include $(TOPDIR)/rules.mk
PKG_NAME:=zabbix
-PKG_VERSION:=6.2.3
-PKG_RELEASE:=3
+PKG_VERSION:=6.4.7
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://cdn.zabbix.com/zabbix/sources/stable/$(basename $(PKG_VERSION))/ \
https://cdn.zabbix.com/zabbix/sources/oldstable/$(basename $(PKG_VERSION))/
-PKG_HASH:=2be7e57fb33a55fee71480598e317ffa6a8ee5a39639a7e1b42b2ea6872107b5
+PKG_HASH:=6b4e81f07de4c82c7994871bea51be4d6427683fa9a7fbe112fd7559b3670e49
PKG_MAINTAINER:=Etienne CHAMPETIER <champetier.etienne@gmail.com>
PKG_LICENSE:=GPL-2.0
TITLE:=Zabbix
URL:=https://www.zabbix.com/
USERID:=zabbix=53:zabbix=53
- DEPENDS+=$(ICONV_DEPENDS) +libpcre +zlib
+ DEPENDS+=$(ICONV_DEPENDS) +libpcre2 +zlib
endef
define Package/zabbix-agentd
+ZABBIX_MYSQL:libmariadbclient \
@(!ZABBIX_SQLITE) \
+libevent2 \
+ +libevent2-pthreads \
+fping
endef
+ZABBIX_MYSQL:libmariadbclient \
+ZABBIX_SQLITE:libsqlite3 \
+libevent2 \
+ +libevent2-pthreads \
+fping
endef
$(if $(CONFIG_ZABBIX_MYSQL),--with-mysql) \
$(if $(CONFIG_ZABBIX_POSTGRESQL),--with-postgresql) \
$(if $(CONFIG_ZABBIX_SQLITE),--with-sqlite3=$(STAGING_DIR)/usr) \
- --with-libevent=$(STAGING_DIR)/usr/include/libevent \
- --with-libpcre=$(STAGING_DIR)/usr/include \
+ --with-libevent=$(STAGING_DIR)/usr/include \
+ --with-libpcre2=$(STAGING_DIR)/usr/include \
--with-zlib=$(STAGING_DIR)/usr/include
ifeq ($(BUILD_VARIANT),openssl)
---- a/src/libs/zbxcommon/str.c
-+++ b/src/libs/zbxcommon/str.c
-@@ -49,7 +49,7 @@ static const char help_message_footer[]
+--- a/src/libs/zbxcommon/misc.c
++++ b/src/libs/zbxcommon/misc.c
+@@ -329,7 +329,7 @@ void zbx_help(void)
void zbx_version(void)
{
printf("%s (Zabbix) %s\n", title_message, ZABBIX_VERSION);
include $(TOPDIR)/rules.mk
PKG_NAME:=node
-PKG_VERSION:=v18.18.2
+PKG_VERSION:=v20.9.0
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://nodejs.org/dist/$(PKG_VERSION)
-PKG_HASH:=7249e2f0af943ec38599504f4b2a2bd31fb938787291b6ccca6c8badf01e3b56
+PKG_HASH:=a23d96810abf0455426b349d47ce5310f33095b7bc0571b9cc510f481c3a4519
PKG_MAINTAINER:=Hirokazu MORIKAWA <morikw2@gmail.com>, Adrian Panella <ianchi74@outlook.com>
PKG_LICENSE:=MIT
PKG_BUILD_DEPENDS:=python3/host
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
-PKG_BUILD_FLAGS:=no-mips16
PKG_ASLR_PIE:=0
include $(INCLUDE_DIR)/host-build.mk
SUBMENU:=Node.js
TITLE:=Node.js is a platform built on Chrome's JavaScript runtime
URL:=https://nodejs.org/
- DEPENDS:=@HAS_FPU @(i386||x86_64||arm||aarch64||mipsel) \
- +libstdcpp +libopenssl +zlib +libnghttp2 +libuv \
+ DEPENDS:=@HAS_FPU @(i386||x86_64||arm||aarch64) \
+ +libstdcpp +libopenssl +zlib +libnghttp2 \
+libcares +libatomic +NODEJS_ICU_SYSTEM:icu +NODEJS_ICU_SYSTEM:icu-full-data
endef
Node.js® is a JavaScript runtime built on Chrome's V8 JavaScript engine. Node.js uses
an event-driven, non-blocking I/O model that makes it lightweight and efficient. Node.js'
package ecosystem, npm, is the largest ecosystem of open source libraries in the world.
+
*** The following preparations must be made on the host side. ***
- 1. gcc 8.3 or higher is required.
+ 1. gcc 10.1 or higher is required.
2. To build a 32-bit target, gcc-multilib, g++-multilib are required.
3. Requires libatomic package. (If necessary, install the 32-bit library at the same time.)
ex) sudo apt-get install gcc-multilib g++-multilib
--shared-zlib \
--shared-openssl \
--shared-nghttp2 \
- --shared-libuv \
--shared-cares \
--with-intl=$(if $(CONFIG_NODEJS_ICU_SMALL),small-icu,$(if $(CONFIG_NODEJS_ICU_SYSTEM),system-icu,none)) \
$(if $(findstring +neon",$(CONFIG_CPU_TYPE)),--with-arm-fpu=neon) \
endef
define Host/Install
- $(RM) -rf $(1)/lib/node_modules/npm
+ rm -f $(1)/bin/npm
+ rm -f $(1)/bin/npx
+ rm -rf $(1)/lib/node_modules/npm
+ rm -f $(1)/bin/corepack
+ rm -rf $(1)/lib/node_modules/corepack
$(call Host/Install/Default)
endef
--- a/lib/internal/modules/cjs/loader.js
+++ b/lib/internal/modules/cjs/loader.js
-@@ -1391,7 +1391,8 @@ Module._initPaths = function() {
+@@ -1378,7 +1378,8 @@ Module._initPaths = function() {
path.resolve(process.execPath, '..') :
path.resolve(process.execPath, '..', '..');
result = clock_gettime(CLOCK_MONOTONIC, &ts);
--- a/deps/v8/src/base/platform/platform-posix.cc
+++ b/deps/v8/src/base/platform/platform-posix.cc
-@@ -1066,7 +1066,7 @@ bool Thread::Start() {
+@@ -1147,7 +1147,7 @@ bool Thread::Start() {
#if V8_OS_DARWIN
// Default on Mac OS X is 512kB -- bump up to 1MB
stack_size = 1 * 1024 * 1024;
--- /dev/null
+--- a/deps/uv/uv.gyp
++++ b/deps/uv/uv.gyp
+@@ -155,6 +155,7 @@
+ 'target_name': 'libuv',
+ 'toolsets': ['host', 'target'],
+ 'type': '<(uv_library)',
++ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
+ 'include_dirs': [
+ 'include',
+ 'src/',
--- /dev/null
+--- a/deps/zlib/zlib.gyp
++++ b/deps/zlib/zlib.gyp
+@@ -9,6 +9,7 @@
+ 'arm_fpu%': '',
+ 'llvm_version%': '0.0',
+ },
++ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
+ 'conditions': [
+ ['use_system_zlib==0', {
+ 'targets': [
--- /dev/null
+--- a/node.gyp
++++ b/node.gyp
+@@ -1193,6 +1193,7 @@
+ 'dependencies': [
+ 'deps/simdutf/simdutf.gyp:simdutf#host',
+ ],
++ 'libraries!':[ '-licui18n', '-licuuc', '-licudata', '-lcrypto', '-lssl', '-lz', '-lhttp_parser', '-luv', '-lnghttp2', '-lcares' ],
+ 'include_dirs': [
+ 'tools'
+ ],
--- /dev/null
+--- a/tools/icu/icu-generic.gyp
++++ b/tools/icu/icu-generic.gyp
+@@ -106,6 +106,7 @@
+ 'sources': [
+ '<@(icu_src_i18n)'
+ ],
++ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
+ 'include_dirs': [
+ '<(icu_path)/source/i18n',
+ ],
+@@ -114,6 +115,7 @@
+ ],
+ 'dependencies': [ 'icuucx', 'icu_implementation', 'icu_uconfig', 'icu_uconfig_target' ],
+ 'direct_dependent_settings': {
++ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
+ 'include_dirs': [
+ '<(icu_path)/source/i18n',
+ ],
+@@ -200,6 +202,7 @@
+ # full data - no trim needed
+ 'sources': [ '<(SHARED_INTERMEDIATE_DIR)/icudt<(icu_ver_major)_dat.<(icu_asm_ext)' ],
+ 'dependencies': [ 'genccode#host', 'icupkg#host', 'icu_implementation#host', 'icu_uconfig' ],
++ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
+ 'include_dirs': [
+ '<(icu_path)/source/common',
+ ],
+@@ -284,6 +287,7 @@
+ # This file contains the small ICU data
+ 'sources': [ '<(SHARED_INTERMEDIATE_DIR)/icusmdt<(icu_ver_major)_dat.<(icu_asm_ext)' ],
+ # for umachine.h
++ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
+ 'include_dirs': [
+ '<(icu_path)/source/common',
+ ],
+@@ -300,6 +304,7 @@
+ 'sources': [
+ '<@(icu_src_stubdata)'
+ ],
++ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
+ 'include_dirs': [
+ '<(icu_path)/source/common',
+ ],
+@@ -339,6 +344,7 @@
+ '_XOPEN_SOURCE_EXTENDED=0',
+ ]}],
+ ],
++ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
+ 'include_dirs': [
+ '<(icu_path)/source/common',
+ ],
+@@ -348,6 +354,7 @@
+ 'cflags_c': ['-std=c99'],
+ 'export_dependent_settings': [ 'icu_uconfig', 'icu_uconfig_target' ],
+ 'direct_dependent_settings': {
++ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
+ 'include_dirs': [
+ '<(icu_path)/source/common',
+ ],
+@@ -378,6 +385,7 @@
+ '<(icu_path)/source/tools/toolutil/dbgutil.cpp',
+ '<(icu_path)/source/tools/toolutil/dbgutil.h',
+ ],
++ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
+ 'include_dirs': [
+ '<(icu_path)/source/common',
+ '<(icu_path)/source/i18n',
+@@ -397,6 +405,7 @@
+ }]
+ ],
+ 'direct_dependent_settings': {
++ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
+ 'include_dirs': [
+ '<(icu_path)/source/common',
+ '<(icu_path)/source/i18n',
+@@ -418,6 +427,7 @@
+ 'target_name': 'genrb',
+ 'type': 'executable',
+ 'toolsets': [ 'host' ],
++ 'libraries!':[ '-lcrypto', '-lssl', '-lz', '-lhttp_parser', '-luv', '-lnghttp2', '-lcares' ],
+ 'dependencies': [ 'icutools', 'icu_implementation' ],
+ 'sources': [
+ '<@(icu_src_genrb)'
+@@ -440,6 +450,7 @@
+ 'target_name': 'iculslocs',
+ 'toolsets': [ 'host' ],
+ 'type': 'executable',
++ 'libraries!':[ '-lcrypto', '-lssl', '-lz', '-lhttp_parser', '-luv', '-lnghttp2', '-lcares' ],
+ 'dependencies': [ 'icutools' ],
+ 'sources': [
+ 'iculslocs.cc',
+@@ -458,6 +469,7 @@
+ 'target_name': 'icupkg',
+ 'toolsets': [ 'host' ],
+ 'type': 'executable',
++ 'libraries!':[ '-lcrypto', '-lssl', '-lz', '-lhttp_parser', '-luv', '-lnghttp2', '-lcares' ],
+ 'dependencies': [ 'icutools' ],
+ 'sources': [
+ '<@(icu_src_icupkg)',
+@@ -475,6 +487,7 @@
+ 'target_name': 'genccode',
+ 'toolsets': [ 'host' ],
+ 'type': 'executable',
++ 'libraries!':[ '-lcrypto', '-lssl', '-lz', '-lhttp_parser', '-luv', '-lnghttp2', '-lcares' ],
+ 'dependencies': [ 'icutools' ],
+ 'sources': [
+ '<@(icu_src_genccode)',
--- /dev/null
+--- a/tools/v8_gypfiles/v8.gyp
++++ b/tools/v8_gypfiles/v8.gyp
+@@ -73,6 +73,7 @@
+ ],
+ 'hard_dependency': 1,
+ 'direct_dependent_settings': {
++ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
+ 'include_dirs': [
+ '<(SHARED_INTERMEDIATE_DIR)',
+ ],
+@@ -194,6 +195,7 @@
+ '<@(torque_outputs_cc)',
+ '<@(torque_outputs_inc)',
+ ],
++ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
+ 'include_dirs': [
+ '<(SHARED_INTERMEDIATE_DIR)',
+ ],
+@@ -215,6 +217,7 @@
+ 'sources': [
+ '<(generate_bytecode_builtins_list_output)',
+ ],
++ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
+ 'include_dirs': [
+ '<(generate_bytecode_output_root)',
+ '<(SHARED_INTERMEDIATE_DIR)',
+@@ -252,6 +255,7 @@
+ 'sources': [
+ '<(V8_ROOT)/src/init/setup-isolate-full.cc',
+ ],
++ 'include_dirs': [ '<!@(echo "$STAGING_DIR"/usr/../usr/include)' ],
+ }, # v8_init
+ {
+ 'target_name': 'v8_initializers',
+@@ -263,9 +267,11 @@
+ 'v8_shared_internal_headers',
+ 'v8_pch',
+ ],
++ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
+ 'include_dirs': [
+ '<(SHARED_INTERMEDIATE_DIR)',
+ '<(generate_bytecode_output_root)',
++ '<!@(echo "$STAGING_DIR"/usr/../usr/include)',
+ ],
+ 'sources': [
+ '<!@pymod_do_main(GN-scraper "<(V8_ROOT)/BUILD.gn" "\\"v8_initializers.*?sources = ")',
+@@ -689,6 +695,7 @@
+ 'toolsets': ['host', 'target'],
+ 'direct_dependent_settings': {
+ 'sources': ['<!@pymod_do_main(GN-scraper "<(V8_ROOT)/BUILD.gn" "v8_compiler_sources = ")'],
++ 'include_dirs': [ '<!@(echo "$STAGING_DIR"/usr/../usr/include)' ],
+ 'conditions': [
+ ['v8_target_arch=="ia32"', {
+ 'sources': [
+@@ -797,6 +804,8 @@
+ 'target_name': 'v8_turboshaft',
+ 'type': 'static_library',
+ 'toolsets': ['host', 'target'],
++ 'libraries!':[ '-lcrypto', '-lssl', '-lz', '-lhttp_parser', '-luv', '-lnghttp2', '-lcares' ],
++ 'include_dirs': [ '<!@(echo "$STAGING_DIR"/usr/../usr/include)' ],
+ 'dependencies': [
+ 'generate_bytecode_builtins_list',
+ 'run_torque',
+@@ -821,6 +830,7 @@
+ 'run_torque',
+ 'v8_maybe_icu',
+ ],
++ 'include_dirs': [ '<!@(echo "$STAGING_DIR"/usr/../usr/include)' ],
+ 'conditions': [
+ ['(is_component_build and not v8_optimized_debug and v8_enable_fast_mksnapshot) or v8_enable_turbofan==0', {
+ 'dependencies': [
+@@ -861,6 +871,7 @@
+ ],
+ 'includes': ['inspector.gypi'],
+ 'direct_dependent_settings': {
++ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
+ 'include_dirs': [
+ '<(generate_bytecode_output_root)',
+ '<(SHARED_INTERMEDIATE_DIR)',
+@@ -1474,6 +1485,7 @@
+ }],
+ ],
+ 'direct_dependent_settings': {
++ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
+ 'include_dirs': [
+ '<(V8_ROOT)/include',
+ ],
+@@ -1494,6 +1506,7 @@
+ {
+ 'target_name': 'bytecode_builtins_list_generator',
+ 'type': 'executable',
++ 'libraries!':[ '-licui18n', '-licuuc', '-licudata', '-lcrypto', '-lssl', '-lz', '-lhttp_parser', '-luv', '-lnghttp2', '-lcares' ],
+ 'conditions': [
+ ['want_separate_host_toolset', {
+ 'toolsets': ['host'],
+@@ -1522,6 +1535,9 @@
+ {
+ 'target_name': 'mksnapshot',
+ 'type': 'executable',
++ 'libraries!':[ '-lcrypto', '-lssl', '-lz', '-lhttp_parser', '-luv', '-lnghttp2', '-lcares' ],
++ 'library_dirs':[ '../../../../staging_dir/hostpkg/share/icu/current/lib' ],
++ 'include_dirs': [ '<!@(echo "$STAGING_DIR"/usr/../usr/include)' ],
+ 'dependencies': [
+ 'v8_base_without_compiler',
+ 'v8_compiler_for_mksnapshot',
+@@ -1549,6 +1565,7 @@
+ {
+ 'target_name': 'torque',
+ 'type': 'executable',
++ 'libraries!':[ '-licui18n', '-licuuc', '-licudata', '-lcrypto', '-lssl', '-lz', '-lhttp_parser', '-luv', '-lnghttp2', '-lcares' ],
+ 'dependencies': [
+ 'torque_base',
+ # "build/win:default_exe_manifest",
+@@ -1591,6 +1608,7 @@
+ {
+ 'target_name': 'torque-language-server',
+ 'type': 'executable',
++ 'libraries!':[ '-licui18n', '-licuuc', '-licudata', '-lcrypto', '-lssl', '-lz', '-lhttp_parser', '-luv', '-lnghttp2', '-lcares' ],
+ 'conditions': [
+ ['want_separate_host_toolset', {
+ 'toolsets': ['host'],
+@@ -1622,6 +1640,8 @@
+ {
+ 'target_name': 'gen-regexp-special-case',
+ 'type': 'executable',
++ 'libraries!':[ '-lcrypto', '-lssl', '-lz', '-lhttp_parser', '-luv', '-lnghttp2', '-lcares' ],
++ 'library_dirs':[ '../../../../staging_dir/hostpkg/share/icu/current/lib' ],
+ 'dependencies': [
+ 'v8_libbase',
+ # "build/win:default_exe_manifest",
+@@ -1840,6 +1860,7 @@
+ }],
+ ],
+ 'direct_dependent_settings': {
++ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
+ 'include_dirs': [
+ '<(V8_ROOT)/include',
+ ],
+@@ -1961,15 +1982,19 @@
+ }],
+ ],
+ 'direct_dependent_settings': {
++ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
+ 'include_dirs': [
+ '<(V8_ROOT)/third_party/zlib',
+ '<(V8_ROOT)/third_party/zlib/google',
++ '<!@(echo "$STAGING_DIR"/usr/../usr/include)',
+ ],
+ },
+ 'defines': [ 'ZLIB_IMPLEMENTATION' ],
++ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
+ 'include_dirs': [
+ '<(V8_ROOT)/third_party/zlib',
+ '<(V8_ROOT)/third_party/zlib/google',
++ '<!@(echo "$STAGING_DIR"/usr/../usr/include)',
+ ],
+ 'sources': [
+ '<(V8_ROOT)/third_party/zlib/adler32.c',
+++ /dev/null
---- a/tools/icu/icu-generic.gyp
-+++ b/tools/icu/icu-generic.gyp
-@@ -418,6 +418,7 @@
- 'target_name': 'genrb',
- 'type': 'executable',
- 'toolsets': [ 'host' ],
-+ 'libraries!':[ '-lcrypto', '-lssl', '-lz', '-lhttp_parser', '-luv', '-lnghttp2', '-lcares' ],
- 'dependencies': [ 'icutools', 'icu_implementation' ],
- 'sources': [
- '<@(icu_src_genrb)'
-@@ -440,6 +441,7 @@
- 'target_name': 'iculslocs',
- 'toolsets': [ 'host' ],
- 'type': 'executable',
-+ 'libraries!':[ '-lcrypto', '-lssl', '-lz', '-lhttp_parser', '-luv', '-lnghttp2', '-lcares' ],
- 'dependencies': [ 'icutools' ],
- 'sources': [
- 'iculslocs.cc',
-@@ -458,6 +460,7 @@
- 'target_name': 'icupkg',
- 'toolsets': [ 'host' ],
- 'type': 'executable',
-+ 'libraries!':[ '-lcrypto', '-lssl', '-lz', '-lhttp_parser', '-luv', '-lnghttp2', '-lcares' ],
- 'dependencies': [ 'icutools' ],
- 'sources': [
- '<@(icu_src_icupkg)',
-@@ -475,6 +478,7 @@
- 'target_name': 'genccode',
- 'toolsets': [ 'host' ],
- 'type': 'executable',
-+ 'libraries!':[ '-lcrypto', '-lssl', '-lz', '-lhttp_parser', '-luv', '-lnghttp2', '-lcares' ],
- 'dependencies': [ 'icutools' ],
- 'sources': [
- '<@(icu_src_genccode)',
---- a/tools/v8_gypfiles/v8.gyp
-+++ b/tools/v8_gypfiles/v8.gyp
-@@ -1397,6 +1397,7 @@
- {
- 'target_name': 'bytecode_builtins_list_generator',
- 'type': 'executable',
-+ 'libraries!':[ '-licui18n', '-licuuc', '-licudata', '-lcrypto', '-lssl', '-lz', '-lhttp_parser', '-luv', '-lnghttp2', '-lcares' ],
- 'conditions': [
- ['want_separate_host_toolset', {
- 'toolsets': ['host'],
-@@ -1425,6 +1426,8 @@
- {
- 'target_name': 'mksnapshot',
- 'type': 'executable',
-+ 'libraries!':[ '-lcrypto', '-lssl', '-lz', '-lhttp_parser', '-luv', '-lnghttp2', '-lcares' ],
-+ 'library_dirs':[ '../../../../staging_dir/hostpkg/share/icu/current/lib' ],
- 'dependencies': [
- 'v8_base_without_compiler',
- 'v8_compiler_for_mksnapshot',
-@@ -1458,6 +1461,7 @@
- {
- 'target_name': 'torque',
- 'type': 'executable',
-+ 'libraries!':[ '-licui18n', '-licuuc', '-licudata', '-lcrypto', '-lssl', '-lz', '-lhttp_parser', '-luv', '-lnghttp2', '-lcares' ],
- 'dependencies': [
- 'torque_base',
- # "build/win:default_exe_manifest",
-@@ -1500,6 +1504,7 @@
- {
- 'target_name': 'torque-language-server',
- 'type': 'executable',
-+ 'libraries!':[ '-licui18n', '-licuuc', '-licudata', '-lcrypto', '-lssl', '-lz', '-lhttp_parser', '-luv', '-lnghttp2', '-lcares' ],
- 'conditions': [
- ['want_separate_host_toolset', {
- 'toolsets': ['host'],
-@@ -1531,6 +1536,8 @@
- {
- 'target_name': 'gen-regexp-special-case',
- 'type': 'executable',
-+ 'libraries!':[ '-lcrypto', '-lssl', '-lz', '-lhttp_parser', '-luv', '-lnghttp2', '-lcares' ],
-+ 'library_dirs':[ '../../../../staging_dir/hostpkg/share/icu/current/lib' ],
- 'dependencies': [
- 'v8_libbase',
- # "build/win:default_exe_manifest",
+++ /dev/null
---- a/deps/zlib/zlib.gyp
-+++ b/deps/zlib/zlib.gyp
-@@ -9,6 +9,7 @@
- 'arm_fpu%': '',
- 'llvm_version%': '0.0',
- },
-+ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
- 'conditions': [
- ['use_system_zlib==0', {
- 'targets': [
---- a/tools/v8_gypfiles/v8.gyp
-+++ b/tools/v8_gypfiles/v8.gyp
-@@ -60,6 +60,7 @@
- ],
- 'hard_dependency': 1,
- 'direct_dependent_settings': {
-+ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
- 'include_dirs': [
- '<(SHARED_INTERMEDIATE_DIR)',
- ],
-@@ -181,6 +182,7 @@
- '<@(torque_outputs_cc)',
- '<@(torque_outputs_inc)',
- ],
-+ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
- 'include_dirs': [
- '<(SHARED_INTERMEDIATE_DIR)',
- ],
-@@ -202,6 +204,7 @@
- 'sources': [
- '<(generate_bytecode_builtins_list_output)',
- ],
-+ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
- 'include_dirs': [
- '<(generate_bytecode_output_root)',
- '<(SHARED_INTERMEDIATE_DIR)',
-@@ -249,9 +252,11 @@
- 'v8_base_without_compiler',
- 'v8_shared_internal_headers',
- ],
-+ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
- 'include_dirs': [
- '<(SHARED_INTERMEDIATE_DIR)',
- '<(generate_bytecode_output_root)',
-+ '<!@(echo "$STAGING_DIR"/usr/../usr/include)',
- ],
- 'sources': [
- '<!@pymod_do_main(GN-scraper "<(V8_ROOT)/BUILD.gn" "\\"v8_initializers.*?sources = ")',
-@@ -769,6 +774,7 @@
- ],
- 'includes': ['inspector.gypi'],
- 'direct_dependent_settings': {
-+ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
- 'include_dirs': [
- '<(generate_bytecode_output_root)',
- '<(SHARED_INTERMEDIATE_DIR)',
-@@ -1377,6 +1383,7 @@
- }],
- ],
- 'direct_dependent_settings': {
-+ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
- 'include_dirs': [
- '<(V8_ROOT)/include',
- ],
-@@ -1761,6 +1768,7 @@
- }],
- ],
- 'direct_dependent_settings': {
-+ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
- 'include_dirs': [
- '<(V8_ROOT)/include',
- ],
-@@ -1941,15 +1949,19 @@
- }],
- ],
- 'direct_dependent_settings': {
-+ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
- 'include_dirs': [
- '<(V8_ROOT)/third_party/zlib',
- '<(V8_ROOT)/third_party/zlib/google',
-+ '<!@(echo "$STAGING_DIR"/usr/../usr/include)',
- ],
- },
- 'defines': [ 'ZLIB_IMPLEMENTATION' ],
-+ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
- 'include_dirs': [
- '<(V8_ROOT)/third_party/zlib',
- '<(V8_ROOT)/third_party/zlib/google',
-+ '<!@(echo "$STAGING_DIR"/usr/../usr/include)',
- ],
- 'sources': [
- '<(V8_ROOT)/third_party/zlib/adler32.c',
+++ /dev/null
---- a/tools/v8_gypfiles/v8.gyp
-+++ b/tools/v8_gypfiles/v8.gyp
-@@ -242,6 +242,7 @@
- 'sources': [
- '<(V8_ROOT)/src/init/setup-isolate-full.cc',
- ],
-+ 'include_dirs': [ '<!@(echo "$STAGING_DIR"/usr/../usr/include)' ],
- }, # v8_init
- {
- 'target_name': 'v8_initializers',
-@@ -714,6 +715,7 @@
- 'v8_shared_internal_headers',
- ],
- 'sources': ['<@(v8_compiler_sources)'],
-+ 'include_dirs': [ '<!@(echo "$STAGING_DIR"/usr/../usr/include)' ],
- 'conditions': [
- ['OS=="win"', {
- 'msvs_precompiled_header': '<(V8_ROOT)/../../tools/msvs/pch/v8_pch.h',
-@@ -1435,6 +1437,7 @@
- 'type': 'executable',
- 'libraries!':[ '-lcrypto', '-lssl', '-lz', '-lhttp_parser', '-luv', '-lnghttp2', '-lcares' ],
- 'library_dirs':[ '../../../../staging_dir/hostpkg/share/icu/current/lib' ],
-+ 'include_dirs': [ '<!@(echo "$STAGING_DIR"/usr/../usr/include)' ],
- 'dependencies': [
- 'v8_base_without_compiler',
- 'v8_compiler_for_mksnapshot',
+++ /dev/null
---- a/deps/v8/src/compiler/backend/mips/code-generator-mips.cc
-+++ b/deps/v8/src/compiler/backend/mips/code-generator-mips.cc
-@@ -4101,7 +4101,7 @@ void CodeGenerator::AssembleReturn(Instr
- } else if (FLAG_debug_code) {
- __ Assert(eq, AbortReason::kUnexpectedAdditionalPopValue,
- g.ToRegister(additional_pop_count),
-- Operand(static_cast<int64_t>(0)));
-+ Operand(static_cast<int32_t>(0)));
- }
- }
- // Functions with JS linkage have at least one parameter (the receiver).
+++ /dev/null
---- a/tools/icu/icu-generic.gyp
-+++ b/tools/icu/icu-generic.gyp
-@@ -106,6 +106,7 @@
- 'sources': [
- '<@(icu_src_i18n)'
- ],
-+ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
- 'include_dirs': [
- '<(icu_path)/source/i18n',
- ],
-@@ -114,6 +115,7 @@
- ],
- 'dependencies': [ 'icuucx', 'icu_implementation', 'icu_uconfig', 'icu_uconfig_target' ],
- 'direct_dependent_settings': {
-+ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
- 'include_dirs': [
- '<(icu_path)/source/i18n',
- ],
-@@ -200,6 +202,7 @@
- # full data - no trim needed
- 'sources': [ '<(SHARED_INTERMEDIATE_DIR)/icudt<(icu_ver_major)_dat.<(icu_asm_ext)' ],
- 'dependencies': [ 'genccode#host', 'icupkg#host', 'icu_implementation#host', 'icu_uconfig' ],
-+ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
- 'include_dirs': [
- '<(icu_path)/source/common',
- ],
-@@ -284,6 +287,7 @@
- # This file contains the small ICU data
- 'sources': [ '<(SHARED_INTERMEDIATE_DIR)/icusmdt<(icu_ver_major)_dat.<(icu_asm_ext)' ],
- # for umachine.h
-+ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
- 'include_dirs': [
- '<(icu_path)/source/common',
- ],
-@@ -300,6 +304,7 @@
- 'sources': [
- '<@(icu_src_stubdata)'
- ],
-+ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
- 'include_dirs': [
- '<(icu_path)/source/common',
- ],
-@@ -339,6 +344,7 @@
- '_XOPEN_SOURCE_EXTENDED=0',
- ]}],
- ],
-+ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
- 'include_dirs': [
- '<(icu_path)/source/common',
- ],
-@@ -348,6 +354,7 @@
- 'cflags_c': ['-std=c99'],
- 'export_dependent_settings': [ 'icu_uconfig', 'icu_uconfig_target' ],
- 'direct_dependent_settings': {
-+ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
- 'include_dirs': [
- '<(icu_path)/source/common',
- ],
-@@ -378,6 +385,7 @@
- '<(icu_path)/source/tools/toolutil/dbgutil.cpp',
- '<(icu_path)/source/tools/toolutil/dbgutil.h',
- ],
-+ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
- 'include_dirs': [
- '<(icu_path)/source/common',
- '<(icu_path)/source/i18n',
-@@ -397,6 +405,7 @@
- }]
- ],
- 'direct_dependent_settings': {
-+ 'include_dirs!': [ '<!@(echo "$STAGING_DIR"/usr/include)' ],
- 'include_dirs': [
- '<(icu_path)/source/common',
- '<(icu_path)/source/i18n',
//
// Permission is hereby granted, free of charge, to any person obtaining a
// copy of this software and associated documentation files (the
-@@ -1321,13 +1322,6 @@ function lookupAndConnect(self, options)
+@@ -1330,13 +1331,6 @@ function lookupAndConnect(self, options)
hints: options.hints || 0,
};
--- a/configure.py
+++ b/configure.py
-@@ -1291,7 +1291,6 @@ def configure_node(o):
+@@ -1270,7 +1270,6 @@ def configure_node(o):
# Enable branch protection for arm64
if target_arch == 'arm64':
PKG_NAME:=perl
PKG_VERSION:=$(PERL_VERSION)
-PKG_RELEASE:=9
+PKG_RELEASE:=10
PKG_SOURCE_URL:=\
https://cpan.metacpan.org/src/5.0 \
--- /dev/null
+owrt:arch=riscv
+owrt:bits=64
+owrt:endian=little
+
+ccsymbols=''
+cppccsymbols=''
+cppsymbols='_FILE_OFFSET_BITS=64 _FORTIFY_SOURCE=2 _GNU_SOURCE=1 _LARGEFILE64_SOURCE=1 _LARGEFILE_SOURCE=1 _LP64=1 _POSIX_C_SOURCE=200809L _POSIX_SOURCE=1 _REENTRANT=1 _STDC_PREDEF_H=1 _XOPEN_SOURCE=700 _XOPEN_SOURCE_EXTENDED=1 __ATOMIC_ACQUIRE=2 __ATOMIC_ACQ_REL=4 __ATOMIC_CONSUME=1 __ATOMIC_RELAXED=0 __ATOMIC_RELEASE=3 __ATOMIC_SEQ_CST=5 __BIGGEST_ALIGNMENT__=16 __BYTE_ORDER__=1234 __CHAR16_TYPE__=short\ unsigned\ int __CHAR32_TYPE__=unsigned\ int __CHAR_BIT__=8 __CHAR_UNSIGNED__=1 __DBL_DECIMAL_DIG__=17 __DBL_DENORM_MIN__=((double)4.94065645841246544176568792868221372e-324L) __DBL_DIG__=15 __DBL_EPSILON__=((double)2.22044604925031308084726333618164062e-16L) __DBL_HAS_DENORM__=1 __DBL_HAS_INFINITY__=1 __DBL_HAS_QUIET_NAN__=1 __DBL_MANT_DIG__=53 __DBL_MAX_10_EXP__=308 __DBL_MAX_EXP__=1024 __DBL_MAX__=((double)1.79769313486231570814527423731704357e+308L) __DBL_MIN_10_EXP__=(-307) __DBL_MIN_EXP__=(-1021) __DBL_MIN__=((double)2.22507385850720138309023271733240406e-308L) __DEC128_EPSILON__=1E-33DL __DEC128_MANT_DIG__=34 __DEC128_MAX_EXP__=6145 __DEC128_MAX__=9.999999999999999999999999999999999E6144DL __DEC128_MIN_EXP__=(-6142) __DEC128_MIN__=1E-6143DL __DEC128_SUBNORMAL_MIN__=0.000000000000000000000000000000001E-6143DL __DEC32_EPSILON__=1E-6DF __DEC32_MANT_DIG__=7 __DEC32_MAX_EXP__=97 __DEC32_MAX__=9.999999E96DF __DEC32_MIN_EXP__=(-94) __DEC32_MIN__=1E-95DF __DEC32_SUBNORMAL_MIN__=0.000001E-95DF __DEC64_EPSILON__=1E-15DD __DEC64_MANT_DIG__=16 __DEC64_MAX_EXP__=385 __DEC64_MAX__=9.999999999999999E384DD __DEC64_MIN_EXP__=(-382) __DEC64_MIN__=1E-383DD __DEC64_SUBNORMAL_MIN__=0.000000000000001E-383DD __DECIMAL_DIG__=36 __DEC_EVAL_METHOD__=2 __ELF__=1 __FINITE_MATH_ONLY__=0 __FLOAT_WORD_ORDER__=1234 __FLT128_DECIMAL_DIG__=36 __FLT128_DENORM_MIN__=6.47517511943802511092443895822764655e-4966F128 __FLT128_DIG__=33 __FLT128_EPSILON__=1.92592994438723585305597794258492732e-34F128 __FLT128_HAS_DENORM__=1 __FLT128_HAS_INFINITY__=1 __FLT128_HAS_QUIET_NAN__=1 __FLT128_MANT_DIG__=113 __FLT128_MAX_10_EXP__=4932 __FLT128_MAX_EXP__=16384 __FLT128_MAX__=1.18973149535723176508575932662800702e+4932F128 __FLT128_MIN_10_EXP__=(-4931) __FLT128_MIN_EXP__=(-16381) __FLT128_MIN__=3.36210314311209350626267781732175260e-4932F128 __FLT32X_DECIMAL_DIG__=17 __FLT32X_DENORM_MIN__=4.94065645841246544176568792868221372e-324F32x __FLT32X_DIG__=15 __FLT32X_EPSILON__=2.22044604925031308084726333618164062e-16F32x __FLT32X_HAS_DENORM__=1 __FLT32X_HAS_INFINITY__=1 __FLT32X_HAS_QUIET_NAN__=1 __FLT32X_MANT_DIG__=53 __FLT32X_MAX_10_EXP__=308 __FLT32X_MAX_EXP__=1024 __FLT32X_MAX__=1.79769313486231570814527423731704357e+308F32x __FLT32X_MIN_10_EXP__=(-307) __FLT32X_MIN_EXP__=(-1021) __FLT32X_MIN__=2.22507385850720138309023271733240406e-308F32x __FLT32_DECIMAL_DIG__=9 __FLT32_DENORM_MIN__=1.40129846432481707092372958328991613e-45F32 __FLT32_DIG__=6 __FLT32_EPSILON__=1.19209289550781250000000000000000000e-7F32 __FLT32_HAS_DENORM__=1 __FLT32_HAS_INFINITY__=1 __FLT32_HAS_QUIET_NAN__=1 __FLT32_MANT_DIG__=24 __FLT32_MAX_10_EXP__=38 __FLT32_MAX_EXP__=128 __FLT32_MAX__=3.40282346638528859811704183484516925e+38F32 __FLT32_MIN_10_EXP__=(-37) __FLT32_MIN_EXP__=(-125) __FLT32_MIN__=1.17549435082228750796873653722224568e-38F32 __FLT64X_DECIMAL_DIG__=36 __FLT64X_DENORM_MIN__=6.47517511943802511092443895822764655e-4966F64x __FLT64X_DIG__=33 __FLT64X_EPSILON__=1.92592994438723585305597794258492732e-34F64x __FLT64X_HAS_DENORM__=1 __FLT64X_HAS_INFINITY__=1 __FLT64X_HAS_QUIET_NAN__=1 __FLT64X_MANT_DIG__=113 __FLT64X_MAX_10_EXP__=4932 __FLT64X_MAX_EXP__=16384 __FLT64X_MAX__=1.18973149535723176508575932662800702e+4932F64x __FLT64X_MIN_10_EXP__=(-4931) __FLT64X_MIN_EXP__=(-16381) __FLT64X_MIN__=3.36210314311209350626267781732175260e-4932F64x __FLT64_DECIMAL_DIG__=17 __FLT64_DENORM_MIN__=4.94065645841246544176568792868221372e-324F64 __FLT64_DIG__=15 __FLT64_EPSILON__=2.22044604925031308084726333618164062e-16F64 __FLT64_HAS_DENORM__=1 __FLT64_HAS_INFINITY__=1 __FLT64_HAS_QUIET_NAN__=1 __FLT64_MANT_DIG__=53 __FLT64_MAX_10_EXP__=308 __FLT64_MAX_EXP__=1024 __FLT64_MAX__=1.79769313486231570814527423731704357e+308F64 __FLT64_MIN_10_EXP__=(-307) __FLT64_MIN_EXP__=(-1021) __FLT64_MIN__=2.22507385850720138309023271733240406e-308F64 __FLT_DECIMAL_DIG__=9 __FLT_DENORM_MIN__=1.40129846432481707092372958328991613e-45F __FLT_DIG__=6 __FLT_EPSILON__=1.19209289550781250000000000000000000e-7F __FLT_EVAL_METHOD_TS_18661_3__=0 __FLT_EVAL_METHOD__=0 __FLT_HAS_DENORM__=1 __FLT_HAS_INFINITY__=1 __FLT_HAS_QUIET_NAN__=1 __FLT_MANT_DIG__=24 __FLT_MAX_10_EXP__=38 __FLT_MAX_EXP__=128 __FLT_MAX__=3.40282346638528859811704183484516925e+38F __FLT_MIN_10_EXP__=(-37) __FLT_MIN_EXP__=(-125) __FLT_MIN__=1.17549435082228750796873653722224568e-38F __FLT_RADIX__=2 __FP_FAST_FMA=1 __FP_FAST_FMAF32=1 __FP_FAST_FMAF32x=1 __FP_FAST_FMAF64=1 __FP_FAST_FMAF=1 __GCC_ATOMIC_BOOL_LOCK_FREE=1 __GCC_ATOMIC_CHAR16_T_LOCK_FREE=1 __GCC_ATOMIC_CHAR32_T_LOCK_FREE=2 __GCC_ATOMIC_CHAR_LOCK_FREE=1 __GCC_ATOMIC_INT_LOCK_FREE=2 __GCC_ATOMIC_LLONG_LOCK_FREE=2 __GCC_ATOMIC_LONG_LOCK_FREE=2 __GCC_ATOMIC_POINTER_LOCK_FREE=2 __GCC_ATOMIC_SHORT_LOCK_FREE=1 __GCC_ATOMIC_TEST_AND_SET_TRUEVAL=1 __GCC_ATOMIC_WCHAR_T_LOCK_FREE=2 __GCC_HAVE_SYNC_COMPARE_AND_SWAP_4=1 __GCC_HAVE_SYNC_COMPARE_AND_SWAP_8=1 __GCC_IEC_559=2 __GCC_IEC_559_COMPLEX=2 __GLIBC_MINOR__=27 __GLIBC__=2 __GNUC_MINOR__=2 __GNUC_PATCHLEVEL__=0 __GNUC_STDC_INLINE__=1 __GNUC__=8 __GNU_LIBRARY__=6 __GXX_ABI_VERSION=1013 __INT16_C=__INT16_C __INT16_MAX__=0x7fff __INT16_TYPE__=short\ int __INT32_C=__INT32_C __INT32_MAX__=0x7fffffff __INT32_TYPE__=int __INT64_C=__INT64_C __INT64_MAX__=0x7fffffffffffffffL __INT64_TYPE__=long\ int __INT8_C=__INT8_C __INT8_MAX__=0x7f __INT8_TYPE__=signed\ char __INTMAX_C=__INTMAX_C __INTMAX_MAX__=0x7fffffffffffffffL __INTMAX_TYPE__=long\ int __INTMAX_WIDTH__=64 __INTPTR_MAX__=0x7fffffffffffffffL __INTPTR_TYPE__=long\ int __INTPTR_WIDTH__=64 __INT_FAST16_MAX__=0x7fffffffffffffffL __INT_FAST16_TYPE__=long\ int __INT_FAST16_WIDTH__=64 __INT_FAST32_MAX__=0x7fffffffffffffffL __INT_FAST32_TYPE__=long\ int __INT_FAST32_WIDTH__=64 __INT_FAST64_MAX__=0x7fffffffffffffffL __INT_FAST64_TYPE__=long\ int __INT_FAST64_WIDTH__=64 __INT_FAST8_MAX__=0x7f __INT_FAST8_TYPE__=signed\ char __INT_FAST8_WIDTH__=8 __INT_LEAST16_MAX__=0x7fff __INT_LEAST16_TYPE__=short\ int __INT_LEAST16_WIDTH__=16 __INT_LEAST32_MAX__=0x7fffffff __INT_LEAST32_TYPE__=int __INT_LEAST32_WIDTH__=32 __INT_LEAST64_MAX__=0x7fffffffffffffffL __INT_LEAST64_TYPE__=long\ int __INT_LEAST64_WIDTH__=64 __INT_LEAST8_MAX__=0x7f __INT_LEAST8_TYPE__=signed\ char __INT_LEAST8_WIDTH__=8 __INT_MAX__=0x7fffffff __INT_WIDTH__=32 __LDBL_DECIMAL_DIG__=36 __LDBL_DENORM_MIN__=6.47517511943802511092443895822764655e-4966L __LDBL_DIG__=33 __LDBL_EPSILON__=1.92592994438723585305597794258492732e-34L __LDBL_HAS_DENORM__=1 __LDBL_HAS_INFINITY__=1 __LDBL_HAS_QUIET_NAN__=1 __LDBL_MANT_DIG__=113 __LDBL_MAX_10_EXP__=4932 __LDBL_MAX_EXP__=16384 __LDBL_MAX__=1.18973149535723176508575932662800702e+4932L __LDBL_MIN_10_EXP__=(-4931) __LDBL_MIN_EXP__=(-16381) __LDBL_MIN__=3.36210314311209350626267781732175260e-4932L __LONG_LONG_MAX__=0x7fffffffffffffffLL __LONG_LONG_WIDTH__=64 __LONG_MAX__=0x7fffffffffffffffL __LONG_WIDTH__=64 __LP64__=1 __ORDER_BIG_ENDIAN__=4321 __ORDER_LITTLE_ENDIAN__=1234 __ORDER_PDP_ENDIAN__=3412 __PIC__=2 __PIE__=2 __PRAGMA_REDEFINE_EXTNAME=1 __PTRDIFF_MAX__=0x7fffffffffffffffL __PTRDIFF_TYPE__=long\ int __PTRDIFF_WIDTH__=64 __REGISTER_PREFIX__= __SCHAR_MAX__=0x7f __SCHAR_WIDTH__=8 __SHRT_MAX__=0x7fff __SHRT_WIDTH__=16 __SIG_ATOMIC_MAX__=0x7fffffff __SIG_ATOMIC_MIN__=(-0x7fffffff\ -\ 1) __SIG_ATOMIC_TYPE__=int __SIG_ATOMIC_WIDTH__=32 __SIZEOF_DOUBLE__=8 __SIZEOF_FLOAT__=4 __SIZEOF_INT128__=16 __SIZEOF_INT__=4 __SIZEOF_LONG_DOUBLE__=16 __SIZEOF_LONG_LONG__=8 __SIZEOF_LONG__=8 __SIZEOF_POINTER__=8 __SIZEOF_PTRDIFF_T__=8 __SIZEOF_SHORT__=2 __SIZEOF_SIZE_T__=8 __SIZEOF_WCHAR_T__=4 __SIZEOF_WINT_T__=4 __SIZE_MAX__=0xffffffffffffffffUL __SIZE_TYPE__=long\ unsigned\ int __SIZE_WIDTH__=64 __STDC_HOSTED__=1 __STDC_IEC_559_COMPLEX__=1 __STDC_IEC_559__=1 __STDC_ISO_10646__=201706L __STDC_NO_THREADS__=1 __STDC_UTF_16__=1 __STDC_UTF_32__=1 __STDC_VERSION__=201710L __STDC__=1 __UINT16_C=__UINT16_C __UINT16_MAX__=0xffff __UINT16_TYPE__=short\ unsigned\ int __UINT32_C=__UINT32_C __UINT32_MAX__=0xffffffffU __UINT32_TYPE__=unsigned\ int __UINT64_C=__UINT64_C __UINT64_MAX__=0xffffffffffffffffUL __UINT64_TYPE__=long\ unsigned\ int __UINT8_C=__UINT8_C __UINT8_MAX__=0xff __UINT8_TYPE__=unsigned\ char __UINTMAX_C=__UINTMAX_C __UINTMAX_MAX__=0xffffffffffffffffUL __UINTMAX_TYPE__=long\ unsigned\ int __UINTPTR_MAX__=0xffffffffffffffffUL __UINTPTR_TYPE__=long\ unsigned\ int __UINT_FAST16_MAX__=0xffffffffffffffffUL __UINT_FAST16_TYPE__=long\unsigned\ int __UINT_FAST32_MAX__=0xffffffffffffffffUL __UINT_FAST32_TYPE__=long\ unsigned\ int __UINT_FAST64_MAX__=0xffffffffffffffffUL __UINT_FAST64_TYPE__=long\ unsigned\ int __UINT_FAST8_MAX__=0xff __UINT_FAST8_TYPE__=unsigned\ char__UINT_LEAST16_MAX__=0xffff __UINT_LEAST16_TYPE__=short\ unsigned\ int __UINT_LEAST32_MAX__=0xffffffffU __UINT_LEAST32_TYPE__=unsigned\ int __UINT_LEAST64_MAX__=0xffffffffffffffffUL __UINT_LEAST64_TYPE__=long\ unsigned\ int __UINT_LEAST8_MAX__=0xff __UINT_LEAST8_TYPE__=unsigned\ char __USER_LABEL_PREFIX__= __USE_FILE_OFFSET64=1 __USE_GNU=1 __USE_LARGEFILE64=1 __USE_LARGEFILE=1 __USE_MISC=1 __USE_POSIX199309=1 __USE_POSIX199506=1 __USE_POSIX2=1 __USE_POSIX=1 __USE_UNIX98=1 __USE_XOPEN=1 __USE_XOPEN_EXTENDED=1 __VERSION__="8.2.0" __WCHAR_MAX__=0x7fffffff __WCHAR_MIN__=(-0x7fffffff\ -\ 1) __WCHAR_TYPE__=int __WCHAR_WIDTH__=32 __WINT_MAX__=0xffffffffU __WINT_MIN__=0U __WINT_TYPE__=unsigned\ int __WINT_WIDTH__=32 __gnu_linux__=1 __has_include=__has_include __has_include_next=__has_include_next __linux=1 __linux__=1 __pic__=2 __pie__=2 __riscv=1 __riscv_atomic=1 __riscv_cmodel_pic=1 __riscv_compressed=1 __riscv_div=1 __riscv_fdiv=1 __riscv_flen=64 __riscv_float_abi_double=1 __riscv_fsqrt=1 __riscv_mul=1 __riscv_muldiv=1 __riscv_xlen=64 __unix=1 __unix__=1 linux=1 unix=1'
+
+d_casti32='define'
+d_double_style_ieee='define'
+d_modflproto='define'
+doublekind='3'
+fpossize='16'
+longdblkind='1'
+need_va_copy='undef'
+quadkind='2'
+
+owrt:sig_count='64'
+owrt:sigs='ZERO HUP INT QUIT ILL TRAP ABRT BUS FPE KILL USR1 SEGV USR2 PIPE ALRM TERM STKFLT CHLD CONT STOP TSTP TTIN TTOU URG XCPU XFSZ VTALRM PROF WINCH IO PWR SYS'
+owrt:sig_name_extra='IOT CLD POLL UNUSED'
+owrt:sig_num_extra='6 17 29 31'
PECL_NAME:=pecl_http
PECL_LONGNAME:=Extended HTTP Support
-PKG_VERSION:=4.2.3
-PKG_RELEASE:=2
-PKG_HASH:=fa2ab558fc8f0928a10f35c0f566f7c4a1d32e727bd3a96579e4c28482ee9d6a
+PKG_VERSION:=4.2.4
+PKG_RELEASE:=1
+PKG_HASH:=fb1e10c2e5edfb011ff8dc2e473cdbd2bbe0127d1279dfce4d98570555ac6ded
PKG_NAME:=php8-pecl-http
PKG_SOURCE:=$(PECL_NAME)-$(PKG_VERSION).tgz
PECL_NAME:=redis
PECL_LONGNAME:=PHP extension for interfacing with Redis
-PKG_VERSION:=6.0.1
+PKG_VERSION:=6.0.2
PKG_RELEASE:=1
-PKG_HASH:=d39136e0ef9495f8e775ef7349a97658fb41c526d12d8e517f56274f149e1e4e
+PKG_HASH:=01aeccb0e14f897fe56f0509be6e6991ff0ad459f9d34e95e4556d02699b9a03
PKG_NAME:=php8-pecl-redis
PKG_SOURCE:=$(PECL_NAME)-$(PKG_VERSION).tgz
PECL_NAME:=xdebug
PECL_LONGNAME:=Xdebug extension
-PKG_VERSION:=3.2.1
+PKG_VERSION:=3.2.2
PKG_RELEASE:=1
-PKG_HASH:=ef4cb3c228192798874e4530cccceee76840cc80821909740088a1e1a8f00445
+PKG_HASH:=f48777371f90cbb315ea4ea082a1ede6765bcfb35d7d6356ab8f71fd6dfcc157
PKG_NAME:=php8-pecl-xdebug
PKG_SOURCE:=$(PECL_NAME)-$(PKG_VERSION).tgz
include $(TOPDIR)/rules.mk
PKG_NAME:=php
-PKG_VERSION:=8.2.11
+PKG_VERSION:=8.2.12
PKG_RELEASE:=1
PKG_MAINTAINER:=Michael Heimpold <mhei@heimpold.de>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://www.php.net/distributions/
-PKG_HASH:=29af82e4f7509831490552918aad502697453f0869a579ee1b80b08f9112c5b8
+PKG_HASH:=e1526e400bce9f9f9f774603cfac6b72b5e8f89fa66971ebc3cc4e5964083132
PKG_BUILD_PARALLEL:=1
PKG_BUILD_FLAGS:=no-mips16
include $(TOPDIR)/rules.mk
PKG_NAME:=micropython-lib
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/micropython/micropython-lib.git
PKG_BUILD_PARALLEL:=1
# keep in sync with micropython
-MP_VERSION:=1.20.0
MP_MPY_FILE_VERSION:=6
include $(INCLUDE_DIR)/package.mk
define Package/micropython-lib-unix
$(call Package/micropython-lib/Default)
TITLE+= - Unix port packages
- DEPENDS:=+micropython +libpcre +librt +libsqlite3
+ DEPENDS:=+micropython +libpcre2 +librt +libsqlite3
endef
define Package/micropython-lib-unix-src
port.
endef
-MP_INSTALLDEV_PATH:=$(STAGING_DIR)/host/lib/micropython-$(MP_VERSION)
+MP_INSTALLDEV_PATH:=$(STAGING_DIR)/host/lib/micropython
define MicroPythonLib/Compile
cd "$(PKG_BUILD_DIR)" && python3 tools/build.py \
--- /dev/null
+From 1cbe8c4dd653336c5766dfd75eb379ad37f04249 Mon Sep 17 00:00:00 2001
+From: Christian Marangi <ansuelsmth@gmail.com>
+Date: Thu, 28 Sep 2023 20:59:26 +0200
+Subject: [PATCH] unix-ffi: re: convert to PCRE2
+
+PCRE is marked as EOL and won't receive any new security update.
+
+Convert the re module to PCRE2 API to enforce security.
+Additional dependency is now needed with uctypes due to changes in how
+PCRE2 return the match_data in a pointer and require special handling.
+
+The converted module is tested with the test_re.py with no regression.
+
+Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
+---
+ unix-ffi/re/re.py | 73 +++++++++++++++++++++++++++++++----------------
+ 1 file changed, 48 insertions(+), 25 deletions(-)
+
+--- a/unix-ffi/re/re.py
++++ b/unix-ffi/re/re.py
+@@ -1,36 +1,55 @@
+ import sys
+ import ffilib
+ import array
++import uctypes
+
++pcre2 = ffilib.open("libpcre2-8")
+
+-pcre = ffilib.open("libpcre")
+-
+-# pcre *pcre_compile(const char *pattern, int options,
+-# const char **errptr, int *erroffset,
+-# const unsigned char *tableptr);
+-pcre_compile = pcre.func("p", "pcre_compile", "sipps")
+-
+-# int pcre_exec(const pcre *code, const pcre_extra *extra,
+-# const char *subject, int length, int startoffset,
+-# int options, int *ovector, int ovecsize);
+-pcre_exec = pcre.func("i", "pcre_exec", "PPsiiipi")
+-
+-# int pcre_fullinfo(const pcre *code, const pcre_extra *extra,
+-# int what, void *where);
+-pcre_fullinfo = pcre.func("i", "pcre_fullinfo", "PPip")
+-
+-
+-IGNORECASE = I = 1
+-MULTILINE = M = 2
+-DOTALL = S = 4
+-VERBOSE = X = 8
+-PCRE_ANCHORED = 0x10
++# pcre2_code *pcre2_compile(PCRE2_SPTR pattern, PCRE2_SIZE length,
++# uint32_t options, int *errorcode, PCRE2_SIZE *erroroffset,
++# pcre2_compile_context *ccontext);
++pcre2_compile = pcre2.func("p", "pcre2_compile_8", "siippp")
++
++# int pcre2_match(const pcre2_code *code, PCRE2_SPTR subject,
++# PCRE2_SIZE length, PCRE2_SIZE startoffset, uint32_t options,
++# pcre2_match_data *match_data, pcre2_match_context *mcontext);
++pcre2_match = pcre2.func("i", "pcre2_match_8", "Psiiipp")
++
++# int pcre2_pattern_info(const pcre2_code *code, uint32_t what,
++# void *where);
++pcre2_pattern_info = pcre2.func("i", "pcre2_pattern_info_8", "Pip")
++
++# PCRE2_SIZE *pcre2_get_ovector_pointer(pcre2_match_data *match_data);
++pcre2_get_ovector_pointer = pcre2.func("p", "pcre2_get_ovector_pointer_8", "p")
++
++# pcre2_match_data *pcre2_match_data_create_from_pattern(const pcre2_code *code,
++# pcre2_general_context *gcontext);
++pcre2_match_data_create_from_pattern = pcre2.func(
++ "p", "pcre2_match_data_create_from_pattern_8", "Pp"
++)
++
++# PCRE2_SIZE that is of type size_t.
++# Use ULONG as type to support both 32bit and 64bit.
++PCRE2_SIZE_SIZE = uctypes.sizeof({"field": 0 | uctypes.ULONG})
++PCRE2_SIZE_TYPE = "L"
++
++# Real value in pcre2.h is 0xFFFFFFFF for 32bit and
++# 0x0xFFFFFFFFFFFFFFFF for 64bit that is equivalent
++# to -1
++PCRE2_ZERO_TERMINATED = -1
++
++
++IGNORECASE = I = 0x8
++MULTILINE = M = 0x400
++DOTALL = S = 0x20
++VERBOSE = X = 0x80
++PCRE2_ANCHORED = 0x80000000
+
+ # TODO. Note that Python3 has unicode by default
+ ASCII = A = 0
+ UNICODE = U = 0
+
+-PCRE_INFO_CAPTURECOUNT = 2
++PCRE2_INFO_CAPTURECOUNT = 0x4
+
+
+ class PCREMatch:
+@@ -67,19 +86,23 @@ class PCREPattern:
+ def search(self, s, pos=0, endpos=-1, _flags=0):
+ assert endpos == -1, "pos: %d, endpos: %d" % (pos, endpos)
+ buf = array.array("i", [0])
+- pcre_fullinfo(self.obj, None, PCRE_INFO_CAPTURECOUNT, buf)
++ pcre2_pattern_info(self.obj, PCRE2_INFO_CAPTURECOUNT, buf)
+ cap_count = buf[0]
+- ov = array.array("i", [0, 0, 0] * (cap_count + 1))
+- num = pcre_exec(self.obj, None, s, len(s), pos, _flags, ov, len(ov))
++ match_data = pcre2_match_data_create_from_pattern(self.obj, None)
++ num = pcre2_match(self.obj, s, len(s), pos, _flags, match_data, None)
+ if num == -1:
+ # No match
+ return None
++ ov_ptr = pcre2_get_ovector_pointer(match_data)
++ # pcre2_get_ovector_pointer return PCRE2_SIZE
++ ov_buf = uctypes.bytearray_at(ov_ptr, PCRE2_SIZE_SIZE * (cap_count + 1) * 2)
++ ov = array.array(PCRE2_SIZE_TYPE, ov_buf)
+ # We don't care how many matching subexpressions we got, we
+ # care only about total # of capturing ones (including empty)
+ return PCREMatch(s, cap_count + 1, ov)
+
+ def match(self, s, pos=0, endpos=-1):
+- return self.search(s, pos, endpos, PCRE_ANCHORED)
++ return self.search(s, pos, endpos, PCRE2_ANCHORED)
+
+ def sub(self, repl, s, count=0):
+ if not callable(repl):
+@@ -141,9 +164,9 @@ class PCREPattern:
+
+
+ def compile(pattern, flags=0):
+- errptr = bytes(4)
++ errcode = bytes(4)
+ erroffset = bytes(4)
+- regex = pcre_compile(pattern, flags, errptr, erroffset, None)
++ regex = pcre2_compile(pattern, PCRE2_ZERO_TERMINATED, flags, errcode, erroffset, None)
+ assert regex
+ return PCREPattern(regex)
+
+@@ -154,7 +177,7 @@ def search(pattern, string, flags=0):
+
+
+ def match(pattern, string, flags=0):
+- r = compile(pattern, flags | PCRE_ANCHORED)
++ r = compile(pattern, flags | PCRE2_ANCHORED)
+ return r.search(string)
+
+
+++ /dev/null
-#
-# Copyright (C) 2023 Jeffery To
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=micropython-mpremote
-PKG_VERSION:=1.20.0
-PKG_RELEASE:=1
-
-PYPI_NAME:=mpremote
-PKG_HASH:=5c342762a04791309dd49bce63c70a075aa7c548b1c0076262b96f9ccc398ca2
-
-PKG_LICENSE:=MIT
-PKG_LICENSE_FILES:=LICENSE
-PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
-
-PKG_BUILD_DEPENDS:=python-hatchling/host python-hatch-requirements-txt/host python-hatch-vcs/host
-
-include ../pypi.mk
-include $(INCLUDE_DIR)/package.mk
-include ../python3-package.mk
-
-define Package/micropython-mpremote
- SECTION:=lang
- CATEGORY:=Languages
- SUBMENU:=Python
- TITLE:=Interacting remotely with MicroPython devices
- URL:=https://github.com/micropython/micropython
- DEPENDS:=+python3-light +python3-urllib +python3-pyserial
-endef
-
-define Package/micropython-mpremote/description
-This CLI tool provides an integrated set of utilities to remotely
-interact with and automate a MicroPython device over a serial
-connection.
-endef
-
-$(eval $(call Py3Package,micropython-mpremote))
-$(eval $(call BuildPackage,micropython-mpremote))
-$(eval $(call BuildPackage,micropython-mpremote-src))
+++ /dev/null
---- a/requirements.txt
-+++ b/requirements.txt
-@@ -1,2 +1 @@
- pyserial >= 3.3
--importlib_metadata >= 1.4
include $(TOPDIR)/rules.mk
PKG_NAME:=micropython
-PKG_VERSION:=1.20.0
+PKG_VERSION:=1.21.0
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://github.com/micropython/micropython/releases/download/v$(PKG_VERSION)
-PKG_HASH:=098ef8e40abdc62551b5460d0ffe9489074240c0cb5589ca3c3a425551beb9bf
+PKG_HASH:=abd2152613559d3f44728668346e78be9d93458133a03b700baf222c322fd4d5
PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
PKG_LICENSE:=MIT
This version is built without TLS and mip.
endef
-MAKE_FLAGS += BUILD_VERBOSE=1
+MAKE_FLAGS += BUILD_VERBOSE=1 STRIP=
ifneq ($(CONFIG_DEBUG),)
MAKE_FLAGS += DEBUG=1
endif
ifeq ($(BUILD_VARIANT),nossl)
- MAKE_FLAGS += MICROPY_PY_USSL=0 FROZEN_MANIFEST=variants/standard/manifest-nossl.py
+ MAKE_FLAGS += MICROPY_PY_SSL=0 FROZEN_MANIFEST=variants/standard/manifest-nossl.py
+endif
+
+# Work around "variable might be clobbered" warning leading to build error
+# https://github.com/micropython/micropython/issues/12838
+ifeq ($(ARCH),riscv64)
+ MAKE_FLAGS += CFLAGS_EXTRA=-Wno-error=clobbered
endif
MAKE_PATH = ports/unix
endef
define Build/InstallDev
- $(INSTALL_DIR) $(2)/lib/micropython-$(PKG_VERSION)/mpy-cross
+ $(INSTALL_DIR) $(2)/lib/micropython/mpy-cross
$(CP) \
$(PKG_BUILD_DIR)/mpy-cross/mpy_cross \
- $(2)/lib/micropython-$(PKG_VERSION)/mpy-cross/
+ $(2)/lib/micropython/mpy-cross/
- $(INSTALL_DIR) $(2)/lib/micropython-$(PKG_VERSION)/mpy-cross/build
+ $(INSTALL_DIR) $(2)/lib/micropython/mpy-cross/build
$(INSTALL_BIN) \
$(PKG_BUILD_DIR)/mpy-cross/build/mpy-cross \
- $(2)/lib/micropython-$(PKG_VERSION)/mpy-cross/build/
+ $(2)/lib/micropython/mpy-cross/build/
- $(INSTALL_DIR) $(2)/lib/micropython-$(PKG_VERSION)/tools
+ $(INSTALL_DIR) $(2)/lib/micropython/tools
$(INSTALL_DATA) \
$(PKG_BUILD_DIR)/tools/manifestfile.py \
- $(2)/lib/micropython-$(PKG_VERSION)/tools/
+ $(2)/lib/micropython/tools/
endef
define Package/micropython/Default/install
--- a/ports/unix/Makefile
+++ b/ports/unix/Makefile
-@@ -31,7 +31,7 @@ QSTR_DEFS = qstrdefsport.h
- QSTR_GLOBAL_DEPENDENCIES = $(VARIANT_DIR)/mpconfigvariant.h
+@@ -31,7 +31,7 @@ QSTR_DEFS += qstrdefsport.h
+ QSTR_GLOBAL_DEPENDENCIES += $(VARIANT_DIR)/mpconfigvariant.h
# OS name, for simple autoconfig
-UNAME_S := $(shell uname -s)
--- a/extmod/extmod.mk
+++ b/extmod/extmod.mk
-@@ -131,84 +131,8 @@ SRC_THIRDPARTY_C += $(addprefix $(AXTLS_
+@@ -131,85 +131,8 @@ SRC_THIRDPARTY_C += $(addprefix $(AXTLS_
crypto/sha1.c \
)
else ifeq ($(MICROPY_SSL_MBEDTLS),1)
- md4.c \
- md5.c \
- md.c \
-- md_wrap.c \
- oid.c \
- padlock.c \
- pem.c \
- ssl_cli.c \
- ssl_cookie.c \
- ssl_srv.c \
+- ssl_msg.c \
- ssl_ticket.c \
- ssl_tls.c \
- timing.c \
+- constant_time.c \
- x509.c \
- x509_create.c \
- x509_crl.c \
+++ /dev/null
-From f1c6cb7725960487195daa5c5c196fd8d3563811 Mon Sep 17 00:00:00 2001
-From: Damien George <damien@micropython.org>
-Date: Wed, 3 May 2023 15:23:24 +1000
-Subject: [PATCH] py/stackctrl: Add gcc pragmas to ignore dangling-pointer
- warning.
-
-This warning became apparent in gcc 13.
-
-Signed-off-by: Damien George <damien@micropython.org>
----
- py/stackctrl.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
---- a/py/stackctrl.c
-+++ b/py/stackctrl.c
-@@ -28,8 +28,15 @@
- #include "py/stackctrl.h"
-
- void mp_stack_ctrl_init(void) {
-+ #if __GNUC__ >= 13
-+ #pragma GCC diagnostic push
-+ #pragma GCC diagnostic ignored "-Wdangling-pointer"
-+ #endif
- volatile int stack_dummy;
- MP_STATE_THREAD(stack_top) = (char *)&stack_dummy;
-+ #if __GNUC__ >= 13
-+ #pragma GCC diagnostic pop
-+ #endif
- }
-
- void mp_stack_set_top(void *top) {
-include("$(MPY_DIR)/extmod/uasyncio")
+include("$(MPY_DIR)/extmod/asyncio")
--- /dev/null
+#!/bin/sh
+
+nl="
+"
+
+micropython -c "import sys${nl}print(sys.version)" | grep -F " MicroPython v${PKG_VERSION} "
+++ /dev/null
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=pyodbc
-PKG_VERSION:=4.0.39
-PKG_RELEASE:=1
-
-PYPI_NAME:=$(PKG_NAME)
-PKG_HASH:=e528bb70dd6d6299ee429868925df0866e3e919c772b9eff79c8e17920d8f116
-
-PKG_LICENSE:=MIT
-PKG_LICENSE_FILES:=LICENSE.txt
-PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
-
-PKG_BUILD_DEPENDS:=unixodbc/host
-
-include ../pypi.mk
-include $(INCLUDE_DIR)/package.mk
-include ../python3-package.mk
-
-define Package/python3-pyodbc
- SECTION:=lang
- CATEGORY:=Languages
- SUBMENU:=Python
- TITLE:=python3-pyodbc
- URL:=https://github.com/mkleehammer/pyodbc
- DEPENDS:=+unixodbc +python3-light +libstdcpp
-endef
-
-define Package/python3-pyodbc/description
-DB API Module for ODBC
-
-A Python DB API 2 module for ODBC. This project provides an up-to-date,
-convenient interface to ODBC using native data types like datetime and decimal.
-endef
-
-$(eval $(call Py3Package,python3-pyodbc))
-$(eval $(call BuildPackage,python3-pyodbc))
include $(TOPDIR)/rules.mk
PKG_NAME:=python-charset-normalizer
-PKG_VERSION:=3.3.0
+PKG_VERSION:=3.3.2
PKG_RELEASE:=1
PYPI_NAME:=charset-normalizer
-PKG_HASH:=63563193aec44bce707e0c5ca64ff69fa72ed7cf34ce6e11d5127555756fd2f6
+PKG_HASH:=f30c3cb33b24454a82faecaf01b19c18562b1e89558fb6c56de4d9118a032fd5
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=LICENSE
[ "$1" = python3-charset-normalizer ] || exit 0
-python3 - << EOF
-import sys
+python3 - << 'EOF'
+
from charset_normalizer import from_bytes
s = 'Bсеки човек има право на образование.'
byte_str = s.encode('cp1251')
result = from_bytes(byte_str).best()
-sys.exit(0 if str(result) == s else 1)
+assert str(result) == s
+
EOF
#
-# Copyright (C) 2018 OpenWrt.org
+# Copyright (C) 2018, 2023 Jeffery To
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(TOPDIR)/rules.mk
PKG_NAME:=python-constantly
-PKG_VERSION:=15.1.0
-PKG_RELEASE:=2
+PKG_VERSION:=23.10.4
+PKG_RELEASE:=1
PYPI_NAME:=constantly
-PKG_HASH:=586372eb92059873e29eba4f9dec8381541b4d3834660707faf8ba59146dfc35
+PKG_HASH:=aa92b70a33e2ac0bb33cd745eb61776594dc48764b06c35e0efd050b7f1c7cbd
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=LICENSE
PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
+PKG_BUILD_DEPENDS:=python-versioneer/host
+
include ../pypi.mk
include $(INCLUDE_DIR)/package.mk
include ../python3-package.mk
--- /dev/null
+--- a/pyproject.toml
++++ b/pyproject.toml
+@@ -1,5 +1,5 @@
+ [build-system]
+-requires = ["setuptools>=68.2", "versioneer[toml]==0.29"]
++requires = ["setuptools", "versioneer[toml]==0.29"]
+ build-backend = "setuptools.build_meta"
+
+ [project]
--- /dev/null
+#!/bin/sh
+
+[ "$1" = python3-constantly ] || exit 0
+
+python3 - << 'EOF'
+
+from constantly import NamedConstant, Names
+class Letters(Names):
+ a = NamedConstant()
+ b = NamedConstant()
+ c = NamedConstant()
+
+assert Letters.lookupByName('a') is Letters.a
+assert Letters.a < Letters.b
+assert Letters.b < Letters.c
+assert Letters.a < Letters.c
+
+from constantly import ValueConstant, Values
+class STATUS(Values):
+ OK = ValueConstant('200')
+ FOUND = ValueConstant('302')
+ NOT_FOUND = ValueConstant('404')
+
+assert STATUS.OK.value == '200'
+assert STATUS.lookupByValue('404') == STATUS.NOT_FOUND
+
+EOF
include $(TOPDIR)/rules.mk
PKG_NAME:=python-cryptography
-PKG_VERSION:=41.0.4
+PKG_VERSION:=41.0.5
PKG_RELEASE:=1
PYPI_NAME:=cryptography
-PKG_HASH:=7febc3094125fc126a7f6fb1f420d0da639f3f32cb15c8ff0dc3997c4549f51a
+PKG_HASH:=392cb88b597247177172e02da6b7a63deeff1937fa6fec3bbf902ebd75d97ec7
PKG_LICENSE:=Apache-2.0 BSD-3-Clause
PKG_LICENSE_FILES:=LICENSE.APACHE LICENSE.BSD
PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
+PKG_CPE_ID:=cpe:/a:cryptography_project:cryptography
PKG_BUILD_DEPENDS:=libffi/host python-cffi/host python-setuptools-rust/host
[ "$1" = python3-cryptography ] || exit 0
-python3 - << EOF
-import sys
+python3 - << 'EOF'
+
from cryptography.fernet import Fernet
key = Fernet.generate_key()
f = Fernet(key)
-token = f.encrypt(b"my deep dark secret")
-sys.exit(0 if f.decrypt(token) == b"my deep dark secret" else 1)
+msg = b"my deep dark secret"
+token = f.encrypt(msg)
+assert f.decrypt(token) == msg
+
EOF
include $(TOPDIR)/rules.mk
PKG_NAME:=python-pip
-PKG_VERSION:=23.2.1
+PKG_VERSION:=23.3.1
PKG_RELEASE:=1
PYPI_NAME:=pip
-PKG_HASH:=fb0bd5435b3200c602b5bf61d2d43c2f13c02e29c1707567ae7fbc514eb9faf2
+PKG_HASH:=1fcaa041308d01f14575f6d0d2ea4b75a3e2871fe4f9c694976f908768e14174
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=LICENSE.txt
--- a/src/pip/_vendor/pyproject_hooks/_in_process/__init__.py
+++ b/src/pip/_vendor/pyproject_hooks/_in_process/__init__.py
-@@ -11,8 +11,8 @@ try:
+@@ -11,8 +11,14 @@ try:
except AttributeError:
# Python 3.8 compatibility
def _in_proc_script_path():
- return resources.path(__package__, '_in_process.py')
-+ return resources.path(__package__, '_in_process.pyc')
++ filename = '_in_process.pyc'
++ if resources.is_resource(__package__, '_in_process.py'):
++ filename = '_in_process.py'
++ return resources.path(__package__, filename)
else:
def _in_proc_script_path():
++ filename = '_in_process.pyc'
++ if resources.files(__package__).joinpath('_in_process.py').is_file():
++ filename = '_in_process.py'
return resources.as_file(
- resources.files(__package__).joinpath('_in_process.py'))
-+ resources.files(__package__).joinpath('_in_process.pyc'))
++ resources.files(__package__).joinpath(filename))
--- a/src/pip/_internal/build_env.py
+++ b/src/pip/_internal/build_env.py
-@@ -54,7 +54,7 @@ def get_runnable_pip() -> str:
+@@ -54,7 +54,11 @@ def get_runnable_pip() -> str:
# case, we can use that directly.
return str(source)
- return os.fsdecode(source / "__pip-runner__.py")
-+ return os.fsdecode(source / "__pip-runner__.pyc")
++ filename = "__pip-runner__.pyc"
++ py = source / "__pip-runner__.py"
++ if py.is_file():
++ filename = "__pip-runner__.py"
++ return os.fsdecode(source / filename)
def _get_system_sitepackages() -> Set[str]:
--- a/src/pip/_internal/cli/cmdoptions.py
+++ b/src/pip/_internal/cli/cmdoptions.py
-@@ -892,7 +892,7 @@ disable_pip_version_check: Callable[...,
+@@ -895,7 +895,7 @@ disable_pip_version_check: Callable[...,
"--disable-pip-version-check",
dest="disable_pip_version_check",
action="store_true",
--- /dev/null
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=python-pyodbc
+PKG_VERSION:=5.0.1
+PKG_RELEASE:=1
+
+PYPI_NAME:=pyodbc
+PKG_HASH:=03d7d0b04d5a9156099ce8d03e92f3956783746fa9234eb6f5b5cfc12b645011
+
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=LICENSE.txt
+PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
+
+# for odbc_config
+PKG_BUILD_DEPENDS:=unixodbc/host
+
+include ../pypi.mk
+include $(INCLUDE_DIR)/package.mk
+include ../python3-package.mk
+
+define Package/python3-pyodbc
+ SECTION:=lang
+ CATEGORY:=Languages
+ SUBMENU:=Python
+ TITLE:=DB API module for ODBC
+ URL:=https://github.com/mkleehammer/pyodbc
+ DEPENDS:=+python3-light +python3-decimal +python3-uuid +libodbc +libstdcpp
+endef
+
+define Package/python3-pyodbc/description
+pyodbc is an open source Python module that makes accessing ODBC
+databases simple. It implements the DB API 2.0 specification but is
+packed with even more Pythonic convenience.
+endef
+
+$(eval $(call Py3Package,python3-pyodbc))
+$(eval $(call BuildPackage,python3-pyodbc))
+# no src package - the module does not contain any Python code
--- /dev/null
+#!/bin/sh
+
+[ "$1" = python3-pyodbc ] || exit 0
+
+python3 -c 'import pyodbc'
include $(TOPDIR)/rules.mk
PKG_NAME:=python-pyopenssl
-PKG_VERSION:=23.2.0
+PKG_VERSION:=23.3.0
PKG_RELEASE:=1
PYPI_NAME:=pyOpenSSL
-PKG_HASH:=276f931f55a452e7dea69c7173e984eb2a4407ce413c918aa34b55f82f9b8bac
+PKG_HASH:=6b2cba5cc46e822750ec3e5a81ee12819850b11303630d575e98108a079c2b12
PKG_LICENSE:=Apache-2.0
PKG_LICENSE_FILES:=LICENSE
include $(TOPDIR)/rules.mk
PKG_NAME:=python-setuptools-rust
-PKG_VERSION:=1.7.0
-PKG_RELEASE:=2
+PKG_VERSION:=1.8.1
+PKG_RELEASE:=1
PYPI_NAME:=setuptools-rust
-PKG_HASH:=c7100999948235a38ae7e555fe199aa66c253dc384b125f5d85473bf81eae3a3
+PKG_HASH:=94b1dd5d5308b3138d5b933c3a2b55e6d6927d1a22632e509fcea9ddd0f7e486
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=LICENSE
python-wheel/host \
python-setuptools-scm/host \
python-semantic-version/host \
- python-typing-extensions/host \
rust/host
include ../pypi.mk
+python3-logging \
+python3-semantic-version \
+python3-setuptools \
- +python3-typing-extensions \
+rust
BUILDONLY:=1
endef
+++ /dev/null
-From b10cab4efeb80abb5a236d651c9ff9355e470527 Mon Sep 17 00:00:00 2001
-From: Jeffery To <jeffery.to@gmail.com>
-Date: Mon, 2 Oct 2023 16:13:51 +0800
-Subject: [PATCH] Allow profile to be set by SETUPTOOLS_RUST_CARGO_PROFILE env
- variable
-
-This allows the profile to be set dynamically, without having to edit
-pyproject.toml/setup.py.
----
- setuptools_rust/build.py | 20 ++++++++++++++++----
- 1 file changed, 16 insertions(+), 4 deletions(-)
-
---- a/setuptools_rust/build.py
-+++ b/setuptools_rust/build.py
-@@ -528,10 +528,10 @@ class build_rust(RustCommand):
- if target_triple is not None:
- args.extend(["--target", target_triple])
-
-- if release:
-- profile = ext.get_cargo_profile()
-- if not profile:
-- args.append("--release")
-+ ext_profile = ext.get_cargo_profile()
-+ env_profile = os.getenv("SETUPTOOLS_RUST_CARGO_PROFILE")
-+ if release and not ext_profile and not env_profile:
-+ args.append("--release")
-
- if quiet:
- args.append("-q")
-@@ -552,6 +552,18 @@ class build_rust(RustCommand):
- if ext.args is not None:
- args.extend(ext.args)
-
-+ if env_profile:
-+ if ext_profile:
-+ args = [p for p in args if not p.startswith("--profile=")]
-+ while True:
-+ try:
-+ index = args.index("--profile")
-+ del args[index:index + 2]
-+ except ValueError:
-+ break
-+
-+ args.extend(["--profile", env_profile])
-+
- if ext.cargo_manifest_args is not None:
- args.extend(ext.cargo_manifest_args)
-
include $(TOPDIR)/rules.mk
PKG_NAME:=python-trove-classifiers
-PKG_VERSION:=2023.9.19
+PKG_VERSION:=2023.10.18
PKG_RELEASE:=1
PYPI_NAME:=trove-classifiers
-PKG_HASH:=3e700af445c802f251ce2b741ee78d2e5dfa5ab8115b933b89ca631b414691c9
+PKG_HASH:=2cdfcc7f31f7ffdd57666a9957296089ac72daad4d11ab5005060e5cd7e29939
PKG_LICENSE:=Apache-2.0
PKG_LICENSE_FILES:=LICENSE
--- /dev/null
+#
+# Copyright (C) 2023 Jeffery To
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=python-versioneer
+PKG_VERSION:=0.29
+PKG_RELEASE:=1
+
+PYPI_NAME:=versioneer
+PKG_HASH:=5ab283b9857211d61b53318b7c792cf68e798e765ee17c27ade9f6c924235731
+
+PKG_LICENSE:=Unlicense
+PKG_LICENSE_FILES:=LICENSE
+PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
+
+PKG_HOST_ONLY:=1
+HOST_BUILD_DEPENDS:=python3/host python-build/host python-installer/host python-wheel/host
+
+include ../pypi.mk
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/host-build.mk
+include ../python3-package.mk
+include ../python3-host-build.mk
+
+define Package/python3-versioneer
+ SECTION:=lang
+ CATEGORY:=Languages
+ SUBMENU:=Python
+ TITLE:=Easy VCS-based management of project version strings
+ URL:=https://github.com/python-versioneer/python-versioneer
+ DEPENDS:=+python3-light
+ BUILDONLY:=1
+endef
+
+define Package/python3-versioneer/description
+This is a tool for managing a recorded version number in
+setuptools-based python projects. The goal is to remove the tedious and
+error-prone "update the embedded version string" step from your release
+process. Making a new release should be as easy as recording a new tag
+in your version-control system, and maybe making new tarballs.
+endef
+
+$(eval $(call Py3Package,python3-versioneer))
+$(eval $(call BuildPackage,python3-versioneer))
+$(eval $(call BuildPackage,python3-versioneer-src))
+$(eval $(call HostBuild))
PYTHON3_VERSION:=$(PYTHON3_VERSION_MAJOR).$(PYTHON3_VERSION_MINOR)
-PYTHON3_SETUPTOOLS_PKG_RELEASE:=1
+PYTHON3_SETUPTOOLS_PKG_RELEASE:=2
PYTHON3_PIP_PKG_RELEASE:=1
PYTHON3_SETUPTOOLS_VERSION:=65.5.0
--- /dev/null
+From e359a7a3c4f9e70360a068bef19c95938fdacede Mon Sep 17 00:00:00 2001
+From: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
+Date: Wed, 23 Dec 2015 11:33:14 +0100
+Subject: [PATCH] Adjust library/header paths for cross-compilation
+
+When cross-compiling third-party extensions, the get_python_inc() or
+get_python_lib() can be called, to return the path to headers or
+libraries. However, they use the sys.prefix of the host Python, which
+returns incorrect paths when cross-compiling (paths pointing to host
+headers and libraries).
+
+In order to fix this, we introduce the _python_sysroot, _python_prefix
+and _python_exec_prefix variables, that allow to override these
+values, and get correct header/library paths when cross-compiling
+third-party Python modules.
+
+Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
+[adapt for setuptools, rename environment variable, use fixed lib path]
+Signed-off-by: Jeffery To <jeffery.to@gmail.com>
+---
+ Lib/distutils/command/build_ext.py | 5 ++++-
+ Lib/sysconfig.py | 15 +++++++++++----
+ 2 files changed, 15 insertions(+), 5 deletions(-)
+
+--- a/setuptools/_distutils/command/build_ext.py
++++ b/setuptools/_distutils/command/build_ext.py
+@@ -238,7 +238,10 @@ class build_ext(Command):
+ if sysconfig.get_config_var('Py_ENABLE_SHARED'):
+ if not sysconfig.python_build:
+ # building third party extensions
+- self.library_dirs.append(sysconfig.get_config_var('LIBDIR'))
++ libdir = sysconfig.get_config_var('LIBDIR')
++ if 'STAGING_DIR' in os.environ:
++ libdir = os.environ.get('STAGING_DIR') + '/usr/lib'
++ self.library_dirs.append(libdir)
+ else:
+ # building python standard extensions
+ self.library_dirs.append('.')
PKG_NAME:=rust
PKG_VERSION:=1.73.0
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=rustc-$(PKG_VERSION)-src.tar.gz
PKG_SOURCE_URL:=https://static.rust-lang.org/dist/
PKG_LICENSE_FILES:=LICENSE-APACHE LICENSE-MIT
PKG_HOST_ONLY:=1
+PKG_BUILD_FLAGS:=no-mips16
include $(INCLUDE_DIR)/host-build.mk
include $(INCLUDE_DIR)/package.mk
define Host/Compile
$(RUST_SCCACHE_VARS) \
CARGO_HOME=$(CARGO_HOME) \
+ TARGET_CFLAGS="$(TARGET_CFLAGS)" \
OPENWRT_RUSTC_BOOTSTRAP_CACHE=$(DL_DIR)/rustc \
$(PYTHON) $(HOST_BUILD_DIR)/x.py \
--build-dir $(HOST_BUILD_DIR)/build \
os.makedirs(rustc_cache)
--- a/src/bootstrap/download.rs
+++ b/src/bootstrap/download.rs
-@@ -520,7 +520,10 @@ impl Config {
+@@ -202,7 +202,13 @@ impl Config {
+ Some(other) => panic!("unsupported protocol {other} in {url}"),
+ None => panic!("no protocol in {url}"),
+ }
+- t!(std::fs::rename(&tempfile, dest_path));
++ match std::fs::rename(&tempfile, dest_path) {
++ Ok(v) => v,
++ Err(_) => {
++ t!(std::fs::copy(&tempfile, dest_path));
++ t!(std::fs::remove_file(&tempfile));
++ }
++ }
+ }
+
+ fn download_http_with_retries(&self, tempfile: &Path, url: &str, help_on_error: &str) {
+@@ -520,7 +526,10 @@ impl Config {
key: &str,
destination: &str,
) {
let cache_dir = cache_dst.join(key);
if !cache_dir.exists() {
t!(fs::create_dir_all(&cache_dir));
-@@ -647,7 +650,10 @@ download-rustc = false
+@@ -647,7 +656,10 @@ download-rustc = false
let llvm_assertions = self.llvm_assertions;
let cache_prefix = format!("llvm-{llvm_sha}-{llvm_assertions}");
PKG_NAME:=efivar
PKG_VERSION:=38
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://github.com/rhboot/efivar/releases/download/$(PKG_VERSION)
SECTION:=libs
CATEGORY:=Libraries
TITLE:=Tools and libraries to work with EFI variables
- DEPENDS:=@TARGET_x86_64
+ DEPENDS:=@(TARGET_x86_64||TARGET_armsr_armv8)
URL:=https://github.com/rhboot/efibootmgr
endef
--- /dev/null
+From ca48d3964d26f5e3b38d73655f19b1836b16bd2d Mon Sep 17 00:00:00 2001
+From: Alexander Kanavin <alex@linutronix.de>
+Date: Tue, 18 Jan 2022 11:53:41 +0100
+Subject: [PATCH] src/Makefile: build util.c separately for makeguids
+
+util.c needs to be built twice when cross-compiling:
+for the build machine to be able to link with
+makeguids which then runs during the same build,
+and then for the actual target.
+
+Signed-off-by: Alexander Kanavin <alex@linutronix.de>
+---
+ src/Makefile | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+--- a/src/Makefile
++++ b/src/Makefile
+@@ -28,10 +28,13 @@ EFIVAR_OBJECTS = $(patsubst %.S,%.o,$(pa
+ EFISECDB_SOURCES = efisecdb.c guid-symbols.c secdb-dump.c util.c
+ EFISECDB_OBJECTS = $(patsubst %.S,%.o,$(patsubst %.c,%.o,$(EFISECDB_SOURCES)))
+ GENERATED_SOURCES = include/efivar/efivar-guids.h guid-symbols.c
+-MAKEGUIDS_SOURCES = makeguids.c util.c
++MAKEGUIDS_SOURCES = makeguids.c util-makeguids.c
+ MAKEGUIDS_OBJECTS = $(patsubst %.S,%.o,$(patsubst %.c,%.o,$(MAKEGUIDS_SOURCES)))
+ MAKEGUIDS_OUTPUT = $(GENERATED_SOURCES) guids.lds
+
++util-makeguids.c : util.c
++ cp util.c util-makeguids.c
++
+ ALL_SOURCES=$(LIBEFISEC_SOURCES) $(LIBEFIBOOT_SOURCES) $(LIBEFIVAR_SOURCES) \
+ $(MAKEGUIDS_SOURCES) $(GENERATED_SOURCES) $(EFIVAR_SOURCES) \
+ $(sort $(wildcard include/efivar/*.h))
include $(TOPDIR)/rules.mk
PKG_NAME:=libndpi
-PKG_VERSION:=4.6
+PKG_VERSION:=4.8
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/ntop/nDPI/tar.gz/$(PKG_VERSION)?
-PKG_HASH:=6f307e23ab11b2b9e84a696120810e27a854072576a49783ff84fd37a1d7411b
+PKG_HASH:=8f6235ba672d4ac8e4cbebb5611bc712a74587d9d53a649f483e4bcca5b80e58
PKG_BUILD_DIR:=$(BUILD_DIR)/nDPI-$(PKG_VERSION)
PKG_MAINTAINER:=Banglang Huang <banglang.huang@foxmail.com>, Toni Uhlig <matzeton@googlemail.com>
endif
ifneq ($(CONFIG_LIBNDPI_PCRE),)
-CONFIGURE_ARGS += --with-pcre
+CONFIGURE_ARGS += --with-pcre2
endif
ifneq ($(CONFIG_LIBNDPI_MAXMINDDB),)
CATEGORY:=Libraries
TITLE:=Library for deep-packet inspection
URL:=https://github.com/ntop/nDPI
- DEPENDS:=+LIBNDPI_GCRYPT:libgcrypt +LIBNDPI_PCRE:libpcre +LIBNDPI_MAXMINDDB:libmaxminddb +LIBNDPI_NDPIREADER:libpcap
+ DEPENDS:=+LIBNDPI_GCRYPT:libgcrypt +LIBNDPI_PCRE:libpcre2 +LIBNDPI_MAXMINDDB:libmaxminddb +LIBNDPI_NDPIREADER:libpcap
endef
define Package/libndpi/description
--- /dev/null
+From 8fed2be3d5b83949fabb2bdf39d6de4f24d2e68f Mon Sep 17 00:00:00 2001
+From: Christian Marangi <ansuelsmth@gmail.com>
+Date: Mon, 30 Oct 2023 18:10:51 +0100
+Subject: [PATCH] Move from PCRE to PCRE2
+
+Move from PCRE to PCRE2. PCRE is EOL and won't receive any security
+updates anymore. Convert to PCRE2 by converting any function PCRE2 new
+API.
+
+Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
+---
+ configure.ac | 18 ++++----
+ src/lib/ndpi_utils.c | 46 ++++++++++-----------
+ src/lib/third_party/include/rce_injection.h | 6 +--
+ tests/do.sh.in | 4 +-
+ 4 files changed, 37 insertions(+), 37 deletions(-)
+
+--- a/configure.ac
++++ b/configure.ac
+@@ -359,14 +359,14 @@ AS_IF([test "${with_local_libgcrypt+set}
+ AC_DEFINE_UNQUOTED(USE_HOST_LIBGCRYPT, 1, [Use locally installed libgcrypt instead of builtin gcrypt-light])
+ ])
+
+-dnl> PCRE
+-PCRE_ENABLED=0
+-AC_ARG_WITH(pcre, AS_HELP_STRING([--with-pcre], [Enable nDPI build with libpcre]))
+-if test "${with_pcre+set}" = set; then :
+- AC_CHECK_LIB(pcre, pcre_compile, AC_DEFINE_UNQUOTED(HAVE_PCRE, 1, [libpcre(-dev) is present]))
+- if test "x$ac_cv_lib_pcre_pcre_compile" = xyes; then :
+- ADDITIONAL_LIBS="${ADDITIONAL_LIBS} -lpcre"
+- PCRE_ENABLED=1
++dnl> PCRE2
++PCRE2_ENABLED=0
++AC_ARG_WITH(pcre2, AS_HELP_STRING([--with-pcre2], [Enable nDPI build with libpcre2]))
++if test "${with_pcre2+set}" = set; then :
++ AC_CHECK_LIB(pcre2-8, pcre2_compile_8, AC_DEFINE_UNQUOTED(HAVE_PCRE2, 1, [libpcre2(-dev) is present]))
++ if test "x$ac_cv_lib_pcre2_8_pcre2_compile_8" = xyes; then :
++ ADDITIONAL_LIBS="${ADDITIONAL_LIBS} -lpcre2-8"
++ PCRE2_ENABLED=1
+ fi
+ fi
+
+@@ -420,7 +420,7 @@ AC_SUBST(GPROF_CFLAGS)
+ AC_SUBST(GPROF_LIBS)
+ AC_SUBST(GPROF_ENABLED)
+ AC_SUBST(USE_HOST_LIBGCRYPT)
+-AC_SUBST(PCRE_ENABLED)
++AC_SUBST(PCRE2_ENABLED)
+ AC_SUBST(NBPF_ENABLED)
+ AC_SUBST(HANDLE_TLS_SIGS)
+ AC_SUBST(DISABLE_NPCAP)
+--- a/src/lib/ndpi_utils.c
++++ b/src/lib/ndpi_utils.c
+@@ -62,12 +62,12 @@
+
+ // #define DEBUG_REASSEMBLY
+
+-#ifdef HAVE_PCRE
+-#include <pcre.h>
++#ifdef HAVE_PCRE2
++#define PCRE2_CODE_UNIT_WIDTH 8
++#include <pcre2.h>
+
+-struct pcre_struct {
+- pcre *compiled;
+- pcre_extra *optimized;
++struct pcre2_struct {
++ pcre2_code *compiled;
+ };
+ #endif
+
+@@ -1712,18 +1712,19 @@ static int ndpi_is_xss_injection(char* q
+
+ /* ********************************** */
+
+-#ifdef HAVE_PCRE
++#ifdef HAVE_PCRE2
+
+ static void ndpi_compile_rce_regex() {
+- const char *pcreErrorStr = NULL;
+- int pcreErrorOffset;
++ PCRE2_UCHAR pcreErrorStr[128];
++ PCRE2_SIZE pcreErrorOffset;
++ int pcreErrorCode;
+
+ for(int i = 0; i < N_RCE_REGEX; i++) {
+- comp_rx[i] = (struct pcre_struct*)ndpi_malloc(sizeof(struct pcre_struct));
++ comp_rx[i] = (struct pcre2_struct*)ndpi_malloc(sizeof(struct pcre2_struct));
+
+- comp_rx[i]->compiled = pcre_compile(rce_regex[i], 0, &pcreErrorStr,
++ comp_rx[i]->compiled = pcre2_compile((PCRE2_SPTR)rce_regex[i], PCRE2_ZERO_TERMINATED, 0, &pcreErrorCode,
+ &pcreErrorOffset, NULL);
+-
++ pcre2_get_error_message(pcreErrorCode, pcreErrorStr, 128);
+ if(comp_rx[i]->compiled == NULL) {
+ #ifdef DEBUG
+ NDPI_LOG_ERR(ndpi_str, "ERROR: Could not compile '%s': %s\n", rce_regex[i],
+@@ -1733,17 +1734,16 @@ static void ndpi_compile_rce_regex() {
+ continue;
+ }
+
+- comp_rx[i]->optimized = pcre_study(comp_rx[i]->compiled, 0, &pcreErrorStr);
++ pcreErrorCode = pcre2_jit_compile(comp_rx[i]->compiled, PCRE2_JIT_COMPLETE);
+
+ #ifdef DEBUG
+- if(pcreErrorStr != NULL) {
+- NDPI_LOG_ERR(ndpi_str, "ERROR: Could not study '%s': %s\n", rce_regex[i],
++ if(pcreErrorCode < 0) {
++ pcre2_get_error_message(pcreErrorCode, pcreErrorStr, 128);
++ NDPI_LOG_ERR(ndpi_str, "ERROR: Could not jit compile '%s': %s\n", rce_regex[i],
+ pcreErrorStr);
+ }
+ #endif
+ }
+-
+- ndpi_free((void *)pcreErrorStr);
+ }
+
+ static int ndpi_is_rce_injection(char* query) {
+@@ -1752,17 +1752,17 @@ static int ndpi_is_rce_injection(char* q
+ initialized_comp_rx = 1;
+ }
+
++ pcre2_match_data *pcreMatchData;
+ int pcreExecRet;
+- int subStrVec[30];
+
+ for(int i = 0; i < N_RCE_REGEX; i++) {
+ unsigned int length = strlen(query);
+
+- pcreExecRet = pcre_exec(comp_rx[i]->compiled,
+- comp_rx[i]->optimized,
+- query, length, 0, 0, subStrVec, 30);
+-
+- if(pcreExecRet >= 0) {
++ pcreMatchData = pcre2_match_data_create_from_pattern(comp_rx[i]->compiled, NULL);
++ pcreExecRet = pcre2_match(comp_rx[i]->compiled,
++ (PCRE2_SPTR)query, length, 0, 0, pcreMatchData, NULL);
++ pcre2_match_data_free(pcreMatchData);
++ if(pcreExecRet > 0) {
+ return 1;
+ }
+ #ifdef DEBUG
+@@ -1852,7 +1852,7 @@ ndpi_risk_enum ndpi_validate_url(char *u
+ rc = NDPI_URL_POSSIBLE_XSS;
+ else if(ndpi_is_sql_injection(decoded))
+ rc = NDPI_URL_POSSIBLE_SQL_INJECTION;
+-#ifdef HAVE_PCRE
++#ifdef HAVE_PCRE2
+ else if(ndpi_is_rce_injection(decoded))
+ rc = NDPI_URL_POSSIBLE_RCE_INJECTION;
+ #endif
+--- a/src/lib/third_party/include/rce_injection.h
++++ b/src/lib/third_party/include/rce_injection.h
+@@ -1,4 +1,4 @@
+-#ifdef HAVE_PCRE
++#ifdef HAVE_PCRE2
+
+ #ifndef NDPI_RCE_H
+ #define NDPI_RCE_H
+@@ -8,7 +8,7 @@
+ #define N_RCE_REGEX 7
+
+ /* Compiled regex */
+-static struct pcre_struct *comp_rx[N_RCE_REGEX];
++static struct pcre2_struct *comp_rx[N_RCE_REGEX];
+
+ static unsigned int initialized_comp_rx = 0;
+
+@@ -615,4 +615,4 @@ static const char *pwsh_commands[] = {
+ "-PSConsoleFile"
+ };
+
+-#endif //HAVE_PCRE
+\ No newline at end of file
++#endif //HAVE_PCRE2
+\ No newline at end of file
+--- a/tests/do.sh.in
++++ b/tests/do.sh.in
+@@ -26,7 +26,7 @@ CMD_COLORDIFF="$(which colordiff)"
+
+ EXE_SUFFIX=@EXE_SUFFIX@
+ GPROF_ENABLED=@GPROF_ENABLED@
+-PCRE_ENABLED=@PCRE_ENABLED@
++PCRE2_ENABLED=@PCRE2_ENABLED@
+ PCRE_PCAPS="WebattackRCE.pcap"
+ NBPF_ENABLED=@NBPF_ENABLED@
+ NBPF_PCAPS="h323-overflow.pcap"
+@@ -84,7 +84,7 @@ check_results() {
+ [ $SKIP_PCAP = 1 ] && continue
+ fi
+ SKIP_PCAP=0
+- if [ $PCRE_ENABLED -eq 0 ]; then
++ if [ $PCRE2_ENABLED -eq 0 ]; then
+ for p in $PCRE_PCAPS; do
+ if [ $f = $p ]; then
+ SKIP_PCAP=1
include $(TOPDIR)/rules.mk
PKG_NAME:=newt
-PKG_VERSION:=0.52.23
+PKG_VERSION:=0.52.24
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://releases.pagure.org/newt
-PKG_HASH:=caa372907b14ececfe298f0d512a62f41d33b290610244a58aed07bbc5ada12a
+PKG_HASH:=5ded7e221f85f642521c49b1826c8de19845aa372baf5d630a51774b544fbdbb
PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
PKG_LICENSE:=LGPL-2.0-only
--- /dev/null
+#!/bin/sh
+
+case "$1" in
+
+python3-newt)
+ python3 -c 'import snack'
+ ;;
+
+whiptail)
+ whiptail --version | grep -Fx "whiptail (newt): $PKG_VERSION"
+ ;;
+
+esac
--- /dev/null
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=nghttp3
+PKG_VERSION:=1.0.0
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://github.com/ngtcp2/nghttp3/releases/download/v$(PKG_VERSION)/
+PKG_HASH:=2e5b5a39415b9a0d160bbcb90b37bef7d8aee44ae504e8c0ddcb31aa92435988
+
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=COPYING
+PKG_MAINTAINER:=Stan Grishin <stangri@melmac.ca>
+
+CMAKE_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
+
+define Package/libnghttp3
+ SECTION:=libs
+ CATEGORY:=Libraries
+ TITLE:=HTTP/3 library written in C
+ URL:=https://nghttp2.org/nghttp3
+endef
+
+define Package/libnghttp3/description
+ nghttp3 is a thin HTTP/3 layer over an underlying QUIC stack.
+endef
+
+CMAKE_OPTIONS += -DENABLE_LIB_ONLY=ON
+
+define Package/libnghttp3/install
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libnghttp3.so* $(1)/usr/lib
+endef
+
+$(eval $(call BuildPackage,libnghttp3))
--- /dev/null
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=ngtcp2
+PKG_VERSION:=1.0.1
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://github.com/ngtcp2/ngtcp2/releases/download/v$(PKG_VERSION)/
+PKG_HASH:=df03e7e91110fcbb165ae048fa671f1dd39f77b841df3a14aef076a1c192cc27
+
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=COPYING
+PKG_MAINTAINER:=Stan Grishin <stangri@melmac.ca>
+
+CMAKE_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
+
+define Package/libngtcp2
+ SECTION:=libs
+ CATEGORY:=Libraries
+ TITLE:=Implementation of QUIC protocol
+ URL:=https://nghttp2.org/ngtcp2
+ DEPENDS:=+libnghttp3 +libopenssl
+endef
+
+define Package/libngtcp2/description
+ ngtcp2 project is an effort to implement QUIC protocol which is now being discussed in IETF QUICWG for its standardization.
+endef
+
+CMAKE_OPTIONS += -DENABLE_LIB_ONLY=ON
+
+define Package/libngtcp2/install
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libngtcp2*.so* $(1)/usr/lib
+endef
+
+$(eval $(call BuildPackage,libngtcp2))
include $(INCLUDE_DIR)/package.mk
CONFIGURE_ARGS += \
- --with-unixodbc=$(STAGING_DIR_HOST)/bin/odbc_config \
+ --with-unixodbc=$(STAGING_DIR)/host/bin/odbc_config \
--with-libpq=$(STAGING_DIR)/usr
define Package/psqlodbc/Default
include $(TOPDIR)/rules.mk
PKG_NAME:=unixodbc
-PKG_VERSION:=2.3.9
-PKG_RELEASE:=2
+PKG_VERSION:=2.3.12
+PKG_RELEASE:=1
PKG_SOURCE:=unixODBC-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://www.unixodbc.org
-PKG_HASH:=52833eac3d681c8b0c9a5a65f2ebd745b3a964f208fc748f977e44015a31b207
+PKG_HASH:=f210501445ce21bf607ba51ef8c125e10e22dffdffec377646462df5f01915ec
PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>
-PKG_LICENSE:=prog GPL libs LGPL
+PKG_LICENSE:=LGPL-2.1-or-later GPL-2.0-or-later
+PKG_LICENSE_FILES:=COPYING exe/COPYING
PKG_CPE_ID:=cpe:/a:unixodbc:unixodbc
PKG_BUILD_DIR:=$(BUILD_DIR)/unixODBC-$(PKG_VERSION)
-HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/unixODBC-$(PKG_VERSION)
-HOST_BUILD_DEPENDS:=unixodbc
+HOST_BUILD_DIR:=$(BUILD_DIR)/host/unixODBC-$(PKG_VERSION)
+PKG_BUILD_PARALLEL:=1
PKG_FIXUP:=autoreconf
+PKG_INSTALL:=1
+
+HOST_BUILD_DEPENDS:=unixodbc
+HOST_BUILD_PARALLEL:=1
# if your other package depends on unixodbc and needs
# odbc_config, add to your other Makefile
CONFIGURE_ARGS += \
--disable-gui \
--with-pic \
- --enable-drivers \
- --includedir=$(STAGING_DIR)/usr/include
+ --enable-drivers
define Package/unixodbc/Default
SUBMENU:=Database
TITLE:=unixODBC
- URL:=http://www.unixodbc.org
+ URL:=https://www.unixodbc.org
+endef
+
+define Package/unixodbc/Default/description
+unixODBC is an Open Source ODBC sub-system and an ODBC SDK for Linux,
+Mac OSX, and UNIX.
+endef
+
+define Package/libodbc
+$(call Package/unixodbc/Default)
+ TITLE+= Driver Manager library
+ SECTION:=libs
+ CATEGORY:=Libraries
+ DEPENDS:=+libltdl +libpthread
+ ABI_VERSION:=2
+endef
+
+define Package/libodbc/description
+$(call Package/unixodbc/Default/description)
+
+This package provides the unixODBC Driver Manager library.
+endef
+
+define Package/libodbccr
+$(call Package/unixodbc/Default)
+ TITLE+= Cursor library
+ SECTION:=libs
+ CATEGORY:=Libraries
+ DEPENDS:=+libodbc +libltdl +libpthread
+ ABI_VERSION:=2
+endef
+
+define Package/libodbccr/description
+$(call Package/unixodbc/Default/description)
+
+This package provides the unixODBC Cursor library.
+endef
+
+define Package/libodbcinst
+$(call Package/unixodbc/Default)
+ TITLE+= Configuration library
+ SECTION:=libs
+ CATEGORY:=Libraries
+ DEPENDS:=+libltdl +libpthread
+ ABI_VERSION:=2
+endef
+
+define Package/libodbcinst/description
+$(call Package/unixodbc/Default/description)
+
+This package provides the unixODBC Configuration library.
endef
define Package/unixodbc
- $(call Package/unixodbc/Default)
+$(call Package/unixodbc/Default)
TITLE+= (libraries)
SECTION:=libs
CATEGORY:=Libraries
- DEPENDS:=+libltdl +libpthread
+ DEPENDS:=+libodbc +libodbccr +libodbcinst
endef
define Package/unixodbc/description
- unixODBC is an Open Source ODBC sub-system and an ODBC SDK for Linux,
- Mac OSX, and UNIX.
+$(call Package/unixodbc/Default/description)
+
+This package installs the unixODBC Driver Manager, Cursor, and
+Configuration libraries. This package is provided for backwards
+compatibility; these libraries are available in separate packages.
endef
define Package/unixodbc-tools
- $(call Package/unixodbc/Default)
+$(call Package/unixodbc/Default)
SECTION:=utils
CATEGORY:=Utilities
TITLE+= Tools
- DEPENDS:=+unixodbc +libncurses +libreadline
+ DEPENDS:=+libodbc +libodbcinst +libltdl +libreadline
endef
define Package/unixodbc-tools/description
- Command Line Tools to help install a driver and work with SQL.
+$(call Package/unixodbc/Default/description)
+
+This package provides command-line tools to help install a driver and
+work with SQL.
endef
define Package/pgsqlodbc
- $(call Package/unixodbc/Default)
+$(call Package/unixodbc/Default)
SECTION:=libs
CATEGORY:=Libraries
- TITLE:=Postgresql driver for ODBC
- DEPENDS:=+unixodbc +libpq
+ TITLE:=PostgreSQL driver for ODBC
+ DEPENDS:=+libodbc +libpq +libltdl +libpthread
+ ABI_VERSION:=2
endef
define Package/pgsqlodbc/description
- Postgresql driver for ODBC.
-endef
+$(call Package/unixodbc/Default/description)
-define Build/Compile
- $(MAKE) -C $(PKG_BUILD_DIR) \
- DESTDIR="$(PKG_INSTALL_DIR)" \
- $(MAKE_FLAGS) \
- ARCH="$(ARCH)" \
- CC="$(TARGET_CC)"
- $(MAKE) -C $(PKG_BUILD_DIR) \
- DESTDIR="$(PKG_INSTALL_DIR)" \
- $(MAKE_FLAGS) \
- ARCH="$(ARCH)" \
- install -i
+This package provides the PostgreSQL driver for ODBC.
endef
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include
- $(CP) $(PKG_INSTALL_DIR)/$(STAGING_DIR)/usr/include/*.h $(1)/usr/include/
+ $(CP) $(PKG_INSTALL_DIR)/usr/include/*.h $(1)/usr/include/
# Save autoconf config.h file for host build
# copy target autoconf config.h and unixodbc_conf.h file for host build
- $(INSTALL_DIR) $(1)/tmp/unixodbc
- $(CP) $(PKG_BUILD_DIR)/config.h $(1)/tmp/unixodbc/
- $(CP) $(PKG_BUILD_DIR)/unixodbc_conf.h $(1)/tmp/unixodbc/
+ $(INSTALL_DIR) $(1)/usr/include/unixodbc
+ $(CP) $(PKG_BUILD_DIR)/config.h $(1)/usr/include/unixodbc/
+ $(CP) $(PKG_BUILD_DIR)/unixodbc_conf.h $(1)/usr/include/unixodbc/
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/* $(1)/usr/lib/
$(INSTALL_DIR) $(1)/etc
$(CP) $(PKG_INSTALL_DIR)/etc/odbc* $(1)/etc/
$(INSTALL_DIR) $(1)/etc/ODBCDataSources
- $(TARGET_CC) $(TARGET_CFLAGS) -E ./files/unixodbc_conf.h | tr '@' '\#' >$(1)/usr/include/unixodbc_conf.h
endef
-define Package/unixodbc/install
+define Package/libodbc/install
$(INSTALL_DIR) $(1)/usr/lib
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/libodbc[ci]*so* $(1)/usr/lib/
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/libodbc.*so* $(1)/usr/lib/
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/libnn*so* $(1)/usr/lib/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libodbc.so* $(1)/usr/lib/
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/odbc.init $(1)/etc/init.d/odbc
$(LN) /tmp/etc/odbcinst.ini $(1)/etc/odbcinst.ini
endef
+define Package/libodbccr/install
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libodbccr.so* $(1)/usr/lib/
+endef
+
+define Package/libodbcinst/install
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libodbcinst.so* $(1)/usr/lib/
+endef
+
+Package/unixodbc/install:=:
+
define Package/unixodbc-tools/install
$(INSTALL_DIR) $(1)/usr/bin
$(CP) $(PKG_INSTALL_DIR)/usr/bin/{dltest,isql,iusql,odbcinst,slencheck} $(1)/usr/bin/
define Package/pgsqlodbc/install
$(INSTALL_DIR) $(1)/usr/lib
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/libodbcpsql*so* $(1)/usr/lib/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libodbcpsql.so* $(1)/usr/lib/
$(INSTALL_DIR) $(1)/etc/odbcinst.ini.d/
- echo "[PostgreSQL]" > $(1)/etc/odbcinst.ini.d/pgsqlodbc.ini
- echo "Description = unixODBC PostgreSQL driver" >> $(1)/etc/odbcinst.ini.d/pgsqlodbc.ini
- echo "Driver = /usr/lib/libodbcpsql.so" >> $(1)/etc/odbcinst.ini.d/pgsqlodbc.ini
+ $(INSTALL_DATA) ./files/pgsqlodbc.ini $(1)/etc/odbcinst.ini.d/
endef
define Host/Configure
$(call Host/Configure/Default)
- cp $(STAGING_DIR)/tmp/unixodbc/config.h $(HOST_BUILD_DIR)
- sed -i -e 's!\(LIB_PREFIX \).*$$$$!\1"$(STAGING_DIR)/usr/lib"!' $(HOST_BUILD_DIR)/config.h
- cp $(STAGING_DIR)/tmp/unixodbc/unixodbc_conf.h $(HOST_BUILD_DIR)
+ $(CP) $(STAGING_DIR)/usr/include/unixodbc/config.h $(HOST_BUILD_DIR)
+ $(CP) $(STAGING_DIR)/usr/include/unixodbc/unixodbc_conf.h $(HOST_BUILD_DIR)
+ $(CP) $(STAGING_DIR)/usr/include/unixodbc.h $(HOST_BUILD_DIR)
+ $(SED) 's!^#define INCLUDE_PREFIX ".*"!#define INCLUDE_PREFIX "$(STAGING_DIR)/usr/include"!' \
+ -e 's!^#define LIB_PREFIX ".*"!#define LIB_PREFIX "$(STAGING_DIR)/usr/lib"!' \
+ $(HOST_BUILD_DIR)/config.h \
+ $(HOST_BUILD_DIR)/unixodbc_conf.h
endef
define Host/Compile
- $(MAKE) -C $(HOST_BUILD_DIR)/exe \
- DESTDIR="$(HOST_INSTALL_DIR)" \
- CC="$(HOSTCC)" \
- CFLAGS="$(HOST_CFLAGS) -DUSE_UNIXODBC_CONF_H" \
- LDFLAGS="$(HOST_LDFLAGS)" \
- odbc_config
+ $(call Host/Compile/Default,-C $(HOST_BUILD_DIR)/exe odbc_config)
endef
define Host/Install
- $(INSTALL_DIR) $(STAGING_DIR_HOST)/bin
- $(INSTALL_BIN) $(HOST_BUILD_DIR)/exe/odbc_config $(STAGING_DIR_HOST)/bin
+ $(INSTALL_DIR) $(STAGING_DIR)/host/bin
+ $(INSTALL_BIN) $(HOST_BUILD_DIR)/exe/odbc_config $(STAGING_DIR)/host/bin/
endef
+$(eval $(call BuildPackage,libodbc))
+$(eval $(call BuildPackage,libodbccr))
+$(eval $(call BuildPackage,libodbcinst))
$(eval $(call BuildPackage,unixodbc))
$(eval $(call BuildPackage,unixodbc-tools))
$(eval $(call BuildPackage,pgsqlodbc))
--- /dev/null
+[PostgreSQL]
+Description = unixODBC PostgreSQL driver
+Driver = /usr/lib/libodbcpsql.so
+++ /dev/null
-@ifndef HAVE_UNISTD_H
- @define HAVE_UNISTD_H
-@endif
-@ifndef HAVE_PWD_H
- @define HAVE_PWD_H
-@endif
-@ifndef HAVE_SYS_TYPES_H
- @define HAVE_SYS_TYPES_H
-@endif
-@ifndef HAVE_LONG_LONG
- @define HAVE_LONG_LONG
-@endif
-@ifndef ODBCINT64
- @define ODBCINT64 long
-@endif
-@ifndef UODBCINT64
- @define UODBCINT64 unsigned long
-@endif
-@ifndef SIZEOF_LONG_INT
- @define SIZEOF_LONG_INT __SIZEOF_LONG__
-@endif
-
\ No newline at end of file
+++ /dev/null
---- a/exe/odbc-config.c
-+++ b/exe/odbc-config.c
-@@ -40,6 +40,33 @@
- #include <unistd.h>
- #endif
-
-+#ifdef USE_UNIXODBC_CONF_H
-+
-+#ifdef HAVE_UNISTD_H
-+#undef HAVE_UNISTD_H
-+#endif
-+#ifdef HAVE_PWD_H
-+#undef HAVE_PWD_H
-+#endif
-+#ifdef HAVE_SYS_TYPES_H
-+#undef HAVE_SYS_TYPES_H
-+#endif
-+#ifdef HAVE_LONG_LONG
-+#undef HAVE_LONG_LONG
-+#endif
-+#ifdef ODBCINT64
-+#undef ODBCINT64
-+#endif
-+#ifdef UODBCINT64
-+#undef UODBCINT64
-+#endif
-+#ifdef SIZEOF_LONG_INT
-+#undef SIZEOF_LONG_INT
-+#endif
-+
-+#include <unixodbc_conf.h>
-+#endif
-+
- #include <sql.h>
-
- static void usage( void )
--- /dev/null
+#!/bin/sh
+
+[ "$1" = unixodbc-tools ] || exit 0
+
+isql --version | grep -Fx "unixODBC $PKG_VERSION"
include $(TOPDIR)/rules.mk
PKG_NAME:=exim
-PKG_VERSION:=4.96.1
+PKG_VERSION:=4.96.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://ftp.exim.org/pub/exim/exim4/
-PKG_HASH:=93ac0755c317e1fdbbea8ccb70a868876bdf3148692891c72ad0fe816767033d
+PKG_HASH:=038e327e8d1e93d005bac9bb06fd22aec44d5028930d6dbe8817ad44bbfc1de6
PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
PKG_LICENSE:=GPL-2.0-or-later
#endif
--- a/src/string.c
+++ b/src/string.c
-@@ -418,6 +418,7 @@ return ss;
+@@ -428,6 +428,7 @@ return ss;
#if (defined(HAVE_LOCAL_SCAN) || defined(EXPAND_DLFUNC)) \
&& !defined(MACRO_PREDEF) && !defined(COMPILE_UTILITY)
/*************************************************
* Copy and save string *
*************************************************/
-@@ -463,6 +464,7 @@ string_copyn_function(const uschar * s,
+@@ -473,6 +474,7 @@ string_copyn_function(const uschar * s,
{
return string_copyn(s, n);
}
include $(TOPDIR)/rules.mk
PKG_NAME:=fdm
-PKG_VERSION:=2.0
-PKG_RELEASE:=3
+PKG_VERSION:=2.2
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/nicm/fdm/releases/download/$(PKG_VERSION)
-PKG_HASH:=06b28cb6b792570bc61d7e29b13d2af46b92fea77e058b2b17e11e8f7ed0cea4
+PKG_HASH:=53aad117829834e21c1b9bf20496a1aa1c0e0fb98fe7735e1e73314266fb6c16
PKG_MAINTAINER:=Dmitry V. Zimin <pfzim@mail.ru>
PKG_LICENSE:=BSD-2-Clause
TITLE:=fetch mail and deliver
URL:=https://github.com/nicm/fdm
MENU:=1
- DEPENDS:=+tdb +zlib +libopenssl +FDM_WITH_PCRE:libpcre
+ DEPENDS:=+tdb +zlib +libopenssl +FDM_WITH_PCRE:libpcre2
USERID:=_fdm=99:_fdm=99
endef
endef
ifdef CONFIG_FDM_WITH_PCRE
- CONFIGURE_ARGS += --enable-pcre
+ CONFIGURE_ARGS += --enable-pcre2
endif
define Package/fdm/config
+++ /dev/null
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -123,6 +123,3 @@ endif
- if NO_STRTONUM
- nodist_fdm_SOURCES += compat/strtonum.c
- endif
--if NO_B64_NTOP
--nodist_fdm_SOURCES += compat/base64.c
--endif
+++ /dev/null
-From 3aa079c4885d89257c5033b4992011511b603150 Mon Sep 17 00:00:00 2001
-From: Rosen Penev <rosenp@gmail.com>
-Date: Tue, 26 Jun 2018 14:14:34 -0700
-Subject: [PATCH] Fix compile with OpenSSL 1.1.0
-
-OpenSSL 1.1.0 deprecared SSL_library_init and SSL_load_error_strings.
-They're part of OPENSSL_init_ssl now.
----
- fdm.c | 2 ++
- 1 file changed, 2 insertions(+)
-
---- a/fdm.c
-+++ b/fdm.c
-@@ -717,8 +717,10 @@ retry:
- }
- conf.lock_file = lock;
-
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- SSL_library_init();
- SSL_load_error_strings();
-+#endif
-
- /* Filter account list. */
- TAILQ_INIT(&actaq);
+++ /dev/null
-From 3232e537ccaba4417b25d9d70264e4a5533042da Mon Sep 17 00:00:00 2001
-From: Nicholas Marriott <nicholas.marriott@gmail.com>
-Date: Mon, 18 Mar 2019 13:04:00 +0000
-Subject: [PATCH] Fix bas64 declarations, from makepost at firemail dot cc.
-
----
- fdm.h | 5 ++---
- 1 file changed, 2 insertions(+), 3 deletions(-)
-
---- a/fdm.h
-+++ b/fdm.h
-@@ -20,7 +20,6 @@
- #define FDM_H
-
- #include <sys/param.h>
--#include <sys/cdefs.h>
- #include <sys/stat.h>
-
- #ifdef HAVE_QUEUE_H
-@@ -725,8 +724,8 @@ size_t strlcat(char *, const char *, s
-
- #ifndef HAVE_B64_NTOP
- /* base64.c */
--int b64_ntop(src, srclength, target, targsize);
--int b64_pton(src, target, targsize);
-+int b64_ntop(u_char const *, size_t, char *, size_t);
-+int b64_pton(char const *, u_char *, size_t);
- #endif
-
- /* shm.c */
--- /dev/null
+From f1ec1982725d60045c0d871f3e613f2880046c22 Mon Sep 17 00:00:00 2001
+From: Nicholas Marriott <nicholas.marriott@gmail.com>
+Date: Wed, 1 Feb 2023 15:31:30 +0000
+Subject: [PATCH] Fix bugs in PCRE2 code - don't walk off the end of the match
+ list if NOMATCH is returned, and don't stop on empty matches. From Thomas
+ Hurst.
+
+---
+ pcre.c | 45 ++++++++++++++++++++++++++-------------------
+ 1 file changed, 26 insertions(+), 19 deletions(-)
+
+--- a/pcre.c
++++ b/pcre.c
+@@ -66,7 +66,7 @@ int
+ re_block(struct re *re, const void *buf, size_t len, struct rmlist *rml,
+ char **cause)
+ {
+- int res;
++ int res, ret;
+ pcre2_match_data *pmd;
+ PCRE2_SIZE *ovector;
+ u_int i, j;
+@@ -85,27 +85,34 @@ re_block(struct re *re, const void *buf,
+ }
+
+ pmd = pcre2_match_data_create_from_pattern(re->pcre2, NULL);
+- res = pcre2_match(re->pcre2, buf, len, 0, 0, pmd, NULL);
+- if (res < 0 && res != PCRE2_ERROR_NOMATCH) {
+- xasprintf(cause, "%s: regexec failed", re->str);
+- pcre2_match_data_free(pmd);
+- return (-1);
+- }
++ if (pmd == NULL)
++ fatalx("pcre2_match_data_create_from_pattern failed");
+
+- if (rml != NULL) {
+- ovector = pcre2_get_ovector_pointer(pmd);
+- for (i = 0; i < res; i++) {
+- j = i * 2;
+- if (ovector[j + 1] <= ovector[j])
+- break;
+- rml->list[i].valid = 1;
+- rml->list[i].so = ovector[j];
+- rml->list[i].eo = ovector[j + 1];
++ res = pcre2_match(re->pcre2, buf, len, 0, 0, pmd, NULL);
++ if (res > 0) {
++ if (rml != NULL) {
++ if (res > NPMATCH)
++ res = NPMATCH;
++ ovector = pcre2_get_ovector_pointer(pmd);
++ for (i = 0; i < res; i++) {
++ j = i * 2;
++ if (ovector[j + 1] < ovector[j])
++ break;
++ rml->list[i].valid = 1;
++ rml->list[i].so = ovector[j];
++ rml->list[i].eo = ovector[j + 1];
++ }
++ rml->valid = 1;
+ }
+- rml->valid = 1;
++ ret = 1;
++ } else if (res == PCRE2_ERROR_NOMATCH)
++ ret = 0;
++ else {
++ xasprintf(cause, "%s: regexec failed", re->str);
++ ret = -1;
+ }
+-
+- return (res != PCRE2_ERROR_NOMATCH);
++ pcre2_match_data_free(pmd);
++ return (ret);
+ }
+
+ void
--- /dev/null
+From 028f59bef0ea9435fb8fbe095b2939652ce63479 Mon Sep 17 00:00:00 2001
+From: Nicholas Marriott <nicholas.marriott@gmail.com>
+Date: Mon, 3 Apr 2023 08:54:28 +0100
+Subject: [PATCH] Fix use-after-free, GitHub issue 126.
+
+---
+ connect.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/connect.c
++++ b/connect.c
+@@ -550,8 +550,8 @@ httpproxy(struct server *srv,
+ if (strlen(line) < 12 ||
+ strncmp(line, "HTTP/", 5) != 0 ||
+ strncmp(line + 8, " 200", 4) != 0) {
+- xfree(line);
+ xasprintf(cause, "unexpected data: %s", line);
++ xfree(line);
+ return (-1);
+ }
+ header = 1;
include $(TOPDIR)/rules.mk
PKG_NAME:=postfix
-PKG_VERSION:=3.5.8
-PKG_RELEASE:=3
+PKG_VERSION:=3.8.2
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:= \
https://de.postfix.org/ftpmirror/official/ \
http://ftp.porcupine.org/mirrors/postfix-release/official/
-PKG_HASH:=22582628cf3edc18c5155c9ff44543dd95a9435fb68135d76a99f572cb07456f
+PKG_HASH:=6790903cdbb5e0e47196691eb9a5f2cf8050262def941e039e6d4bf4043a5e30
PKG_MAINTAINER:=Denis Shulyaka <Shulyaka@gmail.com>
PKG_LICENSE:=IPL-1.0
postfix=25:postfix=25 \
postdrop=26:postdrop=26
URL:=http://www.postfix.org/
- DEPENDS:=+POSTFIX_CDB:tinycdb +POSTFIX_TLS:libopenssl +POSTFIX_SASL:libsasl2 +POSTFIX_LDAP:libopenldap +POSTFIX_DB:libdb47 +POSTFIX_SQLITE:libsqlite3 +POSTFIX_MYSQL:libmysqlclient +POSTFIX_PGSQL:libpq +POSTFIX_EAI:icu +POSTFIX_PCRE:libpcre
+ DEPENDS:=+POSTFIX_CDB:tinycdb +POSTFIX_TLS:libopenssl +POSTFIX_SASL:libsasl2 +POSTFIX_LDAP:libopenldap +POSTFIX_DB:libdb47 +POSTFIX_SQLITE:libsqlite3 +POSTFIX_MYSQL:libmysqlclient +POSTFIX_PGSQL:libpq +POSTFIX_EAI:icu +POSTFIX_PCRE:libpcre2
MENU:=1
endef
endif
ifdef CONFIG_POSTFIX_PCRE
- CCARGS+=-DHAS_PCRE -I$(STAGING_DIR)/usr/include/
- AUXLIBS+=-L$(STAGING_DIR)/usr/lib -lpcre
+ CCARGS+=-DHAS_PCRE2 -I$(STAGING_DIR)/usr/include/
+ AUXLIBS+=-L$(STAGING_DIR)/usr/lib -lpcre2-8
else
CCARGS+=-DNO_PCRE
endif
#endif
--- a/src/util/sys_defs.h
+++ b/src/util/sys_defs.h
-@@ -1509,7 +1509,7 @@ extern int setsid(void);
+@@ -1519,7 +1519,7 @@ extern int setsid(void);
#endif
#ifndef HAS_CLOSEFROM
#endif
-@@ -1563,7 +1563,7 @@ typedef int pid_t;
+@@ -1573,7 +1573,7 @@ typedef int pid_t;
/*
* Clang-style attribute tests.
* XXX Without the unconditional test below, gcc 4.6 will barf on ``elif
* defined(__clang__) && __has_attribute(__whatever__)'' with error message
* ``missing binary operator before token "("''.
-@@ -1577,7 +1577,7 @@ typedef int pid_t;
+@@ -1587,7 +1587,7 @@ typedef int pid_t;
* warn for missing initializations and other trouble. However, OPENSTEP4
* gcc 2.7.x cannot handle this so we define this only if NORETURN isn't
* already defined above.
* Data point: gcc 2.7.2 has __attribute__ (Wietse Venema) but gcc 2.6.3 does
* not (Clive Jones). So we'll set the threshold at 2.7.
*/
-@@ -1653,12 +1653,12 @@ typedef int pid_t;
+@@ -1663,12 +1663,12 @@ typedef int pid_t;
* write to output parameters (for example, stat- or scanf-like functions)
* or from functions that have other useful side effects (for example,
* fseek- or rename-like functions).
* XXX Prepending "(void)" won't shut up GCC. Clang behaves as expected.
*/
#if ((__GNUC__ == 3 && __GNUC_MINOR__ >= 4) || __GNUC__ > 3)
-@@ -1747,7 +1747,7 @@ typedef const char *CONST_CHAR_STAR;
+@@ -1749,7 +1749,7 @@ typedef const char *CONST_CHAR_STAR;
* Safety. On some systems, ctype.h misbehaves with non-ASCII or negative
* characters. More importantly, Postfix uses the ISXXX() macros to ensure
* protocol compliance, so we have to rule out non-ASCII characters.
--- a/src/util/dict_db.c
+++ b/src/util/dict_db.c
-@@ -750,8 +750,8 @@ static DICT *dict_db_open(const char *cl
+@@ -751,8 +751,8 @@ static DICT *dict_db_open(const char *cl
msg_fatal("create DB database: %m");
if (db == 0)
msg_panic("db_create null result");
+// if (type == DB_HASH && db->set_h_nelem(db, DICT_DB_NELM) != 0)
+// msg_fatal("set DB hash element count %d: %m", DICT_DB_NELM);
db_base_buf = vstring_alloc(100);
- #if DB_VERSION_MAJOR == 6 || DB_VERSION_MAJOR == 5 || \
+ #if DB_VERSION_MAJOR == 18 || DB_VERSION_MAJOR == 6 || DB_VERSION_MAJOR == 5 || \
(DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR > 0)
--- a/src/util/sys_defs.h
+++ b/src/util/sys_defs.h
-@@ -760,9 +760,8 @@ extern int initgroups(const char *, int)
+@@ -774,9 +774,8 @@ extern int initgroups(const char *, int)
#define INTERNAL_LOCK MYFLOCK_STYLE_FLOCK
#define DEF_MAILBOX_LOCK "fcntl, dotlock" /* RedHat >= 4.x */
#define HAS_FSYNC
--- a/makedefs
+++ b/makedefs
-@@ -215,7 +215,7 @@ error() {
+@@ -233,7 +233,7 @@ ARFL=rv
case $# in
# Officially supported usage.
RELEASE=`(uname -r) 2>/dev/null`
# No ${x%%y} support in Solaris 11 /bin/sh
RELEASE_MAJOR=`expr "$RELEASE" : '\([0-9]*\)'` || exit 1
-@@ -242,6 +242,15 @@ case "$SYSTEM" in
+@@ -247,6 +247,15 @@ case $# in
esac
case "$SYSTEM.$RELEASE" in
--- a/src/posttls-finger/posttls-finger.c
+++ b/src/posttls-finger/posttls-finger.c
-@@ -342,6 +342,7 @@
+@@ -346,6 +346,7 @@
#include <sys/un.h>
#include <netinet/in.h>
#include <arpa/inet.h>
+++ /dev/null
---- a/src/util/sys_defs.h
-+++ b/src/util/sys_defs.h
-@@ -749,7 +749,8 @@ extern int initgroups(const char *, int)
- /*
- * LINUX.
- */
--#if defined(LINUX2) || defined(LINUX3) || defined(LINUX4) || defined(LINUX5)
-+#if defined(LINUX2) || defined(LINUX3) || defined(LINUX4) || defined(LINUX5) \
-+ || defined(LINUX6)
- #define SUPPORTED
- #define UINT32_TYPE unsigned int
- #define UINT16_TYPE unsigned short
--- a/conf/main.cf
+++ b/conf/main.cf
-@@ -40,43 +40,8 @@ compatibility_level = 2
+@@ -44,43 +44,8 @@ compatibility_level = 3.8
#
#soft_bounce = no
# The default_privs parameter specifies the default rights used by
# the local delivery agent for delivery to external file or command.
# These rights are used in the absence of a recipient user context.
-@@ -632,45 +597,4 @@ debugger_command =
+@@ -641,45 +606,4 @@ debugger_command =
# -dmS $process_name gdb $daemon_directory/$process_name
# $process_id & sleep 1
include $(TOPDIR)/rules.mk
PKG_NAME:=gst1-libav
-PKG_VERSION:=1.22.3
+PKG_VERSION:=1.22.6
PKG_RELEASE:=1
PKG_SOURCE:=gst-libav-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://gstreamer.freedesktop.org/src/gst-libav
-PKG_HASH:=2ec5c805808b4371a7e32b1da0202a1c8a6b36b6ce905080bf5c34097d12a923
+PKG_HASH:=7789e6408388a25f23cbf948cfc5c6230d735bbcd8b7f37f4a01c9e348a1e3a7
PKG_BUILD_DIR:=$(BUILD_DIR)/gst-libav-$(PKG_VERSION)
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org> \
include $(TOPDIR)/rules.mk
PKG_NAME:=gst1-plugins-bad
-PKG_VERSION:=1.22.3
+PKG_VERSION:=1.22.6
PKG_RELEASE:=1
PKG_SOURCE:=gst-plugins-bad-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://gstreamer.freedesktop.org/src/gst-plugins-bad/
-PKG_HASH:=e1798fee2d86127f0637481c607f983293bf0fd81aad70a5c7b47205af3621d8
+PKG_HASH:=b4029cd2908a089c55f1d902a565d007495c95b1442d838485dc47fb12df7137
PKG_BUILD_DIR:=$(BUILD_DIR)/gst-plugins-bad-$(PKG_VERSION)
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org> \
--- a/meson.build
+++ b/meson.build
-@@ -501,7 +501,7 @@ gst_plugins_bad_args = ['-DHAVE_CONFIG_H
+@@ -508,7 +508,7 @@ gst_plugins_bad_args = ['-DHAVE_CONFIG_H
configinc = include_directories('.')
libsinc = include_directories('gst-libs')
include $(TOPDIR)/rules.mk
PKG_NAME:=gst1-plugins-base
-PKG_VERSION:=1.22.3
+PKG_VERSION:=1.22.6
PKG_RELEASE:=1
PKG_SOURCE:=gst-plugins-base-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://gstreamer.freedesktop.org/src/gst-plugins-base
-PKG_HASH:=1c596289a0d4207380233eba8c36a932c4d1aceba19932937d9b57c24cef89f3
+PKG_HASH:=50f2b4d17c02eefe430bbefa8c5cd134b1be78a53c0f60e951136d96cf49fd4b
PKG_BUILD_DIR:=$(BUILD_DIR)/gst-plugins-base-$(PKG_VERSION)
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org> \
include $(TOPDIR)/rules.mk
PKG_NAME:=gst1-plugins-good
-PKG_VERSION:=1.22.3
+PKG_VERSION:=1.22.6
PKG_RELEASE:=1
PKG_SOURCE:=gst-plugins-good-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://gstreamer.freedesktop.org/src/gst-plugins-good/
-PKG_HASH:=af81154b3a2ef3f4d2feba395f25696feea6fd13ec62c92d3c7a973470710273
+PKG_HASH:=b3b07fe3f1ce7fe93aa9be7217866044548f35c4a7792280eec7e108a32f9817
PKG_BUILD_DIR:=$(BUILD_DIR)/gst-plugins-good-$(PKG_VERSION)
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org> \
--- a/meson.build
+++ b/meson.build
-@@ -461,7 +461,7 @@ endif
+@@ -469,7 +469,7 @@ endif
presetdir = join_paths(get_option('datadir'), 'gstreamer-' + api_version, 'presets')
include $(TOPDIR)/rules.mk
PKG_NAME:=gst1-plugins-ugly
-PKG_VERSION:=1.22.3
+PKG_VERSION:=1.22.6
PKG_RELEASE:=1
PKG_SOURCE:=gst-plugins-ugly-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://gstreamer.freedesktop.org/src/gst-plugins-ugly
-PKG_HASH:=3dc98ed5c2293368b3c4e6ce55d89be834a0a62e9bf88ef17928cf03b7d5a360
+PKG_HASH:=3e31454c98cb2f7f6d2d355eceb933a892fa0f1dc09bc36c9abc930d8e29ca48
PKG_BUILD_DIR:=$(BUILD_DIR)/gst-plugins-ugly-$(PKG_VERSION)
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org> \
include $(TOPDIR)/rules.mk
PKG_NAME:=gstreamer1
-PKG_VERSION:=1.22.3
+PKG_VERSION:=1.22.6
PKG_RELEASE:=1
PKG_SOURCE:=gstreamer-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://gstreamer.freedesktop.org/src/gstreamer
-PKG_HASH:=9ffeab95053f9f6995eb3b3da225e88f21c129cd60da002d3f795db70d6d5974
+PKG_HASH:=f500e6cfddff55908f937711fc26a0840de28a1e9ec49621c0b6f1adbd8f818e
PKG_BUILD_DIR:=$(BUILD_DIR)/gstreamer-$(PKG_VERSION)
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org> \
help
Use internal POSIX Regular Expressions.
Note that not all EPG parsers will work with POSIX RegEx.
- config TVHEADEND_REGEX_PCRE
- bool "PCRE (libpcre)"
- select PACKAGE_libpcre
- help
- Use more advanced Perl-Compatible Regular Expressions, provided by libpcre.
config TVHEADEND_REGEX_PCRE2
bool "PCRE2 (libpcre2)"
select PACKAGE_libpcre2
PKG_NAME:=tvheadend
PKG_VERSION:=2023-06-05
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/tvheadend/tvheadend.git
$(ICONV_DEPENDS) \
+zlib \
+TVHEADEND_AVAHI_SUPPORT:libavahi-client \
- +TVHEADEND_REGEX_PCRE:libpcre \
+TVHEADEND_REGEX_PCRE2:libpcre2 \
+BUILD_PATENTED&&TVHEADEND_CSA:libdvbcsa
CONFIGURE_ARGS += --disable-trace
endif
+CONFIGURE_ARGS += --disable-pcre
ifneq ($(CONFIG_TVHEADEND_REGEX_PCRE2),)
- CONFIGURE_ARGS += --disable-pcre --enable-pcre2
-else
-ifneq ($(CONFIG_TVHEADEND_REGEX_PCRE),)
- CONFIGURE_ARGS += --enable-pcre --disable-pcre2
+ CONFIGURE_ARGS += --enable-pcre2
else
ifneq ($(CONFIG_TVHEADEND_REGEX_POSIX),)
- CONFIGURE_ARGS += --disable-pcre --disable-pcre2
-endif
+ CONFIGURE_ARGS += --disable-pcre2
endif
endif
--with-libpcap-include=$(STAGING_DIR)/usr/include \
--with-libpcap-lib=$(STAGING_DIR)/usr/lib \
--without-opt \
+ --with-libbsd=no \
\
PYTHON=$(PYTHON) \
\
--- /dev/null
+From 0265e79f3c9a27a3ffd186e7d3bcd2f744052605 Mon Sep 17 00:00:00 2001
+From: Christian Marangi <ansuelsmth@gmail.com>
+Date: Sat, 28 Oct 2023 17:30:09 +0200
+Subject: [PATCH] build: add option to disable bsd library inclusion
+
+It might be needed to disable bsd inclusion and fallback to the compat
+functions even if bsd headers are detected.
+
+This is the case when multiple library are cross-compiled and someone
+wants to explicitly compile aircrack-ng without linking to bsd library.
+
+With the current implementation, if a bsd header is detected, the bsd
+library is always linked even if unwanted. Add option to configure this
+with the combo --with-libbsd=yes|no|auto with auto set by default.
+
+Also add an extra featurw with introducing the possibility of requiring
+the bsd library and fail the configure phase.
+
+Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
+---
+ build/m4/aircrack_ng_compat.m4 | 24 +++++++++++++++++++++---
+ 1 file changed, 21 insertions(+), 3 deletions(-)
+
+--- a/build/m4/aircrack_ng_compat.m4
++++ b/build/m4/aircrack_ng_compat.m4
+@@ -38,11 +38,29 @@ dnl If you delete this exception stateme
+ dnl program, then also delete it here.
+
+ AC_DEFUN([AIRCRACK_NG_COMPAT], [
++AC_ARG_WITH(libbsd,
++ [AS_HELP_STRING([--with-libbsd[[=auto|yes|no]]], [use BSD library, [default=auto]])])
++
++case $with_libbsd in
++ yes | "" | auto)
++ AC_CHECK_HEADERS([bsd/string.h], [HAVE_BSD_STRING_H=yes])
++ AC_CHECK_LIB([bsd], [strlcpy], [:])
++ AC_CHECK_FUNCS([strlcpy strlcat], [:])
++ ;;
++esac
+
+-AC_CHECK_HEADERS([bsd/string.h], [HAVE_BSD_STRING_H=yes], [HAVE_BSD_STRING_H=no])
+ AM_CONDITIONAL([HAVE_BSD_STRING_H], [test "$HAVE_BSD_STRING_H" = yes])
+-AC_CHECK_LIB([bsd], [strlcpy], [ LIBS="$LIBS -lbsd" ], [:])
+-AC_CHECK_FUNCS([strlcpy strlcat], [:])
++
++if test $with_libbsd != no
++then
++ if test $ac_cv_lib_bsd_strlcpy = yes
++ then
++ LIBS="$LIBS -lbsd"
++ elif test $with_libbsd = yes
++ then
++ AC_MSG_ERROR([cannot configure required bsd library])
++ fi
++fi
+
+ have_bsd=no
+ if test "$cross_compiling" != yes
--- /dev/null
+From 6317063da827732dbc5cc0dd1650ed016bd2927c Mon Sep 17 00:00:00 2001
+From: Christian Marangi <ansuelsmth@gmail.com>
+Date: Sun, 29 Oct 2023 14:41:18 +0100
+Subject: [PATCH] build: support strlcat/strlcpy from musl or recent glibc
+
+Musl or recent glibc added support for these additional string function,
+strlcat and strlcpy hence the compat function are not needed and the
+builtin version can be used instead.
+
+Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
+---
+ build/m4/aircrack_ng_compat.m4 | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+--- a/build/m4/aircrack_ng_compat.m4
++++ b/build/m4/aircrack_ng_compat.m4
+@@ -41,11 +41,12 @@ AC_DEFUN([AIRCRACK_NG_COMPAT], [
+ AC_ARG_WITH(libbsd,
+ [AS_HELP_STRING([--with-libbsd[[=auto|yes|no]]], [use BSD library, [default=auto]])])
+
++AC_CHECK_FUNCS([strlcpy strlcat], [:])
++
+ case $with_libbsd in
+ yes | "" | auto)
+ AC_CHECK_HEADERS([bsd/string.h], [HAVE_BSD_STRING_H=yes])
+ AC_CHECK_LIB([bsd], [strlcpy], [:])
+- AC_CHECK_FUNCS([strlcpy strlcat], [:])
+ ;;
+ esac
+
PKG_NAME:=apinger
PKG_SOURCE_DATE:=2015-04-09
PKG_SOURCE_VERSION:=78eb328721ba1a10571c19df95acddcb5f0c17c8
-PKG_RELEASE:=5
+PKG_RELEASE:=6
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/Jajcus/apinger
config_get_bool rrd "$target" rrd 0
[ -z "$address" ] && return 0
-
- srcip=$(uci_get network "$interface" ipaddr)
- [ -z "$srcip" ] && network_get_ipaddr srcip "$interface"
- srcip="${srcip:-0.0.0.0}"
+ if [ -z $(echo "$address"|sed "/:/d") ]; then
+ srcip=$(uci_get network "$interface" ip6addr)
+ [ -z "$srcip"] && network_get_ipaddr6 srcip "$interface"
+ srcip="${srcip:-::}"
+ else
+ srcip=$(uci_get network "$interface" ipaddr)
+ [ -z "$srcip"] && network_get_ipaddr srcip "$interface"
+ srcip="${srcip:-0.0.0.0}"
+ fi
alarms=${alarm_down:+\"${alarm_down}\"}
alarms=${alarm_delay:+${alarms:+${alarms}, }}${alarm_delay:+\"${alarm_delay}\"}
local percent_low percent_high
config_get percent_low "$alarm" percent_low
- config_get percent_high "$alarm" percent_low
+ config_get percent_high "$alarm" percent_high
if [ -z "$percent_low" ] || [ -z "$percent_high" ]; then
return
local debug status_interval rrd_interval instance
instance=$1
- config_get_bool debug apinger debug 0
- config_get status_interval apinger status_interval 1
- config_get rrd_interval apinger rrd_interval 30
+ config_get_bool debug "$instance" debug 0
+ config_get status_interval "$instance" status_interval 1
+ config_get rrd_interval "$instance" rrd_interval 30
[ "$debug" = "1" ] && debug=on || debug=off
if [ -f "$status_file" ]; then
_IFS="$IFS"
IFS="|"
- while read -r address srcip target received sent timestamp latency loss alarm; do
+ while read -r address srcip target sent received timestamp latency loss alarm; do
json_add_object targets
json_add_string interface "$iface"
json_add_string target "$target"
PKG_NAME:=crowdsec-firewall-bouncer
PKG_VERSION:=0.0.28
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/crowdsecurity/cs-firewall-bouncer/tar.gz/v$(PKG_VERSION)?
procd_set_param command "$PROG" -c "$VARCONFIG"
procd_set_param stdout 1
procd_set_param stderr 1
+ procd_set_param nice 10
+ if [ -x "/sbin/ujail" ]; then
+ procd_add_jail cs-bouncer log
+ procd_add_jail_mount $VARCONFIG
+ procd_add_jail_mount_rw /var/log/
+ procd_set_param no_new_privs 1
+ fi
procd_close_instance
fi
}
bool "HTTP2 protocol"
default y
+config LIBCURL_NGHTTP3
+ bool "HTTP/3 protocol"
+ depends on LIBCURL_OPENSSL
+ default n
+
+config LIBCURL_NGTCP2
+ bool "QUIC protocol"
+ depends on LIBCURL_OPENSSL
+ default n
+
comment "Miscellaneous"
config LIBCURL_PROXY
PKG_NAME:=curl
PKG_VERSION:=8.4.0
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://github.com/curl/curl/releases/download/curl-$(subst .,_,$(PKG_VERSION))/ \
CONFIG_LIBCURL_TELNET \
CONFIG_LIBCURL_TFTP \
CONFIG_LIBCURL_NGHTTP2 \
+ CONFIG_LIBCURL_NGHTTP3 \
+ CONFIG_LIBCURL_NGTCP2 \
\
CONFIG_LIBCURL_COOKIES \
CONFIG_LIBCURL_CRYPTO_AUTH \
CATEGORY:=Libraries
DEPENDS:= +LIBCURL_WOLFSSL:libwolfssl +LIBCURL_OPENSSL:libopenssl +LIBCURL_GNUTLS:libgnutls +LIBCURL_MBEDTLS:libmbedtls
DEPENDS += +LIBCURL_ZLIB:zlib +LIBCURL_ZSTD:libzstd +LIBCURL_THREADED_RESOLVER:libpthread +LIBCURL_LDAP:libopenldap
- DEPENDS += +LIBCURL_LIBIDN2:libidn2 +LIBCURL_SSH2:libssh2 +LIBCURL_NGHTTP2:libnghttp2 +ca-bundle
+ DEPENDS += +LIBCURL_LIBIDN2:libidn2 +LIBCURL_SSH2:libssh2 +LIBCURL_NGHTTP2:libnghttp2 +LIBCURL_NGHTTP3:libnghttp3 +LIBCURL_NGTCP2:libngtcp2 +ca-bundle
TITLE:=A client-side URL transfer library
MENU:=1
ABI_VERSION:=4
$(if $(CONFIG_LIBCURL_ZLIB),--with-zlib="$(STAGING_DIR)/usr",--without-zlib) \
$(if $(CONFIG_LIBCURL_ZSTD),--with-zstd="$(STAGING_DIR)/usr",--without-zstd) \
$(if $(CONFIG_LIBCURL_NGHTTP2),--with-nghttp2="$(STAGING_DIR)/usr",--without-nghttp2) \
+ $(if $(CONFIG_LIBCURL_NGHTTP3),--with-nghttp3="$(STAGING_DIR)/usr",--without-nghttp3) \
+ $(if $(CONFIG_LIBCURL_NGTCP2),--with-ngtcp2="$(STAGING_DIR)/usr",--without-ngtcp2) \
\
$(call autoconf_bool,CONFIG_LIBCURL_DICT,dict) \
$(call autoconf_bool,CONFIG_LIBCURL_FILE,file) \
include $(TOPDIR)/rules.mk
PKG_NAME:=dnsproxy
-PKG_VERSION:=0.56.1
+PKG_VERSION:=0.56.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/AdguardTeam/dnsproxy/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=09aca2248e36c8e50e0a5e68034e34526aaccd6f849bd4de708f2ea4a5b3a52f
+PKG_HASH:=b20a77e88567fbcb80a07faa0f47aee7446b4d32ee7c17036fbdf07c03f05e3a
PKG_MAINTAINER:=Tianling Shen <cnsztl@immortalwrt.org>
PKG_LICENSE:=Apache-2.0
PKG_NAME:=freeradius3
PKG_VERSION:=3.0.26
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=freeradius-server-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://github.com/FreeRADIUS/freeradius-server/releases/download/release_$(subst .,_,$(PKG_VERSION))/
define Package/freeradius3-common
$(call Package/freeradius3/Default)
TITLE:=common files
- DEPENDS:=+USE_GLIBC:libpthread +USE_GLIBC:libbsd +FREERADIUS3_OPENSSL:libopenssl +libcap +libpcap +libncurses +libpcre +libreadline +libtalloc +libatomic
+ DEPENDS:=+USE_GLIBC:libpthread +USE_GLIBC:libbsd +FREERADIUS3_OPENSSL:libopenssl +libcap +libpcap +libncurses +libpcre2 +libreadline +libtalloc +libatomic
endef
define Package/freeradius3-default
PKG_NAME:=haproxy
PKG_VERSION:=2.8.3
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.haproxy.org/download/2.8/src
define Package/haproxy
$(call Package/haproxy/Default)
TITLE+=with SSL support
- DEPENDS+= +libpcre +libltdl +zlib +libpthread +liblua5.3 +libopenssl +libncurses +libreadline +libatomic
+ DEPENDS+= +libpcre2 +libltdl +zlib +libpthread +liblua5.3 +libopenssl +libncurses +libreadline +libatomic
VARIANT:=ssl
endef
$(call Package/haproxy/Default)
TITLE+=without SSL support
VARIANT:=nossl
- DEPENDS+= +libpcre +libltdl +zlib +libpthread +liblua5.3 +libatomic
+ DEPENDS+= +libpcre2 +libltdl +zlib +libpthread +liblua5.3 +libatomic
CONFLICTS:=haproxy
endef
PCREDIR="$(STAGING_DIR)/usr/" \
USE_LUA=1 LUA_LIB_NAME="lua5.3" LUA_INC="$(STAGING_DIR)/usr/include/lua5.3" LUA_LIB="$(STAGING_DIR)/usr/lib" \
SMALL_OPTS="-DBUFSIZE=16384 -DMAXREWRITE=1030 -DSYSTEM_MAXCONN=165530" \
- USE_ZLIB=1 USE_PCRE=1 USE_PCRE_JIT=1 USE_PTHREAD_PSHARED=1 USE_LIBATOMIC=1 USE_PROMEX=1 \
+ USE_ZLIB=1 USE_PCRE2=1 USE_PCRE2_JIT=1 USE_PTHREAD_PSHARED=1 USE_LIBATOMIC=1 USE_PROMEX=1 \
VERSION="$(PKG_VERSION)" SUBVERS="-$(PKG_RELEASE)" \
VERDATE="$(shell date -d @$(SOURCE_DATE_EPOCH) '+%Y/%m/%d')" IGNOREGIT=1 \
$(ADDON) \
include $(TOPDIR)/rules.mk
PKG_NAME:=https-dns-proxy
-PKG_VERSION:=2023-05-25
-PKG_RELEASE:=7
+PKG_VERSION:=2023-10-25
+PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/aarond10/https_dns_proxy/
PKG_SOURCE_DATE:=$(PKG_VERSION)
-PKG_SOURCE_VERSION:=d03e11572562f008f68df217a7378628f1bb7b79
-PKG_MIRROR_HASH:=5af3683c48bc9e493ca2761a6f7ee756431692a695d6008f61b8b92431036dca
+PKG_SOURCE_VERSION:=977341a4e35a37ee454e97e82caf4276b1b4961a
+PKG_MIRROR_HASH:=8622846f1038ac05436a48d9b36a07c516cbb6504ce68e7ee8c5529788fac39b
PKG_MAINTAINER:=Stan Grishin <stangri@melmac.ca>
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=LICENSE
+++ /dev/null
-#!/bin/sh
-# Copied from https://openwrt.org/docs/guide-user/advanced/hotplug_extras
-# shellcheck disable=SC1091
-. /lib/functions/network.sh
-network_flush_cache
-network_find_wan NET_IF
-network_find_wan6 NET_IF6
-[ "$INTERFACE" != "$NET_IF" ] && [ "$INTERFACE" != "$NET_IF6" ] && exit 0
-[ "$ACTION" != "ifup" ] && [ "$ACTION" != "ifupdate" ] && exit 0
-[ "$ACTION" = "ifupdate" ] && [ -z "$IFUPDATE_ADDRESSES" ] && \
-[ -z "$IFUPDATE_DATA" ] && exit 0
-
-sleep 10
-/etc/init.d/https-dns-proxy start 'on_hotplug'
readonly canaryDomainsMozilla='use-application-dns.net'
readonly canaryDomainsiCloud='mask.icloud.com mask-h2.icloud.com'
+on_boot_trigger=
+
str_contains() { [ -n "$1" ] &&[ -n "$2" ] && [ "${1//$2}" != "$1" ]; }
is_mac_address() { expr "$1" : '[0-9A-F][0-9A-F]:[0-9A-F][0-9A-F]:[0-9A-F][0-9A-F]:[0-9A-F][0-9A-F]:[0-9A-F][0-9A-F]:[0-9A-F][0-9A-F]$' >/dev/null; }
is_ipv4() { expr "$1" : '[0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*$' >/dev/null; }
boot() {
ubus -t 30 wait_for network.interface 2>/dev/null
- rc_procd start_service 'on_boot'
+ on_boot_trigger=1
+ rc_procd start_service 'on_boot' && rc_procd service_started 'on_boot'
resolver_health_check || rc_procd stop_service 'on_boot'
}
}
service_triggers() {
- procd_add_raw_trigger "interface.*.up" 3000 "/etc/init.d/${packageName}" restart 'on_interface_up'
+ local wan wan6 i
+ local procd_trigger_wan6
+ if [ "$on_boot_trigger" = '1' ]; then
+ procd_add_raw_trigger "interface.*.up" 3000 "/etc/init.d/${packageName}" restart 'on_interface_up'
+ else
+ config_load "$packageName"
+ config_get_bool procd_trigger_wan6 'config' 'procd_trigger_wan6' '0'
+ . /lib/functions/network.sh
+ network_flush_cache
+ network_find_wan wan
+ wan="${wan:-wan}"
+ if [ "$procd_trigger_wan6" -ne 0 ]; then
+ network_find_wan6 wan6
+ wan6="${wan6:-wan6}"
+ fi
+ for i in $wan $wan6; do
+ procd_add_interface_trigger "interface.*" "$i" "/etc/init.d/${packageName}" restart 'on_interface_trigger'
+ done
+ fi
procd_add_config_trigger "config.change" "$packageName" "/etc/init.d/${packageName}" reload 'on_config_change'
}
+
service_started() { procd_set_config_changed firewall; }
service_stopped() { procd_set_config_changed firewall; }
restart() { procd_send_signal "$packageName"; rc_procd start_service "$*"; }
endif()
-set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra --pedantic -Wno-strict-aliasing -Wno-variadic-macros")
--set(CMAKE_C_FLAGS_DEBUG "-g -DDEBUG")
+-set(CMAKE_C_FLAGS_DEBUG "-gdwarf-4 -DDEBUG")
-set(CMAKE_C_FLAGS_RELEASE "-O2")
+#set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra --pedantic -Wno-strict-aliasing -Wno-variadic-macros")
-+#set(CMAKE_C_FLAGS_DEBUG "-g -DDEBUG")
++#set(CMAKE_C_FLAGS_DEBUG "-gdwarf-4 -DDEBUG")
+#set(CMAKE_C_FLAGS_RELEASE "-O2")
if ((CMAKE_C_COMPILER_ID MATCHES GNU AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 9) OR
--- a/src/options.c
+++ b/src/options.c
-@@ -22,7 +22,7 @@ const char * options_sw_version() {
+@@ -24,7 +24,7 @@ const char * options_sw_version(void) {
#ifdef SW_VERSION
return SW_VERSION;
#else
-- return "2023.01.01-atLeast"; // update date sometimes, like 1-2 times a year
-+ return "2023-05-25-1"; // update date sometimes, like 1-2 times a year
+- return "2023.10.10-atLeast"; // update date sometimes, like 1-2 times a year
++ return "2023-10-25-1"; // update date sometimes, like 1-2 times a year
#endif
}
+++ /dev/null
---- a/src/logging.c
-+++ b/src/logging.c
-@@ -78,7 +78,7 @@ void _log(const char *file, int line, in
-
- struct timeval tv;
- gettimeofday(&tv, NULL);
-- fprintf(logf, "%s %8lu.%06lu %s:%d ", SeverityStr[severity],
-+ fprintf(logf, "%s %8llu.%06llu %s:%d ", SeverityStr[severity],
- (uint64_t)tv.tv_sec,
- (uint64_t)tv.tv_usec, file, line);
-
--- /dev/null
+# SPDX-License-Identifier: GPL-2.0-only
+#
+# Copyright (C) 2023 Jonas Jelonek
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=iperf
+PKG_VERSION:=3.15-mt-beta1
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://codeload.github.com/esnet/iperf/tar.gz/$(PKG_NAME)-$(PKG_VERSION)?
+PKG_HASH:=4d5ad5bef9321adb832581a495c3cb1b5dec9d9678296f90bfc87166bbb7a43b
+
+PKG_MAINTAINER:=Jonas Jelonek <jelonek.jonas@gmail.com>
+PKG_LICENSE:=BSD-3-Clause
+PKG_CPE_ID:=cpe:/a:es:iperf3
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_NAME)-$(PKG_VERSION)
+PKG_BUILD_PARALLEL:=1
+PKG_INSTALL:=1
+
+PKG_FIXUP:=autoreconf
+
+include $(INCLUDE_DIR)/package.mk
+
+DISABLE_NLS:=
+
+define Package/iperf3-mt/default
+ SECTION:=net
+ CATEGORY:=Network
+ TITLE:=iperf3 with multithreading
+ URL:=https://github.com/esnet/iperf
+ CONFLICTS:=iperf3 iperf3-ssl
+endef
+
+define Package/iperf3-mt
+$(call Package/iperf3-mt/default)
+ VARIANT:=nossl
+ DEPENDS:=+libiperf3-mt
+ CONFLICTS+=iperf3-mt-ssl
+endef
+
+define Package/iperf3-mt-ssl
+$(call Package/iperf3-mt/default)
+ TITLE+= and iperf_auth support
+ VARIANT:=ssl
+ DEPENDS:=+libopenssl +libatomic
+endef
+
+define Package/libiperf3-mt
+ SECTION:=libs
+ CATEGORY:=Libraries
+ TITLE:=libiperf3 with multithreading
+ URL:=https://github.com/esnet/iperf
+ CONFLICTS:=libiperf3
+ DEPENDS+=+libatomic
+endef
+
+TARGET_CFLAGS += -D_GNU_SOURCE
+TARGET_LDFLAGS += -latomic
+
+ifeq ($(BUILD_VARIANT),ssl)
+ CONFIGURE_ARGS += --with-openssl="$(STAGING_DIR)/usr" --disable-shared
+else
+ CONFIGURE_ARGS += --without-openssl
+endif
+
+MAKE_FLAGS += noinst_PROGRAMS=
+
+define Package/iperf3-mt/description
+ iPerf3 is a modern alternative for measuring TCP and UDP bandwidth
+ performance, allowing the tuning of various parameters and
+ characteristics.
+ iperf3-mt has experimental multithreading support.
+endef
+
+define Package/libiperf3-mt/description
+ Libiperf is a library providing an API for iperf3 functionality.
+endef
+
+define Build/InstallDev
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libiperf.* $(1)/usr/lib/
+ $(INSTALL_DIR) $(1)/usr/include
+ $(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
+endef
+
+define Package/iperf3-mt/install/Default
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/iperf3 $(1)/usr/bin/
+endef
+
+Package/iperf3-mt/install = $(Package/iperf3-mt/install/Default)
+Package/iperf3-mt-ssl/install = $(Package/iperf3-mt/install/Default)
+
+define Package/libiperf3-mt/install
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libiperf.so.* $(1)/usr/lib
+endef
+
+$(eval $(call BuildPackage,iperf3-mt))
+$(eval $(call BuildPackage,iperf3-mt-ssl))
+$(eval $(call BuildPackage,libiperf3-mt))
PKG_NAME:=keepalived
PKG_VERSION:=2.2.8
-PKG_RELEASE:=3
+PKG_RELEASE:=5
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.keepalived.org/software
printf '%benable_script_security\n' "${INDENT_1}" >> "$KEEPALIVED_CONF"
printf '%bprocess_names\n' "${INDENT_1}" >> "$KEEPALIVED_CONF"
+ printf '%bstartup_script "/bin/busybox env -i ACTION=startup /sbin/hotplug-call keepalived"\n' "${INDENT_1}" >> "$KEEPALIVED_CONF"
+ printf '%bstartup_script_timeout 10\n' "${INDENT_1}" >> "$KEEPALIVED_CONF"
+ printf '%bshutdown_script "/bin/busybox env -i ACTION=shutdown /sbin/hotplug-call keepalived"\n' "${INDENT_1}" >> "$KEEPALIVED_CONF"
+ printf '%bshutdown_script_timeout 10\n' "${INDENT_1}" >> "$KEEPALIVED_CONF"
+
config_get notification_email "$1" notification_email
print_list_indent notification_email
garp_master_repeat garp_master_refresh_repeat \
no_val_vmac_xmit_base no_val_native_ipv6 no_val_accept \
no_val_dont_track_primary no_val_smtp_alert no_val_nopreempt \
- no_val_use_vmac
+ no_val_use_vmac no_val_no_accept
print_notify "INSTANCE" "$name" "$INDENT_1" notify_backup notify_master \
notify_fault notify_stop
include $(TOPDIR)/rules.mk
PKG_NAME:=knot
-PKG_VERSION:=3.3.1
+PKG_VERSION:=3.3.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://secure.nic.cz/files/knot-dns/
-PKG_HASH:=f3f4b1d49ec9b81113b14a38354b823bd4a470356ed7e8e555595b6fd1ac80c9
+PKG_HASH:=0d65d4b59f5df69b78c6295ade0a2ea7931831de7ef5eeee3e00f8a20af679e4
PKG_MAINTAINER:=Daniel Salzman <daniel.salzman@nic.cz>
PKG_LICENSE:=GPL-3.0 LGPL-2.0 0BSD BSD-3-Clause OLDAP-2.8
--- /dev/null
+--- a/src/libdnssec/key/key.c
++++ b/src/libdnssec/key/key.c
+@@ -146,10 +146,14 @@ dnssec_key_t *dnssec_key_dup(const dnsse
+
+ gnutls_privkey_type_t type = gnutls_privkey_get_type(key->private_key);
+ if (type == GNUTLS_PRIVKEY_PKCS11) {
++#ifdef ENABLE_PKCS11
+ gnutls_pkcs11_privkey_t tmp;
+ gnutls_privkey_export_pkcs11(key->private_key, &tmp);
+ gnutls_privkey_import_pkcs11(dup->private_key, tmp,
+ GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE);
++#else
++ assert(0);
++#endif
+ } else {
+ assert(type == GNUTLS_PRIVKEY_X509);
+ gnutls_x509_privkey_t tmp;
PKG_NAME:=libreswan
PKG_VERSION:=4.12
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://download.libreswan.org/
include $(INCLUDE_DIR)/package.mk
-define Package/libreswan/Default
- TITLE:=Libreswan
- URL:=https://libreswan.org/
-endef
-
-define Package/libreswan/Default/description
- Libreswan is a free software implementation of the most widely supported and
- standardized VPN protocol based on ("IPsec") and the Internet Key Exchange
- ("IKE"). These standards are produced and maintained by the Internet
- Engineering Task Force ("IETF").
-endef
-
-define Package/libreswan
-$(call Package/libreswan/Default)
+define Package/libreswan/default
SUBMENU:=VPN
SECTION:=net
CATEGORY:=Network
- DEPENDS:= +IPV6:kmod-ip6-vti +IPV6:kmod-ipsec6 +ip-full +iptables-mod-ipsec \
- +kmod-crypto-aead +kmod-crypto-authenc +kmod-crypto-gcm \
- +kmod-crypto-hash +kmod-crypto-rng +kmod-ip-vti +kmod-ipsec \
- +kmod-ipsec4 +kmod-ipt-ipsec +kmod-xfrm-interface +libevent2 +libevent2-pthreads \
- +libldns +librt +libunbound +nss-utils +nspr +libcap-ng
+ TITLE:=Libreswan
+ URL:=https://libreswan.org/
PROVIDES:=openswan
CONFLICTS:=strongswan
- TITLE+= IPsec Server
+endef
+
+define Package/libreswan
+ $(Package/libreswan/default)
+ DEPENDS:= \
+ +kmod-ip-vti +IPV6:kmod-ip6-vti \
+ +kmod-ipsec +kmod-ipsec4 +IPV6:kmod-ipsec6 \
+ +ip-full +kmod-xfrm-interface \
+ +libevent2 +libevent2-pthreads \
+ +libldns +librt +libunbound +nss-utils +nspr +libcap-ng \
+ +kmod-crypto-acompress \
+ +kmod-crypto-aead \
+ +kmod-crypto-authenc \
+ +kmod-crypto-arc4 \
+ +kmod-crypto-cbc \
+ +kmod-crypto-ccm \
+ +kmod-crypto-chacha20poly1305 \
+ +kmod-crypto-cmac \
+ +kmod-crypto-ctr \
+ +kmod-crypto-cts \
+ +kmod-crypto-des \
+ +kmod-crypto-ecb \
+ +kmod-crypto-ecdh \
+ +kmod-crypto-gcm \
+ +kmod-crypto-ghash \
+ +kmod-crypto-hash \
+ +kmod-crypto-hmac \
+ +kmod-crypto-md4 \
+ +kmod-crypto-md5 \
+ +kmod-crypto-null \
+ +kmod-crypto-pcbc \
+ +kmod-crypto-sha1 \
+ +kmod-crypto-sha256 \
+ +kmod-crypto-sha512 \
+ +kmod-crypto-xcbc \
+ +kmod-crypto-rng
endef
define Package/libreswan/description
-$(call Package/libreswan/Default/description)
- Libreswan is a free software implementation of the most widely supported and
- standardized VPN protocol based on ("IPsec") and the Internet Key Exchange
- ("IKE"). These standards are produced and maintained by the Internet
- Engineering Task Force ("IETF").
+ Libreswan is a free software implementation of the most widely supported and
+ standardized VPN protocol based on ("IPsec") and the Internet Key Exchange
+ ("IKE"). These standards are produced and maintained by the Internet
+ Engineering Task Force ("IETF").
endef
define Package/libreswan/conffiles
/etc/ipsec.d
-/etc/ipsec.conf
-/etc/ipsec.secrets
+/etc/config/libreswan
+/etc/ipsec.user
endef
+
TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed
MAKE_FLAGS+= \
define Package/libreswan/install
$(INSTALL_DIR) \
- $(1)/etc/init.d \
$(1)/etc/ipsec.d/policies \
$(1)/usr/libexec/ipsec \
- $(1)/usr/sbin
+ $(1)/usr/sbin \
+ $(1)/etc/config \
+ $(1)/etc/init.d \
+ $(1)/etc/hotplug.d/libreswan \
+ $(1)/etc/hotplug.d/iface \
+ $(1)/usr/libexec/rpcd \
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ipsec \
$(1)/usr/sbin/ipsec
- $(INSTALL_BIN) ./files/ipsec.init $(1)/etc/init.d/ipsec
- $(INSTALL_DATA) ./files/ipsec.conf $(1)/etc/ipsec.conf
- $(INSTALL_DATA) ./files/ipsec.secrets $(1)/etc/ipsec.secrets
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/ipsec.d/policies/* \
$(1)/etc/ipsec.d/policies/
$(CP) $(PKG_INSTALL_DIR)/usr/libexec/ipsec/* \
$(1)/usr/libexec/ipsec/
+
+ $(INSTALL_BIN) ./files/usr/libexec/ipsec/_updown.xfrm $(1)/usr/libexec/ipsec/_updown.xfrm
+ $(INSTALL_BIN) ./files/etc/init.d/ipsec $(1)/etc/init.d/ipsec
+ $(INSTALL_BIN) ./files/usr/libexec/rpcd/libreswan $(1)/usr/libexec/rpcd/libreswan
+ $(INSTALL_DATA) ./files/etc/ipsec.conf $(1)/etc/ipsec.conf
+ $(INSTALL_DATA) ./files/etc/ipsec.secrets $(1)/etc/ipsec.secrets
+ $(INSTALL_DATA) ./files/etc/config/libreswan $(1)/etc/config/libreswan
+ $(INSTALL_DATA) ./files/etc/hotplug.d/libreswan/01-user $(1)/etc/hotplug.d/libreswan/01-user
+ $(INSTALL_DATA) ./files/etc/hotplug.d/libreswan/02-vti $(1)/etc/hotplug.d/libreswan/02-vti
+ $(INSTALL_DATA) ./files/etc/hotplug.d/iface/89-libreswan $(1)/etc/hotplug.d/iface/89-libreswan
+endef
+
+define Package/libreswan-nftables
+ $(Package/libreswan/default)
+ TITLE+= nftables plugin)
+ DEPENDS+=firewall4 +libreswan +kmod-nft-xfrm +nftables \
+ +kmod-nfnetlink-log
+endef
+
+define Package/libreswan-nftables/description
+ Provides Libreswan nftables plugin for adding firewall rules
+endef
+
+define Package/libreswan-nftables/install
+ $(INSTALL_DIR) $(1)/etc/hotplug.d/libreswan \
+ $(1)/usr/share/nftables.d/ruleset-post
+
+ $(CP) ./files/usr/share/nftables.d/* $(1)/usr/share/nftables.d
+ $(CP) ./files/etc/hotplug.d/libreswan/62-nftables $(1)/etc/hotplug.d/libreswan/62-nftables
+ $(LN) /tmp/libreswan/firewall.d/libreswan.rules $(1)/usr/share/nftables.d/ruleset-post/10_libreswan.nft
+endef
+
+define Package/libreswan-iptables
+ $(Package/libreswan/default)
+ TITLE+= iptables plugin)
+ DEPENDS+=firewall +libreswan +iptables-mod-ipsec +kmod-ipt-ipsec \
+ +iptables-zz-legacy +IPV6:ip6tables-zz-legacy \
+ +kmod-ipt-nflog +iptables-mod-nflog
+endef
+
+define Package/libreswan-iptables/description
+ Provides Libreswan iptables plugin for adding firewall rules
+endef
+
+define Package/libreswan-iptables/install
+ $(INSTALL_DIR) $(1)/etc \
+ $(1)/etc/uci-defaults \
+ $(1)/etc/hotplug.d/libreswan
+
+ $(CP) ./files/etc/hotplug.d/libreswan/61-iptables $(1)/etc/hotplug.d/libreswan/61-iptables
+ $(CP) ./files/etc/uci-defaults/091-libreswan $(1)/etc/uci-defaults/091-libreswan
+ $(INSTALL_BIN) ./files/etc/libreswan_firewall.sh $(1)/etc/libreswan_firewall.sh
+endef
+
+define Package/libreswan-iptables/postinst
+#!/bin/sh
+[ -n "$$IPKG_INSTROOT" ] || {
+ /etc/init.d/firewall reload
+}
endef
$(eval $(call BuildPackage,libreswan))
+$(eval $(call BuildPackage,libreswan-nftables))
+$(eval $(call BuildPackage,libreswan-iptables))
--- /dev/null
+config libreswan 'globals'
+ option debug '0' # set debug mode none/all
+ list virtual_private '10.0.0.0/8'
+ list virtual_private '192.168.0.0/16'
+ list virtual_private '172.16.0.0/12'
+ list virtual_private '25.0.0.0/8'
+ list virtual_private '100.64.0.0/10'
+ list virtual_private '!100.64.0.0/24' # the address ranges that may live behind a NAT router through which a client connects
+ # option listen '192.168.2.100' # listening address, if set listen_interface would not be used
+ # option listen_interface 'wan' # listening interface
+ # option uniqueids 'yes' # yes/no
+
+# config crypto_proposal 'p1'
+# list encryption_algorithm '3des' # possible values: 3des, aes, aes_ctr, aes_cbc, aes128, aes192, aes256, camellia_cbc
+# list hash_algorithm 'md5' # possible values: md5, sha1, sha256, sha384, sha512
+# list dh_group 'modp1536' # possible values: modp1536, modp2048, modp3072, modp4096, modp6144, modp8192, dh19, dh20, dh21, dh22, dh31
+
+# config tunnel 'vti2_1_5'
+# option left '192.168.1.1'
+# option left_interface 'wan' # interface ipaddr to be used as left
+# option leftid '@left' # local id
+# option right '192.168.2.201' # remote endpoint public ip
+# option rightid '@62dd3e3f82339b002405245b' # rightid
+# option auto 'start' # what operation, should be done automatically at IPsec startup
+# option authby 'secret' # how the two security gateways should authenticate each other
+# option psk 'AyG9RlTtQJIUxgxG' # preshare key
+# option ikev2 '1' # ike version
+# option ikelifetime '8h'
+# option rekey '1'
+# option rekeymargin '9m'
+# option dpdaction 'restart'
+# option dpddelay '30'
+# option dpdtimeout '150'
+# option interface 'vti2_1_5' # only for route based tunnels
+# list leftsubnets '0.0.0.0/0'
+# list rightsubnets '0.0.0.0/0'
+# option phase2 'esp' # phase2 protocol
+# list ike 'p1' # list of crypto_proposal (phase1 proposals)
+# list phase2ag 'p1' # list of crypto_proposal (phase2 proposals')
+# option nflog '0' # enable nflog
+# option update_peeraddr '1' # auto update vti interface ppeeradd in /etc/config/network
--- /dev/null
+#!/bin/sh
+
+[ "$ACTION" = ifup -o "$ACTION" = ifupdate ] || exit 0
+[ "$ACTION" = ifupdate -a -z "$IFUPDATE_ADDRESSES" -a -z "$IFUPDATE_DATA" ] && exit 0
+
+/etc/init.d/ipsec running || exit 0
+uci show libreswan | grep -i "='$INTERFACE'$" || exit 0
+
+logger -t libreswan "Restart libreswan due to $ACTION of $INTERFACE ($DEVICE)"
+
+/etc/init.d/ipsec restart
--- /dev/null
+#!/bin/sh
+
+# Things that this script gets (from ipsec_pluto(8) man page)
+#
+# PLUTO_VERB
+# specifies the name of the operation to be performed
+# (prepare-host, prepare-client, up-host, up-client,
+# down-host, or down-client). If the address family
+# for security gateway to security gateway
+# communications is IPv6, then a suffix of -v6 is added
+# to the verb.
+#
+# PLUTO_CONNECTION
+# is the name of the connection for which we are
+# routing.
+#
+# PLUTO_CONNECTION_TYPE
+# is type of the connection, "tunnel" or "transport".
+#
+# PLUTO_CONN_POLICY
+# the policy of the connection, as in:
+# RSASIG+ENCRYPT+TUNNEL+PFS+DONTREKEY+OPPORTUNISTIC
+# +failureDROP+lKOD+rKOD
+#
+# CAT=YES|
+# if client address translation inside IPsec stack is enabled
+#
+# PLUTO_NEXT_HOP
+# is the next hop to which packets bound for the peer
+# must be sent.
+#
+# PLUTO_INTERFACE
+# is the name of the real interface used by encrypted traffic and IKE traffic
+#
+# PLUTO_ME
+# is the IP address of our host.
+#
+# PLUTO_MY_ID
+# is our ID.
+#
+# PLUTO_METRIC
+# is the metric to set for the route
+#
+# PLUTO_MTU
+# is the mtu to set for the route
+#
+# PLUTO_ADD_TIME
+# Time the IPsec SA was added to the kernel
+#
+# PLUTO_MOBIKE_EVENT
+# wether the connection is underdoing MOBIKE migration
+#
+# PLUTO_MY_CLIENT
+# is the IP address / count of our client subnet. If
+# the client is just the host, this will be the
+# host's own IP address / mask (where max is 32 for
+# IPv4 and 128 for IPv6).
+#
+# PLUTO_MY_CLIENT_NET
+# is the IP address of our client net. If the client
+# is just the host, this will be the host's own IP
+# address.
+#
+# PLUTO_MY_CLIENT_MASK
+# is the mask for our client net. If the client is
+# just the host, this will be 255.255.255.255.
+#
+# PLUTO_MY_SOURCEIP
+# if non-empty, then the source address for the route will be
+# set to this IP address.
+#
+# PLUTO_MY_PROTOCOL
+# is the protocol for this connection. Useful for
+# firewalling.
+#
+# PLUTO_MY_PORT
+# is the port. Useful for firewalling.
+#
+# PLUTO_PEER
+# is the IP address of our peer.
+#
+# PLUTO_PEER_ID
+# is the ID of our peer.
+#
+# PLUTO_PEER_CLIENT
+# is the IP address / count of the peer's client subnet.
+# If the client is just the peer, this will be
+# the peer's own IP address / mask (where max is 32
+# for IPv4 and 128 for IPv6).
+#
+# PLUTO_PEER_CLIENT_NET
+# is the IP address of the peer's client net. If the
+# client is just the peer, this will be the peer's
+# own IP address.
+#
+# PLUTO_PEER_CLIENT_MASK
+# is the mask for the peer's client net. If the
+# client is just the peer, this will be
+# 255.255.255.255.
+#
+# PLUTO_PEER_PROTOCOL
+# is the protocol set for remote end with port
+# selector.
+#
+# PLUTO_PEER_PORT
+# is the peer's port. Useful for firewalling.
+#
+# PLUTO_PEER_CA
+# is the DN of the peer's CA that signed its certificate
+#
+# PLUTO_CFG_CLIENT=0|1
+# is MODECFG or IKEv2 Config client.
+#
+# PLUTO_CFG_SERVER=0|1
+# is MODECFG or IKEv2 Config server.
+#
+# PLUTO_PEER_DNS_INFO
+# The peer's supplied DNS information (IKEv1 and IKEv2)
+#
+# PLUTO_PEER_DOMAIN_INFO
+# The peer's supplied domain list for local resolving (IKEv2 only)
+#
+# PLUTO_PEER_BANNER
+# is the peer's provided banner
+#
+# PLUTO_NM_CONFIGURED=0|1
+# is NetworkManager used for resolv.conf update
+#
+# PLUTO_CONN_ADDRFAMILY
+# is the family type, "ipv4" or "ipv6"
+#
+# PLUTO_CONN_KIND
+# is the "kind" of connection (CK_PERMANENT, CK_INSTANCE, etc)
+#
+# PLUTO_STACK
+# is the local IPsec kernel stack used, eg XFRM, BSDKAME, NOSTACK
+#
+# PLUTO_IS_PEER_CISCO=0|1
+# remote server type is cisco. Add support for cisco extensions
+# when used with xauth.
+#
+# PLUTO_SA_REQID
+# When using KAME or XFRM, the IPsec SA reqid base value.
+# ESP/AH out is base, ESP/AH in = base + 1
+# IPCOMP is base + 2 plus for inbound + 1
+#
+# PLUTO_XFRMI_FWMARK
+# use outgoing mark
+#
+# PLUTO_SA_TYPE
+# The type of IPsec SA (ESP or AH)
+#
+# PLUTO_USERNAME
+# The username (XAUTH or GSSAPI) that was authenticated (if any)
+# for this SA
+#
+# PLUTO_VIRT_INTERFACE
+# is the name of ipsec interface used by clear traffic in/out
+#
+# INTERFACE_IP
+# The IP to configure / expect on the interface? Currently is never set
+#
+# PLUTO_XFRM_ROUTE
+# if an XFRM (ipsec-device) has been specified, value will be "yes"
+#
+# XAUTH_FAILED
+# If xauthfail=soft this will be set to 1 if XAUTH authentication
+# failed. If xauthfail=hard, the updown scripts never run.
+#
+# CONNMARK
+# If mark= is set on the connection, this variable will be
+# set with the value. It can be used for iptables or VTI.
+#
+# CONNMARK_IN
+# the incoming mark to use
+#
+# CONNMARK_OUT
+# the outgoing mark to use
+#
+# VTI_IFACE=iface
+# Name of VTI interface to create
+#
+# VTI_ROUTING=yes|no
+# Whether or not to perform ip rule and ip route commands
+# covering the IPsec SA address ranges to route those packets
+# into the VTI_IFACE interface. This should be enabled unless
+# the IPsec SA covers 0.0.0.0/0 <-> 0.0.0.0/0
+#
+# VTI_SHARED=yes|no
+# Whether or not more conns (or instances) share a VTI device.
+# If not shared, the VTI device is deleted when tunnel goes down.
+#
+# VTI_IP
+# The IP to configure on the VTI device
+#
+# SPI_IN / SPI_OUT
+# The inbound and outbound SPI's of the connection.
+#
+# PLUTO_INBYTES
+# total bytes received
+#
+# PLUTO_OUTBYTES
+# total bytes sent
+#
+# NFLOG
+# is the nflog group to use
+#
+
+case "${PLUTO_VERB}" in
+ prepare-host|prepare-host-v6) ;;
+ prepare-client|prepare-client-v6) ;;
+ route-host|route-host-v6) ;;
+ unroute-host|unroute-host-v6) ;;
+ route-client|route-client-v6) ;;
+ unroute-client|unroute-client-v6) ;;
+ up-host|up-host-v6) ;;
+ down-host|down-host-v6) ;;
+ up-client|up-client-v6) ;;
+ down-client|down-client-v6) ;;
+esac
--- /dev/null
+#!/bin/sh
+
+[ -e "/etc/ipsec.user" ] && {
+ . /etc/ipsec.user
+}
+
+exit 0
--- /dev/null
+#!/bin/sh
+
+. /lib/functions.sh
+
+[ "${PLUTO_VERB}" != "route-client" ] && [ "${PLUTO_VERB}" != "up-client" ] && exit 0
+
+CONNECTION=${PLUTO_CONNECTION%/*}
+[ -z "$CONNECTION" ] && exit 0
+
+update_peeraddr=$(uci_get libreswan $CONNECTION update_peeraddr)
+[ "$update_peeraddr" != "1" ] && exit 0
+
+interface=$(uci_get libreswan $CONNECTION interface)
+[ -z "$interface" ] && exit 0
+
+proto=$(uci_get network "$interface" proto)
+[ "$proto" != "vti" ] && exit 0
+
+peeraddr=$(uci_get network "$interface" peeraddr)
+[ "$peeraddr" == "$PLUTO_PEER" ] && exit 0
+
+uci_set network "$interface" peeraddr "$PLUTO_PEER"
+uci_commit network
+ifup "$interface"
--- /dev/null
+#!/bin/sh
+
+. /lib/functions.sh
+
+FW4="$(command -v fw4)"
+[ -n "$FW4" ] && exit 0
+
+CONNECTION="${PLUTO_CONNECTION//\//_}"
+[ -z "$CONNECTION" ] && exit 0
+
+IPT_LEGACY="$(command -v iptables-legacy)"
+IPT="$(command -v iptables)"
+BIN="${IPT_LEGACY:-$IPT}"
+[ -z "$BIN" ] && exit 0
+
+LIBRESWAN_INPUT="libreswan_input"
+LIBRESWAN_FORWARD="libreswan_forward"
+LIBRESWAN_OUTPUT="libreswan_output"
+LIBRESWAN_NFLOG_INPUT="libreswan_nflog_input"
+LIBRESWAN_NFLOG_OUTPUT="libreswan_nflog_output"
+LIBRESWAN_POSTROUTING="libreswan_postrouting"
+
+FW_DIR="/tmp/libreswan/firewall.d"
+LIBRESWAN_RULES_FILE="$FW_DIR/libreswan.rules"
+RULES_DIR="$FW_DIR/rules"
+
+IPV4_RULES_FILE="$RULES_DIR/${CONNECTION}-ipv4.rules"
+IPV6_RULES_FILE="$RULES_DIR/${CONNECTION}-ipv6.rules"
+
+reload_firewall() {
+ [ ! -d "$RULES_DIR" ] && return 0
+
+ cat $RULES_DIR/*.rules > "$LIBRESWAN_RULES_FILE" 2>/dev/null
+ /etc/init.d/firewall reload
+}
+
+up_rules() {
+ [ -z "$PLUTO_PEER_CLIENT" ] && return 0
+
+ [ ! -d "$RULES_DIR" ] && mkdir -p "$RULES_DIR"
+ [ "$PLUTO_PEER_CLIENT" = "0.0.0.0/0" ] && [ "$PLUTO_MY_CLIENT" = "0.0.0.0/0" ] && return 0
+
+ cat << EOF > $IPV4_RULES_FILE
+$BIN -t filter -A $LIBRESWAN_INPUT -m policy --dir in --pol ipsec -s $PLUTO_PEER_CLIENT -d $PLUTO_MY_CLIENT -m comment --comment "$PLUTO_CONNECTION" -j ACCEPT
+$BIN -t filter -A $LIBRESWAN_FORWARD -s $PLUTO_PEER_CLIENT -d $PLUTO_MY_CLIENT -m comment --comment "$PLUTO_CONNECTION" -j ACCEPT
+$BIN -t filter -A $LIBRESWAN_OUTPUT -m policy --dir out --pol ipsec -s $PLUTO_MY_CLIENT -d $PLUTO_PEER_CLIENT -m comment --comment "$PLUTO_CONNECTION" -j ACCEPT
+$BIN -t nat -A $LIBRESWAN_POSTROUTING -m policy --dir out --pol ipsec -s $PLUTO_MY_CLIENT -d $PLUTO_PEER_CLIENT -m comment --comment "$PLUTO_CONNECTION" -j ACCEPT
+EOF
+ if [ -n "$NFLOG" ]; then
+ cat << EOF > $IPV4_RULES_FILE
+$BIN -t filter -A $LIBRESWAN_NFLOG_INPUT -m policy --dir in --pol ipsec -s $PLUTO_PEER_CLIENT -d $PLUTO_MY_CLIENT -j NFLOG --nflog-group $NFLOG --nflog-prefix $PLUTO_CONNECTION
+$BIN -t filter -A $LIBRESWAN_NFLOG_OUTPUT -m policy --dir out --pol ipsec -s $PLUTO_MY_CLIENT -d $PLUTO_PEER_CLIENT -j NFLOG --nflog-group $NFLOG --nflog-prefix $PLUTO_CONNECTION
+EOF
+
+ fi
+
+ reload_firewall
+
+ return 0
+}
+
+down_rules() {
+ if [ -f "$IPV4_RULES_FILE" ]; then
+ rm -rf "$IPV4_RULES_FILE"
+ reload_firewall
+ fi
+
+ return 0
+}
+
+case "${PLUTO_VERB}" in
+ up-host|up-client) up_rules ;;
+ down-host|down-client) down_rules ;;
+ up-host-v6|down-host-v6) ;;
+ up-client|down-client-v6) ;;
+esac
--- /dev/null
+#!/bin/sh
+
+. /lib/functions.sh
+
+FW4="$(command -v fw4)"
+[ -z "$FW4" ] && exit 0
+
+CONNECTION="${PLUTO_CONNECTION//\//_}"
+[ -z "$CONNECTION" ] && exit 0
+
+FW_DIR="/tmp/libreswan/firewall.d"
+LIBRESWAN_RULES_FILE="$FW_DIR/libreswan.rules"
+RULES_DIR="$FW_DIR/rules"
+
+IPV4_RULES_FILE="$RULES_DIR/${CONNECTION}-ipv4.rules"
+IPV6_RULES_FILE="$RULES_DIR/${CONNECTION}-ipv6.rules"
+NFLOG_ALL_RULES_FILE="$RULES_DIR/nflog_all.rules"
+
+reload_firewall() {
+ [ ! -d "$RULES_DIR" ] && return 0
+
+ cat $RULES_DIR/*.rules > "$LIBRESWAN_RULES_FILE" 2>/dev/null
+ /etc/init.d/firewall reload
+}
+
+up_rules() {
+ [ -z "$PLUTO_PEER_CLIENT" ] && return 0
+
+ [ ! -d "$RULES_DIR" ] && mkdir -p "$RULES_DIR"
+
+ eval $(ipsec addconn --configsetup)
+
+ if [ -n "$nflog_all" ]; then
+ unset NFLOG
+ if [ ! -f "$NFLOG_ALL_RULES_FILE" ]; then
+ cat << EOF > "$NFLOG_ALL_RULES_FILE"
+table inet fw4 {
+ chain libreswan_nflog_input {
+ meta ipsec exists log prefix "all-ipsec" group ${nflog_all}
+ }
+ chain libreswan_nflog_output {
+ rt ipsec exists log prefix "all-ipsec" group ${nflog_all}
+ }
+}
+EOF
+ fi
+ else
+ [ -f "$NFLOG_ALL_RULES_FILE" ] && rm -f "$NFLOG_ALL_RULES_FILE"
+ fi
+
+ cat << EOF > $IPV4_RULES_FILE
+table inet fw4 {
+ chain libreswan_input {
+ meta ipsec exists ipsec in ip saddr $PLUTO_PEER_CLIENT ip daddr $PLUTO_MY_CLIENT ${NFLOG:+log prefix \"${PLUTO_CONNECTION}\" group ${NFLOG}} accept comment "$PLUTO_CONNECTION"
+ }
+ chain libreswan_forward {
+ meta ipsec exists ipsec in ip saddr $PLUTO_PEER_CLIENT ip daddr $PLUTO_MY_CLIENT accept comment "$PLUTO_CONNECTION"
+ }
+ chain libreswan_output {
+ ipsec out ip saddr $PLUTO_MY_CLIENT ip daddr $PLUTO_PEER_CLIENT ${NFLOG:+log prefix \"${PLUTO_CONNECTION}\" group ${NFLOG}} accept comment "$PLUTO_CONNECTION"
+ }
+ chain libreswan_srcnat {
+ ip saddr $PLUTO_MY_CLIENT ip daddr $PLUTO_PEER_CLIENT accept comment "$PLUTO_CONNECTION"
+ }
+}
+EOF
+
+ reload_firewall
+
+ return 0
+}
+
+down_rules() {
+ if [ -f "$IPV4_RULES_FILE" ]; then
+ rm -rf "$IPV4_RULES_FILE"
+ reload_firewall
+ fi
+
+ return 0
+}
+
+case "${PLUTO_VERB}" in
+ up-host|up-client) up_rules ;;
+ down-host|down-client) down_rules ;;
+ up-host-v6|down-host-v6) ;;
+ up-client|down-client-v6) ;;
+esac
--- /dev/null
+#!/bin/sh /etc/rc.common
+
+. "${IPKG_INSTROOT}/lib/functions/network.sh"
+
+START=90
+STOP=10
+
+USE_PROCD=1
+
+PROG="/usr/libexec/ipsec/pluto"
+IPSEC_BIN="/usr/sbin/ipsec"
+
+IPSEC_DIR="/var/run/ipsec"
+IPSEC_CONF="$IPSEC_DIR/setup.conf"
+IPSEC_CONF_DIR="$IPSEC_DIR/conf.d"
+
+IPSEC_AUTO="${IPSEC_BIN} auto"
+
+extra_command "start_tunnel" "Start ipsec tunnel"
+extra_command "stop_tunnel" "Stop ipsec tunnel"
+extra_command "reload_tunnel" "Reload/restart ipsec tunnel"
+
+set_var() {
+ export "$1=$2"
+}
+
+get_var() {
+ local var
+
+ var=$(eval echo "\"\${${1}}\"")
+ [ "$var" = "1" ] && return 0
+
+ return 1
+}
+
+set_restart_flag() {
+ set_var "RESTART_IPSEC" 1
+}
+
+restart_flag() {
+ get_var RESTART_IPSEC
+}
+
+set_replace_flag() {
+ set_var "REPLACE_${1}" 1
+}
+
+replace_flag() {
+ get_var "REPLACE_${1}"
+}
+
+checkconfig() {
+ ${IPSEC_BIN} addconn --checkconfig || return 1
+ mkdir -p /var/run/pluto
+}
+
+expand_ike() {
+ local id="$1"
+ local encryption_algorithm hash_algorithm dh_group proposal
+
+ config_get encryption_algorithm "${id}" encryption_algorithm
+ config_get hash_algorithm "${id}" hash_algorithm
+ config_get dh_group "${id}" dh_group
+
+ encryption_algorithm="${encryption_algorithm% *}"
+ proposal="${encryption_algorithm:+${encryption_algorithm}${hash_algorithm:+-${hash_algorithm}${dh_group:+;${dh_group%% *}}}}"
+ append ike_proposal "$proposal" ","
+}
+
+expand_phase2alg() {
+ local id="$1"
+ local encryption_algorithm hash_algorithm dh_group
+
+ config_get encryption_algorithm "${id}" encryption_algorithm
+ config_get hash_algorithm "${id}" hash_algorithm
+ config_get dh_group "${id}" dh_group
+
+ phase2alg_proposal="${encryption_algorithm:+${encryption_algorithm// /+}${hash_algorithm:+-${hash_algorithm// /+}${dh_group:+-${dh_group// /+}}}}"
+}
+
+generate_tunnel_config() {
+ local id=$1
+ local config_file="$IPSEC_CONF_DIR/$id.conf"
+ local secret_file="$IPSEC_CONF_DIR/$id.secret"
+ local tmp_config_file="/tmp/$id.conf"
+ local tmp_secret_file="/tmp/$id.secret"
+ local ikey mark_in okey mark_out ifid
+
+ config_get auto "$id" auto
+ config_get left "$id" left
+ config_get left_interface "$id" left_interface
+ [ -n "$left_interface" ] && network_get_ipaddr left "$left_interface"
+ config_get right "$id" right
+ config_get leftid "$id" leftid "$left"
+ config_get rightid "$id" rightid "$right"
+ config_get leftsourceip "$id" leftsourceip
+ config_get rightsourceip "$id" rightsourceip
+ config_get leftsubnets "$id" leftsubnets
+ config_get rightsubnets "$id" rightsubnets
+ config_get_bool ikev2 "$id" ikev2
+ [ "$ikev2" = "1" ] && ikev2=yes || ikev2=no
+ config_get_bool rekey "$id" rekey
+ [ "$rekey" = "1" ] && rekey=yes || rekey=no
+ config_get ikelifetime "$id" ikelifetime
+ config_get rekeymargin "$id" rekeymargin
+ config_get dpdaction "$id" dpdaction
+ config_get dpdtimeout "$id" dpdtimeout
+ config_get dpddelay "$id" dpddelay
+ config_get phase2 "$id" phase2
+ config_get phase2alg "$id" phase2alg
+ config_get nflog "$id" nflog 0
+ [ "$nflog" = "0" ] && unset nflog
+
+ config_list_foreach "$id" ike expand_ike
+ config_list_foreach "$id" phase2alg expand_phase2alg
+
+ config_get authby "$id" authby
+ config_get psk "$id" psk
+
+ if [ -n "$leftsubnets" ]; then
+ [[ "$leftsubnets" =~ 0.0.0.0* ]] && leftsubnets="0.0.0.0/0"
+ leftsubnets="{${leftsubnets// /,}}"
+ fi
+
+ if [ -n "$rightsubnets" ]; then
+ [[ "$rightsubnets" =~ 0.0.0.0* ]] && rightsubnets="0.0.0.0/0"
+ rightsubnets="{${rightsubnets// /,}}"
+ fi
+
+ config_get interface "$id" interface
+
+ cat << EOF > "$tmp_secret_file"
+$leftid $rightid : PSK "$psk"
+EOF
+
+ cat << EOF > "$tmp_config_file"
+conn $id
+ auto=${auto}
+ authby=${authby}
+ ikev2=${ikev2}
+ left=${left%% *}
+ ${leftid:+leftid=${leftid}}
+ ${leftsourceip:+leftsourceip=${leftsourceip}}
+ ${leftsubnets:+leftsubnets=${leftsubnets}}
+ right=${right%% *}
+ ${rightid:+rightid=${rightid}}
+ ${rightsourceip:+rightsourceip=${rightsourceip}}
+ ${rightsubnets:+rightsubnets=${rightsubnets}}
+ ${dpdaction:+dpdaction=${dpdaction}}
+ ${dpdtimeout:+dpdtimeout=${dpdtimeout}}
+ ${dpddelay:+dpddelay=${dpddelay}}
+ ${ikelifetime:+ikelifetime=${ikelifetime}}
+ ${rekey:+rekey=${rekey}}
+ ${rekeymargin:+rekeymargin=${rekeymargin}}
+ ${rekeyfuzz:+rekeyfuzz=${rekeyfuzz}}
+ ${phase2:+phase2=${phase2}}
+ ${ike_proposal:+ike=${ike_proposal}}
+ ${phase2alg_proposal:+phase2alg=${phase2alg_proposal}}
+ ${nflog:+nflog=${nflog}}
+EOF
+
+ if [ -n "$interface" ]; then
+ proto=$(uci_get network "$interface" proto)
+ case "$proto" in
+ vti)
+ ikey=$(uci_get network "$interface" ikey)
+ okey=$(uci_get network "$interface" okey)
+ mark_in=$(printf "0x%x" $ikey)
+ mark_out=$(printf "0x%x" $okey)
+ echo -e "${mark_in:+\tmark-in=${mark_in}}" >> "$tmp_config_file"
+ echo -e "${mark_out:+\tmark-out=${mark_out}}" >> "$tmp_config_file"
+ echo -e "${interface:+\tvti-interface=${interface}}" >> "$tmp_config_file"
+ ;;
+ xfrm)
+ ifid=$(uci_get network "$interface" ifid)
+ echo -e "${ifid:+\tipsec-interface=${ifid}}" >> "$tmp_config_file"
+ ;;
+ esac
+ fi
+
+
+ [ -f "$config_file" ] && {
+ cmp "$config_file" "$tmp_config_file" 2>/dev/null && rm -f "$tmp_config_file"
+ }
+
+ [ -f "$secret_file" ] && {
+ cmp "$secret_file" "$tmp_secret_file" 2>/dev/null && rm -f "$tmp_secret_file"
+ }
+
+ [ -f "$tmp_config_file" ] && mv "$tmp_config_file" "$config_file" && set_replace_flag "$id"
+ [ -f "$tmp_secret_file" ] && mv "$tmp_secret_file" "$secret_file" && set_replace_flag "$id"
+
+ unset ike_proposal phase2alg_proposal
+}
+
+generate_daemon_config() {
+ local tmp_config_file="/tmp/setup.conf"
+
+ config_get_bool debug globals debug 0
+ [ "$debug" = "0" ] && debug=none || debug=all
+ config_get_bool uniqueids globals uniqueids 0
+ [ "$uniqueids" = "0" ] && uniqueids=no || uniqueids=yes
+ config_get listen globals listen
+ config_get listen_interface globals listen_interface
+ [ -n "$listen_interface" ] && network_get_ipaddr listen "$listen_interface"
+ config_get virtual_private globals virtual_private
+ [ -z "$virtual_private" ] && virtual_private='10.0.0.0/8 192.168.0.0/16 172.16.0.0/12 25.0.0.0/8 100.64.0.0/10 !100.64.0.0/24'
+ config_get nflog_all globals nflog_all 0
+ [ "$nflog_all" = "0" ] && unset nflog_all
+
+ [ ! -d $IPSEC_DIR ] && mkdir -p $IPSEC_DIR
+ [ ! -d $IPSEC_CONF_DIR ] && mkdir -p $IPSEC_CONF_DIR
+
+ cat << EOF > "$tmp_config_file"
+config setup
+ ${debug:+plutodebug=${debug}}
+ ${uniqueids:+uniqueids=${uniqueids}}
+ ${listen:+listen=${listen}}
+ ${virtual_private:+virtual-private=%v4:${virtual_private// /,%v4:}}
+ ${nflog_all:+nflog-all=${nflog_all}}
+EOF
+
+ if ! cmp "$IPSEC_CONF" "$tmp_config_file" 2>/dev/null; then
+ mv "$tmp_config_file" "$IPSEC_CONF"
+ set_restart_flag 1
+ else
+ rm -f "$tmp_config_file"
+ fi
+
+ return 0
+}
+
+clean_config() {
+ rm -f $IPSEC_CONF_DIR/*.conf $IPSEC_CONF_DIR/*.secret
+}
+
+config_cb() {
+ local var="CONFIG_${1}_SECTIONS"
+ export $var
+ append "$var" "$2"
+}
+
+generate_config() {
+ config_load libreswan
+ generate_daemon_config
+ config_foreach generate_tunnel_config tunnel
+}
+
+regenerate_config() {
+ clean_config
+ generate_config
+}
+
+active_conns() {
+ local active_conns file _file
+
+ active_conns=$(${IPSEC_BIN} --trafficstatus | awk -F'[":/]' '{print $3}' | sort -u)
+
+ for file in $IPSEC_CONF_DIR/*.conf; do
+ _file="${file##*/}"
+ list_contains active_conns "${_file%%.*}" || append active_conns "${_file%%.*}"
+ done
+
+ echo "$active_conns"
+}
+
+start_service() {
+ generate_config
+ checkconfig || return 1
+
+ ${IPSEC_BIN} _stackmanager start
+
+ procd_open_instance
+ procd_set_param command $PROG --nofork
+ procd_set_param respawn
+ procd_close_instance
+}
+
+stop_service() {
+ ${IPSEC_BIN} whack --shutdown
+ ${IPSEC_BIN} _stackmanager stop
+}
+
+stop_tunnel() {
+ ${IPSEC_AUTO} --delete "$1" > /dev/null 2>&1
+ rm -f ${IPSEC_CONF_DIR}/$1.*
+}
+
+start_tunnel() {
+ generate_tunnel_config "$1"
+ ${IPSEC_AUTO} --add "$1" > /dev/null 2>&1
+ ${IPSEC_AUTO} --rereadsecrets
+ ${IPSEC_AUTO} --up "$1" > /dev/null 2>&1 &
+}
+
+reload_tunnel() {
+ generate_tunnel_config "$1"
+
+ replace_flag "$1" || return 0
+
+ ${IPSEC_AUTO} --rereadsecrets
+ ${IPSEC_AUTO} --replace "$1" > /dev/null 2>&1
+ ${IPSEC_AUTO} --up "$1" > /dev/null 2>&1 &
+}
+
+reload_service() {
+ local active_tunnels uci_tunnels
+ uci_tunnels="$@"
+
+ config_load libreswan
+ generate_daemon_config
+
+ if restart_flag; then
+ restart
+ return 0
+ fi
+
+ [ -z "$uci_tunnels" ] && config_get uci_tunnels tunnel SECTIONS
+
+ active_tunnels="$(active_conns)"
+
+ for tunnel in $active_tunnels; do
+ list_contains uci_tunnels "$tunnel" || stop_tunnel "$tunnel"
+ done
+
+ for tunnel in $uci_tunnels; do
+ if list_contains active_tunnels "$tunnel"; then
+ reload_tunnel "$tunnel"
+ else
+ start_tunnel "$tunnel"
+ fi
+ done
+}
+
+service_triggers() {
+ procd_add_reload_trigger 'libreswan'
+}
--- /dev/null
+include /var/run/ipsec/setup.conf
+include /var/run/ipsec/conf.d/*.conf
+include /etc/ipsec.d/*.conf
--- /dev/null
+include /var/run/ipsec/conf.d/*.secret
+include /etc/ipsec.d/*.secrets
--- /dev/null
+#!/bin/sh
+
+FW4="$(command -v fw4)"
+[ -n "$FW4" ] && exit 0
+
+IPT_LEGACY="$(command -v iptables-legacy)"
+IPT="$(command -v iptables)"
+BIN="${IPT_LEGACY:-$IPT}"
+[ -z "$BIN" ] && exit 0
+
+LIBRESWAN_INPUT="libreswan_input"
+LIBRESWAN_FORWARD="libreswan_forward"
+LIBRESWAN_OUTPUT="libreswan_output"
+LIBRESWAN_NFLOG_INPUT="libreswan_nflog_input"
+LIBRESWAN_NFLOG_OUTPUT="libreswan_nflog_output"
+LIBRESWAN_POSTROUTING="libreswan_postrouting"
+
+FW_DIR="/tmp/libreswan/firewall.d"
+LIBRESWAN_RULES_FILE="$FW_DIR/libreswan.rules"
+
+flush_delete_chain() {
+ [ $# -lt 2 ] && return
+
+ $BIN -t $1 -nL $2 > /dev/null 2>&1 || return
+
+ $BIN -t $1 -F $2
+ $BIN -t $1 -X $2
+}
+
+cleanup_libreswan_rules() {
+ $BIN -t filter -C input_rule -j $LIBRESWAN_INPUT > /dev/null 2>&1
+ [ $? -eq 0 ] && $BIN -t filter -D input_rule -j $LIBRESWAN_INPUT
+
+ $BIN -t filter -C output_rule -j $LIBRESWAN_OUTPUT > /dev/null 2>&1
+ [ $? -eq 0 ] && $BIN -t filter -D output_rule -j $LIBRESWAN_OUTPUT
+
+ $BIN -t filter -C forwarding_rule -j $LIBRESWAN_FORWARD > /dev/null 2>&1
+ [ $? -eq 0 ] && $BIN -t filter -D forwarding_rule -j $LIBRESWAN_FORWARD
+
+ $BIN -t nat -C postrouting_rule -j $LIBRESWAN_POSTROUTING > /dev/null 2>&1
+ [ $? -eq 0 ] && $BIN -t nat -D postrouting_rule -j $LIBRESWAN_POSTROUTING
+
+ flush_delete_chain filter $LIBRESWAN_NFLOG_INPUT
+ flush_delete_chain filter $LIBRESWAN_INPUT
+ flush_delete_chain filter $LIBRESWAN_FORWARD
+ flush_delete_chain filter $LIBRESWAN_NFLOG_OUTPUT
+ flush_delete_chain filter $LIBRESWAN_OUTPUT
+ flush_delete_chain filter $LIBRESWAN_NFLOG_INPUT
+ flush_delete_chain filter $LIBRESWAN_NFLOG_OUTPUT
+ flush_delete_chain nat $LIBRESWAN_POSTROUTING
+}
+
+create_chain_jump() {
+ [ $# -lt 3 ] && return
+
+ local table=$1
+ local chain=$2
+ local base_chain=$3
+
+ $BIN -t $table -N $chain
+ $BIN -t $table -C $base_chain -j $chain
+ [ $? -ne 0 ] && $BIN -t $table -I $base_chain -j $chain
+ $BIN -t $table -F $chain
+}
+
+if ! /etc/init.d/ipsec running; then
+ cleanup_libreswan_rules
+ exit 0
+fi
+
+eval $(ipsec addconn --configsetup)
+
+create_chain_jump filter "$LIBRESWAN_INPUT" "insert_rule"
+create_chain_jump filter "$LIBRESWAN_FORWARD" "forwarding_rule"
+create_chain_jump filter "$LIBRESWAN_OUTPUT" "output_rule"
+
+create_chain_jump filter "$LIBRESWAN_NFLOG_INPUT" "$LIBRESWAN_INPUT"
+create_chain_jump filter "$LIBRESWAN_NFLOG_OUTPUT" "$LIBRESWAN_OUTPUT"
+
+create_chain_jump nat "$LIBRESWAN_POSTROUTING" "postrouting_rule"
+
+[ ! -f $LIBRESWAN_RULES_FILE ] && exit 0
+
+if [ -n "$nflog_all" ]; then
+ sed -i -e '/NFLOG/d' "$LIBRESWAN_RULES_FILE"
+ $BIN -t filter -I $LIBRESWAN_NFLOG_INPUT -m policy --dir in --pol ipsec -j NFLOG --nflog-group ${nflog_all} --nflog-prefix all-ipsec
+ $BIN -t filter -I $LIBRESWAN_NFLOG_OUTPUT -m policy --dir out --pol ipsec -j NFLOG --nflog-group ${nflog_all} --nflog-prefix all-ipsec
+fi
+
+sh $LIBRESWAN_RULES_FILE
--- /dev/null
+#!/bin/sh
+
+. /lib/functions.sh
+
+uci_add firewall include libreswan
+uci_set firewall libreswan path '/etc/libreswan_firewall.sh'
+uci_set firewall libreswan reload 1
+uci_commit firewall
+++ /dev/null
-config setup
- # needed when using PSK only. Not needed for X.509 based servers
- uniqueids=no
- virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v4:100.64.0.0/10,%v4:!100.64.0.0/24
-
-conn ikev1
- authby=secret
- pfs=no
- auto=add
- rekey=no
- left=%defaultroute
- right=%any
- ikev2=never
- type=transport
- leftprotoport=17/1701
- rightprotoport=17/%any
- dpddelay=15
- dpdtimeout=30
- dpdaction=clear
-
-conn ikev1-nat
- also=ikev1
- rightsubnet=vhost:%priv
-
-# include /etc/ipsec.d/*.conf
+++ /dev/null
-#!/bin/sh /etc/rc.common
-
-START=90
-STOP=10
-
-USE_PROCD=1
-PROG="/usr/libexec/ipsec/pluto"
-IPSEC_SECRETS=/etc/ipsec.secrets
-IPSEC_CONF=/etc/ipsec.conf
-IPSEC_BIN=/usr/sbin/ipsec
-
-checkconfig() {
- ${IPSEC_BIN} addconn --checkconfig || return 1
- mkdir -p /var/run/pluto
-}
-
-start_service() {
- checkconfig || return 1
-
- ipsec _stackmanager start
- # Enable nflog if configured
- ipsec --checknflog > /dev/null
-
- procd_open_instance
- procd_set_param command $PROG --config ${IPSEC_CONF} --nofork --secretsfile ${IPSEC_SECRETS}
- procd_set_param respawn
- procd_close_instance
-}
-
-stop_service() {
- ipsec whack --shutdown
- ipsec _stackmanager stop
- ipsec --stopnflog > /dev/null
-
-}
-
+++ /dev/null
-# Unlike older openswan, this file does NOT contain any X.509 related
-# information such as private key :RSA statements as these now reside
-# in the NSS database. See:
-#
-# https://libreswan.org/wiki/Using_NSS_with_libreswan
-# https://libreswan.org/wiki/Migrating_from_Openswan
-
-# A.B.C.D %any : PSK "SsEeCcRrEeTt"
-: PSK "SsEeCcRrEeTt"
-# include /etc/ipsec.d/*.secrets
--- /dev/null
+#!/bin/sh
+
+/sbin/hotplug-call libreswan
--- /dev/null
+#!/bin/sh
+
+. /lib/functions.sh
+. /usr/share/libubox/jshn.sh
+
+RPC_SCRIPTS=/usr/libexec/libreswan/rpc
+
+[ -d $RPC_SCRIPTS ] && include $RPC_SCRIPTS
+
+IPSEC_TRAFFIC_STATES="/tmp/ipsec_traffic.$$"
+IPSEC_TUNNEL_STATUS="/tmp/ipsec_status.$$"
+
+__function__() {
+ type "$1" > /dev/null 2>&1
+}
+
+foreach_extra() {
+ local file obj
+
+ [ ! -d $RPC_SCRIPTS ] && return
+
+ for file in $RPC_SCRIPTS/*; do
+ obj="${file##*/}"
+ $1 "${obj%%.*}"
+ done
+}
+
+get_index() {
+ [ $# -lt 2 ] && return 1
+
+ local var=$1
+ local str=$2
+ local ele
+ local i=1
+
+ eval "val=\"\${$var}\""
+
+ for ele in ${val}; do
+ if [[ "$ele" = "$str" ]]; then
+ echo "$i"
+ return 0
+ fi
+ i="$((i+1))"
+ done
+
+ return 1
+}
+
+phase1_established() {
+ grep -q "\"${1%/*}\/.*(IKE SA established)\|\"${1%/*}\/.*(established IKE SA)" "$IPSEC_TUNNEL_STATUS"
+}
+
+phase2_established() {
+ grep -q "\"$1\".*(IPsec SA established)\|\"$1\".*(established Child SA)" "$IPSEC_TUNNEL_STATUS"
+}
+
+add_tunnel_object() {
+ local id="$1"
+ local leftsubnets rightsubnets right ctime active_right
+ local phase1=0 phase2=0 add_time inBytes outBytes
+
+ config_get right "$id" right
+ config_get leftsubnets "$id" leftsubnets
+ config_get rightsubnets "$id" rightsubnets
+
+ if [ -z "$right" ] || [ "$right" = "%any" ] || [ "$right" == "0.0.0.0" ]; then
+ active_right=$(awk -F'[: ]' '{ if ( $4 ~ "'"$id/"'") {print $5; exit 0};}' "$IPSEC_TUNNEL_STATUS")
+ fi
+
+ for lsubnet in $leftsubnets; do
+ lidx=$(get_index leftsubnets $lsubnet)
+ for rsubnet in $rightsubnets; do
+ ridx=$(get_index rightsubnets $rsubnet)
+ tid="${id}/${lidx}x${ridx}"
+
+ eval $(awk -F, '{if ($1 ~ "'"$tid"'" ) {printf("%s %s %s", $3, $4, $5)};}' "$IPSEC_TRAFFIC_STATES")
+ json_add_object tunnels
+ json_add_string name "$id"
+ json_add_string right "$right${active_right:+ (${active_right})}"
+ json_add_string leftsubnet "$lsubnet"
+ json_add_string rightsubnet "$rsubnet"
+ json_add_int tx "$outBytes"
+ json_add_int rx "$inBytes"
+
+ phase1_established "$tid" && phase1=1
+ phase2_established "$tid" && phase2=1
+
+ json_add_boolean phase1 "$phase1"
+ json_add_boolean phase2 "$phase2"
+
+ if [ "$phase1" = "1" ] && [ "$phase2" = "1" ]; then
+ ctime="$(date +%s)"
+ json_add_boolean connected 1
+ json_add_int uptime "$((ctime - add_time))"
+ else
+ json_add_boolean connected 0
+ json_add_int uptime 0
+ fi
+
+ json_close_object
+ done
+ done
+}
+
+generate_libreswan_states() {
+ ipsec trafficstatus > "$IPSEC_TRAFFIC_STATES"
+ ipsec status > "$IPSEC_TUNNEL_STATUS"
+}
+
+clean_libreswan_states() {
+ return
+ rm -f "$IPSEC_TRAFFIC_STATES" "$IPSEC_TUNNEL_STATUS"
+}
+
+libreswan_status() {
+ config_load libreswan
+
+ generate_libreswan_states
+
+ json_init
+ json_add_array tunnels
+ config_foreach add_tunnel_object tunnel
+ json_close_array
+ json_dump
+
+ clean_libreswan_states
+}
+
+call_extra() {
+ if __function__ "$1"; then
+ $1
+ else
+ json_init
+ json_add_string error "invalid call $1"
+ json_dump
+ fi
+}
+
+call_method() {
+ case "$1" in
+ status)
+ libreswan_status
+ ;;
+ *)
+ call_extra $1
+ ;;
+ esac
+}
+
+list_extra() {
+ if __function__ "${1}_help"; then
+ ${1}_help
+ else
+ json_add_object "$1"
+ json_close_object
+ fi
+}
+
+list_methods() {
+ local file
+
+ json_init
+
+ json_add_object status
+ json_close_object
+
+ foreach_extra list_extra ${1}
+
+ json_dump
+}
+
+main () {
+ case "$1" in
+ list)
+ list_methods
+ ;;
+ call)
+ call_method $2
+ ;;
+ esac
+}
+
+main "$@"
--- /dev/null
+jump libreswan_forward
--- /dev/null
+jump libreswan_nflog_input
+jump libreswan_input
--- /dev/null
+jump libreswan_nflog_output
+jump libreswan_output
--- /dev/null
+jump libreswan_srcnat
--- /dev/null
+chain libreswan_input {}
+chain libreswan_nflog_input {}
+chain libreswan_forward {}
+chain libreswan_output {}
+chain libreswan_nflog_output {}
+chain libreswan_srcnat {}
include $(TOPDIR)/rules.mk
PKG_NAME:=lighttpd
-PKG_VERSION:=1.4.72
+PKG_VERSION:=1.4.73
PKG_RELEASE:=1
# release candidate ~rcX testing; remove for release
#PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://download.lighttpd.net/lighttpd/releases-1.4.x
-PKG_HASH:=f7cade4d69b754a0748c01463c33cd8b456ca9cc03bb09e85a71bcbcd54e55ec
+PKG_HASH:=818816d0b314b0aa8728a7076513435f6d5eb227f3b61323468e1f10dbe84ca8
-PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org>
+PKG_MAINTAINER:=Glenn Strauss <gstrauss@gluelogic.com>
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=COPYING
PKG_CPE_ID:=cpe:/a:lighttpd:lighttpd
PKG_NAME:=mDNSResponder
PKG_VERSION:=IETF104
-PKG_RELEASE:=6
+PKG_RELEASE:=5
PKG_SOURCE:=mDNSResponder-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://opensource.apple.com/tarballs/mDNSResponder/IETF/
endef
define Build/InstallDev
- $(INSTALL_DIR) $(1)/usr/include/mdns
- $(CP) $(PKG_INSTALL_DIR)/usr/include/dns_sd.h $(1)/usr/include/mdns
- $(INSTALL_DIR) $(1)/usr/lib/mdns
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/libdns_sd.so.1 $(1)/usr/lib/mdns
- $(LN) -s libdns_sd.so.1 $(1)/usr/lib/mdns/libdns_sd.so
+ $(INSTALL_DIR) $(1)/usr/include
+ $(CP) $(PKG_INSTALL_DIR)/usr/include/dns_sd.h $(1)/usr/include/
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libdns_sd.so.1 $(1)/usr/lib/
+ $(LN) -s libdns_sd.so.1 $(1)/usr/lib/libdns_sd.so
endef
define Package/mdns-utils/install
$(INSTALL_DIR) $(1)/etc/hotplug.d/iface
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/mdnsd.init $(1)/etc/init.d/mdnsd
- $(INSTALL_DIR) $(1)/usr/lib/mdns
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/libdns_sd.so.1 $(1)/usr/lib/mdns
- $(LN) -s libdns_sd.so.1 $(1)/usr/lib/mdns/libdns_sd.so
+ $(INSTALL_DIR) $(1)/usr/lib/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libdns_sd.so.1 $(1)/usr/lib/
+ $(LN) -s libdns_sd.so.1 $(1)/usr/lib/libdns_sd.so
endef
define Package/mdnsresponder/install
PKG_NAME:=modemmanager
PKG_SOURCE_VERSION:=1.22.0
-PKG_RELEASE:=1
+PKG_RELEASE:=5
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://gitlab.freedesktop.org/mobile-broadband/ModemManager.git
# Cleanup interfaces
mm_cleanup_interfaces() {
- local modemlist modemlength idx modeminfo modemsysfspath
-
- modemlist=$(mmcli --list-modems --output-keyvalue)
- [ -n "${modemlist}" ] || return 0
-
- modemlength=$(modemmanager_get_field "${modemlist}" "modem-list.length")
-
- # do nothing if no modem reported
- [ -n "${modemlength}" ] && [ "${modemlength}" -ge 1 ] && {
- idx=1
- while [ $idx -le "$modemlength" ]; do
- modempath=$(modemmanager_get_field "${modemlist}" "modem-list.value\[$idx\]")
- modeminfo=$(mmcli --modem "${modempath}" --output-keyvalue)
- modemsysfspath=$(modemmanager_get_field "${modeminfo}" "modem.generic.device")
- mm_cleanup_interface_by_sysfspath "${modemsysfspath}"
- idx=$((idx + 1))
- done
- }
+ local sysfs_path status
+
+ # Do nothing if there is no sysfs cache
+ [ -f "${MODEMMANAGER_SYSFS_CACHE}" ] || return
+
+ while IFS= read -r sysfs_cache_line; do
+ sysfs_path=$(echo "${sysfs_cache_line}" | awk '{print $1}')
+ status=$(echo "${sysfs_cache_line}" | awk '{print $2}')
+
+ if [ "${status}" = "processed" ]; then
+ mm_log "debug" "call cleanup for: ${sysfs_path}"
+ mm_cleanup_interface_by_sysfspath "${sysfs_path}"
+ fi
+ done < ${MODEMMANAGER_SYSFS_CACHE}
}
mm_cleanup_interface_by_sysfspath() {
local sysfspath="$4"
# Do not save virtual devices
- local virtual
+ local virtual result
virtual="$(echo "$sysfspath" | cut -d'/' -f4)"
[ "$virtual" = "virtual" ] && {
mm_log "debug" "sysfspath is a virtual device ($sysfspath)"
esac
# Report the event
- mm_log "debug" "event reported: action=${action}, name=${name}, subsystem=${subsystem}"
- mmcli --report-kernel-event="action=${action},name=${name},subsystem=${subsystem}" 1>/dev/null 2>&1 &
+ mm_log "debug" "Report event: action=${action}, name=${name}, subsystem=${subsystem}"
+ result=$(mmcli --report-kernel-event="action=${action},name=${name},subsystem=${subsystem}" 2>&1)
+ if [ "$?" -eq "0" ]; then
+ # Wait for added modem if a sysfspath is given
+ [ -n "${sysfspath}" ] && [ "$action" = "add" ] && mm_report_modem_wait "${sysfspath}"
+ else
+ mm_log "error" "Couldn't report kernel event: ${result}"
+ fi
- # Wait for added modem if a sysfspath is given
- [ -n "${sysfspath}" ] && [ "$action" = "add" ] && mm_report_modem_wait "${sysfspath}"
}
mm_report_event_from_cache_line() {
}
mm_report_events_from_cache() {
- # Remove the sysfs cache
- rm -f "${MODEMMANAGER_SYSFS_CACHE}"
-
local n=60
local step=1
local mmrunning=0
return
}
+ # Remove the sysfs cache
+ rm -f "${MODEMMANAGER_SYSFS_CACHE}"
+
# Report cached kernel events
while IFS= read -r event_line; do
mm_report_event_from_cache_line "${event_line}"
LOG_LEVEL="INFO"
-stop_service() {
- # Load common utils
- . /usr/share/ModemManager/modemmanager.common
- # Set all configured interfaces as unavailable
- mm_cleanup_interfaces
-}
-
start_service() {
# Setup ModemManager service
#
mkdir -p "${MODEMMANAGER_RUNDIR}"
chmod 0755 "${MODEMMANAGER_RUNDIR}"
- mm_cleanup_interfaces
/usr/sbin/ModemManager "$@" 1>/dev/null 2>/dev/null &
CHILD="$!"
mm_report_events_from_cache
wait "$CHILD"
+
+ # Set all configured interfaces as unavailable
+ mm_cleanup_interfaces
}
main "$@"
prompt "Enable HTTP sub module"
default n
+config NGINX_STREAM_REAL_IP
+ bool
+ prompt "Enable STREAM real ip module"
+ default n
+
endmenu
PKG_NAME:=nginx
PKG_VERSION:=1.25.2
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=nginx-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://nginx.org/download/
CONFIG_NGINX_PCRE \
CONFIG_NGINX_HTTP_REAL_IP \
CONFIG_NGINX_HTTP_SECURE_LINK \
+ CONFIG_NGINX_STREAM_REAL_IP \
CONFIG_OPENSSL_ENGINE \
CONFIG_OPENSSL_WITH_NPN \
$(foreach m,$(PKG_MOD_EXTRA),CONFIG_PACKAGE_$(m))
$(if $(call IsEnabled,NGINX_HTTP_SECURE_LINK),--with-http_secure_link_module) \
$(if $(call IsEnabled,NGINX_HTTP_SUB),--with-http_sub_module) \
$(if $(CONFIG_PACKAGE_nginx-mod-stream),--with-stream=dynamic --with-stream_ssl_module --with-stream_ssl_preread_module) \
+ $(if $(call IsEnabled,NGINX_STREAM_REAL_IP),--with-stream_realip_module) \
$(if $(CONFIG_PACKAGE_nginx-mod-naxsi),--add-dynamic-module=$(PKG_BUILD_DIR)/nginx-mod-naxsi/naxsi_src) \
$(foreach m,$(filter-out lua-resty-core lua-resty-lrucache naxsi,$(PKG_MOD_EXTRA)), \
$(if $(CONFIG_PACKAGE_nginx-mod-$(m)),--add-dynamic-module=$(PKG_BUILD_DIR)/nginx-mod-$(m)))
+++ /dev/null
-#
-# Copyright (C) 2020-2021 CZ.NIC, z. s. p. o. (https://www.nic.cz/)
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=ooniprobe
-PKG_VERSION:=3.18.0
-PKG_RELEASE:=1
-
-PKG_SOURCE:=probe-cli-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://codeload.github.com/ooni/probe-cli/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=d28c050226c9282d7155da6cabf5547ddd43dc11eecacc485b6c05161c2d1d88
-
-PKG_MAINTAINER:=Jan Pavlinec <jan.pavlinec1@gmail.com>
-PKG_LICENSE:=GPL-3.0-or-later
-PKG_LICENSE_FILES:=LICENSE
-
-PKG_BUILD_DIR:=$(BUILD_DIR)/probe-cli-$(PKG_VERSION)
-PKG_BUILD_DEPENDS:=golang/host
-PKG_BUILD_PARALLEL:=1
-PKG_BUILD_FLAGS:=no-mips16
-
-GO_PKG:=github.com/ooni/probe-cli
-GO_PKG_BUILD_PKG:=github.com/ooni/probe-cli/v3/cmd/ooniprobe
-
-include $(INCLUDE_DIR)/package.mk
-include ../../lang/golang/golang-package.mk
-
-define Package/ooniprobe
- SECTION:=net
- CATEGORY:=Network
- TITLE:=OONI probe-cli
- URL:=https://ooni.org
- DEPENDS:=$(GO_ARCH_DEPENDS)
-endef
-
-define Package/ooniprobe/description
- The next generation of Open Observatory of Network Interference (OONI)
- Probe Command Line Interface.
-endef
-
-# Workaround for musl 1.2.4 compability in mattn/go-sqlite3
-# https://github.com/mattn/go-sqlite3/issues/1164
-ifneq ($(CONFIG_USE_MUSL),)
- TARGET_CFLAGS += -D_LARGEFILE64_SOURCE
-endif
-
-$(eval $(call GoBinPackage,ooniprobe))
-$(eval $(call BuildPackage,ooniprobe))
+++ /dev/null
-#!/bin/sh
-
-ooniprobe version | grep "$2"
PKG_NAME:=openthread-br
PKG_SOURCE_DATE:=2023-08-01
PKG_SOURCE_VERSION:=1738d8cd8b42106c2ef1262fbbac2f06beab83ba
-PKG_RELEASE:=2
+PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL=https://github.com/openthread/ot-br-posix.git
-DOTBR_SRP_SERVER_AUTO_ENABLE:BOOL=ON \
-DOTBR_TREL:BOOL=ON
-TARGET_CFLAGS += -DOPENTHREAD_POSIX_CONFIG_DAEMON_SOCKET_BASENAME=\\\"/var/run/openthread-%s\\\" \
- -I$(STAGING_DIR)/usr/include/mdns \
- -L$(STAGING_DIR)/usr/lib/mdns
+TARGET_CFLAGS += -DOPENTHREAD_POSIX_CONFIG_DAEMON_SOCKET_BASENAME=\\\"/var/run/openthread-%s\\\"
define Package/luci-app-openthread/install
$(INSTALL_DIR) \
define Package/openthread-br/install
$(INSTALL_DIR) \
+ $(1)/etc/init.d \
$(1)/lib/netifd/proto \
$(1)/usr/sbin \
$(1)/var/lib/thread
src/rest/resource.hpp | 1 +
3 files changed, 57 insertions(+)
+diff --git a/src/rest/openapi.yaml b/src/rest/openapi.yaml
+index 2ba2a4dd56..2edc4af29a 100644
--- a/src/rest/openapi.yaml
+++ b/src/rest/openapi.yaml
@@ -248,6 +248,18 @@ paths:
components:
schemas:
LeaderData:
+diff --git a/src/rest/resource.cpp b/src/rest/resource.cpp
+index a60e9d9483..829835341a 100644
--- a/src/rest/resource.cpp
+++ b/src/rest/resource.cpp
@@ -767,12 +767,47 @@ exit:
case HttpMethod::kGet:
GetDataset(aDatasetType, aRequest, aResponse);
break;
+diff --git a/src/rest/resource.hpp b/src/rest/resource.hpp
+index d79085dbfc..362e501471 100644
--- a/src/rest/resource.hpp
+++ b/src/rest/resource.hpp
@@ -150,6 +150,7 @@ private:
void DeleteOutDatedDiagnostic(void);
void UpdateDiag(std::string aKey, std::vector<otNetworkDiagTlv> &aDiag);
+--
+2.41.0
+
include $(TOPDIR)/rules.mk
PKG_NAME:=privoxy
-PKG_VERSION:=3.0.33
-PKG_RELEASE:=4
+PKG_VERSION:=3.0.34
+PKG_RELEASE:=1
-PKG_SOURCE:=privoxy-$(PKG_VERSION)-stable-src.tar.gz
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-stable-src.tar.gz
PKG_SOURCE_URL:=@SF/ijbswa
-PKG_HASH:=04b104e70dac61561b9dd110684b250fafc8c13dbe437a60fae18ddd9a881fae
-PKG_BUILD_DIR:=$(BUILD_DIR)/privoxy-$(PKG_VERSION)-stable
+PKG_HASH:=e6ccbca1656f4e616b4657f8514e33a70f6697e9d7294356577839322a3c5d2c
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)-stable
PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
URL:=http://www.privoxy.org/
USERID:=privoxy=8118:privoxy=8118
MENU:=1
- DEPENDS:=+!PRIVOXY_no_pcre:libpcre +!PRIVOXY_no_pthread:libpthread +!PRIVOXY_no_zlib:zlib
+ DEPENDS:=+!PRIVOXY_no_pcre:libpcre2 +!PRIVOXY_no_pthread:libpthread +!PRIVOXY_no_zlib:zlib
endef
# shown in LuCI package description
--- /dev/null
+From 53748ca8ca3c893025be34dd4f104546fcbd0602 Mon Sep 17 00:00:00 2001
+From: Fabian Keil <fk@fabiankeil.de>
+Date: Sat, 17 Jun 2023 13:20:24 +0200
+Subject: [PATCH] Add pcre2 support
+
+This is currently expected to cause crashes on Windows
+when compiled with GUI support.
+
+Closes bug #935.
+Initial patch submitted by: Gagan Sidhu
+---
+ acconfig.h | 6 ++
+ actions.c | 8 +++
+ cgi.c | 9 ++-
+ client-tags.c | 5 ++
+ configure.in | 64 ++++++++++++++++-
+ pcrs.c | 148 +++++++++++++++++++++++++++++----------
+ pcrs.h | 40 +++++++----
+ project.h | 54 +++++++++-----
+ templates/show-status | 5 +-
+ urlmatch.c | 159 ++++++++++++++++++++++++++++++++++++++++++
+ urlmatch.h | 4 ++
+ w32log.c | 3 +
+ 12 files changed, 430 insertions(+), 75 deletions(-)
+
+--- a/acconfig.h
++++ b/acconfig.h
+@@ -225,11 +225,17 @@
+ /* Define if pcre.h must be included as <pcre/pcre.h>
+ */
+ #undef PCRE_H_IN_SUBDIR
++#undef PCRE2_H_IN_SUBDIR
++
++#undef HAVE_PCRE2
++#undef HAVE_PCRE2POSIX
+
+ /* Define if pcreposix.h must be included as <pcre/pcreposix.h>
+ */
+ #undef PCREPOSIX_H_IN_SUBDIR
+
++#undef PCRE2POSIX_H_IN_SUBDIR
++
+ @BOTTOM@
+
+ /*
+--- a/actions.c
++++ b/actions.c
+@@ -828,8 +828,12 @@ int update_action_bits_for_tag(struct cl
+ continue;
+ }
+
++#ifdef HAVE_PCRE2
++ if (pcre2_pattern_matches(b->url->pattern.tag_regex, tag))
++#else
+ /* and check if one of the tag patterns matches the tag, */
+ if (0 == regexec(b->url->pattern.tag_regex, tag, 0, NULL, 0))
++#endif
+ {
+ /* if it does, update the action bit map, */
+ if (merge_current_action(csp->action, b->action))
+@@ -884,7 +888,11 @@ jb_err check_negative_tag_patterns(struc
+ }
+ for (tag = csp->tags->first; NULL != tag; tag = tag->next)
+ {
++#ifdef HAVE_PCRE2
++ if (pcre2_pattern_matches(b->url->pattern.tag_regex, tag->str))
++#else
+ if (0 == regexec(b->url->pattern.tag_regex, tag->str, 0, NULL, 0))
++#endif
+ {
+ /*
+ * The pattern matches at least one tag, thus the action
+--- a/cgi.c
++++ b/cgi.c
+@@ -2023,7 +2023,7 @@ jb_err template_fill(char **template_ptr
+ char buf[BUFFER_SIZE];
+ char *tmp_out_buffer;
+ char *file_buffer;
+- size_t size;
++ size_t buffer_size, new_size;
+ int error;
+ const char *flags;
+
+@@ -2032,7 +2032,7 @@ jb_err template_fill(char **template_ptr
+ assert(exports);
+
+ file_buffer = *template_ptr;
+- size = strlen(file_buffer) + 1;
++ buffer_size = strlen(file_buffer) + 1;
+
+ /*
+ * Assemble pcrs joblist from exports map
+@@ -2082,7 +2082,10 @@ jb_err template_fill(char **template_ptr
+ }
+ else
+ {
+- error = pcrs_execute(job, file_buffer, size, &tmp_out_buffer, &size);
++ error = pcrs_execute(job, file_buffer, buffer_size, &tmp_out_buffer,
++ &new_size);
++
++ buffer_size = new_size;
+
+ pcrs_free_job(job);
+ if (NULL == tmp_out_buffer)
+--- a/client-tags.c
++++ b/client-tags.c
+@@ -43,6 +43,7 @@
+ #include "miscutil.h"
+ #include "errlog.h"
+ #include "parsers.h"
++#include "urlmatch.h"
+
+ struct client_specific_tag
+ {
+@@ -658,7 +659,11 @@ int client_tag_match(const struct patter
+
+ for (tag = tags->first; tag != NULL; tag = tag->next)
+ {
++#ifdef HAVE_PCRE2
++ if (pcre2_pattern_matches(pattern->pattern.tag_regex, tag->str))
++#else
+ if (0 == regexec(pattern->pattern.tag_regex, tag->str, 0, NULL, 0))
++#endif
+ {
+ log_error(LOG_LEVEL_TAGGING, "Client tag '%s' matches.", tag->str);
+ return 1;
+--- a/configure.in
++++ b/configure.in
+@@ -863,12 +863,47 @@ else
+ ])
+ fi
+
++AC_ARG_ENABLE(pcre2,
++[ --disable-pcre2 Don't try to use pcre2 even if it's available],
++[enableval2=$enableval],
++[enableval2=yes])
++if test $enableval2 = yes; then
++ try_pcre2=yes
++else
++ AC_MSG_WARN([Ignoring pcre2 even if it's available])
++ try_pcre2=no
++fi
++
++if test $try_pcre2 != no; then
+ dnl =================================================================
+ dnl Checks for libraries.
+ dnl =================================================================
+ dnl Note: Some systems may have the library but not the system header
+ dnl file, so we must check for both.
+ dnl Also check for correct version
++AC_CHECK_LIB(pcre2-8, pcre2_compile_8, [
++ AC_CHECK_HEADER(pcre2.h, [
++ AC_EGREP_HEADER(pcre2_pattern_info, pcre2.h,[have_pcre2=yes; AC_DEFINE(HAVE_PCRE2)], [AC_MSG_WARN([[pcre2 old version installed]]); have_pcre2=no])
++ ], [
++ AC_CHECK_HEADER(pcre2/pcre2.h, [
++ AC_EGREP_HEADER(pcre2_pattern_info, pcre2/pcre2.h, [have_pcre2=yes; AC_DEFINE(PCRE2_H_IN_SUBDIR)], [AC_MSG_WARN([[pcre2 old version installed]]); have_pcre2=no])
++ ], [have_pcre2=no])
++ ], [#define PCRE2_CODE_UNIT_WIDTH 8])
++], [have_pcre2=no])
++
++AC_CHECK_LIB(pcre2-posix, regcomp, [
++ AC_CHECK_HEADER(pcre2posix.h, [
++ AC_EGREP_HEADER(pcre2_regerror, pcre2posix.h, [have_pcre2posix=yes],[AC_MSG_WARN([[pcre2posix old version installed]]); have_pcre2posix=no])
++ ], [
++ AC_CHECK_HEADER(pcre/pcre2posix.h, [
++ AC_EGREP_HEADER(pcre2_regerror, pcre2/pcre2posix.h, [have_pcre2posix=yes; AC_DEFINE(PCRE2POSIX_H_IN_SUBDIR)],[AC_MSG_WARN([[pcre2posix old version installed]]); have_pcre2posix=no])
++ ], [have_pcre2posix=no])
++ ])
++], [have_pcre2posix=no], -lpcre2-8)
++fi
++
++if test $have_pcre2 = "no"; then
++
+ AC_CHECK_LIB(pcre, pcre_compile, [
+ AC_CHECK_HEADER(pcre.h, [
+ AC_EGREP_HEADER(pcre_fullinfo, pcre.h, [have_pcre=yes], [AC_MSG_WARN([[pcre old version installed]]); have_pcre=no])
+@@ -889,6 +924,7 @@ AC_CHECK_LIB(pcreposix, regcomp, [
+ ])
+ ], [have_pcreposix=no], -lpcre)
+
++fi
+ dnl ================================================================
+ dnl libpcrs is temporarily disabled.
+ dnl
+@@ -1095,6 +1131,31 @@ fi
+ # we don't need pcreposix, then link pcre dynamically; else
+ # build it and link statically
+ #
++
++#check for libpcre2 first. then regular pcre
++
++if test $have_pcre2 = "yes"; then
++ echo "using libpcre2"
++ STATIC_PCRE_ONLY=#
++ LIBS="$LIBS -lpcre2-8 -lpcre2-posix"
++ if test "$use_static_pcre" = "yes"; then
++ pcre_dyn=no
++ AC_DEFINE(PCRE_STATIC,1,[Define to statically link to pcre library on Windows.])
++# see /usr/i686-w64-mingw32/sys-root/mingw/include/pcre.h line 54
++# #if defined(_WIN32) && !defined(PCRE_STATIC)
++# # ifndef PCRE_EXP_DECL
++# # define PCRE_EXP_DECL extern __declspec(dllimport)
++# # endif
++# If you want to statically link a program against a PCRE library in the form of
++# a non-dll .a file, you must define PCRE_STATIC before including pcre.h or
++# pcrecpp.h, otherwise the pcre_malloc() and pcre_free() exported functions will
++# be declared __declspec(dllimport), with unwanted results.
++ else
++ pcre_dyn=yes
++ AC_DEFINE(FEATURE_DYNAMIC_PCRE,1,[Define to dynamically link to pcre.])
++ fi
++else
++
+ if test $have_pcre = "yes"; then
+ echo "using libpcre"
+ STATIC_PCRE_ONLY=#
+@@ -1116,7 +1177,8 @@ if test $have_pcre = "yes"; then
+ AC_DEFINE(FEATURE_DYNAMIC_PCRE,1,[Define to dynamically link to pcre.])
+ fi
+ else
+- AC_MSG_ERROR(pcre library not detected.)
++ AC_MSG_ERROR(Detected neither pcre2 nor pcre library.)
++fi
+ fi
+
+ AC_DEFINE(FEATURE_CONNECTION_KEEP_ALIVE)
+--- a/pcrs.c
++++ b/pcrs.c
+@@ -57,7 +57,7 @@
+ * Internal prototypes
+ */
+
+-static int pcrs_parse_perl_options(const char *optstring, int *flags);
++static int pcrs_parse_perl_options(const char *optstring, unsigned int *flags);
+ static pcrs_substitute *pcrs_compile_replacement(const char *replacement, int trivialflag,
+ int capturecount, int *errptr);
+ static int is_hex_sequence(const char *sequence);
+@@ -83,25 +83,25 @@ const char *pcrs_strerror(const int erro
+ switch (error)
+ {
+ /* Passed-through PCRE error: */
+- case PCRE_ERROR_NOMEMORY: return "(pcre:) No memory";
++ case PCREn(ERROR_NOMEMORY): return "(pcre:) No memory";
+
+ /* Shouldn't happen unless PCRE or PCRS bug, or user messed with compiled job: */
+- case PCRE_ERROR_NULL: return "(pcre:) NULL code or subject or ovector";
+- case PCRE_ERROR_BADOPTION: return "(pcre:) Unrecognized option bit";
+- case PCRE_ERROR_BADMAGIC: return "(pcre:) Bad magic number in code";
++ case PCREn(ERROR_NULL): return "(pcre:) NULL code or subject or ovector";
++ case PCREn(ERROR_BADOPTION): return "(pcre:) Unrecognized option bit";
++ case PCREn(ERROR_BADMAGIC): return "(pcre:) Bad magic number in code";
++#if defined(PCRE_ERROR_UNKNOWN_NODE)
+ case PCRE_ERROR_UNKNOWN_NODE: return "(pcre:) Bad node in pattern";
+-
++#endif
+ /* Can't happen / not passed: */
+- case PCRE_ERROR_NOSUBSTRING: return "(pcre:) Fire in power supply";
+- case PCRE_ERROR_NOMATCH: return "(pcre:) Water in power supply";
++ case PCREn(ERROR_NOSUBSTRING): return "(pcre:) Fire in power supply";
++ case PCREn(ERROR_NOMATCH): return "(pcre:) Water in power supply";
+
+ #ifdef PCRE_ERROR_MATCHLIMIT
+ /*
+ * Only reported by PCRE versions newer than our own.
+ */
+- case PCRE_ERROR_MATCHLIMIT: return "(pcre:) Match limit reached";
++ case PCREn(ERROR_MATCHLIMIT): return "(pcre:) Match limit reached";
+ #endif /* def PCRE_ERROR_MATCHLIMIT */
+-
+ /* PCRS errors: */
+ case PCRS_ERR_NOMEM: return "(pcrs:) No memory";
+ case PCRS_ERR_CMDSYNTAX: return "(pcrs:) Syntax error while parsing command";
+@@ -111,16 +111,14 @@ const char *pcrs_strerror(const int erro
+ case PCRS_WARN_TRUNCATION:
+ return "(pcrs:) At least one variable was too big and has been truncated before compilation";
+
+- /*
+- * XXX: With the exception of PCRE_ERROR_MATCHLIMIT we
+- * only catch PCRE errors that can happen with our internal
+- * version. If Privoxy is linked against a newer
+- * PCRE version all bets are off ...
+- */
+ default:
++#ifdef HAVE_PCRE2
++ pcre2_get_error_message(error, (PCRE2_UCHAR8*)buf, sizeof(buf));
++#else
+ snprintf(buf, sizeof(buf),
+ "Error code %d. For details, check the pcre documentation.",
+ error);
++#endif
+ return buf;
+ }
+ }
+@@ -149,7 +147,7 @@ const char *pcrs_strerror(const int erro
+ * Returns : option integer suitable for pcre
+ *
+ *********************************************************************/
+-static int pcrs_parse_perl_options(const char *optstring, int *flags)
++static int pcrs_parse_perl_options(const char *optstring, unsigned int *flags)
+ {
+ size_t i;
+ int rc = 0;
+@@ -163,13 +161,13 @@ static int pcrs_parse_perl_options(const
+ {
+ case 'e': break; /* ToDo ;-) */
+ case 'g': *flags |= PCRS_GLOBAL; break;
+- case 'i': rc |= PCRE_CASELESS; break;
+- case 'm': rc |= PCRE_MULTILINE; break;
++ case 'i': rc |= PCREn(CASELESS); break;
++ case 'm': rc |= PCREn(MULTILINE); break;
+ case 'o': break;
+- case 's': rc |= PCRE_DOTALL; break;
+- case 'x': rc |= PCRE_EXTENDED; break;
++ case 's': rc |= PCREn(DOTALL); break;
++ case 'x': rc |= PCREn(EXTENDED); break;
+ case 'D': *flags |= PCRS_DYNAMIC; break;
+- case 'U': rc |= PCRE_UNGREEDY; break;
++ case 'U': rc |= PCREn(UNGREEDY); break;
+ case 'T': *flags |= PCRS_TRIVIAL; break;
+ default: break;
+ }
+@@ -471,7 +469,15 @@ pcrs_job *pcrs_free_job(pcrs_job *job)
+ else
+ {
+ next = job->next;
+- if (job->pattern != NULL) free(job->pattern);
++ if (job->pattern != NULL)
++ {
++#ifdef HAVE_PCRE2
++ pcre2_code_free(job->pattern);
++#else
++ free(job->pattern);
++#endif
++ }
++#ifndef HAVE_PCRE2
+ if (job->hints != NULL)
+ {
+ #ifdef PCRE_CONFIG_JIT
+@@ -480,6 +486,7 @@ pcrs_job *pcrs_free_job(pcrs_job *job)
+ free(job->hints);
+ #endif
+ }
++#endif
+ if (job->substitute != NULL)
+ {
+ if (job->substitute->text != NULL) free(job->substitute->text);
+@@ -626,10 +633,14 @@ pcrs_job *pcrs_compile_command(const cha
+ pcrs_job *pcrs_compile(const char *pattern, const char *substitute, const char *options, int *errptr)
+ {
+ pcrs_job *newjob;
+- int flags;
++ unsigned int flags;
+ int capturecount;
+- const char *error;
++#ifdef HAVE_PCRE2
++ int ret;
++#else
+ int pcre_study_options = 0;
++ const char *error;
++#endif
+
+ *errptr = 0;
+
+@@ -661,25 +672,43 @@ pcrs_job *pcrs_compile(const char *patte
+ /*
+ * Compile the pattern
+ */
++#ifdef HAVE_PCRE2
++ PCRE2_SIZE error_offset;
++ newjob->pattern = pcre2_compile((const unsigned char *)pattern,
++ PCRE2_ZERO_TERMINATED, (unsigned)newjob->options, errptr,
++ &error_offset, NULL);
++#else
+ newjob->pattern = pcre_compile(pattern, newjob->options, &error, errptr, NULL);
++#endif
+ if (newjob->pattern == NULL)
+ {
+ pcrs_free_job(newjob);
+ return NULL;
+ }
+
+-
+-#ifdef PCRE_STUDY_JIT_COMPILE
++#if defined(PCRE_STUDY_JIT_COMPILE) || defined(HAVE_PCRE2)
+ #ifdef DISABLE_PCRE_JIT_COMPILATION
+ #warning PCRE_STUDY_JIT_COMPILE is supported but Privoxy has been configured not to use it
+ #else
+ if (!(flags & PCRS_DYNAMIC))
+ {
++#ifdef HAVE_PCRE2
++ /* Try to enable JIT compilation but continue if it's unsupported. */
++ if ((ret = pcre2_jit_compile(newjob->pattern, PCRE2_JIT_COMPLETE)) &&
++ (ret != PCRE2_ERROR_JIT_BADOPTION))
++ {
++ *errptr = ret;
++ pcrs_free_job(newjob);
++ return NULL;
++ }
++#else
+ pcre_study_options = PCRE_STUDY_JIT_COMPILE;
++#endif
+ }
+ #endif
+ #endif
+
++#ifndef HAVE_PCRE2
+ /*
+ * Generate hints. This has little overhead, since the
+ * hints will be NULL for a boring pattern anyway.
+@@ -691,13 +720,17 @@ pcrs_job *pcrs_compile(const char *patte
+ pcrs_free_job(newjob);
+ return NULL;
+ }
+-
++#endif
+
+ /*
+ * Determine the number of capturing subpatterns.
+ * This is needed for handling $+ in the substitute.
+ */
++#ifdef HAVE_PCRE2
++ if (0 > (*errptr = pcre2_pattern_info(newjob->pattern, PCRE2_INFO_CAPTURECOUNT, &capturecount)))
++#else
+ if (0 > (*errptr = pcre_fullinfo(newjob->pattern, newjob->hints, PCRE_INFO_CAPTURECOUNT, &capturecount)))
++#endif
+ {
+ pcrs_free_job(newjob);
+ return NULL;
+@@ -809,14 +842,20 @@ int pcrs_execute_list(pcrs_job *joblist,
+ *********************************************************************/
+ int pcrs_execute(pcrs_job *job, const char *subject, size_t subject_length, char **result, size_t *result_length)
+ {
+- int offsets[3 * PCRS_MAX_SUBMATCHES],
+- offset,
++ int offset,
+ i, k,
+ matches_found,
+ submatches,
+ max_matches = PCRS_MAX_MATCH_INIT;
+ size_t newsize;
++#ifdef HAVE_PCRE2
+ pcrs_match *matches, *dummy;
++ pcre2_match_data *pcre2_matches;
++ size_t *offsets;
++#else
++ pcrs_match *matches, *dummy;
++ int offsets[3 * PCRS_MAX_SUBMATCHES];
++#endif
+ char *result_offset;
+
+ offset = i = 0;
+@@ -830,27 +869,38 @@ int pcrs_execute(pcrs_job *job, const ch
+ return(PCRS_ERR_BADJOB);
+ }
+
++#ifdef HAVE_PCRE2
++ if (NULL == (pcre2_matches = pcre2_match_data_create_from_pattern(job->pattern, NULL)))
++ {
++ return(PCRS_ERR_NOMEM);
++ }
++ offsets = pcre2_get_ovector_pointer(pcre2_matches);
++#endif
+ if (NULL == (matches = (pcrs_match *)malloc((size_t)max_matches * sizeof(pcrs_match))))
+ {
+ return(PCRS_ERR_NOMEM);
+ }
+ memset(matches, '\0', (size_t)max_matches * sizeof(pcrs_match));
+
+-
+ /*
+ * Find the pattern and calculate the space
+ * requirements for the result
+ */
+ newsize = subject_length;
+
++#ifdef HAVE_PCRE2
++ while ((submatches = pcre2_match(job->pattern, (const unsigned char *)subject,
++ subject_length, (size_t)offset, 0, pcre2_matches, NULL)) > 0)
++#else
+ while ((submatches = pcre_exec(job->pattern, job->hints, subject, (int)subject_length, offset, 0, offsets, 3 * PCRS_MAX_SUBMATCHES)) > 0)
++#endif
+ {
+ job->flags |= PCRS_SUCCESS;
+ matches[i].submatches = submatches;
+
+ for (k = 0; k < submatches; k++)
+ {
+- matches[i].submatch_offset[k] = offsets[2 * k];
++ matches[i].submatch_offset[k] = (int)offsets[2 * k];
+
+ /* Note: Non-found optional submatches have length -1-(-1)==0 */
+ matches[i].submatch_length[k] = (size_t)(offsets[2 * k + 1] - offsets[2 * k]);
+@@ -867,7 +917,7 @@ int pcrs_execute(pcrs_job *job, const ch
+ newsize += (size_t)offsets[0] * (size_t)job->substitute->backref_count[PCRS_MAX_SUBMATCHES];
+
+ /* chunk after match */
+- matches[i].submatch_offset[PCRS_MAX_SUBMATCHES + 1] = offsets[1];
++ matches[i].submatch_offset[PCRS_MAX_SUBMATCHES + 1] = (int)offsets[1];
+ matches[i].submatch_length[PCRS_MAX_SUBMATCHES + 1] = subject_length - (size_t)offsets[1] - 1;
+ newsize += (subject_length - (size_t)offsets[1]) * (size_t)job->substitute->backref_count[PCRS_MAX_SUBMATCHES + 1];
+
+@@ -894,12 +944,19 @@ int pcrs_execute(pcrs_job *job, const ch
+ break;
+ /* Go find the next one */
+ else
+- offset = offsets[1];
++ offset = (int)offsets[1];
+ }
+ /* Pass pcre error through if (bad) failure */
++#ifdef HAVE_PCRE2
++ if (submatches < PCRE2_ERROR_NOMATCH)
++#else
+ if (submatches < PCRE_ERROR_NOMATCH)
++#endif
+ {
+ free(matches);
++#ifdef HAVE_PCRE2
++ pcre2_match_data_free(pcre2_matches);
++#endif
+ return submatches;
+ }
+ matches_found = i;
+@@ -909,9 +966,19 @@ int pcrs_execute(pcrs_job *job, const ch
+ * Get memory for the result (must be freed by caller!)
+ * and append terminating null byte.
+ */
+- if ((*result = (char *)malloc(newsize + 1)) == NULL)
++ if ((*result = (char *)malloc(newsize + 1
++#ifdef HAVE_PCRE2
++ /*
++ * Work around to prevent invalid reads in the jit code.
++ */
++ + 16
++#endif
++ )) == NULL)
+ {
+ free(matches);
++#ifdef HAVE_PCRE2
++ pcre2_match_data_free(pcre2_matches);
++#endif
+ return PCRS_ERR_NOMEM;
+ }
+ else
+@@ -964,6 +1031,9 @@ int pcrs_execute(pcrs_job *job, const ch
+ memcpy(result_offset, subject + offset, subject_length - (size_t)offset);
+
+ *result_length = newsize;
++#ifdef HAVE_PCRE2
++ pcre2_match_data_free(pcre2_matches);
++#endif
+ free(matches);
+ return matches_found;
+
+@@ -1101,7 +1171,7 @@ char pcrs_get_delimiter(const char *stri
+ *********************************************************************/
+ char *pcrs_execute_single_command(const char *subject, const char *pcrs_command, int *hits)
+ {
+- size_t size;
++ size_t buffer_size, new_size;
+ char *result = NULL;
+ pcrs_job *job;
+
+@@ -1109,12 +1179,14 @@ char *pcrs_execute_single_command(const
+ assert(pcrs_command);
+
+ *hits = 0;
+- size = strlen(subject);
++ buffer_size = strlen(subject);
+
+ job = pcrs_compile_command(pcrs_command, hits);
+ if (NULL != job)
+ {
+- *hits = pcrs_execute(job, subject, size, &result, &size);
++ *hits = pcrs_execute(job, subject, buffer_size, &result, &new_size);
++ buffer_size = new_size;
++
+ if (*hits < 0)
+ {
+ freez(result);
+--- a/pcrs.h
++++ b/pcrs.h
+@@ -33,9 +33,18 @@
+ *********************************************************************/
+
+
++#ifdef HAVE_PCRE2
++#define PCRE2_CODE_UNIT_WIDTH 8
++#define PCREn(x) PCRE2_ ## x
++#ifndef _PCRE2_H
++#include <pcre2.h>
++#endif
++#else
++#define PCREn(x) PCRE_ ## x
+ #ifndef _PCRE_H
+ #include <pcre.h>
+ #endif
++#endif
+
+ /*
+ * Constants:
+@@ -55,22 +64,23 @@
+ * They are supposed to be handled together with PCRE error
+ * codes and have to start with an offset to prevent overlaps.
+ *
+- * PCRE 6.7 uses error codes from -1 to -21, PCRS error codes
+- * below -100 should be safe for a while.
++ * PCRE 6.7 uses error codes from -1 to -21,
++ * PCRE2 10.42 uses error codes from -66 to 101.
++ * PCRS error codes below -300 should be safe for a while.
+ */
+-#define PCRS_ERR_NOMEM -100 /* Failed to acquire memory. */
+-#define PCRS_ERR_CMDSYNTAX -101 /* Syntax of s///-command */
+-#define PCRS_ERR_STUDY -102 /* pcre error while studying the pattern */
+-#define PCRS_ERR_BADJOB -103 /* NULL job pointer, pattern or substitute */
+-#define PCRS_WARN_BADREF -104 /* Backreference out of range */
+-#define PCRS_WARN_TRUNCATION -105 /* At least one pcrs variable was too big,
++#define PCRS_ERR_NOMEM -300 /* Failed to acquire memory. */
++#define PCRS_ERR_CMDSYNTAX -301 /* Syntax of s///-command */
++#define PCRS_ERR_STUDY -302 /* pcre error while studying the pattern */
++#define PCRS_ERR_BADJOB -303 /* NULL job pointer, pattern or substitute */
++#define PCRS_WARN_BADREF -304 /* Backreference out of range */
++#define PCRS_WARN_TRUNCATION -305 /* At least one pcrs variable was too big,
+ * only the first part was used. */
+
+ /* Flags */
+-#define PCRS_GLOBAL 1 /* Job should be applied globally, as with perl's g option */
+-#define PCRS_TRIVIAL 2 /* Backreferences in the substitute are ignored */
+-#define PCRS_SUCCESS 4 /* Job did previously match */
+-#define PCRS_DYNAMIC 8 /* Job is dynamic (used to disable JIT compilation) */
++#define PCRS_GLOBAL 0x08000000u /* Job should be applied globally, as with perl's g option */
++#define PCRS_TRIVIAL 0x10000000u /* Backreferences in the substitute are ignored */
++#define PCRS_SUCCESS 0x20000000u /* Job did previously match */
++#define PCRS_DYNAMIC 0x40000000u /* Job is dynamic (used to disable JIT compilation) */
+
+
+ /*
+@@ -107,10 +117,14 @@ typedef struct {
+ /* A PCRS job */
+
+ typedef struct PCRS_JOB {
++#ifdef HAVE_PCRE2
++ pcre2_code *pattern;
++#else
+ pcre *pattern; /* The compiled pcre pattern */
+ pcre_extra *hints; /* The pcre hints for the pattern */
++#endif
+ int options; /* The pcre options (numeric) */
+- int flags; /* The pcrs and user flags (see "Flags" above) */
++ unsigned int flags; /* The pcrs and user flags (see "Flags" above) */
+ pcrs_substitute *substitute; /* The compiled pcrs substitute */
+ struct PCRS_JOB *next; /* Pointer for chaining jobs to joblists */
+ } pcrs_job;
+--- a/project.h
++++ b/project.h
+@@ -94,12 +94,38 @@
+ */
+
+ #ifdef STATIC_PCRE
++#ifdef HAVE_PCRE2
++# include "pcre2.h"
++# include "pcre2posix.h"
++#else
+ # include "pcre.h"
++# include "pcreposix.h"
++#endif
+ #else
+-# ifdef PCRE_H_IN_SUBDIR
+-# include <pcre/pcre.h>
++# ifdef HAVE_PCRE2
++# ifdef PCRE2_H_IN_SUBDIR
++# define PCRE2_CODE_UNIT_WIDTH 8
++# include <pcre2/pcre2.h>
++# else
++# define PCRE2_CODE_UNIT_WIDTH 8
++# include <pcre2.h>
++# endif
++# ifdef PCRE2POSIX_H_IN_SUBDIR
++# include <pcre2/pcre2posix.h>
++# else
++# include <pcre2posix.h>
++# endif
+ # else
+-# include <pcre.h>
++# ifdef PCRE_H_IN_SUBDIR
++# include <pcre/pcre.h>
++# else
++# include <pcre.h>
++# endif
++# ifdef PCREPOSIX_H_IN_SUBDIR
++# include <pcre/pcreposix.h>
++# else
++# include <pcreposix.h>
++# endif
+ # endif
+ #endif
+
+@@ -109,16 +135,6 @@
+ # include <pcrs.h>
+ #endif
+
+-#ifdef STATIC_PCRE
+-# include "pcreposix.h"
+-#else
+-# ifdef PCRE_H_IN_SUBDIR
+-# include <pcre/pcreposix.h>
+-# else
+-# include <pcreposix.h>
+-# endif
+-#endif
+-
+ #ifdef _WIN32
+ /*
+ * I don't want to have to #include all this just for the declaration
+@@ -404,10 +420,16 @@ struct http_response
+ enum crunch_reason crunch_reason; /**< Why the response was generated in the first place. */
+ };
+
++#ifdef HAVE_PCRE2
++#define REGEX_TYPE pcre2_code
++#else
++#define REGEX_TYPE regex_t
++#endif
++
+ struct url_spec
+ {
+ #ifdef FEATURE_PCRE_HOST_PATTERNS
+- regex_t *host_regex;/**< Regex for host matching */
++ REGEX_TYPE *host_regex;/**< Regex for host matching */
+ enum host_regex_type { VANILLA_HOST_PATTERN, PCRE_HOST_PATTERN } host_regex_type;
+ #endif /* defined FEATURE_PCRE_HOST_PATTERNS */
+ int dcount; /**< How many parts to this domain? (length of dvec) */
+@@ -417,7 +439,7 @@ struct url_spec
+
+ char *port_list; /**< List of acceptable ports, or NULL to match all ports */
+
+- regex_t *preg; /**< Regex for matching path part */
++ REGEX_TYPE *preg; /**< Regex for matching path part */
+ };
+
+ /**
+@@ -432,7 +454,7 @@ struct pattern_spec
+ union
+ {
+ struct url_spec url_spec;
+- regex_t *tag_regex;
++ REGEX_TYPE *tag_regex;
+ } pattern;
+
+ unsigned int flags; /**< Bitmap with various pattern properties. */
+--- a/templates/show-status
++++ b/templates/show-status
+@@ -298,10 +298,7 @@
+ <tr>
+ <td><code>FEATURE_DYNAMIC_PCRE</code></td>
+ <td>@if-FEATURE_DYNAMIC_PCRE-then@ Yes @else-not-FEATURE_DYNAMIC_PCRE@ No @endif-FEATURE_DYNAMIC_PCRE@</td>
+- <td>Dynamically link to the PCRE library. This is set automatically
+- by <code>./configure</code> if you do not have libpcre installed.
+- Dynamically linking to an external libpcre is recommended as the one that is distributed
+- with Privoxy itself is outdated and lacks various features and bug-fixes you may be interested in.</td>
++ <td>Dynamically link to the PCRE(2) library (recommended).</td>
+ </tr>
+ <tr>
+ <td><code>FEATURE_EXTENDED_STATISTICS</code></td>
+--- a/urlmatch.c
++++ b/urlmatch.c
+@@ -604,6 +604,100 @@ jb_err parse_http_request(const char *re
+ }
+
+
++#ifdef HAVE_PCRE2
++/*********************************************************************
++ *
++ * Function : compile_pattern
++ *
++ * Description : Compiles a host, domain or TAG pattern.
++ *
++ * Parameters :
++ * 1 : pattern = The pattern to compile.
++ * 2 : anchoring = How the regex should be modified
++ * before compilation. Can be either
++ * one of NO_ANCHORING, LEFT_ANCHORED,
++ * RIGHT_ANCHORED or RIGHT_ANCHORED_HOST.
++ * 3 : url = In case of failures, the spec member is
++ * logged and the structure freed.
++ * 4 : regex = Where the compiled regex should be stored.
++ *
++ * Returns : JB_ERR_OK - Success
++ * JB_ERR_PARSE - Cannot parse regex
++ *
++ *********************************************************************/
++static jb_err compile_pattern(const char *pattern, enum regex_anchoring anchoring,
++ struct pattern_spec *url, pcre2_code **regex)
++{
++ int errcode;
++ const char *fmt = NULL;
++ char *rebuf;
++ size_t rebuf_size;
++ PCRE2_SIZE error_offset;
++ int ret;
++
++ assert(pattern);
++
++ if (pattern[0] == '\0')
++ {
++ *regex = NULL;
++ return JB_ERR_OK;
++ }
++
++ switch (anchoring)
++ {
++ case NO_ANCHORING:
++ fmt = "%s";
++ break;
++ case RIGHT_ANCHORED:
++ fmt = "%s$";
++ break;
++ case RIGHT_ANCHORED_HOST:
++ fmt = "%s\\.?$";
++ break;
++ case LEFT_ANCHORED:
++ fmt = "^%s";
++ break;
++ default:
++ log_error(LOG_LEVEL_FATAL,
++ "Invalid anchoring in compile_pattern %d", anchoring);
++ }
++ rebuf_size = strlen(pattern) + strlen(fmt);
++ rebuf = malloc_or_die(rebuf_size);
++
++ snprintf(rebuf, rebuf_size, fmt, pattern);
++
++ *regex = pcre2_compile((const unsigned char *)pattern,
++ PCRE2_ZERO_TERMINATED, PCRE2_CASELESS, &errcode,
++ &error_offset, NULL);
++ if (*regex == NULL)
++ {
++ log_error(LOG_LEVEL_ERROR, "error compiling %s from %s: %s",
++ pattern, url->spec, rebuf);
++ freez(rebuf);
++
++ return JB_ERR_PARSE;
++ }
++
++#ifndef DISABLE_PCRE_JIT_COMPILATION
++ /* Try to enable JIT compilation but continue if it's unsupported. */
++ if ((ret = pcre2_jit_compile(*regex, PCRE2_JIT_COMPLETE)) &&
++ (ret != PCRE2_ERROR_JIT_BADOPTION))
++ {
++ log_error(LOG_LEVEL_ERROR,
++ "Unexpected error enabling JIT compilation for %s from %s: %s",
++ pattern, url->spec, rebuf);
++ freez(rebuf);
++
++ return JB_ERR_PARSE;
++ }
++#endif
++
++ freez(rebuf);
++
++ return JB_ERR_OK;
++
++}
++#else
+ /*********************************************************************
+ *
+ * Function : compile_pattern
+@@ -686,6 +780,7 @@ static jb_err compile_pattern(const char
+ return JB_ERR_OK;
+
+ }
++#endif
+
+
+ /*********************************************************************
+@@ -1051,6 +1146,49 @@ static int simplematch(const char *patte
+ }
+
+
++#ifdef HAVE_PCRE2
++/*********************************************************************
++ *
++ * Function : pcre2_pattern_matches
++ *
++ * Description : Checks if a compiled pcre2 pattern matches a string.
++ *
++ * Parameters :
++ * 1 : pattern = The compiled pattern
++ * 2 : string = The string to check
++ *
++ * Returns : TRUE for yes, FALSE otherwise.
++ *
++ *********************************************************************/
++int pcre2_pattern_matches(const pcre2_code *pattern, const char *string)
++{
++ PCRE2_SIZE offset;
++ int ret;
++ pcre2_match_data *pcre2_matches;
++
++ assert(pattern != NULL);
++ assert(string != NULL);
++
++ offset = 0;
++
++ pcre2_matches = pcre2_match_data_create_from_pattern(pattern, NULL);
++ if (NULL == pcre2_matches)
++ {
++ log_error(LOG_LEVEL_ERROR,
++ "Out of memory while matching pattern against %s", string);
++ return FALSE;
++ }
++
++ ret = pcre2_match(pattern, (const unsigned char *)string, strlen(string),
++ offset, 0, pcre2_matches, NULL);
++
++ pcre2_match_data_free(pcre2_matches);
++
++ return (ret >= 0);
++}
++#endif
++
++
+ /*********************************************************************
+ *
+ * Function : simple_domaincmp
+@@ -1268,8 +1406,12 @@ void free_pattern_spec(struct pattern_sp
+ {
+ if (pattern->pattern.tag_regex)
+ {
++#ifdef HAVE_PCRE2
++ pcre2_code_free(pattern->pattern.tag_regex);
++#else
+ regfree(pattern->pattern.tag_regex);
+ freez(pattern->pattern.tag_regex);
++#endif
+ }
+ return;
+ }
+@@ -1277,8 +1419,12 @@ void free_pattern_spec(struct pattern_sp
+ #ifdef FEATURE_PCRE_HOST_PATTERNS
+ if (pattern->pattern.url_spec.host_regex)
+ {
++#ifdef HAVE_PCRE2
++ pcre2_code_free(pattern->pattern.url_spec.host_regex);
++#else
+ regfree(pattern->pattern.url_spec.host_regex);
+ freez(pattern->pattern.url_spec.host_regex);
++#endif
+ }
+ #endif /* def FEATURE_PCRE_HOST_PATTERNS */
+ freez(pattern->pattern.url_spec.dbuffer);
+@@ -1287,8 +1433,12 @@ void free_pattern_spec(struct pattern_sp
+ freez(pattern->pattern.url_spec.port_list);
+ if (pattern->pattern.url_spec.preg)
+ {
++#ifdef HAVE_PCRE2
++ pcre2_code_free(pattern->pattern.url_spec.preg);
++#else
+ regfree(pattern->pattern.url_spec.preg);
+ freez(pattern->pattern.url_spec.preg);
++#endif
+ }
+ }
+
+@@ -1333,8 +1483,13 @@ static int host_matches(const struct htt
+ if (pattern->pattern.url_spec.host_regex_type == PCRE_HOST_PATTERN)
+ {
+ return ((NULL == pattern->pattern.url_spec.host_regex)
++#ifdef HAVE_PCRE2
++ || pcre2_pattern_matches(pattern->pattern.url_spec.host_regex,
++ http->host));
++#else
+ || (0 == regexec(pattern->pattern.url_spec.host_regex,
+ http->host, 0, NULL, 0)));
++#endif
+ }
+ #endif
+ return ((NULL == pattern->pattern.url_spec.dbuffer) || (0 == domain_match(pattern, http)));
+@@ -1357,7 +1512,11 @@ static int host_matches(const struct htt
+ static int path_matches(const char *path, const struct pattern_spec *pattern)
+ {
+ return ((NULL == pattern->pattern.url_spec.preg)
++#ifdef HAVE_PCRE2
++ || (pcre2_pattern_matches(pattern->pattern.url_spec.preg, path)));
++#else
+ || (0 == regexec(pattern->pattern.url_spec.preg, path, 0, NULL, 0)));
++#endif
+ }
+
+
+--- a/urlmatch.h
++++ b/urlmatch.h
+@@ -50,6 +50,10 @@ extern int url_requires_percent_encoding
+ extern int url_match(const struct pattern_spec *pattern,
+ const struct http_request *http);
+
++#ifdef HAVE_PCRE2
++extern int pcre2_pattern_matches(const pcre2_code *pattern, const char *string);
++#endif
++
+ extern jb_err create_pattern_spec(struct pattern_spec *url, char *buf);
+ extern void free_pattern_spec(struct pattern_spec *url);
+ extern int match_portlist(const char *portlist, int port);
+--- a/w32log.c
++++ b/w32log.c
+@@ -316,6 +316,9 @@ void TermLogWindow(void)
+ void LogCreatePatternMatchingBuffers(void)
+ {
+ int i;
++#ifdef HAVE_PCRE2
++#warning The win32 build of Privoxy is expected to crash when compiled with pcre2 support.
++#endif
+ for (i = 0; patterns_to_highlight[i].str != NULL; i++)
+ {
+ regcomp(&patterns_to_highlight[i].buffer, patterns_to_highlight[i].str, REG_ICASE);
--- /dev/null
+From 662426360b8d10202feabdcd3515d64ea8833798 Mon Sep 17 00:00:00 2001
+From: Fabian Keil <fk@fabiankeil.de>
+Date: Tue, 11 Jul 2023 06:22:16 +0200
+Subject: [PATCH] Add regex_matches() to reduce HAVE_PCRE2 ifdefs
+
+---
+ actions.c | 12 ++----------
+ client-tags.c | 6 +-----
+ urlmatch.c | 39 ++++++++++++++++++++++++++-------------
+ urlmatch.h | 4 +---
+ 4 files changed, 30 insertions(+), 31 deletions(-)
+
+--- a/actions.c
++++ b/actions.c
+@@ -828,12 +828,8 @@ int update_action_bits_for_tag(struct cl
+ continue;
+ }
+
+-#ifdef HAVE_PCRE2
+- if (pcre2_pattern_matches(b->url->pattern.tag_regex, tag))
+-#else
+ /* and check if one of the tag patterns matches the tag, */
+- if (0 == regexec(b->url->pattern.tag_regex, tag, 0, NULL, 0))
+-#endif
++ if (regex_matches(b->url->pattern.tag_regex, tag))
+ {
+ /* if it does, update the action bit map, */
+ if (merge_current_action(csp->action, b->action))
+@@ -888,11 +884,7 @@ jb_err check_negative_tag_patterns(struc
+ }
+ for (tag = csp->tags->first; NULL != tag; tag = tag->next)
+ {
+-#ifdef HAVE_PCRE2
+- if (pcre2_pattern_matches(b->url->pattern.tag_regex, tag->str))
+-#else
+- if (0 == regexec(b->url->pattern.tag_regex, tag->str, 0, NULL, 0))
+-#endif
++ if (regex_matches(b->url->pattern.tag_regex, tag->str))
+ {
+ /*
+ * The pattern matches at least one tag, thus the action
+--- a/client-tags.c
++++ b/client-tags.c
+@@ -659,11 +659,7 @@ int client_tag_match(const struct patter
+
+ for (tag = tags->first; tag != NULL; tag = tag->next)
+ {
+-#ifdef HAVE_PCRE2
+- if (pcre2_pattern_matches(pattern->pattern.tag_regex, tag->str))
+-#else
+- if (0 == regexec(pattern->pattern.tag_regex, tag->str, 0, NULL, 0))
+-#endif
++ if (regex_matches(pattern->pattern.tag_regex, tag->str))
+ {
+ log_error(LOG_LEVEL_TAGGING, "Client tag '%s' matches.", tag->str);
+ return 1;
+--- a/urlmatch.c
++++ b/urlmatch.c
+@@ -1160,7 +1160,7 @@ static int simplematch(const char *patte
+ * Returns : TRUE for yes, FALSE otherwise.
+ *
+ *********************************************************************/
+-int pcre2_pattern_matches(const pcre2_code *pattern, const char *string)
++static int pcre2_pattern_matches(const pcre2_code *pattern, const char *string)
+ {
+ PCRE2_SIZE offset;
+ int ret;
+@@ -1191,6 +1191,29 @@ int pcre2_pattern_matches(const pcre2_co
+
+ /*********************************************************************
+ *
++ * Function : regex_matches
++ *
++ * Description : Checks if a compiled regex pattern matches a string
++ * using either pcre2 or pcre1 code.
++ *
++ * Parameters :
++ * 1 : pattern = The compiled pattern
++ * 2 : string = The string to check
++ *
++ * Returns : TRUE for yes, FALSE otherwise.
++ *
++ *********************************************************************/
++int regex_matches(const REGEX_TYPE *pattern, const char *string)
++{
++#ifdef HAVE_PCRE2
++ return pcre2_pattern_matches(pattern, string);
++#else
++ return (0 == regexec(pattern, string, 0, NULL, 0));
++#endif
++}
++
++/*********************************************************************
++ *
+ * Function : simple_domaincmp
+ *
+ * Description : Domain-wise Compare fqdn's. The comparison is
+@@ -1483,13 +1506,7 @@ static int host_matches(const struct htt
+ if (pattern->pattern.url_spec.host_regex_type == PCRE_HOST_PATTERN)
+ {
+ return ((NULL == pattern->pattern.url_spec.host_regex)
+-#ifdef HAVE_PCRE2
+- || pcre2_pattern_matches(pattern->pattern.url_spec.host_regex,
+- http->host));
+-#else
+- || (0 == regexec(pattern->pattern.url_spec.host_regex,
+- http->host, 0, NULL, 0)));
+-#endif
++ || regex_matches(pattern->pattern.url_spec.host_regex, http->host));
+ }
+ #endif
+ return ((NULL == pattern->pattern.url_spec.dbuffer) || (0 == domain_match(pattern, http)));
+@@ -1512,11 +1529,7 @@ static int host_matches(const struct htt
+ static int path_matches(const char *path, const struct pattern_spec *pattern)
+ {
+ return ((NULL == pattern->pattern.url_spec.preg)
+-#ifdef HAVE_PCRE2
+- || (pcre2_pattern_matches(pattern->pattern.url_spec.preg, path)));
+-#else
+- || (0 == regexec(pattern->pattern.url_spec.preg, path, 0, NULL, 0)));
+-#endif
++ || regex_matches(pattern->pattern.url_spec.preg, path));
+ }
+
+
+--- a/urlmatch.h
++++ b/urlmatch.h
+@@ -50,9 +50,7 @@ extern int url_requires_percent_encoding
+ extern int url_match(const struct pattern_spec *pattern,
+ const struct http_request *http);
+
+-#ifdef HAVE_PCRE2
+-extern int pcre2_pattern_matches(const pcre2_code *pattern, const char *string);
+-#endif
++int regex_matches(const REGEX_TYPE *pattern, const char *string);
+
+ extern jb_err create_pattern_spec(struct pattern_spec *url, char *buf);
+ extern void free_pattern_spec(struct pattern_spec *url);
--- /dev/null
+From 7fb978c74a8a46bd105d9f0ced92a4be0c9647e6 Mon Sep 17 00:00:00 2001
+From: Fabian Keil <fk@fabiankeil.de>
+Date: Sun, 27 Aug 2023 12:13:48 +0200
+Subject: [PATCH] configure: Fix --disable-pcre2
+
+Previously it would result in neither pcre library being detected:
+
+ checking for getnameinfo... (cached) yes
+ configure: WARNING: Ignoring pcre2 even if it's available
+ test: =: unexpected operator
+ Enabling support for client-specific tags.
+ checking for zlibVersion in -lz... (cached) yes
+ Enabling compression support.
+ test: =: unexpected operator
+ test: =: unexpected operator
+ configure: error: Detected neither pcre2 nor pcre library.
+---
+ configure.in | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/configure.in
++++ b/configure.in
+@@ -872,6 +872,7 @@ if test $enableval2 = yes; then
+ else
+ AC_MSG_WARN([Ignoring pcre2 even if it's available])
+ try_pcre2=no
++ have_pcre2=no
+ fi
+
+ if test $try_pcre2 != no; then
--- /dev/null
+From e73b93ea9ad1f3e980bd78ed3ebf65dedbb598a2 Mon Sep 17 00:00:00 2001
+From: Fabian Keil <fk@fabiankeil.de>
+Date: Sun, 27 Aug 2023 12:26:02 +0200
+Subject: [PATCH] pcre2 compile_pattern(): Actually pass the anchored pattern
+ to pcre2_compile()
+
+Previously the un-anchoring pattern was compiled resulting
+in incorrect matches.
+
+For example requests to:
+
+ https://www.privoxy.org/user-manual/config.html
+
+were redirected because of the default.action section:
+
+ {+redirect{http://config.privoxy.org/}}
+ # Sticky Actions = +redirect{http://config.privoxy.org/}
+ # URL = http://www.privoxy.org/config
+ # Redirected URL = http://www.privoxy.org/config
+ # Redirect Destination = http://config.privoxy.org/
+ .privoxy.org/config
+
+As the path pattern is left-anchored it should not match.
+---
+ urlmatch.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/urlmatch.c
++++ b/urlmatch.c
+@@ -666,7 +666,7 @@ static jb_err compile_pattern(const char
+
+ snprintf(rebuf, rebuf_size, fmt, pattern);
+
+- *regex = pcre2_compile((const unsigned char *)pattern,
++ *regex = pcre2_compile((const unsigned char *)rebuf,
+ PCRE2_ZERO_TERMINATED, PCRE2_CASELESS, &errcode,
+ &error_offset, NULL);
+ if (*regex == NULL)
include $(TOPDIR)/rules.mk
PKG_NAME:=rclone
-PKG_VERSION:=1.64.1
+PKG_VERSION:=1.64.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/rclone/rclone/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=c94ad2c2fa79485667aae4a239ed04e786bd6e26bced05f9d95dda6d10f7a014
+PKG_HASH:=85feffc2d60554bcc3c59140750dc4ccf008e109b52c451956a1f52387af1bd6
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=LICENSE
include $(TOPDIR)/rules.mk
PKG_NAME:=restic-rest-server
-PKG_VERSION:=0.11.0
-PKG_RELEASE:=2
+PKG_VERSION:=0.12.1
+PKG_RELEASE:=1
PKG_BUILD_DIR:=$(BUILD_DIR)/rest-server-$(PKG_VERSION)
PKG_SOURCE:=rest-server-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/restic/rest-server/tar.gz/v${PKG_VERSION}?
-PKG_HASH:=cd9b35ad2224244207a967ebbc78d84f4298d725e95c1fa9341ed95a350ea68f
+PKG_HASH:=cfbeb4a66cac6fc36b1cb11256f06c6e4fcc7a28c2ef590550adf1c199b9aa4b
PKG_LICENSE:=BSD-2-Clause
PKG_LICENSE_FILES:=LICENSE
#
PKG_NAME:=shadowsocks-libev
PKG_VERSION:=3.3.5
-PKG_RELEASE:=9
+PKG_RELEASE:=10
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/shadowsocks/shadowsocks-libev/releases/download/v$(PKG_VERSION)
PKG_INSTALL:=1
PKG_BUILD_FLAGS:=no-mips16 lto
PKG_BUILD_PARALLEL:=1
-PKG_BUILD_DEPENDS:=c-ares pcre
+PKG_BUILD_DEPENDS:=c-ares pcre2
include $(INCLUDE_DIR)/package.mk
endef
-DEPENDS_ss-local = +libpcre
-DEPENDS_ss-server = +libcares +libpcre
+DEPENDS_ss-local = +libpcre2
+DEPENDS_ss-server = +libcares +libpcre2
SHADOWSOCKS_COMPONENTS:=ss-local ss-redir ss-tunnel ss-server
define shadowsocks-libev/templates
--- /dev/null
+From d4f4d9761cbd41c3ab6de79383ff39b9f97bf452 Mon Sep 17 00:00:00 2001
+From: Syrone Wong <wong.syrone@gmail.com>
+Date: Sat, 18 Nov 2017 20:06:50 +0800
+Subject: [PATCH] Upgrade PCRE to PCRE2
+
+- Use 8bit variant by default
+
+This comes from a PR closed and never reopen as at times PCRE2 was too
+new(???.)
+
+Ref: https://github.com/shadowsocks/shadowsocks-libev/pull/1792
+Signed-off-by: Syrone Wong <wong.syrone@gmail.com>
+[ squash the first 2 patch from PR, drop the last one ]
+Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
+---
+ .travis.yml | 9 ++-
+ configure.ac | 8 +--
+ m4/pcre.m4 | 152 ------------------------------------------
+ m4/pcre2.m4 | 181 +++++++++++++++++++++++++++++++++++++++++++++++++++
+ src/rule.c | 53 ++++++++++++---
+ src/rule.h | 23 +++++--
+ 6 files changed, 253 insertions(+), 173 deletions(-)
+ delete mode 100644 m4/pcre.m4
+ create mode 100644 m4/pcre2.m4
+
+# diff --git a/.travis.yml b/.travis.yml
+# index ee3424c..e7da08c 100644
+# --- a/.travis.yml
+# +++ b/.travis.yml
+# @@ -11,11 +11,12 @@ env:
+# global:
+# - LIBSODIUM_VER=1.0.12
+# - MBEDTLS_VER=2.4.0
+# + - PCRE2_VER=10.30
+# before_install:
+# - |
+# if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then
+# # All dependencies for macOS build. Some packages has been installed by travis so use reinstall.
+# - brew reinstall autoconf automake xmlto c-ares libev mbedtls libsodium asciidoc >> /dev/null 2>&1;
+# + brew reinstall autoconf automake xmlto pcre2 c-ares libev mbedtls libsodium asciidoc >> /dev/null 2>&1;
+# else
+# wget https://github.com/jedisct1/libsodium/releases/download/$LIBSODIUM_VER/libsodium-$LIBSODIUM_VER.tar.gz;
+# tar xvf libsodium-$LIBSODIUM_VER.tar.gz;
+# @@ -29,6 +30,12 @@ before_install:
+# make SHARED=1;
+# sudo make install;
+# popd;
+# + wget https://ftp.pcre.org/pub/pcre/pcre2-$PCRE2_VER.tar.gz;
+# + tar xvf pcre2-$PCRE2_VER.tar.gz;
+# + pushd pcre2-$PCRE2_VER;
+# + ./configure --prefix=/usr --enable-pcre2-16 --enable-pcre2-32 && make;
+# + sudo make install;
+# + popd;
+# # Load cached docker images
+# if [[ -d $HOME/docker ]]; then
+# ls $HOME/docker/*.tar.gz | xargs -I {file} sh -c "zcat {file} | docker load";
+--- a/configure.ac
++++ b/configure.ac
+@@ -20,10 +20,10 @@ AC_DISABLE_STATIC
+ AC_DISABLE_SHARED
+ LT_INIT([dlopen])
+
+-dnl Check for pcre library
+-TS_CHECK_PCRE
+-if test "x${enable_pcre}" != "xyes"; then
+- AC_MSG_ERROR([Cannot find pcre library. Configure --with-pcre=DIR])
++dnl Check for pcre2 library
++TS_CHECK_PCRE2
++if test "x${enable_pcre2}" != "xyes"; then
++ AC_MSG_ERROR([Cannot find pcre2 library. Configure --with-pcre2=DIR])
+ fi
+
+ dnl Checks for using shared libraries from system
+--- a/m4/pcre.m4
++++ /dev/null
+@@ -1,152 +0,0 @@
+-dnl -------------------------------------------------------- -*- autoconf -*-
+-dnl Licensed to the Apache Software Foundation (ASF) under one or more
+-dnl contributor license agreements. See the NOTICE file distributed with
+-dnl this work for additional information regarding copyright ownership.
+-dnl The ASF licenses this file to You under the Apache License, Version 2.0
+-dnl (the "License"); you may not use this file except in compliance with
+-dnl the License. You may obtain a copy of the License at
+-dnl
+-dnl http://www.apache.org/licenses/LICENSE-2.0
+-dnl
+-dnl Unless required by applicable law or agreed to in writing, software
+-dnl distributed under the License is distributed on an "AS IS" BASIS,
+-dnl WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-dnl See the License for the specific language governing permissions and
+-dnl limitations under the License.
+-
+-dnl
+-dnl TS_ADDTO(variable, value)
+-dnl
+-dnl Add value to variable
+-dnl
+-AC_DEFUN([TS_ADDTO], [
+- if test "x$$1" = "x"; then
+- test "x$verbose" = "xyes" && echo " setting $1 to \"$2\""
+- $1="$2"
+- else
+- ats_addto_bugger="$2"
+- for i in $ats_addto_bugger; do
+- ats_addto_duplicate="0"
+- for j in $$1; do
+- if test "x$i" = "x$j"; then
+- ats_addto_duplicate="1"
+- break
+- fi
+- done
+- if test $ats_addto_duplicate = "0"; then
+- test "x$verbose" = "xyes" && echo " adding \"$i\" to $1"
+- $1="$$1 $i"
+- fi
+- done
+- fi
+-])dnl
+-
+-dnl
+-dnl TS_ADDTO_RPATH(path)
+-dnl
+-dnl Adds path to variable with the '-rpath' directive.
+-dnl
+-AC_DEFUN([TS_ADDTO_RPATH], [
+- AC_MSG_NOTICE([adding $1 to RPATH])
+- TS_ADDTO(LIBTOOL_LINK_FLAGS, [-R$1])
+-])dnl
+-
+-dnl
+-dnl pcre.m4: Trafficserver's pcre autoconf macros
+-dnl
+-
+-dnl
+-dnl TS_CHECK_PCRE: look for pcre libraries and headers
+-dnl
+-AC_DEFUN([TS_CHECK_PCRE], [
+-enable_pcre=no
+-AC_ARG_WITH(pcre, [AC_HELP_STRING([--with-pcre=DIR],[use a specific pcre library])],
+-[
+- if test "x$withval" != "xyes" && test "x$withval" != "x"; then
+- pcre_base_dir="$withval"
+- if test "$withval" != "no"; then
+- enable_pcre=yes
+- case "$withval" in
+- *":"*)
+- pcre_include="`echo $withval |sed -e 's/:.*$//'`"
+- pcre_ldflags="`echo $withval |sed -e 's/^.*://'`"
+- AC_MSG_CHECKING(checking for pcre includes in $pcre_include libs in $pcre_ldflags )
+- ;;
+- *)
+- pcre_include="$withval/include"
+- pcre_ldflags="$withval/lib"
+- AC_MSG_CHECKING(checking for pcre includes in $withval)
+- ;;
+- esac
+- fi
+- fi
+-],
+-[
+- AC_CHECK_PROG(PCRE_CONFIG, pcre-config, pcre-config)
+- if test "x$PCRE_CONFIG" != "x"; then
+- enable_pcre=yes
+- pcre_base_dir="`$PCRE_CONFIG --prefix`"
+- pcre_include="`$PCRE_CONFIG --cflags | sed -es/-I//`"
+- pcre_ldflags="`$PCRE_CONFIG --libs | sed -es/-lpcre// -es/-L//`"
+- fi
+-])
+-
+-if test "x$pcre_base_dir" = "x"; then
+- AC_MSG_CHECKING([for pcre location])
+- AC_CACHE_VAL(ats_cv_pcre_dir,[
+- for dir in /usr/local /usr ; do
+- if test -d $dir && ( test -f $dir/include/pcre.h || test -f $dir/include/pcre/pcre.h ); then
+- ats_cv_pcre_dir=$dir
+- break
+- fi
+- done
+- ])
+- pcre_base_dir=$ats_cv_pcre_dir
+- if test "x$pcre_base_dir" = "x"; then
+- enable_pcre=no
+- AC_MSG_RESULT([not found])
+- else
+- enable_pcre=yes
+- pcre_include="$pcre_base_dir/include"
+- pcre_ldflags="$pcre_base_dir/lib"
+- AC_MSG_RESULT([$pcre_base_dir])
+- fi
+-else
+- AC_MSG_CHECKING(for pcre headers in $pcre_include)
+- if test -d $pcre_include && test -d $pcre_ldflags && ( test -f $pcre_include/pcre.h || test -f $pcre_include/pcre/pcre.h ); then
+- AC_MSG_RESULT([ok])
+- else
+- AC_MSG_RESULT([not found])
+- fi
+-fi
+-
+-pcreh=0
+-pcre_pcreh=0
+-if test "$enable_pcre" != "no"; then
+- saved_ldflags=$LDFLAGS
+- saved_cppflags=$CFLAGS
+- pcre_have_headers=0
+- pcre_have_libs=0
+- if test "$pcre_base_dir" != "/usr"; then
+- TS_ADDTO(CFLAGS, [-I${pcre_include}])
+- TS_ADDTO(CFLAGS, [-DPCRE_STATIC])
+- TS_ADDTO(LDFLAGS, [-L${pcre_ldflags}])
+- TS_ADDTO_RPATH(${pcre_ldflags})
+- fi
+- AC_SEARCH_LIBS([pcre_exec], [pcre], [pcre_have_libs=1])
+- if test "$pcre_have_libs" != "0"; then
+- AC_CHECK_HEADERS(pcre.h, [pcre_have_headers=1])
+- AC_CHECK_HEADERS(pcre/pcre.h, [pcre_have_headers=1])
+- fi
+- if test "$pcre_have_headers" != "0"; then
+- AC_DEFINE(HAVE_LIBPCRE,1,[Compiling with pcre support])
+- AC_SUBST(LIBPCRE, [-lpcre])
+- else
+- enable_pcre=no
+- CFLAGS=$saved_cppflags
+- LDFLAGS=$saved_ldflags
+- fi
+-fi
+-AC_SUBST(pcreh)
+-AC_SUBST(pcre_pcreh)
+-])
+--- /dev/null
++++ b/m4/pcre2.m4
+@@ -0,0 +1,181 @@
++dnl -------------------------------------------------------- -*- autoconf -*-
++dnl Licensed to the Apache Software Foundation (ASF) under one or more
++dnl contributor license agreements. See the NOTICE file distributed with
++dnl this work for additional information regarding copyright ownership.
++dnl The ASF licenses this file to You under the Apache License, Version 2.0
++dnl (the "License"); you may not use this file except in compliance with
++dnl the License. You may obtain a copy of the License at
++dnl
++dnl http://www.apache.org/licenses/LICENSE-2.0
++dnl
++dnl Unless required by applicable law or agreed to in writing, software
++dnl distributed under the License is distributed on an "AS IS" BASIS,
++dnl WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++dnl See the License for the specific language governing permissions and
++dnl limitations under the License.
++
++dnl Modified by Syrone Wong <wong.syrone@gmail.com> to support pcre2 8bit variant only
++
++dnl
++dnl TS_ADDTO(variable, value)
++dnl
++dnl Add value to variable
++dnl
++AC_DEFUN([TS_ADDTO], [
++ if test "x$$1" = "x"; then
++ test "x$verbose" = "xyes" && echo " setting $1 to \"$2\""
++ $1="$2"
++ else
++ ats_addto_bugger="$2"
++ for i in $ats_addto_bugger; do
++ ats_addto_duplicate="0"
++ for j in $$1; do
++ if test "x$i" = "x$j"; then
++ ats_addto_duplicate="1"
++ break
++ fi
++ done
++ if test $ats_addto_duplicate = "0"; then
++ test "x$verbose" = "xyes" && echo " adding \"$i\" to $1"
++ $1="$$1 $i"
++ fi
++ done
++ fi
++])dnl
++
++dnl
++dnl TS_ADDTO_RPATH(path)
++dnl
++dnl Adds path to variable with the '-rpath' directive.
++dnl
++AC_DEFUN([TS_ADDTO_RPATH], [
++ AC_MSG_NOTICE([adding $1 to RPATH])
++ TS_ADDTO(LIBTOOL_LINK_FLAGS, [-R$1])
++])dnl
++
++dnl
++dnl pcre2.m4: Trafficserver's pcre2 autoconf macros
++dnl
++
++dnl
++dnl TS_CHECK_PCRE2: look for pcre2 libraries and headers
++dnl
++AC_DEFUN([TS_CHECK_PCRE2], [
++enable_pcre2=no
++AC_ARG_WITH(pcre2, [AC_HELP_STRING([--with-pcre2=DIR],[use a specific pcre2 library])],
++[
++ if test "x$withval" != "xyes" && test "x$withval" != "x"; then
++ pcre2_base_dir="$withval"
++ if test "$withval" != "no"; then
++ enable_pcre2=yes
++ case "$withval" in
++ *":"*)
++ pcre2_include="`echo $withval |sed -e 's/:.*$//'`"
++ pcre2_ldflags="`echo $withval |sed -e 's/^.*://'`"
++ AC_MSG_CHECKING(checking for pcre2 includes in $pcre2_include libs in $pcre2_ldflags )
++ ;;
++ *)
++ pcre2_include="$withval/include"
++ pcre2_ldflags="$withval/lib"
++ AC_MSG_CHECKING(checking for pcre2 includes in $withval)
++ ;;
++ esac
++ fi
++ fi
++],
++[
++ AC_CHECK_PROG(PCRE2_CONFIG, pcre2-config, pcre2-config)
++ if test "x$PCRE2_CONFIG" != "x"; then
++ enable_pcre2=yes
++ pcre2_base_dir="`$PCRE2_CONFIG --prefix`"
++ pcre2_include="`$PCRE2_CONFIG --cflags | sed -es/-I//`"
++ pcre2_ldflags="`$PCRE2_CONFIG --libs8 | sed -es/-lpcre2-8// -es/-L//`"
++ fi
++])
++
++if test "x$pcre2_base_dir" = "x"; then
++ AC_MSG_CHECKING([for pcre2 location])
++ AC_CACHE_VAL(ats_cv_pcre2_dir,[
++ for dir in /usr/local /usr ; do
++ if test -d $dir && ( test -f $dir/include/pcre2.h || test -f $dir/include/pcre2/pcre2.h ); then
++ ats_cv_pcre2_dir=$dir
++ break
++ fi
++ done
++ ])
++ pcre2_base_dir=$ats_cv_pcre2_dir
++ if test "x$pcre2_base_dir" = "x"; then
++ enable_pcre2=no
++ AC_MSG_RESULT([not found])
++ else
++ enable_pcre2=yes
++ pcre2_include="$pcre2_base_dir/include"
++ pcre2_ldflags="$pcre2_base_dir/lib"
++ AC_MSG_RESULT([$pcre2_base_dir])
++ fi
++else
++ AC_MSG_CHECKING(for pcre2 headers in $pcre2_include)
++ if test -d $pcre2_include && test -d $pcre2_ldflags && ( test -f $pcre2_include/pcre2.h || test -f $pcre2_include/pcre2/pcre2.h ); then
++ AC_MSG_RESULT([ok])
++ else
++ AC_MSG_RESULT([not found])
++ fi
++fi
++
++pcre2h=0
++pcre2_pcre2h=0
++if test "$enable_pcre2" != "no"; then
++ saved_ldflags=$LDFLAGS
++ saved_cppflags=$CFLAGS
++ pcre2_have_headers=0
++ pcre2_have_libs=0
++ if test "$pcre2_base_dir" != "/usr"; then
++ TS_ADDTO(CFLAGS, [-I${pcre2_include}])
++ TS_ADDTO(CFLAGS, [-DPCRE2_STATIC])
++ TS_ADDTO(LDFLAGS, [-L${pcre2_ldflags}])
++ TS_ADDTO_RPATH(${pcre2_ldflags})
++ fi
++ AC_SEARCH_LIBS([pcre2_match_8], [pcre2-8], [pcre2_have_libs=1])
++ if test "$pcre2_have_libs" != "0"; then
++ AC_MSG_CHECKING([pcre2.h])
++ AC_COMPILE_IFELSE(
++ [AC_LANG_PROGRAM(
++ [[
++#define PCRE2_CODE_UNIT_WIDTH 8
++#include <pcre2.h>
++ ]],
++ [[
++ ]]
++ )],
++ [pcre2_have_headers=1
++ AC_MSG_RESULT([ok])],
++ [AC_MSG_RESULT([not found])]
++ )
++
++ AC_MSG_CHECKING([pcre2/pcre2.h])
++ AC_COMPILE_IFELSE(
++ [AC_LANG_PROGRAM(
++ [[
++#define PCRE2_CODE_UNIT_WIDTH 8
++#include <pcre2/pcre2.h>
++ ]],
++ [[
++ ]]
++ )],
++ [pcre2_have_headers=1
++ AC_MSG_RESULT([ok])],
++ [AC_MSG_RESULT([not found])]
++ )
++ fi
++ if test "$pcre2_have_headers" != "0"; then
++ AC_DEFINE(HAVE_LIBPCRE2,1,[Compiling with pcre2 support])
++ AC_SUBST(LIBPCRE2, [-lpcre2-8])
++ else
++ enable_pcre2=no
++ CFLAGS=$saved_cppflags
++ LDFLAGS=$saved_ldflags
++ fi
++fi
++AC_SUBST(pcre2h)
++AC_SUBST(pcre2_pcre2h)
++])
+--- a/src/rule.c
++++ b/src/rule.c
+@@ -1,6 +1,7 @@
+ /*
+ * Copyright (c) 2011 and 2012, Dustin Lundquist <dustin@null-ptr.net>
+ * Copyright (c) 2011 Manuel Kasper <mk@neon1.net>
++ * Copyright (c) 2017 Syrone Wong <wong.syrone@gmail.com>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -74,18 +75,37 @@ add_rule(struct cork_dllist *rules, rule
+ cork_dllist_add(rules, &rule->entries);
+ }
+
++/*
++ * XXX: As pattern and subject are char arguments, they can be straightforwardly
++ * cast to PCRE2_SPTR as we are working in 8-bit code units.
++ */
++
+ int
+ init_rule(rule_t *rule)
+ {
+ if (rule->pattern_re == NULL) {
+- const char *reerr;
+- int reerroffset;
++ int errornumber;
++ PCRE2_SIZE erroroffset;
++ rule->pattern_re = pcre2_compile(
++ (PCRE2_SPTR)rule->pattern, /* the pattern */
++ PCRE2_ZERO_TERMINATED, /* indicates pattern is zero-terminated */
++ 0, /* default options */
++ &errornumber, /* for error number */
++ &erroroffset, /* for error offset */
++ NULL); /* use default compile context */
+
+- rule->pattern_re =
+- pcre_compile(rule->pattern, 0, &reerr, &reerroffset, NULL);
+ if (rule->pattern_re == NULL) {
+- LOGE("Regex compilation of \"%s\" failed: %s, offset %d",
+- rule->pattern, reerr, reerroffset);
++ PCRE2_UCHAR errbuffer[512];
++ pcre2_get_error_message(errornumber, errbuffer, sizeof(errbuffer));
++ LOGE("PCRE2 regex compilation failed at offset %d: %s\n", (int)erroroffset,
++ errbuffer);
++ return 0;
++ }
++
++ rule->pattern_re_match_data = pcre2_match_data_create_from_pattern(rule->pattern_re, NULL);
++
++ if (rule->pattern_re_match_data == NULL) {
++ ERROR("PCRE2: the memory for the block could not be obtained");
+ return 0;
+ }
+ }
+@@ -105,8 +125,15 @@ lookup_rule(const struct cork_dllist *ru
+
+ cork_dllist_foreach_void(rules, curr, next) {
+ rule_t *rule = cork_container_of(curr, rule_t, entries);
+- if (pcre_exec(rule->pattern_re, NULL,
+- name, name_len, 0, 0, NULL, 0) >= 0)
++ if (pcre2_match(
++ rule->pattern_re, /* the compiled pattern */
++ (PCRE2_SPTR)name, /* the subject string */
++ name_len, /* the length of the subject */
++ 0, /* start at offset 0 in the subject */
++ 0, /* default options */
++ rule->pattern_re_match_data, /* block for storing the result */
++ NULL /* use default match context */
++ ) >= 0)
+ return rule;
+ }
+
+@@ -127,7 +154,13 @@ free_rule(rule_t *rule)
+ return;
+
+ ss_free(rule->pattern);
+- if (rule->pattern_re != NULL)
+- pcre_free(rule->pattern_re);
++ if (rule->pattern_re != NULL) {
++ pcre2_code_free(rule->pattern_re); /* data and the compiled pattern. */
++ rule->pattern_re = NULL;
++ }
++ if (rule->pattern_re_match_data != NULL) {
++ pcre2_match_data_free(rule->pattern_re_match_data); /* Release memory used for the match */
++ rule->pattern_re_match_data = NULL;
++ }
+ ss_free(rule);
+ }
+--- a/src/rule.h
++++ b/src/rule.h
+@@ -1,6 +1,7 @@
+ /*
+ * Copyright (c) 2011 and 2012, Dustin Lundquist <dustin@null-ptr.net>
+ * Copyright (c) 2011 Manuel Kasper <mk@neon1.net>
++ * Copyright (c) 2017 Syrone Wong <wong.syrone@gmail.com>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+@@ -33,17 +34,27 @@
+
+ #include <libcork/ds.h>
+
+-#ifdef HAVE_PCRE_H
+-#include <pcre.h>
+-#elif HAVE_PCRE_PCRE_H
+-#include <pcre/pcre.h>
+-#endif
++/*
++ * The PCRE2_CODE_UNIT_WIDTH macro must be defined before including pcre2.h.
++ * For a program that uses only one code unit width, setting it to 8, 16, or 32
++ * makes it possible to use generic function names such as pcre2_compile(). Note
++ * that just changing 8 to 16 (for example) is not sufficient to convert this
++ * program to process 16-bit characters. Even in a fully 16-bit environment, where
++ * string-handling functions such as strcmp() and printf() work with 16-bit
++ * characters, the code for handling the table of named substrings will still need
++ * to be modified.
++ */
++/* we only need to support ASCII chartable, thus set it to 8 */
++#define PCRE2_CODE_UNIT_WIDTH 8
++
++#include <pcre2.h>
+
+ typedef struct rule {
+ char *pattern;
+
+ /* Runtime fields */
+- pcre *pattern_re;
++ pcre2_code *pattern_re;
++ pcre2_match_data *pattern_re_match_data;
+
+ struct cork_dllist_item entries;
+ } rule_t;
include $(TOPDIR)/rules.mk
PKG_NAME:=sing-box
-PKG_VERSION:=1.5.2
+PKG_VERSION:=1.6.0
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/SagerNet/sing-box/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=ad344a5fe0a515e3e5d0ab8102482b4a3d38932cf754756e1d48db17d36a5609
+PKG_HASH:=3272c9ac447d009749429f38d76e9879609c0c321442c3235ba806d995c0838a
PKG_LICENSE:=GPL-3.0-or-later
PKG_LICENSE_FILES:=LICENSE
define Package/sing-box/description
Sing-box is a universal proxy platform which supports hysteria, SOCKS, Shadowsocks,
- ShadowsocksR, ShadowTLS, Tor, trojan, VLess, VMess, WireGuard and so on.
+ ShadowTLS, Tor, trojan, VLess, VMess, WireGuard and so on.
endef
define Package/sing-box/config
bool "Build with reality TLS server support, see TLS."
default y
- config SINGBOX_WITH_SHADOWSOCKSR
- bool "Build with ShadowsocksR support"
- help
- It will be marked deprecated in 1.5.0 and removed entirely in 1.6.0.
-
config SINGBOX_WITH_UTLS
bool "Build with uTLS support for TLS outbound"
default y
CONFIG_SINGBOX_WITH_LWIP \
CONFIG_SINGBOX_WITH_QUIC \
CONFIG_SINGBOX_WITH_REALITY_SERVER \
- CONFIG_SINGBOX_WITH_SHADOWSOCKSR \
CONFIG_SINGBOX_WITH_UTLS \
CONFIG_SINGBOX_WITH_V2RAY_API \
CONFIG_SINGBOX_WITH_WIREGUARD
$(if $(CONFIG_SINGBOX_WITH_GVISOR),with_gvisor) \
$(if $(CONFIG_SINGBOX_WITH_LWIP),with_lwip) \
$(if $(CONFIG_SINGBOX_WITH_QUIC),with_quic) \
- $(if $(CONFIG_SINGBOX_WITH_SHADOWSOCKSR),with_shadowsocksr) \
$(if $(CONFIG_SINGBOX_WITH_REALITY_SERVER),with_reality_server) \
$(if $(CONFIG_SINGBOX_WITH_UTLS),with_utls) \
$(if $(CONFIG_SINGBOX_WITH_V2RAY_API),with_v2ray_api) \
include $(TOPDIR)/rules.mk
PKG_NAME:=snort3
-PKG_VERSION:=3.1.71.0
+PKG_VERSION:=3.1.73.0
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/snort3/snort3/archive/refs/tags/
-PKG_HASH:=b5dd52b46ca2570986d7c12750bbf9db00ee3c294983ce272b3ca321aee8fb73
+PKG_HASH:=d04edf07e9b695fb22de73f0987537d35b4c8466119940e39a056d1a13888b27
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org>
PKG_LICENSE:=GPL-2.0-only
include $(TOPDIR)/rules.mk
PKG_NAME:=snowflake
-PKG_VERSION:=2.6.1
+PKG_VERSION:=2.7.0
PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL=https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake.git
PKG_SOURCE_VERSION:=v$(PKG_VERSION)
-PKG_MIRROR_HASH:=c6a7ef515bae874c42220ab52dd597c08df4569e7d97f700e5c80c8946e205bd
+PKG_MIRROR_HASH:=3156dbeffaea82761372c7e64322cf9c24a05894c54ccb0d80eaed61b54e08c6
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=LICENSE
TITLE+= Client
endef
-define Package/snowflake-distinctcounter
-$(call Package/snowflake/Default)
- TITLE+= Distinct Counter
-endef
-
define Package/snowflake-probetest
$(call Package/snowflake/Default)
TITLE+= Probe test
This package contains the Snowflake client which provides the bridge to TOR.
endef
-define Package/snowflake-distinctcounter/description
-$(call Package/snowflake/description/Default)
-
-This package provides the Snowflake distinct counter service.
-endef
-
define Package/snowflake-probetest/description
$(call Package/snowflake/description/Default)
$(INSTALL_BIN) $(GO_PKG_BUILD_BIN_DIR)/client $(1)/usr/bin/snowflake-client
endef
-define Package/snowflake-distinctcounter/install
- $(INSTALL_DIR) $(1)/usr/bin
- $(INSTALL_BIN) $(GO_PKG_BUILD_BIN_DIR)/distinctcounter $(1)/usr/bin/snowflake-distinctcounter
-endef
-
define Package/snowflake-probetest/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(GO_PKG_BUILD_BIN_DIR)/probetest $(1)/usr/bin/snowflake-probetest
$(eval $(call BuildPackage,snowflake-broker))
$(eval $(call BuildPackage,snowflake-client))
-$(eval $(call BuildPackage,snowflake-distinctcounter))
$(eval $(call BuildPackage,snowflake-probetest))
$(eval $(call BuildPackage,snowflake-proxy))
$(eval $(call BuildPackage,snowflake-server))
include $(TOPDIR)/rules.mk
PKG_NAME:=speedtestcpp
-PKG_VERSION:=1.20.2
+PKG_VERSION:=1.20.3
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/oskarirauta/speedtestcpp/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=7d5c85f1d9a46f7d8a3ac4261ef1f92e53c511430bae096f7ec6f12a33d38904
+PKG_HASH:=8154e2161c56c0ac1275e57c34f448aaf98fb49937ff824ce975d95984395025
PKG_MAINTAINER:=Oskari Rauta <oskari.rauta@gmail.com>
PKG_LICENSE:=MIT
include $(TOPDIR)/rules.mk
PKG_NAME:=tor
-PKG_VERSION:=0.4.8.4
+PKG_VERSION:=0.4.8.7
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://dist.torproject.org/ \
https://archive.torproject.org/tor-package-archive
-PKG_HASH:=09c1ce74a25fc3b48c81ff146cbd0dd538cbbb8fe4e2964fc2fb2b192f6a1d2b
+PKG_HASH:=b20d2b9c74db28a00c07f090ee5b0241b2b684f3afdecccc6b8008931c557491
PKG_MAINTAINER:=Hauke Mehrtens <hauke@hauke-m.de> \
Peter Wagner <tripolar@gmx.at>
PKG_LICENSE_FILES:=LICENSE
}
reload_service() {
- procd_send_signal /usr/sbin/tor
+ procd_send_signal tor
}
start_service() {
include $(TOPDIR)/rules.mk
PKG_NAME:=transmission
-PKG_VERSION:=4.0.3
-PKG_RELEASE:=5
+PKG_VERSION:=4.0.4
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://github.com/transmission/transmission/releases/download/$(PKG_VERSION)/
-PKG_HASH:=b6b01fd58e42bb14f7aba0253db932ced050fcd2bba5d9f8469d77ddd8ad545a
+PKG_HASH:=15f7b4318fdfbffb19aa8d9a6b0fd89348e6ef1e86baa21a0806ffd1893bd5a6
PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
PKG_LICENSE:=GPL-2.0-or-later
#
-# Copyright (c) 2016-2022 Dirk Brenken (dev@brenken.org)
+# Copyright (c) 2016-2023 Dirk Brenken (dev@brenken.org)
# This is free software, licensed under the GNU General Public License v3.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=travelmate
-PKG_VERSION:=2.1.0
-PKG_RELEASE:=1
+PKG_VERSION:=2.1.1
+PKG_RELEASE:=2
PKG_LICENSE:=GPL-3.0-or-later
PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>
SECTION:=net
CATEGORY:=Network
TITLE:=A wlan connection manager for travel router
- DEPENDS:=+iwinfo +jshn +jsonfilter +curl +ca-bundle
+ DEPENDS:=+iwinfo +jshn +jsonfilter +curl +ca-bundle +rpcd +rpcd-mod-rpcsys
PKGARCH:=all
endef
* status & debug logging to syslog
## Prerequisites
-* [OpenWrt](https://openwrt.org), only compatible with the forthcoming stable 20.x or the latest OpenWrt snapshot
+* [OpenWrt](https://openwrt.org), tested/compatible with current stable 23.x and latest OpenWrt snapshot
* 'dnsmasq' as dns backend
* 'iwinfo' for wlan scanning
* 'curl' for connection checking and all kinds of captive portal magic, e.g. cp detection and auto-logins
* happy traveling ...
## Travelmate config options
-* usually the pre-configured travelmate setup works quite well and no manual config overrides are needed, all listed options apply to the 'global' section:
+* usually the pre-configured travelmate setup works quite well and no manual config overrides are needed, all listed options apply to the 'global' section:
| Option | Default | Description/Valid Values |
| :----------------- | :--------------------------------- | :---------------------------------------------------------------------------------------------------- |
| trm_mailsender | no-reply@travelmate | e-mail sender address for travelmate notifications |
| trm_mailtopic | travelmate connection to '<sta>' | topic for travelmate notification E-Mails |
| trm_mailprofile | trm_notify | profile used by 'msmtp' for travelmate notification E-Mails |
+| trm_stdvpnservice | -, not set | standard vpn service which will be automatically added to new STA profiles |
+| trm_stdvpniface | -, not set | standard vpn interface which will be automatically added to new STA profiles |
-* per uplink exist an additional 'uplink' section in the travelmate config, with the following options:
+
+* per uplink exist an additional 'uplink' section in the travelmate config, with the following options:
| Option | Default | Description/Valid Values |
| :----------------- | :--------------------------------- | :---------------------------------------------------------------------------------------------------- |
| vpn | 0, disabled | automatically handle VPN (re-) connections |
| vpnservice | -, not set | reference the already configured 'wireguard' or 'openvpn' client instance as vpn provider |
| vpniface | -, not set | the logical vpn interface, e.g. 'wg0' or 'tun0' |
-
+
## VPN client setup
Please follow one of the following guides to get a working vpn client setup on your travel router:
* [Wireguard client setup guide](https://openwrt.org/docs/guide-user/services/vpn/wireguard/client)
* [OpenVPN client setup guide](https://openwrt.org/docs/guide-user/services/vpn/openvpn/client)
+**Please note:** Make sure to uncheck the "Bring up on boot" option during vpn interface setup, so that netifd doesn't interfere with travelmate.
Once your vpn client connection is running, you can reference to that setup in travelmate to handle VPN (re-) connections automatically.
## E-Mail setup
**receive travelmate runtime information:**
<pre><code>
-root@2go_ar750s:~# /etc/init.d/travelmate status
+root@2go:~# /etc/init.d/travelmate status
::: travelmate runtime information
- + travelmate_status : connected (net ok/100)
- + travelmate_version : 2.0.0
- + station_id : radio1/WIFIonICE/-
- + station_mac : B2:9D:F5:96:86:A4
- + station_interface : trm_wwan
+ + travelmate_status : connected (net ok/51)
+ + travelmate_version : 2.1.1
+ + station_id : radio0/403 Forbidden/00:0C:46:24:50:00
+ + station_mac : 94:83:C4:24:0E:4F
+ + station_interfaces : trm_wwan, wg0
+ wpa_flags : sae: ✔, owe: ✔, eap: ✔, suiteb192: ✔
+ run_flags : captive: ✔, proactive: ✔, netcheck: ✘, autoadd: ✘, randomize: ✔
- + ext_hooks : ntp: â\9c\94, vpn: â\9c\98, mail: ✘
- + last_run : 2020.09.10-15:21:19
- + system : GL.iNet GL-AR750S (NOR/NAND), OpenWrt SNAPSHOT r14430-2dda301d40
+ + ext_hooks : ntp: â\9c\94, vpn: â\9c\94, mail: ✘
+ + last_run : 2023.10.21-14:29:14
+ + system : GL.iNet GL-A1300, OpenWrt SNAPSHOT r24187-bb8fd41f9a
</code></pre>
To debug travelmate runtime problems, please always enable the 'trm\_debug' flag, restart travelmate and check the system log afterwards (_logread -e "trm-"_)
## Removal
* stop the travelmate daemon with _/etc/init.d/travelmate stop_
-* optional: remove the travelmate package (_opkg remove luci-app-travelmate_, _opkg remove travelmate_)
+* remove the travelmate package (_opkg remove luci-app-travelmate_, _opkg remove travelmate_)
Have fun!
Dirk
#!/bin/sh /etc/rc.common
-# Copyright (c) 2016-2022 Dirk Brenken (dev@brenken.org)
+# Copyright (c) 2016-2023 Dirk Brenken (dev@brenken.org)
# This is free software, licensed under the GNU General Public License v3.
# set (s)hellcheck exceptions
-# shellcheck disable=2034,2086,2154,3043,3060
+# shellcheck disable=all
START=25
USE_PROCD=1
#!/bin/sh
# travelmate, a wlan connection manager for travel router
-# Copyright (c) 2016-2022 Dirk Brenken (dev@brenken.org)
+# Copyright (c) 2016-2023 Dirk Brenken (dev@brenken.org)
# This is free software, licensed under the GNU General Public License v3.
# set (s)hellcheck exceptions
-# shellcheck disable=1091,2086,3040,3043,3057,3060
+# shellcheck disable=all
export LC_ALL=C
export PATH="/usr/sbin:/usr/bin:/sbin:/bin"
-trm_ver="2.1.0"
trm_enabled="0"
trm_debug="0"
trm_iface=""
trm_ovpninfolist=""
trm_vpnifacelist=""
trm_vpninfolist=""
+trm_stdvpnservice=""
+trm_stdvpniface=""
trm_rtfile="/tmp/trm_runtime.json"
+trm_ubuscmd="$(command -v ubus)"
+trm_jsoncmd="$(command -v jsonfilter)"
trm_wifi="$(command -v wifi)"
trm_fetch="$(command -v curl)"
trm_iwinfo="$(command -v iwinfo)"
trm_logger="$(command -v logger)"
trm_wpa="$(command -v wpa_supplicant)"
trm_captiveurl="http://detectportal.firefox.com"
-trm_useragent="Mozilla/5.0 (Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0"
+trm_useragent="Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/118.0"
trm_ntpfile="/var/state/travelmate.ntp"
trm_vpnfile="/var/state/travelmate.vpn"
trm_mailfile="/var/state/travelmate.mail"
return
fi
- unset trm_stalist trm_radiolist trm_uplinklist trm_uplinkcfg trm_activesta trm_opensta
+ unset trm_stalist trm_radiolist trm_uplinklist trm_vpnifacelist trm_uplinkcfg trm_activesta trm_opensta
- trm_sysver="$(ubus -S call system board 2>/dev/null | jsonfilter -q -e '@.model' -e '@.release.description' |
+ trm_sysver="$("${trm_ubuscmd}" -S call system board 2>/dev/null | "${trm_jsoncmd}" -ql1 -e '@.model' -e '@.release.description' |
awk 'BEGIN{RS="";FS="\n"}{printf "%s, %s",$1,$2}')"
config_cb() {
}
list_cb() {
local option="${1}" value="${2}"
- if [ "${option}" = "trm_vpnifacelist" ]; then
+ if [ "${option}" = "trm_vpnifacelist" ] && ! printf "%s" "${trm_vpnifacelist}" | grep -q "${value}"; then
eval "trm_vpnifacelist=\"$(printf "%s" "${trm_vpnifacelist}") ${value}\""
fi
}
elif [ -z "${trm_iface}" ]; then
f_log "info" "travelmate is currently not configured, please use the 'Interface Setup' in LuCI or the 'setup' option in CLI"
/etc/init.d/travelmate stop
- elif ! ubus -t "${trm_maxwait}" wait_for network.wireless network.interface."${trm_iface}" >/dev/null 2>&1; then
+ elif ! "${trm_ubuscmd}" -t "${trm_maxwait}" wait_for network.wireless network.interface."${trm_iface}" >/dev/null 2>&1; then
f_log "info" "travelmate interface '${trm_iface}' does not appear on ubus, please check your network setup"
/etc/init.d/travelmate stop
fi
break 2
fi
status="$("${trm_wifi}" status 2>/dev/null)"
- if [ "$(printf "%s" "${status}" | jsonfilter -q -l1 -e "@.${radio}.up")" != "true" ] ||
- [ "$(printf "%s" "${status}" | jsonfilter -q -l1 -e "@.${radio}.pending")" != "false" ]; then
+ if [ "$(printf "%s" "${status}" | "${trm_jsoncmd}" -ql1 -e "@.${radio}.up")" != "true" ] ||
+ [ "$(printf "%s" "${status}" | "${trm_jsoncmd}" -ql1 -e "@.${radio}.pending")" != "false" ]; then
if [ "${radio}" != "${radio_up}" ]; then
"${trm_wifi}" up "${radio}"
radio_up="${radio}"
for info in ${trm_vpninfolist}; do
iface="${info%%&&*}"
[ "${iface}" = "${info}" ] && vpn_instance="" || vpn_instance="${info##*&&}"
- vpn_status="$(ifstatus "${iface}" | jsonfilter -q -l1 -e '@.up')"
+ vpn_status="$(ifstatus "${iface}" | "${trm_jsoncmd}" -ql1 -e '@.up')"
if [ "${vpn_status}" = "true" ]; then
- ifdown "${iface}"
+ /sbin/ifdown "${iface}"
+ "${trm_ubuscmd}" -S call network.interface."${iface}" remove >/dev/null 2>&1
if [ -x "/etc/init.d/openvpn" ] && [ -n "${vpn_instance}" ] && /etc/init.d/openvpn running "${vpn_instance}"; then
/etc/init.d/openvpn stop "${vpn_instance}"
fi
f_log "info" "take down vpn interface '${iface}/${vpn_instance:-"-"}' (initial)"
fi
done
- if [ -f "/etc/init.d/sysntpd" ]; then
- /etc/init.d/sysntpd restart >/dev/null 2>&1
- fi
rm -f "${trm_vpnfile}"
elif [ "${vpn}" = "1" ] && [ -n "${vpn_iface}" ] && [ "${vpn_action}" = "enable_keep" ]; then
for info in ${trm_vpninfolist}; do
iface="${info%%&&*}"
[ "${iface}" = "${info}" ] && vpn_instance="" || vpn_instance="${info##*&&}"
- vpn_status="$(ifstatus "${iface}" | jsonfilter -q -l1 -e '@.up')"
+ vpn_status="$(ifstatus "${iface}" | "${trm_jsoncmd}" -ql1 -e '@.up')"
if [ "${vpn_status}" = "true" ] && [ "${iface}" != "${vpn_iface}" ]; then
ifdown "${iface}"
if [ -x "/etc/init.d/openvpn" ] && [ -n "${vpn_instance}" ] && /etc/init.d/openvpn running "${vpn_instance}"; then
fi
if [ -x "${trm_vpnpgm}" ] && [ -n "${vpn_service}" ] && [ -n "${vpn_iface}" ]; then
if { [ "${vpn_action}" = "disable" ] && [ -f "${trm_vpnfile}" ]; } ||
- { [ -f "${trm_ntpfile}" ] && { [ "${vpn}" = "1" ] && [ "${vpn_action%_*}" = "enable" ] && [ ! -f "${trm_vpnfile}" ]; } ||
+ { [ -s "${trm_ntpfile}" ] && { [ "${vpn}" = "1" ] && [ "${vpn_action%_*}" = "enable" ] && [ ! -f "${trm_vpnfile}" ]; } ||
{ [ "${vpn}" != "1" ] && [ "${vpn_action%_*}" = "enable" ] && [ -f "${trm_vpnfile}" ]; }; }; then
result="$(f_net)"
if [ "${result}" = "net ok" ] || [ "${vpn_action}" = "disable" ]; then
[ -n "${rc}" ] && f_jsnup
fi
fi
- f_log "debug" "f_vpn ::: vpn: ${trm_vpn:-"-"}, enabled: ${vpn:-"-"}, action: ${vpn_action}, service: ${vpn_service:-"-"}, iface: ${vpn_iface:-"-"}, instance: ${vpn_instance:-"-"}, infolist: ${trm_vpninfolist:-"-"}, result: ${result}, rc: ${rc:-"-"}"
+ f_log "debug" "f_vpn ::: vpn: ${trm_vpn:-"-"}, enabled: ${vpn:-"-"}, action: ${vpn_action}, vpn_service: ${vpn_service:-"-"}, vpn_iface: ${vpn_iface:-"-"}, vpn_instance: ${vpn_instance:-"-"}, vpn_infolist: ${trm_vpninfolist:-"-"}, result: ${result}, rc: ${rc:-"-"}"
}
# mac helper function
uci_set "wireless" "${section}" "macaddr" "${result}"
else
uci_remove "wireless" "${section}" "macaddr" 2>/dev/null
- ifname="$(ubus -S call network.wireless status 2>/dev/null | jsonfilter -q -l1 -e '@.*.interfaces[@.config.mode="sta"].ifname')"
+ ifname="$("${trm_ubuscmd}" -S call network.wireless status 2>/dev/null | "${trm_jsoncmd}" -ql1 -e '@.*.interfaces[@.config.mode="sta"].ifname')"
result="$(${trm_iwinfo} "${ifname}" info 2>/dev/null | awk '/Access Point:/{printf "%s",$3}')"
fi
elif [ "${action}" = "get" ]; then
result="$(uci_get "wireless" "${section}" "macaddr")"
if [ -z "${result}" ]; then
- ifname="$(ubus -S call network.wireless status 2>/dev/null | jsonfilter -q -l1 -e '@.*.interfaces[@.config.mode="sta"].ifname')"
+ ifname="$("${trm_ubuscmd}" -S call network.wireless status 2>/dev/null | "${trm_jsoncmd}" -ql1 -e '@.*.interfaces[@.config.mode="sta"].ifname')"
result="$(${trm_iwinfo} "${ifname}" info 2>/dev/null | awk '/Access Point:/{printf "%s",$3}')"
fi
fi
"start")
uci_remove "travelmate" "${trm_uplinkcfg}" "con_start" 2>/dev/null
uci_remove "travelmate" "${trm_uplinkcfg}" "con_end" 2>/dev/null
- if [ -f "${trm_ntpfile}" ]; then
+ if [ -s "${trm_ntpfile}" ]; then
uci_set "travelmate" "${trm_uplinkcfg}" "con_start" "$(date "+%Y.%m.%d-%H:%M:%S")"
fi
;;
"refresh")
- if [ -f "${trm_ntpfile}" ] && [ -z "$(uci_get "travelmate" "${trm_uplinkcfg}" "con_start")" ]; then
+ if [ -s "${trm_ntpfile}" ] && [ -z "$(uci_get "travelmate" "${trm_uplinkcfg}" "con_start")" ]; then
uci_set "travelmate" "${trm_uplinkcfg}" "con_start" "$(date "+%Y.%m.%d-%H:%M:%S")"
fi
;;
"end")
- if [ -f "${trm_ntpfile}" ]; then
+ if [ -s "${trm_ntpfile}" ]; then
uci_set "travelmate" "${trm_uplinkcfg}" "con_end" "$(date "+%Y.%m.%d-%H:%M:%S")"
fi
;;
"start_expiry")
- if [ -f "${trm_ntpfile}" ]; then
+ if [ -s "${trm_ntpfile}" ]; then
expiry="$(uci_get "travelmate" "${trm_uplinkcfg}" "con_start_expiry")"
uci_set "travelmate" "${trm_uplinkcfg}" "enabled" "0"
uci_set "travelmate" "${trm_uplinkcfg}" "con_end" "$(date "+%Y.%m.%d-%H:%M:%S")"
fi
;;
"end_expiry")
- if [ -f "${trm_ntpfile}" ]; then
+ if [ -s "${trm_ntpfile}" ]; then
expiry="$(uci_get "travelmate" "${trm_uplinkcfg}" "con_end_expiry")"
uci_set "travelmate" "${trm_uplinkcfg}" "enabled" "1"
uci_remove "travelmate" "${trm_uplinkcfg}" "con_start" 2>/dev/null
;;
"disabled")
uci_set "travelmate" "${trm_uplinkcfg}" "enabled" "0"
- if [ -f "${trm_ntpfile}" ]; then
+ if [ -s "${trm_ntpfile}" ]; then
uci_set "travelmate" "${trm_uplinkcfg}" "con_end" "$(date "+%Y.%m.%d-%H:%M:%S")"
fi
;;
config_load openvpn
config_foreach uci_config "openvpn"
fi
- f_log "debug" "f_getovpn ::: ovpninfolist: ${trm_ovpninfolist:-"-"}"
+ f_log "debug" "f_getovpn ::: ovpn_infolist: ${trm_ovpninfolist:-"-"}"
}
# get logical vpn network interfaces
proto="$(uci_get "network" "${iface}" "proto")"
device="$(uci_get "network" "${iface}" "device")"
if [ "${proto}" = "wireguard" ]; then
- if { [ -z "${trm_vpnifacelist}" ] || printf "%s" "${trm_vpnifacelist}" | grep -q "${iface}"; }; then
+ if [ -z "${trm_vpnifacelist}" ] || printf "%s" "${trm_vpnifacelist}" | grep -q "${iface}"; then
if ! printf "%s" "${trm_vpninfolist}" | grep -q "${iface}"; then
trm_vpninfolist="$(f_trim "${trm_vpninfolist} ${iface}")"
fi
if [ -z "${trm_ovpninfolist}" ]; then
f_getovpn
fi
- if { [ -z "${trm_vpnifacelist}" ] || printf "%s" "${trm_vpnifacelist}" | grep -q "${iface}"; }; then
+ if [ -z "${trm_vpnifacelist}" ] || printf "%s" "${trm_vpnifacelist}" | grep -q "${iface}"; then
for info in ${trm_ovpninfolist}; do
if [ "${info%%&&*}" = "${device}" ]; then
if ! printf "%s" "${trm_vpninfolist}" | grep -q "${iface}"; then
done
fi
fi
- f_log "debug" "f_getvpn ::: iface: ${iface:-"-"}, proto: ${proto:-"-"}, device: ${device:-"-"}, ifacelist: ${trm_vpnifacelist:-"-"}, infolist: ${trm_vpninfolist:-"-"}"
+ f_log "debug" "f_getvpn ::: iface: ${iface:-"-"}, proto: ${proto:-"-"}, device: ${device:-"-"}, vpn_ifacelist: ${trm_vpnifacelist:-"-"}, vpn_infolist: ${trm_vpninfolist:-"-"}"
}
# get wan gateway addresses
# add open uplinks
#
f_addsta() {
- local uci_cfg new_uplink="1" offset="1" radio="${1}" essid="${2}"
+ local wifi_cfg trm_cfg new_uplink="1" offset="1" radio="${1}" essid="${2}"
if [ "${trm_maxautoadd}" = "0" ] || [ "${trm_opensta:-0}" -lt "${trm_maxautoadd}" ]; then
config_cb() {
fi
if [ "${new_uplink}" = "1" ]; then
- uci_cfg="trm_uplink$((offset + 1))"
- while [ -n "$(uci_get "wireless.${uci_cfg}")" ]; do
+ wifi_cfg="trm_uplink$((offset + 1))"
+ while [ -n "$(uci_get "wireless.${wifi_cfg}")" ]; do
offset="$((offset + 1))"
- uci_cfg="trm_uplink${offset}"
+ wifi_cfg="trm_uplink${offset}"
done
uci -q batch <<-EOC
- set wireless."${uci_cfg}"="wifi-iface"
- set wireless."${uci_cfg}".mode="sta"
- set wireless."${uci_cfg}".network="${trm_iface}"
- set wireless."${uci_cfg}".device="${radio}"
- set wireless."${uci_cfg}".ssid="${essid}"
- set wireless."${uci_cfg}".encryption="none"
- set wireless."${uci_cfg}".disabled="1"
+ set wireless."${wifi_cfg}"="wifi-iface"
+ set wireless."${wifi_cfg}".mode="sta"
+ set wireless."${wifi_cfg}".network="${trm_iface}"
+ set wireless."${wifi_cfg}".device="${radio}"
+ set wireless."${wifi_cfg}".ssid="${essid}"
+ set wireless."${wifi_cfg}".encryption="none"
+ set wireless."${wifi_cfg}".disabled="1"
EOC
- uci_cfg="$(uci -q add travelmate uplink)"
+ trm_cfg="$(uci -q add travelmate uplink)"
uci -q batch <<-EOC
- set travelmate."${uci_cfg}".device="${radio}"
- set travelmate."${uci_cfg}".ssid="${essid}"
- set travelmate."${uci_cfg}".opensta="1"
- set travelmate."${uci_cfg}".con_start_expiry="0"
- set travelmate."${uci_cfg}".con_end_expiry="0"
- set travelmate."${uci_cfg}".enabled="1"
+ set travelmate."${trm_cfg}".device="${radio}"
+ set travelmate."${trm_cfg}".ssid="${essid}"
+ set travelmate."${trm_cfg}".opensta="1"
+ set travelmate."${trm_cfg}".con_start_expiry="0"
+ set travelmate."${trm_cfg}".con_end_expiry="0"
+ set travelmate."${trm_cfg}".enabled="1"
EOC
- if [ -n "$(uci -q changes "travelmate")" ] || [ -n "$(uci -q changes "wireless")" ]; then
- trm_opensta="$((trm_opensta + 1))"
- uci_commit "travelmate"
- uci_commit "wireless"
- f_wifi
- if [ ! -f "${trm_refreshfile}" ]; then
- printf "%s" "ui_reload" >"${trm_refreshfile}"
- fi
- f_log "info" "open uplink '${radio}/${essid}' added to wireless config"
+ if [ -n "${trm_stdvpnservice}" ] && [ -n "${trm_stdvpniface}" ]; then
+ uci -q batch <<-EOC
+ set travelmate."${trm_cfg}".vpnservice="${trm_stdvpnservice}"
+ set travelmate."${trm_cfg}".vpniface="${trm_stdvpniface}"
+ set travelmate."${trm_cfg}".vpn="1"
+ EOC
fi
+ trm_opensta="$((trm_opensta + 1))"
+ uci_commit "travelmate"
+ uci_commit "wireless"
+ f_wifi
+ if [ ! -f "${trm_refreshfile}" ]; then
+ printf "%s" "ui_reload" >"${trm_refreshfile}"
+ fi
+ f_log "info" "open uplink '${radio}/${essid}' added to wireless config"
+ printf "%s" "${wifi_cfg}-${radio}"
fi
f_log "debug" "f_addsta ::: radio: ${radio:-"-"}, essid: ${essid}, opensta/maxautoadd: ${trm_opensta:-"-"}/${trm_maxautoadd:-"-"}, new_uplink: ${new_uplink}, offset: ${offset}"
}
json_raw="${raw#*\{}"
html_raw="${raw%%\{*}"
if [ -n "${json_raw}" ]; then
- json_ec="$(printf "%s" "{${json_raw}" | jsonfilter -q -l1 -e '@.exitcode')"
- json_rc="$(printf "%s" "{${json_raw}" | jsonfilter -q -l1 -e '@.response_code')"
- json_cp="$(printf "%s" "{${json_raw}" | jsonfilter -q -l1 -e '@.redirect_url' | awk 'BEGIN{FS="/"}{printf "%s",tolower($3)}')"
+ json_ec="$(printf "%s" "{${json_raw}" | "${trm_jsoncmd}" -ql1 -e '@.exitcode')"
+ json_rc="$(printf "%s" "{${json_raw}" | "${trm_jsoncmd}" -ql1 -e '@.response_code')"
+ json_cp="$(printf "%s" "{${json_raw}" | "${trm_jsoncmd}" -ql1 -e '@.redirect_url' | awk 'BEGIN{FS="/"}{printf "%s",tolower($3)}')"
if [ "${json_ec}" = "0" ]; then
if [ -n "${json_cp}" ]; then
result="net cp '${json_cp}'"
fi
fi
else
- err_msg="$(printf "%s" "{${json_raw}" | jsonfilter -q -l1 -e '@.errormsg')"
+ err_msg="$(printf "%s" "{${json_raw}" | "${trm_jsoncmd}" -ql1 -e '@.errormsg')"
json_ed="$(printf "%s" "{${err_msg}" | awk '/([[:alnum:]_-]{1,63}\.)+[[:alpha:]]+$/{printf "%s",tolower($NF)}')"
if [ "${json_ec}" = "6" ]; then
if [ -n "${json_ed}" ] && [ "${json_ed}" != "${trm_captiveurl#http*://*}" ]; then
# check interface status
#
f_check() {
- local ifname radio dev_status result login_script login_script_args cp_domain wait_time="1" enabled="1" mode="${1}" status="${2}" sta_radio="${3}" sta_essid="${4}" sta_bssid="${5}"
+ local ifname radio dev_status result login_script login_script_args cp_domain wait_time="0" enabled="1" mode="${1}" status="${2}" sta_radio="${3}" sta_essid="${4}" sta_bssid="${5}"
if [ "${mode}" = "initial" ] || [ "${mode}" = "dev" ]; then
json_get_var station_id "station_id"
f_wifi
fi
while [ "${wait_time}" -le "${trm_maxwait}" ]; do
- dev_status="$(ubus -S call network.wireless status 2>/dev/null)"
+ [ "${wait_time}" -gt "0" ] && sleep 1
+ wait_time="$((wait_time + 1))"
+ dev_status="$("${trm_ubuscmd}" -S call network.wireless status 2>/dev/null)"
if [ -n "${dev_status}" ]; then
if [ "${mode}" = "dev" ]; then
if [ "${trm_ifstatus}" != "${status}" ]; then
trm_ifstatus="${status}"
break
else
- ifname="$(printf "%s" "${dev_status}" | jsonfilter -q -l1 -e '@.*.interfaces[@.config.mode="sta"].ifname')"
+ ifname="$(printf "%s" "${dev_status}" | "${trm_jsoncmd}" -ql1 -e '@.*.interfaces[@.config.mode="sta"].ifname')"
if [ -n "${ifname}" ] && [ "${enabled}" = "1" ]; then
- trm_ifquality="$(${trm_iwinfo} "${ifname}" info 2>/dev/null | awk -F '[ ]' '/Link Quality:/{split($NF,var0,"/");printf "%i\n",(var0[1]*100/var0[2])}')"
- if [ "${trm_ifquality}" -ge "${trm_minquality}" ]; then
- trm_ifstatus="$(ubus -S call network.interface dump 2>/dev/null | jsonfilter -q -l1 -e "@.interface[@.device=\"${ifname}\"].up")"
+ trm_ifquality="$(${trm_iwinfo} "${ifname}" info 2>/dev/null | awk -F '[ ]' '/Link Quality: [0-9]+\/[0-9]+/{split($NF,var0,"/");printf "%i\n",(var0[1]*100/var0[2])}')"
+ if [ -z "${trm_ifquality}" ]; then
+ continue
+ elif [ "${trm_ifquality}" -ge "${trm_minquality}" ]; then
+ trm_ifstatus="$("${trm_ubuscmd}" -S call network.interface dump 2>/dev/null | "${trm_jsoncmd}" -ql1 -e "@.interface[@.device=\"${ifname}\"].up")"
if [ "${trm_ifstatus}" = "true" ]; then
result="$(f_net)"
if [ "${trm_captive}" = "1" ]; then
f_jsnup
break
fi
- wait_time="$((wait_time + 1))"
- sleep 1
done
f_log "debug" "f_check ::: mode: ${mode}, name: ${ifname:-"-"}, status: ${trm_ifstatus}, enabled: ${enabled}, connection: ${trm_connection:-"-"}, wait: ${wait_time}, max_wait: ${trm_maxwait}, min_quality: ${trm_minquality}, captive: ${trm_captive}, netcheck: ${trm_netcheck}"
}
# update runtime information
#
f_jsnup() {
- local vpn vpn_iface section last_date last_station sta_iface sta_radio sta_essid sta_bssid sta_mac dev_status last_status status="${trm_ifstatus}" ntp_done="0" vpn_done="0" mail_done="0"
+ local vpn vpn_iface section last_date sta_iface sta_radio sta_essid sta_bssid sta_mac dev_status status="${trm_ifstatus}" ntp_done="0" vpn_done="0" mail_done="0"
if [ "${status}" = "true" ]; then
status="connected (${trm_connection:-"-"})"
- dev_status="$(ubus -S call network.wireless status 2>/dev/null)"
- section="$(printf "%s" "${dev_status}" | jsonfilter -q -l1 -e '@.*.interfaces[@.config.mode="sta"].section')"
+ dev_status="$("${trm_ubuscmd}" -S call network.wireless status 2>/dev/null)"
+ section="$(printf "%s" "${dev_status}" | "${trm_jsoncmd}" -ql1 -e '@.*.interfaces[@.config.mode="sta"].section')"
if [ -n "${section}" ]; then
sta_iface="$(uci_get "wireless" "${section}" "network")"
sta_radio="$(uci_get "wireless" "${section}" "device")"
f_getcfg "${sta_radio}" "${sta_essid}" "${sta_bssid}"
fi
json_get_var last_date "last_run"
- json_get_var last_station "station_id"
- json_get_var last_status "travelmate_status"
-
- if { [ -f "${trm_ntpfile}" ] && [ ! -s "${trm_ntpfile}" ]; } || [ "${last_status}" = "running (not connected)" ] ||
- { [ -n "${last_station}" ] && [ "${last_station}" != "${sta_radio:-"-"}/${sta_essid:-"-"}/${sta_bssid:-"-"}" ]; }; then
- last_date="$(date "+%Y.%m.%d-%H:%M:%S")"
- if [ -f "${trm_ntpfile}" ] && [ ! -s "${trm_ntpfile}" ]; then
- printf "%s" "${last_date}" >"${trm_ntpfile}"
- fi
- fi
+
vpn="$(f_getval "vpn")"
if [ "${trm_vpn}" = "1" ] && [ -n "${trm_vpninfolist}" ] && [ "${vpn}" = "1" ] && [ -f "${trm_vpnfile}" ]; then
vpn_iface="$(f_getval "vpniface")"
# main function for connection handling
#
f_main() {
- local radio cnt retrycnt scan_dev scan_list scan_essid scan_bssid scan_open scan_quality
- local station_id section sta sta_essid sta_bssid sta_radio sta_mac config_essid config_bssid config_radio
+ local radio cnt retrycnt scan_dev scan_list scan_essid scan_bssid scan_open scan_quality station_id section
+ local sta sta_essid sta_bssid sta_radio sta_mac open_sta open_essid config_radio config_essid config_bssid
f_check "initial" "false"
f_log "debug" "f_main-1 ::: status: ${trm_ifstatus}, proactive: ${trm_proactive}"
f_log "debug" "f_main-5 ::: sta_radio: ${sta_radio}, sta_essid: \"${sta_essid}\", sta_bssid: ${sta_bssid:-"-"}"
fi
if [ -z "${scan_list}" ]; then
- scan_dev="$(ubus -S call network.wireless status 2>/dev/null | jsonfilter -q -l1 -e "@.${radio}.interfaces[0].ifname")"
+ scan_dev="$("${trm_ubuscmd}" -S call network.wireless status 2>/dev/null | "${trm_jsoncmd}" -ql1 -e "@.${radio}.interfaces[0].ifname")"
scan_list="$("${trm_iwinfo}" "${scan_dev:-${radio}}" scan 2>/dev/null |
awk 'BEGIN{FS="[[:space:]]"}/Address:/{var1=$NF}/ESSID:/{var2="";for(i=12;i<=NF;i++)if(var2==""){var2=$i}else{var2=var2" "$i}}
/Quality:/{split($NF,var0,"/")}/Encryption:/{if($NF=="none"){var3="+"}else{var3="-"};
if [ -n "${scan_quality}" ] && [ -n "${scan_open}" ] && [ -n "${scan_bssid}" ] && [ -n "${scan_essid}" ]; then
f_log "debug" "f_main-7 ::: radio(sta/scan): ${sta_radio}/${radio}, essid(sta/scan): \"${sta_essid}\"/${scan_essid}, bssid(sta/scan): ${sta_bssid}/${scan_bssid}, quality(min/scan): ${trm_minquality}/${scan_quality}, open: ${scan_open}"
if [ "${scan_quality}" -ge "${trm_minquality}" ]; then
+ if [ "${trm_autoadd}" = "1" ] && [ "${scan_open}" = "+" ] && [ "${scan_essid}" != "unknown" ]; then
+ open_essid="${scan_essid%?}"
+ open_essid="${open_essid:1}"
+ open_sta="$(f_addsta "${radio}" "${open_essid}")"
+ if [ -n "${open_sta}" ]; then
+ section="${open_sta%%-*}"
+ sta_radio="$(uci_get "wireless" "${section}" "device")"
+ sta_essid="$(uci_get "wireless" "${section}" "ssid")"
+ sta_bssid=""
+ sta_mac=""
+ fi
+ fi
if { { [ "${scan_essid}" = "\"${sta_essid}\"" ] && { [ -z "${sta_bssid}" ] || [ "${scan_bssid}" = "${sta_bssid}" ]; }; } ||
{ [ "${scan_bssid}" = "${sta_bssid}" ] && [ "${scan_essid}" = "unknown" ]; }; } && [ "${radio}" = "${sta_radio}" ]; then
if [ -n "${config_radio}" ]; then
retrycnt="$((retrycnt + 1))"
sleep "$((trm_maxwait / 6))"
done
- elif [ "${trm_autoadd}" = "1" ] && [ "${scan_open}" = "+" ] && [ "${scan_essid}" != "unknown" ]; then
- scan_essid="${scan_essid%?}"
- scan_essid="${scan_essid:1}"
- f_addsta "${radio}" "${scan_essid}"
fi
fi
fi
fi
}
+# get travelmate version
+#
+trm_ver="$("${trm_ubuscmd}" -S call rpc-sys packagelist '{ "all": true }' 2>/dev/null | "${trm_jsoncmd}" -ql1 -e '@.packages.travelmate')"
+
# source required system libraries
#
if [ -r "/lib/functions.sh" ] && [ -r "/lib/functions/network.sh" ] && [ -r "/usr/share/libubox/jshn.sh" ]; then
f_log "err" "system libraries not found"
fi
+# force ntp restart/sync
+#
+if [ -f "/etc/init.d/sysntpd" ] && [ ! -s "${trm_ntpfile}" ]; then
+ /etc/init.d/sysntpd restart >/dev/null 2>&1
+ f_log "debug" "ntp time sync requested"
+fi
+
# control travelmate actions
#
while true; do
#!/bin/sh
# vpn handler called by travelmate
-# Copyright (c) 2020-2022 Dirk Brenken (dev@brenken.org)
+# Copyright (c) 2020-2023 Dirk Brenken (dev@brenken.org)
# This is free software, licensed under the GNU General Public License v3.
# set (s)hellcheck exceptions
-# shellcheck disable=1091,3040,3043
+# shellcheck disable=all
# Please note: you have to setup the package 'wireguard' or 'openvpn' before using this script
vpn_instance="${5}"
trm_maxwait="$(uci_get travelmate global trm_maxwait "30")"
trm_captiveurl="$(uci_get travelmate global trm_captiveurl "http://detectportal.firefox.com")"
-trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0")"
+trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/118.0")"
+trm_ubuscmd="$(command -v ubus)"
+trm_jsoncmd="$(command -v jsonfilter)"
trm_logger="$(command -v logger)"
trm_fetch="$(command -v curl)"
trm_vpnfile="/var/state/travelmate.vpn"
f_net() {
- local json_rc result="net nok"
+ local json_rc
json_rc="$(${trm_fetch} --user-agent "${trm_useragent}" --referer "http://www.example.com" --header "Cache-Control: no-cache, no-store, must-revalidate, max-age=0" --write-out "%{response_code}" --silent --output /dev/null --max-time $((trm_maxwait / 6)) "${trm_captiveurl}")"
if [ "${json_rc}" = "200" ] || [ "${json_rc}" = "204" ]; then
- result="net ok"
+ json_rc="net ok"
fi
- printf "%s" "${result}"
+ printf "%s" "${json_rc}"
}
if [ "${vpn}" = "1" ] && [ "${vpn_action%_*}" = "enable" ]; then
if [ "${vpn_action}" = "enable_keep" ]; then
- vpn_status="$(ubus -S call network.interface."${vpn_iface}" status 2>/dev/null | jsonfilter -q -l1 -e '@.up')"
+ vpn_status="$("${trm_ubuscmd}" -S call network.interface."${vpn_iface}" status 2>/dev/null | "${trm_jsoncmd}" -ql1 -e '@.up')"
fi
if [ "${vpn_action}" = "enable" ] || [ "${vpn_status}" != "true" ]; then
+ if [ "${vpn_status}" != "true" ]; then
+ /sbin/ifdown "${vpn_iface}"
+ "${trm_ubuscmd}" -S call network.interface."${vpn_iface}" remove >/dev/null 2>&1
+ if [ "${vpn_service}" = "openvpn" ] && [ -n "${vpn_instance}" ] && [ -x "/etc/init.d/openvpn" ] && /etc/init.d/openvpn running "${vpn_instance}"; then
+ /etc/init.d/openvpn stop "${vpn_instance}"
+ fi
+ sleep 1
+ fi
if [ "${vpn_service}" = "openvpn" ] && [ -n "${vpn_instance}" ] && [ -x "/etc/init.d/openvpn" ] && ! /etc/init.d/openvpn running "${vpn_instance}"; then
/etc/init.d/openvpn start "${vpn_instance}"
fi
- ifup "${vpn_iface}"
+ /sbin/ifup "${vpn_iface}"
cnt=0
while true; do
- vpn_status="$(ubus -S call network.interface."${vpn_iface}" status 2>/dev/null | jsonfilter -q -l1 -e '@.up')"
+ vpn_status="$("${trm_ubuscmd}" -S call network.interface."${vpn_iface}" status 2>/dev/null | "${trm_jsoncmd}" -ql1 -e '@.up')"
if [ "${vpn_status}" = "true" ]; then
net_status="$(f_net)"
if [ "${net_status}" = "net ok" ]; then
fi
fi
if [ "${cnt}" -ge "$((trm_maxwait / 3))" ]; then
- ifdown "${vpn_iface}"
+ /sbin/ifdown "${vpn_iface}"
+ "${trm_ubuscmd}" -S call network.interface."${vpn_iface}" remove >/dev/null 2>&1
if [ "${vpn_service}" = "openvpn" ] && [ -n "${vpn_instance}" ] && [ -x "/etc/init.d/openvpn" ] && /etc/init.d/openvpn running "${vpn_instance}"; then
/etc/init.d/openvpn stop "${vpn_instance}"
fi
rm -f "${trm_vpnfile}"
- "${trm_logger}" -p "info" -t "trm-vpn [${$}]" "${vpn_service} client connection can't be established '${vpn_iface}/${vpn_instance:-"-"}'" 2>/dev/null
+ "${trm_logger}" -p "info" -t "trm-vpn [${$}]" "${vpn_service} client connection can't be established '${vpn_iface}/${vpn_instance:-"-", rc: ${net_status:-"-"}}'" 2>/dev/null
return 1
fi
sleep 1
done
fi
elif { [ "${vpn}" != "1" ] && [ "${vpn_action%_*}" = "enable" ]; } || [ "${vpn_action}" = "disable" ]; then
- ifdown "${vpn_iface}"
+ /sbin/ifdown "${vpn_iface}"
+ "${trm_ubuscmd}" -S call network.interface."${vpn_iface}" remove >/dev/null 2>&1
if [ "${vpn_service}" = "openvpn" ] && [ -n "${vpn_instance}" ] && [ -x "/etc/init.d/openvpn" ] && /etc/init.d/openvpn running "${vpn_instance}"; then
/etc/init.d/openvpn stop "${vpn_instance}"
fi
#!/bin/sh
# ntp hotplug script for travelmate
-# Copyright (c) 2020-2022 Dirk Brenken (dev@brenken.org)
+# Copyright (c) 2020-2023 Dirk Brenken (dev@brenken.org)
# This is free software, licensed under the GNU General Public License v3.
# set (s)hellcheck exceptions
-# shellcheck disable=3023
+# shellcheck disable=all
trm_init="/etc/init.d/travelmate"
trm_ntpfile="/var/state/travelmate.ntp"
trm_logger="$(command -v logger)"
-if [ "${ACTION}" = "stratum" ] && [ ! -f "${trm_ntpfile}" ] && "${trm_init}" enabled; then
- {
- if flock -xn 1001; then
- "${trm_logger}" -p "info" -t "trm-ntp [${$}]" "get ntp time sync" 2>/dev/null
- "${trm_init}" restart
- fi
- } 1001>"${trm_ntpfile}"
+if [ "${ACTION}" = "stratum" ] && [ ! -s "${trm_ntpfile}" ] && "${trm_init}" enabled; then
+ printf "%s" "$(date "+%Y.%m.%d-%H:%M:%S")" > "${trm_ntpfile}"
+ "${trm_logger}" -p "info" -t "trm-ntp [${$}]" "get ntp time sync"
fi
include $(TOPDIR)/rules.mk
PKG_NAME:=wavemon
-PKG_VERSION:=0.9.3
+PKG_VERSION:=0.9.5
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/uoaerg/wavemon/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=ddbeb6ec8ed7d94fa895e5d57ecfe338495df3991f6facc7cf40aa121bf7ff60
+PKG_HASH:=f84c55a40b470f2b98908d20cd0b38ffef6f587daed23b50281c9592df3331c6
PKG_MAINTAINER:=Jonathan McCrohan <jmccrohan@gmail.com>
PKG_LICENSE:=GPL-2.0-or-later
SECTION:=net
CATEGORY:=Network
TITLE:=N-curses based wireless network devices monitor
- DEPENDS:=+libncurses +libpthread +libnl-genl
+ DEPENDS:=+libncurses +libpthread +libnl-genl +libnl-cli
SUBMENU:=Wireless
URL:=https://github.com/uoaerg/wavemon/releases
endef
PKG_NAME:=zerotier
PKG_VERSION:=1.12.2
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/zerotier/ZeroTierOne/tar.gz/$(PKG_VERSION)?
local args=""
if ! section_enabled "$cfg"; then
- echo "disabled in /ect/config/zerotier"
+ echo "disabled in /etc/config/zerotier"
return 1
fi
include $(TOPDIR)/rules.mk
PKG_NAME:=owntone
-PKG_VERSION:=28.5
+PKG_VERSION:=28.8
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://github.com/owntone/owntone-server/releases/download/$(PKG_VERSION)/
-PKG_HASH:=c9ee0152dc488f782a25a68e72d24c109882bef3dd2914315fe499c8415fd898
+PKG_HASH:=ebaee52ae617f08c41859522ba0a839d1865dcac7d6c0eb9e3fee81caf8fd47c
PKG_FIXUP:=autoreconf
PKG_BUILD_FLAGS:=no-mips16
TITLE:=iTunes (DAAP) server for Apple Remote and AirPlay
URL:=https://github.com/owntone/owntone-server
DEPENDS:=+libgpg-error +libgcrypt +libgdbm +zlib +libexpat +libunistring \
- +libevent2 +libdaemon +confuse +alsa-lib +libffmpeg-full \
+ +libevent2 +libevent2-pthreads +libdaemon +confuse +alsa-lib +libffmpeg-full \
+mxml +libavahi-client +sqlite3-cli +libplist +libcurl +libjson-c \
+libprotobuf-c +libgnutls +libsodium +libwebsockets +libuuid $(ICONV_DEPENDS)
endef
--disable-install_conf_file \
--disable-install_user \
--with-alsa \
- --without-pulseaudio \
- --without-libevent_pthreads
+ --without-pulseaudio
TARGET_CFLAGS += $(FPIC)
include $(TOPDIR)/rules.mk
PKG_NAME:=pulseaudio
-PKG_VERSION:=14.2
-PKG_RELEASE:=10
+PKG_VERSION:=16.1
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://freedesktop.org/software/pulseaudio/releases
-PKG_HASH:=75d3f7742c1ae449049a4c88900e454b8b350ecaa8c544f3488a2562a9ff66f1
+PKG_HASH:=8eef32ce91d47979f95fd9a935e738cd7eb7463430dabc72863251751e504ae4
PKG_MAINTAINER:=Peter Wagner <tripolar@gmx.at>
PKG_LICENSE:=LGPL-2.1-or-later
define Package/pulseaudio-daemon/Default
SECTION:=sound
CATEGORY:=Sound
- DEPENDS:=+libsndfile +libltdl +libpthread +librt +alsa-lib \
+ DEPENDS:=+libsndfile +libltdl +alsa-lib \
+libopenssl +libcap $(ICONV_DEPENDS) $(INTL_DEPENDS)
TITLE:=Network sound server
URL:=https://www.freedesktop.org/wiki/Software/PulseAudio/
define Package/pulseaudio-daemon-avahi
$(call Package/pulseaudio-daemon/Default)
- DEPENDS+=+dbus +libavahi-client +sbc
+ DEPENDS+=+dbus +libavahi-client +sbc +bluez-daemon
TITLE+= (avahi/bluez)
VARIANT:=avahi
endef
-Dudev=disabled \
-Dx11=disabled \
-Dadrian-aec=true \
- -Dwebrtc-aec=disabled
+ -Dwebrtc-aec=disabled \
+ -Ddoxygen=false
ifeq ($(BUILD_VARIANT),avahi)
MESON_ARGS += \
-Davahi=enabled \
- -Dbluez5=true \
+ -Dbluez5=enabled \
-Ddbus=enabled
endif
ifeq ($(BUILD_VARIANT),noavahi)
MESON_ARGS += \
-Davahi=disabled \
- -Dbluez5=false \
+ -Dbluez5=disabled \
-Ddbus=disabled
endif
$(CP) $(PKG_INSTALL_DIR)/usr/lib/pulseaudio/* $(1)/usr/lib/pulseaudio/
$(INSTALL_DIR) $(1)/usr/lib/pulse-$(PKG_VERSION)/modules
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/pulse-$(PKG_VERSION)/modules/lib*.so $(1)/usr/lib/
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/pulse-$(PKG_VERSION)/modules/module*.so $(1)/usr/lib/pulse-$(PKG_VERSION)/modules/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/pulseaudio/modules/lib*.so $(1)/usr/lib/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/pulseaudio/modules/module*.so $(1)/usr/lib/pulseaudio/modules/
endef
define Package/pulseaudio-daemon-avahi/install
+++ /dev/null
---- a/meson.build
-+++ b/meson.build
-@@ -390,12 +390,11 @@ if dl_dep.found()
- endif
-
- have_iconv = false
--if cc.has_function('iconv_open')
-+iconv_dep = cc.find_library('iconv', required : false)
-+have_iconv = iconv_dep.found()
-+if not have_iconv and cc.has_function('iconv_open')
- iconv_dep = dependency('', required : false)
- have_iconv = true
--else
-- iconv_dep = cc.find_library('iconv', required : false)
-- have_iconv = iconv_dep.found()
- endif
- if have_iconv
- cdata.set('HAVE_ICONV', 1)
--- /dev/null
+--- a/meson.build
++++ b/meson.build
+@@ -681,7 +681,7 @@ if get_option('daemon')
+ cdata.set('HAVE_ALSA_UCM', 1)
+ endif
+
+- gio_dep = dependency('gio-2.0', version : '>= 2.26.0')
++ gio_dep = dependency('gio-2.0', version : '>= 2.26.0', required : false)
+ if get_option('gsettings').enabled()
+ assert(gio_dep.found(), 'GSettings support needs glib I/O library (GIO)')
+ cdata.set('HAVE_GSETTINGS', 1)
+++ /dev/null
---- a/meson.build
-+++ b/meson.build
-@@ -698,7 +698,6 @@ check_dep = dependency('check', version
-
- # Subdirs
-
--subdir('doxygen')
- subdir('po')
- if get_option('man')
- subdir('man')
PKG_FORTIFY_SOURCE:=0
PKG_BUILD_PARALLEL:=1
+include $(INCLUDE_DIR)/host-build.mk
include $(INCLUDE_DIR)/package.mk
define Package/acpica-unix
define Build/Configure
endef
+define Host/Install
+ $(INSTALL_DIR) $(STAGING_DIR_HOST)/usr/bin
+ $(INSTALL_BIN) $(HOST_BUILD_DIR)/generate/unix/bin/{acpibin,acpidump} \
+ $(STAGING_DIR_HOST)/usr/bin/
+ $(INSTALL_BIN) $(HOST_BUILD_DIR)/generate/unix/bin/{acpiexamples,acpiexec} \
+ $(STAGING_DIR_HOST)/usr/bin/
+ $(INSTALL_BIN) $(HOST_BUILD_DIR)/generate/unix/bin/{acpihelp,acpisrc} \
+ $(STAGING_DIR_HOST)/usr/bin/
+ $(INSTALL_BIN) $(HOST_BUILD_DIR)/generate/unix/bin/{acpixtract,iasl} \
+ $(STAGING_DIR_HOST)/usr/bin/
+endef
+
+define Host/Clean
+ $(RM) $(STAGING_DIR_HOST)/usr/bin/{acpibin,acpidump}
+ $(RM) $(STAGING_DIR_HOST)/usr/bin/{acpiexamples,acpiexec}
+ $(RM) $(STAGING_DIR_HOST)/usr/bin/{acpihelp,acpisrc}
+ $(RM) $(STAGING_DIR_HOST)/usr/bin/{acpixtract,iasl}
+endef
+
MAKE_VARS += HOST=_LINUX
MAKE_PATH:=generate/unix
endef
$(eval $(call BuildPackage,acpica-unix))
+$(eval $(call HostBuild))
PKG_NAME:=dmidecode
PKG_VERSION:=3.2
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@SAVANNAH/$(PKG_NAME)
define Package/dmidecode
SECTION:=utils
CATEGORY:=Utilities
- DEPENDS:=@(TARGET_x86||TARGET_x86_64)
+ DEPENDS:=@(TARGET_x86||TARGET_x86_64||TARGET_armsr_armv8)
TITLE:=Displays BIOS informations.
URL:=https://www.nongnu.org/dmidecode/
endef
PKG_NAME:=efibootmgr
PKG_VERSION:=18
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/rhboot/efibootmgr.git
SECTION:=utils
CATEGORY:=Utilities
TITLE:=Application to modify the EFI Boot Manager
- DEPENDS:=@TARGET_x86_64 +efivar +libpopt
+ DEPENDS:=@(TARGET_x86_64||TARGET_armsr_armv8) +efivar +libpopt
URL:=https://github.com/rhboot/efibootmgr
endef
--- /dev/null
+#
+# Copyright (C) 2023 Jeffery To
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=mpremote
+PKG_VERSION:=1.21.0
+PKG_RELEASE:=1
+
+PYPI_NAME:=mpremote
+PKG_HASH:=65bc94511f6ff499e901ab59462a5f0744ff7e2cf71d8c75700d14a89c54ed61
+
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=LICENSE
+PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
+
+PKG_BUILD_DEPENDS:=python-hatchling/host python-hatch-requirements-txt/host python-hatch-vcs/host
+
+include ../../lang/python/pypi.mk
+include $(INCLUDE_DIR)/package.mk
+include ../../lang/python/python3-package.mk
+
+define Package/mpremote
+ SECTION:=utils
+ CATEGORY:=Utilities
+ TITLE:=Interacting remotely with MicroPython devices
+ URL:=https://github.com/micropython/micropython
+ DEPENDS:=+python3-light +python3-urllib +python3-pyserial
+endef
+
+define Package/mpremote/description
+This CLI tool provides an integrated set of utilities to remotely
+interact with and automate a MicroPython device over a serial
+connection.
+endef
+
+$(eval $(call Py3Package,mpremote))
+$(eval $(call BuildPackage,mpremote))
+$(eval $(call BuildPackage,mpremote-src))
--- /dev/null
+--- a/requirements.txt
++++ b/requirements.txt
+@@ -1,2 +1 @@
+ pyserial >= 3.3
+-importlib_metadata >= 1.4
--- /dev/null
+#!/bin/sh
+
+[ "$1" = mpremote ] || exit 0
+
+mpremote version | grep -Fx "mpremote $PKG_VERSION"
include $(TOPDIR)/rules.mk
PKG_NAME:=nerdctl
-PKG_VERSION:=1.6.0
+PKG_VERSION:=1.6.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/containerd/nerdctl/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=a369b1c517d9c3d53d00b29633a6176a05811214a44dd25d339c32cc6a901579
+PKG_HASH:=fb7660f7e598e4c502d4f0c26cf985290fc7bdc80cce1f7402020afdf83ef988
PKG_LICENSE:=Apache-2.0
PKG_LICENSE_FILES:=LICENSE
include $(TOPDIR)/rules.mk
PKG_NAME:=procs
-PKG_VERSION:=0.14.1
+PKG_VERSION:=0.14.3
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/dalance/procs/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=bb4f9d696081807ca105593092f8acd04ca339ae43fff29e0e820c6fc5e3f9ea
+PKG_HASH:=a3012bba984faddcf8da2a72d21eb9a7e9be8d5d86a387d321987743b0080a8c
PKG_MAINTAINER:=Facundo Acevedo <facevedo@disroot.org>
PKG_LICENSE:=MIT
include $(TOPDIR)/rules.mk
PKG_NAME:=qemu
-PKG_VERSION:=8.0.2
+PKG_VERSION:=8.1.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_HASH:=f060abd435fbe6794125e2c398568ffc3cfa540042596907a8b18edca34cf6a5
+PKG_HASH:=541526a764576eb494d2ff5ec46aeb253e62ea29035d1c23c0a8af4e6cd4f087
PKG_SOURCE_URL:=http://download.qemu.org/
PKG_LICENSE:=GPL-2.0-only
PKG_LICENSE_FILES:=LICENSE tcg/LICENSE
--disable-docs \
--disable-fuse \
--disable-gcrypt \
- --with-git-submodules=ignore \
+ --disable-download \
--disable-glusterfs \
--disable-gnutls \
--disable-guest-agent-msi \
--- a/configure
+++ b/configure
-@@ -896,6 +896,8 @@ for opt do
+@@ -823,6 +823,8 @@ for opt do
;;
- --disable-vfio-user-server) vfio_user_server="disabled"
+ --gdb=*) gdb_bin="$optarg"
;;
+ --disable-fortify-source) fortify_source="no"
+ ;;
#endif /* CONFIG_LINUX */
#include "qemu/osdep.h"
-@@ -29,6 +26,13 @@
- #include <sys/vfs.h>
+@@ -57,6 +54,13 @@ QemuFsType qemu_fd_getfs(int fd)
#endif
+ }
+#ifndef MAP_SYNC
+#define MAP_SYNC 0x0
--- a/meson.build
+++ b/meson.build
-@@ -3192,10 +3192,6 @@ subdir('common-user')
+@@ -3451,10 +3451,6 @@ subdir('common-user')
subdir('bsd-user')
subdir('linux-user')
# accel modules
tcg_real_module_ss = ss.source_set()
tcg_real_module_ss.add_all(when: 'CONFIG_TCG_MODULAR', if_true: tcg_module_ss)
-@@ -3687,10 +3683,6 @@ subdir('scripts')
+@@ -3945,10 +3941,6 @@ subdir('scripts')
subdir('tools')
subdir('pc-bios')
subdir('docs')
include $(TOPDIR)/rules.mk
PKG_NAME:=restic
-PKG_VERSION:=0.15.2
+PKG_VERSION:=0.16.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/restic/restic/tar.gz/v${PKG_VERSION}?
-PKG_HASH:=52aca841486eaf4fe6422b059aa05bbf20db94b957de1d3fca019ed2af8192b7
+PKG_HASH:=88165b5b89b6064df37a9964d660f40ac62db51d6536e459db9aaea6f2b2fc11
PKG_LICENSE:=BSD-2-Clause
PKG_LICENSE_FILES:=LICENSE
PKG_NAME:=stress-ng
PKG_VERSION:=0.17.00
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/ColinIanKing/stress-ng/tar.gz/refs/tags/V$(PKG_VERSION)?
--- /dev/null
+From cd84c46ce780242879e8aaa7d698b9cd87996dbd Mon Sep 17 00:00:00 2001
+From: Colin Ian King <colin.i.king@gmail.com>
+Date: Sun, 15 Oct 2023 15:50:07 +0100
+Subject: [PATCH] core-*, stress-*: Add musl-gcc detection and
+ HAVE_COMPILER_MUSL
+
+Detect for musl-gcc and define HAVE_COMPILER_MUSL and also define
+HAVE_COMPILER_GCC_OR_MUSL for GCC or MUSL compilers. Allows one
+to differentiate between gcc tool chains with and without glibc/musl
+libc.
+
+Fixes https://github.com/ColinIanKing/stress-ng/issues/325
+
+Signed-off-by: Colin Ian King <colin.i.king@gmail.com>
+---
+ core-attribute.h | 56 ++++++++++++++++++++++----------------------
+ core-helper.c | 4 ++--
+ core-pragma.h | 18 +++++++-------
+ core-shim.c | 2 +-
+ core-target-clones.h | 2 +-
+ core-vecmath.h | 4 ++--
+ stress-atomic.c | 4 ++--
+ stress-flushcache.c | 2 +-
+ stress-lockbus.c | 4 ++--
+ stress-malloc.c | 4 ++--
+ stress-memthrash.c | 12 +++++-----
+ stress-ng.h | 32 ++++++++++++++++---------
+ stress-regs.c | 8 +++----
+ stress-rseq.c | 14 +++++------
+ stress-vnni.c | 4 ++++
+ 15 files changed, 92 insertions(+), 78 deletions(-)
+
+--- a/core-attribute.h
++++ b/core-attribute.h
+@@ -20,7 +20,7 @@
+ #define CORE_ATTRIBUTE_H
+
+ /* warn unused attribute */
+-#if (defined(HAVE_COMPILER_GCC) && NEED_GNUC(4, 2, 0)) || \
++#if (defined(HAVE_COMPILER_GCC_OR_MUSL) && NEED_GNUC(4, 2, 0)) || \
+ (defined(HAVE_COMPILER_CLANG) && NEED_CLANG(3, 0, 0))
+ #define WARN_UNUSED __attribute__((warn_unused_result))
+ #else
+@@ -36,7 +36,7 @@
+
+ #if defined(HAVE_ATTRIBUTE_FAST_MATH) && \
+ !defined(HAVE_COMPILER_ICC) && \
+- defined(HAVE_COMPILER_GCC) && \
++ defined(HAVE_COMPILER_GCC_OR_MUSL) && \
+ NEED_GNUC(10, 0, 0)
+ #define OPTIMIZE_FAST_MATH __attribute__((optimize("fast-math")))
+ #else
+@@ -44,7 +44,7 @@
+ #endif
+
+ /* no return hint */
+-#if (defined(HAVE_COMPILER_GCC) && NEED_GNUC(2, 5, 0)) || \
++#if (defined(HAVE_COMPILER_GCC_OR_MUSL) && NEED_GNUC(2, 5, 0)) || \
+ (defined(HAVE_COMPILER_CLANG) && NEED_CLANG(3, 0, 0))
+ #define NORETURN __attribute__((noreturn))
+ #else
+@@ -52,7 +52,7 @@
+ #endif
+
+ /* weak attribute */
+-#if (defined(HAVE_COMPILER_GCC) && NEED_GNUC(4, 0, 0)) || \
++#if (defined(HAVE_COMPILER_GCC_OR_MUSL) && NEED_GNUC(4, 0, 0)) || \
+ (defined(HAVE_COMPILER_CLANG) && NEED_CLANG(3, 4, 0))
+ #define WEAK __attribute__((weak))
+ #define HAVE_WEAK_ATTRIBUTE
+@@ -64,7 +64,7 @@
+ #undef ALWAYS_INLINE
+ #endif
+ /* force inlining hint */
+-#if (defined(HAVE_COMPILER_GCC) && NEED_GNUC(3, 4, 0) \
++#if (defined(HAVE_COMPILER_GCC_OR_MUSL) && NEED_GNUC(3, 4, 0) \
+ && ((!defined(__s390__) && !defined(__s390x__)) || NEED_GNUC(6, 0, 1))) || \
+ (defined(HAVE_COMPILER_CLANG) && NEED_CLANG(3, 0, 0))
+ #define ALWAYS_INLINE __attribute__((always_inline))
+@@ -73,7 +73,7 @@
+ #endif
+
+ /* force no inlining hint */
+-#if (defined(HAVE_COMPILER_GCC) && NEED_GNUC(3, 4, 0)) || \
++#if (defined(HAVE_COMPILER_GCC_OR_MUSL) && NEED_GNUC(3, 4, 0)) || \
+ (defined(HAVE_COMPILER_CLANG) && NEED_CLANG(3, 0, 0))
+ #define NOINLINE __attribute__((noinline))
+ #else
+@@ -81,9 +81,9 @@
+ #endif
+
+ /* -O3 attribute support */
+-#if defined(HAVE_COMPILER_GCC) && \
+- !defined(HAVE_COMPILER_CLANG) && \
+- !defined(HAVE_COMPILER_ICC) && \
++#if defined(HAVE_COMPILER_GCC_OR_MUSL) && \
++ !defined(HAVE_COMPILER_CLANG) && \
++ !defined(HAVE_COMPILER_ICC) && \
+ NEED_GNUC(4, 6, 0)
+ #define OPTIMIZE3 __attribute__((optimize("-O3")))
+ #else
+@@ -91,9 +91,9 @@
+ #endif
+
+ /* -O2 attribute support */
+-#if defined(HAVE_COMPILER_GCC) && \
+- !defined(HAVE_COMPILER_CLANG) && \
+- !defined(HAVE_COMPILER_ICC) && \
++#if defined(HAVE_COMPILER_GCC_OR_MUSL) && \
++ !defined(HAVE_COMPILER_CLANG) && \
++ !defined(HAVE_COMPILER_ICC) && \
+ NEED_GNUC(4, 6, 0)
+ #define OPTIMIZE2 __attribute__((optimize("-O2")))
+ #else
+@@ -101,9 +101,9 @@
+ #endif
+
+ /* -O1 attribute support */
+-#if defined(HAVE_COMPILER_GCC) && \
+- !defined(HAVE_COMPILER_CLANG) && \
+- !defined(HAVE_COMPILER_ICC) && \
++#if defined(HAVE_COMPILER_GCC_OR_MUSL) && \
++ !defined(HAVE_COMPILER_CLANG) && \
++ !defined(HAVE_COMPILER_ICC) && \
+ NEED_GNUC(4, 6, 0)
+ #define OPTIMIZE1 __attribute__((optimize("-O1")))
+ #else
+@@ -111,8 +111,8 @@
+ #endif
+
+ /* -O0 attribute support */
+-#if defined(HAVE_COMPILER_GCC) && \
+- !defined(HAVE_COMPILER_ICC) && \
++#if defined(HAVE_COMPILER_GCC_OR_MUSL) && \
++ !defined(HAVE_COMPILER_ICC) && \
+ NEED_GNUC(4, 6, 0)
+ #define OPTIMIZE0 __attribute__((optimize("-O0")))
+ #elif (defined(HAVE_COMPILER_CLANG) && NEED_CLANG(10, 0, 0))
+@@ -121,10 +121,10 @@
+ #define OPTIMIZE0
+ #endif
+
+-#if ((defined(HAVE_COMPILER_GCC) && NEED_GNUC(3, 3, 0)) || \
+- (defined(HAVE_COMPILER_CLANG) && NEED_CLANG(3, 0, 0)) || \
+- (defined(HAVE_COMPILER_ICC) && NEED_ICC(2021, 0, 0))) && \
+- !defined(HAVE_COMPILER_PCC) && \
++#if ((defined(HAVE_COMPILER_GCC_OR_MUSL) && NEED_GNUC(3, 3, 0)) || \
++ (defined(HAVE_COMPILER_CLANG) && NEED_CLANG(3, 0, 0)) || \
++ (defined(HAVE_COMPILER_ICC) && NEED_ICC(2021, 0, 0))) && \
++ !defined(HAVE_COMPILER_PCC) && \
+ !defined(__minix__)
+ #define ALIGNED(a) __attribute__((aligned(a)))
+ #else
+@@ -136,7 +136,7 @@
+ #define ALIGN64 ALIGNED(64)
+
+
+-#if (defined(HAVE_COMPILER_GCC) && NEED_GNUC(4, 6, 0)) || \
++#if (defined(HAVE_COMPILER_GCC_OR_MUSL) && NEED_GNUC(4, 6, 0)) || \
+ (defined(HAVE_COMPILER_CLANG) && NEED_CLANG(3, 0, 0))
+ #if (defined(__APPLE__) && defined(__MACH__))
+ #define SECTION(s) __attribute__((__section__(# s "," # s)))
+@@ -148,7 +148,7 @@
+ #endif
+
+ /* GCC hot attribute */
+-#if (defined(HAVE_COMPILER_GCC) && NEED_GNUC(4, 6, 0)) || \
++#if (defined(HAVE_COMPILER_GCC_OR_MUSL) && NEED_GNUC(4, 6, 0)) || \
+ (defined(HAVE_COMPILER_CLANG) && NEED_CLANG(3, 3, 0))
+ #define HOT __attribute__((hot))
+ #else
+@@ -156,10 +156,10 @@
+ #endif
+
+ /* GCC mlocked data and data section attribute */
+-#if ((defined(HAVE_COMPILER_GCC) && NEED_GNUC(4, 6, 0) || \
+- (defined(HAVE_COMPILER_CLANG) && NEED_CLANG(3, 0, 0)))) && \
+- !defined(__sun__) && \
+- !defined(__APPLE__) && \
++#if ((defined(HAVE_COMPILER_GCC_OR_MUSL) && NEED_GNUC(4, 6, 0) || \
++ (defined(HAVE_COMPILER_CLANG) && NEED_CLANG(3, 0, 0)))) && \
++ !defined(__sun__) && \
++ !defined(__APPLE__) && \
+ !defined(BUILD_STATIC)
+ #define MLOCKED_TEXT __attribute__((__section__("mlocked_text")))
+ #define MLOCKED_SECTION (1)
+@@ -168,7 +168,7 @@
+ #endif
+
+ /* print format attribute */
+-#if ((defined(HAVE_COMPILER_GCC) && NEED_GNUC(3, 2, 0)) || \
++#if ((defined(HAVE_COMPILER_GCC_OR_MUSL) && NEED_GNUC(3, 2, 0)) || \
+ (defined(HAVE_COMPILER_CLANG) && NEED_CLANG(3, 0, 0)))
+ #define FORMAT(func, a, b) __attribute__((format(func, a, b)))
+ #else
+--- a/core-helper.c
++++ b/core-helper.c
+@@ -3486,8 +3486,8 @@ void NORETURN MLOCKED_TEXT stress_sig_ha
+ * __stack_chk_fail()
+ * override stack smashing callback
+ */
+-#if defined(HAVE_COMPILER_GCC) && \
+- !defined(HAVE_COMPILER_CLANG) && \
++#if defined(HAVE_COMPILER_GCC_OR_MUSL) && \
++ !defined(HAVE_COMPILER_CLANG) && \
+ defined(HAVE_WEAK_ATTRIBUTE)
+ extern void __stack_chk_fail(void);
+
+--- a/core-pragma.h
++++ b/core-pragma.h
+@@ -22,8 +22,8 @@
+ #define STRESS_PRAGMA_(x) _Pragma (#x)
+ #define STRESS_PRAGMA(x) STRESS_PRAGMA_(x)
+
+-#if defined(HAVE_PRAGMA_NO_HARD_DFP) && \
+- defined(HAVE_COMPILER_GCC) && \
++#if defined(HAVE_PRAGMA_NO_HARD_DFP) && \
++ defined(HAVE_COMPILER_GCC_OR_MUSL) && \
+ defined(HAVE_PRAGMA)
+ #define STRESS_PRAGMA_NO_HARD_DFP _Pragma("GCC target (\"no-hard-dfp\")")
+ #endif
+@@ -34,8 +34,8 @@
+ #define STRESS_PRAGMA_PUSH _Pragma("GCC diagnostic push")
+ #define STRESS_PRAGMA_POP _Pragma("GCC diagnostic pop")
+ #define STRESS_PRAGMA_WARN_OFF _Pragma("GCC diagnostic ignored \"-Weverything\"")
+-#elif defined(HAVE_COMPILER_GCC) && \
+- defined(HAVE_PRAGMA) && \
++#elif defined(HAVE_COMPILER_GCC_OR_MUSL) && \
++ defined(HAVE_PRAGMA) && \
+ NEED_GNUC(7, 5, 0)
+ #define STRESS_PRAGMA_PUSH _Pragma("GCC diagnostic push")
+ #define STRESS_PRAGMA_POP _Pragma("GCC diagnostic pop")
+@@ -45,8 +45,8 @@
+ _Pragma("GCC diagnostic ignored \"-Wcast-qual\"") \
+ _Pragma("GCC diagnostic ignored \"-Wnonnull\"") \
+ _Pragma("GCC diagnostic ignored \"-Wstringop-overflow\"")
+-#elif defined(HAVE_COMPILER_GCC) && \
+- defined(HAVE_PRAGMA) && \
++#elif defined(HAVE_COMPILER_GCC_OR_MUSL) && \
++ defined(HAVE_PRAGMA) && \
+ NEED_GNUC(4, 6, 0)
+ #define STRESS_PRAGMA_PUSH _Pragma("GCC diagnostic push")
+ #define STRESS_PRAGMA_POP _Pragma("GCC diagnostic pop")
+@@ -65,8 +65,8 @@
+ NEED_CLANG(8, 0, 0) && \
+ defined(HAVE_PRAGMA)
+ #define STRESS_PRAGMA_WARN_CPP_OFF _Pragma("GCC diagnostic ignored \"-Wcpp\"")
+-#elif defined(HAVE_COMPILER_GCC) && \
+- defined(HAVE_PRAGMA) && \
++#elif defined(HAVE_COMPILER_GCC_OR_MUSL) && \
++ defined(HAVE_PRAGMA) && \
+ NEED_GNUC(10, 0, 0)
+ #define STRESS_PRAGMA_WARN_CPP_OFF _Pragma("GCC diagnostic ignored \"-Wcpp\"")
+ #else
+@@ -80,7 +80,7 @@
+ NEED_CLANG(9, 0, 0)
+ #define PRAGMA_UNROLL_N(n) STRESS_PRAGMA(unroll n)
+ #define PRAGMA_UNROLL STRESS_PRAGMA(unroll)
+-#elif defined(HAVE_COMPILER_GCC) && \
++#elif defined(HAVE_COMPILER_GCC_OR_MUSL) && \
+ NEED_GNUC(10, 0, 0)
+ #define PRAGMA_UNROLL_N(n) STRESS_PRAGMA(GCC unroll n)
+ #define PRAGMA_UNROLL STRESS_PRAGMA(GCC unroll 8)
+--- a/core-shim.c
++++ b/core-shim.c
+@@ -494,7 +494,7 @@ int shim_getrandom(void *buff, size_t bu
+ */
+ void shim_flush_icache(void *begin, void *end)
+ {
+-#if defined(HAVE_COMPILER_GCC) && \
++#if defined(HAVE_COMPILER_GCC_OR_MUSL) && \
+ defined(STRESS_ARCH_ARM)
+ __clear_cache(begin, end);
+ #elif defined(STRESS_ARCH_RISCV) && \
+--- a/core-target-clones.h
++++ b/core-target-clones.h
+@@ -138,7 +138,7 @@
+ #endif
+
+ #if defined(HAVE_TARGET_CLONES_GRANITERAPIDS) && \
+- defined(HAVE_COMPILER_GCC)
++ defined(HAVE_COMPILER_GCC_OR_MUSL)
+ #define TARGET_CLONE_GRANITERAPIDS "arch=graniterapids",
+ #define TARGET_CLONE_USE
+ #else
+--- a/core-vecmath.h
++++ b/core-vecmath.h
+@@ -38,8 +38,8 @@
+ * PPC64 for some reason with some flavours of the toolchain
+ * so disable this test for now
+ */
+-#if defined(STRESS_ARCH_PPC64) && \
+- defined(HAVE_COMPILER_GCC) && \
++#if defined(STRESS_ARCH_PPC64) && \
++ defined(HAVE_COMPILER_GCC_OR_MUSL) && \
+ __GNUC__ < 6
+ #undef HAVE_VECMATH
+ #endif
+--- a/stress-atomic.c
++++ b/stress-atomic.c
+@@ -71,7 +71,7 @@ typedef int (*atomic_func_t)(const stres
+
+ #if defined(HAVE_ATOMIC_FETCH_NAND)
+ #define HAVE_ATOMIC_OPS
+-#if defined(HAVE_COMPILER_GCC) && __GNUC__ != 11
++#if defined(HAVE_COMPILER_GCC_OR_MUSL) && __GNUC__ != 11
+ #define SHIM_ATOMIC_FETCH_NAND(ptr, val, memorder) \
+ do { __atomic_fetch_nand(ptr, val, memorder); } while (0)
+ #else
+@@ -121,7 +121,7 @@ typedef int (*atomic_func_t)(const stres
+
+ #if defined(HAVE_ATOMIC_NAND_FETCH)
+ #define HAVE_ATOMIC_OPS
+-#if defined(HAVE_COMPILER_GCC) && __GNUC__ != 11
++#if defined(HAVE_COMPILER_GCC_OR_MUSL) && __GNUC__ != 11
+ #define SHIM_ATOMIC_NAND_FETCH(ptr, val, memorder) \
+ do { __atomic_nand_fetch(ptr, val, memorder); } while (0)
+ #else
+--- a/stress-flushcache.c
++++ b/stress-flushcache.c
+@@ -37,7 +37,7 @@ static const stress_help_t help[] = {
+ defined(STRESS_ARCH_S390) || \
+ defined(STRESS_ARCH_PPC64)) && \
+ defined(HAVE_MPROTECT) && \
+- ((defined(HAVE_COMPILER_GCC) && NEED_GNUC(4,6,0)) || \
++ ((defined(HAVE_COMPILER_GCC_OR_MUSL) && NEED_GNUC(4,6,0)) || \
+ (defined(HAVE_COMPILER_CLANG) && NEED_CLANG(9,0,0)) || \
+ (defined(HAVE_COMPILER_ICX) && NEED_ICX(2023,2,0)) || \
+ (defined(HAVE_COMPILER_ICC) && NEED_ICC(2021,0,0)))
+--- a/stress-lockbus.c
++++ b/stress-lockbus.c
+@@ -37,14 +37,14 @@ static const stress_opt_set_func_t opt_s
+ { 0, NULL },
+ };
+
+-#if (((defined(HAVE_COMPILER_GCC) || \
++#if (((defined(HAVE_COMPILER_GCC_OR_MUSL) || \
+ defined(HAVE_COMPILER_CLANG) || \
+ defined(HAVE_COMPILER_ICC) || \
+ defined(HAVE_COMPILER_ICX) || \
+ defined(HAVE_COMPILER_TCC) || \
+ defined(HAVE_COMPILER_PCC)) && \
+ defined(STRESS_ARCH_X86)) || \
+- (defined(HAVE_COMPILER_GCC) && \
++ (defined(HAVE_COMPILER_GCC_OR_MUSL) && \
+ (defined(HAVE_ATOMIC_ADD_FETCH) || \
+ defined(HAVE_ATOMIC_FETCH_ADD)) && \
+ defined(__ATOMIC_SEQ_CST) && \
+--- a/stress-malloc.c
++++ b/stress-malloc.c
+@@ -453,8 +453,8 @@ static int stress_malloc(const stress_ar
+ malloc_max = MIN_MALLOC_MAX;
+ }
+
+-#if defined(HAVE_COMPILER_GCC) && \
+- defined(HAVE_MALLOPT) && \
++#if defined(HAVE_COMPILER_GCC_OR_MUSL) && \
++ defined(HAVE_MALLOPT) && \
+ defined(M_MMAP_THRESHOLD)
+ {
+ size_t malloc_threshold = DEFAULT_MALLOC_THRESHOLD;
+--- a/stress-memthrash.c
++++ b/stress-memthrash.c
+@@ -94,12 +94,12 @@ static sigset_t set;
+
+ static stress_memthrash_primes_t stress_memthrash_primes[MEM_SIZE_PRIMES];
+
+-#if (((defined(HAVE_COMPILER_GCC) || defined(HAVE_COMPILER_CLANG)) && \
+- defined(STRESS_ARCH_X86)) || \
+- (defined(HAVE_COMPILER_GCC) && \
+- defined(HAVE_ATOMIC_ADD_FETCH) && \
+- defined(__ATOMIC_SEQ_CST) && \
+- NEED_GNUC(4,7,0) && \
++#if (((defined(HAVE_COMPILER_GCC_OR_MUSL) || defined(HAVE_COMPILER_CLANG)) && \
++ defined(STRESS_ARCH_X86)) || \
++ (defined(HAVE_COMPILER_GCC_OR_MUSL) && \
++ defined(HAVE_ATOMIC_ADD_FETCH) && \
++ defined(__ATOMIC_SEQ_CST) && \
++ NEED_GNUC(4,7,0) && \
+ defined(STRESS_ARCH_ARM)))
+ #if defined(HAVE_ATOMIC_ADD_FETCH)
+ #define MEM_LOCK(ptr, inc) __atomic_add_fetch(ptr, inc, __ATOMIC_SEQ_CST)
+--- a/stress-ng.h
++++ b/stress-ng.h
+@@ -22,6 +22,14 @@
+
+ #include "config.h"
+
++#ifndef _GNU_SOURCE
++#define _GNU_SOURCE
++#endif
++
++#if defined(HAVE_FEATURES_H)
++#include <features.h>
++#endif
++
+ #if defined(__ICC) && \
+ defined(__INTEL_COMPILER)
+ /* Intel ICC compiler */
+@@ -41,15 +49,20 @@
+ #elif defined(__clang__)
+ /* clang */
+ #define HAVE_COMPILER_CLANG
++#elif defined(__GNUC__) && \
++ !defined(__USE_GNU)
++/* musl gcc */
++#define HAVE_COMPILER_MUSL
++#define HAVE_COMPILER_GCC_OR_MUSL
+ #elif defined(__GNUC__)
+ /* GNU C compiler */
+ #define HAVE_COMPILER_GCC
++#define HAVE_COMPILER_GCC_OR_MUSL
+ #endif
+
+-#ifndef _GNU_SOURCE
+-#define _GNU_SOURCE
+-#endif
++#ifndef _ATFILE_SOURCE
+ #define _ATFILE_SOURCE
++#endif
+ #ifndef _LARGEFILE_SOURCE
+ #define _LARGEFILE_SOURCE
+ #endif
+@@ -101,9 +114,6 @@
+ #include <string.h>
+ #include <time.h>
+ #include <unistd.h>
+-#if defined(HAVE_FEATURES_H)
+-#include <features.h>
+-#endif
+ #if defined(HAVE_LIB_PTHREAD)
+ #include <pthread.h>
+ #endif
+@@ -144,7 +154,7 @@
+ #endif
+ #if defined(HAVE_SYS_SYSINFO_H)
+ #include <sys/sysinfo.h>
+-#if defined(HAVE_COMPILER_GCC) && \
++#if defined(HAVE_COMPILER_GCC_OR_MUSL) && \
+ !defined(__GLIBC__)
+ /* Suppress kernel sysinfo to avoid collision with musl */
+ #define _LINUX_SYSINFO_H
+@@ -237,7 +247,7 @@ typedef struct stress_stressor_info {
+
+ #if defined(CHECK_UNEXPECTED) && \
+ defined(HAVE_PRAGMA) && \
+- defined(HAVE_COMPILER_GCC)
++ defined(HAVE_COMPILER_GCC_OR_MUSL)
+ #define UNEXPECTED_PRAGMA(x) _Pragma (#x)
+ #define UNEXPECTED_XSTR(x) UNEXPECTED_STR(x)
+ #define UNEXPECTED_STR(x) # x
+@@ -427,7 +437,7 @@ typedef struct stressor_info {
+ } stressor_info_t;
+
+ /* gcc 4.7 and later support vector ops */
+-#if defined(HAVE_COMPILER_GCC) && \
++#if defined(HAVE_COMPILER_GCC_OR_MUSL) && \
+ NEED_GNUC(4, 7, 0)
+ #define STRESS_VECTOR (1)
+ #endif
+@@ -508,7 +518,7 @@ extern const char stress_config[];
+ #define PAGE_MAPPED (0x01)
+ #define PAGE_MAPPED_FAIL (0x02)
+
+-#if defined(HAVE_COMPILER_GCC) || defined(HAVE_COMPILER_CLANG)
++#if defined(HAVE_COMPILER_GCC_OR_MUSL) || defined(HAVE_COMPILER_CLANG)
+ #define TYPEOF_CAST(a) (typeof(a))
+ #else
+ #define TYPEOF_CAST(a)
+@@ -839,7 +849,7 @@ extern void stress_metrics_set_const_che
+
+ #if !defined(STRESS_CORE_SHIM) && \
+ !defined(HAVE_PEDANTIC) && \
+- (defined(HAVE_COMPILER_GCC) && defined(HAVE_COMPILER_CLANG))
++ (defined(HAVE_COMPILER_GCC_OR_MUSL) && defined(HAVE_COMPILER_CLANG))
+ int unlink(const char *pathname) __attribute__((deprecated("use shim_unlink")));
+ int unlinkat(int dirfd, const char *pathname, int flags) __attribute__((deprecated("use shim_unlinkat")));
+ int rmdir(const char *pathname) __attribute__((deprecated("use shim_rmdir")));
+--- a/stress-regs.c
++++ b/stress-regs.c
+@@ -33,10 +33,10 @@ static const stress_help_t help[] = {
+ { NULL, NULL, NULL }
+ };
+
+-#if (defined(HAVE_COMPILER_GCC) && NEED_GNUC(8, 0, 0)) && \
+- !defined(HAVE_COMPILER_CLANG) && \
+- !defined(HAVE_COMPILER_ICC) && \
+- !defined(HAVE_COMPILER_PCC) && \
++#if (defined(HAVE_COMPILER_GCC_OR_MUSL) && NEED_GNUC(8, 0, 0)) && \
++ !defined(HAVE_COMPILER_CLANG) && \
++ !defined(HAVE_COMPILER_ICC) && \
++ !defined(HAVE_COMPILER_PCC) && \
+ !defined(HAVE_COMPILER_TCC)
+
+ static volatile uint32_t stash32;
+--- a/stress-rseq.c
++++ b/stress-rseq.c
+@@ -32,13 +32,13 @@ static const stress_help_t help[] = {
+ { NULL, NULL, NULL }
+ };
+
+-#if defined(HAVE_LINUX_RSEQ_H) && \
+- defined(HAVE_ASM_NOP) && \
+- defined(__NR_rseq) && \
+- defined(HAVE_SYSCALL) && \
+- defined(HAVE_COMPILER_GCC) && \
+- !defined(HAVE_COMPILER_CLANG) && \
+- !defined(HAVE_COMPILER_ICC) && \
++#if defined(HAVE_LINUX_RSEQ_H) && \
++ defined(HAVE_ASM_NOP) && \
++ defined(__NR_rseq) && \
++ defined(HAVE_SYSCALL) && \
++ defined(HAVE_COMPILER_GCC_OR_MUSL) && \
++ !defined(HAVE_COMPILER_CLANG) && \
++ !defined(HAVE_COMPILER_ICC) && \
+ !defined(HAVE_COMPILER_ICX)
+
+ #define STRESS_ACCESS_ONCE(x) (*(__volatile__ __typeof__(x) *)&(x))
+--- a/stress-vnni.c
++++ b/stress-vnni.c
+@@ -25,6 +25,10 @@
+ #include "core-pragma.h"
+ #include "core-target-clones.h"
+
++#if defined(HAVE_COMPILER_MUSL)
++#undef HAVE_IMMINTRIN_H
++#endif
++
+ #if defined(HAVE_IMMINTRIN_H)
+ #include <immintrin.h>
+ #endif
--- /dev/null
+#!/bin/sh -e
+
+stress-ng --version | grep "$2"