# v1.0.1 - Run as non-root, add unzip, xz-utils
# v1.0.2 - Add bzr
# v1.0.3 - Verify usign signatures
+# v1.0.4 - Add support for Python3
RUN apt update && apt install -y \
build-essential \
libncurses5-dev \
libssl-dev \
python \
+python3 \
signify-openbsd \
subversion \
time \
jobs:
build:
docker:
- - image: docker.io/openwrtorg/packages-cci:v1.0.3
+ - image: docker.io/openwrtorg/packages-cci:v1.0.4
environment:
- SDK_HOST: "downloads.openwrt.org"
- SDK_PATH: "snapshots/targets/ath79/generic"
working_directory: ~/build_dir
command: |
tar Jxf ~/sdk/$SDK_FILE --strip=1
+ touch .config
+ make prepare-tmpinfo scripts/config/conf
+ ./scripts/config/conf --defconfig=.config Config.in
+ make prereq
+ rm .config
cat > feeds.conf <<EOF
src-git base https://github.com/openwrt/openwrt.git;$BRANCH
src-link packages $HOME/openwrt_packages
for PKG in $PKGS ; do
echo_blue "===+ Building: $PKG"
- make "package/$PKG/compile" -j3 V=s
+ make "package/$PKG/compile" -j3 V=s || {
+ RET=$?
+ echo_red "===+ Building: $PKG failed, rebuilding with -j1 for human readable error log"
+ make "package/$PKG/compile" -j1 V=s; exit $RET
+ }
done
- store_artifacts:
Please make sure that the issue subject starts with `<package-name>: `
-This repo here is only for packages maintained in this repo. For base packages residing in the same repo as the build system and maintained by core devs, please consider opening tickets there for more timely responses
+Also make sure that the package is maintained in this repository and not in base which should be submitted at https://bugs.openwrt.org or in the LuCI repository which should be submitted at https://github.com/openwrt/luci/issues.
- - OpenWrt base system: https://bugs.openwrt.org
- - Most LuCI packages: https://github.com/openwrt/luci/issues
+Issues related to releases below 18.06 and forks are not supported or maintained and will be closed.
# Issue template (remove lines from top till here)
PKG_NAME:=monit
PKG_VERSION:=5.25.2
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://mmonit.com/monit/dist
CONFIGURE_ARGS += \
--without-pam \
+ ac_cv_ipv6=$(if $(CONFIG_IPV6),yes,no) \
libmonit_cv_setjmp_available=yes \
libmonit_cv_vsnprintf_c99_conformant=yes
-diff --git a/src/ssl/Ssl.c b/src/ssl/Ssl.c
-index 6501f25..9c24ad5 100644
--- a/src/ssl/Ssl.c
+++ b/src/ssl/Ssl.c
-@@ -302,8 +302,8 @@ static boolean_t _retry(int socket, int *timeout, int (*callback)(int socket, ti
+@@ -302,8 +302,8 @@ static boolean_t _retry(int socket, int
#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
include $(TOPDIR)/rules.mk
PKG_NAME:=netdata
-PKG_VERSION:=1.14.0
-PKG_RELEASE:=2
+PKG_VERSION:=1.16.1
+PKG_RELEASE:=1
PKG_MAINTAINER:=Josef Schlehofer <pepe.schlehofer@gmail.com>, Daniel Engberg <daniel.engberg.lists@pyret.net>
-PKG_LICENSE:=GPL-3.0+
+PKG_LICENSE:=GPL-3.0-or-later
PKG_LICENSE_FILES:=COPYING
PKG_CPE_ID:=cpe:/a:my-netdata:netdata
PKG_SOURCE:=$(PKG_NAME)-v$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://github.com/netdata/netdata/releases/download/v$(PKG_VERSION)
-PKG_HASH:=f3768f6927e3712dce73794c6943a12f4454410c872eb3dfd19af4f52296187a
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-v$(PKG_VERSION)
+PKG_SOURCE_URL:=https://codeload.github.com/netdata/netdata/tar.gz/v$(PKG_VERSION)?
+PKG_HASH:=94492108a6e24e8b39c011ae35ff6f50a848d816af396fdf2b44655cecd78672
PKG_INSTALL:=1
PKG_FIXUP:=autoreconf
define Package/netdata
SECTION:=admin
CATEGORY:=Administration
- DEPENDS:=+zlib +libuuid +libmnl
+ DEPENDS:=+zlib +libuuid +libmnl +libjson-c
TITLE:=Real-time performance monitoring tool
- URL:=https://my-netdata.io/
+ URL:=https://www.netdata.cloud/
endef
define Package/netdata/description
--disable-x86-sse \
--enable-lto \
--without-libcap \
- --disable-plugin-nfacct
+ --disable-https \
+ --disable-dbengine \
+ --disable-plugin-nfacct \
+ --disable-plugin-freeipmi \
+ --disable-plugin-cups \
+ --disable-plugin-xenstat \
+ --disable-backend-prometheus-remote-write \
+ --enable-jsonc
define Package/netdata/conffiles
/etc/netdata/
$(INSTALL_DIR) $(1)/etc/netdata/custom-plugins.d
$(CP) $(PKG_INSTALL_DIR)/etc/netdata $(1)/etc
$(CP) ./files/netdata.conf $(1)/etc/netdata
+ touch $(1)/etc/netdata/.opt-out-from-anonymous-statistics
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/netdata $(1)/usr/lib
$(CP) $(1)/usr/lib/netdata/conf.d/fping.conf $(1)/etc
-exec "$(command -v python || command -v python3 || command -v python2 ||
-echo "ERROR python IS NOT AVAILABLE IN THIS SYSTEM")" "$0" "$@" # '''
+#!/usr/bin/python3
-
+
# -*- coding: utf-8 -*-
# Description:
include $(TOPDIR)/rules.mk
PKG_NAME:=zabbix
-PKG_VERSION:=4.0.6
-PKG_RELEASE:=2
+PKG_VERSION:=4.0.11
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@SF/zabbix
-PKG_HASH:=2890851b3a4b0f70f69ef754aa0d07070b42440f56d280113a9474bc4ed75e5b
+PKG_HASH:=b0af25c31c622d14cb7780db5941d76579b9f9a6ee449613d847b0b505628409
PKG_MAINTAINER:=Etienne CHAMPETIER <champetier.etienne@gmail.com>
PKG_LICENSE:=GPL-2.0
+++ /dev/null
---- a/src/libs/zbxnix/daemon.c
-+++ b/src/libs/zbxnix/daemon.c
-@@ -300,11 +300,14 @@ int daemon_start(int allow_root, const c
-
- if (0 == allow_root && 0 == getuid()) /* running as root? */
- {
-+#if 0
-+/* allow changing user and foreground */
- if (0 != (flags & ZBX_TASK_FLAG_FOREGROUND))
- {
- zbx_error("cannot run as root!");
- exit(EXIT_FAILURE);
- }
-+#endif
-
- if (NULL == user)
- user = "zabbix";
PKG_NAME:=gcc
# PKG_VERSION=7.3.0
PKG_VERSION=7.4.0
-PKG_RELEASE:=4
+PKG_RELEASE:=5
PKG_SOURCE_URL:=@GNU/gcc/gcc-$(PKG_VERSION)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_INSTALL:=1
--disable-libvtv \
--disable-libcilkrts \
--disable-libmudflap \
+ --disable-libmpx \
--disable-multilib \
--disable-libgomp \
--disable-libquadmath \
PKG_NAME:=patch
PKG_VERSION:=2.7.6
-PKG_RELEASE:=3
+PKG_RELEASE:=5
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@GNU/patch
--- /dev/null
+From dce4683cbbe107a95f1f0d45fabc304acfb5d71a Mon Sep 17 00:00:00 2001
+From: Andreas Gruenbacher <agruen@gnu.org>
+Date: Mon, 15 Jul 2019 16:21:48 +0200
+Subject: Don't follow symlinks unless --follow-symlinks is given
+
+* src/inp.c (plan_a, plan_b), src/util.c (copy_to_fd, copy_file,
+append_to_file): Unless the --follow-symlinks option is given, open files with
+the O_NOFOLLOW flag to avoid following symlinks. So far, we were only doing
+that consistently for input files.
+* src/util.c (create_backup): When creating empty backup files, (re)create them
+with O_CREAT | O_EXCL to avoid following symlinks in that case as well.
+---
+ src/inp.c | 12 ++++++++++--
+ src/util.c | 14 +++++++++++---
+ 2 files changed, 21 insertions(+), 5 deletions(-)
+
+diff --git a/src/inp.c b/src/inp.c
+index 32d0919..22d7473 100644
+--- a/src/inp.c
++++ b/src/inp.c
+@@ -238,8 +238,13 @@ plan_a (char const *filename)
+ {
+ if (S_ISREG (instat.st_mode))
+ {
+- int ifd = safe_open (filename, O_RDONLY|binary_transput, 0);
++ int flags = O_RDONLY | binary_transput;
+ size_t buffered = 0, n;
++ int ifd;
++
++ if (! follow_symlinks)
++ flags |= O_NOFOLLOW;
++ ifd = safe_open (filename, flags, 0);
+ if (ifd < 0)
+ pfatal ("can't open file %s", quotearg (filename));
+
+@@ -340,6 +345,7 @@ plan_a (char const *filename)
+ static void
+ plan_b (char const *filename)
+ {
++ int flags = O_RDONLY | binary_transput;
+ int ifd;
+ FILE *ifp;
+ int c;
+@@ -353,7 +359,9 @@ plan_b (char const *filename)
+
+ if (instat.st_size == 0)
+ filename = NULL_DEVICE;
+- if ((ifd = safe_open (filename, O_RDONLY | binary_transput, 0)) < 0
++ if (! follow_symlinks)
++ flags |= O_NOFOLLOW;
++ if ((ifd = safe_open (filename, flags, 0)) < 0
+ || ! (ifp = fdopen (ifd, binary_transput ? "rb" : "r")))
+ pfatal ("Can't open file %s", quotearg (filename));
+ if (TMPINNAME_needs_removal)
+diff --git a/src/util.c b/src/util.c
+index 1cc08ba..fb38307 100644
+--- a/src/util.c
++++ b/src/util.c
+@@ -388,7 +388,7 @@ create_backup (char const *to, const struct stat *to_st, bool leave_original)
+
+ try_makedirs_errno = ENOENT;
+ safe_unlink (bakname);
+- while ((fd = safe_open (bakname, O_CREAT | O_WRONLY | O_TRUNC, 0666)) < 0)
++ while ((fd = safe_open (bakname, O_CREAT | O_EXCL | O_WRONLY | O_TRUNC, 0666)) < 0)
+ {
+ if (errno != try_makedirs_errno)
+ pfatal ("Can't create file %s", quotearg (bakname));
+@@ -579,10 +579,13 @@ create_file (char const *file, int open_flags, mode_t mode,
+ static void
+ copy_to_fd (const char *from, int tofd)
+ {
++ int from_flags = O_RDONLY | O_BINARY;
+ int fromfd;
+ ssize_t i;
+
+- if ((fromfd = safe_open (from, O_RDONLY | O_BINARY, 0)) < 0)
++ if (! follow_symlinks)
++ from_flags |= O_NOFOLLOW;
++ if ((fromfd = safe_open (from, from_flags, 0)) < 0)
+ pfatal ("Can't reopen file %s", quotearg (from));
+ while ((i = read (fromfd, buf, bufsize)) != 0)
+ {
+@@ -625,6 +628,8 @@ copy_file (char const *from, char const *to, struct stat *tost,
+ else
+ {
+ assert (S_ISREG (mode));
++ if (! follow_symlinks)
++ to_flags |= O_NOFOLLOW;
+ tofd = create_file (to, O_WRONLY | O_BINARY | to_flags, mode,
+ to_dir_known_to_exist);
+ copy_to_fd (from, tofd);
+@@ -640,9 +645,12 @@ copy_file (char const *from, char const *to, struct stat *tost,
+ void
+ append_to_file (char const *from, char const *to)
+ {
++ int to_flags = O_WRONLY | O_APPEND | O_BINARY;
+ int tofd;
+
+- if ((tofd = safe_open (to, O_WRONLY | O_BINARY | O_APPEND, 0)) < 0)
++ if (! follow_symlinks)
++ to_flags |= O_NOFOLLOW;
++ if ((tofd = safe_open (to, to_flags, 0)) < 0)
+ pfatal ("Can't reopen file %s", quotearg (to));
+ copy_to_fd (from, tofd);
+ if (close (tofd) != 0)
+--
+cgit v1.0-41-gc330
+
--- /dev/null
+From 3fcd042d26d70856e826a42b5f93dc4854d80bf0 Mon Sep 17 00:00:00 2001
+From: Andreas Gruenbacher <agruen@gnu.org>
+Date: Fri, 6 Apr 2018 19:36:15 +0200
+Subject: Invoke ed directly instead of using the shell
+
+* src/pch.c (do_ed_script): Invoke ed directly instead of using a shell
+command to avoid quoting vulnerabilities.
+---
+ src/pch.c | 6 ++----
+ 1 file changed, 2 insertions(+), 4 deletions(-)
+
+diff --git a/src/pch.c b/src/pch.c
+index 4fd5a05..16e001a 100644
+--- a/src/pch.c
++++ b/src/pch.c
+@@ -2459,9 +2459,6 @@ do_ed_script (char const *inname, char const *outname,
+ *outname_needs_removal = true;
+ copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
+ }
+- sprintf (buf, "%s %s%s", editor_program,
+- verbosity == VERBOSE ? "" : "- ",
+- outname);
+ fflush (stdout);
+
+ pid = fork();
+@@ -2470,7 +2467,8 @@ do_ed_script (char const *inname, char const *outname,
+ else if (pid == 0)
+ {
+ dup2 (tmpfd, 0);
+- execl ("/bin/sh", "sh", "-c", buf, (char *) 0);
++ assert (outname[0] != '!' && outname[0] != '-');
++ execlp (editor_program, editor_program, "-", outname, (char *) NULL);
+ _exit (2);
+ }
+ else
+--
+cgit v1.0-41-gc330
+
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/cifsd-team/cifsd.git
-PKG_SOURCE_DATE:=2019-07-17
-PKG_SOURCE_VERSION:=0c3049e84fc7737cedbcef3e1791a570871168cd
-PKG_MIRROR_HASH:=2717cb1e3d28e7ff5ea69c3fa2a6ae182b70bcdf8680a41a0df2b190b072d04b
+PKG_SOURCE_DATE:=2019-08-19
+PKG_SOURCE_VERSION:=b919acf32027cd5d7616726336305b47e24f02ab
+PKG_MIRROR_HASH:=fd64b2cb78b8847f11ff79cbe06c3416bb0e67ca7433215d20c810fbfff6ee8f
PKG_MAINTAINER:=Andy Walsh <andy.walsh44+github@gmail.com>
PKG_LICENSE:=GPL-2.0-or-later
--- /dev/null
+--- a/vfs_cache.c
++++ b/vfs_cache.c
+@@ -232,7 +232,7 @@ int __init cifsd_inode_hash_init(void)
+ size = bucketsize << inode_hash_shift;
+
+ /* init master fp hash table */
+- inode_hashtable = __vmalloc(size, GFP_ATOMIC, PAGE_KERNEL);
++ inode_hashtable = vmalloc(size);
+ if (!inode_hashtable)
+ return -ENOMEM;
+
+--- b/vfs.c
++++ b/vfs.c
+@@ -17,6 +17,8 @@
+ #include <linux/fsnotify.h>
+ #include <linux/dcache.h>
+ #include <linux/fiemap.h>
++#include <linux/slab.h>
++#include <linux/vmalloc.h>
+
+ #if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 11, 0)
+ #include <linux/sched/xacct.h>
+--- b/vfs_cache.c
++++ b/vfs_cache.c
+@@ -5,6 +5,8 @@
+ */
+
+ #include <linux/fs.h>
++#include <linux/slab.h>
++#include <linux/vmalloc.h>
+
+ /* @FIXME */
+ #include "glob.h"
--- /dev/null
+===
+
+SMB1/SMB2 don't know exactly how vfs layer allocates xattr list,
+via kmalloc() or vmalloc(). Introduce cifsd_vfs_xattr_free() and
+keep both xattr allocation and de-allocation in one place.
+
+Signed-off-by: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
+---
+ smb1pdu.c | 4 ++--
+ smb2pdu.c | 6 ++----
+ vfs.c | 6 ++++++
+ vfs.h | 1 +
+ 4 files changed, 11 insertions(+), 6 deletions(-)
+
+diff --git a/smb1pdu.c b/smb1pdu.c
+index 35599ef..8cb92cf 100644
+--- a/smb1pdu.c
++++ b/smb1pdu.c
+@@ -8,6 +8,7 @@
+ #include <linux/posix_acl_xattr.h>
+ #include <linux/namei.h>
+ #include <linux/statfs.h>
++#include <linux/vmalloc.h>
+
+ #include "glob.h"
+ #include "smb1pdu.h"
+@@ -3844,8 +3845,7 @@ done:
+ rsp->ByteCount = cpu_to_le16(rsp_data_cnt + 5);
+ inc_rfc1001_len(&rsp->hdr, (10 * 2 + rsp->ByteCount));
+ out:
+- if (xattr_list)
+- vfree(xattr_list);
++ cifsd_vfs_xattr_free(xattr_list);
+ return rc;
+ }
+
+diff --git a/smb2pdu.c b/smb2pdu.c
+index 754258f..2727622 100644
+--- a/smb2pdu.c
++++ b/smb2pdu.c
+@@ -3867,8 +3867,7 @@ done:
+ rsp->OutputBufferLength = cpu_to_le32(rsp_data_cnt);
+ inc_rfc1001_len(rsp_org, rsp_data_cnt);
+ out:
+- if (xattr_list)
+- vfree(xattr_list);
++ cifsd_vfs_xattr_free(xattr_list);
+ return rc;
+ }
+
+@@ -4151,8 +4150,7 @@ static void get_file_stream_info(struct cifsd_work *work,
+ /* last entry offset should be 0 */
+ file_info->NextEntryOffset = 0;
+ out:
+- if (xattr_list)
+- vfree(xattr_list);
++ cifsd_vfs_xattr_free(xattr_list);
+
+ rsp->OutputBufferLength = cpu_to_le32(nbytes);
+ inc_rfc1001_len(rsp_org, nbytes);
+diff --git a/vfs.c b/vfs.c
+index 556b1a5..6da6f8e 100644
+--- a/vfs.c
++++ b/vfs.c
+@@ -1550,6 +1550,12 @@ int cifsd_vfs_remove_xattr(struct dentry *dentry, char *attr_name)
+ return vfs_removexattr(dentry, attr_name);
+ }
+
++void cifsd_vfs_xattr_free(char *xattr)
++{
++ if (xattr)
++ vfree(xattr);
++}
++
+ int cifsd_vfs_unlink(struct dentry *dir, struct dentry *dentry)
+ {
+ int err = 0;
+diff --git a/vfs.h b/vfs.h
+index ee54daf..16b4f9e 100644
+--- a/vfs.h
++++ b/vfs.h
+@@ -186,6 +186,7 @@ int cifsd_vfs_xattr_stream_name(char *stream_name,
+
+ int cifsd_vfs_truncate_xattr(struct dentry *dentry, int wo_streams);
+ int cifsd_vfs_remove_xattr(struct dentry *dentry, char *attr_name);
++void cifsd_vfs_xattr_free(char *xattr);
+
+ int cifsd_vfs_kern_path(char *name, unsigned int flags, struct path *path,
+ bool caseless);
GO_VERSION_MAJOR_MINOR:=1.12
-GO_VERSION_PATCH:=7
+GO_VERSION_PATCH:=9
PKG_SOURCE:=go$(PKG_VERSION).src.tar.gz
PKG_SOURCE_URL:=$(GO_SOURCE_URLS)
-PKG_HASH:=95e8447d6f04b8d6a62de1726defbb20ab203208ee167ed15f83d7978ce43b13
+PKG_HASH:=ab0e56ed9c4732a653ed22e232652709afbf573e710f56a07f7fdeca578d62fc
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=LICENSE
include $(TOPDIR)/rules.mk
PKG_NAME:=ldbus
-PKG_SOURCE_DATE:=2019-03-25
-PKG_SOURCE_VERSION:=345d820b0f34bd35ea01dae633d35ea3cf7faf2a
+PKG_SOURCE_DATE:=2019-08-15
+PKG_SOURCE_VERSION:=9e176fe851006037a643610e6d8f3a8e597d4073
PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL=https://github.com/daurnimator/ldbus
-PKG_MIRROR_HASH:=c0f5d1b34bc8b82d0f70bad23ecaca10ef84730c2c3ea318673b5a941f4dfc85
+PKG_MIRROR_HASH:=65fc7c975a17cfd3929b54973558205354fc285b6bd88a732c045e8444000d44
PKG_MAINTAINER:=Enrico Mioso <mrkiko.rs@gmail.com>
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=LICENSE
PKG_BUILD_DEPENDS:=luarocks/host
+PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
SECTION:=lang
CATEGORY:=Languages
TITLE:=ldbus Lua DBus bindings
+ URL:=https://github.com/daurnimator/ldbus
DEPENDS:=+dbus +lua
endef
for details.
endef
-TARGET_CFLAGS += \
- -I$(STAGING_DIR)/usr/include
-
-MAKE_FLAGS += \
- FPIC="$(FPIC)" \
- CFLAGS="$(TARGET_CFLAGS)" \
- LDFLAGS="$(TARGET_LDFLAGS)"
-
define Build/Compile
cd $(PKG_BUILD_DIR) && \
luarocks make --pack-binary-rock ldbus-scm-0.rockspec \
DBUS_INCDIR=$(STAGING_DIR)/usr/include/dbus-1.0/ \
DBUS_ARCH_INCDIR=$(STAGING_DIR)/usr/lib/dbus-1.0/include \
DBUS_LIBDIR=$(STAGING_DIR)/usr/lib \
- CC="$(TARGET_CC)" LD="$(TARGET_CC)"
+ CC="$(TARGET_CC)" LD="$(TARGET_CC)" \
+ CFLAGS="$(TARGET_CFLAGS) $(FPIC)" \
+ LDFLAGS="$(TARGET_LDFLAGS)"
endef
define Package/ldbus/install
--- /dev/null
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=lua-bit32
+PKG_VERSION:=5.3.0
+PKG_RELEASE:=1
+
+
+PKG_SRC_NAME:=lua-compat-5.2
+PKG_SRC_VERSION:=0.3
+PKG_SOURCE_URL=https://codeload.github.com/keplerproject/$(PKG_SRC_NAME)/tar.gz/v$(PKG_SRC_VERSION)?
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_HASH:=627e842c488c1afece4383da9f9a839a7ddbc2f7fedfc456f76e3a590d4ca67f
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_SRC_NAME)-$(PKG_SRC_VERSION)
+
+PKG_MAINTAINER:=Maxim Storchak <m.storchak@gmail.com>
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=LICENSE
+
+PKG_BUILD_DEPENDS:=luarocks/host
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/lua-bit32
+ SUBMENU:=Lua
+ SECTION:=lang
+ CATEGORY:=Languages
+ TITLE:=Lua 5.2 bit manipulation library
+ DEPENDS:=+lua
+endef
+
+define Package/lua-bit32/description
+ lua-bit32 is the native Lua 5.2 bit manipulation library,
+ backported to Lua 5.1
+endef
+
+TARGET_CFLAGS += \
+ -I$(STAGING_DIR)/usr/include
+
+define Build/Compile
+ cd $(PKG_BUILD_DIR) && \
+ luarocks make --pack-binary-rock bit32-scm-1.rockspec \
+ LUA_LIBDIR=$(STAGING_DIR)/usr/lib/lua \
+ LUA_PKGNAME=lua5.1 \
+ CFLAGS="$(TARGET_CFLAGS) $(FPIC)" \
+ LDFLAGS="$(TARGET_LDFLAGS)" \
+ CC="$(TARGET_CC)" LD="$(TARGET_CC)"
+endef
+
+define Package/$(PKG_NAME)/install
+ $(INSTALL_DIR) $(1)/usr/lib/lua
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/bit32.so $(1)/usr/lib/lua
+endef
+
+$(eval $(call BuildPackage,lua-bit32))
include $(TOPDIR)/rules.mk
PKG_NAME:=lua-openssl
-PKG_VERSION:=0.7.1
+PKG_VERSION:=0.7.4
PKG_RELEASE:=1
PKG_MAINTAINER:=Amnon Paz <pazamnon@gmail.com>
PKG_LICENSE:=MIT
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_MIRROR_HASH:=225e3fe09226ff72968a7f36a33e207d27332107456a754abbaa59f99a3038f3
+PKG_MIRROR_HASH:=c27cedee438de95877823b1ae0607556564d82c8692be40f43743ca9cc5a029a
PKG_SOURCE_URL:=https://github.com/zhaozg/lua-openssl.git
PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=b104bbe914d279276560f188854036075b99f724
+PKG_SOURCE_VERSION:=96effbaf477ca205f1787aaf1cce643bd208066b
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
include $(INCLUDE_DIR)/package.mk
+diff --git a/Makefile b/Makefile
+index 10c1142..2a94df4 100644
--- a/Makefile
+++ b/Makefile
-@@ -1,58 +1,36 @@
- T=openssl\r
-+.PHONY: install clean\r
- \r
--PREFIX ?=/usr/local\r
--LIB_OPTION ?= -shared \r
-+PKGC ?= pkg-config\r
- \r
--#Lua auto detect\r
--LUA_VERSION ?= $(shell pkg-config luajit --print-provides)\r
--ifeq ($(LUA_VERSION),) ############ Not use luajit\r
--LUAV ?= $(shell lua -e "_,_,v=string.find(_VERSION,'Lua (.+)');print(v)")\r
--LUA_CFLAGS ?= -I$(PREFIX)/include/lua$(LUAV)\r
--LUA_LIBS ?= -L$(PREFIX)/lib \r
--LUA_LIBDIR ?= $(PREFIX)/lib/lua/$(LUAV)\r
--else\r
--LUAV ?= $(shell lua -e "_,_,v=string.find(_VERSION,'Lua (.+)');print(v)")\r
--LUA_CFLAGS ?= $(shell pkg-config luajit --cflags)\r
--LUA_LIBS ?= $(shell pkg-config luajit --libs)\r
--LUA_LIBDIR ?= $(PREFIX)/lib/lua/$(LUAV)\r
--endif\r
-+LIB_OPTION = -shared \r
- \r
--#OS auto detect\r
--SYS := $(shell gcc -dumpmachine)\r
-+# lua's package config can be under various names\r
-+LUAPKGC := $(shell for pc in lua lua5.1 lua5.2 lua5.3; do \\r
-+ $(PKGC) --exists $$pc && echo $$pc && break; \\r
-+ done)\r
- \r
--ifneq (, $(findstring linux, $(SYS)))\r
--# Do linux things\r
--LDFLAGS = -fPIC -lrt -ldl\r
--OPENSSL_LIBS ?= $(shell pkg-config openssl --libs) \r
--OPENSSL_CFLAGS ?= $(shell pkg-config openssl --cflags)\r
--CFLAGS = -fPIC $(OPENSSL_CFLAGS) $(LUA_CFLAGS) \r
--endif\r
--ifneq (, $(findstring apple, $(SYS)))\r
--# Do darwin things\r
--LDFLAGS = -fPIC -lrt -ldl\r
-+BUILD_DIR = $(shell pwd)\r
-+\r
-+# LUA include/libraries build flags\r
-+#LUAV ?= $(shell lua -e "_,_,v=string.find(_VERSION,'Lua (.+)');print(v)")\r
-+LUA_LIBDIR := $(shell $(PKGC) --variable=libdir $(LUAPKGC))\r
-+LUA_CFLAGS := $(shell $(PKGC) --cflags $(LUAPKGC))\r
-+LUA_LIBS := $(shell $(PKGC) --libs-only-L $(LUAPKGC))\r
-+#LUA_LIBDIR ?= $(PREFIX)/lib/lua/$(LUAV)\r
-+\r
-+# openssl include/libraries build flags\r
-+LDFLAGS += -lrt -ldl $(OPENSSL_LIBS) $(LUA_LIBS)\r
- OPENSSL_LIBS ?= $(shell pkg-config openssl --libs) \r
- OPENSSL_CFLAGS ?= $(shell pkg-config openssl --cflags)\r
--CFLAGS = -fPIC $(OPENSSL_CFLAGS) $(LUA_CFLAGS)\r
--endif\r
--ifneq (, $(findstring mingw, $(SYS)))\r
--# Do mingw things\r
--V = $(shell lua -e "v=string.gsub('$(LUAV)','%.','');print(v)")\r
--LDFLAGS = -mwindows -lcrypt32 -lssl -lcrypto -lws2_32 $(PREFIX)/bin/lua$(V).dll \r
--LUA_CFLAGS = -DLUA_LIB -DLUA_BUILD_AS_DLL -I$(PREFIX)/include/\r
--CFLAGS = $(OPENSSL_CFLAGS) $(LUA_CFLAGS)\r
--endif\r
--ifneq (, $(findstring cygwin, $(SYS)))\r
--# Do cygwin things\r
--OPENSSL_LIBS ?= $(shell pkg-config openssl --libs) \r
--OPENSSL_CFLAGS ?= $(shell pkg-config openssl --cflags)\r
--CFLAGS = -fPIC $(OPENSSL_CFLAGS) $(LUA_CFLAGS)\r
--endif\r
--#custome config\r
-+# openssl include/libraries build flags\r
-+LOCAL_INCLUDE = -I$(BUILD_DIR)/deps\r
-+CFLAGS += -fPIC -DPTHREADS $(LOCAL_INCLUDE) $(OPENSSL_CFLAGS) $(LUA_CFLAGS) \r
- ifeq (.config, $(wildcard .config))\r
- include .config\r
- endif\r
- \r
--LIBNAME= $T.so.$V\r
-+LIBNAME= $T.so\r
- \r
- #LIB_OPTION= -bundle -undefined dynamic_lookup #for MacOS X\r
- \r
-@@ -68,11 +46,12 @@ OBJS=src/asn1.o src/auxiliar.o src/bio.o
- src/ec.o src/engine.o src/hmac.o src/lbn.o src/lhash.o src/misc.o src/ocsp.o src/openssl.o src/ots.o src/pkcs12.o src/pkcs7.o \\r
- src/pkey.o src/rsa.o src/ssl.o src/th-lock.o src/util.o src/x509.o src/xattrs.o src/xexts.o src/xname.o src/xstore.o src/xalgor.o src/callback.o \r
- \r
--.c.o:\r
-- $(CC) -c -o $@ $?\r
-+%.o: %.c\r
-+ $(CC) $(CFLAGS) -c $< -o $@\r
- \r
- all: $T.so\r
- echo $(SYS)\r
-+ $(CC) $(LDFLAGS) $(LIB_OPTION) $(OBJS) -o $@\r
- \r
- $T.so: $(OBJS)\r
- MACOSX_DEPLOYMENT_TARGET="10.3"; export MACOSX_DEPLOYMENT_TARGET; $(CC) $(CFLAGS) $(LIB_OPTION) -o $T.so $(OBJS) $(OPENSSL_LIBS) $(LUA_LIBS) $(LDFLAGS)\r
+@@ -1,121 +1,52 @@
+ T=openssl
++.PHONY: install clean
+
+-PREFIX ?=/usr/local
+-CC := $(CROSS)$(CC)
+-AR := $(CROSS)$(AR)
+-LD := $(CROSS)$(LD)
++PKGC ?= pkg-config
+
+-#OS auto detect
+-ifneq (,$(TARGET_SYS))
+- SYS := $(TARGET_SYS)
+-else
+- SYS := $(shell gcc -dumpmachine)
+-endif
+-
+-#Lua auto detect
+-LUA_VERSION := $(shell pkg-config luajit --print-provides)
+-ifeq ($(LUA_VERSION),)
+- # Not found luajit package, try lua
+- LUA_VERSION := $(shell pkg-config lua --print-provides)
+- ifeq ($(LUA_VERSION),)
+- # Not found lua package, try from prefix
+- LUA_VERSION := $(shell lua -e "_,_,v=string.find(_VERSION,'Lua (.+)');print(v)")
+- LUA_CFLAGS ?= -I$(PREFIX)/include/lua$(LUA_VERSION)
+- LUA_LIBS ?= -L$(PREFIX)/lib -llua
+- LUA_LIBDIR ?= $(PREFIX)/lib/lua/$(LUA_VERSION)
+- else
+- # Found lua package
+- LUA_VERSION := $(shell lua -e "_,_,v=string.find(_VERSION,'Lua (.+)');print(v)")
+- LUA_CFLAGS ?= $(shell pkg-config lua --cflags)
+- LUA_LIBS ?= $(shell pkg-config lua --libs)
+- LUA_LIBDIR ?= $(PREFIX)/lib/lua/$(LUA_VERSION)
+- endif
+-else
+- # Found luajit package
+- LUA_VERSION := $(shell luajit -e "_,_,v=string.find(_VERSION,'Lua (.+)');print(v)")
+- LUA_CFLAGS ?= $(shell pkg-config luajit --cflags)
+- LUA_LIBS ?= $(shell pkg-config luajit --libs)
+- LUA_LIBDIR ?= $(PREFIX)/lib/lua/$(LUA_VERSION)
+-endif
+-
+-#OpenSSL auto detect
+-OPENSSL_CFLAGS ?= $(shell pkg-config openssl --cflags)
+-OPENSSL_LIBS ?= $(shell pkg-config openssl --static --libs)
+-
+-ifneq (, $(findstring linux, $(SYS)))
+- # Do linux things
+- CFLAGS = -fpic
+- LDFLAGS = -Wl,--no-undefined -fpic -lrt -ldl -lm
+-endif
+-
+-ifneq (, $(findstring apple, $(SYS)))
+- # Do darwin things
+- CFLAGS = -fPIC
+- LDFLAGS = -fPIC -undefined dynamic_lookup -ldl
+- #MACOSX_DEPLOYMENT_TARGET="10.3"
+- CC := MACOSX_DEPLOYMENT_TARGET=${MACOSX_DEPLOYMENT_TARGET} $(CC)
+-endif
++LIB_OPTION = -shared
++LUAPKGC = lua
+
+-ifneq (, $(findstring mingw, $(SYS)))
+- # Do mingw things
+- CFLAGS = -DLUA_LIB -DLUA_BUILD_AS_DLL -DWIN32_LEAN_AND_MEAN
+-endif
+-
+-ifneq (, $(findstring cygwin, $(SYS)))
+- # Do cygwin things
+- CFLAGS = -fPIC
+-endif
++# LUA include/libraries build flags
++LUA_CFLAGS := $(shell $(PKGC) --cflags $(LUAPKGC))
++LUA_LIBS_DIR := $(shell $(PKGC) --libs $(LUAPKGC))
+
+-ifneq (, $(findstring iOS, $(SYS)))
+- # Do iOS things
+- CFLAGS = -fPIC
+- LDFLAGS = -fPIC -ldl
+-endif
++# openssl include/libraries build flags
++OPENSSL_CFLAGS ?= $(shell $(PKGC) openssl --cflags)
++OPENSSL_LIBS_DIR ?= $(shell $(PKGC) openssl --libs)
+
+-#custom config
++LDFLAGS = -Wl,--no-undefined -fpic -lrt -ldl -lm $(OPENSSL_LIBS_DIR) $(LUA_LIBS_DIR)
++CFLAGS += -fPIC -DPTHREADS $(OPENSSL_CFLAGS) $(LUA_CFLAGS)
+ ifeq (.config, $(wildcard .config))
+- include .config
++include .config
+ endif
+
+-LIBNAME= $T.so.$V
++LIBNAME= $T.so
+
+-CFLAGS += $(OPENSSL_CFLAGS) $(LUA_CFLAGS) $(TARGET_FLAGS)
+-LDFLAGS += -shared $(OPENSSL_LIBS) $(LUA_LIBS)
+ # Compilation directives
+ WARN_MIN = -Wall -Wno-unused-value
+ WARN = -Wall
+ WARN_MOST = $(WARN) -W -Waggregate-return -Wcast-align -Wmissing-prototypes -Wnested-externs -Wshadow -Wwrite-strings -pedantic
+ CFLAGS += -g $(WARN_MIN) -DPTHREADS -Ideps -Ideps/lua-compat -Ideps/auxiliar
+
+-
+ OBJS=src/asn1.o deps/auxiliar/auxiliar.o src/bio.o src/cipher.o src/cms.o src/compat.o src/crl.o src/csr.o src/dh.o src/digest.o src/dsa.o \
+ src/ec.o src/engine.o src/hmac.o src/lbn.o src/lhash.o src/misc.o src/ocsp.o src/openssl.o src/ots.o src/pkcs12.o src/pkcs7.o \
+ src/pkey.o src/rsa.o src/ssl.o src/th-lock.o src/util.o src/x509.o src/xattrs.o src/xexts.o src/xname.o src/xstore.o \
+ src/xalgor.o src/callback.o src/srp.o deps/auxiliar/subsidiar.o
+
+-.c.o:
+- $(CC) $(CFLAGS) -c -o $@ $?
++%.o: %.c
++ $(CC) $(CFLAGS) -c $< -o $@
+
+ all: $T.so
+- @echo "Target system: "$(SYS)
+-
+-$T.so: lib$T.a
+- $(CC) -o $@ src/openssl.o -L. -l$T $(LDFLAGS)
++ echo $(SYS)
++ $(CC) $(LDFLAGS) $(LIB_OPTION) $(OBJS) -o $@
+
+-lib$T.a: $(OBJS)
+- $(AR) rcs $@ $?
++$T.so: $(OBJS)
++ echo "LUA LIBS_DIR: " $(LUA_LIBS_DIR)
++ $(CC) $(CFLAGS) $(LIB_OPTION) -o $T.so $(OBJS) $(LDFLAGS)
+
+ install: all
+ mkdir -p $(LUA_LIBDIR)
+ cp $T.so $(LUA_LIBDIR)
+
+-info:
+- @echo "Target system: "$(SYS)
+- @echo "CC:" $(CC)
+- @echo "AR:" $(AR)
+- @echo "PREFIX:" $(PREFIX)
+-
+ clean:
+- rm -f $T.so lib$T.a $(OBJS)
+-
+-# vim: ts=8 sw=8 noet
++ rm -f $T.so $(OBJS)
+++ /dev/null
-diff --git a/deps/lua-compat/c-api/compat-5.3.c b/deps/lua-compat/c-api/compat-5.3.c
-index 4395bbc..4a8877c 100644
---- a/deps/lua-compat/c-api/compat-5.3.c
-+++ b/deps/lua-compat/c-api/compat-5.3.c
-@@ -491,17 +491,6 @@ COMPAT53_API int lua_geti (lua_State *L, int index, lua_Integer i) {
- }
-
-
--COMPAT53_API int lua_isinteger (lua_State *L, int index) {
-- if (lua_type(L, index) == LUA_TNUMBER) {
-- lua_Number n = lua_tonumber(L, index);
-- lua_Integer i = lua_tointeger(L, index);
-- if (i == n)
-- return 1;
-- }
-- return 0;
--}
--
--
- static void compat53_reverse (lua_State *L, int a, int b) {
- for (; a < b; ++a, --b) {
- lua_pushvalue(L, a);
-diff --git a/deps/lua-compat/c-api/compat-5.3.h b/deps/lua-compat/c-api/compat-5.3.h
-index 2309294..8e67bae 100644
---- a/deps/lua-compat/c-api/compat-5.3.h
-+++ b/deps/lua-compat/c-api/compat-5.3.h
-@@ -244,9 +244,6 @@ typedef int (*lua_KFunction)(lua_State *L, int status, lua_KContext ctx);
- #define lua_geti COMPAT53_CONCAT(COMPAT53_PREFIX, _geti)
- COMPAT53_API int lua_geti (lua_State *L, int index, lua_Integer i);
-
--#define lua_isinteger COMPAT53_CONCAT(COMPAT53_PREFIX, _isinteger)
--COMPAT53_API int lua_isinteger (lua_State *L, int index);
--
- #define lua_numbertointeger(n, p) \
- ((*(p) = (lua_Integer)(n)), 1)
-
+++ /dev/null
---- a/src/csr.c
-+++ b/src/csr.c
-@@ -38,7 +38,7 @@ static LUA_FUNCTION(openssl_csr_read)
- return openssl_pushresult(L, 0);
- }
- \r
--\r
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L\r
- static X509 *X509_REQ_to_X509_ex(X509_REQ *r, int days, EVP_PKEY *pkey, const EVP_MD* md)\r
- {\r
- X509 *ret = NULL;\r
-@@ -91,14 +91,19 @@ static X509 *X509_REQ_to_X509_ex(X509_RE
- }\r
- return (ret);\r
- }\r
-+#endif\r
-
- static LUA_FUNCTION(openssl_csr_to_x509)
- {
- X509_REQ * csr = CHECK_OBJECT(1, X509_REQ, "openssl.x509_req");
- EVP_PKEY * pkey = CHECK_OBJECT(2, EVP_PKEY, "openssl.evp_pkey");
- int days = luaL_optint(L, 3, 365);
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- const EVP_MD* md = get_digest(L, 4, "sha256");
- X509* cert = X509_REQ_to_X509_ex(csr, days, pkey, md);
-+#else
-+ X509* cert = X509_REQ_to_X509(csr, days, pkey);
-+#endif
- if (cert)
- {
- PUSH_OBJECT(cert, "openssl.x509");
#
-# Copyright (C) 2011 OpenWrt.org
-#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=luaposix
-PKG_VERSION:=v33.2.1
-PKG_RELEASE:=6
-
-PKG_SOURCE:=release-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://github.com/luaposix/luaposix/archive/
-PKG_HASH:=4fb34dfea67f4cf3194cdecc6614c9aea67edc3c4093d34137669ea869c358e1
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-release-$(PKG_VERSION)
-PKG_REMOVE_FILES:=aclocal.m4
-PKG_FIXUP:=autoreconf
+PKG_VERSION:=34.1.1
+PKG_RELEASE:=1
+
+PKG_SOURCE_URL:=https://codeload.github.com/$(PKG_NAME)/$(PKG_NAME)/tar.gz/v$(PKG_VERSION)?
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_HASH:=7948f4ac8b953172e928753632e37ad97cc3014df74b524fe7839f71216a7e90
PKG_MAINTAINER:=Maxim Storchak <m.storchak@gmail.com>
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=COPYING
-PKG_BUILD_DEPENDS:=lua/host
+PKG_BUILD_DEPENDS:=luarocks/host
include $(INCLUDE_DIR)/package.mk
SUBMENU:=Lua
SECTION:=lang
CATEGORY:=Languages
- TITLE:=luaposix
- URL:=http://luaforge.net/projects/luaposix/
- DEPENDS:=+lua +librt
+ TITLE:=POSIX binding for LuaJIT, Lua 5.1, 5.2 and 5.3
+ URL:=https://github.com/luaposix/luaposix
+ DEPENDS:=+lua +lua-bit32
endef
define Package/luaposix/description
to various low level libc functions.
endef
-CONFIGURE_VARS += ac_cv_path_LDOC="true"
-
-TARGET_CFLAGS += -DLUA_USE_LINUX $(FPIC) -std=gnu99
-ifeq ($(CONFIG_USE_MUSL),y)
- TARGET_CFLAGS += -D_POSIX_PRIORITY_SCHEDULING
- # Musl doesn't do all of XOPEN_REALTIME, but it does for luaposix.
- # see https://github.com/luaposix/luaposix/issues/295
- TARGET_CFLAGS += -D_XOPEN_REALTIME=1
-endif
+TARGET_CFLAGS += \
+ -I$(STAGING_DIR)/usr/include
+
+define Build/Compile
+ cd $(PKG_BUILD_DIR) && \
+ LDFLAGS="$(TARGET_LDFLAGS) $(FPIC)" \
+ CFLAGS="$(TARGET_CFLAGS) $(FPIC)" \
+ CC="$(TARGET_CC)" LD="$(TARGET_CC)" \
+ LUA_PKGNAME=lua5.1 \
+ LUA_LIBDIR=$(STAGING_DIR)/usr/lib/lua \
+ luarocks make --force --deps-mode=none --pack-binary-rock luaposix-$(PKG_VERSION)-1.rockspec \
+ LUA_LIBDIR=$(STAGING_DIR)/usr/lib/lua \
+ LUA_PKGNAME=lua5.1 \
+ CC="$(TARGET_CC)" LD="$(TARGET_CC)" \
+ CFLAGS="$(TARGET_CFLAGS) $(FPIC)" \
+ LDFLAGS="$(TARGET_LDFLAGS)"
+endef
define Package/luaposix/install
- $(INSTALL_DIR) $(1)/usr/lib/lua/posix
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/ext/posix/.libs/posix.so $(1)/usr/lib/lua
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/lib/posix.lua $(1)/usr/lib/lua
+ $(INSTALL_DIR) $(1)/usr/lib/lua/posix/sys
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/linux/posix/*.so $(1)/usr/lib/lua/posix/
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/linux/posix/sys/*.so $(1)/usr/lib/lua/posix/sys/
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/lib/posix/*.lua $(1)/usr/lib/lua/posix/
+ rm -f $(1)/usr/lib/lua/posix/{deprecated,compat}.lua
endef
$(eval $(call BuildPackage,luaposix))
+++ /dev/null
-diff --git a/configure.ac b/configure.ac
-index dfd4199..19924d0 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -153,15 +153,6 @@ AC_CHECK_LIB([rt], [clock_gettime])
- AC_SUBST([LIBRT], [$LIBS])
- LIBS=$save_LIBS
-
--## Curses
--AX_WITH_CURSES
--AC_ARG_VAR(CURSES_LIB, [linker flags for curses library])
--
--save_LIBS=$LIBS
--LIBS="$CURSES_LIB $LIBS"
--AC_CHECK_FUNCS([resizeterm])
--LIBS=$save_LIBS
--
- ## Use system implementation, or bundled replacement?
- AC_CHECK_FUNCS([strlcpy])
-
-diff --git a/ext/posix/posix.c b/ext/posix/posix.c
-index 6019df0..2d75487 100644
---- a/ext/posix/posix.c
-+++ b/ext/posix/posix.c
-@@ -12,7 +12,6 @@
-
- #include "bit32.c"
- #include "ctype.c"
--#include "curses.c"
- #include "dirent.c"
- #include "errno.c"
- #include "fcntl.c"
-diff --git a/lib/posix.lua.in b/lib/posix.lua.in
-index 17ef39a..a248d9b 100644
---- a/lib/posix.lua.in
-+++ b/lib/posix.lua.in
-@@ -35,15 +35,6 @@ for _, sub in ipairs {
- end
- end
-
+diff --git i/lib/posix/init.lua w/lib/posix/init.lua
+index c17693a..d4db923 100644
+--- i/lib/posix/init.lua
++++ w/lib/posix/init.lua
+@@ -325,14 +325,6 @@ do
+ end
+ end
+ end
-
---- Inject deprecated APIs (overwriting submodules) for backwards compatibility.
--for k, v in pairs (require "posix.deprecated") do
-- M[k] = v
--end
--for k, v in pairs (require "posix.compat") do
-- M[k] = v
--end
--
- M.version = "posix for " .. _VERSION .. " / @PACKAGE_STRING@"
+- -- Inject deprecated APIs (overwriting submodules) for backwards compatibility.
+- for k, v in next, require 'posix.deprecated' do
+- M[k] = v
+- end
+- for k, v in next, require 'posix.compat' do
+- M[k] = v
+- end
+ end
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
-#
+#
include $(TOPDIR)/rules.mk
PKG_NAME:=luarocks
PKG_VERSION:=2.2.2
-PKG_RELEASE:=3
+PKG_RELEASE:=4
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_MIRROR_HASH:=e4cf874c9bce34a5accd41daaf51a3213763b8b6f7f658ca4d13a70a7ddb1c0c
PKG_SOURCE_PROTO:=git
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_URL:=https://github.com/keplerproject/luarocks.git
+PKG_SOURCE_URL:=https://github.com/keplerproject/luarocks
PKG_SOURCE_VERSION:=v$(PKG_VERSION)
+PKG_MIRROR_HASH:=e4cf874c9bce34a5accd41daaf51a3213763b8b6f7f658ca4d13a70a7ddb1c0c
PKG_MAINTAINER:=Amr Hassan <amr.hassan@gmail.com>
-PKG_INSTALL=1
-PKG_BUILD_DEPENDS:=lua/host
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=COPYING
+
+PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
+PKG_BUILD_DEPENDS:=lua/host zip/host
HOST_BUILD_DEPENDS:=$(PKG_BUILD_DEPENDS)
-PKG_LICENSE=GPL
-HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/$(PKG_NAME)-$(PKG_VERSION)
+HOST_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/host-build.mk
include $(INCLUDE_DIR)/package.mk
include $(TOPDIR)/rules.mk
PKG_NAME:=luasocket
-PKG_SOURCE_VERSION:=6d5e40c324c84d9c1453ae88e0ad5bdd0a631448
-PKG_VERSION:=3.0-rc1-20130909
-PKG_RELEASE:=5
+PKG_SOURCE_DATE:=2019-04-21
+PKG_SOURCE_VERSION:=733af884f1aa18ff469bf3c4d18810e815853211
+PKG_RELEASE:=1
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_MIRROR_HASH:=d2fa075d8bd026c41e0eb1a634ac2ad8115dee8abb070720e8e91fab51f86ee4
-PKG_SOURCE_URL:=https://github.com/diegonehab/luasocket.git
PKG_SOURCE_PROTO:=git
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE_URL:=https://github.com/diegonehab/luasocket
+PKG_MIRROR_HASH:=60aef7544426cae3e6c7560a6e4ad556a04b879ca0ad0311645b2c513c872128
+
+PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org>
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=LICENSE
include $(INCLUDE_DIR)/package.mk
-define Package/luasocket
+define Package/luasocket/default
SUBMENU:=Lua
SECTION:=lang
CATEGORY:=Languages
+ URL:=http://w3.impa.br/~diego/software/luasocket
+endef
+
+define Package/luasocket
+ $(Package/luasocket/default)
TITLE:=LuaSocket
- URL:=http://luasocket.luaforge.net/
- MAINTAINER:=W. Michael Petullo <mike@flyn.org>
DEPENDS:=+lua
+ VARIANT:=lua-51
+ DEFAULT_VARIANT:=1
+endef
+
+define Package/luasocket5.3
+ $(Package/luasocket/default)
+ TITLE:=LuaSocket 5.3
+ DEPENDS:=+liblua5.3
+ VARIANT:=lua-53
endef
-define Package/luasocket/description
+ifeq ($(BUILD_VARIANT),lua-51)
+ LUA_VERSION=5.1
+endif
+
+ifeq ($(BUILD_VARIANT),lua-53)
+ LUA_VERSION=5.3
+endif
+
+
+define Package/luasocket/default/description
LuaSocket is the most comprehensive networking support
library for the Lua language. It provides easy access to
TCP, UDP, DNS, SMTP, FTP, HTTP, MIME and much more.
endef
+Package/luasocket/description = $(Package/luasocket/default/description)
+Package/luasocket5.3/description = $(Package/luasocket/default/description)
define Build/Configure
endef
LIBDIR="$(TARGET_LDFLAGS)" \
CC="$(TARGET_CC) $(TARGET_CFLAGS) $(TARGET_CPPFLAGS) $(FPIC)" \
LD="$(TARGET_CROSS)ld -shared" \
+ LUAV=$(LUA_VERSION) LUAINC_linux_base=$(STAGING_DIR)/usr/include \
all
endef
-
define Package/luasocket/install
$(INSTALL_DIR) $(1)/usr/lib/lua
$(INSTALL_DATA) $(PKG_BUILD_DIR)/src/{ltn12,mime,socket}.lua $(1)/usr/lib/lua
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/mime.so.1.0.3 $(1)/usr/lib/lua
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/socket.so.3.0-rc1 $(1)/usr/lib/lua
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/mime-1.0.3.so $(1)/usr/lib/lua
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/socket-3.0-rc1.so $(1)/usr/lib/lua
$(INSTALL_DIR) $(1)/usr/lib/lua/mime
- ln -sf ../mime.so.1.0.3 $(1)/usr/lib/lua/mime/core.so
+ ln -sf ../mime-1.0.3.so $(1)/usr/lib/lua/mime/core.so
$(INSTALL_DIR) $(1)/usr/lib/lua/socket
$(INSTALL_DATA) $(PKG_BUILD_DIR)/src/{ftp,http,smtp,tp,url,headers}.lua $(1)/usr/lib/lua/socket
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/unix.so $(1)/usr/lib/lua/socket
- ln -sf ../socket.so.3.0-rc1 $(1)/usr/lib/lua/socket/core.so
+ ln -sf ../socket-3.0-rc1.so $(1)/usr/lib/lua/socket/core.so
endef
+
+define Package/luasocket5.3/install
+ $(MAKE) -C $(PKG_BUILD_DIR)/src \
+ DESTDIR="$(1)" \
+ LUAV=$(LUA_VERSION) \
+ install
+endef
+
+
$(eval $(call BuildPackage,luasocket))
+$(eval $(call BuildPackage,luasocket5.3))
index 0000000..db231aa
--- /dev/null
+++ b/src/if.c
-@@ -0,0 +1,113 @@
+@@ -0,0 +1,117 @@
+/*
+ * $Id: if.c $
+ *
+{
+ lua_pushstring(L, "iface");
+ lua_newtable(L);
++#if LUA_VERSION_NUM < 503
+ luaL_openlib(L, NULL, func, 0);
++#else
++ luaL_setfuncs(L, func, 0);
++#endif
+ lua_settable(L, -3);
+ return 0;
+}
index e6ee747..85d41a6 100644
--- a/src/luasocket.c
+++ b/src/luasocket.c
-@@ -31,6 +31,7 @@
+@@ -21,6 +21,7 @@
#include "tcp.h"
#include "udp.h"
#include "select.h"
/*-------------------------------------------------------------------------*\
* Internal function prototypes
-@@ -51,6 +52,7 @@ static const luaL_Reg mod[] = {
+@@ -41,6 +42,7 @@ static const luaL_Reg mod[] = {
{"tcp", tcp_open},
{"udp", udp_open},
{"select", select_open},
index 8d3521e..09d4882 100644
--- a/src/makefile
+++ b/src/makefile
-@@ -262,6 +262,7 @@ SOCKET_OBJS= \
- auxiliar.$(O) \
+
+@@ -303,6 +303,7 @@ SOCKET_OBJS= \
+ compat.$(O) \
options.$(O) \
inet.$(O) \
+ if.$(O) \
$(SOCKET) \
except.$(O) \
select.$(O) \
-@@ -387,6 +388,7 @@ auxiliar.$(O): auxiliar.c auxiliar.h
+@@ -440,6 +441,7 @@ auxiliar.$(O): auxiliar.c auxiliar.h
buffer.$(O): buffer.c buffer.h io.h timeout.h
except.$(O): except.c except.h
inet.$(O): inet.c inet.h socket.h io.h timeout.h usocket.h
index 8ac2a14..1c73e6f 100644
--- a/src/options.c
+++ b/src/options.c
-@@ -3,6 +3,9 @@
- * LuaSocket toolkit
- \*=========================================================================*/
- #include <string.h>
+@@ -7,7 +7,10 @@
+ #include "options.h"
+ #include "inet.h"
+ #include <string.h>
+-
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <net/if.h>
-
- #include "lauxlib.h"
-
-@@ -285,6 +288,12 @@ static int opt_ip6_setmembership(lua_State *L, p_socket ps, int level, int name)
++
+ /*=========================================================================*\
+ * Internal functions prototypes
+ \*=========================================================================*/
+@@ -388,6 +391,12 @@ static int opt_ip6_setmembership(lua_Sta
if (!lua_isnil(L, -1)) {
if (lua_isnumber(L, -1)) {
val.ipv6mr_interface = (unsigned int) lua_tonumber(L, -1);
} else
luaL_argerror(L, -1, "number 'interface' field expected");
}
---
+--
1.8.4.rc3
-
--- a/src/makefile
+++ b/src/makefile
-@@ -345,18 +345,18 @@ none:
+@@ -397,18 +398,18 @@ none:
all: $(SOCKET_SO) $(MIME_SO)
$(SOCKET_SO): $(SOCKET_OBJS)
- $(LD) $(SERIAL_OBJS) $(LDFLAGS)$@
+ $(CC) $(SERIAL_OBJS) $(LDFLAGS)$@
- install:
+ install:
$(INSTALL_DIR) $(INSTALL_TOP_LDIR)
--- a/src/makefile
+++ b/src/makefile
-@@ -163,9 +163,8 @@ DEF_linux=-DLUASOCKET_$(DEBUG) -DLUA_$(COMPAT)_MODULE \
- -DLUASOCKET_API='__attribute__((visibility("default")))' \
- -DUNIX_API='__attribute__((visibility("default")))' \
- -DMIME_API='__attribute__((visibility("default")))'
--CFLAGS_linux= -I$(LUAINC) $(DEF) -pedantic -Wall -Wshadow -Wextra \
-- -Wimplicit -O2 -ggdb3 -fpic -fvisibility=hidden
+@@ -174,9 +174,8 @@ SO_linux=so
+ O_linux=o
+ CC_linux=gcc
+ DEF_linux=-DLUASOCKET_$(DEBUG)
+-CFLAGS_linux=$(LUAINC:%=-I%) $(DEF) -Wall -Wshadow -Wextra \
+- -Wimplicit -O2 -ggdb3 -fpic
-LDFLAGS_linux=-O -shared -fpic -o
-+CFLAGS_linux= -I$(LUAINC) $(DEF) -fvisibility=hidden
-+LDFLAGS_linux=-shared -o
++CFLAGS_linux=$(LUAINC:%=-I%) $(DEF) -O2
++LDFLAGS_linux=-O -shared -o
LD_linux=gcc
SOCKET_linux=usocket.o
+++ /dev/null
-if PACKAGE_node-mozilla-iot-gateway
-
- comment "Optional features"
-
- config MOIT_enable-plugin-support
- bool "Enable packages needed for some plugins"
- default y
-
-endif
+++ /dev/null
-#
-# Copyright (C) 2018 Sartura Ltd.
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NPM_NAME:=mozilla-iot-gateway
-PKG_NAME:=node-$(PKG_NPM_NAME)
-PKG_VERSION:=0.8.1
-PKG_RELEASE:=2
-
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://codeload.github.com/mozilla-iot/gateway/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=f407732b9c1d020aa79e9d0b12f1b97e82691d6f58def2df067f790f4f640e30
-
-PKG_BUILD_DEPENDS:=node/host openzwave
-
-PKG_MAINTAINER:=Marko Ratkaj <marko.ratkaj@sartura.hr>
-PKG_LICENSE:=MPL-2.0
-PKG_LICENSE_FILES:=LICENSE
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/node-mozilla-iot-gateway
- SUBMENU:=Node.js
- SECTION:=lang
- CATEGORY:=Languages
- TITLE:=WebThings Gateway by Mozilla
- URL:=https://iot.mozilla.org/gateway/
- DEPENDS:= +libpthread +node +node-npm +libopenzwave +openzwave-config +python +python3-light +python3-pip +openssl-util
- DEPENDS+= +MOIT_enable-plugin-support:git-http
- MENU:=1
-endef
-
-define Package/node-mozilla-iot-gateway/description
- Build Your Own Web of Things Gateway. The "Web of Things" (WoT) is the
- idea of taking the lessons learned from the World Wide Web and applying
- them to IoT. It's about creating a decentralized Internet of Things by
- giving Things URLs on the web to make them linkable and discoverable,
- and defining a standard data model and APIs to make them interoperable.
-endef
-
-define Package/node-mozilla-iot-gateway/config
- source "$(SOURCE)/Config.in"
-endef
-
-CPU:=$(subst powerpc,ppc,$(subst aarch64,arm64,$(subst x86_64,x64,$(subst i386,ia32,$(ARCH)))))
-
-TARGET_CFLAGS+=$(FPIC)
-
-define Build/Compile
- $(MAKE_VARS) \
- $(MAKE_FLAGS) \
- npm_config_arch=$(CONFIG_ARCH) \
- npm_config_nodedir=$(STAGING_DIR)/usr/ \
- npm_config_cache=$(TMP_DIR)/npm-cache \
- npm_config_tmp=$(TMP_DIR)/npm-tmp \
- PREFIX="$(PKG_INSTALL_DIR)/usr/" \
- $(STAGING_DIR_HOSTPKG)/bin/npm install --build-from-source --target_arch=$(CPU) -g $(DL_DIR)/$(PKG_SOURCE)
-endef
-
-define Package/node-mozilla-iot-gateway/install
- $(INSTALL_DIR) $(1)/opt/mozilla-iot/gateway/
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/node_modules/webthings-gateway/* $(1)/opt/mozilla-iot/gateway
- $(MAKE_VARS) \
- $(MAKE_FLAGS) \
- $(STAGING_DIR_HOSTPKG)/bin/npm --prefix=$(1)/opt/mozilla-iot/gateway install \
- --build-from-source --target_arch=$(CPU) $(1)/opt/mozilla-iot/gateway
- $(INSTALL_DIR) $(1)/etc/init.d
- $(INSTALL_BIN) ./files/mozilla-iot-gateway.init $(1)/etc/init.d/mozilla-iot-gateway
-endef
-
-$(eval $(call BuildPackage,node-mozilla-iot-gateway))
+++ /dev/null
-# Things Gateway by Mozilla
-
-Build Your Own Web of Things Gateway. The "Web of Things" (WoT) is the idea of
-taking the lessons learned from the World Wide Web and applying them to IoT.
-It's about creating a decentralized Internet of Things by giving Things URLs on
-the web to make them linkable and discoverable, and defining a standard data
-model and APIs to make them interoperable.
-
-### Getting Started
-
-These instructions will get you a copy of OpenWrt's build system on your local
-machine for development and testing purposes. To check the prerequisites for
-your system check out this
-[link](https://openwrt.org/docs/guide-developer/build-system/install-buildsystem).
-
-```
-git clone https://github.com/openwrt/openwrt
-cd openwrt
-```
-
-### Configure the build system
-
-We need to configure the build system and select the Things Gateway package.
-This process is no different from selecting other OpenWrt packages. For this
-example we will be using build configuration for Raspberry Pi 2/3.
-
-Update feeds and open menuconfig interface:
-
-```
-make package/symlinks
-make menuconfig
-```
-
-Select your target:
-
-```
-Target System (Broadcom BCM27xx) --->
-Subtarget (BCM2709/BCM2710 32 bit based boards) --->
-Target Profile (Raspberry Pi 2B/3B/3B+/3CM) --->
-```
-
-Things Gateway package is a bit beefy. In order to fit the image, extend the
-filesystem size from 256 to 1024 MB:
-
-```
-Target Images --->
- (1024) Root filesystem partition size (in MB)
-```
-
-Select Things Gateway package:
-
-```
-Languages --->
- Node.js --->
- <*> node-mozilla-iot-gateway
-```
-
-Save and exit.
-
-
-### Building the image
-
-Run the build process and substitute <N> with the number of your CPU cores:
-
-```
-make -j<N>
-```
-
-
-### Flashing on the SD card
-
-Process of flashing the image will depend on which device you have.
-Instructions below are for Raspberry Pi 2/3. For other devices consult OpenWrt
-wiki pages. Be careful to replace the X in the third command with the drive
-letter of your SD card.
-
-```
-cd bin/targets/brcm2708/bcm2709
-gunzip openwrt-brcm2708-bcm2709-rpi-2-ext4-factory.img.gz
-sudo dd if=openwrt-brcm2708-bcm2709-rpi-2-ext4-factory.img of=/dev/sdX conv=fsync
-```
-
-## Running Things Gateway from USB flash drive
-
-In case the device doesn't have enough internal storage space, it is possible
-to run Things Gateway of a USB flash drive. This requires USB flash drive with
-ext4 filesystem plugged in the device.
-
-### Configuration
-
-Do all steps from "Configure the build system" above, and after that change
-node-mozilla-iot-gateway selection from "\*" to "M". This will build the
-package and all of it's dependencies but it will not install Things Gateway.
-
-```
-Languages --->
- Node.js --->
- <M> node-mozilla-iot-gateway
-```
-
-### Prepare the device
-
-We need to auto mount the USB flash drive in order for the gateway to start at
-boot. To do so, open a console on your embedded device and create a /etc/fstab
-file with the following contents. This assumes your USB flash drive is
-/dev/sda1:
-
-```
-/dev/sda1 /opt ext4 rw,relatime,data=ordered 0 1
-/opt/root /root none defaults,bind 0 0
-```
-
-Add "mount -a" to the end of the "boot" function in /etc/init.d/boot
-
-```
-boot() {
- .
- .
- .
- /bin/config_generate
- uci_apply_defaults
-
- # temporary hack until configd exists
- /sbin/reload_config
-
- # Added by us
- mount -a
-}
-```
-
-### Install Things Gateway package
-
-After successfully mounting the USB drive, transfer the .ipk file from your
-local machine to the device and install it. Note that your package version
-might defer. Also note that location of .ipk file depends on the selected
-target, but it will be within ./bin/packages directory. We need to use
-"--force-space" or else opkg might complain about insufficient space.
-
-On your local machine:
-```
-cd bin/packages/arm_cortex-a9_vfpv3/packages/
-scp node-mozilla-iot-gateway_0.6.0-1_arm_cortex-a9_vfpv3.ipk root@192.168.1.1:/tmp
-```
-
-On the device:
-```
-opkg --force-space install /tmp/node-mozilla-iot-gateway_0.6.0-1_arm_cortex-a9_vfpv3.ipk
-```
-
-Things Gateway should now start at every boot.
+++ /dev/null
-#!/bin/sh /etc/rc.common
-
-START=99
-
-USE_PROCD=1
-
-HOME=/root
-MOZIOT_HOME="${HOME}/.mozilla-iot"
-export PATH="/opt/mozilla-iot/gateway/tools:${PATH}"
-
-start_service()
-{
- mkdir -p /usr/etc/
- ln -sf /etc/openzwave /usr/etc/openzwave
-
- procd_open_instance mozilla-iot-gateway
- procd_set_param command /usr/bin/npm start --prefix /opt/mozilla-iot/gateway
- procd_set_param stdout 1
- procd_set_param stderr 1
- procd_close_instance
-}
include $(TOPDIR)/rules.mk
PKG_NAME:=node
-PKG_VERSION:=v8.16.0
-PKG_RELEASE:=2
+PKG_VERSION:=v8.16.1
+PKG_RELEASE:=1
PKG_SOURCE:=node-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://nodejs.org/dist/${PKG_VERSION}
-PKG_HASH:=3515e8e01568a5dc4dff3d91a76ebc6724f5fa2fbb58b4b0c5da7b178a2f7340
+PKG_HASH:=d8c190acdf2d967faf49c22df883d31a8d4e249d67852dae3c2d8a0f756b0512
HOST_BUILD_DEPENDS:=python/host
PKG_BUILD_DEPENDS:=python/host
HOST_CONFIGURE_VARS:=
HOST_CONFIGURE_ARGS:= \
- --dest-os=linux \
+ --dest-os=$(if $(findstring Darwin,$(HOST_OS)),mac,linux) \
--without-snapshot \
--prefix=$(STAGING_DIR_HOSTPKG)
--- /dev/null
+--- a/tools/gyp/pylib/gyp/generator/make.py
++++ b/tools/gyp/pylib/gyp/generator/make.py
+@@ -174,7 +174,7 @@
+
+ LINK_COMMANDS_MAC = """\
+ quiet_cmd_alink = LIBTOOL-STATIC $@
+-cmd_alink = rm -f $@ && ./gyp-mac-tool filter-libtool libtool $(GYP_LIBTOOLFLAGS) -static -o $@ $(filter %.o,$^)
++cmd_alink = rm -f $@ && ./gyp-mac-tool filter-libtool /usr/bin/libtool $(GYP_LIBTOOLFLAGS) -static -o $@ $(filter %.o,$^)
+
+ quiet_cmd_link = LINK($(TOOLSET)) $@
+ cmd_link = $(LINK.$(TOOLSET)) $(GYP_LDFLAGS) $(LDFLAGS.$(TOOLSET)) -o "$@" $(LD_INPUTS) $(LIBS)
include $(TOPDIR)/rules.mk
PKG_NAME:=perl-device-usb
-PKG_VERSION:=0.37
+PKG_VERSION:=0.38
PKG_RELEASE:=1
PKG_SOURCE_URL:=https://www.cpan.org/authors/id/G/GW/GWADEJ/
PKG_SOURCE:=Device-USB-$(PKG_VERSION).tar.gz
-PKG_HASH:=0dd58d9c627b3c539d07263a7b96e1de2adea3a4ddb118cdd45aa638f8702e49
+PKG_HASH:=f0c36379db4913406dc9bd546a6cfd4da20d58f7c2cc085893a2fe67a43465dc
-PKG_LICENSE:=GPL-1.0+ Artistic-1.0-Perl
PKG_MAINTAINER:=Marcel Denia <naoir@gmx.net>
+PKG_LICENSE:=GPL-1.0-or-later Artistic-1.0-Perl
PKG_BUILD_DIR:=$(BUILD_DIR)/perl/Device-USB-$(PKG_VERSION)
PKG_BUILD_DEPENDS:=perl-inline-c/host
@@ -15,6 +15,7 @@ use Inline (
($ENV{LIBUSB_INCDIR} ? ( INC => "-I\"$ENV{LIBUSB_INCDIR}\"" ) : () ),
NAME => 'Device::USB',
- VERSION => '0.37',
+ VERSION => '0.38',
+ PREFIX => 'deviceusb_',
);
Inline->init();
-@@ -540,74 +541,74 @@ unsigned DeviceUSBDebugLevel()
+@@ -657,74 +658,74 @@ unsigned DeviceUSBDebugLevel()
return debugLevel;
}
}
#if LIBUSB_HAS_GET_DRIVER_NP
ret = usb_get_driver_np((usb_dev_handle *)dev, interface, name, namelen);
-@@ -618,11 +619,11 @@ int libusb_get_driver_np(void *dev, int
+@@ -735,11 +736,11 @@ int libusb_get_driver_np(void *dev, int interface, char *name, unsigned int name
#endif
}
}
#if LIBUSB_HAS_DETACH_KERNEL_DRIVER_NP
return usb_detach_kernel_driver_np((usb_dev_handle *)dev, interface);
-@@ -631,25 +632,25 @@ int libusb_detach_kernel_driver_np(void
+@@ -748,25 +749,25 @@ int libusb_detach_kernel_driver_np(void *dev, int interface)
#endif
}
{
int i = 0;
int retval = 0;
-@@ -658,7 +659,7 @@ void libusb_control_msg(void *dev, int r
+@@ -775,7 +776,7 @@ void libusb_control_msg(void *dev, int requesttype, int request, int value, int
if(DeviceUSBDebugLevel())
{
requesttype, request, value, index, bytes, size, timeout
);
/* maybe need to add support for printing the bytes string. */
-@@ -691,54 +692,54 @@ void libusb_control_msg(void *dev, int r
+@@ -808,54 +809,54 @@ void libusb_control_msg(void *dev, int requesttype, int request, int value, int
Inline_Stack_Done;
}
include $(TOPDIR)/rules.mk
PKG_NAME:=perl-inline-c
-PKG_VERSION:=0.78
+PKG_VERSION:=0.81
PKG_RELEASE:=1
-PKG_SOURCE_URL:=http://www.cpan.org/authors/id/T/TI/TINITA
PKG_SOURCE:=Inline-C-$(PKG_VERSION).tar.gz
-PKG_HASH:=9a7804d85c01a386073d2176582b0262b6374c5c0341049da3ef84c6f53efbc7
+PKG_SOURCE_URL:=https://www.cpan.org/authors/id/T/TI/TINITA
+PKG_HASH:=f185258d9050d7f79b4f00f12625cc469c2f700ff62d3e831cb18d80d2c87aac
-PKG_LICENSE:=GPL-1.0+ Artistic-1.0-Perl
PKG_MAINTAINER:=Marcel Denia <naoir@gmx.net>
+PKG_LICENSE:=GPL-1.0-or-later Artistic-1.0-Perl
+PKG_LICENSE_FILES:=LICENSE
HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/perl/Inline-C-$(PKG_VERSION)
HOST_BUILD_DEPENDS:=perl/host perl-inline/host perl-parse-recdescent/host perl-file-sharedir-install/host
SECTION:=lang
CATEGORY:=Languages
TITLE:=C Language Support for Inline
- URL:=http://search.cpan.org/dist/Inline-C/
+ URL:=https://search.cpan.org/dist/Inline-C/
DEPENDS:=perl +perl-inline +perl-parse-recdescent +perlbase-config +perlbase-cwd +perlbase-data +perlbase-essential +perlbase-file +perlbase-if
endef
--- a/lib/Inline/C.pm
+++ b/lib/Inline/C.pm
-@@ -361,7 +361,7 @@ sub build {
+@@ -380,7 +380,7 @@ sub build {
$o->call('write_XS', 'Build Glue 1');
$o->call('write_Inline_headers', 'Build Glue 2');
$o->call('write_Makefile_PL', 'Build Glue 3');
--- a/lib/Inline/C.pm
+++ b/lib/Inline/C.pm
-@@ -438,22 +438,28 @@ sub get_maps {
+@@ -457,22 +457,28 @@ sub get_maps {
print STDERR "get_maps Stage\n" if $o->{CONFIG}{BUILD_NOISY};
my $typemap = '';
my $file;
include $(TOPDIR)/rules.mk
PKG_NAME:=perl-inline
-PKG_VERSION:=0.82
+PKG_VERSION:=0.83
PKG_RELEASE:=1
PKG_SOURCE:=Inline-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://cpan.metacpan.org/authors/id/T/TI/TINITA
-PKG_HASH:=1af94a8e95e4ba4545592341c47d8d1dc45b01822b877f7d3095a438566e874b
+PKG_HASH:=171a8e5f66faf88fe5ef4de7126267cd8fb2503483432eabc3b88ac7d5be4239
PKG_MAINTAINER:=Marcel Denia <naoir@gmx.net>
-PKG_LICENSE:=GPL-1.0+ Artistic-1.0-Perl
+PKG_LICENSE:=GPL-1.0-or-later Artistic-1.0-Perl
PKG_LICENSE_FILES:=LICENSE
PKG_BUILD_DIR:=$(BUILD_DIR)/perl/Inline-$(PKG_VERSION)
include $(TOPDIR)/rules.mk
PKG_NAME:=php
-PKG_VERSION:=7.2.19
+PKG_VERSION:=7.2.21
PKG_RELEASE:=1
PKG_MAINTAINER:=Michael Heimpold <mhei@heimpold.de>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://www.php.net/distributions/
-PKG_HASH:=4ffa2404a88d60e993a9fe69f829ebec3eb1e006de41b6048ce5e91bbeaa9282
+PKG_HASH:=de06aff019d8f5079115795bd7d8eedd4cd03daecb62d58abb18f492dd995c95
PKG_FIXUP:=libtool autoreconf
PKG_BUILD_PARALLEL:=1
$(call Package/$(PKG_NAME)/Default)
DEPENDS:= \
+PACKAGE_python-$(PKG_NAME):python \
- +PACKAGE_python-$(PKG_NAME):python-django
+ python-django
VARIANT:=python
+ MDEPENDS:=python-django
endef
define Package/python-$(PKG_NAME)/description
$(call Package/$(PKG_NAME)/Default)
DEPENDS:= \
+PACKAGE_python3-$(PKG_NAME):python3 \
- +PACKAGE_python3-$(PKG_NAME):python3-django
+ python3-django
VARIANT:=python3
+ MDEPENDS:=python3-django
endef
define Package/python3-$(PKG_NAME)/description
$(call Package/$(PKG_NAME)/Default)
DEPENDS:= \
+PACKAGE_python-$(PKG_NAME):python \
- +PACKAGE_python-$(PKG_NAME):python-django \
+ python-django \
+PACKAGE_python-$(PKG_NAME):python-django-appconf \
+PACKAGE_python-$(PKG_NAME):python-rcssmin
VARIANT:=python
+ MDEPENDS:=python-django
endef
define Package/python-$(PKG_NAME)/description
$(call Package/$(PKG_NAME)/Default)
DEPENDS:= \
+PACKAGE_python3-$(PKG_NAME):python3 \
- +PACKAGE_python3-$(PKG_NAME):python3-django \
+ python3-django \
+PACKAGE_python3-$(PKG_NAME):python3-django-appconf \
+PACKAGE_python3-$(PKG_NAME):python3-rcssmin
VARIANT:=python3
+ MDEPENDS:=python3-django
endef
define Package/python3-$(PKG_NAME)/description
$(call Package/python-django-constance/Default)
DEPENDS:= \
+PACKAGE_python-django-constance:python \
- +PACKAGE_python-django-constance:python-django
+ python-django
VARIANT:=python
+ MDEPENDS:=python-django
endef
define Package/python-django-constance/description
$(call Package/python-django-constance/Default)
DEPENDS:= \
+PACKAGE_python3-django-constance:python3 \
- +PACKAGE_python3-django-constance:python3-django
+ python3-django
VARIANT:=python3
+ MDEPENDS:=python3-django
endef
define Package/python3-django-constance/description
$(call Package/$(PKG_NAME)/Default)
DEPENDS:= \
+PACKAGE_python-$(PKG_NAME):python \
- +PACKAGE_python-$(PKG_NAME):python-django
+ python-django
VARIANT:=python
+ MDEPENDS:=python-django
endef
define Package/python-$(PKG_NAME)/description
$(call Package/$(PKG_NAME)/Default)
DEPENDS:= \
+PACKAGE_python3-$(PKG_NAME):python3 \
- +PACKAGE_python3-$(PKG_NAME):python3-django
+ python3-django
VARIANT:=python3
+ MDEPENDS:=python3-django
endef
define Package/python3-$(PKG_NAME)/description
$(call Package/$(PKG_NAME)/Default)
DEPENDS:= \
+PACKAGE_python-$(PKG_NAME):python \
- +PACKAGE_python-$(PKG_NAME):python-django
+ python-django
VARIANT:=python
+ MDEPENDS:=python-django
endef
define Package/python-$(PKG_NAME)/description
$(call Package/$(PKG_NAME)/Default)
DEPENDS:= \
+PACKAGE_python3-$(PKG_NAME):python3 \
- +PACKAGE_python3-$(PKG_NAME):python3-django
+ python3-django
VARIANT:=python3
+ MDEPENDS:=python3-django
endef
define Package/python3-$(PKG_NAME)/description
$(call Package/$(PKG_NAME)/Default)
DEPENDS:= \
+PACKAGE_python-$(PKG_NAME):python \
- +PACKAGE_python-$(PKG_NAME):python-django
+ python-django
VARIANT:=python
+ MDEPENDS:=python-django
endef
define Package/python-$(PKG_NAME)/description
$(call Package/$(PKG_NAME)/Default)
DEPENDS:= \
+PACKAGE_python3-$(PKG_NAME):python3 \
- +PACKAGE_python3-$(PKG_NAME):python3-django
+ python3-django
VARIANT:=python3
+ MDEPENDS:=python3-django
endef
define Package/python3-$(PKG_NAME)/description
$(call Package/$(PKG_NAME)/Default)
DEPENDS:= \
+PACKAGE_python-$(PKG_NAME):python \
- +PACKAGE_python-$(PKG_NAME):python-django \
+ python-django \
+PACKAGE_python-$(PKG_NAME):python-django-jsonfield
VARIANT:=python
+ MDEPENDS:=python-django
endef
define Package/python-$(PKG_NAME)/description
$(call Package/$(PKG_NAME)/Default)
DEPENDS:= \
+PACKAGE_python3-$(PKG_NAME):python3 \
- +PACKAGE_python3-$(PKG_NAME):python3-django \
+ python3-django \
+PACKAGE_python3-$(PKG_NAME):python3-django-jsonfield
VARIANT:=python3
+ MDEPENDS:=python3-django
endef
define Package/python3-$(PKG_NAME)/description
$(call Package/$(PKG_NAME)/Default)
DEPENDS:= \
+PACKAGE_python-$(PKG_NAME):python \
- +PACKAGE_python-$(PKG_NAME):python-django
+ python-django
VARIANT:=python
+ MDEPENDS:=python-django
endef
define Package/python-$(PKG_NAME)/description
$(call Package/$(PKG_NAME)/Default)
DEPENDS:= \
+PACKAGE_python3-$(PKG_NAME):python3 \
- +PACKAGE_python3-$(PKG_NAME):python3-django
+ python3-django
VARIANT:=python3
+ MDEPENDS:=python3-django
endef
define Package/python3-$(PKG_NAME)/description
$(call Package/$(PKG_NAME)/Default)
DEPENDS:= \
+PACKAGE_python-$(PKG_NAME):python \
- +PACKAGE_python-$(PKG_NAME):python-django
+ python-django
VARIANT:=python
+ MDEPENDS:=python-django
endef
define Package/python-$(PKG_NAME)/description
$(call Package/$(PKG_NAME)/Default)
DEPENDS:= \
+PACKAGE_python3-$(PKG_NAME):python3 \
- +PACKAGE_python3-$(PKG_NAME):python3-django
+ python3-django
VARIANT:=python3
+ MDEPENDS:=python3-django
endef
define Package/python3-$(PKG_NAME)/description
include $(TOPDIR)/rules.mk
PKG_NAME:=django-simple-captcha
-PKG_VERSION:=0.5.11
-PKG_RELEASE:=4
+PKG_VERSION:=0.5.12
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/mbi/django-simple-captcha/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=7ca26a4f48e14e5f8be022c0dc099ef98980f3fc99f403ca565ab1f3addaee5b
+PKG_HASH:=89db73a3883573ad5e22c511948a5500491f9848363174d835a2364750c81a77
PKG_MAINTAINER:=Eneas U de Queiroz <cotequeiroz@gmail.com>
PKG_LICENSE:=MIT
DEPENDS:= \
+PACKAGE_python-$(PKG_NAME):python \
+PACKAGE_python-$(PKG_NAME):python-six \
- +PACKAGE_python-$(PKG_NAME):python-django \
+ python-django \
+PACKAGE_python-$(PKG_NAME):python-pillow \
+PACKAGE_python-$(PKG_NAME):python-django-ranged-response
VARIANT:=python
+ MDEPENDS:=python-django
endef
define Package/python-$(PKG_NAME)/description
DEPENDS:= \
+PACKAGE_python3-$(PKG_NAME):python3 \
+PACKAGE_python3-$(PKG_NAME):python3-six \
- +PACKAGE_python3-$(PKG_NAME):python3-django \
+ python3-django \
+PACKAGE_python3-$(PKG_NAME):python3-pillow \
+PACKAGE_python3-$(PKG_NAME):python3-django-ranged-response
VARIANT:=python3
+ MDEPENDS:=python3-django
endef
define Package/python3-$(PKG_NAME)/description
$(call Package/$(PKG_NAME)/Default)
DEPENDS:= \
+PACKAGE_python-$(PKG_NAME):python \
- +PACKAGE_python-$(PKG_NAME):python-django
+ python-django
VARIANT:=python
+ MDEPENDS:=python-django
endef
define Package/python-$(PKG_NAME)/description
$(call Package/$(PKG_NAME)/Default)
DEPENDS:= \
+PACKAGE_python3-$(PKG_NAME):python3 \
- +PACKAGE_python3-$(PKG_NAME):python3-django
+ python3-django
VARIANT:=python3
+ MDEPENDS:=python3-django
endef
define Package/python3-$(PKG_NAME)/description
$(call Package/$(PKG_NAME)/Default)
DEPENDS:= \
+PACKAGE_python-$(PKG_NAME):python \
- +PACKAGE_python-$(PKG_NAME):python-django
+ python-django
VARIANT:=python
+ MDEPENDS:=python-django
endef
define Package/python-$(PKG_NAME)/description
$(call Package/$(PKG_NAME)/Default)
DEPENDS:= \
+PACKAGE_python3-$(PKG_NAME):python3 \
- +PACKAGE_python3-$(PKG_NAME):python3-django
+ python3-django
VARIANT:=python3
+ MDEPENDS:=python3-django
endef
define Package/python3-$(PKG_NAME)/description
CATEGORY:=Languages
TITLE:=The web framework for perfectionists with deadlines.
URL:=https://www.djangoproject.com/
+ MENU:=1
endef
define Package/python-django
$(eval $(call PyPackage,python-asn1crypto))
$(eval $(call BuildPackage,python-asn1crypto))
+$(eval $(call BuildPackage,python-asn1crypto-src))
+
$(eval $(call Py3Package,python3-asn1crypto))
$(eval $(call BuildPackage,python3-asn1crypto))
+$(eval $(call BuildPackage,python3-asn1crypto-src))
include $(TOPDIR)/rules.mk
PKG_NAME:=python-dateutil
-PKG_VERSION:=2.7.5
-PKG_RELEASE:=3
+PKG_VERSION:=2.8.0
+PKG_RELEASE:=1
PKG_LICENSE:=BSD-2-Clause
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://files.pythonhosted.org/packages/source/p/python-dateutil
-PKG_HASH:=88f9287c0174266bb0d8cedd395cfba9c58e87e5ad86b2ce58859bc11be3cf02
+PKG_HASH:=c89805f6f4d64db21ed966fda138f8a5ed7a4fdbc1a8ee329ce1b74e3c74da9e
PKG_BUILD_DIR:=$(BUILD_DIR)/$(BUILD_VARIANT)-dateutil-$(PKG_VERSION)
PKG_MAINTAINER:=Alexandru Ardelean <ardeleanalex@gmail.com>
$(eval $(call PyPackage,python-evdev))
$(eval $(call BuildPackage,python-evdev))
+$(eval $(call BuildPackage,python-evdev-src))
+
$(eval $(call Py3Package,python3-evdev))
$(eval $(call BuildPackage,python3-evdev))
+$(eval $(call BuildPackage,python3-evdev-src))
include $(TOPDIR)/rules.mk
PKG_NAME:=python-lxml
-PKG_VERSION:=4.3.1
+PKG_VERSION:=4.4.1
PKG_RELEASE:=1
PKG_SOURCE:=lxml-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://files.pythonhosted.org/packages/source/l/lxml
-PKG_HASH:=da5e7e941d6e71c9c9a717c93725cda0708c2474f532e3680ac5e39ec57d224d
+PKG_HASH:=c81cb40bff373ab7a7446d6bbca0190bccc5be3448b47b51d729e37799bb5692
PKG_BUILD_DIR:=$(BUILD_DIR)/$(BUILD_VARIANT)-lxml-$(PKG_VERSION)
PKG_UNPACK=$(HOST_TAR) -C $(PKG_BUILD_DIR) --strip-components=1 -xzf $(DL_DIR)/$(PKG_SOURCE)
$(eval $(call PyPackage,python-lxml))
$(eval $(call BuildPackage,python-lxml))
+$(eval $(call BuildPackage,python-lxml-src))
$(eval $(call Py3Package,python3-lxml))
$(eval $(call BuildPackage,python3-lxml))
+$(eval $(call BuildPackage,python3-lxml-src))
include $(TOPDIR)/rules.mk
PKG_NAME:=python-oauthlib
-PKG_VERSION:=3.0.2
+PKG_VERSION:=3.1.0
PKG_RELEASE:=1
PKG_MAINTAINER:=Eneas U de Queiroz <cotequeiroz@gmail.com>
PKG_SOURCE:=oauthlib-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://files.pythonhosted.org/packages/source/o/oauthlib
-PKG_HASH:=b4d99ae8ccfb7d33ba9591b59355c64eef5241534aa3da2e4c0435346b84bc8e
+PKG_HASH:=bee41cc35fcca6e988463cacc3bcb8a96224f470ca547e697b604cc697b2f889
PKG_BUILD_DIR:=$(BUILD_DIR)/$(BUILD_VARIANT)-oauthlib-$(PKG_VERSION)
include $(INCLUDE_DIR)/package.mk
EXTRA_DEPENDS:=
TITLE+= (sources)
USERID:=
+ MENU:=
endef
define Package/$(1)-src/description
include $(TOPDIR)/rules.mk
PKG_NAME:=python-pyasn1-modules
-PKG_VERSION:=0.2.5
+PKG_VERSION:=0.2.6
PKG_RELEASE:=1
PKG_SOURCE:=pyasn1-modules-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://files.pythonhosted.org/packages/source/p/pyasn1-modules
-PKG_HASH:=ef721f68f7951fab9b0404d42590f479e30d9005daccb1699b0a51bb4177db96
+PKG_HASH:=43c17a83c155229839cc5c6b868e8d0c6041dba149789b6d6e28801c64821722
PKG_LICENSE:=BSD-2-Clause
PKG_LICENSE_FILES:=LICENSE.txt
include $(TOPDIR)/rules.mk
PKG_NAME:=python-pyasn1
-PKG_VERSION:=0.4.5
+PKG_VERSION:=0.4.6
PKG_RELEASE:=1
PKG_SOURCE:=pyasn1-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://files.pythonhosted.org/packages/source/p/pyasn1
-PKG_HASH:=da2420fe13a9452d8ae97a0e478adde1dee153b11ba832a95b223a2ba01c10f7
+PKG_HASH:=b773d5c9196ffbc3a1e13bdf909d446cad80a039aa3340bcad72f395b76ebc86
PKG_LICENSE:=BSD-2-Clause
PKG_LICENSE_FILES:=LICENSE.txt
include $(TOPDIR)/rules.mk
PKG_NAME:=python-pytz
-PKG_VERSION:=2019.1
-PKG_RELEASE:=2
+PKG_VERSION:=2019.2
+PKG_RELEASE:=1
PKG_SOURCE:=pytz-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://files.pythonhosted.org/packages/source/p/pytz
-PKG_HASH:=d747dd3d23d77ef44c6a3526e274af6efeb0a6f1afd5a69ba4d5be4098c8e141
+PKG_HASH:=26c0b32e437e54a18161324a2fca3c4b9846b74a8dccddd843113109e1116b32
PKG_BUILD_DIR:=$(BUILD_DIR)/$(BUILD_VARIANT)-pytz-$(PKG_VERSION)
include $(TOPDIR)/rules.mk
PKG_NAME:=python-sentry-sdk
-PKG_VERSION:=0.10.1
+PKG_VERSION:=0.11.1
PKG_RELEASE:=1
PKG_SOURCE:=sentry-sdk-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://files.pythonhosted.org/packages/source/s/sentry-sdk/
-PKG_HASH:=7e24f3ec1f4c909306d1b97373fe5caa942f54009acdcfa4d1ee6671f626bbe9
+PKG_HASH:=79e8352b5097aa06014871c6daad0933f59d1fcccc586339464ea86e4877b2ab
PKG_BUILD_DIR:=$(BUILD_DIR)/sentry-sdk-$(PKG_VERSION)
PKG_MAINTAINER:=Josef Schlehofer <josef.schlehofer@nic.cz>
include $(TOPDIR)/rules.mk
PKG_NAME:=python-twisted
-PKG_VERSION:=19.2.1
+PKG_VERSION:=19.7.0
PKG_RELEASE:=1
PKG_SOURCE:=Twisted-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://files.pythonhosted.org/packages/source/T/Twisted
-PKG_HASH:=fa2c04c2d68a9be7fc3975ba4947f653a57a656776f24be58ff0fe4b9aaf3e52
+PKG_HASH:=d5db93026568f60cacdc0615fcd21d46f694a6bfad0ef3ff53cde2b4bb85a39d
PKG_BUILD_DIR:=$(BUILD_DIR)/$(BUILD_VARIANT)-twisted-$(PKG_VERSION)
PKG_BUILD_DEPENDS:=libtirpc
--- a/src/twisted/python/_setup.py
+++ b/src/twisted/python/_setup.py
-@@ -147,7 +147,6 @@ _CONSOLE_SCRIPTS = [
+@@ -149,7 +149,6 @@ _CONSOLE_SCRIPTS = [
"conch = twisted.conch.scripts.conch:run",
"mailmail = twisted.mail.scripts.mailmail:run",
"pyhtmlizer = twisted.scripts.htmlizer:run",
--- a/src/twisted/python/_setup.py
+++ b/src/twisted/python/_setup.py
-@@ -173,11 +173,6 @@ class ConditionalExtension(Extension, ob
+@@ -175,11 +175,6 @@ class ConditionalExtension(Extension, ob
# The C extensions used for Twisted.
_EXTENSIONS = [
ConditionalExtension(
"twisted.internet.iocpreactor.iocpsupport",
sources=[
"src/twisted/internet/iocpreactor/iocpsupport/iocpsupport.c",
-@@ -241,12 +236,11 @@ def getSetupArgs(extensions=_EXTENSIONS)
+@@ -284,12 +279,11 @@ def getSetupArgs(extensions=_EXTENSIONS,
"incremental >= 16.10.1",
"Automat >= 0.3.0",
"hyperlink >= 17.1.1",
use_incremental=True,
setup_requires=["incremental >= 16.10.1"],
install_requires=requirements,
-@@ -256,7 +250,7 @@ def getSetupArgs(extensions=_EXTENSIONS)
+@@ -299,7 +293,7 @@ def getSetupArgs(extensions=_EXTENSIONS,
cmdclass=command_classes,
include_package_data=True,
exclude_package_data={
PKG_NAME:=python
PKG_VERSION:=$(PYTHON_VERSION).$(PYTHON_VERSION_MICRO)
-PKG_RELEASE:=8
+PKG_RELEASE:=9
PKG_SOURCE:=Python-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://www.python.org/ftp/python/$(PKG_VERSION)
endef
HOST_LDFLAGS += \
- $$$$(pkg-config --static --libs libcrypto libssl) -Wl$(comma)-rpath=$(STAGING_DIR_HOSTPKG)/lib
+ -Wl$(comma)-rpath$(comma)$(STAGING_DIR_HOSTPKG)/lib
ifeq ($(HOST_OS),Linux)
HOST_LDFLAGS += \
-Wl,--no-as-needed -lrt
endif
+ifeq ($(HOST_OS),Darwin)
+HOST_CONFIGURE_VARS += \
+ ac_cv_header_libintl_h=no
+endif
+
HOST_CONFIGURE_ARGS+= \
--without-cxx-main \
--without-pymalloc \
--- /dev/null
+--- a/Modules/posixmodule.c
++++ b/Modules/posixmodule.c
+@@ -3070,7 +3070,7 @@ done:
+ if (arg == Py_None) {
+ /* optional time values not given */
+ Py_BEGIN_ALLOW_THREADS
+- res = utime(path, NULL);
++ res = utimes(path, NULL);
+ Py_END_ALLOW_THREADS
+ }
+ else if (!PyTuple_Check(arg) || PyTuple_Size(arg) != 2) {
EXTRA_DEPENDS:=
TITLE+= (sources)
USERID:=
+ MENU:=
endef
define Package/$(1)-src/description
endef
HOST_LDFLAGS += \
- $$$$(pkg-config --static --libs libcrypto libssl) -Wl$(comma)-rpath=$(STAGING_DIR_HOSTPKG)/lib
+ -Wl$(comma)-rpath$(comma)$(STAGING_DIR_HOSTPKG)/lib
ifeq ($(HOST_OS),Linux)
HOST_LDFLAGS += \
-Wl,--no-as-needed -lrt
endif
+ifeq ($(HOST_OS),Darwin)
+HOST_CONFIGURE_VARS += \
+ ac_cv_header_libintl_h=no
+endif
+
HOST_CONFIGURE_ARGS+= \
--without-cxx-main \
--without-pymalloc \
include $(TOPDIR)/rules.mk
PKG_NAME:=ruamel-yaml
-PKG_VERSION:=0.15.97
+PKG_VERSION:=0.15.100
PKG_RELEASE:=1
PKG_SOURCE:=ruamel.yaml-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://files.pythonhosted.org/packages/source/r/ruamel.yaml/
-PKG_HASH:=17dbf6b7362e7aee8494f7a0f5cffd44902a6331fe89ef0853b855a7930ab845
+PKG_HASH:=8e42f3067a59e819935a2926e247170ed93c8f0b2ab64526f888e026854db2e4
PKG_BUILD_DIR:=$(BUILD_DIR)/$(BUILD_VARIANT)-ruamel.yaml-$(PKG_VERSION)
PKG_NAME:=dtc
PKG_VERSION:=1.5.0
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_HASH:=c672e443c9f7e39f5a7c8e602da6777f9ad55ad70de87de300a43828c8050172
PKG_SOURCE_URL:=@KERNEL/software/utils/dtc
--- /dev/null
+From eac2ad495b29f15d78daa2a7226653f36515cd7a Mon Sep 17 00:00:00 2001
+From: David Gibson <david@gibson.dropbear.id.au>
+Date: Mon, 25 Mar 2019 14:52:47 +1100
+Subject: [PATCH] Update version.lds again
+
+Yet again, we've added several functions to libfdt that were supposed
+to be exported, but forgotten to add them to the versio.lds script.
+This adds them.
+
+Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
+---
+ libfdt/version.lds | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/libfdt/version.lds b/libfdt/version.lds
+index 9f5d708..a5fe62d 100644
+--- a/libfdt/version.lds
++++ b/libfdt/version.lds
+@@ -66,6 +66,10 @@ LIBFDT_1.2 {
+ fdt_resize;
+ fdt_overlay_apply;
+ fdt_get_string;
++ fdt_get_max_phandle;
++ fdt_check_full;
++ fdt_setprop_placeholder;
++ fdt_property_placeholder;
+ local:
+ *;
+ };
include $(TOPDIR)/rules.mk
PKG_NAME:=flac
-PKG_VERSION:=1.3.2
-PKG_RELEASE:=2
+PKG_VERSION:=1.3.3
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://downloads.xiph.org/releases/flac/
-PKG_HASH:=91cfc3ed61dc40f47f050a109b08610667d73477af6ef36dcad31c31a4a8d53f
-PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
-
-PKG_INSTALL:=1
+PKG_HASH:=213e82bd716c9de6db2f98bcadbc4c24c7e2efe8c75939a1a84e28539c4e1748
+PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
PKG_LICENSE:=GFDL-1.2 GPL-2 LGPL-2.1 BSD-3-Clause
PKG_LICENSE_FILES:=README COPYING.FDL COPYING.GPL COPYING.LGPL COPYING.Xiph
PKG_CPE_ID:=cpe:/a:flac_project:flac
PKG_FIXUP:=autoreconf
+PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
PKG_REMOVE_FILES:=autogen.sh aclocal.m4
include $(INCLUDE_DIR)/package.mk
CONFIGURE_ARGS += \
--disable-cpplibs \
--disable-sse \
- --disable-3dnow \
--disable-altivec \
--disable-doxgen-docs \
--disable-local-xmms-plugin \
--disable-xmms-plugin \
--disable-ogg \
--disable-oggtest \
+ --disable-thorough-tests \
+ --disable-examples \
+ --disable-rpath \
$(if $(CONFIG_DEBUG),--enable-debug) \
- --enable-static
+ --enable-static \
+ --without-pic
TARGET_CFLAGS += $(FPIC)
ACLOCAL_AMFLAGS = -I m4
--SUBDIRS = doc include m4 man src examples test build objs microbench
+-SUBDIRS = doc include m4 man src test build objs microbench
+SUBDIRS = include m4 src build objs
- EXTRA_DIST = \
- COPYING.FDL \
+ if EXAMPLES
+ SUBDIRS += examples
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -30,11 +30,6 @@ SUBDIRS = \
+++ /dev/null
---- a/configure.ac
-+++ b/configure.ac
-@@ -386,10 +386,11 @@ fi
-
- if test "x$debug" = xtrue; then
- CPPFLAGS="-DDEBUG $CPPFLAGS"
-- CFLAGS="-g $CFLAGS"
-+ CFLAGS=$(echo "$CFLAGS" | sed 's/-g[0-9]*//')
-+ CFLAGS="-g3 $CFLAGS"
- else
- CPPFLAGS="-DNDEBUG $CPPFLAGS"
-- CFLAGS=$(echo "$CFLAGS" | sed 's/-O2//')
-+ CFLAGS=$(echo "$CFLAGS" | sed 's/-O2//;s/-g[0-9]*//')
- CFLAGS="-O3 -funroll-loops $CFLAGS"
- fi
-
+++ /dev/null
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -33,6 +33,8 @@ ACLOCAL_AMFLAGS = -I m4
-
- SUBDIRS = include m4 src build objs
-
-+ACLOCAL_AMFLAGS = -I m4
-+
- EXTRA_DIST = \
- COPYING.FDL \
- COPYING.GPL \
--- /dev/null
+Return-Path: <rosenp@gmail.com>
+Received: from localhost.localdomain (76-14-106-55.rk.wavecable.com. [76.14.106.55])
+ by smtp.gmail.com with ESMTPSA id f19sm148509170pfk.180.2019.08.09.13.01.06
+ for <flac-dev@xiph.org>
+ (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256);
+ Fri, 09 Aug 2019 13:01:06 -0700 (PDT)
+From: Rosen Penev <rosenp@gmail.com>
+To: flac-dev@xiph.org
+Subject: [PATCH] Switch to utimensat for newer POSIX versions
+Date: Fri, 9 Aug 2019 13:01:05 -0700
+Message-Id: <20190809200105.1443-1-rosenp@gmail.com>
+X-Mailer: git-send-email 2.17.1
+
+Some libcs like uClibc-ng can optionally disable deprecated functions.
+utime is one of them. When done so, both the header and the function go
+missing.
+
+This fixes flac_utime to work in such a situation.
+---
+ include/share/compat.h | 10 +++++++++-
+ src/libFLAC/metadata_iterators.c | 9 +++++++--
+ src/share/grabbag/file.c | 9 +++++++--
+ 3 files changed, 23 insertions(+), 5 deletions(-)
+
+diff --git a/include/share/compat.h b/include/share/compat.h
+index f3041655..a063c083 100644
+--- a/include/share/compat.h
++++ b/include/share/compat.h
+@@ -112,9 +112,13 @@
+ #include <sys/utime.h> /* for utime() */
+ #endif
+ #else
++#if _POSIX_C_SOURCE >= 200809L
++#include <fcntl.h>
++#else
+ #include <sys/types.h> /* some flavors of BSD (like OS X) require this to get time_t */
+ #include <utime.h> /* for utime() */
+ #endif
++#endif
+
+ #if defined _MSC_VER
+ # if _MSC_VER >= 1800
+@@ -160,11 +164,15 @@
+
+ #define flac_fopen fopen
+ #define flac_chmod chmod
+-#define flac_utime utime
+ #define flac_unlink unlink
+ #define flac_rename rename
+ #define flac_stat stat
+
++#if _POSIX_C_SOURCE >= 200809L
++#define flac_utime(a, b) utimensat (AT_FDCWD, a, *b, 0)
++#else
++#define flac_utime utime
++#endif
+ #endif
+
+ #ifdef _WIN32
+diff --git a/src/libFLAC/metadata_iterators.c b/src/libFLAC/metadata_iterators.c
+index 352a6c7a..d5255eb9 100644
+--- a/src/libFLAC/metadata_iterators.c
++++ b/src/libFLAC/metadata_iterators.c
+@@ -3422,13 +3422,18 @@ FLAC__bool get_file_stats_(const char *filename, struct flac_stat_s *stats)
+
+ void set_file_stats_(const char *filename, struct flac_stat_s *stats)
+ {
+- struct utimbuf srctime;
+-
+ FLAC__ASSERT(0 != filename);
+ FLAC__ASSERT(0 != stats);
+
++#if _POSIX_C_SOURCE >= 200809L
++ struct timespec srctime[2] = {};
++ srctime[0].tv_sec = stats->st_atime;
++ srctime[1].tv_sec = stats->st_mtime;
++#else
++ struct utimbuf srctime;
+ srctime.actime = stats->st_atime;
+ srctime.modtime = stats->st_mtime;
++#endif
+ (void)flac_chmod(filename, stats->st_mode);
+ (void)flac_utime(filename, &srctime);
+ #if !defined _MSC_VER && !defined __BORLANDC__ && !defined __MINGW32__
+diff --git a/src/share/grabbag/file.c b/src/share/grabbag/file.c
+index 2c67bebf..edd835a6 100644
+--- a/src/share/grabbag/file.c
++++ b/src/share/grabbag/file.c
+@@ -27,7 +27,6 @@
+ #include <fcntl.h> /* for _O_BINARY */
+ #else
+ #include <sys/types.h> /* some flavors of BSD (like OS X) require this to get time_t */
+-#include <utime.h> /* for utime() */
+ #endif
+ #if defined __EMX__
+ #include <io.h> /* for setmode(), O_BINARY */
+@@ -53,11 +52,17 @@
+ void grabbag__file_copy_metadata(const char *srcpath, const char *destpath)
+ {
+ struct flac_stat_s srcstat;
+- struct utimbuf srctime;
+
+ if(0 == flac_stat(srcpath, &srcstat)) {
++#if _POSIX_C_SOURCE >= 200809L
++ struct timespec srctime[2] = {};
++ srctime[0].tv_sec = srcstat.st_atime;
++ srctime[1].tv_sec = srcstat.st_mtime;
++#else
++ struct utimbuf srctime;
+ srctime.actime = srcstat.st_atime;
+ srctime.modtime = srcstat.st_mtime;
++#endif
+ (void)flac_chmod(destpath, srcstat.st_mode);
+ (void)flac_utime(destpath, &srctime);
+ }
+--
+2.17.1
+
+++ /dev/null
-From 4f47b63e9c971e6391590caf00a0f2a5ed612e67 Mon Sep 17 00:00:00 2001
-From: Erik de Castro Lopo <erikd@mega-nerd.com>
-Date: Sat, 8 Apr 2017 18:34:49 +1000
-Subject: [PATCH] stream_decoder.c: Fix a memory leak
-
-Leak reported by Secunia Research.
----
- src/libFLAC/stream_decoder.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/src/libFLAC/stream_decoder.c b/src/libFLAC/stream_decoder.c
-index 14d5fe7f..a5527511 100644
---- a/src/libFLAC/stream_decoder.c
-+++ b/src/libFLAC/stream_decoder.c
-@@ -1759,6 +1759,9 @@ FLAC__bool read_metadata_vorbiscomment_(FLAC__StreamDecoder *decoder, FLAC__Stre
- }
- memset (obj->comments[i].entry, 0, obj->comments[i].length) ;
- if (!FLAC__bitreader_read_byte_block_aligned_no_crc(decoder->private_->input, obj->comments[i].entry, obj->comments[i].length)) {
-+ /* Current i-th entry is bad, so we delete it. */
-+ free (obj->comments[i].entry) ;
-+ obj->comments[i].entry = NULL ;
- obj->num_comments = i;
- goto skip;
- }
---
-2.17.0
-
include $(TOPDIR)/rules.mk
PKG_NAME:=giflib
-PKG_VERSION:=5.1.4
+PKG_VERSION:=5.2.1
PKG_RELEASE:=1
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@SF/giflib
-PKG_HASH:=df27ec3ff24671f80b29e6ab1c4971059c14ac3db95406884fc26574631ba8d5
+PKG_HASH:=31da5562f44c5f15d63340a09a4fd62b48c45620cd302f77a6d9acf0077879bd
PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
-
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=COPYING
PKG_CPE_ID:=cpe:/a:giflib_project:giflib
-PKG_FIXUP:=autoreconf
-PKG_REMOVE_FILES:=autogen.sh aclocal.m4
+PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/host-build.mk
include $(INCLUDE_DIR)/package.mk
SECTION:=libs
CATEGORY:=Libraries
TITLE:=GIF libraries
- URL:=http://sourceforge.net/projects/giflib
+ URL:=https://sourceforge.net/projects/giflib
endef
define Package/giflib/description
the LZW compression algorithm was patented.
endef
-TARGET_CFLAGS += $(FPIC)
+define Package/giflib-utils
+ SECTION:=utils
+ CATEGORY:=Utilities
+ TITLE:=GIF utilities
+ URL:=https://sourceforge.net/projects/giflib
+endef
-define Build/Compile
- $(MAKE) -C $(PKG_BUILD_DIR)
+define Package/giflib-utils/description
+ These are the utilities that come with giflib.
endef
+TARGET_CFLAGS += -ffunction-sections -fdata-sections $(FPIC)
+TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed
+
+MAKE_FLAGS += \
+ CFLAGS="$(TARGET_CFLAGS)" \
+ LDFLAGS="$(TARGET_LDFLAGS)" \
+ PREFIX=$(CONFIGURE_PREFIX)
+
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/{lib,include}
- $(CP) $(PKG_BUILD_DIR)/lib/.libs/lib*so* $(1)/usr/lib
- $(CP) $(PKG_BUILD_DIR)/lib/.libs/libgif.a $(1)/usr/lib
- $(CP) $(PKG_BUILD_DIR)/lib/libgif.la $(1)/usr/lib
- $(CP) $(PKG_BUILD_DIR)/lib/*.h $(1)/usr/include/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libgif.so* $(1)/usr/lib
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libgif.a $(1)/usr/lib
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/include/*.h $(1)/usr/include
endef
define Package/giflib/install
$(INSTALL_DIR) $(1)/usr/lib
- $(CP) $(PKG_BUILD_DIR)/lib/.libs/lib*so* $(1)/usr/lib/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libgif.so* $(1)/usr/lib
+endef
+
+define Package/giflib-utils/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/* $(1)/usr/bin
endef
$(eval $(call HostBuild))
$(eval $(call BuildPackage,giflib))
+$(eval $(call BuildPackage,giflib-utils))
+++ /dev/null
---- a/configure.ac
-+++ b/configure.ac
-@@ -21,7 +21,6 @@ AC_PROG_MAKE_SET
- AM_PROG_CC_C_O
-
- dnl Allow partial building on systems without xmlto
--AC_CHECK_PROG([have_xmlto], [xmlto], ["yes"],["no"])
- AM_CONDITIONAL([BUILD_DOC], [test "x${have_xmlto}" = "xyes"])
-
- dnl Shared-library version
PKG_BUILD_PARALLEL:=1
HOST_BUILD_PARALLEL:=1
-PKG_BUILD_DEPENDS:=glib2/host gettext
+PKG_BUILD_DEPENDS:=gettext
HOST_BUILD_DEPENDS:=gettext-full/host libiconv/host libffi/host
PKG_INSTALL:=1
PKG_USE_MIPS16:=0
include $(TOPDIR)/rules.mk
PKG_NAME:=gnutls
-PKG_VERSION:=3.6.8
-PKG_RELEASE:=2
+PKG_VERSION:=3.6.9
+PKG_RELEASE:=1
PKG_USE_MIPS16:=0
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://www.gnupg.org/ftp/gcrypt/gnutls/v3.6
-PKG_HASH:=aa81944e5635de981171772857e72be231a7e0f559ae0292d2737de475383e83
+PKG_HASH:=4331fca55817ecdd74450b908a6c29b4f05bb24dd13144c6284aa34d872e1fcb
#PKG_FIXUP:=autoreconf gettext-version
PKG_MAINTAINER:=Nikos Mavrogiannopoulos <nmav@gnutls.org>
PKG_LICENSE:=LGPLv2.1+
This package contains the GnuTLS shared library, needed by other programs.
endef
-
+# We disable the configuration file (system-priority-file) because
+# the use of configuration increases the non-shared memory used by
+# the library and we don't provide an openwrt-specific configuration
+# anyway.
CONFIGURE_ARGS+= \
--enable-shared \
--enable-static \
--with-default-trust-store-dir=/etc/ssl/certs/ \
--with-included-unistring \
--with-librt-prefix="$(LIBRT_ROOT_DIR)/" \
- --with-pic
+ --with-pic \
+ --with-system-priority-file=""
ifneq ($(CONFIG_GNUTLS_EXT_LIBTASN1),y)
CONFIGURE_ARGS += --with-included-libtasn1
include $(INCLUDE_DIR)/package.mk
HOST_CONFIGURE_VARS+= \
- PATH=$(STAGING_DIR_HOSTPKG)/bin:$(STAGING_DIR_HOSTPKG)/usr/bin:$(PATH)
+ PATH="$(STAGING_DIR_HOSTPKG)/bin:$(STAGING_DIR_HOSTPKG)/usr/bin:$(PATH)"
define Package/intltool
SECTION:=libs
include $(TOPDIR)/rules.mk
PKG_NAME:=libarchive
-PKG_VERSION:=3.3.3
-PKG_RELEASE:=3
+PKG_VERSION:=3.4.0
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://www.libarchive.org/downloads
-PKG_HASH:=ba7eb1781c9fbbae178c4c6bad1c6eb08edab9a1496c64833d1715d022b30e2e
+PKG_SOURCE_URL:=https://codeload.github.com/libarchive/libarchive/tar.gz/v$(PKG_VERSION)?
+PKG_HASH:=c160d3c45010a51a924208f13f6b7b956dabdf8c5c60195df188a599028caa7c
PKG_MAINTAINER:=Johannes Morgenroth <morgenroth@ibr.cs.tu-bs.de>
PKG_LICENSE:=BSD-2-Clause
include $(INCLUDE_DIR)/package.mk
define Package/libarchive/Default
- SECTION:=libs
- CATEGORY:=Libraries
- DEPENDS:=+zlib +liblzma +libbz2 +libexpat
- TITLE:=Multi-format archive and compression library
- URL:=https://www.libarchive.org/
+ SECTION:=libs
+ CATEGORY:=Libraries
+ DEPENDS:=+zlib +liblzma +libbz2 +libexpat
+ TITLE:=Multi-format archive and compression library
+ URL:=https://www.libarchive.org/
endef
define Package/libarchive
$(call Package/libarchive/Default)
- DEPENDS += +libopenssl
+ DEPENDS += +libopenssl
endef
define Package/libarchive-noopenssl
$(call Package/libarchive/Default)
- TITLE += (without OpenSSL dependency)
- VARIANT:=noopenssl
+ TITLE += (without OpenSSL dependency)
+ VARIANT:=noopenssl
+endef
+
+define Package/bsdtar/Default
+ SECTION:=utils
+ CATEGORY:=Utilities
+ SUBMENU:=Compression
+ TITLE:=tar BSD variant
+ URL:=https://www.libarchive.org/
endef
define Package/bsdtar
- SECTION:=utils
- CATEGORY:=Utilities
- SUBMENU:=Compression
- DEPENDS:=+libarchive-noopenssl
- TITLE:=BSD variant that supports various file compression formats
- URL:=http://www.libarchive.org/
+ $(call Package/bsdtar/Default)
+ DEPENDS:= +libarchive
+endef
+
+define Package/bsdtar-noopenssl
+ $(call Package/bsdtar/Default)
+ TITLE += (without OpenSSL dependency)
+ DEPENDS:= +libarchive-noopenssl
+ VARIANT:=noopenssl
endef
define Package/bsdtar/description
- Reads a variety of formats including tar, pax, zip, xar, lha, ar,
- cab, mtree, rar, warc, 7z and ISO images. Writes tar, pax, zip,
- xar, ar, ISO, mtree and shar archives. Automatically handles
- archives compressed with gzip, bzip2, lzip, xz, lzma or compress.
+ Reads a variety of formats including tar, pax, zip, xar, lha, ar,
+ cab, mtree, rar, warc, 7z and ISO images. Writes tar, pax, zip,
+ xar, ar, ISO, mtree and shar archives. Automatically handles
+ archives compressed with gzip, bzip2, lzip, xz, lzma or compress.
endef
CONFIGURE_ARGS += \
endef
Package/libarchive-noopenssl/install = $(Package/libarchive/install)
+Package/bsdtar-noopenssl/install = $(Package/bsdtar/install)
$(eval $(call BuildPackage,libarchive))
$(eval $(call BuildPackage,libarchive-noopenssl))
$(eval $(call BuildPackage,bsdtar))
+$(eval $(call BuildPackage,bsdtar-noopenssl))
+++ /dev/null
-From 9c84b7426660c09c18cc349f6d70b5f8168b5680 Mon Sep 17 00:00:00 2001
-From: Daniel Axtens <dja@axtens.net>
-Date: Tue, 4 Dec 2018 16:33:42 +1100
-Subject: [PATCH] warc: consume data once read
-
-The warc decoder only used read ahead, it wouldn't actually consume
-data that had previously been printed. This means that if you specify
-an invalid content length, it will just reprint the same data over
-and over and over again until it hits the desired length.
-
-This means that a WARC resource with e.g.
-Content-Length: 666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666665
-but only a few hundred bytes of data, causes a quasi-infinite loop.
-
-Consume data in subsequent calls to _warc_read.
-
-Found with an AFL + afl-rb + qsym setup.
----
- libarchive/archive_read_support_format_warc.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/libarchive/archive_read_support_format_warc.c b/libarchive/archive_read_support_format_warc.c
-index e8753853f..e8fc8428b 100644
---- a/libarchive/archive_read_support_format_warc.c
-+++ b/libarchive/archive_read_support_format_warc.c
-@@ -386,6 +386,11 @@ _warc_read(struct archive_read *a, const void **buf, size_t *bsz, int64_t *off)
- return (ARCHIVE_EOF);
- }
-
-+ if (w->unconsumed) {
-+ __archive_read_consume(a, w->unconsumed);
-+ w->unconsumed = 0U;
-+ }
-+
- rab = __archive_read_ahead(a, 1U, &nrd);
- if (nrd < 0) {
- *bsz = 0U;
+++ /dev/null
-From 15bf44fd2c1ad0e3fd87048b3fcc90c4dcff1175 Mon Sep 17 00:00:00 2001
-From: Daniel Axtens <dja@axtens.net>
-Date: Tue, 4 Dec 2018 14:29:42 +1100
-Subject: [PATCH] Skip 0-length ACL fields
-
-Currently, it is possible to create an archive that crashes bsdtar
-with a malformed ACL:
-
-Program received signal SIGSEGV, Segmentation fault.
-archive_acl_from_text_l (acl=<optimised out>, text=0x7e2e92 "", want_type=<optimised out>, sc=<optimised out>) at libarchive/archive_acl.c:1726
-1726 switch (*s) {
-(gdb) p n
-$1 = 1
-(gdb) p field[n]
-$2 = {start = 0x0, end = 0x0}
-
-Stop this by checking that the length is not zero before beginning
-the switch statement.
-
-I am pretty sure this is the bug mentioned in the qsym paper [1],
-and I was able to replicate it with a qsym + AFL + afl-rb setup.
-
-[1] https://www.usenix.org/conference/usenixsecurity18/presentation/yun
----
- libarchive/archive_acl.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/libarchive/archive_acl.c b/libarchive/archive_acl.c
-index 512beee1f..7beeee86e 100644
---- a/libarchive/archive_acl.c
-+++ b/libarchive/archive_acl.c
-@@ -1723,6 +1723,11 @@ archive_acl_from_text_l(struct archive_acl *acl, const char *text,
- st = field[n].start + 1;
- len = field[n].end - field[n].start;
-
-+ if (len == 0) {
-+ ret = ARCHIVE_WARN;
-+ continue;
-+ }
-+
- switch (*s) {
- case 'u':
- if (len == 1 || (len == 4
+++ /dev/null
-From bfcfe6f04ed20db2504db8a254d1f40a1d84eb28 Mon Sep 17 00:00:00 2001
-From: Daniel Axtens <dja@axtens.net>
-Date: Tue, 4 Dec 2018 00:55:22 +1100
-Subject: [PATCH] rar: file split across multi-part archives must match
-
-Fuzzing uncovered some UAF and memory overrun bugs where a file in a
-single file archive reported that it was split across multiple
-volumes. This was caused by ppmd7 operations calling
-rar_br_fillup. This would invoke rar_read_ahead, which would in some
-situations invoke archive_read_format_rar_read_header. That would
-check the new file name against the old file name, and if they didn't
-match up it would free the ppmd7 buffer and allocate a new
-one. However, because the ppmd7 decoder wasn't actually done with the
-buffer, it would continue to used the freed buffer. Both reads and
-writes to the freed region can be observed.
-
-This is quite tricky to solve: once the buffer has been freed it is
-too late, as the ppmd7 decoder functions almost universally assume
-success - there's no way for ppmd_read to signal error, nor are there
-good ways for functions like Range_Normalise to propagate them. So we
-can't detect after the fact that we're in an invalid state - e.g. by
-checking rar->cursor, we have to prevent ourselves from ever ending up
-there. So, when we are in the dangerous part or rar_read_ahead that
-assumes a valid split, we set a flag force read_header to either go
-down the path for split files or bail. This means that the ppmd7
-decoder keeps a valid buffer and just runs out of data.
-
-Found with a combination of AFL, afl-rb and qsym.
----
- libarchive/archive_read_support_format_rar.c | 9 +++++++++
- 1 file changed, 9 insertions(+)
-
-diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c
-index 6f419c270..a8cc5c94d 100644
---- a/libarchive/archive_read_support_format_rar.c
-+++ b/libarchive/archive_read_support_format_rar.c
-@@ -258,6 +258,7 @@ struct rar
- struct data_block_offsets *dbo;
- unsigned int cursor;
- unsigned int nodes;
-+ char filename_must_match;
-
- /* LZSS members */
- struct huffman_code maincode;
-@@ -1560,6 +1561,12 @@ read_header(struct archive_read *a, struct archive_entry *entry,
- }
- return ret;
- }
-+ else if (rar->filename_must_match)
-+ {
-+ archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
-+ "Mismatch of file parts split across multi-volume archive");
-+ return (ARCHIVE_FATAL);
-+ }
-
- rar->filename_save = (char*)realloc(rar->filename_save,
- filename_size + 1);
-@@ -2933,12 +2940,14 @@ rar_read_ahead(struct archive_read *a, size_t min, ssize_t *avail)
- else if (*avail == 0 && rar->main_flags & MHD_VOLUME &&
- rar->file_flags & FHD_SPLIT_AFTER)
- {
-+ rar->filename_must_match = 1;
- ret = archive_read_format_rar_read_header(a, a->entry);
- if (ret == (ARCHIVE_EOF))
- {
- rar->has_endarc_header = 1;
- ret = archive_read_format_rar_read_header(a, a->entry);
- }
-+ rar->filename_must_match = 0;
- if (ret != (ARCHIVE_OK))
- return NULL;
- return rar_read_ahead(a, min, avail);
+++ /dev/null
-From 021efa522ad729ff0f5806c4ce53e4a6cc1daa31 Mon Sep 17 00:00:00 2001
-From: Daniel Axtens <dja@axtens.net>
-Date: Tue, 20 Nov 2018 17:56:29 +1100
-Subject: [PATCH] Avoid a double-free when a window size of 0 is specified
-
-new_size can be 0 with a malicious or corrupted RAR archive.
-
-realloc(area, 0) is equivalent to free(area), so the region would
-be free()d here and the free()d again in the cleanup function.
-
-Found with a setup running AFL, afl-rb, and qsym.
----
- libarchive/archive_read_support_format_rar.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c
-index 234522229..6f419c270 100644
---- a/libarchive/archive_read_support_format_rar.c
-+++ b/libarchive/archive_read_support_format_rar.c
-@@ -2300,6 +2300,11 @@ parse_codes(struct archive_read *a)
- new_size = DICTIONARY_MAX_SIZE;
- else
- new_size = rar_fls((unsigned int)rar->unp_size) << 1;
-+ if (new_size == 0) {
-+ archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
-+ "Zero window size is invalid.");
-+ return (ARCHIVE_FATAL);
-+ }
- new_window = realloc(rar->lzss.window, new_size);
- if (new_window == NULL) {
- archive_set_error(&a->archive, ENOMEM,
+++ /dev/null
-From 65a23f5dbee4497064e9bb467f81138a62b0dae1 Mon Sep 17 00:00:00 2001
-From: Daniel Axtens <dja@axtens.net>
-Date: Tue, 1 Jan 2019 16:01:40 +1100
-Subject: [PATCH] 7zip: fix crash when parsing certain archives
-
-Fuzzing with CRCs disabled revealed that a call to get_uncompressed_data()
-would sometimes fail to return at least 'minimum' bytes. This can cause
-the crc32() invocation in header_bytes to read off into invalid memory.
-
-A specially crafted archive can use this to cause a crash.
-
-An ASAN trace is below, but ASAN is not required - an uninstrumented
-binary will also crash.
-
-==7719==ERROR: AddressSanitizer: SEGV on unknown address 0x631000040000 (pc 0x7fbdb3b3ec1d bp 0x7ffe77a51310 sp 0x7ffe77a51150 T0)
-==7719==The signal is caused by a READ memory access.
- #0 0x7fbdb3b3ec1c in crc32_z (/lib/x86_64-linux-gnu/libz.so.1+0x2c1c)
- #1 0x84f5eb in header_bytes (/tmp/libarchive/bsdtar+0x84f5eb)
- #2 0x856156 in read_Header (/tmp/libarchive/bsdtar+0x856156)
- #3 0x84e134 in slurp_central_directory (/tmp/libarchive/bsdtar+0x84e134)
- #4 0x849690 in archive_read_format_7zip_read_header (/tmp/libarchive/bsdtar+0x849690)
- #5 0x5713b7 in _archive_read_next_header2 (/tmp/libarchive/bsdtar+0x5713b7)
- #6 0x570e63 in _archive_read_next_header (/tmp/libarchive/bsdtar+0x570e63)
- #7 0x6f08bd in archive_read_next_header (/tmp/libarchive/bsdtar+0x6f08bd)
- #8 0x52373f in read_archive (/tmp/libarchive/bsdtar+0x52373f)
- #9 0x5257be in tar_mode_x (/tmp/libarchive/bsdtar+0x5257be)
- #10 0x51daeb in main (/tmp/libarchive/bsdtar+0x51daeb)
- #11 0x7fbdb27cab96 in __libc_start_main /build/glibc-OTsEL5/glibc-2.27/csu/../csu/libc-start.c:310
- #12 0x41dd09 in _start (/tmp/libarchive/bsdtar+0x41dd09)
-
-This was primarly done with afl and FairFuzz. Some early corpus entries
-may have been generated by qsym.
----
- libarchive/archive_read_support_format_7zip.c | 8 +-------
- 1 file changed, 1 insertion(+), 7 deletions(-)
-
-diff --git a/libarchive/archive_read_support_format_7zip.c b/libarchive/archive_read_support_format_7zip.c
-index bccbf8966..b6d1505d3 100644
---- a/libarchive/archive_read_support_format_7zip.c
-+++ b/libarchive/archive_read_support_format_7zip.c
-@@ -2964,13 +2964,7 @@ get_uncompressed_data(struct archive_read *a, const void **buff, size_t size,
- if (zip->codec == _7Z_COPY && zip->codec2 == (unsigned long)-1) {
- /* Copy mode. */
-
-- /*
-- * Note: '1' here is a performance optimization.
-- * Recall that the decompression layer returns a count of
-- * available bytes; asking for more than that forces the
-- * decompressor to combine reads by copying data.
-- */
-- *buff = __archive_read_ahead(a, 1, &bytes_avail);
-+ *buff = __archive_read_ahead(a, minimum, &bytes_avail);
- if (bytes_avail <= 0) {
- archive_set_error(&a->archive,
- ARCHIVE_ERRNO_FILE_FORMAT,
+++ /dev/null
-From 8312eaa576014cd9b965012af51bc1f967b12423 Mon Sep 17 00:00:00 2001
-From: Daniel Axtens <dja@axtens.net>
-Date: Tue, 1 Jan 2019 17:10:49 +1100
-Subject: [PATCH] iso9660: Fail when expected Rockridge extensions is missing
-
-A corrupted or malicious ISO9660 image can cause read_CE() to loop
-forever.
-
-read_CE() calls parse_rockridge(), expecting a Rockridge extension
-to be read. However, parse_rockridge() is structured as a while
-loop starting with a sanity check, and if the sanity check fails
-before the loop has run, the function returns ARCHIVE_OK without
-advancing the position in the file. This causes read_CE() to retry
-indefinitely.
-
-Make parse_rockridge() return ARCHIVE_WARN if it didn't read an
-extension. As someone with no real knowledge of the format, this
-seems more apt than ARCHIVE_FATAL, but both the call-sites escalate
-it to a fatal error immediately anyway.
-
-Found with a combination of AFL, afl-rb (FairFuzz) and qsym.
----
- libarchive/archive_read_support_format_iso9660.c | 11 ++++++++++-
- 1 file changed, 10 insertions(+), 1 deletion(-)
-
-diff --git a/libarchive/archive_read_support_format_iso9660.c b/libarchive/archive_read_support_format_iso9660.c
-index 28acfefbb..bad8f1dfe 100644
---- a/libarchive/archive_read_support_format_iso9660.c
-+++ b/libarchive/archive_read_support_format_iso9660.c
-@@ -2102,6 +2102,7 @@ parse_rockridge(struct archive_read *a, struct file_info *file,
- const unsigned char *p, const unsigned char *end)
- {
- struct iso9660 *iso9660;
-+ int entry_seen = 0;
-
- iso9660 = (struct iso9660 *)(a->format->data);
-
-@@ -2257,8 +2258,16 @@ parse_rockridge(struct archive_read *a, struct file_info *file,
- }
-
- p += p[2];
-+ entry_seen = 1;
-+ }
-+
-+ if (entry_seen)
-+ return (ARCHIVE_OK);
-+ else {
-+ archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
-+ "Tried to parse Rockridge extensions, but none found");
-+ return (ARCHIVE_WARN);
- }
-- return (ARCHIVE_OK);
- }
-
- static int
$(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
$(INSTALL_DIR) $(1)/usr/lib/
$(CP) $(PKG_INSTALL_DIR)/lib/* $(1)/usr/lib/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/* $(1)/usr/lib/
endef
define Package/libcap/install
include $(TOPDIR)/rules.mk
PKG_NAME:=cups
-PKG_VERSION:=2.2.11
+PKG_VERSION:=2.2.12
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-source.tar.gz
PKG_SOURCE_URL:=https://github.com/apple/cups/releases/download/v$(PKG_VERSION)/
-PKG_HASH:=f58010813fd6903f690cdb0c0b91e4d1bc9e5b9570c28734229ba3ed2908b76c
+PKG_HASH:=0f61ab449e4748a24c6ab355b481ff7691247a140d327b2b7526fce34b7f9aa8
PKG_MAINTAINER:=Luiz Angelo Daros de Luca <luizluca@gmail.com>
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=LICENSE.txt
PKG_NAME:=libgd
PKG_VERSION:=2.2.5
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://github.com/$(PKG_NAME)/$(PKG_NAME)/releases/download/gd-$(PKG_VERSION)/
PKG_HASH:=8c302ccbf467faec732f0741a859eef4ecae22fea2d2ab87467be940842bde51
+
PKG_MAINTAINER:=Jo-Philipp Wich <jo@mein.io>
PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=COPYING
PKG_FIXUP:=autoreconf
-
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
CATEGORY:=Libraries
DEPENDS:=+libjpeg +libpng +LIBGD_TIFF:libtiff +LIBGD_FREETYPE:libfreetype
TITLE:=The GD graphics library
- URL:=http://www.libgd.org/
+ URL:=https://libgd.github.io/
MENU:=1
endef
endif
CONFIGURE_VARS += \
- ac_cv_header_iconv_h=no
+ ac_cv_header_iconv_h=no \
+ am_cv_func_iconv_works=no \
+ am_func_iconv=no
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/bin
PKG_NAME:=glog
PKG_VERSION:=0.4.0
-PKG_RELEASE:=3
+PKG_RELEASE:=4
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/google/glog/tar.gz/v$(PKG_VERSION)?
PKG_HASH:=f28359aeba12f30d73d9e4711ef356dc842886968112162bc73002645139c39c
+PKG_MAINTAINER:=Amir Sabbaghi <asaba90@gmail.com>
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=COPYING
PKG_FIXUP:=autoreconf
-
PKG_BUILD_PARALLEL:=1
-PKG_INSTALL:=1
-
-PKG_BUILD_DEPENDS:=libgflags
+CMAKE_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
define Package/glog
SECTION:=libs
CATEGORY:=Libraries
TITLE:=C++ implementation of the Google logging module
- DEPENDS:= +libstdcpp +libpthread +gflags
+ DEPENDS:=+libstdcpp +libpthread +gflags
URL:=https://github.com/google/glog
- MAINTAINER:=Amir Sabbaghi <amir@pichak.co>
endef
define Package/glog/description
module. Documentation for the implementation is in doc/.
endef
-CONFIGURE_VARS+=ac_cv_header_libunwind_h=0
+CMAKE_OPTIONS += \
+ -DBUILD_SHARED_LIBS=ON \
+ -DBUILD_TESTING=OFF \
+ -DUNWIND_LIBRARY=OFF
-TARGET_CXXFLAGS+=-std=c++11
-TARGET_LDFLAGS+=-lpthread
-
-define Build/Configure
- $(call Build/Configure/Default,)
-endef
-
-define Build/InstallDev
- $(INSTALL_DIR) $(1)/usr/include/glog
- $(CP) $(PKG_INSTALL_DIR)/usr/include/glog/*.h $(1)/usr/include/glog
- $(INSTALL_DIR) $(1)/usr/lib
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/libglog.{a,so*} $(1)/usr/lib
- $(INSTALL_DIR) $(1)/usr/lib/pkgconfig
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libglog.pc $(1)/usr/lib/pkgconfig/
-endef
+TARGET_CFLAGS += -ffunction-sections -fdata-sections -flto
+TARGET_CFLAGS += -Wl,--gc-sections
define Package/glog/install
$(INSTALL_DIR) $(1)/usr/lib
--- /dev/null
+From d7b02b6929baf5b21ee6e15a700b4fc82d962e9c Mon Sep 17 00:00:00 2001
+From: Rosen Penev <rosenp@gmail.com>
+Date: Thu, 25 Jul 2019 19:14:42 -0700
+Subject: [PATCH] googletest: Switch to nanosleep
+
+usleep is deprecated and optionally not available with uClibc-ng.
+---
+ src/googletest.h | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/googletest.h b/src/googletest.h
+index 49ddbc0a..39fb29fb 100644
+--- a/src/googletest.h
++++ b/src/googletest.h
+@@ -574,7 +574,8 @@ class Thread {
+
+ static inline void SleepForMilliseconds(int t) {
+ #ifndef OS_WINDOWS
+- usleep(t * 1000);
++ const struct timespec req = {0, t * 1000 * 1000};
++ nanosleep(&req, NULL);
+ #else
+ Sleep(t);
+ #endif
PKG_NAME:=libhttp-parser
PKG_VERSION:=2.9.2
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/nodejs/http-parser/tar.gz/v$(PKG_VERSION)?
(in a web server that is per connection).
endef
-MAKE_FLAGS+=library
+MAKE_FLAGS+=library \
+ PREFIX=/usr
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include
- $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/local/include/http_parser.h $(1)/usr/include/
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/include/http_parser.h $(1)/usr/include/
$(INSTALL_DIR) $(1)/usr/lib
- $(CP) $(PKG_INSTALL_DIR)/usr/local/lib/libhttp_parser.so* $(1)/usr/lib/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libhttp_parser.so* $(1)/usr/lib/
endef
define Package/libhttp-parser/install
$(INSTALL_DIR) $(1)/usr/lib
- $(CP) $(PKG_INSTALL_DIR)/usr/local/lib/libhttp_parser.so* $(1)/usr/lib/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libhttp_parser.so* $(1)/usr/lib/
endef
$(eval $(call BuildPackage,libhttp-parser))
--- /dev/null
+--- a/Makefile
++++ b/Makefile
+@@ -25,11 +25,7 @@
+ SOMAJOR = 2
+ SOMINOR = 9
+ SOREV = 2
+-ifeq (darwin,$(PLATFORM))
+-SOEXT ?= dylib
+-SONAME ?= $(SOLIBNAME).$(SOMAJOR).$(SOMINOR).$(SOEXT)
+-LIBNAME ?= $(SOLIBNAME).$(SOMAJOR).$(SOMINOR).$(SOREV).$(SOEXT)
+-else ifeq (wine,$(PLATFORM))
++ifeq (wine,$(PLATFORM))
+ CC = winegcc
+ BINEXT = .exe.so
+ HELPER = wine
+@@ -65,12 +61,8 @@
+ LIBDIR = $(PREFIX)/lib
+ INCLUDEDIR = $(PREFIX)/include
+
+-ifeq (darwin,$(PLATFORM))
+-LDFLAGS_LIB += -Wl,-install_name,$(LIBDIR)/$(SONAME)
+-else
+ # TODO(bnoordhuis) The native SunOS linker expects -h rather than -soname...
+ LDFLAGS_LIB += -Wl,-soname=$(SONAME)
+-endif
+
+ test: test_g test_fast
+ $(HELPER) ./test_g$(BINEXT)
+@@ -131,14 +123,18 @@
+ ctags $^
+
+ install: library
+- $(INSTALL) -D http_parser.h $(DESTDIR)$(INCLUDEDIR)/http_parser.h
+- $(INSTALL) -D $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(LIBNAME)
++ $(INSTALL) -d $(DESTDIR)$(INCLUDEDIR)
++ $(INSTALL) -d $(DESTDIR)$(LIBDIR)
++ $(INSTALL) http_parser.h $(DESTDIR)$(INCLUDEDIR)/http_parser.h
++ $(INSTALL) $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(LIBNAME)
+ ln -s $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(SONAME)
+ ln -s $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(SOLIBNAME).$(SOEXT)
+
+ install-strip: library
+- $(INSTALL) -D http_parser.h $(DESTDIR)$(INCLUDEDIR)/http_parser.h
+- $(INSTALL) -D -s $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(LIBNAME)
++ $(INSTALL) -d $(DESTDIR)$(INCLUDEDIR)
++ $(INSTALL) -d $(DESTDIR)$(LIBDIR)
++ $(INSTALL) http_parser.h $(DESTDIR)$(INCLUDEDIR)/http_parser.h
++ $(INSTALL) -s $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(LIBNAME)
+ ln -s $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(SONAME)
+ ln -s $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(SOLIBNAME).$(SOEXT)
+
PKG_NAME:=liblz4
PKG_VERSION:=1.9.1
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/lz4/lz4/tar.gz/v$(PKG_VERSION)?
--- /dev/null
+From e9d5a3cbbb47eb0f785a409d836225b592b250f3 Mon Sep 17 00:00:00 2001
+From: Rosen Penev <rosenp@gmail.com>
+Date: Tue, 30 Jul 2019 22:13:51 -0700
+Subject: [PATCH] util.h: Remove deprecated utime for non-Windows
+
+utime was deprecated in POSIX 2008.
+---
+ programs/platform.h | 2 +-
+ programs/util.h | 17 ++++++++++++++++-
+ 2 files changed, 17 insertions(+), 2 deletions(-)
+
+diff --git a/programs/platform.h b/programs/platform.h
+index c0b38402..7e2cb58f 100644
+--- a/programs/platform.h
++++ b/programs/platform.h
+@@ -86,7 +86,7 @@ extern "C" {
+ # else
+ # if defined(__linux__) || defined(__linux)
+ # ifndef _POSIX_C_SOURCE
+-# define _POSIX_C_SOURCE 200112L /* use feature test macro */
++# define _POSIX_C_SOURCE 200809L /* use feature test macro */
+ # endif
+ # endif
+ # include <unistd.h> /* declares _POSIX_VERSION */
+diff --git a/programs/util.h b/programs/util.h
+index 1dd515ce..112dddbf 100644
+--- a/programs/util.h
++++ b/programs/util.h
+@@ -37,12 +37,17 @@ extern "C" {
+ #include <assert.h>
+ #include <sys/types.h> /* stat, utime */
+ #include <sys/stat.h> /* stat */
+-#if defined(_MSC_VER)
++#if defined(_WIN32)
+ # include <sys/utime.h> /* utime */
+ # include <io.h> /* _chmod */
+ #else
+ # include <unistd.h> /* chown, stat */
++#if PLATFORM_POSIX_VERSION < 200809L
+ # include <utime.h> /* utime */
++#else
++# include <fcntl.h> /* AT_FDCWD */
++# include <sys/stat.h> /* for utimensat */
++#endif
+ #endif
+ #include <time.h> /* time */
+ #include <limits.h> /* INT_MAX */
+@@ -287,14 +292,24 @@ UTIL_STATIC int UTIL_isRegFile(const char* infilename);
+ UTIL_STATIC int UTIL_setFileStat(const char *filename, stat_t *statbuf)
+ {
+ int res = 0;
++#if defined(_WIN32) || (PLATFORM_POSIX_VERSION < 200809L)
+ struct utimbuf timebuf;
++#else
++ struct timespec timebuf[2] = {};
++#endif
+
+ if (!UTIL_isRegFile(filename))
+ return -1;
+
++#if defined(_WIN32) || (PLATFORM_POSIX_VERSION < 200809L)
+ timebuf.actime = time(NULL);
+ timebuf.modtime = statbuf->st_mtime;
+ res += utime(filename, &timebuf); /* set access and modification times */
++#else
++ timebuf[0].tv_nsec = UTIME_NOW;
++ timebuf[1].tv_sec = statbuf->st_mtime;
++ res += utimensat(AT_FDCWD, filename, timebuf, 0); /* set access and modification times */
++#endif
+
+ #if !defined(_WIN32)
+ res += chown(filename, statbuf->st_uid, statbuf->st_gid); /* Copy ownership */
--- /dev/null
+#
+# Copyright (C) 2016 Bruno Randolf (br1@einfach.org)
+# 2019 Nick Hainke (vincent@systemli.org)
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=libradiotap
+PKG_VERSION:=2019-04-15
+PKG_RELEASE:=1
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://github.com/radiotap/radiotap-library.git
+PKG_SOURCE_VERSION:=1ca6b4f0d7225971ebcadf575c8f9e00ee55e840
+PKG_MIRROR_HASH:=59d2350d569c4027ca1b23ebbe3519852e194184c1aaa04308712235f387e422
+
+PKG_MAINTAINER:=Nick Hainke <vincent@systemli.org>
+PKG_LICENSE:=ISC
+PKG_LICENSE_FILES:=COPYING
+
+PKG_BUILD_PARALLEL:=1
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
+
+define Package/libradiotap
+ SECTION:=libs
+ CATEGORY:=Libraries
+ TITLE:=Radiotap Parser Library
+ URL:=https://www.radiotap.org/
+endef
+
+define Package/libradiotap/description
+ Library that supplies additional information about frames from the driver to userspace applications.
+endef
+
+define Build/InstallDev
+ $(INSTALL_DIR) $(1)/usr/include
+ $(CP) $(PKG_INSTALL_DIR)/usr/include/radiotap* $(1)/usr/include/
+
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libradiotap.so* $(1)/usr/lib/
+endef
+
+define Package/libradiotap/install
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libradiotap.so* $(1)/usr/lib/
+endef
+
+$(eval $(call BuildPackage,libradiotap))
include $(TOPDIR)/rules.mk
PKG_NAME:=libredblack
-PKG_VERSION:=0.2.3
-PKG_RELEASE=$(PKG_SOURCE_VERSION)
+PKG_VERSION:=1.3
+PKG_RELEASE:=1
-PKG_LICENSE:=GPL-2.0+
-PKG_MAINTAINER:=Mislav Novakovic <mislav.novakovic@sartura.hr>
-
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=a399310d99b61eec4d3c0677573ab5dddcf9395d
-PKG_MIRROR_HASH:=71b05e70988b97865f734c698dd5564e349680556ccb8634a5bddf344012f22a
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.xz
-PKG_SOURCE_URL:=https://github.com/sysrepo/libredblack.git
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION)
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=@SF/libredblack
+PKG_HASH:=a0ecc59b0aae2df01558a6950532c711a782a099277b439a51d270003092f44f
-PKG_BUILD_ROOT:=$(BUILD_DIR)/$(PKG_SOURCE_SUBDIR)
-PKG_BUILD_DIR:=$(PKG_BUILD_ROOT)
+PKG_MAINTAINER:=Mislav Novakovic <mislav.novakovic@sartura.hr>
+PKG_LICENSE:=GPL-2.0-or-later
+PKG_LICENSE_FILES:=COPYING
-PKG_FIXUP:=autoreconf
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
SECTION:=libs
CATEGORY:=Libraries
TITLE:=RedBlack tree library
- URL:=$(PKG_SOURCE_URL)
+ URL:=http://libredblack.sourceforge.net/
endef
define Package/libredblack/description
RedBlack Balanced Tree Searching and Sorting Library.
endef
+CONFIGURE_ARGS += --without-rbgen
+
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libredblack.{so*,a,la} $(1)/usr/lib/
PKG_NAME:=libsigar
PKG_SOURCE_DATE:=2017-02-21
PKG_SOURCE_VERSION:=a6c61edf8c64e013411e8c9d753165cd03102c6e
-PKG_RELEASE:=1
+PKG_RELEASE:=3
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_DATE).tar.gz
-PKG_SOURCE_URL:=https://codeload.github.com/boundary/sigar/tar.gz/$(PKG_SOURCE_VERSION)?
-PKG_HASH:=5232f0fa994ab60ad4622364fad0297c0054e04f0cfec9c586b14e33bbc387da
-PKG_BUILD_DIR:=$(BUILD_DIR)/sigar-$(PKG_SOURCE_VERSION)
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://github.com/boundary/sigar
+PKG_MIRROR_HASH:=5f017e10ab1d929c9dfb2937fef16a45962b60958cd1569573d18f00fcea290f
+PKG_MAINTAINER:=Amol Bhave <ambhave@fb.com>
PKG_LICENSE:=Apache-2.0
PKG_LICENSE_FILE:=LICENSE
TITLE:=System Information Gatherer And Reporter
URL:=https://github.com/boundary/sigar
DEPENDS:=+libtirpc
- MAINTAINER:=Amol Bhave <ambhave@fb.com>
endef
define Package/libsigar/description
--- /dev/null
+--- a/src/sigar_util.c
++++ b/src/sigar_util.c
+@@ -954,14 +954,10 @@ int sigar_file2str(const char *fname, char *buffer, int buflen)
+ #define vsnprintf _vsnprintf
+ #endif
+
+-#ifdef WIN32
+-# define rindex strrchr
+-#endif
+-
+ static int proc_module_get_self(void *data, char *name, int len)
+ {
+ sigar_t *sigar = (sigar_t *)data;
+- char *ptr = rindex(name, '/');
++ char *ptr = strrchr(name, '/');
+
+ if (!ptr) {
+ return SIGAR_OK;
--- /dev/null
+--- a/src/os/linux/linux_sigar.c
++++ b/src/os/linux/linux_sigar.c
+@@ -23,6 +23,7 @@
+ #include <linux/param.h>
+ #include <sys/param.h>
+ #include <sys/stat.h>
++#include <sys/sysmacros.h>
+ #include <sys/times.h>
+ #include <sys/utsname.h>
+ #include <mntent.h>
include $(TOPDIR)/rules.mk
PKG_NAME:=libtasn1
-PKG_VERSION:=4.13
-PKG_RELEASE:=2
+PKG_VERSION:=4.14
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@GNU/$(PKG_NAME)
-PKG_HASH:=7e528e8c317ddd156230c4e31d082cd13e7ddeb7a54824be82632209550c8cca
+PKG_HASH:=9e604ba5c5c8ea403487695c2e407405820d98540d9de884d6e844f9a9c5ba08
PKG_MAINTAINER:=Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
-PKG_LICENSE:=LGPLv2.1+
+PKG_LICENSE:=LGPLv2.1-or-later
PKG_LICENSE_FILES:=COPYING.LIB
#PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
Distinguish Encoding Rules (DER) manipulation.
endef
+TARGET_CFLAGS += -ffunction-sections -fdata-sections
TARGET_LDFLAGS += -Wl,--gc-sections
CONFIGURE_ARGS += \
-#
+#
# Copyright (C) 2006-2018 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
PKG_NAME:=libtirpc
PKG_VERSION:=1.1.4
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE_URL:=@SF/libtirpc
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
--- /dev/null
+--- a/src/auth_des.c
++++ b/src/auth_des.c
+@@ -396,7 +396,7 @@ authdes_validate(AUTH *auth, struct opaque_auth *rverf)
+ /*
+ * validate
+ */
+- if (bcmp((char *)&ad->ad_timestamp, (char *)&verf.adv_timestamp,
++ if (memcmp((char *)&ad->ad_timestamp, (char *)&verf.adv_timestamp,
+ sizeof(struct timeval)) != 0) {
+ LIBTIRPC_DEBUG(1, ("authdes_validate: verifier mismatch"));
+ return (FALSE);
+--- a/src/auth_time.c
++++ b/src/auth_time.c
+@@ -104,7 +104,7 @@ static int uaddr_to_sockaddr(uaddr, sin)
+ p_bytes[1] = (unsigned char)a[5] & 0x000000FF;
+
+ sin->sin_family = AF_INET; /* always */
+- bcopy((char *)&p_bytes, (char *)&sin->sin_port, 2);
++ memcpy((char *)&sin->sin_port, (char *)&p_bytes, 2);
+
+ return (0);
+ }
+--- a/src/crypt_client.c
++++ b/src/crypt_client.c
+@@ -75,8 +75,8 @@ _des_crypt_call(buf, len, dparms)
+ des_crypt_1_arg.desbuf.desbuf_val = buf;
+ des_crypt_1_arg.des_dir = dparms->des_dir;
+ des_crypt_1_arg.des_mode = dparms->des_mode;
+- bcopy(dparms->des_ivec, des_crypt_1_arg.des_ivec, 8);
+- bcopy(dparms->des_key, des_crypt_1_arg.des_key, 8);
++ memcpy(des_crypt_1_arg.des_ivec, dparms->des_ivec, 8);
++ memcpy(des_crypt_1_arg.des_key, dparms->des_key, 8);
+
+ result_1 = des_crypt_1(&des_crypt_1_arg, clnt);
+ if (result_1 == (desresp *) NULL) {
+@@ -88,8 +88,8 @@ _des_crypt_call(buf, len, dparms)
+
+ if (result_1->stat == DESERR_NONE ||
+ result_1->stat == DESERR_NOHWDEVICE) {
+- bcopy(result_1->desbuf.desbuf_val, buf, len);
+- bcopy(result_1->des_ivec, dparms->des_ivec, 8);
++ memcpy(buf, result_1->desbuf.desbuf_val, len);
++ memcpy(dparms->des_ivec, result_1->des_ivec, 8);
+ }
+
+ clnt_freeres(clnt, (xdrproc_t)xdr_desresp, result_1);
+--- a/src/svc_auth_des.c
++++ b/src/svc_auth_des.c
+@@ -145,7 +145,7 @@ _svcauth_des(rqst, msg)
+ return (AUTH_BADCRED);
+ }
+ cred->adc_fullname.name = area->area_netname;
+- bcopy((char *)ixdr, cred->adc_fullname.name,
++ memcpy(cred->adc_fullname.name, (char *)ixdr,
+ (u_int)namelen);
+ cred->adc_fullname.name[namelen] = 0;
+ ixdr += (RNDUP(namelen) / BYTES_PER_XDR_UNIT);
+@@ -419,7 +419,7 @@ cache_spot(key, name, timestamp)
+ if (cp->key.key.high == hi &&
+ cp->key.key.low == key->key.low &&
+ cp->rname != NULL &&
+- bcmp(cp->rname, name, strlen(name) + 1) == 0) {
++ memcmp(cp->rname, name, strlen(name) + 1) == 0) {
+ if (BEFORE(timestamp, &cp->laststamp)) {
+ svcauthdes_stats.ncachereplays++;
+ return (-1); /* replay */
PKG_MAINTAINER:=Matthias Schiffer <mschiffer@universe-factory.net>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=https://projects.universe-factory.net/attachments/download/85
+PKG_SOURCE_URL:=https://github.com/NeoRaider/libuecc/releases/download/v$(PKG_VERSION)
PKG_HASH:=b94aef08eab5359d0facaa7ead2ce81b193eef0c61379d9835213ebc0a46257a
PKG_LICENSE:=BSD-2-Clause
SECTION:=libs
CATEGORY:=Libraries
TITLE:=Very small Elliptic Curve Cryptography library
- URL:=http://git.universe-factory.net/libuecc/
+ URL:=https://github.com/NeoRaider/libuecc/
endef
TARGET_CFLAGS += -ffunction-sections -fdata-sections
include $(TOPDIR)/rules.mk
PKG_NAME:=libupnpp
-PKG_VERSION:=0.17.0
+PKG_VERSION:=0.17.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.lesbonscomptes.com/upmpdcli/downloads
-PKG_HASH:=7035dda48207c254cbd8cd64e4e679a9e5f085a35d28c19bc2ddeba0deaff58b
+PKG_HASH:=90403b55583e932a9a04905a01bf452016a56aecbeade5c9e1454a5fbb6f01b0
+
PKG_MAINTAINER:=Petko Bordjukov <bordjukov@gmail.com>
-PKG_LICENSE:=GPL-2.0
+PKG_LICENSE:=LGPL-2.1-or-later
PKG_LICENSE_FILES:=COPYING
-PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
--- /dev/null
+#
+# Copyright (C) 2016 Bruno Randolf (br1@einfach.org)
+# 2019 Nick Hainke (vincent@systemli.org)
+#
+#
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=libuwifi
+PKG_VERSION:=2019-05-27
+PKG_RELEASE:=1
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://github.com/br101/libuwifi.git
+PKG_SOURCE_VERSION:=bb92bc9b041a077488f2fa5a1716902c7bb23e5b
+PKG_MIRROR_HASH:=c6dc795ef6c2cc87d411d3f907974f634a132c3e732db2597f96ff25a05faa05
+
+PKG_MAINTAINER:=Bruno Randolf <br1@einfach.org>, Nick Hainke <vincent@systemli.org>
+PKG_LICENSE:=LGPL-3.0-only
+PKG_LICENSE_FILES:=COPYING
+
+PKG_BUILD_PARALLEL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/libuwifi
+ SECTION:=libs
+ CATEGORY:=Libraries
+ DEPENDS:=+libradiotap +libnl-tiny
+ TITLE:=Userspace Wifi Library
+endef
+
+define Package/libuwifi/description
+ Library for parsing, generating and analyzing Wifi (WLAN 802.11) frames in userspace and related functions.
+endef
+
+MAKE_FLAGS += DEBUG=0 LIBNL=tiny BUILD_RADIOTAP=0
+
+define Build/InstallDev
+ $(INSTALL_DIR) $(1)/usr/include/uwifi
+ $(CP) $(PKG_BUILD_DIR)/include/uwifi/*.h $(1)/usr/include/uwifi
+ $(CP) $(PKG_BUILD_DIR)/ccan $(1)/usr/include/
+
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_BUILD_DIR)/build/libuwifi.{a,so*} $(1)/usr/lib/
+endef
+
+define Package/libuwifi/install
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_BUILD_DIR)/build/libuwifi.so* $(1)/usr/lib/
+endef
+
+$(eval $(call BuildPackage,libuwifi))
include $(TOPDIR)/rules.mk
PKG_NAME:=v4l-utils
-PKG_VERSION:=1.16.5
+PKG_VERSION:=1.16.6
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://www.linuxtv.org/downloads/v4l-utils
-PKG_HASH:=ed80242510385017a1dc566e17a285a77222bb301f5bc19386badfcc2c19df1b
+PKG_HASH:=f9dac1878e3d5636eab7f56bb209fdfc66b94ee8a2aae54dcb4282fe63a678ae
PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
PKG_LICENSE:=GPL-2.0 LGPL-2.1
#include <linux/cec-funcs.h>
--- a/utils/common/media-info.cpp
+++ b/utils/common/media-info.cpp
-@@ -20,7 +20,7 @@
-
+@@ -21,6 +21,7 @@
#include <linux/media.h>
--#include <fstream>
+ #include <fstream>
+#include <iostream>
#include <media-info.h>
#include <map>
--- a/utils/v4l2-compliance/media-info.cpp
+++ b/utils/v4l2-compliance/media-info.cpp
-@@ -20,7 +20,7 @@
-
+@@ -21,6 +21,7 @@
#include <linux/media.h>
--#include <fstream>
+ #include <fstream>
+#include <iostream>
#include <media-info.h>
static std::string num2s(unsigned num, bool is_hex = true)
--- a/utils/v4l2-ctl/media-info.cpp
+++ b/utils/v4l2-ctl/media-info.cpp
-@@ -20,7 +20,7 @@
-
+@@ -21,6 +21,7 @@
#include <linux/media.h>
--#include <fstream>
+ #include <fstream>
+#include <iostream>
#include <media-info.h>
Simply avoid getsubopt, since we cannot rely on it.
-diff --git a/utils/v4l2-ctl/v4l2-ctl-common.cpp b/utils/v4l2-ctl/v4l2-ctl-common.cpp
-index 3ea6cd3..291fb3e 100644
--- a/utils/v4l2-ctl/v4l2-ctl-common.cpp
+++ b/utils/v4l2-ctl/v4l2-ctl-common.cpp
-@@ -692,16 +692,17 @@ static bool parse_subset(char *optarg)
+@@ -679,16 +679,17 @@ static bool parse_subset(char *optarg)
static bool parse_next_subopt(char **subs, char **value)
{
include $(TOPDIR)/rules.mk
PKG_NAME:=libvpx
-PKG_VERSION:=1.8.0
+PKG_VERSION:=1.8.1
PKG_RELEASE:=1
PKG_REV:=v$(PKG_VERSION)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_REV).tar.gz
-PKG_MIRROR_HASH:=caf53ffff549fefb14d8d054db014c6394e1955d199b80dc985ef6098bd4213d
+PKG_MIRROR_HASH:=6703842a870727b621a82efe5b2ff6f5553d41f7b0905dd4fde1f8bdf062d6ea
PKG_SOURCE_URL:=https://chromium.googlesource.com/webm/libvpx
PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=$(PKG_REV)
include $(TOPDIR)/rules.mk
PKG_NAME:=lmdb
-PKG_VERSION:=0.9.23
+PKG_VERSION:=0.9.24
PKG_RELEASE:=1
PKG_SOURCE:=LMDB_$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/LMDB/lmdb/tar.gz/LMDB_$(PKG_VERSION)?
-PKG_HASH:=abf42e91f046787ed642d9eb21812a5c473f3ba5854124484d16eadbe0aa9c81
+PKG_HASH:=44602436c52c29d4f301f55f6fd8115f945469b868348e3cddaf91ab2473ea26
PKG_BUILD_DIR:=$(BUILD_DIR)/lmdb-LMDB_$(PKG_VERSION)
PKG_MAINTAINER:=Jan Pavlinec <jan.pavlinec@nic.cz>
configuration. It is modeled after the Java log4j API.
endef
+CMAKE_HOST_OPTIONS += \
+ -DCMAKE_INSTALL_LIBDIR:PATH=lib
+
CMAKE_OPTIONS += \
-DLOG4CPLUS_BUILD_LOGGINGSERVER:BOOL=OFF \
-DLOG4CPLUS_BUILD_TESTING:BOOL=OFF \
include $(TOPDIR)/rules.mk
PKG_NAME:=oniguruma
-PKG_VERSION:=6.9.2
-PKG_RELEASE:=2
+PKG_VERSION:=6.9.3
+PKG_RELEASE:=1
PKG_SOURCE:=onig-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/kkos/oniguruma/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=3b568a9050839e7828b2f2d5bc9cd3650979b6b54a080f54c515320dddda06b0
+PKG_HASH:=dc6dec742941e24b761cea1b9a2f12e750879107ae69fd80ae1046459d4fb1db
PKG_MAINTAINER:=Eneas U de Queiroz <cotequeiroz@gmail.com>
PKG_LICENSE:=BSD-2-Clause
+++ /dev/null
-From c509265c5f6ae7264f7b8a8aae1cfa5fc59d108c Mon Sep 17 00:00:00 2001
-From: "K.Kosako" <kosako@sofnec.co.jp>
-Date: Thu, 27 Jun 2019 14:11:55 +0900
-Subject: [PATCH] Fix CVE-2019-13225: problem in converting if-then-else
- pattern to bytecode.
-
-
-diff --git a/src/regcomp.c b/src/regcomp.c
-index c2c04a4..ff3431f 100644
---- a/src/regcomp.c
-+++ b/src/regcomp.c
-@@ -1307,8 +1307,9 @@ compile_length_bag_node(BagNode* node, regex_t* reg)
- len += tlen;
- }
-
-+ len += SIZE_OP_JUMP + SIZE_OP_ATOMIC_END;
-+
- if (IS_NOT_NULL(Else)) {
-- len += SIZE_OP_JUMP;
- tlen = compile_length_tree(Else, reg);
- if (tlen < 0) return tlen;
- len += tlen;
-@@ -1455,7 +1456,7 @@ compile_bag_node(BagNode* node, regex_t* reg, ScanEnv* env)
-
- case BAG_IF_ELSE:
- {
-- int cond_len, then_len, jump_len;
-+ int cond_len, then_len, else_len, jump_len;
- Node* cond = NODE_BAG_BODY(node);
- Node* Then = node->te.Then;
- Node* Else = node->te.Else;
-@@ -1472,8 +1473,7 @@ compile_bag_node(BagNode* node, regex_t* reg, ScanEnv* env)
- else
- then_len = 0;
-
-- jump_len = cond_len + then_len + SIZE_OP_ATOMIC_END;
-- if (IS_NOT_NULL(Else)) jump_len += SIZE_OP_JUMP;
-+ jump_len = cond_len + then_len + SIZE_OP_ATOMIC_END + SIZE_OP_JUMP;
-
- r = add_op(reg, OP_PUSH);
- if (r != 0) return r;
-@@ -1490,11 +1490,20 @@ compile_bag_node(BagNode* node, regex_t* reg, ScanEnv* env)
- }
-
- if (IS_NOT_NULL(Else)) {
-- int else_len = compile_length_tree(Else, reg);
-- r = add_op(reg, OP_JUMP);
-- if (r != 0) return r;
-- COP(reg)->jump.addr = else_len + SIZE_INC_OP;
-+ else_len = compile_length_tree(Else, reg);
-+ if (else_len < 0) return else_len;
-+ }
-+ else
-+ else_len = 0;
-
-+ r = add_op(reg, OP_JUMP);
-+ if (r != 0) return r;
-+ COP(reg)->jump.addr = SIZE_OP_ATOMIC_END + else_len + SIZE_INC_OP;
-+
-+ r = add_op(reg, OP_ATOMIC_END);
-+ if (r != 0) return r;
-+
-+ if (IS_NOT_NULL(Else)) {
- r = compile_tree(Else, reg, env);
- }
- }
+++ /dev/null
-From 0f7f61ed1b7b697e283e37bd2d731d0bd57adb55 Mon Sep 17 00:00:00 2001
-From: "K.Kosako" <kosako@sofnec.co.jp>
-Date: Thu, 27 Jun 2019 17:25:26 +0900
-Subject: [PATCH] Fix CVE-2019-13224: don't allow different encodings for
- onig_new_deluxe()
-
-
-diff --git a/src/regext.c b/src/regext.c
-index fa4b360..965c793 100644
---- a/src/regext.c
-+++ b/src/regext.c
-@@ -29,6 +29,7 @@
-
- #include "regint.h"
-
-+#if 0
- static void
- conv_ext0be32(const UChar* s, const UChar* end, UChar* conv)
- {
-@@ -158,6 +159,7 @@ conv_encoding(OnigEncoding from, OnigEncoding to, const UChar* s, const UChar* e
-
- return ONIGERR_NOT_SUPPORTED_ENCODING_COMBINATION;
- }
-+#endif
-
- extern int
- onig_new_deluxe(regex_t** reg, const UChar* pattern, const UChar* pattern_end,
-@@ -169,9 +171,7 @@ onig_new_deluxe(regex_t** reg, const UChar* pattern, const UChar* pattern_end,
- if (IS_NOT_NULL(einfo)) einfo->par = (UChar* )NULL;
-
- if (ci->pattern_enc != ci->target_enc) {
-- r = conv_encoding(ci->pattern_enc, ci->target_enc, pattern, pattern_end,
-- &cpat, &cpat_end);
-- if (r != 0) return r;
-+ return ONIGERR_NOT_SUPPORTED_ENCODING_COMBINATION;
- }
- else {
- cpat = (UChar* )pattern;
PKG_NAME:=openldap
PKG_VERSION:=2.4.47
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tgz
PKG_SOURCE_URL:=https://gpl.savoirfairelinux.net/pub/mirrors/openldap/openldap-release/ \
--- /dev/null
+--- a/libraries/libldap/tls2.c
++++ b/libraries/libldap/tls2.c
+@@ -41,6 +41,7 @@ static tls_impl *tls_imp = &ldap_int_tls_impl;
+ #define HAS_TLS( sb ) ber_sockbuf_ctrl( sb, LBER_SB_OPT_HAS_IO, \
+ (void *)tls_imp->ti_sbio )
+
++static int ldap_pvt_tls_check_hostname( LDAP *ld, void *s, const char *name_in );
+ #endif /* HAVE_TLS */
+
+ #ifdef LDAP_DEVEL
--- /dev/null
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=redis
+PKG_VERSION:=5.0.5
+PKG_RELEASE:=2
+
+PKG_SOURCE_URL:=http://download.redis.io/releases/
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_HASH:=2139009799d21d8ff94fc40b7f36ac46699b9e1254086299f8d3b223ca54a375
+
+PKG_MAINTAINER:=Jan Pavlinec <jan.pavlinec@nic.cz>
+PKG_LICENSE:=BSD-3-Clause
+PKG_LICENSE_FILES:=COPYING
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+MAKE_FLAGS+= \
+ MALLOC="libc" \
+ USE_JEMALLOC="no" \
+ PREFIX="$(PKG_INSTALL_DIR)/usr" \
+ ARCH=""
+
+define Package/redis/Default
+ SUBMENU:=Database
+ SECTION:=libs
+ CATEGORY:=Libraries
+ URL:=https://redis.io
+endef
+
+define Package/redis-server
+$(call Package/redis/Default)
+ TITLE:=Redis server
+ DEPENDS:=+libpthread
+endef
+
+define Package/redis-cli
+$(call Package/redis/Default)
+ TITLE:=Redis cli
+endef
+
+define Package/redis-utils
+$(call Package/redis/Default)
+ TITLE:=Redis utilities
+ DEPENDS:=+redis-server
+endef
+
+define Package/redis-full
+$(call Package/redis/Default)
+ TITLE:=All Redis binaries (server,cli and utils)
+ DEPENDS:=+redis-utils +redis-cli
+endef
+
+define Package/redis-full/description
+ Redis is an open source, BSD licensed, advanced key-value cache and store.
+ It is often referred to as a data structure server since keys can contain
+ strings, hashes, lists, sets, sorted sets, bitmaps and hyperloglogs.
+endef
+
+define Package/redis-server/conffiles
+/etc/redis.conf
+endef
+
+define Build/Compile
+ $(MAKE) -C "$(PKG_BUILD_DIR)/deps/hiredis" static $(MAKE_FLAGS) $(MAKE_VARS)
+ $(MAKE) -C "$(PKG_BUILD_DIR)/deps/linenoise" $(MAKE_FLAGS) $(MAKE_VARS)
+ $(MAKE) -C "$(PKG_BUILD_DIR)/deps/lua" posix $(MAKE_FLAGS) $(MAKE_VARS) AR="${AR} ru"
+ $(call Build/Compile/Default)
+endef
+
+define Package/redis-server/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/redis-server $(1)/usr/bin/
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) ./files/redis.init $(1)/etc/init.d/redis
+ $(INSTALL_DIR) $(1)/etc
+ $(INSTALL_DATA) $(PKG_BUILD_DIR)/redis.conf $(1)/etc/
+ $(SED) "s|^dir .*|dir /var/lib/redis|" $(1)/etc/redis.conf
+endef
+
+define Package/redis-cli/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/redis-cli $(1)/usr/bin/
+endef
+
+define Package/redis-utils/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/redis-{check-aof,benchmark} $(1)/usr/bin/
+endef
+
+$(eval $(call BuildPackage,redis-full))
+$(eval $(call BuildPackage,redis-server))
+$(eval $(call BuildPackage,redis-cli))
+$(eval $(call BuildPackage,redis-utils))
--- /dev/null
+#!/bin/sh /etc/rc.common
+
+USE_PROCD=1
+START=95
+STOP=10
+
+REDIS_BIN="/usr/bin/redis-server"
+REDIS_CONFIG="/etc/redis.conf"
+REDIS_PID="/var/run/redis.pid"
+REDIS_DATA="/var/lib/redis"
+
+start_service() {
+ mkdir -p "$REDIS_DATA"
+ procd_open_instance redis
+ procd_set_param command "$REDIS_BIN" "$REDIS_CONFIG"
+ procd_close_instance
+}
--- /dev/null
+Index: redis-5.0.0/src/atomicvar.h
+===================================================================
+--- redis-5.0.0.orig/src/atomicvar.h
++++ redis-5.0.0/src/atomicvar.h
+@@ -68,7 +68,7 @@
+ * is reported. */
+ // #define __ATOMIC_VAR_FORCE_SYNC_MACROS
+
+-#if !defined(__ATOMIC_VAR_FORCE_SYNC_MACROS) && defined(__ATOMIC_RELAXED) && !defined(__sun) && (!defined(__clang__) || !defined(__APPLE__) || __apple_build_version__ > 4210057)
++#if defined(CONFIG_EDAC_ATOMIC_SCRUB) && !defined(__ATOMIC_VAR_FORCE_SYNC_MACROS) && defined(__ATOMIC_RELAXED) && !defined(__sun) && (!defined(__clang__) || !defined(__APPLE__) || __apple_build_version__ > 4210057)
+ /* Implementation using __atomic macros. */
+
+ #define atomicIncr(var,count) __atomic_add_fetch(&var,(count),__ATOMIC_RELAXED)
+@@ -82,7 +82,7 @@
+ #define atomicSet(var,value) __atomic_store_n(&var,value,__ATOMIC_RELAXED)
+ #define REDIS_ATOMIC_API "atomic-builtin"
+
+-#elif defined(HAVE_ATOMIC)
++#elif defined(CONFIG_EDAC_ATOMIC_SCRUB) && defined(HAVE_ATOMIC)
+ /* Implementation using __sync macros. */
+
+ #define atomicIncr(var,count) __sync_add_and_fetch(&var,(count))
\ No newline at end of file
--- /dev/null
+--- a/src/config.h
++++ b/src/config.h
+@@ -30,6 +30,10 @@
+ #ifndef __CONFIG_H
+ #define __CONFIG_H
+
++#if defined(__unix) || defined(__linux__)
++#include <features.h>
++#endif
++
+ #ifdef __APPLE__
+ #include <AvailabilityMacros.h>
+ #endif
+@@ -62,9 +66,9 @@
+ #endif
+
+ /* Test for backtrace() */
+-#if defined(__APPLE__) || (defined(__linux__) && defined(__GLIBC__)) || \
++#if (defined(__APPLE__) || (defined(__linux__) && defined(__GLIBC__)) || \
+ defined(__FreeBSD__) || (defined(__OpenBSD__) && defined(USE_BACKTRACE))\
+- || defined(__DragonFly__)
++ || defined(__DragonFly__)) && !defined(__UCLIBC__)
+ #define HAVE_BACKTRACE 1
+ #endif
+
--- /dev/null
+menu "Select dovecot build options"
+ depends on PACKAGE_dovecot
+
+config DOVECOT_GSSAPI
+ bool "GSSAPI support"
+ default n
+ help
+ Implements GSSAPI support in dovecot.
+
+config DOVECOT_LDAP
+ bool "LDAP support"
+ default n
+ help
+ Implements LDAP support in dovecot.
+
+config DOVECOT_MYSQL
+ bool "MYSQL support"
+ default n
+ help
+ Implements MYSQL support in dovecot.
+
+config DOVECOT_PGSQL
+ bool "PostgreSQL support"
+ default n
+ help
+ Implements PostgreSQL support in dovecot.
+
+config DOVECOT_SQLITE
+ bool "SQLite support"
+ default n
+ help
+ Implements SQLite DB support in dovecot.
+
+config DOVECOT_ICU
+bool "Enable i18n features"
+ default n
+ help
+ Enable ICU (International Components for Unicode) support.
+
+endmenu
include $(TOPDIR)/rules.mk
PKG_NAME:=dovecot
-PKG_VERSION:=2.3.7
+PKG_VERSION:=2.3.7.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://dovecot.org/releases/2.3
-PKG_HASH:=11e156ae8539e42892809cc2412c3f1a294188806969f5547191a43abd4083aa
+PKG_HASH:=c5a51d6f76e6e9c843df69e52a364a4c65c4c60e0c51d992eaa45f22f71803c3
+
+PKG_MAINTAINER:=Lucian Cristian <lucian.cristian@gmail.com>
PKG_LICENSE:=LGPL-2.1-only MIT BSD-3-Clause
PKG_LICENSE_FILES:=COPYING COPYING.LGPL COPYING.MIT
-PKG_MAINTAINER:=Lucian Cristian <lucian.cristian@gmail.com>
PKG_BUILD_DEPENDS:=libiconv
PKG_CONFIG_DEPENDS:= \
define Package/dovecot
SECTION:=mail
CATEGORY:=Mail
- DEPENDS:=+DOVECOT_GSSAPI:krb5-libs +DOVECOT_LDAP:libopenldap +DOVECOT_MYSQL:libmysqlclient +DOVECOT_PGSQL:libpq +DOVECOT_SQLITE:libsqlite3 +libopenssl +librt +zlib +libbz2 +libcap +DOVECOT_ICU:icu $(ICONV_DEPENDS)
TITLE:=An IMAP and POP3 daemon
URL:=https://www.dovecot.org/
+ DEPENDS:=+DOVECOT_GSSAPI:krb5-libs +DOVECOT_LDAP:libopenldap +DOVECOT_MYSQL:libmysqlclient +DOVECOT_PGSQL:libpq +DOVECOT_SQLITE:libsqlite3 +libopenssl +librt +zlib +libbz2 +libcap +DOVECOT_ICU:icu $(ICONV_DEPENDS)
USERID:=dovecot=59:dovecot=59
+ USERID:=dovenull=60:dovenull=60
ABI_VERSION:=$(PKG_VERSION)
endef
endef
define Package/dovecot/config
- menu "Select dovecot build options"
- depends on PACKAGE_dovecot
- config DOVECOT_GSSAPI
- bool "GSSAPI support"
- default n
- help
- Implements GSSAPI support in dovecot.
- config DOVECOT_LDAP
- bool "LDAP support"
- default n
- help
- Implements LDAP support in dovecot.
- config DOVECOT_MYSQL
- bool "MYSQL support"
- default n
- help
- Implements MYSQL support in dovecot.
- config DOVECOT_PGSQL
- bool "PostgreSQL support"
- default n
- help
- Implements PostgreSQL support in dovecot.
- config DOVECOT_SQLITE
- bool "SQLite support"
- default n
- help
- Implements SQLite DB support in dovecot.
- config DOVECOT_ICU
- bool "Enable i18n features"
- default n
- help
- Enable ICU (International Components for Unicode) support.
- endmenu
+ source "$(SOURCE)/Config.in"
endef
define Package/dovecot/conffiles
-/etc/init.d/dovecot
/etc/dovecot/
endef
--without-lzma \
--without-lz4 \
--without-sodium \
- --without-docs \
$(if $(CONFIG_DOVECOT_GSSAPI),--with-gssapi=yes,--with-gssapi=no) \
$(if $(CONFIG_DOVECOT_LDAP),--with-ldap=yes,--with-ldap=no) \
$(if $(CONFIG_DOVECOT_MYSQL),--with-mysql=yes,--with-mysql=no) \
$(INSTALL_DIR) $(1)/usr/include $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/include/dovecot $(1)/usr/include/
$(CP) $(PKG_INSTALL_DIR)/usr/lib/dovecot $(1)/usr/lib/
- rm -f $(1)/usr/lib/dovecot/*.la
+ $(call libtool_remove_files,$(1))
endef
define Package/dovecot/install
- $(INSTALL_DIR) $(1)/etc/init.d \
- $(1)/etc/dovecot \
- $(1)/usr/lib/dovecot \
- $(1)/usr/libexec/dovecot \
- $(1)/usr/bin \
- $(1)/usr/sbin
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) ./files/dovecot.init $(1)/etc/init.d/dovecot
+
+ $(INSTALL_DIR) $(1)/etc/dovecot
+ $(CP) $(PKG_INSTALL_DIR)/usr/share/doc/dovecot/example-config/* $(1)/etc/dovecot/
+
+ $(INSTALL_DIR) $(1)/usr/lib/dovecot
$(CP) $(PKG_INSTALL_DIR)/usr/lib/dovecot/* $(1)/usr/lib/dovecot/
+ rm $(1)/usr/lib/dovecot/dovecot-config
+ find $(1)/usr/lib/dovecot/ -name "*.a" -o -name "*.la" | $(XARGS) rm -f
+
+ $(INSTALL_DIR) $(1)/usr/libexec/dovecot
$(CP) $(PKG_INSTALL_DIR)/usr/libexec/dovecot/* $(1)/usr/libexec/dovecot/
+
+ $(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/doveconf $(1)/usr/bin/
+
+ $(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/* $(1)/usr/sbin/
- $(INSTALL_BIN) ./files/dovecot.init $(1)/etc/init.d/dovecot
- rm $(1)/usr/lib/dovecot/dovecot-config
- find $(1)/usr/lib/dovecot/ -name "*.a" -o -name "*.la" | xargs rm
endef
define Package/dovecot-utils/install
-diff -u --recursive dovecot-2.3.1-vanilla/m4/fd_passing.m4 dovecot-2.3.1/m4/fd_passing.m4
---- dovecot-2.3.1-vanilla/m4/fd_passing.m4 2018-06-08 20:02:15.849850956 -0400
-+++ dovecot-2.3.1/m4/fd_passing.m4 2018-06-08 20:04:28.947016370 -0400
-@@ -8,7 +8,7 @@
+--- a/m4/fd_passing.m4
++++ b/m4/fd_passing.m4
+@@ -8,7 +8,7 @@ AC_DEFUN([DOVECOT_FD_PASSING], [
CFLAGS="$CFLAGS -DBUGGY_CMSG_MACROS"
fi
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/wait.h>
-@@ -16,7 +16,7 @@
+@@ -16,7 +16,7 @@ AC_DEFUN([DOVECOT_FD_PASSING], [
#include <unistd.h>
#include <fcntl.h>
#include "fdpass.h"
static
int nopen(void)
{
-diff -u --recursive dovecot-2.3.1-vanilla/m4/glibc.m4 dovecot-2.3.1/m4/glibc.m4
---- dovecot-2.3.1-vanilla/m4/glibc.m4 2018-06-08 20:02:15.850850957 -0400
-+++ dovecot-2.3.1/m4/glibc.m4 2018-06-08 20:04:00.780981363 -0400
-@@ -17,7 +17,7 @@
+--- a/m4/glibc.m4
++++ b/m4/glibc.m4
+@@ -17,7 +17,7 @@ AC_DEFUN([DOVECOT_GLIBC], [
dnl * Old glibcs have broken posix_fallocate(). Make sure not to use it.
dnl * It may also be broken in AIX.
AC_CACHE_CHECK([whether posix_fallocate() works],i_cv_posix_fallocate_works,[
#define _XOPEN_SOURCE 600
#include <stdio.h>
#include <stdlib.h>
-@@ -26,6 +26,7 @@
+@@ -26,6 +26,7 @@ AC_DEFUN([DOVECOT_GLIBC], [
#if defined(__GLIBC__) && (__GLIBC__ < 2 || __GLIBC_MINOR__ < 7)
possibly broken posix_fallocate
#endif
int main() {
int fd = creat("conftest.temp", 0600);
int ret;
-diff -u --recursive dovecot-2.3.1-vanilla/m4/ioloop.m4 dovecot-2.3.1/m4/ioloop.m4
---- dovecot-2.3.1-vanilla/m4/ioloop.m4 2018-06-08 20:02:15.850850957 -0400
-+++ dovecot-2.3.1/m4/ioloop.m4 2018-06-08 20:03:31.666945181 -0400
-@@ -4,9 +4,9 @@
+--- a/m4/ioloop.m4
++++ b/m4/ioloop.m4
+@@ -4,9 +4,9 @@ AC_DEFUN([DOVECOT_IOLOOP], [
if test "$ioloop" = "best" || test "$ioloop" = "epoll"; then
AC_CACHE_CHECK([whether we can use epoll],i_cv_epoll_works,[
int main()
{
return epoll_create(5) < 1;
-diff -u --recursive dovecot-2.3.1-vanilla/m4/mmap_write.m4 dovecot-2.3.1/m4/mmap_write.m4
---- dovecot-2.3.1-vanilla/m4/mmap_write.m4 2018-06-08 20:02:15.850850957 -0400
-+++ dovecot-2.3.1/m4/mmap_write.m4 2018-06-08 20:03:27.369939841 -0400
+--- a/m4/mmap_write.m4
++++ b/m4/mmap_write.m4
@@ -1,7 +1,7 @@
dnl * If mmap() plays nicely with write()
AC_DEFUN([DOVECOT_MMAP_WRITE], [
#include <stdio.h>
#include <sys/types.h>
#include <sys/stat.h>
-@@ -9,6 +9,7 @@
+@@ -9,6 +9,7 @@ AC_DEFUN([DOVECOT_MMAP_WRITE], [
#include <fcntl.h>
#include <sys/mman.h>
#include <string.h>
int main() {
/* return 0 if we're signed */
int f = open("conftest.mmap", O_RDWR|O_CREAT|O_TRUNC, 0600);
-diff -u --recursive dovecot-2.3.1-vanilla/m4/want_gssapi.m4 dovecot-2.3.1/m4/want_gssapi.m4
---- dovecot-2.3.1-vanilla/m4/want_gssapi.m4 2018-06-08 20:02:15.850850957 -0400
-+++ dovecot-2.3.1/m4/want_gssapi.m4 2018-06-08 20:04:13.204996804 -0400
-@@ -54,7 +54,7 @@
+--- a/m4/want_gssapi.m4
++++ b/m4/want_gssapi.m4
+@@ -54,7 +54,7 @@ AC_DEFUN([DOVECOT_WANT_GSSAPI], [
# does the kerberos library support SPNEGO?
AC_CACHE_CHECK([whether GSSAPI supports SPNEGO],i_cv_gssapi_spnego,[
#ifdef HAVE_GSSAPI_H
# include <gssapi.h>
#else
-@@ -62,6 +62,7 @@
+@@ -62,6 +62,7 @@ AC_DEFUN([DOVECOT_WANT_GSSAPI], [
#endif
#include <krb5.h>
#include <string.h>
This patch modifed dovecot-config that gets installed on the assumption
that users of libdovecot will also be cross-compiled (a safe bet).
-Index: dovecot-2.3.2.1/Makefile.am
-===================================================================
---- dovecot-2.3.2.1.orig/Makefile.am
-+++ dovecot-2.3.2.1/Makefile.am
+--- a/Makefile.am
++++ b/Makefile.am
@@ -73,7 +73,7 @@ install-exec-hook:
grep -v '^LIBDOVECOT_.*_INCLUDE' dovecot-config | \
grep -v '^LIBDOVECOT.*_DEPS' | sed \
--- a/src/lib-ssl-iostream/dovecot-openssl-common.c
+++ b/src/lib-ssl-iostream/dovecot-openssl-common.c
-@@ -63,9 +63,11 @@ void dovecot_openssl_common_global_ref(void)
+@@ -63,9 +63,11 @@ void dovecot_openssl_common_global_ref(v
/*i_warning("CRYPTO_set_mem_functions() was called too late");*/
}
}
bool dovecot_openssl_common_global_unref(void)
-@@ -79,6 +81,7 @@ bool dovecot_openssl_common_global_unref(void)
+@@ -79,6 +81,7 @@ bool dovecot_openssl_common_global_unref
ENGINE_finish(dovecot_openssl_engine);
dovecot_openssl_engine = NULL;
}
/* OBJ_cleanup() is called automatically by EVP_cleanup() in
newer versions. Doesn't hurt to call it anyway. */
OBJ_cleanup();
-@@ -100,6 +103,7 @@ bool dovecot_openssl_common_global_unref(void)
- ERR_free_strings();
+@@ -101,6 +104,7 @@ bool dovecot_openssl_common_global_unref
#ifdef HAVE_OPENSSL_CLEANUP
OPENSSL_cleanup();
-+#endif
#endif
++#endif
return FALSE;
}
+
--- a/src/lib-ssl-iostream/iostream-openssl-context.c
+++ b/src/lib-ssl-iostream/iostream-openssl-context.c
@@ -6,6 +6,9 @@
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/ssl.h>
-@@ -510,8 +513,10 @@ ssl_proxy_ctx_set_crypto_params(SSL_CTX *ssl_ctx,
+@@ -514,8 +517,10 @@ ssl_proxy_ctx_set_crypto_params(SSL_CTX
int nid;
const char *curve_name;
#endif
#include "dcrypt.h"
#include "dcrypt-private.h"
-@@ -179,11 +181,13 @@ static bool dcrypt_openssl_error(const char **error_r)
+@@ -179,11 +181,13 @@ static bool dcrypt_openssl_error(const c
static bool dcrypt_openssl_initialize(const struct dcrypt_settings *set,
const char **error_r)
{
#ifdef HAVE_SSL_NEW_MEM_FUNCS
static void *dovecot_openssl_malloc(size_t size, const char *u0 ATTR_UNUSED, int u1 ATTR_UNUSED)
-@@ -77,10 +80,12 @@ bool dovecot_openssl_common_global_unref(void)
+@@ -77,10 +80,12 @@ bool dovecot_openssl_common_global_unref
if (--openssl_init_refcount > 0)
return TRUE;
#if OPENSSL_VERSION_NUMBER < 0x10100000L
/* OBJ_cleanup() is called automatically by EVP_cleanup() in
newer versions. Doesn't hurt to call it anyway. */
-@@ -88,7 +93,9 @@ bool dovecot_openssl_common_global_unref(void)
+@@ -88,7 +93,9 @@ bool dovecot_openssl_common_global_unref
#ifdef HAVE_SSL_COMP_FREE_COMPRESSION_METHODS
SSL_COMP_free_compression_methods();
#endif
EVP_cleanup();
CRYPTO_cleanup_all_ex_data();
#ifdef HAVE_OPENSSL_AUTO_THREAD_DEINIT
-@@ -111,6 +118,7 @@ bool dovecot_openssl_common_global_unref(void)
+@@ -111,6 +118,7 @@ bool dovecot_openssl_common_global_unref
int dovecot_openssl_common_global_set_engine(const char *engine,
const char **error_r)
{
if (dovecot_openssl_engine != NULL)
return 1;
-@@ -132,5 +140,6 @@ int dovecot_openssl_common_global_set_engine(const char *engine,
+@@ -132,5 +140,6 @@ int dovecot_openssl_common_global_set_en
dovecot_openssl_engine = NULL;
return -1;
}
#
# Copyright (C) 2009 David Cooper <dave@kupesoft.com>
-# Copyright (C) 2009-2015 OpenWrt.org
-# Copyright (C) 2016 Daniel Dickinson <cshored@thecshore.com>
+# Copyright (C) 2016-2019 Daniel Dickinson <cshored@thecshore.com>
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(TOPDIR)/rules.mk
PKG_NAME:=msmtp-scripts
-PKG_VERSION:=1.0.8
+PKG_VERSION:=1.2.4
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=@SF/msmtp-scripts
-PKG_HASH:=2aec48d47b02facf2a33cf97a7434e969c1a054224406e6c55320d825c7902b2
+PKG_SOURCE_URL:=https://launchpad.net/$(PKG_NAME)/1.2/$(PKG_VERSION)/+download
+PKG_HASH:=fc85ab8ed1348be584adfc1feb89f51daed7404e9e8643652ff31d2af00f1cf5
+PKG_MAINTAINER:=Daniel F. Dickinson <cshored@thecshore.com>
-PKG_LICENSE:=GPL-3.0+
+PKG_LICENSE:=GPL-3.0-or-later
PKG_LICENSE_FILES:=COPYING
include $(INCLUDE_DIR)/package.mk
define Package/msmtp-scripts/Default
SECTION:=mail
CATEGORY:=Mail
- TITLE:=DEPRECATED: Simple sendmail SMTP queueing and forwarding
- URL:=http://msmtp-scripts.sourceforge.net/
+ TITLE:=Forwarding only SMTP with queuing
+ URL:=https://msmtp-scripts.thecshore.com
endef
define Package/msmtp-scripts/Default/description
- DEPRECATED: SourceForge project is abandonded; and upstream (on GitHub)
- has deprecated this project. See:
- https://github.com/cshore-history/msmtp-scripts#deprecation-notice
-
msmtp-scripts are scripts wrappers around the msmtp SMTP client that
- add queueing, logging to syslog or file, a subset of sendmail/postfix
+ add queueing, logging to syslog or file, and a subset of sendmail/postfix
mailq/postsuper/postqueue commands implemented in a compatible fashion.
endef
define Package/msmtpq-ng
$(call Package/msmtp-scripts/Default)
- DEPENDS+= @(PACKAGE_msmtp||PACKAGE_msmtp-nossl)
- TITLE+= (msmtpq-ng wrappers)
+ DEPENDS+= +msmtp
+ TITLE+= (common)
endef
define Package/msmtpq-ng/conffiles
$(call Package/msmtp-scripts/Default)
TITLE+= (as MTA)
DEPENDS+=+msmtpq-ng
- USERID:=msmtp=482:msmtp=482
+ ALTERNATIVES:=\
+ 400:/usr/sbin/sendmail:/usr/sbin/msmtpq-ng-mta \
+ 400:/usr/lib/sendmail:/usr/sbin/msmtpq-ng-mta \
+ 400:/usr/sbin/mailq:/usr/sbin/msmtpq-ng-queue-mta \
+ 400:/usr/sbin/postqueue:/usr/sbin/msmtpq-ng-queue-mta \
+ 400:/usr/sbin/postsuper:/usr/sbin/msmtpq-ng-queue-mta
endef
-define Package/msmtp-queue-mta/conffiles
+define Package/msmtpq-ng-mta/conffiles
/etc/msmtpq-ng-mta.rc
endef
define Package/msmtpq-ng-mta-smtpd
$(call Package/msmtp-scripts/Default)
DEPENDS+= +msmtpq-ng-mta +xinetd
- TITLE+= (basic SMTP server)
+ TITLE+= (localhost SMTPd)
+ USERID:=msmtp=482:msmtp=482
endef
define Package/msmtp-ng-mta-smtpd/description
the hold queue before it can be delivered.
endef
-define Package/msmtpq-ng-mta/postinst
- mkdir -p $${IPKG_INSTROOT}/etc/crontabs
- if ! grep -q msmtpq-ng-mta $${IPKG_INSTROOT}/etc/crontabs/root; then echo $$'\n'"*/60 * * * * /usr/bin/msmtpq-ng-mta -q" >>$${IPKG_INSTROOT}/etc/crontabs/root; fi
+define Package/msmtpq-ng-mta-smtpd/conffiles
+/etc/xinetd.d/ms-mta-smtpd
endef
-define Package/msmtp-queue-mta/prerm
- if grep -q msmtpq-ng-mta $${IPKG_INSTROOT}/etc/crontabs/root; then grep -v '\*/60 \* \* \* \* /usr/bin/msmtpq-ng-mta -q' $${IPKG_INSTROOT}/etc/crontabs/root >$${IPKG_INSTROOT}/etc/crontabs/root.new; mv -f $${IPKG_INSTROOT}/etc/crontabs/root.new $${IPKG_INSTROOT}/etc/crontabs; fi
+define Package/msmtpq-ng-mta/postinst
+ mkdir -p $${IPKG_INSTROOT}/etc/crontabs
+ if ! grep -q msmtpq-ng-mta $${IPKG_INSTROOT}/etc/crontabs/root 2>/dev/null; then echo $$'\n'"*/60 * * * * /usr/bin/msmtpq-ng-mta -q" >>$${IPKG_INSTROOT}/etc/crontabs/root; fi
endef
define Build/Configure
define Package/msmtpq-ng/install
$(INSTALL_DIR) $(1)/etc
- $(INSTALL_CONF) ./files/msmtpq-ng.rc $(1)/etc/msmtpq-ng.rc
+ $(INSTALL_DATA) ./files/msmtpq-ng.rc $(1)/etc/msmtpq-ng.rc
$(INSTALL_DIR) $(1)/usr/bin
- $(CP) $(PKG_BUILD_DIR)/msmtpq-ng/msmtpq-ng $(1)/usr/bin/
- $(SED) 's/logger -i/logger/' $(1)/usr/bin/msmtpq-ng
- $(CP) $(PKG_BUILD_DIR)/msmtpq-ng/msmtpq-ng-queue $(1)/usr/bin/
+ $(CP) $(PKG_BUILD_DIR)/src/usr/bin/msmtpq-ng $(1)/usr/bin/
+ $(CP) $(PKG_BUILD_DIR)/src/usr/bin/msmtpq-ng-queue $(1)/usr/bin/
endef
define Package/msmtpq-ng-mta/install
$(INSTALL_DIR) $(1)/usr/bin $(1)/usr/sbin $(1)/usr/lib $(1)/etc/init.d
- $(INSTALL_CONF) $(PKG_BUILD_DIR)/msmtpq-ng-mta/msmtpq-ng-mta.rc $(1)/etc/
- echo 'MSMTP_LOCK_DIR=/var/lock/msmtp' >>$(1)/etc/msmtpq-ng-mta.rc
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/msmtpq-ng-mta/msmtpq-ng-mta $(1)/usr/bin/
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/msmtpq-ng-mta/msmtpq-ng-queue-mta $(1)/usr/bin/
+ $(INSTALL_DATA) ./files/msmtpq-ng-mta.rc $(1)/etc/
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/usr/sbin/msmtpq-ng-mta $(1)/usr/sbin/
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/usr/sbin//msmtpq-ng-queue-mta $(1)/usr/sbin/
$(INSTALL_DIR) $(1)/etc/crontabs
$(INSTALL_BIN) ./files/msmtpq-ng-mta.init $(1)/etc/init.d/msmtpq-ng-mta
- ln -sf ../bin/msmtpq-ng-mta $(1)/usr/sbin/sendmail
- ln -sf ../bin/msmtpq-ng-mta $(1)/usr/lib/sendmail
- ln -sf ../bin/msmtpq-ng-queue-mta $(1)/usr/sbin/mailq
- ln -sf ../bin/msmtpq-ng-queue-mta $(1)/usr/sbin/postqueue
- ln -sf ../bin/msmtpq-ng-queue-mta $(1)/usr/sbin/postsuper
endef
define Package/msmtpq-ng-mta-smtpd/install
$(INSTALL_DIR) $(1)/etc/xinetd.d
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/msmtpq-ng-mta/sendmail-bs.xinetd $(1)/etc/xinetd.d/msmtpq-ng-mta-smtpd
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/etc/xinetd.d/ms-mta-smtpd $(1)/etc/xinetd.d/ms-mta-smtpd
endef
boot() {
[ ! -d /var/spool/msmtp ] && {
- mkdir -m 0770 -p /var/spool/msmtp
- chown msmtp:msmtp /var/spool/msmtp
+ mkdir -m1777 -p /var/spool/msmtp
}
[ ! -d /var/lock/msmtp ] && {
- mkdir -m 0770 -p /var/lock/msmtp
- chown msmtp:msmtp /var/lock/msmtp
+ mkdir -m1777 -p /var/lock/msmtp
}
}
--- /dev/null
+#!/bin/sh
+
+#Q=/var/spool/msmtp/"$(id -un)"
+#LOG=syslog
+#MAXLOGLEVEL=7
+#MSMTP_LOCK_DIR=/var/lock/msmtp/"$(id -un)"
+#MSMTP_UMASK=077
+#MSMTP_LOG_UMASK=007
+#MSMTP_QUEUE_QUIET=true
+#MSMTP_IGNORE_NO_RECIPIENTS=true
+#MSMTP_QUEUE_ONLY=false
+#MSMTP_SEND_DELAY=0
+#MSMTP_MAXIMUM_QUEUE_LIFETIME=345600 # Four days
+#MSMTPQ_NG=msmtpq-ng
+#MSMTPQ_NG_QUEUE=msmtpq-ng-queue
+#MSMTP_CONF=/etc/msmtprc
+#EMAIL_CONN_TEST=p
+EMAIL_CONN_TEST_PING=openwrt.org
+#EMAIL_CONN_TEST_IP=8.8.8.8
+#EMAIL_CONN_TEST_SITE=www.debian.org
+#MSMTP_HOLD_SMTP_MAIL=true
+#MSMTP_HOLD_CLI_MAIL=false
+#!/bin/sh
+
#Q=~/msmtp.queue
#LOG=~/log/.msmtp.queue.log
#MAXLOGLEVEL=7
-#MSMTP_LOCKDIR=/var/lock
+#MSMTP_LOCK_DIR=~/.msmtp.lock
EMAIL_CONN_TEST=p
-EMAIL_CONN_TEST_SITE=www.lede-project.org
+EMAIL_CONN_TEST_PING=openwrt.org
#EMAIL_CONN_TEST_IP=8.8.8.8
+#EMAIL_CONN_TEST_SITE=www.debian.org
#MSMTP_UMASK=077
#MSMTP_LOG_UMASK=077
#MSMTP_QUEUE_QUIET=false
-#MSMTP_IGNORE_NO_RECIPIENTS=false
+#MSMTP_IGNORE_NO_RECIPIENTS=true
#MSMTP_QUEUE_ONLY=false
#MSMTP_SEND_DELAY=0
#MSMTP_MAXIMUM_QUEUE_LIFETIME=345600 # Four days
#MSMTPQ_NG_QUEUE=msmtpq-ng-queue
#MSMTP_HOLD_SMTP_MAIL=true
#MSMTP_HOLD_CLI_MAIL=false
+#MSMTP_CONF=/etc/msmtprc
+#LOCK_CMD=flock
PKG_NAME:=msmtp
PKG_VERSION:=1.8.5
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://marlam.de/msmtp/releases
DEPENDS+= +libgnutls +ca-bundle
TITLE+= (with SSL support)
VARIANT:=ssl
+ DEFAULT_VARIANT:=1
endef
define Package/msmtp/conffiles
$(call Package/msmtp/Default)
TITLE+= (without SSL support)
VARIANT:=nossl
+ PROVIDES:=msmtp
endef
define Package/msmtp-nossl/description
define Package/msmtp-mta
$(call Package/msmtp/Default)
TITLE+= (as MTA)
- DEPENDS+=@(PACKAGE_msmtp||PACKAGE_msmtp-nossl)
+ DEPENDS+=+msmtp
+ ALTERNATIVES:=\
+ 100:/usr/sbin/sendmail:/usr/bin/msmtp \
+ 100:/usr/lib/sendmail:/usr/bin/msmtp
endef
define Package/msmtp-mta/description
define Package/msmtp-queue
$(call Package/msmtp/Default)
- DEPENDS+= +bash @(PACKAGE_msmtp||PACKAGE_msmtp-nossl)
+ DEPENDS+= +bash +msmtp
TITLE+= (queue scripts)
endef
define Package/msmtp-mta/install
$(INSTALL_DIR) $(1)/usr/sbin $(1)/usr/lib
- ln -sf ../bin/msmtp $(1)/usr/sbin/sendmail
- ln -sf ../bin/msmtp $(1)/usr/lib/sendmail
endef
Package/msmtp-nossl/conffiles = $(Package/msmtp/conffiles)
include $(TOPDIR)/rules.mk
PKG_NAME:=graphicsmagick
-PKG_VERSION:=1.3.32
+PKG_VERSION:=1.3.33
PKG_RELEASE:=1
PKG_BUILD_DIR:=$(BUILD_DIR)/GraphicsMagick-$(PKG_VERSION)
PKG_SOURCE:=GraphicsMagick-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=@SF/graphicsmagick
-PKG_HASH:=d1f70bc6d41de922199ce6b0a04af7b3492b2fc4a2be6ee24e0af4e15250db0a
+PKG_HASH:=d18aaca2d79a10270d49ad1aaa01dce24752f7548880138d59874a78ac62e11f
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=Copyright.txt
PKG_NAME:=imagemagick
PKG_VERSION:=7.0.8
-PKG_REVISION:=49
+PKG_REVISION:=59
PKG_RELEASE:=1
PKG_MAINTAINER:=Val Kulkov <val.kulkov@gmail.com>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_REVISION).tar.gz
PKG_SOURCE_URL:=http://github.com/ImageMagick/ImageMagick/archive/$(PKG_VERSION)-$(PKG_REVISION)
-PKG_HASH:=53f7963bbe81520e799e9e178a13757890ed43bc9faf2e86fae1cf58aea28575
+PKG_HASH:=238ee17196fcb80bb58485910aaefc12d48f99e4043c2a28f06ff9588161c4e3
PKG_BUILD_DIR:=$(BUILD_DIR)/ImageMagick-$(PKG_VERSION)-$(PKG_REVISION)
PKG_LICENSE:=Apache-2.0
include $(TOPDIR)/rules.mk
PKG_NAME:=youtube-dl
-PKG_VERSION:=2019.7.27
+PKG_VERSION:=2019.8.13
PKG_RELEASE:=1
PKG_SOURCE:=youtube_dl-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://files.pythonhosted.org/packages/source/y/youtube_dl/
-PKG_HASH:=82c4b4df4eca070e59fb0b2e4046596764efead8e3b59fc530232f51159d44b5
+PKG_HASH:=ff65a10f81b64d8e0d1872a89bee0d075370ba6e4c658193e56e6f93e5ca46ba
PKG_BUILD_DIR:=$(BUILD_DIR)/youtube_dl-$(PKG_VERSION)
PKG_MAINTAINER:=Adrian Panella <ianchi74@outlook.com>, Josef Schlehofer <pepe.schlehofer@gmail.com>
include $(TOPDIR)/rules.mk
PKG_NAME:=adblock
-PKG_VERSION:=3.6.5
-PKG_RELEASE:=2
+PKG_VERSION:=3.8.2
+PKG_RELEASE:=1
PKG_LICENSE:=GPL-3.0+
PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>
endef
define Package/adblock/description
-Powerful adblock script to block ad/abuse domains via dnsmasq, unbound, named, kresd or dnscrypt-proxy.
+Powerful adblock script to block ad/abuse domains via dnsmasq, unbound, named or kresd.
The script supports many domain blacklist sites plus manual black- and whitelist overrides.
Please see https://github.com/openwrt/packages/blob/master/net/adblock/files/README.md for further information.
define Package/adblock/install
$(INSTALL_DIR) $(1)/usr/bin
- $(INSTALL_BIN) ./files/adblock.sh $(1)/usr/bin/
+ $(INSTALL_BIN) ./files/adblock.sh $(1)/usr/bin
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/adblock.init $(1)/etc/init.d/adblock
$(INSTALL_CONF) ./files/adblock.conf $(1)/etc/config/adblock
$(INSTALL_DIR) $(1)/etc/adblock
- $(INSTALL_CONF) ./files/adblock.notify $(1)/etc/adblock/
- $(INSTALL_CONF) ./files/adblock.blacklist $(1)/etc/adblock/
- $(INSTALL_CONF) ./files/adblock.whitelist $(1)/etc/adblock/
+ $(INSTALL_BIN) ./files/adblock.mail $(1)/etc/adblock
+ $(INSTALL_BIN) ./files/adblock.service $(1)/etc/adblock
+ $(INSTALL_CONF) ./files/adblock.blacklist $(1)/etc/adblock
+ $(INSTALL_CONF) ./files/adblock.whitelist $(1)/etc/adblock
endef
$(eval $(call BuildPackage,adblock))
* => weekly updates, approx. 2.500 entries (enabled by default)
* zero-conf like automatic installation & setup, usually no manual changes needed
* simple but yet powerful adblock engine: adblock does not use error prone external iptables rulesets, http pixel server instances and things like that
-* supports five different dns backends / blocklist formats: dnsmasq, unbound, named (bind), kresd and dnscrypt-proxy
-* supports six different download utilities: uclient-fetch, wget, curl, aria2c, wget-nossl, busybox-wget
-* Really fast downloads & list processing as they are handled in parallel as background jobs in a configurable 'Download Queue'
-* provides 'http only' mode without installed ssl library for all non-SSL blocklist sources
-* supports a wide range of router modes, even AP modes are supported
+* support four different dns backends: dnsmasq, unbound, named (bind) and kresd
+* support two different dns blocking variants: 'nxdomain' (default, supported by all backends), 'null' (supported only by dnsmasq)
+* support six different download utilities: uclient-fetch, wget, curl, aria2c, wget-nossl, busybox-wget
+* fast downloads & list processing as they are handled in parallel running background jobs (see 'Download Queue')
+* provide 'http only' mode without installed ssl library for all non-SSL blocklist sources
+* support a wide range of router modes, even AP modes are supported
* full IPv4 and IPv6 support
-* provides top level domain compression ('tld compression'), this feature removes thousands of needless host entries from the blocklist and lowers the memory footprint for the dns backend
+* provide top level domain compression ('tld compression'), this feature removes thousands of needless host entries from the blocklist and lowers the memory footprint for the dns backend
+* provide a 'DNS File Reset', where the final DNS blockfile will be purged after DNS backend loading to save storage space
* blocklist source parsing by fast & flexible regex rulesets
* overall duplicate removal in central blocklist 'adb_list.overall'
-* additional whitelist for manual overrides, located by default in /etc/adblock/adblock.whitelist
+* additional blacklist for manual overrides, located by default in /etc/adblock/adblock.blacklist or in LuCI
+* additional whitelist for manual overrides, located by default in /etc/adblock/adblock.whitelist or in LuCI
* quality checks during blocklist update to ensure a reliable dns backend service
* minimal status & error logging to syslog, enable debug logging to receive more output
* procd based init system support (start/stop/restart/reload/suspend/resume/query/status)
* procd network interface trigger support or classic time based startup
* keep the dns cache intact after adblock processing (currently supported by unbound, named and kresd)
-* conditional dns backend restarts by old/new blocklist comparison with sha256sum (default) or md5sum
* suspend & resume adblock actions temporarily without blocklist reloading
* provide comprehensive runtime information via LuCI or via 'status' init command
* provide a detailed DNS Query Report with dns related information about client requests, top (blocked) domains and more
-* provide a query function to quickly identify blocked (sub-)domains, e.g. for whitelisting. This function is also able to search in adblock backups, to get back the set of blocking lists sources for a certain domain
-* force dns requests to local resolver
-* force overall sort / duplicate removal for low memory devices (handle with care!)
-* automatic blocklist backup & restore, they will be used in case of download errors or during startup in backup mode
-* 'backup mode' to re-use blocklist backups during startup, get fresh lists only via reload or restart action
-* 'Jail' blocklist generation which builds an additional list (/tmp/adb_list.jail) to block access to all domains except those listed in the whitelist file. You can use this restrictive blocklist manually e.g. for guest wifi or kidsafe configurations
-* send notification emails in case of a processing error or if the overall domain count is ≤ 0
+* provide a query function to quickly identify blocked (sub-)domains, e.g. for whitelisting. This function is also able to search in adblock backups and black-/whitelist, to get back the set of blocking lists sources for a certain domain
+* option to force dns requests to the local resolver
+* automatic blocklist backup & restore, these backups will be used in case of download errors and during startup
+* send notification E-Mails in case of a processing error or if the overall domain count is ≤ 0
* add new adblock sources on your own, see example below
-* strong LuCI support
+* strong LuCI support for all options
## Prerequisites
-* [OpenWrt](https://openwrt.org), tested with the stable release series (18.06) and with the latest snapshot
+* [OpenWrt](https://openwrt.org), tested with the stable release series (19.07) and with the latest snapshot
* a usual setup with an enabled dns backend at minimum - dump AP modes without a working dns backend are _not_ supported
* a download utility:
* to support all blocklist sources a full version (with ssl support) of 'wget', 'uclient-fetch' with one of the 'libustream-*' ssl libraries, 'aria2c' or 'curl' is required
* for limited devices with real memory constraints, adblock provides also a 'http only' option and supports wget-nossl and uclient-fetch (without libustream-ssl) as well
* for more configuration options see examples below
-* email notification (optional): for email notification support you need to install and configure the additional 'msmtp' package
-* DNS Query Report (optional): for this detailed report you need to install the additional package 'tcpdump' or 'tcpdump-mini'
+* E-Mail notification (optional): for E-Mail notification support you need the additional 'msmtp' package
+* DNS Query Report (optional): for this detailed report you need the additional package 'tcpdump' or 'tcpdump-mini'
## Installation & Usage
* install 'adblock' (_opkg install adblock_)
## LuCI adblock companion package
* it's strongly recommended to use the LuCI frontend to easily configure all powerful aspects of adblock
* install 'luci-app-adblock' (_opkg install luci-app-adblock_)
-* the application is located in LuCI under 'Services' menu
+* the application is located in LuCI under the 'Services' menu
## Tweaks
* **runtime information:** the adblock status is available via _/etc/init.d/adblock status_ (see example below)
* **debug logging:** for script debugging please set the config option 'adb\_debug' to '1' and check the runtime output with _logread -e "adblock"_
-* **storage expansion:** to process and store all blocklist sources at once it might helpful to enlarge your temp directory with a swap partition => see [OpenWrt Wiki](https://wiki.openwrt.org/doc/uci/fstab) for further details
-* **add white- / blacklist entries:** add domain white- or blacklist entries to always-allow or -deny certain (sub) domains, by default both lists are empty and located in _/etc/adblock_. Please add one domain per line - ip addresses, wildcards & regex are _not_ allowed (see example below)
-* **backup & restore blocklists:** enable this feature, to restore automatically the latest compressed backup of your blocklists in case of any processing error (e.g. a single blocklist source is not available during update). Please use an (external) solid partition and _not_ your volatile router temp directory for this
+* **storage expansion:** to process and store all blocklist sources at once it might be helpful to enlarge your temp directory with a swap partition => see [OpenWrt Wiki](https://openwrt.org/docs/guide-user/storage/fstab) for further details
+* **add white- / blacklist entries:** add domain black- or whitelist entries to always-deny or -allow certain (sub) domains, by default both lists are empty and located in _/etc/adblock_. Please add one domain per line - ip addresses, wildcards & regex are _not_ allowed (see example below). You need to refresh your blocklists after changes to these static lists.
* **download queue size:** for further download & list processing performance improvements you can raise the 'adb\_maxqueue' value, e.g. '8' or '16' should be safe
* **scheduled list updates:** for a scheduled call of the adblock service add an appropriate crontab entry (see example below)
* **change startup behaviour:** by default the startup will be triggered by the 'wan' procd interface trigger. Choose 'none' to disable automatic startups, 'timed' to use a classic timeout (default 30 sec.) or select another trigger interface
* **suspend & resume adblocking:** to quickly switch the adblock service 'on' or 'off', simply use _/etc/init.d/adblock [suspend|resume]_
* **domain query:** to query the active blocklist for a certain domain, please use the LuCI frontend or run _/etc/init.d/adblock query `<DOMAIN>`_ (see example below)
* **add new list sources:** you could add new blocklist sources on your own via uci config, all you need is a source url and an awk one-liner (see example below)
-* **disable active dns probing in windows 10:** to prevent a yellow exclamation mark on your internet connection icon (which wrongly means connected, but no internet), please change the following registry key/value from "1" to "0" _HKLM\SYSTEM\CurrentControlSet\Services\NlaSvc\Parameters\Internet\EnableActiveProbing_
## Further adblock config options
* usually the pre-configured adblock setup works quite well and no manual overrides are needed
* the following options apply to the 'global' config section:
* adb\_enabled => main switch to enable/disable adblock service (default: '0', disabled)
- * adb\_debug => enable/disable adblock debug output (default: '0', disabled)
+ * adb\_dns => select the dns backend for your environment: 'dnsmasq', 'unbound', 'named' or 'kresd' (default: 'dnsmasq')
+ * adb\_dnsvariant => select the blocking variant: 'nxdomain' (default, supported by all backends), 'null (IPv4)' and 'null (IPv4/IPv6)' both options are only supported by dnsmasq
* adb\_fetchutil => name of the used download utility: 'uclient-fetch', 'wget', 'curl', 'aria2c', 'wget-nossl'. 'busybox' (default: 'uclient-fetch')
* adb\_fetchparm => special config options for the download utility (default: not set)
- * adb\_dns => select the dns backend for your environment: 'dnsmasq', 'unbound', 'named', 'kresd' or 'dnscrypt-proxy' (default: 'dnsmasq')
- * adb\_dnsdir => target directory for the generated blocklist 'adb_list.overall' (default: not set, use dns backend default)
* adb\_trigger => set the startup trigger to a certain interface, to 'timed' or to 'none' (default: 'wan')
-
* the following options apply to the 'extra' config section:
+ * adb\_debug => enable/disable adblock debug output (default: '0', disabled)
* adb\_nice => set the nice level of the adblock process and all sub-processes (int/default: '0', standard priority)
- * adb\_triggerdelay => additional trigger delay in seconds before adblock processing begins (int/default: '2')
* adb\_forcedns => force dns requests to local resolver (bool/default: '0', disabled)
- * adb\_backup => create compressed blocklist backups, they will be used in case of download errors or during startup in backup mode (bool/default: '0', disabled)
- * adb\_backupdir => target directory for adblock backups (default: not set)
- * adb\_backup_mode => do not automatically update blocklists during startup, use backups instead (bool/default: '0', disabled)
+ * adb\_maxqueue => size of the download queue to handle downloads & list processing in parallel (int/default: '8')
+ * adb\_dnsfilereset => the final DNS blockfile will be purged after DNS backend loading to save storage space (bool/default: 'false', disabled)
* adb\_report => enable the background tcpdump gathering process to provide a detailed DNS Query Report (bool/default: '0', disabled)
* adb\_repdir => target directory for dns related report files generated by tcpdump (default: '/tmp')
+ * adb\_backupdir => target directory for adblock backups (default: '/tmp')
+ * adb\_mail => send notification E-Mails in case of a processing errors or if the overall domain count is ≤ 0 (bool/default: '0', disabled)
+ * adb\_mreceiver => receiver address for adblock notification E-Mails (default: not set)
+* the following options could be added via "Additional Field" in LuCI and apply to the 'extra' config section as well:
+ * adb\_dnsdir => target directory for the generated blocklist 'adb_list.overall' (default: not set, use dns backend default)
+ * adb\_blacklist => full path to the static blacklist file (default: '/etc/adblock/adblock.blacklist')
+ * adb\_whitelist => full path to the static whitelist file (default: '/etc/adblock/adblock.whitelist')
+ * adb\_triggerdelay => additional trigger delay in seconds before adblock processing begins (int/default: '2')
+ * adb\_dnsflush => flush DNS cache after adblock processing, i.e. enable the old restart behavior (bool/default: '0', disabled)
* adb\_repiface => reporting interface used by tcpdump, set to 'any' for multiple interfaces (default: 'br-lan')
* adb\_replisten => space separated list of reporting port(s) used by tcpdump (default: '53')
- * adb\_repchunksize => report chunk size used by tcpdump in MB (int/default: '1')
* adb\_repchunkcnt => report chunk count used by tcpdump (default: '5')
- * adb\_maxqueue => size of the download queue to handle downloads & list processing in parallel (int/default: '8')
- * adb\_jail => builds an additional 'Jail' list (/tmp/adb_list.jail) to block access to all domains except those listed in the whitelist file (bool/default: '0', disabled)
- * adb\_dnsflush => flush DNS cache after adblock processing, i.e. enable the old restart behavior (bool/default: '0', disabled)
- * adb\_notify => send notification emails in case of a processing error or if the overall domain count is ≤ 0 (bool/default: '0', disabled)
- * adb\_notifycnt => Raise minimum domain count email notification trigger (int/default: '0')
+ * adb\_repchunksize => report chunk size used by tcpdump in MB (int/default: '1')
+ * adb\_msender => sender address for adblock notification E-Mails (default: 'no-reply@adblock')
+ * adb\_mtopic => topic for adblock notification E-Mails (default: 'adblock notification')
+ * adb\_mprofile => mail profile used in 'msmtp' for adblock notification E-Mails (default: 'adb_notify')
+ * adb\_mcnt => raise the minimum domain count E-Mmail notification trigger (int/default: '0')
## Examples
**change default dns backend to 'unbound':**
-Adblock deposits the final blocklist 'adb_list.overall' in '/var/lib/unbound' where unbound can find them in its jail.
+Adblock deposits the final blocklist 'adb_list.overall' in '/var/lib/unbound' where unbound can find them in its jail, no further configuration needed.
To preserve the DNS cache after adblock processing you need to install 'unbound-control'.
**change default dns backend to 'named' (bind):**
The knot-resolver (kresd) is only available on Turris Omnia devices.
Adblock deposits the final blocklist 'adb_list.overall' in '/etc/kresd', no further configuration needed.
-**change default dns backend to 'dnscrypt-proxy':**
-
-The required 'blacklist' option of dnscrypt-proxy is not enabled by default, because the package will be compiled without plugins support.
-Take a custom OpenWrt build with plugins support to use this feature. Adblock deposits the final blocklist 'adb_list.overall' in '/tmp'.
-To use the blocklist please modify '/etc/config/dnscrypt-proxy' per instance:
-<pre><code>
- list blacklist 'domains:/tmp/adb_list.overall'
-</code></pre>
-
-**reference the jail block list manually in a 'kidsafe' dhcp config:**
-
-The additional 'Jail' blocklist (by default in /tmp/adb_list.jail) block access to all domains except those listed in the whitelist file.
-<pre><code>
-config dnsmasq 'kidsafe'
- [...]
- option serversfile '/tmp/adb_list.jail'
-</code></pre>
-
-**enable email notification via msmtp:**
+**enable E-Mail notification via msmtp:**
To use the email notification you have to install & configure the package 'msmtp'.
Modify the file '/etc/msmtprc':
user dev.adblock
password xxx
</code></pre>
-Edit the file '/etc/adblock/adblock.notify' and change at least the 'mail_receiver'.
-Finally make this file executable via 'chmod' and test it directly. If no more errors come up you can comment 'mail_debug', too.
+Finally enable E-Mail support and add a valid E-Mail address in LuCI.
**receive adblock runtime information:**
/etc/init.d/adblock status
::: adblock runtime information
+ adblock_status : enabled
- + adblock_version : 3.6.0
- + overall_domains : 30267 (backup mode)
+ + adblock_version : 3.8.0
+ + overall_domains : 48359
+ fetch_utility : /bin/uclient-fetch (libustream-ssl)
- + dns_backend : dnsmasq (/tmp)
- + last_rundate : 19.12.2018 16:29:25
- + system_release : GL-AR750S, OpenWrt SNAPSHOT r8814-6835c13e5a
+ + dns_backend : dnsmasq, /tmp
+ + dns_variant : null (IPv4/IPv6), true
+ + backup_dir : /mnt/data/adblock
+ + last_rundate : 15.08.2019 08:43:16
+ + system_release : GL.iNet GL-AR750S, OpenWrt SNAPSHOT r10720-ccb4b96b8a
</code></pre>
**receive adblock DNS Query Report information:**
+ 2 ::: v10.events.data.microsoft.com
+ 2 ::: settings-win.data.microsoft.com
+ 2 ::: nexusrules.officeapps.live.com
+[...]
</code></pre>
**cronjob for a regular block list update (/etc/crontabs/root):**
www.adwhere.com
</code></pre>
-**query the active blocklist for a certain (sub-)domain, e.g. for whitelisting:**
+**query the active blocklist, the backups and black-/whitelist for a certain (sub-)domain, e.g. for whitelisting:**
The query function checks against the submitted (sub-)domain and recurses automatically to the upper top level domain. For every (sub-)domain it returns the first ten relevant results.
<pre><code>
/etc/init.d/adblock query google.com
:::
-::: results for domain 'google.com'
+::: results for domain 'google.com' in active blocklist
:::
+ + adservice.google.com
+ + adservice.google.com.au
+ + adservice.google.com.vn
+ + adservices.google.com
+ analytics.google.com
+ googleadapis.l.google.com
+ pagead.l.google.com
+ partnerad.l.google.com
+ ssl-google-analytics.l.google.com
- + www-google-analytics.l.google.com
+ video-stats.video.google.com
+ + [...]
+
:::
-::: results for domain 'google.com' in backups
+::: results for domain 'google.com' in backups and black-/whitelist
:::
+ adb_list.adguard.gz partnerad.l.google.com
+ adb_list.adguard.gz googleadapis.l.google.com
+ adb_list.disconnect.gz partnerad.l.google.com
+ adb_list.disconnect.gz video-stats.video.google.com
+ adb_list.disconnect.gz [...]
+ + adb_list.whocares.gz video-stats.video.google.com
+ + adb_list.whocares.gz adservice.google.com
+ + adb_list.whocares.gz adservice.google.com.au
+ + adb_list.whocares.gz [...]
+ + adb_list.yoyo.gz adservice.google.com
+ adb_list.yoyo.gz analytics.google.com
+ adb_list.yoyo.gz pagead.l.google.com
- + adb_list.yoyo.gz partnerad.l.google.com
+ adb_list.yoyo.gz [...]
</code></pre>
## Support
Please join the adblock discussion in this [forum thread](https://forum.openwrt.org/t/adblock-support-thread/507) or contact me by mail <dev@brenken.org>
-## Removal
-* stop all adblock related services with _/etc/init.d/adblock stop_
-* optional: remove the adblock package (_opkg remove adblock_)
-
Have fun!
Dirk
config adblock 'global'
+ option adb_basever '3.8'
option adb_enabled '0'
option adb_dns 'dnsmasq'
+ option adb_dnsvariant 'nxdomain'
option adb_fetchutil 'uclient-fetch'
option adb_trigger 'wan'
config adblock 'extra'
option adb_debug '0'
option adb_forcedns '0'
- option adb_backup '0'
option adb_report '0'
- option adb_maxqueue '8'
+ option adb_maxqueue '4'
config source 'adaway'
option adb_src 'https://adaway.org/hosts.txt'
option adb_src_desc 'focus on malicious bitcoin mining sites, infrequent updates, approx. 80 entries'
option enabled '0'
-config source 'blacklist'
- option adb_src '/etc/adblock/adblock.blacklist'
- option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
- option adb_src_desc 'static local domain blacklist, always deny these domains'
- option enabled '1'
-
config source 'disconnect'
option adb_src 'https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt'
option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
stop_service()
{
rc_procd "${adb_script}" stop
- rc_procd start_service
}
restart()
suspend()
{
[ -s "${adb_pidfile}" ] && return 1
- rc_procd "${adb_script}" suspend
+ rc_procd start_service suspend
}
resume()
{
[ -s "${adb_pidfile}" ] && return 1
- rc_procd "${adb_script}" resume
+ rc_procd start_service resume
}
query()
rtfile="${rtfile:-"/tmp/adb_runtime.json"}"
if [ -s "${rtfile}" ]
then
- printf "%s\n" "::: adblock runtime information"
+ printf "%s\\n" "::: adblock runtime information"
json_load_file "${rtfile}"
json_select data
json_get_keys keylist
for key in ${keylist}
do
json_get_var value "${key}"
- printf " + %-15s : %s\n" "${key}" "${value}"
+ printf " + %-15s : %s\\n" "${key}" "${value}"
done
else
- printf "%s\n" "::: no adblock runtime information available"
+ printf "%s\\n" "::: no adblock runtime information available"
fi
}
--- /dev/null
+#!/bin/sh
+#
+# send mail script for adblock notifications
+# written by Dirk Brenken (dev@brenken.org)
+# Please note: you have to manually install and configure the package 'msmtp' before using this script
+
+# This is free software, licensed under the GNU General Public License v3.
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+LC_ALL=C
+PATH="/usr/sbin:/usr/bin:/sbin:/bin"
+
+if [ -r "/lib/functions.sh" ]
+then
+ . "/lib/functions.sh"
+ adb_basever="$(uci_get adblock global adb_basever)"
+ adb_debug="$(uci_get adblock extra adb_debug "0")"
+ adb_msender="$(uci_get adblock extra adb_msender "no-reply@adblock")"
+ adb_mreceiver="$(uci_get adblock extra adb_mreceiver)"
+ adb_mtopic="$(uci_get adblock extra adb_mtopic "adblock notification")"
+ adb_mprofile="$(uci_get adblock extra adb_mprofile "adb_notify")"
+fi
+adb_mail="$(command -v msmtp)"
+adb_rc=1
+
+if [ "${adb_debug}" -eq 1 ]
+then
+ debug="--debug"
+fi
+
+# mail header & receiver check
+#
+if [ -z "${adb_mreceiver}" ]
+then
+ logger -p "err" -t "adblock-${adb_basever} [${$}]" "please set the mail receiver with the 'adb_mreceiver' option"
+ exit ${adb_rc}
+fi
+adb_mhead="From: ${adb_msender}\\nTo: ${adb_mreceiver}\\nSubject: ${adb_mtopic}\\nReply-to: ${adb_msender}\\nMime-Version: 1.0\\nContent-Type: text/html\\nContent-Disposition: inline\\n\\n"
+
+# info preparation
+#
+sys_info="$(strings /etc/banner 2>/dev/null; ubus call system board | sed -e 's/\"release\": {//' | sed -e 's/^[ \t]*//' | sed -e 's/[{}\",]//g' | sed -e 's/[ ]/ \t/' | sed '/^$/d' 2>/dev/null)"
+adb_info="$(/etc/init.d/adblock status 2>/dev/null)"
+if [ -f "/var/log/messages" ]
+then
+ log_info="$(awk '/adblock-/{NR=1;max=79;if(length($0)>max+1)while($0){if(NR==1){print substr($0,1,max),"↵"} else {print " ",substr($0,1,max)}{$0=substr($0,max+1);NR=NR+1}}else print}' /var/log/messages)"
+else
+ log_info="$(logread -e "adblock-" | awk '{NR=1;max=79;if(length($0)>max+1)while($0){if(NR==1){print substr($0,1,max),"↵"} else {print " ",substr($0,1,max)}{$0=substr($0,max+1);NR=NR+1}}else print}')"
+fi
+
+# mail body
+#
+adb_mtext="<html><body><pre style='display:block;font-family:monospace;font-size:1rem;padding:20;background-color:#f3eee5;white-space:pre'>"
+adb_mtext="${adb_mtext}\\n<strong>++\\n++ System Information ++\\n++</strong>\\n${sys_info}"
+adb_mtext="${adb_mtext}\\n\\n<strong>++\\n++ Adblock Information ++\\n++</strong>\\n${adb_info}"
+adb_mtext="${adb_mtext}\\n\\n<strong>++\\n++ Logfile Information ++\\n++</strong>\\n${log_info}"
+adb_mtext="${adb_mtext}</pre></body></html>"
+
+# send mail
+#
+if [ -x "${adb_mail}" ]
+then
+ printf "%b" "${adb_mhead}${adb_mtext}" 2>/dev/null | "${adb_mail}" ${debug} -a "${adb_mprofile}" "${adb_mreceiver}" >/dev/null 2>&1
+ adb_rc=${?}
+ logger -p "info" -t "adblock-${adb_basever} [${$}]" "mail sent to '${adb_mreceiver}' with rc '${adb_rc}'"
+else
+ logger -p "err" -t "adblock-${adb_basever} [${$}]" "msmtp mail daemon not found"
+fi
+
+exit ${adb_rc}
+++ /dev/null
-#!/bin/sh
-#
-# adblock send mail script for msmtp
-# written by Dirk Brenken (dev@brenken.org)
-# Please note: you have to install and configure the package 'msmtp' before using this script.
-
-# This is free software, licensed under the GNU General Public License v3.
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <http://www.gnu.org/licenses/>.
-
-LC_ALL=C
-PATH="/usr/sbin:/usr/bin:/sbin:/bin"
-mail_ver="1.0.4"
-mail_daemon="$(command -v msmtp)"
-mail_profile="adb_notify"
-#mail_debug="--debug"
-mail_rc=1
-
-# mail header & mail receiver check
-#
-mail_receiver=""
-mail_sender="no-reply@adblock"
-mail_topic="${HOSTNAME}: adblock notification"
-mail_head="From: ${mail_sender}\nTo: ${mail_receiver}\nSubject: ${mail_topic}\nReply-to: ${mail_sender}\nMime-Version: 1.0\nContent-Type: text/html\nContent-Disposition: inline\n\n"
-
-if [ -z "${mail_receiver}" ]
-then
- logger -p "err" -t "adblock-notify-${mail_ver}[${$}]" "please supply/customize the 'mail_receiver' in '/etc/adblock/adblock.notify'"
- exit ${mail_rc}
-fi
-
-# mail daemon check
-#
-if [ ! -x "${mail_daemon}" ]
-then
- mail_daemon="$(command -v sendmail)"
-fi
-
-# info preparation
-#
-sys_info="$(strings /etc/banner 2>/dev/null; ubus call system board | sed -e 's/\"release\": {//' | sed -e 's/^[ \t]*//' | sed -e 's/[{}\",]//g' | sed -e 's/[ ]/ \t/' | sed '/^$/d' 2>/dev/null)"
-adb_info="$(/etc/init.d/adblock status 2>/dev/null)"
-if [ -f "/var/log/messages" ]
-then
- log_info="$(awk '/adblock-/{NR=1;max=79;if(length($0)>max+1)while($0){if(NR==1){print substr($0,1,max),"↵"} else {print " ",substr($0,1,max)}{$0=substr($0,max+1);NR=NR+1}}else print}' /var/log/messages)"
-else
- log_info="$(logread -e "adblock-" | awk '{NR=1;max=79;if(length($0)>max+1)while($0){if(NR==1){print substr($0,1,max),"↵"} else {print " ",substr($0,1,max)}{$0=substr($0,max+1);NR=NR+1}}else print}')"
-fi
-
-# mail body
-#
-mail_text="<html><body><pre style='display:block;font-family:monospace;font-size:1rem;padding:20;background-color:#f3eee5;white-space:pre'>"
-mail_text="${mail_text}\n<strong>++\n++ System Information ++\n++</strong>\n${sys_info}"
-mail_text="${mail_text}\n\n<strong>++\n++ Adblock Information ++\n++</strong>\n${adb_info}"
-mail_text="${mail_text}\n\n<strong>++\n++ Logfile Information ++\n++</strong>\n${log_info}"
-mail_text="${mail_text}</pre></body></html>"
-
-# send mail
-#
-if [ -x "${mail_daemon}" ]
-then
- printf "%b" "${mail_head}${mail_text}" 2>/dev/null | "${mail_daemon}" ${mail_debug} -a "${mail_profile}" "${mail_receiver}" >/dev/null 2>&1
- mail_rc=${?}
- logger -p "info" -t "adblock-notify-${mail_ver}[${$}]" "mail sent to '${mail_receiver}' with rc '${mail_rc}'"
-else
- logger -p "err" -t "adblock-notify-${mail_ver}[${$}]" "msmtp mail daemon not found"
-fi
-
-exit ${mail_rc}
--- /dev/null
+#!/bin/sh
+# ubus monitor to trace dns backend events and conditionally restart adblock
+# written by Dirk Brenken (dev@brenken.org)
+
+# This is free software, licensed under the GNU General Public License v3.
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+LC_ALL=C
+PATH="/usr/sbin:/usr/bin:/sbin:/bin"
+
+if [ -r "/lib/functions.sh" ]
+then
+ . "/lib/functions.sh"
+ adb_basever="$(uci_get adblock global adb_basever)"
+ adb_dns="$(uci_get adblock global adb_dns)"
+fi
+adb_ubus="$(command -v ubus)"
+
+if [ -x "${adb_ubus}" ] && [ -n "${adb_dns}" ]
+then
+ logger -p "info" -t "adblock-${adb_basever} [${$}]" "ubus/adblock service started"
+ "${adb_ubus}" -S -M r -m invoke monitor | \
+ { grep -qE "\"method\":\"(set|signal)\",\"data\":\{\"name\":\"${adb_dns}\""; [ $? -eq 0 ] && /etc/init.d/adblock start; }
+else
+ logger -p "err" -t "adblock-${adb_basever} [${$}]" "can't start ubus/adblock service"
+fi
#
LC_ALL=C
PATH="/usr/sbin:/usr/bin:/sbin:/bin"
-adb_ver="3.6.5-2"
+adb_ver="3.8.2"
adb_sysver="unknown"
adb_enabled=0
adb_debug=0
adb_forcedns=0
-adb_jail=0
-adb_maxqueue=8
-adb_notify=0
-adb_notifycnt=0
+adb_maxqueue=4
+adb_mail=0
+adb_mcnt=0
+adb_trigger="wan"
adb_triggerdelay=0
-adb_backup=0
-adb_backup_mode=0
-adb_backupdir="/mnt"
+adb_backupdir="/tmp"
adb_fetchutil="uclient-fetch"
adb_dns="dnsmasq"
+adb_dnsvariant="nxdomain"
adb_dnsprefix="adb_list"
adb_dnsfile="${adb_dnsprefix}.overall"
-adb_dnsjail="${adb_dnsprefix}.jail"
+adb_dnsfilereset="false"
adb_dnsflush=0
+adb_blacklist="/etc/adblock/adblock.blacklist"
adb_whitelist="/etc/adblock/adblock.whitelist"
adb_rtfile="/tmp/adb_runtime.json"
-adb_hashutil="$(command -v sha256sum)"
-adb_hashold=""
-adb_hashnew=""
adb_report=0
adb_repiface="br-lan"
adb_replisten="53"
adb_rc=0
adb_action="${1:-"start"}"
adb_pidfile="/var/run/adblock.pid"
+adb_ubusservice="/etc/adblock/adblock.service"
+adb_mailservice="/etc/adblock/adblock.mail"
+adb_sources=""
# load adblock environment
#
-f_envload()
+f_load()
{
local dns_up sys_call sys_desc sys_model cnt=0
sys_call="$(ubus -S call system board 2>/dev/null)"
if [ -n "${sys_call}" ]
then
- sys_desc="$(printf '%s' "${sys_call}" | jsonfilter -e '@.release.description')"
- sys_model="$(printf '%s' "${sys_call}" | jsonfilter -e '@.model')"
+ sys_desc="$(printf "%s" "${sys_call}" | jsonfilter -e '@.release.description')"
+ sys_model="$(printf "%s" "${sys_call}" | jsonfilter -e '@.model')"
adb_sysver="${sys_model}, ${sys_desc}"
fi
- # check hash utility
- #
- if [ ! -x "${adb_hashutil}" ]
- then
- adb_hashutil="$(command -v md5sum)"
- fi
-
# parse 'global' and 'extra' section by callback
#
config_cb()
config_load adblock
config_foreach parse_config source
- # check dns backend
+ # version check
+ #
+ if [ -z "${adb_basever}" ] || [ "${adb_ver%.*}" != "${adb_basever}" ]
+ then
+ f_log "info" "your adblock config seems to be too old, please update your config with the '--force-maintainer' opkg option"
+ exit 0
+ fi
+
+ # set dns backend
#
case "${adb_dns}" in
- dnsmasq)
+ "dnsmasq")
adb_dnsinstance="${adb_dnsinstance:-"0"}"
adb_dnsuser="${adb_dnsuser:-"dnsmasq"}"
adb_dnsdir="${adb_dnsdir:-"/tmp"}"
adb_dnsheader=""
- adb_dnsdeny="awk '{print \"server=/\"\$0\"/\"}'"
- adb_dnsallow="awk '{print \"server=/\"\$0\"/#\"}'"
- adb_dnshalt="server=/#/"
+ if [ "${adb_dnsvariant}" = "nxdomain" ]
+ then
+ adb_dnsdeny="awk '{print \"server=/\"\$0\"/\"}'"
+ adb_dnsallow="awk '{print \"server=/\"\$0\"/#\"}'"
+ elif [ "${adb_dnsvariant}" = "null (IPv4)" ]
+ then
+ adb_dnsdeny="awk '{print \"0.0.0.0\\t\"\$0\"\"}'"
+ elif [ "${adb_dnsvariant}" = "null (IPv4/IPv6)" ]
+ then
+ adb_dnsdeny="awk '{print \"0.0.0.0\\t\"\$0\"\\n::\\t\"\$0\"\"}'"
+ fi
+ adb_dnsallow=""
;;
- unbound)
+ "unbound")
adb_dnsinstance="${adb_dnsinstance:-"0"}"
adb_dnsuser="${adb_dnsuser:-"unbound"}"
adb_dnsdir="${adb_dnsdir:-"/var/lib/unbound"}"
adb_dnsheader=""
- adb_dnsdeny="awk '{print \"local-zone: \042\"\$0\"\042 static\"}'"
- adb_dnsallow="awk '{print \"local-zone: \042\"\$0\"\042 transparent\"}'"
- adb_dnshalt="local-zone: \".\" static"
+ adb_dnsdeny="awk '{print \"local-zone: \\042\"\$0\"\\042 static\"}'"
+ adb_dnsallow="awk '{print \"local-zone: \\042\"\$0\"\\042 transparent\"}'"
;;
- named)
+ "named")
adb_dnsinstance="${adb_dnsinstance:-"0"}"
adb_dnsuser="${adb_dnsuser:-"bind"}"
adb_dnsdir="${adb_dnsdir:-"/var/lib/bind"}"
adb_dnsheader="\$TTL 2h"$'\n'"@ IN SOA localhost. root.localhost. (1 6h 1h 1w 2h)"$'\n'" IN NS localhost."
- adb_dnsdeny="awk '{print \"\"\$0\" CNAME .\n*.\"\$0\" CNAME .\"}'"
- adb_dnsallow="awk '{print \"\"\$0\" CNAME rpz-passthru.\n*.\"\$0\" CNAME rpz-passthru.\"}'"
- adb_dnshalt="* CNAME ."
+ adb_dnsdeny="awk '{print \"\"\$0\" CNAME .\\n*.\"\$0\" CNAME .\"}'"
+ adb_dnsallow="awk '{print \"\"\$0\" CNAME rpz-passthru.\\n*.\"\$0\" CNAME rpz-passthru.\"}'"
;;
- kresd)
+ "kresd")
adb_dnsinstance="${adb_dnsinstance:-"0"}"
adb_dnsuser="${adb_dnsuser:-"root"}"
adb_dnsdir="${adb_dnsdir:-"/etc/kresd"}"
adb_dnsheader="\$TTL 2h"$'\n'"@ IN SOA localhost. root.localhost. (1 6h 1h 1w 2h)"$'\n'" IN NS localhost."
- adb_dnsdeny="awk '{print \"\"\$0\" CNAME .\n*.\"\$0\" CNAME .\"}'"
- adb_dnsallow="awk '{print \"\"\$0\" CNAME rpz-passthru.\n*.\"\$0\" CNAME rpz-passthru.\"}'"
- adb_dnshalt="* CNAME ."
- ;;
- dnscrypt-proxy)
- adb_dnsinstance="${adb_dnsinstance:-"0"}"
- adb_dnsuser="${adb_dnsuser:-"nobody"}"
- adb_dnsdir="${adb_dnsdir:-"/tmp"}"
- adb_dnsheader=""
- adb_dnsdeny="awk '{print \$0}'"
- adb_dnsallow=""
- adb_dnshalt=""
+ adb_dnsdeny="awk '{print \"\"\$0\" CNAME .\\n*.\"\$0\" CNAME .\"}'"
+ adb_dnsallow="awk '{print \"\"\$0\" CNAME rpz-passthru.\\n*.\"\$0\" CNAME rpz-passthru.\"}'"
;;
esac
- # check adblock status
+ # status check
#
- if [ ${adb_enabled} -eq 0 ]
+ if [ "${adb_enabled}" -eq 0 ]
then
f_extconf
f_temp
f_rmdns
f_jsnup "disabled"
- f_log "info" "adblock is currently disabled, please set adb_enabled to '1' to use this service"
+ f_log "info" "adblock is currently disabled, please set the config option 'adb_enabled' to '1' to use this service"
exit 0
fi
+ # dns backend check
+ #
if [ -d "${adb_dnsdir}" ] && [ ! -f "${adb_dnsdir}/${adb_dnsfile}" ]
then
- printf '%s\n' "${adb_dnsheader}" > "${adb_dnsdir}/${adb_dnsfile}"
+ printf "%s\\n" "${adb_dnsheader}" > "${adb_dnsdir}/${adb_dnsfile}"
fi
if [ "${adb_action}" = "start" ] && [ "${adb_trigger}" = "timed" ]
sleep ${adb_triggerdelay}
fi
- while [ ${cnt} -le 30 ]
+ while [ "${cnt}" -le 30 ]
do
dns_up="$(ubus -S call service list "{\"name\":\"${adb_dns}\"}" 2>/dev/null | jsonfilter -l1 -e "@[\"${adb_dns}\"].instances.*.running" 2>/dev/null)"
if [ "${dns_up}" = "true" ]
if [ "${dns_up}" != "true" ] || [ -z "${adb_dns}" ] || [ ! -x "$(command -v ${adb_dns})" ]
then
- f_log "err" "'${adb_dns}' not running or not executable"
+ f_log "err" "'${adb_dns}' not running or executable"
elif [ ! -d "${adb_dnsdir}" ]
then
f_log "err" "'${adb_dnsdir}' backend directory not found"
fi
}
-# check environment
+# check & set environment
#
-f_envcheck()
+f_env()
{
local ssl_lib
- # startup message
- #
f_log "info" "adblock instance started ::: action: ${adb_action}, priority: ${adb_nice:-"0"}, pid: ${$}"
f_jsnup "running"
+ f_extconf
- # check external uci config files
+ # check backup directory
#
- f_extconf
+ if [ ! -d "${adb_backupdir}" ]
+ then
+ f_log "err" "the backup directory '${adb_backupdir}' does not exist/is not mounted yet, please create the directory or raise the 'adb_triggerdelay' to defer the adblock start"
+ fi
# check fetch utility
#
#
f_temp()
{
- if [ -z "${adb_tmpdir}" ]
+ if [ -d "/tmp" ] && [ -z "${adb_tmpdir}" ]
then
adb_tmpdir="$(mktemp -p /tmp -d)"
- adb_tmpload="$(mktemp -p ${adb_tmpdir} -tu)"
- adb_tmpfile="$(mktemp -p ${adb_tmpdir} -tu)"
+ adb_tmpload="$(mktemp -p "${adb_tmpdir}" -tu)"
+ adb_tmpfile="$(mktemp -p "${adb_tmpdir}" -tu)"
+ elif [ ! -d "/tmp" ]
+ then
+ f_log "err" "the temp directory '/tmp' does not exist/is not mounted yet, please create the directory or raise the 'adb_triggerdelay' to defer the adblock start"
fi
if [ ! -s "${adb_pidfile}" ]
then
- printf '%s' "${$}" > "${adb_pidfile}"
+ printf "%s" "${$}" > "${adb_pidfile}"
fi
}
> "${adb_pidfile}"
}
-# remove dns related files and directories
+# remove dns related files, services and directories
#
f_rmdns()
{
if [ -n "${adb_dns}" ]
then
- f_hash
- printf '%s\n' "${adb_dnsheader}" > "${adb_dnsdir}/${adb_dnsfile}"
- > "${adb_dnsdir}/.${adb_dnsfile}"
+ printf "%s\\n" "${adb_dnsheader}" > "${adb_dnsdir}"/"${adb_dnsfile}"
> "${adb_rtfile}"
- rm -f "${adb_backupdir}/${adb_dnsprefix}"*.gz
- f_hash
- if [ ${?} -eq 1 ]
- then
- f_dnsup
- fi
+ rm -f "${adb_backupdir}"/"${adb_dnsprefix}"*".gz"
+ f_dnsup
f_rmtemp
fi
f_log "debug" "f_rmdns ::: dns: ${adb_dns}, dns_dir: ${adb_dnsdir}, dns_prefix: ${adb_dnsprefix}, dns_file: ${adb_dnsfile}, rt_file: ${adb_rtfile}, backup_dir: ${adb_backupdir}"
then
uci_commit "${config}"
case "${config}" in
- firewall)
+ "firewall")
/etc/init.d/firewall reload >/dev/null 2>&1
;;
*)
+ > "${adb_dnsdir}/${adb_dnsfile}"
+ f_count
+ f_jsnup "running"
/etc/init.d/"${adb_dns}" reload >/dev/null 2>&1
;;
esac
local mode="${1}"
adb_cnt=0
- if [ -s "${adb_dnsdir}/${adb_dnsfile}" ] && ([ -z "${mode}" ] || [ "${mode}" = "final" ])
+ if [ -s "${adb_dnsdir}/${adb_dnsfile}" ] && { [ -z "${mode}" ] || [ "${mode}" = "final" ]; }
then
adb_cnt="$(wc -l 2>/dev/null < "${adb_dnsdir}/${adb_dnsfile}")"
- if [ -s "${adb_tmpdir}/tmp.add_whitelist" ]
+ if [ -s "${adb_tmpdir}/tmp.add.whitelist" ]
then
- adb_cnt="$(( ${adb_cnt} - $(wc -l 2>/dev/null < "${adb_tmpdir}/tmp.add_whitelist") ))"
+ adb_cnt="$((adb_cnt-$(wc -l 2>/dev/null < "${adb_tmpdir}/tmp.add.whitelist")))"
fi
- if [ "${adb_dns}" = "named" ] || [ "${adb_dns}" = "kresd" ]
+ if [ "${adb_dns}" = "named" ] || [ "${adb_dns}" = "kresd" ] || { [ "${adb_dns}" = "dnsmasq" ] && [ "${adb_dnsvariant}" = "null (IPv4/IPv6)" ]; }
then
- adb_cnt="$(( (${adb_cnt} - $(printf '%s' "${adb_dnsheader}" | grep -c "^")) / 2 ))"
+ adb_cnt="$(((adb_cnt-$(printf "%s" "${adb_dnsheader}" | grep -c "^"))/2))"
fi
+ elif [ "${mode}" = "blacklist" ] && [ -s "${adb_tmpfile}.blacklist" ]
+ then
+ adb_cnt="$(wc -l 2>/dev/null < "${adb_tmpfile}.blacklist")"
+ elif [ "${mode}" = "whitelist" ] && [ -s "${adb_tmpdir}/tmp.raw.whitelist" ]
+ then
+ adb_cnt="$(wc -l 2>/dev/null < "${adb_tmpdir}/tmp.raw.whitelist")"
elif [ -s "${adb_tmpfile}" ]
then
adb_cnt="$(wc -l 2>/dev/null < "${adb_tmpfile}")"
local uci_config port port_list="53 853 5353"
case "${adb_dns}" in
- dnsmasq)
+ "dnsmasq")
uci_config="dhcp"
- if [ ${adb_enabled} -eq 1 ] && [ -n "$(uci_get dhcp "@dnsmasq[${adb_dnsinstance}]")" ] && \
- [ -z "$(uci_get dhcp "@dnsmasq[${adb_dnsinstance}]" serversfile | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ] && \
- [ -z "$(uci_get dhcp "@dnsmasq[${adb_dnsinstance}]" serversfile | grep -Fo "${adb_dnsdir}/${adb_dnsjail}")" ]
+ if [ "${adb_dnsvariant}" = "nxdomain" ]
then
- uci_set dhcp "@dnsmasq[${adb_dnsinstance}]" serversfile "${adb_dnsdir}/${adb_dnsfile}"
- elif [ ${adb_enabled} -eq 0 ] && [ -n "$(uci_get dhcp "@dnsmasq[${adb_dnsinstance}]" serversfile | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+ if [ "${adb_enabled}" -eq 1 ] && [ -z "$(uci_get dhcp "@dnsmasq[${adb_dnsinstance}]" serversfile | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+ then
+ uci_set dhcp "@dnsmasq[${adb_dnsinstance}]" serversfile "${adb_dnsdir}/${adb_dnsfile}"
+ if [ -n "$(uci_get dhcp "@dnsmasq[${adb_dnsinstance}]" addnhosts | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+ then
+ uci -q del_list dhcp.@dnsmasq[${adb_dnsinstance}].addnhosts="${adb_dnsdir}/${adb_dnsfile}"
+ fi
+ elif [ "${adb_enabled}" -eq 0 ] && [ -n "$(uci_get dhcp "@dnsmasq[${adb_dnsinstance}]" serversfile | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+ then
+ uci_remove dhcp "@dnsmasq[${adb_dnsinstance}]" serversfile
+ fi
+ elif [ "${adb_dnsvariant% *}" = "null" ]
then
- uci_remove dhcp "@dnsmasq[${adb_dnsinstance}]" serversfile
+ if [ "${adb_enabled}" -eq 1 ] && [ -z "$(uci_get dhcp "@dnsmasq[${adb_dnsinstance}]" addnhosts | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+ then
+ uci -q add_list dhcp.@dnsmasq[${adb_dnsinstance}].addnhosts="${adb_dnsdir}/${adb_dnsfile}"
+ if [ -n "$(uci_get dhcp "@dnsmasq[${adb_dnsinstance}]" serversfile | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+ then
+ uci_remove dhcp "@dnsmasq[${adb_dnsinstance}]" serversfile
+ fi
+ elif [ "${adb_enabled}" -eq 0 ] && [ -n "$(uci_get dhcp "@dnsmasq[${adb_dnsinstance}]" addnhosts | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+ then
+ uci_remove dhcp "@dnsmasq[${adb_dnsinstance}]" addnhosts
+ fi
fi
;;
- kresd)
+ "kresd")
uci_config="resolver"
- if [ ${adb_enabled} -eq 1 ] && [ -z "$(uci_get resolver kresd rpz_file | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+ if [ "${adb_enabled}" -eq 1 ] && [ -z "$(uci_get resolver kresd rpz_file | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
then
uci -q add_list resolver.kresd.rpz_file="${adb_dnsdir}/${adb_dnsfile}"
- elif [ ${adb_enabled} -eq 0 ] && [ -n "$(uci_get resolver kresd rpz_file | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+ elif [ "${adb_enabled}" -eq 0 ] && [ -n "$(uci_get resolver kresd rpz_file | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
then
uci -q del_list resolver.kresd.rpz_file="${adb_dnsdir}/${adb_dnsfile}"
fi
- if [ ${adb_enabled} -eq 1 ] && [ ${adb_dnsflush} -eq 0 ] && [ "$(uci_get resolver kresd keep_cache)" != "1" ]
+ if [ "${adb_enabled}" -eq 1 ] && [ "${adb_dnsflush}" -eq 0 ] && [ "$(uci_get resolver kresd keep_cache)" != "1" ]
then
uci_set resolver kresd keep_cache "1"
- elif [ ${adb_enabled} -eq 0 ] || ([ ${adb_dnsflush} -eq 1 ] && [ "$(uci_get resolver kresd keep_cache)" = "1" ])
+ elif [ "${adb_enabled}" -eq 0 ] || { [ "${adb_dnsflush}" -eq 1 ] && [ "$(uci_get resolver kresd keep_cache)" = "1" ]; }
then
uci_set resolver kresd keep_cache "0"
fi
f_uci "${uci_config}"
uci_config="firewall"
- if [ ${adb_enabled} -eq 1 ] && [ ${adb_forcedns} -eq 1 ] && \
- [ -z "$(uci_get firewall adblock_dns_53)" ] && [ $(/etc/init.d/firewall enabled; printf '%u' ${?}) -eq 0 ]
+ if [ "${adb_enabled}" -eq 1 ] && [ "${adb_forcedns}" -eq 1 ] && \
+ [ -z "$(uci_get firewall adblock_dns_53)" ] && [ "$(/etc/init.d/firewall enabled; printf "%u" ${?})" -eq 0 ]
then
for port in ${port_list}
do
uci_set firewall "adblock_dns_${port}" "dest_port" "${port}"
uci_set firewall "adblock_dns_${port}" "target" "DNAT"
done
- elif [ -n "$(uci_get firewall adblock_dns_53)" ] && ([ ${adb_enabled} -eq 0 ] || [ ${adb_forcedns} -eq 0 ])
+ elif [ -n "$(uci_get firewall adblock_dns_53)" ] && { [ "${adb_enabled}" -eq 0 ] || [ "${adb_forcedns}" -eq 0 ]; }
then
for port in ${port_list}
do
#
f_dnsup()
{
- local dns_up cache_util cache_rc cnt=0
+ local dns_service dns_up dns_pid dns_procfile cache_util cache_rc cnt=0
- if [ ${adb_dnsflush} -eq 0 ] && [ ${adb_enabled} -eq 1 ] && [ "${adb_rc}" -eq 0 ]
+ if [ "${adb_dnsflush}" -eq 0 ] && [ "${adb_enabled}" -eq 1 ] && [ "${adb_rc}" -eq 0 ]
then
case "${adb_dns}" in
- dnsmasq)
+ "dnsmasq")
killall -q -HUP "${adb_dns}"
cache_rc=${?}
;;
- unbound)
+ "unbound")
cache_util="$(command -v unbound-control)"
if [ -x "${cache_util}" ] && [ -d "${adb_tmpdir}" ] && [ -f "${adb_dnsdir}"/unbound.conf ]
then
fi
"/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
;;
- kresd)
+ "kresd")
cache_util="keep_cache"
"/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
cache_rc=${?}
;;
- named)
+ "named")
cache_util="$(command -v rndc)"
if [ -x "${cache_util}" ] && [ -f /etc/bind/rndc.conf ]
then
"/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
fi
;;
- *)
- "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
- ;;
esac
- else
- "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
fi
adb_rc=1
- while [ ${cnt} -le 10 ]
+ while [ "${cnt}" -le 10 ]
do
- dns_up="$(ubus -S call service list "{\"name\":\"${adb_dns}\"}" | jsonfilter -l1 -e "@[\"${adb_dns}\"].instances.*.running")"
- if [ "${dns_up}" = "true" ]
+ dns_service="$(ubus -S call service list "{\"name\":\"${adb_dns}\"}")"
+ dns_up="$(printf "%s" "${dns_service}" | jsonfilter -l1 -e "@[\"${adb_dns}\"].instances.*.running")"
+ dns_pid="$(printf "%s" "${dns_service}" | jsonfilter -l1 -e "@[\"${adb_dns}\"].instances.*.pid")"
+ dns_procfile="$(ls -l /proc/${dns_pid}/fd 2>/dev/null | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")"
+ if [ "${dns_up}" = "true" ] && [ -n "${dns_pid}" ] && [ -z "${dns_procfile}" ]
then
case "${adb_dns}" in
- unbound)
+ "unbound")
cache_util="$(command -v unbound-control)"
if [ -x "${cache_util}" ] && [ -d "${adb_tmpdir}" ] && [ -s "${adb_tmpdir}"/adb_cache.dump ]
then
- while [ ${cnt} -le 10 ]
+ while [ "${cnt}" -le 10 ]
do
"${cache_util}" -c "${adb_dnsdir}"/unbound.conf load_cache < "${adb_tmpdir}"/adb_cache.dump >/dev/null 2>&1
cache_rc=${?}
- if [ ${cache_rc} -eq 0 ]
+ if [ "${cache_rc}" -eq 0 ]
then
break
fi
#
f_list()
{
- local file mode="${1}" in_rc="${adb_rc}"
+ local file name tmp_file="${adb_tmpfile}" mode="${1}" in_rc="${adb_rc}"
case "${mode}" in
- backup)
+ "blacklist")
+ if [ -s "${adb_blacklist}" ]
+ then
+ src_name="${mode}"
+ adb_blacklist_rset="/^([[:alnum:]_-]+\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}"
+ awk "${adb_blacklist_rset}" "${adb_blacklist}" > "${adb_tmpfile}"."${src_name}"
+ fi
+ ;;
+ "whitelist")
+ if [ -s "${adb_whitelist}" ]
+ then
+ src_name="${mode}"
+ adb_whitelist_rset="/^([[:alnum:]_-]+\\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}"
+ awk "${adb_whitelist_rset}" "${adb_whitelist}" > "${adb_tmpdir}"/tmp.raw."${src_name}"
+
+ adb_whitelist_rset="/^([[:alnum:]_-]+\\.)+[[:alpha:]]+([[:space:]]|$)/{gsub(\"\\\.\",\"\\\.\",\$1);print tolower(\"^\"\$1\"\\\|\\\.\"\$1)}"
+ awk "${adb_whitelist_rset}" "${adb_tmpdir}"/tmp.raw."${src_name}" > "${adb_tmpdir}"/tmp.rem."${src_name}"
+
+ if [ -n "${adb_dnsallow}" ]
+ then
+ eval "${adb_dnsallow}" "${adb_tmpdir}"/tmp.raw."${src_name}" > "${adb_tmpdir}"/tmp.add."${src_name}"
+ fi
+ fi
+ ;;
+ "backup")
if [ -d "${adb_backupdir}" ]
then
gzip -cf "${adb_tmpfile}" 2>/dev/null > "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz"
adb_rc=${?}
fi
;;
- restore)
- if [ -d "${adb_backupdir}" ] && [ -f "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz" ]
+ "restore")
+ if [ -d "${adb_backupdir}" ]
then
- gunzip -cf "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz" 2>/dev/null > "${adb_tmpfile}"
+ if [ -n "${src_name}" ] && [ -f "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz" ]
+ then
+ zcat "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz" 2>/dev/null > "${adb_tmpfile}"
+ else
+ for file in "${adb_backupdir}/${adb_dnsprefix}."*".gz"
+ do
+ name="${file##*/}"
+ name="${name%.*}"
+ zcat "${file}" 2>/dev/null > "${adb_tmpfile}"."${name}"
+ done
+ fi
adb_rc=${?}
fi
;;
- remove)
+ "remove")
if [ -d "${adb_backupdir}" ]
then
rm -f "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz"
fi
adb_rc=${?}
;;
- merge)
+ "merge")
for file in "${adb_tmpfile}".*
do
cat "${file}" 2>/dev/null >> "${adb_tmpdir}/${adb_dnsfile}"
- if [ ${?} -ne 0 ]
+ if [ "${?}" -ne 0 ]
then
adb_rc=${?}
break
done
adb_tmpfile="${adb_tmpdir}/${adb_dnsfile}"
;;
- final)
+ "final")
> "${adb_dnsdir}/${adb_dnsfile}"
- if [ -s "${adb_tmpdir}/tmp.add_whitelist" ]
+ if [ -s "${adb_tmpdir}/tmp.add.whitelist" ]
then
- cat "${adb_tmpdir}/tmp.add_whitelist" >> "${adb_dnsdir}/${adb_dnsfile}"
+ cat "${adb_tmpdir}/tmp.add.whitelist" >> "${adb_dnsdir}/${adb_dnsfile}"
fi
- if [ -s "${adb_tmpdir}/tmp.rem_whitelist" ]
+ if [ -s "${adb_tmpdir}/tmp.rem.whitelist" ]
then
- grep -vf "${adb_tmpdir}/tmp.rem_whitelist" "${adb_tmpdir}/${adb_dnsfile}" | eval "${adb_dnsdeny}" >> "${adb_dnsdir}/${adb_dnsfile}"
+ grep -vf "${adb_tmpdir}/tmp.rem.whitelist" "${adb_tmpdir}/${adb_dnsfile}" | eval "${adb_dnsdeny}" >> "${adb_dnsdir}/${adb_dnsfile}"
else
eval "${adb_dnsdeny}" "${adb_tmpdir}/${adb_dnsfile}" >> "${adb_dnsdir}/${adb_dnsfile}"
fi
- if [ ${?} -eq 0 ] && [ -n "${adb_dnsheader}" ]
+ if [ "${?}" -eq 0 ] && [ -n "${adb_dnsheader}" ]
then
- printf '%s\n' "${adb_dnsheader}" | cat - "${adb_dnsdir}/${adb_dnsfile}" > "${adb_tmpdir}/${adb_dnsfile}"
+ printf "%s\\n" "${adb_dnsheader}" | cat - "${adb_dnsdir}/${adb_dnsfile}" > "${adb_tmpdir}/${adb_dnsfile}"
mv -f "${adb_tmpdir}/${adb_dnsfile}" "${adb_dnsdir}/${adb_dnsfile}"
fi
adb_rc=${?}
#
f_tld()
{
- local cnt cnt_srt cnt_tld source="${1}" temp_src="${1}.src.gz" temp_tld="${1}.tld" tld_ok="false"
+ local cnt cnt_srt cnt_tld source="${1}" temp_tld="${1}.tld" tld_ok="false"
- gzip -cf "${source}" 2>/dev/null > "${temp_src}"
- if [ ${?} -eq 0 ]
- then
- cnt="$(wc -l 2>/dev/null < "${source}")"
+ cnt="$(wc -l 2>/dev/null < "${source}")"
+ if [ "${adb_dns}" != "dnsmasq" ] && [ "${adb_dnsvariant% *}" != "null" ]
+ then
awk 'BEGIN{FS="."}{for(f=NF;f>1;f--)printf "%s.",$f;print $1}' "${source}" > "${temp_tld}"
- if [ ${?} -eq 0 ]
+ if [ "${?}" -eq 0 ]
then
sort -u "${temp_tld}" > "${source}"
- if [ ${?} -eq 0 ]
+ if [ "${?}" -eq 0 ]
then
cnt_srt="$(wc -l 2>/dev/null < "${source}")"
awk '{if(NR==1){tld=$NF};while(getline){if($NF!~tld"\\."){print tld;tld=$NF}}print tld}' "${source}" > "${temp_tld}"
- if [ ${?} -eq 0 ]
+ if [ "${?}" -eq 0 ]
then
awk 'BEGIN{FS="."}{for(f=NF;f>1;f--)printf "%s.",$f;print $1}' "${temp_tld}" > "${source}"
- if [ ${?} -eq 0 ]
+ if [ "${?}" -eq 0 ]
then
rm -f "${temp_src}" "${temp_tld}"
cnt_tld="$(wc -l 2>/dev/null < "${source}")"
fi
fi
fi
+ else
+ sort -u "${source}" > "${temp_tld}"
+ if [ "${?}" -eq 0 ]
+ then
+ mv -f "${temp_tld}" "${source}"
+ cnt_srt="$(wc -l 2>/dev/null < "${source}")"
+ tld_ok="true"
+ fi
fi
-
if [ "${tld_ok}" = "false" ]
then
+ unset cnt_srt cnt_tld
rm -f "${temp_tld}"
- gunzip -cf "${temp_src}" 2>/dev/null > "${source}"
- if [ ${?} -ne 0 ]
- then
- rm -f "${temp_src}"
- > "${source}"
- fi
+ f_list blacklist
+ f_list whitelist
+ f_list restore
+ f_list merge
+ f_list final
+ cnt="$(wc -l 2>/dev/null < "${adb_tmpdir}"/"${adb_dnsfile}")"
fi
f_log "debug" "f_tld ::: source: ${source}, cnt: ${cnt:-"-"}, cnt_srt: ${cnt_srt:-"-"}, cnt_tld: ${cnt_tld:-"-"}, tld_ok: ${tld_ok}"
}
-# blocklist hash compare
-#
-f_hash()
-{
- local hash hash_rc=1
-
- if [ -x "${adb_hashutil}" ] && [ -f "${adb_dnsdir}/${adb_dnsfile}" ]
- then
- hash="$(${adb_hashutil} "${adb_dnsdir}/${adb_dnsfile}" 2>/dev/null | awk '{print $1}')"
- if [ -z "${adb_hashold}" ] && [ -n "${hash}" ]
- then
- adb_hashold="${hash}"
- elif [ -z "${adb_hashnew}" ] && [ -n "${hash}" ]
- then
- adb_hashnew="${hash}"
- fi
- if [ -n "${adb_hashold}" ] && [ -n "${adb_hashnew}" ]
- then
- if [ "${adb_hashold}" = "${adb_hashnew}" ]
- then
- hash_rc=0
- fi
- adb_hashold=""
- adb_hashnew=""
- fi
- fi
- f_log "debug" "f_hash ::: hash_util: ${adb_hashutil}, hash: ${hash}, out_rc: ${hash_rc}"
- return ${hash_rc}
-}
-
# suspend/resume adblock processing
#
f_switch()
{
- local status cnt mode="${1}"
+ local status done="false" mode="${1}"
json_load_file "${adb_rtfile}" >/dev/null 2>&1
- json_select "data"
+ json_select "data" >/dev/null 2>&1
json_get_var status "adblock_status"
- json_get_var cnt "overall_domains"
-
+ f_temp
if [ "${mode}" = "suspend" ] && [ "${status}" = "enabled" ]
then
- if [ ${cnt%% *} -gt 0 ] && [ -s "${adb_dnsdir}/${adb_dnsfile}" ]
+ > "${adb_dnsdir}/${adb_dnsfile}"
+ if [ -n "${adb_dnsheader}" ]
then
- f_hash
- cat "${adb_dnsdir}/${adb_dnsfile}" > "${adb_dnsdir}/.${adb_dnsfile}"
- printf '%s\n' "${adb_dnsheader}" > "${adb_dnsdir}/${adb_dnsfile}"
- f_hash
+ printf "%s\\n" "${adb_dnsheader}" > "${adb_dnsdir}/${adb_dnsfile}"
fi
+ done="true"
elif [ "${mode}" = "resume" ] && [ "${status}" = "paused" ]
then
- if [ ${cnt%% *} -gt 0 ] && [ -s "${adb_dnsdir}/.${adb_dnsfile}" ]
- then
- f_hash
- cat "${adb_dnsdir}/.${adb_dnsfile}" > "${adb_dnsdir}/${adb_dnsfile}"
- > "${adb_dnsdir}/.${adb_dnsfile}"
- f_hash
- fi
+ f_list blacklist
+ f_list whitelist
+ f_list restore
+ f_list merge
+ f_tld "${adb_tmpdir}"/"${adb_dnsfile}"
+ f_list final
+ done="true"
fi
- if [ ${?} -eq 1 ]
+ if [ "${done}" = "true" ]
then
- f_temp
+ if [ "${mode}" = "suspend" ]
+ then
+ f_bgserv "stop"
+ fi
f_dnsup
+ if [ "${mode}" = "resume" ]
+ then
+ f_bgserv "start"
+ fi
f_jsnup "${mode}"
f_log "info" "${mode} adblock processing"
- f_rmtemp
- exit 0
fi
+ f_rmtemp
}
# query blocklist for certain (sub-)domains
if [ -z "${domain}" ] || [ "${domain}" = "${tld}" ]
then
- printf '%s\n' "::: invalid domain input, please submit a single domain, e.g. 'doubleclick.net'"
+ printf "%s\\n" "::: invalid domain input, please submit a single domain, e.g. 'doubleclick.net'"
else
case "${adb_dns}" in
- dnsmasq)
- prefix=".*[\/\.]"
- suffix="(\/)"
- field=2
+ "dnsmasq")
+ if [ "${adb_dnsvariant}" = "nxdomain" ]
+ then
+ prefix=".*[\\/\\.]"
+ suffix="(\\/)"
+ field=2
+ elif [ "${adb_dnsvariant% *}" = "null" ]
+ then
+ prefix="0\\..*[\\t\\.]"
+ suffix=""
+ field=2
+ fi
;;
- unbound)
- prefix=".*[\"\.]"
+ "unbound")
+ prefix=".*[\"\\.]"
suffix="(static)"
field=3
;;
- named)
- prefix="[^\*].*[\.]"
- suffix="( \.)"
- field=1
- ;;
- kresd)
- prefix="[^\*].*[\.]"
- suffix="( \.)"
+ "named")
+ prefix="[^\\*].*[\\.]"
+ suffix="( \\.)"
field=1
;;
- dnscrypt-proxy)
- prefix=".*[\.]"
- suffix=""
+ "kresd")
+ prefix="[^\\*].*[\\.]"
+ suffix="( \\.)"
field=1
;;
esac
- while [ "${domain}" != "${tld}" ]
- do
- search="${domain//./\\.}"
- search="${search//[+*~%\$&\"\']/}"
- result="$(awk -F '/|\"| ' "/^(${search}|${prefix}+${search}.*${suffix}$)/{i++;{printf(\" + %s\n\",\$${field})};if(i>9){printf(\" + %s\n\",\"[...]\");exit}}" "${adb_dnsdir}/${adb_dnsfile}")"
- printf '%s\n%s\n%s\n' ":::" "::: results for domain '${domain}'" ":::"
- printf '%s\n' "${result:-" - no match"}"
- domain="${tld}"
- tld="${domain#*.}"
- done
-
- if [ ${adb_backup} -eq 1 ] && [ -d "${adb_backupdir}" ]
+ if [ "${adb_dnsfilereset}" = "false" ]
+ then
+ while [ "${domain}" != "${tld}" ]
+ do
+ search="${domain//./\\.}"
+ search="${search//[+*~%\$&\"\']/}"
+ result="$(awk -F '/|\"|\t| ' "/^(${prefix}+${search}.*${suffix}$)/{i++;{printf(\" + %s\\n\",\$${field})};if(i>9){printf(\" + %s\\n\",\"[...]\");exit}}" "${adb_dnsdir}/${adb_dnsfile}")"
+ printf "%s\\n%s\\n%s\\n" ":::" "::: results for domain '${domain}' in active blocklist" ":::"
+ printf "%s\n\n" "${result:-" - no match"}"
+ domain="${tld}"
+ tld="${domain#*.}"
+ done
+ fi
+ if [ -d "${adb_backupdir}" ]
then
search="${1//./\\.}"
search="${search//[+*~%\$&\"\']/}"
- printf '%s\n%s\n%s\n' ":::" "::: results for domain '${1}' in backups" ":::"
- for file in ${adb_backupdir}/${adb_dnsprefix}.*.gz
+ printf "%s\\n%s\\n%s\\n" ":::" "::: results for domain '${1}' in backups and black-/whitelist" ":::"
+ for file in "${adb_backupdir}"/"${adb_dnsprefix}".*.gz "${adb_blacklist}" "${adb_whitelist}"
do
- zcat "${file}" 2>/dev/null | awk -v f="${file##*/}" "/^($search|.*\.${search})/{i++;{printf(\" + %-30s%s\n\",f,\$1)};if(i>=3){printf(\" + %-30s%s\n\",f,\"[...]\");exit}}"
+ suffix="${file##*.}"
+ if [ "${suffix}" = "gz" ]
+ then
+ zcat "${file}" 2>/dev/null | awk -v f="${file##*/}" "/^($search|.*\\.${search})/{i++;{printf(\" + %-30s%s\\n\",f,\$1)};if(i>=3){printf(\" + %-30s%s\\n\",f,\"[...]\");exit}}"
+ else
+ cat "${file}" 2>/dev/null | awk -v f="${file##*/}" "/^($search|.*\\.${search})/{i++;{printf(\" + %-30s%s\\n\",f,\$1)};if(i>=3){printf(\" + %-30s%s\\n\",f,\"[...]\");exit}}"
+ fi
done
fi
fi
#
f_jsnup()
{
- local run_time bg_pid status="${1:-"enabled"}" mode="normal mode"
+ local run_time bg_pid status="${1:-"enabled"}"
- if [ ${adb_rc} -gt 0 ]
+ if [ "${adb_rc}" -gt 0 ]
then
status="error"
run_time="$(/bin/date "+%d.%m.%Y %H:%M:%S")"
then
status=""
fi
- if [ ${adb_backup_mode} -eq 1 ]
- then
- mode="backup mode"
- fi
json_load_file "${adb_rtfile}" >/dev/null 2>&1
json_select "data" >/dev/null 2>&1
- if [ ${?} -eq 0 ]
+ if [ "${?}" -eq 0 ]
then
if [ -z "${adb_fetchinfo}" ]
then
json_add_object "data"
json_add_string "adblock_status" "${status:-"enabled"}"
json_add_string "adblock_version" "${adb_ver}"
- json_add_string "overall_domains" "${adb_cnt:-0} (${mode})"
+ json_add_string "overall_domains" "${adb_cnt:-0}"
json_add_string "fetch_utility" "${adb_fetchinfo:-"-"}"
- json_add_string "dns_backend" "${adb_dns} (${adb_dnsdir})"
+ json_add_string "dns_backend" "${adb_dns}, ${adb_dnsdir}"
+ json_add_string "dns_variant" "${adb_dnsvariant}, ${adb_dnsfilereset:-"false"}"
+ json_add_string "backup_dir" "${adb_backupdir}"
json_add_string "last_rundate" "${run_time:-"-"}"
json_add_string "system_release" "${adb_sysver}"
json_close_object
json_dump > "${adb_rtfile}"
- if [ ${adb_notify} -eq 1 ] && [ -x /etc/adblock/adblock.notify ] && \
- ([ "${status}" = "error" ] || ([ "${status}" = "enabled" ] && [ ${adb_cnt} -le ${adb_notifycnt} ]))
+ if [ ${adb_mail} -eq 1 ] && [ -x "${adb_mailservice}" ] && \
+ { [ "${status}" = "error" ] || { [ "${status}" = "enabled" ] && [ "${adb_cnt}" -le "${adb_mcnt}" ]; } }
then
- (/etc/adblock/adblock.notify >/dev/null 2>&1)&
+ ("${adb_mailservice}" >/dev/null 2>&1)&
bg_pid=${!}
fi
- f_log "debug" "f_jsnup ::: status: ${status:-"-"}, mode: ${mode}, cnt: ${adb_cnt}, notify: ${adb_notify}, notify_cnt: ${adb_notifycnt}, notify_pid: ${bg_pid:-"-"}"
+ f_log "debug" "f_jsnup ::: status: ${status:-"-"}, cnt: ${adb_cnt}, mail: ${adb_mail}, mail_service: ${adb_mailservice}, mail_cnt: ${adb_mcnt}, mail_pid: ${bg_pid:-"-"}"
}
# write to syslog
{
local class="${1}" log_msg="${2}"
- if [ -n "${log_msg}" ] && ([ "${class}" != "debug" ] || [ ${adb_debug} -eq 1 ])
+ if [ -n "${log_msg}" ] && { [ "${class}" != "debug" ] || [ ${adb_debug} -eq 1 ]; }
then
logger -p "${class}" -t "adblock-${adb_ver}[${$}]" "${log_msg}"
if [ "${class}" = "err" ]
fi
}
+# start ubus monitor service to trace dns backend events
+#
+f_bgserv()
+{
+ local bg_pid status="${1}"
+
+ bg_pid="$(pgrep -f "^/bin/sh ${adb_ubusservice}|^/bin/ubus -S -M r -m invoke monitor|^grep -qF \"method\":\"set\",\"data\":\\{\"name\":\"${adb_dns}\"" | awk '{ORS=" "; print $1}')"
+ if [ -z "${bg_pid}" ] && [ "${status}" = "start" ] \
+ && [ -x "${adb_ubusservice}" ] && [ "${adb_dnsfilereset}" = "true" ]
+ then
+ ( "${adb_ubusservice}" &)
+ elif [ -n "${bg_pid}" ] && [ "${status}" = "stop" ]
+ then
+ kill -HUP ${bg_pid} 2>/dev/null
+ fi
+ f_log "debug" "f_bgserv ::: status: ${status:-"-"}, bg_pid: ${bg_pid:-"-"}, dns_filereset: ${adb_dnsfilereset:-"-"}, ubus_service: ${adb_ubusservice:-"-"}"
+}
+
# main function for blocklist processing
#
f_main()
mem_free="$(awk '/^MemFree/ {print int($2/1000)}' "/proc/meminfo" 2>/dev/null)"
tmp_load="${adb_tmpload}"
tmp_file="${adb_tmpfile}"
- > "${adb_dnsdir}/.${adb_dnsfile}"
- > "${adb_tmpdir}/tmp.raw_whitelist"
- > "${adb_tmpdir}/tmp.add_whitelist"
- > "${adb_tmpdir}/tmp.rem_whitelist"
- f_log "debug" "f_main ::: dns: ${adb_dns}, fetch_util: ${adb_fetchinfo}, backup: ${adb_backup}, backup_mode: ${adb_backup_mode}, dns_jail: ${adb_jail}, force_dns: ${adb_forcedns}, mem_total: ${mem_total:-0}, mem_free: ${mem_free:-0}, max_queue: ${adb_maxqueue}"
-
- # prepare whitelist entries
- #
- if [ -s "${adb_whitelist}" ]
- then
- adb_whitelist_rset="/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}"
- awk "${adb_whitelist_rset}" "${adb_whitelist}" > "${adb_tmpdir}/tmp.raw_whitelist"
- f_tld "${adb_tmpdir}/tmp.raw_whitelist"
-
- adb_whitelist_rset="/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{gsub(\"\\\.\",\"\\\.\",\$1);print tolower(\"^\"\$1\"\\\|\\\.\"\$1)}"
- awk "${adb_whitelist_rset}" "${adb_tmpdir}/tmp.raw_whitelist" > "${adb_tmpdir}/tmp.rem_whitelist"
-
- if [ -n "${adb_dnsallow}" ]
- then
- eval "${adb_dnsallow}" "${adb_tmpdir}/tmp.raw_whitelist" > "${adb_tmpdir}/tmp.add_whitelist"
- fi
- fi
-
- # build 'dnsjail' list
- #
- if [ ${adb_jail} -eq 1 ]
- then
- cat "${adb_tmpdir}/tmp.add_whitelist" > "/tmp/${adb_dnsjail}"
- printf '%s\n' "${adb_dnshalt}" >> "/tmp/${adb_dnsjail}"
- if [ -n "${adb_dnsheader}" ]
- then
- printf '%s\n' "${adb_dnsheader}" | cat - "/tmp/${adb_dnsjail}" > "${adb_tmpdir}/tmp.dnsjail"
- cat "${adb_tmpdir}/tmp.dnsjail" > "/tmp/${adb_dnsjail}"
- fi
- fi
-
+ f_log "debug" "f_main ::: dns: ${adb_dns}, fetch_util: ${adb_fetchinfo}, force_dns: ${adb_forcedns}, mem_total: ${mem_total:-0}, mem_free: ${mem_free:-0}, max_queue: ${adb_maxqueue}"
+
# main loop
#
+ f_list blacklist
+ f_list whitelist
for src_name in ${adb_sources}
do
- enabled="$(eval printf '%s' \"\${enabled_${src_name}\}\")"
- src_url="$(eval printf '%s' \"\${adb_src_${src_name}\}\")"
- src_rset="$(eval printf '%s' \"\${adb_src_rset_${src_name}\}\")"
- src_cat="$(eval printf '%s' \"\${adb_src_cat_${src_name}\}\")"
- adb_tmpload="${tmp_load}.${src_name}"
- adb_tmpfile="${tmp_file}.${src_name}"
+ enabled="$(eval printf "%s" \"\$\{enabled_${src_name}\}\")"
+ src_url="$(eval printf "%s" \"\$\{adb_src_${src_name}\}\")"
+ src_rset="$(eval printf "%s" \"\$\{adb_src_rset_${src_name}\}\")"
+ src_cat="$(eval printf "%s" \"\$\{adb_src_cat_${src_name}\}\")"
+ adb_tmpload="${tmp_load}"."${src_name}"
+ adb_tmpfile="${tmp_file}"."${src_name}"
# basic pre-checks
#
f_log "debug" "f_main ::: name: ${src_name}, enabled: ${enabled}"
- if [ "${enabled}" != "1" ] || [ -z "${src_url}" ] || [ -z "${src_rset}" ]
+ if [ "${enabled}" != "1" ] || [ -f "${src_url}" ] || [ -z "${src_url}" ] || [ -z "${src_rset}" ]
then
f_list remove
continue
# backup mode
#
- if [ ${adb_backup_mode} -eq 1 ] && [ "${adb_action}" = "start" ] && [ "${src_name}" != "blacklist" ]
+ if [ "${adb_action}" = "start" ]
then
f_list restore
- if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpfile}" ]
+ if [ "${adb_rc}" -eq 0 ] && [ -s "${adb_tmpfile}" ]
then
continue
fi
# download queue processing
#
- if [ "${src_name}" = "blacklist" ]
- then
- if [ -s "${src_url}" ]
- then
- (
- src_log="$(cat "${src_url}" > "${adb_tmpload}" 2>&1)"
- adb_rc=${?}
- if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpload}" ]
- then
- awk "${src_rset}" "${adb_tmpload}" 2>/dev/null > "${adb_tmpfile}"
- adb_rc=${?}
- if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpfile}" ]
- then
- rm -f "${adb_tmpload}"
- f_list download
- fi
- else
- src_log="$(printf '%s' "${src_log}" | awk '{ORS=" ";print $0}')"
- f_log "debug" "f_main ::: name: ${src_name}, url: ${src_url}, rc: ${adb_rc}, log: ${src_log:-"-"}"
- fi
- ) &
- else
- continue
- fi
- elif [ -n "${src_cat}" ]
+ if [ -n "${src_cat}" ]
then
(
- src_arc="${adb_tmpdir}/${src_url##*/}"
+ src_arc="${adb_tmpdir}"/"${src_url##*/}"
src_log="$("${adb_fetchutil}" ${adb_fetchparm} "${src_arc}" "${src_url}" 2>&1)"
adb_rc=${?}
- if [ ${adb_rc} -eq 0 ] && [ -s "${src_arc}" ]
+ if [ "${adb_rc}" -eq 0 ] && [ -s "${src_arc}" ]
then
list="$(tar -tzf "${src_arc}")"
- suffix="$(eval printf '%s' \"\${adb_src_suffix_${src_name}:-\"domains\"\}\")"
+ suffix="$(eval printf "%s" \"\$\{adb_src_suffix_${src_name}:-\"domains\"\}\")"
for cat in ${src_cat}
do
- entry="$(printf '%s' "${list}" | grep -E "[\^/]+${cat}/${suffix}")"
+ entry="$(printf "%s" "${list}" | grep -E "[\\^/]+${cat}/${suffix}")"
if [ -n "${entry}" ]
then
tar -xOzf "${src_arc}" "${entry}" >> "${adb_tmpload}"
adb_rc=${?}
- if [ ${adb_rc} -ne 0 ]
+ if [ "${adb_rc}" -ne 0 ]
then
break
fi
fi
done
else
- src_log="$(printf '%s' "${src_log}" | awk '{ORS=" ";print $0}')"
+ src_log="$(printf "%s" "${src_log}" | awk '{ORS=" ";print $0}')"
f_log "debug" "f_main ::: name: ${src_name}, url: ${src_url}, rc: ${adb_rc}, log: ${src_log:-"-"}"
fi
- if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpload}" ]
+ if [ "${adb_rc}" -eq 0 ] && [ -s "${adb_tmpload}" ]
then
rm -f "${src_arc}"
awk "${src_rset}" "${adb_tmpload}" 2>/dev/null > "${adb_tmpfile}"
adb_rc=${?}
- if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpfile}" ]
+ if [ "${adb_rc}" -eq 0 ] && [ -s "${adb_tmpfile}" ]
then
rm -f "${adb_tmpload}"
f_list download
- if [ ${adb_backup} -eq 1 ]
- then
- f_list backup
- fi
- elif [ ${adb_backup} -eq 1 ]
- then
+ f_list backup
+ else
f_list restore
fi
- elif [ ${adb_backup} -eq 1 ]
- then
+ else
f_list restore
fi
) &
then
awk "${src_rset}" "${adb_tmpload}" 2>/dev/null > "${adb_tmpfile}"
adb_rc=${?}
- if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpfile}" ]
+ if [ "${adb_rc}" -eq 0 ] && [ -s "${adb_tmpfile}" ]
then
rm -f "${adb_tmpload}"
f_list download
- if [ ${adb_backup} -eq 1 ]
- then
- f_list backup
- fi
- elif [ ${adb_backup} -eq 1 ]
- then
+ f_list backup
+ else
f_list restore
fi
else
- src_log="$(printf '%s' "${src_log}" | awk '{ORS=" ";print $0}')"
+ src_log="$(printf "%s" "${src_log}" | awk '{ORS=" ";print $0}')"
f_log "debug" "f_main ::: name: ${src_name}, url: ${src_url}, rc: ${adb_rc}, log: ${src_log:-"-"}"
- if [ ${adb_backup} -eq 1 ]
- then
- f_list restore
- fi
+ f_list restore
fi
) &
fi
- hold=$(( cnt % adb_maxqueue ))
- if [ ${hold} -eq 0 ]
+ hold=$((cnt%adb_maxqueue))
+ if [ "${hold}" -eq 0 ]
then
wait
fi
- cnt=$(( cnt + 1 ))
+ cnt=$((cnt+1))
done
# list merge
adb_tmpfile="${tmp_file}"
f_list merge
- # overall sort and conditional dns restart
+ # tld compression and dns restart
#
- f_hash
- if [ -s "${adb_tmpdir}/${adb_dnsfile}" ]
+ if [ -s "${adb_tmpdir}"/"${adb_dnsfile}" ]
then
- f_tld "${adb_tmpdir}/${adb_dnsfile}"
+ f_tld "${adb_tmpdir}"/"${adb_dnsfile}"
f_list final
else
- > "${adb_dnsdir}/${adb_dnsfile}"
- fi
- chown "${adb_dnsuser}" "${adb_dnsdir}/${adb_dnsfile}" 2>/dev/null
- f_hash
- if [ ${?} -eq 1 ]
- then
- f_dnsup
+ > "${adb_dnsdir}"/"${adb_dnsfile}"
fi
+ chown "${adb_dnsuser}" "${adb_dnsdir}"/"${adb_dnsfile}" 2>/dev/null
+ f_dnsup
f_jsnup
- if [ ${?} -eq 0 ]
+ if [ "${?}" -eq 0 ]
then
- f_log "info" "blocklist with overall ${adb_cnt} domains loaded successfully (${adb_sysver})"
+ if [ "${adb_dnsfilereset}" = "true" ]
+ then
+ > "${adb_dnsdir}"/"${adb_dnsfile}"
+ f_log "info" "blocklist with overall ${adb_cnt} domains loaded successfully and reset afterwards (${adb_sysver})"
+ f_bgserv "start"
+ else
+ f_log "info" "blocklist with overall ${adb_cnt} domains loaded successfully (${adb_sysver})"
+ fi
else
f_log "err" "dns backend restart with active blocklist failed"
fi
#
f_report()
{
- local bg_pid total blocked percent rep_clients rep_domains rep_blocked index hold ports cnt=0 search="${1}" count="${2}" filter="${3}" print="${4}"
+ local bg_pid status total blocked percent rep_clients rep_domains rep_blocked index hold ports cnt=0 search="${1}" count="${2}" filter="${3}" print="${4}"
- if [ ${adb_report} -eq 1 ] && [ ! -x "${adb_reputil}" ]
+ if [ "${adb_report}" -eq 1 ] && [ ! -x "${adb_reputil}" ]
then
f_log "info" "Please install the package 'tcpdump' or 'tcpdump-mini' to use the adblock reporting feature!"
- elif [ ${adb_report} -eq 0 ] && [ "${adb_action}" = "report" ]
+ elif [ "${adb_report}" -eq 0 ] && [ "${adb_action}" = "report" ]
then
f_log "info" "Please enable the extra option 'adb_report' to use the adblock reporting feature!"
fi
if [ -x "${adb_reputil}" ]
then
- bg_pid="$(pgrep -f "^${adb_reputil}.*adb_report\.pcap$" | awk '{ORS=" "; print $1}')"
- if [ ${adb_report} -eq 0 ] || ([ -n "${bg_pid}" ] && ([ "${adb_action}" = "stop" ] || [ "${adb_action}" = "restart" ]))
+ bg_pid="$(pgrep -f "^${adb_reputil}.*adb_report\\.pcap$" | awk '{ORS=" "; print $1}')"
+ if [ "${adb_report}" -eq 0 ] || { [ -n "${bg_pid}" ] && { [ "${adb_action}" = "stop" ] || [ "${adb_action}" = "restart" ]; } }
then
if [ -n "${bg_pid}" ]
then
- kill -HUP ${bg_pid}
+ kill -HUP ${bg_pid} 2>/dev/null
while $(kill -0 ${bg_pid} 2>/dev/null)
do
sleep 1
fi
fi
- if [ -x "${adb_reputil}" ] && [ ${adb_report} -eq 1 ]
+ if [ -x "${adb_reputil}" ] && [ "${adb_report}" -eq 1 ]
then
if [ -z "${bg_pid}" ] && [ "${adb_action}" != "report" ] && [ "${adb_action}" != "stop" ]
then
ports="${ports} or port ${port}"
fi
done
- ("${adb_reputil}" -nn -s0 -l -i ${adb_repiface} ${ports} -C${adb_repchunksize} -W${adb_repchunkcnt} -w "${adb_repdir}/adb_report.pcap" >/dev/null 2>&1 &)
- bg_pid="$(pgrep -f "^${adb_reputil}.*adb_report\.pcap$" | awk '{ORS=" "; print $1}')"
+ ( "${adb_reputil}" -nn -s0 -l -i ${adb_repiface} ${ports} -C${adb_repchunksize} -W${adb_repchunkcnt} -w "${adb_repdir}"/adb_report.pcap >/dev/null 2>&1 & )
+ bg_pid="$(pgrep -f "^${adb_reputil}.*adb_report\\.pcap$" | awk '{ORS=" "; print $1}')"
fi
if [ "${adb_action}" = "report" ] && [ "${filter}" = "false" ]
then
- > "${adb_repdir}/adb_report.raw"
+ > "${adb_repdir}"/adb_report.raw
for file in "${adb_repdir}"/adb_report.pcap*
do
(
- "${adb_reputil}" -tttt -r $file 2>/dev/null | \
- awk -v cnt=${cnt} '!/\.lan\. /&&/ A[\? ]+|NXDomain/{a=$1;b=substr($2,0,8);c=$4;sub(/\.[0-9]+$/,"",c); \
- d=cnt $7;e=$(NF-1);sub(/[0-9]\/[0-9]\/[0-9]/,"NX",e);sub(/\.$/,"",e);sub(/([0-9]{1,3}\.){3}[0-9]{1,3}/,"OK",e);printf("%s\t%s\t%s\t%s\t%s\n", a,b,c,d,e)}' >> "${adb_repdir}/adb_report.raw"
+ "${adb_reputil}" -tttt -r "${file}" 2>/dev/null | \
+ awk -v cnt=${cnt} '!/\.lan\. /&&/ A[\? ]+|NXDomain|0\.0\.0\.0/{a=$1;b=substr($2,0,8);c=$4;sub(/\.[0-9]+$/,"",c); \
+ d=cnt $7;sub(/\*$/,"",d);e=$(NF-1);sub(/[0-9]\/[0-9]\/[0-9]|0\.0\.0\.0/,"NX",e);sub(/\.$/,"",e);sub(/([0-9]{1,3}\.){3}[0-9]{1,3}/,"OK",e);printf("%s\t%s\t%s\t%s\t%s\n", a,b,c,d,e)}' >> "${adb_repdir}/adb_report.raw"
)&
- hold=$(( cnt % adb_maxqueue ))
- if [ ${hold} -eq 0 ]
+ hold=$((cnt%adb_maxqueue))
+ if [ "${hold}" -eq 0 ]
then
wait
fi
- cnt=$(( cnt + 1 ))
+ cnt=$((cnt+1))
done
wait
- if [ -s "${adb_repdir}/adb_report.raw" ]
+ if [ -s "${adb_repdir}"/adb_report.raw ]
then
awk '{printf("%s\t%s\t%s\t%s\t%s\t%s\n", $4,$5,$1,$2,$3,$4)}' "${adb_repdir}/adb_report.raw" | \
sort -ur | uniq -uf2 | awk '{currA=($6+0);currB=$6;currC=substr($6,length($6),1); \
if(reqA==currB){reqA=0;printf("%s\t%s\n",d,$2)}else if(currC=="+"){reqA=currA;d=$3"\t"$4"\t"$5"\t"$2}}' | sort -ur > "${adb_repdir}/adb_report"
fi
- if [ -s "${adb_repdir}/adb_report" ]
+ if [ -s "${adb_repdir}"/adb_report ]
then
- total="$(wc -l < ${adb_repdir}/adb_report)"
- blocked="$(awk '{if($5=="NX")print $4}' ${adb_repdir}/adb_report | wc -l)"
- percent="$(awk -v t=${total} -v b=${blocked} 'BEGIN{printf("%.2f %s\n",b/t*100, "%")}')"
- rep_clients="$(awk '{print $3}' ${adb_repdir}/adb_report | sort | uniq -c | sort -r | awk '{ORS=" ";if(NR<=10) printf("%s_%s ",$1,$2)}')"
- rep_domains="$(awk '{if($5!="NX")print $4}' ${adb_repdir}/adb_report | sort | uniq -c | sort -r | awk '{ORS=" ";if(NR<=10)printf("%s_%s ",$1,$2)}')"
- rep_blocked="$(awk '{if($5=="NX")print $4}' ${adb_repdir}/adb_report | sort | uniq -c | sort -r | awk '{ORS=" ";if(NR<=10)printf("%s_%s ",$1,$2)}')"
-
- > "${adb_repdir}/adb_report.json"
- json_load_file "${adb_repdir}/adb_report.json" >/dev/null 2>&1
+ total="$(wc -l < "${adb_repdir}"/adb_report)"
+ blocked="$(awk '{if($5=="NX")print $4}' "${adb_repdir}"/adb_report | wc -l)"
+ percent="$(awk -v t="${total}" -v b="${blocked}" 'BEGIN{printf("%.2f %s\n",b/t*100, "%")}')"
+ rep_clients="$(awk '{print $3}' "${adb_repdir}"/adb_report | sort | uniq -c | sort -r | awk '{ORS=" ";if(NR<=10) printf("%s_%s ",$1,$2)}')"
+ rep_domains="$(awk '{if($5!="NX")print $4}' "${adb_repdir}"/adb_report | sort | uniq -c | sort -r | awk '{ORS=" ";if(NR<=10)printf("%s_%s ",$1,$2)}')"
+ rep_blocked="$(awk '{if($5=="NX")print $4}' "${adb_repdir}"/adb_report | sort | uniq -c | sort -r | awk '{ORS=" ";if(NR<=10)printf("%s_%s ",$1,$2)}')"
+
+ > "${adb_repdir}"/adb_report.json
+ json_load_file "${adb_repdir}"/adb_report.json >/dev/null 2>&1
json_init
json_add_object "data"
- json_add_string "start_date" "$(awk 'END{printf("%s",$1)}' ${adb_repdir}/adb_report)"
- json_add_string "start_time" "$(awk 'END{printf("%s",$2)}' ${adb_repdir}/adb_report)"
- json_add_string "end_date" "$(awk 'NR==1{printf("%s",$1)}' ${adb_repdir}/adb_report)"
- json_add_string "end_time" "$(awk 'NR==1{printf("%s",$2)}' ${adb_repdir}/adb_report)"
+ json_add_string "start_date" "$(awk 'END{printf("%s",$1)}' "${adb_repdir}"/adb_report)"
+ json_add_string "start_time" "$(awk 'END{printf("%s",$2)}' "${adb_repdir}"/adb_report)"
+ json_add_string "end_date" "$(awk 'NR==1{printf("%s",$1)}' "${adb_repdir}"/adb_report)"
+ json_add_string "end_time" "$(awk 'NR==1{printf("%s",$2)}' "${adb_repdir}"/adb_report)"
json_add_string "total" "${total}"
json_add_string "blocked" "${blocked}"
json_add_string "percent" "${percent}"
json_close_object
done
json_close_object
- json_dump > "${adb_repdir}/adb_report.json"
+ json_dump > "${adb_repdir}"/adb_report.json
fi
- rm -f "${adb_repdir}/adb_report.raw"
+ rm -f "${adb_repdir}"/adb_report.raw
fi
- if [ -s "${adb_repdir}/adb_report" ]
+ if [ -s "${adb_repdir}"/adb_report ]
then
search="${search//./\\.}"
search="${search//[+*~%\$&\"\' ]/}"
- > "${adb_repdir}/adb_report.final"
- awk "BEGIN{i=0}/(${search})/{i++;if(i<=${count}){printf \"%s\t%s\t%s\t%s\t%s\n\",\$1,\$2,\$3,\$4,\$5}}" "${adb_repdir}/adb_report" > "${adb_repdir}/adb_report.final"
- if [ ! -s "${adb_repdir}/adb_report.final" ]
+ > "${adb_repdir}"/adb_report.final
+ awk "BEGIN{i=0}/(${search})/{i++;if(i<=${count}){printf \"%s\\t%s\\t%s\\t%s\\t%s\\n\",\$1,\$2,\$3,\$4,\$5}}" "${adb_repdir}"/adb_report > "${adb_repdir}"/adb_report.final
+ if [ ! -s "${adb_repdir}"/adb_report.final ]
then
- printf "%s\t%s\t%s\t%s\t%s\n" "-" "-" "-" "-" "-" > "${adb_repdir}/adb_report.final"
+ printf "%s\\t%s\\t%s\\t%s\\t%s\\n" "-" "-" "-" "-" "-" > "${adb_repdir}"/adb_report.final
fi
fi
if [ "${print}" = "true" ]
then
- if [ -s "${adb_repdir}/adb_report.json" ]
+ if [ -s "${adb_repdir}"/adb_report.json ]
then
- printf "%s\n%s\n%s\n" ":::" "::: Adblock DNS-Query Report" ":::"
- json_load_file "${adb_repdir}/adb_report.json"
+ printf "%s\\n%s\\n%s\\n" ":::" "::: Adblock DNS-Query Report" ":::"
+ json_load_file "${adb_repdir}"/adb_report.json
json_select "data"
json_get_keys keylist
for key in ${keylist}
json_get_var value "${key}"
eval "${key}=\"${value}\""
done
- printf " + %s\n + %s\n" "Start ::: ${start_date}, ${start_time}" "End ::: ${end_date}, ${end_time}"
- printf " + %s\n + %s %s\n" "Total ::: ${total}" "Blocked ::: ${blocked}" "(${percent})"
+ printf " + %s\\n + %s\\n" "Start ::: ${start_date}, ${start_time}" "End ::: ${end_date}, ${end_time}"
+ printf " + %s\\n + %s %s\\n" "Total ::: ${total}" "Blocked ::: ${blocked}" "(${percent})"
json_select ".."
- if json_get_type Status "top_clients" && [ "${Status}" = "array" ]
+ if json_get_type status "top_clients" && [ "${status}" = "array" ]
then
- printf "%s\n%s\n%s\n" ":::" "::: Top 10 Clients" ":::"
+ printf "%s\\n%s\\n%s\\n" ":::" "::: Top 10 Clients" ":::"
json_select "top_clients"
index=1
- while json_get_type Status ${index} && [ "${Status}" = "object" ]
+ while json_get_type status "${index}" && [ "${status}" = "object" ]
do
- json_get_values client ${index}
- printf " + %-9s::: %s\n" ${client}
- index=$((index + 1))
+ json_get_values client "${index}"
+ printf " + %-9s::: %s\\n" ${client}
+ index=$((index+1))
done
fi
json_select ".."
- if json_get_type Status "top_domains" && [ "${Status}" = "array" ]
+ if json_get_type status "top_domains" && [ "${status}" = "array" ]
then
- printf "%s\n%s\n%s\n" ":::" "::: Top 10 Domains" ":::"
+ printf "%s\\n%s\\n%s\\n" ":::" "::: Top 10 Domains" ":::"
json_select "top_domains"
index=1
- while json_get_type Status ${index} && [ "${Status}" = "object" ]
+ while json_get_type status "${index}" && [ "${status}" = "object" ]
do
- json_get_values domain ${index}
- printf " + %-9s::: %s\n" ${domain}
- index=$((index + 1))
+ json_get_values domain "${index}"
+ printf " + %-9s::: %s\\n" ${domain}
+ index=$((index+1))
done
fi
json_select ".."
- if json_get_type Status "top_blocked" && [ "${Status}" = "array" ]
+ if json_get_type status "top_blocked" && [ "${status}" = "array" ]
then
- printf "%s\n%s\n%s\n" ":::" "::: Top 10 Blocked Domains" ":::"
+ printf "%s\\n%s\\n%s\\n" ":::" "::: Top 10 Blocked Domains" ":::"
json_select "top_blocked"
index=1
- while json_get_type Status ${index} && [ "${Status}" = "object" ]
+ while json_get_type status "${index}" && [ "${status}" = "object" ]
do
- json_get_values blocked ${index}
- printf " + %-9s::: %s\n" ${blocked}
- index=$((index + 1))
+ json_get_values blocked "${index}"
+ printf " + %-9s::: %s\\n" ${blocked}
+ index=$((index+1))
done
fi
- if [ -s "${adb_repdir}/adb_report.final" ]
+ if [ -s "${adb_repdir}"/adb_report.final ]
then
- printf "%s\n%s\n%s\n" ":::" "::: Latest DNS Queries" ":::"
- printf "%-15s%-15s%-45s%-50s%s\n" "Date" "Time" "Client" "Domain" "Answer"
- awk '{printf "%-15s%-15s%-45s%-50s%s\n",$1,$2,$3,$4,$5}' "${adb_repdir}/adb_report.final"
+ printf "%s\\n%s\\n%s\\n" ":::" "::: Latest DNS Queries" ":::"
+ printf "%-15s%-15s%-45s%-50s%s\\n" "Date" "Time" "Client" "Domain" "Answer"
+ awk '{printf "%-15s%-15s%-45s%-50s%s\n",$1,$2,$3,$4,$5}' "${adb_repdir}"/adb_report.final
fi
else
- printf "%s\n%s\n%s\n" ":::" "::: no reporting data available yet" ":::"
+ printf "%s\\n%s\\n%s\\n" ":::" "::: no reporting data available yet" ":::"
fi
fi
fi
# handle different adblock actions
#
-f_envload
+f_load
case "${adb_action}" in
stop)
+ f_bgserv "stop"
f_report "+" "50" "false" "false"
f_rmdns
;;
restart)
+ f_bgserv "stop"
f_report "+" "50" "false" "false"
f_rmdns
- f_envcheck
+ f_env
f_main
;;
suspend)
f_query "${2}"
;;
start|reload)
+ f_bgserv "stop"
f_report "+" "50" "false" "false"
- f_envcheck
+ f_env
f_main
;;
esac
include $(TOPDIR)/rules.mk
PKG_NAME:=banip
-PKG_VERSION:=0.1.4
+PKG_VERSION:=0.1.5
PKG_RELEASE:=1
PKG_LICENSE:=GPL-3.0+
PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>
* supports blocking by ASN numbers
* supports blocking by iso country codes
* supports local white & blacklist (IPv4, IPv6 & CIDR notation), located by default in /etc/banip/banip.whitelist and /etc/banip/banip.blacklist
-* auto-add unsuccessful ssh login attempts to local blacklist
-* auto-add the uplink subnet to local whitelist
+* auto-add unsuccessful ssh login attempts to local blacklist (see 'ban_autoblacklist' option)
+* auto-add the uplink subnet to local whitelist (see 'ban_autowhitelist' option)
* per source configuration of SRC (incoming) and DST (outgoing)
* integrated IPSet-Lookup
* integrated RIPE-Lookup
* ban\_iface => space separated list of WAN network interface(s)/device(s) used by banIP (default: automatically set by banIP ('ban_automatic'))
* the following options apply to the 'extra' config section:
- * ban\_debug => enable/disable banIP debug output (default: '0', disabled)
+ * ban\_debug => enable/disable banIP debug output (bool/default: '0', disabled)
* ban\_nice => set the nice level of the banIP process and all sub-processes (int/default: '0', standard priority)
* ban\_triggerdelay => additional trigger delay in seconds before banIP processing begins (int/default: '2')
* ban\_backup => create compressed blocklist backups, they will be used in case of download errors or during startup in 'backup mode' (bool/default: '0', disabled)
* ban\_backupboot => do not automatically update blocklists during startup, use their backups instead (bool/default: '0', disabled)
* ban\_maxqueue => size of the download queue to handle downloads & IPSet processing in parallel (int/default: '8')
* ban\_fetchparm => special config options for the download utility (default: not set)
+ * ban\_autoblacklist => store auto-addons temporary in ipset and permanently in local blacklist as well (bool/default: '1', enabled)
+ * ban\_autowhitelist => store auto-addons temporary in ipset and permanently in local whitelist as well (bool/default: '1', enabled)
## Examples
**receive banIP runtime information:**
-# banIP configuration, for further information
-# see 'https://github.com/openwrt/packages/blob/master/net/banip/files/README.md'
config banip 'global'
option ban_enabled '0'
option ban_src_ruletype 'src'
option ban_src_on '0'
-config source 'zeus'
- option ban_src 'https://zeustracker.abuse.ch/blocklist.php?download=ipblocklist'
- option ban_src_desc 'Zeus Tracker by abuse.ch (IPv4)'
- option ban_src_rset '/^(([0-9]{1,3}\.){3}[0-9]{1,3})([[:space:]]|$)/{print \"add zeus \"\$1}'
- option ban_src_settype 'ip'
- option ban_src_ruletype 'src'
- option ban_src_on '0'
-
config source 'sslbl'
option ban_src 'https://sslbl.abuse.ch/blacklist/sslipblacklist.csv'
option ban_src_desc 'SSL Blacklist by abuse.ch (IPv4)'
stop_service()
{
rc_procd "${ban_script}" stop
- rc_procd start_service
}
status()
#
LC_ALL=C
PATH="/usr/sbin:/usr/bin:/sbin:/bin"
-ban_ver="0.1.4"
+ban_ver="0.1.5"
ban_sysver="unknown"
ban_enabled=0
ban_automatic="1"
ban_backupboot=0
ban_backupdir="/mnt"
ban_maxqueue=4
+ban_autoblacklist=1
+ban_autowhitelist=1
ban_fetchutil="uclient-fetch"
ban_ip="$(command -v ip)"
ban_ipt="$(command -v iptables)"
if [ -z "$(grep -F "${ip}" "${src_url}")" ]
then
printf '%s\n' "${ip}" >> "${tmp_load}"
- printf '%s\n' "${ip}" >> "${src_url}"
+ if { [ "${src_name//_*/}" = "blacklist" ] && [ "${ban_autoblacklist}" -eq 1 ]; } || \
+ { [ "${src_name//_*/}" = "whitelist" ] && [ "${ban_autowhitelist}" -eq 1 ]; }
+ then
+ printf '%s\n' "${ip}" >> "${src_url}"
+ fi
fi
done
elif [ -n "${src_cat}" ]
--- /dev/null
+#
+# Copyright (C) 2019 Lucian Cristian <lucian.cristian@gmail.com>
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=bfdd
+PKG_SOURCE_DATE:=2019-08-22
+PKG_RELEASE:=1
+
+PKG_SOURCE_VERSION:=c54534beb524afc3972039f57b56ec65332b43f7
+PKG_SOURCE_URL:=https://codeload.github.com/rzalamena/bfdd/tar.gz/$(PKG_SOURCE_VERSION)?
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_DATE).tar.gz
+PKG_HASH:=8b65f502163aacfe43bb897464f3bf44bc5af4cc85d23b7c644e329abf89cc5f
+
+PKG_MAINTAINER:=Lucian Cristian <lucian.cristian@gmail.com>
+PKG_LICENSE:=GPL-2.0-or-later
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_SOURCE_VERSION)
+PKG_BUILD_PARALLEL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/bfdd
+ SECTION:=net
+ CATEGORY:=Network
+ SUBMENU:=Routing and Redirection
+ TITLE:=BFD daemon
+ URL:=https://github.com/rzalamena/bfdd
+ DEPENDS:=+libevent2 +libjson-c
+endef
+
+define Package/bfdd/description
+ A port of Cumulus BFD daemon to a more portable daemon.
+
+ Bidirectional Forwarding Detection (BFD) is a network protocol that is used to
+ detect faults between two forwarding engines connected by a link. It provides
+ low-overhead detection of faults even on physical media that doesn't support
+ failure detection of any kind, such as Ethernet, virtual circuits, tunnels and
+ MPLS Label Switched Paths.
+endef
+
+define Package/bfdd/conffiles
+/etc/bfdd/bfdd.json
+endef
+
+define Package/bfdd/install
+ $(INSTALL_DIR) \
+ $(1)/usr/sbin \
+ $(1)/etc/bfdd \
+ $(1)/etc/init.d
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/{bfdd,bfdctl} $(1)/usr/sbin/
+ $(INSTALL_BIN) ./files/bfdd.init $(1)/etc/init.d/bfdd
+ $(INSTALL_CONF) ./files/bfdd.template.json $(1)/etc/bfdd/bfdd.json
+endef
+
+$(eval $(call BuildPackage,bfdd))
--- /dev/null
+#!/bin/sh /etc/rc.common
+
+START=99
+STOP=10
+USE_PROCD=1
+
+PROG="/usr/sbin/bfdd"
+CONF="/etc/bfdd/bfdd.json"
+
+start_service() {
+ procd_open_instance
+ procd_set_param command $PROG -c $CONF
+ procd_set_param stdout 1
+ procd_set_param stderr 1
+ procd_set_param respawn
+ procd_close_instance
+}
--- /dev/null
+{
+ "ipv4": [
+ {
+ "_create-only": "optional, defaults to false",
+ "_create-only-help": "If create-only is true then bfdd will return failure if a peer with the same target exists",
+ "create-only": true,
+
+ "_multihop": "optional defaults to false",
+ "multihop": false,
+
+ "_peer-address": "mandatory",
+ "peer-address": "127.0.0.1",
+
+ "_local-address": "mandatory on multihop",
+ "local-address": "127.0.0.1",
+
+ "_local-interface": "optional",
+ "local-interface": "enp0s3",
+
+ "_label": "optional",
+ "label": "peer1",
+
+ "_vxlan": "optional, defaults to 0",
+ "vxlan": 100,
+
+ "_vrf-name": "optional",
+ "vrf-name": "netns1",
+
+ "_detect-multiplier": "optional, defaults to 3",
+ "detect-multiplier": 3,
+
+ "_receive-interval": "optional, defaults to 300 milliseconds",
+ "receive-interval": 300,
+
+ "_transmit-interval": "optional, defaults to 300 milliseconds",
+ "transmit-interval": 300,
+
+ "_echo-interval": "optional, defaults to 50 milliseconds",
+ "echo-interval": 50,
+
+ "_echo-mode": "optional, defaults to false",
+ "echo-mode": false,
+
+ "_shutdown": "optional, defaults to false",
+ "shutdown": false
+ }
+ ],
+ "ipv6": [
+ ],
+ "label": [
+ {
+ "_label": "mandatory to identify the peer without addresses",
+ "_label-help": "peer must have been already created in ipv4 or ipv6",
+ "label": "peer1",
+ }
+ ]
+}
--- /dev/null
+--- a/bfd_packet.c 2019-08-15 02:45:47.270120616 +0300
++++ b/bfd_packet.c 2019-08-15 02:44:38.266117706 +0300
+@@ -34,7 +34,6 @@
+ #include <linux/if_packet.h>
+ #include <linux/udp.h>
+ #include <linux/ip.h>
+-#include <linux/ipv6.h>
+
+ #include <arpa/inet.h>
+ #include <sys/types.h>
include $(TOPDIR)/rules.mk
PKG_NAME:=cifsd-tools
-PKG_RELEASE:=2
+PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/cifsd-team/cifsd-tools.git
-PKG_SOURCE_DATE:=2019-07-05
-PKG_SOURCE_VERSION:=539fa21a8dd427a8ca2dc13c9a5a1c975be96d3c
-PKG_MIRROR_HASH:=8c1b22d9926112a7e8ec94a3f731639a3789bef1aeb447f0bd7c41a1884e4dc5
+PKG_SOURCE_DATE:=2019-08-19
+PKG_SOURCE_VERSION:=bbeab27f0a1695f711fb84d9cd29a83f818ef90e
+PKG_MIRROR_HASH:=f8bef545400aa8c0db6ba0fffdf0c0a2f201603503728f140df133aff3a39cbb
PKG_MAINTAINER:=Andy Walsh <andy.walsh44+github@gmail.com>
PKG_LICENSE:=GPL-2.0-or-later
local read_list
local hide_dot_files
local veto_files
+ local inherit_owner
+ local force_create_mode
+ local force_directory_mode
config_get name $1 name
config_get path $1 path
config_get read_list $1 read_list
config_get_bool hide_dot_files $1 hide_dot_files 0
config_get veto_files $1 veto_files
+ config_get inherit_owner $1 inherit_owner
+ config_get force_create_mode $1 force_create_mode
+ config_get force_directory_mode $1 force_directory_mode
[ -z "$name" ] || [ -z "$path" ] && return
[ -n "$create_mask" ] && printf "\tcreate mask = %s\n" "$create_mask"
[ -n "$dir_mask" ] && printf "\tdirectory mask = %s\n" "$dir_mask"
+ [ -n "$force_create_mode" ] && printf "\tforce create mode = %s\n" "$force_create_mode"
+ [ -n "$force_directory_mode" ] && printf "\tforce directory mode = %s\n" "$force_directory_mode"
[ -n "$browseable" ] && printf "\tbrowseable = %s\n" "$browseable"
[ -n "$read_only" ] && printf "\tread only = %s\n" "$read_only"
[ -n "$writeable" ] && printf "\twriteable = %s\n" "$writeable"
[ -n "$guest_ok" ] && printf "\tguest ok = %s\n" "$guest_ok"
+ [ -n "$inherit_owner" ] && printf "\tinherit owner = %s\n" "$inherit_owner"
[ -n "$write_list" ] && printf "\twrite list = %s\n" "$write_list"
[ -n "$read_list" ] && printf "\tread list = %s\n" "$read_list"
exit 1
fi
- [ -f /tmp/cifsd.lock ] && rm /tmp/cifsd.lock
-
- # try remove again before start
- [ -e /sys/module/cifsd ] && rmmod cifsd > /dev/null 2>&1
-
modprobe cifsd 2> /dev/null
if [ ! -e /sys/module/cifsd ]; then
logger -t 'cifsd' "modprobe of cifsd module failed, can\'t start cifsd!"
procd_set_param command /usr/sbin/cifsd --n
procd_close_instance
}
+
+stop_service()
+{
+ logger -t 'cifsd' "Stopping CIFSD userspace service."
+ killall cifsd > /dev/null 2>&1
+ sleep 1
+ [ -e /sys/class/cifsd-control/kill_server ] && echo hard > /sys/class/cifsd-control/kill_server
+ sleep 2
+ [ -e /sys/module/cifsd ] && rmmod cifsd > /dev/null 2>&1
+ # With open smb connections rmmod takes longer
+ if [ -e /sys/module/cifsd ]; then
+ sleep 5
+ rmmod cifsd > /dev/null 2>&1
+ fi
+ [ -f /tmp/cifsd.lock ] && rm /tmp/cifsd.lock
+}
+
+reload_service() {
+ stop_service "$@"
+ sleep 1
+ start_service "$@"
+}
; Veto the Apple specific files that a NetAtalk server
; creates.
; veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/
-;
+; - inherit owner
+; The ownership for new files and directories should be controlled
+; by the ownership of the parent directory.
+; Valid options are yes or no.
+; - inherit smack
+; This parameter can be used to ensure that if smack label exist
+; on parent directories.
+; Valid options are yes or no.
+; - force create mode
+; This parameter specifies a set of UNIX mode bit permissions
+; that will always be set on a file created by cifsd.
+; - force directory mode
+; This parameter specifies a set of UNIX mode bit permissions
+; that will always be set on a directory created by cifsd.
;
; Rules to update this file:
; - Every [share] definition should start on new line
;******************************************************************************
[global]
- server string = CIFSD on OpenWrt
netbios name = CIFSD
- map to guest = Bad User
-[share]
+[homes]
comment = content server share
- path = /mnt
- guest ok = yes
- create mask = 0777
- directory mask = 0777
+ path = /tmp
include $(TOPDIR)/rules.mk
PKG_NAME:=clamav
-PKG_VERSION:=0.101.2
-PKG_RELEASE:=2
+PKG_VERSION:=0.101.3
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.clamav.net/downloads/production/
-PKG_HASH:=0a12ebdf6ff7a74c0bde2bdc2b55cae33449e6dd953ec90824a9e01291277634
+PKG_HASH:=68d42aac4a9cbde293288533a9a3c3d55863de38f2b8707c1ef2d987b1260338
PKG_MAINTAINER:=Marko Ratkaj <marko.ratkaj@sartura.hr> \
Lucian Cristian <lucian.cristian@gmail.com>
-PKG_LICENSE:=GPL-2.0
+PKG_LICENSE:=GPL-2.0-only
PKG_LICENSE_FILES:=COPYING*
PKG_CPE_ID:=cpe:/a:clamav:clamav
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
+PKG_FIXUP:=autoreconf
include $(INCLUDE_DIR)/uclibc++.mk
include $(INCLUDE_DIR)/package.mk
--with-openssl="$(STAGING_DIR)/usr/" \
--with-pcre="$(STAGING_DIR)/usr/" \
--with-zlib="$(STAGING_DIR)/usr/" \
- --without-xml \
--without-iconv \
--without-libncurses-prefix
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/clamd $(1)/usr/sbin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/clamav-milter $(1)/usr/sbin/
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clamav-config $(1)/usr/sbin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clambc $(1)/usr/sbin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clamconf $(1)/usr/sbin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clamdscan $(1)/usr/sbin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clamscan $(1)/usr/sbin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/sigtool $(1)/usr/sbin/
- $(INSTALL_DIR) $(1)/usr/include
- $(CP) $(PKG_INSTALL_DIR)/usr/include/clamav.h $(1)/usr/include/
-
$(INSTALL_DIR) $(1)/usr/lib
- $(CP) $(PKG_INSTALL_DIR)/usr/lib*/* $(1)/usr/lib/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib*/lib*.so.* $(1)/usr/lib/
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_CONF) ./files/clamav.config $(1)/etc/config/clamav
--- /dev/null
+From de943f313fa5c17bf9cbd560a7578796991b24b5 Mon Sep 17 00:00:00 2001
+From: Eneas U de Queiroz <cotequeiroz@gmail.com>
+Date: Sat, 10 Aug 2019 19:43:20 -0300
+Subject: [PATCH] Avoid libxml checks if --disable-xml is used
+
+Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
+---
+ m4/reorganization/libs/xml.m4 | 126 +++++++++++++++++-----------------
+ 1 file changed, 62 insertions(+), 64 deletions(-)
+
+diff --git a/m4/reorganization/libs/xml.m4 b/m4/reorganization/libs/xml.m4
+index 77b2c13a8..0709d2914 100644
+--- a/m4/reorganization/libs/xml.m4
++++ b/m4/reorganization/libs/xml.m4
+@@ -12,87 +12,85 @@ if test "X$want_xml" != "Xno"; then
+ @<:@default=/usr/local or /usr if not found in /usr/local@:>@]),
+ [with_xml_val=$withval]
+ )
+-fi
+-
+-AS_IF([test "x$with_xml_val" = "xno"], [XML_HOME=""],
+- [test "x$with_xml_val" = "xyes"], [XML_HOME="/usr/local"],
+- [XML_HOME="$with_xml_val"])
+
+-AS_IF([test "x$XML_HOME" != "x"], [
+- AS_IF([test ! -x "$XML_HOME/bin/xml2-config"], [XML_HOME=""])
+- ])
++ AS_IF([test "x$with_xml_val" = "xno"], [XML_HOME=""],
++ [test "x$with_xml_val" = "xyes"], [XML_HOME="/usr/local"],
++ [XML_HOME="$with_xml_val"])
+
+-AS_IF([test "x$XML_HOME" = "x" -a "x$with_xml_val" = "xyes"], [
+- AS_IF([test -x "/usr/bin/xml2-config"], [XML_HOME="/usr"])
+- ])
++ AS_IF([test "x$XML_HOME" != "x"], [
++ AS_IF([test ! -x "$XML_HOME/bin/xml2-config"], [XML_HOME=""])
++ ])
+
+-if test "x$XML_HOME" != "x"; then
+- AC_MSG_RESULT([$XML_HOME])
+-else
+- AC_MSG_RESULT([not found])
+-fi
++ AS_IF([test "x$XML_HOME" = "x" -a "x$with_xml_val" = "xyes"], [
++ AS_IF([test -x "/usr/bin/xml2-config"], [XML_HOME="/usr"])
++ ])
+
+-found_xml="no"
+-XMLCONF_VERSION=""
+-XML_CPPFLAGS=""
+-XML_LIBS=""
+-if test "x$XML_HOME" != "x"; then
+- AC_MSG_CHECKING([xml2-config version])
+- XMLCONF_VERSION="`$XML_HOME/bin/xml2-config --version`"
+- if test "x%XMLCONF_VERSION" != "x"; then
+- AC_MSG_RESULT([$XMLCONF_VERSION])
+- found_xml="yes"
+- XML_CPPFLAGS="`$XML_HOME/bin/xml2-config --cflags`"
+- XML_LIBS="`$XML_HOME/bin/xml2-config --libs`"
+- AS_ECHO("$XML_CPPFLAGS")
+- AS_ECHO("$XML_LIBS")
++ if test "x$XML_HOME" != "x"; then
++ AC_MSG_RESULT([$XML_HOME])
+ else
+- AC_MSG_ERROR([xml2-config failed])
++ AC_MSG_RESULT([not found])
++ fi
++
++ found_xml="no"
++ XMLCONF_VERSION=""
++ XML_CPPFLAGS=""
++ XML_LIBS=""
++ if test "x$XML_HOME" != "x"; then
++ AC_MSG_CHECKING([xml2-config version])
++ XMLCONF_VERSION="`$XML_HOME/bin/xml2-config --version`"
++ if test "x%XMLCONF_VERSION" != "x"; then
++ AC_MSG_RESULT([$XMLCONF_VERSION])
++ found_xml="yes"
++ XML_CPPFLAGS="`$XML_HOME/bin/xml2-config --cflags`"
++ XML_LIBS="`$XML_HOME/bin/xml2-config --libs`"
++ AS_ECHO("$XML_CPPFLAGS")
++ AS_ECHO("$XML_LIBS")
++ else
++ AC_MSG_ERROR([xml2-config failed])
++ fi
+ fi
+-fi
+
+-working_xml="no"
+-if test "X$found_xml" != "Xno"; then
+- AC_MSG_CHECKING([for xmlreader.h in $XML_HOME])
++ working_xml="no"
++ if test "X$found_xml" != "Xno"; then
++ AC_MSG_CHECKING([for xmlreader.h in $XML_HOME])
+
+- if test ! -f "$XML_HOME/include/libxml2/libxml/xmlreader.h"; then
+- AC_MSG_RESULT([not found])
+- else
+- AC_MSG_RESULT([found])
+- save_LIBS="$LIBS"
+- save_CPPFLAGS="$CPPFLAGS"
+- CPPFLAGS="$CPPFLAGS $XML_CPPFLAGS"
+- save_LDFLAGS="$LDFLAGS"
+- LDFLAGS="$LDFLAGS $XML_LIBS"
++ if test ! -f "$XML_HOME/include/libxml2/libxml/xmlreader.h"; then
++ AC_MSG_RESULT([not found])
++ else
++ AC_MSG_RESULT([found])
++ save_LIBS="$LIBS"
++ save_CPPFLAGS="$CPPFLAGS"
++ CPPFLAGS="$CPPFLAGS $XML_CPPFLAGS"
++ save_LDFLAGS="$LDFLAGS"
++ LDFLAGS="$LDFLAGS $XML_LIBS"
+
+- AS_ECHO("CPPFLAGS: $CPPFLAGS")
+- AS_ECHO("LD_FLAGS: $LDFLAGS")
++ AS_ECHO("CPPFLAGS: $CPPFLAGS")
++ AS_ECHO("LD_FLAGS: $LDFLAGS")
+
+- AC_CHECK_LIB([xml2], [xmlTextReaderRead], [working_xml="yes"], [working_xml="no"], [$XML_LIBS])
++ AC_CHECK_LIB([xml2], [xmlTextReaderRead], [working_xml="yes"], [working_xml="no"], [$XML_LIBS])
+
+- CPPFLAGS="$save_CPPFLAGS"
+- LDFLAGS="$save_LDFLAGS"
+- LIBS="$save_LIBS"
++ CPPFLAGS="$save_CPPFLAGS"
++ LDFLAGS="$save_LDFLAGS"
++ LIBS="$save_LIBS"
++ fi
+ fi
+-fi
+
+-if test "$working_xml" = "yes"; then
+- AC_DEFINE([HAVE_LIBXML2],1,[Define to 1 if you have the 'libxml2' library (-lxml2).])
+- AC_SUBST(XML_CPPFLAGS)
+- AC_SUBST(XML_LIBS)
+- AC_MSG_NOTICE([Compiling and linking with libxml2 from $XML_HOME])
+-else
+- if test "$want_xml" = "yes"; then
+- AC_MSG_ERROR([****** Please install libxml2 packages!])
++ if test "$working_xml" = "yes"; then
++ AC_DEFINE([HAVE_LIBXML2],1,[Define to 1 if you have the 'libxml2' library (-lxml2).])
++ AC_SUBST(XML_CPPFLAGS)
++ AC_SUBST(XML_LIBS)
++ AC_MSG_NOTICE([Compiling and linking with libxml2 from $XML_HOME])
+ else
+- if test "$want_xml" != "no"; then
++ if test "$want_xml" = "yes"; then
++ AC_MSG_ERROR([****** Please install libxml2 packages!])
++ else
+ AC_MSG_NOTICE([****** libxml2 support unavailable])
+ fi
++ XML_CPPFLAGS=""
++ XML_LIBS=""
++ AC_SUBST(XML_CPPFLAGS)
++ AC_SUBST(XML_LIBS)
+ fi
+- XML_CPPFLAGS=""
+- XML_LIBS=""
+- AC_SUBST(XML_CPPFLAGS)
+- AC_SUBST(XML_LIBS)
+ fi
+
+ AM_CONDITIONAL([HAVE_LIBXML2], test "x$HAVE_LIBXML2" = "xyes")
+--
+2.21.0
+
PKG_MAINTAINER:=Matthias Schiffer <mschiffer@universe-factory.net>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=https://projects.universe-factory.net/attachments/download/86
+PKG_SOURCE_URL:=https://github.com/NeoRaider/fastd/releases/download/v$(PKG_VERSION)
PKG_HASH:=714ff09d7bd75f79783f744f6f8c5af2fe456c8cf876feaa704c205a73e043c9
PKG_LICENSE:=BSD-2-Clause
CATEGORY:=Network
DEPENDS:=+kmod-tun +librt +libpthread +libuecc +FASTD_WITH_STATUS_SOCKET:libjson-c +FASTD_WITH_CAPABILITIES:libcap
TITLE:=Fast and Secure Tunneling Daemon
- URL:=https://projects.universe-factory.net/projects/fastd
+ URL:=https://github.com/NeoRaider/fastd/
SUBMENU:=VPN
endef
+++ /dev/null
-#
-# Copyright (C) 2015 OpenWrt.org
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=fossil
-PKG_VERSION:=1.34
-PKG_RELEASE:=2
-
-PKG_LICENSE:=BSD-2-Clause
-PKG_MAINTAINER:=Luka Perkov <luka@openwrt.org>
-
-PKG_SOURCE:=$(PKG_NAME)-src-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://www.fossil-scm.org/index.html/uv/download
-PKG_HASH:=53a6b83e878feced9ac7705f87e5b6ea82727314e3e19202ae1c46c7e4dba49f
-
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-src-$(PKG_VERSION)
-
-PKG_INSTALL:=1
-PKG_BUILD_PARALLEL:=1
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/fossil
- SECTION:=net
- CATEGORY:=Network
- SUBMENU:=Version Control Systems
- TITLE:=Simple distributed software configuration management
- URL:=http://www.fossil-scm.org
- DEPENDS:=+zlib
-endef
-
-define Package/fossil/description
- Fossil is a distributed version control system, bug tracking system
- and wiki software server for use in software development.
-endef
-
-MAKE_FLAGS := \
- TCC="$(TARGET_CC)" \
- CFLAGS="$(TARGET_CFLAGS) -I$(STAGING_DIR)/usr/include -DFOSSIL_ENABLE_JSON" \
- LDFLAGS="$(TARGET_LDFLAGS) -Wl,-rpath=$(TOOLCHAIN_DIR)/lib -L$(STAGING_DIR)/lib -L$(STAGING_DIR)/usr/lib -lm" \
-
-define Build/Configure
-endef
-
-define Build/Compile
- $(call Build/Compile/Default, \
- -f Makefile.classic $(MAKE_FLAGS) all \
- )
-endef
-
-define Build/Install
-endef
-
-define Package/fossil/conffiles
-/etc/config/fossil
-endef
-
-define Package/fossil/install
- $(INSTALL_DIR) $(1)/usr/bin
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/$(PKG_NAME) $(1)/usr/bin/
- $(INSTALL_DIR) $(1)/etc/init.d
- $(INSTALL_BIN) ./files/fossil.init $(1)/etc/init.d/fossil
- $(INSTALL_DIR) $(1)/etc/config
- $(INSTALL_CONF) ./files/fossil.config $(1)/etc/config/fossil
-endef
-
-$(eval $(call BuildPackage,fossil))
+++ /dev/null
-config server 'dummy'
- option repository '/tmp/fossil/dummy'
- option port 8008
- option localhost 0
- option create 1
+++ /dev/null
-#!/bin/sh /etc/rc.common
-# Copyright (C) 2015 OpenWrt.org
-
-START=90
-USE_PROCD=1
-
-start_instance() {
- local cfg="$1"
-
- config_get repository "$cfg" repository
- if [ -z "$repository" ]; then
- echo "repository is not defined in $1, skipping"
- return
- fi
-
- config_get_bool create "$cfg" create 0
-
- if [ "$create" -eq 0 -a ! -f "$repository" ]; then
- echo "in $1 create option is '$create' and repository '$repository' is not a regular file, skipping"
- return
- fi
-
- if [ "$create" -eq 1 -a ! -d `dirname $repository` ]; then
- mkdir -p `dirname $repository`
- if [ "$?" -ne 0 ]; then
- echo "could not create directory, skipping"
- return
- fi
- fi
-
- config_get port "$cfg" port ""
- if [ -z "$port" ]; then
- echo "port is not defined in $1, skipping"
- return
- fi
-
- config_get_bool debug "$cfg" debug 0
- config_get_bool localhost "$cfg" localhost 1
- config_get_bool scgi "$cfg" scgi 0
-
- procd_open_instance
- procd_set_param command /usr/bin/fossil server "$repository" --port $port
- [ "$debug" -eq 1 ] && procd_append_param command --th-trace
- [ "$create" -eq 1 ] && procd_append_param command --user root --create
- [ "$localhost" -eq 1 ] && procd_append_param command --localhost
- [ "$scgi" -eq 1 ] && procd_append_param command --scgi
- procd_set_param respawn
- procd_close_instance
-}
-
-start_service() {
- config_load 'fossil'
- config_foreach start_instance 'server'
-}
+++ /dev/null
---- a/Makefile.classic
-+++ b/Makefile.classic
-@@ -41,9 +41,6 @@
- # FOSSIL_ENABLE_MINIZ = 1
- # TCC += -DFOSSIL_ENABLE_MINIZ
-
--# To add support for HTTPS
--TCC += -DFOSSIL_ENABLE_SSL
--
- #### We sometimes add the -static option here so that we can build a
- # static executable that will run in a chroot jail.
- #LIB = -static
-@@ -60,9 +57,6 @@
- # If using zlib:
- LIB += $(ZLIB_LIB.$(FOSSIL_ENABLE_MINIZ)) $(LDFLAGS)
-
--# If using HTTPS:
--LIB += -lcrypto -lssl
--
- #### Tcl shell for use in running the fossil testsuite. If you do not
- # care about testing the end result, this can be blank.
- #
include $(TOPDIR)/rules.mk
PKG_NAME:=frp
-PKG_VERSION:=0.27.0
-PKG_RELEASE:=2
+PKG_VERSION:=0.28.0
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/fatedier/frp/tar.gz/v${PKG_VERSION}?
-PKG_HASH:=5d2efd5d924c7a7f84a9f2838de6ab9b7d5ca070ab243edd404a5ca80237607c
+PKG_HASH:=61afbd0e84fc1ab92eacce5a642e2590d1b8c1a972a78f6499165c1778aa62cf
PKG_MAINTAINER:=Richard Yu <yurichard3839@gmail.com>
PKG_LICENSE:=Apache-2.0
# https://github.com/fatedier/frp#configuration-file-template
# list env 'ENV_NAME=value'
# Config files include in temporary config file.
-# list conf_inc '/etc/frp/frps.d/frpc_full.ini'
+# list conf_inc '/etc/frp/frpc.d/frpc_full.ini'
config conf 'common'
option server_addr 127.0.0.1
include $(TOPDIR)/rules.mk
PKG_NAME:=go-ethereum
-PKG_VERSION:=1.8.27
-PKG_RELEASE:=2
+PKG_VERSION:=1.9.1
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/ethereum/go-ethereum/tar.gz/v${PKG_VERSION}?
-PKG_HASH:=45d264106991d0e2a4c34ac5d6539fc9460c768fc70588ea38a25f467039ece8
+PKG_HASH:=7394ae0eeac4b2aafa4bd56eef18c077088770bbce0962b215607b44369a5430
PKG_MAINTAINER:=Mislav Novakovic <mislav.novakovic@sartura.hr>
-PKG_LICENSE:=GPL-3 LGPL-3
+PKG_LICENSE:=GPL-3-or-later LGPL-3-or-later
PKG_LICENSE_FILES:=COPYING COPYING.LESSER
PKG_BUILD_DEPENDS:=golang/host
+++ /dev/null
-From 39bd2609ca730b3b628003b3f938aed7d49132ab Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?P=C3=A9ter=20Szil=C3=A1gyi?= <peterke@gmail.com>
-Date: Thu, 28 Feb 2019 14:53:44 +0200
-Subject: [PATCH] crypto/bn256/cloudflare: pull in upstream fix for Go 1.12 R18
-
----
- crypto/bn256/cloudflare/mul_arm64.h | 32 ++++++++++++++---------------
- 1 file changed, 16 insertions(+), 16 deletions(-)
-
-diff --git a/crypto/bn256/cloudflare/mul_arm64.h b/crypto/bn256/cloudflare/mul_arm64.h
-index 75d52217311..d405eb8f728 100644
---- a/crypto/bn256/cloudflare/mul_arm64.h
-+++ b/crypto/bn256/cloudflare/mul_arm64.h
-@@ -12,7 +12,7 @@
- UMULH R1, R8, c4 \
- ADCS ZR, c4 \
- \
-- MUL R2, R5, R25 \
-+ MUL R2, R5, R1 \
- UMULH R2, R5, R26 \
- MUL R2, R6, R0 \
- ADDS R0, R26 \
-@@ -24,13 +24,13 @@
- ADCS R0, R29 \
- UMULH R2, R8, c5 \
- ADCS ZR, c5 \
-- ADDS R25, c1 \
-+ ADDS R1, c1 \
- ADCS R26, c2 \
- ADCS R27, c3 \
- ADCS R29, c4 \
- ADCS ZR, c5 \
- \
-- MUL R3, R5, R25 \
-+ MUL R3, R5, R1 \
- UMULH R3, R5, R26 \
- MUL R3, R6, R0 \
- ADDS R0, R26 \
-@@ -42,13 +42,13 @@
- ADCS R0, R29 \
- UMULH R3, R8, c6 \
- ADCS ZR, c6 \
-- ADDS R25, c2 \
-+ ADDS R1, c2 \
- ADCS R26, c3 \
- ADCS R27, c4 \
- ADCS R29, c5 \
- ADCS ZR, c6 \
- \
-- MUL R4, R5, R25 \
-+ MUL R4, R5, R1 \
- UMULH R4, R5, R26 \
- MUL R4, R6, R0 \
- ADDS R0, R26 \
-@@ -60,7 +60,7 @@
- ADCS R0, R29 \
- UMULH R4, R8, c7 \
- ADCS ZR, c7 \
-- ADDS R25, c3 \
-+ ADDS R1, c3 \
- ADCS R26, c4 \
- ADCS R27, c5 \
- ADCS R29, c6 \
-@@ -69,15 +69,15 @@
- #define gfpReduce() \
- \ // m = (T * N') mod R, store m in R1:R2:R3:R4
- MOVD ·np+0(SB), R17 \
-- MOVD ·np+8(SB), R18 \
-+ MOVD ·np+8(SB), R25 \
- MOVD ·np+16(SB), R19 \
- MOVD ·np+24(SB), R20 \
- \
- MUL R9, R17, R1 \
- UMULH R9, R17, R2 \
-- MUL R9, R18, R0 \
-+ MUL R9, R25, R0 \
- ADDS R0, R2 \
-- UMULH R9, R18, R3 \
-+ UMULH R9, R25, R3 \
- MUL R9, R19, R0 \
- ADCS R0, R3 \
- UMULH R9, R19, R4 \
-@@ -86,9 +86,9 @@
- \
- MUL R10, R17, R21 \
- UMULH R10, R17, R22 \
-- MUL R10, R18, R0 \
-+ MUL R10, R25, R0 \
- ADDS R0, R22 \
-- UMULH R10, R18, R23 \
-+ UMULH R10, R25, R23 \
- MUL R10, R19, R0 \
- ADCS R0, R23 \
- ADDS R21, R2 \
-@@ -97,7 +97,7 @@
- \
- MUL R11, R17, R21 \
- UMULH R11, R17, R22 \
-- MUL R11, R18, R0 \
-+ MUL R11, R25, R0 \
- ADDS R0, R22 \
- ADDS R21, R3 \
- ADCS R22, R4 \
-@@ -107,19 +107,19 @@
- \
- \ // m * N
- loadModulus(R5,R6,R7,R8) \
-- mul(R17,R18,R19,R20,R21,R22,R23,R24) \
-+ mul(R17,R25,R19,R20,R21,R22,R23,R24) \
- \
- \ // Add the 512-bit intermediate to m*N
-- MOVD ZR, R25 \
-+ MOVD ZR, R0 \
- ADDS R9, R17 \
-- ADCS R10, R18 \
-+ ADCS R10, R25 \
- ADCS R11, R19 \
- ADCS R12, R20 \
- ADCS R13, R21 \
- ADCS R14, R22 \
- ADCS R15, R23 \
- ADCS R16, R24 \
-- ADCS ZR, R25 \
-+ ADCS ZR, R0 \
- \
- \ // Our output is R21:R22:R23:R24. Reduce mod p if necessary.
- SUBS R5, R21, R10 \
PKG_NAME:=haproxy
PKG_VERSION:=2.0.3
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.haproxy.org/download/2.0/src
--- /dev/null
+commit 937604b4cfccddd607b8d4883815c4e3f9ab70d0
+Author: Willy Tarreau <w@1wt.eu>
+Date: Wed Jul 24 16:45:02 2019 +0200
+
+ BUG/MEDIUM: protocols: add a global lock for the init/deinit stuff
+
+ Dragan Dosen found that the listeners lock is not sufficient to protect
+ the listeners list when proxies are stopping because the listeners are
+ also unlinked from the protocol list, and under certain situations like
+ bombing with soft-stop signals or shutting down many frontends in parallel
+ from multiple CLI connections, it could be possible to provoke multiple
+ instances of delete_listener() to be called in parallel for different
+ listeners, thus corrupting the protocol lists.
+
+ Such operations are pretty rare, they are performed once per proxy upon
+ startup and once per proxy on shut down. Thus there is no point trying
+ to optimize anything and we can use a global lock to protect the protocol
+ lists during these manipulations.
+
+ This fix (or a variant) will have to be backported as far as 1.8.
+
+ (cherry picked from commit daacf3664506d56a1f3b050ccba504886a18b12a)
+ Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
+
+diff --git a/include/proto/protocol.h b/include/proto/protocol.h
+index 7bbebb8e..f25f77f0 100644
+--- a/include/proto/protocol.h
++++ b/include/proto/protocol.h
+@@ -23,9 +23,11 @@
+ #define _PROTO_PROTOCOL_H
+
+ #include <sys/socket.h>
++#include <common/hathreads.h>
+ #include <types/protocol.h>
+
+ extern struct protocol *__protocol_by_family[AF_CUST_MAX];
++__decl_hathreads(extern HA_SPINLOCK_T proto_lock);
+
+ /* Registers the protocol <proto> */
+ void protocol_register(struct protocol *proto);
+diff --git a/include/types/protocol.h b/include/types/protocol.h
+index 1d3404b9..f38baeb9 100644
+--- a/include/types/protocol.h
++++ b/include/types/protocol.h
+@@ -80,9 +80,9 @@ struct protocol {
+ int (*pause)(struct listener *l); /* temporarily pause this listener for a soft restart */
+ void (*add)(struct listener *l, int port); /* add a listener for this protocol and port */
+
+- struct list listeners; /* list of listeners using this protocol */
+- int nb_listeners; /* number of listeners */
+- struct list list; /* list of registered protocols */
++ struct list listeners; /* list of listeners using this protocol (under proto_lock) */
++ int nb_listeners; /* number of listeners (under proto_lock) */
++ struct list list; /* list of registered protocols (under proto_lock) */
+ };
+
+ #define CONNECT_HAS_DATA 0x00000001 /* There's data available to be sent */
+diff --git a/src/listener.c b/src/listener.c
+index 40a774ed..b5fe2ac2 100644
+--- a/src/listener.c
++++ b/src/listener.c
+@@ -433,6 +433,9 @@ static void limit_listener(struct listener *l, struct list *list)
+ * used as a protocol's generic enable_all() primitive, for use after the
+ * fork(). It puts the listeners into LI_READY or LI_FULL states depending on
+ * their number of connections. It always returns ERR_NONE.
++ *
++ * Must be called with proto_lock held.
++ *
+ */
+ int enable_all_listeners(struct protocol *proto)
+ {
+@@ -447,6 +450,9 @@ int enable_all_listeners(struct protocol *proto)
+ * the polling lists when they are in the LI_READY or LI_FULL states. It is
+ * intended to be used as a protocol's generic disable_all() primitive. It puts
+ * the listeners into LI_LISTEN, and always returns ERR_NONE.
++ *
++ * Must be called with proto_lock held.
++ *
+ */
+ int disable_all_listeners(struct protocol *proto)
+ {
+@@ -516,6 +522,9 @@ void unbind_listener_no_close(struct listener *listener)
+ /* This function closes all listening sockets bound to the protocol <proto>,
+ * and the listeners end in LI_ASSIGNED state if they were higher. It does not
+ * detach them from the protocol. It always returns ERR_NONE.
++ *
++ * Must be called with proto_lock held.
++ *
+ */
+ int unbind_all_listeners(struct protocol *proto)
+ {
+@@ -580,14 +589,19 @@ int create_listeners(struct bind_conf *bc, const struct sockaddr_storage *ss,
+ * number of listeners is updated, as well as the global number of listeners
+ * and jobs. Note that the listener must have previously been unbound. This
+ * is the generic function to use to remove a listener.
++ *
++ * Will grab the proto_lock.
++ *
+ */
+ void delete_listener(struct listener *listener)
+ {
+ HA_SPIN_LOCK(LISTENER_LOCK, &listener->lock);
+ if (listener->state == LI_ASSIGNED) {
+ listener->state = LI_INIT;
++ HA_SPIN_LOCK(PROTO_LOCK, &proto_lock);
+ LIST_DEL(&listener->proto_list);
+ listener->proto->nb_listeners--;
++ HA_SPIN_UNLOCK(PROTO_LOCK, &proto_lock);
+ _HA_ATOMIC_SUB(&jobs, 1);
+ _HA_ATOMIC_SUB(&listeners, 1);
+ }
+diff --git a/src/proto_sockpair.c b/src/proto_sockpair.c
+index a4faa370..e7dd670d 100644
+--- a/src/proto_sockpair.c
++++ b/src/proto_sockpair.c
+@@ -80,6 +80,9 @@ INITCALL1(STG_REGISTER, protocol_register, &proto_sockpair);
+ /* Add <listener> to the list of sockpair listeners (port is ignored). The
+ * listener's state is automatically updated from LI_INIT to LI_ASSIGNED.
+ * The number of listeners for the protocol is updated.
++ *
++ * Must be called with proto_lock held.
++ *
+ */
+ static void sockpair_add_listener(struct listener *listener, int port)
+ {
+@@ -97,6 +100,8 @@ static void sockpair_add_listener(struct listener *listener, int port)
+ * loose them across the fork(). A call to uxst_enable_listeners() is needed
+ * to complete initialization.
+ *
++ * Must be called with proto_lock held.
++ *
+ * The return value is composed from ERR_NONE, ERR_RETRYABLE and ERR_FATAL.
+ */
+ static int sockpair_bind_listeners(struct protocol *proto, char *errmsg, int errlen)
+diff --git a/src/proto_tcp.c b/src/proto_tcp.c
+index 64ffb83c..bcbe27a7 100644
+--- a/src/proto_tcp.c
++++ b/src/proto_tcp.c
+@@ -1103,6 +1103,9 @@ int tcp_bind_listener(struct listener *listener, char *errmsg, int errlen)
+ * The sockets will be registered but not added to any fd_set, in order not to
+ * loose them across the fork(). A call to enable_all_listeners() is needed
+ * to complete initialization. The return value is composed from ERR_*.
++ *
++ * Must be called with proto_lock held.
++ *
+ */
+ static int tcp_bind_listeners(struct protocol *proto, char *errmsg, int errlen)
+ {
+@@ -1121,6 +1124,9 @@ static int tcp_bind_listeners(struct protocol *proto, char *errmsg, int errlen)
+ /* Add <listener> to the list of tcpv4 listeners, on port <port>. The
+ * listener's state is automatically updated from LI_INIT to LI_ASSIGNED.
+ * The number of listeners for the protocol is updated.
++ *
++ * Must be called with proto_lock held.
++ *
+ */
+ static void tcpv4_add_listener(struct listener *listener, int port)
+ {
+@@ -1136,6 +1142,9 @@ static void tcpv4_add_listener(struct listener *listener, int port)
+ /* Add <listener> to the list of tcpv6 listeners, on port <port>. The
+ * listener's state is automatically updated from LI_INIT to LI_ASSIGNED.
+ * The number of listeners for the protocol is updated.
++ *
++ * Must be called with proto_lock held.
++ *
+ */
+ static void tcpv6_add_listener(struct listener *listener, int port)
+ {
+diff --git a/src/proto_uxst.c b/src/proto_uxst.c
+index 66093af6..7263240f 100644
+--- a/src/proto_uxst.c
++++ b/src/proto_uxst.c
+@@ -379,6 +379,9 @@ static int uxst_unbind_listener(struct listener *listener)
+ /* Add <listener> to the list of unix stream listeners (port is ignored). The
+ * listener's state is automatically updated from LI_INIT to LI_ASSIGNED.
+ * The number of listeners for the protocol is updated.
++ *
++ * Must be called with proto_lock held.
++ *
+ */
+ static void uxst_add_listener(struct listener *listener, int port)
+ {
+@@ -594,6 +597,8 @@ static int uxst_connect_server(struct connection *conn, int flags)
+ * loose them across the fork(). A call to uxst_enable_listeners() is needed
+ * to complete initialization.
+ *
++ * Must be called with proto_lock held.
++ *
+ * The return value is composed from ERR_NONE, ERR_RETRYABLE and ERR_FATAL.
+ */
+ static int uxst_bind_listeners(struct protocol *proto, char *errmsg, int errlen)
+@@ -613,6 +618,9 @@ static int uxst_bind_listeners(struct protocol *proto, char *errmsg, int errlen)
+ /* This function stops all listening UNIX sockets bound to the protocol
+ * <proto>. It does not detaches them from the protocol.
+ * It always returns ERR_NONE.
++ *
++ * Must be called with proto_lock held.
++ *
+ */
+ static int uxst_unbind_listeners(struct protocol *proto)
+ {
+diff --git a/src/protocol.c b/src/protocol.c
+index 96e01c82..ac45cf2e 100644
+--- a/src/protocol.c
++++ b/src/protocol.c
+@@ -18,18 +18,26 @@
+ #include <common/mini-clist.h>
+ #include <common/standard.h>
+
+-#include <types/protocol.h>
++#include <proto/protocol.h>
+
+ /* List head of all registered protocols */
+ static struct list protocols = LIST_HEAD_INIT(protocols);
+ struct protocol *__protocol_by_family[AF_CUST_MAX] = { };
+
++/* This is the global spinlock we may need to register/unregister listeners or
++ * protocols. Its main purpose is in fact to serialize the rare stop/deinit()
++ * phases.
++ */
++__decl_spinlock(proto_lock);
++
+ /* Registers the protocol <proto> */
+ void protocol_register(struct protocol *proto)
+ {
++ HA_SPIN_LOCK(PROTO_LOCK, &proto_lock);
+ LIST_ADDQ(&protocols, &proto->list);
+ if (proto->sock_domain >= 0 && proto->sock_domain < AF_CUST_MAX)
+ __protocol_by_family[proto->sock_domain] = proto;
++ HA_SPIN_UNLOCK(PROTO_LOCK, &proto_lock);
+ }
+
+ /* Unregisters the protocol <proto>. Note that all listeners must have
+@@ -37,8 +45,10 @@ void protocol_register(struct protocol *proto)
+ */
+ void protocol_unregister(struct protocol *proto)
+ {
++ HA_SPIN_LOCK(PROTO_LOCK, &proto_lock);
+ LIST_DEL(&proto->list);
+ LIST_INIT(&proto->list);
++ HA_SPIN_UNLOCK(PROTO_LOCK, &proto_lock);
+ }
+
+ /* binds all listeners of all registered protocols. Returns a composition
+@@ -50,6 +60,7 @@ int protocol_bind_all(char *errmsg, int errlen)
+ int err;
+
+ err = 0;
++ HA_SPIN_LOCK(PROTO_LOCK, &proto_lock);
+ list_for_each_entry(proto, &protocols, list) {
+ if (proto->bind_all) {
+ err |= proto->bind_all(proto, errmsg, errlen);
+@@ -57,6 +68,7 @@ int protocol_bind_all(char *errmsg, int errlen)
+ break;
+ }
+ }
++ HA_SPIN_UNLOCK(PROTO_LOCK, &proto_lock);
+ return err;
+ }
+
+@@ -71,11 +83,13 @@ int protocol_unbind_all(void)
+ int err;
+
+ err = 0;
++ HA_SPIN_LOCK(PROTO_LOCK, &proto_lock);
+ list_for_each_entry(proto, &protocols, list) {
+ if (proto->unbind_all) {
+ err |= proto->unbind_all(proto);
+ }
+ }
++ HA_SPIN_UNLOCK(PROTO_LOCK, &proto_lock);
+ return err;
+ }
+
+@@ -89,11 +103,13 @@ int protocol_enable_all(void)
+ int err;
+
+ err = 0;
++ HA_SPIN_LOCK(PROTO_LOCK, &proto_lock);
+ list_for_each_entry(proto, &protocols, list) {
+ if (proto->enable_all) {
+ err |= proto->enable_all(proto);
+ }
+ }
++ HA_SPIN_UNLOCK(PROTO_LOCK, &proto_lock);
+ return err;
+ }
+
+@@ -107,11 +123,13 @@ int protocol_disable_all(void)
+ int err;
+
+ err = 0;
++ HA_SPIN_LOCK(PROTO_LOCK, &proto_lock);
+ list_for_each_entry(proto, &protocols, list) {
+ if (proto->disable_all) {
+ err |= proto->disable_all(proto);
+ }
+ }
++ HA_SPIN_UNLOCK(PROTO_LOCK, &proto_lock);
+ return err;
+ }
+
+++ /dev/null
---- a/Makefile
-+++ b/Makefile
-@@ -327,6 +327,15 @@ ifeq ($(TARGET),linux-glibc)
- USE_GETADDRINFO)
- endif
-
-+# For linux >= 2.6.28 and uclibc
-+ifeq ($(TARGET),linux-uclibc)
-+ set_target_defaults = $(call default_opts, \
-+ USE_POLL USE_TPROXY USE_DL USE_RT USE_NETFILTER \
-+ USE_CPU_AFFINITY USE_THREAD USE_EPOLL USE_FUTEX USE_LINUX_TPROXY \
-+ USE_ACCEPT4 USE_LINUX_SPLICE USE_PRCTL USE_THREAD_DUMP USE_NS USE_TFO \
-+ USE_GETADDRINFO)
-+endif
-+
- # Solaris 8 and above
- ifeq ($(TARGET),solaris)
- # We also enable getaddrinfo() which works since solaris 8.
--- /dev/null
+commit 6d79cedaaa4a16b2f42d2bf2bc25772a51354e91
+Author: Willy Tarreau <w@1wt.eu>
+Date: Wed Jul 24 17:42:44 2019 +0200
+
+ BUG/MINOR: proxy: always lock stop_proxy()
+
+ There is one unprotected call to stop_proxy() from the manage_proxy()
+ task, so there is a single caller by definition, but there is also
+ another such call from the CLI's "shutdown frontend" parser. This
+ one does it under the proxy's lock but the first one doesn't use it.
+ Thus it is theorically possible to corrupt the list of listeners in a
+ proxy by issuing "shutdown frontend" and SIGUSR1 exactly at the same
+ time. While it sounds particularly contrived or stupid, it could
+ possibly happen with automated tools that would send actions via
+ various channels. This could cause the process to loop forever or
+ to crash and thus stop faster than expected.
+
+ This might be backported as far as 1.8.
+
+ (cherry picked from commit 3de3cd4d9761324b31d23eb2c4a9434ed33801b8)
+ Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
+
+diff --git a/src/proxy.c b/src/proxy.c
+index f669ebf1..ae761ead 100644
+--- a/src/proxy.c
++++ b/src/proxy.c
+@@ -1258,13 +1258,16 @@ void zombify_proxy(struct proxy *p)
+ * to be called when going down in order to release the ports so that another
+ * process may bind to them. It must also be called on disabled proxies at the
+ * end of start-up. If all listeners are closed, the proxy is set to the
+- * PR_STSTOPPED state.
++ * PR_STSTOPPED state. The function takes the proxy's lock so it's safe to
++ * call from multiple places.
+ */
+ void stop_proxy(struct proxy *p)
+ {
+ struct listener *l;
+ int nostop = 0;
+
++ HA_SPIN_LOCK(PROXY_LOCK, &p->lock);
++
+ list_for_each_entry(l, &p->conf.listeners, by_fe) {
+ if (l->options & LI_O_NOSTOP) {
+ HA_ATOMIC_ADD(&unstoppable_jobs, 1);
+@@ -1278,6 +1281,8 @@ void stop_proxy(struct proxy *p)
+ }
+ if (!nostop)
+ p->state = PR_STSTOPPED;
++
++ HA_SPIN_UNLOCK(PROXY_LOCK, &p->lock);
+ }
+
+ /* This function resumes listening on the specified proxy. It scans all of its
+@@ -2110,10 +2115,7 @@ static int cli_parse_shutdown_frontend(char **args, char *payload, struct appctx
+ send_log(px, LOG_WARNING, "Proxy %s stopped (FE: %lld conns, BE: %lld conns).\n",
+ px->id, px->fe_counters.cum_conn, px->be_counters.cum_conn);
+
+- HA_SPIN_LOCK(PROXY_LOCK, &px->lock);
+ stop_proxy(px);
+- HA_SPIN_UNLOCK(PROXY_LOCK, &px->lock);
+-
+ return 1;
+ }
+
+++ /dev/null
---- a/include/common/openssl-compat.h
-+++ b/include/common/openssl-compat.h
-@@ -217,7 +217,8 @@ static inline int EVP_PKEY_base_id(EVP_PKEY *pkey)
- #define TLSEXT_signature_ecdsa 3
- #endif
-
--#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || (LIBRESSL_VERSION_NUMBER < 0x20700000L)
-+#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || \
-+ (defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER < 0x20700000L))
- #define X509_getm_notBefore X509_get_notBefore
- #define X509_getm_notAfter X509_get_notAfter
- #endif
--- /dev/null
+commit a4ca26661f95a60974fb13a78b1a0c89f9c09ea9
+Author: Willy Tarreau <w@1wt.eu>
+Date: Thu Jul 25 07:53:56 2019 +0200
+
+ BUILD: threads: add the definition of PROTO_LOCK
+
+ This one was added by commit daacf3664 ("BUG/MEDIUM: protocols: add a
+ global lock for the init/deinit stuff") but I forgot to add it to the
+ include file, breaking DEBUG_THREAD.
+
+ (cherry picked from commit d6e0c03384cab2c72fb6ab841420045108ea4e6f)
+ Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
+
+diff --git a/include/common/hathreads.h b/include/common/hathreads.h
+index a7c8dc93..b05215bd 100644
+--- a/include/common/hathreads.h
++++ b/include/common/hathreads.h
+@@ -562,6 +562,7 @@ enum lock_label {
+ AUTH_LOCK,
+ LOGSRV_LOCK,
+ DICT_LOCK,
++ PROTO_LOCK,
+ OTHER_LOCK,
+ LOCK_LABELS
+ };
+@@ -679,6 +680,7 @@ static inline const char *lock_label(enum lock_label label)
+ case AUTH_LOCK: return "AUTH";
+ case LOGSRV_LOCK: return "LOGSRV";
+ case DICT_LOCK: return "DICT";
++ case PROTO_LOCK: return "PROTO";
+ case OTHER_LOCK: return "OTHER";
+ case LOCK_LABELS: break; /* keep compiler happy */
+ };
--- /dev/null
+commit 974c6916ba2f7efc83193bb8c04e95294ca21112
+Author: Christopher Faulet <cfaulet@haproxy.com>
+Date: Fri Jul 26 13:52:13 2019 +0200
+
+ BUG/MEDIUM: lb-chash: Fix the realloc() when the number of nodes is increased
+
+ When the number of nodes is increased because the server weight is changed, the
+ nodes array must be realloc. But its new size is not correctly set. Only the
+ total number of nodes is used to set the new size. But it must also depends on
+ the size of a node. It must be the total nomber of nodes times the size of a
+ node.
+
+ This issue was reported on Github (#189).
+
+ This patch must be backported to all versions since the 1.6.
+
+ (cherry picked from commit 366ad86af72c455cc958943913cb2de20eefee71)
+ Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
+
+diff --git a/src/lb_chash.c b/src/lb_chash.c
+index a35351e9..0bf4e81a 100644
+--- a/src/lb_chash.c
++++ b/src/lb_chash.c
+@@ -84,7 +84,7 @@ static inline void chash_queue_dequeue_srv(struct server *s)
+ * increased the weight beyond the original weight
+ */
+ if (s->lb_nodes_tot < s->next_eweight) {
+- struct tree_occ *new_nodes = realloc(s->lb_nodes, s->next_eweight);
++ struct tree_occ *new_nodes = realloc(s->lb_nodes, s->next_eweight * sizeof(*new_nodes));
+
+ if (new_nodes) {
+ unsigned int j;
--- /dev/null
+commit 21a796cb83c29ee276feb04649a1b18214bbdee0
+Author: Olivier Houchard <ohouchard@haproxy.com>
+Date: Fri Jul 26 14:54:34 2019 +0200
+
+ BUG/MEDIUM: streams: Don't switch the SI to SI_ST_DIS if we have data to send.
+
+ In sess_established(), don't immediately switch the backend stream_interface
+ to SI_ST_DIS if we only got a SHUTR. We may still have something to send,
+ ie if the request is a POST, and we should be switched to SI_ST8DIS later
+ when the shutw will happen.
+
+ This should be backported to 2.0 and 1.9.
+
+ (cherry picked from commit 7859526fd6ce7ea33e20b7e532b21aa2465cb11d)
+ Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
+
+diff --git a/src/stream.c b/src/stream.c
+index a5c5f45c..64875c80 100644
+--- a/src/stream.c
++++ b/src/stream.c
+@@ -954,8 +954,9 @@ static void sess_establish(struct stream *s)
+ si_chk_rcv(si);
+ }
+ req->wex = TICK_ETERNITY;
+- /* If we managed to get the whole response, switch to SI_ST_DIS now. */
+- if (rep->flags & CF_SHUTR)
++ /* If we managed to get the whole response, and we don't have anything
++ * left to send, or can't, switch to SI_ST_DIS now. */
++ if (rep->flags & (CF_SHUTR | CF_SHUTW))
+ si->state = SI_ST_DIS;
+ }
+
--- /dev/null
+commit 487b38e86c08431bc5f48aac72c8d753ee23cb03
+Author: Willy Tarreau <w@1wt.eu>
+Date: Fri Jul 26 15:10:39 2019 +0200
+
+ BUG/MINOR: log: make sure writev() is not interrupted on a file output
+
+ Since 1.9 we support sending logs to various non-blocking outputs like
+ stdou/stderr or flies, by using writev() which guarantees that it only
+ returns after having written everything or nothing. However the syscall
+ may be interrupted while doing so, and this is visible when writing to
+ a tty during debug sessions, as some logs occasionally appear interleaved
+ if an xterm or SSH connection is not very fast. Performance here is not a
+ critical concern, log correctness is. Let's simply take the logger's lock
+ around the writev() call to prevent multiple senders from stepping onto
+ each other's toes.
+
+ This may be backported to 2.0 and 1.9.
+
+ (cherry picked from commit 9fbcb7e2e9c32659ab11927394fec2e160be2d0b)
+ Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
+
+diff --git a/src/log.c b/src/log.c
+index ef999d13..99f185e4 100644
+--- a/src/log.c
++++ b/src/log.c
+@@ -1672,8 +1672,15 @@ send:
+ iovec[7].iov_len = 1;
+
+ if (logsrv->addr.ss_family == AF_UNSPEC) {
+- /* the target is a direct file descriptor */
++ /* the target is a direct file descriptor. While writev() guarantees
++ * to write everything, it doesn't guarantee that it will not be
++ * interrupted while doing so. This occasionally results in interleaved
++ * messages when the output is a tty, hence the lock. There's no real
++ * performance concern here for such type of output.
++ */
++ HA_SPIN_LOCK(LOGSRV_LOCK, &logsrv->lock);
+ sent = writev(*plogfd, iovec, 8);
++ HA_SPIN_UNLOCK(LOGSRV_LOCK, &logsrv->lock);
+ }
+ else {
+ msghdr.msg_name = (struct sockaddr *)&logsrv->addr;
--- /dev/null
+commit 8de6badd32fb584d60733a6236113edba00f8701
+Author: Willy Tarreau <w@1wt.eu>
+Date: Fri Jul 26 15:21:54 2019 +0200
+
+ DOC: improve the wording in CONTRIBUTING about how to document a bug fix
+
+ Insufficiently described bug fixes are still too frequent. It's a real
+ pain to create each new maintenance release, as 3/4 of the time is spent
+ trying to guess what problem a patch fixes, which is already important
+ in order to decide whether to pick the fix or not, but is even more
+ capital in order to write understandable release notes.
+
+ Christopher rightfully demands that a patch tagged "BUG" MUST ABSOLUTELY
+ describe the problem and why this problem is a bug. Describing the fix
+ is one thing but if the bug is unknown, why would there be a fix ? How
+ can a stable maintainer be convinced to take a fix if its author didn't
+ care about checking whether it was a real bug ? This patch tries to
+ explain a bit better what really needs to appear in the commit message
+ and how to describe a bug.
+
+ To be backported to all relevant stable versions.
+
+ (cherry picked from commit 41f638c1eb8167bb473a6c8811d7fd70d7c06e07)
+ Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
+
+diff --git a/CONTRIBUTING b/CONTRIBUTING
+index 0fcd921e..201e122d 100644
+--- a/CONTRIBUTING
++++ b/CONTRIBUTING
+@@ -454,7 +454,18 @@ do not think about them anymore after a few patches.
+
+ 11) Real commit messages please!
+
+- Please properly format your commit messages. To get an idea, just run
++ The commit message is how you're trying to convince a maintainer to adopt
++ your work and maintain it as long as possible. A dirty commit message almost
++ always comes with dirty code. Too short a commit message indicates that too
++ short an analysis was done and that side effects are extremely likely to be
++ encountered. It's the maintainer's job to decide to accept this work in its
++ current form or not, with the known constraints. Some patches which rework
++ architectural parts or fix sensitive bugs come with 20-30 lines of design
++ explanations, limitations, hypothesis or even doubts, and despite this it
++ happens when reading them 6 months later while trying to identify a bug that
++ developers still miss some information about corner cases.
++
++ So please properly format your commit messages. To get an idea, just run
+ "git log" on the file you've just modified. Patches always have the format
+ of an e-mail made of a subject, a description and the actual patch. If you
+ are sending a patch as an e-mail formatted this way, it can quickly be
+@@ -506,9 +517,17 @@ do not think about them anymore after a few patches.
+
+ But in any case, it is important that there is a clean description of what
+ the patch does, the motivation for what it does, why it's the best way to do
+- it, its impacts, and what it does not yet cover. Also, in HAProxy, like many
+- projects which take a great care of maintaining stable branches, patches are
+- reviewed later so that some of them can be backported to stable releases.
++ it, its impacts, and what it does not yet cover. And this is particularly
++ important for bugs. A patch tagged "BUG" must absolutely explain what the
++ problem is, why it is considered as a bug. Anybody, even non-developers,
++ should be able to tell whether or not a patch is likely to address an issue
++ they are facing. Indicating what the code will do after the fix doesn't help
++ if it does not say what problem is encountered without the patch. Note that
++ in some cases the bug is purely theorical and observed by reading the code.
++ In this case it's perfectly fine to provide an estimate about possible
++ effects. Also, in HAProxy, like many projects which take a great care of
++ maintaining stable branches, patches are reviewed later so that some of them
++ can be backported to stable releases.
+
+ While reviewing hundreds of patches can seem cumbersome, with a proper
+ formatting of the subject line it actually becomes very easy. For example,
+@@ -630,13 +649,23 @@ patch types include :
+
+ - BUG fix for a bug. The severity of the bug should also be indicated
+ when known. Similarly, if a backport is needed to older versions,
+- it should be indicated on the last line of the commit message. If
+- the bug has been identified as a regression brought by a specific
+- patch or version, this indication will be appreciated too. New
+- maintenance releases are generally emitted when a few of these
+- patches are merged. If the bug is a vulnerability for which a CVE
+- identifier was assigned before you publish the fix, you can mention
+- it in the commit message, it will help distro maintainers.
++ it should be indicated on the last line of the commit message. The
++ commit message MUST ABSOLUTELY describe the problem and its impact
++ to non-developers. Any user must be able to guess if this patch is
++ likely to fix a problem they are facing. Even if the bug was
++ discovered by accident while reading the code or running an
++ automated tool, it is mandatory to try to estimate what potential
++ issue it might cause and under what circumstances. There may even
++ be security implications sometimes so a minimum analysis is really
++ required. Also please think about stable maintainers who have to
++ build the release notes, they need to have enough input about the
++ bug's impact to explain it. If the bug has been identified as a
++ regression brought by a specific patch or version, this indication
++ will be appreciated too. New maintenance releases are generally
++ emitted when a few of these patches are merged. If the bug is a
++ vulnerability for which a CVE identifier was assigned before you
++ publish the fix, you can mention it in the commit message, it will
++ help distro maintainers.
+
+ - CLEANUP code cleanup, silence of warnings, etc... theoretically no impact.
+ These patches will rarely be seen in stable branches, though they
--- /dev/null
+commit 72c692701ab4197f1f8ec7594b7e8ef5082b9d9e
+Author: Christopher Faulet <cfaulet@haproxy.com>
+Date: Fri Jul 26 16:40:24 2019 +0200
+
+ BUG/MINOR: hlua/htx: Reset channels analyzers when txn:done() is called
+
+ For HTX streams, when txn:done() is called, the work is delegated to the
+ function http_reply_and_close(). But it is not enough. The channel's analyzers
+ must also be reset. Otherwise, some analyzers may still be called while
+ processing should be aborted.
+
+ For instance, if the function is called from an http-request rules on the
+ frontend, request analyzers on the backend side are still called. So we may try
+ to add an header to the request, while this one was already reset.
+
+ This patch must be backported to 2.0 and 1.9.
+
+ (cherry picked from commit fe6a71b8e08234dbe03fbd2fa3017590681479df)
+ Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
+
+diff --git a/src/hlua.c b/src/hlua.c
+index 23d2aa04..f9d1d699 100644
+--- a/src/hlua.c
++++ b/src/hlua.c
+@@ -5996,8 +5996,12 @@ __LJMP static int hlua_txn_done(lua_State *L)
+ ic = &htxn->s->req;
+ oc = &htxn->s->res;
+
+- if (IS_HTX_STRM(htxn->s))
+- htx_reply_and_close(htxn->s, 0, NULL);
++ if (IS_HTX_STRM(htxn->s)) {
++ htxn->s->txn->status = 0;
++ http_reply_and_close(htxn->s, 0, NULL);
++ ic->analysers &= AN_REQ_FLT_END;
++ oc->analysers &= AN_RES_FLT_END;
++ }
+ else {
+ if (htxn->s->txn) {
+ /* HTTP mode, let's stay in sync with the stream */
+@@ -6031,6 +6035,9 @@ __LJMP static int hlua_txn_done(lua_State *L)
+ ic->analysers = 0;
+ }
+
++ if (!(htxn->s->flags & SF_ERR_MASK)) // this is not really an error but it is
++ htxn->s->flags |= SF_ERR_LOCAL; // to mark that it comes from the proxy
++
+ hlua->flags |= HLUA_STOP;
+ WILL_LJMP(hlua_done(L));
+ return 0;
--- /dev/null
+commit dc2ee27c7a1908ca3157a10ad131f13644bcaea3
+Author: Christopher Faulet <cfaulet@haproxy.com>
+Date: Fri Jul 26 16:17:01 2019 +0200
+
+ BUG/MEDIUM: hlua: Check the calling direction in lua functions of the HTTP class
+
+ It is invalid to manipulate responses from http-request rules or to manipulate
+ requests from http-response rules. When http-request rules are evaluated, the
+ connection to server is not yet established, so there is no response at all. And
+ when http-response rules are evaluated, the request has already been sent to the
+ server.
+
+ Now, the calling direction is checked. So functions "txn.http:req_*" can now
+ only be called from http-request rules and the functions "txn.http:res_*" can
+ only be called from http-response rules.
+
+ This issue was reported on Github (#190).
+
+ This patch must be backported to all versions since the 1.6.
+
+ (cherry picked from commit 84a6d5bc217a418db8efc4e76a0a32860db2c608)
+ Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
+
+diff --git a/src/hlua.c b/src/hlua.c
+index f9d1d699..21351cd6 100644
+--- a/src/hlua.c
++++ b/src/hlua.c
+@@ -5346,6 +5346,9 @@ __LJMP static int hlua_http_req_get_headers(lua_State *L)
+ MAY_LJMP(check_args(L, 1, "req_get_headers"));
+ htxn = MAY_LJMP(hlua_checkhttp(L, 1));
+
++ if (htxn->dir != SMP_OPT_DIR_REQ)
++ WILL_LJMP(lua_error(L));
++
+ return hlua_http_get_headers(L, htxn, &htxn->s->txn->req);
+ }
+
+@@ -5356,6 +5359,9 @@ __LJMP static int hlua_http_res_get_headers(lua_State *L)
+ MAY_LJMP(check_args(L, 1, "res_get_headers"));
+ htxn = MAY_LJMP(hlua_checkhttp(L, 1));
+
++ if (htxn->dir != SMP_OPT_DIR_RES)
++ WILL_LJMP(lua_error(L));
++
+ return hlua_http_get_headers(L, htxn, &htxn->s->txn->rsp);
+ }
+
+@@ -5393,6 +5399,9 @@ __LJMP static int hlua_http_req_rep_hdr(lua_State *L)
+ MAY_LJMP(check_args(L, 4, "req_rep_hdr"));
+ htxn = MAY_LJMP(hlua_checkhttp(L, 1));
+
++ if (htxn->dir != SMP_OPT_DIR_REQ)
++ WILL_LJMP(lua_error(L));
++
+ return MAY_LJMP(hlua_http_rep_hdr(L, htxn, &htxn->s->txn->req, ACT_HTTP_REPLACE_HDR));
+ }
+
+@@ -5403,6 +5412,9 @@ __LJMP static int hlua_http_res_rep_hdr(lua_State *L)
+ MAY_LJMP(check_args(L, 4, "res_rep_hdr"));
+ htxn = MAY_LJMP(hlua_checkhttp(L, 1));
+
++ if (htxn->dir != SMP_OPT_DIR_RES)
++ WILL_LJMP(lua_error(L));
++
+ return MAY_LJMP(hlua_http_rep_hdr(L, htxn, &htxn->s->txn->rsp, ACT_HTTP_REPLACE_HDR));
+ }
+
+@@ -5413,6 +5425,9 @@ __LJMP static int hlua_http_req_rep_val(lua_State *L)
+ MAY_LJMP(check_args(L, 4, "req_rep_hdr"));
+ htxn = MAY_LJMP(hlua_checkhttp(L, 1));
+
++ if (htxn->dir != SMP_OPT_DIR_REQ)
++ WILL_LJMP(lua_error(L));
++
+ return MAY_LJMP(hlua_http_rep_hdr(L, htxn, &htxn->s->txn->req, ACT_HTTP_REPLACE_VAL));
+ }
+
+@@ -5423,6 +5438,9 @@ __LJMP static int hlua_http_res_rep_val(lua_State *L)
+ MAY_LJMP(check_args(L, 4, "res_rep_val"));
+ htxn = MAY_LJMP(hlua_checkhttp(L, 1));
+
++ if (htxn->dir != SMP_OPT_DIR_RES)
++ WILL_LJMP(lua_error(L));
++
+ return MAY_LJMP(hlua_http_rep_hdr(L, htxn, &htxn->s->txn->rsp, ACT_HTTP_REPLACE_VAL));
+ }
+
+@@ -5462,6 +5480,9 @@ __LJMP static int hlua_http_req_del_hdr(lua_State *L)
+ MAY_LJMP(check_args(L, 2, "req_del_hdr"));
+ htxn = MAY_LJMP(hlua_checkhttp(L, 1));
+
++ if (htxn->dir != SMP_OPT_DIR_REQ)
++ WILL_LJMP(lua_error(L));
++
+ return hlua_http_del_hdr(L, htxn, &htxn->s->txn->req);
+ }
+
+@@ -5469,9 +5490,12 @@ __LJMP static int hlua_http_res_del_hdr(lua_State *L)
+ {
+ struct hlua_txn *htxn;
+
+- MAY_LJMP(check_args(L, 2, "req_del_hdr"));
++ MAY_LJMP(check_args(L, 2, "res_del_hdr"));
+ htxn = MAY_LJMP(hlua_checkhttp(L, 1));
+
++ if (htxn->dir != SMP_OPT_DIR_RES)
++ WILL_LJMP(lua_error(L));
++
+ return hlua_http_del_hdr(L, htxn, &htxn->s->txn->rsp);
+ }
+
+@@ -5523,6 +5547,9 @@ __LJMP static int hlua_http_req_add_hdr(lua_State *L)
+ MAY_LJMP(check_args(L, 3, "req_add_hdr"));
+ htxn = MAY_LJMP(hlua_checkhttp(L, 1));
+
++ if (htxn->dir != SMP_OPT_DIR_REQ)
++ WILL_LJMP(lua_error(L));
++
+ return hlua_http_add_hdr(L, htxn, &htxn->s->txn->req);
+ }
+
+@@ -5533,6 +5560,9 @@ __LJMP static int hlua_http_res_add_hdr(lua_State *L)
+ MAY_LJMP(check_args(L, 3, "res_add_hdr"));
+ htxn = MAY_LJMP(hlua_checkhttp(L, 1));
+
++ if (htxn->dir != SMP_OPT_DIR_RES)
++ WILL_LJMP(lua_error(L));
++
+ return hlua_http_add_hdr(L, htxn, &htxn->s->txn->rsp);
+ }
+
+@@ -5543,6 +5573,9 @@ static int hlua_http_req_set_hdr(lua_State *L)
+ MAY_LJMP(check_args(L, 3, "req_set_hdr"));
+ htxn = MAY_LJMP(hlua_checkhttp(L, 1));
+
++ if (htxn->dir != SMP_OPT_DIR_REQ)
++ WILL_LJMP(lua_error(L));
++
+ hlua_http_del_hdr(L, htxn, &htxn->s->txn->req);
+ return hlua_http_add_hdr(L, htxn, &htxn->s->txn->req);
+ }
+@@ -5554,6 +5587,9 @@ static int hlua_http_res_set_hdr(lua_State *L)
+ MAY_LJMP(check_args(L, 3, "res_set_hdr"));
+ htxn = MAY_LJMP(hlua_checkhttp(L, 1));
+
++ if (htxn->dir != SMP_OPT_DIR_RES)
++ WILL_LJMP(lua_error(L));
++
+ hlua_http_del_hdr(L, htxn, &htxn->s->txn->rsp);
+ return hlua_http_add_hdr(L, htxn, &htxn->s->txn->rsp);
+ }
+@@ -5565,6 +5601,9 @@ static int hlua_http_req_set_meth(lua_State *L)
+ size_t name_len;
+ const char *name = MAY_LJMP(luaL_checklstring(L, 2, &name_len));
+
++ if (htxn->dir != SMP_OPT_DIR_REQ)
++ WILL_LJMP(lua_error(L));
++
+ lua_pushboolean(L, http_replace_req_line(0, name, name_len, htxn->p, htxn->s) != -1);
+ return 1;
+ }
+@@ -5576,6 +5615,9 @@ static int hlua_http_req_set_path(lua_State *L)
+ size_t name_len;
+ const char *name = MAY_LJMP(luaL_checklstring(L, 2, &name_len));
+
++ if (htxn->dir != SMP_OPT_DIR_REQ)
++ WILL_LJMP(lua_error(L));
++
+ lua_pushboolean(L, http_replace_req_line(1, name, name_len, htxn->p, htxn->s) != -1);
+ return 1;
+ }
+@@ -5587,6 +5629,9 @@ static int hlua_http_req_set_query(lua_State *L)
+ size_t name_len;
+ const char *name = MAY_LJMP(luaL_checklstring(L, 2, &name_len));
+
++ if (htxn->dir != SMP_OPT_DIR_REQ)
++ WILL_LJMP(lua_error(L));
++
+ /* Check length. */
+ if (name_len > trash.size - 1) {
+ lua_pushboolean(L, 0);
+@@ -5611,6 +5656,9 @@ static int hlua_http_req_set_uri(lua_State *L)
+ size_t name_len;
+ const char *name = MAY_LJMP(luaL_checklstring(L, 2, &name_len));
+
++ if (htxn->dir != SMP_OPT_DIR_REQ)
++ WILL_LJMP(lua_error(L));
++
+ lua_pushboolean(L, http_replace_req_line(3, name, name_len, htxn->p, htxn->s) != -1);
+ return 1;
+ }
+@@ -5622,6 +5670,9 @@ static int hlua_http_res_set_status(lua_State *L)
+ unsigned int code = MAY_LJMP(luaL_checkinteger(L, 2));
+ const char *reason = MAY_LJMP(luaL_optlstring(L, 3, NULL, NULL));
+
++ if (htxn->dir != SMP_OPT_DIR_RES)
++ WILL_LJMP(lua_error(L));
++
+ http_set_status(code, reason, htxn->s);
+ return 0;
+ }
--- /dev/null
+commit b22f6501bc9838061472128360e0e55d08cb0bd9
+Author: Christopher Faulet <cfaulet@haproxy.com>
+Date: Fri Jul 26 14:54:52 2019 +0200
+
+ MINOR: hlua: Don't set request analyzers on response channel for lua actions
+
+ Setting some requests analyzers on the response channel was an old trick to be
+ sure to re-evaluate the request's analyers after the response's ones have been
+ called. It is no more necessary. In fact, this trick was removed in the version
+ 1.8 and backported up to the version 1.6.
+
+ This patch must be backported to all versions since 1.6 to ease the backports of
+ fixes on the lua code.
+
+ (cherry picked from commit 51fa358432247fe5d7259d9d8a0e08d49d429c73)
+ Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
+
+diff --git a/src/hlua.c b/src/hlua.c
+index 21351cd6..36454cdc 100644
+--- a/src/hlua.c
++++ b/src/hlua.c
+@@ -6873,11 +6873,8 @@ static enum act_return hlua_action(struct act_rule *rule, struct proxy *px,
+ * is detected on a response channel. This is useful
+ * only for actions targeted on the requests.
+ */
+- if (HLUA_IS_WAKERESWR(s->hlua)) {
++ if (HLUA_IS_WAKERESWR(s->hlua))
+ s->res.flags |= CF_WAKE_WRITE;
+- if ((analyzer & (AN_REQ_INSPECT_FE|AN_REQ_HTTP_PROCESS_FE)))
+- s->res.analysers |= analyzer;
+- }
+ if (HLUA_IS_WAKEREQWR(s->hlua))
+ s->req.flags |= CF_WAKE_WRITE;
+ /* We can quit the function without consistency check
--- /dev/null
+commit ff96b8bd3f85155f65b2b9c9f046fe3e40f630a4
+Author: Christopher Faulet <cfaulet@haproxy.com>
+Date: Fri Jul 26 15:09:53 2019 +0200
+
+ MINOR: hlua: Add a flag on the lua txn to know in which context it can be used
+
+ When a lua action or a lua sample fetch is called, a lua transaction is
+ created. It is an entry in the stack containing the class TXN. Thanks to it, we
+ can know the direction (request or response) of the call. But, for some
+ functions, it is also necessary to know if the buffer is "HTTP ready" for the
+ given direction. "HTTP ready" means there is a valid HTTP message in the
+ channel's buffer. So, when a lua action or a lua sample fetch is called, the
+ flag HLUA_TXN_HTTP_RDY is set if it is appropriate.
+
+ (cherry picked from commit bfab2dddad3ded87617d1e2db54761943d1eb32d)
+ Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
+
+diff --git a/include/types/hlua.h b/include/types/hlua.h
+index 70c76852..2f4e38be 100644
+--- a/include/types/hlua.h
++++ b/include/types/hlua.h
+@@ -43,7 +43,8 @@ struct stream;
+ #define HLUA_F_AS_STRING 0x01
+ #define HLUA_F_MAY_USE_HTTP 0x02
+
+-#define HLUA_TXN_NOTERM 0x00000001
++#define HLUA_TXN_NOTERM 0x00000001
++#define HLUA_TXN_HTTP_RDY 0x00000002 /* Set if the txn is HTTP ready for the defined direction */
+
+ #define HLUA_CONCAT_BLOCSZ 2048
+
+diff --git a/src/hlua.c b/src/hlua.c
+index 36454cdc..d37e3c61 100644
+--- a/src/hlua.c
++++ b/src/hlua.c
+@@ -6494,6 +6494,7 @@ static int hlua_sample_fetch_wrapper(const struct arg *arg_p, struct sample *smp
+ struct stream *stream = smp->strm;
+ const char *error;
+ const struct buffer msg = { };
++ unsigned int hflags = HLUA_TXN_NOTERM;
+
+ if (!stream)
+ return 0;
+@@ -6517,6 +6518,13 @@ static int hlua_sample_fetch_wrapper(const struct arg *arg_p, struct sample *smp
+
+ consistency_set(stream, smp->opt, &stream->hlua->cons);
+
++ if (stream->be->mode == PR_MODE_HTTP) {
++ if ((smp->opt & SMP_OPT_DIR) == SMP_OPT_DIR_REQ)
++ hflags |= ((stream->txn->req.msg_state < HTTP_MSG_BODY) ? 0 : HLUA_TXN_HTTP_RDY);
++ else
++ hflags |= ((stream->txn->rsp.msg_state < HTTP_MSG_BODY) ? 0 : HLUA_TXN_HTTP_RDY);
++ }
++
+ /* If it is the first run, initialize the data for the call. */
+ if (!HLUA_IS_RUNNING(stream->hlua)) {
+
+@@ -6541,8 +6549,7 @@ static int hlua_sample_fetch_wrapper(const struct arg *arg_p, struct sample *smp
+ lua_rawgeti(stream->hlua->T, LUA_REGISTRYINDEX, fcn->function_ref);
+
+ /* push arguments in the stack. */
+- if (!hlua_txn_new(stream->hlua->T, stream, smp->px, smp->opt & SMP_OPT_DIR,
+- HLUA_TXN_NOTERM)) {
++ if (!hlua_txn_new(stream->hlua->T, stream, smp->px, smp->opt & SMP_OPT_DIR, hflags)) {
+ SEND_ERR(smp->px, "Lua sample-fetch '%s': full stack.\n", fcn->name);
+ RESET_SAFE_LJMP(stream->hlua->T);
+ return 0;
+@@ -6759,16 +6766,16 @@ static enum act_return hlua_action(struct act_rule *rule, struct proxy *px,
+ struct session *sess, struct stream *s, int flags)
+ {
+ char **arg;
+- unsigned int analyzer;
++ unsigned int hflags = 0;
+ int dir;
+ const char *error;
+ const struct buffer msg = { };
+
+ switch (rule->from) {
+- case ACT_F_TCP_REQ_CNT: analyzer = AN_REQ_INSPECT_FE ; dir = SMP_OPT_DIR_REQ; break;
+- case ACT_F_TCP_RES_CNT: analyzer = AN_RES_INSPECT ; dir = SMP_OPT_DIR_RES; break;
+- case ACT_F_HTTP_REQ: analyzer = AN_REQ_HTTP_PROCESS_FE; dir = SMP_OPT_DIR_REQ; break;
+- case ACT_F_HTTP_RES: analyzer = AN_RES_HTTP_PROCESS_BE; dir = SMP_OPT_DIR_RES; break;
++ case ACT_F_TCP_REQ_CNT: ; dir = SMP_OPT_DIR_REQ; break;
++ case ACT_F_TCP_RES_CNT: ; dir = SMP_OPT_DIR_RES; break;
++ case ACT_F_HTTP_REQ: hflags = HLUA_TXN_HTTP_RDY ; dir = SMP_OPT_DIR_REQ; break;
++ case ACT_F_HTTP_RES: hflags = HLUA_TXN_HTTP_RDY ; dir = SMP_OPT_DIR_RES; break;
+ default:
+ SEND_ERR(px, "Lua: internal error while execute action.\n");
+ return ACT_RET_CONT;
+@@ -6821,7 +6828,7 @@ static enum act_return hlua_action(struct act_rule *rule, struct proxy *px,
+ lua_rawgeti(s->hlua->T, LUA_REGISTRYINDEX, rule->arg.hlua_rule->fcn.function_ref);
+
+ /* Create and and push object stream in the stack. */
+- if (!hlua_txn_new(s->hlua->T, s, px, dir, 0)) {
++ if (!hlua_txn_new(s->hlua->T, s, px, dir, hflags)) {
+ SEND_ERR(px, "Lua function '%s': full stack.\n",
+ rule->arg.hlua_rule->fcn.name);
+ RESET_SAFE_LJMP(s->hlua->T);
+@@ -6864,9 +6871,9 @@ static enum act_return hlua_action(struct act_rule *rule, struct proxy *px,
+ case HLUA_E_AGAIN:
+ /* Set timeout in the required channel. */
+ if (s->hlua->wake_time != TICK_ETERNITY) {
+- if (analyzer & (AN_REQ_INSPECT_FE|AN_REQ_HTTP_PROCESS_FE))
++ if (dir & SMP_OPT_DIR_REQ)
+ s->req.analyse_exp = s->hlua->wake_time;
+- else if (analyzer & (AN_RES_INSPECT|AN_RES_HTTP_PROCESS_BE))
++ else
+ s->res.analyse_exp = s->hlua->wake_time;
+ }
+ /* Some actions can be wake up when a "write" event
--- /dev/null
+commit 2351ca211d655c1be9ef6d62880899102134266d
+Author: Christopher Faulet <cfaulet@haproxy.com>
+Date: Fri Jul 26 16:31:34 2019 +0200
+
+ BUG/MINOR: hlua: Only execute functions of HTTP class if the txn is HTTP ready
+
+ The flag HLUA_TXN_HTTP_RDY was added in the previous commit to know when a
+ function is called for a channel with a valid HTTP message or not. Of course it
+ also depends on the calling direction. In this commit, we allow the execution of
+ functions of the HTTP class only if this flag is set.
+
+ Nobody seems to use them from an unsupported context (for instance, trying to
+ set an HTTP header from a tcp-request rule). But it remains a bug leading to
+ undefined behaviors or crashes.
+
+ This patch may be backported to all versions since the 1.6. It depends on the
+ commits "MINOR: hlua: Add a flag on the lua txn to know in which context it can
+ be used" and "MINOR: hlua: Don't set request analyzers on response channel for
+ lua actions".
+
+ (cherry picked from commit 301eff8e215d5dc7130e1ebacd7cf8da09a4f643)
+ Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
+
+diff --git a/src/hlua.c b/src/hlua.c
+index d37e3c61..4d92fa44 100644
+--- a/src/hlua.c
++++ b/src/hlua.c
+@@ -5346,7 +5346,7 @@ __LJMP static int hlua_http_req_get_headers(lua_State *L)
+ MAY_LJMP(check_args(L, 1, "req_get_headers"));
+ htxn = MAY_LJMP(hlua_checkhttp(L, 1));
+
+- if (htxn->dir != SMP_OPT_DIR_REQ)
++ if (htxn->dir != SMP_OPT_DIR_REQ || !(htxn->flags & HLUA_TXN_HTTP_RDY))
+ WILL_LJMP(lua_error(L));
+
+ return hlua_http_get_headers(L, htxn, &htxn->s->txn->req);
+@@ -5359,7 +5359,7 @@ __LJMP static int hlua_http_res_get_headers(lua_State *L)
+ MAY_LJMP(check_args(L, 1, "res_get_headers"));
+ htxn = MAY_LJMP(hlua_checkhttp(L, 1));
+
+- if (htxn->dir != SMP_OPT_DIR_RES)
++ if (htxn->dir != SMP_OPT_DIR_RES || !(htxn->flags & HLUA_TXN_HTTP_RDY))
+ WILL_LJMP(lua_error(L));
+
+ return hlua_http_get_headers(L, htxn, &htxn->s->txn->rsp);
+@@ -5399,7 +5399,7 @@ __LJMP static int hlua_http_req_rep_hdr(lua_State *L)
+ MAY_LJMP(check_args(L, 4, "req_rep_hdr"));
+ htxn = MAY_LJMP(hlua_checkhttp(L, 1));
+
+- if (htxn->dir != SMP_OPT_DIR_REQ)
++ if (htxn->dir != SMP_OPT_DIR_REQ || !(htxn->flags & HLUA_TXN_HTTP_RDY))
+ WILL_LJMP(lua_error(L));
+
+ return MAY_LJMP(hlua_http_rep_hdr(L, htxn, &htxn->s->txn->req, ACT_HTTP_REPLACE_HDR));
+@@ -5412,7 +5412,7 @@ __LJMP static int hlua_http_res_rep_hdr(lua_State *L)
+ MAY_LJMP(check_args(L, 4, "res_rep_hdr"));
+ htxn = MAY_LJMP(hlua_checkhttp(L, 1));
+
+- if (htxn->dir != SMP_OPT_DIR_RES)
++ if (htxn->dir != SMP_OPT_DIR_RES || !(htxn->flags & HLUA_TXN_HTTP_RDY))
+ WILL_LJMP(lua_error(L));
+
+ return MAY_LJMP(hlua_http_rep_hdr(L, htxn, &htxn->s->txn->rsp, ACT_HTTP_REPLACE_HDR));
+@@ -5425,7 +5425,7 @@ __LJMP static int hlua_http_req_rep_val(lua_State *L)
+ MAY_LJMP(check_args(L, 4, "req_rep_hdr"));
+ htxn = MAY_LJMP(hlua_checkhttp(L, 1));
+
+- if (htxn->dir != SMP_OPT_DIR_REQ)
++ if (htxn->dir != SMP_OPT_DIR_REQ || !(htxn->flags & HLUA_TXN_HTTP_RDY))
+ WILL_LJMP(lua_error(L));
+
+ return MAY_LJMP(hlua_http_rep_hdr(L, htxn, &htxn->s->txn->req, ACT_HTTP_REPLACE_VAL));
+@@ -5438,7 +5438,7 @@ __LJMP static int hlua_http_res_rep_val(lua_State *L)
+ MAY_LJMP(check_args(L, 4, "res_rep_val"));
+ htxn = MAY_LJMP(hlua_checkhttp(L, 1));
+
+- if (htxn->dir != SMP_OPT_DIR_RES)
++ if (htxn->dir != SMP_OPT_DIR_RES || !(htxn->flags & HLUA_TXN_HTTP_RDY))
+ WILL_LJMP(lua_error(L));
+
+ return MAY_LJMP(hlua_http_rep_hdr(L, htxn, &htxn->s->txn->rsp, ACT_HTTP_REPLACE_VAL));
+@@ -5480,7 +5480,7 @@ __LJMP static int hlua_http_req_del_hdr(lua_State *L)
+ MAY_LJMP(check_args(L, 2, "req_del_hdr"));
+ htxn = MAY_LJMP(hlua_checkhttp(L, 1));
+
+- if (htxn->dir != SMP_OPT_DIR_REQ)
++ if (htxn->dir != SMP_OPT_DIR_REQ || !(htxn->flags & HLUA_TXN_HTTP_RDY))
+ WILL_LJMP(lua_error(L));
+
+ return hlua_http_del_hdr(L, htxn, &htxn->s->txn->req);
+@@ -5493,7 +5493,7 @@ __LJMP static int hlua_http_res_del_hdr(lua_State *L)
+ MAY_LJMP(check_args(L, 2, "res_del_hdr"));
+ htxn = MAY_LJMP(hlua_checkhttp(L, 1));
+
+- if (htxn->dir != SMP_OPT_DIR_RES)
++ if (htxn->dir != SMP_OPT_DIR_RES || !(htxn->flags & HLUA_TXN_HTTP_RDY))
+ WILL_LJMP(lua_error(L));
+
+ return hlua_http_del_hdr(L, htxn, &htxn->s->txn->rsp);
+@@ -5547,7 +5547,7 @@ __LJMP static int hlua_http_req_add_hdr(lua_State *L)
+ MAY_LJMP(check_args(L, 3, "req_add_hdr"));
+ htxn = MAY_LJMP(hlua_checkhttp(L, 1));
+
+- if (htxn->dir != SMP_OPT_DIR_REQ)
++ if (htxn->dir != SMP_OPT_DIR_REQ || !(htxn->flags & HLUA_TXN_HTTP_RDY))
+ WILL_LJMP(lua_error(L));
+
+ return hlua_http_add_hdr(L, htxn, &htxn->s->txn->req);
+@@ -5560,7 +5560,7 @@ __LJMP static int hlua_http_res_add_hdr(lua_State *L)
+ MAY_LJMP(check_args(L, 3, "res_add_hdr"));
+ htxn = MAY_LJMP(hlua_checkhttp(L, 1));
+
+- if (htxn->dir != SMP_OPT_DIR_RES)
++ if (htxn->dir != SMP_OPT_DIR_RES || !(htxn->flags & HLUA_TXN_HTTP_RDY))
+ WILL_LJMP(lua_error(L));
+
+ return hlua_http_add_hdr(L, htxn, &htxn->s->txn->rsp);
+@@ -5573,7 +5573,7 @@ static int hlua_http_req_set_hdr(lua_State *L)
+ MAY_LJMP(check_args(L, 3, "req_set_hdr"));
+ htxn = MAY_LJMP(hlua_checkhttp(L, 1));
+
+- if (htxn->dir != SMP_OPT_DIR_REQ)
++ if (htxn->dir != SMP_OPT_DIR_REQ || !(htxn->flags & HLUA_TXN_HTTP_RDY))
+ WILL_LJMP(lua_error(L));
+
+ hlua_http_del_hdr(L, htxn, &htxn->s->txn->req);
+@@ -5587,7 +5587,7 @@ static int hlua_http_res_set_hdr(lua_State *L)
+ MAY_LJMP(check_args(L, 3, "res_set_hdr"));
+ htxn = MAY_LJMP(hlua_checkhttp(L, 1));
+
+- if (htxn->dir != SMP_OPT_DIR_RES)
++ if (htxn->dir != SMP_OPT_DIR_RES || !(htxn->flags & HLUA_TXN_HTTP_RDY))
+ WILL_LJMP(lua_error(L));
+
+ hlua_http_del_hdr(L, htxn, &htxn->s->txn->rsp);
+@@ -5601,7 +5601,7 @@ static int hlua_http_req_set_meth(lua_State *L)
+ size_t name_len;
+ const char *name = MAY_LJMP(luaL_checklstring(L, 2, &name_len));
+
+- if (htxn->dir != SMP_OPT_DIR_REQ)
++ if (htxn->dir != SMP_OPT_DIR_REQ || !(htxn->flags & HLUA_TXN_HTTP_RDY))
+ WILL_LJMP(lua_error(L));
+
+ lua_pushboolean(L, http_replace_req_line(0, name, name_len, htxn->p, htxn->s) != -1);
+@@ -5615,7 +5615,7 @@ static int hlua_http_req_set_path(lua_State *L)
+ size_t name_len;
+ const char *name = MAY_LJMP(luaL_checklstring(L, 2, &name_len));
+
+- if (htxn->dir != SMP_OPT_DIR_REQ)
++ if (htxn->dir != SMP_OPT_DIR_REQ || !(htxn->flags & HLUA_TXN_HTTP_RDY))
+ WILL_LJMP(lua_error(L));
+
+ lua_pushboolean(L, http_replace_req_line(1, name, name_len, htxn->p, htxn->s) != -1);
+@@ -5629,7 +5629,7 @@ static int hlua_http_req_set_query(lua_State *L)
+ size_t name_len;
+ const char *name = MAY_LJMP(luaL_checklstring(L, 2, &name_len));
+
+- if (htxn->dir != SMP_OPT_DIR_REQ)
++ if (htxn->dir != SMP_OPT_DIR_REQ || !(htxn->flags & HLUA_TXN_HTTP_RDY))
+ WILL_LJMP(lua_error(L));
+
+ /* Check length. */
+@@ -5656,7 +5656,7 @@ static int hlua_http_req_set_uri(lua_State *L)
+ size_t name_len;
+ const char *name = MAY_LJMP(luaL_checklstring(L, 2, &name_len));
+
+- if (htxn->dir != SMP_OPT_DIR_REQ)
++ if (htxn->dir != SMP_OPT_DIR_REQ || !(htxn->flags & HLUA_TXN_HTTP_RDY))
+ WILL_LJMP(lua_error(L));
+
+ lua_pushboolean(L, http_replace_req_line(3, name, name_len, htxn->p, htxn->s) != -1);
+@@ -5670,7 +5670,7 @@ static int hlua_http_res_set_status(lua_State *L)
+ unsigned int code = MAY_LJMP(luaL_checkinteger(L, 2));
+ const char *reason = MAY_LJMP(luaL_optlstring(L, 3, NULL, NULL));
+
+- if (htxn->dir != SMP_OPT_DIR_RES)
++ if (htxn->dir != SMP_OPT_DIR_RES || !(htxn->flags & HLUA_TXN_HTTP_RDY))
+ WILL_LJMP(lua_error(L));
+
+ http_set_status(code, reason, htxn->s);
--- /dev/null
+commit 3cd7a1ea5110fc6a92627aaad06553a49723ac92
+Author: Christopher Faulet <cfaulet@haproxy.com>
+Date: Mon Jul 29 10:50:28 2019 +0200
+
+ BUG/MINOR: htx: Fix free space addresses calculation during a block expansion
+
+ When the payload of a block is shrinked or enlarged, addresses of the free
+ spaces must be updated. There are many possible cases. One of them is
+ buggy. When there is only one block in the HTX message and its payload is just
+ before the tail room and it needs to be moved in the head room to be enlarged,
+ addresses are not correctly updated. This bug may be hit by the compression
+ filter.
+
+ This patch must be backported to 2.0.
+
+ (cherry picked from commit 61ed7797f6440ee1102576365553650b1982a233)
+ Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
+
+diff --git a/src/htx.c b/src/htx.c
+index c29a66d7..cd21050c 100644
+--- a/src/htx.c
++++ b/src/htx.c
+@@ -252,11 +252,13 @@ static int htx_prepare_blk_expansion(struct htx *htx, struct htx_blk *blk, int32
+ ret = 1;
+ }
+ else if ((sz + delta) < headroom) {
++ uint32_t oldaddr = blk->addr;
++
+ /* Move the block's payload into the headroom */
+ blk->addr = htx->head_addr;
+ htx->tail_addr -= sz;
+ htx->head_addr += sz + delta;
+- if (blk->addr == htx->end_addr) {
++ if (oldaddr == htx->end_addr) {
+ if (htx->end_addr == htx->tail_addr) {
+ htx->tail_addr = htx->head_addr;
+ htx->head_addr = htx->end_addr = 0;
--- /dev/null
+commit 0ff395c154ad827c0c30eefc9371ba7f7c171027
+Author: Willy Tarreau <w@1wt.eu>
+Date: Tue Jul 30 11:59:34 2019 +0200
+
+ BUG/MAJOR: queue/threads: avoid an AB/BA locking issue in process_srv_queue()
+
+ A problem involving server slowstart was reported by @max2k1 in issue #197.
+ The problem is that pendconn_grab_from_px() takes the proxy lock while
+ already under the server's lock while process_srv_queue() first takes the
+ proxy's lock then the server's lock.
+
+ While the latter seems more natural, it is fundamentally incompatible with
+ mayn other operations performed on servers, namely state change propagation,
+ where the proxy is only known after the server and cannot be locked around
+ the servers. Howwever reversing the lock in process_srv_queue() is trivial
+ and only the few functions related to dynamic cookies need to be adjusted
+ for this so that the proxy's lock is taken for each server operation. This
+ is possible because the proxy's server list is built once at boot time and
+ remains stable. So this is what this patch does.
+
+ The comments in the proxy and server structs were updated to mention this
+ rule that the server's lock may not be taken under the proxy's lock but
+ may enclose it.
+
+ Another approach could consist in using a second lock for the proxy's queue
+ which would be different from the regular proxy's lock, but given that the
+ operations above are rare and operate on small servers list, there is no
+ reason for overdesigning a solution.
+
+ This fix was successfully tested with 10000 servers in a backend where
+ adjusting the dyncookies in loops over the CLI didn't have a measurable
+ impact on the traffic.
+
+ The only workaround without the fix is to disable any occurrence of
+ "slowstart" on server lines, or to disable threads using "nbthread 1".
+
+ This must be backported as far as 1.8.
+
+ (cherry picked from commit 5e83d996cf965ee5ac625f702a446f4d8c80a220)
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/include/types/proxy.h b/include/types/proxy.h
+index ca24dbfe..2518f88d 100644
+--- a/include/types/proxy.h
++++ b/include/types/proxy.h
+@@ -487,7 +487,7 @@ struct proxy {
+ * name is used
+ */
+ struct list filter_configs; /* list of the filters that are declared on this proxy */
+- __decl_hathreads(HA_SPINLOCK_T lock);
++ __decl_hathreads(HA_SPINLOCK_T lock); /* may be taken under the server's lock */
+ };
+
+ struct switching_rule {
+diff --git a/include/types/server.h b/include/types/server.h
+index 4a077268..e0534162 100644
+--- a/include/types/server.h
++++ b/include/types/server.h
+@@ -319,7 +319,7 @@ struct server {
+ } ssl_ctx;
+ #endif
+ struct dns_srvrq *srvrq; /* Pointer representing the DNS SRV requeest, if any */
+- __decl_hathreads(HA_SPINLOCK_T lock);
++ __decl_hathreads(HA_SPINLOCK_T lock); /* may enclose the proxy's lock, must not be taken under */
+ struct {
+ const char *file; /* file where the section appears */
+ struct eb32_node id; /* place in the tree of used IDs */
+diff --git a/src/proxy.c b/src/proxy.c
+index ae761ead..a537e0b1 100644
+--- a/src/proxy.c
++++ b/src/proxy.c
+@@ -1940,9 +1940,12 @@ static int cli_parse_enable_dyncookie_backend(char **args, char *payload, struct
+ if (!px)
+ return 1;
+
++ /* Note: this lock is to make sure this doesn't change while another
++ * thread is in srv_set_dyncookie().
++ */
+ HA_SPIN_LOCK(PROXY_LOCK, &px->lock);
+-
+ px->ck_opts |= PR_CK_DYNAMIC;
++ HA_SPIN_UNLOCK(PROXY_LOCK, &px->lock);
+
+ for (s = px->srv; s != NULL; s = s->next) {
+ HA_SPIN_LOCK(SERVER_LOCK, &s->lock);
+@@ -1950,8 +1953,6 @@ static int cli_parse_enable_dyncookie_backend(char **args, char *payload, struct
+ HA_SPIN_UNLOCK(SERVER_LOCK, &s->lock);
+ }
+
+- HA_SPIN_UNLOCK(PROXY_LOCK, &px->lock);
+-
+ return 1;
+ }
+
+@@ -1971,9 +1972,12 @@ static int cli_parse_disable_dyncookie_backend(char **args, char *payload, struc
+ if (!px)
+ return 1;
+
++ /* Note: this lock is to make sure this doesn't change while another
++ * thread is in srv_set_dyncookie().
++ */
+ HA_SPIN_LOCK(PROXY_LOCK, &px->lock);
+-
+ px->ck_opts &= ~PR_CK_DYNAMIC;
++ HA_SPIN_UNLOCK(PROXY_LOCK, &px->lock);
+
+ for (s = px->srv; s != NULL; s = s->next) {
+ HA_SPIN_LOCK(SERVER_LOCK, &s->lock);
+@@ -1984,8 +1988,6 @@ static int cli_parse_disable_dyncookie_backend(char **args, char *payload, struc
+ HA_SPIN_UNLOCK(SERVER_LOCK, &s->lock);
+ }
+
+- HA_SPIN_UNLOCK(PROXY_LOCK, &px->lock);
+-
+ return 1;
+ }
+
+@@ -2021,10 +2023,13 @@ static int cli_parse_set_dyncookie_key_backend(char **args, char *payload, struc
+ return 1;
+ }
+
++ /* Note: this lock is to make sure this doesn't change while another
++ * thread is in srv_set_dyncookie().
++ */
+ HA_SPIN_LOCK(PROXY_LOCK, &px->lock);
+-
+ free(px->dyncookie_key);
+ px->dyncookie_key = newkey;
++ HA_SPIN_UNLOCK(PROXY_LOCK, &px->lock);
+
+ for (s = px->srv; s != NULL; s = s->next) {
+ HA_SPIN_LOCK(SERVER_LOCK, &s->lock);
+@@ -2032,8 +2037,6 @@ static int cli_parse_set_dyncookie_key_backend(char **args, char *payload, struc
+ HA_SPIN_UNLOCK(SERVER_LOCK, &s->lock);
+ }
+
+- HA_SPIN_UNLOCK(PROXY_LOCK, &px->lock);
+-
+ return 1;
+ }
+
+diff --git a/src/queue.c b/src/queue.c
+index f4a94530..6aa54170 100644
+--- a/src/queue.c
++++ b/src/queue.c
+@@ -312,16 +312,16 @@ void process_srv_queue(struct server *s)
+ struct proxy *p = s->proxy;
+ int maxconn;
+
+- HA_SPIN_LOCK(PROXY_LOCK, &p->lock);
+ HA_SPIN_LOCK(SERVER_LOCK, &s->lock);
++ HA_SPIN_LOCK(PROXY_LOCK, &p->lock);
+ maxconn = srv_dynamic_maxconn(s);
+ while (s->served < maxconn) {
+ int ret = pendconn_process_next_strm(s, p);
+ if (!ret)
+ break;
+ }
+- HA_SPIN_UNLOCK(SERVER_LOCK, &s->lock);
+ HA_SPIN_UNLOCK(PROXY_LOCK, &p->lock);
++ HA_SPIN_UNLOCK(SERVER_LOCK, &s->lock);
+ }
+
+ /* Adds the stream <strm> to the pending connection queue of server <strm>->srv
+@@ -424,7 +424,8 @@ int pendconn_redistribute(struct server *s)
+ /* Check for pending connections at the backend, and assign some of them to
+ * the server coming up. The server's weight is checked before being assigned
+ * connections it may not be able to handle. The total number of transferred
+- * connections is returned.
++ * connections is returned. It must be called with the server lock held, and
++ * will take the proxy's lock.
+ */
+ int pendconn_grab_from_px(struct server *s)
+ {
+diff --git a/src/server.c b/src/server.c
+index a96f1ef6..236d6bae 100644
+--- a/src/server.c
++++ b/src/server.c
+@@ -125,7 +125,7 @@ static inline void srv_check_for_dup_dyncookie(struct server *s)
+ }
+
+ /*
+- * Must be called with the server lock held.
++ * Must be called with the server lock held, and will grab the proxy lock.
+ */
+ void srv_set_dyncookie(struct server *s)
+ {
+@@ -137,15 +137,17 @@ void srv_set_dyncookie(struct server *s)
+ int addr_len;
+ int port;
+
++ HA_SPIN_LOCK(PROXY_LOCK, &p->lock);
++
+ if ((s->flags & SRV_F_COOKIESET) ||
+ !(s->proxy->ck_opts & PR_CK_DYNAMIC) ||
+ s->proxy->dyncookie_key == NULL)
+- return;
++ goto out;
+ key_len = strlen(p->dyncookie_key);
+
+ if (s->addr.ss_family != AF_INET &&
+ s->addr.ss_family != AF_INET6)
+- return;
++ goto out;
+ /*
+ * Buffer to calculate the cookie value.
+ * The buffer contains the secret key + the server IP address
+@@ -174,7 +176,7 @@ void srv_set_dyncookie(struct server *s)
+ hash_value = XXH64(tmpbuf, buffer_len, 0);
+ memprintf(&s->cookie, "%016llx", hash_value);
+ if (!s->cookie)
+- return;
++ goto out;
+ s->cklen = 16;
+
+ /* Don't bother checking if the dyncookie is duplicated if
+@@ -183,6 +185,8 @@ void srv_set_dyncookie(struct server *s)
+ */
+ if (!(s->next_admin & SRV_ADMF_FMAINT))
+ srv_check_for_dup_dyncookie(s);
++ out:
++ HA_SPIN_UNLOCK(PROXY_LOCK, &p->lock);
+ }
+
+ /*
--- /dev/null
+commit da767eaaf6128eccd349a54ec6eac2a68dcacacb
+Author: Willy Tarreau <w@1wt.eu>
+Date: Wed Jul 31 19:15:45 2019 +0200
+
+ BUG/MINOR: debug: fix a small race in the thread dumping code
+
+ If a thread dump is requested from a signal handler, it may interrupt
+ a thread already waiting for a dump to complete, and may see the
+ threads_to_dump variable go to zero while others are waiting, steal
+ the lock and prevent other threads from ever completing. This tends
+ to happen when dumping many threads upon a watchdog timeout, to threads
+ waiting for their turn.
+
+ Instead now we proceed in two steps :
+ 1) the last dumped thread sets all bits again
+ 2) all threads only wait for their own bit to appear, then clear it
+ and quit
+
+ This way there's no risk that a bit performs a double flip in the same
+ loop and threads cannot get stuck here anymore.
+
+ This should be backported to 2.0 as it clarifies stack traces.
+
+ (cherry picked from commit c07736209db764fb2aef6f18ed3687a504c35771)
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/src/debug.c b/src/debug.c
+index 059bc6b9..07624ca5 100644
+--- a/src/debug.c
++++ b/src/debug.c
+@@ -440,8 +440,8 @@ void debug_handler(int sig, siginfo_t *si, void *arg)
+ * 1- wait for our turn, i.e. when all lower bits are gone.
+ * 2- perform the action if our bit is set
+ * 3- remove our bit to let the next one go, unless we're
+- * the last one and have to put them all but ours
+- * 4- wait for zero and clear our bit if it's set
++ * the last one and have to put them all as a signal
++ * 4- wait out bit to re-appear, then clear it and quit.
+ */
+
+ /* wait for all previous threads to finish first */
+@@ -454,7 +454,7 @@ void debug_handler(int sig, siginfo_t *si, void *arg)
+ ha_thread_dump(thread_dump_buffer, tid, thread_dump_tid);
+ if ((threads_to_dump & all_threads_mask) == tid_bit) {
+ /* last one */
+- HA_ATOMIC_STORE(&threads_to_dump, all_threads_mask & ~tid_bit);
++ HA_ATOMIC_STORE(&threads_to_dump, all_threads_mask);
+ thread_dump_buffer = NULL;
+ }
+ else
+@@ -462,14 +462,13 @@ void debug_handler(int sig, siginfo_t *si, void *arg)
+ }
+
+ /* now wait for all others to finish dumping. The last one will set all
+- * bits again to broadcast the leaving condition.
++ * bits again to broadcast the leaving condition so we'll see ourselves
++ * present again. This way the threads_to_dump variable never passes to
++ * zero until all visitors have stopped waiting.
+ */
+- while (threads_to_dump & all_threads_mask) {
+- if (threads_to_dump & tid_bit)
+- HA_ATOMIC_AND(&threads_to_dump, ~tid_bit);
+- else
+- ha_thread_relax();
+- }
++ while (!(threads_to_dump & tid_bit))
++ ha_thread_relax();
++ HA_ATOMIC_AND(&threads_to_dump, ~tid_bit);
+
+ /* mark the current thread as stuck to detect it upon next invocation
+ * if it didn't move.
--- /dev/null
+commit 445b2b7c52a13678241a190c4ff52e77a09ef0a6
+Author: Willy Tarreau <w@1wt.eu>
+Date: Wed Jul 31 19:20:39 2019 +0200
+
+ MINOR: wdt: also consider that waiting in the thread dumper is normal
+
+ It happens that upon looping threads the watchdog fires, starts a dump,
+ and other threads expire their budget while waiting for the other threads
+ to get dumped and trigger a watchdog event again, adding some confusion
+ to the traces. With this patch the situation becomes clearer as we export
+ the list of threads being dumped so that the watchdog can check it before
+ deciding to trigger. This way such threads in queue for being dumped are
+ not attempted to be reported in turn.
+
+ This should be backported to 2.0 as it helps understand stack traces.
+
+ (cherry picked from commit a37cb1880c81b1f038e575d88ba7210aea0b7b8f)
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/include/common/debug.h b/include/common/debug.h
+index 333203dd..f43258e9 100644
+--- a/include/common/debug.h
++++ b/include/common/debug.h
+@@ -70,6 +70,7 @@
+
+ struct task;
+ struct buffer;
++extern volatile unsigned long threads_to_dump;
+ void ha_task_dump(struct buffer *buf, const struct task *task, const char *pfx);
+ void ha_thread_dump(struct buffer *buf, int thr, int calling_tid);
+ void ha_thread_dump_all_to_trash();
+diff --git a/src/debug.c b/src/debug.c
+index 07624ca5..3077e97c 100644
+--- a/src/debug.c
++++ b/src/debug.c
+@@ -29,6 +29,11 @@
+ #include <proto/stream_interface.h>
+ #include <proto/task.h>
+
++/* mask of threads still having to dump, used to respect ordering. Only used
++ * when USE_THREAD_DUMP is set.
++ */
++volatile unsigned long threads_to_dump = 0;
++
+ /* Dumps to the buffer some known information for the desired thread, and
+ * optionally extra info for the current thread. The dump will be appended to
+ * the buffer, so the caller is responsible for preliminary initializing it.
+@@ -405,9 +410,6 @@ void ha_thread_dump_all_to_trash()
+ */
+ #define DEBUGSIG SIGURG
+
+-/* mask of threads still having to dump, used to respect ordering */
+-static volatile unsigned long threads_to_dump;
+-
+ /* ID of the thread requesting the dump */
+ static unsigned int thread_dump_tid;
+
+diff --git a/src/wdt.c b/src/wdt.c
+index 19d36c34..aa89fd44 100644
+--- a/src/wdt.c
++++ b/src/wdt.c
+@@ -75,7 +75,7 @@ void wdt_handler(int sig, siginfo_t *si, void *arg)
+ if (n - p < 1000000000UL)
+ goto update_and_leave;
+
+- if ((threads_harmless_mask|sleeping_thread_mask) & (1UL << thr)) {
++ if ((threads_harmless_mask|sleeping_thread_mask|threads_to_dump) & (1UL << thr)) {
+ /* This thread is currently doing exactly nothing
+ * waiting in the poll loop (unlikely but possible),
+ * waiting for all other threads to join the rendez-vous
--- /dev/null
+commit 0fc2d46fabb2b9317daf7030162e828c7e1684d5
+Author: Christopher Faulet <cfaulet@haproxy.com>
+Date: Thu Aug 1 10:09:29 2019 +0200
+
+ BUG/MEDIUM: lb-chash: Ensure the tree integrity when server weight is increased
+
+ When the server weight is increased in consistant hash, extra nodes have to be
+ allocated. So a realloc() is performed on the nodes array of the server. the
+ previous commit 962ea7732 ("BUG/MEDIUM: lb-chash: Remove all server's entries
+ before realloc() to re-insert them after") have fixed the size used during the
+ realloc() to avoid segfaults. But another bug remains. After the realloc(), the
+ memory area allocated for the nodes array may change, invalidating all node
+ addresses in the chash tree.
+
+ So, to fix the bug, we must remove all server's entries from the chash tree
+ before the realloc to insert all of them after, old nodes and new ones. The
+ insert will be automatically handled by the loop at the end of the function
+ chash_queue_dequeue_srv().
+
+ Note that if the call to realloc() failed, no new entries will be created for
+ the server, so the effective server weight will be unchanged.
+
+ This issue was reported on Github (#189).
+
+ This patch must be backported to all versions since the 1.6.
+
+ (cherry picked from commit 0a52c17f819a5b0a17718b605bdd990b9e2b58e6)
+ Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
+
+diff --git a/src/lb_chash.c b/src/lb_chash.c
+index 0bf4e81a..23448df8 100644
+--- a/src/lb_chash.c
++++ b/src/lb_chash.c
+@@ -84,8 +84,13 @@ static inline void chash_queue_dequeue_srv(struct server *s)
+ * increased the weight beyond the original weight
+ */
+ if (s->lb_nodes_tot < s->next_eweight) {
+- struct tree_occ *new_nodes = realloc(s->lb_nodes, s->next_eweight * sizeof(*new_nodes));
++ struct tree_occ *new_nodes;
+
++ /* First we need to remove all server's entries from its tree
++ * because the realloc will change all nodes pointers */
++ chash_dequeue_srv(s);
++
++ new_nodes = realloc(s->lb_nodes, s->next_eweight * sizeof(*new_nodes));
+ if (new_nodes) {
+ unsigned int j;
+
+@@ -494,7 +499,6 @@ void chash_init_server_tree(struct proxy *p)
+ srv->lb_nodes_tot = srv->uweight * BE_WEIGHT_SCALE;
+ srv->lb_nodes_now = 0;
+ srv->lb_nodes = calloc(srv->lb_nodes_tot, sizeof(struct tree_occ));
+-
+ for (node = 0; node < srv->lb_nodes_tot; node++) {
+ srv->lb_nodes[node].server = srv;
+ srv->lb_nodes[node].node.key = full_hash(srv->puid * SRV_EWGHT_RANGE + node);
--- /dev/null
+commit c0968f59b723dfa9effa63ac28b59642b11c6b8b
+Author: Richard Russo <russor@whatsapp.com>
+Date: Wed Jul 31 11:45:56 2019 -0700
+
+ BUG/MAJOR: http/sample: use a static buffer for raw -> htx conversion
+
+ Multiple calls to smp_fetch_fhdr use the header context to keep track of
+ header parsing position; however, when using header sampling on a raw
+ connection, the raw buffer is converted into an HTX structure each time, and
+ this was done in the trash areas; so the block reference would be invalid on
+ subsequent calls.
+
+ This patch must be backported to 2.0 and 1.9.
+
+ (cherry picked from commit 458eafb36df88932a02d1ce7ca31832abf11b8b3)
+ Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
+
+diff --git a/src/http_fetch.c b/src/http_fetch.c
+index 67ea2094..e372a122 100644
+--- a/src/http_fetch.c
++++ b/src/http_fetch.c
+@@ -46,10 +46,40 @@
+ /* this struct is used between calls to smp_fetch_hdr() or smp_fetch_cookie() */
+ static THREAD_LOCAL struct hdr_ctx static_hdr_ctx;
+ static THREAD_LOCAL struct http_hdr_ctx static_http_hdr_ctx;
++/* this is used to convert raw connection buffers to htx */
++static THREAD_LOCAL struct buffer static_raw_htx_chunk;
++static THREAD_LOCAL char *static_raw_htx_buf;
+
+ #define SMP_REQ_CHN(smp) (smp->strm ? &smp->strm->req : NULL)
+ #define SMP_RES_CHN(smp) (smp->strm ? &smp->strm->res : NULL)
+
++/* This function returns the static htx chunk, where raw connections get
++ * converted to HTX as needed for samplxsing.
++ */
++struct buffer *get_raw_htx_chunk(void)
++{
++ chunk_reset(&static_raw_htx_chunk);
++ return &static_raw_htx_chunk;
++}
++
++static int alloc_raw_htx_chunk_per_thread()
++{
++ static_raw_htx_buf = malloc(global.tune.bufsize);
++ if (!static_raw_htx_buf)
++ return 0;
++ chunk_init(&static_raw_htx_chunk, static_raw_htx_buf, global.tune.bufsize);
++ return 1;
++}
++
++static void free_raw_htx_chunk_per_thread()
++{
++ free(static_raw_htx_buf);
++ static_raw_htx_buf = NULL;
++}
++
++REGISTER_PER_THREAD_ALLOC(alloc_raw_htx_chunk_per_thread);
++REGISTER_PER_THREAD_FREE(free_raw_htx_chunk_per_thread);
++
+ /*
+ * Returns the data from Authorization header. Function may be called more
+ * than once so data is stored in txn->auth_data. When no header is found
+@@ -265,7 +295,7 @@ struct htx *smp_prefetch_htx(struct sample *smp, struct channel *chn, int vol)
+ else if (h1m.flags & H1_MF_CLEN)
+ flags |= HTX_SL_F_CLEN;
+
+- htx = htx_from_buf(get_trash_chunk());
++ htx = htx_from_buf(get_raw_htx_chunk());
+ sl = htx_add_stline(htx, HTX_BLK_REQ_SL, flags, h1sl.rq.m, h1sl.rq.u, h1sl.rq.v);
+ if (!sl || !htx_add_all_headers(htx, hdrs))
+ return NULL;
--- /dev/null
+commit 7343c710152c586a232a194ef37a56af636d6a56
+Author: Willy Tarreau <w@1wt.eu>
+Date: Thu Aug 1 18:51:38 2019 +0200
+
+ BUG/MINOR: stream-int: also update analysers timeouts on activity
+
+ Between 1.6 and 1.7, some parts of the stream forwarding process were
+ moved into lower layers and the stream-interface had to keep the
+ stream's task up to date regarding the timeouts. The analyser timeouts
+ were not updated there as it was believed this was not needed during
+ forwarding, but actually there is a case for this which is "option
+ contstats" which periodically triggers the analyser timeout, and this
+ change broke the option in case of sustained traffic (if there is some
+ I/O activity during the same millisecond as the timeout expires, then
+ the update will be missed).
+
+ This patch simply brings back the analyser expiration updates from
+ process_stream() to stream_int_notify().
+
+ It may be backported as far as 1.7, taking care to adjust the fields
+ names if needed.
+
+ (cherry picked from commit 45bcb37f0f8fa1e16dd9358a59dc280a38834dcd)
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/src/stream_interface.c b/src/stream_interface.c
+index 9b9a8e9f..7d89cc90 100644
+--- a/src/stream_interface.c
++++ b/src/stream_interface.c
+@@ -558,6 +558,16 @@ static void stream_int_notify(struct stream_interface *si)
+ task->expire = tick_first((tick_is_expired(task->expire, now_ms) ? 0 : task->expire),
+ tick_first(tick_first(ic->rex, ic->wex),
+ tick_first(oc->rex, oc->wex)));
++
++ task->expire = tick_first(task->expire, ic->analyse_exp);
++ task->expire = tick_first(task->expire, oc->analyse_exp);
++
++ if (si->exp)
++ task->expire = tick_first(task->expire, si->exp);
++
++ if (sio->exp)
++ task->expire = tick_first(task->expire, sio->exp);
++
+ task_queue(task);
+ }
+ if (ic->flags & CF_READ_ACTIVITY)
--- /dev/null
+commit a8fcdacb8cc0dddec72b1ddc4d9afc92d3684acd
+Author: Willy Tarreau <w@1wt.eu>
+Date: Fri Aug 2 07:48:47 2019 +0200
+
+ BUG/MEDIUM: mux-h2: unbreak receipt of large DATA frames
+
+ Recent optimization in commit 4d7a88482 ("MEDIUM: mux-h2: don't try to
+ read more than needed") broke the receipt of large DATA frames because
+ it would unconditionally subscribe if there was some room left, thus
+ preventing any new rx from being done since subscription may only be
+ done once the end was reached, as indicated by ret == 0.
+
+ However, fixing this uncovered that in HTX mode previous versions might
+ occasionally be affected as well, when an available frame is the same
+ size as the maximum data that may fit into an HTX buffer, we may end
+ up reading that whole frame and still subscribe since it's still allowed
+ to receive, thus causing issues to read the next frame.
+
+ This patch will only work for 2.1-dev but a minor adaptation will be
+ needed for earlier versions (down to 1.9, where subscribe() was added).
+
+ (cherry picked from commit 9bc1c95855b9c6300de5ecf3720cbe4b2558c5a1)
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/src/mux_h2.c b/src/mux_h2.c
+index 5bb85181..d605fe94 100644
+--- a/src/mux_h2.c
++++ b/src/mux_h2.c
+@@ -2766,7 +2766,7 @@ static int h2_recv(struct h2c *h2c)
+ ret = 0;
+ } while (ret > 0);
+
+- if (h2_recv_allowed(h2c) && (b_data(buf) < buf->size))
++ if (max && !ret && h2_recv_allowed(h2c))
+ conn->xprt->subscribe(conn, conn->xprt_ctx, SUB_RETRY_RECV, &h2c->wait_event);
+
+ if (!b_data(buf)) {
--- /dev/null
+commit 5a9c875f0f1ee83bd5889dd1ad53e9da43e6c34e
+Author: Willy Tarreau <w@1wt.eu>
+Date: Fri Aug 2 07:52:08 2019 +0200
+
+ BUG/MEDIUM: mux-h2: split the stream's and connection's window sizes
+
+ The SETTINGS frame parser updates all streams' window for each
+ INITIAL_WINDOW_SIZE setting received on the connection (like h2spec
+ does in test 6.5.3), which can start to be expensive if repeated when
+ there are many streams (up to 100 by default). A quick test shows that
+ it's possible to parse only 35000 settings per second on a 3 GHz core
+ for 100 streams, which is rather small.
+
+ Given that window sizes are relative and may be negative, there's no
+ point in pre-initializing them for each stream and update them from
+ the settings. Instead, let's make them relative to the connection's
+ initial window size so that any change immediately affects all streams.
+ The only thing that remains needed is to wake up the streams that were
+ unblocked by the update, which is now done once at the end of
+ h2_process_demux() instead of once per setting. This now results in
+ 5.7 million settings being processed per second, which is way better.
+
+ In order to keep the change small, the h2s' mws field was renamed to
+ "sws" for "stream window size", and an h2s_mws() function was added
+ to add it to the connection's initial window setting and determine the
+ window size to use when muxing. The h2c_update_all_ws() function was
+ renamed to h2c_unblock_sfctl() since it's now only used to unblock
+ previously blocked streams.
+
+ This needs to be backported to all versions till 1.8.
+
+ (cherry picked from commit 1d4a0f88100daeb17dd0c9470c659b1ec288bc07)
+ [wt: context adjustment, port to legacy parts]
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/src/mux_h2.c b/src/mux_h2.c
+index d605fe94..f90e9435 100644
+--- a/src/mux_h2.c
++++ b/src/mux_h2.c
+@@ -208,7 +208,7 @@ struct h2s {
+ struct eb32_node by_id; /* place in h2c's streams_by_id */
+ int32_t id; /* stream ID */
+ uint32_t flags; /* H2_SF_* */
+- int mws; /* mux window size for this stream */
++ int sws; /* stream window size, to be added to the mux's initial window size */
+ enum h2_err errcode; /* H2 err code (H2_ERR_*) */
+ enum h2_ss st;
+ uint16_t status; /* HTTP response status */
+@@ -707,6 +707,14 @@ static inline __maybe_unused int h2s_id(const struct h2s *h2s)
+ return h2s ? h2s->id : 0;
+ }
+
++/* returns the sum of the stream's own window size and the mux's initial
++ * window, which together form the stream's effective window size.
++ */
++static inline int h2s_mws(const struct h2s *h2s)
++{
++ return h2s->sws + h2s->h2c->miw;
++}
++
+ /* returns true of the mux is currently busy as seen from stream <h2s> */
+ static inline __maybe_unused int h2c_mux_busy(const struct h2c *h2c, const struct h2s *h2s)
+ {
+@@ -945,7 +953,7 @@ static struct h2s *h2s_new(struct h2c *h2c, int id)
+ LIST_INIT(&h2s->sending_list);
+ h2s->h2c = h2c;
+ h2s->cs = NULL;
+- h2s->mws = h2c->miw;
++ h2s->sws = 0;
+ h2s->flags = H2_SF_NONE;
+ h2s->errcode = H2_ERR_NO_ERROR;
+ h2s->st = H2_SS_IDLE;
+@@ -1543,30 +1551,23 @@ static void h2_wake_some_streams(struct h2c *h2c, int last)
+ }
+ }
+
+-/* Increase all streams' outgoing window size by the difference passed in
+- * argument. This is needed upon receipt of the settings frame if the initial
+- * window size is different. The difference may be negative and the resulting
+- * window size as well, for the time it takes to receive some window updates.
++/* Wake up all blocked streams whose window size has become positive after the
++ * mux's initial window was adjusted. This should be done after having processed
++ * SETTINGS frames which have updated the mux's initial window size.
+ */
+-static void h2c_update_all_ws(struct h2c *h2c, int diff)
++static void h2c_unblock_sfctl(struct h2c *h2c)
+ {
+ struct h2s *h2s;
+ struct eb32_node *node;
+
+- if (!diff)
+- return;
+-
+ node = eb32_first(&h2c->streams_by_id);
+ while (node) {
+ h2s = container_of(node, struct h2s, by_id);
+- h2s->mws += diff;
+-
+- if (h2s->mws > 0 && (h2s->flags & H2_SF_BLK_SFCTL)) {
++ if (h2s->flags & H2_SF_BLK_SFCTL && h2s_mws(h2s) > 0) {
+ h2s->flags &= ~H2_SF_BLK_SFCTL;
+ if (h2s->send_wait && !LIST_ADDED(&h2s->list))
+ LIST_ADDQ(&h2c->send_list, &h2s->list);
+ }
+-
+ node = eb32_next(node);
+ }
+ }
+@@ -1607,7 +1608,6 @@ static int h2c_handle_settings(struct h2c *h2c)
+ error = H2_ERR_FLOW_CONTROL_ERROR;
+ goto fail;
+ }
+- h2c_update_all_ws(h2c, arg - h2c->miw);
+ h2c->miw = arg;
+ break;
+ case H2_SETTINGS_MAX_FRAME_SIZE:
+@@ -1869,13 +1869,13 @@ static int h2c_handle_window_update(struct h2c *h2c, struct h2s *h2s)
+ goto strm_err;
+ }
+
+- if (h2s->mws >= 0 && h2s->mws + inc < 0) {
++ if (h2s_mws(h2s) >= 0 && h2s_mws(h2s) + inc < 0) {
+ error = H2_ERR_FLOW_CONTROL_ERROR;
+ goto strm_err;
+ }
+
+- h2s->mws += inc;
+- if (h2s->mws > 0 && (h2s->flags & H2_SF_BLK_SFCTL)) {
++ h2s->sws += inc;
++ if (h2s_mws(h2s) > 0 && (h2s->flags & H2_SF_BLK_SFCTL)) {
+ h2s->flags &= ~H2_SF_BLK_SFCTL;
+ if (h2s->send_wait && !LIST_ADDED(&h2s->list))
+ LIST_ADDQ(&h2c->send_list, &h2s->list);
+@@ -2237,6 +2237,7 @@ static void h2_process_demux(struct h2c *h2c)
+ struct h2s *h2s = NULL, *tmp_h2s;
+ struct h2_fh hdr;
+ unsigned int padlen = 0;
++ int32_t old_iw = h2c->miw;
+
+ if (h2c->st0 >= H2_CS_ERROR)
+ return;
+@@ -2625,6 +2626,9 @@ static void h2_process_demux(struct h2c *h2c)
+ h2s_notify_recv(h2s);
+ }
+
++ if (old_iw != h2c->miw)
++ h2c_unblock_sfctl(h2c);
++
+ h2c_restart_reading(h2c, 0);
+ }
+
+@@ -4259,8 +4263,8 @@ static size_t h2s_frt_make_resp_data(struct h2s *h2s, const struct buffer *buf,
+ if (size > max)
+ size = max;
+
+- if (size > h2s->mws)
+- size = h2s->mws;
++ if (size > h2s_mws(h2s))
++ size = h2s_mws(h2s);
+
+ if (size <= 0) {
+ h2s->flags |= H2_SF_BLK_SFCTL;
+@@ -4362,7 +4366,7 @@ static size_t h2s_frt_make_resp_data(struct h2s *h2s, const struct buffer *buf,
+ ofs += size;
+ total += size;
+ h1m->curr_len -= size;
+- h2s->mws -= size;
++ h2s->sws -= size;
+ h2c->mws -= size;
+
+ if (size && !h1m->curr_len && (h1m->flags & H1_MF_CHNK)) {
+@@ -4390,7 +4394,7 @@ static size_t h2s_frt_make_resp_data(struct h2s *h2s, const struct buffer *buf,
+ }
+
+ end:
+- trace("[%d] sent simple H2 DATA response (sid=%d) = %d bytes out (%u in, st=%s, ep=%u, es=%s, h2cws=%d h2sws=%d) data=%u", h2c->st0, h2s->id, size+9, (unsigned int)total, h1m_state_str(h1m->state), h1m->err_pos, h1m_state_str(h1m->err_state), h2c->mws, h2s->mws, (unsigned int)b_data(buf));
++ trace("[%d] sent simple H2 DATA response (sid=%d) = %d bytes out (%u in, st=%s, ep=%u, es=%s, h2cws=%d h2sws=%d) data=%u", h2c->st0, h2s->id, size+9, (unsigned int)total, h1m_state_str(h1m->state), h1m->err_pos, h1m_state_str(h1m->err_state), h2c->mws, h2s_mws(h2s), (unsigned int)b_data(buf));
+ return total;
+ }
+
+@@ -4937,7 +4941,7 @@ static size_t h2s_htx_frt_make_resp_data(struct h2s *h2s, struct buffer *buf, si
+ */
+ if (unlikely(fsize == count &&
+ htx->used == 1 && type == HTX_BLK_DATA &&
+- fsize <= h2s->mws && fsize <= h2c->mws && fsize <= h2c->mfs)) {
++ fsize <= h2s_mws(h2s) && fsize <= h2c->mws && fsize <= h2c->mfs)) {
+ void *old_area = mbuf->area;
+
+ if (b_data(mbuf)) {
+@@ -4972,7 +4976,7 @@ static size_t h2s_htx_frt_make_resp_data(struct h2s *h2s, struct buffer *buf, si
+ h2_set_frame_size(outbuf.area, fsize);
+
+ /* update windows */
+- h2s->mws -= fsize;
++ h2s->sws -= fsize;
+ h2c->mws -= fsize;
+
+ /* and exchange with our old area */
+@@ -5024,7 +5028,7 @@ static size_t h2s_htx_frt_make_resp_data(struct h2s *h2s, struct buffer *buf, si
+ if (!fsize)
+ goto send_empty;
+
+- if (h2s->mws <= 0) {
++ if (h2s_mws(h2s) <= 0) {
+ h2s->flags |= H2_SF_BLK_SFCTL;
+ if (LIST_ADDED(&h2s->list))
+ LIST_DEL_INIT(&h2s->list);
+@@ -5034,8 +5038,8 @@ static size_t h2s_htx_frt_make_resp_data(struct h2s *h2s, struct buffer *buf, si
+ if (fsize > count)
+ fsize = count;
+
+- if (fsize > h2s->mws)
+- fsize = h2s->mws; // >0
++ if (fsize > h2s_mws(h2s))
++ fsize = h2s_mws(h2s); // >0
+
+ if (h2c->mfs && fsize > h2c->mfs)
+ fsize = h2c->mfs; // >0
+@@ -5071,7 +5075,7 @@ static size_t h2s_htx_frt_make_resp_data(struct h2s *h2s, struct buffer *buf, si
+
+ /* now let's copy this this into the output buffer */
+ memcpy(outbuf.area + 9, htx_get_blk_ptr(htx, blk), fsize);
+- h2s->mws -= fsize;
++ h2s->sws -= fsize;
+ h2c->mws -= fsize;
+ count -= fsize;
+
--- /dev/null
+--- a/Makefile
++++ b/Makefile
+@@ -327,6 +327,15 @@ ifeq ($(TARGET),linux-glibc)
+ USE_GETADDRINFO)
+ endif
+
++# For linux >= 2.6.28 and uclibc
++ifeq ($(TARGET),linux-uclibc)
++ set_target_defaults = $(call default_opts, \
++ USE_POLL USE_TPROXY USE_DL USE_RT USE_NETFILTER \
++ USE_CPU_AFFINITY USE_THREAD USE_EPOLL USE_FUTEX USE_LINUX_TPROXY \
++ USE_ACCEPT4 USE_LINUX_SPLICE USE_PRCTL USE_THREAD_DUMP USE_NS USE_TFO \
++ USE_GETADDRINFO)
++endif
++
+ # Solaris 8 and above
+ ifeq ($(TARGET),solaris)
+ # We also enable getaddrinfo() which works since solaris 8.
--- /dev/null
+--- a/include/common/openssl-compat.h
++++ b/include/common/openssl-compat.h
+@@ -217,7 +217,8 @@ static inline int EVP_PKEY_base_id(EVP_PKEY *pkey)
+ #define TLSEXT_signature_ecdsa 3
+ #endif
+
+-#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || (LIBRESSL_VERSION_NUMBER < 0x20700000L)
++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || \
++ (defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER < 0x20700000L))
+ #define X509_getm_notBefore X509_get_notBefore
+ #define X509_getm_notAfter X509_get_notAfter
+ #endif
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/cmake.mk
+CMAKE_OPTIONS += -DCLANG_TIDY_EXE=
+
define Package/https_dns_proxy
SECTION:=net
CATEGORY:=Network
include $(TOPDIR)/rules.mk
PKG_NAME:=i2pd
-PKG_VERSION:=2.24.0
+PKG_VERSION:=2.26.0
PKG_RELEASE:=1
PKG_BUILD_PARALLEL:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/PurpleI2P/i2pd/tar.gz/$(PKG_VERSION)?
-PKG_HASH:=809b37100f0f176432b01ab6edee96dc62b0f65d5bf7531e008a87117e742566
+PKG_HASH:=2ae18978c8796bb6b45bc8cfe4e1f25377e0cfc9fcf9f46054b09dc3384eef63
PKG_MAINTAINER:=David Yang <mmyangfl@gmail.com>
PKG_LICENSE:=BSD-3-Clause
-start_service() {
+i2pd_start() {
+ local cfg="$1"
local data_dir
local addressbook_dir
- config_load i2pd
-
- config_get data_dir i2pd data_dir
- config_get addressbook_dir i2pd addressbook_dir
+ config_get data_dir "$cfg" data_dir
+ config_get addressbook_dir "$cfg" addressbook_dir
## Setting up data dir
if [ ! -d "$data_dir" ]; then
procd_set_param pidfile "$PIDFILE"
procd_close_instance
}
+
+
+start_service() {
+ local instance="$1"
+ local instance_found=0
+
+ config_cb() {
+ local type="$1"
+ local name="$2"
+ if [ "$type" = "i2pd" ]; then
+ if [ -n "$instance" ] && [ "$instance" = "$name" ]; then
+ instance_found=1
+ fi
+ fi
+ }
+
+ config_load i2pd
+
+ if [ -n "$instance" ]; then
+ [ "$instance_found" -gt 0 ] || return
+ i2pd_start "$instance"
+ else
+ config_foreach i2pd_start i2pd
+ fi
+}
PKG_HASH:=7dcd9f0f48263c6b27a2c3d085dd7278b5c0feed1dfec8872a04899707fa23d8
PKG_USE_MIPS16:=0
-PKG_BUILD_DEPENDS:=boost
+PKG_BUILD_DEPENDS:=boost python/host
PKG_MAINTAINER:=Hauke Mehrtens <hauke.mehrtens@intel.com>
define Build/Configure
(cd $(PKG_BUILD_DIR); \
$(SCONS_VARS) \
- scons \
+ python2.7 $(STAGING_DIR_HOST)/bin/scons.py \
$(SCONS_OPTIONS) \
)
endef
--- /dev/null
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=kcptun
+PKG_VERSION:=20190725
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://codeload.github.com/xtaci/kcptun/tar.gz/v${PKG_VERSION}?
+PKG_HASH:=65c0d0d4f7e3bb3c3b91e23ff2eb6621455d6d376a4f17e6fb2017337ce711c1
+
+PKG_MAINTAINER:=Dengfeng Liu <liudf0716@gmail.com>
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=LICENSE
+
+PKG_BUILD_DEPENDS:=golang/host
+PKG_BUILD_PARALLEL:=1
+PKG_USE_MIPS16:=0
+
+GO_PKG:=github.com/xtaci/kcptun
+
+include $(INCLUDE_DIR)/package.mk
+include ../../lang/golang/golang-package.mk
+
+define Package/kcptun/template
+ SECTION:=net
+ CATEGORY:=Network
+ SUBMENU:=Web Servers/Proxies
+ TITLE:=KCP-based Secure Tunnel
+ URL:=https://github.com/xtaci/kcptun
+ DEPENDS:=$(GO_ARCH_DEPENDS)
+endef
+
+define Package/kcptun-c
+ $(call Package/kcptun/template)
+ TITLE+= (client)
+endef
+
+define Package/kcptun-s
+ $(call Package/kcptun/template)
+ TITLE+= (server)
+endef
+
+define Package/kcptun/description
+ kcptun is a Stable & Secure Tunnel Based On KCP with N:M Multiplexing
+endef
+Package/kcptun-c/description = $(Package/kcptun/description)
+Package/kcptun-s/description = $(Package/kcptun/description)
+
+GO_PKG_LDFLAGS_X:=main.VERSION=$(PKG_VERSION)
+GO_PKG_LDFLAGS:=-s -w
+
+define Package/kcptun/install
+ $(call GoPackage/Package/Install/Bin,$(PKG_INSTALL_DIR))
+
+ $(INSTALL_DIR) $(1)/usr/bin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/$(2) $(1)/usr/bin/$(3)
+ $(INSTALL_DIR) $(1)/etc/config/
+ $(INSTALL_CONF) ./files/$(3).conf $(1)/etc/config/$(3)
+ $(INSTALL_DIR) $(1)/etc/init.d/
+ $(INSTALL_BIN) ./files/$(3).init $(1)/etc/init.d/$(3)
+endef
+
+define Package/kcptun-c/install
+ $(call Package/kcptun/install,$(1),client,kcptun-c)
+endef
+
+define Package/kcptun-s/install
+ $(call Package/kcptun/install,$(1),server,kcptun-s)
+endef
+
+$(eval $(call GoBinPackage,kcptun-c))
+$(eval $(call BuildPackage,kcptun-c))
+$(eval $(call GoBinPackage,kcptun-s))
+$(eval $(call BuildPackage,kcptun-s))
--- /dev/null
+config kcptun
+ option local_port 12948 # this port should be your service port
+ option remote_ip 'your vps ip'
+ option remote_port 29900
+ option mode 'fast'
+ option nocomp 1
+ option sndwnd 128
+ option rcvwnd 512
+ option disabled 1 # set 0 to enable it
--- /dev/null
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2019 Dengfeng Liu
+
+START=99
+
+USE_PROCD=1
+NAME=kcptun-c
+PROG=/usr/bin/${NAME}
+
+validate_section_kcptun()
+{
+ uci_load_validate "${NAME}" kcptun "$1" "$2" \
+ 'local_port:port' \
+ 'remote_ip:string' \
+ 'remote_port:port' \
+ 'mode:string' \
+ 'nocomp:bool' \
+ 'sndwnd:uinteger' \
+ 'rcvwnd:uinteger' \
+ 'disabled:bool'
+}
+
+kcptun_instance()
+{
+ [ "$2" = 0 ] || {
+ echo "validation failed"
+ return 1
+ }
+
+ [ "${disabled}" = "1" ] && return 1
+
+ [ "${local_port}" -gt 0 ] && [ "${local_port}" -lt 65536 ] || return 1
+
+ [ "${remote_port}" -gt 0 ] && [ "${remote_port}" -lt 65536 ] || return 1
+
+ [ -n "${remote_ip}" ] || {
+ return 1
+ }
+
+ procd_open_instance
+ procd_set_param command "${PROG}"
+ procd_append_param command --localaddr ":${local_port}"
+ procd_append_param command --remoteaddr "${remote_ip}:${remote_port}"
+ [ -n "${mode}" ] && procd_append_param command --mode "${mode}"
+ [ "${nocomp}" -eq 1 ] && procd_append_param command --nocomp
+ [ "${sndwnd}" -gt 0 ] && procd_append_param command --sndwnd "${sndwnd}"
+ [ "${rcvwnd}" -gt 0 ] && procd_append_param command --rcvwnd "${rcvwnd}"
+ procd_set_param respawn
+ procd_close_instance
+}
+
+start_service()
+{
+ config_load "${NAME}"
+ config_foreach validate_section_kcptun kcptun kcptun_instance
+}
--- /dev/null
+config kcptun
+ option local_port 29900
+ option target_ip '127.0.0.1'
+ option target_port 12948 # this port should be your service port
+ option mode 'fast'
+ option nocomp 1
+ option sndwnd 1024
+ option rcvwnd 1024
+ option disabled 1 # set 0 to enable it
--- /dev/null
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2019 Dengfeng Liu
+
+START=99
+
+USE_PROCD=1
+NAME=kcptun-s
+PROG=/usr/bin/${NAME}
+
+validate_section_kcptun()
+{
+ uci_load_validate "${NAME}" kcptun "$1" "$2" \
+ 'local_port:port' \
+ 'target_ip:string' \
+ 'target_port:port' \
+ 'mode:string' \
+ 'nocomp:bool' \
+ 'sndwnd:uinteger' \
+ 'rcvwnd:uinteger' \
+ 'disabled:bool'
+}
+
+kcptun_instance()
+{
+ [ "$2" = 0 ] || {
+ echo "validation failed"
+ return 1
+ }
+
+ [ "${disabled}" = "1" ] && return 1
+
+ [ "${local_port}" -gt 0 ] && [ "${local_port}" -lt 65536 ] || return 1
+
+ [ "${target_port}" -gt 0 ] && [ "${target_port}" -lt 65536 ] || return 1
+
+ [ -n "${target_ip}" ] || {
+ return 1
+ }
+
+ procd_open_instance
+ procd_set_param command "${PROG}"
+ procd_append_param command --listen ":${local_port}"
+ procd_append_param command --target "${target_ip}:${target_port}"
+ [ -n "${mode}" ] && procd_append_param command --mode "${mode}"
+ [ "${nocomp}" -eq 1 ] && procd_append_param command --nocomp
+ [ "${sndwnd}" -gt 0 ] && procd_append_param command --sndwnd "${sndwnd}"
+ [ "${rcvwnd}" -gt 0 ] && procd_append_param command --rcvwnd "${rcvwnd}"
+ procd_set_param respawn
+ procd_close_instance
+}
+
+start_service()
+{
+ config_load "${NAME}"
+ config_foreach validate_section_kcptun kcptun kcptun_instance
+}
include $(TOPDIR)/rules.mk
PKG_NAME:=keepalived
-PKG_VERSION:=2.0.16
+PKG_VERSION:=2.0.18
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.keepalived.org/software
-PKG_HASH:=f0c7dc86147a286913c1c2c918f557735016285d25779d4d2fce5732fcb888df
+PKG_HASH:=1423a2b1b8e541211029b9e1e1452e683bbe5f4b0b287eddd609aaf5ff024fd0
PKG_CPE_ID:=cpe:/a:keepalived:keepalived
PKG_LICENSE:=GPL-2.0+
KEEPALIVED_CONF=/tmp/keepalived.conf
-INDENT_1=\\t
-INDENT_2=$INDENT_1$INDENT_1
-INDENT_3=$INDENT_1$INDENT_1$INDENT_1
-INDENT_4=$INDENT_1$INDENT_1$INDENT_1$INDENT_1
+INDENT_1="\t"
+INDENT_2="${INDENT_1}${INDENT_1}"
+INDENT_3="${INDENT_1}${INDENT_1}${INDENT_1}"
+INDENT_4="${INDENT_1}${INDENT_1}${INDENT_1}${INDENT_1}"
config_section_open() {
- local tag=$1
- local name=$2
+ local tag="$1"
+ local name="$2"
- printf "$tag" >> $KEEPALIVED_CONF
- [ -n "$name" ] && printf " $name" >> $KEEPALIVED_CONF
- printf " {\n" >> $KEEPALIVED_CONF
+ printf '%s' "$tag" >> "$KEEPALIVED_CONF"
+ [ -n "$name" ] && printf ' %s' "$name" >> "$KEEPALIVED_CONF"
+ printf ' {\n' >> "$KEEPALIVED_CONF"
}
config_section_close() {
- printf "}\n\n" >> $KEEPALIVED_CONF
+ printf '}\n\n' >> "$KEEPALIVED_CONF"
}
config_foreach_wrapper() {
- local section=$1
- local function=$1
+ local section="$1"
+ local function="$1"
# Convention is that 'function' and 'section' are the same
- config_foreach $function $section
+ config_foreach "$function" "$section"
}
print_elems_indent() {
- local config=$1
+ local config="$1"
shift
- local indent=$1
+ local indent="$1"
shift
+
[ -z "$indent" ] && indent="$INDENT_1"
- for opt in $*; do
- local $opt
+ for opt in "$@"; do
+ local "$opt"
+ local optval
local no_val=0
- if [ ${opt:0:7} == "no_val_" ]; then
- opt=${opt:7}
+ if [ "${opt:0:7}" = "no_val_" ]; then
+ opt="${opt:7}"
no_val=1
fi
- config_get $opt $config $opt
- eval optval=\$$opt
+ config_get "$opt" "$config" "$opt"
+ eval optval=\$"$opt"
[ -z "$optval" ] && continue
- printf "$indent$opt" >> $KEEPALIVED_CONF
- [ "$no_val" == "0" ] && {
- local words=$(echo "$optval" | wc -w)
- if [ $words -gt 1 ]; then
- printf " \"$optval\"" >> $KEEPALIVED_CONF
+ printf '%b%s' "$indent" "$opt" >> "$KEEPALIVED_CONF"
+ [ "$no_val" = "0" ] && {
+ local words=0
+ words="$(echo "$optval" | wc -w)"
+ if [ "$words" -gt 1 ]; then
+ printf ' "%s"' "$optval" >> "$KEEPALIVED_CONF"
else
- printf " $optval" >> $KEEPALIVED_CONF
+ printf ' %s' "$optval" >> "$KEEPALIVED_CONF"
fi
}
- printf "\n" >> $KEEPALIVED_CONF
+ printf '\n' >> "$KEEPALIVED_CONF"
done
unset optval
}
print_list_indent() {
- local lst=$1
- local indent=$2
+ local lst="$1"
+ local indent="$2"
local lst_elems
- [ -z "$indent" ] && indent=$INDENT_1
+ [ -z "$indent" ] && indent="$INDENT_1"
- eval lst_elems=\$$lst
+ eval lst_elems=\$"$lst"
[ -z "$lst_elems" ] && return 0
- printf "$indent$lst {\n" >> $KEEPALIVED_CONF
+ printf '%b%s {\n' "$indent" "$lst" >> "$KEEPALIVED_CONF"
for e in $lst_elems; do
- [ -n "$eval_item_func" ]
- printf "$indent$INDENT_1$e\n" >> $KEEPALIVED_CONF
+ printf '%b%s\n' "${indent}${INDENT_1}" "$e">> "$KEEPALIVED_CONF"
done
- printf "$indent}\n" >> $KEEPALIVED_CONF
+ printf '%b}\n' "$indent" >> "$KEEPALIVED_CONF"
}
print_notify() {
- local type=$1
+ local type="$1"
shift
- local name=$1
+ local name="$1"
shift
- for notify in $*; do
- printf "$INDENT_1$notify" >> $KEEPALIVED_CONF
- notify=$(echo $notify | tr 'a-z' 'A-Z')
- printf " \"/bin/busybox env -i ACTION=$notify TYPE=$type NAME=$name /sbin/hotplug-call keepalived\"\n" >> $KEEPALIVED_CONF
+ for notify in "$@"; do
+ printf '%b%s' "${INDENT_1}" "$notify">> "$KEEPALIVED_CONF"
+ notify="$(echo "$notify" | tr 'a-z' 'A-Z')"
+ printf ' "/bin/busybox env -i ACTION=%s TYPE=%s NAME=%s /sbin/hotplug-call keepalived"\n' "$notify" "$type" "$name" >> "$KEEPALIVED_CONF"
done
}
global_defs() {
local linkbeat_use_polling notification_email
- config_get alt_config_file $1 alt_config_file
+ config_get alt_config_file "$1" alt_config_file
[ -z "$alt_config_file" ] || return 0
- config_get_bool linkbeat_use_polling $1 linkbeat_use_polling 0
- [ $linkbeat_use_polling -gt 0 ] && printf "linkbeat_use_polling\n\n" >> $KEEPALIVED_CONF
+ config_get_bool linkbeat_use_polling "$1" linkbeat_use_polling 0
+ [ "$linkbeat_use_polling" -gt 0 ] && printf 'linkbeat_use_polling\n\n' >> "$KEEPALIVED_CONF"
- config_get notification_email $1 notification_email
+ config_get notification_email "$1" notification_email
print_list_indent notification_email
- print_elems_indent $1 $INDENT_1 \
+ print_elems_indent "$1" "$INDENT_1" \
notification_email_from \
smtp_server \
smtp_connect_timeout \
}
print_ipaddress_indent() {
- local section=$1
- local curr_ipaddr=$2
- local indent=$3
+ local section="$1"
+ local curr_ipaddr="$2"
+ local indent="$3"
local address device scope name
- config_get name $section name
+ config_get name "$section" name
[ "$name" != "$curr_ipaddr" ] && return 0
- config_get address $section address
- config_get device $section device
- config_get scope $section scope
+ config_get address "$section" address
+ config_get device "$section" device
+ config_get scope "$section" scope
# Default indent
- [ -z "$indent" ] && indent=$INDENT_1
+ [ -z "$indent" ] && indent="$INDENT_1"
# If no address exit
[ -z "$address" ] && return 0
if [ -z "$device" ]; then
- printf "$indent$address" >> $KEEPALIVED_CONF
+ printf '%b%s' "$indent" "$address" >> "$KEEPALIVED_CONF"
else
# Add IP address/netmask and device
- printf "$indent$address dev $device" >> $KEEPALIVED_CONF
+ printf '%b%s dev %s' "$indent" "$address" "$device">> "$KEEPALIVED_CONF"
# Add scope
- [ -n "$scope" ] && printf " scope $scope" >> $KEEPALIVED_CONF
+ [ -n "$scope" ] && printf ' scope %s' "$scope" >> "$KEEPALIVED_CONF"
fi
- printf "\n" >> $KEEPALIVED_CONF
+ printf '\n' >> "$KEEPALIVED_CONF"
}
static_ipaddress() {
local address
config_get address "$1" address
for a in $address; do
- config_foreach print_ipaddress_indent ipaddress $a
+ config_foreach print_ipaddress_indent ipaddress "$a"
done
}
print_route_indent() {
- local section=$1
- local curr_route=$2
- local indent=$3
+ local section="$1"
+ local curr_route="$2"
+ local indent="$3"
local name blackhole address src_addr gateway device scope table
- config_get name $section name
+ config_get name "$section" name
[ "$name" != "$curr_route" ] && return 0
- config_get_bool blackhole $section blackhole 0
- config_get address $section address
- config_get src_addr $section src_addr
- config_get gateway $section gateway
- config_get device $section device
- config_get table $section table
+ config_get_bool blackhole "$section" blackhole 0
+ config_get address "$section" address
+ config_get src_addr "$section" src_addr
+ config_get gateway "$section" gateway
+ config_get device "$section" device
+ config_get table "$section" table
# If no address exit
[ -z "$address" ] && return 0
# Default indent
- [ -z "$indent" ] && indent=$INDENT_1
+ [ -z "$indent" ] && indent="$INDENT_1"
- [ $blackhole -gt 0 ] && {
- printf "${indent}blackhole $address\n" >> $KEEPALIVED_CONF
+ [ "$blackhole" -gt 0 ] && {
+ printf '%bblackhole %s\n' "$indent" "$address" >> "$KEEPALIVED_CONF"
return 0
}
# Add src addr or address
if [ -n "$src_addr" ]; then
- printf "${indent}src $src_addr $address" >> $KEEPALIVED_CONF
+ printf '%bsrc %s %s' "$indent" "$src_addr" "$address" >> "$KEEPALIVED_CONF"
else
[ -z "$device" ] && return 0
- printf "$indent$address" >> $KEEPALIVED_CONF
+ printf '%b%s' "$indent" "$address" >> "$KEEPALIVED_CONF"
fi
# Add route/gateway
- [ -n "$gateway" ] && printf " via $gateway" >> $KEEPALIVED_CONF
+ [ -n "$gateway" ] && printf ' via %s' "$gateway" >> "$KEEPALIVED_CONF"
# Add device
- printf " dev $device" >> $KEEPALIVED_CONF
+ printf ' dev %s' "$device" >> "$KEEPALIVED_CONF"
# Add scope
- [ -n "$scope" ] && printf " scope $scope" >> $KEEPALIVED_CONF
+ [ -n "$scope" ] && printf ' scope %s' "$scope" >> "$KEEPALIVED_CONF"
# Add table
- [ -n "$table" ] && printf " table $table" >> $KEEPALIVED_CONF
- printf "\n" >> $KEEPALIVED_CONF
+ [ -n "$table" ] && printf ' table %s' "$table" >> "$KEEPALIVED_CONF"
+ printf '\n' >> "$KEEPALIVED_CONF"
}
print_track_elem_indent() {
- local section=$1
- local curr_track_elem=$2
- local indent=$3
+ local section="$1"
+ local curr_track_elem="$2"
+ local indent="$3"
- local script name value
- config_get name $section name
+ local name value
+ config_get name "$section" name
[ "$name" != "$curr_track_elem" ] && return 0
- config_get value $section value
- config_get weight $section weight
+ config_get value "$section" value
+ config_get weight "$section" weight
[ -z "$value" ] && return 0
- printf "$indent$value" >> $KEEPALIVED_CONF
- [ -n "$weight" ] && printf " weight $weight" >> $KEEPALIVED_CONF
- printf "\n" >> $KEEPALIVED_CONF
+ printf '%b%s' "$indent" "$value" >> "$KEEPALIVED_CONF"
+ [ -n "$weight" ] && printf ' weight %s' "$weight" >> "$KEEPALIVED_CONF"
+ printf '\n' >> "$KEEPALIVED_CONF"
}
static_routes() {
local route
config_get route "$1" route
for r in $route; do
- config_foreach print_route_indent route $r
+ config_foreach print_route_indent route "$r"
done
}
# Count 'vrrp_instance' with the given name ; called by vrrp_instance_check()
vrrp_instance_name_count() {
local name
- config_get name $1 name
- [ "$name" == "$2" ] && count=$((count + 1))
+ config_get name "$1" name
+ [ "$name" = "$2" ] && count="$((count + 1))"
}
# Check if there's a 'vrrp_instance' section with the given name
vrrp_instance_check() {
- local count=0
- local name=$1
- config_foreach vrrp_instance_name_count vrrp_instance $name
+ local count="0"
+ local name="$1"
+ config_foreach vrrp_instance_name_count vrrp_instance "$name"
[ $count -gt 0 ] && return 0 || return 1
}
local valid_group
# No name for group, exit
- config_get name $1 name
+ config_get name "$1" name
[ -z "$name" ] && return 0
# No members for group, exit
- config_get group $1 group
+ config_get group "$1" group
[ -z "$group" ] && return 0
# Check if we have 'vrrp_instance's defined for
# each member and remove names with not vrrp_instance defined
for m in $group; do
- vrrp_instance_check $m && valid_group="$valid_group $m"
+ vrrp_instance_check "$m" && valid_group="$valid_group $m"
done
[ -z "$valid_group" ] && return 0
group="$valid_group"
print_list_indent group
- print_elems_indent $1 $INDENT_1 no_val_smtp_alert no_val_global_tracking
+ print_elems_indent "$1" "$INDENT_1" no_val_smtp_alert no_val_global_tracking
print_notify "GROUP" "$name" notify_backup notify_master \
notify_fault notify
vrrp_instance() {
local name auth_type auth_pass
- config_get name $1 name
+ config_get name "$1" name
[ -z "$name" ] && return 0
config_section_open "vrrp_instance" "$name"
- config_get auth_type $1 auth_type
- config_get auth_pass $1 auth_pass
- [ -n "$auth_type" -a -n "$auth_pass" ] && {
- printf "${INDENT_1}authentication {\n" >> $KEEPALIVED_CONF
- printf "${INDENT_2}auth_type $auth_type\n" >> $KEEPALIVED_CONF
- printf "${INDENT_2}auth_pass $auth_pass\n" >> $KEEPALIVED_CONF
- printf "$INDENT_1}\n" >> $KEEPALIVED_CONF
+ config_get auth_type "$1" auth_type
+ config_get auth_pass "$1" auth_pass
+ [ -n "$auth_type" ] && [ -n "$auth_pass" ] && {
+ printf '%bauthentication {\n' "${INDENT_1}" >> "$KEEPALIVED_CONF"
+ printf '%bauth_type %s\n' "${INDENT_2}" "$auth_type" >> "$KEEPALIVED_CONF"
+ printf '%bauth_pass %s\n' "${INDENT_2}" "$auth_pass" >> "$KEEPALIVED_CONF"
+ printf '%b}\n' "${INDENT_1}" >> "$KEEPALIVED_CONF"
}
- print_elems_indent $1 $INDENT_1 state interface \
+ print_elems_indent "$1" "$INDENT_1" state interface \
mcast_src_ip unicast_src_ip virtual_router_id version priority \
advert_int preempt_delay debug \
lvs_sync_daemon_interface garp_master_delay garp_master_refresh \
# Handle virtual_ipaddress & virtual_ipaddress_excluded lists
for opt in virtual_ipaddress virtual_ipaddress_excluded; do
- config_get $opt $1 $opt
+ config_get "$opt" "$1" "$opt"
eval optval=\$$opt
[ -z "$optval" ] && continue
- printf "$INDENT_1$opt {\n" >> $KEEPALIVED_CONF
+ printf '%b%s {\n' "${INDENT_1}" "$opt" >> "$KEEPALIVED_CONF"
for a in $optval; do
- config_foreach print_ipaddress_indent ipaddress $a $INDENT_2
+ config_foreach print_ipaddress_indent ipaddress "$a" "$INDENT_2"
done
- printf "$INDENT_1}\n" >> $KEEPALIVED_CONF
+ printf '%b}\n' "${INDENT_1}" >> "$KEEPALIVED_CONF"
done
# Handle virtual_routes
for opt in virtual_routes; do
- config_get $opt $1 $opt
+ config_get "$opt" "$1" "$opt"
eval optval=\$$opt
[ -z "$optval" ] && continue
- printf "$INDENT_1$opt {\n" >> $KEEPALIVED_CONF
+ printf '%b%s {\n' "${INDENT_1}" "$opt" >> "$KEEPALIVED_CONF"
for r in $optval; do
- config_foreach print_route_indent route $r $INDENT_2
+ config_foreach print_route_indent route "$r" "$INDENT_2"
done
- printf "$INDENT_1}\n" >> $KEEPALIVED_CONF
+ printf '%b}\n' "${INDENT_1}" >> "$KEEPALIVED_CONF"
done
# Handle track_script lists
for opt in track_script; do
- config_get $opt $1 $opt
+ config_get "$opt" "$1" "$opt"
eval optval=\$$opt
[ -z "$optval" ] && continue
- printf "$INDENT_1$opt {\n" >> $KEEPALIVED_CONF
+ printf '%b%s {\n' "${INDENT_1}" "$opt" >> "$KEEPALIVED_CONF"
for t in $optval; do
- printf "$INDENT_2$optval\n" >> $KEEPALIVED_CONF
+ printf '%b%s\n' "${INDENT_2}" "$optval" >> "$KEEPALIVED_CONF"
done
- printf "$INDENT_1}\n" >> $KEEPALIVED_CONF
+ printf '%b}\n' "${INDENT_1}" >> "$KEEPALIVED_CONF"
done
# Handle track_interface lists
for opt in track_interface; do
- config_get $opt $1 $opt
+ config_get "$opt" "$1" "$opt"
eval optval=\$$opt
[ -z "$optval" ] && continue
- printf "$INDENT_1$opt {\n" >> $KEEPALIVED_CONF
+ printf '%b%s {\n' "${INDENT_1}" "$opt" >> "$KEEPALIVED_CONF"
for t in $optval; do
- config_foreach print_track_elem_indent track_interface $t $INDENT_2
+ config_foreach print_track_elem_indent track_interface "$t" "$INDENT_2"
done
- printf "$INDENT_1}\n" >> $KEEPALIVED_CONF
+ printf '%b}\n' "${INDENT_1}" >> "$KEEPALIVED_CONF"
done
# Handle simple lists of strings (with no spaces in between)
for opt in unicast_peer; do
- config_get $opt $1 $opt
- print_list_indent $opt
+ config_get "$opt" "$1" "$opt"
+ print_list_indent "$opt"
done
unset optval
vrrp_script() {
local name
- config_get name $1 name
+ config_get name "$1" name
[ -z "$name" ] && return 0
config_section_open "vrrp_script" "$name"
- print_elems_indent $1 $INDENT_1 script interval weight fall rise
+ print_elems_indent "$1" "$INDENT_1" script interval weight fall rise
config_section_close
}
local name path digest
- config_get name $1 name
+ config_get name "$1" name
[ "$url" = "$name" ] || return 0
- config_get path $1 path
- config_get digest $1 digest
+ config_get path "$1" path
+ config_get digest "$1" digest
- [ -n "$digest" -a -n "$path" ] && {
- printf "${INDENT_3}url {\n" >> $KEEPALIVED_CONF
- printf "${INDENT_4}path "$path"\n" >> $KEEPALIVED_CONF
- printf "${INDENT_4}digest $digest\n" >> $KEEPALIVED_CONF
- printf "${INDENT_3}}\n" >> $KEEPALIVED_CONF
+ [ -n "$digest" ] && [ -n "$path" ] && {
+ printf '%burl {\n' "${INDENT_3}" >> "$KEEPALIVED_CONF"
+ printf '%bpath %s\n' "${INDENT_4}" "$path" >> "$KEEPALIVED_CONF"
+ printf '%bdigest %s\n' "${INDENT_4}" "$digest" >> "$KEEPALIVED_CONF"
+ printf '%b}\n' "${INDENT_3}" >> "$KEEPALIVED_CONF"
}
}
local enabled name weight ipaddr port check
- config_get_bool enabled $1 enabled 1
+ config_get_bool enabled "$1" enabled 1
[ "$enabled" -eq 1 ] || return 0
- config_get name $1 name
+ config_get name "$1" name
[ "$server" = "$name" ] || return 0
- config_get weight $1 weight
+ config_get weight "$1" weight
[ -n "$weight" ] || return 0
- config_get ipaddr $1 ipaddr
- config_get port $1 port
- config_get check $1 check
+ config_get ipaddr "$1" ipaddr
+ config_get port "$1" port
+ config_get check "$1" check
- [ -n "$ipaddr" -a -n "$port" ] && {
- printf "${INDENT_1}real_server $ipaddr $port {\n" >> $KEEPALIVED_CONF
- printf "${INDENT_2}weight $weight\n" >> $KEEPALIVED_CONF
+ [ -n "$ipaddr" ] && [ -n "$port" ] && {
+ printf '%breal_server %s %d {\n' "${INDENT_1}" "$ipaddr" "$port" >> "$KEEPALIVED_CONF"
+ printf '%bweight %d\n' "${INDENT_2}" "$weight" >> "$KEEPALIVED_CONF"
case "$check" in
TCP_CHECK)
- printf "${INDENT_2}${check} {\n" >> $KEEPALIVED_CONF
- print_elems_indent $1 $INDENT_3 connect_timeout \
+ printf '%b%s {\n' "${INDENT_2}" "$check" >> "$KEEPALIVED_CONF"
+ print_elems_indent "$1" "$INDENT_3" connect_timeout \
connect_port
- printf "${INDENT_2}}\n" >> $KEEPALIVED_CONF
+ printf '%b}\n' "${INDENT_2}" >> "$KEEPALIVED_CONF"
;;
MISC_CHECK)
- printf "${INDENT_2}${check} {\n" >> $KEEPALIVED_CONF
- print_elems_indent $1 $INDENT_3 misc_path
- printf "${INDENT_2}}\n" >> $KEEPALIVED_CONF
+ printf '%b%s {\n' "${INDENT_2}" "$check" >> "$KEEPALIVED_CONF"
+ print_elems_indent "$1" "$INDENT_3" misc_path
+ printf '%b}\n' "${INDENT_2}" >> "$KEEPALIVED_CONF"
;;
HTTP_GET | SSL_GET)
- printf "${INDENT_2}${check} {\n" >> $KEEPALIVED_CONF
- print_elems_indent $1 $INDENT_3 connect_timeout \
+ printf '%b%s {\n' "${INDENT_2}" "$check" >> "$KEEPALIVED_CONF"
+ print_elems_indent "$1" "$INDENT_3" connect_timeout \
connect_port nb_get_retry delay_before_retry
# Handle url list
- config_list_foreach $1 url url_list
- printf "${INDENT_2}}\n" >> $KEEPALIVED_CONF
+ config_list_foreach "$1" url url_list
+ printf '%b}\n' "${INDENT_2}" >> "$KEEPALIVED_CONF"
;;
esac
- printf "${INDENT_1}}\n" >> $KEEPALIVED_CONF
+ printf '%b}\n' "${INDENT_1}" >> "$KEEPALIVED_CONF"
}
}
virtual_server() {
local enabled ipaddr port lb_algo sorry_server_ip sorry_server_port
- config_get_bool enabled $1 enabled 1
+ config_get_bool enabled "$1" enabled 1
[ "$enabled" -eq 1 ] || return 0
- config_get ipaddr $1 ipaddr
+ config_get ipaddr "$1" ipaddr
[ -z "$ipaddr" ] && return 0
- config_get port $1 port
+ config_get port "$1" port
[ -z "$port" ] && return 0
config_section_open "virtual_server" "$ipaddr $port"
- print_elems_indent $1 $INDENT_1 fwmark delay_loop \
+ print_elems_indent "$1" "$INDENT_1" fwmark delay_loop \
lb_kind persistence_timeout persistence_granularity \
virtualhost protocol
- config_get lb_algo $1 lb_algo
+ config_get lb_algo "$1" lb_algo
[ -z "$lb_algo" ] && lb_algo="rr"
- modprobe ip_vs_${lb_algo} 2>&1 1>/dev/null
- printf "${INDENT_1}lb_algo ${lb_algo}\n" >> $KEEPALIVED_CONF
+ modprobe ip_vs_${lb_algo} 1>/dev/null 2>&1
+ printf '%blb_algo %s\n' "${INDENT_1}" "${lb_algo}" >> "$KEEPALIVED_CONF"
- config_get sorry_server_ip $1 sorry_server_ip
- config_get sorry_server_port $1 sorry_server_port
- [ -n "$sorry_server_ip" -a -n "$sorry_server_port" ] && {
- printf "${INDENT_1}sorry_server $sorry_server_ip $sorry_server_port\n" >> $KEEPALIVED_CONF
+ config_get sorry_server_ip "$1" sorry_server_ip
+ config_get sorry_server_port "$1" sorry_server_port
+ [ -n "$sorry_server_ip" ] && [ -n "$sorry_server_port" ] && {
+ printf '%bsorry_server %s %s\n' "${INDENT_1}" "$sorry_server_ip" "$sorry_server_port" >> "$KEEPALIVED_CONF"
}
# Handle real_server list
- config_list_foreach $1 real_server real_server_list
+ config_list_foreach "$1" real_server real_server_list
config_section_close
}
process_config() {
local alt_config_file
- rm -f $KEEPALIVED_CONF
+ rm -f "$KEEPALIVED_CONF"
# First line
- printf "! Configuration file for keepalived (autogenerated via init script)\n" > $KEEPALIVED_CONF
- printf "! Written %s\n\n" "$(date +'%c')" >> $KEEPALIVED_CONF
+ printf '! Configuration file for keepalived (autogenerated via init script)\n' > "$KEEPALIVED_CONF"
+ printf '! Written %s\n\n' "$(date +'%c')" >> "$KEEPALIVED_CONF"
[ -f /etc/config/keepalived ] || return 0
config_load 'keepalived'
# If "alt_config_file" specified, use that instead
[ -n "$alt_config_file" ] && [ -f "$alt_config_file" ] && {
- rm -f $KEEPALIVED_CONF
+ rm -f "$KEEPALIVED_CONF"
# Symlink "alt_config_file" since it's a bit easier and safer
- ln -s $alt_config_file $KEEPALIVED_CONF
+ ln -s "$alt_config_file" "$KEEPALIVED_CONF"
return 0
}
include $(TOPDIR)/rules.mk
PKG_NAME:=knot
-PKG_VERSION:=2.8.2
+PKG_VERSION:=2.8.3
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://secure.nic.cz/files/knot-dns/
-PKG_HASH:=00d24361a2406392c508904fad943536bae6369981686b4951378fc1c9a5a137
+PKG_HASH:=8a62d81e5cf3df938f469b60ed4e46d9161007c2b89fbf7ae07525fa68368bad
PKG_MAINTAINER:=Daniel Salzman <daniel.salzman@nic.cz>
PKG_LICENSE:=GPL-3.0 LGPL-2.0 0BSD BSD-3-Clause OLDAP-2.8
define Package/knot-libs
$(call Package/knot-lib/Default)
TITLE+= common DNS and DNSSEC libraries
- DEPENDS+=+libgnutls
+ DEPENDS+=+libgnutls +lmdb
endef
define Package/knot-libzscanner
include $(TOPDIR)/rules.mk
PKG_NAME:=miniupnpc
-PKG_VERSION:=2.1.20190408
-PKG_RELEASE:=2
+PKG_VERSION:=2.1.20190625
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://miniupnp.tuxfamily.org/files
-PKG_HASH:=a0c46bcf6065d6351a8fa6a0a18dc57d10a16908dbb470908fd2e423511514ec
+PKG_HASH:=8723f5d7fd7970de23635547700878cd29a5c2bb708b5e5475b2d1d2510317fb
PKG_MAINTAINER:=Steven Barth <cyrus@openwrt.org>
PKG_LICENSE:=BSD-3c
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
-@@ -38,12 +38,6 @@ if (CMAKE_SYSTEM_NAME STREQUAL "Darwin")
+@@ -39,12 +39,6 @@ if (CMAKE_SYSTEM_NAME STREQUAL "Darwin")
target_compile_definitions(miniupnpc-private INTERFACE _DARWIN_C_SOURCE)
endif ()
+++ /dev/null
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -66,6 +66,7 @@ set (MINIUPNPC_SOURCES
- connecthostport.c
- portlistingparse.c
- receivedata.c
-+ listdevices.c
- connecthostport.h
- igd_desc_parse.h
- minisoap.h
-@@ -142,6 +143,10 @@ if (UPNPC_BUILD_SHARED)
- add_executable (upnpc-shared upnpc.c)
- target_link_libraries (upnpc-shared PRIVATE libminiupnpc-shared)
- target_include_directories(upnpc-shared PRIVATE ${CMAKE_CURRENT_BINARY_DIR})
-+
-+ add_executable (listdevices listdevices.c)
-+ target_link_libraries (listdevices PRIVATE libminiupnpc-shared)
-+ target_include_directories(listdevices PRIVATE ${CMAKE_CURRENT_BINARY_DIR})
- endif ()
- endif ()
-
include $(TOPDIR)/rules.mk
PKG_NAME:=mosquitto
-PKG_VERSION:=1.6.3
+PKG_VERSION:=1.6.4
PKG_RELEASE:=1
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=LICENSE.txt
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://mosquitto.org/files/source/
-PKG_HASH:=9ef5cc75f4fe31d7bf50654ddf4728ad9e1ae2e5609a4b42ecbbcb4a209ed17e
+PKG_HASH:=a3d5822c249f6a6e13311b1b09eff6807ea01608a5a77934e1769842e9d146ef
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
include $(INCLUDE_DIR)/package.mk
PKG_NAME:=mwan3
PKG_VERSION:=2.8.0
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_MAINTAINER:=Florian Eckert <fe@dev.tdt.de>
PKG_LICENSE:=GPLv2
config interface 'wanb'
option enabled '0'
+ list track_ip '8.8.4.4'
list track_ip '8.8.8.8'
+ list track_ip '208.67.222.222'
list track_ip '208.67.220.220'
option family 'ipv4'
option reliability '1'
option count '1'
option timeout '2'
+ option failure_latency '1000'
+ option recovery_latency '500'
+ option failure_loss '20'
+ option recovery_loss '5'
option interval '5'
option down '3'
option up '8'
config interface 'wanb6'
option enabled '0'
+ list track_ip '2001:4860:4860::8844'
list track_ip '2001:4860:4860::8888'
+ list track_ip '2620:0:ccd::2'
list track_ip '2620:0:ccc::2'
option family 'ipv6'
option reliability '1'
}
stop_service() {
- [ -f "$CONFIGFILE" ] && rm -f "$CONFIGFILE"
+ [ -f "$CONFIGFILE" ] || return
+ rm -f "$CONFIGFILE"
procd_set_config_changed firewall
}
}
service_started() {
+ [ "$snmp_enabled" -eq 0 ] && return
procd_set_config_changed firewall
}
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://gitlab.com/netify.ai/public/netify-agent.git
-PKG_SOURCE_DATE:=2019-06-06
-PKG_SOURCE_VERSION:=v2.88
-#PKG_SOURCE_VERSION:=367ddd2fca4b2edd5e71145e2adea1b58f750214
-PKG_MIRROR_HASH:=8ead41dc074a71626609bced1d584f8df87e39f5ad76dcca76021c1737150089
+PKG_SOURCE_DATE:=2019-08-09
+PKG_SOURCE_VERSION:=v2.91
+#PKG_SOURCE_VERSION:=edb904b417a42a1421474427f03e91e0400d8729
+PKG_MIRROR_HASH:=9a7c6a84fc35677f65ac7ff84f228b0051204fae388869042d7623c141ec4165
include $(INCLUDE_DIR)/package.mk
CATEGORY:=Network
TITLE:=Netify Agent
URL:=http://www.netify.ai/
- DEPENDS:=+libcurl +libmnl +libnetfilter-conntrack +libjson-c +libpcap +zlib +libpthread @!USE_UCLIBC
+ DEPENDS:=+ca-bundle +libcurl +libmnl +libnetfilter-conntrack +libjson-c +libpcap +zlib +libpthread @!USE_UCLIBC
# Explicitly depend on libstdcpp rather than $(CXX_DEPENDS). At the moment
# std::unordered_map is only available via libstdcpp which is required for
# performance reasons.
CONFIGURE_ARGS+= \
--sharedstatedir=/var/run \
--enable-lean-and-mean \
- --disable-ncurses \
--disable-libtcmalloc \
--without-systemdsystemunitdir \
--without-tmpfilesdir
ifeq ($(CONFIG_NGINX_HTTP_BROTLI),y)
define Download/nginx-brotli
- VERSION:=e26248ee361c04e25f581b92b85d95681bdffb39
+ VERSION:=dc37f658ccb5a51d090dc09d1a2aca2f24309869
SUBDIR:=nginx-brotli
- FILE:=ngx-brotli-module-$$(VERSION).tar.gz
+ FILE:=ngx-brotli-module-$$(VERSION).tar.xz
URL:=https://github.com/eustas/ngx_brotli.git
- MIRROR_HASH:=76b891ba49f82f0cfbc9cba875646e26ee986b522373e0aa2698a9923a4adcdb
+ MIRROR_HASH:=6bc0c40ff24f6e0ac616dfddc803bdc7fcf54764ba9dc4f9cecb3a68beedcdaf
PROTO:=git
endef
$(eval $(call Download,nginx-brotli))
define Prepare/nginx-brotli
$(eval $(Download/nginx-brotli))
- gzip -dc $(DL_DIR)/$(FILE) | tar -C $(PKG_BUILD_DIR) $(TAR_OPTIONS)
+ xzcat $(DL_DIR)/$(FILE) | tar -C $(PKG_BUILD_DIR) $(TAR_OPTIONS)
endef
endif
sendfile on;
keepalive_timeout 0;
-
+
client_body_buffer_size 10K;
client_header_buffer_size 1k;
client_max_body_size 1G;
gzip_vary on;
gzip_comp_level 1;
gzip_proxied any;
-
+ gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript image/svg+xml;
+
root /www;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name localhost;
-
+
location ~* .(jpg|jpeg|png|gif|ico|css|js)$ {
expires 365d;
}
sendfile on;
keepalive_timeout 0;
-
+
client_body_buffer_size 10K;
client_header_buffer_size 1k;
client_max_body_size 1G;
gzip_vary on;
gzip_comp_level 1;
gzip_proxied any;
-
+ gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript image/svg+xml;
+
root /www;
-
+
server {
listen 80 default_server;
listen [::]:80 default_server;
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
server_name localhost;
-
+
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:DHE+AESGCM:DHE:!RSA!aNULL:!eNULL:!LOW:!RC4:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!CAMELLIA:!SEED";
ssl_certificate /etc/nginx/nginx.cer;
ssl_certificate_key /etc/nginx/nginx.key;
-
+
location ~* .(jpg|jpeg|png|gif|ico|css|js)$ {
expires 365d;
}
include $(TOPDIR)/rules.mk
PKG_NAME:=nsd
-PKG_VERSION:=4.1.13
+PKG_VERSION:=4.2.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=http://www.nlnetlabs.nl/downloads/nsd
-PKG_HASH:=c45cd4ba2101a027e133b2be44db9378e27602e05f09a5ef25019e1ae45291af
-PKG_FIXUP:=autoreconf
-PKG_INSTALL:=1
-
-PKG_LICENSE:=BSD-3c
-PKG_LICENSE_FILES:=LICENSE
+PKG_SOURCE_URL:=https://www.nlnetlabs.nl/downloads/nsd
+PKG_HASH:=d17c0ea3968cb0eb2be79f2f83eb299b7bfcc554b784007616eed6ece828871f
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
PKG_MAINTAINER:=Vasilis Tsiligiannis <acinonyx@openwrt.gr>
+PKG_LICENSE:=BSD-3-Clause
+PKG_LICENSE_FILES:=LICENSE
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
+PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
define Package/nsd/default
TITLE:=NSD Name Server Daemon
- URL:=http://www.nlnetlabs.nl/projects/nsd/
+ URL:=https://www.nlnetlabs.nl/projects/nsd/
SECTION:=net
CATEGORY:=Network
SUBMENU:=IP Addresses and Names
endef
CONFIGURE_ARGS+= \
+ --enable-packed \
+ --enable-recvmmsg \
+ --enable-tcp-fastopen \
--disable-checking \
- --with-libevent=no \
--with-user="network" \
+ --without-libevent \
+ $(if $(CONFIG_IPV6),--with,--without)-ipv6
CONFIGURE_VARS+= \
ac_cv_c_va_list_def=no \
- ac_cv_c_strptime_needs_defs=no \
+ ac_cv_c_strptime_needs_defs=no
ifeq ($(BUILD_VARIANT),ssl)
- CONFIGURE_ARGS += \
- --with-ssl="$(STAGING_DIR)/usr"
-endif
-
-ifeq ($(BUILD_VARIANT),nossl)
- CONFIGURE_ARGS += \
- --without-ssl
+ CONFIGURE_ARGS += --with-ssl="$(STAGING_DIR)/usr"
+else
+ CONFIGURE_ARGS += --without-ssl
endif
define Package/nsd/conffiles
--- /dev/null
+--- a/nsd-control.c
++++ b/nsd-control.c
+@@ -42,6 +42,7 @@
+ */
+
+ #include "config.h"
++#include <stdio.h>
+ #ifdef HAVE_SSL
+
+ #include <sys/types.h>
--- /dev/null
+--- a/tsig.c
++++ b/tsig.c
+@@ -19,6 +19,10 @@
+ #include "query.h"
+ #include "rbtree.h"
+
++#ifndef HAVE_SSL
++#define CRYPTO_memcmp memcmp
++#endif
++
+ static region_type *tsig_region;
+
+ struct tsig_key_table
include $(TOPDIR)/rules.mk
PKG_NAME:=openconnect
-PKG_VERSION:=8.03
-PKG_RELEASE:=2
+PKG_VERSION:=8.04
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=ftp://ftp.infradead.org/pub/openconnect/
-PKG_HASH:=908cff9b1ce266b6bb7f969a7f62723543ab94719ba3c95a150fe3894cbc9ef2
+PKG_HASH:=98979c6e3f78b294dc663e3fd75d5c9e9d779f247be9d4e3ab84b5e90565f81f
PKG_LICENSE:=LGPL-2.1-or-later
PKG_LICENSE_FILES:=COPYING.LGPL
+++ /dev/null
-From 460c060dda115bc8066bb4b955453c673459b6cc Mon Sep 17 00:00:00 2001
-From: Rosen Penev <rosenp@gmail.com>
-Date: Sun, 9 Jun 2019 23:36:53 -0700
-Subject: [PATCH] Fix compilation without deprecated OpenSSL 1.1 APIs
-
-Initialization and deinitialization is deprecated.
-
-Signed-off-by: Rosen Penev <rosenp@gmail.com>
----
- library.c | 4 ++++
- openssl.c | 2 ++
- tests/bad_dtls_test.c | 4 ++++
- 3 files changed, 10 insertions(+)
-
-diff --git a/library.c b/library.c
-index 0e3d05e6..e45e93a2 100644
---- a/library.c
-+++ b/library.c
-@@ -38,6 +38,10 @@
- #include "gnutls.h"
- #endif
-
-+#if defined(OPENCONNECT_OPENSSL)
-+#include <openssl/bio.h>
-+#endif
-+
- struct openconnect_info *openconnect_vpninfo_new(const char *useragent,
- openconnect_validate_peer_cert_vfn validate_peer_cert,
- openconnect_write_new_config_vfn write_new_config,
-diff --git a/openssl.c b/openssl.c
-index 2b1f07bd..e505f49a 100644
---- a/openssl.c
-+++ b/openssl.c
-@@ -1879,10 +1879,12 @@ int openconnect_init_ssl(void)
- if (ret)
- return ret;
- #endif
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- SSL_library_init();
- ERR_clear_error();
- SSL_load_error_strings();
- OpenSSL_add_all_algorithms();
-+#endif
- return 0;
- }
-
-diff --git a/tests/bad_dtls_test.c b/tests/bad_dtls_test.c
-index ac8d3f1e..c123c8f8 100644
---- a/tests/bad_dtls_test.c
-+++ b/tests/bad_dtls_test.c
-@@ -752,8 +752,10 @@ int main(int argc, char *argv[])
- int ret;
- int i;
-
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- SSL_library_init();
- SSL_load_error_strings();
-+#endif
-
- RAND_bytes(session_id, sizeof(session_id));
- RAND_bytes(master_secret, sizeof(master_secret));
-@@ -910,8 +912,10 @@ int main(int argc, char *argv[])
- printf("Cisco BadDTLS test: FAILED\n");
- }
-
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- ERR_free_strings();
- EVP_cleanup();
-+#endif
-
- return testresult?0:1;
- }
---
-2.17.1
-
+++ /dev/null
-From afb6442533dc7475ed61642c3f5b295db1e6f561 Mon Sep 17 00:00:00 2001
-From: Rosen Penev <rosenp@gmail.com>
-Date: Sun, 9 Jun 2019 23:40:21 -0700
-Subject: [PATCH] Fix DTLS bug when lacking deprecated APIs
-
-HAVE_DTLS12 is for DTLSv1_method. This causes dtls_method to be NULL and
-crash.
-
-[dwmw2: Rework it quite a bit more]
-
-Signed-off-by: Rosen Penev <rosenp@gmail.com>
-Signed-off-by: David Woodhouse <dwmw2@infradead.org>
----
- configure.ac | 17 ++++++++++++++---
- openssl-dtls.c | 49 ++++++++++++++++++++++++++-----------------------
- 2 files changed, 40 insertions(+), 26 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index 02096c51..f7557933 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -455,11 +455,22 @@ case "$ssl_library" in
- AC_DEFINE(HAVE_DTLS1_STOP_TIMER, [1], [OpenSSL has dtls1_stop_timer() function])],
- [AC_MSG_RESULT(no)])
-
-- AC_MSG_CHECKING([for DTLSv1_2_client_method() in OpenSSL])
-+ # DTLS_client_method() and DTLSv1_2_client_method() were both added between
-+ # OpenSSL v1.0.1 and v1.0.2. DTLSV1.2_client_method() was later deprecated
-+ # in v1.1.0 so we use DTLS_client_method() as our check for DTLSv1.2 support
-+ # and that's what we actually use in openssl-dtls.c too.
-+ AC_MSG_CHECKING([for DTLS_client_method() in OpenSSL])
- AC_LINK_IFELSE([AC_LANG_PROGRAM([#include <openssl/ssl.h>],
-- [DTLSv1_2_client_method();])],
-+ [DTLS_client_method();])],
- [AC_MSG_RESULT(yes)
-- AC_DEFINE(HAVE_DTLS12, [1], [OpenSSL has DTLSv1_2_client_method() function])],
-+ AC_DEFINE(HAVE_DTLS12, [1], [OpenSSL has DTLS_client_method() function])],
-+ [AC_MSG_RESULT(no)])
-+
-+ AC_MSG_CHECKING([for SSL_CTX_set_min_proto_version() in OpenSSL])
-+ AC_LINK_IFELSE([AC_LANG_PROGRAM([#include <openssl/ssl.h>],
-+ [SSL_CTX_set_min_proto_version((void *)0, 0);])],
-+ [AC_MSG_RESULT(yes)
-+ AC_DEFINE(HAVE_SSL_CTX_PROTOVER, [1], [OpenSSL has SSL_CTX_set_min_proto_version() function])],
- [AC_MSG_RESULT(no)])
-
- AC_CHECK_FUNC(HMAC_CTX_copy,
-diff --git a/openssl-dtls.c b/openssl-dtls.c
-index 5086440f..9e3c5d46 100644
---- a/openssl-dtls.c
-+++ b/openssl-dtls.c
-@@ -332,6 +332,7 @@ int start_dtls_handshake(struct openconnect_info *vpninfo, int dtls_fd)
- const char *cipher = vpninfo->dtls_cipher;
-
- #ifdef HAVE_DTLS12
-+ /* These things should never happen unless they're supported */
- if (vpninfo->cisco_dtls12) {
- dtlsver = DTLS1_2_VERSION;
- } else if (!strcmp(cipher, "OC-DTLS1_2-AES128-GCM")) {
-@@ -349,16 +350,16 @@ int start_dtls_handshake(struct openconnect_info *vpninfo, int dtls_fd)
-
- if (!vpninfo->dtls_ctx) {
- #ifdef HAVE_DTLS12
-+ /* If we can use SSL_CTX_set_min_proto_version, do so. */
- dtls_method = DTLS_client_method();
- #endif
--#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
-+#ifndef HAVE_SSL_CTX_PROTOVER
-+ /* If !HAVE_DTLS12, dtlsver *MUST* be DTLS1_BAD_VER because it's set
-+ * at the top of the function and nothing can change it. */
- if (dtlsver == DTLS1_BAD_VER)
- dtls_method = DTLSv1_client_method();
--#ifdef HAVE_DTLS12
-- else if (dtlsver == DTLS1_2_VERSION)
-- dtls_method = DTLSv1_2_client_method();
--#endif
- #endif
-+
- vpninfo->dtls_ctx = SSL_CTX_new(dtls_method);
- if (!vpninfo->dtls_ctx) {
- vpn_progress(vpninfo, PRG_ERR,
-@@ -367,24 +368,26 @@ int start_dtls_handshake(struct openconnect_info *vpninfo, int dtls_fd)
- vpninfo->dtls_attempt_period = 0;
- return -EINVAL;
- }
-- if (dtlsver) {
--#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
-- if (dtlsver == DTLS1_BAD_VER)
-- SSL_CTX_set_options(vpninfo->dtls_ctx, SSL_OP_CISCO_ANYCONNECT);
--#else
-- if (!SSL_CTX_set_min_proto_version(vpninfo->dtls_ctx, dtlsver) ||
-- !SSL_CTX_set_max_proto_version(vpninfo->dtls_ctx, dtlsver)) {
-- vpn_progress(vpninfo, PRG_ERR,
-- _("Set DTLS CTX version failed\n"));
-- openconnect_report_ssl_errors(vpninfo);
-- SSL_CTX_free(vpninfo->dtls_ctx);
-- vpninfo->dtls_ctx = NULL;
-- vpninfo->dtls_attempt_period = 0;
-- return -EINVAL;
-- }
-+#ifdef HAVE_SSL_CTX_PROTOVER
-+ if (dtlsver &&
-+ (!SSL_CTX_set_min_proto_version(vpninfo->dtls_ctx, dtlsver) ||
-+ !SSL_CTX_set_max_proto_version(vpninfo->dtls_ctx, dtlsver))) {
-+ vpn_progress(vpninfo, PRG_ERR,
-+ _("Set DTLS CTX version failed\n"));
-+ openconnect_report_ssl_errors(vpninfo);
-+ SSL_CTX_free(vpninfo->dtls_ctx);
-+ vpninfo->dtls_ctx = NULL;
-+ vpninfo->dtls_attempt_period = 0;
-+ return -EINVAL;
-+ }
-+#else /* !HAVE_SSL_CTX_PROTOVER */
-+ /* If we used the legacy version-specific methods, we need the special
-+ * way to make TLSv1_client_method() do DTLS1_BAD_VER. */
-+ if (dtlsver == DTLS1_BAD_VER)
-+ SSL_CTX_set_options(vpninfo->dtls_ctx, SSL_OP_CISCO_ANYCONNECT);
- #endif
- #if defined (HAVE_DTLS12) && !defined(OPENSSL_NO_PSK)
-- } else {
-+ if (!dtlsver) {
- SSL_CTX_set_psk_client_callback(vpninfo->dtls_ctx, psk_callback);
- /* For PSK we override the DTLS master secret with one derived
- * from the HTTPS session. */
-@@ -401,9 +404,9 @@ int start_dtls_handshake(struct openconnect_info *vpninfo, int dtls_fd)
- }
- /* For SSL_CTX_set_cipher_list() */
- cipher = "PSK";
--
--#endif
- }
-+#endif /* OPENSSL_NO_PSK */
-+
- /* If we don't readahead, then we do short reads and throw
- away the tail of data packets. */
- SSL_CTX_set_read_ahead(vpninfo->dtls_ctx, 1);
---
-2.17.1
-
+++ /dev/null
-From 97cafd182f5a5c2d13f57d7faeac8432aea9bbf8 Mon Sep 17 00:00:00 2001
-From: David Woodhouse <dwmw2@infradead.org>
-Date: Mon, 10 Jun 2019 12:34:43 +0100
-Subject: [PATCH] Disable encrypt-then-mac where possible with DTLS and OpenSSL
-
-There is pain here. Just don't bother.
-
-Signed-off-by: David Woodhouse <dwmw2@infradead.org>
----
- openssl-dtls.c | 12 +++++++++++-
- 1 file changed, 11 insertions(+), 1 deletion(-)
-
-diff --git a/openssl-dtls.c b/openssl-dtls.c
-index 9e3c5d46..646bf71c 100644
---- a/openssl-dtls.c
-+++ b/openssl-dtls.c
-@@ -406,7 +406,17 @@ int start_dtls_handshake(struct openconnect_info *vpninfo, int dtls_fd)
- cipher = "PSK";
- }
- #endif /* OPENSSL_NO_PSK */
--
-+#ifdef SSL_OP_NO_ENCRYPT_THEN_MAC
-+ /* I'm fairly sure I wasn't lying when I said I had tested
-+ * https://github.com/openssl/openssl/commit/e23d5071ec4c7aa6bb2b
-+ * against GnuTLS both with and without EtM in 2016.
-+ * Nevertheless, in 2019 it seems to be failing to negotiate
-+ * at least for DTLS1_BAD_VER against ocserv with GnuTLS 3.6.7.
-+ * Just turn it off. Real Cisco servers don't do it for
-+ * DTLS1_BAD_VER, and we should be using GCM ciphersuites in
-+ * newer versions of DTLS anyway so it's irrelevant. */
-+ SSL_CTX_set_options(vpninfo->dtls_ctx, SSL_OP_NO_ENCRYPT_THEN_MAC);
-+#endif
- /* If we don't readahead, then we do short reads and throw
- away the tail of data packets. */
- SSL_CTX_set_read_ahead(vpninfo->dtls_ctx, 1);
---
-2.17.1
-
PKG_NAME:=p910nd
PKG_VERSION:=0.97
-PKG_RELEASE:=7
+PKG_RELEASE:=8
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=@SF/p910nd
SUBMENU:=Printing
TITLE:=A small non-spooling printer server
URL:=http://p910nd.sourceforge.net
+ USERID:=p910nd=393:lp=7
endef
define Package/p910nd/conffiles
$(INSTALL_DATA) ./files/p910nd.config $(1)/etc/config/p910nd
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/p910nd.init $(1)/etc/init.d/p910nd
+ $(INSTALL_DIR) $(1)/etc/hotplug.d/usbmisc
+ $(INSTALL_BIN) ./files/p910nd.hotplug $(1)/etc/hotplug.d/usbmisc/20-p910nd
endef
$(eval $(call BuildPackage,p910nd))
option port 0
option bidirectional 1
option enabled 0
+ # Override running as user p910nd, group lp
+ option runas_root 0
# mDNS support - see Bonjour Printing Specification for details concerning the values
# Be aware that you can only advertise one printer on this host via mDNS
--- /dev/null
+#!/bin/sh
+
+case "$ACTION" in
+ add)
+ [ -n "${DEVNAME}" ] && [ "${DEVNAME##usb/lp*}" = "" ] && {
+ chmod 660 /dev/"$DEVNAME"
+ chgrp lp /dev/"$DEVNAME"
+ }
+ ;;
+ remove)
+ # device is gone
+ ;;
+esac
start_p910nd() {
- local section="$1"
+ local section="$1" runas_root
config_get_bool "enabled" "$section" "enabled" '1'
if [ "$enabled" -gt 0 ]; then
args="-d "
procd_set_param command /usr/sbin/p910nd $args
procd_set_param respawn
+ config_get_bool runas_root "$section" runas_root 0
+ [ "$runas_root" -ne 1 ] && procd_set_param user p910nd
+
config_get_bool "mdns" "$section" "mdns" '0'
config_get mdns_note "$section" mdns_note
config_get mdns_ty "$section" mdns_ty
include $(TOPDIR)/rules.mk
PKG_NAME:=pdns
-PKG_VERSION:=4.1.10
-PKG_RELEASE:=2
+PKG_VERSION:=4.1.13
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://downloads.powerdns.com/releases/
-PKG_HASH:=5a46cfde92caaaa2e85af9a15acb9ad81b56f4c8a8255c457e6938d8c0cb15c7
+PKG_HASH:=e7ea9c628a03652d2ca9e048525d44ac5628a9fede45e510ff9ba756ae2f5f25
PKG_MAINTAINER:=James Taylor <james@jtaylor.id.au>
PKG_LICENCE:=GPL-2.0-only
PKG_LICENCE_FILES:=COPYING
-PKG_CPE_ID:=cpe:/a:powerdns:authoritative_server
+PKG_CPE_ID:=cpe:/a:powerdns:authoritative
PKG_FIXUP:=autoreconf
#################################
# config-dir Location of configuration directory (pdns.conf)
#
-# config-dir=/usr/local/etc
+# config-dir=/etc/powerdns
#################################
# config-name Name of this virtual configuration - will rename the binary image
#################################
# module-dir Default directory for modules
#
-# module-dir=/usr/local/lib/pdns
+# module-dir=/usr/lib/powerdns/pdns
#################################
# negquery-cache-ttl Seconds to store negative query results in the QueryCache
#
# socket-dir=
+#################################
+# superslave Act as a superslave
+#
+# superslave=yes
+
#################################
# tcp-control-address If set, PowerDNS can be controlled over TCP on this address
#
# xfr-max-received-mbytes Maximum number of megabytes received from an incoming XFR
#
# xfr-max-received-mbytes=100
+
+
--- /dev/null
+# Copyright (C) 2019 Diana Dragusin <diana.dragusin@nccgroup.com>
+# Copyright (C) 2019 Etienne Champetier <champetier.etienne@gmail.com>
+#
+# This is free software, licensed under the GNU General Public License v3.
+# See <http://www.gnu.org/licenses/> for more information.
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=phantap
+PKG_RELEASE:=1
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://github.com/nccgroup/phantap
+PKG_MIRROR_HASH:=d81f7b52f2259af093240446674b41ce354222aa7d851504fbc445f3a7c1431e
+PKG_SOURCE_DATE:=2019.08.13
+PKG_SOURCE_VERSION:=f5420af847dd53b2d4cf2b5c2551239709d51bf7
+
+PKG_MAINTAINER:=Diana Dragusin <diana.dragusin@nccgroup.com>, \
+ Etienne Champetier <champetier.etienne@gmail.com>
+PKG_LICENSE:=GPL-3.0-only
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
+
+CMAKE_SOURCE_SUBDIR:=src
+
+define Package/phantap/Default
+ SECTION:=net
+ CATEGORY:=Network
+ URL:=https://github.com/nccgroup/phantap
+endef
+
+define Package/phantap
+ $(call Package/phantap/Default)
+ TITLE:=PhanTap
+ PKGARCH:=all
+ DEPENDS:=+ebtables +tcpdump +ip-full +kmod-br-netfilter +kmod-ebtables-ipv4
+endef
+
+define Package/phantap/conffiles
+/etc/config/phantap
+endef
+
+define Package/phantap/description
+ PhanTap or Phantom tap is a small set of scripts that allow you to setup a network tap
+ that automatically impersonate a victim device, allowing you to access internet using
+ the IP & MAC of the victim. To speak to machines in the same L2, see PhanTap learn
+endef
+
+define Package/phantap-learn
+ $(call Package/phantap/Default)
+ TITLE:=PhanTap-learn
+ DEPENDS:=+libpcap +ip-full
+endef
+
+define Package/phantap-learn/description
+ PhanTap learn listens to multicast / broadcast / arp traffic to fill the arp table
+ and add routes to the discovered IPs.
+endef
+
+define Package/phantap/install
+ $(INSTALL_DIR) $(1)/etc/config
+ $(INSTALL_DATA) $(PKG_BUILD_DIR)/files/etc/config/phantap $(1)/etc/config/
+ $(INSTALL_DIR) $(1)/etc/hotplug.d/iface
+ $(INSTALL_DATA) $(PKG_BUILD_DIR)/files/etc/hotplug.d/iface/00-phantap $(1)/etc/hotplug.d/iface/
+ $(INSTALL_DIR) $(1)/etc/hotplug.d/net
+ $(INSTALL_DATA) $(PKG_BUILD_DIR)/files/etc/hotplug.d/net/00-phantap $(1)/etc/hotplug.d/net/
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/files/etc/init.d/phantap $(1)/etc/init.d/
+ $(INSTALL_DIR) $(1)/etc/sysctl.d
+ $(INSTALL_DATA) $(PKG_BUILD_DIR)/files/etc/sysctl.d/12-phantap.conf $(1)/etc/sysctl.d/
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/files/usr/bin/phantap $(1)/usr/bin/
+endef
+
+define Package/phantap-learn/install
+ $(INSTALL_DIR) $(1)/etc/hotplug.d/iface
+ $(INSTALL_DATA) $(PKG_BUILD_DIR)/files/etc/hotplug.d/iface/00-phantap-learn $(1)/etc/hotplug.d/iface/
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/files/etc/init.d/phantap-learn $(1)/etc/init.d/
+ $(INSTALL_DIR) $(1)/usr/sbin
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/phantap-learn $(1)/usr/sbin/
+endef
+
+$(eval $(call BuildPackage,phantap))
+$(eval $(call BuildPackage,phantap-learn))
PKG_NAME:=samba
PKG_VERSION:=4.9.11
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://ftp.heanet.ie/mirrors/ftp.samba.org/stable/ \
PKG_LICENSE_FILES:=COPYING
# samba4=(asn1_compile) e2fsprogs=(compile_et) nfs-kernel-server=(rpcgen)
-HOST_BUILD_DEPENDS:=nfs-kernel-server/host e2fsprogs/host
+HOST_BUILD_DEPENDS:=python/host nfs-kernel-server/host e2fsprogs/host
PKG_BUILD_DEPENDS:=samba4/host
PKG_CONFIG_DEPENDS:= \
# - check if default mode has changed from being tcp_only
#
PKG_NAME:=shadowsocks-libev
-PKG_VERSION:=3.3.0
+PKG_VERSION:=3.3.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/shadowsocks/shadowsocks-libev/releases/download/v$(PKG_VERSION)
-PKG_HASH:=9732f8b8f02ffeea261bcf15fbf104f826012f74dbee99d016b75f0894a39649
+PKG_HASH:=afd25ae5e737be385fa53364c66095c354277e98cf141b54beb2be93d9228f4f
PKG_MAINTAINER:=Yousong Zhou <yszhou4tech@gmail.com>
include $(TOPDIR)/rules.mk
PKG_NAME:=simple-adblock
-PKG_VERSION:=1.7.0
-PKG_RELEASE:=1
+PKG_VERSION:=1.8.0
+PKG_RELEASE:=2
PKG_MAINTAINER:=Stan Grishin <stangri@melmac.net>
PKG_LICENSE:=GPL-3.0-or-later
endef
define Package/simple-adblock/description
-This service provides dnsmasq-based ad blocking.
-Please see the README for further information.
+This service provides DNSMASQ or Unbound based ad blocking.
+Please see the project's README at github for further information.
endef
if [ -z "$${IPKG_INSTROOT}" ]; then
while uci -q del ucitrack.@simple-adblock[-1]; do :; done
echo "Stopping service and removing rc.d symlink for simple-adblock"
+ uci -q del_list dhcp.@dnsmasq[0].addnhosts="/var/run/simple-adblock.addnhosts" || true
+ if [ "$$(uci -q get dhcp.@dnsmasq[0].serversfile)" == "/var/run/simple-adblock.servers" ]; then
+ uci -q del dhcp.@dnsmasq[0].serversfile || true
+ fi
/etc/init.d/simple-adblock stop || true
/etc/init.d/simple-adblock killcache || true
/etc/init.d/simple-adblock disable || true
# Simple AdBlock
-A simple DNSMASQ-based AdBlocking service for OpenWrt/LEDE Project. Loosely based on [bole5's](https://forum.openwrt.org/profile.php?id=45571) idea with major performance improvements, added features and Web UI (as a separate package); inspired by @dibdot's innovation.
+A simple DNSMASQ/Unbound-based AdBlocking service for OpenWrt/LEDE Project.
## Features
-- Supports OpenWrt Designated Driver and LEDE Project.
-- Super-fast due to the nature of supported block lists and backgrounding of already downloaded data while next list is downloading.
+- Super-fast due to the nature of supported block lists and parallel downloading/processing of the blacklists.
- Supports both hosts files and domains lists for blocking (to keep it lean and fast).
- Everything is configurable from Web UI.
- Allows you to easily add your own domains to whitelist or blacklist.
- Allows you to easily add URLs to your own blocked hosts or domains lists to block/whitelist (just put whitelisted domains one per line).
- Requires no configuration for the download utility wherever you want to use wget/libopenssl or uclient-fetch/libustream-mbedtls.
-- Installs dependencies automatically (DD/LEDE-default uclient-fetch libustream-mbedtls).
-- Doesn't stay in memory -- creates the list of blocked domains and then uses DNSMASQ and firewall rules to serve "domain not found reply".
-- As some of the default lists are using https, reliably works with either wget/libopenssl or uclient-fetch/libustream-mbedtls.
-- Very lightweight and easily hackable, the whole script is just one /etc/init.d/simple-adblock file.
-- Logs single entry in the system log with the number of blocked domains if verbosity is set to 0.
-- Retains the downloaded/sorted adblocking list on service stop and reuses it on service start (use reload if you want to force re-download of the list).
-- Blocks ads served over https.
+- Installs dependencies automatically.
+- Doesn't stay in memory -- creates the list of blocked domains and then uses DNSMASQ/Unbound and firewall rules to serve NXDOMAIN or 127.0.0.1 (depending on settings) reply for blocked domains.
+- As some of the default lists are using https, reliably works with either wget/libopenssl, uclient-fetch/libustream-mbedtls or curl.
+- Very lightweight and easily hackable, the whole script is just one ```/etc/init.d/simple-adblock``` file.
+- Retains the downloaded/sorted AdBlocking list on service stop and reuses it on service start (use ```dl``` command if you want to force re-download of the list).
+- Blocks ads served over https (unlike PixelServ-derived solutions).
- Proudly made in Canada, using locally-sourced electrons.
-If you want a more robust AdBlocking, supporting free memory detection and complex block lists, supporting IDN, check out [@dibdot's adblock](https://github.com/openwrt/packages/tree/master/net/adblock/files).
+If you want a more robust AdBlocking, supporting free memory detection and complex block lists, supporting IDN, check out [net/adblock](https://github.com/openwrt/packages/tree/master/net/adblock/files).
## Screenshot (luci-app-simple-adblock)
-
+
## Requirements
-This service requires the following packages to be installed on your router: ```dnsmasq``` or ```dnsmasq-full``` and either ```ca-certificates```, ```wget``` and ```libopenssl``` (for OpenWrt 15.05.1) or ```uclient-fetch``` and ```libustream-mbedtls``` (for OpenWrt DD trunk and all LEDE Project builds). Additionally installation of ```coreutils-sort``` is highly recommended as it speeds up blocklist processing.
+This service requires the following packages to be installed on your router: ```dnsmasq``` or ```dnsmasq-full``` or ```unbound``` and either ```ca-certificates```, ```wget``` and ```libopenssl``` (for OpenWrt 15.05.1) or ```uclient-fetch``` and ```libustream-mbedtls``` (for LEDE Project and OpenWrt 18.06.xx or newer). Additionally installation of ```coreutils-sort``` is highly recommended as it speeds up blocklist processing.
To satisfy the requirements for connect to your router via ssh and run the following commands:
opkg update; opkg install ca-certificates wget libopenssl coreutils-sort dnsmasq
```
-### LEDE Project 17.01.x and OpenWrt 18.xx or later Requirements
+### LEDE Project 17.01.x and OpenWrt 18.xx (or newer) Requirements
```sh
opkg update; opkg install uclient-fetch libustream-mbedtls coreutils-sort dnsmasq
opkg update; opkg install ip6tables-mod-nat kmod-ipt-nat6
```
-### Speed up blocklist processing with coreutils-sort
+### Speed Up Blocklist Processing
The ```coreutils-sort``` is an optional, but recommended package as it speeds up sorting and removing duplicates from the merged list dramatically. If opkg complains that it can't install ```coreutils-sort``` because /usr/bin/sort is already provided by busybox, you can run ```opkg --force-overwrite install coreutils-sort```.
-## Unmet dependencies
+## Unmet Dependencies
If you are running a development (trunk/snapshot) build of OpenWrt/LEDE Project on your router and your build is outdated (meaning that packages of the same revision/commit hash are no longer available and when you try to satisfy the [requirements](#requirements) you get errors), please flash either current LEDE release image or current development/snapshot image.
-## How to install
+## How To Install
Install ```simple-adblock``` and ```luci-app-simple-adblock``` packages from Web UI or run the following in the command line:
opkg update; opkg install simple-adblock luci-app-simple-adblock
```
-If ```simple-adblock``` and ```luci-app-simple-adblock``` packages are not found in the official feed/repo for your version of OpenWrt/LEDE Project, you will need to [add a custom repo to your router](#add-custom-repo-to-your-router) first.
-
-### Add custom repo to your router
-
-If your router is not set up with the access to repository containing these packages you will need to add custom repository to your router by connecting to your router via ssh and running the following commands:
-
-#### OpenWrt 15.05.1 Instructions
-
-```sh
-opkg update; opkg install ca-certificates wget libopenssl
-echo -e -n 'untrusted comment: LEDE usign key of Stan Grishin\nRWR//HUXxMwMVnx7fESOKO7x8XoW4/dRidJPjt91hAAU2L59mYvHy0Fa\n' > /tmp/stangri-repo.pub && opkg-key add /tmp/stangri-repo.pub
-! grep -q 'stangri_repo' /etc/opkg/customfeeds.conf && echo 'src/gz stangri_repo https://raw.githubusercontent.com/stangri/openwrt-repo/master' >> /etc/opkg/customfeeds.conf
-opkg update
-opkg install simple-adblock luci-app-simple-adblock
-```
-
-#### LEDE Project 17.01.x and OpenWrt 18.06.x Instructions
-
-```sh
-opkg update
-opkg list-installed | grep -q uclient-fetch || opkg install uclient-fetch
-opkg list-installed | grep -q libustream || opkg install libustream-mbedtls
-echo -e -n 'untrusted comment: LEDE usign key of Stan Grishin\nRWR//HUXxMwMVnx7fESOKO7x8XoW4/dRidJPjt91hAAU2L59mYvHy0Fa\n' > /tmp/stangri-repo.pub && opkg-key add /tmp/stangri-repo.pub
-! grep -q 'stangri_repo' /etc/opkg/customfeeds.conf && echo 'src/gz stangri_repo https://raw.githubusercontent.com/stangri/openwrt-repo/master' >> /etc/opkg/customfeeds.conf
-opkg update
-opkg install simple-adblock luci-app-simple-adblock
-```
+If ```simple-adblock``` and ```luci-app-simple-adblock``` packages are not found in the official feed/repo for your version of OpenWrt/LEDE Project, you will need to [add a custom repo to your router](https://github.com/stangri/openwrt_packages/blob/master/README.md#on-your-router) first.
## Default Settings
-Default configuration has service disabled (use Web UI to enable/start service or run ```uci set simple-adblock.config.enabled=1```) and selected ad/malware lists suitable for routers with 64Mb RAM. The configuration file has lists in descending order starting with biggest ones, comment out or delete the lists you don't want or your router can't handle.
+Default configuration has service disabled (use Web UI to enable/start service or run ```uci set simple-adblock.config.enabled=1; uci commit simple-adblock;```) and selected ad/malware lists suitable for routers with 64Mb RAM. The configuration file has lists in descending order starting with biggest ones, comment out or delete the lists you don't want or your router can't handle.
-## How to customize
+## How To Customize
You can use Web UI (found in Services/Simple AdBlock) to add/remove/edit links to:
-- hosts files (127.0.0.1 or 0.0.0.0 followed by space and domain name per line) to be blocked.
+- [hosts files](https://en.wikipedia.org/wiki/Hosts_(file)) (127.0.0.1 or 0.0.0.0 followed by space and domain name per line) to be blocked.
- domains lists (one domain name per line) to be blocked.
-- domains lists (one domain name per line) to be whitelisted. It is useful if you want to run simple-adblock on multiple routers and maintain one centralized whitelist which you can publish on a web-server.
+- domains lists (one domain name per line) to be whitelisted. It is useful if you want to run ```simple-adblock``` on multiple routers and maintain one centralized whitelist which you can publish on a web-server.
-Please note that these lists **have** to include either ```http://``` or ```https://``` (or, if ```curl``` is installed the ```file://```) prefix. Some of the top block lists (both hosts files and domains lists) suitable for routers with at least 8MB RAM are used in the default simple-adblock installation.
+Please note that these lists **must** include either ```http://``` or ```https://``` (or, if ```curl``` is installed the ```file://```) prefix. Some of the top block lists (both hosts files and domains lists) suitable for routers with at least 8MB RAM are used in the default ```simple-adblock``` installation.
You can also use Web UI to add individual domains to be blocked or whitelisted.
-If you want to use CLI to customize simple-adblock config, you can probably figure out how to do it by looking at the contents of ```/etc/config/simple-adblock``` or output of the ```uci show simple-adblock``` command.
+If you want to use CLI to customize ```simple-adblock``` config, refer to the [Customization Settings](#customization-settings) section.
-## How to use
+## How To Use
Once the service is enabled in the [config file](#default-settings), run ```/etc/init.d/simple-adblock start``` to start the service. Either ```/etc/init.d/simple-adblock restart``` or ```/etc/init.d/simple-adblock reload``` will only restart the service and/or re-donwload the lists if there were relevant changes in the config file since the last successful start. Had the previous start resulted in any error, either ```/etc/init.d/simple-adblock start```, ```/etc/init.d/simple-adblock restart``` or ```/etc/init.d/simple-adblock reload``` will attempt to re-download the lists.
-If you want to force simple-adblock to re-download the lists, run ```/etc/init.d/simple-adblock download```.
+If you want to force simple-adblock to re-download the lists, run ```/etc/init.d/simple-adblock dl```.
If you want to check if the specific domain (or part of the domain name) is being blocked, run ```/etc/init.d/simple-adblock check test-domain.com```.
-## How does it work
-
-This service downloads (and processes in the background, removing comments and other useless data) lists of hosts and domains to be blocked, combines those lists into one big block list, removes duplicates and sorts it and then removes your whitelisted domains from the block list before converting to to dnsmasq-compatible file and restarting dnsmasq. The result of the process is that dnsmasq returns "domain not found" for the blocked domains.
+## Configuration Settings
+
+In the Web UI the ```simple-adblock``` settings are split into ```basic``` and ```advanced``` settings. The full list of configuration parameters of ```simple-adblock.config``` section is:
+
+|Web UI Section|Parameter|Type|Default|Description|
+| --- | --- | --- | --- | --- |
+|Basic|enabled|boolean|0|Enable/disable the ```simple-adblock``` service.|
+|Basic|verbosity|integer|2|Can be set to 0, 1 or 2 to control the console and system log output verbosity of the ```simple-adblock``` service.|
+|Basic|force_dns|boolean|1|Force router's DNS to local devices which may have different/hardcoded DNS server settings. If enabled, creates a firewall rule to intercept DNS requests from local devices to external DNS servers and redirect them to router.|
+|Basic|led|string|none|Use one of the router LEDs to indicate the AdBlocking status.|
+|Advanced|dns|string|dnsmasq.servers|DNS resolution option. See [table below](#dns-resolution-option) for addtional information.|
+|Advanced|ipv6_enabled|boolean|0|Add IPv6 entries to block-list if ```dnsmasq.addnhosts``` is used. This option is only visible in Web UI if the ```dnsmasq.addnhosts``` is selected as the DNS resolution option.|
+|Advanced|boot_delay|integer|120|Delay service activation for that many seconds on boot up. You can shorten it to 10-30 seconds on modern fast routers. Routers with built-in modems may require longer boot delay.|
+|Advanced|download_timeout|integer|10|Time-out downloads if no reply received within that many last seconds.|
+|Advanced|curl_retry|integer|3|If ```curl``` is installed and detected, attempt that many retries for failed downloads.|
+|Advanced|parallel_downloads|boolean|1|If enabled, all downloads are completed concurrently, if disabled -- sequentioally. Concurrent downloads dramatically speed up service loading.|
+|Advanced|debug|boolean|0|If enabled, output service full debug to ```/tmp/simple-adblock.log```. Please note that the debug file may clog up the router's RAM on some devices. Use with caution.|
+|Advanced|allow_non_ascii|boolean|0|Enable support for non-ASCII characters in the final AdBlocking file. Only enable if your target service supports non-ASCII characters. If you enable this on the system where DNS resolver doesn't support non-ASCII characters, it will crash. Use with caution.|
+|Advanced|compressed_cache|boolean|0|Create compressed cache of the AdBlocking file in router's persistent memory. Only recommended to be used on routers with large ROM and/or routers with metered/flaky internet connection.|
+||whitelist_domain|list/string||List of white-listed domains.|
+||whitelist_domains_url|list/string||List of URL(s) to text files containing white-listed domains. **Must** include either ```http://``` or ```https://``` (or, if ```curl``` is installed the ```file://```) prefix. Useful if you want to keep/publish a single white-list for multiple routers.|
+||blacklist_domains_url|list/string||List of URL(s) to text files containing black-listed domains. **Must** include either ```http://``` or ```https://``` (or, if ```curl``` is installed the ```file://```) prefix.|
+||blacklist_hosts_url|list/string||List of URL(s) to [hosts files](https://en.wikipedia.org/wiki/Hosts_(file)) containing black-listed domains. **Must** include either ```http://``` or ```https://``` (or, if ```curl``` is installed the ```file://```) prefix.|
+
+### DNS Resolution Option
+
+Currently supported options are:
+
+|Option|Explanation|
+| --- | --- |
+|```dnsmasq.addnhosts```|Creates the DNSMASQ additional hosts file ```/var/run/simple-adblock.addnhosts``` and modifies DNSMASQ settings, so that DNSMASQ resolves all blocked domains to "local machine": 127.0.0.1. This option doesn't allow block-list optimization (by removing secondary level domains if the top-level domain is also in the block-list), so it results in a much larger block-list file, but, unlike other DNSMASQ-based options, it has almost no effect on the DNS look up speed. This option also allows quick reloads of DNSMASQ on block-list updates.|
+|```dnsmasq.conf```|Creates the DNSMASQ config file ```/var/dnsmasq.d/simple-adblock``` so that DNSMASQ replies with NXDOMAIN: "domain not found". This option allows the block-list optimization (by removing secondary level domains if the top-level domain is also in the block-list), resulting in the smaller block-list file. This option will slow down DNS look up speed somewhat.|
+|```dnsmasq.servers```|Creates the DNSMASQ servers file ```/var/run/simple-adblock.servers``` and modifies DNSMASQ settings so that DNSMASQ replies with NXDOMAIN: "domain not found". This option allows the block-list optimization (by removing secondary level domains if the top-level domain is also in the block-list), resulting in the smaller block-list file. This option will slow down DNS look up speed somewhat. This is a default setting as it results in the smaller block-file and allows quick reloads of DNSMASQ.|
+|```unbound.adb_list```|Creates the Unbound config file ```/var/lib/unbound/adb_list.simple-adblock``` so that Unbound replies with NXDOMAIN: "domain not found". This option allows the block-list optimization (by removing secondary level domains if the top-level domain is also in the block-list), resulting in the smaller block-list file.|
+
+## How Does It Work
+
+This service downloads (and processes in the background, removing comments and other useless data) lists of hosts and domains to be blocked, combines those lists into one big block list, removes duplicates and sorts it and then removes your whitelisted domains from the block list before converting to to DNSMASQ/Unbound-compatible file and restarting DNSMASQ/Unbound if needed. The result of the process is that DNSMASQ/Unbound return NXDOMAIN or 127.0.0.1 (depending on settings) for the blocked domains.
If you specify ```google.com``` as a domain to be whitelisted, you will have access to ```google.com```, ```www.google.com```, ```analytics.google.com```, but not fake domains like ```email-google.com``` or ```drive.google.com.verify.signin.normandeassociation.com``` for example. If you only want to allow ```www.google.com``` while blocking all other ```google.com``` subdomains, just specify ```www.google.com``` as domain to be whitelisted.
## Documentation / Discussion
-Please head [LEDE Project Forum](https://forum.lede-project.org/t/simple-adblock-fast-lean-and-fully-uci-luci-configurable-adblocking/1327/) for discussion of this package.
+Please head to [OpenWrt Forum](https://forum.openwrt.org/t/simple-adblock-fast-lean-and-fully-uci-luci-configurable-adblocking/1327/) for discussion of this package.
## Thanks
-I'd like to thank everyone who helped create, test and troubleshoot this service. Special thanks to [@hnyman](https://github.com/hnyman) for general package/luci guidance, [@dibdot](https://github.com/dibdot) for general guidance and block-list optimization code and [@ckuethe](https://github.com/ckuethe) for the curl support, non-ASCII filtering and compressed cache code.
\ No newline at end of file
+I'd like to thank everyone who helped create, test and troubleshoot this service. Special thanks to [@hnyman](https://github.com/hnyman) for general package/luci guidance, [@dibdot](https://github.com/dibdot) for general guidance and block-list optimization code, [@ckuethe](https://github.com/ckuethe) for the curl support, non-ASCII filtering and compressed cache code, [@EricLuehrsen](https://github.com/EricLuehrsen) for the Unbound support information and [@phasecat](https://forum.openwrt.org/u/phasecat/summary) for submitting bugs and testing.
config simple-adblock 'config'
option enabled '0'
+ option dns 'dnsmasq.servers'
option verbosity '2'
option force_dns '1'
option led 'none'
option boot_delay '120'
option download_timeout '10'
+ option curl_retry '3'
option parallel_downloads '1'
option debug '0'
option allow_non_ascii '0'
# list blacklist_hosts_url 'https://hostsfile.mine.nu/Hosts'
# list blacklist_hosts_url 'https://hosts-file.net/ad_servers.txt'
# list blacklist_hosts_url 'http://sysctl.org/cameleon/hosts'
- list blacklist_hosts_url 'http://www.mvps.org/winhelp2002/hosts.txt'
+ list blacklist_hosts_url 'http://winhelp2002.mvps.org/hosts.txt'
list blacklist_hosts_url 'https://pgl.yoyo.org/as/serverlist.php?hostformat=hosts&showintro=1&mimetype=plaintext'
list blacklist_hosts_url 'https://www.malwaredomainlist.com/hostslist/hosts.txt'
list blacklist_hosts_url 'https://adaway.org/hosts.txt'
list blacklist_hosts_url 'https://someonewhocares.org/hosts/hosts'
list blacklist_hosts_url 'https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/hosts.txt'
- list blacklist_hosts_url 'https://zeustracker.abuse.ch/blocklist.php?download=hostfile'
list blacklist_domains_url 'https://mirror1.malwaredomains.com/files/justdomains'
list blacklist_domains_url 'https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt'
list blacklist_domains_url 'https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt'
export EXTRA_COMMANDS="check dl killcache status"
export EXTRA_HELP=" check Checks if specified domain is found in current blacklist
- dl Force-redownloads all the lists, even if the last download was successful and no config changes were made
- status Shows the service last-run status"
+ dl Force-redownloads all the list
+ status Shows the service last-run status"
readonly packageName="simple-adblock"
readonly serviceName="$packageName $PKG_VERSION"
+readonly addnhostsFile="/var/run/${packageName}.addnhosts"
+readonly addnhostsCache="/var/run/${packageName}.addnhosts.cache"
+readonly addnhostsGzip="/etc/${packageName}.addnhosts.gz"
+readonly addnhostsOutputFilter='s|^|127.0.0.1 |;s|$||'
+readonly addnhostsOutputFilterIPv6='s|^|:: |;s|$||'
readonly dnsmasqFile="/var/dnsmasq.d/${packageName}"
-readonly compressedCacheFile="/etc/${packageName}.gz"
-readonly A_TMP="/var/simple-adblock.hosts.a.tmp"
-readonly B_TMP="/var/simple-adblock.hosts.b.tmp"
-readonly cacheFile="/var/run/${packageName}.cache"
+readonly dnsmasqCache="/var/run/${packageName}.dnsmasq.cache"
+readonly dnsmasqGzip="/etc/${packageName}.dnsmasq.gz"
+readonly dnsmasqOutputFilter='s|^|local=/|;s|$|/|'
+readonly serversFile="/var/run/${packageName}.servers"
+readonly serversCache="/var/run/${packageName}.servers.cache"
+readonly serversGzip="/etc/${packageName}.servers.gz"
+readonly serversOutputFilter='s|^|server=/|;s|$|/|'
+readonly unboundFile="/var/lib/unbound/adb_list.${packageName}"
+readonly unboundCache="/var/run/${packageName}.unbound.cache"
+readonly unboundGzip="/etc/${packageName}.unbound.gz"
+readonly unboundOutputFilter='s|^|local-zone: "|;s|$|" static|'
+readonly A_TMP="/var/${packageName}.hosts.a.tmp"
+readonly B_TMP="/var/${packageName}.hosts.b.tmp"
readonly PIDFile="/var/run/${packageName}.pid"
-readonly JsonFile="/var/run/${packageName}.json"
-readonly h_filter='/localhost/d;/^#/d;/^[^0-9]/d;s/^0\.0\.0\.0.//;s/^127\.0\.0\.1.//;s/[[:space:]]*#.*$//;s/[[:cntrl:]]$//;s/[[:space:]]//g;/[`~!@#\$%\^&\*()=+;:"'\'',<>?/\|[{}]/d;/]/d;/\./!d;/^$/d;/[^[:alnum:]_.-]/d;'
-readonly d_filter='/^#/d;s/[[:space:]]*#.*$//;s/[[:space:]]*$//;s/[[:cntrl:]]$//;/[[:space:]]/d;/[`~!@#\$%\^&\*()=+;:"'\'',<>?/\|[{}]/d;/]/d;/\./!d;/^$/d;/[^[:alnum:]_.-]/d;'
-readonly f_filter='s|^|local=/|;s|$|/|'
+readonly jsonFile="/var/run/${packageName}.json"
+readonly hostsFilter='/localhost/d;/^#/d;/^[^0-9]/d;s/^0\.0\.0\.0.//;s/^127\.0\.0\.1.//;s/[[:space:]]*#.*$//;s/[[:cntrl:]]$//;s/[[:space:]]//g;/[`~!@#\$%\^&\*()=+;:"'\'',<>?/\|[{}]/d;/]/d;/\./!d;/^$/d;/[^[:alnum:]_.-]/d;'
+readonly domainsFilter='/^#/d;s/[[:space:]]*#.*$//;s/[[:space:]]*$//;s/[[:cntrl:]]$//;/[[:space:]]/d;/[`~!@#\$%\^&\*()=+;:"'\'',<>?/\|[{}]/d;/]/d;/\./!d;/^$/d;/[^[:alnum:]_.-]/d;'
readonly checkmark='\xe2\x9c\x93'
readonly xmark='\xe2\x9c\x97'
readonly _OK_='\033[0;32m\xe2\x9c\x93\033[0m'
readonly statusProcessing='Processing'
readonly statusStopped='Stopped'
+export logmsg
create_lock() { [ -e "$PIDFile" ] && return 1; touch "$PIDFile"; }
-remove_lock() { [ -e "$PIDFile" ] && rm -f "$PIDFile"; } # rm -f /var/simple-adblock_tmp_* >/dev/null 2>&1; }
+remove_lock() { [ -e "$PIDFile" ] && rm -f "$PIDFile"; }
trap remove_lock EXIT
-output_ok() { case $verbosity in 1) output 1 "$_OK_";; 2) output 2 "$__OK__\\n";; esac; }
-output_okn() { case $verbosity in 1) output 1 "$_OK_\\n";; 2) output 2 "$__OK__\\n";; esac; }
-output_fail() { case $verbosity in 1) output 1 "$_FAIL_";; 2) output 2 "$__FAIL__\\n";; esac; }
-output_failn() { case $verbosity in 1) output 1 "$_FAIL_\\n";; 2) output 2 "$__FAIL__\\n";; esac; }
-export logmsg
+output_ok() { output 1 "$_OK_"; output 2 "$__OK__\\n"; }
+output_okn() { output 1 "$_OK_\\n"; output 2 "$__OK__\\n"; }
+output_fail() { output 1 "$_FAIL_\\n"; output 2 "$__FAIL__\\n"; }
+output_failn() { output 1 "$_FAIL_"; output 2 "$__FAIL__\\n"; }
output() {
# Can take a single parameter (text) to be output at any verbosity
# Or target verbosity level and text to be output at specifc verbosity
if [ $# -ne 1 ]; then
- if [ ! $((verbosity & $1)) -gt 0 ]; then return 0; else shift; fi
+ if [ $((verbosity & $1)) -gt 0 ] || [ "$verbosity" == "$1" ]; then shift; else return 0; fi
fi
[ -t 1 ] && echo -e -n "$1"
local msg=$(echo -n "${1/$serviceName /service }" | sed 's|\\033\[[0-9]\?;\?[0-9]\?[0-9]\?m||g');
}
led_on(){ if [ -n "${1}" ] && [ -e "${1}/trigger" ]; then echo "default-on" > "${1}/trigger" 2>&1; fi; }
led_off(){ if [ -n "${1}" ] && [ -e "${1}/trigger" ]; then echo "none" > "${1}/trigger" 2>&1; fi; }
-testCompressedCache(){ [ "$compressedCache" -gt 0 ] && gzip -t -c $compressedCacheFile; }
-boot() { load_package_config; ( sleep "$bootDelay" && rc_procd start_service && rc_procd service_triggers | cat & ); }
export serviceEnabled
export forceDNS
export debug
export allowNonAscii
export compressedCache
+export targetDNS
export bootDelay
export dlTimeout
+export curlRetry
export verbosity
export led
export whitelist_domains
export blacklist_domains_urls
export blacklist_hosts_urls
export wan_if wan_gw wanphysdev dl_command serviceStatus dl_flag
-export dlStatus
+export outputFilter outputFilterIPv6 outputFile outputGzip outputCache ipv6Enabled
load_package_config() {
config_load "$packageName"
config_get_bool debug "config" "debug" 0
config_get_bool allowNonAscii "config" "allow_non_ascii" 0
config_get_bool compressedCache "config" "compressed_cache" 0
+ config_get_bool ipv6Enabled "config" "ipv6_enabled" 0
config_get bootDelay "config" "boot_delay" "120"
config_get dlTimeout "config" "download_timeout" "20"
+ config_get curlRetry "config" "curl_retry" "3"
config_get verbosity "config" "verbosity" "2"
config_get led "config" "led"
+ config_get targetDNS "config" "dns" "dnsmasq.servers"
config_get whitelist_domains "config" "whitelist_domain"
config_get blacklist_domains "config" "blacklist_domain"
config_get whitelist_domains_urls "config" "whitelist_domains_url"
config_get blacklist_domains_urls "config" "blacklist_domains_url"
config_get blacklist_hosts_urls "config" "blacklist_hosts_url"
+ if [ "$targetDNS" != "dnsmasq.addnhosts" ] && [ "$targetDNS" != "dnsmasq.conf" ] && \
+ [ "$targetDNS" != "dnsmasq.servers" ] && [ "$targetDNS" != "unbound.adb_list" ]; then
+ targetDNS="dnsmasq.servers"
+ fi
+
+ case "$targetDNS" in
+ dnsmasq.addnhosts)
+ outputFilter="$addnhostsOutputFilter"
+ outputFile="$addnhostsFile"
+ outputCache="$addnhostsCache"
+ outputGzip="$addnhostsGzip"
+ [ "$ipv6Enabled" -gt 0 ] && outputFilterIPv6="$addnhostsOutputFilterIPv6"
+ rm -f "$dnsmasqFile" "$dnsmasqCache" "$dnsmasqGzip"
+ rm -f "$serversFile" "$serversCache" "$serversGzip"
+ rm -f "$unboundFile" "$unboundCache" "$unboundGzip"
+ ;;
+ dnsmasq.conf)
+ outputFilter="$dnsmasqOutputFilter"
+ outputFile="$dnsmasqFile"
+ outputCache="$dnsmasqCache"
+ outputGzip="$dnsmasqGzip"
+ rm -f "$addnhostsFile" "$addnhostsCache" "$addnhostsGzip"
+ rm -f "$serversFile" "$serversCache" "$serversGzip"
+ rm -f "$unboundFile" "$unboundCache" "$unboundGzip"
+ ;;
+ dnsmasq.servers)
+ outputFilter="$serversOutputFilter"
+ outputFile="$serversFile"
+ outputCache="$serversCache"
+ outputGzip="$serversGzip"
+ rm -f "$dnsmasqFile" "$dnsmasqCache" "$dnsmasqGzip"
+ rm -f "$addnhostsFile" "$addnhostsCache" "$addnhostsGzip"
+ rm -f "$unboundFile" "$unboundCache" "$unboundGzip"
+ ;;
+ unbound.adb_list)
+ outputFilter="$unboundOutputFilter"
+ outputFile="$unboundFile"
+ outputCache="$unboundCache"
+ outputGzip="$unboundGzip"
+ rm -f "$dnsmasqFile" "$dnsmasqCache" "$dnsmasqGzip"
+ rm -f "$addnhostsFile" "$addnhostsCache" "$addnhostsGzip"
+ rm -f "$serversFile" "$serversCache" "$serversGzip"
+ ;;
+ esac
if [ -z "${verbosity##*[!0-9]*}" ] || [ "$verbosity" -lt 0 ] || [ "$verbosity" -gt 2 ]; then
verbosity=1
fi
. /usr/share/libubox/jshn.sh
# Prefer curl because it supports the file: scheme.
if [ -x /usr/bin/curl ] ; then
- dl_command="curl --insecure --connect-timeout $dlTimeout --silent"
+ dl_command="curl --insecure --retry $curlRetry --connect-timeout $dlTimeout --silent"
dl_flag="-o"
else
dl_command="wget --no-check-certificate --timeout $dlTimeout -q"
fi
if [ "$serviceEnabled" -eq 0 ]; then
- if [ "$1" = "on_start" ]; then
- output "$packageName is currently disabled.\\n"
- output "Run the following commands before starting service again:\\n"
- output "uci set $packageName.config.enabled='1'; uci commit;\\n"
- fi
+ case "$1" in
+ on_start)
+ output "$packageName is currently disabled.\\n"
+ output "Run the following commands before starting service again:\\n"
+ output "uci set ${packageName}.config.enabled='1'; uci commit $packageName;\\n"
+ ;;
+ esac
return 1
fi
- [ ! -d ${dnsmasqFile%/*} ] && mkdir -p ${dnsmasqFile%/*}
- testCompressedCache && return 0
+
+ [ ! -d "${outputFile%/*}" ] && mkdir -p "${outputFile%/*}"
+ [ ! -d "${outputCache%/*}" ] && mkdir -p "${outputFile%/*}"
+ [ ! -d "${outputGzip%/*}" ] && mkdir -p "${outputFile%/*}"
+ cacheOps 'testGzip' && return 0
network_flush_cache; network_find_wan wan_if; network_get_gateway wan_gw "$wan_if";
[ -n "$wan_gw" ] && return 0
output "$_ERROR_: $serviceName failed to discover WAN gateway.\\n"; return 1;
dnsmasq_kill() { killall -q -HUP dnsmasq; }
dnsmasq_restart() { /etc/init.d/dnsmasq restart >/dev/null 2>&1; }
-reload_dnsmasq() {
+unbound_restart() { /etc/init.d/unbound restart >/dev/null 2>&1; }
+reload_resolver() {
+ local param output_text
case $1 in
on_start)
- if [ -s "$dnsmasqFile" ]; then
- output 3 "Restarting DNSMASQ "
- tmpfs set message "restarting DNSMASQ"
- if dnsmasq_restart; then
- tmpfs set status "$statusSuccess"
- led_on "$led"
- output_okn
- else
- output_failn
- tmpfs set status "$statusFail"
- tmpfs add error "DNSMASQ restart error"
- output "$_ERROR_: $serviceName failed to restart DNSMASQ!\\n"
- return 1
- fi
- else
+ if [ ! -s "$outputFile" ]; then
tmpfs set status "$statusFail"
- tmpfs add error "Failed to create $dnsmasqFile file."
+ tmpfs add error "Error: Failed to create $outputFile file."
output "$_ERROR_: $serviceName failed to create its data file!\\n"
return 1
fi
- ;;
- on_stop)
- [ -f $dnsmasqFile ] && mv $dnsmasqFile $cacheFile
- output 3 "Restarting dnsmasq "
- if dnsmasq_restart; then
- led_off "$led"
+ case "$targetDNS" in
+ dnsmasq.addnhosts)
+ uci -q del_list dhcp.@dnsmasq[0].addnhosts="$addnhostsFile"
+ uci add_list dhcp.@dnsmasq[0].addnhosts="$addnhostsFile"
+ if [ -n "$(uci changes dhcp)" ]; then
+ uci commit dhcp
+ param=dnsmasq_restart
+ output_text="Restarting DNSMASQ"
+ else
+ param=dnsmasq_kill
+ output_text="Reloading DNSMASQ"
+ fi
+ ;;
+ dnsmasq.conf)
+ param=dnsmasq_restart
+ output_text="Restarting DNSMASQ"
+ ;;
+ dnsmasq.servers)
+ if [ "$(uci -q get dhcp.@dnsmasq[0].serversfile)" != "$serversFile" ]; then
+ uci set dhcp.@dnsmasq[0].serversfile="$serversFile"
+ uci commit dhcp
+ param=dnsmasq_restart
+ output_text="Restarting DNSMASQ"
+ else
+ param=dnsmasq_kill
+ output_text="Reloading DNSMASQ"
+ fi
+ ;;
+ unbound.adb_list)
+ param=unbound_restart
+ output_text="Restarting Unbound"
+ ;;
+ esac
+ output 1 "$output_text "
+ output 2 "$output_text "
+ tmpfs set message "$output_text"
+ if eval "$param"; then
+ tmpfs set status "$statusSuccess"
+ led_on "$led"
output_okn
- output "$serviceName stopped.\\n"
- tmpfs set status "$statusStopped"
- tmpfs del message
- tmpfs del error
- return 0
- else
- output_failn;
+ else
+ output_fail
tmpfs set status "$statusFail"
- tmpfs add error "DNSMASQ restart error on stop"
- output "$_ERROR_: $serviceName failed to restart DNSMASQ on stop !\\n"
+ tmpfs add error "Error: $output_text error."
+ output "$_ERROR_: $serviceName $output_text error!\\n"
return 1
fi
;;
- quiet | *)
- dnsmasq_restart && return 0 || return 1
+ on_stop)
+ cacheOps 'create'
+ case "$targetDNS" in
+ dnsmasq.addnhosts | dnsmasq.servers)
+ if [ -n "$(uci changes dhcp)" ]; then
+ uci -q commit dhcp
+ param=dnsmasq_restart
+ else
+ param=dnsmasq_kill
+ fi
+ ;;
+ dnsmasq.conf)
+ param=dnsmasq_restart
+ ;;
+ unbound.adb_list)
+ param=unbound_restart
+ ;;
+ esac
+ eval "$param"
+ return $?
+ ;;
+ quiet)
+ case "$targetDNS" in
+ dnsmasq.addnhosts | dnsmasq.servers | dnsmasq.conf)
+ param=dnsmasq_restart
+ ;;
+ unbound.adb_list)
+ param=unbound_restart
+ ;;
+ esac
+ eval "$param"
+ return $?
;;
esac
}
local action="$1" instance="$2" value="$3"
local status message error stats
local readReload readRestart curReload curRestart ret
- if [ -s "$JsonFile" ]; then
- status="$(jsonfilter -i $JsonFile -l1 -e "@['data']['status']")"
- message="$(jsonfilter -i $JsonFile -l1 -e "@['data']['message']")"
- error="$(jsonfilter -i $JsonFile -l1 -e "@['data']['error']")"
- stats="$(jsonfilter -i $JsonFile -l1 -e "@['data']['stats']")"
- readReload="$(jsonfilter -i $JsonFile -l1 -e "@['data']['reload']")"
- readRestart="$(jsonfilter -i $JsonFile -l1 -e "@['data']['restart']")"
+ if [ -s "$jsonFile" ]; then
+ status="$(jsonfilter -i $jsonFile -l1 -e "@['data']['status']")"
+ message="$(jsonfilter -i $jsonFile -l1 -e "@['data']['message']")"
+ error="$(jsonfilter -i $jsonFile -l1 -e "@['data']['error']")"
+ stats="$(jsonfilter -i $jsonFile -l1 -e "@['data']['stats']")"
+ readReload="$(jsonfilter -i $jsonFile -l1 -e "@['data']['reload']")"
+ readRestart="$(jsonfilter -i $jsonFile -l1 -e "@['data']['restart']")"
fi
case "$action" in
get)
stats)
echo "$stats"; return;;
triggers)
- curReload="$allowNonAscii $parallelDL $debug $dlTimeout $whitelist_domains $blacklist_domains $whitelist_domains_urls $blacklist_domains_urls $blacklist_hosts_urls"
+ curReload="$allowNonAscii $parallelDL $debug $dlTimeout $whitelist_domains $blacklist_domains $whitelist_domains_urls $blacklist_domains_urls $blacklist_hosts_urls $targetDNS"
curRestart="$compressedCache $forceDNS $led"
if [ "$curReload" != "$readReload" ]; then
ret="download"
stats)
stats="$value";;
triggers)
- readReload="$allowNonAscii $parallelDL $debug $dlTimeout $whitelist_domains $blacklist_domains $whitelist_domains_urls $blacklist_domains_urls $blacklist_hosts_urls"
+ readReload="$allowNonAscii $parallelDL $debug $dlTimeout $whitelist_domains $blacklist_domains $whitelist_domains_urls $blacklist_domains_urls $blacklist_hosts_urls $targetDNS"
readRestart="$compressedCache $forceDNS $led"
;;
esac
json_add_string reload "$readReload"
json_add_string restart "$readRestart"
json_close_object
- json_dump > "$JsonFile"
+ json_dump > "$jsonFile"
sync
}
+cacheOps(){
+ local R_TMP
+ case "$1" in
+ create|backup)
+ [ -f "$outputFile" ] && mv "$outputFile" "$outputCache" >/dev/null 2>/dev/null
+ return $?
+ ;;
+ restore|use)
+ [ -f "$outputCache" ] && mv "$outputCache" "$outputFile" >/dev/null 2>/dev/null
+ return $?
+ ;;
+ test)
+ [ -s "$outputCache" ]
+ return $?
+ ;;
+ testGzip)
+ [ -s "$outputGzip" ] && gzip -t -c "$outputGzip"
+ return $?
+ ;;
+ createGzip)
+ R_TMP="$(mktemp -u -q -t ${packageName}_tmp.XXXXXXXX)"
+ if gzip < "$outputFile" > "$R_TMP"; then
+ if mv "$R_TMP" "$outputGzip"; then
+ rm -f "$R_TMP"
+ return 0
+ else
+ rm -f "$R_TMP"
+ return 1
+ fi
+ else
+ return 1
+ fi
+ ;;
+ expand|unpack|expandGzip|unpackGzip)
+ [ -s "$outputGzip" ] && gzip -dc < "$outputGzip" > "$outputCache"
+ return $?
+ ;;
+ esac
+}
+
is_chaos_calmer() { ubus -S call system board | grep -q "Chaos Calmer"; }
remove_fw3_redirect() {
if [ -z "$1" ] || [ -z "$2" ] || [ -z "$3" ]; then return 1; fi
label="${1##*//}"; label="${label%%/*}";
if [ "$2" = "hosts" ]; then
- label="Hosts: $label"; filter="$h_filter";
+ label="Hosts: $label"; filter="$hostsFilter";
else
- label="Domains: $label"; filter="$d_filter";
+ label="Domains: $label"; filter="$domainsFilter";
fi
if [ "$3" = "blocked" ]; then
type="Blocked"; D_TMP="$B_TMP";
R_TMP="$(mktemp -u -q -t ${packageName}_tmp.XXXXXXXX)"
done
if ! $dl_command "$1" $dl_flag "$R_TMP" 2>/dev/null || [ ! -s "$R_TMP" ]; then
- output 2 "[DL] $type $label $__FAIL__\\n"
output 1 "$_FAIL_"
-# tmpfs add message "-"
- dlStatus="${dlStatus}-"
- tmpfs add error "Error downloading ${1}."
- return 0
+ output 2 "[DL] $type $label $__FAIL__\\n"
+ echo -e -n "Error: downloading '${1}'.\\n" >> "${jsonFile}.error"
+ else
+ sed -i "$filter" "$R_TMP"
+ if [ ! -s "$R_TMP" ]; then
+ output 1 "$_FAIL_"
+ output 2 "[DL] $type $label $__FAIL__\\n"
+ echo -e -n "Error: parsing '${1}'.\\n" >> "${jsonFile}.error"
+ else
+ cat "${R_TMP}" >> "$D_TMP"
+ output 1 "$_OK_"
+ output 2 "[DL] $type $label $__OK__\\n"
+ fi
fi
- sed -i "$filter" "$R_TMP"
- cat "${R_TMP}" >> "$D_TMP"
- rm -f "${R_TMP}" >/dev/null 2>/dev/null
- output 2 "[DL] $type $label $__OK__\\n"
- output 1 "$_OK_"
-# tmpfs add message "+"
- dlStatus="${dlStatus}+"
+ rm -f "$R_TMP"
return 0
}
download_lists() {
- local i hf w_filter j=0 R_TMP
+ local hf w_filter j=0 R_TMP
tmpfs set message "${statusDownloading}..."
- for i in $A_TMP $B_TMP $cacheFile $dnsmasqFile; do [ -f $i ] && rm -f $i; done
+ rm -f "$A_TMP" "$B_TMP" "$outputFile" "$outputCache" "$outputGzip"
if [ "$(awk '/^MemFree/ {print int($2/1000)}' "/proc/meminfo")" -lt 32 ]; then
- output 3 "Low free memory, restarting dnsmasq..."
- if reload_dnsmasq "quiet"; then output_okn; else output_failn; fi
+ output 3 "Low free memory, restarting resolver... "
+ if reload_resolver 'quiet'; then
+ output_okn
+ else
+ output_fail
+ fi
fi
touch $A_TMP; touch $B_TMP;
output 1 "Downloading lists "
- unset dlStatus
+ rm -f "${jsonFile}.error"
if [ -n "$blacklist_hosts_urls" ]; then
for hf in ${blacklist_hosts_urls}; do
if [ "$parallelDL" -gt 0 ]; then
done
fi
wait
- dlStatus="${dlStatus//-/$xmark}"
- dlStatus="${dlStatus//+/$checkmark}"
- [ "$verbosity" = "1" ] && logmsg="${logmsg}${dlStatus}"
+ [ -s "${jsonFile}.error" ] && tmpfs add error "$(cat "${jsonFile}.error")"
+ rm -f "${jsonFile}.error"
output 1 "\\n"
- [ -n "$blacklist_domains" ] && for hf in ${blacklist_domains}; do echo "$hf" | sed "$d_filter" >> $B_TMP; done
+ [ -n "$blacklist_domains" ] && for hf in ${blacklist_domains}; do echo "$hf" | sed "$domainsFilter" >> $B_TMP; done
whitelist_domains="${whitelist_domains}
$(cat $A_TMP)"
[ -n "$whitelist_domains" ] && for hf in ${whitelist_domains}; do hf=$(echo "$hf" | sed 's/\./\\./g'); w_filter="$w_filter/^${hf}$/d;/\\.${hf}$/d;"; done
- if [ -s $B_TMP ]; then
- output 1 "Processing downloads "
- output 2 "Sorting combined list "
- tmpfs set message "$statusProcessing: sorting combined list"
- if sort $B_TMP | uniq > $A_TMP; then
+
+ [ ! -s "$B_TMP" ] && return 1
+
+ output 1 "Processing downloads "
+ output 2 "Sorting combined list "
+ tmpfs set message "$statusProcessing: sorting combined list"
+ if [ "$allowNonAscii" -gt 0 ]; then
+ if sort "$B_TMP" | uniq > "$A_TMP"; then
output_ok
else
- output_fail
- tmpfs add error "Sorting error."
+ output_failn
+ tmpfs add error "Error: Sorting error."
fi
+ else
+ if sort "$B_TMP" | uniq | grep -E -v '[^a-zA-Z0-9=/.-]' > "$A_TMP"; then
+ output_ok
+ else
+ output_failn
+ tmpfs add error "Error: Sorting error."
+ fi
+ fi
-# TLD optimization written by Dirk Brenken (dev@brenken.org)
+ if [ "$targetDNS" == "dnsmasq.conf" ] || \
+ [ "$targetDNS" == "dnsmasq.servers" ] || \
+ [ "$targetDNS" == "unbound.adb_list" ]; then
+ # TLD optimization written by Dirk Brenken (dev@brenken.org)
output 2 "Optimizing combined list "
tmpfs set message "$statusProcessing: optimizing combined list"
if awk -F "." '{for(f=NF;f>1;f--)printf "%s.",$f;print $1}' "$A_TMP" > "$B_TMP"; then
if sort "$A_TMP" | uniq > "$B_TMP"; then
output_ok
else
- output_fail
- tmpfs add error "Data file optimization error."
- mv $A_TMP $B_TMP
+ output_failn
+ tmpfs add error "Error: Data file optimization."
+ mv "$A_TMP" "$B_TMP"
fi
else
- output_fail
- tmpfs add error "Data file optimization error."
+ output_failn
+ tmpfs add error "Error: Data file optimization."
fi
else
- output_fail
- tmpfs add error "Data file optimization error."
- mv $A_TMP $B_TMP
+ output_failn
+ tmpfs add error "Error: Data file optimization."
+ mv "$A_TMP" "$B_TMP"
fi
else
- output_fail
- tmpfs add error "Data file optimization error."
+ output_failn
+ tmpfs add error "Error: Data file optimization."
fi
else
- output_fail
- tmpfs add error "Data file optimization error."
- mv $A_TMP $B_TMP
+ output_failn
+ tmpfs add error "Error: Data file optimization."
+ mv "$A_TMP" "$B_TMP"
fi
+ else
+ mv "$A_TMP" "$B_TMP"
+ fi
- output 2 "Whitelisting domains "
- tmpfs set message "$statusProcessing: whitelisting domains"
- if sed -i "$w_filter" $B_TMP; then
- output_ok
- else
- output_fail
- tmpfs add error "Whitelist processing error."
- fi
- output 2 "Formatting merged file "
- tmpfs set message "$statusProcessing: formatting merged file"
- if [ "$allowNonAscii" -gt 0 ]; then
- if sed "$f_filter" $B_TMP > $A_TMP; then
- output_ok
- else
- output_fail
- tmpfs add error "Data file formatting error."
- fi
- else
- if sed "$f_filter" $B_TMP | grep -E -v '[^a-zA-Z0-9=/.-]' > $A_TMP; then
- output_ok
- else
- output_fail
- tmpfs add error "Data file formatting error."
- fi
- fi
+ output 2 "Whitelisting domains "
+ tmpfs set message "$statusProcessing: whitelisting domains"
+ if sed -i "$w_filter" "$B_TMP"; then
+ output_ok
+ else
+ output_failn
+ tmpfs add error "Error: Whitelist processing."
+ fi
- output 2 "Creating DNSMASQ config "
- tmpfs set message "$statusProcessing: creating DNSMASQ blocklist"
- if mv $A_TMP $dnsmasqFile; then
+ output 2 "Formatting merged file "
+ tmpfs set message "$statusProcessing: formatting merged file"
+ if [ -z "$outputFilterIPv6" ]; then
+ if sed "$outputFilter" "$B_TMP" > "$A_TMP"; then
output_ok
else
- output_fail
- tmpfs add error "Error moving data file ${A_TMP} to ${dnsmasqFile}."
+ output_failn
+ tmpfs add error "Error: Data file formatting."
fi
-
- if [ "$compressedCache" -gt 0 ]; then
- output 2 "Creating compressed cache "
- tmpfs set message "$statusProcessing: creating compressed cache"
- R_TMP="$(mktemp -u -q -t ${packageName}_tmp.XXXXXXXX)"
- if gzip < "$dnsmasqFile" > "$R_TMP"; then
- mv "$R_TMP" "$compressedCacheFile"
- output_ok
- else
- output_fail
- rm -f "$R_TMP"
- tmpfs add error "Error creating compressed cache."
- fi
+ else
+ if sed "$outputFilter" "$B_TMP" > "$A_TMP" && \
+ sed "$outputFilterIPv6" "$B_TMP" >> "$A_TMP"; then
+ output_ok
else
- rm -f "$compressedCacheFile" >/dev/null 2>&1
+ output_failn
+ tmpfs add error "Error: Data file formatting."
fi
+ fi
- output 2 "Removing temporary files "
- tmpfs set message "$statusProcessing: removing temporary files"
- rm -f "/tmp/${packageName}_tmp.*" >/dev/null 2>&1
- for i in $A_TMP $B_TMP $cacheFile; do if [ -s $i ]; then rm -f $i || j=1; fi; done
- if [ $j -eq 0 ]; then
+ case "$targetDNS" in
+ dnsmasq.addnhosts)
+ output 2 "Creating DNSMASQ addnhosts file "
+ tmpfs set message "$statusProcessing: creating DNSMASQ addnhosts file"
+ ;;
+ dnsmasq.conf)
+ output 2 "Creating DNSMASQ config file "
+ tmpfs set message "$statusProcessing: creating DNSMASQ config file"
+ ;;
+ dnsmasq.servers)
+ output 2 "Creating DNSMASQ servers file "
+ tmpfs set message "$statusProcessing: creating DNSMASQ servers file"
+ ;;
+ unbound.adb_list)
+ output 2 "Creating Unbound adb_list file "
+ tmpfs set message "$statusProcessing: creating Unbound adb_list file"
+ ;;
+ esac
+ if mv "$A_TMP" "$outputFile"; then
+ output_ok
+ else
+ output_failn
+ tmpfs add error "Error: moving data file '${A_TMP}' to '${outputFile}'."
+ fi
+ if [ "$compressedCache" -gt 0 ]; then
+ output 2 "Creating compressed cache "
+ tmpfs set message "$statusProcessing: creating compressed cache"
+ if cacheOps 'createGzip'; then
output_ok
else
- output_fail
- tmpfs add error "Error removing temporary files."
+ output_failn
+ tmpfs add error "Error: creating compressed cache."
fi
- output 1 "\\n"
+ else
+ rm -f "$outputGzip"
+ fi
+ output 2 "Removing temporary files "
+ tmpfs set message "$statusProcessing: removing temporary files"
+ rm -f "/tmp/${packageName}_tmp.*" "$A_TMP" "$B_TMP" "$outputCache" || j=1
+ if [ $j -eq 0 ]; then
+ output_ok
+ else
+ output_failn
+ tmpfs add error "Error: removing temporary files."
+ fi
+ output 1 "\\n"
+}
+
+boot() {
+ load_package_config
+ if create_lock; then
+ sleep "$bootDelay"
+ remove_lock
+ rc_procd start_service && rc_procd service_triggers
fi
}
start_service() {
- is_enabled "on_start" || return 1
- local ip status error action="$(tmpfs get triggers)"
+ is_enabled 'on_start' || return 1
+ local ip action status error message stats
if create_lock; then
- tmpfs set triggers
procd_open_instance "main"
procd_set_param command /bin/true
procd_set_param stdout 1
fi
fi
procd_close_instance
+
status="$(tmpfs get status)"
error="$(tmpfs get error)"
- tmpfs del status
- tmpfs del message
- tmpfs del error
- tmpfs del stats
+ message="$(tmpfs get message)"
+ stats="$(tmpfs get stats)"
+ action="$(tmpfs get triggers)"
case "$1" in
download) action="download";;
restart|*)
- if [ ! -s "$dnsmasqFile" ] && [ ! -s "$cacheFile" ] && ! testCompressedCache; then
+ if [ "$1" != "restart" ] && [ -s "$outputFile" ] && [ -n "$status" ]; then
+ status
+ exit 0
+ elif [ ! -s "$outputFile" ] && ! cacheOps 'test' && ! cacheOps 'testGzip'; then
action="download"
+ elif cacheOps 'test' || cacheOps 'testGzip'; then
+ action="start"
fi
if [ -n "$error" ]; then
action="download"
;;
esac
+ tmpfs del status
+ tmpfs del error
+ tmpfs del message
+ tmpfs del stats
+ tmpfs set triggers
+
case $action in
download)
- if [ -s "$dnsmasqFile" ] || [ -s "$cacheFile" ] || testCompressedCache; then
- output "Force-reloading $serviceName...\\n"
+ if [ -s "$outputFile" ] || cacheOps 'test' || cacheOps 'testGzip'; then
+ output 0 "Force-reloading $serviceName... "
+ output 3 "Force-reloading $serviceName...\\n"
tmpfs set status "$statusForceReloading"
else
- output "Starting $serviceName...\\n"
+ output 0 "Starting $serviceName... "
+ output 3 "Starting $serviceName...\\n"
tmpfs set status "$statusStarting"
fi
download_lists
- reload_dnsmasq "on_start"
+ reload_resolver 'on_start'
;;
- restart|*)
+ restart|start)
if [ "$action" == "restart" ]; then
- output "Retarting $serviceName...\\n"
+ output 0 "Restarting $serviceName... "
+ output 3 "Restarting $serviceName...\\n"
tmpfs set status "$statusRestarting"
else
- output "Starting $serviceName...\\n"
+ output 0 "Starting $serviceName... "
+ output 3 "Starting $serviceName...\\n"
tmpfs set status "$statusStarting"
fi
- if testCompressedCache && [ ! -s "$cacheFile" ] && [ ! -s "$dnsmasqFile" ]; then
+ if cacheOps 'testGzip' && ! cacheOps 'test' && [ ! -s "$outputFile" ]; then
output 3 "Found compressed cache file, unpacking it "
tmpfs set message "found compressed cache file, unpacking it."
- if gzip -dc < "${compressedCacheFile}" > "$cacheFile"; then
+ if cacheOps 'unpackGzip'; then
output_okn
else
- output_failn
+ output_fail
output "$_ERROR_: $serviceName failed to unpack compressed cache!\\n"
- tmpfs add error "failed to unpack compressed cache!"
+ tmpfs add error "Error: Failed to unpack compressed cache."
return 1
fi
fi
- if [ -s "$cacheFile" ] && [ ! -s "$dnsmasqFile" ]; then
+ if cacheOps 'test' && [ ! -s "$outputFile" ]; then
output 3 "Found cache file, reusing it "
tmpfs set message "found cache file, reusing it."
- if mv "$cacheFile" "$dnsmasqFile"; then
+ if cacheOps 'restore'; then
output_okn
else
- output_failn
- tmpfs add error "Error moving $cacheFile to $dnsmasqFile."
+ output_fail
+ tmpfs add error "Error: moving '$outputCache' to '$outputFile'."
fi
fi
- reload_dnsmasq "on_start"
+ reload_resolver 'on_start'
;;
esac
- if [ -s "$dnsmasqFile" ] && [ "$(tmpfs get status)" != "$statusFail" ]; then
- output "$serviceName is blocking $(wc -l < $dnsmasqFile) domains "; output_okn;
+ if [ -s "$outputFile" ] && [ "$(tmpfs get status)" != "$statusFail" ]; then
+ output 0 "$__OK__\\n";
+ local c="$(wc -l < "$outputFile")"
+ output 3 "$serviceName is blocking $c domains "; output_okn
tmpfs del message
- tmpfs set status "$statusSuccess: $(wc -l < $dnsmasqFile) domains blocked."
- if [ -n "$(tmpfs get error)" ]; then
- output "$_ERROR_: $(tmpfs get error)\\n"
+ tmpfs set status "$statusSuccess: $c domains blocked (with ${targetDNS})."
+ error="$(tmpfs get error)"
+ if [ -n "$error" ]; then
+ output "${error/Error:/$_ERROR_:}\\n"
fi
else
+ output 0 "$__FAIL__\\n";
tmpfs set status "$statusFail"
- tmpfs add error "Failed to create DNSMASQ blocklist."
+ tmpfs add error "Error: Failed to create blocklist."
fi
remove_lock
else
- output "$serviceName: another instance is starting up "; output_failn;
- return 1
+ output 3 "$serviceName: another instance is starting up "; output_fail
+ return 0
fi
}
service_started() { procd_set_config_changed firewall; }
service_stopped() { procd_set_config_changed firewall; }
-restart_service() { rc_procd stop_service "restart"; rc_procd start_service "restart"; }
+restart_service() { rc_procd start_service "restart"; }
reload_service() { restart_service; }
restart() { restart_service; }
reload() { restart_service; }
-dl() { rc_procd stop_service "restart"; rc_procd start_service "download"; }
-killcache() { [ -s $cacheFile ] && rm -f $cacheFile >/dev/null 2>/dev/null; [ -s $compressedCacheFile ] && rm -f $compressedCacheFile >/dev/null 2>/dev/null; }
+dl() { rc_procd start_service "download"; }
+
+killcache() {
+ rm -f "$addnhostsCache" "$addnhostsGzip"
+ rm -f "$dnsmasqCache" "$dnsmasqGzip"
+ rm -f "$serversCache" "$serversGzip"
+ rm -f "$unboundCache" "$unboundGzip"
+ return 0
+}
+
status() {
- local status
- if [ -n "$(tmpfs get status)" ]; then
- status="$(tmpfs get status)"
- fi
- if [ -n "$status" ] && [ -n "$(tmpfs get message)" ]; then
- status="${status}: $(tmpfs get message)"
+ local status="$(tmpfs get status)" error="$(tmpfs get error)" message="$(tmpfs get message)"
+ if [ -n "$status" ] && [ -n "$message" ]; then
+ status="${status}: $message"
fi
[ -n "$status" ] && output "$serviceName $status\\n"
- [ -n "$(tmpfs get error)" ] && output "$_ERROR_: $(tmpfs get error)\\n"
+ [ -n "$error" ] && output "$error\\n"
}
stop_service() {
load_package_config
- if [ "$serviceEnabled" -gt 0 ]; then
- if [ -z "$1" ] && [ -s "$dnsmasqFile" ]; then
- [ -s "$dnsmasqFile" ] && mv "$dnsmasqFile" "$cacheFile" >/dev/null 2>/dev/null
- output "Stopping $serviceName...\\n"
- tmpfs del triggers
- reload_dnsmasq "on_stop"
- fi
- else
- [ -s "$dnsmasqFile" ] && mv "$dnsmasqFile" "$cacheFile" >/dev/null 2>/dev/null
- reload_dnsmasq "quiet"
- fi
if is_chaos_calmer; then
- fw3_setup "stop"
+ fw3_setup 'stop'
+ fi
+ if [ -s "$outputFile" ]; then
+ output "Stopping $serviceName... "
+ tmpfs del triggers
+ if reload_resolver 'on_stop'; then
+ led_off "$led"
+ output 0 "$__OK__\\n"; output_okn
+ tmpfs set status "$statusStopped"
+ tmpfs del message
+ else
+ output 0 "$__FAIL__\\n"; output_fail
+ tmpfs set status "$statusFail"
+ tmpfs add error "Error: error stopping $serviceName."
+ output "$_ERROR_: error stopping $serviceName!\\n"
+ fi
fi
}
check() {
load_package_config
local string="$1"
- if [ ! -f "$dnsmasqFile" ]; then
- echo "No local blacklist ($dnsmasqFile) found."
+ if [ ! -f "$outputFile" ]; then
+ echo "No local blacklist ('$outputFile') found."
elif [ -z "$string" ]; then
echo "Usage: /etc/init.d/${packageName} check domain"
- elif grep -m1 -q "$string" "$dnsmasqFile"; then
- echo "Found $(grep -c "$string" "$dnsmasqFile") matches for $string in $dnsmasqFile:"
- grep "$string" "$dnsmasqFile" | sed 's|local=/||;s|/$||;'
+ elif grep -m1 -q "$string" "$outputFile"; then
+ echo "Found $(grep -c "$string" "$outputFile") matches for '$string' in '$outputFile':"
+# grep "$string" "$outputFile" | sed 's|local=/||;s|/$||;'
+ grep "$string" "$outputFile"
else
- echo "The $string is not found in current blacklist."
+ echo "The $string is not found in current blacklist ('$outputFile')."
fi
}
command line:
uci add_list dhcp.@dnsmasq[-1].server='127.0.0.1#5453'
- uci dhcp.@dnsmasq[-1].noresolv=1
+ uci set dhcp.@dnsmasq[-1].noresolv=1
uci commit && reload_config
The same outcome can be achieved in the LUCI web interface as follows:
include $(TOPDIR)/rules.mk
PKG_NAME:=stunnel
-PKG_VERSION:=5.54
+PKG_VERSION:=5.55
PKG_RELEASE:=1
PKG_LICENSE:=GPL-2.0+
https://www.usenix.org.uk/mirrors/stunnel/archive/$(word 1, $(subst .,$(space),$(PKG_VERSION))).x/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_HASH:=5e8588a6c274b46b1d63e1b50f0725f4908dec736f6588eb48d1eb3d20c87902
+PKG_HASH:=90de69f41c58342549e74c82503555a6426961b29af3ed92f878192727074c62
PKG_FIXUP:=autoreconf
PKG_FIXUP:=patch-libtool
print_options() {
local _opt
local _value
- for _opt in $*; do
+ for _opt in "$@"; do
eval "_value=\$$_opt"
[ -z "$_value" ] || echo "$_opt = $_value" >> "$CONF_FILE"
done
local _opt
local _bool
local _value
- for _opt in $*; do
+ for _opt in "$@"; do
eval "_bool=\$$_opt"
[ -z "$_bool" ] || {
_value=no
local _opt
local _values
local _value
- for _opt in $*; do
+ for _opt in "$@"; do
eval "_values=\$$_opt"
for _value in $_values; do
echo "$_opt = $_value" >> "$CONF_FILE"
local _values
local _v
shift
- for _opt in $*; do
+ for _opt in "$@"; do
_value=
eval "_values=\$$_opt"
for _v in $_values; do
local _opt
local _host
local _port
- for _opt in $*; do
+ for _opt in "$@"; do
eval "_host=\${${_opt}_host}"
eval "_port=\${${_opt}_port}"
[ -z "$_host" ] || [ -z "$_port" ] || echo "$_opt = $_host:$_port" >> "$CONF_FILE"
local _host
local _port
local _value
- for _opt in $*; do
+ for _opt in "$@"; do
eval "_host=\${${_opt}_host}"
eval "_port=\${${_opt}_port}"
[ -z "$_port" ] || {
procd_add_reload_trigger stunnel
procd_open_validate
- validate_globals_section
- validate_globals_section_service_options
- validate_service_section
- validate_service_section_service_options
+ validate_globals_section "$@"
+ validate_globals_section_service_options "$@"
+ validate_service_section "$@"
+ validate_service_section_service_options "$@"
procd_close_validate
}
include $(TOPDIR)/rules.mk
PKG_NAME:=subversion
-PKG_RELEASE:=1
-PKG_VERSION:=1.12.0
+PKG_RELEASE:=2
+PKG_VERSION:=1.12.2
PKG_SOURCE_URL:=@APACHE/subversion
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_HASH:=7fae7c73d8a007c107c0ae5eb372bc0bb013dbfe966fcd5c59cd5a195a5e2edf
+PKG_HASH:=3bd0b5c8e4c5175263dc9a92fd9aef94ce917e80af034f26fe5c45fde7e0f771
PKG_LICENSE:=Apache-2.0
PKG_LICENSE_FILES:=LICENSE
PKG_MAINTAINER:=Val Kulkov <val.kulkov@gmail.com>
+PKG_CPE_ID:=cpe:/a:apache:subversion
PKG_FIXUP:=autoreconf
PKG_MACRO_PATHS:=build/ac-macros
endef
define Package/subversion/Default/description
- Subversion is a free/open-source version control system. That is,
- Subversion manages files and directories, and the changes made to them,
- over time. This allows you to recover older versions of your data, or
- examine the history of how your data changed. In this regard, many
- people think of a version control system as a sort of time machine.
+ Subversion is a free/open-source version control system. That is,
+ Subversion manages files and directories, and the changes made to them,
+ over time. This allows you to recover older versions of your data, or
+ examine the history of how your data changed. In this regard, many
+ people think of a version control system as a sort of time machine.
endef
define Package/subversion-libs
include $(TOPDIR)/rules.mk
PKG_NAME:=travelmate
-PKG_VERSION:=1.4.9
+PKG_VERSION:=1.4.11
PKG_RELEASE:=1
PKG_LICENSE:=GPL-3.0+
PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>
SECTION:=net
CATEGORY:=Network
TITLE:=A wlan connection manager for travel router
- DEPENDS:=+iwinfo +jshn +jsonfilter +uclient-fetch
+ DEPENDS:=+iwinfo +jshn +jsonfilter +uclient-fetch +dnsmasq
PKGARCH:=all
endef
define Package/travelmate/install
$(INSTALL_DIR) $(1)/usr/bin
- $(INSTALL_BIN) ./files/travelmate.sh $(1)/usr/bin/
+ $(INSTALL_BIN) ./files/travelmate.sh $(1)/usr/bin
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/travelmate.init $(1)/etc/init.d/travelmate
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_CONF) ./files/travelmate.conf $(1)/etc/config/travelmate
+
+ $(INSTALL_DIR) $(1)/etc/travelmate
+ $(INSTALL_BIN) ./files/*.login $(1)/etc/travelmate
endef
$(eval $(call BuildPackage,travelmate))
* support all kinds of uplinks, incl. hidden and enterprise uplinks
* continuously checks the existing uplink connection (quality), e.g. for conditional uplink (dis-) connections
* captive portal detection with internet online check and a 'heartbeat' function to keep the uplink connection up & running
+* captive portal auto-login hook (configured via uci/LuCI), you could reference an external script for captive portal auto-logins (see example below)
* proactively scan and switch to a higher prioritized uplink, despite of an already existing connection
* support devices with multiple radios in any order
* procd init and hotplug support
* optional: the LuCI frontend shows the WiFi QR codes from all configured Access Points. It allows you to connect your Android or iOS devices to your router’s WiFi using the QR code
## Prerequisites
-* [OpenWrt](https://openwrt.org), tested with the stable release series (18.06.x) and with the latest OpenWrt snapshot
-* iwinfo for wlan scanning, uclient-fetch for captive portal detection
+* [OpenWrt](https://openwrt.org), tested with the stable release series (19.07.x) and with the latest OpenWrt snapshot
+* iwinfo for wlan scanning, uclient-fetch for captive portal detection, dnsmasq as dns backend
* optional: qrencode 4.x for QR code support
* optional: wpad (the full version, not wpad-mini) to use Enterprise WiFi
+* optional: curl to use external scripts for captive portal auto-logins
## Installation & Usage
* download the package [here](https://downloads.openwrt.org/snapshots/packages/x86_64/packages)
* trm\_maxretry => how many times should travelmate try to connect to an uplink (int/default: '3', valid range: 1-10)
* trm\_timeout => overall retry timeout in seconds (int/default: '60', valid range: 30-300)
* trm\_radio => limit travelmate to a single radio (e.g. 'radio1') or change the overall scanning priority (e.g. 'radio1 radio2 radio0') (default: not set, use all radios 0-n)
- * trm\_iface => main uplink / procd trigger network interface (default: trm_wwan)
+ * trm\_iface => uplink / procd trigger network interface (default: trm_wwan)
* trm\_triggerdelay => additional trigger delay in seconds before travelmate processing begins (int/default: '2')
+## Captive Portal auto-logins
+For automated captive portal logins you could reference external shell scripts. All login scripts should be executable and located in '/etc/travelmate' with the extension '.login'. The provided 'wifionice.login' script example requires curl and automates the login to german ICE hotspots, it also explains the principle approach to extract runtime data like security tokens for a succesful login. Hopefully more scripts for different captive portals will be provided by the community ...
+
+A typical/succesful captive portal login looks like this:
+<pre><code>
+[...]
+Mon Aug 5 10:15:48 2019 user.info travelmate-1.4.10[1481]: travelmate instance started ::: action: start, pid: 1481
+Mon Aug 5 10:16:17 2019 user.info travelmate-1.4.10[1481]: captive portal login '/etc/travelmate/wifionice.login' for 'www.wifionice.de' has been executed with rc '0'
+Mon Aug 5 10:16:23 2019 user.info travelmate-1.4.10[1481]: connected to uplink 'radio1/WIFIonICE/-' (1/5, GL.iNet GL-AR750S, OpenWrt SNAPSHOT r10644-cb49e46a8a)
+[...]
+</code></pre>
+
## Runtime information
**receive travelmate runtime information:**
<pre><code>
~# /etc/init.d/travelmate status
::: travelmate runtime information
- + travelmate_status : connected (net ok/78)
- + travelmate_version : 1.2.3
- + station_id : radio1/blackhole/01:02:03:04:05:06
+ + travelmate_status : connected (net ok/100)
+ + travelmate_version : 1.4.10
+ + station_id : radio1/blackhole/-
+ station_interface : trm_wwan
+ faulty_stations :
- + last_rundate : 07.09.2018 17:22:37
- + system : TP-LINK RE450, OpenWrt SNAPSHOT r8018-42f158314e
+ + last_rundate : 2019.08.03-20:37:19
+ + system : GL.iNet GL-AR750S, OpenWrt SNAPSHOT r10644-cb49e46a8a
</code></pre>
+To debug travelmate runtime problems, please always enable the 'trm\_debug' flag, restart travelmate and scan the system log (_logread -e "travelmate"_)
+
## Manual Setup
**1. configure the travelmate wwan interface in /etc/config/network:**
<pre><code>
#
LC_ALL=C
PATH="/usr/sbin:/usr/bin:/sbin:/bin"
-trm_ver="1.4.9"
+trm_ver="1.4.11"
trm_sysver="unknown"
trm_enabled=0
trm_debug=0
trm_sysver="${sys_model}, ${sys_desc}"
fi
- # get eap capabilities and rebind protection setting
+ # get eap capabilities
#
trm_eap="$("${trm_wpa}" -veap >/dev/null 2>&1; printf "%u" ${?})"
- trm_rebind="$(uci_get dhcp "@dnsmasq[0]" rebind_protection)"
# load config and check 'enabled' option
#
fi
fi
fi
- f_log "debug" "f_prep ::: config: ${config}, mode: ${mode}, network: ${network}, radio: ${radio}, trm_radio: ${trm_radio:-"-"}, trm_active_sta: ${trm_active_sta:-"-"}, proactive: ${proactive}, trm_eap: ${trm_eap:-"-"}, trm_rebind: ${trm_rebind:-"-"}, disabled: ${disabled}"
+ f_log "debug" "f_prep ::: config: ${config}, mode: ${mode}, network: ${network}, radio: ${radio}, trm_radio: ${trm_radio:-"-"}, trm_active_sta: ${trm_active_sta:-"-"}, proactive: ${proactive}, trm_eap: ${trm_eap:-"-"}, disabled: ${disabled}"
}
# check interface status
#
f_check()
{
- local IFS ifname radio dev_status last_status config sta_essid sta_bssid result cp_domain wait mode="${1}" status="${2:-"false"}"
+ local IFS ifname radio dev_status config sta_essid sta_bssid result uci_essid uci_bssid login_command bg_pid wait_time mode="${1}" status="${2:-"false"}" cp_domain="${3:-"false"}"
if [ "${mode}" != "initial" ] && [ "${status}" = "false" ]
then
ubus call network reload
- wait=$((trm_maxwait/6))
- sleep ${wait}
+ wait_time=$((trm_maxwait/6))
+ sleep ${wait_time}
fi
- wait=1
- while [ "${wait}" -le "${trm_maxwait}" ]
+ wait_time=1
+ while [ "${wait_time}" -le "${trm_maxwait}" ]
do
dev_status="$(ubus -S call network.wireless status 2>/dev/null)"
if [ -n "${dev_status}" ]
trm_devlist="$(f_trim "${trm_devlist} ${radio}")"
fi
done
- if [ "${trm_devlist}" = "${trm_radiolist}" ] || [ "${wait}" -eq "${trm_maxwait}" ]
+ if [ "${trm_devlist}" = "${trm_radiolist}" ] || [ "${wait_time}" -eq "${trm_maxwait}" ]
then
ifname="${trm_devlist}"
break
if [ "${mode}" = "initial" ] && [ "${trm_captive}" -eq 1 ]
then
result="$(${trm_fetch} --timeout=$((trm_maxwait/6)) "${trm_captiveurl}" -O /dev/null 2>&1 | \
- awk '/^Failed to redirect|^Redirected/{printf "%s" "net cp \047"$NF"\047";exit}/^Download completed/{printf "%s" "net ok";exit}/^Failed|^Connection error/{printf "%s" "net nok";exit}')"
+ awk '/^Failed to redirect|^Redirected/{printf "%s" "net cp \047"$NF"\047";exit}/^Download completed/{printf "%s" "net ok";exit}/^Failed|Connection error/{printf "%s" "net nok";exit}')"
+ if [ "${cp_domain}" = "true" ]
+ then
+ cp_domain="$(printf "%s" "${result}" | awk -F "[\\'| ]" '/^net cp/{printf "%s" $4}')"
+ uci_essid="$(printf "%s" "${dev_status}" | jsonfilter -l1 -e '@.*.interfaces[@.config.mode="sta"].config.ssid')"
+ uci_essid="$(printf "%s" "${uci_essid//[^[:alnum:]_]/_}" | awk '{print tolower($1)}')"
+ uci_bssid="$(printf "%s" "${dev_status}" | jsonfilter -l1 -e '@.*.interfaces[@.config.mode="sta"].config.bssid')"
+ uci_bssid="${uci_bssid//[^[:alnum:]_]/_}"
+ fi
fi
- if [ "${trm_ifquality}" -ge "${trm_minquality}" ] && [ "${result%/*}" != "net nok" ]
+ if [ "${trm_ifquality}" -ge "${trm_minquality}" ] && [ "${result}" != "net nok" ]
then
trm_ifstatus="$(ubus -S call network.interface dump 2>/dev/null | jsonfilter -l1 -e "@.interface[@.device=\"${ifname}\"].up")"
if [ "${trm_ifstatus}" = "true" ]
then
- if [ "${mode}" = "sta" ] && [ "${trm_captive}" -eq 1 ] && [ "${trm_rebind:-0}" -eq 1 ] && [ -x "/etc/init.d/dnsmasq" ]
+ if [ "${mode}" = "sta" ] && [ "${trm_captive}" -eq 1 ]
then
while true
do
result="$(${trm_fetch} --timeout=$((trm_maxwait/6)) "${trm_captiveurl}" -O /dev/null 2>&1 | \
- awk '/^Failed to redirect|^Redirected/{printf "%s" "net cp \047"$NF"\047";exit}/^Download completed/{printf "%s" "net ok";exit}/^Failed|^Connection error/{printf "%s" "net nok";exit}')"
+ awk '/^Failed to redirect|^Redirected/{printf "%s" "net cp \047"$NF"\047";exit}/^Download completed/{printf "%s" "net ok";exit}/^Failed|Connection error/{printf "%s" "net nok";exit}')"
cp_domain="$(printf "%s" "${result}" | awk -F "[\\'| ]" '/^net cp/{printf "%s" $4}')"
- if [ "${trm_netcheck}" -eq 1 ] && [ "${result%/*}" = "net nok" ]
+ uci_essid="$(printf "%s" "${dev_status}" | jsonfilter -l1 -e '@.*.interfaces[@.config.mode="sta"].config.ssid')"
+ uci_essid="$(printf "%s" "${uci_essid//[^[:alnum:]_]/_}" | awk '{print tolower($1)}')"
+ uci_bssid="$(printf "%s" "${dev_status}" | jsonfilter -l1 -e '@.*.interfaces[@.config.mode="sta"].config.bssid')"
+ uci_bssid="${uci_bssid//[^[:alnum:]_]/_}"
+ if [ "${trm_netcheck}" -eq 1 ] && [ "${result}" = "net nok" ]
then
trm_ifstatus="${status}"
f_jsnup
break
fi
uci -q add_list dhcp.@dnsmasq[0].rebind_domain="${cp_domain}"
- f_log "info" "captive portal domain '${cp_domain}' added to rebind whitelist"
+ f_log "info" "captive portal domain '${cp_domain}' added to to dhcp rebind whitelist"
+ if [ -z "$(uci_get travelmate "${uci_essid}${uci_bssid}")" ]
+ then
+ uci_add travelmate "login" "${uci_essid}${uci_bssid}"
+ uci_set travelmate "${uci_essid}${uci_bssid}" "command" "none"
+ f_log "info" "captive portal login section '${uci_essid}${uci_bssid}' added to travelmate config section"
+ fi
done
if [ -n "$(uci -q changes dhcp)" ]
then
uci_commit dhcp
/etc/init.d/dnsmasq reload
fi
+ if [ -n "$(uci -q changes travelmate)" ]
+ then
+ uci_commit travelmate
+ fi
+ fi
+ if [ -n "${cp_domain}" ] && [ "${cp_domain}" != "false" ] && [ -n "${uci_essid}" ] && [ "${trm_captive}" -eq 1 ]
+ then
+ trm_connection="${result:-"-"}/${trm_ifquality}"
+ f_jsnup
+ login_command="$(uci_get travelmate "${uci_essid}${uci_bssid}" command)"
+ if [ -x "${login_command}" ]
+ then
+ "${login_command}" >/dev/null 2>&1
+ rc=${?}
+ f_log "info" "captive portal login '${login_command:0:40}' for '${cp_domain}' has been executed with rc '${rc}'"
+ if [ "${rc}" -eq 0 ]
+ then
+ result="$(${trm_fetch} --timeout=$((trm_maxwait/6)) "${trm_captiveurl}" -O /dev/null 2>&1 | \
+ awk '/^Failed to redirect|^Redirected/{printf "%s" "net cp \047"$NF"\047";exit}/^Download completed/{printf "%s" "net ok";exit}/^Failed|Connection error/{printf "%s" "net nok";exit}')"
+ fi
+ fi
fi
trm_connection="${result:-"-"}/${trm_ifquality}"
f_jsnup
sta_bssid="$(printf "%s" "${dev_status}" | jsonfilter -l1 -e '@.*.interfaces[@.config.mode="sta"].*.bssid')"
if [ "${trm_ifquality}" -lt "${trm_minquality}" ]
then
+ unset trm_connection
+ trm_ifstatus="${status}"
f_log "info" "uplink '${sta_essid:-"-"}/${sta_bssid:-"-"}' is out of range (${trm_ifquality}/${trm_minquality})"
- elif [ "${trm_netcheck}" -eq 1 ] && [ "${result%/*}" = "net nok" ]
+ elif [ "${trm_netcheck}" -eq 1 ] && [ "${result}" = "net nok" ]
then
+ unset trm_connection
+ trm_ifstatus="${status}"
f_log "info" "uplink '${sta_essid:-"-"}/${sta_bssid:-"-"}' has no internet (${result})"
fi
- unset trm_connection
- trm_ifstatus="${status}"
f_jsnup
break
elif [ "${mode}" = "initial" ]
fi
fi
fi
- wait=$((wait+1))
+ wait_time=$((wait_time+1))
sleep 1
done
- f_log "debug" "f_check::: mode: ${mode}, name: ${ifname:-"-"}, status: ${trm_ifstatus}, connection: ${trm_connection:-"-"}, wait: ${wait}, max_wait: ${trm_maxwait}, min_quality: ${trm_minquality}, captive: ${trm_captive}, netcheck: ${trm_netcheck}"
+ f_log "debug" "f_check::: mode: ${mode}, name: ${ifname:-"-"}, status: ${trm_ifstatus}, connection: ${trm_connection:-"-"}, wait: ${wait_time}, max_wait: ${trm_maxwait}, min_quality: ${trm_minquality}, captive: ${trm_captive}, netcheck: ${trm_netcheck}"
}
# update runtime information
local IFS cnt dev config spec scan_list scan_essid scan_bssid scan_quality faulty_list
local station_id sta sta_essid sta_bssid sta_radio sta_iface active_essid active_bssid active_radio
- f_check "initial"
+ f_check "initial" "false" "true"
f_log "debug" "f_main ::: status: ${trm_ifstatus}, proactive: ${trm_proactive}"
if [ "${trm_ifstatus}" != "true" ] || [ "${trm_proactive}" -eq 1 ]
then
--- /dev/null
+#!/bin/sh
+# captive portal auto-login script for german ICE hotspots
+# written by Dirk Brenken (dev@brenken.org)
+
+# This is free software, licensed under the GNU General Public License v3.
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+domain="www.wifionice.de"
+cmd="$(command -v curl)"
+
+# curl check
+#
+if [ ! -x "${cmd}" ]
+then
+ exit 1
+fi
+
+# initial get request to receive & extract a valid security token
+#
+"${cmd}" "http://${domain}/en/" -s -o /dev/null -c "/tmp/${domain}.cookie"
+if [ -f "/tmp/${domain}.cookie" ]
+then
+ sec_token="$(awk '/csrf/{print $7}' "/tmp/${domain}.cookie")"
+ rm -f "/tmp/${domain}.cookie"
+else
+ exit 2
+fi
+
+# final post request/login with valid session cookie/security token
+#
+if [ -n "${sec_token}" ]
+then
+ "${cmd}" "http://${domain}/en/" -H "Cookie: csrf=${sec_token}" --data "login=true&CSRFToken=${sec_token}&connect="
+else
+ exit 3
+fi
PKG_NAME:=ulogd
PKG_VERSION:=2.0.7
-PKG_RELEASE:=1
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://netfilter.org/projects/ulogd/files/ \
ftp://ftp.netfilter.org/pub/ulogd/
PKG_HASH:=990a05494d9c16029ba0a83f3b7294fc05c756546b8d60d1c1572dc25249a92b
-PKG_LICENSE:=GPL-2.0
+PKG_MAINTAINER:=Alexandru Ardelean <ardeleanalex@gmail.com>
+PKG_LICENSE:=GPL-2.0-only
PKG_LICENSE_FILES:=COPYING
-PKG_MAINTAINER:=Nicolas Thill <nico@openwrt.org>
-PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
+
+PKG_BUILD_DEPENDS:=libnetfilter-acct libnetfilter-conntrack libnetfilter-log
+PKG_CONFIG_DEPENDS:= \
+ CONFIG_PACKAGE_ulogd-mod-dbi \
+ CONFIG_PACKAGE_ulogd-mod-mysql \
+ CONFIG_PACKAGE_ulogd-mod-pgsql \
+ CONFIG_PACKAGE_ulogd-mod-sqlite
include $(INCLUDE_DIR)/package.mk
define Package/ulogd/Default
SECTION:=net
CATEGORY:=Network
- URL:=http://www.netfilter.org/projects/ulogd/index.html
+ URL:=https://www.netfilter.org/projects/ulogd/index.html
endef
define Package/ulogd
TITLE:=Extra plugins
endef
-PKG_BUILD_DEPENDS:=libnetfilter-acct libnetfilter-conntrack libnetfilter-log
-
-PKG_CONFIG_DEPENDS:= \
- CONFIG_PACKAGE_ulogd-mod-dbi \
- CONFIG_PACKAGE_ulogd-mod-mysql \
- CONFIG_PACKAGE_ulogd-mod-pgsql \
- CONFIG_PACKAGE_ulogd-mod-sqlite \
-
-TARGET_CFLAGS += \
- -D_GNU_SOURCE \
-
CONFIGURE_ARGS += \
--enable-nfacct \
--enable-nfct \
- --enable-nflog \
+ --enable-nflog
ifneq ($(DEVELOPER)$(SDK)$(CONFIG_PACKAGE_ulogd-mod-dbi),)
CONFIGURE_ARGS += --with-dbi \
--- /dev/null
+From 9d9ea2cd70a369a7f665a322e6c53631e01a2570 Mon Sep 17 00:00:00 2001
+From: Andreas Jaggi <andreas.jaggi@waterwave.ch>
+Date: Wed, 30 May 2018 22:15:36 +0200
+Subject: ulogd: json: send messages to a remote host / unix socket
+
+Extend the JSON output plugin so that the generated JSON stream can be
+sent to a remote host via TCP/UDP or to a local unix socket.
+
+Signed-off-by: Andreas Jaggi <andreas.jaggi@waterwave.ch>
+Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+---
+ output/ulogd_output_JSON.c | 291 +++++++++++++++++++++++++++++++++++++++++----
+ ulogd.conf.in | 11 ++
+ 2 files changed, 281 insertions(+), 21 deletions(-)
+
+diff --git a/output/ulogd_output_JSON.c b/output/ulogd_output_JSON.c
+index 4d8e3e9..6edfa90 100644
+--- a/output/ulogd_output_JSON.c
++++ b/output/ulogd_output_JSON.c
+@@ -20,10 +20,15 @@
+
+ #include <stdio.h>
+ #include <stdlib.h>
++#include <unistd.h>
+ #include <string.h>
+ #include <time.h>
+ #include <errno.h>
+ #include <inttypes.h>
++#include <sys/types.h>
++#include <sys/socket.h>
++#include <sys/un.h>
++#include <netdb.h>
+ #include <ulogd/ulogd.h>
+ #include <ulogd/conffile.h>
+ #include <jansson.h>
+@@ -36,6 +41,10 @@
+ #define ULOGD_JSON_DEFAULT_DEVICE "Netfilter"
+ #endif
+
++#define host_ce(x) (x->ces[JSON_CONF_HOST])
++#define port_ce(x) (x->ces[JSON_CONF_PORT])
++#define mode_ce(x) (x->ces[JSON_CONF_MODE])
++#define file_ce(x) (x->ces[JSON_CONF_FILENAME])
+ #define unlikely(x) __builtin_expect((x),0)
+
+ struct json_priv {
+@@ -44,6 +53,15 @@ struct json_priv {
+ int usec_idx;
+ long cached_gmtoff;
+ char cached_tz[6]; /* eg +0200 */
++ int mode;
++ int sock;
++};
++
++enum json_mode {
++ JSON_MODE_FILE = 0,
++ JSON_MODE_TCP,
++ JSON_MODE_UDP,
++ JSON_MODE_UNIX
+ };
+
+ enum json_conf {
+@@ -53,6 +71,9 @@ enum json_conf {
+ JSON_CONF_EVENTV1,
+ JSON_CONF_DEVICE,
+ JSON_CONF_BOOLEAN_LABEL,
++ JSON_CONF_MODE,
++ JSON_CONF_HOST,
++ JSON_CONF_PORT,
+ JSON_CONF_MAX
+ };
+
+@@ -95,15 +116,167 @@ static struct config_keyset json_kset = {
+ .options = CONFIG_OPT_NONE,
+ .u = { .value = 0 },
+ },
++ [JSON_CONF_MODE] = {
++ .key = "mode",
++ .type = CONFIG_TYPE_STRING,
++ .options = CONFIG_OPT_NONE,
++ .u = { .string = "file" },
++ },
++ [JSON_CONF_HOST] = {
++ .key = "host",
++ .type = CONFIG_TYPE_STRING,
++ .options = CONFIG_OPT_NONE,
++ .u = { .string = "127.0.0.1" },
++ },
++ [JSON_CONF_PORT] = {
++ .key = "port",
++ .type = CONFIG_TYPE_STRING,
++ .options = CONFIG_OPT_NONE,
++ .u = { .string = "12345" },
++ },
+ },
+ };
+
++static void close_socket(struct json_priv *op) {
++ if (op->sock != -1) {
++ close(op->sock);
++ op->sock = -1;
++ }
++}
++
++static int _connect_socket_unix(struct ulogd_pluginstance *pi)
++{
++ struct json_priv *op = (struct json_priv *) &pi->private;
++ struct sockaddr_un u_addr;
++ int sfd;
++
++ close_socket(op);
++
++ ulogd_log(ULOGD_DEBUG, "connecting to unix:%s\n",
++ file_ce(pi->config_kset).u.string);
++
++ sfd = socket(AF_UNIX, SOCK_STREAM, 0);
++ if (sfd == -1) {
++ return -1;
++ }
++ u_addr.sun_family = AF_UNIX;
++ strncpy(u_addr.sun_path, file_ce(pi->config_kset).u.string,
++ sizeof(u_addr.sun_path) - 1);
++ if (connect(sfd, (struct sockaddr *) &u_addr, sizeof(struct sockaddr_un)) == -1) {
++ close(sfd);
++ return -1;
++ }
++
++ op->sock = sfd;
++
++ return 0;
++}
++
++static int _connect_socket_net(struct ulogd_pluginstance *pi)
++{
++ struct json_priv *op = (struct json_priv *) &pi->private;
++ struct addrinfo hints;
++ struct addrinfo *result, *rp;
++ int sfd, s;
++
++ close_socket(op);
++
++ ulogd_log(ULOGD_DEBUG, "connecting to %s:%s\n",
++ host_ce(pi->config_kset).u.string,
++ port_ce(pi->config_kset).u.string);
++
++ memset(&hints, 0, sizeof(struct addrinfo));
++ hints.ai_family = AF_UNSPEC;
++ hints.ai_socktype = op->mode == JSON_MODE_UDP ? SOCK_DGRAM : SOCK_STREAM;
++ hints.ai_protocol = 0;
++ hints.ai_flags = 0;
++
++ s = getaddrinfo(host_ce(pi->config_kset).u.string,
++ port_ce(pi->config_kset).u.string, &hints, &result);
++ if (s != 0) {
++ ulogd_log(ULOGD_ERROR, "getaddrinfo: %s\n", gai_strerror(s));
++ return -1;
++ }
++
++ for (rp = result; rp != NULL; rp = rp->ai_next) {
++ int on = 1;
++
++ sfd = socket(rp->ai_family, rp->ai_socktype,
++ rp->ai_protocol);
++ if (sfd == -1)
++ continue;
++
++ setsockopt(sfd, SOL_SOCKET, SO_REUSEADDR,
++ (char *) &on, sizeof(on));
++
++ if (connect(sfd, rp->ai_addr, rp->ai_addrlen) != -1)
++ break;
++
++ close(sfd);
++ }
++
++ freeaddrinfo(result);
++
++ if (rp == NULL) {
++ return -1;
++ }
++
++ op->sock = sfd;
++
++ return 0;
++}
++
++static int _connect_socket(struct ulogd_pluginstance *pi)
++{
++ struct json_priv *op = (struct json_priv *) &pi->private;
++
++ if (op->mode == JSON_MODE_UNIX)
++ return _connect_socket_unix(pi);
++ else
++ return _connect_socket_net(pi);
++}
++
++static int json_interp_socket(struct ulogd_pluginstance *upi, char *buf, int buflen)
++{
++ struct json_priv *opi = (struct json_priv *) &upi->private;
++ int ret = 0;
++
++ if (opi->sock != -1)
++ ret = send(opi->sock, buf, buflen, MSG_NOSIGNAL);
++ free(buf);
++ if (ret != buflen) {
++ ulogd_log(ULOGD_ERROR, "Failure sending message: %s\n",
++ strerror(errno));
++ if (ret == -1 || opi->sock == -1)
++ return _connect_socket(upi);
++ else
++ return ULOGD_IRET_ERR;
++ }
++
++ return ULOGD_IRET_OK;
++}
++
++static int json_interp_file(struct ulogd_pluginstance *upi, char *buf)
++{
++ struct json_priv *opi = (struct json_priv *) &upi->private;
++
++ fprintf(opi->of, "%s", buf);
++ free(buf);
++
++ if (upi->config_kset->ces[JSON_CONF_SYNC].u.value != 0)
++ fflush(opi->of);
++
++ return ULOGD_IRET_OK;
++}
++
+ #define MAX_LOCAL_TIME_STRING 38
+
+ static int json_interp(struct ulogd_pluginstance *upi)
+ {
+ struct json_priv *opi = (struct json_priv *) &upi->private;
+ unsigned int i;
++ char *buf;
++ int buflen;
+ json_t *msg;
+
+ msg = json_object();
+@@ -218,34 +391,65 @@ static int json_interp(struct ulogd_pluginstance *upi)
+ }
+ }
+
+- json_dumpf(msg, opi->of, 0);
+- fprintf(opi->of, "\n");
+
++ buf = json_dumps(msg, 0);
+ json_decref(msg);
++ if (buf == NULL) {
++ ulogd_log(ULOGD_ERROR, "Could not create message\n");
++ return ULOGD_IRET_ERR;
++ }
++ buflen = strlen(buf);
++ buf = realloc(buf, sizeof(char)*(buflen+2));
++ if (buf == NULL) {
++ ulogd_log(ULOGD_ERROR, "Could not create message\n");
++ return ULOGD_IRET_ERR;
++ }
++ strncat(buf, "\n", 1);
++ buflen++;
+
+- if (upi->config_kset->ces[JSON_CONF_SYNC].u.value != 0)
+- fflush(opi->of);
++ if (opi->mode == JSON_MODE_FILE)
++ return json_interp_file(upi, buf);
++ else
++ return json_interp_socket(upi, buf, buflen);
++}
+
+- return ULOGD_IRET_OK;
++static void reopen_file(struct ulogd_pluginstance *upi)
++{
++ struct json_priv *oi = (struct json_priv *) &upi->private;
++ FILE *old = oi->of;
++
++ ulogd_log(ULOGD_NOTICE, "JSON: reopening logfile\n");
++ oi->of = fopen(upi->config_kset->ces[0].u.string, "a");
++ if (!oi->of) {
++ ulogd_log(ULOGD_ERROR, "can't open JSON "
++ "log file: %s\n",
++ strerror(errno));
++ oi->of = old;
++ } else {
++ fclose(old);
++ }
++}
++
++static void reopen_socket(struct ulogd_pluginstance *upi)
++{
++ ulogd_log(ULOGD_NOTICE, "JSON: reopening socket\n");
++ if (_connect_socket(upi) < 0) {
++ ulogd_log(ULOGD_ERROR, "can't open JSON "
++ "socket: %s\n",
++ strerror(errno));
++ }
+ }
+
+ static void sighup_handler_print(struct ulogd_pluginstance *upi, int signal)
+ {
+ struct json_priv *oi = (struct json_priv *) &upi->private;
+- FILE *old = oi->of;
+
+ switch (signal) {
+ case SIGHUP:
+- ulogd_log(ULOGD_NOTICE, "JSON: reopening logfile\n");
+- oi->of = fopen(upi->config_kset->ces[0].u.string, "a");
+- if (!oi->of) {
+- ulogd_log(ULOGD_ERROR, "can't open JSON "
+- "log file: %s\n",
+- strerror(errno));
+- oi->of = old;
+- } else {
+- fclose(old);
+- }
++ if (oi->mode == JSON_MODE_FILE)
++ reopen_file(upi);
++ else
++ reopen_socket(upi);
+ break;
+ default:
+ break;
+@@ -255,6 +459,8 @@ static void sighup_handler_print(struct ulogd_pluginstance *upi, int signal)
+ static int json_configure(struct ulogd_pluginstance *upi,
+ struct ulogd_pluginstance_stack *stack)
+ {
++ struct json_priv *op = (struct json_priv *) &upi->private;
++ char *mode_str = mode_ce(upi->config_kset).u.string;
+ int ret;
+
+ ret = ulogd_wildcard_inputkeys(upi);
+@@ -265,13 +471,25 @@ static int json_configure(struct ulogd_pluginstance *upi,
+ if (ret < 0)
+ return ret;
+
++ if (!strcasecmp(mode_str, "udp")) {
++ op->mode = JSON_MODE_UDP;
++ } else if (!strcasecmp(mode_str, "tcp")) {
++ op->mode = JSON_MODE_TCP;
++ } else if (!strcasecmp(mode_str, "unix")) {
++ op->mode = JSON_MODE_UNIX;
++ } else if (!strcasecmp(mode_str, "file")) {
++ op->mode = JSON_MODE_FILE;
++ } else {
++ ulogd_log(ULOGD_ERROR, "unknown mode '%s'\n", mode_str);
++ return -EINVAL;
++ }
++
+ return 0;
+ }
+
+-static int json_init(struct ulogd_pluginstance *upi)
++static int json_init_file(struct ulogd_pluginstance *upi)
+ {
+ struct json_priv *op = (struct json_priv *) &upi->private;
+- unsigned int i;
+
+ op->of = fopen(upi->config_kset->ces[0].u.string, "a");
+ if (!op->of) {
+@@ -280,6 +498,27 @@ static int json_init(struct ulogd_pluginstance *upi)
+ return -1;
+ }
+
++ return 0;
++}
++
++static int json_init_socket(struct ulogd_pluginstance *upi)
++{
++ struct json_priv *op = (struct json_priv *) &upi->private;
++
++ if (host_ce(upi->config_kset).u.string == NULL)
++ return -1;
++ if (port_ce(upi->config_kset).u.string == NULL)
++ return -1;
++
++ op->sock = -1;
++ return _connect_socket(upi);
++}
++
++static int json_init(struct ulogd_pluginstance *upi)
++{
++ struct json_priv *op = (struct json_priv *) &upi->private;
++ unsigned int i;
++
+ /* search for time */
+ op->sec_idx = -1;
+ op->usec_idx = -1;
+@@ -293,15 +532,25 @@ static int json_init(struct ulogd_pluginstance *upi)
+
+ *op->cached_tz = '\0';
+
+- return 0;
++ if (op->mode == JSON_MODE_FILE)
++ return json_init_file(upi);
++ else
++ return json_init_socket(upi);
++}
++
++static void close_file(FILE *of) {
++ if (of != stdout)
++ fclose(of);
+ }
+
+ static int json_fini(struct ulogd_pluginstance *pi)
+ {
+ struct json_priv *op = (struct json_priv *) &pi->private;
+
+- if (op->of != stdout)
+- fclose(op->of);
++ if (op->mode == JSON_MODE_FILE)
++ close_file(op->of);
++ else
++ close_socket(op);
+
+ return 0;
+ }
+diff --git a/ulogd.conf.in b/ulogd.conf.in
+index 62222db..99cfc24 100644
+--- a/ulogd.conf.in
++++ b/ulogd.conf.in
+@@ -213,6 +213,17 @@ sync=1
+ # Uncomment the following line to use JSON v1 event format that
+ # can provide better compatility with some JSON file reader.
+ #eventv1=1
++# Uncomment the following lines to send the JSON logs to a remote host via UDP
++#mode="udp"
++#host="192.0.2.10"
++#port="10210"
++# Uncomment the following lines to send the JSON logs to a remote host via TCP
++#mode="tcp"
++#host="192.0.2.10"
++#port="10210"
++# Uncomment the following lines to send the JSON logs to a local unix socket
++#mode="unix"
++#file="/var/run/ulogd.socket"
+
+ [pcap1]
+ #default file is /var/log/ulogd.pcap
+--
+cgit v1.2.1
+
include $(TOPDIR)/rules.mk
PKG_NAME:=xl2tpd
-PKG_VERSION:=1.3.13
+PKG_VERSION:=1.3.14
PKG_RELEASE:=1
PKG_MAINTAINER:=Yousong Zhou <yszhou4tech@gmail.com>
PKG_LICENSE:=GPL-2.0
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE_VERSION:=v$(PKG_VERSION)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_MIRROR_HASH:=dbff24b8720063b510e711091459d6928d0bef332ead838aa63ed179ca02219e
+PKG_MIRROR_HASH:=4a35bb75bdd05964b1438771483a79a52eed2e30d0bc85e7481bf951d3bc0b96
PKG_BUILD_DEPENDS:=libpcap
include $(TOPDIR)/rules.mk
PKG_NAME:=yggdrasil
-PKG_VERSION:=0.3.5
-PKG_RELEASE:=4
+PKG_VERSION:=0.3.8
+PKG_RELEASE:=1
-PKG_SOURCE_URL:=https://codeload.github.com/yggdrasil-network/yggdrasil-go/tar.gz/v$(PKG_VERSION)?
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_HASH:=2c69029adeb053ad049e90f1e4b7efa986094779868da77464d3c869984e861b
+PKG_SOURCE_URL:=https://codeload.github.com/yggdrasil-network/yggdrasil-go/tar.gz/v$(PKG_VERSION)?
+PKG_HASH:=56eebbb63cf2d14897141ce037fb9aec407430718908cfeeb34fff355f08f9af
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-go-$(PKG_VERSION)
-PKG_LICENSE:=GPL-3.0
PKG_MAINTAINER:=William Fleurant <meshnet@protonmail.com>
+PKG_LICENSE:=LGPL-3.0-only
+PKG_LICENSE_FILES:=LICENSE
PKG_BUILD_DEPENDS:=golang/host
PKG_BUILD_PARALLEL:=1
procd_open_instance
procd_set_param respawn
- procd_set_param command /bin/ash -c "/usr/sbin/yggdrasil -useconffile /etc/yggdrasil.conf | logger -t yggdrasil"
+ procd_set_param command /usr/sbin/yggdrasil -useconffile /etc/yggdrasil.conf
+ procd_set_param stdout 1
+ procd_set_param stderr 1
procd_close_instance
}
include $(TOPDIR)/rules.mk
PKG_NAME:=zerotier
-PKG_VERSION:=1.2.12
-PKG_RELEASE:=4
+PKG_VERSION:=1.4.2
+PKG_RELEASE:=1
-PKG_SOURCE_URL:=https://codeload.github.com/zerotier/ZeroTierOne/tar.gz/$(PKG_VERSION)?
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_HASH:=212799bfaeb5e7dff20f2cd83f15742c8e13b8e9535606cfb85abcfb5fb6fed4
+PKG_SOURCE_URL:=https://codeload.github.com/zerotier/ZeroTierOne/tar.gz/$(PKG_VERSION)?
+PKG_HASH:=557a444127812384265ec97232bae43dce1d4b1545ddd72e2b1646c971dad7c5
PKG_BUILD_DIR:=$(BUILD_DIR)/ZeroTierOne-$(PKG_VERSION)
PKG_MAINTAINER:=Moritz Warning <moritzwarning@web.de>
TARGET_CFLAGS += -ffunction-sections -fdata-sections
TARGET_LDFLAGS += -Wl,--gc-sections
+ifdef CONFIG_USE_UCLIBC
+ TARGET_CFLAGS += -D'valloc(a)=aligned_alloc(getpagesize(),a)'
+endif
+
define Package/zerotier/conffiles
/etc/config/zerotier
endef
-From c578216351a4daa3916265b39b14f7c23ef15c90 Mon Sep 17 00:00:00 2001
+From 14454285d7ef5b9cd134c86059933036c1aa2fef Mon Sep 17 00:00:00 2001
From: Moritz Warning <moritzwarning@web.de>
Date: Mon, 23 Apr 2018 22:12:31 +0200
Subject: [PATCH 1/4] find miniupnpc.h in staging directory
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/make-linux.mk b/make-linux.mk
-index 2e6a8632..0cd955d1 100644
+index b81c7aeb..a547125d 100644
--- a/make-linux.mk
+++ b/make-linux.mk
-@@ -22,8 +22,8 @@ ONE_OBJS+=osdep/LinuxEthernetTap.o
+@@ -29,8 +29,8 @@ TIMESTAMP=$(shell date +"%Y%m%d%H%M")
# otherwise build into binary as done on Mac and Windows.
ONE_OBJS+=osdep/PortMapper.o
override DEFS+=-DZT_USE_MINIUPNPC
override DEFS+=-DZT_USE_SYSTEM_MINIUPNPC
LDLIBS+=-lminiupnpc
--
-2.17.0
+2.22.0
-From 7cfe751128d412a9b780ba5e4cb11908fc71cd3d Mon Sep 17 00:00:00 2001
+From 68fe97ef6b05e3709cd4b67c7681dcfc63bfaf80 Mon Sep 17 00:00:00 2001
From: Moritz Warning <moritzwarning@web.de>
Date: Mon, 30 Apr 2018 16:14:30 +0200
Subject: [PATCH 2/4] remove -pie
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/make-linux.mk b/make-linux.mk
-index 0cd955d1..add1d3ae 100644
+index a547125d..13244741 100644
--- a/make-linux.mk
+++ b/make-linux.mk
-@@ -63,11 +63,11 @@ ifeq ($(ZT_DEBUG),1)
+@@ -77,11 +77,11 @@ ifeq ($(ZT_DEBUG),1)
# C25519 in particular is almost UNUSABLE in -O0 even on a 3ghz box!
node/Salsa20.o node/SHA512.o node/C25519.o node/Poly1305.o: CXXFLAGS=-Wall -O2 -g -pthread $(INCLUDES) $(DEFS)
else
STRIP+=--strip-all
endif
--
-2.17.0
+2.22.0
+From a856855ab97e0775a08e1571a4ad26c264cb13f4 Mon Sep 17 00:00:00 2001
+From: Moritz Warning <moritzwarning@web.de>
+Date: Sun, 4 Aug 2019 03:56:37 +0200
+Subject: [PATCH 3/4] remove arm32 conservative CFLAGS
+
+---
+ make-linux.mk | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/make-linux.mk b/make-linux.mk
+index 13244741..fd164dfa 100644
--- a/make-linux.mk
+++ b/make-linux.mk
-@@ -231,7 +231,7 @@ ifeq ($(ZT_OFFICIAL),1)
+@@ -262,7 +262,7 @@ ifeq ($(ZT_OFFICIAL),1)
endif
# ARM32 hell -- use conservative CFLAGS
ifeq ($(shell if [ -e /usr/bin/dpkg ]; then dpkg --print-architecture; fi),armel)
override CFLAGS+=-march=armv5 -mfloat-abi=soft -msoft-float -mno-unaligned-access -marm
override CXXFLAGS+=-march=armv5 -mfloat-abi=soft -msoft-float -mno-unaligned-access -marm
+--
+2.22.0
+
-From a2cf8bf645d25f18cbc2ed7ad4b9a25725811afd Mon Sep 17 00:00:00 2001
+From 5169e5328525af28f6b7de087ece10a9bc0a2282 Mon Sep 17 00:00:00 2001
From: Moritz Warning <moritzwarning@web.de>
Date: Wed, 2 May 2018 16:06:46 +0200
Subject: [PATCH 4/4] accept external linker flags
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/make-linux.mk b/make-linux.mk
-index 49e14f70..8e766bfb 100644
+index fd164dfa..29ff8813 100644
--- a/make-linux.mk
+++ b/make-linux.mk
-@@ -67,7 +67,7 @@ else
+@@ -81,7 +81,7 @@ else
override CFLAGS+=-Wall -Wno-deprecated -pthread $(INCLUDES) -DNDEBUG $(DEFS)
CXXFLAGS?=-O3 -fstack-protector
override CXXFLAGS+=-Wall -Wno-deprecated -std=c++11 -pthread $(INCLUDES) -DNDEBUG $(DEFS)
STRIP+=--strip-all
endif
--
-2.17.0
+2.22.0
--- /dev/null
+--- a/make-linux.mk
++++ b/make-linux.mk
+@@ -38,7 +38,7 @@ else
+ override DEFS+=-DMINIUPNP_STATICLIB -DMINIUPNPC_SET_SOCKET_TIMEOUT -DMINIUPNPC_GET_SRC_ADDR -D_BSD_SOURCE -D_DEFAULT_SOURCE -D_XOPEN_SOURCE=600 -DOS_STRING=\"Linux\" -DMINIUPNPC_VERSION_STRING=\"2.0\" -DUPNP_VERSION_STRING=\"UPnP/1.1\" -DENABLE_STRNATPMPERR
+ ONE_OBJS+=ext/miniupnpc/connecthostport.o ext/miniupnpc/igd_desc_parse.o ext/miniupnpc/minisoap.o ext/miniupnpc/minissdpc.o ext/miniupnpc/miniupnpc.o ext/miniupnpc/miniwget.o ext/miniupnpc/minixml.o ext/miniupnpc/portlistingparse.o ext/miniupnpc/receivedata.o ext/miniupnpc/upnpcommands.o ext/miniupnpc/upnpdev.o ext/miniupnpc/upnperrors.o ext/miniupnpc/upnpreplyparse.o
+ endif
+-ifeq ($(wildcard /usr/include/natpmp.h),)
++ifeq ($(wildcard $(STAGING_DIR)/usr/include/natpmp.h),)
+ ONE_OBJS+=ext/libnatpmp/natpmp.o ext/libnatpmp/getgateway.o
+ else
+ LDLIBS+=-lnatpmp
PKG_NAME:=mpd
PKG_VERSION:=0.20.23
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://www.musicpd.org/download/mpd/0.20/
PKG_HASH:=503e5f9f237290f568ff7956ab2f9aed563594bf749f19b8fe994fb21434afea
-PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
-PKG_LICENSE:=GPL-2.0
+PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
+PKG_LICENSE:=GPL-2.0-or-later
PKG_LICENSE_FILES:=COPYING
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
define Package/mpd-full
$(call Package/mpd/Default)
TITLE+= (full)
- DEPENDS+= +libffmpeg +libid3tag +libmms +libupnp +libshout +pulseaudio-daemon
+ DEPENDS+= +libffmpeg +libid3tag +libmms +libupnp +libshout +pulseaudio-daemon +yajl
PROVIDES:=mpd
VARIANT:=full
endef
--enable-recorder-output \
--enable-shout \
--enable-pulse \
- --disable-vorbis
+ --disable-vorbis \
+ --enable-soundcloud
endif
ifeq ($(BUILD_VARIANT),mini)
--disable-id3 \
--disable-mms \
--disable-shout \
+ --disable-soundcloud \
--disable-pulse \
--enable-vorbis \
--with-tremor=yes \
include $(TOPDIR)/rules.mk
PKG_NAME:=upmpdcli
-PKG_VERSION:=1.4.0
+PKG_VERSION:=1.4.2
PKG_RELEASE:=1
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://www.lesbonscomptes.com/upmpdcli/downloads
+PKG_HASH:=1d4489e76416b9cff2e98a68243d56bf46303890752ac18db382be2859b62bc3
+
PKG_MAINTAINER:=Petko Bordjukov <bordjukov@gmail.com>
-PKG_LICENSE:=GPL-2.0
+PKG_LICENSE:=LGPL-2.1-or-later
PKG_LICENSE_FILES:=COPYING
-PKG_SOURCE_URL:=https://www.lesbonscomptes.com/upmpdcli/downloads
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_HASH:=28742910fa16b72f0c4e5b7dc561f59aa7f1a5fdd3e8e4f72f359d2e4af90d35
-
-PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
local val
config_get val "$cfg" "$var"
- [ -n "$val" -o -n "$def" ] && procd_append_param command $opt "${val:-$def}"
+ if [ -n "$val" ] || [ -n "$def" ]; then
+ procd_append_param command "$opt" "${val:-$def}"
+ fi
}
start_instance() {
+++ /dev/null
-From 256394399f57ba6e3057ee2c981127a14e4623f8 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?J=C3=B6rg=20Krause?= <joerg.krause@embedded.rocks>
-Date: Tue, 22 Jan 2019 09:07:56 +0100
-Subject: [PATCH] Use uint64_t instead of u_int64_t
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-`uintN_t` is standard C99 type available in `<stdint.h>`, whereas `u_intN_t`
-is defined `<sys/types.h>`
-
-As upmpdcli already uses the `uintN_t` type, replace the few existing
-`u_intN_t` types, as it breaks build with the musl C library, which is
-very strict, because of the missing `<sys/types.h>`:
-
-```
-src/mediaserver/cdplugins/netfetch.h:71:5: error: ‘u_int64_t’ does not name a type
- u_int64_t datacount() {
-```
----
- src/mediaserver/cdplugins/netfetch.h | 12 ++++++------
- 1 file changed, 6 insertions(+), 6 deletions(-)
-
-diff --git a/src/mediaserver/cdplugins/netfetch.h b/src/mediaserver/cdplugins/netfetch.h
-index d7e9df4..d105e53 100644
---- a/src/mediaserver/cdplugins/netfetch.h
-+++ b/src/mediaserver/cdplugins/netfetch.h
-@@ -68,7 +68,7 @@ public:
- /// Reset after transfer done, for retrying for exemple.
- virtual bool reset() = 0;
-
-- u_int64_t datacount() {
-+ uint64_t datacount() {
- return fetch_data_count;
- }
-
-@@ -84,11 +84,11 @@ public:
- buf1cb = f;
- }
- // Called when the network transfer is done
-- void setEOFetchCB(std::function<void(bool ok, u_int64_t count)> f) {
-+ void setEOFetchCB(std::function<void(bool ok, uint64_t count)> f) {
- eofcb = f;
- }
- // Called every time we get new data from the remote
-- void setFetchBytesCB(std::function<void(u_int64_t count)> f) {
-+ void setFetchBytesCB(std::function<void(uint64_t count)> f) {
- fbcb = f;
- }
-
-@@ -98,11 +98,11 @@ protected:
- std::string _url;
- uint64_t startoffset;
- int timeoutsecs{0};
-- u_int64_t fetch_data_count{0};
-+ uint64_t fetch_data_count{0};
- BufXChange<ABuffer*> *outqueue{nullptr};
- std::function<bool(std::string&, void *, int)> buf1cb;
-- std::function<void(u_int64_t)> fbcb;
-- std::function<void(bool, u_int64_t)> eofcb;
-+ std::function<void(uint64_t)> fbcb;
-+ std::function<void(bool, uint64_t)> eofcb;
- };
-
- #endif /* _MEDIAFETCH_H_INCLUDED_ */
---
-2.11.0
-
PKG_NAME:=attr
PKG_VERSION:=2.4.48
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://git.savannah.nongnu.org/cgit/attr.git/snapshot
PKG_HASH:=095699f71230ace37e5bc680c6f9d15cf8e53eb38d00b2c46db5cc7e0712e5f3
-PKG_MAINTAINER:=Maxim Storchak <m.storchak@gmail.com>
-PKG_LICENSE:=LGPL-2.1 GPL-2.0
-PKG_LICENSE_FILES:=doc/COPYING doc/COPYING.LGPL
+PKG_MAINTAINER:=Maxim Storchak <m.storchak@gmail.com>
-PKG_INSTALL:=1
PKG_FIXUP:=autoreconf
+PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
SECTION:=utils
CATEGORY:=Utilities
TITLE+=utils
+ LICENSE:=GPL-2.0-or-later
+ LICENSE_FILES:=doc/COPYING
DEPENDS:=+libattr
endef
SECTION:=libs
CATEGORY:=Libraries
TITLE+=library
+ LICENSE:=LGPL-2.1-or-later
+ LICENSE_FILES:=doc/COPYING.LGPL
endef
define Package/libattr/description
endef
define Build/InstallDev
- mkdir -p $(1)/usr/include
- mkdir -p $(1)/usr/lib/pkgconfig
+ $(INSTALL_DIR) $(1)/usr/include
+ $(INSTALL_DIR) $(1)/usr/lib/pkgconfig
$(CP) $(PKG_INSTALL_DIR)/usr/{include,lib} $(1)/usr/
endef
--- /dev/null
+From 0ce120a140dadaa56875af2efc66ff805d37925b Mon Sep 17 00:00:00 2001
+From: Rosen Penev <rosenp@gmail.com>
+Date: Sun, 11 Aug 2019 16:17:11 -0700
+Subject: [PATCH] attr: Replace bzero with memset
+
+bzero is a deprecated function that is optionally unavailable with
+uClibc-ng.
+
+Signed-off-by: Rosen Penev <rosenp@gmail.com>
+---
+ include/attributes.h | 4 ++--
+ libattr/libattr.c | 4 ++--
+ tools/attr.c | 2 +-
+ 3 files changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/include/attributes.h b/include/attributes.h
+index 14beb8f..039c817 100644
+--- a/include/attributes.h
++++ b/include/attributes.h
+@@ -91,9 +91,9 @@ typedef struct attrlist_ent { /* data from attr_list() */
+ * Implement a "cursor" for use in successive attr_list() calls.
+ * It provides a way to find the last attribute that was returned in the
+ * last attr_list() call so that we can get the next one without missing
+- * any. This should be bzero()ed before use and whenever it is desired to
++ * any. This should be zeroed before use and whenever it is desired to
+ * start over from the beginning of the attribute list. The only valid
+- * operation on a cursor is to bzero() it.
++ * operation on a cursor is to zero it.
+ */
+ typedef struct attrlist_cursor {
+ uint32_t opaque[4]; /* an opaque cookie */
+diff --git a/libattr/libattr.c b/libattr/libattr.c
+index d550e10..2ebd1c5 100644
+--- a/libattr/libattr.c
++++ b/libattr/libattr.c
+@@ -298,7 +298,7 @@ attr_list(const char *path, char *buffer, const int buffersize, int flags,
+ errno = EINVAL;
+ return -1;
+ }
+- bzero(buffer, sizeof(attrlist_t));
++ memset(buffer, 0, sizeof(attrlist_t));
+
+ if (flags & ATTR_DONTFOLLOW)
+ length = llistxattr(path, lbuf, sizeof(lbuf));
+@@ -348,7 +348,7 @@ attr_listf(int fd, char *buffer, const int buffersize, int flags,
+ errno = EINVAL;
+ return -1;
+ }
+- bzero(buffer, sizeof(attrlist_t));
++ memset(buffer, 0, sizeof(attrlist_t));
+
+ length = flistxattr(fd, lbuf, sizeof(lbuf));
+ if (length < 0)
+diff --git a/tools/attr.c b/tools/attr.c
+index c8aa0b4..312aef1 100644
+--- a/tools/attr.c
++++ b/tools/attr.c
+@@ -228,7 +228,7 @@ main(int argc, char **argv)
+ perror("malloc");
+ exit(1);
+ }
+- bzero((char *)&cursor, sizeof(cursor));
++ memset(&cursor, 0, sizeof(cursor));
+ do {
+ error = attr_list(filename, buffer, BUFSIZE,
+ attrflags, &cursor);
+--
+2.17.1
+
include $(TOPDIR)/rules.mk
PKG_NAME:=btrfs-progs
-PKG_VERSION:=5.1.1
+PKG_VERSION:=5.2.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-v$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@KERNEL/linux/kernel/people/kdave/btrfs-progs
-PKG_HASH:=9cb91b7de9e10aa6bbf2b003f60bb3f5e5b1984a8008fad7c4b2d3978f5ebe1b
+PKG_HASH:=36ac4a0198ffff79d5800c537ea4b19769a8fd3ad870f75413d25b20e2d83233
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-v$(PKG_VERSION)
PKG_MAINTAINER:=Karel Kočí <karel.koci@nic.cz>
-PKG_LICENSE:=GPL-2.0
+PKG_LICENSE:=GPL-2.0-only
PKG_LICENSE_FILES:=COPYING
PKG_INSTALL:=1
source "$(SOURCE)/Config.in"
endef
-progs = btrfs btrfs-find-root btrfs-image btrfs-map-logical \
- btrfs-select-super btrfstune mkfs.btrfs
+boxprogs = btrfsck mkfs.btrfs btrfs-image btrfstune btrfs-find-root
+progs = btrfs-map-logical btrfs-select-super
TARGET_CFLAGS += -ffunction-sections -fdata-sections
TARGET_LDFLAGS += -Wl,--gc-sections -Wl,--as-needed
CONFIGURE_ARGS += --disable-zstd
endif
+MAKE_INSTALL_FLAGS += BUILD_PROGRAMS=0
+
+Build/Compile=$(call Build/Compile/Default,btrfs.box $(progs))
+
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libbtrfs.so* $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libbtrfsutil.so* $(1)/usr/lib
$(INSTALL_DIR) $(1)/usr/bin
- $(INSTALL_BIN) $(addprefix $(PKG_INSTALL_DIR)/usr/bin/, $(progs)) $(1)/usr/bin/
- $(LN) btrfs $(1)/usr/bin/btrfsck
- $(INSTALL_DIR) $(1)/etc/init.d
- $(INSTALL_BIN) ./files/btrfs-scan.init $(1)/etc/init.d/btrfs-scan
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/btrfs.box $(1)/usr/bin/btrfs
+ $(foreach prog,$(boxprogs),$(LN) btrfs $(1)/usr/bin/$(prog);)
+ $(foreach prog,$(progs),$(INSTALL_BIN) $(PKG_BUILD_DIR)/$(prog) $(1)/usr/bin/;)
+ $(INSTALL_DIR) $(1)/lib/preinit
+ $(INSTALL_BIN) ./files/btrfs-scan.init $(1)/lib/preinit/85_btrfs_scan
endef
$(eval $(call BuildPackage,btrfs-progs))
-#!/bin/sh /etc/rc.common
-# Copyright (C) 2014 OpenWrt.org
+#!/bin/sh
-START=19
-
-start() {
- grep -q btrfs /proc/filesystems && /usr/bin/btrfs device scan
+preinit_btrfs_scan() {
+ grep -vq btrfs /proc/filesystems || btrfs device scan
}
+boot_hook_add preinit_main preinit_btrfs_scan
PKG_NAME:=collectd
PKG_VERSION:=5.9.0
-PKG_RELEASE:=3
+PKG_RELEASE:=4
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://collectd.org/files/ \
teamspeak2 \
ted \
thermal \
+ threshold \
unixsock \
uptime \
users \
$(eval $(call BuildPlugin,ted,The Energy Detective input,ted,))
$(eval $(call BuildPlugin,tcpconns,TCP connection tracking input,tcpconns,))
$(eval $(call BuildPlugin,thermal,system temperatures input,thermal,))
+$(eval $(call BuildPlugin,threshold,Notifications and thresholds,threshold,))
$(eval $(call BuildPlugin,unixsock,unix socket output,unixsock,))
$(eval $(call BuildPlugin,uptime,uptime status input,uptime,))
$(eval $(call BuildPlugin,users,user logged in status input,users,))
config_get ReadThreads globals ReadThreads 2
printf "ReadThreads \"%s\"\n" "$ReadThreads" >> "$COLLECTD_CONF"
- config_get Hostname globals Hostname "$(hostname)"
+ config_get Hostname globals Hostname "$(uname -n)"
printf "Hostname \"%s\"\n" "$Hostname" >> "$COLLECTD_CONF"
printf "\n" >> "$COLLECTD_CONF"
}
start_service() {
+ process_config
+
procd_open_instance
procd_set_param command /usr/sbin/collectd
procd_append_param command -C "$COLLECTD_CONF"
- procd_append_param command -f # don't daemonize, procd will handle that for us
+ procd_append_param command -f # don't daemonize
procd_set_param nice "$NICEPRIO"
-
- process_config
-
- # set auto respawn behavior
+ procd_set_param stderr 1
procd_set_param respawn
procd_close_instance
}
-
+++ /dev/null
---- a/src/ping.c
-+++ b/src/ping.c
-@@ -648,7 +648,7 @@ static int ping_read(void) /* {{{ */
- ((double)(pkg_recv * (pkg_recv - 1))));
-
- /* Calculate drop rate. */
-- droprate = ((double)(pkg_sent - pkg_recv)) / ((double)pkg_sent);
-+ droprate = ((double)(pkg_sent - pkg_recv)) * 100 / ((double)pkg_sent);
-
- submit(hl->host, "ping", latency_average);
- submit(hl->host, "ping_stddev", latency_stddev);
include $(TOPDIR)/rules.mk
PKG_NAME:=docker-ce
-PKG_VERSION:=18.09.8
+PKG_VERSION:=19.03.1
PKG_RELEASE:=1
PKG_LICENSE:=Apache-2.0
PKG_LICENSE_FILES:=components/cli/LICENSE components/engine/LICENSE
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/docker/docker-ce/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=33dfaf3cf296f8e9011ec6ed2de0125dfeaf8a938126f0218b0218a156c14014
-PKG_SOURCE_VERSION:=0dd43dd87f
+PKG_HASH:=dad9123e203751ce9981bc34773721593655231c32412e310e748b18f10f0053
+PKG_SOURCE_VERSION:=74b1e89e8a
PKG_MAINTAINER:=Gerard Ryan <G.M0N3Y.2503@gmail.com>
# values from respective '.installer' files at https://github.com/docker/docker-ce/blob/v$(PKG_VERSION)/components/engine/hack/dockerfile/install/
$(eval $(call CheckExpectedSrcVer,../containerd/Makefile,894b81a4b802e4eb2a91d1ce216b8817763c29fb))
-$(eval $(call CheckExpectedSrcVer,../libnetwork/Makefile,e7933d41e7b206756115aa9df5e0599fc5169742))
+$(eval $(call CheckExpectedSrcVer,../libnetwork/Makefile,fc5a7d91d54cc98f64fc28f9e288b46a0bee756c))
$(eval $(call CheckExpectedSrcVer,../runc/Makefile,425e105d5a03fabd737a126ad93d62a9eeede87f))
$(eval $(call CheckExpectedSrcVer,../tini/Makefile,fec3683b971d9c3ef73f284f176672c44b448662))
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/dockerd.init $(1)/etc/init.d/dockerd
+
+ $(INSTALL_DIR) $(1)/etc/docker
+ $(INSTALL_CONF) ./files/daemon.json $(1)/etc/docker/
endef
$(eval $(call BuildPackage,docker-ce))
--- /dev/null
+{
+ "data-root": "/opt/docker/"
+}
USE_PROCD=1
START=25
-# docker can't run with a symlink in the path so we just use /opt/docker/
start_service() {
procd_open_instance
- procd_set_param command /usr/bin/dockerd -g /opt/docker/
+ procd_set_param command /usr/bin/dockerd
procd_close_instance
}
include $(TOPDIR)/rules.mk
PKG_NAME:=dump1090
-PKG_VERSION:=2017-06-01
+PKG_VERSION:=3.7.1
PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://github.com/mutability/dump1090.git
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=b155fdb458c3241ab375d1f2b12fbb6a9f8a8a3a
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.xz
-PKG_MIRROR_HASH:=bea40197bce22c837273848bc75d273c2688b131c11895685a35ee6c6242843a
-PKG_MAINTAINER:=Álvaro Fernández Rojas <noltari@gmail.com>
+PKG_SOURCE_URL:=https://github.com/flightaware/dump1090
+PKG_SOURCE_VERSION:=v$(PKG_VERSION)
+PKG_MIRROR_HASH:=d7ed250d624eae2eec6c0a2dd410986f42230bf929dab67893ea3bf1cab8a203
-PKG_LICENSE:=GPL-2.0
+PKG_MAINTAINER:=Álvaro Fernández Rojas <noltari@gmail.com>
+PKG_LICENSE:=GPL-2.0-or-later
PKG_LICENSE_FILES:=COPYING LICENSE
PKG_BUILD_DEPENDS:=libusb
+PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
CATEGORY:=Utilities
TITLE:=Mode S decoder for the Realtek RTL2832U
URL:=https://github.com/mutability/dump1090
- DEPENDS:=+libpthread
endef
define Package/dump1090
$(call Package/dump1090/Default)
TITLE+= (dump1090)
- DEPENDS+= +librtlsdr +uhttpd
+ DEPENDS+=+librtlsdr +uhttpd +libncurses
endef
define Package/view1090
$(call Package/dump1090/Default)
TITLE+= (view1090)
+ DEPENDS+=+libncurses
endef
define Package/dump1090/description
endef
MAKE_FLAGS += \
+ BLADERF=no \
CFLAGS="$(TARGET_CFLAGS)" \
UNAME="Linux"
+TARGET_CFLAGS += -ffunction-sections -fdata-sections -flto
+TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed
+
define Package/dump1090/install
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) files/dump1090.init $(1)/etc/init.d/dump1090
local val
config_get val "$cfg" "$var"
- [ -n "$val" -o -n "$def" ] && procd_append_param command $opt "${val:-$def}"
+ if [ -n "$val" ] || [ -n "$def" ]; then
+ procd_append_param command "$opt" "${val:-$def}"
+ fi
}
append_bool() {
append_arg "$cfg" html_dir "--html-dir"
append_arg "$cfg" write_json "--write-json"
config_get aux "$cfg" "write_json"
- [ -n "$aux" ] && mkdir -p $aux
+ [ -n "$aux" ] && mkdir -p "$aux"
append_arg "$cfg" write_json_every "--write-json-every"
append_arg "$cfg" json_location_accuracy "--json-location-accuracy"
append_bool "$cfg" oversample "--oversample"
PKG_NAME:=ecdsautils
PKG_VERSION:=0.3.2.20160630
PKG_RELEASE:=1
-PKG_REV:=07538893fb6c2a9539678c45f9dbbf1e4f222b46
-PKG_MAINTAINER:=Matthias Schiffer <mschiffer@universe-factory.net>
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_MIRROR_HASH:=397395a471c0b5af1a173666ba21a5bedb4c3423a6e37c545c3627bed73dcb76
-PKG_SOURCE_URL:=git://github.com/tcatm/$(PKG_NAME).git
-PKG_SOURCE_VERSION:=$(PKG_REV)
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+
PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://github.com/freifunk-gluon/ecdsautils
+PKG_SOURCE_VERSION:=07538893fb6c2a9539678c45f9dbbf1e4f222b46
+PKG_MIRROR_HASH:=397395a471c0b5af1a173666ba21a5bedb4c3423a6e37c545c3627bed73dcb76
+
+PKG_MAINTAINER:=Matthias Schiffer <mschiffer@universe-factory.net>
+PKG_LICENSE_FILES:=COPYRIGHT
+
+PKG_BUILD_PARALLEL:=1
+CMAKE_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/cmake.mk
DEPENDS:=+libuecc
TITLE:=ECDSA library
URL:=https://github.com/tcatm/ecdsautils
+ LICENSE:=MIT
endef
define Package/ecdsautils
DEPENDS:=+libecdsautil +libuecc
TITLE:=ECDSA Utilities
URL:=https://github.com/tcatm/ecdsautils
+ LICENSE:=BSD-2-Clause
endef
-CMAKE_OPTIONS += \
- -DCMAKE_BUILD_TYPE:String="MINSIZEREL" \
-
-
define Package/libecdsautil/description
Library to sign and verify checksums using ECDSA.
endef
Utilities to sign and verify checksums using ECDSA.
endef
+CMAKE_OPTIONS += \
+ -DCMAKE_BUILD_TYPE:String="MINSIZEREL"
+
define Package/libecdsautil/install
$(INSTALL_DIR) $(1)/usr/lib/
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libecdsautil.so* $(1)/usr/lib/
$(CP) $(PKG_INSTALL_DIR)/usr/bin/ecdsaverify $(1)/usr/bin/
endef
-define Build/InstallDev
- $(INSTALL_DIR) $(1)/usr/
- $(CP) $(PKG_INSTALL_DIR)/usr/include $(1)/usr/
- $(CP) $(PKG_INSTALL_DIR)/usr/lib $(1)/usr/
-endef
-
$(eval $(call BuildPackage,libecdsautil))
$(eval $(call BuildPackage,ecdsautils))
include $(TOPDIR)/rules.mk
PKG_NAME:=evtest
-PKG_VERSION:=1.33
+PKG_VERSION:=1.34
PKG_RELEASE:=1
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://cgit.freedesktop.org/evtest/snapshot
-PKG_HASH:=5037d1162f4c407053cd97e85763ba03150a0c35f929ee9bf9a360abd32ef1c1
-PKG_MAINTAINER:=Pushpal Sidhu <psidhu.devel@gmail.com>
+PKG_HASH:=e49f1f160b30c8f7c2a4caef5ab655f1caf816483d19fdedd6db2d251d7ab80e
-PKG_LICENSE:=GPL-2.0
+PKG_MAINTAINER:=Pushpal Sidhu <psidhu.devel@gmail.com>
+PKG_LICENSE:=GPL-2.0-or-later
PKG_LICENSE_FILES:=COPYING
PKG_FIXUP:=autoreconf
+PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
-include $(INCLUDE_DIR)/autotools.mk
define Package/evtest
SECTION:=utils
CATEGORY:=Utilities
TITLE:=Event Test Program
+ URL:=https://gitlab.freedesktop.org/libevdev/evtest
endef
define Package/evtest/description
-#
+#
# Copyright (C) 2006-2016 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
PKG_NAME:=findutils
PKG_VERSION:=4.6.0
-PKG_RELEASE:=3
-
-PKG_LICENSE:=GPL-3.0+
+PKG_RELEASE:=4
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@GNU/$(PKG_NAME)
PKG_HASH:=ded4c9f73731cd48fec3b6bdaccce896473b6d8e337e9612e16cf1431bb1169d
+
PKG_MAINTAINER:=Daniel Dickinson <cshored@thecshore.com>
+PKG_LICENSE:=GPL-3.0-or-later
+PKG_LICENSE_FILES:=COPYING
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
--- /dev/null
+--- a/gl/lib/mountlist.c
++++ b/gl/lib/mountlist.c
+@@ -33,6 +33,8 @@
+
+ #include <unistd.h>
+
++#include <sys/sysmacros.h>
++
+ #if HAVE_SYS_PARAM_H
+ # include <sys/param.h>
+ #endif
PKG_NAME:=gddrescue
PKG_VERSION:=1.23
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)_$(PKG_VERSION).orig.tar.xz
PKG_SOURCE_URL:=http://http.debian.net/debian/pool/main/g/$(PKG_NAME)
CATEGORY:=Utilities
TITLE:=Data recovery tool
URL:=https://www.gnu.org/software/ddrescue/
- DEPENDS:=$(CXX_DEPENDS) @!USE_UCLIBC
+ DEPENDS:=$(CXX_DEPENDS)
endef
define Package/gddrescue/description
--- /dev/null
+--- a/fillbook.cc
++++ b/fillbook.cc
+@@ -31,6 +31,9 @@
+ #include "block.h"
+ #include "mapbook.h"
+
++#ifdef __UCLIBCXX_MAJOR__
++#undef fputc
++#endif
+
+ // Return values: 1 write error, 0 OK.
+ //
+--- a/genbook.cc
++++ b/genbook.cc
+@@ -31,6 +31,9 @@
+ #include "block.h"
+ #include "mapbook.h"
+
++#ifdef __UCLIBCXX_MAJOR__
++#undef fputc
++#endif
+
+ const char * format_time( const long t, const bool low_prec )
+ {
+--- a/loggers.cc
++++ b/loggers.cc
+@@ -25,6 +25,9 @@
+ #include "block.h"
+ #include "loggers.h"
+
++#ifdef __UCLIBCXX_MAJOR__
++#undef fputc
++#endif
+
+ namespace {
+
+--- a/main.cc
++++ b/main.cc
+@@ -46,6 +46,11 @@
+ #include "non_posix.h"
+ #include "rescuebook.h"
+
++#ifdef __UCLIBCXX_MAJOR__
++#undef fgetc
++#undef fputc
++#endif
++
+ #ifndef O_BINARY
+ #define O_BINARY 0
+ #endif
+--- a/main_common.cc
++++ b/main_common.cc
+@@ -15,6 +15,10 @@
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
++#ifdef __UCLIBCXX_MAJOR__
++#undef fputc
++#endif
++
+ int verbosity = 0;
+
+ namespace {
+--- a/mapbook.cc
++++ b/mapbook.cc
+@@ -32,6 +32,10 @@
+ #include "block.h"
+ #include "mapbook.h"
+
++#ifdef __UCLIBCXX_MAJOR__
++#undef fgetc
++#undef fputc
++#endif
+
+ namespace {
+
+--- a/mapfile.cc
++++ b/mapfile.cc
+@@ -29,6 +29,11 @@
+
+ #include "block.h"
+
++#ifdef __UCLIBCXX_MAJOR__
++#undef fgetc
++#undef ferror
++#undef feof
++#endif
+
+ namespace {
+
+--- a/rescuebook.cc
++++ b/rescuebook.cc
+@@ -36,6 +36,9 @@
+ #include "mapbook.h"
+ #include "rescuebook.h"
+
++#ifdef __UCLIBCXX_MAJOR__
++#undef fputc
++#endif
+
+ namespace {
+
include $(TOPDIR)/rules.mk
PKG_NAME:=gpsd
-PKG_VERSION:=3.17
-PKG_RELEASE:=3
+PKG_VERSION:=3.19
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@SAVANNAH/$(PKG_NAME)
-PKG_HASH:=68e0dbecfb5831997f8b3d6ba48aed812eb465d8c0089420ab68f9ce4d85e77a
+PKG_HASH:=27dd24d45b2ac69baab7933da2bf6ae5fb0be90130f67e753c110a3477155f39
PKG_MAINTAINER:=Pushpal Sidhu <psidhu.devel@gmail.com>
PKG_LICENSE:=BSD-3-Clause
define Package/gpsd/Default
DEPENDS+= +libusb-1.0
- URL:=http://catb.org/gpsd/
+ URL:=https://gpsd.gitlab.io/gpsd/
endef
define Package/gpsd/Default/description
+++ /dev/null
---- a/driver_ais.c
-+++ b/driver_ais.c
-@@ -24,6 +24,7 @@
-
- /* strlcpy() needs _DARWIN_C_SOURCE */
- #define _DARWIN_C_SOURCE
-+#define _BSD_SOURCE
-
- #include <stdlib.h>
- #include <string.h>
---- a/gpsctl.c
-+++ b/gpsctl.c
-@@ -15,6 +15,7 @@
-
- /* strlcpy() needs _DARWIN_C_SOURCE */
- #define _DARWIN_C_SOURCE
-+#define _BSD_SOURCE
-
- #include <stdio.h>
- #include <stdlib.h>
---- a/gpsd_json.c
-+++ b/gpsd_json.c
-@@ -24,6 +24,7 @@ PERMISSIONS
- #define __DARWIN_C_LEVEL 200112L
- /* strlcpy() needs _DARWIN_C_SOURCE */
- #define _DARWIN_C_SOURCE
-+#define _BSD_SOURCE
-
- #include <stdio.h>
- #include <math.h>
---- a/libgpsd_core.c
-+++ b/libgpsd_core.c
-@@ -20,6 +20,7 @@
-
- /* strlcpy() needs _DARWIN_C_SOURCE */
- #define _DARWIN_C_SOURCE
-+#define _BSD_SOURCE
-
- #include <time.h>
- #include <stdio.h>
include $(TOPDIR)/rules.mk
PKG_NAME:=hplip
-PKG_VERSION:=3.19.3
+PKG_VERSION:=3.19.6
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@SF/hplip
-PKG_HASH:=a04edf0b5b4c4dcaa3998a27caad8f24513340e0aea61b694397c7807d7c2ae6
+PKG_HASH:=fcdaedee9ed17d2e70f3aff9558a452d99443d1b93d6623132faf3f3ae61d66d
PKG_MAINTAINER:=Luiz Angelo Daros de Luca <luizluca@gmail.com>
PKG_LICENSE:=GPL-2.0 GPL-2.0+
PKG_NAME:=lcdproc
PKG_VERSION:=0.5.9
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/lcdproc/lcdproc/releases/download/v$(PKG_VERSION)/
PKG_HASH:=d48a915496c96ff775b377d2222de3150ae5172bfb84a6ec9f9ceab962f97b83
+
PKG_MAINTAINER:=Harald Geyer <harald@ccbib.org>, \
Philip Prindeville <philipp@redfish-solutions.com>
-PKG_LICENSE:=GPL-2.0
+PKG_LICENSE:=GPL-2.0-only
PKG_LICENSE_FILES:=COPYING
-PKG_FIXUP:=autoreconf
-
include $(INCLUDE_DIR)/package.mk
define Package/lcdproc/Default
$(LCDPROC_OTHER_DRIVERS_TEXT)
endef
-
-# not everything groks --disable-nls
-DISABLE_NLS:=
-
CONFIGURE_ARGS += \
--disable-libX11 \
--disable-libhid \
--disable-freetype \
--enable-drivers='all,!g15,!g15driver,!glcdlib,!irman,!lirc,!mdm166a,!mx5000,!svga,!xosd'
-# can't use -Wformat=2 because MUSL is somewhat broken
-TARGET_CFLAGS+=-Wall
-
MAKE_FLAGS += \
CFLAGS="$(TARGET_CFLAGS)" \
LDFLAGS="$(TARGET_LDFLAGS)"
--- /dev/null
+--- a/server/drivers/port.h
++++ b/server/drivers/port.h
+@@ -94,7 +94,7 @@ static inline int port_deny_multiple(unsigned short port, unsigned short count);
+ /* ---------------------------- Linux ------------------------------------ */
+ /* Use ioperm, inb and outb in <sys/io.h> (Linux) */
+ /* And iopl for higher addresses of PCI LPT cards */
+-#if defined HAVE_IOPERM
++#if defined(__GLIBC__) || (defined(__x86__) || defined(__x86_64__))
+
+ /* Glibc2 and Glibc1 */
+ # ifdef HAVE_SYS_IO_H
include $(TOPDIR)/rules.mk
PKG_NAME:=libnetwork
-PKG_VERSION:=0.8.0-dev.2
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_LICENSE:=Apache-2.0
PKG_LICENSE_FILES:=LICENSE
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://$(GO_PKG)
-PKG_SOURCE_VERSION:=e7933d41e7b206756115aa9df5e0599fc5169742
-PKG_MIRROR_HASH:=48638648bfd2b249f8e9cc32b5ec295a64e61fcb7cf635ca1a88809662167374
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.xz
+PKG_SOURCE_VERSION:=fc5a7d91d54cc98f64fc28f9e288b46a0bee756c
+PKG_SOURCE_DATE:=2019-08-03
+PKG_MIRROR_HASH:=a54fe7456ce448efc33d274ac8f2115d25196d7d58c44e5227bb0846b29b7fcd
PKG_MAINTAINER:=Gerard Ryan <G.M0N3Y.2503@gmail.com>
CATEGORY:=Utilities
TITLE:=networking for containers
URL:=https://github.com/docker/libnetwork
- DEPENDS:=$(GO_ARCH_DEPENDS)
+ DEPENDS:=$(GO_ARCH_DEPENDS) @TARGET_x86_64
endef
define Package/libnetwork/description
include $(TOPDIR)/rules.mk
PKG_NAME:=mariadb
-PKG_VERSION:=10.2.24
-PKG_RELEASE:=2
+PKG_VERSION:=10.2.26
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL := \
https://ftp.yz.yamagata-u.ac.jp/pub/dbms/mariadb/$(PKG_NAME)-$(PKG_VERSION)/source \
https://downloads.mariadb.org/interstitial/$(PKG_NAME)-$(PKG_VERSION)/source
-PKG_HASH:=97f4d924e69f77abb2f650116785c2f5ef356230442534ebcbaadb51d9bb8bc4
+PKG_HASH:=152fe941c4f2a352b2b3a4db1ef64e70235fd9ff055af62ad7bda9f2b2191528
PKG_MAINTAINER:=Sebastian Kemper <sebastian_ml@gmx.net>
PKG_LICENSE:=GPL-2.0 LGPL-2.1
-PKG_LICENSE_FILES:=COPYING libmariadb/COPYING.LIB
+PKG_LICENSE_FILES:=COPYING THIRDPARTY libmariadb/COPYING.LIB
PKG_CPE_ID:=cpe:/a:mariadb:mariadb
auth_ed25519 \
auth_gssapi \
auth_pam \
- client_ed25519 \
disks \
feedback \
file_key_management \
plugin-auth_ed25519 := PLUGIN_AUTH_ED25519
plugin-auth_gssapi := PLUGIN_AUTH_GSSAPI
plugin-auth_pam := PLUGIN_AUTH_PAM
-plugin-client_ed25519 := PLUGIN_CLIENT_ED25519
plugin-disks := PLUGIN_DISKS
plugin-feedback := PLUGIN_FEEDBACK
plugin-file_key_management := PLUGIN_FILE_KEY_MANAGEMENT
$(INSTALL_DIR) $(1)$(PLUGIN_DIR)
$(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{mariadb,mysqlclient}*.so* $(1)/usr/lib
$(INSTALL_BIN) $(PKG_INSTALL_DIR)$(PLUGIN_DIR)/caching_sha2_password.so $(1)$(PLUGIN_DIR)
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)$(PLUGIN_DIR)/client_ed25519.so $(1)$(PLUGIN_DIR)
$(INSTALL_BIN) $(PKG_INSTALL_DIR)$(PLUGIN_DIR)/dialog.so $(1)$(PLUGIN_DIR)
$(INSTALL_BIN) $(PKG_INSTALL_DIR)$(PLUGIN_DIR)/mysql_clear_password.so $(1)$(PLUGIN_DIR)
$(INSTALL_BIN) $(PKG_INSTALL_DIR)$(PLUGIN_DIR)/sha256_password.so $(1)$(PLUGIN_DIR)
$(eval $(call BuildPlugin,mariadb-server,auth_ed25519,))
$(eval $(call BuildPlugin,mariadb-server,auth_gssapi,+krb5-libs))
$(eval $(call BuildPlugin,mariadb-server,auth_pam,+libpam))
-$(eval $(call BuildPlugin,mariadb-server,client_ed25519,))
$(eval $(call BuildPlugin,mariadb-server,disks,))
$(eval $(call BuildPlugin,mariadb-server,feedback,))
$(eval $(call BuildPlugin,mariadb-server,file_key_management,))
--- a/scripts/mysql_install_db.sh
+++ b/scripts/mysql_install_db.sh
-@@ -403,7 +403,7 @@ fi
+@@ -410,7 +410,7 @@ fi
# Try to determine the hostname
+++ b/include/atomic/gcc_builtins.h
@@ -16,6 +16,7 @@
along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1335 USA */
+#if defined (HAVE_GCC_ATOMIC_BUILTINS)
#define make_atomic_add_body(S) \
CheckType(pv)
TYPE *lp = ((TYPBLK*)pv)->Typp;
-- for (register int i = k; i < n; i++) // TODO
+- for (int i = k; i < n; i++) // TODO
- Typp[i] = lp[i];
+ memcpy(Typp + k, lp + k, sizeof(TYPE) * n);
--- a/storage/xtradb/include/ut0ut.h
+++ b/storage/xtradb/include/ut0ut.h
-@@ -85,9 +85,8 @@ private:
+@@ -83,9 +83,8 @@ private:
the YieldProcessor macro defined in WinNT.h. It is a CPU architecture-
independent way by using YieldProcessor. */
# define UT_RELAX_CPU() YieldProcessor()
# else
# define UT_RELAX_CPU() ((void)0) /* avoid warning for an empty statement */
# endif
-@@ -101,9 +100,8 @@ private:
+@@ -99,9 +98,8 @@ private:
#endif
# if defined(HAVE_HMT_PRIORITY_INSTRUCTION)
# define UT_RESUME_PRIORITY_CPU() ((void)0)
--- a/storage/innobase/include/ut0ut.h
+++ b/storage/innobase/include/ut0ut.h
-@@ -71,9 +71,8 @@ typedef time_t ib_time_t;
+@@ -68,9 +68,8 @@ Created 1/20/1994 Heikki Tuuri
the YieldProcessor macro defined in WinNT.h. It is a CPU architecture-
independent way by using YieldProcessor. */
# define UT_RELAX_CPU() YieldProcessor()
#else
# define UT_RELAX_CPU() do { \
volatile int32 volatile_var; \
-@@ -91,9 +90,8 @@ typedef time_t ib_time_t;
+@@ -88,9 +87,8 @@ Created 1/20/1994 Heikki Tuuri
#endif
#if defined(HAVE_HMT_PRIORITY_INSTRUCTION)
--- a/client/mysql.cc
+++ b/client/mysql.cc
-@@ -2577,7 +2577,7 @@ C_MODE_END
+@@ -2578,7 +2578,7 @@ C_MODE_END
if not.
*/
static int fake_magic_space(int, int);
extern "C" char *no_completion(const char*,int)
#elif defined(USE_LIBEDIT_INTERFACE)
-@@ -2659,7 +2659,7 @@ static int not_in_history(const char *li
+@@ -2660,7 +2660,7 @@ static int not_in_history(const char *li
}
static int fake_magic_space(int, int)
#else
static int fake_magic_space(const char *, int)
-@@ -2676,7 +2676,7 @@ static void initialize_readline (char *n
+@@ -2677,7 +2677,7 @@ static void initialize_readline (char *n
rl_readline_name = name;
/* Tell the completer that we want a crack first. */
rl_attempted_completion_function= (rl_completion_func_t*)&new_mysql_completion;
rl_completion_entry_function= (rl_compentry_func_t*)&no_completion;
-@@ -2706,7 +2706,7 @@ static char **new_mysql_completion(const
+@@ -2707,7 +2707,7 @@ static char **new_mysql_completion(const
int end __attribute__((unused)))
{
if (!status.batch && !quick)
PKG_NAME:=mt-st
PKG_VERSION:=1.1
-PKG_RELEASE:=1
+PKG_RELEASE:=2
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)
-PKG_SOURCE_VERSION:=$(PKG_VERSION)
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.gz
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=ftp://ftp.ibiblio.org/pub/Linux/system/backup/
PKG_HASH:=945cb4f3d9957dabe768f5941a9148b746396836c797b25f020c84319ba8170d
+PKG_MAINTAINER:=Giuseppe Magnotta <giuseppe.magnotta@gmail.com>
PKG_LICENSE:=GPL-2.0
include $(INCLUDE_DIR)/package.mk
CATEGORY:=Utilities
TITLE:=Magnetic tape control tools for Linux SCSI tapes
URL:=http://ftp.ibiblio.org/pub/Linux/system/backup/
- MAINTAINER:=Giuseppe Magnotta <giuseppe.magnotta@gmail.com>
endef
define Package/mt-st/description
--- /dev/null
+--- a/mt.c
++++ b/mt.c
+@@ -21,6 +21,7 @@
+ #include <sys/types.h>
+ #include <sys/ioctl.h>
+ #include <sys/stat.h>
++#include <sys/sysmacros.h>
+ #include <sys/utsname.h>
+
+ #include "mtio.h"
include $(TOPDIR)/rules.mk
PKG_NAME:=prometheus-node-exporter-lua
-PKG_VERSION:=2019.04.12
+PKG_VERSION:=2019.08.14
PKG_RELEASE:=1
PKG_MAINTAINER:=Etienne CHAMPETIER <champetier.etienne@gmail.com>
define Package/prometheus-node-exporter-lua-openwrt
$(call Package/prometheus-node-exporter-lua/Default)
TITLE+= (openwrt collector)
- DEPENDS:=prometheus-node-exporter-lua
+ DEPENDS:=prometheus-node-exporter-lua +libubus-lua
endef
define Package/prometheus-node-exporter-lua-ltq-dsl
+local ubus = require "ubus"
+local u = ubus.connect()
+local b = u:call("system", "board", {})
+
local labels = {
- id = "",
- release = "",
- revision = "",
- model = string.sub(get_contents("/tmp/sysinfo/model"), 1, -2),
- board_name = string.sub(get_contents("/tmp/sysinfo/board_name"), 1, -2)
+ board_name = b.board_name,
+ id = b.release.distribution,
+ model = b.model,
+ release = b.release.version,
+ revision = b.release.revision,
+ system = b.system,
+ target = b.release.target
}
-for k, v in string.gmatch(get_contents("/etc/openwrt_release"), "(DISTRIB_%w+)='(.-)'\n") do
- if k == "DISTRIB_ID" then
- labels["id"] = v
- elseif k == "DISTRIB_RELEASE" then
- labels["release"] = v
- elseif k == "DISTRIB_REVISION" then
- labels["revision"] = v
- end
-end
+b = nil
+u = nil
+ubus = nil
local function scrape()
metric("node_openwrt_info", "gauge", labels, 1)
--- /dev/null
+# Copyright (C) 2017 Yousong Zhou
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=pservice
+PKG_VERSION:=2017-08-29
+PKG_RELEASE=2
+
+PKG_MAINTAINER:=Yousong Zhou <yszhou4tech@gmail.com>
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/pservice
+ SECTION:=utils
+ CATEGORY:=Utilities
+ TITLE:=Wrap commands as procd services
+endef
+
+define Build/Compile
+endef
+
+define Package/pservice/install
+ $(INSTALL_DIR) $(1)/usr/bin $(1)/etc/init.d $(1)/etc/config
+ $(INSTALL_BIN) ./files/pservice.init $(1)/etc/init.d/pservice
+ $(INSTALL_DATA) ./files/pservice.config $(1)/etc/config/pservice
+endef
+
+$(eval $(call BuildPackage,pservice))
--- /dev/null
+# uci
+
+`disabled`, bool, default `0`
+
+`name`, string, name of the service instance
+
+`command`, file, the service instance executable
+
+`args`, list of args
+
+`stderr`, bool, default `0`, log stderr output of the service instance
+
+`stdout`, bool, default `0`, log stdout output of the service instance
+
+`env`, list of environment variable settings of the form `var=val`
+
+`file`, list of file names. Service instances will be restarted if content of
+these files have changed on service reload event.
+
+`respawn_threshold`, uinteger, default `3600`, time in seconds the instances
+have to be in running state to be considered a valid run
+
+`respawn_timeout`, uinteger, default `5`, time in seconds the instance should
+be delayed to start again after the last crash
+
+`respawn_maxfail`, uinteger, default `5`, maximum times the instances can
+crash/fail in a row and procd will not try to bring it up again after this
+limit has been reached
+
+# notes and faq
+
+Initial environment variables presented to service instances may be different
+from what was observed on the interactive terminal. E.g. `HOME=/` may affect
+reading `~/.ssh/known_hosts` of dropbear ssh instance.
+
+ PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/ HOME=/
+
+If `list args xxx` seems to be too long causing pain, consider using `/bin/sh`
+as the `command`. It is also worth noting that uci supports multi-line option
+value.
+
+Child processes will keep running when their parent process was killed. This
+is especially the case and should be taken into account with option `command`
+being `/bin/sh` and it is recommended to use `exec` as the last shell command.
--- /dev/null
+config pservice
+ option disabled 1
+ option name 'demo0'
+ option command /bin/sh
+ option respawn_maxfail 0
+ list args -c
+ list args 'env | logger -t $name; exec sleep $time'
+ list env 'v0=0'
+ list env 'v1=val with space'
+ list env 'name=demo0'
+ list env 'time=1799'
+ list file /tmp/sleep.conf
+
+config pservice
+ option disabled 1
+ option name 8021x
+ option command /usr/sbin/wpa_supplicant
+ option stdout 1
+ list args -i
+ list args eth0.1
+ list args -D
+ list args wired
+ list args -c
+ list args /etc/wpa_supplicant-eth0.1.conf
--- /dev/null
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2017-2019 Yousong Zhou
+
+START=99
+
+USE_PROCD=1
+
+pservice_list_cb() {
+ local val="$1"; shift
+ local param="$1"; shift
+
+ procd_append_param "$param" "$val"
+}
+
+pservice_instance() {
+ local cfg="$1"
+
+ [ "$disabled" = 0 ] || return 0
+ [ -x "$command" ] || {
+ echo "$command is not executable" >&2
+ return 1
+ }
+
+ procd_open_instance "$name"
+ procd_set_param command "$command"
+ procd_set_param stderr "$stderr"
+ procd_set_param stdout "$stdout"
+ procd_set_param respawn "$respawn_threshold" "$respawn_timeout" "$respawn_maxfail"
+ [ -z "$args" ] || config_list_foreach "$cfg" args pservice_list_cb command
+ if [ -n "$env" ]; then
+ procd_set_param env
+ config_list_foreach "$cfg" env pservice_list_cb env
+ fi
+ if [ -n "$file" ]; then
+ procd_set_param file
+ config_list_foreach "$cfg" file pservice_list_cb file
+ fi
+ procd_close_instance
+}
+
+start_service() {
+ config_load 'pservice'
+ config_foreach validate_pservice_section pservice pservice_instance
+}
+
+service_triggers() {
+ procd_add_validation validate_pservice_section
+}
+
+validate_pservice_section() {
+ uci_load_validate pservice pservice "$1" "$2" \
+ "disabled:bool:0" \
+ "name:string" \
+ "env:regex('^[a-zA-Z_][a-zA-Z0-9_]*=.*$')" \
+ "command:file" \
+ "args:string" \
+ "stderr:bool:0" \
+ "stdout:bool:0" \
+ "respawn_threshold:uinteger:3600" \
+ "respawn_timeout:uinteger:5" \
+ "respawn_maxfail:uinteger:5" \
+ "file:string"
+}
include $(TOPDIR)/rules.mk
PKG_NAME:=qemu
-PKG_VERSION:=4.0.0
+PKG_VERSION:=4.1.0
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_HASH:=13a93dfe75b86734326f8d5b475fde82ec692d5b5a338b4262aeeb6b0fa4e469
+PKG_HASH:=656e60218689bdeec69903087fd7582d5d3e72238d02f4481d8dc6d79fd909c6
PKG_SOURCE_URL:=http://download.qemu.org/
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=LICENSE tcg/LICENSE
DEPENDS:= +glib2 +virtio-console-helper $(CXX_DEPENDS) $(QEMU_DEPS_IN_GUEST)
endef
-define Package/qemu-ga/description
- This package contains the QEMU Guest Agent daemon
-endef
-
define Package/qemu-ga/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/qemu-ga $(1)/usr/bin
$(INSTALL_BIN) ./files/10-qemu-ga.hotplug $(1)/etc/hotplug.d/virtio-ports/10-qemu-ga
endef
+PKG_CONFIG_DEPENDS += CONFIG_PACKAGE_qemu-ga
-define Package/qemu-blobs
- SECTION:=utils
- CATEGORY:=Utilities
- SUBMENU:=Virtualization
- TITLE:=QEMU blobs of BIOS, VGA BIOS and keymaps
- URL:=http://www.qemu.org
- DEPENDS:=$(QEMU_DEPS_IN_HOST)
-endef
-
-define Package/qemu-blobs/install
- $(INSTALL_DIR) $(1)/usr/share/qemu
- $(CP) $(PKG_INSTALL_DIR)/usr/share/qemu/* $(1)/usr/share/qemu
-endef
define Package/qemu-bridge-helper
SECTION:=utils
$(INSTALL_DATA) ./files/bridge.conf $(1)/etc/qemu
endef
+
define Package/qemu-img
SECTION:=utils
CATEGORY:=Utilities
SUBMENU:=Virtualization
TITLE:=QEMU Image utility
URL:=http://www.qemu.org
- DEPENDS:=+glib2 $(CXX_DEPENDS) $(QEMU_DEPS_IN_HOST)
+ DEPENDS:=+glib2 $(QEMU_DEPS_IN_HOST)
endef
define Package/qemu-img/install
$(INSTALL_BIN) $(PKG_BUILD_DIR)/qemu-img $(1)/usr/bin/qemu-img
endef
+
define Package/qemu-nbd
SECTION:=utils
CATEGORY:=Utilities
SUBMENU:=Virtualization
TITLE:=QEMU Network Block Device Utility
URL:=http://www.qemu.org
- DEPENDS:=+glib2 $(CXX_DEPENDS) $(QEMU_DEPS_IN_HOST) +kmod-nbd
+ DEPENDS:=+glib2 $(QEMU_DEPS_IN_HOST) +kmod-nbd
endef
define Package/qemu-nbd/install
$(INSTALL_BIN) $(PKG_BUILD_DIR)/qemu-nbd $(1)/usr/sbin/qemu-nbd
endef
-PKG_CONFIG_DEPENDS += CONFIG_PACKAGE_qemu-ga
+
+define qemu-firmware
+ QEMU_PACKAGES += qemu-firmware-$(1)
+
+ define Package/qemu-firmware-$(1)
+ SECTION:=utils
+ CATEGORY:=Utilities
+ SUBMENU:=Virtualization
+ TITLE:=$(qemu-firmware-$(1)-title)
+ URL:=http://www.qemu.org
+ DEPENDS:=$(QEMU_DEPS_IN_HOST)
+ endef
+
+ define Package/qemu-firmware-$(1)/install
+ $$(INSTALL_DIR) $$(1)/usr/share/qemu
+ $$(CP) $(foreach f,$(qemu-firmware-$(1)-files),$$(PKG_INSTALL_DIR)/usr/share/qemu/$(f)) $$(1)/usr/share/qemu
+ endef
+endef
+
+qemu-firmware-seabios-title:=QEMU build of SeaBIOS for x86 guest
+qemu-firmware-seabios-files:=bios.bin bios-256k.bin
+$(eval $(call qemu-firmware,seabios))
+
+qemu-firmware-seavgabios-title:=QEMU build of SeaVGABIOS
+qemu-firmware-seavgabios-files:=vgabios-*.bin
+$(eval $(call qemu-firmware,seavgabios))
+
+qemu-firmware-pxe-title:=QEMU build of iPXE PXE roms
+qemu-firmware-pxe-files:=pxe-*.rom
+$(eval $(call qemu-firmware,pxe))
+
+qemu-firmware-efi-title:=QEMU build of iPXE EFI roms
+qemu-firmware-efi-files:=efi-*.rom
+$(eval $(call qemu-firmware,efi))
+
# Naming rules used in qemu Makefile.target
define qemu-prog_
#
define qemu-target
PKG_CONFIG_DEPENDS += CONFIG_PACKAGE_qemu-$(1)
+ QEMU_PACKAGES += qemu-$(1)
define Package/qemu-$(1)
SECTION:=utils
SUBMENU:=Virtualization
TITLE:=QEMU target $(1)
URL:=http://www.qemu.org
- DEPENDS:= +glib2 +libpthread +zlib $(CXX_DEPENDS) $(QEMU_DEPS_IN_HOST) \
- $(if $(filter %-softmmu,$(1)),+libncurses +libfdt +pixman +qemu-blobs $(ICONV_DEPENDS))
+ DEPENDS:= +glib2 +libpthread +zlib $(CXX_DEPENDS) $(QEMU_DEPS_IN_HOST) $(qemu-target-$(1)-deps) \
+ $(if $(filter %-softmmu,$(1)),+libncurses +libfdt +pixman +qemu-firmware-efi $(ICONV_DEPENDS))
endef
define Package/qemu-$(1)/description
define Package/qemu-$(1)/install
$(INSTALL_DIR) $$(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/$(call qemu-prog,$(1)) $$(1)/usr/bin
+ $(foreach f,$(qemu-target-$(1)-extra-files),
+ $(INSTALL_DIR) $$(1)/$(dir $(f))
+ $(CP) $(PKG_INSTALL_DIR)/$(f) $$(1)/$(f)
+ )
endef
endef
-QEMU_TARGET_LIST := \
+qemu-target-list := \
x86_64-softmmu \
arm-softmmu \
-$(foreach target,$(QEMU_TARGET_LIST), \
+qemu-target-x86_64-softmmu-deps:= \
+ +qemu-firmware-pxe \
+ +qemu-firmware-seabios \
+ +qemu-firmware-seavgabios
+qemu-target-x86_64-softmmu-extra-files:= \
+ usr/share/qemu/kvmvapic.bin \
+ usr/share/qemu/linuxboot.bin \
+ usr/share/qemu/linuxboot_dma.bin \
+ usr/share/qemu/multiboot.bin \
+ usr/share/qemu/pvh.bin
+
+$(foreach target,$(qemu-target-list), \
$(eval $(call qemu-target,$(target))) \
)
+
# QEMU configure script does not recognize these options
CONFIGURE_ARGS:=$(filter-out \
--target=% \
--host-cc="$(HOSTCC)" \
--disable-fortify-source \
--disable-stack-protector \
+ --extra-cflags="$(EXTRA_CFLAGS)" \
+ --extra-cxxflags="$(EXTRA_CXXFLAGS)" \
+ --extra-ldflags="$(EXTRA_LDFLAGS)" \
# VHost features
CONFIGURE_ARGS += \
--disable-libiscsi \
--disable-libnfs \
--disable-libpmem \
- --disable-libssh2 \
+ --disable-libssh \
--disable-libudev \
--disable-libusb \
--disable-libxml2 \
--disable-xen-pci-passthrough \
--disable-xfsctl \
-CONFIGURE_ARGS += --target-list='$(foreach target,$(QEMU_TARGET_LIST),$(if $(CONFIG_PACKAGE_qemu-$(target)),$(target)))'
+CONFIGURE_ARGS += --target-list='$(foreach target,$(qemu-target-list),$(if $(CONFIG_PACKAGE_qemu-$(target)),$(target)))'
CONFIGURE_ARGS += $(if $(CONFIG_PACKAGE_qemu-ga),--enable-guest-agent)
TARGET_LDFLAGS += -Wl,--as-needed
-MAKE_VARS += V=s
+MAKE_VARS += V=1
# ARCH is special in qemu's build system, e.g. ARCH mips64 will be translated
# there to mips and stored in config-host.mak
MAKE_FLAGS:=$(filter-out \
$(if $(CONFIG_PACKAGE_qemu-bridge-helper),qemu-bridge-helper) \
$(if $(CONFIG_PACKAGE_qemu-img),qemu-img) \
$(if $(CONFIG_PACKAGE_qemu-nbd),qemu-nbd) \
- $(foreach target,$(QEMU_TARGET_LIST),$(if $(CONFIG_PACKAGE_qemu-$(target)),subdir-$(target))) \
+ $(foreach target,$(qemu-target-list),$(if $(CONFIG_PACKAGE_qemu-$(target)),$(target)/all)) \
define Build/Compile
$(if $(strip $(QEMU_MAKE_TARGETS)),$(call Build/Compile/Default,$(QEMU_MAKE_TARGETS)))
$(eval $(call BuildPackage,qemu-bridge-helper))
$(eval $(call BuildPackage,qemu-img))
$(eval $(call BuildPackage,qemu-nbd))
-$(eval $(call BuildPackage,qemu-blobs))
-$(foreach target,$(QEMU_TARGET_LIST), \
- $(eval $(call BuildPackage,qemu-$(target))) \
+$(foreach p,$(QEMU_PACKAGES), \
+ $(eval $(call BuildPackage,$(p))) \
)
include $(TOPDIR)/rules.mk
PKG_NAME:=slide-switch
-PKG_VERSION:=0.9.4
+PKG_VERSION:=0.9.5
PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/jefferyto/openwrt-slide-switch.git
-PKG_SOURCE_VERSION:=0.9.4
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE:=$(PKG_SOURCE_SUBDIR).tar.xz
-PKG_MIRROR_HASH:=52a93506c994b1babf174aec8ac8aebbf94f27263125d144f6d86db001dd24d6
+PKG_MIRROR_HASH:=ac61aea3ce620364285de5525635999aa8b463c4070da6bce134278ff92a433c
+PKG_SOURCE_VERSION:=$(PKG_VERSION)
PKG_BUILD_PARALLEL:=1
PKG_FIXUP:=autoreconf
--- /dev/null
+From 968aa53dd6d2c0831a9af01873441767c06b88d0 Mon Sep 17 00:00:00 2001
+From: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
+Date: Wed, 1 Aug 2018 12:17:10 +0200
+Subject: [PATCH] mksquashfs/unsquashfs: fix compilation with glibc 2.25+
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From glibc 2.25 release notes:
+https://sourceware.org/ml/libc-alpha/2017-02/msg00079.html
+"* The inclusion of <sys/sysmacros.h> by <sys/types.h> is deprecated.
+ This means that in a future release, the macros “major”, “minor”, and
+ “makedev” will only be available from <sys/sysmacros.h>."
+
+See glibc bug https://sourceware.org/bugzilla/show_bug.cgi?id=19239 .
+---
+ squashfs-tools/mksquashfs.c | 1 +
+ squashfs-tools/unsquashfs.c | 1 +
+ 2 files changed, 2 insertions(+)
+
+diff --git a/squashfs-tools/mksquashfs.c b/squashfs-tools/mksquashfs.c
+index d696a51..8d57c3e 100644
+--- a/squashfs-tools/mksquashfs.c
++++ b/squashfs-tools/mksquashfs.c
+@@ -35,6 +35,7 @@
+ #include <stddef.h>
+ #include <sys/types.h>
+ #include <sys/stat.h>
++#include <sys/sysmacros.h>
+ #include <fcntl.h>
+ #include <errno.h>
+ #include <dirent.h>
+diff --git a/squashfs-tools/unsquashfs.c b/squashfs-tools/unsquashfs.c
+index a57f85c..a492b27 100644
+--- a/squashfs-tools/unsquashfs.c
++++ b/squashfs-tools/unsquashfs.c
+@@ -33,6 +33,7 @@
+ #include "fnmatch_compat.h"
+
+ #include <sys/sysinfo.h>
++#include <sys/sysmacros.h>
+ #include <sys/types.h>
+ #include <sys/time.h>
+ #include <sys/resource.h>
+--
+2.21.0
+
--- /dev/null
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=syncthing
+PKG_VERSION:=1.2.1
+PKG_RELEASE:=1
+
+PKG_SOURCE:=syncthing-source-v$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://github.com/syncthing/syncthing/releases/download/v$(PKG_VERSION)
+PKG_HASH:=313bd59ddc2562e833fc4caa8d90360a06d5ff02976c0a4d5d42393e6f8bceac
+
+PKG_BUILD_DIR=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)/$(PKG_NAME)
+
+PKG_MAINTAINER:=Paul Spooren <mail@aparcar.org>
+PKG_LICENSE:=MPL-2.0
+PKG_LICENSE_FILES:=LICENSE
+PKG_CPE_ID:=cpe:/a:syncthing:syncthing
+
+PKG_BUILD_DEPENDS:=golang/host
+PKG_BUILD_PARALLEL:=1
+PKG_USE_MIPS16:=0
+
+GO_PKG:=github.com/syncthing/syncthing/
+GO_PKG_BUILD_PKG:=github.com/syncthing/syncthing/cmd/syncthing/
+GO_PKG_INSTALL_EXTRA:=^gui/
+
+include $(INCLUDE_DIR)/package.mk
+include ../../lang/golang/golang-package.mk
+
+define Package/syncthing
+ TITLE:=Continuous file synchronization program
+ URL:=https://syncthing.net
+ DEPENDS:=$(GO_ARCH_DEPENDS)
+ SECTION:=utils
+ CATEGORY:=Utilities
+endef
+
+GO_PKG_LDFLAGS_X:=\
+ main.Version=v$(PKG_VERSION) \
+ main.BuildUser=openwrt \
+ main.BuildHost=openwrt \
+ main.BuildStamp=$(SOURCE_DATE_EPOCH)
+
+define Build/Compile
+ $(call GoPackage/Build/Compile,-tags noupgrade)
+endef
+
+define Package/syncthing/conffiles
+/etc/config/syncthing
+/etc/syncthing
+endef
+
+define Package/syncthing/description
+ Syncthing replaces proprietary sync and cloud services with something
+ open, trustworthy and decentralized. Your data is your data alone and
+ you deserve to choose where it is stored, if it is shared with some
+ third party and how it's transmitted over the Internet.
+endef
+
+define Package/syncthing/install
+ $(call GoPackage/Package/Install/Bin,$(1))
+
+ $(CP) ./files/* $(1)/
+endef
+
+$(eval $(call GoBinPackage,syncthing))
+$(eval $(call BuildPackage,syncthing))
--- /dev/null
+config syncthing 'syncthing'
+ option gui_address 'http://127.0.0.1:8384'
+ option home '/etc/syncthing/'
--- /dev/null
+#!/bin/sh /etc/rc.common
+
+START=99
+
+PROG=/usr/bin/syncthing
+
+start_service() {
+ [ -d /var/syncthing/ ] || mkdir /var/syncthing/
+
+ local gui_address home
+ config_load "syncthing"
+ config_get gui_address syncthing gui_address "http://127.0.0.1:8384"
+ config_get home syncthing home "/etc/syncthing/"
+
+ procd_open_instance
+ procd_set_param command "$PROG"
+ procd_append_param command -gui-address="$gui_address"
+ procd_append_param command -home="$home"
+ procd_set_param respawn
+ procd_close_instance
+}
--- /dev/null
+/var/syncthing/
\ No newline at end of file
include $(INCLUDE_DIR)/package.mk
+# This avoids generating man pages
+CONFIGURE_VARS += ac_cv_prog_A2X=
+
define Package/tang
SECTION:=utils
TITLE:=tang v$(PKG_VERSION) - daemon for binding data to the presence of a third party
define Package/tesseract-data-default
- SUBMENU:=Tesseract
SECTION:=utils
CATEGORY:=Utilities
DEPENDS:=tesseract
define generate-tesseract-data-package
define Package/tesseract-data-$(1)
- TITLE:=Tesseract training data for $(1) language
+ TITLE:=Training data for $(1) language
$(call Package/tesseract-data-default)
endef
include $(TOPDIR)/rules.mk
PKG_NAME:=zstd
-PKG_VERSION:=1.4.1
+PKG_VERSION:=1.4.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/facebook/zstd/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=f91ea3397e6cc65d398e1bc0713cf2f0b0de2fb85ea9dabb1eb3e8f1b22f8d6f
+PKG_HASH:=7a6e1dad34054b35e2e847eb3289be8820a5d378228802239852f913c6dcf6a7
PKG_MAINTAINER:=Amol Bhave <ambhave@fb.com>
PKG_LICENSE:=GPL-2.0-or-later
--- /dev/null
+From 245a69c0f5784ba89c28301263bcfd5785ebe0ea Mon Sep 17 00:00:00 2001
+From: Rosen Penev <rosenp@gmail.com>
+Date: Tue, 30 Jul 2019 17:17:07 -0700
+Subject: [PATCH] zstd: Don't use utime on Linux
+
+utime is deprecated by POSIX 2008 and optionally not available with
+uClibc-ng.
+
+Got rid of a few useless headers in timefn.h.
+
+Signed-off-by: Rosen Penev <rosenp@gmail.com>
+---
+ programs/platform.h | 2 +-
+ programs/timefn.h | 6 ------
+ programs/util.c | 10 ++++++++++
+ programs/util.h | 5 +++--
+ 4 files changed, 14 insertions(+), 9 deletions(-)
+
+diff --git a/programs/platform.h b/programs/platform.h
+index 38ded8727..5934e59cf 100644
+--- a/programs/platform.h
++++ b/programs/platform.h
+@@ -92,7 +92,7 @@ extern "C" {
+
+ # if defined(__linux__) || defined(__linux)
+ # ifndef _POSIX_C_SOURCE
+-# define _POSIX_C_SOURCE 200112L /* feature test macro : https://www.gnu.org/software/libc/manual/html_node/Feature-Test-Macros.html */
++# define _POSIX_C_SOURCE 200809L /* feature test macro : https://www.gnu.org/software/libc/manual/html_node/Feature-Test-Macros.html */
+ # endif
+ # endif
+ # include <unistd.h> /* declares _POSIX_VERSION */
+diff --git a/programs/timefn.h b/programs/timefn.h
+index d1ddd31b1..2db3765b9 100644
+--- a/programs/timefn.h
++++ b/programs/timefn.h
+@@ -19,12 +19,6 @@ extern "C" {
+ /*-****************************************
+ * Dependencies
+ ******************************************/
+-#include <sys/types.h> /* utime */
+-#if defined(_MSC_VER)
+-# include <sys/utime.h> /* utime */
+-#else
+-# include <utime.h> /* utime */
+-#endif
+ #include <time.h> /* clock_t, clock, CLOCKS_PER_SEC */
+
+
+diff --git a/programs/util.c b/programs/util.c
+index fb77d1783..3a2e9e28f 100644
+--- a/programs/util.c
++++ b/programs/util.c
+@@ -54,14 +54,24 @@ int UTIL_getFileStat(const char* infilename, stat_t *statbuf)
+ int UTIL_setFileStat(const char *filename, stat_t *statbuf)
+ {
+ int res = 0;
++#if defined(_WIN32)
+ struct utimbuf timebuf;
++#else
++ struct timespec timebuf[2];
++#endif
+
+ if (!UTIL_isRegularFile(filename))
+ return -1;
+
++#if defined(_WIN32)
+ timebuf.actime = time(NULL);
+ timebuf.modtime = statbuf->st_mtime;
+ res += utime(filename, &timebuf); /* set access and modification times */
++#else
++ timebuf[0].tv_sec = time(NULL);
++ timebuf[1].tv_sec = statbuf->st_mtime;
++ res += utimensat(AT_FDCWD, filename, timebuf, 0); /* set access and modification times */
++#endif
+
+ #if !defined(_WIN32)
+ res += chown(filename, statbuf->st_uid, statbuf->st_gid); /* Copy ownership */
+diff --git a/programs/util.h b/programs/util.h
+index d6e5bb550..71d4c7c77 100644
+--- a/programs/util.h
++++ b/programs/util.h
+@@ -25,12 +25,13 @@ extern "C" {
+ #include <stdio.h> /* fprintf */
+ #include <sys/types.h> /* stat, utime */
+ #include <sys/stat.h> /* stat, chmod */
+-#if defined(_MSC_VER)
++#if defined(_WIN32)
+ # include <sys/utime.h> /* utime */
+ # include <io.h> /* _chmod */
+ #else
++# include <fcntl.h> /* AT_FDCWD */
++# include <sys/stat.h> /* utimensat */
+ # include <unistd.h> /* chown, stat */
+-# include <utime.h> /* utime */
+ #endif
+ #include <time.h> /* clock_t, clock, CLOCKS_PER_SEC, nanosleep */
+ #include "mem.h" /* U32, U64 */
projects / feed / packages.git / commitdiff