include $(TOPDIR)/rules.mk
PKG_NAME:=luarocks
-PKG_VERSION:=2.2.0-rc1
-PKG_RELEASE:=2
+PKG_VERSION:=2.2.2
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_PROTO:=git
include $(TOPDIR)/rules.mk
PKG_NAME:=php
-PKG_VERSION:=5.6.8
-PKG_RELEASE:=2
+PKG_VERSION:=5.6.9
+PKG_RELEASE:=1
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=http://www.php.net/distributions/
-PKG_MD5SUM:=a5a6df33aade0cb5425e4374e3832f0b
+PKG_MD5SUM:=561f37377833772ace776143c5687884
PKG_FIXUP:=libtool autoreconf
PKG_BUILD_PARALLEL:=1
-
Add support for use of the system timezone database, rather
than embedding a copy. Discussed upstream but was not desired.
History:
-r9: fix another compile error without --with-system-tzdata configured
+r11: adopted to php 5.6.9
+r10: make timezone case insensitive
+r9: fix another compile error without --with-system-tzdata configured (Michael Heimpold)
r8: fix compile error without --with-system-tzdata configured
r7: improve check for valid timezone id to exclude directories
-r6: fix fd leak in r5, fix country code/BC flag use in
+r6: fix fd leak in r5, fix country code/BC flag use in.
timezone_identifiers_list() using system db,
fix use of PECL timezonedb to override system db,
r5: reverts addition of "System/Localtime" fake tzname.
r2: add filesystem trawl to set up name alias index
r1: initial revision
---- a/ext/date/lib/parse_tz.c
-+++ b/ext/date/lib/parse_tz.c
-@@ -20,6 +20,16 @@
+diff -Naur php-5.6.9.orig/ext/date/lib/parse_tz.c php-5.6.9/ext/date/lib/parse_tz.c
+--- php-5.6.9.orig/ext/date/lib/parse_tz.c 2015-05-14 01:13:33.000000000 +0200
++++ php-5.6.9/ext/date/lib/parse_tz.c 2015-05-18 22:40:55.000000000 +0200
+@@ -18,8 +18,22 @@
+
+ /* $Id$ */
++#ifndef PATH_MAX
++#define PATH_MAX 4096
++#endif
++
#include "timelib.h"
+#ifdef HAVE_SYSTEM_TZDATA
#include <stdio.h>
#ifdef HAVE_LOCALE_H
-@@ -31,7 +41,12 @@
+@@ -31,7 +45,12 @@
#else
#include <strings.h>
#endif
#if (defined(__APPLE__) || defined(__APPLE_CC__)) && (defined(__BIG_ENDIAN__) || defined(__LITTLE_ENDIAN__))
# if defined(__LITTLE_ENDIAN__)
-@@ -51,9 +66,14 @@
-
- static void read_preamble(const unsigned char **tzf, timelib_tzinfo *tz)
+@@ -53,6 +72,11 @@
{
-- /* skip ID */
-- *tzf += 4;
--
-+ if (memcmp(tzf, "TZif", 4) == 0) {
-+ *tzf += 20;
-+ return;
-+ }
-+
-+ /* skip ID */
-+ *tzf += 4;
-+
- /* read BC flag */
- tz->bc = (**tzf == '\1');
- *tzf += 1;
-@@ -256,7 +276,397 @@ void timelib_dump_tzinfo(timelib_tzinfo
+ uint32_t version;
+
++ if (memcmp(tzf, "TZif", 4) == 0) {
++ *tzf += 20;
++ return -1;
++ }
++
+ /* read ID */
+ version = (*tzf)[3] - '0';
+ *tzf += 4;
+@@ -296,7 +320,406 @@
}
}
+#endif
+
+/* System timezone database pointer. */
-+static const timelib_tzdb *timezonedb_system = NULL;
++static const timelib_tzdb *timezonedb_system;
+
+/* Hash table entry for the cache of the zone.tab mapping table. */
+struct location_info {
+ * prevent too many collisions. */
+#define LOCINFO_HASH_SIZE (1021)
+
++/* Compute a case insensitive hash of str */
+static uint32_t tz_hash(const char *str)
+{
+ const unsigned char *p = (const unsigned char *)str;
+ uint32_t hash = 5381;
+ int c;
+
-+ while ((c = *p++) != '\0') {
++ while ((c = tolower(*p++)) != '\0') {
+ hash = (hash << 5) ^ hash ^ c;
+ }
+
+
+ if (*p == '#' || *p == '\0' || *p == '\n')
+ continue;
-+
++
+ if (!isalpha(p[0]) || !isalpha(p[1]) || p[2] != '\t')
+ continue;
-+
++
+ /* code => AA */
+ code = p;
+ p[2] = 0;
+
+ if (*p == '\n' || *p == '\t')
+ *p = '\0';
-+
++
+ hash = tz_hash(name);
+ i = malloc(sizeof *i);
+ memcpy(i->code, code, 2);
+ }
+
+ return NULL;
-+}
++}
+
+/* Filter out some non-tzdata files and the posix/right databases, if
+ * present. */
+ return NULL;
+ }
+
++ if (system_location_table) {
++ const struct location_info *li;
++ if ((li = find_zone_info(system_location_table, timezone)) != NULL) {
++ /* Use the stored name to avoid case issue */
++ timezone = li->name;
++ }
++ }
++
+ snprintf(fname, sizeof fname, ZONEINFO_PREFIX "/%s", timezone);
+
+ fd = open(fname, O_RDONLY);
{
int left = 0, right = tzdb->index_size - 1;
#ifdef HAVE_SETLOCALE
-@@ -295,36 +705,128 @@ static int seek_to_tz_position(const uns
+@@ -335,21 +758,90 @@
return 0;
}
-+static int seek_to_tz_position(const unsigned char **tzf, char *timezone,
++static int seek_to_tz_position(const unsigned char **tzf, char *timezone,
+ char **map, size_t *maplen,
+ const timelib_tzdb *tzdb)
+{
+ return 0;
+ }
+
-+ (*tzf) = (unsigned char *)orig ;
++ (*tzf) = (unsigned char *)orig;
+ *map = orig;
-+
-+ return 1;
++
++ return 1;
+ }
-+ else
++ else
+#endif
-+ {
++ {
+ return inmem_seek_to_tz_position(tzf, timezone, tzdb);
+ }
+}
+ tmp->data = NULL;
+ create_zone_index(tmp);
+ system_location_table = create_location_table();
-+ fake_data_segment(tmp, system_location_table);
++ fake_data_segment(tmp, system_location_table);
+ timezonedb_system = tmp;
+ }
+
- return (seek_to_tz_position(&tzf, timezone, tzdb));
+
+#ifdef HAVE_SYSTEM_TZDATA
-+ if (tzdb == timezonedb_system) {
-+ char fname[PATH_MAX];
-+ struct stat st;
-+
-+ if (timezone[0] == '\0' || strstr(timezone, "..") != NULL) {
-+ return 0;
-+ }
-+
-+ snprintf(fname, sizeof fname, ZONEINFO_PREFIX "/%s", timezone);
-+
-+ return stat(fname, &st) == 0 && is_valid_tzfile(&st);
-+ }
++ if (tzdb == timezonedb_system) {
++ char fname[PATH_MAX];
++ struct stat st;
++
++ if (timezone[0] == '\0' || strstr(timezone, "..") != NULL) {
++ return 0;
++ }
++
++ if (system_location_table) {
++ if (find_zone_info(system_location_table, timezone) != NULL) {
++ /* found in cache */
++ return 1;
++ }
++ }
++
++ snprintf(fname, sizeof fname, ZONEINFO_PREFIX "/%s", timezone);
++
++ return stat(fname, &st) == 0 && is_valid_tzfile(&st);
++ }
+#endif
+
+ return (inmem_seek_to_tz_position(&tzf, timezone, tzdb));
}
+ static void skip_64bit_preamble(const unsigned char **tzf, timelib_tzinfo *tz)
+@@ -374,10 +866,12 @@
timelib_tzinfo *timelib_parse_tzfile(char *timezone, const timelib_tzdb *tzdb)
{
const unsigned char *tzf;
+ char *memmap = NULL;
+ size_t maplen;
timelib_tzinfo *tmp;
+ int version;
- if (seek_to_tz_position(&tzf, timezone, tzdb)) {
+ if (seek_to_tz_position(&tzf, timezone, &memmap, &maplen, tzdb)) {
tmp = timelib_tzinfo_ctor(timezone);
- read_preamble(&tzf, tmp);
- read_header(&tzf, tmp);
- read_transistions(&tzf, tmp);
- read_types(&tzf, tmp);
+ version = read_preamble(&tzf, tmp);
+@@ -391,7 +885,34 @@
+ skip_64bit_types(&tzf, tmp);
+ skip_posix_string(&tzf, tmp);
+ }
- read_location(&tzf, tmp);
+
+#ifdef HAVE_SYSTEM_TZDATA
+
+ if ((li = find_zone_info(system_location_table, timezone)) != NULL) {
+ tmp->location.comments = strdup(li->comment);
-+ strncpy(tmp->location.country_code, li->code, 2);
++ strncpy(tmp->location.country_code, li->code, 2);
+ tmp->location.longitude = li->longitude;
+ tmp->location.latitude = li->latitude;
+ tmp->bc = 1;
-+ }
-+ else {
++ } else {
+ strcpy(tmp->location.country_code, "??");
+ tmp->bc = 0;
+ tmp->location.comments = strdup("");
} else {
tmp = NULL;
}
---- a/ext/date/lib/timelib.m4
-+++ b/ext/date/lib/timelib.m4
-@@ -78,3 +78,17 @@ stdlib.h
+diff -Naur php-5.6.9.orig/ext/date/lib/timelib.m4 php-5.6.9/ext/date/lib/timelib.m4
+--- php-5.6.9.orig/ext/date/lib/timelib.m4 2015-05-14 01:13:33.000000000 +0200
++++ php-5.6.9/ext/date/lib/timelib.m4 2015-05-18 22:31:36.000000000 +0200
+@@ -78,3 +78,17 @@
dnl Check for strtoll, atoll
AC_CHECK_FUNCS(strtoll atoll strftime)
-diff -u --recursive php-5.6.6-vanilla/configure.in php-5.6.6/configure.in
---- php-5.6.6-vanilla/configure.in 2015-02-26 22:10:51.865487530 -0500
-+++ php-5.6.6/configure.in 2015-02-26 22:29:59.043102135 -0500
-@@ -453,7 +453,10 @@
+--- a/configure.in
++++ b/configure.in
+@@ -453,7 +453,10 @@ PHP_CHECK_FUNC(gethostname, nsl)
PHP_CHECK_FUNC(gethostbyaddr, nsl)
PHP_CHECK_FUNC(yp_get_default_domain, nsl)
if test "$ac_cv_func_dlopen" = "yes"; then
AC_DEFINE(HAVE_LIBDL, 1, [ ])
fi
-diff -u --recursive php-5.6.6-vanilla/ext/fileinfo/config.m4 php-5.6.6/ext/fileinfo/config.m4
---- php-5.6.6-vanilla/ext/fileinfo/config.m4 2015-02-26 22:10:51.639487135 -0500
-+++ php-5.6.6/ext/fileinfo/config.m4 2015-02-26 22:22:47.645609128 -0500
-@@ -46,6 +46,10 @@
+--- a/ext/fileinfo/config.m4
++++ b/ext/fileinfo/config.m4
+@@ -46,6 +46,10 @@ int main(void)
AC_MSG_RESULT(no)
AC_MSG_NOTICE(using libmagic strcasestr implementation)
libmagic_sources="$libmagic_sources libmagic/strcasestr.c"
])
PHP_NEW_EXTENSION(fileinfo, fileinfo.c $libmagic_sources, $ext_shared,,-I@ext_srcdir@/libmagic)
-diff -u --recursive php-5.6.6-vanilla/ext/opcache/config.m4 php-5.6.6/ext/opcache/config.m4
---- php-5.6.6-vanilla/ext/opcache/config.m4 2015-02-26 22:10:51.790487399 -0500
-+++ php-5.6.6/ext/opcache/config.m4 2015-02-26 22:34:19.240414394 -0500
-@@ -341,7 +341,14 @@
+--- a/ext/opcache/config.m4
++++ b/ext/opcache/config.m4
+@@ -227,7 +227,14 @@ AC_TRY_RUN([
flock_type=linux
AC_DEFINE([HAVE_FLOCK_LINUX], [], [Struct flock is Linux-type])
AC_MSG_RESULT("yes")
AC_MSG_CHECKING("whether flock struct is BSD ordered")
AC_TRY_RUN([
-@@ -357,7 +364,12 @@
+@@ -243,7 +250,12 @@ AC_TRY_RUN([
flock_type=bsd
AC_DEFINE([HAVE_FLOCK_BSD], [], [Struct flock is BSD-type])
AC_MSG_RESULT("yes")
PKG_VERSION:=2.0.4
PKG_RELEASE:=1
-PKG_SOURCE_URL:=https://www.snort.org/downloads/snort/
+PKG_SOURCE_URL:=https://www.snort.org/downloads/snort/ \
+ @SF/snort
PKG_SOURCE:=daq-$(PKG_VERSION).tar.gz
PKG_MD5SUM:=65e51d72e9d5d8b397e192e4e5857eff
PKG_BUILD_DIR:=$(BUILD_DIR)/daq-$(PKG_VERSION)
--- /dev/null
+#
+# Copyright (C) 2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+# Although liblz4 exports a major.minor.patch version, it isn't always
+# incremented for new releases, so use the release tag instead.
+PKG_NAME:=liblz4
+PKG_VERSION:=r129
+PKG_RELEASE:=1
+
+PKG_LICENSE:=BSD-2-Clause
+PKG_MAINTAINER:=Darik Horn <dajhorn@vanadac.com>
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE_URL:=https://github.com/Cyan4973/lz4.git
+PKG_SOURCE_VERSION:=$(PKG_VERSION)
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/liblz4
+ SECTION:=libs
+ CATEGORY:=Libraries
+ TITLE:=Extremely fast compression
+ URL:=http://www.lz4.org/
+endef
+
+define Package/liblz4/description
+ LZ4 is a compression codec that features a very fast encoder and an
+ even faster decoder. This package provides the liblz4 shared library.
+endef
+
+TARGET_CFLAGS += $(FPIC)
+
+define Build/Compile
+ $(MAKE) -C "$(PKG_BUILD_DIR)/lib" $(MAKE_INSTALL_FLAGS) \
+ CC="$(TARGET_CC)" \
+ CFLAGS="$(TARGET_CFLAGS)" \
+ PREFIX="$(CONFIGURE_PREFIX)" \
+ install
+endef
+
+define Build/InstallDev
+ $(CP) $(PKG_INSTALL_DIR)/* $(1)/
+endef
+
+define Package/liblz4/install
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/liblz4.so* $(1)/usr/lib/
+endef
+
+$(eval $(call BuildPackage,liblz4))
#
-# Copyright (C) 2007 OpenWrt.org
+# Copyright (C) 2007-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(TOPDIR)/rules.mk
PKG_NAME:=protobuf
-PKG_VERSION:=2.5.0
+PKG_VERSION:=2.6.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_SOURCE_URL:=http://protobuf.googlecode.com/files
-PKG_MD5SUM:=a72001a9067a4c2c4e0e836d0f92ece4
+PKG_SOURCE_URL:=https://github.com/google/protobuf/releases/download/v$(PKG_VERSION)
+PKG_MD5SUM:=11aaac2d704eef8efd1867a807865d85
+
+PKG_LICENSE:=BSD-3-Clause
+PKG_LICENSE_FILES:=LICENSE
PKG_BUILD_DEPENDS:=protobuf/host
-PKG_USE_MIPS16:=0
+PKG_USE_MIPS16:=0# MIPS16 prevents protobuf's usage of the 'sync' asm-opcode
PKG_INSTALL:=1
of its internal RPC protocols and file formats.
endef
-define Host/Compile
- $(MAKE) -C $(HOST_BUILD_DIR)
-endef
-
-define Host/Install
- $(MAKE) -C $(HOST_BUILD_DIR) install
-endef
-
-CONFIGURE_ARGS += --with-protoc=$(HOST_BUILD_DIR)/src/protoc
+CONFIGURE_ARGS += --with-protoc=$(STAGING_DIR_HOST)/bin/protoc
define Build/InstallDev
$(INSTALL_DIR) \
---- a/src/google/protobuf/stubs/platform_macros.h
-+++ b/src/google/protobuf/stubs/platform_macros.h
-@@ -49,7 +49,7 @@
- #elif defined(__ARMEL__)
- #define GOOGLE_PROTOBUF_ARCH_ARM 1
- #define GOOGLE_PROTOBUF_ARCH_32_BIT 1
+--- - 2015-05-19 16:27:29.770936016 +0200
++++ protobuf-2.6.1/src/google/protobuf/stubs/platform_macros.h 2015-05-19 13:49:52.115444643 +0200
+@@ -55,7 +55,7 @@
+ #elif defined(__aarch64__)
+ #define GOOGLE_PROTOBUF_ARCH_AARCH64 1
+ #define GOOGLE_PROTOBUF_ARCH_64_BIT 1
-#elif defined(__MIPSEL__)
+#elif defined(__MIPSEL__) || defined(__MIPSEB__)
- #define GOOGLE_PROTOBUF_ARCH_MIPS 1
- #define GOOGLE_PROTOBUF_ARCH_32_BIT 1
- #elif defined(__pnacl__)
+ #if defined(__LP64__)
+ #define GOOGLE_PROTOBUF_ARCH_MIPS64 1
+ #define GOOGLE_PROTOBUF_ARCH_64_BIT 1
--- /dev/null
+--- - 2015-05-19 16:29:09.614344473 +0200
++++ protobuf-2.6.1/src/google/protobuf/stubs/atomicops_internals_mips_gcc.h 2015-05-19 13:49:52.127442746 +0200
+@@ -150,7 +150,7 @@
+ }
+
+ inline void MemoryBarrier() {
+- __asm__ __volatile__("sync" : : : "memory");
++ __asm__ __volatile__(".set mips2; sync; .set mips0" : : : "memory");
+ }
+
+ inline void Acquire_Store(volatile Atomic32* ptr, Atomic32 value) {
--- /dev/null
+#
+# Copyright (C) 2006-2012 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=qrencode
+PKG_VERSION:=3.4.4
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=http://fukuchi.org/works/qrencode/
+PKG_MD5SUM:=be545f3ce36ea8fbb58612d72c4222de
+PKG_MAINTAINER:=Jonathan Bennett <JBennett@incomsystems.biz>
+PKG_LICENSE:=LGPL-2.1+
+PKG_INSTALL:=1
+PKG:FIXUP:=autoreconf
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/libqrencode
+ SECTION:=libs
+ CATEGORY:=Libraries
+ TITLE:=Library for encoding data in a QR Code symbol
+ URL:=http://fukuchi.org/works/qrencode/
+endef
+
+define Package/libqrencode/description
+Libqrencode is a C library for encoding data in a QR Code symbol,
+a kind of 2D symbology that can be scanned by handy terminals such
+as a mobile phone with CCD. The capacity of QR Code is up to 7000
+digits or 4000 characters, and is highly robust.
+endef
+
+define Package/qrencode
+ SECTION:=utils
+ CATEGORY:=Utilities
+ TITLE:=qrencode binary for producing qr codes
+ URL:=http://fukuchi.org/works/qrencode/
+ DEPENDS:=+libqrencode
+endef
+
+define Package/qrencode/description
+Qrencode is a C program for encoding data in a QR Code symbol,
+a kind of 2D symbology that can be scanned by handy terminals such
+as a mobile phone with CCD. The capacity of QR Code is up to 7000
+digits or 4000 characters, and is highly robust.
+endef
+
+
+CONFIGURE_ARGS+= \
+ --enable-shared \
+ --enable-static \
+ --disable-rpath \
+ --disable-sdltest \
+ --without-tests
+
+TARGET_LDFLAGS+= -s
+
+define Build/Compile
+ $(MAKE) -C $(PKG_BUILD_DIR) \
+ $(TARGET_CONFIGURE_OPTS) \
+ CFLAGS="$(TARGET_CFLAGS)" \
+ LDFLAGS="$(TARGET_LDFLAGS)" \
+ DESTDIR="$(PKG_INSTALL_DIR)" \
+ all install
+endef
+
+define Build/InstallDev
+ $(INSTALL_DIR) $(1)/usr/include $(1)/usr/lib $(1)/usr/lib/pkgconfig
+ $(CP) $(PKG_INSTALL_DIR)/usr/include/qrencode.h $(1)/usr/include/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libqrencode.{a,so*} $(1)/usr/lib/
+ $(CP) $(PKG_BUILD_DIR)/libqrencode.pc $(1)/usr/lib/pkgconfig/
+endef
+
+define Package/libqrencode/install
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libqrencode.so* $(1)/usr/lib/
+endef
+
+define Package/qrencode/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/qrencode $(1)/usr/bin/
+endef
+
+$(eval $(call BuildPackage,libqrencode))
+$(eval $(call BuildPackage,qrencode))
--- /dev/null
+--- a/configure.ac
++++ b/configure.ac
+@@ -58,9 +58,6 @@
+ [build_tools=$withval], [build_tools=yes])
+
+ AM_CONDITIONAL(BUILD_TOOLS, [test "x$build_tools" = "xyes" ])
+-if test x$build_tools = xyes ; then
+- PKG_CHECK_MODULES(png, "libpng")
+-fi
+
+ dnl --with-tests
+ AC_ARG_WITH([tests], [AS_HELP_STRING([--with-tests], [build tests [default=no]])],
+--- a/qrenc.c
++++ b/qrenc.c
+@@ -25,7 +25,6 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
+-#include <png.h>
+ #include <getopt.h>
+
+ #include "qrencode.h"
+@@ -49,7 +48,6 @@
+ static int verbose = 0;
+
+ enum imageType {
+- PNG_TYPE,
+ EPS_TYPE,
+ SVG_TYPE,
+ ANSI_TYPE,
+@@ -60,7 +58,7 @@
+ ANSIUTF8_TYPE
+ };
+
+-static enum imageType image_type = PNG_TYPE;
++static enum imageType image_type = SVG_TYPE;
+
+ static const struct option options[] = {
+ {"help" , no_argument , NULL, 'h'},
+@@ -96,13 +94,13 @@
+ if(longopt) {
+ fprintf(stderr,
+ "Usage: qrencode [OPTION]... [STRING]\n"
+-"Encode input data in a QR Code and save as a PNG or EPS image.\n\n"
++"Encode input data in a QR Code and save as a SVG or EPS image.\n\n"
+ " -h, --help display the help message. -h displays only the help of short\n"
+ " options.\n\n"
+ " -o FILENAME, --output=FILENAME\n"
+ " write image to FILENAME. If '-' is specified, the result\n"
+ " will be output to standard output. If -S is given, structured\n"
+-" symbols are written to FILENAME-01.png, FILENAME-02.png, ...\n"
++" symbols are written to FILENAME-01.svg, FILENAME-02.svg, ...\n"
+ " (suffix is removed from FILENAME, if specified)\n"
+ " -s NUMBER, --size=NUMBER\n"
+ " specify module size in dots (pixels). (default=3)\n\n"
+@@ -116,9 +114,9 @@
+ " specify the width of the margins. (default=4 (2 for Micro QR)))\n\n"
+ " -d NUMBER, --dpi=NUMBER\n"
+ " specify the DPI of the generated PNG. (default=72)\n\n"
+-" -t {PNG,EPS,SVG,ANSI,ANSI256,ASCII,ASCIIi,UTF8,ANSIUTF8}, --type={PNG,EPS,\n"
++" -t {EPS,SVG,ANSI,ANSI256,ASCII,ASCIIi,UTF8,ANSIUTF8}, --type={EPS,\n"
+ " SVG,ANSI,ANSI256,ASCII,ASCIIi,UTF8,ANSIUTF8}\n"
+-" specify the type of the generated image. (default=PNG)\n\n"
++" specify the type of the generated image. (default=SVG)\n\n"
+ " -S, --structured\n"
+ " make structured symbols. Version must be specified.\n\n"
+ " -k, --kanji assume that the input text contains kanji (shift-jis).\n\n"
+@@ -133,7 +131,7 @@
+ " --background=RRGGBB[AA]\n"
+ " specify foreground/background color in hexadecimal notation.\n"
+ " 6-digit (RGB) or 8-digit (RGBA) form are supported.\n"
+-" Color output support available only in PNG and SVG.\n"
++" Color output support available only in SVG.\n"
+ " -V, --version\n"
+ " display the version number and copyrights of the qrencode.\n\n"
+ " --verbose\n"
+@@ -153,12 +151,12 @@
+ } else {
+ fprintf(stderr,
+ "Usage: qrencode [OPTION]... [STRING]\n"
+-"Encode input data in a QR Code and save as a PNG or EPS image.\n\n"
++"Encode input data in a QR Code and save as a SVG or EPS image.\n\n"
+ " -h display this message.\n"
+ " --help display the usage of long options.\n"
+ " -o FILENAME write image to FILENAME. If '-' is specified, the result\n"
+ " will be output to standard output. If -S is given, structured\n"
+-" symbols are written to FILENAME-01.png, FILENAME-02.png, ...\n"
++" symbols are written to FILENAME-01.svg, FILENAME-02.svg, ...\n"
+ " (suffix is removed from FILENAME, if specified)\n"
+ " -s NUMBER specify module size in dots (pixels). (default=3)\n"
+ " -l {LMQH} specify error correction level from L (lowest) to H (highest).\n"
+@@ -166,8 +164,8 @@
+ " -v NUMBER specify the version of the symbol. (default=auto)\n"
+ " -m NUMBER specify the width of the margins. (default=4 (2 for Micro))\n"
+ " -d NUMBER specify the DPI of the generated PNG. (default=72)\n"
+-" -t {PNG,EPS,SVG,ANSI,ANSI256,ASCII,ASCIIi,UTF8,ANSIUTF8}\n"
+-" specify the type of the generated image. (default=PNG)\n"
++" -t {EPS,SVG,ANSI,ANSI256,ASCII,ASCIIi,UTF8,ANSIUTF8}\n"
++" specify the type of the generated image. (default=SVG)\n"
+ " -S make structured symbols. Version must be specified.\n"
+ " -k assume that the input text contains kanji (shift-jis).\n"
+ " -c encode lower-case alphabet characters in 8-bit mode. (default)\n"
+@@ -178,7 +176,7 @@
+ " --background=RRGGBB[AA]\n"
+ " specify foreground/background color in hexadecimal notation.\n"
+ " 6-digit (RGB) or 8-digit (RGBA) form are supported.\n"
+-" Color output support available only in PNG and SVG.\n"
++" Color output support available only in SVG.\n"
+ " -V display the version number and copyrights of the qrencode.\n"
+ " [STRING] input data. If it is not specified, data will be taken from\n"
+ " standard input.\n"
+@@ -253,128 +251,6 @@
+ return fp;
+ }
+
+-static int writePNG(QRcode *qrcode, const char *outfile)
+-{
+- static FILE *fp; // avoid clobbering by setjmp.
+- png_structp png_ptr;
+- png_infop info_ptr;
+- png_colorp palette;
+- png_byte alpha_values[2];
+- unsigned char *row, *p, *q;
+- int x, y, xx, yy, bit;
+- int realwidth;
+-
+- realwidth = (qrcode->width + margin * 2) * size;
+- row = (unsigned char *)malloc((realwidth + 7) / 8);
+- if(row == NULL) {
+- fprintf(stderr, "Failed to allocate memory.\n");
+- exit(EXIT_FAILURE);
+- }
+-
+- if(outfile[0] == '-' && outfile[1] == '\0') {
+- fp = stdout;
+- } else {
+- fp = fopen(outfile, "wb");
+- if(fp == NULL) {
+- fprintf(stderr, "Failed to create file: %s\n", outfile);
+- perror(NULL);
+- exit(EXIT_FAILURE);
+- }
+- }
+-
+- png_ptr = png_create_write_struct(PNG_LIBPNG_VER_STRING, NULL, NULL, NULL);
+- if(png_ptr == NULL) {
+- fprintf(stderr, "Failed to initialize PNG writer.\n");
+- exit(EXIT_FAILURE);
+- }
+-
+- info_ptr = png_create_info_struct(png_ptr);
+- if(info_ptr == NULL) {
+- fprintf(stderr, "Failed to initialize PNG write.\n");
+- exit(EXIT_FAILURE);
+- }
+-
+- if(setjmp(png_jmpbuf(png_ptr))) {
+- png_destroy_write_struct(&png_ptr, &info_ptr);
+- fprintf(stderr, "Failed to write PNG image.\n");
+- exit(EXIT_FAILURE);
+- }
+-
+- palette = (png_colorp) malloc(sizeof(png_color) * 2);
+- if(palette == NULL) {
+- fprintf(stderr, "Failed to allocate memory.\n");
+- exit(EXIT_FAILURE);
+- }
+- palette[0].red = fg_color[0];
+- palette[0].green = fg_color[1];
+- palette[0].blue = fg_color[2];
+- palette[1].red = bg_color[0];
+- palette[1].green = bg_color[1];
+- palette[1].blue = bg_color[2];
+- alpha_values[0] = fg_color[3];
+- alpha_values[1] = bg_color[3];
+- png_set_PLTE(png_ptr, info_ptr, palette, 2);
+- png_set_tRNS(png_ptr, info_ptr, alpha_values, 2, NULL);
+-
+- png_init_io(png_ptr, fp);
+- png_set_IHDR(png_ptr, info_ptr,
+- realwidth, realwidth,
+- 1,
+- PNG_COLOR_TYPE_PALETTE,
+- PNG_INTERLACE_NONE,
+- PNG_COMPRESSION_TYPE_DEFAULT,
+- PNG_FILTER_TYPE_DEFAULT);
+- png_set_pHYs(png_ptr, info_ptr,
+- dpi * INCHES_PER_METER,
+- dpi * INCHES_PER_METER,
+- PNG_RESOLUTION_METER);
+- png_write_info(png_ptr, info_ptr);
+-
+- /* top margin */
+- memset(row, 0xff, (realwidth + 7) / 8);
+- for(y=0; y<margin * size; y++) {
+- png_write_row(png_ptr, row);
+- }
+-
+- /* data */
+- p = qrcode->data;
+- for(y=0; y<qrcode->width; y++) {
+- bit = 7;
+- memset(row, 0xff, (realwidth + 7) / 8);
+- q = row;
+- q += margin * size / 8;
+- bit = 7 - (margin * size % 8);
+- for(x=0; x<qrcode->width; x++) {
+- for(xx=0; xx<size; xx++) {
+- *q ^= (*p & 1) << bit;
+- bit--;
+- if(bit < 0) {
+- q++;
+- bit = 7;
+- }
+- }
+- p++;
+- }
+- for(yy=0; yy<size; yy++) {
+- png_write_row(png_ptr, row);
+- }
+- }
+- /* bottom margin */
+- memset(row, 0xff, (realwidth + 7) / 8);
+- for(y=0; y<margin * size; y++) {
+- png_write_row(png_ptr, row);
+- }
+-
+- png_write_end(png_ptr, info_ptr);
+- png_destroy_write_struct(&png_ptr, &info_ptr);
+-
+- fclose(fp);
+- free(row);
+- free(palette);
+-
+- return 0;
+-}
+-
+ static int writeEPS(QRcode *qrcode, const char *outfile)
+ {
+ FILE *fp;
+@@ -831,9 +707,6 @@
+ }
+
+ switch(image_type) {
+- case PNG_TYPE:
+- writePNG(qrcode, outfile);
+- break;
+ case EPS_TYPE:
+ writeEPS(qrcode, outfile);
+ break;
+@@ -887,9 +760,6 @@
+ size_t suffix_size;
+
+ switch(image_type) {
+- case PNG_TYPE:
+- type_suffix = ".png";
+- break;
+ case EPS_TYPE:
+ type_suffix = ".eps";
+ break;
+@@ -948,9 +818,6 @@
+ }
+
+ switch(image_type) {
+- case PNG_TYPE:
+- writePNG(p->code, filename);
+- break;
+ case EPS_TYPE:
+ writeEPS(p->code, filename);
+ break;
+@@ -1062,9 +929,7 @@
+ }
+ break;
+ case 't':
+- if(strcasecmp(optarg, "png") == 0) {
+- image_type = PNG_TYPE;
+- } else if(strcasecmp(optarg, "eps") == 0) {
++ if(strcasecmp(optarg, "eps") == 0) {
+ image_type = EPS_TYPE;
+ } else if(strcasecmp(optarg, "svg") == 0) {
+ image_type = SVG_TYPE;
+@@ -1133,11 +998,6 @@
+ exit(EXIT_SUCCESS);
+ }
+
+- if(outfile == NULL && image_type == PNG_TYPE) {
+- fprintf(stderr, "No output filename is given.\n");
+- exit(EXIT_FAILURE);
+- }
+-
+ if(optind < argc) {
+ intext = (unsigned char *)argv[optind];
+ length = strlen((char *)intext);
select FFMPEG_CUSTOM_DECODER_ape
select FFMPEG_CUSTOM_DECODER_atrac3
select FFMPEG_CUSTOM_DECODER_flac
- select FFMPEG_CUSTOM_SELECT_libopus
select FFMPEG_CUSTOM_DECODER_mp2
select FFMPEG_CUSTOM_DECODER_mp3
select FFMPEG_CUSTOM_DECODER_mpc7
select FFMPEG_CUSTOM_DECODER_mpc8
+ select FFMPEG_CUSTOM_DECODER_opus
select FFMPEG_CUSTOM_DECODER_pcm_s16be
select FFMPEG_CUSTOM_DECODER_pcm_s16le
select FFMPEG_CUSTOM_SELECT_speex
select FFMPEG_CUSTOM_DEMUXER_wv
select FFMPEG_CUSTOM_PARSER_aac
select FFMPEG_CUSTOM_PARSER_aac_latm
- select FFMPEG_CUSTOM_PARSER_flac
select FFMPEG_CUSTOM_PARSER_ac3
+ select FFMPEG_CUSTOM_PARSER_flac
select FFMPEG_CUSTOM_PARSER_mpegaudio
+ select FFMPEG_CUSTOM_PARSER_opus
select FFMPEG_CUSTOM_PROTOCOL_file
select FFMPEG_CUSTOM_PROTOCOL_http
select FFMPEG_CUSTOM_PROTOCOL_rtp
bool "Musepack 8"
select FFMPEG_CUSTOM_DEMUXER_mpc8
+config FFMPEG_CUSTOM_DECODER_opus
+ bool "Opus"
+
config FFMPEG_CUSTOM_DECODER_pcm_s16be
bool "PCM signed 16-bit big-endian"
config FFMPEG_CUSTOM_PARSER_mpeg4video
bool "MPEG-4 Video"
+config FFMPEG_CUSTOM_PARSER_opus
+ bool "Opus"
+
comment "Protocols ---"
config FFMPEG_CUSTOM_PROTOCOL_file
include $(TOPDIR)/rules.mk
PKG_NAME:=ffmpeg
-PKG_VERSION:=2.6.2
-PKG_RELEASE:=1
+PKG_VERSION:=2.6.3
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=http://ffmpeg.org/releases/
-PKG_MD5SUM:=e75d598921285d6775f20164a91936ac
+PKG_MD5SUM:=e2cc3c209f91393d35ab58598e41cf22
PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
PKG_LICENSE:=LGPL-2.1+ GPL-2+ LGPL-3
wmav1 \
wmav2 \
-FFMPEG_MINI_DEMUXERS := \
+FFMPEG_MINI_DEMUXERS:= \
aac \
ac3 \
avi \
mpeg4video \
mpegaudio \
-FFMPEG_MINI_PROTOCOLS := \
+FFMPEG_MINI_PROTOCOLS:= \
file \
FFMPEG_AUDIO_DECODERS:= \
mp3* \
mpc7 \
mpc8 \
+ opus \
pcm_* \
vorbis \
wavpack \
FFMPEG_AUDIO_PARSERS:= \
aac \
aac_latm \
- flac \
ac3 \
+ flac \
mpegaudio \
+ opus \
FFMPEG_AUDIO_PROTOCOLS:= \
file http icecast rtp tcp udp
define Package/libffmpeg-audio-dec
$(call Package/libffmpeg/Default)
TITLE+= (audio)
- DEPENDS+= @DEVEL +libopus +libspeex
+ DEPENDS+= @BUILD_PATENTED +libspeex
VARIANT:=audio-dec
endef
$(call FFMPEG_ENABLE,demuxer,$(FFMPEG_AUDIO_DEMUXERS)) \
$(call FFMPEG_ENABLE,parser,$(FFMPEG_AUDIO_PARSERS)) \
$(call FFMPEG_ENABLE,protocol,$(FFMPEG_AUDIO_PROTOCOLS)) \
- --enable-libopus --enable-decoder=libopus \
--enable-libspeex --enable-decoder=libspeex \
--disable-decoder=pcm_bluray,pcm_dvd \
--- /dev/null
+#
+# Copyright (C) 2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=clamav
+PKG_VERSION:=0.98.6
+PKG_RELEASE:=1
+
+PKG_LICENSE:=GPL-2.0
+PKG_MAINTAINER:=Marko Ratkaj <marko.ratkaj@sartura.hr>
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=http://downloads.sourceforge.net/project/clamav/clamav/$(PKG_VERSION)/
+PKG_MD5SUM:=7f4f7e82a09e42c4ebf153d6d452d9d8
+
+PKG_BUILD_PARALLEL:=1
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/uclibc++.mk
+include $(INCLUDE_DIR)/package.mk
+
+define Package/clamav/Default
+ SECTION:=net
+ DEPENDS:=+libpthread +uclibcxx +zlib +libcurl +libopenssl
+ CATEGORY:=Network
+ SUBMENU:=Web Servers/Proxies
+ TITLE:=ClamAV
+ URL:=http://www.clamav.net/
+endef
+
+define Package/clamav
+ $(call Package/clamav/Default)
+endef
+
+define Package/freshclam
+ $(call Package/clamav/Default)
+ DEPENDS+= +clamav
+ TITLE+=database updater
+endef
+
+define Package/clamav/description
+ ClamAV is an open source antivirus engine for detecting trojans,
+ viruses, malware & other malicious threats.
+endef
+
+define Package/freshclam/description
+ Database updater for ClamAV
+endef
+
+define Package/clamav/conffiles
+endef
+
+CONFIGURE_VARS += \
+ INCLUDES="" \
+ CXXFLAGS="$$$$CXXFLAGS -fno-rtti" \
+ LIBS="-lpthread" \
+
+define Build/Configure
+ $(call Build/Configure/Default, \
+ --sysconfdir=/etc/clamav/ \
+ --prefix=/usr/ \
+ --exec-prefix=/usr/ \
+ --disable-xml \
+ --disable-bzip2 \
+ --enable-ltdl-install \
+ --with-user nobody \
+ --with-group nogroup \
+ )
+endef
+
+define Build/Compile
+ $(MAKE) -C $(PKG_BUILD_DIR) \
+ DESTDIR="$(PKG_INSTALL_DIR)" \
+ all install
+endef
+
+define Package/clamav/install
+ $(INSTALL_DIR) $(1)/usr/sbin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/clamd $(1)/usr/sbin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clamav-config $(1)/usr/sbin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clambc $(1)/usr/sbin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clamconf $(1)/usr/sbin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clamdscan $(1)/usr/sbin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clamscan $(1)/usr/sbin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/sigtool $(1)/usr/sbin/
+
+ $(INSTALL_DIR) $(1)/usr/include
+ $(CP) $(PKG_INSTALL_DIR)/usr/include/clamav.h $(1)/usr/include/
+
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib*/* $(1)/usr/lib/
+
+ $(INSTALL_DIR) $(1)/etc/config
+ $(INSTALL_CONF) ./files/clamav.config $(1)/etc/config/clamav
+
+ $(INSTALL_DIR) $(1)/etc/init.d/
+ $(INSTALL_BIN) ./files/clamav.init $(1)/etc/init.d/clamav
+
+ $(INSTALL_DIR) $(1)/usr/share/clamav
+ $(CP) ./files/bytecode.cvd $(1)/usr/share/clamav/
+endef
+
+define Package/freshclam/install
+ $(INSTALL_DIR) $(1)/usr/sbin
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/freshclam $(1)/usr/sbin/
+
+ $(INSTALL_DIR) $(1)/etc/config
+ $(INSTALL_CONF) ./files/freshclam.config $(1)/etc/config/freshclam
+
+ $(INSTALL_DIR) $(1)/etc/init.d/
+ $(INSTALL_BIN) ./files/freshclam.init $(1)/etc/init.d/freshclam
+endef
+
+$(eval $(call BuildPackage,clamav))
+$(eval $(call BuildPackage,freshclam))
--- /dev/null
+config clamav 'clamav'
+ option clamd_config_file '/etc/clamav/clamd.conf'
+ option LogFile '/tmp/clamd.log'
+ option LogFileMaxSize '1M'
+ option LogTime 'no'
+ option LogVerbose 'no'
+ option ExtendedDetectionInfo 'no'
+ option OfficialDatabaseOnly 'no'
+ option StreamMinPort '1024'
+ option StreamMaxPort '2048'
+ option MaxThreads '10'
+ option ReadTimeout '30'
+ option CommandReadTimeout '5'
+ option MaxDirectoryRecursion '15'
+ option FollowDirectorySymlinks 'no'
+ option FollowFileSymlinks 'no'
+ option SelfCheck '600'
+ option DetectPUA 'yes'
+ option ScanPE 'yes'
+ option DisableCertCheck 'no'
+ option ScanELF 'yes'
+ option DetectBrokenExecutables 'no'
+ option ScanOLE2 'yes'
+ option ScanPDF 'yes'
+ option ScanSWF 'yes'
+ option ScanMail 'yes'
+ option ScanPartialMessages 'no'
+ option ScanArchive 'yes'
+ option ArchiveBlockEncrypted 'yes'
+ option MaxFileSize '10M'
+ option TemporaryDirectory '/tmp'
+ option LocalSocket '/var/run/clamav/clamd.sock'
+ option User 'nobody'
+ option ExitOnOOM 'yes'
--- /dev/null
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2015 OpenWrt.org
+
+START=90
+STOP=10
+
+USE_PROCD=1
+PROG=/usr/sbin/clamd
+CLAMD_CONFIGFILE="/tmp/clamav/clamd.conf"
+
+validate_clamav_section() {
+ uci_validate_section clamav clamav "${1}" \
+ 'clamd_config_file:string' \
+ 'LogFile:string' \
+ 'LogFileMaxSize:string' \
+ 'LogVerbose:string' \
+ 'ExtendedDetectionInfo:string' \
+ 'LogTime:string' \
+ 'OfficialDatabaseOnly:string' \
+ 'StreamMinPort:uinteger' \
+ 'StreamMaxPort:uinteger' \
+ 'MaxThreads:uinteger' \
+ 'ReadTimeout:uinteger' \
+ 'CommandReadTimeout:uinteger' \
+ 'MaxDirectoryRecursion:uinteger' \
+ 'FollowDirectorySymlinks:string' \
+ 'FollowFileSymlinks:string' \
+ 'SelfCheck:uinteger' \
+ 'DetectPUA:string' \
+ 'ScanPE:string' \
+ 'DisableCertCheck:string' \
+ 'ScanELF:string' \
+ 'DetectBrokenExecutables:string' \
+ 'ScanOLE2:string' \
+ 'ScanPDF:string' \
+ 'ScanSWF:string' \
+ 'ScanMail:string' \
+ 'ScanPartialMessages:string' \
+ 'ScanArchive:string' \
+ 'TemporaryDirectory:string' \
+ 'ArchiveBlockEncrypted:string' \
+ 'MaxFileSize:string' \
+ 'LocalSocket:string' \
+ 'User:string' \
+ 'ExitOnOOM:string'
+}
+
+start_service() {
+ local clamd_config_file LogFile LogTime StreamMinPort \
+ StreamMaxPort MaxThreads ReadTimeout CommandReadTimeout MaxDirectoryRecursion \
+ FollowFileSymlinks FollowDirectorySymlinks SelfCheck DetectPUA ScanPE DisableCertCheck \
+ ScanELF DetectBrokenExecutables ScanOLE2 ScanPDF ScanSWF ScanMail ScanPartialMessages \
+ ScanArchive TemporaryDirectory ArchiveBlockEncrypted MaxFileSize LocalSocket User
+
+ validate_clamav_section clamav || {
+ echo "validation failed"
+ return 1
+ }
+
+ mkdir -p /usr/share/clamav
+ mkdir -p /etc/clamav/
+ mkdir -p /var/run/clamav/
+ chmod a+rw /var/run/clamav
+
+ mkdir -p $(dirname $CLAMD_CONFIGFILE)
+ ln -sf $clamd_config_file $CLAMD_CONFIGFILE
+
+ echo "LogFile " $LogFile > $CLAMD_CONFIGFILE
+ echo "LogFileMaxSize " $LogFileMaxSize >> $CLAMD_CONFIGFILE
+ echo "LogVerbose " $LogVerbose >> $CLAMD_CONFIGFILE
+ echo "ExtendedDetectionInfo " $ExtendedDetectionInfo >> $CLAMD_CONFIGFILE
+ echo "LogTime " $LogTime >> $CLAMD_CONFIGFILE
+ echo "OfficialDatabaseOnly " $OfficialDatabaseOnly >> $CLAMD_CONFIGFILE
+ echo "StreamMinPort " $StreamMinPort >> $CLAMD_CONFIGFILE
+ echo "StreamMaxPort " $StreamMaxPort >> $CLAMD_CONFIGFILE
+ echo "MaxThreads " $MaxThreads >> $CLAMD_CONFIGFILE
+ echo "ReadTimeout " $ReadTimeout >> $CLAMD_CONFIGFILE
+ echo "CommandReadTimeout " $CommandReadTimeout >> $CLAMD_CONFIGFILE
+ echo "MaxDirectoryRecursion " $MaxDirectoryRecursion >> $CLAMD_CONFIGFILE
+ echo "FollowDirectorySymlinks " $FollowDirectorySymlinks >> $CLAMD_CONFIGFILE
+ echo "FollowFileSymlinks " $FollowFileSymlinks >> $CLAMD_CONFIGFILE
+ echo "SelfCheck " $SelfCheck >> $CLAMD_CONFIGFILE
+ echo "DetectPUA " $DetectPUA >> $CLAMD_CONFIGFILE
+ echo "ScanPE " $ScanPE >> $CLAMD_CONFIGFILE
+ echo "DisableCertCheck " $DisableCertCheck >> $CLAMD_CONFIGFILE
+ echo "ScanELF " $ScanELF >> $CLAMD_CONFIGFILE
+ echo "DetectBrokenExecutables " $DetectBrokenExecutables >> $CLAMD_CONFIGFILE
+ echo "ScanOLE2 " $ScanOLE2 >> $CLAMD_CONFIGFILE
+ echo "ScanPDF " $ScanPDF >> $CLAMD_CONFIGFILE
+ echo "ScanSWF " $ScanSWF >> $CLAMD_CONFIGFILE
+ echo "ScanMail " $ScanMail >> $CLAMD_CONFIGFILE
+ echo "ScanPartialMessages " $ScanPartialMessages >> $CLAMD_CONFIGFILE
+ echo "ScanArchive " $ScanArchive >> $CLAMD_CONFIGFILE
+ echo "TemporaryDirectory " $TemporaryDirectory >> $CLAMD_CONFIGFILE
+ echo "ArchiveBlockEncrypted " $ArchiveBlockEncrypted >> $CLAMD_CONFIGFILE
+ echo "MaxFileSize " $MaxFileSize >> $CLAMD_CONFIGFILE
+ echo "LocalSocket " $LocalSocket >> $CLAMD_CONFIGFILE
+ echo "User " $User >> $CLAMD_CONFIGFILE
+ echo "ExitOnOOM " $ExitOnOOM >> $CLAMD_CONFIGFILE
+
+ procd_open_instance
+ procd_set_param command $PROG -c $CLAMD_CONFIGFILE
+ procd_set_param file $CLAMD_CONFIGFILE
+ procd_close_instance
+}
+
+stop_service()
+{
+ service_stop ${PROG}
+}
+
+service_triggers()
+{
+ procd_add_reload_trigger "clamav"
+ procd_add_validation validate_clamav_section
+}
--- /dev/null
+config freshclam 'freshclam'
+ option freshclam_config_file '/etc/clamav/freshclam.conf'
+ option UpdateLogFile '/tmp/freshclam.log'
+ option DatabaseMirror 'database.clamav.net'
+ option NotifyClamd '/etc/clamav/clamd.conf'
+ option DatabaseOwner 'root'
+ option CompressLocalDatabase 'yes'
--- /dev/null
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2015 OpenWrt.org
+
+START=90
+STOP=10
+
+USE_PROCD=1
+PROG=/usr/sbin/freshclam
+FRESHCLAM_CONFIGFILE="/tmp/clamav/freshclam.conf"
+
+validate_freshclam_section() {
+ uci_validate_section freshclam freshclam "${1}" \
+ 'freshclam_config_file:string' \
+ 'UpdateLogFile:string' \
+ 'DatabaseMirror:string' \
+ 'NotifyClamd:string' \
+ 'DatabaseOwner:string' \
+ 'CompressLocalDatabase:string:'
+}
+
+start_service() {
+ local freshclam_config_file UpdateLogFile DatabaseOwner NotifyClamd DatabaseMirror
+
+ validate_freshclam_section freshclam || {
+ echo "validation failed"
+ return 1
+ }
+
+ [ -f /tmp/freshclam.pid ] && echo "already running" && return 0
+
+ mkdir -p /usr/share/clamav
+ mkdir -p /etc/clamav
+ touch /tmp/freshclam.log
+ touch /tmp/freshclam.pid
+
+ mkdir -p $(dirname $FRESHCLAM_CONFIGFILE)
+ ln -sf $freshclam_config_file $FRESHCLAM_CONFIGFILE
+
+ echo "UpdateLogFile " $UpdateLogFile > $FRESHCLAM_CONFIGFILE
+ echo "DatabaseMirror " $DatabaseMirror >> $FRESHCLAM_CONFIGFILE
+ echo "NotifyClamd " $NotifyClamd >> $FRESHCLAM_CONFIGFILE
+ echo "DatabaseOwner " $DatabaseOwner >> $FRESHCLAM_CONFIGFILE
+ echo "CompressLocalDatabase " $CompressLocalDatabase >> $FRESHCLAM_CONFIGFILE
+
+ procd_open_instance
+ procd_set_param command $PROG -d --config-file=$FRESHCLAM_CONFIGFILE -p /tmp/freshclam.pid --no-warnings
+ procd_set_param file $FRESHCLAM_CONFIGFILE
+ procd_close_instance
+}
+
+stop_service()
+{
+ [ ! -f /tmp/freshclam.pid ] && echo "not running" && return 0
+ PID=`cat /tmp/freshclam.pid`
+ kill $PID
+ rm -f /tmp/freshclam.pid
+}
+
+service_triggers()
+{
+ procd_add_reload_trigger "freshclam"
+ procd_add_validation validate_freshclam_section
+}
--- /dev/null
+--- a/clamdscan/proto.c
++++ b/clamdscan/proto.c
+@@ -55,6 +55,7 @@
+ #include "shared/misc.h"
+ #include "shared/clamdcom.h"
+
++#include <sys/un.h>
+ #include "proto.h"
+ #include "client.h"
+
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/chilli* $(1)/usr/sbin/
$(INSTALL_DIR) $(1)/usr/lib/
$(CP) $(PKG_INSTALL_DIR)/usr/lib/lib*.so.* $(1)/usr/lib/
- $(INSTALL_DIR) $(1)/usr/lib/iptables
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/iptables/lib*.so $(1)/usr/lib/iptables/
+ $(if $(CONFIG_PACKAGE_kmod-ipt-coova), \
+ $(INSTALL_DIR) $(1)/usr/lib/iptables; \
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/iptables/lib*.so $(1)/usr/lib/iptables/ \
+ )
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) files/chilli.init $(1)/etc/init.d/chilli
$(INSTALL_DIR) $(1)/etc/config
include $(TOPDIR)/rules.mk
PKG_NAME:=e2guardian
-PKG_VERSION:=3.0.4
+PKG_VERSION:=3.1.2
PKG_RELEASE:=1
PKG_LICENSE:=GPL-2.0
PKG_MAINTAINER:=Luka Perkov <luka@openwrt.org>
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_URL:=https://github.com/e2guardian/e2guardian.git
-PKG_SOURCE_VERSION:=v$(PKG_VERSION)
-
+PKG_SOURCE:=v$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://github.com/e2guardian/e2guardian/archive/
+PKG_MD5SUM:=85cfa16074737dbc3935f93dfcded285
+PKG_FIXUP:=autoreconf
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
CONFIGURE_ARGS += \
--with-sysconfsubdir=e2guardian \
- --with-proxyuser=root \
- --with-proxygroup=root \
- --enable-pcre=yes
+ --with-proxyuser=nobody \
+ --with-proxygroup=nogroup \
+ --enable-pcre=yes \
+ --with-piddir=/tmp/e2guardian/ \
+ --enable-sslextralists=no \
+ --enable-sslmitm=no
define Build/Configure
$(call Build/Configure/Default,$CONFIGURE_ARGS)
config e2guardian 'e2guardian'
- option config_file '/etc/e2guardian/e2guardianf1.conf'
option languagedir '/usr/share/e2guardian/languages'
option language 'ukenglish'
option loglevel '2'
option logexceptionhits '2'
option logfileformat '1'
- option loglocation '/dev/null'
+ option loglocation '/var/log/e2guardian/access.log'
option maxuploadsize '-1'
- option filterip ''
option filterports '8080'
option proxyip '127.0.0.1'
option proxyport '3128'
option deletedownloadedtempfiles 'on'
option initialtrickledelay '20'
option trickledelay '10'
+ option downloadmanager '/etc/e2guardian/downloadmanagers/fancy.conf'
option downloadmanager '/etc/e2guardian/downloadmanagers/default.conf'
option contentscannertimeout '60'
option contentscanexceptions 'off'
USE_PROCD=1
PROG=/usr/sbin/e2guardian
CONFIGFILE="/tmp/e2guardian/e2guardian.conf"
+LOGFILE="/tmp/e2guardian/access.log"
+GROUPCONFIG="/tmp/e2guardian/e2guardianf1.conf"
validate_e2guardian_section() {
uci_validate_section e2guardian e2guardian "${1}" \
- 'config_file:string' \
'accessdeniedaddress:string' \
'bannediplist:string' \
'contentscanexceptions:string' \
+ 'contentscanner:string'
'contentscannertimeout:uinteger' \
'createlistcachefiles:string' \
'custombannedflashfile:string' \
start_service() {
- local config_file accessdeniedaddress bannediplist contentscanexceptions contentscannertimeout \
+ local accessdeniedaddress bannediplist contentscanexceptions contentscanner contentscannertimeout \
createlistcachefiles custombannedflashfile custombannedimagefile deletedownloadedtempfiles \
downloadmanager exceptioniplist filecachedir loglocation \
filtergroups filtergroupslist filterip filterports forcequicksearch forwardedfor hexdecodecontent \
}
mkdir -p $(dirname $CONFIGFILE)
- ln -sf $config_file $(dirname $CONFIGFILE)
+ chown -R nobody:nogroup $(dirname $CONFIGFILE)
+
+ mkdir -p $(dirname $loglocation)
+ chown -R nobody:nogroup $(dirname $loglocation)
+
+ touch $loglocation
+ chown nobody:nogroup $loglocation
+
+ ln -sf $loglocation $(dirname $LOGFILE)
+ ln -sf /etc/e2guardian/e2guardian.conf $CONFIGFILE
+ ln -sf /etc/e2guardian/e2guardianf1.conf $GROUPCONFIG
echo "accessdeniedaddress = " $accessdeniedaddress > $CONFIGFILE
echo "bannediplist = " $bannediplist >> $CONFIGFILE
+
+ if [ "$contentscanner" != "" ]
+ then
+ echo "contentscanner = " $contentscanner >> $CONFIGFILE
+ fi
+
echo "contentscanexceptions = " $contentscanexceptions >> $CONFIGFILE
echo "contentscannertimeout = " $contentscannertimeout >> $CONFIGFILE
echo "createlistcachefiles = " $createlistcachefiles >> $CONFIGFILE
echo "weightedphrasemode = " $weightedphrasemode >> $CONFIGFILE
procd_open_instance
- procd_set_param command $PROG -N -c "$CONFIGFILE"
+ procd_set_param command $PROG -c $CONFIGFILE
procd_set_param file $CONFIGFILE
- procd_set_param respawn
procd_close_instance
+
}
stop_service()
{
- e2guardian -s | awk -F':' '{ print $2}' | xargs kill -9
+ PID=`cat /tmp/e2guardian/e2guardian.pid`
+ kill $PID
+ rm -f /tmp/e2guardian/e2guardian.pid
}
service_triggers()
-# e2guardian filter group config file for version 3.0.4
+# e2guardian filter group config file for version 3.1.2
# Filter group mode
groupname = ''
# Content filtering files location
-bannedphraselist = 'etc/e2guardian/lists/bannedphraselist'
-weightedphraselist = 'etc/e2guardian/lists/weightedphraselist'
-exceptionphraselist = 'etc/e2guardian/lists/exceptionphraselist'
-bannedsitelist = 'etc/e2guardian/lists/bannedsitelist'
-greysitelist = 'etc/e2guardian/lists/greysitelist'
-bannedsslsitelist = 'etc/e2guardian/lists/bannedsslsitelist'
-greysslsitelist = 'etc/e2guardian/lists/greysslsitelist'
-exceptionsitelist = 'etc/e2guardian/lists/exceptionsitelist'
-bannedurllist = 'etc/e2guardian/lists/bannedurllist'
-greyurllist = 'etc/e2guardian/lists/greyurllist'
-exceptionurllist = 'etc/e2guardian/lists/exceptionurllist'
-exceptionregexpurllist = 'etc/e2guardian/lists/exceptionregexpurllist'
-bannedregexpurllist = 'etc/e2guardian/lists/bannedregexpurllist'
-picsfile = 'etc/e2guardian/lists/pics'
-contentregexplist = 'etc/e2guardian/lists/contentregexplist'
-urlregexplist = 'etc/e2guardian/lists/urlregexplist'
-refererexceptionsitelist = 'etc/e2guardian/lists/refererexceptionsitelist'
-refererexceptionurllist = 'etc/e2guardian/lists/refererexceptionurllist'
-embededreferersitelist = 'etc/e2guardian/lists/embededreferersitelist'
-embededrefererurllist = 'etc/e2guardian/lists/embededrefererurllist'
-urlredirectregexplist = 'etc/e2guardian/lists/urlredirectregexplist'
+bannedphraselist = '/etc/e2guardian/lists/bannedphraselist'
+weightedphraselist = '/etc/e2guardian/lists/weightedphraselist'
+exceptionphraselist = '/etc/e2guardian/lists/exceptionphraselist'
+bannedsitelist = '/etc/e2guardian/lists/bannedsitelist'
+greysitelist = '/etc/e2guardian/lists/greysitelist'
+bannedsslsitelist = '/etc/e2guardian/lists/bannedsslsitelist'
+greysslsitelist = '/etc/e2guardian/lists/greysslsitelist'
+exceptionsitelist = '/etc/e2guardian/lists/exceptionsitelist'
+bannedurllist = '/etc/e2guardian/lists/bannedurllist'
+greyurllist = '/etc/e2guardian/lists/greyurllist'
+exceptionurllist = '/etc/e2guardian/lists/exceptionurllist'
+exceptionregexpurllist = '/etc/e2guardian/lists/exceptionregexpurllist'
+bannedregexpurllist = '/etc/e2guardian/lists/bannedregexpurllist'
+picsfile = '/etc/e2guardian/lists/pics'
+contentregexplist = '/etc/e2guardian/lists/contentregexplist'
+urlregexplist = '/etc/e2guardian/lists/urlregexplist'
+refererexceptionsitelist = '/etc/e2guardian/lists/refererexceptionsitelist'
+refererexceptionurllist = '/etc/e2guardian/lists/refererexceptionurllist'
+embededreferersitelist = '/etc/e2guardian/lists/embededreferersitelist'
+embededrefererurllist = '/etc/e2guardian/lists/embededrefererurllist'
+urlredirectregexplist = '/etc/e2guardian/lists/urlredirectregexplist'
# local versions of lists (where LOCAL_LISTS enabled)
-#localbannedsitelist = 'etc/e2guardian/lists/localbannedsitelist'
-#localgreysitelist = 'etc/e2guardian/lists/localgreysitelist'
-#localexceptionsitelist = 'etc/e2guardian/lists/localexceptionsitelist'
-#localbannedurllist = 'etc/e2guardian/lists/localbannedurllist'
-#localgreyurllist = 'etc/e2guardian/lists/localgreyurllist'
-#localexceptionurllist = 'etc/e2guardian/lists/localexceptionurllist'
-#localbannedsslsitelist = 'etc/e2guardian/lists/localbannedsslsitelist'
-#localgreysslsitelist = 'etc/e2guardian/lists/localgreysslsitelist'
-#localbannedsearchlist = 'etc/e2guardian/lists/localbannedsearchlist'
-
-!! Not compiled !! authexceptionsitelist = 'etc/e2guardian/lists/authexceptionsitelist'
-!! Not compiled !! authexceptionurllist = 'etc/e2guardian/lists/authexceptionurllist'
+#localbannedsitelist = '/etc/e2guardian/lists/localbannedsitelist'
+#localgreysitelist = '/etc/e2guardian/lists/localgreysitelist'
+#localexceptionsitelist = '/etc/e2guardian/lists/localexceptionsitelist'
+#localbannedurllist = '/etc/e2guardian/lists/localbannedurllist'
+#localgreyurllist = '/etc/e2guardian/lists/localgreyurllist'
+#localexceptionurllist = '/etc/e2guardian/lists/localexceptionurllist'
+#localbannedsslsitelist = '/etc/e2guardian/lists/localbannedsslsitelist'
+#localgreysslsitelist = '/etc/e2guardian/lists/localgreysslsitelist'
+#localbannedsearchlist = '/etc/e2guardian/lists/localbannedsearchlist'
+
+!! Not compiled !! authexceptionsitelist = '/etc/e2guardian/lists/authexceptionsitelist'
+!! Not compiled !! authexceptionurllist = '/etc/e2guardian/lists/authexceptionurllist'
# Filetype filtering
#
# (on | off)
#
blockdownloads = off
-exceptionextensionlist = 'etc/e2guardian/lists/exceptionextensionlist'
-exceptionmimetypelist = 'etc/e2guardian/lists/exceptionmimetypelist'
+exceptionextensionlist = '/etc/e2guardian/lists/exceptionextensionlist'
+exceptionmimetypelist = '/etc/e2guardian/lists/exceptionmimetypelist'
#
# Use the following lists to block specific kinds of file downloads.
# The two exception lists above can be used to override these.
#
-bannedextensionlist = 'etc/e2guardian/lists/bannedextensionlist'
-bannedmimetypelist = 'etc/e2guardian/lists/bannedmimetypelist'
+bannedextensionlist = '/etc/e2guardian/lists/bannedextensionlist'
+bannedmimetypelist = '/etc/e2guardian/lists/bannedmimetypelist'
#
# In either file filtering mode, the following list can be used to override
# MIME type & extension blocks for particular domains & URLs (trusted download sites).
#
-exceptionfilesitelist = 'etc/e2guardian/lists/exceptionfilesitelist'
-exceptionfileurllist = 'etc/e2guardian/lists/exceptionfileurllist'
+exceptionfilesitelist = '/etc/e2guardian/lists/exceptionfilesitelist'
+exceptionfileurllist = '/etc/e2guardian/lists/exceptionfileurllist'
# POST protection (web upload and forms)
# does not block forms without any file upload, i.e. this is just for
# Supply categorised lists here and the category string shall be logged against
# matching requests, but matching these lists does not perform any filtering
# action.
-#logsitelist = 'etc/e2guardian/lists/logsitelist'
-#logurllist = 'etc/e2guardian/lists/logurllist'
-#logregexpurllist = 'etc/e2guardian/lists/logregexpurllist'
+#logsitelist = '/etc/e2guardian/lists/logsitelist'
+#logurllist = '/etc/e2guardian/lists/logurllist'
+#logregexpurllist = '/etc/e2guardian/lists/logregexpurllist'
# Outgoing HTTP header rules:
# Optional lists for blocking based on, and modification of, outgoing HTTP
# Headers are matched/replaced on a line-by-line basis, not as a contiguous
# block.
# Use for example, to remove cookies or prevent certain user-agents.
-headerregexplist = 'etc/e2guardian/lists/headerregexplist'
-bannedregexpheaderlist = 'etc/e2guardian/lists/bannedregexpheaderlist'
-addheaderregexplist = 'etc/e2guardian/lists/addheaderregexplist'
+headerregexplist = '/etc/e2guardian/lists/headerregexplist'
+bannedregexpheaderlist = '/etc/e2guardian/lists/bannedregexpheaderlist'
+addheaderregexplist = '/etc/e2guardian/lists/addheaderregexplist'
# Weighted phrase mode
# Optional; overrides the weightedphrasemode option in e2guardian.conf
# List of regular expressions for matching search engine URLs. It is assumed
# that the search terms themselves will be contained in the
# of output of each expression.
-#searchregexplist = 'etc/e2guardian/lists/searchregexplist'
+#searchregexplist = '/etc/e2guardian/lists/searchregexplist'
#
# Banned Search Term list(s) for option 1
-#bannedsearchlist = 'etc/e2guardian/lists/bannedsearchlist'
-#bannedsearchoveridelist = 'etc/e2guardian/lists/bannedsearchoveridelist'
+#bannedsearchlist = '/etc/e2guardian/lists/bannedsearchlist'
+#bannedsearchoveridelist = '/etc/e2guardian/lists/bannedsearchoveridelist'
# Search term limit (for Option 2)
# of text.
# Please note that all or none of the below should be uncommented, not a
# mixture.
-#bannedsearchtermlist = 'etc/e2guardian/lists/bannedsearchtermlist'
-#weightedsearchtermlist = 'etc/e2guardian/lists/weightedsearchtermlist'
-#exceptionsearchtermlist = 'etc/e2guardian/lists/exceptionsearchtermlist'
+#bannedsearchtermlist = '/etc/e2guardian/lists/bannedsearchtermlist'
+#weightedsearchtermlist = '/etc/e2guardian/lists/weightedsearchtermlist'
+#exceptionsearchtermlist = '/etc/e2guardian/lists/exceptionsearchtermlist'
# Category display threshold
# This option only applies to pages blocked by weighted phrase filtering.
# only used in reporting level 3.
#
# The default template file path is <languagedir>/<language>/template.h
-# e.g. share/e2guardian/languages/ukenglish/template.html when using 'ukenglish'
+# e.g. /share/e2guardian/languages/ukenglish/template.html when using 'ukenglish'
# language.
#
# This option generates a file path of the form:
# <languagedir>/<language>/<htmltemplate>
-# e.g. share/e2guardian/languages/ukenglish/custom.html
+# e.g. /share/e2guardian/languages/ukenglish/custom.html
#
#htmltemplate = 'custom.html'
sslcertcheck = off
#SSL man in the middle
-# Forge ssl certificates for all sites, decrypt the data then re encrypt it
+# Forge ssl certificates for all non-exception sites, decrypt the data then re encrypt it
# using a different private key. Used to filter ssl sites
sslmitm = off
+#Limit SSL MITM to sites in greysslsitelist(s)
+# ignored if sslmitm is off
+# SSL sites not matching greysslsitelist will be treat as if sslmitm is off.
+onlymitmsslgrey = off
PKG_NAME:=emailrelay
PKG_VERSION:=1.9
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-src.tar.gz
PKG_SOURCE_URL:=@SF/emailrelay/$(PKG_VERSION)
start() {
logger -t 'emailrelay' "Starting emailrelay service."
- service_start emailrelay --as-server --poll 60 --forward-to smtpserver:smtpport --spool-dir /tmp --client-tls --client-auth /etc/emailrelay.auth --server-auth /etc/emailrelay.auth --log
+ service_start /usr/bin/emailrelay --as-server --poll 60 --forward-to smtpserver:smtpport --spool-dir /tmp --client-tls --client-auth /etc/emailrelay.auth --server-auth /etc/emailrelay.auth --log
}
stop() {
logger -t 'emailrelay' "Stopping emailrelay service."
- killall -9 emailrelay
+ service_stop /usr/bin/emailrelay
}
PKG_NAME:=fwknop
PKG_VERSION:=2.6.6
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=http://www.cipherdyne.org/fwknop/download
--- /dev/null
+diff --git a/CREDITS b/CREDITS
+index de17d9e..38e2108 100644
+--- a/CREDITS
++++ b/CREDITS
+@@ -1,5 +1,6 @@
+ Jonathan Bennett
+ - Contributed OpenWRT support - see the extras/openwrt/ directory.
++ - Suggested the addition of the --key-gen option to fwknopd.
+
+ Sebastien Jeanquier
+ - Assisted with getting fwknop included in BackTrack Linux - the choice
+diff --git a/ChangeLog b/ChangeLog
+index 21a5093..4daf008 100644
+--- a/ChangeLog
++++ b/ChangeLog
+@@ -1,3 +1,8 @@
++fwknop-2.6.7 (05//2015):
++ - Added --key-gen to fwknopd. This feature was suggested by Jonathan
++ Bennett, and will help with ease of use efforts. The first platform to
++ take advantage of this will likely be OpenWRT thanks to Jonathan.
++
+ fwknop-2.6.6 (04/23/2015):
+ - [server] Add the ability for fwknopd to function as an generic SPA
+ gateway. This allows scenarios such as the fwknopd system providing DHCP
+diff --git a/client/config_init.c b/client/config_init.c
+index cdb233d..f0ae135 100644
+--- a/client/config_init.c
++++ b/client/config_init.c
+@@ -199,7 +199,7 @@ static int critical_var_array[] =
+ };
+
+ /**
+- * @brief Generate Rijndael + HMAC keys from /dev/random (base64 encoded) and exit.
++ * @brief Generate Rijndael + HMAC keys from /dev/urandom (base64 encoded).
+ *
+ * @param options FKO command line option structure
+ */
+diff --git a/client/fwknop_common.h b/client/fwknop_common.h
+index aef20c4..c57db02 100644
+--- a/client/fwknop_common.h
++++ b/client/fwknop_common.h
+@@ -69,8 +69,6 @@
+ #define MAX_HOSTNAME_LEN 70
+ #define MAX_URL_HOST_LEN 256
+ #define MAX_URL_PATH_LEN 1024
+-#define MAX_KEY_LEN 128
+-#define MAX_B64_KEY_LEN 180
+
+ /* fwknop client configuration parameters and values
+ */
+@@ -156,10 +154,10 @@ typedef struct fko_cli_options
+ unsigned char use_gpg;
+ unsigned char use_gpg_agent;
+ unsigned char gpg_no_signing_pw;
++ unsigned char key_gen;
+ int time_offset_plus;
+ int time_offset_minus;
+ int fw_timeout;
+- int key_gen;
+
+ char use_rc_stanza[MAX_LINE_LEN];
+ unsigned char got_named_stanza;
+diff --git a/common/common.h b/common/common.h
+index b63e7c2..c7b2e57 100644
+--- a/common/common.h
++++ b/common/common.h
+@@ -157,6 +157,9 @@ enum {
+ #define MAX_GPG_KEY_ID 128
+ #define MAX_USERNAME_LEN 30
+
++#define MAX_KEY_LEN 128
++#define MAX_B64_KEY_LEN 180
++
+ /* Command line argument / argv handling
+ */
+ #define MAX_CMDLINE_ARGS 30 /*!< should be way more than enough */
+diff --git a/doc/fwknop.man.asciidoc b/doc/fwknop.man.asciidoc
+index 070ac77..efa99a7 100644
+--- a/doc/fwknop.man.asciidoc
++++ b/doc/fwknop.man.asciidoc
+@@ -196,6 +196,11 @@ GENERAL OPTIONS
+ keys are generally more secure than passphrases that are typed in from the
+ command line.
+
++*--key-gen-file*='<file>'::
++ Write generated keys to the specified file. Note that the file is
++ overwritten if it already exists. If this option is not given, then
++ *--key-gen* writes the keys to stdout.
++
+ *--key-len*='<length>'::
+ Specify the number of bytes for a generated Rijndael key. The maximum size
+ is currently 128 bytes.
+diff --git a/server/cmd_opts.h b/server/cmd_opts.h
+index bc1eee1..d7a645c 100644
+--- a/server/cmd_opts.h
++++ b/server/cmd_opts.h
+@@ -141,6 +141,10 @@ enum {
+ FW_LIST = 0x200,
+ FW_LIST_ALL,
+ FW_FLUSH,
++ KEY_GEN_FILE,
++ KEY_LEN,
++ HMAC_KEY_LEN,
++ HMAC_DIGEST_TYPE,
+ AFL_PKT_FILE,
+ GPG_HOME_DIR,
+ GPG_EXE_PATH,
+@@ -178,7 +182,12 @@ static struct option cmd_opts[] =
+ {"fault-injection-tag", 1, NULL, FAULT_INJECTION_TAG},
+ {"help", 0, NULL, 'h'},
+ {"interface", 1, NULL, 'i'},
+- {"kill", 0, NULL, 'K'},
++ {"key-gen", 0, NULL, 'k'},
++ {"key-gen-file", 1, NULL, KEY_GEN_FILE },
++ {"key-len", 1, NULL, KEY_LEN },
++ {"hmac-key-len", 1, NULL, HMAC_KEY_LEN },
++ {"hmac-digest-type", 1, NULL, HMAC_DIGEST_TYPE },
++ {"kill", 0, NULL, 'K' },
+ {"fw-flush", 0, NULL, FW_FLUSH },
+ {"fw-list", 0, NULL, FW_LIST },
+ {"fw-list-all", 0, NULL, FW_LIST_ALL },
+diff --git a/server/config_init.c b/server/config_init.c
+index 0ddceee..2f1d293 100644
+--- a/server/config_init.c
++++ b/server/config_init.c
+@@ -201,6 +201,69 @@ validate_int_var_ranges(fko_srv_options_t *opts)
+ return;
+ }
+
++/**
++ * @brief Generate Rijndael + HMAC keys from /dev/urandom (base64 encoded).
++ *
++ * @param options FKO command line option structure
++ */
++static void
++generate_keys(fko_srv_options_t *options)
++{
++ char key_base64[MAX_B64_KEY_LEN+1];
++ char hmac_key_base64[MAX_B64_KEY_LEN+1];
++
++ FILE *key_gen_file_ptr = NULL;
++ int res;
++
++ /* Set defaults and validate for --key-gen mode
++ */
++ if(options->key_len == 0)
++ options->key_len = FKO_DEFAULT_KEY_LEN;
++
++ if(options->hmac_key_len == 0)
++ options->hmac_key_len = FKO_DEFAULT_HMAC_KEY_LEN;
++
++ if(options->hmac_type == 0)
++ options->hmac_type = FKO_DEFAULT_HMAC_MODE;
++
++ /* Zero out the key buffers */
++ memset(key_base64, 0x00, sizeof(key_base64));
++ memset(hmac_key_base64, 0x00, sizeof(hmac_key_base64));
++
++ /* Generate the key through libfko */
++ res = fko_key_gen(key_base64, options->key_len,
++ hmac_key_base64, options->hmac_key_len,
++ options->hmac_type);
++
++ if(res != FKO_SUCCESS)
++ {
++ log_msg(LOG_ERR, "%s: fko_key_gen: Error %i - %s",
++ MY_NAME, res, fko_errstr(res));
++ clean_exit(options, NO_FW_CLEANUP, EXIT_FAILURE);
++ }
++
++ if(options->key_gen_file[0] != '\0')
++ {
++ if ((key_gen_file_ptr = fopen(options->key_gen_file, "w")) == NULL)
++ {
++ log_msg(LOG_ERR, "Unable to create key gen file: %s: %s",
++ options->key_gen_file, strerror(errno));
++ clean_exit(options, NO_FW_CLEANUP, EXIT_FAILURE);
++ }
++ fprintf(key_gen_file_ptr, "KEY_BASE64: %s\nHMAC_KEY_BASE64: %s\n",
++ key_base64, hmac_key_base64);
++ fclose(key_gen_file_ptr);
++ fprintf(stdout, "[+] Wrote Rijndael and HMAC keys to: %s",
++ options->key_gen_file);
++ }
++ else
++ {
++ fprintf(stdout, "KEY_BASE64: %s\nHMAC_KEY_BASE64: %s\n",
++ key_base64, hmac_key_base64);
++ }
++ clean_exit(options, NO_FW_CLEANUP, EXIT_SUCCESS);
++}
++
+ /* Parse the config file...
+ */
+ static void
+@@ -427,7 +490,7 @@ validate_options(fko_srv_options_t *opts)
+ if(opts->config[CONF_ENABLE_DIGEST_PERSISTENCE] == NULL)
+ set_config_entry(opts, CONF_ENABLE_DIGEST_PERSISTENCE,
+ DEF_ENABLE_DIGEST_PERSISTENCE);
+-
++
+ /* Enable destination rule.
+ */
+ if(opts->config[CONF_ENABLE_DESTINATION_RULE] == NULL)
+@@ -928,8 +991,9 @@ config_init(fko_srv_options_t *opts, int argc, char **argv)
+
+ /* First, scan the command-line args for -h/--help or an alternate
+ * configuration file. If we find an alternate config file, use it,
+- * otherwise use the default. We also grab any override config files
+- * as well.
++ * otherwise use the default. We also grab any override config files
++ * as well. In addition, we handle key generation here since this is
++ * independent of configuration parsing.
+ */
+ while ((cmd_arg = getopt_long(argc, argv,
+ GETOPTS_OPTION_STRING, cmd_opts, &index)) != -1) {
+@@ -952,6 +1016,45 @@ config_init(fko_srv_options_t *opts, int argc, char **argv)
+ if(got_override_config > 0)
+ break;
+
++ case 'k':
++ opts->key_gen = 1;
++ break;
++ case KEY_GEN_FILE:
++ opts->key_gen = 1;
++ strlcpy(opts->key_gen_file, optarg, sizeof(opts->key_gen_file));
++ break;
++ case KEY_LEN: /* used in --key-gen mode only */
++ opts->key_len = strtol_wrapper(optarg, 1,
++ MAX_KEY_LEN, NO_EXIT_UPON_ERR, &is_err);
++ if(is_err != FKO_SUCCESS)
++ {
++ log_msg(LOG_ERR,
++ "Invalid key length '%s', must be in [%d-%d]",
++ optarg, 1, MAX_KEY_LEN);
++ clean_exit(opts, NO_FW_CLEANUP, EXIT_FAILURE);
++ }
++ break;
++ case HMAC_DIGEST_TYPE: /* used in --key-gen mode only */
++ if((opts->hmac_type = hmac_digest_strtoint(optarg)) < 0)
++ {
++ log_msg(LOG_ERR,
++ "* Invalid hmac digest type: %s, use {md5,sha1,sha256,sha384,sha512}",
++ optarg);
++ clean_exit(opts, NO_FW_CLEANUP, EXIT_FAILURE);
++ }
++ break;
++ case HMAC_KEY_LEN: /* used in --key-gen mode only */
++ opts->hmac_key_len = strtol_wrapper(optarg, 1,
++ MAX_KEY_LEN, NO_EXIT_UPON_ERR, &is_err);
++ if(is_err != FKO_SUCCESS)
++ {
++ log_msg(LOG_ERR,
++ "Invalid hmac key length '%s', must be in [%d-%d]",
++ optarg, 1, MAX_KEY_LEN);
++ clean_exit(opts, NO_FW_CLEANUP, EXIT_FAILURE);
++ }
++ break;
++
+ /* Look for override configuration file arg.
+ */
+ case 'O':
+@@ -965,6 +1068,9 @@ config_init(fko_srv_options_t *opts, int argc, char **argv)
+ }
+ }
+
++ if(opts->key_gen)
++ generate_keys(opts);
++
+ /* If no alternate configuration file was specified, we use the
+ * default.
+ */
+diff --git a/server/fwknopd_common.h b/server/fwknopd_common.h
+index ecf2a81..8c33eaa 100644
+--- a/server/fwknopd_common.h
++++ b/server/fwknopd_common.h
+@@ -585,10 +585,14 @@ typedef struct fko_srv_options
+ unsigned char fw_list; /* List current firewall rules */
+ unsigned char fw_list_all; /* List all current firewall rules */
+ unsigned char fw_flush; /* Flush current firewall rules */
++ unsigned char key_gen; /* Generate keys and exit */
++ unsigned char exit_after_parse_config; /* Parse config and exit */
++
++ /* Operational flags
++ */
+ unsigned char test; /* Test mode flag */
+ unsigned char afl_fuzzing; /* SPA pkts from stdin for AFL fuzzing */
+ unsigned char verbose; /* Verbose mode flag */
+- unsigned char exit_after_parse_config; /* Parse config and exit */
+ unsigned char enable_udp_server; /* Enable UDP server mode */
+
+ unsigned char firewd_disable_check_support; /* Don't use firewall-cmd ... -C */
+@@ -605,6 +609,13 @@ typedef struct fko_srv_options
+ int tcp_server_pid;
+ int lock_fd;
+
++ /* Values used in --key-gen mode only
++ */
++ char key_gen_file[MAX_PATH_LEN];
++ int key_len;
++ int hmac_key_len;
++ int hmac_type;
++
+ #if USE_FILE_CACHE
+ struct digest_cache_list *digest_cache; /* In-memory digest cache list */
+ #endif
+diff --git a/test/tests/basic_operations.pl b/test/tests/basic_operations.pl
+index f4dde2e..76a509d 100644
+--- a/test/tests/basic_operations.pl
++++ b/test/tests/basic_operations.pl
+@@ -390,6 +390,14 @@
+ 'exec_err' => $YES,
+ 'cmdline' => "$default_client_args --key-gen -K " . 'A'x1030
+ },
++ {
++ 'category' => 'basic operations',
++ 'subcategory' => 'server',
++ 'detail' => '--key-gen file path (-K) too long',
++ 'function' => \&generic_exec,
++ 'exec_err' => $YES,
++ 'cmdline' => "$fwknopdCmd --key-gen --key-gen-file " . 'A'x1030
++ },
+
+ {
+ 'category' => 'basic operations',
+diff --git a/test/tests/rijndael.pl b/test/tests/rijndael.pl
+index 26aab6a..34af65e 100644
+--- a/test/tests/rijndael.pl
++++ b/test/tests/rijndael.pl
+@@ -421,33 +421,6 @@
+ 'key_file' => $cf{'rc_named_key'},
+ },
+
+- ### --key-gen tests
+- {
+- 'category' => 'Rijndael',
+- 'subcategory' => 'client',
+- 'detail' => '--key-gen',
+- 'function' => \&generic_exec,
+- 'cmdline' => "$fwknopCmd --key-gen",
+- 'positive_output_matches' => [qr/^KEY_BASE64\:?\s\S{10}/,
+- qw/HMAC_KEY_BASE64\:?\s\S{10}/],
+- },
+- {
+- 'category' => 'Rijndael',
+- 'subcategory' => 'client',
+- 'detail' => "--key-gen $uniq_keys key uniqueness",
+- 'function' => \&key_gen_uniqueness,
+- 'cmdline' => "$fwknopCmd --key-gen", ### no valgrind string (too slow for 100 client exec's)
+- 'disable_valgrind' => $YES,
+- },
+- {
+- 'category' => 'Rijndael',
+- 'subcategory' => 'client',
+- 'detail' => '--key-gen to file',
+- 'function' => \&generic_exec,
+- 'cmdline' => "$fwknopCmd --key-gen --key-gen-file $key_gen_file",
+- 'positive_output_matches' => [qr/Wrote.*\skeys/],
+- },
+-
+ ### rc file tests
+ {
+ 'category' => 'Rijndael',
+diff --git a/test/tests/rijndael_hmac.pl b/test/tests/rijndael_hmac.pl
+index fc1a8af..fd80f04 100644
+--- a/test/tests/rijndael_hmac.pl
++++ b/test/tests/rijndael_hmac.pl
+@@ -58,6 +58,59 @@
+ 'exec_err' => $YES,
+ },
+
++ ### --key-gen tests
++ {
++ 'category' => 'Rijndael+HMAC',
++ 'subcategory' => 'client',
++ 'detail' => '--key-gen',
++ 'function' => \&generic_exec,
++ 'cmdline' => "$fwknopCmd --key-gen",
++ 'positive_output_matches' => [qr/^KEY_BASE64\:?\s\S{10}/,
++ qw/HMAC_KEY_BASE64\:?\s\S{10}/],
++ },
++ {
++ 'category' => 'Rijndael+HMAC',
++ 'subcategory' => 'server',
++ 'detail' => '--key-gen',
++ 'function' => \&generic_exec,
++ 'cmdline' => "$fwknopdCmd --key-gen",
++ 'positive_output_matches' => [qr/^KEY_BASE64\:?\s\S{10}/,
++ qw/HMAC_KEY_BASE64\:?\s\S{10}/],
++ },
++ {
++ 'category' => 'Rijndael+HMAC',
++ 'subcategory' => 'client',
++ 'detail' => "--key-gen $uniq_keys key uniqueness",
++ 'function' => \&key_gen_uniqueness,
++ 'cmdline' => "$fwknopCmd --key-gen", ### no valgrind string (too slow for 100 exec's)
++ 'disable_valgrind' => $YES,
++ },
++ {
++ 'category' => 'Rijndael+HMAC',
++ 'subcategory' => 'server',
++ 'detail' => "--key-gen $uniq_keys key uniqueness",
++ 'function' => \&key_gen_uniqueness,
++ 'cmdline' => "$fwknopdCmd --key-gen", ### no valgrind string (too slow for 100 exec's)
++ 'disable_valgrind' => $YES,
++ },
++ {
++ 'category' => 'Rijndael+HMAC',
++ 'subcategory' => 'client',
++ 'detail' => '--key-gen to file',
++ 'function' => \&generic_exec,
++ 'cmdline' => "$fwknopCmd --key-gen --key-gen-file $key_gen_file",
++ 'positive_output_matches' => [qr/Wrote.*\skeys/],
++ },
++ {
++ 'category' => 'Rijndael+HMAC',
++ 'subcategory' => 'server',
++ 'detail' => '--key-gen to file',
++ 'function' => \&generic_exec,
++ 'cmdline' => "$fwknopdCmd --key-gen --key-gen-file $key_gen_file",
++ 'positive_output_matches' => [qr/Wrote.*\skeys/],
++ },
++
++ ### complete cycle tests
+ {
+ 'category' => 'Rijndael+HMAC',
+ 'subcategory' => 'client+server',
include $(TOPDIR)/rules.mk
PKG_NAME:=knxd
-PKG_VERSION=2015-03-31-$(PKG_SOURCE_VERSION)
+PKG_VERSION=2015-05-20-$(PKG_SOURCE_VERSION)
PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/knxd/knxd.git
-PKG_SOURCE_VERSION:=2c6c6732a684dffb87b391ea92cccdf07c8385b8
+PKG_SOURCE_VERSION:=30d490e15dfc3cedffc891c62eaa03c918f8efed
PKG_SOURCE_SUBDIR:=$(PKG_NAME)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.gz
include $(TOPDIR)/rules.mk
PKG_NAME:=lftp
-PKG_VERSION:=4.6.0
+PKG_VERSION:=4.6.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=http://lftp.yar.ru/ftp \ http://lftp.cybermirror.org \ http://lftp.cybermirror.org/old
-PKG_MD5SUM:=fc5f4e3b45c9011a193eb8c0c12eb2eb
+PKG_SOURCE_URL:=http://lftp.yar.ru/ftp \
+ http://lftp.yar.ru/ftp/old \
+ http://lftp.cybermirror.org \
+ http://lftp.cybermirror.org/old
+PKG_MD5SUM:=487c064ee1bd732e5f95928e530435a8
+
+
PKG_LICENSE:=GPL-3.0+
PKG_LICENSE_FILES:=COPYING
--- /dev/null
+#
+# Copyright (C) 2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=luci-app-clamav
+PKG_RELEASE:=20150520
+
+PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
+
+PKG_LICENSE:=Apache-2.0
+PKG_MAINTAINER:=Marko Ratkaj <marko.ratkaj@sartura.hr>
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/luci-app-clamav
+ SECTION:=luci
+ CATEGORY:=LuCI
+ SUBMENU:=3. Applications
+ TITLE:=ClamAV Web UI
+ DEPENDS:=+luci-mod-admin-full +clamav
+endef
+
+define Package/luci-app-clamav/description
+ This package will install ClamAV Web UI.
+endef
+
+define Build/Prepare
+endef
+
+define Build/Configure
+endef
+
+define Build/Compile
+endef
+
+define Package/luci-app-clamav/install
+ $(INSTALL_DIR) $(1)/usr/lib/lua/luci/controller/
+ $(INSTALL_BIN) \
+ ./files/controller/clamav-controller.lua \
+ $(1)/usr/lib/lua/luci/controller/clamav.lua
+
+ $(INSTALL_DIR) $(1)/usr/lib/lua/luci/model/cbi/
+ $(INSTALL_BIN) \
+ ./files/model/cbi/clamav-cbi.lua \
+ $(1)/usr/lib/lua/luci/model/cbi/clamav.lua
+endef
+
+$(eval $(call BuildPackage,luci-app-clamav))
--- /dev/null
+--[[
+
+LuCI ClamAV module
+
+Copyright (C) 2015, Itus Networks, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Author: Marko Ratkaj <marko.ratkaj@sartura.hr>
+ Luka Perkov <luka.perkov@sartura.hr>
+
+]]--
+
+module("luci.controller.clamav", package.seeall)
+
+function index()
+ entry({"admin", "services", "clamav"}, cbi("clamav"), _("ClamAV"))
+end
--- /dev/null
+--[[
+
+LuCI ClamAV module
+
+Copyright (C) 2015, Itus Networks, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Author: Marko Ratkaj <marko.ratkaj@sartura.hr>
+ Luka Perkov <luka.perkov@sartura.hr>
+
+]]--
+
+local fs = require "nixio.fs"
+local sys = require "luci.sys"
+require "ubus"
+
+m = Map("clamav", translate("ClamAV"))
+m.on_after_commit = function() luci.sys.call("/etc/init.d/clamav restart") end
+
+s = m:section(TypedSection, "clamav")
+s.anonymous = true
+s.addremove = false
+
+s:tab("tab_advanced", translate("Settings"))
+s:tab("tab_logs", translate("Log"))
+
+--------------- Settings --------------
+
+LogFileMaxSize = s:taboption("tab_advanced", Value, "LogFileMaxSize", translate("Max size of log file"))
+LogFileMaxSize:value("512K", translate("512K"))
+LogFileMaxSize:value("1M", translate("1M"))
+LogFileMaxSize:value("2M", translate("2M"))
+LogFileMaxSize.default = "1M"
+
+LogTime = s:taboption("tab_advanced", ListValue, "LogTime", translate("Log time with each message"))
+LogTime:value("no", translate("No"))
+LogTime:value("yes", translate("Yes"))
+LogTime.default = "no"
+
+LogVerbose = s:taboption("tab_advanced", ListValue, "LogVerbose", translate("Enable verbose logging"))
+LogVerbose:value("no", translate("No"))
+LogVerbose:value("yes", translate("Yes"))
+LogVerbose.default = "no"
+
+ExtendedDetectionInfo = s:taboption("tab_advanced", ListValue, "ExtendedDetectionInfo", translate("Log additional infection info"))
+ExtendedDetectionInfo:value("no", translate("No"))
+ExtendedDetectionInfo:value("yes", translate("Yes"))
+ExtendedDetectionInfo.default = "no"
+
+dummy3 = s:taboption("tab_advanced", DummyValue, "")
+dummy4 = s:taboption("tab_advanced", DummyValue, "")
+
+MaxDirectoryRecursion = s:taboption("tab_advanced", Value, "MaxDirectoryRecursion", translate("Max directory scan depth"))
+MaxDirectoryRecursion:value("15", translate("15"))
+MaxDirectoryRecursion:value("20", translate("20"))
+MaxDirectoryRecursion.default = "15"
+
+FollowDirectorySymlink = s:taboption("tab_advanced", ListValue, "FollowDirectorySymlink", translate("Follow directory symlinks"))
+FollowDirectorySymlink:value("no", translate("No"))
+FollowDirectorySymlink:value("yes", translate("Yes"))
+FollowDirectorySymlink.default = "no"
+
+FollowFileSymlinks = s:taboption("tab_advanced", ListValue, "FollowFileSymlinks", translate("Follow file symlinks"))
+FollowFileSymlinks:value("no", translate("No"))
+FollowFileSymlinks:value("yes", translate("Yes"))
+FollowFileSymlinks.default = "no"
+
+DetectPUA = s:taboption("tab_advanced", ListValue, "DetectPUA", translate("Detect possibly unwanted apps"))
+DetectPUA:value("no", translate("No"))
+DetectPUA:value("yes", translate("Yes"))
+DetectPUA.default = "no"
+
+ScanPE = s:taboption("tab_advanced", ListValue, "ScanPE", translate("Scan portable executables"))
+ScanPE:value("no", translate("No"))
+ScanPE:value("yes", translate("Yes"))
+ScanPE.default = "yes"
+
+ScanELF = s:taboption("tab_advanced", ListValue, "ScanELF", translate("Scan ELF files"))
+ScanELF:value("no", translate("No"))
+ScanELF:value("yes", translate("Yes"))
+ScanELF.default = "yes"
+
+DetectBrokenExecutables = s:taboption("tab_advanced", ListValue, "DetectBrokenExecutables", translate("Detect broken executables"))
+DetectBrokenExecutables:value("no", translate("No"))
+DetectBrokenExecutables:value("yes", translate("Yes"))
+DetectBrokenExecutables.default = "no"
+
+ScanOLE2 = s:taboption("tab_advanced", ListValue, "ScanOLE2", translate("Scan MS Office and .msi files"))
+ScanOLE2:value("no", translate("No"))
+ScanOLE2:value("yes", translate("Yes"))
+ScanOLE2.default = "yes"
+
+ScanPDF = s:taboption("tab_advanced", ListValue, "ScanPDF", translate("Scan pdf files"))
+ScanPDF:value("no", translate("No"))
+ScanPDF:value("yes", translate("Yes"))
+ScanPDF.default = "yes"
+
+ScanSWF = s:taboption("tab_advanced", ListValue, "ScanSWF", translate("Scan swf files"))
+ScanSWF:value("no", translate("No"))
+ScanSWF:value("yes", translate("Yes"))
+ScanSWF.default = "yes"
+
+ScanMail = s:taboption("tab_advanced", ListValue, "ScanMail", translate("Scan emails"))
+ScanMail:value("no", translate("No"))
+ScanMail:value("yes", translate("Yes"))
+ScanMail.default = "yes"
+
+ScanPartialMessages = s:taboption("tab_advanced", ListValue, "ScanPartialMessages", translate("Scan RFC1341 messages split over many emails"))
+ScanPartialMessages:value("no", translate("No"))
+ScanPartialMessages:value("yes", translate("Yes"))
+ScanPartialMessages.default = "no"
+
+ScanArchive = s:taboption("tab_advanced", ListValue, "ScanArchive", translate("Scan archives"))
+ScanArchive:value("no", translate("No"))
+ScanArchive:value("yes", translate("Yes"))
+ScanArchive.default = "yes"
+
+ArchiveBlockEncrypted = s:taboption("tab_advanced", ListValue, "ArchiveBlockEncrypted", translate("Block encrypted archives"))
+ArchiveBlockEncrypted:value("no", translate("No"))
+ArchiveBlockEncrypted:value("yes", translate("Yes"))
+ArchiveBlockEncrypted.default = "no"
+
+dummy5 = s:taboption("tab_advanced", DummyValue, "")
+dummy6 = s:taboption("tab_advanced", DummyValue, "")
+
+StreamMinPort = s:taboption("tab_advanced", Value, "StreamMinPort", translate("Port range, lowest port"))
+StreamMinPort.datatype = "portrange"
+StreamMinPort:value("1024",translate("1024"))
+StreamMinPort.default = "1024"
+
+StreamMaxPort = s:taboption("tab_advanced", Value, "StreamMaxPort", translate("Port range, highest port"))
+StreamMaxPort.datatype = "portrange"
+StreamMaxPort:value("2048",translate("2048"))
+StreamMaxPort.default = "2048"
+
+MaxThreads = s:taboption("tab_advanced", Value, "MaxThreads", translate("Max number of threads"))
+MaxThreads.datatype = "and(uinteger,min(1))"
+MaxThreads:value("10",translate("10"))
+MaxThreads:value("20",translate("20"))
+MaxThreads.default = "10"
+
+SelfCheck = s:taboption("tab_advanced", Value, "SelfCheck", translate("Database check every N sec"))
+SelfCheck.datatype = "and(uinteger,min(1))"
+SelfCheck:value("600",translate("600"))
+SelfCheck.default = "600"
+
+MaxFileSize = s:taboption("tab_advanced", Value, "MaxFileSize", translate("Max size of scanned file"))
+MaxFileSize.datatype = "string"
+MaxFileSize:value("150M",translate("150M"))
+MaxFileSize:value("50M",translate("50M"))
+MaxFileSize.default = "150M"
+
+------------------ Log --------------------
+
+clamav_logfile = s:taboption("tab_logs", TextValue, "lines", "")
+clamav_logfile.wrap = "off"
+clamav_logfile.rows = 25
+clamav_logfile.rmempty = true
+
+function clamav_logfile.cfgvalue()
+ local uci = require "luci.model.uci".cursor_state()
+ local file = "/tmp/clamd.log"
+ if file then
+ return fs.readfile(file) or ""
+ else
+ return ""
+ end
+end
+
+function clamav_logfile.write()
+end
+
+return m
--- /dev/null
+#
+# Copyright (C) 2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=luci-app-e2guardian
+PKG_RELEASE:=20150520
+
+PKG_LICENSE:=Apache-2.0
+
+PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/luci-app-e2guardian
+ SECTION:=luci
+ CATEGORY:=LuCI
+ SUBMENU:=3. Applications
+ TITLE:=E2Guardian Web UI
+ DEPENDS:=+luci-mod-admin-full +e2guardian
+ MAINTAINER:=Marko Ratkaj <marko.ratkaj@sartura.hr>
+endef
+
+define Package/luci-app-e2guardian/description
+ This package will install E2Guardian Web UI.
+endef
+
+define Build/Prepare
+endef
+
+define Build/Configure
+endef
+
+define Build/Compile
+endef
+
+define Package/luci-app-e2guardian/install
+ $(INSTALL_DIR) $(1)/usr/lib/lua/luci/controller/
+ $(INSTALL_BIN) \
+ ./files/e2guardian-controller.lua \
+ $(1)/usr/lib/lua/luci/controller/e2guardian.lua
+
+ $(INSTALL_DIR) $(1)/usr/lib/lua/luci/model/cbi/
+ $(INSTALL_BIN) \
+ ./files//e2guardian-cbi.lua \
+ $(1)/usr/lib/lua/luci/model/cbi/e2guardian.lua
+endef
+
+$(eval $(call BuildPackage,luci-app-e2guardian))
--- /dev/null
+--[[
+
+LuCI E2Guardian module
+
+Copyright (C) 2015, Itus Networks, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Author: Marko Ratkaj <marko.ratkaj@sartura.hr>
+ Luka Perkov <luka.perkov@sartura.hr>
+
+]]--
+
+local fs = require "nixio.fs"
+local sys = require "luci.sys"
+
+m = Map("e2guardian", translate("E2Guardian"))
+m.on_after_commit = function() luci.sys.call("/etc/init.d/e2guardian restart") end
+
+s = m:section(TypedSection, "e2guardian")
+s.anonymous = true
+s.addremove = false
+
+s:tab("tab_general", translate("General Settings"))
+s:tab("tab_additional", translate("Additional Settings"))
+s:tab("tab_logs", translate("Logs"))
+
+
+----------------- General Settings Tab -----------------------
+
+filterip = s:taboption("tab_general", Value, "filterip", translate("IP that E2Guardian listens"))
+filterip.datatype = "ip4addr"
+
+filterports = s:taboption("tab_general", Value, "filterports", translate("Port that E2Guardian listens"))
+filterports.datatype = "portrange"
+filterports.placeholder = "0-65535"
+
+proxyip = s:taboption("tab_general", Value, "proxyip", translate("IP address of the proxy"))
+proxyip.datatype = "ip4addr"
+proxyip.default = "127.0.0.1"
+
+proxyport = s:taboption("tab_general", Value, "proxyport", translate("Port of the proxy"))
+proxyport.datatype = "portrange"
+proxyport.placeholder = "0-65535"
+
+languagedir = s:taboption("tab_general", Value, "languagedir", translate("Language dir"))
+languagedir.datatype = "string"
+languagedir.default = "/usr/share/e2guardian/languages"
+
+language = s:taboption("tab_general", Value, "language", translate("Language to use"))
+language.datatype = "string"
+language.default = "ukenglish"
+
+loglevel = s:taboption("tab_general", ListValue, "loglevel", translate("Logging Settings"))
+loglevel:value("0", translate("none"))
+loglevel:value("1", translate("just denied"))
+loglevel:value("2", translate("all text based"))
+loglevel:value("3", translate("all requests"))
+loglevel.default = "2"
+
+logexceptionhits = s:taboption("tab_general", ListValue, "logexceptionhits", translate("Log Exception Hits"))
+logexceptionhits:value("0", translate("never"))
+logexceptionhits:value("1", translate("log, but dont mark as exceptions"))
+logexceptionhits:value("2", translate("log and mark"))
+logexceptionhits.default = "2"
+
+logfileformat = s:taboption("tab_general", ListValue, "logfileformat", translate("Log File Format"))
+logfileformat:value("1", translate("DansgGuardian format, space delimited"))
+logfileformat:value("2", translate("CSV-style format"))
+logfileformat:value("3", translate("Squid Log File Format"))
+logfileformat:value("4", translate("Tab delimited"))
+logfileformat:value("5", translate("Protex format"))
+logfileformat:value("6", translate("Protex format with server field blanked"))
+logfileformat.default = "1"
+
+accessdeniedaddress = s:taboption("tab_general", Value, "accessdeniedaddress", translate("Access denied address"),
+translate("Server to which the cgi e2guardian reporting script was copied. Reporting levels 1 and 2 only"))
+accessdeniedaddress.datatype = "string"
+accessdeniedaddress.default = "http://YOURSERVER.YOURDOMAIN/cgi-bin/e2guardian.pl"
+
+usecustombannedimage = s:taboption("tab_general", ListValue, "usecustombannedimage", translate("Banned image replacement"))
+usecustombannedimage:value("on", translate("Yes"))
+usecustombannedimage:value("off", translate("No"))
+usecustombannedimage.default = "on"
+
+custombannedimagefile = s:taboption("tab_general", Value, "custombannedimagefile", translate("Custom banned image file"))
+custombannedimagefile.datatype = "string"
+custombannedimagefile.default = "/usr/share/e2guardian/transparent1x1.gif"
+
+usecustombannedflash = s:taboption("tab_general", ListValue, "usecustombannedflash", translate("Banned flash replacement"))
+usecustombannedflash:value("on", translate("Yes"))
+usecustombannedflash:value("off", translate("No"))
+usecustombannedflash.default = "on"
+
+custombannedflashfile = s:taboption("tab_general", Value, "custombannedflashfile", translate("Custom banned flash file"))
+custombannedflashfile.datatype = "string"
+custombannedflashfile.default = "/usr/share/e2guardian/blockedflash.swf"
+
+filtergroups = s:taboption("tab_general", Value, "filtergroups", translate("Number of filter groups"))
+filtergroups.datatype = "and(uinteger,min(1))"
+filtergroups.default = "1"
+
+filtergroupslist = s:taboption("tab_general", Value, "filtergroupslist", translate("List of filter groups"))
+filtergroupslist.datatype = "string"
+filtergroupslist.default = "/etc/e2guardian/lists/filtergroupslist"
+
+bannediplist = s:taboption("tab_general", Value, "bannediplist", translate("List of banned IPs"))
+bannediplist.datatype = "string"
+bannediplist.default = "/etc/e2guardian/lists/bannediplist"
+
+exceptioniplist = s:taboption("tab_general", Value, "exceptioniplist", translate("List of IP exceptions"))
+exceptioniplist.datatype = "string"
+exceptioniplist.default = "/etc/e2guardian/lists/exceptioniplist"
+
+perroomblockingdirectory = s:taboption("tab_general", Value, "perroomblockingdirectory", translate("Per-Room blocking definition directory"))
+perroomblockingdirectory.datatype = "string"
+perroomblockingdirectory.default = "/etc/e2guardian/lists/bannedrooms/"
+
+showweightedfound = s:taboption("tab_general", ListValue, "showweightedfound", translate("Show weighted phrases found"))
+showweightedfound:value("on", translate("Yes"))
+showweightedfound:value("off", translate("No"))
+showweightedfound.default = "on"
+
+weightedphrasemode = s:taboption("tab_general", ListValue, "weightedphrasemode", translate("Weighted phrase mode"))
+weightedphrasemode:value("0", translate("off"))
+weightedphrasemode:value("1", translate("on, normal operation"))
+weightedphrasemode:value("2", translate("on, phrase found only counts once on a page"))
+weightedphrasemode.default = "2"
+
+urlcachenumber = s:taboption("tab_general", Value, "urlcachenumber", translate("Clean result caching for URLs"))
+urlcachenumber.datatype = "and(uinteger,min(0))"
+urlcachenumber.default = "1000"
+
+urlcacheage = s:taboption("tab_general", Value, "urlcacheage", translate("Age before they should be ignored in seconds"))
+urlcacheage.datatype = "and(uinteger,min(0))"
+urlcacheage.default = "900"
+
+scancleancache = s:taboption("tab_general", ListValue, "scancleancache", translate("Cache for content (AV) scans as 'clean'"))
+scancleancache:value("on", translate("Yes"))
+scancleancache:value("off", translate("No"))
+scancleancache.default = "on"
+
+phrasefiltermode = s:taboption("tab_general", ListValue, "phrasefiltermode", translate("Filtering options"))
+phrasefiltermode:value("0", translate("raw"))
+phrasefiltermode:value("1", translate("smart"))
+phrasefiltermode:value("2", translate("both raw and smart"))
+phrasefiltermode:value("3", translate("meta/title"))
+phrasefiltermode.default = "2"
+
+preservecase = s:taboption("tab_general", ListValue, "perservecase", translate("Lower caseing options"))
+preservecase:value("0", translate("force lower case"))
+preservecase:value("1", translate("dont change"))
+preservecase:value("2", translate("scan fist in lower, then in original"))
+preservecase.default = "0"
+
+hexdecodecontent = s:taboption("tab_general", ListValue, "hexdecodecontent", translate("Hex decoding options"))
+hexdecodecontent:value("on", translate("Yes"))
+hexdecodecontent:value("off", translate("No"))
+hexdecodecontent.default = "off"
+
+forcequicksearch = s:taboption("tab_general", ListValue, "forcequicksearch", translate("Quick search"))
+forcequicksearch:value("on", translate("Yes"))
+forcequicksearch:value("off", translate("No"))
+forcequicksearch.default = "off"
+
+reverseaddresslookups= s:taboption("tab_general", ListValue, "reverseaddresslookups", translate("Reverse lookups for banned site and URLs"))
+reverseaddresslookups:value("on", translate("Yes"))
+reverseaddresslookups:value("off", translate("No"))
+reverseaddresslookups.default = "off"
+
+reverseclientiplookups = s:taboption("tab_general", ListValue, "reverseclientiplookups", translate("Reverse lookups for banned and exception IP lists"))
+reverseclientiplookups:value("on", translate("Yes"))
+reverseclientiplookups:value("off", translate("No"))
+reverseclientiplookups.default = "off"
+
+logclienthostnames = s:taboption("tab_general", ListValue, "logclienthostnames", translate("Perform reverse lookups on client IPs for successful requests"))
+logclienthostnames:value("on", translate("Yes"))
+logclienthostnames:value("off", translate("No"))
+logclienthostnames.default = "off"
+
+createlistcachefiles = s:taboption("tab_general", ListValue, "createlistcachefiles", translate("Build bannedsitelist and bannedurllist cache files"))
+createlistcachefiles:value("on",translate("Yes"))
+createlistcachefiles:value("off",translate("No"))
+createlistcachefiles.default = "on"
+
+prefercachedlists = s:taboption("tab_general", ListValue, "prefercachedlists", translate("Prefer cached list files"))
+prefercachedlists:value("on", translate("Yes"))
+prefercachedlists:value("off", translate("No"))
+prefercachedlists.default = "off"
+
+maxuploadsize = s:taboption("tab_general", Value, "maxuploadsize", translate("Max upload size (in Kbytes)"))
+maxuploadsize:value("-1", translate("no blocking"))
+maxuploadsize:value("0", translate("complete block"))
+maxuploadsize.default = "-1"
+
+maxcontentfiltersize = s:taboption("tab_general", Value, "maxcontentfiltersize", translate("Max content filter size"),
+translate("The value must not be higher than max content ram cache scan size or 0 to match it"))
+maxcontentfiltersize.datatype = "and(uinteger,min(0))"
+maxcontentfiltersize.default = "256"
+
+maxcontentramcachescansize = s:taboption("tab_general", Value, "maxcontentramcachescansize", translate("Max content ram cache scan size"),
+translate("This is the max size of file that DG will download and cache in RAM"))
+maxcontentramcachescansize.datatype = "and(uinteger,min(0))"
+maxcontentramcachescansize.default = "2000"
+
+maxcontentfilecachescansize = s:taboption("tab_general", Value, "maxcontentfilecachescansize", translate("Max content file cache scan size"))
+maxcontentfilecachescansize.datatype = "and(uinteger,min(0))"
+maxcontentfilecachescansize.default = "20000"
+
+proxytimeout = s:taboption("tab_general", Value, "proxytimeout", translate("Proxy timeout (5-100)"))
+proxytimeout.datatype = "range(5,100)"
+proxytimeout.default = "20"
+
+proxyexchange = s:taboption("tab_general", Value, "proxyexchange", translate("Proxy header excahnge (20-300)"))
+proxyexchange.datatype = "range(20,300)"
+proxyexchange.default = "20"
+
+pcontimeout = s:taboption("tab_general", Value, "pcontimeout", translate("Pconn timeout"),
+translate("How long a persistent connection will wait for other requests"))
+pcontimeout.datatype = "range(5,300)"
+pcontimeout.default = "55"
+
+filecachedir = s:taboption("tab_general", Value, "filecachedir", translate("File cache directory"))
+filecachedir.datatype = "string"
+filecachedir.default = "/tmp"
+
+deletedownloadedtempfiles = s:taboption("tab_general", ListValue, "deletedownloadedtempfiles", translate("Delete file cache after user completes download"))
+deletedownloadedtempfiles:value("on", translate("Yes"))
+deletedownloadedtempfiles:value("off", translate("No"))
+deletedownloadedtempfiles.default = "on"
+
+initialtrickledelay = s:taboption("tab_general", Value, "initialtrickledelay", translate("Initial Trickle delay"),
+translate("Number of seconds a browser connection is left waiting before first being sent *something* to keep it alive"))
+initialtrickledelay.datatype = "and(uinteger,min(0))"
+initialtrickledelay.default = "20"
+
+trickledelay = s:taboption("tab_general", Value, "trickledelay", translate("Trickle delay"),
+translate("Number of seconds a browser connection is left waiting before being sent more *something* to keep it alive"))
+trickledelay.datatype = "and(uinteger,min(0))"
+trickledelay.default = "10"
+
+downloadmanager = s:taboption("tab_general", Value, "downloadmanager", translate("Download manager"))
+downloadmanager.datatype = "string"
+downloadmanager.default = "/etc/e2guardian/downloadmanagers/default.conf"
+
+contentscannertimeout = s:taboption("tab_general", Value, "contentscannertimeout", translate("Content scanner timeout"))
+contentscannertimeout.datatype = "and(uinteger,min(0))"
+contentscannertimeout.default = "60"
+
+contentscanexceptions = s:taboption("tab_general", ListValue, "contentscanexceptions", translate("Content scan exceptions"))
+contentscanexceptions:value("on", translate("Yes"))
+contentscanexceptions:value("off", translate("No"))
+contentscanexceptions.default = "off"
+
+recheckreplacedurls = s:taboption("tab_general", ListValue, "recheckreplacedurls", translate("e-check replaced URLs"))
+recheckreplacedurls:value("on", translate("Yes"))
+recheckreplacedurls:value("off", translate("No"))
+recheckreplacedurls.default = "off"
+
+forwardedfor = s:taboption("tab_general", ListValue, "forwardedfor", translate("Misc setting: forwardedfor"),
+translate("If on, it may help solve some problem sites that need to know the source ip."))
+forwardedfor:value("on", translate("Yes"))
+forwardedfor:value("off", translate("No"))
+forwardedfor.default = "off"
+
+usexforwardedfor = s:taboption("tab_general", ListValue, "usexforwardedfor", translate("Misc setting: usexforwardedfor"),
+translate("This is for when you have squid between the clients and E2Guardian"))
+usexforwardedfor:value("on", translate("Yes"))
+usexforwardedfor:value("off", translate("No"))
+usexforwardedfor.default = "off"
+
+logconnectionhandlingerrors = s:taboption("tab_general", ListValue, "logconnectionhandlingerrors", translate("Log debug info about log()ing and accept()ing"))
+logconnectionhandlingerrors:value("on", translate("Yes"))
+logconnectionhandlingerrors:value("off", translate("No"))
+logconnectionhandlingerrors.default = "on"
+
+logchildprocesshandling = s:taboption("tab_general", ListValue, "logchildprocesshandling", translate("Log child process handling"))
+logchildprocesshandling:value("on", translate("Yes"))
+logchildprocesshandling:value("off", translate("No"))
+logchildprocesshandling.default = "off"
+
+maxchildren = s:taboption("tab_general", Value, "maxchildren", translate("Max number of processes to spawn"))
+maxchildren.datatype = "and(uinteger,min(0))"
+maxchildren.default = "180"
+
+minchildren = s:taboption("tab_general", Value, "minchildren", translate("Min number of processes to spawn"))
+minchildren.datatype = "and(uinteger,min(0))"
+minchildren.default = "20"
+
+minsparechildren = s:taboption("tab_general", Value, "minsparechildren", translate("Min number of processes to keep ready"))
+minsparechildren.datatype = "and(uinteger,min(0))"
+minsparechildren.default = "16"
+
+preforkchildren = s:taboption("tab_general", Value, "preforkchildren", translate("Sets minimum nuber of processes when it runs out"))
+preforkchildren.datatype = "and(uinteger,min(0))"
+preforkchildren.default = "10"
+
+maxsparechildren = s:taboption("tab_general", Value, "maxsparechildren", translate("Sets the maximum number of processes to have doing nothing"))
+maxsparechildren.datatype = "and(uinteger,min(0))"
+maxsparechildren.default = "32"
+
+maxagechildren = s:taboption("tab_general", Value, "maxagechildren", translate("Max age of child process"))
+maxagechildren.datatype = "and(uinteger,min(0))"
+maxagechildren.default = "500"
+
+maxips = s:taboption("tab_general", Value, "maxips", translate("Max number of clinets allowed to connect"))
+maxips:value("0", translate("no limit"))
+maxips.default = "0"
+
+ipipcfilename = s:taboption("tab_general", Value, "ipipcfilename", translate("IP list IPC server directory and filename"))
+ipipcfilename.datatype = "string"
+ipipcfilename.default = "/tmp/.dguardianipc"
+
+urlipcfilename = s:taboption("tab_general", Value, "urlipcfilename", translate("Defines URL list IPC server directory and filename used to communicate with the URL cache process"))
+urlipcfilename.datatype = "string"
+urlipcfilename.default = "/tmp/.dguardianurlipc"
+
+ipcfilename = s:taboption("tab_general", Value, "ipcfilename", translate("Defines URL list IPC server directory and filename used to communicate with the URL cache process"))
+ipcfilename.datatype = "string"
+ipcfilename.default = "/tmp/.dguardianipipc"
+
+nodeamon = s:taboption("tab_general", ListValue, "nodeamon", translate("Disable deamoning"))
+nodeamon:value("on", translate("Yes"))
+nodeamon:value("off", translate("No"))
+nodeamon.default = "off"
+
+nologger = s:taboption("tab_general", ListValue, "nologger", translate("Disable logger"))
+nologger:value("on", translate("Yes"))
+nologger:value("off", translate("No"))
+nologger.default = "off"
+
+logadblock = s:taboption("tab_general", ListValue, "logadblock", translate("Enable logging of ADs"))
+logadblock:value("on", translate("Yes"))
+logadblock:value("off", translate("No"))
+logadblock.default = "off"
+
+loguseragent = s:taboption("tab_general", ListValue, "loguseragent", translate("Enable logging of client user agent"))
+loguseragent:value("on", translate("Yes"))
+loguseragent:value("off", translate("No"))
+loguseragent.default = "off"
+
+softrestart = s:taboption("tab_general", ListValue, "softrestart", translate("Enable soft restart"))
+softrestart:value("on", translate("Yes"))
+softrestart:value("off", translate("No"))
+softrestart.default = "off"
+
+
+------------------------ Additional Settings Tab ----------------------------
+
+e2guardian_config_file = s:taboption("tab_additional", TextValue, "_data", "")
+e2guardian_config_file.wrap = "off"
+e2guardian_config_file.rows = 25
+e2guardian_config_file.rmempty = false
+
+function e2guardian_config_file.cfgvalue()
+ local uci = require "luci.model.uci".cursor_state()
+ file = "/etc/e2guardian/e2guardianf1.conf"
+ if file then
+ return fs.readfile(file) or ""
+ else
+ return ""
+ end
+end
+
+function e2guardian_config_file.write(self, section, value)
+ if value then
+ local uci = require "luci.model.uci".cursor_state()
+ file = "/etc/e2guardian/e2guardianf1.conf"
+ fs.writefile(file, value:gsub("\r\n", "\n"))
+ end
+end
+
+
+---------------------------- Logs Tab -----------------------------
+
+e2guardian_logfile = s:taboption("tab_logs", TextValue, "lines", "")
+e2guardian_logfile.wrap = "off"
+e2guardian_logfile.rows = 25
+e2guardian_logfile.rmempty = true
+
+function e2guardian_logfile.cfgvalue()
+ local uci = require "luci.model.uci".cursor_state()
+ file = "/tmp/e2guardian/access.log"
+ if file then
+ return fs.readfile(file) or ""
+ else
+ return "Can't read log file"
+ end
+end
+
+function e2guardian_logfile.write()
+ return ""
+end
+
+return m
--- /dev/null
+--[[
+
+LuCI E2Guardian module
+
+Copyright (C) 2015, Itus Networks, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Author: Marko Ratkaj <marko.ratkaj@sartura.hr>
+ Luka Perkov <luka.perkov@sartura.hr>
+
+]]--
+
+module("luci.controller.e2guardian", package.seeall)
+
+function index()
+ entry({"admin", "services", "e2guardian"}, cbi("e2guardian"), _("E2Guardian"))
+end
include $(TOPDIR)/rules.mk
PKG_NAME:=ocserv
-PKG_VERSION:=0.10.4
+PKG_VERSION:=0.10.5
PKG_RELEASE:=1
PKG_BUILD_DIR :=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=ftp://ftp.infradead.org/pub/ocserv/
-PKG_MD5SUM:=6df31778642320ea7b90f314c4c9a897
+PKG_MD5SUM:=17ee861f352d6ef7cd33114819b215ba
PKG_LICENSE:=GPLv2
PKG_LICENSE_FILES:=COPYING
test $auth = "plain" && authsuffix="\[passwd=/var/etc/ocpasswd\]"
dyndns="false"
- hostname=`uci show ddns|grep domain|head -1|cut -d '=' -f 2 2>/dev/null`
+ hostname=`uci show ddns 2>/dev/null|grep domain|head -1|cut -d '=' -f 2`
[ -n "$hostname" ] && dyndns="true"
mkdir -p /var/etc
local password
config_get name $1 name
- config_get group $1 group
+ config_get group $1 group '*'
config_get password $1 password
- [ -z "$group" ] && group='*'
[ -z "$name" -o -z "$password" ] && return
echo "$name:$group:$password" >> /var/etc/ocpasswd
start() {
local hostname iface
- hostname=`uci show ddns|grep domain|head -1|cut -d '=' -f 2 2>/dev/null`
+ hostname=`uci show ddns 2>/dev/null|grep domain|head -1|cut -d '=' -f 2`
[ -z "$hostname" ] && hostname=`uci get system.@system[0].hostname 2>/dev/null`
[ -f /etc/config/ocserv-dir/ca-key.pem ] && mv /etc/config/ocserv-dir/ca-key.pem /etc/ocserv/ca-key.pem
PKG_NAME:=openvswitch
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_VERSION:=2.3.90
PKG_RELEASE=$(PKG_SOURCE_VERSION)
PKG_LICENSE:=Apache-2.0
--- /dev/null
+From 5919cb26c631b1dd77a745a3c546f9d117ed34b3 Mon Sep 17 00:00:00 2001
+From: Hauke Mehrtens <hauke@hauke-m.de>
+Date: Sat, 23 May 2015 18:12:09 +0200
+Subject: [PATCH] datapath: do not add vlan_hwaccel_push_inside() for kernel >=
+ 3.18.13
+
+The vlan_hwaccel_push_inside() function was backported in this commit
+to kernel 3.18.13:
+
+commit a67e2e88342accd49587d9bad72f6dabd7673f7c
+Author: Jiri Pirko <jiri@resnulli.us>
+Date: Wed Nov 19 14:04:59 2014 +0100
+
+ vlan: introduce *vlan_hwaccel_push_inside helpers
+
+ [ Upstream commit 5968250c868ceee680aa77395b24e6ddcae17d36 ]
+
+Without this patch compilation breaks on kernel >= 3.18.13
+
+Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
+---
+ datapath/linux/compat/include/linux/if_vlan.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/datapath/linux/compat/include/linux/if_vlan.h
++++ b/datapath/linux/compat/include/linux/if_vlan.h
+@@ -52,7 +52,7 @@ static inline struct sk_buff *rpl_vlan_i
+ }
+ #endif
+
+-#if LINUX_VERSION_CODE < KERNEL_VERSION(3,19,0)
++#if LINUX_VERSION_CODE < KERNEL_VERSION(3,18,13)
+ /*
+ * __vlan_hwaccel_push_inside - pushes vlan tag to the payload
+ * @skb: skbuff to tag
PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://www.snort.org/downloads/snort/
+PKG_SOURCE_URL:=https://www.snort.org/downloads/snort/ \
+ @SF/$(PKG_NAME)
PKG_MD5SUM:=b01e9964827394c39194a0147bc15705
PKG_BUILD_DEPENDS:=librpc
#
-# Copyright (C) 2009-2014 OpenWrt.org
+# Copyright (C) 2009-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(TOPDIR)/rules.mk
PKG_NAME:=umurmur
-PKG_VERSION:=0.2.15
+PKG_VERSION:=0.2.16
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_URL:=git://github.com/fatbob313/umurmur.git
+PKG_SOURCE_URL:=git://github.com/umurmur/umurmur.git
PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=f66c0c3d630aaff1c4d589bc4d884067f00b6529
+PKG_SOURCE_VERSION:=0.2.16
PKG_INSTALL:=1
PKG_FIXUP:=autoreconf
--- /dev/null
+diff --git a/src/ssli_polarssl.c b/src/ssli_polarssl.c
+index a36ccb6..167637b 100644
+--- a/src/ssli_polarssl.c
++++ b/src/ssli_polarssl.c
+@@ -225,8 +225,12 @@ void SSLi_init(void)
+ Log_fatal("Cannot open /dev/urandom");
+ #endif
+
++#ifdef POLARSSL_VERSION_FEATURES
+ version_get_string(verstring);
+ Log_info("PolarSSL library version %s initialized", verstring);
++#else
++ Log_info("PolarSSL library initialized");
++#endif
+ }
+
+ void SSLi_deinit(void)
--- /dev/null
+#
+# Copyright (C) 2010-2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+include $(INCLUDE_DIR)/kernel.mk
+
+PKG_NAME:=usbip
+PKG_RELEASE:=4
+PKG_LICENSE:=GPL-2.0
+
+# Since kernel 2.6.39.1 userspace tools are inside the kernel tree
+# Package Automatic match version in kernel
+# MD5SUM is not useful kernel package already check it
+PKG_VERSION:=$(shell sed -n -e '/^AC_INIT/s/.*\[\([[:digit:]\.]*\)\].*/\1/gp' $(LINUX_DIR)/tools/usb/usbip/configure.ac)
+PKG_SOURCE:=
+PKG_SOURCE_URL:=
+PKG_MD5SUM:=unknown
+
+PKG_MAINTAINER:=Nuno Goncalves <nunojpg@gmail.com>
+
+PATCH_DIR:=./patches-$(PKG_VERSION)
+
+define prepare_source_directory
+ rm -rf $(PKG_BUILD_DIR)
+ $(CP) $(LINUX_DIR)/tools/usb/usbip $(PKG_BUILD_DIR)
+endef
+Hooks/Prepare/Pre += prepare_source_directory
+
+PKG_BUILD_DEPENDS:=udev
+PKG_FIXUP:=autoreconf
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/nls.mk
+
+define Package/usbip/Common
+ TITLE:=USB-over-IP
+ URL:=http://usbip.sourceforge.net/
+ DEPENDS:=@USB_SUPPORT
+endef
+
+define Package/usbip/Default
+ $(call Package/usbip/Common)
+ SECTION:=net
+ CATEGORY:=Network
+endef
+
+define Package/usbip
+ $(call Package/usbip/Default)
+ TITLE+= (common)
+ DEPENDS+= +libwrap +kmod-usbip +udev
+endef
+
+define Package/usbip-client
+ $(call Package/usbip/Default)
+ TITLE+= (client)
+ DEPENDS+= usbip +kmod-usbip-client
+endef
+
+define Package/usbip-server
+ $(call Package/usbip/Default)
+ TITLE+= (server)
+ DEPENDS+= usbip +kmod-usbip-server
+endef
+
+CONFIGURE_PATH:=.
+MAKE_PATH:=.
+LIBTOOL_PATHS:=.
+MAKE_FLAGS+=CFLAGS="-Wno-implicit-function-declaration"
+
+define Build/Configure
+ (cd $(PKG_BUILD_DIR); ./autogen.sh );
+ $(call Build/Configure/Default)
+endef
+
+CFLAGS+="$(TARGET_CFLAGS) -I$(STAGING_DIR)/usr/include"
+
+define Download/usb.ids
+ URL:=http://www.linux-usb.org/
+ FILE:=usb.ids
+ MD5SUM:=
+endef
+
+define Package/usbip/install
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libusbip.so.* $(1)/usr/lib/
+ $(INSTALL_DIR) $(1)/usr/share/hwdata
+ $(CP) $(DL_DIR)/usb.ids $(1)/usr/share/hwdata/
+endef
+
+define Package/usbip-client/install
+ $(INSTALL_DIR) $(1)/usr/sbin
+ $(CP) $(PKG_INSTALL_DIR)/usr/sbin/usbip $(1)/usr/sbin/
+endef
+
+define Package/usbip-server/install
+ $(INSTALL_DIR) $(1)/usr/sbin
+ $(CP) $(PKG_INSTALL_DIR)/usr/sbin/usbipd $(1)/usr/sbin/
+endef
+
+$(eval $(call Download,usb.ids))
+$(eval $(call BuildPackage,usbip))
+$(eval $(call BuildPackage,usbip-client))
+$(eval $(call BuildPackage,usbip-server))
--- /dev/null
+Index: trunk/src/cmd/Makefile.am
+===================================================================
+--- trunk/src/cmd/Makefile.am (revision 98)
++++ trunk/src/cmd/Makefile.am (revision 99)
+@@ -17,5 +17,5 @@
+ INCLUDES = -I$(top_srcdir)/lib
+ LDADD = ../lib/libusbip.la @PACKAGE_LIBS@
+ EXTRA_CFLAGS = @EXTRA_CFLAGS@
+-AM_CFLAGS = -Wall -W -Wstrict-prototypes -std=gnu99 $(EXTRA_CFLAGS) @PACKAGE_CFLAGS@
++AM_CFLAGS = -Wall -W -Wstrict-prototypes -std=gnu99 $(EXTRA_CFLAGS) @PACKAGE_CFLAGS@ -DUSBIDS_FILE='"@USBIDS_DIR@/usb.ids"'
+
--- /dev/null
+--- a/drivers/head/stub_dev.c
++++ b/drivers/head/stub_dev.c
+@@ -398,7 +398,11 @@ static int stub_probe(struct usb_interfa
+ {
+ struct usb_device *udev = interface_to_usbdev(interface);
+ struct stub_device *sdev = NULL;
++#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,30)
+ char *udev_busid = interface->dev.parent->bus_id;
++#else
++ char *udev_busid = dev_name(interface->dev.parent);
++#endif
+ int err = 0;
+
+ udbg("Enter\n");
+--- a/drivers/head/stub_main.c
++++ b/drivers/head/stub_main.c
+@@ -252,18 +252,17 @@ static int __init usb_stub_init(void)
+ return -ENOMEM;
+ }
+
++ info(DRIVER_DESC "" DRIVER_VERSION);
++
++ memset(busid_table, 0, sizeof(busid_table));
++ spin_lock_init(&busid_table_lock);
++
+ ret = usb_register(&stub_driver);
+ if (ret) {
+ uerr("usb_register failed %d\n", ret);
+ return ret;
+ }
+
+-
+- info(DRIVER_DESC "" DRIVER_VERSION);
+-
+- memset(busid_table, 0, sizeof(busid_table));
+- spin_lock_init(&busid_table_lock);
+-
+ ret = driver_create_file(&stub_driver.drvwrap.driver, &driver_attr_match_busid);
+
+ if (ret) {
+--- a/drivers/head/stub_rx.c
++++ b/drivers/head/stub_rx.c
+@@ -159,7 +159,11 @@ static int tweak_set_configuration_cmd(s
+ * A user may need to set a special configuration value before
+ * exporting the device.
+ */
++#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,30)
+ uinfo("set_configuration (%d) to %s\n", config, urb->dev->dev.bus_id);
++#else
++ uinfo("set_configuration (%d) to %s\n", config, dev_name(&urb->dev->dev));
++#endif
+ uinfo("but, skip!\n");
+
+ return 0;
+@@ -177,7 +181,11 @@ static int tweak_reset_device_cmd(struct
+ value = le16_to_cpu(req->wValue);
+ index = le16_to_cpu(req->wIndex);
+
++#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,30)
+ uinfo("reset_device (port %d) to %s\n", index, urb->dev->dev.bus_id);
++#else
++ uinfo("reset_device (port %d) to %s\n", index, dev_name(&urb->dev->dev));
++#endif
+
+ /* all interfaces should be owned by usbip driver, so just reset it. */
+ ret = usb_lock_device_for_reset(urb->dev, NULL);
+@@ -187,7 +195,11 @@ static int tweak_reset_device_cmd(struct
+ }
+
+ /* try to reset the device */
+- ret = usb_reset_composite_device(urb->dev, NULL);
++#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,27)
++ ret = usb_reset_composite_device(urb->dev, NULL);
++#else
++ ret = usb_reset_device(urb->dev);
++#endif
+ if (ret < 0)
+ uerr("device reset\n");
+
+--- a/drivers/head/usbip_common.c
++++ b/drivers/head/usbip_common.c
+@@ -55,10 +55,7 @@ static ssize_t show_flag(struct device *
+ static ssize_t store_flag(struct device *dev, struct device_attribute *attr,
+ const char *buf, size_t count)
+ {
+- unsigned long flag;
+-
+- sscanf(buf, "%lx", &flag);
+- usbip_debug_flag = flag;
++ sscanf(buf, "%lx", &usbip_debug_flag);
+
+ return count;
+ }
+@@ -390,7 +387,7 @@ int usbip_thread(void *param)
+ unlock_kernel();
+
+ /* srv.rb must wait for rx_thread starting */
+- complete(&ut->thread_done);
++ complete(&ut->thread_started);
+
+ /* start of while loop */
+ ut->loop_ops(ut);
+@@ -403,15 +400,21 @@ int usbip_thread(void *param)
+
+ void usbip_start_threads(struct usbip_device *ud)
+ {
++
+ /*
+ * threads are invoked per one device (per one connection).
+ */
++ INIT_COMPLETION(ud->tcp_rx.thread_started);
++ INIT_COMPLETION(ud->tcp_tx.thread_started);
++ INIT_COMPLETION(ud->tcp_rx.thread_done);
++ INIT_COMPLETION(ud->tcp_tx.thread_done);
++
+ kernel_thread((int(*)(void *))usbip_thread, (void *)&ud->tcp_rx, 0);
+ kernel_thread((int(*)(void *))usbip_thread, (void *)&ud->tcp_tx, 0);
+
+ /* confirm threads are starting */
+- wait_for_completion(&ud->tcp_rx.thread_done);
+- wait_for_completion(&ud->tcp_tx.thread_done);
++ wait_for_completion(&ud->tcp_rx.thread_started);
++ wait_for_completion(&ud->tcp_tx.thread_started);
+ }
+ EXPORT_SYMBOL(usbip_start_threads);
+
+@@ -436,6 +439,7 @@ void usbip_task_init(struct usbip_task *
+ void (*loop_ops)(struct usbip_task *))
+ {
+ ut->thread = NULL;
++ init_completion(&ut->thread_started);
+ init_completion(&ut->thread_done);
+ ut->name = name;
+ ut->loop_ops = loop_ops;
+--- a/drivers/head/usbip_event.c
++++ b/drivers/head/usbip_event.c
+@@ -38,7 +38,7 @@ void usbip_start_eh(struct usbip_device
+
+ kernel_thread((int(*)(void *)) usbip_thread, (void *) eh, 0);
+
+- wait_for_completion(&eh->thread_done);
++ wait_for_completion(&eh->thread_started);
+ }
+ EXPORT_SYMBOL(usbip_start_eh);
+
+--- a/drivers/head/vhci_hcd.c
++++ b/drivers/head/vhci_hcd.c
+@@ -58,7 +58,7 @@ static void vhci_stop(struct usb_hcd *hc
+ static int vhci_get_frame_number(struct usb_hcd *hcd);
+
+ static const char driver_name[] = "vhci_hcd";
+-static const char driver_desc[] = "USB/IP Virtual Host Contoroller";
++static const char driver_desc[] = "USB/IP Virtual Host Controller";
+
+
+
+@@ -416,14 +416,6 @@ static int vhci_hub_control(struct usb_h
+ case USB_PORT_FEAT_SUSPEND:
+ dbg_vhci_rh(" SetPortFeature: USB_PORT_FEAT_SUSPEND\n");
+ uerr(" not yet\n");
+-#if 0
+- dum->port_status[rhport] |= (1 << USB_PORT_FEAT_SUSPEND);
+- if (dum->driver->suspend) {
+- spin_unlock (&dum->lock);
+- dum->driver->suspend (&dum->gadget);
+- spin_lock (&dum->lock);
+- }
+-#endif
+ break;
+ case USB_PORT_FEAT_RESET:
+ dbg_vhci_rh(" SetPortFeature: USB_PORT_FEAT_RESET\n");
+@@ -432,12 +424,6 @@ static int vhci_hub_control(struct usb_h
+ dum->port_status[rhport] &= ~(USB_PORT_STAT_ENABLE
+ | USB_PORT_STAT_LOW_SPEED
+ | USB_PORT_STAT_HIGH_SPEED);
+-#if 0
+- if (dum->driver) {
+- dev_dbg (hardware, "disconnect\n");
+- stop_activity (dum, dum->driver);
+- }
+-#endif
+
+ /* FIXME test that code path! */
+ }
+@@ -1060,7 +1046,7 @@ static int vhci_hcd_probe(struct platfor
+ struct usb_hcd *hcd;
+ int ret;
+
+- uinfo("proving...\n");
++ uinfo("probing...\n");
+
+ dbg_vhci_hc("name %s id %d\n", pdev->name, pdev->id);
+
+@@ -1076,7 +1062,11 @@ static int vhci_hcd_probe(struct platfor
+ * Allocate and initialize hcd.
+ * Our private data is also allocated automatically.
+ */
++#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,30)
+ hcd = usb_create_hcd(&vhci_hc_driver, &pdev->dev, pdev->dev.bus_id);
++#else
++ hcd = usb_create_hcd(&vhci_hc_driver, &pdev->dev, dev_name(&pdev->dev));
++#endif
+ if (!hcd) {
+ uerr("create hcd failed\n");
+ return -ENOMEM;
+--- a/drivers/head/vhci_sysfs.c
++++ b/drivers/head/vhci_sysfs.c
+@@ -123,7 +123,11 @@ static ssize_t show_status(struct device
+ out += sprintf(out, "%03u %08x ",
+ vdev->speed, vdev->devid);
+ out += sprintf(out, "%16p ", vdev->ud.tcp_socket);
++#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,30)
+ out += sprintf(out, "%s", vdev->udev->dev.bus_id);
++#else
++ out += sprintf(out, "%s", dev_name(&vdev->udev->dev));
++#endif
+
+ } else
+ out += sprintf(out, "000 000 000 0000000000000000 0-0");
+--- a/drivers/head/usbip_common.h
++++ b/drivers/head/usbip_common.h
+@@ -300,6 +300,7 @@ struct usbip_device;
+
+ struct usbip_task {
+ struct task_struct *thread;
++ struct completion thread_started;
+ struct completion thread_done;
+ char *name;
+ void (*loop_ops)(struct usbip_task *);
#
-# Copyright (C) 2006-2014 OpenWrt.org
+# Copyright (C) 2006-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(TOPDIR)/rules.mk
PKG_NAME:=xl2tpd
-PKG_VERSION:=1.3.7pre20141126
+PKG_VERSION:=1.3.7pre20150524
PKG_RELEASE:=1
PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=LICENSE
-PKG_RELEASE=$(PKG_SOURCE_VERSION)
-
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/xelerance/xl2tpd.git
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
TITLE:=An L2TP (Layer 2 Tunneling Protocol) daemon
URL:=http://www.xelerance.com/software/xl2tpd/
SUBMENU:=VPN
- DEPENDS:=+ppp-mod-pppol2tp +ip +resolveip
+ DEPENDS:=+ppp-mod-pppol2tp +resolveip
endef
define Package/xl2tpd/description
proto_config_add_string "server"
available=1
no_device=1
+ no_proto_task=1
}
proto_l2tp_setup() {
- local config="$1"
- local iface="$2"
- local optfile="/tmp/l2tp/options.${config}"
+ local interface="$1"
+ local optfile="/tmp/l2tp/options.${interface}"
local ip serv_addr server
json_get_var server server && {
for ip in $(resolveip -t 5 "$server"); do
- ( proto_add_host_dependency "$config" "$ip" )
+ ( proto_add_host_dependency "$interface" "$ip" )
serv_addr=1
done
}
[ -n "$serv_addr" ] || {
- echo "Could not resolve server address"
+ echo "Could not resolve server address" >&2
sleep 5
- proto_setup_failed "$config"
+ proto_setup_failed "$interface"
exit 1
}
if [ ! -p /var/run/xl2tpd/l2tp-control ]; then
/etc/init.d/xl2tpd start
+
+ local wait_timeout=0
+ while [ ! -p /var/run/xl2tpd/l2tp-control ]; do
+ wait_timeout=$(($wait_timeout + 1))
+ [ "$wait_timeout" -gt 5 ] && {
+ echo "Cannot find xl2tpd control file." >&2
+ proto_setup_failed "$interface"
+ exit 1
+ }
+ sleep 1
+ done
fi
+ local ipv6 demand keepalive username password pppd_options
json_get_vars ipv6 demand keepalive username password pppd_options
[ "$ipv6" = 1 ] || ipv6=""
if [ "${demand:-0}" -gt 0 ]; then
demand="persist"
fi
+ local mtu
[ -n "$mtu" ] || json_get_var mtu mtu
local interval="${keepalive##*[, ]}"
echo "usepeerdns" >> "${optfile}"
echo "nodefaultroute" >> "${optfile}"
echo "${username:+user \"$username\" password \"$password\"}" >> "${optfile}"
- echo "ipparam \"$config\"" >> "${optfile}"
- echo "ifname \"l2tp-$config\"" >> "${optfile}"
+ echo "ipparam \"$interface\"" >> "${optfile}"
+ echo "ifname \"l2tp-$interface\"" >> "${optfile}"
echo "ip-up-script /lib/netifd/ppp-up" >> "${optfile}"
echo "ipv6-up-script /lib/netifd/ppp-up" >> "${optfile}"
echo "ip-down-script /lib/netifd/ppp-down" >> "${optfile}"
echo "${ipv6:++ipv6} ${pppd_options}" >> "${optfile}"
echo "${mtu:+mtu $mtu mru $mtu}" >> "${optfile}"
- xl2tpd-control add l2tp-${config} pppoptfile=${optfile} lns=${server} redial=yes redial timeout=20
- xl2tpd-control connect l2tp-${config}
+ xl2tpd-control add l2tp-${interface} pppoptfile=${optfile} lns=${server} redial=yes redial timeout=20 || {
+ echo "xl2tpd-control: Add l2tp-$interface failed" >&2
+ proto_setup_failed "$interface"
+ exit 1
+ }
+ xl2tpd-control connect l2tp-${interface} || {
+ echo "xl2tpd-control: Connect l2tp-$interface failed" >&2
+ proto_setup_failed "$interface"
+ exit 1
+ }
}
proto_l2tp_teardown() {
local interface="$1"
local optfile="/tmp/l2tp/options.${interface}"
+ rm -f ${optfile}
case "$ERROR" in
11|19)
proto_notify_error "$interface" AUTH_FAILED
;;
esac
- xl2tpd-control disconnect l2tp-${interface}
+ if [ -p /var/run/xl2tpd/l2tp-control ]; then
+ xl2tpd-control remove l2tp-${interface} || {
+ echo "xl2tpd-control: Remove l2tp-$interface failed" >&2
+ }
+ fi
# Wait for interface to go down
while [ -d /sys/class/net/l2tp-${interface} ]; do
sleep 1
done
-
- xl2tpd-control remove l2tp-${interface}
- rm -f ${optfile}
}
[ -n "$INCLUDE_ONLY" ] || {
#!/bin/sh /etc/rc.common
-# Copyright (C) 2006-2010 OpenWrt.org
+# Copyright (C) 2006-2015 OpenWrt.org
START=60
+USE_PROCD=1
+
BIN=xl2tpd
-DEFAULT=/etc/default/$BIN
-RUN_D=/var/run
-PID_F=$RUN_D/$BIN.pid
+RUN_D="/var/run/xl2tpd"
+PID_F="/var/run/xl2tpd.pid"
+
+start_service() {
+ rm -rf "$RUN_D"
+ mkdir -p "$RUN_D"
-start() {
- mkdir -p $RUN_D/$BIN
- [ -f $DEFAULT ] && . $DEFAULT
- $BIN $OPTIONS
+ procd_open_instance
+ procd_set_param command $BIN -D -l -p "$PID_F"
+ procd_close_instance
}
-stop() {
- [ -f $PID_F ] && kill $(cat $PID_F)
+stop_service() {
+ rm -rf "$RUN_D"
+ rm -rf "$PID_F"
}
--- /dev/null
+From 7973d45a0e1716ddc6bfb6caf600f826f59a7932 Mon Sep 17 00:00:00 2001
+From: Yousong Zhou <yszhou4tech@gmail.com>
+Date: Tue, 28 Apr 2015 21:26:15 +0800
+Subject: [PATCH 200/210] xl2tpd-control: check end-of-file when reading pipe
+ to avoid dead loop.
+
+---
+ xl2tpd-control.c | 11 +++++++----
+ 1 file changed, 7 insertions(+), 4 deletions(-)
+
+diff --git a/xl2tpd-control.c b/xl2tpd-control.c
+index feafe10..e5904d8 100644
+--- a/xl2tpd-control.c
++++ b/xl2tpd-control.c
+@@ -306,17 +306,20 @@ int read_result(int result_fd, char* buf, ssize_t size)
+ /*FIXME: there is a chance to hang up reading.
+ Should I create watching thread with timeout?
+ */
+- ssize_t readed;
++ ssize_t readed = 0;
++ ssize_t len;
++
+ do
+ {
+- readed = read (result_fd, buf, size);
+- if (readed < 0)
++ len = read (result_fd, buf + readed, size - readed);
++ if (len < 0)
+ {
+ print_error (ERROR_LEVEL,
+ "error: can't read command result: %s\n", strerror (errno));
+ break;
+ }
+- } while (readed == 0);
++ readed += len;
++ } while (len > 0 && (size - readed) > 0);
+ buf[readed] = '\0';
+
+ /* scan result code */
+--
+1.7.10.4
+
+++ /dev/null
-From 8c5853b8e22f34bc1c1acba278f7850ab7946894 Mon Sep 17 00:00:00 2001
-From: Yousong Zhou <yszhou4tech@gmail.com>
-Date: Tue, 28 Apr 2015 21:26:15 +0800
-Subject: [PATCH 1/7] xl2tpd-control: check end-of-file when reading pipe to
- avoid dead loop.
-
----
- xl2tpd-control.c | 11 +++++++----
- 1 file changed, 7 insertions(+), 4 deletions(-)
-
---- a/xl2tpd-control.c
-+++ b/xl2tpd-control.c
-@@ -306,17 +306,20 @@ int read_result(int result_fd, char* buf
- /*FIXME: there is a chance to hang up reading.
- Should I create watching thread with timeout?
- */
-- ssize_t readed;
-+ ssize_t readed = 0;
-+ ssize_t len;
-+
- do
- {
-- readed = read (result_fd, buf, size);
-- if (readed < 0)
-+ len = read (result_fd, buf + readed, size - readed);
-+ if (len < 0)
- {
- print_error (ERROR_LEVEL,
- "error: can't read command result: %s\n", strerror (errno));
- break;
- }
-- } while (readed == 0);
-+ readed += len;
-+ } while (len > 0 && (size - readed) > 0);
- buf[readed] = '\0';
-
- /* scan result code */
--- /dev/null
+From efa0a18b5dfd827792b07acdcb35101229ccf612 Mon Sep 17 00:00:00 2001
+From: Yousong Zhou <yszhou4tech@gmail.com>
+Date: Wed, 29 Apr 2015 10:32:37 +0800
+Subject: [PATCH 201/210] xl2tpd-control: define _GNU_SOURCE to use fmemopen()
+ and friends.
+
+---
+ xl2tpd-control.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/xl2tpd-control.c b/xl2tpd-control.c
+index e5904d8..9b6235d 100644
+--- a/xl2tpd-control.c
++++ b/xl2tpd-control.c
+@@ -10,6 +10,8 @@
+ *
+ */
+
++#define _GNU_SOURCE
++
+ #include <stdio.h>
+ #include <string.h>
+ #include <stdarg.h>
+--
+1.7.10.4
+
+++ /dev/null
-From 76f444d284c0b0a351a488954e0d39b72a0ce211 Mon Sep 17 00:00:00 2001
-From: Yousong Zhou <yszhou4tech@gmail.com>
-Date: Wed, 29 Apr 2015 10:32:37 +0800
-Subject: [PATCH 2/7] xl2tpd-control: define _GNU_SOURCE to use fmemopen() and
- friends.
-
----
- xl2tpd-control.c | 2 ++
- 1 file changed, 2 insertions(+)
-
---- a/xl2tpd-control.c
-+++ b/xl2tpd-control.c
-@@ -10,6 +10,8 @@
- *
- */
-
-+#define _GNU_SOURCE
-+
- #include <stdio.h>
- #include <string.h>
- #include <stdarg.h>
--- /dev/null
+From fedfd6685e5f81f0460beb4c448a30e7a6cfbd31 Mon Sep 17 00:00:00 2001
+From: Yousong Zhou <yszhou4tech@gmail.com>
+Date: Wed, 29 Apr 2015 14:21:12 +0800
+Subject: [PATCH 202/210] xl2tpd-control: open control file with O_NONBLOCK.
+
+Otherwise xl2tpd-control would block indefinitely in case xl2tpd is
+not running.
+---
+ xl2tpd-control.c | 10 +++++++++-
+ 1 file changed, 9 insertions(+), 1 deletion(-)
+
+diff --git a/xl2tpd-control.c b/xl2tpd-control.c
+index 9b6235d..973ee87 100644
+--- a/xl2tpd-control.c
++++ b/xl2tpd-control.c
+@@ -246,7 +246,7 @@ int main (int argc, char *argv[])
+ print_error (DEBUG_LEVEL, "command to be passed:\n%s\n", buf);
+
+ /* try to open control file for writing */
+- int control_fd = open (control_filename, O_WRONLY, 0600);
++ int control_fd = open (control_filename, O_WRONLY | O_NONBLOCK, 0600);
+ if (control_fd < 0)
+ {
+ int errorno = errno;
+@@ -265,6 +265,14 @@ int main (int argc, char *argv[])
+ }
+ return -1;
+ }
++
++ /* turn off O_NONBLOCK */
++ if (fcntl (control_fd, F_SETFL, O_WRONLY) == -1) {
++ print_error (ERROR_LEVEL,
++ "Can not turn off nonblocking mode for control_fd: %s\n",
++ strerror(errno));
++ return -2;
++ }
+
+ /* pass command to control pipe */
+ if (write (control_fd, buf, ftell (mesf)) < 0)
+--
+1.7.10.4
+
--- /dev/null
+From 07e522cd7e223517389582a8eb647a4a6a8a5cf8 Mon Sep 17 00:00:00 2001
+From: Yousong Zhou <yszhou4tech@gmail.com>
+Date: Thu, 30 Apr 2015 13:53:11 +0800
+Subject: [PATCH 203/210] xl2tpd-control: cleaup result file atexit().
+
+---
+ xl2tpd-control.c | 21 ++++++++++++++-------
+ 1 file changed, 14 insertions(+), 7 deletions(-)
+
+diff --git a/xl2tpd-control.c b/xl2tpd-control.c
+index 973ee87..abc0324 100644
+--- a/xl2tpd-control.c
++++ b/xl2tpd-control.c
+@@ -12,6 +12,7 @@
+
+ #define _GNU_SOURCE
+
++#include <stdlib.h>
+ #include <stdio.h>
+ #include <string.h>
+ #include <stdarg.h>
+@@ -35,6 +36,9 @@
+ #define TUNNEL_REQUIRED 1
+ #define TUNNEL_NOT_REQUIRED 0
+
++char result_filename[128];
++int result_fd = -1;
++
+ int log_level = ERROR_LEVEL;
+
+ void print_error (int level, const char *fmt, ...);
+@@ -117,6 +121,14 @@ void help()
+ );
+ }
+
++void cleanup(void)
++{
++ /* cleaning up */
++ if (result_fd >= 0)
++ close (result_fd);
++ unlink (result_filename);
++}
++
+ int main (int argc, char *argv[])
+ {
+ char* control_filename = NULL;
+@@ -195,11 +207,11 @@ int main (int argc, char *argv[])
+ FILE* mesf = fmemopen (buf, CONTROL_PIPE_MESSAGE_SIZE, "w");
+
+ /* create result pipe for reading */
+- char result_filename[128];
+ snprintf (result_filename, 128, RESULT_FILENAME_FORMAT, getpid());
+ unlink (result_filename);
+ mkfifo (result_filename, 0600);
+- int result_fd = open (result_filename, O_RDONLY | O_NONBLOCK, 0600);
++ atexit(cleanup);
++ result_fd = open (result_filename, O_RDONLY | O_NONBLOCK, 0600);
+ if (result_fd < 0)
+ {
+ print_error (ERROR_LEVEL,
+@@ -293,11 +305,6 @@ int main (int argc, char *argv[])
+ );
+ printf ("%s", rbuf);
+
+- /* cleaning up */
+-
+- close (result_fd);
+- unlink (result_filename);
+-
+ return command_result_code;
+ }
+
+--
+1.7.10.4
+
+++ /dev/null
-From f7cfd36b8a93afd326c0d9378e99576c616bd3fc Mon Sep 17 00:00:00 2001
-From: Yousong Zhou <yszhou4tech@gmail.com>
-Date: Wed, 29 Apr 2015 14:21:12 +0800
-Subject: [PATCH 3/7] xl2tpd-control: open control file with O_NONBLOCK.
-
-Otherwise xl2tpd-control would block indefinitely in case xl2tpd is
-not running.
----
- xl2tpd-control.c | 10 +++++++++-
- 1 file changed, 9 insertions(+), 1 deletion(-)
-
---- a/xl2tpd-control.c
-+++ b/xl2tpd-control.c
-@@ -246,7 +246,7 @@ int main (int argc, char *argv[])
- print_error (DEBUG_LEVEL, "command to be passed:\n%s\n", buf);
-
- /* try to open control file for writing */
-- int control_fd = open (control_filename, O_WRONLY, 0600);
-+ int control_fd = open (control_filename, O_WRONLY | O_NONBLOCK, 0600);
- if (control_fd < 0)
- {
- int errorno = errno;
-@@ -265,6 +265,14 @@ int main (int argc, char *argv[])
- }
- return -1;
- }
-+
-+ /* turn off O_NONBLOCK */
-+ if (fcntl (control_fd, F_SETFL, O_WRONLY) == -1) {
-+ print_error (ERROR_LEVEL,
-+ "Can not turn off nonblocking mode for control_fd: %s\n",
-+ strerror(errno));
-+ return -2;
-+ }
-
- /* pass command to control pipe */
- if (write (control_fd, buf, ftell (mesf)) < 0)
+++ /dev/null
-From 7a343f7b79b70a8e7e04b2bd465d344ad0ef4c49 Mon Sep 17 00:00:00 2001
-From: Yousong Zhou <yszhou4tech@gmail.com>
-Date: Wed, 29 Apr 2015 16:30:17 +0800
-Subject: [PATCH 4/7] start_pppd: place opts after "plugin pppol2tp.so".
-
-so that plugin options like pppol2tp_debug_mark can be recognized by pppd.
----
- xl2tpd.c | 21 ++++++++++-----------
- 1 file changed, 10 insertions(+), 11 deletions(-)
-
---- a/xl2tpd.c
-+++ b/xl2tpd.c
-@@ -382,7 +382,6 @@ int start_pppd (struct call *c, struct p
- /* char a, b; */
- char tty[512];
- char *stropt[80];
-- struct ppp_opts *p;
- #ifdef USE_KERNEL
- struct sockaddr_pppol2tp sax;
- int flags;
-@@ -396,16 +395,7 @@ int start_pppd (struct call *c, struct p
- struct call *sc;
- struct tunnel *st;
-
-- p = opts;
- stropt[0] = strdup (PPPD);
-- while (p)
-- {
-- stropt[pos] = (char *) malloc (strlen (p->option) + 1);
-- strncpy (stropt[pos], p->option, strlen (p->option) + 1);
-- pos++;
-- p = p->next;
-- }
-- stropt[pos] = NULL;
- if (c->pppd > 0)
- {
- l2tp_log(LOG_WARNING, "%s: PPP already started on call!\n", __FUNCTION__);
-@@ -467,7 +457,6 @@ int start_pppd (struct call *c, struct p
- snprintf (stropt[pos], 10, "%d", c->ourcid);
- pos++;
- }
-- stropt[pos] = NULL;
- }
- else
- #endif
-@@ -497,6 +486,16 @@ int start_pppd (struct call *c, struct p
- return -EINVAL;
- }
- stropt[pos++] = strdup(tty);
-+ }
-+
-+ {
-+ struct ppp_opts *p = opts;
-+ while (p)
-+ {
-+ stropt[pos] = strdup (p->option);
-+ pos++;
-+ p = p->next;
-+ }
- stropt[pos] = NULL;
- }
-
--- /dev/null
+From f6eaaabb0b2fab12cf597b8c1d12d470a13e581f Mon Sep 17 00:00:00 2001
+From: Yousong Zhou <yszhou4tech@gmail.com>
+Date: Thu, 14 May 2015 14:58:10 +0800
+Subject: [PATCH 204/210] xl2tpd-control: enhance output of print_error().
+
+ - Add prefix "xl2tpd-control: " to print_error() output.
+ - Output response from xl2tpd only when -d is enabled as result of
+ control command can be retrieved from exit code.
+ - Remove some redundant and not that useful verbose output.
+---
+ xl2tpd-control.c | 10 ++++------
+ 1 file changed, 4 insertions(+), 6 deletions(-)
+
+diff --git a/xl2tpd-control.c b/xl2tpd-control.c
+index abc0324..6b08850 100644
+--- a/xl2tpd-control.c
++++ b/xl2tpd-control.c
+@@ -164,7 +164,6 @@ int main (int argc, char *argv[])
+ {
+ control_filename = strdup (CONTROL_PIPE);
+ }
+- print_error (DEBUG_LEVEL, "set control filename to %s\n", control_filename);
+
+ /* parse command name */
+ for (command = commands; command->name; command++)
+@@ -176,10 +175,7 @@ int main (int argc, char *argv[])
+ }
+ }
+
+- if (command->name)
+- {
+- print_error (DEBUG_LEVEL, "get command %s\n", command->name);
+- } else {
++ if (!command->name) {
+ print_error (ERROR_LEVEL, "error: no such command %s\n", argv[i]);
+ return -1;
+ }
+@@ -303,7 +299,8 @@ int main (int argc, char *argv[])
+ int command_result_code = read_result (
+ result_fd, rbuf, CONTROL_PIPE_MESSAGE_SIZE
+ );
+- printf ("%s", rbuf);
++ /* rbuf contains a newline, make it double to form a boundary. */
++ print_error (DEBUG_LEVEL, "command response: \n%s\n", rbuf);
+
+ return command_result_code;
+ }
+@@ -313,6 +310,7 @@ void print_error (int level, const char *fmt, ...)
+ if (level > log_level) return;
+ va_list args;
+ va_start (args, fmt);
++ fprintf (stderr, "xl2tpd-control: ");
+ vfprintf (stderr, fmt, args);
+ va_end (args);
+ }
+--
+1.7.10.4
+
+++ /dev/null
-From d4a484db1684cce15966bb722644416f90253ea7 Mon Sep 17 00:00:00 2001
-From: Yousong Zhou <yszhou4tech@gmail.com>
-Date: Thu, 30 Apr 2015 13:53:11 +0800
-Subject: [PATCH 5/7] xl2tpd-control: cleaup result file atexit().
-
----
- xl2tpd-control.c | 20 +++++++++++++-------
- 1 file changed, 13 insertions(+), 7 deletions(-)
-
---- a/xl2tpd-control.c
-+++ b/xl2tpd-control.c
-@@ -35,6 +35,9 @@
- #define TUNNEL_REQUIRED 1
- #define TUNNEL_NOT_REQUIRED 0
-
-+char result_filename[128];
-+int result_fd = -1;
-+
- int log_level = ERROR_LEVEL;
-
- void print_error (int level, const char *fmt, ...);
-@@ -117,6 +120,14 @@ void help()
- );
- }
-
-+void cleanup(void)
-+{
-+ /* cleaning up */
-+ if (result_fd >= 0)
-+ close (result_fd);
-+ unlink (result_filename);
-+}
-+
- int main (int argc, char *argv[])
- {
- char* control_filename = NULL;
-@@ -195,11 +206,11 @@ int main (int argc, char *argv[])
- FILE* mesf = fmemopen (buf, CONTROL_PIPE_MESSAGE_SIZE, "w");
-
- /* create result pipe for reading */
-- char result_filename[128];
- snprintf (result_filename, 128, RESULT_FILENAME_FORMAT, getpid());
- unlink (result_filename);
- mkfifo (result_filename, 0600);
-- int result_fd = open (result_filename, O_RDONLY | O_NONBLOCK, 0600);
-+ atexit(cleanup);
-+ result_fd = open (result_filename, O_RDONLY | O_NONBLOCK, 0600);
- if (result_fd < 0)
- {
- print_error (ERROR_LEVEL,
-@@ -293,11 +304,6 @@ int main (int argc, char *argv[])
- );
- printf ("%s", rbuf);
-
-- /* cleaning up */
--
-- close (result_fd);
-- unlink (result_filename);
--
- return command_result_code;
- }
-
--- /dev/null
+From 1c148f6645f43bf5abd8a9b8f0708a598b357d97 Mon Sep 17 00:00:00 2001
+From: Yousong Zhou <yszhou4tech@gmail.com>
+Date: Thu, 14 May 2015 19:56:39 +0800
+Subject: [PATCH 205/210] xl2tpd: fix typo in reporting available lns count.
+
+---
+ xl2tpd.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/xl2tpd.c b/xl2tpd.c
+index c9b7579..6c945fc 100644
+--- a/xl2tpd.c
++++ b/xl2tpd.c
+@@ -1039,7 +1039,7 @@ int control_handle_available(FILE* resf, char* bufp){
+ lns_count++;
+ }
+
+- write_res (resf, "%02i AVAILABLE lns.cout=%d\n", 0, lns_count);
++ write_res (resf, "%02i AVAILABLE lns.count=%d\n", 0, lns_count);
+
+ lac = laclist;
+ int lac_count = 0;
+@@ -1053,7 +1053,7 @@ int control_handle_available(FILE* resf, char* bufp){
+ if(deflac){
+ write_res (resf, "%02i AVAILABLE lac.%d.name=%s\n", 0, lac_count, deflac->entname);
+ lac_count++;
+- }
++ }
+
+ write_res (resf, "%02i AVAILABLE lac.count=%d\n", 0, lac_count);
+ return 1;
+--
+1.7.10.4
+
+++ /dev/null
-From 1e8b82388578a622c5caf8fa04c238fdd7808ecc Mon Sep 17 00:00:00 2001
-From: Yousong Zhou <yszhou4tech@gmail.com>
-Date: Thu, 30 Apr 2015 13:53:40 +0800
-Subject: [PATCH 6/7] xl2tpd: fix possible buffer overflow when filling
- stropt[].
-
----
- xl2tpd.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
---- a/xl2tpd.c
-+++ b/xl2tpd.c
-@@ -490,7 +490,8 @@ int start_pppd (struct call *c, struct p
-
- {
- struct ppp_opts *p = opts;
-- while (p)
-+ int maxn_opts = sizeof(stropt) / sizeof(stropt[0]) - 1;
-+ while (p && pos < maxn_opts)
- {
- stropt[pos] = strdup (p->option);
- pos++;
--- /dev/null
+From 18fdf802d31354c62a27cc5a63b196780a0d486e Mon Sep 17 00:00:00 2001
+From: Yousong Zhou <yszhou4tech@gmail.com>
+Date: Wed, 29 Apr 2015 16:30:17 +0800
+Subject: [PATCH 206/210] xl2tpd: start_pppd: place opts after "plugin
+ pppol2tp.so".
+
+so that plugin options like pppol2tp_debug_mark can be recognized by
+pppd. While doing this also add bound check to prevent potential buffer
+overflow problem.
+---
+ xl2tpd.c | 22 +++++++++++-----------
+ 1 file changed, 11 insertions(+), 11 deletions(-)
+
+diff --git a/xl2tpd.c b/xl2tpd.c
+index 6c945fc..017adfd 100644
+--- a/xl2tpd.c
++++ b/xl2tpd.c
+@@ -382,7 +382,6 @@ int start_pppd (struct call *c, struct ppp_opts *opts)
+ /* char a, b; */
+ char tty[512];
+ char *stropt[80];
+- struct ppp_opts *p;
+ #ifdef USE_KERNEL
+ struct sockaddr_pppol2tp sax;
+ int flags;
+@@ -396,16 +395,7 @@ int start_pppd (struct call *c, struct ppp_opts *opts)
+ struct call *sc;
+ struct tunnel *st;
+
+- p = opts;
+ stropt[0] = strdup (PPPD);
+- while (p)
+- {
+- stropt[pos] = (char *) malloc (strlen (p->option) + 1);
+- strncpy (stropt[pos], p->option, strlen (p->option) + 1);
+- pos++;
+- p = p->next;
+- }
+- stropt[pos] = NULL;
+ if (c->pppd > 0)
+ {
+ l2tp_log(LOG_WARNING, "%s: PPP already started on call!\n", __FUNCTION__);
+@@ -467,7 +457,6 @@ int start_pppd (struct call *c, struct ppp_opts *opts)
+ snprintf (stropt[pos], 10, "%d", c->ourcid);
+ pos++;
+ }
+- stropt[pos] = NULL;
+ }
+ else
+ #endif
+@@ -497,6 +486,17 @@ int start_pppd (struct call *c, struct ppp_opts *opts)
+ return -EINVAL;
+ }
+ stropt[pos++] = strdup(tty);
++ }
++
++ {
++ struct ppp_opts *p = opts;
++ int maxn_opts = sizeof(stropt) / sizeof(stropt[0]) - 1;
++ while (p && pos < maxn_opts)
++ {
++ stropt[pos] = strdup (p->option);
++ pos++;
++ p = p->next;
++ }
+ stropt[pos] = NULL;
+ }
+
+--
+1.7.10.4
+
+++ /dev/null
-From 44ced2bbf1d6b39bb36c3cb8be6e40c8764e2e8a Mon Sep 17 00:00:00 2001
-From: Yousong Zhou <yszhou4tech@gmail.com>
-Date: Thu, 30 Apr 2015 13:57:36 +0800
-Subject: [PATCH 7/7] l2tp_log: remove log prefix that will duplicate with
- procd.
-
----
- misc.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
---- a/misc.c
-+++ b/misc.c
-@@ -61,7 +61,7 @@ void l2tp_log (int level, const char *fm
- init_log();
- SYSLOG_CALL( syslog (level, "%s", buf) );
- } else {
-- fprintf(stderr, "xl2tpd[%d]: %s", getpid(), buf);
-+ fprintf(stderr, "%s", buf);
- }
- }
-
--- /dev/null
+From b3402a68a4d29e9b1ae4e012e39a7bcb14fea3cf Mon Sep 17 00:00:00 2001
+From: Yousong Zhou <yszhou4tech@gmail.com>
+Date: Thu, 30 Apr 2015 13:57:36 +0800
+Subject: [PATCH 207/210] xl2tpd: introduce new option -l for using syslog as
+ the logging facility.
+
+Defaults to old behaviour if no -l option was specified. Also update
+manual doc to reflect this change.
+---
+ doc/xl2tpd.8 | 5 +++++
+ file.h | 1 +
+ misc.c | 2 +-
+ xl2tpd.c | 13 ++++++++++++-
+ 4 files changed, 19 insertions(+), 2 deletions(-)
+
+diff --git a/doc/xl2tpd.8 b/doc/xl2tpd.8
+index 915b247..7afccac 100644
+--- a/doc/xl2tpd.8
++++ b/doc/xl2tpd.8
+@@ -20,6 +20,11 @@ This option prevents xl2tpd from detaching from the terminal and
+ daemonizing.
+
+ .TP
++.B -l
++This option tells xl2tpd to use syslog for logging even when \fB\-D\fR
++was specified.
++
++.TP
+ .B -c <config file>
+ Tells xl2tpd to use an alternate config file. Default is
+ /etc/xl2tpd/xl2tpd.conf. Fallback configuration file is
+diff --git a/file.h b/file.h
+index 89987ae..92df046 100644
+--- a/file.h
++++ b/file.h
+@@ -151,6 +151,7 @@ struct global
+ char pidfile[STRLEN]; /* File containing the pid number*/
+ char controlfile[STRLEN]; /* Control file name (named pipe) */
+ int daemon; /* Use daemon mode? */
++ int syslog; /* Use syslog for logging? */
+ int accesscontrol; /* Use access control? */
+ int forceuserspace; /* Force userspace? */
+ int packet_dump; /* Dump (print) all packets? */
+diff --git a/misc.c b/misc.c
+index 3092401..cccf4ca 100644
+--- a/misc.c
++++ b/misc.c
+@@ -57,7 +57,7 @@ void l2tp_log (int level, const char *fmt, ...)
+ vsnprintf (buf, sizeof (buf), fmt, args);
+ va_end (args);
+
+- if(gconfig.daemon) {
++ if(gconfig.syslog) {
+ init_log();
+ SYSLOG_CALL( syslog (level, "%s", buf) );
+ } else {
+diff --git a/xl2tpd.c b/xl2tpd.c
+index 017adfd..1937690 100644
+--- a/xl2tpd.c
++++ b/xl2tpd.c
+@@ -1594,7 +1594,7 @@ void do_control ()
+ void usage(void) {
+ printf("\nxl2tpd version: %s\n", SERVER_VERSION);
+ printf("Usage: xl2tpd [-c <config file>] [-s <secret file>] [-p <pid file>]\n"
+- " [-C <control file>] [-D]\n"
++ " [-C <control file>] [-D] [-l]\n"
+ " [-v, --version]\n");
+ printf("\n");
+ exit(1);
+@@ -1605,6 +1605,7 @@ void init_args(int argc, char *argv[])
+ int i=0;
+
+ gconfig.daemon=1;
++ gconfig.syslog=-1;
+ memset(gconfig.altauthfile,0,STRLEN);
+ memset(gconfig.altconfigfile,0,STRLEN);
+ memset(gconfig.authfile,0,STRLEN);
+@@ -1642,6 +1643,9 @@ void init_args(int argc, char *argv[])
+ else if (! strncmp(argv[i],"-D",2)) {
+ gconfig.daemon=0;
+ }
++ else if (! strncmp(argv[i],"-l",2)) {
++ gconfig.syslog=1;
++ }
+ else if (! strncmp(argv[i],"-s",2)) {
+ if(++i == argc)
+ usage();
+@@ -1667,6 +1671,13 @@ void init_args(int argc, char *argv[])
+ usage();
+ }
+ }
++
++ /*
++ * defaults to syslog if no log facility was explicitly
++ * specified and we are about to daemonize
++ */
++ if (gconfig.syslog < 0)
++ gconfig.syslog = gconfig.daemon;
+ }
+
+
+--
+1.7.10.4
+
--- /dev/null
+From a2b163a65a2d4fbca57c3aa82b526cf8fbc8e449 Mon Sep 17 00:00:00 2001
+From: Yousong Zhou <yszhou4tech@gmail.com>
+Date: Fri, 15 May 2015 10:56:23 +0800
+Subject: [PATCH 208/210] xl2tpd: unlink result file to prevent leftover a
+ regular file.
+
+---
+ xl2tpd.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/xl2tpd.c b/xl2tpd.c
+index 1937690..c11fe66 100644
+--- a/xl2tpd.c
++++ b/xl2tpd.c
+@@ -1582,6 +1582,8 @@ void do_control ()
+ if (resf)
+ {
+ fclose (resf);
++ /* unlink it anyway to prevent leftover a regular file. */
++ unlink(res_filename);
+ }
+ }
+
+--
+1.7.10.4
+
--- /dev/null
+From 2d0eff7f56936823d784425d2171be295ba11027 Mon Sep 17 00:00:00 2001
+From: Yousong Zhou <yszhou4tech@gmail.com>
+Date: Fri, 15 May 2015 15:55:10 +0800
+Subject: [PATCH 209/210] xl2tpd: ignore SIGPIPE signal.
+
+---
+ xl2tpd.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/xl2tpd.c b/xl2tpd.c
+index c11fe66..58ed868 100644
+--- a/xl2tpd.c
++++ b/xl2tpd.c
+@@ -1551,7 +1551,6 @@ void do_control ()
+ /*FIXME: check quotes to allow filenames with spaces?
+ (do not forget quotes escaping to allow filenames with quotes)*/
+
+- /*FIXME: write to res_filename may cause SIGPIPE, need to catch it*/
+ resf = fopen (res_filename, "w");
+ if (!resf) {
+ l2tp_log (LOG_DEBUG, "%s: Can't open result file %s\n",
+@@ -1811,6 +1810,7 @@ void init (int argc,char *argv[])
+ signal (SIGCHLD, &sigchld_handler);
+ signal (SIGUSR1, &sigusr1_handler);
+ signal (SIGHUP, &sighup_handler);
++ signal (SIGPIPE, SIG_IGN);
+ init_scheduler ();
+
+ unlink(gconfig.controlfile);
+--
+1.7.10.4
+
--- /dev/null
+From 26b77b7cdc70beddc68507f74372a4e2815720f0 Mon Sep 17 00:00:00 2001
+From: Yousong Zhou <yszhou4tech@gmail.com>
+Date: Sun, 17 May 2015 10:53:44 +0800
+Subject: [PATCH 210/210] xl2tpd-control: show all available commands in
+ --help.
+
+---
+ xl2tpd-control.c | 63 ++++++++++++++++++++++++++++++++++++++----------------
+ 1 file changed, 44 insertions(+), 19 deletions(-)
+
+diff --git a/xl2tpd-control.c b/xl2tpd-control.c
+index 6b08850..b98ff24 100644
+--- a/xl2tpd-control.c
++++ b/xl2tpd-control.c
+@@ -51,6 +51,7 @@ struct command_t
+ char *name;
+ int (*handler) (FILE*, char* tunnel, int optc, char *optv[]);
+ int requires_tunnel;
++ char *help;
+ };
+
+ int command_add_lac (FILE*, char* tunnel, int optc, char *optv[]);
+@@ -65,13 +66,29 @@ int command_available (FILE*, char* tunnel, int optc, char *optv[]);
+
+ struct command_t commands[] = {
+ /* Keep this command mapping for backwards compat */
+- {"add", &command_add_lac, TUNNEL_REQUIRED},
+- {"connect", &command_connect_lac, TUNNEL_REQUIRED},
+- {"disconnect", &command_disconnect_lac, TUNNEL_REQUIRED},
+- {"remove", &command_remove_lac, TUNNEL_REQUIRED},
++ {"add", &command_add_lac, TUNNEL_REQUIRED,
++ "\tadd\tadds new or modify existing lac configuration.\n"
++ "\t\tConfiguration must be specified as command options in\n"
++ "\t\t<key>=<value> pairs format.\n"
++ "\t\tSee available options in xl2tpd.conf(5)\n"
++ },
++ {"connect", &command_connect_lac, TUNNEL_REQUIRED,
++ "\tconnect\ttries to activate the tunnel.\n"
++ "\t\tUsername and secret for the tunnel can be passed as\n"
++ "\t\tcommand options.\n"
++ },
++ {"disconnect", &command_disconnect_lac, TUNNEL_REQUIRED,
++ "\tdisconnect\tdisconnects the tunnel.\n"
++ },
++ {"remove", &command_remove_lac, TUNNEL_REQUIRED,
++ "\tremove\tremoves lac configuration from xl2tpd.\n"
++ "\t\txl2tpd disconnects the tunnel before removing.\n"
++ },
+
+ /* LAC commands */
+- {"add-lac", &command_add_lac, TUNNEL_REQUIRED},
++ {"add-lac", &command_add_lac, TUNNEL_REQUIRED,
++ "\tadd-lns\tadds new or modify existing lns configuration.\n"
++ },
+ {"connect-lac", &command_connect_lac, TUNNEL_REQUIRED},
+ {"disconnect-lac", &command_disconnect_lac, TUNNEL_REQUIRED},
+ {"remove-lac", &command_remove_lac, TUNNEL_REQUIRED},
+@@ -89,36 +106,44 @@ struct command_t commands[] = {
+
+ void usage()
+ {
++ int i;
++
+ printf ("\nxl2tpd server version %s\n", SERVER_VERSION);
+ printf ("Usage: xl2tpd-control [-c <PATH>] <command> <tunnel name> [<COMMAND OPTIONS>]\n"
+ "\n"
+ " -c\tspecifies xl2tpd control file\n"
+ " -d\tspecify xl2tpd-control to run in debug mode\n"
+ "--help\tshows extended help\n"
+- "Available commands: add, connect, disconnect, remove, add-lns\n"
+ );
++
++ printf ("Available commands: ");
++ for (i = 0; commands[i].name; i++) {
++ struct command_t *command = &commands[i];
++ int last = command[1].name == NULL;
++
++ printf ("%s%s", command->name, !last ? ", " : "\n");
++ }
+ }
+
+ void help()
+ {
++ int i;
++
+ usage();
+ printf (
+ "\n"
+ "Commands help:\n"
+- "\tadd\tadds new or modify existing lac configuration.\n"
+- "\t\tConfiguration must be specified as command options in\n"
+- "\t\t<key>=<value> pairs format.\n"
+- "\t\tSee available options in xl2tpd.conf(5)\n"
+- "\tconnect\ttries to activate the tunnel.\n"
+- "\t\tUsername and secret for the tunnel can be passed as\n"
+- "\t\tcommand options.\n"
+- "\tdisconnect\tdisconnects the tunnel.\n"
+- "\tremove\tremoves lac configuration from xl2tpd.\n"
+- "\t\txl2tpd disconnects the tunnel before removing.\n"
+- "\n"
+- "\tadd-lns\tadds new or modify existing lns configuration.\n"
+- "See xl2tpd-control man page for more help\n"
+ );
++
++ for (i = 0; commands[i].name; i++) {
++ struct command_t *command = &commands[i];
++
++ if (!command->help)
++ continue;
++ printf ("%s", command->help);
++ }
++ /*FIXME Ha! there is currently no manpage for xl2tpd-control */
++ printf ("See xl2tpd-control man page for more help\n");
+ }
+
+ void cleanup(void)
+--
+1.7.10.4
+
+++ /dev/null
-Index: xl2tpd-1.3.7pre20141126/xl2tpd-control.c
-===================================================================
---- xl2tpd-1.3.7pre20141126.orig/xl2tpd-control.c
-+++ xl2tpd-1.3.7pre20141126/xl2tpd-control.c
-@@ -12,6 +12,7 @@
-
- #define _GNU_SOURCE
-
-+#include <stdlib.h>
- #include <stdio.h>
- #include <string.h>
- #include <stdarg.h>
#
-# Copyright (C) 2007-2014 OpenWrt.org
+# Copyright (C) 2007-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
BASE_VERSION:=4.3
PKG_NAME:=bash
-PKG_VERSION:=$(BASE_VERSION).33
+PKG_VERSION:=$(BASE_VERSION).39
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(BASE_VERSION).tar.gz
--- a/execute_cmd.c
+++ b/execute_cmd.c
-@@ -2409,7 +2409,16 @@ execute_pipeline (command, asynchronous,
+@@ -2413,7 +2413,16 @@ execute_pipeline (command, asynchronous,
#endif
lstdin = wait_for (lastpid);
#if defined (JOB_CONTROL)
--- /dev/null
+ BASH PATCH REPORT
+ =================
+
+Bash-Release: 4.3
+Patch-ID: bash43-034
+
+Bug-Reported-by: Dreamcat4 <dreamcat4@gmail.com>
+Bug-Reference-ID: <CAN39uTpAEs2GFu4ebC_SfSVMRTh-DJ9YanrY4BZZ3OO+CCHjng@mail.gmail.com>
+Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2015-05/msg00001.html
+
+Bug-Description:
+
+If neither the -f nor -v options is supplied to unset, and a name argument is
+found to be a function and unset, subsequent name arguments are not treated as
+variables before attempting to unset a function by that name.
+
+Patch (apply with `patch -p0'):
+
+--- a/builtins/set.def
++++ b/builtins/set.def
+@@ -751,9 +751,11 @@ unset_builtin (list)
+ WORD_LIST *list;
+ {
+ int unset_function, unset_variable, unset_array, opt, nameref, any_failed;
++ int global_unset_func, global_unset_var;
+ char *name;
+
+ unset_function = unset_variable = unset_array = nameref = any_failed = 0;
++ global_unset_func = global_unset_var = 0;
+
+ reset_internal_getopt ();
+ while ((opt = internal_getopt (list, "fnv")) != -1)
+@@ -761,10 +763,10 @@ unset_builtin (list)
+ switch (opt)
+ {
+ case 'f':
+- unset_function = 1;
++ global_unset_func = 1;
+ break;
+ case 'v':
+- unset_variable = 1;
++ global_unset_var = 1;
+ break;
+ case 'n':
+ nameref = 1;
+@@ -777,7 +779,7 @@ unset_builtin (list)
+
+ list = loptend;
+
+- if (unset_function && unset_variable)
++ if (global_unset_func && global_unset_var)
+ {
+ builtin_error (_("cannot simultaneously unset a function and a variable"));
+ return (EXECUTION_FAILURE);
+@@ -795,6 +797,9 @@ unset_builtin (list)
+
+ name = list->word->word;
+
++ unset_function = global_unset_func;
++ unset_variable = global_unset_var;
++
+ #if defined (ARRAY_VARS)
+ unset_array = 0;
+ if (!unset_function && valid_array_reference (name))
+--- a/patchlevel.h
++++ b/patchlevel.h
+@@ -25,6 +25,6 @@
+ regexp `^#define[ ]*PATCHLEVEL', since that's what support/mkversion.sh
+ looks for to find the patch level (for the sccs version string). */
+
+-#define PATCHLEVEL 33
++#define PATCHLEVEL 34
+
+ #endif /* _PATCHLEVEL_H_ */
--- /dev/null
+ BASH PATCH REPORT
+ =================
+
+Bash-Release: 4.3
+Patch-ID: bash43-035
+
+Bug-Reported-by: <romerox.adrian@gmail.com>
+Bug-Reference-ID: <CABV5r3zhPXmSKUe9uedeGc5YFBM2njJ1iVmY2h5neWdQpDBQug@mail.gmail.com>
+Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-08/msg00045.html
+
+Bug-Description:
+
+A locale with a long name can trigger a buffer overflow and core dump. This
+applies on systems that do not have locale_charset in libc, are not using
+GNU libiconv, and are not using the libintl that ships with bash in lib/intl.
+
+Patch (apply with `patch -p0'):
+
+--- a/lib/sh/unicode.c
++++ b/lib/sh/unicode.c
+@@ -78,13 +78,15 @@ stub_charset ()
+ s = strrchr (locale, '.');
+ if (s)
+ {
+- strcpy (charsetbuf, s+1);
++ strncpy (charsetbuf, s+1, sizeof (charsetbuf) - 1);
++ charsetbuf[sizeof (charsetbuf) - 1] = '\0';
+ t = strchr (charsetbuf, '@');
+ if (t)
+ *t = 0;
+ return charsetbuf;
+ }
+- strcpy (charsetbuf, locale);
++ strncpy (charsetbuf, locale, sizeof (charsetbuf) - 1);
++ charsetbuf[sizeof (charsetbuf) - 1] = '\0';
+ return charsetbuf;
+ }
+ #endif
+--- a/patchlevel.h
++++ b/patchlevel.h
+@@ -25,6 +25,6 @@
+ regexp `^#define[ ]*PATCHLEVEL', since that's what support/mkversion.sh
+ looks for to find the patch level (for the sccs version string). */
+
+-#define PATCHLEVEL 34
++#define PATCHLEVEL 35
+
+ #endif /* _PATCHLEVEL_H_ */
--- /dev/null
+ BASH PATCH REPORT
+ =================
+
+Bash-Release: 4.3
+Patch-ID: bash43-036
+
+Bug-Reported-by: emanuelczirai@cryptolab.net
+Bug-Reference-ID: <f962e4f556da5ebfadaf7afe9c78a8cb@cryptolab.net>
+Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2015-02/msg00071.html
+
+Bug-Description:
+
+When evaluating and setting integer variables, and the assignment fails to
+create a variable (for example, when performing an operation on an array
+variable with an invalid subscript), bash attempts to dereference a null
+pointer, causing a segmentation violation.
+
+Patch (apply with `patch -p0'):
+
+--- a/variables.c
++++ b/variables.c
+@@ -2833,10 +2833,12 @@ bind_int_variable (lhs, rhs)
+ #endif
+ v = bind_variable (lhs, rhs, 0);
+
+- if (v && isint)
+- VSETATTR (v, att_integer);
+-
+- VUNSETATTR (v, att_invisible);
++ if (v)
++ {
++ if (isint)
++ VSETATTR (v, att_integer);
++ VUNSETATTR (v, att_invisible);
++ }
+
+ return (v);
+ }
+--- a/patchlevel.h
++++ b/patchlevel.h
+@@ -25,6 +25,6 @@
+ regexp `^#define[ ]*PATCHLEVEL', since that's what support/mkversion.sh
+ looks for to find the patch level (for the sccs version string). */
+
+-#define PATCHLEVEL 35
++#define PATCHLEVEL 36
+
+ #endif /* _PATCHLEVEL_H_ */
--- /dev/null
+ BASH PATCH REPORT
+ =================
+
+Bash-Release: 4.3
+Patch-ID: bash43-037
+
+Bug-Reported-by: Greg Wooledge <wooledg@eeg.ccf.org>
+Bug-Reference-ID: <20150204144240.GN13956@eeg.ccf.org>
+Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2015-02/msg00007.html
+
+Bug-Description:
+
+If an associative array uses `@' or `*' as a subscript, `declare -p' produces
+output that cannot be reused as input.
+
+Patch (apply with `patch -p0'):
+
+--- a/assoc.c
++++ b/assoc.c
+@@ -436,6 +436,8 @@ assoc_to_assign (hash, quoted)
+ #if 1
+ if (sh_contains_shell_metas (tlist->key))
+ istr = sh_double_quote (tlist->key);
++ else if (ALL_ELEMENT_SUB (tlist->key[0]) && tlist->key[1] == '\0')
++ istr = sh_double_quote (tlist->key);
+ else
+ istr = tlist->key;
+ #else
+--- a/patchlevel.h
++++ b/patchlevel.h
+@@ -25,6 +25,6 @@
+ regexp `^#define[ ]*PATCHLEVEL', since that's what support/mkversion.sh
+ looks for to find the patch level (for the sccs version string). */
+
+-#define PATCHLEVEL 36
++#define PATCHLEVEL 37
+
+ #endif /* _PATCHLEVEL_H_ */
--- /dev/null
+ BASH PATCH REPORT
+ =================
+
+Bash-Release: 4.3
+Patch-ID: bash43-038
+
+Bug-Reported-by: worley@alum.mit.edu (Dale R. Worley)
+Bug-Reference-ID: <201406100051.s5A0pCeB014978@hobgoblin.ariadne.com>
+Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-06/msg00028.html
+
+Bug-Description:
+
+There are a number of instances where `time' is not recognized as a reserved
+word when the shell grammar says it should be.
+
+Patch (apply with `patch -p0'):
+
+--- a/parse.y
++++ b/parse.y
+@@ -2818,11 +2818,16 @@ time_command_acceptable ()
+ case AND_AND:
+ case OR_OR:
+ case '&':
++ case WHILE:
+ case DO:
++ case UNTIL:
++ case IF:
+ case THEN:
++ case ELIF:
+ case ELSE:
+ case '{': /* } */
+- case '(': /* ) */
++ case '(': /* )( */
++ case ')': /* only valid in case statement */
+ case BANG: /* ! time pipeline */
+ case TIME: /* time time pipeline */
+ case TIMEOPT: /* time -p time pipeline */
+--- a/y.tab.c
++++ b/y.tab.c
+@@ -5130,11 +5130,16 @@ time_command_acceptable ()
+ case AND_AND:
+ case OR_OR:
+ case '&':
++ case WHILE:
+ case DO:
++ case UNTIL:
++ case IF:
+ case THEN:
++ case ELIF:
+ case ELSE:
+ case '{': /* } */
+- case '(': /* ) */
++ case '(': /* )( */
++ case ')': /* only valid in case statement */
+ case BANG: /* ! time pipeline */
+ case TIME: /* time time pipeline */
+ case TIMEOPT: /* time -p time pipeline */
+--- a/patchlevel.h
++++ b/patchlevel.h
+@@ -25,6 +25,6 @@
+ regexp `^#define[ ]*PATCHLEVEL', since that's what support/mkversion.sh
+ looks for to find the patch level (for the sccs version string). */
+
+-#define PATCHLEVEL 37
++#define PATCHLEVEL 38
+
+ #endif /* _PATCHLEVEL_H_ */
--- /dev/null
+ BASH PATCH REPORT
+ =================
+
+Bash-Release: 4.3
+Patch-ID: bash43-039
+
+Bug-Reported-by: SN <poczta-sn@gazeta.pl>
+Bug-Reference-ID: <54E2554C.205@gazeta.pl>
+Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2015-02/msg00060.html
+
+Bug-Description:
+
+Using the output of `declare -p' when run in a function can result in variables
+that are invisible to `declare -p'. This problem occurs when an assignment
+builtin such as `declare' receives a quoted compound array assignment as one of
+its arguments.
+
+Patch (apply with `patch -p0'):
+
+--- a/arrayfunc.c
++++ b/arrayfunc.c
+@@ -404,6 +404,9 @@ assign_array_var_from_word_list (var, li
+ (*var->assign_func) (var, l->word->word, i, 0);
+ else
+ array_insert (a, i, l->word->word);
++
++ VUNSETATTR (var, att_invisible); /* no longer invisible */
++
+ return var;
+ }
+
+@@ -634,6 +637,10 @@ assign_array_var_from_string (var, value
+
+ if (nlist)
+ dispose_words (nlist);
++
++ if (var)
++ VUNSETATTR (var, att_invisible); /* no longer invisible */
++
+ return (var);
+ }
+
+--- a/patchlevel.h
++++ b/patchlevel.h
+@@ -25,6 +25,6 @@
+ regexp `^#define[ ]*PATCHLEVEL', since that's what support/mkversion.sh
+ looks for to find the patch level (for the sccs version string). */
+
+-#define PATCHLEVEL 38
++#define PATCHLEVEL 39
+
+ #endif /* _PATCHLEVEL_H_ */
include $(TOPDIR)/rules.mk
PKG_NAME:=LVM2
-PKG_VERSION:=2.02.119
-PKG_RELEASE:=2
+PKG_VERSION:=2.02.120
+PKG_RELEASE:=1
PKG_LICENSE:=GPL-2.0 LGPL-2.1
PKG_SOURCE:=$(PKG_NAME).$(PKG_VERSION).tgz
PKG_SOURCE_URL:=ftp://sources.redhat.com/pub/lvm2
-PKG_MD5SUM:=93d15d76ab78fbcec4721c4b44284bbb
+PKG_MD5SUM:=326df8542d3a2376da907e98a0888ccf
PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME).$(PKG_VERSION)
-Index: LVM2.2.02.118/lib/commands/toolcontext.c
+Index: LVM2.2.02.120/lib/commands/toolcontext.c
===================================================================
---- LVM2.2.02.118.orig/lib/commands/toolcontext.c
-+++ LVM2.2.02.118/lib/commands/toolcontext.c
-@@ -1625,8 +1625,10 @@ struct cmd_context *create_toolcontext(u
+--- LVM2.2.02.120.orig/lib/commands/toolcontext.c
++++ LVM2.2.02.120/lib/commands/toolcontext.c
+@@ -1637,8 +1637,10 @@ struct cmd_context *create_toolcontext(u
unsigned threaded)
{
struct cmd_context *cmd;
#ifdef M_MMAP_MAX
mallopt(M_MMAP_MAX, 0);
-@@ -1662,7 +1664,7 @@ struct cmd_context *create_toolcontext(u
+@@ -1674,7 +1676,7 @@ struct cmd_context *create_toolcontext(u
/* FIXME Make this configurable? */
reset_lvm_errno(1);
/* Set in/out stream buffering before glibc */
if (set_buffering) {
/* Allocate 2 buffers */
-@@ -2035,7 +2037,7 @@ void destroy_toolcontext(struct cmd_cont
+@@ -2047,7 +2049,7 @@ void destroy_toolcontext(struct cmd_cont
if (cmd->libmem)
dm_pool_destroy(cmd->libmem);
if (cmd->linebuffer) {
/* Reset stream buffering to defaults */
if (is_valid_fd(STDIN_FILENO) &&
-Index: LVM2.2.02.118/tools/lvmcmdline.c
+Index: LVM2.2.02.120/tools/lvmcmdline.c
===================================================================
---- LVM2.2.02.118.orig/tools/lvmcmdline.c
-+++ LVM2.2.02.118/tools/lvmcmdline.c
-@@ -1602,6 +1602,7 @@ int lvm_split(char *str, int *argc, char
+--- LVM2.2.02.120.orig/tools/lvmcmdline.c
++++ LVM2.2.02.120/tools/lvmcmdline.c
+@@ -1606,6 +1606,7 @@ int lvm_split(char *str, int *argc, char
/* Make sure we have always valid filedescriptors 0,1,2 */
static int _check_standard_fds(void)
{
int err = is_valid_fd(STDERR_FILENO);
if (!is_valid_fd(STDIN_FILENO) &&
-@@ -1628,6 +1629,12 @@ static int _check_standard_fds(void)
+@@ -1632,6 +1633,12 @@ static int _check_standard_fds(void)
strerror(errno));
return 0;
}
SECTION:=utils
CATEGORY:=Utilities
TITLE:=PPS-tools
- DEPENDS:=@LINUX_3_10||@LINUX_3_13||@LINUX_3_14
+ DEPENDS:=@LINUX_3_10||@LINUX_3_13||@LINUX_3_14||@LINUX_3_18
endef
define Package/pps-tools/description
--- /dev/null
+--- a/runtime/doc/Makefile
++++ b/runtime/doc/Makefile
+@@ -310,7 +310,6 @@ all: tags vim.man evim.man vimdiff.man v
+ # Use Vim to generate the tags file. Can only be used when Vim has been
+ # compiled and installed. Supports multiple languages.
+ vimtags: $(DOCS)
+- $(VIMEXE) -u NONE -esX -c "helptags ++t ." -c quit
+
+ # Use "doctags" to generate the tags file. Only works for English!
+ tags: doctags $(DOCS)