This is the OpenWrt "packages"-feed containing community-maintained build scripts, options and patches for applications, modules and libraries used within OpenWrt.
-Installation of pre-built packages is handled directly by the **opkg** utility within your running OpenWrt system or by using the [OpenWrt SDK](http://wiki.openwrt.org/doc/howto/obtain.firmware.sdk) on a build system.
+Installation of pre-built packages is handled directly by the **opkg** utility within your running OpenWrt system or by using the [OpenWrt SDK](https://openwrt.org/docs/guide-developer/obtain.firmware.sdk) on a build system.
## Usage
-This repository is intended to be layered on-top of an OpenWrt buildroot. If you do not have an OpenWrt buildroot installed, see the documentation at: [OpenWrt Buildroot – Installation](http://wiki.openwrt.org/doc/howto/buildroot.exigence) on the OpenWrt support site.
+This repository is intended to be layered on-top of an OpenWrt buildroot. If you do not have an OpenWrt buildroot installed, see the documentation at: [OpenWrt Buildroot – Installation](https://openwrt.org/docs/guide-developer/build-system/install-buildsystem) on the OpenWrt support site.
This feed is enabled by default. To install all its package definitions, run:
```
PKG_NAME:=htop
PKG_VERSION:=2.2.0
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=http://hisham.hm/htop/releases/$(PKG_VERSION)/
+PKG_SOURCE_URL:=https://hisham.hm/htop/releases/$(PKG_VERSION)/
PKG_HASH:=d9d6826f10ce3887950d709b53ee1d8c1849a70fa38e91d5896ad8cbc6ba3c57
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=COPYING
+PKG_CPE_ID:=cpe:/a:htop:htop
-PKG_FIXUP:=autoreconf
+PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
CATEGORY:=Administration
TITLE:=Interactive processes viewer
DEPENDS:=+libncurses
- URL:=http://htop.sourceforge.net/
+ URL:=https://hisham.hm/htop/
MAINTAINER:=Etienne CHAMPETIER <champetier.etienne@gmail.com>
endef
include $(TOPDIR)/rules.mk
PKG_NAME:=monit
-PKG_VERSION:=5.24.0
+PKG_VERSION:=5.25.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_HASH:=754d1f0e165e5a26d4639a6a83f44ccf839e381f2622e0946d5302fa1f2d2414
PKG_SOURCE_URL:=https://mmonit.com/monit/dist
+PKG_HASH:=aa0ce6361d1155e43e30a86dcff00b2003d434f221c360981ced830275abc64a
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
PKG_LICENSE:=AGPL-3.0
PKG_LICENSE_FILES:=COPYING
+PKG_CPE_ID:=cpe:/a:tildeslash:monit
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
+PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
--- a/configure
+++ b/configure
-@@ -13852,14 +13852,7 @@ fi
+@@ -14390,14 +14390,7 @@ fi
# Find the right directory to put the root-mode PID file in
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking pid file location" >&5
$as_echo_n "checking pid file location... " >&6; }
PKG_NAME:=muninlite
PKG_VERSION:=1.0.4
-PKG_RELEASE:=8
+PKG_RELEASE:=9
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@SF/$(PKG_NAME)
--- /dev/null
+--- a/plugins/irqstats 2007-11-30 11:39:08.000000000 +0100
++++ b/plugins/irqstats 2018-08-29 08:20:50.809468406 +0200
+@@ -1,6 +1,6 @@
+ config_irqstats() {
+ echo "graph_title Individual interrupts
+-graph_args --base 1000 -l 0;
++graph_args --base 1000 -l 0
+ graph_vlabel interrupts / \${graph_period}
+ graph_category system"
+ CPUS=$(grep 'CPU[0-9]' /proc/interrupts | wc -w)
include $(TOPDIR)/rules.mk
PKG_NAME:=sudo
-PKG_VERSION:=1.8.21p2
+PKG_VERSION:=1.8.24
PKG_RELEASE:=1
-PKG_LICENSE:=ISC
-PKG_LICENSE_FILES:=doc/LICENSE
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=http://www.sudo.ws/dist
-PKG_HASH:=74c5746cd33a814e2431c39faf0d76f7f8a697379bd073862e3b156cf0d76368
+PKG_SOURCE_URL:=https://www.sudo.ws/dist
+PKG_HASH:=b488557a198ecef30b7ad4011b59a66232dec2364ad956e11d8e17906c225be8
+
+PKG_LICENSE:=ISC
+PKG_LICENSE_FILES:=doc/LICENSE
+PKG_CPE_ID:=cpe:/a:todd_miller:sudo
+PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
PKG_BUILD_DEPENDS:=sudo/host
SECTION:=admin
CATEGORY:=Administration
TITLE:=Delegate authority to run commands
- URL:=http://www.sudo.ws/
+ URL:=https://www.sudo.ws/
MAINTAINER:=Gergely Kiss <mail.gery@gmail.com>
endef
-diff -rupN sudo-1.8.11p2.orig/lib/util/Makefile.in sudo-1.8.11p2/lib/util/Makefile.in
---- sudo-1.8.11p2.orig/lib/util/Makefile.in 2014-10-07 22:26:20.000000000 +0200
-+++ sudo-1.8.11p2/lib/util/Makefile.in 2014-12-09 21:44:35.610041162 +0100
-@@ -142,10 +142,10 @@ libsudo_util.la: $(LTOBJS) @LT_LDDEP@
+--- a/lib/util/Makefile.in
++++ b/lib/util/Makefile.in
+@@ -161,10 +161,10 @@ libsudo_util.la: $(LTOBJS) @LT_LDDEP@
esac
siglist.c: mksiglist
+ mksigname > $@
mksiglist: $(srcdir)/mksiglist.c $(srcdir)/mksiglist.h $(incdir)/sudo_compat.h $(top_builddir)/config.h
- $(CC) $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/mksiglist.c -o $@
+ $(CC) $(CPPFLAGS) $(CFLAGS) $(srcdir)/mksiglist.c -o $@
-diff -rupN sudo-1.8.11p2.orig/Makefile.in sudo-1.8.11p2/Makefile.in
---- sudo-1.8.11p2.orig/Makefile.in 2014-10-07 22:26:20.000000000 +0200
-+++ sudo-1.8.11p2/Makefile.in 2014-12-09 22:00:27.256934143 +0100
-@@ -62,7 +62,7 @@ SHELL = @SHELL@
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -63,7 +63,7 @@ SHELL = @SHELL@
SED = @SED@
INSTALL = $(SHELL) $(top_srcdir)/install-sh -c
+++ /dev/null
-diff -rupN sudo-1.8.14p3.orig/include/sudo_util.h sudo-1.8.14p3/include/sudo_util.h
---- sudo-1.8.14p3.orig/include/sudo_util.h 2015-07-22 14:22:49.000000000 +0200
-+++ sudo-1.8.14p3/include/sudo_util.h 2015-08-30 18:41:24.509814946 +0200
-@@ -23,6 +23,8 @@
- # include "compat/stdbool.h"
- #endif /* HAVE_STDBOOL_H */
-
-+#include <sys/types.h>
-+
- /*
- * Macros for operating on struct timeval.
- */
include $(TOPDIR)/rules.mk
PKG_NAME:=perl-cgi
-PKG_VERSION:=4.38
+PKG_VERSION:=4.40
PKG_RELEASE:=1
PKG_SOURCE_URL:=http://www.cpan.org/authors/id/L/LE/LEEJO
PKG_SOURCE:=CGI-$(PKG_VERSION).tar.gz
-PKG_HASH:=8c58f4a529bb92a914b22b7e64c5e31185c9854a4070a6dfad44fe5cc248e7d4
+PKG_HASH:=10efff3061b3c31a33b3cc59f955aef9c88d57d12dbac46389758cef92f24f56
PKG_LICENSE:=GPL Artistic-2.0
PKG_MAINTAINER:=Marcel Denia <naoir@gmx.net>, \
include $(TOPDIR)/rules.mk
PKG_NAME:=php
-PKG_VERSION:=7.2.8
-PKG_RELEASE:=1
+PKG_VERSION:=7.2.9
+PKG_RELEASE:=2
PKG_MAINTAINER:=Michael Heimpold <mhei@heimpold.de>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://www.php.net/distributions/
-PKG_HASH:=53ba0708be8a7db44256e3ae9fcecc91b811e5b5119e6080c951ffe7910ffb0f
+PKG_HASH:=3585c1222e00494efee4f5a65a8e03a1e6eca3dfb834814236ee7f02c5248ae0
PKG_FIXUP:=libtool autoreconf
PKG_BUILD_PARALLEL:=1
PKG_USE_MIPS16:=0
PHP7_MODULES = \
+ bcmath \
calendar ctype curl \
fileinfo \
dom \
--with-zlib="$(STAGING_DIR)/usr" \
--with-zlib-dir="$(STAGING_DIR)/usr"
+ifneq ($(SDK)$(CONFIG_PACKAGE_php7-mod-bcmath),)
+ CONFIGURE_ARGS+= --enable-bcmath=shared
+else
+ CONFIGURE_ARGS+= --disable-bcmath
+endif
+
ifneq ($(SDK)$(CONFIG_PACKAGE_php7-mod-calendar),)
CONFIGURE_ARGS+= --enable-calendar=shared
else
$(eval $(call BuildPackage,php7-fpm))
#$(eval $(call BuildModule,NAME,TITLE[,PKG DEPENDS]))
+$(eval $(call BuildModule,bcmath,Bcmath))
$(eval $(call BuildModule,calendar,Calendar))
$(eval $(call BuildModule,ctype,Ctype))
$(eval $(call BuildModule,curl,cURL,+PACKAGE_php7-mod-curl:libcurl))
$(eval $(call BuildModule,ldap,LDAP,+PACKAGE_php7-mod-ldap:libopenldap +PACKAGE_php7-mod-ldap:libsasl2))
$(eval $(call BuildModule,mbstring,MBString))
$(eval $(call BuildModule,mysqli,MySQL Improved Extension,+PACKAGE_php7-mod-mysqli:php7-mod-mysqlnd,30))
-$(eval $(call BuildModule,mysqlnd,MySQL Native Driver))
+$(eval $(call BuildModule,mysqlnd,MySQL Native Driver,+php7-mod-hash))
$(eval $(call BuildModule,opcache,OPcache,,,zend))
-$(eval $(call BuildModule,openssl,OpenSSL,+PACKAGE_php7-mod-openssl:libopenssl))
+$(eval $(call BuildModule,openssl,OpenSSL,+PACKAGE_php7-mod-openssl:libopenssl,15))
$(eval $(call BuildModule,pcntl,PCNTL))
$(eval $(call BuildModule,pdo,PHP Data Objects))
$(eval $(call BuildModule,pdo-mysql,PDO driver for MySQL,+php7-mod-pdo +PACKAGE_php7-mod-pdo-mysql:php7-mod-mysqlnd))
include $(TOPDIR)/rules.mk
PKG_NAME:=python-pyasn1
-PKG_VERSION:=0.4.3
+PKG_VERSION:=0.4.4
PKG_RELEASE:=1
PKG_SOURCE:=pyasn1-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://files.pythonhosted.org/packages/source/p/pyasn1
-PKG_HASH:=fb81622d8f3509f0026b0683fe90fea27be7284d3826a5f2edf97f69151ab0fc
+PKG_HASH:=f58f2a3d12fd754aa123e9fa74fb7345333000a035f3921dbdaa08597aa53137
PKG_LICENSE:=BSD-2-Clause
PKG_LICENSE_FILES:=LICENSE.txt
include $(TOPDIR)/rules.mk
PKG_NAME:=python-urllib3
-PKG_VERSION:=1.22
+PKG_VERSION:=1.23
PKG_RELEASE:=1
PKG_LICENSE:=MIT
PKG_SOURCE:=urllib3-$(PKG_VERSION).tar.gz
PKG_BUILD_DIR:=$(BUILD_DIR)/urllib3-$(PKG_VERSION)/
-PKG_SOURCE_URL:=https://pypi.python.org/packages/ee/11/7c59620aceedcc1ef65e156cc5ce5a24ef87be4107c2b74458464e437a5d/
-PKG_HASH:=cc44da8e1145637334317feebd728bd869a35285b93cbb4cca2577da7e62db4f
+PKG_SOURCE_URL:=https://pypi.io/packages/source/u/urllib3
+PKG_HASH:=a68ac5e15e76e7e5dd2b8f94007233e01effe3e50e8daddf69acfd81cb686baf
include $(INCLUDE_DIR)/package.mk
include ../python-package.mk
PKG_MAINTAINER:=Luiz Angelo Daros de Luca <luizluca@gmail.com>
PKG_LICENSE:=BSD-2-Clause
PKG_LICENSE_FILES:=COPYING
+PKG_CPE_ID:=cpe:/a:ruby-lang:ruby
PKG_BUILD_DEPENDS:=ruby/host
PKG_INSTALL:=1
PKG_SOURCE_URL:=https://github.com/lathiat/avahi/releases/download/v$(PKG_VERSION) \
https://avahi.org/download
PKG_HASH:=57a99b5dfe7fdae794e3d1ee7a62973a368e91e414bd0dfa5d84434de5b14804
+
PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
+PKG_CPE_ID:=cpe:/a:avahi:avahi
PKG_BUILD_DEPENDS:=intltool/host
-
PKG_FIXUP:=autoreconf
PKG_REMOVE_FILES:=autogen.sh
include $(INCLUDE_DIR)/target.mk
PKG_NAME:=boost
-PKG_VERSION:=1.67.0
-PKG_SOURCE_VERSION:=1_67_0
-PKG_RELEASE:=2
+PKG_VERSION:=1.68.0
+PKG_SOURCE_VERSION:=1_68_0
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)_$(PKG_SOURCE_VERSION).tar.bz2
PKG_SOURCE_URL:=@SF/$(PKG_NAME)/$(PKG_NAME)/$(PKG_VERSION) https://dl.bintray.com/boostorg/release/$(PKG_VERSION)/source/
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)_$(PKG_SOURCE_VERSION)
HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/$(PKG_NAME)_$(PKG_SOURCE_VERSION)
-PKG_HASH:=2684c972994ee57fc5632e03bf044746f6eb45d4920c343937a465fd67a5adba
+PKG_HASH:=7f6130bc3cf65f56a618888ce9d5ea704fa10b462be126ad053e80e553d6d8b7
PKG_LICENSE:=Boost Software License <http://www.boost.org/users/license.html>
PKG_MAINTAINER:=Carlos M. Ferreira <carlosmf.pt@gmail.com>
endef
define Package/boost/description
-This package provides the Boost v1.67.0 libraries.
+This package provides the Boost v1.68.0 libraries.
Boost is a set of free, peer-reviewed, portable C++ source libraries.
-----------------------------------------------------------------------------
- chrono
- container
- context
- - contract (new in 1.67.0)
+ - contract
- coroutine (Deprecated - use Coroutine2)
- - coroutine2 (Requires GCC v5 and up)
- date_time
include $(TOPDIR)/rules.mk
PKG_NAME:=confuse
-PKG_VERSION:=3.2.1
+PKG_VERSION:=3.2.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://github.com/martinh/libconfuse/releases/download/v$(PKG_VERSION)
-PKG_HASH:=23c63272baf2ef4e2cbbafad2cf57de7eb81f006ec347c00b954819824add25e
+PKG_HASH:=a9240b653d02e8cfc52db48e8c4224426e528e1faa09b65e8ca08a197fad210b
PKG_MAINTAINER:=
PKG_LICENSE:=ISC
-PKG_FIXUP:=autoreconf
-
include $(INCLUDE_DIR)/package.mk
define Package/confuse
include $(TOPDIR)/rules.mk
PKG_NAME:=expat
-PKG_VERSION:=2.2.5
+PKG_VERSION:=2.2.6
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=@SF/expat
-PKG_HASH:=d9dc32efba7e74f788fcc4f212a43216fc37cf5f23f4c2339664d473353aedf6
+PKG_HASH:=17b43c2716d521369f82fc2dc70f359860e90fa440bea65b3b85f0b246ea81f2
PKG_MAINTAINER:=Steven Barth <cyrus@openwrt.org>, \
Ted Hess <thess@kitschensync.net>
CONFIGURE_ARGS += \
--enable-shared \
- --enable-static
+ --enable-static \
+ --without-docbook
+
+HOST_CONFIGURE_ARGS += \
+ --without-docbook
define Host/Install
$(MAKE) -C $(HOST_BUILD_DIR) install
PKG_NAME:=flac
PKG_VERSION:=1.3.2
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=http://downloads.xiph.org/releases/flac/
+PKG_SOURCE_URL:=https://downloads.xiph.org/releases/flac/
PKG_HASH:=91cfc3ed61dc40f47f050a109b08610667d73477af6ef36dcad31c31a4a8d53f
PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
PKG_LICENSE:=GFDL-1.2 GPL-2 LGPL-2.1 BSD-3-Clause
PKG_LICENSE_FILES:=README COPYING.FDL COPYING.GPL COPYING.LGPL COPYING.Xiph
+PKG_CPE_ID:=cpe:/a:flac_project:flac
PKG_FIXUP:=autoreconf
PKG_REMOVE_FILES:=autogen.sh aclocal.m4
--- /dev/null
+From 4f47b63e9c971e6391590caf00a0f2a5ed612e67 Mon Sep 17 00:00:00 2001
+From: Erik de Castro Lopo <erikd@mega-nerd.com>
+Date: Sat, 8 Apr 2017 18:34:49 +1000
+Subject: [PATCH] stream_decoder.c: Fix a memory leak
+
+Leak reported by Secunia Research.
+---
+ src/libFLAC/stream_decoder.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/libFLAC/stream_decoder.c b/src/libFLAC/stream_decoder.c
+index 14d5fe7f..a5527511 100644
+--- a/src/libFLAC/stream_decoder.c
++++ b/src/libFLAC/stream_decoder.c
+@@ -1759,6 +1759,9 @@ FLAC__bool read_metadata_vorbiscomment_(FLAC__StreamDecoder *decoder, FLAC__Stre
+ }
+ memset (obj->comments[i].entry, 0, obj->comments[i].length) ;
+ if (!FLAC__bitreader_read_byte_block_aligned_no_crc(decoder->private_->input, obj->comments[i].entry, obj->comments[i].length)) {
++ /* Current i-th entry is bad, so we delete it. */
++ free (obj->comments[i].entry) ;
++ obj->comments[i].entry = NULL ;
+ obj->num_comments = i;
+ goto skip;
+ }
+--
+2.17.0
+
PKG_LICENSE:=FTL GPL-2.0 MIT ZLIB
PKG_LICENSE_FILES:=docs/LICENSE.TXT docs/FTL.TXT docs/GPLv2.TXT src/bdf/README src/pcf/README src/gzip/zlib.h
+PKG_CPE_ID:=cpe:/a:freetype:freetype2
PKG_MAINTAINER:=Val Kulkov <val.kulkov@gmail.com>
PKG_FIXUP:=autoreconf
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=COPYING
+PKG_CPE_ID:=cpe:/a:giflib_project:giflib
PKG_FIXUP:=autoreconf
PKG_REMOVE_FILES:=autogen.sh aclocal.m4
#PKG_FIXUP:=autoreconf gettext-version
PKG_MAINTAINER:=Nikos Mavrogiannopoulos <nmav@gnutls.org>
PKG_LICENSE:=LGPLv2.1+
+PKG_CPE_ID:=cpe:/a:gnu:gnutls
PKG_INSTALL:=1
PKG_LIBTOOL_PATHS:=. lib
--- /dev/null
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=hwloc
+PKG_VERSION:=2.0.1
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://download.open-mpi.org/release/$(PKG_NAME)/v2.0/
+PKG_HASH:=f1156df22fc2365a31a3dc5f752c53aad49e34a5e22d75ed231cd97eaa437f9d
+
+PKG_LICENSE:=BSD-3-Clause
+PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org>
+PKG_INSTALL:=1
+
+PKG_FIXUP:=autoreconf
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/hwloc/Default
+ SECTION:=libs
+ CATEGORY:=Libraries
+ TITLE:=Portable Hardware Locality
+ URL:=https://www.open-mpi.org/projects/hwloc/
+endef
+
+define Package/hwloc/Default/description
+ The Portable Hardware Locality (hwloc) software package provides a
+ portable abstraction (across OS, versions, architectures, ...) of the
+ hierarchical topology of modern architectures, including NUMA memory
+ nodes, sockets, shared caches, cores and simultaneous multithreading. It
+ also gathers various system attributes such as cache and memory
+ information as well as the locality of I/O devices such as network
+ interfaces, InfiniBand HCAs or GPUs.
+endef
+
+define Package/hwloc-utils
+$(call Package/hwloc/Default)
+ SECTION:=utils
+ CATEGORY:=Utilities
+ TITLE+= utilities
+ DEPENDS+= +libhwloc
+endef
+
+define Package/hwloc-utils/description
+$(call Package/hwloc/Default/description)
+ This package contains the hwloc utilities.
+endef
+
+define Package/libhwloc
+$(call Package/hwloc/Default)
+ SECTION:=libs
+ CATEGORY:=Libraries
+ TITLE+= libraries
+endef
+
+define Package/libhwloc/description
+$(call Package/hwloc/Default/description)
+ This package contains the hwloc libraries.
+endef
+
+define Build/InstallDev
+ $(INSTALL_DIR) $(STAGING_DIR)/usr/include
+ $(CP) $(PKG_INSTALL_DIR)/usr/include/hwloc.h $(STAGING_DIR)/usr/include/
+ $(INSTALL_DIR) $(STAGING_DIR)/usr/include/hwloc
+ $(CP) $(PKG_INSTALL_DIR)/usr/include/hwloc/*.h $(STAGING_DIR)/usr/include/hwloc/
+ $(INSTALL_DIR) $(STAGING_DIR)/usr/include/hwloc/autogen
+ $(CP) $(PKG_INSTALL_DIR)/usr/include/hwloc/autogen/*.h $(STAGING_DIR)/usr/include/hwloc/autogen/
+ $(INSTALL_DIR) $(STAGING_DIR)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib* $(STAGING_DIR)/usr/lib/
+ $(INSTALL_DIR) $(1)/usr/lib/pkgconfig
+ $(INSTALL_DATA) \
+ $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/*.pc \
+ $(1)/usr/lib/pkgconfig
+endef
+
+define Package/hwloc-utils/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/* $(1)/usr/bin/
+endef
+
+define Package/libhwloc/install
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/*.so* $(1)/usr/lib/
+endef
+
+$(eval $(call BuildPackage,hwloc-utils))
+$(eval $(call BuildPackage,libhwloc))
PKG_NAME:=ldns
PKG_VERSION:=1.7.0
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://www.nlnetlabs.nl/downloads/ldns
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=LICENSE
-PKG_MAINTAINER:=Nicolas Thill <nico@openwrt.org>
+PKG_MAINTAINER:=
PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
--- /dev/null
+From c8391790c96d4c8a2c10f9ab1460fda83b509fc2 Mon Sep 17 00:00:00 2001
+From: Willem Toorop <willem@nlnetlabs.nl>
+Date: Thu, 27 Apr 2017 00:14:58 +0200
+Subject: [PATCH] Check parse limit before t increment
+
+Thanks Stephan Zeisberg
+---
+ parse.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/parse.c b/parse.c
+index e68627c..947dbb8 100644
+--- a/parse.c
++++ b/parse.c
+@@ -118,6 +118,10 @@ ldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *li
+ if (line_nr) {
+ *line_nr = *line_nr + 1;
+ }
++ if (limit > 0 && (i >= limit || (size_t)(t-token) >= limit)) {
++ *t = '\0';
++ return -1;
++ }
+ *t++ = ' ';
+ prev_c = c;
+ continue;
+--
+2.9.5
+
--- /dev/null
+From 3bdeed02505c9bbacb3b64a97ddcb1de967153b7 Mon Sep 17 00:00:00 2001
+From: Willem Toorop <willem@nlnetlabs.nl>
+Date: Thu, 27 Apr 2017 00:25:20 +0200
+Subject: [PATCH] bugfix #1257: Free after reallocing to 0 size
+
+Thanks Stephan Zeisberg
+---
+ str2host.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/str2host.c b/str2host.c
+index b274b17..f2a317b 100644
+--- a/str2host.c
++++ b/str2host.c
+@@ -1525,8 +1525,10 @@ ldns_str2rdf_long_str(ldns_rdf **rd, const char *str)
+ if (! str) {
+ return LDNS_STATUS_SYNTAX_BAD_ESCAPE;
+ }
+- length = (size_t)(dp - data);
+-
++ if (!(length = (size_t)(dp - data))) {
++ LDNS_FREE(data);
++ return LDNS_STATUS_SYNTAX_EMPTY;
++ }
+ /* Lose the overmeasure */
+ data = LDNS_XREALLOC(dp = data, uint8_t, length);
+ if (! data) {
+--
+2.9.5
+
include $(TOPDIR)/rules.mk
PKG_NAME:=libdmapsharing
-PKG_VERSION:=3.9.1
+PKG_VERSION:=3.9.3
PKG_RELEASE:=1
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org>
PKG_SOURCE:=libdmapsharing-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.flyn.org/projects/libdmapsharing/
-PKG_HASH:=7567888f588d0ee0a017385c09c68ceec0383b3e9b47f0df061a4386a69b1610
+PKG_HASH:=a19df4b6fbd669fc95824860c235aa4aed33b69ecc25eb9d9d6dccb4e98c3f18
PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
CATEGORY:=Libraries
DEPENDS:=+libsoup +mdnsresponder +gstreamer1-libs +gstreamer1-plugins-base +gst1-mod-app
TITLE:=libdmapsharing
- URL:=http://www.flyn.org/projects/libdmapsharing/
+ URL:=https://www.flyn.org/projects/libdmapsharing/
endef
define Package/libdmapsharing/decription
TITLE:=Library for interfacing with Linux IIO devices
URL:=https://github.com/analogdevicesinc/libiio
DEPENDS:=\
+ +zlib \
+LIBIIO_USB_BACKEND:libusb-1.0 \
+LIBIIO_NETWORK_BACKEND:libavahi-client \
+LIBIIO_XML_BACKEND:libxml2
#
-# Copyright (C) 2016 OpenWrt.org
-#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
PKG_NAME:=talloc
PKG_VERSION:=2.1.14
MAJOR_VERSION:=2
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.samba.org/ftp/talloc
PKG_HASH:=b185602756a628bac507fa8af8b9df92ace69d27c0add5dab93190ad7c3367ce
-PKG_MAINTAINER:=Lucile Quirion <lucile.quirion@savoirfairelinux.com>
+PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
PKG_LICENSE:=LGPL-3.0+
PKG_BUILD_PARALLEL:=0
SECTION:=libs
CATEGORY:=Libraries
TITLE:=Core memory allocator used in Samba
- DEPENDS:=+USE_GLIBC:libbsd $(ICONV_DEPENDS) +libattr
+ DEPENDS:=$(ICONV_DEPENDS) +libattr
URL:=https://talloc.samba.org/talloc/doc/html/index.html
endef
--- /dev/null
+--- a/lib/replace/wscript
++++ b/lib/replace/wscript
+@@ -340,22 +340,13 @@ def configure(conf):
+
+ conf.CHECK_FUNCS('prctl dirname basename')
+
+- strlcpy_in_bsd = False
++ # Not checking for libbsd
++ conf.CHECK_FUNCS('strlcpy strlcat')
++ conf.CHECK_FUNCS('getpeereid')
++ conf.CHECK_FUNCS_IN('setproctitle', 'setproctitle', headers='setproctitle.h')
++ conf.CHECK_FUNCS('setproctitle_init')
+
+- # libbsd on some platforms provides strlcpy and strlcat
+- if not conf.CHECK_FUNCS('strlcpy strlcat'):
+- if conf.CHECK_FUNCS_IN('strlcpy strlcat', 'bsd', headers='bsd/string.h',
+- checklibc=True):
+- strlcpy_in_bsd = True
+- if not conf.CHECK_FUNCS('getpeereid'):
+- conf.CHECK_FUNCS_IN('getpeereid', 'bsd', headers='sys/types.h bsd/unistd.h')
+- if not conf.CHECK_FUNCS_IN('setproctitle', 'setproctitle', headers='setproctitle.h'):
+- conf.CHECK_FUNCS_IN('setproctitle', 'bsd', headers='sys/types.h bsd/unistd.h')
+- if not conf.CHECK_FUNCS('setproctitle_init'):
+- conf.CHECK_FUNCS_IN('setproctitle_init', 'bsd', headers='sys/types.h bsd/unistd.h')
+-
+- if not conf.CHECK_FUNCS('closefrom'):
+- conf.CHECK_FUNCS_IN('closefrom', 'bsd', headers='bsd/unistd.h')
++ conf.CHECK_FUNCS('closefrom')
+
+ conf.CHECK_CODE('''
+ struct ucred cred;
+@@ -698,9 +689,6 @@ def configure(conf):
+
+ # look for a method of finding the list of network interfaces
+ for method in ['HAVE_IFACE_GETIFADDRS', 'HAVE_IFACE_AIX', 'HAVE_IFACE_IFCONF', 'HAVE_IFACE_IFREQ']:
+- bsd_for_strlcpy = ''
+- if strlcpy_in_bsd:
+- bsd_for_strlcpy = ' bsd'
+ if conf.CHECK_CODE('''
+ #define %s 1
+ #define NO_CONFIG_H 1
+@@ -713,7 +701,7 @@ def configure(conf):
+ #include "test/getifaddrs.c"
+ ''' % method,
+ method,
+- lib='nsl socket' + bsd_for_strlcpy,
++ lib='nsl socket',
+ addmain=False,
+ execute=True):
+ break
+@@ -761,7 +749,6 @@ def build(bld):
+ break
+
+ extra_libs = ''
+- if bld.CONFIG_SET('HAVE_LIBBSD'): extra_libs += ' bsd'
+
+ bld.SAMBA_SUBSYSTEM('LIBREPLACE_HOSTCC',
+ REPLACE_HOSTCC_SOURCE,
include $(TOPDIR)/rules.mk
PKG_NAME:=libtirpc
-PKG_VERSION:=1.0.3
-PKG_RELEASE:=2
+PKG_VERSION:=1.1.4
+PKG_RELEASE:=1
PKG_SOURCE_URL:=@SF/libtirpc
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_HASH:=86c3a78fc1bddefa96111dd233124c703b22a78884203c55c3e06b3be6a0fd5e
+PKG_HASH:=2ca529f02292e10c158562295a1ffd95d2ce8af97820e3534fe1b0e3aec7561d
PKG_MAINTAINER:=Andy Walsh <andy.walsh44+github@gmail.com>
PKG_LICENSE:=BSD-3-Clause
+++ /dev/null
-diff --git a/src/clnt_dg.c b/src/clnt_dg.c
-index 04a2aba..eb5467f 100644
---- a/src/clnt_dg.c
-+++ b/src/clnt_dg.c
-@@ -160,15 +160,22 @@ clnt_dg_create(fd, svcaddr, program, version, sendsz, recvsz)
- thr_sigsetmask(SIG_SETMASK, &newmask, &mask);
- mutex_lock(&clnt_fd_lock);
- if (dg_fd_locks == (int *) NULL) {
-- int cv_allocsz;
-- size_t fd_allocsz;
-- int dtbsize = __rpc_dtbsize();
-+ size_t cv_allocsz, fd_allocsz;
-+ unsigned int dtbsize = __rpc_dtbsize();
-+
-+ if ( (size_t) dtbsize > SIZE_MAX/sizeof(cond_t)) {
-+ mutex_unlock(&clnt_fd_lock);
-+ thr_sigsetmask(SIG_SETMASK, &(mask), NULL);
-+ errno = EOVERFLOW;
-+ goto err1;
-+ }
-
- fd_allocsz = dtbsize * sizeof (int);
- dg_fd_locks = (int *) mem_alloc(fd_allocsz);
- if (dg_fd_locks == (int *) NULL) {
- mutex_unlock(&clnt_fd_lock);
- thr_sigsetmask(SIG_SETMASK, &(mask), NULL);
-+ errno = ENOMEM;
- goto err1;
- } else
- memset(dg_fd_locks, '\0', fd_allocsz);
-@@ -180,6 +187,7 @@ clnt_dg_create(fd, svcaddr, program, version, sendsz, recvsz)
- dg_fd_locks = (int *) NULL;
- mutex_unlock(&clnt_fd_lock);
- thr_sigsetmask(SIG_SETMASK, &(mask), NULL);
-+ errno = ENOMEM;
- goto err1;
- } else {
- int i;
-diff --git a/src/clnt_generic.c b/src/clnt_generic.c
-index e5a314f..3f3dabf 100644
---- a/src/clnt_generic.c
-+++ b/src/clnt_generic.c
-@@ -47,7 +47,6 @@
-
- extern bool_t __rpc_is_local_host(const char *);
- int __rpc_raise_fd(int);
--extern int __binddynport(int fd);
-
- #ifndef NETIDLEN
- #define NETIDLEN 32
-@@ -341,8 +340,7 @@ clnt_tli_create(int fd, const struct netconfig *nconf,
- servtype = nconf->nc_semantics;
- if (!__rpc_fd2sockinfo(fd, &si))
- goto err;
-- if (__binddynport(fd) == -1)
-- goto err;
-+ bindresvport(fd, NULL);
- } else {
- if (!__rpc_fd2sockinfo(fd, &si))
- goto err;
-diff --git a/src/clnt_vc.c b/src/clnt_vc.c
-index 6098c3a..3d775c7 100644
---- a/src/clnt_vc.c
-+++ b/src/clnt_vc.c
-@@ -63,6 +63,7 @@
- #include <string.h>
- #include <unistd.h>
- #include <signal.h>
-+#include <stdint.h>
-
- #include <rpc/rpc.h>
- #include "rpc_com.h"
-@@ -201,14 +202,25 @@ clnt_vc_create(fd, raddr, prog, vers, sendsz, recvsz)
- thr_sigsetmask(SIG_SETMASK, &newmask, &mask);
- mutex_lock(&clnt_fd_lock);
- if (vc_fd_locks == (int *) NULL) {
-- int cv_allocsz, fd_allocsz;
-- int dtbsize = __rpc_dtbsize();
-+ size_t cv_allocsz, fd_allocsz;
-+ unsigned int dtbsize = __rpc_dtbsize();
-+ struct rpc_createerr *ce = &get_rpc_createerr();
-+
-+ if ( (size_t) dtbsize > SIZE_MAX/sizeof(cond_t)) {
-+ mutex_unlock(&clnt_fd_lock);
-+ thr_sigsetmask(SIG_SETMASK, &(mask), NULL);
-+ ce->cf_stat = RPC_SYSTEMERROR;
-+ ce->cf_error.re_errno = EOVERFLOW;
-+ goto err;
-+ }
-
- fd_allocsz = dtbsize * sizeof (int);
- vc_fd_locks = (int *) mem_alloc(fd_allocsz);
- if (vc_fd_locks == (int *) NULL) {
- mutex_unlock(&clnt_fd_lock);
- thr_sigsetmask(SIG_SETMASK, &(mask), NULL);
-+ ce->cf_stat = RPC_SYSTEMERROR;
-+ ce->cf_error.re_errno = ENOMEM;
- goto err;
- } else
- memset(vc_fd_locks, '\0', fd_allocsz);
-@@ -221,6 +233,8 @@ clnt_vc_create(fd, raddr, prog, vers, sendsz, recvsz)
- vc_fd_locks = (int *) NULL;
- mutex_unlock(&clnt_fd_lock);
- thr_sigsetmask(SIG_SETMASK, &(mask), NULL);
-+ ce->cf_stat = RPC_SYSTEMERROR;
-+ ce->cf_error.re_errno = ENOMEM;
- goto err;
- } else {
- int i;
-diff --git a/src/rpc_soc.c b/src/rpc_soc.c
-index af6c482..5a6eeb7 100644
---- a/src/rpc_soc.c
-+++ b/src/rpc_soc.c
-@@ -67,8 +67,6 @@
-
- extern mutex_t rpcsoc_lock;
-
--extern int __binddynport(int fd);
--
- static CLIENT *clnt_com_create(struct sockaddr_in *, rpcprog_t, rpcvers_t,
- int *, u_int, u_int, char *, int);
- static SVCXPRT *svc_com_create(int, u_int, u_int, char *);
-@@ -147,8 +145,7 @@ clnt_com_create(raddr, prog, vers, sockp, sendsz, recvsz, tp, flags)
- bindaddr.maxlen = bindaddr.len = sizeof (struct sockaddr_in);
- bindaddr.buf = raddr;
-
-- if (__binddynport(fd) == -1)
-- goto err;
-+ bindresvport(fd, NULL);
- cl = clnt_tli_create(fd, nconf, &bindaddr, prog, vers,
- sendsz, recvsz);
- if (cl) {
-diff --git a/src/rpcb_clnt.c b/src/rpcb_clnt.c
-index a94fc73..e45736a 100644
---- a/src/rpcb_clnt.c
-+++ b/src/rpcb_clnt.c
-@@ -752,7 +752,7 @@ __try_protocol_version_2(program, version, nconf, host, tp)
-
- client = getpmaphandle(nconf, host, &parms.r_addr);
- if (client == NULL)
-- return (NULL);
-+ goto error;
-
- /*
- * Set retry timeout.
-@@ -771,11 +771,11 @@ __try_protocol_version_2(program, version, nconf, host, tp)
- if (clnt_st != RPC_SUCCESS) {
- rpc_createerr.cf_stat = RPC_PMAPFAILURE;
- clnt_geterr(client, &rpc_createerr.cf_error);
-- return (NULL);
-+ goto error;
- } else if (port == 0) {
- pmapaddress = NULL;
- rpc_createerr.cf_stat = RPC_PROGNOTREGISTERED;
-- return (NULL);
-+ goto error;
- }
- port = htons(port);
- CLNT_CONTROL(client, CLGET_SVC_ADDR, (char *)&remote);
-@@ -789,14 +789,24 @@ __try_protocol_version_2(program, version, nconf, host, tp)
- free(pmapaddress);
- pmapaddress = NULL;
- }
-- return (NULL);
-+ goto error;
- }
- memcpy(pmapaddress->buf, remote.buf, remote.len);
- memcpy(&((char *)pmapaddress->buf)[sizeof (short)],
- (char *)(void *)&port, sizeof (short));
- pmapaddress->len = pmapaddress->maxlen = remote.len;
-
-+ CLNT_DESTROY(client);
- return pmapaddress;
-+
-+error:
-+ if (client) {
-+ CLNT_DESTROY(client);
-+ client = NULL;
-+
-+ }
-+ return (NULL);
-+
- }
- #endif
-
-@@ -836,6 +846,7 @@ __rpcb_findaddr_timed(program, version, nconf, host, clpp, tp)
- struct netbuf *address = NULL;
- rpcvers_t start_vers = RPCBVERS4;
- struct netbuf servaddr;
-+ struct rpc_err rpcerr;
-
- /* parameter checking */
- if (nconf == NULL) {
-@@ -892,7 +903,8 @@ __rpcb_findaddr_timed(program, version, nconf, host, clpp, tp)
- clnt_st = CLNT_CALL(client, (rpcproc_t)RPCBPROC_GETADDR,
- (xdrproc_t) xdr_rpcb, (char *)(void *)&parms,
- (xdrproc_t) xdr_wrapstring, (char *)(void *) &ua, *tp);
-- if (clnt_st == RPC_SUCCESS) {
-+ switch (clnt_st) {
-+ case RPC_SUCCESS:
- if ((ua == NULL) || (ua[0] == 0)) {
- /* address unknown */
- rpc_createerr.cf_stat = RPC_PROGNOTREGISTERED;
-@@ -914,12 +926,15 @@ __rpcb_findaddr_timed(program, version, nconf, host, clpp, tp)
- (char *)(void *)&servaddr);
- __rpc_fixup_addr(address, &servaddr);
- goto done;
-- } else if (clnt_st == RPC_PROGVERSMISMATCH) {
-- struct rpc_err rpcerr;
-+ case RPC_PROGVERSMISMATCH:
- clnt_geterr(client, &rpcerr);
- if (rpcerr.re_vers.low > RPCBVERS4)
- goto error; /* a new version, can't handle */
-- } else if (clnt_st != RPC_PROGUNAVAIL) {
-+ /* Try the next lower version */
-+ case RPC_PROGUNAVAIL:
-+ case RPC_CANTDECODEARGS:
-+ break;
-+ default:
- /* Cant handle this error */
- rpc_createerr.cf_stat = clnt_st;
- clnt_geterr(client, &rpc_createerr.cf_error);
-@@ -929,7 +944,7 @@ __rpcb_findaddr_timed(program, version, nconf, host, clpp, tp)
-
- #ifdef PORTMAP /* Try version 2 for TCP or UDP */
- if (strcmp(nconf->nc_protofmly, NC_INET) == 0) {
-- address = __try_protocol_version_2(program, 2, nconf, host, tp);
-+ address = __try_protocol_version_2(program, version, nconf, host, tp);
- if (address == NULL)
- goto error;
- }
-diff --git a/src/xdr_stdio.c b/src/xdr_stdio.c
-index 4410262..846c7bf 100644
---- a/src/xdr_stdio.c
-+++ b/src/xdr_stdio.c
-@@ -38,6 +38,7 @@
- */
-
- #include <stdio.h>
-+#include <stdint.h>
-
- #include <arpa/inet.h>
- #include <rpc/types.h>
-@@ -103,10 +104,12 @@ xdrstdio_getlong(xdrs, lp)
- XDR *xdrs;
- long *lp;
- {
-+ int32_t mycopy;
-
-- if (fread(lp, sizeof(int32_t), 1, (FILE *)xdrs->x_private) != 1)
-+ if (fread(&mycopy, sizeof(int32_t), 1, (FILE *)xdrs->x_private) != 1)
- return (FALSE);
-- *lp = (long)ntohl((u_int32_t)*lp);
-+
-+ *lp = (long)ntohl(mycopy);
- return (TRUE);
- }
-
-@@ -115,8 +118,14 @@ xdrstdio_putlong(xdrs, lp)
- XDR *xdrs;
- const long *lp;
- {
-- long mycopy = (long)htonl((u_int32_t)*lp);
-+ int32_t mycopy;
-+
-+#if defined(_LP64)
-+ if ((*lp > UINT32_MAX) || (*lp < INT32_MIN))
-+ return (FALSE);
-+#endif
-
-+ mycopy = (int32_t)htonl((int32_t)*lp);
- if (fwrite(&mycopy, sizeof(int32_t), 1, (FILE *)xdrs->x_private) != 1)
- return (FALSE);
- return (TRUE);
-#
-# Copyright (C) 2006-2014 OpenWrt.org
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
include $(TOPDIR)/rules.mk
PKG_NAME:=libupnp
-PKG_VERSION:=1.6.19
-PKG_RELEASE:=2
+PKG_VERSION:=1.6.25
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=@SF/pupnp
-PKG_HASH:=b3142b39601243b50532eec90f4a27dba85eb86f58d4b849ac94edeb29d9b22a
+PKG_HASH:=c5a300b86775435c076d58a79cc0d5a977d76027d2a7d721590729b7f369fa43
PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
PKG_FIXUP:=autoreconf
+PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
include $(TOPDIR)/rules.mk
PKG_NAME:=libuwsc
-PKG_VERSION:=2.0.4
+PKG_VERSION:=2.0.5
PKG_RELEASE:=1
-PKG_SOURCE_PROTO:=git
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_VERSION:=v$(PKG_VERSION)
-PKG_SOURCE_URL=https://github.com/zhaojh329/libuwsc.git
-PKG_MIRROR_HASH:=91c5964088d6df591e10c40deffef0be47f5c06896fcf27a7afe83c8e49b1a74
+PKG_SOURCE_URL=https://codeload.github.com/zhaojh329/libuwsc/tar.gz/v$(PKG_VERSION)?
+PKG_HASH:=8d66fe9299ea82f74c892f02ea8041482a754e2cab2e87a43c420b3904160261
CMAKE_INSTALL:=1
PKG_BUILD_DIR=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_SOURCE_SUBDIR)
#
-# Copyright (C) 2009-2015 OpenWrt.org
-# Copyright (C) 2009 David Cooper <dave@kupesoft.com>
-#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=v4l-utils
-PKG_VERSION:=1.10.0
+PKG_VERSION:=1.14.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_SOURCE_URL:=http://www.linuxtv.org/downloads/v4l-utils
-PKG_HASH:=78ead27ee58a701d7c6342303cf4520bdd4a2b88a7813bc99a0b389307e4336b
+PKG_SOURCE_URL:=https://www.linuxtv.org/downloads/v4l-utils
+PKG_HASH:=e6b962c4b1253cf852c31da13fd6b5bb7cbe5aa9e182881aec55123bae680692
PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
$(INSTALL_DIR) $(1)/usr/include
$(CP) $(PKG_INSTALL_DIR)/usr/include/*.h $(1)/usr/include/
$(INSTALL_DIR) $(1)/usr/lib
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/libv4l{1,2,convert}.{a,so*} $(1)/usr/lib/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libv4l{1,2,convert,2rds}.{a,so*} $(1)/usr/lib/
$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libv4l{1,2,convert}.pc $(1)/usr/lib/pkgconfig/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libv4l{1,2,convert,2rds}.pc $(1)/usr/lib/pkgconfig/
endef
define Package/libv4l/install
$(INSTALL_DIR) $(1)/usr/lib
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/libv4l{1,2,convert}.so.* $(1)/usr/lib/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libv4l{1,2,convert,2rds}.so.* $(1)/usr/lib/
$(INSTALL_DIR) $(1)/usr/lib/libv4l
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libv4l/v4l{1compat,2convert}.so $(1)/usr/lib/libv4l/
endef
$(CP) $(PKG_INSTALL_DIR)/etc/rc_maps.cfg $(1)/etc/
$(CP) $(PKG_INSTALL_DIR)/etc/rc_keymaps $(1)/etc/
$(INSTALL_DIR) $(1)/usr/bin
- $(CP) $(PKG_INSTALL_DIR)/usr/bin/{cx18,ivtv}-ctl $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/{rds,media,cx18,ivtv}-ctl $(1)/usr/bin/
$(CP) $(PKG_INSTALL_DIR)/usr/bin/decode_tm6000 $(1)/usr/bin/
- $(CP) $(PKG_INSTALL_DIR)/usr/bin/ir-keytable $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/ir-{ctl,keytable} $(1)/usr/bin/
$(CP) $(PKG_INSTALL_DIR)/usr/bin/v4l2-{compliance,ctl,sysfs-path} $(1)/usr/bin/
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/cec-{compliance,ctl,follower} $(1)/usr/bin/
endef
$(eval $(call BuildPackage,libv4l))
+--- a/utils/v4l2-ctl/v4l2-ctl.cpp
++++ b/utils/v4l2-ctl/v4l2-ctl.cpp
+@@ -46,6 +46,7 @@
+ #include <vector>
+ #include <map>
+ #include <algorithm>
++#include <string_iostream>
+ #include <fstream>
+
+ char options[OptLast];
--- a/utils/rds-ctl/rds-ctl.cpp
+++ b/utils/rds-ctl/rds-ctl.cpp
@@ -29,6 +29,7 @@
#include <libv4l2.h>
--- a/utils/v4l2-ctl/v4l2-ctl-streaming.cpp
+++ b/utils/v4l2-ctl/v4l2-ctl-streaming.cpp
-@@ -14,6 +14,7 @@
+@@ -17,6 +17,7 @@
#include <sys/mman.h>
#include <dirent.h>
#include <math.h>
+#include <time.h>
#include "v4l2-ctl.h"
+ #include "v4l-stream.h"
+--- a/utils/cec-ctl/cec-ctl.cpp
++++ b/utils/cec-ctl/cec-ctl.cpp
+@@ -30,6 +30,7 @@
+ #include <errno.h>
+ #include <sys/ioctl.h>
+ #include <stdarg.h>
++#include <time.h>
+ #include <cerrno>
+ #include <string>
+ #include <vector>
+--- a/utils/cec-compliance/cec-compliance.h
++++ b/utils/cec-compliance/cec-compliance.h
+@@ -21,6 +21,7 @@
+ #define _CEC_COMPLIANCE_H_
+ #include <stdarg.h>
++#include <time.h>
+ #include <cerrno>
+ #include <string>
+ #include <linux/cec-funcs.h>
+--- a/utils/cec-follower/cec-follower.h
++++ b/utils/cec-follower/cec-follower.h
+@@ -37,6 +37,7 @@
+ #define _CEC_FOLLOWER_H_
+
+ #include <stdarg.h>
++#include <time.h>
+ #include <cerrno>
+ #include <string>
+ #include <linux/cec-funcs.h>
+++ /dev/null
---- a/utils/v4l2-ctl/v4l2-ctl-common.cpp
-+++ b/utils/v4l2-ctl/v4l2-ctl-common.cpp
-@@ -671,15 +671,18 @@ static bool parse_subset(char *optarg)
-
- static bool parse_next_subopt(char **subs, char **value)
- {
-- static char *const subopts[] = {
-- NULL
-- };
-- int opt = getsubopt(subs, subopts, value);
-+ char *stmp = *subs;
-+ *value = NULL;
-
-- if (opt < 0 || *value)
-+ if (*subs) {
-+ *subs = strchr(stmp, ',');
-+ if (*subs)
-+ *(*subs)++ = 0;
-+ else *subs = stmp + strlen(stmp);
-+
-+ *value = stmp;
- return false;
-- fprintf(stderr, "No value given to suboption <%s>\n",
-- subopts[opt]);
-+ }
- return true;
- }
-
PKG_SOURCE_PROTO:=git
PKG_SOURCE_VERSION:=$(PKG_REV)
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_CPE_ID:=cpe:/a:john_koleszar:libvpx
PKG_MAINTAINER:=Luiz Angelo Daros de Luca <luizluca@gmail.com>
PKG_NAME:=libxml2
PKG_VERSION:=2.9.8
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://xmlsoft.org/sources/
--- /dev/null
+From a436374994c47b12d5de1b8b1d191a098fa23594 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Mon, 30 Jul 2018 12:54:38 +0200
+Subject: [PATCH 12/13] Fix nullptr deref with XPath logic ops
+
+If the XPath stack is corrupted, for example by a misbehaving extension
+function, the "and" and "or" XPath operators could dereference NULL
+pointers. Check that the XPath stack isn't empty and optimize the
+logic operators slightly.
+
+Closes: https://gitlab.gnome.org/GNOME/libxml2/issues/5
+
+Also see
+https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817
+https://bugzilla.redhat.com/show_bug.cgi?id=1595985
+
+This is CVE-2018-14404.
+
+Thanks to Guy Inbar for the report.
+---
+ xpath.c | 10 ++++------
+ 1 file changed, 4 insertions(+), 6 deletions(-)
+
+diff --git a/xpath.c b/xpath.c
+index 3fae0bf4..5e3bb9ff 100644
+--- a/xpath.c
++++ b/xpath.c
+@@ -13297,9 +13297,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
+ return(0);
+ }
+ xmlXPathBooleanFunction(ctxt, 1);
+- arg1 = valuePop(ctxt);
+- arg1->boolval &= arg2->boolval;
+- valuePush(ctxt, arg1);
++ if (ctxt->value != NULL)
++ ctxt->value->boolval &= arg2->boolval;
+ xmlXPathReleaseObject(ctxt->context, arg2);
+ return (total);
+ case XPATH_OP_OR:
+@@ -13323,9 +13322,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
+ return(0);
+ }
+ xmlXPathBooleanFunction(ctxt, 1);
+- arg1 = valuePop(ctxt);
+- arg1->boolval |= arg2->boolval;
+- valuePush(ctxt, arg1);
++ if (ctxt->value != NULL)
++ ctxt->value->boolval |= arg2->boolval;
+ xmlXPathReleaseObject(ctxt->context, arg2);
+ return (total);
+ case XPATH_OP_EQUAL:
+--
+2.18.0
+
+++ /dev/null
-From 2240fbf5912054af025fb6e01e26375100275e74 Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Mon, 30 Jul 2018 13:14:11 +0200
-Subject: [PATCH 13/13] Fix infinite loop in LZMA decompression
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Check the liblzma error code more thoroughly to avoid infinite loops.
-
-Closes: https://gitlab.gnome.org/GNOME/libxml2/issues/13
-Closes: https://bugzilla.gnome.org/show_bug.cgi?id=794914
-
-This is CVE-2018-9251 and CVE-2018-14567.
-
-Thanks to Dongliang Mu and Simon Wörner for the reports.
----
- xzlib.c | 9 +++++++++
- 1 file changed, 9 insertions(+)
-
-diff --git a/xzlib.c b/xzlib.c
-index a839169e..0ba88cfa 100644
---- a/xzlib.c
-+++ b/xzlib.c
-@@ -562,6 +562,10 @@ xz_decomp(xz_statep state)
- "internal error: inflate stream corrupt");
- return -1;
- }
-+ /*
-+ * FIXME: Remapping a couple of error codes and falling through
-+ * to the LZMA error handling looks fragile.
-+ */
- if (ret == Z_MEM_ERROR)
- ret = LZMA_MEM_ERROR;
- if (ret == Z_DATA_ERROR)
-@@ -587,6 +591,11 @@ xz_decomp(xz_statep state)
- xz_error(state, LZMA_PROG_ERROR, "compression error");
- return -1;
- }
-+ if ((state->how != GZIP) &&
-+ (ret != LZMA_OK) && (ret != LZMA_STREAM_END)) {
-+ xz_error(state, ret, "lzma error");
-+ return -1;
-+ }
- } while (strm->avail_out && ret != LZMA_STREAM_END);
-
- /* update available output and crc check value */
---
-2.18.0
-
--- /dev/null
+From 2240fbf5912054af025fb6e01e26375100275e74 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Mon, 30 Jul 2018 13:14:11 +0200
+Subject: [PATCH 13/13] Fix infinite loop in LZMA decompression
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Check the liblzma error code more thoroughly to avoid infinite loops.
+
+Closes: https://gitlab.gnome.org/GNOME/libxml2/issues/13
+Closes: https://bugzilla.gnome.org/show_bug.cgi?id=794914
+
+This is CVE-2018-9251 and CVE-2018-14567.
+
+Thanks to Dongliang Mu and Simon Wörner for the reports.
+---
+ xzlib.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/xzlib.c b/xzlib.c
+index a839169e..0ba88cfa 100644
+--- a/xzlib.c
++++ b/xzlib.c
+@@ -562,6 +562,10 @@ xz_decomp(xz_statep state)
+ "internal error: inflate stream corrupt");
+ return -1;
+ }
++ /*
++ * FIXME: Remapping a couple of error codes and falling through
++ * to the LZMA error handling looks fragile.
++ */
+ if (ret == Z_MEM_ERROR)
+ ret = LZMA_MEM_ERROR;
+ if (ret == Z_DATA_ERROR)
+@@ -587,6 +591,11 @@ xz_decomp(xz_statep state)
+ xz_error(state, LZMA_PROG_ERROR, "compression error");
+ return -1;
+ }
++ if ((state->how != GZIP) &&
++ (ret != LZMA_OK) && (ret != LZMA_STREAM_END)) {
++ xz_error(state, ret, "lzma error");
++ return -1;
++ }
+ } while (strm->avail_out && ret != LZMA_STREAM_END);
+
+ /* update available output and crc check value */
+--
+2.18.0
+
include $(TOPDIR)/rules.mk
PKG_NAME:=libprotobuf-c
-PKG_VERSION:=v1.3.0
+PKG_VERSION:=1.3.1
PKG_RELEASE:=1
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_MIRROR_HASH:=596b8cfa47d66cf4278229b780125e199bc0df08defe849654b1ffb5e52b0c03
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_URL:=git://github.com/protobuf-c/protobuf-c.git
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=$(PKG_VERSION)
+PKG_SOURCE:=protobuf-c-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://github.com/protobuf-c/protobuf-c/releases/download/v$(PKG_VERSION)
+PKG_HASH:=51472d3a191d6d7b425e32b612e477c06f73fe23e07f6a6a839b11808e9d2267
+PKG_BUILD_DIR:=$(BUILD_DIR)/protobuf-c-$(PKG_VERSION)
+HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/protobuf-c-$(PKG_VERSION)
+
+PKG_MAINTAINER:=Rosen Penev <rosenp@gmail.com>
+PKG_LICENSE:=BSD-2c
PKG_BUILD_DEPENDS:=protobuf-c/host
HOST_BUILD_DEPENDS:=protobuf/host
PKG_INSTALL:=1
-PKG_FIXUP:=autoreconf
-
-PKG_LICENSE:=BSD-2c
-
-PKG_MAINTAINER:=Jacob Siverskog <jacob@teenageengineering.com>
+PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/host-build.mk
TITLE:=Protocol Buffers library
SECTION:=libs
CATEGORY:=Libraries
- URL:=http://code.google.com/p/protobuf-c/
+ URL:=https://github.com/protobuf-c/protobuf-c
endef
define Package/libprotobuf-c/description
PKG_NAME:=tdb
PKG_VERSION:=1.3.16
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_LICENSE:=GPL-2.0
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
--- /dev/null
+diff --git a/lib/replace/wscript b/lib/replace/wscript
+index fd00a42..337d559 100644
+--- a/lib/replace/wscript
++++ b/lib/replace/wscript
+@@ -340,22 +340,13 @@ def configure(conf):
+
+ conf.CHECK_FUNCS('prctl dirname basename')
+
+- strlcpy_in_bsd = False
+-
+- # libbsd on some platforms provides strlcpy and strlcat
+- if not conf.CHECK_FUNCS('strlcpy strlcat'):
+- if conf.CHECK_FUNCS_IN('strlcpy strlcat', 'bsd', headers='bsd/string.h',
+- checklibc=True):
+- strlcpy_in_bsd = True
+- if not conf.CHECK_FUNCS('getpeereid'):
+- conf.CHECK_FUNCS_IN('getpeereid', 'bsd', headers='sys/types.h bsd/unistd.h')
+- if not conf.CHECK_FUNCS_IN('setproctitle', 'setproctitle', headers='setproctitle.h'):
+- conf.CHECK_FUNCS_IN('setproctitle', 'bsd', headers='sys/types.h bsd/unistd.h')
+- if not conf.CHECK_FUNCS('setproctitle_init'):
+- conf.CHECK_FUNCS_IN('setproctitle_init', 'bsd', headers='sys/types.h bsd/unistd.h')
+-
+- if not conf.CHECK_FUNCS('closefrom'):
+- conf.CHECK_FUNCS_IN('closefrom', 'bsd', headers='bsd/unistd.h')
++ # Not checking for libbsd
++ conf.CHECK_FUNCS('strlcpy strlcat')
++ conf.CHECK_FUNCS('getpeereid')
++ conf.CHECK_FUNCS_IN('setproctitle', 'setproctitle', headers='setproctitle.h')
++ conf.CHECK_FUNCS('setproctitle_init')
++
++ conf.CHECK_FUNCS('closefrom')
+
+ conf.CHECK_CODE('''
+ struct ucred cred;
+@@ -698,9 +689,6 @@ def configure(conf):
+
+ # look for a method of finding the list of network interfaces
+ for method in ['HAVE_IFACE_GETIFADDRS', 'HAVE_IFACE_AIX', 'HAVE_IFACE_IFCONF', 'HAVE_IFACE_IFREQ']:
+- bsd_for_strlcpy = ''
+- if strlcpy_in_bsd:
+- bsd_for_strlcpy = ' bsd'
+ if conf.CHECK_CODE('''
+ #define %s 1
+ #define NO_CONFIG_H 1
+@@ -713,7 +701,7 @@ def configure(conf):
+ #include "test/getifaddrs.c"
+ ''' % method,
+ method,
+- lib='nsl socket' + bsd_for_strlcpy,
++ lib='nsl socket',
+ addmain=False,
+ execute=True):
+ break
+@@ -761,7 +749,6 @@ def build(bld):
+ break
+
+ extra_libs = ''
+- if bld.CONFIG_SET('HAVE_LIBBSD'): extra_libs += ' bsd'
+
+ bld.SAMBA_SUBSYSTEM('LIBREPLACE_HOSTCC',
+ REPLACE_HOSTCC_SOURCE,
PKG_NAME:=tiff
PKG_VERSION:=4.0.9
-PKG_RELEASE:=3
+PKG_RELEASE:=4
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://download.osgeo.org/libtiff
PKG_LICENSE:=BSD
PKG_LICENSE_FILES:=COPYRIGHT
+PKG_CPE_ID:=cpe:/a:libtiff:libtiff
+PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
PKG_CONFIG_DEPENDS:=CONFIG_PACKAGE_libtiffxx
+++ /dev/null
-From c6f41df7b581402dfba3c19a1e3df4454c551a01 Mon Sep 17 00:00:00 2001
-From: Even Rouault <even.rouault@spatialys.com>
-Date: Sun, 31 Dec 2017 15:09:41 +0100
-Subject: [PATCH] libtiff/tif_print.c: TIFFPrintDirectory(): fix null pointer dereference on corrupted file. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2770
-
----
- libtiff/tif_print.c | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
---- a/libtiff/tif_print.c
-+++ b/libtiff/tif_print.c
-@@ -667,13 +667,13 @@ TIFFPrintDirectory(TIFF* tif, FILE* fd,
- #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__))
- fprintf(fd, " %3lu: [%8I64u, %8I64u]\n",
- (unsigned long) s,
-- (unsigned __int64) td->td_stripoffset[s],
-- (unsigned __int64) td->td_stripbytecount[s]);
-+ td->td_stripoffset ? (unsigned __int64) td->td_stripoffset[s] : 0,
-+ td->td_stripbytecount ? (unsigned __int64) td->td_stripbytecount[s] : 0);
- #else
- fprintf(fd, " %3lu: [%8llu, %8llu]\n",
- (unsigned long) s,
-- (unsigned long long) td->td_stripoffset[s],
-- (unsigned long long) td->td_stripbytecount[s]);
-+ td->td_stripoffset ? (unsigned long long) td->td_stripoffset[s] : 0,
-+ td->td_stripbytecount ? (unsigned long long) td->td_stripbytecount[s] : 0);
- #endif
- }
- }
+++ /dev/null
---- a/libtiff/tif_dir.c
-+++ b/libtiff/tif_dir.c
-@@ -1067,6 +1067,9 @@ _TIFFVGetField(TIFF* tif, uint32 tag, va
- if (td->td_samplesperpixel - td->td_extrasamples > 1) {
- *va_arg(ap, uint16**) = td->td_transferfunction[1];
- *va_arg(ap, uint16**) = td->td_transferfunction[2];
-+ } else {
-+ *va_arg(ap, uint16**) = NULL;
-+ *va_arg(ap, uint16**) = NULL;
- }
- break;
- case TIFFTAG_REFERENCEBLACKWHITE:
---- a/tools/tiff2pdf.c
-+++ b/tools/tiff2pdf.c
-@@ -237,7 +237,7 @@ typedef struct {
- float tiff_whitechromaticities[2];
- float tiff_primarychromaticities[6];
- float tiff_referenceblackwhite[2];
-- float* tiff_transferfunction[3];
-+ uint16* tiff_transferfunction[3];
- int pdf_image_interpolate; /* 0 (default) : do not interpolate,
- 1 : interpolate */
- uint16 tiff_transferfunctioncount;
-@@ -1047,6 +1047,8 @@ void t2p_read_tiff_init(T2P* t2p, TIFF*
- uint16 pagen=0;
- uint16 paged=0;
- uint16 xuint16=0;
-+ uint16 tiff_transferfunctioncount=0;
-+ uint16* tiff_transferfunction[3];
-
- directorycount=TIFFNumberOfDirectories(input);
- t2p->tiff_pages = (T2P_PAGE*) _TIFFmalloc(TIFFSafeMultiply(tmsize_t,directorycount,sizeof(T2P_PAGE)));
-@@ -1147,26 +1149,48 @@ void t2p_read_tiff_init(T2P* t2p, TIFF*
- }
- #endif
- if (TIFFGetField(input, TIFFTAG_TRANSFERFUNCTION,
-- &(t2p->tiff_transferfunction[0]),
-- &(t2p->tiff_transferfunction[1]),
-- &(t2p->tiff_transferfunction[2]))) {
-- if((t2p->tiff_transferfunction[1] != (float*) NULL) &&
-- (t2p->tiff_transferfunction[2] != (float*) NULL) &&
-- (t2p->tiff_transferfunction[1] !=
-- t2p->tiff_transferfunction[0])) {
-- t2p->tiff_transferfunctioncount = 3;
-- t2p->tiff_pages[i].page_extra += 4;
-- t2p->pdf_xrefcount += 4;
-- } else {
-- t2p->tiff_transferfunctioncount = 1;
-- t2p->tiff_pages[i].page_extra += 2;
-- t2p->pdf_xrefcount += 2;
-- }
-- if(t2p->pdf_minorversion < 2)
-- t2p->pdf_minorversion = 2;
-+ &(tiff_transferfunction[0]),
-+ &(tiff_transferfunction[1]),
-+ &(tiff_transferfunction[2]))) {
-+
-+ if((tiff_transferfunction[1] != (uint16*) NULL) &&
-+ (tiff_transferfunction[2] != (uint16*) NULL)
-+ ) {
-+ tiff_transferfunctioncount=3;
-+ } else {
-+ tiff_transferfunctioncount=1;
-+ }
- } else {
-- t2p->tiff_transferfunctioncount=0;
-+ tiff_transferfunctioncount=0;
- }
-+
-+ if (i > 0){
-+ if (tiff_transferfunctioncount != t2p->tiff_transferfunctioncount){
-+ TIFFError(
-+ TIFF2PDF_MODULE,
-+ "Different transfer function on page %d",
-+ i);
-+ t2p->t2p_error = T2P_ERR_ERROR;
-+ return;
-+ }
-+ }
-+
-+ t2p->tiff_transferfunctioncount = tiff_transferfunctioncount;
-+ t2p->tiff_transferfunction[0] = tiff_transferfunction[0];
-+ t2p->tiff_transferfunction[1] = tiff_transferfunction[1];
-+ t2p->tiff_transferfunction[2] = tiff_transferfunction[2];
-+ if(tiff_transferfunctioncount == 3){
-+ t2p->tiff_pages[i].page_extra += 4;
-+ t2p->pdf_xrefcount += 4;
-+ if(t2p->pdf_minorversion < 2)
-+ t2p->pdf_minorversion = 2;
-+ } else if (tiff_transferfunctioncount == 1){
-+ t2p->tiff_pages[i].page_extra += 2;
-+ t2p->pdf_xrefcount += 2;
-+ if(t2p->pdf_minorversion < 2)
-+ t2p->pdf_minorversion = 2;
-+ }
-+
- if( TIFFGetField(
- input,
- TIFFTAG_ICCPROFILE,
-@@ -1827,10 +1851,9 @@ void t2p_read_tiff_data(T2P* t2p, TIFF*
- &(t2p->tiff_transferfunction[0]),
- &(t2p->tiff_transferfunction[1]),
- &(t2p->tiff_transferfunction[2]))) {
-- if((t2p->tiff_transferfunction[1] != (float*) NULL) &&
-- (t2p->tiff_transferfunction[2] != (float*) NULL) &&
-- (t2p->tiff_transferfunction[1] !=
-- t2p->tiff_transferfunction[0])) {
-+ if((t2p->tiff_transferfunction[1] != (uint16*) NULL) &&
-+ (t2p->tiff_transferfunction[2] != (uint16*) NULL)
-+ ) {
- t2p->tiff_transferfunctioncount=3;
- } else {
- t2p->tiff_transferfunctioncount=1;
--- /dev/null
+From 49723b0eb683cca80142b01a48ba1475fed5188a Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Nikola=20Forr=C3=B3?= <nforro@redhat.com>
+Date: Fri, 23 Mar 2018 15:35:39 +0100
+Subject: [PATCH] Fix for bug 2772
+
+It is possible to craft a TIFF document where the IFD list is circular,
+leading to an infinite loop while traversing the chain. The libtiff
+directory reader has a failsafe that will break out of this loop after
+reading 65535 directory entries, but it will continue processing,
+consuming time and resources to process what is essentially a bogus TIFF
+document.
+
+This change fixes the above behavior by breaking out of processing when
+a TIFF document has >= 65535 directories and terminating with an error.
+---
+ contrib/addtiffo/tif_overview.c | 14 +++++++++++++-
+ tools/tiff2pdf.c | 10 ++++++++++
+ tools/tiffcrop.c | 13 +++++++++++--
+ 3 files changed, 34 insertions(+), 3 deletions(-)
+
+diff --git a/contrib/addtiffo/tif_overview.c b/contrib/addtiffo/tif_overview.c
+index c61ffbb..03b3573 100644
+--- a/contrib/addtiffo/tif_overview.c
++++ b/contrib/addtiffo/tif_overview.c
+@@ -65,6 +65,8 @@
+ # define MAX(a,b) ((a>b) ? a : b)
+ #endif
+
++#define TIFF_DIR_MAX 65534
++
+ void TIFFBuildOverviews( TIFF *, int, int *, int, const char *,
+ int (*)(double,void*), void * );
+
+@@ -91,6 +93,7 @@ uint32 TIFF_WriteOverview( TIFF *hTIFF, uint32 nXSize, uint32 nYSize,
+ {
+ toff_t nBaseDirOffset;
+ toff_t nOffset;
++ tdir_t iNumDir;
+
+ (void) bUseSubIFDs;
+
+@@ -147,7 +150,16 @@ uint32 TIFF_WriteOverview( TIFF *hTIFF, uint32 nXSize, uint32 nYSize,
+ return 0;
+
+ TIFFWriteDirectory( hTIFF );
+- TIFFSetDirectory( hTIFF, (tdir_t) (TIFFNumberOfDirectories(hTIFF)-1) );
++ iNumDir = TIFFNumberOfDirectories(hTIFF);
++ if( iNumDir > TIFF_DIR_MAX )
++ {
++ TIFFErrorExt( TIFFClientdata(hTIFF),
++ "TIFF_WriteOverview",
++ "File `%s' has too many directories.\n",
++ TIFFFileName(hTIFF) );
++ exit(-1);
++ }
++ TIFFSetDirectory( hTIFF, (tdir_t) (iNumDir - 1) );
+
+ nOffset = TIFFCurrentDirOffset( hTIFF );
+
+diff --git a/tools/tiff2pdf.c b/tools/tiff2pdf.c
+index 454befb..bdb9126 100644
+--- a/tools/tiff2pdf.c
++++ b/tools/tiff2pdf.c
+@@ -68,6 +68,8 @@ extern int getopt(int, char**, char*);
+
+ #define PS_UNIT_SIZE 72.0F
+
++#define TIFF_DIR_MAX 65534
++
+ /* This type is of PDF color spaces. */
+ typedef enum {
+ T2P_CS_BILEVEL = 0x01, /* Bilevel, black and white */
+@@ -1049,6 +1051,14 @@ void t2p_read_tiff_init(T2P* t2p, TIFF* input){
+ uint16 xuint16=0;
+
+ directorycount=TIFFNumberOfDirectories(input);
++ if(directorycount > TIFF_DIR_MAX) {
++ TIFFError(
++ TIFF2PDF_MODULE,
++ "TIFF contains too many directories, %s",
++ TIFFFileName(input));
++ t2p->t2p_error = T2P_ERR_ERROR;
++ return;
++ }
+ t2p->tiff_pages = (T2P_PAGE*) _TIFFmalloc(TIFFSafeMultiply(tmsize_t,directorycount,sizeof(T2P_PAGE)));
+ if(t2p->tiff_pages==NULL){
+ TIFFError(
+diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
+index c69177e..c60cb38 100644
+--- a/tools/tiffcrop.c
++++ b/tools/tiffcrop.c
+@@ -217,6 +217,8 @@ extern int getopt(int argc, char * const argv[], const char *optstring);
+ #define DUMP_TEXT 1
+ #define DUMP_RAW 2
+
++#define TIFF_DIR_MAX 65534
++
+ /* Offsets into buffer for margins and fixed width and length segments */
+ struct offset {
+ uint32 tmargin;
+@@ -2233,7 +2235,7 @@ main(int argc, char* argv[])
+ pageNum = -1;
+ else
+ total_images = 0;
+- /* read multiple input files and write to output file(s) */
++ /* Read multiple input files and write to output file(s) */
+ while (optind < argc - 1)
+ {
+ in = TIFFOpen (argv[optind], "r");
+@@ -2241,7 +2243,14 @@ main(int argc, char* argv[])
+ return (-3);
+
+ /* If only one input file is specified, we can use directory count */
+- total_images = TIFFNumberOfDirectories(in);
++ total_images = TIFFNumberOfDirectories(in);
++ if (total_images > TIFF_DIR_MAX)
++ {
++ TIFFError (TIFFFileName(in), "File contains too many directories");
++ if (out != NULL)
++ (void) TIFFClose(out);
++ return (1);
++ }
+ if (image_count == 0)
+ {
+ dirnum = 0;
+--
+2.13.6
+
--- /dev/null
+From de5385cd882a5ff0970f63f4d93da0cbc87230c2 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Nikola=20Forr=C3=B3?= <nforro@redhat.com>
+Date: Tue, 17 Apr 2018 18:42:09 +0200
+Subject: [PATCH] Fix NULL pointer dereference in TIFFPrintDirectory
+
+The TIFFPrintDirectory function relies on the following assumptions,
+supposed to be guaranteed by the specification:
+
+(a) A Transfer Function field is only present if the TIFF file has
+ photometric type < 3.
+
+(b) If SamplesPerPixel > Color Channels, then the ExtraSamples field
+ has count SamplesPerPixel - (Color Channels) and contains
+ information about supplementary channels.
+
+While respect of (a) and (b) are essential for the well functioning of
+TIFFPrintDirectory, no checks are realized neither by the callee nor
+by TIFFPrintDirectory itself. Hence, following scenarios might happen
+and trigger the NULL pointer dereference:
+
+(1) TIFF File of photometric type 4 or more has illegal Transfer
+ Function field.
+
+(2) TIFF File has photometric type 3 or less and defines a
+ SamplesPerPixel field such that SamplesPerPixel > Color Channels
+ without defining all extra samples in the ExtraSamples fields.
+
+In this patch, we address both issues with respect of the following
+principles:
+
+(A) In the case of (1), the defined transfer table should be printed
+ safely even if it isn't 'legal'. This allows us to avoid expensive
+ checks in TIFFPrintDirectory. Also, it is quite possible that
+ an alternative photometric type would be developed (not part of the
+ standard) and would allow definition of Transfer Table. We want
+ libtiff to be able to handle this scenario out of the box.
+
+(B) In the case of (2), the transfer table should be printed at its
+ right size, that is if TIFF file has photometric type Palette
+ then the transfer table should have one row and not three, even
+ if two extra samples are declared.
+
+In order to fulfill (A) we simply add a new 'i < 3' end condition to
+the broken TIFFPrintDirectory loop. This makes sure that in any case
+where (b) would be respected but not (a), everything stays fine.
+
+(B) is fulfilled by the loop condition
+'i < td->td_samplesperpixel - td->td_extrasamples'. This is enough as
+long as (b) is respected.
+
+Naturally, we also make sure (b) is respected. This is done in the
+TIFFReadDirectory function by making sure any non-color channel is
+counted in ExtraSamples.
+
+This commit addresses CVE-2018-7456.
+---
+ libtiff/tif_dirread.c | 62 +++++++++++++++++++++++++++++++++++++++++++
+ libtiff/tif_print.c | 2 +-
+ 2 files changed, 63 insertions(+), 1 deletion(-)
+
+diff --git a/libtiff/tif_dirread.c b/libtiff/tif_dirread.c
+index 5e62e81..80aaf8d 100644
+--- a/libtiff/tif_dirread.c
++++ b/libtiff/tif_dirread.c
+@@ -167,6 +167,7 @@ static int TIFFFetchStripThing(TIFF* tif, TIFFDirEntry* dir, uint32 nstrips, uin
+ static int TIFFFetchSubjectDistance(TIFF*, TIFFDirEntry*);
+ static void ChopUpSingleUncompressedStrip(TIFF*);
+ static uint64 TIFFReadUInt64(const uint8 *value);
++static int _TIFFGetMaxColorChannels(uint16 photometric);
+
+ static int _TIFFFillStrilesInternal( TIFF *tif, int loadStripByteCount );
+
+@@ -3506,6 +3507,35 @@ static void TIFFReadDirEntryOutputErr(TIFF* tif, enum TIFFReadDirEntryErr err, c
+ }
+ }
+
++/*
++ * Return the maximum number of color channels specified for a given photometric
++ * type. 0 is returned if photometric type isn't supported or no default value
++ * is defined by the specification.
++ */
++static int _TIFFGetMaxColorChannels( uint16 photometric )
++{
++ switch (photometric) {
++ case PHOTOMETRIC_PALETTE:
++ case PHOTOMETRIC_MINISWHITE:
++ case PHOTOMETRIC_MINISBLACK:
++ return 1;
++ case PHOTOMETRIC_YCBCR:
++ case PHOTOMETRIC_RGB:
++ case PHOTOMETRIC_CIELAB:
++ return 3;
++ case PHOTOMETRIC_SEPARATED:
++ case PHOTOMETRIC_MASK:
++ return 4;
++ case PHOTOMETRIC_LOGL:
++ case PHOTOMETRIC_LOGLUV:
++ case PHOTOMETRIC_CFA:
++ case PHOTOMETRIC_ITULAB:
++ case PHOTOMETRIC_ICCLAB:
++ default:
++ return 0;
++ }
++}
++
+ /*
+ * Read the next TIFF directory from a file and convert it to the internal
+ * format. We read directories sequentially.
+@@ -3522,6 +3552,7 @@ TIFFReadDirectory(TIFF* tif)
+ uint32 fii=FAILED_FII;
+ toff_t nextdiroff;
+ int bitspersample_read = FALSE;
++ int color_channels;
+
+ tif->tif_diroff=tif->tif_nextdiroff;
+ if (!TIFFCheckDirOffset(tif,tif->tif_nextdiroff))
+@@ -4026,6 +4057,37 @@ TIFFReadDirectory(TIFF* tif)
+ }
+ }
+ }
++
++ /*
++ * Make sure all non-color channels are extrasamples.
++ * If it's not the case, define them as such.
++ */
++ color_channels = _TIFFGetMaxColorChannels(tif->tif_dir.td_photometric);
++ if (color_channels && tif->tif_dir.td_samplesperpixel - tif->tif_dir.td_extrasamples > color_channels) {
++ uint16 old_extrasamples;
++ uint16 *new_sampleinfo;
++
++ TIFFWarningExt(tif->tif_clientdata,module, "Sum of Photometric type-related "
++ "color channels and ExtraSamples doesn't match SamplesPerPixel. "
++ "Defining non-color channels as ExtraSamples.");
++
++ old_extrasamples = tif->tif_dir.td_extrasamples;
++ tif->tif_dir.td_extrasamples = (tif->tif_dir.td_samplesperpixel - color_channels);
++
++ // sampleinfo should contain information relative to these new extra samples
++ new_sampleinfo = (uint16*) _TIFFcalloc(tif->tif_dir.td_extrasamples, sizeof(uint16));
++ if (!new_sampleinfo) {
++ TIFFErrorExt(tif->tif_clientdata, module, "Failed to allocate memory for "
++ "temporary new sampleinfo array (%d 16 bit elements)",
++ tif->tif_dir.td_extrasamples);
++ goto bad;
++ }
++
++ memcpy(new_sampleinfo, tif->tif_dir.td_sampleinfo, old_extrasamples * sizeof(uint16));
++ _TIFFsetShortArray(&tif->tif_dir.td_sampleinfo, new_sampleinfo, tif->tif_dir.td_extrasamples);
++ _TIFFfree(new_sampleinfo);
++ }
++
+ /*
+ * Verify Palette image has a Colormap.
+ */
+diff --git a/libtiff/tif_print.c b/libtiff/tif_print.c
+index 24d4b98..10a588e 100644
+--- a/libtiff/tif_print.c
++++ b/libtiff/tif_print.c
+@@ -546,7 +546,7 @@ TIFFPrintDirectory(TIFF* tif, FILE* fd, long flags)
+ uint16 i;
+ fprintf(fd, " %2ld: %5u",
+ l, td->td_transferfunction[0][l]);
+- for (i = 1; i < td->td_samplesperpixel; i++)
++ for (i = 1; i < td->td_samplesperpixel - td->td_extrasamples && i < 3; i++)
+ fprintf(fd, " %5u",
+ td->td_transferfunction[i][l]);
+ fputc('\n', fd);
+--
+2.17.0
+
--- /dev/null
+From e1cd2d7ab032e7fe80b4c13e07895194c8bac85e Mon Sep 17 00:00:00 2001
+From: Brian May <brian@linuxpenguins.xyz>
+Date: Thu, 7 Dec 2017 07:46:47 +1100
+Subject: [PATCH 1/4] [PATCH] tiff2pdf: Fix CVE-2017-9935
+
+Fix for http://bugzilla.maptools.org/show_bug.cgi?id=2704
+
+This vulnerability - at least for the supplied test case - is because we
+assume that a tiff will only have one transfer function that is the same
+for all pages. This is not required by the TIFF standards.
+
+We than read the transfer function for every page. Depending on the
+transfer function, we allocate either 2 or 4 bytes to the XREF buffer.
+We allocate this memory after we read in the transfer function for the
+page.
+
+For the first exploit - POC1, this file has 3 pages. For the first page
+we allocate 2 extra extra XREF entries. Then for the next page 2 more
+entries. Then for the last page the transfer function changes and we
+allocate 4 more entries.
+
+When we read the file into memory, we assume we have 4 bytes extra for
+each and every page (as per the last transfer function we read). Which
+is not correct, we only have 2 bytes extra for the first 2 pages. As a
+result, we end up writing past the end of the buffer.
+
+There are also some related issues that this also fixes. For example,
+TIFFGetField can return uninitalized pointer values, and the logic to
+detect a N=3 vs N=1 transfer function seemed rather strange.
+
+It is also strange that we declare the transfer functions to be of type
+float, when the standard says they are unsigned 16 bit values. This is
+fixed in another patch.
+
+This patch will check to ensure that the N value for every transfer
+function is the same for every page. If this changes, we abort with an
+error. In theory, we should perhaps check that the transfer function
+itself is identical for every page, however we don't do that due to the
+confusion of the type of the data in the transfer function.
+---
+ libtiff/tif_dir.c | 3 +++
+ tools/tiff2pdf.c | 69 +++++++++++++++++++++++++++++++----------------
+ 2 files changed, 49 insertions(+), 23 deletions(-)
+
+diff --git a/libtiff/tif_dir.c b/libtiff/tif_dir.c
+index f00f808..c36a5f3 100644
+--- a/libtiff/tif_dir.c
++++ b/libtiff/tif_dir.c
+@@ -1067,6 +1067,9 @@ _TIFFVGetField(TIFF* tif, uint32 tag, va_list ap)
+ if (td->td_samplesperpixel - td->td_extrasamples > 1) {
+ *va_arg(ap, uint16**) = td->td_transferfunction[1];
+ *va_arg(ap, uint16**) = td->td_transferfunction[2];
++ } else {
++ *va_arg(ap, uint16**) = NULL;
++ *va_arg(ap, uint16**) = NULL;
+ }
+ break;
+ case TIFFTAG_REFERENCEBLACKWHITE:
+diff --git a/tools/tiff2pdf.c b/tools/tiff2pdf.c
+index bdb9126..bd23c9e 100644
+--- a/tools/tiff2pdf.c
++++ b/tools/tiff2pdf.c
+@@ -239,7 +239,7 @@ typedef struct {
+ float tiff_whitechromaticities[2];
+ float tiff_primarychromaticities[6];
+ float tiff_referenceblackwhite[2];
+- float* tiff_transferfunction[3];
++ uint16* tiff_transferfunction[3];
+ int pdf_image_interpolate; /* 0 (default) : do not interpolate,
+ 1 : interpolate */
+ uint16 tiff_transferfunctioncount;
+@@ -1049,6 +1049,8 @@ void t2p_read_tiff_init(T2P* t2p, TIFF* input){
+ uint16 pagen=0;
+ uint16 paged=0;
+ uint16 xuint16=0;
++ uint16 tiff_transferfunctioncount=0;
++ uint16* tiff_transferfunction[3];
+
+ directorycount=TIFFNumberOfDirectories(input);
+ if(directorycount > TIFF_DIR_MAX) {
+@@ -1157,26 +1159,48 @@ void t2p_read_tiff_init(T2P* t2p, TIFF* input){
+ }
+ #endif
+ if (TIFFGetField(input, TIFFTAG_TRANSFERFUNCTION,
+- &(t2p->tiff_transferfunction[0]),
+- &(t2p->tiff_transferfunction[1]),
+- &(t2p->tiff_transferfunction[2]))) {
+- if((t2p->tiff_transferfunction[1] != (float*) NULL) &&
+- (t2p->tiff_transferfunction[2] != (float*) NULL) &&
+- (t2p->tiff_transferfunction[1] !=
+- t2p->tiff_transferfunction[0])) {
+- t2p->tiff_transferfunctioncount = 3;
+- t2p->tiff_pages[i].page_extra += 4;
+- t2p->pdf_xrefcount += 4;
+- } else {
+- t2p->tiff_transferfunctioncount = 1;
+- t2p->tiff_pages[i].page_extra += 2;
+- t2p->pdf_xrefcount += 2;
+- }
+- if(t2p->pdf_minorversion < 2)
+- t2p->pdf_minorversion = 2;
++ &(tiff_transferfunction[0]),
++ &(tiff_transferfunction[1]),
++ &(tiff_transferfunction[2]))) {
++
++ if((tiff_transferfunction[1] != (uint16*) NULL) &&
++ (tiff_transferfunction[2] != (uint16*) NULL)
++ ) {
++ tiff_transferfunctioncount=3;
++ } else {
++ tiff_transferfunctioncount=1;
++ }
+ } else {
+- t2p->tiff_transferfunctioncount=0;
++ tiff_transferfunctioncount=0;
+ }
++
++ if (i > 0){
++ if (tiff_transferfunctioncount != t2p->tiff_transferfunctioncount){
++ TIFFError(
++ TIFF2PDF_MODULE,
++ "Different transfer function on page %d",
++ i);
++ t2p->t2p_error = T2P_ERR_ERROR;
++ return;
++ }
++ }
++
++ t2p->tiff_transferfunctioncount = tiff_transferfunctioncount;
++ t2p->tiff_transferfunction[0] = tiff_transferfunction[0];
++ t2p->tiff_transferfunction[1] = tiff_transferfunction[1];
++ t2p->tiff_transferfunction[2] = tiff_transferfunction[2];
++ if(tiff_transferfunctioncount == 3){
++ t2p->tiff_pages[i].page_extra += 4;
++ t2p->pdf_xrefcount += 4;
++ if(t2p->pdf_minorversion < 2)
++ t2p->pdf_minorversion = 2;
++ } else if (tiff_transferfunctioncount == 1){
++ t2p->tiff_pages[i].page_extra += 2;
++ t2p->pdf_xrefcount += 2;
++ if(t2p->pdf_minorversion < 2)
++ t2p->pdf_minorversion = 2;
++ }
++
+ if( TIFFGetField(
+ input,
+ TIFFTAG_ICCPROFILE,
+@@ -1837,10 +1861,9 @@ void t2p_read_tiff_data(T2P* t2p, TIFF* input){
+ &(t2p->tiff_transferfunction[0]),
+ &(t2p->tiff_transferfunction[1]),
+ &(t2p->tiff_transferfunction[2]))) {
+- if((t2p->tiff_transferfunction[1] != (float*) NULL) &&
+- (t2p->tiff_transferfunction[2] != (float*) NULL) &&
+- (t2p->tiff_transferfunction[1] !=
+- t2p->tiff_transferfunction[0])) {
++ if((t2p->tiff_transferfunction[1] != (uint16*) NULL) &&
++ (t2p->tiff_transferfunction[2] != (uint16*) NULL)
++ ) {
+ t2p->tiff_transferfunctioncount=3;
+ } else {
+ t2p->tiff_transferfunctioncount=1;
+--
+2.17.0
+
--- /dev/null
+From b1997b9c3ac0d6bac5effd7558141986487217a9 Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Sun, 31 Dec 2017 15:09:41 +0100
+Subject: [PATCH 2/4] libtiff/tif_print.c: TIFFPrintDirectory(): fix null
+ pointer dereference on corrupted file. Fixes
+ http://bugzilla.maptools.org/show_bug.cgi?id=2770 / CVE-2017-18013
+
+---
+ libtiff/tif_print.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/libtiff/tif_print.c b/libtiff/tif_print.c
+index 10a588e..b9b53a0 100644
+--- a/libtiff/tif_print.c
++++ b/libtiff/tif_print.c
+@@ -667,13 +667,13 @@ TIFFPrintDirectory(TIFF* tif, FILE* fd, long flags)
+ #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__))
+ fprintf(fd, " %3lu: [%8I64u, %8I64u]\n",
+ (unsigned long) s,
+- (unsigned __int64) td->td_stripoffset[s],
+- (unsigned __int64) td->td_stripbytecount[s]);
++ td->td_stripoffset ? (unsigned __int64) td->td_stripoffset[s] : 0,
++ td->td_stripbytecount ? (unsigned __int64) td->td_stripbytecount[s] : 0);
+ #else
+ fprintf(fd, " %3lu: [%8llu, %8llu]\n",
+ (unsigned long) s,
+- (unsigned long long) td->td_stripoffset[s],
+- (unsigned long long) td->td_stripbytecount[s]);
++ td->td_stripoffset ? (unsigned long long) td->td_stripoffset[s] : 0,
++ td->td_stripbytecount ? (unsigned long long) td->td_stripbytecount[s] : 0);
+ #endif
+ }
+ }
+--
+2.17.0
+
--- /dev/null
+From 1c127eb3cb7653bd61b61f9c3cfeb36fd10edab1 Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Sat, 12 May 2018 15:32:31 +0200
+Subject: [PATCH 3/4] LZWDecodeCompat(): fix potential index-out-of-bounds
+ write. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2780 /
+ CVE-2018-8905
+
+The fix consists in using the similar code LZWDecode() to validate we
+don't write outside of the output buffer.
+---
+ libtiff/tif_lzw.c | 18 ++++++++++++------
+ 1 file changed, 12 insertions(+), 6 deletions(-)
+
+diff --git a/libtiff/tif_lzw.c b/libtiff/tif_lzw.c
+index bc8f9c8..186ea3c 100644
+--- a/libtiff/tif_lzw.c
++++ b/libtiff/tif_lzw.c
+@@ -604,6 +604,7 @@ LZWDecodeCompat(TIFF* tif, uint8* op0, tmsize_t occ0, uint16 s)
+ char *tp;
+ unsigned char *bp;
+ int code, nbits;
++ int len;
+ long nextbits, nextdata, nbitsmask;
+ code_t *codep, *free_entp, *maxcodep, *oldcodep;
+
+@@ -755,13 +756,18 @@ LZWDecodeCompat(TIFF* tif, uint8* op0, tmsize_t occ0, uint16 s)
+ } while (--occ);
+ break;
+ }
+- assert(occ >= codep->length);
+- op += codep->length;
+- occ -= codep->length;
+- tp = op;
++ len = codep->length;
++ tp = op + len;
+ do {
+- *--tp = codep->value;
+- } while( (codep = codep->next) != NULL );
++ int t;
++ --tp;
++ t = codep->value;
++ codep = codep->next;
++ *tp = (char)t;
++ } while (codep && tp > op);
++ assert(occ >= len);
++ op += len;
++ occ -= len;
+ } else {
+ *op++ = (char)code;
+ occ--;
+--
+2.17.0
+
--- /dev/null
+From 98ed6179dec22db48f6e235d8ca9e2708bf4e71a Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Sat, 12 May 2018 14:24:15 +0200
+Subject: [PATCH 4/4] TIFFWriteDirectorySec: avoid assertion. Fixes
+ http://bugzilla.maptools.org/show_bug.cgi?id=2795. CVE-2018-10963
+
+---
+ libtiff/tif_dirwrite.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/libtiff/tif_dirwrite.c b/libtiff/tif_dirwrite.c
+index c68d6d2..5d0a669 100644
+--- a/libtiff/tif_dirwrite.c
++++ b/libtiff/tif_dirwrite.c
+@@ -697,8 +697,11 @@ TIFFWriteDirectorySec(TIFF* tif, int isimage, int imagedone, uint64* pdiroff)
+ }
+ break;
+ default:
+- assert(0); /* we should never get here */
+- break;
++ TIFFErrorExt(tif->tif_clientdata,module,
++ "Cannot write tag %d (%s)",
++ TIFFFieldTag(o),
++ o->field_name ? o->field_name : "unknown");
++ goto bad;
+ }
+ }
+ }
+--
+2.17.0
+
--- /dev/null
+From 5c3bc1c78dfe05eb5f4224650ad606b75e1f7034 Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Sun, 11 Mar 2018 11:14:01 +0100
+Subject: [PATCH] ChopUpSingleUncompressedStrip: avoid memory exhaustion
+ (CVE-2017-11613)
+
+In ChopUpSingleUncompressedStrip(), if the computed number of strips is big
+enough and we are in read only mode, validate that the file size is consistent
+with that number of strips to avoid useless attempts at allocating a lot of
+memory for the td_stripbytecount and td_stripoffset arrays.
+
+Rework fix done in 3719385a3fac5cfb20b487619a5f08abbf967cf8 to work in more
+cases like https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6979.
+Credit to OSS Fuzz
+
+Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2724
+---
+ libtiff/tif_dirread.c | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
+
+diff --git a/libtiff/tif_dirread.c b/libtiff/tif_dirread.c
+index 80aaf8d..5896a78 100644
+--- a/libtiff/tif_dirread.c
++++ b/libtiff/tif_dirread.c
+@@ -5760,6 +5760,16 @@ ChopUpSingleUncompressedStrip(TIFF* tif)
+ if( nstrips == 0 )
+ return;
+
++ /* If we are going to allocate a lot of memory, make sure that the */
++ /* file is as big as needed */
++ if( tif->tif_mode == O_RDONLY &&
++ nstrips > 1000000 &&
++ (offset >= TIFFGetFileSize(tif) ||
++ stripbytes > (TIFFGetFileSize(tif) - offset) / (nstrips - 1)) )
++ {
++ return;
++ }
++
+ newcounts = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64),
+ "for chopped \"StripByteCounts\" array");
+ newoffsets = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64),
+--
+2.17.1
+
include $(TOPDIR)/rules.mk
PKG_NAME:=vips
-PKG_VERSION:=8.6.4
-PKG_RELEASE:=2
+PKG_VERSION:=8.6.5
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://github.com/jcupitt/libvips/releases/download/v8.6.4/
-PKG_HASH:=4631a080c92b2b371379252e451818604858942b754c924b09843a7f528a8af4
+PKG_SOURCE_URL:=https://github.com/jcupitt/libvips/releases/download/v8.6.5/
+PKG_HASH:=8702af0e340e220e0c08f8ded6c8248b18e7043938d9e8a2426631fd37a9d5db
PKG_FIXUP:=autoreconf
PKG_CHECK_FORMAT_SECURITY:=0
include $(TOPDIR)/rules.mk
PKG_NAME:=alpine
-PKG_VERSION:=2.21.999
+PKG_VERSION:=2.21.9999
PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://repo.or.cz/alpine.git
-PKG_SOURCE_VERSION:=349642a84039a4b026513c32a3b4f8594acd50df
-PKG_MIRROR_HASH:=8db14c4ae14329a7cffc8ea5099b7fa5c7adf79ca03893b23b1a8c45b847e5af
+PKG_SOURCE_VERSION:=d3e6f3932f2af9deca8eed09e30a55e9bd524362
+PKG_MIRROR_HASH:=72f9e8c4c3ecbd5f73f527af98ad23f716fcede3af0ab0400c6e0bc9b1288e30
PKG_MAINTAINER:=Antti Seppälä <a.seppala@gmail.com>
PKG_LICENSE:=Apache-2.0
PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
CATEGORY:=Mail
DEPENDS:=+libopenssl +libncurses +libpthread +libpam $(ICONV_DEPENDS) $(INTL_DEPENDS)
TITLE:=Alternatively Licensed Program for Internet News and Email
- URL:=http://www.washington.edu/alpine
+ URL:=http://alpine.x10host.com/alpine/
endef
define Package/alpine/Default/description
PKG_NAME:=clamsmtp
PKG_VERSION:=1.10
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE_URL:=http://thewalter.net/stef/software/clamsmtp/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
--- /dev/null
+diff --git a/common/sock_any.h b/common/sock_any.h
+index 77c3841..1e30974 100644
+--- a/common/sock_any.h
++++ b/common/sock_any.h
+@@ -39,7 +39,6 @@
+ #ifndef __SOCK_ANY_H__
+ #define __SOCK_ANY_H__
+
+-#include <sys/socket.h>
+ #include <sys/un.h>
+ #include <netinet/in.h>
+
PKG_NAME:=dovecot
PKG_VERSION:=2.3.2.1
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.dovecot.org/releases/2.3
endef
CONFIGURE_ARGS += \
+ --libexecdir=/usr/libexec \
--without-pam \
- --with-moduledir=/usr/lib/dovecot/modules \
--with-notify=dnotify \
--without-lzma \
--without-lz4 \
$(1)/etc/dovecot \
$(1)/usr/share/doc/dovecot \
$(1)/usr/lib/dovecot \
+ $(1)/usr/libexec/dovecot \
$(1)/usr/bin \
$(1)/usr/sbin
$(CP) $(PKG_INSTALL_DIR)/etc/dovecot/* $(1)/etc/dovecot/
$(CP) $(PKG_INSTALL_DIR)/usr/lib/dovecot/* $(1)/usr/lib/dovecot/
+ $(CP) $(PKG_INSTALL_DIR)/usr/libexec/dovecot/* $(1)/usr/libexec/dovecot/
$(CP) $(PKG_INSTALL_DIR)/usr/share/doc/dovecot/example-config $(1)/usr/share/doc/dovecot/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/doveconf $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/* $(1)/usr/sbin/
--- /dev/null
+pigeonhole: Fix managesieve-login needs libdovecot-login
+
+When trying to use managesieve my MUA complained sieve wasn't supported.
+On investigation dovecot logs the following could be seen:
+
+ Aug 16 00:28:44 managesieve-login: Fatal: master:
+ service(managesieve-login): child 1430 returned error 127
+ Aug 16 00:31:32 managesieve-login: Error: Error loading shared
+ library libdovecot-login.so.0: No such file or directory
+ (needed by /usr/lib/dovecot/managesieve-login)
+ Aug 16 00:31:32 managesieve-login: Error: Error loading
+ shared library libdovecot.so.0: No such file or directory
+ (needed by /usr/lib/dovecot/managesieve-login)
+ Aug 16 00:31:32 managesieve-login: Error: Error relocating
+ /usr/lib/dovecot/managesieve-login: net_ip2addr: symbol not found
+
+The issue (verified with readelf on non-working build and build with my fix)
+is that there is no RPATH information in the pigeonhole binaries (like
+managesieve-login).
+
+The dovecot-config that is 'installed' in the staging dir
+assumes that plugins will be built on the same host as the installed files.
+The 'installed' dovecot-config (partial) looks like:
+
+LIBDOVECOT='-L/usr/lib/dovecot -ldovecot'
+LIBDOVECOT_LOGIN='-ldovecot-login -L/home/user/Build/openwrt/openwrt-ath79/staging_dir/target-mips_24kc_musl/usr/lib -lssl -lcrypto'
+LIBDOVECOT_SQL=-ldovecot-sql
+LIBDOVECOT_COMPRESS=-ldovecot-compression
+LIBDOVECOT_LDA=-ldovecot-lda
+LIBDOVECOT_STORAGE='-ldovecot-storage '
+LIBDOVECOT_DSYNC=-ldovecot-dsync
+LIBDOVECOT_LIBFTS=-ldovecot-fts
+
+This patch modifed dovecot-config that gets installed on the assumption
+that users of libdovecot will also be cross-compiled (a safe bet).
+Index: dovecot-2.3.2.1/Makefile.am
+===================================================================
+--- dovecot-2.3.2.1.orig/Makefile.am
++++ dovecot-2.3.2.1/Makefile.am
+@@ -73,7 +73,7 @@ install-exec-hook:
+ grep -v '^LIBDOVECOT_.*_INCLUDE' dovecot-config | \
+ grep -v '^LIBDOVECOT.*_DEPS' | sed \
+ -e "s|^\(DOVECOT_INSTALLED\)=.*$$|\1=yes|" \
+- -e "s|^\(LIBDOVECOT\)=.*$$|\1='-L$(pkglibdir) -ldovecot'|" \
++ -e "s|^\(LIBDOVECOT\)=.*$$|\1='-L$(STAGING_DIR)$(pkglibdir) -ldovecot'|" \
+ -e "s|^\(LIBDOVECOT_LOGIN\)=.*$$|\1='-ldovecot-login $(SSL_LIBS)'|" \
+ -e "s|^\(LIBDOVECOT_SQL\)=.*$$|\1=-ldovecot-sql|" \
+ -e "s|^\(LIBDOVECOT_COMPRESS\)=.*$$|\1=-ldovecot-compression|" \
+@@ -81,7 +81,8 @@ install-exec-hook:
+ -e "s|^\(LIBDOVECOT_LDA\)=.*$$|\1=-ldovecot-lda|" \
+ -e "s|^\(LIBDOVECOT_LIBFTS\)=.*$$|\1=-ldovecot-fts|" \
+ -e "s|^\(LIBDOVECOT_STORAGE\)=.*$$|\1='-ldovecot-storage $(LINKED_STORAGE_LDADD)'|" \
+- -e "s|^\(LIBDOVECOT_INCLUDE\)=.*$$|\1=-I$(pkgincludedir)|" \
++ -e "s|^\(LIBDOVECOT_INCLUDE\)=.*$$|\1=-I$(STAGING_DIR)$(pkgincludedir)|" \
++ -e "s|^\(DOVECOT_BINARY_LDFLAGS=\".*\)\"$$|\1 -Wl,-rpath -Wl,$(pkglibdir)\"|" \
+ > $(DESTDIR)$(pkglibdir)/dovecot-config
+
+ uninstall-hook:
PKG_NAME:=emailrelay
PKG_VERSION:=2.0
-PKG_RELEASE:=1
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-src.tar.gz
PKG_SOURCE_URL:=@SF/emailrelay/$(PKG_VERSION)
--disable-testing \
--disable-windows
+# Workaround for https://sourceforge.net/p/emailrelay/bugs/38/
+# This should be fixed in the next release.
+CONFIGURE_VARS += \
+ ac_cv_search_pam_end=no
+
ifeq ($(CONFIG_EMAILRELAY_SSL),y)
CONFIGURE_ARGS += \
--with-openssl
option mode 'server'
option port '25'
option remote_clients '0'
+# option address_verifier '/usr/local/bin/address-verifier.sh'
+# option domain 'my.example.com'
+# option anonymous '1'
# option server_tls '/etc/path/to/certificate'
# option server_auth '/etc/emailrelay.auth'
# option extra_cmdline ''
option smarthost '192.0.2.1:25'
option port '25'
option remote_clients '0'
+# option address_verifier '/usr/local/bin/address-verifier.sh'
+# option domain 'my.example.com'
+# option anonymous '1'
# option server_tls '/etc/path/to/certificate'
# option server_auth '/etc/emailrelay.auth'
# option client_tls '1'
emailrelay_instance()
{
- local enabled mode port remote_clients server_tls server_auth extra_cmdline smarthost client_tls client_auth
+ local enabled mode port remote_clients server_tls server_auth extra_cmdline smarthost client_tls client_auth address_verifier domain anonymous
config_get_bool enabled "$1" enabled
config_get mode "$1" mode
config_get smarthost "$1" smarthost
config_get_bool client_tls "$1" client_tls
config_get client_auth "$1" client_auth
-
+ config_get address_verifier "$1" address_verifier
+ config_get domain "$1" domain
+ config_get_bool anonymous "$1" anonymous
[ "$enabled" = 0 ] && return 1
[ -n "$server_auth" ] && procd_append_param command --server-auth "$server_auth"
[ "$client_tls" = 1 ] && procd_append_param command --client-tls
[ -n "$client_auth" ] && procd_append_param command --client-auth "$client_auth"
+ [ -n "$address_verifier" ] && procd_append_param command --address-verifier "$address_verifier"
+ [ -n "$domain" ] && procd_append_param command --domain "$domain"
+ [ "$anonymous" = 1 ] && procd_append_param command --anonymous
;;
"cmdline")
# empty by intention (just append extra_cmdline)
-#
+#
# Copyright (C) 2014 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
include $(TOPDIR)/rules.mk
PKG_NAME:=mailman
+PKG_VERSION:=2.1.29
PKG_RELEASE:=1
-PKG_SOURCE_URL:=@GNU/$(PKG_NAME)
-PKG_VERSION:=2.1.23
-PKG_HASH:=b022ca6f8534621c9dbe50c983948688bc4623214773b580c2c78e4a7ae43e69
+
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tgz
+PKG_SOURCE_URL:=@GNU/$(PKG_NAME)
+PKG_HASH:=838872713601e8a124146e550f53709482c1ef168f1e16d201465c651cbf0d2c
+
PKG_MAINTAINER:=Denis Shulyaka <Shulyaka@gmail.com>
PKG_LICENSE:=GPL-2.0+
PKG_LICENSE_FILES:=gnu-COPYING-GPL
+PKG_CPE_ID:=cpe:2.3:a:gnu:mailman
include $(INCLUDE_DIR)/package.mk
SECTION:=mail
CATEGORY:=Mail
TITLE:=The GNU Mailing List Manager
- URL:=http://www.gnu.org/software/mailman/
+ URL:=https://www.gnu.org/software/mailman/
DEPENDS:=+postfix +python +uhttpd +python-dns
endef
-diff -rupN mailman-2.1.14-1/Mailman/Defaults.py.in mailman-2.1.14-1_patched/Mailman/Defaults.py.in
---- mailman-2.1.14-1/Mailman/Defaults.py.in 2011-03-01 23:35:57.000000000 +0300
-+++ mailman-2.1.14-1_patched/Mailman/Defaults.py.in 2011-03-09 12:26:10.000000000 +0300
-@@ -489,7 +489,7 @@ DELIVERY_MODULE = 'SMTPDirect'
+--- a/Mailman/Defaults.py.in
++++ b/Mailman/Defaults.py.in
+@@ -506,7 +506,7 @@ SMTPLIB_DEBUG_LEVEL = 0
# standard out (or send an email to the site list owner) for manual twiddling
# of an /etc/aliases style file. Use 'Postfix' if you are using the Postfix
# MTA -- but then also see POSTFIX_STYLE_VIRTUAL_DOMAINS.
-diff -Naur mailman-2.1.18-1/configure mailman-2.1.18-1_patched/configure
---- mailman-2.1.18-1/configure 2014-10-26 12:00:38.090360119 +0300
-+++ mailman-2.1.18-1_patched/configure 2014-10-26 12:00:21.323016430 +0300
-@@ -2236,35 +2236,35 @@
+--- a/configure
++++ b/configure
+@@ -2255,35 +2255,35 @@ fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $version" >&5
$as_echo "$version" >&6; }
-diff -Naur mailman-2.1.18-1/configure mailman-2.1.18-1_patched/configure
---- mailman-2.1.18-1/configure 2014-05-06 20:43:56.000000000 +0400
-+++ mailman-2.1.18-1_patched/configure 2014-11-04 15:02:32.892666331 +0300
-@@ -3927,6 +3927,8 @@
+--- a/configure
++++ b/configure
+@@ -3957,6 +3957,8 @@ fi
$as_echo "$URLHOST" >&6; }
rm -f conftest.out conftest.py
-diff -Naur mailman-2.1.18-1/Mailman/MailList.py mailman-2.1.18-1_patched/Mailman/MailList.py
---- mailman-2.1.18-1/Mailman/MailList.py 2014-05-06 20:43:56.000000000 +0400
-+++ mailman-2.1.18-1_patched/Mailman/MailList.py 2014-11-04 15:57:06.832636147 +0300
-@@ -30,7 +30,7 @@
+--- a/Mailman/MailList.py
++++ b/Mailman/MailList.py
+@@ -30,7 +30,7 @@ import re
import shutil
import socket
import urllib
from cStringIO import StringIO
from UserDict import UserDict
-diff -Naur mailman-2.1.18-1/misc/paths.py.in mailman-2.1.18-1_patched/misc/paths.py.in
---- mailman-2.1.18-1/misc/paths.py.in 2014-05-06 20:43:56.000000000 +0400
-+++ mailman-2.1.18-1_patched/misc/paths.py.in 2014-11-04 15:55:49.594941540 +0300
-@@ -66,14 +66,14 @@
+--- a/misc/paths.py.in
++++ b/misc/paths.py.in
+@@ -71,14 +71,14 @@ sys.path.append(distdir)
# In a normal interactive Python environment, the japanese.pth and korean.pth
# files would be imported automatically. But because we inhibit the importing
# of the site module, we need to be explicit about importing these codecs.
include $(TOPDIR)/rules.mk
PKG_NAME:=msmtp
-PKG_VERSION:=1.6.6
+PKG_VERSION:=1.6.8
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=@SF/msmtp
-PKG_HASH:=da15db1f62bd0201fce5310adb89c86188be91cd745b7cb3b62b81a501e7fb5e
+PKG_SOURCE_URL:=https://marlam.de/msmtp/releases
+PKG_HASH:=55ff95a304d888b56d07d9c62327ab9bfe26532c9c2a2ed6aefc43bea1b659fb
PKG_LICENSE:=GPL-3.0+
PKG_LICENSE_FILES:=COPYING
-PKG_MAINTAINER:=Nicolas Thill <nico@openwrt.org>
+PKG_MAINTAINER:=
-PKG_FIXUP:=autoreconf
+PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
CATEGORY:=Mail
DEPENDS:=$(INTL_DEPENDS)
TITLE:=Simple sendmail SMTP forwarding
- URL:=http://msmtp.sourceforge.net/
+ URL:=https://marlam.de/msmtp
endef
define Package/msmtp/Default/description
PKG_VERSION_PLUGIN:=0.5.2
PKG_VERSION_DOVECOT:=$(shell make --no-print-directory -C ../dovecot/ val.PKG_VERSION V=s)
PKG_VERSION:=$(PKG_VERSION_DOVECOT)-$(PKG_VERSION_PLUGIN)
-PKG_RELEASE:=3
+PKG_RELEASE:=4
DOVECOT_VERSION:=2.3
CPPFLAGS="$(TARGET_CPPFLAGS) -I$(STAGING_DIR)/usr/include/dovecot/"
define Package/dovecot-pigeonhole/install
- $(INSTALL_DIR) $(1)/usr/bin $(1)/usr/lib/dovecot/
+ $(INSTALL_DIR) $(1)/usr/bin $(1)/usr/lib/dovecot/ $(1)/usr/libexec/dovecot/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/* $(1)/usr/bin/
$(CP) $(PKG_INSTALL_DIR)/usr/lib/dovecot/* $(1)/usr/lib/dovecot/
+ $(CP) $(PKG_INSTALL_DIR)/usr/libexec/dovecot/* $(1)/usr/libexec/dovecot/
find $(1)/usr/lib/dovecot/ -name "*.a" -o -name "*.la" | xargs rm
endef
include $(TOPDIR)/rules.mk
PKG_NAME:=postfix
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_VERSION:=3.3.1
PKG_SOURCE_URL:= \
https://cdn.postfix.johnriley.me/mirrors/postfix-release/official/ \
CONFIG_POSTFIX_CDB \
CONFIG_POSTFIX_DB \
CONFIG_POSTFIX_SQLITE \
+ CONFIG_POSTFIX_MYSQL \
CONFIG_POSTFIX_PGSQL \
CONFIG_POSTFIX_PCRE \
CONFIG_POSTFIX_EAI \
postfix=25:postfix=25 \
postdrop=26:postdrop=26
URL:=http://www.postfix.org/
- DEPENDS:=+POSTFIX_TLS:libopenssl +POSTFIX_SASL:libsasl2 +POSTFIX_LDAP:libopenldap +POSTFIX_DB:libdb47 +POSTFIX_SQLITE:libsqlite3 +POSTFIX_PGSQL:libpq +POSTFIX_EAI:icu +POSTFIX_PCRE:libpcre
+ DEPENDS:=+POSTFIX_TLS:libopenssl +POSTFIX_SASL:libsasl2 +POSTFIX_LDAP:libopenldap +POSTFIX_DB:libdb47 +POSTFIX_SQLITE:libsqlite3 +POSTFIX_MYSQL:libmysqlclient +POSTFIX_PGSQL:libpq +POSTFIX_EAI:icu +POSTFIX_PCRE:libpcre
endef
define Package/postfix/description
default y
help
Implements support for SQLite3 DB
+ config POSTFIX_MYSQL
+ bool "MYSQL support"
+ default n
+ help
+ Implements support for MySQL
config POSTFIX_PGSQL
bool "PostgreSQL support"
default n
AUXLIBS+=-L$(STAGING_DIR)/usr/lib -lsqlite3 -lpthread
endif
+ifdef CONFIG_POSTFIX_MYSQL
+ CCARGS+=-DHAS_MYSQL -I$(STAGING_DIR)/usr/include/mysql
+ AUXLIBS+=-L$(STAGING_DIR)/usr/lib -lmysqlclient -lz -lm
+endif
+
ifdef CONFIG_POSTFIX_PGSQL
CCARGS+=-DHAS_PGSQL -I$(STAGING_DIR)/usr/include/
AUXLIBS+=-L$(STAGING_DIR)/usr/lib -lpq
#!/bin/sh /etc/rc.common
# Copyright (C) 2014 OpenWrt.org
-START=50
+START=72
STOP=50
EXTRA_COMMANDS="status abort flush postinst"
EXTRA_HELP=" status Display the service status
PKG_LICENSE:=LGPL-2.1+ GPL-2+ LGPL-3
PKG_LICENSE_FILES:=COPYING.GPLv2 COPYING.GPLv3 COPYING.LGPLv2.1 COPYING.LGPLv3
+PKG_CPE_ID:=cpe:/a:ffmpeg:ffmpeg
FFMPEG_CUSTOM_ENCODERS:= \
ac3 \
include $(TOPDIR)/rules.mk
PKG_NAME:=grilo
-PKG_VERSION:=0.3.4
+PKG_VERSION:=0.3.6
PKG_RELEASE:=1
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@GNOME/grilo/0.3/
-PKG_HASH:=7c6964053b42574c2f14715d2392a02ea5cbace955eb73e067c77aa3e43b066e
+PKG_HASH:=1e65ca82dd58020451417fde79310d4b940adc3f63ab59997419c52ed3bc9c91
PKG_BUILD_DEPENDS:=glib2 libsoup libxml2
include $(TOPDIR)/rules.mk
PKG_NAME:=gst1-libav
-PKG_VERSION:=1.14.1
+PKG_VERSION:=1.14.2
PKG_RELEASE:=1
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org> \
PKG_SOURCE:=gst-libav-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://gstreamer.freedesktop.org/src/gst-libav
-PKG_HASH:=eff80a02d2f2fb9f34b67e9a26e9954d3218c7aa18e863f2a47805fa7066029d
+PKG_HASH:=8a351c39c5cfc2bbd31ca434ec4a290a730a26efbdea962fdd8306dce5c576de
PKG_LICENSE:=GPL-2.0 LGPL-2.0
PKG_LICENSE_FILES:=COPYING COPYING.LIB
include $(TOPDIR)/rules.mk
PKG_NAME:=gst1-plugins-bad
-PKG_VERSION:=1.14.1
+PKG_VERSION:=1.14.2
PKG_RELEASE:=1
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org> \
PKG_BUILD_DIR:=$(BUILD_DIR)/gst-plugins-bad-$(PKG_VERSION)
PKG_SOURCE:=gst-plugins-bad-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://gstreamer.freedesktop.org/src/gst-plugins-bad/
-PKG_HASH:=2a77c6908032aafdf2cd2e5823fec948f16a25c2d1497a953828d762dc20d61a
+PKG_HASH:=34fab7da70994465a64468330b2168a4a0ed90a7de7e4c499b6d127c6c1b1eaf
PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
include $(TOPDIR)/rules.mk
PKG_NAME:=gst1-plugins-base
-PKG_VERSION:=1.14.1
+PKG_VERSION:=1.14.2
PKG_RELEASE:=1
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org> \
PKG_BUILD_DIR:=$(BUILD_DIR)/gst-plugins-base-$(PKG_VERSION)
PKG_SOURCE:=gst-plugins-base-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://gstreamer.freedesktop.org/src/gst-plugins-base/
-PKG_HASH:=1026c7c3082d825d9b5d034c1a6dd8a4ebab60eb3738b0a0afde4ad2dc0b0db5
+PKG_HASH:=a4b7e80ba869f599307449b17c9e00b5d1e94d3ba1d8a1a386b8770b2ef01c7c
PKG_CONFIG_DEPENDS:= \
CONFIG_PACKAGE_gst1-mod-alsa \
include $(TOPDIR)/rules.mk
PKG_NAME:=gst1-plugins-good
-PKG_VERSION:=1.14.1
+PKG_VERSION:=1.14.2
PKG_RELEASE:=1
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org> \
PKG_BUILD_DIR:=$(BUILD_DIR)/gst-plugins-good-$(PKG_VERSION)
PKG_SOURCE:=gst-plugins-good-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://gstreamer.freedesktop.org/src/gst-plugins-good/
-PKG_HASH:=34ec062ddb766a32377532e039781f4a16fbc3e8b449e642605bacab26a99172
+PKG_HASH:=c0575e2811860bfff59b865b8d125153859a01f0615fa41e279b64d88d25caad
PKG_CONFIG_DEPENDS:= \
CONFIG_PACKAGE_gst1-mod-lame \
include $(TOPDIR)/rules.mk
PKG_NAME:=gst1-plugins-ugly
-PKG_VERSION:=1.14.1
+PKG_VERSION:=1.14.2
PKG_RELEASE:=1
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org> \
PKG_BUILD_DIR:=$(BUILD_DIR)/gst-plugins-ugly-$(PKG_VERSION)
PKG_SOURCE:=gst-plugins-ugly-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://gstreamer.freedesktop.org/src/gst-plugins-ugly/
-PKG_HASH:=cff2430bb13f54ef81409a0b3d65ce409a376d4a7bab57a14a97d602539fe1d3
+PKG_HASH:=55e097d9d93921fdcf7abb0ff92d23b21dd9098e632f1ba433603b3bd1cf3d69
PKG_CONFIG_DEPENDS:= \
CONFIG_PACKAGE_gst1-mod-asf \
include $(TOPDIR)/rules.mk
PKG_NAME:=gstreamer1
-PKG_VERSION:=1.14.1
+PKG_VERSION:=1.14.2
PKG_RELEASE:=1
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org> \
PKG_BUILD_DIR:=$(BUILD_DIR)/gstreamer-$(PKG_VERSION)
PKG_SOURCE:=gstreamer-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://gstreamer.freedesktop.org/src/gstreamer/
-PKG_HASH:=28d82b0d261544a9bf85b429399929e4986eb00efcf1ce16cc71d269a4c3186c
+PKG_HASH:=4bd6127299f3f29379046bbd58a526e6353b569e0e72f7b4df2ae70df6882e09
PKG_FIXUP:=autoreconf
PKG_REMOVE_FILES:=autogen.sh aclocal.m4
PKG_NAME:=acme
PKG_VERSION:=2.7.9
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_LICENSE:=GPLv3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
define Package/acme
SECTION:=net
CATEGORY:=Network
- DEPENDS:=+curl +ca-bundle +openssl-util +netcat
+ DEPENDS:=+curl +ca-bundle +openssl-util +socat
TITLE:=ACME (Letsencrypt) client
endef
acme_args="$acme_args --dns $dns"
elif [ -z "$webroot" ]; then
log "Using standalone mode"
- acme_args="$acme_args --standalone"
+ acme_args="$acme_args --standalone --listen-v6"
else
if [ ! -d "$webroot" ]; then
err "$main_domain: Webroot dir '$webroot' does not exist!"
err "Restoring staging certificate"
mv "$STATE_DIR/${main_domain}.staging" "$STATE_DIR/${main_domain}"
fi
+ post_checks
return 1
fi
include $(TOPDIR)/rules.mk
PKG_NAME:=adblock
-PKG_VERSION:=3.5.4
-PKG_RELEASE:=2
+PKG_VERSION:=3.5.5
+PKG_RELEASE:=1
PKG_LICENSE:=GPL-3.0+
PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>
* => infrequent updates, approx. 15.000 entries
* [winspy](https://github.com/crazy-max/WindowsSpyBlocker)
* => infrequent updates, approx. 120 entries
+ * [youtube]https://api.hackertarget.com/hostsearch/?q=googlevideo.com
+ * => dynamic request API to filter "random" youtube ad domains (experimental!), approx. 150 entries
* [yoyo](http://pgl.yoyo.org/adservers)
* => weekly updates, approx. 2.500 entries (enabled by default)
* [zeus tracker](https://zeustracker.abuse.ch)
* optional: add new adblock sources on your own, see example below
## Prerequisites
-* [OpenWrt](https://openwrt.org), tested with the stable release series (17.01.x) and with the latest OpenWrt snapshot
+* [OpenWrt](https://openwrt.org), tested with the stable release series (18.06) and with the latest snapshot
* a usual setup with an enabled dns backend at minimum - dump AP modes without a working dns backend are _not_ supported
* a download utility:
* to support all blocklist sources a full version (with ssl support) of 'wget', 'uclient-fetch' with one of the 'libustream-*' ssl libraries, 'aria2c' or 'curl' is required
* control the adblock service manually with _/etc/init.d/adblock_ start/stop/restart/reload/suspend/resume/status or use the LuCI frontend
## LuCI adblock companion package
-* for easy management of the various blocklist sources and all other adblock options you should use the provided LuCI frontend
+* for easy management of the various blocklist sources and adblock runtime options you should use the provided LuCI frontend
* install 'luci-app-adblock' (_opkg install luci-app-adblock_)
* the application is located in LuCI under 'Services' menu
* adb\_forcedns => force dns requests to local resolver (bool/default: '0', disabled)
* adb\_forcesrt => force overall sort on low memory devices with less than 64 MB RAM (bool/default: '0', disabled)
* adb\_backup_mode => do not automatically update blocklists during startup, use backups instead (bool/default: '0', disabled)
- * adb\maxqueue => size of the download queue to handle downloads & list processing in parallel (int/default: '4')
+ * adb\_maxqueue => size of the download queue to handle downloads & list processing in parallel (int/default: '4')
* adb\_jail => builds an additional 'Jail' list (/tmp/adb_list.jail) to block access to all domains except those listed in the whitelist file (bool/default: '0', disabled)
* adb\_dnsflush => flush DNS cache after adblock processing, i.e. enable the old restart behavior (bool/default: '0', disabled)
* adb\_notify => send notification emails in case of a processing error or if the overall domain count is ≤ 0 (bool/default: '0', disabled)
/etc/init.d/adblock status
::: adblock runtime information
+ adblock_status : enabled
- + adblock_version : 3.5.0
- + overall_domains : 102324 (normal mode)
- + fetch_utility : /usr/bin/wget (built-in)
- + dns_backend : kresd (/etc/kresd)
- + last_rundate : 30.01.2018 21:24:11
- + system_release : Turris Omnia, OpenWrt omnia 15.05/3.9.4
+ + adblock_version : 3.5.5
+ + overall_domains : 97199 (backup mode)
+ + fetch_utility : /bin/uclient-fetch (libustream-ssl)
+ + dns_backend : unbound (/var/lib/unbound)
+ + last_rundate : 01.09.2018 07:09:16
+ + system_release : PC Engines APU, OpenWrt SNAPSHOT r7986-dc9388ac55
</code></pre>
**cronjob for a regular block list update (/etc/crontabs/root):**
config source 'adaway'
option adb_src 'https://adaway.org/hosts.txt'
- option adb_src_rset '/^127\.0\.0\.1[[:space:]]+([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
+ option adb_src_rset '/^127\.0\.0\.1[[:space:]]+([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
option adb_src_desc 'focus on mobile ads, infrequent updates, approx. 400 entries'
option enabled '1'
config source 'adguard'
option adb_src 'https://filters.adtidy.org/windows/filters/15.txt'
- option adb_src_rset 'BEGIN{FS=\"[/|^|\r]\"}/^\|\|([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([\/\^\r]|$)/{print tolower(\$3)}'
+ option adb_src_rset 'BEGIN{FS=\"[/|^|\r]\"}/^\|\|([[:alnum:]_-]+\.)+[[:alpha:]]+([\/\^\r]|$)/{print tolower(\$3)}'
option adb_src_desc 'combined adguard dns filter list, frequent updates, approx. 17.000 entries'
option enabled '0'
config source 'bitcoin'
option adb_src 'https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/hosts.txt'
- option adb_src_rset '/^0\.0\.0\.0[[:space:]]+([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
+ option adb_src_rset '/^0\.0\.0\.0[[:space:]]+([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
option adb_src_desc 'focus on malicious bitcoin mining sites, infrequent updates, approx. 80 entries'
option enabled '0'
config source 'blacklist'
option adb_src '/etc/adblock/adblock.blacklist'
- option adb_src_rset '/^([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+ option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
option adb_src_desc 'static local domain blacklist, always deny these domains'
option enabled '1'
config source 'disconnect'
option adb_src 'https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt'
- option adb_src_rset '/^([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+ option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
option adb_src_desc 'mozilla driven blocklist, numerous updates on the same day, approx. 4.700 entries'
option enabled '1'
config source 'dshield'
option adb_src 'https://www.dshield.org/feeds/suspiciousdomains_Low.txt'
- option adb_src_rset '/^([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+ option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
option adb_src_desc 'generic blocklist, daily updates, approx. 3.500 entries'
option enabled '0'
config source 'feodo'
option adb_src 'https://feodotracker.abuse.ch/blocklist/?download=domainblocklist'
- option adb_src_rset '/^([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+ option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
option adb_src_desc 'focus on feodo botnet, daily updates, approx. 0-10 entries'
option enabled '0'
config source 'hphosts'
option adb_src 'https://hosts-file.net/ad_servers.txt'
- option adb_src_rset '/^127\.0\.0\.1[[:space:]]+([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|\$)+/{print tolower(\$2)}'
+ option adb_src_rset '/^127\.0\.0\.1[[:space:]]+([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|\$)+/{print tolower(\$2)}'
option adb_src_desc 'broad blocklist, monthly updates, approx. 19.200 entries'
option enabled '0'
config source 'malware'
option adb_src 'https://mirror.espoch.edu.ec/malwaredomains/justdomains'
- option adb_src_rset '/^([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+ option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
option adb_src_desc 'broad blocklist, daily updates, approx. 18.300 entries'
option enabled '0'
config source 'malwarelist'
option adb_src 'http://www.malwaredomainlist.com/hostslist/hosts.txt'
- option adb_src_rset '/^127\.0\.0\.1[[:space:]]+([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
+ option adb_src_rset '/^127\.0\.0\.1[[:space:]]+([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
option adb_src_desc 'focus on malware, daily updates, approx. 1.200 entries'
option enabled '0'
config source 'openphish'
option adb_src 'https://openphish.com/feed.txt'
- option adb_src_rset 'BEGIN{FS=\"/\"}/^http[s]?:\/\/([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+(\/|$)/{print tolower(\$3)}'
+ option adb_src_rset 'BEGIN{FS=\"/\"}/^http[s]?:\/\/([[:alnum:]_-]+\.)+[[:alpha:]]+(\/|$)/{print tolower(\$3)}'
option adb_src_desc 'focus on phishing, numerous updates on the same day, approx. 2.400 entries'
option enabled '0'
config source 'ransomware'
option adb_src 'https://ransomwaretracker.abuse.ch/downloads/RW_DOMBL.txt'
- option adb_src_rset '/^([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+ option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
option adb_src_desc 'focus on ransomware by abuse.ch, numerous updates on the same day, approx. 1900 entries'
option enabled '0'
config source 'reg_cn'
option adb_src 'https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt'
- option adb_src_rset 'BEGIN{FS=\"[|^]\"}/^\|\|([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
+ option adb_src_rset 'BEGIN{FS=\"[|^]\"}/^\|\|([[:alnum:]_-]+\.)+[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
option adb_src_desc 'focus on chinese ads plus generic easylist additions, daily updates, approx. 11.700 entries'
option enabled '0'
config source 'reg_cz'
option adb_src 'https://raw.githubusercontent.com/qxstyles/turris-hole-czech-block-list/master/turris-hole-czech-block-list'
- option adb_src_rset '/^([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+ option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
option adb_src_desc 'focus on czech ads maintained by Turris Omnia Users, infrequent updates, approx. 100 entries'
option enabled '0'
config source 'reg_de'
option adb_src 'https://easylist-downloads.adblockplus.org/easylistgermany+easylist.txt'
- option adb_src_rset 'BEGIN{FS=\"[|^]\"}/^\|\|([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
+ option adb_src_rset 'BEGIN{FS=\"[|^]\"}/^\|\|([[:alnum:]_-]+\.)+[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
option adb_src_desc 'focus on german ads plus generic easylist additions, daily updates, approx. 9.200 entries'
option enabled '0'
config source 'reg_id'
option adb_src 'https://easylist-downloads.adblockplus.org/abpindo+easylist.txt'
- option adb_src_rset 'BEGIN{FS=\"[|^]\"}/^\|\|([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
+ option adb_src_rset 'BEGIN{FS=\"[|^]\"}/^\|\|([[:alnum:]_-]+\.)+[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
option adb_src_desc 'focus on indonesian ads plus generic easylist additions, weekly updates, approx. 9.600 entries'
option enabled '0'
config source 'reg_nl'
option adb_src 'https://easylist-downloads.adblockplus.org/easylistdutch+easylist.txt'
- option adb_src_rset 'BEGIN{FS=\"[|^]\"}/^\|\|([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
+ option adb_src_rset 'BEGIN{FS=\"[|^]\"}/^\|\|([[:alnum:]_-]+\.)+[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
option adb_src_desc 'focus on dutch ads plus generic easylist additions, weekly updates, approx. 9.400 entries'
option enabled '0'
config source 'reg_pl'
option adb_src 'http://adblocklist.org/adblock-pxf-polish.txt'
- option adb_src_rset 'BEGIN{FS=\"[|^]\"}/^\|\|([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
+ option adb_src_rset 'BEGIN{FS=\"[|^]\"}/^\|\|([[:alnum:]_-]+\.)+[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
option adb_src_desc 'focus on polish ads, daily updates, approx. 90 entries'
option enabled '0'
config source 'reg_ro'
option adb_src 'https://easylist-downloads.adblockplus.org/rolist+easylist.txt'
- option adb_src_rset 'BEGIN{FS=\"[|^]\"}/^\|\|([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
+ option adb_src_rset 'BEGIN{FS=\"[|^]\"}/^\|\|([[:alnum:]_-]+\.)+[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
option adb_src_desc 'focus on romanian ads plus generic easylist additions, weekly updates, approx. 9.400 entries'
option enabled '0'
config source 'reg_ru'
option adb_src 'https://easylist-downloads.adblockplus.org/ruadlist+easylist.txt'
- option adb_src_rset 'BEGIN{FS=\"[|^]\"}/^\|\|([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
+ option adb_src_rset 'BEGIN{FS=\"[|^]\"}/^\|\|([[:alnum:]_-]+\.)+[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
option adb_src_desc 'focus on russian ads plus generic easylist additions, weekly updates, approx. 14.500 entries'
option enabled '0'
config source 'shalla'
option adb_src 'http://www.shallalist.de/Downloads/shallalist.tar.gz'
- option adb_src_rset '/^([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+ option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
option adb_src_desc 'huge blocklist archive subdivided in different categories, daily updates. Check http://www.shallalist.de/categories.html for more categories'
list adb_src_cat 'adv'
list adb_src_cat 'costtraps'
config source 'spam404'
option adb_src 'https://raw.githubusercontent.com/Dawsey21/Lists/master/main-blacklist.txt'
- option adb_src_rset '/^([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)+/{print tolower(\$1)}'
+ option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)+/{print tolower(\$1)}'
option adb_src_desc 'generic blocklist, infrequent updates, approx. 6.000 entries'
option enabled '0'
config source 'sysctl'
option adb_src 'http://sysctl.org/cameleon/hosts'
- option adb_src_rset '/^127\.0\.0\.1[[:space:]]+([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
+ option adb_src_rset '/^127\.0\.0\.1[[:space:]]+([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
option adb_src_desc 'broad blocklist, weekly updates, approx. 16.500 entries'
option enabled '0'
config source 'urlhaus'
option adb_src 'https://urlhaus.abuse.ch/downloads/rpz'
- option adb_src_rset '/^([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)+/{print tolower(\$1)}'
+ option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)+/{print tolower(\$1)}'
option adb_src_desc 'urlhaus RPZ domains by abuse.ch, numerous updates on the same day, approx. 3.500 entries'
option enabled '0'
config source 'ut_capitole'
option adb_src 'https://dsi.ut-capitole.fr/blacklists/download/blacklists.tar.gz'
- option adb_src_rset '/^([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+ option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
option adb_src_desc 'huge blocklist archive subdivided in different categories, daily updates. Check https://dsi.ut-capitole.fr/blacklists/index_en.php for more categories'
+ list adb_src_cat 'publicite'
list adb_src_cat 'cryptojacking'
list adb_src_cat 'ddos'
list adb_src_cat 'malware'
config source 'whocares'
option adb_src 'http://someonewhocares.org/hosts/hosts'
- option adb_src_rset '/^127\.0\.0\.1[[:space:]]+([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
+ option adb_src_rset '/^127\.0\.0\.1[[:space:]]+([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
option adb_src_desc 'broad blocklist, weekly updates, approx. 10.000 entries'
option enabled '0'
config source 'winspy'
option adb_src 'https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt'
- option adb_src_rset '/^0\.0\.0\.0[[:space:]]+([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
+ option adb_src_rset '/^0\.0\.0\.0[[:space:]]+([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
option adb_src_desc 'focus on windows spy & telemetry domains, infrequent updates, approx. 300 entries'
option enabled '0'
config source 'winhelp'
option adb_src 'http://winhelp2002.mvps.org/hosts.txt'
- option adb_src_rset '/^0\.0\.0\.0[[:space:]]+([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
+ option adb_src_rset '/^0\.0\.0\.0[[:space:]]+([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
option adb_src_desc 'broad blocklist, infrequent updates, approx. 13.000 entries'
option enabled '0'
+config source 'youtube'
+ option adb_src 'https://api.hackertarget.com/hostsearch/?q=googlevideo.com'
+ option adb_src_rset 'BEGIN{FS=\",\"}/^(r[0-9]+\.){1,1}([[:alnum:]_-]+\.)+[[:alpha:]]+/{sub(/\./,\"---\");print tolower(\$1)}'
+ option adb_src_desc 'focus on youtube ad-related subdomains, dynamic request API, approx. 150 entries'
+ option enabled '0'
+
config source 'yoyo'
option adb_src 'https://pgl.yoyo.org/adservers/serverlist.php?hostformat=nohtml&showintro=0&mimetype=plaintext'
- option adb_src_rset '/^([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+ option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
option adb_src_desc 'focus on ad related domains, weekly updates, approx. 2.400 entries'
option enabled '1'
config source 'zeus'
option adb_src 'https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist'
- option adb_src_rset '/^([^([:space:]|#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+ option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
option adb_src_desc 'focus on zeus botnet by abuse.ch, daily updates, approx. 400 entries'
option enabled '0'
-
boot()
{
- adb_boot=1
- rc_procd start_service
+ adb_boot=1
+ rc_procd start_service
}
start_service()
{
- if [ $("${adb_init}" enabled; printf "%u" ${?}) -eq 0 ]
- then
- if [ -n "${adb_boot}" ]
- then
- local trigger="$(uci_get adblock global adb_trigger)"
- if [ "${trigger}" != "timed" ]
- then
- return 0
- fi
- fi
- local nice="$(uci_get adblock extra adb_nice)"
- procd_open_instance "adblock"
- procd_set_param command "${adb_script}" "${@}"
- procd_set_param pidfile "${adb_pidfile}"
- procd_set_param nice ${nice:-0}
- procd_set_param stdout 1
- procd_set_param stderr 1
- procd_close_instance
- fi
+ if [ $("${adb_init}" enabled; printf "%u" ${?}) -eq 0 ]
+ then
+ if [ -n "${adb_boot}" ]
+ then
+ local trigger="$(uci_get adblock global adb_trigger)"
+ if [ "${trigger}" != "timed" ]
+ then
+ return 0
+ fi
+ fi
+ local nice="$(uci_get adblock extra adb_nice)"
+ procd_open_instance "adblock"
+ procd_set_param command "${adb_script}" "${@}"
+ procd_set_param pidfile "${adb_pidfile}"
+ procd_set_param nice ${nice:-0}
+ procd_set_param stdout 1
+ procd_set_param stderr 1
+ procd_close_instance
+ fi
}
reload_service()
{
- rc_procd start_service reload
+ rc_procd start_service reload
}
stop_service()
{
- rc_procd "${adb_script}" stop
- rc_procd start_service
+ rc_procd "${adb_script}" stop
+ rc_procd start_service
}
restart()
{
- rc_procd start_service restart
+ rc_procd start_service restart
}
suspend()
{
- [ -s "${adb_pidfile}" ] && return 1
- rc_procd "${adb_script}" suspend
+ [ -s "${adb_pidfile}" ] && return 1
+ rc_procd "${adb_script}" suspend
}
resume()
{
- [ -s "${adb_pidfile}" ] && return 1
- rc_procd "${adb_script}" resume
+ [ -s "${adb_pidfile}" ] && return 1
+ rc_procd "${adb_script}" resume
}
query()
{
- [ -s "${adb_pidfile}" ] && return 1
- rc_procd "${adb_script}" query "${1}"
+ [ -s "${adb_pidfile}" ] && return 1
+ rc_procd "${adb_script}" query "${1}"
}
status()
{
- local key keylist value rtfile="$(uci_get adblock extra adb_rtfile)"
+ local key keylist value rtfile="$(uci_get adblock extra adb_rtfile)"
- rtfile="${rtfile:-"/tmp/adb_runtime.json"}"
- if [ -s "${rtfile}" ]
- then
- printf "%s\n" "::: adblock runtime information"
- json_load "$(cat "${rtfile}" 2>/dev/null)"
- json_select data
- json_get_keys keylist
- for key in ${keylist}
- do
- json_get_var value "${key}"
- printf " + %-15s : %s\n" "${key}" "${value}"
- done
- else
- printf "%s\n" "::: no adblock runtime information available"
- fi
+ rtfile="${rtfile:-"/tmp/adb_runtime.json"}"
+ if [ -s "${rtfile}" ]
+ then
+ printf "%s\n" "::: adblock runtime information"
+ json_load_file "${rtfile}"
+ json_select data
+ json_get_keys keylist
+ for key in ${keylist}
+ do
+ json_get_var value "${key}"
+ printf " + %-15s : %s\n" "${key}" "${value}"
+ done
+ else
+ printf "%s\n" "::: no adblock runtime information available"
+ fi
}
service_triggers()
{
- local trigger="$(uci_get adblock global adb_trigger)"
- local delay="$(uci_get adblock extra adb_triggerdelay)"
+ local trigger="$(uci_get adblock global adb_trigger)"
+ local delay="$(uci_get adblock extra adb_triggerdelay)"
- if [ "${trigger}" != "none" ] && [ "${trigger}" != "timed" ]
- then
- PROCD_RELOAD_DELAY=$((${delay:-2} * 1000))
- procd_add_interface_trigger "interface.*.up" "${trigger}" "${adb_init}" start
- fi
- procd_add_reload_trigger "adblock"
+ if [ "${trigger}" != "none" ] && [ "${trigger}" != "timed" ]
+ then
+ PROCD_RELOAD_DELAY=$((${delay:-2} * 1000))
+ procd_add_interface_trigger "interface.*.up" "${trigger}" "${adb_init}" start
+ fi
+ procd_add_reload_trigger "adblock"
}
LC_ALL=C
PATH="/usr/sbin:/usr/bin:/sbin:/bin"
-mail_ver="1.0.3"
+mail_ver="1.0.4"
mail_daemon="$(command -v msmtp)"
mail_profile="adb_notify"
#mail_debug="--debug"
# mail header & mail receiver check
#
+mail_receiver=""
mail_sender="no-reply@adblock"
-mail_receiver="!!!ChangeMe!!!"
mail_topic="${HOSTNAME}: adblock notification"
mail_head="From: ${mail_sender}\nTo: ${mail_receiver}\nSubject: ${mail_topic}\nReply-to: ${mail_sender}\nMime-Version: 1.0\nContent-Type: text/html\nContent-Disposition: inline\n\n"
-if [ "${mail_receiver}" = "!!!ChangeMe!!!" ]
+if [ -z "${mail_receiver}" ]
then
- logger -p "err" -t "adblock-notify-[${mail_ver}]" "please change the 'mail_receiver' in '/etc/adblock/adblock.notify'"
- exit ${mail_rc}
+ logger -p "err" -t "adblock-notify-${mail_ver}[${$}]" "please supply/customize the 'mail_receiver' in '/etc/adblock/adblock.notify'"
+ exit ${mail_rc}
fi
# mail daemon check
#
if [ ! -x "${mail_daemon}" ]
then
- mail_daemon="$(command -v sendmail)"
+ mail_daemon="$(command -v sendmail)"
fi
# info preparation
adb_info="$(/etc/init.d/adblock status 2>/dev/null)"
if [ -f "/var/log/messages" ]
then
- log_info="$(awk '/adblock-/{NR=1;max=79;if(length($0)>max+1)while($0){if(NR==1){print substr($0,1,max),"↵"} else {print " ",substr($0,1,max)}{$0=substr($0,max+1);NR=NR+1}}else print}' /var/log/messages)"
+ log_info="$(awk '/adblock-/{NR=1;max=79;if(length($0)>max+1)while($0){if(NR==1){print substr($0,1,max),"↵"} else {print " ",substr($0,1,max)}{$0=substr($0,max+1);NR=NR+1}}else print}' /var/log/messages)"
else
- log_info="$(logread -e "adblock-" | awk '{NR=1;max=79;if(length($0)>max+1)while($0){if(NR==1){print substr($0,1,max),"↵"} else {print " ",substr($0,1,max)}{$0=substr($0,max+1);NR=NR+1}}else print}')"
+ log_info="$(logread -e "adblock-" | awk '{NR=1;max=79;if(length($0)>max+1)while($0){if(NR==1){print substr($0,1,max),"↵"} else {print " ",substr($0,1,max)}{$0=substr($0,max+1);NR=NR+1}}else print}')"
fi
# mail body
#
if [ -x "${mail_daemon}" ]
then
- printf "%b" "${mail_head}${mail_text}" 2>/dev/null | "${mail_daemon}" ${mail_debug} -a "${mail_profile}" "${mail_receiver}" >/dev/null 2>&1
- mail_rc=${?}
- logger -p "info" -t "adblock-notify-[${mail_ver}]" "mail sent to '${mail_receiver}' with rc '${mail_rc}'"
+ printf "%b" "${mail_head}${mail_text}" 2>/dev/null | "${mail_daemon}" ${mail_debug} -a "${mail_profile}" "${mail_receiver}" >/dev/null 2>&1
+ mail_rc=${?}
+ logger -p "info" -t "adblock-notify-${mail_ver}[${$}]" "mail sent to '${mail_receiver}' with rc '${mail_rc}'"
else
- logger -p "err" -t "adblock-notify-[${mail_ver}]" "msmtp mail daemon not found"
+ logger -p "err" -t "adblock-notify-${mail_ver}[${$}]" "msmtp mail daemon not found"
fi
exit ${mail_rc}
#
LC_ALL=C
PATH="/usr/sbin:/usr/bin:/sbin:/bin"
-adb_ver="3.5.4-2"
+adb_ver="3.5.5"
adb_sysver="unknown"
adb_enabled=0
adb_debug=0
#
f_envload()
{
- local dns_up sys_call sys_desc sys_model sys_ver cnt=0
-
- # get system information
- #
- sys_call="$(ubus -S call system board 2>/dev/null)"
- if [ -n "${sys_call}" ]
- then
- sys_desc="$(printf '%s' "${sys_call}" | jsonfilter -e '@.release.description')"
- sys_model="$(printf '%s' "${sys_call}" | jsonfilter -e '@.model')"
- sys_ver="$(cat /etc/turris-version 2>/dev/null)"
- if [ -n "${sys_ver}" ]
- then
- sys_desc="${sys_desc}/${sys_ver}"
- fi
- adb_sysver="${sys_model}, ${sys_desc}"
- fi
-
- # check hash utility
- #
- if [ ! -x "${adb_hashutil}" ]
- then
- adb_hashutil="$(command -v md5sum)"
- fi
-
- # source in system libraries
- #
- if [ -r "/lib/functions.sh" ] && [ -r "/usr/share/libubox/jshn.sh" ]
- then
- . "/lib/functions.sh"
- . "/usr/share/libubox/jshn.sh"
- else
- f_log "err" "system libraries not found"
- fi
-
- # parse 'global' and 'extra' section by callback
- #
- config_cb()
- {
- local type="${1}"
- if [ "${type}" = "adblock" ]
- then
- option_cb()
- {
- local option="${1}"
- local value="${2}"
- eval "${option}=\"${value}\""
- }
- else
- reset_cb
- fi
- }
-
- # parse 'source' typed sections
- #
- parse_config()
- {
- local value opt section="${1}" options="enabled adb_src adb_src_rset adb_src_cat"
- eval "adb_sources=\"${adb_sources} ${section}\""
- for opt in ${options}
- do
- config_get value "${section}" "${opt}"
- if [ -n "${value}" ]
- then
- eval "${opt}_${section}=\"${value}\""
- fi
- done
- }
-
- # load adblock config
- #
- config_load adblock
- config_foreach parse_config source
-
- # check dns backend
- #
- case "${adb_dns}" in
- dnsmasq)
- adb_dnsinstance="${adb_dnsinstance:-"0"}"
- adb_dnsuser="${adb_dnsuser:-"dnsmasq"}"
- adb_dnsdir="${adb_dnsdir:-"/tmp"}"
- adb_dnsheader=""
- adb_dnsdeny="awk '{print \"server=/\"\$0\"/\"}'"
- adb_dnsallow="awk '{print \"server=/\"\$0\"/#\"}'"
- adb_dnshalt="server=/#/"
- ;;
- unbound)
- adb_dnsinstance="${adb_dnsinstance:-"0"}"
- adb_dnsuser="${adb_dnsuser:-"unbound"}"
- adb_dnsdir="${adb_dnsdir:-"/var/lib/unbound"}"
- adb_dnsheader=""
- adb_dnsdeny="awk '{print \"local-zone: \042\"\$0\"\042 static\"}'"
- adb_dnsallow="awk '{print \"local-zone: \042\"\$0\"\042 transparent\"}'"
- adb_dnshalt="local-zone: \".\" static"
- ;;
- named)
- adb_dnsinstance="${adb_dnsinstance:-"0"}"
- adb_dnsuser="${adb_dnsuser:-"bind"}"
- adb_dnsdir="${adb_dnsdir:-"/var/lib/bind"}"
- adb_dnsheader="\$TTL 2h"$'\n'"@ IN SOA localhost. root.localhost. (1 6h 1h 1w 2h)"$'\n'" IN NS localhost."
- adb_dnsdeny="awk '{print \"\"\$0\" CNAME .\n*.\"\$0\" CNAME .\"}'"
- adb_dnsallow="awk '{print \"\"\$0\" CNAME rpz-passthru.\n*.\"\$0\" CNAME rpz-passthru.\"}'"
- adb_dnshalt="* CNAME ."
- ;;
- kresd)
- adb_dnsinstance="${adb_dnsinstance:-"0"}"
- adb_dnsuser="${adb_dnsuser:-"root"}"
- adb_dnsdir="${adb_dnsdir:-"/etc/kresd"}"
- adb_dnsheader="\$TTL 2h"$'\n'"@ IN SOA localhost. root.localhost. (1 6h 1h 1w 2h)"$'\n'" IN NS localhost."
- adb_dnsdeny="awk '{print \"\"\$0\" CNAME .\n*.\"\$0\" CNAME .\"}'"
- adb_dnsallow="awk '{print \"\"\$0\" CNAME rpz-passthru.\n*.\"\$0\" CNAME rpz-passthru.\"}'"
- adb_dnshalt="* CNAME ."
- ;;
- dnscrypt-proxy)
- adb_dnsinstance="${adb_dnsinstance:-"0"}"
- adb_dnsuser="${adb_dnsuser:-"nobody"}"
- adb_dnsdir="${adb_dnsdir:-"/tmp"}"
- adb_dnsheader=""
- adb_dnsdeny="awk '{print \$0}'"
- adb_dnsallow=""
- adb_dnshalt=""
- ;;
- esac
-
- # check adblock status
- #
- if [ ${adb_enabled} -eq 0 ]
- then
- f_extconf
- f_temp
- f_rmdns
- f_jsnup
- f_log "info" "adblock is currently disabled, please set adb_enabled to '1' to use this service"
- exit 0
- fi
-
- if [ -d "${adb_dnsdir}" ] && [ ! -f "${adb_dnsdir}/${adb_dnsfile}" ]
- then
- printf '%s\n' "${adb_dnsheader}" > "${adb_dnsdir}/${adb_dnsfile}"
- fi
-
- if [ "${adb_action}" = "start" ] && [ "${adb_trigger}" = "timed" ]
- then
- sleep ${adb_triggerdelay}
- fi
-
- while [ ${cnt} -le 30 ]
- do
- dns_up="$(ubus -S call service list "{\"name\":\"${adb_dns}\"}" 2>/dev/null | jsonfilter -l1 -e "@[\"${adb_dns}\"].instances.*.running" 2>/dev/null)"
- if [ "${dns_up}" = "true" ]
- then
- break
- fi
- sleep 1
- cnt=$((cnt+1))
- done
-
- if [ "${dns_up}" != "true" ] || [ -z "${adb_dns}" ] || [ ! -x "$(command -v ${adb_dns})" ]
- then
- f_log "err" "'${adb_dns}' not running or not executable"
- elif [ ! -d "${adb_dnsdir}" ]
- then
- f_log "err" "'${adb_dnsdir}' backend directory not found"
- fi
+ local dns_up sys_call sys_desc sys_model sys_ver cnt=0
+
+ # get system information
+ #
+ sys_call="$(ubus -S call system board 2>/dev/null)"
+ if [ -n "${sys_call}" ]
+ then
+ sys_desc="$(printf '%s' "${sys_call}" | jsonfilter -e '@.release.description')"
+ sys_model="$(printf '%s' "${sys_call}" | jsonfilter -e '@.model')"
+ sys_ver="$(cat /etc/turris-version 2>/dev/null)"
+ if [ -n "${sys_ver}" ]
+ then
+ sys_desc="${sys_desc}/${sys_ver}"
+ fi
+ adb_sysver="${sys_model}, ${sys_desc}"
+ fi
+
+ # check hash utility
+ #
+ if [ ! -x "${adb_hashutil}" ]
+ then
+ adb_hashutil="$(command -v md5sum)"
+ fi
+
+ # parse 'global' and 'extra' section by callback
+ #
+ config_cb()
+ {
+ local type="${1}"
+ if [ "${type}" = "adblock" ]
+ then
+ option_cb()
+ {
+ local option="${1}"
+ local value="${2}"
+ eval "${option}=\"${value}\""
+ }
+ else
+ reset_cb
+ fi
+ }
+
+ # parse 'source' typed sections
+ #
+ parse_config()
+ {
+ local value opt section="${1}" options="enabled adb_src adb_src_rset adb_src_cat"
+ eval "adb_sources=\"${adb_sources} ${section}\""
+ for opt in ${options}
+ do
+ config_get value "${section}" "${opt}"
+ if [ -n "${value}" ]
+ then
+ eval "${opt}_${section}=\"${value}\""
+ fi
+ done
+ }
+
+ # load adblock config
+ #
+ config_load adblock
+ config_foreach parse_config source
+
+ # check dns backend
+ #
+ case "${adb_dns}" in
+ dnsmasq)
+ adb_dnsinstance="${adb_dnsinstance:-"0"}"
+ adb_dnsuser="${adb_dnsuser:-"dnsmasq"}"
+ adb_dnsdir="${adb_dnsdir:-"/tmp"}"
+ adb_dnsheader=""
+ adb_dnsdeny="awk '{print \"server=/\"\$0\"/\"}'"
+ adb_dnsallow="awk '{print \"server=/\"\$0\"/#\"}'"
+ adb_dnshalt="server=/#/"
+ ;;
+ unbound)
+ adb_dnsinstance="${adb_dnsinstance:-"0"}"
+ adb_dnsuser="${adb_dnsuser:-"unbound"}"
+ adb_dnsdir="${adb_dnsdir:-"/var/lib/unbound"}"
+ adb_dnsheader=""
+ adb_dnsdeny="awk '{print \"local-zone: \042\"\$0\"\042 static\"}'"
+ adb_dnsallow="awk '{print \"local-zone: \042\"\$0\"\042 transparent\"}'"
+ adb_dnshalt="local-zone: \".\" static"
+ ;;
+ named)
+ adb_dnsinstance="${adb_dnsinstance:-"0"}"
+ adb_dnsuser="${adb_dnsuser:-"bind"}"
+ adb_dnsdir="${adb_dnsdir:-"/var/lib/bind"}"
+ adb_dnsheader="\$TTL 2h"$'\n'"@ IN SOA localhost. root.localhost. (1 6h 1h 1w 2h)"$'\n'" IN NS localhost."
+ adb_dnsdeny="awk '{print \"\"\$0\" CNAME .\n*.\"\$0\" CNAME .\"}'"
+ adb_dnsallow="awk '{print \"\"\$0\" CNAME rpz-passthru.\n*.\"\$0\" CNAME rpz-passthru.\"}'"
+ adb_dnshalt="* CNAME ."
+ ;;
+ kresd)
+ adb_dnsinstance="${adb_dnsinstance:-"0"}"
+ adb_dnsuser="${adb_dnsuser:-"root"}"
+ adb_dnsdir="${adb_dnsdir:-"/etc/kresd"}"
+ adb_dnsheader="\$TTL 2h"$'\n'"@ IN SOA localhost. root.localhost. (1 6h 1h 1w 2h)"$'\n'" IN NS localhost."
+ adb_dnsdeny="awk '{print \"\"\$0\" CNAME .\n*.\"\$0\" CNAME .\"}'"
+ adb_dnsallow="awk '{print \"\"\$0\" CNAME rpz-passthru.\n*.\"\$0\" CNAME rpz-passthru.\"}'"
+ adb_dnshalt="* CNAME ."
+ ;;
+ dnscrypt-proxy)
+ adb_dnsinstance="${adb_dnsinstance:-"0"}"
+ adb_dnsuser="${adb_dnsuser:-"nobody"}"
+ adb_dnsdir="${adb_dnsdir:-"/tmp"}"
+ adb_dnsheader=""
+ adb_dnsdeny="awk '{print \$0}'"
+ adb_dnsallow=""
+ adb_dnshalt=""
+ ;;
+ esac
+
+ # check adblock status
+ #
+ if [ ${adb_enabled} -eq 0 ]
+ then
+ f_extconf
+ f_temp
+ f_rmdns
+ f_jsnup "disabled"
+ f_log "info" "adblock is currently disabled, please set adb_enabled to '1' to use this service"
+ exit 0
+ fi
+
+ if [ -d "${adb_dnsdir}" ] && [ ! -f "${adb_dnsdir}/${adb_dnsfile}" ]
+ then
+ printf '%s\n' "${adb_dnsheader}" > "${adb_dnsdir}/${adb_dnsfile}"
+ fi
+
+ if [ "${adb_action}" = "start" ] && [ "${adb_trigger}" = "timed" ]
+ then
+ sleep ${adb_triggerdelay}
+ fi
+
+ while [ ${cnt} -le 30 ]
+ do
+ dns_up="$(ubus -S call service list "{\"name\":\"${adb_dns}\"}" 2>/dev/null | jsonfilter -l1 -e "@[\"${adb_dns}\"].instances.*.running" 2>/dev/null)"
+ if [ "${dns_up}" = "true" ]
+ then
+ break
+ fi
+ sleep 1
+ cnt=$((cnt+1))
+ done
+
+ if [ "${dns_up}" != "true" ] || [ -z "${adb_dns}" ] || [ ! -x "$(command -v ${adb_dns})" ]
+ then
+ f_log "err" "'${adb_dns}' not running or not executable"
+ elif [ ! -d "${adb_dnsdir}" ]
+ then
+ f_log "err" "'${adb_dnsdir}' backend directory not found"
+ fi
}
# check environment
#
f_envcheck()
{
- local ssl_lib
-
- # check external uci config files
- #
- f_extconf
-
- # check fetch utility
- #
- case "${adb_fetchutil}" in
- uclient-fetch)
- if [ -f "/lib/libustream-ssl.so" ]
- then
- adb_fetchparm="${adb_fetchparm:-"--timeout=10 --no-check-certificate -O"}"
- ssl_lib="libustream-ssl"
- else
- adb_fetchparm="${adb_fetchparm:-"--timeout=10 -O"}"
- fi
- ;;
- wget)
- adb_fetchparm="${adb_fetchparm:-"--no-cache --no-cookies --max-redirect=0 --timeout=10 --no-check-certificate -O"}"
- ssl_lib="built-in"
- ;;
- wget-nossl)
- adb_fetchparm="${adb_fetchparm:-"--no-cache --no-cookies --max-redirect=0 --timeout=10 -O"}"
- ;;
- busybox)
- adb_fetchparm="${adb_fetchparm:-"-O"}"
- ;;
- curl)
- adb_fetchparm="${adb_fetchparm:-"--connect-timeout 10 --insecure -o"}"
- ssl_lib="built-in"
- ;;
- aria2c)
- adb_fetchparm="${adb_fetchparm:-"--timeout=10 --allow-overwrite=true --auto-file-renaming=false --check-certificate=false -o"}"
- ssl_lib="built-in"
- ;;
- esac
- adb_fetchutil="$(command -v "${adb_fetchutil}")"
-
- if [ ! -x "${adb_fetchutil}" ] || [ -z "${adb_fetchutil}" ] || [ -z "${adb_fetchparm}" ]
- then
- f_log "err" "download utility not found, please install 'uclient-fetch' with 'libustream-mbedtls' or the full 'wget' package"
- fi
- adb_fetchinfo="${adb_fetchutil} (${ssl_lib:-"-"})"
-
- f_temp
- f_jsnup "running"
- f_log "info" "start adblock processing (${adb_action})"
+ local ssl_lib
+
+ # startup message
+ #
+ f_log "info" "adblock instance started ::: action: ${adb_action}, priority: ${adb_nice:-"0"}, pid: ${$}"
+ f_jsnup "running"
+
+ # check external uci config files
+ #
+ f_extconf
+
+ # check fetch utility
+ #
+ case "${adb_fetchutil}" in
+ uclient-fetch)
+ if [ -f "/lib/libustream-ssl.so" ]
+ then
+ adb_fetchparm="${adb_fetchparm:-"--timeout=10 --no-check-certificate -O"}"
+ ssl_lib="libustream-ssl"
+ else
+ adb_fetchparm="${adb_fetchparm:-"--timeout=10 -O"}"
+ fi
+ ;;
+ wget)
+ adb_fetchparm="${adb_fetchparm:-"--no-cache --no-cookies --max-redirect=0 --timeout=10 --no-check-certificate -O"}"
+ ssl_lib="built-in"
+ ;;
+ wget-nossl)
+ adb_fetchparm="${adb_fetchparm:-"--no-cache --no-cookies --max-redirect=0 --timeout=10 -O"}"
+ ;;
+ busybox)
+ adb_fetchparm="${adb_fetchparm:-"-O"}"
+ ;;
+ curl)
+ adb_fetchparm="${adb_fetchparm:-"--connect-timeout 10 --insecure -o"}"
+ ssl_lib="built-in"
+ ;;
+ aria2c)
+ adb_fetchparm="${adb_fetchparm:-"--timeout=10 --allow-overwrite=true --auto-file-renaming=false --check-certificate=false -o"}"
+ ssl_lib="built-in"
+ ;;
+ esac
+ adb_fetchutil="$(command -v "${adb_fetchutil}")"
+
+ if [ ! -x "${adb_fetchutil}" ] || [ -z "${adb_fetchutil}" ] || [ -z "${adb_fetchparm}" ]
+ then
+ f_log "err" "download utility not found, please install 'uclient-fetch' with 'libustream-mbedtls' or the full 'wget' package"
+ fi
+ adb_fetchinfo="${adb_fetchutil} (${ssl_lib:-"-"})"
+ f_temp
}
# create temporary files and directories
#
f_temp()
{
- if [ -z "${adb_tmpdir}" ]
- then
- adb_tmpdir="$(mktemp -p /tmp -d)"
- adb_tmpload="$(mktemp -p ${adb_tmpdir} -tu)"
- adb_tmpfile="$(mktemp -p ${adb_tmpdir} -tu)"
- fi
- if [ ! -s "${adb_pidfile}" ]
- then
- printf '%s' "${$}" > "${adb_pidfile}"
- fi
+ if [ -z "${adb_tmpdir}" ]
+ then
+ adb_tmpdir="$(mktemp -p /tmp -d)"
+ adb_tmpload="$(mktemp -p ${adb_tmpdir} -tu)"
+ adb_tmpfile="$(mktemp -p ${adb_tmpdir} -tu)"
+ fi
+ if [ ! -s "${adb_pidfile}" ]
+ then
+ printf '%s' "${$}" > "${adb_pidfile}"
+ fi
}
# remove temporary files and directories
#
f_rmtemp()
{
- if [ -d "${adb_tmpdir}" ]
- then
- rm -rf "${adb_tmpdir}"
- fi
- > "${adb_pidfile}"
+ if [ -d "${adb_tmpdir}" ]
+ then
+ rm -rf "${adb_tmpdir}"
+ fi
+ > "${adb_pidfile}"
}
# remove dns related files and directories
#
f_rmdns()
{
- if [ -n "${adb_dns}" ]
- then
- f_hash
- printf '%s\n' "${adb_dnsheader}" > "${adb_dnsdir}/${adb_dnsfile}"
- > "${adb_dnsdir}/.${adb_dnsfile}"
- > "${adb_rtfile}"
- rm -f "${adb_backupdir}/${adb_dnsprefix}"*.gz
- f_hash
- if [ ${?} -eq 1 ]
- then
- f_dnsup
- fi
- f_rmtemp
- fi
- f_log "debug" "f_rmdns::: dns: ${adb_dns}, dns_dir: ${adb_dnsdir}, dns_prefix: ${adb_dnsprefix}, dns_file: ${adb_dnsfile}, rt_file: ${adb_rtfile}, backup_dir: ${adb_backupdir}"
+ if [ -n "${adb_dns}" ]
+ then
+ f_hash
+ printf '%s\n' "${adb_dnsheader}" > "${adb_dnsdir}/${adb_dnsfile}"
+ > "${adb_dnsdir}/.${adb_dnsfile}"
+ > "${adb_rtfile}"
+ rm -f "${adb_backupdir}/${adb_dnsprefix}"*.gz
+ f_hash
+ if [ ${?} -eq 1 ]
+ then
+ f_dnsup
+ fi
+ f_rmtemp
+ fi
+ f_log "debug" "f_rmdns::: dns: ${adb_dns}, dns_dir: ${adb_dnsdir}, dns_prefix: ${adb_dnsprefix}, dns_file: ${adb_dnsfile}, rt_file: ${adb_rtfile}, backup_dir: ${adb_backupdir}"
}
# commit uci changes
#
f_uci()
{
- local change config="${1}"
-
- if [ -n "${config}" ]
- then
- change="$(uci -q changes "${config}" | awk '{ORS=" "; print $0}')"
- if [ -n "${change}" ]
- then
- uci -q commit "${config}"
- case "${config}" in
- firewall)
- /etc/init.d/firewall reload >/dev/null 2>&1
- ;;
- *)
- /etc/init.d/"${adb_dns}" reload >/dev/null 2>&1
- ;;
- esac
- fi
- fi
- f_log "debug" "f_uci ::: config: ${config}, change: ${change}"
+ local change config="${1}"
+
+ if [ -n "${config}" ]
+ then
+ change="$(uci -q changes "${config}" | awk '{ORS=" "; print $0}')"
+ if [ -n "${change}" ]
+ then
+ uci_commit "${config}"
+ case "${config}" in
+ firewall)
+ /etc/init.d/firewall reload >/dev/null 2>&1
+ ;;
+ *)
+ /etc/init.d/"${adb_dns}" reload >/dev/null 2>&1
+ ;;
+ esac
+ fi
+ fi
+ f_log "debug" "f_uci ::: config: ${config}, change: ${change}"
}
# list/overall count
#
f_count()
{
- local mode="${1}"
-
- adb_cnt=0
- if [ -s "${adb_dnsdir}/${adb_dnsfile}" ] && ([ -z "${mode}" ] || [ "${mode}" = "final" ])
- then
- adb_cnt="$(( $(wc -l 2>/dev/null < "${adb_dnsdir}/${adb_dnsfile}") - $(wc -l 2>/dev/null < "${adb_tmpdir}/tmp.add_whitelist") ))"
- if [ "${adb_dns}" = "named" ] || [ "${adb_dns}" = "kresd" ]
- then
- adb_cnt="$(( (${adb_cnt} - $(printf '%s' "${adb_dnsheader}" | grep -c "^")) / 2 ))"
- fi
- elif [ -s "${adb_tmpfile}" ]
- then
- adb_cnt="$(wc -l 2>/dev/null < "${adb_tmpfile}")"
- fi
+ local mode="${1}"
+
+ adb_cnt=0
+ if [ -s "${adb_dnsdir}/${adb_dnsfile}" ] && ([ -z "${mode}" ] || [ "${mode}" = "final" ])
+ then
+ adb_cnt="$(( $(wc -l 2>/dev/null < "${adb_dnsdir}/${adb_dnsfile}") - $(wc -l 2>/dev/null < "${adb_tmpdir}/tmp.add_whitelist") ))"
+ if [ "${adb_dns}" = "named" ] || [ "${adb_dns}" = "kresd" ]
+ then
+ adb_cnt="$(( (${adb_cnt} - $(printf '%s' "${adb_dnsheader}" | grep -c "^")) / 2 ))"
+ fi
+ elif [ -s "${adb_tmpfile}" ]
+ then
+ adb_cnt="$(wc -l 2>/dev/null < "${adb_tmpfile}")"
+ fi
}
# set external config options
#
f_extconf()
{
- local uci_config port port_list="53 853 5353"
-
- case "${adb_dns}" in
- dnsmasq)
- uci_config="dhcp"
- if [ ${adb_enabled} -eq 1 ] && [ -z "$(uci -q get dhcp.@dnsmasq[${adb_dnsinstance}].serversfile | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
- then
- uci -q set dhcp.@dnsmasq[${adb_dnsinstance}].serversfile="${adb_dnsdir}/${adb_dnsfile}"
- elif [ ${adb_enabled} -eq 0 ] && [ -n "$(uci -q get dhcp.@dnsmasq[${adb_dnsinstance}].serversfile | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
- then
- uci -q delete dhcp.@dnsmasq[${adb_dnsinstance}].serversfile
- fi
- ;;
- kresd)
- uci_config="resolver"
- if [ ${adb_enabled} -eq 1 ] && [ -z "$(uci -q get resolver.kresd.rpz_file | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
- then
- uci -q add_list resolver.kresd.rpz_file="${adb_dnsdir}/${adb_dnsfile}"
- elif [ ${adb_enabled} -eq 0 ] && [ -n "$(uci -q get resolver.kresd.rpz_file | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
- then
- uci -q del_list resolver.kresd.rpz_file="${adb_dnsdir}/${adb_dnsfile}"
- fi
- if [ ${adb_enabled} -eq 1 ] && [ ${adb_dnsflush} -eq 0 ] && [ "$(uci -q get resolver.kresd.keep_cache)" != "1" ]
- then
- uci -q set resolver.kresd.keep_cache="1"
- elif [ ${adb_enabled} -eq 0 ] || ([ ${adb_dnsflush} -eq 1 ] && [ "$(uci -q get resolver.kresd.keep_cache)" = "1" ])
- then
- uci -q set resolver.kresd.keep_cache="0"
- fi
- ;;
- esac
- f_uci "${uci_config}"
-
- uci_config="firewall"
- if [ ${adb_enabled} -eq 1 ] && [ ${adb_forcedns} -eq 1 ] && \
- [ -z "$(uci -q get firewall.adblock_dns_53)" ] && [ $(/etc/init.d/firewall enabled; printf '%u' ${?}) -eq 0 ]
- then
- for port in ${port_list}
- do
- uci_add firewall "redirect" "adblock_dns_${port}"
- uci_set firewall "adblock_dns_${port}" "name" "Adblock DNS, port ${port}"
- uci_set firewall "adblock_dns_${port}" "src" "lan"
- uci_set firewall "adblock_dns_${port}" "proto" "tcp udp"
- uci_set firewall "adblock_dns_${port}" "src_dport" "${port}"
- uci_set firewall "adblock_dns_${port}" "dest_port" "${port}"
- uci_set firewall "adblock_dns_${port}" "target" "DNAT"
- done
- elif [ -n "$(uci -q get firewall.adblock_dns_53)" ] && ([ ${adb_enabled} -eq 0 ] || [ ${adb_forcedns} -eq 0 ])
- then
- for port in ${port_list}
- do
- uci_remove firewall "adblock_dns_${port}"
- done
- fi
- f_uci "${uci_config}"
+ local uci_config port port_list="53 853 5353"
+
+ case "${adb_dns}" in
+ dnsmasq)
+ uci_config="dhcp"
+ if [ ${adb_enabled} -eq 1 ] && [ -z "$(uci_get dhcp "@dnsmasq[${adb_dnsinstance}].serversfile" | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+ then
+ uci_set dhcp "@dnsmasq[${adb_dnsinstance}].serversfile" "${adb_dnsdir}/${adb_dnsfile}"
+ elif [ ${adb_enabled} -eq 0 ] && [ -n "$(uci_get dhcp "@dnsmasq[${adb_dnsinstance}].serversfile" | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+ then
+ uci_remove dhcp "@dnsmasq[${adb_dnsinstance}].serversfile"
+ fi
+ ;;
+ kresd)
+ uci_config="resolver"
+ if [ ${adb_enabled} -eq 1 ] && [ -z "$(uci_get resolver kresd.rpz_file | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+ then
+ uci -q add_list resolver.kresd.rpz_file="${adb_dnsdir}/${adb_dnsfile}"
+ elif [ ${adb_enabled} -eq 0 ] && [ -n "$(uci_get resolver kresd.rpz_file | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+ then
+ uci -q del_list resolver.kresd.rpz_file="${adb_dnsdir}/${adb_dnsfile}"
+ fi
+ if [ ${adb_enabled} -eq 1 ] && [ ${adb_dnsflush} -eq 0 ] && [ "$(uci_get resolver "kresd.keep_cache")" != "1" ]
+ then
+ uci_set resolver "kresd.keep_cache" "1"
+ elif [ ${adb_enabled} -eq 0 ] || ([ ${adb_dnsflush} -eq 1 ] && [ "$(uci_get resolver "kresd.keep_cache")" = "1" ])
+ then
+ uci_set resolver "kresd.keep_cache" "0"
+ fi
+ ;;
+ esac
+ f_uci "${uci_config}"
+
+ uci_config="firewall"
+ if [ ${adb_enabled} -eq 1 ] && [ ${adb_forcedns} -eq 1 ] && \
+ [ -z "$(uci_get firewall adblock_dns_53)" ] && [ $(/etc/init.d/firewall enabled; printf '%u' ${?}) -eq 0 ]
+ then
+ for port in ${port_list}
+ do
+ uci_add firewall "redirect" "adblock_dns_${port}"
+ uci_set firewall "adblock_dns_${port}" "name" "Adblock DNS, port ${port}"
+ uci_set firewall "adblock_dns_${port}" "src" "lan"
+ uci_set firewall "adblock_dns_${port}" "proto" "tcp udp"
+ uci_set firewall "adblock_dns_${port}" "src_dport" "${port}"
+ uci_set firewall "adblock_dns_${port}" "dest_port" "${port}"
+ uci_set firewall "adblock_dns_${port}" "target" "DNAT"
+ done
+ elif [ -n "$(uci_get firewall adblock_dns_53)" ] && ([ ${adb_enabled} -eq 0 ] || [ ${adb_forcedns} -eq 0 ])
+ then
+ for port in ${port_list}
+ do
+ uci_remove firewall "adblock_dns_${port}"
+ done
+ fi
+ f_uci "${uci_config}"
}
# restart of the dns backend
#
f_dnsup()
{
- local dns_up cache_util cache_rc cnt=0
-
- if [ ${adb_dnsflush} -eq 0 ] && [ ${adb_enabled} -eq 1 ] && [ "${adb_rc}" -eq 0 ]
- then
- case "${adb_dns}" in
- dnsmasq)
- killall -q -HUP "${adb_dns}"
- cache_rc=${?}
- ;;
- unbound)
- cache_util="$(command -v unbound-control)"
- if [ -x "${cache_util}" ] && [ -d "${adb_tmpdir}" ] && [ -f "${adb_dnsdir}"/unbound.conf ]
- then
- "${cache_util}" -c "${adb_dnsdir}"/unbound.conf dump_cache > "${adb_tmpdir}"/adb_cache.dump 2>/dev/null
- fi
- "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
- ;;
- kresd)
- cache_util="keep_cache"
- "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
- cache_rc=${?}
- ;;
- named)
- cache_util="$(command -v rndc)"
- if [ -x "${cache_util}" ] && [ -f /etc/bind/rndc.conf ]
- then
- "${cache_util}" -c /etc/bind/rndc.conf reload >/dev/null 2>&1
- cache_rc=${?}
- else
- "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
- fi
- ;;
- *)
- "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
- ;;
- esac
- else
- "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
- fi
-
- adb_rc=1
- while [ ${cnt} -le 10 ]
- do
- dns_up="$(ubus -S call service list "{\"name\":\"${adb_dns}\"}" | jsonfilter -l1 -e "@[\"${adb_dns}\"].instances.*.running")"
- if [ "${dns_up}" = "true" ]
- then
- case "${adb_dns}" in
- unbound)
- cache_util="$(command -v unbound-control)"
- if [ -x "${cache_util}" ] && [ -d "${adb_tmpdir}" ] && [ -s "${adb_tmpdir}"/adb_cache.dump ]
- then
- while [ ${cnt} -le 10 ]
- do
- "${cache_util}" -c "${adb_dnsdir}"/unbound.conf load_cache < "${adb_tmpdir}"/adb_cache.dump >/dev/null 2>&1
- cache_rc=${?}
- if [ ${cache_rc} -eq 0 ]
- then
- break
- fi
- cnt=$((cnt+1))
- sleep 1
- done
- fi
- ;;
- esac
- adb_rc=0
- break
- fi
- cnt=$((cnt+1))
- sleep 1
- done
- f_log "debug" "f_dnsup::: cache_util: ${cache_util:-"-"}, cache_rc: ${cache_rc:-"-"}, cache_flush: ${adb_dnsflush}, cache_cnt: ${cnt}, rc: ${adb_rc}"
- return ${adb_rc}
+ local dns_up cache_util cache_rc cnt=0
+
+ if [ ${adb_dnsflush} -eq 0 ] && [ ${adb_enabled} -eq 1 ] && [ "${adb_rc}" -eq 0 ]
+ then
+ case "${adb_dns}" in
+ dnsmasq)
+ killall -q -HUP "${adb_dns}"
+ cache_rc=${?}
+ ;;
+ unbound)
+ cache_util="$(command -v unbound-control)"
+ if [ -x "${cache_util}" ] && [ -d "${adb_tmpdir}" ] && [ -f "${adb_dnsdir}"/unbound.conf ]
+ then
+ "${cache_util}" -c "${adb_dnsdir}"/unbound.conf dump_cache > "${adb_tmpdir}"/adb_cache.dump 2>/dev/null
+ fi
+ "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
+ ;;
+ kresd)
+ cache_util="keep_cache"
+ "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
+ cache_rc=${?}
+ ;;
+ named)
+ cache_util="$(command -v rndc)"
+ if [ -x "${cache_util}" ] && [ -f /etc/bind/rndc.conf ]
+ then
+ "${cache_util}" -c /etc/bind/rndc.conf reload >/dev/null 2>&1
+ cache_rc=${?}
+ else
+ "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
+ fi
+ ;;
+ *)
+ "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
+ ;;
+ esac
+ else
+ "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
+ fi
+
+ adb_rc=1
+ while [ ${cnt} -le 10 ]
+ do
+ dns_up="$(ubus -S call service list "{\"name\":\"${adb_dns}\"}" | jsonfilter -l1 -e "@[\"${adb_dns}\"].instances.*.running")"
+ if [ "${dns_up}" = "true" ]
+ then
+ case "${adb_dns}" in
+ unbound)
+ cache_util="$(command -v unbound-control)"
+ if [ -x "${cache_util}" ] && [ -d "${adb_tmpdir}" ] && [ -s "${adb_tmpdir}"/adb_cache.dump ]
+ then
+ while [ ${cnt} -le 10 ]
+ do
+ "${cache_util}" -c "${adb_dnsdir}"/unbound.conf load_cache < "${adb_tmpdir}"/adb_cache.dump >/dev/null 2>&1
+ cache_rc=${?}
+ if [ ${cache_rc} -eq 0 ]
+ then
+ break
+ fi
+ cnt=$((cnt+1))
+ sleep 1
+ done
+ fi
+ ;;
+ esac
+ adb_rc=0
+ break
+ fi
+ cnt=$((cnt+1))
+ sleep 1
+ done
+ f_log "debug" "f_dnsup::: cache_util: ${cache_util:-"-"}, cache_rc: ${cache_rc:-"-"}, cache_flush: ${adb_dnsflush}, cache_cnt: ${cnt}, rc: ${adb_rc}"
+ return ${adb_rc}
}
# backup/restore/remove blocklists
#
f_list()
{
- local file mode="${1}" in_rc="${adb_rc}"
-
- case "${mode}" in
- backup)
- if [ -d "${adb_backupdir}" ]
- then
- gzip -cf "${adb_tmpfile}" 2>/dev/null > "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz"
- adb_rc=${?}
- fi
- ;;
- restore)
- if [ -d "${adb_backupdir}" ] && [ -f "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz" ]
- then
- gunzip -cf "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz" 2>/dev/null > "${adb_tmpfile}"
- adb_rc=${?}
- fi
- ;;
- remove)
- if [ -d "${adb_backupdir}" ]
- then
- rm -f "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz"
- fi
- adb_rc=${?}
- ;;
- merge)
- for file in "${adb_tmpfile}".*
- do
- cat "${file}" 2>/dev/null >> "${adb_tmpdir}/${adb_dnsfile}"
- if [ ${?} -ne 0 ]
- then
- adb_rc=${?}
- break
- fi
- rm -f "${file}"
- done
- adb_tmpfile="${adb_tmpdir}/${adb_dnsfile}"
- ;;
- final)
- > "${adb_dnsdir}/${adb_dnsfile}"
-
- if [ -s "${adb_tmpdir}/tmp.add_whitelist" ]
- then
- cat "${adb_tmpdir}/tmp.add_whitelist" >> "${adb_dnsdir}/${adb_dnsfile}"
- fi
-
- if [ -s "${adb_tmpdir}/tmp.rem_whitelist" ]
- then
- grep -vf "${adb_tmpdir}/tmp.rem_whitelist" "${adb_tmpdir}/${adb_dnsfile}" | eval "${adb_dnsdeny}" >> "${adb_dnsdir}/${adb_dnsfile}"
- else
- eval "${adb_dnsdeny}" "${adb_tmpdir}/${adb_dnsfile}" >> "${adb_dnsdir}/${adb_dnsfile}"
- fi
-
- if [ ${?} -eq 0 ] && [ -n "${adb_dnsheader}" ]
- then
- printf '%s\n' "${adb_dnsheader}" | cat - "${adb_dnsdir}/${adb_dnsfile}" > "${adb_tmpdir}/${adb_dnsfile}"
- cat "${adb_tmpdir}/${adb_dnsfile}" > "${adb_dnsdir}/${adb_dnsfile}"
- fi
- adb_rc=${?}
- ;;
- esac
- f_count "${mode}"
- f_log "debug" "f_list ::: name: ${src_name:-"-"}, mode: ${mode}, cnt: ${adb_cnt}, in_rc: ${in_rc}, out_rc: ${adb_rc}"
+ local file mode="${1}" in_rc="${adb_rc}"
+
+ case "${mode}" in
+ backup)
+ if [ -d "${adb_backupdir}" ]
+ then
+ gzip -cf "${adb_tmpfile}" 2>/dev/null > "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz"
+ adb_rc=${?}
+ fi
+ ;;
+ restore)
+ if [ -d "${adb_backupdir}" ] && [ -f "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz" ]
+ then
+ gunzip -cf "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz" 2>/dev/null > "${adb_tmpfile}"
+ adb_rc=${?}
+ fi
+ ;;
+ remove)
+ if [ -d "${adb_backupdir}" ]
+ then
+ rm -f "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz"
+ fi
+ adb_rc=${?}
+ ;;
+ merge)
+ for file in "${adb_tmpfile}".*
+ do
+ cat "${file}" 2>/dev/null >> "${adb_tmpdir}/${adb_dnsfile}"
+ if [ ${?} -ne 0 ]
+ then
+ adb_rc=${?}
+ break
+ fi
+ rm -f "${file}"
+ done
+ adb_tmpfile="${adb_tmpdir}/${adb_dnsfile}"
+ ;;
+ final)
+ > "${adb_dnsdir}/${adb_dnsfile}"
+
+ if [ -s "${adb_tmpdir}/tmp.add_whitelist" ]
+ then
+ cat "${adb_tmpdir}/tmp.add_whitelist" >> "${adb_dnsdir}/${adb_dnsfile}"
+ fi
+
+ if [ -s "${adb_tmpdir}/tmp.rem_whitelist" ]
+ then
+ grep -vf "${adb_tmpdir}/tmp.rem_whitelist" "${adb_tmpdir}/${adb_dnsfile}" | eval "${adb_dnsdeny}" >> "${adb_dnsdir}/${adb_dnsfile}"
+ else
+ eval "${adb_dnsdeny}" "${adb_tmpdir}/${adb_dnsfile}" >> "${adb_dnsdir}/${adb_dnsfile}"
+ fi
+
+ if [ ${?} -eq 0 ] && [ -n "${adb_dnsheader}" ]
+ then
+ printf '%s\n' "${adb_dnsheader}" | cat - "${adb_dnsdir}/${adb_dnsfile}" > "${adb_tmpdir}/${adb_dnsfile}"
+ mv -f "${adb_tmpdir}/${adb_dnsfile}" "${adb_dnsdir}/${adb_dnsfile}"
+ fi
+ adb_rc=${?}
+ ;;
+ esac
+ f_count "${mode}"
+ f_log "debug" "f_list ::: name: ${src_name:-"-"}, mode: ${mode}, cnt: ${adb_cnt}, in_rc: ${in_rc}, out_rc: ${adb_rc}"
}
# top level domain compression
#
f_tld()
{
- local cnt cnt_srt cnt_tld source="${1}" temp="${1}.tld"
-
- cnt="$(wc -l 2>/dev/null < "${source}")"
- sort -u "${source}" > "${temp}"
- if [ ${?} -eq 0 ]
- then
- cnt_srt="$(wc -l 2>/dev/null < "${temp}")"
- awk -F "." '{for(f=NF;f>1;f--)printf "%s.",$f;print $1}' "${temp}" > "${source}"
- if [ ${?} -eq 0 ]
- then
- sort "${source}" > "${temp}"
- if [ ${?} -eq 0 ]
- then
- awk '{if(NR==1){tld=$NF};while(getline){if($NF!~tld"\\."){print tld;tld=$NF}}print tld}' "${temp}" > "${source}"
- if [ ${?} -eq 0 ]
- then
- awk -F "." '{for(f=NF;f>1;f--)printf "%s.",$f;print $1}' "${source}" > "${temp}"
- if [ ${?} -eq 0 ]
- then
- sort "${temp}" > "${source}"
- if [ ${?} -eq 0 ]
- then
- cnt_tld="$(wc -l 2>/dev/null < "${source}")"
- else
- cat "${temp}" > "${source}"
- fi
- fi
- else
- cat "${temp}" > "${source}"
- fi
- fi
- else
- cat "${temp}" > "${source}"
- fi
- fi
- rm -f "${temp}"
- f_log "debug" "f_tld ::: source: ${source}, cnt: ${cnt:-"-"}, cnt_srt: ${cnt_srt:-"-"}, cnt_tld: ${cnt_tld:-"-"}"
+ local cnt cnt_srt cnt_tld source="${1}" temp="${1}.tld"
+
+ cnt="$(wc -l 2>/dev/null < "${source}")"
+ awk 'BEGIN{FS="."}{for(f=NF;f>1;f--)printf "%s.",$f;print $1}' "${source}" > "${temp}"
+ if [ ${?} -eq 0 ]
+ then
+ sort -u "${temp}" > "${source}"
+ if [ ${?} -eq 0 ]
+ then
+ cnt_srt="$(wc -l 2>/dev/null < "${source}")"
+ awk '{if(NR==1){tld=$NF};while(getline){if($NF!~tld"\\."){print tld;tld=$NF}}print tld}' "${source}" > "${temp}"
+ if [ ${?} -eq 0 ]
+ then
+ awk 'BEGIN{FS="."}{for(f=NF;f>1;f--)printf "%s.",$f;print $1}' "${temp}" > "${source}"
+ if [ ${?} -eq 0 ]
+ then
+ cnt_tld="$(wc -l 2>/dev/null < "${source}")"
+ else
+ mv -f "${temp}" > "${source}"
+ fi
+ fi
+ else
+ mv -f "${temp}" "${source}"
+ fi
+ fi
+ f_log "debug" "f_tld ::: source: ${source}, cnt: ${cnt:-"-"}, cnt_srt: ${cnt_srt:-"-"}, cnt_tld: ${cnt_tld:-"-"}"
}
# blocklist hash compare
#
f_hash()
{
- local hash hash_rc=1
-
- if [ -x "${adb_hashutil}" ] && [ -f "${adb_dnsdir}/${adb_dnsfile}" ]
- then
- hash="$(${adb_hashutil} "${adb_dnsdir}/${adb_dnsfile}" 2>/dev/null | awk '{print $1}')"
- if [ -z "${adb_hashold}" ] && [ -n "${hash}" ]
- then
- adb_hashold="${hash}"
- elif [ -z "${adb_hashnew}" ] && [ -n "${hash}" ]
- then
- adb_hashnew="${hash}"
- fi
- if [ -n "${adb_hashold}" ] && [ -n "${adb_hashnew}" ]
- then
- if [ "${adb_hashold}" = "${adb_hashnew}" ]
- then
- hash_rc=0
- fi
- adb_hashold=""
- adb_hashnew=""
- fi
- fi
- f_log "debug" "f_hash ::: hash_util: ${adb_hashutil}, hash: ${hash}, out_rc: ${hash_rc}"
- return ${hash_rc}
+ local hash hash_rc=1
+
+ if [ -x "${adb_hashutil}" ] && [ -f "${adb_dnsdir}/${adb_dnsfile}" ]
+ then
+ hash="$(${adb_hashutil} "${adb_dnsdir}/${adb_dnsfile}" 2>/dev/null | awk '{print $1}')"
+ if [ -z "${adb_hashold}" ] && [ -n "${hash}" ]
+ then
+ adb_hashold="${hash}"
+ elif [ -z "${adb_hashnew}" ] && [ -n "${hash}" ]
+ then
+ adb_hashnew="${hash}"
+ fi
+ if [ -n "${adb_hashold}" ] && [ -n "${adb_hashnew}" ]
+ then
+ if [ "${adb_hashold}" = "${adb_hashnew}" ]
+ then
+ hash_rc=0
+ fi
+ adb_hashold=""
+ adb_hashnew=""
+ fi
+ fi
+ f_log "debug" "f_hash ::: hash_util: ${adb_hashutil}, hash: ${hash}, out_rc: ${hash_rc}"
+ return ${hash_rc}
}
# suspend/resume adblock processing
#
f_switch()
{
- local mode="${1}"
-
- if [ ! -s "${adb_dnsdir}/.${adb_dnsfile}" ] && [ "${mode}" = "suspend" ]
- then
- f_hash
- cat "${adb_dnsdir}/${adb_dnsfile}" > "${adb_dnsdir}/.${adb_dnsfile}"
- printf '%s\n' "${adb_dnsheader}" > "${adb_dnsdir}/${adb_dnsfile}"
- f_hash
- elif [ -s "${adb_dnsdir}/.${adb_dnsfile}" ] && [ "${mode}" = "resume" ]
- then
- f_hash
- cat "${adb_dnsdir}/.${adb_dnsfile}" > "${adb_dnsdir}/${adb_dnsfile}"
- > "${adb_dnsdir}/.${adb_dnsfile}"
- f_hash
- fi
- if [ ${?} -eq 1 ]
- then
- f_temp
- f_dnsup
- f_jsnup "${mode}"
- f_log "info" "${mode} adblock processing"
- f_rmtemp
- exit 0
- fi
+ local mode="${1}"
+
+ if [ ! -s "${adb_dnsdir}/.${adb_dnsfile}" ] && [ "${mode}" = "suspend" ]
+ then
+ f_hash
+ cat "${adb_dnsdir}/${adb_dnsfile}" > "${adb_dnsdir}/.${adb_dnsfile}"
+ printf '%s\n' "${adb_dnsheader}" > "${adb_dnsdir}/${adb_dnsfile}"
+ f_hash
+ elif [ -s "${adb_dnsdir}/.${adb_dnsfile}" ] && [ "${mode}" = "resume" ]
+ then
+ f_hash
+ cat "${adb_dnsdir}/.${adb_dnsfile}" > "${adb_dnsdir}/${adb_dnsfile}"
+ > "${adb_dnsdir}/.${adb_dnsfile}"
+ f_hash
+ fi
+ if [ ${?} -eq 1 ]
+ then
+ f_temp
+ f_dnsup
+ f_jsnup "${mode}"
+ f_log "info" "${mode} adblock processing"
+ f_rmtemp
+ exit 0
+ fi
}
# query blocklist for certain (sub-)domains
#
f_query()
{
- local search result prefix suffix field domain="${1}" tld="${1#*.}"
-
- if [ -z "${domain}" ] || [ "${domain}" = "${tld}" ]
- then
- printf '%s\n' "::: invalid domain input, please submit a single domain, e.g. 'doubleclick.net'"
- else
- case "${adb_dns}" in
- dnsmasq)
- prefix=".*[\/\.]"
- suffix="(\/)"
- field=2
- ;;
- unbound)
- prefix=".*[\"\.]"
- suffix="(static)"
- field=3
- ;;
- named)
- prefix="[^\*].*[\.]"
- suffix="( \.)"
- field=1
- ;;
- kresd)
- prefix="[^\*].*[\.]"
- suffix="( \.)"
- field=1
- ;;
- dnscrypt-proxy)
- prefix=".*[\.]"
- suffix=""
- field=1
- ;;
- esac
- while [ "${domain}" != "${tld}" ]
- do
- search="${domain//./\.}"
- result="$(awk -F '/|\"| ' "/^($search|${prefix}+${search}.*${suffix}$)/{i++;{printf(\" + %s\n\",\$${field})};if(i>9){printf(\" + %s\n\",\"[...]\");exit}}" "${adb_dnsdir}/${adb_dnsfile}")"
- printf '%s\n' "::: results for domain '${domain}'"
- printf '%s\n' "${result:-" - no match"}"
- domain="${tld}"
- tld="${domain#*.}"
- done
- fi
+ local search result prefix suffix field domain="${1}" tld="${1#*.}"
+
+ if [ -z "${domain}" ] || [ "${domain}" = "${tld}" ]
+ then
+ printf '%s\n' "::: invalid domain input, please submit a single domain, e.g. 'doubleclick.net'"
+ else
+ case "${adb_dns}" in
+ dnsmasq)
+ prefix=".*[\/\.]"
+ suffix="(\/)"
+ field=2
+ ;;
+ unbound)
+ prefix=".*[\"\.]"
+ suffix="(static)"
+ field=3
+ ;;
+ named)
+ prefix="[^\*].*[\.]"
+ suffix="( \.)"
+ field=1
+ ;;
+ kresd)
+ prefix="[^\*].*[\.]"
+ suffix="( \.)"
+ field=1
+ ;;
+ dnscrypt-proxy)
+ prefix=".*[\.]"
+ suffix=""
+ field=1
+ ;;
+ esac
+ while [ "${domain}" != "${tld}" ]
+ do
+ search="${domain//./\.}"
+ result="$(awk -F '/|\"| ' "/^($search|${prefix}+${search}.*${suffix}$)/{i++;{printf(\" + %s\n\",\$${field})};if(i>9){printf(\" + %s\n\",\"[...]\");exit}}" "${adb_dnsdir}/${adb_dnsfile}")"
+ printf '%s\n' "::: results for domain '${domain}'"
+ printf '%s\n' "${result:-" - no match"}"
+ domain="${tld}"
+ tld="${domain#*.}"
+ done
+ fi
}
# update runtime information
#
f_jsnup()
{
- local bg_pid rundate status="${1:-"enabled"}" mode="normal mode" no_mail=0
-
- if [ ${adb_rc} -gt 0 ]
- then
- status="error"
- rundate="$(/bin/date "+%d.%m.%Y %H:%M:%S")"
- fi
- if [ ${adb_enabled} -eq 0 ]
- then
- status="disabled"
- fi
- if [ "${status}" = "enabled" ]
- then
- rundate="$(/bin/date "+%d.%m.%Y %H:%M:%S")"
- fi
- if [ "${status}" = "suspend" ]
- then
- status="paused"
- fi
- if [ "${status}" = "resume" ]
- then
- no_mail=1
- status="enabled"
- fi
- if [ ${adb_backup_mode} -eq 1 ]
- then
- mode="backup mode"
- fi
-
- if [ -s "${adb_rtfile}" ]
- then
- json_load "$(cat "${adb_rtfile}" 2>/dev/null)"
- json_select data
-
- if [ -z "${adb_fetchinfo}" ] && [ -s "${adb_rtfile}" ]
- then
- json_get_var adb_fetchinfo "fetch_utility"
- fi
- if [ -z "${rundate}" ]
- then
- json_get_var rundate "last_rundate"
- fi
- if [ -z "${adb_cnt}" ]
- then
- json_get_var adb_cnt "overall_domains"
- adb_cnt="${adb_cnt%% *}"
- fi
- fi
-
- json_init
- json_add_object "data"
- json_add_string "adblock_status" "${status}"
- json_add_string "adblock_version" "${adb_ver}"
- json_add_string "overall_domains" "${adb_cnt:-0} (${mode})"
- json_add_string "fetch_utility" "${adb_fetchinfo:-"-"}"
- json_add_string "dns_backend" "${adb_dns} (${adb_dnsdir})"
- json_add_string "last_rundate" "${rundate:-"-"}"
- json_add_string "system_release" "${adb_sysver}"
- json_close_object
- json_dump > "${adb_rtfile}"
-
- if [ ${adb_notify} -eq 1 ] && [ ${no_mail} -eq 0 ] && [ -x /etc/adblock/adblock.notify ] && \
- ([ "${status}" = "error" ] || ([ "${status}" = "enabled" ] && [ ${adb_cnt} -le ${adb_notifycnt} ]))
- then
- (/etc/adblock/adblock.notify >/dev/null 2>&1) &
- bg_pid=${!}
- fi
- f_log "debug" "f_jsnup::: status: ${status}, mode: ${mode}, cnt: ${adb_cnt}, notify: ${adb_notify}, notify_cnt: ${adb_notifycnt}, notify_pid: ${bg_pid:-"-"}"
+ local run_time bg_pid status="${1:-"enabled"}" mode="normal mode" no_mail=0
+
+ if [ ${adb_rc} -gt 0 ]
+ then
+ status="error"
+ run_time="$(/bin/date "+%d.%m.%Y %H:%M:%S")"
+ fi
+ if [ "${status}" = "enabled" ]
+ then
+ run_time="$(/bin/date "+%d.%m.%Y %H:%M:%S")"
+ fi
+ if [ "${status}" = "suspend" ]
+ then
+ status="paused"
+ fi
+ if [ "${status}" = "resume" ]
+ then
+ no_mail=1
+ status="enabled"
+ fi
+ if [ ${adb_backup_mode} -eq 1 ]
+ then
+ mode="backup mode"
+ fi
+
+ if [ -z "${adb_fetchinfo}" ]
+ then
+ json_get_var adb_fetchinfo "fetch_utility"
+ fi
+ if [ -z "${adb_cnt}" ]
+ then
+ json_get_var adb_cnt "overall_domains"
+ adb_cnt="${adb_cnt%% *}"
+ fi
+ if [ -z "${run_time}" ]
+ then
+ json_get_var run_time "last_rundate"
+ fi
+ json_add_string "adblock_status" "${status}"
+ json_add_string "adblock_version" "${adb_ver}"
+ json_add_string "overall_domains" "${adb_cnt:-0} (${mode})"
+ json_add_string "fetch_utility" "${adb_fetchinfo:-"-"}"
+ json_add_string "dns_backend" "${adb_dns} (${adb_dnsdir})"
+ json_add_string "last_rundate" "${run_time:-"-"}"
+ json_add_string "system_release" "${adb_sysver}"
+ json_dump > "${adb_rtfile}"
+
+ if [ ${adb_notify} -eq 1 ] && [ ${no_mail} -eq 0 ] && [ -x /etc/adblock/adblock.notify ] && \
+ ([ "${status}" = "error" ] || ([ "${status}" = "enabled" ] && [ ${adb_cnt} -le ${adb_notifycnt} ]))
+ then
+ (/etc/adblock/adblock.notify >/dev/null 2>&1) &
+ bg_pid=${!}
+ fi
+ f_log "debug" "f_jsnup::: status: ${status}, mode: ${mode}, cnt: ${adb_cnt}, notify: ${adb_notify}, notify_cnt: ${adb_notifycnt}, notify_pid: ${bg_pid:-"-"}"
}
# write to syslog
#
f_log()
{
- local class="${1}" log_msg="${2}"
-
- if [ -n "${log_msg}" ] && ([ "${class}" != "debug" ] || [ ${adb_debug} -eq 1 ])
- then
- logger -p "${class}" -t "adblock-[${adb_ver}]" "${log_msg}"
- if [ "${class}" = "err" ]
- then
- f_rmdns
- f_jsnup
- logger -p "${class}" -t "adblock-[${adb_ver}]" "Please also check 'https://github.com/openwrt/packages/blob/master/net/adblock/files/README.md'"
- exit 1
- fi
- fi
+ local class="${1}" log_msg="${2}"
+
+ if [ -n "${log_msg}" ] && ([ "${class}" != "debug" ] || [ ${adb_debug} -eq 1 ])
+ then
+ logger -p "${class}" -t "adblock-${adb_ver}[${$}]" "${log_msg}"
+ if [ "${class}" = "err" ]
+ then
+ f_rmdns
+ f_jsnup
+ logger -p "${class}" -t "adblock-${adb_ver}[${$}]" "Please also check 'https://github.com/openwrt/packages/blob/master/net/adblock/files/README.md'"
+ exit 1
+ fi
+ fi
}
# main function for blocklist processing
#
f_main()
{
- local tmp_load tmp_file src_name src_rset src_url src_log src_arc src_cat cat list entry suffix mem_total mem_free enabled cnt=1
-
- mem_total="$(awk '/^MemTotal/ {print int($2/1000)}' "/proc/meminfo" 2>/dev/null)"
- mem_free="$(awk '/^MemFree/ {print int($2/1000)}' "/proc/meminfo" 2>/dev/null)"
- tmp_load="${adb_tmpload}"
- tmp_file="${adb_tmpfile}"
- > "${adb_dnsdir}/.${adb_dnsfile}"
- > "${adb_tmpdir}/tmp.raw_whitelist"
- > "${adb_tmpdir}/tmp.add_whitelist"
- > "${adb_tmpdir}/tmp.rem_whitelist"
- f_log "debug" "f_main ::: dns: ${adb_dns}, fetch_util: ${adb_fetchinfo}, backup: ${adb_backup}, backup_mode: ${adb_backup_mode}, dns_jail: ${adb_jail}, force_srt: ${adb_forcesrt}, force_dns: ${adb_forcedns}, mem_total: ${mem_total:-0}, mem_free: ${mem_free:-0}, max_queue: ${adb_maxqueue}"
-
- # prepare whitelist entries
- #
- if [ -s "${adb_whitelist}" ]
- then
- adb_whitelist_rset="/^([^([:space:]|\#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}"
- awk "${adb_whitelist_rset}" "${adb_whitelist}" > "${adb_tmpdir}/tmp.raw_whitelist"
- f_tld "${adb_tmpdir}/tmp.raw_whitelist"
-
- adb_whitelist_rset="/^([^([:space:]|\#|\*|\/).]+\.)+[[:alpha:]]+([[:space:]]|$)/{gsub(\"\\\.\",\"\\\.\",\$1);print tolower(\"^\"\$1\"\\\|\\\.\"\$1)}"
- awk "${adb_whitelist_rset}" "${adb_tmpdir}/tmp.raw_whitelist" > "${adb_tmpdir}/tmp.rem_whitelist"
-
- if [ -n "${adb_dnsallow}" ]
- then
- eval "${adb_dnsallow}" "${adb_tmpdir}/tmp.raw_whitelist" > "${adb_tmpdir}/tmp.add_whitelist"
- fi
- fi
-
- # build 'dnsjail' list
- #
- if [ ${adb_jail} -eq 1 ]
- then
- cat "${adb_tmpdir}/tmp.add_whitelist" > "/tmp/${adb_dnsjail}"
- printf '%s\n' "${adb_dnshalt}" >> "/tmp/${adb_dnsjail}"
- if [ -n "${adb_dnsheader}" ]
- then
- printf '%s\n' "${adb_dnsheader}" | cat - "/tmp/${adb_dnsjail}" > "${adb_tmpdir}/tmp.dnsjail"
- cat "${adb_tmpdir}/tmp.dnsjail" > "/tmp/${adb_dnsjail}"
- fi
- fi
-
- # main loop
- #
- for src_name in ${adb_sources}
- do
- enabled="$(eval printf '%s' \"\${enabled_${src_name}\}\")"
- src_url="$(eval printf '%s' \"\${adb_src_${src_name}\}\")"
- src_rset="$(eval printf '%s' \"\${adb_src_rset_${src_name}\}\")"
- src_cat="$(eval printf '%s' \"\${adb_src_cat_${src_name}\}\")"
- adb_tmpload="${tmp_load}.${src_name}"
- adb_tmpfile="${tmp_file}.${src_name}"
-
- # basic pre-checks
- #
- f_log "debug" "f_main ::: name: ${src_name}, enabled: ${enabled}"
- if [ "${enabled}" != "1" ] || [ -z "${src_url}" ] || [ -z "${src_rset}" ]
- then
- f_list remove
- continue
- fi
-
- # backup mode
- #
- if [ ${adb_backup_mode} -eq 1 ] && [ "${adb_action}" = "start" ] && [ "${src_name}" != "blacklist" ]
- then
- f_list restore
- if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpfile}" ]
- then
- if ([ ${mem_total} -lt 64 ] || [ ${mem_free} -lt 40 ]) && [ ${adb_forcesrt} -eq 0 ]
- then
- f_tld "${adb_tmpfile}"
- fi
- continue
- fi
- fi
-
- # download queue processing
- #
- if [ "${src_name}" = "blacklist" ]
- then
- if [ -s "${src_url}" ]
- then
- (
- src_log="$(cat "${src_url}" > "${adb_tmpload}" 2>&1)"
- adb_rc=${?}
- if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpload}" ]
- then
- awk "${src_rset}" "${adb_tmpload}" 2>/dev/null > "${adb_tmpfile}"
- adb_rc=${?}
- if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpfile}" ]
- then
- rm -f "${adb_tmpload}"
- f_list download
- if ([ ${mem_total} -lt 64 ] || [ ${mem_free} -lt 40 ]) && [ ${adb_forcesrt} -eq 0 ]
- then
- f_tld "${adb_tmpfile}"
- fi
- fi
- else
- src_log="$(printf '%s' "${src_log}" | awk '{ORS=" ";print $0}')"
- f_log "debug" "f_main ::: name: ${src_name}, url: ${src_url}, rc: ${adb_rc}, log: ${src_log:-"-"}"
- fi
- ) &
- else
- continue
- fi
- elif [ -n "${src_cat}" ]
- then
- (
- src_arc="${adb_tmpdir}/${src_url##*/}"
- src_log="$("${adb_fetchutil}" ${adb_fetchparm} "${src_arc}" "${src_url}" 2>&1)"
- adb_rc=${?}
- if [ ${adb_rc} -eq 0 ] && [ -s "${src_arc}" ]
- then
- list="$(tar -tzf "${src_arc}")"
- suffix="$(eval printf '%s' \"\${adb_src_suffix_${src_name}:-\"domains\"\}\")"
- for cat in ${src_cat}
- do
- entry="$(printf '%s' "${list}" | grep -E "[\^/]+${cat}/${suffix}")"
- if [ -n "${entry}" ]
- then
- tar -xOzf "${src_arc}" "${entry}" >> "${adb_tmpload}"
- adb_rc=${?}
- if [ ${adb_rc} -ne 0 ]
- then
- break
- fi
- fi
- done
- else
- src_log="$(printf '%s' "${src_log}" | awk '{ORS=" ";print $0}')"
- f_log "debug" "f_main ::: name: ${src_name}, url: ${src_url}, rc: ${adb_rc}, log: ${src_log:-"-"}"
- fi
- if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpload}" ]
- then
- rm -f "${src_arc}"
- awk "${src_rset}" "${adb_tmpload}" 2>/dev/null > "${adb_tmpfile}"
- adb_rc=${?}
- if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpfile}" ]
- then
- rm -f "${adb_tmpload}"
- f_list download
- if [ ${adb_backup} -eq 1 ]
- then
- f_list backup
- fi
- if ([ ${mem_total} -lt 64 ] || [ ${mem_free} -lt 40 ]) && [ ${adb_forcesrt} -eq 0 ]
- then
- f_tld "${adb_tmpfile}"
- fi
- elif [ ${adb_backup} -eq 1 ]
- then
- f_list restore
- fi
- elif [ ${adb_backup} -eq 1 ]
- then
- f_list restore
- fi
- ) &
- else
- (
- src_log="$("${adb_fetchutil}" ${adb_fetchparm} "${adb_tmpload}" "${src_url}" 2>&1)"
- adb_rc=${?}
- if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpload}" ]
- then
- awk "${src_rset}" "${adb_tmpload}" 2>/dev/null > "${adb_tmpfile}"
- adb_rc=${?}
- if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpfile}" ]
- then
- rm -f "${adb_tmpload}"
- f_list download
- if [ ${adb_backup} -eq 1 ]
- then
- f_list backup
- fi
- if ([ ${mem_total} -lt 64 ] || [ ${mem_free} -lt 40 ]) && [ ${adb_forcesrt} -eq 0 ]
- then
- f_tld "${adb_tmpfile}"
- fi
- elif [ ${adb_backup} -eq 1 ]
- then
- f_list restore
- fi
- else
- src_log="$(printf '%s' "${src_log}" | awk '{ORS=" ";print $0}')"
- f_log "debug" "f_main ::: name: ${src_name}, url: ${src_url}, rc: ${adb_rc}, log: ${src_log:-"-"}"
- if [ ${adb_backup} -eq 1 ]
- then
- f_list restore
- fi
- fi
- ) &
- fi
- hold=$(( cnt % adb_maxqueue ))
- if [ ${hold} -eq 0 ]
- then
- wait
- fi
- cnt=$(( cnt + 1 ))
- done
-
- # list merge
- #
- wait
- src_name="overall"
- adb_tmpfile="${tmp_file}"
- f_list merge
-
- # overall sort and conditional dns restart
- #
- f_hash
- if [ -s "${adb_tmpdir}/${adb_dnsfile}" ]
- then
- if ([ ${mem_total} -ge 64 ] && [ ${mem_free} -ge 40 ]) || [ ${adb_forcesrt} -eq 1 ]
- then
- f_tld "${adb_tmpdir}/${adb_dnsfile}"
- fi
- f_list final
- else
- > "${adb_dnsdir}/${adb_dnsfile}"
- fi
- chown "${adb_dnsuser}" "${adb_dnsdir}/${adb_dnsfile}" 2>/dev/null
- f_hash
- if [ ${?} -eq 1 ]
- then
- f_dnsup
- fi
- f_jsnup
- if [ ${?} -eq 0 ]
- then
- f_log "info" "blocklist with overall ${adb_cnt} domains loaded successfully (${adb_sysver})"
- else
- f_log "err" "dns backend restart with active blocklist failed"
- fi
- f_rmtemp
- exit ${adb_rc}
+ local tmp_load tmp_file src_name src_rset src_url src_log src_arc src_cat cat list entry suffix mem_total mem_free enabled cnt=1
+
+ mem_total="$(awk '/^MemTotal/ {print int($2/1000)}' "/proc/meminfo" 2>/dev/null)"
+ mem_free="$(awk '/^MemFree/ {print int($2/1000)}' "/proc/meminfo" 2>/dev/null)"
+ tmp_load="${adb_tmpload}"
+ tmp_file="${adb_tmpfile}"
+ > "${adb_dnsdir}/.${adb_dnsfile}"
+ > "${adb_tmpdir}/tmp.raw_whitelist"
+ > "${adb_tmpdir}/tmp.add_whitelist"
+ > "${adb_tmpdir}/tmp.rem_whitelist"
+ f_log "debug" "f_main ::: dns: ${adb_dns}, fetch_util: ${adb_fetchinfo}, backup: ${adb_backup}, backup_mode: ${adb_backup_mode}, dns_jail: ${adb_jail}, force_srt: ${adb_forcesrt}, force_dns: ${adb_forcedns}, mem_total: ${mem_total:-0}, mem_free: ${mem_free:-0}, max_queue: ${adb_maxqueue}"
+
+ # prepare whitelist entries
+ #
+ if [ -s "${adb_whitelist}" ]
+ then
+ adb_whitelist_rset="/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}"
+ awk "${adb_whitelist_rset}" "${adb_whitelist}" > "${adb_tmpdir}/tmp.raw_whitelist"
+ f_tld "${adb_tmpdir}/tmp.raw_whitelist"
+
+ adb_whitelist_rset="/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{gsub(\"\\\.\",\"\\\.\",\$1);print tolower(\"^\"\$1\"\\\|\\\.\"\$1)}"
+ awk "${adb_whitelist_rset}" "${adb_tmpdir}/tmp.raw_whitelist" > "${adb_tmpdir}/tmp.rem_whitelist"
+
+ if [ -n "${adb_dnsallow}" ]
+ then
+ eval "${adb_dnsallow}" "${adb_tmpdir}/tmp.raw_whitelist" > "${adb_tmpdir}/tmp.add_whitelist"
+ fi
+ fi
+
+ # build 'dnsjail' list
+ #
+ if [ ${adb_jail} -eq 1 ]
+ then
+ cat "${adb_tmpdir}/tmp.add_whitelist" > "/tmp/${adb_dnsjail}"
+ printf '%s\n' "${adb_dnshalt}" >> "/tmp/${adb_dnsjail}"
+ if [ -n "${adb_dnsheader}" ]
+ then
+ printf '%s\n' "${adb_dnsheader}" | cat - "/tmp/${adb_dnsjail}" > "${adb_tmpdir}/tmp.dnsjail"
+ cat "${adb_tmpdir}/tmp.dnsjail" > "/tmp/${adb_dnsjail}"
+ fi
+ fi
+
+ # main loop
+ #
+ for src_name in ${adb_sources}
+ do
+ enabled="$(eval printf '%s' \"\${enabled_${src_name}\}\")"
+ src_url="$(eval printf '%s' \"\${adb_src_${src_name}\}\")"
+ src_rset="$(eval printf '%s' \"\${adb_src_rset_${src_name}\}\")"
+ src_cat="$(eval printf '%s' \"\${adb_src_cat_${src_name}\}\")"
+ adb_tmpload="${tmp_load}.${src_name}"
+ adb_tmpfile="${tmp_file}.${src_name}"
+
+ # basic pre-checks
+ #
+ f_log "debug" "f_main ::: name: ${src_name}, enabled: ${enabled}"
+ if [ "${enabled}" != "1" ] || [ -z "${src_url}" ] || [ -z "${src_rset}" ]
+ then
+ f_list remove
+ continue
+ fi
+
+ # backup mode
+ #
+ if [ ${adb_backup_mode} -eq 1 ] && [ "${adb_action}" = "start" ] && [ "${src_name}" != "blacklist" ]
+ then
+ f_list restore
+ if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpfile}" ]
+ then
+ if ([ ${mem_total} -lt 64 ] || [ ${mem_free} -lt 40 ]) && [ ${adb_forcesrt} -eq 0 ]
+ then
+ f_tld "${adb_tmpfile}"
+ fi
+ continue
+ fi
+ fi
+
+ # download queue processing
+ #
+ if [ "${src_name}" = "blacklist" ]
+ then
+ if [ -s "${src_url}" ]
+ then
+ (
+ src_log="$(cat "${src_url}" > "${adb_tmpload}" 2>&1)"
+ adb_rc=${?}
+ if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpload}" ]
+ then
+ awk "${src_rset}" "${adb_tmpload}" 2>/dev/null > "${adb_tmpfile}"
+ adb_rc=${?}
+ if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpfile}" ]
+ then
+ rm -f "${adb_tmpload}"
+ f_list download
+ if ([ ${mem_total} -lt 64 ] || [ ${mem_free} -lt 40 ]) && [ ${adb_forcesrt} -eq 0 ]
+ then
+ f_tld "${adb_tmpfile}"
+ fi
+ fi
+ else
+ src_log="$(printf '%s' "${src_log}" | awk '{ORS=" ";print $0}')"
+ f_log "debug" "f_main ::: name: ${src_name}, url: ${src_url}, rc: ${adb_rc}, log: ${src_log:-"-"}"
+ fi
+ ) &
+ else
+ continue
+ fi
+ elif [ -n "${src_cat}" ]
+ then
+ (
+ src_arc="${adb_tmpdir}/${src_url##*/}"
+ src_log="$("${adb_fetchutil}" ${adb_fetchparm} "${src_arc}" "${src_url}" 2>&1)"
+ adb_rc=${?}
+ if [ ${adb_rc} -eq 0 ] && [ -s "${src_arc}" ]
+ then
+ list="$(tar -tzf "${src_arc}")"
+ suffix="$(eval printf '%s' \"\${adb_src_suffix_${src_name}:-\"domains\"\}\")"
+ for cat in ${src_cat}
+ do
+ entry="$(printf '%s' "${list}" | grep -E "[\^/]+${cat}/${suffix}")"
+ if [ -n "${entry}" ]
+ then
+ tar -xOzf "${src_arc}" "${entry}" >> "${adb_tmpload}"
+ adb_rc=${?}
+ if [ ${adb_rc} -ne 0 ]
+ then
+ break
+ fi
+ fi
+ done
+ else
+ src_log="$(printf '%s' "${src_log}" | awk '{ORS=" ";print $0}')"
+ f_log "debug" "f_main ::: name: ${src_name}, url: ${src_url}, rc: ${adb_rc}, log: ${src_log:-"-"}"
+ fi
+ if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpload}" ]
+ then
+ rm -f "${src_arc}"
+ awk "${src_rset}" "${adb_tmpload}" 2>/dev/null > "${adb_tmpfile}"
+ adb_rc=${?}
+ if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpfile}" ]
+ then
+ rm -f "${adb_tmpload}"
+ f_list download
+ if [ ${adb_backup} -eq 1 ]
+ then
+ f_list backup
+ fi
+ if ([ ${mem_total} -lt 64 ] || [ ${mem_free} -lt 40 ]) && [ ${adb_forcesrt} -eq 0 ]
+ then
+ f_tld "${adb_tmpfile}"
+ fi
+ elif [ ${adb_backup} -eq 1 ]
+ then
+ f_list restore
+ fi
+ elif [ ${adb_backup} -eq 1 ]
+ then
+ f_list restore
+ fi
+ ) &
+ else
+ (
+ src_log="$("${adb_fetchutil}" ${adb_fetchparm} "${adb_tmpload}" "${src_url}" 2>&1)"
+ adb_rc=${?}
+ if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpload}" ]
+ then
+ awk "${src_rset}" "${adb_tmpload}" 2>/dev/null > "${adb_tmpfile}"
+ adb_rc=${?}
+ if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpfile}" ]
+ then
+ rm -f "${adb_tmpload}"
+ f_list download
+ if [ ${adb_backup} -eq 1 ]
+ then
+ f_list backup
+ fi
+ if ([ ${mem_total} -lt 64 ] || [ ${mem_free} -lt 40 ]) && [ ${adb_forcesrt} -eq 0 ]
+ then
+ f_tld "${adb_tmpfile}"
+ fi
+ elif [ ${adb_backup} -eq 1 ]
+ then
+ f_list restore
+ fi
+ else
+ src_log="$(printf '%s' "${src_log}" | awk '{ORS=" ";print $0}')"
+ f_log "debug" "f_main ::: name: ${src_name}, url: ${src_url}, rc: ${adb_rc}, log: ${src_log:-"-"}"
+ if [ ${adb_backup} -eq 1 ]
+ then
+ f_list restore
+ fi
+ fi
+ ) &
+ fi
+ hold=$(( cnt % adb_maxqueue ))
+ if [ ${hold} -eq 0 ]
+ then
+ wait
+ fi
+ cnt=$(( cnt + 1 ))
+ done
+
+ # list merge
+ #
+ wait
+ src_name="overall"
+ adb_tmpfile="${tmp_file}"
+ f_list merge
+
+ # overall sort and conditional dns restart
+ #
+ f_hash
+ if [ -s "${adb_tmpdir}/${adb_dnsfile}" ]
+ then
+ if ([ ${mem_total} -ge 64 ] && [ ${mem_free} -ge 40 ]) || [ ${adb_forcesrt} -eq 1 ]
+ then
+ f_tld "${adb_tmpdir}/${adb_dnsfile}"
+ fi
+ f_list final
+ else
+ > "${adb_dnsdir}/${adb_dnsfile}"
+ fi
+ chown "${adb_dnsuser}" "${adb_dnsdir}/${adb_dnsfile}" 2>/dev/null
+ f_hash
+ if [ ${?} -eq 1 ]
+ then
+ f_dnsup
+ fi
+ f_jsnup
+ if [ ${?} -eq 0 ]
+ then
+ f_log "info" "blocklist with overall ${adb_cnt} domains loaded successfully (${adb_sysver})"
+ else
+ f_log "err" "dns backend restart with active blocklist failed"
+ fi
+ f_rmtemp
+ exit ${adb_rc}
}
+# source required system libraries
+#
+if [ -r "/lib/functions.sh" ] && [ -r "/usr/share/libubox/jshn.sh" ]
+then
+ . "/lib/functions.sh"
+ . "/usr/share/libubox/jshn.sh"
+else
+ f_log "err" "system libraries not found"
+fi
+
+# initialize json runtime file
+#
+json_load_file "${adb_rtfile}" >/dev/null 2>&1
+json_select data >/dev/null 2>&1
+if [ ${?} -ne 0 ]
+then
+ > "${adb_rtfile}"
+ json_init
+ json_add_object "data"
+fi
+
# handle different adblock actions
#
f_envload
case "${adb_action}" in
- stop)
- f_rmdns
- ;;
- restart)
- f_rmdns
- f_envcheck
- f_main
- ;;
- suspend)
- f_switch suspend
- ;;
- resume)
- f_switch resume
- ;;
- query)
- f_query "${2}"
- ;;
- start|reload)
- f_envcheck
- f_main
- ;;
+ stop)
+ f_rmdns
+ ;;
+ restart)
+ f_rmdns
+ f_envcheck
+ f_main
+ ;;
+ suspend)
+ f_switch suspend
+ ;;
+ resume)
+ f_switch resume
+ ;;
+ query)
+ f_query "${2}"
+ ;;
+ start|reload)
+ f_envcheck
+ f_main
+ ;;
esac
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/mayswind/AriaNg-DailyBuild
-PKG_SOURCE_DATE:=2018-05-21
-PKG_SOURCE_VERSION:=304500c3f042ac5387e4dd5d6ea159999d249314
-PKG_MIRROR_HASH:=f5bb5aad024f0916becc8d36832e5d864cd078553c5a719c715a00ecc72af90e
+PKG_SOURCE_DATE:=2018-08-11
+PKG_SOURCE_VERSION:=237335fd0e14d3614729052d0a44571c6340367e
+PKG_MIRROR_HASH:=263131aadc3dd784af1b9f3136910989ed6cb8ad99a89f82f45e41fa0b97db8d
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=LICENSE
$(1)/www/ariang
endef
-Package/ariang-nginx/install = $(Package/ariang/install)
+define Package/ariang-nginx/install
+ $(Package/ariang/install)
+ $(INSTALL_DIR) $(1)/etc/nginx
+ $(INSTALL_BIN) ./files/ariang.conf $(1)/etc/nginx/ariang.conf
+ $(INSTALL_DIR) $(1)/etc/uci-defaults
+ $(INSTALL_BIN) ./files/80_ariang-nginx-support $(1)/etc/uci-defaults/80_ariang-nginx-support
+endef
$(eval $(call BuildPackage,ariang))
$(eval $(call BuildPackage,ariang-nginx))
--- /dev/null
+#!/bin/sh
+
+
+if [ -f "/etc/nginx/nginx.conf" ] && [ -f "/etc/nginx/ariang.conf" ]; then
+ if [ "$( grep 'server_name localhost;' < /etc/nginx/nginx.conf)" ] &&
+ [ ! "$( grep 'include ariang.conf;' < /etc/nginx/nginx.conf)" ]; then
+ sed -i '/server_name localhost;/a \\t\tinclude ariang.conf;' /etc/nginx/nginx.conf
+ if [ -f /var/run/nginx.pid ]; then
+ /etc/init.d/nginx restart
+ fi
+ fi
+fi
+
+exit 0
+
--- /dev/null
+location /ariang {
+ index index.html;
+ alias /www/ariang/;
+}
\ No newline at end of file
PKG_NAME:=clamav
PKG_VERSION:=0.100.1
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_LICENSE:=GPL-2.0
PKG_MAINTAINER:=Marko Ratkaj <marko.ratkaj@sartura.hr> \
define Package/clamav/Default
SECTION:=net
- DEPENDS:=+libpthread +uclibcxx +zlib +libcurl +libjson-c +libopenssl +libltdl +libpcre2 +USE_MUSL:musl-fts
+ DEPENDS:=+libpthread +uclibcxx +zlib +libcurl +libjson-c +libmilter-sendmail +libopenssl +libltdl +libpcre2 +USE_MUSL:musl-fts
CATEGORY:=Network
SUBMENU:=Web Servers/Proxies
TITLE:=ClamAV
--sysconfdir=/etc/clamav/ \
--prefix=/usr/ \
--exec-prefix=/usr/ \
+ --enable-milter \
--disable-xml \
--disable-bzip2 \
--with-user nobody \
define Package/clamav/install
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/clamd $(1)/usr/sbin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/clamav-milter $(1)/usr/sbin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clamav-config $(1)/usr/sbin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clambc $(1)/usr/sbin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clamconf $(1)/usr/sbin/
PKG_VERSION:=2.7.8
# Release == build
# increase on changes of services files or tld_names.dat
-PKG_RELEASE:=1
+PKG_RELEASE:=3
PKG_LICENSE:=GPL-2.0
PKG_MAINTAINER:=
. /lib/functions/network.sh
# GLOBAL VARIABLES #
-VERSION="2.7.8-1"
+VERSION="2.7.8-3"
SECTION_ID="" # hold config's section name
VERBOSE=0 # default mode is log to console, but easily changed with parameter
MYPROG=$(basename $0) # my program call name
WGET_SSL=$(which wget-ssl)
CURL=$(which curl)
-
+# CURL_SSL not empty then SSL support available
+CURL_SSL=$($CURL -V 2>/dev/null | grep -F "https")
# CURL_PROXY not empty then Proxy support available
CURL_PROXY=$(find /lib /usr/lib -name libcurl.so* -exec strings {} 2>/dev/null \; | grep -im1 "all_proxy")
__RUNPROG="$NSLOOKUP $__HOST >$DATFILE 2>$ERRFILE"
fi
write_log 7 "#> $__RUNPROG"
- (
- set -o noglob
- eval $__RUNPROG
- )
+ eval $__RUNPROG
__ERR=$?
# command error
[ $__ERR -gt 0 ] && {
if [ -n "$__NCEXT" ]; then # BusyBox nc compiled with extensions (timeout support)
__RUNPROG="$__NC -w 1 $__IP $__PORT </dev/null >$DATFILE 2>$ERRFILE"
write_log 7 "#> $__RUNPROG"
- (
- set -o noglob
- eval $__RUNPROG
- )
+ eval $__RUNPROG
__ERR=$?
[ $__ERR -eq 0 ] && return 0
write_log 3 "Connect error - BusyBox nc (netcat) Error '$__ERR'"
else # nc compiled without extensions (no timeout support)
__RUNPROG="timeout 2 -- $__NC $__IP $__PORT </dev/null >$DATFILE 2>$ERRFILE"
write_log 7 "#> $__RUNPROG"
- (
- set -o noglob
- eval $__RUNPROG
- )
+ eval $__RUNPROG
__ERR=$?
[ $__ERR -eq 0 ] && return 0
write_log 3 "Connect error - BusyBox nc (netcat) timeout Error '$__ERR'"
local __BINDIP
# set correct program to detect IP
[ $use_ipv6 -eq 0 ] && __RUNPROG="network_get_ipaddr" || __RUNPROG="network_get_ipaddr6"
- ( set -o noglob ; eval "$__RUNPROG __BINDIP $bind_network" ) || \
+ eval "$__RUNPROG __BINDIP $bind_network" || \
write_log 13 "Can not detect local IP using '$__RUNPROG $bind_network' - Error: '$?'"
write_log 7 "Force communication via IP '$__BINDIP'"
__PROG="$__PROG --bind-address=$__BINDIP"
# 2nd choice is cURL IPv4/IPv6/HTTPS
# libcurl might be compiled without Proxy or HTTPS Support
elif [ -n "$CURL" ]; then
- # CURL_SSL not empty then SSL support available
- CURL_SSL=$($(which curl) -V 2>/dev/null | grep "Protocols:" | grep -F "https")
__PROG="$CURL -RsS -o $DATFILE --stderr $ERRFILE"
# check HTTPS support
[ -z "$CURL_SSL" -a $use_https -eq 1 ] && \
while : ; do
write_log 7 "#> $__RUNPROG"
- (
- set -o noglob
- eval $__RUNPROG # DO transfer
- )
+ eval $__RUNPROG # DO transfer
__ERR=$? # save error code
[ $__ERR -eq 0 ] && return 0 # no error leave
[ -n "$LUCI_HELPER" ] && return 1 # no retry if called by LuCI helper script
network_flush_cache # force re-read data from ubus
[ $use_ipv6 -eq 0 ] && __RUNPROG="network_get_ipaddr" \
|| __RUNPROG="network_get_ipaddr6"
- ( set -o noglob ; eval "$__RUNPROG __DATA $ip_network" ) || \
+ eval "$__RUNPROG __DATA $ip_network" || \
write_log 13 "Can not detect local IP using $__RUNPROG '$ip_network' - Error: '$?'"
[ -n "$__DATA" ] && write_log 7 "Local IP '$__DATA' detected on network '$ip_network'"
elif [ -n "$ip_interface" ]; then
[ -n "$__DATA" ] && write_log 7 "Local IP '$__DATA' detected on interface '$ip_interface'"
elif [ -n "$ip_script" ]; then
write_log 7 "#> $ip_script >$DATFILE 2>$ERRFILE"
- (
- set -o noglob
- eval $ip_script >$DATFILE 2>$ERRFILE
- )
+ eval $ip_script >$DATFILE 2>$ERRFILE
__ERR=$?
if [ $__ERR -eq 0 ]; then
__DATA=$(cat $DATFILE)
while : ; do
write_log 7 "#> $__RUNPROG"
- (
- set -o noglob
- eval $__RUNPROG
- )
+ eval $__RUNPROG
__ERR=$?
if [ $__ERR -ne 0 ]; then
write_log 3 "$__PROG error: '$__ERR'"
include $(TOPDIR)/rules.mk
PKG_NAME:=dmapd
-PKG_VERSION:=0.0.75
+PKG_VERSION:=0.0.76
PKG_RELEASE:=1
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.flyn.org/projects/dmapd
-PKG_HASH:=f296a5ba02eae36a41381d19d5d08f2b9b7657091db9674f82121cd26c2893a1
+PKG_HASH:=f9fcd690ac4c3c80544713c1d82daa065022f230f1f4bf7a993f2f851ee2641d
PKG_FIXUP:=autoreconf
PKG_INSTALL:=2
#
-# Copyright (C) 2015-2016 Thomas Weißschuh
+# Copyright (C) 2015-2018 Thomas Weißschuh
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(TOPDIR)/rules.mk
PKG_NAME:=esniper
-PKG_VERSION:=2.33.0
+PKG_VERSION:=2.35.0
PKG_RELEASE:=1
PKG_LICENSE:=BSD-2-Clause
PKG_LICENSE_FILES:=COPYING
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(VERSION_TRANSFORMED)
PKG_SOURCE:=$(PKG_NAME)-$(VERSION_TRANSFORMED).tgz
PKG_SOURCE_URL:=@SF/$(PKG_NAME)
-PKG_HASH:=c9b8b10aefe5c397d7dee4c569f87f227c6710de528b1dc402379e5b4f1793dd
+PKG_HASH:=a93d4533e31640554f2e430ac76b43e73a50ed6d721511066020712ac8923c12
PKG_BUILD_PARALLEL:=1
PKG_NAME:=haproxy
PKG_VERSION:=1.8.13
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=haproxy-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.haproxy.org/download/1.8/src/
--- /dev/null
+commit ef9b56022c656df34044103a317b7b890ced6628
+Author: Willy Tarreau <w@1wt.eu>
+Date: Tue Aug 7 10:14:53 2018 +0200
+
+ BUG/MEDIUM: servers: check the queues once enabling a server
+
+ Commit 64cc49c ("MAJOR: servers: propagate server status changes
+ asynchronously.") heavily changed the way the server states are
+ updated since they became asynchronous. During this change, some
+ code was lost, which is used to shut down some sessions from a
+ backup server and to pick pending connections from a proxy once
+ a server is turned back from maintenance to ready state. The
+ effect is that when temporarily disabling a server, connections
+ stay in the backend's queue, and when re-enabling it, they are
+ not picked and they expire in the backend's queue. Now they're
+ properly picked again.
+
+ This fix must be backported to 1.8.
+
+ (cherry picked from commit 6a78e61694d69beb49c0e8486be9550f5e8b7d08)
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/src/server.c b/src/server.c
+index 3d6a4093..fbed6cd4 100644
+--- a/src/server.c
++++ b/src/server.c
+@@ -4774,6 +4774,19 @@ void srv_update_status(struct server *s)
+ if (prev_srv_count && s->proxy->srv_bck == 0 && s->proxy->srv_act == 0)
+ set_backend_down(s->proxy);
+
++ /* If the server is set with "on-marked-up shutdown-backup-sessions",
++ * and it's not a backup server and its effective weight is > 0,
++ * then it can accept new connections, so we shut down all streams
++ * on all backup servers.
++ */
++ if ((s->onmarkedup & HANA_ONMARKEDUP_SHUTDOWNBACKUPSESSIONS) &&
++ !(s->flags & SRV_F_BACKUP) && s->next_eweight)
++ srv_shutdown_backup_streams(s->proxy, SF_ERR_UP);
++
++ /* check if we can handle some connections queued at the proxy. We
++ * will take as many as we can handle.
++ */
++ xferred = pendconn_grab_from_px(s);
+ }
+ else if (s->next_admin & SRV_ADMF_MAINT) {
+ /* remaining in maintenance mode, let's inform precisely about the
--- /dev/null
+commit 5550143cd6de58c6e733e389c6946e3dd26e89c0
+Author: Willy Tarreau <w@1wt.eu>
+Date: Tue Aug 7 10:44:58 2018 +0200
+
+ BUG/MEDIUM: queue: prevent a backup server from draining the proxy's connections
+
+ When switching back from a backup to an active server, the backup server
+ currently continues to drain the proxy's connections, which is a problem
+ because it's not expected to be able to pick them.
+
+ This patch ensures that a backup server will only pick backend connections
+ if there is no active server and it is the selected backup server or all
+ backup servers are supposed to be used.
+
+ This issue seems to have existed forever, so this fix should be backported
+ to all stable versions.
+
+ (cherry picked from commit a8694654ba021bf1e0e560a98ab5e70dc44d212e)
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/src/queue.c b/src/queue.c
+index 1c730c75..b0b89426 100644
+--- a/src/queue.c
++++ b/src/queue.c
+@@ -117,7 +117,10 @@ static int pendconn_process_next_strm(struct server *srv, struct proxy *px)
+ }
+
+ ps_found:
+- if (srv_currently_usable(rsrv) && px->nbpend) {
++ if (srv_currently_usable(rsrv) && px->nbpend &&
++ (!(srv->flags & SRV_F_BACKUP) ||
++ (!px->srv_act &&
++ (srv == px->lbprm.fbck || (px->options & PR_O_USE_ALL_BK))))) {
+ struct pendconn *pp;
+
+ list_for_each_entry(pp, &px->pendconns, list) {
+@@ -287,6 +290,15 @@ int pendconn_grab_from_px(struct server *s)
+ if (!srv_currently_usable(s))
+ return 0;
+
++ /* if this is a backup server and there are active servers or at
++ * least another backup server was elected, then this one must
++ * not dequeue requests from the proxy.
++ */
++ if ((s->flags & SRV_F_BACKUP) &&
++ (s->proxy->srv_act ||
++ ((s != s->proxy->lbprm.fbck) && !(s->proxy->options & PR_O_USE_ALL_BK))))
++ return 0;
++
+ HA_SPIN_LOCK(PROXY_LOCK, &s->proxy->lock);
+ maxconn = srv_dynamic_maxconn(s);
+ list_for_each_entry_safe(p, pback, &s->proxy->pendconns, list) {
--- /dev/null
+commit 7d395954136c45e1533f355068399fec5e606db1
+Author: Baptiste Assmann <bedis9@gmail.com>
+Date: Fri Jun 22 13:03:50 2018 +0200
+
+ MINOR: dns: fix wrong score computation in dns_get_ip_from_response
+
+ dns_get_ip_from_response() is used to compare the caller current IP to
+ the IP available in the records returned by the DNS server.
+ A scoring system is in place to get the best IP address available.
+ That said, in the current implementation, there are a couple of issues:
+ 1. a comment does not match what the code does
+ 2. the code does not match what the commet says (score value is not
+ incremented with '2')
+
+ This patch fixes both issues.
+
+ Backport status: 1.8
+
+ (cherry picked from commit 84221b4e9010810cf93b7ad7a31d825fa9fc26bf)
+ [wt: Baptiste explicitly asked for this one to be backported to stable]
+ Cc: Baptiste <bedis9@gmail.com>
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/src/dns.c b/src/dns.c
+index 153a46b2..d8388ef1 100644
+--- a/src/dns.c
++++ b/src/dns.c
+@@ -1027,10 +1027,13 @@ int dns_get_ip_from_response(struct dns_response_packet *dns_p,
+ }
+
+ /* Check if the IP found in the record is already affected to a
+- * member of a group. If yes, the score should be incremented
++ * member of a group. If not, the score should be incremented
+ * by 2. */
+- if (owner && snr_check_ip_callback(owner, ip, &ip_type))
++ if (owner && snr_check_ip_callback(owner, ip, &ip_type)) {
+ continue;
++ } else {
++ score += 2;
++ }
+
+ /* Check for current ip matching. */
+ if (ip_type == currentip_sin_family &&
--- /dev/null
+commit c1bfcd002f54d1d84a99282d13f875c2649f3d70
+Author: Baptiste Assmann <bedis9@gmail.com>
+Date: Fri Jun 22 15:04:43 2018 +0200
+
+ MINOR: dns: new DNS options to allow/prevent IP address duplication
+
+ By default, HAProxy's DNS resolution at runtime ensure that there is no
+ IP address duplication in a backend (for servers being resolved by the
+ same hostname).
+ There are a few cases where people want, on purpose, to disable this
+ feature.
+
+ This patch introduces a couple of new server side options for this purpose:
+ "resolve-opts allow-dup-ip" or "resolve-opts prevent-dup-ip".
+
+ (cherry picked from commit 8e2d9430c0562ed74276d7f58e92706c384c0a36)
+
+ [wt: this is backported to 1.8 upon request from Baptiste because it offers
+ the option to revert to 1.7 behaviour, which some people depend on. The
+ address deduplication used on 1.8 apparently is not suited to everyone]
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/doc/configuration.txt b/doc/configuration.txt
+index 011533a0..1973bbf2 100644
+--- a/doc/configuration.txt
++++ b/doc/configuration.txt
+@@ -11623,6 +11623,40 @@ rise <count>
+ after <count> consecutive successful health checks. This value defaults to 2
+ if unspecified. See also the "check", "inter" and "fall" parameters.
+
++resolve-opts <option>,<option>,...
++ Comma separated list of options to apply to DNS resolution linked to this
++ server.
++
++ Available options:
++
++ * allow-dup-ip
++ By default, HAProxy prevents IP address duplication in a backend when DNS
++ resolution at runtime is in operation.
++ That said, for some cases, it makes sense that two servers (in the same
++ backend, being resolved by the same FQDN) have the same IP address.
++ For such case, simply enable this option.
++ This is the opposite of prevent-dup-ip.
++
++ * prevent-dup-ip
++ Ensure HAProxy's default behavior is enforced on a server: prevent re-using
++ an IP address already set to a server in the same backend and sharing the
++ same fqdn.
++ This is the opposite of allow-dup-ip.
++
++ Example:
++ backend b_myapp
++ default-server init-addr none resolvers dns
++ server s1 myapp.example.com:80 check resolve-opts allow-dup-ip
++ server s2 myapp.example.com:81 check resolve-opts allow-dup-ip
++
++ With the option allow-dup-ip set:
++ * if the nameserver returns a single IP address, then both servers will use
++ it
++ * If the nameserver returns 2 IP addresses, then each server will pick up a
++ different address
++
++ Default value: not set
++
+ resolve-prefer <family>
+ When DNS resolution is enabled for a server and multiple IP addresses from
+ different families are returned, HAProxy will prefer using an IP address
+diff --git a/include/types/dns.h b/include/types/dns.h
+index 9b1d08df..488d3996 100644
+--- a/include/types/dns.h
++++ b/include/types/dns.h
+@@ -245,6 +245,8 @@ struct dns_options {
+ } mask;
+ } pref_net[SRV_MAX_PREF_NET];
+ int pref_net_nb; /* The number of registered prefered networks. */
++ int accept_duplicate_ip; /* flag to indicate whether the associated object can use an IP address
++ already set to an other object of the same group */
+ };
+
+ /* Resolution structure associated to single server and used to manage name
+diff --git a/src/dns.c b/src/dns.c
+index d8388ef1..b31000a2 100644
+--- a/src/dns.c
++++ b/src/dns.c
+@@ -965,8 +965,10 @@ int dns_get_ip_from_response(struct dns_response_packet *dns_p,
+ int currentip_sel;
+ int j;
+ int score, max_score;
++ int allowed_duplicated_ip;
+
+ family_priority = dns_opts->family_prio;
++ allowed_duplicated_ip = dns_opts->accept_duplicate_ip;
+ *newip = newip4 = newip6 = NULL;
+ currentip_found = 0;
+ *newip_sin_family = AF_UNSPEC;
+@@ -1030,7 +1032,9 @@ int dns_get_ip_from_response(struct dns_response_packet *dns_p,
+ * member of a group. If not, the score should be incremented
+ * by 2. */
+ if (owner && snr_check_ip_callback(owner, ip, &ip_type)) {
+- continue;
++ if (!allowed_duplicated_ip) {
++ continue;
++ }
+ } else {
+ score += 2;
+ }
+diff --git a/src/server.c b/src/server.c
+index fbed6cd4..36a05e27 100644
+--- a/src/server.c
++++ b/src/server.c
+@@ -1506,6 +1506,7 @@ static void srv_settings_cpy(struct server *srv, struct server *src, int srv_tmp
+ if (src->resolvers_id != NULL)
+ srv->resolvers_id = strdup(src->resolvers_id);
+ srv->dns_opts.family_prio = src->dns_opts.family_prio;
++ srv->dns_opts.accept_duplicate_ip = src->dns_opts.accept_duplicate_ip;
+ if (srv->dns_opts.family_prio == AF_UNSPEC)
+ srv->dns_opts.family_prio = AF_INET6;
+ memcpy(srv->dns_opts.pref_net,
+@@ -2044,6 +2045,7 @@ int parse_server(const char *file, int linenum, char **args, struct proxy *curpr
+ newsrv = &curproxy->defsrv;
+ cur_arg = 1;
+ newsrv->dns_opts.family_prio = AF_INET6;
++ newsrv->dns_opts.accept_duplicate_ip = 0;
+ }
+
+ while (*args[cur_arg]) {
+@@ -2139,6 +2141,31 @@ int parse_server(const char *file, int linenum, char **args, struct proxy *curpr
+ newsrv->resolvers_id = strdup(args[cur_arg + 1]);
+ cur_arg += 2;
+ }
++ else if (!strcmp(args[cur_arg], "resolve-opts")) {
++ char *p, *end;
++
++ for (p = args[cur_arg + 1]; *p; p = end) {
++ /* cut on next comma */
++ for (end = p; *end && *end != ','; end++);
++ if (*end)
++ *(end++) = 0;
++
++ if (!strcmp(p, "allow-dup-ip")) {
++ newsrv->dns_opts.accept_duplicate_ip = 1;
++ }
++ else if (!strcmp(p, "prevent-dup-ip")) {
++ newsrv->dns_opts.accept_duplicate_ip = 0;
++ }
++ else {
++ ha_alert("parsing [%s:%d]: '%s' : unknown resolve-opts option '%s', supported methods are 'allow-dup-ip' and 'prevent-dup-ip'.\n",
++ file, linenum, args[cur_arg], p);
++ err_code |= ERR_ALERT | ERR_FATAL;
++ goto out;
++ }
++ }
++
++ cur_arg += 2;
++ }
+ else if (!strcmp(args[cur_arg], "resolve-prefer")) {
+ if (!strcmp(args[cur_arg + 1], "ipv4"))
+ newsrv->dns_opts.family_prio = AF_INET;
--- /dev/null
+commit d804e5e6b76bfd34576305ff33fe32aacb1fa5b7
+Author: Thierry FOURNIER <thierry.fournier@ozon.io>
+Date: Sat Jun 30 10:37:33 2018 +0200
+
+ BUG/MEDIUM: lua: possible CLOSE-WAIT state with '\n' headers
+
+ The Lua parser doesn't takes in account end-of-headers containing
+ only '\n'. It expects always '\r\n'. If a '\n' is processes the Lua
+ parser considers it miss 1 byte, and wait indefinitely for new data.
+
+ When the client reaches their timeout, it closes the connection.
+ This close is not detected and the connection keep in CLOSE-WAIT
+ state.
+
+ I guess that this patch fix only a visible part of the problem.
+ If the Lua HTTP parser wait for data, the timeout server or the
+ connectio closed by the client may stop the applet.
+
+ How reproduce the problem:
+
+ HAProxy conf:
+
+ global
+ lua-load bug38.lua
+ frontend frt
+ timeout client 2s
+ timeout server 2s
+ mode http
+ bind *:8080
+ http-request use-service lua.donothing
+
+ Lua conf
+
+ core.register_service("donothing", "http", function(applet) end)
+
+ Client request:
+
+ echo -ne 'GET / HTTP/1.1\n\n' | nc 127.0.0.1 8080
+
+ Look for CLOSE-WAIT in the connection with "netstat" or "ss". I
+ use this script:
+
+ while sleep 1; do ss | grep CLOSE-WAIT; done
+
+ This patch must be backported in 1.6, 1.7 and 1.8
+
+ Workaround: enable the "hard-stop-after" directive, and perform
+ periodic reload.
+
+ (cherry picked from commit 70d318ccb760ee25f166a75d163f38545f074ff1)
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/src/hlua.c b/src/hlua.c
+index 54064860..4e50fa64 100644
+--- a/src/hlua.c
++++ b/src/hlua.c
+@@ -6594,13 +6594,13 @@ static void hlua_applet_http_fct(struct appctx *ctx)
+ len2 = 0;
+ if (ret == 0)
+ len1 = 0;
+- if (len1 + len2 < strm->txn->req.eoh + 2) {
++ if (len1 + len2 < strm->txn->req.eoh + strm->txn->req.eol) {
+ si_applet_cant_get(si);
+ return;
+ }
+
+ /* skip the requests bytes. */
+- co_skip(si_oc(si), strm->txn->req.eoh + 2);
++ co_skip(si_oc(si), strm->txn->req.eoh + strm->txn->req.eol);
+ }
+
+ /* Executes The applet if it is not done. */
--- /dev/null
+commit cd753064396f9563640fef940ce2a89e192042b1
+Author: Olivier Houchard <ohouchard@haproxy.com>
+Date: Thu Dec 21 17:13:05 2017 +0100
+
+ MINOR: threads: Introduce double-width CAS on x86_64 and arm.
+
+ Introduce double-width compare-and-swap on arches that support it, right now
+ x86_64, arm, and aarch64.
+ Also introduce functions to do memory barriers.
+
+ (cherry picked from commit f61f0cb95ffbfe403219226d427cd292ca79965a)
+ [wt: this is backported only to have the barriers for the new rdv point]
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/include/common/hathreads.h b/include/common/hathreads.h
+index 25cadf10..543ab95c 100644
+--- a/include/common/hathreads.h
++++ b/include/common/hathreads.h
+@@ -98,6 +98,19 @@ extern THREAD_LOCAL unsigned long tid_bit; /* The bit corresponding to the threa
+
+ #define ha_sigmask(how, set, oldset) sigprocmask(how, set, oldset)
+
++
++static inline void __ha_barrier_load(void)
++{
++}
++
++static inline void __ha_barrier_store(void)
++{
++}
++
++static inline void __ha_barrier_full(void)
++{
++}
++
+ #else /* USE_THREAD */
+
+ #include <stdio.h>
+@@ -694,8 +707,147 @@ static inline void __spin_unlock(enum lock_label lbl, struct ha_spinlock *l,
+
+ #endif /* DEBUG_THREAD */
+
++#ifdef __x86_64__
++#define HA_HAVE_CAS_DW 1
++#define HA_CAS_IS_8B
++static __inline int
++__ha_cas_dw(void *target, void *compare, const void *set)
++{
++ char ret;
++
++ __asm __volatile("lock cmpxchg16b %0; setz %3"
++ : "+m" (*(void **)target),
++ "=a" (((void **)compare)[0]),
++ "=d" (((void **)compare)[1]),
++ "=q" (ret)
++ : "a" (((void **)compare)[0]),
++ "d" (((void **)compare)[1]),
++ "b" (((const void **)set)[0]),
++ "c" (((const void **)set)[1])
++ : "memory", "cc");
++ return (ret);
++}
++
++static __inline void
++__ha_barrier_load(void)
++{
++ __asm __volatile("lfence" ::: "memory");
++}
++
++static __inline void
++__ha_barrier_store(void)
++{
++ __asm __volatile("sfence" ::: "memory");
++}
++
++static __inline void
++__ha_barrier_full(void)
++{
++ __asm __volatile("mfence" ::: "memory");
++}
++
++#elif defined(__arm__) && (defined(__ARM_ARCH_7__) || defined(__ARM_ARCH_7A__))
++#define HA_HAVE_CAS_DW 1
++static __inline void
++__ha_barrier_load(void)
++{
++ __asm __volatile("dmb" ::: "memory");
++}
++
++static __inline void
++__ha_barrier_store(void)
++{
++ __asm __volatile("dsb" ::: "memory");
++}
++
++static __inline void
++__ha_barrier_full(void)
++{
++ __asm __volatile("dmb" ::: "memory");
++}
++
++static __inline int __ha_cas_dw(void *target, void *compare, void *set)
++{
++ uint64_t previous;
++ int tmp;
++
++ __asm __volatile("1:"
++ "ldrexd %0, [%4];"
++ "cmp %Q0, %Q2;"
++ "ittt eq;"
++ "cmpeq %R0, %R2;"
++ "strexdeq %1, %3, [%4];"
++ "cmpeq %1, #1;"
++ "beq 1b;"
++ : "=&r" (previous), "=&r" (tmp)
++ : "r" (compare), "r" (set), "r" (target)
++ : "memory", "cc");
++ tmp = (previous == *(uint64_t *)compare);
++ *(uint64_t *)compare = previous;
++ return (tmp);
++}
++
++#elif defined (__aarch64__)
++#define HA_HAVE_CAS_DW 1
++#define HA_CAS_IS_8B
++
++static __inline void
++__ha_barrier_load(void)
++{
++ __asm __volatile("dmb ishld" ::: "memory");
++}
++
++static __inline void
++__ha_barrier_store(void)
++{
++ __asm __volatile("dmb ishst" ::: "memory");
++}
++
++static __inline void
++__ha_barrier_full(void)
++{
++ __asm __volatile("dmb ish" ::: "memory");
++}
++
++static __inline int __ha_cas_dw(void *target, void *compare, void *set)
++{
++ void *value[2];
++ uint64_t tmp1, tmp2;
++
++ __asm__ __volatile__("1:"
++ "ldxp %0, %1, [%4];"
++ "mov %2, %0;"
++ "mov %3, %1;"
++ "eor %0, %0, %5;"
++ "eor %1, %1, %6;"
++ "orr %1, %0, %1;"
++ "mov %w0, #0;"
++ "cbnz %1, 2f;"
++ "stxp %w0, %7, %8, [%4];"
++ "cbnz %w0, 1b;"
++ "mov %w0, #1;"
++ "2:"
++ : "=&r" (tmp1), "=&r" (tmp2), "=&r" (value[0]), "=&r" (value[1])
++ : "r" (target), "r" (((void **)(compare))[0]), "r" (((void **)(compare))[1]), "r" (((void **)(set))[0]), "r" (((void **)(set))[1])
++ : "cc", "memory");
++
++ memcpy(compare, &value, sizeof(value));
++ return (tmp1);
++}
++
++#else
++#define __ha_barrier_load __sync_synchronize
++#define __ha_barrier_store __sync_synchronize
++#define __ha_barrier_full __sync_synchronize
++#endif
++
+ #endif /* USE_THREAD */
+
++static inline void __ha_compiler_barrier(void)
++{
++ __asm __volatile("" ::: "memory");
++}
++
+ /* Dummy I/O handler used by the sync pipe.*/
+ void thread_sync_io_handler(int fd);
+ int parse_nbthread(const char *arg, char **err);
--- /dev/null
+commit ad84851746243d85f9be59703e9bee0f5c5f8eba
+Author: Willy Tarreau <w@1wt.eu>
+Date: Wed Feb 14 14:16:28 2018 +0100
+
+ BUG/MEDIUM: threads: fix the double CAS implementation for ARMv7
+
+ Commit f61f0cb ("MINOR: threads: Introduce double-width CAS on x86_64
+ and arm.") introduced the double CAS. But the ARMv7 version is bogus,
+ it uses the value of the pointers instead of dereferencing them. When
+ lucky, it simply doesn't build due to impossible registers combinations.
+ Otherwise it will immediately crash at run time when facing traffic.
+
+ No backport is needed, this bug was introduced in 1.9-dev.
+
+ (cherry picked from commit 41ccb194d1d14669e0592e5373ef5776f099e82a)
+ [wt: backported only to keep safe code eventhough we don't use
+ this function in 1.8]
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/include/common/hathreads.h b/include/common/hathreads.h
+index 543ab95c..4e72848e 100644
+--- a/include/common/hathreads.h
++++ b/include/common/hathreads.h
+@@ -766,7 +766,7 @@ __ha_barrier_full(void)
+ __asm __volatile("dmb" ::: "memory");
+ }
+
+-static __inline int __ha_cas_dw(void *target, void *compare, void *set)
++static __inline int __ha_cas_dw(void *target, void *compare, const void *set)
+ {
+ uint64_t previous;
+ int tmp;
+@@ -780,7 +780,7 @@ static __inline int __ha_cas_dw(void *target, void *compare, void *set)
+ "cmpeq %1, #1;"
+ "beq 1b;"
+ : "=&r" (previous), "=&r" (tmp)
+- : "r" (compare), "r" (set), "r" (target)
++ : "r" (*(uint64_t *)compare), "r" (*(uint64_t *)set), "r" (target)
+ : "memory", "cc");
+ tmp = (previous == *(uint64_t *)compare);
+ *(uint64_t *)compare = previous;
--- /dev/null
+commit ece550d98e1c10017fb91ecfa0d19ae9d2dc45da
+Author: Willy Tarreau <w@1wt.eu>
+Date: Wed Aug 1 19:12:20 2018 +0200
+
+ MINOR: threads: add more consistency between certain variables in no-thread case
+
+ When threads are disabled, some variables such as tid and tid_bit are
+ still checked everywhere, the MAX_THREADS_MASK macro is ~0UL while
+ MAX_THREADS is 1, and the all_threads_mask variable is replaced with a
+ macro forced to zero. The compiler cannot optimize away all this code
+ involving checks on tid and tid_bit, and we end up in special cases
+ where all_threads_mask has to be specifically tested for being zero or
+ not. It is not even certain the code paths are always equivalent when
+ testing without threads and with nbthread 1.
+
+ Let's change this to make sure we always present a single thread when
+ threads are disabled, and have the relevant values declared as constants
+ so that the compiler can optimize all the tests away. Now we have
+ MAX_THREADS_MASK set to 1, all_threads_mask set to 1, tid set to zero
+ and tid_bit set to 1. Doing just this has removed 4 kB of code in the
+ no-thread case.
+
+ A few checks for all_threads_mask==0 have been removed since it never
+ happens anymore.
+
+ (cherry picked from commit 0c026f49e7348bce5b3c74be896ae208ae6e26a4)
+ [wt: the thread code feels safer with this, especially with the small updates
+ needed for the rdv point; missed one occurrence fixed by next patch]
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/include/common/hathreads.h b/include/common/hathreads.h
+index 4e72848e..7eb5d127 100644
+--- a/include/common/hathreads.h
++++ b/include/common/hathreads.h
+@@ -24,10 +24,6 @@
+
+ #include <common/config.h>
+
+-#define MAX_THREADS_MASK ((unsigned long)-1)
+-extern THREAD_LOCAL unsigned int tid; /* The thread id */
+-extern THREAD_LOCAL unsigned long tid_bit; /* The bit corresponding to the thread id */
+-
+ /* Note about all_threads_mask :
+ * - with threads support disabled, this symbol is defined as zero (0UL).
+ * - with threads enabled, this variable is never zero, it contains the mask
+@@ -37,7 +33,14 @@ extern THREAD_LOCAL unsigned long tid_bit; /* The bit corresponding to the threa
+ #ifndef USE_THREAD
+
+ #define MAX_THREADS 1
+-#define all_threads_mask 0UL
++#define MAX_THREADS_MASK 1
++
++/* Only way found to replace variables with constants that are optimized away
++ * at build time.
++ */
++enum { all_threads_mask = 1UL };
++enum { tid_bit = 1UL };
++enum { tid = 0 };
+
+ #define __decl_hathreads(decl)
+
+@@ -98,6 +101,9 @@ extern THREAD_LOCAL unsigned long tid_bit; /* The bit corresponding to the threa
+
+ #define ha_sigmask(how, set, oldset) sigprocmask(how, set, oldset)
+
++static inline void ha_set_tid(unsigned int tid)
++{
++}
+
+ static inline void __ha_barrier_load(void)
+ {
+@@ -120,6 +126,7 @@ static inline void __ha_barrier_full(void)
+ #include <import/plock.h>
+
+ #define MAX_THREADS LONGBITS
++#define MAX_THREADS_MASK ((unsigned long)-1)
+
+ #define __decl_hathreads(decl) decl
+
+@@ -223,10 +230,19 @@ void thread_exit_sync(void);
+ int thread_no_sync(void);
+ int thread_need_sync(void);
+
++extern THREAD_LOCAL unsigned int tid; /* The thread id */
++extern THREAD_LOCAL unsigned long tid_bit; /* The bit corresponding to the thread id */
+ extern volatile unsigned long all_threads_mask;
+
+ #define ha_sigmask(how, set, oldset) pthread_sigmask(how, set, oldset)
+
++/* sets the thread ID and the TID bit for the current thread */
++static inline void ha_set_tid(unsigned int data)
++{
++ tid = data;
++ tid_bit = (1UL << tid);
++}
++
+
+ #if defined(DEBUG_THREAD) || defined(DEBUG_FULL)
+
+diff --git a/src/cfgparse.c b/src/cfgparse.c
+index 24349a59..d1474d4b 100644
+--- a/src/cfgparse.c
++++ b/src/cfgparse.c
+@@ -7652,11 +7652,11 @@ int check_config_validity()
+ nbproc = my_ffsl(bind_conf->bind_proc);
+
+ mask = bind_conf->bind_thread[nbproc - 1];
+- if (mask && !(mask & (all_threads_mask ? all_threads_mask : 1UL))) {
++ if (mask && !(mask & all_threads_mask)) {
+ unsigned long new_mask = 0;
+
+ while (mask) {
+- new_mask |= mask & (all_threads_mask ? all_threads_mask : 1UL);
++ new_mask |= mask & all_threads_mask;
+ mask >>= global.nbthread;
+ }
+
+diff --git a/src/haproxy.c b/src/haproxy.c
+index 9ba56623..e0186ff9 100644
+--- a/src/haproxy.c
++++ b/src/haproxy.c
+@@ -2448,8 +2448,7 @@ static void *run_thread_poll_loop(void *data)
+ struct per_thread_deinit_fct *ptdf;
+ __decl_hathreads(static HA_SPINLOCK_T start_lock);
+
+- tid = *((unsigned int *)data);
+- tid_bit = (1UL << tid);
++ ha_set_tid(*((unsigned int *)data));
+ tv_update_date(-1,-1);
+
+ list_for_each_entry(ptif, &per_thread_init_list, list) {
+diff --git a/src/hathreads.c b/src/hathreads.c
+index 0d0a0509..238cbb80 100644
+--- a/src/hathreads.c
++++ b/src/hathreads.c
+@@ -19,8 +19,6 @@
+ #include <common/standard.h>
+ #include <proto/fd.h>
+
+-THREAD_LOCAL unsigned int tid = 0;
+-THREAD_LOCAL unsigned long tid_bit = (1UL << 0);
+
+ /* Dummy I/O handler used by the sync pipe.*/
+ void thread_sync_io_handler(int fd)
+@@ -33,6 +31,9 @@ static HA_SPINLOCK_T sync_lock;
+ static int threads_sync_pipe[2];
+ static unsigned long threads_want_sync = 0;
+ volatile unsigned long all_threads_mask = 1; // nbthread 1 assumed by default
++THREAD_LOCAL unsigned int tid = 0;
++THREAD_LOCAL unsigned long tid_bit = (1UL << 0);
++
+
+ #if defined(DEBUG_THREAD) || defined(DEBUG_FULL)
+ struct lock_stat lock_stats[LOCK_LABELS];
+@@ -130,7 +131,7 @@ void thread_enter_sync()
+ {
+ static volatile unsigned long barrier = 0;
+
+- if (!all_threads_mask)
++ if (!(all_threads_mask & (all_threads_mask - 1)))
+ return;
+
+ thread_sync_barrier(&barrier);
+@@ -146,7 +147,7 @@ void thread_exit_sync()
+ {
+ static volatile unsigned long barrier = 0;
+
+- if (!all_threads_mask)
++ if (!(all_threads_mask & (all_threads_mask - 1)))
+ return;
+
+ if (threads_want_sync & tid_bit)
--- /dev/null
+commit 7607ec0917c33ce511d46b791dfa5550451dd538
+Author: Willy Tarreau <w@1wt.eu>
+Date: Tue Aug 7 10:07:15 2018 +0200
+
+ BUG/MEDIUM: threads: fix the no-thread case after the change to the sync point
+
+ In commit 0c026f4 ("MINOR: threads: add more consistency between certain
+ variables in no-thread case"), we ensured that we don't have all_threads_mask
+ zeroed anymore. But one test was missed for the write() to the sync pipe.
+ This results in a situation where when running single-threaded, once a
+ server status changes, a wake-up message is written to the pipe and never
+ consumed, showing a 100% CPU usage.
+
+ No backport is needed.
+ (cherry picked from commit ab657ce2511c4e19b0191fbe1c98cfd823a3c5d6)
+ [wt: the offending patch was just backported as the previous one]
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/src/hathreads.c b/src/hathreads.c
+index 238cbb80..ba05fe27 100644
+--- a/src/hathreads.c
++++ b/src/hathreads.c
+@@ -71,7 +71,7 @@ void thread_sync_enable(void)
+ */
+ void thread_want_sync()
+ {
+- if (all_threads_mask) {
++ if (all_threads_mask & (all_threads_mask - 1)) {
+ if (threads_want_sync & tid_bit)
+ return;
+ if (HA_ATOMIC_OR(&threads_want_sync, tid_bit) == tid_bit)
--- /dev/null
+commit b505a8d719c208073959eff07f4af202ef49a8a1
+Author: Willy Tarreau <w@1wt.eu>
+Date: Thu Aug 2 10:16:17 2018 +0200
+
+ MEDIUM: hathreads: implement a more flexible rendez-vous point
+
+ The current synchronization point enforces certain restrictions which
+ are hard to workaround in certain areas of the code. The fact that the
+ critical code can only be called from the sync point itself is a problem
+ for some callback-driven parts. The "show fd" command for example is
+ fragile regarding this.
+
+ Also it is expensive in terms of CPU usage because it wakes every other
+ thread just to be sure all of them join to the rendez-vous point. It's a
+ problem because the sleeping threads would not need to be woken up just
+ to know they're doing nothing.
+
+ Here we implement a different approach. We keep track of harmless threads,
+ which are defined as those either doing nothing, or doing harmless things.
+ The rendez-vous is used "for others" as a way for a thread to isolate itself.
+ A thread then requests to be alone using thread_isolate() when approaching
+ the dangerous area, and then waits until all other threads are either doing
+ the same or are doing something harmless (typically polling). The function
+ only returns once the thread is guaranteed to be alone, and the critical
+ section is terminated using thread_release().
+
+ (cherry picked from commit 60b639ccbe919b86790267d7e45a39b75434acbe)
+ [wt: this will be needed to fix the "show fd" command with threads]
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/include/common/hathreads.h b/include/common/hathreads.h
+index 7eb5d127..f8fda87a 100644
+--- a/include/common/hathreads.h
++++ b/include/common/hathreads.h
+@@ -117,6 +117,27 @@ static inline void __ha_barrier_full(void)
+ {
+ }
+
++static inline void thread_harmless_now()
++{
++}
++
++static inline void thread_harmless_end()
++{
++}
++
++static inline void thread_isolate()
++{
++}
++
++static inline void thread_release()
++{
++}
++
++static inline unsigned long thread_isolated()
++{
++ return 1;
++}
++
+ #else /* USE_THREAD */
+
+ #include <stdio.h>
+@@ -229,10 +250,34 @@ void thread_enter_sync(void);
+ void thread_exit_sync(void);
+ int thread_no_sync(void);
+ int thread_need_sync(void);
++void thread_harmless_till_end();
++void thread_isolate();
++void thread_release();
+
+ extern THREAD_LOCAL unsigned int tid; /* The thread id */
+ extern THREAD_LOCAL unsigned long tid_bit; /* The bit corresponding to the thread id */
+ extern volatile unsigned long all_threads_mask;
++extern volatile unsigned long threads_want_rdv_mask;
++extern volatile unsigned long threads_harmless_mask;
++
++/* explanation for threads_want_rdv_mask and threads_harmless_mask :
++ * - threads_want_rdv_mask is a bit field indicating all threads that have
++ * requested a rendez-vous of other threads using thread_isolate().
++ * - threads_harmless_mask is a bit field indicating all threads that are
++ * currently harmless in that they promise not to access a shared resource.
++ *
++ * For a given thread, its bits in want_rdv and harmless can be translated like
++ * this :
++ *
++ * ----------+----------+----------------------------------------------------
++ * want_rdv | harmless | description
++ * ----------+----------+----------------------------------------------------
++ * 0 | 0 | thread not interested in RDV, possibly harmful
++ * 0 | 1 | thread not interested in RDV but harmless
++ * 1 | 1 | thread interested in RDV and waiting for its turn
++ * 1 | 0 | thread currently working isolated from others
++ * ----------+----------+----------------------------------------------------
++ */
+
+ #define ha_sigmask(how, set, oldset) pthread_sigmask(how, set, oldset)
+
+@@ -243,6 +288,38 @@ static inline void ha_set_tid(unsigned int data)
+ tid_bit = (1UL << tid);
+ }
+
++/* Marks the thread as harmless. Note: this must be true, i.e. the thread must
++ * not be touching any unprotected shared resource during this period. Usually
++ * this is called before poll(), but it may also be placed around very slow
++ * calls (eg: some crypto operations). Needs to be terminated using
++ * thread_harmless_end().
++ */
++static inline void thread_harmless_now()
++{
++ HA_ATOMIC_OR(&threads_harmless_mask, tid_bit);
++}
++
++/* Ends the harmless period started by thread_harmless_now(). Usually this is
++ * placed after the poll() call. If it is discovered that a job was running and
++ * is relying on the thread still being harmless, the thread waits for the
++ * other one to finish.
++ */
++static inline void thread_harmless_end()
++{
++ while (1) {
++ HA_ATOMIC_AND(&threads_harmless_mask, ~tid_bit);
++ if (likely((threads_want_rdv_mask & all_threads_mask) == 0))
++ break;
++ thread_harmless_till_end();
++ }
++}
++
++/* an isolated thread has harmless cleared and want_rdv set */
++static inline unsigned long thread_isolated()
++{
++ return threads_want_rdv_mask & ~threads_harmless_mask & tid_bit;
++}
++
+
+ #if defined(DEBUG_THREAD) || defined(DEBUG_FULL)
+
+diff --git a/src/ev_epoll.c b/src/ev_epoll.c
+index adc15acd..09d1abb6 100644
+--- a/src/ev_epoll.c
++++ b/src/ev_epoll.c
+@@ -17,6 +17,7 @@
+ #include <common/config.h>
+ #include <common/debug.h>
+ #include <common/epoll.h>
++#include <common/hathreads.h>
+ #include <common/standard.h>
+ #include <common/ticks.h>
+ #include <common/time.h>
+@@ -153,6 +154,8 @@ REGPRM2 static void _do_poll(struct poller *p, int exp)
+ }
+ HA_SPIN_UNLOCK(FD_UPDATE_LOCK, &fd_updt_lock);
+
++ thread_harmless_now();
++
+ /* compute the epoll_wait() timeout */
+ if (!exp)
+ wait_time = MAX_DELAY_MS;
+@@ -173,6 +176,8 @@ REGPRM2 static void _do_poll(struct poller *p, int exp)
+ tv_update_date(wait_time, status);
+ measure_idle();
+
++ thread_harmless_end();
++
+ /* process polled events */
+
+ for (count = 0; count < status; count++) {
+diff --git a/src/ev_kqueue.c b/src/ev_kqueue.c
+index 642de8b3..1f4762e6 100644
+--- a/src/ev_kqueue.c
++++ b/src/ev_kqueue.c
+@@ -19,6 +19,7 @@
+
+ #include <common/compat.h>
+ #include <common/config.h>
++#include <common/hathreads.h>
+ #include <common/ticks.h>
+ #include <common/time.h>
+ #include <common/tools.h>
+@@ -127,6 +128,8 @@ REGPRM2 static void _do_poll(struct poller *p, int exp)
+ }
+ HA_SPIN_UNLOCK(FD_UPDATE_LOCK, &fd_updt_lock);
+
++ thread_harmless_now();
++
+ if (changes) {
+ #ifdef EV_RECEIPT
+ kev[0].flags |= EV_RECEIPT;
+@@ -169,6 +172,8 @@ REGPRM2 static void _do_poll(struct poller *p, int exp)
+ tv_update_date(delta_ms, status);
+ measure_idle();
+
++ thread_harmless_end();
++
+ for (count = 0; count < status; count++) {
+ unsigned int n = 0;
+ fd = kev[count].ident;
+diff --git a/src/ev_poll.c b/src/ev_poll.c
+index c913ced2..7da992d6 100644
+--- a/src/ev_poll.c
++++ b/src/ev_poll.c
+@@ -19,6 +19,7 @@
+
+ #include <common/compat.h>
+ #include <common/config.h>
++#include <common/hathreads.h>
+ #include <common/ticks.h>
+ #include <common/time.h>
+
+@@ -149,6 +150,9 @@ REGPRM2 static void _do_poll(struct poller *p, int exp)
+
+ }
+ HA_SPIN_UNLOCK(FD_UPDATE_LOCK, &fd_updt_lock);
++
++ thread_harmless_now();
++
+ fd_nbupdt = 0;
+
+ nbfd = 0;
+@@ -200,6 +204,8 @@ REGPRM2 static void _do_poll(struct poller *p, int exp)
+ tv_update_date(wait_time, status);
+ measure_idle();
+
++ thread_harmless_end();
++
+ for (count = 0; status > 0 && count < nbfd; count++) {
+ unsigned int n;
+ int e = poll_events[count].revents;
+diff --git a/src/ev_select.c b/src/ev_select.c
+index bde923ea..9daf74d9 100644
+--- a/src/ev_select.c
++++ b/src/ev_select.c
+@@ -16,6 +16,7 @@
+
+ #include <common/compat.h>
+ #include <common/config.h>
++#include <common/hathreads.h>
+ #include <common/ticks.h>
+ #include <common/time.h>
+
+@@ -123,6 +124,9 @@ REGPRM2 static void _do_poll(struct poller *p, int exp)
+
+ }
+ HA_SPIN_UNLOCK(FD_UPDATE_LOCK, &fd_updt_lock);
++
++ thread_harmless_now();
++
+ fd_nbupdt = 0;
+
+ /* let's restore fdset state */
+@@ -171,6 +175,8 @@ REGPRM2 static void _do_poll(struct poller *p, int exp)
+ tv_update_date(delta_ms, status);
+ measure_idle();
+
++ thread_harmless_end();
++
+ if (status <= 0)
+ return;
+
+diff --git a/src/hathreads.c b/src/hathreads.c
+index ba05fe27..97ed31c5 100644
+--- a/src/hathreads.c
++++ b/src/hathreads.c
+@@ -30,6 +30,8 @@ void thread_sync_io_handler(int fd)
+ static HA_SPINLOCK_T sync_lock;
+ static int threads_sync_pipe[2];
+ static unsigned long threads_want_sync = 0;
++volatile unsigned long threads_want_rdv_mask = 0;
++volatile unsigned long threads_harmless_mask = 0;
+ volatile unsigned long all_threads_mask = 1; // nbthread 1 assumed by default
+ THREAD_LOCAL unsigned int tid = 0;
+ THREAD_LOCAL unsigned long tid_bit = (1UL << 0);
+@@ -163,6 +165,68 @@ void thread_exit_sync()
+ thread_sync_barrier(&barrier);
+ }
+
++/* Marks the thread as harmless until the last thread using the rendez-vous
++ * point quits. Given that we can wait for a long time, sched_yield() is used
++ * when available to offer the CPU resources to competing threads if needed.
++ */
++void thread_harmless_till_end()
++{
++ HA_ATOMIC_OR(&threads_harmless_mask, tid_bit);
++ while (threads_want_rdv_mask & all_threads_mask) {
++#if _POSIX_PRIORITY_SCHEDULING
++ sched_yield();
++#else
++ pl_cpu_relax();
++#endif
++ }
++}
++
++/* Isolates the current thread : request the ability to work while all other
++ * threads are harmless. Only returns once all of them are harmless, with the
++ * current thread's bit in threads_harmless_mask cleared. Needs to be completed
++ * using thread_release().
++ */
++void thread_isolate()
++{
++ unsigned long old;
++
++ HA_ATOMIC_OR(&threads_harmless_mask, tid_bit);
++ __ha_barrier_store();
++ HA_ATOMIC_OR(&threads_want_rdv_mask, tid_bit);
++
++ /* wait for all threads to become harmless */
++ old = threads_harmless_mask;
++ while (1) {
++ if (unlikely((old & all_threads_mask) != all_threads_mask))
++ old = threads_harmless_mask;
++ else if (HA_ATOMIC_CAS(&threads_harmless_mask, &old, old & ~tid_bit))
++ break;
++
++#if _POSIX_PRIORITY_SCHEDULING
++ sched_yield();
++#else
++ pl_cpu_relax();
++#endif
++ }
++ /* one thread gets released at a time here, with its harmess bit off.
++ * The loss of this bit makes the other one continue to spin while the
++ * thread is working alone.
++ */
++}
++
++/* Cancels the effect of thread_isolate() by releasing the current thread's bit
++ * in threads_want_rdv_mask and by marking this thread as harmless until the
++ * last worker finishes.
++ */
++void thread_release()
++{
++ while (1) {
++ HA_ATOMIC_AND(&threads_want_rdv_mask, ~tid_bit);
++ if (!(threads_want_rdv_mask & all_threads_mask))
++ break;
++ thread_harmless_till_end();
++ }
++}
+
+ __attribute__((constructor))
+ static void __hathreads_init(void)
--- /dev/null
+commit f41ca2546e3c35cc389f45428341ec03dade314d
+Author: Willy Tarreau <w@1wt.eu>
+Date: Thu Aug 2 11:05:48 2018 +0200
+
+ BUG/MEDIUM: cli: make "show fd" thread-safe
+
+ The "show fd" command was implemented as a debugging aid but it's not
+ thread safe. Its features have grown, it can now dump some mux-specific
+ parts and is being used in production to capture some useful debugging
+ traces. But it will quickly crash the process when used during an H2 load
+ test for example, especially when haproxy is built with the DEBUG_UAF
+ option. It cannot afford not to be thread safe anymore. Let's make use
+ of the new rendez-vous point using thread_isolate() / thread_release()
+ to ensure that the data being dumped are not changing under us. The dump
+ becomes slightly slower under load but now it's safe.
+
+ This should be backported to 1.8 along with the rendez-vous point code
+ once considered stable enough.
+ (cherry picked from commit bf9fd650883b23604b7cd4aabf04fc0c4c8fe7c7)
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/src/cli.c b/src/cli.c
+index 233c2323..8344fe10 100644
+--- a/src/cli.c
++++ b/src/cli.c
+@@ -787,10 +787,14 @@ static int cli_io_handler_show_fd(struct appctx *appctx)
+ void *ctx = NULL;
+ uint32_t conn_flags = 0;
+
++ thread_isolate();
++
+ fdt = fdtab[fd];
+
+- if (!fdt.owner)
++ if (!fdt.owner) {
++ thread_release();
+ goto skip; // closed
++ }
+
+ if (fdt.iocb == conn_fd_handler) {
+ conn_flags = ((struct connection *)fdt.owner)->flags;
+@@ -855,6 +859,8 @@ static int cli_io_handler_show_fd(struct appctx *appctx)
+ li->bind_conf->frontend->id);
+ }
+
++ thread_release();
++
+ chunk_appendf(&trash, "\n");
+
+ if (ci_putchk(si_ic(si), &trash) == -1) {
--- /dev/null
+commit 8c2e3b35a951c41b80efe4c3368d1244bab2bea4
+Author: Emeric Brun <ebrun@haproxy.com>
+Date: Thu Aug 16 11:36:40 2018 +0200
+
+ BUG/MINOR: ssl: empty connections reported as errors.
+
+ Empty connection is reported as handshake error
+ even if dont-log-null is specified.
+
+ This bug affect is a regression du to:
+
+ BUILD: ssl: fix to build (again) with boringssl
+
+ New openssl 1.1.1 defines OPENSSL_NO_HEARTBEATS as boring ssl
+ so the test was replaced by OPENSSL_IS_BORINGSSL
+
+ This fix should be backported on 1.8
+
+ (cherry picked from commit 77e8919fc6f382f3a7facdc814b8618b8987200f)
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/src/ssl_sock.c b/src/ssl_sock.c
+index 7edfb799..49389f01 100644
+--- a/src/ssl_sock.c
++++ b/src/ssl_sock.c
+@@ -5121,7 +5121,7 @@ int ssl_sock_handshake(struct connection *conn, unsigned int flag)
+ if (!errno && conn->flags & CO_FL_WAIT_L4_CONN)
+ conn->flags &= ~CO_FL_WAIT_L4_CONN;
+ if (!conn->err_code) {
+-#ifdef OPENSSL_NO_HEARTBEATS /* BoringSSL */
++#ifdef OPENSSL_IS_BORINGSSL /* BoringSSL */
+ conn->err_code = CO_ER_SSL_HANDSHAKE;
+ #else
+ int empty_handshake;
+@@ -5205,7 +5205,7 @@ check_error:
+ if (!errno && conn->flags & CO_FL_WAIT_L4_CONN)
+ conn->flags &= ~CO_FL_WAIT_L4_CONN;
+ if (!conn->err_code) {
+-#ifdef OPENSSL_NO_HEARTBEATS /* BoringSSL */
++#ifdef OPENSSL_IS_BORINGSSL /* BoringSSL */
+ conn->err_code = CO_ER_SSL_HANDSHAKE;
+ #else
+ int empty_handshake;
--- /dev/null
+commit 9923082f94e0af83d03e030f4274d3db374b248c
+Author: Emeric Brun <ebrun@haproxy.com>
+Date: Thu Aug 16 15:11:12 2018 +0200
+
+ BUG/MEDIUM: ssl: fix missing error loading a keytype cert from a bundle.
+
+ If there was an issue loading a keytype's part of a bundle, the bundle
+ was implicitly ignored without errors.
+
+ This patch should be backported in 1.8 (and perhaps 1.7)
+
+ (cherry picked from commit eb155b6ca6c1a8aaffa30285d453909b97979f5f)
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/src/ssl_sock.c b/src/ssl_sock.c
+index 49389f01..9f0ff1f0 100644
+--- a/src/ssl_sock.c
++++ b/src/ssl_sock.c
+@@ -3475,7 +3475,7 @@ int ssl_sock_load_cert(char *path, struct bind_conf *bind_conf, char **err)
+ }
+
+ snprintf(fp, sizeof(fp), "%s/%s", path, dp);
+- ssl_sock_load_multi_cert(fp, bind_conf, NULL, NULL, 0, err);
++ cfgerr += ssl_sock_load_multi_cert(fp, bind_conf, NULL, NULL, 0, err);
+
+ /* Successfully processed the bundle */
+ goto ignore_entry;
--- /dev/null
+commit 399714287a04d6b453ba95e4a3904a7644827d0b
+Author: Emeric Brun <ebrun@haproxy.com>
+Date: Thu Aug 16 15:14:12 2018 +0200
+
+ BUG/MEDIUM: ssl: loading dh param from certifile causes unpredictable error.
+
+ If the dh parameter is not found, the openssl's error global
+ stack was not correctly cleared causing unpredictable error
+ during the following parsing (chain cert parsing for instance).
+
+ This patch should be backported in 1.8 (and perhaps 1.7)
+
+ (cherry picked from commit e1b4ed4352619f985d7d65f5d95a830ef5775c46)
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/src/ssl_sock.c b/src/ssl_sock.c
+index 9f0ff1f0..9be2fc4c 100644
+--- a/src/ssl_sock.c
++++ b/src/ssl_sock.c
+@@ -2597,6 +2597,8 @@ end:
+ if (in)
+ BIO_free(in);
+
++ ERR_clear_error();
++
+ return dh;
+ }
+
--- /dev/null
+commit a1110e24e5be53ba5fe9ab82372c02a60da06cf9
+Author: Emeric Brun <ebrun@haproxy.com>
+Date: Tue Jul 17 09:47:07 2018 -0400
+
+ BUG/MINOR: map: fix map_regm with backref
+
+ Due to a cascade of get_trash_chunk calls the sample is
+ corrupted when we want to read it.
+
+ The fix consist to use a temporary chunk to copy the sample
+ value and use it.
+
+ (cherry picked from commit 271022150d7961b9aa39dbfd88e0c6a4bc48c3ee)
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/src/map.c b/src/map.c
+index a9a1e53c..da399088 100644
+--- a/src/map.c
++++ b/src/map.c
+@@ -184,10 +184,27 @@ static int sample_conv_map(const struct arg *arg_p, struct sample *smp, void *pr
+ if (pat->data) {
+ /* In the regm case, merge the sample with the input. */
+ if ((long)private == PAT_MATCH_REGM) {
++ struct chunk *tmptrash;
++
++ /* Copy the content of the sample because it could
++ be scratched by incoming get_trash_chunk */
++ tmptrash = alloc_trash_chunk();
++ if (!tmptrash)
++ return 0;
++
++ tmptrash->len = smp->data.u.str.len;
++ if (tmptrash->len > (tmptrash->size-1))
++ tmptrash->len = tmptrash->size-1;
++
++ memcpy(tmptrash->str, smp->data.u.str.str, tmptrash->len);
++ tmptrash->str[tmptrash->len] = 0;
++
+ str = get_trash_chunk();
+- str->len = exp_replace(str->str, str->size, smp->data.u.str.str,
++ str->len = exp_replace(str->str, str->size, tmptrash->str,
+ pat->data->u.str.str,
+ (regmatch_t *)smp->ctx.a[0]);
++
++ free_trash_chunk(tmptrash);
+ if (str->len == -1)
+ return 0;
+ smp->data.u.str = *str;
--- /dev/null
+commit 29a43c20faa06100ade61fc24a5ee3bddfa3021a
+Author: Lukas Tribus <lukas@ltri.eu>
+Date: Tue Aug 14 11:39:35 2018 +0200
+
+ DOC: dns: explain set server ... fqdn requires resolver
+
+ Abhishek Gupta reported on discourse that set server [...] fqdn always
+ fails. Further investigation showed that this requires the internal
+ DNS resolver to be configured. Add this requirement to the docs.
+
+ Must be backported to 1.8.
+
+ (cherry picked from commit c5dd5a500a237780eb9ab6e7069949cb19b6ff7d)
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/doc/management.txt b/doc/management.txt
+index 68a17c25..46e7fd07 100644
+--- a/doc/management.txt
++++ b/doc/management.txt
+@@ -1675,7 +1675,8 @@ set server <backend>/<server> weight <weight>[%]
+ equivalent of the "set weight" command below.
+
+ set server <backend>/<server> fqdn <FQDN>
+- Change a server's FQDN to the value passed in argument.
++ Change a server's FQDN to the value passed in argument. This requires the
++ internal run-time DNS resolver to be configured and enabled for this server.
+
+ set severity-output [ none | number | string ]
+ Change the severity output format of the stats socket connected to for the
--- /dev/null
+commit 54aecf18aeabe09bccf8db5e34b99bc36d468088
+Author: Bertrand Jacquin <bertrand@jacquin.bzh>
+Date: Tue Aug 14 00:56:13 2018 +0100
+
+ DOC: ssl: Use consistent naming for TLS protocols
+
+ In most cases, "TLSv1.x" naming is used across and documentation, lazy
+ people tend to grep too much and may not find what they are looking for.
+
+ Fixing people is hard.
+
+ (cherry picked from commit a25282bb399bfad8ed04b494b567fe97f0a58d65)
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/doc/configuration.txt b/doc/configuration.txt
+index 1973bbf2..43e28785 100644
+--- a/doc/configuration.txt
++++ b/doc/configuration.txt
+@@ -10447,7 +10447,7 @@ accept-proxy
+ setting of which client is allowed to use the protocol.
+
+ allow-0rtt
+- Allow receiving early data when using TLS 1.3. This is disabled by default,
++ Allow receiving early data when using TLSv1.3. This is disabled by default,
+ due to security considerations.
+
+ alpn <protocols>
+diff --git a/src/ssl_sock.c b/src/ssl_sock.c
+index 9be2fc4c..0b49e0b4 100644
+--- a/src/ssl_sock.c
++++ b/src/ssl_sock.c
+@@ -1986,7 +1986,7 @@ static void ctx_set_TLSv12_func(SSL_CTX *ctx, set_context_func c) {
+ : SSL_CTX_set_ssl_version(ctx, TLSv1_2_client_method());
+ #endif
+ }
+-/* TLS 1.2 is the last supported version in this context. */
++/* TLSv1.2 is the last supported version in this context. */
+ static void ctx_set_TLSv13_func(SSL_CTX *ctx, set_context_func c) {}
+ /* Unusable in this context. */
+ static void ssl_set_SSLv3_func(SSL *ssl, set_context_func c) {}
+@@ -2187,7 +2187,7 @@ static int ssl_sock_switchctx_cbk(SSL *ssl, int *al, void *arg)
+ break;
+ }
+ } else {
+- /* without TLSEXT_TYPE_signature_algorithms extension (< TLS 1.2) */
++ /* without TLSEXT_TYPE_signature_algorithms extension (< TLSv1.2) */
+ has_rsa = 1;
+ }
+ if (has_ecdsa_sig) { /* in very rare case: has ecdsa sign but not a ECDSA cipher */
--- /dev/null
+commit 947a3f71ad9733dde6645edb91b6becb3ee51e7c
+Author: Cyril Bonté <cyril.bonte@free.fr>
+Date: Fri Aug 17 23:51:02 2018 +0200
+
+ BUG/MEDIUM: lua: socket timeouts are not applied
+
+ Sachin Shetty reported that socket timeouts set in LUA code have no effect.
+ Indeed, connect timeout is never modified and is always set to its default,
+ set to 5 seconds. Currently, this patch will apply the specified timeout
+ value to the connect timeout.
+ For the read and write timeouts, the issue is that the timeout is updated but
+ the expiration dates were not updated.
+
+ This patch should be backported up to the 1.6 branch.
+
+ (cherry picked from commit 7bb634549794298fc701d33efd93c7289dcf9cb7)
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/src/hlua.c b/src/hlua.c
+index 4e50fa64..daf775fc 100644
+--- a/src/hlua.c
++++ b/src/hlua.c
+@@ -2566,10 +2566,19 @@ __LJMP static int hlua_socket_settimeout(struct lua_State *L)
+ si = appctx->owner;
+ s = si_strm(si);
+
++ s->sess->fe->timeout.connect = tmout;
+ s->req.rto = tmout;
+ s->req.wto = tmout;
+ s->res.rto = tmout;
+ s->res.wto = tmout;
++ s->req.rex = tick_add_ifset(now_ms, tmout);
++ s->req.wex = tick_add_ifset(now_ms, tmout);
++ s->res.rex = tick_add_ifset(now_ms, tmout);
++ s->res.wex = tick_add_ifset(now_ms, tmout);
++
++ s->task->expire = tick_add_ifset(now_ms, tmout);
++ task_queue(s->task);
++
+ xref_unlock(&socket->xref, peer);
+
+ lua_pushinteger(L, 1);
--- /dev/null
+commit 3c42f13badd149c9c3152d7b2e653bde5da7c17a
+Author: Willy Tarreau <w@1wt.eu>
+Date: Tue Aug 21 14:50:44 2018 +0200
+
+ BUG/MEDIUM: cli/threads: protect all "proxy" commands against concurrent updates
+
+ The proxy-related commands like "{enable|disable|shutdown} frontend",
+ "{enable|disable} dynamic-cookie", "set dynamic-cookie-key" were not
+ protected against concurrent accesses making their use dangerous with
+ threads.
+
+ This patch must be backported to 1.8.
+
+ (cherry picked from commit a275a3710eaa365150fe89e2e7a8fbdce87bb30e)
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/src/proxy.c b/src/proxy.c
+index 4437b703..8926ba8b 100644
+--- a/src/proxy.c
++++ b/src/proxy.c
+@@ -1560,7 +1560,10 @@ static int cli_io_handler_show_backend(struct appctx *appctx)
+ return 1;
+ }
+
+-/* Parses the "enable dynamic-cookies backend" directive, it always returns 1 */
++/* Parses the "enable dynamic-cookies backend" directive, it always returns 1.
++ *
++ * Grabs the proxy lock and each server's lock.
++ */
+ static int cli_parse_enable_dyncookie_backend(char **args, struct appctx *appctx, void *private)
+ {
+ struct proxy *px;
+@@ -1573,15 +1576,25 @@ static int cli_parse_enable_dyncookie_backend(char **args, struct appctx *appctx
+ if (!px)
+ return 1;
+
++ HA_SPIN_LOCK(PROXY_LOCK, &px->lock);
++
+ px->ck_opts |= PR_CK_DYNAMIC;
+
+- for (s = px->srv; s != NULL; s = s->next)
++ for (s = px->srv; s != NULL; s = s->next) {
++ HA_SPIN_LOCK(SERVER_LOCK, &s->lock);
+ srv_set_dyncookie(s);
++ HA_SPIN_UNLOCK(SERVER_LOCK, &s->lock);
++ }
++
++ HA_SPIN_UNLOCK(PROXY_LOCK, &px->lock);
+
+ return 1;
+ }
+
+-/* Parses the "disable dynamic-cookies backend" directive, it always returns 1 */
++/* Parses the "disable dynamic-cookies backend" directive, it always returns 1.
++ *
++ * Grabs the proxy lock and each server's lock.
++ */
+ static int cli_parse_disable_dyncookie_backend(char **args, struct appctx *appctx, void *private)
+ {
+ struct proxy *px;
+@@ -1594,19 +1607,28 @@ static int cli_parse_disable_dyncookie_backend(char **args, struct appctx *appct
+ if (!px)
+ return 1;
+
++ HA_SPIN_LOCK(PROXY_LOCK, &px->lock);
++
+ px->ck_opts &= ~PR_CK_DYNAMIC;
+
+ for (s = px->srv; s != NULL; s = s->next) {
++ HA_SPIN_LOCK(SERVER_LOCK, &s->lock);
+ if (!(s->flags & SRV_F_COOKIESET)) {
+ free(s->cookie);
+ s->cookie = NULL;
+ }
++ HA_SPIN_UNLOCK(SERVER_LOCK, &s->lock);
+ }
+
++ HA_SPIN_UNLOCK(PROXY_LOCK, &px->lock);
++
+ return 1;
+ }
+
+-/* Parses the "set dynamic-cookie-key backend" directive, it always returns 1 */
++/* Parses the "set dynamic-cookie-key backend" directive, it always returns 1.
++ *
++ * Grabs the proxy lock and each server's lock.
++ */
+ static int cli_parse_set_dyncookie_key_backend(char **args, struct appctx *appctx, void *private)
+ {
+ struct proxy *px;
+@@ -1634,16 +1656,27 @@ static int cli_parse_set_dyncookie_key_backend(char **args, struct appctx *appct
+ appctx->st0 = CLI_ST_PRINT;
+ return 1;
+ }
++
++ HA_SPIN_LOCK(PROXY_LOCK, &px->lock);
++
+ free(px->dyncookie_key);
+ px->dyncookie_key = newkey;
+
+- for (s = px->srv; s != NULL; s = s->next)
++ for (s = px->srv; s != NULL; s = s->next) {
++ HA_SPIN_LOCK(SERVER_LOCK, &s->lock);
+ srv_set_dyncookie(s);
++ HA_SPIN_UNLOCK(SERVER_LOCK, &s->lock);
++ }
++
++ HA_SPIN_UNLOCK(PROXY_LOCK, &px->lock);
+
+ return 1;
+ }
+
+-/* Parses the "set maxconn frontend" directive, it always returns 1 */
++/* Parses the "set maxconn frontend" directive, it always returns 1.
++ *
++ * Grabs the proxy lock.
++ */
+ static int cli_parse_set_maxconn_frontend(char **args, struct appctx *appctx, void *private)
+ {
+ struct proxy *px;
+@@ -1675,6 +1708,8 @@ static int cli_parse_set_maxconn_frontend(char **args, struct appctx *appctx, vo
+ /* OK, the value is fine, so we assign it to the proxy and to all of
+ * its listeners. The blocked ones will be dequeued.
+ */
++ HA_SPIN_LOCK(PROXY_LOCK, &px->lock);
++
+ px->maxconn = v;
+ list_for_each_entry(l, &px->conf.listeners, by_fe) {
+ l->maxconn = v;
+@@ -1685,10 +1720,15 @@ static int cli_parse_set_maxconn_frontend(char **args, struct appctx *appctx, vo
+ if (px->maxconn > px->feconn && !LIST_ISEMPTY(&px->listener_queue))
+ dequeue_all_listeners(&px->listener_queue);
+
++ HA_SPIN_UNLOCK(PROXY_LOCK, &px->lock);
++
+ return 1;
+ }
+
+-/* Parses the "shutdown frontend" directive, it always returns 1 */
++/* Parses the "shutdown frontend" directive, it always returns 1.
++ *
++ * Grabs the proxy lock.
++ */
+ static int cli_parse_shutdown_frontend(char **args, struct appctx *appctx, void *private)
+ {
+ struct proxy *px;
+@@ -1711,14 +1751,22 @@ static int cli_parse_shutdown_frontend(char **args, struct appctx *appctx, void
+ px->id, px->fe_counters.cum_conn, px->be_counters.cum_conn);
+ send_log(px, LOG_WARNING, "Proxy %s stopped (FE: %lld conns, BE: %lld conns).\n",
+ px->id, px->fe_counters.cum_conn, px->be_counters.cum_conn);
++
++ HA_SPIN_LOCK(PROXY_LOCK, &px->lock);
+ stop_proxy(px);
++ HA_SPIN_UNLOCK(PROXY_LOCK, &px->lock);
++
+ return 1;
+ }
+
+-/* Parses the "disable frontend" directive, it always returns 1 */
++/* Parses the "disable frontend" directive, it always returns 1.
++ *
++ * Grabs the proxy lock.
++ */
+ static int cli_parse_disable_frontend(char **args, struct appctx *appctx, void *private)
+ {
+ struct proxy *px;
++ int ret;
+
+ if (!cli_has_level(appctx, ACCESS_LVL_ADMIN))
+ return 1;
+@@ -1741,7 +1789,11 @@ static int cli_parse_disable_frontend(char **args, struct appctx *appctx, void *
+ return 1;
+ }
+
+- if (!pause_proxy(px)) {
++ HA_SPIN_LOCK(PROXY_LOCK, &px->lock);
++ ret = pause_proxy(px);
++ HA_SPIN_UNLOCK(PROXY_LOCK, &px->lock);
++
++ if (!ret) {
+ appctx->ctx.cli.severity = LOG_ERR;
+ appctx->ctx.cli.msg = "Failed to pause frontend, check logs for precise cause.\n";
+ appctx->st0 = CLI_ST_PRINT;
+@@ -1750,10 +1802,14 @@ static int cli_parse_disable_frontend(char **args, struct appctx *appctx, void *
+ return 1;
+ }
+
+-/* Parses the "enable frontend" directive, it always returns 1 */
++/* Parses the "enable frontend" directive, it always returns 1.
++ *
++ * Grabs the proxy lock.
++ */
+ static int cli_parse_enable_frontend(char **args, struct appctx *appctx, void *private)
+ {
+ struct proxy *px;
++ int ret;
+
+ if (!cli_has_level(appctx, ACCESS_LVL_ADMIN))
+ return 1;
+@@ -1776,7 +1832,11 @@ static int cli_parse_enable_frontend(char **args, struct appctx *appctx, void *p
+ return 1;
+ }
+
+- if (!resume_proxy(px)) {
++ HA_SPIN_LOCK(PROXY_LOCK, &px->lock);
++ ret = resume_proxy(px);
++ HA_SPIN_UNLOCK(PROXY_LOCK, &px->lock);
++
++ if (!ret) {
+ appctx->ctx.cli.severity = LOG_ERR;
+ appctx->ctx.cli.msg = "Failed to resume frontend, check logs for precise cause (port conflict?).\n";
+ appctx->st0 = CLI_ST_PRINT;
--- /dev/null
+commit 0dbaa252df906cc9c1d0dc7a075c16e039ab1c5b
+Author: Willy Tarreau <w@1wt.eu>
+Date: Tue Aug 21 15:35:31 2018 +0200
+
+ BUG/MEDIUM: cli/threads: protect some server commands against concurrent operations
+
+ The server-specific CLI commands "set weight", "set maxconn",
+ "disable agent", "enable agent", "disable health", "enable health",
+ "disable server" and "enable server" were not protected against
+ concurrent accesses. Now they take the server lock around the
+ sensitive part.
+
+ This patch must be backported to 1.8.
+
+ (cherry picked from commit 3bcc2699ba08dd3971ae7a56631994b2524d2acb)
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/src/server.c b/src/server.c
+index 36a05e27..98dae535 100644
+--- a/src/server.c
++++ b/src/server.c
+@@ -4299,6 +4299,10 @@ static int cli_parse_get_weight(char **args, struct appctx *appctx, void *privat
+ return 1;
+ }
+
++/* Parse a "set weight" command.
++ *
++ * Grabs the server lock.
++ */
+ static int cli_parse_set_weight(char **args, struct appctx *appctx, void *private)
+ {
+ struct server *sv;
+@@ -4311,16 +4315,24 @@ static int cli_parse_set_weight(char **args, struct appctx *appctx, void *privat
+ if (!sv)
+ return 1;
+
++ HA_SPIN_LOCK(SERVER_LOCK, &sv->lock);
++
+ warning = server_parse_weight_change_request(sv, args[3]);
+ if (warning) {
+ appctx->ctx.cli.severity = LOG_ERR;
+ appctx->ctx.cli.msg = warning;
+ appctx->st0 = CLI_ST_PRINT;
+ }
++
++ HA_SPIN_UNLOCK(SERVER_LOCK, &sv->lock);
++
+ return 1;
+ }
+
+-/* parse a "set maxconn server" command. It always returns 1. */
++/* parse a "set maxconn server" command. It always returns 1.
++ *
++ * Grabs the server lock.
++ */
+ static int cli_parse_set_maxconn_server(char **args, struct appctx *appctx, void *private)
+ {
+ struct server *sv;
+@@ -4333,16 +4345,24 @@ static int cli_parse_set_maxconn_server(char **args, struct appctx *appctx, void
+ if (!sv)
+ return 1;
+
++ HA_SPIN_LOCK(SERVER_LOCK, &sv->lock);
++
+ warning = server_parse_maxconn_change_request(sv, args[4]);
+ if (warning) {
+ appctx->ctx.cli.severity = LOG_ERR;
+ appctx->ctx.cli.msg = warning;
+ appctx->st0 = CLI_ST_PRINT;
+ }
++
++ HA_SPIN_UNLOCK(SERVER_LOCK, &sv->lock);
++
+ return 1;
+ }
+
+-/* parse a "disable agent" command. It always returns 1. */
++/* parse a "disable agent" command. It always returns 1.
++ *
++ * Grabs the server lock.
++ */
+ static int cli_parse_disable_agent(char **args, struct appctx *appctx, void *private)
+ {
+ struct server *sv;
+@@ -4354,11 +4374,16 @@ static int cli_parse_disable_agent(char **args, struct appctx *appctx, void *pri
+ if (!sv)
+ return 1;
+
++ HA_SPIN_LOCK(SERVER_LOCK, &sv->lock);
+ sv->agent.state &= ~CHK_ST_ENABLED;
++ HA_SPIN_UNLOCK(SERVER_LOCK, &sv->lock);
+ return 1;
+ }
+
+-/* parse a "disable health" command. It always returns 1. */
++/* parse a "disable health" command. It always returns 1.
++ *
++ * Grabs the server lock.
++ */
+ static int cli_parse_disable_health(char **args, struct appctx *appctx, void *private)
+ {
+ struct server *sv;
+@@ -4370,11 +4395,16 @@ static int cli_parse_disable_health(char **args, struct appctx *appctx, void *pr
+ if (!sv)
+ return 1;
+
++ HA_SPIN_LOCK(SERVER_LOCK, &sv->lock);
+ sv->check.state &= ~CHK_ST_ENABLED;
++ HA_SPIN_UNLOCK(SERVER_LOCK, &sv->lock);
+ return 1;
+ }
+
+-/* parse a "disable server" command. It always returns 1. */
++/* parse a "disable server" command. It always returns 1.
++ *
++ * Grabs the server lock.
++ */
+ static int cli_parse_disable_server(char **args, struct appctx *appctx, void *private)
+ {
+ struct server *sv;
+@@ -4386,11 +4416,16 @@ static int cli_parse_disable_server(char **args, struct appctx *appctx, void *pr
+ if (!sv)
+ return 1;
+
++ HA_SPIN_LOCK(SERVER_LOCK, &sv->lock);
+ srv_adm_set_maint(sv);
++ HA_SPIN_UNLOCK(SERVER_LOCK, &sv->lock);
+ return 1;
+ }
+
+-/* parse a "enable agent" command. It always returns 1. */
++/* parse a "enable agent" command. It always returns 1.
++ *
++ * Grabs the server lock.
++ */
+ static int cli_parse_enable_agent(char **args, struct appctx *appctx, void *private)
+ {
+ struct server *sv;
+@@ -4409,11 +4444,16 @@ static int cli_parse_enable_agent(char **args, struct appctx *appctx, void *priv
+ return 1;
+ }
+
++ HA_SPIN_LOCK(SERVER_LOCK, &sv->lock);
+ sv->agent.state |= CHK_ST_ENABLED;
++ HA_SPIN_UNLOCK(SERVER_LOCK, &sv->lock);
+ return 1;
+ }
+
+-/* parse a "enable health" command. It always returns 1. */
++/* parse a "enable health" command. It always returns 1.
++ *
++ * Grabs the server lock.
++ */
+ static int cli_parse_enable_health(char **args, struct appctx *appctx, void *private)
+ {
+ struct server *sv;
+@@ -4425,11 +4465,16 @@ static int cli_parse_enable_health(char **args, struct appctx *appctx, void *pri
+ if (!sv)
+ return 1;
+
++ HA_SPIN_LOCK(SERVER_LOCK, &sv->lock);
+ sv->check.state |= CHK_ST_ENABLED;
++ HA_SPIN_UNLOCK(SERVER_LOCK, &sv->lock);
+ return 1;
+ }
+
+-/* parse a "enable server" command. It always returns 1. */
++/* parse a "enable server" command. It always returns 1.
++ *
++ * Grabs the server lock.
++ */
+ static int cli_parse_enable_server(char **args, struct appctx *appctx, void *private)
+ {
+ struct server *sv;
+@@ -4441,11 +4486,13 @@ static int cli_parse_enable_server(char **args, struct appctx *appctx, void *pri
+ if (!sv)
+ return 1;
+
++ HA_SPIN_LOCK(SERVER_LOCK, &sv->lock);
+ srv_adm_set_ready(sv);
+ if (!(sv->flags & SRV_F_COOKIESET)
+ && (sv->proxy->ck_opts & PR_CK_DYNAMIC) &&
+ sv->cookie)
+ srv_check_for_dup_dyncookie(sv);
++ HA_SPIN_UNLOCK(SERVER_LOCK, &sv->lock);
+ return 1;
+ }
+
--- /dev/null
+commit d13cb1516cb5ae4cb8322ed630e1d4e1f584fd77
+Author: Jens Bissinger <whiterabbit.init@googlemail.com>
+Date: Thu Aug 23 14:11:27 2018 +0200
+
+ DOC: Fix spelling error in configuration doc
+
+ Fix spelling error in logging section of configuration doc.
+
+ (cherry picked from commit 15c64ff4fb9f1f64b31306ac53b38fc4d5fb1538)
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/doc/configuration.txt b/doc/configuration.txt
+index 43e28785..0dd212ad 100644
+--- a/doc/configuration.txt
++++ b/doc/configuration.txt
+@@ -16089,7 +16089,7 @@ Please refer to the table below for currently defined variables :
+ | | %t | date_time (with millisecond resolution) | date |
+ | H | %tr | date_time of HTTP request | date |
+ | H | %trg | gmt_date_time of start of HTTP request | date |
+- | H | %trl | locla_date_time of start of HTTP request | date |
++ | H | %trl | local_date_time of start of HTTP request | date |
+ | | %ts | termination_state | string |
+ | H | %tsc | termination_state with cookie status | string |
+ +---+------+-----------------------------------------------+-------------+
--- /dev/null
+commit f87ea7d2fdcfa3ccd5d605b3ce96642d28f20f6b
+Author: Willy Tarreau <w@1wt.eu>
+Date: Fri Aug 24 14:31:53 2018 +0200
+
+ BUG/MEDIUM: unix: provide a ->drain() function
+
+ Right now conn_sock_drain() calls the protocol's ->drain() function if
+ it exists, otherwise it simply tries to disable polling for receiving
+ on the connection. This doesn't work well anymore since we've implemented
+ the muxes in 1.8, and it has a side effect with keep-alive backend
+ connections established over unix sockets. What happens is that if
+ during the idle time after a request, a connection reports some data,
+ si_idle_conn_null_cb() is called, which will call conn_sock_drain().
+ This one sees there's no drain() on unix sockets and will simply disable
+ polling for data on the connection. But it doesn't do anything on the
+ conn_stream. Thus while leaving the conn_fd_handler, the mux's polling
+ is updated and recomputed based on the conn_stream's polling state,
+ which is still enabled, and nothing changes, so we see the process
+ use 100% CPU in this case because the FD remains active in the cache.
+
+ There are several issues that need to be addressed here. The first and
+ most important is that we cannot expect some protocols to simply stop
+ reading data when asked to drain pending data. So this patch make the
+ unix sockets rely on tcp_drain() since the functions are the same. This
+ solution is appropriate for backporting, but a better one is desired for
+ the long term. The second issue is that si_idle_conn_null_cb() shouldn't
+ drain the connection but the conn_stream.
+
+ At the moment we don't have any way to drain a conn_stream, though a flag
+ on rcv_buf() will do it well. Until we support muxes on the server side
+ it is not a problem so this part can be addressed later.
+
+ This fix must be backported to 1.8.
+
+ (cherry picked from commit fe5d2ac65fd58a8320e8dc725219c1bce5839592)
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/src/proto_uxst.c b/src/proto_uxst.c
+index f2374be6..0b3a57b8 100644
+--- a/src/proto_uxst.c
++++ b/src/proto_uxst.c
+@@ -42,6 +42,7 @@
+ #include <proto/listener.h>
+ #include <proto/log.h>
+ #include <proto/protocol.h>
++#include <proto/proto_tcp.h>
+ #include <proto/task.h>
+
+ static int uxst_bind_listener(struct listener *listener, char *errmsg, int errlen);
+@@ -71,6 +72,7 @@ static struct protocol proto_unix = {
+ .disable_all = disable_all_listeners,
+ .get_src = uxst_get_src,
+ .get_dst = uxst_get_dst,
++ .drain = tcp_drain,
+ .pause = uxst_pause_listener,
+ .add = uxst_add_listener,
+ .listeners = LIST_HEAD_INIT(proto_unix.listeners),
--- /dev/null
+commit 5b58c92dc9357a87aa3fe94c8121f683feb9c80e
+Author: Frédéric Lécaille <flecaille@haproxy.com>
+Date: Wed Jul 18 14:25:26 2018 +0200
+
+ BUG/MINOR: lua: Bad HTTP client request duration.
+
+ HTTP LUA applet callback should not update the date on which the HTTP client requests
+ arrive. This was done just after the LUA applet has completed its job.
+
+ This patch simply removes the affected statement. The same fixe has been applied
+ to TCP LUA applet callback.
+
+ To reproduce this issue, as reported by Patrick Hemmer, implement an HTTP LUA applet
+ which sleeps a bit before replying:
+
+ core.register_service("foo", "http", function(applet)
+ core.msleep(100)
+ applet:set_status(200)
+ applet:start_response()
+ end)
+
+ This had as a consequence to log %TR field with approximatively the same value as
+ the LUA sleep time.
+
+ Thank you to Patrick Hemmer for having reported this issue.
+
+ Must be backported to 1.8, 1.7 and 1.6.
+
+ (cherry picked from commit 83ed5d58d2c767d03ce97aef484863a6e1c37a94)
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/src/hlua.c b/src/hlua.c
+index daf775fc..8147ed15 100644
+--- a/src/hlua.c
++++ b/src/hlua.c
+@@ -6374,9 +6374,6 @@ static void hlua_applet_tcp_fct(struct appctx *ctx)
+ case HLUA_E_OK:
+ ctx->ctx.hlua_apptcp.flags |= APPLET_DONE;
+
+- /* log time */
+- strm->logs.tv_request = now;
+-
+ /* eat the whole request */
+ co_skip(si_oc(si), si_ob(si)->o);
+ res->flags |= CF_READ_NULL;
+@@ -6675,9 +6672,8 @@ static void hlua_applet_http_fct(struct appctx *ctx)
+
+ /* close the connection. */
+
+- /* status / log */
++ /* status */
+ strm->txn->status = ctx->ctx.hlua_apphttp.status;
+- strm->logs.tv_request = now;
+
+ /* eat the whole request */
+ co_skip(si_oc(si), si_ob(si)->o);
--- /dev/null
+commit d9a130e1962c2a5352f33088c563f4248a102c48
+Author: Willy Tarreau <w@1wt.eu>
+Date: Fri Aug 24 15:48:59 2018 +0200
+
+ BUG/MEDIUM: mux_pt: dereference the connection with care in mux_pt_wake()
+
+ mux_pt_wake() calls data->wake() which can return -1 indicating that the
+ connection was just destroyed. We need to check for this condition and
+ immediately exit in this case otherwise we dereference a just freed
+ connection. Note that this mainly happens on idle connections between
+ two HTTP requests. It can have random implications between requests as
+ it may lead a wrong connection's polling to be re-enabled or disabled
+ for example, especially with threads.
+
+ This patch must be backported to 1.8.
+
+ (cherry picked from commit ad7f0ad1c3c9c541a4c315b24d4500405d1383ee)
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/src/mux_pt.c b/src/mux_pt.c
+index a68b9621..c43e30f2 100644
+--- a/src/mux_pt.c
++++ b/src/mux_pt.c
+@@ -51,6 +51,9 @@ static int mux_pt_wake(struct connection *conn)
+
+ ret = cs->data_cb->wake ? cs->data_cb->wake(cs) : 0;
+
++ if (ret < 0)
++ return ret;
++
+ /* If we had early data, and we're done with the handshake
+ * then whe know the data are safe, and we can remove the flag.
+ */
PKG_NAME:=https_dns_proxy
PKG_VERSION:=2018-04-23
-PKG_RELEASE=1
+PKG_RELEASE=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_MIRROR_HASH:=24b7e4238c37e646f33eee3a374f6b7beb5c167b9c5008cc13b51e5f1f3a44ea
config https_dns_proxy
option listen_addr '127.0.0.1'
option listen_port '5053'
+ option bootstrap_dns '8.8.8.8,8.8.4.4'
+ option url_prefix 'https://dns.google.com/resolve?'
+ option user 'nobody'
+ option group 'nogroup'
+ option subnet_addr ''
+ option proxy_server ''
+
+config https_dns_proxy
+ option listen_addr '127.0.0.1'
+ option listen_port '5054'
+ option bootstrap_dns '1.1.1.1,1.0.0.1'
+ option url_prefix 'https://cloudflare-dns.com/dns-query?ct=application/dns-json&'
option user 'nobody'
option group 'nogroup'
option subnet_addr ''
option proxy_server ''
- option url_prefix 'https://dns.google.com/resolve?'
#!/bin/sh /etc/rc.common
START=80
-
USE_PROCD=1
-PROG=/usr/sbin/https_dns_proxy
-
-start_instance() {
- local cfg="$1"
- local listen_addr listen_port user group
- config_get listen_addr "$cfg" listen_addr
- config_get listen_port "$cfg" listen_port
- config_get user "$cfg" user
- config_get group "$cfg" group
- config_get subnet_addr "$cfg" subnet_addr
- config_get proxy_server "$cfg" proxy_server
- config_get url_prefix "$cfg" url_prefix
+PROG=/usr/sbin/https_dns_proxy
- if [ -n "$subnet_addr" ]; then
- subnet_param="-e $subnet_addr"
- fi
+xappend() { param="$param $1"; }
+
+append_parm() {
+ local section="$1"
+ local option="$2"
+ local switch="$3"
+ local default="$4"
+ local _loctmp
+ config_get _loctmp "$section" "$option" "$default"
+ [ -z "$_loctmp" ] && return 0
+ xappend "$switch $_loctmp"
+}
- if [ -n "$proxy_server" ]; then
- proxy_param="-t $proxy_server"
- fi
+start_instance() {
+ local cfg="$1" param
- if [ -z "$url_prefix" ]; then
- url_prefix="https://dns.google.com/resolve?"
- fi
+ append_parm "$cfg" 'listen_addr' '-a' '127.0.0.1'
+ append_parm "$cfg" 'listen_port' '-p' '5053'
+ append_parm "$cfg" 'bootstrap_dns' '-b'
+ append_parm "$cfg" 'url_prefix' '-r'
+ append_parm "$cfg" 'user' '-u' 'nobody'
+ append_parm "$cfg" 'group' '-g' 'nogroup'
+ append_parm "$cfg" 'subnet_addr' '-e'
+ append_parm "$cfg" 'proxy_server' '-t'
procd_open_instance
- procd_set_param command ${PROG} \
- -a "$listen_addr" -p "$listen_port" \
- -u "$user" -g "$group" $subnet_param $proxy_param \
- -r "$url_prefix"
+ procd_set_param command ${PROG} ${param}
procd_set_param respawn
procd_close_instance
}
PKG_NAME:=kadnode
-PKG_VERSION:=2.2.3
+PKG_VERSION:=2.2.5
PKG_RELEASE:=1
PKG_LICENSE:=MIT
PKG_SOURCE_URL:=https://codeload.github.com/mwarning/KadNode/tar.gz/v$(PKG_VERSION)?
PKG_SOURCE:=kadnode-$(PKG_VERSION).tar.gz
-PKG_HASH:=1f5538a4b904fd2a624a2046f9320f72357af619190188f14bfdb15b5e5f8488
+PKG_HASH:=a72dc54d1869e47e374935cf44aa888a9b13c9dc017ae22e29cf13ead38a506b
PKG_BUILD_DIR:=$(BUILD_DIR)/KadNode-$(PKG_VERSION)
include $(TOPDIR)/rules.mk
PKG_NAME:=linuxptp
-PKG_VERSION:=1.9.2
+PKG_VERSION:=2.0
PKG_RELEASE:=1
PKG_MAINTAINER:=Wojciech Dubowik <Wojciech.Dubowik@neratec.com>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tgz
PKG_SOURCE_URL:=@SF/$(PKG_NAME)/v$(PKG_VERSION)
-PKG_HASH:=7f662e65c66c37ff211dc525476626875c2b74162ded05c8a25d036fb963b8d0
+PKG_HASH:=0a24d9401e87d4af023d201e234d91127d82c350daad93432106284aa9459c7d
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=COPYING
include $(TOPDIR)/rules.mk
PKG_NAME:=mosquitto
-PKG_VERSION:=1.5
+PKG_VERSION:=1.5.1
PKG_RELEASE:=3
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=LICENSE.txt
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=http://mosquitto.org/files/source/
-PKG_HASH:=80c9606a906c736fe582b67bdfb650ee45239fea058fe34927f81277d3486e21
+PKG_SOURCE_URL:=https://mosquitto.org/files/source/
+PKG_HASH:=8557bc7ae34dfaf32a0fb56d2491b7a7f731269c88337227233013502df4d5b0
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
include $(INCLUDE_DIR)/package.mk
PKG_NAME:=mtr
PKG_VERSION:=0.92
-PKG_RELEASE:=2
-
-PKG_MAINTAINER:=Jonathan McCrohan <jmccrohan@gmail.com>
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://codeload.github.com/traviscross/mtr/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=568a52911a8933496e60c88ac6fea12379469d7943feb9223f4337903e4bc164
+PKG_SOURCE_URL:=https://www.bitwizard.nl/mtr/files
+PKG_HASH:=f2979db9e2f41aa8e6574e7771767c9afe111d9213814eb47f5e1e71876e4382
+PKG_MAINTAINER:=Jonathan McCrohan <jmccrohan@gmail.com>
PKG_LICENSE:=GPL-2.0+
PKG_LICENSE_FILES:=COPYING
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
-PKG_FIXUP:=autoreconf
-
include $(INCLUDE_DIR)/package.mk
define Package/mtr
--without-gtk \
$(call autoconf_bool,CONFIG_IPV6,ipv6)
+CONFIGURE_VARS += ac_cv_lib_cap_cap_set_proc=no
+
define Build/Configure
- echo $(PKG_VERSION) > .tarball-version
$(call Build/Configure/Default)
endef
+++ /dev/null
-diff --git a/configure.ac b/configure.ac
-index a08ce67..83bf094 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -106,10 +106,6 @@ AS_IF([test "x$with_ncurses" = "xyes"],
- ])
- AM_CONDITIONAL([WITH_CURSES], [test "x$with_ncurses" = xyes])
-
--AC_CHECK_LIB([cap], [cap_set_proc], [],
-- AS_IF([test "$host_os" = linux-gnu],
-- AC_MSG_WARN([Capabilities support is strongly recommended for increased security. See SECURITY for more information.])))
--
- # Enable ipinfo
- AC_ARG_WITH([ipinfo],
- [AS_HELP_STRING([--without-ipinfo], [Do not try to use ipinfo lookup at all])],
+++ /dev/null
-From 94218682b15832fd6f8ed09a767941974075a1b4 Mon Sep 17 00:00:00 2001
-From: "R.E. Wolff" <R.E.Wolff@BitWizard.nl>
-Date: Tue, 7 Nov 2017 17:24:14 +0100
-Subject: [PATCH] Sami Kerola: prevent MTR reporting unknown revision
-
----
- Makefile.am | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/Makefile.am b/Makefile.am
-index c0709ca..23ac1fc 100644
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -156,3 +156,7 @@ endif # if CYGWIN
- if BUILD_BASH_COMPLETION
- dist_bashcompletion_DATA = bash-completion/mtr
- endif
-+
-+dist-hook:
-+ $(AM_V_GEN)echo $(VERSION) > $(distdir)/.tarball-version
-+
---
-2.17.1
-
include $(TOPDIR)/rules.mk
PKG_NAME:=mwan3
-PKG_VERSION:=2.6.18
+PKG_VERSION:=2.7.0
PKG_RELEASE:=1
PKG_MAINTAINER:=Florian Eckert <fe@dev.tdt.de>
PKG_LICENSE:=GPLv2
config globals 'globals'
option mmx_mask '0x3F00'
- option local_source 'lan'
+ option local_source 'none'
+ option rtmon_interval '5'
config interface 'wan'
option enabled '1'
--- /dev/null
+#!/bin/sh
+
+. /lib/functions.sh
+. /lib/functions/network.sh
+. /lib/mwan3/mwan3.sh
+
+config_load mwan3
+config_get_bool enabled globals 'enabled' '0'
+[ ${enabled} -gt 0 ] || exit 0
+
+if [ "$ACTION" == "ifup" ]; then
+ mwan3_lock
+ mwan3_rtmon
+ mwan3_unlock
+fi
+
+exit 0
MMX_UNREACHABLE=""
MM_UNREACHABLE=""
+mwan3_rtmon_ipv4()
+{
+ local tid=1
+ local idx=0
+ local ret=1
+ main_tbsum=$($IP4 route list table main | grep -v ^default | md5sum | head -c32)
+ while uci get mwan3.@interface[$idx] >/dev/null 2>&1 ; do
+ idx=$((idx+1))
+ tid=$idx
+ [ "$(uci get mwan3.@interface[$((idx-1))].family)" = "ipv4" ] && {
+ if $IP4 route list table $tid | grep -q ^default; then
+ tbsum=$($IP4 route list table $tid | grep -v ^default | md5sum | head -c32)
+ if [ "$tbsum" != "$main_tbsum" ]; then
+ $IP4 route list table $tid | grep -v ^default | while read line; do
+ $IP4 route del table $tid $line
+ done
+ $IP4 route list table main | grep -v ^default | while read line; do
+ $IP4 route add table $tid $line
+ done
+ fi
+ fi
+ }
+ if [ "$(uci get mwan3.@interface[$((idx-1))].enabled)" = "1" ]; then
+ ret=0
+ fi
+ done
+ return $ret
+}
+
+mwan3_rtmon_ipv6()
+{
+ local tid=1
+ local idx=0
+ local ret=1
+ main_tbsum=$($IP6 route list table main | grep -v "^default\|^::/" | md5sum | head -c32)
+ while uci get mwan3.@interface[$idx] >/dev/null 2>&1 ; do
+ idx=$((idx+1))
+ tid=$idx
+ [ "$(uci get mwan3.@interface[$((idx-1))].family)" = "ipv6" ] && {
+ if $IP6 route list table $tid | grep -q ^::/0; then
+ tbsum=$($IP6 route list table $tid | grep -v "^default\|^::/" | md5sum | head -c32)
+ if [ "$tbsum" != "$main_tbsum" ]; then
+ $IP6 route list table $tid | grep -v "^default\|^::/" | while read line; do
+ $IP6 route del table $tid $line
+ done
+ $IP6 route list table main | grep -v "^default\|^::/" | while read line; do
+ $IP6 route add table $tid $line
+ done
+ fi
+ fi
+ }
+ if [ "$(uci get mwan3.@interface[$((idx-1))].enabled)" = "1" ]; then
+ ret=0
+ fi
+ done
+ return $ret
+}
# counts how many bits are set to 1
# n&(n-1) clears the lowest bit set to 1
$IPT -A mwan3_connected -m set --match-set mwan3_connected dst -j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK
fi
- if ! $IPT -S mwan3_ifaces_out &> /dev/null; then
- $IPT -N mwan3_ifaces_out
- fi
-
if ! $IPT -S mwan3_rules &> /dev/null; then
$IPT -N mwan3_rules
fi
$IPT -A mwan3_hook -j CONNMARK --restore-mark --nfmask $MMX_MASK --ctmask $MMX_MASK
$IPT -A mwan3_hook -m mark --mark 0x0/$MMX_MASK -j mwan3_ifaces_in
$IPT -A mwan3_hook -m mark --mark 0x0/$MMX_MASK -j mwan3_connected
- $IPT -A mwan3_hook -m mark --mark 0x0/$MMX_MASK -j mwan3_ifaces_out
$IPT -A mwan3_hook -m mark --mark 0x0/$MMX_MASK -j mwan3_rules
$IPT -A mwan3_hook -j CONNMARK --save-mark --nfmask $MMX_MASK --ctmask $MMX_MASK
$IPT -A mwan3_hook -m mark ! --mark $MMX_DEFAULT/$MMX_MASK -j mwan3_connected
$IPT4 -N mwan3_ifaces_in
fi
- if ! $IPT4 -S mwan3_ifaces_out &> /dev/null; then
- $IPT4 -N mwan3_ifaces_out
- fi
-
if ! $IPT4 -S mwan3_iface_in_$1 &> /dev/null; then
$IPT4 -N mwan3_iface_in_$1
fi
- if ! $IPT4 -S mwan3_iface_out_$1 &> /dev/null; then
- $IPT4 -N mwan3_iface_out_$1
- fi
-
$IPT4 -F mwan3_iface_in_$1
$IPT4 -A mwan3_iface_in_$1 -i $2 -m set --match-set mwan3_connected src -m mark --mark 0x0/$MMX_MASK -m comment --comment "default" -j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK
$IPT4 -A mwan3_iface_in_$1 -i $2 -m mark --mark 0x0/$MMX_MASK -m comment --comment "$1" -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK
$IPT4 -D mwan3_ifaces_in -m mark --mark 0x0/$MMX_MASK -j mwan3_iface_in_$1 &> /dev/null
$IPT4 -A mwan3_ifaces_in -m mark --mark 0x0/$MMX_MASK -j mwan3_iface_in_$1
-
- $IPT4 -F mwan3_iface_out_$1
- $IPT4 -A mwan3_iface_out_$1 -o $2 -m mark --mark 0x0/$MMX_MASK -m comment --comment "$1" -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK
-
- $IPT4 -D mwan3_ifaces_out -m mark --mark 0x0/$MMX_MASK -j mwan3_iface_out_$1 &> /dev/null
- $IPT4 -A mwan3_ifaces_out -m mark --mark 0x0/$MMX_MASK -j mwan3_iface_out_$1
fi
if [ "$family" == "ipv6" ]; then
$IPT6 -N mwan3_ifaces_in
fi
- if ! $IPT6 -S mwan3_ifaces_out &> /dev/null; then
- $IPT6 -N mwan3_ifaces_out
- fi
-
if ! $IPT6 -S mwan3_iface_in_$1 &> /dev/null; then
$IPT6 -N mwan3_iface_in_$1
fi
- if ! $IPT6 -S mwan3_iface_out_$1 &> /dev/null; then
- $IPT6 -N mwan3_iface_out_$1
- fi
-
$IPT6 -F mwan3_iface_in_$1
$IPT6 -A mwan3_iface_in_$1 -i $2 -m set --match-set mwan3_connected_v6 src -m mark --mark 0x0/$MMX_MASK -m comment --comment "default" -j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK
$IPT6 -A mwan3_iface_in_$1 -i $2 -m mark --mark 0x0/$MMX_MASK -m comment --comment "$1" -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK
$IPT6 -D mwan3_ifaces_in -m mark --mark 0x0/$MMX_MASK -j mwan3_iface_in_$1 &> /dev/null
$IPT6 -A mwan3_ifaces_in -m mark --mark 0x0/$MMX_MASK -j mwan3_iface_in_$1
-
- $IPT6 -F mwan3_iface_out_$1
- $IPT6 -A mwan3_iface_out_$1 -o $2 -m mark --mark 0x0/$MMX_MASK -m comment --comment "$1" -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK
-
- $IPT6 -D mwan3_ifaces_out -m mark --mark 0x0/$MMX_MASK -j mwan3_iface_out_$1 &> /dev/null
- $IPT6 -A mwan3_ifaces_out -m mark --mark 0x0/$MMX_MASK -j mwan3_iface_out_$1
fi
}
$IPT4 -D mwan3_ifaces_in -m mark --mark 0x0/$MMX_MASK -j mwan3_iface_in_$1 &> /dev/null
$IPT4 -F mwan3_iface_in_$1 &> /dev/null
$IPT4 -X mwan3_iface_in_$1 &> /dev/null
-
- $IPT4 -D mwan3_ifaces_out -m mark --mark 0x0/$MMX_MASK -j mwan3_iface_out_$1 &> /dev/null
- $IPT4 -F mwan3_iface_out_$1 &> /dev/null
- $IPT4 -X mwan3_iface_out_$1 &> /dev/null
fi
if [ "$family" == "ipv6" ]; then
$IPT6 -D mwan3_ifaces_in -m mark --mark 0x0/$MMX_MASK -j mwan3_iface_in_$1 &> /dev/null
$IPT6 -F mwan3_iface_in_$1 &> /dev/null
$IPT6 -X mwan3_iface_in_$1 &> /dev/null
-
- $IPT6 -D mwan3_ifaces_out -m mark --mark 0x0/$MMX_MASK -j mwan3_iface_out_$1 &> /dev/null
- $IPT6 -F mwan3_iface_out_$1 &> /dev/null
- $IPT6 -X mwan3_iface_out_$1 &> /dev/null
fi
}
$IP4 route flush table $id
$IP4 route add table $id default $route_args dev $2
+ mwan3_rtmon_ipv4
fi
if [ "$family" == "ipv6" ]; then
$IP6 route flush table $id
$IP6 route add table $id default $route_args dev $2
+ mwan3_rtmon_ipv6
fi
}
$IP4 rule del pref $(($id+2000))
done
- $IP4 rule add pref $(($id+1000)) iif $2 lookup main
+ $IP4 rule add pref $(($id+1000)) iif $2 lookup $id
$IP4 rule add pref $(($id+2000)) fwmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK lookup $id
fi
$IP6 rule del pref $(($id+2000))
done
- $IP6 rule add pref $(($id+1000)) iif $2 lookup main
+ $IP6 rule add pref $(($id+1000)) iif $2 lookup $id
$IP6 rule add pref $(($id+2000)) fwmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK lookup $id
fi
}
done
}
+mwan3_rtmon()
+{
+ pid="$(pgrep -f mwan3rtmon)"
+ if [ "${pid}" != "" ]; then
+ kill -USR1 "${pid}"
+ else
+ [ -x /usr/sbin/mwan3rtmon ] && /usr/sbin/mwan3rtmon &
+ fi
+}
+
mwan3_track()
{
local track_ip track_ips pid
mwan3_set_policy()
{
- local iface_count id iface family metric probability weight
+ local iface_count id iface family metric probability weight device
config_get iface $1 interface
config_get metric $1 metric 1
config_get weight $1 weight 1
[ -n "$iface" ] || return 0
+ network_get_device device $iface
[ "$metric" -gt $DEFAULT_LOWEST_METRIC ] && $LOG warn "Member interface $iface has >$DEFAULT_LOWEST_METRIC metric. Not appending to policy" && return 0
mwan3_get_iface_id id $iface
$IPT4 -I mwan3_policy_$policy -m mark --mark 0x0/$MMX_MASK $probability -m comment --comment "$iface $weight $total_weight_v4" -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK
fi
+ else
+ [ -n "$device" ] && {
+ $IPT4 -S mwan3_policy_$policy | grep -q '.*--comment ".* [0-9]* [0-9]*"' || \
+ $IPT4 -I mwan3_policy_$policy -o $device -m mark --mark 0x0/$MMX_MASK -m comment --comment "out $iface $device" -j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK
+ }
fi
fi
$IPT6 -I mwan3_policy_$policy -m mark --mark 0x0/$MMX_MASK $probability -m comment --comment "$iface $weight $total_weight_v6" -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK
fi
+ else
+ [ -n "$device" ] && {
+ $IPT6 -S mwan3_policy_$policy | grep -q '.*--comment ".* [0-9]* [0-9]*"' || \
+ $IPT6 -I mwan3_policy_$policy -o $device -m mark --mark 0x0/$MMX_MASK -m comment --comment "out $iface $device" -j MARK --set-xmark $MMX_DEFAULT/$MMX_MASK
+ }
fi
fi
}
[ -n "$id" ] || return 0
for IPT in "$IPT4" "$IPT6"; do
- if [ -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" -a -n "$($IPT -S mwan3_iface_out_$1 2> /dev/null)" ]; then
+ if [ -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" ]; then
$IPT -I mwan3_rule_$rule -m mark --mark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK -m set ! --match-set mwan3_sticky_$rule src,src -j MARK --set-xmark 0x0/$MMX_MASK
$IPT -I mwan3_rule_$rule -m mark --mark 0/$MMX_MASK -j MARK --set-xmark $(mwan3_id2mask id MMX_MASK)/$MMX_MASK
fi
if [ -z "$id" -o -z "$device" ]; then
result="unknown"
- elif [ -n "$($IP rule | awk '$1 == "'$(($id+1000)):'"')" -a -n "$($IP rule | awk '$1 == "'$(($id+2000)):'"')" -a -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" -a -n "$($IPT -S mwan3_iface_out_$1 2> /dev/null)" -a -n "$($IP route list table $id default dev $device 2> /dev/null)" ]; then
+ elif [ -n "$($IP rule | awk '$1 == "'$(($id+1000)):'"')" -a -n "$($IP rule | awk '$1 == "'$(($id+2000)):'"')" -a -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" -a -n "$($IP route list table $id default dev $device 2> /dev/null)" ]; then
result="$(mwan3_get_iface_hotplug_state $1)"
- elif [ -n "$($IP rule | awk '$1 == "'$(($id+1000)):'"')" -o -n "$($IP rule | awk '$1 == "'$(($id+2000)):'"')" -o -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" -o -n "$($IPT -S mwan3_iface_out_$1 2> /dev/null)" -o -n "$($IP route list table $id default dev $device 2> /dev/null)" ]; then
+ elif [ -n "$($IP rule | awk '$1 == "'$(($id+1000)):'"')" -o -n "$($IP rule | awk '$1 == "'$(($id+2000)):'"')" -o -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" -o -n "$($IP route list table $id default dev $device 2> /dev/null)" ]; then
result="error"
elif [ "$enabled" == "1" ]; then
result="offline"
for policy in $($IPT4 -S | awk '{print $2}' | grep mwan3_policy_ | sort -u); do
echo "$policy:" | sed 's/mwan3_policy_//'
- [ -n "$total_weight" ] || total_weight=$($IPT4 -S $policy | cut -s -d'"' -f2 | head -1 | awk '{print $3}')
+ [ -n "$total_weight" ] || total_weight=$($IPT4 -S $policy | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | head -1 | awk '{print $3}')
if [ ! -z "${total_weight##*[!0-9]*}" ]; then
- for iface in $($IPT4 -S $policy | cut -s -d'"' -f2 | awk '{print $1}'); do
- weight=$($IPT4 -S $policy | cut -s -d'"' -f2 | awk '$1 == "'$iface'"' | awk '{print $2}')
+ for iface in $($IPT4 -S $policy | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | awk '{print $1}'); do
+ weight=$($IPT4 -S $policy | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | awk '$1 == "'$iface'"' | awk '{print $2}')
percent=$(($weight*100/$total_weight))
echo " $iface ($percent%)"
done
else
- echo " $($IPT4 -S $policy | sed '/.*--comment \([^ ]*\) .*$/!d;s//\1/;q')"
+ echo " $($IPT4 -S $policy | grep -v '.*--comment "out .*" .*$' | sed '/.*--comment \([^ ]*\) .*$/!d;s//\1/;q')"
fi
unset total_weight
for policy in $($IPT6 -S | awk '{print $2}' | grep mwan3_policy_ | sort -u); do
echo "$policy:" | sed 's/mwan3_policy_//'
- [ -n "$total_weight" ] || total_weight=$($IPT6 -S $policy | cut -s -d'"' -f2 | head -1 | awk '{print $3}')
+ [ -n "$total_weight" ] || total_weight=$($IPT6 -S $policy | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | head -1 | awk '{print $3}')
if [ ! -z "${total_weight##*[!0-9]*}" ]; then
- for iface in $($IPT6 -S $policy | cut -s -d'"' -f2 | awk '{print $1}'); do
- weight=$($IPT6 -S $policy | cut -s -d'"' -f2 | awk '$1 == "'$iface'"' | awk '{print $2}')
+ for iface in $($IPT6 -S $policy | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | awk '{print $1}'); do
+ weight=$($IPT6 -S $policy | grep -v '.*--comment "out .*" .*$' | cut -s -d'"' -f2 | awk '$1 == "'$iface'"' | awk '{print $2}')
percent=$(($weight*100/$total_weight))
echo " $iface ($percent%)"
done
else
- echo " $($IPT6 -S $policy | sed '/.*--comment \([^ ]*\) .*$/!d;s//\1/;q')"
+ echo " $($IPT6 -S $policy | grep -v '.*--comment "out .*" .*$' | sed '/.*--comment \([^ ]*\) .*$/!d;s//\1/;q')"
fi
unset total_weight
{
local ipset route rule table IP IPT pid src_ip
+ for pid in $(pgrep -f "mwan3rtmon"); do
+ kill -TERM "$pid" > /dev/null 2>&1
+ sleep 1
+ kill -KILL "$pid" > /dev/null 2>&1
+ done
+
for pid in $(pgrep -f "mwan3track"); do
kill -TERM "$pid" > /dev/null 2>&1
sleep 1
--- /dev/null
+#!/bin/sh
+
+. /lib/functions.sh
+. /lib/mwan3/mwan3.sh
+
+LOG="logger -t $(basename "$0")[$$] -p"
+
+clean_up() {
+ $LOG notice "Stopping mwan3rtmon..."
+ exit 0
+}
+
+rtchange() {
+ $LOG info "Detect rtchange event."
+}
+
+main() {
+ local rtmon_interval
+ trap clean_up TERM
+ trap rtchange USR1
+
+ config_load mwan3
+ config_get rtmon_interval globals rtmon_interval '5'
+
+ sleep 3
+ while mwan3_rtmon_ipv4 || mwan3_rtmon_ipv6; do
+ [ "$rtmon_interval" = "0" ] && break
+ sleep $rtmon_interval
+ done
+}
+
+main "$@"
PKG_NAME:=nfs-kernel-server
PKG_VERSION:=2.3.2
PKG_RELEASE:=2
-PKG_HASH:=1748a046e452ceb2285cc07b61ec0f85af7c92ac443e111a6c8a1061254ca717
+PKG_HASH:=a6418fc6b80e39a360a236d1a575e2e3258dc5582808e524b19f716b3cd66224
PKG_SOURCE_URL:=@SF/nfs
-PKG_SOURCE:=nfs-utils-$(PKG_VERSION).tar.bz2
+PKG_SOURCE:=nfs-utils-$(PKG_VERSION).tar.xz
HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/nfs-utils-$(PKG_VERSION)
PKG_BUILD_DIR:=$(BUILD_DIR)/nfs-utils-$(PKG_VERSION)
include $(TOPDIR)/rules.mk
PKG_NAME:=nginx
-PKG_VERSION:=1.15.2
-PKG_RELEASE:=2
+PKG_VERSION:=1.15.3
+PKG_RELEASE:=1
PKG_SOURCE:=nginx-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://nginx.org/download/
-PKG_HASH:=eeba09aecfbe8277ac33a5a2486ec2d6731739f3c1c701b42a0c3784af67ad90
+PKG_HASH:=9391fb91c3e2ebd040a4e3ac2b2f0893deb6232edc30a8e16fcc9c3fa9d6be85
PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de> \
Ansuel Smith <ansuelsmth@gmail.com>
TITLE:=Nginx web server
URL:=http://nginx.org/
DEPENDS:=+NGINX_PCRE:libpcre +(NGINX_SSL||NGINX_HTTP_CACHE||NGINX_HTTP_AUTH_BASIC):libopenssl \
- +NGINX_HTTP_GZIP:zlib +NGINX_LUA:liblua +libpthread
+ +NGINX_HTTP_GZIP:zlib +NGINX_LUA:liblua +libpthread +NGINX_DAV:libexpat
endef
define Package/nginx/description
define Package/nginx-all-module
$(Package/nginx/default)
TITLE += with ALL module selected
- DEPENDS:=+libpcre +libopenssl +zlib +liblua +libpthread
+ DEPENDS:=+libpcre +libopenssl +zlib +liblua +libpthread +libexpat
VARIANT:=all-module
PROVIDES:=nginx
endef
ADDITIONAL_MODULES += --with-http_flv_module
endif
ifeq ($(CONFIG_NGINX_DAV),y)
- ADDITIONAL_MODULES += --with-http_dav_module
+ ADDITIONAL_MODULES += --with-http_dav_module --add-module=$(PKG_BUILD_DIR)/nginx-dav-ext-module
endif
ifeq ($(CONFIG_NGINX_HTTP_AUTH_REQUEST),y)
ADDITIONAL_MODULES += --with-http_auth_request_module
CONFIG_NGINX_TS_MODULE:=y
CONFIG_NGINX_NAXSI:=y
CONFIG_NGINX_LUA:=y
+ CONFIG_NGINX_DAV:=y
ADDITIONAL_MODULES += --with-http_ssl_module --add-module=$(PKG_BUILD_DIR)/nginx-naxsi/naxsi_src \
--add-module=$(PKG_BUILD_DIR)/lua-nginx --with-ipv6 --with-http_stub_status_module --with-http_flv_module \
- --with-http_dav_module --with-http_auth_request_module --with-http_v2_module --with-http_realip_module \
+ --with-http_dav_module --add-module=$(PKG_BUILD_DIR)/nginx-dav-ext-module \
+ --with-http_auth_request_module --with-http_v2_module --with-http_realip_module \
--with-http_secure_link_module --with-http_sub_module --add-module=$(PKG_BUILD_DIR)/nginx-headers-more \
--add-module=$(PKG_BUILD_DIR)/nginx-brotli --add-module=$(PKG_BUILD_DIR)/nginx-rtmp \
--add-module=$(PKG_BUILD_DIR)/nginx-ts
$(Prepare/nginx-headers-more)
$(Prepare/nginx-rtmp)
$(Prepare/nginx-ts)
+ $(Prepare/nginx-dav-ext-module)
endef
endef
endif
+
+ifeq ($(CONFIG_NGINX_DAV),y)
+ define Download/nginx-dav-ext-module
+ VERSION:=430fd774fe838a04f1a5defbf1dd571d42300cf9
+ SUBDIR:=nginx-dav-ext-module
+ FILE:=nginx-dav-ext-module-$(PKG_VERSION)-$$(VERSION).tar.gz
+ URL:=https://github.com/arut/nginx-dav-ext-module.git
+ MIRROR_HASH:=0566053a8756423ecab455fd9d218cec1e017598fcbb3d6415a06f816851611e
+ PROTO:=git
+ endef
+ $(eval $(call Download,nginx-dav-ext-module))
+
+ define Prepare/nginx-dav-ext-module
+ $(eval $(Download/nginx-dav-ext-module))
+ gzip -dc $(DL_DIR)/$(FILE) | tar -C $(PKG_BUILD_DIR) $(TAR_OPTIONS)
+ endef
+endif
+
$(eval $(call BuildPackage,nginx))
$(eval $(call BuildPackage,nginx-ssl))
$(eval $(call BuildPackage,nginx-all-module))
expires 365d;
}
- location / {
- index index.html;
- include luci_uwsgi.conf;
- }
-
- location /luci-static {
-
- }
+ include luci_uwsgi.conf;
+
}
}
\ No newline at end of file
expires 365d;
}
- location / {
- index index.html;
- include luci_uwsgi.conf;
- }
-
- location /luci-static {
-
- }
+ include luci_uwsgi.conf;
+
}
}
\ No newline at end of file
-uwsgi_param QUERY_STRING $query_string;
-uwsgi_param REQUEST_METHOD $request_method;
-uwsgi_param CONTENT_TYPE $content_type;
-uwsgi_param CONTENT_LENGTH $content_length if_not_empty;
-uwsgi_param REQUEST_URI $request_uri;
-uwsgi_param PATH_INFO $document_uri;
-uwsgi_param SERVER_PROTOCOL $server_protocol;
-uwsgi_param REMOTE_ADDR $remote_addr;
-uwsgi_param REMOTE_PORT $remote_port;
-uwsgi_param SERVER_ADDR $server_addr;
-uwsgi_param SERVER_PORT $server_port;
-uwsgi_param SERVER_NAME $server_name;
-uwsgi_modifier1 9;
-uwsgi_pass unix:////var/run/uwsgi.sock;
\ No newline at end of file
+location /cgi-bin/luci {
+ index index.html;
+ uwsgi_param QUERY_STRING $query_string;
+ uwsgi_param REQUEST_METHOD $request_method;
+ uwsgi_param CONTENT_TYPE $content_type;
+ uwsgi_param CONTENT_LENGTH $content_length if_not_empty;
+ uwsgi_param REQUEST_URI $request_uri;
+ uwsgi_param PATH_INFO $document_uri;
+ uwsgi_param SERVER_PROTOCOL $server_protocol;
+ uwsgi_param REMOTE_ADDR $remote_addr;
+ uwsgi_param REMOTE_PORT $remote_port;
+ uwsgi_param SERVER_ADDR $server_addr;
+ uwsgi_param SERVER_PORT $server_port;
+ uwsgi_param SERVER_NAME $server_name;
+ uwsgi_modifier1 9;
+ uwsgi_pass unix:////var/run/uwsgi.sock;
+}
+
+location /luci-static {
+}
\ No newline at end of file
include $(TOPDIR)/rules.mk
PKG_NAME:=ntp
-PKG_VERSION:=4.2.8p11
+PKG_VERSION:=4.2.8p12
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/
-PKG_HASH:=f14a39f753688252d683ff907035ffff106ba8d3db21309b742e09b5c3cd278e
+PKG_HASH:=709b222b5013d77d26bfff532b5ea470a8039497ef29d09363931c036cb30454
PKG_LICENSE:=Unique
PKG_LICENSE_FILES:=COPYRIGHT html/copyright.html
PKG_FIXUP:=autoreconf
PKG_LIBTOOL_PATHS:=. sntp
PKG_CHECK_FORMAT_SECURITY:=0
+PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
PKG_NAME:=nut
PKG_VERSION:=2.7.4
-PKG_RELEASE:=7
+PKG_RELEASE:=8
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://www.networkupstools.org/source/2.7/
PKG_HASH:=980e82918c52d364605c0703a5dcf01f74ad2ef06e3d365949e43b7d406d25a7
PKG_MAINTAINER:=Daniel Dickinson <cshored@thecshore.com>
-PKG_LICENSE:=GPL-2.0
-PKG_LICENSE_FILES:=LICENSE-GPL2
+PKG_LICENSE:=GPL-2.0+ GPL-3.0+ GPL-1.0+ Artistic-1.0-Perl
+PKG_LICENSE_FILES:=LICENSE-GPL2 LICENSE-GPL3 COPYING
PKG_FIXUP:=autoreconf
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
endef
define Package/nut-server/install
+ # Server portion
$(INSTALL_DIR) $(1)/etc/nut
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_DIR) $(1)/usr/share/nut
- $(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/nut-server.init $(1)/etc/init.d/nut-server
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/upsd $(1)/usr/sbin
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/upsdrvctl $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/nut/cmdvartab $(1)/usr/share/nut/
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/nut/driver.list $(1)/usr/share/nut/
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_CONF) ./files/nut_server $(1)/etc/config/nut_server
- ln -sf /var/etc/nut/nut.conf $(1)/etc/nut/nut.conf
- ln -sf /var/etc/nut/ups.conf $(1)/etc/nut/ups.conf
ln -sf /var/etc/nut/upsd.users $(1)/etc/nut/upsd.users
ln -sf /var/etc/nut/upsd.conf $(1)/etc/nut/upsd.conf
+ # Driver common portion
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/upsdrvctl $(1)/usr/sbin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/nut/driver.list $(1)/usr/share/nut/
+ ln -sf /var/etc/nut/ups.conf $(1)/etc/nut/ups.conf
+ # Mangle libhid.usermap into a format (hotplug shell script) useful for OpenWrt
+ $(INSTALL_DIR) $(1)/etc/hotplug.d/usb
+ $(INSTALL_BIN) ./files/30-libhid-ups.head $(1)/etc/hotplug.d/usb/30-libhid-ups
+ $(CP) $(PKG_INSTALL_DIR)/etc/hotplug/usb/libhid.usermap $(PKG_BUILD_DIR)/30-libhid-ups.middle
+ $(SED) '/^$$$$/d' \
+ -e '/^#/d' \
+ -E -e 's:^[^ ][^ ]* *0x0003 *0x0{0,3}([^ ][^ ]*) *0x{0,3}*([^ ][^ ]*).*:\1/\2/* | \\:' \
+ $(PKG_BUILD_DIR)/30-libhid-ups.middle
+ tail -n+2 $(PKG_BUILD_DIR)/30-libhid-ups.middle >>$(1)/etc/hotplug.d/usb/30-libhid-ups
+ cat ./files/30-libhid-ups.tail >>$(1)/etc/hotplug.d/usb/30-libhid-ups
endef
define Package/nut-common
DEPENDS:= nut \
+NUT_DRIVER_SNMP:libnetsnmp \
+NUT_DRIVER_USB:libusb-compat \
- +NUT_SSL:libopenssl \
- +PACKAGE_libwrap:libwrap
+ +NUT_SSL:libopenssl
endef
define Package/nut-common/description
This package contains the common files.
endef
+define Package/nut-common/conffiles
+/etc/nut/nut.conf
+endef
+
define Package/nut-common/install
$(INSTALL_DIR) $(1)/etc/nut
$(INSTALL_DIR) $(1)/usr/lib
$(call Package/nut/Default)
TITLE+= (server)
DEPENDS:=nut +nut-common
+ USERID:=nut=113:nut=113
endef
define Package/nut-server/description
define Package/nut-server/conffiles
/etc/config/nut_server
+/etc/nut/upsd.conf
+/etc/nut/upsd.users
+/etc/nut/ups.conf
endef
define Package/nut-upsmon
$(call Package/nut/Default)
TITLE+= (monitor)
DEPENDS:=nut +nut-common
- USERID:=nut=113:nut=113
+ USERID:=nutmon=114:nutmon=114
endef
define Package/nut-upsmon/description
define Package/nut-upsmon/conffiles
/etc/config/nut_monitor
+/etc/nut/upsmon.conf
endef
define Package/nut-upsmon/install
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/nut-monitor.init $(1)/etc/init.d/nut-monitor
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/upsmon $(1)/usr/sbin/
+ $(INSTALL_BIN) ./files/nutshutdown $(1)/usr/sbin/nutshutdown
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_CONF) ./files/nut_monitor $(1)/etc/config/nut_monitor
ln -sf /var/etc/nut/upsmon.conf $(1)/etc/nut/upsmon.conf
$(call Package/nut/description/Default)
upsc is provided as a quick way to poll the status of a UPS server. It
can be used inside shell scripts and other programs that need UPS data
-but don not want to include the full interface.
+but do not want to include the full interface.
endef
define Package/nut-upsc/install
$(INSTALL_CONF) ./files/add_nut_httpd_conf $(1)/etc/uci-defaults/add_nut_httpd_conf
$(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/nut/upsstats.html.sample $(1)/etc/nut/upsstats.html
$(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/nut/upsstats-single.html.sample $(1)/etc/nut/upsstats-single.html
- $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/nut/upsset.conf.sample $(1)/etc/nut/upsset.conf
+ $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/nut/upsset.conf.sample $(1)/etc/nut/upsset.conf.disable
+ $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/nut/upsset.conf.sample $(1)/etc/nut/upsset.conf.enable
+ $(SED) 's/### \?//' $(1)/etc/nut/upsset.conf.enable
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_CONF) ./files/nut_cgi $(1)/etc/config/nut_cgi
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/nut-cgi.init $(1)/etc/init.d/nut-cgi
ln -sf /var/etc/nut/hosts.conf $(1)/etc/nut/hosts.conf
+ ln -sf /var/etc/nut/upsset.conf $(1)/etc/nut/upsset.conf
endef
define Package/nut-avahi-service
define Package/nut-driver-$(2)
$(call Package/nut/Default)
TITLE:=$(2) (NUT $(1) driver)
- DEPENDS:=nut +nut-common
+ DEPENDS:=nut +nut-server
$(if $(filter $(1),snmp),DEPENDS+= @NUT_DRIVER_SNMP)
$(if $(filter $(1),usb),DEPENDS+= @NUT_DRIVER_USB)
$(if $(filter $(1),serial),DEPENDS+= @NUT_DRIVER_SERIAL)
--without-avahi \
--$(if $(CONFIG_NUT_DRIVER_SNMP),with,without)-snmp \
--$(if $(CONFIG_NUT_DRIVER_SERIAL),with,without)-serial \
+ --without-doc \
--without-neon \
--without-powerman \
--without-wrap \
+ --with-hotplug-dir=/etc/hotplug \
--with-cgi \
--without-ipmi \
--without-freeipmi \
--- /dev/null
+#!/bin/sh
+
+. /lib/functions.sh
+
+nut_driver_config() {
+ local cfg="$1"
+ local nomatch="$2"
+
+ config_get runas "$cfg" runas "nut"
+ config_get vendorid "$cfg" vendorid
+ config_get productid "$cfg" productid
+
+ [ "$ACTION" = "add" ] &&[ -n "$DEVNAME" ] && {
+ chmod 0660 /dev/"$DEVNAME"
+ chown ${runas:-root}:$(id -gn "${runas:-root}") /dev/"$DEVNAME"
+ }
+
+ if [ "$(printf "%04x" 0x"$pvendid")" = "$vendorid" ] && \
+ [ "$(printf "%04x" 0x"$pprodid")" = "$productid" ]; then
+ [ "$ACTION" = "add" ] && {
+ /etc/init.d/nut-server start "$cfg"
+ }
+ [ "$ACTION" = "remove" ] && {
+ /etc/init.d/nut-server stop "$cfg"
+ }
+ found=1
+ elif [ "$nomatch" = "1" ]; then
+ [ "$ACTION" = "add" ] && {
+ /etc/init.d/nut-server start "$cfg"
+ }
+ [ "$ACTION" = "remove" ] && {
+ /etc/init.d/nut-server stop "$cfg"
+ }
+ fi
+}
+
+perform_libhid_action() {
+ local vendorid productid runas
+ local pvendid pprodid found
+
+ pvendid=${PRODUCT%/*}
+ pvendid=${pvendid%/*}
+ pprodid=${PRODUCT%/*}
+ pprodid=${pprodid##*/}
+
+ config_load nut_server
+ config_foreach nut_driver_config driver 0
+ [ "$found" != "1" ] && config_foreach nut_driver_config driver 1
+}
+
+[ -n "$PRODUCT" ] && case "$PRODUCT" in
--- /dev/null
+"")
+ [ -d /var/run/nut ] && [ ! -f /var/run/nut/disable-hotplug ] && \
+ /etc/init.d/nut-server enabled && perform_libhid_action
+ ;;
+esac
# See /LICENSE for more information.
#
START=51
+USE_PROCD=1
DEFAULT=/etc/default/nut
UPSCGI_C=/var/etc/nut/hosts.conf
+UPSCGI_S=/var/etc/nut/upsset.conf
+
+nut_upscgi_upsset() {
+ local cfg="$1"
+ local enable
+
+ config_get_bool enable "$cfg" enable 0
+
+ [ $enable -eq 1 ] && {
+ ln -sf /etc/nut/upsset.conf.enable "$UPSCGI_S"
+ } || {
+ ln -sf /etc/nut/upsset.conf.disable "$UPSCGI_S"
+ }
+}
nut_upscgi_add() {
local cfg="$1"
system="$system:$port";
fi
config_get displayname "$cfg" displayname
- echo "MONITOR $system \"$displayname\"" >> $UPSCGI_C
+ echo "MONITOR $system \"$displayname\"" >> "$UPSCGI_C"
}
-start() {
- rm -f $UPSCGI_C
+service_reload() {
+ mkdir -m 0755 -p "$(dirname "$UPSCGI_C")"
+ rm -f "$UPSCGI_C"
+ rm -f "$UPSCGI_S"
config_load nut_cgi
config_foreach nut_upscgi_add host
+ config_foreach nut_upscgi_upsset upsset
chmod 640 /var/etc/nut/hosts.conf
}
-stop() {
- rm -f $UPSCGI_C
+start_service() {
+ service_reload
+}
+
+stop_service() {
+ rm -f "$UPSCGI_C"
+ rm -f "$UPSCGI_S"
+ ln -sf /etc/nut/upsset.conf.disable "$UPSCGI_S"
}
+service_triggers() {
+ procd_add_reload_trigger "nut_cgi"
+}
nut_upsmon_conf() {
local cfg="$1"
+ local RUNAS val optval
- echo "# Config file automatically generated from UCI config" > $UPSMON_C
+ echo "# Config file automatically generated from UCI config" > "$UPSMON_C"
- config_get runas "$cfg" runas "nut"
- [ -n "$runas" ] && echo "RUN_AS_USER $runas" >> $UPSMON_C
+ config_get RUNAS "$cfg" runas "nutmon"
+ [ -n "$RUNAS" ] && echo "RUN_AS_USER $RUNAS" >> "$UPSMON_C"
+ runas=$RUNAS
config_get val "$cfg" minsupplies 1
- echo "MINSUPPLIES $val" >> $UPSMON_C
+ echo "MINSUPPLIES $val" >> "$UPSMON_C"
- config_get val "$cfg" shutdowncmd "/sbin/halt"
- echo "SHUTDOWNCMD \"$val\"" >> $UPSMON_C
+ config_get val "$cfg" shutdowncmd "/usr/sbin/nutshutdown"
+ echo "SHUTDOWNCMD \"$val\"" >> "$UPSMON_C"
config_get val "$cfg" notifycmd
- [ -n "$val" ] && echo "NOTIFYCMD \"$val\"" >> $UPSMON_C
+ [ -n "$val" ] && echo "NOTIFYCMD \"$val\"" >> "$UPSMON_C"
config_get val "$cfg" pollfreq 5
- echo "POLLFREQ $val" >> $UPSMON_C
+ echo "POLLFREQ $val" >> "$UPSMON_C"
config_get val "$cfg" pollfreqalert 5
- echo "POLLFREQALERT $val" >> $UPSMON_C
+ echo "POLLFREQALERT $val" >> "$UPSMON_C"
config_get val "$cfg" hostsync 15
- echo "HOSTSYNC $val" >> $UPSMON_C
+ echo "HOSTSYNC $val" >> "$UPSMON_C"
config_get val "$cfg" deadtime 15
- echo "DEADTIME $val" >> $UPSMON_C
+ echo "DEADTIME $val" >> "$UPSMON_C"
- config_get val "$cfg" powerdownflag /var/run/killpower
- echo "POWERDOWNFLAG $val" >> $UPSMON_C
+ echo "POWERDOWNFLAG /var/run/killpower" >> "$UPSMON_C"
config_get val "$cfg" onlinemsg
- [ -n "$val" ] && echo "NOTIFYMSG ONLINE \"$val\"" >> $UPSMON_C
+ [ -n "$val" ] && echo "NOTIFYMSG ONLINE \"$val\"" >> "$UPSMON_C"
config_get val "$cfg" onbattmsg
- [ -n "$val" ] && echo "NOTIFYMSG ONBATT \"$val\"" >> $UPSMON_C
+ [ -n "$val" ] && echo "NOTIFYMSG ONBATT \"$val\"" >> "$UPSMON_C"
config_get val "$cfg" lowbattmsg
- [ -n "$val" ] && echo "NOTIFYMSG LOWBATT \"$val\"" >> $UPSMON_C
+ [ -n "$val" ] && echo "NOTIFYMSG LOWBATT \"$val\"" >> "$UPSMON_C"
config_get val "$cfg" fsdmsg
- [ -n "$val" ] && echo "NOTIFYMSG FSD \"$val\"" >> $UPSMON_C
+ [ -n "$val" ] && echo "NOTIFYMSG FSD \"$val\"" >> "$UPSMON_C"
config_get val "$cfg" commokmsg
- [ -n "$val" ] && echo "NOTIFYMSG COMMOK \"$val\"" >> $UPSMON_C
+ [ -n "$val" ] && echo "NOTIFYMSG COMMOK \"$val\"" >> "$UPSMON_C"
config_get val "$cfg" commbadmsg
- [ -n "$val" ] && echo "NOTIFYMSG COMMBAD \"$val\"" >> $UPSMON_C
+ [ -n "$val" ] && echo "NOTIFYMSG COMMBAD \"$val\"" >> "$UPSMON_C"
config_get val "$cfg" shutdownmsg
- [ -n "$val" ] && echo "NOTIFYMSG SHUTDOWN \"$val\"" >> $UPSMON_C
+ [ -n "$val" ] && echo "NOTIFYMSG SHUTDOWN \"$val\"" >> "$UPSMON_C"
config_get val "$cfg" replbattmsg
- [ -n "$val" ] && echo "NOTIFYMSG REPLBATT \"$val\"" >> $UPSMON_C
+ [ -n "$val" ] && echo "NOTIFYMSG REPLBATT \"$val\"" >> "$UPSMON_C"
config_get val "$cfg" nocommmsg
- [ -n "$val" ] && echo "NOTIFYMSG NOCOMM \"$val\"" >> $UPSMON_C
+ [ -n "$val" ] && echo "NOTIFYMSG NOCOMM \"$val\"" >> "$UPSMON_C"
config_get val "$cfg" noparentmsg
- [ -n "$val" ] && echo "NOTIFYMSG NOPARENT \"$val\"" >> $UPSMON_C
+ [ -n "$val" ] && echo "NOTIFYMSG NOPARENT \"$val\"" >> "$UPSMON_C"
notifylist() {
local value="$1"
val=""
config_list_foreach "$cfg" defaultnotify notifylist
default="$optval"
- echo "NOTIFYFLAG ONLINE $(setnotify "$cfg" onlinenotify)" >> $UPSMON_C
- echo "NOTIFYFLAG ONBATT $(setnotify "$cfg" onbattnotify)" >> $UPSMON_C
- echo "NOTIFYFLAG LOWBATT $(setnotify "$cfg" lowbatnotify)" >> $UPSMON_C
- echo "NOTIFYFLAG FSD $(setnotify "$cfg" fsdnotify)" >> $UPSMON_C
- echo "NOTIFYFLAG COMMOK $(setnotify "$cfg" commoknotify)" >> $UPSMON_C
- echo "NOTIFYFLAG COMMBAD $(setnotify "$cfg" commbadnotify)" >> $UPSMON_C
- echo "NOTIFYFLAG SHUTDOWN $(setnotify "$cfg" shutdownnotify)" >> $UPSMON_C
- echo "NOTIFYFLAG REPLBATT $(setnotify "$cfg" repolbattnotify)" >> $UPSMON_C
- echo "NOTIFYFLAG NOCOMM $(setnotify "$cfg" nocommnotify)" >> $UPSMON_C
- echo "NOTIFYFLAG NOPARENT $(setnotify "$cfg" noparentnotify)" >> $UPSMON_C
+ echo "NOTIFYFLAG ONLINE $(setnotify "$cfg" onlinenotify)" >> "$UPSMON_C"
+ echo "NOTIFYFLAG ONBATT $(setnotify "$cfg" onbattnotify)" >> "$UPSMON_C"
+ echo "NOTIFYFLAG LOWBATT $(setnotify "$cfg" lowbatnotify)" >> "$UPSMON_C"
+ echo "NOTIFYFLAG FSD $(setnotify "$cfg" fsdnotify)" >> "$UPSMON_C"
+ echo "NOTIFYFLAG COMMOK $(setnotify "$cfg" commoknotify)" >> "$UPSMON_C"
+ echo "NOTIFYFLAG COMMBAD $(setnotify "$cfg" commbadnotify)" >> "$UPSMON_C"
+ echo "NOTIFYFLAG SHUTDOWN $(setnotify "$cfg" shutdownnotify)" >> "$UPSMON_C"
+ echo "NOTIFYFLAG REPLBATT $(setnotify "$cfg" repolbattnotify)" >> "$UPSMON_C"
+ echo "NOTIFYFLAG NOCOMM $(setnotify "$cfg" nocommnotify)" >> "$UPSMON_C"
+ echo "NOTIFYFLAG NOPARENT $(setnotify "$cfg" noparentnotify)" >> "$UPSMON_C"
config_get val "$cfg" rbwarntime 43200
- echo "RBWARNTIME $val" >> $UPSMON_C
+ echo "RBWARNTIME $val" >> "$UPSMON_C"
config_get val "$cfg" nocommwarntime 300
- echo "NOCOMMWARNTIME $val" >> $UPSMON_C
+ echo "NOCOMMWARNTIME $val" >> "$UPSMON_C"
config_get val "$cfg" finaldelay 5
- echo "FINALDELAY $val" >> $UPSMON_C
+ echo "FINALDELAY $val" >> "$UPSMON_C"
config_get val "$cfg" certpath
- if [ -n "$val" ]; then echo "CERTPATH $val" >> $UPSMON_C; fi
+ if [ -n "$val" ]; then echo "CERTPATH $val" >> "$UPSMON_C"; fi
config_get_bool val "$cfg" certverify 0
- if [ -n "$val" ]; then echo "CERTVERIFY $val" >> $UPSMON_C; fi
+ if [ -n "$val" ]; then echo "CERTVERIFY $val" >> "$UPSMON_C"; fi
config_get_bool val "$cfg" forcessl 0
- if [ -n "$val" ]; then echo "FORCESSL $val" >> $UPSMON_C; fi
+ if [ -n "$val" ]; then echo "FORCESSL $val" >> "$UPSMON_C"; fi
}
nut_upsmon_add() {
local password
local system
- # if UPSMON_C is a symlink we're only doing generated config
- [ -L $UPSMON_C ] && {
- rm -f $UPSMON_C
- nut_upsmon_conf ""
- }
-
config_get upsname "$cfg" upsname
config_get hostname "$cfg" hostname localhost
config_get port "$cfg" port
if [ -n "$port" ]; then
system="$system:$port";
fi
- echo "MONITOR $system $powervalue $username $password $type" >> $UPSMON_C
+ echo "MONITOR $system $powervalue $username $password $type" >> "$UPSMON_C"
}
-start_service() {
- mkdir -p "$(dirname "$UPSMON_C")"
- chmod 750 "$(dirname "$UPSMON_C")"
+build_config() {
+ local runas
+ mkdir -m 0750 -p "$(dirname "$UPSMON_C")"
config_load nut_monitor
-
config_foreach nut_upsmon_conf upsmon
config_foreach nut_upsmon_add master master
config_foreach nut_upsmon_add slave slave
- [ -z "$(cat /var/etc/nut/nut.conf)" ] && echo "MODE=netclient" >>/var/etc/nut/nut.conf
-
- chmod 640 $UPSMON_C
- chmod 640 /var/etc/nut/nut.conf
-
- chown ${runas:-root}:$(id -gn ${runas:-root}) /var/etc/nut
- chown ${runas:-root}:$(id -gn ${runas:-root}) /var/etc/nut/nut.conf
- chown ${runas:-root}:$(id -gn ${runas:-root}) $UPSMON_C
-
- [ -d /var/run/nut ] || {
- mkdir -m 0750 -p /var/run/nut
- chown ${runas:-root}:$(id -gn ${runas:-root}) /var/run/nut
+ [ -z "$(cat /var/etc/nut/nut.conf)" ] && {
+ echo "MODE=netclient" >>/var/etc/nut/nut.conf
+ chmod 640 /var/etc/nut/nut.conf
+ chgrp $(id -gn ${runas:-root}) /var/etc/nut/nut.conf
}
- exec $DEBUG /usr/sbin/upsmon $UPSMON_OPTIONS
+ chmod 640 "$UPSMON_C"
+ chgrp $(id -gn ${runas:-root}) "$UPSMON_C"
}
-stop_service() {
- exec /usr/sbin/upsmon -c stop
+start_service() {
+ build_config
+ procd_open_instance
+ procd_set_param respawn
+ procd_set_param stderr 0
+ procd_set_param stdout 1
+ procd_set_param command /usr/sbin/upsmon -D
+ procd_close_instance
}
reload_service() {
- exec /usr/sbin/upsmon -c reload
+ if pgrep upsmon >/dev/null 2>/dev/null; then
+ build_config
+ upsmon -c reload
+ else
+ stop
+ sleep 1
+ start
+ fi
+}
+
+service_triggers() {
+ procd_add_reload_trigger nut_monitor
}
#
START=50
-RUN_D=/var/run
-PID_F=$RUN_D/upsd.pid
-UPS_C=/var/etc/nut/ups.conf
USERS_C=/var/etc/nut/upsd.users
UPSD_C=/var/etc/nut/upsd.conf
+UPS_C=/var/etc/nut/ups.conf
USE_PROCD=1
-listen_address() {
- local cfg="$1"
+get_write_driver_config() {
+ local cfg="$1"
+ local var="$2"
+ local def="$3"
+ local flag="$4"
+ local val
- config_get address "$cfg" address "::1"
- config_get port "$cfg" port
- echo "LISTEN $address $port" >>$UPSD_C
+ [ -z "$flag" ] && {
+ config_get val "$cfg" "$var" "$def"
+ [ -n "$val" ] && [ "$val" != "0" ] && echo "$var = $val" >>"$UPS_C"
+ }
+
+ [ -n "$flag" ] && {
+ config_get_bool val "$cfg" "$var" "$def"
+ [ "$val" = 1 ] && echo "$var" >>"$UPS_C"
+ }
}
upsd_statepath() {
+ local cfg="$1"
+ local statepath
+
+ config_get statepath "$cfg" statepath "/var/run/nut"
+ STATEPATH="$statepath"
+}
+
+listen_address() {
local cfg="$1"
- config_get statepath "$cfg" statepath
+
+ config_get address "$cfg" address "::1"
+ config_get port "$cfg" port
+ echo "LISTEN $address $port" >>"$UPSD_C"
}
upsd_config() {
local cfg="$1"
- local maxage maxconn certfile
+ local maxage maxconn certfile runas statepath
# Note runas support requires you make sure USB device file is readable by
# the runas user
- config_get runas "$cfg" runas
+ config_get runas "$cfg" runas "nut"
+ RUNAS="$runas"
+
+ config_get statepath "$cfg" statepath "/var/run/nut"
+ STATEPATH="$statepath"
config_get maxage "$cfg" maxage
- [ -n "$maxage" ] && echo "MAXAGE $maxage" >>$UPSD_C
+ [ -n "$maxage" ] && echo "MAXAGE $maxage" >>"$UPSD_C"
config_get statepath "$cfg" statepath
- [ -n "$statepath" ] && echo "STATEPATH $statepath" >>$UPSD_C
+ [ -n "$statepath" ] && echo "STATEPATH $statepath" >>"$UPSD_C"
config_get maxconn "$cfg" maxconn
- [ -n "$maxconn" ] && echo "MAXCONN $maxconn" >>$UPSD_C
+ [ -n "$maxconn" ] && echo "MAXCONN $maxconn" >>"$UPSD_C"
#NOTE: certs only apply to SSL-enabled version
config_get certfile "$cfg" certfile
- [ -n "$certfile" ] && echo "CERTFILE $certfile" >>$UPSD_C
+ [ -n "$certfile" ] && echo "CERTFILE $certfile" >>"$UPSD_C"
}
nut_user_add() {
local val
config_get val "$cfg" username "$1"
- echo "[$val]" >> $USERS_C
+ echo "[$val]" >> "$USERS_C"
config_get val "$cfg" password
- echo " password = $val" >> $USERS_C
+ echo " password = $val" >> "$USERS_C"
config_get val "$cfg" actions
for a in $val; do
- echo " actions = $a" >> $USERS_C
+ echo " actions = $a" >> "$USERS_C"
done
instcmd() {
local val="$1"
- echo " instcmds = $val" >> $USERS_C
+ echo " instcmds = $val" >> "$USERS_C"
}
config_list_foreach "$cfg" instcmd instcmd
config_get val "$cfg" upsmon
if [ -n "$val" ]; then
- echo " upsmon $val" >> $USERS_C
+ echo " upsmon $val" >> "$USERS_C"
fi
}
-start_service() {
- local runas statepath
-
- mkdir -p /var/etc/nut
- chmod -R 750 /var/etc/nut
-
- rm -f $UPSD_C
- rm -f $USERS_C
- rm -f $UPSD_C
+build_server_config() {
+ mkdir -m 0755 -p "$(dirname "$UPSD_C")"
+ rm -f "$USERS_C"
+ rm -f "$UPSD_C"
rm -f /var/etc/nut/nut.conf
- echo "# Config file automatically generated from UCI config" > $UPS_C
- echo "# Config file automatically generated from UCI config" > $USERS_C
- echo "# Config file automatically generated from UCI config" > $UPSD_C
-
- local in_driver have_drivers
- config_cb() {
- if [ "$1" != "driver" ]; then
- in_driver=
- else
- echo "[$2]" >> $UPS_C
- in_driver=true
- have_drivers=true
- fi
- }
- option_cb() {
- if [ "$in_driver" = "true" ]; then
- echo " $1 = $2" >> $UPS_C
- fi
- }
-
- config_load nut_server
+ echo "# Config file automatically generated from UCI config" > "$USERS_C"
+ echo "# Config file automatically generated from UCI config" > "$UPSD_C"
config_foreach nut_user_add user
- config_foreach upsd_config upsd
config_foreach listen_address listen_address
-
+ config_foreach upsd_config upsd
echo "MODE=netserver" >>/var/etc/nut/nut.conf
- chmod 0640 $USERS_C
- chmod 0640 $UPS_C
- chmod 0640 $UPSD_C
+ chmod 0640 "$USERS_C"
+ chmod 0640 "$UPSD_C"
chmod 0640 /var/etc/nut/nut.conf
- [ -d "${statepath:-/var/run/nut}" ] || {
- mkdir -m 0750 -p "${statepath:-/var/run/nut}"
- chown $runas:$(id -gn $runas) "${statepath:-/var/run/nut}"
+
+ [ -d "${STATEPATH}" ] || {
+ mkdir -m 0750 -p "${STATEPATH}"
}
- if [ -n "$runas" ]; then
- chown -R $runas:$(id -gn $runas) /var/etc/nut
+ if [ -n "$RUNAS" ]; then
+ chown $RUNAS:$(id -gn $RUNAS) "${STATEPATH}"
+ chgrp $(id -gn $RUNAS) "$USERS_C"
+ chgrp $(id -gn $RUNAS) "$UPSD_C"
fi
+}
- if [ "$have_drivers" = "true" ]; then
- $DEBUG /usr/sbin/upsd ${runas:+-u $runas} $OPTIONS
- $DEBUG /usr/sbin/upsdrvctl ${runas:+-u $runas} start
- fi
+build_driver_config() {
+ local cfg="$1"
+ local runas
+
+ echo "[$cfg]" >>"$UPS_C"
+
+ config_get runas "$cfg" runas "nut"
+ RUNAS="$runas"
+
+ get_write_driver_config "$cfg" driver "usbhid-ups"
+ get_write_driver_config "$cfg" port "auto"
+ get_write_driver_config "$cfg" mfr
+ get_write_driver_config "$cfg" model
+ get_write_driver_config "$cfg" serial
+ get_write_driver_config "$cfg" sdtime
+ get_write_driver_config "$cfg" offdelay 20
+ get_write_driver_config "$cfg" ondelay 30
+ get_write_driver_config "$cfg" pollfreq 30
+ get_write_driver_config "$cfg" vendor
+ get_write_driver_config "$cfg" product
+ get_write_driver_config "$cfg" bus
+ get_write_driver_config "$cfg" interruptonly 0 1
+ get_write_driver_config "$cfg" interruptsize 0
+ get_write_driver_config "$cfg" maxreport
+ get_write_driver_config "$cfg" vendorid
+ get_write_driver_config "$cfg" productid
+ get_write_driver_config "$cfg" community
+ get_write_driver_config "$cfg" snmp_version
+ get_write_driver_config "$cfg" snmp_retries 0
+ get_write_driver_config "$cfg" snmp_timeout 0
+ get_write_driver_config "$cfg" notransferoids 0 1
+ get_write_driver_config "$cfg" other
+ echo "" >>$UPS_C
}
+build_config() {
+ mkdir -m 0755 -p "$(dirname "$UPS_C")"
+ rm -f "$UPS_C"
+ echo "# Config file automatically generated from UCI config" > "$UPS_C"
+ chmod 0640 "$UPS_C"
+
+ config_load nut_server
+ config_foreach build_driver_config driver
+ [ -n "$RUNAS" ] && chgrp $(id -gn $RUNAS) "$UPS_C"
-nut_driver_stop() {
+ build_server_config
+}
+
+start_driver_instance() {
local cfg="$1"
+ local requested="$2"
+ local RUNAS=nut
local driver
- config_get driver "$cfg" driver
+ # If wanting a specific instance, only start it
+ [ "$requested" != "$cfg" ] && [ x"$requested" != x"" ] && return 0
+
+ mkdir -m 0755 -p "$(dirname "$UPS_C")"
+
+ [ ! -s "$UPS_C" ] && build_config
+
- [ -r ${statepath:-/var/run/nut}/$driver-$cfg ] && /usr/sbin/upsdrvctl stop $cfg
+ # Avoid hotplug inadvertenly restarting driver during
+ # forced shutdown
+ [ -f /var/run/killpower ] && return 0
+ [ -d /var/run/nut ] && [ -f /var/run/nut/disable-hotplug ] && return 0
+
+
+ if [ -n "$RUNAS" ]; then
+ chown $RUNAS:$(id -gn $RUNAS) "${STATEPATH}"
+ chown $RUNAS:$(id -gn $RUNAS) "$(dirname "$UPS_C")"
+ fi
+
+ config_get driver "$cfg" driver "usbhid-ups"
+ procd_open_instance "$cfg"
+ procd_set_param respawn
+ procd_set_param stderr 0
+ procd_set_param stdout 1
+ procd_set_param command /lib/nut/${driver} -D -a "$cfg" ${RUNAS:+-u $RUNAS}
+ procd_close_instance
+}
+
+start_server_instance() {
+ local RUNAS STATEPATH
+ build_config
+
+ procd_open_instance "upsd"
+ procd_set_param respawn
+ procd_set_param stderr 0
+ procd_set_param stdout 1
+ procd_set_param command /usr/sbin/upsd -D ${RUNAS:+-u $RUNAS}
+ procd_close_instance
}
-stop_service() {
- [ -r $PID_F ] && /usr/sbin/upsd -c stop
- config_load ups
+start_service() {
+ local STATEPATH=/var/run/nut
+
+ # Avoid hotplug inadvertenly restarting driver during
+ # forced shutdown
+ [ -f /var/run/killpower ] && return 0
+ [ -d /var/run/nut ] && [ -f /var/run/nut/disable-hotplug ] && return 0
+
+ config_load nut_server
config_foreach upsd_statepath upsd
- config_foreach nut_driver_stop driver
+
+ [ -d "${STATEPATH}" ] || {
+ mkdir -m 0750 -p "${STATEPATH}"
+ }
+
+ build_config
+ config_foreach start_driver_instance driver "$@"
+
+ [ "$1" != "upsd" ] && [ x"$1" != x"" ] && return 0
+ start_server_instance "upsd"
}
reload_service() {
- upsd -c reload
+ stop
+ sleep 2
+ start
+}
+
+service_triggers() {
+ procd_add_reload_trigger "nut_server"
}
# option port # optional port number
# option displayname "Display Name"
+config upsset
+ option enable 0
#config upsmon 'upsmon'
-# option runas run-as-user
+# option runas nutmon
# option minsupplies 1
-# option shutdowncmd /sbin/halt
+# option shutdowncmd '/usr/sbin/nutshutdown'
# option notifycmd /path/to/cmd
# list defaultnotify SYSLOG
# option pollfreq 5
# option pollfreqalert 5
# option hostsync 15
# option deadtime 15
-# option powerdownflags /var/run/killpower
# option onlinemsg "online message"
# option onbattmsg "on battery message"
# option lowbattmsg "low battery message"
# option powervalue 1
# option username upsuser
# option password upspassword
-
# option maxage 15
# option statepath /var/run/nut
# option maxconn 1024
+# option runas nut
# NB: certificates only apply to SSL-enabled version
# option certfile /usr/local/etc/upsd.pem
--- /dev/null
+#!/bin/sh
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+. /lib/functions.sh
+
+mount -o remount,ro /overlay /overlay
+mount -o remount,ro / /
+
+stop_instance() {
+ /etc/init.d/nut-server stop "$1"
+}
+
+shutdown_instance() {
+ local cfg="$1"
+ config_get driver "$cfg" driver "usbhid-ups"
+ /lib/nut/${driver} -a "$cfg" -k
+}
+
+[ -f /var/run/killpower ] && {
+ [ -f /etc/config/nut_server ] && {
+ config_load nut_server
+
+ # Can't FSD unless drivers are stopped
+ config_foreach stop_instance driver
+ # Driver will wait 'offdelay' before shutting down
+ config_foreach shutdown_instance driver
+ # So this can happen
+ poweroff
+ # And just in case
+ sleep 120
+ # Uh-oh failed to poweroff UPS
+ reboot -f
+ } || {
+ poweroff
+ }
+} || {
+ poweroff
+}
include $(TOPDIR)/rules.mk
PKG_NAME:=ola
-PKG_VERSION:=0.10.6
-PKG_RELEASE:=3
-
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://github.com/OpenLightingProject/ola.git
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=6e57342c414a72cdd721e8df5bc7967e17459647
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
-PKG_MIRROR_HASH:=c1f36eaedcd9711e42fd362ff84d8e66eb40bc6af97de77129a5074d05fb9936
+PKG_VERSION:=0.10.7
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://codeload.github.com/OpenLightingProject/ola/tar.gz/$(PKG_VERSION)?
+PKG_HASH:=95b5e99775f700a9cdf6e2219eccfc8c037fa8841f87cb00344359c4b8c7bf26
+
PKG_LICENSE:=LGPL-2.1+
PKG_FIXUP:=libtool
-PKG_INSTALL:=1
+PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
PKG_USE_MIPS16:=0
index 22647be..7dcf0de 100644
--- a/Makefile.am
+++ b/Makefile.am
-@@ -32,7 +32,7 @@ AM_DISTCHECK_CONFIGURE_FLAGS = --enable-python-libs
+@@ -45,7 +45,7 @@ AM_DISTCHECK_CONFIGURE_FLAGS = --enable-python-libs
COMMON_CXXFLAGS_ONLY_WARNINGS = \
-I$(top_srcdir)/include \
-I$(top_builddir)/include \
include $(TOPDIR)/rules.mk
PKG_NAME:=openssh
-PKG_VERSION:=7.7p1
-PKG_RELEASE:=2
+PKG_VERSION:=7.8p1
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \
https://ftp.spline.de/pub/OpenBSD/OpenSSH/portable/ \
https://anorien.csc.warwick.ac.uk/pub/OpenBSD/OpenSSH/portable/
-PKG_HASH:=d73be7e684e99efcd024be15a30bffcbe41b012b2f7b3c9084aed621775e6b8f
+PKG_HASH:=1a484bb15152c183bb2514e112aa30dd34138c3cfb032eee5490a66c507144ca
PKG_LICENSE:=BSD ISC
PKG_LICENSE_FILES:=LICENCE
+++ /dev/null
---- a/ssh_config
-+++ b/ssh_config
-@@ -44,3 +44,6 @@
- # VisualHostKey no
- # ProxyCommand ssh -q -W %h:%p gateway.example.com
- # RekeyLimit 1G 1h
-+
-+# enable DSCP QoS values (per RFC-4594)
-+#IPQoS AF21 AF11
---- a/sshd_config
-+++ b/sshd_config
-@@ -106,6 +106,9 @@ AuthorizedKeysFile .ssh/authorized_keys
- # no default banner path
- #Banner none
-
-+# enable DSCP QoS values (per RFC-4594)
-+#IPQoS AF21 AF11
-+
- # override default of no subsystems
- Subsystem sftp /usr/libexec/sftp-server
-
include $(INCLUDE_DIR)/kernel.mk
PKG_NAME:=openvswitch
-PKG_VERSION:=2.9.2
-PKG_RELEASE:=2
+PKG_VERSION:=2.10.0
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.openvswitch.org/releases/
-PKG_HASH:=90f084dc282fdb588a2cfff351fea359492f69600f1e4a1286e24e44901de113
+PKG_HASH:=64f7cdcfffc73b2e09980d04ee22731eadd6453698b92d7397c9e45c7c174050
PKG_LICENSE:=Apache-2.0
PKG_LICENSE_FILES:=LICENSE
-From c27232c954cdbe0207252ad88fddad4fd6ac0fbc Mon Sep 17 00:00:00 2001
+From 054968d5748c9ff73a69155cd64f0e81287d3bb3 Mon Sep 17 00:00:00 2001
From: Helmut Schaa <helmut.schaa@googlemail.com>
Date: Wed, 8 Jan 2014 13:48:33 +0100
-Subject: [PATCH 100/104] netdev-linux: Use unsigned int for ifi_flags
+Subject: [PATCH 100/105] netdev-linux: Use unsigned int for ifi_flags
ifi_flags is unsigned, the local equivalents should do the same.
lib/netdev-linux.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/lib/netdev-linux.c b/lib/netdev-linux.c
+index e16ea58a0..5ada9a21f 100644
--- a/lib/netdev-linux.c
+++ b/lib/netdev-linux.c
-@@ -2810,7 +2810,7 @@ update_flags(struct netdev_linux *netdev
+@@ -3115,7 +3115,7 @@ update_flags(struct netdev_linux *netdev, enum netdev_flags off,
enum netdev_flags on, enum netdev_flags *old_flagsp)
OVS_REQUIRES(netdev->mutex)
{
-From a6df8dd455c8be7c0c2ba79f35cf5390e892b39e Mon Sep 17 00:00:00 2001
+From a3eabe1e639c98ce8537df4ac4187a8c047dac59 Mon Sep 17 00:00:00 2001
From: Helmut Schaa <helmut.schaa@googlemail.com>
Date: Wed, 8 Jan 2014 13:48:49 +0100
-Subject: [PATCH 101/104] netdev-linux: Let interface flag survive internal
+Subject: [PATCH 101/105] netdev-linux: Let interface flag survive internal
port setup
Due to a race condition when bringing up an internal port on Linux
lib/netdev-linux.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
+diff --git a/lib/netdev-linux.c b/lib/netdev-linux.c
+index 5ada9a21f..bb8275cfa 100644
--- a/lib/netdev-linux.c
+++ b/lib/netdev-linux.c
-@@ -2813,7 +2813,13 @@ update_flags(struct netdev_linux *netdev
+@@ -3118,7 +3118,13 @@ update_flags(struct netdev_linux *netdev, enum netdev_flags off,
unsigned int old_flags, new_flags;
int error = 0;
-From b3cc748d502f7f87aeb103b3f69573b0e640e2ba Mon Sep 17 00:00:00 2001
-From: Yousong Zhou <yszhou4tech@gmail.com>
-Date: Wed, 28 Feb 2018 13:42:44 +0800
-Subject: [PATCH 102/104] python: separate host/target python for cross-compile
+From b5c6d8c2e1ba0c3d9b93622f68f6c0b9e9c62f0d Mon Sep 17 00:00:00 2001
+From: Yousong Zhou <zhouyousong@yunionyun.com>
+Date: Tue, 21 Aug 2018 12:21:05 +0000
+Subject: [PATCH 102/105] python: separate host/target python for cross-compile
At the moment, python-six is a requirement for openvswitch python
library on target machine.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
---
- Makefile.am | 2 +-
- m4/openvswitch.m4 | 12 ++++--------
- 2 files changed, 5 insertions(+), 9 deletions(-)
+ Makefile.am | 2 +-
+ m4/openvswitch.m4 | 2 ++
+ 2 files changed, 3 insertions(+), 1 deletion(-)
+diff --git a/Makefile.am b/Makefile.am
+index 788972804..cd90cc176 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -60,7 +60,7 @@ endif
ALL_LOCAL =
BUILT_SOURCES =
+diff --git a/m4/openvswitch.m4 b/m4/openvswitch.m4
+index 5743f83ce..acb6b140e 100644
--- a/m4/openvswitch.m4
+++ b/m4/openvswitch.m4
-@@ -351,20 +351,16 @@ else:
- if test $ovs_cv_python = no; then
- AC_MSG_ERROR([cannot find python 2.7 or higher.])
- fi
-- AM_MISSING_PROG([PYTHON], [python])
-+ AC_SUBST([PYTHON])
- PYTHON=$ovs_cv_python
-+ AM_MISSING_PROG([PYTHON_HOST], [python])
-+ PYTHON_HOST=$ovs_cv_python_host
+@@ -449,7 +449,9 @@ AC_DEFUN([OVS_CHECK_PYTHON],
+ fi])
+ AC_SUBST([PYTHON])
+ PYTHON=$ovs_cv_python
++ PYTHON_HOST=$ovs_cv_python_host
+ AC_SUBST([HAVE_PYTHON])
++ AM_MISSING_PROG([PYTHON_HOST], [python])
+ HAVE_PYTHON=yes
+ AM_CONDITIONAL([HAVE_PYTHON], [test "$HAVE_PYTHON" = yes])])
- # HAVE_PYTHON is always true. (Python has not always been a build
- # requirement, so this variable is now obsolete.)
- AC_SUBST([HAVE_PYTHON])
- HAVE_PYTHON=yes
-- AM_CONDITIONAL([HAVE_PYTHON], [test "$HAVE_PYTHON" = yes])
--
-- AC_MSG_CHECKING([whether $PYTHON has six library])
-- if ! $PYTHON -c 'import six ; six.moves.range' >&AS_MESSAGE_LOG_FD 2>&1; then
-- AC_MSG_ERROR([Missing Python six library or version too old.])
-- fi
-- AC_MSG_RESULT([yes])])
-+ AM_CONDITIONAL([HAVE_PYTHON], [test "$HAVE_PYTHON" = yes])])
-
- dnl Checks for Python 3.x, x >= 4.
- AC_DEFUN([OVS_CHECK_PYTHON3],
-From 05a6fa94778f9d6c54ca676de80708d03d6c365a Mon Sep 17 00:00:00 2001
+From 0b8ef58a26ed8d426acfe1fa27713cbcc2427f3f Mon Sep 17 00:00:00 2001
From: Yousong Zhou <yszhou4tech@gmail.com>
Date: Wed, 14 Mar 2018 16:40:01 +0800
-Subject: [PATCH 103/104] ovs-ctl: fix setting hostname
+Subject: [PATCH 103/105] ovs-ctl: fix setting hostname
The command "hostname" is not available in OpenWrt by default.
utilities/ovs-ctl.in | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
+diff --git a/utilities/ovs-ctl.in b/utilities/ovs-ctl.in
+index 43c8f32b7..6203ecff5 100755
--- a/utilities/ovs-ctl.in
+++ b/utilities/ovs-ctl.in
-@@ -64,9 +64,7 @@ insert_mod_if_required () {
+@@ -36,9 +36,7 @@ insert_mod_if_required () {
}
set_hostname () {
-From 43b855e201bd25a015ba6444cabce12b8cc181ec Mon Sep 17 00:00:00 2001
+From 97107da940da7814c3e9e947aee1c247cd7b95db Mon Sep 17 00:00:00 2001
From: Yousong Zhou <yszhou4tech@gmail.com>
Date: Wed, 14 Mar 2018 16:44:13 +0800
-Subject: [PATCH 104/104] ovs-lib: fix install_dir()
+Subject: [PATCH 104/105] ovs-lib: fix install_dir()
The command "install" is not available in OpenWrt by default
utilities/ovs-lib.in | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
+diff --git a/utilities/ovs-lib.in b/utilities/ovs-lib.in
+index 090a14434..f2a30e065 100644
--- a/utilities/ovs-lib.in
+++ b/utilities/ovs-lib.in
-@@ -157,7 +157,10 @@ install_dir () {
+@@ -159,7 +159,10 @@ install_dir () {
[ "${OVS_USER##*:}" != "" ] && INSTALL_GROUP="${OVS_USER##*:}"
if test ! -d "$DIR"; then
--- /dev/null
+From f5c6e5d4c567f3705de503b7271d384d1aad88ab Mon Sep 17 00:00:00 2001
+From: Yousong Zhou <zhouyousong@yunionyun.com>
+Date: Tue, 21 Aug 2018 13:02:21 +0000
+Subject: [PATCH 105/105] build: disable building tests
+
+Signed-off-by: Yousong Zhou <zhouyousong@yunionyun.com>
+---
+ Makefile.am | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/Makefile.am b/Makefile.am
+index cd90cc176..2e9e50f3a 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -477,7 +477,6 @@ include m4/automake.mk
+ include lib/automake.mk
+ include ofproto/automake.mk
+ include utilities/automake.mk
+-include tests/automake.mk
+ include include/automake.mk
+ include third-party/automake.mk
+ include debian/automake.mk
+++ /dev/null
-From bca4ff53aef16d38aeb1569edaaca6ac4feac6e8 Mon Sep 17 00:00:00 2001
-From: Eneas U de Queiroz <cote2004-github@yahoo.com>
-Date: Tue, 5 Jun 2018 10:36:51 -0300
-Subject: [PATCH] Removed calls to AP deprecated in openssl 1.1
-
-In openssl 1.1, there is no need to initialize the library. It is
-automatically done when first used. This allows to compile openvswitch
-with openssl 1.1.0 with deprecated API disabled.
-
-Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
-Signed-off-by: Ben Pfaff <blp@ovn.org>
----
- lib/stream-ssl.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/lib/stream-ssl.c b/lib/stream-ssl.c
-index ebb6f3a6c8..c7443470f5 100644
---- a/lib/stream-ssl.c
-+++ b/lib/stream-ssl.c
-@@ -947,12 +947,14 @@ do_ssl_init(void)
- {
- SSL_METHOD *method;
-
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined (LIBRESSL_VERSION_NUMBER)
- #ifdef _WIN32
- /* The following call is needed if we "#include <openssl/applink.c>". */
- CRYPTO_malloc_init();
- #endif
- SSL_library_init();
- SSL_load_error_strings();
-+#endif
-
- if (!RAND_status()) {
- /* We occasionally see OpenSSL fail to seed its random number generator
+++ /dev/null
-From a513cb5fed8c4f63d60b6da12ae9f63a258a9e44 Mon Sep 17 00:00:00 2001
-From: Eneas U de Queiroz <cote2004-github@yahoo.com>
-Date: Wed, 6 Jun 2018 08:20:35 -0300
-Subject: [PATCH] dhparams: Add pregenerated .c file to the repository.
-
-The version of dhparams.c generated by any given version of OpenSSL or
-LibreSSL might work only with that version of the library. This can be
-inconvenient for cross-compiling if the "openssl" program on the build
-machine has a different version from the library on the host where OVS will
-run, since it could generate code that won't compile.
-
-This commit fixes the problem by generating dhparams.c that works on the
-currently important versions of OpenSSL and LibreSSL.
-
-Submitted-at: https://github.com/openvswitch/ovs/pull/235
-Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
-Signed-off-by: Ben Pfaff <blp@ovn.org>
----
- build-aux/automake.mk | 1 +
- build-aux/generate-dhparams-c | 31 +++++++
- lib/automake.mk | 17 ++--
- lib/dhparams.c | 192 ++++++++++++++++++++++++++++++++++++++++++
- 5 files changed, 233 insertions(+), 9 deletions(-)
- create mode 100755 build-aux/generate-dhparams-c
- create mode 100644 lib/dhparams.c
-
-diff --git a/build-aux/automake.mk b/build-aux/automake.mk
-index a1f2f856f..3a3b31ce1 100644
---- a/build-aux/automake.mk
-+++ b/build-aux/automake.mk
-@@ -4,6 +4,7 @@ EXTRA_DIST += \
- build-aux/cksum-schema-check \
- build-aux/dist-docs \
- build-aux/dpdkstrip.py \
-+ build-aux/generate-dhparams-c \
- build-aux/sodepends.py \
- build-aux/soexpand.py \
- build-aux/text2c \
-diff --git a/build-aux/generate-dhparams-c b/build-aux/generate-dhparams-c
-new file mode 100755
-index 000000000..a75e1d5a7
---- /dev/null
-+++ b/build-aux/generate-dhparams-c
-@@ -0,0 +1,31 @@
-+#! /bin/sh -e
-+
-+cat <<'EOF'
-+/* Generated automatically; do not modify! -*- buffer-read-only: t -*-
-+ *
-+ * If you do need to regenerate this file, run "make generate-dhparams-c". */
-+
-+#include <config.h>
-+#include "lib/dhparams.h"
-+#include "openvswitch/util.h"
-+
-+static int
-+my_DH_set0_pqg(DH *dh, BIGNUM *p, const BIGNUM **q OVS_UNUSED, BIGNUM *g)
-+{
-+ ovs_assert(q == NULL);
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined (LIBRESSL_VERSION_NUMBER)
-+ dh->p = p;
-+ dh->g = g;
-+ return 1;
-+#else
-+ return DH_set0_pqg(dh, p, NULL, g);
-+#endif
-+}
-+EOF
-+(openssl dhparam -C -in lib/dh1024.pem -noout &&
-+openssl dhparam -C -in lib/dh2048.pem -noout &&
-+openssl dhparam -C -in lib/dh4096.pem -noout) | sed '
-+ s/\(get_dh[0-9]*\)()/\1(void)/
-+ s/\(DH_set0_pqg\)/my_\1/
-+ s/[ ]*$//
-+'
-diff --git a/lib/automake.mk b/lib/automake.mk
-index fb781e847..3bec3fd56 100644
---- a/lib/automake.mk
-+++ b/lib/automake.mk
-@@ -450,15 +450,16 @@ lib_libopenvswitch_la_SOURCES += \
- lib/route-table-bsd.c
- endif
-
-+.PHONY: generate-dhparams-c
- if HAVE_OPENSSL
--lib_libopenvswitch_la_SOURCES += lib/stream-ssl.c
--nodist_lib_libopenvswitch_la_SOURCES += lib/dhparams.c
--lib/dhparams.c: lib/dh1024.pem lib/dh2048.pem lib/dh4096.pem
-- $(AM_V_GEN)(echo '#include "lib/dhparams.h"' && \
-- openssl dhparam -C -in $(srcdir)/lib/dh1024.pem -noout && \
-- openssl dhparam -C -in $(srcdir)/lib/dh2048.pem -noout && \
-- openssl dhparam -C -in $(srcdir)/lib/dh4096.pem -noout) \
-- | sed 's/\(get_dh[0-9]*\)()/\1(void)/' > lib/dhparams.c.tmp && \
-+lib_libopenvswitch_la_SOURCES += lib/stream-ssl.c lib/dhparams.c
-+
-+# Manually regenerates lib/dhparams.c. Not normally necessary since
-+# lib/dhparams.c is part of the repository and doesn't normally need
-+# updates.
-+generate-dhparams-c:
-+ $(AM_V_GEN)cd $(srcdir) && \
-+ build-aux/generate-dhparams-c > lib/dhparams.c.tmp && \
- mv lib/dhparams.c.tmp lib/dhparams.c
- else
- lib_libopenvswitch_la_SOURCES += lib/stream-nossl.c
-diff --git a/lib/dhparams.c b/lib/dhparams.c
-new file mode 100644
-index 000000000..c9c338bf1
---- /dev/null
-+++ b/lib/dhparams.c
-@@ -0,0 +1,192 @@
-+/* Generated automatically; do not modify! -*- buffer-read-only: t -*-
-+ *
-+ * If you do need to regenerate this file, run "make generate-dhparams-c". */
-+
-+#include <config.h>
-+#include "lib/dhparams.h"
-+#include "openvswitch/util.h"
-+
-+static int
-+my_DH_set0_pqg(DH *dh, BIGNUM *p, const BIGNUM **q OVS_UNUSED, BIGNUM *g)
-+{
-+ ovs_assert(q == NULL);
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined (LIBRESSL_VERSION_NUMBER)
-+ dh->p = p;
-+ dh->g = g;
-+ return 1;
-+#else
-+ return DH_set0_pqg(dh, p, NULL, g);
-+#endif
-+}
-+#ifndef HEADER_DH_H
-+# include <openssl/dh.h>
-+#endif
-+
-+DH *get_dh1024(void)
-+{
-+ static unsigned char dhp_1024[] = {
-+ 0xF4, 0x88, 0xFD, 0x58, 0x4E, 0x49, 0xDB, 0xCD, 0x20, 0xB4,
-+ 0x9D, 0xE4, 0x91, 0x07, 0x36, 0x6B, 0x33, 0x6C, 0x38, 0x0D,
-+ 0x45, 0x1D, 0x0F, 0x7C, 0x88, 0xB3, 0x1C, 0x7C, 0x5B, 0x2D,
-+ 0x8E, 0xF6, 0xF3, 0xC9, 0x23, 0xC0, 0x43, 0xF0, 0xA5, 0x5B,
-+ 0x18, 0x8D, 0x8E, 0xBB, 0x55, 0x8C, 0xB8, 0x5D, 0x38, 0xD3,
-+ 0x34, 0xFD, 0x7C, 0x17, 0x57, 0x43, 0xA3, 0x1D, 0x18, 0x6C,
-+ 0xDE, 0x33, 0x21, 0x2C, 0xB5, 0x2A, 0xFF, 0x3C, 0xE1, 0xB1,
-+ 0x29, 0x40, 0x18, 0x11, 0x8D, 0x7C, 0x84, 0xA7, 0x0A, 0x72,
-+ 0xD6, 0x86, 0xC4, 0x03, 0x19, 0xC8, 0x07, 0x29, 0x7A, 0xCA,
-+ 0x95, 0x0C, 0xD9, 0x96, 0x9F, 0xAB, 0xD0, 0x0A, 0x50, 0x9B,
-+ 0x02, 0x46, 0xD3, 0x08, 0x3D, 0x66, 0xA4, 0x5D, 0x41, 0x9F,
-+ 0x9C, 0x7C, 0xBD, 0x89, 0x4B, 0x22, 0x19, 0x26, 0xBA, 0xAB,
-+ 0xA2, 0x5E, 0xC3, 0x55, 0xE9, 0x2F, 0x78, 0xC7
-+ };
-+ static unsigned char dhg_1024[] = {
-+ 0x02
-+ };
-+ DH *dh = DH_new();
-+ BIGNUM *dhp_bn, *dhg_bn;
-+
-+ if (dh == NULL)
-+ return NULL;
-+ dhp_bn = BN_bin2bn(dhp_1024, sizeof (dhp_1024), NULL);
-+ dhg_bn = BN_bin2bn(dhg_1024, sizeof (dhg_1024), NULL);
-+ if (dhp_bn == NULL || dhg_bn == NULL
-+ || !my_DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
-+ DH_free(dh);
-+ BN_free(dhp_bn);
-+ BN_free(dhg_bn);
-+ return NULL;
-+ }
-+ return dh;
-+}
-+#ifndef HEADER_DH_H
-+# include <openssl/dh.h>
-+#endif
-+
-+DH *get_dh2048(void)
-+{
-+ static unsigned char dhp_2048[] = {
-+ 0xF6, 0x42, 0x57, 0xB7, 0x08, 0x7F, 0x08, 0x17, 0x72, 0xA2,
-+ 0xBA, 0xD6, 0xA9, 0x42, 0xF3, 0x05, 0xE8, 0xF9, 0x53, 0x11,
-+ 0x39, 0x4F, 0xB6, 0xF1, 0x6E, 0xB9, 0x4B, 0x38, 0x20, 0xDA,
-+ 0x01, 0xA7, 0x56, 0xA3, 0x14, 0xE9, 0x8F, 0x40, 0x55, 0xF3,
-+ 0xD0, 0x07, 0xC6, 0xCB, 0x43, 0xA9, 0x94, 0xAD, 0xF7, 0x4C,
-+ 0x64, 0x86, 0x49, 0xF8, 0x0C, 0x83, 0xBD, 0x65, 0xE9, 0x17,
-+ 0xD4, 0xA1, 0xD3, 0x50, 0xF8, 0xF5, 0x59, 0x5F, 0xDC, 0x76,
-+ 0x52, 0x4F, 0x3D, 0x3D, 0x8D, 0xDB, 0xCE, 0x99, 0xE1, 0x57,
-+ 0x92, 0x59, 0xCD, 0xFD, 0xB8, 0xAE, 0x74, 0x4F, 0xC5, 0xFC,
-+ 0x76, 0xBC, 0x83, 0xC5, 0x47, 0x30, 0x61, 0xCE, 0x7C, 0xC9,
-+ 0x66, 0xFF, 0x15, 0xF9, 0xBB, 0xFD, 0x91, 0x5E, 0xC7, 0x01,
-+ 0xAA, 0xD3, 0x5B, 0x9E, 0x8D, 0xA0, 0xA5, 0x72, 0x3A, 0xD4,
-+ 0x1A, 0xF0, 0xBF, 0x46, 0x00, 0x58, 0x2B, 0xE5, 0xF4, 0x88,
-+ 0xFD, 0x58, 0x4E, 0x49, 0xDB, 0xCD, 0x20, 0xB4, 0x9D, 0xE4,
-+ 0x91, 0x07, 0x36, 0x6B, 0x33, 0x6C, 0x38, 0x0D, 0x45, 0x1D,
-+ 0x0F, 0x7C, 0x88, 0xB3, 0x1C, 0x7C, 0x5B, 0x2D, 0x8E, 0xF6,
-+ 0xF3, 0xC9, 0x23, 0xC0, 0x43, 0xF0, 0xA5, 0x5B, 0x18, 0x8D,
-+ 0x8E, 0xBB, 0x55, 0x8C, 0xB8, 0x5D, 0x38, 0xD3, 0x34, 0xFD,
-+ 0x7C, 0x17, 0x57, 0x43, 0xA3, 0x1D, 0x18, 0x6C, 0xDE, 0x33,
-+ 0x21, 0x2C, 0xB5, 0x2A, 0xFF, 0x3C, 0xE1, 0xB1, 0x29, 0x40,
-+ 0x18, 0x11, 0x8D, 0x7C, 0x84, 0xA7, 0x0A, 0x72, 0xD6, 0x86,
-+ 0xC4, 0x03, 0x19, 0xC8, 0x07, 0x29, 0x7A, 0xCA, 0x95, 0x0C,
-+ 0xD9, 0x96, 0x9F, 0xAB, 0xD0, 0x0A, 0x50, 0x9B, 0x02, 0x46,
-+ 0xD3, 0x08, 0x3D, 0x66, 0xA4, 0x5D, 0x41, 0x9F, 0x9C, 0x7C,
-+ 0xBD, 0x89, 0x4B, 0x22, 0x19, 0x26, 0xBA, 0xAB, 0xA2, 0x5E,
-+ 0xC3, 0x55, 0xE9, 0x32, 0x0B, 0x3B
-+ };
-+ static unsigned char dhg_2048[] = {
-+ 0x02
-+ };
-+ DH *dh = DH_new();
-+ BIGNUM *dhp_bn, *dhg_bn;
-+
-+ if (dh == NULL)
-+ return NULL;
-+ dhp_bn = BN_bin2bn(dhp_2048, sizeof (dhp_2048), NULL);
-+ dhg_bn = BN_bin2bn(dhg_2048, sizeof (dhg_2048), NULL);
-+ if (dhp_bn == NULL || dhg_bn == NULL
-+ || !my_DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
-+ DH_free(dh);
-+ BN_free(dhp_bn);
-+ BN_free(dhg_bn);
-+ return NULL;
-+ }
-+ return dh;
-+}
-+#ifndef HEADER_DH_H
-+# include <openssl/dh.h>
-+#endif
-+
-+DH *get_dh4096(void)
-+{
-+ static unsigned char dhp_4096[] = {
-+ 0xFA, 0x14, 0x72, 0x52, 0xC1, 0x4D, 0xE1, 0x5A, 0x49, 0xD4,
-+ 0xEF, 0x09, 0x2D, 0xC0, 0xA8, 0xFD, 0x55, 0xAB, 0xD7, 0xD9,
-+ 0x37, 0x04, 0x28, 0x09, 0xE2, 0xE9, 0x3E, 0x77, 0xE2, 0xA1,
-+ 0x7A, 0x18, 0xDD, 0x46, 0xA3, 0x43, 0x37, 0x23, 0x90, 0x97,
-+ 0xF3, 0x0E, 0xC9, 0x03, 0x50, 0x7D, 0x65, 0xCF, 0x78, 0x62,
-+ 0xA6, 0x3A, 0x62, 0x22, 0x83, 0xA1, 0x2F, 0xFE, 0x79, 0xBA,
-+ 0x35, 0xFF, 0x59, 0xD8, 0x1D, 0x61, 0xDD, 0x1E, 0x21, 0x13,
-+ 0x17, 0xFE, 0xCD, 0x38, 0x87, 0x9E, 0xF5, 0x4F, 0x79, 0x10,
-+ 0x61, 0x8D, 0xD4, 0x22, 0xF3, 0x5A, 0xED, 0x5D, 0xEA, 0x21,
-+ 0xE9, 0x33, 0x6B, 0x48, 0x12, 0x0A, 0x20, 0x77, 0xD4, 0x25,
-+ 0x60, 0x61, 0xDE, 0xF6, 0xB4, 0x4F, 0x1C, 0x63, 0x40, 0x8B,
-+ 0x3A, 0x21, 0x93, 0x8B, 0x79, 0x53, 0x51, 0x2C, 0xCA, 0xB3,
-+ 0x7B, 0x29, 0x56, 0xA8, 0xC7, 0xF8, 0xF4, 0x7B, 0x08, 0x5E,
-+ 0xA6, 0xDC, 0xA2, 0x45, 0x12, 0x56, 0xDD, 0x41, 0x92, 0xF2,
-+ 0xDD, 0x5B, 0x8F, 0x23, 0xF0, 0xF3, 0xEF, 0xE4, 0x3B, 0x0A,
-+ 0x44, 0xDD, 0xED, 0x96, 0x84, 0xF1, 0xA8, 0x32, 0x46, 0xA3,
-+ 0xDB, 0x4A, 0xBE, 0x3D, 0x45, 0xBA, 0x4E, 0xF8, 0x03, 0xE5,
-+ 0xDD, 0x6B, 0x59, 0x0D, 0x84, 0x1E, 0xCA, 0x16, 0x5A, 0x8C,
-+ 0xC8, 0xDF, 0x7C, 0x54, 0x44, 0xC4, 0x27, 0xA7, 0x3B, 0x2A,
-+ 0x97, 0xCE, 0xA3, 0x7D, 0x26, 0x9C, 0xAD, 0xF4, 0xC2, 0xAC,
-+ 0x37, 0x4B, 0xC3, 0xAD, 0x68, 0x84, 0x7F, 0x99, 0xA6, 0x17,
-+ 0xEF, 0x6B, 0x46, 0x3A, 0x7A, 0x36, 0x7A, 0x11, 0x43, 0x92,
-+ 0xAD, 0xE9, 0x9C, 0xFB, 0x44, 0x6C, 0x3D, 0x82, 0x49, 0xCC,
-+ 0x5C, 0x6A, 0x52, 0x42, 0xF8, 0x42, 0xFB, 0x44, 0xF9, 0x39,
-+ 0x73, 0xFB, 0x60, 0x79, 0x3B, 0xC2, 0x9E, 0x0B, 0xDC, 0xD4,
-+ 0xA6, 0x67, 0xF7, 0x66, 0x3F, 0xFC, 0x42, 0x3B, 0x1B, 0xDB,
-+ 0x4F, 0x66, 0xDC, 0xA5, 0x8F, 0x66, 0xF9, 0xEA, 0xC1, 0xED,
-+ 0x31, 0xFB, 0x48, 0xA1, 0x82, 0x7D, 0xF8, 0xE0, 0xCC, 0xB1,
-+ 0xC7, 0x03, 0xE4, 0xF8, 0xB3, 0xFE, 0xB7, 0xA3, 0x13, 0x73,
-+ 0xA6, 0x7B, 0xC1, 0x0E, 0x39, 0xC7, 0x94, 0x48, 0x26, 0x00,
-+ 0x85, 0x79, 0xFC, 0x6F, 0x7A, 0xAF, 0xC5, 0x52, 0x35, 0x75,
-+ 0xD7, 0x75, 0xA4, 0x40, 0xFA, 0x14, 0x74, 0x61, 0x16, 0xF2,
-+ 0xEB, 0x67, 0x11, 0x6F, 0x04, 0x43, 0x3D, 0x11, 0x14, 0x4C,
-+ 0xA7, 0x94, 0x2A, 0x39, 0xA1, 0xC9, 0x90, 0xCF, 0x83, 0xC6,
-+ 0xFF, 0x02, 0x8F, 0xA3, 0x2A, 0xAC, 0x26, 0xDF, 0x0B, 0x8B,
-+ 0xBE, 0x64, 0x4A, 0xF1, 0xA1, 0xDC, 0xEE, 0xBA, 0xC8, 0x03,
-+ 0x82, 0xF6, 0x62, 0x2C, 0x5D, 0xB6, 0xBB, 0x13, 0x19, 0x6E,
-+ 0x86, 0xC5, 0x5B, 0x2B, 0x5E, 0x3A, 0xF3, 0xB3, 0x28, 0x6B,
-+ 0x70, 0x71, 0x3A, 0x8E, 0xFF, 0x5C, 0x15, 0xE6, 0x02, 0xA4,
-+ 0xCE, 0xED, 0x59, 0x56, 0xCC, 0x15, 0x51, 0x07, 0x79, 0x1A,
-+ 0x0F, 0x25, 0x26, 0x27, 0x30, 0xA9, 0x15, 0xB2, 0xC8, 0xD4,
-+ 0x5C, 0xCC, 0x30, 0xE8, 0x1B, 0xD8, 0xD5, 0x0F, 0x19, 0xA8,
-+ 0x80, 0xA4, 0xC7, 0x01, 0xAA, 0x8B, 0xBA, 0x53, 0xBB, 0x47,
-+ 0xC2, 0x1F, 0x6B, 0x54, 0xB0, 0x17, 0x60, 0xED, 0x79, 0x21,
-+ 0x95, 0xB6, 0x05, 0x84, 0x37, 0xC8, 0x03, 0xA4, 0xDD, 0xD1,
-+ 0x06, 0x69, 0x8F, 0x4C, 0x39, 0xE0, 0xC8, 0x5D, 0x83, 0x1D,
-+ 0xBE, 0x6A, 0x9A, 0x99, 0xF3, 0x9F, 0x0B, 0x45, 0x29, 0xD4,
-+ 0xCB, 0x29, 0x66, 0xEE, 0x1E, 0x7E, 0x3D, 0xD7, 0x13, 0x4E,
-+ 0xDB, 0x90, 0x90, 0x58, 0xCB, 0x5E, 0x9B, 0xCD, 0x2E, 0x2B,
-+ 0x0F, 0xA9, 0x4E, 0x78, 0xAC, 0x05, 0x11, 0x7F, 0xE3, 0x9E,
-+ 0x27, 0xD4, 0x99, 0xE1, 0xB9, 0xBD, 0x78, 0xE1, 0x84, 0x41,
-+ 0xA0, 0xDF
-+ };
-+ static unsigned char dhg_4096[] = {
-+ 0x02
-+ };
-+ DH *dh = DH_new();
-+ BIGNUM *dhp_bn, *dhg_bn;
-+
-+ if (dh == NULL)
-+ return NULL;
-+ dhp_bn = BN_bin2bn(dhp_4096, sizeof (dhp_4096), NULL);
-+ dhg_bn = BN_bin2bn(dhg_4096, sizeof (dhg_4096), NULL);
-+ if (dhp_bn == NULL || dhg_bn == NULL
-+ || !my_DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
-+ DH_free(dh);
-+ BN_free(dhp_bn);
-+ BN_free(dhg_bn);
-+ return NULL;
-+ }
-+ return dh;
-+}
---
-2.16.4
-
include $(TOPDIR)/rules.mk
PKG_NAME:=radsecproxy
-PKG_VERSION:=1.7.1
+PKG_VERSION:=1.7.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/radsecproxy/radsecproxy/releases/download/$(PKG_VERSION)/
-PKG_HASH:=49fd644684c6ea502d896d31e29f1acf2ae9b61b02b231a8ffd0cec11857dd07
+PKG_HASH:=2cf23e618ab9275221350acf5a97bce4ff18aee472045f8a3b4c7673491079d2
-PKG_LICENSE:=GPL-2.0+
+PKG_LICENSE:=BSD-3-CLAUSE
PKG_LICENSE_FILES:=LICENSE
PKG_FIXUP:=autoreconf
+++ /dev/null
---- a/debug.c
-+++ b/debug.c
-@@ -153,7 +153,7 @@ void debug_logit(uint8_t level, const ch
-
- if (debug_tid) {
- tidbuf = malloc((3*sizeof(pthread_t)+5)+strlen(format));
-- sprintf(tidbuf, "(%ld) %s", pthread_self(), format);
-+ sprintf(tidbuf, "(%ld) %s", (long int)pthread_self(), format);
- format = tidbuf;
- } else
- tidbuf = NULL;
include $(TOPDIR)/rules.mk
PKG_NAME:=rpcbind
-PKG_VERSION:=0.2.4
-PKG_RELEASE:=2
+PKG_VERSION:=1.2.5
+PKG_RELEASE:=1
PKG_SOURCE_URL:=@SF/rpcbind
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_HASH:=074a9a530dc7c11e0d905aa59bcb0847c009313f02e98d3d798aa9568f414c66
+PKG_HASH:=2ce360683963b35c19c43f0ee2c7f18aa5b81ef41c3fdbd15ffcb00b8bffda7a
PKG_MAINTAINER:=Andy Walsh <andy.walsh44+github@gmail.com>
PKG_LICENSE:=BSD-3-Clause
CATEGORY:=Network
DEPENDS:=+libtirpc +RPCBIND_LIBWRAP:libwrap
TITLE:=Universal addresses to RPC mapper
- URL:=http://libtirpc.sourceforge.net/
+ URL:=http://rpcbind.sourceforge.net/
USERID:=rpc=65533:rpc=65533
endef
define Package/rpcbind/install
$(INSTALL_DIR) $(1)/usr/bin
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/{rpcbind,rpcinfo} $(1)/usr/bin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/rpcinfo $(1)/usr/bin/
+ $(INSTALL_DIR) $(1)/usr/sbin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/rpcbind $(1)/usr/sbin/
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/rpcbind.init $(1)/etc/init.d/rpcbind
endef
start_service() {
procd_open_instance
- procd_set_param command /usr/bin/rpcbind -f -w
+ procd_set_param command /usr/sbin/rpcbind -f -w
procd_set_param respawn
procd_close_instance
}
include $(TOPDIR)/rules.mk
PKG_NAME:=samba
-PKG_VERSION:=4.8.4
+PKG_VERSION:=4.8.5
PKG_RELEASE:=1
PKG_MAINTAINER:=Andy Walsh <andy.walsh44+github@gmail.com>
PKG_SOURCE_URL:=https://download.samba.org/pub/samba/stable/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_HASH:=f5044d149e01894a08b1d114b8b69aed78171a7bb19608bd1fd771453b9a5406
+PKG_HASH:=e58ee6b1262d4128b8932ceee59d5f0b0a9bbe00547eb3cc4c41552de1a65155
# Buildroot bug? Can't add target deps via '+SAMBA4_SERVER_AD_DC:python-crypto' (as work-around we select via config.in)
PKG_BUILD_DEPENDS:=SAMBA4_SERVER_AD_DC:python-crypto nfs-kernel-server/host
# Optional AES-NI support - https://lists.samba.org/archive/samba-technical/2017-September/122738.html
# Support for Nettle wasn't comitted
-CONFIGURE_ARGS += --accel-aes=none
+ifdef CONFIG_TARGET_x86_64
+ CONFIGURE_ARGS += --accel-aes=intelaesni
+else
+ CONFIGURE_ARGS += --accel-aes=none
+endif
CONFIGURE_ARGS += \
--with-lockdir=/var/lock \
## disable loading of all printcap printers by default (iprint, cups, lpstat)
load printers = No
printcap name = /dev/null
+
+ ## Enabling this parameter will disable Samba's support for the SPOOLSS set of MS-RPC's.
+ disable spoolss = yes
+
+ ## This parameters controls how printer status information is interpreted on your system.
+ ## (BSD, AIX, LPRNG, PLP, SYSV, HPUX, QNX, SOFTQ)
+ printing = bsd
## Disable that nmbd is acting as a WINS server for unknow netbios names
#dns proxy = No
--- /dev/null
+--- a/lib/crypto/wscript_configure 2018-07-26
++++ b/lib/crypto/wscript_configure 2018-08-27
+@@ -2,11 +2,11 @@
+ import Options
+ import Utils
+
+-if not conf.CHECK_FUNCS_IN('MD5Init', 'bsd', headers='bsd/md5.h',
+- checklibc=True):
+- conf.CHECK_FUNCS_IN('MD5Init', 'md5', headers='sys/md5.h',
+- checklibc=True)
+- conf.CHECK_FUNCS_IN('MD5Init', 'md', headers='sys/md5.h',
++# if not conf.CHECK_FUNCS_IN('MD5Init', 'bsd', headers='bsd/md5.h',
++ # checklibc=True):
++conf.CHECK_FUNCS_IN('MD5Init', 'md5', headers='sys/md5.h',
++ checklibc=True)
++conf.CHECK_FUNCS_IN('MD5Init', 'md', headers='sys/md5.h',
+ checklibc=True)
+ conf.CHECK_FUNCS_IN('CC_MD5_Init', '', headers='CommonCrypto/CommonDigest.h',
+ checklibc=True)
+--- a/lib/replace/wscript
++++ b/lib/replace/wscript
+@@ -302,22 +302,13 @@ def configure(conf):
+
+ conf.CHECK_FUNCS('prctl dirname basename')
+
+- strlcpy_in_bsd = False
+-
+- # libbsd on some platforms provides strlcpy and strlcat
+- if not conf.CHECK_FUNCS('strlcpy strlcat'):
+- if conf.CHECK_FUNCS_IN('strlcpy strlcat', 'bsd', headers='bsd/string.h',
+- checklibc=True):
+- strlcpy_in_bsd = True
+- if not conf.CHECK_FUNCS('getpeereid'):
+- conf.CHECK_FUNCS_IN('getpeereid', 'bsd', headers='sys/types.h bsd/unistd.h')
+- if not conf.CHECK_FUNCS_IN('setproctitle', 'setproctitle', headers='setproctitle.h'):
+- conf.CHECK_FUNCS_IN('setproctitle', 'bsd', headers='sys/types.h bsd/unistd.h')
+- if not conf.CHECK_FUNCS('setproctitle_init'):
+- conf.CHECK_FUNCS_IN('setproctitle_init', 'bsd', headers='sys/types.h bsd/unistd.h')
+-
+- if not conf.CHECK_FUNCS('closefrom'):
+- conf.CHECK_FUNCS_IN('closefrom', 'bsd', headers='bsd/unistd.h')
++ # Not checking for libbsd
++ conf.CHECK_FUNCS('strlcpy strlcat')
++ conf.CHECK_FUNCS('getpeereid')
++ conf.CHECK_FUNCS_IN('setproctitle', 'setproctitle', headers='setproctitle.h')
++ conf.CHECK_FUNCS('setproctitle_init')
++
++ conf.CHECK_FUNCS('closefrom')
+
+ conf.CHECK_CODE('''
+ struct ucred cred;
+@@ -667,9 +658,6 @@ removeea setea
+
+ # look for a method of finding the list of network interfaces
+ for method in ['HAVE_IFACE_GETIFADDRS', 'HAVE_IFACE_AIX', 'HAVE_IFACE_IFCONF', 'HAVE_IFACE_IFREQ']:
+- bsd_for_strlcpy = ''
+- if strlcpy_in_bsd:
+- bsd_for_strlcpy = ' bsd'
+ if conf.CHECK_CODE('''
+ #define %s 1
+ #define NO_CONFIG_H 1
+@@ -682,7 +670,7 @@ removeea setea
+ #include "test/getifaddrs.c"
+ ''' % method,
+ method,
+- lib='nsl socket' + bsd_for_strlcpy,
++ lib='nsl socket',
+ addmain=False,
+ execute=True):
+ break
+@@ -730,7 +718,6 @@ def build(bld):
+ break
+
+ extra_libs = ''
+- if bld.CONFIG_SET('HAVE_LIBBSD'): extra_libs += ' bsd'
+
+ bld.SAMBA_SUBSYSTEM('LIBREPLACE_HOSTCC',
+ REPLACE_HOSTCC_SOURCE,
socks5 ss plain
--------> tcp:local_address:local_port ----> ss server -------> dest
-`ss-redir`. The REDIRECT and TPROXY part are to be provided by `ss-rules` script. REDIRECT only works for tcp traffic (see also darkk/redsocks). TPROXY is used to proxy udp messages, but it's only available in the PREROUTING chain and as such cannot proxy local out traffic.
+`ss-redir`. The REDIRECT and TPROXY part are to be provided by `ss-rules` script. REDIRECT is for tcp traffic (`SO_ORIGINAL_DST` only supports TCP). TPROXY is for udp messages, but it's only available in the PREROUTING chain and as such cannot proxy local out traffic.
plain plain ss plain
---------> REDIRECT ------> tcp:local_address:local_port ----> ss server -----> original dest
#
-# Copyright (C) 2006-2015 OpenWrt.org
-#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
PKG_NAME:=socat
PKG_VERSION:=1.7.3.2
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=http://www.dest-unreach.org/socat/download
CONFIGURE_ARGS+= --disable-openssl
endif
+# PowerPC has different TERMIOS bits
+ifneq ($(findstring powerpc,$(CONFIG_ARCH)),)
+ CONFIGURE_VARS += \
+ sc_cv_sys_crdly_shift=12 \
+ sc_cv_sys_tabdly_shift=10 \
+ sc_cv_sys_csize_shift=8
+else
+ CONFIGURE_VARS += \
+ sc_cv_sys_crdly_shift=9 \
+ sc_cv_sys_tabdly_shift=11 \
+ sc_cv_sys_csize_shift=4
+endif
+
CONFIGURE_VARS += \
sc_cv_termios_ispeed="no" \
- sc_cv_sys_crdly_shift=9 \
- sc_cv_sys_tabdly_shift=11 \
- sc_cv_sys_csize_shift=4 \
+ ac_cv_header_bsd_libutil_h=no \
+ ac_cv_lib_bsd_openpty=no \
BUILD_DATE=$(SOURCE_DATE_EPOCH)
define Package/socat/install
--- /dev/null
+#
+# Copyright (C) 2018 The Regents of the University of California
+#
+# This is free software, licensed under the GNU General Public License v3.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=spoofer
+PKG_VERSION:=1.3.3
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://www.caida.org/projects/spoofer/downloads
+PKG_HASH:=376f9a4b2d0404de3c37df645672a954b4916ad56508fadfe3f99120e5b0f87e
+
+PKG_LICENSE:=GPL-3.0
+PKG_LICENSE_FILES:=LICENSE
+
+HOST_BUILD_DEPENDS:=protobuf/host
+
+include $(INCLUDE_DIR)/host-build.mk
+include $(INCLUDE_DIR)/package.mk
+
+$(eval $(call HostBuild))
+
+define Package/spoofer
+ SECTION:=net
+ CATEGORY:=Network
+ TITLE:=Measure your ISP's resistance to spoofed IP packets
+ URL:=https://spoofer.caida.org/
+ MAINTAINER:=Ken Keys <spoofer-info@caida.org>
+ DEPENDS:=+protobuf-lite +libpcap +libpthread +libopenssl
+endef
+
+define Package/spoofer/description
+The spoofer client is part of a system to measure the Internet's
+resistance to packets with a spoofed (forged) source IP address.
+
+This package comes bundled with a small certificate file that allows
+secure communication with the spoofer server without depending on
+the large ca-certificates package. But if the server's private
+certificate ever changes, it will be necessary to either install the
+ca-certificates package or install an updated version of this package
+that has a newer bundled certificate.
+
+endef
+
+CONFIGURE_ARGS += \
+ --enable-prober \
+ --disable-manager
+
+CONFIGURE_VARS += \
+ PROTOC=$(STAGING_DIR_HOSTPKG)/bin/protoc
+
+EXTRA_CXXFLAGS += -std=gnu++14
+
+SPOOFER_SRC=$(PKG_BUILD_DIR)
+
+define Package/spoofer/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/prober/spoofer-prober $(1)/usr/bin
+ $(INSTALL_BIN) $(SPOOFER_SRC)/openwrt-files/spoofer $(1)/usr/bin
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) $(SPOOFER_SRC)/openwrt-files/initscript $(1)/etc/init.d/spoofer
+ $(INSTALL_DIR) $(1)/usr/share/spoofer
+ $(INSTALL_DATA) $(SPOOFER_SRC)/gd_bundle.crt $(1)/usr/share/spoofer
+ $(INSTALL_DATA) $(SPOOFER_SRC)/openwrt-files/spoofer-lib.sh $(1)/usr/share/spoofer
+endef
+
+$(eval $(call BuildPackage,spoofer))
include $(TOPDIR)/rules.mk
PKG_NAME:=sqm-scripts
-PKG_SOURCE_VERSION:=a94318a2ecd709403fb8c0d622063d9ce1859615
-PKG_VERSION:=1.2.3
+PKG_SOURCE_VERSION:=d0ac824ec0c5d0fc3593ce90d83a007da505856e
+PKG_VERSION:=1.2.4
PKG_RELEASE:=1
PKG_LICENSE:=GPLv2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_RELEASE).tar.xz
-PKG_MIRROR_HASH:=0cabeaf9c9d7ff260d8ed7b4ed518c67ff4640d82a8583e2fb4d695befb79c54
+PKG_MIRROR_HASH:=2882aeae9f8b7827655bae8b0ecae60c405795a2a51aec8d3f2ae5fccecd76b9
PKG_SOURCE_URL:=https://github.com/tohojo/sqm-scripts.git
PKG_SOURCE_PROTO:=git
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_RELEASE)
include $(TOPDIR)/rules.mk
PKG_NAME:=stunnel
-PKG_VERSION:=5.44
-PKG_RELEASE:=4
+PKG_VERSION:=5.48
+PKG_RELEASE:=1
PKG_LICENSE:=GPL-2.0+
PKG_MAINTAINER:=Florian Eckert <fe@dev.tdt.de>
http://www.usenix.org.uk/mirrors/stunnel/ \
https://www.stunnel.org/downloads/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_HASH:=990a325dbb47d77d88772dd02fbbd27d91b1fea3ece76c9ff4461eca93f12299
+PKG_HASH:=1011d5a302ce6a227882d094282993a3187250f42f8a801dcc1620da63b2b8df
PKG_FIXUP:=autoreconf
PKG_FIXUP:=patch-libtool
PKG_NAME:=uwsgi-cgi
PKG_VERSION:=2.0.17.1
-PKG_RELEASE:=4
+PKG_RELEASE:=5
PKG_SOURCE_URL=https://codeload.github.com/unbit/uwsgi/tar.gz/$(PKG_VERSION)?
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
strict = true
socket = /var/run/uwsgi.sock
cgi-mode = true
-cgi = /www/cgi-bin/luci
+cgi = /www/
chdir = /usr/lib/lua/luci/
master = true
buffer-size = 10000
#
-# Copyright (C) 2014 OpenWrt.org
-#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
PKG_NAME:=espeak
PKG_VERSION:=1.48.04
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-source.zip
PKG_SOURCE_URL:=@SF/espeak
MAKE_PATH:=./src
+# Use system header for portaudio
+define Build/Prepare
+ $(call Build/Prepare/Default)
+ rm $(PKG_BUILD_DIR)/src/portaudio.h
+endef
+
define Package/espeak/install
$(INSTALL_DIR) $(1)/usr/bin
$(CP) $(PKG_INSTALL_DIR)/usr/bin/espeak $(1)/usr/bin/
--- /dev/null
+--- a/src/tr_languages.cpp
++++ b/src/tr_languages.cpp
+@@ -198,7 +198,7 @@ static const unsigned short chars_ignore
+ 0x200d, 1, // zero width joiner
+ 0, 0 };
+
+-const char string_ordinal[] = {0xc2,0xba,0}; // masculine ordinal character, UTF-8
++const unsigned char string_ordinal[] = {0xc2,0xba,0}; // masculine ordinal character, UTF-8
+
+
+ static Translator* NewTranslator(void)
+@@ -758,7 +758,7 @@ Translator *SelectTranslator(const char
+ tr->langopts.stress_flags = S_FINAL_SPANISH | S_FINAL_DIM_ONLY | S_FINAL_NO_2;
+ tr->langopts.numbers = NUM_SINGLE_STRESS | NUM_DECIMAL_COMMA | NUM_AND_UNITS | NUM_OMIT_1_HUNDRED | NUM_OMIT_1_THOUSAND | NUM_ROMAN | NUM_ROMAN_ORDINAL;
+ tr->langopts.numbers2 = NUM2_ORDINAL_NO_AND;
+- tr->langopts.roman_suffix = string_ordinal;
++ tr->langopts.roman_suffix = (const char *)string_ordinal;
+ }
+ else
+ if(name2 == L_pap)
+++ /dev/null
---- a/src/portaudio.h
-+++ /dev/null
-@@ -1,466 +0,0 @@
--// NOTE: Copy this file to portaudio.h in order to compile with V18 portaudio
--
--
--#ifndef PORT_AUDIO_H
--#define PORT_AUDIO_H
--
--#ifdef __cplusplus
--extern "C"
--{
--#endif /* __cplusplus */
--
--/*
-- * $Id: portaudio.h,v 1.5 2002/03/26 18:04:22 philburk Exp $
-- * PortAudio Portable Real-Time Audio Library
-- * PortAudio API Header File
-- * Latest version available at: http://www.audiomulch.com/portaudio/
-- *
-- * Copyright (c) 1999-2000 Ross Bencina and Phil Burk
-- *
-- * Permission is hereby granted, free of charge, to any person obtaining
-- * a copy of this software and associated documentation files
-- * (the "Software"), to deal in the Software without restriction,
-- * including without limitation the rights to use, copy, modify, merge,
-- * publish, distribute, sublicense, and/or sell copies of the Software,
-- * and to permit persons to whom the Software is furnished to do so,
-- * subject to the following conditions:
-- *
-- * The above copyright notice and this permission notice shall be
-- * included in all copies or substantial portions of the Software.
-- *
-- * Any person wishing to distribute modifications to the Software is
-- * requested to send the modifications to the original developer so that
-- * they can be incorporated into the canonical version.
-- *
-- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
-- * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR
-- * ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
-- * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-- * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-- *
-- */
--
--typedef int PaError;
--typedef enum {
-- paNoError = 0,
--
-- paHostError = -10000,
-- paInvalidChannelCount,
-- paInvalidSampleRate,
-- paInvalidDeviceId,
-- paInvalidFlag,
-- paSampleFormatNotSupported,
-- paBadIODeviceCombination,
-- paInsufficientMemory,
-- paBufferTooBig,
-- paBufferTooSmall,
-- paNullCallback,
-- paBadStreamPtr,
-- paTimedOut,
-- paInternalError,
-- paDeviceUnavailable
--} PaErrorNum;
--
--/*
-- Pa_Initialize() is the library initialisation function - call this before
-- using the library.
--
--*/
--
--PaError Pa_Initialize( void );
--
--/*
-- Pa_Terminate() is the library termination function - call this after
-- using the library.
--
--*/
--
--PaError Pa_Terminate( void );
--
--/*
-- Pa_GetHostError() returns a host specific error code.
-- This can be called after receiving a PortAudio error code of paHostError.
--
--*/
--
--long Pa_GetHostError( void );
--
--/*
-- Pa_GetErrorText() translates the supplied PortAudio error number
-- into a human readable message.
--
--*/
--
--const char *Pa_GetErrorText( PaError errnum );
--
--/*
-- Sample formats
--
-- These are formats used to pass sound data between the callback and the
-- stream. Each device has a "native" format which may be used when optimum
-- efficiency or control over conversion is required.
--
-- Formats marked "always available" are supported (emulated) by all
-- PortAudio implementations.
--
-- The floating point representation (paFloat32) uses +1.0 and -1.0 as the
-- maximum and minimum respectively.
--
-- paUInt8 is an unsigned 8 bit format where 128 is considered "ground"
--
--*/
--
--typedef unsigned long PaSampleFormat;
--#define paFloat32 ((PaSampleFormat) (1<<0)) /*always available*/
--#define paInt16 ((PaSampleFormat) (1<<1)) /*always available*/
--#define paInt32 ((PaSampleFormat) (1<<2)) /*always available*/
--#define paInt24 ((PaSampleFormat) (1<<3))
--#define paPackedInt24 ((PaSampleFormat) (1<<4))
--#define paInt8 ((PaSampleFormat) (1<<5))
--#define paUInt8 ((PaSampleFormat) (1<<6))
--#define paCustomFormat ((PaSampleFormat) (1<<16))
--
--/*
-- Device enumeration mechanism.
--
-- Device ids range from 0 to Pa_CountDevices()-1.
--
-- Devices may support input, output or both.
--
--*/
--
--typedef int PaDeviceID;
--#define paNoDevice -1
--
--int Pa_CountDevices( void );
--
--typedef struct
--{
-- int structVersion;
-- const char *name;
-- int maxInputChannels;
-- int maxOutputChannels;
-- /* Number of discrete rates, or -1 if range supported. */
-- int numSampleRates;
-- /* Array of supported sample rates, or {min,max} if range supported. */
-- const double *sampleRates;
-- PaSampleFormat nativeSampleFormats;
--}
--PaDeviceInfo;
--
--/*
-- Pa_GetDefaultInputDeviceID(), Pa_GetDefaultOutputDeviceID() return the
-- default device ids for input and output respectively, or paNoDevice if
-- no device is available.
-- The result can be passed to Pa_OpenStream().
--
-- On the PC, the user can specify a default device by
-- setting an environment variable. For example, to use device #1.
--
-- set PA_RECOMMENDED_OUTPUT_DEVICE=1
--
-- The user should first determine the available device ids by using
-- the supplied application "pa_devs".
--
--*/
--
--PaDeviceID Pa_GetDefaultInputDeviceID( void );
--PaDeviceID Pa_GetDefaultOutputDeviceID( void );
--
--
--
--/*
-- Pa_GetDeviceInfo() returns a pointer to an immutable PaDeviceInfo structure
-- for the device specified.
-- If the device parameter is out of range the function returns NULL.
--
-- PortAudio manages the memory referenced by the returned pointer, the client
-- must not manipulate or free the memory. The pointer is only guaranteed to be
-- valid between calls to Pa_Initialize() and Pa_Terminate().
--
--*/
--
--const PaDeviceInfo* Pa_GetDeviceInfo( PaDeviceID device );
--
--/*
-- PaTimestamp is used to represent a continuous sample clock with arbitrary
-- start time that can be used for syncronization. The type is used for the
-- outTime argument to the PortAudioCallback and as the result of Pa_StreamTime()
--
--*/
--
--typedef double PaTimestamp;
--
--/*
-- PortAudioCallback is implemented by PortAudio clients.
--
-- inputBuffer and outputBuffer are arrays of interleaved samples,
-- the format, packing and number of channels used by the buffers are
-- determined by parameters to Pa_OpenStream() (see below).
--
-- framesPerBuffer is the number of sample frames to be processed by the callback.
--
-- outTime is the time in samples when the buffer(s) processed by
-- this callback will begin being played at the audio output.
-- See also Pa_StreamTime()
--
-- userData is the value of a user supplied pointer passed to Pa_OpenStream()
-- intended for storing synthesis data etc.
--
-- return value:
-- The callback can return a non-zero value to stop the stream. This may be
-- useful in applications such as soundfile players where a specific duration
-- of output is required. However, it is not necessary to utilise this mechanism
-- as StopStream() will also terminate the stream. A callback returning a
-- non-zero value must fill the entire outputBuffer.
--
-- NOTE: None of the other stream functions may be called from within the
-- callback function except for Pa_GetCPULoad().
--
--*/
--
--typedef int (PortAudioCallback)(
-- void *inputBuffer, void *outputBuffer,
-- unsigned long framesPerBuffer,
-- PaTimestamp outTime, void *userData );
--
--
--/*
-- Stream flags
--
-- These flags may be supplied (ored together) in the streamFlags argument to
-- the Pa_OpenStream() function.
--
--*/
--
--#define paNoFlag (0)
--#define paClipOff (1<<0) /* disable default clipping of out of range samples */
--#define paDitherOff (1<<1) /* disable default dithering */
--#define paPlatformSpecificFlags (0x00010000)
--typedef unsigned long PaStreamFlags;
--
--/*
-- A single PortAudioStream provides multiple channels of real-time
-- input and output audio streaming to a client application.
-- Pointers to PortAudioStream objects are passed between PortAudio functions.
--*/
--
--typedef void PortAudioStream;
--#define PaStream PortAudioStream
--
--/*
-- Pa_OpenStream() opens a stream for either input, output or both.
--
-- stream is the address of a PortAudioStream pointer which will receive
-- a pointer to the newly opened stream.
--
-- inputDevice is the id of the device used for input (see PaDeviceID above.)
-- inputDevice may be paNoDevice to indicate that an input device is not required.
--
-- numInputChannels is the number of channels of sound to be delivered to the
-- callback. It can range from 1 to the value of maxInputChannels in the
-- PaDeviceInfo record for the device specified by the inputDevice parameter.
-- If inputDevice is paNoDevice numInputChannels is ignored.
--
-- inputSampleFormat is the sample format of inputBuffer provided to the callback
-- function. inputSampleFormat may be any of the formats described by the
-- PaSampleFormat enumeration (see above). PortAudio guarantees support for
-- the device's native formats (nativeSampleFormats in the device info record)
-- and additionally 16 and 32 bit integer and 32 bit floating point formats.
-- Support for other formats is implementation defined.
--
-- inputDriverInfo is a pointer to an optional driver specific data structure
-- containing additional information for device setup or stream processing.
-- inputDriverInfo is never required for correct operation. If not used
-- inputDriverInfo should be NULL.
--
-- outputDevice is the id of the device used for output (see PaDeviceID above.)
-- outputDevice may be paNoDevice to indicate that an output device is not required.
--
-- numOutputChannels is the number of channels of sound to be supplied by the
-- callback. See the definition of numInputChannels above for more details.
--
-- outputSampleFormat is the sample format of the outputBuffer filled by the
-- callback function. See the definition of inputSampleFormat above for more
-- details.
--
-- outputDriverInfo is a pointer to an optional driver specific data structure
-- containing additional information for device setup or stream processing.
-- outputDriverInfo is never required for correct operation. If not used
-- outputDriverInfo should be NULL.
--
-- sampleRate is the desired sampleRate. For full-duplex streams it is the
-- sample rate for both input and output
--
-- framesPerBuffer is the length in sample frames of all internal sample buffers
-- used for communication with platform specific audio routines. Wherever
-- possible this corresponds to the framesPerBuffer parameter passed to the
-- callback function.
--
-- numberOfBuffers is the number of buffers used for multibuffered communication
-- with the platform specific audio routines. If you pass zero, then an optimum
-- value will be chosen for you internally. This parameter is provided only
-- as a guide - and does not imply that an implementation must use multibuffered
-- i/o when reliable double buffering is available (such as SndPlayDoubleBuffer()
-- on the Macintosh.)
--
-- streamFlags may contain a combination of flags ORed together.
-- These flags modify the behaviour of the streaming process. Some flags may only
-- be relevant to certain buffer formats.
--
-- callback is a pointer to a client supplied function that is responsible
-- for processing and filling input and output buffers (see above for details.)
--
-- userData is a client supplied pointer which is passed to the callback
-- function. It could for example, contain a pointer to instance data necessary
-- for processing the audio buffers.
--
-- return value:
-- Upon success Pa_OpenStream() returns PaNoError and places a pointer to a
-- valid PortAudioStream in the stream argument. The stream is inactive (stopped).
-- If a call to Pa_OpenStream() fails a non-zero error code is returned (see
-- PaError above) and the value of stream is invalid.
--
--*/
--
--PaError Pa_OpenStream( PortAudioStream** stream,
-- PaDeviceID inputDevice,
-- int numInputChannels,
-- PaSampleFormat inputSampleFormat,
-- void *inputDriverInfo,
-- PaDeviceID outputDevice,
-- int numOutputChannels,
-- PaSampleFormat outputSampleFormat,
-- void *outputDriverInfo,
-- double sampleRate,
-- unsigned long framesPerBuffer,
-- unsigned long numberOfBuffers,
-- PaStreamFlags streamFlags,
-- PortAudioCallback *callback,
-- void *userData );
--
--
--/*
-- Pa_OpenDefaultStream() is a simplified version of Pa_OpenStream() that opens
-- the default input and/or output devices. Most parameters have identical meaning
-- to their Pa_OpenStream() counterparts, with the following exceptions:
--
-- If either numInputChannels or numOutputChannels is 0 the respective device
-- is not opened. This has the same effect as passing paNoDevice in the device
-- arguments to Pa_OpenStream().
--
-- sampleFormat applies to both the input and output buffers.
--
--*/
--
--PaError Pa_OpenDefaultStream( PortAudioStream** stream,
-- int numInputChannels,
-- int numOutputChannels,
-- PaSampleFormat sampleFormat,
-- double sampleRate,
-- unsigned long framesPerBuffer,
-- unsigned long numberOfBuffers,
-- PortAudioCallback *callback,
-- void *userData );
--
--/*
-- Pa_CloseStream() closes an audio stream, flushing any pending buffers.
--
--*/
--
--PaError Pa_CloseStream( PortAudioStream* );
--
--/*
-- Pa_StartStream() and Pa_StopStream() begin and terminate audio processing.
-- Pa_StopStream() waits until all pending audio buffers have been played.
-- Pa_AbortStream() stops playing immediately without waiting for pending
-- buffers to complete.
--
--*/
--
--PaError Pa_StartStream( PortAudioStream *stream );
--
--PaError Pa_StopStream( PortAudioStream *stream );
--
--PaError Pa_AbortStream( PortAudioStream *stream );
--
--/*
-- Pa_StreamActive() returns one (1) when the stream is active (ie playing
-- or recording audio), zero (0) when not playing, or a negative error number
-- if the stream is invalid.
-- The stream is active between calls to Pa_StartStream() and Pa_StopStream(),
-- but may also become inactive if the callback returns a non-zero value.
-- In the latter case, the stream is considered inactive after the last
-- buffer has finished playing.
--
--*/
--
--PaError Pa_StreamActive( PortAudioStream *stream );
--
--/*
-- Pa_StreamTime() returns the current output time in samples for the stream.
-- This time may be used as a time reference (for example synchronizing audio to
-- MIDI).
--
--*/
--
--PaTimestamp Pa_StreamTime( PortAudioStream *stream );
--
--/*
-- Pa_GetCPULoad() returns the CPU Load for the stream.
-- The "CPU Load" is a fraction of total CPU time consumed by the stream's
-- audio processing routines including, but not limited to the client supplied
-- callback.
-- A value of 0.5 would imply that PortAudio and the sound generating
-- callback was consuming roughly 50% of the available CPU time.
-- This function may be called from the callback function or the application.
--
--*/
--
--double Pa_GetCPULoad( PortAudioStream* stream );
--
--/*
-- Pa_GetMinNumBuffers() returns the minimum number of buffers required by
-- the current host based on minimum latency.
-- On the PC, for the DirectSound implementation, latency can be optionally set
-- by user by setting an environment variable.
-- For example, to set latency to 200 msec, put:
--
-- set PA_MIN_LATENCY_MSEC=200
--
-- in the AUTOEXEC.BAT file and reboot.
-- If the environment variable is not set, then the latency will be determined
-- based on the OS. Windows NT has higher latency than Win95.
--
--*/
--
--int Pa_GetMinNumBuffers( int framesPerBuffer, double sampleRate );
--
--/*
-- Pa_Sleep() puts the caller to sleep for at least 'msec' milliseconds.
-- You may sleep longer than the requested time so don't rely on this for
-- accurate musical timing.
--
-- Pa_Sleep() is provided as a convenience for authors of portable code (such as
-- the tests and examples in the PortAudio distribution.)
--
--*/
--
--void Pa_Sleep( long msec );
--
--/*
-- Pa_GetSampleSize() returns the size in bytes of a single sample in the
-- supplied PaSampleFormat, or paSampleFormatNotSupported if the format is
-- no supported.
--
--*/
--
--PaError Pa_GetSampleSize( PaSampleFormat format );
--
--
--#ifdef __cplusplus
--}
--#endif /* __cplusplus */
--#endif /* PORT_AUDIO_H */
---- a/src/portaudio18.h
-+++ /dev/null
-@@ -1,466 +0,0 @@
--// NOTE: Copy this file to portaudio.h in order to compile with V18 portaudio
--
--
--#ifndef PORT_AUDIO_H
--#define PORT_AUDIO_H
--
--#ifdef __cplusplus
--extern "C"
--{
--#endif /* __cplusplus */
--
--/*
-- * $Id: portaudio.h,v 1.5 2002/03/26 18:04:22 philburk Exp $
-- * PortAudio Portable Real-Time Audio Library
-- * PortAudio API Header File
-- * Latest version available at: http://www.audiomulch.com/portaudio/
-- *
-- * Copyright (c) 1999-2000 Ross Bencina and Phil Burk
-- *
-- * Permission is hereby granted, free of charge, to any person obtaining
-- * a copy of this software and associated documentation files
-- * (the "Software"), to deal in the Software without restriction,
-- * including without limitation the rights to use, copy, modify, merge,
-- * publish, distribute, sublicense, and/or sell copies of the Software,
-- * and to permit persons to whom the Software is furnished to do so,
-- * subject to the following conditions:
-- *
-- * The above copyright notice and this permission notice shall be
-- * included in all copies or substantial portions of the Software.
-- *
-- * Any person wishing to distribute modifications to the Software is
-- * requested to send the modifications to the original developer so that
-- * they can be incorporated into the canonical version.
-- *
-- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
-- * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR
-- * ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
-- * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-- * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-- *
-- */
--
--typedef int PaError;
--typedef enum {
-- paNoError = 0,
--
-- paHostError = -10000,
-- paInvalidChannelCount,
-- paInvalidSampleRate,
-- paInvalidDeviceId,
-- paInvalidFlag,
-- paSampleFormatNotSupported,
-- paBadIODeviceCombination,
-- paInsufficientMemory,
-- paBufferTooBig,
-- paBufferTooSmall,
-- paNullCallback,
-- paBadStreamPtr,
-- paTimedOut,
-- paInternalError,
-- paDeviceUnavailable
--} PaErrorNum;
--
--/*
-- Pa_Initialize() is the library initialisation function - call this before
-- using the library.
--
--*/
--
--PaError Pa_Initialize( void );
--
--/*
-- Pa_Terminate() is the library termination function - call this after
-- using the library.
--
--*/
--
--PaError Pa_Terminate( void );
--
--/*
-- Pa_GetHostError() returns a host specific error code.
-- This can be called after receiving a PortAudio error code of paHostError.
--
--*/
--
--long Pa_GetHostError( void );
--
--/*
-- Pa_GetErrorText() translates the supplied PortAudio error number
-- into a human readable message.
--
--*/
--
--const char *Pa_GetErrorText( PaError errnum );
--
--/*
-- Sample formats
--
-- These are formats used to pass sound data between the callback and the
-- stream. Each device has a "native" format which may be used when optimum
-- efficiency or control over conversion is required.
--
-- Formats marked "always available" are supported (emulated) by all
-- PortAudio implementations.
--
-- The floating point representation (paFloat32) uses +1.0 and -1.0 as the
-- maximum and minimum respectively.
--
-- paUInt8 is an unsigned 8 bit format where 128 is considered "ground"
--
--*/
--
--typedef unsigned long PaSampleFormat;
--#define paFloat32 ((PaSampleFormat) (1<<0)) /*always available*/
--#define paInt16 ((PaSampleFormat) (1<<1)) /*always available*/
--#define paInt32 ((PaSampleFormat) (1<<2)) /*always available*/
--#define paInt24 ((PaSampleFormat) (1<<3))
--#define paPackedInt24 ((PaSampleFormat) (1<<4))
--#define paInt8 ((PaSampleFormat) (1<<5))
--#define paUInt8 ((PaSampleFormat) (1<<6))
--#define paCustomFormat ((PaSampleFormat) (1<<16))
--
--/*
-- Device enumeration mechanism.
--
-- Device ids range from 0 to Pa_CountDevices()-1.
--
-- Devices may support input, output or both.
--
--*/
--
--typedef int PaDeviceID;
--#define paNoDevice -1
--
--int Pa_CountDevices( void );
--
--typedef struct
--{
-- int structVersion;
-- const char *name;
-- int maxInputChannels;
-- int maxOutputChannels;
-- /* Number of discrete rates, or -1 if range supported. */
-- int numSampleRates;
-- /* Array of supported sample rates, or {min,max} if range supported. */
-- const double *sampleRates;
-- PaSampleFormat nativeSampleFormats;
--}
--PaDeviceInfo;
--
--/*
-- Pa_GetDefaultInputDeviceID(), Pa_GetDefaultOutputDeviceID() return the
-- default device ids for input and output respectively, or paNoDevice if
-- no device is available.
-- The result can be passed to Pa_OpenStream().
--
-- On the PC, the user can specify a default device by
-- setting an environment variable. For example, to use device #1.
--
-- set PA_RECOMMENDED_OUTPUT_DEVICE=1
--
-- The user should first determine the available device ids by using
-- the supplied application "pa_devs".
--
--*/
--
--PaDeviceID Pa_GetDefaultInputDeviceID( void );
--PaDeviceID Pa_GetDefaultOutputDeviceID( void );
--
--
--
--/*
-- Pa_GetDeviceInfo() returns a pointer to an immutable PaDeviceInfo structure
-- for the device specified.
-- If the device parameter is out of range the function returns NULL.
--
-- PortAudio manages the memory referenced by the returned pointer, the client
-- must not manipulate or free the memory. The pointer is only guaranteed to be
-- valid between calls to Pa_Initialize() and Pa_Terminate().
--
--*/
--
--const PaDeviceInfo* Pa_GetDeviceInfo( PaDeviceID device );
--
--/*
-- PaTimestamp is used to represent a continuous sample clock with arbitrary
-- start time that can be used for syncronization. The type is used for the
-- outTime argument to the PortAudioCallback and as the result of Pa_StreamTime()
--
--*/
--
--typedef double PaTimestamp;
--
--/*
-- PortAudioCallback is implemented by PortAudio clients.
--
-- inputBuffer and outputBuffer are arrays of interleaved samples,
-- the format, packing and number of channels used by the buffers are
-- determined by parameters to Pa_OpenStream() (see below).
--
-- framesPerBuffer is the number of sample frames to be processed by the callback.
--
-- outTime is the time in samples when the buffer(s) processed by
-- this callback will begin being played at the audio output.
-- See also Pa_StreamTime()
--
-- userData is the value of a user supplied pointer passed to Pa_OpenStream()
-- intended for storing synthesis data etc.
--
-- return value:
-- The callback can return a non-zero value to stop the stream. This may be
-- useful in applications such as soundfile players where a specific duration
-- of output is required. However, it is not necessary to utilise this mechanism
-- as StopStream() will also terminate the stream. A callback returning a
-- non-zero value must fill the entire outputBuffer.
--
-- NOTE: None of the other stream functions may be called from within the
-- callback function except for Pa_GetCPULoad().
--
--*/
--
--typedef int (PortAudioCallback)(
-- void *inputBuffer, void *outputBuffer,
-- unsigned long framesPerBuffer,
-- PaTimestamp outTime, void *userData );
--
--
--/*
-- Stream flags
--
-- These flags may be supplied (ored together) in the streamFlags argument to
-- the Pa_OpenStream() function.
--
--*/
--
--#define paNoFlag (0)
--#define paClipOff (1<<0) /* disable default clipping of out of range samples */
--#define paDitherOff (1<<1) /* disable default dithering */
--#define paPlatformSpecificFlags (0x00010000)
--typedef unsigned long PaStreamFlags;
--
--/*
-- A single PortAudioStream provides multiple channels of real-time
-- input and output audio streaming to a client application.
-- Pointers to PortAudioStream objects are passed between PortAudio functions.
--*/
--
--typedef void PortAudioStream;
--#define PaStream PortAudioStream
--
--/*
-- Pa_OpenStream() opens a stream for either input, output or both.
--
-- stream is the address of a PortAudioStream pointer which will receive
-- a pointer to the newly opened stream.
--
-- inputDevice is the id of the device used for input (see PaDeviceID above.)
-- inputDevice may be paNoDevice to indicate that an input device is not required.
--
-- numInputChannels is the number of channels of sound to be delivered to the
-- callback. It can range from 1 to the value of maxInputChannels in the
-- PaDeviceInfo record for the device specified by the inputDevice parameter.
-- If inputDevice is paNoDevice numInputChannels is ignored.
--
-- inputSampleFormat is the sample format of inputBuffer provided to the callback
-- function. inputSampleFormat may be any of the formats described by the
-- PaSampleFormat enumeration (see above). PortAudio guarantees support for
-- the device's native formats (nativeSampleFormats in the device info record)
-- and additionally 16 and 32 bit integer and 32 bit floating point formats.
-- Support for other formats is implementation defined.
--
-- inputDriverInfo is a pointer to an optional driver specific data structure
-- containing additional information for device setup or stream processing.
-- inputDriverInfo is never required for correct operation. If not used
-- inputDriverInfo should be NULL.
--
-- outputDevice is the id of the device used for output (see PaDeviceID above.)
-- outputDevice may be paNoDevice to indicate that an output device is not required.
--
-- numOutputChannels is the number of channels of sound to be supplied by the
-- callback. See the definition of numInputChannels above for more details.
--
-- outputSampleFormat is the sample format of the outputBuffer filled by the
-- callback function. See the definition of inputSampleFormat above for more
-- details.
--
-- outputDriverInfo is a pointer to an optional driver specific data structure
-- containing additional information for device setup or stream processing.
-- outputDriverInfo is never required for correct operation. If not used
-- outputDriverInfo should be NULL.
--
-- sampleRate is the desired sampleRate. For full-duplex streams it is the
-- sample rate for both input and output
--
-- framesPerBuffer is the length in sample frames of all internal sample buffers
-- used for communication with platform specific audio routines. Wherever
-- possible this corresponds to the framesPerBuffer parameter passed to the
-- callback function.
--
-- numberOfBuffers is the number of buffers used for multibuffered communication
-- with the platform specific audio routines. If you pass zero, then an optimum
-- value will be chosen for you internally. This parameter is provided only
-- as a guide - and does not imply that an implementation must use multibuffered
-- i/o when reliable double buffering is available (such as SndPlayDoubleBuffer()
-- on the Macintosh.)
--
-- streamFlags may contain a combination of flags ORed together.
-- These flags modify the behaviour of the streaming process. Some flags may only
-- be relevant to certain buffer formats.
--
-- callback is a pointer to a client supplied function that is responsible
-- for processing and filling input and output buffers (see above for details.)
--
-- userData is a client supplied pointer which is passed to the callback
-- function. It could for example, contain a pointer to instance data necessary
-- for processing the audio buffers.
--
-- return value:
-- Upon success Pa_OpenStream() returns PaNoError and places a pointer to a
-- valid PortAudioStream in the stream argument. The stream is inactive (stopped).
-- If a call to Pa_OpenStream() fails a non-zero error code is returned (see
-- PaError above) and the value of stream is invalid.
--
--*/
--
--PaError Pa_OpenStream( PortAudioStream** stream,
-- PaDeviceID inputDevice,
-- int numInputChannels,
-- PaSampleFormat inputSampleFormat,
-- void *inputDriverInfo,
-- PaDeviceID outputDevice,
-- int numOutputChannels,
-- PaSampleFormat outputSampleFormat,
-- void *outputDriverInfo,
-- double sampleRate,
-- unsigned long framesPerBuffer,
-- unsigned long numberOfBuffers,
-- PaStreamFlags streamFlags,
-- PortAudioCallback *callback,
-- void *userData );
--
--
--/*
-- Pa_OpenDefaultStream() is a simplified version of Pa_OpenStream() that opens
-- the default input and/or output devices. Most parameters have identical meaning
-- to their Pa_OpenStream() counterparts, with the following exceptions:
--
-- If either numInputChannels or numOutputChannels is 0 the respective device
-- is not opened. This has the same effect as passing paNoDevice in the device
-- arguments to Pa_OpenStream().
--
-- sampleFormat applies to both the input and output buffers.
--
--*/
--
--PaError Pa_OpenDefaultStream( PortAudioStream** stream,
-- int numInputChannels,
-- int numOutputChannels,
-- PaSampleFormat sampleFormat,
-- double sampleRate,
-- unsigned long framesPerBuffer,
-- unsigned long numberOfBuffers,
-- PortAudioCallback *callback,
-- void *userData );
--
--/*
-- Pa_CloseStream() closes an audio stream, flushing any pending buffers.
--
--*/
--
--PaError Pa_CloseStream( PortAudioStream* );
--
--/*
-- Pa_StartStream() and Pa_StopStream() begin and terminate audio processing.
-- Pa_StopStream() waits until all pending audio buffers have been played.
-- Pa_AbortStream() stops playing immediately without waiting for pending
-- buffers to complete.
--
--*/
--
--PaError Pa_StartStream( PortAudioStream *stream );
--
--PaError Pa_StopStream( PortAudioStream *stream );
--
--PaError Pa_AbortStream( PortAudioStream *stream );
--
--/*
-- Pa_StreamActive() returns one (1) when the stream is active (ie playing
-- or recording audio), zero (0) when not playing, or a negative error number
-- if the stream is invalid.
-- The stream is active between calls to Pa_StartStream() and Pa_StopStream(),
-- but may also become inactive if the callback returns a non-zero value.
-- In the latter case, the stream is considered inactive after the last
-- buffer has finished playing.
--
--*/
--
--PaError Pa_StreamActive( PortAudioStream *stream );
--
--/*
-- Pa_StreamTime() returns the current output time in samples for the stream.
-- This time may be used as a time reference (for example synchronizing audio to
-- MIDI).
--
--*/
--
--PaTimestamp Pa_StreamTime( PortAudioStream *stream );
--
--/*
-- Pa_GetCPULoad() returns the CPU Load for the stream.
-- The "CPU Load" is a fraction of total CPU time consumed by the stream's
-- audio processing routines including, but not limited to the client supplied
-- callback.
-- A value of 0.5 would imply that PortAudio and the sound generating
-- callback was consuming roughly 50% of the available CPU time.
-- This function may be called from the callback function or the application.
--
--*/
--
--double Pa_GetCPULoad( PortAudioStream* stream );
--
--/*
-- Pa_GetMinNumBuffers() returns the minimum number of buffers required by
-- the current host based on minimum latency.
-- On the PC, for the DirectSound implementation, latency can be optionally set
-- by user by setting an environment variable.
-- For example, to set latency to 200 msec, put:
--
-- set PA_MIN_LATENCY_MSEC=200
--
-- in the AUTOEXEC.BAT file and reboot.
-- If the environment variable is not set, then the latency will be determined
-- based on the OS. Windows NT has higher latency than Win95.
--
--*/
--
--int Pa_GetMinNumBuffers( int framesPerBuffer, double sampleRate );
--
--/*
-- Pa_Sleep() puts the caller to sleep for at least 'msec' milliseconds.
-- You may sleep longer than the requested time so don't rely on this for
-- accurate musical timing.
--
-- Pa_Sleep() is provided as a convenience for authors of portable code (such as
-- the tests and examples in the PortAudio distribution.)
--
--*/
--
--void Pa_Sleep( long msec );
--
--/*
-- Pa_GetSampleSize() returns the size in bytes of a single sample in the
-- supplied PaSampleFormat, or paSampleFormatNotSupported if the format is
-- no supported.
--
--*/
--
--PaError Pa_GetSampleSize( PaSampleFormat format );
--
--
--#ifdef __cplusplus
--}
--#endif /* __cplusplus */
--#endif /* PORT_AUDIO_H */
---- a/src/portaudio19.h
-+++ /dev/null
-@@ -1,1127 +0,0 @@
--// NOTE: Copy this file to portaudio.h in order to compile with V19 portaudio
--
--#ifndef PORTAUDIO_H
--#define PORTAUDIO_H
--/*
-- * $Id: portaudio.h 1061 2006-06-19 22:46:41Z lschwardt $
-- * PortAudio Portable Real-Time Audio Library
-- * PortAudio API Header File
-- * Latest version available at: http://www.portaudio.com/
-- *
-- * Copyright (c) 1999-2002 Ross Bencina and Phil Burk
-- *
-- * Permission is hereby granted, free of charge, to any person obtaining
-- * a copy of this software and associated documentation files
-- * (the "Software"), to deal in the Software without restriction,
-- * including without limitation the rights to use, copy, modify, merge,
-- * publish, distribute, sublicense, and/or sell copies of the Software,
-- * and to permit persons to whom the Software is furnished to do so,
-- * subject to the following conditions:
-- *
-- * The above copyright notice and this permission notice shall be
-- * included in all copies or substantial portions of the Software.
-- *
-- * Any person wishing to distribute modifications to the Software is
-- * requested to send the modifications to the original developer so that
-- * they can be incorporated into the canonical version.
-- *
-- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
-- * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR
-- * ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
-- * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-- * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-- */
--
--/** @file
-- @brief The PortAudio API.
--*/
--
--
--#ifdef __cplusplus
--extern "C"
--{
--#endif /* __cplusplus */
--
--
--/** Retrieve the release number of the currently running PortAudio build,
-- eg 1900.
--*/
--int Pa_GetVersion( void );
--
--
--/** Retrieve a textual description of the current PortAudio build,
-- eg "PortAudio V19-devel 13 October 2002".
--*/
--const char* Pa_GetVersionText( void );
--
--
--/** Error codes returned by PortAudio functions.
-- Note that with the exception of paNoError, all PaErrorCodes are negative.
--*/
--
--typedef int PaError;
--typedef enum PaErrorCode
--{
-- paNoError = 0,
--
-- paNotInitialized = -10000,
-- paUnanticipatedHostError,
-- paInvalidChannelCount,
-- paInvalidSampleRate,
-- paInvalidDevice,
-- paInvalidFlag,
-- paSampleFormatNotSupported,
-- paBadIODeviceCombination,
-- paInsufficientMemory,
-- paBufferTooBig,
-- paBufferTooSmall,
-- paNullCallback,
-- paBadStreamPtr,
-- paTimedOut,
-- paInternalError,
-- paDeviceUnavailable,
-- paIncompatibleHostApiSpecificStreamInfo,
-- paStreamIsStopped,
-- paStreamIsNotStopped,
-- paInputOverflowed,
-- paOutputUnderflowed,
-- paHostApiNotFound,
-- paInvalidHostApi,
-- paCanNotReadFromACallbackStream, /**< @todo review error code name */
-- paCanNotWriteToACallbackStream, /**< @todo review error code name */
-- paCanNotReadFromAnOutputOnlyStream, /**< @todo review error code name */
-- paCanNotWriteToAnInputOnlyStream, /**< @todo review error code name */
-- paIncompatibleStreamHostApi,
-- paBadBufferPtr
--} PaErrorCode;
--
--
--/** Translate the supplied PortAudio error code into a human readable
-- message.
--*/
--const char *Pa_GetErrorText( PaError errorCode );
--
--
--/** Library initialization function - call this before using PortAudio.
-- This function initialises internal data structures and prepares underlying
-- host APIs for use. This function MUST be called before using any other
-- PortAudio API functions.
--
-- If Pa_Initialize() is called multiple times, each successful
-- call must be matched with a corresponding call to Pa_Terminate().
-- Pairs of calls to Pa_Initialize()/Pa_Terminate() may overlap, and are not
-- required to be fully nested.
--
-- Note that if Pa_Initialize() returns an error code, Pa_Terminate() should
-- NOT be called.
--
-- @return paNoError if successful, otherwise an error code indicating the cause
-- of failure.
--
-- @see Pa_Terminate
--*/
--PaError Pa_Initialize( void );
--
--
--/** Library termination function - call this when finished using PortAudio.
-- This function deallocates all resources allocated by PortAudio since it was
-- initializied by a call to Pa_Initialize(). In cases where Pa_Initialise() has
-- been called multiple times, each call must be matched with a corresponding call
-- to Pa_Terminate(). The final matching call to Pa_Terminate() will automatically
-- close any PortAudio streams that are still open.
--
-- Pa_Terminate() MUST be called before exiting a program which uses PortAudio.
-- Failure to do so may result in serious resource leaks, such as audio devices
-- not being available until the next reboot.
--
-- @return paNoError if successful, otherwise an error code indicating the cause
-- of failure.
--
-- @see Pa_Initialize
--*/
--PaError Pa_Terminate( void );
--
--
--
--/** The type used to refer to audio devices. Values of this type usually
-- range from 0 to (Pa_DeviceCount-1), and may also take on the PaNoDevice
-- and paUseHostApiSpecificDeviceSpecification values.
--
-- @see Pa_DeviceCount, paNoDevice, paUseHostApiSpecificDeviceSpecification
--*/
--typedef int PaDeviceIndex;
--
--
--/** A special PaDeviceIndex value indicating that no device is available,
-- or should be used.
--
-- @see PaDeviceIndex
--*/
--#define paNoDevice ((PaDeviceIndex)-1)
--
--
--/** A special PaDeviceIndex value indicating that the device(s) to be used
-- are specified in the host api specific stream info structure.
--
-- @see PaDeviceIndex
--*/
--#define paUseHostApiSpecificDeviceSpecification ((PaDeviceIndex)-2)
--
--
--/* Host API enumeration mechanism */
--
--/** The type used to enumerate to host APIs at runtime. Values of this type
-- range from 0 to (Pa_GetHostApiCount()-1).
--
-- @see Pa_GetHostApiCount
--*/
--typedef int PaHostApiIndex;
--
--
--/** Retrieve the number of available host APIs. Even if a host API is
-- available it may have no devices available.
--
-- @return A non-negative value indicating the number of available host APIs
-- or, a PaErrorCode (which are always negative) if PortAudio is not initialized
-- or an error is encountered.
--
-- @see PaHostApiIndex
--*/
--PaHostApiIndex Pa_GetHostApiCount( void );
--
--
--/** Retrieve the index of the default host API. The default host API will be
-- the lowest common denominator host API on the current platform and is
-- unlikely to provide the best performance.
--
-- @return A non-negative value ranging from 0 to (Pa_GetHostApiCount()-1)
-- indicating the default host API index or, a PaErrorCode (which are always
-- negative) if PortAudio is not initialized or an error is encountered.
--*/
--PaHostApiIndex Pa_GetDefaultHostApi( void );
--
--
--/** Unchanging unique identifiers for each supported host API. This type
-- is used in the PaHostApiInfo structure. The values are guaranteed to be
-- unique and to never change, thus allowing code to be written that
-- conditionally uses host API specific extensions.
--
-- New type ids will be allocated when support for a host API reaches
-- "public alpha" status, prior to that developers should use the
-- paInDevelopment type id.
--
-- @see PaHostApiInfo
--*/
--typedef enum PaHostApiTypeId
--{
-- paInDevelopment=0, /* use while developing support for a new host API */
-- paDirectSound=1,
-- paMME=2,
-- paASIO=3,
-- paSoundManager=4,
-- paCoreAudio=5,
-- paOSS=7,
-- paALSA=8,
-- paAL=9,
-- paBeOS=10,
-- paWDMKS=11,
-- paJACK=12,
-- paWASAPI=13,
-- paAudioScienceHPI=14
--} PaHostApiTypeId;
--
--
--/** A structure containing information about a particular host API. */
--
--typedef struct PaHostApiInfo
--{
-- /** this is struct version 1 */
-- int structVersion;
-- /** The well known unique identifier of this host API @see PaHostApiTypeId */
-- PaHostApiTypeId type;
-- /** A textual description of the host API for display on user interfaces. */
-- const char *name;
--
-- /** The number of devices belonging to this host API. This field may be
-- used in conjunction with Pa_HostApiDeviceIndexToDeviceIndex() to enumerate
-- all devices for this host API.
-- @see Pa_HostApiDeviceIndexToDeviceIndex
-- */
-- int deviceCount;
--
-- /** The default input device for this host API. The value will be a
-- device index ranging from 0 to (Pa_GetDeviceCount()-1), or paNoDevice
-- if no default input device is available.
-- */
-- PaDeviceIndex defaultInputDevice;
--
-- /** The default output device for this host API. The value will be a
-- device index ranging from 0 to (Pa_GetDeviceCount()-1), or paNoDevice
-- if no default output device is available.
-- */
-- PaDeviceIndex defaultOutputDevice;
--
--} PaHostApiInfo;
--
--
--/** Retrieve a pointer to a structure containing information about a specific
-- host Api.
--
-- @param hostApi A valid host API index ranging from 0 to (Pa_GetHostApiCount()-1)
--
-- @return A pointer to an immutable PaHostApiInfo structure describing
-- a specific host API. If the hostApi parameter is out of range or an error
-- is encountered, the function returns NULL.
--
-- The returned structure is owned by the PortAudio implementation and must not
-- be manipulated or freed. The pointer is only guaranteed to be valid between
-- calls to Pa_Initialize() and Pa_Terminate().
--*/
--const PaHostApiInfo * Pa_GetHostApiInfo( PaHostApiIndex hostApi );
--
--
--/** Convert a static host API unique identifier, into a runtime
-- host API index.
--
-- @param type A unique host API identifier belonging to the PaHostApiTypeId
-- enumeration.
--
-- @return A valid PaHostApiIndex ranging from 0 to (Pa_GetHostApiCount()-1) or,
-- a PaErrorCode (which are always negative) if PortAudio is not initialized
-- or an error is encountered.
--
-- The paHostApiNotFound error code indicates that the host API specified by the
-- type parameter is not available.
--
-- @see PaHostApiTypeId
--*/
--PaHostApiIndex Pa_HostApiTypeIdToHostApiIndex( PaHostApiTypeId type );
--
--
--/** Convert a host-API-specific device index to standard PortAudio device index.
-- This function may be used in conjunction with the deviceCount field of
-- PaHostApiInfo to enumerate all devices for the specified host API.
--
-- @param hostApi A valid host API index ranging from 0 to (Pa_GetHostApiCount()-1)
--
-- @param hostApiDeviceIndex A valid per-host device index in the range
-- 0 to (Pa_GetHostApiInfo(hostApi)->deviceCount-1)
--
-- @return A non-negative PaDeviceIndex ranging from 0 to (Pa_GetDeviceCount()-1)
-- or, a PaErrorCode (which are always negative) if PortAudio is not initialized
-- or an error is encountered.
--
-- A paInvalidHostApi error code indicates that the host API index specified by
-- the hostApi parameter is out of range.
--
-- A paInvalidDevice error code indicates that the hostApiDeviceIndex parameter
-- is out of range.
--
-- @see PaHostApiInfo
--*/
--PaDeviceIndex Pa_HostApiDeviceIndexToDeviceIndex( PaHostApiIndex hostApi,
-- int hostApiDeviceIndex );
--
--
--
--/** Structure used to return information about a host error condition.
--*/
--typedef struct PaHostErrorInfo{
-- PaHostApiTypeId hostApiType; /**< the host API which returned the error code */
-- long errorCode; /**< the error code returned */
-- const char *errorText; /**< a textual description of the error if available, otherwise a zero-length string */
--}PaHostErrorInfo;
--
--
--/** Return information about the last host error encountered. The error
-- information returned by Pa_GetLastHostErrorInfo() will never be modified
-- asyncronously by errors occurring in other PortAudio owned threads
-- (such as the thread that manages the stream callback.)
--
-- This function is provided as a last resort, primarily to enhance debugging
-- by providing clients with access to all available error information.
--
-- @return A pointer to an immutable structure constaining information about
-- the host error. The values in this structure will only be valid if a
-- PortAudio function has previously returned the paUnanticipatedHostError
-- error code.
--*/
--const PaHostErrorInfo* Pa_GetLastHostErrorInfo( void );
--
--
--
--/* Device enumeration and capabilities */
--
--/** Retrieve the number of available devices. The number of available devices
-- may be zero.
--
-- @return A non-negative value indicating the number of available devices or,
-- a PaErrorCode (which are always negative) if PortAudio is not initialized
-- or an error is encountered.
--*/
--PaDeviceIndex Pa_GetDeviceCount( void );
--
--
--/** Retrieve the index of the default input device. The result can be
-- used in the inputDevice parameter to Pa_OpenStream().
--
-- @return The default input device index for the default host API, or paNoDevice
-- if no default input device is available or an error was encountered.
--*/
--PaDeviceIndex Pa_GetDefaultInputDevice( void );
--
--
--/** Retrieve the index of the default output device. The result can be
-- used in the outputDevice parameter to Pa_OpenStream().
--
-- @return The default output device index for the defualt host API, or paNoDevice
-- if no default output device is available or an error was encountered.
--
-- @note
-- On the PC, the user can specify a default device by
-- setting an environment variable. For example, to use device #1.
--<pre>
-- set PA_RECOMMENDED_OUTPUT_DEVICE=1
--</pre>
-- The user should first determine the available device ids by using
-- the supplied application "pa_devs".
--*/
--PaDeviceIndex Pa_GetDefaultOutputDevice( void );
--
--
--/** The type used to represent monotonic time in seconds that can be used
-- for syncronisation. The type is used for the outTime argument to the
-- PaStreamCallback and as the result of Pa_GetStreamTime().
--
-- @see PaStreamCallback, Pa_GetStreamTime
--*/
--typedef double PaTime;
--
--
--/** A type used to specify one or more sample formats. Each value indicates
-- a possible format for sound data passed to and from the stream callback,
-- Pa_ReadStream and Pa_WriteStream.
--
-- The standard formats paFloat32, paInt16, paInt32, paInt24, paInt8
-- and aUInt8 are usually implemented by all implementations.
--
-- The floating point representation (paFloat32) uses +1.0 and -1.0 as the
-- maximum and minimum respectively.
--
-- paUInt8 is an unsigned 8 bit format where 128 is considered "ground"
--
-- The paNonInterleaved flag indicates that a multichannel buffer is passed
-- as a set of non-interleaved pointers.
--
-- @see Pa_OpenStream, Pa_OpenDefaultStream, PaDeviceInfo
-- @see paFloat32, paInt16, paInt32, paInt24, paInt8
-- @see paUInt8, paCustomFormat, paNonInterleaved
--*/
--typedef unsigned long PaSampleFormat;
--
--
--#define paFloat32 ((PaSampleFormat) 0x00000001) /**< @see PaSampleFormat */
--#define paInt32 ((PaSampleFormat) 0x00000002) /**< @see PaSampleFormat */
--#define paInt24 ((PaSampleFormat) 0x00000004) /**< Packed 24 bit format. @see PaSampleFormat */
--#define paInt16 ((PaSampleFormat) 0x00000008) /**< @see PaSampleFormat */
--#define paInt8 ((PaSampleFormat) 0x00000010) /**< @see PaSampleFormat */
--#define paUInt8 ((PaSampleFormat) 0x00000020) /**< @see PaSampleFormat */
--#define paCustomFormat ((PaSampleFormat) 0x00010000)/**< @see PaSampleFormat */
--
--#define paNonInterleaved ((PaSampleFormat) 0x80000000)
--
--/** A structure providing information and capabilities of PortAudio devices.
-- Devices may support input, output or both input and output.
--*/
--typedef struct PaDeviceInfo
--{
-- int structVersion; /* this is struct version 2 */
-- const char *name;
-- PaHostApiIndex hostApi; /* note this is a host API index, not a type id*/
--
-- int maxInputChannels;
-- int maxOutputChannels;
--
-- /* Default latency values for interactive performance. */
-- PaTime defaultLowInputLatency;
-- PaTime defaultLowOutputLatency;
-- /* Default latency values for robust non-interactive applications (eg. playing sound files). */
-- PaTime defaultHighInputLatency;
-- PaTime defaultHighOutputLatency;
--
-- double defaultSampleRate;
--} PaDeviceInfo;
--
--
--/** Retrieve a pointer to a PaDeviceInfo structure containing information
-- about the specified device.
-- @return A pointer to an immutable PaDeviceInfo structure. If the device
-- parameter is out of range the function returns NULL.
--
-- @param device A valid device index in the range 0 to (Pa_GetDeviceCount()-1)
--
-- @note PortAudio manages the memory referenced by the returned pointer,
-- the client must not manipulate or free the memory. The pointer is only
-- guaranteed to be valid between calls to Pa_Initialize() and Pa_Terminate().
--
-- @see PaDeviceInfo, PaDeviceIndex
--*/
--const PaDeviceInfo* Pa_GetDeviceInfo( PaDeviceIndex device );
--
--
--/** Parameters for one direction (input or output) of a stream.
--*/
--typedef struct PaStreamParameters
--{
-- /** A valid device index in the range 0 to (Pa_GetDeviceCount()-1)
-- specifying the device to be used or the special constant
-- paUseHostApiSpecificDeviceSpecification which indicates that the actual
-- device(s) to use are specified in hostApiSpecificStreamInfo.
-- This field must not be set to paNoDevice.
-- */
-- PaDeviceIndex device;
--
-- /** The number of channels of sound to be delivered to the
-- stream callback or accessed by Pa_ReadStream() or Pa_WriteStream().
-- It can range from 1 to the value of maxInputChannels in the
-- PaDeviceInfo record for the device specified by the device parameter.
-- */
-- int channelCount;
--
-- /** The sample format of the buffer provided to the stream callback,
-- a_ReadStream() or Pa_WriteStream(). It may be any of the formats described
-- by the PaSampleFormat enumeration.
-- */
-- PaSampleFormat sampleFormat;
--
-- /** The desired latency in seconds. Where practical, implementations should
-- configure their latency based on these parameters, otherwise they may
-- choose the closest viable latency instead. Unless the suggested latency
-- is greater than the absolute upper limit for the device implementations
-- should round the suggestedLatency up to the next practial value - ie to
-- provide an equal or higher latency than suggestedLatency wherever possibe.
-- Actual latency values for an open stream may be retrieved using the
-- inputLatency and outputLatency fields of the PaStreamInfo structure
-- returned by Pa_GetStreamInfo().
-- @see default*Latency in PaDeviceInfo, *Latency in PaStreamInfo
-- */
-- PaTime suggestedLatency;
--
-- /** An optional pointer to a host api specific data structure
-- containing additional information for device setup and/or stream processing.
-- hostApiSpecificStreamInfo is never required for correct operation,
-- if not used it should be set to NULL.
-- */
-- void *hostApiSpecificStreamInfo;
--
--} PaStreamParameters;
--
--
--/** Return code for Pa_IsFormatSupported indicating success. */
--#define paFormatIsSupported (0)
--
--/** Determine whether it would be possible to open a stream with the specified
-- parameters.
--
-- @param inputParameters A structure that describes the input parameters used to
-- open a stream. The suggestedLatency field is ignored. See PaStreamParameters
-- for a description of these parameters. inputParameters must be NULL for
-- output-only streams.
--
-- @param outputParameters A structure that describes the output parameters used
-- to open a stream. The suggestedLatency field is ignored. See PaStreamParameters
-- for a description of these parameters. outputParameters must be NULL for
-- input-only streams.
--
-- @param sampleRate The required sampleRate. For full-duplex streams it is the
-- sample rate for both input and output
--
-- @return Returns 0 if the format is supported, and an error code indicating why
-- the format is not supported otherwise. The constant paFormatIsSupported is
-- provided to compare with the return value for success.
--
-- @see paFormatIsSupported, PaStreamParameters
--*/
--PaError Pa_IsFormatSupported( const PaStreamParameters *inputParameters,
-- const PaStreamParameters *outputParameters,
-- double sampleRate );
--
--
--
--/* Streaming types and functions */
--
--
--/**
-- A single PaStream can provide multiple channels of real-time
-- streaming audio input and output to a client application. A stream
-- provides access to audio hardware represented by one or more
-- PaDevices. Depending on the underlying Host API, it may be possible
-- to open multiple streams using the same device, however this behavior
-- is implementation defined. Portable applications should assume that
-- a PaDevice may be simultaneously used by at most one PaStream.
--
-- Pointers to PaStream objects are passed between PortAudio functions that
-- operate on streams.
--
-- @see Pa_OpenStream, Pa_OpenDefaultStream, Pa_OpenDefaultStream, Pa_CloseStream,
-- Pa_StartStream, Pa_StopStream, Pa_AbortStream, Pa_IsStreamActive,
-- Pa_GetStreamTime, Pa_GetStreamCpuLoad
--
--*/
--typedef void PaStream;
--
--
--/** Can be passed as the framesPerBuffer parameter to Pa_OpenStream()
-- or Pa_OpenDefaultStream() to indicate that the stream callback will
-- accept buffers of any size.
--*/
--#define paFramesPerBufferUnspecified (0)
--
--
--/** Flags used to control the behavior of a stream. They are passed as
-- parameters to Pa_OpenStream or Pa_OpenDefaultStream. Multiple flags may be
-- ORed together.
--
-- @see Pa_OpenStream, Pa_OpenDefaultStream
-- @see paNoFlag, paClipOff, paDitherOff, paNeverDropInput,
-- paPrimeOutputBuffersUsingStreamCallback, paPlatformSpecificFlags
--*/
--typedef unsigned long PaStreamFlags;
--
--/** @see PaStreamFlags */
--#define paNoFlag ((PaStreamFlags) 0)
--
--/** Disable default clipping of out of range samples.
-- @see PaStreamFlags
--*/
--#define paClipOff ((PaStreamFlags) 0x00000001)
--
--/** Disable default dithering.
-- @see PaStreamFlags
--*/
--#define paDitherOff ((PaStreamFlags) 0x00000002)
--
--/** Flag requests that where possible a full duplex stream will not discard
-- overflowed input samples without calling the stream callback. This flag is
-- only valid for full duplex callback streams and only when used in combination
-- with the paFramesPerBufferUnspecified (0) framesPerBuffer parameter. Using
-- this flag incorrectly results in a paInvalidFlag error being returned from
-- Pa_OpenStream and Pa_OpenDefaultStream.
--
-- @see PaStreamFlags, paFramesPerBufferUnspecified
--*/
--#define paNeverDropInput ((PaStreamFlags) 0x00000004)
--
--/** Call the stream callback to fill initial output buffers, rather than the
-- default behavior of priming the buffers with zeros (silence). This flag has
-- no effect for input-only and blocking read/write streams.
--
-- @see PaStreamFlags
--*/
--#define paPrimeOutputBuffersUsingStreamCallback ((PaStreamFlags) 0x00000008)
--
--/** A mask specifying the platform specific bits.
-- @see PaStreamFlags
--*/
--#define paPlatformSpecificFlags ((PaStreamFlags)0xFFFF0000)
--
--/**
-- Timing information for the buffers passed to the stream callback.
--*/
--typedef struct PaStreamCallbackTimeInfo{
-- PaTime inputBufferAdcTime;
-- PaTime currentTime;
-- PaTime outputBufferDacTime;
--} PaStreamCallbackTimeInfo;
--
--
--/**
-- Flag bit constants for the statusFlags to PaStreamCallback.
--
-- @see paInputUnderflow, paInputOverflow, paOutputUnderflow, paOutputOverflow,
-- paPrimingOutput
--*/
--typedef unsigned long PaStreamCallbackFlags;
--
--/** In a stream opened with paFramesPerBufferUnspecified, indicates that
-- input data is all silence (zeros) because no real data is available. In a
-- stream opened without paFramesPerBufferUnspecified, it indicates that one or
-- more zero samples have been inserted into the input buffer to compensate
-- for an input underflow.
-- @see PaStreamCallbackFlags
--*/
--#define paInputUnderflow ((PaStreamCallbackFlags) 0x00000001)
--
--/** In a stream opened with paFramesPerBufferUnspecified, indicates that data
-- prior to the first sample of the input buffer was discarded due to an
-- overflow, possibly because the stream callback is using too much CPU time.
-- Otherwise indicates that data prior to one or more samples in the
-- input buffer was discarded.
-- @see PaStreamCallbackFlags
--*/
--#define paInputOverflow ((PaStreamCallbackFlags) 0x00000002)
--
--/** Indicates that output data (or a gap) was inserted, possibly because the
-- stream callback is using too much CPU time.
-- @see PaStreamCallbackFlags
--*/
--#define paOutputUnderflow ((PaStreamCallbackFlags) 0x00000004)
--
--/** Indicates that output data will be discarded because no room is available.
-- @see PaStreamCallbackFlags
--*/
--#define paOutputOverflow ((PaStreamCallbackFlags) 0x00000008)
--
--/** Some of all of the output data will be used to prime the stream, input
-- data may be zero.
-- @see PaStreamCallbackFlags
--*/
--#define paPrimingOutput ((PaStreamCallbackFlags) 0x00000010)
--
--/**
-- Allowable return values for the PaStreamCallback.
-- @see PaStreamCallback
--*/
--typedef enum PaStreamCallbackResult
--{
-- paContinue=0,
-- paComplete=1,
-- paAbort=2
--} PaStreamCallbackResult;
--
--
--/**
-- Functions of type PaStreamCallback are implemented by PortAudio clients.
-- They consume, process or generate audio in response to requests from an
-- active PortAudio stream.
--
-- @param input and @param output are arrays of interleaved samples,
-- the format, packing and number of channels used by the buffers are
-- determined by parameters to Pa_OpenStream().
--
-- @param frameCount The number of sample frames to be processed by
-- the stream callback.
--
-- @param timeInfo The time in seconds when the first sample of the input
-- buffer was received at the audio input, the time in seconds when the first
-- sample of the output buffer will begin being played at the audio output, and
-- the time in seconds when the stream callback was called.
-- See also Pa_GetStreamTime()
--
-- @param statusFlags Flags indicating whether input and/or output buffers
-- have been inserted or will be dropped to overcome underflow or overflow
-- conditions.
--
-- @param userData The value of a user supplied pointer passed to
-- Pa_OpenStream() intended for storing synthesis data etc.
--
-- @return
-- The stream callback should return one of the values in the
-- PaStreamCallbackResult enumeration. To ensure that the callback continues
-- to be called, it should return paContinue (0). Either paComplete or paAbort
-- can be returned to finish stream processing, after either of these values is
-- returned the callback will not be called again. If paAbort is returned the
-- stream will finish as soon as possible. If paComplete is returned, the stream
-- will continue until all buffers generated by the callback have been played.
-- This may be useful in applications such as soundfile players where a specific
-- duration of output is required. However, it is not necessary to utilise this
-- mechanism as Pa_StopStream(), Pa_AbortStream() or Pa_CloseStream() can also
-- be used to stop the stream. The callback must always fill the entire output
-- buffer irrespective of its return value.
--
-- @see Pa_OpenStream, Pa_OpenDefaultStream
--
-- @note With the exception of Pa_GetStreamCpuLoad() it is not permissable to call
-- PortAudio API functions from within the stream callback.
--*/
--typedef int PaStreamCallback(
-- const void *input, void *output,
-- unsigned long frameCount,
-- const PaStreamCallbackTimeInfo* timeInfo,
-- PaStreamCallbackFlags statusFlags,
-- void *userData );
--
--
--/** Opens a stream for either input, output or both.
--
-- @param stream The address of a PaStream pointer which will receive
-- a pointer to the newly opened stream.
--
-- @param inputParameters A structure that describes the input parameters used by
-- the opened stream. See PaStreamParameters for a description of these parameters.
-- inputParameters must be NULL for output-only streams.
--
-- @param outputParameters A structure that describes the output parameters used by
-- the opened stream. See PaStreamParameters for a description of these parameters.
-- outputParameters must be NULL for input-only streams.
--
-- @param sampleRate The desired sampleRate. For full-duplex streams it is the
-- sample rate for both input and output
--
-- @param framesPerBuffer The number of frames passed to the stream callback
-- function, or the preferred block granularity for a blocking read/write stream.
-- The special value paFramesPerBufferUnspecified (0) may be used to request that
-- the stream callback will recieve an optimal (and possibly varying) number of
-- frames based on host requirements and the requested latency settings.
-- Note: With some host APIs, the use of non-zero framesPerBuffer for a callback
-- stream may introduce an additional layer of buffering which could introduce
-- additional latency. PortAudio guarantees that the additional latency
-- will be kept to the theoretical minimum however, it is strongly recommended
-- that a non-zero framesPerBuffer value only be used when your algorithm
-- requires a fixed number of frames per stream callback.
--
-- @param streamFlags Flags which modify the behaviour of the streaming process.
-- This parameter may contain a combination of flags ORed together. Some flags may
-- only be relevant to certain buffer formats.
--
-- @param streamCallback A pointer to a client supplied function that is responsible
-- for processing and filling input and output buffers. If this parameter is NULL
-- the stream will be opened in 'blocking read/write' mode. In blocking mode,
-- the client can receive sample data using Pa_ReadStream and write sample data
-- using Pa_WriteStream, the number of samples that may be read or written
-- without blocking is returned by Pa_GetStreamReadAvailable and
-- Pa_GetStreamWriteAvailable respectively.
--
-- @param userData A client supplied pointer which is passed to the stream callback
-- function. It could for example, contain a pointer to instance data necessary
-- for processing the audio buffers. This parameter is ignored if streamCallback
-- is NULL.
--
-- @return
-- Upon success Pa_OpenStream() returns paNoError and places a pointer to a
-- valid PaStream in the stream argument. The stream is inactive (stopped).
-- If a call to Pa_OpenStream() fails, a non-zero error code is returned (see
-- PaError for possible error codes) and the value of stream is invalid.
--
-- @see PaStreamParameters, PaStreamCallback, Pa_ReadStream, Pa_WriteStream,
-- Pa_GetStreamReadAvailable, Pa_GetStreamWriteAvailable
--*/
--PaError Pa_OpenStream( PaStream** stream,
-- const PaStreamParameters *inputParameters,
-- const PaStreamParameters *outputParameters,
-- double sampleRate,
-- unsigned long framesPerBuffer,
-- PaStreamFlags streamFlags,
-- PaStreamCallback *streamCallback,
-- void *userData );
--
--
--/** A simplified version of Pa_OpenStream() that opens the default input
-- and/or output devices.
--
-- @param stream The address of a PaStream pointer which will receive
-- a pointer to the newly opened stream.
--
-- @param numInputChannels The number of channels of sound that will be supplied
-- to the stream callback or returned by Pa_ReadStream. It can range from 1 to
-- the value of maxInputChannels in the PaDeviceInfo record for the default input
-- device. If 0 the stream is opened as an output-only stream.
--
-- @param numOutputChannels The number of channels of sound to be delivered to the
-- stream callback or passed to Pa_WriteStream. It can range from 1 to the value
-- of maxOutputChannels in the PaDeviceInfo record for the default output dvice.
-- If 0 the stream is opened as an output-only stream.
--
-- @param sampleFormat The sample format of both the input and output buffers
-- provided to the callback or passed to and from Pa_ReadStream and Pa_WriteStream.
-- sampleFormat may be any of the formats described by the PaSampleFormat
-- enumeration.
--
-- @param sampleRate Same as Pa_OpenStream parameter of the same name.
-- @param framesPerBuffer Same as Pa_OpenStream parameter of the same name.
-- @param streamCallback Same as Pa_OpenStream parameter of the same name.
-- @param userData Same as Pa_OpenStream parameter of the same name.
--
-- @return As for Pa_OpenStream
--
-- @see Pa_OpenStream, PaStreamCallback
--*/
--PaError Pa_OpenDefaultStream( PaStream** stream,
-- int numInputChannels,
-- int numOutputChannels,
-- PaSampleFormat sampleFormat,
-- double sampleRate,
-- unsigned long framesPerBuffer,
-- PaStreamCallback *streamCallback,
-- void *userData );
--
--
--/** Closes an audio stream. If the audio stream is active it
-- discards any pending buffers as if Pa_AbortStream() had been called.
--*/
--PaError Pa_CloseStream( PaStream *stream );
--
--
--/** Functions of type PaStreamFinishedCallback are implemented by PortAudio
-- clients. They can be registered with a stream using the Pa_SetStreamFinishedCallback
-- function. Once registered they are called when the stream becomes inactive
-- (ie once a call to Pa_StopStream() will not block).
-- A stream will become inactive after the stream callback returns non-zero,
-- or when Pa_StopStream or Pa_AbortStream is called. For a stream providing audio
-- output, if the stream callback returns paComplete, or Pa_StopStream is called,
-- the stream finished callback will not be called until all generated sample data
-- has been played.
--
-- @param userData The userData parameter supplied to Pa_OpenStream()
--
-- @see Pa_SetStreamFinishedCallback
--*/
--typedef void PaStreamFinishedCallback( void *userData );
--
--
--/** Register a stream finished callback function which will be called when the
-- stream becomes inactive. See the description of PaStreamFinishedCallback for
-- further details about when the callback will be called.
--
-- @param stream a pointer to a PaStream that is in the stopped state - if the
-- stream is not stopped, the stream's finished callback will remain unchanged
-- and an error code will be returned.
--
-- @param streamFinishedCallback a pointer to a function with the same signature
-- as PaStreamFinishedCallback, that will be called when the stream becomes
-- inactive. Passing NULL for this parameter will un-register a previously
-- registered stream finished callback function.
--
-- @return on success returns paNoError, otherwise an error code indicating the cause
-- of the error.
--
-- @see PaStreamFinishedCallback
--*/
--PaError Pa_SetStreamFinishedCallback( PaStream *stream, PaStreamFinishedCallback* streamFinishedCallback );
--
--
--/** Commences audio processing.
--*/
--PaError Pa_StartStream( PaStream *stream );
--
--
--/** Terminates audio processing. It waits until all pending
-- audio buffers have been played before it returns.
--*/
--PaError Pa_StopStream( PaStream *stream );
--
--
--/** Terminates audio processing immediately without waiting for pending
-- buffers to complete.
--*/
--PaError Pa_AbortStream( PaStream *stream );
--
--
--/** Determine whether the stream is stopped.
-- A stream is considered to be stopped prior to a successful call to
-- Pa_StartStream and after a successful call to Pa_StopStream or Pa_AbortStream.
-- If a stream callback returns a value other than paContinue the stream is NOT
-- considered to be stopped.
--
-- @return Returns one (1) when the stream is stopped, zero (0) when
-- the stream is running or, a PaErrorCode (which are always negative) if
-- PortAudio is not initialized or an error is encountered.
--
-- @see Pa_StopStream, Pa_AbortStream, Pa_IsStreamActive
--*/
--PaError Pa_IsStreamStopped( PaStream *stream );
--
--
--/** Determine whether the stream is active.
-- A stream is active after a successful call to Pa_StartStream(), until it
-- becomes inactive either as a result of a call to Pa_StopStream() or
-- Pa_AbortStream(), or as a result of a return value other than paContinue from
-- the stream callback. In the latter case, the stream is considered inactive
-- after the last buffer has finished playing.
--
-- @return Returns one (1) when the stream is active (ie playing or recording
-- audio), zero (0) when not playing or, a PaErrorCode (which are always negative)
-- if PortAudio is not initialized or an error is encountered.
--
-- @see Pa_StopStream, Pa_AbortStream, Pa_IsStreamStopped
--*/
--PaError Pa_IsStreamActive( PaStream *stream );
--
--
--
--/** A structure containing unchanging information about an open stream.
-- @see Pa_GetStreamInfo
--*/
--
--typedef struct PaStreamInfo
--{
-- /** this is struct version 1 */
-- int structVersion;
--
-- /** The input latency of the stream in seconds. This value provides the most
-- accurate estimate of input latency available to the implementation. It may
-- differ significantly from the suggestedLatency value passed to Pa_OpenStream().
-- The value of this field will be zero (0.) for output-only streams.
-- @see PaTime
-- */
-- PaTime inputLatency;
--
-- /** The output latency of the stream in seconds. This value provides the most
-- accurate estimate of output latency available to the implementation. It may
-- differ significantly from the suggestedLatency value passed to Pa_OpenStream().
-- The value of this field will be zero (0.) for input-only streams.
-- @see PaTime
-- */
-- PaTime outputLatency;
--
-- /** The sample rate of the stream in Hertz (samples per second). In cases
-- where the hardware sample rate is inaccurate and PortAudio is aware of it,
-- the value of this field may be different from the sampleRate parameter
-- passed to Pa_OpenStream(). If information about the actual hardware sample
-- rate is not available, this field will have the same value as the sampleRate
-- parameter passed to Pa_OpenStream().
-- */
-- double sampleRate;
--
--} PaStreamInfo;
--
--
--/** Retrieve a pointer to a PaStreamInfo structure containing information
-- about the specified stream.
-- @return A pointer to an immutable PaStreamInfo structure. If the stream
-- parameter invalid, or an error is encountered, the function returns NULL.
--
-- @param stream A pointer to an open stream previously created with Pa_OpenStream.
--
-- @note PortAudio manages the memory referenced by the returned pointer,
-- the client must not manipulate or free the memory. The pointer is only
-- guaranteed to be valid until the specified stream is closed.
--
-- @see PaStreamInfo
--*/
--const PaStreamInfo* Pa_GetStreamInfo( PaStream *stream );
--
--
--/** Determine the current time for the stream according to the same clock used
-- to generate buffer timestamps. This time may be used for syncronising other
-- events to the audio stream, for example synchronizing audio to MIDI.
--
-- @return The stream's current time in seconds, or 0 if an error occurred.
--
-- @see PaTime, PaStreamCallback
--*/
--PaTime Pa_GetStreamTime( PaStream *stream );
--
--
--/** Retrieve CPU usage information for the specified stream.
-- The "CPU Load" is a fraction of total CPU time consumed by a callback stream's
-- audio processing routines including, but not limited to the client supplied
-- stream callback. This function does not work with blocking read/write streams.
--
-- This function may be called from the stream callback function or the
-- application.
--
-- @return
-- A floating point value, typically between 0.0 and 1.0, where 1.0 indicates
-- that the stream callback is consuming the maximum number of CPU cycles possible
-- to maintain real-time operation. A value of 0.5 would imply that PortAudio and
-- the stream callback was consuming roughly 50% of the available CPU time. The
-- return value may exceed 1.0. A value of 0.0 will always be returned for a
-- blocking read/write stream, or if an error occurrs.
--*/
--double Pa_GetStreamCpuLoad( PaStream* stream );
--
--
--/** Read samples from an input stream. The function doesn't return until
-- the entire buffer has been filled - this may involve waiting for the operating
-- system to supply the data.
--
-- @param stream A pointer to an open stream previously created with Pa_OpenStream.
--
-- @param buffer A pointer to a buffer of sample frames. The buffer contains
-- samples in the format specified by the inputParameters->sampleFormat field
-- used to open the stream, and the number of channels specified by
-- inputParameters->numChannels. If non-interleaved samples were requested,
-- buffer is a pointer to the first element of an array of non-interleaved
-- buffer pointers, one for each channel.
--
-- @param frames The number of frames to be read into buffer. This parameter
-- is not constrained to a specific range, however high performance applications
-- will want to match this parameter to the framesPerBuffer parameter used
-- when opening the stream.
--
-- @return On success PaNoError will be returned, or PaInputOverflowed if input
-- data was discarded by PortAudio after the previous call and before this call.
--*/
--PaError Pa_ReadStream( PaStream* stream,
-- void *buffer,
-- unsigned long frames );
--
--
--/** Write samples to an output stream. This function doesn't return until the
-- entire buffer has been consumed - this may involve waiting for the operating
-- system to consume the data.
--
-- @param stream A pointer to an open stream previously created with Pa_OpenStream.
--
-- @param buffer A pointer to a buffer of sample frames. The buffer contains
-- samples in the format specified by the outputParameters->sampleFormat field
-- used to open the stream, and the number of channels specified by
-- outputParameters->numChannels. If non-interleaved samples were requested,
-- buffer is a pointer to the first element of an array of non-interleaved
-- buffer pointers, one for each channel.
--
-- @param frames The number of frames to be written from buffer. This parameter
-- is not constrained to a specific range, however high performance applications
-- will want to match this parameter to the framesPerBuffer parameter used
-- when opening the stream.
--
-- @return On success PaNoError will be returned, or paOutputUnderflowed if
-- additional output data was inserted after the previous call and before this
-- call.
--*/
--PaError Pa_WriteStream( PaStream* stream,
-- const void *buffer,
-- unsigned long frames );
--
--
--/** Retrieve the number of frames that can be read from the stream without
-- waiting.
--
-- @return Returns a non-negative value representing the maximum number of frames
-- that can be read from the stream without blocking or busy waiting or, a
-- PaErrorCode (which are always negative) if PortAudio is not initialized or an
-- error is encountered.
--*/
--signed long Pa_GetStreamReadAvailable( PaStream* stream );
--
--
--/** Retrieve the number of frames that can be written to the stream without
-- waiting.
--
-- @return Returns a non-negative value representing the maximum number of frames
-- that can be written to the stream without blocking or busy waiting or, a
-- PaErrorCode (which are always negative) if PortAudio is not initialized or an
-- error is encountered.
--*/
--signed long Pa_GetStreamWriteAvailable( PaStream* stream );
--
--
--/* Miscellaneous utilities */
--
--
--/** Retrieve the size of a given sample format in bytes.
--
-- @return The size in bytes of a single sample in the specified format,
-- or paSampleFormatNotSupported if the format is not supported.
--*/
--PaError Pa_GetSampleSize( PaSampleFormat format );
--
--
--/** Put the caller to sleep for at least 'msec' milliseconds. This function is
-- provided only as a convenience for authors of portable code (such as the tests
-- and examples in the PortAudio distribution.)
--
-- The function may sleep longer than requested so don't rely on this for accurate
-- musical timing.
--*/
--void Pa_Sleep( long msec );
--
--
--
--#ifdef __cplusplus
--}
--#endif /* __cplusplus */
--#endif /* PORTAUDIO_H */
---- a/src/wave.cpp
-+++ b/src/wave.cpp
-@@ -31,7 +31,10 @@
- #include <sys/time.h>
- #include <time.h>
-
--#include "portaudio.h"
-+#ifdef USE_PORTAUDIO
-+#include <portaudio.h>
-+#endif
-+
- #ifdef PLATFORM_WINDOWS
- #include <windows.h>
- #else
---- a/src/wavegen.cpp
-+++ b/src/wavegen.cpp
-@@ -40,7 +40,7 @@
- #endif
-
- #ifdef USE_PORTAUDIO
--#include "portaudio.h"
-+#include <portaudio.h>
- #undef USE_PORTAUDIO
- // determine portaudio version by looking for a #define which is not in V18
- #ifdef paNeverDropInput
include $(TOPDIR)/rules.mk
PKG_NAME:=mpd
-PKG_VERSION:=0.20.20
+PKG_VERSION:=0.20.21
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://www.musicpd.org/download/mpd/0.20/
-PKG_HASH:=a9e458c6e07cdf62649de7722e1e5a7f13aa82eeb397bfbbebc07cf5cf273584
+PKG_HASH:=8322764dc265c20f05c8c8fdfdd578b0722e74626bef56fcd8eebfb01acc58dc
PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
PKG_LICENSE:=GPL-2.0
--disable-vorbis-encoder \
--enable-wave-encoder \
--disable-wavpack \
- --disable-webdav \
- --disable-wildmidi \
+ --enable-webdav \
--disable-zzip \
--with-zeroconf=no \
--disable-soxr \
include $(TOPDIR)/rules.mk
PKG_NAME:=pianod
-PKG_VERSION:=174.07
+PKG_VERSION:=174.09
PKG_RELEASE:=1
PKG_SOURCE_URL:=https://github.com/thess/pianod-sc/releases/download/$(PKG_VERSION)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_HASH:=eee969926c095497893fbd28711258a31efb2d2301da87563dbcd101d8771bff
+PKG_HASH:=744c833ee17a7c95068c6925f4301f342bcad838ad8e48b40a19fd6739533eac
PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
include $(TOPDIR)/rules.mk
PKG_NAME:=portaudio
-PKG_VERSION:=19_20140130
-PKG_RELEASE:=2
+PKG_VERSION:=190600_20161030
+PKG_RELEASE:=1
PKG_SOURCE:=pa_stable_v$(PKG_VERSION).tgz
PKG_SOURCE_URL:=http://www.portaudio.com/archives/
-PKG_HASH:=8fe024a5f0681e112c6979808f684c3516061cc51d3acc0b726af98fc96c8d57
+PKG_HASH:=f5a21d7dcd6ee84397446fa1fa1a0675bb2e8a4a6dceb4305a8404698d8d1513
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=LICENSE.txt
PKG_NAME:=shairport-sync
PKG_VERSION:=3.2.1
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/mikebrady/shairport-sync.git
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/shairport-sync.init $(1)/etc/init.d/shairport-sync
$(INSTALL_DIR) $(1)/etc/config
- $(INSTALL_DATA) ./files/shairport-sync.config $(1)/etc/config/shairport-sync
+ $(INSTALL_CONF) ./files/shairport-sync.config $(1)/etc/config/shairport-sync
endef
Package/shairport-sync-openssl/install = $(Package/shairport-sync/default/install)
PKG_NAME:=bluelog
PKG_VERSION:=1.1.2
-PKG_RELEASE:=2
+PKG_RELEASE:=4
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=ftp://ftp.digifail.com/software/bluelog
-PKG_HASH:=9750b007daffaffecea3b8dd2332bf74cc24955c307861197a20d04d845bc412
+PKG_SOURCE:=Bluelog-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://codeload.github.com/MS3FGX/Bluelog/tar.gz/$(PKG_VERSION)?
+PKG_HASH:=ebbc1357e14bc46cbddd8390cdbd29c0131b09b8ab680a1c382164ef076cb53e
+PKG_BUILD_DIR:=$(BUILD_DIR)/Bluelog-$(PKG_VERSION)
OUI_SOURCE:=oui-2016-05-30.txt.gz
-OUI_URL:=http://sources.lede-project.org/
+OUI_URL:=https://sources.openwrt.org/
OUI_MD5SUM:=38048729fdb5a7a7e0c5db6a51dc2dd1
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=COPYING
PKG_MAINTAINER:=Nicolas Thill <nico@openwrt.org>
+PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
SECTION:=utils
CATEGORY:=Utilities
TITLE:=Bluetooth scanner and logger
- URL:=http://www.digifail.com/software/bluelog.shtml
+ URL:=https://github.com/MS3FGX/Bluelog
DEPENDS:=+bluez-libs +kmod-bluetooth
endef
include $(TOPDIR)/rules.mk
PKG_NAME:=crelay
-PKG_VERSION:=0.12
+PKG_VERSION:=0.13
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/ondrej1024/crelay/tar.gz/V$(PKG_VERSION)?
-PKG_HASH:=84b2523107bb3e7263d0be1c3c367de1956b41711293e108f4ce483f5e66913f
+PKG_HASH:=d9919fe91e8641352f0b4705a37acc7ba4b3c4286ca78a629968f16f343cfdc4
PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
PKG_LICENSE:=GPL-2.0
include $(TOPDIR)/rules.mk
PKG_NAME:=dbus
-PKG_VERSION:=1.12.8
+PKG_VERSION:=1.12.10
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://dbus.freedesktop.org/releases/dbus/
-PKG_HASH:=e2dc99e7338303393b6663a98320aba6a63421bcdaaf571c8022f815e5896eb3
-PKG_MAINTAINER:=Steven Barth <cyrus@openwrt.org>
+PKG_HASH:=4b693d24976258c3f2fa9cc33ad9288c5fbfa7a16481dbd9a8a429f7aa8cdcf7
+PKG_MAINTAINER:=
PKG_LICENSE:=AFL-2.1
PKG_BUILD_PARALLEL:=1
include $(TOPDIR)/rules.mk
PKG_NAME:=evtest
-PKG_REV:=ab140a2dab1547f7deb5233be6d94a388cf08b26
PKG_VERSION:=1.33
PKG_RELEASE:=1
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_MIRROR_HASH:=9716be17dadc496f15861e41e17980be9d444de856bc2e5b9a732f9ce826b8dd
-PKG_SOURCE_URL:=git://anongit.freedesktop.org/evtest
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=$(PKG_REV)
-
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
+PKG_SOURCE_URL:=https://cgit.freedesktop.org/evtest/snapshot
+PKG_HASH:=5037d1162f4c407053cd97e85763ba03150a0c35f929ee9bf9a360abd32ef1c1
PKG_MAINTAINER:=Pushpal Sidhu <psidhu.devel@gmail.com>
+
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=COPYING
--- /dev/null
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=fish
+PKG_VERSION:=2.7.1
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://codeload.github.com/fish-shell/fish-shell/tar.gz/$(PKG_VERSION)?
+PKG_HASH:=eb43ea2eb9accf76661c487dd530a5fd345fa40a3201bd22cef2c52be39fb474
+PKG_MAINTAINER:=Curtis Jiang <jqqqqqqqqqq@gmail.com>
+PKG_LICENSE:=GPL-2.0
+
+PKG_FIXUP:=autoreconf
+PKG_INSTALL:=1
+PKG_BUILD_DIR:=$(BUILD_DIR)/fish-shell-$(PKG_VERSION)
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/fish
+ SECTION:=utils
+ CATEGORY:=Utilities
+ SUBMENU:=Shells
+ TITLE:=A smart and user-friendly command line shell
+ DEPENDS:=+libncurses +libstdcpp +librt
+ URL:=https://fishshell.com
+endef
+
+define Package/fish/description
+ Fish is a smart and user-friendly command line shell for OS X, Linux, and the
+ rest of the family. Fish includes features like syntax highlighting,
+ autosuggest-as-you-type, and fancy tab completions that just work, with no
+ configuration required.
+endef
+
+CONFIGURE_VARS += ac_cv_file__proc_self_stat=yes
+TARGET_CXXFLAGS += -std=c++0x
+
+define Package/fish/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/fish $(1)/usr/bin
+ $(INSTALL_DIR) $(1)/usr/share/fish
+ $(CP) $(PKG_INSTALL_DIR)/usr/share/fish/* $(1)/usr/share/fish/
+ rm -rf $(1)/usr/share/fish/groff
+ rm -rf $(1)/usr/share/fish/man
+ rm -rf $(1)/usr/share/fish/tools
+endef
+
+define Package/fish/postinst
+#!/bin/sh
+grep fish $${IPKG_INSTROOT}/etc/shells || \
+ echo "/usr/bin/fish" >> $${IPKG_INSTROOT}/etc/shells
+
+ # Backwards compatibility
+ if [[ -e /bin/fish ]] && ([[ ! -L /bin/fish ]] || [[ "$(readlink -fn $${IPKG_INSTROOT}/bin/fish)" != "../$(CONFIGURE_PREFIX)/bin/fish" ]]); then
+ ln -fs "../$(CONFIGURE_PREFIX)/bin/fish" "$${IPKG_INSTROOT}/bin/fish"
+ fi
+endef
+
+define Package/fish/postrm
+ rm -rf "$${IPKG_INSTROOT}/$(CONFIGURE_PREFIX)/share/fish/$(PKG_VERSION)"
+endef
+
+$(eval $(call BuildPackage,fish))
--- /dev/null
+diff --git a/share/functions/prompt_hostname.fish b/share/functions/prompt_hostname.fish
+index 4348bce2..8502ce3f 100644
+--- a/share/functions/prompt_hostname.fish
++++ b/share/functions/prompt_hostname.fish
+@@ -2,7 +2,7 @@
+ # hostname command uses. So cache the answer so including it in the prompt doesn't make fish seem
+ # slow.
+ if not set -q __fish_prompt_hostname
+- set -g __fish_prompt_hostname (hostname | string split '.')[1]
++ set -g __fish_prompt_hostname (uname -n | string split '.')[1]
+ end
+
+ function prompt_hostname
+diff --git a/share/tools/web_config/sample_prompts/pythonista.fish b/share/tools/web_config/sample_prompts/pythonista.fish
+index 9529035c..57ffaf86 100644
+--- a/share/tools/web_config/sample_prompts/pythonista.fish
++++ b/share/tools/web_config/sample_prompts/pythonista.fish
+@@ -7,7 +7,7 @@ function fish_prompt
+ set -g VIRTUAL_ENV_DISABLE_PROMPT true
+ end
+ set_color yellow
+- printf '%s' (whoami)
++ printf '%s' (id -un)
+ set_color normal
+ printf ' at '
+
+diff --git a/share/tools/web_config/sample_prompts/screen_savvy.fish b/share/tools/web_config/sample_prompts/screen_savvy.fish
+index 411a5501..5cdcfb69 100644
+--- a/share/tools/web_config/sample_prompts/screen_savvy.fish
++++ b/share/tools/web_config/sample_prompts/screen_savvy.fish
+@@ -2,8 +2,8 @@
+ # author: Matthias
+ function fish_prompt -d "Write out the prompt"
+ if test -z $WINDOW
+- printf '%s%s@%s%s%s%s%s> ' (set_color yellow) (whoami) (set_color purple) (prompt_hostname) (set_color $fish_color_cwd) (prompt_pwd) (set_color normal)
++ printf '%s%s@%s%s%s%s%s> ' (set_color yellow) (id -un) (set_color purple) (prompt_hostname) (set_color $fish_color_cwd) (prompt_pwd) (set_color normal)
+ else
+- printf '%s%s@%s%s%s(%s)%s%s%s> ' (set_color yellow) (whoami) (set_color purple) (prompt_hostname) (set_color white) (echo $WINDOW) (set_color $fish_color_cwd) (prompt_pwd) (set_color normal)
++ printf '%s%s@%s%s%s(%s)%s%s%s> ' (set_color yellow) (id -un) (set_color purple) (prompt_hostname) (set_color white) (echo $WINDOW) (set_color $fish_color_cwd) (prompt_pwd) (set_color normal)
+ end
+ end
+diff --git a/share/tools/web_config/sample_prompts/terlar.fish b/share/tools/web_config/sample_prompts/terlar.fish
+index d49ef340..59b3d267 100644
+--- a/share/tools/web_config/sample_prompts/terlar.fish
++++ b/share/tools/web_config/sample_prompts/terlar.fish
+@@ -6,7 +6,7 @@ function fish_prompt --description 'Write out the prompt'
+
+ # User
+ set_color $fish_color_user
+- echo -n (whoami)
++ echo -n (id -un)
+ set_color normal
+
+ echo -n '@'
include $(TOPDIR)/rules.mk
PKG_NAME:=less
-PKG_VERSION:=487
+PKG_VERSION:=530
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://www.greenwoodsoftware.com/less
-PKG_HASH:=f3dc8455cb0b2b66e0c6b816c00197a71bf6d1787078adeee0bcf2aea4b12706
+PKG_HASH:=503f91ab0af4846f34f0444ab71c4b286123f0044a4964f1ae781486c617f2e2
PKG_LICENSE:=GPL-3.0
PKG_LICENSE_FILES:=COPYING
include $(TOPDIR)/rules.mk
PKG_NAME:=mariadb
-PKG_VERSION:=10.2.16
-PKG_RELEASE:=3
+PKG_VERSION:=10.2.17
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL := \
https://ftp.yz.yamagata-u.ac.jp/pub/dbms/mariadb/$(PKG_NAME)-$(PKG_VERSION)/source \
https://downloads.mariadb.org/interstitial/$(PKG_NAME)-$(PKG_VERSION)/source
-PKG_HASH:=c182ee93bacee9c1395a4cece56acfc433bc5153ec627c4898927b93eee54dc4
+PKG_HASH:=e7b3078f8de874a4d451242a8a3eed49bf6f916dcd52fc3efa55886f5f35be27
PKG_MAINTAINER:=Sebastian Kemper <sebastian_ml@gmx.net>
PKG_LICENSE:=GPL-2.0 LGPL-2.1
PKG_LICENSE_FILES:=COPYING libmariadb/COPYING.LIB
--- a/scripts/mysql_install_db.sh
+++ b/scripts/mysql_install_db.sh
-@@ -383,7 +383,7 @@ fi
+@@ -388,7 +388,7 @@ fi
# Try to determine the hostname
include $(TOPDIR)/rules.mk
PKG_NAME:=qemu
-PKG_VERSION:=2.12.1
+PKG_VERSION:=3.0.0
PKG_RELEASE:=1
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_HASH:=4150809a52d821398dfd38c94b065513ef26b393fda9aba4bb6f09644cf1e5ca
-PKG_SOURCE_URL:=http://wiki.qemu-project.org/download/
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
+PKG_HASH:=8d7af64fe8bd5ea5c3bdf17131a8b858491bcce1ee3839425a6d91fb821b5713
+PKG_SOURCE_URL:=http://download.qemu.org/
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=LICENSE tcg/LICENSE
PKG_MAINTAINER:=Yousong Zhou <yszhou4tech@gmail.com>
--disable-strip \
--disable-werror \
-QEMU_CONFIGURE_TARGET_LIST := $(foreach target,$(QEMU_TARGET_LIST),$(if $(CONFIG_PACKAGE_qemu-$(target)),$(target)))
-CONFIGURE_ARGS += --target-list='$(QEMU_CONFIGURE_TARGET_LIST)'
-
-ifneq ($(CONFIG_PACKAGE_qemu-ga),)
-CONFIGURE_ARGS += --enable-guest-agent
-endif
+CONFIGURE_ARGS += --target-list='$(foreach target,$(QEMU_TARGET_LIST),$(if $(CONFIG_PACKAGE_qemu-$(target)),$(target)))'
+CONFIGURE_ARGS += $(if $(CONFIG_PACKAGE_qemu-ga),--enable-guest-agent)
TARGET_LDFLAGS += -Wl,--as-needed
MAKE_VARS += V=s
PKG_MAINTAINER:=Luiz Angelo Daros de Luca <luizluca@gmail.com>
PKG_LICENSE:=GPL-2.0 GPL-2.0+
PKG_LICENSE_FILES:=COPYING LICENSE
+PKG_CPE_ID:=cpe:/a:sane-backends_project:sane-backends
PKG_INSTALL:=1
include $(TOPDIR)/rules.mk
PKG_NAME:=shadow
-PKG_VERSION:=4.2.1
-PKG_RELEASE:=8
+PKG_VERSION:=4.6
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=http://pkg-shadow.alioth.debian.org/releases
-PKG_HASH:=3b0893d1476766868cd88920f4f1231c4795652aa407569faff802bcda0f3d41
+PKG_SOURCE_URL:=https://github.com/shadow-maint/shadow/releases/download/$(PKG_VERSION)
+PKG_HASH:=0998c8d84242a231ab0acb7f8613927ff5bcff095f8aa6b79478893a03f05583
PKG_MAINTAINER:=Steven Barth <cyrus@openwrt.org>
PKG_LICENSE:=BSD-3-Clause
SECTION:=utils
CATEGORY:=Utilities
TITLE:=The PLD Linux shadow utilities
- URL:=http://pkg-shadow.alioth.debian.org/
+ URL:=https://github.com/shadow-maint/shadow
endef
define Package/shadow
---- a/configure.in
-+++ b/configure.in
-@@ -197,7 +197,6 @@ dnl XXX - quick hack, should disappear b
+--- a/configure.ac
++++ b/configure.ac
+@@ -200,7 +200,6 @@ dnl XXX - quick hack, should disappear b
AC_DEFINE(USE_SYSLOG, 1, [Define to use syslog().])
if test "$ac_cv_func_ruserok" = "yes"; then
AC_DEFINE(RLOGIN, 1, [Define if login should support the -r flag for rlogind.])
+++ /dev/null
-From 2cb54158b80cdbd97ca3b36df83f9255e923ae3f Mon Sep 17 00:00:00 2001
-From: James Le Cuirot <chewi@aura-online.co.uk>
-Date: Sat, 23 Aug 2014 09:46:39 +0100
-Subject: [PATCH] Check size of uid_t and gid_t using AC_CHECK_SIZEOF
-
-This built-in check is simpler than the previous method and, most
-importantly, works when cross-compiling.
-
-Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
----
- configure.in | 14 ++++----------
- 1 file changed, 4 insertions(+), 10 deletions(-)
-
---- a/configure.in
-+++ b/configure.in
-@@ -334,16 +334,10 @@ if test "$enable_subids" != "no"; then
- dnl
- dnl FIXME: check if 32 bit UIDs/GIDs are supported by libc
- dnl
-- AC_RUN_IFELSE([AC_LANG_SOURCE([
--#include <sys/types.h>
--int main(void) {
-- uid_t u;
-- gid_t g;
-- return (sizeof u < 4) || (sizeof g < 4);
--}
-- ])], [id32bit="yes"], [id32bit="no"])
-+ AC_CHECK_SIZEOF([uid_t],, [#include "sys/types.h"])
-+ AC_CHECK_SIZEOF([gid_t],, [#include "sys/types.h"])
-
-- if test "x$id32bit" = "xyes"; then
-+ if test "$ac_cv_sizeof_uid_t" -ge 4 && test "$ac_cv_sizeof_gid_t" -ge 4; then
- AC_DEFINE(ENABLE_SUBIDS, 1, [Define to support the subordinate IDs.])
- enable_subids="yes"
- else
--- a/src/su.c
+++ b/src/su.c
-@@ -1090,8 +1090,12 @@ int main (int argc, char **argv)
+@@ -1127,8 +1127,12 @@ int main (int argc, char **argv)
if (fd >= 0) {
err = ioctl (fd, TIOCNOTTY, (char *) 0);
PKG_SOURCE_URL:=https://codeload.github.com/arduino/YunBridge/tar.gz/$(PKG_VERSION)?
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_HASH:=9e5ffc7a0d0cc2c92e972e425adcc49b77cf39da075d31728e7755d316d910d8
-PKG_BUILD_DIR:=YunBridge-$(PKG_VERSION)
+PKG_BUILD_DIR:=$(BUILD_DIR)/YunBridge-$(PKG_VERSION)
PKG_MAINTAINER:=John Crispin <blogic@openwrt.org>
PKG_LICENSE:=GPL-2.0