
+ return failure(500, errno, "Failed to spawn pipe");
+ }
+
+ switch ((pid = fork()))
+ {
+ case -1:
+ free(args);
close(fds[0]);
close(fds[1]);
+ return failure(500, errno, "Failed to fork process");
+
+ case 0:
+ devnull = open("/dev/null", O_RDWR);
+
+ if (devnull > -1) {
+ dup2(devnull, 0);
+ dup2(devnull, 2);
+ close(devnull);
+ }
+ else {
+ close(0);
+ close(2);
+ }
+
+ dup2(fds[1], 1);
+ close(fds[0]);
+ close(fds[1]);
+
+ if (chdir("/") < 0) {
+ free(args);
+ return failure(500, errno, "Failed chdir('/')");
+ }
+
+ if (execv(exe, args) < 0) {
+ free(args);
+ return failure(500, errno, "Failed execv(...)");
+ }
+
+ return -1;
+
+ default:
+ close(fds[1]);
+
+ printf("Status: 200 OK\r\n");
+ printf("Content-Type: %s\r\n",
+ fields[7] ? fields[7] : "application/octet-stream");
+
+ if (fields[5])
+ printf("Content-Disposition: attachment; filename=\"%s\"\r\n",
+ fields[5]);
+
+ printf("\r\n");
+ fflush(stdout);
+
+ do {
+ len = splice(fds[0], NULL, 1, NULL, READ_BLOCK, SPLICE_F_MORE);
+ } while (len > 0);
+
+ waitpid(pid, &status, 0);
+
+ close(fds[0]);
+ free(args);
return 0;
}
return main_download(argc, argv);
else if (strstr(argv[0], "cgi-backup"))
return main_backup(argc, argv);
+ else if (strstr(argv[0], "cgi-exec"))
+ return main_exec(argc, argv);
return -1;
}
PKG_SOURCE_URL:=https://download.samba.org/pub/linux-cifs/cifs-utils/
PKG_HASH:=18d8f1bf92c13c4d611502dbd6759e3a766ddc8467ec8a2eda3f589e40b9ac9c
-PKG_MAINTAINER:=Florian Fainelli <florian@openwrt.org>
+PKG_MAINTAINER:=
PKG_LICENSE:=GPL-3.0
PKG_LICENSE_FILES:=COPYING
PKG_CPE_ID:=cpe:/a:debian:cifs-utils
+++ /dev/null
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=cifsd-tools
-PKG_RELEASE:=1
-
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://github.com/cifsd-team/cifsd-tools.git
-PKG_SOURCE_DATE:=2019-11-27
-PKG_SOURCE_VERSION:=06fd4153a5d5af1f96a20234f397bd149a8e4832
-PKG_MIRROR_HASH:=2849d2af471e327abc8d67afc91ca767c410e2b307d6554531a0b387d9ad909a
-
-PKG_MAINTAINER:=Andy Walsh <andy.walsh44+github@gmail.com>
-PKG_LICENSE:=GPL-2.0-or-later
-PKG_LICENSE_FILES:=COPYING
-
-PKG_FIXUP:=autoreconf
-PKG_INSTALL:=1
-PKG_BUILD_PARALLEL:=1
-PKG_REMOVE_FILES:=autogen.sh
-
-include $(INCLUDE_DIR)/package.mk
-include $(INCLUDE_DIR)/nls.mk
-
-define Package/cifsd-tools
- SECTION:=net
- CATEGORY:=Network
- SUBMENU:=Filesystem
- TITLE:=Kernel CIFS/SMB server support and userspace tools
- URL:=https://github.com/cifsd-team/cifsd-tools
- DEPENDS:=+kmod-fs-cifsd +glib2 +libnl-core +libnl-genl
-endef
-
-define Package/cifsd-tools/description
- Userspace tools (cifsd, cifsuseradd, cifsshareadd) for the CIFS/SMB kernel fileserver.
- The config file location is /etc/cifs/smb.conf
-endef
-
-define Package/cifsd-tools/install
- $(INSTALL_DIR) $(1)/usr/lib
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/libcifsdtools.so* $(1)/usr/lib/
- $(INSTALL_DIR) $(1)/usr/sbin
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/{cifsuseradd,cifsshareadd,cifsd} $(1)/usr/sbin/
- $(INSTALL_DIR) $(1)/etc/config $(1)/etc/cifs $(1)/etc/init.d
- $(INSTALL_CONF) ./files/cifsd.config $(1)/etc/config/cifsd
- $(INSTALL_DATA) ./files/smb.conf.template $(1)/etc/cifs/
- $(INSTALL_BIN) ./files/cifsd.init $(1)/etc/init.d/cifsd
- # copy examples until we have a wiki page
- $(INSTALL_DATA) ./files/cifsd.config.example $(1)/etc/cifs/
- $(INSTALL_DATA) $(PKG_BUILD_DIR)/Documentation/configuration.txt $(1)/etc/cifs/
-endef
-
-define Package/cifsd-tools/conffiles
-/etc/config/cifsd
-/etc/cifs/smb.conf.template
-/etc/cifs/smb.conf
-/etc/cifs/cifsdpwd.db
-endef
-
-$(eval $(call BuildPackage,cifsd-tools))
+++ /dev/null
-config globals
- option 'description' 'Cifsd on OpenWrt'
+++ /dev/null
-config globals
- option 'description' 'Cifsd on OpenWrt'
-
-config share
- option name 'testshare'
- option path '/tmp'
- option read_only 'no'
- option guest_ok 'yes'
- option create_mask '0666'
- option dir_mask '0777'
- option force_root '1'
+++ /dev/null
-#!/bin/sh /etc/rc.common
-
-START=98
-USE_PROCD=1
-
-CIFSD_IFACE=""
-
-smb_header()
-{
- config_get CIFSD_IFACE $1 interface "lan"
-
- # resolve interfaces
- local interfaces
- interfaces=$(
- . /lib/functions/network.sh
-
- local net
- for net in $CIFSD_IFACE; do
- local device
- network_is_up $net || continue
- network_get_device device "$net"
- echo -n "${device:-$net} "
- done
- )
-
- local workgroup description
- local hostname
- hostname="$(cat /proc/sys/kernel/hostname)"
-
- config_get workgroup $1 workgroup "WORKGROUP"
- config_get description $1 description "Cifsd on OpenWrt"
-
- sed -e "s#|NAME|#$hostname#g" \
- -e "s#|WORKGROUP|#$workgroup#g" \
- -e "s#|DESCRIPTION|#$description#g" \
- -e "s#|INTERFACES|#$interfaces#g" \
- /etc/cifs/smb.conf.template > /var/etc/cifs/smb.conf
-
- [ -e /etc/cifs/smb.conf ] || ln -nsf /var/etc/cifs/smb.conf /etc/cifs/smb.conf
-
- if [ ! -L /etc/cifs/smb.conf ]; then
- logger -t 'cifsd' "Local custom /etc/cifs/smb.conf file detected, all UCI/Luci config settings are ignored!"
- fi
-}
-
-smb_add_share()
-{
- local name
- local path
- local comment
- local users
- local create_mask
- local dir_mask
- local browseable
- local read_only
- local writeable
- local guest_ok
- local force_root
- local write_list
- local read_list
- local hide_dot_files
- local veto_files
- local inherit_owner
- local force_create_mode
- local force_directory_mode
-
- config_get name $1 name
- config_get path $1 path
- config_get comment $1 comment
- config_get users $1 users
- config_get create_mask $1 create_mask
- config_get dir_mask $1 dir_mask
- config_get browseable $1 browseable
- config_get read_only $1 read_only
- config_get writeable $1 writeable
- config_get guest_ok $1 guest_ok
- config_get_bool force_root $1 force_root 0
- config_get write_list $1 write_list
- config_get read_list $1 read_list
- config_get hide_dot_files $1 hide_dot_files
- config_get veto_files $1 veto_files
- config_get inherit_owner $1 inherit_owner
- config_get force_create_mode $1 force_create_mode
- config_get force_directory_mode $1 force_directory_mode
-
- [ -z "$name" ] || [ -z "$path" ] && return
-
- {
- printf "\n[%s]\n\tpath = %s\n" "$name" "$path"
- [ -n "$comment" ] && printf "\tcomment = %s\n" "$comment"
-
- if [ "$force_root" -eq 1 ]; then
- printf "\tforce user = %s\n" "root"
- printf "\tforce group = %s\n" "root"
- else
- [ -n "$users" ] && printf "\tvalid users = %s\n" "$users"
- fi
-
- [ -n "$create_mask" ] && printf "\tcreate mask = %s\n" "$create_mask"
- [ -n "$dir_mask" ] && printf "\tdirectory mask = %s\n" "$dir_mask"
- [ -n "$force_create_mode" ] && printf "\tforce create mode = %s\n" "$force_create_mode"
- [ -n "$force_directory_mode" ] && printf "\tforce directory mode = %s\n" "$force_directory_mode"
-
- [ -n "$browseable" ] && printf "\tbrowseable = %s\n" "$browseable"
- [ -n "$read_only" ] && printf "\tread only = %s\n" "$read_only"
- [ -n "$writeable" ] && printf "\twriteable = %s\n" "$writeable"
-
- [ -n "$guest_ok" ] && printf "\tguest ok = %s\n" "$guest_ok"
- [ -n "$inherit_owner" ] && printf "\tinherit owner = %s\n" "$inherit_owner"
-
- [ -n "$write_list" ] && printf "\twrite list = %s\n" "$write_list"
- [ -n "$read_list" ] && printf "\tread list = %s\n" "$read_list"
-
- [ -n "$hide_dot_files" ] && printf "\thide dot files = %s\n" "$hide_dot_files"
- [ -n "$veto_files" ] && printf "\tveto files = %s\n" "$veto_files"
- } >> /var/etc/cifs/smb.conf
-}
-
-init_config()
-{
- mkdir -p /var/etc/cifs
-
- config_load cifsd
- # allow copy&paste from samba UCI configs (we dont have a cifsd wiki yet)
- config_foreach smb_header globals
- config_foreach smb_header samba
- config_foreach smb_add_share share
- config_foreach smb_add_share sambashare
-}
-
-service_triggers()
-{
- PROCD_RELOAD_DELAY=2000
-
- procd_add_reload_trigger "dhcp" "system" "cifsd"
-
- local i
- for i in $CIFSD_IFACE; do
- procd_add_reload_interface_trigger $i
- done
-}
-
-start_service()
-{
- init_config
-
- if [ ! -e /etc/cifs/smb.conf ]; then
- logger -t 'cifsd' "missing config /etc/cifs/smb.conf, needs to-be created manually!"
- exit 1
- fi
-
- if [ -e /sys/module/cifsd ]; then
- if [ -e /sys/class/cifsd-control/kill_server ]; then
- # upstream "BUG": ensure changes in smb.conf are reflected on a running kernel-server
- echo hard > /sys/class/cifsd-control/kill_server
- # we need a extra timeout for the reset
- sleep 5
- fi
- fi
-
- modprobe cifsd 2> /dev/null
- if [ ! -e /sys/module/cifsd ]; then
- logger -t 'cifsd' "modprobe of cifsd module failed, can\'t start cifsd!"
- exit 1
- fi
-
- logger -t 'cifsd' "Starting CIFS/SMB userspace service."
- procd_open_instance
- procd_set_param command /usr/sbin/cifsd --n
- procd_set_param file /var/etc/cifs/smb.conf
- procd_close_instance
-}
-
-stop_service()
-{
- logger -t 'cifsd' "Stopping CIFSD userspace service."
- killall cifsd > /dev/null 2>&1
-
- [ -e /sys/module/cifsd ] && rmmod cifsd > /dev/null 2>&1
- # With open smb connections rmmod is not possible, without waiting for the long 'ipc timeout', so we use 'kill_server'!
- if [ -e /sys/module/cifsd ]; then
- logger -t 'cifsd' "triggering kill_server"
- if [ -e /sys/class/cifsd-control/kill_server ]; then
- echo hard > /sys/class/cifsd-control/kill_server
- # we need a extra timeout for the reset
- sleep 5
- fi
- fi
- # next try
- [ -e /sys/module/cifsd ] && rmmod cifsd > /dev/null 2>&1
- # check again
- if [ -e /sys/module/cifsd ]; then
- # wait more...
- sleep 3
- fi
- # last try
- [ -e /sys/module/cifsd ] && rmmod cifsd > /dev/null 2>&1
-
- if [ -e /sys/module/cifsd ]; then
- logger -t 'cifsd' "module still loaded after 8s timeout"
- fi
- [ -f /tmp/cifsd.lock ] && rm /tmp/cifsd.lock
-}
-
-# reload_service() {
- # restart "$@"
-# }
+++ /dev/null
-;******************************************************************************
-; File to define cifsd configuration parameters which are comparable with
-; samba's ones
-;
-; Supported [global] level parameters list:
-; - server string
-; This controls what string will show up in browse lists next
-; to the machine name
-; - workgroup
-; This controls what workgroup your server will appear to be
-; in when queried by clients
-; - netbios name
-; This sets the NetBIOS name by which a SMB server is known.
-; By default it is the same as the first component of the host's
-; DNS name. If a machine is a browse server or logon server this
-; name (or the first component of the hosts DNS name) will be
-; the name that these services are advertised under.
-; - server min protocol
-; This setting controls the minimum protocol version that the
-; server will allow the client to use.
-; - server max protocol
-; The value of the parameter (a string) is the highest protocol
-; level that will be supported by the server.
-; - server signing
-; This controls whether the client is allowed or required to use
-; SMB1 and SMB2 signing. Possible values are default, auto,
-; mandatory and disabled.
-; - guest account
-; This is a username which will be used for access to services
-; which are specified as guest ok.
-; - max active sessions
-; This option allows the number of simultaneous connections to
-; a service to be limited.
-; - ipc timeout
-; This option specifies the number of seconds server will wait
-; for the userspace to reply to heartbeat frames. If user space
-; is down for more than `ipc timeout` seconds the server will
-; reset itself - close all sessions and all TCP connections.
-; - restrict anonymous
-; The setting of this parameter determines whether user and
-; group list information is returned for an anonymous connection.
-; - map to guest
-; This parameter can take four different values, which tell cifsd
-; what to do with user login requests.(bad user
-; - bind interfaces only
-; This global parameter allows the cifsd admin to limit what
-; interfaces on a machine will serve SMB requests.
-; - interfaces
-; This option allows you to override the default network
-; interfaces list that cifsd will use for browsing. The option
-; takes only list of interface name.
-; - deadtime
-; The value of the parameter (a decimal integer) represents
-; the number of minutes of inactivity before a connection is
-; considered dead, and it is disconnected. The deadtime only
-; takes effect if the number of open files is zero.
-; - root directory
-; Sets up a root (base) directory for all shares. In some
-; sense it's equal to chroot(). When this option set all shares'
-; paths become relative to root directory, IOW the file name
-; lookup resolves '/root directory/share path/file path' path.
-;
-; Supported [share] level parameters list:
-; - comment
-; comment string to associate with the new share
-; - path
-; This parameter specifies a directory to which the user of the
-; service is to be given access.
-; - guest ok
-; If this parameter is yes for a service, then no password is
-; required to connect to the service.
-; - read only
-; If this parameter is yes, then users of a service may not
-; create or modify files in the service's directory.
-; - browseable
-; This controls whether this share is seen in the list of
-; available shares in a net view and in the browse list.
-; - write ok
-; - writeable
-; Inverted synonym for read only.
-; - store dos attributes
-; If this parameter is set cifsd attempts to first read DOS
-; attributes (SYSTEM, HIDDEN, ARCHIVE or READ-ONLY) from a
-; filesystem extended attribute, before mapping DOS attributes
-; to UNIX permission bits (such as occurs with map hidden and
-; map readonly).
-; - oplocks
-; This boolean option tells cifsd whether to issue oplocks
-; (opportunistic locks) to file open requests on this share.
-; - create mask
-; When a file is created, the necessary permissions are calculated
-; according to the mapping from DOS modes to UNIX permissions, and
-; the resulting UNIX mode is then bit-wise 'AND'ed with this
-; parameter.
-; - directory mask
-; This parameter is the octal modes which are used when converting
-; DOS modes to UNIX modes when creating UNIX directories.
-; - force group
-; This specifies a UNIX group name that will be assigned as
-; the default primary group for all users connecting to this
-; service.
-; - force user
-; This specifies a UNIX user name that will be assigned as
-; the default user for all users connecting to this service.
-; - hide dot files
-; This is a boolean parameter that controls whether files starting
-; with a dot appear as hidden files.
-; - hosts allow
-; This parameter is a comma, space, or tab delimited set of hosts
-; which are permitted to access a service
-; - hosts deny
-; The opposite of allow hosts - hosts listed here are NOT
-; permitted access to services unless the specific services have
-; their own lists to override this one. Where the lists conflict,
-; the allow list takes precedence.
-; - valid users
-; This is a list of users that should be allowed to login to this
-; service
-; - invalid users
-; This is a list of users that should not be allowed to login to
-; this service.
-; - read list
-; This is a list of users that are given read-only access to
-; a service.
-; - write list
-; This is a list of users that are given read-write access to
-; a service.
-; - max connections
-; This option allows the number of simultaneous connections to
-; a service to be limited.
-; - veto files
-; This is a list of files and directories that are neither visible
-; nor accessible.
-;
-; Veto any files containing the word Security,
-; any ending in .tmp, and any directory containing the
-; word root.
-; veto files = /*Security*/*.tmp/*root*/
-;
-; Veto the Apple specific files that a NetAtalk server
-; creates.
-; veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/
-; - inherit owner
-; The ownership for new files and directories should be controlled
-; by the ownership of the parent directory.
-; Valid options are yes or no.
-; - inherit smack
-; This parameter can be used to ensure that if smack label exist
-; on parent directories.
-; Valid options are yes or no.
-; - force create mode
-; This parameter specifies a set of UNIX mode bit permissions
-; that will always be set on a file created by cifsd.
-; - force directory mode
-; This parameter specifies a set of UNIX mode bit permissions
-; that will always be set on a directory created by cifsd.
-;
-; Rules to update this file:
-; - Every [share] definition should start on new line
-; - Every parameter should be indented with single tab
-; - There should be single spaces around equal (eg: " = ")
-; - Multiple parameters should be separated with comma
-; eg: "invalid users = usr1,usr2,usr3"
-;
-; Make sure to configure the server after making changes to this file.
-;******************************************************************************
-
-[global]
- netbios name = CIFSD
-
-[homes]
- comment = content server share
- path = /tmp
+++ /dev/null
-[global]
- netbios name = |NAME|
- server string = |DESCRIPTION|
- workgroup = |WORKGROUP|
- interfaces = |INTERFACES|
- bind interfaces only = yes
- ipc timeout = 20
- deadtime = 15
- map to guest = Bad User
# CoovaChilli advanced configuration
-menu "Configuration"
- depends on PACKAGE_coova-chilli
+if PACKAGE_coova-chilli
config COOVACHILLI_PROXY
- bool "Enable support for chilli proxy. Required for AAA Proxy through http"
- default n
+ bool "Enable support for chilli proxy. Required for AAA Proxy through http"
+ default n
config COOVACHILLI_REDIR
bool "Enable support for redir server. Required for uamregex"
bool "Enable recording user-agent"
default n
-config COOVACHILLI_DNSLOG
- bool "Enable support to log DNS name queries"
- default n
-
config COOVACHILLI_UAMDOMAINFILE
bool "Enable loading of mass uamdomains from file"
default n
endchoice
-endmenu
+endif
include $(TOPDIR)/rules.mk
PKG_NAME:=coova-chilli
-PKG_VERSION:=1.4
-PKG_RELEASE:=11
+PKG_VERSION:=1.5
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/coova/coova-chilli/tar.gz/$(PKG_VERSION)?
-PKG_HASH:=987647a4c8efe7b1e2d7108d56068e3bd7830d326680f0eaa2c705e4c59c46d9
+PKG_HASH:=75e15fd00a870b8a95df1440977c688a05a109f90b57bf679b931101d427d0fb
PKG_MAINTAINER:=Jaehoon You <teslamint@gmail.com>
PKG_LICENSE:=GPL-2.0-or-later
PKG_BUILD_PARALLEL:=0
PKG_CONFIG_DEPENDS:= \
+ COOVACHILLI_LARGELIMITS \
COOVACHILLI_MINIPORTAL \
+ COOVACHILLI_NOSSL \
+ COOVACHILLI_OPENSSL \
+ COOVACHILLI_PROXY \
COOVACHILLI_REDIR \
- COOVACHILLI_USERAGENT \
- COOVACHILLI_DNSLOG \
COOVACHILLI_UAMDOMAINFILE \
- COOVACHILLI_LARGELIMITS \
- COOVACHILLI_NOSSL \
+ COOVACHILLI_USERAGENT \
COOVACHILLI_WOLFSSL \
- COOVACHILLI_OPENSSL
+ IPV6
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/kernel.mk
SUBMENU:=Captive Portals
SECTION:=net
CATEGORY:=Network
- DEPENDS:=+kmod-tun +librt +COOVACHILLI_WOLFSSL:libwolfssl +COOVACHILLI_OPENSSL:libopenssl
+ DEPENDS:=+kmod-tun +librt +COOVACHILLI_MINIPORTAL:haserl \
+ +COOVACHILLI_WOLFSSL:libwolfssl +COOVACHILLI_OPENSSL:libopenssl
TITLE:=Wireless LAN HotSpot controller (Coova Chilli Version)
URL:=https://coova.github.io/
MENU:=1
$(call Build/Configure/Default, \
$(if $(CONFIG_COOVACHILLI_PROXY),--enable,--disable)-chilliproxy \
$(if $(CONFIG_COOVACHILLI_REDIR),--enable,--disable)-chilliredir \
- $(if $(CONFIG_COOVACHILLI_DNSLOG),--enable,--disable)-dnslog \
$(if $(CONFIG_COOVACHILLI_MINIPORTAL),--enable,--disable)-miniportal \
$(if $(CONFIG_COOVACHILLI_USERAGENT),--enable,--disable)-useragent \
$(if $(CONFIG_COOVACHILLI_LARGELIMITS),--enable,--disable)-largelimits \
$(INSTALL_BIN) files/chilli.init $(1)/etc/init.d/chilli
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_DATA) files/chilli.config $(1)/etc/config/chilli
- $(INSTALL_DIR) $(1)/lib/firewall
endef
$(eval $(call BuildPackage,coova-chilli))
# name of network interface
option network ''
- # Include this flag if process is to run in the foreground
- #option fg
-
# Include this flag to include debug information.
#option debug 1
# name lookups to be performed. Value is given in seconds.
#option interval 3600
- # File to store information about the process id of the program.
- # The program must have write access to this file/directory.
- #option pidfile /var/run/chilli.pid
-
# Directory to use for nonvolatile storage.
# The program must have write access to this directory.
# this option is currently ignored
local cfg="$1"
local base="/var/run/chilli_${cfg}"
- config_get_bool disabled "$1" 'disabled' 1
+ config_get_bool disabled "$1" 'disabled' 0
[ $disabled = 1 ] && return
procd_open_instance "$cfg"
+++ /dev/null
---- a/src/system.h
-+++ b/src/system.h
-@@ -112,6 +112,11 @@
- #include <signal.h>
- #endif
-
-+#ifdef HAVE_SYS_SYSINFO_H
-+#define _LINUX_SYSINFO_H
-+#include <sys/sysinfo.h>
-+#endif
-+
- #ifdef HAVE_INTTYPES_H
- #define __STDC_FORMAT_MACROS
- #include <inttypes.h>
-@@ -129,15 +134,6 @@
- #include <linux/un.h>
- #endif
-
--#ifdef HAVE_SYS_SYSINFO_H
--#include <sys/sysinfo.h>
--#else
--#ifdef HAVE_LINUX_SYSINFO_H
--#define _LINUX_KERNEL_H
--#include <linux/sysinfo.h>
--#endif
--#endif
--
- #elif defined (__FreeBSD__) || defined (__APPLE__) || defined (__OpenBSD__) || defined (__NetBSD__)
- #include <net/if.h>
- #include <net/bpf.h>
--- /dev/null
+--- a/configure.ac
++++ b/configure.ac
+@@ -397,7 +397,7 @@ AC_ARG_WITH([cyassl],
+ [AS_HELP_STRING([--with-cyassl], [enable support for cyassl])],[],[with_cyassl=no])
+
+ AS_IF([test x"$with_cyassl" != xno],
+- [AC_CHECK_LIB([cyassl], [CyaSSL_Init],
++ [AC_CHECK_LIB([cyassl], [wolfSSL_Init],
+ [AC_SUBST([LIBSSL], ["-lcyassl"])
+ AC_DEFINE([HAVE_CYASSL], [1],
+ [Define if you have cyassl])
+--- a/src/ippool.c
++++ b/src/ippool.c
+@@ -35,6 +35,7 @@ int ippool_print(int fd, struct ippool_t *this) {
+ char * sep = "-- %-15s ------------------------------------------------------------\n";
+
+ #define ERR 0
++#undef USED /* defined in <wolfssl/wolfcrypt/integer.h> */
+ #define USED 1
+ #define FREE 2
+ #define LIST 3
+--- a/src/md5.h
++++ b/src/md5.h
+@@ -35,7 +35,6 @@
+ #define MD5Update MD5_Update
+ #define MD5Final MD5_Final
+
+-typedef struct CYASSL_MD5_CTX MD5_CTX;
+ #else
+
+ struct MD5Context {
+--- a/src/ssl.c
++++ b/src/ssl.c
+@@ -131,7 +131,7 @@ _openssl_env_init(openssl_env *env, char *engine, int server) {
+ */
+ const long options = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_COMPRESSION;
+ env->meth = SSLv23_method();
+- env->ctx = SSL_CTX_new(env->meth);
++ env->ctx = SSL_CTX_new((void *)env->meth);
+ SSL_CTX_set_options(env->ctx, options);
+ if (_options.sslciphers) {
+ SSL_CTX_set_cipher_list(env->ctx, _options.sslciphers);
+--- a/src/ssl.h
++++ b/src/ssl.h
+@@ -48,6 +48,8 @@ typedef struct {
+ #include <time.h>
+ #include <string.h>
+
++#define OPENSSL_NO_ENGINE
++#include <cyassl/options.h>
+ #include <cyassl/ssl.h>
+ #include <cyassl/openssl/bio.h>
+ #include <cyassl/openssl/crypto.h>
+++ /dev/null
---- a/src/ms_chap.c
-+++ b/src/ms_chap.c
-@@ -96,18 +96,18 @@ MakeKey(u_char *key, u_char *des_key)
- des_key[6] = Get7Bits(key, 42);
- des_key[7] = Get7Bits(key, 49);
-
-- des_set_odd_parity((des_cblock *)des_key);
-+ DES_set_odd_parity((DES_cblock *)des_key);
- }
-
- static void /* IN 8 octets IN 7 octest OUT 8 octets */
- DesEncrypt(u_char *clear, u_char *key, u_char *cipher)
- {
-- des_cblock des_key;
-- des_key_schedule key_schedule;
-+ DES_cblock des_key;
-+ DES_key_schedule key_schedule;
-
- MakeKey(key, des_key);
-- des_set_key(&des_key, key_schedule);
-- des_ecb_encrypt((des_cblock *)clear, (des_cblock *)cipher, key_schedule, 1);
-+ DES_set_key(&des_key, &key_schedule);
-+ DES_ecb_encrypt((DES_cblock *)clear, (DES_cblock *)cipher, &key_schedule, 1);
- }
-
- #define LENGTH 20
---- a/src/ssl.c
-+++ b/src/ssl.c
-@@ -35,11 +35,13 @@ openssl_env * initssl() {
- if (openssl_init == 0) {
- openssl_init = 1;
- #ifdef HAVE_OPENSSL
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- if (_options.debug) {
- SSL_load_error_strings();
- }
- SSL_library_init();
- OpenSSL_add_all_algorithms();
-+#endif
- #else
- matrixSslOpen();
- syslog(LOG_DEBUG, "%s(%d): MatrixSslOpen()", __FUNCTION__, __LINE__);
-@@ -55,11 +57,13 @@ openssl_env * initssl_cli() {
- if (openssl_init == 0) {
- openssl_init = 1;
- #ifdef HAVE_OPENSSL
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- if (_options.debug) {
- SSL_load_error_strings();
- }
- SSL_library_init();
- OpenSSL_add_all_algorithms();
-+#endif
- #else
- matrixSslOpen();
- syslog(LOG_DEBUG, "%s(%d): MatrixSslOpen()", __FUNCTION__, __LINE__);
-@@ -132,7 +136,7 @@ _openssl_env_init(openssl_env *env, char *engine, int server) {
- if (_options.sslciphers) {
- SSL_CTX_set_cipher_list(env->ctx, _options.sslciphers);
- }
--#ifdef HAVE_OPENSSL_ENGINE
-+#ifndef OPENSSL_NO_ENGINE
- if (engine) {
- retry:
- if ((env->engine = ENGINE_by_id(engine)) == NULL) {
-@@ -609,7 +613,7 @@ openssl_env_free(openssl_env *env) {
- #endif
- #ifdef HAVE_OPENSSL
- if (env->ctx) SSL_CTX_free(env->ctx);
--#ifdef HAVE_OPENSSL_ENGINE
-+#ifndef OPENSSL_NO_ENGINE
- if (env->engine) ENGINE_free(env->engine);
- #endif
- #endif
---- a/src/ssl.h
-+++ b/src/ssl.h
-@@ -41,6 +41,7 @@ typedef struct {
- #include <openssl/ssl.h>
- #include <openssl/pem.h>
- #include <openssl/engine.h>
-+#include <openssl/err.h>
- #elif HAVE_CYASSL
- #include <stdio.h>
- #include <stdlib.h>
--- /dev/null
+From 196b783b5ea7f8d6cf57ddbd41dc1881ef47a1c4 Mon Sep 17 00:00:00 2001
+From: Rosen Penev <rosenp@gmail.com>
+Date: Wed, 11 Dec 2019 19:33:58 -0800
+Subject: [PATCH] system.h: Fix compilation with kernel 4.19 + musl
+
+<linux/netlink.h> includes <linux/sysinfo.h> , which redefines struct sysinfo, leading to an error.
+Define the linux header as included to solve compilation.
+
+Signed-off-by: Rosen Penev <rosenp@gmail.com>
+---
+ src/system.h | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/system.h b/src/system.h
+index 257b65b..5c1aa4a 100644
+--- a/src/system.h
++++ b/src/system.h
+@@ -114,6 +114,7 @@
+
+ #ifdef HAVE_SYS_SYSINFO_H
+ #include <sys/sysinfo.h>
++#define _LINUX_SYSINFO_H
+ #else
+ #ifdef HAVE_LINUX_SYSINFO_H
+ #define _LINUX_KERNEL_H
--- /dev/null
+--- a/configure.ac
++++ b/configure.ac
+@@ -2,7 +2,7 @@
+ # Process this file with autoconf to produce a configure script.
+
+ AC_PREREQ([2.59])
+-AC_INIT([coova-chilli],[1.4],[https://github.com/coova/coova-chilli/issues])
++AC_INIT([coova-chilli],[1.5],[https://github.com/coova/coova-chilli/issues])
+ AC_CONFIG_SRCDIR([src/chilli.c])
+
+ AM_INIT_AUTOMAKE
+++ /dev/null
---- a/configure.ac
-+++ b/configure.ac
-@@ -397,7 +397,7 @@ AC_ARG_WITH([cyassl],
- [AS_HELP_STRING([--with-cyassl], [enable support for cyassl])],[],[with_cyassl=no])
-
- AS_IF([test x"$with_cyassl" != xno],
-- [AC_CHECK_LIB([cyassl], [CyaSSL_Init],
-+ [AC_CHECK_LIB([cyassl], [wolfSSL_Init],
- [AC_SUBST([LIBSSL], ["-lcyassl"])
- AC_DEFINE([HAVE_CYASSL], [1],
- [Define if you have cyassl])
---- a/src/ippool.c
-+++ b/src/ippool.c
-@@ -35,6 +35,7 @@ int ippool_print(int fd, struct ippool_t *this) {
- char * sep = "-- %-15s ------------------------------------------------------------\n";
-
- #define ERR 0
-+#undef USED /* defined in <wolfssl/wolfcrypt/integer.h> */
- #define USED 1
- #define FREE 2
- #define LIST 3
---- a/src/md5.h
-+++ b/src/md5.h
-@@ -35,7 +35,6 @@
- #define MD5Update MD5_Update
- #define MD5Final MD5_Final
-
--typedef struct CYASSL_MD5_CTX MD5_CTX;
- #else
-
- struct MD5Context {
---- a/src/ssl.c
-+++ b/src/ssl.c
-@@ -131,7 +131,7 @@ _openssl_env_init(openssl_env *env, char *engine, int server) {
- */
- const long options = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_COMPRESSION;
- env->meth = SSLv23_method();
-- env->ctx = SSL_CTX_new(env->meth);
-+ env->ctx = SSL_CTX_new((void *)env->meth);
- SSL_CTX_set_options(env->ctx, options);
- if (_options.sslciphers) {
- SSL_CTX_set_cipher_list(env->ctx, _options.sslciphers);
---- a/src/ssl.h
-+++ b/src/ssl.h
-@@ -48,6 +48,8 @@ typedef struct {
- #include <time.h>
- #include <string.h>
-
-+#define OPENSSL_NO_ENGINE
-+#include <cyassl/options.h>
- #include <cyassl/ssl.h>
- #include <cyassl/openssl/bio.h>
- #include <cyassl/openssl/crypto.h>
+++ /dev/null
---- a/src/redir.c
-+++ b/src/redir.c
-@@ -3358,14 +3358,17 @@ int redir_main(struct redir_t *redir,
- }
-
- #define redir_memcopy(msgtype) \
-+ do { \
- redir_challenge(challenge); \
- redir_chartohex(challenge, hexchal, REDIR_MD5LEN); \
- msg.mtype = msgtype; \
- memcpy(conn.s_state.redir.uamchal, challenge, REDIR_MD5LEN); \
-- if (_options.debug) syslog(LOG_DEBUG, "%s(%d): ---->>> resetting challenge: %s", __FUNCTION__, __LINE__, hexchal)
-+ if (_options.debug) syslog(LOG_DEBUG, "%s(%d): ---->>> resetting challenge: %s", __FUNCTION__, __LINE__, hexchal); \
-+ } while (0)
-
- #ifdef USING_IPC_UNIX
- #define redir_msg_send(msgopt) \
-+ do { \
- msg.mdata.opt = msgopt; \
- memcpy(&msg.mdata.address, address, sizeof(msg.mdata.address)); \
- memcpy(&msg.mdata.baddress, baddress, sizeof(msg.mdata.baddress)); \
-@@ -3375,9 +3378,11 @@ int redir_main(struct redir_t *redir,
- syslog(LOG_ERR, "%s: write() failed! msgfd=%d type=%ld len=%d", \
- strerror(errno), redir->msgfd, msg.mtype, (int)sizeof(msg.mdata)); \
- return redir_main_exit(&socket, forked, rreq); \
-- }
-+ } \
-+ } while (0)
- #else
- #define redir_msg_send(msgopt) \
-+ do { \
- msg.mdata.opt = msgopt; \
- memcpy(&msg.mdata.address, address, sizeof(msg.mdata.address)); \
- memcpy(&msg.mdata.baddress, baddress, sizeof(msg.mdata.baddress)); \
-@@ -3387,7 +3392,8 @@ int redir_main(struct redir_t *redir,
- syslog(LOG_ERR, "%s: msgsnd() failed! msgid=%d type=%ld len=%d", \
- strerror(errno), redir->msgid, msg.mtype, (int)sizeof(msg.mdata)); \
- return redir_main_exit(&socket, forked, rreq); \
-- }
-+ } \
-+ } while (0)
- #endif
-
- /*
PKG_VERSION:=2.7.8
# Release == build
# increase on changes of services files or tld_names.dat
-PKG_RELEASE:=12
+PKG_RELEASE:=14
PKG_LICENSE:=GPL-2.0
PKG_MAINTAINER:=
endef
# shown in LuCI package description
define Package/ddns-scripts/description
- Dynamic DNS Client scripts (with IPv6 support) - Info: http://wiki.openwrt.org/doc/howto/ddns.client
+ Dynamic DNS Client scripts (with IPv6 support) - Info: https://openwrt.org/docs/guide-user/services/ddns/client
endef
# shown in menuconfig <Help>
define Package/ddns-scripts/config
- log file support
- support to run once
Version: $(PKG_VERSION)-$(PKG_RELEASE)
- Info : http://wiki.openwrt.org/doc/howto/ddns.client
+ Info : https://openwrt.org/docs/guide-user/services/ddns/client
endef
###### *************************************************************************
#
-# Please read http://wiki.openwrt.org/doc/uci/ddns
+# Please read https://openwrt.org/docs/guide-user/base-system/ddns
#
config ddns "global"
option ddns_dateformat "%F %R"
. /lib/functions/network.sh
# GLOBAL VARIABLES #
-VERSION="2.7.8-11"
+VERSION="2.7.8-14"
SECTION_ID="" # hold config's section name
VERBOSE=0 # default mode is log to console, but easily changed with parameter
MYPROG=$(basename $0) # my program call name
"able.or.kr" "http://able.or.kr/ddns/src/update.php?hostname=[DOMAIN]&myip=[IP]&ddnsuser=[USERNAME]&pwd=[PASSWORD]"
-"afraid.org-basicauth" "http://[USERNAME]:[PASSWORD]@freedns.afraid.org/nic/update?hostname=[DOMAIN]&myip=[IP]"
-"afraid.org-keyauth" "http://freedns.afraid.org/dynamic/update.php?[PASSWORD]&address=[IP]"
-"afraid.org-v2-basic" "http://[USERNAME]:[PASSWORD]@sync.afraid.org/u/?h=[DOMAIN]&ip=[IP]"
-"afraid.org-v2-token" "http://sync.afraid.org/u/[PASSWORD]/?address=[IP]"
+"afraid.org-basicauth" "https://[USERNAME]:[PASSWORD]@freedns.afraid.org/nic/update?hostname=[DOMAIN]&myip=[IP]"
+"afraid.org-keyauth" "https://freedns.afraid.org/dynamic/update.php?[PASSWORD]&address=[IP]"
+"afraid.org-v2-basic" "https://[USERNAME]:[PASSWORD]@sync.afraid.org/u/?h=[DOMAIN]&ip=[IP]"
+"afraid.org-v2-token" "https://sync.afraid.org/u/[PASSWORD]/?address=[IP]"
"all-inkl.com" "http://[USERNAME]:[PASSWORD]@dyndns.kasserver.com/?myip=[IP]"
#.no-ip.com / noip.com !!! Please install additional package "ddns-scripts_no-ip_com"
#.route53-v1 !!! Please install additional package "ddns-scripts_route53-v1"
-"afraid.org-basicauth" "http://[USERNAME]:[PASSWORD]@freedns.afraid.org/nic/update?hostname=[DOMAIN]&myip=[IP]"
-"afraid.org-keyauth" "http://freedns.afraid.org/dynamic/update.php?[PASSWORD]&address=[IP]"
-"afraid.org-v2-basic" "http://[USERNAME]:[PASSWORD]@v6.sync.afraid.org/u/?h=[DOMAIN]&ip=[IP]"
-"afraid.org-v2-token" "http://v6.sync.afraid.org/u/[PASSWORD]/?address=[IP]"
+"afraid.org-basicauth" "https://[USERNAME]:[PASSWORD]@freedns.afraid.org/nic/update?hostname=[DOMAIN]&myip=[IP]"
+"afraid.org-keyauth" "https://freedns.afraid.org/dynamic/update.php?[PASSWORD]&address=[IP]"
+"afraid.org-v2-basic" "https://[USERNAME]:[PASSWORD]@v6.sync.afraid.org/u/?h=[DOMAIN]&ip=[IP]"
+"afraid.org-v2-token" "https://v6.sync.afraid.org/u/[PASSWORD]/?address=[IP]"
"all-inkl.com" "http://[USERNAME]:[PASSWORD]@dyndns.kasserver.com/?myip=[IP]"
include $(TOPDIR)/rules.mk
PKG_NAME:=dnscrypt-proxy2
-PKG_VERSION:=2.0.29
+PKG_VERSION:=2.0.34
PKG_RELEASE:=1
PKG_SOURCE:=dnscrypt-proxy-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://codeload.github.com/jedisct1/dnscrypt-proxy/tar.gz/$(PKG_VERSION)?
-PKG_HASH:=5c18f0c9d6a89b64d532c98e2bd976f98211a715399c7a1ee81a22c5485673b9
+PKG_SOURCE_URL:=https://codeload.github.com/DNSCrypt/dnscrypt-proxy/tar.gz/$(PKG_VERSION)?
+PKG_HASH:=38ec7df2bdeff6d094d8975c0005c1d896a63b529cba417381b63fcf51d42303
PKG_BUILD_DIR:=$(BUILD_DIR)/dnscrypt-proxy-$(PKG_VERSION)
PKG_MAINTAINER:=Josef Schlehofer <josef.schlehofer@nic.cz>
PKG_BUILD_PARALLEL:=1
PKG_USE_MIPS16:=0
-GO_PKG:=github.com/jedisct1/dnscrypt-proxy
+GO_PKG:=github.com/DNSCrypt/dnscrypt-proxy
include $(INCLUDE_DIR)/package.mk
include ../../lang/golang/golang-package.mk
SECTION:=net
CATEGORY:=Network
TITLE:=Flexible DNS proxy with encrypted DNS protocols
- URL:=https://github.com/jedisct1/dnscrypt-proxy
+ URL:=https://github.com/DNSCrypt/dnscrypt-proxy
DEPENDS:=$(GO_ARCH_DEPENDS) +ca-bundle
CONFLICTS:=dnscrypt-proxy
endef
include $(TOPDIR)/rules.mk
PKG_NAME:=dnsdist
-PKG_VERSION:=1.3.3
+PKG_VERSION:=1.4.0
PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://downloads.powerdns.com/releases/
-PKG_HASH:=9fb24f9032025955169f3c6e9b0a05b6aa9d6441ec47da08d22de1c1aa23e8cf
+PKG_HASH:=a336fa2c3eb381c2464d9d9790014fd6d4505029ed2c1b73ee1dc9115a2f1dc0
PKG_MAINTAINER:=James Taylor <james@jtaylor.id.au>
PKG_LICENSE:=GPL-2.0-only
PKG_INSTALL:=1
+PKG_BUILD_DEPENDS:=protobuf/host
+
PKG_CONFIG_DEPENDS:= \
CONFIG_DNSDIST_GNUTLS \
CONFIG_DNSDIST_OPENSSL
include $(INCLUDE_DIR)/package.mk
define Package/dnsdist/config
-comment "SSL support"
-
-choice
- prompt "Selected SSL library"
- default DNSDIST_OPENSSSL
-
- config DNSDIST_OPENSSL
- bool "OpenSSL"
-
- config DNSDIST_GNUTLS
- bool "GnuTLS"
-
- config DNSDIST_NOSSL
- bool "No SSL support"
-
-endchoice
+menu "Configuration"
+ depends on PACKAGE_dnsdist
+
+ comment "SSL Support"
+ choice
+ prompt "Selected SSL library"
+ default DNSDIST_OPENSSSL
+
+ config DNSDIST_OPENSSL
+ bool "OpenSSL"
+
+ config DNSDIST_GNUTLS
+ bool "GnuTLS"
+
+ config DNSDIST_NOSSL
+ bool "No SSL support"
+
+ endchoice
+
+ comment "DNS over HTTPS/TLS Support"
+ depends on !DNSDIST_NOSSL
+
+ config DNSDIST_DNS_OVER_HTTPS
+ depends on DNSDIST_OPENSSL
+ depends on !DNSDIST_NOSSL
+ bool "DNS over HTTPS Support"
+ help
+ "Enables DNS over HTTPS Support for dnsdist"
+ default y
+
+ config DNSDIST_DNS_OVER_TLS
+ depends on !DNSDIST_NOSSL
+ bool "DNS over TLS Support"
+ help
+ "Enabled DNS over TLS Support for dnsdist"
+ default y
+endmenu
endef
define Package/dnsdist
CATEGORY:=Network
SUBMENU:=IP Addresses and Names
TITLE:=dnsdist DNS-, DOS- and abuse-aware loadbalancer
- DEPENDS:=+DNSDIST_OPENSSL:libopenssl +DNSDIST_GNUTLS:libgnutls +protobuf +re2 +libedit +libfstrm +libsodium +lua +boost +libnetsnmp +libatomic
+ DEPENDS:= \
+ +DNSDIST_DNS_OVER_HTTPS:libh2o-evloop \
+ +DNSDIST_GNUTLS:libgnutls \
+ +DNSDIST_OPENSSL:libopenssl \
+ +boost \
+ +libatomic \
+ +libcap \
+ +libedit \
+ +libfstrm \
+ +libnetsnmp \
+ +libsodium \
+ +lmdb \
+ +lua \
+ +protobuf \
+ +re2 \
+ +tinycdb
URL:=https://dnsdist.org/
endef
CONFIGURE_ARGS+= \
--enable-dnscrypt \
- $(if $(CONFIG_DNSDIST_NOSSL),,--enable-dns-over-tls) \
- --enable-fstrm \
- --enable-libsodium \
- --enable-protobuf \
- --enable-re2 \
+ --enable-dnstap \
+ --with-libsodium \
+ --with-protobuf \
+ --with-re2 \
--with-lua=lua \
--with-net-snmp \
- $(if $(CONFIG_DNSDIST_GNUTLS),--enable,--disable)-gnutls \
- $(if $(CONFIG_DNSDIST_OPENSSL),--enable,--disable)-libssl
+ $(if $(CONFIG_DNSDIST_GNUTLS),--with,--without)-gnutls \
+ $(if $(CONFIG_DNSDIST_OPENSSL),--with,--without)-libssl \
+ $(if $(CONFIG_DNSDIST_DNS_OVER_TLS),--enable-dns-over-tls,) \
+ $(if $(CONFIG_DNSDIST_DNS_OVER_HTTPS),--enable-dns-over-https,)
define Package/dnsdist/install
$(INSTALL_DIR) $(1)/etc
+++ /dev/null
-From d73bc006c62e4340ab56dd4baba5bc8eb8e1db49 Mon Sep 17 00:00:00 2001
-From: Remi Gacogne <remi.gacogne@powerdns.com>
-Date: Mon, 13 May 2019 16:01:06 +0200
-Subject: [PATCH] SNMP: Use net-snmp-config --netsnmp-agent-libs instead of
- --agent-libs
-
----
- m4/pdns_with_net_snmp.m4 | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/m4/pdns_with_net_snmp.m4 b/m4/pdns_with_net_snmp.m4
-index 8040672e6c..2da80c75fc 100644
---- a/m4/pdns_with_net_snmp.m4
-+++ b/m4/pdns_with_net_snmp.m4
-@@ -10,7 +10,7 @@ AC_DEFUN([PDNS_WITH_NET_SNMP], [
- AS_IF([test "x$with_net_snmp" != "xno"], [
- AS_IF([test "x$with_net_snmp" = "xyes" -o "x$with_net_snmp" = "xauto"], [
- AC_CHECK_PROG([NET_SNMP_CFLAGS], [net-snmp-config], [`net-snmp-config --cflags`])
-- AC_CHECK_PROG([NET_SNMP_LIBS], [net-snmp-config], [`net-snmp-config --agent-libs`])
-+ AC_CHECK_PROG([NET_SNMP_LIBS], [net-snmp-config], [`net-snmp-config --netsnmp-agent-libs`])
- AC_CHECK_DECLS([snmp_select_info2], [ : ], [ : ],
- [AC_INCLUDES_DEFAULT
- #include <net-snmp/net-snmp-config.h>
+++ /dev/null
---- a/m4/pdns_check_os.m4
-+++ b/m4/pdns_check_os.m4
-@@ -35,16 +35,21 @@
- AM_CONDITIONAL([HAVE_LINUX], [test "x$have_linux" = "xyes"])
- AM_CONDITIONAL([HAVE_SOLARIS], [test "x$have_solaris" = "xyes"])
-
-- case "$host" in
-- mips* | powerpc-* )
-- AC_MSG_CHECKING([whether the linker accepts -latomic])
-- LDFLAGS="-latomic $LDFLAGS"
-- AC_LINK_IFELSE([m4_default([],[AC_LANG_PROGRAM()])],
-- [AC_MSG_RESULT([yes])],
-- [AC_MSG_ERROR([Unable to link against libatomic, cannot continue])]
-- )
-- ;;
-- esac
-+ AC_MSG_CHECKING([whether -latomic is needed for __atomic builtins])
-+ AC_LINK_IFELSE(
-+ [AC_LANG_PROGRAM([[#include <stdint.h>]],
-+ [[uint64_t val = 0; __atomic_add_fetch(&val, 1, __ATOMIC_RELAXED);]]
-+ )],
-+ [AC_MSG_RESULT([no])],
-+ [LIBS="$LIBS -latomic"
-+ AC_LINK_IFELSE(
-+ [AC_LANG_PROGRAM([[#include <stdint.h>]],
-+ [[uint64_t val = 0; __atomic_add_fetch(&val, 1, __ATOMIC_RELAXED);]]
-+ )],
-+ [AC_MSG_RESULT([yes])],
-+ [AC_MSG_FAILURE([libatomic needed, but linking with -latomic failed, cannot continue])]
-+ )]
-+ )
-
- AC_SUBST(THREADFLAGS)
- AC_SUBST([DYNLINKFLAGS], [-export-dynamic])
+++ /dev/null
---- a/tcpiohandler.cc
-+++ b/tcpiohandler.cc
-@@ -369,8 +369,10 @@ public:
- }
-
- if (s_users.fetch_add(1) == 0) {
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- ERR_load_crypto_strings();
- OpenSSL_add_ssl_algorithms();
-+#endif
- openssl_thread_setup();
-
- s_ticketsKeyIndex = SSL_CTX_get_ex_new_index(0, nullptr, nullptr, nullptr, nullptr);
-@@ -439,6 +441,7 @@ public:
- d_tlsCtx.reset();
-
- if (s_users.fetch_sub(1) == 1) {
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- ERR_free_strings();
-
- EVP_cleanup();
-@@ -448,6 +451,7 @@ public:
- CONF_modules_unload(1);
-
- CRYPTO_cleanup_all_ex_data();
-+#endif
- openssl_thread_cleanup();
- }
- }
include $(TOPDIR)/rules.mk
PKG_NAME:=frp
-PKG_VERSION:=0.29.0
+PKG_VERSION:=0.31.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/fatedier/frp/tar.gz/v${PKG_VERSION}?
-PKG_HASH:=5d7980b81cfd055e3e5bb7a120098f94342656f647cb906ea075912f63568816
+PKG_HASH:=b1fa893c09e61db084bf6ddc0abcaf105c2828a887ee0fc376bef1a66da9b095
PKG_MAINTAINER:=Richard Yu <yurichard3839@gmail.com>
PKG_LICENSE:=Apache-2.0
include $(TOPDIR)/rules.mk
PKG_NAME:=frr
-PKG_VERSION:=7.2
-PKG_RELEASE:=2
+PKG_VERSION:=7.2.1
+PKG_RELEASE:=1
PKG_SOURCE_URL:=https://github.com/FRRouting/frr/releases/download/$(PKG_NAME)-$(PKG_VERSION)/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_HASH:=6cd5bfb6975133ccf23cc3f3a1c1c9a3f6d6a6c792c763b3ea010db75b3de5b3
+PKG_HASH:=774585564dc00e67c4eb51521cb2a8e584031364916514860227af07b638a408
PKG_MAINTAINER:=Lucian Cristian <lucian.cristian@gmail.com>
PKG_DAEMON_AVAILABLE:= \
--- a/zebra/zebra_nhg.c 2019-10-18 01:59:17.582282539 +0300
+++ b/zebra/zebra_nhg.c 2019-10-18 02:00:17.501997253 +0300
-@@ -253,20 +253,9 @@
+@@ -226,20 +226,9 @@
while (rn) {
route_unlock_node(rn);
+++ /dev/null
---- a/bgpd/bgp_bmp.c 2019-10-19 00:10:05.038017045 +0300
-+++ b/bgpd/bgp_bmp.c 2019-10-19 00:10:46.661847536 +0300
-@@ -1762,7 +1762,7 @@
- #define BMP_STR "BGP Monitoring Protocol\n"
-
- #ifndef VTYSH_EXTRACT_PL
--#include "bgp_bmp_clippy.c"
-+#include "bgpd/bgp_bmp_clippy.c"
- #endif
-
- DEFPY_NOSH(bmp_targets_main,
+++ /dev/null
-From eb3e472904e30f35825f08319608217082d4af21 Mon Sep 17 00:00:00 2001
-From: Radhika Mahankali <radhika@cumulusnetworks.com>
-Date: Mon, 9 Apr 2018 15:30:32 -0700
-Subject: [PATCH] ospf: BFD down not tearing down OSPF adjacency for
- point-to-point network
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Root Cause:
-Lookup for the point-to-point neighbor was failing because the neighbor
-lookup was based on neighbor interface IP address. But, for point-to-point
-neighbor the key is router-id for lookup. Lookup failure was causing the
-BFD updates from PTM to get dropped.
-
-Fix:
-Added walk of the neighbor list if the network type is point-to-point to
-find the appropriate neighbor. The match is based on source IP address of
-the neighbor since that’s the address registered with BFD for monitoring.
-
-Ticket: CM-20411
-Signed-off-by: Radhika Mahankali <radhika@cumulusnetworks.com>
----
- ospfd/ospf_bfd.c | 26 ++++++++++++++++++++++++--
- 1 file changed, 24 insertions(+), 2 deletions(-)
-
-diff --git a/ospfd/ospf_bfd.c b/ospfd/ospf_bfd.c
-index a17975270a..05ec4991e5 100644
---- a/ospfd/ospf_bfd.c
-+++ b/ospfd/ospf_bfd.c
-@@ -202,8 +202,9 @@ static int ospf_bfd_interface_dest_update(ZAPI_CALLBACK_ARGS)
- struct interface *ifp;
- struct ospf_interface *oi;
- struct ospf_if_params *params;
-- struct ospf_neighbor *nbr;
-+ struct ospf_neighbor *nbr = NULL;
- struct route_node *node;
-+ struct route_node *n_node;
- struct prefix p;
- int status;
- int old_status;
-@@ -231,7 +232,28 @@ static int ospf_bfd_interface_dest_update(ZAPI_CALLBACK_ARGS)
- if ((oi = node->info) == NULL)
- continue;
-
-- nbr = ospf_nbr_lookup_by_addr(oi->nbrs, &p.u.prefix4);
-+ /* walk the neighbor list for point-to-point network */
-+ if (oi->type == OSPF_IFTYPE_POINTOPOINT) {
-+ for (n_node = route_top(oi->nbrs); n_node;
-+ n_node = route_next(n_node)) {
-+ nbr = n_node->info;
-+ if (nbr) {
-+ /* skip myself */
-+ if (nbr == oi->nbr_self) {
-+ nbr = NULL;
-+ continue;
-+ }
-+
-+ /* Found the matching neighbor */
-+ if (nbr->src.s_addr ==
-+ p.u.prefix4.s_addr)
-+ break;
-+ }
-+ }
-+ } else {
-+ nbr = ospf_nbr_lookup_by_addr(oi->nbrs, &p.u.prefix4);
-+ }
-+
- if (!nbr || !nbr->bfd_info)
- continue;
-
include $(TOPDIR)/rules.mk
PKG_NAME:=go-ethereum
-PKG_VERSION:=1.9.6
+PKG_VERSION:=1.9.9
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/ethereum/go-ethereum/tar.gz/v${PKG_VERSION}?
-PKG_HASH:=3000f787735ee302088d17d406eafc2ec26eaffc083d876b2fa07ec7dfbb94f9
+PKG_HASH:=52fd34920841c9915d67f28c416ce7e98b654c116b03edee94f6ef06e5a8cf92
PKG_MAINTAINER:=Mislav Novakovic <mislav.novakovic@sartura.hr>
PKG_LICENSE:=GPL-3.0-or-later LGPL-3.0-or-later
include $(TOPDIR)/rules.mk
PKG_NAME:=git
-PKG_VERSION:=2.24.0
+PKG_VERSION:=2.25.0
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@KERNEL/software/scm/git/
-PKG_HASH:=9f71d61973626d8b28c4cdf8e2484b4bf13870ed643fed982d68b2cfd754371b
+PKG_HASH:=c060291a3ffb43d7c99f4aa5c4d37d3751cf6bca683e7344ea407ea504d9a8d0
PKG_INSTALL:=1
PKG_FIXUP:=autoreconf
PKG_BUILD_PARALLEL:=1
-PKG_CPE_ID:=cpe:/a:git:git
+PKG_CPE_ID:=cpe:/a:git-scm:git
include $(INCLUDE_DIR)/package.mk
PKG_NAME:=gnunet-fuse
-PKG_VERSION:=0.11.0
+PKG_VERSION:=0.12.0
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@GNU/gnunet
-PKG_HASH:=4ddf258336c9ce111fe71372aad0bfd792311f6d92753c29293b2cca1fe3bf16
+PKG_HASH:=4d42dc3112f36ada150b3904e207b93373c90d4fbd5a1c6415ee7f5c6a428e3b
PKG_LICENSE:=GPL-3.0
PKG_LICENSE_FILES:=COPYING
--- a/src/fuse/mutex.c
+++ b/src/fuse/mutex.c
-@@ -71,8 +71,13 @@ GNUNET_mutex_create (int isRecursive)
+@@ -68,8 +68,13 @@ GNUNET_mutex_create (int isRecursive)
if (isRecursive)
{
- #if LINUX
+ #ifdef __linux__
+#if defined(__UCLIBC__) || defined(__GLIBC__)
GNUNET_assert (0 == pthread_mutexattr_setkind_np
(&attr, PTHREAD_MUTEX_RECURSIVE_NP));
+ GNUNET_assert (0 == pthread_mutexattr_settype
+ (&attr, PTHREAD_MUTEX_RECURSIVE));
+#endif
- #elif SOMEBSD || GNUNET_freeBSD || GNUNET_freeBSD5
- GNUNET_assert (0 == pthread_mutexattr_setkind_np
+ #elif BSD || SOLARIS || OSX || WINDOWS
+ GNUNET_assert (0 == pthread_mutexattr_settype
(&attr, PTHREAD_MUTEX_RECURSIVE));
-@@ -84,11 +89,16 @@ GNUNET_mutex_create (int isRecursive)
+@@ -78,11 +83,16 @@ GNUNET_mutex_create (int isRecursive)
else
{
- #if LINUX
+ #ifdef __linux__
+#if defined(__UCLIBC__) || defined(__GLIBC__)
GNUNET_assert (0 == pthread_mutexattr_setkind_np
(&attr, PTHREAD_MUTEX_ERRORCHECK_NP));
PKG_NAME:=gnunet
-PKG_VERSION:=0.11.8
+PKG_VERSION:=0.12.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@GNU/gnunet
-PKG_HASH:=d21f1b7a5e0c3e1ddf062c87a302db9abb43574bb7bf8c9e8f233b5d0e6675fe
+PKG_HASH:=ac288b047d1156fc5e739062b11242bad0487993631e79781aede620ddf18cd7
PKG_LICENSE:=AGPL-3.0
PKG_LICENSE_FILES:=COPYING
--with-libunistring-prefix=$(STAGING_DIR)/usr \
--with-microhttpd=$(STAGING_DIR)/usr
+# upstream now provides --with-pulseaudio but doesn't detect rpath
+TARGET_LDFLAGS+= -Wl,-rpath-link=$(STAGING_DIR)/usr/lib/pulseaudio
+
define Package/gnunet/Default
SECTION:=net
CATEGORY:=Network
--- /dev/null
+diff --git a/configure.ac b/configure.ac
+index e2c4dd39f..95053e672 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -803,10 +803,12 @@ AC_ARG_WITH(libpulse,
+ LDFLAGS="-L$with_libpulse/lib $LDFLAGS"
+ CPPFLAGS="-I$with_libpulse/include $CPPFLAGS"
+ AC_CHECK_HEADERS(pulse/simple.h,
+- AC_CHECK_LIB([pulse],
+- [pa_stream_peek],
+- EXT_LIB_PATH="-L$with_libpulse/lib $EXT_LIB_PATH"
+- pulse=1))
++ AC_CHECK_DECL([pa_stream_peek],
++ [pulse=1],
++ [],
++ [[
++ #include <pulse/stream.h>
++ ]]))
+ ])
+ ],
+ [AC_MSG_RESULT([--with-libpulse not specified])
+@@ -846,10 +848,12 @@ AC_ARG_WITH(libopus,
+ LDFLAGS="-L$with_libopus/lib $LDFLAGS"
+ CPPFLAGS="-I$with_libopus/include $CPPFLAGS"
+ AC_CHECK_HEADERS(opus/opus.h,
+- AC_CHECK_LIB([opus],
+- [OPUS_SET_GAIN],
+- EXT_LIB_PATH="-L$with_libopus/lib $EXT_LIB_PATH"
+- opus=1))
++ AC_CHECK_DECL([OPUS_SET_GAIN],
++ [opus=1],
++ [],
++ [[
++ #include <opus/opus.h>
++ ]]))
+ ])
+ ],
+ [AC_MSG_RESULT([--with-libopus not specified])
include $(TOPDIR)/rules.mk
PKG_NAME:=gnurl
-PKG_VERSION:=7.65.1
-PKG_RELEASE:=1
+PKG_VERSION:=7.67.0
+PKG_RELEASE:=2
-PKG_SOURCE_URL:=https://ftp.gnu.org/gnu/gnunet
+PKG_SOURCE_URL:=@GNU/gnunet
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_HASH:=37bb87993f9219f4c76195031f1b0311afde157a1b852d54f570e3195ad7af01
+PKG_HASH:=2b972454ac3ab8c40f4dd2beeff168dde9666c473a1418f7f69194563e4caa46
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=COPYING
define Package/gnurl/Default
SECTION:=net
CATEGORY:=Network
- URL:=https://gnunet.org/gnurl
+ URL:=https://gnunet.org/en/gnurl.html
MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
endef
include $(TOPDIR)/rules.mk
PKG_NAME:=haproxy
-PKG_VERSION:=2.0.9
+PKG_VERSION:=2.0.12
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.haproxy.org/download/2.0/src
-PKG_HASH:=35692801abfd6dde4976cb42fe5cee8aaf61959e743003426073c3141494c589
+PKG_HASH:=7fcf5adb21cd78c4161902f9fcc8d7fc97e1562319a992cbda884436ca9602fd
PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>, \
Christian Lachner <gladiac@gmail.com>
#!/bin/sh
CLONEURL=https://git.haproxy.org/git/haproxy-2.0.git
-BASE_TAG=v2.0.9
+BASE_TAG=v2.0.12
TMP_REPODIR=tmprepo
PATCHESDIR=patches
--- a/Makefile
+++ b/Makefile
-@@ -327,6 +327,15 @@ ifeq ($(TARGET),linux-glibc)
+@@ -326,6 +326,15 @@ ifeq ($(TARGET),linux-glibc)
USE_GETADDRINFO)
endif
+++ /dev/null
---- a/include/common/openssl-compat.h
-+++ b/include/common/openssl-compat.h
-@@ -217,7 +217,8 @@ static inline int EVP_PKEY_base_id(EVP_PKEY *pkey)
- #define TLSEXT_signature_ecdsa 3
- #endif
-
--#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || (LIBRESSL_VERSION_NUMBER < 0x20700000L)
-+#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || \
-+ (defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER < 0x20700000L))
- #define X509_getm_notBefore X509_get_notBefore
- #define X509_getm_notAfter X509_get_notAfter
- #endif
include $(TOPDIR)/rules.mk
-PKG_NAME:=https_dns_proxy
-PKG_RELEASE=1
+PKG_NAME:=https-dns-proxy
+PKG_VERSION:=2019-12-03
+PKG_RELEASE=2
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/aarond10/https_dns_proxy
-PKG_SOURCE_DATE:=2019-10-09
-PKG_SOURCE_VERSION:=3d20c75c4a17aa569748e63ac169b9274178d573
-PKG_MIRROR_HASH:=149839f1db4ab9691db3955de526080a5b731ff8484b06f164497f4e244140da
-
-PKG_MAINTAINER:=Aaron Drew <aarond10@gmail.com>
+PKG_SOURCE_DATE:=2019-12-03
+PKG_SOURCE_VERSION:=2adeafb67cbe8d67148219c48334856ae4f3bd75
+PKG_MIRROR_HASH:=58088baa092cd9634652d65f9b5650db88d2e102cb370710654db7b15f2f0e42
+PKG_MAINTAINER:=Stan Grishin <stangri@melmac.net>
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=LICENSE
CMAKE_OPTIONS += -DCLANG_TIDY_EXE=
-define Package/https_dns_proxy
- SECTION:=net
- CATEGORY:=Network
- TITLE:=DNS over HTTPS Proxy Server
- DEPENDS:=+libcares +libcurl +libev +ca-bundle
+define Package/https-dns-proxy
+ SECTION:=net
+ CATEGORY:=Network
+ TITLE:=DNS Over HTTPS Proxy
+ DEPENDS:=+libcares +libcurl +libev +ca-bundle
+ CONFLICTS:=https_dns_proxy
endef
-define Package/https_dns_proxy/install
+define Package/https-dns-proxy/install
$(INSTALL_DIR) $(1)/usr/sbin $(1)/etc/init.d ${1}/etc/config
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/https_dns_proxy $(1)/usr/sbin/
- $(INSTALL_BIN) ./files/https_dns_proxy.init $(1)/etc/init.d/https_dns_proxy
- $(INSTALL_CONF) ./files/https_dns_proxy.config $(1)/etc/config/https_dns_proxy
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/https_dns_proxy $(1)/usr/sbin/https-dns-proxy
+ $(INSTALL_BIN) ./files/https-dns-proxy.init $(1)/etc/init.d/https-dns-proxy
+ $(INSTALL_CONF) ./files/https-dns-proxy.config $(1)/etc/config/https-dns-proxy
endef
-$(eval $(call BuildPackage,https_dns_proxy))
+$(eval $(call BuildPackage,https-dns-proxy))
--- /dev/null
+config https-dns-proxy
+ option bootstrap_dns '8.8.8.8,8.8.4.4'
+ option resolver_url 'https://dns.google/dns-query'
+ option listen_addr '127.0.0.1'
+ option listen_port '5053'
+ option user 'nobody'
+ option group 'nogroup'
+ option ipv4_resolvers '1'
+ option verbosity '0' # fatal = 0, error = 1, warning = 2, info = 3, debug = 4
+
+config https-dns-proxy
+ option bootstrap_dns '1.1.1.1,1.0.0.1'
+ option resolver_url 'https://cloudflare-dns.com/dns-query'
+ option listen_addr '127.0.0.1'
+ option listen_port '5054'
+ option user 'nobody'
+ option group 'nogroup'
+ option ipv4_resolvers '1'
+ option verbosity '0' # fatal = 0, error = 1, warning = 2, info = 3, debug = 4
--- /dev/null
+#!/bin/sh /etc/rc.common
+# Copyright 2019 Stan Grishin (stangri@melmac.net)
+# shellcheck disable=SC2039
+
+export START=80
+export USE_PROCD=1
+
+PROG=/usr/sbin/https-dns-proxy
+
+xappend() { param="$param $1"; }
+
+append_bool() {
+ local section="$1"
+ local option="$2"
+ local value="$3"
+ local default="$4"
+ local _loctmp
+ [ -z "$default" ] && default="0"
+ config_get_bool _loctmp "$section" "$option" "$default"
+ [ "$_loctmp" != "0" ] && xappend "$value"
+}
+
+append_parm() {
+ local section="$1"
+ local option="$2"
+ local switch="$3"
+ local default="$4"
+ local _loctmp
+ config_get _loctmp "$section" "$option" "$default"
+ [ -z "$_loctmp" ] && return 0
+ xappend "$switch $_loctmp"
+}
+
+start_instance() {
+ local cfg="$1" param listen_addr listen_port
+
+ append_parm "$cfg" 'listen_addr' '-a' '127.0.0.1'
+ append_parm "$cfg" 'listen_port' '-p' "$p"
+ append_parm "$cfg" 'bootstrap_dns' '-b'
+ append_parm "$cfg" 'resolver_url' '-r'
+ append_parm "$cfg" 'user' '-u' 'nobody'
+ append_parm "$cfg" 'group' '-g' 'nogroup'
+ append_parm "$cfg" 'edns_subnet' '-e'
+ append_parm "$cfg" 'proxy_server' '-t'
+ append_parm "$cfg" 'logfile' '-l'
+ append_bool "$cfg" 'use_http1' '-x'
+ append_bool "$cfg" 'ipv4_resolvers' '-4'
+
+ config_get verbosity "$cfg" 'verbosity' "0"
+ for i in $(seq 1 $verbosity); do
+ xappend "-v"
+ done
+
+ procd_open_instance
+# shellcheck disable=SC2086
+ procd_set_param command ${PROG} ${param}
+ procd_set_param stderr 1
+ procd_set_param stdout 1
+ procd_set_param respawn
+ procd_close_instance
+
+ config_get listen_addr "$cfg" 'listen_addr' '127.0.0.1'
+ config_get listen_port "$cfg" 'listen_port' "$p"
+
+ # Don't add the any address to dnsmasq
+ case $listen_addr in
+ 0.0.0.0|::ffff:0.0.0.0)
+ listen_addr='127.0.0.1'
+ ;;
+ ::)
+ listen_addr='::1'
+ ;;
+ esac
+
+ config_load 'dhcp'
+# shellcheck disable=SC2154
+ config_foreach dnsmasq_add_doh_server 'dnsmasq' "${listen_addr}#${listen_port}"
+ p="$((p+1))"
+}
+
+service_triggers() {
+ procd_add_reload_trigger 'https-dns-proxy'
+}
+
+start_service() {
+ local p=5053
+ dhcp_backup 'create'
+ config_load 'https-dns-proxy'
+ config_foreach start_instance 'https-dns-proxy'
+ if [ -z "$(uci -q get dhcp.@dnsmasq[0].server)" ]; then
+ dhcp_backup 'restore'
+ fi
+ if [ -n "$(uci -q changes dhcp)" ]; then
+ uci -q commit dhcp
+ [ -x /etc/init.d/dnsmasq ] && /etc/init.d/dnsmasq restart >/dev/null 2>&1
+ fi
+}
+
+stop_service() {
+ dhcp_backup 'restore'
+ if [ -n "$(uci -q changes dhcp)" ]; then
+ uci -q commit dhcp
+ [ -x /etc/init.d/dnsmasq ] && /etc/init.d/dnsmasq restart >/dev/null 2>&1
+ fi
+}
+
+service_triggers() {
+ procd_add_reload_trigger 'https-dns-proxy'
+}
+
+dnsmasq_add_doh_server() {
+ local cfg="$1" value="$2"
+ uci -q add_list dhcp."$cfg".server="$value"
+}
+
+dnsmasq_create_server_backup() {
+ local cfg="$1" i
+ if ! uci -q get "dhcp.$cfg.doh_backup_server" >/dev/null; then
+ for i in $(uci -q get "dhcp.$cfg.server"); do
+ uci -q add_list dhcp."$cfg".doh_backup_server="$i"
+ done
+ fi
+ uci -q del "dhcp.$cfg.server"
+}
+
+dnsmasq_restore_server_backup() {
+ local cfg="$1" i
+ if uci -q get "dhcp.$cfg.doh_backup_server" >/dev/null; then
+ uci -q del "dhcp.$cfg.server"
+ for i in $(uci -q get "dhcp.$cfg.doh_backup_server"); do
+ uci -q add_list dhcp."$cfg".server="$i"
+ done
+ fi
+}
+
+dhcp_backup() {
+ config_load 'dhcp'
+ case "$1" in
+ create)
+ config_foreach dnsmasq_create_server_backup 'dnsmasq';;
+ restore)
+ config_foreach dnsmasq_restore_server_backup 'dnsmasq';;
+ esac
+}
+++ /dev/null
-config https_dns_proxy
- option listen_addr '127.0.0.1'
- option listen_port '5053'
- option bootstrap_dns '8.8.8.8,8.8.4.4'
- option url_prefix 'https://dns.google.com/resolve?'
- option user 'nobody'
- option group 'nogroup'
- option subnet_addr ''
- option proxy_server ''
-
-config https_dns_proxy
- option listen_addr '127.0.0.1'
- option listen_port '5054'
- option bootstrap_dns '1.1.1.1,1.0.0.1'
- option url_prefix 'https://cloudflare-dns.com/dns-query?ct=application/dns-json&'
- option user 'nobody'
- option group 'nogroup'
- option subnet_addr ''
- option proxy_server ''
+++ /dev/null
-#!/bin/sh /etc/rc.common
-# Copyright 2019 Stan Grishin (stangri@melmac.net)
-# shellcheck disable=SC2039
-
-export START=80
-export USE_PROCD=1
-
-PROG=/usr/sbin/https_dns_proxy
-
-xappend() { param="$param $1"; }
-
-append_parm() {
- local section="$1"
- local option="$2"
- local switch="$3"
- local default="$4"
- local _loctmp
- config_get _loctmp "$section" "$option" "$default"
- [ -z "$_loctmp" ] && return 0
- xappend "$switch $_loctmp"
-}
-
-start_instance() {
- local cfg="$1" param listen_addr listen_port
-
- append_parm "$cfg" 'listen_addr' '-a' '127.0.0.1'
- append_parm "$cfg" 'listen_port' '-p' "$p"
- append_parm "$cfg" 'bootstrap_dns' '-b'
- append_parm "$cfg" 'url_prefix' '-r'
- append_parm "$cfg" 'user' '-u' 'nobody'
- append_parm "$cfg" 'group' '-g' 'nogroup'
- append_parm "$cfg" 'subnet_addr' '-e'
- append_parm "$cfg" 'proxy_server' '-t'
-
- procd_open_instance
-# shellcheck disable=SC2086
- procd_set_param command ${PROG} ${param}
- procd_set_param respawn
- procd_close_instance
-
- config_get listen_addr "$cfg" 'listen_addr' '127.0.0.1'
- config_get listen_port "$cfg" 'listen_port' "$p"
- config_load 'dhcp'
-# shellcheck disable=SC2154
- config_foreach dnsmasq_add_doh_server 'dnsmasq' "${listen_addr}#${listen_port}"
- p="$((p+1))"
-}
-
-service_triggers() {
- procd_add_reload_trigger 'https_dns_proxy'
-}
-
-start_service() {
- local p=5053
- dhcp_backup 'create'
- config_load 'https_dns_proxy'
- config_foreach start_instance 'https_dns_proxy'
- if [ -z "$(uci -q get dhcp.@dnsmasq[0].server)" ]; then
- dhcp_backup 'restore'
- fi
- if [ -n "$(uci -q changes dhcp)" ]; then
- uci -q commit dhcp
- [ -x /etc/init.d/dnsmasq ] && /etc/init.d/dnsmasq restart >/dev/null 2>&1
- fi
-}
-
-stop_service() {
- dhcp_backup 'restore'
- if [ -n "$(uci -q changes dhcp)" ]; then
- uci -q commit dhcp
- [ -x /etc/init.d/dnsmasq ] && /etc/init.d/dnsmasq restart >/dev/null 2>&1
- fi
-}
-
-dnsmasq_add_doh_server() {
- local cfg="$1" value="$2"
- uci -q add_list dhcp."$cfg".server="$value"
-}
-
-dnsmasq_create_server_backup() {
- local cfg="$1" i
- if ! uci -q get "dhcp.$cfg.doh_backup_server" >/dev/null; then
- for i in $(uci -q get "dhcp.$cfg.server"); do
- uci -q add_list dhcp."$cfg".doh_backup_server="$i"
- done
- fi
- uci -q del "dhcp.$cfg.server"
-}
-
-dnsmasq_restore_server_backup() {
- local cfg="$1" i
- if uci -q get "dhcp.$cfg.doh_backup_server" >/dev/null; then
- uci -q del "dhcp.$cfg.server"
- for i in $(uci -q get "dhcp.$cfg.doh_backup_server"); do
- uci -q add_list dhcp."$cfg".server="$i"
- done
- fi
-}
-
-dhcp_backup() {
- config_load 'dhcp'
- case "$1" in
- create)
- config_foreach dnsmasq_create_server_backup 'dnsmasq';;
- restore)
- config_foreach dnsmasq_restore_server_backup 'dnsmasq';;
- esac
-}
include $(TOPDIR)/rules.mk
PKG_NAME:=i2pd
-PKG_VERSION:=2.28.0
-PKG_RELEASE:=1
+PKG_VERSION:=2.29.0
+PKG_RELEASE:=2
PKG_BUILD_PARALLEL:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/PurpleI2P/i2pd/tar.gz/$(PKG_VERSION)?
-PKG_HASH:=181327edc7cf5b3c25ee51ecc518a4da90fa9e421eca2107996791038a514a21
+PKG_HASH:=fd0474c33b411593b9dc8197f3799d37d68455c11a9ee3994ec993a96388ec06
PKG_MAINTAINER:=David Yang <mmyangfl@gmail.com>
PKG_LICENSE:=BSD-3-Clause
$(INSTALL_DIR) $(1)/usr/share/i2pd
$(CP) $(PKG_BUILD_DIR)/contrib/certificates $(1)/usr/share/i2pd
$(INSTALL_DIR) $(1)/etc/config
- $(INSTALL_CONF) ./files/i2pd.config $(1)/etc/config/i2pd
+ $(INSTALL_DATA) ./files/i2pd.config $(1)/etc/config/i2pd
$(INSTALL_DIR) $(1)/etc/i2pd
$(INSTALL_CONF) $(PKG_BUILD_DIR)/contrib/i2pd.conf $(1)/etc/i2pd
$(SED) ' \
config_get addressbook_dir "$cfg" addressbook_dir
## Setting up data dir
- if [ ! -d "$data_dir" ]; then
+ [ -d "$data_dir" ] || {
mkdir -p "$data_dir"
+ chown "$USER:$GROUP" "$data_dir"
ln -s /usr/share/i2pd/certificates "$data_dir/certificates"
- if [ -n "$addressbook_dir" ]; then
- if [ ! -d "$addressbook_dir" ]; then
- mkdir -p "$addressbook_dir"
- fi
+ [ -n "$addressbook_dir" ] && {
+ [ -d "$addressbook_dir" ] || mkdir -p "$addressbook_dir"
+ chown "$USER:$GROUP" "$addressbook_dir"
ln -s "$addressbook_dir" "$data_dir/addressbook"
- fi
- fi
+ }
+ }
## We need permissions
- chown "$USER:$GROUP" "$data_dir"
- chown "$USER:$GROUP" "$addressbook_dir"
touch "$PIDFILE"
chown "$USER:adm" "$PIDFILE"
config_cb() {
local type="$1"
local name="$2"
- if [ "$type" = "i2pd" ]; then
- if [ -n "$instance" ] && [ "$instance" = "$name" ]; then
- instance_found=1
- fi
- fi
+ [ "$type" = "i2pd" ] && [ -n "$instance" ] && [ "$instance" = "$name" ] && instance_found=1
}
config_load i2pd
PKG_NAME:=ibrdtnd
PKG_VERSION:=1.0.1
-PKG_RELEASE:=4
+PKG_RELEASE:=5
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://www.ibr.cs.tu-bs.de/projects/ibr-dtn/releases
PKG_HASH:=9bd79636154093ab6bf4fd10d6c62d67c6db45141460847b19def327c93771ed
+
PKG_MAINTAINER:=Johannes Morgenroth <jm@m-network.de>
PKG_LICENSE:=Apache-2.0
--without-vmime \
--disable-libdaemon
-TARGET_CXXFLAGS += -std=gnu++03
-
define Package/ibrdtnd/install
$(INSTALL_DIR) $(1)/usr/sbin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/dtnd $(1)/usr/sbin/
define Build/Configure
(cd $(PKG_BUILD_DIR); \
$(SCONS_VARS) \
- python2.7 $(STAGING_DIR_HOST)/bin/scons.py \
+ python2.7 $(STAGING_DIR_HOSTPKG)/bin/scons \
$(SCONS_OPTIONS) \
)
endef
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=LICENSE
-PKG_MAINTAINER:=Florian Fainelli <florian@openwrt.org>
+PKG_MAINTAINER:=
PKG_CHECK_FORMAT_SECURITY:=0
--- /dev/null
+if PACKAGE_iputils-ping
+
+config PING_LEGACY_SYMLINKS
+ bool
+ default n
+ prompt "Install legacy ping4 and ping6 symlinks"
+ help
+ Iputils previously generated separate "ping" and "ping6"
+ binaries for supporting IPv4 and IPv6 communication,
+ respectively. Recent versions of iputils have merged
+ support for both address families into a single program.
+ Select this option to install "ping6" and "ping4" symlinks
+ to the unified binary to support compatibility with
+ existing tools that may still expect to find the old
+ names.
+
+endif
--- /dev/null
+if PACKAGE_iputils-tracepath
+
+config TRACEPATH_LEGACY_SYMLINKS
+ bool
+ default n
+ prompt "Install legacy tracepath4 and tracepath6 symlinks"
+ help
+ Iputils previously generated separate "tracepath" and
+ "tracepath6" binaries for supporting IPv4 and IPv6
+ communication, respectively. Recent versions of iputils
+ have merged support for both address families into a
+ single tracepath program. Select this option to install
+ "tracepath6" and "tracepath4" symlinks to the unified
+ binary to support compatibility with existing tools that
+ may still expect to find the old names.
+endif
--- /dev/null
+#
+# Copyright (C) 2006-2010 OpenWrt.org
+# Copyright (C) 2019 Noah Meyerhans <frodo@morgul.net>
+#
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=iputils
+PKG_VERSION:=20190709
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://codeload.github.com/iputils/iputils/tar.gz/s$(PKG_VERSION)?
+PKG_HASH:=a15720dd741d7538dd2645f9f516d193636ae4300ff7dbc8bfca757bf166490a
+
+PKG_MAINTAINER:=Noah Meyerhans <frodo@morgul.net>
+PKG_LICENSE:=BSD-3-Clause
+PKG_LICENSE_FILES:=LICENSE
+PKG_CPE_ID:=cpe:/a:iputils_project:iputils
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/iputils-s$(PKG_VERSION)
+PKG_BUILD_DEPENDS:=meson/host
+include $(INCLUDE_DIR)/package.mk
+include ../../devel/meson/meson.mk
+
+MESON_ARGS:=-DBUILD_MANS=false \
+ -DBUILD_HTML_MANS=false \
+ -DUSE_CAP=false \
+ -DUSE_CRYPTO=kernel \
+ -DUSE_IDN=false \
+ -DUSE_GETTEXT=false \
+ -DNO_SETCAP_OR_SUID=true \
+ -DBUILD_PING=true \
+ -DBUILD_ARPING=true \
+ -DBUILD_CLOCKDIFF=true \
+ -DBUILD_TRACEPATH=true \
+ -DBUILD_TFTPD=true
+
+define Package/iputils/Default
+ SECTION:=net
+ CATEGORY:=Network
+ TITLE:=iputils
+ URL:=https://github.com/iputils/iputils
+endef
+
+### ping
+
+define Package/iputils-ping
+ $(call Package/iputils/Default)
+ TITLE:=iputils-ping
+ DEPENDS:=+kmod-crypto-md5
+endef
+
+define Package/iputils-ping/config
+ source "$(SOURCE)/Config_ping.in"
+endef
+
+define Package/iputils-ping/description
+ Send ICMP_ECHOREQUEST packets to IP hosts and report on replies
+endef
+
+define Package/iputils-ping/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_SUID) $(MESON_BUILD_DIR)/ping $(1)/usr/bin/
+ifdef CONFIG_PING_LEGACY_SYMLINKS
+ ln -s ping $(1)/usr/bin/ping4
+ ln -s ping $(1)/usr/bin/ping6
+endif
+endef
+
+### arping
+
+define Package/iputils-arping
+ $(call Package/iputils/Default)
+ TITLE:=iputils-arping
+endef
+
+define Package/iputils-arping/description
+ Send ARP REQUEST packets to a neighbor host
+endef
+
+define Package/iputils-arping/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(MESON_BUILD_DIR)/arping $(1)/usr/bin/
+endef
+
+### clockdiff
+
+define Package/iputils-clockdiff
+ $(call Package/iputils/Default)
+ TITLE:=iputils-clockdiff
+endef
+
+define Package/iputils-clockdiff/description
+ Measure the clock difference between two hosts
+endef
+
+define Package/iputils-clockdiff/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(MESON_BUILD_DIR)/clockdiff $(1)/usr/bin/
+endef
+
+### tracepath
+
+define Package/iputils-tracepath
+ $(call Package/iputils/Default)
+ TITLE:=iputils-tracepath
+endef
+
+define Package/iputils-tracepath/description
+ trace network path to a host, discovering PMTU
+endef
+
+define Package/iputils-tracepath/config
+ source "$(SOURCE)/Config_tracepath.in"
+endef
+
+define Package/iputils-tracepath/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(MESON_BUILD_DIR)/tracepath $(1)/usr/bin/
+ifdef CONFIG_TRACEPATH_LEGACY_SYMLINKS
+ ln -s tracepath $(1)/usr/bin/tracepath4
+ ln -s tracepath $(1)/usr/bin/tracepath6
+endif
+endef
+
+### tftp
+
+define Package/iputils-tftpd
+ $(call Package/iputils/Default)
+ TITLE:=iputils-tftpd
+endef
+
+define Package/iputils-tftpd/description
+ Trivial File Transfer Protocol server
+endef
+
+define Package/iputils-tftpd/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(MESON_BUILD_DIR)/tftpd $(1)/usr/bin/
+endef
+
+$(eval $(call BuildPackage,iputils-ping))
+$(eval $(call BuildPackage,iputils-arping))
+$(eval $(call BuildPackage,iputils-clockdiff))
+$(eval $(call BuildPackage,iputils-tracepath))
+$(eval $(call BuildPackage,iputils-tftpd))
include $(TOPDIR)/rules.mk
PKG_NAME:=ipvsadm
-PKG_VERSION:=1.30
+PKG_VERSION:=1.31
PKG_MAINTAINER:=Mauro Mozzarelli <mauro@ezplanet.org>, \
Florian Eckert <fe@dev.tdt.de>
PKG_LICENSE:=GPL-2.0-or-later
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@KERNEL/linux/utils/kernel/ipvsadm/
-PKG_HASH:=95573d70df473c9f63fc4ac496c044c69e3a6de7ccac119922210c0b44cd7a0c
+PKG_HASH:=1a0a5e25b5a1226435d2fb76341656f83a710183aebb0d204db39c0ec3bedfdb
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
include $(TOPDIR)/rules.mk
PKG_NAME:=kcptun
-PKG_VERSION:=20191112
+PKG_VERSION:=20200103
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/xtaci/kcptun/tar.gz/v${PKG_VERSION}?
-PKG_SOURCE_DATE:=2019-11-12
-PKG_HASH:=63fd7647cce7488c193ed74f96c2ec377b8b7466f0661bf021d414c68c2fe78b
+PKG_SOURCE_DATE:=2020-01-03
+PKG_HASH:=620d4cd3ed1660e71b0fe1041c063e8fb38dc3aa7a6c78f6570e812566f44bb5
PKG_MAINTAINER:=Dengfeng Liu <liudf0716@gmail.com>, Chao Liu <expiron18@gmail.com>
PKG_LICENSE:=MIT
SUBMENU:=Web Servers/Proxies
TITLE:=Kcptun Config Scripts
URL:=https://github.com/xtaci/kcptun
+ DEPENDS:=$(GO_ARCH_DEPENDS)
endef
define Package/kcptun-config/install
SUBMENU:=Web Servers/Proxies
TITLE:=KCP-based Secure Tunnel $(1)
URL:=https://github.com/xtaci/kcptun
- DEPENDS:=+kcptun-config $$(GO_ARCH_DEPENDS)
+ DEPENDS:=+kcptun-config
endef
define Package/kcptun-$(1)/description
include $(TOPDIR)/rules.mk
PKG_NAME:=knot
-PKG_VERSION:=2.9.1
+PKG_VERSION:=2.9.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://secure.nic.cz/files/knot-dns/
-PKG_HASH:=f19121956caa360c387923654f13e4c97b3fb9093d242e110d7e0916b8d8a04d
+PKG_HASH:=298cdf33aa7589b50df7e5833694b24cd2de8b6d17cee7e1673873fe576db6ee
PKG_MAINTAINER:=Daniel Salzman <daniel.salzman@nic.cz>
PKG_LICENSE:=GPL-3.0 LGPL-2.0 0BSD BSD-3-Clause OLDAP-2.8
define Package/knot-libs
$(call Package/knot-lib/Default)
TITLE+= common DNS and DNSSEC libraries
- DEPENDS+=+libgnutls +lmdb
+ DEPENDS+=+libgnutls +lmdb @!arc
endef
define Package/knot-libzscanner
$(call Package/knot-lib/Default)
TITLE+= zone parser library
+ DEPENDS+=@!arc
endef
define Package/knot
$(MAKE) -C $(PKG_BUILD_DIR)/tests check-compile
endef
+ifneq ($(CONFIG_arc),y)
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/*.{a,so*} $(1)/usr/lib/
$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/*.pc $(1)/usr/lib/pkgconfig/
endef
+endif
define Package/knot-libs/install
$(INSTALL_DIR) $(1)/usr/lib
PKG_NAME:=knxd
PKG_VERSION:=0.14.29
-PKG_RELEASE:=3
+PKG_RELEASE:=4
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/knxd/knxd/tar.gz/$(PKG_VERSION)?
#enable the EIBnet/IP server to answer discovery and description requests (SEARCH, DESCRIPTION)
option Discovery 1
# EIBADDR set our EIB address to EIBADDR (default 0.0.1)
- option eibaddr "0.0.2"
+ option eibaddr "0.0.1"
+ # CLIENTADDRS set client addrs
+ option client_addrs "0.0.2:10"
# LEVEL set error level
option error 0
# PORT listen at TCP port PORT (default 6720)
name = mcast:knxd
[main]
addr = 0.0.1
-background = true
client-addrs = 0.0.2:10
connections = A.tcp,server,B.ip
[server]
append_parm args client_addrs "client-addrs" "0.0.2:10"
append_parm args layer2 "layer2"
append_bool args GroupCache "GroupCache" 0
- append_parm args daemon "daemon" "/var/log/knxd.log"
+ #append_parm args daemon "daemon" "/var/log/knxd.log"
append_parm args error "error" # "5"
append_parm args listen_tcp "listen-tcp" "6720"
append_parm args Interface "Interface" # "eth0"
if [ "$url" == "usb:" ] ; then
url="usb:""$(findknxusb | tail -n1 | sed -e 's/device: \([0-9]:[0-9]:[0-9]\):[0-9].*/\1/')"
fi
- echo "/usr/lib/knxd_args $params $url"
- /usr/lib/knxd_args $params $url > /tmp/etc/knxd.ini
+ echo "/usr/lib/knxd_args $params -b $url"
+ /usr/lib/knxd_args $params -b $url > /tmp/etc/knxd.ini
procd_open_instance
procd_set_param command $PROG "/tmp/etc/knxd.ini"
procd_set_param respawn
+ procd_set_param stdout 1
+ procd_set_param stderr 1
procd_close_instance
}
-stop_service() {
- killall knxd
-}
-
reload_service()
{
restart
+++ /dev/null
-#
-# Copyright (C) 2006-2010 OpenWrt.org
-# Copyright (C) 2016 Stijn Segers
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=mii-tool
-PKG_SOURCE_DATE:=2016-10-06
-PKG_SOURCE_VERSION:=115f1af2494ded1fcd21c8419d5e289bc4df380f
-PKG_RELEASE:=3
-
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://git.code.sf.net/p/net-tools/code
-PKG_MIRROR_HASH:=43d9d042ffe2db784256de5df8e77d688f0808f2b890351a21b902c798fa6310
-
-PKG_MAINTAINER:=Stijn Segers <borromini.reg@protonmail.com>
-PKG_LICENSE:=GPL-2.0-or-later
-PKG_LICENSE_FILES:=COPYING
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/mii-tool
- SECTION:=net
- CATEGORY:=Network
- TITLE:=configure media type using MII commands
- URL:=http://net-tools.sourceforge.net/
-endef
-
-define Package/mii-tool/description
- The mii-tool command allows you to set or autodetect the media type
- or mii chipset-based ethernet devices. It traditionally had been
- distributed in the net-tools package. This is a single distribution
- optimized for embedded systems and fully automated cross/-sysroot-builds
-endef
-
-define Build/Configure
- # Failed configure.sh leaves stub config.h around.
- rm -f $(PKG_BUILD_DIR)/config.h
- ( cd $(PKG_BUILD_DIR); yes $$$$'\n' | ./configure.sh config.in )
-endef
-
-define Package/mii-tool/install
- $(INSTALL_DIR) $(1)/usr/sbin
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/mii-tool $(1)/usr/sbin/
-endef
-
-$(eval $(call BuildPackage,mii-tool))
+++ /dev/null
---- a/iptunnel.c 2016-07-10 20:15:29.000000000 +0200
-+++ b/iptunnel.c 2017-10-19 19:51:09.172782821 +0200
-@@ -26,7 +26,6 @@
- #include <sys/socket.h>
- #include <sys/ioctl.h>
- #include <netinet/in.h>
--#include <netinet/ip.h>
- #include <arpa/inet.h>
- #include <net/if.h>
- #include <net/if_arp.h>
include $(TOPDIR)/rules.mk
PKG_NAME:=modemmanager
-PKG_VERSION:=1.12.0
-PKG_RELEASE:=8
+PKG_VERSION:=1.12.4
+PKG_RELEASE:=2
PKG_SOURCE:=ModemManager-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://www.freedesktop.org/software/ModemManager
-PKG_HASH:=3daca86164145fffb589939433f596c13fa077c9a187c0d5820fdd5b4e4a6424
+PKG_HASH:=852d61755e0c1a8d0c609b17192d742b324fdd2e513f3ed64b228befb859a95b
PKG_BUILD_DIR:=$(BUILD_DIR)/ModemManager-$(PKG_VERSION)
PKG_MAINTAINER:=Nicholas Smith <nicholas.smith@telcoantennas.com.au>
-LICENSE:=GPL-2.0-or-later
-LICENSE_FILES:=COPYING
+PKG_LICENSE:=GPL-2.0-or-later
+PKG_LICENSE_FILES:=COPYING
+PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
-
PKG_BUILD_DEPENDS:=glib2/host libxslt/host
-PKG_FIXUP:=autoreconf
-
include $(INCLUDE_DIR)/package.mk
define Package/modemmanager/config
$(INTL_DEPENDS) \
+glib2 \
+dbus \
+ +ppp \
+MODEMMANAGER_WITH_MBIM:libmbim \
+MODEMMANAGER_WITH_QMI:libqmi
endef
CONFIGURE_ARGS += \
--without-polkit \
--without-udev \
- --without-suspend-resume \
- --with-systemdsystemunitdir=no \
+ --without-systemdsystemunitdir \
--disable-rpath \
- --disable-gtk-doc
+ --disable-gtk-doc
ifdef CONFIG_MODEMMANAGER_WITH_MBIM
CONFIGURE_ARGS += --with-mbim
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libmm-glib.so.* $(1)/usr/lib
$(INSTALL_DIR) $(1)/usr/lib/ModemManager
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/ModemManager/libmm-shared-*.so* $(1)/usr/lib/ModemManager
$(CP) $(PKG_INSTALL_DIR)/usr/lib/ModemManager/libmm-plugin-*.so* $(1)/usr/lib/ModemManager
$(INSTALL_DIR) $(1)/etc/dbus-1/system.d
PKG_NAME:=mosh
PKG_VERSION:=1.3.2
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://mosh.org/
--- /dev/null
+--- a/src/network/network.cc
++++ b/src/network/network.cc
+@@ -60,7 +60,6 @@
+ #define AI_NUMERICSERV 0
+ #endif
+
+-using namespace std;
+ using namespace Network;
+ using namespace Crypto;
+
include $(TOPDIR)/rules.mk
PKG_NAME:=mosquitto
-PKG_VERSION:=1.6.7
+PKG_VERSION:=1.6.8
PKG_RELEASE:=1
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=LICENSE.txt
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://mosquitto.org/files/source/
-PKG_HASH:=bcd31a8fbbd053fee328986fadd8666d3058357ded56b9782f7d4f19931d178e
+PKG_HASH:=7df23c81ca37f0e070574fe74414403cf25183016433d07add6134366fb45df6
include $(INCLUDE_DIR)/package.mk
include $(TOPDIR)/rules.mk
PKG_NAME:=mtr
-PKG_VERSION:=0.92
-PKG_RELEASE:=6
+PKG_VERSION:=0.93
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://www.bitwizard.nl/mtr/files
-PKG_HASH:=f2979db9e2f41aa8e6574e7771767c9afe111d9213814eb47f5e1e71876e4382
+PKG_SOURCE_URL:=ftp://ftp.bitwizard.nl/mtr
+PKG_HASH:=229c673d637bd7dbb96471623785a47e85da0b1944978200c949994c1e6af10d
PKG_MAINTAINER:=Jonathan McCrohan <jmccrohan@gmail.com>
PKG_LICENSE:=GPL-2.0-or-later
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
-PKG_FIXUP:=autoreconf
-
include $(INCLUDE_DIR)/package.mk
-# Creation of .tarball-version is an attempt to make it explicit to configure
-# script the program version. See discussions at link [1] for more details
-#
-# [1] mtr: add autoreconf, https://github.com/openwrt/packages/pull/6962#issuecomment-419156300
-#
-define Build/Prepare
- $(call Build/Prepare/Default)
- echo "$(PKG_VERSION)" >$(PKG_BUILD_DIR)/.tarball-version
-endef
-
define Package/mtr
SECTION:=net
CATEGORY:=Network
running statistics about each machine.
endef
+TARGET_CFLAGS += -ffunction-sections -fdata-sections
+TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed
+
CONFIGURE_ARGS += \
--without-gtk \
$(call autoconf_bool,CONFIG_IPV6,ipv6)
append_parm v1trapaddress host v1trapaddress
append_parm trapsess trapsess trapsess
- procd_set_param command $PROG -Lf /dev/null -f
+ procd_set_param command $PROG -Lf /dev/null -f -r
procd_set_param file $CONFIGFILE
procd_set_param respawn
--- /dev/null
+#
+# Copyright (C) 2006-2010 OpenWrt.org
+# Copyright (C) 2016 Stijn Segers
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=net-tools
+PKG_SOURCE_DATE:=2018-11-03
+PKG_SOURCE_VERSION:=0eebece8c964e3cfa8a018f42b2e7e751a7009a0
+PKG_RELEASE:=1
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://git.code.sf.net/p/net-tools/code
+PKG_MIRROR_HASH:=9d978b9f8ccae4af623a299155c62d9b3d31213182c785f925bf8704d48a04c9
+
+PKG_MAINTAINER:=Stijn Segers <borromini.reg@protonmail.com>
+PKG_LICENSE:=GPL-2.0-or-later
+PKG_LICENSE_FILES:=COPYING
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/mii-tool
+ SECTION:=net
+ CATEGORY:=Network
+ TITLE:=configure media type using MII commands
+ URL:=http://net-tools.sourceforge.net/
+endef
+
+define Package/mii-tool/description
+ The mii-tool command allows you to set or autodetect the media type
+ or mii chipset-based ethernet devices. It traditionally had been
+ distributed in the net-tools package. This is a single distribution
+ optimized for embedded systems and fully automated cross/-sysroot-builds
+endef
+
+define Package/net-tools-route
+ SECTION:=net
+ CATEGORY:=Network
+ TITLE:=net-tools - route utility
+ URL:=http://net-tools.sourceforge.net/
+ PROVIDES:=route
+ ALTERNATIVES:=300:/sbin/route:/usr/libexec/net-tools-route
+endef
+
+define Package/net-tools-route/description
+ Replace busybox version of the route command with the full net-tools
+ version. This is normally not needed as busybox is smaller and provides
+ sufficient functionality, but some users may want or need the full
+ functionality of the net-tools variant (e.g. AF_X25).
+endef
+
+define Build/Configure
+ # Failed configure.sh leaves stub config.h around.
+ rm -f $(PKG_BUILD_DIR)/config.h
+ ( cd $(PKG_BUILD_DIR); yes $$$$'\n' | ./configure.sh config.in )
+endef
+
+define Package/mii-tool/install
+ $(INSTALL_DIR) $(1)/usr/sbin
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/mii-tool $(1)/usr/sbin/
+endef
+
+define Package/net-tools-route/install
+ $(INSTALL_DIR) $(1)/usr/libexec
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/route $(1)/usr/libexec/net-tools-route
+endef
+
+$(eval $(call BuildPackage,mii-tool))
+$(eval $(call BuildPackage,net-tools-route))
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://gitlab.com/netify.ai/public/netify-agent.git
-PKG_SOURCE_DATE:=2019-10-21
-PKG_SOURCE_VERSION:=v2.93
-#PKG_SOURCE_VERSION:=4585e2b82c6a34633bc54ac526a635e8a95b28f3
-PKG_MIRROR_HASH:=efbfae112bb4d8d8d22e04ce523484a47b154a4cf57b3992aa28073ba64bd59b
+PKG_SOURCE_DATE:=2019-12-07
+PKG_SOURCE_VERSION:=v2.98
+#PKG_SOURCE_VERSION:=a204805151bc5c35ad09e21913dac25deed13f95
+PKG_MIRROR_HASH:=d235df7f77380e188db75fb885491bf46b2a7a3454f7bf2c85269aeff8f92220
include $(INCLUDE_DIR)/package.mk
CATEGORY:=Network
TITLE:=Netify Agent
URL:=http://www.netify.ai/
- DEPENDS:=+ca-bundle +libcurl +libmnl +libnetfilter-conntrack +libjson-c +libpcap +zlib +libpthread @!USE_UCLIBC
+ DEPENDS:=+ca-bundle +libcurl +libmnl +libnetfilter-conntrack +libpcap +zlib +libpthread @!USE_UCLIBC
# Explicitly depend on libstdcpp rather than $(CXX_DEPENDS). At the moment
# std::unordered_map is only available via libstdcpp which is required for
# performance reasons.
/etc/netifyd.conf
endef
-TARGET_CFLAGS+=-ffunction-sections -fdata-sections
-TARGET_CXXFLAGS+=-ffunction-sections -fdata-sections
+TARGET_CFLAGS+=-ffunction-sections -fdata-sections -Wno-psabi
+TARGET_CXXFLAGS+=-ffunction-sections -fdata-sections -Wno-psabi
TARGET_LDFLAGS+=-Wl,--gc-sections
CONFIGURE_ARGS+= \
include $(TOPDIR)/rules.mk
PKG_NAME:=nextdns
-PKG_VERSION:=1.1.5
-PKG_RELEASE:=3
+PKG_VERSION:=1.3.1
+PKG_RELEASE:=4
PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=v$(PKG_VERSION)
PKG_SOURCE_URL:=https://github.com/nextdns/nextdns.git
-PKG_MIRROR_HASH:=01ff61771bcf076f1659167b8676234fdefefac9cd0a05aa1d491a7c5f0145fa
+PKG_MIRROR_HASH:=bb3b1901ba4d65b91f69487c59fbae89654fc22d368d37f3640c6eb457a2a0a1
PKG_MAINTAINER:=Olivier Poitrey <rs@nextdns.io>
PKG_LICENSE:=MIT
--- /dev/null
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=nginx-util
+PKG_VERSION:=1.1
+PKG_RELEASE:=2
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
+
+define Package/nginx-util
+ SECTION:=net
+ CATEGORY:=Network
+ SUBMENU:=Web Servers/Proxies
+ TITLE:=Builder of LAN listen directives for Nginx
+ DEPENDS:=+libstdcpp +libubus +libubox +libpthread
+endef
+
+define Package/nginx-ssl-util/default
+ $(Package/nginx-util)
+ TITLE+= and manager of its SSL certificates
+ DEPENDS+= +libopenssl
+ CONFLICTS:=nginx-util
+ PROVIDES:=nginx-ssl-util
+endef
+
+define Package/nginx-ssl-util-nopcre
+ $(Package/nginx-ssl-util/default)
+ TITLE+= (using <regex>)
+endef
+
+define Package/nginx-ssl-util
+ $(Package/nginx-ssl-util/default)
+ TITLE+= (using PCRE)
+ DEPENDS+= +libpcre
+endef
+
+define Package/nginx-util/description
+ Utility that builds dynamically LAN listen directives for Nginx.
+endef
+
+Package/nginx-ssl-util/default/description = $(Package/nginx-util/description)\
+ Furthermore, it manages SSL directives for its server parts and can create \
+ corresponding (self-signed) certificates.
+
+Package/nginx-ssl-util/description = \
+ $(Package/nginx-ssl-util/default/description) \
+ It uses the PCRE library for performance.
+
+Package/nginx-ssl-util-nopcre/description = \
+ $(Package/nginx-ssl-util/default/description) \
+ It uses the standard regex library of C++.
+
+define Package/nginx-util/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/nginx-util $(1)/usr/bin/nginx-util
+endef
+
+define Package/nginx-ssl-util/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/nginx-ssl-util $(1)/usr/bin/nginx-util
+endef
+
+define Package/nginx-ssl-util-nopcre/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/nginx-ssl-util-nopcre \
+ $(1)/usr/bin/nginx-util
+endef
+
+$(eval $(call BuildPackage,nginx-util))
+$(eval $(call BuildPackage,nginx-ssl-util))
+$(eval $(call BuildPackage,nginx-ssl-util-nopcre))
--- /dev/null
+cmake_minimum_required(VERSION 2.6)
+
+PROJECT(nginx-util CXX)
+
+INCLUDE(CheckFunctionExists)
+
+FIND_PATH(ubus_include_dir libubus.h)
+FIND_LIBRARY(ubox NAMES ubox)
+FIND_LIBRARY(ubus NAMES ubus)
+INCLUDE_DIRECTORIES(${ubus_include_dir})
+
+ADD_DEFINITIONS(-Os -Wall -Werror -Wextra --std=c++2a -g3)
+ADD_DEFINITIONS(-Wno-unused-parameter -Wmissing-declarations)
+
+SET(CMAKE_SHARED_LIBRARY_LINK_C_FLAGS "")
+
+ADD_EXECUTABLE(px5g px5g.cpp)
+TARGET_LINK_LIBRARIES(px5g ssl crypto)
+
+ADD_EXECUTABLE(nginx-util nginx-util.cpp)
+TARGET_LINK_LIBRARIES(nginx-util ${ubox} ${ubus} pthread)
+
+ADD_EXECUTABLE(nginx-ssl-util nginx-ssl-util.cpp)
+TARGET_LINK_LIBRARIES(nginx-ssl-util ${ubox} ${ubus} pthread ssl crypto pcre)
+
+ADD_EXECUTABLE(nginx-ssl-util-nopcre nginx-ssl-util.cpp)
+TARGET_COMPILE_DEFINITIONS(nginx-ssl-util-nopcre PUBLIC -DNO_PCRE)
+TARGET_LINK_LIBRARIES(nginx-ssl-util-nopcre ${ubox} ${ubus} pthread ssl crypto)
+
+ADD_EXECUTABLE(nginx-ssl-util-noubus nginx-ssl-util.cpp)
+TARGET_COMPILE_DEFINITIONS(nginx-ssl-util-noubus PUBLIC -DNO_UBUS)
+TARGET_LINK_LIBRARIES(nginx-ssl-util-noubus pthread ssl crypto pcre)
+
+INSTALL(TARGETS px5g RUNTIME DESTINATION bin)
+INSTALL(TARGETS nginx-util RUNTIME DESTINATION bin)
+INSTALL(TARGETS nginx-ssl-util RUNTIME DESTINATION bin)
+INSTALL(TARGETS nginx-ssl-util-nopcre RUNTIME DESTINATION bin)
+# INSTALL(TARGETS nginx-ssl-util-noubus RUNTIME DESTINATION bin)
--- /dev/null
+#include <thread>
+
+#ifdef NO_PCRE
+#include <regex>
+namespace rgx = std;
+#else
+#include "regex-pcre.hpp"
+#endif
+
+#include "nginx-util.hpp"
+#include "px5g-openssl.hpp"
+
+
+#ifndef NO_UBUS
+static constexpr auto UBUS_TIMEOUT = 1000;
+#endif
+
+// once a year:
+static constexpr auto CRON_INTERVAL = std::string_view{"3 3 12 12 *"};
+
+static constexpr auto LAN_SSL_LISTEN =
+ std::string_view{"/var/lib/nginx/lan_ssl.listen"};
+
+static constexpr auto LAN_SSL_LISTEN_DEFAULT =
+ std::string_view{"/var/lib/nginx/lan_ssl.listen.default"};
+
+static constexpr auto ADD_SSL_FCT = std::string_view{"add_ssl"};
+
+static constexpr auto SSL_SESSION_CACHE_ARG =
+ [](const std::string_view & /*name*/) -> std::string
+ { return "shared:SSL:32k"; };
+
+static constexpr auto SSL_SESSION_TIMEOUT_ARG = std::string_view{"64m"};
+
+
+using _Line =
+ std::array< std::string (*)(const std::string &, const std::string &), 2 >;
+
+class Line {
+
+private:
+
+ _Line _line;
+
+public:
+
+ explicit Line(const _Line & line) noexcept : _line{line} {}
+
+ template<const _Line & ...xn>
+ static auto build() noexcept -> Line
+ {
+ return Line{_Line{
+ [](const std::string & p, const std::string & b) -> std::string
+ { return (... + xn[0](p, b)); },
+ [](const std::string & p, const std::string & b) -> std::string
+ { return (... + xn[1](p, b)); }
+ }};
+ }
+
+
+ [[nodiscard]] auto STR(const std::string & param, const std::string & begin)
+ const -> std::string
+ { return _line[0](param, begin); }
+
+
+ [[nodiscard]] auto RGX() const -> rgx::regex
+ { return rgx::regex{_line[1]("", "")}; }
+
+};
+
+
+auto get_if_missed(const std::string & conf, const Line & LINE,
+ const std::string & val,
+ const std::string & indent="\n ", bool compare=true)
+ -> std::string;
+
+
+auto delete_if(const std::string & conf, const rgx::regex & rgx,
+ const std::string & val="", bool compare=false)
+ -> std::string;
+
+
+void add_ssl_directives_to(const std::string & name, bool isdefault);
+
+
+void create_ssl_certificate(const std::string & crtpath,
+ const std::string & keypath,
+ int days=792);
+
+
+void use_cron_to_recreate_certificate(const std::string & name);
+
+
+void add_ssl_if_needed(const std::string & name);
+
+
+void del_ssl_directives_from(const std::string & name, bool isdefault);
+
+
+void del_ssl(const std::string & name);
+
+
+constexpr auto _begin = _Line{
+ [](const std::string & /*param*/, const std::string & begin) -> std::string
+ { return begin; },
+
+ [](const std::string & /*param*/, const std::string & /*begin*/)
+ -> std::string
+ { return R"([{;](\s*))"; }
+};
+
+
+constexpr auto _space = _Line{
+ [](const std::string & /*param*/, const std::string & /*begin*/)
+ -> std::string
+ { return std::string{" "}; },
+
+ [](const std::string & /*param*/, const std::string & /*begin*/)
+ -> std::string
+ { return R"(\s+)"; }
+};
+
+
+constexpr auto _newline = _Line{
+ [](const std::string & /*param*/, const std::string & /*begin*/)
+ -> std::string
+ { return std::string{"\n"}; },
+
+ [](const std::string & /*param*/, const std::string & /*begin*/)
+ -> std::string
+ { return std::string{"\n"}; }
+};
+
+
+constexpr auto _end = _Line{
+ [](const std::string & /*param*/, const std::string & /*begin*/)
+ -> std::string
+ { return std::string{";"}; },
+
+ [](const std::string & /*param*/, const std::string & /*begin*/)
+ -> std::string
+ { return std::string{R"(\s*;)"}; }
+};
+
+
+template<char clim='\0'>
+constexpr auto _capture = _Line{
+ [](const std::string & param, const std::string & /*begin*/) -> std::string
+ { return '\'' + param + '\''; },
+
+ [](const std::string & /*param*/, const std::string & /*begin*/)
+ -> std::string
+ {
+ const auto lim = clim=='\0' ? std::string{"\\s"} : std::string{clim};
+ return std::string{R"(((?:(?:"[^"]*")|(?:[^'")"} +
+ lim + "][^" + lim + "]*)|(?:'[^']*'))+)";
+ }
+};
+
+
+template<const std::string_view & strptr, char clim='\0'>
+constexpr auto _escape = _Line{
+ [](const std::string & /*param*/, const std::string & /*begin*/)
+ -> std::string
+ {
+ return clim=='\0' ?
+ std::string{strptr.data()} :
+ clim + std::string{strptr.data()} + clim;
+ },
+
+ [](const std::string & /*param*/, const std::string & /*begin*/)
+ -> std::string
+ {
+ std::string ret{};
+ for (char c : strptr) {
+ switch(c) {
+ case '^': ret += '\\'; [[fallthrough]];
+ case '_': [[fallthrough]];
+ case '-': ret += c;
+ break;
+ default:
+ if ((isalpha(c)!=0) || (isdigit(c)!=0)) { ret += c; }
+ else { ret += std::string{"["}+c+"]"; }
+ }
+ }
+ return "(?:"+ret+"|'"+ret+"'"+"|\""+ret+"\""+")";
+ }
+};
+
+
+constexpr std::string_view _server_name = "server_name";
+
+constexpr std::string_view _include = "include";
+
+constexpr std::string_view _ssl_certificate = "ssl_certificate";
+
+constexpr std::string_view _ssl_certificate_key = "ssl_certificate_key";
+
+constexpr std::string_view _ssl_session_cache = "ssl_session_cache";
+
+constexpr std::string_view _ssl_session_timeout = "ssl_session_timeout";
+
+
+// For a compile time regex lib, this must be fixed, use one of these options:
+// * Hand craft or macro concat them (loosing more or less flexibility).
+// * Use Macro concatenation of __VA_ARGS__ with the help of:
+// https://p99.gforge.inria.fr/p99-html/group__preprocessor__for.html
+// * Use constexpr---not available for strings or char * for now---look at lib.
+
+static const auto CRON_CMD = Line::build
+ < _space, _escape<NGINX_UTIL>, _space, _escape<ADD_SSL_FCT,'\''>, _space,
+ _capture<>, _newline >();
+
+static const auto NGX_SERVER_NAME =
+ Line::build<_begin, _escape<_server_name>, _space, _capture<';'>, _end>();
+
+static const auto NGX_INCLUDE_LAN_LISTEN = Line::build
+ <_begin, _escape<_include>, _space, _escape<LAN_LISTEN,'\''>, _end>();
+
+static const auto NGX_INCLUDE_LAN_LISTEN_DEFAULT = Line::build
+ < _begin, _escape<_include>, _space,
+ _escape<LAN_LISTEN_DEFAULT, '\''>, _end >();
+
+static const auto NGX_INCLUDE_LAN_SSL_LISTEN = Line::build
+ <_begin, _escape<_include>, _space, _escape<LAN_SSL_LISTEN, '\''>, _end>();
+
+static const auto NGX_INCLUDE_LAN_SSL_LISTEN_DEFAULT = Line::build
+ < _begin, _escape<_include>, _space,
+ _escape<LAN_SSL_LISTEN_DEFAULT, '\''>, _end >();
+
+static const auto NGX_SSL_CRT = Line::build
+ <_begin, _escape<_ssl_certificate>, _space, _capture<';'>, _end>();
+
+static const auto NGX_SSL_KEY = Line::build
+ <_begin, _escape<_ssl_certificate_key>, _space, _capture<';'>, _end>();
+
+static const auto NGX_SSL_SESSION_CACHE = Line::build
+ <_begin, _escape<_ssl_session_cache>, _space, _capture<';'>, _end>();
+
+static const auto NGX_SSL_SESSION_TIMEOUT = Line::build
+ <_begin, _escape<_ssl_session_timeout>, _space, _capture<';'>, _end>();
+
+
+auto get_if_missed(const std::string & conf, const Line & LINE,
+ const std::string & val,
+ const std::string & indent, bool compare)
+ -> std::string
+{
+ if (!compare || val.empty()) {
+ return rgx::regex_search(conf, LINE.RGX()) ? "" : LINE.STR(val, indent);
+ }
+
+ rgx::smatch match; // assuming last capture has the value!
+
+ for (auto pos = conf.begin();
+ rgx::regex_search(pos, conf.end(), match, LINE.RGX());
+ pos += match.position(0) + match.length(0))
+ {
+ const std::string_view value = match.str(match.size() - 1);
+
+ if (value==val || value=="'"+val+"'" || value=='"'+val+'"') {
+ return "";
+ }
+ }
+
+ return LINE.STR(val, indent);
+}
+
+
+auto delete_if(const std::string & conf, const rgx::regex & rgx,
+ const std::string & val, const bool compare)
+ -> std::string
+{
+ std::string ret{};
+ auto pos = conf.begin();
+
+ for (rgx::smatch match;
+ rgx::regex_search(pos, conf.end(), match, rgx);
+ pos += match.position(0) + match.length(0))
+ {
+ const std::string_view value = match.str(match.size() - 1);
+
+ auto skip = 1; // one for delimiter!
+ if (compare && value!=val && value!="'"+val+"'" && value!='"'+val+'"') {
+ skip = match.length(0);
+ }
+ ret.append(pos, pos + match.position(0) + skip);
+ }
+
+ ret.append(pos, conf.end());
+ return ret;
+}
+
+
+void add_ssl_directives_to(const std::string & name, const bool isdefault)
+{
+ const std::string prefix = std::string{CONF_DIR} + name;
+
+ std::string conf = read_file(prefix+".conf");
+
+ const std::string & const_conf = conf; // iteration needs const string.
+ rgx::smatch match; // captures str(1)=indentation spaces, str(2)=server name
+ for (auto pos = const_conf.begin();
+ rgx::regex_search(pos, const_conf.end(), match, NGX_SERVER_NAME.RGX());
+ pos += match.position(0) + match.length(0))
+ {
+ if (match.str(2).find(name) == std::string::npos) { continue; }
+
+ const std::string indent = match.str(1);
+
+ std::string adds = isdefault ?
+ get_if_missed(conf, NGX_INCLUDE_LAN_SSL_LISTEN_DEFAULT,"",indent) :
+ get_if_missed(conf, NGX_INCLUDE_LAN_SSL_LISTEN, "", indent);
+
+ adds += get_if_missed(conf, NGX_SSL_CRT, prefix+".crt", indent);
+
+ adds += get_if_missed(conf, NGX_SSL_KEY, prefix+".key", indent);
+
+ adds += get_if_missed(conf, NGX_SSL_SESSION_CACHE,
+ SSL_SESSION_CACHE_ARG(name), indent, false);
+
+ adds += get_if_missed(conf, NGX_SSL_SESSION_TIMEOUT,
+ std::string{SSL_SESSION_TIMEOUT_ARG}, indent, false);
+
+ if (adds.length() > 0) {
+ pos += match.position(0) + match.length(0);
+
+ conf = std::string(const_conf.begin(), pos) + adds +
+ std::string(pos, const_conf.end());
+
+ conf = isdefault ?
+ delete_if(conf, NGX_INCLUDE_LAN_LISTEN_DEFAULT.RGX()) :
+ delete_if(conf, NGX_INCLUDE_LAN_LISTEN.RGX());
+
+ write_file(prefix+".conf", conf);
+
+ std::cerr<<"Added SSL directives to "<<prefix<<".conf: ";
+ std::cerr<<adds<<std::endl;
+ }
+
+ return;
+ }
+
+ auto errmsg = std::string{"add_ssl_directives_to error: "};
+ errmsg += "cannot add SSL directives to " + name + ".conf, missing: ";
+ errmsg += NGX_SERVER_NAME.STR(name, "\n ") + "\n";
+ throw std::runtime_error(errmsg.c_str());
+}
+
+
+template<typename T>
+inline auto num2hex(T bytes) -> std::array<char, 2*sizeof(bytes)+1>
+{
+ constexpr auto n = 2*sizeof(bytes);
+ std::array<char, n+1> str{};
+
+ for (size_t i=0; i<n; ++i) {
+ static const std::array<char, 17> hex{"0123456789ABCDEF"};
+ static constexpr auto get = 0x0fU;
+ str.at(i) = hex.at(bytes & get);
+
+ static constexpr auto move = 4U;
+ bytes >>= move;
+ }
+
+ str[n] = '\0';
+ return str;
+}
+
+
+template<typename T>
+inline auto get_nonce(const T salt=0) -> T
+{
+ T nonce = 0;
+
+ std::ifstream urandom{"/dev/urandom"};
+
+ static constexpr auto move = 6U;
+
+ constexpr size_t steps = (sizeof(nonce)*8 - 1)/move + 1;
+
+ for (size_t i=0; i<steps; ++i) {
+ if (!urandom.good()) { throw std::runtime_error("get_nonce error"); }
+ nonce = (nonce << move) + static_cast<unsigned>(urandom.get());
+ }
+
+ nonce ^= salt;
+
+ return nonce;
+}
+
+
+void create_ssl_certificate(const std::string & crtpath,
+ const std::string & keypath,
+ const int days)
+{
+ size_t nonce = 0;
+
+ try { nonce = get_nonce(nonce); }
+
+ catch (...) { // the address of a variable should be random enough:
+ auto addr = &crtpath;
+ auto addrptr = static_cast<const size_t *>(
+ static_cast<const void *>(&addr) );
+ nonce += *addrptr;
+ }
+
+ auto noncestr = num2hex(nonce);
+
+ const auto tmpcrtpath = crtpath + ".new-" + noncestr.data();
+ const auto tmpkeypath = keypath + ".new-" + noncestr.data();
+
+ try {
+ auto pkey = gen_eckey(NID_secp384r1);
+
+ write_key(pkey, tmpkeypath);
+
+ std::string subject {"/C=ZZ/ST=Somewhere/L=None/CN=OpenWrt/O=OpenWrt"};
+ subject += noncestr.data();
+
+ selfsigned(pkey, days, subject, tmpcrtpath);
+
+ static constexpr auto to_seconds = 24*60*60;
+ static constexpr auto leeway = 42;
+ if (!checkend(tmpcrtpath, days*to_seconds - leeway)) {
+ throw std::runtime_error("bug: created certificate is not valid!!");
+ }
+
+ } catch (...) {
+ std::cerr<<"create_ssl_certificate error: ";
+ std::cerr<<"cannot create selfsigned certificate, ";
+ std::cerr<<"removing temporary files ..."<<std::endl;
+
+ if (remove(tmpcrtpath.c_str())!=0) {
+ auto errmsg = "\t cannot remove "+tmpcrtpath;
+ perror(errmsg.c_str());
+ }
+
+ if (remove(tmpkeypath.c_str())!=0) {
+ auto errmsg = "\t cannot remove "+tmpkeypath;
+ perror(errmsg.c_str());
+ }
+
+ throw;
+ }
+
+ if ( rename(tmpcrtpath.c_str(), crtpath.c_str())!=0 ||
+ rename(tmpkeypath.c_str(), keypath.c_str())!=0 )
+ {
+ auto errmsg = std::string{"create_ssl_certificate warning: "};
+ errmsg += "cannot move "+tmpcrtpath+" to "+crtpath;
+ errmsg += " or "+tmpkeypath+" to "+keypath+", continuing ... ";
+ perror(errmsg.c_str());
+ }
+
+}
+
+
+void use_cron_to_recreate_certificate(const std::string & name)
+{
+ static const char * filename = "/etc/crontabs/root";
+
+ std::string conf{};
+ try { conf = read_file(filename); }
+ catch (const std::ifstream::failure &) { /* is ok if not found, create. */ }
+
+ const std::string add = get_if_missed(conf, CRON_CMD, name);
+
+ if (add.length() > 0) {
+#ifndef NO_UBUS
+ auto service = ubus::call("service","list",UBUS_TIMEOUT).filter("cron");
+
+ if (!service) {
+ std::string errmsg{"use_cron_to_recreate_certificate error: "};
+ errmsg += "Cron unavailable to re-create the ssl certificate for ";
+ errmsg += name + "\n";
+ throw std::runtime_error(errmsg.c_str());
+ } // else active with or without instances:
+#endif
+
+ write_file(filename, std::string{CRON_INTERVAL}+add, std::ios::app);
+
+#ifndef NO_UBUS
+ call("/etc/init.d/cron", "reload");
+#endif
+
+ std::cerr<<"Rebuild the ssl certificate for '";
+ std::cerr<<name<<"' annually with cron."<<std::endl;
+ }
+}
+
+
+void add_ssl_if_needed(const std::string & name)
+{
+ try { add_ssl_directives_to(name, name==LAN_NAME); }
+ catch (...) {
+ std::cerr<<"add_ssl_if_needed error: ";
+ std::cerr<<"cannot add SSL directives to "<<name<<".conf"<<std::endl;
+ throw;
+ }
+
+ const auto crtpath = std::string{CONF_DIR} + name + ".crt";
+ const auto keypath = std::string{CONF_DIR} + name + ".key";
+ constexpr auto remaining_seconds = (365 + 32)*24*60*60;
+ constexpr auto validity_days = 3*(365 + 31);
+
+ bool is_valid = true;
+
+ if (access(keypath.c_str(), R_OK) != 0 ||
+ access(crtpath.c_str(), R_OK) != 0)
+ { is_valid = false; }
+
+ else {
+ try {
+ if (!checkend(crtpath, remaining_seconds)) {
+ is_valid = false;
+ }
+ }
+ catch (...) { // something went wrong, maybe it is in DER format:
+ try {
+ if (!checkend(crtpath, remaining_seconds, false)) {
+ is_valid = false;
+ }
+ }
+ catch (...) { // it has neither DER nor PEM format, rebuild.
+ is_valid = false;
+ }
+ }
+ }
+
+ if (!is_valid) { create_ssl_certificate(crtpath, keypath, validity_days); }
+
+ try { use_cron_to_recreate_certificate(name); }
+ catch (...) {
+ std::cerr<<"add_ssl_if_needed warning: ";
+ std::cerr<<"cannot use cron to rebuild certificate for "<<name<<"\n";
+ }
+}
+
+
+void del_ssl_directives_from(const std::string & name, const bool isdefault)
+{
+ const std::string prefix = std::string{CONF_DIR} + name;
+
+ std::string conf = read_file(prefix+".conf");
+
+ const std::string & const_conf = conf; // iteration needs const string.
+ rgx::smatch match; // captures str(1)=indentation spaces, str(2)=server name
+ for (auto pos = const_conf.begin();
+ rgx::regex_search(pos, const_conf.end(), match, NGX_SERVER_NAME.RGX());
+ pos += match.position(0) + match.length(0))
+ {
+ if (match.str(2).find(name) == std::string::npos) { continue; }
+
+ const std::string indent = match.str(1);
+
+ std::string adds = isdefault ?
+ get_if_missed(conf, NGX_INCLUDE_LAN_LISTEN_DEFAULT,"",indent) :
+ get_if_missed(conf, NGX_INCLUDE_LAN_LISTEN, "", indent);
+
+ if (adds.length() > 0) {
+ pos += match.position(0) + 1;
+
+ conf = std::string(const_conf.begin(), pos) + adds
+ + std::string(pos, const_conf.end());
+
+ conf = isdefault ?
+ delete_if(conf, NGX_INCLUDE_LAN_SSL_LISTEN_DEFAULT.RGX())
+ : delete_if(conf, NGX_INCLUDE_LAN_SSL_LISTEN.RGX());
+
+ const auto crtpath = prefix+".crt";
+ conf = delete_if(conf, NGX_SSL_CRT.RGX(), crtpath, true);
+
+ const auto keypath = prefix+".key";
+ conf = delete_if(conf, NGX_SSL_KEY.RGX(), keypath, true);
+
+ conf = delete_if(conf, NGX_SSL_SESSION_CACHE.RGX());
+
+ conf = delete_if(conf, NGX_SSL_SESSION_TIMEOUT.RGX());
+
+ write_file(prefix+".conf", conf);
+
+ std::cerr<<"Deleted SSL directives from "<<prefix<<".conf\n";
+ }
+
+ return;
+ }
+
+ auto errmsg = std::string{"del_ssl_directives_from error: "};
+ errmsg += "cannot delete SSL directives from " + name + ".conf, missing: ";
+ errmsg += NGX_SERVER_NAME.STR(name, "\n ") + "\n";
+ throw std::runtime_error(errmsg.c_str());
+}
+
+
+void del_ssl(const std::string & name)
+{
+ static const char * filename = "/etc/crontabs/root";
+
+ try {
+ const auto const_conf = read_file(filename);
+
+ bool changed = false;
+ auto conf = std::string{};
+
+ size_t prev = 0;
+ size_t curr = 0;
+ while ((curr=const_conf.find('\n', prev)) != std::string::npos) {
+
+ auto line = const_conf.substr(prev, curr-prev+1);
+
+ line = delete_if(line, CRON_CMD.RGX(), std::string{name}, true);
+
+ if (line.substr(0,line.size()-1)==CRON_INTERVAL) { changed = true; }
+ else { conf += line; }
+
+ prev = curr + 1;
+ }
+
+ if (changed) {
+ write_file(filename, conf);
+
+ std::cerr<<"Do not rebuild the ssl certificate for '";
+ std::cerr<<name<<"' annually with cron anymore."<<std::endl;
+
+#ifndef NO_UBUS
+ if (ubus::call("service", "list", UBUS_TIMEOUT).filter("cron"))
+ { call("/etc/init.d/cron", "reload"); }
+#endif
+ }
+
+ } catch (...) {
+ std::cerr<<"del_ssl warning: ";
+ std::cerr<<"cannot delete cron job for "<<name<<" in "<<filename<<"\n";
+ }
+
+ try { del_ssl_directives_from(name, name==LAN_NAME); }
+ catch (...) {
+ std::cerr<<"del_ssl error: ";
+ std::cerr<<"cannot delete SSL directives from "<<name<<".conf\n";
+ throw;
+ }
+
+ const auto crtpath = std::string{CONF_DIR} + name + ".crt";
+
+ if (remove(crtpath.c_str())!=0) {
+ auto errmsg = "del_ssl warning: cannot remove "+crtpath;
+ perror(errmsg.c_str());
+ }
+
+ const auto keypath = std::string{CONF_DIR} + name + ".key";
+
+ if (remove(keypath.c_str())!=0) {
+ auto errmsg = "del_ssl warning: cannot remove "+keypath;
+ perror(errmsg.c_str());
+ }
+}
+
+
+// reuse main(...) and common functions:
+#define NGINX_OPENSSL
+#include "nginx-util.cpp"
--- /dev/null
+// This file is included in nginx-ssl-util.cpp, which defines NGINX_OPENSSL.
+#ifndef __NGINX_UTIL_C
+#define __NGINX_UTIL_C
+
+#include "nginx-util.hpp"
+
+
+void create_lan_listen()
+{
+ std::string listen = "# This file is re-created if Nginx starts or"
+ " a LAN address changes.\n";
+ std::string listen_default = listen;
+ std::string ssl_listen = listen;
+ std::string ssl_listen_default = listen;
+
+#ifndef NO_UBUS
+ auto add_listen = [&listen, &listen_default
+#ifdef NGINX_OPENSSL
+ ,&ssl_listen, &ssl_listen_default
+#endif
+ ]
+ (const std::string &pre, const std::string &ip, const std::string &suf)
+ -> void
+ {
+ if (ip.empty()) { return; }
+ const std::string val = pre + ip + suf;
+ listen += "\tlisten " + val + ":80;\n";
+ listen_default += "\tlisten " + val + ":80 default_server;\n";
+#ifdef NGINX_OPENSSL
+ ssl_listen += "\tlisten " + val + ":443 ssl;\n";
+ ssl_listen_default += "\tlisten " + val + ":443 ssl default_server;\n";
+#endif
+ };
+
+ auto loopback_status = ubus::call("network.interface.loopback", "status");
+
+ for (auto ip : loopback_status.filter("ipv4-address", "", "address")) {
+ add_listen("", static_cast<const char *>(blobmsg_data(ip)), "");
+ }
+
+ for (auto ip : loopback_status.filter("ipv6-address", "", "address")) {
+ add_listen("[", static_cast<const char *>(blobmsg_data(ip)), "]");
+ }
+
+ auto lan_status = ubus::call("network.interface.lan", "status");
+
+ for (auto ip : lan_status.filter("ipv4-address", "", "address")) {
+ add_listen("", static_cast<const char *>(blobmsg_data(ip)), "");
+ }
+
+ for (auto ip : lan_status.filter("ipv6-address", "", "address")) {
+ add_listen("[", static_cast<const char *>(blobmsg_data(ip)), "]");
+ }
+#endif
+
+ write_file(LAN_LISTEN, listen);
+ write_file(LAN_LISTEN_DEFAULT, listen_default);
+#ifdef NGINX_OPENSSL
+ write_file(LAN_SSL_LISTEN, ssl_listen);
+ write_file(LAN_SSL_LISTEN_DEFAULT, ssl_listen_default);
+#endif
+}
+
+
+void init_lan()
+{
+ std::exception_ptr ex;
+
+#ifdef NGINX_OPENSSL
+ auto thrd = std::thread([&ex]{
+ try { add_ssl_if_needed(std::string{LAN_NAME}); }
+ catch (...) {
+ std::cerr<<"init_lan error: cannot add SSL for "<<LAN_NAME<<std::endl;
+ ex = std::current_exception();
+ }
+ });
+#endif
+
+ try { create_lan_listen(); }
+ catch (...) {
+ std::cerr<<"init_lan error: cannot create LAN listen directives"<<std::endl;
+ ex = std::current_exception();
+ }
+
+#ifdef NGINX_OPENSSL
+ thrd.join();
+#endif
+
+ if (ex) { std::rethrow_exception(ex); }
+}
+
+
+void get_env()
+{
+ std::cout<<"NGINX_CONF="<<"'"<<NGINX_CONF<<"'"<<std::endl;
+ std::cout<<"CONF_DIR="<<"'"<<CONF_DIR<<"'"<<std::endl;
+ std::cout<<"LAN_NAME="<<"'"<<LAN_NAME<<"'"<<std::endl;
+ std::cout<<"LAN_LISTEN="<<"'"<<LAN_LISTEN<<"'"<<std::endl;
+#ifdef NGINX_OPENSSL
+ std::cout<<"LAN_SSL_LISTEN="<<"'"<<LAN_SSL_LISTEN<<"'"<<std::endl;
+ std::cout<<"SSL_SESSION_CACHE_ARG="<<"'"<<SSL_SESSION_CACHE_ARG(LAN_NAME)<<
+ "'"<<std::endl;
+ std::cout<<"SSL_SESSION_TIMEOUT_ARG="<<"'"<<SSL_SESSION_TIMEOUT_ARG<<"'\n";
+ std::cout<<"ADD_SSL_FCT="<<"'"<<ADD_SSL_FCT<<"'"<<std::endl;
+#endif
+}
+
+
+auto main(int argc, char * argv[]) -> int
+{
+ // TODO(pst): use std::span when available:
+ auto args = std::basic_string_view{argv, static_cast<size_t>(argc)};
+
+ auto cmds = std::array{
+ std::array<std::string_view, 2>{"init_lan", ""},
+ std::array<std::string_view, 2>{"get_env", ""},
+#ifdef NGINX_OPENSSL
+ std::array<std::string_view, 2>{ADD_SSL_FCT, " server_name" },
+ std::array<std::string_view, 2>{"del_ssl", " server_name" },
+#endif
+ };
+
+ try {
+
+ if (argc==2 && args[1]==cmds[0][0]) { init_lan(); }
+
+ else if (argc==2 && args[1]==cmds[1][0]) { get_env(); }
+
+#ifdef NGINX_OPENSSL
+ else if (argc==3 && args[1]==cmds[2][0])
+ { add_ssl_if_needed(std::string{args[2]});}
+
+ else if (argc==3 && args[1]==cmds[3][0])
+ { del_ssl(std::string{args[2]}); }
+
+ else if (argc==2 && args[1]==cmds[3][0])
+ { del_ssl(std::string{LAN_NAME}); }
+#endif
+
+ else {
+ auto usage = std::string{"usage: "} + *argv + " [";
+ for (auto cmd : cmds) {
+ usage += std::string{cmd[0]};
+ usage += std::string{cmd[1]} + "|";
+ }
+ usage[usage.size()-1] = ']';
+
+ std::cerr<<usage<<std::endl;
+
+ throw std::runtime_error("main error: argument not recognized");
+ }
+
+ return 0;
+
+ }
+
+ catch (const std::exception & e) { std::cerr<<e.what()<<std::endl; }
+
+ catch (...) { perror("main error"); }
+
+ return 1;
+
+}
+
+#endif
--- /dev/null
+#ifndef __NGINX_UTIL_H
+#define __NGINX_UTIL_H
+
+#include <array>
+#include <cerrno>
+#include <cstdio>
+#include <cstring>
+#include <fstream>
+#include <iostream>
+#include <string>
+#include <string_view>
+#include <unistd.h>
+
+#ifndef NO_UBUS
+#include "ubus-cxx.hpp"
+#endif
+
+
+static constexpr auto NGINX_UTIL = std::string_view{"/usr/bin/nginx-util"};
+
+static constexpr auto NGINX_CONF = std::string_view{"/etc/nginx/nginx.conf"};
+
+static constexpr auto CONF_DIR = std::string_view{"/etc/nginx/conf.d/"};
+
+static constexpr auto LAN_NAME = std::string_view{"_lan"};
+
+static constexpr auto LAN_LISTEN =std::string_view{"/var/lib/nginx/lan.listen"};
+
+static constexpr auto LAN_LISTEN_DEFAULT =
+ std::string_view{"/var/lib/nginx/lan.listen.default"};
+
+
+// mode: optional ios::binary and/or ios::app (default ios::trunc)
+void write_file(const std::string_view & name, const std::string & str,
+ std::ios_base::openmode flag=std::ios::trunc);
+
+
+// mode: optional ios::binary (internally ios::ate|ios::in)
+auto read_file(const std::string_view & name,
+ std::ios_base::openmode mode=std::ios::in) -> std::string;
+
+
+// all S must be convertible to const char[]
+template<typename ...S>
+auto call(const std::string & program, S... args) -> pid_t;
+
+
+void create_lan_listen();
+
+
+void init_lan();
+
+
+void get_env();
+
+
+
+// --------------------- partial implementation: ------------------------------
+
+
+void write_file(const std::string_view & name, const std::string & str,
+ const std::ios_base::openmode flag)
+{
+ std::ofstream file(name.data(), flag);
+ if (!file.good()) {
+ throw std::ofstream::failure(
+ "write_file error: cannot open " + std::string{name});
+ }
+
+ file<<str<<std::flush;
+
+ file.close();
+}
+
+
+auto read_file(const std::string_view & name,
+ const std::ios_base::openmode mode) -> std::string
+{
+ std::ifstream file(name.data(), mode|std::ios::ate);
+ if (!file.good()) {
+ throw std::ifstream::failure(
+ "read_file error: cannot open " + std::string{name});
+ }
+
+ std::string ret{};
+ const size_t size = file.tellg();
+ ret.reserve(size);
+
+ file.seekg(0);
+ ret.assign((std::istreambuf_iterator<char>(file)),
+ std::istreambuf_iterator<char>());
+
+ file.close();
+ return ret;
+}
+
+
+template<typename ...S>
+auto call(const char * program, S... args) -> pid_t
+{
+ pid_t pid = fork();
+
+ if (pid==0) { //child:
+ std::array<char *, sizeof...(args)+2> argv =
+ { strdup(program), strdup(args)..., nullptr };
+
+ execv(program, argv.data()); // argv cannot be const char * const[]!
+
+ _exit(EXIT_FAILURE); // exec never returns.
+ } else if (pid>0) { //parent:
+ return pid;
+ }
+
+ std::string errmsg = "call error: cannot fork (";
+ errmsg += std::to_string(errno) + "): " + std::strerror(errno);
+ throw std::runtime_error(errmsg.c_str());
+}
+
+
+#endif
--- /dev/null
+#ifndef _PX5G_OPENSSL_HPP
+#define _PX5G_OPENSSL_HPP
+
+// #define OPENSSL_API_COMPAT 0x10102000L
+#include <fcntl.h>
+#include <memory>
+#include <openssl/bn.h>
+#include <openssl/err.h>
+#include <openssl/pem.h>
+#include <openssl/rsa.h>
+#include <string>
+#include <unistd.h>
+
+static constexpr auto rsa_min_modulus_bits = 512;
+
+using EVP_PKEY_ptr = std::unique_ptr<EVP_PKEY, decltype(&::EVP_PKEY_free)>;
+
+using X509_NAME_ptr = std::unique_ptr<X509_NAME, decltype(&::X509_NAME_free)>;
+
+
+auto checkend(const std::string & crtpath,
+ time_t seconds=0, bool use_pem=true) -> bool;
+
+
+auto gen_eckey(int curve) -> EVP_PKEY_ptr;
+
+
+auto gen_rsakey(int keysize, BN_ULONG exponent=RSA_F4) -> EVP_PKEY_ptr;
+
+
+void write_key(const EVP_PKEY_ptr & pkey,
+ const std::string & keypath="", bool use_pem=true);
+
+
+auto subject2name(const std::string & subject) -> X509_NAME_ptr;
+
+
+void selfsigned(const EVP_PKEY_ptr & pkey, int days,
+ const std::string & subject="", const std::string & crtpath="",
+ bool use_pem=true);
+
+
+
+// ------------------------- implementation: ----------------------------------
+
+
+inline auto print_error(const char * str, const size_t /*len*/, void * errmsg)
+ -> int
+{
+ *static_cast<std::string *>(errmsg) += str;
+ return 0;
+}
+
+
+auto checkend(const std::string & crtpath,
+ const time_t seconds, const bool use_pem) -> bool
+{
+ BIO * bio = crtpath.empty() ?
+ BIO_new_fp(stdin, BIO_NOCLOSE | (use_pem ? BIO_FP_TEXT : 0)) :
+ BIO_new_file(crtpath.c_str(), (use_pem ? "r" : "rb"));
+
+ X509 * x509 = nullptr;
+
+ if (bio != nullptr) {
+ x509 = use_pem ?
+ PEM_read_bio_X509_AUX(bio, nullptr, nullptr, nullptr) :
+ d2i_X509_bio(bio, nullptr);
+ BIO_free(bio);
+ }
+
+ if (x509==nullptr) {
+ std::string errmsg{"checkend error: unable to load certificate\n"};
+ ERR_print_errors_cb(print_error, &errmsg);
+ throw std::runtime_error(errmsg.c_str());
+ }
+
+ time_t checktime = time(nullptr) + seconds;
+ auto cmp = X509_cmp_time(X509_get0_notAfter(x509), &checktime);
+
+ X509_free(x509);
+
+ return (cmp >= 0);
+}
+
+
+auto gen_eckey(const int curve) -> EVP_PKEY_ptr
+{
+ EC_GROUP * group = curve!=0 ? EC_GROUP_new_by_curve_name(curve) : nullptr;
+
+ if (group == nullptr) {
+ std::string errmsg{"gen_eckey error: cannot build group for curve id "};
+ errmsg += std::to_string(curve) + "\n";
+ ERR_print_errors_cb(print_error, &errmsg);
+ throw std::runtime_error(errmsg.c_str());
+ }
+
+ EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
+
+ EC_GROUP_set_point_conversion_form(group, POINT_CONVERSION_UNCOMPRESSED);
+
+ auto eckey = EC_KEY_new();
+
+ if (eckey != nullptr) {
+ if ( (EC_KEY_set_group(eckey, group) == 0) ||
+ (EC_KEY_generate_key(eckey) == 0) )
+ {
+ EC_KEY_free(eckey);
+ eckey = nullptr;
+ }
+ }
+
+ EC_GROUP_free(group);
+
+ if (eckey == nullptr) {
+ std::string errmsg{"gen_eckey error: cannot build key with curve id "};
+ errmsg += std::to_string(curve) + "\n";
+ ERR_print_errors_cb(print_error, &errmsg);
+ throw std::runtime_error(errmsg.c_str());
+ }
+
+ EVP_PKEY_ptr pkey{EVP_PKEY_new(), ::EVP_PKEY_free};
+
+ auto tmp = static_cast<char *>(static_cast<void *>(eckey));
+
+ if (!EVP_PKEY_assign_EC_KEY(pkey.get(), tmp)) {
+ EC_KEY_free(eckey);
+ std::string errmsg{"gen_eckey error: cannot assign EC key to EVP\n"};
+ ERR_print_errors_cb(print_error, &errmsg);
+ throw std::runtime_error(errmsg.c_str());
+ }
+
+ return pkey;
+}
+
+
+auto gen_rsakey(const int keysize, const BN_ULONG exponent) -> EVP_PKEY_ptr
+{
+ if (keysize<rsa_min_modulus_bits || keysize>OPENSSL_RSA_MAX_MODULUS_BITS) {
+ std::string errmsg{"gen_rsakey error: RSA keysize ("};
+ errmsg += std::to_string(keysize) + ") out of range [512..";
+ errmsg += std::to_string(OPENSSL_RSA_MAX_MODULUS_BITS) + "]";
+ throw std::runtime_error(errmsg.c_str());
+ }
+ auto bignum = BN_new();
+
+ if (bignum == nullptr) {
+ std::string errmsg{"gen_rsakey error: cannot get big number struct\n"};
+ ERR_print_errors_cb(print_error, &errmsg);
+ throw std::runtime_error(errmsg.c_str());
+ }
+
+ auto rsa = RSA_new();
+
+ if (rsa != nullptr) {
+ if ((BN_set_word(bignum, exponent) == 0) ||
+ (RSA_generate_key_ex(rsa, keysize, bignum, nullptr) == 0))
+ {
+ RSA_free(rsa);
+ rsa = nullptr;
+ }
+ }
+
+ BN_free(bignum);
+
+ if (rsa == nullptr) {
+ std::string errmsg{"gen_rsakey error: cannot create RSA key with size"};
+ errmsg += std::to_string(keysize) + " and exponent ";
+ errmsg += std::to_string(exponent) + "\n";
+ ERR_print_errors_cb(print_error, &errmsg);
+ throw std::runtime_error(errmsg.c_str());
+ }
+
+ EVP_PKEY_ptr pkey{EVP_PKEY_new(), ::EVP_PKEY_free};
+
+ auto tmp = static_cast<char *>(static_cast<void *>(rsa));
+
+ if (!EVP_PKEY_assign_RSA(pkey.get(), tmp)) {
+ RSA_free(rsa);
+ std::string errmsg{"gen_rsakey error: cannot assign RSA key to EVP\n"};
+ ERR_print_errors_cb(print_error, &errmsg);
+ throw std::runtime_error(errmsg.c_str());
+ }
+
+ return pkey;
+}
+
+
+void write_key(const EVP_PKEY_ptr & pkey,
+ const std::string & keypath, const bool use_pem)
+{
+ BIO * bio = nullptr;
+
+ if (keypath.empty()) {
+ bio = BIO_new_fp( stdout, BIO_NOCLOSE | (use_pem ? BIO_FP_TEXT : 0) );
+
+ } else { // BIO_new_file(keypath.c_str(), (use_pem ? "w" : "wb") );
+
+ static constexpr auto mask = 0600;
+ // auto fd = open(keypath.c_str(), O_WRONLY | O_CREAT | O_TRUNC, mask);
+ auto fd = creat(keypath.c_str(), mask); // the same without va_args.
+
+ if (fd >= 0) {
+ auto fp = fdopen(fd, (use_pem ? "w" : "wb") );
+
+ if (fp != nullptr) {
+ bio = BIO_new_fp(fp, BIO_CLOSE | (use_pem ? BIO_FP_TEXT : 0));
+ if (bio == nullptr) { fclose(fp); } // (fp owns fd)
+ }
+ else { close(fd); }
+ }
+
+ }
+
+ if (bio == nullptr) {
+ std::string errmsg{"write_key error: cannot open "};
+ errmsg += keypath.empty() ? "stdout" : keypath;
+ errmsg += "\n";
+ ERR_print_errors_cb(print_error, &errmsg);
+ throw std::runtime_error(errmsg.c_str());
+ }
+
+ int len = 0;
+
+ auto key = pkey.get();
+ switch (EVP_PKEY_base_id(key)) { // use same format as px5g:
+ case EVP_PKEY_EC:
+ len = use_pem ?
+ PEM_write_bio_ECPrivateKey(bio, EVP_PKEY_get0_EC_KEY(key),
+ nullptr, nullptr, 0, nullptr, nullptr) :
+ i2d_ECPrivateKey_bio(bio, EVP_PKEY_get0_EC_KEY(key));
+ break;
+ case EVP_PKEY_RSA:
+ len = use_pem ?
+ PEM_write_bio_RSAPrivateKey(bio, EVP_PKEY_get0_RSA(key),
+ nullptr, nullptr, 0, nullptr, nullptr) :
+ i2d_RSAPrivateKey_bio(bio, EVP_PKEY_get0_RSA(key));
+ break;
+ default:
+ len = use_pem ?
+ PEM_write_bio_PrivateKey(bio, key,
+ nullptr, nullptr, 0, nullptr, nullptr) :
+ i2d_PrivateKey_bio(bio, key);
+ }
+
+ BIO_free_all(bio);
+
+ if (len==0) {
+ std::string errmsg{"write_key error: cannot write EVP pkey to "};
+ errmsg += keypath.empty() ? "stdout" : keypath;
+ errmsg += "\n";
+ ERR_print_errors_cb(print_error, &errmsg);
+ throw std::runtime_error(errmsg.c_str());
+ }
+}
+
+
+auto subject2name(const std::string & subject) -> X509_NAME_ptr
+{
+ if (!subject.empty() && subject[0]!='/') {
+ throw std::runtime_error("subject2name errror: not starting with /");
+ }
+
+ X509_NAME_ptr name = {X509_NAME_new(), ::X509_NAME_free};
+
+ if (!name) {
+ std::string errmsg{"subject2name error: cannot create X509 name \n"};
+ ERR_print_errors_cb(print_error, &errmsg);
+ throw std::runtime_error(errmsg.c_str());
+ }
+
+ if (subject.empty()) { return name; }
+
+ size_t prev = 1;
+ std::string type{};
+ char chr = '=';
+ for (size_t i=0; subject[i] != 0; ) {
+ ++i;
+ if (subject[i]=='\\' && subject[++i]=='\0') {
+ throw std::runtime_error("subject2name errror: escape at the end");
+ }
+ if (subject[i]!=chr && subject[i]!='\0') { continue; }
+ if (chr == '=') {
+ type = subject.substr(prev, i-prev);
+ chr = '/';
+ } else {
+ auto nid = OBJ_txt2nid(type.c_str());
+ if (nid == NID_undef) {
+ // skip unknown entries (silently?).
+ } else {
+ auto val = static_cast<const unsigned char *>(
+ static_cast<const void *>(&subject[prev]) );
+
+ auto len = i - prev;
+
+ if ( X509_NAME_add_entry_by_NID(name.get(), nid, MBSTRING_ASC,
+ val, len, -1, 0)
+ == 0 )
+ {
+ std::string errmsg{"subject2name error: cannot add "};
+ errmsg += "/" + type +"="+ subject.substr(prev, len) +"\n";
+ ERR_print_errors_cb(print_error, &errmsg);
+ throw std::runtime_error(errmsg.c_str());
+ }
+ }
+ chr = '=';
+ }
+ prev = i+1;
+ }
+
+ return name;
+}
+
+
+void selfsigned(const EVP_PKEY_ptr & pkey, const int days,
+ const std::string & subject, const std::string & crtpath,
+ const bool use_pem)
+{
+ auto x509 = X509_new();
+
+ if (x509 == nullptr) {
+ std::string errmsg{"selfsigned error: cannot create X509 structure\n"};
+ ERR_print_errors_cb(print_error, &errmsg);
+ throw std::runtime_error(errmsg.c_str());
+ }
+
+ auto freeX509_and_throw = [&x509](const std::string & what)
+ {
+ X509_free(x509);
+ std::string errmsg{"selfsigned error: cannot set "};
+ errmsg += what + " in X509 certificate\n";
+ ERR_print_errors_cb(print_error, &errmsg);
+ throw std::runtime_error(errmsg.c_str());
+ };
+
+ if (X509_set_version(x509, 2) == 0) { freeX509_and_throw("version"); }
+
+ if (X509_set_pubkey(x509, pkey.get()) == 0) { freeX509_and_throw("pubkey");}
+
+ if ((X509_gmtime_adj(X509_getm_notBefore(x509), 0) == nullptr) ||
+ (X509_time_adj_ex(X509_getm_notAfter(x509), days,0,nullptr) == nullptr))
+ {
+ freeX509_and_throw("times");
+ }
+
+ X509_NAME_ptr name{nullptr, ::X509_NAME_free};
+
+ try { name = subject2name(subject); }
+ catch (...) {
+ X509_free(x509);
+ throw;
+ }
+
+ if (X509_set_subject_name(x509, name.get()) == 0) {
+ freeX509_and_throw("subject");
+ }
+
+ if (X509_set_issuer_name(x509, name.get()) == 0) {
+ freeX509_and_throw("issuer");
+ }
+
+ auto bignum = BN_new();
+
+ if (bignum == nullptr) { freeX509_and_throw("serial (creating big number struct)"); }
+
+ static const auto BITS = 159;
+ if (BN_rand(bignum, BITS, BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY) == 0) {
+ BN_free(bignum);
+ freeX509_and_throw("serial (creating random number)");
+ }
+
+ if (BN_to_ASN1_INTEGER(bignum, X509_get_serialNumber(x509)) == nullptr) {
+ BN_free(bignum);
+ freeX509_and_throw("random serial");
+ }
+
+ BN_free(bignum);
+
+ if (X509_sign(x509, pkey.get(), EVP_sha256()) == 0) {
+ freeX509_and_throw("signing digest");
+ }
+
+ BIO * bio = crtpath.empty() ?
+ BIO_new_fp(stdout, BIO_NOCLOSE | (use_pem ? BIO_FP_TEXT : 0)) :
+ BIO_new_file(crtpath.c_str(), (use_pem ? "w" : "wb"));
+
+ int len = 0;
+
+ if (bio != nullptr) {
+ len = use_pem ?
+ PEM_write_bio_X509(bio, x509) :
+ i2d_X509_bio(bio, x509);
+ BIO_free_all(bio);
+ }
+
+ X509_free(x509);
+
+ if (len==0) {
+ std::string errmsg{"selfsigned error: cannot write certificate to "};
+ errmsg += crtpath.empty() ? "stdout" : crtpath;
+ errmsg += "\n";
+ ERR_print_errors_cb(print_error, &errmsg);
+ throw std::runtime_error(errmsg.c_str());
+ }
+}
+
+
+#endif
--- /dev/null
+#include "px5g-openssl.hpp"
+#include <array>
+#include <iostream>
+#include <string>
+#include <string_view>
+#include <unistd.h>
+
+
+class argv_view { // TODO(pst): use std::span when available.
+
+private:
+
+ std::basic_string_view<const char *> data;
+
+public:
+
+ argv_view(const argv_view &) = delete;
+
+
+ argv_view(argv_view &&) = delete;
+
+
+ auto operator=(const argv_view &) -> argv_view & = delete;
+
+
+ auto operator=(argv_view &&) -> argv_view & = delete;
+
+
+ argv_view(const char ** argv, int argc) :
+ data{argv, static_cast<size_t>(argc)} {}
+
+
+ inline auto operator[] (size_t pos) const -> std::string_view
+ { return std::string_view{data[pos]}; }
+
+
+ [[nodiscard]] inline constexpr auto size() const noexcept -> size_t
+ { return data.size(); }
+
+
+ ~argv_view() = default;
+
+};
+
+
+static const auto default_validity = 30;
+
+
+auto checkend(const argv_view & argv) -> int;
+
+
+void eckey(const argv_view & argv);
+
+
+void rsakey(const argv_view & argv);
+
+
+void selfsigned(const argv_view & argv);
+
+
+inline auto parse_int(const std::string_view & arg) -> int
+{
+ size_t pos;
+ int ret = stoi(std::string{arg}, &pos);
+ if (pos < arg.size()) {
+ throw std::runtime_error("number has trailing char");
+ }
+ return ret;
+}
+
+
+inline auto parse_curve(const std::string_view & name) -> int
+{
+ if (name=="P-384") { return NID_secp384r1; }
+ if (name=="P-521") { return NID_secp521r1; }
+ if (name=="P-256" || name=="secp256r1") { return NID_X9_62_prime256v1; }
+ if (name=="secp192r1") { return NID_X9_62_prime192v1; }
+ return OBJ_sn2nid(name.data());
+ // not: if (curve == 0) { curve = EC_curve_nist2nid(name.c_str()); }
+}
+
+
+auto checkend(const argv_view & argv) -> int
+{
+ bool use_pem = true;
+ std::string crtpath{};
+ time_t seconds = 0;
+
+ for (size_t i=2; i<argv.size(); ++i) {
+ if (argv[i]=="-der") {
+ use_pem = false;
+ } else if (argv[i]=="-in") {
+ ++i;
+
+ if (i >= argv.size()) {
+ throw std::runtime_error("checkend error: -in misses filename");
+ }
+
+ if (!crtpath.empty()) {
+ if (argv[i] == crtpath) {
+ std::cerr<<"checkend warning: repeated same -in file\n";
+ } else {
+ throw std::runtime_error
+ ("checkend error: more than one -in file");
+ }
+ }
+
+ crtpath = argv[i];
+ }
+
+ else if (argv[i][0]=='-') {
+ std::cerr<<"checkend warning: skipping option "<<argv[i]<<std::endl;
+ } else { // main option:
+ intmax_t num = 0;
+
+ try {
+ num = parse_int(argv[i]);
+ } catch (...) {
+ auto errmsg = std::string{"checkend error: invalid time "};
+ errmsg += argv[i];
+ std::throw_with_nested(std::runtime_error(errmsg.c_str()));
+ }
+
+ seconds = static_cast<time_t>(num);
+
+ if (num!=static_cast<intmax_t>(seconds)) {
+ auto errmsg = std::string{"checkend error: time too big "};
+ errmsg += argv[i];
+ throw std::runtime_error(errmsg.c_str());
+ }
+ }
+ }
+
+ bool valid = checkend(crtpath, seconds, use_pem);
+ std::cout<<"Certificate will"<<(valid ? " not " : " ")<<"expire"<<std::endl;
+
+ return (valid ? 0 : 1);
+}
+
+
+void eckey(const argv_view & argv)
+{
+ bool has_main_option = false;
+ bool use_pem = true;
+ std::string keypath{};
+ int curve = NID_X9_62_prime256v1;
+
+ for (size_t i=2; i < argv.size(); ++i) {
+ if (argv[i]=="-der") {
+ use_pem = false;
+ } else if (argv[i]=="-out") {
+ ++i;
+
+ if (i >= argv.size()) {
+ throw std::runtime_error("eckey error: -out misses filename");
+ }
+
+ if (!keypath.empty()) {
+ if (argv[i]==keypath) {
+ std::cerr<<"eckey warning: repeated same -out file\n";
+ } else {
+ throw std::runtime_error
+ ("eckey error: more than one -out file");
+ }
+ }
+
+ keypath = argv[i];
+ }
+
+ else if (argv[i][0]=='-') {
+ std::cerr<<"eckey warning: skipping option "<<argv[i]<<std::endl;
+ } else { //main option:
+
+ if (has_main_option) {
+ throw std::runtime_error
+ ("eckey error: more than one main option");
+ } // else:
+ has_main_option = true;
+
+ curve = parse_curve(argv[i]);
+ }
+ }
+
+ write_key(gen_eckey(curve), keypath, use_pem);
+}
+
+
+void rsakey(const argv_view & argv)
+{
+ bool has_main_option = false;
+ bool use_pem = true;
+ std::string keypath{};
+ BN_ULONG exponent = RSA_F4;
+ int keysize = rsa_min_modulus_bits;
+
+ for (size_t i=2; i < argv.size(); ++i) {
+ if (argv[i]=="-der") {
+ use_pem = false;
+ } else if (argv[i]=="-3") {
+ exponent = 3;
+ } else if (argv[i]=="-out") {
+ ++i;
+
+ if (i >= argv.size()) {
+ throw std::runtime_error("rsakey error: -out misses filename");
+ }
+
+ if (!keypath.empty()) {
+ if (argv[i]==keypath) {
+ std::cerr<<"rsakey warning: repeated -out file"<<std::endl;
+ } else {
+ throw std::runtime_error
+ ("rsakey error: more than one -out file");
+ }
+ }
+
+ keypath = argv[i];
+ }
+
+ else if (argv[i][0]=='-') {
+ std::cerr<<"rsakey warning: skipping option "<<argv[i]<<std::endl;
+ } else { //main option:
+
+ if (has_main_option) {
+ throw std::runtime_error("rsakey error: more than one keysize");
+ } // else:
+ has_main_option = true;
+
+ try {
+ keysize = parse_int(argv[i]);
+ } catch (...) {
+ std::string errmsg{"rsakey error: invalid keysize "};
+ errmsg += argv[i];
+ std::throw_with_nested(std::runtime_error(errmsg.c_str()));
+ }
+ }
+ }
+
+ write_key(gen_rsakey(keysize, exponent), keypath, use_pem);
+}
+
+
+void selfsigned(const argv_view & argv)
+{
+ bool use_pem = true;
+ int days = default_validity;
+ std::string keypath{};
+ std::string crtpath{};
+ std::string subject{};
+
+ bool use_rsa = true;
+ int keysize = rsa_min_modulus_bits;
+ BN_ULONG exponent = RSA_F4;
+
+ int curve = NID_X9_62_prime256v1;
+
+ for (size_t i=2; i < argv.size(); ++i) {
+ if (argv[i]=="-der") {
+ use_pem = false;
+ } else if (argv[i]=="-days") {
+ ++i;
+ try {
+ days = parse_int(argv[i]);
+ } catch (...) {
+ std::string errmsg{"selfsigned error: not a number for -days "};
+ errmsg += argv[i].substr(4);
+ std::throw_with_nested(std::runtime_error(errmsg.c_str()));
+ }
+ }
+
+ else if (argv[i]=="-newkey") {
+ ++i;
+
+ if (i >= argv.size()) {
+ throw std::runtime_error
+ ("selfsigned error: -newkey misses algorithm option");
+ }
+
+ static constexpr auto rsa_prefix = std::string_view{"rsa:"};
+
+ if (argv[i]=="ec") {
+ use_rsa = false;
+ } else if (argv[i].rfind(rsa_prefix, 0) == 0) {
+ use_rsa = true;
+ try {
+ keysize = parse_int(argv[i].substr(rsa_prefix.size()));
+ } catch (...) {
+ std::string errmsg{"selfsigned error: invalid keysize "};
+ errmsg += argv[i].substr(4);
+ std::throw_with_nested(std::runtime_error(errmsg.c_str()));
+ }
+ } else {
+ throw std::runtime_error("selfsigned error: invalid algorithm");
+ }
+ }
+
+ else if (argv[i]=="-pkeyopt") {
+ ++i;
+
+ if (i >= argv.size()) {
+ throw std::runtime_error
+ ("selfsigned error: -pkeyopt misses value");
+ }
+
+ static constexpr auto curve_prefix =
+ std::string_view{"ec_paramgen_curve:"};
+
+ if (argv[i].rfind(curve_prefix, 0) != 0) {
+ throw std::runtime_error("selfsigned error: -pkeyopt invalid");
+ }
+
+ curve = parse_curve(argv[i].substr(curve_prefix.size()));
+ }
+
+ else if (argv[i]=="-keyout") {
+ ++i;
+
+ if (i >= argv.size()) {
+ throw std::runtime_error
+ ("selfsigned error: -keyout misses path");
+ }
+
+ if (!keypath.empty()) {
+ if (argv[i]==keypath) {
+ std::cerr<<"selfsigned warning: repeated -keyout file\n";
+ } else {
+ throw std::runtime_error
+ ("selfsigned error: more than one -keyout file");
+ }
+ }
+
+ keypath = argv[i];
+ }
+
+ else if (argv[i]=="-out") {
+ ++i;
+
+ if (i >= argv.size()) {
+ throw std::runtime_error
+ ("selfsigned error: -out misses filename");
+ }
+
+ if (!crtpath.empty()) {
+ if (argv[i]==crtpath) {
+ std::cerr<<"selfsigned warning: repeated same -out file\n";
+ } else {
+ throw std::runtime_error
+ ("selfsigned error: more than one -out file");
+ }
+ }
+
+ crtpath = argv[i];
+ }
+
+ else if (argv[i]=="-subj") {
+ ++i;
+
+ if (i >= argv.size()) {
+ throw std::runtime_error
+ ("selfsigned error: -subj misses value");
+ }
+
+ if (!subject.empty()) {
+ if (argv[i]==subject) {
+ std::cerr<<"selfsigned warning: repeated same -subj\n";
+ } else {
+ throw std::runtime_error
+ ("selfsigned error: more than one -subj value");
+ }
+ }
+
+ subject = argv[i];
+ }
+
+ else {
+ std::cerr<<"selfsigned warning: skipping option "<<argv[i]<<std::endl;
+ }
+ }
+
+ auto pkey = use_rsa ? gen_rsakey(keysize, exponent) : gen_eckey(curve);
+
+ selfsigned(pkey, days, subject, crtpath, use_pem);
+
+ if (!keypath.empty()) { write_key(pkey, keypath, use_pem); }
+}
+
+
+auto main(int argc, const char ** argv) -> int
+{
+ auto args = argv_view{argv, argc};
+
+ auto cmds = std::array{
+ std::array<std::string, 2>{"checkend",
+ " [-der] [-in certificate_path] [seconds_remaining]"
+ },
+ std::array<std::string, 2>{"eckey",
+ " [-der] [-out key_path] [curve_name]"
+ },
+ std::array<std::string, 2>{"rsakey",
+ " [-der] [-out key_path] [-3] [key_size]"
+ },
+ std::array<std::string, 2>{"selfsigned",
+ " [-der] [-keyout key_path] [-out certificate_path]"
+ " [-newkey ec|rsa:key_size] [-pkeyopt ec_paramgen_curve:name]"
+ " [-days validity] [-subj /C=.../ST=.../L=.../O=.../CN=.../... ]"
+ },
+ };
+
+ try {
+ if (argc < 2) { throw std::runtime_error("error: no argument"); }
+
+ if (args[1]==cmds[0][0]) {return checkend(args);}
+
+ if (args[1]==cmds[1][0]) { eckey(args); }
+
+ else if (args[1]==cmds[2][0]) { rsakey(args); }
+
+ else if (args[1]==cmds[3][0]) { selfsigned(args); }
+
+ else { throw std::runtime_error("error: argument not recognized"); }
+ }
+
+ catch (const std::exception & e) {
+
+ auto usage = std::string{"usage: \n"} ;
+ for (auto cmd : cmds) {
+ usage += std::string{4, ' '} + *argv +" "+ cmd[0] + cmd[1] +"\n";
+ }
+
+ std::cerr<<usage<<std::flush;
+
+ auto print_nested =
+ [](auto && self, const std::exception & outer, int depth=0) -> void
+ {
+ std::cerr<<std::string(depth, '\t')<<outer.what()<<std::endl;
+ try { std::rethrow_if_nested(outer); }
+ catch (const std::exception & inner) { self(self, inner, depth+1); }
+ };
+
+ print_nested(print_nested, e);
+
+ return 1;
+ }
+
+ catch (...) {
+ std::cerr<<*argv<<" unknown error."<<std::endl;
+ return 2;
+ }
+
+ return 0;
+}
--- /dev/null
+// implementing *some* <regex> functions using pcre for performance:
+
+#ifndef __REGEXP_PCRE_HPP
+#define __REGEXP_PCRE_HPP
+
+#include <array>
+#include <pcre.h>
+#include <stdexcept>
+#include <string>
+#include <vector>
+
+
+namespace rgx {
+
+
+namespace regex_constants {
+ enum error_type
+ {
+ _enum_error_collate,
+ _enum_error_ctype,
+ _enum_error_escape,
+ _enum_error_backref,
+ _enum_error_brack,
+ _enum_error_paren,
+ _enum_error_brace,
+ _enum_error_badbrace,
+ _enum_error_range,
+ _enum_error_space,
+ _enum_error_badrepeat,
+ _enum_error_complexity,
+ _enum_error_stack,
+ _enum_error_last
+ };
+ static const error_type error_collate(_enum_error_collate);
+ static const error_type error_ctype(_enum_error_ctype);
+ static const error_type error_escape(_enum_error_escape);
+ static const error_type error_backref(_enum_error_backref);
+ static const error_type error_brack(_enum_error_brack);
+ static const error_type error_paren(_enum_error_paren);
+ static const error_type error_brace(_enum_error_brace);
+ static const error_type error_badbrace(_enum_error_badbrace);
+ static const error_type error_range(_enum_error_range);
+ static const error_type error_space(_enum_error_space);
+ static const error_type error_badrepeat(_enum_error_badrepeat);
+ static const error_type error_complexity(_enum_error_complexity);
+ static const error_type error_stack(_enum_error_stack);
+} // namespace regex_constants
+
+
+
+class regex_error : public std::runtime_error {
+
+private:
+
+ regex_constants::error_type errcode;
+
+
+public:
+
+ explicit regex_error(regex_constants::error_type code,
+ const char * what="regex error")
+ : runtime_error(what), errcode(code)
+ { }
+
+
+ [[nodiscard]] auto code() const -> regex_constants::error_type
+ { return errcode; }
+
+};
+
+
+
+class regex {
+
+private:
+
+ int errcode = 0;
+
+ const char * errptr = nullptr;
+
+ int erroffset = 0;
+
+ pcre * const re = nullptr;
+
+ static const std::array<regex_constants::error_type,86> errcode_pcre2regex;
+
+ static const auto BASE = 10;
+
+
+public:
+
+ inline regex() = default;
+
+
+ inline regex(const regex &) = delete;
+
+
+ inline regex(regex &&) = default;
+
+
+ inline auto operator=(const regex &) -> regex & = delete;
+
+
+ inline auto operator=(regex &&) -> regex & = delete;
+
+
+ explicit regex(const std::string & str)
+ : re{ pcre_compile2(str.c_str(), 0, &errcode, &errptr, &erroffset,nullptr) }
+ {
+ if (re==nullptr) {
+ std::string what = std::string("regex error: ") + errptr + '\n';
+ what += " '" + str + "'\n";
+ what += " " + std::string(erroffset, ' ') + '^';
+
+ throw regex_error(errcode_pcre2regex.at(errcode), what.c_str());
+ }
+ }
+
+
+ ~regex() { if (re != nullptr) { pcre_free(re); } }
+
+
+ inline auto operator()() const -> const pcre * { return re; }
+
+};
+
+
+
+class smatch {
+
+ friend auto regex_search(std::string::const_iterator begin,
+ std::string::const_iterator end,
+ smatch & match,
+ const regex & rgx);
+
+
+private:
+
+ std::string::const_iterator begin;
+
+ std::string::const_iterator end;
+
+ std::vector <int> vec{};
+
+ int n = 0;
+
+
+public:
+
+ [[nodiscard]] inline auto position(int i=0) const {
+ return (i<0 || i>=n) ? std::string::npos : vec[2*i];
+ }
+
+
+ [[nodiscard]] inline auto length(int i=0) const {
+ return (i<0 || i>=n) ? 0 : vec[2*i+1] - vec[2*i];
+ }
+
+
+ [[nodiscard]] auto str(int i=0) const -> std::string { // should we throw?
+ if (i<0 || i>=n) { return ""; }
+ int x = vec[2*i];
+ if (x<0) { return ""; }
+ int y = vec[2*i+1];
+ return std::string{begin + x, begin + y};
+ }
+
+
+ [[nodiscard]] auto format(const std::string & fmt) const;
+
+
+ [[nodiscard]] auto size() const -> int { return n; }
+
+
+ [[nodiscard]] inline auto empty() const { return n<0; }
+
+
+ [[nodiscard]] inline auto ready() const { return !vec.empty(); }
+
+};
+
+
+inline auto regex_search(const std::string & subj, const regex & rgx);
+
+
+auto regex_replace(const std::string & subj,
+ const regex & rgx,
+ const std::string & insert);
+
+
+inline auto regex_search(const std::string & subj, smatch & match,
+ const regex & rgx);
+
+
+auto regex_search(std::string::const_iterator begin,
+ std::string::const_iterator end,
+ smatch & match,
+ const regex & rgx);
+
+
+
+// ------------------------- implementation: ----------------------------------
+
+
+inline auto regex_search(const std::string & subj, const regex & rgx)
+{
+ if (rgx()==nullptr) {
+ throw std::runtime_error("regex_search error: no regex given");
+ }
+ int n = pcre_exec(rgx(), nullptr, subj.c_str(), subj.length(),
+ 0, 0, nullptr, 0);
+ return n>=0;
+}
+
+
+auto regex_search(const std::string::const_iterator begin,
+ const std::string::const_iterator end,
+ smatch & match,
+ const regex & rgx)
+{
+ if (rgx()==nullptr) {
+ throw std::runtime_error("regex_search error: no regex given");
+ }
+
+ int sz = 0;
+ pcre_fullinfo(rgx(), nullptr, PCRE_INFO_CAPTURECOUNT, &sz);
+ sz = 3*(sz + 1);
+
+ match.vec.reserve(sz);
+
+ const char * subj = &*begin;
+ size_t len = &*end - subj;
+
+ match.begin = begin;
+ match.end = end;
+
+ match.n = pcre_exec(rgx(), nullptr, subj, len, 0, 0, &match.vec[0], sz);
+
+ if (match.n<0) { return false; }
+ if (match.n==0) { match.n = sz/3; }
+
+ return true;
+}
+
+
+inline auto regex_search(const std::string & subj, smatch & match,
+ const regex & rgx)
+{
+ return regex_search(subj.begin(), subj.end(), match, rgx);
+}
+
+
+auto smatch::format(const std::string & fmt) const {
+ std::string ret{};
+ size_t index = 0;
+
+ size_t pos;
+ while ((pos=fmt.find('$', index)) != std::string::npos) {
+ ret.append(fmt, index, pos-index);
+ index = pos + 1;
+
+ char chr = fmt[index++];
+ int n = 0;
+ static const auto BASE = 10;
+ switch(chr) {
+
+ case '&': // match
+ ret += this->str(0);
+ break;
+
+ case '`': // prefix
+ ret.append(begin, begin+vec[0]);
+ break;
+
+ case '\'': // suffix
+ ret.append(begin+vec[1], end);
+ break;
+
+ default: // number => submatch
+ while (isdigit(chr) != 0) {
+ n = BASE*n + chr - '0';
+ chr = fmt[index++];
+ }
+
+ ret += n>0 ? str(n) : std::string{"$"};
+
+ [[fallthrough]];
+
+ case '$': // escaped
+ ret += chr;
+ }
+ }
+ ret.append(fmt, index);
+ return ret;
+}
+
+
+auto regex_replace(const std::string & subj,
+ const regex & rgx,
+ const std::string & insert)
+{
+ if (rgx()==nullptr) {
+ throw std::runtime_error("regex_replace error: no regex given");
+ }
+
+ std::string ret{};
+ auto pos = subj.begin();
+
+ for (smatch match;
+ regex_search(pos, subj.end(), match, rgx);
+ pos += match.position(0) + match.length(0))
+ {
+ ret.append(pos, pos + match.position(0));
+ ret.append(match.format(insert));
+ }
+
+ ret.append(pos, subj.end());
+ return ret;
+}
+
+
+
+// ------------ There is only the translation table below : -------------------
+
+
+const std::array<regex_constants::error_type, 86> regex::errcode_pcre2regex = {
+ // 0 no error
+ regex_constants::error_type::_enum_error_last,
+ // 1 \ at end of pattern
+ regex_constants::error_escape,
+ // 2 \c at end of pattern
+ regex_constants::error_escape,
+ // 3 unrecognized character follows \ .
+ regex_constants::error_escape,
+ // 4 numbers out of order in {} quantifier
+ regex_constants::error_badbrace,
+ // 5 number too big in {} quantifier
+ regex_constants::error_badbrace,
+ // 6 missing terminating for character class
+ regex_constants::error_brack,
+ // 7 invalid escape sequence in character class
+ regex_constants::error_escape,
+ // 8 range out of order in character class
+ regex_constants::error_range,
+ // 9 nothing to repeat
+ regex_constants::error_badrepeat,
+ // 10 [this code is not in use
+ regex_constants::error_type::_enum_error_last,
+ // 11 internal error: unexpected repeat
+ regex_constants::error_badrepeat,
+ // 12 unrecognized character after (? or (?-
+ regex_constants::error_backref,
+ // 13 POSIX named classes are supported only within a class
+ regex_constants::error_range,
+ // 14 missing )
+ regex_constants::error_paren,
+ // 15 reference to non-existent subpattern
+ regex_constants::error_backref,
+ // 16 erroffset passed as NULL
+ regex_constants::error_type::_enum_error_last,
+ // 17 unknown option bit(s) set
+ regex_constants::error_type::_enum_error_last,
+ // 18 missing ) after comment
+ regex_constants::error_paren,
+ // 19 [this code is not in use
+ regex_constants::error_type::_enum_error_last,
+ // 20 regular expression is too large
+ regex_constants::error_space,
+ // 21 failed to get memory
+ regex_constants::error_stack,
+ // 22 unmatched parentheses
+ regex_constants::error_paren,
+ // 23 internal error: code overflow
+ regex_constants::error_stack,
+ // 24 unrecognized character after (?<
+ regex_constants::error_backref,
+ // 25 lookbehind assertion is not fixed length
+ regex_constants::error_backref,
+ // 26 malformed number or name after (?(
+ regex_constants::error_backref,
+ // 27 conditional group contains more than two branches
+ regex_constants::error_backref,
+ // 28 assertion expected after (?(
+ regex_constants::error_backref,
+ // 29 (?R or (?[+-digits must be followed by )
+ regex_constants::error_backref,
+ // 30 unknown POSIX class name
+ regex_constants::error_ctype,
+ // 31 POSIX collating elements are not supported
+ regex_constants::error_collate,
+ // 32 this version of PCRE is compiled without UTF support
+ regex_constants::error_collate,
+ // 33 [this code is not in use
+ regex_constants::error_type::_enum_error_last,
+ // 34 character value in \x{} or \o{} is too large
+ regex_constants::error_escape,
+ // 35 invalid condition (?(0)
+ regex_constants::error_backref,
+ // 36 \C not allowed in lookbehind assertion
+ regex_constants::error_escape,
+ // 37 PCRE does not support \L, \l, \N{name}, \U, or \u
+ regex_constants::error_escape,
+ // 38 number after (?C is > 255
+ regex_constants::error_backref,
+ // 39 closing ) for (?C expected
+ regex_constants::error_paren,
+ // 40 recursive call could loop indefinitely
+ regex_constants::error_complexity,
+ // 41 unrecognized character after (?P
+ regex_constants::error_backref,
+ // 42 syntax error in subpattern name (missing terminator)
+ regex_constants::error_paren,
+ // 43 two named subpatterns have the same name
+ regex_constants::error_backref,
+ // 44 invalid UTF-8 string (specifically UTF-8)
+ regex_constants::error_collate,
+ // 45 support for \P, \p, and \X has not been compiled
+ regex_constants::error_escape,
+ // 46 malformed \P or \p sequence
+ regex_constants::error_escape,
+ // 47 unknown property name after \P or \p
+ regex_constants::error_escape,
+ // 48 subpattern name is too long (maximum 32 characters)
+ regex_constants::error_backref,
+ // 49 too many named subpatterns (maximum 10000)
+ regex_constants::error_complexity,
+ // 50 [this code is not in use
+ regex_constants::error_type::_enum_error_last,
+ // 51 octal value is greater than \377 in 8-bit non-UTF-8 mode
+ regex_constants::error_escape,
+ // 52 internal error: overran compiling workspace
+ regex_constants::error_type::_enum_error_last,
+ // 53 internal error: previously-checked referenced subpattern not found
+ regex_constants::error_type::_enum_error_last,
+ // 54 DEFINE group contains more than one branch
+ regex_constants::error_backref,
+ // 55 repeating a DEFINE group is not allowed
+ regex_constants::error_backref,
+ // 56 inconsistent NEWLINE options
+ regex_constants::error_escape,
+ // 57 \g is not followed by a braced, angle-bracketed, or quoted name/number or by a plain number
+ regex_constants::error_backref,
+ // 58 a numbered reference must not be zero
+ regex_constants::error_backref,
+ // 59 an argument is not allowed for (*ACCEPT), (*FAIL), or (*COMMIT)
+ regex_constants::error_complexity,
+ // 60 (*VERB) not recognized or malformed
+ regex_constants::error_complexity,
+ // 61 number is too big
+ regex_constants::error_complexity,
+ // 62 subpattern name expected
+ regex_constants::error_backref,
+ // 63 digit expected after (?+
+ regex_constants::error_backref,
+ // 64 is an invalid data character in JavaScript compatibility mode
+ regex_constants::error_escape,
+ // 65 different names for subpatterns of the same number are not allowed
+ regex_constants::error_backref,
+ // 66 (*MARK) must have an argument
+ regex_constants::error_complexity,
+ // 67 this version of PCRE is not compiled with Unicode property support
+ regex_constants::error_collate,
+ // 68 \c must be followed by an ASCII character
+ regex_constants::error_escape,
+ // 69 \k is not followed by a braced, angle-bracketed, or quoted name
+ regex_constants::error_backref,
+ // 70 internal error: unknown opcode in find_fixedlength()
+ regex_constants::error_type::_enum_error_last,
+ // 71 \N is not supported in a class
+ regex_constants::error_ctype,
+ // 72 too many forward references
+ regex_constants::error_backref,
+ // 73 disallowed Unicode code point (>= 0xd800 && <= 0xdfff)
+ regex_constants::error_escape,
+ // 74 invalid UTF-16 string (specifically UTF-16)
+ regex_constants::error_collate,
+ // 75 name is too long in (*MARK), (*PRUNE), (*SKIP), or (*THEN)
+ regex_constants::error_complexity,
+ // 76 character value in \u.... sequence is too large
+ regex_constants::error_escape,
+ // 77 invalid UTF-32 string (specifically UTF-32)
+ regex_constants::error_collate,
+ // 78 setting UTF is disabled by the application
+ regex_constants::error_collate,
+ // 79 non-hex character in \x{} (closing brace missing?)
+ regex_constants::error_escape,
+ // 80 non-octal character in \o{} (closing brace missing?)
+ regex_constants::error_escape,
+ // 81 missing opening brace after \o
+ regex_constants::error_brace,
+ // 82 parentheses are too deeply nested
+ regex_constants::error_complexity,
+ // 83 invalid range in character class
+ regex_constants::error_range,
+ // 84 group name must start with a non-digit
+ regex_constants::error_backref,
+ // 85 parentheses are too deeply nested (stack check)
+ regex_constants::error_stack
+};
+
+
+} // namespace rgx
+
+
+#endif
--- /dev/null
+#!/bin/bash
+
+PRINT_PASSED=2
+
+
+OPENSSL_PEM="$(mktemp)"
+OPENSSL_DER="$(mktemp)"
+
+NONCE=$(dd if=/dev/urandom bs=1 count=4 2>/dev/null | hexdump -e '1/1 "%02x"')
+SUBJECT=/C="ZZ"/ST="Somewhere"/L="None"/O="OpenWrt'$NONCE'"/CN="OpenWrt"
+
+openssl req -x509 -nodes -days 1 -keyout /dev/null 2>/dev/null \
+ -out "$OPENSSL_PEM" -subj "$SUBJECT" \
+|| ( printf "error: generating PEM certificate with openssl"; return 1)
+openssl req -x509 -nodes -days 1 -keyout /dev/null 2>/dev/null \
+ -out "$OPENSSL_DER" -outform der -subj "$SUBJECT" \
+|| ( printf "error: generating DER certificate with openssl"; return 1)
+
+
+function test() {
+ MSG="$1 >/dev/null \t (-> $2?) \t"
+ eval "$1 >/dev/null "
+ if [ $? -eq $2 ]
+ then
+ [ "$PRINT_PASSED" -gt 0 ] && printf "$MSG passed.\n"
+ else
+ printf "$MSG failed!!!\n"
+ [ "$PRINT_PASSED" -gt 1 ] && exit 1
+ fi
+}
+
+
+[ "$PRINT_PASSED" -gt 0 ] && printf "\nTesting openssl itself ...\n"
+
+[ "$PRINT_PASSED" -gt 1 ] && printf " * right PEM:\n"
+test 'cat "$OPENSSL_PEM" | openssl x509 -checkend 0 ' 0
+test 'cat "$OPENSSL_PEM" | openssl x509 -checkend 86300 ' 0
+test 'cat "$OPENSSL_PEM" | openssl x509 -checkend 86400 ' 1
+
+[ "$PRINT_PASSED" -gt 1 ] && printf " * right DER:\n"
+test 'cat "$OPENSSL_DER" | openssl x509 -checkend 0 -inform der ' 0
+test 'cat "$OPENSSL_DER" | openssl x509 -checkend 86300 -inform der ' 0
+test 'cat "$OPENSSL_DER" | openssl x509 -checkend 86400 -inform der ' 1
+
+[ "$PRINT_PASSED" -gt 1 ] && printf " * wrong:\n"
+test 'cat "$OPENSSL_PEM" | openssl x509 -checkend 0 -inform der 2>/dev/null' 1
+test 'cat "$OPENSSL_DER" | openssl x509 -checkend 0 2>/dev/null' 1
+
+
+[ "$PRINT_PASSED" -gt 0 ] && printf "\nTesting px5g checkend ...\n"
+
+[ "$PRINT_PASSED" -gt 1 ] && printf " * right PEM:\n"
+test 'cat "$OPENSSL_PEM" | ./px5g checkend 0 ' 0
+test 'cat "$OPENSSL_PEM" | ./px5g checkend 86300 ' 0
+test 'cat "$OPENSSL_PEM" | ./px5g checkend 86400 ' 1
+
+[ "$PRINT_PASSED" -gt 1 ] && printf " * right DER:\n"
+test 'cat "$OPENSSL_DER" | ./px5g checkend -der 0 ' 0
+test 'cat "$OPENSSL_DER" | ./px5g checkend -der 86300 ' 0
+test 'cat "$OPENSSL_DER" | ./px5g checkend -der 86400 ' 1
+
+[ "$PRINT_PASSED" -gt 1 ] && printf " * in option:\n"
+test 'cat "$OPENSSL_DER" | ./px5g checkend -in /proc/self/fd/0 -der 0 ' 0
+test 'cat "$OPENSSL_DER" | ./px5g checkend -der -in /proc/self/fd/0 99 ' 0
+
+[ "$PRINT_PASSED" -gt 1 ] && printf " * wrong:\n"
+test 'cat "$OPENSSL_PEM" | ./px5g checkend -der 0 2>/dev/null' 1
+test 'cat "$OPENSSL_DER" | ./px5g checkend 0 2>/dev/null' 1
+
+
+[ "$PRINT_PASSED" -gt 0 ] && printf "\nTesting px5g eckey ...\n"
+
+[ "$PRINT_PASSED" -gt 1 ] && printf " * standard curves:\n"
+test './px5g eckey P-256 | openssl ec -check 2>/dev/null' 0
+test './px5g eckey P-384 | openssl ec -check 2>/dev/null' 0
+test './px5g eckey secp384r1 | openssl ec -check 2>/dev/null' 0
+test './px5g eckey secp256r1 | openssl ec -check 2>/dev/null' 0
+test './px5g eckey secp256k1 | openssl ec -check 2>/dev/null' 0
+
+[ "$PRINT_PASSED" -gt 1 ] && printf " * more curves:\n"
+test './px5g eckey P-521 | openssl ec -check 2>/dev/null' 0
+test './px5g eckey secp521r1 | openssl ec -check 2>/dev/null' 0
+test './px5g eckey secp224r1 | openssl ec -check 2>/dev/null' 0
+test './px5g eckey secp224k1 | openssl ec -check 2>/dev/null' 0
+test './px5g eckey secp192r1 | openssl ec -check 2>/dev/null' 0
+test './px5g eckey secp192k1 | openssl ec -check 2>/dev/null' 0
+test './px5g eckey brainpoolP512r1 | openssl ec -check 2>/dev/null' 0
+test './px5g eckey brainpoolP384r1 | openssl ec -check 2>/dev/null' 0
+test './px5g eckey brainpoolP256r1 | openssl ec -check 2>/dev/null' 0
+
+[ "$PRINT_PASSED" -gt 1 ] && printf " * other options:\n"
+test './px5g eckey -out /proc/self/fd/1 | openssl ec -check 2>/dev/null' 0
+test './px5g eckey -der | openssl ec -check -inform der 2>/dev/null' 0
+
+
+[ "$PRINT_PASSED" -gt 0 ] && printf "\nTesting px5g rsakey ...\n"
+
+[ "$PRINT_PASSED" -gt 1 ] && printf " * standard exponent:\n"
+test './px5g rsakey | openssl rsa -check 2>/dev/null' 0
+test './px5g rsakey 512 | openssl rsa -check 2>/dev/null' 0
+test './px5g rsakey 1024 | openssl rsa -check 2>/dev/null' 0
+test './px5g rsakey 2048 | openssl rsa -check 2>/dev/null' 0
+test './px5g rsakey 4096 | openssl rsa -check 2>/dev/null' 0
+test './px5g rsakey 1111 | openssl rsa -check 2>/dev/null' 0
+test './px5g rsakey 0 2>/dev/null' 1
+
+[ "$PRINT_PASSED" -gt 1 ] && printf " * small exponent:\n"
+test './px5g rsakey -3 | openssl rsa -check 2>/dev/null' 0
+test './px5g rsakey -3 512 | openssl rsa -check 2>/dev/null' 0
+test './px5g rsakey -3 1024 | openssl rsa -check 2>/dev/null' 0
+test './px5g rsakey -3 2048 | openssl rsa -check 2>/dev/null' 0
+test './px5g rsakey -3 4096 | openssl rsa -check 2>/dev/null' 0
+test './px5g rsakey -3 1111 | openssl rsa -check 2>/dev/null' 0
+test './px5g rsakey -3 0 2>/dev/null' 1
+
+[ "$PRINT_PASSED" -gt 1 ] && printf " * other options:\n"
+test './px5g rsakey -out /proc/self/fd/1 | openssl rsa -check 2>/dev/null' 0
+test './px5g rsakey -der | openssl rsa -check -inform der 2>/dev/null' 0
+
+
+[ "$PRINT_PASSED" -gt 0 ] && printf "\nTesting px5g selfsigned ...\n"
+
+test './px5g selfsigned -der | openssl x509 -checkend 0 -inform der ' 0
+test './px5g selfsigned -days 1 | openssl x509 -checkend 0 ' 0
+test './px5g selfsigned -days 1 | openssl x509 -checkend 86300' 0
+test './px5g selfsigned -days 1 | openssl x509 -checkend 86400' 1
+test './px5g selfsigned -out /proc/self/fd/1 | openssl x509 -checkend 0 ' 0
+test './px5g selfsigned -newkey rsa:666 | openssl x509 -checkend 0 ' 0
+test './px5g selfsigned -newkey ec | openssl x509 -checkend 0 ' 0
+test './px5g selfsigned -newkey ec -pkeyopt ec_paramgen_curve:secp384r1 \
+ | openssl x509 -checkend 0 ' 0
+test './px5g selfsigned -subj $SUBJECT | openssl x509 -noout \
+ -subject -nameopt compat | grep -q subject=$SUBJECT 2>/dev/null' 0
+test './px5g selfsigned -out /dev/null -keyout /proc/self/fd/1 \
+ | openssl rsa -check 2>/dev/null ' 0
+
+
+rm "$OPENSSL_PEM" "$OPENSSL_DER"
--- /dev/null
+#ifndef _UBUS_CXX_HPP
+#define _UBUS_CXX_HPP
+
+extern "C" { //TODO(pst): remove when in upstream
+#include <libubus.h>
+}
+#include <cassert>
+#include <memory>
+#include <mutex>
+#include <string>
+#include <utility>
+#include <vector>
+#ifndef NDEBUG
+#include <iostream>
+#endif
+
+
+// // example for checking if there is a key:
+// if (ubus::call("service", "list", 1000).filter("cron")) {
+// std::cout<<"Cron is active (with or without instances) "<<std::endl;
+// }
+
+// // example for getting values:
+// auto lan_status = ubus::call("network.interface.lan", "status");
+// for (auto x : lan_status.filter("ipv6-address", "", "address")) {
+// std::cout<<"["<<blobmsg_get_string(x)<<"] ";
+// }
+// for (auto x : lan_status.filter("ipv4-address", "").filter("address")) {
+// std::cout<<blobmsg_get_string(x)<<" ";
+// }
+// std::cout<<std::endl;
+
+// // example for exploring:
+// ubus::strings keys{"ipv4-address", "", ""};
+// for (auto x : ubus::call("network.interface.lan", "status").filter(keys)) {
+// std::cout<<blobmsg_name(x)<<": ";
+// switch (blob_id(x)) {
+// case BLOBMSG_TYPE_UNSPEC: std::cout<<"[unspecified]"; break;
+// case BLOBMSG_TYPE_ARRAY: std::cout<<"[array]"; break;
+// case BLOBMSG_TYPE_TABLE: std::cout<<"[table]"; break;
+// case BLOBMSG_TYPE_STRING: std::cout<<blobmsg_get_string(x); break;
+// case BLOBMSG_TYPE_INT64: std::cout<<blobmsg_get_u64(x); break;
+// case BLOBMSG_TYPE_INT32: std::cout<<blobmsg_get_u32(x); break;
+// case BLOBMSG_TYPE_INT16: std::cout<<blobmsg_get_u16(x); break;
+// case BLOBMSG_TYPE_BOOL: std::cout<<blobmsg_get_bool(x); break;
+// case BLOBMSG_TYPE_DOUBLE: std::cout<<blobmsg_get_double(x); break;
+// default: std::cout<<"[unknown]";
+// }
+// std::cout<<std::endl;
+// }
+
+// // example for recursive exploring (output like from the original ubus call)
+// const auto explore = [](auto message) -> void
+// {
+// auto end = message.end();
+// auto explore_internal =
+// [&end](auto & explore_ref, auto it, size_t depth=1) -> void
+// {
+// std::cout<<std::endl;
+// bool first = true;
+// for (; it!=end; ++it) {
+// auto * attr = *it;
+// if (first) { first = false; }
+// else { std::cout<<",\n"; }
+// std::cout<<std::string(depth, '\t');
+// std::string name = blobmsg_name(attr);
+// if (name != "") { std::cout<<"\""<<name<<"\": "; }
+// switch (blob_id(attr)) {
+// case BLOBMSG_TYPE_UNSPEC: std::cout<<"(unspecified)"; break;
+// case BLOBMSG_TYPE_ARRAY:
+// std::cout<<"[";
+// explore_ref(explore_ref, ubus::iterator{attr}, depth+1);
+// std::cout<<"\n"<<std::string(depth, '\t')<<"]";
+// break;
+// case BLOBMSG_TYPE_TABLE:
+// std::cout<<"{";
+// explore_ref(explore_ref, ubus::iterator{attr}, depth+1);
+// std::cout<<"\n"<<std::string(depth, '\t')<<"}";
+// break;
+// case BLOBMSG_TYPE_STRING:
+// std::cout<<"\""<<blobmsg_get_string(attr)<<"\"";
+// break;
+// case BLOBMSG_TYPE_INT64:
+// std::cout<<blobmsg_get_u64(attr);
+// break;
+// case BLOBMSG_TYPE_INT32:
+// std::cout<<blobmsg_get_u32(attr);
+// break;
+// case BLOBMSG_TYPE_INT16:
+// std::cout<<blobmsg_get_u16(attr);
+// break;
+// case BLOBMSG_TYPE_BOOL:
+// std::cout<<(blobmsg_get_bool(attr) ? "true" : "false");
+// break;
+// case BLOBMSG_TYPE_DOUBLE:
+// std::cout<<blobmsg_get_double(attr);
+// break;
+// default: std::cout<<"(unknown)"; break;
+// }
+// }
+// };
+// std::cout<<"{";
+// explore_internal(explore_internal, message.begin());
+// std::cout<<"\n}"<<std::endl;
+// };
+// explore(ubus::call("network.interface.lan", "status"));
+
+
+
+namespace ubus {
+
+using msg_ptr = std::shared_ptr<const blob_attr>;
+
+using strings = std::vector<std::string>;
+
+
+inline auto concat(strings dest) { return dest; }
+
+
+template<class ...Strings>
+inline auto concat(strings dest, strings src, Strings ...more)
+{
+ dest.reserve(dest.size() + src.size());
+ dest.insert(std::end(dest), std::make_move_iterator(std::begin(src)),
+ std::make_move_iterator(std::end(src)));
+ return concat(std::move(dest), std::move(more)...);
+}
+
+
+template<class S, class ...Strings>
+inline auto concat(strings dest, S src, Strings ...more)
+{
+ dest.push_back(std::move(src));
+ return concat(std::move(dest), std::move(more)...);
+}
+
+
+
+class iterator {
+
+private:
+
+ const strings & keys;
+
+ const size_t n = 0;
+
+ size_t i = 0;
+
+ const blob_attr * pos = nullptr;
+
+ std::unique_ptr<iterator> cur{};
+
+ iterator * parent = nullptr;
+
+ size_t rem = 0;
+
+
+ [[nodiscard]] inline auto matches() const -> bool
+ {
+ return (keys[i].empty() || blobmsg_name(cur->pos)==keys[i]);
+ }
+
+
+ explicit iterator(iterator * par)
+ : keys{par->keys}, n{par->n}, pos{par->pos}, cur{this}, parent{par}
+ {
+ if (pos!=nullptr) {
+ rem = blobmsg_data_len(pos);
+ pos = static_cast<blob_attr *>(blobmsg_data(pos));
+ }
+ }
+
+
+public:
+
+ explicit iterator(const blob_attr * msg, const strings & filter={""})
+ : keys{filter}, n{keys.size()-1}, pos{msg}, cur{this}
+ {
+ if (pos!=nullptr) {
+ rem = blobmsg_data_len(pos);
+ pos = static_cast<blob_attr *>(blobmsg_data(pos));
+
+ if (rem==0) { pos = nullptr; }
+ else if (i!=n || !matches()) { ++*this; }
+ }
+ }
+
+
+ inline iterator(iterator &&) = default;
+
+
+ inline iterator(const iterator &) = delete;
+
+
+ inline auto operator=(const iterator &) -> iterator & = delete;
+
+
+ inline auto operator=(iterator &&) -> iterator & = delete;
+
+
+ inline auto operator*() { return cur->pos; }
+
+
+ inline auto operator!=(const iterator & rhs)
+ { return (cur->rem!=rhs.cur->rem || cur->pos!=rhs.cur->pos); }
+
+
+ auto operator++() -> iterator &;
+
+
+ inline ~iterator() { if (cur.get()==this) { cur.release(); } }
+
+};
+
+
+
+class message {
+
+private:
+
+ const msg_ptr msg{}; // initialized by callback.
+
+ const strings keys{};
+
+
+public:
+
+ inline explicit message(msg_ptr message, strings filter={""})
+ : msg{std::move(message)}, keys{std::move(filter)} {}
+
+
+ inline message(message &&) = default;
+
+
+ inline message(const message &) = delete;
+
+
+ inline auto operator=(message &&) -> message & = delete;
+
+
+ inline auto operator=(const message &) -> message & = delete;
+
+
+ [[nodiscard]] inline auto begin() const -> iterator
+ { return iterator{msg.get(), keys}; }
+
+
+ [[nodiscard]] inline auto end() const -> iterator
+ { return iterator{nullptr, keys}; }
+
+
+ inline explicit operator bool() const { return begin()!=end(); }
+
+
+ template<class ...Strings>
+ auto filter(Strings ...filter)
+ {
+ strings both{};
+ if (keys.size()!=1 || !keys[0].empty()) { both = keys; }
+ both = concat(std::move(both), std::move(filter)...);
+ return std::move(message{msg, std::move(both)});
+ }
+
+
+ inline ~message() = default;
+
+};
+
+
+
+class ubus {
+
+private:
+
+ static std::mutex buffering;
+
+
+public:
+
+ inline ubus() = delete;
+
+
+ inline ubus(ubus &&) = delete;
+
+
+ inline ubus(const ubus &) = delete;
+
+
+ inline auto operator=(ubus &&) -> auto && = delete;
+
+
+ inline auto operator=(const ubus &) -> auto & = delete;
+
+
+ static auto get_context() -> ubus_context *
+ {
+ static auto ubus_freeing = [] (ubus_context * ctx) { ubus_free(ctx); };
+ static std::unique_ptr<ubus_context, decltype(ubus_freeing)>
+ lazy_ctx{ubus_connect(nullptr), ubus_freeing};
+
+ if (!lazy_ctx) { // it could be available on a later call:
+ static std::mutex connecting;
+
+ connecting.lock();
+ if (!lazy_ctx) { lazy_ctx.reset(ubus_connect(nullptr)); }
+ connecting.unlock();
+
+ if (!lazy_ctx) {
+ throw std::runtime_error("ubus error: cannot connect context");
+ }
+ }
+
+ return lazy_ctx.get();
+ }
+
+
+ static auto lock_and_get_shared_blob_buf() -> blob_buf *
+ {
+ static blob_buf buf;
+
+ static auto blob_buf_freeing = [] (blob_buf * b) { blob_buf_free(b); };
+ static std::unique_ptr<blob_buf, decltype(blob_buf_freeing)>
+ created_to_free_on_the_end_of_life{&buf, blob_buf_freeing};
+
+ buffering.lock();
+ blob_buf_init(&buf, 0);
+ return &buf;
+ }
+
+
+ static void unlock_shared_blob_buf() { buffering.unlock(); }
+
+
+ inline ~ubus() = delete;
+
+};
+
+
+auto call(const char * path, const char * method="", int timeout=500);
+
+
+
+// ------------------------- implementation: ----------------------------------
+
+
+std::mutex ubus::buffering;
+
+
+inline auto iterator::operator++() -> iterator &
+{
+ for(;;) {
+ #ifndef NDEBUG
+ std::cout<<std::string(i,'>')<<" look for "<<keys[i]<<" at ";
+ std::cout<<blobmsg_name(cur->pos)<<std::endl;
+ #endif
+
+ auto id = blob_id(cur->pos);
+ if ( (id==BLOBMSG_TYPE_TABLE || id==BLOBMSG_TYPE_ARRAY)
+ && i<n
+ && matches()
+ && blobmsg_data_len(cur->pos)>0 )
+ { //immmerge:
+ ++i;
+
+ auto tmp = cur.release();
+ cur = std::unique_ptr<iterator>{new iterator(tmp)};
+
+ } else {
+ while (true) {
+ cur->rem -= blob_pad_len(cur->pos);
+ cur->pos = blob_next(cur->pos);
+ auto len = blob_pad_len(cur->pos);
+
+ if (cur->rem>0 && len<=cur->rem && len>=sizeof(blob_attr))
+ { break; }
+
+ //emerge:
+ auto tmp = cur->parent;
+
+ if (tmp == nullptr) {
+ cur->pos = nullptr;
+ return *cur;
+ }
+
+ cur.reset(tmp);
+
+ --i;
+ }
+ }
+ if (i==n && matches()) { return *cur; }
+ }
+}
+
+
+inline auto call(const char * path, const char * method, const int timeout)
+{
+ auto ctx = ubus::get_context();
+
+ uint32_t id;
+ int err = ubus_lookup_id(ctx, path, &id);
+
+ if (err==0) { // call
+ ubus_request req{};
+
+ auto buf = ubus::lock_and_get_shared_blob_buf();
+ err = ubus_invoke_async(ctx, id, method, buf->head, &req);
+ ubus::unlock_shared_blob_buf();
+
+ if (err==0) {
+
+ msg_ptr msg;
+
+ /* Cannot capture anything (msg), the lambda would be another type.
+ * Pass a location where to save the message as priv pointer when
+ * invoking and get it back here:
+ */
+ req.priv = &msg;
+
+ req.data_cb = [](ubus_request * req, int /*type*/, blob_attr * msg)
+ {
+ if (req==nullptr || msg==nullptr) { return; }
+
+ auto saved = static_cast<msg_ptr *>(req->priv);
+ if (saved==nullptr || *saved) { return; }
+
+ saved->reset(blob_memdup(msg), free);
+ if (!*saved) { throw std::bad_alloc(); }
+ };
+
+ err = ubus_complete_request(ctx, &req, timeout);
+
+ if (err==0) { return message{msg}; }
+ }
+ }
+
+ std::string errmsg = "ubus::call error: cannot invoke";
+ errmsg += " (" + std::to_string(err) + ") " + path + " " + method;
+ throw std::runtime_error(errmsg.c_str());
+}
+
+
+} // namespace ubus
+
+
+#endif
include $(TOPDIR)/rules.mk
PKG_NAME:=nginx
-PKG_VERSION:=1.17.5
-PKG_RELEASE:=1
+PKG_VERSION:=1.17.7
+PKG_RELEASE:=3
PKG_SOURCE:=nginx-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://nginx.org/download/
-PKG_HASH:=63ee35e15a75af028ffa1f995e2b9c120b59ef5f1b61a23b8a4c33c262fc10c3
+PKG_HASH:=b62756842807e5693b794e5d0ae289bd8ae5b098e66538b2a91eb80f25c591ff
PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de> \
Ansuel Smith <ansuelsmth@gmail.com>
SUBMENU:=Web Servers/Proxies
TITLE:=Support file for Nginx
URL:=http://nginx.org/
- DEPENDS:=+uwsgi-cgi +uwsgi-cgi-luci-support
+ DEPENDS:=+uwsgi +uwsgi-luci-support
endef
define Package/nginx-mod-luci
ifeq ($(CONFIG_NGINX_HTTP_BROTLI),y)
define Download/nginx-brotli
- VERSION:=dc37f658ccb5a51d090dc09d1a2aca2f24309869
+ VERSION:=e505dce68acc190cc5a1e780a3b0275e39f160ca
SUBDIR:=nginx-brotli
FILE:=ngx-brotli-module-$$(VERSION).tar.xz
- URL:=https://github.com/eustas/ngx_brotli.git
- MIRROR_HASH:=6bc0c40ff24f6e0ac616dfddc803bdc7fcf54764ba9dc4f9cecb3a68beedcdaf
+ URL:=https://github.com/google/ngx_brotli.git
+ MIRROR_HASH:=04847f11ef808fed50f44b2af0ef3abf59ff0ffc06dfc7394d9ab51d53fef31f
PROTO:=git
endef
$(eval $(call Download,nginx-brotli))
ifeq ($(CONFIG_NGINX_UBUS),y)
define Download/nginx-ubus-module
- VERSION:=4547af00991357c9bc3bf4266b7c1547841bf204
+ VERSION:=f30b0167a2cdb40f23bd90928d601bdb0c1b8fad
SUBDIR:=nginx-ubus-module
FILE:=nginx-ubus-module-$$(VERSION).tar.xz
URL:=https://github.com/Ansuel/nginx-ubus-module.git
- MIRROR_HASH:=4e354934bd5fbd82b3d4c5ada19459c0f12162186a7a101a6426e2e1f30a8236
+ MIRROR_HASH:=02c7d4b0df7f4b69605e71b0fefdc99b5a9470c68cad7ccfb31ebefe4e7e0704
PROTO:=git
endef
$(eval $(call Download,nginx-ubus-module))
-user nobody nogroup;
+user root;
worker_processes 1;
#error_log logs/error.log;
uwsgi_modifier1 9;
uwsgi_pass unix:////var/run/luci-webui.socket;
}
-location ~ /cgi-bin/cgi-(backup|download|upload) {
+location ~ /cgi-bin/cgi-(backup|download|upload|exec) {
include uwsgi_params;
uwsgi_param SERVER_ADDR $server_addr;
uwsgi_modifier1 9;
include $(TOPDIR)/rules.mk
PKG_NAME:=nlbwmon
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/jow-/nlbwmon.git
}
service_triggers() {
- procd_add_reload_trigger "dhcp" "system"
+ procd_add_reload_trigger "dhcp" "system" "nlbwmon"
config_load dhcp
config_foreach add_interface_trigger dhcp
PKG_NAME:=ntp
PKG_VERSION:=4.2.8p13
-PKG_RELEASE:=3
+PKG_RELEASE:=4
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/
# since some of them might be dynamic interfaces (like IPsec
# tunnels) which aren't known by ubus.
+ mkdir -p "$(dirname "$config_file")"
+
trunc
emit "driftfile /var/lib/ntp/ntp.drift\n"
PKG_NAME:=nut
PKG_VERSION:=2.7.4
-PKG_RELEASE:=18
+PKG_RELEASE:=20
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://www.networkupstools.org/source/2.7/
CONFIG_NUT_DRIVER_SNMP \
CONFIG_NUT_DRIVER_USB \
CONFIG_NUT_DRIVER_SERIAL \
- CONFIG_NUT_SSL
+ CONFIG_NUT_SSL \
+ CONFIG_PACKAGE_nut-web-cgi
include $(INCLUDE_DIR)/package.mk
define Package/nut-web-cgi
$(call Package/nut/Default)
TITLE+= Web CGI interface
- DEPENDS:=nut +nut-common +libgd
+ DEPENDS:=nut +nut-common +PACKAGE_nut-web-cgi:libgd
endef
define Package/nut-web-cgi/description
--without-powerman \
--without-wrap \
--with-hotplug-dir=/etc/hotplug \
- --with-cgi \
+ --with$(if $(CONFIG_PACKAGE_nut-web-cgi),,out)-cgi \
--without-ipmi \
--without-freeipmi \
--$(if $(CONFIG_NUT_SSL),with,without)-ssl $(if $(CONFIG_NUT_SSL),--with-openssl) \
--with-statepath=/var/run/nut \
--with-drvpath=/lib/nut \
--with-user=root \
- --with-group=root
+ --with-group=root \
+ $(if $(CONFIG_PACKAGE_nut-web-cgi),--with-gd-includes="`pkg-config --cflags gdlib`") \
+ $(if $(CONFIG_PACKAGE_nut-web-cgi),--with-gd-libs="`pkg-config --libs gdlib`")
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include $(1)/usr/lib/pkgconfig
fi
}
- config_list_foreach "$cfg" other other
- config_list_foreach "$cfg" other otherflag
+ config_list_foreach "$cfg" other other other
+ config_list_foreach "$cfg" otherflag other otherflag
echo "" >>$UPS_C
havedriver=1
}
-From fcbf18c92918ce5e81d0aab62a7aed5c2245ea4d Mon Sep 17 00:00:00 2001
-From: Eneas U de Queiroz <cote2004-github@yahoo.com>
-Date: Fri, 1 Jun 2018 11:17:28 -0300
-Subject: [PATCH 1/2] Add compatibility with openssl 1.1.0
+commit 612c05efb3c3b243da603a3a050993281888b6e3
+Author: Arjen de Korte <build+github@de-korte.org>
+Date: Fri Mar 15 10:17:32 2019 +0100
-Minor adjustments were needed:
-* Openssl 1.1 libs do not need to be initialized.
-* TLSv*_method became TLS_*_method.
+ Add support for openssl-1.1.0 (#504)
+
+ * Add support for openssl-1.1.0
+
+ * Allow TLSv1 and higher (not just TLSv1)
+
+ * Fix check for empty string
+
+ * Report TLS handshake in debug mode
+
+ * Update nut_check_libopenssl.m4
+
+ * Update upsclient.c
+
+ * Update netssl.c
-Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
----
- clients/upsclient.c | 5 ++++-
- m4/nut_check_libopenssl.m4 | 2 +-
- server/netssl.c | 7 +++++--
- 3 files changed, 10 insertions(+), 4 deletions(-)
-
-diff --git a/clients/upsclient.c b/clients/upsclient.c
-index b90587b0..053d60fb 100644
--- a/clients/upsclient.c
+++ b/clients/upsclient.c
-@@ -316,10 +316,13 @@ int upscli_init(int certverify, const char *certpath,
-
+@@ -299,11 +299,6 @@ int upscli_init(int certverify, const ch
+ {
#ifdef WITH_OPENSSL
+ int ret, ssl_mode = SSL_VERIFY_NONE;
+-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+- const SSL_METHOD *ssl_method;
+-#else
+- SSL_METHOD *ssl_method;
+-#endif
+ #elif defined(WITH_NSS) /* WITH_OPENSSL */
+ SECStatus status;
+ #endif /* WITH_OPENSSL | WITH_NSS */
+@@ -315,22 +310,32 @@ int upscli_init(int certverify, const ch
+ }
-+# if OPENSSL_VERSION_NUMBER < 0x10100000L
- SSL_library_init();
- SSL_load_error_strings();
-+# define TLS_client_method TLSv1_client_method
-+# endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
+ #ifdef WITH_OPENSSL
+-
+- SSL_library_init();
+- SSL_load_error_strings();
- ssl_method = TLSv1_client_method();
-+ ssl_method = TLS_client_method();
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++ SSL_load_error_strings();
++ SSL_library_init();
+
+- if (!ssl_method) {
+- return 0;
+- }
++ ssl_ctx = SSL_CTX_new(SSLv23_client_method());
++#else
++ ssl_ctx = SSL_CTX_new(TLS_client_method());
++#endif
- if (!ssl_method) {
- return 0;
-diff --git a/m4/nut_check_libopenssl.m4 b/m4/nut_check_libopenssl.m4
-index 1b875077..7eb401cd 100644
+- ssl_ctx = SSL_CTX_new(ssl_method);
+ if (!ssl_ctx) {
+ upslogx(LOG_ERR, "Can not initialize SSL context");
+ return -1;
+ }
+
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++ /* set minimum protocol TLSv1 */
++ SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
++#else
++ ret = SSL_CTX_set_min_proto_version(ssl_ctx, TLS1_VERSION);
++ if (ret != 1) {
++ upslogx(LOG_ERR, "Can not set minimum protocol to TLSv1");
++ return -1;
++ }
++#endif
++
+ if (!certpath) {
+ if (certverify == 1) {
+ upslogx(LOG_ERR, "Can not verify certificate if any is specified");
+@@ -737,7 +742,7 @@ static int upscli_sslinit(UPSCONN_t *ups
+ switch(res)
+ {
+ case 1:
+- upsdebugx(3, "SSL connected");
++ upsdebugx(3, "SSL connected (%s)", SSL_get_version(ups->ssl));
+ break;
+ case 0:
+ upslog_with_errno(1, "SSL_connect do not accept handshake.");
+--- a/clients/upssched.c
++++ b/clients/upssched.c
+@@ -794,7 +794,7 @@ static void parse_at(const char *ntype,
+ }
+
+ if (!strcmp(cmd, "EXECUTE")) {
+- if (ca1 == '\0') {
++ if (ca1[0] == '\0') {
+ upslogx(LOG_ERR, "Empty EXECUTE command argument");
+ return;
+ }
--- a/m4/nut_check_libopenssl.m4
+++ b/m4/nut_check_libopenssl.m4
-@@ -58,7 +58,7 @@ if test -z "${nut_have_libopenssl_seen}"; then
+@@ -58,7 +58,7 @@ if test -z "${nut_have_libopenssl_seen}"
dnl check if openssl is usable
AC_CHECK_HEADERS(openssl/ssl.h, [nut_have_openssl=yes], [nut_have_openssl=no], [AC_INCLUDES_DEFAULT])
if test "${nut_have_openssl}" = "yes"; then
nut_with_ssl="yes"
-diff --git a/server/netssl.c b/server/netssl.c
-index c2f40989..0289e296 100644
--- a/server/netssl.c
+++ b/server/netssl.c
-@@ -387,12 +387,15 @@ void ssl_init(void)
+@@ -274,7 +274,7 @@ void net_starttls(nut_ctype_t *client, i
+ {
+ case 1:
+ client->ssl_connected = 1;
+- upsdebugx(3, "SSL connected");
++ upsdebugx(3, "SSL connected (%s)", SSL_get_version(client->ssl));
+ break;
+
+ case 0:
+@@ -370,13 +370,7 @@ void ssl_init(void)
+ {
+ #ifdef WITH_NSS
+ SECStatus status;
+-#elif defined(WITH_OPENSSL)
+-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+- const SSL_METHOD *ssl_method;
+-#else
+- SSL_METHOD *ssl_method;
+-#endif
+-#endif /* WITH_NSS|WITH_OPENSSL */
++#endif /* WITH_NSS */
+
+ if (!certfile) {
+ return;
+@@ -386,18 +380,29 @@ void ssl_init(void)
#ifdef WITH_OPENSSL
-+# if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
SSL_load_error_strings();
SSL_library_init();
-+# define TLS_server_method TLSv1_server_method
-+# endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
- if ((ssl_method = TLSv1_server_method()) == NULL) {
-+ if ((ssl_method = TLS_server_method()) == NULL) {
++ ssl_ctx = SSL_CTX_new(SSLv23_server_method());
++#else
++ ssl_ctx = SSL_CTX_new(TLS_server_method());
++#endif
++
++ if (!ssl_ctx) {
ssl_debug();
- fatalx(EXIT_FAILURE, "TLSv1_server_method failed");
-+ fatalx(EXIT_FAILURE, "TLS_server_method failed");
++ fatalx(EXIT_FAILURE, "SSL_CTX_new failed");
}
- if ((ssl_ctx = SSL_CTX_new(ssl_method)) == NULL) {
---
-2.16.1
-
+- if ((ssl_ctx = SSL_CTX_new(ssl_method)) == NULL) {
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++ /* set minimum protocol TLSv1 */
++ SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
++#else
++ if (SSL_CTX_set_min_proto_version(ssl_ctx, TLS1_VERSION) != 1) {
+ ssl_debug();
+- fatalx(EXIT_FAILURE, "SSL_CTX_new failed");
++ fatalx(EXIT_FAILURE, "SSL_CTX_set_min_proto_version(TLS1_VERSION)");
+ }
++#endif
+
+ if (SSL_CTX_use_certificate_chain_file(ssl_ctx, certfile) != 1) {
+ ssl_debug();
+++ /dev/null
-From 2ef929da38232af63ba53074ca97e95ae4faf912 Mon Sep 17 00:00:00 2001
-From: Arjen de Korte <build+lede@de-korte.org>
-Date: Tue, 28 Nov 2017 22:01:41 +0100
-Subject: [PATCH 2/2] Fix check for empty string
-
----
- clients/upssched.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/clients/upssched.c b/clients/upssched.c
-index 97b3ed42..3fdf118e 100644
---- a/clients/upssched.c
-+++ b/clients/upssched.c
-@@ -794,7 +794,7 @@ static void parse_at(const char *ntype, const char *un, const char *cmd,
- }
-
- if (!strcmp(cmd, "EXECUTE")) {
-- if (ca1 == '\0') {
-+ if (ca1[0] == '\0') {
- upslogx(LOG_ERR, "Empty EXECUTE command argument");
- return;
- }
---
-2.16.1
-
+++ /dev/null
---- a/m4/nut_check_libgd.m4
-+++ b/m4/nut_check_libgd.m4
-@@ -9,37 +9,27 @@ if test -z "${nut_have_libgd_seen}"; then
- nut_have_libgd_seen=yes
-
- CFLAGS_ORIG="${CFLAGS}"
-- LDFLAGS_ORIG="${LDFLAGS}"
- LIBS_ORIG="${LIBS}"
-
-- dnl Initial defaults. These are only used if gdlib-config is
-- dnl unusable and the user fails to pass better values in --with
-- dnl arguments
-- CFLAGS=""
-- LDFLAGS="-L/usr/X11R6/lib"
-- LIBS="-lgd -lpng -lz -ljpeg -lfreetype -lm -lXpm -lX11"
--
-- AC_MSG_CHECKING(for gd version via gdlib-config)
-- GD_VERSION=`gdlib-config --version 2>/dev/null`
-- if test "$?" != "0" -o -z "${GD_VERSION}"; then
-- GD_VERSION="none"
-+ AC_MSG_CHECKING(for gd version via pkg-config)
-+ GD_VERSION=`pkg-config --silence-errors --modversion gdlib 2>/dev/null`
-+ if test "$?" != "0" -a -n "${GD_VERSION}"; then
-+ CFLAGS"`pkg-config --silence-errors --cflags gdllib 2>/dev/null`"
-+ LIBS="`pkg-config --silence-errors --libs gdlib 2>/dev/null`"
-+ else
-+ AC_MSG_CHECKING(via gdlib-config)
-+ GD_VERSION="`gdlib-config --version 2>/dev/null`"
-+ if test "$?" = "0" -a -n "${GD_VERSION}"; then
-+ CFLAGS="`gdlib-config --cflags 2>/dev/null`"
-+ LIBS="`gdlib-config --libs 2>/dev/null`"
-+ else
-+ GD_VERSION="none"
-+ CFLAGS=""
-+ LIBS="-lgd"
-+ fi
- fi
- AC_MSG_RESULT(${GD_VERSION} found)
-
-- case "${GD_VERSION}" in
-- none)
-- ;;
-- 2.0.5 | 2.0.6 | 2.0.7)
-- AC_MSG_WARN([[gd ${GD_VERSION} detected, unable to use gdlib-config script]])
-- AC_MSG_WARN([[If gd detection fails, upgrade gd or use --with-gd-includes and --with-gd-libs]])
-- ;;
-- *)
-- CFLAGS="`gdlib-config --includes 2>/dev/null`"
-- LDFLAGS="`gdlib-config --ldflags 2>/dev/null`"
-- LIBS="`gdlib-config --libs 2>/dev/null`"
-- ;;
-- esac
--
- dnl Now allow overriding gd settings if the user knows best
- AC_MSG_CHECKING(for gd include flags)
- AC_ARG_WITH(gd-includes,
-@@ -70,7 +60,7 @@ if test -z "${nut_have_libgd_seen}"; then
- ;;
- esac
- ], [])
-- AC_MSG_RESULT([${LDFLAGS} ${LIBS}])
-+ AC_MSG_RESULT([${LIBS}])
-
- dnl check if gd is usable
- AC_CHECK_HEADERS(gd.h gdfontmb.h, [nut_have_libgd=yes], [nut_have_libgd=no], [AC_INCLUDES_DEFAULT])
-@@ -79,12 +69,11 @@ if test -z "${nut_have_libgd_seen}"; then
- if test "${nut_have_libgd}" = "yes"; then
- AC_DEFINE(HAVE_LIBGD, 1, [Define if you have Boutell's libgd installed])
- LIBGD_CFLAGS="${CFLAGS}"
-- LIBGD_LDFLAGS="${LDFLAGS} ${LIBS}"
-+ LIBGD_LDFLAGS="${LIBS}"
- fi
-
- dnl put back the original versions
- CFLAGS="${CFLAGS_ORIG}"
-- LDFLAGS="${LDFLAGS_ORIG}"
- LIBS="${LIBS_ORIG}"
- fi
- ])
include $(TOPDIR)/rules.mk
PKG_NAME:=openssh
-PKG_VERSION:=8.0p1
-PKG_RELEASE:=2
+PKG_VERSION:=8.1p1
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \
https://ftp.spline.de/pub/OpenBSD/OpenSSH/portable/ \
https://anorien.csc.warwick.ac.uk/pub/OpenBSD/OpenSSH/portable/
-PKG_HASH:=bd943879e69498e8031eb6b7f44d08cdc37d59a7ab689aa0b437320c3481fd68
+PKG_HASH:=02f5dbef3835d0753556f973cd57b4c19b6b1f6cd24c03445e23ac77ca1b93ff
PKG_LICENSE:=BSD ISC
PKG_LICENSE_FILES:=LICENCE
+++ /dev/null
-From 73eb6cef41daba0359c1888e4756108d41b4e819 Mon Sep 17 00:00:00 2001
-From: Darren Tucker <dtucker@dtucker.net>
-Date: Sun, 16 Jun 2019 12:55:27 +1000
-Subject: [PATCH] Include stdio.h for vsnprintf.
-
-Patch from mforney at mforney.org.
----
- openbsd-compat/setproctitle.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/openbsd-compat/setproctitle.c b/openbsd-compat/setproctitle.c
-index dbd1a95a0..e4064323a 100644
---- a/openbsd-compat/setproctitle.c
-+++ b/openbsd-compat/setproctitle.c
-@@ -36,6 +36,7 @@
- #ifndef HAVE_SETPROCTITLE
-
- #include <stdarg.h>
-+#include <stdio.h>
- #include <stdlib.h>
- #include <unistd.h>
- #ifdef HAVE_SYS_PSTAT_H
PKG_NAME:=opentracker
PKG_VERSION:=20180526
PKG_RELEASE:=1
-PKG_REV:=6411f1567f64248b0d145493c2e61004d2822623
-PKG_MIRROR_HASH:=bf4b0f16c38eb17ff5cc8e2a8d6d98f26b9de500fecd80436e9b0a75d0a2bde2
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://erdgeist.org/gitweb/opentracker
+PKG_SOURCE_VERSION:=6411f1567f64248b0d145493c2e61004d2822623
+PKG_MIRROR_HASH:=064ffaa69b188f4db5626d5ec57249d921c32dd244dd00bb49b31ad841e35018
+
PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
PKG_LICENSE:=Beerware
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_SOURCE_URL:=git://erdgeist.org/opentracker
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=$(PKG_REV)
-PKG_SOURCE_PROTO:=git
PKG_BUILD_DEPENDS:=libowfat
include $(INCLUDE_DIR)/package.mk
#
PKG_NAME:=openvswitch
PKG_VERSION:=2.12.0
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.openvswitch.org/releases/
PKG_HASH:=13fd42703180b4b1146c7e97926d09225485868cc2fbbd58dc0c421b4b8fe8f8
--enable-ndebug \
--enable-shared \
--disable-libcapng \
+ --disable-silent-rules \
CONFIGURE_VARS += \
ovs_cv_flake8=no \
--- /dev/null
+From 2dec526496a62c3aaf849f24ec1b5983a91827a9 Mon Sep 17 00:00:00 2001
+From: Greg Rose <gvrose8192@gmail.com>
+Date: Mon, 6 Jan 2020 13:36:34 -0800
+Subject: [PATCH] compat: Include confirm_neigh parameter if needed
+
+A change backported to the Linux 4.14.162 LTS kernel requires
+a boolean parameter. Check for the presence of the parameter
+and adjust the caller in that case.
+
+Passes check-kmod test with no regressions.
+
+Passes Travis build here:
+https://travis-ci.org/gvrose8192/ovs-experimental/builds/633461320
+
+Signed-off-by: Greg Rose <gvrose8192@gmail.com>
+Signed-off-by: Simon Horman <simon.horman@netronome.com>
+Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
+(fix acinclude.m4 patch conflict)
+---
+ acinclude.m4 | 2 ++
+ datapath/linux/compat/ip6_gre.c | 4 ++++
+ datapath/linux/compat/ip_tunnel.c | 5 +++++
+ 3 files changed, 11 insertions(+)
+
+diff --git a/acinclude.m4 b/acinclude.m4
+index a581e1ef2..ec1f027e9 100644
+--- a/acinclude.m4
++++ b/acinclude.m4
+@@ -1005,6 +1005,8 @@ AC_DEFUN([OVS_CHECK_LINUX_COMPAT], [
+ [OVS_DEFINE([HAVE_GRE_CALC_HLEN])])
+ OVS_GREP_IFELSE([$KSRC/include/net/gre.h], [ip_gre_calc_hlen],
+ [OVS_DEFINE([HAVE_IP_GRE_CALC_HLEN])])
++ OVS_GREP_IFELSE([$KSRC/include/net/dst_ops.h], [bool confirm_neigh],
++ [OVS_DEFINE([HAVE_DST_OPS_CONFIRM_NEIGH])])
+
+ if cmp -s datapath/linux/kcompat.h.new \
+ datapath/linux/kcompat.h >/dev/null 2>&1; then
+diff --git a/datapath/linux/compat/ip6_gre.c b/datapath/linux/compat/ip6_gre.c
+index afff817ec..7fd345309 100644
+--- a/datapath/linux/compat/ip6_gre.c
++++ b/datapath/linux/compat/ip6_gre.c
+@@ -1089,7 +1089,11 @@ static netdev_tx_t ip6erspan_tunnel_xmit(struct sk_buff *skb,
+
+ /* TooBig packet may have updated dst->dev's mtu */
+ if (!t->parms.collect_md && dst && dst_mtu(dst) > dst->dev->mtu)
++#ifndef HAVE_DST_OPS_CONFIRM_NEIGH
+ dst->ops->update_pmtu(dst, NULL, skb, dst->dev->mtu);
++#else
++ dst->ops->update_pmtu(dst, NULL, skb, dst->dev->mtu, false);
++#endif
+
+ err = ip6_tnl_xmit(skb, dev, dsfield, &fl6, encap_limit, &mtu,
+ NEXTHDR_GRE);
+diff --git a/datapath/linux/compat/ip_tunnel.c b/datapath/linux/compat/ip_tunnel.c
+index 7dd57fee9..e7a039358 100644
+--- a/datapath/linux/compat/ip_tunnel.c
++++ b/datapath/linux/compat/ip_tunnel.c
+@@ -267,7 +267,12 @@ static int rpl_tnl_update_pmtu(struct net_device *dev, struct sk_buff *skb,
+ mtu = skb_valid_dst(skb) ? dst_mtu(skb_dst(skb)) : dev->mtu;
+
+ if (skb_valid_dst(skb))
++#ifndef HAVE_DST_OPS_CONFIRM_NEIGH
+ skb_dst(skb)->ops->update_pmtu(skb_dst(skb), NULL, skb, mtu);
++#else
++ skb_dst(skb)->ops->update_pmtu(skb_dst(skb),
++ NULL, skb, mtu, false);
++#endif
+
+ if (skb->protocol == htons(ETH_P_IP)) {
+ if (!skb_is_gso(skb) &&
include $(TOPDIR)/rules.mk
PKG_NAME:=pagekitec
-PKG_REV:=0.91.171102
+PKG_REV:=0.91.191211
PKG_VERSION:=$(PKG_REV)C
-PKG_RELEASE:=2
+PKG_RELEASE:=1
PKG_LICENSE:=Apache-2.0
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_MIRROR_HASH:=9e04b979cff827974ec9e9708daf116867bf1268cdad7dff4ad585172123f6b5
+PKG_MIRROR_HASH:=2f560ae679775758b1b5e5f69cd4d82afa28339ee8ab6ee9e4af11daa6f8be77
PKG_SOURCE_URL:=https://github.com/pagekite/libpagekite.git
PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=v$(PKG_REV)
include $(TOPDIR)/rules.mk
PKG_NAME:=pdns-recursor
-PKG_VERSION:=4.2.0
+PKG_VERSION:=4.2.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://downloads.powerdns.com/releases/
-PKG_HASH:=f03c72c1816fdcc645cc539d8c16721d2ec294feac9b5179e78c3db311b7c2c2
+PKG_HASH:=8d8c3235cc5281f0fc51946129f22758778f4c50bfda095d5856feb4c756891f
PKG_MAINTAINER:=James Taylor <james@jtaylor.id.au>
PKG_LICENCE:=GPL-2.0-only
SUBMENU:=IP Addresses and Names
USERID:=pdns:pdns
TITLE:=PowerDNS Recursor
- DEPENDS:=+boost +boost-context +boost-thread +libatomic +liblua +libopenssl +protobuf
+ DEPENDS:=+boost +boost-context +libatomic +liblua +libopenssl +protobuf
URL:=https://www.powerdns.com/recursor.html
endef
#################################
# version-string string reported on version.pdns or version.bind
#
-# version-string=PowerDNS Recursor 4.2.0 (built May 18 2019 15:59:49 by jamestk@zanzabar.cybase.for-no-reason.net)
+# version-string=PowerDNS Recursor 4.2.1
#################################
# webserver Start a webserver (for REST API)
--- /dev/null
+--- a/m4/boost.m4
++++ b/m4/boost.m4
+@@ -667,12 +667,15 @@
+ BOOST_DEFUN([Context],
+ [boost_context_save_LIBS=$LIBS
+ boost_context_save_LDFLAGS=$LDFLAGS
+-if test $boost_major_version -ge 157; then
+- BOOST_THREAD([$1], [$2])
+- m4_pattern_allow([^BOOST_THREAD_(LIBS|LDFLAGS)$])dnl
+- LIBS="$LIBS $BOOST_THREAD_LIBS"
+- LDFLAGS="$LDFLAGS $BOOST_THREAD_LDFLAGS"
+-fi
++# This check is flawed and doesn't actually verify if BOOST::THREAD
++# is required on the system, producing only false positives on the
++# platforms supported by OpenWRT.
++#if test $boost_major_version -ge 157; then
++# BOOST_THREAD([$1], [$2])
++# m4_pattern_allow([^BOOST_THREAD_(LIBS|LDFLAGS)$])dnl
++# LIBS="$LIBS $BOOST_THREAD_LIBS"
++# LDFLAGS="$LDFLAGS $BOOST_THREAD_LDFLAGS"
++#fi
+
+ if test $boost_major_version -ge 161; then
+ BOOST_FIND_LIB([context], [$1],
include $(TOPDIR)/rules.mk
PKG_NAME:=pdns
-PKG_VERSION:=4.2.0
-PKG_RELEASE:=2
+PKG_VERSION:=4.2.1
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://downloads.powerdns.com/releases/
-PKG_HASH:=222007f25e25aad71ac7d8b7f1797a4bcb30781e456d74ed00396e53828a903a
+PKG_HASH:=f65019986b8fcbb1c6fffebcded04b2b397b84395830f4c63e8d119bcfa1aa28
PKG_MAINTAINER:=James Taylor <james@jtaylor.id.au>
PKG_LICENCE:=GPL-2.0-only
PKG_BUILD_PARALLEL:=1
-PKG_BUILD_DEPENDS:=unixodbc/host
+PKG_BUILD_DEPENDS:=unixodbc/host protobuf-c/host
include $(INCLUDE_DIR)/package.mk
# 2: dependencies on other PowerDNS libraries (short name)
# 3: dependencies on other packages
# 4: conditional/inward dependencies
+# 5: friendly display name
define DefinePdnsBackend
PDNS_DEPENDS+= +pdns-backend-$(1)
PKG_CONFIG_DEPENDS+= CONFIG_PACKAGE_pdns-backend$(1)
define Package/pdns-backend-$(1)
$(call Package/pdns/Default)
TITLE+= ($(1))
- DEPENDS+= pdns $$(foreach backend,$(2),+pdns-backend-$$(backend)) $(3)
+ DEPENDS+= pdns $$(foreach backend,$(2),+pdns-backend-$$(backend)) \
+ $$(foreach dependency,$(3),+$$(dependency))
HIDDEN:=1
endef
define Package/pdns/Default/install
$(INSTALL_DIR) $(1)/usr/lib/powerdns/pdns
$(CP) $(PKG_INSTALL_DIR)/usr/lib/powerdns/pdns/lib$(PDNS_BACKEND_$(2)_LIB)backend.so $(1)/usr/lib/powerdns/pdns/
+ if [ "$(PDNS_BACKEND_$(2)_LIB)" == "ldap" ]; then \
+ $(INSTALL_DIR) $(1)/usr/bin; \
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/zone2ldap $(1)/usr/bin/; \
+ fi
endef
define Package/pdns-ixfrdist/install
define Package/pdns-tools/install
$(INSTALL_DIR) $(1)/usr/bin
- $(CP) $(PKG_INSTALL_DIR)/usr/bin/zone2ldap $(1)/usr/bin/
$(CP) $(PKG_INSTALL_DIR)/usr/bin/dnsgram $(1)/usr/bin/
$(CP) $(PKG_INSTALL_DIR)/usr/bin/dnsreplay $(1)/usr/bin/
$(CP) $(PKG_INSTALL_DIR)/usr/bin/dnsscan $(1)/usr/bin/
#
# api-key=
+#################################
+# axfr-fetch-timeout Maximum time in seconds for inbound AXFR to start or be idle after starting
+#
+# axfr-fetch-timeout=10
+
#################################
# axfr-lower-serial Also AXFR a zone from a master with a lower serial
#
include $(TOPDIR)/rules.mk
PKG_NAME:=pingcheck
-PKG_VERSION:=2017-10-02
-PKG_RELEASE:=2
+PKG_VERSION:=2019-10-08
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_MIRROR_HASH:=8c8d1743b8972ade6c75027346fc652f7a1c0f17e2f9bd2e65aad20013d9870e
+PKG_MIRROR_HASH:=0bf82809ce36106825d1a757c4624efcbab1829c1a9bf9e1e055e75ebf83403d
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE_URL:=https://github.com/br101/pingcheck
PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=12e65e2f3fd2a17db785d28756df43ccade29b1b
+PKG_SOURCE_VERSION:=7223f1b10697735d34f297ca2520495337666df6
PKG_MAINTAINER:=Bruno Randolf <br1@einfach.org>
PKG_LICENSE:=GPL-2.0-or-later
include $(TOPDIR)/rules.mk
PKG_NAME:=prosody
-PKG_VERSION:=0.11.2
-PKG_RELEASE:=3
+PKG_VERSION:=0.11.3
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://prosody.im/downloads/source
-PKG_HASH:=8911f6dc29b9e0c4edf9e61dc23fa22d77bc42c4caf28b809ab843b2f08e4831
+PKG_HASH:=cfdabd6f42a9fc5db300221967c518c26bd4b6e62def721c1626894d6325bf87
+
PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>
PKG_LICENSE:=MIT/X11
-PKG_BUILD_DEPENDS:=lua/host
PKG_CPE_ID:=cpe:/a:prosody:prosody
-HOST_BUILD_DEPENDS:=$(PKG_BUILD_DEPENDS)
PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
+PKG_BUILD_DEPENDS:=lua/host
include $(INCLUDE_DIR)/package.mk
/etc/prosody/prosody.cfg.lua
endef
-TARGET_CFLAGS += $(FPIC) -std=gnu99
+TARGET_CFLAGS += $(FPIC)
TARGET_LDFLAGS += -shared
MAKE_FLAGS += LD="$(TARGET_CC)"
define Package/radicale2/description
$(call Package/radicale2-meta/description)
-.
+
This package contains the python files.
+
+Note that md5 encryption of passwords requires passlib, and
+bcrypt encryption requires passlib + bcrypt. These are not
+added as hard dependencies as users may be running radicale2
+with a web server doing the authentication instead of radicale2.
+
endef
define Package/radicale2-examples/description
--- /dev/null
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=restic-rest-server
+PKG_VERSION:=0.9.7
+PKG_RELEASE:=1
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/rest-server-$(PKG_VERSION)
+PKG_SOURCE:=rest-server-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://codeload.github.com/restic/rest-server/tar.gz/v${PKG_VERSION}?
+PKG_HASH:=922811cfc49879f7086fe559d25ec1bb4169b2c4a5df3559b499e6292f435661
+
+PKG_LICENSE:=BSD-2-Clause
+PKG_LICENSE_FILES:=LICENSE
+PKG_MAINTAINER:=Markus Weippert <markus@gekmihesg.de>
+
+PKG_BUILD_DEPENDS:=golang/host
+PKG_BUILD_PARALLEL:=1
+PKG_USE_MIPS16:=0
+
+GO_PKG:=github.com/restic/rest-server/
+GO_PKG_BUILD_PKG:=github.com/restic/rest-server/cmd/rest-server/
+GO_PKG_LDFLAGS:=-s -w
+GO_PKG_LDFLAGS_X:=main.version=$(PKG_VERSION)
+
+include $(INCLUDE_DIR)/package.mk
+include ../../lang/golang/golang-package.mk
+
+define Package/restic-rest-server
+ TITLE:=restic REST server
+ URL:=http://github.com/restic/rest-server
+ DEPENDS:=$(GO_ARCH_DEPENDS)
+ SECTION:=net
+ CATEGORY:=Network
+endef
+
+define Package/restic-rest-server/description
+Rest Server is a high performance HTTP server that implements restic's REST backend
+API. It provides secure and efficient way to backup data remotely, using restic
+backup client via the rest: URL.
+endef
+
+define Package/restic-rest-server/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(GO_PKG_BUILD_BIN_DIR)/rest-server $(1)/usr/bin/restic-rest-server
+ $(CP) ./files/* $(1)/
+endef
+
+$(eval $(call GoBinPackage,restic-rest-server))
+$(eval $(call BuildPackage,restic-rest-server))
--- /dev/null
+config rest-server
+ option enabled '0'
+ option path '/mnt/backup' # data directory (default "/tmp/restic")
+ #option append-only '1' # enable append only mode
+ #option cpuprofile '/mnt/backup/cpuprofile' # write CPU profile to file
+ #option debug '1' # output debug messages
+ #option listen ':8000' # listen address (default ":8000")
+ #option log '/mnt/backup/http.log' # log HTTP requests in the combined log format
+ #option private-repos '1' # users can only access their private repo
+ #option prometheus '1' # enable Prometheus metrics
+ #option tls '1' # turn on TLS support
+ #option tls-cert '/mnt/backup/public_key' # TLS certificate path
+ #option tls-key '/mnt/backup/private_key' # TLS key path
--- /dev/null
+#!/bin/sh /etc/rc.common
+
+START=99
+USE_PROCD=1
+
+PROG=/usr/bin/restic-rest-server
+
+start_instance() {
+ local cfg="$1"
+ local var
+ local val
+
+ config_get_bool val "$cfg" 'enabled' '0'
+ [ "$val" = 0 ] && return 1
+
+ procd_open_instance "$cfg"
+ procd_set_param command "$PROG"
+ for var in append_only debug private_repos prometheus tls; do
+ config_get_bool val "$cfg" "$var" 0
+ [ "$val" = 0 ] || procd_append_param command "--${var//_/-}"
+ done
+ for var in cpuprofile listen log path tls_cert tls_key; do
+ config_get val "$cfg" "$var"
+ [ -z "$val" ] || procd_append_param command "--${var//_/-}" "$val"
+ done
+ procd_set_param stdout 1
+ procd_set_param stderr 1
+ procd_set_param respawn
+ procd_close_instance
+}
+
+
+service_triggers() {
+ procd_add_reload_trigger restic-rest-server
+}
+
+start_service() {
+ config_load restic-rest-server
+ config_foreach start_instance rest-server
+}
include $(TOPDIR)/rules.mk
PKG_NAME:=safe-search
-PKG_VERSION:=1.0.1
+PKG_VERSION:=1.0.2
PKG_RELEASE:=1
PKG_LICENSE:=MIT
PKG_MAINTAINER:=Gregory L. Dietsche <Gregory.Dietsche@cuw.edu>
# IMPORTANT: if this file is not working, make sure that dnsmasq is able to READ it!
#
# Google Safe Search Host List
-# Generated on Wed Oct 10 10:18:34 CDT 2018
+# Generated on Sat Dec 7 10:21:21 CST 2019
# From: https://www.google.com/supported_domains
#2001:4860:4802:32::78 forcesafesearch.google.com
2001:4860:4802:32::78 google.com.gi
2001:4860:4802:32::78 google.gl
2001:4860:4802:32::78 google.gm
-2001:4860:4802:32::78 google.gp
2001:4860:4802:32::78 google.gr
2001:4860:4802:32::78 google.com.gt
2001:4860:4802:32::78 google.gy
2001:4860:4802:32::78 google.com.my
2001:4860:4802:32::78 google.co.mz
2001:4860:4802:32::78 google.com.na
-2001:4860:4802:32::78 google.com.nf
2001:4860:4802:32::78 google.com.ng
2001:4860:4802:32::78 google.com.ni
2001:4860:4802:32::78 google.ne
2001:4860:4802:32::78 google.tg
2001:4860:4802:32::78 google.co.th
2001:4860:4802:32::78 google.com.tj
-2001:4860:4802:32::78 google.tk
2001:4860:4802:32::78 google.tl
2001:4860:4802:32::78 google.tm
2001:4860:4802:32::78 google.tn
2001:4860:4802:32::78 www.google.com.gi
2001:4860:4802:32::78 www.google.gl
2001:4860:4802:32::78 www.google.gm
-2001:4860:4802:32::78 www.google.gp
2001:4860:4802:32::78 www.google.gr
2001:4860:4802:32::78 www.google.com.gt
2001:4860:4802:32::78 www.google.gy
2001:4860:4802:32::78 www.google.com.my
2001:4860:4802:32::78 www.google.co.mz
2001:4860:4802:32::78 www.google.com.na
-2001:4860:4802:32::78 www.google.com.nf
2001:4860:4802:32::78 www.google.com.ng
2001:4860:4802:32::78 www.google.com.ni
2001:4860:4802:32::78 www.google.ne
2001:4860:4802:32::78 www.google.tg
2001:4860:4802:32::78 www.google.co.th
2001:4860:4802:32::78 www.google.com.tj
-2001:4860:4802:32::78 www.google.tk
2001:4860:4802:32::78 www.google.tl
2001:4860:4802:32::78 www.google.tm
2001:4860:4802:32::78 www.google.tn
216.239.38.120 google.com.gi
216.239.38.120 google.gl
216.239.38.120 google.gm
-216.239.38.120 google.gp
216.239.38.120 google.gr
216.239.38.120 google.com.gt
216.239.38.120 google.gy
216.239.38.120 google.com.my
216.239.38.120 google.co.mz
216.239.38.120 google.com.na
-216.239.38.120 google.com.nf
216.239.38.120 google.com.ng
216.239.38.120 google.com.ni
216.239.38.120 google.ne
216.239.38.120 google.tg
216.239.38.120 google.co.th
216.239.38.120 google.com.tj
-216.239.38.120 google.tk
216.239.38.120 google.tl
216.239.38.120 google.tm
216.239.38.120 google.tn
216.239.38.120 www.google.com.gi
216.239.38.120 www.google.gl
216.239.38.120 www.google.gm
-216.239.38.120 www.google.gp
216.239.38.120 www.google.gr
216.239.38.120 www.google.com.gt
216.239.38.120 www.google.gy
216.239.38.120 www.google.com.my
216.239.38.120 www.google.co.mz
216.239.38.120 www.google.com.na
-216.239.38.120 www.google.com.nf
216.239.38.120 www.google.com.ng
216.239.38.120 www.google.com.ni
216.239.38.120 www.google.ne
216.239.38.120 www.google.tg
216.239.38.120 www.google.co.th
216.239.38.120 www.google.com.tj
-216.239.38.120 www.google.tk
216.239.38.120 www.google.tl
216.239.38.120 www.google.tm
216.239.38.120 www.google.tn
-config SAMBA4_SERVER_ACL
- bool "ACL support (xattr)"
- depends on PACKAGE_samba4-server
- help
- installs: sharesec
- modules: vfs_acl_xattr vfs_acl_tdb vfs_posixacl
-
- Extended access control list support
- default n
-
-config SAMBA4_SERVER_AD_DC
- bool "Active Directory Domain Controller support (requires krb5-server) (EXPERIMENTAL)"
+config SAMBA4_SERVER_NETBIOS
+ bool "NetBIOS support"
depends on PACKAGE_samba4-server
- select PACKAGE_python-crypto
help
- installs: samba (meta-daemon) python-crypto ntlm_auth
- scripts: samba-tool
+ installs: nmbd (daemon)
- Run as a Active Directory Domain Controller
- see: https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller
- HINT: see section (# Using the Domain Controller as a File Server)
- NOTE: Extroot is recommend for this setup, as it is not optimized to run completely from RAM/tempfs!
- default n
+ Announce Samba resources via NetBIOS using the nmbd daemon
+ WSD (Web Services for Devices) replaces the functionality of NetBIOS and is provided by the wsdd2 package (selected by default).
+ Note: As of Windows 10 Fall Creators Update (1709) NetBIOS isn't supported unless the old SMB1 feature is reinstalled (not recommended).
+ Network shares can be directly accessed via network paths '\\hostname\sharename' and mounted via 'map network drive' without NetBIOS or WSD.
+ default y
config SAMBA4_SERVER_AVAHI
bool "Avahi support"
depends on PACKAGE_samba4-server
help
installs:
- modules: (vfs_btrfs) vfs_fruit vfs_shadow_copy2 vfs_recycle vfs_fake_perms vfs_readonly vfs_cap vfs_offline vfs_crossrename vfs_catia vfs_streams_xattr
+ modules: (vfs_btrfs) vfs_fruit vfs_shadow_copy2 vfs_recycle vfs_fake_perms vfs_readonly vfs_cap vfs_offline vfs_crossrename vfs_catia vfs_streams_xattr vfs_default_quota
Commonly used VFS modules, vfs_btrfs requires kmod-fs-btrfs to be selected separately
- default y
-
-config SAMBA4_SERVER_QUOTAS
- bool "Disk quota support"
- depends on PACKAGE_samba4-server
- help
- installs:
- modules: vfs_default_quota
-
- Support for disk quotas using the quotas VFS module (vfs_default_quota)
- default n
+ default y
config SAMBA4_SERVER_VFSX
bool "Extended VFS modules"
Additional VFS modules that aren't commonly used, vfs_linux_xfs_sgid requires kmod-fs-xfs to be selected separately
default n
-config SAMBA4_SERVER_NETBIOS
- bool "NetBIOS support"
- depends on PACKAGE_samba4-server
- help
- installs: nmbd (daemon)
-
- Announce Samba resources via NetBIOS using the nmbd daemon
- WSD (Web Services for Devices) replaces the functionality of NetBIOS and is provided by the wsdd2 package (selected by default).
- Note: As of Windows 10 Fall Creators Update (1709) NetBIOS isn't supported unless the old SMB1 feature is reinstalled (not recommended).
- Network shares can be directly accessed via network paths '\\hostname\sharename' and mounted via 'map network drive' without NetBIOS or WSD.
- default y
-
-config SAMBA4_SERVER_WINBIND
- bool "Winbind support"
+config SAMBA4_SERVER_AD_DC
+ bool "Active Directory Domain Controller support (EXPERIMENTAL)"
depends on PACKAGE_samba4-server
+ select SAMBA4_SERVER_VFS
help
- installs: winbindd (daemon) wbinfo
+ installs: samba (meta-daemon) PyCryptodome ntlm_auth
+ scripts: samba-tool
- Support using domain users and groups in local commands, such as chown and chgrp.
- Display domain users and groups in local command's output, such as ls.
- see: https://wiki.samba.org/index.php/Configuring_Winbindd_on_a_Samba_AD_DC
+ Run as a Active Directory Domain Controller
+ see: https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller
+ HINT: see section (# Using the Domain Controller as a File Server)
+ NOTE: Extroot is recommend for this setup, as it is not optimized to run completely from RAM/tempfs!
default n
include $(TOPDIR)/rules.mk
PKG_NAME:=samba
-PKG_VERSION:=4.9.15
+PKG_VERSION:=4.11.4
PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
http://www.nic.funet.fi/index/samba/pub/samba/stable/ \
http://samba.mirror.bit.nl/samba/ftp/stable/ \
https://download.samba.org/pub/samba/stable/
-PKG_HASH:=377102b80b97941bf0d131b828cae8415190e5bdd2928c2e2c954e29f1904496
+PKG_HASH:=b95471ba450757109dce65acfe75dafc719c5cc5d464fc65ee442433a461db24
PKG_MAINTAINER:=Andy Walsh <andy.walsh44+github@gmail.com>
PKG_LICENSE:=GPL-3.0-only
PKG_LICENSE_FILES:=COPYING
PKG_CPE_ID:=cpe:/a:samba:samba
-# samba4=(asn1_compile) e2fsprogs=(compile_et) nfs-kernel-server=(rpcgen)
-HOST_BUILD_DEPENDS:=python/host nfs-kernel-server/host e2fsprogs/host
-PKG_BUILD_DEPENDS:=samba4/host
+# samba4=(asn1_compile,compile_et) rpcsvc-proto=(rpcgen)
+HOST_BUILD_DEPENDS:=python3/host perl/host
+PKG_BUILD_DEPENDS:=samba4/host libtasn1/host rpcsvc-proto/host
PKG_CONFIG_DEPENDS:= \
CONFIG_SAMBA4_SERVER_NETBIOS \
CONFIG_SAMBA4_SERVER_AVAHI \
CONFIG_SAMBA4_SERVER_VFS \
CONFIG_SAMBA4_SERVER_VFSX \
- CONFIG_SAMBA4_SERVER_QUOTAS \
- CONFIG_SAMBA4_SERVER_ACL \
CONFIG_SAMBA4_SERVER_AD_DC \
- CONFIG_SAMBA4_SERVER_WINBIND \
CONFIG_PACKAGE_kmod-fs-btrfs \
CONFIG_PACKAGE_kmod-fs-xfs
include $(INCLUDE_DIR)/host-build.mk
include $(INCLUDE_DIR)/kernel.mk
include $(INCLUDE_DIR)/version.mk
+include $(TOPDIR)/feeds/packages/lang/python/python3-host.mk
+#include $(TOPDIR)/feeds/packages/lang/python/python-package.mk
+include $(TOPDIR)/feeds/packages/lang/python/python3-package.mk
define Package/samba4/Default
SECTION:=net
define Package/samba4-libs
$(call Package/samba4/Default)
TITLE+= libs
- DEPENDS:= +zlib +libtirpc +libpopt +libcomerr +libreadline \
- +PACKAGE_libcap:libcap +PACKAGE_libpthread:libpthread +PACKAGE_libnettle:libnettle \
- +PACKAGE_libgcrypt:libgcrypt +PACKAGE_libpam:libpam +PACKAGE_dbus:dbus +PACKAGE_libavahi-client:libavahi-client \
+ DEPENDS:= +libtirpc +libreadline +libpopt +libcap +zlib +libgnutls +libtasn1 +libuuid +libopenssl +USE_GLIBC:libpthread \
+ +PACKAGE_libpam:libpam \
+SAMBA4_SERVER_VFS:attr \
- +SAMBA4_SERVER_ACL:acl +SAMBA4_SERVER_ACL:attr \
+ +SAMBA4_SERVER_VFSX:libaio \
+SAMBA4_SERVER_AVAHI:libavahi-client \
- +SAMBA4_SERVER_AD_DC:python-base +SAMBA4_SERVER_AD_DC:python-crypto +SAMBA4_SERVER_AD_DC:libopenssl +SAMBA4_SERVER_AD_DC:libgnutls +SAMBA4_SERVER_AD_DC:libopenldap +SAMBA4_SERVER_AD_DC:jansson +SAMBA4_SERVER_AD_DC:libarchive
+ +SAMBA4_SERVER_AD_DC:python3-cryptodome +SAMBA4_SERVER_AD_DC:libopenldap +SAMBA4_SERVER_AD_DC:jansson +SAMBA4_SERVER_AD_DC:libarchive +SAMBA4_SERVER_AD_DC:acl +SAMBA4_SERVER_AD_DC:attr
endef
define Package/samba4-server
$(call Package/samba4/Default)
TITLE+= server
DEPENDS:= +samba4-libs
+ CONFLICTS:=samba36-server
endef
define Package/samba4-server/description
- installs: smbd, nmbd (daemon) smbpasswd pdbedit testparm
+ installs: smbd (nmbd) smbpasswd pdbedit testparm (nmblookup) (smbcacls sharesec)
+ (samba samba-tool ntlm_auth samba-gpupdate samba_dnsupdate samba_kcc samba_spnupdate samba_upgradedns samba_downgrade_db)
This provides the basic fileserver service and is the minimum needed to serve file shares.
HINT: https://fitzcarraldoblog.wordpress.com/2016/10/17/a-correct-method-of-configuring-samba-for-browsing-smb-shares-in-a-home-network/
endef
-# BUG: We cant add DEPENDS:= +SAMBA4_SERVER_AD_DC:python-crypto, so this only happens here via select!
define Package/samba4-server/config
select PACKAGE_wsdd2
source "$(SOURCE)/Config.in"
endef
define Package/samba4-client/description
- installs: smbclient cifsdd
+ installs: cifsdd smbclient smbget
The smbclient program implements a simple ftp-like client for accessing SMB shares
endef
endef
define Package/samba4-admin/description
- installs: net smbcontrol profiles rpcclient smbcacls smbcquotas
+ installs: net smbcontrol profiles rpcclient dbwrap_tool eventlogadm
+ ldbadd ldbdel ldbedit ldbmodify ldbrename ldbsearch
+ tdbbackup tdbdump tdbrestore tdbtool
Administration tools collection
endef
endef
define Package/samba4-utils/description
- installs: smbstatus smbtree smbget nmblookup mvxattr
+ installs: smbstatus smbtree mvxattr smbtar smbcquotas
Utilities collection
endef
-TARGET_CFLAGS += -ffunction-sections -fdata-sections
-TARGET_LDFLAGS += -Wl,--gc-sections
+TARGET_CFLAGS += $(FPIC) -ffunction-sections -fdata-sections -I$(STAGING_DIR)/usr/include/tirpc
+TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed
+# dont mess with sambas private rpath!
+RSTRIP:=:
CONFIGURE_VARS += \
CPP="$(TARGET_CROSS)cpp"
--disable-cephfs \
--disable-fault-handling \
--disable-glusterfs \
- --disable-rpath \
- --disable-rpath-install \
- --disable-rpath-private-install \
--enable-fhs \
--without-automount \
--without-iconv \
--without-gpgme
HOST_CONFIGURE_ARGS += --disable-avahi --without-quotas --without-acl-support --without-winbind \
- --without-ad-dc --without-json-audit --without-libarchive --disable-python --nopyc --nopyo \
- --disable-gnutls --without-dnsupdate --without-ads --without-ldap
+ --without-ad-dc --without-json --without-libarchive --disable-python --nopyc --nopyo \
+ --without-dnsupdate --without-ads --without-ldap --without-ldb-lmdb
HOST_CONFIGURE_VARS += python_LDFLAGS="" python_LIBDIR=""
# Optional AES-NI support - https://lists.samba.org/archive/samba-technical/2017-September/122738.html
--with-piddir=/var/run \
--with-privatedir=/etc/samba
-ifeq ($(CONFIG_SAMBA4_SERVER_AVAHI),y)
- CONFIGURE_ARGS += --enable-avahi
-else
- CONFIGURE_ARGS += --disable-avahi
-endif
-ifeq ($(CONFIG_SAMBA4_SERVER_QUOTAS),y)
+# features
+ifeq ($(CONFIG_SAMBA4_SERVER_VFS),y)
CONFIGURE_ARGS += --with-quotas
else
CONFIGURE_ARGS += --without-quotas
endif
-ifeq ($(CONFIG_SAMBA4_SERVER_ACL),y)
- CONFIGURE_ARGS += --with-acl-support
+ifeq ($(CONFIG_SAMBA4_SERVER_AVAHI),y)
+ CONFIGURE_ARGS += --enable-avahi
else
- CONFIGURE_ARGS += --without-acl-support
+ CONFIGURE_ARGS += --disable-avahi
endif
+
+# NOTE: We need host python-bin, but target python-config here!
+CONFIGURE_VARS += python_LDFLAGS="" python_LIBDIR=""
ifeq ($(CONFIG_SAMBA4_SERVER_AD_DC),y)
- CONFIGURE_ARGS += --enable-gnutls --with-dnsupdate --with-ads --with-ldap
- TARGET_CFLAGS := -I$(STAGING_DIR)/usr/include/python2.7 $(TARGET_CFLAGS)
-else
- CONFIGURE_ARGS += --without-ad-dc --without-json-audit --without-libarchive --disable-python --nopyc --nopyo \
- --disable-gnutls --without-dnsupdate --without-ads --without-ldap
+ CONFIGURE_ARGS += --without-winbind --without-ldb-lmdb --with-acl-support
CONFIGURE_VARS += \
- python_LDFLAGS="" \
- python_LIBDIR=""
-endif
-ifeq ($(CONFIG_SAMBA4_SERVER_WINBIND),y)
- CONFIGURE_ARGS += --with-winbind
+ PYTHON="$(HOST_PYTHON3_BIN)" \
+ PYTHON_CONFIG="$(STAGING_DIR)/host/bin/$(PYTHON3)-config"
else
- CONFIGURE_ARGS += --without-winbind
+ CONFIGURE_ARGS += --without-winbind --without-ads --without-ldap --without-ldb-lmdb --without-ad-dc \
+ --without-json --without-libarchive --disable-python --nopyc --nopyo --without-dnsupdate --without-acl-support
endif
-SAMBA4_IDMAP_MODULES :=
-SAMBA4_IDMAP_MODULES_SHARED :=
SAMBA4_PDB_MODULES :=pdb_smbpasswd,pdb_tdbsam,
SAMBA4_AUTH_MODULES :=auth_builtin,auth_sam,auth_unix,auth_script,
SAMBA4_VFS_MODULES :=vfs_default,
SAMBA4_VFS_MODULES_SHARED :=
ifeq ($(CONFIG_SAMBA4_SERVER_VFS),y)
- SAMBA4_VFS_MODULES_SHARED :=$(SAMBA4_VFS_MODULES_SHARED)vfs_fruit,vfs_shadow_copy2,vfs_recycle,vfs_fake_perms,vfs_readonly,vfs_cap,vfs_offline,vfs_crossrename,vfs_catia,vfs_streams_xattr,vfs_xattr_tdb,
+ SAMBA4_VFS_MODULES_SHARED :=$(SAMBA4_VFS_MODULES_SHARED)vfs_fruit,vfs_shadow_copy2,vfs_recycle,vfs_fake_perms,vfs_readonly,vfs_cap,vfs_offline,vfs_crossrename,vfs_catia,vfs_streams_xattr,vfs_xattr_tdb,vfs_default_quota,
ifeq ($(CONFIG_PACKAGE_kmod-fs-btrfs),y)
SAMBA4_VFS_MODULES_SHARED :=$(SAMBA4_VFS_MODULES_SHARED)vfs_btrfs,
endif
SAMBA4_VFS_MODULES_SHARED :=$(SAMBA4_VFS_MODULES_SHARED)vfs_linux_xfs_sgid,
endif
endif
-ifeq ($(CONFIG_SAMBA4_SERVER_QUOTAS),y)
- SAMBA4_VFS_MODULES_SHARED :=$(SAMBA4_VFS_MODULES_SHARED)vfs_default_quota,
-endif
-ifeq ($(CONFIG_SAMBA4_SERVER_ACL),y)
- SAMBA4_VFS_MODULES :=$(SAMBA4_VFS_MODULES)vfs_posixacl,
- SAMBA4_VFS_MODULES_SHARED :=$(SAMBA4_VFS_MODULES_SHARED)vfs_acl_xattr,vfs_acl_tdb,
- # vfs_zfsacl needs https://github.com/zfsonlinux/zfs/tree/master/include/sys/zfs_acl.h
- # vfs_nfs4acl_xattr needs https://github.com/notriddle/libdrpc/blob/master/rpc/xdr.h
-endif
ifeq ($(CONFIG_SAMBA4_SERVER_AD_DC),y)
SAMBA4_PDB_MODULES :=$(SAMBA4_PDB_MODULES)pdb_samba_dsdb,pdb_ldapsam,
SAMBA4_AUTH_MODULES :=$(SAMBA4_AUTH_MODULES)auth_samba4,
- SAMBA4_VFS_MODULES_SHARED :=$(SAMBA4_VFS_MODULES_SHARED)vfs_audit,vfs_extd_audit,vfs_full_audit,
-endif
-ifeq ($(CONFIG_SAMBA4_SERVER_WINBIND),y)
- SAMBA4_IDMAP_MODULES :=$(SAMBA4_IDMAP_MODULES)idmap_tdb,idmap_passdb,idmap_nss,nss_info_template,
- SAMBA4_IDMAP_MODULES_SHARED :=$(SAMBA4_IDMAP_MODULES_SHARED)idmap_autorid,idmap_rid,idmap_hash,idmap_tdb2,idmap_script,
-ifeq ($(CONFIG_SAMBA4_SERVER_AD_DC),y)
- SAMBA4_IDMAP_MODULES_SHARED :=$(SAMBA4_IDMAP_MODULES_SHARED)idmap_ad,idmap_ldap,idmap_rfc2307,
- # idmap_ad needs --with-ads
- # idmap_rfc2307 needs ldap headers
-endif
- SAMBA4_AUTH_MODULES :=$(SAMBA4_AUTH_MODULES)auth_winbind,
+ SAMBA4_VFS_MODULES :=$(SAMBA4_VFS_MODULES)vfs_posixacl,
+ SAMBA4_VFS_MODULES_SHARED :=$(SAMBA4_VFS_MODULES_SHARED)vfs_audit,vfs_extd_audit,vfs_full_audit,vfs_acl_xattr,vfs_acl_tdb,
+ # vfs_zfsacl needs https://github.com/zfsonlinux/zfs/tree/master/include/sys/zfs_acl.h
+ # vfs_nfs4acl_xattr needs https://github.com/notriddle/libdrpc/blob/master/rpc/xdr.h
endif
-SAMBA4_MODULES :=${SAMBA4_VFS_MODULES}${SAMBA4_AUTH_MODULES}${SAMBA4_PDB_MODULES}${SAMBA4_IDMAP_MODULES}
-SAMBA4_MODULES_SHARDED :=${SAMBA4_VFS_MODULES_SHARED}${SAMBA4_IDMAP_MODULES_SHARED}
+SAMBA4_MODULES :=${SAMBA4_VFS_MODULES}${SAMBA4_AUTH_MODULES}${SAMBA4_PDB_MODULES}
+SAMBA4_MODULES_SHARDED :=${SAMBA4_VFS_MODULES_SHARED}
CONFIGURE_ARGS += \
--with-static-modules=$(SAMBA4_MODULES)!DEFAULT,!FORCED \
--with-static-modules=!DEFAULT,!FORCED \
--with-shared-modules=!DEFAULT,!FORCED
-# Setup build/install targets
-# CONFIG_PACKAGE_samba4-server
-BUILD_TARGETS_SERVER :=smbd/smbd,smbpasswd,pdbedit,testparm
-# Optional server targets
-ifeq ($(CONFIG_SAMBA4_SERVER_ACL),y)
- BUILD_TARGETS_SERVER :=$(BUILD_TARGETS_SERVER),sharesec
-endif
-ifeq ($(CONFIG_SAMBA4_SERVER_NETBIOS),y)
- BUILD_TARGETS_SERVER :=$(BUILD_TARGETS_SERVER),nmbd
-endif
-ifeq ($(CONFIG_SAMBA4_SERVER_AD_DC),y)
- BUILD_TARGETS_SERVER :=$(BUILD_TARGETS_SERVER),samba,nsstest,ntlm_auth,samba4kinit,samba4kgetcred,samba4kpasswd,samba4ktutil
-endif
-ifeq ($(CONFIG_SAMBA4_SERVER_WINBIND),y)
- BUILD_TARGETS_SERVER :=$(BUILD_TARGETS_SERVER),winbindd,wbinfo,winbind_krb5_locator
-endif
-# CONFIG_PACKAGE_samba4-client
-BUILD_TARGETS_CLIENT :=client/smbclient,client/cifsdd
-# CONFIG_PACKAGE_samba4-admin
-BUILD_TARGETS_ADMIN :=net,smbcontrol,profiles,rpcclient,smbcacls,smbcquotas,eventlogadm
-# CONFIG_PACKAGE_samba4-utils
-BUILD_TARGETS_UTILS :=smbstatus,smbtree,smbget,mvxattr,nmblookup
-
# lib bundling
+PY_VER:=$(PYTHON3_VERSION_MAJOR)$(PYTHON3_VERSION_MINOR)
# NOTE: bundle + make private, we want to avoid version configuration (build, link) conflicts
-CONFIGURE_ARGS += --builtin-libraries=talloc,tevent,tevent-util,texpect,tdb,ldb,tdr,cmocka
-HOST_CONFIGURE_ARGS += --builtin-libraries=replace --nonshared-binary=asn1_compile
-
+HOST_CONFIGURE_ARGS += --builtin-libraries=replace --nonshared-binary=asn1_compile,compile_et
+SYSTEM_BUNDLED_LIBS:=talloc,tevent,tevent-util,texpect,tdb,ldb,tdr,cmocka,replace,com_err
+PYTHON_BUNDLED_LIBS:=pytalloc-util.cpython-$(PY_VER),pyldb-util.cpython-$(PY_VER)
+# CONFIGURE_ARGS += --builtin-libraries=talloc,tevent,tevent-util,texpect,tdb,ldb,tdr,cmocka,com_err
ifeq ($(CONFIG_SAMBA4_SERVER_AD_DC),y)
-CONFIGURE_ARGS += --bundled-libraries=talloc,tevent,tevent-util,texpect,tdb,ldb,tdr,cmocka,replace,pytalloc-util,pyldb-util,roken,wind,hx509,asn1,heimbase,hcrypto,krb5,gssapi,heimntlm,hdb,kdc,NONE
+ CONFIGURE_ARGS += --bundled-libraries=NONE,$(SYSTEM_BUNDLED_LIBS),$(PYTHON_BUNDLED_LIBS)
else
-CONFIGURE_ARGS += --bundled-libraries=talloc,tevent,tevent-util,texpect,tdb,ldb,tdr,cmocka,replace,roken,wind,hx509,asn1,heimbase,hcrypto,krb5,gssapi,heimntlm,hdb,kdc,NONE
+ CONFIGURE_ARGS += --bundled-libraries=NONE,$(SYSTEM_BUNDLED_LIBS)
endif
-# BUG: --private-libraries, Does not work for System possible libs, will not get "samba4" suffix!
-CONFIGURE_ARGS += --private-libraries=talloc,tevent,tevent-util,texpect,tdb,ldb,tdr,cmocka,replace
-# CONFIGURE_ARGS += --disable-symbol-versions
+CONFIGURE_ARGS += --private-libraries=$(SYSTEM_BUNDLED_LIBS)
+export COMPILE_ET=$(STAGING_DIR_HOSTPKG)/bin/compile_et_samba
+export ASN1_COMPILE=$(STAGING_DIR_HOSTPKG)/bin/asn1_compile_samba
+
+# we dont need GnuTLS for the host helpers
+define Host/Prepare
+ $(call Host/Prepare/Default)
+ $(SED) 's,mandatory=True,mandatory=False,g' $(HOST_BUILD_DIR)/wscript_configure_system_gnutls
+endef
define Host/Compile
(cd $(HOST_BUILD_DIR); \
./buildtools/bin/waf build \
- --targets=asn1_compile \
+ --targets=asn1_compile,compile_et \
)
endef
define Host/Install
$(INSTALL_DIR) $(STAGING_DIR_HOSTPKG)/bin/
- $(INSTALL_BIN) $(HOST_BUILD_DIR)/bin/asn1_compile $(STAGING_DIR_HOSTPKG)/bin/
+ # add host tools suffix, prevent conflicts with krb5
+ $(INSTALL_BIN) $(HOST_BUILD_DIR)/bin/asn1_compile $(STAGING_DIR_HOSTPKG)/bin/asn1_compile_samba
+ $(INSTALL_BIN) $(HOST_BUILD_DIR)/bin/compile_et $(STAGING_DIR_HOSTPKG)/bin/compile_et_samba
endef
define Build/Prepare
define Build/Configure
$(CP) ./waf-cross-answers/$(ARCH).txt $(PKG_BUILD_DIR)/cross-answers.txt
+ echo 'Checking uname sysname type: "$(VERSION_DIST)"' >> $(PKG_BUILD_DIR)/cross-answers.txt
echo 'Checking uname machine type: "$(ARCH)"' >> $(PKG_BUILD_DIR)/cross-answers.txt
echo 'Checking uname release type: "$(LINUX_VERSION)"' >> $(PKG_BUILD_DIR)/cross-answers.txt
echo 'Checking uname version type: "$(VERSION_DIST) Linux-$(LINUX_VERSION) $(shell date +%Y-%m-%d)"' >> $(PKG_BUILD_DIR)/cross-answers.txt
- # NOTE: For some unknown reason this answer is not needed on some hosts/distros, yet needed on others?
+ # NOTE: special answers for freeBSD/CircleCI
echo 'Checking whether POSIX capabilities are available: OK' >> $(PKG_BUILD_DIR)/cross-answers.txt
+ echo 'checking for clnt_create(): OK' >> $(PKG_BUILD_DIR)/cross-answers.txt
$(call Build/Configure/Default)
endef
-# BUG: We need to use "waf install --targets=" otherwise a "make install" or "waf install" will retrigger a full recompile of all possible targets!
+# Build via "waf install", avoid the make wrapper. (Samba logic is 'waf install' = build + install)
define Build/Compile
(cd $(PKG_BUILD_DIR); \
./buildtools/bin/waf install \
--jobs=$(shell nproc) \
--destdir="$(PKG_INSTALL_DIR)" \
- --targets=$(SAMBA4_MODULES)$(SAMBA4_MODULES_SHARDED)$(BUILD_TARGETS_SERVER),$(BUILD_TARGETS_UTILS),$(BUILD_TARGETS_ADMIN),$(BUILD_TARGETS_CLIENT) \
)
endef
define Package/samba4-libs/install
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/*.so* $(1)/usr/lib/
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/samba/*.so* $(1)/usr/lib/
-
- $(INSTALL_DIR) $(1)/usr/lib/samba/vfs $(1)/usr/lib/samba/idmap $(1)/usr/lib/samba/ldb $(1)/usr/lib/samba/krb5
- if [ -d $(PKG_INSTALL_DIR)/usr/lib/samba/idmap ]; then \
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/samba/idmap $(1)/usr/lib/samba/; \
- fi
- if [ -d $(PKG_INSTALL_DIR)/usr/lib/samba/vfs ]; then \
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/samba/vfs $(1)/usr/lib/samba/; \
- fi
- if [ -d $(PKG_INSTALL_DIR)/usr/lib/samba/krb5 ]; then \
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/samba/krb5 $(1)/usr/lib/samba/; \
- fi
-ifeq ($(CONFIG_SAMBA4_SERVER_AD_DC),y)
- $(INSTALL_DIR) $(1)/usr/lib/python2.7
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/python2.7 $(1)/usr/lib/
-endif
+ # rpath-install
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/samba $(1)/usr/lib/
endef
define Package/samba4-client/install
$(INSTALL_DIR) $(1)/usr/bin
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{smbclient,cifsdd} $(1)/usr/bin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{cifsdd,smbclient,smbget} $(1)/usr/bin/
endef
define Package/samba4-admin/install
$(INSTALL_DIR) $(1)/usr/bin
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{net,smbcontrol,profiles,rpcclient,smbcacls,smbcquotas} $(1)/usr/bin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{net,smbcontrol,profiles,rpcclient,dbwrap_tool} $(1)/usr/bin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{ldbadd,ldbdel,ldbedit,ldbmodify,ldbrename,ldbsearch} $(1)/usr/bin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{tdbbackup,tdbdump,tdbrestore,tdbtool} $(1)/usr/bin/
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/eventlogadm $(1)/usr/sbin/
endef
define Package/samba4-utils/install
$(INSTALL_DIR) $(1)/usr/bin
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{smbstatus,smbtree,smbget,mvxattr,nmblookup} $(1)/usr/bin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{smbstatus,smbtree,mvxattr,smbtar} $(1)/usr/bin/
+ifeq ($(CONFIG_SAMBA4_SERVER_VFS),y)
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/smbcquotas $(1)/usr/bin/
+endif
endef
define Package/samba4-server/install
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{smbpasswd,pdbedit,testparm} $(1)/usr/bin/
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/smbd $(1)/usr/sbin/
-ifeq ($(CONFIG_SAMBA4_SERVER_AD_DC),y)
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{samba-tool,ntlm_auth,smbtar} $(1)/usr/bin/
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/{samba,samba-gpupdate,samba_dnsupdate,samba_kcc,samba_spnupdate,samba_upgradedns} $(1)/usr/sbin/
- # waf does not install those?
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/bin/{samba4kinit,samba4kgetcred,samba4kpasswd,samba4ktutil} $(1)/usr/bin/
-endif
ifeq ($(CONFIG_SAMBA4_SERVER_NETBIOS),y)
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/nmbd $(1)/usr/sbin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/nmblookup $(1)/usr/bin/
endif
-ifeq ($(CONFIG_SAMBA4_SERVER_WINBIND),y)
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/wbinfo $(1)/usr/bin/
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/winbindd $(1)/usr/sbin/
-endif
-ifeq ($(CONFIG_SAMBA4_SERVER_ACL),y)
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/sharesec $(1)/usr/bin/
+ifeq ($(CONFIG_SAMBA4_SERVER_AD_DC),y)
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/$(PYTHON3) $(1)/usr/lib/
+ $(INSTALL_DIR) $(1)/usr/share/
+ $(CP) $(PKG_INSTALL_DIR)/usr/share/samba $(1)/usr/share/
+ # fix wrong hardcoded python3 location
+ $(SED) '1s,^#!/.*python3.*,#!/usr/bin/python3,' $(PKG_INSTALL_DIR)/usr/bin/samba-tool
+ $(SED) '1s,^#!/.*python3.*,#!/usr/bin/python3,' $(PKG_INSTALL_DIR)/usr/sbin/{samba-gpupdate,samba_dnsupdate,samba_kcc,samba_spnupdate,samba_upgradedns,samba_downgrade_db}
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{samba-tool,ntlm_auth,oLschema2ldif} $(1)/usr/bin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{sharesec,smbcacls} $(1)/usr/bin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/{samba,samba-gpupdate,samba_dnsupdate,samba_kcc,samba_spnupdate,samba_upgradedns,samba_downgrade_db} $(1)/usr/sbin/
endif
$(INSTALL_DIR) $(1)/etc/config $(1)/etc/samba $(1)/etc/init.d
$(INSTALL_CONF) ./files/samba.config $(1)/etc/config/samba4
/etc/samba/smbpasswd
/etc/samba/secrets.tdb
/etc/samba/passdb.tdb
-/etc/samba/idmap.ldb
/etc/samba/lmhosts
/etc/nsswitch.conf
/etc/krb5.conf
START=98
USE_PROCD=1
+SAMBA_IFACE=""
+
smb_header() {
- config_get samba_iface $1 interface "loopback lan"
+ config_get SAMBA_IFACE $1 interface "lan"
# resolve interfaces
local interfaces
. /lib/functions/network.sh
local net
- for net in $samba_iface; do
+ for net in $SAMBA_IFACE; do
local device
network_is_up $net || continue
network_get_device device "$net"
[ -e /etc/samba/smb.conf ] || ln -nsf /var/etc/smb.conf /etc/samba/smb.conf
- if ! [ -L /etc/samba/smb.conf ]; then
- logger -t 'samba4-server' "Local custom /etc/samba/smb.conf file detected, all luci/config settings are ignored!"
+ if [ ! -L /etc/samba/smb.conf ]; then
+ logger -p daemon.warn -t 'samba4-server' "Local custom /etc/samba/smb.conf file detected, all luci/config settings are ignored!"
fi
}
}
service_triggers() {
- PROCD_RELOAD_DELAY=2000
+ # PROCD_RELOAD_DELAY=1000
procd_add_reload_trigger "dhcp" "system" "samba4"
local i
- for i in $samba_iface; do
+ for i in $SAMBA_IFACE; do
procd_add_reload_interface_trigger $i
done
}
start_service() {
init_config
+
+ if [ ! -e /etc/samba/smb.conf ]; then
+ logger -p daemon.error -t 'samba4-server' "missing config /etc/samba/smb.conf!"
+ exit 1
+ fi
+
+ local nice_value
+ config_get nice_value extra samba_nice 0
# start main AD-DC daemon, will spawn (smbd,nmbd,winbindd) as needed/configured.
if [ "$DISABLE_AD_DC" -ne 1 ] && [ -x /usr/sbin/samba ]; then
procd_open_instance
procd_set_param command /usr/sbin/samba -F
+ procd_set_param nice $nice_value
procd_set_param respawn
- procd_set_param file /var/etc/smb.conf
+ procd_set_param file /etc/samba/smb.conf
+ procd_set_param limits nofile=16384
procd_close_instance
else
# start fileserver daemon
procd_open_instance
procd_set_param command /usr/sbin/smbd -F
+ procd_set_param nice $nice_value
procd_set_param respawn
- procd_set_param file /var/etc/smb.conf
+ procd_set_param file /etc/samba/smb.conf
+ procd_set_param limits nofile=16384
procd_close_instance
# start netbios daemon
if [ "$DISABLE_NETBIOS" -ne 1 ] && [ -x /usr/sbin/nmbd ]; then
procd_open_instance
procd_set_param command /usr/sbin/nmbd -F
+ procd_set_param nice $nice_value
procd_set_param respawn
- procd_set_param file /var/etc/smb.conf
+ procd_set_param file /etc/samba/smb.conf
procd_close_instance
fi
# start winbind daemon
if [ "$DISABLE_WINBIND" -ne 1 ] && [ -x /usr/sbin/winbindd ]; then
procd_open_instance
procd_set_param command /usr/sbin/winbindd -F
+ procd_set_param nice $nice_value
procd_set_param respawn
- procd_set_param file /var/etc/smb.conf
+ procd_set_param file /etc/samba/smb.conf
procd_close_instance
fi
fi
- # lower priority using renice (if found)
- if [ -x /usr/bin/renice ]; then
- [ -x /usr/sbin/samba ] && renice -n 2 $(pidof samba)
- [ -x /usr/sbin/smbd ] && renice -n 2 $(pidof smbd)
- [ -x /usr/sbin/nmbd ] && renice -n 2 $(pidof nmbd)
- [ -x /usr/sbin/winbindd ] && renice -n 2 $(pidof winbindd)
- fi
}
--- /dev/null
+diff --git a/source4/torture/local/nss_tests.c b/source4/torture/local/nss_tests.c
+index 2cd6122..04f13c6 100644
+--- a/source4/torture/local/nss_tests.c
++++ b/source4/torture/local/nss_tests.c
+@@ -247,7 +247,6 @@ static bool test_getgrnam_r(struct torture_context *tctx,
+ return true;
+ }
+
+-
+ static bool test_getgrgid(struct torture_context *tctx,
+ gid_t gid,
+ struct group *grp_p)
+@@ -333,6 +332,7 @@ static bool test_enum_passwd(struct torture_context *tctx,
+ return true;
+ }
+
++#if HAVE_GETPWENT_R
+ static bool test_enum_r_passwd(struct torture_context *tctx,
+ struct passwd **pwd_array_p,
+ size_t *num_pwd_p)
+@@ -381,6 +381,7 @@ static bool test_enum_r_passwd(struct torture_context *tctx,
+
+ return true;
+ }
++#endif
+
+ static bool torture_assert_passwd_equal(struct torture_context *tctx,
+ const struct passwd *p1,
+@@ -432,7 +433,7 @@ static bool test_passwd_r(struct torture_context *tctx)
+ struct passwd *pwd, pwd1, pwd2;
+ size_t num_pwd;
+
+- torture_assert(tctx, test_enum_r_passwd(tctx, &pwd, &num_pwd),
++ torture_assert(tctx, test_enum_passwd(tctx, &pwd, &num_pwd),
+ "failed to enumerate passwd");
+
+ for (i=0; i < num_pwd; i++) {
+@@ -460,7 +461,7 @@ static bool test_passwd_r_cross(struct torture_context *tctx)
+ struct passwd *pwd, pwd1, pwd2, pwd3, pwd4;
+ size_t num_pwd;
+
+- torture_assert(tctx, test_enum_r_passwd(tctx, &pwd, &num_pwd),
++ torture_assert(tctx, test_enum_passwd(tctx, &pwd, &num_pwd),
+ "failed to enumerate passwd");
+
+ for (i=0; i < num_pwd; i++) {
+@@ -531,6 +532,7 @@ static bool test_enum_group(struct torture_context *tctx,
+ return true;
+ }
+
++#if HAVE_GETGRENT_R
+ static bool test_enum_r_group(struct torture_context *tctx,
+ struct group **grp_array_p,
+ size_t *num_grp_p)
+@@ -579,6 +581,7 @@ static bool test_enum_r_group(struct torture_context *tctx,
+
+ return true;
+ }
++#endif
+
+ static bool torture_assert_group_equal(struct torture_context *tctx,
+ const struct group *g1,
+@@ -635,7 +638,7 @@ static bool test_group_r(struct torture_context *tctx)
+ struct group *grp, grp1, grp2;
+ size_t num_grp;
+
+- torture_assert(tctx, test_enum_r_group(tctx, &grp, &num_grp),
++ torture_assert(tctx, test_enum_group(tctx, &grp, &num_grp),
+ "failed to enumerate group");
+
+ for (i=0; i < num_grp; i++) {
+@@ -663,7 +666,7 @@ static bool test_group_r_cross(struct torture_context *tctx)
+ struct group *grp, grp1, grp2, grp3, grp4;
+ size_t num_grp;
+
+- torture_assert(tctx, test_enum_r_group(tctx, &grp, &num_grp),
++ torture_assert(tctx, test_enum_group(tctx, &grp, &num_grp),
+ "failed to enumerate group");
+
+ for (i=0; i < num_grp; i++) {
--- /dev/null
+diff --git a/lib/param/loadparm.h b/lib/param/loadparm.h
+index b5d79b9..3f4eae0 100644
+--- a/lib/param/loadparm.h
++++ b/lib/param/loadparm.h
+@@ -31,6 +31,7 @@
+ #define _LOADPARM_H
+
+ #include <talloc.h>
++#include <time.h>
+
+ struct parmlist_entry {
+ struct parmlist_entry *prev, *next;
+diff --git a/source3/lib/system_smbd.c b/source3/lib/system_smbd.c
+index 3b1ac9c..4044d75 100644
+--- a/source3/lib/system_smbd.c
++++ b/source3/lib/system_smbd.c
+@@ -27,6 +27,8 @@
+ #include "system/passwd.h"
+ #include "nsswitch/winbind_client.h"
+ #include "../lib/util/setid.h"
++#include <grp.h>
++#include <uuid/uuid.h>
+
+ #ifndef HAVE_GETGROUPLIST
+
+diff --git a/source4/torture/local/nss_tests.c b/source4/torture/local/nss_tests.c
+index 2cd6122..0c84ec2 100644
+--- a/source4/torture/local/nss_tests.c
++++ b/source4/torture/local/nss_tests.c
+@@ -20,6 +20,8 @@
+ */
+
+ #include "includes.h"
++#include <grp.h>
++#include <uuid/uuid.h>
+
+ #include "torture/torture.h"
+ #include "torture/local/proto.h"
--- /dev/null
+commit f81e5b71ce78f33250347914dacc75c8463bf102
+Author: Breno Leitao <breno.leitao@gmail.com>
+Date: Wed Mar 29 15:22:38 2017 -0300
+
+ include: Check for previous declaration of uintptr_t
+
+ Adding a extra check before declaring uintptr_t. Currently musl uses
+ macro __DEFINED_uintptr_t once it defines uintptr_t type. Checking
+ this macro before defining it, and, defining it when uintptr_t is
+ defined.
+
+ Signed-off-by: Breno Leitao <breno.leitao@gmail.com>
+
+diff --git a/third_party/cmocka/cmocka.h b/third_party/cmocka/cmocka.h
+index 303d0ae..a2bfc40 100644
+--- a/third_party/cmocka/cmocka.h
++++ b/third_party/cmocka/cmocka.h
+@@ -110,7 +110,7 @@
+ ((LargestIntegralType)(value))
+
+ /* Smallest integral type capable of holding a pointer. */
+-#if !defined(_UINTPTR_T) && !defined(_UINTPTR_T_DEFINED)
++#if !defined(_UINTPTR_T) && !defined(_UINTPTR_T_DEFINED) && !defined(__DEFINED_uintptr_t)
+ # if defined(_WIN32)
+ /* WIN32 is an ILP32 platform */
+ typedef unsigned int uintptr_t;
+@@ -136,6 +136,8 @@
+
+ # define _UINTPTR_T
+ # define _UINTPTR_T_DEFINED
++# define __DEFINED_uintptr_t
++
+ #endif /* !defined(_UINTPTR_T) || !defined(_UINTPTR_T_DEFINED) */
+
+ /* Perform an unsigned cast to uintptr_t. */
--- /dev/null
+diff --git a/nsswitch/wins.c b/nsswitch/wins.c
+index dccb6dd..bb24acb 100644
+--- a/nsswitch/wins.c
++++ b/nsswitch/wins.c
+@@ -39,6 +39,14 @@ static pthread_mutex_t wins_nss_mutex = PTHREAD_MUTEX_INITIALIZER;
+ #define INADDRSZ 4
+ #endif
+
++#ifndef NETDB_INTERNAL
++#define NETDB_INTERNAL -1
++#endif
++
++#ifndef NETDB_SUCCESS
++#define NETDB_SUCCESS 0
++#endif
++
+ NSS_STATUS _nss_wins_gethostbyname_r(const char *hostname,
+ struct hostent *he,
+ char *buffer,
--- /dev/null
+From d90534469c5c43bf2a97e5698a5ddb4b7471f92a Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Tue, 24 Jul 2018 10:53:16 +0800
+Subject: [PATCH] libldb: fix musl libc unkoown type error
+
+tevent.h:1440:8: error: unknown type name 'pid_t'; did you mean 'div_t'?
+ pid_t *pid,
+ ^~~~~
+ div_t
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ lib/tevent/tevent.h | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/lib/tevent/tevent.h b/lib/tevent/tevent.h
+index aa6fe0d..2572696 100644
+--- a/lib/tevent/tevent.h
++++ b/lib/tevent/tevent.h
+@@ -32,6 +32,8 @@
+ #include <talloc.h>
+ #include <sys/time.h>
+ #include <stdbool.h>
++#include <sys/stat.h>
++#include <sys/types.h>
+
+ struct tevent_context;
+ struct tevent_ops;
+--
+2.7.4
+
--- /dev/null
+--- a/source4/dsdb/samdb/ldb_modules/count_attrs.c
++++ b/source4/dsdb/samdb/ldb_modules/count_attrs.c
+@@ -38,6 +38,11 @@
+ #define NULL_REQ_PSEUDO_N -2LL;
+ #define STAR_REQ_PSEUDO_N -4LL;
+
++#ifndef __COMPAR_FN_T
++#define __COMPAR_FN_T
++typedef int (*__compar_fn_t)(const void *, const void *);
++#endif
++
+ struct count_attrs_private {
+ struct tdb_wrap *requested;
+ struct tdb_wrap *duplicates;
--- /dev/null
+diff --git a/source4/dsdb/samdb/ldb_modules/count_attrs.c b/source4/dsdb/samdb/ldb_modules/count_attrs.c
+index b0d1b22..29f1b94 100644
+--- a/source4/dsdb/samdb/ldb_modules/count_attrs.c
++++ b/source4/dsdb/samdb/ldb_modules/count_attrs.c
+@@ -222,7 +222,7 @@ static const char **get_sorted_attrs(TALLOC_CTX *mem_ctx,
+ attrs[i] = a;
+ }
+
+- qsort(attrs, n_attrs, sizeof(char *), (__compar_fn_t)strcasecmp_ptr);
++ qsort(attrs, n_attrs, sizeof(char *), (int (*)(const void *, const void *))strcasecmp_ptr);
+ return attrs;
+ }
+
+@@ -313,7 +313,7 @@ static int count_attrs_search_callback(struct ldb_request *req,
+ }
+
+ qsort(found_attrs, msg->num_elements, sizeof(char *),
+- (__compar_fn_t)strcasecmp_ptr);
++ (int (*)(const void *, const void *))strcasecmp_ptr);
+
+
+ /* find and report duplicates */
--- /dev/null
+--- a/wscript_configure_embedded_heimdal 2019-12-17
++++ b/wscript_configure_embedded_heimdal 2019-12-17
+@@ -1 +1,12 @@
+ conf.RECURSE('source4/heimdal_build')
++
++def check_system_heimdal_binary(name):
++ if conf.LIB_MAY_BE_BUNDLED(name):
++ return False
++ if not conf.find_program(name, var=name.upper()):
++ return False
++ conf.define('USING_SYSTEM_%s' % name.upper(), 1)
++ return True
++
++check_system_heimdal_binary("compile_et")
++check_system_heimdal_binary("asn1_compile")
+--- a/wscript_configure_system_heimdal 2019-12-17
++++ b/wscript_configure_system_heimdal 2019-12-17
+@@ -37,14 +37,6 @@ def check_system_heimdal_lib(name, funct
+ conf.define('USING_SYSTEM_%s' % name.upper(), 1)
+ return True
+
+-def check_system_heimdal_binary(name):
+- if conf.LIB_MAY_BE_BUNDLED(name):
+- return False
+- if not conf.find_program(name, var=name.upper()):
+- return False
+- conf.define('USING_SYSTEM_%s' % name.upper(), 1)
+- return True
+-
+ check_system_heimdal_lib("com_err", "com_right_r com_err", "com_err.h")
+
+ if check_system_heimdal_lib("roken", "rk_socket_set_reuseaddr", "roken.h"):
+@@ -96,7 +88,4 @@ finally:
+ #if conf.CHECK_BUNDLED_SYSTEM('tommath', checkfunctions='mp_init', headers='tommath.h'):
+ # conf.define('USING_SYSTEM_TOMMATH', 1)
+
+-check_system_heimdal_binary("compile_et")
+-check_system_heimdal_binary("asn1_compile")
+-
+ conf.define('USING_SYSTEM_KRB5', 1)
+++ /dev/null
---- a/source3/lib/messages.c
-+++ b/source3/lib/messages.c
-@@ -518,7 +518,7 @@ static NTSTATUS messaging_init_internal(
- return NT_STATUS_ACCESS_DENIED;
- }
-
-- priv_path = private_path("msg.sock");
-+ priv_path = lock_path("msg.sock");
- if (priv_path == NULL) {
- return NT_STATUS_NO_MEMORY;
- }
-@@ -662,7 +662,7 @@ NTSTATUS messaging_reinit(struct messagi
-
- msg_ctx->msg_dgm_ref = messaging_dgm_ref(
- msg_ctx, msg_ctx->event_ctx, &msg_ctx->id.unique_id,
-- private_path("msg.sock"), lck_path,
-+ lock_path("msg.sock"), lck_path,
- messaging_recv_cb, msg_ctx, &ret);
-
- if (msg_ctx->msg_dgm_ref == NULL) {
+++ /dev/null
---- a/source4/lib/messaging/messaging.c
-+++ b/source4/lib/messaging/messaging.c
-@@ -350,7 +350,7 @@ static struct imessaging_context *imessa
- goto fail;
- }
-
-- msg->sock_dir = lpcfg_private_path(msg, lp_ctx, "msg.sock");
-+ msg->sock_dir = lpcfg_lock_path(msg, lp_ctx, "msg.sock");
- if (msg->sock_dir == NULL) {
- goto fail;
- }
--- /dev/null
+--- a/source3/lib/messages.c
++++ b/source3/lib/messages.c
+@@ -518,7 +518,7 @@ static NTSTATUS messaging_init_internal(
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
+- priv_path = private_path("msg.sock");
++ priv_path = lock_path(talloc_tos(), "msg.sock");
+ if (priv_path == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+@@ -662,7 +662,7 @@ NTSTATUS messaging_reinit(struct messagi
+
+ msg_ctx->msg_dgm_ref = messaging_dgm_ref(
+ msg_ctx, msg_ctx->event_ctx, &msg_ctx->id.unique_id,
+- private_path("msg.sock"), lck_path,
++ lock_path(talloc_tos(), "msg.sock"), lck_path,
+ messaging_recv_cb, msg_ctx, &ret);
+
+ if (msg_ctx->msg_dgm_ref == NULL) {
--- /dev/null
+--- a/source4/lib/messaging/messaging.c
++++ b/source4/lib/messaging/messaging.c
+@@ -350,7 +350,7 @@ static struct imessaging_context *imessa
+ goto fail;
+ }
+
+- msg->sock_dir = lpcfg_private_path(msg, lp_ctx, "msg.sock");
++ msg->sock_dir = lpcfg_lock_path(msg, lp_ctx, "msg.sock");
+ if (msg->sock_dir == NULL) {
+ goto fail;
+ }
--- /dev/null
+--- a/lib/replace/wscript
++++ b/lib/replace/wscript
+@@ -340,22 +340,13 @@ def configure(conf):
+
+ conf.CHECK_FUNCS('prctl dirname basename')
+
+- strlcpy_in_bsd = False
++ # Not checking for libbsd
++ conf.CHECK_FUNCS('strlcpy strlcat')
++ conf.CHECK_FUNCS('getpeereid')
++ conf.CHECK_FUNCS_IN('setproctitle', 'setproctitle', headers='setproctitle.h')
++ conf.CHECK_FUNCS('setproctitle_init')
+
+- # libbsd on some platforms provides strlcpy and strlcat
+- if not conf.CHECK_FUNCS('strlcpy strlcat'):
+- if conf.CHECK_FUNCS_IN('strlcpy strlcat', 'bsd', headers='bsd/string.h',
+- checklibc=True):
+- strlcpy_in_bsd = True
+- if not conf.CHECK_FUNCS('getpeereid'):
+- conf.CHECK_FUNCS_IN('getpeereid', 'bsd', headers='sys/types.h bsd/unistd.h')
+- if not conf.CHECK_FUNCS_IN('setproctitle', 'setproctitle', headers='setproctitle.h'):
+- conf.CHECK_FUNCS_IN('setproctitle', 'bsd', headers='sys/types.h bsd/unistd.h')
+- if not conf.CHECK_FUNCS('setproctitle_init'):
+- conf.CHECK_FUNCS_IN('setproctitle_init', 'bsd', headers='sys/types.h bsd/unistd.h')
+-
+- if not conf.CHECK_FUNCS('closefrom'):
+- conf.CHECK_FUNCS_IN('closefrom', 'bsd', headers='bsd/unistd.h')
++ conf.CHECK_FUNCS('closefrom')
+
+ conf.CHECK_CODE('''
+ struct ucred cred;
+@@ -698,9 +689,6 @@ def configure(conf):
+
+ # look for a method of finding the list of network interfaces
+ for method in ['HAVE_IFACE_GETIFADDRS', 'HAVE_IFACE_AIX', 'HAVE_IFACE_IFCONF', 'HAVE_IFACE_IFREQ']:
+- bsd_for_strlcpy = ''
+- if strlcpy_in_bsd:
+- bsd_for_strlcpy = ' bsd'
+ if conf.CHECK_CODE('''
+ #define %s 1
+ #define NO_CONFIG_H 1
+@@ -713,7 +701,7 @@ def configure(conf):
+ #include "test/getifaddrs.c"
+ ''' % method,
+ method,
+- lib='nsl socket' + bsd_for_strlcpy,
++ lib='nsl socket',
+ addmain=False,
+ execute=True):
+ break
+@@ -761,7 +749,6 @@ def build(bld):
+ break
+
+ extra_libs = ''
+- if bld.CONFIG_SET('HAVE_LIBBSD'): extra_libs += ' bsd'
+ if bld.CONFIG_SET('HAVE_LIBRT'): extra_libs += ' rt'
+
+ bld.SAMBA_SUBSYSTEM('LIBREPLACE_HOSTCC',
+ REPLACE_HOSTCC_SOURCE,
+++ /dev/null
---- a/lib/crypto/wscript_configure
-+++ b/lib/crypto/wscript_configure
-@@ -2,11 +2,11 @@
- import Options
- import Utils
-
--if not conf.CHECK_FUNCS_IN('MD5Init', 'bsd', headers='bsd/md5.h',
-- checklibc=True):
-- conf.CHECK_FUNCS_IN('MD5Init', 'md5', headers='sys/md5.h',
-- checklibc=True)
-- conf.CHECK_FUNCS_IN('MD5Init', 'md', headers='sys/md5.h',
-+# if not conf.CHECK_FUNCS_IN('MD5Init', 'bsd', headers='bsd/md5.h',
-+ # checklibc=True):
-+conf.CHECK_FUNCS_IN('MD5Init', 'md5', headers='sys/md5.h',
-+ checklibc=True)
-+conf.CHECK_FUNCS_IN('MD5Init', 'md', headers='sys/md5.h',
- checklibc=True)
- conf.CHECK_FUNCS_IN('CC_MD5_Init', '', headers='CommonCrypto/CommonDigest.h',
- checklibc=True)
---- a/lib/replace/wscript
-+++ b/lib/replace/wscript
-@@ -340,22 +340,13 @@ def configure(conf):
-
- conf.CHECK_FUNCS('prctl dirname basename')
-
-- strlcpy_in_bsd = False
-+ # Not checking for libbsd
-+ conf.CHECK_FUNCS('strlcpy strlcat')
-+ conf.CHECK_FUNCS('getpeereid')
-+ conf.CHECK_FUNCS_IN('setproctitle', 'setproctitle', headers='setproctitle.h')
-+ conf.CHECK_FUNCS('setproctitle_init')
-
-- # libbsd on some platforms provides strlcpy and strlcat
-- if not conf.CHECK_FUNCS('strlcpy strlcat'):
-- if conf.CHECK_FUNCS_IN('strlcpy strlcat', 'bsd', headers='bsd/string.h',
-- checklibc=True):
-- strlcpy_in_bsd = True
-- if not conf.CHECK_FUNCS('getpeereid'):
-- conf.CHECK_FUNCS_IN('getpeereid', 'bsd', headers='sys/types.h bsd/unistd.h')
-- if not conf.CHECK_FUNCS_IN('setproctitle', 'setproctitle', headers='setproctitle.h'):
-- conf.CHECK_FUNCS_IN('setproctitle', 'bsd', headers='sys/types.h bsd/unistd.h')
-- if not conf.CHECK_FUNCS('setproctitle_init'):
-- conf.CHECK_FUNCS_IN('setproctitle_init', 'bsd', headers='sys/types.h bsd/unistd.h')
--
-- if not conf.CHECK_FUNCS('closefrom'):
-- conf.CHECK_FUNCS_IN('closefrom', 'bsd', headers='bsd/unistd.h')
-+ conf.CHECK_FUNCS('closefrom')
-
- conf.CHECK_CODE('''
- struct ucred cred;
-@@ -698,9 +689,6 @@ def configure(conf):
-
- # look for a method of finding the list of network interfaces
- for method in ['HAVE_IFACE_GETIFADDRS', 'HAVE_IFACE_AIX', 'HAVE_IFACE_IFCONF', 'HAVE_IFACE_IFREQ']:
-- bsd_for_strlcpy = ''
-- if strlcpy_in_bsd:
-- bsd_for_strlcpy = ' bsd'
- if conf.CHECK_CODE('''
- #define %s 1
- #define NO_CONFIG_H 1
-@@ -713,7 +701,7 @@ def configure(conf):
- #include "test/getifaddrs.c"
- ''' % method,
- method,
-- lib='nsl socket' + bsd_for_strlcpy,
-+ lib='nsl socket',
- addmain=False,
- execute=True):
- break
-@@ -761,7 +749,6 @@ def build(bld):
- break
-
- extra_libs = ''
-- if bld.CONFIG_SET('HAVE_LIBBSD'): extra_libs += ' bsd'
-
- bld.SAMBA_SUBSYSTEM('LIBREPLACE_HOSTCC',
- REPLACE_HOSTCC_SOURCE,
Checking if can we convert from CP850 to UCS-2LE: OK
Checking if can we convert from UTF-8 to UCS-2LE: OK
vfs_fileid checking for statfs() and struct statfs.f_fsid: OK
-Checking whether we can use Linux thread-specific credentials: "OK"
+Checking whether we can use Linux thread-specific credentials: OK
Checking whether fcntl locking is available: OK
Checking whether fcntl lock supports open file description locks: NO
Checking for the maximum value of the 'time_t' type: OK
Checking if can we convert from CP850 to UCS-2LE: OK
Checking if can we convert from UTF-8 to UCS-2LE: OK
vfs_fileid checking for statfs() and struct statfs.f_fsid: OK
-Checking whether we can use Linux thread-specific credentials: "OK"
+Checking whether we can use Linux thread-specific credentials: OK
Checking whether fcntl locking is available: OK
Checking whether fcntl lock supports open file description locks: NO
Checking for the maximum value of the 'time_t' type: NO
Checking if can we convert from CP850 to UCS-2LE: OK
Checking if can we convert from UTF-8 to UCS-2LE: OK
vfs_fileid checking for statfs() and struct statfs.f_fsid: OK
-Checking whether we can use Linux thread-specific credentials with 32-bit system calls: "OK"
+Checking whether we can use Linux thread-specific credentials with 32-bit system calls: OK
Checking whether fcntl locking is available: OK
Checking whether fcntl lock supports open file description locks: NO
Checking for the maximum value of the 'time_t' type: NO
Checking if can we convert from CP850 to UCS-2LE: OK
Checking if can we convert from UTF-8 to UCS-2LE: OK
vfs_fileid checking for statfs() and struct statfs.f_fsid: OK
-Checking whether we can use Linux thread-specific credentials with 32-bit system calls: "OK"
+Checking whether we can use Linux thread-specific credentials with 32-bit system calls: OK
Checking whether fcntl locking is available: OK
Checking whether fcntl lock supports open file description locks: NO
Checking for the maximum value of the 'time_t' type: NO
Checking if can we convert from CP850 to UCS-2LE: OK
Checking if can we convert from UTF-8 to UCS-2LE: OK
vfs_fileid checking for statfs() and struct statfs.f_fsid: OK
-Checking whether we can use Linux thread-specific credentials with 32-bit system calls: "OK"
+Checking whether we can use Linux thread-specific credentials with 32-bit system calls: OK
Checking whether fcntl locking is available: OK
Checking whether fcntl lock supports open file description locks: NO
Checking for the maximum value of the 'time_t' type: NO
Checking if can we convert from CP850 to UCS-2LE: OK
Checking if can we convert from UTF-8 to UCS-2LE: OK
vfs_fileid checking for statfs() and struct statfs.f_fsid: OK
-Checking whether we can use Linux thread-specific credentials: "OK"
+Checking whether we can use Linux thread-specific credentials: OK
Checking whether fcntl locking is available: OK
Checking whether fcntl lock supports open file description locks: NO
Checking for the maximum value of the 'time_t' type: NO
Checking if can we convert from CP850 to UCS-2LE: OK
Checking if can we convert from UTF-8 to UCS-2LE: OK
vfs_fileid checking for statfs() and struct statfs.f_fsid: OK
-Checking whether we can use Linux thread-specific credentials: "OK"
+Checking whether we can use Linux thread-specific credentials: OK
Checking whether fcntl locking is available: OK
Checking whether fcntl lock supports open file description locks: NO
Checking for the maximum value of the 'time_t' type: OK
Checking if can we convert from CP850 to UCS-2LE: OK
Checking if can we convert from UTF-8 to UCS-2LE: OK
vfs_fileid checking for statfs() and struct statfs.f_fsid: OK
-Checking whether we can use Linux thread-specific credentials: "OK"
+Checking whether we can use Linux thread-specific credentials: OK
Checking whether fcntl locking is available: OK
Checking whether fcntl lock supports open file description locks: NO
Checking for the maximum value of the 'time_t' type: OK
Checking if can we convert from CP850 to UCS-2LE: OK
Checking if can we convert from UTF-8 to UCS-2LE: OK
vfs_fileid checking for statfs() and struct statfs.f_fsid: OK
-Checking whether we can use Linux thread-specific credentials: "OK"
+Checking whether we can use Linux thread-specific credentials: OK
Checking whether fcntl locking is available: OK
Checking whether fcntl lock supports open file description locks: NO
Checking for the maximum value of the 'time_t' type: NO
Checking if can we convert from CP850 to UCS-2LE: OK
Checking if can we convert from UTF-8 to UCS-2LE: OK
vfs_fileid checking for statfs() and struct statfs.f_fsid: OK
-Checking whether we can use Linux thread-specific credentials: "OK"
+Checking whether we can use Linux thread-specific credentials: OK
Checking whether fcntl locking is available: OK
Checking whether fcntl lock supports open file description locks: NO
Checking for the maximum value of the 'time_t' type: NO
Checking if can we convert from CP850 to UCS-2LE: OK
Checking if can we convert from UTF-8 to UCS-2LE: OK
vfs_fileid checking for statfs() and struct statfs.f_fsid: OK
-Checking whether we can use Linux thread-specific credentials: "OK"
+Checking whether we can use Linux thread-specific credentials: OK
Checking whether fcntl locking is available: OK
Checking whether fcntl lock supports open file description locks: NO
Checking for the maximum value of the 'time_t' type: OK
# - check if default mode has changed from being tcp_only
#
PKG_NAME:=shadowsocks-libev
-PKG_VERSION:=3.3.3
+PKG_VERSION:=3.3.4
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/shadowsocks/shadowsocks-libev/releases/download/v$(PKG_VERSION)
-PKG_HASH:=677356a5ed6b5ae9e32a898061db2587158ff27e245db03f4bde9b006ef12dc9
+PKG_HASH:=fce47a956fad0c30def9c71821bcec450a40d3f881548e31e66cedf262b89eb1
PKG_MAINTAINER:=Yousong Zhou <yszhou4tech@gmail.com>
PKG_NAME:=shorewall-core
PKG_MAJOR_MINOR_VERSION:=5.2
PKG_BUGFIX_MAJOR_VERSION:=3
-PKG_BUGFIX_MINOR_VERSION:=.4
+PKG_BUGFIX_MINOR_VERSION:=.5
PKG_VERSION:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION)$(PKG_BUGFIX_MINOR_VERSION)
PKG_DIRECTORY:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION)
PKG_RELEASE:=2
http://shorewall.de/pub/shorewall/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/ \
http://www.shorewall.com.au/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_HASH:=8fdc6e326d0c07df2a636634c510630e99f7a3ab70bb60fb735dd92a0d33d500
+PKG_HASH:=c9dbbe51e2550651335ec82d59a237a66ee4fe7e87719ee52285d253921ec07b
PKG_MAINTAINER:=Willem van den Akker <wvdakker@wilsoft.nl>
PKG_LICENSE:=GPL-2.0-or-later
PKG_NAME:=shorewall-lite
PKG_MAJOR_MINOR_VERSION:=5.2
PKG_BUGFIX_MAJOR_VERSION:=3
-PKG_BUGFIX_MINOR_VERSION:=.4
+PKG_BUGFIX_MINOR_VERSION:=.5
PKG_VERSION:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION)$(PKG_BUGFIX_MINOR_VERSION)
PKG_DIRECTORY:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION)
PKG_RELEASE:=2
http://shorewall.de/pub/shorewall/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/ \
http://www.shorewall.com.au/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_HASH:=cf48465402eb5fee0886b7dfc4b0a78ec9c0850e8a2046874dee22154c6ee107
+PKG_HASH:=233ea801ce100e905e0231dd5585e3ee47fabf637ddb7d6dbe1913d63cd13e54
PKG_MAINTAINER:=Willem van den Akker <wvdakker@wilsoft.nl>
PKG_LICENSE:=GPL-2.0-or-later
PKG_NAME:=shorewall
PKG_MAJOR_MINOR_VERSION:=5.2
PKG_BUGFIX_MAJOR_VERSION:=3
-PKG_BUGFIX_MINOR_VERSION:=.4
+PKG_BUGFIX_MINOR_VERSION:=.5
PKG_VERSION:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION)$(PKG_BUGFIX_MINOR_VERSION)
PKG_DIRECTORY:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION)
PKG_RELEASE:=2
http://shorewall.de/pub/shorewall/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/ \
http://www.shorewall.com.au/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_HASH:=a6e1a1a6b20ea37695fe12d36233dacd461548ac67665664c8de3a99cf7aa23b
+PKG_HASH:=466afa987eb24e64c81565a994951c59f540fdd5c008ef9ec397bdd7566fc50f
PKG_MAINTAINER:=Willem van den Akker <wvdakker@wilsoft.nl>
PKG_LICENSE:=GPL-2.0-or-later
PKG_NAME:=shorewall6-lite
PKG_MAJOR_MINOR_VERSION:=5.2
PKG_BUGFIX_MAJOR_VERSION:=3
-PKG_BUGFIX_MINOR_VERSION:=.4
+PKG_BUGFIX_MINOR_VERSION:=.5
PKG_VERSION:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION)$(PKG_BUGFIX_MINOR_VERSION)
PKG_DIRECTORY:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION)
PKG_RELEASE:=2
http://shorewall.de/pub/shorewall/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/ \
http://www.shorewall.com.au/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_HASH:=af1a62397e8232bb4fb6c266a29df0063c339c94772d06a92e086a2e8f1ee70f
+PKG_HASH:=aeac91d2cef004892c31256b1d7107d5ae4c392772a7530c0b4834893180eae3
PKG_MAINTAINER:=Willem van den Akker <wvdakker@wilsoft.nl>
PKG_LICENSE:=GPL-2.0-or-later
PKG_NAME:=shorewall6
PKG_MAJOR_MINOR_VERSION:=5.2
PKG_BUGFIX_MAJOR_VERSION:=3
-PKG_BUGFIX_MINOR_VERSION:=.4
+PKG_BUGFIX_MINOR_VERSION:=.5
PKG_VERSION:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION)$(PKG_BUGFIX_MINOR_VERSION)
PKG_DIRECTORY:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION)
PKG_RELEASE:=2
http://shorewall.de/pub/shorewall/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/ \
http://www.shorewall.com.au/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_HASH:=c1fc1244bd68710aecd504841965ac7fbbb05fa7fb1b857b1ad43659bd81877b
+PKG_HASH:=eff1dae5669648e96b5db78a7718cbb39a5f0b16a33c7223aa5a55fce56751b5
PKG_MAINTAINER:=Willem van den Akker <wvdakker@wilsoft.nl>
PKG_LICENSE:=GPL-2.0-or-later
PKG_NAME:=simple-adblock
PKG_VERSION:=1.8.2
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_MAINTAINER:=Stan Grishin <stangri@melmac.net>
PKG_LICENSE:=GPL-3.0-or-later
return 0
}
-status() {
+status_service() {
local status="$(tmpfs get status)" error="$(tmpfs get error)" message="$(tmpfs get message)"
- if [ -n "$status" ] && [ -n "$message" ]; then
+ if [ -n "$status" ] && [ -n "$message" ]; then
status="${status}: $message"
fi
[ -n "$status" ] && output "$serviceName $status\\n"
--- /dev/null
+#
+# Copyright (c) 2018-2019 Nick Peng (pymumu@gmail.com)
+# This is free software, licensed under the GNU General Public License v3.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=smartdns
+PKG_VERSION:=1.2020.28
+PKG_RELEASE:=1
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://www.github.com/pymumu/smartdns.git
+PKG_SOURCE_VERSION:=2322a9dbd03de284acca388119f00a9bc7d9bec2
+PKG_MIRROR_HASH:=1698c0fc16fd67b72f1a588aad06427afd919541356e445ab75c26f5ce296e86
+
+PKG_MAINTAINER:=Nick Peng <pymumu@gmail.com>
+PKG_LICENSE:=GPL-3.0-or-later
+PKG_LICENSE_FILES:=LICENSE
+
+PKG_BUILD_PARALLEL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+MAKE_VARS += VER=$(PKG_VERSION)
+MAKE_PATH:=src
+
+define Package/smartdns
+ SECTION:=net
+ CATEGORY:=Network
+ TITLE:=smartdns server
+ DEPENDS:=+libpthread +libopenssl
+ URL:=https://www.github.com/pymumu/smartdns/
+endef
+
+define Package/smartdns/description
+SmartDNS is a local DNS server which accepts DNS query requests from local network clients,
+get DNS query results from multiple upstream DNS servers concurrently, and returns the fastest IP to clients.
+Unlike dnsmasq's all-servers, smartdns returns the fastest IP.
+endef
+
+define Package/smartdns/conffiles
+/etc/config/smartdns
+/etc/smartdns/address.conf
+/etc/smartdns/blacklist-ip.conf
+/etc/smartdns/custom.conf
+endef
+
+define Package/smartdns/install
+ $(INSTALL_DIR) $(1)/usr/sbin $(1)/etc/config $(1)/etc/init.d $(1)/etc/smartdns
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/smartdns $(1)/usr/sbin/smartdns
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/package/openwrt/files/etc/init.d/smartdns $(1)/etc/init.d/smartdns
+ $(INSTALL_CONF) $(PKG_BUILD_DIR)/package/openwrt/address.conf $(1)/etc/smartdns/address.conf
+ $(INSTALL_CONF) $(PKG_BUILD_DIR)/package/openwrt/blacklist-ip.conf $(1)/etc/smartdns/blacklist-ip.conf
+ $(INSTALL_CONF) $(PKG_BUILD_DIR)/package/openwrt/custom.conf $(1)/etc/smartdns/custom.conf
+ $(INSTALL_CONF) $(PKG_BUILD_DIR)/package/openwrt/files/etc/config/smartdns $(1)/etc/config/smartdns
+endef
+
+$(eval $(call BuildPackage,smartdns))
--- /dev/null
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=smbd-tools
+PKG_VERSION:=3.0.1
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://github.com/cifsd-team/$(PKG_NAME)/archive/$(PKG_VERSION)/
+PKG_HASH:=29f85de8b39608d28ec406c8b557264e004f5dce9b307a37f8324508cdea6217
+
+PKG_MAINTAINER:=Andy Walsh <andy.walsh44+github@gmail.com>
+PKG_LICENSE:=GPL-2.0-or-later
+PKG_LICENSE_FILES:=COPYING
+
+PKG_FIXUP:=autoreconf
+PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
+PKG_REMOVE_FILES:=autogen.sh
+
+PKG_BUILD_DEPENDS:=glib2
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/nls.mk
+
+define Package/smbd-tools/Default
+ SECTION:=net
+ CATEGORY:=Network
+ SUBMENU:=Filesystem
+ TITLE:=Kernel SMB
+ URL:=https://github.com/cifsd-team/smbd-tools
+ DEPENDS:= +glib2 $(ICONV_DEPENDS) $(INTL_DEPENDS)
+endef
+
+define Package/smbd-tools/Default/description
+ Userspace tools for the SMB kernel fileserver (smbd.ko).
+ The config file location is /etc/smbd/smb.conf
+endef
+
+define Package/smbd-server
+ $(call Package/smbd-tools/Default)
+ TITLE+= server
+ DEPENDS+= +kmod-fs-smbd +libnl-core +libnl-genl
+endef
+
+define Package/smbd-server/description
+ installs: usmbd
+
+ This provides the basic fileserver service and is the minimum needed to serve 'guest only' file shares or use a existing smbdpwd.db.
+endef
+
+define Package/smbd-server/config
+ select PACKAGE_wsdd2
+endef
+
+define Package/smbd-utils
+ $(call Package/smbd-tools/Default)
+ TITLE+= user management-util
+endef
+
+define Package/smbd-utils/description
+ installs: smbuseradd (smbshareadd)
+
+ Tool needed to create the smbdpwd.db, to manage per user share passwords.
+ NOTE: Not needed for 'guest only' shares.
+endef
+
+define Package/smbd-utils/config
+ config SMBD_UTILS_SHAREADD
+ bool "Add smbshareadd util"
+ depends on PACKAGE_smbd-utils
+ help
+ Add the smbshareadd tool, to directly manipulate the /etc/smbd/smb.conf.
+ default n
+endef
+
+CONFIGURE_ARGS += \
+ --disable-shared \
+ --enable-static
+
+# CONFIGURE_VARS += GLIB_LIBS="$(STAGING_DIR)/usr/lib/libglib-2.0.a"
+
+TARGET_CFLAGS += -ffunction-sections -fdata-sections -flto
+TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed -liconv $(if $(INTL_FULL),-lintl)
+
+define Package/smbd-server/install
+ $(INSTALL_DIR) $(1)/usr/sbin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/usmbd $(1)/usr/sbin/
+ $(INSTALL_DIR) $(1)/etc/config $(1)/etc/smbd $(1)/etc/init.d
+ $(INSTALL_CONF) ./files/smbd.config $(1)/etc/config/smbd
+ $(INSTALL_DATA) ./files/smb.conf.template $(1)/etc/smbd/
+ $(INSTALL_BIN) ./files/smbd.init $(1)/etc/init.d/smbd
+ # copy examples until we have a wiki page
+ $(INSTALL_DATA) ./files/smbd.config.example $(1)/etc/smbd/
+ $(INSTALL_DATA) $(PKG_BUILD_DIR)/Documentation/configuration.txt $(1)/etc/smbd/
+endef
+
+define Package/smbd-utils/install
+ $(INSTALL_DIR) $(1)/usr/sbin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/smbuseradd $(1)/usr/sbin/
+ifeq ($(CONFIG_SMBD_UTILS_SHAREADD),y)
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/smbshareadd $(1)/usr/sbin/
+endif
+endef
+
+define Package/smbd-server/conffiles
+/etc/config/smbd
+/etc/smbd/smb.conf.template
+/etc/smbd/smb.conf
+/etc/smbd/smbdpwd.db
+endef
+
+$(eval $(call BuildPackage,smbd-server))
+$(eval $(call BuildPackage,smbd-utils))
--- /dev/null
+[global]
+ netbios name = |NAME|
+ server string = |DESCRIPTION|
+ workgroup = |WORKGROUP|
+ interfaces = |INTERFACES|
+ bind interfaces only = yes
+ ipc timeout = 20
+ deadtime = 15
+ map to guest = Bad User
+ smb2 max read = 64K
+ smb2 max write = 64K
+ smb2 max trans = 64K
+ cache read buffers = no
+ cache trans buffers = no
--- /dev/null
+config globals
+ option 'workgroup' 'WORKGROUP'
+ option 'description' 'SMBD on OpenWrt'
--- /dev/null
+config globals
+ option 'description' 'SMBD on OpenWrt'
+
+config share
+ option name 'testshare'
+ option path '/tmp'
+ option read_only 'no'
+ option guest_ok 'yes'
+ option create_mask '0666'
+ option dir_mask '0777'
+ option force_root '1'
--- /dev/null
+#!/bin/sh /etc/rc.common
+
+START=98
+USE_PROCD=1
+
+SMBD_IFACE=""
+
+smb_header()
+{
+ config_get SMBD_IFACE $1 interface "lan"
+
+ # resolve interfaces
+ local interfaces
+ interfaces=$(
+ . /lib/functions/network.sh
+
+ local net
+ for net in $SMBD_IFACE; do
+ local device
+ network_is_up $net || continue
+ network_get_device device "$net"
+ echo -n "${device:-$net} "
+ done
+ )
+
+ local workgroup description
+ local hostname
+ hostname="$(cat /proc/sys/kernel/hostname)"
+
+ config_get workgroup $1 workgroup "WORKGROUP"
+ config_get description $1 description "SMBD on OpenWrt"
+
+ sed -e "s#|NAME|#$hostname#g" \
+ -e "s#|WORKGROUP|#$workgroup#g" \
+ -e "s#|DESCRIPTION|#$description#g" \
+ -e "s#|INTERFACES|#$interfaces#g" \
+ /etc/smbd/smb.conf.template > /var/etc/smbd/smb.conf
+
+ [ -e /etc/smbd/smb.conf ] || ln -nsf /var/etc/smbd/smb.conf /etc/smbd/smb.conf
+
+ if [ ! -L /etc/smbd/smb.conf ]; then
+ logger -p daemon.warn -t 'smbd' "Local custom /etc/smbd/smb.conf file detected, all UCI/Luci config settings are ignored!"
+ fi
+}
+
+smb_add_share()
+{
+ local name
+ local path
+ local comment
+ local users
+ local create_mask
+ local dir_mask
+ local browseable
+ local read_only
+ local writeable
+ local guest_ok
+ local force_root
+ local write_list
+ local read_list
+ local hide_dot_files
+ local veto_files
+ local inherit_owner
+ local force_create_mode
+ local force_directory_mode
+
+ config_get name $1 name
+ config_get path $1 path
+ config_get comment $1 comment
+ config_get users $1 users
+ config_get create_mask $1 create_mask
+ config_get dir_mask $1 dir_mask
+ config_get browseable $1 browseable
+ config_get read_only $1 read_only
+ config_get writeable $1 writeable
+ config_get guest_ok $1 guest_ok
+ config_get_bool force_root $1 force_root 0
+ config_get write_list $1 write_list
+ config_get read_list $1 read_list
+ config_get hide_dot_files $1 hide_dot_files
+ config_get veto_files $1 veto_files
+ config_get inherit_owner $1 inherit_owner
+ config_get force_create_mode $1 force_create_mode
+ config_get force_directory_mode $1 force_directory_mode
+
+ [ -z "$name" ] || [ -z "$path" ] && return
+
+ {
+ printf "\n[%s]\n\tpath = %s\n" "$name" "$path"
+ [ -n "$comment" ] && printf "\tcomment = %s\n" "$comment"
+
+ if [ "$force_root" -eq 1 ]; then
+ printf "\tforce user = %s\n" "root"
+ printf "\tforce group = %s\n" "root"
+ else
+ [ -n "$users" ] && printf "\tvalid users = %s\n" "$users"
+ fi
+
+ [ -n "$create_mask" ] && printf "\tcreate mask = %s\n" "$create_mask"
+ [ -n "$dir_mask" ] && printf "\tdirectory mask = %s\n" "$dir_mask"
+ [ -n "$force_create_mode" ] && printf "\tforce create mode = %s\n" "$force_create_mode"
+ [ -n "$force_directory_mode" ] && printf "\tforce directory mode = %s\n" "$force_directory_mode"
+
+ [ -n "$browseable" ] && printf "\tbrowseable = %s\n" "$browseable"
+ [ -n "$read_only" ] && printf "\tread only = %s\n" "$read_only"
+ [ -n "$writeable" ] && printf "\twriteable = %s\n" "$writeable"
+
+ [ -n "$guest_ok" ] && printf "\tguest ok = %s\n" "$guest_ok"
+ [ -n "$inherit_owner" ] && printf "\tinherit owner = %s\n" "$inherit_owner"
+
+ [ -n "$write_list" ] && printf "\twrite list = %s\n" "$write_list"
+ [ -n "$read_list" ] && printf "\tread list = %s\n" "$read_list"
+
+ [ -n "$hide_dot_files" ] && printf "\thide dot files = %s\n" "$hide_dot_files"
+ [ -n "$veto_files" ] && printf "\tveto files = %s\n" "$veto_files"
+ } >> /var/etc/smbd/smb.conf
+}
+
+init_config()
+{
+ mkdir -p /var/etc/smbd
+
+ config_load smbd
+ # allow copy&paste from samba UCI configs (we dont have a smbd wiki yet)
+ config_foreach smb_header globals
+ config_foreach smb_header samba
+ config_foreach smb_add_share share
+ config_foreach smb_add_share sambashare
+}
+
+service_triggers()
+{
+ # PROCD_RELOAD_DELAY=1000
+
+ procd_add_reload_trigger "dhcp" "system" "smbd"
+
+ local i
+ for i in $SMBD_IFACE; do
+ procd_add_reload_interface_trigger $i
+ done
+}
+
+kill_server()
+{
+ if [ -e /sys/module/smbd ]; then
+ if [ -e /sys/class/smbd-control/kill_server ]; then
+ logger -p daemon.info -t 'smbd' "triggering kill_server"
+ echo hard > /sys/class/smbd-control/kill_server
+ fi
+ fi
+}
+
+start_service()
+{
+ init_config
+
+ if [ ! -e /etc/smbd/smb.conf ]; then
+ logger -p daemon.error -t 'smbd' "missing config /etc/smbd/smb.conf!"
+ exit 1
+ fi
+
+ # NOTE: We don't do a soft-reload via signal, since [global] smb.conf setting changes will be ignored, so always reset hard.
+ kill_server
+
+ [ ! -e /sys/module/smbd ] && modprobe smbd 2> /dev/null
+ if [ ! -e /sys/module/smbd ]; then
+ logger -p daemon.error -t 'smbd' "modprobe of smbd module failed, can\'t start smbd!"
+ exit 1
+ fi
+
+ logger -p daemon.notice -t 'smbd' "Starting SMBD userspace service."
+ procd_open_instance
+ procd_add_mdns "smb" "tcp" "445"
+ procd_set_param command /usr/sbin/usmbd --n
+ procd_set_param file /etc/smbd/smb.conf
+ procd_set_param limits nofile=16384
+ procd_close_instance
+}
+
+stop_service()
+{
+ logger -p daemon.notice -t 'smbd' "Stopping SMBD userspace service."
+ killall usmbd > /dev/null 2>&1
+
+ [ -e /sys/module/smbd ] && rmmod smbd > /dev/null 2>&1
+ # kill server if we cant rmmod
+ [ -e /sys/module/smbd ] && kill_server
+ # next try
+ [ -e /sys/module/smbd ] && rmmod smbd > /dev/null 2>&1
+
+ if [ -e /sys/module/smbd ]; then
+ logger -p daemon.error -t 'smbd' "module still loaded after kill_server?"
+ fi
+ [ -f /tmp/smbd.lock ] && rm /tmp/smbd.lock
+}
+
+# reload_service() {
+ # restart "$@"
+# }
PKG_NAME:=sqm-scripts
PKG_SOURCE_VERSION:=ab763cba8b1516b3afa99760e0ca884f8b8d93b8
PKG_VERSION:=1.4.0
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_LICENSE:=GPLv2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_RELEASE).tar.xz
TITLE:=SQM Scripts - LuCI interface
MAINTAINER:=Toke Høiland-Jørgensen <toke@toke.dk>
PKGARCH:=all
- DEPENDS:= +lua +luci-base +luci-compat +sqm-scripts
+ DEPENDS:=+luci-compat +sqm-scripts
SUBMENU:=3. Applications
endef
include $(TOPDIR)/rules.mk
PKG_NAME:=sstp-client
-PKG_VERSION:=1.0.12
-PKG_RELEASE:=3
+PKG_VERSION:=1.0.13
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@SF/sstp-client/$(PKG_VERSION)
-PKG_HASH:=487eb406579689803ce0397f6102b18641e4572ac7bc9b9e5f3027c84dcf67ff
-PKG_LICENSE=GPLv2
+PKG_HASH:=961258fca0795d8ad60b047942cf7cb53d025d353fd1e4ba08c2b75799f5321b
-include $(INCLUDE_DIR)/package.mk
+PKG_MAINTAINER:=Federico Di Marco <fededim@gmail.com>
+PKG_LICENSE:=GPL-2.0-or-later
+PKG_LICENSE_FILES:=COPYING
-TARGET_CPPFLAGS += -I$(PKG_BUILD_DIR)/include
+include $(INCLUDE_DIR)/package.mk
define Package/sstp-client
SECTION:=net
DEPENDS=+libevent2 +libopenssl +ppp +resolveip
TITLE:=SSTP-Client is a SSTP client for Linux.
URL:=http://sstp-client.sourceforge.net/
- MAINTAINER:=Federico Di Marco <fededim@gmail.com>
endef
define Package/sstp-client/description
/etc/ppp/peers/peer-sstp-example.txt
endef
+TARGET_CPPFLAGS += -I$(PKG_BUILD_DIR)/include
+
define Package/sstp-client/install
$(INSTALL_DIR) $(1)/usr/{bin,lib}
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/.libs/sstpc $(1)/usr/bin/
$(CP) $(PKG_BUILD_DIR)/src/libsstp-api/.libs/*.so* $(1)/usr/lib/
$(CP) $(PKG_BUILD_DIR)/src/pppd-plugin/.libs/*.so* $(1)/usr/lib/
-
+
$(INSTALL_DIR) $(1)/etc
- $(CP) files/etc $(1)
+ $(CP) files/etc $(1)
$(INSTALL_DIR) $(1)/lib/netifd/proto
$(INSTALL_BIN) ./files/lib/netifd/proto/sstp.sh $(1)/lib/netifd/proto
endef
/* Initialize the OpenSSL library */
status = SSL_library_init();
if (status != 1)
-@@ -487,6 +488,7 @@ static status_t sstp_init_ssl(sstp_client_st *client, sstp_option_st *opt)
-
- /* Load all error strings */
- SSL_load_error_strings();
-+#endif
+@@ -490,6 +491,9 @@ static status_t sstp_init_ssl(sstp_client_st *client, sstp_option_st *opt)
/* Create a new crypto context */
client->ssl_ctx = SSL_CTX_new(SSLv23_client_method());
++#else
++ client->ssl_ctx = SSL_CTX_new(TLS_client_method());
++#endif
+ if (client->ssl_ctx == NULL)
+ {
+ log_err("Could not get SSL crypto context");
include $(TOPDIR)/rules.mk
PKG_NAME:=strongswan
-PKG_VERSION:=5.8.1
+PKG_VERSION:=5.8.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://download.strongswan.org/ https://download2.strongswan.org/
-PKG_HASH:=d9af70acea5c054952ad1584916c1bf231b064eb6c8a9791dcb6ae90a769990c
+PKG_HASH:=86900ddbe7337c923dadf2c8339ae8ed2b9158e3691745884d08ae534677430e
PKG_LICENSE:=GPL-2.0-or-later
PKG_MAINTAINER:=Stijn Tintel <stijn@linux-ipv6.be>
PKG_CPE_ID:=cpe:/a:strongswan:strongswan
local dpddelay
local inactivity
local keyexchange
+ local reqid
config_get mode "$1" mode "route"
config_get local_subnet "$1" local_subnet ""
config_get dpddelay "$1" dpddelay "30s"
config_get inactivity "$1" inactivity
config_get keyexchange "$1" keyexchange "ikev2"
+ config_get reqid "$1" reqid
[ -n "$local_nat" ] && local_subnet=$local_nat
ipsec_xappend " dpddelay=$dpddelay"
[ -n "$inactivity" ] && ipsec_xappend " inactivity=$inactivity"
+ [ -n "$reqid" ] && ipsec_xappend " reqid=$reqid"
if [ "$auth_method" = "psk" ]; then
ipsec_xappend " leftauth=psk"
--- a/configure.ac
+++ b/configure.ac
-@@ -136,6 +136,7 @@ ARG_DISBL_SET([fips-prf], [disable
+@@ -137,6 +137,7 @@ ARG_DISBL_SET([fips-prf], [disable
ARG_ENABL_SET([gcm], [enables the GCM AEAD wrapper crypto plugin.])
ARG_ENABL_SET([gcrypt], [enables the libgcrypt plugin.])
ARG_DISBL_SET([gmp], [disable GNU MP (libgmp) based crypto implementation plugin.])
ARG_DISBL_SET([curve25519], [disable Curve25519 Diffie-Hellman plugin.])
ARG_DISBL_SET([hmac], [disable HMAC crypto implementation plugin.])
ARG_ENABL_SET([md4], [enable MD4 software implementation plugin.])
-@@ -1431,6 +1432,7 @@ ADD_PLUGIN([botan], [s ch
+@@ -1434,6 +1435,7 @@ ADD_PLUGIN([botan], [s ch
ADD_PLUGIN([af-alg], [s charon scepclient pki scripts medsrv attest nm cmd aikgen])
ADD_PLUGIN([fips-prf], [s charon nm cmd])
ADD_PLUGIN([gmp], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen fuzz])
ADD_PLUGIN([curve25519], [s charon pki scripts nm cmd])
ADD_PLUGIN([agent], [s charon nm cmd])
ADD_PLUGIN([keychain], [s charon cmd])
-@@ -1571,6 +1573,7 @@ AM_CONDITIONAL(USE_SHA3, test x$sha3 = x
+@@ -1575,6 +1577,7 @@ AM_CONDITIONAL(USE_SHA3, test x$sha3 = x
AM_CONDITIONAL(USE_MGF1, test x$mgf1 = xtrue)
AM_CONDITIONAL(USE_FIPS_PRF, test x$fips_prf = xtrue)
AM_CONDITIONAL(USE_GMP, test x$gmp = xtrue)
AM_CONDITIONAL(USE_CURVE25519, test x$curve25519 = xtrue)
AM_CONDITIONAL(USE_RDRAND, test x$rdrand = xtrue)
AM_CONDITIONAL(USE_AESNI, test x$aesni = xtrue)
-@@ -1846,6 +1849,7 @@ AC_CONFIG_FILES([
+@@ -1851,6 +1854,7 @@ AC_CONFIG_FILES([
src/libstrongswan/plugins/mgf1/Makefile
src/libstrongswan/plugins/fips_prf/Makefile
src/libstrongswan/plugins/gmp/Makefile
src/libstrongswan/plugins/aesni/Makefile
--- a/src/libstrongswan/Makefile.am
+++ b/src/libstrongswan/Makefile.am
-@@ -341,6 +341,13 @@ if MONOLITHIC
+@@ -344,6 +344,13 @@ if MONOLITHIC
endif
endif
PKG_NAME:=stubby
PKG_VERSION:=0.2.6
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=COPYING
SUBMENU:=IP Addresses and Names
TITLE+= - (daemon that uses getdns)
USERID:=stubby=410:stubby=410
- DEPENDS:= +libyaml +getdns +ca-certificates
+ DEPENDS:= +libyaml +getdns +ca-certs
endef
define Package/stubby/description
Installation of this package can be achieved at the command line using `opkg
install stubby`, or via the LUCI Web Interface. Installing the stubby package
will also install the required dependency packages, including the
-`ca-certificates` package.
+`ca-bundle` package.
## Configuration
include $(TOPDIR)/rules.mk
PKG_NAME:=stunnel
-PKG_VERSION:=5.55
-PKG_RELEASE:=2
+PKG_VERSION:=5.56
+PKG_RELEASE:=1
PKG_LICENSE:=GPL-2.0-or-later
PKG_MAINTAINER:=Florian Eckert <fe@dev.tdt.de>
https://www.usenix.org.uk/mirrors/stunnel/archive/$(word 1, $(subst .,$(space),$(PKG_VERSION))).x/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_HASH:=90de69f41c58342549e74c82503555a6426961b29af3ed92f878192727074c62
+PKG_HASH:=7384bfb356b9a89ddfee70b5ca494d187605bb516b4fff597e167f97e2236b22
PKG_FIXUP:=autoreconf
PKG_FIXUP:=patch-libtool
include $(TOPDIR)/rules.mk
PKG_NAME:=subversion
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_VERSION:=1.13.0
PKG_SOURCE_URL:=@APACHE/subversion
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
CATEGORY:=Network
SUBMENU:=Version Control Systems
TITLE:=A compelling replacement for CVS
- DEPENDS:=+PACKAGE_unixodbc:unixodbc +libaprutil +libmagic $(ICONV_DEPENDS) $(INTL_DEPENDS)
+ DEPENDS:=+PACKAGE_unixodbc:unixodbc +libaprutil +libmagic +libsqlite3 $(ICONV_DEPENDS) $(INTL_DEPENDS)
URL:=https://subversion.apache.org/
endef
include $(TOPDIR)/rules.mk
PKG_NAME:=tinyproxy
-PKG_VERSION:=1.8.3
-PKG_RELEASE:=3
+PKG_VERSION:=1.10.0
+PKG_RELEASE:=1
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_SOURCE_URL:=http://www.banu.com/pub/tinyproxy/1.8/
-PKG_HASH:=be559b54eb4772a703ad35239d1cb59d32f7cf8a739966742622d57df88b896e
-PKG_MAINTAINER:=Jo-Philipp Wich <jo@mein.io>
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
+PKG_SOURCE_URL:=https://github.com/tinyproxy/tinyproxy/releases/download/$(PKG_VERSION)
+PKG_HASH:=59be87689c415ba0d9c9bc6babbdd3df3b372d60b21e526b118d722dbc995682
+PKG_MAINTAINER:=Jo-Philipp Wich <jo@mein.io>
+PKG_LICENSE:=GPL-2.0-or-later
+PKG_LICENSE_FILES:=COPYING
PKG_CPE_ID:=cpe:/a:banu:tinyproxy
PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
SECTION:=net
CATEGORY:=Network
TITLE:=Tinyproxy is a lightweight HTTP and HTTPS proxy
- URL:=http://tinyproxy.sourceforge.net/
+ URL:=https://tinyproxy.github.io/
endef
define Package/tinyproxy/conffiles
/etc/config/tinyproxy
endef
-CONFIGURE_ARGS+= \
- --enable-filter \
- --enable-transparent \
- --disable-regexcheck \
+CONFIGURE_VARS += ac_cv_path_A2X=no
define Package/tinyproxy/install
- $(INSTALL_DIR) $(1)/usr/sbin
- $(CP) $(PKG_INSTALL_DIR)/usr/sbin/tinyproxy $(1)/usr/sbin/
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/tinyproxy $(1)/usr/bin/
$(INSTALL_DIR) $(1)/usr/share/tinyproxy
$(CP) $(PKG_INSTALL_DIR)/usr/share/tinyproxy/*.html $(1)/usr/share/tinyproxy/
$(INSTALL_DIR) $(1)/etc/config
CFGFILE=/var/etc/tinyproxy.conf
section_enabled() {
+ local enabled
config_get_bool enabled "$1" 'enabled' 0
- [ $enabled -gt 0 ]
+ [ "$enabled" -gt 0 ]
}
start() {
start_proxy() {
section_enabled "$1" || return 1
- mkdir -m0755 -p /var/etc
- echo '### AUTOGENERATED CONFIGURATION' > $CFGFILE
- echo '### DO NOT EDIT' >> $CFGFILE
- echo '### SEE /etc/config/tinyproxy INSTEAD' >> $CFGFILE
- echo '' >> $CFGFILE
+ mkdir -p /var/etc
+ chmod 0755 /var/etc
+ {
+ echo '### AUTOGENERATED CONFIGURATION'
+ echo '### DO NOT EDIT'
+ echo '### SEE /etc/config/tinyproxy INSTEAD'
+ echo ''
- proxy_atom "$1" User >> $CFGFILE
- proxy_atom "$1" Group >> $CFGFILE
- proxy_atom "$1" Port 8888 >> $CFGFILE
- proxy_atom "$1" Listen >> $CFGFILE
- proxy_atom "$1" Bind >> $CFGFILE
- proxy_atom "$1" Timeout >> $CFGFILE
+ proxy_atom "$1" User
+ proxy_atom "$1" Group
+ proxy_atom "$1" Port 8888
+ proxy_atom "$1" Listen
+ proxy_atom "$1" Bind
+ proxy_atom "$1" Timeout
- proxy_string "$1" ErrorFile_400 "ErrorFile 400" >> $CFGFILE
- proxy_string "$1" ErrorFile_403 "ErrorFile 403" >> $CFGFILE
- proxy_string "$1" ErrorFile_404 "ErrorFile 404" >> $CFGFILE
- proxy_string "$1" ErrorFile_408 "ErrorFile 408" >> $CFGFILE
- proxy_string "$1" ErrorFile_503 "ErrorFile 503" >> $CFGFILE
+ proxy_string "$1" ErrorFile_400 "ErrorFile 400"
+ proxy_string "$1" ErrorFile_403 "ErrorFile 403"
+ proxy_string "$1" ErrorFile_404 "ErrorFile 404"
+ proxy_string "$1" ErrorFile_408 "ErrorFile 408"
+ proxy_string "$1" ErrorFile_503 "ErrorFile 503"
- proxy_string "$1" DefaultErrorFile >> $CFGFILE
- proxy_string "$1" StatHost StatHost 127.0.0.1 >> $CFGFILE
- proxy_string "$1" StatFile >> $CFGFILE
- proxy_string "$1" LogFile >> $CFGFILE
+ proxy_string "$1" DefaultErrorFile
+ proxy_string "$1" StatHost StatHost 127.0.0.1
+ proxy_string "$1" StatFile
+ proxy_string "$1" LogFile
- proxy_flag "$1" Syslog >> $CFGFILE
+ proxy_flag "$1" Syslog
- proxy_atom "$1" LogLevel >> $CFGFILE
+ proxy_atom "$1" LogLevel
- proxy_flag "$1" XTinyproxy >> $CFGFILE
+ proxy_flag "$1" XTinyproxy
- proxy_atom "$1" MaxClients >> $CFGFILE
- proxy_atom "$1" MinSpareServers >> $CFGFILE
- proxy_atom "$1" MaxSpareServers >> $CFGFILE
- proxy_atom "$1" StartServers >> $CFGFILE
- proxy_atom "$1" MaxRequestsPerChild >> $CFGFILE
- proxy_list "$1" Allow >> $CFGFILE
+ proxy_atom "$1" MaxClients
+ proxy_atom "$1" MinSpareServers
+ proxy_atom "$1" MaxSpareServers
+ proxy_atom "$1" StartServers
+ proxy_atom "$1" MaxRequestsPerChild
+ proxy_list "$1" Allow
- proxy_string "$1" ViaProxyName >> $CFGFILE
- proxy_string "$1" Filter >> $CFGFILE
+ proxy_string "$1" ViaProxyName
+ proxy_string "$1" Filter
- proxy_flag "$1" FilterURLs >> $CFGFILE
- proxy_flag "$1" FilterExtended >> $CFGFILE
- proxy_flag "$1" FilterCaseSensitive >> $CFGFILE
- proxy_flag "$1" FilterDefaultDeny Yes No >> $CFGFILE
+ proxy_flag "$1" FilterURLs
+ proxy_flag "$1" FilterExtended
+ proxy_flag "$1" FilterCaseSensitive
+ proxy_flag "$1" FilterDefaultDeny Yes No
- proxy_list "$1" Anonymous '"' >> $CFGFILE
- proxy_list "$1" ConnectPort >> $CFGFILE
+ proxy_list "$1" Anonymous '"'
+ proxy_list "$1" ConnectPort
config_foreach write_upstream upstream
+ } > "$CFGFILE"
service_start /usr/sbin/tinyproxy -c "$CFGFILE"
}
config_get target "$1" target
[ -n "$target" ] && target=' "'"$target"'"'
- [ "$type" == "proxy" -a -n "$via" ] && \
- echo "upstream $via$target" >> $CFGFILE
+ [ "$type" = "proxy" ] && [ -n "$via" ] && \
+ echo "upstream $via$target"
- [ "$type" == "reject" -a -n "$target" ] && \
- echo "no upstream$target" >> $CFGFILE
+ [ "$type" = "reject" ] && [ -n "$target" ] && \
+ echo "no upstream$target"
}
proxy_atom() {
config_get _value "$SECTION" "$OPTION"
[ -z "$_value" ] && _value="$DEFAULT"
[ -n "$_value" ] && echo "${ALIAS:-${OPTION}} "'"'"$_value"'"'
- [ -n "$_value" -a "$OPTION" = "LogFile" ] && {
- touch $_value
- chmod 666 $_value
+ [ -n "$_value" ] && [ "$OPTION" = "LogFile" ] && {
+ touch "$_value"
+ chmod 666 "$_value"
}
}
+++ /dev/null
---- a/configure
-+++ b/configure
-@@ -6815,59 +6815,8 @@ fi
-
-
-
--# Check for asciidoc
--# Extract the first word of "a2x", so it can be a program name with args.
--set dummy a2x; ac_word=$2
--{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
--$as_echo_n "checking for $ac_word... " >&6; }
--if test "${ac_cv_path_A2X+set}" = set; then :
-- $as_echo_n "(cached) " >&6
--else
-- case $A2X in
-- [\\/]* | ?:[\\/]*)
-- ac_cv_path_A2X="$A2X" # Let the user override the test with a path.
-- ;;
-- *)
-- as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
--for as_dir in $PATH
--do
-- IFS=$as_save_IFS
-- test -z "$as_dir" && as_dir=.
-- for ac_exec_ext in '' $ac_executable_extensions; do
-- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
-- ac_cv_path_A2X="$as_dir/$ac_word$ac_exec_ext"
-- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-- break 2
-- fi
--done
-- done
--IFS=$as_save_IFS
--
-- test -z "$ac_cv_path_A2X" && ac_cv_path_A2X="no"
-- ;;
--esac
--fi
--A2X=$ac_cv_path_A2X
--if test -n "$A2X"; then
-- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $A2X" >&5
--$as_echo "$A2X" >&6; }
--else
-- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
--$as_echo "no" >&6; }
--fi
--
--
-- if test "x$A2X" != "xno"; then
-- HAVE_A2X_TRUE=
-- HAVE_A2X_FALSE='#'
--else
- HAVE_A2X_TRUE='#'
- HAVE_A2X_FALSE=
--fi
--
--if test x"$A2X" = x"no"; then
-- as_fn_error $? "Test for asciidoc failed. See the file 'INSTALL' for help." "$LINENO" 5
--fi
-
- ac_config_files="$ac_config_files Makefile src/Makefile data/Makefile data/templates/Makefile etc/Makefile docs/Makefile docs/man5/Makefile docs/man5/tinyproxy.conf.txt docs/man8/Makefile docs/man8/tinyproxy.txt m4macros/Makefile tests/Makefile tests/scripts/Makefile"
-
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -2,9 +2,7 @@ SUBDIRS = \
- src \
- data \
- etc \
-- docs \
- m4macros \
-- tests
-
- # tools want this on a single line
- ACLOCAL_AMFLAGS = -I m4macros
---- a/Makefile.in
-+++ b/Makefile.in
-@@ -222,9 +222,7 @@ SUBDIRS = \
- src \
- data \
- etc \
-- docs \
- m4macros \
-- tests
-
-
- # tools want this on a single line
---- a/src/main.c
-+++ b/src/main.c
-@@ -326,8 +326,8 @@ static void initialize_config_defaults (
- conf->errorpages = NULL;
- conf->stathost = safestrdup (TINYPROXY_STATHOST);
- conf->idletimeout = MAX_IDLE_TIME;
-- conf->logf_name = safestrdup (LOCALSTATEDIR "/log/tinyproxy/tinyproxy.log");
-- conf->pidpath = safestrdup (LOCALSTATEDIR "/run/tinyproxy/tinyproxy.pid");
-+ conf->logf_name = safestrdup (LOCALSTATEDIR "/log/tinyproxy.log");
-+ conf->pidpath = safestrdup (LOCALSTATEDIR "/tinyproxy.pid");
- }
+--- a/etc/tinyproxy.conf.in
++++ b/etc/tinyproxy.conf.in
+@@ -93,7 +93,7 @@ StatFile "@pkgdatadir@/stats.html"
+ # exclusive. If neither Syslog nor LogFile are specified, output goes
+ # to stdout.
+ #
+-#LogFile "@localstatedir@/log/tinyproxy/tinyproxy.log"
++LogFile "@localstatedir@/log/tinyproxy.log"
- /**
+ #
+ # Syslog: Tell tinyproxy to use syslog instead of a logfile. This
+@@ -124,7 +124,7 @@ LogLevel Info
+ # can be used for signalling purposes.
+ # If not specified, no pidfile will be written.
+ #
+-#PidFile "@localstatedir@/run/tinyproxy/tinyproxy.pid"
++PidFile "@localstatedir@/tinyproxy.pid"
+
+ #
+ # XTinyproxy: Tell Tinyproxy to include the X-Tinyproxy header, which
+++ /dev/null
---- a/src/conf.c
-+++ b/src/conf.c
-@@ -865,7 +865,6 @@ static HANDLE_FUNC (handle_deny)
-
- static HANDLE_FUNC (handle_bind)
- {
--#ifndef TRANSPARENT_PROXY
- int r = set_string_arg (&conf->bind_address, line, &match[2]);
-
- if (r)
-@@ -873,11 +872,6 @@ static HANDLE_FUNC (handle_bind)
- log_message (LOG_INFO,
- "Outgoing connections bound to IP %s", conf->bind_address);
- return 0;
--#else
-- fprintf (stderr,
-- "\"Bind\" cannot be used with transparent support enabled.\n");
-- return 1;
--#endif
- }
-
- static HANDLE_FUNC (handle_listen)
{
struct addrinfo hints, *res, *ressave;
-@@ -48,7 +47,7 @@ bind_socket (int sockfd, const char *add
+@@ -48,7 +47,7 @@ bind_socket (int sockfd, const char *addr, int family)
assert (addr != NULL && strlen (addr) != 0);
memset (&hints, 0, sizeof (struct addrinfo));
hints.ai_socktype = SOCK_STREAM;
/* The local port it not important */
-@@ -106,14 +105,12 @@ int opensock (const char *host, int port
+@@ -112,14 +111,12 @@ int opensock (const char *host, int port, const char *bind_to)
/* Bind to the specified address */
if (bind_to) {
+++ /dev/null
---- a/src/child.c
-+++ b/src/child.c
-@@ -20,6 +20,9 @@
- * processing incoming connections.
- */
-
-+#include <stdlib.h>
-+#include <time.h>
-+
- #include "main.h"
-
- #include "child.h"
-@@ -196,6 +199,7 @@ static void child_main (struct child_s *
- }
-
- ptr->connects = 0;
-+ srand(time(NULL));
-
- while (!config.quit) {
- ptr->status = T_WAITING;
---- a/src/hashmap.c
-+++ b/src/hashmap.c
-@@ -25,6 +25,8 @@
- * don't try to free the data, or realloc the memory. :)
- */
-
-+#include <stdlib.h>
-+
- #include "main.h"
-
- #include "hashmap.h"
-@@ -50,6 +52,7 @@ struct hashbucket_s {
- };
-
- struct hashmap_s {
-+ uint32_t seed;
- unsigned int size;
- hashmap_iter end_iterator;
-
-@@ -65,7 +68,7 @@ struct hashmap_s {
- *
- * If any of the arguments are invalid a negative number is returned.
- */
--static int hashfunc (const char *key, unsigned int size)
-+static int hashfunc (const char *key, unsigned int size, uint32_t seed)
- {
- uint32_t hash;
-
-@@ -74,7 +77,7 @@ static int hashfunc (const char *key, un
- if (size == 0)
- return -ERANGE;
-
-- for (hash = tolower (*key++); *key != '\0'; key++) {
-+ for (hash = seed; *key != '\0'; key++) {
- uint32_t bit = (hash & 1) ? (1 << (sizeof (uint32_t) - 1)) : 0;
-
- hash >>= 1;
-@@ -104,6 +107,7 @@ hashmap_t hashmap_create (unsigned int n
- if (!ptr)
- return NULL;
-
-+ ptr->seed = (uint32_t)rand();
- ptr->size = nbuckets;
- ptr->buckets = (struct hashbucket_s *) safecalloc (nbuckets,
- sizeof (struct
-@@ -201,7 +205,7 @@ hashmap_insert (hashmap_t map, const cha
- if (!data || len < 1)
- return -ERANGE;
-
-- hash = hashfunc (key, map->size);
-+ hash = hashfunc (key, map->size, map->seed);
- if (hash < 0)
- return hash;
-
-@@ -382,7 +386,7 @@ ssize_t hashmap_search (hashmap_t map, c
- if (map == NULL || key == NULL)
- return -EINVAL;
-
-- hash = hashfunc (key, map->size);
-+ hash = hashfunc (key, map->size, map->seed);
- if (hash < 0)
- return hash;
-
-@@ -416,7 +420,7 @@ ssize_t hashmap_entry_by_key (hashmap_t
- if (!map || !key || !data)
- return -EINVAL;
-
-- hash = hashfunc (key, map->size);
-+ hash = hashfunc (key, map->size, map->seed);
- if (hash < 0)
- return hash;
-
-@@ -451,7 +455,7 @@ ssize_t hashmap_remove (hashmap_t map, c
- if (map == NULL || key == NULL)
- return -EINVAL;
-
-- hash = hashfunc (key, map->size);
-+ hash = hashfunc (key, map->size, map->seed);
- if (hash < 0)
- return hash;
-
+++ /dev/null
---- a/src/reqs.c
-+++ b/src/reqs.c
-@@ -610,6 +610,11 @@ add_header_to_connection (hashmap_t hash
- return hashmap_insert (hashofheaders, header, sep, len);
- }
-
-+/* define max number of headers. big enough to handle legitimate cases,
-+ * but limited to avoid DoS
-+ */
-+#define MAX_HEADERS 10000
-+
- /*
- * Read all the headers from the stream
- */
-@@ -617,6 +622,7 @@ static int get_all_headers (int fd, hash
- {
- char *line = NULL;
- char *header = NULL;
-+ int count;
- char *tmp;
- ssize_t linelen;
- ssize_t len = 0;
-@@ -625,7 +631,7 @@ static int get_all_headers (int fd, hash
- assert (fd >= 0);
- assert (hashofheaders != NULL);
-
-- for (;;) {
-+ for (count = 0; count < MAX_HEADERS; count++) {
- if ((linelen = readline (fd, &line)) <= 0) {
- safefree (header);
- safefree (line);
-@@ -691,6 +697,12 @@ static int get_all_headers (int fd, hash
-
- safefree (line);
- }
-+
-+ /* if we get there, this is we reached MAX_HEADERS count.
-+ bail out with error */
-+ safefree (header);
-+ safefree (line);
-+ return -1;
- }
-
- /*
include $(TOPDIR)/rules.mk
PKG_NAME:=tor
-PKG_VERSION:=0.4.1.6
-PKG_RELEASE:=1
+PKG_VERSION:=0.4.2.5
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://dist.torproject.org/ \
https://archive.torproject.org/tor-package-archive
-PKG_HASH:=2a88524ce426079fb9b828bc1b789f2c8ade3ed53c130851102debc3518bed71
+PKG_HASH:=4d5975862e7808faebe9960def6235669fafeeac844cb76965501fa7af79d8c2
PKG_MAINTAINER:=Hauke Mehrtens <hauke@hauke-m.de> \
Peter Wagner <tripolar@gmx.at>
PKG_LICENSE_FILES:=LICENSE
procd_open_instance
procd_set_param command /usr/sbin/tor --runasdaemon 0
+ procd_set_param respawn
procd_close_instance
}
PKG_NAME:=transmission
PKG_VERSION:=2.94
-PKG_RELEASE:=8
+PKG_RELEASE:=12
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@GITHUB/transmission/transmission-releases/master
PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/package-seccomp.mk
define Package/transmission/template
SUBMENU:=BitTorrent
$(INSTALL_CONF) files/transmission.config $(1)/etc/config/transmission
$(INSTALL_DIR) $(1)/etc/sysctl.d/
$(INSTALL_CONF) files/transmission.sysctl $(1)/etc/sysctl.d/20-transmission.conf
+ $(call InstallSeccomp,$(1),./files/transmission-daemon.json)
endef
Package/transmission-daemon-mbedtls/install = $(Package/transmission-daemon-openssl/install)
--- /dev/null
+{
+ "whitelist": [
+ "accept4",
+ "access",
+ "arm_fadvise64_64",
+ "bind",
+ "brk",
+ "clock_gettime",
+ "clone",
+ "close",
+ "connect",
+ "epoll_create1",
+ "epoll_ctl",
+ "epoll_pwait",
+ "exit",
+ "exit_group",
+ "fadvise64",
+ "fallocate",
+ "fcntl",
+ "fcntl64",
+ "fstat",
+ "fstat64",
+ "fsync",
+ "futex",
+ "getdents64",
+ "getpeername",
+ "getpid",
+ "getsockname",
+ "getsockopt",
+ "ioctl",
+ "listen",
+ "_llseek",
+ "lseek",
+ "madvise",
+ "membarrier",
+ "mkdir",
+ "mmap",
+ "mmap2",
+ "mprotect",
+ "munmap",
+ "nanosleep",
+ "_newselect",
+ "open",
+ "pipe",
+ "pipe2",
+ "poll",
+ "pread64",
+ "prlimit64",
+ "pwrite64",
+ "read",
+ "readlink",
+ "readv",
+ "recvfrom",
+ "rename",
+ "rmdir",
+ "rt_sigaction",
+ "rt_sigprocmask",
+ "rt_sigreturn",
+ "select",
+ "sendto",
+ "setsockopt",
+ "shutdown",
+ "sigreturn",
+ "socket",
+ "stat",
+ "stat64",
+ "umask",
+ "uname",
+ "unlink",
+ "write",
+ "writev"
+ ],
+ "policy": 1
+}
START=99
USE_PROCD=1
+PROG="/usr/bin/transmission-daemon"
LIST_SEP="
"
append_params() {
local p; local v; local s="$1"; shift
+ IFS="$LIST_SEP"
for p in "$@"; do
config_get v "$s" "$p"
- IFS="$LIST_SEP"
for v in $v; do
- [ -n "$v" ] && (
- echo "\"$p\": $v," | sed -e 's|_|-|g'
- ) >> "$config_file"
+ [ -n "$v" ] && echo "\"$p\": $v," | sed -e 's|_|-|g'
done
- unset IFS
done
+ unset IFS
}
append_params_quotes() {
local p; local v; local s="$1"; shift
+ IFS="$LIST_SEP"
for p in "$@"; do
config_get v "$s" "$p"
- IFS="$LIST_SEP"
for v in $v; do
- [ -n "$v" ] && (
+ [ -n "$v" ] && {
printf "\"%s" "$p" | sed -e 's|/|\\/|g;s|_|-|g'; \
echo "\": \"$v\","
- ) >> "$config_file"
+ }
done
- unset IFS
done
-}
-
-section_enabled() {
- config_get_bool enabled "$1" enabled 0
- [ $enabled -gt 0 ]
+ unset IFS
}
transmission() {
local cfg="$1"
- local USE
- local user
- local group
- local config_overwrite
- local download_dir config_dir
- local mem_percentage
- local nice
- local web_home
-
- section_enabled "$section" || return 1
+ local enabled
+ config_get_bool enabled "$cfg" enabled 0
+ [ "$enabled" -gt 0 ] || return 1
+ local config_dir
config_get config_dir "$cfg" 'config_dir' '/var/etc/transmission'
+ local user
config_get user "$cfg" 'user'
+ local group
config_get group "$cfg" 'group'
+ local download_dir
config_get download_dir "$cfg" 'download_dir' '/var/etc/transmission'
+ local incomplete_dir
+ config_get incomplete_dir "$cfg" 'incomplete_dir' '/var/etc/transmission'
+ local incomplete_dir_enabled
+ config_get incomplete_dir_enabled "$cfg" 'incomplete_dir_enabled' 0
+ local mem_percentage
config_get mem_percentage "$cfg" 'mem_percentage' '50'
+ local config_overwrite
config_get config_overwrite "$cfg" config_overwrite 1
+ local nice
config_get nice "$cfg" nice 0
+ local web_home
config_get web_home "$cfg" 'web_home'
local MEM
-
MEM=$(sed -ne 's!^MemTotal:[[:space:]]*\([0-9]*\) kB$!\1!p' /proc/meminfo)
- if test "$MEM" -gt 1;then
- USE=$((MEM * mem_percentage * 10))
- fi
+ local USE
+ [ "$MEM" -gt 1 ] && USE=$((MEM * mem_percentage * 10))
config_file="$config_dir/settings.json"
[ -d "$config_dir" ] || {
mkdir -p "$config_dir"
chmod 0755 "$config_dir"
touch "$config_file"
+ mkdir -p "$config_dir/resume"
+ mkdir -p "$config_dir/torrents"
+ mkdir -p "$config_dir/blocklists"
+ [ -e "$config_dir/stats.json" ] || touch "$config_dir/stats.json"
[ -z "$user" ] || chown -R "$user:$group" "$config_dir"
}
+ [ -d "$download_dir" ] || {
+ mkdir -p "$download_dir"
+ chmod 0755 "$download_dir"
+ [ -z "$user" ] || chown -R "$user:$group" "$download_dir"
+ }
+
+ [ "$incomplete_dir_enabled" = "0" ] || [ -d "$incomplete_dir" ] || {
+ mkdir -p "$incomplete_dir"
+ chmod 0755 "$incomplete_dir"
+ [ -z "$user" ] || chown -R "$user:$group" "$incomplete_dir"
+ }
+
[ "$config_overwrite" = 0 ] || {
- echo "{" > "$config_file"
+ echo "{"
append_params "$cfg" \
alt_speed_down alt_speed_enabled alt_speed_time_begin alt_speed_time_day \
cache_size_mb download_queue_enabled download_queue_size \
dht_enabled encryption idle_seeding_limit idle_seeding_limit_enabled \
incomplete_dir_enabled lazy_bitfield_enabled lpd_enabled message_level \
- peer_limit_global peer_limit_per_torrent peer_port \
+ peer_id_ttl_hours peer_limit_global peer_limit_per_torrent peer_port \
peer_port_random_high peer_port_random_low peer_port_random_on_start \
pex_enabled port_forwarding_enabled preallocation prefetch_enabled \
ratio_limit ratio_limit_enabled rename_partial_files rpc_authentication_required \
seed_queue_enabled seed_queue_size \
speed_limit_down speed_limit_down_enabled speed_limit_up \
speed_limit_up_enabled start_added_torrents trash_original_torrent_files \
- umask upload_slots_per_torrent utp_enabled scrape_paused_torrents \
+ umask upload_slots_per_torrent utp_enabled \
watch_dir_enabled rpc_host_whitelist_enabled
append_params_quotes "$cfg" \
peer_congestion_algorithm peer_socket_tos rpc_bind_address rpc_password rpc_url \
rpc_username rpc_host_whitelist rpc_whitelist script_torrent_done_filename watch_dir
- {
echo "\"invalid-key\": false"
echo "}"
- } >> "$config_file"
- }
+
+ } > "$config_file"
procd_open_instance
- procd_set_param command "/usr/bin/transmission-daemon"
- procd_append_param command -f --log-error -g "$config_dir"
+ procd_set_param command "$PROG"
+ procd_append_param command -f -g "$config_dir"
procd_set_param user "$user"
procd_set_param group "$group"
procd_set_param nice "$nice"
procd_set_param stderr 1
procd_set_param respawn
+ procd_set_param seccomp "/etc/seccomp/transmission-daemon.json"
if [ -z "$USE" ]; then
procd_set_param limits core="0 0"
logger -t transmission "Starting with $USE virt mem"
fi
- if test -d "$web_home"; then
- procd_set_param env TRANSMISSION_WEB_HOME="$web_home"
- fi
+ [ -d "$web_home" ] && procd_set_param env TRANSMISSION_WEB_HOME="$web_home"
procd_add_jail transmission log
procd_add_jail_mount "$config_file"
+ procd_add_jail_mount_rw "$config_dir/resume"
+ procd_add_jail_mount_rw "$config_dir/torrents"
+ procd_add_jail_mount_rw "$config_dir/blocklists"
+ procd_add_jail_mount_rw "$config_dir/stats.json"
procd_add_jail_mount_rw "$download_dir"
procd_close_instance
}
config_foreach transmission 'transmission'
}
+reload_service() {
+ procd_send_signal "$PROG"
+}
+
+service_triggers() {
+ procd_add_reload_trigger "transmission"
+}
include $(TOPDIR)/rules.mk
PKG_NAME:=unbound
-PKG_VERSION:=1.9.5
-PKG_RELEASE:=1
+PKG_VERSION:=1.9.6
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://nlnetlabs.nl/downloads/unbound
-PKG_HASH:=8a8d400f697c61d73d109c250743a1b6b79848297848026d82b43e831045db57
+PKG_HASH:=1d98fc6ea99197a20b4a0e540e87022cf523085786e0fc26de6ebb2720f5aaf0
PKG_MAINTAINER:=Eric Luehrsen <ericluehrsen@gmail.com>
PKG_LICENSE:=BSD-3-Clause
define Package/unbound-daemon
$(call Package/unbound/Default)
TITLE+= (daemon, light traffic)
- DEPENDS+= +libunbound
+ DEPENDS+= +libunbound-light
VARIANT:=light
endef
'libpthread' to better handle large networks with heavy query loads.
endef
-define Package/libunbound
+define Package/libunbound-light
$(call Package/unbound/Default)
SECTION:=libs
CATEGORY:=Libraries
SUBMENU:=Networking
TITLE+= (library, light traffic)
VARIANT:=light
+ PROVIDES:=libunbound
DEFAULT_VARIANT:=1
endef
-define Package/libunbound/description
+define Package/libunbound-light/description
This package contains the Unbound shared library with basic includes
necessary to meet the needs of UCI/LuCI configuration optoins.
endef
Package/unbound-daemon-heavy/install = $(Package/unbound-daemon/install)
-define Package/libunbound/install
+define Package/libunbound-light/install
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libunbound.so.* $(1)/usr/lib/
endef
-Package/libunbound-heavy/install = $(Package/libunbound/install)
+Package/libunbound-heavy/install = $(Package/libunbound-light/install)
define Package/unbound-anchor/install
$(INSTALL_DIR) $(1)/usr/sbin
$(eval $(call BuildPackage,unbound-daemon))
$(eval $(call BuildPackage,unbound-daemon-heavy))
-$(eval $(call BuildPackage,libunbound))
+$(eval $(call BuildPackage,libunbound-light))
$(eval $(call BuildPackage,libunbound-heavy))
$(eval $(call BuildPackage,unbound-anchor))
$(eval $(call BuildPackage,unbound-checkconf))
for ifsubnet in $UB_LIST_NETW_ALL ; do
case $ifsubnet in
"${ifdashname}"@*)
- # Special GLA protection for local block; ULA protected as a catagory
+ # Special GLA protection for local block; ULA protected default
UB_LIST_NETW_LAN="$UB_LIST_NETW_LAN $ifsubnet"
;;
esac
for server in $UB_LIST_ZONE_SERVERS ; do
if [ "$( valid_subnet_any $server )" = "not" ] ; then
case $server in
- *@[0-9]*)
+ *@[0-9]*|*#[A-Za-z0-9]*)
# unique Unbound option for server host name
servers_host="$servers_host $server"
;;
else
servers_host="$servers_host $server${port:+@${port}}"
fi
+ ;;
esac
else
case $server in
- *[0-9]@[0-9]*)
+ *@[0-9]*|*#[A-Za-z0-9]*)
# unique Unbound option for server address
servers_ip="$servers_ip $server"
;;
else
servers_ip="$servers_ip $server${port:+@${port}}"
fi
+ ;;
esac
fi
done
namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\""
echo "$namerec" >> $UB_HOST_CONF
fi
- ;;
+ ;;
esac
done
echo >> $UB_HOST_CONF
+++ /dev/null
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=uwsgi-cgi
-PKG_VERSION:=2.0.18
-PKG_RELEASE:=4
-
-PKG_SOURCE_URL= \
- https://projects.unbit.it/downloads \
- https://codeload.github.com/unbit/uwsgi/tar.gz/$(PKG_VERSION)?
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_HASH:=4972ac538800fb2d421027f49b4a1869b66048839507ccf0aa2fda792d99f583
-PKG_BUILD_DIR:=$(BUILD_DIR)/uwsgi-$(PKG_VERSION)
-
-PKG_LICENSE:=GPL-2.0-or-later
-PKG_LICENSE_FILES:=LICENSE
-PKG_MAINTAINER:=Ansuel Smith <ansuelsmth@gmail.com>
-
-PKG_BUILD_DEPENDS:=python3/host
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/uwsgi-cgi
- SECTION:=net
- CATEGORY:=Network
- SUBMENU:=Web Servers/Proxies
- TITLE:=The uWSGI server
- URL:=https://projects.unbit.it/uwsgi
- DEPENDS:=+libcap +jansson +libuuid
-endef
-
-define Package/uwsgi-cgi-luci-support
- SECTION:=net
- CATEGORY:=Network
- SUBMENU:=Web Servers/Proxies
- TITLE:=Support files for LuCI on Nginx
- DEPENDS:=+uwsgi-cgi
-endef
-
-define Package/uwsgi-cgi/description
- The uWSGI project build with cgi profile
-endef
-
-MAKE_VARS+=\
- CPP=$(TARGET_CROSS)cpp \
- PYTHON=$(STAGING_DIR_HOSTPKG)/bin/python3
-
-define Build/Compile
- $(call Build/Compile/Default,PROFILE=cgi)
-endef
-
-define Package/uwsgi-cgi/install
- $(INSTALL_DIR) $(1)/usr/sbin
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/uwsgi $(1)/usr/sbin/
-
- $(INSTALL_DIR) $(1)/etc/init.d
- $(INSTALL_BIN) ./files/uwsgi.init $(1)/etc/init.d/uwsgi
-
- $(INSTALL_DIR) $(1)/etc/uwsgi
- $(INSTALL_DATA) ./files/emperor.ini $(1)/etc/uwsgi/emperor.ini
-
- $(INSTALL_DIR) $(1)/etc/uwsgi/vassals
-endef
-
-define Package/uwsgi-cgi-luci-support/install
- $(INSTALL_DIR) $(1)/etc/uwsgi/vassals
- $(INSTALL_DATA) ./files-luci-support/luci-webui.ini $(1)/etc/uwsgi/vassals/luci-webui.ini
- $(INSTALL_DATA) ./files-luci-support/luci-cgi_io.ini $(1)/etc/uwsgi/vassals/luci-cgi_io.ini
-endef
-
-$(eval $(call BuildPackage,uwsgi-cgi))
-$(eval $(call BuildPackage,uwsgi-cgi-luci-support))
+++ /dev/null
-[uwsgi]
-strict = true
-cgi-mode = true
-cgi = /www/
-buffer-size = 10000
-reload-mercy = 8
-max-requests = 2000
-limit-as = 200
-reload-on-as = 256
-reload-on-rss = 192
-no-orphans = true
-post-buffering = 8192
-socket-timeout = 120
-thunder-lock = true
-#logger = syslog:uwsgi-luci-cgi_io
-disable-logging = true
-chmod-socket = 666
-cgi-safe = /usr/libexec/cgi-io
-cgi-dontresolve = true
-cgi-close-stdin-on-eof = true
-cheap = true
-idle = 360
\ No newline at end of file
+++ /dev/null
-[uwsgi]
-strict = true
-cgi-mode = true
-cgi = /www/
-chdir = /usr/lib/lua/luci/
-buffer-size = 10000
-reload-mercy = 8
-max-requests = 2000
-limit-as = 200
-reload-on-as = 256
-reload-on-rss = 192
-enable-threads = true
-post-buffering = 8192
-socket-timeout = 120
-thunder-lock = true
-#logger = syslog:uwsgi-luci
-disable-logging = true
-log-format = %(addr) %(method) %(uri) => generated %(rsize) bytes in %(msecs) msecs
-threads = 3
-processes = 3
-chmod-socket = 666
-cheap = true
-cheaper-algo = spare
-cheaper = 1
-cheaper-initial = 2
-cheaper-step = 1
-master = true
-idle = 360
\ No newline at end of file
+++ /dev/null
-[uwsgi]
-strict = true
-pidfile = /var/run/uwsgi.pid
-emperor = /etc/uwsgi/vassals/*.ini
-logger = syslog:uwsgi-emperor
-vacuum = true
-emperor-on-demand-directory = /var/run/
-emperor-required-heartbeat = 99
-vassal-set = die-on-idle=true
-#disable-logging = true
\ No newline at end of file
+++ /dev/null
-#!/bin/sh /etc/rc.common
-
-START=79
-USE_PROCD=1
-
-start_service() {
- procd_open_instance
- procd_set_param command /usr/sbin/uwsgi --ini /etc/uwsgi/emperor.ini
- procd_set_param file /etc/uwsgi/emperor.ini
- procd_set_param respawn
- procd_close_instance
-}
-
+++ /dev/null
---- a/buildconf/base.ini
-+++ b/buildconf/base.ini
-@@ -1,9 +1,9 @@
- [uwsgi]
--xml = auto
--yaml = true
--json = auto
--ssl = auto
--pcre = auto
-+xml = false
-+yaml = embedded
-+json = jansson
-+ssl = false
-+pcre = false
- routing = auto
- debug = false
- unbit = false
+++ /dev/null
---- a/uwsgiconfig.py
-+++ b/uwsgiconfig.py
-@@ -851,11 +851,11 @@ class uConf(object):
- self.cflags.append('-DUWSGI_HAS_EXECINFO')
- report['execinfo'] = True
-
-- if self.has_include('zlib.h'):
-- self.cflags.append('-DUWSGI_ZLIB')
-- self.libs.append('-lz')
-- self.gcc_list.append('core/zlib')
-- report['zlib'] = True
-+# if self.has_include('zlib.h'):
-+# self.cflags.append('-DUWSGI_ZLIB')
-+# self.libs.append('-lz')
-+# self.gcc_list.append('core/zlib')
-+ report['zlib'] = False
-
- if uwsgi_os == 'OpenBSD':
- try:
+++ /dev/null
---- a/uwsgiconfig.py
-+++ b/uwsgiconfig.py
-@@ -680,7 +680,7 @@ class uConf(object):
- self.include_path += os.environ['UWSGI_INCLUDES'].split(',')
-
-
-- self.cflags = ['-O2', '-I.', '-Wall', '-D_LARGEFILE_SOURCE', '-D_FILE_OFFSET_BITS=64'] + os.environ.get("CFLAGS", "").split() + self.get('cflags','').split()
-+ self.cflags = ['-I.', '-Wall', '-D_LARGEFILE_SOURCE', '-D_FILE_OFFSET_BITS=64'] + os.environ.get("CFLAGS", "").split() + self.get('cflags','').split()
-
- report['kernel'] = uwsgi_os
-
+++ /dev/null
---- a/uwsgiconfig.py
-+++ b/uwsgiconfig.py
-@@ -5,9 +5,9 @@
- import os
- import re
- import time
--uwsgi_os = os.uname()[0]
--uwsgi_os_k = re.split('[-+_]', os.uname()[2])[0]
--uwsgi_os_v = os.uname()[3]
-+uwsgi_os = "Linux"
-+uwsgi_os_k = "4.4.0"
-+uwsgi_os_v = "Linux"
- uwsgi_cpu = os.uname()[4]
-
- import sys
+++ /dev/null
---- a/core/uwsgi.c
-+++ b/core/uwsgi.c
-@@ -1820,7 +1820,7 @@ void uwsgi_plugins_atexit(void) {
-
- void uwsgi_backtrace(int depth) {
-
--#if defined(__GLIBC__) || (defined(__APPLE__) && !defined(NO_EXECINFO)) || defined(UWSGI_HAS_EXECINFO)
-+#if (!defined(__UCLIBC__) && defined(__GLIBC__)) || (defined(__APPLE__) && !defined(NO_EXECINFO)) || defined(UWSGI_HAS_EXECINFO)
-
- #include <execinfo.h>
-
+++ /dev/null
-Index: uwsgi-2.0.18/Makefile
-===================================================================
---- uwsgi-2.0.18.orig/Makefile
-+++ uwsgi-2.0.18/Makefile
-@@ -1,4 +1,4 @@
--PYTHON := python
-+PYTHON ?= python3
-
- all:
- $(PYTHON) uwsgiconfig.py --build $(PROFILE)
+++ /dev/null
-From f259999d824b921a8a443e73d8c2b9e2d2170413 Mon Sep 17 00:00:00 2001
-From: Ansuel Smith <ansuelsmth@gmail.com>
-Date: Tue, 8 Oct 2019 02:10:43 +0200
-Subject: [PATCH] plugins/cgi: adds dontresolve option
-
-This option permit to call the simbolic link instead of the file the simbolic link points.
-All the security check are still done as the simbolic path is passed at the end after all the checks are passed. This is useful if some cgi app are used for multiple function based on the name they are called by.
-
-Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
----
- plugins/cgi/cgi_plugin.c | 13 +++++++++++++
- 1 file changed, 13 insertions(+)
-
-diff --git a/plugins/cgi/cgi_plugin.c b/plugins/cgi/cgi_plugin.c
-index d032db17c..30e1cc528 100644
---- a/plugins/cgi/cgi_plugin.c
-+++ b/plugins/cgi/cgi_plugin.c
-@@ -15,6 +15,7 @@ struct uwsgi_cgi {
- struct uwsgi_string_list *loadlib;
- struct uwsgi_string_list *cgi_safe;
- int optimize;
-+ int dontresolve;
- int from_docroot;
- int has_mountpoints;
- struct uwsgi_dyn_dict *default_cgi;
-@@ -75,6 +76,8 @@ struct uwsgi_option uwsgi_cgi_options[] = {
-
- {"cgi-safe", required_argument, 0, "skip security checks if the cgi file is under the specified path", uwsgi_opt_add_string_list, &uc.cgi_safe, 0},
-
-+ {"cgi-dontresolve", no_argument, 0 , "call symbolic link directly instead of the real path", uwsgi_opt_true,&uc.dontresolve, 0},
-+
- {0, 0, 0, 0, 0, 0, 0},
-
- };
-@@ -475,6 +478,7 @@ static int uwsgi_cgi_request(struct wsgi_request *wsgi_req) {
-
- char full_path[PATH_MAX];
- char tmp_path[PATH_MAX];
-+ char symbolic_path[PATH_MAX];
- struct stat cgi_stat;
- int need_free = 0;
- int is_a_file = 0;
-@@ -533,6 +537,10 @@ static int uwsgi_cgi_request(struct wsgi_request *wsgi_req) {
- uwsgi_404(wsgi_req);
- return UWSGI_OK;
- }
-+ if (uc.dontresolve) {
-+ full_path_len = strlen(full_path);
-+ memcpy(symbolic_path, full_path, full_path_len+1);
-+ }
-
- full_path_len = strlen(tmp_path);
- // add +1 to copy the null byte
-@@ -639,6 +647,11 @@ static int uwsgi_cgi_request(struct wsgi_request *wsgi_req) {
- }
- }
-
-+ if (uc.dontresolve) {
-+ full_path_len = strlen(symbolic_path);
-+ memcpy(full_path, symbolic_path, full_path_len+1);
-+ }
-+
- int ret = uwsgi_cgi_run(wsgi_req, docroot, docroot_len, full_path, helper, path_info, script_name, is_a_file, discard_base);
- if (need_free) free(docroot);
- return ret;
--- /dev/null
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=uwsgi
+PKG_VERSION:=2.0.18
+PKG_RELEASE:=2
+
+PKG_SOURCE:=uwsgi-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL=https://files.pythonhosted.org/packages/source/u/uwsgi/
+PKG_HASH:=4972ac538800fb2d421027f49b4a1869b66048839507ccf0aa2fda792d99f583
+PKG_BUILD_DIR:=$(BUILD_DIR)/uwsgi-$(PKG_VERSION)
+PKG_BUILD_DEPENDS:=python3/host
+
+PKG_LICENSE:=GPL-2.0-or-later
+PKG_LICENSE_FILES:=LICENSE
+PKG_MAINTAINER:=Ansuel Smith <ansuelsmth@gmail.com>
+
+include $(INCLUDE_DIR)/package.mk
+include ../../lang/python/python3-package.mk
+#for LINUX_UNAME_VERSION:
+include $(INCLUDE_DIR)/kernel.mk
+
+define Package/uwsgi
+ SECTION:=net
+ CATEGORY:=Network
+ SUBMENU:=Web Servers/Proxies
+ TITLE:=The uWSGI server
+ URL:=https://uwsgi-docs.readthedocs.io/en/latest/
+ DEPENDS:=+libpcre +libcap +libuuid
+ MENU:=1
+endef
+
+define Package/uwsgi-logfile-plugin
+ SECTION:=net
+ CATEGORY:=Network
+ SUBMENU:=Web Servers/Proxies
+ TITLE:=The Logfile plugin for the uWSGI server
+ DEPENDS:=uwsgi
+ MDEPENDS:=uwsgi
+endef
+
+define Package/uwsgi-syslog-plugin
+ SECTION:=net
+ CATEGORY:=Network
+ SUBMENU:=Web Servers/Proxies
+ TITLE:=The Syslog plugin for the uWSGI server
+ DEPENDS:=uwsgi
+ MDEPENDS:=uwsgi
+endef
+
+define Package/uwsgi-cgi-plugin
+ SECTION:=net
+ CATEGORY:=Network
+ SUBMENU:=Web Servers/Proxies
+ TITLE:=The CGI plugin for the uWSGI server
+ DEPENDS:=uwsgi
+ MDEPENDS:=uwsgi
+endef
+
+define Package/uwsgi-python3-plugin
+ SECTION:=net
+ CATEGORY:=Network
+ SUBMENU:=Web Servers/Proxies
+ TITLE:=The Python3 plugin for the uWSGI server
+ DEPENDS:=uwsgi +python3-light
+ MDEPENDS:=uwsgi
+endef
+
+define Package/uwsgi-luci-support
+ SECTION:=net
+ CATEGORY:=Network
+ SUBMENU:=Web Servers/Proxies
+ TITLE:=Support files for LuCI on Nginx
+ DEPENDS:=uwsgi +uwsgi-syslog-plugin +uwsgi-cgi-plugin
+ MDEPENDS:=uwsgi
+endef
+
+define Package/uwsgi/description
+ The uWSGI project (to be used together with nginx or nginx-ssl).
+endef
+
+define Package/uwsgi-logfile-plugin/description
+ The Logfile plugin for the uWSGI project.
+endef
+
+define Package/uwsgi-syslog-plugin/description
+ The Syslog plugin for the uWSGI project.
+endef
+
+define Package/uwsgi-cgi-plugin/description
+ The CGI plugin for the uWSGI project.
+endef
+
+define Package/uwsgi-python3-plugin/description
+ The Python3 plugin for the uWSGI project.
+endef
+
+define Package/uwsgi-luci-support/description
+ Support files for LuCI on Nginx
+endef
+
+MAKE_VARS+=\
+ CPP=$(TARGET_CROSS)cpp \
+ PYTHON=$(STAGING_DIR_HOSTPKG)/bin/python3 \
+ LINUX_UNAME_VERSION=$(LINUX_UNAME_VERSION)
+
+define Build/Compile
+ $(call Build/Compile/Default,PROFILE=openwrt)
+ $(call Build/Compile/Default,plugin.logfile PROFILE=openwrt)
+ $(call Build/Compile/Default,plugin.syslog PROFILE=openwrt)
+ $(call Build/Compile/Default,plugin.cgi PROFILE=openwrt)
+ $(call Build/Compile/HostPy3RunTarget, \
+ cd $(PKG_BUILD_DIR), \
+ uwsgiconfig.py --plugin plugins/python openwrt, \
+ CPP="$(TARGET_CROSS)cpp" \
+ LINUX_UNAME_VERSION=$(LINUX_UNAME_VERSION) \
+ CFLAGS="$(TARGET_CPPFLAGS) -I$(PYTHON3_INC_DIR) $(TARGET_CFLAGS)" \
+ )
+endef
+
+define Package/uwsgi/install
+ $(INSTALL_DIR) $(1)/usr/sbin
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/uwsgi $(1)/usr/sbin/
+
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) ./files/uwsgi.init $(1)/etc/init.d/uwsgi
+
+ $(INSTALL_DIR) $(1)/etc/uwsgi
+ $(INSTALL_CONF) ./files/emperor.ini $(1)/etc/uwsgi/emperor.ini
+
+ $(INSTALL_DIR) $(1)/etc/uwsgi/vassals
+endef
+
+define Package/uwsgi/conffiles
+/etc/uwsgi/emperor.ini
+endef
+
+define Package/uwsgi-logfile-plugin/install
+ $(INSTALL_DIR) $(1)/usr/lib/uwsgi
+ $(CP) $(PKG_BUILD_DIR)/logfile_plugin.so $(1)/usr/lib/uwsgi/
+endef
+
+define Package/uwsgi-syslog-plugin/install
+ $(INSTALL_DIR) $(1)/usr/lib/uwsgi
+ $(CP) $(PKG_BUILD_DIR)/syslog_plugin.so $(1)/usr/lib/uwsgi/
+endef
+
+define Package/uwsgi-cgi-plugin/install
+ $(INSTALL_DIR) $(1)/usr/lib/uwsgi
+ $(CP) $(PKG_BUILD_DIR)/cgi_plugin.so $(1)/usr/lib/uwsgi/
+endef
+
+define Package/uwsgi-python3-plugin/install
+ $(INSTALL_DIR) $(1)/usr/lib/uwsgi
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/python_plugin.so $(1)/usr/lib/uwsgi/
+endef
+
+define Package/uwsgi-luci-support/install
+ $(INSTALL_DIR) $(1)/etc/uwsgi/vassals
+ $(INSTALL_DATA) ./files-luci-support/luci-webui.ini $(1)/etc/uwsgi/vassals/luci-webui.ini
+ $(INSTALL_DATA) ./files-luci-support/luci-cgi_io.ini $(1)/etc/uwsgi/vassals/luci-cgi_io.ini
+endef
+
+$(eval $(call BuildPackage,uwsgi))
+$(eval $(call BuildPackage,uwsgi-logfile-plugin))
+$(eval $(call BuildPackage,uwsgi-syslog-plugin))
+$(eval $(call BuildPackage,uwsgi-cgi-plugin))
+$(eval $(call BuildPackage,uwsgi-python3-plugin))
+$(eval $(call BuildPackage,uwsgi-luci-support))
--- /dev/null
+[uwsgi]
+strict = true
+if-not-env = UWSGI_EMPEROR_FD
+socket = /var/run/luci-cgi_io.socket
+chmod-socket = 666
+cheap = true
+end-if =
+plugin = cgi
+cgi-mode = true
+cgi = /www/
+chdir = /usr/lib/lua/luci/
+buffer-size = 10000
+reload-mercy = 8
+max-requests = 2000
+limit-as = 1000
+reload-on-as = 256
+reload-on-rss = 192
+no-orphans = true
+post-buffering = 8192
+socket-timeout = 120
+thunder-lock = true
+plugin = syslog
+disable-logging = true
+req-logger = syslog:uwsgi-luci-cgi_io
+log-format=%(method) %(uri) => return %(status) (%(rsize) bytes in %(msecs) ms)
+chmod-socket = 666
+cgi-safe = /usr/libexec/cgi-io
+cgi-dontresolve = true
+cgi-close-stdin-on-eof = true
+cheap = true
+idle = 360
--- /dev/null
+[uwsgi]
+strict = true
+if-not-env = UWSGI_EMPEROR_FD
+socket = /var/run/luci-webui.socket
+chmod-socket = 666
+cheap = true
+end-if =
+plugin = cgi
+cgi-mode = true
+cgi = /www/
+chdir = /usr/lib/lua/luci/
+buffer-size = 10000
+reload-mercy = 8
+max-requests = 2000
+limit-as = 1000
+reload-on-as = 256
+reload-on-rss = 192
+enable-threads = true
+post-buffering = 8192
+socket-timeout = 120
+thunder-lock = true
+plugin = syslog
+logger = luci syslog:uwsgi-luci
+log-route = luci luci:
+disable-logging = true
+req-logger = syslog:uwsgi-luci
+log-format=%(method) %(uri) => return %(status) (%(rsize) bytes in %(msecs) ms)
+threads = 3
+processes = 3
+cheaper-algo = spare
+cheaper = 1
+cheaper-initial = 1
+cheaper-step = 1
+master = true
+idle = 360
--- /dev/null
+[uwsgi]
+strict = true
+pidfile = /var/run/uwsgi.pid
+emperor = /etc/uwsgi/vassals/*.ini
+early-emperor = true
+vacuum = true
+emperor-on-demand-directory = /var/run/
+emperor-required-heartbeat = 99
+vassal-set = die-on-idle=true
--- /dev/null
+#!/bin/sh /etc/rc.common
+
+START=79
+USE_PROCD=1
+
+start_service() {
+ procd_open_instance
+ procd_set_param command /usr/sbin/uwsgi --ini /etc/uwsgi/emperor.ini
+ procd_set_param stderr 1
+ procd_set_param file /etc/uwsgi/emperor.ini
+ procd_set_param respawn
+ procd_close_instance
+}
+
--- /dev/null
+--- a/uwsgiconfig.py
++++ b/uwsgiconfig.py
+@@ -851,11 +851,11 @@ class uConf(object):
+ self.cflags.append('-DUWSGI_HAS_EXECINFO')
+ report['execinfo'] = True
+
+- if self.has_include('zlib.h'):
+- self.cflags.append('-DUWSGI_ZLIB')
+- self.libs.append('-lz')
+- self.gcc_list.append('core/zlib')
+- report['zlib'] = True
++# if self.has_include('zlib.h'):
++# self.cflags.append('-DUWSGI_ZLIB')
++# self.libs.append('-lz')
++# self.gcc_list.append('core/zlib')
++ report['zlib'] = False
+
+ if uwsgi_os == 'OpenBSD':
+ try:
--- /dev/null
+--- a/uwsgiconfig.py
++++ b/uwsgiconfig.py
+@@ -680,7 +680,7 @@ class uConf(object):
+ self.include_path += os.environ['UWSGI_INCLUDES'].split(',')
+
+
+- self.cflags = ['-O2', '-I.', '-Wall', '-D_LARGEFILE_SOURCE', '-D_FILE_OFFSET_BITS=64'] + os.environ.get("CFLAGS", "").split() + self.get('cflags','').split()
++ self.cflags = ['-I.', '-Wall', '-D_LARGEFILE_SOURCE', '-D_FILE_OFFSET_BITS=64'] + os.environ.get("CFLAGS", "").split() + self.get('cflags','').split()
+
+ report['kernel'] = uwsgi_os
+
--- /dev/null
+--- a/uwsgiconfig.py
++++ b/uwsgiconfig.py
+@@ -5,9 +5,9 @@
+ import os
+ import re
+ import time
+-uwsgi_os = os.uname()[0]
+-uwsgi_os_k = re.split('[-+_]', os.uname()[2])[0]
+-uwsgi_os_v = os.uname()[3]
++uwsgi_os = "Linux"
++uwsgi_os_k = os.environ['LINUX_UNAME_VERSION']
++uwsgi_os_v = "Linux"
+ uwsgi_cpu = os.uname()[4]
+
+ import sys
--- /dev/null
+--- a/core/uwsgi.c
++++ b/core/uwsgi.c
+@@ -1820,7 +1820,7 @@ void uwsgi_plugins_atexit(void) {
+
+ void uwsgi_backtrace(int depth) {
+
+-#if defined(__GLIBC__) || (defined(__APPLE__) && !defined(NO_EXECINFO)) || defined(UWSGI_HAS_EXECINFO)
++#if (!defined(__UCLIBC__) && defined(__GLIBC__)) || (defined(__APPLE__) && !defined(NO_EXECINFO)) || defined(UWSGI_HAS_EXECINFO)
+
+ #include <execinfo.h>
+
--- /dev/null
+Index: uwsgi-2.0.18/Makefile
+===================================================================
+--- uwsgi-2.0.18.orig/Makefile
++++ uwsgi-2.0.18/Makefile
+@@ -1,4 +1,4 @@
+-PYTHON := python
++PYTHON ?= python3
+
+ all:
+ $(PYTHON) uwsgiconfig.py --build $(PROFILE)
--- /dev/null
+From f259999d824b921a8a443e73d8c2b9e2d2170413 Mon Sep 17 00:00:00 2001
+From: Ansuel Smith <ansuelsmth@gmail.com>
+Date: Tue, 8 Oct 2019 02:10:43 +0200
+Subject: [PATCH] plugins/cgi: adds dontresolve option
+
+This option permit to call the simbolic link instead of the file the simbolic link points.
+All the security check are still done as the simbolic path is passed at the end after all the checks are passed. This is useful if some cgi app are used for multiple function based on the name they are called by.
+
+Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
+---
+ plugins/cgi/cgi_plugin.c | 13 +++++++++++++
+ 1 file changed, 13 insertions(+)
+
+diff --git a/plugins/cgi/cgi_plugin.c b/plugins/cgi/cgi_plugin.c
+index d032db17c..30e1cc528 100644
+--- a/plugins/cgi/cgi_plugin.c
++++ b/plugins/cgi/cgi_plugin.c
+@@ -15,6 +15,7 @@ struct uwsgi_cgi {
+ struct uwsgi_string_list *loadlib;
+ struct uwsgi_string_list *cgi_safe;
+ int optimize;
++ int dontresolve;
+ int from_docroot;
+ int has_mountpoints;
+ struct uwsgi_dyn_dict *default_cgi;
+@@ -75,6 +76,8 @@ struct uwsgi_option uwsgi_cgi_options[] = {
+
+ {"cgi-safe", required_argument, 0, "skip security checks if the cgi file is under the specified path", uwsgi_opt_add_string_list, &uc.cgi_safe, 0},
+
++ {"cgi-dontresolve", no_argument, 0 , "call symbolic link directly instead of the real path", uwsgi_opt_true,&uc.dontresolve, 0},
++
+ {0, 0, 0, 0, 0, 0, 0},
+
+ };
+@@ -475,6 +478,7 @@ static int uwsgi_cgi_request(struct wsgi_request *wsgi_req) {
+
+ char full_path[PATH_MAX];
+ char tmp_path[PATH_MAX];
++ char symbolic_path[PATH_MAX];
+ struct stat cgi_stat;
+ int need_free = 0;
+ int is_a_file = 0;
+@@ -533,6 +537,10 @@ static int uwsgi_cgi_request(struct wsgi_request *wsgi_req) {
+ uwsgi_404(wsgi_req);
+ return UWSGI_OK;
+ }
++ if (uc.dontresolve) {
++ full_path_len = strlen(full_path);
++ memcpy(symbolic_path, full_path, full_path_len+1);
++ }
+
+ full_path_len = strlen(tmp_path);
+ // add +1 to copy the null byte
+@@ -639,6 +647,11 @@ static int uwsgi_cgi_request(struct wsgi_request *wsgi_req) {
+ }
+ }
+
++ if (uc.dontresolve) {
++ full_path_len = strlen(symbolic_path);
++ memcpy(full_path, symbolic_path, full_path_len+1);
++ }
++
+ int ret = uwsgi_cgi_run(wsgi_req, docroot, docroot_len, full_path, helper, path_info, script_name, is_a_file, discard_base);
+ if (need_free) free(docroot);
+ return ret;
--- /dev/null
+[uwsgi]
+xml = false
+yaml = false
+json = false
+ssl = false
+pcre = true
+routing = auto
+debug = false
+unbit = false
+malloc_implementation = libc
+extras =
+plugins =
+bin_name = uwsgi
+append_version =
+plugin_dir = /usr/lib/uwsgi
+plugin_build_dir = .
+embedded_plugins =
+as_shared_library = false
+
+locking = auto
+event = auto
+timer = auto
+filemonitor = auto
+
+blacklist =
+whitelist =
+
+embed_files =
+
+embed_config =
--- /dev/null
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=vnstat2
+PKG_VERSION:=2.6
+PKG_RELEASE:=1
+
+PKG_SOURCE:=vnstat-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://humdi.net/vnstat
+PKG_HASH:=89276e0a7281943edb554b874078278ad947dc312938a2451e03eb80679f7ff7
+
+PKG_LICENSE:=GPL-2.0-only
+PKG_LICENSE_FILES:=COPYING
+PKG_MAINTAINER:=Jan Hoffmann <jan@3e8.eu>
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/vnstat-${PKG_VERSION}
+
+PKG_FIXUP:=autoreconf
+PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/vnstat2/Default
+ SECTION:=net
+ CATEGORY:=Network
+ URL:=https://humdi.net/vnstat/
+ DEPENDS:=+libsqlite3
+ CONFLICTS:=vnstat
+endef
+
+define Package/vnstat2
+$(call Package/vnstat2/Default)
+ TITLE:=Console-based network traffic monitor
+endef
+
+define Package/vnstat2/description
+ vnStat is a network traffic monitor for Linux that keeps a log of daily
+ network traffic for the selected interface(s). vnStat isn't a packet
+ sniffer. The traffic information is analyzed from the /proc -filesystem,
+ so vnStat can be used without root permissions.
+endef
+
+define Package/vnstati2
+$(call Package/vnstat2/Default)
+ DEPENDS+=vnstat2 +libgd
+ TITLE:=PNG image output support for vnStat
+endef
+
+define Package/vnstati2/description
+ The purpose of vnstati is to provide image output support for statistics
+ collected using vnstat. However, the image file format is limited to
+ png. All basic outputs of vnStat are supported excluding live traffic
+ features. The image can be outputted either to a file or to standard
+ output.
+endef
+
+define Package/vnstat2/conffiles
+/etc/vnstat.conf
+/etc/config/vnstat
+endef
+
+CONFIGURE_ARGS += --disable-extra-paths
+
+define Package/vnstat2/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/vnstat $(1)/usr/bin/
+ $(INSTALL_DIR) $(1)/usr/sbin
+ $(CP) $(PKG_INSTALL_DIR)/usr/sbin/vnstatd $(1)/usr/sbin/
+ $(INSTALL_DIR) $(1)/etc
+ $(INSTALL_CONF) $(PKG_BUILD_DIR)/cfg/vnstat.conf $(1)/etc/
+ $(INSTALL_DIR) $(1)/etc/config
+ $(INSTALL_CONF) ./files/vnstat.config $(1)/etc/config/vnstat
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) ./files/vnstat.init $(1)/etc/init.d/vnstat
+endef
+
+define Package/vnstati2/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/vnstati $(1)/usr/bin/
+endef
+
+$(eval $(call BuildPackage,vnstat2))
+$(eval $(call BuildPackage,vnstati2))
--- /dev/null
+config vnstat
+# list interface br-lan
--- /dev/null
+#!/bin/sh /etc/rc.common
+
+START=60
+STOP=50
+
+USE_PROCD=1
+
+vnstat_option() {
+ sed -ne "s/^[[:space:]]*$1[[:space:]]*['\"]\([^'\"]*\)['\"].*/\1/p" \
+ /etc/vnstat.conf
+}
+
+init_database() {
+ local lib="$(vnstat_option DatabaseDir)"
+
+ local database_count="$(ls "$lib" 2>/dev/null | wc -l)"
+
+ if [ "$database_count" -eq "0" ]; then
+ /usr/sbin/vnstatd -n --noadd >/dev/null
+ fi
+}
+
+init_ifaces() {
+ local cfg="$1"
+
+ init_iface() {
+ local ifn="$1"
+
+ /usr/bin/vnstat --add -i "$ifn" >/dev/null
+ }
+
+ config_list_foreach "$cfg" interface init_iface
+
+ return 1
+}
+
+start_service() {
+ init_database
+
+ config_load vnstat
+ config_foreach init_ifaces vnstat
+
+ procd_open_instance
+ procd_set_param stdout 1
+ procd_set_param stderr 1
+ procd_set_param command /usr/sbin/vnstatd --nodaemon
+ procd_set_param file /etc/vnstat.conf
+ procd_set_param respawn
+ procd_close_instance
+}
+
+reload_service() {
+ config_load vnstat
+ config_foreach init_ifaces vnstat
+
+ procd_send_signal vnstat
+}
+
+service_triggers() {
+ procd_add_reload_trigger vnstat
+}
--- /dev/null
+# Copyright 2017-2018 Stan Grishin (stangri@melmac.net)
+# This is free software, licensed under the GNU General Public License v3.
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=vpn-policy-routing
+PKG_VERSION:=0.2.1
+PKG_RELEASE:=3
+PKG_LICENSE:=GPL-3.0-or-later
+PKG_MAINTAINER:=Stan Grishin <stangri@melmac.net>
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/vpn-policy-routing
+ SECTION:=net
+ CATEGORY:=Network
+ TITLE:=VPN Policy-Based Routing Service
+ DEPENDS:=+ipset +iptables +resolveip +kmod-ipt-ipset +iptables-mod-ipopt +!BUSYBOX_CONFIG_IP:ip-full
+ PKGARCH:=all
+endef
+
+define Package/vpn-policy-routing/description
+This service allows policy-based routing for L2TP, Openconnect, OpenVPN, PPTP and Wireguard tunnels and WAN interface.
+Policies can specify domains, local IPs/subnets and ports, as well as remote IPs/subnets and ports.
+endef
+
+define Package/vpn-policy-routing/conffiles
+/etc/config/vpn-policy-routing
+endef
+
+define Build/Prepare
+ mkdir -p $(PKG_BUILD_DIR)/files/
+ $(CP) ./files/vpn-policy-routing.init $(PKG_BUILD_DIR)/files/vpn-policy-routing.init
+ sed -i "s|^\(PKG_VERSION\).*|\1='$(PKG_VERSION)-$(PKG_RELEASE)'|" $(PKG_BUILD_DIR)/files/vpn-policy-routing.init
+endef
+
+define Build/Configure
+endef
+
+define Build/Compile
+endef
+
+define Package/vpn-policy-routing/install
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/files/vpn-policy-routing.init $(1)/etc/init.d/vpn-policy-routing
+ $(INSTALL_DIR) $(1)/etc/config
+ $(INSTALL_CONF) ./files/vpn-policy-routing.conf $(1)/etc/config/vpn-policy-routing
+ $(INSTALL_DIR) $(1)/etc/hotplug.d/firewall
+ $(INSTALL_DATA) ./files/vpn-policy-routing.firewall.hotplug $(1)/etc/hotplug.d/firewall/99-vpn-policy-routing
+ $(INSTALL_DIR) $(1)/etc/hotplug.d/iface
+ $(INSTALL_DATA) ./files/vpn-policy-routing.iface.hotplug $(1)/etc/hotplug.d/iface/70-vpn-policy-routing
+ $(INSTALL_DIR) $(1)/etc/
+ $(INSTALL_DATA) ./files/vpn-policy-routing.aws.user $(1)/etc/vpn-policy-routing.aws.user
+ $(INSTALL_DIR) $(1)/etc/
+ $(INSTALL_DATA) ./files/vpn-policy-routing.netflix.user $(1)/etc/vpn-policy-routing.netflix.user
+endef
+
+define Package/vpn-policy-routing/postinst
+ #!/bin/sh
+ # check if we are on real system
+ if [ -z "$${IPKG_INSTROOT}" ]; then
+ /etc/init.d/vpn-policy-routing enable
+ if ! /bin/ubus -S call system board | /bin/grep 'Turris' | /bin/grep -q '15.05' ; then
+ rm -rf /etc/hotplug.d/iface/70-vpn-policy-routing
+ fi
+ fi
+ exit 0
+endef
+
+define Package/vpn-policy-routing/prerm
+ #!/bin/sh
+ # check if we are on real system
+ if [ -z "$${IPKG_INSTROOT}" ]; then
+ echo "Stopping service and removing rc.d symlink for vpn-policy-routing"
+ /etc/init.d/vpn-policy-routing stop || true
+ /etc/init.d/vpn-policy-routing disable || true
+ fi
+ exit 0
+endef
+
+$(eval $(call BuildPackage,vpn-policy-routing))
--- /dev/null
+# VPN Policy-Based Routing
+
+## Description
+
+This service allows you to define rules (policies) for routing traffic via WAN or your L2TP, Openconnect, OpenVPN, PPTP or Wireguard tunnels. Policies can be set based on any combination of local/remote ports, local/remote IPv4 or IPv6 addresses/subnets or domains. This service supersedes the [VPN Bypass](https://github.com/openwrt/packages/blob/master/net/vpnbypass/files/README.md) service, by supporting IPv6 and by allowing you to set explicit rules not just for WAN interface (bypassing OpenVPN tunnel), but for L2TP, Openconnect, OpenVPN, PPTP and Wireguard tunnels as well.
+
+## Features
+
+### Gateways/Tunnels
+
+- Any policy can target either WAN or a VPN tunnel interface.
+- L2TP tunnels supported (with protocol names l2tp\*).
+- Openconnect tunnels supported (with protocol names openconnect\*).
+- OpenVPN tunnels supported (with device names tun\* or tap\*).<sup>[1](#footnote1)</sup> <sup>[2](#footnote2)</sup>
+- PPTP tunnels supported (with protocol names pptp\*).
+- Wireguard tunnels supported (with protocol names wireguard\*).
+
+### IPv4/IPv6/Port-Based Policies
+
+- Policies based on local names, IPs or subnets. You can specify a single IP (as in ```192.168.1.70```) or a local subnet (as in ```192.168.1.81/29```) or a local device name (as in ```nexusplayer```). IPv6 addresses are also supported.
+- Policies based on local ports numbers. Can be set as an individual port number (```32400```), a range (```5060-5061```), a space-separated list (```80 8080```) or a combination of the above (```80 8080 5060-5061```). Limited to 15 space-separated entries per policy.
+- Policies based on remote IPs/subnets or domain names. Same format/syntax as local IPs/subnets.
+- Policies based on remote ports numbers. Same format/syntax and restrictions as local ports.
+- You can mix the IP addresses/subnets and device (or domain) names in one field separating them by space (like this: ```66.220.2.74 he.net tunnelbroker.net```).
+- See [Policy Options](#policy-options) section for more information.
+
+### DSCP Tag-Based Policies
+
+You can also set policies for traffic with specific DSCP tag. On Windows 10, for example, you can mark traffic from specific apps with DSCP tags (instructions for tagging specific app traffic in Windows 10 can be found [here](http://serverfault.com/questions/769843/cannot-set-dscp-on-windows-10-pro-via-group-policy)).
+
+### Custom User Files
+
+If the custom user file includes are set, the service will load and execute them after setting up ip tables and ipsets and processing policies. This allows, for example, to add large numbers of domains/IP addresses to ipsets without manually adding all of them to the config file.
+
+Two example custom user-files are provided: ```/etc/vpn-policy-routing.aws.user``` and ```/etc/vpn-policy-routing.netflix.user```. They are provided to pull the AWS and Netflix IP addresses into the ```wan``` ipset respectively.
+
+### Strict Enforcement
+
+- Supports strict policy enforcement, even if the policy interface is down -- resulting in network being unreachable for specific policy (enabled by default).
+
+### Use DNSMASQ ipset
+
+- Service can be set to utilize ```dnsmasq```'s ```ipset``` support, which requires the ```dnsmasq-full``` package to be installed (see [How to install dnsmasq-full](#how-to-install-dnsmasq-full)). This significantly improves the start up time because ```dnsmasq``` resolves the domain names and adds them to appropriate ```ipset``` in background. Another benefit of using ```dnsmasq```'s ```ipset``` is that it also automatically adds third-level domains to the ```ipset```: if ```domain.com``` is added to the policy, this policy will affect all ```*.domain.com``` subdomains. This also works for top-level domains as well, a policy targeting the ```at``` for example, will affect all the ```*.at``` domains.
+- Please review the [Footnotes/Known Issues](#footnotesknown-issues) section, specifically [<sup>#5</sup>](#footnote5) and any other information in that section relevant to domain-based routing/DNS.
+
+### Customization
+
+- Can be fully configured with ```uci``` commands or by editing ```/etc/config/vpn-policy-routing``` file.
+- Has a companion package (```luci-app-vpn-policy-routing```) so policies can be configured with Web UI.
+
+### Other Features
+
+- Doesn't stay in memory, creates the routing tables and ```iptables``` rules/```ipset``` entries which are automatically updated when supported/monitored interface changes.
+- Proudly made in :maple_leaf: Canada :maple_leaf: , using locally-sourced electrons.
+
+## Screenshots (luci-app-vpn-policy-routing)
+
+Service Status
+
+
+Configuration - Basic Configuration
+
+
+Configuration - Advanced Configuration
+
+
+Configuration - WebUI Configuration
+
+
+Policies
+
+
+DSCP Tagging
+
+
+Custom User File Includes
+
+
+## How It Works
+
+On start, this service creates routing tables for each supported interface (WAN/WAN6 and VPN tunnels) which are used to route specially marked packets. For the ```mangle``` table's ```PREROUTING```, ```FORWARD```, ```INPUT``` and ```OUTPUT``` chains, the service creates corresponding ```VPR_*``` chains to which policies are assigned. Evaluation and marking of packets happen in these ```VPR_*``` chains. If enabled, the service also creates the remote/local ipsets per each supported interface and the corresponding ```iptables``` rule for marking packets matching the ```ipset```. The service then processes the user-created policies.
+
+### Processing Policies
+
+Each policy can result in either a new ```iptables``` rule or, if ```src_ipset``` or ```dest_ipset``` are enabled, an ```ipset``` or a ```dnsmasq```'s ```ipset``` entry.
+
+- Policies with local MAC-addresses, IP addresses or local device names can be created as ```iptables``` rules or ```ipset``` entries.
+- Policies with local or remote ports are always created as ```iptables``` rules.
+- Policies with local or remote netmasks can be created as ```iptables``` rules or ```ipset``` entries.
+- Policies with **only** remote IP address or a domain name can be created as ```iptables``` rules or ```dnsmasq```'s ```ipset``` or an ```ipset``` (if enabled).
+
+### Policies Priorities
+
+- If support for ```src_ipset``` and ```dest_ipset``` is disabled, then only ```iptables``` rules are created. The policy priority is the same as its order as listed in Web UI and ```/etc/config/vpn-policy-routing```. The higher the policy is in the Web UI and configuration file, the higher its priority is.
+- If support for ```src_ipset``` and ```dest_ipset``` is enabled, then the ```ipset``` entries have the highest priority (irrelevant of their position in the policies list) and the other policies are processed in the same order as they are listed in Web UI and ```/etc/config/vpn-policy-routing```.
+- If there are conflicting ```ipset``` entries for different interfaces, the priority is given to the interface which is listed first in the ```/etc/config/network``` file.
+- If set, the ```DSCP``` policies trump all other policies, including the ```ipset``` ones.
+
+## How To Install
+
+Please make sure that the [requirements](#requirements) are satisfied and install ```vpn-policy-routing``` and ```luci-app-vpn-policy-routing``` from Web UI or connect to your router via ssh and run the following commands:
+
+```sh
+opkg update
+opkg install vpn-policy-routing luci-app-vpn-policy-routing
+```
+
+If these packages are not found in the official feed/repo for your version of OpenWrt/LEDE Project, you will need to [add a custom repo to your router](https://github.com/stangri/openwrt_packages/blob/master/README.md#on-your-router) first.
+
+### Requirements
+
+This service requires the following packages to be installed on your router: ```ipset```, ```resolveip```, ```ip-full``` (or a ```busybox``` built with ```ip``` support), ```kmod-ipt-ipset``` and ```iptables```.
+
+To satisfy the requirements, connect to your router via ssh and run the following commands:
+
+```sh
+opkg update; opkg install ipset resolveip ip-full kmod-ipt-ipset iptables
+```
+
+### How to install dnsmasq-full
+
+If you want to use ```dnsmasq```'s ```ipset``` support, you will need to install ```dnsmasq-full``` instead of the ```dnsmasq```. To do that, connect to your router via ssh and run the following command:
+
+```sh
+opkg update; opkg remove dnsmasq; opkg install dnsmasq-full;
+```
+
+### Unmet dependencies
+
+If you are running a development (trunk/snapshot) build of OpenWrt on your router and your build is outdated (meaning that packages of the same revision/commit hash are no longer available and when you try to satisfy the [requirements](#requirements) you get errors), please flash either current OpenWrt release image or current development/snapshot image.
+
+## Service Configuration Settings
+
+As per screenshots above, in the Web UI the ```vpn-policy-routing``` configuration is split into ```Basic```, ```Advanced``` and ```WebUI``` settings. The full list of configuration parameters of ```vpn-policy-routing.config``` section is:
+
+|Web UI Section|Parameter|Type|Default|Description|
+| --- | --- | --- | --- | --- |
+|Basic|enabled|boolean|0|Enable/disable the ```vpn-policy-routing``` service.|
+|Basic|verbosity|integer|2|Can be set to 0, 1 or 2 to control the console and system log output verbosity of the ```vpn-policy-routing``` service.|
+|Basic|strict_enforcement|boolean|1|Enforce policies when their interface is down. See [Strict enforcement](#strict-enforcement) for more details.|
+|Basic|dest_ipset|string|none|Enable/disable use of one of the ipset options for compatible remote policies (policies with only a remote hostname and no other fields set). This speeds up service start-up and operation. Currently supported options are ```none```, ```ipset``` and ```dnsmasq.ipset``` (see [Use DNSMASQ ipset](#use-dnsmasq-ipset) for more details). Make sure the [requirements](#requirements) are met.|
+|Basic|src_ipset|boolean|0|Enable/disable use of ```ipset``` entries for compatible local policies (policies with only a local IP address or MAC address and no other fields set). Using ```ipset``` for local IPs/MACs is faster than using ```iptables``` rules, however it makes it impossible to enforce policies priority/order. Make sure the [requirements](#requirements) are met.|
+|Basic|ipv6_enabled|boolean|0|Enable/disable IPv6 support.|
+|Advanced|supported_interface|list/string||Allows to specify the space-separated list of interface names (in lower case) to be explicitly supported by the ```vpn-policy-routing``` service. Can be useful if your OpenVPN tunnels have dev option other than tun\* or tap\*.|
+|Advanced|ignored_interface|list/string||Allows to specify the space-separated list of interface names (in lower case) to be ignored by the ```vpn-policy-routing``` service. Can be useful if running both VPN server and VPN client on the router.|
+|Advanced|boot_timeout|number|30|Allows to specify the time (in seconds) for ```vpn-policy-routing``` service to wait for WAN gateway discovery on boot. Can be useful on devices with ADSL modem built in.|
+|Advanced|iptables_rule_option|append/insert|append|Allows to specify the iptables parameter for rules: ```-A``` for ```append``` and ```-I``` for ```insert```. Append is generally speaking more compatible with other packages/firewall rules. Recommended to change to ```insert``` only to improve compatibility with the ```mwan3``` package.|
+|Advanced|iprule_enabled|boolean|0|Add an ```ip rule```, not an ```iptables``` entry for policies with just the local address. Use with caution to manipulate policies priorities.|
+|Advanced|icmp_interface|string||Set the default ICMP protocol interface (interface name in lower case). Use with caution.|
+|Advanced|append_src_rules|string||Append local IP Tables rules. Can be used to exclude local IP addresses from destinations for policies with local address set.|
+|Advanced|append_dest_rules|string||Append local IP Tables rules. Can be used to exclude remote IP addresses from sources for policies with remote address set.|
+|Advanced|wan_tid|integer|201|Starting (WAN) Table ID number for tables created by the ```vpn-policy-routing``` service.|
+|Advanced|wan_mark|hexadecimal|0x010000|Starting (WAN) fw mark for marks used by the ```vpn-policy-routing``` service. High starting mark is used to avoid conflict with SQM/QoS, this can be changed by user. Change with caution together with ```fw_mask```.|
+|Advanced|fw_mask|hexadecimal|0xff0000|FW Mask used by the ```vpn-policy-routing``` service. High mask is used to avoid conflict with SQM/QoS, this can be changed by user. Change with caution together with ```wan_mark```.|
+|Web UI|webui_enable_column|boolean|0|Shows ```Enable``` checkbox column for policies, allowing to quickly enable/disable specific policy without deleting it.|
+|Web UI|webui_protocol_column|boolean|0|Shows ```Protocol``` column for policies, allowing to specify the protocol for ```iptables``` rules for policies.|
+|Web UI|webui_supported_protocol|list|0|List of protocols to display in the ```Protocol``` column for policies.|
+|Web UI|webui_chain_column|boolean|0|Shows ```Chain``` column for policies, allowing to specify ```PREROUTING``` (default), ```FORWARD```, ```INPUT```, or ```OUTPUT``` chain for ```iptables``` rules for policies.|
+|Web UI|webui_sorting|boolean|1|Shows the Up/Down buttons for policies, allowing you to move a policy up or down in the list/priority.|
+||wan_dscp|integer||Allows use of [DSCP-tag based policies](#dscp-tag-based-policies) for WAN interface.|
+||{interface_name}_dscp|integer||Allows use of [DSCP-tag based policies](#dscp-tag-based-policies) for a VPN interface.|
+
+### Default Settings
+
+Default configuration has service disabled (use Web UI to enable/start service or run ```uci set vpn-policy-routing.config.enabled=1; uci commit vpn-policy-routing;```).
+
+### Policy Options
+
+Each policy may have a combination of the options below, the ```name``` and ```interface``` options are required.
+
+The ```src_addr```, ```src_port```, ```dest_addr``` and ```dest_port``` options supports parameter negation, for example if you want to **exclude** remote port 80 from the policy, set ```dest_port="!80"``` (notice lack of space between ```!``` and parameter).
+
+|Option|Default|Description|
+| --- | --- | --- |
+|**name**||Policy name, it **must** be set.|
+|enabled|1|Enable/disable policy. To display the ```Enable``` checkbox column for policies in the WebUI, make sure to select ```Enabled``` for ```Show Enable Column``` in the ```Web UI``` tab.|
+|**interface**||Policy interface, it **must** be set.|
+|src_addr||List of space-separated local/source IP addresses, CIDRs, hostnames or mac addresses (colon-separated). You can also specify a local interface (like a specially created wlan) prepended by an ```@``` symbol.|
+|src_port||List of space-separated local/source ports or port-ranges.|
+|dest_addr||List of space-separated remote/target IP addresses, CIDRs or hostnames/domain names.|
+|dest_port||List of space-separated remote/target ports or port-ranges.|
+|proto|all|Policy protocol, can be any valid protocol from ```/etc/protocols``` for CLI/uci or can be selected from the values set in ```webui_supported_protocol```. To display the ```Protocol``` column for policies in the WebUI, make sure to select ```Enabled``` for ```Show Protocol Column``` in the ```Web UI``` tab.|
+|chain|PREROUTING|Policy chain, can be either ```PREROUTING```, ```FORWARDING```, ```INPUT``` or ```OUTPUT```. This setting is case-sensitive. To display the ```Chain``` column for policies in the WebUI, make sure to select ```Enabled``` for ```Show Chain Column``` in the ```Web UI``` tab.|
+
+### Custom User Files Include Options
+
+|Option|Default|Description|
+| --- | --- | --- |
+|**path**||Path to a custom user file (in a form of shell script), it **must** be set.|
+|enabled|1|Enable/disable setting.|
+
+### Example Policies
+
+#### Single IP, IP Range, Local Machine, Local MAC Address
+
+The following policies route traffic from a single IP address, a range of IP addresses, a local machine (requires definition as DHCP host record in DHCP config), a MAC-address of a local device and finally all of the above via WAN.
+
+```text
+config policy
+ option name 'Local IP'
+ option interface 'wan'
+ option src_addr '192.168.1.70'
+
+config policy
+ option name 'Local Subnet'
+ option interface 'wan'
+ option src_addr '192.168.1.81/29'
+
+config policy
+ option name 'Local Machine'
+ option interface 'wan'
+ option src_addr 'dell-ubuntu'
+
+config policy
+ option name 'Local MAC Address'
+ option interface 'wan'
+ option src_addr '00:0F:EA:91:04:08'
+
+config policy
+ option name 'Local Devices'
+ option interface 'wan'
+ option src_addr '192.168.1.70 192.168.1.81/29 dell-ubuntu 00:0F:EA:91:04:08'
+
+```
+
+#### Logmein Hamachi
+
+The following policy routes LogMeIn Hamachi zero-setup VPN traffic via WAN.
+
+```text
+config policy
+ option name 'LogmeIn Hamachi'
+ option interface 'wan'
+ option dest_addr '25.0.0.0/8 hamachi.cc hamachi.com logmein.com'
+```
+
+#### SIP Port
+
+The following policy routes standard SIP port traffic via WAN for both TCP and UDP protocols.
+
+```text
+config policy
+ option name 'SIP Ports'
+ option interface 'wan'
+ option dest_port '5060'
+ option proto 'tcp udp'
+```
+
+#### Plex Media Server
+
+The following policies route Plex Media Server traffic via WAN. Please note, you'd still need to open the port in the firewall either manually or with the UPnP.
+
+```text
+config policy
+ option name 'Plex Local Server'
+ option interface 'wan'
+ option src_port '32400'
+
+config policy
+ option name 'Plex Remote Servers'
+ option interface 'wan'
+ option dest_addr 'plex.tv my.plexapp.com'
+```
+
+#### Emby Media Server
+
+The following policy route Emby traffic via WAN. Please note, you'd still need to open the port in the firewall either manually or with the UPnP.
+
+```text
+config policy
+ option name 'Emby Local Server'
+ option interface 'wan'
+ option src_port '8096 8920'
+
+config policy
+ option name 'Emby Remote Servers'
+ option interface 'wan'
+ option dest_addr 'emby.media app.emby.media tv.emby.media'
+```
+
+#### Local OpenVPN Server + OpenVPN Client (Scenario 1)
+
+If the OpenVPN client on your router is used as default routing (for the whole internet), make sure your settings are as following (three dots on the line imply other options can be listed in the section as well).
+
+Relevant part of ```/etc/config/vpn-policy-routing```:
+
+```text
+config vpn-policy-routing 'config'
+ list ignored_interface 'vpnserver'
+ ...
+
+config policy
+ option name 'OpenVPN Server'
+ option interface 'wan'
+ option proto 'tcp'
+ option src_port '1194'
+ option chain 'OUTPUT'
+```
+
+The network/firewall/openvpn settings are below.
+
+Relevant part of ```/etc/config/network``` (**DO NOT** modify default OpenWrt network settings for neither ```wan``` nor ```lan```):
+
+```text
+config interface 'vpnclient'
+ option proto 'none'
+ option ifname 'ovpnc0'
+
+config interface 'vpnserver'
+ option proto 'none'
+ option ifname 'ovpns0'
+ option auto '1'
+```
+
+Relevant part of ```/etc/config/firewall``` (**DO NOT** modify default OpenWrt firewall settings for neither ```wan``` nor ```lan```):
+
+```text
+config zone
+ option name 'vpnclient'
+ option network 'vpnclient'
+ option input 'REJECT'
+ option forward 'ACCEPT'
+ option output 'REJECT'
+ option masq '1'
+ option mtu_fix '1'
+
+config forwarding
+ option src 'lan'
+ option dest 'vpnclient'
+
+config zone
+ option name 'vpnserver'
+ option network 'vpnserver'
+ option input 'ACCEPT'
+ option forward 'REJECT'
+ option output 'ACCEPT'
+ option masq '1'
+
+config forwarding
+ option src 'vpnserver'
+ option dest 'wan'
+
+config forwarding
+ option src 'vpnserver'
+ option dest 'lan'
+
+config forwarding
+ option src 'vpnserver'
+ option dest 'vpnclient'
+
+config rule
+ option name 'Allow-OpenVPN-Inbound'
+ option target 'ACCEPT'
+ option src '*'
+ option proto 'tcp'
+ option dest_port '1194'
+```
+
+Relevant part of ```/etc/config/openvpn```:
+
+```text
+config openvpn 'vpnclient'
+ option client '1'
+ option dev_type 'tun'
+ option dev 'ovpnc0'
+ option proto 'udp'
+ option remote 'some.domain.com 1197' # DO NOT USE PORT 1194 for VPN Client
+ ...
+
+config openvpn 'vpnserver'
+ option port '1194'
+ option proto 'tcp'
+ option server '192.168.200.0 255.255.255.0'
+ ...
+```
+
+#### Local OpenVPN Server + OpenVPN Client (Scenario 2)
+
+If the OpenVPN client is **not** used as default routing and you create policies to selectively use the OpenVPN client, make sure your settings are as following (three dots on the line imply other options can be listed in the section as well).
+
+Relevant part of ```/etc/config/vpn-policy-routing```:
+
+```text
+config vpn-policy-routing 'config'
+ list ignored_interface 'vpnserver'
+ option append_src_rules '! -d 192.168.200.0/24'
+ ...
+```
+
+The network/firewall/openvpn settings are below.
+
+Relevant part of ```/etc/config/network``` (**DO NOT** modify default OpenWrt network settings for neither ```wan``` nor ```lan```):
+
+```text
+config interface 'vpnclient'
+ option proto 'none'
+ option ifname 'ovpnc0'
+
+config interface 'vpnserver'
+ option proto 'none'
+ option ifname 'ovpns0'
+ option auto '1'
+```
+
+Relevant part of ```/etc/config/firewall``` (**DO NOT** modify default OpenWrt firewall settings for neither ```wan``` nor ```lan```):
+
+```text
+config zone
+ option name 'vpnclient'
+ option network 'vpnclient'
+ option input 'REJECT'
+ option forward 'ACCEPT'
+ option output 'REJECT'
+ option masq '1'
+ option mtu_fix '1'
+
+config forwarding
+ option src 'lan'
+ option dest 'vpnclient'
+
+config zone
+ option name 'vpnserver'
+ option network 'vpnserver'
+ option input 'ACCEPT'
+ option forward 'REJECT'
+ option output 'ACCEPT'
+ option masq '1'
+
+config forwarding
+ option src 'vpnserver'
+ option dest 'wan'
+
+config forwarding
+ option src 'vpnserver'
+ option dest 'lan'
+
+config forwarding
+ option src 'vpnserver'
+ option dest 'vpnclient'
+
+config rule
+ option name 'Allow-OpenVPN-Inbound'
+ option target 'ACCEPT'
+ option src '*'
+ option proto 'tcp'
+ option dest_port '1194'
+```
+
+Relevant part of ```/etc/config/openvpn```:
+
+```text
+config openvpn 'vpnclient'
+ option client '1'
+ option dev_type 'tun'
+ option dev 'ovpnc0'
+ option proto 'udp'
+ option remote 'some.domain.com 1197' # DO NOT USE PORT 1194 for VPN Client
+ list pull_filter 'ignore "redirect-gateway"' # for OpenVPN 2.4 and later
+ option route_nopull '1' # for OpenVPN earlier than 2.4
+ ...
+
+config openvpn 'vpnserver'
+ option port '1194'
+ option proto 'tcp'
+ option server '192.168.200.0 255.255.255.0'
+ ...
+```
+
+#### Local Wireguard Server + Wireguard Client (Scenario 1)
+
+Yes, I'm aware that technically there are no clients nor servers in Wireguard, it's all peers, but for the sake of README readability I will use the terminology similar to the OpenVPN Server + Client setups.
+
+If the Wireguard tunnel on your router is used as default routing (for the whole internet), make sure your settings are as following (three dots on the line imply other options can be listed in the section as well).
+
+Relevant part of ```/etc/config/vpn-policy-routing```:
+
+```text
+config vpn-policy-routing 'config'
+ list ignored_interface 'wgserver'
+ ...
+
+config policy
+ option name 'Wireguard Server'
+ option interface 'wan'
+ option proto 'tcp'
+ option src_port '61820'
+ option chain 'OUTPUT'
+```
+
+The recommended network/firewall settings are below.
+
+Relevant part of ```/etc/config/network``` (**DO NOT** modify default OpenWrt network settings for neither ```wan``` nor ```lan```):
+
+```text
+config interface 'wgclient'
+ option proto 'wireguard'
+ ...
+
+config wireguard_wgclient
+ list allowed_ips '0.0.0.0/0'
+ list allowed_ips '::0/0'
+ option endpoint_port '51820'
+ option route_allowed_ips '1'
+ ...
+
+config interface 'wgserver'
+ option proto 'wireguard'
+ option listen_port '61820'
+ list addresses '192.168.200.1'
+ ...
+
+config wireguard_wgserver
+ list allowed_ips '192.168.200.2/32'
+ option route_allowed_ips '1'
+ ...
+```
+
+Relevant part of ```/etc/config/firewall``` (**DO NOT** modify default OpenWrt firewall settings for neither ```wan``` nor ```lan```):
+
+```text
+config zone
+ option name 'wgclient'
+ option network 'wgclient'
+ option input 'REJECT'
+ option forward 'ACCEPT'
+ option output 'REJECT'
+ option masq '1'
+ option mtu_fix '1'
+
+config forwarding
+ option src 'lan'
+ option dest 'wgclient'
+
+config zone
+ option name 'wgserver'
+ option network 'wgserver'
+ option input 'ACCEPT'
+ option forward 'REJECT'
+ option output 'ACCEPT'
+ option masq '1'
+
+config forwarding
+ option src 'wgserver'
+ option dest 'wan'
+
+config forwarding
+ option src 'wgserver'
+ option dest 'lan'
+
+config forwarding
+ option src 'wgserver'
+ option dest 'wgclient'
+
+config rule
+ option name 'Allow-WG-Inbound'
+ option target 'ACCEPT'
+ option src '*'
+ option proto 'udp'
+ option dest_port '61820'
+```
+
+#### Local Wireguard Server + Wireguard Client (Scenario 2)
+
+Yes, I'm aware that technically there are no clients nor servers in Wireguard, it's all peers, but for the sake of README readability I will use the terminology similar to the OpenVPN Server + Client setups.
+
+If the Wireguard client is **not** used as default routing and you create policies to selectively use the Wireguard client, make sure your settings are as following (three dots on the line imply other options can be listed in the section as well).
+
+Relevant part of ```/etc/config/vpn-policy-routing```:
+
+```text
+config vpn-policy-routing 'config'
+ list ignored_interface 'wgserver'
+ option append_src_rules '! -d 192.168.200.0/24'
+ ...
+```
+
+The recommended network/firewall settings are below.
+
+Relevant part of ```/etc/config/network``` (**DO NOT** modify default OpenWrt network settings for neither ```wan``` nor ```lan```):
+
+```text
+config interface 'wgclient'
+ option proto 'wireguard'
+ ...
+
+config wireguard_wgclient
+ list allowed_ips '0.0.0.0/0'
+ list allowed_ips '::0/0'
+ option endpoint_port '51820'
+ ...
+
+config interface 'wgserver'
+ option proto 'wireguard'
+ option listen_port '61820'
+ list addresses '192.168.200.1/24'
+ ...
+
+config wireguard_wgserver
+ list allowed_ips '192.168.200.2/32'
+ option route_allowed_ips '1'
+ ...
+```
+
+Relevant part of ```/etc/config/firewall``` (**DO NOT** modify default OpenWrt firewall settings for neither ```wan``` nor ```lan```):
+
+```text
+config zone
+ option name 'wgclient'
+ option network 'wgclient'
+ option input 'REJECT'
+ option forward 'ACCEPT'
+ option output 'REJECT'
+ option masq '1'
+ option mtu_fix '1'
+
+config forwarding
+ option src 'lan'
+ option dest 'wgclient'
+
+config zone
+ option name 'wgserver'
+ option network 'wgserver'
+ option input 'ACCEPT'
+ option forward 'REJECT'
+ option output 'ACCEPT'
+ option masq '1'
+
+config forwarding
+ option src 'wgserver'
+ option dest 'wan'
+
+config forwarding
+ option src 'wgserver'
+ option dest 'lan'
+
+config forwarding
+ option src 'wgserver'
+ option dest 'wgclient'
+
+config rule
+ option name 'Allow-WG-Inbound'
+ option target 'ACCEPT'
+ option src '*'
+ option proto 'udp'
+ option dest_port '61820'
+```
+
+#### Netflix Domains
+
+The following policy should route US Netflix traffic via WAN. For capturing international Netflix domain names, you can refer to [these getdomainnames.sh-specific instructions](https://github.com/Xentrk/netflix-vpn-bypass#ipset_netflix_domainssh) and don't forget to adjust them for OpenWrt. This may not work if Netflix changes things. For more reliable US Netflix routing you may want to consider using [custom user files](#custom-user-files).
+
+```text
+config policy
+ option name 'Netflix Domains'
+ option interface 'wan'
+ option dest_addr 'amazonaws.com netflix.com nflxext.com nflximg.net nflxso.net nflxvideo.net dvd.netflix.com'
+```
+
+#### Example Custom User Files Includes
+
+```text
+config include
+ option path '/etc/vpn-policy-routing.netflix.user'
+
+config include
+ option path '/etc/vpn-policy-routing.aws.user'
+```
+
+#### Basic OpenVPN Client Config
+
+There are multiple guides online on how to configure the OpenVPN client on OpenWrt "the easy way", and they usually result either in a kill-switch configuration or configuration where the OpenVPN tunnel cannot be properly (and separately from WAN) routed, either way, incompatible with the VPN Policy-Based Routing.
+
+Below is the sample OpenVPN client configuration for OpenWrt which is guaranteed to work. If you have already deviated from the instructions below (ie: made any changes to any of the ```wan``` or ```lan``` configurations in either ```/etc/config/network``` or ```/etc/config/firewall```), you will need to start from scratch with a fresh OpenWrt install.
+
+Relevant part of ```/etc/config/vpn-policy-routing```:
+
+```text
+config vpn-policy-routing 'config'
+ list supported_interface 'vpnc'
+ ...
+```
+
+The recommended network/firewall settings are below.
+
+Relevant part of ```/etc/config/network``` (**DO NOT** modify default OpenWrt network settings for neither ```wan``` nor ```lan```):
+
+```text
+config interface 'vpnc'
+ option proto 'none'
+ option ifname 'ovpnc0'
+```
+
+Relevant part of ```/etc/config/firewall``` (**DO NOT** modify default OpenWrt firewall settings for neither ```wan``` nor ```lan```):
+
+```text
+config zone
+ option name 'vpnc'
+ option network 'vpnc'
+ option input 'REJECT'
+ option forward 'REJECT'
+ option output 'ACCEPT'
+ option masq '1'
+ option mtu_fix '1'
+
+config forwarding
+ option src 'lan'
+ option dest 'vpnc'
+```
+
+If you have a Guest Network, add the following to the ```/etc/config/firewall```:
+
+```text
+config forwarding
+ option src 'guest'
+ option dest 'vpnc'
+```
+
+Relevant part of ```/etc/config/openvpn``` (configure the rest of the client connection for your specifics by either referring to an existing ```.ovpn``` file or thru the OpenWrt uci settings):
+
+```text
+config openvpn 'vpnc'
+ option enabled '1'
+ option client '1'
+ option dev_type 'tun'
+ option dev 'ovpnc0'
+ ...
+```
+
+## Footnotes/Known Issues
+
+1. <a name="footnote1"> </a> See [note about multiple OpenVPN clients](#multiple-openvpn-clients).
+
+2. <a name="footnote2"> </a> If your ```OpenVPN``` interface has the device name different from tun\* or tap\*, is not up and is not explicitly listed in ```supported_interface``` option, it may not be available in the policies ```Interface``` drop-down within WebUI.
+
+3. <a name="footnote3"> </a> If your default routing is set to the VPN tunnel, then the true WAN interface cannot be discovered using OpenWrt built-in functions, so service will assume your network interface ending with or starting with ```wan``` is the true WAN interface.
+
+4. <a name="footnote4"> </a> The service does **NOT** support the "killswitch" router mode (where if you stop the VPN tunnel, you have no internet connection). For proper operation, leave all the default OpenWrt ```network``` and ```firewall``` settings for ```lan``` and ```wan``` intact.
+
+5. <a name="footnote5"> </a> When using the ```dnsmasq.ipset``` option, please make sure to flush the DNS cache of the local devices, otherwise domain policies may not work until you do. If you're not sure how to flush the DNS cache (or if the device/OS doesn't offer an option to flush its DNS cache), reboot your local devices when starting to use the service and/or when connecting data-capable device to your WiFi.
+
+### Multiple OpenVPN Clients
+
+If you use multiple OpenVPN clients on your router, the order in which their devices are named (tun0, tun1, etc) is not guaranteed by OpenWrt/LEDE Project. The following settings are recommended in this case.
+
+For ```/etc/config/network```:
+
+```text
+config interface 'vpnclient0'
+ option proto 'none'
+ option ifname 'ovpnc0'
+
+config interface 'vpnclient1'
+ option proto 'none'
+ option ifname 'ovpnc1'
+```
+
+For ```/etc/config/openvpn```:
+
+```text
+config openvpn 'vpnclient0'
+ option client '1'
+ option dev_type 'tun'
+ option dev 'ovpnc0'
+ ...
+
+config openvpn 'vpnclient1'
+ option client '1'
+ option dev_type 'tun'
+ option dev 'ovpnc1'
+ ...
+```
+
+For ```/etc/config/vpn-policy-routing```:
+
+```text
+config vpn-policy-routing 'config'
+ list supported_interface 'vpnclient0 vpnclient1'
+ ...
+```
+
+### A Word About Default Routing
+
+Service does not alter the default routing. Depending on your VPN tunnel settings (and settings of the VPN server you are connecting to), the default routing might be set to go via WAN or via VPN tunnel. This service affects only routing of the traffic matching the policies. If you want to override default routing, set the following:
+
+- For OpenVPN 2.4 and newer client config:
+
+ ```text
+ list pull_filter 'ignore "redirect-gateway"'
+ ```
+
+- For OpenVPN 2.3 and older client config:
+
+ ```text
+ option route_nopull '1'
+ ```
+
+- For your Wireguard (client) config:
+
+ ```text
+ option route_allowed_ips '0'
+ ```
+
+- Routing Wireguard traffic requires setting `rp_filter = 2`. Please refer to [issue #41](https://github.com/stangri/openwrt_packages/issues/41) for more details.
+
+### A Word About HTTP/3 (QUICK)
+
+If you want to target traffic using HTTP/3 protocol, you can use the ```AUTO``` as the protocol (the policy will be either protocol-agnostic or ```TCP/UDP```) or explicitly use ```UDP``` as a protocol.
+
+### A Word About DNS-over-HTTPS
+
+Some browsers, like [Mozilla Firefox](https://support.mozilla.org/en-US/kb/firefox-dns-over-https#w_about-dns-over-https) or [Google Chrome/Chromium](https://blog.chromium.org/2019/09/experimenting-with-same-provider-dns.html) have [DNS-over-HTTPS proxy](https://en.wikipedia.org/wiki/DNS_over_HTTPS) built-in. Their requests to web-sites cannot be affected if the ```dnsmasq.ipset``` is set for the ```dest_ipset``` option. To fix this, you can try either of the following:
+
+ 1. Disable the DNS-over-HTTPS support in your browser and use the OpenWrt's [net/https-dns-proxy](https://github.com/openwrt/packages/tree/master/net/https-dns-proxy) package and set it up either [manually](https://openwrt.org/docs/guide-user/services/dns/doh_dnsmasq_https-dns-proxy?s[]=https&s[]=dns&s[]=proxy) or auto-magically with [https-dns-proxy luci app](https://github.com/openwrt/luci/tree/master/applications/luci-app-https_dns_proxy). You can then continue to use ```dnsmasq.ipset``` setting for the ```dest_ipset``` in VPN Policy Routing.
+
+ 2. Continue using DNS-over-HTTPS in your browser (which, by the way, also limits your options for router-level AdBlocking as described [in ```dnsmasq.ipset``` option description here](https://github.com/openwrt/packages/tree/master/net/simple-adblock/files#dns-resolution-option)), you than would either have to disable the ```dest_ipset``` or switch it to ```ipset```. Please note, you will lose all the benefits of [```dnsmasq.ipset```](#use-dnsmasq-ipset) option.
+
+### A Word About Cloudflare's 1.1.1.1 App
+
+Cloudflare has released an app for [iOS](https://itunes.apple.com/us/app/1-1-1-1-faster-internet/id1423538627) and [Android](https://play.google.com/store/apps/details?id=com.cloudflare.onedotonedotonedotone), which can also be configured to route traffic thru their own VPN tunnel (WARP+).
+
+If you use Cloudlfare's VPN tunnel (WARP+), none of the policies you set up with the VPN Policy Routing will take effect on your mobile device. Disable WARP+ for your home WiFi to keep VPN Policy Routing affecting your mobile device.
+
+If you just use the private DNS queries (WARP), [A Word About DNS-over-HTTPS](#a-word-about-DNS-over-HTTPS) applies. You can also disable WARP for your home WiFi to keep VPN Policy Routing affecting your mobile device.
+
+## Discussion
+
+Please head to [OpenWrt Forum](https://forum.openwrt.org/t/vpn-policy-based-routing-web-ui-discussion/10389) for discussions of this service.
+
+## Getting Help
+
+If things are not working as intended, please include the following in your post:
+
+- content of ```/etc/config/dhcp```
+- content of ```/etc/config/firewall```
+- content of ```/etc/config/network```
+- content of ```/etc/config/vpn-policy-routing```
+- the output of ```/etc/init.d/vpn-policy-routing support```
+- the output of ```/etc/init.d/vpn-policy-routing reload``` with verbosity setting set to 2
+
+If you don't want to post the ```/etc/init.d/vpn-policy-routing support``` output in a public forum, there's a way to have the support details automatically uploaded to my account at paste.ee by running: ```/etc/init.d/vpn-policy-routing support -p```. You need to have the following packages installed to enable paste.ee upload functionality: ```curl libopenssl ca-bundle```.
+
+WARNING: while paste.ee uploads are unlisted/not indexed at the web-site, they are still publicly available.
+
+## Thanks
+
+I'd like to thank everyone who helped create, test and troubleshoot this service. Without contributions from [@hnyman](https://github.com/hnyman), [@dibdot](https://github.com/dibdot), [@danrl](https://github.com/danrl), [@tohojo](https://github.com/tohojo), [@cybrnook](https://github.com/cybrnook), [@nidstigator](https://github.com/nidstigator), [@AndreBL](https://github.com/AndreBL) and [@dz0ny](https://github.com/dz0ny) and rigorous testing/bugreporting by [@dziny](https://github.com/dziny), [@bluenote73](https://github.com/bluenote73), [@buckaroo](https://github.com/pgera), [@Alexander-r](https://github.com/Alexander-r), [n8v8R](https://github.com/n8v8R) and [psherman](https://forum.openwrt.org/u/psherman) it wouldn't have been possible. Wireguard/IPv6 support is courtesy of [Mullvad](https://www.mullvad.net), [IVPN](https://www.ivpn.net/) and [WireVPN](https://www.wirevpn.net).
--- /dev/null
+#!/bin/sh
+# This file is heavily based on code from https://github.com/Xentrk/netflix-vpn-bypass/blob/master/IPSET_Netflix.sh
+
+TARGET_IPSET='wan'
+
+TARGET_URL="https://ip-ranges.amazonaws.com/ip-ranges.json"
+TARGET_FNAME="/var/tmp_aws_ip_ranges"
+
+curl "$TARGET_URL" 2>/dev/null | grep "ip_prefix" | sed 's/^.*\"ip_prefix\": \"//; s/\",//' > "$TARGET_FNAME"
+awk -v ipset="$TARGET_IPSET" '{print "add " ipset " " $1}' "$TARGET_FNAME" | ipset restore -!
+rm -f "$TARGET_FNAME"
--- /dev/null
+config vpn-policy-routing 'config'
+ option enabled '0'
+ option verbosity '2'
+ option strict_enforcement '1'
+ option src_ipset '0'
+ option dest_ipset 'dnsmasq.ipset'
+ option ipv6_enabled '0'
+ list supported_interface ''
+ list ignored_interface 'vpnserver wgserver'
+ option boot_timeout '30'
+ option iptables_rule_option 'append'
+ option iprule_enabled '0'
+ option webui_enable_column '0'
+ option webui_protocol_column '0'
+ option webui_chain_column '0'
+ option webui_sorting '1'
+ list webui_supported_protocol 'tcp'
+ list webui_supported_protocol 'udp'
+ list webui_supported_protocol 'tcp udp'
+ list webui_supported_protocol 'icmp'
+ list webui_supported_protocol 'all'
+
+config include
+ option path '/etc/vpn-policy-routing.netflix.user'
+ option enabled 0
+
+config include
+ option path '/etc/vpn-policy-routing.aws.user'
+ option enabled 0
--- /dev/null
+#!/bin/sh
+
+[ "$ACTION" = "reload" ] || exit 0
+
+logger -t "vpn-policy-routing" "Reloading vpn-policy-routing due to $ACTION of firewall"
+/etc/init.d/vpn-policy-routing reload
--- /dev/null
+#!/bin/sh
+
+if [ "$ACTION" != "ifup" ] && [ "$ACTION" != "ifupdate" ]; then exit 0; fi
+
+logger -t vpn-policy-routing "Reloading vpn-policy-routing due to $ACTION of $INTERFACE ($DEVICE)"
+/etc/init.d/vpn-policy-routing reload
--- /dev/null
+#!/bin/sh /etc/rc.common
+# Copyright 2017-2019 Stan Grishin (stangri@melmac.net)
+# shellcheck disable=SC2039
+# shellcheck disable=SC1091
+PKG_VERSION='dev-test'
+
+export START=94
+export USE_PROCD=1
+
+readonly _OK_='\033[0;32m\xe2\x9c\x93\033[0m'
+readonly _FAIL_='\033[0;31m\xe2\x9c\x97\033[0m'
+readonly __OK__='\033[0;32m[\xe2\x9c\x93]\033[0m'
+readonly __FAIL__='\033[0;31m[\xe2\x9c\x97]\033[0m'
+readonly __PASS__='\033[0;33m[-]\033[0m'
+readonly _ERROR_='\033[0;31mERROR\033[0m'
+readonly _WARNING_='\033[0;33mWARNING\033[0m'
+# readonly readmeURL="https://github.com/openwrt/packages/tree/master/net/vpn-policy-routing/files/README.md"
+readonly readmeURL="https://github.com/stangri/openwrt_packages/blob/master/vpn-policy-routing/files/README.md"
+
+export EXTRA_COMMANDS='support'
+export EXTRA_HELP=" support Generates output required to troubleshoot routing issues
+ Use '-d' option for more detailed output
+ Use '-p' option to automatically upload data under VPR paste.ee account
+ WARNING: while paste.ee uploads are unlisted, they are still publicly available
+ List domain names after options to include their lookup in report"
+
+readonly packageName='vpn-policy-routing'
+readonly serviceName="$packageName $PKG_VERSION"
+readonly PID="/var/run/${packageName}.pid"
+readonly dnsmasqFile="/var/dnsmasq.d/${packageName}"
+readonly userFile="/etc/${packageName}.user"
+create_lock() { [ -e "$PID" ] && return 1; touch "$PID"; }
+remove_lock() { [ -e "$PID" ] && rm -f "$PID"; }
+trap remove_lock EXIT
+output_ok() { output 1 "$_OK_"; output 2 "$__OK__\\n"; }
+output_okn() { output 1 "$_OK_\\n"; output 2 "$__OK__\\n"; }
+output_fail() { s=1; output 1 "$_FAIL_"; output 2 "$__FAIL__\\n"; }
+output_failn() { output 1 "$_FAIL_\\n"; output 2 "$__FAIL__\\n"; }
+# str_replace() { printf "%b" "$1" | sed -e "s/$(printf "%b" "$2")/$(printf "%b" "$3")/g"; }
+# str_contains() { [ "$1" != "$(str_replace "$1" "$2" "")" ]; }
+# shellcheck disable=SC2018,SC2019
+str_to_lower() { echo "$1" | tr 'A-Z' 'a-z'; }
+output() {
+# Can take a single parameter (text) to be output at any verbosity
+# Or target verbosity level and text to be output at specifc verbosity
+ local msg
+ if [ $# -ne 1 ]; then
+ if [ $((verbosity & $1)) -gt 0 ] || [ "$verbosity" = "$1" ]; then shift; else return 0; fi
+ fi
+ [ -t 1 ] && printf "%b" "$1"
+ msg="${1//$serviceName /service }";
+ if [ "$(printf "%b" "$msg" | wc -l)" -gt 0 ]; then
+ logger -t "${packageName:-service} [$$]" "$(printf "%b" "${logmsg}${msg}")"
+ logmsg=''
+ else
+ logmsg="${logmsg}${msg}"
+ fi
+}
+is_installed() { [ -s "/usr/lib/opkg/info/${1}.control" ]; }
+
+export serviceEnabled verbosity strictMode wanTableID wanMark fwMask
+export ipv6Enabled localIpset remoteIpset ipruleEnabled icmpIface
+export ignoredIfaces="" supportedIfaces=""
+export appendLocalPolicy="" appendRemotePolicy=""
+export wanIface4 wanIface6 ifaceMark ifaceTableID ifAll ifSupported wanGW4 wanGW6
+export bootTimeout insertOption
+
+list_iface() { ifAll="${ifAll}${1} "; }
+list_supported_iface() { is_supported_interface "$1" && ifSupported="${ifSupported}${1} "; }
+vpr_find_true() {
+ local iface i param="$2"
+ [ "$param" = 'wan6' ] || param='wan'
+ "network_find_${param}" iface
+ is_tunnel "$iface" && unset iface
+ if [ -z "$iface" ]; then
+ unset ifAll; config_load 'network';
+ config_foreach list_iface 'interface'
+ for i in $ifAll; do
+ if "is_${param}" "$i"; then break; else unset i; fi
+ done
+ fi
+ export "$1=${iface:-$i}"
+}
+vpr_get_gateway() {
+ local iface="$2" dev="$3" gw
+ network_get_gateway gw "$iface"
+ if [ -z "$gw" ] || [ "$gw" = '0.0.0.0' ]; then
+ gw="$(ip -4 a list dev "$dev" 2>/dev/null | grep inet | awk '{print $2}' | awk -F "/" '{print $1}')"
+ fi
+ export "$1=$gw"
+}
+vpr_get_gateway6() {
+ local iface="$2" dev="$3" gw
+ network_get_gateway6 gw "$iface"
+ if [ -z "$gw" ] || [ "$gw" = '::/0' ] || [ "$gw" = '::0/0' ] || [ "$gw" = '::' ]; then
+ gw="$(ip -6 a list dev "$dev" 2>/dev/null | grep inet6 | awk '{print $2}')"
+ fi
+ export "$1=$gw"
+}
+is_l2tp() { local proto; proto=$(uci -q get network."$1".proto); [ "${proto:0:4}" = "l2tp" ]; }
+is_oc() { local proto; proto=$(uci -q get network."$1".proto); [ "${proto:0:11}" = "openconnect" ]; }
+is_ovpn() { local dev; dev=$(uci -q get network."$1".ifname); [ "${dev:0:3}" = "tun" ] || [ "${dev:0:3}" = "tap" ] || [ -f "/sys/devices/virtual/net/${dev}/tun_flags" ]; }
+is_pptp() { local proto; proto=$(uci -q get network."$1".proto); [ "${proto:0:4}" = "pptp" ]; }
+is_tor() { local dev; dev=$(uci -q get network."$1".ifname); [ "${dev:0:3}" = "tor" ]; }
+is_wg() { local proto; proto=$(uci -q get network."$1".proto); [ "${proto:0:9}" = "wireguard" ]; }
+is_tunnel() { is_l2tp "$1" || is_oc "$1" || is_ovpn "$1" || is_pptp "$1" || is_tor "$1" || is_wg "$1"; }
+is_wan() { [ "$1" = "$wanIface4" ] || { [ "${1##wan}" != "$1" ] && [ "${1##wan6}" = "$1" ]; } || [ "${1%%wan}" != "$1" ]; }
+is_wan6() { [ -n "$wanIface6" ] && [ "$1" = "$wanIface6" ] || [ "${1/#wan6}" != "$1" ] || [ "${1/%wan6}" != "$1" ]; }
+string_match_word() { echo "$1" | grep -q -w "$2"; }
+is_ignored_interface() { string_match_word "$ignoredIfaces" "$1"; }
+is_supported_interface() { string_match_word "$supportedIfaces" "$1" || { ! is_ignored_interface "$1" && { is_wan "$1" || is_wan6 "$1" || is_tunnel "$1"; }; }; }
+is_mac_address() { expr "$1" : '[0-9A-F][0-9A-F]:[0-9A-F][0-9A-F]:[0-9A-F][0-9A-F]:[0-9A-F][0-9A-F]:[0-9A-F][0-9A-F]:[0-9A-F][0-9A-F]$' >/dev/null; }
+is_ipv4() { expr "$1" : '[0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*$' >/dev/null; }
+is_ipv6() { ! is_mac_address "$1" && [ "${1//:}" != "$1" ]; }
+is_ipv6_link_local() { [ "${1:0:4}" = "fe80" ]; }
+is_ipv6_unique_local() { [ "${1:0:2}" = "fc" ] || [ "${1:0:2}" = "fd" ]; }
+is_ipv6_global() { [ "${1:0:4}" = "2001" ]; }
+# is_ipv6_global() { is_ipv6 "$1" && ! is_ipv6_link_local "$1" && ! is_ipv6_link_local "$1"; }
+is_netmask() { local ip="${1%/*}"; [ "$ip" != "$1" ] && is_ipv4 "$ip"; }
+is_domain() { [ "${1//[a-zA-Z-]}" != "$1" ]; }
+is_phys_dev() { [ "${1:0:1}" = "@" ] && ip -4 r | grep -q "^${1:1}"; }
+is_turris() { /bin/ubus -S call system board | /bin/grep 'Turris' | /bin/grep -q '15.05'; }
+is_chaos_calmer() { ubus -S call system board | grep -q 'Chaos Calmer'; }
+dnsmasq_kill() { killall -q -HUP dnsmasq; }
+dnsmasq_restart() { output 1 'Restarting DNSMASQ '; if /etc/init.d/dnsmasq restart >/dev/null 2>&1; then output_okn; else output_failn; fi; }
+is_default_dev() { [ "$1" = "$(ip -4 r | grep -m1 'dev' | grep -Eso 'dev [^ ]*' | awk '{print $2}')" ]; }
+is_supported_iface_dev() {
+ for n in $ifSupported; do
+ if [ "$1" = "$(uci -q get "network.${n}.ifname" || echo "$n")" ] || [ "$1" = "$(uci -q get "network.${n}.proto")-${n}" ] ; then return 0; fi
+ done
+ return 1
+}
+is_supported_protocol () { grep -o '^[^#]*' /etc/protocols | grep -w -v '0' | grep . | awk '{print $1}' | grep -q "$1"; }
+
+load_package_config() {
+ config_load "$packageName"
+ config_get_bool serviceEnabled 'config' 'enabled' 0
+ config_get_bool strictMode 'config' 'strict_enforcement' 1
+ config_get_bool ipv6Enabled 'config' 'ipv6_enabled' 0
+ config_get_bool localIpset 'config' 'src_ipset' 0
+ config_get_bool ipruleEnabled 'config' 'iprule_enabled' 0
+ config_get remoteIpset 'config' 'dest_ipset'
+ config_get appendLocalPolicy 'config' 'append_src_rules'
+ config_get appendRemotePolicy 'config' 'append_dest_rules'
+ config_get verbosity 'config' 'verbosity' '2'
+ config_get wanTableID 'config' 'wan_tid' '201'
+ config_get wanMark 'config' 'wan_mark' '0x010000'
+ config_get fwMask 'config' 'fw_mask' '0xff0000'
+ config_get icmpIface 'config' 'icmp_interface'
+ config_get ignoredIfaces 'config' 'ignored_interface'
+ config_get supportedIfaces 'config' 'supported_interface'
+ config_get bootTimeout 'config' 'boot_timeout' '30'
+ config_get insertOption 'config' 'iptables_rule_option' 'append'
+
+ if [ -z "${verbosity##*[!0-9]*}" ] || [ "$verbosity" -lt 0 ] || [ "$verbosity" -gt 2 ]; then
+ verbosity=1
+ fi
+
+ . /lib/functions/network.sh
+ . /usr/share/libubox/jshn.sh
+ vpr_find_true wanIface4 'wan'
+ [ "$ipv6Enabled" -ne 0 ] && vpr_find_true wanIface6 'wan6'
+ [ -n "$wanIface4" ] && network_get_gateway wanGW4 "$wanIface4"
+ [ -n "$wanIface6" ] && network_get_gateway6 wanGW6 "$wanIface6"
+ wanGW="${wanGW4:-$wanGW6}"
+}
+
+is_enabled() {
+ load_package_config
+ if [ "$serviceEnabled" -eq 0 ]; then
+ if [ "$1" = 'on_start' ]; then
+ output "$packageName is currently disabled.\\n"
+ output "Run the following commands before starting service again:\\n"
+ output "uci set $packageName.config.enabled='1'; uci commit;\\n"
+ fi
+ return 1
+ fi
+
+ case $insertOption in
+ insert|-i|-I) insertOption='-I';;
+ append|-a|-A|*) insertOption='-A';;
+ esac
+
+ case $remoteIpset in
+ ipset)
+ if ! ipset help hash:net >/dev/null 2>&1; then
+ output "$_ERROR_: ipset support is enabled in $packageName, but ipset is either not installed or installed ipset does not support 'hash:net' type!\\n"
+ unset remoteIpset
+ fi
+ ;;
+ dnsmasq.ipset)
+ if dnsmasq -v 2>/dev/null | grep -q 'no-ipset' || ! dnsmasq -v 2>/dev/null | grep -q -w 'ipset'; then
+ output "$_ERROR_: DNSMASQ ipset support is enabled in $packageName, but DNSMASQ is either not installed or installed DNSMASQ does not support ipsets!\\n"
+ unset remoteIpset
+ fi
+ if ! ipset help hash:net >/dev/null 2>&1; then
+ output "$_ERROR_: DNSMASQ ipset support is enabled in $packageName, but ipset is either not installed or installed ipset does not support 'hash:net' type!\\n"
+ unset remoteIpset
+ fi
+ ;;
+ *) unset remoteIpset;;
+ esac
+
+ if [ "$localIpset" -ne 0 ]; then
+ if ! ipset help hash:net >/dev/null 2>&1; then
+ output "$_ERROR_: Local ipset support is enabled in $packageName, but ipset is either not installed or installed ipset does not support 'hash:net' type!\\n"
+ unset localIpset
+ fi
+ if ! ipset help hash:mac >/dev/null 2>&1; then
+ output "$_ERROR_: Local ipset support is enabled in $packageName, but ipset is either not installed or installed ipset does not support 'hash:mac' type!\\n"
+ unset localIpset
+ fi
+ fi
+}
+
+is_wan_up() {
+ local sleepCount=1
+ while [ -z "$wanGW" ] ; do
+ vpr_find_true wanIface4 'wan'
+ [ "$ipv6Enabled" -ne 0 ] && vpr_find_true wanIface6 'wan6'
+ [ -n "$wanIface4" ] && network_get_gateway wanGW4 "$wanIface4"
+ [ -n "$wanIface6" ] && network_get_gateway6 wanGW6 "$wanIface6"
+ wanGW="${wanGW4:-$wanGW6}"
+ if [ $((sleepCount)) -gt $((bootTimeout)) ] || [ -n "$wanGW" ]; then break; fi
+ output "$serviceName waiting for wan gateway...\\n"; sleep 1; network_flush_cache; sleepCount=$((sleepCount+1));
+ done
+ mkdir -p "${PID%/*}"; mkdir -p "${dnsmasqFile%/*}";
+ unset ifSupported
+ config_load 'network'
+ config_foreach list_supported_iface 'interface'
+ if [ -n "$wanGW" ]; then
+ return 0
+ else
+ output "$_ERROR_: $serviceName failed to discover WAN gateway!\\n"
+ return 1
+ fi
+}
+
+ipt_cleanup() {
+ local i
+ for i in PREROUTING FORWARD INPUT OUTPUT; do
+ while iptables -t mangle -D $i -m mark --mark 0x0/0xff0000 -j VPR_${i} >/dev/null 2>&1; do : ; done
+ done
+}
+
+# shellcheck disable=SC2086
+ipt() {
+ local d failFlagIpv4=1 failFlagIpv6=1
+ for d in "${*//-A/-D}" "${*//-I/-D}" "${*//-N/-F}" "${*//-N/-X}"; do
+ [ "$d" != "$*" ] && { iptables $d >/dev/null 2>&1; ip6tables $d >/dev/null 2>&1; }
+ done
+
+ d="$*"; iptables $d >/dev/null 2>&1 && failFlagIpv4=0;
+ if [ "$ipv6Enabled" -gt 0 ]; then ip6tables $d >/dev/null 2>&1 && failFlagIpv6=0; fi
+
+ [ "$failFlagIpv4" -eq 0 ] || [ "$failFlagIpv6" -eq 0 ]
+}
+
+# shellcheck disable=SC2086
+ips() {
+ local command="$1" ipset="${2//-/_}" param="$3" comment="$4" appendix failFlag=0
+ if [ "${ipset//_ip}" != "${ipset}" ]; then
+ ipset="${ipset//_ip}"; appendix='_ip';
+ elif [ "${ipset//_mac}" != "${ipset}" ]; then
+ ipset="${ipset//_mac}"; appendix='_mac';
+ fi
+
+ if [ "$command" = "add_dnsmasq" ]; then
+ [ "$remoteIpset" != 'dnsmasq.ipset' ] && return 1
+# elif [ "$command" = "add_unbound" ]; then
+# [ "$remoteIpset" != 'unbound.ipset' ] && return 1
+ else
+ if [[ -z "$appendix" && -z "$remoteIpset" ]] || \
+ [[ -n "$appendix" && "$localIpset" -eq 0 ]]; then
+ return 1
+ fi
+ fi
+
+ case "$command" in
+ add_dnsmasq)
+ echo "ipset=/${param}/${ipset} # $comment" >> "$dnsmasqFile" || failFlag=1
+ ;;
+ add)
+ ipset -q -! $command "${ipset}${appendix}" $param comment "$comment" || failFlag=1
+ ;;
+ create)
+ ipset -q -! "$command" "${ipset}${appendix}" $param || failFlag=1
+ ;;
+ destroy|flush)
+ ipset -q -! "$command" "${ipset}${appendix}" 2>/dev/null || failFlag=1
+ return 0
+ ;;
+ esac
+ return $failFlag
+}
+
+ipr()
+{
+ [ "$ipruleEnabled" -ne 0 ] || return 1
+ local comment="$1" tid=$(eval echo "\$tid_${2//-/_}") laddr="$3" failFlagIpv4=0 failFlagIpv6=1
+ ip -4 rule del from "$laddr" table "$tid" >/dev/null 2>&1
+ ip -4 rule add from "$laddr" table "$tid" >/dev/null 2>&1 || failFlagIpv4=1
+ if [ "$ipv6Enabled" -ne 0 ]; then
+ ip -6 rule del from "$laddr" table "$tid" >/dev/null 2>&1
+ ip -6 rule add from "$laddr" table "$tid" >/dev/null 2>&1 && failFlagIpv6=0
+ fi
+ if [ "$failFlagIpv4" -eq 0 ] || [ "$failFlagIpv6" -eq 0 ]; then return 0; else return 1; fi
+}
+
+insert_tor_policy() {
+ local comment="$1" iface="$2" laddr="$3" lport="$4" raddr="$5" rport="$6" proto="$7" chain="${8:-PREROUTING}"
+ local mark=$(eval echo "\$mark_${iface//-/_}")
+ [ -z "$mark" ] && processPolicyError="${processPolicyError}${_ERROR_}: Unknown fw_mark for ${iface}##"
+ param="-t mangle $insertOption VPR_${chain} 1 -j MARK --set-xmark ${mark}/${fwMask}"
+ [ -n "$laddr" ] && param="$param -s $laddr"
+ [ -n "$lport" ] && param="$param -p tcp -m multiport --sport ${lport//-/:}"
+ [ -n "$raddr" ] && param="$param -d $raddr"
+ [ -n "$rport" ] && param="$param -p $proto -m multiport --dport ${rport//-/:}"
+ [ -n "$comment" ] && param="$param -m comment --comment $(echo "$comment" | tr '[\. ~`!@#$%^&*()\+/,<>?//;:]' '_')"
+# Here be dragons
+ return 0
+}
+
+insert_policy() {
+ local comment="$1" iface="$2" laddr="$3" lport="$4" raddr="$5" rport="$6" proto="$(str_to_lower "$7")" chain="${8:-PREROUTING}"
+ local mark=$(eval echo "\$mark_${iface//-/_}") param i valueNeg value
+ if [ "$ipv6Enabled" -eq 0 ]; then
+ is_ipv6 "$laddr" && return 0
+ is_ipv6 "$raddr" && return 0
+ fi
+
+ if [ -z "$mark" ]; then
+ processPolicyError="${processPolicyError}${_ERROR_}: Unknown fw_mark for ${iface}##"
+ return 0
+ fi
+
+ if [ -z "$proto" ] || [ "$proto" = 'all' ]; then
+ if [ -z "${lport}${raddr}${rport}" ] && [ -n "$laddr" ]; then
+ proto='all'
+ elif [ -z "${laddr}${lport}${rport}" ] && [ -n "$raddr" ]; then
+ proto='all'
+ elif [ -n "$lport" ] || [ -n "$rport" ]; then
+ proto='tcp udp'
+ else
+ proto='tcp'
+ fi
+ fi
+
+ for i in $proto; do
+ if [ "$i" = 'all' ]; then
+ param="-t mangle -I VPR_${chain} -j MARK --set-xmark ${mark}/${fwMask}"
+ elif ! is_supported_protocol "$i"; then
+ processPolicyError="${processPolicyError}${_ERROR_}: Unknown protocol '$i' in policy '$comment'##"
+ return 0
+ else
+ param="-t mangle -I VPR_${chain} -j MARK --set-xmark ${mark}/${fwMask} -p $i"
+ fi
+
+ if [ -n "$laddr" ]; then
+ if [ "${laddr:0:1}" = "!" ]; then
+ valueNeg='!'; value="${laddr:1}"
+ else
+ unset valueNeg; value="$laddr";
+ fi
+ if is_phys_dev "$value"; then
+ param="$param $valueNeg -i ${value:1}"
+ elif is_mac_address "$value"; then
+ param="$param -m mac $valueNeg --mac-source $value"
+ elif [ "${appendLocalPolicy//-d}" != "$appendLocalPolicy" ] && [ -n "$raddr" ]; then
+ param="$param $valueNeg -s $value"
+ processPolicyError="${processPolicyError}${_ERROR_}: Cannot append '$comment' policy with '$appendLocalPolicy' as destination is already set to '$raddr'##"
+ else
+ param="$param $valueNeg -s $value $appendLocalPolicy"
+ fi
+ fi
+
+ if [ -n "$lport" ]; then
+ if [ "${lport:0:1}" = "!" ]; then
+ valueNeg='!'; value="${lport:1}"
+ else
+ unset valueNeg; value="$lport";
+ fi
+ param="$param -m multiport $valueNeg --sport ${value//-/:}"
+ fi
+
+ if [ -n "$raddr" ]; then
+ if [ "${raddr:0:1}" = "!" ]; then
+ valueNeg='!'; value="${raddr:1}"
+ else
+ unset valueNeg; value="$raddr";
+ fi
+ if [ "${appendRemotePolicy//-s}" != "$appendRemotePolicy" ] && [ -n "$laddr" ]; then
+ param="$param $valueNeg -d $value"
+ processPolicyError="${processPolicyError}${_ERROR_}: Cannot append '$comment' policy with '$appendRemotePolicy' as source is already set to '$laddr'\\n"
+ else
+ param="$param $valueNeg -d $value $appendRemotePolicy"
+ fi
+ fi
+
+ if [ -n "$rport" ]; then
+ if [ "${rport:0:1}" = "!" ]; then
+ valueNeg='!'; value="${rport:1}"
+ else
+ unset valueNeg; value="$rport";
+ fi
+ param="$param -m multiport $valueNeg --dport ${value//-/:}"
+ fi
+
+ [ -n "$comment" ] && param="$param -m comment --comment $(echo "$comment" | tr '[\. ~`!@#$%^&*()\+/,<>?//;:]' '_')"
+ ipt "$param" || processPolicyError="${processPolicyError}${_ERROR_}: iptables $param\\n"
+ done
+ return 0
+}
+
+r_process_policy(){
+ local comment="$1" iface="$2" laddr="$3" lport="$4" raddr="$5" rport="$6" proto="$7" chain="$8" resolved_laddr resolved_raddr i ipsFailFlag
+ if [ "${laddr//[ ;\{\}]/}" != "$laddr" ]; then
+ for i in $(echo "$laddr" | tr ';{}' ' '); do [ -n "$i" ] && r_process_policy "$comment" "$iface" "$i" "$lport" "$raddr" "$rport" "$proto" "$chain"; done
+ return 0
+ elif [ "${lport//[ ;\{\}]/}" != "$lport" ]; then
+ for i in $(echo "$lport" | tr ';{}' ' '); do [ -n "$i" ] && r_process_policy "$comment" "$iface" "$laddr" "$i" "$raddr" "$rport" "$proto" "$chain"; done
+ return 0
+ elif [ "${raddr//[ ;\{\}]/}" != "$raddr" ]; then
+ for i in $(echo "$raddr" | tr ';{}' ' '); do [ -n "$i" ] && r_process_policy "$comment" "$iface" "$laddr" "$lport" "$i" "$rport" "$proto" "$chain"; done
+ return 0
+ elif [ "${rport//[ ;\{\}]/}" != "$rport" ]; then
+ for i in $(echo "$rport" | tr ';{}' ' '); do [ -n "$i" ] && r_process_policy "$comment" "$iface" "$laddr" "$lport" "$raddr" "$i" "$proto" "$chain"; done
+ return 0
+ fi
+
+ # start non-recursive processing
+ # process TOR, netmask, physical device and mac-address separately, so we don't send them to resolveip
+ if is_tor "$iface"; then
+ insert_tor_policy "$comment" "$iface" "$laddr" "$lport" "$raddr" "$rport" "$proto" "$chain"
+ elif is_phys_dev "$laddr"; then
+ insert_policy "$comment" "$iface" "$laddr" "$lport" "$raddr" "$rport" "$proto" "$chain"
+ elif [ -n "$laddr" ] && [ -z "${lport}${raddr}${rport}" ] && [ "$chain" = 'PREROUTING' ]; then
+ if is_mac_address "$laddr"; then
+ if [ -n "$proto" ] && [ "$proto" != 'all' ] && [ "$localIpset" -ne 0 ]; then
+ processPolicyWarning="${processPolicyWarning}${_WARNING_}: Please unset 'proto' or set 'proto' to 'all' for policy '$comment', mac-address '$laddr'\\n"
+ fi
+ ips 'add' "${iface}_mac" "$laddr" "${comment}: $laddr" || ipsFailFlag=1
+ else
+ if [ -n "$proto" ] && [ "$proto" != "all" ] && [ "$localIpset" -ne 0 ]; then
+ processPolicyWarning="${processPolicyWarning}${_WARNING_}: Please unset 'proto' or set 'proto' to 'all' for policy '$comment', address '$laddr'\\n"
+ fi
+ if ! ips 'add' "${iface}_ip" "$laddr" "${comment}: $laddr"; then
+ ipr "$comment" "$iface" "$i" || ipsFailFlag=1
+ fi
+ fi
+ elif [ -n "$raddr" ] && [ -z "${laddr}${lport}${rport}" ] && [ "$chain" = 'PREROUTING' ] && [ -n "$remoteIpset" ]; then
+ if [ -n "$proto" ] && [ "$proto" != 'all' ]; then
+ processPolicyWarning="${processPolicyWarning}${_WARNING_}: Please unset 'proto' or set 'proto' to 'all' for policy '$comment', domain '$raddr'\\n"
+ fi
+ case "$remoteIpset" in
+ ipset)
+ ips 'add' "${iface}" "$raddr" "${comment}: $raddr" || ipsFailFlag=1;;
+ dnsmasq.ipset)
+ if is_domain "$raddr"; then ips 'add_dnsmasq' "${iface}" "$raddr" "${comment}" || ipsFailFlag=1
+ else ips 'add' "${iface}" "$raddr" "${comment}: $raddr" || ipsFailFlag=1; fi;;
+ esac
+ else
+ ipsFailFlag=1
+ fi
+ if [ -n "$ipsFailFlag" ]; then
+ if is_mac_address "$laddr"; then
+ insert_policy "$comment" "$iface" "$laddr" "$lport" "$raddr" "$rport" "$proto" "$chain"
+ elif is_netmask "$laddr" || is_netmask "$raddr"; then
+ insert_policy "$comment" "$iface" "$laddr" "$lport" "$raddr" "$rport" "$proto" "$chain"
+ else
+ [ -n "$laddr" ] && resolved_laddr="$(resolveip "$laddr")"
+ [ -n "$raddr" ] && resolved_raddr="$(resolveip "$raddr")"
+ if [ -n "$resolved_laddr" ] && [ "$resolved_laddr" != "$laddr" ]; then
+ for i in $resolved_laddr; do [ -n "$i" ] && r_process_policy "$comment $laddr" "$iface" "$i" "$lport" "$raddr" "$rport" "$proto" "$chain"; done
+ elif [ -n "$resolved_raddr" ] && [ "$resolved_raddr" != "$raddr" ]; then
+ for i in $resolved_raddr; do [ -n "$i" ] && r_process_policy "$comment $raddr" "$iface" "$laddr" "$lport" "$i" "$rport" "$proto" "$chain"; done
+ else
+ insert_policy "$comment" "$iface" "$laddr" "$lport" "$raddr" "$rport" "$proto" "$chain"
+ fi
+ fi
+ fi
+}
+
+process_policy(){
+ local name comment iface laddr lport raddr rport param mark processPolicyError processPolicyWarning proto chain enabled
+ config_get comment "$1" 'comment'
+ config_get name "$1" 'name' 'blank'
+ config_get iface "$1" 'interface'
+ config_get laddr "$1" 'src_addr'
+ config_get lport "$1" 'src_port'
+ config_get raddr "$1" 'dest_addr'
+ config_get rport "$1" 'dest_port'
+ config_get proto "$1" 'proto'
+ config_get chain "$1" 'chain' 'PREROUTING'
+ config_get_bool enabled "$1" 'enabled' 1
+
+ [ "$enabled" -gt 0 ] || return 0
+ [ "$proto" = 'auto' ] && unset proto
+ [ "$proto" = 'AUTO' ] && unset proto
+
+ comment="${comment:-$name}"
+ output 2 "Routing '$comment' via $iface "
+
+ if [ -z "$comment" ]; then
+ errorSummary="${errorSummary}${_ERROR_}: Policy name is empty\\n"
+ output_fail; return 1;
+ fi
+ if [ -z "${laddr}${lport}${raddr}${rport}" ]; then
+ errorSummary="${errorSummary}${_ERROR_}: Policy '$comment' missing all IPs/ports\\n"
+ output_fail; return 1;
+ fi
+ if [ -z "$iface" ]; then
+ errorSummary="${errorSummary}${_ERROR_}: Policy '$comment' has no assigned interface\\n"
+ output_fail; return 1;
+ fi
+ if ! is_supported_interface "$iface"; then
+ errorSummary="${errorSummary}${_ERROR_}: Policy '$comment' has unknown interface: '${iface}'\\n"
+ output_fail; return 1;
+ fi
+
+ lport="${lport// / }"; lport="${lport// /,}"; lport="${lport//,\!/ !}";
+ rport="${rport// / }"; rport="${rport// /,}"; rport="${rport//,\!/ !}";
+ r_process_policy "$comment" "$iface" "$laddr" "$lport" "$raddr" "$rport" "$proto" "$chain"
+ if [ -n "$processPolicyWarning" ]; then
+ warningSummary="${warningSummary}${processPolicyWarning}\\n"
+ fi
+ if [ -n "$processPolicyError" ]; then
+ output_fail
+ errorSummary="${errorSummary}${processPolicyError}\\n"
+ else
+ output_ok
+ fi
+}
+
+table_destroy(){
+ local tid="$1" iface="$2" mark="$3"
+ if [ -n "$tid" ] && [ -n "$iface" ] && [ -n "$mark" ]; then
+ ip -4 rule del fwmark "$mark" table "$tid" >/dev/null 2>&1
+ ip -6 rule del fwmark "$mark" table "$tid" >/dev/null 2>&1
+ ip -4 rule del table "$tid" >/dev/null 2>&1
+ ip -6 rule del table "$tid" >/dev/null 2>&1
+ ip -4 route flush table "$tid";
+ ip -6 route flush table "$tid";
+ ips 'flush' "${iface}"; ips 'destroy' "${iface}";
+ ips 'flush' "${iface}_ip"; ips 'destroy' "${iface}_ip";
+ ips 'flush' "${iface}_mac"; ips 'destroy' "${iface}_mac";
+ ip -4 route flush cache
+ ip -6 route flush cache
+ return 0
+ else
+ return 1
+ fi
+}
+
+# shellcheck disable=SC2086
+table_create(){
+ local tid="$1" mark="$2" iface="$3" gw4="$4" dev="$5" gw6="$6" dev6="$7" dscp s=0 i ipv4_error=0 ipv6_error=0
+
+ if [ -z "$tid" ] || [ -z "$mark" ] || [ -z "$iface" ]; then
+ return 1
+ fi
+
+ table_destroy "$tid" "$iface" "$mark"
+
+ if [ -n "$gw4" ] || [ "$strictMode" -ne 0 ]; then
+ if [ -z "$gw4" ]; then
+ ip -4 route add unreachable default table "$tid" >/dev/null 2>&1 || ipv4_error=1
+ else
+ ip -4 route add default via "$gw4" dev "$dev" table "$tid" >/dev/null 2>&1 || ipv4_error=1
+ fi
+ ip -4 route ls table main | grep -v 'br-lan' | while read -r i; do
+ idev="$(echo "$i" | grep -Eso 'dev [^ ]*' | awk '{print $2}')"
+ if ! is_supported_iface_dev "$idev"; then
+ ip -4 route add $i table "$tid" >/dev/null 2>&1 || ipv4_error=1
+ fi
+ done
+ ip -4 route flush cache || ipv4_error=1
+ ip -4 rule add fwmark "$mark" table "$tid" || ipv4_error=1
+ fi
+
+ if [ "$ipv6Enabled" -ne 0 ]; then
+ if { [ -n "$gw6" ] && [ "$gw6" != "::/0" ]; } || [ "$strictMode" -ne 0 ]; then
+ if [ -z "$gw6" ] || [ "$gw6" = "::/0" ]; then
+ ip -6 route add unreachable default table "$tid" || ipv6_error=1
+ else
+ ip -6 route ls table main | grep " dev $dev6 " | while read -r i; do
+ ip -6 route add $i table "$tid" >/dev/null 2>&1 || ipv6_error=1
+ done
+ fi
+ ip -6 route flush cache || ipv6_error=1
+ ip -6 rule add fwmark "$mark" table "$tid" || ipv6_error=1
+ fi
+ fi
+
+ if [ $ipv4_error -eq 0 ] || [ $ipv6_error -eq 0 ]; then
+ dscp="$(uci -q get "${packageName}".config."${iface}"_dscp)"
+ if [ "${dscp:-0}" -ge 1 ] && [ "${dscp:-0}" -le 63 ]; then
+ ipt -t mangle -I VPR_PREROUTING -m dscp --dscp "${dscp}" -j MARK --set-xmark "${mark}/${fwMask}" || s=1
+ fi
+ if [ -n "$remoteIpset" ]; then
+ if ips 'create' "${iface}" 'hash:net comment' && ips 'flush' "${iface}"; then
+ ipt -t mangle -I VPR_PREROUTING -m set --match-set "${iface}" dst $appendRemotePolicy -j MARK --set-xmark "${mark}/${fwMask}" || s=1
+ else
+ s=1
+ fi
+ fi
+ if [ "$localIpset" -ne 0 ]; then
+ if ips 'create' "${iface}_ip" 'hash:net comment' && ips 'flush' "${iface}_ip"; then
+ ipt -t mangle -I VPR_PREROUTING -m set --match-set "${iface}_ip" src $appendLocalPolicy -j MARK --set-mark "${mark}/${fwMask}" || s=1
+ else
+ s=1
+ fi
+ if ips 'create' "${iface}_mac" 'hash:mac comment' && ips 'flush' "${iface}_mac"; then
+ ipt -t mangle -I VPR_PREROUTING -m set --match-set "${iface}_mac" src $appendLocalPolicy -j MARK --set-mark "${mark}/${fwMask}" || s=1
+ else
+ s=1
+ fi
+ fi
+ if [ "$iface" = "$icmpIface" ]; then
+ ipt -t mangle -I VPR_OUTPUT -p icmp -j MARK --set-xmark "${mark}/${fwMask}" || s=1
+ fi
+ else
+ s=1
+ fi
+
+ return $s
+}
+
+process_interface(){
+ local gw4 gw6 dev dev6 s=0 dscp iface="$1" action="$2" displayText
+
+ is_supported_interface "$iface" || return 0
+ is_wan6 "$iface" && return 0
+ [ $((ifaceMark)) -gt $((fwMask)) ] && return 1
+
+ network_get_device dev "$iface"
+ [ -z "$dev" ] && config_get dev "$iface" 'ifname'
+ if is_wan "$iface" && [ -n "$wanIface6" ]; then
+ network_get_device dev6 "$wanIface6"
+ [ -z "$dev6" ] && config_get dev6 "$wanIface6" 'ifname'
+ fi
+ [ -z "$dev6" ] && dev6="$dev"
+
+ [ -z "$ifaceTableID" ] && ifaceTableID="$wanTableID"; [ -z "$ifaceMark" ] && ifaceMark="$wanMark";
+
+ case "$action" in
+ destroy)
+ table_destroy "${ifaceTableID}" "${iface}" "${ifaceMark}"
+ ifaceTableID="$((ifaceTableID + 1))"; ifaceMark="$(printf '0x%06x' $((ifaceMark + wanMark)))";
+ ;;
+ create)
+ export "mark_${iface//-/_}=$ifaceMark"; export "tid_${iface//-/_}=$ifaceTableID";
+ table_destroy "${ifaceTableID}" "${iface}"
+ vpr_get_gateway gw4 "$iface" "$dev"
+ vpr_get_gateway6 gw6 "$iface" "$dev6"
+ if [ "$iface" = "$dev" ]; then
+ displayText="${iface}/${gw4:-0.0.0.0}"
+ else
+ displayText="${iface}/${dev}/${gw4:-0.0.0.0}"
+ fi
+ [ "$ipv6Enabled" -ne 0 ] && displayText="${displayText}/${gw6:-::/0}"
+ output 2 "Creating table '$displayText' "
+ is_default_dev "$dev" && displayText="${displayText} ${__OK__}"
+ if table_create "$ifaceTableID" "$ifaceMark" "$iface" "$gw4" "$dev" "$gw6" "$dev6"; then
+ gatewaySummary="${gatewaySummary}${displayText}\\n"
+ output_ok
+ else
+ errorSummary="${errorSummary}${_ERROR_}: Failed to set up '$displayText'\\n"
+ output_fail
+ fi
+ ifaceTableID="$((ifaceTableID + 1))"; ifaceMark="$(printf '0x%06x' $((ifaceMark + wanMark)))";
+ ;;
+ esac
+ return $s
+}
+
+convert_config(){
+ local i
+ [ -s "/etc/config/${packageName}" ] || return 0
+ sed -i 's/ignored_interfaces/ignored_interface/g' "/etc/config/${packageName}"
+ sed -i 's/supported_interfaces/supported_interface/g' "/etc/config/${packageName}"
+ sed -i 's/local_addresses/local_address/g' "/etc/config/${packageName}"
+ sed -i 's/local_ports/local_port/g' "/etc/config/${packageName}"
+ sed -i 's/remote_addresses/remote_address/g' "/etc/config/${packageName}"
+ sed -i 's/remote_ports/remote_port/g' "/etc/config/${packageName}"
+ sed -i 's/ipset_enabled/remote_ipset/g' "/etc/config/${packageName}"
+ sed -i 's/dnsmasq_enabled/dnsmasq_ipset/g' "/etc/config/${packageName}"
+ sed -i 's/enable_control/webui_enable_column/g' "/etc/config/${packageName}"
+ sed -i 's/proto_control/webui_protocol_column/g' "/etc/config/${packageName}"
+ sed -i 's/chain_control/webui_chain_column/g' "/etc/config/${packageName}"
+ sed -i 's/sort_control/webui_sorting/g' "/etc/config/${packageName}"
+ sed -i 's/local_address/src_addr/g' "/etc/config/${packageName}"
+ sed -i 's/local_port/src_port/g' "/etc/config/${packageName}"
+ sed -i 's/remote_address/dest_addr/g' "/etc/config/${packageName}"
+ sed -i 's/remote_port/dest_port/g' "/etc/config/${packageName}"
+ sed -i 's/append_local_rules/append_src_rules/g' "/etc/config/${packageName}"
+ sed -i 's/append_remote_rules/append_dest_rules/g' "/etc/config/${packageName}"
+ sync
+ config_load "$packageName"
+ config_get_bool dnsmasqIpset 'config' 'dnsmasq_ipset' 0
+ config_get remoteIpset 'config' 'remote_ipset'
+ config_get webuiProtocol 'config' 'webui_supported_protocol'
+# shellcheck disable=SC2154
+ if [ "$dnsmasqIpset" = "1" ]; then
+ remoteIpset="dnsmasq.ipset";
+ elif [ "$remoteIpset" = "1" ]; then
+ remoteIpset="ipset";
+ elif [ "$remoteIpset" = "0" ]; then
+ remoteIpset=""
+ fi
+ uci -q del "$packageName.config.dnsmasq_ipset"
+ uci -q set "$packageName".config.remote_ipset="$remoteIpset"
+# shellcheck disable=SC2154
+ if [ -z "$webuiProtocol" ]; then
+ uci add_list "$packageName".config.webui_supported_protocol='tcp'
+ uci add_list "$packageName".config.webui_supported_protocol='udp'
+ uci add_list "$packageName".config.webui_supported_protocol='tcp udp'
+ uci add_list "$packageName".config.webui_supported_protocol='icmp'
+ uci add_list "$packageName".config.webui_supported_protocol='all'
+ fi
+ uci commit "$packageName"
+ sed -i 's/local_ipset/src_ipset/g' "/etc/config/${packageName}"
+ sed -i 's/remote_ipset/dest_ipset/g' "/etc/config/${packageName}"
+ for i in udp_proto_enabled forward_chain_enabled input_chain_enabled output_chain_enabled; do
+ grep -q "$i" "/etc/config/${packageName}" && output "${_WARNING_}: $i setting is not supported in ${serviceName}.\\n"
+ done
+}
+
+check_config(){ local en; config_get_bool en "$1" 'enabled' 1; [ "$en" -gt 0 ] && _cfg_enabled=0; }
+is_config_enabled(){
+ local cfg="$1" _cfg_enabled=1
+ [ -n "$1" ] || return 1
+ config_load "$packageName"
+ config_foreach check_config "$cfg"
+ return "$_cfg_enabled"
+}
+
+process_user_file(){
+ local path enabled shellBin="${SHELL:-/bin/ash}"
+ config_get_bool enabled "$1" 'enabled' 1
+ config_get path "$1" 'path'
+ [ "$enabled" -gt 0 ] || return 0
+ if [ ! -s "$path" ]; then
+ errorSummary="${errorSummary}${_ERROR_}: Custom user file '$path' not found or empty\\n"
+ output_fail
+ return 1
+ fi
+ if ! $shellBin -n "$path"; then
+ errorSummary="${errorSummary}${_ERROR_}: Syntax error in custom user file '$path'\\n"
+ output_fail
+ return 1
+ fi
+# shellcheck disable=SC1090
+ if ! . "$path"; then
+ errorSummary="${errorSummary}${_ERROR_}: Error running custom user file '$path'\\n"
+ output_fail
+ return 1
+ else
+ output 2 "Running $path "
+ output_ok
+ return 0
+ fi
+}
+
+start_service() {
+ local gatewaySummary errorSummary warningSummary dnsmasqStoredHash dnsmasqNewHash i modprobeStatus=0
+ convert_config
+ is_enabled 'on_start' || return 1
+ is_wan_up || return 0
+ if create_lock; then
+ if [ -s "$dnsmasqFile" ]; then
+ dnsmasqStoredHash="$(md5sum $dnsmasqFile | awk '{ print $1; }')"
+ rm -f "$dnsmasqFile"
+ fi
+
+ for i in xt_set ip_set ip_set_hash_ip; do
+ modprobe "$i" >/dev/null 2>/dev/null || modprobeStatus=$((modprobeStatus + 1))
+ done
+
+ if [ "$modprobeStatus" -gt 0 ] && ! is_chaos_calmer; then
+ errorSummary="${errorSummary}${_ERROR_}: Failed to load kernel modules\\n"
+ fi
+
+ for i in PREROUTING FORWARD INPUT OUTPUT; do
+ ipt -t mangle -N "VPR_${i}"
+ ipt -t mangle "$insertOption" "$i" -m mark --mark "0x00/${fwMask}" -j "VPR_${i}"
+ done
+
+ output 1 'Processing Interfaces '
+ config_load 'network'; config_foreach process_interface 'interface' 'create';
+ output 1 '\n'
+ if is_config_enabled 'policy'; then
+ output 1 'Processing Policies '
+ config_load "$packageName"; config_foreach process_policy 'policy';
+ output 1 '\n'
+ fi
+ if is_config_enabled 'include'; then
+ output 1 'Processing User File(s) '
+ config_load "$packageName"; config_foreach process_user_file 'include';
+ output 1 '\n'
+ fi
+
+ if [ -s "$dnsmasqFile" ]; then
+ dnsmasqNewHash="$(md5sum $dnsmasqFile | awk '{ print $1; }')"
+ fi
+ [ "$dnsmasqNewHash" != "$dnsmasqStoredHash" ] && dnsmasq_restart
+
+ if [ -z "$gatewaySummary" ]; then
+ errorSummary="${errorSummary}${_ERROR_}: failed to set up any gateway\\n"
+ else
+ output "$serviceName started with gateways:\\n${gatewaySummary}"
+ [ -n "$errorSummary" ] && output "${errorSummary}"
+ [ -n "$warningSummary" ] && output "${warningSummary}"
+ fi
+ procd_open_instance "main"
+ procd_set_param command /bin/true
+ procd_set_param stdout 1
+ procd_set_param stderr 1
+ procd_open_data
+ json_add_array 'status'
+ json_add_object ''
+ [ -n "$gatewaySummary" ] && json_add_string gateway "$gatewaySummary"
+ [ -n "$errorSummary" ] && json_add_string error "$errorSummary"
+ [ -n "$warningSummary" ] && json_add_string warning "$warningSummary"
+ if [ "$strictMode" -ne 0 ] && [ "${gatewaySummary//0.0.0.0}" != "${gatewaySummary}" ]; then
+ json_add_string mode "strict"
+ fi
+ json_close_object
+ json_close_array
+ procd_close_data
+ procd_close_instance
+ remove_lock
+ else
+ output "$serviceName: another instance of ${packageName} is currently running "
+ output_failn
+ return 1
+ fi
+}
+
+restart() { reload; }
+restart_service() { reload; }
+
+stop_service() {
+ local i
+ iptables -t mangle -L | grep -q VPR_PREROUTING || return 0
+ if create_lock; then
+ load_package_config
+ for i in PREROUTING FORWARD INPUT OUTPUT; do
+ ipt -t mangle -D "${i}" -m mark --mark "0x00/${fwMask}" -j "VPR_${i}"
+ ipt -t mangle -F "VPR_${i}"; ipt -t mangle -X "VPR_${i}";
+ done
+ config_load 'network'; config_foreach process_interface 'interface' 'destroy'
+ unset ifaceTableID; unset ifaceMark;
+ if [ -s "$dnsmasqFile" ]; then
+ rm -f "$dnsmasqFile"
+ dnsmasq_restart
+ fi
+ if [ "$serviceEnabled" -ne 0 ]; then
+ output "$serviceName stopped "; output_okn;
+ fi
+ remove_lock
+ else
+ output "$serviceName: another instance of ${packageName} is currently running "; output_failn;
+ return 1
+ fi
+}
+
+# shellcheck disable=SC2119
+service_triggers() {
+ local n
+ is_enabled || return 1
+
+ procd_open_validate
+ validate_config
+ validate_policy
+ validate_include
+ procd_close_validate
+
+ procd_add_reload_trigger 'firewall' 'openvpn' 'vpn-policy-routing'
+ procd_open_trigger
+ for n in $ifSupported; do procd_add_reload_interface_trigger "$n"; procd_add_interface_trigger "interface.*" "$n" /etc/init.d/${packageName} reload; done;
+# output "$serviceName monitoring interfaces: $ifSupported\\n"; # output_okn;
+# for n in $ifAll; do procd_add_reload_interface_trigger "$n"; procd_add_interface_trigger "interface.*" "$n" /etc/init.d/${packageName} reload; done;
+# output "$serviceName monitoring ALL interfaces: $ifAll"; output_okn;
+ procd_close_trigger
+}
+
+input() { local data; while read -r data; do echo "$data" | tee -a /var/${packageName}-support; done; }
+support() {
+ local dist vers out id s param status set_d set_p tableCount i=0 dev dev6
+ is_enabled
+
+ json_load "$(ubus call system board)"; json_select release; json_get_var dist distribution; json_get_var vers version
+ if [ -n "$wanIface4" ]; then
+ network_get_gateway wanGW4 "$wanIface4"
+ dev="$(uci -q get network."${wanIface4}".ifname)"
+ fi
+ if [ -n "$wanIface6" ]; then
+ dev6="$(uci -q get network."${wanIface6}".ifname)"
+ wanGW6=$(ip -6 route show | grep -m1 " dev $dev6 " | awk '{print $1}')
+ [ "$wanGW6" = "default" ] && wanGW6=$(ip -6 route show | grep -m1 " dev $dev6 " | awk '{print $3}')
+ fi
+ while [ "${1:0:1}" = "-" ]; do param="${1//-/}"; export "set_$param=1"; shift; done
+ [ -e "/var/${packageName}-support" ] && rm -f "/var/${packageName}-support"
+ status="$serviceName running on $dist $vers."
+ [ -n "$wanIface4" ] && status="$status WAN (IPv4): $wanIface4/dev/${wanGW4:-0.0.0.0}."
+ [ -n "$wanIface6" ] && status="$status WAN (IPv6): $wanIface6/dev6/${wanGW6:-::/0}."
+ {
+ echo "$status"
+ echo "============================================================"
+ dnsmasq --version 2>/dev/null | sed '/^$/,$d'
+ [ -n "$1" ] && {
+ echo "============================================================"
+ echo "Resolving domains"
+ while [ -n "$1" ]; do echo "$1: $(resolveip "$1" | tr '\n' ' ')"; shift; done; }
+ echo "============================================================"
+ echo "Routes/IP Rules"
+ tableCount=$(ip rule list | grep -c 'fwmark') || tableCount=0
+ if [ -n "$set_d" ]; then route; else route | grep '^default'; fi
+ if [ -n "$set_d" ]; then ip rule list; fi # || ip rule list | grep 'fwmark'
+ i=0; while [ $i -lt $tableCount ]; do echo "IPv4 Table $((wanTableID + i)): $(ip route show table $((wanTableID + i)))"; echo "IPv4 Table $((wanTableID + i)) Rules:"; ip rule list | grep $((wanTableID + i)); i=$((i + 1)); done
+ [ "$ipv6Enabled" -ne 0 ] && {
+ i=0; while [ $i -lt $tableCount ]; do
+ ip -6 route show table $((wanTableID + i)) | while read -r param; do echo "IPv6 Table $((wanTableID + i)): $param"; done
+ i=$((i + 1))
+ done; }
+ echo "============================================================"
+ if [ -z "$set_d" ]; then echo "IP Tables PREROUTING"; else echo "IP Tables"; fi
+ if [ -z "$set_d" ]; then iptables -v -t mangle -S VPR_PREROUTING; else iptables -L -t mangle; fi
+ [ "$ipv6Enabled" -ne 0 ] && {
+ echo "============================================================"
+ if [ -z "$set_d" ]; then echo "IP6 Tables PREROUTING"; else echo "IP6 Tables"; fi
+ if [ -z "$set_d" ]; then ip6tables -v -t mangle -S VPR_PREROUTING; else ip6tables -L -t mangle; fi
+ }
+ [ -z "$set_d" ] && { echo "============================================================"
+ echo "IP Tables FORWARD"
+ iptables -v -t mangle -S VPR_FORWARD
+ [ "$ipv6Enabled" -ne 0 ] && {
+ echo "============================================================"
+ echo "IPv6 Tables FORWARD"
+ ip6tables -v -t mangle -S VPR_FORWARD
+ };}
+ [ -z "$set_d" ] && { echo "============================================================"
+ echo "IP Tables INPUT"
+ iptables -v -t mangle -S VPR_INPUT
+ [ "$ipv6Enabled" -ne 0 ] && {
+ echo "============================================================"
+ echo "IPv6 Tables INPUT"
+ ip6tables -v -t mangle -S VPR_INPUT
+ };}
+ [ -z "$set_d" ] && { echo "============================================================"
+ echo "IP Tables OUTPUT"
+ iptables -v -t mangle -S VPR_OUTPUT
+ [ "$ipv6Enabled" -ne 0 ] && {
+ echo "============================================================"
+ echo "IPv6 Tables OUTPUT"
+ ip6tables -v -t mangle -S VPR_OUTPUT
+ };}
+ echo "============================================================"
+ echo "Current ipsets"
+ ipset save
+ if [ -s "$dnsmasqFile" ]; then
+ echo "============================================================"
+ echo "DNSMASQ ipsets"
+ cat "$dnsmasqFile"
+ fi
+ echo "============================================================"
+ } | input
+ if [ -n "$set_p" ]; then
+ printf "%b" "Pasting to paste.ee... "
+ if is_installed 'curl' && is_installed 'libopenssl' && is_installed 'ca-bundle'; then
+ json_init; json_add_string "description" "${packageName}-support"
+ json_add_array "sections"; json_add_object '0'
+ json_add_string "name" "$(uci -q get system.@system[0].hostname)"
+ json_add_string "contents" "$(cat /var/${packageName}-support)"
+ json_close_object; json_close_array; payload=$(json_dump)
+ out=$(curl -s -k "https://api.paste.ee/v1/pastes" -X "POST" -H "Content-Type: application/json" -H "X-Auth-Token:uVOJt6pNqjcEWu7qiuUuuxWQafpHhwMvNEBviRV2B" -d "$payload")
+ json_load "$out"; json_get_var id id; json_get_var s success
+ [ "$s" = "1" ] && printf "%b" "https://paste.ee/p/$id $__OK__" || printf "%b" "$__FAIL__"
+ [ -e "/var/${packageName}-support" ] && rm -f "/var/${packageName}-support"
+ else
+ printf "%b" "$__FAIL__\\n"
+ printf "%b" "$_ERROR_: curl, libopenssl or ca-bundle were not found!\\nRun 'opkg update; opkg install curl libopenssl ca-bundle' to install them.\\n"
+ fi
+ else
+ printf "%b" "Your support details have been logged to '/var/${packageName}-support'. $__OK__\\n"
+ fi
+}
+
+# shellcheck disable=SC2120
+validate_config() {
+ uci_validate_section "${packageName}" config "${1}" \
+ 'enabled:bool:0' \
+ 'verbosity:range(0,2):1' \
+ 'strict_enforcement:bool:1' \
+ 'src_ipset:bool:0' \
+ 'dest_ipset:string' \
+ 'ipv6_enabled:bool:0' \
+ 'supported_interface:list(string)' \
+ 'ignored_interface:list(string)' \
+ 'boot_timeout:integer:30' \
+ 'iptables_rule_option:or("", "append", "insert")' \
+ 'iprule_enabled:bool:0' \
+ 'webui_enable_column:bool:0' \
+ 'webui_protocol_column:bool:0' \
+ 'webui_supported_protocol:list(string)' \
+ 'webui_chain_column:bool:0' \
+ 'webui_sorting:bool:1' \
+ 'icmp_interface:string' \
+ 'wan_tid:integer:201' \
+ 'wan_fw_mark:hex(8)' \
+ 'fw_mask:hex(8)'
+}
+
+# shellcheck disable=SC2120
+validate_policy() {
+ uci_validate_section "${packageName}" policy "${1}" \
+ 'name:string' \
+ 'enabled:bool:0' \
+ 'interface:network' \
+ 'proto:or(string)' \
+ 'chain:or("", "PREROUTING", "FORWARD", "INPUT", "OUTPUT")' \
+ 'src_addr:list(neg(or(host,network,macaddr)))' \
+ 'src_port:list(neg(or(portrange, string)))' \
+ 'dest_addr:list(neg(host))' \
+ 'dest_port:list(neg(or(portrange, string)))'
+}
+
+# shellcheck disable=SC2120
+validate_include() {
+ uci_validate_section "${packageName}" include "${1}" \
+ 'path:string' \
+ 'enabled:bool:0'
+}
--- /dev/null
+#!/bin/sh
+# This file is heavily based on code from https://github.com/Xentrk/netflix-vpn-bypass/blob/master/IPSET_Netflix.sh
+
+TARGET_IPSET='wan'
+TARGET_ASN='2906'
+TARGET_URL="https://ipinfo.io/AS${TARGET_ASN}"
+TARGET_FNAME="/var/tmp_AS${TARGET_ASN}"
+
+curl "$TARGET_URL" 2>/dev/null | grep -E "a href.*${TARGET_ASN}\/" | grep -v ":" | sed "s/^.*<a href=\"\/AS${TARGET_ASN}\///; s/\" >//" > "$TARGET_FNAME"
+awk -v ipset="$TARGET_IPSET" '{print "add " ipset " " $1}' "$TARGET_FNAME" | ipset restore -!
+rm -f "$TARGET_FNAME"
PKG_NAME:=vpnbypass
PKG_VERSION:=1.3.1
-PKG_RELEASE:=4
+PKG_RELEASE:=5
PKG_LICENSE:=GPL-3.0-or-later
PKG_MAINTAINER:=Stan Grishin <stangri@melmac.net>
# check if we are on real system
if [ -z "$${IPKG_INSTROOT}" ]; then
/etc/init.d/vpnbypass enable
-
- while uci -q del ucitrack.@vpnbypass[-1]; do :; done
-
- uci -q batch <<-EOF >/dev/null
- add ucitrack vpnbypass
- set ucitrack.@vpnbypass[0].init='vpnbypass'
- del_list ucitrack.@firewall[0].affects='vpnbypass'
- add_list ucitrack.@firewall[0].affects='vpnbypass'
- commit ucitrack
- EOF
fi
exit 0
endef
#!/bin/sh
# check if we are on real system
if [ -z "$${IPKG_INSTROOT}" ]; then
- while uci -q delete ucitrack.@vpnbypass[-1]; do :; done
- uci -q del_list ucitrack.@firewall[0].affects='vpnbypass'
echo "Stopping service and removing rc.d symlink for vpnbypass"
/etc/init.d/vpnbypass stop || true
/etc/init.d/vpnbypass disable || true
service_triggers() {
local ifaces n
config_load network; config_foreach service_triggers_load_interface 'interface';
- procd_add_reload_trigger 'firewall'
- procd_add_reload_trigger 'openvpn'
+ procd_add_reload_trigger 'firewall' 'openvpn' 'vpnbypass'
procd_open_trigger
for n in $ifaces; do procd_add_reload_interface_trigger "$n"; procd_add_interface_trigger "interface.*" "$n" /etc/init.d/vpnbypass reload; done;
output "$serviceName monitoring interfaces: $ifaces $_OK_\\n"
PKG_NAME:=vpnc-scripts
PKG_VERSION:=20151220
-PKG_RELEASE:=1
+PKG_RELEASE:=2
include $(INCLUDE_DIR)/package.mk
reconnect)
run_hooks reconnect
;;
+ attempt-reconnect)
+ run_hooks attempt-reconnect
+ ;;
*)
logger -t openconnect "unknown reason '$reason'. Maybe vpnc-script is out of date" 1>&2
exit 1
PKG_NAME:=wget
PKG_VERSION:=1.20.3
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@GNU/$(PKG_NAME)
SUBMENU:=File Transfer
TITLE:=Non-interactive network downloader
URL:=https://www.gnu.org/software/wget/index.html
- PROVIDES:=wget
+ PROVIDES:=gnu-wget
endef
define Package/wget/Default/description
DEPENDS+= +libopenssl +librt
TITLE+= (with SSL support)
VARIANT:=ssl
- PROVIDES+=gnu-wget
ALTERNATIVES:=300:/usr/bin/wget:/usr/bin/wget-ssl
endef
$(call Package/wget/Default)
TITLE+= (without SSL support)
VARIANT:=nossl
- PROVIDES+=gnu-wget
+ PROVIDES+=wget
ALTERNATIVES:=300:/usr/bin/wget:/usr/bin/wget-nossl
endef
PKG_NAME:=wifidog
PKG_VERSION:=1.3.0
-PKG_RELEASE:=4
+PKG_RELEASE:=5
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/wifidog/wifidog-gateway
procd_close_instance
}
-status() {
+status_service() {
/usr/bin/wdctl status
}
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/Andy2244/wsdd2.git
-PKG_SOURCE_DATE:=2018-07-24
-PKG_SOURCE_VERSION:=2c31ba3b720af81848c47dff7ad7c6c30c0c0f50
-PKG_MIRROR_HASH:=eb903a870d99c6001996dbfc22c15e1020278c45ed2441ceb61bc5395f417afa
+PKG_SOURCE_DATE:=2019-12-15
+PKG_SOURCE_VERSION:=8bcc0c1a42767ba518977a7104fe934f5d89ef31
+PKG_MIRROR_HASH:=4eace9130b7e1ddbc5b965fa51286532d3ee2ee14bcd2e116840c7d6d48ad9bc
PKG_MAINTAINER:=Andy Walsh <andy.walsh44+github@gmail.com>
PKG_LICENSE:=GPL-3.0-only
START=99
USE_PROCD=1
+SMB_CONF=""
+BIND_IF_PARM=""
+NB_PARM=""
+WG_PARM=""
+BI_PARM=""
+
start_service() {
- procd_open_instance
- procd_set_param command /usr/bin/wsdd2 -w
+
+ . /lib/functions/network.sh
+
+ if [ -e /etc/smbd/smb.conf ] && [ -e /etc/init.d/smbd ] && /etc/init.d/smbd running; then
+ SMB_CONF="/etc/smbd/smb.conf"
+ fi
+
+ if [ -e /etc/samba/smb.conf ]; then
+ if [ -e /etc/init.d/samba4 ] && /etc/init.d/samba4 running; then
+ SMB_CONF="/etc/samba/smb.conf"
+ elif [ -e /etc/init.d/samba ] && /etc/init.d/samba running; then
+ SMB_CONF="/etc/samba/smb.conf"
+ fi
+ fi
+
+ if [ -z "$SMB_CONF" ]; then
+ logger -p daemon.error -t 'wsdd2' "samba36/4 or smbd is not running, can't start wsdd2!"
+ exit 1
+ fi
+
+ local nb_name
+ nb_name="$(grep -i 'netbios name' $SMB_CONF | awk -F'=' '{print $2}' | tr -d ' \n')"
+ if [ -n "$nb_name" ]; then
+ NB_PARM="-N $nb_name"
+ else
+ local hostname
+ hostname="$(cat /proc/sys/kernel/hostname)"
+ NB_PARM="-N $hostname"
+ fi
+
+ local wg_name
+ wg_name="$(grep -i 'workgroup' $SMB_CONF | awk -F'=' '{print $2}' | tr -d ' \n')"
+ if [ -n "$wg_name" ]; then
+ WG_PARM="-G $wg_name"
+ else
+ NB_PARM="-G WORKGROUP"
+ fi
+
+ # resolve lan interface (BUG: No multi-interface binds atm)
+ local ifname
+ if network_get_device ifname lan; then
+ BIND_IF_PARM="-i $ifname"
+ fi
+
+ local board_vendor
+ local board_model
+ local board_sku
+
+ if [ -e /tmp/sysinfo/board_name ]; then
+ board_vendor="$(cat /tmp/sysinfo/board_name | awk -F',' '{print $1}' | tr ' ' '_' | tr -d ' \n')"
+ board_sku="$(cat /tmp/sysinfo/board_name | awk -F',' '{print $2}' | tr ' ' '_' | tr -d ' \n')"
+ fi
+ if [ -e /tmp/sysinfo/model ]; then
+ board_model="$(cat /tmp/sysinfo/model | tr ' ' '_' | tr -d ' \n')"
+ fi
+ if [ -n "$board_vendor" ] && [ -n "$board_model" ]; then
+ if [ -n "$board_sku" ]; then
+ BI_PARM="-b vendor:$board_vendor,model:$board_model,sku:$board_sku"
+ else
+ BI_PARM="-b vendor:$board_vendor,model:$board_model"
+ fi
+ fi
+
+ procd_open_instance
+ procd_set_param command /usr/bin/wsdd2 -w $BIND_IF_PARM $NB_PARM $WG_PARM $BI_PARM
procd_set_param respawn
- procd_set_param file /var/etc/smb.conf
+ procd_set_param file $SMB_CONF
procd_close_instance
}
service_triggers() {
- PROCD_RELOAD_DELAY=3000
- procd_add_reload_trigger "dhcp" "system" "samba4"
+ PROCD_RELOAD_DELAY=1000
+ procd_add_reload_trigger "dhcp" "system" "samba" "samba4" "smbd"
}
+++ /dev/null
---- a/wsd.c 2018-07-24
-+++ b/wsd.c 2018-09-10
-@@ -96,13 +96,19 @@ static void uuid_endpoint(char *uuid, si
- {
- FILE *fp = fopen("/etc/machine-id", "r");
- int c, i = 0;
-+
-+ if (!fp) {
-+ fp = fopen("/proc/sys/kernel/random/boot_id", "r");
-+ }
-
-- if (!fp)
-+ if (!fp) {
-+ DEBUG(0, W, "Can't open required '/etc/machine-id' or '/proc/sys/kernel/random/boot_id'");
- return;
-+ }
-
- while (i < 36 && (c = getc(fp)) != EOF &&
-- (isdigit(c) || (islower(c) && isxdigit(c)))) {
-- if (i == 8 || i == 13 || i == 18 || i == 23)
-+ ((c == '-') || isdigit(c) || (islower(c) && isxdigit(c)))) {
-+ if ((c != '-') && (i == 8 || i == 13 || i == 18 || i == 23))
- uuid[i++] = '-';
- uuid[i++] = c;
- }
PKG_NAME:=xl2tpd
PKG_VERSION:=1.3.15
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_MAINTAINER:=Yousong Zhou <yszhou4tech@gmail.com>
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=LICENSE
The following are generic ppp options and should have the same format and
semantics as with other ppp-related protocols. See
-[uci/network#protocol_ppp](https://wiki.openwrt.org/doc/uci/network#protocol_ppp_ppp_over_modem)
+[uci/network#protocol_ppp](https://openwrt.org/docs/guide-user/network/wan/wan_interface_protocols#protocol_ppp_ppp_over_modem)
for details.
username
include $(INCLUDE_DIR)/kernel.mk
PKG_NAME:=xtables-addons
-PKG_VERSION:=3.5
-PKG_RELEASE:=1
-PKG_HASH:=189ff57a0b8960969bd99141a6c79c345efa67e4461f450e2f162c9bd3d17da6
+PKG_VERSION:=3.7
+PKG_RELEASE:=2
+PKG_HASH:=045ee3fcfe5d6edb95483cf49e2446ff8cab4bb79411018b18354138b70c5eb5
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@SF/xtables-addons
+++ /dev/null
-Restore support for kernel 4.9
-This reverts commits:
-94656621ed269882aedf116f900009f1ccade3f6
-95d4f9e113fae3ef1e161548fe25c43c091392e3
-123e1a14e95f01b6ba2e4a31b3b2a74ff250be57
-f4f3f9860916d2ec88eb8339680d9ca0f64d41a4
-9b1c7c1c047f0e9c6cb4f9abbdb9fd7b86ae6c1b
----
- configure.ac | 2 +-
- extensions/ACCOUNT/xt_ACCOUNT.c | 4 ++++
- extensions/compat_xtables.h | 8 ++++++--
- extensions/xt_CHAOS.c | 28 ++++++++++++++++++++++++++--
- extensions/xt_DELUDE.c | 8 +++++++-
- extensions/xt_DNETMAP.c | 13 +++++++++++++
- extensions/xt_ECHO.c | 4 ++++
- extensions/xt_LOGMARK.c | 8 ++++++++
- extensions/xt_TARPIT.c | 10 ++++++++++
- extensions/xt_iface.c | 8 ++++++++
- extensions/xt_lscan.c | 4 ++++
- 11 files changed, 91 insertions(+), 6 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index 0d3aa72..1cea354 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -61,7 +61,7 @@ if test -n "$kbuilddir"; then
- echo "WARNING: That kernel version is not officially supported yet. Continue at own luck.";
- elif test "$kmajor" -eq 5 -a "$kminor" -ge 0; then
- :
-- elif test "$kmajor" -eq 4 -a "$kminor" -ge 14; then
-+ elif test "$kmajor" -eq 4 -a "$kminor" -ge 9; then
- :
- else
- echo "WARNING: That kernel version is not officially supported.";
-diff --git a/extensions/ACCOUNT/xt_ACCOUNT.c b/extensions/ACCOUNT/xt_ACCOUNT.c
-index 019f5bd..8abe8ab 100644
---- a/extensions/ACCOUNT/xt_ACCOUNT.c
-+++ b/extensions/ACCOUNT/xt_ACCOUNT.c
-@@ -485,7 +485,11 @@ static void ipt_acc_depth2_insert(struct ipt_acc_mask_8 *mask_8,
- static unsigned int
- ipt_acc_target(struct sk_buff *skb, const struct xt_action_param *par)
- {
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
- struct ipt_acc_net *ian = net_generic(par->state->net, ipt_acc_net_id);
-+#else
-+ struct ipt_acc_net *ian = net_generic(par->net, ipt_acc_net_id);
-+#endif
- struct ipt_acc_table *ipt_acc_tables = ian->ipt_acc_tables;
- const struct ipt_acc_info *info =
- par->targinfo;
-diff --git a/extensions/compat_xtables.h b/extensions/compat_xtables.h
-index faf5dd8..23785d9 100644
---- a/extensions/compat_xtables.h
-+++ b/extensions/compat_xtables.h
-@@ -8,8 +8,8 @@
-
- #define DEBUGP Use__pr_debug__instead
-
--#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 14, 0)
--# warning Kernels below 4.14 not supported.
-+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 9, 0)
-+# warning Kernels below 4.9 not supported.
- #endif
-
- #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
-@@ -44,7 +44,11 @@
-
- static inline struct net *par_net(const struct xt_action_param *par)
- {
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 10, 0)
- return par->state->net;
-+#else
-+ return par->net;
-+#endif
- }
-
- #ifndef NF_CT_ASSERT
-diff --git a/extensions/xt_CHAOS.c b/extensions/xt_CHAOS.c
-index eec36d4..cee2026 100644
---- a/extensions/xt_CHAOS.c
-+++ b/extensions/xt_CHAOS.c
-@@ -58,7 +58,12 @@ xt_chaos_total(struct sk_buff *skb, const struct xt_action_param *par)
-
- {
- struct xt_action_param local_par;
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
- local_par.state = par->state;
-+#else
-+ local_par.in = par->in,
-+ local_par.out = par->out,
-+#endif
- local_par.match = xm_tcp;
- local_par.matchinfo = &tcp_params;
- local_par.fragoff = fragoff;
-@@ -73,7 +78,14 @@ xt_chaos_total(struct sk_buff *skb, const struct xt_action_param *par)
- destiny = (info->variant == XTCHAOS_TARPIT) ? xt_tarpit : xt_delude;
- {
- struct xt_action_param local_par;
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
- local_par.state = par->state;
-+#else
-+ local_par.in = par->in;
-+ local_par.out = par->out;
-+ local_par.hooknum = par->hooknum;
-+ local_par.family = par->family;
-+#endif
- local_par.target = destiny;
- local_par.targinfo = par->targinfo;
- destiny->target(skb, &local_par);
-@@ -96,15 +108,27 @@ chaos_tg(struct sk_buff *skb, const struct xt_action_param *par)
-
- if ((unsigned int)prandom_u32() <= reject_percentage) {
- struct xt_action_param local_par;
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
- local_par.state = par->state;
-+#else
-+ local_par.in = par->in;
-+ local_par.out = par->out;
-+ local_par.hooknum = par->hooknum;
-+#endif
- local_par.target = xt_reject;
- local_par.targinfo = &reject_params;
- return xt_reject->target(skb, &local_par);
- }
-
- /* TARPIT/DELUDE may not be called from the OUTPUT chain */
-- if (iph->protocol == IPPROTO_TCP && info->variant != XTCHAOS_NORMAL &&
-- par->state->hook != NF_INET_LOCAL_OUT)
-+ if (iph->protocol == IPPROTO_TCP &&
-+ info->variant != XTCHAOS_NORMAL &&
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
-+ par->state->hook
-+#else
-+ par->hooknum
-+#endif
-+ != NF_INET_LOCAL_OUT)
- xt_chaos_total(skb, par);
-
- return NF_DROP;
-diff --git a/extensions/xt_DELUDE.c b/extensions/xt_DELUDE.c
-index 618de5e..221f342 100644
---- a/extensions/xt_DELUDE.c
-+++ b/extensions/xt_DELUDE.c
-@@ -151,7 +151,13 @@ delude_tg(struct sk_buff *skb, const struct xt_action_param *par)
- * a problem, as that is supported since Linux 2.6.35. But since we do not
- * actually want to have a connection open, we are still going to drop it.
- */
-- delude_send_reset(par_net(par), skb, par->state->hook);
-+ delude_send_reset(par_net(par), skb,
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
-+ par->state->hook
-+#else
-+ par->hooknum
-+#endif
-+ );
- return NF_DROP;
- }
-
-diff --git a/extensions/xt_DNETMAP.c b/extensions/xt_DNETMAP.c
-index de7d4ec..36a59e2 100644
---- a/extensions/xt_DNETMAP.c
-+++ b/extensions/xt_DNETMAP.c
-@@ -356,7 +356,11 @@ out:
- static unsigned int
- dnetmap_tg(struct sk_buff *skb, const struct xt_action_param *par)
- {
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
- struct net *net = dev_net(par->state->in ? par->state->in : par->state->out);
-+#else
-+ struct net *net = dev_net(par->in ? par->in : par->out);
-+#endif
- struct dnetmap_net *dnetmap_net = dnetmap_pernet(net);
- struct nf_conn *ct;
- enum ip_conntrack_info ctinfo;
-@@ -371,7 +375,11 @@ dnetmap_tg(struct sk_buff *skb, const struct xt_action_param *par)
- struct dnetmap_entry *e;
- struct dnetmap_prefix *p;
- __s32 jttl;
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
- unsigned int hooknum = par->state->hook;
-+#else
-+ unsigned int hooknum = par->hooknum;
-+#endif
- ct = nf_ct_get(skb, &ctinfo);
-
- jttl = tginfo->flags & XT_DNETMAP_TTL ? tginfo->ttl * HZ : jtimeout;
-@@ -496,7 +504,12 @@ bind_new_prefix:
- newrange.max_addr.ip = postnat_ip;
- newrange.min_proto = mr->min_proto;
- newrange.max_proto = mr->max_proto;
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
- return nf_nat_setup_info(ct, &newrange, HOOK2MANIP(par->state->hook));
-+#else
-+ return nf_nat_setup_info(ct, &newrange, HOOK2MANIP(par->hooknum));
-+#endif
-+
- no_rev_map:
- no_free_ip:
- spin_unlock_bh(&dnetmap_lock);
-diff --git a/extensions/xt_ECHO.c b/extensions/xt_ECHO.c
-index e99312b..60cb815 100644
---- a/extensions/xt_ECHO.c
-+++ b/extensions/xt_ECHO.c
-@@ -35,7 +35,11 @@ echo_tg6(struct sk_buff *oldskb, const struct xt_action_param *par)
- void *payload;
- struct flowi6 fl;
- struct dst_entry *dst = NULL;
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
- struct net *net = dev_net((par->state->in != NULL) ? par->state->in : par->state->out);
-+#else
-+ struct net *net = dev_net((par->in != NULL) ? par->in : par->out);
-+#endif
-
- /* This allows us to do the copy operation in fewer lines of code. */
- if (skb_linearize(oldskb) < 0)
-diff --git a/extensions/xt_LOGMARK.c b/extensions/xt_LOGMARK.c
-index 0474bf8..02e32be 100644
---- a/extensions/xt_LOGMARK.c
-+++ b/extensions/xt_LOGMARK.c
-@@ -77,13 +77,21 @@ logmark_tg(struct sk_buff *skb, const struct xt_action_param *par)
- printk("<%u>%.*s""iif=%d hook=%s nfmark=0x%x "
- "secmark=0x%x classify=0x%x",
- info->level, (unsigned int)sizeof(info->prefix), info->prefix,
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
- skb_ifindex(skb), hook_names[par->state->hook],
-+#else
-+ skb_ifindex(skb), hook_names[par->hooknum],
-+#endif
- skb_nfmark(skb), skb_secmark(skb), skb->priority);
-
- ct = nf_ct_get(skb, &ctinfo);
- printk(" ctdir=%s", dir_names[ctinfo >= IP_CT_IS_REPLY]);
- if (ct == NULL)
- printk(" ct=NULL ctmark=NULL ctstate=INVALID ctstatus=NONE");
-+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 12, 0)
-+ else if (nf_ct_is_untracked(ct))
-+ printk(" ct=UNTRACKED ctmark=NULL ctstate=UNTRACKED ctstatus=NONE");
-+#endif
- else
- logmark_ct(ct, ctinfo);
-
-diff --git a/extensions/xt_TARPIT.c b/extensions/xt_TARPIT.c
-index cb98e9e..b78683c 100644
---- a/extensions/xt_TARPIT.c
-+++ b/extensions/xt_TARPIT.c
-@@ -436,7 +436,12 @@ tarpit_tg4(struct sk_buff *skb, const struct xt_action_param *par)
- /* We are not interested in fragments */
- if (iph->frag_off & htons(IP_OFFSET))
- return NF_DROP;
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
- tarpit_tcp4(par_net(par), skb, par->state->hook, info->variant);
-+#else
-+ tarpit_tcp4(par_net(par), skb, par->hooknum, info->variant);
-+#endif
- return NF_DROP;
- }
-
-@@ -477,7 +482,12 @@ tarpit_tg6(struct sk_buff *skb, const struct xt_action_param *par)
- pr_debug("addr is not unicast.\n");
- return NF_DROP;
- }
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
- tarpit_tcp6(par_net(par), skb, par->state->hook, info->variant);
-+#else
-+ tarpit_tcp6(par_net(par), skb, par->hooknum, info->variant);
-+#endif
- return NF_DROP;
- }
- #endif
-diff --git a/extensions/xt_iface.c b/extensions/xt_iface.c
-index 7704686..be52a52 100644
---- a/extensions/xt_iface.c
-+++ b/extensions/xt_iface.c
-@@ -45,9 +45,17 @@ static const struct net_device *iface_get(const struct xt_iface_mtinfo *info,
- const struct xt_action_param *par, struct net_device **put)
- {
- if (info->flags & XT_IFACE_DEV_IN)
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
- return par->state->in;
-+#else
-+ return par->in;
-+#endif
- else if (info->flags & XT_IFACE_DEV_OUT)
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
- return par->state->out;
-+#else
-+ return par->out;
-+#endif
- return *put = dev_get_by_name(&init_net, info->ifname);
- }
-
-diff --git a/extensions/xt_lscan.c b/extensions/xt_lscan.c
-index 060fe44..3a7d2ed 100644
---- a/extensions/xt_lscan.c
-+++ b/extensions/xt_lscan.c
-@@ -204,7 +204,11 @@ lscan_mt(const struct sk_buff *skb, struct xt_action_param *par)
- unsigned int n;
-
- n = lscan_mt_full(ctdata->mark & connmark_mask, ctstate,
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
- par->state->in == init_net.loopback_dev, tcph,
-+#else
-+ par->in == init_net.loopback_dev, tcph,
-+#endif
- skb->len - par->thoff - 4 * tcph->doff);
-
- ctdata->mark = (ctdata->mark & ~connmark_mask) | n;
---
-2.21.0
-
+ }
+
+ nf_ct_expect_init(rtp_exp, NF_CT_EXPECT_CLASS_DEFAULT,
-+ nf_ct_l3num(ct), &srvaddr,
++ nf_ct_l3num(ct), NULL,
+ &ct->tuplehash[!dir].tuple.dst.u3,
+ IPPROTO_UDP, NULL, &be_loport);
+
+ }
+
+ nf_ct_expect_init(rtcp_exp, NF_CT_EXPECT_CLASS_DEFAULT,
-+ nf_ct_l3num(ct), &srvaddr,
++ nf_ct_l3num(ct), NULL,
+ &ct->tuplehash[!dir].tuple.dst.u3,
+ IPPROTO_UDP, NULL, &be_hiport);
+
include $(TOPDIR)/rules.mk
PKG_NAME:=znc
-PKG_VERSION:=1.7.4
+PKG_VERSION:=1.7.5
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://znc.in/releases \
https://znc.in/releases/archive
-PKG_HASH:=b1a32921a8e6d79ee6c5900c8d07293026966db7c05aaac48984231befc49b71
+PKG_HASH:=a8941e1385c8654287a4428018d93459482e9d5eeedf86bef7b020ddc5f24721
PKG_MAINTAINER:=Jonas Gorski <jonas.gorski@gmail.com>
PKG_LICENSE:=Apache-2.0
include $(TOPDIR)/rules.mk
PKG_NAME:=shairport-sync
-PKG_VERSION:=3.2.2
-PKG_RELEASE:=3
+PKG_VERSION:=3.3.5
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/mikebrady/shairport-sync/tar.gz/$(PKG_VERSION)?
-PKG_HASH:=4f1ee142b887842727ae0c310e21c83ea2386518e841a25c7ddb015d08b54eba
+PKG_HASH:=9757dd7f19c0bc28cb06a6753305c3ed89da2d271d069b36d1b12173309c1459
PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>, \
Mike Brady <mikebrady@eircom.net>
--- a/Makefile.am
+++ b/Makefile.am
-@@ -17,10 +17,6 @@ else
+@@ -23,10 +23,6 @@ else
endif
endif
if USE_CUSTOMPIDDIR
AM_CFLAGS+= \
-DPIDDIR=\"$(CUSTOM_PID_DIR)\"
-@@ -66,11 +62,6 @@ if USE_PA
+@@ -80,11 +76,6 @@ if USE_PA
shairport_sync_SOURCES += audio_pa.c
endif
-if USE_CONVOLUTION
-shairport_sync_SOURCES += FFTConvolver/AudioFFT.cpp FFTConvolver/FFTConvolver.cpp FFTConvolver/Utilities.cpp FFTConvolver/convolver.cpp
--AM_CXXFLAGS = -std=c++11
+-AM_CXXFLAGS += -std=c++11
-endif
-
if USE_DNS_SD
endif
--- a/configure.ac
+++ b/configure.ac
-@@ -18,7 +18,6 @@ with_os=`echo ${with_os} | tr '[[:upper:]]' '[[:lower:]]' `
+@@ -19,7 +19,6 @@ with_os=`echo ${with_os} | tr '[[:upper:]]' '[[:lower:]]' `
# Checks for programs.
AC_PROG_CC
PKG_NAME:=bonnie++
PKG_VERSION:=1.98
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tgz
PKG_SOURCE_URL:=https://www.coker.com.au/bonnie++/
PKG_HASH:=6e0bcbc08b78856fd998dd7bcb352d4615a99c26c2dc83d5b8345b102bad0b04
-PKG_MAINTAINER:=Florian Fainelli <florian@openwrt.org>
+PKG_MAINTAINER:=
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=copyright.txt
tests of hard drive and file system performance.
endef
-ifeq ($(CONFIG_USE_UCLIBCXX),y)
-TARGET_LDFLAGS += -nodefaultlibs
-endif
-
-TARGET_CXXFLAGS += -ffunction-sections -fdata-sections -fno-rtti -flto -std=c++98
+TARGET_CXXFLAGS += -ffunction-sections -fdata-sections -fno-rtti -flto
define Package/bonniexx/install
$(INSTALL_DIR) $(1)/usr/bin
include $(TOPDIR)/rules.mk
PKG_NAME:=btrfs-progs
-PKG_VERSION:=5.3.1
+PKG_VERSION:=5.4.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-v$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@KERNEL/linux/kernel/people/kdave/btrfs-progs
-PKG_HASH:=bfa31ae60e54a068fd24e075a90b72f89b8e9006659273fbcecc2e1c790cda38
+PKG_HASH:=f3e07fb248d608bdad5b63973513211de5daba47aaecfa44d29a836f6e7a9d69
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-v$(PKG_VERSION)
PKG_MAINTAINER:=Karel Kočí <karel.koci@nic.cz>
include $(TOPDIR)/rules.mk
PKG_NAME:=byobu
-PKG_VERSION:=5.129
+PKG_VERSION:=5.130
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)_$(PKG_VERSION).orig.tar.gz
PKG_SOURCE_URL:=https://launchpad.net/byobu/trunk/$(PKG_VERSION)/+download
-PKG_HASH:=e5135f20750c359b6371ee87cf2729c6038fbf3a6e66680e67f6a2125b07c2b9
+PKG_HASH:=47e414161dda124287b9ec1cf94acc716b49e7428c6ec7efeed181f477e17461
PKG_LICENSE:=GPL-3.0
PKG_LICENSE_FILES:=COPYING
include $(TOPDIR)/rules.mk
PKG_NAME:=cache-domains
-PKG_VERSION:=1.0.0
+PKG_VERSION:=2.0.0
PKG_RELEASE:=1
PKG_MAINTAINER:=Gerard Ryan <G.M0N3Y.2503@gmail.com>
endef
define Package/cache-domains/description/default
-Service to dynamically configure the local DNS (dnsmasq) to redirect game content servers to a LAN cache.
+hotplug script to dynamically configure the local DNS (dnsmasq) to redirect game content servers to a LAN cache.
Definitive list dynamically obtained from https://github.com/uklans/cache-domains.
endef
define Package/cache-domains/install/default
- $(INSTALL_DIR) $(1)/etc/init.d
- $(INSTALL_BIN) ./files/cache-domains.init $(1)/etc/init.d/cache-domains
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) ./files/cache-domains $(1)/usr/bin/
+
+ $(INSTALL_DIR) $(1)/etc/hotplug.d/iface/
+ $(INSTALL_BIN) ./files/30-cache-domains $(1)/etc/hotplug.d/iface/
endef
Build/Compile=# Nothing to compile, just install the scripts
# cache-domains
-Service to dynamically configure the local DNS (dnsmasq) to redirect game content servers to a LAN cache. Definitive list dynamically obtained from https://github.com/uklans/cache-domains.
+hotplug script to dynamically configure the local DNS (dnsmasq) to redirect game content servers to a LAN cache. Definitive list dynamically obtained from https://github.com/uklans/cache-domains.
## Configuration
Configuration file follows the same [syntax as the upsteam file](https://github.com/uklans/cache-domains/blob/master/scripts/config.example.json). The key for each `cache_domain` member matches the name of one of the `.txt` files in the [upstream root directory](https://github.com/uklans/cache-domains/blob/master/), except for the `default` key which matches the all the unreferenced `.txt` files. The value of each `cache_domain` member maps to one of the keys of the `ips` members, Thus mapping a cached domain to a list of IP addresses/LAN cache server.
}
```
-## Startup/Shutdown
-On start the local DNS (dnsmasq) will be configured to redirect the configured cache domains and on stop the redirection will be removed.
+## Configure/Cleanup
+`/usr/bin/cache-domains configure` will configure the local DNS (dnsmasq) to redirect the configured cache domains. `/usr/bin/cache-domains cleanup` will cleanup redirection. The hotplug script calls `/usr/bin/cache-domains configure` when the WAN interface is brought up.
## Testing
With the above configuration set and the service running `nslookup swcdn.apple.com` would return `10.10.3.12`
--- /dev/null
+#!/bin/sh
+
+source /lib/functions/network.sh
+network_find_wan WAN_IFACE
+
+if [ "${ACTION}" == "ifup" ] && [ "${INTERFACE}" == "${WAN_IFACE}" ] && [ ! -d /var/cache-domains ]; then
+ /usr/bin/cache-domains configure
+fi
--- /dev/null
+#!/bin/sh
+
+CACHE_DOMAINS_DIR="/var/cache-domains"
+CACHE_DOMAINS_SRC="https://api.github.com/repos/uklans/cache-domains/tarball/master"
+CONFIG_FILE="/etc/cache-domains.json"
+
+configure() {
+ mkdir -p ${CACHE_DOMAINS_DIR}
+ rm -fr ${CACHE_DOMAINS_DIR}/*
+
+ if ! wget -qO - ${CACHE_DOMAINS_SRC} | tar -xzC ${CACHE_DOMAINS_DIR}; then
+ echo "ERROR: Could not retrieve ${CACHE_DOMAINS_SRC}"
+ return 1
+ fi
+
+ INITIAL_DIR="$(pwd)"
+ cd ${CACHE_DOMAINS_DIR}/*/scripts/
+
+ if [ ! -f ${CONFIG_FILE} ]; then
+ cp config.example.json ${CONFIG_FILE}
+ echo "Using example config file ${CONFIG_FILE}"
+ fi
+
+ cp ${CONFIG_FILE} config.json
+ ./create-dnsmasq.sh
+ cp ./output/dnsmasq/* /var/dnsmasq.d/
+
+ cd ${INITIAL_DIR}
+
+ /etc/init.d/dnsmasq restart
+}
+
+cleanup() {
+ # leave dnsmasq in a clean state
+ for FILE in ${CACHE_DOMAINS_DIR}/*/scripts/output/dnsmasq/*; do
+ rm -f /tmp/dnsmasq.d/$(basename ${FILE})
+ done
+
+ /etc/init.d/dnsmasq restart
+}
+
+case ${1} in
+ config*)
+ configure
+ ;;
+ clean*)
+ cleanup
+ ;;
+ *)
+ echo "${0} <configure|cleanup>"
+ ;;
+esac
+++ /dev/null
-#!/bin/sh /etc/rc.common
-
-START=24
-SERVICE_NAME=cache-domains
-CACHE_DOMAINS_DIR="/var/${SERVICE_NAME}"
-CACHE_DOMAINS_SRC="https://api.github.com/repos/uklans/cache-domains/tarball/master"
-CONFIG_FILE="/etc/${SERVICE_NAME}.json"
-
-start() {
- mkdir -p ${CACHE_DOMAINS_DIR}
- rm -fr ${CACHE_DOMAINS_DIR}/*
-
- if ! wget -qO - ${CACHE_DOMAINS_SRC} | tar -xzC ${CACHE_DOMAINS_DIR}; then
- echo "ERROR: Could not retrieve ${CACHE_DOMAINS_SRC}"
- return 1
- fi
-
- INITIAL_DIR="$(pwd)"
- cd ${CACHE_DOMAINS_DIR}/*/scripts/
-
- if [ ! -f ${CONFIG_FILE} ]; then
- cp config.example.json ${CONFIG_FILE}
- echo "Using example config file ${CONFIG_FILE}"
- fi
-
- cp ${CONFIG_FILE} config.json
- ./create-dnsmasq.sh
- cp ./output/dnsmasq/* /tmp/dnsmasq.d/
-
- cd ${INITIAL_DIR}
-
- /etc/init.d/dnsmasq restart
-}
-
-stop() {
- # leave dnsmasq in a clean state
- for FILE in ${CACHE_DOMAINS_DIR}/*/scripts/output/dnsmasq/*; do
- rm -f /tmp/dnsmasq.d/$(basename ${FILE})
- done
-
- /etc/init.d/dnsmasq restart
-}
PKG_NAME:=canutils
PKG_VERSION:=2018.02.0
-PKG_RELEASE:=1
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/linux-can/can-utils/tar.gz/v$(PKG_VERSION)?
PKG_MAINTAINER:=Anton Glukhov <anton.a.glukhov@gmail.com>
PKG_LICENSE:=GPL-2.0-or-later
+PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
define GenPlugin
define Package/$(addprefix canutils-,$(1))
$(call Package/canutils/Default)
- DEPENDS:=canutils
TITLE:=Utility $(1) from the CAN utilities
endef
$(foreach a,$(FILES),$(eval $(call GenPlugin,$(a))))
-MAKE_FLAGS += \
- PREFIX="$(CONFIGURE_PREFIX)"
-
-define Package/canutils/install
- true
-endef
-
define PartInstall
define Package/canutils-$(1)/install
$(INSTALL_DIR) $$(1)/usr/bin
include $(TOPDIR)/rules.mk
PKG_NAME:=ccid
-PKG_VERSION:=1.4.30
-PKG_RELEASE:=2
+PKG_VERSION:=1.4.31
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://ccid.apdu.fr/files/
-PKG_HASH:=ac17087be08880a0cdf99a8a2799a4ef004dc6ffa08b4d9b0ad995f39a53ff7c
+PKG_HASH:=6b48d7b6e4390e038d25630f8664fe81618ab00f232d6efbe0e3cc6df28ce8f7
PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
PKG_LICENSE:=LGPL-2.1-or-later
PKG_LICENSE_FILES:=COPYING
PKG_NAME:=collectd
PKG_VERSION:=5.10.0
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://collectd.org/files/ \
#config plugin 'uptime'
# option enable '0'
+#config plugin 'vmem'
+# option enable '0'
+# option Verbose '0'
--- /dev/null
+{
+ "bool": [
+ "Verbose"
+ ]
+}
include $(TOPDIR)/rules.mk
PKG_NAME:=cryptsetup
-PKG_VERSION:=2.1.0
-PKG_RELEASE:=2
+PKG_VERSION:=2.2.2
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=@KERNEL/linux/utils/cryptsetup/v2.1
-PKG_HASH:=a3eeb2741f8f3376d16585191f3c60e067dd987e096c3c4b073fab7748b1c897
+PKG_SOURCE_URL:=@KERNEL/linux/utils/cryptsetup/v2.2
+PKG_HASH:=2af0ec9551ab9c870074cae9d3f68d82cab004f4095fa89db0e4413713424a46
PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
PKG_LICENSE:=GPL-2.0-or-later LGPL-2.1-or-later
PKG_VERSION_PATCH:=10717
PKG_COMMIT:=
PKG_VERSION:=$(PKG_VERSION_MAJOR).$(PKG_VERSION_PATCH)
-PKG_RELEASE:=2
+PKG_RELEASE:=3
ifeq ($(PKG_COMMIT),)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
--- /dev/null
+From 01d0b036179e12284880fb2d29ae579399e5fe91 Mon Sep 17 00:00:00 2001
+From: Rosen Penev <rosenp@gmail.com>
+Date: Fri, 25 Oct 2019 15:05:14 -0700
+Subject: [PATCH] SunRiseSet: Use round instead of std::round.
+
+The latter is not available with uClibc-ng.
+
+Signed-off-by: Rosen Penev <rosenp@gmail.com>
+---
+ main/SunRiseSet.cpp | 20 ++++++++++----------
+ 1 file changed, 10 insertions(+), 10 deletions(-)
+
+diff --git a/main/SunRiseSet.cpp b/main/SunRiseSet.cpp
+index 14fe07fee7..dce69bc7ba 100644
+--- a/main/SunRiseSet.cpp
++++ b/main/SunRiseSet.cpp
+@@ -144,7 +144,7 @@ bool SunRiseSet::GetSunRiseSet(const double latit, const double longit, const in
+ //astrlen = day_astronomical_twilight_length(year,month,day,longit,latit);
+
+ double _tmpH;
+- result.DaylengthMins = static_cast<int>(std::round(modf(daylen, &_tmpH)*60));
++ result.DaylengthMins = static_cast<int>(round(modf(daylen, &_tmpH)*60));
+ result.DaylengthHours = static_cast<int>(_tmpH);
+
+ rs = sun_rise_set(year, month, day, longit, latit, &rise, &set);
+@@ -154,14 +154,14 @@ bool SunRiseSet::GetSunRiseSet(const double latit, const double longit, const in
+
+ rise = UtcToLocal(rise, timezone);
+ set = UtcToLocal(set, timezone);
+- result.SunAtSouthMin = static_cast<int>(std::round(modf((rise+set)/2.0, &_tmpH)*60));
++ result.SunAtSouthMin = static_cast<int>(round(modf((rise+set)/2.0, &_tmpH)*60));
+ result.SunAtSouthHour = static_cast<int>(_tmpH);
+
+ switch(rs) {
+ case 0:
+- result.SunRiseMin = static_cast<int>(std::round(modf(rise, &_tmpH)*60));
++ result.SunRiseMin = static_cast<int>(round(modf(rise, &_tmpH)*60));
+ result.SunRiseHour = static_cast<int>(_tmpH);
+- result.SunSetMin = static_cast<int>(std::round(modf(set, &_tmpH)*60));
++ result.SunSetMin = static_cast<int>(round(modf(set, &_tmpH)*60));
+ result.SunSetHour = static_cast<int>(_tmpH);
+ //fix a possible rounding issue above
+ if (result.SunRiseMin > 59)
+@@ -189,9 +189,9 @@ bool SunRiseSet::GetSunRiseSet(const double latit, const double longit, const in
+ case 0:
+ civ_start = UtcToLocal(civ_start, timezone);
+ civ_end = UtcToLocal(civ_end, timezone);
+- result.CivilTwilightStartMin = static_cast<int>(std::round(modf(civ_start, &_tmpH)*60));
++ result.CivilTwilightStartMin = static_cast<int>(round(modf(civ_start, &_tmpH)*60));
+ result.CivilTwilightStartHour = static_cast<int>(_tmpH);
+- result.CivilTwilightEndMin = static_cast<int>(std::round(modf(civ_end, &_tmpH)*60));
++ result.CivilTwilightEndMin = static_cast<int>(round(modf(civ_end, &_tmpH)*60));
+ result.CivilTwilightEndHour = static_cast<int>(_tmpH);
+ break;
+ case +1:
+@@ -208,9 +208,9 @@ bool SunRiseSet::GetSunRiseSet(const double latit, const double longit, const in
+ case 0:
+ naut_start = UtcToLocal(naut_start, timezone);
+ naut_end = UtcToLocal(naut_end, timezone);
+- result.NauticalTwilightStartMin = static_cast<int>(std::round(modf(naut_start, &_tmpH)*60));
++ result.NauticalTwilightStartMin = static_cast<int>(round(modf(naut_start, &_tmpH)*60));
+ result.NauticalTwilightStartHour = static_cast<int>(_tmpH);
+- result.NauticalTwilightEndMin = static_cast<int>(std::round(modf(naut_end, &_tmpH)*60));
++ result.NauticalTwilightEndMin = static_cast<int>(round(modf(naut_end, &_tmpH)*60));
+ result.NauticalTwilightEndHour = static_cast<int>(_tmpH);
+ break;
+ case +1:
+@@ -227,9 +227,9 @@ bool SunRiseSet::GetSunRiseSet(const double latit, const double longit, const in
+ case 0:
+ astr_start = UtcToLocal(astr_start, timezone);
+ astr_end = UtcToLocal(astr_end, timezone);
+- result.AstronomicalTwilightStartMin = static_cast<int>(std::round(modf(astr_start, &_tmpH)*60));
++ result.AstronomicalTwilightStartMin = static_cast<int>(round(modf(astr_start, &_tmpH)*60));
+ result.AstronomicalTwilightStartHour = static_cast<int>(_tmpH);
+- result.AstronomicalTwilightEndMin = static_cast<int>(std::round(modf(astr_end, &_tmpH)*60));
++ result.AstronomicalTwilightEndMin = static_cast<int>(round(modf(astr_end, &_tmpH)*60));
+ result.AstronomicalTwilightEndHour = static_cast<int>(_tmpH);
+ break;
+ case +1:
PKG_NAME:=evtest
PKG_VERSION:=1.34
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://cgit.freedesktop.org/evtest/snapshot
--- /dev/null
+From 12d5ea5ca2d9a47a1cab06caf2b36967667a3daf Mon Sep 17 00:00:00 2001
+From: Leo <thinkabit.ukim@gmail.com>
+Date: Sun, 24 Nov 2019 20:58:20 +0100
+Subject: [PATCH] Add missing include of limits.h for PATH_MAX
+
+---
+ evtest.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/evtest.c b/evtest.c
+index 548c203..be5e42c 100644
+--- a/evtest.c
++++ b/evtest.c
+@@ -59,6 +59,7 @@
+ #include <sys/time.h>
+ #include <sys/types.h>
+ #include <unistd.h>
++#include <limits.h> /* PATH_MAX */
+
+ #define BITS_PER_LONG (sizeof(long) * 8)
+ #define NBITS(x) ((((x)-1)/BITS_PER_LONG)+1)
+--
+2.22.0
+
include $(TOPDIR)/rules.mk
PKG_NAME:=fft-eval
-PKG_VERSION:=2017-06-28
+PKG_VERSION:=2019-11-27
PKG_RELEASE=$(PKG_SOURCE_VERSION)
-PKG_SOURCE_VERSION:=3cc175570379da172b0b2bcdbb8d2a42f83dad88
+PKG_SOURCE_VERSION:=4d3b6faee428e3bd9f44ab6a3d70585ec50484a1
PKG_SOURCE:=FFT_eval-$(PKG_SOURCE_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/simonwunderlich/FFT_eval/tar.gz/$(PKG_SOURCE_VERSION)?
-PKG_HASH:=9d70125fffc83918e6613d5938c4a9925aea07323e09470cf059cf0026e5937c
+PKG_HASH:=fb34ed5691af6c3ec09c41a6689ae64a1a12d770347a4effd48e4b30aef1eb22
PKG_BUILD_DIR:=$(BUILD_DIR)/FFT_eval-$(PKG_SOURCE_VERSION)
include $(INCLUDE_DIR)/package.mk
define Package/$(PKG_NAME)
SECTION:=utils
CATEGORY:=Utilities
- MAINTAINER:=Nicolas Pace <nicopace@altermundi.net>
+ MAINTAINER:=Kirill Lukonin <klukonin@gmail.com>
URL:=https://github.com/simonwunderlich/FFT_eval
- TITLE:=Evaluates FFT samples from ath9k driver
- DEPENDS:= +libc @PACKAGE_ATH_DEBUG @PACKAGE_ATH_SPECTRAL
+ TITLE:=Evaluates FFT samples from ath9k, ath10k or ath11k driver
+ DEPENDS:=@PACKAGE_ATH_DEBUG @PACKAGE_ATH_SPECTRAL
endef
define Package/$(PKG_NAME)/description
Evaluates FFT samples from diferent wifi boards drivers
endef
-TARGET_CFLAGS += -ffunction-sections -fdata-sections -flto
+TARGET_CFLAGS += -Wall -W -std=gnu99 -fno-strict-aliasing -MD -MP
+TARGET_CPPFLAGS += -D_DEFAULT_SOURCE
+
define Build/Compile
- $(TARGET_CC) -D__NOSDL__ $(PKG_BUILD_DIR)/fft_eval.c -o $(PKG_BUILD_DIR)/fft_eval -lm
+ $(call Build/Compile/Default,CONFIG_fft_eval_sdl=n)
endef
define Package/$(PKG_NAME)/install
$(INSTALL_DIR) $(1)/usr/bin
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/fft_eval $(1)/usr/bin/fft_eval
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/fft_eval_json $(1)/usr/bin/fft_eval
endef
$(eval $(call BuildPackage,$(PKG_NAME)))
PKG_NAME:=fish
PKG_VERSION:=3.0.2
-PKG_RELEASE:=5
+PKG_RELEASE:=6
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/fish-shell/fish-shell/releases/download/$(PKG_VERSION)
grep fish $${IPKG_INSTROOT}/etc/shells || \
echo "/usr/bin/fish" >> $${IPKG_INSTROOT}/etc/shells
- # Backwards compatibility
- if [ -e /bin/fish ] && { [ ! -L /bin/fish ] || [ "$(readlink -fn $${IPKG_INSTROOT}/bin/fish)" != "../$(CONFIGURE_PREFIX)/bin/fish" ]; }; then
- ln -fs "../$(CONFIGURE_PREFIX)/bin/fish" "$${IPKG_INSTROOT}/bin/fish"
- fi
+# Backwards compatibility
+if [ -e /bin/fish ] && { [ ! -L /bin/fish ] || [ "$(readlink -fn $${IPKG_INSTROOT}/bin/fish)" != "../$(CONFIGURE_PREFIX)/bin/fish" ]; }; then
+ ln -fs "../$(CONFIGURE_PREFIX)/bin/fish" "$${IPKG_INSTROOT}/bin/fish"
+fi
endef
define Package/fish/postrm
--- /dev/null
+From c132a2aa53f3a4ca0ab26395a4936ecf3fd030f2 Mon Sep 17 00:00:00 2001
+From: Rosen Penev <rosenp@gmail.com>
+Date: Fri, 13 Dec 2019 21:50:06 -0800
+Subject: [PATCH] common.cpp: Don't always include cxxabi.h
+
+cxxabi.h is not available with LLVM's libcxx
+---
+ src/common.cpp | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/common.cpp b/src/common.cpp
+index cfa4cb0d81..96873f17a9 100644
+--- a/src/common.cpp
++++ b/src/common.cpp
+@@ -1,8 +1,11 @@
+ // Various functions, mostly string utilities, that are used by most parts of fish.
+ #include "config.h"
+
+-#include <ctype.h>
++#ifdef HAVE_BACKTRACE_SYMBOLS
+ #include <cxxabi.h>
++#endif
++
++#include <ctype.h>
+ #include <dlfcn.h>
+ #include <errno.h>
+ #include <fcntl.h>
include $(TOPDIR)/rules.mk
PKG_NAME:=gpsd
-PKG_VERSION:=3.19
-PKG_RELEASE:=2
+PKG_VERSION:=3.20
+PKG_RELEASE:=1
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@SAVANNAH/$(PKG_NAME)
-PKG_HASH:=27dd24d45b2ac69baab7933da2bf6ae5fb0be90130f67e753c110a3477155f39
+PKG_HASH:=3998a5cbb728e97f896f46c3c83301b1e6c5d859393e58c2fad8c5426774d571
PKG_MAINTAINER:=Pushpal Sidhu <psidhu.devel@gmail.com>
PKG_LICENSE:=BSD-3-Clause
--- /dev/null
+--- a/SConstruct
++++ b/SConstruct
+@@ -42,7 +42,6 @@ import re
+ import subprocess
+ import sys
+ import time
+-from distutils import sysconfig
+ import SCons
+
+
+@@ -669,6 +668,7 @@ def GetPythonValue(context, name, imp, e
+ context.Message('Obtaining Python %s... ' % name)
+ context.sconf.cached = 0 # Avoid bogus "(cached)"
+ if not env['target_python']:
++ from distutils import sysconfig
+ status, value = 0, str(eval(expr))
+ else:
+ command = [target_python_path, '-c', '%s; print(%s)' % (imp, expr)]
+@@ -1218,6 +1218,7 @@ if helping:
+
+ # If helping just get usable config info from the local Python
+ target_python_path = ''
++ from distutils import sysconfig
+ py_config_text = str(eval(PYTHON_CONFIG_CALL))
+ python_libdir = str(eval(PYTHON_LIBDIR_CALL))
+
-Index: gpsd-3.16/SConstruct
-===================================================================
---- gpsd-3.16.orig/SConstruct
-+++ gpsd-3.16/SConstruct
-@@ -672,6 +672,10 @@ else:
+--- a/SConstruct
++++ b/SConstruct
+@@ -874,6 +874,10 @@ else:
ncurseslibs += pkg_config('tinfo', rpath_hack=True)
# It's not yet known whether rpath_hack is appropriate for
# ncurses5-config.
--- /dev/null
+--- a/SConstruct
++++ b/SConstruct
+@@ -1047,12 +1047,6 @@ else:
+ confdefs.append("/* #undef HAVE_%s_H */\n"
+ % hdr.replace("/", "_").upper())
+
+- sizeof_time_t = config.CheckSizeOf("time_t")
+- confdefs.append("#define SIZEOF_TIME_T %s\n" % sizeof_time_t)
+- announce("sizeof(time_t) is %s" % sizeof_time_t)
+- if 4 >= int(sizeof_time_t):
+- announce("WARNING: time_t is too small. It will fail in 2038")
+-
+ # check function after libraries, because some function require libraries
+ # for example clock_gettime() require librt on Linux glibc < 2.17
+ for f in ("cfmakeraw", "clock_gettime", "daemon", "fcntl", "fork",
PKG_LICENSE:=GPL-3.0-or-later
PKG_LICENSE_FILES:=COPYING
-PKG_MAINTAINER:=Florian Fainelli <florian@openwrt.org>
+PKG_MAINTAINER:=
PKG_SOURCE:=$(PKG_NAME)_$(PKG_VERSION).orig.tar.gz
PKG_SOURCE_URL:=http://archive.ubuntu.com/ubuntu/pool/universe/h/$(PKG_NAME)
include $(TOPDIR)/rules.mk
PKG_NAME:=hplip
-PKG_VERSION:=3.19.6
+PKG_VERSION:=3.19.12
PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@SF/hplip
-PKG_HASH:=fcdaedee9ed17d2e70f3aff9558a452d99443d1b93d6623132faf3f3ae61d66d
+PKG_HASH:=b7f398502fb659e0de8e54976237e3c6a64fec0b3c36054a515876f7b006b255
PKG_MAINTAINER:=Luiz Angelo Daros de Luca <luizluca@gmail.com>
PKG_LICENSE:=GPL-2.0 GPL-2.0-or-later
--disable-cups-drv-install \
--enable-lite-build
+define Build/Install
+ mkdir -p $(PKG_INSTALL_DIR)/usr/share/sane
+ sed -n -e '/key="usb.product_id"/{s/.*int_outof="0x//;s/;0x/\n/g;s/".*//;p}' \
+ $(PKG_BUILD_DIR)/data/rules/20-hplip-devices.fdi | sort -u > \
+ $(PKG_INSTALL_DIR)/usr/share/sane/03f0-hplip.usbid
+endef
+
define Package/hplip-common/install
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_BUILD_DIR)/.libs/libhpip.so* $(1)/usr/lib/
$(INSTALL_DIR) $(1)/usr/share/hplip/data/models/
$(CP) $(PKG_BUILD_DIR)/data/models/models.dat $(1)/usr/share/hplip/data/models/
-
- $(INSTALL_DIR) $(1)/etc/hotplug.d/usb/
- $(INSTALL_BIN) ./files/20-hplip $(1)/etc/hotplug.d/usb/
endef
define Package/hplip-sane/install
$(INSTALL_DIR) $(1)/etc/sane.d/dll.d/
$(INSTALL_DATA) ./files/hplib.conf $(1)/etc/sane.d/dll.d/hplib
+
+ $(INSTALL_DIR) $(1)/usr/share/sane
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/sane/03f0-hplip.usbid \
+ $(1)/usr/share/sane/03f0-hplip.usbid
endef
define Package/hplip-common/conffiles
+++ /dev/null
-#!/bin/sh
-
-# Copyright (C) 2009 OpenWrt.org
-
-
-case "$ACTION" in
- add)
- # You have to figure out your PRODUCT id. Uncomment the line below,
- # attach and detach your HP USB printer to find your id in /tmp/hplip.test.
- # It will look like "Found 3f0/1717/100 on /proc/bus/usb/002/009"
- # Replace 3f0/1717/100 below with your id.
- #
- # echo "Found $PRODUCT on $DEVICE" > /tmp/hplip.test
-
- [ "$PRODUCT" = "3f0/1717/100" ] && chown nobody $DEVICE && chmod 666 $DEVICE
- ;;
- remove)
- # device is gone
- ;;
-esac
--- a/configure.in
+++ b/configure.in
-@@ -598,6 +598,10 @@ if test "$class_driver" = "no" && test "$hpijs_only_build" = "no" && test "$hpcu
+@@ -601,6 +601,10 @@ if test "$class_driver" = "no" && test "
else
AC_CHECK_LIB([usb-1.0], [libusb_init], [LIBS="$LIBS"], [AC_MSG_ERROR([cannot find libusb 1.0 support], 2)])
AC_CHECK_HEADERS(libusb-1.0/libusb.h, ,[AC_MSG_ERROR([cannot find libusb-1.0-devel support], 11)])
#include "hpmud.h"
#include "hp_ipp.h"
#include "soap.h"
-@@ -145,98 +144,6 @@ static int GetUriLine(char *buf, char *uri, char **tail)
+@@ -145,98 +144,6 @@ static int GetUriLine(char *buf, char *u
return i;
}
char* token = NULL;
enum HPMUD_RESULT stat;
-@@ -304,34 +210,6 @@ static int DevDiscovery(int localOnly)
+@@ -304,33 +210,6 @@ static int DevDiscovery(int localOnly)
total += AddDevice(uri);
}
-
+ memset(message, 0, sizeof(message));
- /* Look for Network Scan devices if localonly flag if FALSE. */
- if (!localOnly)
-- {
+- {
- /* Look for all-in-one scan devices for which print queue created */
- cnt = GetCupsPrinters(&cups_printer);
- for (i=0; i<cnt; i++)
- SendScanEvent("hpaio:/net/HP_Scan_Devices?ip=1.1.1.1", EVENT_ERROR_NO_PROBED_DEVICES_FOUND);
- }
- }
--
+
bugout:
return total;
- }
--- /dev/null
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=idevicerestore
+PKG_SOURCE_DATE:=2019-12-13
+PKG_SOURCE_VERSION:=a2a6ad16d2c3157153aae7e0835e478237b01507
+PKG_RELEASE:=1
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL=https://github.com/libimobiledevice/idevicerestore
+PKG_MIRROR_HASH:=522bd35a0a4e8cc64ef9b29716e88efd84829e81c9c00ce9170fef285ac4b137
+
+PKG_MAINTAINER:=Rosen Penev <rosenp@gmail.com>
+PKG_LICENSE:=GPL-2.0-or-later
+PKG_LICENSE_FILES:=COPYING
+
+PKG_FIXUP:=autoreconf
+PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/idevicerestore
+ SECTION:=utils
+ CATEGORY:=Utilities
+ SUBMENU:=libimobiledevice
+ TITLE:=Restore/upgrade firmware of iOS devices
+ URL:=https://github.com/libimobiledevice/idevicerestore
+ DEPENDS:=+libirecovery +libzip +libcurl +usbmuxd
+endef
+
+define Package/idevicerestore/description
+ The idevicerestore tool allows to restore firmware files to iOS devices.
+ It is a full reimplementation of all granular steps which are performed
+ during restore of a firmware to a device.
+endef
+
+define Package/idevicerestore/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/idevicerestore $(1)/usr/bin/
+endef
+
+$(eval $(call BuildPackage,idevicerestore))
include $(TOPDIR)/rules.mk
PKG_NAME:=lcd4linux
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/feckert/lcd4linux
--- /dev/null
+--- a/plugin_i2c_sensors.c
++++ b/plugin_i2c_sensors.c
+@@ -68,6 +68,7 @@
+ #include <errno.h>
+ #include <fcntl.h>
+ #include <dirent.h>
++#include <limits.h>
+
+ #include "debug.h"
+ #include "plugin.h"
include $(TOPDIR)/rules.mk
PKG_NAME:=LVM2
-PKG_VERSION:=2.03.02
-PKG_RELEASE:=2
+PKG_VERSION:=2.03.05
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME).$(PKG_VERSION).tgz
PKG_SOURCE_URL:=https://sourceware.org/pub/lvm2
-PKG_HASH:=550ba750239fd75b7e52c9877565cabffef506bbf6d7f6f17b9700dee56c720f
+PKG_HASH:=ca52815c999b20c6d25e3192f142f081b93d01f07b9d787e99664b169dba2700
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME).$(PKG_VERSION)
PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
PKG_NAME:=lxc
PKG_VERSION:=2.1.1
-PKG_RELEASE:=4
-
-PKG_LICENSE:=LGPL-2.1-or-later BSD-2-Clause GPL-2.0
-PKG_MAINTAINER:=Marko Ratkaj <marko.ratkaj@sartura.hr>
+PKG_RELEASE:=5
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://linuxcontainers.org/downloads/lxc/
PKG_HASH:=68663a67450a8d6734e137eac54cc7077209fb15c456eec401a2c26e6386eff6
+PKG_LICENSE:=LGPL-2.1-or-later BSD-2-Clause GPL-2.0
+PKG_MAINTAINER:=Marko Ratkaj <marko.ratkaj@sartura.hr>
+
PKG_BUILD_DEPENDS:=lua
PKG_BUILD_PARALLEL:=1
$(CP) \
$(PKG_INSTALL_DIR)/usr/lib/pkgconfig/lxc.pc \
$(1)/usr/lib/pkgconfig/
+ $(SED) 's,/usr/include,$$$${prefix}/include,g' $(1)/usr/lib/pkgconfig/lxc.pc
+ $(SED) 's,/usr/lib,$$$${prefix}/lib,g' $(1)/usr/lib/pkgconfig/lxc.pc
endef
+diff --git a/mt.c b/mt.c
+index d4058c0..4837808 100644
--- a/mt.c
+++ b/mt.c
-@@ -21,6 +21,7 @@
+@@ -20,6 +20,7 @@
+ #include <fcntl.h>
#include <sys/types.h>
#include <sys/ioctl.h>
- #include <sys/stat.h>
+#include <sys/sysmacros.h>
+ #include <sys/stat.h>
#include <sys/utsname.h>
- #include "mtio.h"
+diff --git a/stinit.c b/stinit.c
+index 5a50341..af5582c 100644
+--- a/stinit.c
++++ b/stinit.c
+@@ -16,6 +16,7 @@
+ #include <errno.h>
+ #include <fcntl.h>
+ #include <dirent.h>
++#include <limits.h>
+ #include <sys/stat.h>
+ #include <sys/ioctl.h>
+ #include <sys/sysmacros.h>
include $(TOPDIR)/rules.mk
PKG_NAME:=nano
-PKG_VERSION:=4.5
+PKG_VERSION:=4.7
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@GNU/nano
-PKG_HASH:=ded5c38f5ecd9de2b624e0db8013a375c169d3fbbd49575967b868847df8f533
+PKG_HASH:=58c0e197de5339ca3cad3ef42b65626d612ddb0b270e730f02e6ab3785c736f5
PKG_LICENSE:=GPL-3.0-or-later
PKG_LICENSE_FILES:=COPYING
include $(TOPDIR)/rules.mk
PKG_NAME:=nnn
-PKG_VERSION:=2.7
+PKG_VERSION:=2.8.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-v$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/jarun/nnn/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=0592c7cbcf2cf66cacac49e9204636480820b1bc74e4187dd7ee06945a6d07c5
+PKG_HASH:=cadf9cf8038433aeeb50a777180ad4b309ac7d2fec81c7da177ddca515812f06
PKG_MAINTAINER:=Josef Schlehofer <pepe.schlehofer@gmail.com>
PKG_LICENSE:=BSD-2-Clause
CATEGORY:=Utilities
TITLE:=Full-featured terminal file manager
URL:=https://github.com/jarun/nnn
- DEPENDS:=+libncurses +libreadline +findutils-xargs
+ DEPENDS:=+libncurses +libreadline
endef
define Package/nnn/description
PKG_SOURCE_VERSION:=32408520fcebe785983a68e39ec83830a3005779
PKG_MIRROR_HASH:=b5ae48fd300f75b948a2b2a5f6cd4465b7a336495685f73100ad33a5d43a4c05
-PKG_MAINTAINER:=Florian Fainelli <florian@openwrt.org>
+PKG_MAINTAINER:=Michael Heimpold <mhei@heimpold.de>
PKG_LICENSE:=ISC
PKG_LICENSE_FILES:=LICENSE
include $(TOPDIR)/rules.mk
PKG_NAME:=open-vm-tools
-PKG_VERSION:=11.0.1
+PKG_VERSION:=11.0.5
PKG_RELEASE:=1
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-14773994.tar.gz
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-15389592.tar.gz
PKG_SOURCE_URL:=https://github.com/vmware/open-vm-tools/releases/download/stable-$(PKG_VERSION)
-PKG_HASH:=8a707df98b6eb40195d7deaf09def5ef03c19c83ca418f8bf23c18405ebf2981
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)-14773994
+PKG_HASH:=fc5ed2d752af33775250e0f103d622c0031d578f8394511617d2619b124dfc42
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)-15389592
PKG_INSTALL:=1
PKG_BUILD_DEPENDS:=glib2/host
diff -urN a/lib/nicInfo/nicInfoPosix.c b/lib/nicInfo/nicInfoPosix.c
--- a/lib/nicInfo/nicInfoPosix.c
+++ b/lib/nicInfo/nicInfoPosix.c
-@@ -34,9 +34,13 @@
- #include <sys/socket.h>
+@@ -35,9 +35,13 @@
#include <sys/stat.h>
#include <errno.h>
+ #include <limits.h>
-#if defined(__FreeBSD__) || defined(__APPLE__)
+#if HAVE_SYS_SYSCTL_H
# include <sys/sysctl.h>
--- /dev/null
+diff -urNp a/lib/nicInfo/nicInfoPosix.c b/lib/nicInfo/nicInfoPosix.c
+--- a/lib/nicInfo/nicInfoPosix.c
++++ b/lib/nicInfo/nicInfoPosix.c
+@@ -65,6 +65,9 @@
+ #include <netinet/in.h>
+ #include <arpa/nameser.h>
+ #include <resolv.h>
++#if defined(__linux__) && !defined(__GLIBC__)
++#include "resolv_compat.h"
++#endif
+
+ #ifdef __linux__
+ # include <net/if.h>
+diff -urNp a/lib/nicInfo/resolv_compat.h b/lib/nicInfo/resolv_compat.h
+--- a/lib/nicInfo/resolv_compat.h
++++ b/lib/nicInfo/resolv_compat.h
+@@ -0,0 +1,29 @@
++#if !defined(__GLIBC__)
++/***************************************************************************
++ * resolv_compat.h
++ *
++ * Mimick GLIBC's res_ninit() and res_nclose() for musl libc
++ * Note: res_init() is actually deprecated according to
++ * http://docs.oracle.com/cd/E36784_01/html/E36875/res-nclose-3resolv.html
++ **************************************************************************/
++#include <string.h>
++
++static inline int res_ninit(res_state statp)
++{
++ int rc = res_init();
++ if (statp != &_res) {
++ memcpy(statp, &_res, sizeof(*statp));
++ }
++ return rc;
++}
++
++static inline int res_nclose(res_state statp)
++{
++ if (!statp)
++ return -1;
++ if (statp != &_res) {
++ memset(statp, 0, sizeof(*statp));
++ }
++ return 0;
++}
++#endif
include $(TOPDIR)/rules.mk
PKG_NAME:=openocd
-PKG_SOURCE_VERSION:=0.10.0
-PKG_VERSION:=v$(PKG_SOURCE_VERSION)
-PKG_RELEASE:=2
-
-PKG_SOURCE_URL:=@SF/openocd
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.bz2
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_SOURCE_VERSION)
-PKG_HASH:=7312e7d680752ac088b8b8f2b5ba3ff0d30e0a78139531847be4b75c101316ae
+PKG_SOURCE_VERSION:=v0.10.0-1000-gdb23c13d
+PKG_VERSION:=$(PKG_SOURCE_VERSION)
+PKG_RELEASE:=1
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE_URL:=git://git.code.sf.net/p/openocd/code
+PKG_MIRROR_HASH:=6f8c0ecf240427654ad5e911b44f78996da931209280f4a19c1215802ff14638
+
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=COPYING
PKG_INSTALL:=1
PKG_FIXUP:=autoreconf
+PKG_CONFIG_DEPENDS:=CONFIG_PACKAGE_openocd_with_usb
+
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/nls.mk
CATEGORY:=Utilities
TITLE:=OpenOCD Utility
URL:=http://openocd.sf.net/
- DEPENDS:=+libusb-1.0 +libusb-compat +libftdi1 +hidapi
+ DEPENDS:=+PACKAGE_openocd_with_usb:libusb-1.0 \
+ +PACKAGE_openocd_with_usb:libusb-compat \
+ +PACKAGE_openocd_with_usb:libftdi1 \
+ +PACKAGE_openocd_with_usb:hidapi
+endef
+
+define Package/openocd/config
+ if PACKAGE_openocd
+ config PACKAGE_openocd_with_usb
+ bool "Build with support for USB adapters."
+ default y
+ endif
endef
define Package/openocd/description
Pro).
endef
+define Build/Prepare
+ $(call Build/Prepare/Default)
+ -$(RM) $(PKG_BUILD_DIR)/guess-rev.sh
+endef
+
CONFIGURE_ARGS += \
--prefix="/usr" \
--disable-werror \
MAKEINFO=true \
+ $(if $(CONFIG_PACKAGE_openocd_with_usb),,PKG_CONFIG=false) \
--enable-dummy \
--enable-sysfsgpio
+TARGET_CFLAGS += -DRELSTR=\\\"-$(PKG_VERSION)-$(PKG_RELEASE)-OpenWrt\\\"
+
define Build/Compile
+$(MAKE_VARS) \
$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/$(MAKE_PATH)
+++ /dev/null
-Subject: Bind to IPv4 localhost by default
-Origin: other, http://openocd.zylin.com/#/c/4331/2
-Last-Update: 2018-01-18
-
-From f8630b0b15e30dc6c51270006a4e075c79cf466a Mon Sep 17 00:00:00 2001
-From: Paul Fertser <fercerpav@gmail.com>
-Date: Sat, 13 Jan 2018 16:22:10 +0300
-Subject: [PATCH] server: bind to IPv4 localhost by default
-
-Since OpenOCD basically allows to perform arbitrary actions on behalf of
-the running user, it makes sense to restrict the exposure by default.
-
-If you need network connectivity and your environment is safe enough,
-use "bindto 0.0.0.0" to switch to the old behaviour.
-
-Change-Id: I4a4044b90d0ecb30118cea96fc92a7bcff0924e0
-Signed-off-by: Paul Fertser <fercerpav@gmail.com>
----
-
-diff --git a/doc/openocd.texi b/doc/openocd.texi
-index 7f5b72e..5c7f465 100644
---- a/doc/openocd.texi
-+++ b/doc/openocd.texi
-@@ -7017,7 +7017,7 @@
-
- @deffn Command bindto [name]
- Specify address by name on which to listen for incoming TCP/IP connections.
--By default, OpenOCD will listen on all available interfaces.
-+By default, OpenOCD will listen on the loopback interface only.
- @end deffn
-
- @anchor{targetstatehandling}
-diff --git a/src/server/server.c b/src/server/server.c
-index 1e52e97..ea1e898 100644
---- a/src/server/server.c
-+++ b/src/server/server.c
-@@ -259,7 +259,7 @@
- c->sin.sin_family = AF_INET;
-
- if (bindto_name == NULL)
-- c->sin.sin_addr.s_addr = INADDR_ANY;
-+ c->sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
- else {
- hp = gethostbyname(bindto_name);
- if (hp == NULL) {
+++ /dev/null
-Subject: Prevent some forms of Cross Protocol Scripting attacks
-Author: Andreas Fritiofson <andreas.fritiofson@gmail.com>
-Origin: other, http://openocd.zylin.com/#/c/4335/
-Bug-Debian: https://bugs.debian.org/887488
-Last-Update: 2018-01-18
-
-From 3a223ca3ebc7ac24d7726a0cd58e5695bc813657 Mon Sep 17 00:00:00 2001
-From: Andreas Fritiofson <andreas.fritiofson@gmail.com>
-Date: Sat, 13 Jan 2018 21:00:47 +0100
-Subject: [PATCH] CVE-2018-5704: Prevent some forms of Cross Protocol Scripting attacks
-
-OpenOCD can be targeted by a Cross Protocol Scripting attack from
-a web browser running malicious code, such as the following PoC:
-
-var x = new XMLHttpRequest();
-x.open("POST", "http://127.0.0.1:4444", true);
-x.send("exec xcalc\r\n");
-
-This mitigation should provide some protection from browser-based
-attacks and is based on the corresponding fix in Redis:
-
-https://github.com/antirez/redis/blob/8075572207b5aebb1385c4f233f5302544439325/src/networking.c#L1758
-
-Change-Id: Ia96ebe19b74b5805dc228bf7364c7971a90a4581
-Signed-off-by: Andreas Fritiofson <andreas.fritiofson@gmail.com>
-Reported-by: Josef Gajdusek <atx@atx.name>
----
-
-diff --git a/src/server/startup.tcl b/src/server/startup.tcl
-index 64ace40..dd1b31e 100644
---- a/src/server/startup.tcl
-+++ b/src/server/startup.tcl
-@@ -8,3 +8,14 @@
- # one target
- reset halt
- }
-+
-+proc prevent_cps {} {
-+ echo "Possible SECURITY ATTACK detected."
-+ echo "It looks like somebody is sending POST or Host: commands to OpenOCD."
-+ echo "This is likely due to an attacker attempting to use Cross Protocol Scripting"
-+ echo "to compromise your OpenOCD instance. Connection aborted."
-+ exit
-+}
-+
-+proc POST {args} { prevent_cps }
-+proc Host: {args} { prevent_cps }
include $(TOPDIR)/rules.mk
PKG_NAME:=opensc
-PKG_VERSION:=0.19.0
-PKG_RELEASE:=2
-PKG_HASH:=2c5a0e4df9027635290b9c0f3addbbf0d651db5ddb0ab789cb0e978f02fd5826
+PKG_VERSION:=0.20.0
+PKG_RELEASE:=1
+PKG_HASH:=bbf4b4f4a44463645c90a525e820a8059b2f742a53b7b944f941de3c97ba4863
PKG_LICENSE:=LGPL-2.1-or-later
PKG_LICENSE_FILES:=COPYING
--- /dev/null
+--- a/src/libopensc/sc-ossl-compat.h
++++ b/src/libopensc/sc-ossl-compat.h
+@@ -101,6 +101,21 @@ extern "C" {
+ #endif
+
+ /*
++ * 1.1.0 depracated ERR_load_crypto_strings(), SSL_load_error_strings(), ERR_free_strings()
++ * and ENGINE_load_dynamic.EVP_CIPHER_CTX_cleanup and EVP_CIPHER_CTX_init are replaced
++ * by EVP_CIPHER_CTX_reset.
++ * But for compatability with LibreSSL and older OpenSSL. OpenSC uses the older functions
++ */
++#if OPENSSL_API_COMPAT >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
++#define ERR_load_crypto_strings(x) {}
++#define SSL_load_error_strings(x) {}
++#define ERR_free_strings(x) {}
++#define ENGINE_load_dynamic(x) {}
++#define EVP_CIPHER_CTX_cleanup(x) EVP_CIPHER_CTX_reset(x)
++#define EVP_CIPHER_CTX_init(x) EVP_CIPHER_CTX_reset(x)
++#endif
++
++/*
+ * OpenSSL-1.1.0-pre5 has hidden the RSA and DSA structures
+ * One can no longer use statements like rsa->n = ...
+ * Macros and defines don't work on all systems, so use inline versions
PKG_NAME:=pciutils
PKG_VERSION:=3.6.2
-PKG_RELEASE:=3
+PKG_RELEASE:=5
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@KERNEL/software/utils/pciutils
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=COPYING
-PKG_USE_MIPS16:=0
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
$(CP) $(PKG_INSTALL_DIR)/usr/lib/*.so* $(1)/usr/lib
$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
$(CP) $(PKG_BUILD_DIR)/lib/libpci.pc $(1)/usr/lib/pkgconfig
+ $(SED) 's,/usr/include,$$$${prefix}/include,g' $(1)/usr/lib/pkgconfig/libpci.pc
+ $(SED) 's,/usr/lib,$$$${prefix}/lib,g' $(1)/usr/lib/pkgconfig/libpci.pc
$(INSTALL_DIR) $(1)/usr/include/pci
$(CP) $(foreach i,pci.h config.h header.h types.h, \
$(PKG_BUILD_DIR)/lib/$(i)) $(1)/usr/include/pci
include $(TOPDIR)/rules.mk
PKG_NAME:=pcsc-lite
-PKG_VERSION:=1.8.25
+PKG_VERSION:=1.8.26
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://pcsclite.apdu.fr/files/
-PKG_HASH:=d76d79edc31cf76e782b9f697420d3defbcc91778c3c650658086a1b748e8792
+PKG_HASH:=3eb7be7d6ef618c0a444316cf5c1f2f9d7227aedba7a192f389fe3e7c0dfbbd9
PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=COPYING
include $(TOPDIR)/rules.mk
PKG_NAME:=qemu
-PKG_VERSION:=4.1.1
+PKG_VERSION:=4.2.0
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_HASH:=ed6fdbbdd272611446ff8036991e9b9f04a2ab2e3ffa9e79f3bab0eb9a95a1d2
+PKG_HASH:=d3481d4108ce211a053ef15be69af1bdd9dde1510fda80d92be0f6c3e98768f0
PKG_SOURCE_URL:=http://download.qemu.org/
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=LICENSE tcg/LICENSE
--- /dev/null
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=restic
+PKG_VERSION:=0.9.6
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://codeload.github.com/restic/restic/tar.gz/v${PKG_VERSION}?
+PKG_HASH:=1cc8655fa99f06e787871a9f8b5ceec283c856fa341a5b38824a0ca89420b0fe
+
+PKG_LICENSE:=BSD-2-Clause
+PKG_LICENSE_FILES:=LICENSE
+PKG_MAINTAINER:=Markus Weippert <markus@gekmihesg.de>
+
+PKG_BUILD_DEPENDS:=golang/host
+PKG_BUILD_PARALLEL:=1
+PKG_USE_MIPS16:=0
+
+GO_PKG:=github.com/restic/restic/
+GO_PKG_BUILD_PKG:=github.com/restic/restic/cmd/restic/
+GO_PKG_LDFLAGS:=-s -w
+GO_PKG_LDFLAGS_X:=main.version=$(PKG_VERSION)
+
+include $(INCLUDE_DIR)/package.mk
+include ../../lang/golang/golang-package.mk
+
+define Package/restic
+ TITLE:=restic backup program
+ URL:=http://github.com/restic/restic
+ DEPENDS:=$(GO_ARCH_DEPENDS)
+ SECTION:=utils
+ CATEGORY:=Utilities
+endef
+
+define Package/restic/description
+restic is a backup program that is fast, efficient and secure. It supports the
+three major operating systems (Linux, macOS, Windows) and a few smaller ones
+(FreeBSD, OpenBSD).
+endef
+
+$(eval $(call GoBinPackage,restic))
+$(eval $(call BuildPackage,restic))
PKG_NAME:=sane-backends
PKG_VERSION:=1.0.28
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://gitlab.com/sane-project/backends/uploads/9e718daff347826f4cfe21126c8d5091/
PKG_HASH:=31260f3f72d82ac1661c62c5a4468410b89fb2b4a811dabbfcc0350c1346de03
CATEGORY:=Utilities
DEPENDS:=+libsane
TITLE+= (network daemon)
+ USERID:=saned:scanner
endef
define Package/sane-daemon/description
This package contains the SANE daemon.
endef
+# Run hotplug to grant access to existing scanners
+define Package/sane-daemon/postinst
+#!/bin/sh
+udevtrigger
+endef
+
define Package/libsane
$(call Package/sane-backends/Default)
SECTION:=libs
$(Build/Configure/Default)
endef
+define Build/Install
+ $(call Build/Install/Default)
+ mkdir -p $(PKG_INSTALL_DIR)/usr/share/sane
+ $(foreach file, $(filter-out %/unsupported.desc ,$(wildcard $(PKG_BUILD_DIR)/doc/descriptions/*.desc)),
+ sed -rn -e '/^:usbid[[:blank:]]+"?0x(....)"?[[:blank:]]+"?0x(....)"?.*/{s//\1 \2/;p}' $(file) | \
+ sort -u > $(PKG_INSTALL_DIR)/usr/share/sane/$(basename $(notdir $(file))).usbid; \
+ awk '{ print $$$$2 > "$(PKG_INSTALL_DIR)/usr/share/sane/"$$$$1"-$(basename $(notdir $(file))).usbid" }' \
+ $(PKG_INSTALL_DIR)/usr/share/sane/$(basename $(notdir $(file))).usbid ;
+ )
+endef
+
define Package/libsane/install
$(INSTALL_DIR) $(1)/usr/lib/sane/
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libsane.so.* $(1)/usr/lib/
$(CP) $(PKG_INSTALL_DIR)/usr/lib/sane/libsane-dll.so.* $(1)/usr/lib/sane/
$(INSTALL_DIR) $(1)/etc/sane.d/dll.d
$(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/sane.d/dll.conf $(1)/etc/sane.d/
- chmod 0755 $(1)/etc/sane.d/dll.conf
+ chmod 0644 $(1)/etc/sane.d/dll.conf
endef
define Package/libsane/conffiles
define Package/sane-daemon/install
$(INSTALL_DIR) $(1)/etc/sane.d
$(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/sane.d/saned.conf $(1)/etc/sane.d/
- chmod 0755 $(1)/etc/sane.d/saned.conf
+ chmod 0644 $(1)/etc/sane.d/saned.conf
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) ./files/saned.sbin $(1)/usr/sbin/saned
$(INSTALL_DIR) $(1)/usr/lib/sane/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/saned $(1)/usr/lib/sane/saned
$(INSTALL_DIR) $(1)/etc/xinetd.d
$(INSTALL_CONF) ./files/saned.xinetd $(1)/etc/xinetd.d/sane-port
+ $(INSTALL_DIR) $(1)/etc/hotplug.d/usb/
+ $(INSTALL_BIN) ./files/saned.hotplug $(1)/etc/hotplug.d/usb/20-saned
endef
define Package/sane-daemon/conffiles
define Package/sane-$(1)/install
if [ -f "$(PKG_INSTALL_DIR)/etc/sane.d/$(1).conf" ]; then \
- $(INSTALL_DIR) $$(1)/etc/sane.d ; \
- $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/sane.d/$(1).conf $$(1)/etc/sane.d/; \
- chmod 0755 $$(1)/etc/sane.d/$(1).conf ; \
- fi
- $(INSTALL_DIR) $$(1)/usr/lib/sane
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/sane/libsane-$(1).so.* $$(1)/usr/lib/sane/
+ $(INSTALL_DIR) $$(1)/etc/sane.d ; \
+ $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/sane.d/$(1).conf $$(1)/etc/sane.d/ ; \
+ chmod 0644 $$(1)/etc/sane.d/$(1).conf ; \
+ fi ; \
+ $(INSTALL_DIR) $$(1)/usr/lib/sane ; \
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/sane/libsane-$(1).so.* $$(1)/usr/lib/sane/ ; \
if [ -d "$(PKG_INSTALL_DIR)/usr/share/sane/$(1)" ]; then \
$(INSTALL_DIR) $$(1)/usr/share/sane/ ; \
$(CP) -a $(PKG_INSTALL_DIR)/usr/share/sane/$(1) $$(1)/usr/share/sane/ ; \
+ fi ; \
+ if [ -s "$(PKG_INSTALL_DIR)/usr/share/sane/$(1).usbid" ]; then \
+ $(INSTALL_DIR) $$(1)/usr/share/sane/ ; \
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/sane/????-$(1).usbid $$(1)/usr/share/sane/ ; \
fi
endef
--- /dev/null
+#!/bin/sh
+
+[ "$ACTION" = "add" ] || exit 0
+[ "$DEVTYPE" = "usb_device" ] || exit 0
+
+SANE_GROUP=scanner
+grep -q -E "^$SANE_GROUP:" /etc/group || exit 0
+
+# Filter SANE known devices
+vendor_product="${PRODUCT%/*}"
+vendorid="$(printf '%04x' "0x0${vendor_product%/*}")"
+productid="$(printf '%04x' "0x0${vendor_product#*/}")"
+grep -s -x -F -q "$productid" "/usr/share/sane/$vendorid"-*.usbid || exit 0
+
+grant() {
+ logger -t "hotplug(usb/20-saned)" "Granting $1 to '$2' for group '$SANE_GROUP'"
+ chgrp "$SANE_GROUP" "$2"
+ chmod "$1" "$2"
+}
+
+# Needed by script /usr/bin/saned to rebind USB devices back to usblp after use
+usblp_bind="/sys/bus/usb/drivers/usblp/bind"
+if [ -e "$usblp_bind" ]; then
+ grant g+w "$usblp_bind"
+fi
+
+grant g+rw "/dev/$DEVNAME"
socket_type = stream
port = 6566
wait = no
- user = root
-# user = saned
+ user = saned
group = scanner
server = /usr/sbin/saned
disable = yes
PKG_NAME:=shadow
PKG_VERSION:=4.6
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://github.com/shadow-maint/shadow/releases/download/$(PKG_VERSION)
--- /dev/null
+--- a/etc/login.defs
++++ b/etc/login.defs
+@@ -317,7 +317,7 @@ CHFN_RESTRICT rwh
+ # Note: If you use PAM, it is recommended to use a value consistent with
+ # the PAM modules configuration.
+ #
+-#ENCRYPT_METHOD DES
++ENCRYPT_METHOD SHA512
+
+ #
+ # Only works if ENCRYPT_METHOD is set to SHA256 or SHA512.
include $(INCLUDE_DIR)/uclibc++.mk
PKG_NAME:=smartmontools
-PKG_VERSION:=7.0
-PKG_RELEASE:=3
+PKG_VERSION:=7.1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@SF/smartmontools
-PKG_HASH:=e5e1ac2786bc87fdbd6f92d0ee751b799fbb3e1a09c0a6a379f9eb64b3e8f61c
+PKG_HASH:=3f734d2c99deb1e4af62b25d944c6252de70ca64d766c4c7294545a2e659b846
PKG_MAINTAINER:=Maxim Storchak <m.storchak@gmail.com>
PKG_LICENSE:=GPL-2.0-or-later
Database of known drives and USB bridges for smartctl and smartd.
endef
+define Package/smartd-mail
+ $(call Package/smartmontools/Default)
+ TITLE+= Email notifications
+ PKGARCH=all
+ DEPENDS+= +smartd +nail +msmtp-mta
+endef
+
+define Package/smartd-mail/description
+ A script for mailing about SMART issues
+endef
+
ifeq ($(CONFIG_USE_UCLIBCXX),y)
TARGET_LDFLAGS +=-nodefaultlibs
else
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/smartmontools/drivedb.h $(1)/usr/share/smartmontools/
endef
+define Package/smartd-mail/install
+ $(INSTALL_DIR) $(1)/etc
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/etc/smartd_warning.sh $(1)/etc
+endef
+
define Package/smartd/conffiles
/etc/smartd.conf
endef
$(eval $(call BuildPackage,smartmontools))
$(eval $(call BuildPackage,smartd))
$(eval $(call BuildPackage,smartmontools-drivedb))
+$(eval $(call BuildPackage,smartd-mail))
--- /dev/null
+diff --git a/configure b/configure
+index 6f442b3..5803c83 100755
+--- a/configure
++++ b/configure
+@@ -6988,7 +6988,7 @@ releaseversion='${PACKAGE}-${VERSION}'
+ # Set platform-specific modules and symbols
+ os_libs=
+ os_dltools='curl wget lynx svn'
+-os_mailer=mail
++os_mailer=mailx
+ os_hostname="'hostname'"
+ os_dnsdomainname=
+ os_nisdomainname="'domainname'"
PKG_NAME:=smstools3
PKG_VERSION:=3.1.21
-PKG_RELEASE:=2
+PKG_RELEASE:=3
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=http://smstools3.kekekasvi.com/packages/
+PKG_HASH:=a26ba4c02b16f6cf13177bffca6c9230dc5fefaeba8e3030cd4e4905f6a92084
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)
PKG_MAINTAINER:=Harald Geyer <harald@ccbib.org>
PKG_LICENSE:=GPL-2.0
PKG_BUILD_PARALLEL:=0
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=http://smstools3.kekekasvi.com/packages/
-PKG_HASH:=a26ba4c02b16f6cf13177bffca6c9230dc5fefaeba8e3030cd4e4905f6a92084
-
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)
-
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/nls.mk
procd_open_instance
- procd_set_param command $DAEMON -n MAINPROCESS -p$PIDFILE -i$INFOFILE
+ procd_set_param command $DAEMON -t -n MAINPROCESS -p$PIDFILE -i$INFOFILE
procd_set_param respawn
procd_set_param stdout 1
include $(TOPDIR)/rules.mk
PKG_NAME:=spi-tools
-PKG_VERSION:=0.8.3
+PKG_VERSION:=0.8.4
PKG_RELEASE:=1
PKG_SOURCE_URL:=https://codeload.github.com/cpb-/spi-tools/tar.gz/$(PKG_VERSION)?
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_HASH:=1f29548187c5a57ca5902d260b01ca9ce04d93e4406ff77f317e1d6423ed3610
+PKG_HASH:=201ffcb53e64f28a05aa0a8de5686f7ac644268da1305c0d5f70a3d96b4a22ce
PKG_MAINTAINER:=John Crispin <blogic@openwrt.org>
-PKG_LICENSE:=GPL-2.0
+PKG_LICENSE:=GPL-2.0-only
PKG_LICENSE_FILES:=LICENSE
PKG_FIXUP:=autoreconf
+PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
+PKG_ASLR_PIE:=0
include $(INCLUDE_DIR)/package.mk
SECTION:=utils
CATEGORY:=Utilities
TITLE:=Command line SPI tools
-endef
-
-define Build/Compile
- cd $(PKG_BUILD_DIR) ; \
- $(TARGET_CC) $(TARGET_CFLAGS) $(EXTRA_CFLAGS) -Wall -Werror -o spi-config src/spi-config.c ; \
- $(TARGET_CC) $(TARGET_CFLAGS) $(EXTRA_CFLAGS) -Wall -Werror -o spi-pipe src/spi-pipe.c
+ URL:=https://github.com/cpb-/spi-tools
endef
define Package/spi-tools/install
$(INSTALL_DIR) $(1)/usr/bin
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/spi-config $(1)/usr/bin
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/spi-pipe $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/spi-config $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/spi-pipe $(1)/usr/bin
endef
$(eval $(call BuildPackage,spi-tools))
PKG_SOURCE_URL:=@SF/stoken
PKG_HASH:=aa2b481b058e4caf068f7e747a2dcf5772bcbf278a4f89bc9efcbf82bcc9ef5a
-PKG_MAINTAINER:=Florian Fainelli <florian@openwrt.org>
+PKG_MAINTAINER:=
PKG_LICENSE:=LGPL-2.1
PKG_INSTALL:=1
include $(TOPDIR)/rules.mk
PKG_NAME:=tcsh
-PKG_VERSION:=6.20.00
-PKG_RELEASE:=2
+PKG_VERSION:=6.22.02
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:= \
- http://ftp.funet.fi/pub/mirrors/ftp.astron.com/pub/tcsh/ \
- http://ftp.funet.fi/pub/mirrors/ftp.astron.com/pub/tcsh/old/ \
- ftp://ftp.astron.com/pub/tcsh/ \
- ftp://ftp.astron.com/pub/tcsh/old
-PKG_HASH:=b89de7064ab54dac454a266cfe5d8bf66940cb5ed048d0c30674ea62e7ecef9d
+ https://astron.com/pub/tcsh/ \
+ https://astron.com/pub/tcsh/old \
+ https://ftp.funet.fi/pub/mirrors/ftp.astron.com/pub/tcsh \
+ https://ftp.funet.fi/pub/mirrors/ftp.astron.com/pub/tcsh/old
+PKG_HASH:=ed287158ca1b00ba477e8ea57bac53609838ebcfd05fcb05ca95021b7ebe885b
+PKG_MAINTAINER:=Nuno Goncalves <nunojpg@gmail.com>
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=Copyright
PKG_CPE_ID:=cpe:/a:tcsh:tcsh
-PKG_MAINTAINER:=Nuno Goncalves <nunojpg@gmail.com>
+PKG_FIXUP:=autoreconf
+PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/nls.mk
define Package/tcsh
SECTION:=utils
CATEGORY:=Utilities
SUBMENU:=Shells
TITLE:=Enhanced Berkeley UNIX C shell
- DEPENDS:=+libncurses
- URL:=http://www.tcsh.org/
+ DEPENDS:=+libncurses $(ICONV_DEPENDS)
+ URL:=https://www.tcsh.org/
endef
define Package/tcsh/description
define Package/tcsh/postinst
#!/bin/sh
-grep tcsh $${IPKG_INSTROOT}/etc/shells || \
- echo "/bin/tcsh" >> $${IPKG_INSTROOT}/etc/shells
- echo "/bin/csh" >> $${IPKG_INSTROOT}/etc/shells
+grep tcsh $${IPKG_INSTROOT}/etc/shells || { \
+ echo "/bin/tcsh"
+ echo "/bin/csh"
+} >> $${IPKG_INSTROOT}/etc/shells
endef
define Package/tcsh/install
$(INSTALL_DIR) $(1)/bin
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/tcsh $(1)/bin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/tcsh $(1)/bin/
ln -sf tcsh $(1)/bin/csh
endef
--- a/config_f.h
+++ b/config_f.h
-@@ -139,11 +139,8 @@
+@@ -138,11 +138,8 @@
* This can be much slower and no memory statistics will be
* provided.
*/
--- /dev/null
+--- a/ed.inputl.c
++++ b/ed.inputl.c
+@@ -668,9 +668,9 @@ int
+ GetCmdChar(Char ch)
+ {
+ #ifndef WINNT_NATIVE // We use more than 256 for various extended keys
+- wint_t c = ch & CHAR;
++ Char c = ch & CHAR;
+ #else
+- wint_t c = ch;
++ Char c = ch;
+ #endif
+ return c < NT_NUM_KEYS ? CurrentKeyMap[c] : F_INSERT;
+ }
--- /dev/null
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -447,7 +447,7 @@ pure:$(P) ${OBJS}
+
+ gethost: gethost.c sh.err.h tc.const.h sh.h
+ rm -f gethost
+- ${CC_FOR_GETHOST} -o gethost ${CPPFLAGS} ${CFLAGS} ${LDFLAGS} $(srcdir)/gethost.c
++ ${CC_FOR_GETHOST} -o gethost $(srcdir)/gethost.c
+
+ tc.defs.c: gethost host.defs
+ @rm -f $@.tmp
include $(TOPDIR)/rules.mk
PKG_NAME:=tmux
-PKG_VERSION:=2.9a
+PKG_VERSION:=3.0a
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://github.com/tmux/tmux/releases/download/$(PKG_VERSION)
-PKG_HASH:=839d167a4517a6bffa6b6074e89a9a8630547b2dea2086f1fad15af12ab23b25
+PKG_SOURCE_URL:=https://codeload.github.com/tmux/tmux/tar.gz/$(PKG_VERSION)?
+PKG_HASH:=523093fc71cb51345202ee50bd2a296a76a76060499958b9adc383cf7926ee66
PKG_MAINTAINER:=Maxim Storchak <m.storchak@gmail.com>
PKG_LICENSE:=ISC
PKG_NAME:=ttyd
PKG_VERSION:=1.5.2
-PKG_RELEASE:=1
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/tsl0922/ttyd/tar.gz/$(PKG_VERSION)?
# close all open connections
killall "$NAME"
}
+
+service_triggers() {
+ procd_add_reload_trigger "$NAME"
+}
--- /dev/null
+--- a/src/server.c
++++ b/src/server.c
+@@ -6,6 +6,7 @@
+ #include <getopt.h>
+ #include <signal.h>
+ #include <sys/stat.h>
++#include <syslog.h>
+
+ #include <libwebsockets.h>
+ #include <json.h>
+@@ -418,7 +419,8 @@ main(int argc, char **argv) {
+ return -1;
+ }
+
+- lws_set_log_level(debug_level, NULL);
++ openlog("ttyd", LOG_NDELAY | LOG_PID, LOG_DAEMON);
++ lws_set_log_level(debug_level, lwsl_emit_syslog);
+
+ #if LWS_LIBRARY_VERSION_MAJOR >= 2
+ char server_hdr[128] = "";
PKG_SOURCE_URL:=https://github.com/blogic/uledd.git
PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=bc94c7e52009f7ec33b23652502b4754351d8040
-PKG_MIRROR_HASH:=23a407197d6a423bb0b32f381e93ad3676e15f07465d7b53c843a2b510c7c284
+PKG_SOURCE_VERSION:=b7abc41ac4e04131e5a81f0f1de4e4ffb6ae16eb
+PKG_MIRROR_HASH:=751d6336619f282aa571cbd3aa64df9b326da74fc56477a425d49cb2b0a12aea
PKG_MAINTAINER:=John Crispin <john@phrozen.org>
-PKG_LICENSE:=GPL-2.0
+PKG_LICENSE:=LGPL-2.1-only
CMAKE_INSTALL:=1
define Package/uledd
SECTION:=utils
CATEGORY:=Utilities
- DEPENDS:=+libubox +libubus
+ DEPENDS:=+libubox +libubus +libblobmsg-json +libjson-c
TITLE:=PWM/RGB LED ubus frontend
endef
include $(TOPDIR)/rules.mk
PKG_NAME:=unrar
-PKG_VERSION:=5.8.3
+PKG_VERSION:=5.8.4
PKG_RELEASE:=1
PKG_SOURCE:=unrarsrc-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.rarlab.com/rar
-PKG_HASH:=3591685c8f5bbcb0be09de3d0a0544adb88966b9cccb80986f6cd2b534fd91a6
+PKG_HASH:=0b7cb2307ef7e65f631496376ce2fdf98b9b0f2136dc4467408ef63f3bf92f96
PKG_MAINTAINER:=Álvaro Fernández Rojas <noltari@gmail.com>, \
Ted Hess <thess@kitschensync.net>
include $(TOPDIR)/rules.mk
PKG_NAME:=usbmuxd
-PKG_SOURCE_DATE:=2019-03-04
-PKG_SOURCE_VERSION:=b1b0bf390363fa36aff1bc09443ff751943b9c34
+PKG_SOURCE_DATE:=2019-12-16
+PKG_SOURCE_VERSION:=ec5ff91cfabd30637f8af8f5c79baf4d7818ce57
PKG_RELEASE:=1
-PKG_MAINTAINER:=
-PKG_LICENSE:=GPL-2.0
-PKG_LICENSE_FILES:=COPYING.GPLv2
-PKG_CPE_ID:=cpe:/a:nikias_bassen:usbmuxd
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL=https://github.com/libimobiledevice/usbmuxd
+PKG_MIRROR_HASH:=1d0f2fa3842fbcbebe4b7d323829703e29a3c1a078c62b4a783e4c99a8a2f576
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_DATE).tar.gz
-PKG_SOURCE_URL=https://codeload.github.com/libimobiledevice/usbmuxd/tar.gz/$(PKG_SOURCE_VERSION)?
-PKG_HASH:=ca4275dbc21e8d9c926e65943b605ea5a6112d30eb3f9e655d3983da87ac6798
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_SOURCE_VERSION)
+PKG_MAINTAINER:=Rosen Penev <rosenp@gmail.com>
+PKG_LICENSE:=GPL-2.0-or-later
+PKG_LICENSE_FILES:=COPYING.GPLv2
+PKG_CPE_ID:=cpe:/a:libimobiledevice:usbmuxd
PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
define Package/usbmuxd
SECTION:=utils
CATEGORY:=Utilities
+ SUBMENU:=libimobiledevice
TITLE:=USB multiplexing daemon
- URL:=http://www.libimobiledevice.org/
+ URL:=https://www.libimobiledevice.org/
DEPENDS:=+librt +libusb-1.0 +libusbmuxd +libopenssl +libimobiledevice
endef
uses a dedicated USB interface as a virtual network device.
endef
+define Package/usbmuxd/conffiles
+/etc/lockdown
+/etc/lockdown/SystemConfiguration.plist
+endef
+
CONFIGURE_ARGS += --without-systemd
define Package/usbmuxd/install
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) ./files/usbmuxd.init $(1)/etc/init.d/usbmuxd
$(INSTALL_DIR) $(1)/usr/sbin
- $(CP) $(PKG_INSTALL_DIR)/usr/sbin/usbmuxd $(1)/usr/sbin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/usbmuxd $(1)/usr/sbin/
endef
$(eval $(call BuildPackage,usbmuxd))
--- /dev/null
+#!/bin/sh /etc/rc.common
+
+START=94
+
+USE_PROCD=1
+PROG=/usr/sbin/usbmuxd
+
+start_service() {
+ procd_open_instance
+ procd_set_param command $PROG -f
+ procd_set_param stderr 1
+ procd_close_instance
+}
+
+reload_service() {
+ procd_send_signal $PROG
+}
--- /dev/null
+--- a/src/conf.c
++++ b/src/conf.c
+@@ -126,7 +126,7 @@ const char *config_get_config_dir()
+ #ifdef __APPLE__
+ base_config_dir = strdup("/var/db");
+ #else
+- base_config_dir = strdup("/var/lib");
++ base_config_dir = strdup("/etc");
+ #endif
+ #endif
+ __config_dir = string_concat(base_config_dir, DIR_SEP_S, CONFIG_DIR, NULL);
PKG_NAME:=zip
PKG_REV:=30
PKG_VERSION:=3.0
-PKG_RELEASE:=4
+PKG_RELEASE:=5
PKG_SOURCE:=$(PKG_NAME)$(PKG_REV).tar.gz
PKG_SOURCE_URL:=@SF/infozip
PKG_HASH:=f0e8bb1f9b7eb0b01285495a2699df3a4b766784c1765a8f1aeedf63c0806369
-PKG_MAINTAINER:=Álvaro Fernández Rojas <noltari@gmail.com>
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)/zip$(PKG_REV)
+PKG_MAINTAINER:=Álvaro Fernández Rojas <noltari@gmail.com>
PKG_LICENSE:=BSD-4-Clause
PKG_LICENSE_FILES:=LICENSE
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)/zip$(PKG_REV)
-HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/$(PKG_NAME)-$(PKG_VERSION)/zip$(PKG_REV)
-PKG_CHECK_FORMAT_SECURITY:=0
+PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
-include $(INCLUDE_DIR)/host-build.mk
include $(INCLUDE_DIR)/package.mk
define Package/zip
SECTION:=utils
CATEGORY:=Utilities
- DEPENDS:=
TITLE:=Archiver for .zip files
URL:=http://infozip.sourceforge.net/Zip.html
SUBMENU:=Compression
but the methods differ.
endef
-define Build/Configure
-endef
-
-define Build/Compile
- $(MAKE) -C $(PKG_BUILD_DIR) -f unix/Makefile generic \
- prefix="$(PKG_INSTALL_DIR)/usr" \
- CFLAGS="$(TARGET_CFLAGS)" \
- CC="$(TARGET_CC) $(TARGET_CFLAGS) -O $(TARGET_CPPFLAGS) -I. -DUNIX $(TARGET_LDFLAGS)" \
- IZ_BZIP2="no" \
- install
-endef
+MAKE_FLAGS += \
+ -f unix/Makefile \
+ prefix="$(PKG_INSTALL_DIR)/usr" \
+ CFLAGS="$(TARGET_CFLAGS) $(TARGET_CPPFLAGS) -I. -DUNIX" \
+ LDFLAGS2="$(TARGET_LDFLAGS)" \
+ IZ_BZIP2="no"
define Package/zip/install
$(INSTALL_DIR) $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/* $(1)/usr/bin/
endef
-define Host/Compile
- +$(HOST_MAKE_VARS) $(MAKE) $(HOST_JOBS) -C $(HOST_BUILD_DIR) -I. -f unix/Makefile generic
-endef
-
-define Host/Install
- $(INSTALL_DIR) $(STAGING_DIR_HOSTPKG)/bin/
- $(INSTALL_BIN) $(HOST_BUILD_DIR)/zip $(STAGING_DIR_HOSTPKG)/bin/
-endef
-
-$(eval $(call HostBuild))
$(eval $(call BuildPackage,zip))
--- /dev/null
+--- a/zip.c
++++ b/zip.c
+@@ -1028,8 +1028,7 @@ local void help_extended()
+
+ for (i = 0; i < sizeof(text)/sizeof(char *); i++)
+ {
+- printf(text[i]);
+- putchar('\n');
++ puts(text[i]);
+ }
+ #ifdef DOS
+ check_for_windows("Zip");
+@@ -1225,8 +1224,7 @@ local void version_info()
+ CR_MAJORVER, CR_MINORVER, CR_BETA_VER, CR_VERSION_DATE);
+ for (i = 0; i < sizeof(cryptnote)/sizeof(char *); i++)
+ {
+- printf(cryptnote[i]);
+- putchar('\n');
++ puts(cryptnote[i]);
+ }
+ ++i; /* crypt support means there IS at least one compilation option */
+ #endif /* CRYPT */
include $(TOPDIR)/rules.mk
PKG_NAME:=zsh
-PKG_VERSION:=5.6.2
-PKG_RELEASE:=2
+PKG_VERSION:=5.7.1
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@SF/zsh
-PKG_HASH:=a50bd66c0557e8eca3b8fa24e85d0de533e775d7a22df042da90488623752e9e
+PKG_HASH:=7260292c2c1d483b2d50febfa5055176bd512b32a8833b116177bf5f01e77ee8
PKG_MAINTAINER:=Vadim A. Misbakh-Soloviov <openwrt-zsh@mva.name>
PKG_LICENSE:=ZSH
$(call Build/Configure/Default, \
--disable-etcdir \
--disable-gdbm \
- --disable-dynamic \
$(if $(CONFIG_USE_MUSL),--enable-libc-musl) \
--enable-pcre \
--enable-cap \
$(MAKE) -C $(PKG_BUILD_DIR) DESTDIR="$(PKG_INSTALL_DIR)" prep
endef
-TARGET_CFLAGS += -ffunction-sections -fdata-sections -flto
-TARGET_LDFLAGS += -Wl,--gc-sections -flto
+TARGET_CFLAGS += $(FPIC) -ffunction-sections -fdata-sections -flto
+TARGET_LDFLAGS += $(FPIC) -Wl,--gc-sections -flto
define Package/zsh/postinst
#!/bin/sh
grep zsh $${IPKG_INSTROOT}/etc/shells || \
echo "/usr/bin/zsh" >> $${IPKG_INSTROOT}/etc/shells
- # Backwards compatibility
- if [[ -e /bin/zsh ]] && ([[ ! -L /bin/zsh ]] || [[ "$(readlink -fn $${IPKG_INSTROOT}/bin/zsh)" != "../$(CONFIGURE_PREFIX)/bin/zsh" ]]); then
- ln -fs "../$(CONFIGURE_PREFIX)/bin/zsh" "$${IPKG_INSTROOT}/bin/zsh"
- fi
+# Backwards compatibility
+if [ -e /bin/zsh ] && { [ ! -L /bin/zsh ] || [ "$(readlink -fn $${IPKG_INSTROOT}/bin/zsh)" != "../$(CONFIGURE_PREFIX)/bin/zsh" ]; }; then
+ ln -fs "../$(CONFIGURE_PREFIX)/bin/zsh" "$${IPKG_INSTROOT}/bin/zsh"
+fi
endef
define Package/zsh/install
$(INSTALL_DIR) $(1)/bin
$(INSTALL_DIR) $(1)/$(CONFIGURE_PREFIX)/bin
$(INSTALL_DIR) $(1)/$(CONFIGURE_PREFIX)/share/zsh/$(PKG_VERSION)
+ $(INSTALL_DIR) $(1)/$(CONFIGURE_PREFIX)/lib/zsh/$(PKG_VERSION)/zsh
+ $(INSTALL_DIR) $(1)/$(CONFIGURE_PREFIX)/lib/zsh/$(PKG_VERSION)/zsh/net
+ $(INSTALL_DIR) $(1)/$(CONFIGURE_PREFIX)/lib/zsh/$(PKG_VERSION)/zsh/param
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/$(CONFIGURE_PREFIX)/bin/zsh $(1)/$(CONFIGURE_PREFIX)/bin/
$(CP) $(PKG_INSTALL_DIR)/$(CONFIGURE_PREFIX)/share/zsh/$(PKG_VERSION)/* $(1)/$(CONFIGURE_PREFIX)/share/zsh/$(PKG_VERSION)/
+ $(CP) $(PKG_INSTALL_DIR)/$(CONFIGURE_PREFIX)/lib/zsh/$(PKG_VERSION)/zsh/* $(1)/$(CONFIGURE_PREFIX)/lib/zsh/$(PKG_VERSION)/zsh/
+ $(CP) $(PKG_INSTALL_DIR)/$(CONFIGURE_PREFIX)/lib/zsh/$(PKG_VERSION)/zsh/net/* $(1)/$(CONFIGURE_PREFIX)/lib/zsh/$(PKG_VERSION)/zsh/net/
+ $(CP) $(PKG_INSTALL_DIR)/$(CONFIGURE_PREFIX)/lib/zsh/$(PKG_VERSION)/zsh/param/* $(1)/$(CONFIGURE_PREFIX)/lib/zsh/$(PKG_VERSION)/zsh/param/
endef
define Package/zsh/postrm
- rm -rf "$${IPKG_INSTROOT}/$(CONFIGURE_PREFIX)/share/zsh/$(PKG_VERSION)"
+#!/bin/sh
+rm -rf "$${IPKG_INSTROOT}/$(CONFIGURE_PREFIX)/share/zsh/$(PKG_VERSION)" \
+ "$${IPKG_INSTROOT}/$(CONFIGURE_PREFIX)/lib/zsh/$(PKG_VERSION)"
endef
$(eval $(call BuildPackage,zsh))
PKG_NAME:=zstd
PKG_VERSION:=1.4.4
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/facebook/zstd/tar.gz/v$(PKG_VERSION)?
--- /dev/null
+From f62cf1fff5dabcfaaa8c85638723bc19842f52f4 Mon Sep 17 00:00:00 2001
+From: Sergey Dryabzhinsky <sergey.dryabzhinsky+github@gmail.com>
+Date: Tue, 19 Nov 2019 23:15:28 +0300
+Subject: [PATCH] Fix typo in util.c
+
+There must be mtim*e*
+---
+ programs/util.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/programs/util.c b/programs/util.c
+index 5d15450d2..d3ffc1133 100644
+--- a/programs/util.c
++++ b/programs/util.c
+@@ -73,7 +73,7 @@ int UTIL_setFileStat(const char *filename, stat_t *statbuf)
+ {
+ /* (atime, mtime) */
+ struct timespec timebuf[2] = { {0, UTIME_NOW} };
+- timebuf[1] = statbuf->st_mtim;
++ timebuf[1] = statbuf->st_mtime;
+ res += utimensat(AT_FDCWD, filename, timebuf, 0);
+ }
+ #endif
--- /dev/null
+From 612a06eb3ef7f42739ace99fbca6ad63b788d46c Mon Sep 17 00:00:00 2001
+From: Sergey Dryabzhinsky <sergey.dryabzhinsky+github@gmail.com>
+Date: Tue, 19 Nov 2019 23:24:00 +0300
+Subject: [PATCH] Update util.c
+
+---
+ programs/util.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/programs/util.c b/programs/util.c
+index d3ffc1133..aa75ca6d4 100644
+--- a/programs/util.c
++++ b/programs/util.c
+@@ -73,7 +73,7 @@ int UTIL_setFileStat(const char *filename, stat_t *statbuf)
+ {
+ /* (atime, mtime) */
+ struct timespec timebuf[2] = { {0, UTIME_NOW} };
+- timebuf[1] = statbuf->st_mtime;
++ timebuf[1].tv_sec = statbuf->st_mtime;
+ res += utimensat(AT_FDCWD, filename, timebuf, 0);
+ }
+ #endif
projects / feed / packages.git / commitdiff