include $(TOPDIR)/rules.mk
PKG_NAME:=monit
-PKG_VERSION:=5.25.2
-PKG_RELEASE:=2
+PKG_VERSION:=5.26.0
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://mmonit.com/monit/dist
-PKG_HASH:=aa0ce6361d1155e43e30a86dcff00b2003d434f221c360981ced830275abc64a
+PKG_HASH:=87fc4568a3af9a2be89040efb169e3a2e47b262f99e78d5ddde99dd89f02f3c2
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
PKG_LICENSE:=AGPL-3.0
CONFIGURE_ARGS += \
--without-pam \
+ ac_cv_ipv6=$(if $(CONFIG_IPV6),yes,no) \
libmonit_cv_setjmp_available=yes \
libmonit_cv_vsnprintf_c99_conformant=yes
--- a/configure
+++ b/configure
-@@ -14390,14 +14390,7 @@ fi
+@@ -14436,14 +14436,7 @@ fi
# Find the right directory to put the root-mode PID file in
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking pid file location" >&5
$as_echo_n "checking pid file location... " >&6; }
cat >>confdefs.h <<_ACEOF
+--- a/configure.ac
++++ b/configure.ac
+@@ -501,14 +501,7 @@ fi
+
+ # Find the right directory to put the root-mode PID file in
+ AC_MSG_CHECKING([pid file location])
+-if test -d "/run"
+-then
+- piddir="/run"
+-elif test -d "/var/run"; then
+- piddir="/var/run"
+-elif test -d "/etc"; then
+- piddir="/etc"
+-fi
++piddir="/var/run"
+
+ AC_DEFINE_UNQUOTED([PIDDIR], "$piddir",
+ [Define to the pid storage directory.])
+++ /dev/null
-diff --git a/src/ssl/Ssl.c b/src/ssl/Ssl.c
-index 6501f25..9c24ad5 100644
---- a/src/ssl/Ssl.c
-+++ b/src/ssl/Ssl.c
-@@ -302,8 +302,8 @@ static boolean_t _retry(int socket, int *timeout, int (*callback)(int socket, ti
-
-
- #if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
--static unsigned long _threadID() {
-- return (unsigned long)Thread_self();
-+static void _threadID(CRYPTO_THREADID *id) {
-+ CRYPTO_THREADID_set_numeric(id, (unsigned long)Thread_self());
- }
-
-
-@@ -482,7 +482,7 @@ void Ssl_start() {
- instanceMutexTable = CALLOC(locks, sizeof(Mutex_T));
- for (int i = 0; i < locks; i++)
- Mutex_init(instanceMutexTable[i]);
-- CRYPTO_set_id_callback(_threadID);
-+ CRYPTO_THREADID_set_callback(_threadID);
- CRYPTO_set_locking_callback(_mutexLock);
- #endif
- if (File_exist(URANDOM_DEVICE))
-@@ -496,7 +496,7 @@ void Ssl_start() {
-
- void Ssl_stop() {
- #if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
-- CRYPTO_set_id_callback(NULL);
-+ CRYPTO_THREADID_set_callback(NULL);
- CRYPTO_set_locking_callback(NULL);
- for (int i = 0; i < CRYPTO_num_locks(); i++)
- Mutex_destroy(instanceMutexTable[i]);
-@@ -510,7 +510,7 @@ void Ssl_stop() {
-
- void Ssl_threadCleanup() {
- #if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
-- ERR_remove_state(0);
-+ ERR_remove_thread_state(NULL);
- #endif
- }
-
PKG_NAME:=netdata
PKG_VERSION:=1.16.1
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_MAINTAINER:=Josef Schlehofer <pepe.schlehofer@gmail.com>, Daniel Engberg <daniel.engberg.lists@pyret.net>
PKG_LICENSE:=GPL-3.0-or-later
--- /dev/null
+From 893bfc98d3f33d02ce6d6a3a48fb02c964156fb5 Mon Sep 17 00:00:00 2001
+From: Markos Fountoulakis <markos.fountoulakis.senior@gmail.com>
+Date: Wed, 14 Aug 2019 11:55:50 +0300
+Subject: [PATCH] Stop configure.ac from linking against dbengine and https
+ libraries when dbengine or https are disabled
+
+---
+ configure.ac | 28 +++++++++++++---------------
+ 1 file changed, 13 insertions(+), 15 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 56e484cc2c..8dbdcaa17f 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -280,9 +280,6 @@ AC_CHECK_LIB(
+ [UV_LIBS="-luv"]
+ )
+
+-OPTIONAL_UV_CFLAGS="${UV_CFLAGS}"
+-OPTIONAL_UV_LIBS="${UV_LIBS}"
+-
+
+ # -----------------------------------------------------------------------------
+ # lz4 Extremely Fast Compression algorithm
+@@ -293,9 +290,6 @@ AC_CHECK_LIB(
+ [LZ4_LIBS="-llz4"]
+ )
+
+-OPTIONAL_LZ4_CFLAGS="${LZ4_CFLAGS}"
+-OPTIONAL_LZ4_LIBS="${LZ4_LIBS}"
+-
+
+ # -----------------------------------------------------------------------------
+ # Judy General purpose dynamic array
+@@ -306,9 +300,6 @@ AC_CHECK_LIB(
+ [JUDY_LIBS="-lJudy"]
+ )
+
+-OPTIONAL_JUDY_CFLAGS="${JUDY_CFLAGS}"
+-OPTIONAL_JUDY_LIBS="${JUDY_LIBS}"
+-
+
+ # -----------------------------------------------------------------------------
+ # zlib
+@@ -356,9 +347,6 @@ AC_CHECK_LIB(
+ [SSL_LIBS="-lcrypto -lssl"]
+ )
+
+-OPTIONAL_SSL_CFLAGS="${SSL_CFLAGS}"
+-OPTIONAL_SSL_LIBS="${SSL_LIBS}"
+-
+ # -----------------------------------------------------------------------------
+ # JSON-C library
+
+@@ -391,6 +379,14 @@ AC_MSG_CHECKING([if netdata dbengine should be used])
+ if test "${enable_dbengine}" != "no" -a "${UV_LIBS}" -a "${LZ4_LIBS}" -a "${JUDY_LIBS}" -a "${SSL_LIBS}"; then
+ enable_dbengine="yes"
+ AC_DEFINE([ENABLE_DBENGINE], [1], [netdata dbengine usability])
++ OPTIONAL_UV_CFLAGS="${UV_CFLAGS}"
++ OPTIONAL_UV_LIBS="${UV_LIBS}"
++ OPTIONAL_LZ4_CFLAGS="${LZ4_CFLAGS}"
++ OPTIONAL_LZ4_LIBS="${LZ4_LIBS}"
++ OPTIONAL_JUDY_CFLAGS="${JUDY_CFLAGS}"
++ OPTIONAL_JUDY_LIBS="${JUDY_LIBS}"
++ OPTIONAL_SSL_CFLAGS="${SSL_CFLAGS}"
++ OPTIONAL_SSL_LIBS="${SSL_LIBS}"
+ else
+ enable_dbengine="no"
+ fi
+@@ -399,10 +395,12 @@ AM_CONDITIONAL([ENABLE_DBENGINE], [test "${enable_dbengine}" = "yes"])
+
+ AC_MSG_CHECKING([if netdata https should be used])
+ if test "${enable_https}" != "no" -a "${SSL_LIBS}"; then
+- enable_https="yes"
+- AC_DEFINE([ENABLE_HTTPS], [1], [netdata HTTPS usability])
++ enable_https="yes"
++ AC_DEFINE([ENABLE_HTTPS], [1], [netdata HTTPS usability])
++ OPTIONAL_SSL_CFLAGS="${SSL_CFLAGS}"
++ OPTIONAL_SSL_LIBS="${SSL_LIBS}"
+ else
+- enable_https="no"
++ enable_https="no"
+ fi
+ AC_MSG_RESULT([${enable_https}])
+ AM_CONDITIONAL([ENABLE_HTTPS], [test "${enable_https}" = "yes"])
include $(TOPDIR)/rules.mk
PKG_NAME:=zabbix
-PKG_VERSION:=4.0.6
-PKG_RELEASE:=2
+PKG_VERSION:=4.0.11
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@SF/zabbix
-PKG_HASH:=2890851b3a4b0f70f69ef754aa0d07070b42440f56d280113a9474bc4ed75e5b
+PKG_HASH:=b0af25c31c622d14cb7780db5941d76579b9f9a6ee449613d847b0b505628409
PKG_MAINTAINER:=Etienne CHAMPETIER <champetier.etienne@gmail.com>
PKG_LICENSE:=GPL-2.0
+++ /dev/null
---- a/src/libs/zbxnix/daemon.c
-+++ b/src/libs/zbxnix/daemon.c
-@@ -300,11 +300,14 @@ int daemon_start(int allow_root, const c
-
- if (0 == allow_root && 0 == getuid()) /* running as root? */
- {
-+#if 0
-+/* allow changing user and foreground */
- if (0 != (flags & ZBX_TASK_FLAG_FOREGROUND))
- {
- zbx_error("cannot run as root!");
- exit(EXIT_FAILURE);
- }
-+#endif
-
- if (NULL == user)
- user = "zabbix";
PKG_NAME:=patch
PKG_VERSION:=2.7.6
-PKG_RELEASE:=4
+PKG_RELEASE:=5
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@GNU/patch
--- /dev/null
+From 3fcd042d26d70856e826a42b5f93dc4854d80bf0 Mon Sep 17 00:00:00 2001
+From: Andreas Gruenbacher <agruen@gnu.org>
+Date: Fri, 6 Apr 2018 19:36:15 +0200
+Subject: Invoke ed directly instead of using the shell
+
+* src/pch.c (do_ed_script): Invoke ed directly instead of using a shell
+command to avoid quoting vulnerabilities.
+---
+ src/pch.c | 6 ++----
+ 1 file changed, 2 insertions(+), 4 deletions(-)
+
+diff --git a/src/pch.c b/src/pch.c
+index 4fd5a05..16e001a 100644
+--- a/src/pch.c
++++ b/src/pch.c
+@@ -2459,9 +2459,6 @@ do_ed_script (char const *inname, char const *outname,
+ *outname_needs_removal = true;
+ copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
+ }
+- sprintf (buf, "%s %s%s", editor_program,
+- verbosity == VERBOSE ? "" : "- ",
+- outname);
+ fflush (stdout);
+
+ pid = fork();
+@@ -2470,7 +2467,8 @@ do_ed_script (char const *inname, char const *outname,
+ else if (pid == 0)
+ {
+ dup2 (tmpfd, 0);
+- execl ("/bin/sh", "sh", "-c", buf, (char *) 0);
++ assert (outname[0] != '!' && outname[0] != '-');
++ execlp (editor_program, editor_program, "-", outname, (char *) NULL);
+ _exit (2);
+ }
+ else
+--
+cgit v1.0-41-gc330
+
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/cifsd-team/cifsd.git
-PKG_SOURCE_DATE:=2019-07-17
-PKG_SOURCE_VERSION:=0c3049e84fc7737cedbcef3e1791a570871168cd
-PKG_MIRROR_HASH:=2717cb1e3d28e7ff5ea69c3fa2a6ae182b70bcdf8680a41a0df2b190b072d04b
+PKG_SOURCE_DATE:=2019-08-19
+PKG_SOURCE_VERSION:=b919acf32027cd5d7616726336305b47e24f02ab
+PKG_MIRROR_HASH:=fd64b2cb78b8847f11ff79cbe06c3416bb0e67ca7433215d20c810fbfff6ee8f
PKG_MAINTAINER:=Andy Walsh <andy.walsh44+github@gmail.com>
PKG_LICENSE:=GPL-2.0-or-later
--- /dev/null
+--- a/vfs_cache.c
++++ b/vfs_cache.c
+@@ -232,7 +232,7 @@ int __init cifsd_inode_hash_init(void)
+ size = bucketsize << inode_hash_shift;
+
+ /* init master fp hash table */
+- inode_hashtable = __vmalloc(size, GFP_ATOMIC, PAGE_KERNEL);
++ inode_hashtable = vmalloc(size);
+ if (!inode_hashtable)
+ return -ENOMEM;
+
+--- b/vfs.c
++++ b/vfs.c
+@@ -17,6 +17,8 @@
+ #include <linux/fsnotify.h>
+ #include <linux/dcache.h>
+ #include <linux/fiemap.h>
++#include <linux/slab.h>
++#include <linux/vmalloc.h>
+
+ #if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 11, 0)
+ #include <linux/sched/xacct.h>
+--- b/vfs_cache.c
++++ b/vfs_cache.c
+@@ -5,6 +5,8 @@
+ */
+
+ #include <linux/fs.h>
++#include <linux/slab.h>
++#include <linux/vmalloc.h>
+
+ /* @FIXME */
+ #include "glob.h"
--- /dev/null
+===
+
+SMB1/SMB2 don't know exactly how vfs layer allocates xattr list,
+via kmalloc() or vmalloc(). Introduce cifsd_vfs_xattr_free() and
+keep both xattr allocation and de-allocation in one place.
+
+Signed-off-by: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
+---
+ smb1pdu.c | 4 ++--
+ smb2pdu.c | 6 ++----
+ vfs.c | 6 ++++++
+ vfs.h | 1 +
+ 4 files changed, 11 insertions(+), 6 deletions(-)
+
+diff --git a/smb1pdu.c b/smb1pdu.c
+index 35599ef..8cb92cf 100644
+--- a/smb1pdu.c
++++ b/smb1pdu.c
+@@ -8,6 +8,7 @@
+ #include <linux/posix_acl_xattr.h>
+ #include <linux/namei.h>
+ #include <linux/statfs.h>
++#include <linux/vmalloc.h>
+
+ #include "glob.h"
+ #include "smb1pdu.h"
+@@ -3844,8 +3845,7 @@ done:
+ rsp->ByteCount = cpu_to_le16(rsp_data_cnt + 5);
+ inc_rfc1001_len(&rsp->hdr, (10 * 2 + rsp->ByteCount));
+ out:
+- if (xattr_list)
+- vfree(xattr_list);
++ cifsd_vfs_xattr_free(xattr_list);
+ return rc;
+ }
+
+diff --git a/smb2pdu.c b/smb2pdu.c
+index 754258f..2727622 100644
+--- a/smb2pdu.c
++++ b/smb2pdu.c
+@@ -3867,8 +3867,7 @@ done:
+ rsp->OutputBufferLength = cpu_to_le32(rsp_data_cnt);
+ inc_rfc1001_len(rsp_org, rsp_data_cnt);
+ out:
+- if (xattr_list)
+- vfree(xattr_list);
++ cifsd_vfs_xattr_free(xattr_list);
+ return rc;
+ }
+
+@@ -4151,8 +4150,7 @@ static void get_file_stream_info(struct cifsd_work *work,
+ /* last entry offset should be 0 */
+ file_info->NextEntryOffset = 0;
+ out:
+- if (xattr_list)
+- vfree(xattr_list);
++ cifsd_vfs_xattr_free(xattr_list);
+
+ rsp->OutputBufferLength = cpu_to_le32(nbytes);
+ inc_rfc1001_len(rsp_org, nbytes);
+diff --git a/vfs.c b/vfs.c
+index 556b1a5..6da6f8e 100644
+--- a/vfs.c
++++ b/vfs.c
+@@ -1550,6 +1550,12 @@ int cifsd_vfs_remove_xattr(struct dentry *dentry, char *attr_name)
+ return vfs_removexattr(dentry, attr_name);
+ }
+
++void cifsd_vfs_xattr_free(char *xattr)
++{
++ if (xattr)
++ vfree(xattr);
++}
++
+ int cifsd_vfs_unlink(struct dentry *dir, struct dentry *dentry)
+ {
+ int err = 0;
+diff --git a/vfs.h b/vfs.h
+index ee54daf..16b4f9e 100644
+--- a/vfs.h
++++ b/vfs.h
+@@ -186,6 +186,7 @@ int cifsd_vfs_xattr_stream_name(char *stream_name,
+
+ int cifsd_vfs_truncate_xattr(struct dentry *dentry, int wo_streams);
+ int cifsd_vfs_remove_xattr(struct dentry *dentry, char *attr_name);
++void cifsd_vfs_xattr_free(char *xattr);
+
+ int cifsd_vfs_kern_path(char *name, unsigned int flags, struct path *path,
+ bool caseless);
GO_VERSION_MAJOR_MINOR:=1.12
-GO_VERSION_PATCH:=7
+GO_VERSION_PATCH:=9
PKG_SOURCE:=go$(PKG_VERSION).src.tar.gz
PKG_SOURCE_URL:=$(GO_SOURCE_URLS)
-PKG_HASH:=95e8447d6f04b8d6a62de1726defbb20ab203208ee167ed15f83d7978ce43b13
+PKG_HASH:=ab0e56ed9c4732a653ed22e232652709afbf573e710f56a07f7fdeca578d62fc
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=LICENSE
include $(TOPDIR)/rules.mk
PKG_NAME:=ldbus
-PKG_SOURCE_DATE:=2019-03-25
-PKG_SOURCE_VERSION:=345d820b0f34bd35ea01dae633d35ea3cf7faf2a
+PKG_SOURCE_DATE:=2019-08-15
+PKG_SOURCE_VERSION:=9e176fe851006037a643610e6d8f3a8e597d4073
PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL=https://github.com/daurnimator/ldbus
-PKG_MIRROR_HASH:=c0f5d1b34bc8b82d0f70bad23ecaca10ef84730c2c3ea318673b5a941f4dfc85
+PKG_MIRROR_HASH:=65fc7c975a17cfd3929b54973558205354fc285b6bd88a732c045e8444000d44
PKG_MAINTAINER:=Enrico Mioso <mrkiko.rs@gmail.com>
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=LICENSE
PKG_BUILD_DEPENDS:=luarocks/host
+PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
SECTION:=lang
CATEGORY:=Languages
TITLE:=ldbus Lua DBus bindings
+ URL:=https://github.com/daurnimator/ldbus
DEPENDS:=+dbus +lua
endef
for details.
endef
-TARGET_CFLAGS += \
- -I$(STAGING_DIR)/usr/include
-
-MAKE_FLAGS += \
- FPIC="$(FPIC)" \
- CFLAGS="$(TARGET_CFLAGS)" \
- LDFLAGS="$(TARGET_LDFLAGS)"
-
define Build/Compile
cd $(PKG_BUILD_DIR) && \
luarocks make --pack-binary-rock ldbus-scm-0.rockspec \
DBUS_INCDIR=$(STAGING_DIR)/usr/include/dbus-1.0/ \
DBUS_ARCH_INCDIR=$(STAGING_DIR)/usr/lib/dbus-1.0/include \
DBUS_LIBDIR=$(STAGING_DIR)/usr/lib \
- CC="$(TARGET_CC)" LD="$(TARGET_CC)"
+ CC="$(TARGET_CC)" LD="$(TARGET_CC)" \
+ CFLAGS="$(TARGET_CFLAGS) $(FPIC)" \
+ LDFLAGS="$(TARGET_LDFLAGS)"
endef
define Package/ldbus/install
--- /dev/null
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=lua-bit32
+PKG_VERSION:=5.3.0
+PKG_RELEASE:=1
+
+
+PKG_SRC_NAME:=lua-compat-5.2
+PKG_SRC_VERSION:=0.3
+PKG_SOURCE_URL=https://codeload.github.com/keplerproject/$(PKG_SRC_NAME)/tar.gz/v$(PKG_SRC_VERSION)?
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_HASH:=627e842c488c1afece4383da9f9a839a7ddbc2f7fedfc456f76e3a590d4ca67f
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_SRC_NAME)-$(PKG_SRC_VERSION)
+
+PKG_MAINTAINER:=Maxim Storchak <m.storchak@gmail.com>
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=LICENSE
+
+PKG_BUILD_DEPENDS:=luarocks/host
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/lua-bit32
+ SUBMENU:=Lua
+ SECTION:=lang
+ CATEGORY:=Languages
+ TITLE:=Lua 5.2 bit manipulation library
+ DEPENDS:=+lua
+endef
+
+define Package/lua-bit32/description
+ lua-bit32 is the native Lua 5.2 bit manipulation library,
+ backported to Lua 5.1
+endef
+
+TARGET_CFLAGS += \
+ -I$(STAGING_DIR)/usr/include
+
+define Build/Compile
+ cd $(PKG_BUILD_DIR) && \
+ luarocks make --pack-binary-rock bit32-scm-1.rockspec \
+ LUA_LIBDIR=$(STAGING_DIR)/usr/lib/lua \
+ LUA_PKGNAME=lua5.1 \
+ CFLAGS="$(TARGET_CFLAGS) $(FPIC)" \
+ LDFLAGS="$(TARGET_LDFLAGS)" \
+ CC="$(TARGET_CC)" LD="$(TARGET_CC)"
+endef
+
+define Package/$(PKG_NAME)/install
+ $(INSTALL_DIR) $(1)/usr/lib/lua
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/bit32.so $(1)/usr/lib/lua
+endef
+
+$(eval $(call BuildPackage,lua-bit32))
#
-# Copyright (C) 2011 OpenWrt.org
-#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=luaposix
-PKG_VERSION:=v33.2.1
-PKG_RELEASE:=6
-
-PKG_SOURCE:=release-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://github.com/luaposix/luaposix/archive/
-PKG_HASH:=4fb34dfea67f4cf3194cdecc6614c9aea67edc3c4093d34137669ea869c358e1
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-release-$(PKG_VERSION)
-PKG_REMOVE_FILES:=aclocal.m4
-PKG_FIXUP:=autoreconf
+PKG_VERSION:=34.1.1
+PKG_RELEASE:=1
+
+PKG_SOURCE_URL:=https://codeload.github.com/$(PKG_NAME)/$(PKG_NAME)/tar.gz/v$(PKG_VERSION)?
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_HASH:=7948f4ac8b953172e928753632e37ad97cc3014df74b524fe7839f71216a7e90
PKG_MAINTAINER:=Maxim Storchak <m.storchak@gmail.com>
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=COPYING
-PKG_BUILD_DEPENDS:=lua/host
+PKG_BUILD_DEPENDS:=luarocks/host
include $(INCLUDE_DIR)/package.mk
SUBMENU:=Lua
SECTION:=lang
CATEGORY:=Languages
- TITLE:=luaposix
- URL:=http://luaforge.net/projects/luaposix/
- DEPENDS:=+lua +librt
+ TITLE:=POSIX binding for LuaJIT, Lua 5.1, 5.2 and 5.3
+ URL:=https://github.com/luaposix/luaposix
+ DEPENDS:=+lua +lua-bit32
endef
define Package/luaposix/description
to various low level libc functions.
endef
-CONFIGURE_VARS += ac_cv_path_LDOC="true"
-
-TARGET_CFLAGS += -DLUA_USE_LINUX $(FPIC) -std=gnu99
-ifeq ($(CONFIG_USE_MUSL),y)
- TARGET_CFLAGS += -D_POSIX_PRIORITY_SCHEDULING
- # Musl doesn't do all of XOPEN_REALTIME, but it does for luaposix.
- # see https://github.com/luaposix/luaposix/issues/295
- TARGET_CFLAGS += -D_XOPEN_REALTIME=1
-endif
+TARGET_CFLAGS += \
+ -I$(STAGING_DIR)/usr/include
+
+define Build/Compile
+ cd $(PKG_BUILD_DIR) && \
+ LDFLAGS="$(TARGET_LDFLAGS) $(FPIC)" \
+ CFLAGS="$(TARGET_CFLAGS) $(FPIC)" \
+ CC="$(TARGET_CC)" LD="$(TARGET_CC)" \
+ LUA_PKGNAME=lua5.1 \
+ LUA_LIBDIR=$(STAGING_DIR)/usr/lib/lua \
+ luarocks make --force --deps-mode=none --pack-binary-rock luaposix-$(PKG_VERSION)-1.rockspec \
+ LUA_LIBDIR=$(STAGING_DIR)/usr/lib/lua \
+ LUA_PKGNAME=lua5.1 \
+ CC="$(TARGET_CC)" LD="$(TARGET_CC)" \
+ CFLAGS="$(TARGET_CFLAGS) $(FPIC)" \
+ LDFLAGS="$(TARGET_LDFLAGS)"
+endef
define Package/luaposix/install
- $(INSTALL_DIR) $(1)/usr/lib/lua/posix
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/ext/posix/.libs/posix.so $(1)/usr/lib/lua
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/lib/posix.lua $(1)/usr/lib/lua
+ $(INSTALL_DIR) $(1)/usr/lib/lua/posix/sys
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/linux/posix/*.so $(1)/usr/lib/lua/posix/
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/linux/posix/sys/*.so $(1)/usr/lib/lua/posix/sys/
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/lib/posix/*.lua $(1)/usr/lib/lua/posix/
+ rm -f $(1)/usr/lib/lua/posix/{deprecated,compat}.lua
endef
$(eval $(call BuildPackage,luaposix))
+++ /dev/null
-diff --git a/configure.ac b/configure.ac
-index dfd4199..19924d0 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -153,15 +153,6 @@ AC_CHECK_LIB([rt], [clock_gettime])
- AC_SUBST([LIBRT], [$LIBS])
- LIBS=$save_LIBS
-
--## Curses
--AX_WITH_CURSES
--AC_ARG_VAR(CURSES_LIB, [linker flags for curses library])
--
--save_LIBS=$LIBS
--LIBS="$CURSES_LIB $LIBS"
--AC_CHECK_FUNCS([resizeterm])
--LIBS=$save_LIBS
--
- ## Use system implementation, or bundled replacement?
- AC_CHECK_FUNCS([strlcpy])
-
-diff --git a/ext/posix/posix.c b/ext/posix/posix.c
-index 6019df0..2d75487 100644
---- a/ext/posix/posix.c
-+++ b/ext/posix/posix.c
-@@ -12,7 +12,6 @@
-
- #include "bit32.c"
- #include "ctype.c"
--#include "curses.c"
- #include "dirent.c"
- #include "errno.c"
- #include "fcntl.c"
-diff --git a/lib/posix.lua.in b/lib/posix.lua.in
-index 17ef39a..a248d9b 100644
---- a/lib/posix.lua.in
-+++ b/lib/posix.lua.in
-@@ -35,15 +35,6 @@ for _, sub in ipairs {
- end
- end
-
+diff --git i/lib/posix/init.lua w/lib/posix/init.lua
+index c17693a..d4db923 100644
+--- i/lib/posix/init.lua
++++ w/lib/posix/init.lua
+@@ -325,14 +325,6 @@ do
+ end
+ end
+ end
-
---- Inject deprecated APIs (overwriting submodules) for backwards compatibility.
--for k, v in pairs (require "posix.deprecated") do
-- M[k] = v
--end
--for k, v in pairs (require "posix.compat") do
-- M[k] = v
--end
--
- M.version = "posix for " .. _VERSION .. " / @PACKAGE_STRING@"
+- -- Inject deprecated APIs (overwriting submodules) for backwards compatibility.
+- for k, v in next, require 'posix.deprecated' do
+- M[k] = v
+- end
+- for k, v in next, require 'posix.compat' do
+- M[k] = v
+- end
+ end
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
-#
+#
include $(TOPDIR)/rules.mk
PKG_NAME:=luarocks
PKG_VERSION:=2.2.2
-PKG_RELEASE:=3
+PKG_RELEASE:=4
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_MIRROR_HASH:=e4cf874c9bce34a5accd41daaf51a3213763b8b6f7f658ca4d13a70a7ddb1c0c
PKG_SOURCE_PROTO:=git
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_URL:=https://github.com/keplerproject/luarocks.git
+PKG_SOURCE_URL:=https://github.com/keplerproject/luarocks
PKG_SOURCE_VERSION:=v$(PKG_VERSION)
+PKG_MIRROR_HASH:=e4cf874c9bce34a5accd41daaf51a3213763b8b6f7f658ca4d13a70a7ddb1c0c
PKG_MAINTAINER:=Amr Hassan <amr.hassan@gmail.com>
-PKG_INSTALL=1
-PKG_BUILD_DEPENDS:=lua/host
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=COPYING
+
+PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
+PKG_BUILD_DEPENDS:=lua/host zip/host
HOST_BUILD_DEPENDS:=$(PKG_BUILD_DEPENDS)
-PKG_LICENSE=GPL
-HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/$(PKG_NAME)-$(PKG_VERSION)
+HOST_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/host-build.mk
include $(INCLUDE_DIR)/package.mk
include $(TOPDIR)/rules.mk
PKG_NAME:=node
-PKG_VERSION:=v8.16.0
-PKG_RELEASE:=3
+PKG_VERSION:=v8.16.1
+PKG_RELEASE:=1
PKG_SOURCE:=node-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://nodejs.org/dist/${PKG_VERSION}
-PKG_HASH:=3515e8e01568a5dc4dff3d91a76ebc6724f5fa2fbb58b4b0c5da7b178a2f7340
+PKG_HASH:=d8c190acdf2d967faf49c22df883d31a8d4e249d67852dae3c2d8a0f756b0512
HOST_BUILD_DEPENDS:=python/host
PKG_BUILD_DEPENDS:=python/host
include $(TOPDIR)/rules.mk
PKG_NAME:=django-simple-captcha
-PKG_VERSION:=0.5.11
-PKG_RELEASE:=4
+PKG_VERSION:=0.5.12
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/mbi/django-simple-captcha/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=7ca26a4f48e14e5f8be022c0dc099ef98980f3fc99f403ca565ab1f3addaee5b
+PKG_HASH:=89db73a3883573ad5e22c511948a5500491f9848363174d835a2364750c81a77
PKG_MAINTAINER:=Eneas U de Queiroz <cotequeiroz@gmail.com>
PKG_LICENSE:=MIT
include $(TOPDIR)/rules.mk
PKG_NAME:=python-oauthlib
-PKG_VERSION:=3.0.2
+PKG_VERSION:=3.1.0
PKG_RELEASE:=1
PKG_MAINTAINER:=Eneas U de Queiroz <cotequeiroz@gmail.com>
PKG_SOURCE:=oauthlib-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://files.pythonhosted.org/packages/source/o/oauthlib
-PKG_HASH:=b4d99ae8ccfb7d33ba9591b59355c64eef5241534aa3da2e4c0435346b84bc8e
+PKG_HASH:=bee41cc35fcca6e988463cacc3bcb8a96224f470ca547e697b604cc697b2f889
PKG_BUILD_DIR:=$(BUILD_DIR)/$(BUILD_VARIANT)-oauthlib-$(PKG_VERSION)
include $(INCLUDE_DIR)/package.mk
include $(TOPDIR)/rules.mk
PKG_NAME:=python-sentry-sdk
-PKG_VERSION:=0.10.1
+PKG_VERSION:=0.11.1
PKG_RELEASE:=1
PKG_SOURCE:=sentry-sdk-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://files.pythonhosted.org/packages/source/s/sentry-sdk/
-PKG_HASH:=7e24f3ec1f4c909306d1b97373fe5caa942f54009acdcfa4d1ee6671f626bbe9
+PKG_HASH:=79e8352b5097aa06014871c6daad0933f59d1fcccc586339464ea86e4877b2ab
PKG_BUILD_DIR:=$(BUILD_DIR)/sentry-sdk-$(PKG_VERSION)
PKG_MAINTAINER:=Josef Schlehofer <josef.schlehofer@nic.cz>
include $(TOPDIR)/rules.mk
PKG_NAME:=python-twisted
-PKG_VERSION:=19.2.1
+PKG_VERSION:=19.7.0
PKG_RELEASE:=1
PKG_SOURCE:=Twisted-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://files.pythonhosted.org/packages/source/T/Twisted
-PKG_HASH:=fa2c04c2d68a9be7fc3975ba4947f653a57a656776f24be58ff0fe4b9aaf3e52
+PKG_HASH:=d5db93026568f60cacdc0615fcd21d46f694a6bfad0ef3ff53cde2b4bb85a39d
PKG_BUILD_DIR:=$(BUILD_DIR)/$(BUILD_VARIANT)-twisted-$(PKG_VERSION)
PKG_BUILD_DEPENDS:=libtirpc
--- a/src/twisted/python/_setup.py
+++ b/src/twisted/python/_setup.py
-@@ -147,7 +147,6 @@ _CONSOLE_SCRIPTS = [
+@@ -149,7 +149,6 @@ _CONSOLE_SCRIPTS = [
"conch = twisted.conch.scripts.conch:run",
"mailmail = twisted.mail.scripts.mailmail:run",
"pyhtmlizer = twisted.scripts.htmlizer:run",
--- a/src/twisted/python/_setup.py
+++ b/src/twisted/python/_setup.py
-@@ -173,11 +173,6 @@ class ConditionalExtension(Extension, ob
+@@ -175,11 +175,6 @@ class ConditionalExtension(Extension, ob
# The C extensions used for Twisted.
_EXTENSIONS = [
ConditionalExtension(
"twisted.internet.iocpreactor.iocpsupport",
sources=[
"src/twisted/internet/iocpreactor/iocpsupport/iocpsupport.c",
-@@ -241,12 +236,11 @@ def getSetupArgs(extensions=_EXTENSIONS)
+@@ -284,12 +279,11 @@ def getSetupArgs(extensions=_EXTENSIONS,
"incremental >= 16.10.1",
"Automat >= 0.3.0",
"hyperlink >= 17.1.1",
use_incremental=True,
setup_requires=["incremental >= 16.10.1"],
install_requires=requirements,
-@@ -256,7 +250,7 @@ def getSetupArgs(extensions=_EXTENSIONS)
+@@ -299,7 +293,7 @@ def getSetupArgs(extensions=_EXTENSIONS,
cmdclass=command_classes,
include_package_data=True,
exclude_package_data={
endef
HOST_LDFLAGS += \
- $$$$(pkg-config --static --libs libcrypto libssl) -Wl$(comma)-rpath=$(STAGING_DIR_HOSTPKG)/lib
+ -Wl$(comma)-rpath$(comma)$(STAGING_DIR_HOSTPKG)/lib
ifeq ($(HOST_OS),Linux)
HOST_LDFLAGS += \
-Wl,--no-as-needed -lrt
endif
+ifeq ($(HOST_OS),Darwin)
+HOST_CONFIGURE_VARS += \
+ ac_cv_header_libintl_h=no
+endif
+
HOST_CONFIGURE_ARGS+= \
--without-cxx-main \
--without-pymalloc \
endef
HOST_LDFLAGS += \
- $$$$(pkg-config --static --libs libcrypto libssl) -Wl$(comma)-rpath=$(STAGING_DIR_HOSTPKG)/lib
+ -Wl$(comma)-rpath$(comma)$(STAGING_DIR_HOSTPKG)/lib
ifeq ($(HOST_OS),Linux)
HOST_LDFLAGS += \
-Wl,--no-as-needed -lrt
endif
+ifeq ($(HOST_OS),Darwin)
+HOST_CONFIGURE_VARS += \
+ ac_cv_header_libintl_h=no
+endif
+
HOST_CONFIGURE_ARGS+= \
--without-cxx-main \
--without-pymalloc \
include $(TOPDIR)/rules.mk
PKG_NAME:=ruamel-yaml
-PKG_VERSION:=0.15.97
+PKG_VERSION:=0.15.100
PKG_RELEASE:=1
PKG_SOURCE:=ruamel.yaml-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://files.pythonhosted.org/packages/source/r/ruamel.yaml/
-PKG_HASH:=17dbf6b7362e7aee8494f7a0f5cffd44902a6331fe89ef0853b855a7930ab845
+PKG_HASH:=8e42f3067a59e819935a2926e247170ed93c8f0b2ab64526f888e026854db2e4
PKG_BUILD_DIR:=$(BUILD_DIR)/$(BUILD_VARIANT)-ruamel.yaml-$(PKG_VERSION)
PKG_NAME:=dtc
PKG_VERSION:=1.5.0
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_HASH:=c672e443c9f7e39f5a7c8e602da6777f9ad55ad70de87de300a43828c8050172
PKG_SOURCE_URL:=@KERNEL/software/utils/dtc
--- /dev/null
+From eac2ad495b29f15d78daa2a7226653f36515cd7a Mon Sep 17 00:00:00 2001
+From: David Gibson <david@gibson.dropbear.id.au>
+Date: Mon, 25 Mar 2019 14:52:47 +1100
+Subject: [PATCH] Update version.lds again
+
+Yet again, we've added several functions to libfdt that were supposed
+to be exported, but forgotten to add them to the versio.lds script.
+This adds them.
+
+Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
+---
+ libfdt/version.lds | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/libfdt/version.lds b/libfdt/version.lds
+index 9f5d708..a5fe62d 100644
+--- a/libfdt/version.lds
++++ b/libfdt/version.lds
+@@ -66,6 +66,10 @@ LIBFDT_1.2 {
+ fdt_resize;
+ fdt_overlay_apply;
+ fdt_get_string;
++ fdt_get_max_phandle;
++ fdt_check_full;
++ fdt_setprop_placeholder;
++ fdt_property_placeholder;
+ local:
+ *;
+ };
include $(TOPDIR)/rules.mk
PKG_NAME:=flac
-PKG_VERSION:=1.3.2
-PKG_RELEASE:=2
+PKG_VERSION:=1.3.3
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://downloads.xiph.org/releases/flac/
-PKG_HASH:=91cfc3ed61dc40f47f050a109b08610667d73477af6ef36dcad31c31a4a8d53f
-PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
-
-PKG_INSTALL:=1
+PKG_HASH:=213e82bd716c9de6db2f98bcadbc4c24c7e2efe8c75939a1a84e28539c4e1748
+PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
PKG_LICENSE:=GFDL-1.2 GPL-2 LGPL-2.1 BSD-3-Clause
PKG_LICENSE_FILES:=README COPYING.FDL COPYING.GPL COPYING.LGPL COPYING.Xiph
PKG_CPE_ID:=cpe:/a:flac_project:flac
PKG_FIXUP:=autoreconf
+PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
PKG_REMOVE_FILES:=autogen.sh aclocal.m4
include $(INCLUDE_DIR)/package.mk
CONFIGURE_ARGS += \
--disable-cpplibs \
--disable-sse \
- --disable-3dnow \
--disable-altivec \
--disable-doxgen-docs \
--disable-local-xmms-plugin \
--disable-xmms-plugin \
--disable-ogg \
--disable-oggtest \
+ --disable-thorough-tests \
+ --disable-examples \
+ --disable-rpath \
$(if $(CONFIG_DEBUG),--enable-debug) \
- --enable-static
+ --enable-static \
+ --without-pic
TARGET_CFLAGS += $(FPIC)
ACLOCAL_AMFLAGS = -I m4
--SUBDIRS = doc include m4 man src examples test build objs microbench
+-SUBDIRS = doc include m4 man src test build objs microbench
+SUBDIRS = include m4 src build objs
- EXTRA_DIST = \
- COPYING.FDL \
+ if EXAMPLES
+ SUBDIRS += examples
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -30,11 +30,6 @@ SUBDIRS = \
+++ /dev/null
---- a/configure.ac
-+++ b/configure.ac
-@@ -386,10 +386,11 @@ fi
-
- if test "x$debug" = xtrue; then
- CPPFLAGS="-DDEBUG $CPPFLAGS"
-- CFLAGS="-g $CFLAGS"
-+ CFLAGS=$(echo "$CFLAGS" | sed 's/-g[0-9]*//')
-+ CFLAGS="-g3 $CFLAGS"
- else
- CPPFLAGS="-DNDEBUG $CPPFLAGS"
-- CFLAGS=$(echo "$CFLAGS" | sed 's/-O2//')
-+ CFLAGS=$(echo "$CFLAGS" | sed 's/-O2//;s/-g[0-9]*//')
- CFLAGS="-O3 -funroll-loops $CFLAGS"
- fi
-
+++ /dev/null
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -33,6 +33,8 @@ ACLOCAL_AMFLAGS = -I m4
-
- SUBDIRS = include m4 src build objs
-
-+ACLOCAL_AMFLAGS = -I m4
-+
- EXTRA_DIST = \
- COPYING.FDL \
- COPYING.GPL \
--- /dev/null
+Return-Path: <rosenp@gmail.com>
+Received: from localhost.localdomain (76-14-106-55.rk.wavecable.com. [76.14.106.55])
+ by smtp.gmail.com with ESMTPSA id f19sm148509170pfk.180.2019.08.09.13.01.06
+ for <flac-dev@xiph.org>
+ (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256);
+ Fri, 09 Aug 2019 13:01:06 -0700 (PDT)
+From: Rosen Penev <rosenp@gmail.com>
+To: flac-dev@xiph.org
+Subject: [PATCH] Switch to utimensat for newer POSIX versions
+Date: Fri, 9 Aug 2019 13:01:05 -0700
+Message-Id: <20190809200105.1443-1-rosenp@gmail.com>
+X-Mailer: git-send-email 2.17.1
+
+Some libcs like uClibc-ng can optionally disable deprecated functions.
+utime is one of them. When done so, both the header and the function go
+missing.
+
+This fixes flac_utime to work in such a situation.
+---
+ include/share/compat.h | 10 +++++++++-
+ src/libFLAC/metadata_iterators.c | 9 +++++++--
+ src/share/grabbag/file.c | 9 +++++++--
+ 3 files changed, 23 insertions(+), 5 deletions(-)
+
+diff --git a/include/share/compat.h b/include/share/compat.h
+index f3041655..a063c083 100644
+--- a/include/share/compat.h
++++ b/include/share/compat.h
+@@ -112,9 +112,13 @@
+ #include <sys/utime.h> /* for utime() */
+ #endif
+ #else
++#if _POSIX_C_SOURCE >= 200809L
++#include <fcntl.h>
++#else
+ #include <sys/types.h> /* some flavors of BSD (like OS X) require this to get time_t */
+ #include <utime.h> /* for utime() */
+ #endif
++#endif
+
+ #if defined _MSC_VER
+ # if _MSC_VER >= 1800
+@@ -160,11 +164,15 @@
+
+ #define flac_fopen fopen
+ #define flac_chmod chmod
+-#define flac_utime utime
+ #define flac_unlink unlink
+ #define flac_rename rename
+ #define flac_stat stat
+
++#if _POSIX_C_SOURCE >= 200809L
++#define flac_utime(a, b) utimensat (AT_FDCWD, a, *b, 0)
++#else
++#define flac_utime utime
++#endif
+ #endif
+
+ #ifdef _WIN32
+diff --git a/src/libFLAC/metadata_iterators.c b/src/libFLAC/metadata_iterators.c
+index 352a6c7a..d5255eb9 100644
+--- a/src/libFLAC/metadata_iterators.c
++++ b/src/libFLAC/metadata_iterators.c
+@@ -3422,13 +3422,18 @@ FLAC__bool get_file_stats_(const char *filename, struct flac_stat_s *stats)
+
+ void set_file_stats_(const char *filename, struct flac_stat_s *stats)
+ {
+- struct utimbuf srctime;
+-
+ FLAC__ASSERT(0 != filename);
+ FLAC__ASSERT(0 != stats);
+
++#if _POSIX_C_SOURCE >= 200809L
++ struct timespec srctime[2] = {};
++ srctime[0].tv_sec = stats->st_atime;
++ srctime[1].tv_sec = stats->st_mtime;
++#else
++ struct utimbuf srctime;
+ srctime.actime = stats->st_atime;
+ srctime.modtime = stats->st_mtime;
++#endif
+ (void)flac_chmod(filename, stats->st_mode);
+ (void)flac_utime(filename, &srctime);
+ #if !defined _MSC_VER && !defined __BORLANDC__ && !defined __MINGW32__
+diff --git a/src/share/grabbag/file.c b/src/share/grabbag/file.c
+index 2c67bebf..edd835a6 100644
+--- a/src/share/grabbag/file.c
++++ b/src/share/grabbag/file.c
+@@ -27,7 +27,6 @@
+ #include <fcntl.h> /* for _O_BINARY */
+ #else
+ #include <sys/types.h> /* some flavors of BSD (like OS X) require this to get time_t */
+-#include <utime.h> /* for utime() */
+ #endif
+ #if defined __EMX__
+ #include <io.h> /* for setmode(), O_BINARY */
+@@ -53,11 +52,17 @@
+ void grabbag__file_copy_metadata(const char *srcpath, const char *destpath)
+ {
+ struct flac_stat_s srcstat;
+- struct utimbuf srctime;
+
+ if(0 == flac_stat(srcpath, &srcstat)) {
++#if _POSIX_C_SOURCE >= 200809L
++ struct timespec srctime[2] = {};
++ srctime[0].tv_sec = srcstat.st_atime;
++ srctime[1].tv_sec = srcstat.st_mtime;
++#else
++ struct utimbuf srctime;
+ srctime.actime = srcstat.st_atime;
+ srctime.modtime = srcstat.st_mtime;
++#endif
+ (void)flac_chmod(destpath, srcstat.st_mode);
+ (void)flac_utime(destpath, &srctime);
+ }
+--
+2.17.1
+
+++ /dev/null
-From 4f47b63e9c971e6391590caf00a0f2a5ed612e67 Mon Sep 17 00:00:00 2001
-From: Erik de Castro Lopo <erikd@mega-nerd.com>
-Date: Sat, 8 Apr 2017 18:34:49 +1000
-Subject: [PATCH] stream_decoder.c: Fix a memory leak
-
-Leak reported by Secunia Research.
----
- src/libFLAC/stream_decoder.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/src/libFLAC/stream_decoder.c b/src/libFLAC/stream_decoder.c
-index 14d5fe7f..a5527511 100644
---- a/src/libFLAC/stream_decoder.c
-+++ b/src/libFLAC/stream_decoder.c
-@@ -1759,6 +1759,9 @@ FLAC__bool read_metadata_vorbiscomment_(FLAC__StreamDecoder *decoder, FLAC__Stre
- }
- memset (obj->comments[i].entry, 0, obj->comments[i].length) ;
- if (!FLAC__bitreader_read_byte_block_aligned_no_crc(decoder->private_->input, obj->comments[i].entry, obj->comments[i].length)) {
-+ /* Current i-th entry is bad, so we delete it. */
-+ free (obj->comments[i].entry) ;
-+ obj->comments[i].entry = NULL ;
- obj->num_comments = i;
- goto skip;
- }
---
-2.17.0
-
include $(TOPDIR)/rules.mk
PKG_NAME:=giflib
-PKG_VERSION:=5.1.4
+PKG_VERSION:=5.2.1
PKG_RELEASE:=1
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@SF/giflib
-PKG_HASH:=df27ec3ff24671f80b29e6ab1c4971059c14ac3db95406884fc26574631ba8d5
+PKG_HASH:=31da5562f44c5f15d63340a09a4fd62b48c45620cd302f77a6d9acf0077879bd
PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
-
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=COPYING
PKG_CPE_ID:=cpe:/a:giflib_project:giflib
-PKG_FIXUP:=autoreconf
-PKG_REMOVE_FILES:=autogen.sh aclocal.m4
+PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/host-build.mk
include $(INCLUDE_DIR)/package.mk
SECTION:=libs
CATEGORY:=Libraries
TITLE:=GIF libraries
- URL:=http://sourceforge.net/projects/giflib
+ URL:=https://sourceforge.net/projects/giflib
endef
define Package/giflib/description
the LZW compression algorithm was patented.
endef
-TARGET_CFLAGS += $(FPIC)
+define Package/giflib-utils
+ SECTION:=utils
+ CATEGORY:=Utilities
+ TITLE:=GIF utilities
+ URL:=https://sourceforge.net/projects/giflib
+endef
-define Build/Compile
- $(MAKE) -C $(PKG_BUILD_DIR)
+define Package/giflib-utils/description
+ These are the utilities that come with giflib.
endef
+TARGET_CFLAGS += -ffunction-sections -fdata-sections $(FPIC)
+TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed
+
+MAKE_FLAGS += \
+ CFLAGS="$(TARGET_CFLAGS)" \
+ LDFLAGS="$(TARGET_LDFLAGS)" \
+ PREFIX=$(CONFIGURE_PREFIX)
+
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/{lib,include}
- $(CP) $(PKG_BUILD_DIR)/lib/.libs/lib*so* $(1)/usr/lib
- $(CP) $(PKG_BUILD_DIR)/lib/.libs/libgif.a $(1)/usr/lib
- $(CP) $(PKG_BUILD_DIR)/lib/libgif.la $(1)/usr/lib
- $(CP) $(PKG_BUILD_DIR)/lib/*.h $(1)/usr/include/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libgif.so* $(1)/usr/lib
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libgif.a $(1)/usr/lib
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/include/*.h $(1)/usr/include
endef
define Package/giflib/install
$(INSTALL_DIR) $(1)/usr/lib
- $(CP) $(PKG_BUILD_DIR)/lib/.libs/lib*so* $(1)/usr/lib/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libgif.so* $(1)/usr/lib
+endef
+
+define Package/giflib-utils/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/* $(1)/usr/bin
endef
$(eval $(call HostBuild))
$(eval $(call BuildPackage,giflib))
+$(eval $(call BuildPackage,giflib-utils))
+++ /dev/null
---- a/configure.ac
-+++ b/configure.ac
-@@ -21,7 +21,6 @@ AC_PROG_MAKE_SET
- AM_PROG_CC_C_O
-
- dnl Allow partial building on systems without xmlto
--AC_CHECK_PROG([have_xmlto], [xmlto], ["yes"],["no"])
- AM_CONDITIONAL([BUILD_DOC], [test "x${have_xmlto}" = "xyes"])
-
- dnl Shared-library version
PKG_BUILD_PARALLEL:=1
HOST_BUILD_PARALLEL:=1
-PKG_BUILD_DEPENDS:=glib2/host gettext
+PKG_BUILD_DEPENDS:=gettext
HOST_BUILD_DEPENDS:=gettext-full/host libiconv/host libffi/host
PKG_INSTALL:=1
PKG_USE_MIPS16:=0
$(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
$(INSTALL_DIR) $(1)/usr/lib/
$(CP) $(PKG_INSTALL_DIR)/lib/* $(1)/usr/lib/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/* $(1)/usr/lib/
endef
define Package/libcap/install
include $(TOPDIR)/rules.mk
PKG_NAME:=cups
-PKG_VERSION:=2.2.11
+PKG_VERSION:=2.2.12
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-source.tar.gz
PKG_SOURCE_URL:=https://github.com/apple/cups/releases/download/v$(PKG_VERSION)/
-PKG_HASH:=f58010813fd6903f690cdb0c0b91e4d1bc9e5b9570c28734229ba3ed2908b76c
+PKG_HASH:=0f61ab449e4748a24c6ab355b481ff7691247a140d327b2b7526fce34b7f9aa8
PKG_MAINTAINER:=Luiz Angelo Daros de Luca <luizluca@gmail.com>
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=LICENSE.txt
--- /dev/null
+#
+# Copyright (C) 2016 Bruno Randolf (br1@einfach.org)
+# 2019 Nick Hainke (vincent@systemli.org)
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=libradiotap
+PKG_VERSION:=2019-04-15
+PKG_RELEASE:=1
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://github.com/radiotap/radiotap-library.git
+PKG_SOURCE_VERSION:=1ca6b4f0d7225971ebcadf575c8f9e00ee55e840
+PKG_MIRROR_HASH:=59d2350d569c4027ca1b23ebbe3519852e194184c1aaa04308712235f387e422
+
+PKG_MAINTAINER:=Nick Hainke <vincent@systemli.org>
+PKG_LICENSE:=ISC
+PKG_LICENSE_FILES:=COPYING
+
+PKG_BUILD_PARALLEL:=1
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
+
+define Package/libradiotap
+ SECTION:=libs
+ CATEGORY:=Libraries
+ TITLE:=Radiotap Parser Library
+ URL:=https://www.radiotap.org/
+endef
+
+define Package/libradiotap/description
+ Library that supplies additional information about frames from the driver to userspace applications.
+endef
+
+define Build/InstallDev
+ $(INSTALL_DIR) $(1)/usr/include
+ $(CP) $(PKG_INSTALL_DIR)/usr/include/radiotap* $(1)/usr/include/
+
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libradiotap.so* $(1)/usr/lib/
+endef
+
+define Package/libradiotap/install
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libradiotap.so* $(1)/usr/lib/
+endef
+
+$(eval $(call BuildPackage,libradiotap))
PKG_MAINTAINER:=Matthias Schiffer <mschiffer@universe-factory.net>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=https://projects.universe-factory.net/attachments/download/85
+PKG_SOURCE_URL:=https://github.com/NeoRaider/libuecc/releases/download/v$(PKG_VERSION)
PKG_HASH:=b94aef08eab5359d0facaa7ead2ce81b193eef0c61379d9835213ebc0a46257a
PKG_LICENSE:=BSD-2-Clause
SECTION:=libs
CATEGORY:=Libraries
TITLE:=Very small Elliptic Curve Cryptography library
- URL:=http://git.universe-factory.net/libuecc/
+ URL:=https://github.com/NeoRaider/libuecc/
endef
TARGET_CFLAGS += -ffunction-sections -fdata-sections
include $(TOPDIR)/rules.mk
PKG_NAME:=libupnpp
-PKG_VERSION:=0.17.0
+PKG_VERSION:=0.17.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.lesbonscomptes.com/upmpdcli/downloads
-PKG_HASH:=7035dda48207c254cbd8cd64e4e679a9e5f085a35d28c19bc2ddeba0deaff58b
+PKG_HASH:=90403b55583e932a9a04905a01bf452016a56aecbeade5c9e1454a5fbb6f01b0
+
PKG_MAINTAINER:=Petko Bordjukov <bordjukov@gmail.com>
-PKG_LICENSE:=GPL-2.0
+PKG_LICENSE:=LGPL-2.1-or-later
PKG_LICENSE_FILES:=COPYING
-PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
--- /dev/null
+#
+# Copyright (C) 2016 Bruno Randolf (br1@einfach.org)
+# 2019 Nick Hainke (vincent@systemli.org)
+#
+#
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=libuwifi
+PKG_VERSION:=2019-05-27
+PKG_RELEASE:=1
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://github.com/br101/libuwifi.git
+PKG_SOURCE_VERSION:=bb92bc9b041a077488f2fa5a1716902c7bb23e5b
+PKG_MIRROR_HASH:=c6dc795ef6c2cc87d411d3f907974f634a132c3e732db2597f96ff25a05faa05
+
+PKG_MAINTAINER:=Bruno Randolf <br1@einfach.org>, Nick Hainke <vincent@systemli.org>
+PKG_LICENSE:=LGPL-3.0-only
+PKG_LICENSE_FILES:=COPYING
+
+PKG_BUILD_PARALLEL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/libuwifi
+ SECTION:=libs
+ CATEGORY:=Libraries
+ DEPENDS:=+libradiotap +libnl-tiny
+ TITLE:=Userspace Wifi Library
+endef
+
+define Package/libuwifi/description
+ Library for parsing, generating and analyzing Wifi (WLAN 802.11) frames in userspace and related functions.
+endef
+
+MAKE_FLAGS += DEBUG=0 LIBNL=tiny BUILD_RADIOTAP=0
+
+define Build/InstallDev
+ $(INSTALL_DIR) $(1)/usr/include/uwifi
+ $(CP) $(PKG_BUILD_DIR)/include/uwifi/*.h $(1)/usr/include/uwifi
+ $(CP) $(PKG_BUILD_DIR)/ccan $(1)/usr/include/
+
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_BUILD_DIR)/build/libuwifi.{a,so*} $(1)/usr/lib/
+endef
+
+define Package/libuwifi/install
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_BUILD_DIR)/build/libuwifi.so* $(1)/usr/lib/
+endef
+
+$(eval $(call BuildPackage,libuwifi))
include $(TOPDIR)/rules.mk
PKG_NAME:=v4l-utils
-PKG_VERSION:=1.16.5
+PKG_VERSION:=1.16.6
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://www.linuxtv.org/downloads/v4l-utils
-PKG_HASH:=ed80242510385017a1dc566e17a285a77222bb301f5bc19386badfcc2c19df1b
+PKG_HASH:=f9dac1878e3d5636eab7f56bb209fdfc66b94ee8a2aae54dcb4282fe63a678ae
PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
PKG_LICENSE:=GPL-2.0 LGPL-2.1
#include <linux/cec-funcs.h>
--- a/utils/common/media-info.cpp
+++ b/utils/common/media-info.cpp
-@@ -20,7 +20,7 @@
-
+@@ -21,6 +21,7 @@
#include <linux/media.h>
--#include <fstream>
+ #include <fstream>
+#include <iostream>
#include <media-info.h>
#include <map>
--- a/utils/v4l2-compliance/media-info.cpp
+++ b/utils/v4l2-compliance/media-info.cpp
-@@ -20,7 +20,7 @@
-
+@@ -21,6 +21,7 @@
#include <linux/media.h>
--#include <fstream>
+ #include <fstream>
+#include <iostream>
#include <media-info.h>
static std::string num2s(unsigned num, bool is_hex = true)
--- a/utils/v4l2-ctl/media-info.cpp
+++ b/utils/v4l2-ctl/media-info.cpp
-@@ -20,7 +20,7 @@
-
+@@ -21,6 +21,7 @@
#include <linux/media.h>
--#include <fstream>
+ #include <fstream>
+#include <iostream>
#include <media-info.h>
Simply avoid getsubopt, since we cannot rely on it.
-diff --git a/utils/v4l2-ctl/v4l2-ctl-common.cpp b/utils/v4l2-ctl/v4l2-ctl-common.cpp
-index 3ea6cd3..291fb3e 100644
--- a/utils/v4l2-ctl/v4l2-ctl-common.cpp
+++ b/utils/v4l2-ctl/v4l2-ctl-common.cpp
-@@ -692,16 +692,17 @@ static bool parse_subset(char *optarg)
+@@ -679,16 +679,17 @@ static bool parse_subset(char *optarg)
static bool parse_next_subopt(char **subs, char **value)
{
include $(TOPDIR)/rules.mk
PKG_NAME:=libvpx
-PKG_VERSION:=1.8.0
+PKG_VERSION:=1.8.1
PKG_RELEASE:=1
PKG_REV:=v$(PKG_VERSION)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_REV).tar.gz
-PKG_MIRROR_HASH:=caf53ffff549fefb14d8d054db014c6394e1955d199b80dc985ef6098bd4213d
+PKG_MIRROR_HASH:=6703842a870727b621a82efe5b2ff6f5553d41f7b0905dd4fde1f8bdf062d6ea
PKG_SOURCE_URL:=https://chromium.googlesource.com/webm/libvpx
PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=$(PKG_REV)
configuration. It is modeled after the Java log4j API.
endef
+CMAKE_HOST_OPTIONS += \
+ -DCMAKE_INSTALL_LIBDIR:PATH=lib
+
CMAKE_OPTIONS += \
-DLOG4CPLUS_BUILD_LOGGINGSERVER:BOOL=OFF \
-DLOG4CPLUS_BUILD_TESTING:BOOL=OFF \
include $(TOPDIR)/rules.mk
PKG_NAME:=measurement-kit
-PKG_VERSION:=0.10.4
+PKG_VERSION:=0.10.5
PKG_RELEASE=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/measurement-kit/measurement-kit/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=6ca0d9e7a9c1ff0ea8713bf59fde9f87365acdc4b784a5a4bb3f35a77bc4b775
+PKG_HASH:=8b83f04f4d3c653f93bcee5a6cc5e32e6595a3feb99526017d78099fd90d4a75
PKG_INSTALL:=1
PKG_FIXUP:=autoreconf
include $(TOPDIR)/rules.mk
PKG_NAME:=oniguruma
-PKG_VERSION:=6.9.2
-PKG_RELEASE:=2
+PKG_VERSION:=6.9.3
+PKG_RELEASE:=1
PKG_SOURCE:=onig-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/kkos/oniguruma/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=3b568a9050839e7828b2f2d5bc9cd3650979b6b54a080f54c515320dddda06b0
+PKG_HASH:=dc6dec742941e24b761cea1b9a2f12e750879107ae69fd80ae1046459d4fb1db
PKG_MAINTAINER:=Eneas U de Queiroz <cotequeiroz@gmail.com>
PKG_LICENSE:=BSD-2-Clause
+++ /dev/null
-From c509265c5f6ae7264f7b8a8aae1cfa5fc59d108c Mon Sep 17 00:00:00 2001
-From: "K.Kosako" <kosako@sofnec.co.jp>
-Date: Thu, 27 Jun 2019 14:11:55 +0900
-Subject: [PATCH] Fix CVE-2019-13225: problem in converting if-then-else
- pattern to bytecode.
-
-
-diff --git a/src/regcomp.c b/src/regcomp.c
-index c2c04a4..ff3431f 100644
---- a/src/regcomp.c
-+++ b/src/regcomp.c
-@@ -1307,8 +1307,9 @@ compile_length_bag_node(BagNode* node, regex_t* reg)
- len += tlen;
- }
-
-+ len += SIZE_OP_JUMP + SIZE_OP_ATOMIC_END;
-+
- if (IS_NOT_NULL(Else)) {
-- len += SIZE_OP_JUMP;
- tlen = compile_length_tree(Else, reg);
- if (tlen < 0) return tlen;
- len += tlen;
-@@ -1455,7 +1456,7 @@ compile_bag_node(BagNode* node, regex_t* reg, ScanEnv* env)
-
- case BAG_IF_ELSE:
- {
-- int cond_len, then_len, jump_len;
-+ int cond_len, then_len, else_len, jump_len;
- Node* cond = NODE_BAG_BODY(node);
- Node* Then = node->te.Then;
- Node* Else = node->te.Else;
-@@ -1472,8 +1473,7 @@ compile_bag_node(BagNode* node, regex_t* reg, ScanEnv* env)
- else
- then_len = 0;
-
-- jump_len = cond_len + then_len + SIZE_OP_ATOMIC_END;
-- if (IS_NOT_NULL(Else)) jump_len += SIZE_OP_JUMP;
-+ jump_len = cond_len + then_len + SIZE_OP_ATOMIC_END + SIZE_OP_JUMP;
-
- r = add_op(reg, OP_PUSH);
- if (r != 0) return r;
-@@ -1490,11 +1490,20 @@ compile_bag_node(BagNode* node, regex_t* reg, ScanEnv* env)
- }
-
- if (IS_NOT_NULL(Else)) {
-- int else_len = compile_length_tree(Else, reg);
-- r = add_op(reg, OP_JUMP);
-- if (r != 0) return r;
-- COP(reg)->jump.addr = else_len + SIZE_INC_OP;
-+ else_len = compile_length_tree(Else, reg);
-+ if (else_len < 0) return else_len;
-+ }
-+ else
-+ else_len = 0;
-
-+ r = add_op(reg, OP_JUMP);
-+ if (r != 0) return r;
-+ COP(reg)->jump.addr = SIZE_OP_ATOMIC_END + else_len + SIZE_INC_OP;
-+
-+ r = add_op(reg, OP_ATOMIC_END);
-+ if (r != 0) return r;
-+
-+ if (IS_NOT_NULL(Else)) {
- r = compile_tree(Else, reg, env);
- }
- }
+++ /dev/null
-From 0f7f61ed1b7b697e283e37bd2d731d0bd57adb55 Mon Sep 17 00:00:00 2001
-From: "K.Kosako" <kosako@sofnec.co.jp>
-Date: Thu, 27 Jun 2019 17:25:26 +0900
-Subject: [PATCH] Fix CVE-2019-13224: don't allow different encodings for
- onig_new_deluxe()
-
-
-diff --git a/src/regext.c b/src/regext.c
-index fa4b360..965c793 100644
---- a/src/regext.c
-+++ b/src/regext.c
-@@ -29,6 +29,7 @@
-
- #include "regint.h"
-
-+#if 0
- static void
- conv_ext0be32(const UChar* s, const UChar* end, UChar* conv)
- {
-@@ -158,6 +159,7 @@ conv_encoding(OnigEncoding from, OnigEncoding to, const UChar* s, const UChar* e
-
- return ONIGERR_NOT_SUPPORTED_ENCODING_COMBINATION;
- }
-+#endif
-
- extern int
- onig_new_deluxe(regex_t** reg, const UChar* pattern, const UChar* pattern_end,
-@@ -169,9 +171,7 @@ onig_new_deluxe(regex_t** reg, const UChar* pattern, const UChar* pattern_end,
- if (IS_NOT_NULL(einfo)) einfo->par = (UChar* )NULL;
-
- if (ci->pattern_enc != ci->target_enc) {
-- r = conv_encoding(ci->pattern_enc, ci->target_enc, pattern, pattern_end,
-- &cpat, &cpat_end);
-- if (r != 0) return r;
-+ return ONIGERR_NOT_SUPPORTED_ENCODING_COMBINATION;
- }
- else {
- cpat = (UChar* )pattern;
PKG_NAME:=redis
PKG_VERSION:=5.0.5
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE_URL:=http://download.redis.io/releases/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
--- /dev/null
+--- a/src/config.h
++++ b/src/config.h
+@@ -30,6 +30,10 @@
+ #ifndef __CONFIG_H
+ #define __CONFIG_H
+
++#if defined(__unix) || defined(__linux__)
++#include <features.h>
++#endif
++
+ #ifdef __APPLE__
+ #include <AvailabilityMacros.h>
+ #endif
+@@ -62,9 +66,9 @@
+ #endif
+
+ /* Test for backtrace() */
+-#if defined(__APPLE__) || (defined(__linux__) && defined(__GLIBC__)) || \
++#if (defined(__APPLE__) || (defined(__linux__) && defined(__GLIBC__)) || \
+ defined(__FreeBSD__) || (defined(__OpenBSD__) && defined(USE_BACKTRACE))\
+- || defined(__DragonFly__)
++ || defined(__DragonFly__)) && !defined(__UCLIBC__)
+ #define HAVE_BACKTRACE 1
+ #endif
+
--- /dev/null
+menu "Select dovecot build options"
+ depends on PACKAGE_dovecot
+
+config DOVECOT_GSSAPI
+ bool "GSSAPI support"
+ default n
+ help
+ Implements GSSAPI support in dovecot.
+
+config DOVECOT_LDAP
+ bool "LDAP support"
+ default n
+ help
+ Implements LDAP support in dovecot.
+
+config DOVECOT_MYSQL
+ bool "MYSQL support"
+ default n
+ help
+ Implements MYSQL support in dovecot.
+
+config DOVECOT_PGSQL
+ bool "PostgreSQL support"
+ default n
+ help
+ Implements PostgreSQL support in dovecot.
+
+config DOVECOT_SQLITE
+ bool "SQLite support"
+ default n
+ help
+ Implements SQLite DB support in dovecot.
+
+config DOVECOT_ICU
+bool "Enable i18n features"
+ default n
+ help
+ Enable ICU (International Components for Unicode) support.
+
+endmenu
include $(TOPDIR)/rules.mk
PKG_NAME:=dovecot
-PKG_VERSION:=2.3.7
+PKG_VERSION:=2.3.7.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://dovecot.org/releases/2.3
-PKG_HASH:=11e156ae8539e42892809cc2412c3f1a294188806969f5547191a43abd4083aa
+PKG_HASH:=c5a51d6f76e6e9c843df69e52a364a4c65c4c60e0c51d992eaa45f22f71803c3
+
+PKG_MAINTAINER:=Lucian Cristian <lucian.cristian@gmail.com>
PKG_LICENSE:=LGPL-2.1-only MIT BSD-3-Clause
PKG_LICENSE_FILES:=COPYING COPYING.LGPL COPYING.MIT
-PKG_MAINTAINER:=Lucian Cristian <lucian.cristian@gmail.com>
PKG_BUILD_DEPENDS:=libiconv
PKG_CONFIG_DEPENDS:= \
define Package/dovecot
SECTION:=mail
CATEGORY:=Mail
- DEPENDS:=+DOVECOT_GSSAPI:krb5-libs +DOVECOT_LDAP:libopenldap +DOVECOT_MYSQL:libmysqlclient +DOVECOT_PGSQL:libpq +DOVECOT_SQLITE:libsqlite3 +libopenssl +librt +zlib +libbz2 +libcap +DOVECOT_ICU:icu $(ICONV_DEPENDS)
TITLE:=An IMAP and POP3 daemon
URL:=https://www.dovecot.org/
+ DEPENDS:=+DOVECOT_GSSAPI:krb5-libs +DOVECOT_LDAP:libopenldap +DOVECOT_MYSQL:libmysqlclient +DOVECOT_PGSQL:libpq +DOVECOT_SQLITE:libsqlite3 +libopenssl +librt +zlib +libbz2 +libcap +DOVECOT_ICU:icu $(ICONV_DEPENDS)
USERID:=dovecot=59:dovecot=59
+ USERID:=dovenull=60:dovenull=60
ABI_VERSION:=$(PKG_VERSION)
endef
endef
define Package/dovecot/config
- menu "Select dovecot build options"
- depends on PACKAGE_dovecot
- config DOVECOT_GSSAPI
- bool "GSSAPI support"
- default n
- help
- Implements GSSAPI support in dovecot.
- config DOVECOT_LDAP
- bool "LDAP support"
- default n
- help
- Implements LDAP support in dovecot.
- config DOVECOT_MYSQL
- bool "MYSQL support"
- default n
- help
- Implements MYSQL support in dovecot.
- config DOVECOT_PGSQL
- bool "PostgreSQL support"
- default n
- help
- Implements PostgreSQL support in dovecot.
- config DOVECOT_SQLITE
- bool "SQLite support"
- default n
- help
- Implements SQLite DB support in dovecot.
- config DOVECOT_ICU
- bool "Enable i18n features"
- default n
- help
- Enable ICU (International Components for Unicode) support.
- endmenu
+ source "$(SOURCE)/Config.in"
endef
define Package/dovecot/conffiles
-/etc/init.d/dovecot
/etc/dovecot/
endef
--without-lzma \
--without-lz4 \
--without-sodium \
- --without-docs \
$(if $(CONFIG_DOVECOT_GSSAPI),--with-gssapi=yes,--with-gssapi=no) \
$(if $(CONFIG_DOVECOT_LDAP),--with-ldap=yes,--with-ldap=no) \
$(if $(CONFIG_DOVECOT_MYSQL),--with-mysql=yes,--with-mysql=no) \
$(INSTALL_DIR) $(1)/usr/include $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/include/dovecot $(1)/usr/include/
$(CP) $(PKG_INSTALL_DIR)/usr/lib/dovecot $(1)/usr/lib/
- rm -f $(1)/usr/lib/dovecot/*.la
+ $(call libtool_remove_files,$(1))
endef
define Package/dovecot/install
- $(INSTALL_DIR) $(1)/etc/init.d \
- $(1)/etc/dovecot \
- $(1)/usr/lib/dovecot \
- $(1)/usr/libexec/dovecot \
- $(1)/usr/bin \
- $(1)/usr/sbin
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) ./files/dovecot.init $(1)/etc/init.d/dovecot
+
+ $(INSTALL_DIR) $(1)/etc/dovecot
+ $(CP) $(PKG_INSTALL_DIR)/usr/share/doc/dovecot/example-config/* $(1)/etc/dovecot/
+
+ $(INSTALL_DIR) $(1)/usr/lib/dovecot
$(CP) $(PKG_INSTALL_DIR)/usr/lib/dovecot/* $(1)/usr/lib/dovecot/
+ rm $(1)/usr/lib/dovecot/dovecot-config
+ find $(1)/usr/lib/dovecot/ -name "*.a" -o -name "*.la" | $(XARGS) rm -f
+
+ $(INSTALL_DIR) $(1)/usr/libexec/dovecot
$(CP) $(PKG_INSTALL_DIR)/usr/libexec/dovecot/* $(1)/usr/libexec/dovecot/
+
+ $(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/doveconf $(1)/usr/bin/
+
+ $(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/* $(1)/usr/sbin/
- $(INSTALL_BIN) ./files/dovecot.init $(1)/etc/init.d/dovecot
- rm $(1)/usr/lib/dovecot/dovecot-config
- find $(1)/usr/lib/dovecot/ -name "*.a" -o -name "*.la" | xargs rm
endef
define Package/dovecot-utils/install
-diff -u --recursive dovecot-2.3.1-vanilla/m4/fd_passing.m4 dovecot-2.3.1/m4/fd_passing.m4
---- dovecot-2.3.1-vanilla/m4/fd_passing.m4 2018-06-08 20:02:15.849850956 -0400
-+++ dovecot-2.3.1/m4/fd_passing.m4 2018-06-08 20:04:28.947016370 -0400
-@@ -8,7 +8,7 @@
+--- a/m4/fd_passing.m4
++++ b/m4/fd_passing.m4
+@@ -8,7 +8,7 @@ AC_DEFUN([DOVECOT_FD_PASSING], [
CFLAGS="$CFLAGS -DBUGGY_CMSG_MACROS"
fi
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/wait.h>
-@@ -16,7 +16,7 @@
+@@ -16,7 +16,7 @@ AC_DEFUN([DOVECOT_FD_PASSING], [
#include <unistd.h>
#include <fcntl.h>
#include "fdpass.h"
static
int nopen(void)
{
-diff -u --recursive dovecot-2.3.1-vanilla/m4/glibc.m4 dovecot-2.3.1/m4/glibc.m4
---- dovecot-2.3.1-vanilla/m4/glibc.m4 2018-06-08 20:02:15.850850957 -0400
-+++ dovecot-2.3.1/m4/glibc.m4 2018-06-08 20:04:00.780981363 -0400
-@@ -17,7 +17,7 @@
+--- a/m4/glibc.m4
++++ b/m4/glibc.m4
+@@ -17,7 +17,7 @@ AC_DEFUN([DOVECOT_GLIBC], [
dnl * Old glibcs have broken posix_fallocate(). Make sure not to use it.
dnl * It may also be broken in AIX.
AC_CACHE_CHECK([whether posix_fallocate() works],i_cv_posix_fallocate_works,[
#define _XOPEN_SOURCE 600
#include <stdio.h>
#include <stdlib.h>
-@@ -26,6 +26,7 @@
+@@ -26,6 +26,7 @@ AC_DEFUN([DOVECOT_GLIBC], [
#if defined(__GLIBC__) && (__GLIBC__ < 2 || __GLIBC_MINOR__ < 7)
possibly broken posix_fallocate
#endif
int main() {
int fd = creat("conftest.temp", 0600);
int ret;
-diff -u --recursive dovecot-2.3.1-vanilla/m4/ioloop.m4 dovecot-2.3.1/m4/ioloop.m4
---- dovecot-2.3.1-vanilla/m4/ioloop.m4 2018-06-08 20:02:15.850850957 -0400
-+++ dovecot-2.3.1/m4/ioloop.m4 2018-06-08 20:03:31.666945181 -0400
-@@ -4,9 +4,9 @@
+--- a/m4/ioloop.m4
++++ b/m4/ioloop.m4
+@@ -4,9 +4,9 @@ AC_DEFUN([DOVECOT_IOLOOP], [
if test "$ioloop" = "best" || test "$ioloop" = "epoll"; then
AC_CACHE_CHECK([whether we can use epoll],i_cv_epoll_works,[
int main()
{
return epoll_create(5) < 1;
-diff -u --recursive dovecot-2.3.1-vanilla/m4/mmap_write.m4 dovecot-2.3.1/m4/mmap_write.m4
---- dovecot-2.3.1-vanilla/m4/mmap_write.m4 2018-06-08 20:02:15.850850957 -0400
-+++ dovecot-2.3.1/m4/mmap_write.m4 2018-06-08 20:03:27.369939841 -0400
+--- a/m4/mmap_write.m4
++++ b/m4/mmap_write.m4
@@ -1,7 +1,7 @@
dnl * If mmap() plays nicely with write()
AC_DEFUN([DOVECOT_MMAP_WRITE], [
#include <stdio.h>
#include <sys/types.h>
#include <sys/stat.h>
-@@ -9,6 +9,7 @@
+@@ -9,6 +9,7 @@ AC_DEFUN([DOVECOT_MMAP_WRITE], [
#include <fcntl.h>
#include <sys/mman.h>
#include <string.h>
int main() {
/* return 0 if we're signed */
int f = open("conftest.mmap", O_RDWR|O_CREAT|O_TRUNC, 0600);
-diff -u --recursive dovecot-2.3.1-vanilla/m4/want_gssapi.m4 dovecot-2.3.1/m4/want_gssapi.m4
---- dovecot-2.3.1-vanilla/m4/want_gssapi.m4 2018-06-08 20:02:15.850850957 -0400
-+++ dovecot-2.3.1/m4/want_gssapi.m4 2018-06-08 20:04:13.204996804 -0400
-@@ -54,7 +54,7 @@
+--- a/m4/want_gssapi.m4
++++ b/m4/want_gssapi.m4
+@@ -54,7 +54,7 @@ AC_DEFUN([DOVECOT_WANT_GSSAPI], [
# does the kerberos library support SPNEGO?
AC_CACHE_CHECK([whether GSSAPI supports SPNEGO],i_cv_gssapi_spnego,[
#ifdef HAVE_GSSAPI_H
# include <gssapi.h>
#else
-@@ -62,6 +62,7 @@
+@@ -62,6 +62,7 @@ AC_DEFUN([DOVECOT_WANT_GSSAPI], [
#endif
#include <krb5.h>
#include <string.h>
This patch modifed dovecot-config that gets installed on the assumption
that users of libdovecot will also be cross-compiled (a safe bet).
-Index: dovecot-2.3.2.1/Makefile.am
-===================================================================
---- dovecot-2.3.2.1.orig/Makefile.am
-+++ dovecot-2.3.2.1/Makefile.am
+--- a/Makefile.am
++++ b/Makefile.am
@@ -73,7 +73,7 @@ install-exec-hook:
grep -v '^LIBDOVECOT_.*_INCLUDE' dovecot-config | \
grep -v '^LIBDOVECOT.*_DEPS' | sed \
--- a/src/lib-ssl-iostream/dovecot-openssl-common.c
+++ b/src/lib-ssl-iostream/dovecot-openssl-common.c
-@@ -63,9 +63,11 @@ void dovecot_openssl_common_global_ref(void)
+@@ -63,9 +63,11 @@ void dovecot_openssl_common_global_ref(v
/*i_warning("CRYPTO_set_mem_functions() was called too late");*/
}
}
bool dovecot_openssl_common_global_unref(void)
-@@ -79,6 +81,7 @@ bool dovecot_openssl_common_global_unref(void)
+@@ -79,6 +81,7 @@ bool dovecot_openssl_common_global_unref
ENGINE_finish(dovecot_openssl_engine);
dovecot_openssl_engine = NULL;
}
/* OBJ_cleanup() is called automatically by EVP_cleanup() in
newer versions. Doesn't hurt to call it anyway. */
OBJ_cleanup();
-@@ -100,6 +103,7 @@ bool dovecot_openssl_common_global_unref(void)
- ERR_free_strings();
+@@ -101,6 +104,7 @@ bool dovecot_openssl_common_global_unref
#ifdef HAVE_OPENSSL_CLEANUP
OPENSSL_cleanup();
-+#endif
#endif
++#endif
return FALSE;
}
+
--- a/src/lib-ssl-iostream/iostream-openssl-context.c
+++ b/src/lib-ssl-iostream/iostream-openssl-context.c
@@ -6,6 +6,9 @@
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/ssl.h>
-@@ -510,8 +513,10 @@ ssl_proxy_ctx_set_crypto_params(SSL_CTX *ssl_ctx,
+@@ -514,8 +517,10 @@ ssl_proxy_ctx_set_crypto_params(SSL_CTX
int nid;
const char *curve_name;
#endif
#include "dcrypt.h"
#include "dcrypt-private.h"
-@@ -179,11 +181,13 @@ static bool dcrypt_openssl_error(const char **error_r)
+@@ -179,11 +181,13 @@ static bool dcrypt_openssl_error(const c
static bool dcrypt_openssl_initialize(const struct dcrypt_settings *set,
const char **error_r)
{
#ifdef HAVE_SSL_NEW_MEM_FUNCS
static void *dovecot_openssl_malloc(size_t size, const char *u0 ATTR_UNUSED, int u1 ATTR_UNUSED)
-@@ -77,10 +80,12 @@ bool dovecot_openssl_common_global_unref(void)
+@@ -77,10 +80,12 @@ bool dovecot_openssl_common_global_unref
if (--openssl_init_refcount > 0)
return TRUE;
#if OPENSSL_VERSION_NUMBER < 0x10100000L
/* OBJ_cleanup() is called automatically by EVP_cleanup() in
newer versions. Doesn't hurt to call it anyway. */
-@@ -88,7 +93,9 @@ bool dovecot_openssl_common_global_unref(void)
+@@ -88,7 +93,9 @@ bool dovecot_openssl_common_global_unref
#ifdef HAVE_SSL_COMP_FREE_COMPRESSION_METHODS
SSL_COMP_free_compression_methods();
#endif
EVP_cleanup();
CRYPTO_cleanup_all_ex_data();
#ifdef HAVE_OPENSSL_AUTO_THREAD_DEINIT
-@@ -111,6 +118,7 @@ bool dovecot_openssl_common_global_unref(void)
+@@ -111,6 +118,7 @@ bool dovecot_openssl_common_global_unref
int dovecot_openssl_common_global_set_engine(const char *engine,
const char **error_r)
{
if (dovecot_openssl_engine != NULL)
return 1;
-@@ -132,5 +140,6 @@ int dovecot_openssl_common_global_set_engine(const char *engine,
+@@ -132,5 +140,6 @@ int dovecot_openssl_common_global_set_en
dovecot_openssl_engine = NULL;
return -1;
}
#
# Copyright (C) 2009 David Cooper <dave@kupesoft.com>
-# Copyright (C) 2009-2015 OpenWrt.org
-# Copyright (C) 2016 Daniel Dickinson <cshored@thecshore.com>
+# Copyright (C) 2016-2019 Daniel Dickinson <cshored@thecshore.com>
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(TOPDIR)/rules.mk
PKG_NAME:=msmtp-scripts
-PKG_VERSION:=1.0.8
+PKG_VERSION:=1.2.4
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=@SF/msmtp-scripts
-PKG_HASH:=2aec48d47b02facf2a33cf97a7434e969c1a054224406e6c55320d825c7902b2
+PKG_SOURCE_URL:=https://launchpad.net/$(PKG_NAME)/1.2/$(PKG_VERSION)/+download
+PKG_HASH:=fc85ab8ed1348be584adfc1feb89f51daed7404e9e8643652ff31d2af00f1cf5
+PKG_MAINTAINER:=Daniel F. Dickinson <cshored@thecshore.com>
-PKG_LICENSE:=GPL-3.0+
+PKG_LICENSE:=GPL-3.0-or-later
PKG_LICENSE_FILES:=COPYING
include $(INCLUDE_DIR)/package.mk
define Package/msmtp-scripts/Default
SECTION:=mail
CATEGORY:=Mail
- TITLE:=DEPRECATED: Simple sendmail SMTP queueing and forwarding
- URL:=http://msmtp-scripts.sourceforge.net/
+ TITLE:=Forwarding only SMTP with queuing
+ URL:=https://msmtp-scripts.thecshore.com
endef
define Package/msmtp-scripts/Default/description
- DEPRECATED: SourceForge project is abandonded; and upstream (on GitHub)
- has deprecated this project. See:
- https://github.com/cshore-history/msmtp-scripts#deprecation-notice
-
msmtp-scripts are scripts wrappers around the msmtp SMTP client that
- add queueing, logging to syslog or file, a subset of sendmail/postfix
+ add queueing, logging to syslog or file, and a subset of sendmail/postfix
mailq/postsuper/postqueue commands implemented in a compatible fashion.
endef
define Package/msmtpq-ng
$(call Package/msmtp-scripts/Default)
- DEPENDS+= @(PACKAGE_msmtp||PACKAGE_msmtp-nossl)
- TITLE+= (msmtpq-ng wrappers)
+ DEPENDS+= +msmtp
+ TITLE+= (common)
endef
define Package/msmtpq-ng/conffiles
$(call Package/msmtp-scripts/Default)
TITLE+= (as MTA)
DEPENDS+=+msmtpq-ng
- USERID:=msmtp=482:msmtp=482
+ ALTERNATIVES:=\
+ 400:/usr/sbin/sendmail:/usr/sbin/msmtpq-ng-mta \
+ 400:/usr/lib/sendmail:/usr/sbin/msmtpq-ng-mta \
+ 400:/usr/sbin/mailq:/usr/sbin/msmtpq-ng-queue-mta \
+ 400:/usr/sbin/postqueue:/usr/sbin/msmtpq-ng-queue-mta \
+ 400:/usr/sbin/postsuper:/usr/sbin/msmtpq-ng-queue-mta
endef
-define Package/msmtp-queue-mta/conffiles
+define Package/msmtpq-ng-mta/conffiles
/etc/msmtpq-ng-mta.rc
endef
define Package/msmtpq-ng-mta-smtpd
$(call Package/msmtp-scripts/Default)
DEPENDS+= +msmtpq-ng-mta +xinetd
- TITLE+= (basic SMTP server)
+ TITLE+= (localhost SMTPd)
+ USERID:=msmtp=482:msmtp=482
endef
define Package/msmtp-ng-mta-smtpd/description
the hold queue before it can be delivered.
endef
-define Package/msmtpq-ng-mta/postinst
- mkdir -p $${IPKG_INSTROOT}/etc/crontabs
- if ! grep -q msmtpq-ng-mta $${IPKG_INSTROOT}/etc/crontabs/root; then echo $$'\n'"*/60 * * * * /usr/bin/msmtpq-ng-mta -q" >>$${IPKG_INSTROOT}/etc/crontabs/root; fi
+define Package/msmtpq-ng-mta-smtpd/conffiles
+/etc/xinetd.d/ms-mta-smtpd
endef
-define Package/msmtp-queue-mta/prerm
- if grep -q msmtpq-ng-mta $${IPKG_INSTROOT}/etc/crontabs/root; then grep -v '\*/60 \* \* \* \* /usr/bin/msmtpq-ng-mta -q' $${IPKG_INSTROOT}/etc/crontabs/root >$${IPKG_INSTROOT}/etc/crontabs/root.new; mv -f $${IPKG_INSTROOT}/etc/crontabs/root.new $${IPKG_INSTROOT}/etc/crontabs; fi
+define Package/msmtpq-ng-mta/postinst
+ mkdir -p $${IPKG_INSTROOT}/etc/crontabs
+ if ! grep -q msmtpq-ng-mta $${IPKG_INSTROOT}/etc/crontabs/root 2>/dev/null; then echo $$'\n'"*/60 * * * * /usr/bin/msmtpq-ng-mta -q" >>$${IPKG_INSTROOT}/etc/crontabs/root; fi
endef
define Build/Configure
define Package/msmtpq-ng/install
$(INSTALL_DIR) $(1)/etc
- $(INSTALL_CONF) ./files/msmtpq-ng.rc $(1)/etc/msmtpq-ng.rc
+ $(INSTALL_DATA) ./files/msmtpq-ng.rc $(1)/etc/msmtpq-ng.rc
$(INSTALL_DIR) $(1)/usr/bin
- $(CP) $(PKG_BUILD_DIR)/msmtpq-ng/msmtpq-ng $(1)/usr/bin/
- $(SED) 's/logger -i/logger/' $(1)/usr/bin/msmtpq-ng
- $(CP) $(PKG_BUILD_DIR)/msmtpq-ng/msmtpq-ng-queue $(1)/usr/bin/
+ $(CP) $(PKG_BUILD_DIR)/src/usr/bin/msmtpq-ng $(1)/usr/bin/
+ $(CP) $(PKG_BUILD_DIR)/src/usr/bin/msmtpq-ng-queue $(1)/usr/bin/
endef
define Package/msmtpq-ng-mta/install
$(INSTALL_DIR) $(1)/usr/bin $(1)/usr/sbin $(1)/usr/lib $(1)/etc/init.d
- $(INSTALL_CONF) $(PKG_BUILD_DIR)/msmtpq-ng-mta/msmtpq-ng-mta.rc $(1)/etc/
- echo 'MSMTP_LOCK_DIR=/var/lock/msmtp' >>$(1)/etc/msmtpq-ng-mta.rc
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/msmtpq-ng-mta/msmtpq-ng-mta $(1)/usr/bin/
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/msmtpq-ng-mta/msmtpq-ng-queue-mta $(1)/usr/bin/
+ $(INSTALL_DATA) ./files/msmtpq-ng-mta.rc $(1)/etc/
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/usr/sbin/msmtpq-ng-mta $(1)/usr/sbin/
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/usr/sbin//msmtpq-ng-queue-mta $(1)/usr/sbin/
$(INSTALL_DIR) $(1)/etc/crontabs
$(INSTALL_BIN) ./files/msmtpq-ng-mta.init $(1)/etc/init.d/msmtpq-ng-mta
- ln -sf ../bin/msmtpq-ng-mta $(1)/usr/sbin/sendmail
- ln -sf ../bin/msmtpq-ng-mta $(1)/usr/lib/sendmail
- ln -sf ../bin/msmtpq-ng-queue-mta $(1)/usr/sbin/mailq
- ln -sf ../bin/msmtpq-ng-queue-mta $(1)/usr/sbin/postqueue
- ln -sf ../bin/msmtpq-ng-queue-mta $(1)/usr/sbin/postsuper
endef
define Package/msmtpq-ng-mta-smtpd/install
$(INSTALL_DIR) $(1)/etc/xinetd.d
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/msmtpq-ng-mta/sendmail-bs.xinetd $(1)/etc/xinetd.d/msmtpq-ng-mta-smtpd
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/etc/xinetd.d/ms-mta-smtpd $(1)/etc/xinetd.d/ms-mta-smtpd
endef
boot() {
[ ! -d /var/spool/msmtp ] && {
- mkdir -m 0770 -p /var/spool/msmtp
- chown msmtp:msmtp /var/spool/msmtp
+ mkdir -m1777 -p /var/spool/msmtp
}
[ ! -d /var/lock/msmtp ] && {
- mkdir -m 0770 -p /var/lock/msmtp
- chown msmtp:msmtp /var/lock/msmtp
+ mkdir -m1777 -p /var/lock/msmtp
}
}
--- /dev/null
+#!/bin/sh
+
+#Q=/var/spool/msmtp/"$(id -un)"
+#LOG=syslog
+#MAXLOGLEVEL=7
+#MSMTP_LOCK_DIR=/var/lock/msmtp/"$(id -un)"
+#MSMTP_UMASK=077
+#MSMTP_LOG_UMASK=007
+#MSMTP_QUEUE_QUIET=true
+#MSMTP_IGNORE_NO_RECIPIENTS=true
+#MSMTP_QUEUE_ONLY=false
+#MSMTP_SEND_DELAY=0
+#MSMTP_MAXIMUM_QUEUE_LIFETIME=345600 # Four days
+#MSMTPQ_NG=msmtpq-ng
+#MSMTPQ_NG_QUEUE=msmtpq-ng-queue
+#MSMTP_CONF=/etc/msmtprc
+#EMAIL_CONN_TEST=p
+EMAIL_CONN_TEST_PING=openwrt.org
+#EMAIL_CONN_TEST_IP=8.8.8.8
+#EMAIL_CONN_TEST_SITE=www.debian.org
+#MSMTP_HOLD_SMTP_MAIL=true
+#MSMTP_HOLD_CLI_MAIL=false
+#!/bin/sh
+
#Q=~/msmtp.queue
#LOG=~/log/.msmtp.queue.log
#MAXLOGLEVEL=7
-#MSMTP_LOCKDIR=/var/lock
+#MSMTP_LOCK_DIR=~/.msmtp.lock
EMAIL_CONN_TEST=p
-EMAIL_CONN_TEST_SITE=www.lede-project.org
+EMAIL_CONN_TEST_PING=openwrt.org
#EMAIL_CONN_TEST_IP=8.8.8.8
+#EMAIL_CONN_TEST_SITE=www.debian.org
#MSMTP_UMASK=077
#MSMTP_LOG_UMASK=077
#MSMTP_QUEUE_QUIET=false
-#MSMTP_IGNORE_NO_RECIPIENTS=false
+#MSMTP_IGNORE_NO_RECIPIENTS=true
#MSMTP_QUEUE_ONLY=false
#MSMTP_SEND_DELAY=0
#MSMTP_MAXIMUM_QUEUE_LIFETIME=345600 # Four days
#MSMTPQ_NG_QUEUE=msmtpq-ng-queue
#MSMTP_HOLD_SMTP_MAIL=true
#MSMTP_HOLD_CLI_MAIL=false
+#MSMTP_CONF=/etc/msmtprc
+#LOCK_CMD=flock
PKG_NAME:=msmtp
PKG_VERSION:=1.8.5
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://marlam.de/msmtp/releases
DEPENDS+= +libgnutls +ca-bundle
TITLE+= (with SSL support)
VARIANT:=ssl
+ DEFAULT_VARIANT:=1
endef
define Package/msmtp/conffiles
$(call Package/msmtp/Default)
TITLE+= (without SSL support)
VARIANT:=nossl
+ PROVIDES:=msmtp
endef
define Package/msmtp-nossl/description
define Package/msmtp-mta
$(call Package/msmtp/Default)
TITLE+= (as MTA)
- DEPENDS+=@(PACKAGE_msmtp||PACKAGE_msmtp-nossl)
+ DEPENDS+=+msmtp
+ ALTERNATIVES:=\
+ 100:/usr/sbin/sendmail:/usr/bin/msmtp \
+ 100:/usr/lib/sendmail:/usr/bin/msmtp
endef
define Package/msmtp-mta/description
define Package/msmtp-queue
$(call Package/msmtp/Default)
- DEPENDS+= +bash @(PACKAGE_msmtp||PACKAGE_msmtp-nossl)
+ DEPENDS+= +bash +msmtp
TITLE+= (queue scripts)
endef
define Package/msmtp-mta/install
$(INSTALL_DIR) $(1)/usr/sbin $(1)/usr/lib
- ln -sf ../bin/msmtp $(1)/usr/sbin/sendmail
- ln -sf ../bin/msmtp $(1)/usr/lib/sendmail
endef
Package/msmtp-nossl/conffiles = $(Package/msmtp/conffiles)
PKG_NAME:=imagemagick
PKG_VERSION:=7.0.8
-PKG_REVISION:=59
+PKG_REVISION:=61
PKG_RELEASE:=1
PKG_MAINTAINER:=Val Kulkov <val.kulkov@gmail.com>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_REVISION).tar.gz
PKG_SOURCE_URL:=http://github.com/ImageMagick/ImageMagick/archive/$(PKG_VERSION)-$(PKG_REVISION)
-PKG_HASH:=238ee17196fcb80bb58485910aaefc12d48f99e4043c2a28f06ff9588161c4e3
+PKG_HASH:=7010fd9747a7080b9626b40908bcb12312fa38f3ad378b908a0a5198f49baad9
PKG_BUILD_DIR:=$(BUILD_DIR)/ImageMagick-$(PKG_VERSION)-$(PKG_REVISION)
PKG_LICENSE:=Apache-2.0
PKG_LICENSE_FILES:=LICENSE
+PKG_CPE_ID:=cpe:/a:imagemagick:imagemagick
PKG_USE_MIPS16:=0
PKG_INSTALL:=1
include $(TOPDIR)/rules.mk
PKG_NAME:=youtube-dl
-PKG_VERSION:=2019.8.2
+PKG_VERSION:=2019.8.13
PKG_RELEASE:=1
PKG_SOURCE:=youtube_dl-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://files.pythonhosted.org/packages/source/y/youtube_dl/
-PKG_HASH:=73b8528782f507dc506422557c940842e1e514ffaf0b010d82642cb2ceeefdf7
+PKG_HASH:=ff65a10f81b64d8e0d1872a89bee0d075370ba6e4c658193e56e6f93e5ca46ba
PKG_BUILD_DIR:=$(BUILD_DIR)/youtube_dl-$(PKG_VERSION)
PKG_MAINTAINER:=Adrian Panella <ianchi74@outlook.com>, Josef Schlehofer <pepe.schlehofer@gmail.com>
include $(TOPDIR)/rules.mk
PKG_NAME:=adblock
-PKG_VERSION:=3.6.5
-PKG_RELEASE:=2
+PKG_VERSION:=3.8.2
+PKG_RELEASE:=1
PKG_LICENSE:=GPL-3.0+
PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>
endef
define Package/adblock/description
-Powerful adblock script to block ad/abuse domains via dnsmasq, unbound, named, kresd or dnscrypt-proxy.
+Powerful adblock script to block ad/abuse domains via dnsmasq, unbound, named or kresd.
The script supports many domain blacklist sites plus manual black- and whitelist overrides.
Please see https://github.com/openwrt/packages/blob/master/net/adblock/files/README.md for further information.
define Package/adblock/install
$(INSTALL_DIR) $(1)/usr/bin
- $(INSTALL_BIN) ./files/adblock.sh $(1)/usr/bin/
+ $(INSTALL_BIN) ./files/adblock.sh $(1)/usr/bin
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/adblock.init $(1)/etc/init.d/adblock
$(INSTALL_CONF) ./files/adblock.conf $(1)/etc/config/adblock
$(INSTALL_DIR) $(1)/etc/adblock
- $(INSTALL_CONF) ./files/adblock.notify $(1)/etc/adblock/
- $(INSTALL_CONF) ./files/adblock.blacklist $(1)/etc/adblock/
- $(INSTALL_CONF) ./files/adblock.whitelist $(1)/etc/adblock/
+ $(INSTALL_BIN) ./files/adblock.mail $(1)/etc/adblock
+ $(INSTALL_BIN) ./files/adblock.service $(1)/etc/adblock
+ $(INSTALL_CONF) ./files/adblock.blacklist $(1)/etc/adblock
+ $(INSTALL_CONF) ./files/adblock.whitelist $(1)/etc/adblock
endef
$(eval $(call BuildPackage,adblock))
* => weekly updates, approx. 2.500 entries (enabled by default)
* zero-conf like automatic installation & setup, usually no manual changes needed
* simple but yet powerful adblock engine: adblock does not use error prone external iptables rulesets, http pixel server instances and things like that
-* supports five different dns backends / blocklist formats: dnsmasq, unbound, named (bind), kresd and dnscrypt-proxy
-* supports six different download utilities: uclient-fetch, wget, curl, aria2c, wget-nossl, busybox-wget
-* Really fast downloads & list processing as they are handled in parallel as background jobs in a configurable 'Download Queue'
-* provides 'http only' mode without installed ssl library for all non-SSL blocklist sources
-* supports a wide range of router modes, even AP modes are supported
+* support four different dns backends: dnsmasq, unbound, named (bind) and kresd
+* support two different dns blocking variants: 'nxdomain' (default, supported by all backends), 'null' (supported only by dnsmasq)
+* support six different download utilities: uclient-fetch, wget, curl, aria2c, wget-nossl, busybox-wget
+* fast downloads & list processing as they are handled in parallel running background jobs (see 'Download Queue')
+* provide 'http only' mode without installed ssl library for all non-SSL blocklist sources
+* support a wide range of router modes, even AP modes are supported
* full IPv4 and IPv6 support
-* provides top level domain compression ('tld compression'), this feature removes thousands of needless host entries from the blocklist and lowers the memory footprint for the dns backend
+* provide top level domain compression ('tld compression'), this feature removes thousands of needless host entries from the blocklist and lowers the memory footprint for the dns backend
+* provide a 'DNS File Reset', where the final DNS blockfile will be purged after DNS backend loading to save storage space
* blocklist source parsing by fast & flexible regex rulesets
* overall duplicate removal in central blocklist 'adb_list.overall'
-* additional whitelist for manual overrides, located by default in /etc/adblock/adblock.whitelist
+* additional blacklist for manual overrides, located by default in /etc/adblock/adblock.blacklist or in LuCI
+* additional whitelist for manual overrides, located by default in /etc/adblock/adblock.whitelist or in LuCI
* quality checks during blocklist update to ensure a reliable dns backend service
* minimal status & error logging to syslog, enable debug logging to receive more output
* procd based init system support (start/stop/restart/reload/suspend/resume/query/status)
* procd network interface trigger support or classic time based startup
* keep the dns cache intact after adblock processing (currently supported by unbound, named and kresd)
-* conditional dns backend restarts by old/new blocklist comparison with sha256sum (default) or md5sum
* suspend & resume adblock actions temporarily without blocklist reloading
* provide comprehensive runtime information via LuCI or via 'status' init command
* provide a detailed DNS Query Report with dns related information about client requests, top (blocked) domains and more
-* provide a query function to quickly identify blocked (sub-)domains, e.g. for whitelisting. This function is also able to search in adblock backups, to get back the set of blocking lists sources for a certain domain
-* force dns requests to local resolver
-* force overall sort / duplicate removal for low memory devices (handle with care!)
-* automatic blocklist backup & restore, they will be used in case of download errors or during startup in backup mode
-* 'backup mode' to re-use blocklist backups during startup, get fresh lists only via reload or restart action
-* 'Jail' blocklist generation which builds an additional list (/tmp/adb_list.jail) to block access to all domains except those listed in the whitelist file. You can use this restrictive blocklist manually e.g. for guest wifi or kidsafe configurations
-* send notification emails in case of a processing error or if the overall domain count is ≤ 0
+* provide a query function to quickly identify blocked (sub-)domains, e.g. for whitelisting. This function is also able to search in adblock backups and black-/whitelist, to get back the set of blocking lists sources for a certain domain
+* option to force dns requests to the local resolver
+* automatic blocklist backup & restore, these backups will be used in case of download errors and during startup
+* send notification E-Mails in case of a processing error or if the overall domain count is ≤ 0
* add new adblock sources on your own, see example below
-* strong LuCI support
+* strong LuCI support for all options
## Prerequisites
-* [OpenWrt](https://openwrt.org), tested with the stable release series (18.06) and with the latest snapshot
+* [OpenWrt](https://openwrt.org), tested with the stable release series (19.07) and with the latest snapshot
* a usual setup with an enabled dns backend at minimum - dump AP modes without a working dns backend are _not_ supported
* a download utility:
* to support all blocklist sources a full version (with ssl support) of 'wget', 'uclient-fetch' with one of the 'libustream-*' ssl libraries, 'aria2c' or 'curl' is required
* for limited devices with real memory constraints, adblock provides also a 'http only' option and supports wget-nossl and uclient-fetch (without libustream-ssl) as well
* for more configuration options see examples below
-* email notification (optional): for email notification support you need to install and configure the additional 'msmtp' package
-* DNS Query Report (optional): for this detailed report you need to install the additional package 'tcpdump' or 'tcpdump-mini'
+* E-Mail notification (optional): for E-Mail notification support you need the additional 'msmtp' package
+* DNS Query Report (optional): for this detailed report you need the additional package 'tcpdump' or 'tcpdump-mini'
## Installation & Usage
* install 'adblock' (_opkg install adblock_)
## LuCI adblock companion package
* it's strongly recommended to use the LuCI frontend to easily configure all powerful aspects of adblock
* install 'luci-app-adblock' (_opkg install luci-app-adblock_)
-* the application is located in LuCI under 'Services' menu
+* the application is located in LuCI under the 'Services' menu
## Tweaks
* **runtime information:** the adblock status is available via _/etc/init.d/adblock status_ (see example below)
* **debug logging:** for script debugging please set the config option 'adb\_debug' to '1' and check the runtime output with _logread -e "adblock"_
-* **storage expansion:** to process and store all blocklist sources at once it might helpful to enlarge your temp directory with a swap partition => see [OpenWrt Wiki](https://wiki.openwrt.org/doc/uci/fstab) for further details
-* **add white- / blacklist entries:** add domain white- or blacklist entries to always-allow or -deny certain (sub) domains, by default both lists are empty and located in _/etc/adblock_. Please add one domain per line - ip addresses, wildcards & regex are _not_ allowed (see example below)
-* **backup & restore blocklists:** enable this feature, to restore automatically the latest compressed backup of your blocklists in case of any processing error (e.g. a single blocklist source is not available during update). Please use an (external) solid partition and _not_ your volatile router temp directory for this
+* **storage expansion:** to process and store all blocklist sources at once it might be helpful to enlarge your temp directory with a swap partition => see [OpenWrt Wiki](https://openwrt.org/docs/guide-user/storage/fstab) for further details
+* **add white- / blacklist entries:** add domain black- or whitelist entries to always-deny or -allow certain (sub) domains, by default both lists are empty and located in _/etc/adblock_. Please add one domain per line - ip addresses, wildcards & regex are _not_ allowed (see example below). You need to refresh your blocklists after changes to these static lists.
* **download queue size:** for further download & list processing performance improvements you can raise the 'adb\_maxqueue' value, e.g. '8' or '16' should be safe
* **scheduled list updates:** for a scheduled call of the adblock service add an appropriate crontab entry (see example below)
* **change startup behaviour:** by default the startup will be triggered by the 'wan' procd interface trigger. Choose 'none' to disable automatic startups, 'timed' to use a classic timeout (default 30 sec.) or select another trigger interface
* **suspend & resume adblocking:** to quickly switch the adblock service 'on' or 'off', simply use _/etc/init.d/adblock [suspend|resume]_
* **domain query:** to query the active blocklist for a certain domain, please use the LuCI frontend or run _/etc/init.d/adblock query `<DOMAIN>`_ (see example below)
* **add new list sources:** you could add new blocklist sources on your own via uci config, all you need is a source url and an awk one-liner (see example below)
-* **disable active dns probing in windows 10:** to prevent a yellow exclamation mark on your internet connection icon (which wrongly means connected, but no internet), please change the following registry key/value from "1" to "0" _HKLM\SYSTEM\CurrentControlSet\Services\NlaSvc\Parameters\Internet\EnableActiveProbing_
## Further adblock config options
* usually the pre-configured adblock setup works quite well and no manual overrides are needed
* the following options apply to the 'global' config section:
* adb\_enabled => main switch to enable/disable adblock service (default: '0', disabled)
- * adb\_debug => enable/disable adblock debug output (default: '0', disabled)
+ * adb\_dns => select the dns backend for your environment: 'dnsmasq', 'unbound', 'named' or 'kresd' (default: 'dnsmasq')
+ * adb\_dnsvariant => select the blocking variant: 'nxdomain' (default, supported by all backends), 'null (IPv4)' and 'null (IPv4/IPv6)' both options are only supported by dnsmasq
* adb\_fetchutil => name of the used download utility: 'uclient-fetch', 'wget', 'curl', 'aria2c', 'wget-nossl'. 'busybox' (default: 'uclient-fetch')
* adb\_fetchparm => special config options for the download utility (default: not set)
- * adb\_dns => select the dns backend for your environment: 'dnsmasq', 'unbound', 'named', 'kresd' or 'dnscrypt-proxy' (default: 'dnsmasq')
- * adb\_dnsdir => target directory for the generated blocklist 'adb_list.overall' (default: not set, use dns backend default)
* adb\_trigger => set the startup trigger to a certain interface, to 'timed' or to 'none' (default: 'wan')
-
* the following options apply to the 'extra' config section:
+ * adb\_debug => enable/disable adblock debug output (default: '0', disabled)
* adb\_nice => set the nice level of the adblock process and all sub-processes (int/default: '0', standard priority)
- * adb\_triggerdelay => additional trigger delay in seconds before adblock processing begins (int/default: '2')
* adb\_forcedns => force dns requests to local resolver (bool/default: '0', disabled)
- * adb\_backup => create compressed blocklist backups, they will be used in case of download errors or during startup in backup mode (bool/default: '0', disabled)
- * adb\_backupdir => target directory for adblock backups (default: not set)
- * adb\_backup_mode => do not automatically update blocklists during startup, use backups instead (bool/default: '0', disabled)
+ * adb\_maxqueue => size of the download queue to handle downloads & list processing in parallel (int/default: '8')
+ * adb\_dnsfilereset => the final DNS blockfile will be purged after DNS backend loading to save storage space (bool/default: 'false', disabled)
* adb\_report => enable the background tcpdump gathering process to provide a detailed DNS Query Report (bool/default: '0', disabled)
* adb\_repdir => target directory for dns related report files generated by tcpdump (default: '/tmp')
+ * adb\_backupdir => target directory for adblock backups (default: '/tmp')
+ * adb\_mail => send notification E-Mails in case of a processing errors or if the overall domain count is ≤ 0 (bool/default: '0', disabled)
+ * adb\_mreceiver => receiver address for adblock notification E-Mails (default: not set)
+* the following options could be added via "Additional Field" in LuCI and apply to the 'extra' config section as well:
+ * adb\_dnsdir => target directory for the generated blocklist 'adb_list.overall' (default: not set, use dns backend default)
+ * adb\_blacklist => full path to the static blacklist file (default: '/etc/adblock/adblock.blacklist')
+ * adb\_whitelist => full path to the static whitelist file (default: '/etc/adblock/adblock.whitelist')
+ * adb\_triggerdelay => additional trigger delay in seconds before adblock processing begins (int/default: '2')
+ * adb\_dnsflush => flush DNS cache after adblock processing, i.e. enable the old restart behavior (bool/default: '0', disabled)
* adb\_repiface => reporting interface used by tcpdump, set to 'any' for multiple interfaces (default: 'br-lan')
* adb\_replisten => space separated list of reporting port(s) used by tcpdump (default: '53')
- * adb\_repchunksize => report chunk size used by tcpdump in MB (int/default: '1')
* adb\_repchunkcnt => report chunk count used by tcpdump (default: '5')
- * adb\_maxqueue => size of the download queue to handle downloads & list processing in parallel (int/default: '8')
- * adb\_jail => builds an additional 'Jail' list (/tmp/adb_list.jail) to block access to all domains except those listed in the whitelist file (bool/default: '0', disabled)
- * adb\_dnsflush => flush DNS cache after adblock processing, i.e. enable the old restart behavior (bool/default: '0', disabled)
- * adb\_notify => send notification emails in case of a processing error or if the overall domain count is ≤ 0 (bool/default: '0', disabled)
- * adb\_notifycnt => Raise minimum domain count email notification trigger (int/default: '0')
+ * adb\_repchunksize => report chunk size used by tcpdump in MB (int/default: '1')
+ * adb\_msender => sender address for adblock notification E-Mails (default: 'no-reply@adblock')
+ * adb\_mtopic => topic for adblock notification E-Mails (default: 'adblock notification')
+ * adb\_mprofile => mail profile used in 'msmtp' for adblock notification E-Mails (default: 'adb_notify')
+ * adb\_mcnt => raise the minimum domain count E-Mmail notification trigger (int/default: '0')
## Examples
**change default dns backend to 'unbound':**
-Adblock deposits the final blocklist 'adb_list.overall' in '/var/lib/unbound' where unbound can find them in its jail.
+Adblock deposits the final blocklist 'adb_list.overall' in '/var/lib/unbound' where unbound can find them in its jail, no further configuration needed.
To preserve the DNS cache after adblock processing you need to install 'unbound-control'.
**change default dns backend to 'named' (bind):**
The knot-resolver (kresd) is only available on Turris Omnia devices.
Adblock deposits the final blocklist 'adb_list.overall' in '/etc/kresd', no further configuration needed.
-**change default dns backend to 'dnscrypt-proxy':**
-
-The required 'blacklist' option of dnscrypt-proxy is not enabled by default, because the package will be compiled without plugins support.
-Take a custom OpenWrt build with plugins support to use this feature. Adblock deposits the final blocklist 'adb_list.overall' in '/tmp'.
-To use the blocklist please modify '/etc/config/dnscrypt-proxy' per instance:
-<pre><code>
- list blacklist 'domains:/tmp/adb_list.overall'
-</code></pre>
-
-**reference the jail block list manually in a 'kidsafe' dhcp config:**
-
-The additional 'Jail' blocklist (by default in /tmp/adb_list.jail) block access to all domains except those listed in the whitelist file.
-<pre><code>
-config dnsmasq 'kidsafe'
- [...]
- option serversfile '/tmp/adb_list.jail'
-</code></pre>
-
-**enable email notification via msmtp:**
+**enable E-Mail notification via msmtp:**
To use the email notification you have to install & configure the package 'msmtp'.
Modify the file '/etc/msmtprc':
user dev.adblock
password xxx
</code></pre>
-Edit the file '/etc/adblock/adblock.notify' and change at least the 'mail_receiver'.
-Finally make this file executable via 'chmod' and test it directly. If no more errors come up you can comment 'mail_debug', too.
+Finally enable E-Mail support and add a valid E-Mail address in LuCI.
**receive adblock runtime information:**
/etc/init.d/adblock status
::: adblock runtime information
+ adblock_status : enabled
- + adblock_version : 3.6.0
- + overall_domains : 30267 (backup mode)
+ + adblock_version : 3.8.0
+ + overall_domains : 48359
+ fetch_utility : /bin/uclient-fetch (libustream-ssl)
- + dns_backend : dnsmasq (/tmp)
- + last_rundate : 19.12.2018 16:29:25
- + system_release : GL-AR750S, OpenWrt SNAPSHOT r8814-6835c13e5a
+ + dns_backend : dnsmasq, /tmp
+ + dns_variant : null (IPv4/IPv6), true
+ + backup_dir : /mnt/data/adblock
+ + last_rundate : 15.08.2019 08:43:16
+ + system_release : GL.iNet GL-AR750S, OpenWrt SNAPSHOT r10720-ccb4b96b8a
</code></pre>
**receive adblock DNS Query Report information:**
+ 2 ::: v10.events.data.microsoft.com
+ 2 ::: settings-win.data.microsoft.com
+ 2 ::: nexusrules.officeapps.live.com
+[...]
</code></pre>
**cronjob for a regular block list update (/etc/crontabs/root):**
www.adwhere.com
</code></pre>
-**query the active blocklist for a certain (sub-)domain, e.g. for whitelisting:**
+**query the active blocklist, the backups and black-/whitelist for a certain (sub-)domain, e.g. for whitelisting:**
The query function checks against the submitted (sub-)domain and recurses automatically to the upper top level domain. For every (sub-)domain it returns the first ten relevant results.
<pre><code>
/etc/init.d/adblock query google.com
:::
-::: results for domain 'google.com'
+::: results for domain 'google.com' in active blocklist
:::
+ + adservice.google.com
+ + adservice.google.com.au
+ + adservice.google.com.vn
+ + adservices.google.com
+ analytics.google.com
+ googleadapis.l.google.com
+ pagead.l.google.com
+ partnerad.l.google.com
+ ssl-google-analytics.l.google.com
- + www-google-analytics.l.google.com
+ video-stats.video.google.com
+ + [...]
+
:::
-::: results for domain 'google.com' in backups
+::: results for domain 'google.com' in backups and black-/whitelist
:::
+ adb_list.adguard.gz partnerad.l.google.com
+ adb_list.adguard.gz googleadapis.l.google.com
+ adb_list.disconnect.gz partnerad.l.google.com
+ adb_list.disconnect.gz video-stats.video.google.com
+ adb_list.disconnect.gz [...]
+ + adb_list.whocares.gz video-stats.video.google.com
+ + adb_list.whocares.gz adservice.google.com
+ + adb_list.whocares.gz adservice.google.com.au
+ + adb_list.whocares.gz [...]
+ + adb_list.yoyo.gz adservice.google.com
+ adb_list.yoyo.gz analytics.google.com
+ adb_list.yoyo.gz pagead.l.google.com
- + adb_list.yoyo.gz partnerad.l.google.com
+ adb_list.yoyo.gz [...]
</code></pre>
## Support
Please join the adblock discussion in this [forum thread](https://forum.openwrt.org/t/adblock-support-thread/507) or contact me by mail <dev@brenken.org>
-## Removal
-* stop all adblock related services with _/etc/init.d/adblock stop_
-* optional: remove the adblock package (_opkg remove adblock_)
-
Have fun!
Dirk
config adblock 'global'
+ option adb_basever '3.8'
option adb_enabled '0'
option adb_dns 'dnsmasq'
+ option adb_dnsvariant 'nxdomain'
option adb_fetchutil 'uclient-fetch'
option adb_trigger 'wan'
config adblock 'extra'
option adb_debug '0'
option adb_forcedns '0'
- option adb_backup '0'
option adb_report '0'
- option adb_maxqueue '8'
+ option adb_maxqueue '4'
config source 'adaway'
option adb_src 'https://adaway.org/hosts.txt'
option adb_src_desc 'focus on malicious bitcoin mining sites, infrequent updates, approx. 80 entries'
option enabled '0'
-config source 'blacklist'
- option adb_src '/etc/adblock/adblock.blacklist'
- option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
- option adb_src_desc 'static local domain blacklist, always deny these domains'
- option enabled '1'
-
config source 'disconnect'
option adb_src 'https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt'
option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
stop_service()
{
rc_procd "${adb_script}" stop
- rc_procd start_service
}
restart()
suspend()
{
[ -s "${adb_pidfile}" ] && return 1
- rc_procd "${adb_script}" suspend
+ rc_procd start_service suspend
}
resume()
{
[ -s "${adb_pidfile}" ] && return 1
- rc_procd "${adb_script}" resume
+ rc_procd start_service resume
}
query()
rtfile="${rtfile:-"/tmp/adb_runtime.json"}"
if [ -s "${rtfile}" ]
then
- printf "%s\n" "::: adblock runtime information"
+ printf "%s\\n" "::: adblock runtime information"
json_load_file "${rtfile}"
json_select data
json_get_keys keylist
for key in ${keylist}
do
json_get_var value "${key}"
- printf " + %-15s : %s\n" "${key}" "${value}"
+ printf " + %-15s : %s\\n" "${key}" "${value}"
done
else
- printf "%s\n" "::: no adblock runtime information available"
+ printf "%s\\n" "::: no adblock runtime information available"
fi
}
--- /dev/null
+#!/bin/sh
+#
+# send mail script for adblock notifications
+# written by Dirk Brenken (dev@brenken.org)
+# Please note: you have to manually install and configure the package 'msmtp' before using this script
+
+# This is free software, licensed under the GNU General Public License v3.
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+LC_ALL=C
+PATH="/usr/sbin:/usr/bin:/sbin:/bin"
+
+if [ -r "/lib/functions.sh" ]
+then
+ . "/lib/functions.sh"
+ adb_basever="$(uci_get adblock global adb_basever)"
+ adb_debug="$(uci_get adblock extra adb_debug "0")"
+ adb_msender="$(uci_get adblock extra adb_msender "no-reply@adblock")"
+ adb_mreceiver="$(uci_get adblock extra adb_mreceiver)"
+ adb_mtopic="$(uci_get adblock extra adb_mtopic "adblock notification")"
+ adb_mprofile="$(uci_get adblock extra adb_mprofile "adb_notify")"
+fi
+adb_mail="$(command -v msmtp)"
+adb_rc=1
+
+if [ "${adb_debug}" -eq 1 ]
+then
+ debug="--debug"
+fi
+
+# mail header & receiver check
+#
+if [ -z "${adb_mreceiver}" ]
+then
+ logger -p "err" -t "adblock-${adb_basever} [${$}]" "please set the mail receiver with the 'adb_mreceiver' option"
+ exit ${adb_rc}
+fi
+adb_mhead="From: ${adb_msender}\\nTo: ${adb_mreceiver}\\nSubject: ${adb_mtopic}\\nReply-to: ${adb_msender}\\nMime-Version: 1.0\\nContent-Type: text/html\\nContent-Disposition: inline\\n\\n"
+
+# info preparation
+#
+sys_info="$(strings /etc/banner 2>/dev/null; ubus call system board | sed -e 's/\"release\": {//' | sed -e 's/^[ \t]*//' | sed -e 's/[{}\",]//g' | sed -e 's/[ ]/ \t/' | sed '/^$/d' 2>/dev/null)"
+adb_info="$(/etc/init.d/adblock status 2>/dev/null)"
+if [ -f "/var/log/messages" ]
+then
+ log_info="$(awk '/adblock-/{NR=1;max=79;if(length($0)>max+1)while($0){if(NR==1){print substr($0,1,max),"↵"} else {print " ",substr($0,1,max)}{$0=substr($0,max+1);NR=NR+1}}else print}' /var/log/messages)"
+else
+ log_info="$(logread -e "adblock-" | awk '{NR=1;max=79;if(length($0)>max+1)while($0){if(NR==1){print substr($0,1,max),"↵"} else {print " ",substr($0,1,max)}{$0=substr($0,max+1);NR=NR+1}}else print}')"
+fi
+
+# mail body
+#
+adb_mtext="<html><body><pre style='display:block;font-family:monospace;font-size:1rem;padding:20;background-color:#f3eee5;white-space:pre'>"
+adb_mtext="${adb_mtext}\\n<strong>++\\n++ System Information ++\\n++</strong>\\n${sys_info}"
+adb_mtext="${adb_mtext}\\n\\n<strong>++\\n++ Adblock Information ++\\n++</strong>\\n${adb_info}"
+adb_mtext="${adb_mtext}\\n\\n<strong>++\\n++ Logfile Information ++\\n++</strong>\\n${log_info}"
+adb_mtext="${adb_mtext}</pre></body></html>"
+
+# send mail
+#
+if [ -x "${adb_mail}" ]
+then
+ printf "%b" "${adb_mhead}${adb_mtext}" 2>/dev/null | "${adb_mail}" ${debug} -a "${adb_mprofile}" "${adb_mreceiver}" >/dev/null 2>&1
+ adb_rc=${?}
+ logger -p "info" -t "adblock-${adb_basever} [${$}]" "mail sent to '${adb_mreceiver}' with rc '${adb_rc}'"
+else
+ logger -p "err" -t "adblock-${adb_basever} [${$}]" "msmtp mail daemon not found"
+fi
+
+exit ${adb_rc}
+++ /dev/null
-#!/bin/sh
-#
-# adblock send mail script for msmtp
-# written by Dirk Brenken (dev@brenken.org)
-# Please note: you have to install and configure the package 'msmtp' before using this script.
-
-# This is free software, licensed under the GNU General Public License v3.
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <http://www.gnu.org/licenses/>.
-
-LC_ALL=C
-PATH="/usr/sbin:/usr/bin:/sbin:/bin"
-mail_ver="1.0.4"
-mail_daemon="$(command -v msmtp)"
-mail_profile="adb_notify"
-#mail_debug="--debug"
-mail_rc=1
-
-# mail header & mail receiver check
-#
-mail_receiver=""
-mail_sender="no-reply@adblock"
-mail_topic="${HOSTNAME}: adblock notification"
-mail_head="From: ${mail_sender}\nTo: ${mail_receiver}\nSubject: ${mail_topic}\nReply-to: ${mail_sender}\nMime-Version: 1.0\nContent-Type: text/html\nContent-Disposition: inline\n\n"
-
-if [ -z "${mail_receiver}" ]
-then
- logger -p "err" -t "adblock-notify-${mail_ver}[${$}]" "please supply/customize the 'mail_receiver' in '/etc/adblock/adblock.notify'"
- exit ${mail_rc}
-fi
-
-# mail daemon check
-#
-if [ ! -x "${mail_daemon}" ]
-then
- mail_daemon="$(command -v sendmail)"
-fi
-
-# info preparation
-#
-sys_info="$(strings /etc/banner 2>/dev/null; ubus call system board | sed -e 's/\"release\": {//' | sed -e 's/^[ \t]*//' | sed -e 's/[{}\",]//g' | sed -e 's/[ ]/ \t/' | sed '/^$/d' 2>/dev/null)"
-adb_info="$(/etc/init.d/adblock status 2>/dev/null)"
-if [ -f "/var/log/messages" ]
-then
- log_info="$(awk '/adblock-/{NR=1;max=79;if(length($0)>max+1)while($0){if(NR==1){print substr($0,1,max),"↵"} else {print " ",substr($0,1,max)}{$0=substr($0,max+1);NR=NR+1}}else print}' /var/log/messages)"
-else
- log_info="$(logread -e "adblock-" | awk '{NR=1;max=79;if(length($0)>max+1)while($0){if(NR==1){print substr($0,1,max),"↵"} else {print " ",substr($0,1,max)}{$0=substr($0,max+1);NR=NR+1}}else print}')"
-fi
-
-# mail body
-#
-mail_text="<html><body><pre style='display:block;font-family:monospace;font-size:1rem;padding:20;background-color:#f3eee5;white-space:pre'>"
-mail_text="${mail_text}\n<strong>++\n++ System Information ++\n++</strong>\n${sys_info}"
-mail_text="${mail_text}\n\n<strong>++\n++ Adblock Information ++\n++</strong>\n${adb_info}"
-mail_text="${mail_text}\n\n<strong>++\n++ Logfile Information ++\n++</strong>\n${log_info}"
-mail_text="${mail_text}</pre></body></html>"
-
-# send mail
-#
-if [ -x "${mail_daemon}" ]
-then
- printf "%b" "${mail_head}${mail_text}" 2>/dev/null | "${mail_daemon}" ${mail_debug} -a "${mail_profile}" "${mail_receiver}" >/dev/null 2>&1
- mail_rc=${?}
- logger -p "info" -t "adblock-notify-${mail_ver}[${$}]" "mail sent to '${mail_receiver}' with rc '${mail_rc}'"
-else
- logger -p "err" -t "adblock-notify-${mail_ver}[${$}]" "msmtp mail daemon not found"
-fi
-
-exit ${mail_rc}
--- /dev/null
+#!/bin/sh
+# ubus monitor to trace dns backend events and conditionally restart adblock
+# written by Dirk Brenken (dev@brenken.org)
+
+# This is free software, licensed under the GNU General Public License v3.
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+LC_ALL=C
+PATH="/usr/sbin:/usr/bin:/sbin:/bin"
+
+if [ -r "/lib/functions.sh" ]
+then
+ . "/lib/functions.sh"
+ adb_basever="$(uci_get adblock global adb_basever)"
+ adb_dns="$(uci_get adblock global adb_dns)"
+fi
+adb_ubus="$(command -v ubus)"
+
+if [ -x "${adb_ubus}" ] && [ -n "${adb_dns}" ]
+then
+ logger -p "info" -t "adblock-${adb_basever} [${$}]" "ubus/adblock service started"
+ "${adb_ubus}" -S -M r -m invoke monitor | \
+ { grep -qE "\"method\":\"(set|signal)\",\"data\":\{\"name\":\"${adb_dns}\""; [ $? -eq 0 ] && /etc/init.d/adblock start; }
+else
+ logger -p "err" -t "adblock-${adb_basever} [${$}]" "can't start ubus/adblock service"
+fi
#
LC_ALL=C
PATH="/usr/sbin:/usr/bin:/sbin:/bin"
-adb_ver="3.6.5-2"
+adb_ver="3.8.2"
adb_sysver="unknown"
adb_enabled=0
adb_debug=0
adb_forcedns=0
-adb_jail=0
-adb_maxqueue=8
-adb_notify=0
-adb_notifycnt=0
+adb_maxqueue=4
+adb_mail=0
+adb_mcnt=0
+adb_trigger="wan"
adb_triggerdelay=0
-adb_backup=0
-adb_backup_mode=0
-adb_backupdir="/mnt"
+adb_backupdir="/tmp"
adb_fetchutil="uclient-fetch"
adb_dns="dnsmasq"
+adb_dnsvariant="nxdomain"
adb_dnsprefix="adb_list"
adb_dnsfile="${adb_dnsprefix}.overall"
-adb_dnsjail="${adb_dnsprefix}.jail"
+adb_dnsfilereset="false"
adb_dnsflush=0
+adb_blacklist="/etc/adblock/adblock.blacklist"
adb_whitelist="/etc/adblock/adblock.whitelist"
adb_rtfile="/tmp/adb_runtime.json"
-adb_hashutil="$(command -v sha256sum)"
-adb_hashold=""
-adb_hashnew=""
adb_report=0
adb_repiface="br-lan"
adb_replisten="53"
adb_rc=0
adb_action="${1:-"start"}"
adb_pidfile="/var/run/adblock.pid"
+adb_ubusservice="/etc/adblock/adblock.service"
+adb_mailservice="/etc/adblock/adblock.mail"
+adb_sources=""
# load adblock environment
#
-f_envload()
+f_load()
{
local dns_up sys_call sys_desc sys_model cnt=0
sys_call="$(ubus -S call system board 2>/dev/null)"
if [ -n "${sys_call}" ]
then
- sys_desc="$(printf '%s' "${sys_call}" | jsonfilter -e '@.release.description')"
- sys_model="$(printf '%s' "${sys_call}" | jsonfilter -e '@.model')"
+ sys_desc="$(printf "%s" "${sys_call}" | jsonfilter -e '@.release.description')"
+ sys_model="$(printf "%s" "${sys_call}" | jsonfilter -e '@.model')"
adb_sysver="${sys_model}, ${sys_desc}"
fi
- # check hash utility
- #
- if [ ! -x "${adb_hashutil}" ]
- then
- adb_hashutil="$(command -v md5sum)"
- fi
-
# parse 'global' and 'extra' section by callback
#
config_cb()
config_load adblock
config_foreach parse_config source
- # check dns backend
+ # version check
+ #
+ if [ -z "${adb_basever}" ] || [ "${adb_ver%.*}" != "${adb_basever}" ]
+ then
+ f_log "info" "your adblock config seems to be too old, please update your config with the '--force-maintainer' opkg option"
+ exit 0
+ fi
+
+ # set dns backend
#
case "${adb_dns}" in
- dnsmasq)
+ "dnsmasq")
adb_dnsinstance="${adb_dnsinstance:-"0"}"
adb_dnsuser="${adb_dnsuser:-"dnsmasq"}"
adb_dnsdir="${adb_dnsdir:-"/tmp"}"
adb_dnsheader=""
- adb_dnsdeny="awk '{print \"server=/\"\$0\"/\"}'"
- adb_dnsallow="awk '{print \"server=/\"\$0\"/#\"}'"
- adb_dnshalt="server=/#/"
+ if [ "${adb_dnsvariant}" = "nxdomain" ]
+ then
+ adb_dnsdeny="awk '{print \"server=/\"\$0\"/\"}'"
+ adb_dnsallow="awk '{print \"server=/\"\$0\"/#\"}'"
+ elif [ "${adb_dnsvariant}" = "null (IPv4)" ]
+ then
+ adb_dnsdeny="awk '{print \"0.0.0.0\\t\"\$0\"\"}'"
+ elif [ "${adb_dnsvariant}" = "null (IPv4/IPv6)" ]
+ then
+ adb_dnsdeny="awk '{print \"0.0.0.0\\t\"\$0\"\\n::\\t\"\$0\"\"}'"
+ fi
+ adb_dnsallow=""
;;
- unbound)
+ "unbound")
adb_dnsinstance="${adb_dnsinstance:-"0"}"
adb_dnsuser="${adb_dnsuser:-"unbound"}"
adb_dnsdir="${adb_dnsdir:-"/var/lib/unbound"}"
adb_dnsheader=""
- adb_dnsdeny="awk '{print \"local-zone: \042\"\$0\"\042 static\"}'"
- adb_dnsallow="awk '{print \"local-zone: \042\"\$0\"\042 transparent\"}'"
- adb_dnshalt="local-zone: \".\" static"
+ adb_dnsdeny="awk '{print \"local-zone: \\042\"\$0\"\\042 static\"}'"
+ adb_dnsallow="awk '{print \"local-zone: \\042\"\$0\"\\042 transparent\"}'"
;;
- named)
+ "named")
adb_dnsinstance="${adb_dnsinstance:-"0"}"
adb_dnsuser="${adb_dnsuser:-"bind"}"
adb_dnsdir="${adb_dnsdir:-"/var/lib/bind"}"
adb_dnsheader="\$TTL 2h"$'\n'"@ IN SOA localhost. root.localhost. (1 6h 1h 1w 2h)"$'\n'" IN NS localhost."
- adb_dnsdeny="awk '{print \"\"\$0\" CNAME .\n*.\"\$0\" CNAME .\"}'"
- adb_dnsallow="awk '{print \"\"\$0\" CNAME rpz-passthru.\n*.\"\$0\" CNAME rpz-passthru.\"}'"
- adb_dnshalt="* CNAME ."
+ adb_dnsdeny="awk '{print \"\"\$0\" CNAME .\\n*.\"\$0\" CNAME .\"}'"
+ adb_dnsallow="awk '{print \"\"\$0\" CNAME rpz-passthru.\\n*.\"\$0\" CNAME rpz-passthru.\"}'"
;;
- kresd)
+ "kresd")
adb_dnsinstance="${adb_dnsinstance:-"0"}"
adb_dnsuser="${adb_dnsuser:-"root"}"
adb_dnsdir="${adb_dnsdir:-"/etc/kresd"}"
adb_dnsheader="\$TTL 2h"$'\n'"@ IN SOA localhost. root.localhost. (1 6h 1h 1w 2h)"$'\n'" IN NS localhost."
- adb_dnsdeny="awk '{print \"\"\$0\" CNAME .\n*.\"\$0\" CNAME .\"}'"
- adb_dnsallow="awk '{print \"\"\$0\" CNAME rpz-passthru.\n*.\"\$0\" CNAME rpz-passthru.\"}'"
- adb_dnshalt="* CNAME ."
- ;;
- dnscrypt-proxy)
- adb_dnsinstance="${adb_dnsinstance:-"0"}"
- adb_dnsuser="${adb_dnsuser:-"nobody"}"
- adb_dnsdir="${adb_dnsdir:-"/tmp"}"
- adb_dnsheader=""
- adb_dnsdeny="awk '{print \$0}'"
- adb_dnsallow=""
- adb_dnshalt=""
+ adb_dnsdeny="awk '{print \"\"\$0\" CNAME .\\n*.\"\$0\" CNAME .\"}'"
+ adb_dnsallow="awk '{print \"\"\$0\" CNAME rpz-passthru.\\n*.\"\$0\" CNAME rpz-passthru.\"}'"
;;
esac
- # check adblock status
+ # status check
#
- if [ ${adb_enabled} -eq 0 ]
+ if [ "${adb_enabled}" -eq 0 ]
then
f_extconf
f_temp
f_rmdns
f_jsnup "disabled"
- f_log "info" "adblock is currently disabled, please set adb_enabled to '1' to use this service"
+ f_log "info" "adblock is currently disabled, please set the config option 'adb_enabled' to '1' to use this service"
exit 0
fi
+ # dns backend check
+ #
if [ -d "${adb_dnsdir}" ] && [ ! -f "${adb_dnsdir}/${adb_dnsfile}" ]
then
- printf '%s\n' "${adb_dnsheader}" > "${adb_dnsdir}/${adb_dnsfile}"
+ printf "%s\\n" "${adb_dnsheader}" > "${adb_dnsdir}/${adb_dnsfile}"
fi
if [ "${adb_action}" = "start" ] && [ "${adb_trigger}" = "timed" ]
sleep ${adb_triggerdelay}
fi
- while [ ${cnt} -le 30 ]
+ while [ "${cnt}" -le 30 ]
do
dns_up="$(ubus -S call service list "{\"name\":\"${adb_dns}\"}" 2>/dev/null | jsonfilter -l1 -e "@[\"${adb_dns}\"].instances.*.running" 2>/dev/null)"
if [ "${dns_up}" = "true" ]
if [ "${dns_up}" != "true" ] || [ -z "${adb_dns}" ] || [ ! -x "$(command -v ${adb_dns})" ]
then
- f_log "err" "'${adb_dns}' not running or not executable"
+ f_log "err" "'${adb_dns}' not running or executable"
elif [ ! -d "${adb_dnsdir}" ]
then
f_log "err" "'${adb_dnsdir}' backend directory not found"
fi
}
-# check environment
+# check & set environment
#
-f_envcheck()
+f_env()
{
local ssl_lib
- # startup message
- #
f_log "info" "adblock instance started ::: action: ${adb_action}, priority: ${adb_nice:-"0"}, pid: ${$}"
f_jsnup "running"
+ f_extconf
- # check external uci config files
+ # check backup directory
#
- f_extconf
+ if [ ! -d "${adb_backupdir}" ]
+ then
+ f_log "err" "the backup directory '${adb_backupdir}' does not exist/is not mounted yet, please create the directory or raise the 'adb_triggerdelay' to defer the adblock start"
+ fi
# check fetch utility
#
#
f_temp()
{
- if [ -z "${adb_tmpdir}" ]
+ if [ -d "/tmp" ] && [ -z "${adb_tmpdir}" ]
then
adb_tmpdir="$(mktemp -p /tmp -d)"
- adb_tmpload="$(mktemp -p ${adb_tmpdir} -tu)"
- adb_tmpfile="$(mktemp -p ${adb_tmpdir} -tu)"
+ adb_tmpload="$(mktemp -p "${adb_tmpdir}" -tu)"
+ adb_tmpfile="$(mktemp -p "${adb_tmpdir}" -tu)"
+ elif [ ! -d "/tmp" ]
+ then
+ f_log "err" "the temp directory '/tmp' does not exist/is not mounted yet, please create the directory or raise the 'adb_triggerdelay' to defer the adblock start"
fi
if [ ! -s "${adb_pidfile}" ]
then
- printf '%s' "${$}" > "${adb_pidfile}"
+ printf "%s" "${$}" > "${adb_pidfile}"
fi
}
> "${adb_pidfile}"
}
-# remove dns related files and directories
+# remove dns related files, services and directories
#
f_rmdns()
{
if [ -n "${adb_dns}" ]
then
- f_hash
- printf '%s\n' "${adb_dnsheader}" > "${adb_dnsdir}/${adb_dnsfile}"
- > "${adb_dnsdir}/.${adb_dnsfile}"
+ printf "%s\\n" "${adb_dnsheader}" > "${adb_dnsdir}"/"${adb_dnsfile}"
> "${adb_rtfile}"
- rm -f "${adb_backupdir}/${adb_dnsprefix}"*.gz
- f_hash
- if [ ${?} -eq 1 ]
- then
- f_dnsup
- fi
+ rm -f "${adb_backupdir}"/"${adb_dnsprefix}"*".gz"
+ f_dnsup
f_rmtemp
fi
f_log "debug" "f_rmdns ::: dns: ${adb_dns}, dns_dir: ${adb_dnsdir}, dns_prefix: ${adb_dnsprefix}, dns_file: ${adb_dnsfile}, rt_file: ${adb_rtfile}, backup_dir: ${adb_backupdir}"
then
uci_commit "${config}"
case "${config}" in
- firewall)
+ "firewall")
/etc/init.d/firewall reload >/dev/null 2>&1
;;
*)
+ > "${adb_dnsdir}/${adb_dnsfile}"
+ f_count
+ f_jsnup "running"
/etc/init.d/"${adb_dns}" reload >/dev/null 2>&1
;;
esac
local mode="${1}"
adb_cnt=0
- if [ -s "${adb_dnsdir}/${adb_dnsfile}" ] && ([ -z "${mode}" ] || [ "${mode}" = "final" ])
+ if [ -s "${adb_dnsdir}/${adb_dnsfile}" ] && { [ -z "${mode}" ] || [ "${mode}" = "final" ]; }
then
adb_cnt="$(wc -l 2>/dev/null < "${adb_dnsdir}/${adb_dnsfile}")"
- if [ -s "${adb_tmpdir}/tmp.add_whitelist" ]
+ if [ -s "${adb_tmpdir}/tmp.add.whitelist" ]
then
- adb_cnt="$(( ${adb_cnt} - $(wc -l 2>/dev/null < "${adb_tmpdir}/tmp.add_whitelist") ))"
+ adb_cnt="$((adb_cnt-$(wc -l 2>/dev/null < "${adb_tmpdir}/tmp.add.whitelist")))"
fi
- if [ "${adb_dns}" = "named" ] || [ "${adb_dns}" = "kresd" ]
+ if [ "${adb_dns}" = "named" ] || [ "${adb_dns}" = "kresd" ] || { [ "${adb_dns}" = "dnsmasq" ] && [ "${adb_dnsvariant}" = "null (IPv4/IPv6)" ]; }
then
- adb_cnt="$(( (${adb_cnt} - $(printf '%s' "${adb_dnsheader}" | grep -c "^")) / 2 ))"
+ adb_cnt="$(((adb_cnt-$(printf "%s" "${adb_dnsheader}" | grep -c "^"))/2))"
fi
+ elif [ "${mode}" = "blacklist" ] && [ -s "${adb_tmpfile}.blacklist" ]
+ then
+ adb_cnt="$(wc -l 2>/dev/null < "${adb_tmpfile}.blacklist")"
+ elif [ "${mode}" = "whitelist" ] && [ -s "${adb_tmpdir}/tmp.raw.whitelist" ]
+ then
+ adb_cnt="$(wc -l 2>/dev/null < "${adb_tmpdir}/tmp.raw.whitelist")"
elif [ -s "${adb_tmpfile}" ]
then
adb_cnt="$(wc -l 2>/dev/null < "${adb_tmpfile}")"
local uci_config port port_list="53 853 5353"
case "${adb_dns}" in
- dnsmasq)
+ "dnsmasq")
uci_config="dhcp"
- if [ ${adb_enabled} -eq 1 ] && [ -n "$(uci_get dhcp "@dnsmasq[${adb_dnsinstance}]")" ] && \
- [ -z "$(uci_get dhcp "@dnsmasq[${adb_dnsinstance}]" serversfile | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ] && \
- [ -z "$(uci_get dhcp "@dnsmasq[${adb_dnsinstance}]" serversfile | grep -Fo "${adb_dnsdir}/${adb_dnsjail}")" ]
+ if [ "${adb_dnsvariant}" = "nxdomain" ]
then
- uci_set dhcp "@dnsmasq[${adb_dnsinstance}]" serversfile "${adb_dnsdir}/${adb_dnsfile}"
- elif [ ${adb_enabled} -eq 0 ] && [ -n "$(uci_get dhcp "@dnsmasq[${adb_dnsinstance}]" serversfile | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+ if [ "${adb_enabled}" -eq 1 ] && [ -z "$(uci_get dhcp "@dnsmasq[${adb_dnsinstance}]" serversfile | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+ then
+ uci_set dhcp "@dnsmasq[${adb_dnsinstance}]" serversfile "${adb_dnsdir}/${adb_dnsfile}"
+ if [ -n "$(uci_get dhcp "@dnsmasq[${adb_dnsinstance}]" addnhosts | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+ then
+ uci -q del_list dhcp.@dnsmasq[${adb_dnsinstance}].addnhosts="${adb_dnsdir}/${adb_dnsfile}"
+ fi
+ elif [ "${adb_enabled}" -eq 0 ] && [ -n "$(uci_get dhcp "@dnsmasq[${adb_dnsinstance}]" serversfile | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+ then
+ uci_remove dhcp "@dnsmasq[${adb_dnsinstance}]" serversfile
+ fi
+ elif [ "${adb_dnsvariant% *}" = "null" ]
then
- uci_remove dhcp "@dnsmasq[${adb_dnsinstance}]" serversfile
+ if [ "${adb_enabled}" -eq 1 ] && [ -z "$(uci_get dhcp "@dnsmasq[${adb_dnsinstance}]" addnhosts | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+ then
+ uci -q add_list dhcp.@dnsmasq[${adb_dnsinstance}].addnhosts="${adb_dnsdir}/${adb_dnsfile}"
+ if [ -n "$(uci_get dhcp "@dnsmasq[${adb_dnsinstance}]" serversfile | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+ then
+ uci_remove dhcp "@dnsmasq[${adb_dnsinstance}]" serversfile
+ fi
+ elif [ "${adb_enabled}" -eq 0 ] && [ -n "$(uci_get dhcp "@dnsmasq[${adb_dnsinstance}]" addnhosts | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+ then
+ uci_remove dhcp "@dnsmasq[${adb_dnsinstance}]" addnhosts
+ fi
fi
;;
- kresd)
+ "kresd")
uci_config="resolver"
- if [ ${adb_enabled} -eq 1 ] && [ -z "$(uci_get resolver kresd rpz_file | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+ if [ "${adb_enabled}" -eq 1 ] && [ -z "$(uci_get resolver kresd rpz_file | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
then
uci -q add_list resolver.kresd.rpz_file="${adb_dnsdir}/${adb_dnsfile}"
- elif [ ${adb_enabled} -eq 0 ] && [ -n "$(uci_get resolver kresd rpz_file | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+ elif [ "${adb_enabled}" -eq 0 ] && [ -n "$(uci_get resolver kresd rpz_file | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
then
uci -q del_list resolver.kresd.rpz_file="${adb_dnsdir}/${adb_dnsfile}"
fi
- if [ ${adb_enabled} -eq 1 ] && [ ${adb_dnsflush} -eq 0 ] && [ "$(uci_get resolver kresd keep_cache)" != "1" ]
+ if [ "${adb_enabled}" -eq 1 ] && [ "${adb_dnsflush}" -eq 0 ] && [ "$(uci_get resolver kresd keep_cache)" != "1" ]
then
uci_set resolver kresd keep_cache "1"
- elif [ ${adb_enabled} -eq 0 ] || ([ ${adb_dnsflush} -eq 1 ] && [ "$(uci_get resolver kresd keep_cache)" = "1" ])
+ elif [ "${adb_enabled}" -eq 0 ] || { [ "${adb_dnsflush}" -eq 1 ] && [ "$(uci_get resolver kresd keep_cache)" = "1" ]; }
then
uci_set resolver kresd keep_cache "0"
fi
f_uci "${uci_config}"
uci_config="firewall"
- if [ ${adb_enabled} -eq 1 ] && [ ${adb_forcedns} -eq 1 ] && \
- [ -z "$(uci_get firewall adblock_dns_53)" ] && [ $(/etc/init.d/firewall enabled; printf '%u' ${?}) -eq 0 ]
+ if [ "${adb_enabled}" -eq 1 ] && [ "${adb_forcedns}" -eq 1 ] && \
+ [ -z "$(uci_get firewall adblock_dns_53)" ] && [ "$(/etc/init.d/firewall enabled; printf "%u" ${?})" -eq 0 ]
then
for port in ${port_list}
do
uci_set firewall "adblock_dns_${port}" "dest_port" "${port}"
uci_set firewall "adblock_dns_${port}" "target" "DNAT"
done
- elif [ -n "$(uci_get firewall adblock_dns_53)" ] && ([ ${adb_enabled} -eq 0 ] || [ ${adb_forcedns} -eq 0 ])
+ elif [ -n "$(uci_get firewall adblock_dns_53)" ] && { [ "${adb_enabled}" -eq 0 ] || [ "${adb_forcedns}" -eq 0 ]; }
then
for port in ${port_list}
do
#
f_dnsup()
{
- local dns_up cache_util cache_rc cnt=0
+ local dns_service dns_up dns_pid dns_procfile cache_util cache_rc cnt=0
- if [ ${adb_dnsflush} -eq 0 ] && [ ${adb_enabled} -eq 1 ] && [ "${adb_rc}" -eq 0 ]
+ if [ "${adb_dnsflush}" -eq 0 ] && [ "${adb_enabled}" -eq 1 ] && [ "${adb_rc}" -eq 0 ]
then
case "${adb_dns}" in
- dnsmasq)
+ "dnsmasq")
killall -q -HUP "${adb_dns}"
cache_rc=${?}
;;
- unbound)
+ "unbound")
cache_util="$(command -v unbound-control)"
if [ -x "${cache_util}" ] && [ -d "${adb_tmpdir}" ] && [ -f "${adb_dnsdir}"/unbound.conf ]
then
fi
"/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
;;
- kresd)
+ "kresd")
cache_util="keep_cache"
"/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
cache_rc=${?}
;;
- named)
+ "named")
cache_util="$(command -v rndc)"
if [ -x "${cache_util}" ] && [ -f /etc/bind/rndc.conf ]
then
"/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
fi
;;
- *)
- "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
- ;;
esac
- else
- "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
fi
adb_rc=1
- while [ ${cnt} -le 10 ]
+ while [ "${cnt}" -le 10 ]
do
- dns_up="$(ubus -S call service list "{\"name\":\"${adb_dns}\"}" | jsonfilter -l1 -e "@[\"${adb_dns}\"].instances.*.running")"
- if [ "${dns_up}" = "true" ]
+ dns_service="$(ubus -S call service list "{\"name\":\"${adb_dns}\"}")"
+ dns_up="$(printf "%s" "${dns_service}" | jsonfilter -l1 -e "@[\"${adb_dns}\"].instances.*.running")"
+ dns_pid="$(printf "%s" "${dns_service}" | jsonfilter -l1 -e "@[\"${adb_dns}\"].instances.*.pid")"
+ dns_procfile="$(ls -l /proc/${dns_pid}/fd 2>/dev/null | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")"
+ if [ "${dns_up}" = "true" ] && [ -n "${dns_pid}" ] && [ -z "${dns_procfile}" ]
then
case "${adb_dns}" in
- unbound)
+ "unbound")
cache_util="$(command -v unbound-control)"
if [ -x "${cache_util}" ] && [ -d "${adb_tmpdir}" ] && [ -s "${adb_tmpdir}"/adb_cache.dump ]
then
- while [ ${cnt} -le 10 ]
+ while [ "${cnt}" -le 10 ]
do
"${cache_util}" -c "${adb_dnsdir}"/unbound.conf load_cache < "${adb_tmpdir}"/adb_cache.dump >/dev/null 2>&1
cache_rc=${?}
- if [ ${cache_rc} -eq 0 ]
+ if [ "${cache_rc}" -eq 0 ]
then
break
fi
#
f_list()
{
- local file mode="${1}" in_rc="${adb_rc}"
+ local file name tmp_file="${adb_tmpfile}" mode="${1}" in_rc="${adb_rc}"
case "${mode}" in
- backup)
+ "blacklist")
+ if [ -s "${adb_blacklist}" ]
+ then
+ src_name="${mode}"
+ adb_blacklist_rset="/^([[:alnum:]_-]+\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}"
+ awk "${adb_blacklist_rset}" "${adb_blacklist}" > "${adb_tmpfile}"."${src_name}"
+ fi
+ ;;
+ "whitelist")
+ if [ -s "${adb_whitelist}" ]
+ then
+ src_name="${mode}"
+ adb_whitelist_rset="/^([[:alnum:]_-]+\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}"
+ awk "${adb_whitelist_rset}" "${adb_whitelist}" > "${adb_tmpdir}"/tmp.raw."${src_name}"
+
+ adb_whitelist_rset="/^([[:alnum:]_-]+\\.)+[[:alpha:]]+([[:space:]]|$)/{gsub(\"\\\.\",\"\\\.\",\$1);print tolower(\"^\"\$1\"\\\|\\\.\"\$1)}"
+ awk "${adb_whitelist_rset}" "${adb_tmpdir}"/tmp.raw."${src_name}" > "${adb_tmpdir}"/tmp.rem."${src_name}"
+
+ if [ -n "${adb_dnsallow}" ]
+ then
+ eval "${adb_dnsallow}" "${adb_tmpdir}"/tmp.raw."${src_name}" > "${adb_tmpdir}"/tmp.add."${src_name}"
+ fi
+ fi
+ ;;
+ "backup")
if [ -d "${adb_backupdir}" ]
then
gzip -cf "${adb_tmpfile}" 2>/dev/null > "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz"
adb_rc=${?}
fi
;;
- restore)
- if [ -d "${adb_backupdir}" ] && [ -f "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz" ]
+ "restore")
+ if [ -d "${adb_backupdir}" ]
then
- gunzip -cf "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz" 2>/dev/null > "${adb_tmpfile}"
+ if [ -n "${src_name}" ] && [ -f "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz" ]
+ then
+ zcat "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz" 2>/dev/null > "${adb_tmpfile}"
+ else
+ for file in "${adb_backupdir}/${adb_dnsprefix}."*".gz"
+ do
+ name="${file##*/}"
+ name="${name%.*}"
+ zcat "${file}" 2>/dev/null > "${adb_tmpfile}"."${name}"
+ done
+ fi
adb_rc=${?}
fi
;;
- remove)
+ "remove")
if [ -d "${adb_backupdir}" ]
then
rm -f "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz"
fi
adb_rc=${?}
;;
- merge)
+ "merge")
for file in "${adb_tmpfile}".*
do
cat "${file}" 2>/dev/null >> "${adb_tmpdir}/${adb_dnsfile}"
- if [ ${?} -ne 0 ]
+ if [ "${?}" -ne 0 ]
then
adb_rc=${?}
break
done
adb_tmpfile="${adb_tmpdir}/${adb_dnsfile}"
;;
- final)
+ "final")
> "${adb_dnsdir}/${adb_dnsfile}"
- if [ -s "${adb_tmpdir}/tmp.add_whitelist" ]
+ if [ -s "${adb_tmpdir}/tmp.add.whitelist" ]
then
- cat "${adb_tmpdir}/tmp.add_whitelist" >> "${adb_dnsdir}/${adb_dnsfile}"
+ cat "${adb_tmpdir}/tmp.add.whitelist" >> "${adb_dnsdir}/${adb_dnsfile}"
fi
- if [ -s "${adb_tmpdir}/tmp.rem_whitelist" ]
+ if [ -s "${adb_tmpdir}/tmp.rem.whitelist" ]
then
- grep -vf "${adb_tmpdir}/tmp.rem_whitelist" "${adb_tmpdir}/${adb_dnsfile}" | eval "${adb_dnsdeny}" >> "${adb_dnsdir}/${adb_dnsfile}"
+ grep -vf "${adb_tmpdir}/tmp.rem.whitelist" "${adb_tmpdir}/${adb_dnsfile}" | eval "${adb_dnsdeny}" >> "${adb_dnsdir}/${adb_dnsfile}"
else
eval "${adb_dnsdeny}" "${adb_tmpdir}/${adb_dnsfile}" >> "${adb_dnsdir}/${adb_dnsfile}"
fi
- if [ ${?} -eq 0 ] && [ -n "${adb_dnsheader}" ]
+ if [ "${?}" -eq 0 ] && [ -n "${adb_dnsheader}" ]
then
- printf '%s\n' "${adb_dnsheader}" | cat - "${adb_dnsdir}/${adb_dnsfile}" > "${adb_tmpdir}/${adb_dnsfile}"
+ printf "%s\\n" "${adb_dnsheader}" | cat - "${adb_dnsdir}/${adb_dnsfile}" > "${adb_tmpdir}/${adb_dnsfile}"
mv -f "${adb_tmpdir}/${adb_dnsfile}" "${adb_dnsdir}/${adb_dnsfile}"
fi
adb_rc=${?}
#
f_tld()
{
- local cnt cnt_srt cnt_tld source="${1}" temp_src="${1}.src.gz" temp_tld="${1}.tld" tld_ok="false"
+ local cnt cnt_srt cnt_tld source="${1}" temp_tld="${1}.tld" tld_ok="false"
- gzip -cf "${source}" 2>/dev/null > "${temp_src}"
- if [ ${?} -eq 0 ]
- then
- cnt="$(wc -l 2>/dev/null < "${source}")"
+ cnt="$(wc -l 2>/dev/null < "${source}")"
+ if [ "${adb_dns}" != "dnsmasq" ] && [ "${adb_dnsvariant% *}" != "null" ]
+ then
awk 'BEGIN{FS="."}{for(f=NF;f>1;f--)printf "%s.",$f;print $1}' "${source}" > "${temp_tld}"
- if [ ${?} -eq 0 ]
+ if [ "${?}" -eq 0 ]
then
sort -u "${temp_tld}" > "${source}"
- if [ ${?} -eq 0 ]
+ if [ "${?}" -eq 0 ]
then
cnt_srt="$(wc -l 2>/dev/null < "${source}")"
awk '{if(NR==1){tld=$NF};while(getline){if($NF!~tld"\\."){print tld;tld=$NF}}print tld}' "${source}" > "${temp_tld}"
- if [ ${?} -eq 0 ]
+ if [ "${?}" -eq 0 ]
then
awk 'BEGIN{FS="."}{for(f=NF;f>1;f--)printf "%s.",$f;print $1}' "${temp_tld}" > "${source}"
- if [ ${?} -eq 0 ]
+ if [ "${?}" -eq 0 ]
then
rm -f "${temp_src}" "${temp_tld}"
cnt_tld="$(wc -l 2>/dev/null < "${source}")"
fi
fi
fi
+ else
+ sort -u "${source}" > "${temp_tld}"
+ if [ "${?}" -eq 0 ]
+ then
+ mv -f "${temp_tld}" "${source}"
+ cnt_srt="$(wc -l 2>/dev/null < "${source}")"
+ tld_ok="true"
+ fi
fi
-
if [ "${tld_ok}" = "false" ]
then
+ unset cnt_srt cnt_tld
rm -f "${temp_tld}"
- gunzip -cf "${temp_src}" 2>/dev/null > "${source}"
- if [ ${?} -ne 0 ]
- then
- rm -f "${temp_src}"
- > "${source}"
- fi
+ f_list blacklist
+ f_list whitelist
+ f_list restore
+ f_list merge
+ f_list final
+ cnt="$(wc -l 2>/dev/null < "${adb_tmpdir}"/"${adb_dnsfile}")"
fi
f_log "debug" "f_tld ::: source: ${source}, cnt: ${cnt:-"-"}, cnt_srt: ${cnt_srt:-"-"}, cnt_tld: ${cnt_tld:-"-"}, tld_ok: ${tld_ok}"
}
-# blocklist hash compare
-#
-f_hash()
-{
- local hash hash_rc=1
-
- if [ -x "${adb_hashutil}" ] && [ -f "${adb_dnsdir}/${adb_dnsfile}" ]
- then
- hash="$(${adb_hashutil} "${adb_dnsdir}/${adb_dnsfile}" 2>/dev/null | awk '{print $1}')"
- if [ -z "${adb_hashold}" ] && [ -n "${hash}" ]
- then
- adb_hashold="${hash}"
- elif [ -z "${adb_hashnew}" ] && [ -n "${hash}" ]
- then
- adb_hashnew="${hash}"
- fi
- if [ -n "${adb_hashold}" ] && [ -n "${adb_hashnew}" ]
- then
- if [ "${adb_hashold}" = "${adb_hashnew}" ]
- then
- hash_rc=0
- fi
- adb_hashold=""
- adb_hashnew=""
- fi
- fi
- f_log "debug" "f_hash ::: hash_util: ${adb_hashutil}, hash: ${hash}, out_rc: ${hash_rc}"
- return ${hash_rc}
-}
-
# suspend/resume adblock processing
#
f_switch()
{
- local status cnt mode="${1}"
+ local status done="false" mode="${1}"
json_load_file "${adb_rtfile}" >/dev/null 2>&1
- json_select "data"
+ json_select "data" >/dev/null 2>&1
json_get_var status "adblock_status"
- json_get_var cnt "overall_domains"
-
+ f_temp
if [ "${mode}" = "suspend" ] && [ "${status}" = "enabled" ]
then
- if [ ${cnt%% *} -gt 0 ] && [ -s "${adb_dnsdir}/${adb_dnsfile}" ]
+ > "${adb_dnsdir}/${adb_dnsfile}"
+ if [ -n "${adb_dnsheader}" ]
then
- f_hash
- cat "${adb_dnsdir}/${adb_dnsfile}" > "${adb_dnsdir}/.${adb_dnsfile}"
- printf '%s\n' "${adb_dnsheader}" > "${adb_dnsdir}/${adb_dnsfile}"
- f_hash
+ printf "%s\\n" "${adb_dnsheader}" > "${adb_dnsdir}/${adb_dnsfile}"
fi
+ done="true"
elif [ "${mode}" = "resume" ] && [ "${status}" = "paused" ]
then
- if [ ${cnt%% *} -gt 0 ] && [ -s "${adb_dnsdir}/.${adb_dnsfile}" ]
- then
- f_hash
- cat "${adb_dnsdir}/.${adb_dnsfile}" > "${adb_dnsdir}/${adb_dnsfile}"
- > "${adb_dnsdir}/.${adb_dnsfile}"
- f_hash
- fi
+ f_list blacklist
+ f_list whitelist
+ f_list restore
+ f_list merge
+ f_tld "${adb_tmpdir}"/"${adb_dnsfile}"
+ f_list final
+ done="true"
fi
- if [ ${?} -eq 1 ]
+ if [ "${done}" = "true" ]
then
- f_temp
+ if [ "${mode}" = "suspend" ]
+ then
+ f_bgserv "stop"
+ fi
f_dnsup
+ if [ "${mode}" = "resume" ]
+ then
+ f_bgserv "start"
+ fi
f_jsnup "${mode}"
f_log "info" "${mode} adblock processing"
- f_rmtemp
- exit 0
fi
+ f_rmtemp
}
# query blocklist for certain (sub-)domains
if [ -z "${domain}" ] || [ "${domain}" = "${tld}" ]
then
- printf '%s\n' "::: invalid domain input, please submit a single domain, e.g. 'doubleclick.net'"
+ printf "%s\\n" "::: invalid domain input, please submit a single domain, e.g. 'doubleclick.net'"
else
case "${adb_dns}" in
- dnsmasq)
- prefix=".*[\/\.]"
- suffix="(\/)"
- field=2
+ "dnsmasq")
+ if [ "${adb_dnsvariant}" = "nxdomain" ]
+ then
+ prefix=".*[\\/\\.]"
+ suffix="(\\/)"
+ field=2
+ elif [ "${adb_dnsvariant% *}" = "null" ]
+ then
+ prefix="0\\..*[\\t\\.]"
+ suffix=""
+ field=2
+ fi
;;
- unbound)
- prefix=".*[\"\.]"
+ "unbound")
+ prefix=".*[\"\\.]"
suffix="(static)"
field=3
;;
- named)
- prefix="[^\*].*[\.]"
- suffix="( \.)"
- field=1
- ;;
- kresd)
- prefix="[^\*].*[\.]"
- suffix="( \.)"
+ "named")
+ prefix="[^\\*].*[\\.]"
+ suffix="( \\.)"
field=1
;;
- dnscrypt-proxy)
- prefix=".*[\.]"
- suffix=""
+ "kresd")
+ prefix="[^\\*].*[\\.]"
+ suffix="( \\.)"
field=1
;;
esac
- while [ "${domain}" != "${tld}" ]
- do
- search="${domain//./\\.}"
- search="${search//[+*~%\$&\"\']/}"
- result="$(awk -F '/|\"| ' "/^(${search}|${prefix}+${search}.*${suffix}$)/{i++;{printf(\" + %s\n\",\$${field})};if(i>9){printf(\" + %s\n\",\"[...]\");exit}}" "${adb_dnsdir}/${adb_dnsfile}")"
- printf '%s\n%s\n%s\n' ":::" "::: results for domain '${domain}'" ":::"
- printf '%s\n' "${result:-" - no match"}"
- domain="${tld}"
- tld="${domain#*.}"
- done
-
- if [ ${adb_backup} -eq 1 ] && [ -d "${adb_backupdir}" ]
+ if [ "${adb_dnsfilereset}" = "false" ]
+ then
+ while [ "${domain}" != "${tld}" ]
+ do
+ search="${domain//./\\.}"
+ search="${search//[+*~%\$&\"\']/}"
+ result="$(awk -F '/|\"|\t| ' "/^(${prefix}+${search}.*${suffix}$)/{i++;{printf(\" + %s\\n\",\$${field})};if(i>9){printf(\" + %s\\n\",\"[...]\");exit}}" "${adb_dnsdir}/${adb_dnsfile}")"
+ printf "%s\\n%s\\n%s\\n" ":::" "::: results for domain '${domain}' in active blocklist" ":::"
+ printf "%s\n\n" "${result:-" - no match"}"
+ domain="${tld}"
+ tld="${domain#*.}"
+ done
+ fi
+ if [ -d "${adb_backupdir}" ]
then
search="${1//./\\.}"
search="${search//[+*~%\$&\"\']/}"
- printf '%s\n%s\n%s\n' ":::" "::: results for domain '${1}' in backups" ":::"
- for file in ${adb_backupdir}/${adb_dnsprefix}.*.gz
+ printf "%s\\n%s\\n%s\\n" ":::" "::: results for domain '${1}' in backups and black-/whitelist" ":::"
+ for file in "${adb_backupdir}"/"${adb_dnsprefix}".*.gz "${adb_blacklist}" "${adb_whitelist}"
do
- zcat "${file}" 2>/dev/null | awk -v f="${file##*/}" "/^($search|.*\.${search})/{i++;{printf(\" + %-30s%s\n\",f,\$1)};if(i>=3){printf(\" + %-30s%s\n\",f,\"[...]\");exit}}"
+ suffix="${file##*.}"
+ if [ "${suffix}" = "gz" ]
+ then
+ zcat "${file}" 2>/dev/null | awk -v f="${file##*/}" "/^($search|.*\\.${search})/{i++;{printf(\" + %-30s%s\\n\",f,\$1)};if(i>=3){printf(\" + %-30s%s\\n\",f,\"[...]\");exit}}"
+ else
+ cat "${file}" 2>/dev/null | awk -v f="${file##*/}" "/^($search|.*\\.${search})/{i++;{printf(\" + %-30s%s\\n\",f,\$1)};if(i>=3){printf(\" + %-30s%s\\n\",f,\"[...]\");exit}}"
+ fi
done
fi
fi
#
f_jsnup()
{
- local run_time bg_pid status="${1:-"enabled"}" mode="normal mode"
+ local run_time bg_pid status="${1:-"enabled"}"
- if [ ${adb_rc} -gt 0 ]
+ if [ "${adb_rc}" -gt 0 ]
then
status="error"
run_time="$(/bin/date "+%d.%m.%Y %H:%M:%S")"
then
status=""
fi
- if [ ${adb_backup_mode} -eq 1 ]
- then
- mode="backup mode"
- fi
json_load_file "${adb_rtfile}" >/dev/null 2>&1
json_select "data" >/dev/null 2>&1
- if [ ${?} -eq 0 ]
+ if [ "${?}" -eq 0 ]
then
if [ -z "${adb_fetchinfo}" ]
then
json_add_object "data"
json_add_string "adblock_status" "${status:-"enabled"}"
json_add_string "adblock_version" "${adb_ver}"
- json_add_string "overall_domains" "${adb_cnt:-0} (${mode})"
+ json_add_string "overall_domains" "${adb_cnt:-0}"
json_add_string "fetch_utility" "${adb_fetchinfo:-"-"}"
- json_add_string "dns_backend" "${adb_dns} (${adb_dnsdir})"
+ json_add_string "dns_backend" "${adb_dns}, ${adb_dnsdir}"
+ json_add_string "dns_variant" "${adb_dnsvariant}, ${adb_dnsfilereset:-"false"}"
+ json_add_string "backup_dir" "${adb_backupdir}"
json_add_string "last_rundate" "${run_time:-"-"}"
json_add_string "system_release" "${adb_sysver}"
json_close_object
json_dump > "${adb_rtfile}"
- if [ ${adb_notify} -eq 1 ] && [ -x /etc/adblock/adblock.notify ] && \
- ([ "${status}" = "error" ] || ([ "${status}" = "enabled" ] && [ ${adb_cnt} -le ${adb_notifycnt} ]))
+ if [ ${adb_mail} -eq 1 ] && [ -x "${adb_mailservice}" ] && \
+ { [ "${status}" = "error" ] || { [ "${status}" = "enabled" ] && [ "${adb_cnt}" -le "${adb_mcnt}" ]; } }
then
- (/etc/adblock/adblock.notify >/dev/null 2>&1)&
+ ("${adb_mailservice}" >/dev/null 2>&1)&
bg_pid=${!}
fi
- f_log "debug" "f_jsnup ::: status: ${status:-"-"}, mode: ${mode}, cnt: ${adb_cnt}, notify: ${adb_notify}, notify_cnt: ${adb_notifycnt}, notify_pid: ${bg_pid:-"-"}"
+ f_log "debug" "f_jsnup ::: status: ${status:-"-"}, cnt: ${adb_cnt}, mail: ${adb_mail}, mail_service: ${adb_mailservice}, mail_cnt: ${adb_mcnt}, mail_pid: ${bg_pid:-"-"}"
}
# write to syslog
{
local class="${1}" log_msg="${2}"
- if [ -n "${log_msg}" ] && ([ "${class}" != "debug" ] || [ ${adb_debug} -eq 1 ])
+ if [ -n "${log_msg}" ] && { [ "${class}" != "debug" ] || [ ${adb_debug} -eq 1 ]; }
then
logger -p "${class}" -t "adblock-${adb_ver}[${$}]" "${log_msg}"
if [ "${class}" = "err" ]
fi
}
+# start ubus monitor service to trace dns backend events
+#
+f_bgserv()
+{
+ local bg_pid status="${1}"
+
+ bg_pid="$(pgrep -f "^/bin/sh ${adb_ubusservice}|^/bin/ubus -S -M r -m invoke monitor|^grep -qF \"method\":\"set\",\"data\":\\{\"name\":\"${adb_dns}\"" | awk '{ORS=" "; print $1}')"
+ if [ -z "${bg_pid}" ] && [ "${status}" = "start" ] \
+ && [ -x "${adb_ubusservice}" ] && [ "${adb_dnsfilereset}" = "true" ]
+ then
+ ( "${adb_ubusservice}" &)
+ elif [ -n "${bg_pid}" ] && [ "${status}" = "stop" ]
+ then
+ kill -HUP ${bg_pid} 2>/dev/null
+ fi
+ f_log "debug" "f_bgserv ::: status: ${status:-"-"}, bg_pid: ${bg_pid:-"-"}, dns_filereset: ${adb_dnsfilereset:-"-"}, ubus_service: ${adb_ubusservice:-"-"}"
+}
+
# main function for blocklist processing
#
f_main()
mem_free="$(awk '/^MemFree/ {print int($2/1000)}' "/proc/meminfo" 2>/dev/null)"
tmp_load="${adb_tmpload}"
tmp_file="${adb_tmpfile}"
- > "${adb_dnsdir}/.${adb_dnsfile}"
- > "${adb_tmpdir}/tmp.raw_whitelist"
- > "${adb_tmpdir}/tmp.add_whitelist"
- > "${adb_tmpdir}/tmp.rem_whitelist"
- f_log "debug" "f_main ::: dns: ${adb_dns}, fetch_util: ${adb_fetchinfo}, backup: ${adb_backup}, backup_mode: ${adb_backup_mode}, dns_jail: ${adb_jail}, force_dns: ${adb_forcedns}, mem_total: ${mem_total:-0}, mem_free: ${mem_free:-0}, max_queue: ${adb_maxqueue}"
-
- # prepare whitelist entries
- #
- if [ -s "${adb_whitelist}" ]
- then
- adb_whitelist_rset="/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}"
- awk "${adb_whitelist_rset}" "${adb_whitelist}" > "${adb_tmpdir}/tmp.raw_whitelist"
- f_tld "${adb_tmpdir}/tmp.raw_whitelist"
-
- adb_whitelist_rset="/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{gsub(\"\\\.\",\"\\\.\",\$1);print tolower(\"^\"\$1\"\\\|\\\.\"\$1)}"
- awk "${adb_whitelist_rset}" "${adb_tmpdir}/tmp.raw_whitelist" > "${adb_tmpdir}/tmp.rem_whitelist"
-
- if [ -n "${adb_dnsallow}" ]
- then
- eval "${adb_dnsallow}" "${adb_tmpdir}/tmp.raw_whitelist" > "${adb_tmpdir}/tmp.add_whitelist"
- fi
- fi
-
- # build 'dnsjail' list
- #
- if [ ${adb_jail} -eq 1 ]
- then
- cat "${adb_tmpdir}/tmp.add_whitelist" > "/tmp/${adb_dnsjail}"
- printf '%s\n' "${adb_dnshalt}" >> "/tmp/${adb_dnsjail}"
- if [ -n "${adb_dnsheader}" ]
- then
- printf '%s\n' "${adb_dnsheader}" | cat - "/tmp/${adb_dnsjail}" > "${adb_tmpdir}/tmp.dnsjail"
- cat "${adb_tmpdir}/tmp.dnsjail" > "/tmp/${adb_dnsjail}"
- fi
- fi
-
+ f_log "debug" "f_main ::: dns: ${adb_dns}, fetch_util: ${adb_fetchinfo}, force_dns: ${adb_forcedns}, mem_total: ${mem_total:-0}, mem_free: ${mem_free:-0}, max_queue: ${adb_maxqueue}"
+
# main loop
#
+ f_list blacklist
+ f_list whitelist
for src_name in ${adb_sources}
do
- enabled="$(eval printf '%s' \"\${enabled_${src_name}\}\")"
- src_url="$(eval printf '%s' \"\${adb_src_${src_name}\}\")"
- src_rset="$(eval printf '%s' \"\${adb_src_rset_${src_name}\}\")"
- src_cat="$(eval printf '%s' \"\${adb_src_cat_${src_name}\}\")"
- adb_tmpload="${tmp_load}.${src_name}"
- adb_tmpfile="${tmp_file}.${src_name}"
+ enabled="$(eval printf "%s" \"\$\{enabled_${src_name}\}\")"
+ src_url="$(eval printf "%s" \"\$\{adb_src_${src_name}\}\")"
+ src_rset="$(eval printf "%s" \"\$\{adb_src_rset_${src_name}\}\")"
+ src_cat="$(eval printf "%s" \"\$\{adb_src_cat_${src_name}\}\")"
+ adb_tmpload="${tmp_load}"."${src_name}"
+ adb_tmpfile="${tmp_file}"."${src_name}"
# basic pre-checks
#
f_log "debug" "f_main ::: name: ${src_name}, enabled: ${enabled}"
- if [ "${enabled}" != "1" ] || [ -z "${src_url}" ] || [ -z "${src_rset}" ]
+ if [ "${enabled}" != "1" ] || [ -f "${src_url}" ] || [ -z "${src_url}" ] || [ -z "${src_rset}" ]
then
f_list remove
continue
# backup mode
#
- if [ ${adb_backup_mode} -eq 1 ] && [ "${adb_action}" = "start" ] && [ "${src_name}" != "blacklist" ]
+ if [ "${adb_action}" = "start" ]
then
f_list restore
- if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpfile}" ]
+ if [ "${adb_rc}" -eq 0 ] && [ -s "${adb_tmpfile}" ]
then
continue
fi
# download queue processing
#
- if [ "${src_name}" = "blacklist" ]
- then
- if [ -s "${src_url}" ]
- then
- (
- src_log="$(cat "${src_url}" > "${adb_tmpload}" 2>&1)"
- adb_rc=${?}
- if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpload}" ]
- then
- awk "${src_rset}" "${adb_tmpload}" 2>/dev/null > "${adb_tmpfile}"
- adb_rc=${?}
- if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpfile}" ]
- then
- rm -f "${adb_tmpload}"
- f_list download
- fi
- else
- src_log="$(printf '%s' "${src_log}" | awk '{ORS=" ";print $0}')"
- f_log "debug" "f_main ::: name: ${src_name}, url: ${src_url}, rc: ${adb_rc}, log: ${src_log:-"-"}"
- fi
- ) &
- else
- continue
- fi
- elif [ -n "${src_cat}" ]
+ if [ -n "${src_cat}" ]
then
(
- src_arc="${adb_tmpdir}/${src_url##*/}"
+ src_arc="${adb_tmpdir}"/"${src_url##*/}"
src_log="$("${adb_fetchutil}" ${adb_fetchparm} "${src_arc}" "${src_url}" 2>&1)"
adb_rc=${?}
- if [ ${adb_rc} -eq 0 ] && [ -s "${src_arc}" ]
+ if [ "${adb_rc}" -eq 0 ] && [ -s "${src_arc}" ]
then
list="$(tar -tzf "${src_arc}")"
- suffix="$(eval printf '%s' \"\${adb_src_suffix_${src_name}:-\"domains\"\}\")"
+ suffix="$(eval printf "%s" \"\$\{adb_src_suffix_${src_name}:-\"domains\"\}\")"
for cat in ${src_cat}
do
- entry="$(printf '%s' "${list}" | grep -E "[\^/]+${cat}/${suffix}")"
+ entry="$(printf "%s" "${list}" | grep -E "[\\^/]+${cat}/${suffix}")"
if [ -n "${entry}" ]
then
tar -xOzf "${src_arc}" "${entry}" >> "${adb_tmpload}"
adb_rc=${?}
- if [ ${adb_rc} -ne 0 ]
+ if [ "${adb_rc}" -ne 0 ]
then
break
fi
fi
done
else
- src_log="$(printf '%s' "${src_log}" | awk '{ORS=" ";print $0}')"
+ src_log="$(printf "%s" "${src_log}" | awk '{ORS=" ";print $0}')"
f_log "debug" "f_main ::: name: ${src_name}, url: ${src_url}, rc: ${adb_rc}, log: ${src_log:-"-"}"
fi
- if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpload}" ]
+ if [ "${adb_rc}" -eq 0 ] && [ -s "${adb_tmpload}" ]
then
rm -f "${src_arc}"
awk "${src_rset}" "${adb_tmpload}" 2>/dev/null > "${adb_tmpfile}"
adb_rc=${?}
- if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpfile}" ]
+ if [ "${adb_rc}" -eq 0 ] && [ -s "${adb_tmpfile}" ]
then
rm -f "${adb_tmpload}"
f_list download
- if [ ${adb_backup} -eq 1 ]
- then
- f_list backup
- fi
- elif [ ${adb_backup} -eq 1 ]
- then
+ f_list backup
+ else
f_list restore
fi
- elif [ ${adb_backup} -eq 1 ]
- then
+ else
f_list restore
fi
) &
then
awk "${src_rset}" "${adb_tmpload}" 2>/dev/null > "${adb_tmpfile}"
adb_rc=${?}
- if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpfile}" ]
+ if [ "${adb_rc}" -eq 0 ] && [ -s "${adb_tmpfile}" ]
then
rm -f "${adb_tmpload}"
f_list download
- if [ ${adb_backup} -eq 1 ]
- then
- f_list backup
- fi
- elif [ ${adb_backup} -eq 1 ]
- then
+ f_list backup
+ else
f_list restore
fi
else
- src_log="$(printf '%s' "${src_log}" | awk '{ORS=" ";print $0}')"
+ src_log="$(printf "%s" "${src_log}" | awk '{ORS=" ";print $0}')"
f_log "debug" "f_main ::: name: ${src_name}, url: ${src_url}, rc: ${adb_rc}, log: ${src_log:-"-"}"
- if [ ${adb_backup} -eq 1 ]
- then
- f_list restore
- fi
+ f_list restore
fi
) &
fi
- hold=$(( cnt % adb_maxqueue ))
- if [ ${hold} -eq 0 ]
+ hold=$((cnt%adb_maxqueue))
+ if [ "${hold}" -eq 0 ]
then
wait
fi
- cnt=$(( cnt + 1 ))
+ cnt=$((cnt+1))
done
# list merge
adb_tmpfile="${tmp_file}"
f_list merge
- # overall sort and conditional dns restart
+ # tld compression and dns restart
#
- f_hash
- if [ -s "${adb_tmpdir}/${adb_dnsfile}" ]
+ if [ -s "${adb_tmpdir}"/"${adb_dnsfile}" ]
then
- f_tld "${adb_tmpdir}/${adb_dnsfile}"
+ f_tld "${adb_tmpdir}"/"${adb_dnsfile}"
f_list final
else
- > "${adb_dnsdir}/${adb_dnsfile}"
- fi
- chown "${adb_dnsuser}" "${adb_dnsdir}/${adb_dnsfile}" 2>/dev/null
- f_hash
- if [ ${?} -eq 1 ]
- then
- f_dnsup
+ > "${adb_dnsdir}"/"${adb_dnsfile}"
fi
+ chown "${adb_dnsuser}" "${adb_dnsdir}"/"${adb_dnsfile}" 2>/dev/null
+ f_dnsup
f_jsnup
- if [ ${?} -eq 0 ]
+ if [ "${?}" -eq 0 ]
then
- f_log "info" "blocklist with overall ${adb_cnt} domains loaded successfully (${adb_sysver})"
+ if [ "${adb_dnsfilereset}" = "true" ]
+ then
+ > "${adb_dnsdir}"/"${adb_dnsfile}"
+ f_log "info" "blocklist with overall ${adb_cnt} domains loaded successfully and reset afterwards (${adb_sysver})"
+ f_bgserv "start"
+ else
+ f_log "info" "blocklist with overall ${adb_cnt} domains loaded successfully (${adb_sysver})"
+ fi
else
f_log "err" "dns backend restart with active blocklist failed"
fi
#
f_report()
{
- local bg_pid total blocked percent rep_clients rep_domains rep_blocked index hold ports cnt=0 search="${1}" count="${2}" filter="${3}" print="${4}"
+ local bg_pid status total blocked percent rep_clients rep_domains rep_blocked index hold ports cnt=0 search="${1}" count="${2}" filter="${3}" print="${4}"
- if [ ${adb_report} -eq 1 ] && [ ! -x "${adb_reputil}" ]
+ if [ "${adb_report}" -eq 1 ] && [ ! -x "${adb_reputil}" ]
then
f_log "info" "Please install the package 'tcpdump' or 'tcpdump-mini' to use the adblock reporting feature!"
- elif [ ${adb_report} -eq 0 ] && [ "${adb_action}" = "report" ]
+ elif [ "${adb_report}" -eq 0 ] && [ "${adb_action}" = "report" ]
then
f_log "info" "Please enable the extra option 'adb_report' to use the adblock reporting feature!"
fi
if [ -x "${adb_reputil}" ]
then
- bg_pid="$(pgrep -f "^${adb_reputil}.*adb_report\.pcap$" | awk '{ORS=" "; print $1}')"
- if [ ${adb_report} -eq 0 ] || ([ -n "${bg_pid}" ] && ([ "${adb_action}" = "stop" ] || [ "${adb_action}" = "restart" ]))
+ bg_pid="$(pgrep -f "^${adb_reputil}.*adb_report\\.pcap$" | awk '{ORS=" "; print $1}')"
+ if [ "${adb_report}" -eq 0 ] || { [ -n "${bg_pid}" ] && { [ "${adb_action}" = "stop" ] || [ "${adb_action}" = "restart" ]; } }
then
if [ -n "${bg_pid}" ]
then
- kill -HUP ${bg_pid}
+ kill -HUP ${bg_pid} 2>/dev/null
while $(kill -0 ${bg_pid} 2>/dev/null)
do
sleep 1
fi
fi
- if [ -x "${adb_reputil}" ] && [ ${adb_report} -eq 1 ]
+ if [ -x "${adb_reputil}" ] && [ "${adb_report}" -eq 1 ]
then
if [ -z "${bg_pid}" ] && [ "${adb_action}" != "report" ] && [ "${adb_action}" != "stop" ]
then
ports="${ports} or port ${port}"
fi
done
- ("${adb_reputil}" -nn -s0 -l -i ${adb_repiface} ${ports} -C${adb_repchunksize} -W${adb_repchunkcnt} -w "${adb_repdir}/adb_report.pcap" >/dev/null 2>&1 &)
- bg_pid="$(pgrep -f "^${adb_reputil}.*adb_report\.pcap$" | awk '{ORS=" "; print $1}')"
+ ( "${adb_reputil}" -nn -s0 -l -i ${adb_repiface} ${ports} -C${adb_repchunksize} -W${adb_repchunkcnt} -w "${adb_repdir}"/adb_report.pcap >/dev/null 2>&1 & )
+ bg_pid="$(pgrep -f "^${adb_reputil}.*adb_report\\.pcap$" | awk '{ORS=" "; print $1}')"
fi
if [ "${adb_action}" = "report" ] && [ "${filter}" = "false" ]
then
- > "${adb_repdir}/adb_report.raw"
+ > "${adb_repdir}"/adb_report.raw
for file in "${adb_repdir}"/adb_report.pcap*
do
(
- "${adb_reputil}" -tttt -r $file 2>/dev/null | \
- awk -v cnt=${cnt} '!/\.lan\. /&&/ A[\? ]+|NXDomain/{a=$1;b=substr($2,0,8);c=$4;sub(/\.[0-9]+$/,"",c); \
- d=cnt $7;e=$(NF-1);sub(/[0-9]\/[0-9]\/[0-9]/,"NX",e);sub(/\.$/,"",e);sub(/([0-9]{1,3}\.){3}[0-9]{1,3}/,"OK",e);printf("%s\t%s\t%s\t%s\t%s\n", a,b,c,d,e)}' >> "${adb_repdir}/adb_report.raw"
+ "${adb_reputil}" -tttt -r "${file}" 2>/dev/null | \
+ awk -v cnt=${cnt} '!/\.lan\. /&&/ A[\? ]+|NXDomain|0\.0\.0\.0/{a=$1;b=substr($2,0,8);c=$4;sub(/\.[0-9]+$/,"",c); \
+ d=cnt $7;sub(/\*$/,"",d);e=$(NF-1);sub(/[0-9]\/[0-9]\/[0-9]|0\.0\.0\.0/,"NX",e);sub(/\.$/,"",e);sub(/([0-9]{1,3}\.){3}[0-9]{1,3}/,"OK",e);printf("%s\t%s\t%s\t%s\t%s\n", a,b,c,d,e)}' >> "${adb_repdir}/adb_report.raw"
)&
- hold=$(( cnt % adb_maxqueue ))
- if [ ${hold} -eq 0 ]
+ hold=$((cnt%adb_maxqueue))
+ if [ "${hold}" -eq 0 ]
then
wait
fi
- cnt=$(( cnt + 1 ))
+ cnt=$((cnt+1))
done
wait
- if [ -s "${adb_repdir}/adb_report.raw" ]
+ if [ -s "${adb_repdir}"/adb_report.raw ]
then
awk '{printf("%s\t%s\t%s\t%s\t%s\t%s\n", $4,$5,$1,$2,$3,$4)}' "${adb_repdir}/adb_report.raw" | \
sort -ur | uniq -uf2 | awk '{currA=($6+0);currB=$6;currC=substr($6,length($6),1); \
if(reqA==currB){reqA=0;printf("%s\t%s\n",d,$2)}else if(currC=="+"){reqA=currA;d=$3"\t"$4"\t"$5"\t"$2}}' | sort -ur > "${adb_repdir}/adb_report"
fi
- if [ -s "${adb_repdir}/adb_report" ]
+ if [ -s "${adb_repdir}"/adb_report ]
then
- total="$(wc -l < ${adb_repdir}/adb_report)"
- blocked="$(awk '{if($5=="NX")print $4}' ${adb_repdir}/adb_report | wc -l)"
- percent="$(awk -v t=${total} -v b=${blocked} 'BEGIN{printf("%.2f %s\n",b/t*100, "%")}')"
- rep_clients="$(awk '{print $3}' ${adb_repdir}/adb_report | sort | uniq -c | sort -r | awk '{ORS=" ";if(NR<=10) printf("%s_%s ",$1,$2)}')"
- rep_domains="$(awk '{if($5!="NX")print $4}' ${adb_repdir}/adb_report | sort | uniq -c | sort -r | awk '{ORS=" ";if(NR<=10)printf("%s_%s ",$1,$2)}')"
- rep_blocked="$(awk '{if($5=="NX")print $4}' ${adb_repdir}/adb_report | sort | uniq -c | sort -r | awk '{ORS=" ";if(NR<=10)printf("%s_%s ",$1,$2)}')"
-
- > "${adb_repdir}/adb_report.json"
- json_load_file "${adb_repdir}/adb_report.json" >/dev/null 2>&1
+ total="$(wc -l < "${adb_repdir}"/adb_report)"
+ blocked="$(awk '{if($5=="NX")print $4}' "${adb_repdir}"/adb_report | wc -l)"
+ percent="$(awk -v t="${total}" -v b="${blocked}" 'BEGIN{printf("%.2f %s\n",b/t*100, "%")}')"
+ rep_clients="$(awk '{print $3}' "${adb_repdir}"/adb_report | sort | uniq -c | sort -r | awk '{ORS=" ";if(NR<=10) printf("%s_%s ",$1,$2)}')"
+ rep_domains="$(awk '{if($5!="NX")print $4}' "${adb_repdir}"/adb_report | sort | uniq -c | sort -r | awk '{ORS=" ";if(NR<=10)printf("%s_%s ",$1,$2)}')"
+ rep_blocked="$(awk '{if($5=="NX")print $4}' "${adb_repdir}"/adb_report | sort | uniq -c | sort -r | awk '{ORS=" ";if(NR<=10)printf("%s_%s ",$1,$2)}')"
+
+ > "${adb_repdir}"/adb_report.json
+ json_load_file "${adb_repdir}"/adb_report.json >/dev/null 2>&1
json_init
json_add_object "data"
- json_add_string "start_date" "$(awk 'END{printf("%s",$1)}' ${adb_repdir}/adb_report)"
- json_add_string "start_time" "$(awk 'END{printf("%s",$2)}' ${adb_repdir}/adb_report)"
- json_add_string "end_date" "$(awk 'NR==1{printf("%s",$1)}' ${adb_repdir}/adb_report)"
- json_add_string "end_time" "$(awk 'NR==1{printf("%s",$2)}' ${adb_repdir}/adb_report)"
+ json_add_string "start_date" "$(awk 'END{printf("%s",$1)}' "${adb_repdir}"/adb_report)"
+ json_add_string "start_time" "$(awk 'END{printf("%s",$2)}' "${adb_repdir}"/adb_report)"
+ json_add_string "end_date" "$(awk 'NR==1{printf("%s",$1)}' "${adb_repdir}"/adb_report)"
+ json_add_string "end_time" "$(awk 'NR==1{printf("%s",$2)}' "${adb_repdir}"/adb_report)"
json_add_string "total" "${total}"
json_add_string "blocked" "${blocked}"
json_add_string "percent" "${percent}"
json_close_object
done
json_close_object
- json_dump > "${adb_repdir}/adb_report.json"
+ json_dump > "${adb_repdir}"/adb_report.json
fi
- rm -f "${adb_repdir}/adb_report.raw"
+ rm -f "${adb_repdir}"/adb_report.raw
fi
- if [ -s "${adb_repdir}/adb_report" ]
+ if [ -s "${adb_repdir}"/adb_report ]
then
search="${search//./\\.}"
search="${search//[+*~%\$&\"\' ]/}"
- > "${adb_repdir}/adb_report.final"
- awk "BEGIN{i=0}/(${search})/{i++;if(i<=${count}){printf \"%s\t%s\t%s\t%s\t%s\n\",\$1,\$2,\$3,\$4,\$5}}" "${adb_repdir}/adb_report" > "${adb_repdir}/adb_report.final"
- if [ ! -s "${adb_repdir}/adb_report.final" ]
+ > "${adb_repdir}"/adb_report.final
+ awk "BEGIN{i=0}/(${search})/{i++;if(i<=${count}){printf \"%s\\t%s\\t%s\\t%s\\t%s\\n\",\$1,\$2,\$3,\$4,\$5}}" "${adb_repdir}"/adb_report > "${adb_repdir}"/adb_report.final
+ if [ ! -s "${adb_repdir}"/adb_report.final ]
then
- printf "%s\t%s\t%s\t%s\t%s\n" "-" "-" "-" "-" "-" > "${adb_repdir}/adb_report.final"
+ printf "%s\\t%s\\t%s\\t%s\\t%s\\n" "-" "-" "-" "-" "-" > "${adb_repdir}"/adb_report.final
fi
fi
if [ "${print}" = "true" ]
then
- if [ -s "${adb_repdir}/adb_report.json" ]
+ if [ -s "${adb_repdir}"/adb_report.json ]
then
- printf "%s\n%s\n%s\n" ":::" "::: Adblock DNS-Query Report" ":::"
- json_load_file "${adb_repdir}/adb_report.json"
+ printf "%s\\n%s\\n%s\\n" ":::" "::: Adblock DNS-Query Report" ":::"
+ json_load_file "${adb_repdir}"/adb_report.json
json_select "data"
json_get_keys keylist
for key in ${keylist}
json_get_var value "${key}"
eval "${key}=\"${value}\""
done
- printf " + %s\n + %s\n" "Start ::: ${start_date}, ${start_time}" "End ::: ${end_date}, ${end_time}"
- printf " + %s\n + %s %s\n" "Total ::: ${total}" "Blocked ::: ${blocked}" "(${percent})"
+ printf " + %s\\n + %s\\n" "Start ::: ${start_date}, ${start_time}" "End ::: ${end_date}, ${end_time}"
+ printf " + %s\\n + %s %s\\n" "Total ::: ${total}" "Blocked ::: ${blocked}" "(${percent})"
json_select ".."
- if json_get_type Status "top_clients" && [ "${Status}" = "array" ]
+ if json_get_type status "top_clients" && [ "${status}" = "array" ]
then
- printf "%s\n%s\n%s\n" ":::" "::: Top 10 Clients" ":::"
+ printf "%s\\n%s\\n%s\\n" ":::" "::: Top 10 Clients" ":::"
json_select "top_clients"
index=1
- while json_get_type Status ${index} && [ "${Status}" = "object" ]
+ while json_get_type status "${index}" && [ "${status}" = "object" ]
do
- json_get_values client ${index}
- printf " + %-9s::: %s\n" ${client}
- index=$((index + 1))
+ json_get_values client "${index}"
+ printf " + %-9s::: %s\\n" ${client}
+ index=$((index+1))
done
fi
json_select ".."
- if json_get_type Status "top_domains" && [ "${Status}" = "array" ]
+ if json_get_type status "top_domains" && [ "${status}" = "array" ]
then
- printf "%s\n%s\n%s\n" ":::" "::: Top 10 Domains" ":::"
+ printf "%s\\n%s\\n%s\\n" ":::" "::: Top 10 Domains" ":::"
json_select "top_domains"
index=1
- while json_get_type Status ${index} && [ "${Status}" = "object" ]
+ while json_get_type status "${index}" && [ "${status}" = "object" ]
do
- json_get_values domain ${index}
- printf " + %-9s::: %s\n" ${domain}
- index=$((index + 1))
+ json_get_values domain "${index}"
+ printf " + %-9s::: %s\\n" ${domain}
+ index=$((index+1))
done
fi
json_select ".."
- if json_get_type Status "top_blocked" && [ "${Status}" = "array" ]
+ if json_get_type status "top_blocked" && [ "${status}" = "array" ]
then
- printf "%s\n%s\n%s\n" ":::" "::: Top 10 Blocked Domains" ":::"
+ printf "%s\\n%s\\n%s\\n" ":::" "::: Top 10 Blocked Domains" ":::"
json_select "top_blocked"
index=1
- while json_get_type Status ${index} && [ "${Status}" = "object" ]
+ while json_get_type status "${index}" && [ "${status}" = "object" ]
do
- json_get_values blocked ${index}
- printf " + %-9s::: %s\n" ${blocked}
- index=$((index + 1))
+ json_get_values blocked "${index}"
+ printf " + %-9s::: %s\\n" ${blocked}
+ index=$((index+1))
done
fi
- if [ -s "${adb_repdir}/adb_report.final" ]
+ if [ -s "${adb_repdir}"/adb_report.final ]
then
- printf "%s\n%s\n%s\n" ":::" "::: Latest DNS Queries" ":::"
- printf "%-15s%-15s%-45s%-50s%s\n" "Date" "Time" "Client" "Domain" "Answer"
- awk '{printf "%-15s%-15s%-45s%-50s%s\n",$1,$2,$3,$4,$5}' "${adb_repdir}/adb_report.final"
+ printf "%s\\n%s\\n%s\\n" ":::" "::: Latest DNS Queries" ":::"
+ printf "%-15s%-15s%-45s%-50s%s\\n" "Date" "Time" "Client" "Domain" "Answer"
+ awk '{printf "%-15s%-15s%-45s%-50s%s\n",$1,$2,$3,$4,$5}' "${adb_repdir}"/adb_report.final
fi
else
- printf "%s\n%s\n%s\n" ":::" "::: no reporting data available yet" ":::"
+ printf "%s\\n%s\\n%s\\n" ":::" "::: no reporting data available yet" ":::"
fi
fi
fi
# handle different adblock actions
#
-f_envload
+f_load
case "${adb_action}" in
stop)
+ f_bgserv "stop"
f_report "+" "50" "false" "false"
f_rmdns
;;
restart)
+ f_bgserv "stop"
f_report "+" "50" "false" "false"
f_rmdns
- f_envcheck
+ f_env
f_main
;;
suspend)
f_query "${2}"
;;
start|reload)
+ f_bgserv "stop"
f_report "+" "50" "false" "false"
- f_envcheck
+ f_env
f_main
;;
esac
--- /dev/null
+#
+# Copyright (C) 2019 Lucian Cristian <lucian.cristian@gmail.com>
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=bfdd
+PKG_SOURCE_DATE:=2019-08-22
+PKG_RELEASE:=1
+
+PKG_SOURCE_VERSION:=c54534beb524afc3972039f57b56ec65332b43f7
+PKG_SOURCE_URL:=https://codeload.github.com/rzalamena/bfdd/tar.gz/$(PKG_SOURCE_VERSION)?
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_DATE).tar.gz
+PKG_HASH:=8b65f502163aacfe43bb897464f3bf44bc5af4cc85d23b7c644e329abf89cc5f
+
+PKG_MAINTAINER:=Lucian Cristian <lucian.cristian@gmail.com>
+PKG_LICENSE:=GPL-2.0-or-later
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_SOURCE_VERSION)
+PKG_BUILD_PARALLEL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/bfdd
+ SECTION:=net
+ CATEGORY:=Network
+ SUBMENU:=Routing and Redirection
+ TITLE:=BFD daemon
+ URL:=https://github.com/rzalamena/bfdd
+ DEPENDS:=+libevent2 +libjson-c
+endef
+
+define Package/bfdd/description
+ A port of Cumulus BFD daemon to a more portable daemon.
+
+ Bidirectional Forwarding Detection (BFD) is a network protocol that is used to
+ detect faults between two forwarding engines connected by a link. It provides
+ low-overhead detection of faults even on physical media that doesn't support
+ failure detection of any kind, such as Ethernet, virtual circuits, tunnels and
+ MPLS Label Switched Paths.
+endef
+
+define Package/bfdd/conffiles
+/etc/bfdd/bfdd.json
+endef
+
+define Package/bfdd/install
+ $(INSTALL_DIR) \
+ $(1)/usr/sbin \
+ $(1)/etc/bfdd \
+ $(1)/etc/init.d
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/{bfdd,bfdctl} $(1)/usr/sbin/
+ $(INSTALL_BIN) ./files/bfdd.init $(1)/etc/init.d/bfdd
+ $(INSTALL_CONF) ./files/bfdd.template.json $(1)/etc/bfdd/bfdd.json
+endef
+
+$(eval $(call BuildPackage,bfdd))
--- /dev/null
+#!/bin/sh /etc/rc.common
+
+START=99
+STOP=10
+USE_PROCD=1
+
+PROG="/usr/sbin/bfdd"
+CONF="/etc/bfdd/bfdd.json"
+
+start_service() {
+ procd_open_instance
+ procd_set_param command $PROG -c $CONF
+ procd_set_param stdout 1
+ procd_set_param stderr 1
+ procd_set_param respawn
+ procd_close_instance
+}
--- /dev/null
+{
+ "ipv4": [
+ {
+ "_create-only": "optional, defaults to false",
+ "_create-only-help": "If create-only is true then bfdd will return failure if a peer with the same target exists",
+ "create-only": true,
+
+ "_multihop": "optional defaults to false",
+ "multihop": false,
+
+ "_peer-address": "mandatory",
+ "peer-address": "127.0.0.1",
+
+ "_local-address": "mandatory on multihop",
+ "local-address": "127.0.0.1",
+
+ "_local-interface": "optional",
+ "local-interface": "enp0s3",
+
+ "_label": "optional",
+ "label": "peer1",
+
+ "_vxlan": "optional, defaults to 0",
+ "vxlan": 100,
+
+ "_vrf-name": "optional",
+ "vrf-name": "netns1",
+
+ "_detect-multiplier": "optional, defaults to 3",
+ "detect-multiplier": 3,
+
+ "_receive-interval": "optional, defaults to 300 milliseconds",
+ "receive-interval": 300,
+
+ "_transmit-interval": "optional, defaults to 300 milliseconds",
+ "transmit-interval": 300,
+
+ "_echo-interval": "optional, defaults to 50 milliseconds",
+ "echo-interval": 50,
+
+ "_echo-mode": "optional, defaults to false",
+ "echo-mode": false,
+
+ "_shutdown": "optional, defaults to false",
+ "shutdown": false
+ }
+ ],
+ "ipv6": [
+ ],
+ "label": [
+ {
+ "_label": "mandatory to identify the peer without addresses",
+ "_label-help": "peer must have been already created in ipv4 or ipv6",
+ "label": "peer1",
+ }
+ ]
+}
--- /dev/null
+--- a/bfd_packet.c 2019-08-15 02:45:47.270120616 +0300
++++ b/bfd_packet.c 2019-08-15 02:44:38.266117706 +0300
+@@ -34,7 +34,6 @@
+ #include <linux/if_packet.h>
+ #include <linux/udp.h>
+ #include <linux/ip.h>
+-#include <linux/ipv6.h>
+
+ #include <arpa/inet.h>
+ #include <sys/types.h>
include $(TOPDIR)/rules.mk
PKG_NAME:=bind
-PKG_VERSION:=9.14.3
+PKG_VERSION:=9.14.4
PKG_RELEASE:=1
USERID:=bind=57:bind=57
PKG_SOURCE_URL:= \
https://www.mirrorservice.org/sites/ftp.isc.org/isc/bind9/$(PKG_VERSION) \
https://ftp.isc.org/isc/bind9/$(PKG_VERSION)
-PKG_HASH:=ce878aabcf01b61ed114522c32fff9e268b02da55b3c248349860bc3d0c8bdfa
+PKG_HASH:=312efb82a6889074f31ef2849af498b3ec97ca69acd5c4e5e4b4045a8fe6b83f
PKG_FIXUP:=autoreconf
PKG_REMOVE_FILES:=aclocal.m4 libtool.m4
include $(TOPDIR)/rules.mk
PKG_NAME:=cifsd-tools
-PKG_RELEASE:=2
+PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/cifsd-team/cifsd-tools.git
-PKG_SOURCE_DATE:=2019-07-05
-PKG_SOURCE_VERSION:=539fa21a8dd427a8ca2dc13c9a5a1c975be96d3c
-PKG_MIRROR_HASH:=8c1b22d9926112a7e8ec94a3f731639a3789bef1aeb447f0bd7c41a1884e4dc5
+PKG_SOURCE_DATE:=2019-08-19
+PKG_SOURCE_VERSION:=bbeab27f0a1695f711fb84d9cd29a83f818ef90e
+PKG_MIRROR_HASH:=f8bef545400aa8c0db6ba0fffdf0c0a2f201603503728f140df133aff3a39cbb
PKG_MAINTAINER:=Andy Walsh <andy.walsh44+github@gmail.com>
PKG_LICENSE:=GPL-2.0-or-later
local read_list
local hide_dot_files
local veto_files
+ local inherit_owner
+ local force_create_mode
+ local force_directory_mode
config_get name $1 name
config_get path $1 path
config_get read_list $1 read_list
config_get_bool hide_dot_files $1 hide_dot_files 0
config_get veto_files $1 veto_files
+ config_get inherit_owner $1 inherit_owner
+ config_get force_create_mode $1 force_create_mode
+ config_get force_directory_mode $1 force_directory_mode
[ -z "$name" ] || [ -z "$path" ] && return
[ -n "$create_mask" ] && printf "\tcreate mask = %s\n" "$create_mask"
[ -n "$dir_mask" ] && printf "\tdirectory mask = %s\n" "$dir_mask"
+ [ -n "$force_create_mode" ] && printf "\tforce create mode = %s\n" "$force_create_mode"
+ [ -n "$force_directory_mode" ] && printf "\tforce directory mode = %s\n" "$force_directory_mode"
[ -n "$browseable" ] && printf "\tbrowseable = %s\n" "$browseable"
[ -n "$read_only" ] && printf "\tread only = %s\n" "$read_only"
[ -n "$writeable" ] && printf "\twriteable = %s\n" "$writeable"
[ -n "$guest_ok" ] && printf "\tguest ok = %s\n" "$guest_ok"
+ [ -n "$inherit_owner" ] && printf "\tinherit owner = %s\n" "$inherit_owner"
[ -n "$write_list" ] && printf "\twrite list = %s\n" "$write_list"
[ -n "$read_list" ] && printf "\tread list = %s\n" "$read_list"
exit 1
fi
- [ -f /tmp/cifsd.lock ] && rm /tmp/cifsd.lock
-
- # try remove again before start
- [ -e /sys/module/cifsd ] && rmmod cifsd > /dev/null 2>&1
-
modprobe cifsd 2> /dev/null
if [ ! -e /sys/module/cifsd ]; then
logger -t 'cifsd' "modprobe of cifsd module failed, can\'t start cifsd!"
procd_set_param command /usr/sbin/cifsd --n
procd_close_instance
}
+
+stop_service()
+{
+ logger -t 'cifsd' "Stopping CIFSD userspace service."
+ killall cifsd > /dev/null 2>&1
+ sleep 1
+ [ -e /sys/class/cifsd-control/kill_server ] && echo hard > /sys/class/cifsd-control/kill_server
+ sleep 2
+ [ -e /sys/module/cifsd ] && rmmod cifsd > /dev/null 2>&1
+ # With open smb connections rmmod takes longer
+ if [ -e /sys/module/cifsd ]; then
+ sleep 5
+ rmmod cifsd > /dev/null 2>&1
+ fi
+ [ -f /tmp/cifsd.lock ] && rm /tmp/cifsd.lock
+}
+
+reload_service() {
+ stop_service "$@"
+ sleep 1
+ start_service "$@"
+}
; Veto the Apple specific files that a NetAtalk server
; creates.
; veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/
-;
+; - inherit owner
+; The ownership for new files and directories should be controlled
+; by the ownership of the parent directory.
+; Valid options are yes or no.
+; - inherit smack
+; This parameter can be used to ensure that if smack label exist
+; on parent directories.
+; Valid options are yes or no.
+; - force create mode
+; This parameter specifies a set of UNIX mode bit permissions
+; that will always be set on a file created by cifsd.
+; - force directory mode
+; This parameter specifies a set of UNIX mode bit permissions
+; that will always be set on a directory created by cifsd.
;
; Rules to update this file:
; - Every [share] definition should start on new line
;******************************************************************************
[global]
- server string = CIFSD on OpenWrt
netbios name = CIFSD
- map to guest = Bad User
-[share]
+[homes]
comment = content server share
- path = /mnt
- guest ok = yes
- create mask = 0777
- directory mask = 0777
+ path = /tmp
include $(TOPDIR)/rules.mk
PKG_NAME:=clamav
-PKG_VERSION:=0.101.2
-PKG_RELEASE:=2
+PKG_VERSION:=0.101.3
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.clamav.net/downloads/production/
-PKG_HASH:=0a12ebdf6ff7a74c0bde2bdc2b55cae33449e6dd953ec90824a9e01291277634
+PKG_HASH:=68d42aac4a9cbde293288533a9a3c3d55863de38f2b8707c1ef2d987b1260338
PKG_MAINTAINER:=Marko Ratkaj <marko.ratkaj@sartura.hr> \
Lucian Cristian <lucian.cristian@gmail.com>
-PKG_LICENSE:=GPL-2.0
+PKG_LICENSE:=GPL-2.0-only
PKG_LICENSE_FILES:=COPYING*
PKG_CPE_ID:=cpe:/a:clamav:clamav
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
+PKG_FIXUP:=autoreconf
include $(INCLUDE_DIR)/uclibc++.mk
include $(INCLUDE_DIR)/package.mk
--with-openssl="$(STAGING_DIR)/usr/" \
--with-pcre="$(STAGING_DIR)/usr/" \
--with-zlib="$(STAGING_DIR)/usr/" \
- --without-xml \
--without-iconv \
--without-libncurses-prefix
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/clamd $(1)/usr/sbin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/clamav-milter $(1)/usr/sbin/
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clamav-config $(1)/usr/sbin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clambc $(1)/usr/sbin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clamconf $(1)/usr/sbin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clamdscan $(1)/usr/sbin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clamscan $(1)/usr/sbin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/sigtool $(1)/usr/sbin/
- $(INSTALL_DIR) $(1)/usr/include
- $(CP) $(PKG_INSTALL_DIR)/usr/include/clamav.h $(1)/usr/include/
-
$(INSTALL_DIR) $(1)/usr/lib
- $(CP) $(PKG_INSTALL_DIR)/usr/lib*/* $(1)/usr/lib/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib*/lib*.so.* $(1)/usr/lib/
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_CONF) ./files/clamav.config $(1)/etc/config/clamav
--- /dev/null
+From de943f313fa5c17bf9cbd560a7578796991b24b5 Mon Sep 17 00:00:00 2001
+From: Eneas U de Queiroz <cotequeiroz@gmail.com>
+Date: Sat, 10 Aug 2019 19:43:20 -0300
+Subject: [PATCH] Avoid libxml checks if --disable-xml is used
+
+Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
+---
+ m4/reorganization/libs/xml.m4 | 126 +++++++++++++++++-----------------
+ 1 file changed, 62 insertions(+), 64 deletions(-)
+
+diff --git a/m4/reorganization/libs/xml.m4 b/m4/reorganization/libs/xml.m4
+index 77b2c13a8..0709d2914 100644
+--- a/m4/reorganization/libs/xml.m4
++++ b/m4/reorganization/libs/xml.m4
+@@ -12,87 +12,85 @@ if test "X$want_xml" != "Xno"; then
+ @<:@default=/usr/local or /usr if not found in /usr/local@:>@]),
+ [with_xml_val=$withval]
+ )
+-fi
+-
+-AS_IF([test "x$with_xml_val" = "xno"], [XML_HOME=""],
+- [test "x$with_xml_val" = "xyes"], [XML_HOME="/usr/local"],
+- [XML_HOME="$with_xml_val"])
+
+-AS_IF([test "x$XML_HOME" != "x"], [
+- AS_IF([test ! -x "$XML_HOME/bin/xml2-config"], [XML_HOME=""])
+- ])
++ AS_IF([test "x$with_xml_val" = "xno"], [XML_HOME=""],
++ [test "x$with_xml_val" = "xyes"], [XML_HOME="/usr/local"],
++ [XML_HOME="$with_xml_val"])
+
+-AS_IF([test "x$XML_HOME" = "x" -a "x$with_xml_val" = "xyes"], [
+- AS_IF([test -x "/usr/bin/xml2-config"], [XML_HOME="/usr"])
+- ])
++ AS_IF([test "x$XML_HOME" != "x"], [
++ AS_IF([test ! -x "$XML_HOME/bin/xml2-config"], [XML_HOME=""])
++ ])
+
+-if test "x$XML_HOME" != "x"; then
+- AC_MSG_RESULT([$XML_HOME])
+-else
+- AC_MSG_RESULT([not found])
+-fi
++ AS_IF([test "x$XML_HOME" = "x" -a "x$with_xml_val" = "xyes"], [
++ AS_IF([test -x "/usr/bin/xml2-config"], [XML_HOME="/usr"])
++ ])
+
+-found_xml="no"
+-XMLCONF_VERSION=""
+-XML_CPPFLAGS=""
+-XML_LIBS=""
+-if test "x$XML_HOME" != "x"; then
+- AC_MSG_CHECKING([xml2-config version])
+- XMLCONF_VERSION="`$XML_HOME/bin/xml2-config --version`"
+- if test "x%XMLCONF_VERSION" != "x"; then
+- AC_MSG_RESULT([$XMLCONF_VERSION])
+- found_xml="yes"
+- XML_CPPFLAGS="`$XML_HOME/bin/xml2-config --cflags`"
+- XML_LIBS="`$XML_HOME/bin/xml2-config --libs`"
+- AS_ECHO("$XML_CPPFLAGS")
+- AS_ECHO("$XML_LIBS")
++ if test "x$XML_HOME" != "x"; then
++ AC_MSG_RESULT([$XML_HOME])
+ else
+- AC_MSG_ERROR([xml2-config failed])
++ AC_MSG_RESULT([not found])
++ fi
++
++ found_xml="no"
++ XMLCONF_VERSION=""
++ XML_CPPFLAGS=""
++ XML_LIBS=""
++ if test "x$XML_HOME" != "x"; then
++ AC_MSG_CHECKING([xml2-config version])
++ XMLCONF_VERSION="`$XML_HOME/bin/xml2-config --version`"
++ if test "x%XMLCONF_VERSION" != "x"; then
++ AC_MSG_RESULT([$XMLCONF_VERSION])
++ found_xml="yes"
++ XML_CPPFLAGS="`$XML_HOME/bin/xml2-config --cflags`"
++ XML_LIBS="`$XML_HOME/bin/xml2-config --libs`"
++ AS_ECHO("$XML_CPPFLAGS")
++ AS_ECHO("$XML_LIBS")
++ else
++ AC_MSG_ERROR([xml2-config failed])
++ fi
+ fi
+-fi
+
+-working_xml="no"
+-if test "X$found_xml" != "Xno"; then
+- AC_MSG_CHECKING([for xmlreader.h in $XML_HOME])
++ working_xml="no"
++ if test "X$found_xml" != "Xno"; then
++ AC_MSG_CHECKING([for xmlreader.h in $XML_HOME])
+
+- if test ! -f "$XML_HOME/include/libxml2/libxml/xmlreader.h"; then
+- AC_MSG_RESULT([not found])
+- else
+- AC_MSG_RESULT([found])
+- save_LIBS="$LIBS"
+- save_CPPFLAGS="$CPPFLAGS"
+- CPPFLAGS="$CPPFLAGS $XML_CPPFLAGS"
+- save_LDFLAGS="$LDFLAGS"
+- LDFLAGS="$LDFLAGS $XML_LIBS"
++ if test ! -f "$XML_HOME/include/libxml2/libxml/xmlreader.h"; then
++ AC_MSG_RESULT([not found])
++ else
++ AC_MSG_RESULT([found])
++ save_LIBS="$LIBS"
++ save_CPPFLAGS="$CPPFLAGS"
++ CPPFLAGS="$CPPFLAGS $XML_CPPFLAGS"
++ save_LDFLAGS="$LDFLAGS"
++ LDFLAGS="$LDFLAGS $XML_LIBS"
+
+- AS_ECHO("CPPFLAGS: $CPPFLAGS")
+- AS_ECHO("LD_FLAGS: $LDFLAGS")
++ AS_ECHO("CPPFLAGS: $CPPFLAGS")
++ AS_ECHO("LD_FLAGS: $LDFLAGS")
+
+- AC_CHECK_LIB([xml2], [xmlTextReaderRead], [working_xml="yes"], [working_xml="no"], [$XML_LIBS])
++ AC_CHECK_LIB([xml2], [xmlTextReaderRead], [working_xml="yes"], [working_xml="no"], [$XML_LIBS])
+
+- CPPFLAGS="$save_CPPFLAGS"
+- LDFLAGS="$save_LDFLAGS"
+- LIBS="$save_LIBS"
++ CPPFLAGS="$save_CPPFLAGS"
++ LDFLAGS="$save_LDFLAGS"
++ LIBS="$save_LIBS"
++ fi
+ fi
+-fi
+
+-if test "$working_xml" = "yes"; then
+- AC_DEFINE([HAVE_LIBXML2],1,[Define to 1 if you have the 'libxml2' library (-lxml2).])
+- AC_SUBST(XML_CPPFLAGS)
+- AC_SUBST(XML_LIBS)
+- AC_MSG_NOTICE([Compiling and linking with libxml2 from $XML_HOME])
+-else
+- if test "$want_xml" = "yes"; then
+- AC_MSG_ERROR([****** Please install libxml2 packages!])
++ if test "$working_xml" = "yes"; then
++ AC_DEFINE([HAVE_LIBXML2],1,[Define to 1 if you have the 'libxml2' library (-lxml2).])
++ AC_SUBST(XML_CPPFLAGS)
++ AC_SUBST(XML_LIBS)
++ AC_MSG_NOTICE([Compiling and linking with libxml2 from $XML_HOME])
+ else
+- if test "$want_xml" != "no"; then
++ if test "$want_xml" = "yes"; then
++ AC_MSG_ERROR([****** Please install libxml2 packages!])
++ else
+ AC_MSG_NOTICE([****** libxml2 support unavailable])
+ fi
++ XML_CPPFLAGS=""
++ XML_LIBS=""
++ AC_SUBST(XML_CPPFLAGS)
++ AC_SUBST(XML_LIBS)
+ fi
+- XML_CPPFLAGS=""
+- XML_LIBS=""
+- AC_SUBST(XML_CPPFLAGS)
+- AC_SUBST(XML_LIBS)
+ fi
+
+ AM_CONDITIONAL([HAVE_LIBXML2], test "x$HAVE_LIBXML2" = "xyes")
+--
+2.21.0
+
PKG_MAINTAINER:=Matthias Schiffer <mschiffer@universe-factory.net>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=https://projects.universe-factory.net/attachments/download/86
+PKG_SOURCE_URL:=https://github.com/NeoRaider/fastd/releases/download/v$(PKG_VERSION)
PKG_HASH:=714ff09d7bd75f79783f744f6f8c5af2fe456c8cf876feaa704c205a73e043c9
PKG_LICENSE:=BSD-2-Clause
CATEGORY:=Network
DEPENDS:=+kmod-tun +librt +libpthread +libuecc +FASTD_WITH_STATUS_SOCKET:libjson-c +FASTD_WITH_CAPABILITIES:libcap
TITLE:=Fast and Secure Tunneling Daemon
- URL:=https://projects.universe-factory.net/projects/fastd
+ URL:=https://github.com/NeoRaider/fastd/
SUBMENU:=VPN
endef
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/cmake.mk
+CMAKE_OPTIONS += -DCLANG_TIDY_EXE=
+
define Package/https_dns_proxy
SECTION:=net
CATEGORY:=Network
PKG_HASH:=7dcd9f0f48263c6b27a2c3d085dd7278b5c0feed1dfec8872a04899707fa23d8
PKG_USE_MIPS16:=0
-PKG_BUILD_DEPENDS:=boost
+PKG_BUILD_DEPENDS:=boost python/host
PKG_MAINTAINER:=Hauke Mehrtens <hauke.mehrtens@intel.com>
define Build/Configure
(cd $(PKG_BUILD_DIR); \
$(SCONS_VARS) \
- scons \
+ python2.7 $(STAGING_DIR_HOST)/bin/scons.py \
$(SCONS_OPTIONS) \
)
endef
PKG_NAME:=mwan3
PKG_VERSION:=2.8.0
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_MAINTAINER:=Florian Eckert <fe@dev.tdt.de>
PKG_LICENSE:=GPLv2
config interface 'wanb'
option enabled '0'
+ list track_ip '8.8.4.4'
list track_ip '8.8.8.8'
+ list track_ip '208.67.222.222'
list track_ip '208.67.220.220'
option family 'ipv4'
option reliability '1'
option count '1'
option timeout '2'
+ option failure_latency '1000'
+ option recovery_latency '500'
+ option failure_loss '20'
+ option recovery_loss '5'
option interval '5'
option down '3'
option up '8'
config interface 'wanb6'
option enabled '0'
+ list track_ip '2001:4860:4860::8844'
list track_ip '2001:4860:4860::8888'
+ list track_ip '2620:0:ccd::2'
list track_ip '2620:0:ccc::2'
option family 'ipv6'
option reliability '1'
}
stop_service() {
- [ -f "$CONFIGFILE" ] && rm -f "$CONFIGFILE"
+ [ -f "$CONFIGFILE" ] || return
+ rm -f "$CONFIGFILE"
procd_set_config_changed firewall
}
}
service_started() {
+ [ "$snmp_enabled" -eq 0 ] && return
procd_set_config_changed firewall
}
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://gitlab.com/netify.ai/public/netify-agent.git
-PKG_SOURCE_DATE:=2019-06-06
-PKG_SOURCE_VERSION:=v2.88
-#PKG_SOURCE_VERSION:=367ddd2fca4b2edd5e71145e2adea1b58f750214
-PKG_MIRROR_HASH:=8ead41dc074a71626609bced1d584f8df87e39f5ad76dcca76021c1737150089
+PKG_SOURCE_DATE:=2019-08-09
+PKG_SOURCE_VERSION:=v2.91
+#PKG_SOURCE_VERSION:=edb904b417a42a1421474427f03e91e0400d8729
+PKG_MIRROR_HASH:=9a7c6a84fc35677f65ac7ff84f228b0051204fae388869042d7623c141ec4165
include $(INCLUDE_DIR)/package.mk
CATEGORY:=Network
TITLE:=Netify Agent
URL:=http://www.netify.ai/
- DEPENDS:=+libcurl +libmnl +libnetfilter-conntrack +libjson-c +libpcap +zlib +libpthread @!USE_UCLIBC
+ DEPENDS:=+ca-bundle +libcurl +libmnl +libnetfilter-conntrack +libjson-c +libpcap +zlib +libpthread @!USE_UCLIBC
# Explicitly depend on libstdcpp rather than $(CXX_DEPENDS). At the moment
# std::unordered_map is only available via libstdcpp which is required for
# performance reasons.
CONFIGURE_ARGS+= \
--sharedstatedir=/var/run \
--enable-lean-and-mean \
- --disable-ncurses \
--disable-libtcmalloc \
--without-systemdsystemunitdir \
--without-tmpfilesdir
include $(TOPDIR)/rules.mk
PKG_NAME:=openconnect
-PKG_VERSION:=8.03
-PKG_RELEASE:=2
+PKG_VERSION:=8.04
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=ftp://ftp.infradead.org/pub/openconnect/
-PKG_HASH:=908cff9b1ce266b6bb7f969a7f62723543ab94719ba3c95a150fe3894cbc9ef2
+PKG_HASH:=98979c6e3f78b294dc663e3fd75d5c9e9d779f247be9d4e3ab84b5e90565f81f
PKG_LICENSE:=LGPL-2.1-or-later
PKG_LICENSE_FILES:=COPYING.LGPL
+++ /dev/null
-From 460c060dda115bc8066bb4b955453c673459b6cc Mon Sep 17 00:00:00 2001
-From: Rosen Penev <rosenp@gmail.com>
-Date: Sun, 9 Jun 2019 23:36:53 -0700
-Subject: [PATCH] Fix compilation without deprecated OpenSSL 1.1 APIs
-
-Initialization and deinitialization is deprecated.
-
-Signed-off-by: Rosen Penev <rosenp@gmail.com>
----
- library.c | 4 ++++
- openssl.c | 2 ++
- tests/bad_dtls_test.c | 4 ++++
- 3 files changed, 10 insertions(+)
-
-diff --git a/library.c b/library.c
-index 0e3d05e6..e45e93a2 100644
---- a/library.c
-+++ b/library.c
-@@ -38,6 +38,10 @@
- #include "gnutls.h"
- #endif
-
-+#if defined(OPENCONNECT_OPENSSL)
-+#include <openssl/bio.h>
-+#endif
-+
- struct openconnect_info *openconnect_vpninfo_new(const char *useragent,
- openconnect_validate_peer_cert_vfn validate_peer_cert,
- openconnect_write_new_config_vfn write_new_config,
-diff --git a/openssl.c b/openssl.c
-index 2b1f07bd..e505f49a 100644
---- a/openssl.c
-+++ b/openssl.c
-@@ -1879,10 +1879,12 @@ int openconnect_init_ssl(void)
- if (ret)
- return ret;
- #endif
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- SSL_library_init();
- ERR_clear_error();
- SSL_load_error_strings();
- OpenSSL_add_all_algorithms();
-+#endif
- return 0;
- }
-
-diff --git a/tests/bad_dtls_test.c b/tests/bad_dtls_test.c
-index ac8d3f1e..c123c8f8 100644
---- a/tests/bad_dtls_test.c
-+++ b/tests/bad_dtls_test.c
-@@ -752,8 +752,10 @@ int main(int argc, char *argv[])
- int ret;
- int i;
-
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- SSL_library_init();
- SSL_load_error_strings();
-+#endif
-
- RAND_bytes(session_id, sizeof(session_id));
- RAND_bytes(master_secret, sizeof(master_secret));
-@@ -910,8 +912,10 @@ int main(int argc, char *argv[])
- printf("Cisco BadDTLS test: FAILED\n");
- }
-
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- ERR_free_strings();
- EVP_cleanup();
-+#endif
-
- return testresult?0:1;
- }
---
-2.17.1
-
+++ /dev/null
-From afb6442533dc7475ed61642c3f5b295db1e6f561 Mon Sep 17 00:00:00 2001
-From: Rosen Penev <rosenp@gmail.com>
-Date: Sun, 9 Jun 2019 23:40:21 -0700
-Subject: [PATCH] Fix DTLS bug when lacking deprecated APIs
-
-HAVE_DTLS12 is for DTLSv1_method. This causes dtls_method to be NULL and
-crash.
-
-[dwmw2: Rework it quite a bit more]
-
-Signed-off-by: Rosen Penev <rosenp@gmail.com>
-Signed-off-by: David Woodhouse <dwmw2@infradead.org>
----
- configure.ac | 17 ++++++++++++++---
- openssl-dtls.c | 49 ++++++++++++++++++++++++++-----------------------
- 2 files changed, 40 insertions(+), 26 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index 02096c51..f7557933 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -455,11 +455,22 @@ case "$ssl_library" in
- AC_DEFINE(HAVE_DTLS1_STOP_TIMER, [1], [OpenSSL has dtls1_stop_timer() function])],
- [AC_MSG_RESULT(no)])
-
-- AC_MSG_CHECKING([for DTLSv1_2_client_method() in OpenSSL])
-+ # DTLS_client_method() and DTLSv1_2_client_method() were both added between
-+ # OpenSSL v1.0.1 and v1.0.2. DTLSV1.2_client_method() was later deprecated
-+ # in v1.1.0 so we use DTLS_client_method() as our check for DTLSv1.2 support
-+ # and that's what we actually use in openssl-dtls.c too.
-+ AC_MSG_CHECKING([for DTLS_client_method() in OpenSSL])
- AC_LINK_IFELSE([AC_LANG_PROGRAM([#include <openssl/ssl.h>],
-- [DTLSv1_2_client_method();])],
-+ [DTLS_client_method();])],
- [AC_MSG_RESULT(yes)
-- AC_DEFINE(HAVE_DTLS12, [1], [OpenSSL has DTLSv1_2_client_method() function])],
-+ AC_DEFINE(HAVE_DTLS12, [1], [OpenSSL has DTLS_client_method() function])],
-+ [AC_MSG_RESULT(no)])
-+
-+ AC_MSG_CHECKING([for SSL_CTX_set_min_proto_version() in OpenSSL])
-+ AC_LINK_IFELSE([AC_LANG_PROGRAM([#include <openssl/ssl.h>],
-+ [SSL_CTX_set_min_proto_version((void *)0, 0);])],
-+ [AC_MSG_RESULT(yes)
-+ AC_DEFINE(HAVE_SSL_CTX_PROTOVER, [1], [OpenSSL has SSL_CTX_set_min_proto_version() function])],
- [AC_MSG_RESULT(no)])
-
- AC_CHECK_FUNC(HMAC_CTX_copy,
-diff --git a/openssl-dtls.c b/openssl-dtls.c
-index 5086440f..9e3c5d46 100644
---- a/openssl-dtls.c
-+++ b/openssl-dtls.c
-@@ -332,6 +332,7 @@ int start_dtls_handshake(struct openconnect_info *vpninfo, int dtls_fd)
- const char *cipher = vpninfo->dtls_cipher;
-
- #ifdef HAVE_DTLS12
-+ /* These things should never happen unless they're supported */
- if (vpninfo->cisco_dtls12) {
- dtlsver = DTLS1_2_VERSION;
- } else if (!strcmp(cipher, "OC-DTLS1_2-AES128-GCM")) {
-@@ -349,16 +350,16 @@ int start_dtls_handshake(struct openconnect_info *vpninfo, int dtls_fd)
-
- if (!vpninfo->dtls_ctx) {
- #ifdef HAVE_DTLS12
-+ /* If we can use SSL_CTX_set_min_proto_version, do so. */
- dtls_method = DTLS_client_method();
- #endif
--#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
-+#ifndef HAVE_SSL_CTX_PROTOVER
-+ /* If !HAVE_DTLS12, dtlsver *MUST* be DTLS1_BAD_VER because it's set
-+ * at the top of the function and nothing can change it. */
- if (dtlsver == DTLS1_BAD_VER)
- dtls_method = DTLSv1_client_method();
--#ifdef HAVE_DTLS12
-- else if (dtlsver == DTLS1_2_VERSION)
-- dtls_method = DTLSv1_2_client_method();
--#endif
- #endif
-+
- vpninfo->dtls_ctx = SSL_CTX_new(dtls_method);
- if (!vpninfo->dtls_ctx) {
- vpn_progress(vpninfo, PRG_ERR,
-@@ -367,24 +368,26 @@ int start_dtls_handshake(struct openconnect_info *vpninfo, int dtls_fd)
- vpninfo->dtls_attempt_period = 0;
- return -EINVAL;
- }
-- if (dtlsver) {
--#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
-- if (dtlsver == DTLS1_BAD_VER)
-- SSL_CTX_set_options(vpninfo->dtls_ctx, SSL_OP_CISCO_ANYCONNECT);
--#else
-- if (!SSL_CTX_set_min_proto_version(vpninfo->dtls_ctx, dtlsver) ||
-- !SSL_CTX_set_max_proto_version(vpninfo->dtls_ctx, dtlsver)) {
-- vpn_progress(vpninfo, PRG_ERR,
-- _("Set DTLS CTX version failed\n"));
-- openconnect_report_ssl_errors(vpninfo);
-- SSL_CTX_free(vpninfo->dtls_ctx);
-- vpninfo->dtls_ctx = NULL;
-- vpninfo->dtls_attempt_period = 0;
-- return -EINVAL;
-- }
-+#ifdef HAVE_SSL_CTX_PROTOVER
-+ if (dtlsver &&
-+ (!SSL_CTX_set_min_proto_version(vpninfo->dtls_ctx, dtlsver) ||
-+ !SSL_CTX_set_max_proto_version(vpninfo->dtls_ctx, dtlsver))) {
-+ vpn_progress(vpninfo, PRG_ERR,
-+ _("Set DTLS CTX version failed\n"));
-+ openconnect_report_ssl_errors(vpninfo);
-+ SSL_CTX_free(vpninfo->dtls_ctx);
-+ vpninfo->dtls_ctx = NULL;
-+ vpninfo->dtls_attempt_period = 0;
-+ return -EINVAL;
-+ }
-+#else /* !HAVE_SSL_CTX_PROTOVER */
-+ /* If we used the legacy version-specific methods, we need the special
-+ * way to make TLSv1_client_method() do DTLS1_BAD_VER. */
-+ if (dtlsver == DTLS1_BAD_VER)
-+ SSL_CTX_set_options(vpninfo->dtls_ctx, SSL_OP_CISCO_ANYCONNECT);
- #endif
- #if defined (HAVE_DTLS12) && !defined(OPENSSL_NO_PSK)
-- } else {
-+ if (!dtlsver) {
- SSL_CTX_set_psk_client_callback(vpninfo->dtls_ctx, psk_callback);
- /* For PSK we override the DTLS master secret with one derived
- * from the HTTPS session. */
-@@ -401,9 +404,9 @@ int start_dtls_handshake(struct openconnect_info *vpninfo, int dtls_fd)
- }
- /* For SSL_CTX_set_cipher_list() */
- cipher = "PSK";
--
--#endif
- }
-+#endif /* OPENSSL_NO_PSK */
-+
- /* If we don't readahead, then we do short reads and throw
- away the tail of data packets. */
- SSL_CTX_set_read_ahead(vpninfo->dtls_ctx, 1);
---
-2.17.1
-
+++ /dev/null
-From 97cafd182f5a5c2d13f57d7faeac8432aea9bbf8 Mon Sep 17 00:00:00 2001
-From: David Woodhouse <dwmw2@infradead.org>
-Date: Mon, 10 Jun 2019 12:34:43 +0100
-Subject: [PATCH] Disable encrypt-then-mac where possible with DTLS and OpenSSL
-
-There is pain here. Just don't bother.
-
-Signed-off-by: David Woodhouse <dwmw2@infradead.org>
----
- openssl-dtls.c | 12 +++++++++++-
- 1 file changed, 11 insertions(+), 1 deletion(-)
-
-diff --git a/openssl-dtls.c b/openssl-dtls.c
-index 9e3c5d46..646bf71c 100644
---- a/openssl-dtls.c
-+++ b/openssl-dtls.c
-@@ -406,7 +406,17 @@ int start_dtls_handshake(struct openconnect_info *vpninfo, int dtls_fd)
- cipher = "PSK";
- }
- #endif /* OPENSSL_NO_PSK */
--
-+#ifdef SSL_OP_NO_ENCRYPT_THEN_MAC
-+ /* I'm fairly sure I wasn't lying when I said I had tested
-+ * https://github.com/openssl/openssl/commit/e23d5071ec4c7aa6bb2b
-+ * against GnuTLS both with and without EtM in 2016.
-+ * Nevertheless, in 2019 it seems to be failing to negotiate
-+ * at least for DTLS1_BAD_VER against ocserv with GnuTLS 3.6.7.
-+ * Just turn it off. Real Cisco servers don't do it for
-+ * DTLS1_BAD_VER, and we should be using GCM ciphersuites in
-+ * newer versions of DTLS anyway so it's irrelevant. */
-+ SSL_CTX_set_options(vpninfo->dtls_ctx, SSL_OP_NO_ENCRYPT_THEN_MAC);
-+#endif
- /* If we don't readahead, then we do short reads and throw
- away the tail of data packets. */
- SSL_CTX_set_read_ahead(vpninfo->dtls_ctx, 1);
---
-2.17.1
-
include $(TOPDIR)/rules.mk
PKG_NAME:=simple-adblock
-PKG_VERSION:=1.7.0
-PKG_RELEASE:=1
+PKG_VERSION:=1.8.0
+PKG_RELEASE:=4
PKG_MAINTAINER:=Stan Grishin <stangri@melmac.net>
PKG_LICENSE:=GPL-3.0-or-later
endef
define Package/simple-adblock/description
-This service provides dnsmasq-based ad blocking.
-Please see the README for further information.
+This service provides DNSMASQ or Unbound based ad blocking.
+Please see the project's README at github for further information.
endef
if [ -z "$${IPKG_INSTROOT}" ]; then
while uci -q del ucitrack.@simple-adblock[-1]; do :; done
echo "Stopping service and removing rc.d symlink for simple-adblock"
+ uci -q del_list dhcp.@dnsmasq[0].addnhosts="/var/run/simple-adblock.addnhosts" || true
+ if [ "$$(uci -q get dhcp.@dnsmasq[0].serversfile)" == "/var/run/simple-adblock.servers" ]; then
+ uci -q del dhcp.@dnsmasq[0].serversfile || true
+ fi
/etc/init.d/simple-adblock stop || true
/etc/init.d/simple-adblock killcache || true
/etc/init.d/simple-adblock disable || true
# Simple AdBlock
-A simple DNSMASQ-based AdBlocking service for OpenWrt/LEDE Project. Loosely based on [bole5's](https://forum.openwrt.org/profile.php?id=45571) idea with major performance improvements, added features and Web UI (as a separate package); inspired by @dibdot's innovation.
+A simple DNSMASQ/Unbound-based AdBlocking service for OpenWrt/LEDE Project.
## Features
-- Supports OpenWrt Designated Driver and LEDE Project.
-- Super-fast due to the nature of supported block lists and backgrounding of already downloaded data while next list is downloading.
+- Super-fast due to the nature of supported block lists and parallel downloading/processing of the blacklists.
- Supports both hosts files and domains lists for blocking (to keep it lean and fast).
- Everything is configurable from Web UI.
- Allows you to easily add your own domains to whitelist or blacklist.
- Allows you to easily add URLs to your own blocked hosts or domains lists to block/whitelist (just put whitelisted domains one per line).
- Requires no configuration for the download utility wherever you want to use wget/libopenssl or uclient-fetch/libustream-mbedtls.
-- Installs dependencies automatically (DD/LEDE-default uclient-fetch libustream-mbedtls).
-- Doesn't stay in memory -- creates the list of blocked domains and then uses DNSMASQ and firewall rules to serve "domain not found reply".
-- As some of the default lists are using https, reliably works with either wget/libopenssl or uclient-fetch/libustream-mbedtls.
-- Very lightweight and easily hackable, the whole script is just one /etc/init.d/simple-adblock file.
-- Logs single entry in the system log with the number of blocked domains if verbosity is set to 0.
-- Retains the downloaded/sorted adblocking list on service stop and reuses it on service start (use reload if you want to force re-download of the list).
-- Blocks ads served over https.
+- Installs dependencies automatically.
+- Doesn't stay in memory -- creates the list of blocked domains and then uses DNSMASQ/Unbound and firewall rules to serve NXDOMAIN or 127.0.0.1 (depending on settings) reply for blocked domains.
+- As some of the default lists are using https, reliably works with either wget/libopenssl, uclient-fetch/libustream-mbedtls or curl.
+- Very lightweight and easily hackable, the whole script is just one ```/etc/init.d/simple-adblock``` file.
+- Retains the downloaded/sorted AdBlocking list on service stop and reuses it on service start (use ```dl``` command if you want to force re-download of the list).
+- Blocks ads served over https (unlike PixelServ-derived solutions).
- Proudly made in Canada, using locally-sourced electrons.
-If you want a more robust AdBlocking, supporting free memory detection and complex block lists, supporting IDN, check out [@dibdot's adblock](https://github.com/openwrt/packages/tree/master/net/adblock/files).
+If you want a more robust AdBlocking, supporting free memory detection and complex block lists, supporting IDN, check out [net/adblock](https://github.com/openwrt/packages/tree/master/net/adblock/files).
## Screenshot (luci-app-simple-adblock)
-
+
## Requirements
-This service requires the following packages to be installed on your router: ```dnsmasq``` or ```dnsmasq-full``` and either ```ca-certificates```, ```wget``` and ```libopenssl``` (for OpenWrt 15.05.1) or ```uclient-fetch``` and ```libustream-mbedtls``` (for OpenWrt DD trunk and all LEDE Project builds). Additionally installation of ```coreutils-sort``` is highly recommended as it speeds up blocklist processing.
+This service requires the following packages to be installed on your router: ```dnsmasq``` or ```dnsmasq-full``` or ```unbound``` and either ```ca-certificates```, ```wget``` and ```libopenssl``` (for OpenWrt 15.05.1) or ```uclient-fetch``` and ```libustream-mbedtls``` (for LEDE Project and OpenWrt 18.06.xx or newer). Additionally installation of ```coreutils-sort``` is highly recommended as it speeds up blocklist processing.
To satisfy the requirements for connect to your router via ssh and run the following commands:
opkg update; opkg install ca-certificates wget libopenssl coreutils-sort dnsmasq
```
-### LEDE Project 17.01.x and OpenWrt 18.xx or later Requirements
+### LEDE Project 17.01.x and OpenWrt 18.xx (or newer) Requirements
```sh
opkg update; opkg install uclient-fetch libustream-mbedtls coreutils-sort dnsmasq
opkg update; opkg install ip6tables-mod-nat kmod-ipt-nat6
```
-### Speed up blocklist processing with coreutils-sort
+### Speed Up Blocklist Processing
The ```coreutils-sort``` is an optional, but recommended package as it speeds up sorting and removing duplicates from the merged list dramatically. If opkg complains that it can't install ```coreutils-sort``` because /usr/bin/sort is already provided by busybox, you can run ```opkg --force-overwrite install coreutils-sort```.
-## Unmet dependencies
+## Unmet Dependencies
If you are running a development (trunk/snapshot) build of OpenWrt/LEDE Project on your router and your build is outdated (meaning that packages of the same revision/commit hash are no longer available and when you try to satisfy the [requirements](#requirements) you get errors), please flash either current LEDE release image or current development/snapshot image.
-## How to install
+## How To Install
Install ```simple-adblock``` and ```luci-app-simple-adblock``` packages from Web UI or run the following in the command line:
opkg update; opkg install simple-adblock luci-app-simple-adblock
```
-If ```simple-adblock``` and ```luci-app-simple-adblock``` packages are not found in the official feed/repo for your version of OpenWrt/LEDE Project, you will need to [add a custom repo to your router](#add-custom-repo-to-your-router) first.
-
-### Add custom repo to your router
-
-If your router is not set up with the access to repository containing these packages you will need to add custom repository to your router by connecting to your router via ssh and running the following commands:
-
-#### OpenWrt 15.05.1 Instructions
-
-```sh
-opkg update; opkg install ca-certificates wget libopenssl
-echo -e -n 'untrusted comment: LEDE usign key of Stan Grishin\nRWR//HUXxMwMVnx7fESOKO7x8XoW4/dRidJPjt91hAAU2L59mYvHy0Fa\n' > /tmp/stangri-repo.pub && opkg-key add /tmp/stangri-repo.pub
-! grep -q 'stangri_repo' /etc/opkg/customfeeds.conf && echo 'src/gz stangri_repo https://raw.githubusercontent.com/stangri/openwrt-repo/master' >> /etc/opkg/customfeeds.conf
-opkg update
-opkg install simple-adblock luci-app-simple-adblock
-```
-
-#### LEDE Project 17.01.x and OpenWrt 18.06.x Instructions
-
-```sh
-opkg update
-opkg list-installed | grep -q uclient-fetch || opkg install uclient-fetch
-opkg list-installed | grep -q libustream || opkg install libustream-mbedtls
-echo -e -n 'untrusted comment: LEDE usign key of Stan Grishin\nRWR//HUXxMwMVnx7fESOKO7x8XoW4/dRidJPjt91hAAU2L59mYvHy0Fa\n' > /tmp/stangri-repo.pub && opkg-key add /tmp/stangri-repo.pub
-! grep -q 'stangri_repo' /etc/opkg/customfeeds.conf && echo 'src/gz stangri_repo https://raw.githubusercontent.com/stangri/openwrt-repo/master' >> /etc/opkg/customfeeds.conf
-opkg update
-opkg install simple-adblock luci-app-simple-adblock
-```
+If ```simple-adblock``` and ```luci-app-simple-adblock``` packages are not found in the official feed/repo for your version of OpenWrt/LEDE Project, you will need to [add a custom repo to your router](https://github.com/stangri/openwrt_packages/blob/master/README.md#on-your-router) first.
## Default Settings
-Default configuration has service disabled (use Web UI to enable/start service or run ```uci set simple-adblock.config.enabled=1```) and selected ad/malware lists suitable for routers with 64Mb RAM. The configuration file has lists in descending order starting with biggest ones, comment out or delete the lists you don't want or your router can't handle.
+Default configuration has service disabled (use Web UI to enable/start service or run ```uci set simple-adblock.config.enabled=1; uci commit simple-adblock;```) and selected ad/malware lists suitable for routers with 64Mb RAM. The configuration file has lists in descending order starting with biggest ones, comment out or delete the lists you don't want or your router can't handle.
-## How to customize
+## How To Customize
You can use Web UI (found in Services/Simple AdBlock) to add/remove/edit links to:
-- hosts files (127.0.0.1 or 0.0.0.0 followed by space and domain name per line) to be blocked.
+- [hosts files](https://en.wikipedia.org/wiki/Hosts_(file)) (127.0.0.1 or 0.0.0.0 followed by space and domain name per line) to be blocked.
- domains lists (one domain name per line) to be blocked.
-- domains lists (one domain name per line) to be whitelisted. It is useful if you want to run simple-adblock on multiple routers and maintain one centralized whitelist which you can publish on a web-server.
+- domains lists (one domain name per line) to be whitelisted. It is useful if you want to run ```simple-adblock``` on multiple routers and maintain one centralized whitelist which you can publish on a web-server.
-Please note that these lists **have** to include either ```http://``` or ```https://``` (or, if ```curl``` is installed the ```file://```) prefix. Some of the top block lists (both hosts files and domains lists) suitable for routers with at least 8MB RAM are used in the default simple-adblock installation.
+Please note that these lists **must** include either ```http://``` or ```https://``` (or, if ```curl``` is installed the ```file://```) prefix. Some of the top block lists (both hosts files and domains lists) suitable for routers with at least 8MB RAM are used in the default ```simple-adblock``` installation.
You can also use Web UI to add individual domains to be blocked or whitelisted.
-If you want to use CLI to customize simple-adblock config, you can probably figure out how to do it by looking at the contents of ```/etc/config/simple-adblock``` or output of the ```uci show simple-adblock``` command.
+If you want to use CLI to customize ```simple-adblock``` config, refer to the [Customization Settings](#customization-settings) section.
-## How to use
+## How To Use
Once the service is enabled in the [config file](#default-settings), run ```/etc/init.d/simple-adblock start``` to start the service. Either ```/etc/init.d/simple-adblock restart``` or ```/etc/init.d/simple-adblock reload``` will only restart the service and/or re-donwload the lists if there were relevant changes in the config file since the last successful start. Had the previous start resulted in any error, either ```/etc/init.d/simple-adblock start```, ```/etc/init.d/simple-adblock restart``` or ```/etc/init.d/simple-adblock reload``` will attempt to re-download the lists.
-If you want to force simple-adblock to re-download the lists, run ```/etc/init.d/simple-adblock download```.
+If you want to force simple-adblock to re-download the lists, run ```/etc/init.d/simple-adblock dl```.
If you want to check if the specific domain (or part of the domain name) is being blocked, run ```/etc/init.d/simple-adblock check test-domain.com```.
-## How does it work
-
-This service downloads (and processes in the background, removing comments and other useless data) lists of hosts and domains to be blocked, combines those lists into one big block list, removes duplicates and sorts it and then removes your whitelisted domains from the block list before converting to to dnsmasq-compatible file and restarting dnsmasq. The result of the process is that dnsmasq returns "domain not found" for the blocked domains.
+## Configuration Settings
+
+In the Web UI the ```simple-adblock``` settings are split into ```basic``` and ```advanced``` settings. The full list of configuration parameters of ```simple-adblock.config``` section is:
+
+|Web UI Section|Parameter|Type|Default|Description|
+| --- | --- | --- | --- | --- |
+|Basic|enabled|boolean|0|Enable/disable the ```simple-adblock``` service.|
+|Basic|verbosity|integer|2|Can be set to 0, 1 or 2 to control the console and system log output verbosity of the ```simple-adblock``` service.|
+|Basic|force_dns|boolean|1|Force router's DNS to local devices which may have different/hardcoded DNS server settings. If enabled, creates a firewall rule to intercept DNS requests from local devices to external DNS servers and redirect them to router.|
+|Basic|led|string|none|Use one of the router LEDs to indicate the AdBlocking status.|
+|Advanced|dns|string|dnsmasq.servers|DNS resolution option. See [table below](#dns-resolution-option) for addtional information.|
+|Advanced|ipv6_enabled|boolean|0|Add IPv6 entries to block-list if ```dnsmasq.addnhosts``` is used. This option is only visible in Web UI if the ```dnsmasq.addnhosts``` is selected as the DNS resolution option.|
+|Advanced|boot_delay|integer|120|Delay service activation for that many seconds on boot up. You can shorten it to 10-30 seconds on modern fast routers. Routers with built-in modems may require longer boot delay.|
+|Advanced|download_timeout|integer|10|Time-out downloads if no reply received within that many last seconds.|
+|Advanced|curl_retry|integer|3|If ```curl``` is installed and detected, attempt that many retries for failed downloads.|
+|Advanced|parallel_downloads|boolean|1|If enabled, all downloads are completed concurrently, if disabled -- sequentioally. Concurrent downloads dramatically speed up service loading.|
+|Advanced|debug|boolean|0|If enabled, output service full debug to ```/tmp/simple-adblock.log```. Please note that the debug file may clog up the router's RAM on some devices. Use with caution.|
+|Advanced|allow_non_ascii|boolean|0|Enable support for non-ASCII characters in the final AdBlocking file. Only enable if your target service supports non-ASCII characters. If you enable this on the system where DNS resolver doesn't support non-ASCII characters, it will crash. Use with caution.|
+|Advanced|compressed_cache|boolean|0|Create compressed cache of the AdBlocking file in router's persistent memory. Only recommended to be used on routers with large ROM and/or routers with metered/flaky internet connection.|
+||whitelist_domain|list/string||List of white-listed domains.|
+||whitelist_domains_url|list/string||List of URL(s) to text files containing white-listed domains. **Must** include either ```http://``` or ```https://``` (or, if ```curl``` is installed the ```file://```) prefix. Useful if you want to keep/publish a single white-list for multiple routers.|
+||blacklist_domains_url|list/string||List of URL(s) to text files containing black-listed domains. **Must** include either ```http://``` or ```https://``` (or, if ```curl``` is installed the ```file://```) prefix.|
+||blacklist_hosts_url|list/string||List of URL(s) to [hosts files](https://en.wikipedia.org/wiki/Hosts_(file)) containing black-listed domains. **Must** include either ```http://``` or ```https://``` (or, if ```curl``` is installed the ```file://```) prefix.|
+
+### DNS Resolution Option
+
+Currently supported options are:
+
+|Option|Explanation|
+| --- | --- |
+|```dnsmasq.addnhosts```|Creates the DNSMASQ additional hosts file ```/var/run/simple-adblock.addnhosts``` and modifies DNSMASQ settings, so that DNSMASQ resolves all blocked domains to "local machine": 127.0.0.1. This option doesn't allow block-list optimization (by removing secondary level domains if the top-level domain is also in the block-list), so it results in a much larger block-list file, but, unlike other DNSMASQ-based options, it has almost no effect on the DNS look up speed. This option also allows quick reloads of DNSMASQ on block-list updates.|
+|```dnsmasq.conf```|Creates the DNSMASQ config file ```/var/dnsmasq.d/simple-adblock``` so that DNSMASQ replies with NXDOMAIN: "domain not found". This option allows the block-list optimization (by removing secondary level domains if the top-level domain is also in the block-list), resulting in the smaller block-list file. This option will slow down DNS look up speed somewhat.|
+|```dnsmasq.servers```|Creates the DNSMASQ servers file ```/var/run/simple-adblock.servers``` and modifies DNSMASQ settings so that DNSMASQ replies with NXDOMAIN: "domain not found". This option allows the block-list optimization (by removing secondary level domains if the top-level domain is also in the block-list), resulting in the smaller block-list file. This option will slow down DNS look up speed somewhat. This is a default setting as it results in the smaller block-file and allows quick reloads of DNSMASQ.|
+|```unbound.adb_list```|Creates the Unbound config file ```/var/lib/unbound/adb_list.simple-adblock``` so that Unbound replies with NXDOMAIN: "domain not found". This option allows the block-list optimization (by removing secondary level domains if the top-level domain is also in the block-list), resulting in the smaller block-list file.|
+
+## How Does It Work
+
+This service downloads (and processes in the background, removing comments and other useless data) lists of hosts and domains to be blocked, combines those lists into one big block list, removes duplicates and sorts it and then removes your whitelisted domains from the block list before converting to to DNSMASQ/Unbound-compatible file and restarting DNSMASQ/Unbound if needed. The result of the process is that DNSMASQ/Unbound return NXDOMAIN or 127.0.0.1 (depending on settings) for the blocked domains.
If you specify ```google.com``` as a domain to be whitelisted, you will have access to ```google.com```, ```www.google.com```, ```analytics.google.com```, but not fake domains like ```email-google.com``` or ```drive.google.com.verify.signin.normandeassociation.com``` for example. If you only want to allow ```www.google.com``` while blocking all other ```google.com``` subdomains, just specify ```www.google.com``` as domain to be whitelisted.
## Documentation / Discussion
-Please head [LEDE Project Forum](https://forum.lede-project.org/t/simple-adblock-fast-lean-and-fully-uci-luci-configurable-adblocking/1327/) for discussion of this package.
+Please head to [OpenWrt Forum](https://forum.openwrt.org/t/simple-adblock-fast-lean-and-fully-uci-luci-configurable-adblocking/1327/) for discussion of this package.
## Thanks
-I'd like to thank everyone who helped create, test and troubleshoot this service. Special thanks to [@hnyman](https://github.com/hnyman) for general package/luci guidance, [@dibdot](https://github.com/dibdot) for general guidance and block-list optimization code and [@ckuethe](https://github.com/ckuethe) for the curl support, non-ASCII filtering and compressed cache code.
\ No newline at end of file
+I'd like to thank everyone who helped create, test and troubleshoot this service. Special thanks to [@hnyman](https://github.com/hnyman) for general package/luci guidance, [@dibdot](https://github.com/dibdot) for general guidance and block-list optimization code, [@ckuethe](https://github.com/ckuethe) for the curl support, non-ASCII filtering and compressed cache code, [@EricLuehrsen](https://github.com/EricLuehrsen) for the Unbound support information and [@phasecat](https://forum.openwrt.org/u/phasecat/summary) for submitting bugs and testing.
config simple-adblock 'config'
option enabled '0'
+ option dns 'dnsmasq.servers'
option verbosity '2'
option force_dns '1'
option led 'none'
option boot_delay '120'
option download_timeout '10'
+ option curl_retry '3'
option parallel_downloads '1'
option debug '0'
option allow_non_ascii '0'
# list blacklist_hosts_url 'https://hostsfile.mine.nu/Hosts'
# list blacklist_hosts_url 'https://hosts-file.net/ad_servers.txt'
# list blacklist_hosts_url 'http://sysctl.org/cameleon/hosts'
- list blacklist_hosts_url 'http://www.mvps.org/winhelp2002/hosts.txt'
+ list blacklist_hosts_url 'http://winhelp2002.mvps.org/hosts.txt'
list blacklist_hosts_url 'https://pgl.yoyo.org/as/serverlist.php?hostformat=hosts&showintro=1&mimetype=plaintext'
list blacklist_hosts_url 'https://www.malwaredomainlist.com/hostslist/hosts.txt'
list blacklist_hosts_url 'https://adaway.org/hosts.txt'
list blacklist_hosts_url 'https://someonewhocares.org/hosts/hosts'
list blacklist_hosts_url 'https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/hosts.txt'
- list blacklist_hosts_url 'https://zeustracker.abuse.ch/blocklist.php?download=hostfile'
list blacklist_domains_url 'https://mirror1.malwaredomains.com/files/justdomains'
list blacklist_domains_url 'https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt'
list blacklist_domains_url 'https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt'
#!/bin/sh /etc/rc.common
+# Copyright 2017-2019 Stan Grishin (stangri@melmac.net)
+# shellcheck disable=SC2039
+# shellcheck disable=SC1091
PKG_VERSION=
export START=94
export EXTRA_COMMANDS="check dl killcache status"
export EXTRA_HELP=" check Checks if specified domain is found in current blacklist
- dl Force-redownloads all the lists, even if the last download was successful and no config changes were made
- status Shows the service last-run status"
+ dl Force-redownloads all the list
+ status Shows the service last-run status"
readonly packageName="simple-adblock"
readonly serviceName="$packageName $PKG_VERSION"
+readonly addnhostsFile="/var/run/${packageName}.addnhosts"
+readonly addnhostsCache="/var/run/${packageName}.addnhosts.cache"
+readonly addnhostsGzip="/etc/${packageName}.addnhosts.gz"
+readonly addnhostsOutputFilter='s|^|127.0.0.1 |;s|$||'
+readonly addnhostsOutputFilterIPv6='s|^|:: |;s|$||'
readonly dnsmasqFile="/var/dnsmasq.d/${packageName}"
-readonly compressedCacheFile="/etc/${packageName}.gz"
-readonly A_TMP="/var/simple-adblock.hosts.a.tmp"
-readonly B_TMP="/var/simple-adblock.hosts.b.tmp"
-readonly cacheFile="/var/run/${packageName}.cache"
+readonly dnsmasqCache="/var/run/${packageName}.dnsmasq.cache"
+readonly dnsmasqGzip="/etc/${packageName}.dnsmasq.gz"
+readonly dnsmasqOutputFilter='s|^|local=/|;s|$|/|'
+readonly serversFile="/var/run/${packageName}.servers"
+readonly serversCache="/var/run/${packageName}.servers.cache"
+readonly serversGzip="/etc/${packageName}.servers.gz"
+readonly serversOutputFilter='s|^|server=/|;s|$|/|'
+readonly unboundFile="/var/lib/unbound/adb_list.${packageName}"
+readonly unboundCache="/var/run/${packageName}.unbound.cache"
+readonly unboundGzip="/etc/${packageName}.unbound.gz"
+readonly unboundOutputFilter='s|^|local-zone: "|;s|$|" static|'
+readonly A_TMP="/var/${packageName}.hosts.a.tmp"
+readonly B_TMP="/var/${packageName}.hosts.b.tmp"
readonly PIDFile="/var/run/${packageName}.pid"
-readonly JsonFile="/var/run/${packageName}.json"
-readonly h_filter='/localhost/d;/^#/d;/^[^0-9]/d;s/^0\.0\.0\.0.//;s/^127\.0\.0\.1.//;s/[[:space:]]*#.*$//;s/[[:cntrl:]]$//;s/[[:space:]]//g;/[`~!@#\$%\^&\*()=+;:"'\'',<>?/\|[{}]/d;/]/d;/\./!d;/^$/d;/[^[:alnum:]_.-]/d;'
-readonly d_filter='/^#/d;s/[[:space:]]*#.*$//;s/[[:space:]]*$//;s/[[:cntrl:]]$//;/[[:space:]]/d;/[`~!@#\$%\^&\*()=+;:"'\'',<>?/\|[{}]/d;/]/d;/\./!d;/^$/d;/[^[:alnum:]_.-]/d;'
-readonly f_filter='s|^|local=/|;s|$|/|'
+readonly jsonFile="/var/run/${packageName}.json"
+readonly hostsFilter='/localhost/d;/^#/d;/^[^0-9]/d;s/^0\.0\.0\.0.//;s/^127\.0\.0\.1.//;s/[[:space:]]*#.*$//;s/[[:cntrl:]]$//;s/[[:space:]]//g;/[`~!@#\$%\^&\*()=+;:"'\'',<>?/\|[{}]/d;/]/d;/\./!d;/^$/d;/[^[:alnum:]_.-]/d;'
+readonly domainsFilter='/^#/d;s/[[:space:]]*#.*$//;s/[[:space:]]*$//;s/[[:cntrl:]]$//;/[[:space:]]/d;/[`~!@#\$%\^&\*()=+;:"'\'',<>?/\|[{}]/d;/]/d;/\./!d;/^$/d;/[^[:alnum:]_.-]/d;'
readonly checkmark='\xe2\x9c\x93'
readonly xmark='\xe2\x9c\x97'
readonly _OK_='\033[0;32m\xe2\x9c\x93\033[0m'
readonly statusForceReloading='Force-Reloading'
readonly statusProcessing='Processing'
readonly statusStopped='Stopped'
+readonly sharedMemoryError="/dev/shm/$packageName-error"
create_lock() { [ -e "$PIDFile" ] && return 1; touch "$PIDFile"; }
-remove_lock() { [ -e "$PIDFile" ] && rm -f "$PIDFile"; } # rm -f /var/simple-adblock_tmp_* >/dev/null 2>&1; }
+remove_lock() { [ -e "$PIDFile" ] && rm -f "$PIDFile"; }
trap remove_lock EXIT
-output_ok() { case $verbosity in 1) output 1 "$_OK_";; 2) output 2 "$__OK__\\n";; esac; }
-output_okn() { case $verbosity in 1) output 1 "$_OK_\\n";; 2) output 2 "$__OK__\\n";; esac; }
-output_fail() { case $verbosity in 1) output 1 "$_FAIL_";; 2) output 2 "$__FAIL__\\n";; esac; }
-output_failn() { case $verbosity in 1) output 1 "$_FAIL_\\n";; 2) output 2 "$__FAIL__\\n";; esac; }
-export logmsg
+output_ok() { output 1 "$_OK_"; output 2 "$__OK__\\n"; }
+output_okn() { output 1 "$_OK_\\n"; output 2 "$__OK__\\n"; }
+output_fail() { output 1 "$_FAIL_\\n"; output 2 "$__FAIL__\\n"; }
+output_failn() { output 1 "$_FAIL_"; output 2 "$__FAIL__\\n"; }
+str_replace() { echo "$1" | sed -e "s/$2/$3/g"; }
+str_contains() { [ "$1" != "$(str_replace "$1" "$2" "")" ]; }
+readonly sharedMemoryOutput="/dev/shm/$packageName-output"
output() {
# Can take a single parameter (text) to be output at any verbosity
# Or target verbosity level and text to be output at specifc verbosity
+ local msg memmsg
if [ $# -ne 1 ]; then
- if [ ! $((verbosity & $1)) -gt 0 ]; then return 0; else shift; fi
+ if [ $((verbosity & $1)) -gt 0 ] || [ "$verbosity" = "$1" ]; then shift; else return 0; fi
fi
- [ -t 1 ] && echo -e -n "$1"
- local msg=$(echo -n "${1/$serviceName /service }" | sed 's|\\033\[[0-9]\?;\?[0-9]\?[0-9]\?m||g');
- if [ "$(echo -e -n "$msg" | wc -l)" -gt 0 ]; then
- logger -t "${packageName:-service} [$$]" "$(echo -e -n "${logmsg}${msg}")"
- logmsg=""
+ [ -t 1 ] && printf "%b" "$1"
+ msg="$(printf "%s" "$(str_replace "$1" "$serviceName " "service ")" | sed 's|\\033\[[0-9]\?;\?[0-9]\?[0-9]\?m||g')";
+ if [ "$(printf "%b" "$msg" | wc -l)" -gt 0 ]; then
+ [ -s "$sharedMemoryOutput" ] && memmsg="$(cat "$sharedMemoryOutput")"
+ logger -t "${packageName:-service} [$$]" "$(printf "%b" "${memmsg}${msg}")"
+ rm -f "$sharedMemoryOutput"
else
- logmsg="${logmsg}${msg}"
+ printf "%b" "$msg" >> "$sharedMemoryOutput"
fi
}
led_on(){ if [ -n "${1}" ] && [ -e "${1}/trigger" ]; then echo "default-on" > "${1}/trigger" 2>&1; fi; }
led_off(){ if [ -n "${1}" ] && [ -e "${1}/trigger" ]; then echo "none" > "${1}/trigger" 2>&1; fi; }
-testCompressedCache(){ [ "$compressedCache" -gt 0 ] && gzip -t -c $compressedCacheFile; }
-boot() { load_package_config; ( sleep "$bootDelay" && rc_procd start_service && rc_procd service_triggers | cat & ); }
export serviceEnabled
export forceDNS
export debug
export allowNonAscii
export compressedCache
+export targetDNS
export bootDelay
export dlTimeout
+export curlRetry
export verbosity
export led
export whitelist_domains
export blacklist_domains_urls
export blacklist_hosts_urls
export wan_if wan_gw wanphysdev dl_command serviceStatus dl_flag
-export dlStatus
+export outputFilter outputFilterIPv6 outputFile outputGzip outputCache ipv6Enabled
load_package_config() {
config_load "$packageName"
config_get_bool debug "config" "debug" 0
config_get_bool allowNonAscii "config" "allow_non_ascii" 0
config_get_bool compressedCache "config" "compressed_cache" 0
+ config_get_bool ipv6Enabled "config" "ipv6_enabled" 0
config_get bootDelay "config" "boot_delay" "120"
config_get dlTimeout "config" "download_timeout" "20"
+ config_get curlRetry "config" "curl_retry" "3"
config_get verbosity "config" "verbosity" "2"
config_get led "config" "led"
+ config_get targetDNS "config" "dns" "dnsmasq.servers"
config_get whitelist_domains "config" "whitelist_domain"
config_get blacklist_domains "config" "blacklist_domain"
config_get whitelist_domains_urls "config" "whitelist_domains_url"
config_get blacklist_domains_urls "config" "blacklist_domains_url"
config_get blacklist_hosts_urls "config" "blacklist_hosts_url"
+ if [ "$targetDNS" != "dnsmasq.addnhosts" ] && [ "$targetDNS" != "dnsmasq.conf" ] && \
+ [ "$targetDNS" != "dnsmasq.servers" ] && [ "$targetDNS" != "unbound.adb_list" ]; then
+ targetDNS="dnsmasq.servers"
+ fi
+
+ case "$targetDNS" in
+ dnsmasq.addnhosts)
+ outputFilter="$addnhostsOutputFilter"
+ outputFile="$addnhostsFile"
+ outputCache="$addnhostsCache"
+ outputGzip="$addnhostsGzip"
+ [ "$ipv6Enabled" -gt 0 ] && outputFilterIPv6="$addnhostsOutputFilterIPv6"
+ rm -f "$dnsmasqFile" "$dnsmasqCache" "$dnsmasqGzip"
+ rm -f "$serversFile" "$serversCache" "$serversGzip"
+ rm -f "$unboundFile" "$unboundCache" "$unboundGzip"
+ ;;
+ dnsmasq.conf)
+ outputFilter="$dnsmasqOutputFilter"
+ outputFile="$dnsmasqFile"
+ outputCache="$dnsmasqCache"
+ outputGzip="$dnsmasqGzip"
+ rm -f "$addnhostsFile" "$addnhostsCache" "$addnhostsGzip"
+ rm -f "$serversFile" "$serversCache" "$serversGzip"
+ rm -f "$unboundFile" "$unboundCache" "$unboundGzip"
+ ;;
+ dnsmasq.servers)
+ outputFilter="$serversOutputFilter"
+ outputFile="$serversFile"
+ outputCache="$serversCache"
+ outputGzip="$serversGzip"
+ rm -f "$dnsmasqFile" "$dnsmasqCache" "$dnsmasqGzip"
+ rm -f "$addnhostsFile" "$addnhostsCache" "$addnhostsGzip"
+ rm -f "$unboundFile" "$unboundCache" "$unboundGzip"
+ ;;
+ unbound.adb_list)
+ outputFilter="$unboundOutputFilter"
+ outputFile="$unboundFile"
+ outputCache="$unboundCache"
+ outputGzip="$unboundGzip"
+ rm -f "$dnsmasqFile" "$dnsmasqCache" "$dnsmasqGzip"
+ rm -f "$addnhostsFile" "$addnhostsCache" "$addnhostsGzip"
+ rm -f "$serversFile" "$serversCache" "$serversGzip"
+ ;;
+ esac
if [ -z "${verbosity##*[!0-9]*}" ] || [ "$verbosity" -lt 0 ] || [ "$verbosity" -gt 2 ]; then
verbosity=1
fi
. /usr/share/libubox/jshn.sh
# Prefer curl because it supports the file: scheme.
if [ -x /usr/bin/curl ] ; then
- dl_command="curl --insecure --connect-timeout $dlTimeout --silent"
+ dl_command="curl --insecure --retry $curlRetry --connect-timeout $dlTimeout --silent"
dl_flag="-o"
else
dl_command="wget --no-check-certificate --timeout $dlTimeout -q"
fi
if [ "$serviceEnabled" -eq 0 ]; then
- if [ "$1" = "on_start" ]; then
- output "$packageName is currently disabled.\\n"
- output "Run the following commands before starting service again:\\n"
- output "uci set $packageName.config.enabled='1'; uci commit;\\n"
- fi
+ case "$1" in
+ on_start)
+ output "$packageName is currently disabled.\\n"
+ output "Run the following commands before starting service again:\\n"
+ output "uci set ${packageName}.config.enabled='1'; uci commit $packageName;\\n"
+ ;;
+ esac
return 1
fi
- [ ! -d ${dnsmasqFile%/*} ] && mkdir -p ${dnsmasqFile%/*}
- testCompressedCache && return 0
+
+ [ ! -d "${outputFile%/*}" ] && mkdir -p "${outputFile%/*}"
+ [ ! -d "${outputCache%/*}" ] && mkdir -p "${outputFile%/*}"
+ [ ! -d "${outputGzip%/*}" ] && mkdir -p "${outputFile%/*}"
+ cacheOps 'testGzip' && return 0
network_flush_cache; network_find_wan wan_if; network_get_gateway wan_gw "$wan_if";
[ -n "$wan_gw" ] && return 0
output "$_ERROR_: $serviceName failed to discover WAN gateway.\\n"; return 1;
dnsmasq_kill() { killall -q -HUP dnsmasq; }
dnsmasq_restart() { /etc/init.d/dnsmasq restart >/dev/null 2>&1; }
-reload_dnsmasq() {
+unbound_restart() { /etc/init.d/unbound restart >/dev/null 2>&1; }
+reload_resolver() {
+ local param output_text
case $1 in
on_start)
- if [ -s "$dnsmasqFile" ]; then
- output 3 "Restarting DNSMASQ "
- tmpfs set message "restarting DNSMASQ"
- if dnsmasq_restart; then
- tmpfs set status "$statusSuccess"
- led_on "$led"
- output_okn
- else
- output_failn
- tmpfs set status "$statusFail"
- tmpfs add error "DNSMASQ restart error"
- output "$_ERROR_: $serviceName failed to restart DNSMASQ!\\n"
- return 1
- fi
- else
+ if [ ! -s "$outputFile" ]; then
tmpfs set status "$statusFail"
- tmpfs add error "Failed to create $dnsmasqFile file."
+ tmpfs add error "Error: Failed to create $outputFile file."
output "$_ERROR_: $serviceName failed to create its data file!\\n"
return 1
fi
- ;;
- on_stop)
- [ -f $dnsmasqFile ] && mv $dnsmasqFile $cacheFile
- output 3 "Restarting dnsmasq "
- if dnsmasq_restart; then
- led_off "$led"
+ case "$targetDNS" in
+ dnsmasq.addnhosts)
+ uci -q del_list dhcp.@dnsmasq[0].addnhosts="$addnhostsFile"
+ uci add_list dhcp.@dnsmasq[0].addnhosts="$addnhostsFile"
+ if [ -n "$(uci changes dhcp)" ]; then
+ uci commit dhcp
+ param=dnsmasq_restart
+ output_text="Restarting DNSMASQ"
+ else
+ param=dnsmasq_kill
+ output_text="Reloading DNSMASQ"
+ fi
+ ;;
+ dnsmasq.conf)
+ param=dnsmasq_restart
+ output_text="Restarting DNSMASQ"
+ ;;
+ dnsmasq.servers)
+ if [ "$(uci -q get dhcp.@dnsmasq[0].serversfile)" != "$serversFile" ]; then
+ uci set dhcp.@dnsmasq[0].serversfile="$serversFile"
+ uci commit dhcp
+ param=dnsmasq_restart
+ output_text="Restarting DNSMASQ"
+ else
+ param=dnsmasq_kill
+ output_text="Reloading DNSMASQ"
+ fi
+ ;;
+ unbound.adb_list)
+ param=unbound_restart
+ output_text="Restarting Unbound"
+ ;;
+ esac
+ output 1 "$output_text "
+ output 2 "$output_text "
+ tmpfs set message "$output_text"
+ if eval "$param"; then
+ tmpfs set status "$statusSuccess"
+ led_on "$led"
output_okn
- output "$serviceName stopped.\\n"
- tmpfs set status "$statusStopped"
- tmpfs del message
- tmpfs del error
- return 0
- else
- output_failn;
+ else
+ output_fail
tmpfs set status "$statusFail"
- tmpfs add error "DNSMASQ restart error on stop"
- output "$_ERROR_: $serviceName failed to restart DNSMASQ on stop !\\n"
+ tmpfs add error "Error: $output_text error."
+ output "$_ERROR_: $serviceName $output_text error!\\n"
return 1
fi
;;
- quiet | *)
- dnsmasq_restart && return 0 || return 1
+ on_stop)
+ cacheOps 'create'
+ case "$targetDNS" in
+ dnsmasq.addnhosts | dnsmasq.servers)
+ if [ -n "$(uci changes dhcp)" ]; then
+ uci -q commit dhcp
+ param=dnsmasq_restart
+ else
+ param=dnsmasq_kill
+ fi
+ ;;
+ dnsmasq.conf)
+ param=dnsmasq_restart
+ ;;
+ unbound.adb_list)
+ param=unbound_restart
+ ;;
+ esac
+ eval "$param"
+ return $?
+ ;;
+ quiet)
+ case "$targetDNS" in
+ dnsmasq.addnhosts | dnsmasq.servers | dnsmasq.conf)
+ param=dnsmasq_restart
+ ;;
+ unbound.adb_list)
+ param=unbound_restart
+ ;;
+ esac
+ eval "$param"
+ return $?
;;
esac
}
-tmpfs(){
+tmpfs() {
local action="$1" instance="$2" value="$3"
local status message error stats
local readReload readRestart curReload curRestart ret
- if [ -s "$JsonFile" ]; then
- status="$(jsonfilter -i $JsonFile -l1 -e "@['data']['status']")"
- message="$(jsonfilter -i $JsonFile -l1 -e "@['data']['message']")"
- error="$(jsonfilter -i $JsonFile -l1 -e "@['data']['error']")"
- stats="$(jsonfilter -i $JsonFile -l1 -e "@['data']['stats']")"
- readReload="$(jsonfilter -i $JsonFile -l1 -e "@['data']['reload']")"
- readRestart="$(jsonfilter -i $JsonFile -l1 -e "@['data']['restart']")"
+ if [ -s "$jsonFile" ]; then
+ status="$(jsonfilter -i $jsonFile -l1 -e "@['data']['status']")"
+ message="$(jsonfilter -i $jsonFile -l1 -e "@['data']['message']")"
+ error="$(jsonfilter -i $jsonFile -l1 -e "@['data']['error']")"
+ stats="$(jsonfilter -i $jsonFile -l1 -e "@['data']['stats']")"
+ readReload="$(jsonfilter -i $jsonFile -l1 -e "@['data']['reload']")"
+ readRestart="$(jsonfilter -i $jsonFile -l1 -e "@['data']['restart']")"
fi
case "$action" in
get)
stats)
echo "$stats"; return;;
triggers)
- curReload="$allowNonAscii $parallelDL $debug $dlTimeout $whitelist_domains $blacklist_domains $whitelist_domains_urls $blacklist_domains_urls $blacklist_hosts_urls"
+ curReload="$allowNonAscii $parallelDL $debug $dlTimeout $whitelist_domains $blacklist_domains $whitelist_domains_urls $blacklist_domains_urls $blacklist_hosts_urls $targetDNS"
curRestart="$compressedCache $forceDNS $led"
if [ "$curReload" != "$readReload" ]; then
ret="download"
stats)
stats="$value";;
triggers)
- readReload="$allowNonAscii $parallelDL $debug $dlTimeout $whitelist_domains $blacklist_domains $whitelist_domains_urls $blacklist_domains_urls $blacklist_hosts_urls"
+ readReload="$allowNonAscii $parallelDL $debug $dlTimeout $whitelist_domains $blacklist_domains $whitelist_domains_urls $blacklist_domains_urls $blacklist_hosts_urls $targetDNS"
readRestart="$compressedCache $forceDNS $led"
;;
esac
json_add_string reload "$readReload"
json_add_string restart "$readRestart"
json_close_object
- json_dump > "$JsonFile"
+ json_dump > "$jsonFile"
sync
}
+cacheOps() {
+ local R_TMP
+ case "$1" in
+ create|backup)
+ [ -f "$outputFile" ] && mv "$outputFile" "$outputCache" >/dev/null 2>/dev/null
+ return $?
+ ;;
+ restore|use)
+ [ -f "$outputCache" ] && mv "$outputCache" "$outputFile" >/dev/null 2>/dev/null
+ return $?
+ ;;
+ test)
+ [ -s "$outputCache" ]
+ return $?
+ ;;
+ testGzip)
+ [ -s "$outputGzip" ] && gzip -t -c "$outputGzip"
+ return $?
+ ;;
+ createGzip)
+ R_TMP="$(mktemp -u -q -t ${packageName}_tmp.XXXXXXXX)"
+ if gzip < "$outputFile" > "$R_TMP"; then
+ if mv "$R_TMP" "$outputGzip"; then
+ rm -f "$R_TMP"
+ return 0
+ else
+ rm -f "$R_TMP"
+ return 1
+ fi
+ else
+ return 1
+ fi
+ ;;
+ expand|unpack|expandGzip|unpackGzip)
+ [ -s "$outputGzip" ] && gzip -dc < "$outputGzip" > "$outputCache"
+ return $?
+ ;;
+ esac
+}
+
is_chaos_calmer() { ubus -S call system board | grep -q "Chaos Calmer"; }
remove_fw3_redirect() {
local name
config_get name "$1" "name"
- if [ -n "$name" ] && [ "$name" != "${name//simple_adblock}" ]; then
+# shellcheck disable=SC2154
+ if [ -n "$name" ] && str_contains "$name" "simple-adblock"; then
uci -q del "firewall.$1"
fi
}
uci -q set firewall.@redirect[-1].proto="tcpudp"
uci -q set firewall.@redirect[-1].src_dport="53"
uci -q set firewall.@redirect[-1].dest_port="53"
- uci -q set firewall.@redirect[-1].dest_ip="$ip"
+ uci -q set firewall.@redirect[-1].dest_ip="$2"
uci -q set firewall.@redirect[-1].reflection="0"
fi
if [ -n "$(uci changes firewall)" ]; then
if [ -z "$1" ] || [ -z "$2" ] || [ -z "$3" ]; then return 1; fi
label="${1##*//}"; label="${label%%/*}";
if [ "$2" = "hosts" ]; then
- label="Hosts: $label"; filter="$h_filter";
+ label="Hosts: $label"; filter="$hostsFilter";
else
- label="Domains: $label"; filter="$d_filter";
+ label="Domains: $label"; filter="$domainsFilter";
fi
if [ "$3" = "blocked" ]; then
type="Blocked"; D_TMP="$B_TMP";
R_TMP="$(mktemp -u -q -t ${packageName}_tmp.XXXXXXXX)"
done
if ! $dl_command "$1" $dl_flag "$R_TMP" 2>/dev/null || [ ! -s "$R_TMP" ]; then
- output 2 "[DL] $type $label $__FAIL__\\n"
output 1 "$_FAIL_"
-# tmpfs add message "-"
- dlStatus="${dlStatus}-"
- tmpfs add error "Error downloading ${1}."
- return 0
+ output 2 "[DL] $type $label $__FAIL__\\n"
+ printf "%b" "Error: downloading '${1}'.\\n" >> "$sharedMemoryError"
+ else
+ sed -i "$filter" "$R_TMP"
+ if [ ! -s "$R_TMP" ]; then
+ output 1 "$_FAIL_"
+ output 2 "[DL] $type $label $__FAIL__\\n"
+ printf "%b" "Error: parsing '${1}'.\\n" >> "$sharedMemoryError"
+ else
+ cat "${R_TMP}" >> "$D_TMP"
+ output 1 "$_OK_"
+ output 2 "[DL] $type $label $__OK__\\n"
+ fi
fi
- sed -i "$filter" "$R_TMP"
- cat "${R_TMP}" >> "$D_TMP"
- rm -f "${R_TMP}" >/dev/null 2>/dev/null
- output 2 "[DL] $type $label $__OK__\\n"
- output 1 "$_OK_"
-# tmpfs add message "+"
- dlStatus="${dlStatus}+"
+ rm -f "$R_TMP"
return 0
}
download_lists() {
- local i hf w_filter j=0 R_TMP
+ local hf w_filter j=0 R_TMP
tmpfs set message "${statusDownloading}..."
- for i in $A_TMP $B_TMP $cacheFile $dnsmasqFile; do [ -f $i ] && rm -f $i; done
+ rm -f "$A_TMP" "$B_TMP" "$outputFile" "$outputCache" "$outputGzip"
if [ "$(awk '/^MemFree/ {print int($2/1000)}' "/proc/meminfo")" -lt 32 ]; then
- output 3 "Low free memory, restarting dnsmasq..."
- if reload_dnsmasq "quiet"; then output_okn; else output_failn; fi
+ output 3 "Low free memory, restarting resolver... "
+ if reload_resolver 'quiet'; then
+ output_okn
+ else
+ output_fail
+ fi
fi
touch $A_TMP; touch $B_TMP;
output 1 "Downloading lists "
- unset dlStatus
+ rm -f "$sharedMemoryError"
if [ -n "$blacklist_hosts_urls" ]; then
for hf in ${blacklist_hosts_urls}; do
if [ "$parallelDL" -gt 0 ]; then
done
fi
wait
- dlStatus="${dlStatus//-/$xmark}"
- dlStatus="${dlStatus//+/$checkmark}"
- [ "$verbosity" = "1" ] && logmsg="${logmsg}${dlStatus}"
+ [ -s "$sharedMemoryError" ] && tmpfs add error "$(cat "$sharedMemoryError")"
+ rm -f "$sharedMemoryError"
output 1 "\\n"
- [ -n "$blacklist_domains" ] && for hf in ${blacklist_domains}; do echo "$hf" | sed "$d_filter" >> $B_TMP; done
+ [ -n "$blacklist_domains" ] && for hf in ${blacklist_domains}; do echo "$hf" | sed "$domainsFilter" >> $B_TMP; done
whitelist_domains="${whitelist_domains}
$(cat $A_TMP)"
[ -n "$whitelist_domains" ] && for hf in ${whitelist_domains}; do hf=$(echo "$hf" | sed 's/\./\\./g'); w_filter="$w_filter/^${hf}$/d;/\\.${hf}$/d;"; done
- if [ -s $B_TMP ]; then
- output 1 "Processing downloads "
- output 2 "Sorting combined list "
- tmpfs set message "$statusProcessing: sorting combined list"
- if sort $B_TMP | uniq > $A_TMP; then
+
+ [ ! -s "$B_TMP" ] && return 1
+
+ output 1 "Processing downloads "
+ output 2 "Sorting combined list "
+ tmpfs set message "$statusProcessing: sorting combined list"
+ if [ "$allowNonAscii" -gt 0 ]; then
+ if sort "$B_TMP" | uniq > "$A_TMP"; then
output_ok
else
- output_fail
- tmpfs add error "Sorting error."
+ output_failn
+ tmpfs add error "Error: Sorting error."
fi
+ else
+ if sort "$B_TMP" | uniq | grep -E -v '[^a-zA-Z0-9=/.-]' > "$A_TMP"; then
+ output_ok
+ else
+ output_failn
+ tmpfs add error "Error: Sorting error."
+ fi
+ fi
-# TLD optimization written by Dirk Brenken (dev@brenken.org)
+ if [ "$targetDNS" = "dnsmasq.conf" ] || \
+ [ "$targetDNS" = "dnsmasq.servers" ] || \
+ [ "$targetDNS" = "unbound.adb_list" ]; then
+ # TLD optimization written by Dirk Brenken (dev@brenken.org)
output 2 "Optimizing combined list "
tmpfs set message "$statusProcessing: optimizing combined list"
if awk -F "." '{for(f=NF;f>1;f--)printf "%s.",$f;print $1}' "$A_TMP" > "$B_TMP"; then
if sort "$B_TMP" > "$A_TMP"; then
- if awk '{if(NR==1){tld=$NF};while(getline){if($NF!~tld"\\."){print tld;tld=$NF}}print tld}' "$A_TMP" > "$B_TMP"; then
+ if awk '{if(NR=1){tld=$NF};while(getline){if($NF!~tld"\\."){print tld;tld=$NF}}print tld}' "$A_TMP" > "$B_TMP"; then
if awk -F "." '{for(f=NF;f>1;f--)printf "%s.",$f;print $1}' "$B_TMP" > "$A_TMP"; then
if sort "$A_TMP" | uniq > "$B_TMP"; then
output_ok
else
- output_fail
- tmpfs add error "Data file optimization error."
- mv $A_TMP $B_TMP
+ output_failn
+ tmpfs add error "Error: Data file optimization."
+ mv "$A_TMP" "$B_TMP"
fi
else
- output_fail
- tmpfs add error "Data file optimization error."
+ output_failn
+ tmpfs add error "Error: Data file optimization."
fi
else
- output_fail
- tmpfs add error "Data file optimization error."
- mv $A_TMP $B_TMP
+ output_failn
+ tmpfs add error "Error: Data file optimization."
+ mv "$A_TMP" "$B_TMP"
fi
else
- output_fail
- tmpfs add error "Data file optimization error."
+ output_failn
+ tmpfs add error "Error: Data file optimization."
fi
else
- output_fail
- tmpfs add error "Data file optimization error."
- mv $A_TMP $B_TMP
+ output_failn
+ tmpfs add error "Error: Data file optimization."
+ mv "$A_TMP" "$B_TMP"
fi
+ else
+ mv "$A_TMP" "$B_TMP"
+ fi
- output 2 "Whitelisting domains "
- tmpfs set message "$statusProcessing: whitelisting domains"
- if sed -i "$w_filter" $B_TMP; then
- output_ok
- else
- output_fail
- tmpfs add error "Whitelist processing error."
- fi
- output 2 "Formatting merged file "
- tmpfs set message "$statusProcessing: formatting merged file"
- if [ "$allowNonAscii" -gt 0 ]; then
- if sed "$f_filter" $B_TMP > $A_TMP; then
- output_ok
- else
- output_fail
- tmpfs add error "Data file formatting error."
- fi
- else
- if sed "$f_filter" $B_TMP | grep -E -v '[^a-zA-Z0-9=/.-]' > $A_TMP; then
- output_ok
- else
- output_fail
- tmpfs add error "Data file formatting error."
- fi
- fi
+ output 2 "Whitelisting domains "
+ tmpfs set message "$statusProcessing: whitelisting domains"
+ if sed -i "$w_filter" "$B_TMP"; then
+ output_ok
+ else
+ output_failn
+ tmpfs add error "Error: Whitelist processing."
+ fi
- output 2 "Creating DNSMASQ config "
- tmpfs set message "$statusProcessing: creating DNSMASQ blocklist"
- if mv $A_TMP $dnsmasqFile; then
+ output 2 "Formatting merged file "
+ tmpfs set message "$statusProcessing: formatting merged file"
+ if [ -z "$outputFilterIPv6" ]; then
+ if sed "$outputFilter" "$B_TMP" > "$A_TMP"; then
output_ok
else
- output_fail
- tmpfs add error "Error moving data file ${A_TMP} to ${dnsmasqFile}."
+ output_failn
+ tmpfs add error "Error: Data file formatting."
fi
-
- if [ "$compressedCache" -gt 0 ]; then
- output 2 "Creating compressed cache "
- tmpfs set message "$statusProcessing: creating compressed cache"
- R_TMP="$(mktemp -u -q -t ${packageName}_tmp.XXXXXXXX)"
- if gzip < "$dnsmasqFile" > "$R_TMP"; then
- mv "$R_TMP" "$compressedCacheFile"
- output_ok
- else
- output_fail
- rm -f "$R_TMP"
- tmpfs add error "Error creating compressed cache."
- fi
+ else
+ if sed "$outputFilter" "$B_TMP" > "$A_TMP" && \
+ sed "$outputFilterIPv6" "$B_TMP" >> "$A_TMP"; then
+ output_ok
else
- rm -f "$compressedCacheFile" >/dev/null 2>&1
+ output_failn
+ tmpfs add error "Error: Data file formatting."
fi
+ fi
- output 2 "Removing temporary files "
- tmpfs set message "$statusProcessing: removing temporary files"
- rm -f "/tmp/${packageName}_tmp.*" >/dev/null 2>&1
- for i in $A_TMP $B_TMP $cacheFile; do if [ -s $i ]; then rm -f $i || j=1; fi; done
- if [ $j -eq 0 ]; then
+ case "$targetDNS" in
+ dnsmasq.addnhosts)
+ output 2 "Creating DNSMASQ addnhosts file "
+ tmpfs set message "$statusProcessing: creating DNSMASQ addnhosts file"
+ ;;
+ dnsmasq.conf)
+ output 2 "Creating DNSMASQ config file "
+ tmpfs set message "$statusProcessing: creating DNSMASQ config file"
+ ;;
+ dnsmasq.servers)
+ output 2 "Creating DNSMASQ servers file "
+ tmpfs set message "$statusProcessing: creating DNSMASQ servers file"
+ ;;
+ unbound.adb_list)
+ output 2 "Creating Unbound adb_list file "
+ tmpfs set message "$statusProcessing: creating Unbound adb_list file"
+ ;;
+ esac
+ if mv "$A_TMP" "$outputFile"; then
+ output_ok
+ else
+ output_failn
+ tmpfs add error "Error: moving data file '${A_TMP}' to '${outputFile}'."
+ fi
+ if [ "$compressedCache" -gt 0 ]; then
+ output 2 "Creating compressed cache "
+ tmpfs set message "$statusProcessing: creating compressed cache"
+ if cacheOps 'createGzip'; then
output_ok
else
- output_fail
- tmpfs add error "Error removing temporary files."
+ output_failn
+ tmpfs add error "Error: creating compressed cache."
fi
- output 1 "\\n"
+ else
+ rm -f "$outputGzip"
+ fi
+ output 2 "Removing temporary files "
+ tmpfs set message "$statusProcessing: removing temporary files"
+ rm -f "/tmp/${packageName}_tmp.*" "$A_TMP" "$B_TMP" "$outputCache" || j=1
+ if [ $j -eq 0 ]; then
+ output_ok
+ else
+ output_failn
+ tmpfs add error "Error: removing temporary files."
+ fi
+ output 1 "\\n"
+}
+
+boot() {
+ load_package_config
+ if create_lock; then
+ sleep "$bootDelay"
+ remove_lock
+ rc_procd start_service && rc_procd service_triggers
fi
}
start_service() {
- is_enabled "on_start" || return 1
- local ip status error action="$(tmpfs get triggers)"
+ is_enabled 'on_start' || return 1
+ local ip action status error message stats
if create_lock; then
- tmpfs set triggers
procd_open_instance "main"
procd_set_param command /bin/true
procd_set_param stdout 1
procd_set_param stderr 1
network_get_ipaddr ip "lan"
+# shellcheck disable=SC2154
if [ "$forceDNS" -ne 0 ] && [ -n "$ip" ]; then
if is_chaos_calmer; then
- fw3_setup "start"
+ fw3_setup "start" "$ip"
else
procd_open_data
json_add_array firewall
fi
fi
procd_close_instance
+
status="$(tmpfs get status)"
error="$(tmpfs get error)"
- tmpfs del status
- tmpfs del message
- tmpfs del error
- tmpfs del stats
+ message="$(tmpfs get message)"
+ stats="$(tmpfs get stats)"
+ action="$(tmpfs get triggers)"
case "$1" in
download) action="download";;
restart|*)
- if [ ! -s "$dnsmasqFile" ] && [ ! -s "$cacheFile" ] && ! testCompressedCache; then
+ if [ "$1" != "restart" ] && [ -s "$outputFile" ] && [ -n "$status" ]; then
+ status
+ exit 0
+ elif [ ! -s "$outputFile" ] && ! cacheOps 'test' && ! cacheOps 'testGzip'; then
action="download"
+ elif cacheOps 'test' || cacheOps 'testGzip'; then
+ action="start"
fi
if [ -n "$error" ]; then
action="download"
;;
esac
+ tmpfs del status
+ tmpfs del error
+ tmpfs del message
+ tmpfs del stats
+ tmpfs set triggers
+
case $action in
download)
- if [ -s "$dnsmasqFile" ] || [ -s "$cacheFile" ] || testCompressedCache; then
- output "Force-reloading $serviceName...\\n"
+ if [ -s "$outputFile" ] || cacheOps 'test' || cacheOps 'testGzip'; then
+ output 0 "Force-reloading $serviceName... "
+ output 3 "Force-reloading $serviceName...\\n"
tmpfs set status "$statusForceReloading"
else
- output "Starting $serviceName...\\n"
+ output 0 "Starting $serviceName... "
+ output 3 "Starting $serviceName...\\n"
tmpfs set status "$statusStarting"
fi
download_lists
- reload_dnsmasq "on_start"
+ reload_resolver 'on_start'
;;
- restart|*)
- if [ "$action" == "restart" ]; then
- output "Retarting $serviceName...\\n"
+ restart|start)
+ if [ "$action" = "restart" ]; then
+ output 0 "Restarting $serviceName... "
+ output 3 "Restarting $serviceName...\\n"
tmpfs set status "$statusRestarting"
else
- output "Starting $serviceName...\\n"
+ output 0 "Starting $serviceName... "
+ output 3 "Starting $serviceName...\\n"
tmpfs set status "$statusStarting"
fi
- if testCompressedCache && [ ! -s "$cacheFile" ] && [ ! -s "$dnsmasqFile" ]; then
+ if cacheOps 'testGzip' && ! cacheOps 'test' && [ ! -s "$outputFile" ]; then
output 3 "Found compressed cache file, unpacking it "
tmpfs set message "found compressed cache file, unpacking it."
- if gzip -dc < "${compressedCacheFile}" > "$cacheFile"; then
+ if cacheOps 'unpackGzip'; then
output_okn
else
- output_failn
+ output_fail
output "$_ERROR_: $serviceName failed to unpack compressed cache!\\n"
- tmpfs add error "failed to unpack compressed cache!"
+ tmpfs add error "Error: Failed to unpack compressed cache."
return 1
fi
fi
- if [ -s "$cacheFile" ] && [ ! -s "$dnsmasqFile" ]; then
+ if cacheOps 'test' && [ ! -s "$outputFile" ]; then
output 3 "Found cache file, reusing it "
tmpfs set message "found cache file, reusing it."
- if mv "$cacheFile" "$dnsmasqFile"; then
+ if cacheOps 'restore'; then
output_okn
else
- output_failn
- tmpfs add error "Error moving $cacheFile to $dnsmasqFile."
+ output_fail
+ tmpfs add error "Error: moving '$outputCache' to '$outputFile'."
fi
fi
- reload_dnsmasq "on_start"
+ reload_resolver 'on_start'
;;
esac
- if [ -s "$dnsmasqFile" ] && [ "$(tmpfs get status)" != "$statusFail" ]; then
- output "$serviceName is blocking $(wc -l < $dnsmasqFile) domains "; output_okn;
+ if [ -s "$outputFile" ] && [ "$(tmpfs get status)" != "$statusFail" ]; then
+ output 0 "$__OK__\\n";
+ c="$(wc -l < "$outputFile")"
+ output 3 "$serviceName is blocking $c domains "; output_okn
tmpfs del message
- tmpfs set status "$statusSuccess: $(wc -l < $dnsmasqFile) domains blocked."
- if [ -n "$(tmpfs get error)" ]; then
- output "$_ERROR_: $(tmpfs get error)\\n"
+ tmpfs set status "$statusSuccess: $c domains blocked (with ${targetDNS})."
+ error="$(tmpfs get error)"
+ if [ -n "$error" ]; then
+ output "$(str_replace "$error" "Error:" "$_ERROR_:")\\n"
fi
else
+ output 0 "$__FAIL__\\n";
tmpfs set status "$statusFail"
- tmpfs add error "Failed to create DNSMASQ blocklist."
+ tmpfs add error "Error: Failed to create blocklist."
fi
remove_lock
else
- output "$serviceName: another instance is starting up "; output_failn;
- return 1
+ output 3 "$serviceName: another instance is starting up "; output_fail
+ return 0
fi
}
service_started() { procd_set_config_changed firewall; }
service_stopped() { procd_set_config_changed firewall; }
-restart_service() { rc_procd stop_service "restart"; rc_procd start_service "restart"; }
+restart_service() { rc_procd start_service "restart"; }
reload_service() { restart_service; }
restart() { restart_service; }
reload() { restart_service; }
-dl() { rc_procd stop_service "restart"; rc_procd start_service "download"; }
-killcache() { [ -s $cacheFile ] && rm -f $cacheFile >/dev/null 2>/dev/null; [ -s $compressedCacheFile ] && rm -f $compressedCacheFile >/dev/null 2>/dev/null; }
+dl() { rc_procd start_service "download"; }
+
+killcache() {
+ rm -f "$addnhostsCache" "$addnhostsGzip"
+ rm -f "$dnsmasqCache" "$dnsmasqGzip"
+ rm -f "$serversCache" "$serversGzip"
+ rm -f "$unboundCache" "$unboundGzip"
+ return 0
+}
+
status() {
- local status
- if [ -n "$(tmpfs get status)" ]; then
- status="$(tmpfs get status)"
- fi
- if [ -n "$status" ] && [ -n "$(tmpfs get message)" ]; then
- status="${status}: $(tmpfs get message)"
+ local status="$(tmpfs get status)" error="$(tmpfs get error)" message="$(tmpfs get message)"
+ if [ -n "$status" ] && [ -n "$message" ]; then
+ status="${status}: $message"
fi
[ -n "$status" ] && output "$serviceName $status\\n"
- [ -n "$(tmpfs get error)" ] && output "$_ERROR_: $(tmpfs get error)\\n"
+ [ -n "$error" ] && output "$error\\n"
}
stop_service() {
load_package_config
- if [ "$serviceEnabled" -gt 0 ]; then
- if [ -z "$1" ] && [ -s "$dnsmasqFile" ]; then
- [ -s "$dnsmasqFile" ] && mv "$dnsmasqFile" "$cacheFile" >/dev/null 2>/dev/null
- output "Stopping $serviceName...\\n"
- tmpfs del triggers
- reload_dnsmasq "on_stop"
- fi
- else
- [ -s "$dnsmasqFile" ] && mv "$dnsmasqFile" "$cacheFile" >/dev/null 2>/dev/null
- reload_dnsmasq "quiet"
- fi
if is_chaos_calmer; then
- fw3_setup "stop"
+ fw3_setup 'stop'
+ fi
+ if [ -s "$outputFile" ]; then
+ output "Stopping $serviceName... "
+ tmpfs del triggers
+ if reload_resolver 'on_stop'; then
+ led_off "$led"
+ output 0 "$__OK__\\n"; output_okn
+ tmpfs set status "$statusStopped"
+ tmpfs del message
+ else
+ output 0 "$__FAIL__\\n"; output_fail
+ tmpfs set status "$statusFail"
+ tmpfs add error "Error: error stopping $serviceName."
+ output "$_ERROR_: error stopping $serviceName!\\n"
+ fi
fi
}
check() {
load_package_config
local string="$1"
- if [ ! -f "$dnsmasqFile" ]; then
- echo "No local blacklist ($dnsmasqFile) found."
+ if [ ! -f "$outputFile" ]; then
+ echo "No blacklist ('$outputFile') found."
elif [ -z "$string" ]; then
echo "Usage: /etc/init.d/${packageName} check domain"
- elif grep -m1 -q "$string" "$dnsmasqFile"; then
- echo "Found $(grep -c "$string" "$dnsmasqFile") matches for $string in $dnsmasqFile:"
- grep "$string" "$dnsmasqFile" | sed 's|local=/||;s|/$||;'
+ elif grep -m1 -q "$string" "$outputFile"; then
+ echo "Found $(grep -c "$string" "$outputFile") matches for '$string' in '$outputFile':"
+ case "$targetDNS" in
+ dnsmasq.addnhosts)
+ grep "$string" "$outputFile" | sed 's|^127.0.0.1 ||;s|^:: ||;';;
+ dnsmasq.conf)
+ grep "$string" "$outputFile" | sed 's|local=/||;s|/$||;';;
+ dnsmasq.servers)
+ grep "$string" "$outputFile" | sed 's|server=/||;s|/$||;';;
+ unbound.adb_list)
+ grep "$string" "$outputFile" | sed 's|^local-zone: "||;s|" static$||;';;
+ esac
else
- echo "The $string is not found in current blacklist."
+ echo "The $string is not found in current blacklist ('$outputFile')."
fi
}
include $(TOPDIR)/rules.mk
PKG_NAME:=subversion
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_VERSION:=1.12.2
PKG_SOURCE_URL:=@APACHE/subversion
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_LICENSE:=Apache-2.0
PKG_LICENSE_FILES:=LICENSE
PKG_MAINTAINER:=Val Kulkov <val.kulkov@gmail.com>
+PKG_CPE_ID:=cpe:/a:apache:subversion
PKG_FIXUP:=autoreconf
PKG_MACRO_PATHS:=build/ac-macros
endef
define Package/subversion/Default/description
- Subversion is a free/open-source version control system. That is,
- Subversion manages files and directories, and the changes made to them,
- over time. This allows you to recover older versions of your data, or
- examine the history of how your data changed. In this regard, many
- people think of a version control system as a sort of time machine.
+ Subversion is a free/open-source version control system. That is,
+ Subversion manages files and directories, and the changes made to them,
+ over time. This allows you to recover older versions of your data, or
+ examine the history of how your data changed. In this regard, many
+ people think of a version control system as a sort of time machine.
endef
define Package/subversion-libs
include $(TOPDIR)/rules.mk
PKG_NAME:=tor
-PKG_VERSION:=0.4.0.5
+PKG_VERSION:=0.4.1.5
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://dist.torproject.org/ \
https://archive.torproject.org/tor-package-archive
-PKG_HASH:=b5a2cbf0dcd3f1df2675dbd5ec10bbe6f8ae995c41b68cebe2bc95bffc90696e
+PKG_HASH:=a864e0b605fb933fcc167bf242eed4233949e8a1bf23ac8e0381b106cd920425
PKG_MAINTAINER:=Hauke Mehrtens <hauke@hauke-m.de> \
Peter Wagner <tripolar@gmx.at>
PKG_LICENSE_FILES:=LICENSE
include $(TOPDIR)/rules.mk
PKG_NAME:=yggdrasil
-PKG_VERSION:=0.3.6
+PKG_VERSION:=0.3.8
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/yggdrasil-network/yggdrasil-go/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=dc1699064319f19a64ac57bac366a15d718008fdb75ef03bf4252d3552dff4eb
+PKG_HASH:=56eebbb63cf2d14897141ce037fb9aec407430718908cfeeb34fff355f08f9af
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-go-$(PKG_VERSION)
PKG_MAINTAINER:=William Fleurant <meshnet@protonmail.com>
include $(TOPDIR)/rules.mk
PKG_NAME:=zerotier
-PKG_VERSION:=1.4.0.1
-PKG_RELEASE:=2
+PKG_VERSION:=1.4.2
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/zerotier/ZeroTierOne/tar.gz/$(PKG_VERSION)?
-PKG_HASH:=39f5cdbe589ff550dca9d407f579e87b55a750dbb46458914476fa7dbafb8214
+PKG_HASH:=557a444127812384265ec97232bae43dce1d4b1545ddd72e2b1646c971dad7c5
PKG_BUILD_DIR:=$(BUILD_DIR)/ZeroTierOne-$(PKG_VERSION)
PKG_MAINTAINER:=Moritz Warning <moritzwarning@web.de>
include $(TOPDIR)/rules.mk
PKG_NAME:=upmpdcli
-PKG_VERSION:=1.4.0
+PKG_VERSION:=1.4.2
PKG_RELEASE:=1
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://www.lesbonscomptes.com/upmpdcli/downloads
+PKG_HASH:=1d4489e76416b9cff2e98a68243d56bf46303890752ac18db382be2859b62bc3
+
PKG_MAINTAINER:=Petko Bordjukov <bordjukov@gmail.com>
-PKG_LICENSE:=GPL-2.0
+PKG_LICENSE:=LGPL-2.1-or-later
PKG_LICENSE_FILES:=COPYING
-PKG_SOURCE_URL:=https://www.lesbonscomptes.com/upmpdcli/downloads
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_HASH:=28742910fa16b72f0c4e5b7dc561f59aa7f1a5fdd3e8e4f72f359d2e4af90d35
-
-PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
local val
config_get val "$cfg" "$var"
- [ -n "$val" -o -n "$def" ] && procd_append_param command $opt "${val:-$def}"
+ if [ -n "$val" ] || [ -n "$def" ]; then
+ procd_append_param command "$opt" "${val:-$def}"
+ fi
}
start_instance() {
+++ /dev/null
-From 256394399f57ba6e3057ee2c981127a14e4623f8 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?J=C3=B6rg=20Krause?= <joerg.krause@embedded.rocks>
-Date: Tue, 22 Jan 2019 09:07:56 +0100
-Subject: [PATCH] Use uint64_t instead of u_int64_t
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-`uintN_t` is standard C99 type available in `<stdint.h>`, whereas `u_intN_t`
-is defined `<sys/types.h>`
-
-As upmpdcli already uses the `uintN_t` type, replace the few existing
-`u_intN_t` types, as it breaks build with the musl C library, which is
-very strict, because of the missing `<sys/types.h>`:
-
-```
-src/mediaserver/cdplugins/netfetch.h:71:5: error: ‘u_int64_t’ does not name a type
- u_int64_t datacount() {
-```
----
- src/mediaserver/cdplugins/netfetch.h | 12 ++++++------
- 1 file changed, 6 insertions(+), 6 deletions(-)
-
-diff --git a/src/mediaserver/cdplugins/netfetch.h b/src/mediaserver/cdplugins/netfetch.h
-index d7e9df4..d105e53 100644
---- a/src/mediaserver/cdplugins/netfetch.h
-+++ b/src/mediaserver/cdplugins/netfetch.h
-@@ -68,7 +68,7 @@ public:
- /// Reset after transfer done, for retrying for exemple.
- virtual bool reset() = 0;
-
-- u_int64_t datacount() {
-+ uint64_t datacount() {
- return fetch_data_count;
- }
-
-@@ -84,11 +84,11 @@ public:
- buf1cb = f;
- }
- // Called when the network transfer is done
-- void setEOFetchCB(std::function<void(bool ok, u_int64_t count)> f) {
-+ void setEOFetchCB(std::function<void(bool ok, uint64_t count)> f) {
- eofcb = f;
- }
- // Called every time we get new data from the remote
-- void setFetchBytesCB(std::function<void(u_int64_t count)> f) {
-+ void setFetchBytesCB(std::function<void(uint64_t count)> f) {
- fbcb = f;
- }
-
-@@ -98,11 +98,11 @@ protected:
- std::string _url;
- uint64_t startoffset;
- int timeoutsecs{0};
-- u_int64_t fetch_data_count{0};
-+ uint64_t fetch_data_count{0};
- BufXChange<ABuffer*> *outqueue{nullptr};
- std::function<bool(std::string&, void *, int)> buf1cb;
-- std::function<void(u_int64_t)> fbcb;
-- std::function<void(bool, u_int64_t)> eofcb;
-+ std::function<void(uint64_t)> fbcb;
-+ std::function<void(bool, uint64_t)> eofcb;
- };
-
- #endif /* _MEDIAFETCH_H_INCLUDED_ */
---
-2.11.0
-
include $(TOPDIR)/rules.mk
PKG_NAME:=evtest
-PKG_VERSION:=1.33
+PKG_VERSION:=1.34
PKG_RELEASE:=1
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://cgit.freedesktop.org/evtest/snapshot
-PKG_HASH:=5037d1162f4c407053cd97e85763ba03150a0c35f929ee9bf9a360abd32ef1c1
-PKG_MAINTAINER:=Pushpal Sidhu <psidhu.devel@gmail.com>
+PKG_HASH:=e49f1f160b30c8f7c2a4caef5ab655f1caf816483d19fdedd6db2d251d7ab80e
-PKG_LICENSE:=GPL-2.0
+PKG_MAINTAINER:=Pushpal Sidhu <psidhu.devel@gmail.com>
+PKG_LICENSE:=GPL-2.0-or-later
PKG_LICENSE_FILES:=COPYING
PKG_FIXUP:=autoreconf
+PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
-include $(INCLUDE_DIR)/autotools.mk
define Package/evtest
SECTION:=utils
CATEGORY:=Utilities
TITLE:=Event Test Program
+ URL:=https://gitlab.freedesktop.org/libevdev/evtest
endef
define Package/evtest/description
include $(TOPDIR)/rules.mk
PKG_NAME:=hplip
-PKG_VERSION:=3.19.3
+PKG_VERSION:=3.19.6
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@SF/hplip
-PKG_HASH:=a04edf0b5b4c4dcaa3998a27caad8f24513340e0aea61b694397c7807d7c2ae6
+PKG_HASH:=fcdaedee9ed17d2e70f3aff9558a452d99443d1b93d6623132faf3f3ae61d66d
PKG_MAINTAINER:=Luiz Angelo Daros de Luca <luizluca@gmail.com>
PKG_LICENSE:=GPL-2.0 GPL-2.0+
include $(TOPDIR)/rules.mk
PKG_NAME:=prometheus-node-exporter-lua
-PKG_VERSION:=2019.04.12
+PKG_VERSION:=2019.08.14
PKG_RELEASE:=1
PKG_MAINTAINER:=Etienne CHAMPETIER <champetier.etienne@gmail.com>
define Package/prometheus-node-exporter-lua-openwrt
$(call Package/prometheus-node-exporter-lua/Default)
TITLE+= (openwrt collector)
- DEPENDS:=prometheus-node-exporter-lua
+ DEPENDS:=prometheus-node-exporter-lua +libubus-lua
endef
define Package/prometheus-node-exporter-lua-ltq-dsl
+local ubus = require "ubus"
+local u = ubus.connect()
+local b = u:call("system", "board", {})
+
local labels = {
- id = "",
- release = "",
- revision = "",
- model = string.sub(get_contents("/tmp/sysinfo/model"), 1, -2),
- board_name = string.sub(get_contents("/tmp/sysinfo/board_name"), 1, -2)
+ board_name = b.board_name,
+ id = b.release.distribution,
+ model = b.model,
+ release = b.release.version,
+ revision = b.release.revision,
+ system = b.system,
+ target = b.release.target
}
-for k, v in string.gmatch(get_contents("/etc/openwrt_release"), "(DISTRIB_%w+)='(.-)'\n") do
- if k == "DISTRIB_ID" then
- labels["id"] = v
- elseif k == "DISTRIB_RELEASE" then
- labels["release"] = v
- elseif k == "DISTRIB_REVISION" then
- labels["revision"] = v
- end
-end
+b = nil
+u = nil
+ubus = nil
local function scrape()
metric("node_openwrt_info", "gauge", labels, 1)
include $(TOPDIR)/rules.mk
PKG_NAME:=qemu
-PKG_VERSION:=4.0.0
+PKG_VERSION:=4.1.0
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_HASH:=13a93dfe75b86734326f8d5b475fde82ec692d5b5a338b4262aeeb6b0fa4e469
+PKG_HASH:=656e60218689bdeec69903087fd7582d5d3e72238d02f4481d8dc6d79fd909c6
PKG_SOURCE_URL:=http://download.qemu.org/
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=LICENSE tcg/LICENSE
DEPENDS:= +glib2 +virtio-console-helper $(CXX_DEPENDS) $(QEMU_DEPS_IN_GUEST)
endef
-define Package/qemu-ga/description
- This package contains the QEMU Guest Agent daemon
-endef
-
define Package/qemu-ga/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/qemu-ga $(1)/usr/bin
$(INSTALL_BIN) ./files/10-qemu-ga.hotplug $(1)/etc/hotplug.d/virtio-ports/10-qemu-ga
endef
+PKG_CONFIG_DEPENDS += CONFIG_PACKAGE_qemu-ga
-define Package/qemu-blobs
- SECTION:=utils
- CATEGORY:=Utilities
- SUBMENU:=Virtualization
- TITLE:=QEMU blobs of BIOS, VGA BIOS and keymaps
- URL:=http://www.qemu.org
- DEPENDS:=$(QEMU_DEPS_IN_HOST)
-endef
-
-define Package/qemu-blobs/install
- $(INSTALL_DIR) $(1)/usr/share/qemu
- $(CP) $(PKG_INSTALL_DIR)/usr/share/qemu/* $(1)/usr/share/qemu
-endef
define Package/qemu-bridge-helper
SECTION:=utils
$(INSTALL_DATA) ./files/bridge.conf $(1)/etc/qemu
endef
+
define Package/qemu-img
SECTION:=utils
CATEGORY:=Utilities
SUBMENU:=Virtualization
TITLE:=QEMU Image utility
URL:=http://www.qemu.org
- DEPENDS:=+glib2 $(CXX_DEPENDS) $(QEMU_DEPS_IN_HOST)
+ DEPENDS:=+glib2 $(QEMU_DEPS_IN_HOST)
endef
define Package/qemu-img/install
$(INSTALL_BIN) $(PKG_BUILD_DIR)/qemu-img $(1)/usr/bin/qemu-img
endef
+
define Package/qemu-nbd
SECTION:=utils
CATEGORY:=Utilities
SUBMENU:=Virtualization
TITLE:=QEMU Network Block Device Utility
URL:=http://www.qemu.org
- DEPENDS:=+glib2 $(CXX_DEPENDS) $(QEMU_DEPS_IN_HOST) +kmod-nbd
+ DEPENDS:=+glib2 $(QEMU_DEPS_IN_HOST) +kmod-nbd
endef
define Package/qemu-nbd/install
$(INSTALL_BIN) $(PKG_BUILD_DIR)/qemu-nbd $(1)/usr/sbin/qemu-nbd
endef
-PKG_CONFIG_DEPENDS += CONFIG_PACKAGE_qemu-ga
+
+define qemu-firmware
+ QEMU_PACKAGES += qemu-firmware-$(1)
+
+ define Package/qemu-firmware-$(1)
+ SECTION:=utils
+ CATEGORY:=Utilities
+ SUBMENU:=Virtualization
+ TITLE:=$(qemu-firmware-$(1)-title)
+ URL:=http://www.qemu.org
+ DEPENDS:=$(QEMU_DEPS_IN_HOST)
+ endef
+
+ define Package/qemu-firmware-$(1)/install
+ $$(INSTALL_DIR) $$(1)/usr/share/qemu
+ $$(CP) $(foreach f,$(qemu-firmware-$(1)-files),$$(PKG_INSTALL_DIR)/usr/share/qemu/$(f)) $$(1)/usr/share/qemu
+ endef
+endef
+
+qemu-firmware-seabios-title:=QEMU build of SeaBIOS for x86 guest
+qemu-firmware-seabios-files:=bios.bin bios-256k.bin
+$(eval $(call qemu-firmware,seabios))
+
+qemu-firmware-seavgabios-title:=QEMU build of SeaVGABIOS
+qemu-firmware-seavgabios-files:=vgabios-*.bin
+$(eval $(call qemu-firmware,seavgabios))
+
+qemu-firmware-pxe-title:=QEMU build of iPXE PXE roms
+qemu-firmware-pxe-files:=pxe-*.rom
+$(eval $(call qemu-firmware,pxe))
+
+qemu-firmware-efi-title:=QEMU build of iPXE EFI roms
+qemu-firmware-efi-files:=efi-*.rom
+$(eval $(call qemu-firmware,efi))
+
# Naming rules used in qemu Makefile.target
define qemu-prog_
#
define qemu-target
PKG_CONFIG_DEPENDS += CONFIG_PACKAGE_qemu-$(1)
+ QEMU_PACKAGES += qemu-$(1)
define Package/qemu-$(1)
SECTION:=utils
SUBMENU:=Virtualization
TITLE:=QEMU target $(1)
URL:=http://www.qemu.org
- DEPENDS:= +glib2 +libpthread +zlib $(CXX_DEPENDS) $(QEMU_DEPS_IN_HOST) \
- $(if $(filter %-softmmu,$(1)),+libncurses +libfdt +pixman +qemu-blobs $(ICONV_DEPENDS))
+ DEPENDS:= +glib2 +libpthread +zlib $(CXX_DEPENDS) $(QEMU_DEPS_IN_HOST) $(qemu-target-$(1)-deps) \
+ $(if $(filter %-softmmu,$(1)),+libncurses +libfdt +pixman +qemu-firmware-efi $(ICONV_DEPENDS))
endef
define Package/qemu-$(1)/description
define Package/qemu-$(1)/install
$(INSTALL_DIR) $$(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/$(call qemu-prog,$(1)) $$(1)/usr/bin
+ $(foreach f,$(qemu-target-$(1)-extra-files),
+ $(INSTALL_DIR) $$(1)/$(dir $(f))
+ $(CP) $(PKG_INSTALL_DIR)/$(f) $$(1)/$(f)
+ )
endef
endef
-QEMU_TARGET_LIST := \
+qemu-target-list := \
x86_64-softmmu \
arm-softmmu \
-$(foreach target,$(QEMU_TARGET_LIST), \
+qemu-target-x86_64-softmmu-deps:= \
+ +qemu-firmware-pxe \
+ +qemu-firmware-seabios \
+ +qemu-firmware-seavgabios
+qemu-target-x86_64-softmmu-extra-files:= \
+ usr/share/qemu/kvmvapic.bin \
+ usr/share/qemu/linuxboot.bin \
+ usr/share/qemu/linuxboot_dma.bin \
+ usr/share/qemu/multiboot.bin \
+ usr/share/qemu/pvh.bin
+
+$(foreach target,$(qemu-target-list), \
$(eval $(call qemu-target,$(target))) \
)
+
# QEMU configure script does not recognize these options
CONFIGURE_ARGS:=$(filter-out \
--target=% \
--host-cc="$(HOSTCC)" \
--disable-fortify-source \
--disable-stack-protector \
+ --extra-cflags="$(EXTRA_CFLAGS)" \
+ --extra-cxxflags="$(EXTRA_CXXFLAGS)" \
+ --extra-ldflags="$(EXTRA_LDFLAGS)" \
# VHost features
CONFIGURE_ARGS += \
--disable-libiscsi \
--disable-libnfs \
--disable-libpmem \
- --disable-libssh2 \
+ --disable-libssh \
--disable-libudev \
--disable-libusb \
--disable-libxml2 \
--disable-xen-pci-passthrough \
--disable-xfsctl \
-CONFIGURE_ARGS += --target-list='$(foreach target,$(QEMU_TARGET_LIST),$(if $(CONFIG_PACKAGE_qemu-$(target)),$(target)))'
+CONFIGURE_ARGS += --target-list='$(foreach target,$(qemu-target-list),$(if $(CONFIG_PACKAGE_qemu-$(target)),$(target)))'
CONFIGURE_ARGS += $(if $(CONFIG_PACKAGE_qemu-ga),--enable-guest-agent)
TARGET_LDFLAGS += -Wl,--as-needed
-MAKE_VARS += V=s
+MAKE_VARS += V=1
# ARCH is special in qemu's build system, e.g. ARCH mips64 will be translated
# there to mips and stored in config-host.mak
MAKE_FLAGS:=$(filter-out \
$(if $(CONFIG_PACKAGE_qemu-bridge-helper),qemu-bridge-helper) \
$(if $(CONFIG_PACKAGE_qemu-img),qemu-img) \
$(if $(CONFIG_PACKAGE_qemu-nbd),qemu-nbd) \
- $(foreach target,$(QEMU_TARGET_LIST),$(if $(CONFIG_PACKAGE_qemu-$(target)),subdir-$(target))) \
+ $(foreach target,$(qemu-target-list),$(if $(CONFIG_PACKAGE_qemu-$(target)),$(target)/all)) \
define Build/Compile
$(if $(strip $(QEMU_MAKE_TARGETS)),$(call Build/Compile/Default,$(QEMU_MAKE_TARGETS)))
$(eval $(call BuildPackage,qemu-bridge-helper))
$(eval $(call BuildPackage,qemu-img))
$(eval $(call BuildPackage,qemu-nbd))
-$(eval $(call BuildPackage,qemu-blobs))
-$(foreach target,$(QEMU_TARGET_LIST), \
- $(eval $(call BuildPackage,qemu-$(target))) \
+$(foreach p,$(QEMU_PACKAGES), \
+ $(eval $(call BuildPackage,$(p))) \
)
--- /dev/null
+From 968aa53dd6d2c0831a9af01873441767c06b88d0 Mon Sep 17 00:00:00 2001
+From: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
+Date: Wed, 1 Aug 2018 12:17:10 +0200
+Subject: [PATCH] mksquashfs/unsquashfs: fix compilation with glibc 2.25+
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From glibc 2.25 release notes:
+https://sourceware.org/ml/libc-alpha/2017-02/msg00079.html
+"* The inclusion of <sys/sysmacros.h> by <sys/types.h> is deprecated.
+ This means that in a future release, the macros “major”, “minor”, and
+ “makedev” will only be available from <sys/sysmacros.h>."
+
+See glibc bug https://sourceware.org/bugzilla/show_bug.cgi?id=19239 .
+---
+ squashfs-tools/mksquashfs.c | 1 +
+ squashfs-tools/unsquashfs.c | 1 +
+ 2 files changed, 2 insertions(+)
+
+diff --git a/squashfs-tools/mksquashfs.c b/squashfs-tools/mksquashfs.c
+index d696a51..8d57c3e 100644
+--- a/squashfs-tools/mksquashfs.c
++++ b/squashfs-tools/mksquashfs.c
+@@ -35,6 +35,7 @@
+ #include <stddef.h>
+ #include <sys/types.h>
+ #include <sys/stat.h>
++#include <sys/sysmacros.h>
+ #include <fcntl.h>
+ #include <errno.h>
+ #include <dirent.h>
+diff --git a/squashfs-tools/unsquashfs.c b/squashfs-tools/unsquashfs.c
+index a57f85c..a492b27 100644
+--- a/squashfs-tools/unsquashfs.c
++++ b/squashfs-tools/unsquashfs.c
+@@ -33,6 +33,7 @@
+ #include "fnmatch_compat.h"
+
+ #include <sys/sysinfo.h>
++#include <sys/sysmacros.h>
+ #include <sys/types.h>
+ #include <sys/time.h>
+ #include <sys/resource.h>
+--
+2.21.0
+
--- /dev/null
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=syncthing
+PKG_VERSION:=1.2.1
+PKG_RELEASE:=1
+
+PKG_SOURCE:=syncthing-source-v$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://github.com/syncthing/syncthing/releases/download/v$(PKG_VERSION)
+PKG_HASH:=313bd59ddc2562e833fc4caa8d90360a06d5ff02976c0a4d5d42393e6f8bceac
+
+PKG_BUILD_DIR=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)/$(PKG_NAME)
+
+PKG_MAINTAINER:=Paul Spooren <mail@aparcar.org>
+PKG_LICENSE:=MPL-2.0
+PKG_LICENSE_FILES:=LICENSE
+PKG_CPE_ID:=cpe:/a:syncthing:syncthing
+
+PKG_BUILD_DEPENDS:=golang/host
+PKG_BUILD_PARALLEL:=1
+PKG_USE_MIPS16:=0
+
+GO_PKG:=github.com/syncthing/syncthing/
+GO_PKG_BUILD_PKG:=github.com/syncthing/syncthing/cmd/syncthing/
+GO_PKG_INSTALL_EXTRA:=^gui/
+
+include $(INCLUDE_DIR)/package.mk
+include ../../lang/golang/golang-package.mk
+
+define Package/syncthing
+ TITLE:=Continuous file synchronization program
+ URL:=https://syncthing.net
+ DEPENDS:=$(GO_ARCH_DEPENDS)
+ SECTION:=utils
+ CATEGORY:=Utilities
+endef
+
+GO_PKG_LDFLAGS_X:=\
+ main.Version=v$(PKG_VERSION) \
+ main.BuildUser=openwrt \
+ main.BuildHost=openwrt \
+ main.BuildStamp=$(SOURCE_DATE_EPOCH)
+
+define Build/Compile
+ $(call GoPackage/Build/Compile,-tags noupgrade)
+endef
+
+define Package/syncthing/conffiles
+/etc/config/syncthing
+/etc/syncthing
+endef
+
+define Package/syncthing/description
+ Syncthing replaces proprietary sync and cloud services with something
+ open, trustworthy and decentralized. Your data is your data alone and
+ you deserve to choose where it is stored, if it is shared with some
+ third party and how it's transmitted over the Internet.
+endef
+
+define Package/syncthing/install
+ $(call GoPackage/Package/Install/Bin,$(1))
+
+ $(CP) ./files/* $(1)/
+endef
+
+$(eval $(call GoBinPackage,syncthing))
+$(eval $(call BuildPackage,syncthing))
--- /dev/null
+config syncthing 'syncthing'
+ option gui_address 'http://127.0.0.1:8384'
+ option home '/etc/syncthing/'
--- /dev/null
+#!/bin/sh /etc/rc.common
+
+START=99
+
+PROG=/usr/bin/syncthing
+
+start_service() {
+ [ -d /var/syncthing/ ] || mkdir /var/syncthing/
+
+ local gui_address home
+ config_load "syncthing"
+ config_get gui_address syncthing gui_address "http://127.0.0.1:8384"
+ config_get home syncthing home "/etc/syncthing/"
+
+ procd_open_instance
+ procd_set_param command "$PROG"
+ procd_append_param command -gui-address="$gui_address"
+ procd_append_param command -home="$home"
+ procd_set_param respawn
+ procd_close_instance
+}
--- /dev/null
+/var/syncthing/
\ No newline at end of file
include $(INCLUDE_DIR)/package.mk
+# This avoids generating man pages
+CONFIGURE_VARS += ac_cv_prog_A2X=
+
define Package/tang
SECTION:=utils
TITLE:=tang v$(PKG_VERSION) - daemon for binding data to the presence of a third party
projects / feed / packages.git / commitdiff