PKG_NAME:=erlang
PKG_VERSION:=17.5
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=otp_src_$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:= http://www.erlang.org/download/ \
--disable-smp-support \
--without-javac
+HOST_CFLAGS += -D_GNU_SOURCE
+
define Host/Compile
$(MAKE) -C $(HOST_BUILD_DIR) all
endef
erl_xcomp_getaddrinfo=no \
erl_xcomp_sysroot="$(STAGING_DIR)"
+EXTRA_CFLAGS+=-D_GNU_SOURCE
EXTRA_LDFLAGS+=-lz
define Build/Compile
--- /dev/null
+--- a/lib/erl_interface/src/connect/ei_resolve.c
++++ b/lib/erl_interface/src/connect/ei_resolve.c
+@@ -642,7 +642,7 @@ struct hostent *ei_gethostbyname_r(const
+ #ifndef HAVE_GETHOSTBYNAME_R
+ return my_gethostbyname_r(name,hostp,buffer,buflen,h_errnop);
+ #else
+-#if (defined(__GLIBC__) || (__FreeBSD_version >= 602000) || defined(__DragonFly__) || defined(__ANDROID__))
++#if (defined(_GNU_SOURCE) || (__FreeBSD_version >= 602000) || defined(__DragonFly__) || defined(__ANDROID__))
+ struct hostent *result;
+
+ gethostbyname_r(name, hostp, buffer, buflen, &result, h_errnop);
PKG_NAME:=boost
PKG_VERSION:=1_58_0
-PKG_RELEASE:=4
+PKG_RELEASE:=5
PKG_SOURCE:=$(PKG_NAME)_$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@SF/boost
true
endef
+define Package/boost/install
+ true
+endef
+
define Package/boost
$(call Package/boost/Default)
TITLE+= packages
include $(INCLUDE_DIR)/package.mk
+TARGET_CPPFLAGS += $(filter -D%,$(TARGET_CFLAGS))
+TARGET_CFLAGS := $(filter-out -D%,$(TARGET_CFLAGS))
+
define Package/libcares
SECTION:=libs
CATEGORY:=Libraries
--- /dev/null
+#
+# Copyright (C) 2010-2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=hiredis
+PKG_VERSION:=0.13.1
+PKG_RELEASE:=1
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://github.com/redis/hiredis.git
+PKG_SOURCE_VERSION:=f58dd249d6ed47a7e835463c3b04722972281dbb
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+
+PKG_LICENSE:=BSD-3-Clause
+PKG_LICENSE_FILES:=COPYING
+PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
+
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/libhiredis
+ SECTION:=libs
+ CATEGORY:=Libraries
+ TITLE:=Minimalistic C client for Redis
+ URL:=https://github.com/redis/hiredis
+endef
+
+define Package/libhiredis/description
+ Hiredis is a minimalistic C client library for the Redis database.
+endef
+
+MAKE_FLAGS += ARCH="" DEBUG="" PREFIX="/usr"
+
+define Build/InstallDev
+ $(INSTALL_DIR) $(1)/usr/include/hiredis/adapters
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/include/hiredis/adapters/* $(1)/usr/include/hiredis/adapters
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/include/hiredis/*.h $(1)/usr/include/hiredis/
+ $(INSTALL_DIR) $(1)/usr/lib/pkgconfig
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libhiredis.{so*,a} $(1)/usr/lib/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/hiredis.pc $(1)/usr/lib/pkgconfig
+endef
+
+define Package/libhiredis/install
+ $(INSTALL_DIR) $(1)/usr/lib/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libhiredis.so* $(1)/usr/lib/
+endef
+
+$(eval $(call BuildPackage,libhiredis))
include $(TOPDIR)/rules.mk
PKG_NAME:=libevdev
-PKG_VERSION:=1.4.2
+PKG_VERSION:=1.4.3
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://www.freedesktop.org/software/libevdev/
-PKG_MD5SUM:=debfcd5153558eba25a8e71eb2534ae8
+PKG_MD5SUM:=2fc170e2d6f543ba26e7c79f95dc1935
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=COPYING
include $(TOPDIR)/rules.mk
PKG_NAME:=libinput
-PKG_VERSION:=0.17.0
+PKG_VERSION:=0.18.0
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://www.freedesktop.org/software/libinput/
-# PKG_MD5SUM:=debfcd5153558eba25a8e71eb2534ae8
+PKG_MD5SUM:=0ddbb0d53d58dec0a86de6791560011a
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=COPYING
include $(TOPDIR)/rules.mk
PKG_NAME:=libmicrohttpd
-PKG_VERSION:=0.9.38
-PKG_RELEASE:=1.2
+PKG_VERSION:=0.9.42
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@GNU/libmicrohttpd
-PKG_MD5SUM:=b72efbfe7f290846015d460aea7091fe
+PKG_MD5SUM:=3b9cf0b67fc8ebc9e69f53c6bc84a88d
PKG_MAINTAINER:=Martijn Zilverschoon <martijn@friedzombie.com>
CATEGORY:=Libraries
TITLE:=GNU libmicrohttpd is a library that runs an HTTP server.
URL:=http://www.gnu.org/software/libmicrohttpd/
- DEPENDS:=+libpthread +libgcrypt +libgnutls +libgpg-error +libopenssl
+ DEPENDS:=+libpthread +libgcrypt +libgnutls +libgpg-error
endef
define Package/libmicrohttpd/description
to run an HTTP server as part of another application.
endef
+CONFIGURE_ARGS += \
+ --enable-https \
+ --with-gnutls \
+ --disable-curl \
+ --disable-spdy \
+ --without-openssl
+
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include/
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
--- /dev/null
+--- a/ChangeLog
++++ b/ChangeLog
+@@ -1,3 +1,14 @@
++Thu Jun 4 13:37:05 CEST 2015
++ Fixing memory leak in digest authentication. -AW
++
++Wed Jun 03 21:23:47 CEST 2015
++ Add deprecation compiler messages for deprecated functions
++ and macros. -EG
++
++Fri May 29 12:23:01 CEST 2015
++ Fixing digest authentication when used in combination
++ with escaped characters in URLs. -CG/AW
++
+ Wed May 13 11:49:09 CEST 2015
+ Releasing libmicrohttpd 0.9.42. -CG
+
+--- a/src/microhttpd/response.c
++++ b/src/microhttpd/response.c
+@@ -24,6 +24,8 @@
+ * @author Christian Grothoff
+ */
+
++#define MHD_NO_DEPRECATION 1
++
+ #include "internal.h"
+ #include "response.h"
+
+--- a/src/microhttpd/digestauth.c
++++ b/src/microhttpd/digestauth.c
+@@ -1,6 +1,6 @@
+ /*
+ This file is part of libmicrohttpd
+- Copyright (C) 2010, 2011, 2012 Daniel Pittman and Christian Grothoff
++ Copyright (C) 2010, 2011, 2012, 2015 Daniel Pittman and Christian Grothoff
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+@@ -472,8 +472,8 @@ test_header (struct MHD_Connection *conn
+ *
+ * @param connection connections with headers to compare against
+ * @param args argument URI string (after "?" in URI)
+- * @return MHD_YES if the arguments match,
+- * MHD_NO if not
++ * @return #MHD_YES if the arguments match,
++ * #MHD_NO if not
+ */
+ static int
+ check_argument_match (struct MHD_Connection *connection,
+@@ -508,7 +508,10 @@ check_argument_match (struct MHD_Connect
+ connection,
+ argp);
+ if (MHD_YES != test_header (connection, argp, NULL))
+- return MHD_NO;
++ {
++ free(argb);
++ return MHD_NO;
++ }
+ num_headers++;
+ break;
+ }
+@@ -527,10 +530,16 @@ check_argument_match (struct MHD_Connect
+ connection,
+ equals);
+ if (! test_header (connection, argp, equals))
+- return MHD_NO;
++ {
++ free(argb);
++ return MHD_NO;
++ }
++
+ num_headers++;
+ argp = amper;
+ }
++
++ free(argb);
+
+ /* also check that the number of headers matches */
+ for (pos = connection->headers_received; NULL != pos; pos = pos->next)
+@@ -632,10 +641,83 @@ MHD_digest_auth_check (struct MHD_Connec
+ header value. */
+ return MHD_NO;
+ }
++ /* 8 = 4 hexadecimal numbers for the timestamp */
++ nonce_time = strtoul (nonce + len - 8, (char **)NULL, 16);
++ t = (uint32_t) MHD_monotonic_time();
++ /*
++ * First level vetting for the nonce validity: if the timestamp
++ * attached to the nonce exceeds `nonce_timeout', then the nonce is
++ * invalid.
++ */
++ if ( (t > nonce_time + nonce_timeout) ||
++ (nonce_time + nonce_timeout < nonce_time) )
++ {
++ /* too old */
++ return MHD_INVALID_NONCE;
++ }
++
++ calculate_nonce (nonce_time,
++ connection->method,
++ connection->daemon->digest_auth_random,
++ connection->daemon->digest_auth_rand_size,
++ connection->url,
++ realm,
++ noncehashexp);
++ /*
++ * Second level vetting for the nonce validity
++ * if the timestamp attached to the nonce is valid
++ * and possibly fabricated (in case of an attack)
++ * the attacker must also know the random seed to be
++ * able to generate a "sane" nonce, which if he does
++ * not, the nonce fabrication process going to be
++ * very hard to achieve.
++ */
++
++ if (0 != strcmp (nonce, noncehashexp))
++ {
++ return MHD_INVALID_NONCE;
++ }
++ if ( (0 == lookup_sub_value (cnonce,
++ sizeof (cnonce),
++ header, "cnonce")) ||
++ (0 == lookup_sub_value (qop, sizeof (qop), header, "qop")) ||
++ ( (0 != strcmp (qop, "auth")) &&
++ (0 != strcmp (qop, "")) ) ||
++ (0 == lookup_sub_value (nc, sizeof (nc), header, "nc")) ||
++ (0 == lookup_sub_value (response, sizeof (response), header, "response")) )
++ {
++#if HAVE_MESSAGES
++ MHD_DLOG (connection->daemon,
++ "Authentication failed, invalid format.\n");
++#endif
++ return MHD_NO;
++ }
++ nci = strtoul (nc, &end, 16);
++ if ( ('\0' != *end) ||
++ ( (LONG_MAX == nci) &&
++ (ERANGE == errno) ) )
++ {
++#if HAVE_MESSAGES
++ MHD_DLOG (connection->daemon,
++ "Authentication failed, invalid format.\n");
++#endif
++ return MHD_NO; /* invalid nonce format */
++ }
++ /*
++ * Checking if that combination of nonce and nc is sound
++ * and not a replay attack attempt. Also adds the nonce
++ * to the nonce-nc map if it does not exist there.
++ */
++
++ if (MHD_YES != check_nonce_nc (connection, nonce, nci))
++ {
++ return MHD_NO;
++ }
++
+ {
+ char *uri;
+-
+- uri = malloc(left + 1);
++
++ uri = malloc (left + 1);
+ if (NULL == uri)
+ {
+ #if HAVE_MESSAGES
+@@ -648,24 +730,31 @@ MHD_digest_auth_check (struct MHD_Connec
+ left + 1,
+ header, "uri"))
+ {
+- free(uri);
++ free (uri);
+ return MHD_NO;
+ }
+
+- /* 8 = 4 hexadecimal numbers for the timestamp */
+- nonce_time = strtoul (nonce + len - 8, (char **)NULL, 16);
+- t = (uint32_t) MHD_monotonic_time();
+- /*
+- * First level vetting for the nonce validity: if the timestamp
+- * attached to the nonce exceeds `nonce_timeout', then the nonce is
+- * invalid.
+- */
+- if ( (t > nonce_time + nonce_timeout) ||
+- (nonce_time + nonce_timeout < nonce_time) )
+- {
+- free(uri);
+- return MHD_INVALID_NONCE;
+- }
++ digest_calc_ha1("md5",
++ username,
++ realm,
++ password,
++ nonce,
++ cnonce,
++ ha1);
++ digest_calc_response (ha1,
++ nonce,
++ nc,
++ cnonce,
++ qop,
++ connection->method,
++ uri,
++ hentity,
++ respexp);
++
++ /* Need to unescape URI before comparing with connection->url */
++ connection->daemon->unescape_callback (connection->daemon->unescape_callback_cls,
++ connection,
++ uri);
+ if (0 != strncmp (uri,
+ connection->url,
+ strlen (connection->url)))
+@@ -674,9 +763,10 @@ MHD_digest_auth_check (struct MHD_Connec
+ MHD_DLOG (connection->daemon,
+ "Authentication failed, URI does not match.\n");
+ #endif
+- free(uri);
++ free (uri);
+ return MHD_NO;
+ }
++
+ {
+ const char *args = strchr (uri, '?');
+
+@@ -692,89 +782,11 @@ MHD_digest_auth_check (struct MHD_Connec
+ MHD_DLOG (connection->daemon,
+ "Authentication failed, arguments do not match.\n");
+ #endif
+- free(uri);
++ free (uri);
+ return MHD_NO;
+ }
+ }
+- calculate_nonce (nonce_time,
+- connection->method,
+- connection->daemon->digest_auth_random,
+- connection->daemon->digest_auth_rand_size,
+- connection->url,
+- realm,
+- noncehashexp);
+- /*
+- * Second level vetting for the nonce validity
+- * if the timestamp attached to the nonce is valid
+- * and possibly fabricated (in case of an attack)
+- * the attacker must also know the random seed to be
+- * able to generate a "sane" nonce, which if he does
+- * not, the nonce fabrication process going to be
+- * very hard to achieve.
+- */
+-
+- if (0 != strcmp (nonce, noncehashexp))
+- {
+- free(uri);
+- return MHD_INVALID_NONCE;
+- }
+- if ( (0 == lookup_sub_value (cnonce,
+- sizeof (cnonce),
+- header, "cnonce")) ||
+- (0 == lookup_sub_value (qop, sizeof (qop), header, "qop")) ||
+- ( (0 != strcmp (qop, "auth")) &&
+- (0 != strcmp (qop, "")) ) ||
+- (0 == lookup_sub_value (nc, sizeof (nc), header, "nc")) ||
+- (0 == lookup_sub_value (response, sizeof (response), header, "response")) )
+- {
+-#if HAVE_MESSAGES
+- MHD_DLOG (connection->daemon,
+- "Authentication failed, invalid format.\n");
+-#endif
+- free(uri);
+- return MHD_NO;
+- }
+- nci = strtoul (nc, &end, 16);
+- if ( ('\0' != *end) ||
+- ( (LONG_MAX == nci) &&
+- (ERANGE == errno) ) )
+- {
+-#if HAVE_MESSAGES
+- MHD_DLOG (connection->daemon,
+- "Authentication failed, invalid format.\n");
+-#endif
+- free(uri);
+- return MHD_NO; /* invalid nonce format */
+- }
+- /*
+- * Checking if that combination of nonce and nc is sound
+- * and not a replay attack attempt. Also adds the nonce
+- * to the nonce-nc map if it does not exist there.
+- */
+-
+- if (MHD_YES != check_nonce_nc (connection, nonce, nci))
+- {
+- free(uri);
+- return MHD_NO;
+- }
+-
+- digest_calc_ha1("md5",
+- username,
+- realm,
+- password,
+- nonce,
+- cnonce,
+- ha1);
+- digest_calc_response (ha1,
+- nonce,
+- nc,
+- cnonce,
+- qop,
+- connection->method,
+- uri,
+- hentity,
+- respexp);
+- free(uri);
++ free (uri);
+ return (0 == strcmp(response, respexp))
+ ? MHD_YES
+ : MHD_NO;
+@@ -835,7 +847,7 @@ MHD_queue_auth_fail_response (struct MHD
+ : "");
+ {
+ char *header;
+-
++
+ header = malloc(hlen + 1);
+ if (NULL == header)
+ {
+--- a/src/microhttpd/daemon.c
++++ b/src/microhttpd/daemon.c
+@@ -73,7 +73,7 @@
+ /**
+ * Default connection limit.
+ */
+-#ifndef WINDOWS
++#ifndef MHD_WINSOCK_SOCKETS
+ #define MHD_MAX_CONNECTIONS_DEFAULT FD_SETSIZE - 4
+ #else
+ #define MHD_MAX_CONNECTIONS_DEFAULT FD_SETSIZE
+@@ -1271,7 +1271,7 @@ internal_add_connection (struct MHD_Daem
+ return MHD_NO;
+ }
+
+-#ifndef WINDOWS
++#ifndef MHD_WINSOCK_SOCKETS
+ if ( (client_socket >= FD_SETSIZE) &&
+ (0 == (daemon->options & (MHD_USE_POLL | MHD_USE_EPOLL_LINUX_ONLY))) )
+ {
+@@ -1418,7 +1418,7 @@ internal_add_connection (struct MHD_Daem
+ #endif
+ {
+ /* make socket non-blocking */
+-#if !defined(WINDOWS) || defined(CYGWIN)
++#if !defined(MHD_WINSOCK_SOCKETS)
+ int flags = fcntl (connection->socket_fd, F_GETFL);
+ if ( (-1 == flags) ||
+ (0 != fcntl (connection->socket_fd, F_SETFL, flags | O_NONBLOCK)) )
+@@ -1797,7 +1797,7 @@ static void
+ make_nonblocking_noninheritable (struct MHD_Daemon *daemon,
+ MHD_socket sock)
+ {
+-#ifdef WINDOWS
++#ifdef MHD_WINSOCK_SOCKETS
+ DWORD dwFlags;
+ unsigned long flags = 1;
+
+@@ -3611,7 +3611,7 @@ MHD_start_daemon_va (unsigned int flags,
+ daemon->socket_fd = MHD_INVALID_SOCKET;
+ daemon->listening_address_reuse = 0;
+ daemon->options = flags;
+-#if WINDOWS
++#if defined(MHD_WINSOCK_SOCKETS) || defined(CYGWIN)
+ /* Winsock is broken with respect to 'shutdown';
+ this disables us calling 'shutdown' on W32. */
+ daemon->options |= MHD_USE_EPOLL_TURBO;
+@@ -3650,7 +3650,7 @@ MHD_start_daemon_va (unsigned int flags,
+ free (daemon);
+ return NULL;
+ }
+-#ifndef WINDOWS
++#ifndef MHD_WINSOCK_SOCKETS
+ if ( (0 == (flags & (MHD_USE_POLL | MHD_USE_EPOLL_LINUX_ONLY))) &&
+ (1 == use_pipe) &&
+ (daemon->wpipe[0] >= FD_SETSIZE) )
+@@ -3934,7 +3934,7 @@ MHD_start_daemon_va (unsigned int flags,
+ (http://msdn.microsoft.com/en-us/library/ms738574%28v=VS.85%29.aspx);
+ and may also be missing on older POSIX systems; good luck if you have any of those,
+ your IPv6 socket may then also bind against IPv4 anyway... */
+-#ifndef WINDOWS
++#ifndef MHD_WINSOCK_SOCKETS
+ const int
+ #else
+ const char
+@@ -4016,7 +4016,7 @@ MHD_start_daemon_va (unsigned int flags,
+ {
+ socket_fd = daemon->socket_fd;
+ }
+-#ifndef WINDOWS
++#ifndef MHD_WINSOCK_SOCKETS
+ if ( (socket_fd >= FD_SETSIZE) &&
+ (0 == (flags & (MHD_USE_POLL | MHD_USE_EPOLL_LINUX_ONLY)) ) )
+ {
+@@ -4121,7 +4121,7 @@ MHD_start_daemon_va (unsigned int flags,
+ if ( (daemon->worker_pool_size > 0) &&
+ (0 == (daemon->options & MHD_USE_NO_LISTEN_SOCKET)) )
+ {
+-#if !defined(WINDOWS) || defined(CYGWIN)
++#if !defined(MHD_WINSOCK_SOCKETS)
+ int sk_flags;
+ #else
+ unsigned long sk_flags;
+@@ -4140,7 +4140,7 @@ MHD_start_daemon_va (unsigned int flags,
+ /* Accept must be non-blocking. Multiple children may wake up
+ * to handle a new connection, but only one will win the race.
+ * The others must immediately return. */
+-#if !defined(WINDOWS) || defined(CYGWIN)
++#if !defined(MHD_WINSOCK_SOCKETS)
+ sk_flags = fcntl (socket_fd, F_GETFL);
+ if (sk_flags < 0)
+ goto thread_failed;
+@@ -4150,7 +4150,7 @@ MHD_start_daemon_va (unsigned int flags,
+ sk_flags = 1;
+ if (SOCKET_ERROR == ioctlsocket (socket_fd, FIONBIO, &sk_flags))
+ goto thread_failed;
+-#endif /* WINDOWS && !CYGWIN */
++#endif /* MHD_WINSOCK_SOCKETS */
+
+ /* Allocate memory for pooled objects */
+ daemon->worker_pool = malloc (sizeof (struct MHD_Daemon)
+@@ -4182,7 +4182,7 @@ MHD_start_daemon_va (unsigned int flags,
+ #endif
+ goto thread_failed;
+ }
+-#ifndef WINDOWS
++#ifndef MHD_WINSOCK_SOCKETS
+ if ( (0 == (flags & (MHD_USE_POLL | MHD_USE_EPOLL_LINUX_ONLY))) &&
+ (MHD_USE_SUSPEND_RESUME == (flags & MHD_USE_SUSPEND_RESUME)) &&
+ (d->wpipe[0] >= FD_SETSIZE) )
+@@ -4343,7 +4343,7 @@ close_all_connections (struct MHD_Daemon
+ {
+ shutdown (pos->socket_fd,
+ (pos->read_closed == MHD_YES) ? SHUT_WR : SHUT_RDWR);
+-#if WINDOWS
++#if MHD_WINSOCK_SOCKETS
+ if ( (0 != (daemon->options & MHD_USE_THREAD_PER_CONNECTION)) &&
+ (MHD_INVALID_PIPE_ != daemon->wpipe[1]) &&
+ (1 != MHD_pipe_write_ (daemon->wpipe[1], "e", 1)) )
+--- a/src/include/microhttpd.h
++++ b/src/include/microhttpd.h
+@@ -130,7 +130,7 @@ typedef intptr_t ssize_t;
+ * Current version of the library.
+ * 0x01093001 = 1.9.30-1.
+ */
+-#define MHD_VERSION 0x00094200
++#define MHD_VERSION 0x00094202
+
+ /**
+ * MHD-internal return code for "YES".
+@@ -194,6 +194,53 @@ typedef SOCKET MHD_socket;
+ #endif /* MHD_SOCKET_DEFINED */
+
+ /**
++ * Define MHD_NO_DEPRECATION before including "microhttpd.h" to disable deprecation messages
++ */
++#ifdef MHD_NO_DEPRECATION
++#define _MHD_DEPR_MACRO(msg)
++#define _MHD_DEPR_FUNC(msg)
++#endif /* MHD_NO_DEPRECATION */
++
++#ifndef _MHD_DEPR_MACRO
++#if defined(_MSC_FULL_VER) && _MSC_VER+0 >= 1500
++/* Stringify macros */
++#define _MHD_INSTRMACRO(a) #a
++#define _MHD_STRMACRO(a) _MHD_INSTRMACRO(a)
++#define _MHD_DEPR_MACRO(msg) __pragma(message(__FILE__ "(" _MHD_STRMACRO(__LINE__)"): warning: " msg))
++#elif defined(__clang__) || defined (__GNUC_PATCHLEVEL__)
++#define _MHD_GCC_PRAG(x) _Pragma (#x)
++#if __clang_major__+0 >= 5 || \
++ (!defined(__apple_build_version__) && (__clang_major__+0 > 3 || (__clang_major__+0 == 3 && __clang_minor__ >= 3))) || \
++ __GNUC__+0 > 4 || (__GNUC__+0 == 4 && __GNUC_MINOR__+0 >= 8)
++#define _MHD_DEPR_MACRO(msg) _MHD_GCC_PRAG(GCC warning msg)
++#else /* older clang or GCC */
++#define _MHD_DEPR_MACRO(msg) _MHD_GCC_PRAG(message msg)
++#endif
++/* #elif defined(SOMEMACRO) */ /* add compiler-specific macros here if required */
++#else /* other compilers */
++#define _MHD_DEPR_MACRO(msg)
++#endif
++#endif /* _MHD_DEPR_MACRO */
++
++#ifndef _MHD_DEPR_FUNC
++#if defined(_MSC_FULL_VER) && _MSC_VER+0 >= 1400
++#define _MHD_DEPR_FUNC(msg) __declspec(deprecated(msg))
++#elif defined(_MSC_FULL_VER) && _MSC_VER+0 >= 1310
++/* VS .NET 2003 deprecation do not support custom messages */
++#define _MHD_DEPR_FUNC(msg) __declspec(deprecated)
++#elif defined (__clang__) && \
++ (__clang_major__+0 >= 4 || (!defined(__apple_build_version__) && __clang_major__+0 >= 3))
++#define _MHD_DEPR_FUNC(msg) __attribute__((deprecated(msg)))
++#elif defined (__clang__) || __GNUC__+0 > 3 || (__GNUC__+0 == 3 && __GNUC_MINOR__+0 >= 1)
++/* GCC-style deprecation do not support custom messages */
++#define _MHD_DEPR_FUNC(msg) __attribute__((__deprecated__))
++/* #elif defined(SOMEMACRO) */ /* add compiler-specific macros here if required */
++#else /* other compilers */
++#define _MHD_DEPR_FUNC(msg)
++#endif
++#endif /* _MHD_DEPR_FUNC */
++
++/**
+ * Not all architectures and `printf()`'s support the `long long` type.
+ * This gives the ability to replace `long long` with just a `long`,
+ * standard `int` or a `short`.
+@@ -204,6 +251,8 @@ typedef SOCKET MHD_socket;
+ */
+ #define MHD_LONG_LONG long long
+ #define MHD_UNSIGNED_LONG_LONG unsigned long long
++#else /* MHD_LONG_LONG */
++_MHD_DEPR_MACRO("Macro MHD_LONG_LONG is deprecated, use MHD_UNSIGNED_LONG_LONG")
+ #endif
+ /**
+ * Format string for printing a variable of type #MHD_LONG_LONG.
+@@ -215,6 +264,8 @@ typedef SOCKET MHD_socket;
+ */
+ #define MHD_LONG_LONG_PRINTF "ll"
+ #define MHD_UNSIGNED_LONG_LONG_PRINTF "%llu"
++#else /* MHD_LONG_LONG_PRINTF */
++_MHD_DEPR_MACRO("Macro MHD_LONG_LONG_PRINTF is deprecated, use MHD_UNSIGNED_LONG_LONG_PRINTF")
+ #endif
+
+
+@@ -253,7 +304,8 @@ typedef SOCKET MHD_socket;
+ #define MHD_HTTP_METHOD_NOT_ALLOWED 405
+ #define MHD_HTTP_NOT_ACCEPTABLE 406
+ /** @deprecated */
+-#define MHD_HTTP_METHOD_NOT_ACCEPTABLE 406
++#define MHD_HTTP_METHOD_NOT_ACCEPTABLE \
++ _MHD_DEPR_MACRO("Value MHD_HTTP_METHOD_NOT_ACCEPTABLE is deprecated, use MHD_HTTP_NOT_ACCEPTABLE") 406
+ #define MHD_HTTP_PROXY_AUTHENTICATION_REQUIRED 407
+ #define MHD_HTTP_REQUEST_TIMEOUT 408
+ #define MHD_HTTP_CONFLICT 409
+@@ -1953,6 +2005,7 @@ MHD_create_response_from_callback (uint6
+ * @deprecated use #MHD_create_response_from_buffer instead
+ * @ingroup response
+ */
++_MHD_DEPR_FUNC("MHD_create_response_from_data() is deprecated, use MHD_create_response_from_buffer()") \
+ _MHD_EXTERN struct MHD_Response *
+ MHD_create_response_from_data (size_t size,
+ void *data,
+@@ -2023,6 +2076,8 @@ MHD_create_response_from_buffer (size_t
+ * @return NULL on error (i.e. invalid arguments, out of memory)
+ * @ingroup response
+ */
++/* NOTE: this should be 'uint64_t' instead of 'size_t', but changing
++ this would break API compatibility. */
+ _MHD_EXTERN struct MHD_Response *
+ MHD_create_response_from_fd (size_t size,
+ int fd);
+@@ -2044,6 +2099,8 @@ MHD_create_response_from_fd (size_t size
+ * @return NULL on error (i.e. invalid arguments, out of memory)
+ * @ingroup response
+ */
++/* NOTE: this should be 'uint64_t' instead of 'size_t', but changing
++ this would break API compatibility. */
+ _MHD_EXTERN struct MHD_Response *
+ MHD_create_response_from_fd_at_offset (size_t size,
+ int fd,
+--- a/src/include/platform_interface.h
++++ b/src/include/platform_interface.h
+@@ -82,14 +82,14 @@
+
+
+ /* MHD_socket_close_(fd) close any FDs (non-W32) / close only socket FDs (W32) */
+-#if !defined(_WIN32) || defined(__CYGWIN__)
++#if !defined(MHD_WINSOCK_SOCKETS)
+ #define MHD_socket_close_(fd) close((fd))
+ #else
+ #define MHD_socket_close_(fd) closesocket((fd))
+ #endif
+
+ /* MHD_socket_errno_ is errno of last function (non-W32) / errno of last socket function (W32) */
+-#if !defined(_WIN32) || defined(__CYGWIN__)
++#if !defined(MHD_WINSOCK_SOCKETS)
+ #define MHD_socket_errno_ errno
+ #else
+ #define MHD_socket_errno_ MHD_W32_errno_from_winsock_()
+@@ -97,21 +97,21 @@
+
+ /* MHD_socket_last_strerr_ is description string of last errno (non-W32) /
+ * description string of last socket error (W32) */
+-#if !defined(_WIN32) || defined(__CYGWIN__)
++#if !defined(MHD_WINSOCK_SOCKETS)
+ #define MHD_socket_last_strerr_() strerror(errno)
+ #else
+ #define MHD_socket_last_strerr_() MHD_W32_strerror_last_winsock_()
+ #endif
+
+ /* MHD_strerror_ is strerror (both non-W32/W32) */
+-#if !defined(_WIN32) || defined(__CYGWIN__)
++#if !defined(MHD_WINSOCK_SOCKETS)
+ #define MHD_strerror_(errnum) strerror((errnum))
+ #else
+ #define MHD_strerror_(errnum) MHD_W32_strerror_((errnum))
+ #endif
+
+ /* MHD_set_socket_errno_ set errno to errnum (non-W32) / set socket last error to errnum (W32) */
+-#if !defined(_WIN32) || defined(__CYGWIN__)
++#if !defined(MHD_WINSOCK_SOCKETS)
+ #define MHD_set_socket_errno_(errnum) errno=(errnum)
+ #else
+ #define MHD_set_socket_errno_(errnum) MHD_W32_set_last_winsock_error_((errnum))
+--- a/src/testcurl/test_digestauth.c
++++ b/src/testcurl/test_digestauth.c
+@@ -73,7 +73,8 @@ ahc_echo (void *cls,
+ const char *url,
+ const char *method,
+ const char *version,
+- const char *upload_data, size_t *upload_data_size,
++ const char *upload_data,
++ size_t *upload_data_size,
+ void **unused)
+ {
+ struct MHD_Response *response;
+@@ -82,44 +83,47 @@ ahc_echo (void *cls,
+ const char *realm = "test@example.com";
+ int ret;
+
+- username = MHD_digest_auth_get_username(connection);
++ username = MHD_digest_auth_get_username (connection);
+ if ( (username == NULL) ||
+ (0 != strcmp (username, "testuser")) )
+ {
+- response = MHD_create_response_from_buffer(strlen (DENIED),
+- DENIED,
+- MHD_RESPMEM_PERSISTENT);
++ response = MHD_create_response_from_buffer (strlen (DENIED),
++ DENIED,
++ MHD_RESPMEM_PERSISTENT);
+ ret = MHD_queue_auth_fail_response(connection, realm,
+ MY_OPAQUE,
+ response,
+- MHD_NO);
+- MHD_destroy_response(response);
++ MHD_NO);
++ MHD_destroy_response(response);
+ return ret;
+ }
+ ret = MHD_digest_auth_check(connection, realm,
+- username,
+- password,
++ username,
++ password,
+ 300);
+ free(username);
+ if ( (ret == MHD_INVALID_NONCE) ||
+ (ret == MHD_NO) )
+ {
+- response = MHD_create_response_from_buffer(strlen (DENIED),
++ response = MHD_create_response_from_buffer(strlen (DENIED),
+ DENIED,
+- MHD_RESPMEM_PERSISTENT);
+- if (NULL == response)
++ MHD_RESPMEM_PERSISTENT);
++ if (NULL == response)
+ return MHD_NO;
+ ret = MHD_queue_auth_fail_response(connection, realm,
+ MY_OPAQUE,
+ response,
+- (ret == MHD_INVALID_NONCE) ? MHD_YES : MHD_NO);
+- MHD_destroy_response(response);
++ (ret == MHD_INVALID_NONCE) ? MHD_YES : MHD_NO);
++ MHD_destroy_response(response);
+ return ret;
+ }
+- response = MHD_create_response_from_buffer(strlen(PAGE), PAGE,
+- MHD_RESPMEM_PERSISTENT);
+- ret = MHD_queue_response(connection, MHD_HTTP_OK, response);
+- MHD_destroy_response(response);
++ response = MHD_create_response_from_buffer (strlen(PAGE),
++ PAGE,
++ MHD_RESPMEM_PERSISTENT);
++ ret = MHD_queue_response (connection,
++ MHD_HTTP_OK,
++ response);
++ MHD_destroy_response (response);
+ return ret;
+ }
+
+@@ -144,24 +148,24 @@ testDigestAuth ()
+ fd = open("/dev/urandom", O_RDONLY);
+ if (-1 == fd)
+ {
+- fprintf(stderr, "Failed to open `%s': %s\n",
+- "/dev/urandom",
+- strerror(errno));
+- return 1;
+- }
++ fprintf(stderr, "Failed to open `%s': %s\n",
++ "/dev/urandom",
++ strerror(errno));
++ return 1;
++ }
+ while (off < 8)
+- {
+- len = read(fd, rnd, 8);
+- if (len == -1)
+- {
+- fprintf(stderr, "Failed to read `%s': %s\n",
+- "/dev/urandom",
+- strerror(errno));
+- (void) close(fd);
+- return 1;
+- }
+- off += len;
+- }
++ {
++ len = read(fd, rnd, 8);
++ if (len == -1)
++ {
++ fprintf(stderr, "Failed to read `%s': %s\n",
++ "/dev/urandom",
++ strerror(errno));
++ (void) close(fd);
++ return 1;
++ }
++ off += len;
++ }
+ (void) close(fd);
+ #else
+ {
+@@ -193,7 +197,7 @@ testDigestAuth ()
+ if (d == NULL)
+ return 1;
+ c = curl_easy_init ();
+- curl_easy_setopt (c, CURLOPT_URL, "http://127.0.0.1:1337/");
++ curl_easy_setopt (c, CURLOPT_URL, "http://127.0.0.1:1337/bar%20 foo?a=bü%20");
+ curl_easy_setopt (c, CURLOPT_WRITEFUNCTION, ©Buffer);
+ curl_easy_setopt (c, CURLOPT_WRITEDATA, &cbc);
+ curl_easy_setopt (c, CURLOPT_HTTPAUTH, CURLAUTH_DIGEST);
+@@ -225,7 +229,6 @@ testDigestAuth ()
+ }
+
+
+-
+ int
+ main (int argc, char *const *argv)
+ {
+--- a/src/testcurl/https/test_https_time_out.c
++++ b/src/testcurl/https/test_https_time_out.c
+@@ -64,7 +64,7 @@ test_tls_session_time_out (gnutls_sessio
+
+ gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) (intptr_t) sd);
+
+- ret = connect (sd, &sa, sizeof (struct sockaddr_in));
++ ret = connect (sd, (struct sockaddr *) &sa, sizeof (struct sockaddr_in));
+
+ if (ret < 0)
+ {
--- a/lib/libv4lconvert/libv4lsyscall-priv.h
+++ b/lib/libv4lconvert/libv4lsyscall-priv.h
-@@ -35,14 +35,19 @@
+@@ -35,18 +35,23 @@
which is broken on some systems and doesn't include them itself :( */
#ifdef linux
+#undef SYS_mmap2
#define SYS_mmap2 __NR_mmap2
#define MMAP2_PAGE_SHIFT 12
-+#if !(defined(__UCLIBC__) || defined(__GLIBC__))
-+typedef off_t __off_t;
-+#endif
#else
#define SYS_mmap2 SYS_mmap
#define MMAP2_PAGE_SHIFT 0
+ #endif
++#if !(defined(__UCLIBC__) || defined(__GLIBC__))
++typedef off_t __off_t;
++#endif
+ #endif
+
+ #if defined(__FreeBSD__) || defined(__FreeBSD_kernel__)
--- a/lib/libv4l1/v4l1compat.c
+++ b/lib/libv4l1/v4l1compat.c
@@ -62,7 +62,7 @@ LIBV4L_PUBLIC int open(const char *file,
PKG_NAME:=pthsem
PKG_VERSION:=2.0.8
-PKG_RELEASE:=3
+PKG_RELEASE:=4
PKG_MAINTAINER:=Othmar Truniger <github@truniger.ch>
PKG_LICENSE:=LGPL-2.1+
PKG_FIXUP:=autoreconf
PKG_BUILD_PARALLEL:=1
+PKG_FORTIFY_SOURCE:=0
PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
pthsem is an extend version, with support for semaphores added. It can be installed parallel to a normal pth.
endef
+# The musl libc provides a proper implementation of sigaltstack() so
+# prevent configure from wrongly assuming a broken Linux platform
+ifeq ($(CONFIG_USE_MUSL),y)
+ CONFIGURE_VARS += \
+ ac_cv_check_sjlj=ssjlj
+endif
+
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/pthsem-config $(1)/usr/bin/
#
-# Copyright (C) 2014 OpenWrt.org
+# Copyright (C) 2014-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(TOPDIR)/rules.mk
PKG_NAME:=postfix
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE_URL:=ftp://ftp.porcupine.org/mirrors/postfix-release/official/
PKG_VERSION:=3.0.1
PKG_MD5SUM:=3ec1416e7d4fba9566297c8fcf7a348c
---- postfix-2.10.2/makedefs 2013-02-04 05:33:13.000000000 +0400
-+++ postfix-2.10.2_patched/makedefs 2013-11-19 22:48:50.528560454 +0400
-@@ -190,9 +190,9 @@
+--- a/makedefs
++++ b/makedefs
+@@ -190,9 +190,9 @@ error() {
case $# in
# Officially supported usage.
case "$VERSION" in
dcosx*) SYSTEM=$VERSION;;
esac;;
-@@ -522,9 +522,9 @@
+@@ -522,9 +522,9 @@ EOF
esac
for name in nsl resolv
do
+ for lib in /usr/lib64 /usr/lib64/* /usr/lib /usr/lib/* /lib /lib/*
do
- test -e $lib/lib$name.a -o -e $lib/lib$name.so && {
-+ test -e $PKG_BUILD_DIR/$lib/lib$name.a -o -e $PKG_BUILD_DIR/$lib/lib$name.so && {
++ test -e $STAGING_DIR/$lib/lib$name.a -o -e $STAGING_DIR/$lib/lib$name.so && {
SYSLIBS="$SYSLIBS -l$name"
break
}
PKG_NAME:=ddns-scripts
# Version == major.minor.patch
# increase on new functionality (minor) or patches (patch)
-PKG_VERSION:=2.4.2
+PKG_VERSION:=2.4.3
# Release == build
# increase on changes of services files or tld_names.dat
PKG_RELEASE:=1
__IPV4=$(cat $DATFILE | awk -F "address " '/has address/ {print $2; exit}' )
__IPV6=$(cat $DATFILE | awk -F "address " '/has IPv6/ {print $2; exit}' )
else # use BusyBox nslookup
- __IPV4=$(cat $DATFILE | sed -ne "3,\$ { s/^Address[0-9 ]\{0,\}: \($IPV4_REGEX\).*$/\\1/p }")
- __IPV6=$(cat $DATFILE | sed -ne "3,\$ { s/^Address[0-9 ]\{0,\}: \($IPV6_REGEX\).*$/\\1/p }")
+ __IPV4=$(cat $DATFILE | sed -ne "/^Name:/,\$ { s/^Address[0-9 ]\{0,\}: \($IPV4_REGEX\).*$/\\1/p }")
+ __IPV6=$(cat $DATFILE | sed -ne "/^Name:/,\$ { s/^Address[0-9 ]\{0,\}: \($IPV6_REGEX\).*$/\\1/p }")
fi
}
if [ "$__PROG" = "BIND host" ]; then
__DATA=$(cat $DATFILE | awk -F "address " '/has/ {print $2; exit}' )
else
- __DATA=$(cat $DATFILE | sed -ne "3,\$ { s/^Address[0-9 ]\{0,\}: \($__REGEX\).*$/\\1/p }" )
+ __DATA=$(cat $DATFILE | sed -ne "/^Name:/,\$ { s/^Address[0-9 ]\{0,\}: \($__REGEX\).*$/\\1/p }" )
fi
[ -n "$__DATA" ] && {
write_log 7 "Registered IP '$__DATA' detected"
#
-# Copyright (C) 2007-2011 OpenWrt.org
+# Copyright (C) 2007-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
PKG_NAME:=etherwake
PKG_VERSION:=1.09
-PKG_RELEASE:=3
+PKG_RELEASE:=4
PKG_SOURCE:=$(PKG_NAME)_$(PKG_VERSION).orig.tar.gz
PKG_SOURCE_URL:=http://ftp.debian.org/debian/pool/main/e/etherwake
--- /dev/null
+--- a/ether-wake.c
++++ b/ether-wake.c
+@@ -82,14 +82,8 @@ static char usage_msg[] =
+ #include <linux/if.h>
+
+ #include <features.h>
+-#if __GLIBC__ >= 2 && __GLIBC_MINOR >= 1
+ #include <netpacket/packet.h>
+ #include <net/ethernet.h>
+-#else
+-#include <asm/types.h>
+-#include <linux/if_packet.h>
+-#include <linux/if_ether.h>
+-#endif
+ #include <netdb.h>
+ #include <netinet/ether.h>
+
include $(TOPDIR)/rules.mk
PKG_NAME:=gnunet
-PKG_SOURCE_VERSION:=35963
+PKG_SOURCE_VERSION:=36019
PKG_VERSION:=0.10.1-svn$(PKG_SOURCE_VERSION)
-PKG_RELEASE:=2
+PKG_RELEASE:=1
# ToDo:
# - break-out transports
include $(TOPDIR)/rules.mk
PKG_NAME:=haproxy
-PKG_VERSION:=1.5.12
-PKG_RELEASE:=18
+PKG_VERSION:=1.5.13
+PKG_RELEASE:=00
PKG_SOURCE:=haproxy-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://haproxy.1wt.eu/download/1.5/src/
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
-PKG_MD5SUM:=4b94b257f16d88c315716b062b22e48a
+PKG_MD5SUM:=30cf07875ecae4fd6c4c309627afa8f1
PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>
PKG_LICENSE:=GPL-2.0
+++ /dev/null
-From 0aa5899911bbc765ba16ce52a80fa76230781779 Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Mon, 4 May 2015 18:07:56 +0200
-Subject: [PATCH 1/2] BUG/MEDIUM: stats: properly initialize the scope before
- dumping stats
-
-Issuing a "show sess all" prior to a "show stat" on the CLI results in no
-proxy being dumped because the scope_len union member was not properly
-reinitialized.
-
-This fix must be backported into 1.5.
-(cherry picked from commit 6bcb95da5b9cb143088102b460c7bcb37c1b3d81)
----
- src/dumpstats.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/src/dumpstats.c b/src/dumpstats.c
-index b616478..ca084ac 100644
---- a/src/dumpstats.c
-+++ b/src/dumpstats.c
-@@ -1109,6 +1109,8 @@ static int stats_sock_parse_request(struct stream_interface *si, char *line)
- arg++;
- }
-
-+ appctx->ctx.stats.scope_str = 0;
-+ appctx->ctx.stats.scope_len = 0;
- appctx->ctx.stats.flags = 0;
- if (strcmp(args[0], "show") == 0) {
- if (strcmp(args[1], "stat") == 0) {
---
-2.0.5
-
+++ /dev/null
-From 294e4676a3b775a7accb50eb8428f293c218b5e2 Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Mon, 11 May 2015 18:30:33 +0200
-Subject: [PATCH 2/2] BUG/MEDIUM: http: don't forward client shutdown without
- NOLINGER except for tunnels
-
-There's an issue related with shutting down POST transfers or closing the
-connection after the end of the upload : the shutdown is forwarded to the
-server regardless of the abortonclose option. The problem it causes is that
-during a scan, brute force or whatever, it becomes possible that all source
-ports are exhausted with all sockets in TIME_WAIT state.
-
-There are multiple issues at once in fact :
- - no action is done for the close, it automatically happens at the lower
- layers thanks for channel_auto_close(), so we cannot act on NOLINGER ;
-
- - we *do* want to continue to send a clean shutdown in tunnel mode because
- some protocols transported over HTTP may need this, regardless of option
- abortonclose, thus we can't set the option inconditionally
-
- - for all other modes, we do want to close the dirty way because we're
- certain whether we've sent everything or not, and we don't want to eat
- all source ports.
-
-The solution is a bit complex and applies to DONE/TUNNEL states :
-
- 1) disable automatic close for everything not a tunnel and not just
- keep-alive / server-close. Force-close is now covered, as is HTTP/1.0
- which implicitly works in force-close mode ;
-
- 2) when processing option abortonclose, we know we can disable lingering
- if the client has closed and the connection is not in tunnel mode.
-
-Since the last case above leads to a situation where the client side reports
-an error, we know the connection will not be reused, so leaving the flag on
-the stream-interface is safe. A client closing in the middle of the data
-transmission already aborts the transaction so this case is not a problem.
-
-This fix must be backported to 1.5 where the problem was detected.
-(cherry picked from commit bbfb6c40854925367ae5f9e8b22c5c9a18dc69d5)
----
- src/proto_http.c | 14 ++++++++++----
- 1 file changed, 10 insertions(+), 4 deletions(-)
-
-diff --git a/src/proto_http.c b/src/proto_http.c
-index 0ac3a47..5db64b5 100644
---- a/src/proto_http.c
-+++ b/src/proto_http.c
-@@ -5452,9 +5452,10 @@ int http_request_forward_body(struct session *s, struct channel *req, int an_bit
- msg->sov -= msg->next;
- msg->next = 0;
-
-- /* for keep-alive we don't want to forward closes on DONE */
-- if ((txn->flags & TX_CON_WANT_MSK) == TX_CON_WANT_KAL ||
-- (txn->flags & TX_CON_WANT_MSK) == TX_CON_WANT_SCL)
-+ /* we don't want to forward closes on DONE except in
-+ * tunnel mode.
-+ */
-+ if ((txn->flags & TX_CON_WANT_MSK) != TX_CON_WANT_TUN)
- channel_dont_close(req);
- if (http_resync_states(s)) {
- /* some state changes occurred, maybe the analyser
-@@ -5478,10 +5479,15 @@ int http_request_forward_body(struct session *s, struct channel *req, int an_bit
- * want to monitor the client's connection and forward
- * any shutdown notification to the server, which will
- * decide whether to close or to go on processing the
-- * request.
-+ * request. We only do that in tunnel mode, and not in
-+ * other modes since it can be abused to exhaust source
-+ * ports.
- */
- if (s->be->options & PR_O_ABRT_CLOSE) {
- channel_auto_read(req);
-+ if ((req->flags & (CF_SHUTR|CF_READ_NULL)) &&
-+ ((txn->flags & TX_CON_WANT_MSK) != TX_CON_WANT_TUN))
-+ s->si[1].flags |= SI_FL_NOLINGER;
- channel_auto_close(req);
- }
- else if (s->txn.meth == HTTP_METH_POST) {
---
-2.0.5
-
+++ /dev/null
-From 68e4fc2b9910dd090c5e729203b72444f75aaa75 Mon Sep 17 00:00:00 2001
-From: Baptiste Assmann <bedis9@gmail.com>
-Date: Fri, 1 May 2015 08:09:29 +0200
-Subject: [PATCH 3/8] BUG/MINOR: check: fix tcpcheck error message
-
-add the keyword 'string' when required (error in a tcpcheck expect
-string)
-(cherry picked from commit 96a5c9b57738c05ecce7822093b9c4118123dc1e)
----
- src/checks.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/checks.c b/src/checks.c
-index 71debb6..8b53f97 100644
---- a/src/checks.c
-+++ b/src/checks.c
-@@ -614,7 +614,7 @@ static void chk_report_conn_err(struct connection *conn, int errno_bck, int expi
- }
- else if (check->last_started_step && check->last_started_step->action == TCPCHK_ACT_EXPECT) {
- if (check->last_started_step->string)
-- chunk_appendf(chk, " (string '%s')", check->last_started_step->string);
-+ chunk_appendf(chk, " (expect string '%s')", check->last_started_step->string);
- else if (check->last_started_step->expect_regex)
- chunk_appendf(chk, " (expect regex)");
- }
---
-2.0.5
-
+++ /dev/null
-From 4f889006269e4d3f802de46f280ed198a15e3a69 Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Wed, 13 May 2015 11:23:01 +0200
-Subject: [PATCH 4/8] CLEANUP: checks: fix double usage of cur / current_step
- in tcp-checks
-
-This cleanup is a preliminary requirement to the upcoming fixes for
-the bug that affect tcp-check's improper use of lists. It will have
-to be backported to 1.5 though it will not easily apply.
-
-There are two variables pointing to the current rule within the loop,
-and either one or the other is used depending on the code blocks,
-making it much harder to apply checks to fix the list walking bug.
-So first get rid of "cur" and only focus on current_step.
-(cherry picked from commit ce8c42a37a44a1e0cb94e81abb7cc2baf3d0ef80)
-
-[wt: 1.5 doesn't have comments so this patch differs significantly
- from 1.6, but it's needed for the next batch of fixes]
----
- src/checks.c | 57 ++++++++++++++++++++++++++++-----------------------------
- 1 file changed, 28 insertions(+), 29 deletions(-)
-
-diff --git a/src/checks.c b/src/checks.c
-index 8b53f97..cfdfe8c 100644
---- a/src/checks.c
-+++ b/src/checks.c
-@@ -1859,7 +1859,7 @@ static int tcpcheck_get_step_id(struct server *s)
- static void tcpcheck_main(struct connection *conn)
- {
- char *contentptr;
-- struct tcpcheck_rule *cur, *next;
-+ struct tcpcheck_rule *next;
- int done = 0, ret = 0;
- struct check *check = conn->owner;
- struct server *s = check->server;
-@@ -1916,15 +1916,11 @@ static void tcpcheck_main(struct connection *conn)
- check->bo->o = 0;
- check->bi->p = check->bi->data;
- check->bi->i = 0;
-- cur = check->current_step = LIST_ELEM(head->n, struct tcpcheck_rule *, list);
-+ check->current_step = LIST_ELEM(head->n, struct tcpcheck_rule *, list);
- t->expire = tick_add(now_ms, MS_TO_TICKS(check->inter));
- if (s->proxy->timeout.check)
- t->expire = tick_add_ifset(now_ms, s->proxy->timeout.check);
- }
-- /* keep on processing step */
-- else {
-- cur = check->current_step;
-- }
-
- /* It's only the rules which will enable send/recv */
- __conn_data_stop_both(conn);
-@@ -1934,7 +1930,7 @@ static void tcpcheck_main(struct connection *conn)
- * or if we're about to send a string that does not fit in the remaining space.
- */
- if (check->bo->o &&
-- (&cur->list == head ||
-+ (&check->current_step->list == head ||
- check->current_step->action != TCPCHK_ACT_SEND ||
- check->current_step->string_len >= buffer_total_space(check->bo))) {
-
-@@ -1949,14 +1945,17 @@ static void tcpcheck_main(struct connection *conn)
- }
-
- /* did we reach the end ? If so, let's check that everything was sent */
-- if (&cur->list == head) {
-+ if (&check->current_step->list == head) {
- if (check->bo->o)
- goto out_need_io;
- break;
- }
-
-- /* have 'next' point to the next rule or NULL if we're on the last one */
-- next = (struct tcpcheck_rule *)cur->list.n;
-+ /* have 'next' point to the next rule or NULL if we're on the
-+ * last one, connect() needs this.
-+ */
-+ next = (struct tcpcheck_rule *)check->current_step->list.n;
-+
- if (&next->list == head)
- next = NULL;
-
-@@ -2058,8 +2057,7 @@ static void tcpcheck_main(struct connection *conn)
- }
-
- /* allow next rule */
-- cur = (struct tcpcheck_rule *)cur->list.n;
-- check->current_step = cur;
-+ check->current_step = (struct tcpcheck_rule *)check->current_step->list.n;
-
- /* don't do anything until the connection is established */
- if (!(conn->flags & CO_FL_CONNECTED)) {
-@@ -2113,8 +2111,7 @@ static void tcpcheck_main(struct connection *conn)
- *check->bo->p = '\0'; /* to make gdb output easier to read */
-
- /* go to next rule and try to send */
-- cur = (struct tcpcheck_rule *)cur->list.n;
-- check->current_step = cur;
-+ check->current_step = (struct tcpcheck_rule *)check->current_step->list.n;
- } /* end 'send' */
- else if (check->current_step->action == TCPCHK_ACT_EXPECT) {
- if (unlikely(check->result == CHK_RES_FAILED))
-@@ -2167,14 +2164,14 @@ static void tcpcheck_main(struct connection *conn)
- goto out_end_tcpcheck;
- }
-
-- if (!done && (cur->string != NULL) && (check->bi->i < cur->string_len) )
-+ if (!done && (check->current_step->string != NULL) && (check->bi->i < check->current_step->string_len) )
- continue; /* try to read more */
-
- tcpcheck_expect:
-- if (cur->string != NULL)
-- ret = my_memmem(contentptr, check->bi->i, cur->string, cur->string_len) != NULL;
-- else if (cur->expect_regex != NULL)
-- ret = regex_exec(cur->expect_regex, contentptr);
-+ if (check->current_step->string != NULL)
-+ ret = my_memmem(contentptr, check->bi->i, check->current_step->string, check->current_step->string_len) != NULL;
-+ else if (check->current_step->expect_regex != NULL)
-+ ret = regex_exec(check->current_step->expect_regex, contentptr);
-
- if (!ret && !done)
- continue; /* try to read more */
-@@ -2182,11 +2179,11 @@ static void tcpcheck_main(struct connection *conn)
- /* matched */
- if (ret) {
- /* matched but we did not want to => ERROR */
-- if (cur->inverse) {
-+ if (check->current_step->inverse) {
- /* we were looking for a string */
-- if (cur->string != NULL) {
-+ if (check->current_step->string != NULL) {
- chunk_printf(&trash, "TCPCHK matched unwanted content '%s' at step %d",
-- cur->string, tcpcheck_get_step_id(s));
-+ check->current_step->string, tcpcheck_get_step_id(s));
- }
- else {
- /* we were looking for a regex */
-@@ -2198,8 +2195,9 @@ static void tcpcheck_main(struct connection *conn)
- }
- /* matched and was supposed to => OK, next step */
- else {
-- cur = (struct tcpcheck_rule*)cur->list.n;
-- check->current_step = cur;
-+ /* allow next rule */
-+ check->current_step = (struct tcpcheck_rule *)check->current_step->list.n;
-+
- if (check->current_step->action == TCPCHK_ACT_EXPECT)
- goto tcpcheck_expect;
- __conn_data_stop_recv(conn);
-@@ -2208,9 +2206,10 @@ static void tcpcheck_main(struct connection *conn)
- else {
- /* not matched */
- /* not matched and was not supposed to => OK, next step */
-- if (cur->inverse) {
-- cur = (struct tcpcheck_rule*)cur->list.n;
-- check->current_step = cur;
-+ if (check->current_step->inverse) {
-+ /* allow next rule */
-+ check->current_step = (struct tcpcheck_rule *)check->current_step->list.n;
-+
- if (check->current_step->action == TCPCHK_ACT_EXPECT)
- goto tcpcheck_expect;
- __conn_data_stop_recv(conn);
-@@ -2218,9 +2217,9 @@ static void tcpcheck_main(struct connection *conn)
- /* not matched but was supposed to => ERROR */
- else {
- /* we were looking for a string */
-- if (cur->string != NULL) {
-+ if (check->current_step->string != NULL) {
- chunk_printf(&trash, "TCPCHK did not match content '%s' at step %d",
-- cur->string, tcpcheck_get_step_id(s));
-+ check->current_step->string, tcpcheck_get_step_id(s));
- }
- else {
- /* we were looking for a regex */
---
-2.0.5
-
+++ /dev/null
-From b94a6d5a37499ce6649ad58f4a8c4664779abd8b Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Wed, 13 May 2015 11:38:17 +0200
-Subject: [PATCH 5/8] BUG/MEDIUM: checks: do not dereference head of a
- tcp-check at the end
-
-When the end of the list is reached, the current step's action is checked
-to know if we must poll or not. Unfortunately, the main reason for going
-there is that we walked past the end of list and current_step points to
-the head. We cannot dereference ->action since it does not belong to this
-structure and can definitely crash if the address is not mapped.
-
-This bug is unlikely to cause a crash since the action appears just after
-the list, and corresponds to the "char *check_req" pointer in the proxy
-struct, and it seems that we can't go there with current_step being null.
-At worst it can cause the check to register for recv events.
-
-This fix needs to be backported to 1.5 since the code is incorrect there
-as well.
-(cherry picked from commit 53c5a049e1f4dbf67412472e23690dc6b3c8d0f8)
----
- src/checks.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/src/checks.c b/src/checks.c
-index cfdfe8c..a887be1 100644
---- a/src/checks.c
-+++ b/src/checks.c
-@@ -2237,10 +2237,12 @@ static void tcpcheck_main(struct connection *conn)
- goto out_end_tcpcheck;
-
- out_need_io:
-+ /* warning, current_step may now point to the head */
- if (check->bo->o)
- __conn_data_want_send(conn);
-
-- if (check->current_step->action == TCPCHK_ACT_EXPECT)
-+ if (&check->current_step->list != head &&
-+ check->current_step->action == TCPCHK_ACT_EXPECT)
- __conn_data_want_recv(conn);
- return;
-
-@@ -2256,7 +2258,6 @@ static void tcpcheck_main(struct connection *conn)
- conn->flags |= CO_FL_ERROR;
-
- __conn_data_stop_both(conn);
--
- return;
- }
-
---
-2.0.5
-
+++ /dev/null
-From ebb2bceb34d7787453548627ed0e99c60354672b Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Wed, 13 May 2015 11:59:14 +0200
-Subject: [PATCH 6/8] CLEANUP: checks: simplify the loop processing of
- tcp-checks
-
-There is some unobvious redundancy between the various ways we can leave
-the loop. Some of them can be factored out. So now we leave the loop when
-we can't go further, whether it's caused by reaching the end of the rules
-or by a blocking I/O.
-(cherry picked from commit 263013d031d754c9f96de0d0cb5afcc011af6441)
-[wt: this patch is required for the next fix]
----
- src/checks.c | 26 ++++++++++++++------------
- 1 file changed, 14 insertions(+), 12 deletions(-)
-
-diff --git a/src/checks.c b/src/checks.c
-index a887be1..a0c42f2 100644
---- a/src/checks.c
-+++ b/src/checks.c
-@@ -1926,8 +1926,10 @@ static void tcpcheck_main(struct connection *conn)
- __conn_data_stop_both(conn);
-
- while (1) {
-- /* we have to try to flush the output buffer before reading, at the end,
-- * or if we're about to send a string that does not fit in the remaining space.
-+ /* We have to try to flush the output buffer before reading, at
-+ * the end, or if we're about to send a string that does not fit
-+ * in the remaining space. That explains why we break out of the
-+ * loop after this control.
- */
- if (check->bo->o &&
- (&check->current_step->list == head ||
-@@ -1940,16 +1942,12 @@ static void tcpcheck_main(struct connection *conn)
- __conn_data_stop_both(conn);
- goto out_end_tcpcheck;
- }
-- goto out_need_io;
-+ break;
- }
- }
-
-- /* did we reach the end ? If so, let's check that everything was sent */
-- if (&check->current_step->list == head) {
-- if (check->bo->o)
-- goto out_need_io;
-+ if (&check->current_step->list == head)
- break;
-- }
-
- /* have 'next' point to the next rule or NULL if we're on the
- * last one, connect() needs this.
-@@ -2131,7 +2129,7 @@ static void tcpcheck_main(struct connection *conn)
- }
- }
- else
-- goto out_need_io;
-+ break;
- }
-
- /* mark the step as started */
-@@ -2233,10 +2231,14 @@ static void tcpcheck_main(struct connection *conn)
- } /* end expect */
- } /* end loop over double chained step list */
-
-- set_server_check_status(check, HCHK_STATUS_L7OKD, "(tcp-check)");
-- goto out_end_tcpcheck;
-+ /* We're waiting for some I/O to complete, we've reached the end of the
-+ * rules, or both. Do what we have to do, otherwise we're done.
-+ */
-+ if (&check->current_step->list == head && !check->bo->o) {
-+ set_server_check_status(check, HCHK_STATUS_L7OKD, "(tcp-check)");
-+ goto out_end_tcpcheck;
-+ }
-
-- out_need_io:
- /* warning, current_step may now point to the head */
- if (check->bo->o)
- __conn_data_want_send(conn);
---
-2.0.5
-
+++ /dev/null
-From 97fccc87f1297d189ee80735e5b8746c34956eda Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Wed, 13 May 2015 12:08:21 +0200
-Subject: [PATCH 7/8] BUG/MAJOR: checks: always check for end of list before
- proceeding
-
-This is the most important fix of this series. There's a risk of endless
-loop and crashes caused by the fact that we go past the head of the list
-when skipping to next rule, without checking if it's still a valid element.
-Most of the time, the ->action field is checked, which points to the proxy's
-check_req pointer (generally NULL), meaning the element is confused with a
-TCPCHK_ACT_SEND action.
-
-The situation was accidently made worse with the addition of tcp-check
-comment since it also skips list elements. However, since the action that
-makes it go forward is TCPCHK_ACT_COMMENT (3), there's little chance to
-see this as a valid pointer, except on 64-bit machines where it can match
-the end of a check_req string pointer.
-
-This fix heavily depends on previous cleanup and both must be backported
-to 1.5 where the bug is present.
-(cherry picked from commit f2c87353a7f8160930b5f342bb6d6ad0991ee3d1)
-[wt: this patch differs significantly from 1.6 since we don't have comments]
----
- src/cfgparse.c | 4 +++-
- src/checks.c | 12 ++++++++++++
- 2 files changed, 15 insertions(+), 1 deletion(-)
-
-diff --git a/src/cfgparse.c b/src/cfgparse.c
-index 746c7eb..dba59d1 100644
---- a/src/cfgparse.c
-+++ b/src/cfgparse.c
-@@ -4368,7 +4368,9 @@ stats_error_parsing:
- l = (struct list *)&curproxy->tcpcheck_rules;
- if (l->p != l->n) {
- tcpcheck = (struct tcpcheck_rule *)l->n;
-- if (tcpcheck && tcpcheck->action != TCPCHK_ACT_CONNECT) {
-+
-+ if (&tcpcheck->list != &curproxy->tcpcheck_rules
-+ && tcpcheck->action != TCPCHK_ACT_CONNECT) {
- Alert("parsing [%s:%d] : first step MUST also be a 'connect' when there is a 'connect' step in the tcp-check ruleset.\n",
- file, linenum);
- err_code |= ERR_ALERT | ERR_FATAL;
-diff --git a/src/checks.c b/src/checks.c
-index a0c42f2..e13d561 100644
---- a/src/checks.c
-+++ b/src/checks.c
-@@ -2057,6 +2057,9 @@ static void tcpcheck_main(struct connection *conn)
- /* allow next rule */
- check->current_step = (struct tcpcheck_rule *)check->current_step->list.n;
-
-+ if (&check->current_step->list == head)
-+ break;
-+
- /* don't do anything until the connection is established */
- if (!(conn->flags & CO_FL_CONNECTED)) {
- /* update expire time, should be done by process_chk */
-@@ -2110,6 +2113,9 @@ static void tcpcheck_main(struct connection *conn)
-
- /* go to next rule and try to send */
- check->current_step = (struct tcpcheck_rule *)check->current_step->list.n;
-+
-+ if (&check->current_step->list == head)
-+ break;
- } /* end 'send' */
- else if (check->current_step->action == TCPCHK_ACT_EXPECT) {
- if (unlikely(check->result == CHK_RES_FAILED))
-@@ -2196,6 +2202,9 @@ static void tcpcheck_main(struct connection *conn)
- /* allow next rule */
- check->current_step = (struct tcpcheck_rule *)check->current_step->list.n;
-
-+ if (&check->current_step->list == head)
-+ break;
-+
- if (check->current_step->action == TCPCHK_ACT_EXPECT)
- goto tcpcheck_expect;
- __conn_data_stop_recv(conn);
-@@ -2208,6 +2217,9 @@ static void tcpcheck_main(struct connection *conn)
- /* allow next rule */
- check->current_step = (struct tcpcheck_rule *)check->current_step->list.n;
-
-+ if (&check->current_step->list == head)
-+ break;
-+
- if (check->current_step->action == TCPCHK_ACT_EXPECT)
- goto tcpcheck_expect;
- __conn_data_stop_recv(conn);
---
-2.0.5
-
+++ /dev/null
-From 5bff05986c501d9ffb67873b60472f9c2a2e41be Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Wed, 13 May 2015 12:24:53 +0200
-Subject: [PATCH 8/8] BUG/MEDIUM: checks: do not dereference a list as a
- tcpcheck struct
-
-The method used to skip to next rule in the list is wrong, it assumes
-that the list element starts at the same offset as the rule. It happens
-to be true on most architectures since the list is the first element for
-now but it's definitely wrong. Now the code doesn't crash anymore when
-the struct list is moved anywhere else in the struct tcpcheck_rule.
-
-This fix must be backported to 1.5.
-(cherry picked from commit 5581c27b579cbfc53afb0ca04cdeebe7e2200131)
-[wt: changes from 1.6 : no tcp-check comments, check becomes s->proxy]
----
- src/cfgparse.c | 18 +++++++-----------
- src/checks.c | 15 +++++++++------
- 2 files changed, 16 insertions(+), 17 deletions(-)
-
-diff --git a/src/cfgparse.c b/src/cfgparse.c
-index dba59d1..e04eff8 100644
---- a/src/cfgparse.c
-+++ b/src/cfgparse.c
-@@ -4362,20 +4362,16 @@ stats_error_parsing:
- const char *ptr_arg;
- int cur_arg;
- struct tcpcheck_rule *tcpcheck;
-- struct list *l;
-
- /* check if first rule is also a 'connect' action */
-- l = (struct list *)&curproxy->tcpcheck_rules;
-- if (l->p != l->n) {
-- tcpcheck = (struct tcpcheck_rule *)l->n;
-+ tcpcheck = LIST_NEXT(&curproxy->tcpcheck_rules, struct tcpcheck_rule *, list);
-
-- if (&tcpcheck->list != &curproxy->tcpcheck_rules
-- && tcpcheck->action != TCPCHK_ACT_CONNECT) {
-- Alert("parsing [%s:%d] : first step MUST also be a 'connect' when there is a 'connect' step in the tcp-check ruleset.\n",
-- file, linenum);
-- err_code |= ERR_ALERT | ERR_FATAL;
-- goto out;
-- }
-+ if (&tcpcheck->list != &curproxy->tcpcheck_rules
-+ && tcpcheck->action != TCPCHK_ACT_CONNECT) {
-+ Alert("parsing [%s:%d] : first step MUST also be a 'connect' when there is a 'connect' step in the tcp-check ruleset.\n",
-+ file, linenum);
-+ err_code |= ERR_ALERT | ERR_FATAL;
-+ goto out;
- }
-
- cur_arg = 2;
-diff --git a/src/checks.c b/src/checks.c
-index e13d561..27a23b2 100644
---- a/src/checks.c
-+++ b/src/checks.c
-@@ -1444,7 +1444,10 @@ static int connect_chk(struct task *t)
- quickack = check->type == 0 || check->type == PR_O2_TCPCHK_CHK;
-
- if (check->type == PR_O2_TCPCHK_CHK && !LIST_ISEMPTY(&s->proxy->tcpcheck_rules)) {
-- struct tcpcheck_rule *r = (struct tcpcheck_rule *) s->proxy->tcpcheck_rules.n;
-+ struct tcpcheck_rule *r;
-+
-+ r = LIST_NEXT(&s->proxy->tcpcheck_rules, struct tcpcheck_rule *, list);
-+
- /* if first step is a 'connect', then tcpcheck_main must run it */
- if (r->action == TCPCHK_ACT_CONNECT) {
- tcpcheck_main(conn);
-@@ -1952,7 +1955,7 @@ static void tcpcheck_main(struct connection *conn)
- /* have 'next' point to the next rule or NULL if we're on the
- * last one, connect() needs this.
- */
-- next = (struct tcpcheck_rule *)check->current_step->list.n;
-+ next = LIST_NEXT(&check->current_step->list, struct tcpcheck_rule *, list);
-
- if (&next->list == head)
- next = NULL;
-@@ -2055,7 +2058,7 @@ static void tcpcheck_main(struct connection *conn)
- }
-
- /* allow next rule */
-- check->current_step = (struct tcpcheck_rule *)check->current_step->list.n;
-+ check->current_step = LIST_NEXT(&check->current_step->list, struct tcpcheck_rule *, list);
-
- if (&check->current_step->list == head)
- break;
-@@ -2112,7 +2115,7 @@ static void tcpcheck_main(struct connection *conn)
- *check->bo->p = '\0'; /* to make gdb output easier to read */
-
- /* go to next rule and try to send */
-- check->current_step = (struct tcpcheck_rule *)check->current_step->list.n;
-+ check->current_step = LIST_NEXT(&check->current_step->list, struct tcpcheck_rule *, list);
-
- if (&check->current_step->list == head)
- break;
-@@ -2200,7 +2203,7 @@ static void tcpcheck_main(struct connection *conn)
- /* matched and was supposed to => OK, next step */
- else {
- /* allow next rule */
-- check->current_step = (struct tcpcheck_rule *)check->current_step->list.n;
-+ check->current_step = LIST_NEXT(&check->current_step->list, struct tcpcheck_rule *, list);
-
- if (&check->current_step->list == head)
- break;
-@@ -2215,7 +2218,7 @@ static void tcpcheck_main(struct connection *conn)
- /* not matched and was not supposed to => OK, next step */
- if (check->current_step->inverse) {
- /* allow next rule */
-- check->current_step = (struct tcpcheck_rule *)check->current_step->list.n;
-+ check->current_step = LIST_NEXT(&check->current_step->list, struct tcpcheck_rule *, list);
-
- if (&check->current_step->list == head)
- break;
---
-2.0.5
-
+++ /dev/null
-From 76a06b2804bcdba0fb2c19f834bdb511ce3cf344 Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Wed, 20 May 2015 10:39:04 +0200
-Subject: [PATCH 09/10] BUG/MEDIUM: peers: apply a random reconnection timeout
-
-Commit 9ff95bb ("BUG/MEDIUM: peers: correctly configure the client timeout")
-uncovered an old bug in the peers : upon disconnect, we reconnect immediately.
-This sometimes results in both ends to do the same thing in parallel causing
-a loop of connect/accept/close/close that can last several seconds. The risk
-of occurrence of the trouble increases with latency, and is emphasized by the
-fact that idle connections are now frequently recycled (after 5s of idle).
-
-In order to avoid this we must apply a random delay before reconnecting.
-Fortunately the mechanism already supports a reconnect delay, so here we
-compute the random timeout when killing a session. The delay is 50ms plus
-a random between 0 and 2 seconds. Ideally an exponential back-off would
-be preferred but it's preferable to keep the fix simple.
-
-This bug was reported by Marco Corte.
-
-This fix must be backported to 1.5 since the fix above was backported into
-1.5.12.
-(cherry picked from commit b4e34da692d8a7f6837ad16b3389f5830dbc11d2)
----
- src/peers.c | 14 +++++++++++---
- 1 file changed, 11 insertions(+), 3 deletions(-)
-
-diff --git a/src/peers.c b/src/peers.c
-index b196d88..159f0a4 100644
---- a/src/peers.c
-+++ b/src/peers.c
-@@ -1063,6 +1063,7 @@ static void peer_session_forceshutdown(struct session * session)
- {
- struct stream_interface *oldsi = NULL;
- struct appctx *appctx = NULL;
-+ struct peer_session *ps;
- int i;
-
- for (i = 0; i <= 1; i++) {
-@@ -1079,6 +1080,14 @@ static void peer_session_forceshutdown(struct session * session)
- if (!appctx)
- return;
-
-+ ps = (struct peer_session *)appctx->ctx.peers.ptr;
-+ /* we're killing a connection, we must apply a random delay before
-+ * retrying otherwise the other end will do the same and we can loop
-+ * for a while.
-+ */
-+ if (ps)
-+ ps->reconnect = tick_add(now_ms, MS_TO_TICKS(50 + random() % 2000));
-+
- /* call release to reinit resync states if needed */
- peer_session_release(oldsi);
- appctx->st0 = PEER_SESS_ST_END;
-@@ -1352,8 +1361,8 @@ static struct task *process_peer_sync(struct task * task)
- if (!ps->session) {
- /* no active session */
- if (ps->statuscode == 0 ||
-- ps->statuscode == PEER_SESS_SC_SUCCESSCODE ||
- ((ps->statuscode == PEER_SESS_SC_CONNECTCODE ||
-+ ps->statuscode == PEER_SESS_SC_SUCCESSCODE ||
- ps->statuscode == PEER_SESS_SC_CONNECTEDCODE) &&
- tick_is_expired(ps->reconnect, now_ms))) {
- /* connection never tried
-@@ -1364,8 +1373,7 @@ static struct task *process_peer_sync(struct task * task)
- /* retry a connect */
- ps->session = peer_session_create(ps->peer, ps);
- }
-- else if (ps->statuscode == PEER_SESS_SC_CONNECTCODE ||
-- ps->statuscode == PEER_SESS_SC_CONNECTEDCODE) {
-+ else if (!tick_is_expired(ps->reconnect, now_ms)) {
- /* If previous session failed during connection
- * but reconnection timer is not expired */
-
---
-2.0.5
-
+++ /dev/null
-From ac372e18c422841a9f1197b4238637c470e8edca Mon Sep 17 00:00:00 2001
-From: Pavlos Parissis <pavlos.parissis@gmail.com>
-Date: Sat, 2 May 2015 20:30:44 +0200
-Subject: [PATCH 10/10] DOC: Update doc about weight, act and bck fields in the
- statistics
-
-Reorder description of the mentioned fields in order to match the
-order of types
-(cherry picked from commit 1f673c72c11d011bbd24e309d3155384eddf7a46)
----
- doc/configuration.txt | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/doc/configuration.txt b/doc/configuration.txt
-index a9d497e..6f5eeb1 100644
---- a/doc/configuration.txt
-+++ b/doc/configuration.txt
-@@ -13240,9 +13240,9 @@ S (Servers).
- server. The server value counts the number of times that server was
- switched away from.
- 17. status [LFBS]: status (UP/DOWN/NOLB/MAINT/MAINT(via)...)
-- 18. weight [..BS]: server weight (server), total weight (backend)
-- 19. act [..BS]: server is active (server), number of active servers (backend)
-- 20. bck [..BS]: server is backup (server), number of backup servers (backend)
-+ 18. weight [..BS]: total weight (backend), server weight (server)
-+ 19. act [..BS]: number of active servers (backend), server is active (server)
-+ 20. bck [..BS]: number of backup servers (backend), server is backup (server)
- 21. chkfail [...S]: number of failed checks. (Only counts checks failed when
- the server is up.)
- 22. chkdown [..BS]: number of UP->DOWN transitions. The backend counter counts
---
-2.0.5
-
+++ /dev/null
-From 269a02fbb332da8faf6c2a614d45d5b5018816d1 Mon Sep 17 00:00:00 2001
-From: Remi Gacogne <rgacogne@aquaray.fr>
-Date: Thu, 28 May 2015 16:39:47 +0200
-Subject: [PATCH 11/14] MINOR: ssl: add a destructor to free allocated SSL
- ressources
-
-Using valgrind or another memory leak tracking tool is easier
-when the memory internally allocated by OpenSSL is cleanly released
-at shutdown.
-(cherry picked from commit d3a23c3eb8c0950d26204568a133207099923494)
----
- src/ssl_sock.c | 36 ++++++++++++++++++++++++++++++++++++
- 1 file changed, 36 insertions(+)
-
-diff --git a/src/ssl_sock.c b/src/ssl_sock.c
-index d0f4d01..a78fc6a 100644
---- a/src/ssl_sock.c
-+++ b/src/ssl_sock.c
-@@ -4717,6 +4717,42 @@ static void __ssl_sock_init(void)
- cfg_register_keywords(&cfg_kws);
- }
-
-+__attribute__((destructor))
-+static void __ssl_sock_deinit(void)
-+{
-+#ifndef OPENSSL_NO_DH
-+ if (local_dh_1024) {
-+ DH_free(local_dh_1024);
-+ local_dh_1024 = NULL;
-+ }
-+
-+ if (local_dh_2048) {
-+ DH_free(local_dh_2048);
-+ local_dh_2048 = NULL;
-+ }
-+
-+ if (local_dh_4096) {
-+ DH_free(local_dh_4096);
-+ local_dh_4096 = NULL;
-+ }
-+
-+ if (local_dh_8192) {
-+ DH_free(local_dh_8192);
-+ local_dh_8192 = NULL;
-+ }
-+#endif
-+
-+ ERR_remove_state(0);
-+ ERR_free_strings();
-+
-+ EVP_cleanup();
-+
-+#if OPENSSL_VERSION_NUMBER >= 0x00907000L
-+ CRYPTO_cleanup_all_ex_data();
-+#endif
-+}
-+
-+
- /*
- * Local variables:
- * c-indent-level: 8
---
-2.0.5
-
+++ /dev/null
-From 5d769ca828fdb055052b3dbc232864bdf2853c9f Mon Sep 17 00:00:00 2001
-From: Remi Gacogne <rgacogne@aquaray.fr>
-Date: Thu, 28 May 2015 16:23:00 +0200
-Subject: [PATCH 12/14] BUG/MEDIUM: ssl: fix tune.ssl.default-dh-param value
- being overwritten
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Hervé Commowick reported that the logic used to avoid complaining about
-ssl-default-dh-param not being set when static DH params are present
-in the certificate file was clearly wrong when more than one sni_ctx
-is used.
-This patch stores whether static DH params are being used for each
-SSL_CTX individually, and does not overwrite the value of
-tune.ssl.default-dh-param.
-(cherry picked from commit 4f902b88323927c9d25d391a809e3678ac31df41)
----
- src/ssl_sock.c | 28 +++++++++++++++++++++++-----
- 1 file changed, 23 insertions(+), 5 deletions(-)
-
-diff --git a/src/ssl_sock.c b/src/ssl_sock.c
-index a78fc6a..0f7819b 100644
---- a/src/ssl_sock.c
-+++ b/src/ssl_sock.c
-@@ -47,6 +47,9 @@
- #ifdef SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB
- #include <openssl/ocsp.h>
- #endif
-+#ifndef OPENSSL_NO_DH
-+#include <openssl/dh.h>
-+#endif
-
- #include <common/buffer.h>
- #include <common/compat.h>
-@@ -107,6 +110,7 @@ int sslconns = 0;
- int totalsslconns = 0;
-
- #ifndef OPENSSL_NO_DH
-+static int ssl_dh_ptr_index = -1;
- static DH *local_dh_1024 = NULL;
- static DH *local_dh_2048 = NULL;
- static DH *local_dh_4096 = NULL;
-@@ -1076,10 +1080,12 @@ int ssl_sock_load_dh_params(SSL_CTX *ctx, const char *file)
- if (dh) {
- ret = 1;
- SSL_CTX_set_tmp_dh(ctx, dh);
-- /* Setting ssl default dh param to the size of the static DH params
-- found in the file. This way we know that there is no use
-- complaining later about ssl-default-dh-param not being set. */
-- global.tune.ssl_default_dh_param = DH_size(dh) * 8;
-+
-+ if (ssl_dh_ptr_index >= 0) {
-+ /* store a pointer to the DH params to avoid complaining about
-+ ssl-default-dh-param not being set for this SSL_CTX */
-+ SSL_CTX_set_ex_data(ctx, ssl_dh_ptr_index, dh);
-+ }
- }
- else {
- /* Clear openssl global errors stack */
-@@ -1274,6 +1280,12 @@ static int ssl_sock_load_cert_file(const char *path, struct bind_conf *bind_conf
- * the tree, so it will be discovered and cleaned in time.
- */
- #ifndef OPENSSL_NO_DH
-+ /* store a NULL pointer to indicate we have not yet loaded
-+ a custom DH param file */
-+ if (ssl_dh_ptr_index >= 0) {
-+ SSL_CTX_set_ex_data(ctx, ssl_dh_ptr_index, NULL);
-+ }
-+
- ret = ssl_sock_load_dh_params(ctx, path);
- if (ret < 0) {
- if (err)
-@@ -1593,7 +1605,9 @@ int ssl_sock_prepare_ctx(struct bind_conf *bind_conf, SSL_CTX *ctx, struct proxy
-
- /* If tune.ssl.default-dh-param has not been set and
- no static DH params were in the certificate file. */
-- if (global.tune.ssl_default_dh_param == 0) {
-+ if (global.tune.ssl_default_dh_param == 0 &&
-+ (ssl_dh_ptr_index == -1 ||
-+ SSL_CTX_get_ex_data(ctx, ssl_dh_ptr_index) == NULL)) {
- ciphers = ctx->cipher_list;
-
- if (ciphers) {
-@@ -4715,6 +4729,10 @@ static void __ssl_sock_init(void)
- bind_register_keywords(&bind_kws);
- srv_register_keywords(&srv_kws);
- cfg_register_keywords(&cfg_kws);
-+
-+#ifndef OPENSSL_NO_DH
-+ ssl_dh_ptr_index = SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, NULL);
-+#endif
- }
-
- __attribute__((destructor))
---
-2.0.5
-
+++ /dev/null
-From 629b1c000b26f0031246b9b529680b275a14118f Mon Sep 17 00:00:00 2001
-From: William Lallemand <wlallemand@haproxy.com>
-Date: Thu, 28 May 2015 18:02:48 +0200
-Subject: [PATCH 13/14] BUG/MINOR: cfgparse: fix typo in 'option httplog' error
- message
-
-The error message was displaying the wrong argument when 'option
-httplog' took a wrong argument.
-(cherry picked from commit 77063bc0c6ceb4257c4e2c08411811ecc48be1aa)
----
- src/cfgparse.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/cfgparse.c b/src/cfgparse.c
-index e04eff8..3c3383d 100644
---- a/src/cfgparse.c
-+++ b/src/cfgparse.c
-@@ -3792,7 +3792,7 @@ stats_error_parsing:
- curproxy->options2 |= PR_O2_CLFLOG;
- logformat = clf_http_log_format;
- } else {
-- Alert("parsing [%s:%d] : keyword '%s' only supports option 'clf'.\n", file, linenum, args[2]);
-+ Alert("parsing [%s:%d] : keyword '%s' only supports option 'clf'.\n", file, linenum, args[1]);
- err_code |= ERR_ALERT | ERR_FATAL;
- goto out;
- }
---
-2.0.5
-
+++ /dev/null
-From faf3315f77c527e6e1d027deb7e853cdf6af5858 Mon Sep 17 00:00:00 2001
-From: William Lallemand <wlallemand@haproxy.com>
-Date: Thu, 28 May 2015 18:03:51 +0200
-Subject: [PATCH 14/14] BUG/MEDIUM: cfgparse: segfault when userlist is misused
-
-If the 'userlist' keyword parsing returns an error and no userlist were
-previously created. The parsing of 'user' and 'group' leads to NULL
-derefence.
-
-The userlist pointer is now tested to prevent this issue.
-(cherry picked from commit 4ac9f546120d42be8147e3d90588e7b9738af0cc)
----
- src/cfgparse.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/src/cfgparse.c b/src/cfgparse.c
-index 3c3383d..392a78d 100644
---- a/src/cfgparse.c
-+++ b/src/cfgparse.c
-@@ -5668,6 +5668,9 @@ cfg_parse_users(const char *file, int linenum, char **args, int kwm)
- goto out;
- }
-
-+ if (!userlist)
-+ goto out;
-+
- for (ag = userlist->groups; ag; ag = ag->next)
- if (!strcmp(ag->name, args[1])) {
- Warning("parsing [%s:%d]: ignoring duplicated group '%s' in userlist '%s'.\n",
-@@ -5718,6 +5721,8 @@ cfg_parse_users(const char *file, int linenum, char **args, int kwm)
- err_code |= ERR_ALERT | ERR_FATAL;
- goto out;
- }
-+ if (!userlist)
-+ goto out;
-
- for (newuser = userlist->users; newuser; newuser = newuser->next)
- if (!strcmp(newuser->user, args[1])) {
---
-2.0.5
-
+++ /dev/null
-From 2ad3ec1ab5379a16b16aba48a42ced27b170534e Mon Sep 17 00:00:00 2001
-From: Remi Gacogne <rgacogne@aquaray.fr>
-Date: Fri, 29 May 2015 16:26:17 +0200
-Subject: [PATCH 15/18] MEDIUM: ssl: replace standards DH groups with custom
- ones
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-It is likely that powerful adversaries have been pre-computing the
-standardized DH groups, because being widely used have made them
-valuable targets. While users are advised to generate their own
-DH parameters, replace the ones we ship by values been randomly
-generated for this product only.
-
-[wt: replaced dh1024_p, dh2048_p, and dh4096_p with locally-generated
- ones as recommended by Rémi]
-
-(cherry picked from commit d3a341a96fb6107d2b8e3d7a9c0afa2ff43bb0b6)
----
- src/ssl_sock.c | 340 +++++++++++++++++----------------------------------------
- 1 file changed, 102 insertions(+), 238 deletions(-)
-
-diff --git a/src/ssl_sock.c b/src/ssl_sock.c
-index 0f7819b..93aab8b 100644
---- a/src/ssl_sock.c
-+++ b/src/ssl_sock.c
-@@ -114,7 +114,6 @@ static int ssl_dh_ptr_index = -1;
- static DH *local_dh_1024 = NULL;
- static DH *local_dh_2048 = NULL;
- static DH *local_dh_4096 = NULL;
--static DH *local_dh_8192 = NULL;
- #endif /* OPENSSL_NO_DH */
-
- #ifdef SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB
-@@ -766,32 +765,28 @@ static int ssl_sock_switchctx_cbk(SSL *ssl, int *al, struct bind_conf *s)
-
- static DH * ssl_get_dh_1024(void)
- {
--#if OPENSSL_VERSION_NUMBER < 0x0090801fL
-- static const unsigned char rfc_2409_prime_1024[] = {
-- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
-- 0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
-- 0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
-- 0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
-- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
-- 0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
-- 0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
-- 0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
-- 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
-- 0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE6,0x53,0x81,
-- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
-- };
--#endif
-+ static unsigned char dh1024_p[]={
-+ 0xFA,0xF9,0x2A,0x22,0x2A,0xA7,0x7F,0xE1,0x67,0x4E,0x53,0xF7,
-+ 0x56,0x13,0xC3,0xB1,0xE3,0x29,0x6B,0x66,0x31,0x6A,0x7F,0xB3,
-+ 0xC2,0x68,0x6B,0xCB,0x1D,0x57,0x39,0x1D,0x1F,0xFF,0x1C,0xC9,
-+ 0xA6,0xA4,0x98,0x82,0x31,0x5D,0x25,0xFF,0x8A,0xE0,0x73,0x96,
-+ 0x81,0xC8,0x83,0x79,0xC1,0x5A,0x04,0xF8,0x37,0x0D,0xA8,0x3D,
-+ 0xAE,0x74,0xBC,0xDB,0xB6,0xA4,0x75,0xD9,0x71,0x8A,0xA0,0x17,
-+ 0x9E,0x2D,0xC8,0xA8,0xDF,0x2C,0x5F,0x82,0x95,0xF8,0x92,0x9B,
-+ 0xA7,0x33,0x5F,0x89,0x71,0xC8,0x2D,0x6B,0x18,0x86,0xC4,0x94,
-+ 0x22,0xA5,0x52,0x8D,0xF6,0xF6,0xD2,0x37,0x92,0x0F,0xA5,0xCC,
-+ 0xDB,0x7B,0x1D,0x3D,0xA1,0x31,0xB7,0x80,0x8F,0x0B,0x67,0x5E,
-+ 0x36,0xA5,0x60,0x0C,0xF1,0x95,0x33,0x8B,
-+ };
-+ static unsigned char dh1024_g[]={
-+ 0x02,
-+ };
-+
- DH *dh = DH_new();
- if (dh) {
--#if OPENSSL_VERSION_NUMBER >= 0x0090801fL
-- dh->p = get_rfc2409_prime_1024(NULL);
--#else
-- dh->p = BN_bin2bn(rfc_2409_prime_1024, sizeof rfc_2409_prime_1024, NULL);
--#endif
-- /* See RFC 2409, Section 6 "Oakley Groups"
-- for the reason why 2 is used as generator.
-- */
-- BN_dec2bn(&dh->g, "2");
-+ dh->p = BN_bin2bn(dh1024_p, sizeof dh1024_p, NULL);
-+ dh->g = BN_bin2bn(dh1024_g, sizeof dh1024_g, NULL);
-+
- if (!dh->p || !dh->g) {
- DH_free(dh);
- dh = NULL;
-@@ -802,43 +797,39 @@ static DH * ssl_get_dh_1024(void)
-
- static DH *ssl_get_dh_2048(void)
- {
--#if OPENSSL_VERSION_NUMBER < 0x0090801fL
-- static const unsigned char rfc_3526_prime_2048[] = {
-- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
-- 0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
-- 0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
-- 0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
-- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
-- 0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
-- 0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
-- 0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
-- 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
-- 0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,
-- 0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,0x98,0xDA,0x48,0x36,
-- 0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
-- 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,
-- 0x20,0x85,0x52,0xBB,0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,
-- 0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,0xF1,0x74,0x6C,0x08,
-- 0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
-- 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,
-- 0xEC,0x07,0xA2,0x8F,0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,
-- 0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,0x39,0x95,0x49,0x7C,
-- 0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
-- 0x15,0x72,0x8E,0x5A,0x8A,0xAC,0xAA,0x68,0xFF,0xFF,0xFF,0xFF,
-- 0xFF,0xFF,0xFF,0xFF,
-- };
--#endif
-+ static unsigned char dh2048_p[]={
-+ 0xEC,0x86,0xF8,0x70,0xA0,0x33,0x16,0xEC,0x05,0x1A,0x73,0x59,
-+ 0xCD,0x1F,0x8B,0xF8,0x29,0xE4,0xD2,0xCF,0x52,0xDD,0xC2,0x24,
-+ 0x8D,0xB5,0x38,0x9A,0xFB,0x5C,0xA4,0xE4,0xB2,0xDA,0xCE,0x66,
-+ 0x50,0x74,0xA6,0x85,0x4D,0x4B,0x1D,0x30,0xB8,0x2B,0xF3,0x10,
-+ 0xE9,0xA7,0x2D,0x05,0x71,0xE7,0x81,0xDF,0x8B,0x59,0x52,0x3B,
-+ 0x5F,0x43,0x0B,0x68,0xF1,0xDB,0x07,0xBE,0x08,0x6B,0x1B,0x23,
-+ 0xEE,0x4D,0xCC,0x9E,0x0E,0x43,0xA0,0x1E,0xDF,0x43,0x8C,0xEC,
-+ 0xBE,0xBE,0x90,0xB4,0x51,0x54,0xB9,0x2F,0x7B,0x64,0x76,0x4E,
-+ 0x5D,0xD4,0x2E,0xAE,0xC2,0x9E,0xAE,0x51,0x43,0x59,0xC7,0x77,
-+ 0x9C,0x50,0x3C,0x0E,0xED,0x73,0x04,0x5F,0xF1,0x4C,0x76,0x2A,
-+ 0xD8,0xF8,0xCF,0xFC,0x34,0x40,0xD1,0xB4,0x42,0x61,0x84,0x66,
-+ 0x42,0x39,0x04,0xF8,0x68,0xB2,0x62,0xD7,0x55,0xED,0x1B,0x74,
-+ 0x75,0x91,0xE0,0xC5,0x69,0xC1,0x31,0x5C,0xDB,0x7B,0x44,0x2E,
-+ 0xCE,0x84,0x58,0x0D,0x1E,0x66,0x0C,0xC8,0x44,0x9E,0xFD,0x40,
-+ 0x08,0x67,0x5D,0xFB,0xA7,0x76,0x8F,0x00,0x11,0x87,0xE9,0x93,
-+ 0xF9,0x7D,0xC4,0xBC,0x74,0x55,0x20,0xD4,0x4A,0x41,0x2F,0x43,
-+ 0x42,0x1A,0xC1,0xF2,0x97,0x17,0x49,0x27,0x37,0x6B,0x2F,0x88,
-+ 0x7E,0x1C,0xA0,0xA1,0x89,0x92,0x27,0xD9,0x56,0x5A,0x71,0xC1,
-+ 0x56,0x37,0x7E,0x3A,0x9D,0x05,0xE7,0xEE,0x5D,0x8F,0x82,0x17,
-+ 0xBC,0xE9,0xC2,0x93,0x30,0x82,0xF9,0xF4,0xC9,0xAE,0x49,0xDB,
-+ 0xD0,0x54,0xB4,0xD9,0x75,0x4D,0xFA,0x06,0xB8,0xD6,0x38,0x41,
-+ 0xB7,0x1F,0x77,0xF3,
-+ };
-+ static unsigned char dh2048_g[]={
-+ 0x02,
-+ };
-+
- DH *dh = DH_new();
- if (dh) {
--#if OPENSSL_VERSION_NUMBER >= 0x0090801fL
-- dh->p = get_rfc3526_prime_2048(NULL);
--#else
-- dh->p = BN_bin2bn(rfc_3526_prime_2048, sizeof rfc_3526_prime_2048, NULL);
--#endif
-- /* See RFC 3526, Section 3 "2048-bit MODP Group"
-- for the reason why 2 is used as generator.
-- */
-- BN_dec2bn(&dh->g, "2");
-+ dh->p = BN_bin2bn(dh2048_p, sizeof dh2048_p, NULL);
-+ dh->g = BN_bin2bn(dh2048_g, sizeof dh2048_g, NULL);
-+
- if (!dh->p || !dh->g) {
- DH_free(dh);
- dh = NULL;
-@@ -849,175 +840,60 @@ static DH *ssl_get_dh_2048(void)
-
- static DH *ssl_get_dh_4096(void)
- {
--#if OPENSSL_VERSION_NUMBER < 0x0090801fL
-- static const unsigned char rfc_3526_prime_4096[] = {
-- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
-- 0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
-- 0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
-- 0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
-- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
-- 0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
-- 0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
-- 0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
-- 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
-- 0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,
-- 0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,0x98,0xDA,0x48,0x36,
-- 0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
-- 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,
-- 0x20,0x85,0x52,0xBB,0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,
-- 0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,0xF1,0x74,0x6C,0x08,
-- 0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
-- 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,
-- 0xEC,0x07,0xA2,0x8F,0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,
-- 0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,0x39,0x95,0x49,0x7C,
-- 0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
-- 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,
-- 0x04,0x50,0x7A,0x33,0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,
-- 0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,0x8A,0xEA,0x71,0x57,
-- 0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
-- 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,
-- 0x4A,0x25,0x61,0x9D,0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,
-- 0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,0xD8,0x76,0x02,0x73,
-- 0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
-- 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,
-- 0xBA,0xD9,0x46,0xE2,0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,
-- 0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,0x4B,0x82,0xD1,0x20,
-- 0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
-- 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,
-- 0x6A,0xF4,0xE2,0x3C,0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,
-- 0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,0xDB,0xBB,0xC2,0xDB,
-- 0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
-- 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,
-- 0xA0,0x90,0xC3,0xA2,0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,
-- 0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,0xB8,0x1B,0xDD,0x76,
-- 0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
-- 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,
-- 0x90,0xA6,0xC0,0x8F,0x4D,0xF4,0x35,0xC9,0x34,0x06,0x31,0x99,
-- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
-+ static unsigned char dh4096_p[]={
-+ 0xDE,0x16,0x94,0xCD,0x99,0x58,0x07,0xF1,0xF7,0x32,0x96,0x11,
-+ 0x04,0x82,0xD4,0x84,0x72,0x80,0x99,0x06,0xCA,0xF0,0xA3,0x68,
-+ 0x07,0xCE,0x64,0x50,0xE7,0x74,0x45,0x20,0x80,0x5E,0x4D,0xAD,
-+ 0xA5,0xB6,0xED,0xFA,0x80,0x6C,0x3B,0x35,0xC4,0x9A,0x14,0x6B,
-+ 0x32,0xBB,0xFD,0x1F,0x17,0x8E,0xB7,0x1F,0xD6,0xFA,0x3F,0x7B,
-+ 0xEE,0x16,0xA5,0x62,0x33,0x0D,0xED,0xBC,0x4E,0x58,0xE5,0x47,
-+ 0x4D,0xE9,0xAB,0x8E,0x38,0xD3,0x6E,0x90,0x57,0xE3,0x22,0x15,
-+ 0x33,0xBD,0xF6,0x43,0x45,0xB5,0x10,0x0A,0xBE,0x2C,0xB4,0x35,
-+ 0xB8,0x53,0x8D,0xAD,0xFB,0xA7,0x1F,0x85,0x58,0x41,0x7A,0x79,
-+ 0x20,0x68,0xB3,0xE1,0x3D,0x08,0x76,0xBF,0x86,0x0D,0x49,0xE3,
-+ 0x82,0x71,0x8C,0xB4,0x8D,0x81,0x84,0xD4,0xE7,0xBE,0x91,0xDC,
-+ 0x26,0x39,0x48,0x0F,0x35,0xC4,0xCA,0x65,0xE3,0x40,0x93,0x52,
-+ 0x76,0x58,0x7D,0xDD,0x51,0x75,0xDC,0x69,0x61,0xBF,0x47,0x2C,
-+ 0x16,0x68,0x2D,0xC9,0x29,0xD3,0xE6,0xC0,0x99,0x48,0xA0,0x9A,
-+ 0xC8,0x78,0xC0,0x6D,0x81,0x67,0x12,0x61,0x3F,0x71,0xBA,0x41,
-+ 0x1F,0x6C,0x89,0x44,0x03,0xBA,0x3B,0x39,0x60,0xAA,0x28,0x55,
-+ 0x59,0xAE,0xB8,0xFA,0xCB,0x6F,0xA5,0x1A,0xF7,0x2B,0xDD,0x52,
-+ 0x8A,0x8B,0xE2,0x71,0xA6,0x5E,0x7E,0xD8,0x2E,0x18,0xE0,0x66,
-+ 0xDF,0xDD,0x22,0x21,0x99,0x52,0x73,0xA6,0x33,0x20,0x65,0x0E,
-+ 0x53,0xE7,0x6B,0x9B,0xC5,0xA3,0x2F,0x97,0x65,0x76,0xD3,0x47,
-+ 0x23,0x77,0x12,0xB6,0x11,0x7B,0x24,0xED,0xF1,0xEF,0xC0,0xE2,
-+ 0xA3,0x7E,0x67,0x05,0x3E,0x96,0x4D,0x45,0xC2,0x18,0xD1,0x73,
-+ 0x9E,0x07,0xF3,0x81,0x6E,0x52,0x63,0xF6,0x20,0x76,0xB9,0x13,
-+ 0xD2,0x65,0x30,0x18,0x16,0x09,0x16,0x9E,0x8F,0xF1,0xD2,0x10,
-+ 0x5A,0xD3,0xD4,0xAF,0x16,0x61,0xDA,0x55,0x2E,0x18,0x5E,0x14,
-+ 0x08,0x54,0x2E,0x2A,0x25,0xA2,0x1A,0x9B,0x8B,0x32,0xA9,0xFD,
-+ 0xC2,0x48,0x96,0xE1,0x80,0xCA,0xE9,0x22,0x17,0xBB,0xCE,0x3E,
-+ 0x9E,0xED,0xC7,0xF1,0x1F,0xEC,0x17,0x21,0xDC,0x7B,0x82,0x48,
-+ 0x8E,0xBB,0x4B,0x9D,0x5B,0x04,0x04,0xDA,0xDB,0x39,0xDF,0x01,
-+ 0x40,0xC3,0xAA,0x26,0x23,0x89,0x75,0xC6,0x0B,0xD0,0xA2,0x60,
-+ 0x6A,0xF1,0xCC,0x65,0x18,0x98,0x1B,0x52,0xD2,0x74,0x61,0xCC,
-+ 0xBD,0x60,0xAE,0xA3,0xA0,0x66,0x6A,0x16,0x34,0x92,0x3F,0x41,
-+ 0x40,0x31,0x29,0xC0,0x2C,0x63,0xB2,0x07,0x8D,0xEB,0x94,0xB8,
-+ 0xE8,0x47,0x92,0x52,0x93,0x6A,0x1B,0x7E,0x1A,0x61,0xB3,0x1B,
-+ 0xF0,0xD6,0x72,0x9B,0xF1,0xB0,0xAF,0xBF,0x3E,0x65,0xEF,0x23,
-+ 0x1D,0x6F,0xFF,0x70,0xCD,0x8A,0x4C,0x8A,0xA0,0x72,0x9D,0xBE,
-+ 0xD4,0xBB,0x24,0x47,0x4A,0x68,0xB5,0xF5,0xC6,0xD5,0x7A,0xCD,
-+ 0xCA,0x06,0x41,0x07,0xAD,0xC2,0x1E,0xE6,0x54,0xA7,0xAD,0x03,
-+ 0xD9,0x12,0xC1,0x9C,0x13,0xB1,0xC9,0x0A,0x43,0x8E,0x1E,0x08,
-+ 0xCE,0x50,0x82,0x73,0x5F,0xA7,0x55,0x1D,0xD9,0x59,0xAC,0xB5,
-+ 0xEA,0x02,0x7F,0x6C,0x5B,0x74,0x96,0x98,0x67,0x24,0xA3,0x0F,
-+ 0x15,0xFC,0xA9,0x7D,0x3E,0x67,0xD1,0x70,0xF8,0x97,0xF3,0x67,
-+ 0xC5,0x8C,0x88,0x44,0x08,0x02,0xC7,0x2B,
- };
--#endif
-- DH *dh = DH_new();
-- if (dh) {
--#if OPENSSL_VERSION_NUMBER >= 0x0090801fL
-- dh->p = get_rfc3526_prime_4096(NULL);
--#else
-- dh->p = BN_bin2bn(rfc_3526_prime_4096, sizeof rfc_3526_prime_4096, NULL);
--#endif
-- /* See RFC 3526, Section 5 "4096-bit MODP Group"
-- for the reason why 2 is used as generator.
-- */
-- BN_dec2bn(&dh->g, "2");
-- if (!dh->p || !dh->g) {
-- DH_free(dh);
-- dh = NULL;
-- }
-- }
-- return dh;
--}
-+ static unsigned char dh4096_g[]={
-+ 0x02,
-+ };
-
--static DH *ssl_get_dh_8192(void)
--{
--#if OPENSSL_VERSION_NUMBER < 0x0090801fL
-- static const unsigned char rfc_3526_prime_8192[] = {
-- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
-- 0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
-- 0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
-- 0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
-- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
-- 0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
-- 0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
-- 0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
-- 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
-- 0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,
-- 0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,0x98,0xDA,0x48,0x36,
-- 0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
-- 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,
-- 0x20,0x85,0x52,0xBB,0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,
-- 0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,0xF1,0x74,0x6C,0x08,
-- 0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
-- 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,
-- 0xEC,0x07,0xA2,0x8F,0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,
-- 0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,0x39,0x95,0x49,0x7C,
-- 0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
-- 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,
-- 0x04,0x50,0x7A,0x33,0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,
-- 0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,0x8A,0xEA,0x71,0x57,
-- 0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
-- 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,
-- 0x4A,0x25,0x61,0x9D,0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,
-- 0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,0xD8,0x76,0x02,0x73,
-- 0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
-- 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,
-- 0xBA,0xD9,0x46,0xE2,0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,
-- 0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,0x4B,0x82,0xD1,0x20,
-- 0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
-- 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,
-- 0x6A,0xF4,0xE2,0x3C,0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,
-- 0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,0xDB,0xBB,0xC2,0xDB,
-- 0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
-- 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,
-- 0xA0,0x90,0xC3,0xA2,0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,
-- 0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,0xB8,0x1B,0xDD,0x76,
-- 0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
-- 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,
-- 0x90,0xA6,0xC0,0x8F,0x4D,0xF4,0x35,0xC9,0x34,0x02,0x84,0x92,
-- 0x36,0xC3,0xFA,0xB4,0xD2,0x7C,0x70,0x26,0xC1,0xD4,0xDC,0xB2,
-- 0x60,0x26,0x46,0xDE,0xC9,0x75,0x1E,0x76,0x3D,0xBA,0x37,0xBD,
-- 0xF8,0xFF,0x94,0x06,0xAD,0x9E,0x53,0x0E,0xE5,0xDB,0x38,0x2F,
-- 0x41,0x30,0x01,0xAE,0xB0,0x6A,0x53,0xED,0x90,0x27,0xD8,0x31,
-- 0x17,0x97,0x27,0xB0,0x86,0x5A,0x89,0x18,0xDA,0x3E,0xDB,0xEB,
-- 0xCF,0x9B,0x14,0xED,0x44,0xCE,0x6C,0xBA,0xCE,0xD4,0xBB,0x1B,
-- 0xDB,0x7F,0x14,0x47,0xE6,0xCC,0x25,0x4B,0x33,0x20,0x51,0x51,
-- 0x2B,0xD7,0xAF,0x42,0x6F,0xB8,0xF4,0x01,0x37,0x8C,0xD2,0xBF,
-- 0x59,0x83,0xCA,0x01,0xC6,0x4B,0x92,0xEC,0xF0,0x32,0xEA,0x15,
-- 0xD1,0x72,0x1D,0x03,0xF4,0x82,0xD7,0xCE,0x6E,0x74,0xFE,0xF6,
-- 0xD5,0x5E,0x70,0x2F,0x46,0x98,0x0C,0x82,0xB5,0xA8,0x40,0x31,
-- 0x90,0x0B,0x1C,0x9E,0x59,0xE7,0xC9,0x7F,0xBE,0xC7,0xE8,0xF3,
-- 0x23,0xA9,0x7A,0x7E,0x36,0xCC,0x88,0xBE,0x0F,0x1D,0x45,0xB7,
-- 0xFF,0x58,0x5A,0xC5,0x4B,0xD4,0x07,0xB2,0x2B,0x41,0x54,0xAA,
-- 0xCC,0x8F,0x6D,0x7E,0xBF,0x48,0xE1,0xD8,0x14,0xCC,0x5E,0xD2,
-- 0x0F,0x80,0x37,0xE0,0xA7,0x97,0x15,0xEE,0xF2,0x9B,0xE3,0x28,
-- 0x06,0xA1,0xD5,0x8B,0xB7,0xC5,0xDA,0x76,0xF5,0x50,0xAA,0x3D,
-- 0x8A,0x1F,0xBF,0xF0,0xEB,0x19,0xCC,0xB1,0xA3,0x13,0xD5,0x5C,
-- 0xDA,0x56,0xC9,0xEC,0x2E,0xF2,0x96,0x32,0x38,0x7F,0xE8,0xD7,
-- 0x6E,0x3C,0x04,0x68,0x04,0x3E,0x8F,0x66,0x3F,0x48,0x60,0xEE,
-- 0x12,0xBF,0x2D,0x5B,0x0B,0x74,0x74,0xD6,0xE6,0x94,0xF9,0x1E,
-- 0x6D,0xBE,0x11,0x59,0x74,0xA3,0x92,0x6F,0x12,0xFE,0xE5,0xE4,
-- 0x38,0x77,0x7C,0xB6,0xA9,0x32,0xDF,0x8C,0xD8,0xBE,0xC4,0xD0,
-- 0x73,0xB9,0x31,0xBA,0x3B,0xC8,0x32,0xB6,0x8D,0x9D,0xD3,0x00,
-- 0x74,0x1F,0xA7,0xBF,0x8A,0xFC,0x47,0xED,0x25,0x76,0xF6,0x93,
-- 0x6B,0xA4,0x24,0x66,0x3A,0xAB,0x63,0x9C,0x5A,0xE4,0xF5,0x68,
-- 0x34,0x23,0xB4,0x74,0x2B,0xF1,0xC9,0x78,0x23,0x8F,0x16,0xCB,
-- 0xE3,0x9D,0x65,0x2D,0xE3,0xFD,0xB8,0xBE,0xFC,0x84,0x8A,0xD9,
-- 0x22,0x22,0x2E,0x04,0xA4,0x03,0x7C,0x07,0x13,0xEB,0x57,0xA8,
-- 0x1A,0x23,0xF0,0xC7,0x34,0x73,0xFC,0x64,0x6C,0xEA,0x30,0x6B,
-- 0x4B,0xCB,0xC8,0x86,0x2F,0x83,0x85,0xDD,0xFA,0x9D,0x4B,0x7F,
-- 0xA2,0xC0,0x87,0xE8,0x79,0x68,0x33,0x03,0xED,0x5B,0xDD,0x3A,
-- 0x06,0x2B,0x3C,0xF5,0xB3,0xA2,0x78,0xA6,0x6D,0x2A,0x13,0xF8,
-- 0x3F,0x44,0xF8,0x2D,0xDF,0x31,0x0E,0xE0,0x74,0xAB,0x6A,0x36,
-- 0x45,0x97,0xE8,0x99,0xA0,0x25,0x5D,0xC1,0x64,0xF3,0x1C,0xC5,
-- 0x08,0x46,0x85,0x1D,0xF9,0xAB,0x48,0x19,0x5D,0xED,0x7E,0xA1,
-- 0xB1,0xD5,0x10,0xBD,0x7E,0xE7,0x4D,0x73,0xFA,0xF3,0x6B,0xC3,
-- 0x1E,0xCF,0xA2,0x68,0x35,0x90,0x46,0xF4,0xEB,0x87,0x9F,0x92,
-- 0x40,0x09,0x43,0x8B,0x48,0x1C,0x6C,0xD7,0x88,0x9A,0x00,0x2E,
-- 0xD5,0xEE,0x38,0x2B,0xC9,0x19,0x0D,0xA6,0xFC,0x02,0x6E,0x47,
-- 0x95,0x58,0xE4,0x47,0x56,0x77,0xE9,0xAA,0x9E,0x30,0x50,0xE2,
-- 0x76,0x56,0x94,0xDF,0xC8,0x1F,0x56,0xE8,0x80,0xB9,0x6E,0x71,
-- 0x60,0xC9,0x80,0xDD,0x98,0xED,0xD3,0xDF,0xFF,0xFF,0xFF,0xFF,
-- 0xFF,0xFF,0xFF,0xFF,
-- };
--#endif
- DH *dh = DH_new();
- if (dh) {
--#if OPENSSL_VERSION_NUMBER >= 0x0090801fL
-- dh->p = get_rfc3526_prime_8192(NULL);
--#else
-- dh->p = BN_bin2bn(rfc_3526_prime_8192, sizeof rfc_3526_prime_8192, NULL);
--#endif
-- /* See RFC 3526, Section 7 "8192-bit MODP Group"
-- for the reason why 2 is used as generator.
-- */
-- BN_dec2bn(&dh->g, "2");
-+ dh->p = BN_bin2bn(dh4096_p, sizeof dh4096_p, NULL);
-+ dh->g = BN_bin2bn(dh4096_g, sizeof dh4096_g, NULL);
-+
- if (!dh->p || !dh->g) {
- DH_free(dh);
- dh = NULL;
-@@ -1045,10 +921,7 @@ static DH *ssl_get_tmp_dh(SSL *ssl, int export, int keylen)
- keylen = global.tune.ssl_default_dh_param;
- }
-
-- if (keylen >= 8192) {
-- dh = local_dh_8192;
-- }
-- else if (keylen >= 4096) {
-+ if (keylen >= 4096) {
- dh = local_dh_4096;
- }
- else if (keylen >= 2048) {
-@@ -1643,10 +1516,6 @@ int ssl_sock_prepare_ctx(struct bind_conf *bind_conf, SSL_CTX *ctx, struct proxy
- if (local_dh_4096 == NULL) {
- local_dh_4096 = ssl_get_dh_4096();
- }
-- if (global.tune.ssl_default_dh_param >= 8192 &&
-- local_dh_8192 == NULL) {
-- local_dh_8192 = ssl_get_dh_8192();
-- }
- }
- }
- }
-@@ -4753,11 +4622,6 @@ static void __ssl_sock_deinit(void)
- DH_free(local_dh_4096);
- local_dh_4096 = NULL;
- }
--
-- if (local_dh_8192) {
-- DH_free(local_dh_8192);
-- local_dh_8192 = NULL;
-- }
- #endif
-
- ERR_remove_state(0);
---
-2.3.6
-
+++ /dev/null
-From c51fe0fb249db735c5b103ec99559a0254d58441 Mon Sep 17 00:00:00 2001
-From: Thierry FOURNIER <tfournier@haproxy.com>
-Date: Wed, 3 Jun 2015 20:12:04 +0200
-Subject: [PATCH 16/18] BUG/MINOR: debug: display (null) in place of "meth"
-
-The array which contains names of types, miss the METH entry.
-
-[wt: should be backported to 1.5 as well]
-(cherry picked from commit 4c2479e1c455e2cc46c02cfc28ea2a185f9a7747)
----
- src/sample.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/sample.c b/src/sample.c
-index 87c9f60..59c80b2 100644
---- a/src/sample.c
-+++ b/src/sample.c
-@@ -40,6 +40,7 @@ const char *smp_to_type[SMP_TYPES] = {
- [SMP_T_IPV6] = "ipv6",
- [SMP_T_STR] = "str",
- [SMP_T_BIN] = "bin",
-+ [SMP_T_METH] = "meth",
- };
-
- /* static sample used in sample_process() when <p> is NULL */
---
-2.3.6
-
+++ /dev/null
-From 793a74065926b0da87120d4b1e6330234475505c Mon Sep 17 00:00:00 2001
-From: Godbach <nylzhaowei@gmail.com>
-Date: Tue, 9 Jun 2015 19:41:52 +0800
-Subject: [PATCH 17/18] CLEANUP: deinit: remove codes for cleaning
- p->block_rules
-
-Since all rules listed in p->block_rules have been moved to the beginning of
-the http-request rules in check_config_validity(), there is no need to clean
-p->block_rules in deinit().
-
-Signed-off-by: Godbach <nylzhaowei@gmail.com>
-(cherry picked from commit 28b48ccbc879a552f988e6e1db22941e3362b4db)
----
- src/haproxy.c | 6 ------
- 1 file changed, 6 deletions(-)
-
-diff --git a/src/haproxy.c b/src/haproxy.c
-index 0dddd53..eac6f44 100644
---- a/src/haproxy.c
-+++ b/src/haproxy.c
-@@ -1020,12 +1020,6 @@ void deinit(void)
- free(cwl);
- }
-
-- list_for_each_entry_safe(cond, condb, &p->block_rules, list) {
-- LIST_DEL(&cond->list);
-- prune_acl_cond(cond);
-- free(cond);
-- }
--
- list_for_each_entry_safe(cond, condb, &p->mon_fail_cond, list) {
- LIST_DEL(&cond->list);
- prune_acl_cond(cond);
---
-2.3.6
-
+++ /dev/null
-From 69760db11dfca4a8d8fbd34cec25c334f77add67 Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Wed, 17 Jun 2015 18:34:14 +0200
-Subject: [PATCH 18/18] BUG/MINOR: ssl: fix smp_fetch_ssl_fc_session_id
-
-Dmitry Sivachenko reported the following build warning using Clang
-which is a real bug :
-
-src/ssl_sock.c:4104:44: warning: address of 'smp->data.str.len' will always
- evaluate to 'true' [-Wpointer-bool-conversion]
- if (!smp->data.str.str || !&smp->data.str.len)
-
-The impact is very low however, it will return an empty session_id
-instead of no session id when none is found.
-
-The fix should be backported to 1.5.
-(cherry picked from commit 745d4127582a8c66e2e8ce35f746a78e867960af)
----
- src/ssl_sock.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/ssl_sock.c b/src/ssl_sock.c
-index 93aab8b..7d77d36 100644
---- a/src/ssl_sock.c
-+++ b/src/ssl_sock.c
-@@ -3540,7 +3540,7 @@ smp_fetch_ssl_fc_session_id(struct proxy *px, struct session *l4, void *l7, unsi
- return 0;
-
- smp->data.str.str = (char *)SSL_SESSION_get_id(sess, (unsigned int *)&smp->data.str.len);
-- if (!smp->data.str.str || !&smp->data.str.len)
-+ if (!smp->data.str.str || !smp->data.str.len)
- return 0;
-
- return 1;
---
-2.3.6
-
PKG_NAME:=iodine
PKG_VERSION:=0.7.0
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://code.kryo.se/iodine/
--- /dev/null
+commit 9603c1848ddd4d9bb2d6ab031fcef91f543b71a0
+Author: Maxim Storchak <m.storchak@gmail.com>
+Date: Thu Jun 25 19:38:24 2015 +0300
+
+ Fix compatibility with musl for OpenWRT
+
+ This patch breaks builds for Windows and Android, but since the only
+ libc flavors OpenWRT currently cares about are musl, uClibc and glibc,
+ this should be fine.
+
+ The reason for such brutal intrusiuon is explained in musl FAQ:
+ http://wiki.musl-libc.org/wiki/FAQ#Q:_why_is_there_no_MUSL_macro_.3F
+
+diff --git a/src/common.c b/src/common.c
+index 2715979..5f0e370 100644
+--- a/src/common.c
++++ b/src/common.c
+@@ -57,7 +57,7 @@
+ const unsigned char raw_header[RAW_HDR_LEN] = { 0x10, 0xd1, 0x9e, 0x00 };
+
+ /* daemon(3) exists only in 4.4BSD or later, and in GNU libc */
+-#if !defined(ANDROID) && !defined(WINDOWS32) && !(defined(BSD) && (BSD >= 199306)) && !defined(__GLIBC__)
++#ifdef __UCLIBC__
+ static int daemon(int nochdir, int noclose)
+ {
+ int fd, i;
PKG_NAME:=ipsec-tools
PKG_VERSION:=0.8.2
-PKG_RELEASE:=3
+PKG_RELEASE:=4
PKG_MAINTAINER := "Noah Meyerhans <frodo@morgul.net>"
PKG_LICENSE := BSD-3-Clause
--- /dev/null
+--- a/src/racoon/grabmyaddr.c
++++ b/src/racoon/grabmyaddr.c
+@@ -47,7 +47,6 @@
+ #include <net/route.h>
+ #include <net/if.h>
+ #include <net/if_dl.h>
+-#include <sys/sysctl.h>
+ #define USE_ROUTE
+ #endif
+
+--- a/src/racoon/pfkey.c
++++ b/src/racoon/pfkey.c
+@@ -59,7 +59,6 @@
+ #include <sys/param.h>
+ #include <sys/socket.h>
+ #include <sys/queue.h>
+-#include <sys/sysctl.h>
+
+ #include <net/route.h>
+ #include <net/pfkeyv2.h>
+--- a/src/setkey/setkey.c
++++ b/src/setkey/setkey.c
+@@ -40,7 +40,6 @@
+ #include <sys/socket.h>
+ #include <sys/time.h>
+ #include <sys/stat.h>
+-#include <sys/sysctl.h>
+ #include <err.h>
+ #include <netinet/in.h>
+ #include <net/pfkeyv2.h>
+--- a/src/libipsec/ipsec_strerror.h
++++ b/src/libipsec/ipsec_strerror.h
+@@ -34,6 +34,8 @@
+ #ifndef _IPSEC_STRERROR_H
+ #define _IPSEC_STRERROR_H
+
++#include <sys/cdefs.h>
++
+ extern int __ipsec_errcode;
+ extern void __ipsec_set_strerror __P((const char *));
+
+--- a/src/libipsec/libpfkey.h
++++ b/src/libipsec/libpfkey.h
+@@ -34,6 +34,8 @@
+ #ifndef _LIBPFKEY_H
+ #define _LIBPFKEY_H
+
++#include <sys/cdefs.h>
++
+ #ifndef KAME_LIBPFKEY_H
+ #define KAME_LIBPFKEY_H
+
+--- a/src/racoon/backupsa.c
++++ b/src/racoon/backupsa.c
+@@ -276,9 +276,9 @@ do { \
+ GETNEXTNUM(sa_args.a_keylen, strtoul);
+ GETNEXTNUM(sa_args.flags, strtoul);
+ GETNEXTNUM(sa_args.l_alloc, strtoul);
+- GETNEXTNUM(sa_args.l_bytes, strtouq);
+- GETNEXTNUM(sa_args.l_addtime, strtouq);
+- GETNEXTNUM(sa_args.l_usetime, strtouq);
++ GETNEXTNUM(sa_args.l_bytes, strtoull);
++ GETNEXTNUM(sa_args.l_addtime, strtoull);
++ GETNEXTNUM(sa_args.l_usetime, strtoull);
+ GETNEXTNUM(sa_args.seq, strtoul);
+
+ #undef GETNEXTNUM
+--- a/src/racoon/cftoken.l
++++ b/src/racoon/cftoken.l
+@@ -77,6 +77,10 @@
+
+ #include "cfparse.h"
+
++#ifndef GLOB_TILDE
++#define GLOB_TILDE 0
++#endif
++
+ int yyerrorcount = 0;
+
+ #if defined(YIPS_DEBUG)
+--- a/src/racoon/logger.h
++++ b/src/racoon/logger.h
+@@ -34,6 +34,8 @@
+ #ifndef _LOGGER_H
+ #define _LOGGER_H
+
++#include <sys/cdefs.h>
++
+ struct log {
+ int head;
+ int siz;
+--- a/src/racoon/misc.h
++++ b/src/racoon/misc.h
+@@ -34,6 +34,8 @@
+ #ifndef _MISC_H
+ #define _MISC_H
+
++#include <sys/cdefs.h>
++
+ #define BIT2STR(b) bit2str(b, sizeof(b)<<3)
+
+ #ifdef HAVE_FUNC_MACRO
+--- a/src/racoon/missing/crypto/sha2/sha2.h
++++ b/src/racoon/missing/crypto/sha2/sha2.h
+@@ -40,6 +40,8 @@
+ #ifndef __SHA2_H__
+ #define __SHA2_H__
+
++#include <sys/cdefs.h>
++
+ #ifdef __cplusplus
+ extern "C" {
+ #endif
+--- a/src/racoon/netdb_dnssec.h
++++ b/src/racoon/netdb_dnssec.h
+@@ -34,6 +34,8 @@
+ #ifndef _NETDB_DNSSEC_H
+ #define _NETDB_DNSSEC_H
+
++#include <sys/cdefs.h>
++
+ #ifndef T_CERT
+ #define T_CERT 37 /* defined by RFC2538 section 2 */
+ #endif
+--- a/src/racoon/plog.h
++++ b/src/racoon/plog.h
+@@ -34,6 +34,8 @@
+ #ifndef _PLOG_H
+ #define _PLOG_H
+
++#include <sys/cdefs.h>
++
+ #ifdef HAVE_STDARG_H
+ #include <stdarg.h>
+ #else
+--- a/src/racoon/str2val.h
++++ b/src/racoon/str2val.h
+@@ -34,6 +34,8 @@
+ #ifndef _STR2VAL_H
+ #define _STR2VAL_H
+
++#include <sys/cdefs.h>
++
+ extern caddr_t val2str __P((const char *, size_t));
+ extern char *str2val __P((const char *, int, size_t *));
+
+--- a/src/racoon/vmbuf.h
++++ b/src/racoon/vmbuf.h
+@@ -34,6 +34,8 @@
+ #ifndef _VMBUF_H
+ #define _VMBUF_H
+
++#include <sys/cdefs.h>
++
+ /*
+ * bp v
+ * v v
+--- a/src/setkey/extern.h
++++ b/src/setkey/extern.h
+@@ -1,6 +1,6 @@
+ /* $NetBSD: extern.h,v 1.5 2009/03/06 11:45:03 tteras Exp $ */
+
+-
++#include <sys/cdefs.h>
+
+ void parse_init __P((void));
+ int parse __P((FILE **));
+--- a/src/racoon/isakmp_cfg.c
++++ b/src/racoon/isakmp_cfg.c
+@@ -1694,8 +1694,6 @@ isakmp_cfg_accounting_system(port, raddr
+ "Accounting : '%s' logging on '%s' from %s.\n",
+ ut.ut_name, ut.ut_line, ut.ut_host);
+
+- login(&ut);
+-
+ break;
+ case ISAKMP_CFG_LOGOUT:
+
+@@ -1703,8 +1701,6 @@ isakmp_cfg_accounting_system(port, raddr
+ "Accounting : '%s' unlogging from '%s'.\n",
+ usr, term);
+
+- logout(term);
+-
+ break;
+ default:
+ plog(LLV_ERROR, LOCATION, NULL, "Unepected inout\n");
PKG_NAME:=keepalived
PKG_VERSION:=1.2.16
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:= http://www.keepalived.org/software
--- /dev/null
+--- a/lib/utils.h
++++ b/lib/utils.h
+@@ -31,6 +31,7 @@
+ #include <arpa/inet.h>
+ #include <arpa/nameser.h>
+ #include <sys/param.h>
++#include <sys/types.h>
+ #include <sys/utsname.h>
+ #include <netdb.h>
+
include $(TOPDIR)/rules.mk
PKG_NAME:=knxd
-PKG_VERSION=2015-06-02-$(PKG_SOURCE_VERSION)
+PKG_VERSION=2015-06-27-$(PKG_SOURCE_VERSION)
PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/knxd/knxd.git
-PKG_SOURCE_VERSION:=3d3b1a5e8112397d297625d673a2a94507f9ebce
+PKG_SOURCE_VERSION:=50e7f6e6bfa13c2b6140b0f76aaa70234bf44b1d
PKG_SOURCE_SUBDIR:=$(PKG_NAME)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.gz
--- /dev/null
+--- a/src/examples/common.h 2015-06-27 15:20:15.266563893 +0200
++++ b/src/examples/common.h 2015-06-27 15:23:09.406457392 +0200
+@@ -20,6 +20,7 @@
+ #include <stdlib.h>
+ #include <errno.h>
+ #include <unistd.h>
++#include <sys/select.h>
+ #include "eibclient.h"
+
+ /** unsigned char*/
PKG_NAME:=linknx
PKG_VERSION:=0.0.1.32
-PKG_RELEASE:=6
+PKG_RELEASE:=7
PKG_MD5SUM:=7ecc1208f59bceb05068c752b2250b63
PKG_MAINTAINER:=Othmar Truniger <github@truniger.ch>
PKG_SOURCE_URL:=@SF/linknx
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_BUILD_DEPENDS:=argp-standalone
+PKG_FORTIFY_SOURCE:=1
include $(INCLUDE_DIR)/package.mk
--- /dev/null
+--- a/src/eibclient.c 2007-10-11 01:55:31.000000000 +0200
++++ b/src/eibclient.c 2015-06-27 22:18:01.433296921 +0200
+@@ -32,6 +32,7 @@
+ #include <netinet/in.h>
+ #include <netdb.h>
+ #include <errno.h>
++#include <string.h>
+
+ #include "config.h"
+
--- /dev/null
+--- a/src/linknx.cpp 2012-06-04 22:12:13.000000000 +0200
++++ b/src/linknx.cpp 2015-06-27 22:35:23.705721355 +0200
+@@ -136,7 +136,7 @@
+ if (errno)
+ printf (": %s\n", strerror (errno));
+ else
+- printf ("\n", strerror (errno));
++ printf ("\n");
+ exit (1);
+ }
+
#
-# Copyright (C) 2006-2014 OpenWrt.org
+# Copyright (C) 2006-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(TOPDIR)/rules.mk
PKG_NAME:=mtr
-PKG_VERSION:=0.86
-PKG_RELEASE:=2
+PKG_REV:=dd2b750
+PKG_VERSION:=0.85+newdns-$(PKG_REV)
+PKG_RELEASE:=1
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://github.com/traviscross/mtr.git
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE_VERSION:=$(PKG_REV)
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.gz
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=ftp://ftp.bitwizard.nl/mtr
-PKG_MD5SUM:=8d63592c9d4579ef20cf491b41843eb2
PKG_LICENSE:=GPL-2.0+
PKG_LICENSE_FILES:=COPYING
+++ /dev/null
---- a/dns.c
-+++ b/dns.c
-@@ -921,6 +921,507 @@ void restell(char *s)
- fputs("\r",stderr);
- }
-
-+#ifdef __UCLIBC__
-+
-+static const char digits[] = "0123456789";
-+#define __set_errno(e) (errno = (e))
-+
-+#define NS_PUT16(s, cp) do { \
-+ register u_int16_t t_s = (u_int16_t)(s); \
-+ register u_char *t_cp = (u_char *)(cp); \
-+ *t_cp++ = t_s >> 8; \
-+ *t_cp = t_s; \
-+ (cp) += NS_INT16SZ; \
-+} while (0)
-+
-+
-+
-+#define NS_PUT32(l, cp) do { \
-+ register u_int32_t t_l = (u_int32_t)(l); \
-+ register u_char *t_cp = (u_char *)(cp); \
-+ *t_cp++ = t_l >> 24; \
-+ *t_cp++ = t_l >> 16; \
-+ *t_cp++ = t_l >> 8; \
-+ *t_cp = t_l; \
-+ (cp) += NS_INT32SZ; \
-+} while (0)
-+
-+
-+void
-+ns_put16(u_int src, u_char *dst) {
-+ NS_PUT16(src, dst);
-+}
-+
-+void
-+ns_put32(u_long src, u_char *dst) {
-+ NS_PUT32(src, dst);
-+}
-+
-+void __putshort(u_int16_t src, u_char *dst) { ns_put16(src, dst); }
-+void __putlong(u_int32_t src, u_char *dst) { ns_put32(src, dst); }
-+
-+int
-+mklower(int ch) {
-+ if (ch >= 0x41 && ch <= 0x5A)
-+ return (ch + 0x20);
-+ return (ch);
-+}
-+
-+
-+static int
-+dn_find(const u_char *domain, const u_char *msg,
-+ const u_char * const *dnptrs,
-+ const u_char * const *lastdnptr)
-+{
-+ const u_char *dn, *cp, *sp;
-+ const u_char * const *cpp;
-+ u_int n;
-+
-+ for (cpp = dnptrs; cpp < lastdnptr; cpp++) {
-+ sp = *cpp;
-+ /*
-+ * terminate search on:
-+ * root label
-+ * compression pointer
-+ * unusable offset
-+ */
-+ while (*sp != 0 && (*sp & NS_CMPRSFLGS) == 0 &&
-+ (sp - msg) < 0x4000) {
-+ dn = domain;
-+ cp = sp;
-+ while ((n = *cp++) != 0) {
-+ /*
-+ * check for indirection
-+ */
-+ switch (n & NS_CMPRSFLGS) {
-+ case 0: /* normal case, n == len */
-+ if (n != *dn++)
-+ goto next;
-+ for ((void)NULL; n > 0; n--)
-+ if (mklower(*dn++) !=
-+ mklower(*cp++))
-+ goto next;
-+ /* Is next root for both ? */
-+ if (*dn == '\0' && *cp == '\0')
-+ return (sp - msg);
-+ if (*dn)
-+ continue;
-+ goto next;
-+
-+ case NS_CMPRSFLGS: /* indirection */
-+ cp = msg + (((n & 0x3f) << 8) | *cp);
-+ break;
-+
-+ default: /* illegal type */
-+ __set_errno (EMSGSIZE);
-+ return (-1);
-+ }
-+ }
-+ next:
-+ sp += *sp + 1;
-+ }
-+ }
-+ __set_errno (ENOENT);
-+ return (-1);
-+}
-+
-+
-+int
-+ns_name_pack(const u_char *src, u_char *dst, int dstsiz,
-+ const u_char **dnptrs, const u_char **lastdnptr)
-+{
-+ u_char *dstp;
-+ const u_char **cpp, **lpp, *eob, *msg;
-+ const u_char *srcp;
-+ int n, l, first = 1;
-+
-+ srcp = src;
-+ dstp = dst;
-+ eob = dstp + dstsiz;
-+ lpp = cpp = NULL;
-+ if (dnptrs != NULL) {
-+ if ((msg = *dnptrs++) != NULL) {
-+ for (cpp = dnptrs; *cpp != NULL; cpp++)
-+ (void)NULL;
-+ lpp = cpp; /* end of list to search */
-+ }
-+ } else
-+ msg = NULL;
-+
-+ /* make sure the domain we are about to add is legal */
-+ l = 0;
-+ do {
-+ n = *srcp;
-+ if ((n & NS_CMPRSFLGS) != 0 && n != 0x41) {
-+ __set_errno (EMSGSIZE);
-+ return (-1);
-+ }
-+ if (n == 0x41)
-+ n = *++srcp / 8;
-+ l += n + 1;
-+ if (l > MAXCDNAME) {
-+ __set_errno (EMSGSIZE);
-+ return (-1);
-+ }
-+ srcp += n + 1;
-+ } while (n != 0);
-+
-+ /* from here on we need to reset compression pointer array on error */
-+ srcp = src;
-+ do {
-+ /* Look to see if we can use pointers. */
-+ n = *srcp;
-+ if (n != 0 && n != 0x41 && msg != NULL) {
-+ l = dn_find(srcp, msg, (const u_char * const *)dnptrs,
-+ (const u_char * const *)lpp);
-+ if (l >= 0) {
-+ if (dstp + 1 >= eob) {
-+ goto cleanup;
-+ }
-+ *dstp++ = (l >> 8) | NS_CMPRSFLGS;
-+ *dstp++ = l % 256;
-+ return (dstp - dst);
-+ }
-+ /* Not found, save it. */
-+ if (lastdnptr != NULL && cpp < lastdnptr - 1 &&
-+ (dstp - msg) < 0x4000 && first) {
-+ *cpp++ = dstp;
-+ *cpp = NULL;
-+ first = 0;
-+ }
-+ }
-+ /* copy label to buffer */
-+ if ((n & NS_CMPRSFLGS) != 0 && n != 0x41) { /* Should not happen. */
-+ goto cleanup;
-+ }
-+ if (n == 0x41) {
-+ n = *++srcp / 8;
-+ if (dstp + 1 >= eob)
-+ goto cleanup;
-+ *dstp++ = 0x41;
-+ }
-+ if (dstp + 1 + n >= eob) {
-+ goto cleanup;
-+ }
-+ memcpy(dstp, srcp, n + 1);
-+ srcp += n + 1;
-+ dstp += n + 1;
-+ } while (n != 0);
-+
-+ if (dstp > eob) {
-+cleanup:
-+ if (msg != NULL)
-+ *lpp = NULL;
-+ __set_errno (EMSGSIZE);
-+ return (-1);
-+ }
-+ return (dstp - dst);
-+}
-+
-+
-+int
-+ns_name_pton(const char *src, u_char *dst, size_t dstsiz) {
-+ u_char *label, *bp, *eom;
-+ int c, n, escaped;
-+ char *cp;
-+
-+ escaped = 0;
-+ bp = dst;
-+ eom = dst + dstsiz;
-+ label = bp++;
-+
-+ while ((c = *src++) != 0) {
-+ if (escaped) {
-+ if ((cp = strchr(digits, c)) != NULL) {
-+ n = (cp - digits) * 100;
-+ if ((c = *src++) == 0 ||
-+ (cp = strchr(digits, c)) == NULL) {
-+ __set_errno (EMSGSIZE);
-+ return (-1);
-+ }
-+ n += (cp - digits) * 10;
-+ if ((c = *src++) == 0 ||
-+ (cp = strchr(digits, c)) == NULL) {
-+ __set_errno (EMSGSIZE);
-+ return (-1);
-+ }
-+ n += (cp - digits);
-+ if (n > 255) {
-+ __set_errno (EMSGSIZE);
-+ return (-1);
-+ }
-+ c = n;
-+ } else if (c == '[' && label == bp - 1 && *src == 'x') {
-+ /* Theoretically we would have to handle \[o
-+ as well but we do not since we do not need
-+ it internally. */
-+ *label = 0x41;
-+ label = bp++;
-+ ++src;
-+ while (isxdigit (*src)) {
-+ n = *src > '9' ? *src - 'a' + 10 : *src - '0';
-+ ++src;
-+ if (! isxdigit(*src)) {
-+ __set_errno (EMSGSIZE);
-+ return (-1);
-+ }
-+ n <<= 4;
-+ n += *src > '9' ? *src - 'a' + 10 : *src - '0';
-+ if (bp + 1 >= eom) {
-+ __set_errno (EMSGSIZE);
-+ return (-1);
-+ }
-+ *bp++ = n;
-+ ++src;
-+ }
-+ *label = (bp - label - 1) * 8;
-+ if (*src++ != ']' || *src++ != '.') {
-+ __set_errno (EMSGSIZE);
-+ return (-1);
-+ }
-+ escaped = 0;
-+ label = bp++;
-+ if (bp >= eom) {
-+ __set_errno (EMSGSIZE);
-+ return (-1);
-+ }
-+ continue;
-+ }
-+ escaped = 0;
-+ } else if (c == '\\') {
-+ escaped = 1;
-+ continue;
-+ } else if (c == '.') {
-+ c = (bp - label - 1);
-+ if ((c & NS_CMPRSFLGS) != 0) { /* Label too big. */
-+ __set_errno (EMSGSIZE);
-+ return (-1);
-+ }
-+ if (label >= eom) {
-+ __set_errno (EMSGSIZE);
-+ return (-1);
-+ }
-+ *label = c;
-+ /* Fully qualified ? */
-+ if (*src == '\0') {
-+ if (c != 0) {
-+ if (bp >= eom) {
-+ __set_errno (EMSGSIZE);
-+ return (-1);
-+ }
-+ *bp++ = '\0';
-+ }
-+ if ((bp - dst) > MAXCDNAME) {
-+ __set_errno (EMSGSIZE);
-+ return (-1);
-+ }
-+ return (1);
-+ }
-+ if (c == 0 || *src == '.') {
-+ __set_errno (EMSGSIZE);
-+ return (-1);
-+ }
-+ label = bp++;
-+ continue;
-+ }
-+ if (bp >= eom) {
-+ __set_errno (EMSGSIZE);
-+ return (-1);
-+ }
-+ *bp++ = (u_char)c;
-+ }
-+ c = (bp - label - 1);
-+ if ((c & NS_CMPRSFLGS) != 0) { /* Label too big. */
-+ __set_errno (EMSGSIZE);
-+ return (-1);
-+ }
-+ if (label >= eom) {
-+ __set_errno (EMSGSIZE);
-+ return (-1);
-+ }
-+ *label = c;
-+ if (c != 0) {
-+ if (bp >= eom) {
-+ __set_errno (EMSGSIZE);
-+ return (-1);
-+ }
-+ *bp++ = 0;
-+ }
-+ if ((bp - dst) > MAXCDNAME) { /* src too big */
-+ __set_errno (EMSGSIZE);
-+ return (-1);
-+ }
-+ return (0);
-+}
-+
-+
-+
-+int
-+ns_name_compress(const char *src, u_char *dst, size_t dstsiz,
-+ const u_char **dnptrs, const u_char **lastdnptr)
-+{
-+ u_char tmp[NS_MAXCDNAME];
-+
-+ if (ns_name_pton(src, tmp, sizeof tmp) == -1)
-+ return (-1);
-+ return (ns_name_pack(tmp, dst, dstsiz, dnptrs, lastdnptr));
-+}
-+
-+
-+int
-+dn_comp(const char *src, u_char *dst, int dstsiz,
-+ u_char **dnptrs, u_char **lastdnptr)
-+{
-+ return (ns_name_compress(src, dst, (size_t)dstsiz,
-+ (const u_char **)dnptrs,
-+ (const u_char **)lastdnptr));
-+}
-+
-+
-+
-+
-+int
-+res_nmkquery(res_state statp,
-+ int op, /* opcode of query */
-+ const char *dname, /* domain name */
-+ int class, int type, /* class and type of query */
-+ const u_char *data, /* resource record data */
-+ int datalen, /* length of data */
-+ const u_char *newrr_in, /* new rr for modify or append */
-+ u_char *buf, /* buffer to put query */
-+ int buflen) /* size of buffer */
-+{
-+ register HEADER *hp;
-+ register u_char *cp;
-+ register int n;
-+ u_char *dnptrs[20], **dpp, **lastdnptr;
-+
-+#ifdef DEBUG
-+ if (statp->options & RES_DEBUG)
-+ printf(";; res_nmkquery(%s, %s, %s, %s)\n",
-+ _res_opcodes[op], dname, p_class(class), p_type(type));
-+#endif
-+ /*
-+ * Initialize header fields.
-+ */
-+ if ((buf == NULL) || (buflen < HFIXEDSZ))
-+ return (-1);
-+ memset(buf, 0, HFIXEDSZ);
-+ hp = (HEADER *) buf;
-+ /* We randomize the IDs every time. The old code just
-+ incremented by one after the initial randomization which
-+ still predictable if the application does multiple
-+ requests. */
-+#if 0
-+ hp->id = htons(++statp->id);
-+#else
-+ hp->id = htons(statp->id);
-+ int randombits;
-+ do
-+ {
-+#ifdef RANDOM_BITS
-+ RANDOM_BITS (randombits);
-+#else
-+ struct timeval tv;
-+ gettimeofday (&tv, NULL);
-+ randombits = (tv.tv_sec << 8) ^ tv.tv_usec;
-+#endif
-+ }
-+ while ((randombits & 0xffff) == 0);
-+ statp->id = (statp->id + randombits) & 0xffff;
-+#endif
-+ hp->opcode = op;
-+ hp->rd = (statp->options & RES_RECURSE) != 0;
-+ hp->rcode = NOERROR;
-+ cp = buf + HFIXEDSZ;
-+ buflen -= HFIXEDSZ;
-+ dpp = dnptrs;
-+ *dpp++ = buf;
-+ *dpp++ = NULL;
-+ lastdnptr = dnptrs + sizeof dnptrs / sizeof dnptrs[0];
-+ /*
-+ * perform opcode specific processing
-+ */
-+ switch (op) {
-+ case QUERY: /*FALLTHROUGH*/
-+ case NS_NOTIFY_OP:
-+ if ((buflen -= QFIXEDSZ) < 0)
-+ return (-1);
-+ if ((n = dn_comp(dname, cp, buflen, dnptrs, lastdnptr)) < 0)
-+ return (-1);
-+ cp += n;
-+ buflen -= n;
-+ __putshort(type, cp);
-+ cp += INT16SZ;
-+ __putshort(class, cp);
-+ cp += INT16SZ;
-+ hp->qdcount = htons(1);
-+ if (op == QUERY || data == NULL)
-+ break;
-+ /*
-+ * Make an additional record for completion domain.
-+ */
-+ buflen -= RRFIXEDSZ;
-+ n = dn_comp((char *)data, cp, buflen, dnptrs, lastdnptr);
-+ if (n < 0)
-+ return (-1);
-+ cp += n;
-+ buflen -= n;
-+ __putshort(T_NULL, cp);
-+ cp += INT16SZ;
-+ __putshort(class, cp);
-+ cp += INT16SZ;
-+ __putlong(0, cp);
-+ cp += INT32SZ;
-+ __putshort(0, cp);
-+ cp += INT16SZ;
-+ hp->arcount = htons(1);
-+ break;
-+
-+ case IQUERY:
-+ /*
-+ * Initialize answer section
-+ */
-+ if (buflen < 1 + RRFIXEDSZ + datalen)
-+ return (-1);
-+ *cp++ = '\0'; /* no domain name */
-+ __putshort(type, cp);
-+ cp += INT16SZ;
-+ __putshort(class, cp);
-+ cp += INT16SZ;
-+ __putlong(0, cp);
-+ cp += INT32SZ;
-+ __putshort(datalen, cp);
-+ cp += INT16SZ;
-+ if (datalen) {
-+ memcpy(cp, data, datalen);
-+ cp += datalen;
-+ }
-+ hp->ancount = htons(1);
-+ break;
-+
-+ default:
-+ return (-1);
-+ }
-+ return (cp - buf);
-+}
-+
-+int
-+res_mkquery(int op, /* opcode of query */
-+ const char *dname, /* domain name */
-+ int class, int type, /* class and type of query */
-+ const u_char *data, /* resource record data */
-+ int datalen, /* length of data */
-+ const u_char *newrr_in, /* new rr for modify or append */
-+ u_char *buf, /* buffer to put query */
-+ int buflen) /* size of buffer */
-+{
-+ return (res_nmkquery(&_res, op, dname, class, type,
-+ data, datalen,
-+ newrr_in, buf, buflen));
-+}
-+
-+#endif
-
- void dorequest(char *s,int type,word id)
- {
+++ /dev/null
---- a/dns.c
-+++ b/dns.c
-@@ -1308,28 +1308,6 @@ res_nmkquery(res_state statp,
- return (-1);
- memset(buf, 0, HFIXEDSZ);
- hp = (HEADER *) buf;
-- /* We randomize the IDs every time. The old code just
-- incremented by one after the initial randomization which
-- still predictable if the application does multiple
-- requests. */
--#if 0
-- hp->id = htons(++statp->id);
--#else
-- hp->id = htons(statp->id);
-- int randombits;
-- do
-- {
--#ifdef RANDOM_BITS
-- RANDOM_BITS (randombits);
--#else
-- struct timeval tv;
-- gettimeofday (&tv, NULL);
-- randombits = (tv.tv_sec << 8) ^ tv.tv_usec;
--#endif
-- }
-- while ((randombits & 0xffff) == 0);
-- statp->id = (statp->id + randombits) & 0xffff;
--#endif
- hp->opcode = op;
- hp->rd = (statp->options & RES_RECURSE) != 0;
- hp->rcode = NOERROR;
#
-# Copyright (C) 2006-2014 OpenWrt.org
+# Copyright (C) 2006-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
PKG_NAME:=net-snmp
PKG_VERSION:=5.4.4
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@SF/net-snmp
--- /dev/null
+--- a/agent/mibgroup/iwlib.h
++++ b/agent/mibgroup/iwlib.h
+@@ -85,6 +85,11 @@
+ && LINUX_VERSION_CODE < KERNEL_VERSION(2,1,0)
+ #define LIBC5_HEADERS
+
++/* Musl */
++#elif !defined(__GLIBC__) && !defined(__UCLIBC__) \
++ && LINUX_VERSION_CODE >= KERNEL_VERSION(3,0,0)
++#define GENERIC_HEADERS
++
+ /* Unsupported combination */
+ #else
+ #error "Your kernel/libc combination is not supported"
PKG_NAME:=ntp
PKG_VERSION:=4.2.8p2
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/
CONFIGURE_VARS += \
ac_cv_header_md5_h=no \
ac_cv_lib_rt_sched_setscheduler=no \
- ac_cv_header_dns_sd_h=no
+ ac_cv_header_dns_sd_h=no \
+ hw_cv_func_snprintf_c99=yes \
+ hw_cv_func_vsnprintf_c99=yes \
CONFIGURE_ARGS += \
--disable-all-clocks \
#
# Copyright (C) 2011 segal.ubi.pt
-# Copyright (C) 2010-2014 OpenWrt.org
+# Copyright (C) 2010-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
PKG_NAME:=ntripclient
PKG_VERSION:=1.5.0
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_LICENSE:=GPL-2.0+
PKG_SOURCE:=$(PKG_NAME).zip
define Build/Prepare
mkdir -p $(PKG_BUILD_DIR)
unzip $(DL_DIR)/$(PKG_SOURCE) -d $(PKG_BUILD_DIR)
+ $(call Build/Prepare/Default)
endef
MAKE_FLAGS += \
--- /dev/null
+--- a/ntripclient.c
++++ b/ntripclient.c
+@@ -44,6 +44,7 @@
+ #include <fcntl.h>
+ #include <unistd.h>
+ #include <arpa/inet.h>
++ #include <sys/select.h>
+ #include <sys/socket.h>
+ #include <netinet/in.h>
+ #include <netdb.h>
PKG_NAME:=snort
PKG_VERSION:=2.9.7.2
-PKG_RELEASE:=2
+PKG_RELEASE:=3
+
+PKG_LICENSE:=GPL-2.0
+PKG_MAINTAINER:=Luka Perkov <luka@openwrt.org>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.snort.org/downloads/snort/ \
--- /dev/null
+--- a/configure.in
++++ b/configure.in
+@@ -11,14 +11,6 @@ AM_INIT_AUTOMAKE(snort,2.9.7.2)
+ NO_OPTIMIZE="no"
+ ADD_WERROR="no"
+
+-# Test for -Werror and sed it out for now since some of the auto tests,
+-# for example AC_CHECK_LIB, will fail because of
+-# warning: conflicting types for built-in function <func>
+-if eval "echo $CFLAGS | grep -e -Werror"; then
+- CFLAGS=`echo $CFLAGS | sed -e "s/-Werror//g"`
+- ADD_WERROR="yes"
+-fi
+-
+ # Disable annoying practice of recursively re-running the autotools
+ AM_MAINTAINER_MODE
+ AC_PROG_CC_STDC
PKG_NAME:=squid
PKG_VERSION:=3.5.2
-PKG_RELEASE:=3
+PKG_RELEASE:=4
PKG_LICENSE:=GPL-2.0
PKG_MAINTAINER:=Luka Perkov <luka@openwrt.org>
--- /dev/null
+--- a/lib/rfcnb/rfcnb-io.c
++++ b/lib/rfcnb/rfcnb-io.c
+@@ -36,11 +36,11 @@
+ #include "rfcnb/rfcnb-util.h"
+ #include "rfcnb/std-includes.h"
+
++#include <signal.h>
+ #if HAVE_STRING_H
+ #include <string.h>
+ #endif
+ #include <sys/uio.h>
+-#include <sys/signal.h>
+
+ int RFCNB_Timeout = 0; /* Timeout in seconds ... */
+
#
-# Copyright (C) 2006-2014 OpenWrt.org
+# Copyright (C) 2006-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(INCLUDE_DIR)/package.mk
+TARGET_CPPFLAGS += -I$(PKG_BUILD_DIR)/include
+
define Package/sstp-client
SECTION:=net
CATEGORY:=Network
--- /dev/null
+--- /dev/null
++++ b/include/net/ppp_defs.h
+@@ -0,0 +1,10 @@
++#ifndef _NET_PPP_DEFS_H
++#define _NET_PPP_DEFS_H 1
++
++#define __need_time_t
++#include <time.h>
++
++#include <asm/types.h>
++#include <linux/ppp_defs.h>
++
++#endif /* net/ppp_defs.h */
+--- a/src/libsstp-log/sstp-log-syslog.c
++++ b/src/libsstp-log/sstp-log-syslog.c
+@@ -32,6 +32,7 @@
+ #include <sys/uio.h>
+ #include <sys/un.h>
+ #include <sys/socket.h>
++#include <sys/types.h>
+ #include <unistd.h>
+
+ #include <sstp-common.h>
+--- a/src/libsstp-log/sstp-log-std.c
++++ b/src/libsstp-log/sstp-log-std.c
+@@ -25,6 +25,7 @@
+ #include <stdio.h>
+ #include <stdint.h>
+ #include <string.h>
++#include <sys/types.h>
+ #include <sys/uio.h>
+ #include <unistd.h>
+
--- /dev/null
+++ b/src/libstrongswan/musl.h
-@@ -0,0 +1,33 @@
+@@ -0,0 +1,39 @@
+#include <sys/types.h>
+
+#define crypt x_crypt
+#define mode_t x_mode_t
+#define uid_t x_uid_t
+#define gid_t x_gid_t
++#define uint64_t x_uint64_t
++#define u_int64_t x_u_int64_t
++#define int64_t x_int64_t
+#define nlink_t x_nlink_t
+#define timer_t x_timer_t
+#define blkcnt_t x_blkcnt_t
+#undef mode_t
+#undef uid_t
+#undef gid_t
++#undef uint64_t
++#undef u_int64_t
++#undef int64_t
+#undef nlink_t
+#undef timer_t
+#undef blkcnt_t
#
-# Copyright (C) 2006-2014 OpenWrt.org
+# Copyright (C) 2006-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
PKG_NAME:=ulogd
PKG_VERSION:=2.0.4
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=ftp://ftp.netfilter.org/pub/ulogd/ \
CONFIG_PACKAGE_ulogd-mod-pgsql \
CONFIG_PACKAGE_ulogd-mod-sqlite \
+TARGET_CFLAGS += \
+ -D_GNU_SOURCE \
+
CONFIGURE_ARGS += \
--enable-nfacct \
--enable-nfct \
--- /dev/null
+--- a/src/ulogd.c
++++ b/src/ulogd.c
+@@ -83,7 +83,7 @@ static char *ulogd_logfile = NULL;
+ static const char *ulogd_configfile = ULOGD_CONFIGFILE;
+ static const char *ulogd_pidfile = NULL;
+ static int ulogd_pidfile_fd = -1;
+-static FILE syslog_dummy;
++static int ulogd_use_syslog = 0;
+
+ static int info_mode = 0;
+
+@@ -427,7 +427,7 @@ void __ulogd_log(int level, char *file,
+ if (level < loglevel_ce.u.value)
+ return;
+
+- if (logfile == &syslog_dummy) {
++ if (ulogd_use_syslog) {
+ /* FIXME: this omits the 'file' string */
+ va_start(ap, format);
+ vsyslog(ulogd2syslog_level(level), format, ap);
+@@ -950,7 +950,7 @@ static int logfile_open(const char *name
+ logfile = stdout;
+ } else if (!strcmp(name, "syslog")) {
+ openlog("ulogd", LOG_PID, LOG_DAEMON);
+- logfile = &syslog_dummy;
++ ulogd_use_syslog = 1;
+ } else {
+ logfile = fopen(ulogd_logfile, "a");
+ if (!logfile) {
+@@ -1240,7 +1240,7 @@ static void sigterm_handler(int signal)
+ unload_plugins();
+ #endif
+
+- if (logfile != NULL && logfile != stdout && logfile != &syslog_dummy) {
++ if (logfile != NULL && logfile != stdout) {
+ fclose(logfile);
+ logfile = NULL;
+ }
+@@ -1262,7 +1262,7 @@ static void signal_handler(int signal)
+ switch (signal) {
+ case SIGHUP:
+ /* reopen logfile */
+- if (logfile != stdout && logfile != &syslog_dummy) {
++ if (logfile != NULL && logfile != stdout) {
+ fclose(logfile);
+ logfile = fopen(ulogd_logfile, "a");
+ if (!logfile) {
+--- a/filter/raw2packet/ulogd_raw2packet_BASE.c
++++ b/filter/raw2packet/ulogd_raw2packet_BASE.c
+@@ -42,6 +42,7 @@
+ #include <ulogd/ulogd.h>
+ #include <ulogd/ipfix_protocol.h>
+ #include <netinet/if_ether.h>
++#include <linux/types.h>
+ #include <string.h>
+
+ enum input_keys {
include $(INCLUDE_DIR)/kernel.mk
PKG_NAME:=usbip
-PKG_RELEASE:=4
+PKG_RELEASE:=5
PKG_LICENSE:=GPL-2.0
# Since kernel 2.6.39.1 userspace tools are inside the kernel tree
--- /dev/null
+--- a/src/usbipd.c
++++ b/src/usbipd.c
+@@ -453,7 +453,7 @@ static void set_signal(void)
+ sigaction(SIGTERM, &act, NULL);
+ sigaction(SIGINT, &act, NULL);
+ act.sa_handler = SIG_IGN;
+- sigaction(SIGCLD, &act, NULL);
++ sigaction(SIGCHLD, &act, NULL);
+ }
+
+ static const char *pid_file;
PKG_NAME:=vpnc-scripts
PKG_VERSION:=20150116
-PKG_RELEASE:=1
+PKG_RELEASE:=2
include $(INCLUDE_DIR)/package.mk
rm -f $DNSMASQ_FILE
echo "$SDNS" | while read i; do
if [ -n "$INTERNAL_IP4_DNS" ];then
- echo "server=/$i/$INTERNAL_IP4_DNS" >> $DNSMASQ_FILE
+ for dns in "$INTERNAL_IP4_DNS";do
+ echo "server=/$i/$dns" >> $DNSMASQ_FILE
+ done
fi
if [ -n "$INTERNAL_IP6_DNS" ];then
- echo "server=/$i/$INTERNAL_IP6_DNS" >> $DNSMASQ_FILE
+ for dns in "$INTERNAL_IP6_DNS";do
+ echo "server=/$i/$dns" >> $DNSMASQ_FILE
+ done
fi
echo "rebind-domain-ok=$i" >> $DNSMASQ_FILE
done
/etc/init.d/dnsmasq restart
else
- [ -n "$INTERNAL_IP4_DNS" ] && proto_add_dns_server "$INTERNAL_IP4_DNS"
+ if [ -n "$INTERNAL_IP4_DNS" ];then
+ for dns in "$INTERNAL_IP4_DNS";do
+ proto_add_dns_server "$dns"
+ done
+ fi
+ if [ -n "$INTERNAL_IP6_DNS" ];then
+ for dns in "$INTERNAL_IP6_DNS";do
+ proto_add_dns_server "$dns"
+ done
+ fi
[ -n "$CISCO_DEF_DOMAIN" ] && proto_add_dns_search "$CISCO_DEF_DOMAIN"
fi
PKG_NAME:=vsftpd
PKG_VERSION:=3.0.2
-PKG_RELEASE:=5
+PKG_RELEASE:=6
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://security.appspot.com/downloads/
--- /dev/null
+Description: CVE-2015-1419: config option deny_file is not handled correctly
+Author: Marcus Meissner <meissner@suse.com>
+Origin: https://bugzilla.novell.com/show_bug.cgi?id=CVE-2015-1419
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776922
+Last-Update: 2015-02-24
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/ls.c
++++ b/ls.c
+@@ -7,6 +7,7 @@
+ * Would you believe, code to handle directory listing.
+ */
+
++#include <stdlib.h>
+ #include "ls.h"
+ #include "access.h"
+ #include "defs.h"
+@@ -243,11 +244,42 @@ vsf_filename_passes_filter(const struct
+ struct mystr temp_str = INIT_MYSTR;
+ struct mystr brace_list_str = INIT_MYSTR;
+ struct mystr new_filter_str = INIT_MYSTR;
++ struct mystr normalize_filename_str = INIT_MYSTR;
++ const char *normname;
++ const char *path;
+ int ret = 0;
+ char last_token = 0;
+ int must_match_at_current_pos = 1;
++
+ str_copy(&filter_remain_str, p_filter_str);
+- str_copy(&name_remain_str, p_filename_str);
++
++ /* normalize filepath */
++ path = str_strdup(p_filename_str);
++ normname = realpath(path, NULL);
++ if (normname == NULL)
++ goto out;
++ str_alloc_text(&normalize_filename_str, normname);
++
++ if (!str_isempty (&filter_remain_str) && !str_isempty(&normalize_filename_str)) {
++ if (str_get_char_at(p_filter_str, 0) == '/') {
++ if (str_get_char_at(&normalize_filename_str, 0) != '/') {
++ str_getcwd (&name_remain_str);
++
++ if (str_getlen(&name_remain_str) > 1) /* cwd != root dir */
++ str_append_char (&name_remain_str, '/');
++
++ str_append_str (&name_remain_str, &normalize_filename_str);
++ }
++ else
++ str_copy (&name_remain_str, &normalize_filename_str);
++ } else {
++ if (str_get_char_at(p_filter_str, 0) != '{')
++ str_basename (&name_remain_str, &normalize_filename_str);
++ else
++ str_copy (&name_remain_str, &normalize_filename_str);
++ }
++ } else
++ str_copy(&name_remain_str, &normalize_filename_str);
+
+ while (!str_isempty(&filter_remain_str) && *iters < VSFTP_MATCHITERS_MAX)
+ {
+@@ -360,6 +392,9 @@ vsf_filename_passes_filter(const struct
+ ret = 0;
+ }
+ out:
++ free(normname);
++ free(path);
++ str_free(&normalize_filename_str);
+ str_free(&filter_remain_str);
+ str_free(&name_remain_str);
+ str_free(&temp_str);
+--- a/str.c
++++ b/str.c
+@@ -711,3 +711,14 @@ str_replace_unprintable(struct mystr* p_
+ }
+ }
+
++void
++str_basename (struct mystr* d_str, const struct mystr* path)
++{
++ static struct mystr tmp;
++
++ str_copy (&tmp, path);
++ str_split_char_reverse(&tmp, d_str, '/');
++
++ if (str_isempty(d_str))
++ str_copy (d_str, path);
++}
+--- a/str.h
++++ b/str.h
+@@ -100,6 +100,7 @@ void str_replace_unprintable(struct myst
+ int str_atoi(const struct mystr* p_str);
+ filesize_t str_a_to_filesize_t(const struct mystr* p_str);
+ unsigned int str_octal_to_uint(const struct mystr* p_str);
++void str_basename (struct mystr* d_str, const struct mystr* path);
+
+ /* PURPOSE: Extract a line of text (delimited by \n or EOF) from a string
+ * buffer, starting at character position 'p_pos'. The extracted line will
PKG_NAME:=wifidog
PKG_VERSION:=1.2.1
-PKG_RELEASE=1
+PKG_RELEASE=2
PKG_LICENSE:=GPL-2.0
--- /dev/null
+--- a/libhttpd/protocol.c
++++ b/libhttpd/protocol.c
+@@ -28,6 +28,7 @@
+
+ #if defined(_WIN32)
+ #else
++#include <fcntl.h>
+ #include <unistd.h>
+ #include <sys/file.h>
+ #endif
+--- a/src/firewall.c
++++ b/src/firewall.c
+@@ -35,7 +35,6 @@
+ #include <pthread.h>
+ #include <sys/wait.h>
+ #include <sys/types.h>
+-#include <sys/unistd.h>
+
+ #include <string.h>
+
+--- a/src/client_list.c
++++ b/src/client_list.c
+@@ -31,9 +31,9 @@
+ #include <syslog.h>
+ #include <errno.h>
+ #include <pthread.h>
++#include <unistd.h>
+ #include <sys/wait.h>
+ #include <sys/types.h>
+-#include <sys/unistd.h>
+
+ #include <string.h>
+
+--- a/src/util.c
++++ b/src/util.c
+@@ -33,10 +33,10 @@
+ #include <syslog.h>
+ #include <errno.h>
+ #include <pthread.h>
++#include <unistd.h>
+ #include <sys/wait.h>
+ #include <sys/types.h>
+ #include <sys/time.h>
+-#include <sys/unistd.h>
+ #include <netinet/in.h>
+ #include <sys/ioctl.h>
+ #include <arpa/inet.h>
include $(TOPDIR)/rules.mk
PKG_NAME:=mpc
-PKG_VERSION:=0.26
-PKG_RELEASE:=2
+PKG_VERSION:=0.27
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://www.musicpd.org/download/mpc/0
-PKG_MD5SUM:=d4f37e7e6b32c804a870192d1eb86199
+PKG_MD5SUM:=d9430db9b9d7fb1eadbe4d13e8d97c66
PKG_LICENSE:=GPL-2.0+
PKG_LICENSE_FILES:=COPYING
PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
include $(TOPDIR)/rules.mk
PKG_NAME:=mpd
-PKG_VERSION:=0.18.23
+PKG_VERSION:=0.19.10
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=http://www.musicpd.org/download/mpd/0.18/
-PKG_MD5SUM:=fcdfe8b3a7a21a87b6776204e6eb7814
+PKG_SOURCE_URL:=http://www.musicpd.org/download/mpd/0.19/
+PKG_MD5SUM:=da4bc3e47afd0faf9e7a67168e012102
PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
PKG_LICENSE:=GPL-2.0
PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
-include $(INCLUDE_DIR)/nls.mk
define Package/mpd/Default
SECTION:=sound
CATEGORY:=Sound
TITLE:=Music Player Daemon
URL:=http://www.musicpd.org/
- DEPENDS:= +glib2 +libcurl +libpthread +libmpdclient $(ICONV_DEPENDS) +libstdcpp \
- +libflac +BUILD_PATENTED:libmad +libvorbisidec +AUDIO_SUPPORT:alsa-lib
+ DEPENDS:= +glib2 +libcurl +libpthread +libmpdclient +libstdcpp \
+ +libflac +BUILD_PATENTED:libmad +libvorbisidec +AUDIO_SUPPORT:alsa-lib \
+ +boost +boost-container +libexpat
endef
define Package/mpd/Default/description
TITLE+= (full)
DEPENDS+= \
+libaudiofile +BUILD_PATENTED:libfaad2 +libffmpeg +libid3tag \
- +libmms +libogg +libsndfile +libvorbis
+ +libmms +libogg +libsndfile +libvorbis +libupnp
PROVIDES:=mpd
VARIANT:=full
endef
$(call autoconf_bool,CONFIG_IPV6,ipv6) \
--disable-debug \
--disable-documentation \
- --disable-gprof \
--disable-test \
--disable-werror \
\
--disable-ao \
--disable-bzip2 \
- --enable-cue \
- --disable-ffado \
--disable-fluidsynth \
--disable-gme \
--enable-inotify \
+ --disable-icu \
--disable-eventfd \
--disable-iso9660 \
--disable-jack \
--disable-modplug \
--disable-mpc \
--disable-mpg123 \
- --disable-mvp \
--disable-openal \
--disable-opus \
--disable-pulse \
--disable-sidplay \
--disable-solaris-output \
- --disable-soup \
--disable-sqlite \
--disable-twolame-encoder \
--enable-wave-encoder \
$(if $(CONFIG_BUILD_PATENTED),MAD_CFLAGS="$(TARGET_CFLAGS)") \
$(if $(CONFIG_BUILD_PATENTED),MAD_LIBS="$(TARGET_LDFLAGS) -lmad") \
-TARGET_LDFLAGS += -Wl,-rpath-link=$(STAGING_DIR)/usr/lib $(if $(ICONV_FULL),-liconv)
+TARGET_LDFLAGS += -Wl,-rpath-link=$(STAGING_DIR)/usr/lib
ifeq ($(BUILD_VARIANT),full)
CONFIGURE_ARGS += \
+ --enable-upnp \
$(call autoconf_bool,CONFIG_BUILD_PATENTED,aac) \
--enable-audiofile \
--enable-fifo \
# oggflac is not compatible with tremor
CONFIGURE_ARGS += \
+ --disable-upnp \
--disable-aac \
--disable-audiofile \
--disable-fifo \
--disable-ffmpeg \
--disable-id3 \
- --disable-lastfm \
--disable-mms \
- --disable-oggflac \
--disable-pipe-output \
--disable-recorder-output \
--disable-shout \
---- a/src/decoder/FfmpegDecoderPlugin.cxx
-+++ b/src/decoder/FfmpegDecoderPlugin.cxx
-@@ -666,6 +666,7 @@ static const char *const ffmpeg_mime_typ
+--- a/src/decoder/plugins/FfmpegDecoderPlugin.cxx
++++ b/src/decoder/plugins/FfmpegDecoderPlugin.cxx
+@@ -765,6 +765,7 @@ static const char *const ffmpeg_mime_typ
"audio/qcelp",
"audio/vorbis",
"audio/vorbis+ogg",
---- a/src/decoder/FfmpegDecoderPlugin.cxx
-+++ b/src/decoder/FfmpegDecoderPlugin.cxx
-@@ -376,6 +376,13 @@ ffmpeg_probe(Decoder *decoder, InputStre
+--- a/src/decoder/plugins/FfmpegDecoderPlugin.cxx
++++ b/src/decoder/plugins/FfmpegDecoderPlugin.cxx
+@@ -458,6 +458,13 @@ ffmpeg_probe(Decoder *decoder, InputStre
unsigned char buffer[BUFFER_SIZE];
size_t nbytes = decoder_read(decoder, is, buffer, BUFFER_SIZE);
PKG_NAME:=bluez
PKG_VERSION:=5.30
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://www.kernel.org/pub/linux/bluetooth/
SECTION:=libs
CATEGORY:=Libraries
TITLE+= library
- DEPENDS:=+libpthread
+ DEPENDS:=+libpthread +kmod-bluetooth
endef
define Package/bluez-utils
SECTION:=utils
CATEGORY:=Utilities
TITLE+= utilities
- DEPENDS:=+bluez-libs +libpthread +librt +dbus +glib2 +libical +libncurses +libreadline $(INTL_DEPENDS) $(ICONV_DEPENDS)
+ DEPENDS:=+bluez-libs +libpthread +librt +glib2 +libncurses +libreadline $(INTL_DEPENDS) $(ICONV_DEPENDS)
endef
-define Package/bluez-utils/conffiles
+define Package/bluez-daemon
+$(call Package/bluez/Default)
+ SECTION:=utils
+ CATEGORY:=Utilities
+ TITLE+= daemon
+ DEPENDS:=+bluez-libs +bluez-utils +dbus +libical $(INTL_DEPENDS) $(ICONV_DEPENDS)
+endef
+
+define Package/bluez-daemon/conffiles
/etc/bluetooth/main.conf
/etc/bluetooth/network.conf
/etc/bluetooth/input.conf
define Package/bluez-utils/install
$(INSTALL_DIR) $(1)/usr/bin
- $(CP) $(PKG_INSTALL_DIR)/usr/bin/* $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/bccmd $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/bluemoon $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/btmon $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/ciptool $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/hciattach $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/hciconfig $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/hcidump $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/hcitool $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/hex2hcd $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/l2ping $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/l2test $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/rctest $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/rfcomm $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/sdptool $(1)/usr/bin/
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/attrib/gatttool $(1)/usr/bin/
+endef
+
+define Package/bluez-daemon/install
+ $(INSTALL_DIR) $(1)/usr/bin
$(CP) $(PKG_INSTALL_DIR)/usr/lib/bluetooth/bluetoothd $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/bluetoothctl $(1)/usr/bin/
$(CP) $(PKG_INSTALL_DIR)/usr/lib/bluetooth/obexd $(1)/usr/bin/
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/attrib/gatttool $(1)/usr/bin/
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_DATA) ./files/bluetooth.config $(1)/etc/config/bluetooth
$(INSTALL_DIR) $(1)/etc/dbus-1/system.d/
$(eval $(call BuildPackage,bluez-examples))
$(eval $(call BuildPackage,bluez-libs))
$(eval $(call BuildPackage,bluez-utils))
+$(eval $(call BuildPackage,bluez-daemon))
#
-# Copyright (C) 2006-2014 OpenWrt.org
+# Copyright (C) 2006-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
PKG_NAME:=lm-sensors
PKG_VERSION:=3.3.5
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=lm_sensors-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=http://dl.lm-sensors.org/lm-sensors/releases
--- /dev/null
+--- a/prog/dump/isadump.c
++++ b/prog/dump/isadump.c
+@@ -38,7 +38,7 @@
+
+
+ /* To keep glibc2 happy */
+-#if defined(__GLIBC__) && __GLIBC__ == 2 && __GLIBC_MINOR__ >= 0
++#if !defined(__UCLIBC__)
+ #include <sys/io.h>
+ #else
+ #include <asm/io.h>
+--- a/prog/dump/isaset.c
++++ b/prog/dump/isaset.c
+@@ -34,7 +34,7 @@
+
+
+ /* To keep glibc2 happy */
+-#if defined(__GLIBC__) && __GLIBC__ == 2 && __GLIBC_MINOR__ >= 0
++#if !defined(__UCLIBC__)
+ #include <sys/io.h>
+ #else
+ #include <asm/io.h>
+--- a/prog/dump/superio.c
++++ b/prog/dump/superio.c
+@@ -21,7 +21,7 @@
+
+ #include <stdlib.h>
+
+-#if defined(__GLIBC__) && __GLIBC__ == 2 && __GLIBC_MINOR__ >= 0
++#if !defined(__UCLIBC__)
+ #include <sys/io.h>
+ #else
+ #include <asm/io.h>
+--- a/prog/dump/util.c
++++ b/prog/dump/util.c
+@@ -12,7 +12,7 @@
+ #include "util.h"
+
+ /* To keep glibc2 happy */
+-#if defined(__GLIBC__) && __GLIBC__ == 2 && __GLIBC_MINOR__ >= 0
++#if !defined(__UCLIBC__)
+ #include <sys/io.h>
+ #else
+ #include <asm/io.h>
PKG_NAME:=macchanger
PKG_VERSION:=1.7.0
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/alobbs/macchanger/releases/download/$(PKG_VERSION)/
--- /dev/null
+Index: macchanger-1.7.0/src/netinfo.c
+===================================================================
+--- macchanger-1.7.0.orig/src/netinfo.c
++++ macchanger-1.7.0/src/netinfo.c
+@@ -113,7 +113,7 @@ mc_net_info_get_permanent_mac (const net
+ epa->size = IFHWADDRLEN;
+
+ memcpy(&req, &(net->dev), sizeof(struct ifreq));
+- req.ifr_data = (caddr_t)epa;
++ req.ifr_data = (char *)epa;
+
+ if (ioctl(net->sock, SIOCETHTOOL, &req) < 0) {
+ perror ("[ERROR] Could not read permanent MAC");
PKG_NAME:=minicom
PKG_VERSION:=2.7
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://alioth.debian.org/frs/download.php/file/3977/
define Package/minicom
SECTION:=utils
CATEGORY:=Utilities
- DEPENDS:=$(ICONV_DEPENDS) +libncurses
+ DEPENDS:=$(ICONV_DEPENDS) $(INTL_DEPENDS) +libncurses
TITLE:=Terminal emulation program
URL:=http://alioth.debian.org/projects/minicom/
SUBMENU:=Terminal
#
-# Copyright (C) 2013-2014 OpenWrt.org
+# Copyright (C) 2013-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(TOPDIR)/rules.mk
PKG_NAME:=open-plc-utils
-PKG_VERSION:=2015-02-23
+PKG_VERSION:=2015-06-26
PKG_RELEASE:=$(PKG_SOURCE_VERSION)
PKG_SOURCE_PROTO:=git
--- /dev/null
+--- a/ether/readpacket.c
++++ b/ether/readpacket.c
+@@ -70,6 +70,10 @@
+ #include <memory.h>
+ #include <errno.h>
+
++#if defined (__linux__)
++#include <poll.h>
++#endif
++
+ #include "../ether/channel.h"
+ #include "../tools/memory.h"
+ #include "../tools/error.h"
+@@ -95,8 +99,6 @@ ssize_t readpacket (struct channel const
+
+ #elif defined (__linux__)
+
+-#include <sys/poll.h>
+-
+ struct pollfd pollfd =
+ {
+ channel->fd,
+--- a/serial/serial.c
++++ b/serial/serial.c
+@@ -69,6 +69,8 @@
+
+ #if defined (WIN32)
+ #include <Windows.h>
++#else
++#include <sys/select.h>
+ #endif
+
+ /*====================================================================*
PKG_NAME:=screen
PKG_VERSION:=4.2.1
-PKG_RELEASE:=3
+PKG_RELEASE:=4
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@GNU/screen
+--- a/configure
++++ b/configure
+@@ -4154,44 +4154,6 @@ fi
+ rm -f conftest*
+
+
+-oldlibs="$LIBS"
+-LIBS="$LIBS -lelf"
+-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking SVR4..." >&5
+-$as_echo "$as_me: checking SVR4..." >&6;}
+-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+-/* end confdefs.h. */
+-#include <utmpx.h>
+-
+-int
+-main ()
+-{
+-
+- ;
+- return 0;
+-}
+-_ACEOF
+-if ac_fn_c_try_link "$LINENO"; then :
+- ac_fn_c_check_header_mongrel "$LINENO" "dwarf.h" "ac_cv_header_dwarf_h" "$ac_includes_default"
+-if test "x$ac_cv_header_dwarf_h" = xyes; then :
+- $as_echo "#define SVR4 1" >>confdefs.h
+- $as_echo "#define BUGGYGETLOGIN 1" >>confdefs.h
+-
+-else
+- ac_fn_c_check_header_mongrel "$LINENO" "elf.h" "ac_cv_header_elf_h" "$ac_includes_default"
+-if test "x$ac_cv_header_elf_h" = xyes; then :
+- $as_echo "#define SVR4 1" >>confdefs.h
+- $as_echo "#define BUGGYGETLOGIN 1" >>confdefs.h
+-
+-fi
+-
+-
+-fi
+-
+-
+-
+-else
+- LIBS="$oldlibs"
+-fi
+ rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+ for ac_header in stropts.h string.h strings.h
--- a/utmp.c
+++ b/utmp.c
@@ -33,6 +33,7 @@