FROM debian:9
+
+# Configuration version history
+# v1.0 - Initial version by Etienne Champetier
+# v1.0.1 - Run as non-root, add unzip, xz-utils
+# v1.0.2 - Add bzr
+
RUN apt update && apt install -y \
build-essential \
curl \
libssl-dev \
python \
subversion \
+bzr \
time \
wget \
zlib1g-dev \
jobs:
build:
docker:
- - image: docker.io/openwrtorg/packages-cci:v1.0.1
+ - image: docker.io/openwrtorg/packages-cci:v1.0.2
environment:
- - SDK_BASE_URL: "https://downloads.openwrt.org/snapshots/targets/ar71xx/generic"
- - SDK_FILE: "openwrt-sdk-ar71xx-generic_gcc-7.3.0_musl.Linux-x86_64.tar.xz"
+ - SDK_HOST: "downloads.openwrt.org"
+ - SDK_PATH: "snapshots/targets/ar71xx/generic"
+ - SDK_FILE: "openwrt-sdk-ar71xx-generic_*.Linux-x86_64.tar.xz"
- BRANCH: "master"
steps:
- checkout:
fi
subject="$(git show -s --format=%s $commit)"
- if echo "$subject" | grep -q -e '^[0-9A-Za-z,/_-]\+: ' -e '^Revert '; then
+ if echo "$subject" | grep -q -e '^[0-9A-Za-z,+/_-]\+: ' -e '^Revert '; then
echo_green "Commit subject line seems ok ($subject)"
else
echo_red "Commit subject line MUST start with '<package name>: ' ($subject)"
name: Download the SDK
working_directory: ~/sdk
command: |
- curl "$SDK_BASE_URL/sha256sums" -sS -o sha256sums
- curl "$SDK_BASE_URL/sha256sums.asc" -sS -o sha256sums.asc
+ curl "https://$SDK_HOST/$SDK_PATH/sha256sums" -sS -o sha256sums
+ curl "https://$SDK_HOST/$SDK_PATH/sha256sums.asc" -sS -o sha256sums.asc
gpg --with-fingerprint --verify sha256sums.asc sha256sums
- curl "$SDK_BASE_URL/$SDK_FILE" -sS -o "$SDK_FILE"
+ rsync -av "$SDK_HOST::downloads/$SDK_PATH/$SDK_FILE" .
sha256sum -c --ignore-missing sha256sums
- run:
include $(TOPDIR)/rules.mk
PKG_NAME:=zabbix
-PKG_VERSION:=3.4.14
-PKG_RELEASE:=6
+PKG_VERSION:=4.0.2
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_HASH:=7443873cc970672d3c884230d3aeb082f2d8afcc2b757506c2d684ffdd12d77e
+PKG_HASH:=1cef52e89dc8d20343d8b9c3881490bf86e98102de2229a3b852009f1659780c
PKG_SOURCE_URL:=@SF/zabbix
PKG_LICENSE:=GPL-2.0
SUBMENU:=zabbix
MAINTAINER:=Etienne CHAMPETIER <champetier.etienne@gmail.com>
USERID:=zabbix=53:zabbix=53
- DEPENDS += $(ICONV_DEPENDS) +libpcre +ZABBIX_GNUTLS:libgnutls +ZABBIX_OPENSSL:libopenssl
+ DEPENDS += $(ICONV_DEPENDS) +libpcre +zlib +ZABBIX_GNUTLS:libgnutls +ZABBIX_OPENSSL:libopenssl
endef
define Package/zabbix-agentd
include $(TOPDIR)/rules.mk
PKG_NAME:=golang-github-dchest-siphash
+PKG_VERSION:=1.2.1
PKG_RELEASE:=1
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://github.com/dchest/siphash.git
-PKG_SOURCE_VERSION:=4ebf1de738443ea7f45f02dc394c4df1942a126d
-PKG_SOURCE_DATE:=20160831
-PKG_MIRROR_HASH:=57da99437a6dba8c0b34bb09da48c0b8b1e70391ae0e3563453206794defe051
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://codeload.github.com/dchest/siphash/tar.gz/v$(PKG_VERSION)?
+PKG_HASH:=90c5e8ba62b64b2f76ed58c87dd50456171610049bef51fd71bc593c1744fad2
+PKG_BUILD_DIR:=$(BUILD_DIR)/siphash-$(PKG_VERSION)
+PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
PKG_LICENSE:=CC0-1.0
PKG_LICENSE_FILES:=README.md
-PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
PKG_BUILD_DEPENDS:=golang/host
PKG_BUILD_PARALLEL:=1
GO_VERSION_MAJOR_MINOR:=1.11
-GO_VERSION_PATCH:=2
+GO_VERSION_PATCH:=4
PKG_SOURCE:=go$(PKG_VERSION).src.tar.gz
PKG_SOURCE_URL:=$(GO_SOURCE_URLS)
-PKG_HASH:=042fba357210816160341f1002440550e952eb12678f7c9e7e9d389437942550
+PKG_HASH:=4cfd42720a6b1e79a8024895fa6607b69972e8e32446df76d6ce79801bbadb15
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=LICENSE
include $(TOPDIR)/rules.mk
PKG_NAME:=luv
+PKG_VERSION:=1.22.0-1
PKG_RELEASE:=1
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://github.com/luvit/luv.git
-PKG_MIRROR_HASH:=28a4e5f115dacd3b293522bea211576d6bf0519c79971a3dee56632d04a13cb3
-PKG_SOURCE_VERSION:=1.9.1-1
-PKG_SOURCE_DATE:=2016-12-16
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://github.com/luvit/luv/releases/download/$(PKG_VERSION)
+PKG_HASH:=27886acb3d3f531a3d6ca70360d2593ddf1a8d4daf94ca3beea14d9381227ff7
+PKG_MAINTAINER:=Morteza Milani <milani@pichak.co>
PKG_LICENSE:=Apache-2.0
PKG_LICENSE_FILES:=LICENSE
-PKG_USE_MIPS16:=0
-
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/cmake.mk
CATEGORY:=Languages
TITLE:=Luv
URL:=https://github.com/luvit/luv
- MAINTAINER:=Morteza Milani <milani@pichak.co>
DEPENDS:=+libuv +!LUV_USE_LUAJIT_ENGINE:lua
endef
PKG_NPM_NAME:=mozilla-iot-gateway
PKG_NAME:=node-$(PKG_NPM_NAME)
-PKG_VERSION:=0.6.0
-PKG_RELEASE:=2
-PKG_REV:=df2d06def2051238bde7b8e5ee306262235d4c9f
+PKG_VERSION:=0.6.1
+PKG_RELEASE:=1
+PKG_REV:=2bcdf4866872b1e8992ee70ff6fc65566d6288d8
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/mozilla-iot/gateway.git
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE_VERSION:=$(PKG_REV)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_MIRROR_HASH:=d686df778a7de693db11273eb87c16ec4d9e3ff9bbb550ed3ef94e29e96750e2
+PKG_MIRROR_HASH:=c424b6f5f011c0cceb455458c855854395d47e902fd4ec2d63564c5e736d4fcd
PKG_BUILD_DEPENDS:=node/host openzwave
$(RM) -r $(1)/opt/mozilla-iot/gateway/node_modules/ursa-optional/build/Release/ursaNative.node
$(RM) -r $(1)/opt/mozilla-iot/gateway/node_modules/ursa-optional/build/Release/obj.target/ursaNative.node
- $(INSTALL_DIR) $(1)/opt/mozilla-iot/gateway/node_modules/sqlite3/lib/binding/node-v57-linux-arm/
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/node_modules/things-gateway/node_modules/sqlite3/lib/binding/node-v57-linux-arm/node_sqlite3.node \
- $(1)/opt/mozilla-iot/gateway/node_modules/sqlite3/lib/binding/node-v57-linux-arm/
+ $(INSTALL_DIR) $(1)/opt/mozilla-iot/gateway/node_modules/sqlite3/lib/binding/node-v57-linux-$(CPU)/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/node_modules/things-gateway/node_modules/sqlite3/lib/binding/node-v57-linux-$(CPU)/node_sqlite3.node \
+ $(1)/opt/mozilla-iot/gateway/node_modules/sqlite3/lib/binding/node-v57-linux-$(CPU)/
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/mozilla-iot-gateway.init $(1)/etc/init.d/mozilla-iot-gateway
include $(TOPDIR)/rules.mk
PKG_NAME:=node
-PKG_VERSION:=v8.12.0
+PKG_VERSION:=v8.14.1
PKG_RELEASE:=1
PKG_SOURCE:=node-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://nodejs.org/dist/${PKG_VERSION}
-PKG_HASH:=5a9dff58016c18fb4bf902d963b124ff058a550ebcd9840c677757387bce419a
+PKG_HASH:=b1df87803ddffb76fc6739f025f69f6b8288514fcd2f278f0d675ac3d52a6b9b
HOST_BUILD_DEPENDS:=python/host
PKG_BUILD_DEPENDS:=python/host
SUBMENU:=Node.js
TITLE:=Node.js is a platform built on Chrome's JavaScript runtime
URL:=https://nodejs.org/
- DEPENDS:=@(HAS_FPU||KERNEL_MIPS_FPU_EMULATOR) +libstdcpp +libopenssl +zlib +USE_UCLIBC:libpthread +USE_UCLIBC:librt +NODEJS_ICU:icu
+ DEPENDS:=@(HAS_FPU||KERNEL_MIPS_FPU_EMULATOR) +libstdcpp +libopenssl +zlib +libnghttp2 +libuv +libhttp-parser +USE_UCLIBC:libpthread +USE_UCLIBC:librt +NODEJS_ICU:icu
endef
define Package/node/description
--without-snapshot \
--shared-zlib \
--shared-openssl \
+ --shared-nghttp2 \
+ --shared-libuv \
+ --shared-http-parser \
--with-intl=$(if $(CONFIG_NODEJS_ICU),system-icu,none) \
$(if $(findstring mips,$(NODEJS_CPU)), \
$(if $(CONFIG_SOFT_FLOAT),--with-mips-float-abi=soft)) \
--- /dev/null
+diff --git a/src/node_crypto.cc b/src/node_crypto.cc
+index c3779c0..611fb43 100644
+--- a/src/node_crypto.cc
++++ b/src/node_crypto.cc
+@@ -43,6 +43,11 @@
+ #include <string.h>
+ #include <vector>
+
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#define X509_get0_notBefore X509_get_notBefore
++#define X509_get0_notAfter X509_get_notAfter
++#endif
++
+ #define THROW_AND_RETURN_IF_NOT_STRING_OR_BUFFER(val, prefix) \
+ do { \
+ if (!Buffer::HasInstance(val) && !val->IsString()) { \
+@@ -536,6 +541,7 @@ void SecureContext::Init(const FunctionCallbackInfo<Value>& args) {
+ method = SSLv23_server_method();
+ } else if (strcmp(*sslmethod, "SSLv23_client_method") == 0) {
+ method = SSLv23_client_method();
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ } else if (strcmp(*sslmethod, "TLSv1_method") == 0) {
+ method = TLSv1_method();
+ } else if (strcmp(*sslmethod, "TLSv1_server_method") == 0) {
+@@ -554,6 +560,14 @@ void SecureContext::Init(const FunctionCallbackInfo<Value>& args) {
+ method = TLSv1_2_server_method();
+ } else if (strcmp(*sslmethod, "TLSv1_2_client_method") == 0) {
+ method = TLSv1_2_client_method();
++#else
++ } else if (strcmp(*sslmethod, "TLS_method") == 0) {
++ method = TLS_method();
++ } else if (strcmp(*sslmethod, "TLS_server_method") == 0) {
++ method = TLS_server_method();
++ } else if (strcmp(*sslmethod, "TLS_client_method") == 0) {
++ method = TLS_client_method();
++#endif
+ } else {
+ return env->ThrowError("Unknown method");
+ }
+@@ -1799,7 +1813,7 @@ static Local<Object> X509ToObject(Environment* env, X509* cert) {
+ rsa = nullptr;
+ }
+
+- ASN1_TIME_print(bio, X509_get_notBefore(cert));
++ ASN1_TIME_print(bio, X509_get0_notBefore(cert));
+ BIO_get_mem_ptr(bio, &mem);
+ info->Set(context, env->valid_from_string(),
+ String::NewFromUtf8(env->isolate(), mem->data,
+@@ -1807,7 +1821,7 @@ static Local<Object> X509ToObject(Environment* env, X509* cert) {
+ mem->length)).FromJust();
+ (void) BIO_reset(bio);
+
+- ASN1_TIME_print(bio, X509_get_notAfter(cert));
++ ASN1_TIME_print(bio, X509_get0_notAfter(cert));
+ BIO_get_mem_ptr(bio, &mem);
+ info->Set(context, env->valid_to_string(),
+ String::NewFromUtf8(env->isolate(), mem->data,
+@@ -6194,8 +6208,12 @@ void TimingSafeEqual(const FunctionCallbackInfo<Value>& args) {
+ }
+
+ void InitCryptoOnce() {
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ SSL_load_error_strings();
+ OPENSSL_no_config();
++#else
++ OPENSSL_init_crypto(OPENSSL_INIT_NO_LOAD_CONFIG, NULL);
++#endif
+
+ // --openssl-config=...
+ if (!openssl_config.empty()) {
+@@ -6217,10 +6235,10 @@ void InitCryptoOnce() {
+ }
+ }
+
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ SSL_library_init();
+ OpenSSL_add_all_algorithms();
+
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ crypto_lock_init();
+ CRYPTO_set_locking_callback(crypto_lock_cb);
+ CRYPTO_THREADID_set_callback(crypto_threadid_cb);
+diff --git a/src/node_crypto.h b/src/node_crypto.h
+index 58f5b72..875a787 100644
+--- a/src/node_crypto.h
++++ b/src/node_crypto.h
+@@ -37,6 +37,9 @@
+ #include "v8.h"
+
+ #include <openssl/ssl.h>
++#include <openssl/bn.h>
++#include <openssl/rsa.h>
++#include <openssl/dh.h>
+ #include <openssl/ec.h>
+ #include <openssl/ecdh.h>
+ #ifndef OPENSSL_NO_ENGINE
include $(TOPDIR)/rules.mk
PKG_NAME:=django
-PKG_VERSION:=1.11.16
+PKG_VERSION:=1.11.17
PKG_RELEASE=1
-PKG_LICENSE:=BSD-3-Clause
PKG_SOURCE:=Django-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://files.pythonhosted.org/packages/source/D/Django
-PKG_HASH:=29268cc47816a44f27308e60f71da635f549c47d8a1d003b28de55141df75791
+PKG_HASH:=a787ee66f4b4cf8ed753661cabcec603989677fa3a107fcb7f15511a44bdb483
PKG_BUILD_DIR=$(BUILD_DIR)/Django-$(PKG_VERSION)
+PKG_MAINTAINER:=Gergely Kiss <mail.gery@gmail.com>
+PKG_LICENSE:=BSD-3-Clause
+PKG_LICENSE_FILES:=LICENSE LICENSE.python
+PKG_CPE_ID:=cpe:/a:djangoproject:django
+
include $(INCLUDE_DIR)/package.mk
include ../python-package.mk
SECTION:=lang
CATEGORY:=Languages
TITLE:=The web framework for perfectionists with deadlines.
- MAINTAINER:=Gergely Kiss <mail.gery@gmail.com>
URL:=https://www.djangoproject.com/
DEPENDS:=+python
endef
include $(TOPDIR)/rules.mk
PKG_NAME:=pyjwt
-PKG_VERSION:=1.7.0
+PKG_VERSION:=1.7.1
PKG_RELEASE:=1
PKG_LICENSE:=MIT
PKG_SOURCE:=PyJWT-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://files.pythonhosted.org/packages/source/P/PyJWT
-PKG_HASH:=ddec8409c57e9d371c6006e388f91daf3b0b43bdf9fcbf99451fb7cf5ce0a86d
+PKG_HASH:=8d59a976fb773f3e6a39c85636357c4f0e242707394cadadd9814f5cbaa20e96
PKG_BUILD_DIR:=$(BUILD_DIR)/$(BUILD_VARIANT)-PyJWT-$(PKG_VERSION)
PKG_UNPACK=$(HOST_TAR) -C $(PKG_BUILD_DIR) --strip-components=1 -xzf $(DL_DIR)/$(PKG_SOURCE)
include $(TOPDIR)/rules.mk
PKG_NAME:=python-dpkt
-PKG_VERSION:=1.91
+PKG_VERSION:=1.9.2
PKG_RELEASE:=1
+
+PKG_SOURCE:=dpkt-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://files.pythonhosted.org/packages/source/d/dpkt
+PKG_HASH:=52a92ecd5ca04d5bd852bb11cb2eac4bbe38b42a7c472e0d950eeb9f82a81e54
+PKG_BUILD_DIR:=$(BUILD_DIR)/dpkt-$(PKG_VERSION)
+
PKG_MAINTAINER:=Andrew McConachie <andrew@depht.com>
PKG_LICENSE:=BSD-3-Clause
-
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://github.com/kbandla/dpkt.git
-PKG_SOURCE_VERSION:=6cd0909d613a66033ecdefaca6cc07cfa7d46d6b
-PKG_MIRROR_HASH:=fe8657552b1dbaf8b9eba50168730e200567dc88a06932aa1cf60dc93211d16b
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_LICENSE_FILES:=LICENSE
include $(INCLUDE_DIR)/package.mk
include ../python-package.mk
include $(TOPDIR)/rules.mk
PKG_NAME:=python-mysql
-PKG_VERSION:=1.3.13
+PKG_VERSION:=1.3.14
PKG_RELEASE:=1
PKG_LICENSE:=GPL-2.0
PKG_SOURCE:=mysqlclient-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://files.pythonhosted.org/packages/source/m/mysqlclient
-PKG_HASH:=ff8ee1be84215e6c30a746b728c41eb0701a46ca76e343af445b35ce6250644f
-
+PKG_HASH:=3981ae9ce545901a36a8b7aed76ed02960a429f75dc53b7ad77fb2f9ab7cd56b
PKG_BUILD_DIR:=$(BUILD_DIR)/$(BUILD_VARIANT)-mysql-$(PKG_VERSION)
include $(INCLUDE_DIR)/package.mk
include $(TOPDIR)/rules.mk
PKG_NAME:=python-requests
-PKG_VERSION:=2.20.1
+PKG_VERSION:=2.21.0
PKG_RELEASE:=1
PKG_LICENSE:=Apache-2.0
PKG_SOURCE:=requests-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://files.pythonhosted.org/packages/source/r/requests
-PKG_HASH:=ea881206e59f41dbd0bd445437d792e43906703fff75ca8ff43ccdb11f33f263
+PKG_HASH:=502a824f31acdacb3a35b6690b5fbf0bc41d63a24a45c4004352b0242707598e
PKG_BUILD_DIR:=$(BUILD_DIR)/requests-$(PKG_VERSION)
PKG_CPE_ID:=cpe:/a:python-requests:requests
include $(TOPDIR)/rules.mk
PKG_NAME:=python-service-identity
-PKG_VERSION:=17.0.0
-PKG_RELEASE:=2
+PKG_VERSION:=18.1.0
+PKG_RELEASE:=1
PKG_SOURCE:=service_identity-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://pypi.python.org/packages/de/2a/cab6e30be82c8fcd2339ef618036720eda954cf05daef514e386661c9221
-PKG_HASH:=4001fbb3da19e0df22c47a06d29681a398473af4aa9d745eca525b3b2c2302ab
-
+PKG_SOURCE_URL:=https://files.pythonhosted.org/packages/source/s/service_identity
+PKG_HASH:=0858a54aabc5b459d1aafa8a518ed2081a285087f349fe3e55197989232e2e2d
PKG_BUILD_DIR:=$(BUILD_DIR)/$(BUILD_VARIANT)-service-identity-$(PKG_VERSION)
PKG_LICENSE:=MIT
DEPENDS:= \
+PACKAGE_python-service-identity:python-light \
+PACKAGE_python-service-identity:python-attrs \
+ +PACKAGE_python-service-identity:python-cryptography \
+ +PACKAGE_python-service-identity:python-ipaddress \
+PACKAGE_python-service-identity:python-pyasn1 \
- +PACKAGE_python-service-identity:python-pyasn1-modules \
- +PACKAGE_python-service-identity:python-pyopenssl
+ +PACKAGE_python-service-identity:python-pyasn1-modules
VARIANT:=python
endef
DEPENDS:= \
+PACKAGE_python3-service-identity:python3-light \
+PACKAGE_python3-service-identity:python3-attrs \
+ +PACKAGE_python3-service-identity:python3-cryptography \
+PACKAGE_python3-service-identity:python3-pyasn1 \
- +PACKAGE_python3-service-identity:python3-pyasn1-modules \
- +PACKAGE_python3-service-identity:python3-pyopenssl
+ +PACKAGE_python3-service-identity:python3-pyasn1-modules
VARIANT:=python3
endef
include $(TOPDIR)/rules.mk
PKG_NAME:=python-six
-PKG_VERSION:=1.11.0
-PKG_RELEASE:=2
+PKG_VERSION:=1.12.0
+PKG_RELEASE:=1
PKG_SOURCE:=six-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://pypi.python.org/packages/16/d8/bc6316cf98419719bd59c91742194c111b6f2e85abac88e496adefaf7afe
-PKG_HASH:=70e8a77beed4562e7f14fe23a786b54f6296e34344c23bc42f07b15018ff98e9
-
-HOST_BUILD_DEPENDS:=python/host
-
+PKG_SOURCE_URL:=https://files.pythonhosted.org/packages/source/s/six
+PKG_HASH:=d16a0141ec1a18405cd4ce8b4613101da75da0e9a7aec5bdd4fa804d0e0eba73
PKG_BUILD_DIR:=$(BUILD_DIR)/$(BUILD_VARIANT)-six-$(PKG_VERSION)
+PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>, Alexandru Ardelean <ardeleanalex@gmail.com>
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=LICENSE
-PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>, Alexandru Ardelean <ardeleanalex@gmail.com>
+
+HOST_BUILD_DEPENDS:=python/host
include $(INCLUDE_DIR)/host-build.mk
include $(INCLUDE_DIR)/package.mk
SECTION:=lang
CATEGORY:=Languages
SUBMENU:=Python
- URL:=https://pypi.python.org/pypi/six
+ URL:=https://github.com/benjaminp/six
endef
define Package/python-six
PKG_NAME:=tcl
TCL_MAJOR_VERSION:=8.6
-PKG_VERSION:=${TCL_MAJOR_VERSION}.8
+PKG_VERSION:=${TCL_MAJOR_VERSION}.9
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)$(PKG_VERSION)-src.tar.gz
PKG_SOURCE_URL:=@SF/$(PKG_NAME)
-PKG_HASH:=c43cb0c1518ce42b00e7c8f6eaddd5195c53a98f94adc717234a65cbcfd3f96a
+PKG_HASH:=ad0cd2de2c87b9ba8086b43957a0de3eb2eb565c7159d5f53ccbba3feb915f4e
PKG_LICENSE:=TCL
PKG_LICENSE_FILES:=license.terms
PKG_MAINTAINER:=Joe Mistachkin <joe@mistachkin.com>
CATEGORY:=Languages
DEPENDS:=+libpthread +zlib
TITLE:=The Tcl language
- URL:=http://www.tcl.tk/
+ URL:=https://www.tcl.tk/
endef
define Package/tcl/description
You must have enabled the ALSA support in the kernel.
endef
+define Package/alsa-lib/conffiles
+/etc/asound.conf
+endef
+
TARGET_CFLAGS += $(FPIC)
CONFIGURE_ARGS+= \
include $(TOPDIR)/rules.mk
PKG_NAME:=boost
-PKG_VERSION:=1.68.0
-PKG_SOURCE_VERSION:=1_68_0
-PKG_RELEASE:=4
+PKG_VERSION:=1.69.0
+PKG_SOURCE_VERSION:=1_69_0
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)_$(PKG_SOURCE_VERSION).tar.bz2
PKG_SOURCE_URL:=@SF/$(PKG_NAME)/$(PKG_NAME)/$(PKG_VERSION) https://dl.bintray.com/boostorg/release/$(PKG_VERSION)/source/
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)_$(PKG_SOURCE_VERSION)
HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/$(PKG_NAME)_$(PKG_SOURCE_VERSION)
-PKG_HASH:=7f6130bc3cf65f56a618888ce9d5ea704fa10b462be126ad053e80e553d6d8b7
+PKG_HASH:=8f32d4617390d1c2d16f26a27ab60d97807b35440d45891fa340fc2648b04406
PKG_LICENSE:=Boost Software License <http://www.boost.org/users/license.html>
PKG_MAINTAINER:=Carlos M. Ferreira <carlosmf.pt@gmail.com>
endef
define Package/boost/description
-This package provides the Boost v1.68.0 libraries.
+This package provides the Boost v1.69.0 libraries.
Boost is a set of free, peer-reviewed, portable C++ source libraries.
-----------------------------------------------------------------------------
- random
- regex
- serialization and wserialization
- - signals
- stackstrace
- system
- thread
- wave
There are many more header-only libraries supported by Boost.
-See more at http://www.boost.org/doc/libs/1_67_0/
+See more at http://www.boost.org/doc/libs/1_69_0/
endef
PKG_BUILD_DEPENDS:=boost/host PACKAGE_python:python PACKAGE_python3:python3
depends on PACKAGE_boost
comment "Boost compilation options."
+ choice
+ prompt "Compile Visibility."
+ default boost-compile-visibility-hidden
+ help
+ Choose Boost symbols compilation visibility.
+ -> Global:
+ - a.k.a. "default" in gcc documentation. Global symbols are considered public,
+ they are exported from shared libraries and can be redefined by another
+ shared library or executable.
+ -> Protected:
+ - a.k.a. "symbolic". Protected symbols are exported from shared libraries but
+ cannot be redefined by another shared library or executable. This mode is
+ not supported on some platforms, for example OS X.
+ -> Hidden:
+ - Hidden symbols are not exported from shared libraries and cannot be
+ redefined by a different shared library or executable loaded in a process.
+ In this mode, public symbols have to be explicitly marked in the source code
+ to be exported from shared libraries. This is the recommended mode.
+
+ config boost-compile-visibility-global
+ bool "Global"
+
+ config boost-compile-visibility-protected
+ bool "Protected"
+
+ config boost-compile-visibility-hidden
+ bool "Hidden"
+ endchoice
+
choice
prompt "Compile Boost libraries."
default boost-static-and-shared-libs
$(eval $(call DefineBoostLibrary,regex,,))
$(eval $(call DefineBoostLibrary,serialization,,))
$(eval $(call DefineBoostLibrary,wserialization,serialization,))
-$(eval $(call DefineBoostLibrary,signals,,))
$(eval $(call DefineBoostLibrary,stacktrace,,))
$(eval $(call DefineBoostLibrary,system,,))
$(eval $(call DefineBoostLibrary,thread,system chrono atomic,))
--ignore-site-config \
--toolset=gcc-$(ARCH) abi=$(BOOST_ABI) \
--disable-long-double \
+ $(if $(CONFIG_boost-compile-visibility-global), visibility=global,) \
+ $(if $(CONFIG_boost-compile-visibility-protected), visibility=protected,) \
+ $(if $(CONFIG_boost-compile-visibility-hidden), visibility=hidden,) \
$(if $(CONFIG_boost-variant-release), variant=release,) \
$(if $(CONFIG_boost-variant-debug), variant=debug,) \
$(if $(CONFIG_boost-variant-profile), variant=profile,) \
#
-# Copyright (C) 2007-2011 OpenWrt.org
-#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=fcgi
-PKG_VERSION:=2.4.0
+PKG_VERSION:=2.4.1
PKG_RELEASE:=1
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=http://www.fastcgi.com/dist/
-PKG_HASH:=66fc45c6b36a21bf2fbbb68e90f780cc21a9da1fffbae75e76d2b4402d3f05b9
-
-PKG_FIXUP:=libtool-ucxx
+PKG_SOURCE:=$(PKG_NAME)2-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://codeload.github.com/FastCGI-Archives/fcgi2/tar.gz/$(PKG_VERSION)?
+PKG_HASH:=53cc36624bb92a88e3d5a3d696282e1af24b280c3f275604123d9c6d407173e2
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)2-$(PKG_VERSION)
PKG_MAINTAINER:=Jacob Siverskog <jacob@teenageengineering.com>
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=LICENSE.TERMS
+PKG_FIXUP:=autoreconf
+PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
include $(INCLUDE_DIR)/uclibc++.mk
define Package/fcgi/Default
SECTION:=libs
CATEGORY:=Libraries
- URL:=http://www.fastcgi.com/
+ URL:=https://fastcgi-archives.github.io/
endef
define Package/fcgi
$(call Package/fcgi/Default)
MENU:=1
- DEPENDS:= +libpthread
+ DEPENDS:=+libpthread
TITLE:=Shared library of FastCGI
endef
server specific APIs.
endef
-TARGET_CFLAGS += $(FPIC)
-
-CONFIGURE_ARGS += \
- --enable-shared \
- --enable-static \
-
-CONFIGURE_VARS += \
- LIBS="-lm" \
-
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include
$(CP) $(PKG_INSTALL_DIR)/usr/include/fastcgi.h $(1)/usr/include/
-Index: fcgi-2.4.0/include/fcgio.h
-===================================================================
---- fcgi-2.4.0.orig/include/fcgio.h 2007-07-17 13:30:28.000000000 +0200
-+++ fcgi-2.4.0/include/fcgio.h 2007-07-17 13:30:28.000000000 +0200
-@@ -77,10 +77,10 @@
+diff --git a/include/fcgio.h b/include/fcgio.h
+index 20d222a..92eda3c 100644
+--- a/include/fcgio.h
++++ b/include/fcgio.h
+@@ -77,10 +77,10 @@ protected:
virtual int sync();
// Remove and return the current character.
// Use a buffer. The only reasons that a buffer would be useful is
// to support the use of the unget()/putback() or seek() methods. Using
-diff -urN fcgi-2.4.0/libfcgi/fcgio.cpp fcgi-2.4.0.new/libfcgi/fcgio.cpp
---- fcgi-2.4.0/libfcgi/fcgio.cpp 2002-02-24 21:12:22.000000000 +0100
-+++ fcgi-2.4.0.new/libfcgi/fcgio.cpp 2007-08-28 11:22:22.000000000 +0200
-@@ -89,7 +89,7 @@
+diff --git a/libfcgi/fcgio.cpp b/libfcgi/fcgio.cpp
+index 5a54c11..e57b622 100644
+--- a/libfcgi/fcgio.cpp
++++ b/libfcgi/fcgio.cpp
+@@ -89,7 +89,7 @@ int fcgi_streambuf::sync()
}
// uflow() removes the char, underflow() doesn't
-int fcgi_streambuf::uflow()
+std::basic_streambuf<char>::int_type fcgi_streambuf::uflow()
{
- int rv = underflow();
- if (this->bufsize) gbump(1);
-@@ -97,7 +97,7 @@
+ if (this->bufsize)
+ {
+@@ -103,7 +103,7 @@ int fcgi_streambuf::uflow()
+ }
}
- // Note that the expected behaviour when there is no buffer varies
-int fcgi_streambuf::underflow()
+std::basic_streambuf<char>::int_type fcgi_streambuf::underflow()
{
-diff -urN fcgi-2.4.0/Makefile.am fcgi-2.4.0.new/Makefile.am
---- fcgi-2.4.0/Makefile.am 2001-12-22 14:05:39.000000000 +0100
-+++ fcgi-2.4.0.new/Makefile.am 2007-08-28 11:05:10.000000000 +0200
+diff --git a/Makefile.am b/Makefile.am
+index b35f7f3..c34a274 100755
+--- a/Makefile.am
++++ b/Makefile.am
@@ -4,7 +4,7 @@
- # $Id: Makefile.am,v 1.7 2001/12/22 13:05:39 robs Exp $
+ # $Id: Makefile.am,v 1.8 2003/11/02 21:42:47 robs Exp $
#
-SUBDIRS = libfcgi cgi-fcgi examples include
include_HEADERS = fcgi_config.h
-diff -urN fcgi-2.4.0/Makefile.in fcgi-2.4.0.new/Makefile.in
---- fcgi-2.4.0/Makefile.in 2003-01-19 18:21:15.000000000 +0100
-+++ fcgi-2.4.0.new/Makefile.in 2007-08-28 11:04:55.000000000 +0200
-@@ -93,7 +93,7 @@
- am__quote = @am__quote@
- install_sh = @install_sh@
-
--SUBDIRS = libfcgi cgi-fcgi examples include
-+SUBDIRS = libfcgi cgi-fcgi include
-
- include_HEADERS = fcgi_config.h
-
-Index: fcgi-2.4.0/libfcgi/fcgio.cpp
-===================================================================
---- fcgi-2.4.0.orig/libfcgi/fcgio.cpp 2014-05-15 10:43:15.153971782 +0200
-+++ fcgi-2.4.0/libfcgi/fcgio.cpp 2014-05-15 10:44:44.037974020 +0200
+diff --git a/libfcgi/fcgio.cpp b/libfcgi/fcgio.cpp
+index 5a54c11..9ecca45 100644
+--- a/libfcgi/fcgio.cpp
++++ b/libfcgi/fcgio.cpp
@@ -23,6 +23,7 @@
#endif
--- /dev/null
+From 78fac26891fe7494355021dbac109b807b8c6d53 Mon Sep 17 00:00:00 2001
+From: Joachim Nilsson <troglobit@gmail.com>
+Date: Mon, 14 May 2018 15:40:43 +0200
+Subject: [PATCH] Convert AM_INIT_AUTOMAKE() --> AC_INIT() and trigger non-GNU
+ project
+
+Converts from old-style configure syntax with AM_INIT_AUTOMAKE to
+AC_INIT and enable "foreign" mode, i.e. non-GNU conformant tree
+to avoid copying in COPYING and other files when autogen.sh runs.
+
+Signed-off-by: Joachim Nilsson <troglobit@gmail.com>
+---
+ configure.in | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/configure.in b/configure.in
+index 2f72645..c5fbc4b 100755
+--- a/configure.in
++++ b/configure.in
+@@ -4,8 +4,8 @@ dnl This file is an input file used by the GNU "autoconf" program to
+ dnl generate the file "configure", which is run during the build
+ dnl to configure the system for the local environment.
+
+-AC_INIT
+-AM_INIT_AUTOMAKE(fcgi, 2.4.1-SNAP-0910052249)
++AC_INIT(fcgi, 2.4.1-SNAP-0910052249)
++AM_INIT_AUTOMAKE([1.11 foreign])
+
+ AM_CONFIG_HEADER(fcgi_config.h)
+
+--
+2.20.0
+
include $(TOPDIR)/rules.mk
PKG_NAME:=glib2
-PKG_VERSION:=2.58.1
-PKG_RELEASE:=2
+PKG_VERSION:=2.58.2
+PKG_RELEASE:=1
PKG_SOURCE:=glib-$(PKG_VERSION).tar.xz
PKG_BUILD_DIR:=$(BUILD_DIR)/glib-$(PKG_VERSION)
PKG_SOURCE_URL:=@GNOME/glib/2.58
-PKG_HASH:=97d6a9d926b6aa3dfaadad3077cfb43eec74432ab455dff14250c769d526d7d6
+PKG_HASH:=c7b24ed6536f1a10fc9bce7994e55c427b727602e78342821f1f07fb48753d4b
PKG_BUILD_PARALLEL:=1
HOST_BUILD_PARALLEL:=1
PKG_NAME:=ibrcommon
PKG_VERSION:=1.0.1
-PKG_RELEASE:=4
+PKG_RELEASE:=5
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://www.ibr.cs.tu-bs.de/projects/ibr-dtn/releases
PKG_INSTALL:=1
PKG_FIXUP:=libtool
+include $(INCLUDE_DIR)/uclibc++.mk
include $(INCLUDE_DIR)/package.mk
define Package/ibrcommon
SECTION:=libs
CATEGORY:=Libraries
- DEPENDS:=+libstdcpp +libpthread +librt +libnl +libopenssl
+ DEPENDS:=$(CXX_DEPENDS) +libpthread +librt +libnl +libopenssl
TITLE:=IBR Common C++ Library
endef
include $(TOPDIR)/rules.mk
PKG_NAME:=jansson
-PKG_VERSION:=2.11
+PKG_VERSION:=2.12
PKG_RELEASE:=1
PKG_LICENSE:=MIT
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=http://www.digip.org/jansson/releases/
-PKG_HASH:=783132e2fc970feefc2fa54199ef65ee020bd8e0e991a78ea44b8586353a0947
+PKG_HASH:=645d72cc5dbebd4df608d33988e55aa42a7661039e19a379fcbe5c79d1aee1d2
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
PKG_NAME:=audiofile
PKG_VERSION:=0.3.6
-PKG_RELEASE:=4
+PKG_RELEASE:=5
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@GNOME/$(PKG_NAME)/0.3
PKG_FIXUP:=autoreconf
PKG_INSTALL=1
+include $(INCLUDE_DIR)/uclibc++.mk
include $(INCLUDE_DIR)/package.mk
define Package/libaudiofile
CATEGORY:=Libraries
TITLE:=Audio File library
URL:=http://audiofile.68k.org/
- DEPENDS:=+libflac +libstdcpp
+ DEPENDS:=$(CXX_DEPENDS) +libflac
endef
define Package/libaudiofile/description
include $(TOPDIR)/rules.mk
PKG_NAME:=libdouble-conversion
-PKG_VERSION:=2.0
+PKG_VERSION:=3.1.1
PKG_RELEASE:=1
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=0d25506a2e7fb52928963313343e0237e890059e
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_MIRROR_HASH:=7466f634421f3136174cbc2b00635788509a3312894de28367f31d891fd401ad
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_URL:=https://github.com/google/double-conversion.git
+PKG_SOURCE:=double-conversion-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://codeload.github.com/google/double-conversion/tar.gz/v$(PKG_VERSION)?
+PKG_HASH:=c49a6b3fa9c917f827b156c8e0799ece88ae50440487a99fc2f284cfd357a5b9
+PKG_BUILD_DIR:=$(BUILD_DIR)/double-conversion-$(PKG_VERSION)
+
+PKG_MAINTAINER:=
+PKG_LICENSE:=BSD-3c
PKG_LICENSE_FILES:=COPYING LICENSE
include $(INCLUDE_DIR)/package.mk
define Package/libdouble-conversion/description
double-conversion provides binary-decimal and decimal-binary routines for IEEE doubles.
-
+
The library consists of efficient conversion routines that have been extracted
from the V8 JavaScript engine. The code has been refactored and improved so that
it can be used more easily in other projects.
include $(TOPDIR)/rules.mk
PKG_NAME:=libedit
-PKG_VERSION:=20170329-3.1
+PKG_VERSION:=20181209-3.1
PKG_RELEASE:=1
PKG_MAINTAINER:=Daniel Salzman <daniel.salzman@nic.cz>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://thrysoee.dk/editline/
-PKG_HASH:=91f2d90fbd2a048ff6dad7131d9a39e690fd8a8fd982a353f1333dd4017dd4be
+PKG_HASH:=2811d70c0b000f2ca91b7cb1a37203134441743c4fcc9c37b0b687f328611064
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
PKG_INSTALL:=1
include $(TOPDIR)/rules.mk
PKG_NAME:=libgpg-error
-PKG_VERSION:=1.32
+PKG_VERSION:=1.33
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://www.gnupg.org/ftp/gcrypt/libgpg-error/
-PKG_HASH:=c345c5e73cc2332f8d50db84a2280abfb1d8f6d4f1858b9daa30404db44540ca
+PKG_HASH:=5d38826656e746c936e7742d9cde072b50baa3c4c49daa168a56813612bf03ff
+
+PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org>
PKG_LICENSE:=LGPL-2.1+
PKG_LICENSE_FILES:=COPYING
CATEGORY:=Libraries
TITLE:=GnuPG error handling helper library
URL:=http://www.gnupg.org/related_software/libgpg-error/
- MAINTAINER:=W. Michael Petullo <mike@flyn.org>
endef
define Package/libgpg-error/description
-diff -u --recursive libgpg-error-1.32-vanilla/configure.ac libgpg-error-1.32/configure.ac
---- libgpg-error-1.32-vanilla/configure.ac 2018-07-15 01:23:30.028462129 -0400
-+++ libgpg-error-1.32/configure.ac 2018-07-15 01:25:32.214267179 -0400
-@@ -74,6 +74,18 @@
+--- a/configure.ac
++++ b/configure.ac
+@@ -74,6 +74,18 @@ AM_SILENT_RULES
AC_CANONICAL_HOST
AB_INIT
include $(TOPDIR)/rules.mk
PKG_NAME:=libndpi
-PKG_VERSION:=2.4
-PKG_RELEASE:=4
+PKG_VERSION:=2.6
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/ntop/nDPI/tar.gz/$(PKG_VERSION)?
-PKG_HASH:=5243e16b1c4a2728e9487466b2b496d8ffef18a44ff7ee6dfdc21e72008c6d29
+PKG_HASH:=efdfb68940385b18079920330528978765dc2a90c8163d10f63301bddadbf91e
PKG_BUILD_DIR:=$(BUILD_DIR)/nDPI-$(PKG_VERSION)
PKG_MAINTAINER:=Banglang Huang <banglang.huang@foxmail.com>
PKG_LICENSE:=LGPLv3
+PKG_LICENSE_FILES:=COPYING
PKG_FIXUP:=autoreconf
PKG_BUILD_DEPENDS:=libpcap
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
+include $(INCLUDE_DIR)/uclibc++.mk
include $(INCLUDE_DIR)/package.mk
define Package/libndpi
CATEGORY:=Libraries
TITLE:=Library for deep-packet inspection
URL:=https://github.com/ntop/nDPI
- DEPENDS:=+libpcap +libjson-c
+ DEPENDS:=$(CXX_DEPENDS) +libpcap +libjson-c
endef
define Package/libndpi/description
$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
$(CP) \
- $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libndpi.pc \
+ $(PKG_INSTALL_DIR)/usr/libdata/pkgconfig/libndpi.pc \
$(1)/usr/lib/pkgconfig/
endef
$(1)/usr/lib/
$(INSTALL_DIR) $(1)/usr/bin/
$(CP) \
- $(PKG_INSTALL_DIR)/usr/bin/ndpiReader \
+ $(PKG_INSTALL_DIR)/usr/local/bin/ndpiReader \
$(1)/usr/bin/
endef
+++ /dev/null
-From 91ac4e4beed953fc9d2185ca2e6813dde47e8d5a Mon Sep 17 00:00:00 2001
-From: Guido Falsi <mad@madpilot.net>
-Date: Mon, 27 Aug 2018 17:52:56 +0200
-Subject: [PATCH 1/9] Move the configure include file inclusion and code
- depending on it in code protected by the NDPI_LIB_COMPILATION define, this
- should avoid it polluting the environment when including this file from
- ntopng, version against stable branch.
-
----
- src/include/ndpi_typedefs.h | 15 ++++++++++-----
- src/lib/ndpi_main.c | 7 -------
- 2 files changed, 10 insertions(+), 12 deletions(-)
-
-diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h
-index 6a61b44..386b217 100644
---- a/src/include/ndpi_typedefs.h
-+++ b/src/include/ndpi_typedefs.h
-@@ -26,9 +26,6 @@
-
- #include "ndpi_define.h"
-
--/* Needed to have access to HAVE_* defines */
--#include "ndpi_config.h"
--
- /* NDPI_LOG_LEVEL */
- typedef enum {
- NDPI_LOG_ERROR,
-@@ -854,7 +851,17 @@ typedef struct ndpi_proto {
- #define NUM_CUSTOM_CATEGORIES 5
- #define CUSTOM_CATEGORY_LABEL_LEN 32
-
-+#ifdef NDPI_LIB_COMPILATION
-+
-+/* Needed to have access to HAVE_* defines */
-+#include "ndpi_define.h"
-+
- #ifdef HAVE_HYPERSCAN
-+struct hs {
-+ hs_database_t *database;
-+ hs_scratch_t *scratch;
-+};
-+
- struct hs_list {
- char *expression;
- unsigned int id;
-@@ -862,8 +869,6 @@ struct hs_list {
- };
- #endif
-
--#ifdef NDPI_LIB_COMPILATION
--
- struct ndpi_detection_module_struct {
- NDPI_PROTOCOL_BITMASK detection_bitmask;
- NDPI_PROTOCOL_BITMASK generic_http_packet_bitmask;
-diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
-index b002126..8061aa1 100644
---- a/src/lib/ndpi_main.c
-+++ b/src/lib/ndpi_main.c
-@@ -51,13 +51,6 @@
- #include <hs/hs.h>
- #endif
-
--#ifdef HAVE_HYPERSCAN
--struct hs {
-- hs_database_t *database;
-- hs_scratch_t *scratch;
--};
--#endif
--
- #define NDPI_CONST_GENERIC_PROTOCOL_NAME "GenericProtocol"
-
- static int _ndpi_debug_callbacks = 0;
---
-2.19.1
-
+++ /dev/null
-From 6be5188ff93780a7f2acd48f41c4ac1846597091 Mon Sep 17 00:00:00 2001
-From: Luca <deri@ntop.org>
-Date: Tue, 11 Sep 2018 10:02:34 +0300
-Subject: [PATCH 2/9] Fixes #600 Backport of recent fixes (e.g. #601)
-
----
- Makefile.am | 5 ++-
- autogen.sh | 2 +-
- configure.seed | 13 +++++--
- src/lib/Makefile | 26 --------------
- src/lib/Makefile.in | 54 ++++++++++++++++++++++++++++++
- src/lib/ndpi_main.c | 2 --
- src/lib/protocols/ssl.c | 36 ++++++++++++++------
- src/lib/third_party/include/hash.h | 1 +
- 8 files changed, 94 insertions(+), 45 deletions(-)
- delete mode 100644 src/lib/Makefile
- create mode 100644 src/lib/Makefile.in
-
-diff --git a/Makefile.am b/Makefile.am
-index 17c6748..37f0849 100644
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -1,8 +1,7 @@
- ACLOCAL_AMFLAGS = -I m4
--
- SUBDIRS = src/lib example tests
-
--pkgconfigdir = $(libdir)/pkgconfig
-+pkgconfigdir = $(prefix)/libdata/pkgconfig
- pkgconfig_DATA = libndpi.pc
-
--EXTRA_DIST = libndpi.sym autogen.sh
-+EXTRA_DIST = autogen.sh
-diff --git a/autogen.sh b/autogen.sh
-index 6596b2f..efeffc4 100755
---- a/autogen.sh
-+++ b/autogen.sh
-@@ -5,7 +5,7 @@ NDPI_MINOR="4"
- NDPI_PATCH="0"
- NDPI_VERSION_SHORT="$NDPI_MAJOR.$NDPI_MINOR.$NDPI_PATCH"
-
--rm -f configure config.h config.h.in src/lib/Makefile.in
-+rm -f configure config.h config.h.in
-
- AUTOCONF=$(command -v autoconf)
- AUTOMAKE=$(command -v automake)
-diff --git a/configure.seed b/configure.seed
-index 6b85c66..8f8817f 100644
---- a/configure.seed
-+++ b/configure.seed
-@@ -10,6 +10,7 @@ AC_PROG_CC
- AM_PROG_CC_C_O
- AX_PTHREAD
-
-+NDPI_VERSION_SHORT="@NDPI_VERSION_SHORT@"
- NDPI_MAJOR="@NDPI_MAJOR@"
- NDPI_MINOR="@NDPI_MINOR@"
- NDPI_PATCH="@NDPI_PATCH@"
-@@ -51,11 +52,16 @@ else
- AC_CHECK_LIB([numa], [numa_available], [LIBNUMA="-lnuma"])
- fi
-
--
-+if test -z `which clang`; then
-+CC=gcc
-+else
-+CC=clang
-+fi
-+
- HS_LIB=
- HS_INC=
-
--AC_ARG_WITH(hyperscan, [ --with-hyperscan Enable nDPI build with Intel Hyperscan])
-+AC_ARG_WITH(hyperscan, [ --with-hyperscan Enable nDPI build with Intel Hyperscan])
-
- if test "${with_hyperscan+set}" = set; then
- BKP=$LIBS
-@@ -127,12 +133,13 @@ AC_ARG_ENABLE([debug-messages],
-
- AC_CHECK_LIB(pthread, pthread_setaffinity_np, AC_DEFINE_UNQUOTED(HAVE_PTHREAD_SETAFFINITY_NP, 1, [libc has pthread_setaffinity_np]))
-
--AC_CONFIG_FILES([Makefile example/Makefile tests/Makefile libndpi.pc src/include/ndpi_define.h])
-+AC_CONFIG_FILES([Makefile example/Makefile tests/Makefile libndpi.pc src/include/ndpi_define.h src/lib/Makefile])
- AC_CONFIG_HEADERS(src/include/ndpi_config.h)
- AC_SUBST(GIT_RELEASE)
- AC_SUBST(NDPI_MAJOR)
- AC_SUBST(NDPI_MINOR)
- AC_SUBST(NDPI_PATCH)
-+AC_SUBST(NDPI_VERSION_SHORT)
- AC_SUBST(SVN_DATE)
- AC_SUBST(JSON_C_LIB)
- AC_SUBST(PCAP_INC)
-diff --git a/src/lib/Makefile b/src/lib/Makefile
-deleted file mode 100644
-index 19c6f1c..0000000
---- a/src/lib/Makefile
-+++ /dev/null
-@@ -1,26 +0,0 @@
--#
--# Simple non-autotools dependent makefile
--#
--# ./autogen.sh
--# cd src/lib
--# make -f Makefile.simple
--#
--CFLAGS += -fPIC -DPIC -I../include -Ithird_party/include -DNDPI_LIB_COMPILATION -g
--RANLIB = ranlib
--
--OBJECTS = $(patsubst protocols/%.c, protocols/%.o, $(wildcard protocols/*.c)) $(patsubst third_party/src/%.c, third_party/src/%.o, $(wildcard third_party/src/*.c)) ndpi_main.o
--HEADERS = $(wildcard ../include/*.h)
--
--all: libndpi.a
--
--ndpi_main.c: ndpi_content_match.c.inc
--
--libndpi.a: $(OBJECTS)
-- ar rc $@ $(OBJECTS)
-- $(RANLIB) $@
--
--%.o: %.c $(HEADERS) Makefile
-- $(CC) $(CFLAGS) -c $< -o $@
--
--clean:
-- /bin/rm -f libndpi.a $(OBJECTS)
-diff --git a/src/lib/Makefile.in b/src/lib/Makefile.in
-new file mode 100644
-index 0000000..ca29001
---- /dev/null
-+++ b/src/lib/Makefile.in
-@@ -0,0 +1,54 @@
-+#
-+# Simple non-autotools dependent makefile
-+#
-+# ./autogen.sh
-+# cd src/lib
-+# make Makefile
-+#
-+
-+
-+#
-+# Installation directories
-+#
-+prefix = /usr/local
-+libdir = ${prefix}/lib
-+includedir = ${prefix}/include/ndpi
-+CC = @CC@
-+CFLAGS += -fPIC -DPIC -I../include -Ithird_party/include -DNDPI_LIB_COMPILATION -O2 # -g
-+RANLIB = ranlib
-+
-+OBJECTS = $(patsubst protocols/%.c, protocols/%.o, $(wildcard protocols/*.c)) $(patsubst third_party/src/%.c, third_party/src/%.o, $(wildcard third_party/src/*.c)) ndpi_main.o
-+HEADERS = $(wildcard ../include/*.h)
-+NDPI_LIB_STATIC = libndpi.a
-+NDPI_LIB_SHARED_BASE = libndpi.so
-+NDPI_LIB_SHARED = $(NDPI_LIB_SHARED_BASE).@NDPI_VERSION_SHORT@
-+NDPI_LIBS = $(NDPI_LIB_STATIC) $(NDPI_LIB_SHARED)
-+
-+ifeq ($(OS),Darwin)
-+CC=clang
-+endif
-+
-+all: $(NDPI_LIBS)
-+
-+ndpi_main.c: ndpi_content_match.c.inc
-+
-+$(NDPI_LIB_STATIC): $(OBJECTS)
-+ ar rc $@ $(OBJECTS)
-+ $(RANLIB) $@
-+
-+$(NDPI_LIB_SHARED): $(OBJECTS)
-+ $(CC) -shared -fPIC -o $@ $(OBJECTS)
-+ ln -Fs $(NDPI_LIB_SHARED) $(NDPI_LIB_SHARED_BASE)
-+
-+%.o: %.c $(HEADERS) Makefile
-+ $(CC) $(CFLAGS) -c $< -o $@
-+
-+clean:
-+ /bin/rm -f $(NDPI_LIB_STATIC) $(OBJECTS) *.o *.so *.lo
-+
-+install: $(NDPI_LIBS)
-+ mkdir -p $(DESTDIR)$(libdir)
-+ cp $(NDPI_LIBS) $(DESTDIR)$(libdir)/
-+ ln -Fs $(DESTDIR)$(libdir)/$(NDPI_LIB_SHARED) $(DESTDIR)$(libdir)/$(NDPI_LIB_SHARED_BASE)
-+ mkdir -p $(DESTDIR)$(includedir)
-+ cp ../include/*.h $(DESTDIR)$(includedir)
-diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
-index 8061aa1..540e158 100644
---- a/src/lib/ndpi_main.c
-+++ b/src/lib/ndpi_main.c
-@@ -43,9 +43,7 @@
-
- #include "ndpi_content_match.c.inc"
- #include "third_party/include/ndpi_patricia.h"
--#include "third_party/src/ndpi_patricia.c"
- #include "third_party/include/hash.h"
--#include "third_party/src/hash.c"
-
- #ifdef HAVE_HYPERSCAN
- #include <hs/hs.h>
-diff --git a/src/lib/protocols/ssl.c b/src/lib/protocols/ssl.c
-index b8c3697..59aedcb 100644
---- a/src/lib/protocols/ssl.c
-+++ b/src/lib/protocols/ssl.c
-@@ -27,7 +27,7 @@
-
- #include "ndpi_api.h"
-
--/* #define CERTIFICATE_DEBUG 1 */
-+// #define CERTIFICATE_DEBUG 1
- #define NDPI_MAX_SSL_REQUEST_SIZE 10000
-
- /* Skype.c */
-@@ -246,28 +246,43 @@ int getSSLcertificate(struct ndpi_detection_module_struct *ndpi_struct,
- u_int16_t compression_len;
- u_int16_t extensions_len;
-
-- compression_len = packet->payload[offset+1];
-- offset += compression_len + 3;
-+ offset++;
-+ compression_len = packet->payload[offset];
-+ offset++;
-+
-+#ifdef CERTIFICATE_DEBUG
-+ printf("SSL [compression_len: %u]\n", compression_len);
-+#endif
-+
-+ // offset += compression_len + 3;
-+ offset += compression_len;
-
- if(offset < total_len) {
-- extensions_len = packet->payload[offset];
-+ extensions_len = ntohs(*((u_int16_t*)&packet->payload[offset]));
-+ offset += 2;
-+
-+#ifdef CERTIFICATE_DEBUG
-+ printf("SSL [extensions_len: %u]\n", extensions_len);
-+#endif
-
-- if((extensions_len+offset) < total_len) {
-+ if((extensions_len+offset) <= total_len) {
- /* Move to the first extension
- Type is u_int to avoid possible overflow on extension_len addition */
-- u_int extension_offset = 1;
-+ u_int extension_offset = 0;
-
- while(extension_offset < extensions_len) {
- u_int16_t extension_id, extension_len;
-
-- memcpy(&extension_id, &packet->payload[offset+extension_offset], 2);
-+ extension_id = ntohs(*((u_int16_t*)&packet->payload[offset+extension_offset]));
- extension_offset += 2;
-
-- memcpy(&extension_len, &packet->payload[offset+extension_offset], 2);
-+ extension_len = ntohs(*((u_int16_t*)&packet->payload[offset+extension_offset]));
- extension_offset += 2;
-
-- extension_id = ntohs(extension_id), extension_len = ntohs(extension_len);
--
-+#ifdef CERTIFICATE_DEBUG
-+ printf("SSL [extension_id: %u][extension_len: %u]\n", extension_id, extension_len);
-+#endif
-+
- if(extension_id == 0) {
- u_int begin = 0,len;
- char *server_name = (char*)&packet->payload[offset+extension_offset];
-@@ -316,6 +331,7 @@ int sslTryAndRetrieveServerCertificate(struct ndpi_detection_module_struct *ndpi
- if((packet->payload_packet_len > 9) && (packet->payload[0] == 0x16)) {
- char certificate[64];
- int rc;
-+
- certificate[0] = '\0';
- rc = getSSLcertificate(ndpi_struct, flow, certificate, sizeof(certificate));
- packet->ssl_certificate_num_checks++;
-diff --git a/src/lib/third_party/include/hash.h b/src/lib/third_party/include/hash.h
-index 4f53e5a..2251706 100644
---- a/src/lib/third_party/include/hash.h
-+++ b/src/lib/third_party/include/hash.h
-@@ -25,5 +25,6 @@ extern int ht_hash( hashtable_t *hashtable, char *key );
- extern entry_t *ht_newpair( char *key, u_int16_t value );
- extern void ht_set( hashtable_t *hashtable, char *key, u_int16_t value );
- extern u_int16_t ht_get( hashtable_t *hashtable, char *key );
-+extern void ht_free( hashtable_t *hashtable );
-
- #endif /* _HASH_H_ */
---
-2.19.1
-
+++ /dev/null
-From efd8348c3a5ace204410608f1805c9d5899096ab Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?=D0=98=D0=B2=D0=B0=D0=BD=20=D0=A1=D0=BF=D0=B8=D0=BD=D0=B5?=
- =?UTF-8?q?=D0=BD=D0=BA=D0=BE?= <ispinenko@ideco.ru>
-Date: Thu, 13 Sep 2018 18:23:47 +0500
-Subject: [PATCH 3/9] Fixed duplicate protocol name. #607
-
----
- src/lib/ndpi_main.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
-index 540e158..33ccbb1 100644
---- a/src/lib/ndpi_main.c
-+++ b/src/lib/ndpi_main.c
-@@ -1225,7 +1225,7 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp
- ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */);
- ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_VIDTO,
- no_master,
-- no_master, "PPStream", NDPI_PROTOCOL_CATEGORY_MEDIA,
-+ no_master, "Vidto", NDPI_PROTOCOL_CATEGORY_MEDIA,
- ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */,
- ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */);
-
---
-2.19.1
-
+++ /dev/null
-From ba72865f23cd0d52f373573308e0e05c5bd37ba8 Mon Sep 17 00:00:00 2001
-From: Luca Deri <deri@ntop.org>
-Date: Wed, 19 Sep 2018 11:11:15 +0200
-Subject: [PATCH 4/9] Added missing ndpi_protocol2id() prototype Fixed error
- when crearing symlink in Makefile
-
----
- src/include/ndpi_api.h | 15 ++++++++++++++-
- src/lib/Makefile.in | 2 +-
- 2 files changed, 15 insertions(+), 2 deletions(-)
-
-diff --git a/src/include/ndpi_api.h b/src/include/ndpi_api.h
-index 3fefc8e..56c5436 100644
---- a/src/include/ndpi_api.h
-+++ b/src/include/ndpi_api.h
-@@ -420,7 +420,7 @@ extern "C" {
- char *bigram_to_match);
-
- /**
-- * Write the protocol name in the buffer -buf- as master_protocol.protocol
-+ * Write the protocol name in the buffer -buf- as master_protocol.protocol (string)
- *
- * @par ndpi_mod = the detection module
- * @par proto = the struct ndpi_protocol contain the protocols name
-@@ -432,6 +432,19 @@ extern "C" {
- char* ndpi_protocol2name(struct ndpi_detection_module_struct *ndpi_mod,
- ndpi_protocol proto, char *buf, u_int buf_len);
-
-+ /**
-+ * Write the protocol name in the buffer -buf- as master_protocol.protocol (number)
-+ *
-+ * @par ndpi_mod = the detection module
-+ * @par proto = the struct ndpi_protocol contain the protocols name
-+ * @par buf = the buffer to write the name of the protocols
-+ * @par buf_len = the length of the buffer
-+ * @return the buffer contains the master_protocol and protocol name
-+ *
-+ */
-+ char* ndpi_protocol2id(struct ndpi_detection_module_struct *ndpi_mod,
-+ ndpi_protocol proto, char *buf, u_int buf_len);
-+
- /**
- * Find out if a given category is custom/user-defined
- *
-diff --git a/src/lib/Makefile.in b/src/lib/Makefile.in
-index ca29001..cbbc54b 100644
---- a/src/lib/Makefile.in
-+++ b/src/lib/Makefile.in
-@@ -38,7 +38,7 @@ $(NDPI_LIB_STATIC): $(OBJECTS)
-
- $(NDPI_LIB_SHARED): $(OBJECTS)
- $(CC) -shared -fPIC -o $@ $(OBJECTS)
-- ln -Fs $(NDPI_LIB_SHARED) $(NDPI_LIB_SHARED_BASE)
-+ ln -fs $(NDPI_LIB_SHARED) $(NDPI_LIB_SHARED_BASE)
-
- %.o: %.c $(HEADERS) Makefile
- $(CC) $(CFLAGS) -c $< -o $@
---
-2.19.1
-
+++ /dev/null
-From 54fd7face86f3d5287bc8d0f2633bd13c66498cf Mon Sep 17 00:00:00 2001
-From: Vitaly Lavrov <vel21ripn@gmail.com>
-Date: Sun, 30 Sep 2018 22:49:18 +0300
-Subject: [PATCH 5/9] Do not use the available clang as the default compiler.
- Use the CC environment variable when running autogen.sh and configure.
-
----
- configure.seed | 6 ------
- 1 file changed, 6 deletions(-)
-
-diff --git a/configure.seed b/configure.seed
-index 8f8817f..b150fdb 100644
---- a/configure.seed
-+++ b/configure.seed
-@@ -51,12 +51,6 @@ if test $SHORT_MACHINE = "arm"; then
- else
- AC_CHECK_LIB([numa], [numa_available], [LIBNUMA="-lnuma"])
- fi
--
--if test -z `which clang`; then
--CC=gcc
--else
--CC=clang
--fi
-
- HS_LIB=
- HS_INC=
---
-2.19.1
-
+++ /dev/null
-From 6dcf1f3fbab782804339db5a3fe8cd0c88c07795 Mon Sep 17 00:00:00 2001
-From: lucaderi <deri@ntop.org>
-Date: Thu, 4 Oct 2018 21:36:46 +0200
-Subject: [PATCH 6/9] Backported ndpi_protocol2id
-
----
- src/include/ndpi_api.h | 17 +++++++++++++++--
- src/lib/ndpi_main.c | 17 +++++++++++++++++
- 2 files changed, 32 insertions(+), 2 deletions(-)
-
-diff --git a/src/include/ndpi_api.h b/src/include/ndpi_api.h
-index 56c5436..ccbad73 100644
---- a/src/include/ndpi_api.h
-+++ b/src/include/ndpi_api.h
-@@ -274,7 +274,7 @@ extern "C" {
- */
- u_int16_t ndpi_get_flow_masterprotocol(struct ndpi_detection_module_struct *ndpi_struct,
- struct ndpi_flow_struct *flow);
--
-+
- /**
- * API call that is called internally by ndpi_detection_process_packet or by apps
- * that want to avoid calling ndpi_detection_process_packet as they have already
-@@ -432,6 +432,19 @@ extern "C" {
- char* ndpi_protocol2name(struct ndpi_detection_module_struct *ndpi_mod,
- ndpi_protocol proto, char *buf, u_int buf_len);
-
-+ /**
-+ * Same as ndpi_protocol2name() with the difference that the numeric protocol
-+ * name is returned
-+ *
-+ * @par ndpi_mod = the detection module
-+ * @par proto = the struct ndpi_protocol contain the protocols name
-+ * @par buf = the buffer to write the name of the protocols
-+ * @par buf_len = the length of the buffer
-+ * @return the buffer contains the master_protocol and protocol name
-+ *
-+ */
-+ char* ndpi_protocol2id(struct ndpi_detection_module_struct *ndpi_mod,
-+ ndpi_protocol proto, char *buf, u_int buf_len);
- /**
- * Write the protocol name in the buffer -buf- as master_protocol.protocol (number)
- *
-@@ -746,7 +759,7 @@ extern "C" {
- u_int ndpi_get_ndpi_num_custom_protocols(struct ndpi_detection_module_struct *ndpi_mod);
- u_int ndpi_get_ndpi_detection_module_size();
- void ndpi_set_log_level(struct ndpi_detection_module_struct *ndpi_mod, u_int l);
--
-+
- /**
- * Add a string to match to an automata
- *
-diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
-index 33ccbb1..e1cf577 100644
---- a/src/lib/ndpi_main.c
-+++ b/src/lib/ndpi_main.c
-@@ -5319,6 +5319,23 @@ ndpi_protocol ndpi_guess_undetected_protocol(struct ndpi_detection_module_struct
-
- /* ****************************************************** */
-
-+char* ndpi_protocol2id(struct ndpi_detection_module_struct *ndpi_mod,
-+ ndpi_protocol proto, char *buf, u_int buf_len) {
-+ if((proto.master_protocol != NDPI_PROTOCOL_UNKNOWN)
-+ && (proto.master_protocol != proto.app_protocol)) {
-+ if(proto.app_protocol != NDPI_PROTOCOL_UNKNOWN)
-+ snprintf(buf, buf_len, "%u.%u",
-+ proto.master_protocol, proto.app_protocol);
-+ else
-+ snprintf(buf, buf_len, "%u", proto.master_protocol);
-+ } else
-+ snprintf(buf, buf_len, "%u", proto.app_protocol);
-+
-+ return(buf);
-+}
-+
-+/* ****************************************************** */
-+
- char* ndpi_protocol2name(struct ndpi_detection_module_struct *ndpi_mod,
- ndpi_protocol proto, char *buf, u_int buf_len) {
- if((proto.master_protocol != NDPI_PROTOCOL_UNKNOWN)
---
-2.19.1
-
+++ /dev/null
-From a1f6cbb6c9a212b5b3b6605254ae35bead5c43df Mon Sep 17 00:00:00 2001
-From: Hank Leininger <hlein@korelogic.com>
-Date: Mon, 8 Oct 2018 18:17:30 -0600
-Subject: [PATCH 7/9] Symlink the shared library to pwd.
-
-DESTDIR is used, for instance, by distros to facilitate installing
-to a temp path for testing / package-building.
-
-In general nDPI supports DESTDIR (yay!), but using an absolute path
-for the target of the library link has two problems:
-
-1) If DESTDIR is set to /some/tmp/path, we end up with a link that
-points to /some/tmp/path/usr/lib/libndpi-x.y.z, which is definitely
-not what is intended - once the package is installed, the link is
-broken.
-
-2) Absolute links are problematic for distributions; pointing to
-/usr/lib/libndpi-x.y.z during package build-and-test would point to
-either a nonexistent file, or an old and possibly wrong one.
-
-Both of these are avoided if we just link to the target with no path
-at all.
----
- src/lib/Makefile.in | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/lib/Makefile.in b/src/lib/Makefile.in
-index cbbc54b..dc1e34b 100644
---- a/src/lib/Makefile.in
-+++ b/src/lib/Makefile.in
-@@ -49,6 +49,6 @@ clean:
- install: $(NDPI_LIBS)
- mkdir -p $(DESTDIR)$(libdir)
- cp $(NDPI_LIBS) $(DESTDIR)$(libdir)/
-- ln -Fs $(DESTDIR)$(libdir)/$(NDPI_LIB_SHARED) $(DESTDIR)$(libdir)/$(NDPI_LIB_SHARED_BASE)
-+ ln -Fs $(NDPI_LIB_SHARED) $(DESTDIR)$(libdir)/$(NDPI_LIB_SHARED_BASE)
- mkdir -p $(DESTDIR)$(includedir)
- cp ../include/*.h $(DESTDIR)$(includedir)
---
-2.19.1
-
+++ /dev/null
-From cfd97bbbca6afddb1bcedb407cb21127d7cb5d53 Mon Sep 17 00:00:00 2001
-From: Hank Leininger <hlein@korelogic.com>
-Date: Mon, 8 Oct 2018 19:08:51 -0600
-Subject: [PATCH 8/9] Use a more standard path for pkg-config files.
-
-The Linuxes I've checked all seem to use /usr/{,local/}lib*/pkgconfig,
-not /usr/libdata/. I think FreeBSD does use /usr/libdata/ but also
-supports /usr/lib*/pkgconfig, although I have not tested this change
-on a FreeBSD system.
----
- Makefile.am | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/Makefile.am b/Makefile.am
-index 37f0849..4090817 100644
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -1,7 +1,7 @@
- ACLOCAL_AMFLAGS = -I m4
- SUBDIRS = src/lib example tests
-
--pkgconfigdir = $(prefix)/libdata/pkgconfig
-+pkgconfigdir = $(libdir)/pkgconfig
- pkgconfig_DATA = libndpi.pc
-
- EXTRA_DIST = autogen.sh
---
-2.19.1
-
+++ /dev/null
-From b4b7a810697145b718a9a3b6d8a39e700613a640 Mon Sep 17 00:00:00 2001
-From: Hank Leininger <hlein@korelogic.com>
-Date: Mon, 8 Oct 2018 21:22:41 -0600
-Subject: [PATCH 9/9] Correct the include file path in -I CFLAGS argument.
-
-src/lib/Makefile.in install headers into ${prefix}/include/ndpi,
-but the shipped libndpi.pc.in specifies a different path. Therefore
-anything trying to build using $(pkg-config --cflags libndpi) will
-fail to find the nDPI headers.
-
-This patch simply makes libndpi.pc.in agree with src/lib/Makefile.in.
----
- libndpi.pc.in | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/libndpi.pc.in b/libndpi.pc.in
-index 291429c..5e1cde7 100644
---- a/libndpi.pc.in
-+++ b/libndpi.pc.in
-@@ -7,4 +7,4 @@ Name: libndpi
- Description: deep packet inspection library
- Version: @VERSION@
- Libs: -L${libdir} -lndpi
--Cflags: -I${includedir}/libndpi-@VERSION@
-+Cflags: -I${includedir}/ndpi
---
-2.19.1
-
include $(TOPDIR)/rules.mk
PKG_NAME:=libsigc++
-PKG_VERSION:=2.5.4
+PKG_VERSION:=2.10.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=@GNOME/libsigc++/2.5
-PKG_HASH:=ecf55f53d6058ba6e41985b862f2e95fb5c2b31c008caa16984e790547337ea7
-PKG_MAINTAINER:=Steven Barth <cyrus@openwrt.org>
-PKG_LICENSE:=LGPL-2.1
+PKG_SOURCE_URL:=@GNOME/libsigc++/2.10
+PKG_HASH:=c9a25f26178c6cbb147f9904d8c533b5a5c5111a41ac2eb781eb734eea446003
+
+PKG_MAINTAINER:=Rosen Penev <rosenp@gmail.com>
+PKG_LICENSE:=LGPL-3.0+
+PKG_LICENSE_FILES:=COPYING
PKG_FIXUP:=autoreconf
+PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
whether it is static or virtual.
endef
-TARGET_CFLAGS += $(FPIC)
-
-TARGET_CPPFLAGS += \
- -fno-strict-aliasing -fno-inline \
-
CONFIGURE_ARGS += \
--enable-shared \
--enable-static \
+ --disable-benchmark \
+ --disable-documentation \
+ --disable-deprecated-api \
+ --disable-warnings
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include
+++ /dev/null
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -22,7 +22,7 @@ doc_subdirs = docs
- else
- doc_subdirs =
- endif
--SUBDIRS = sigc++ tests examples $(doc_subdirs)
-+SUBDIRS = sigc++
-
- sigc_configdir = $(libdir)/$(SIGCXX_MODULE_NAME)/include
- nodist_sigc_config_HEADERS = sigc++config.h
---- a/Makefile.in
-+++ b/Makefile.in
-@@ -204,7 +204,7 @@ am__define_uniq_tagged_files = \
- ETAGS = etags
- CTAGS = ctags
- CSCOPE = cscope
--DIST_SUBDIRS = sigc++ tests examples docs
-+DIST_SUBDIRS = sigc++
- DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
- distdir = $(PACKAGE)-$(VERSION)
- top_distdir = $(distdir)
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/erikd/libsndfile.git
-PKG_SOURCE_DATE:=2018-11-27
-PKG_SOURCE_VERSION:=b4bd397ca74f4c72b9cabaae66fef0c3d5a8c527
-PKG_MIRROR_HASH:=bbef527d5cdc97ad14ca5337b692b7adf8f725e813ca48b445111669f79f5c5e
+PKG_SOURCE_DATE:=2018-12-24
+PKG_SOURCE_VERSION:=8ddc442d539ca775d80cdbc7af17a718634a743f
+PKG_MIRROR_HASH:=d7be85919067f51c83b74b67ea9e7043710fe009d704aa414ef57c6f48974ae1
PKG_LICENSE:=LGPLv2.1
PKG_LICENSE_FILES:=COPYING
include $(TOPDIR)/rules.mk
PKG_NAME:=liburcu
-PKG_VERSION:=0.9.4
+PKG_VERSION:=0.9.5
PKG_RELEASE:=1
PKG_MAINTAINER:=Daniel Salzman <daniel.salzman@nic.cz>
PKG_SOURCE:=userspace-rcu-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://lttng.org/files/urcu/
-PKG_HASH:=ec6c909249040dfa59bb34686482b62072ce5477f5e2e2153dac47de50b36b68
+PKG_HASH:=d948250f1b365f052b29a4c017b7d67066c905f6ab529892cc6bc35c503a38a6
PKG_BUILD_DIR:=$(BUILD_DIR)/userspace-rcu-$(PKG_VERSION)
PKG_BUILD_PARALLEL:=1
include $(TOPDIR)/rules.mk
PKG_NAME:=libuwsc
-PKG_VERSION:=3.1.1
+PKG_VERSION:=3.1.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL=https://codeload.github.com/zhaojh329/libuwsc/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=1a89d1d7464ab2881a1153cddc36dfe19ee2acb706b8a7d9d42fb13d5572ab50
+PKG_HASH:=58fd6a5eb29a22a7dd406a56e87f068f4b2fce2a4b6993bbc468a4258e4f94d2
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
PKG_MAINTAINER:=Jianhui Zhao <jianhuizhao329@gmail.com>
PKG_NAME:=v4l-utils
PKG_VERSION:=1.14.2
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://www.linuxtv.org/downloads/v4l-utils
--- /dev/null
+--- a/configure.ac
++++ b/configure.ac
+@@ -258,16 +258,9 @@ else
+ AC_MSG_WARN(ALSA library not available)
+ fi
+
+-PKG_CHECK_MODULES(libudev, libudev, have_libudev=yes, have_libudev=no)
+-if test "x$have_libudev" = "xyes"; then
+- AC_DEFINE([HAVE_LIBUDEV], [], [Use libudev])
+- LIBUDEV_CFLAGS="$libudev_CFLAGS"
+- LIBUDEV_LIBS="$libudev_LIBS"
+- AC_SUBST(LIBUDEV_CFLAGS)
+- AC_SUBST(LIBUDEV_LIBS)
+-else
+- AC_MSG_WARN(udev library not available)
+-fi
++
++# Force building without udev
++have_libudev=no
+
+ AC_SUBST([JPEG_LIBS])
+
include $(TOPDIR)/rules.mk
PKG_NAME:=openldap
-PKG_VERSION:=2.4.46
-PKG_RELEASE:=2
+PKG_VERSION:=2.4.47
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tgz
PKG_SOURCE_URL:=https://gpl.savoirfairelinux.net/pub/mirrors/openldap/openldap-release/ \
http://mirror.eu.oneandone.net/software/openldap/openldap-release/ \
http://mirror.switch.ch/ftp/software/mirror/OpenLDAP/openldap-release/ \
https://www.openldap.org/software/download/OpenLDAP/openldap-release/
-PKG_HASH:=9a90dcb86b99ae790ccab93b7585a31fbcbeec8c94bf0f7ab0ca0a87ea0c4b2d
+PKG_HASH:=f54c5877865233d9ada77c60c0f69b3e0bfd8b1b55889504c650047cc305520b
PKG_LICENSE:=OLDAP-2.8
PKG_LICENSE_FILES:=LICENSE
PKG_FIXUP:=autoreconf
+PKG_CONFIG_DEPENDS := \
+ CONFIG_OPENLDAP_DEBUG \
+ CONFIG_OPENLDAP_MONITOR \
+ CONFIG_OPENLDAP_DB47 \
+ CONFIG_OPENLDAP_ICU
+
include $(INCLUDE_DIR)/package.mk
-define Package/openldap/Default
- TITLE:=LDAP implementation
+define Package/libopenldap/Default
+ SECTION:=net
+ CATEGORY:=Network
+ SUBMENU:=OpenLDAP
+ TITLE:=LDAP directory suite
URL:=http://www.openldap.org/
MAINTAINER:=W. Michael Petullo <mike@flyn.org>
endef
-define Package/openldap/Default/description
- OpenLDAP Software is an open source implementation of the
- Lightweight Directory Access Protocol (LDAP).
-endef
-
define Package/libopenldap
- $(call Package/openldap/Default)
- SECTION:=libs
- CATEGORY:=Libraries
- DEPENDS:=+libopenssl +libsasl2 +libpthread
+ $(call Package/libopenldap/Default)
+ MENU:=1
+ DEPENDS:=+libopenssl +libsasl2 +libpthread +OPENLDAP_DB47:libdb47 +OPENLDAP_ICU:icu
TITLE+= (libraries)
endef
+define Package/libopenldap/config
+ config OPENLDAP_DEBUG
+ bool "Enable debugging information"
+ default y
+ help
+ Enable debugging information. This option must be enabled
+ for the loglevel directive to work.
+ config OPENLDAP_MONITOR
+ bool "Enable monitor backend"
+ default n
+ help
+ Enable monitor backend to obtain information about the running
+ status of the daemon. See OpenLDAP documentation for more
+ information.
+ config OPENLDAP_DB47
+ bool "Berkeley DB support"
+ default n
+ help
+ Enable Berkeley DB support (BDB).
+ config OPENLDAP_ICU
+ bool "ICU support"
+ default n
+ help
+ Enable ICU (International Components for Unicode) support.
+endef
+
define Package/libopenldap/description
- $(call Package/openldap/Default/description)
- This package contains the shared LDAP client libraries, needed by other programs.
+OpenLDAP Software is an open source implementation of the Lightweight Directory Access Protocol (LDAP). This package contains the shared LDAP client libraries, needed by other programs.
endef
define Package/libopenldap/conffiles
endef
define Package/openldap-utils
- $(call Package/openldap/Default)
- SECTION:=utils
- CATEGORY:=Utilities
+ $(call Package/libopenldap/Default)
DEPENDS:=+libopenldap
TITLE+= (utilities)
endef
define Package/openldap-utils/description
- $(call Package/openldap/Default/description)
- This package contains client programs required to access LDAP servers.
+This package contains client programs required to access LDAP servers.
endef
define Package/openldap-server
- $(call Package/openldap/Default)
- SECTION:=net
- CATEGORY:=Network
+ $(call Package/libopenldap/Default)
DEPENDS:=+libopenldap +libuuid
TITLE+= (server)
endef
define Package/openldap-server/description
- $(call Package/openldap/Default/description)
- This package contains server programs required to provide LDAP services.
+This package contains server programs required to provide LDAP services.
endef
define Package/openldap-server/conffiles
/etc/openldap/slapd.conf
+/etc/init.d/ldap
endef
TARGET_CFLAGS += $(FPIC) -lpthread \
CONFIGURE_ARGS += \
--enable-shared \
--enable-static \
- --disable-debug \
--enable-dynamic \
--enable-syslog \
- --disable-local \
- --disable-slurpd \
--with-cyrus-sasl \
- --without-fetch \
--with-threads \
--with-tls \
--with-yielding_select="yes" \
- --without-threads \
--enable-null \
- --disable-bdb \
- --disable-hdb \
- --disable-monitor \
--disable-relay
-CONFIGURE_VARS += \
- ol_cv_lib_icu="no"
+
+ifdef CONFIG_OPENLDAP_MONITOR
+ CONFIGURE_ARGS+= --enable-monitor
+else
+ CONFIGURE_ARGS+= --disable-monitor
+endif
+
+ifdef CONFIG_OPENLDAP_DEBUG
+ CONFIGURE_ARGS+= --enable-debug
+else
+ CONFIGURE_ARGS+= --disable-debug
+endif
+
+ifdef CONFIG_OPENLDAP_DB47
+ CONFIGURE_ARGS+= \
+ --enable-bdb \
+ --enable-hdb
+else
+ CONFIGURE_ARGS+= \
+ --disable-bdb \
+ --disable-hdb
+endif
+
+ifndef CONFIG_OPENLDAP_ICU
+ CONFIGURE_VARS += \
+ ol_cv_lib_icu="no"
+endif
define Build/Compile
$(MAKE) -C $(PKG_BUILD_DIR) \
DESTDIR="$(PKG_INSTALL_DIR)" \
HOSTCC="$(HOSTCC)" \
depend all install
+ cd $(PKG_BUILD_DIR)/libraries/liblmdb && $(MAKE) $(CONFIGURE_VARS)
endef
define Build/InstallDev
- $(INSTALL_DIR) $(1)/usr/include
- $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/include/{lber,ldap}*.h $(1)/usr/include/
- $(INSTALL_DIR) $(1)/usr/lib/
+ $(INSTALL_DIR) $(1)/usr/include $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/usr/include/{lber,ldap}*.h $(1)/usr/include/
$(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{lber,ldap}*.{a,so*} $(1)/usr/lib/
endef
define Package/libopenldap/install
- $(INSTALL_DIR) $(1)/etc/openldap
- $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/openldap/ldap.conf $(1)/etc/openldap/
- $(INSTALL_DIR) $(1)/usr/lib
+ $(INSTALL_DIR) $(1)/etc/openldap $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/etc/openldap/ldap.conf $(1)/etc/openldap/
$(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{lber,ldap}*.so.* $(1)/usr/lib/
endef
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/ldap.init $(1)/etc/init.d/ldap
$(INSTALL_DIR) $(1)/etc/openldap/schema
- $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/openldap/schema/* $(1)/etc/openldap/schema/
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/openldap/schema/* $(1)/etc/openldap/schema/
$(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/openldap/slapd.conf $(1)/etc/openldap/
$(INSTALL_DIR) $(1)/usr/sbin
- # XXX: OpenLDAP installs slapd into libexecdir, not sbindir:
+ # NB: OpenLDAP installs slapd into libexecdir, not sbindir
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/slapd $(1)/usr/sbin/
- # XXX: switch default backend to ldif, since bdb is disabled
- $(SED) 's|^\(database\)\([ \t]\+\)bdb|\1\2ldif|g' \
- -e 's|^\(index\)|#\1|g' \
- $(1)/etc/openldap/slapd.conf
+ $(eval SLAPTOOLS := slapadd slapcat slapdn slapindex slappasswd slaptest slapauth slapacl slapschema)
+ for i in $(SLAPTOOLS); do \
+ $(LN) ./slapd $(1)/usr/sbin/$$$$i; \
+ done
endef
$(eval $(call BuildPackage,libopenldap))
+SHELL = @SHELL@
+
SRCS = init.c config.c opensock.c search.c bind.c unbind.c add.c \
- delete.c modify.c modrdn.c compare.c result.c
+ delete.c modify.c modrdn.c compare.c result.c extended.c
OBJS = init.lo config.lo opensock.lo search.lo bind.lo unbind.lo add.lo \
--- a/servers/slapd/back-sql/Makefile.in
+++ b/servers/slapd/back-sql/Makefile.in
-Index: openldap-2.4.45/build/mkversion
-===================================================================
---- openldap-2.4.45.orig/build/mkversion
-+++ openldap-2.4.45/build/mkversion
-@@ -50,7 +50,6 @@ if test $# != 1 ; then
+--- a/build/mkversion
++++ b/build/mkversion
+@@ -50,12 +50,6 @@ if test $# != 1 ; then
fi
APPLICATION=$1
--WHOWHERE="$USER@`uname -n`:`pwd`"
+-# Reproducible builds set SOURCE_DATE_EPOCH, want constant strings
+-if [ -n "${SOURCE_DATE_EPOCH}" ]; then
+- WHOWHERE="openldap"
+-else
+- WHOWHERE="$USER@$(uname -n):$(pwd)"
+-fi
cat << __EOF__
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
-@@ -72,7 +71,6 @@ static const char copyright[] =
+@@ -77,7 +71,6 @@ static const char copyright[] =
"COPYING RESTRICTIONS APPLY\n";
$static $const char $SYMBOL[] =
+++ /dev/null
-From d7a778004b0e0c7453075f1c7d429537162df436 Mon Sep 17 00:00:00 2001
-From: Howard Chu <hyc@openldap.org>
-Date: Fri, 21 Sep 2018 18:41:20 +0100
-Subject: [PATCH] ITS#8809 add missing includes
-
----
- libraries/libldap/tls_o.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/libraries/libldap/tls_o.c b/libraries/libldap/tls_o.c
-index 010f311d7..99626ec15 100644
---- a/libraries/libldap/tls_o.c
-+++ b/libraries/libldap/tls_o.c
-@@ -43,6 +43,9 @@
- #include <openssl/err.h>
- #include <openssl/rand.h>
- #include <openssl/safestack.h>
-+#include <openssl/bn.h>
-+#include <openssl/rsa.h>
-+#include <openssl/dh.h>
- #elif defined( HAVE_SSL_H )
- #include <ssl.h>
- #endif
---
-2.19.1
-
--- /dev/null
+--- a/servers/slapd/slapd.conf
++++ b/servers/slapd/slapd.conf
+@@ -50,7 +50,7 @@ argsfile %LOCALSTATEDIR%/run/slapd.args
+ #######################################################################
+
+ database mdb
+-maxsize 1073741824
++maxsize 8388608
+ suffix "dc=my-domain,dc=com"
+ rootdn "cn=Manager,dc=my-domain,dc=com"
+ # Cleartext passwords, especially for the rootdn, should
PKG_NAME:=pcre
PKG_VERSION:=8.42
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=@SF/$(PKG_NAME)
PKG_INSTALL:=1
+include $(INCLUDE_DIR)/uclibc++.mk
include $(INCLUDE_DIR)/package.mk
define Package/libpcre/default
SECTION:=libs
CATEGORY:=Libraries
- URL:=http://www.pcre.org/
+ URL:=https://www.pcre.org/
endef
define Package/libpcre
define Package/libpcrecpp
$(call Package/libpcre/default)
TITLE:=C++ wrapper for Perl Compatible Regular Expression library
- DEPENDS:=+libpcre +libstdcpp
+ DEPENDS:=+libpcre $(CXX_DEPENDS)
endef
TARGET_CFLAGS += $(FPIC)
include $(TOPDIR)/rules.mk
PKG_NAME:=psqlodbc
+PKG_VERSION:=11.00.0000
PKG_RELEASE:=1
-PKG_VERSION:=10.03.0000
-PKG_HASH:=0d2ff2d10d9347ef6ce83c7ca24f4cb20b4044eeef9638c8ae3bc8107e9e92f8
-PKG_SOURCE_URL:=https://ftp.postgresql.org/pub/odbc/versions/src/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://ftp.postgresql.org/pub/odbc/versions/src
+PKG_HASH:=703e6b87022f95ffa00d9f86c8f0a877f8a55b9b3be0942081f382e794112a86
+PKG_MAINTAINER:=
PKG_LICENSE:=LGPL-2.0+
PKG_LICENSE_FILES:=license.txt
-PKG_INSTALL:=1
PKG_BUILD_DEPENDS:=unixodbc/host
+PKG_BUILD_PARALLEL:=1
+PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
include $(TOPDIR)/rules.mk
PKG_NAME:=sqlite
-PKG_VERSION:=3250300
-PKG_RELEASE:=1
+PKG_VERSION:=3260000
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-autoconf-$(PKG_VERSION).tar.gz
-PKG_HASH:=00ebf97be13928941940cc71de3d67e9f852698233cd98ce2d178fd08092f3dd
-PKG_SOURCE_URL:=http://www.sqlite.org/2018/
+PKG_HASH:=5daa6a3fb7d1e8c767cd59c4ded8da6e4b00c61d3b466d0685e35c4dd6d7bf5d
+PKG_SOURCE_URL:=https://www.sqlite.org/2018/
PKG_LICENSE:=PUBLICDOMAIN
PKG_LICENSE_FILES:=
SUBMENU:=database
TITLE:=SQLite (v3.x) database engine
URL:=http://www.sqlite.org/
- MAINTAINER:=Etienne CHAMPETIER <champetier.etienne@gmail.com>
+ MAINTAINER:=Sebastian Kemper <sebastian_ml@gmx.net>
endef
define Package/sqlite3/Default/description
formats.
endef
-TARGET_CFLAGS += $(FPIC) \
- -DSQLITE_ENABLE_UNLOCK_NOTIFY=1 \
+TARGET_CFLAGS += \
-DHAVE_ISNAN=1 \
- -DHAVE_MALLOC_USABLE_SIZE=1
+ -DHAVE_MALLOC_USABLE_SIZE=1 \
+ -DSQLITE_ENABLE_UNLOCK_NOTIFY=1
ifneq ($(CONFIG_SQLITE_FTS3),y)
TARGET_CFLAGS += -USQLITE_ENABLE_FTS3
--disable-editline \
--disable-static-shell
-CONFIGURE_VARS += \
- config_BUILD_CC="$(HOSTCC)" \
- config_BUILD_CFLAGS="-O2" \
- config_TARGET_CC="$(TARGET_CC)" \
- config_TARGET_CFLAGS="$(TARGET_CFLAGS)" \
- config_TARGET_READLINE_INC="$(TARGET_CPPFLAGS)" \
- config_TARGET_READLINE_LIBS="$(TARGET_LDFLAGS) -lreadline -lncurses" \
-
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include
$(CP) $(PKG_INSTALL_DIR)/usr/include/sqlite3{,ext}.h $(1)/usr/include/
include $(TOPDIR)/rules.mk
PKG_NAME:=msmtp
-PKG_VERSION:=1.6.8
-PKG_RELEASE:=2
+PKG_VERSION:=1.8.1
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://marlam.de/msmtp/releases
-PKG_HASH:=55ff95a304d888b56d07d9c62327ab9bfe26532c9c2a2ed6aefc43bea1b659fb
+PKG_HASH:=f0a2a7ed23a3ba5ca88640a9bc433507a79fdfc916b14a989d36679b7fdca4da
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
+PKG_MAINTAINER:=Rosen Penev <rosenp@gmail.com>
PKG_LICENSE:=GPL-3.0+
PKG_LICENSE_FILES:=COPYING
-PKG_MAINTAINER:=
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
-
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/nls.mk
define Package/msmtp
$(call Package/msmtp/Default)
- DEPENDS+= +libopenssl +ca-bundle
+ DEPENDS+= +libgnutls +ca-bundle
TITLE+= (with SSL support)
VARIANT:=ssl
endef
--without-libidn \
--without-libsecret \
--without-macosx-keyring \
+ --without-msmtpd
ifneq ($(CONFIG_USE_UCLIBC),)
CONFIGURE_ARGS += --disable-gai-idn
ifeq ($(BUILD_VARIANT),ssl)
CONFIGURE_ARGS += \
- --with-tls=openssl
+ --with-tls=gnutls
endif
ifeq ($(BUILD_VARIANT),nossl)
+++ /dev/null
---- a/src/tls.c
-+++ b/src/tls.c
-@@ -45,6 +45,10 @@
- # include <openssl/err.h>
- # include <openssl/rand.h>
- # include <openssl/evp.h>
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#define X509_getm_notBefore X509_get_notBefore
-+#define X509_getm_notAfter X509_get_notAfter
-+#endif
- #endif /* HAVE_LIBSSL */
-
- #ifdef HAVE_LIBIDN
-@@ -167,8 +171,10 @@ int tls_lib_init(char **errstr)
- #ifdef HAVE_LIBSSL
- int e;
-
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- SSL_load_error_strings();
- SSL_library_init();
-+#endif
- if ((e = seed_prng(errstr)) != TLS_EOK)
- {
- return e;
-@@ -518,7 +524,7 @@ int tls_cert_info_get(tls_t *tls, tls_cert_info_t *tci, char **errstr)
- *errstr = xasprintf(_("%s: error getting SHA1 fingerprint"), errmsg);
- return TLS_ECERT;
- }
-- asn1time = X509_get_notBefore(x509cert);
-+ asn1time = X509_getm_notBefore(x509cert);
- if (asn1time_to_time_t((char *)asn1time->data,
- (asn1time->type != V_ASN1_GENERALIZEDTIME),
- &(tci->activation_time)) != 0)
-@@ -528,7 +534,7 @@ int tls_cert_info_get(tls_t *tls, tls_cert_info_t *tci, char **errstr)
- tls_cert_info_free(tci);
- return TLS_ECERT;
- }
-- asn1time = X509_get_notAfter(x509cert);
-+ asn1time = X509_getm_notAfter(x509cert);
- if (asn1time_to_time_t((char *)asn1time->data,
- (asn1time->type != V_ASN1_GENERALIZEDTIME),
- &(tci->expiration_time)) != 0)
PKG_NAME:=nail
PKG_VERSION:=12.5
-PKG_RELEASE:=4
+PKG_RELEASE:=5
PKG_LICENSE:=BSD-2-Clause
PKG_SOURCE:=heirloom-mailx_$(PKG_VERSION).orig.tar.gz
--- /dev/null
+--- a/openssl.c
++++ b/openssl.c
+@@ -174,7 +174,9 @@ ssl_init(void)
+ {
+ verbose = value("verbose") != NULL;
+ if (initialized == 0) {
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ SSL_library_init();
++#endif
+ initialized = 1;
+ }
+ if (rand_init == 0)
+@@ -215,12 +217,13 @@ ssl_verify_cb(int success, X509_STORE_CTX *store)
+ static const SSL_METHOD *
+ ssl_select_method(const char *uhp)
+ {
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ const SSL_METHOD *method;
+ char *cp;
+
+ cp = ssl_method_string(uhp);
+ if (cp != NULL) {
+-#if !defined(OPENSSL_NO_SSL2) && !OPENSSL_VERSION_NUMBER >= 0x10100000L
++#ifndef OPENSSL_NO_SSL2
+ if (equal(cp, "ssl2"))
+ method = SSLv2_client_method();
+ else
+@@ -240,6 +243,9 @@ ssl_select_method(const char *uhp)
+ } else
+ method = SSLv23_client_method();
+ return method;
++#else
++ return TLS_client_method();
++#endif
+ }
+
+ static void
+@@ -427,7 +433,9 @@ ssl_gen_err(const char *fmt, ...)
+ va_start(ap, fmt);
+ vfprintf(stderr, fmt, ap);
+ va_end(ap);
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ SSL_load_error_strings();
++#endif
+ fprintf(stderr, ": %s\n",
+ (ERR_error_string(ERR_get_error(), NULL)));
+ }
PKG_NAME:=opendkim
PKG_VERSION:=2.10.3
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@SF/$(PKG_NAME)
+++ /dev/null
-Description: Build and work with either openssl 1.0.2 or 1.1.0
- * Add patch to build with either openssl 1.0.2 or 1.1.0 (Closes: #828466)
- - Thanks to Sebastian Andrzej Siewior for the patch
-Author: Sebastian Andrzej Siewior
-Bug-Debian: http://bugs.debian.org/828466
-Origin: vendor
-Forwarded: no
-Reviewed-By: Scott Kitterman <scott@kitterman.com>
-Last-Update: <YYYY-MM-DD>
-
---- opendkim-2.11.0~alpha.orig/configure.ac
-+++ opendkim-2.11.0~alpha/configure.ac
-@@ -864,26 +864,28 @@ then
- AC_SEARCH_LIBS([ERR_peek_error], [crypto], ,
- AC_MSG_ERROR([libcrypto not found]))
-
-- AC_SEARCH_LIBS([SSL_library_init], [ssl], ,
-- [
-- if test x"$enable_shared" = x"yes"
-- then
-- AC_MSG_ERROR([Cannot build shared opendkim
-- against static openssl libraries.
-- Configure with --disable-shared
-- to get this working or obtain a
-- shared libssl library for
-- opendkim to use.])
-- fi
-
-- # avoid caching issue - last result of SSL_library_init
-- # shouldn't be cached for this next check
-- unset ac_cv_search_SSL_library_init
-- LIBCRYPTO_LIBS="$LIBCRYPTO_LIBS -ldl"
-- AC_SEARCH_LIBS([SSL_library_init], [ssl], ,
-- AC_MSG_ERROR([libssl not found]), [-ldl])
-- ]
-- )
-+ AC_LINK_IFELSE(
-+ [AC_LANG_PROGRAM([[#include <openssl/ssl.h>]],
-+ [[SSL_library_init();]])],
-+ [od_have_ossl="yes";],
-+ [od_have_ossl="no";])
-+ if test x"$od_have_ossl" = x"no"
-+ then
-+ if test x"$enable_shared" = x"yes"
-+ then
-+ AC_MSG_ERROR([Cannot build shared opendkim
-+ against static openssl libraries.
-+ Configure with --disable-shared
-+ to get this working or obtain a
-+ shared libssl library for
-+ opendkim to use.])
-+ fi
-+
-+ LIBCRYPTO_LIBS="$LIBCRYPTO_LIBS -ldl"
-+ AC_SEARCH_LIBS([SSL_library_init], [ssl], ,
-+ AC_MSG_ERROR([libssl not found]), [-ldl])
-+ fi
-
- AC_CHECK_DECL([SHA256_DIGEST_LENGTH],
- AC_DEFINE([HAVE_SHA256], 1,
---- opendkim-2.11.0~alpha.orig/opendkim/opendkim-crypto.c
-+++ opendkim-2.11.0~alpha/opendkim/opendkim-crypto.c
-@@ -222,7 +222,11 @@ dkimf_crypto_free_id(void *ptr)
- {
- assert(pthread_setspecific(id_key, ptr) == 0);
-
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000
-+ OPENSSL_thread_stop();
-+#else
- ERR_remove_state(0);
-+#endif
-
- free(ptr);
-
-@@ -392,11 +396,15 @@ dkimf_crypto_free(void)
- {
- if (crypto_init_done)
- {
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000
-+ OPENSSL_thread_stop();
-+#else
- CRYPTO_cleanup_all_ex_data();
- CONF_modules_free();
- EVP_cleanup();
- ERR_free_strings();
- ERR_remove_state(0);
-+#endif
-
- if (nmutexes > 0)
- {
--- /dev/null
+This patch has been tested with OpenSSL 1.0.2q, 1.1.0j and 1.1.1a
+with and without support for deprecated OpenSSL APIs.
+
+--- a/configure.ac
++++ b/configure.ac
+@@ -860,26 +860,10 @@ then
+ AC_SEARCH_LIBS([ERR_peek_error], [crypto], ,
+ AC_MSG_ERROR([libcrypto not found]))
+
+- AC_SEARCH_LIBS([SSL_library_init], [ssl], ,
+- [
+- if test x"$enable_shared" = x"yes"
+- then
+- AC_MSG_ERROR([Cannot build shared opendkim
+- against static openssl libraries.
+- Configure with --disable-shared
+- to get this working or obtain a
+- shared libssl library for
+- opendkim to use.])
+- fi
+-
+- # avoid caching issue - last result of SSL_library_init
+- # shouldn't be cached for this next check
+- unset ac_cv_search_SSL_library_init
+- LIBCRYPTO_LIBS="$LIBCRYPTO_LIBS -ldl"
+- AC_SEARCH_LIBS([SSL_library_init], [ssl], ,
+- AC_MSG_ERROR([libssl not found]), [-ldl])
+- ]
+- )
++ od_have_ossl="no"
++ AC_CHECK_LIB(ssl, OPENSSL_init_ssl, [od_have_ossl="yes"])
++ AC_CHECK_LIB(ssl, SSL_library_init, [od_have_ossl="yes"])
++ AS_IF([test "x$od_have_ossl" = xno], [AC_MSG_ERROR([libssl not found])])
+
+ AC_CHECK_DECL([SHA256_DIGEST_LENGTH],
+ AC_DEFINE([HAVE_SHA256], 1,
+--- a/opendkim/opendkim-crypto.c
++++ b/opendkim/opendkim-crypto.c
+@@ -139,6 +139,7 @@ static unsigned int nmutexes = 0;
+ static unsigned long threadid = 0L;
+ static pthread_mutex_t *mutexes = NULL;
+
++#if OPENSSL_VERSION_NUMBER < 0x10100000
+ /*
+ ** DKIMF_CRYPTO_LOCK_CALLBACK -- locking callback for libcrypto
+ **
+@@ -166,6 +167,7 @@ dkimf_crypto_lock_callback(int mode, int
+
+ assert(status == 0);
+ }
++#endif
+
+ /*
+ ** DKIMF_CRYPTO_GET_ID -- generate/retrieve thread ID
+@@ -208,21 +210,15 @@ dkimf_crypto_get_id(void)
+ static void
+ dkimf_crypto_free_id(void *ptr)
+ {
+- /*
+- ** Trick dkimf_crypto_get_id(); the thread-specific pointer has
+- ** already been cleared at this point, but dkimf_crypto_get_id()
+- ** may be called by ERR_remove_state() which will then allocate a
+- ** new thread pointer if the thread-specific pointer is NULL. This
+- ** means a memory leak of thread IDs and, on Solaris, an infinite loop
+- ** because the destructor (indirectly) re-sets the thread-specific
+- ** pointer to something not NULL. See pthread_key_create(3).
+- */
+-
+ if (ptr != NULL)
+ {
+ assert(pthread_setspecific(id_key, ptr) == 0);
+
+- ERR_remove_state(0);
++#if OPENSSL_VERSION_NUMBER >= 0x10100000
++ OPENSSL_thread_stop();
++#else
++ ERR_remove_thread_state(NULL);
++#endif
+
+ free(ptr);
+
+@@ -300,6 +296,7 @@ dkimf_crypto_dyn_destroy(struct CRYPTO_d
+ ** None.
+ */
+
++#if OPENSSL_VERSION_NUMBER < 0x10100000
+ static void
+ dkimf_crypto_dyn_lock(int mode, struct CRYPTO_dynlock_value *lock,
+ /* UNUSED */ const char *file,
+@@ -316,6 +313,7 @@ dkimf_crypto_dyn_lock(int mode, struct C
+
+ assert(status == 0);
+ }
++#endif
+
+ /*
+ ** DKIMF_CRYPTO_INIT -- set up openssl dependencies
+@@ -335,7 +333,12 @@ dkimf_crypto_init(void)
+ int n;
+ int status;
+
++#if OPENSSL_VERSION_NUMBER < 0x10100000
+ n = CRYPTO_num_locks();
++#else
++ // see openssl/crypto.h for more details
++ n = 1;
++#endif
+ mutexes = (pthread_mutex_t *) malloc(n * sizeof(pthread_mutex_t));
+ if (mutexes == NULL)
+ return errno;
+@@ -357,15 +360,22 @@ dkimf_crypto_init(void)
+ if (status != 0)
+ return status;
+
++#if OPENSSL_VERSION_NUMBER < 0x10100000
+ SSL_load_error_strings();
+ SSL_library_init();
+ ERR_load_crypto_strings();
++#else
++ OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS | OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
++ OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
++#endif
+
++#if OPENSSL_VERSION_NUMBER < 0x10000000
+ CRYPTO_set_id_callback(&dkimf_crypto_get_id);
+ CRYPTO_set_locking_callback(&dkimf_crypto_lock_callback);
+ CRYPTO_set_dynlock_create_callback(&dkimf_crypto_dyn_create);
+ CRYPTO_set_dynlock_lock_callback(&dkimf_crypto_dyn_lock);
+ CRYPTO_set_dynlock_destroy_callback(&dkimf_crypto_dyn_destroy);
++#endif
+
+ #ifdef USE_OPENSSL_ENGINE
+ if (!SSL_set_engine(NULL))
+@@ -392,11 +402,15 @@ dkimf_crypto_free(void)
+ {
+ if (crypto_init_done)
+ {
++#if OPENSSL_VERSION_NUMBER >= 0x10100000
++ OPENSSL_thread_stop();
++#else
+ CRYPTO_cleanup_all_ex_data();
+ CONF_modules_free();
+ EVP_cleanup();
+ ERR_free_strings();
+- ERR_remove_state(0);
++ ERR_remove_thread_state(NULL);
++#endif
+
+ if (nmutexes > 0)
+ {
+--- a/libopendkim/dkim.c
++++ b/libopendkim/dkim.c
+@@ -4195,8 +4195,10 @@ dkim_init_openssl(void)
+ {
+ pthread_mutex_lock(&openssl_lock);
+
++#if OPENSSL_VERSION_NUMBER < 0x10100000
+ if (openssl_refcount == 0)
+ OpenSSL_add_all_algorithms();
++#endif
+ openssl_refcount++;
+
+ pthread_mutex_unlock(&openssl_lock);
+@@ -4220,8 +4222,10 @@ dkim_close_openssl(void)
+ pthread_mutex_lock(&openssl_lock);
+
+ openssl_refcount--;
++#if OPENSSL_VERSION_NUMBER < 0x10100000
+ if (openssl_refcount == 0)
+ EVP_cleanup();
++#endif
+
+ pthread_mutex_unlock(&openssl_lock);
+ }
+--- a/opendkim/opendkim-testkey.c
++++ b/opendkim/opendkim-testkey.c
+@@ -452,7 +452,11 @@ main(int argc, char **argv)
+ memset(err, '\0', sizeof err);
+
+ #ifndef USE_GNUTLS
++#if OPENSSL_VERSION_NUMBER < 0x10100000
+ ERR_load_crypto_strings();
++#else
++ OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
++#endif
+ #endif /* ! USE_GNUTLS */
+
+ /* process a KeyTable if specified and not overridden */
+--- a/opendkim/opendkim.c
++++ b/opendkim/opendkim.c
+@@ -15540,7 +15540,11 @@ main(int argc, char **argv)
+ printf("\tCompiled with GnuTLS %s\n", GNUTLS_VERSION);
+ #else /* USE_GNUTLS */
+ printf("\tCompiled with %s\n",
++#if OPENSSL_VERSION_NUMBER < 0x10100000
+ SSLeay_version(SSLEAY_VERSION));
++#else
++ OpenSSL_version(OPENSSL_VERSION));
++#endif
+ #endif /* USE_GNUTLS */
+ printf("\tSMFI_VERSION 0x%x\n", SMFI_VERSION);
+ #ifdef HAVE_SMFI_VERSION
PKG_NAME:=postfix
PKG_RELEASE:=2
-PKG_VERSION:=3.3.1
+PKG_VERSION:=3.3.2
PKG_SOURCE_URL:= \
https://cdn.postfix.johnriley.me/mirrors/postfix-release/official/ \
ftp://ftp.porcupine.org/mirrors/postfix-release/official/
-PKG_HASH:=54f514dae42b5275cb4bc9c69283f16c06200b71813d0bb696568c4ba7ae7e3b
+PKG_HASH:=3c93f31eee49a58e592c31e62a058701cadde11e8e066ea441da19fddad7b35b
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_MAINTAINER:=Denis Shulyaka <Shulyaka@gmail.com>
PKG_LICENSE:=IPL-1.0
PKG_NAME:=sendmail
PKG_VERSION:=8.15.2
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME).$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://artfiles.org/sendmail.org/pub/sendmail/ \
define(`confMTCCOPTS', `-D_REENTRANT')
define(`confMTLDOPTS', `-lpthread')
define(`confLDOPTS_SO', `-shared')
-define(`confSONAME',`-soname')
+define(`confSONAME',`-Wl,-soname')
define(`currentuser', esyscmd(`id -nu'))
define(`currentgroup', esyscmd(`id -ng'))
divert(bldTARGETS_SECTION)
bldCURRENT_PRODUCT.so.confSOVER: ${BEFORE} ${bldCURRENT_PRODUCT`OBJS'}
- ${LD} ${LDOPTS_SO} -o bldCURRENT_PRODUCT.so.confSOVER confSONAME bldCURRENT_PRODUCT.so.confSOVER ${bldCURRENT_PRODUCT`OBJS'}
+ ${CC} ${LDOPTS_SO} -o bldCURRENT_PRODUCT.so.confSOVER confSONAME,bldCURRENT_PRODUCT.so.confSOVER ${bldCURRENT_PRODUCT`OBJS'}
ifdef(`bldLINK_SOURCES', `bldMAKE_SOURCE_LINKS(bldLINK_SOURCES)')
install-`'bldCURRENT_PRODUCT: bldCURRENT_PRODUCT.so.confSOVER
--- /dev/null
+Not needed for 8.16
+
+From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
+Date: Sat, 10 Sep 2016 19:27:17 +0000
+Subject: [PATCH] sendmail: compile against openssl 1.1.0
+
+Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
+---
+
+--- a/sendmail/tls.c
++++ b/sendmail/tls.c
+@@ -60,18 +60,58 @@ static unsigned char dh512_g[] =
+ 0x02
+ };
+
++#if OPENSSL_VERSION_NUMBER < 0x10100000
++
++static inline int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
++{
++ /* If the fields p and g in d are NULL, the corresponding input
++ * parameters MUST be non-NULL. q may remain NULL.
++ */
++ if ((dh->p == NULL && p == NULL)
++ || (dh->g == NULL && g == NULL))
++ return 0;
++
++ if (p != NULL) {
++ BN_free(dh->p);
++ dh->p = p;
++ }
++ if (q != NULL) {
++ BN_free(dh->q);
++ dh->q = q;
++ }
++ if (g != NULL) {
++ BN_free(dh->g);
++ dh->g = g;
++ }
++
++ if (q != NULL) {
++ dh->length = BN_num_bits(q);
++ }
++
++ return 1;
++}
++#endif
++
+ static DH *
+ get_dh512()
+ {
+ DH *dh = NULL;
++ BIGNUM *p;
++ BIGNUM *g;
+
+- if ((dh = DH_new()) == NULL)
+- return NULL;
+- dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
+- dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
+- if ((dh->p == NULL) || (dh->g == NULL))
+- return NULL;
++ dh = DH_new();
++ p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
++ g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
++ if (!dh || !p || !g)
++ goto err;
++ if (!DH_set0_pqg(dh, p, NULL, g))
++ goto err;
+ return dh;
++err:
++ DH_free(dh);
++ BN_free(p);
++ BN_free(g);
++ return NULL;
+ }
+
+ # if 0
+@@ -117,17 +157,22 @@ get_dh2048()
+ };
+ static unsigned char dh2048_g[]={ 0x02, };
+ DH *dh;
++ BIGNUM *p;
++ BIGNUM *g;
+
+- if ((dh=DH_new()) == NULL)
+- return(NULL);
+- dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
+- dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
+- if ((dh->p == NULL) || (dh->g == NULL))
+- {
+- DH_free(dh);
+- return(NULL);
+- }
++ dh = DH_new();
++ p = BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
++ g = BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
++ if (!dh || !p || !g)
++ goto err;
++ if (!DH_set0_pqg(dh, p, NULL, g))
++ goto err;
+ return(dh);
++err:
++ DH_free(dh);
++ BN_free(p);
++ BN_free(g);
++ return NULL;
+ }
+ # endif /* !NO_DH */
+
+@@ -926,7 +971,7 @@ inittls(ctx, req, options, srv, certfile
+ {
+ /* get a pointer to the current certificate validation store */
+ store = SSL_CTX_get_cert_store(*ctx); /* does not fail */
+- crl_file = BIO_new(BIO_s_file_internal());
++ crl_file = BIO_new(BIO_s_file());
+ if (crl_file != NULL)
+ {
+ if (BIO_read_filename(crl_file, CRLFile) >= 0)
+@@ -1000,26 +1045,43 @@ inittls(ctx, req, options, srv, certfile
+ ** maybe we should do it only on demand...
+ */
+
+- if (bitset(TLS_I_RSA_TMP, req)
+ # if SM_CONF_SHM
+- && ShmId != SM_SHM_NO_ID &&
+- (rsa_tmp = RSA_generate_key(RSA_KEYLENGTH, RSA_F4, NULL,
+- NULL)) == NULL
+-# else /* SM_CONF_SHM */
+- && 0 /* no shared memory: no need to generate key now */
+-# endif /* SM_CONF_SHM */
+- )
++ if (bitset(TLS_I_RSA_TMP, req)
++ && ShmId != SM_SHM_NO_ID)
+ {
+- if (LogLevel > 7)
++ BIGNUM *bn;
++
++ bn = BN_new();
++ rsa_tmp = RSA_new();
++ if (!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4)) {
++ RSA_free(rsa_tmp);
++ rsa_tmp = NULL;
++ }
++ if (rsa_tmp)
+ {
+- sm_syslog(LOG_WARNING, NOQID,
+- "STARTTLS=%s, error: RSA_generate_key failed",
+- who);
+- if (LogLevel > 9)
+- tlslogerr(LOG_WARNING, who);
++ if (!RSA_generate_key_ex(rsa_tmp, RSA_KEYLENGTH, bn, NULL))
++ {
++ RSA_free(rsa_tmp);
++ rsa_tmp = NULL;
++ }
++ }
++ BN_free(bn);
++ if (!rsa_tmp)
++ {
++ if (LogLevel > 7)
++ {
++ sm_syslog(LOG_WARNING, NOQID,
++ "STARTTLS=%s, error: RSA_generate_key failed",
++ who);
++ if (LogLevel > 9)
++ tlslogerr(LOG_WARNING, who);
++ }
++ return false;
+ }
+- return false;
+ }
++# else /* SM_CONF_SHM */
++ /* no shared memory: no need to generate key now */
++# endif /* SM_CONF_SHM */
+ # endif /* !TLS_NO_RSA */
+
+ /*
+@@ -1210,9 +1272,15 @@ inittls(ctx, req, options, srv, certfile
+ sm_dprintf("inittls: Generating %d bit DH parameters\n", bits);
+
+ /* this takes a while! */
+- dsa = DSA_generate_parameters(bits, NULL, 0, NULL,
+- NULL, 0, NULL);
+- dh = DSA_dup_DH(dsa);
++ dsa = DSA_new();
++ if (dsa) {
++ int r;
++
++ r = DSA_generate_parameters_ex(dsa, bits, NULL, 0,
++ NULL, NULL, NULL);
++ if (r != 0)
++ dh = DSA_dup_DH(dsa);
++ }
+ DSA_free(dsa);
+ }
+ else if (dh == NULL && bitset(TLS_I_DHFIXED, req))
+@@ -1733,6 +1801,9 @@ tmp_rsa_key(s, export, keylength)
+ int export;
+ int keylength;
+ {
++ BIGNUM *bn;
++ int ret;
++
+ # if SM_CONF_SHM
+ extern int ShmId;
+ extern int *PRSATmpCnt;
+@@ -1742,10 +1813,22 @@ tmp_rsa_key(s, export, keylength)
+ return rsa_tmp;
+ # endif /* SM_CONF_SHM */
+
+- if (rsa_tmp != NULL)
+- RSA_free(rsa_tmp);
+- rsa_tmp = RSA_generate_key(RSA_KEYLENGTH, RSA_F4, NULL, NULL);
+- if (rsa_tmp == NULL)
++ if (rsa_tmp == NULL) {
++ rsa_tmp = RSA_new();
++ if (!rsa_tmp)
++ return NULL;
++ }
++
++ bn = BN_new();
++ if (!bn)
++ return NULL;
++ if (!BN_set_word(bn, RSA_F4)) {
++ BN_free(bn);
++ return NULL;
++ }
++ ret = RSA_generate_key_ex(rsa_tmp, RSA_KEYLENGTH, bn, NULL);
++ BN_free(bn);
++ if (!ret)
+ {
+ if (LogLevel > 0)
+ sm_syslog(LOG_ERR, NOQID,
+@@ -1971,9 +2054,9 @@ x509_verify_cb(ok, ctx)
+ {
+ if (LogLevel > 13)
+ tls_verify_log(ok, ctx, "x509");
+- if (ctx->error == X509_V_ERR_UNABLE_TO_GET_CRL)
++ if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_UNABLE_TO_GET_CRL)
+ {
+- ctx->error = 0;
++ X509_STORE_CTX_set_error(ctx, 0);
+ return 1; /* override it */
+ }
+ }
+--- a/doc/op/op.me
++++ b/doc/op/op.me
+@@ -10898,7 +10898,7 @@ C=FileName_of_CA_Certificate
+ ln -s $C `openssl x509 -noout -hash < $C`.0
+ .)b
+ A better way to do this is to use the
+-.b c_rehash
++.b "openssl rehash"
+ command that is part of the OpenSSL distribution
+ because it handles subject hash collisions
+ by incrementing the number in the suffix of the filename of the symbolic link,
--- /dev/null
+Not needed for 8.16
+
+--- a/sendmail/tls.c
++++ b/sendmail/tls.c
+@@ -1325,13 +1325,8 @@ inittls(ctx, req, options, srv, certfile, keyfile, cacertpath, cacertfile, dhpar
+ }
+
+ #if _FFR_TLS_EC
+- ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+- if (ecdh != NULL)
+- {
+- SSL_CTX_set_options(*ctx, SSL_OP_SINGLE_ECDH_USE);
+- SSL_CTX_set_tmp_ecdh(*ctx, ecdh);
+- EC_KEY_free(ecdh);
+- }
++ SSL_CTX_set_options(*ctx, SSL_OP_SINGLE_ECDH_USE);
++ SSL_CTX_set_ecdh_auto(*ctx, 1);
+ #endif /* _FFR_TLS_EC */
+
+ }
--- /dev/null
+Must be rebased for 8.16
+
+--- a/sendmail/main.c
++++ b/sendmail/main.c
+@@ -17,6 +17,9 @@
+ #include <sm/xtrap.h>
+ #include <sm/signal.h>
+
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#define OpenSSL_version_num SSLeay
++#endif
+ #ifndef lint
+ SM_UNUSED(static char copyright[]) =
+ "@(#) Copyright (c) 1998-2013 Proofpoint, Inc. and its suppliers.\n\
+@@ -650,7 +653,7 @@ main(argc, argv, envp)
+ sm_dprintf(" OpenSSL: compiled 0x%08x\n",
+ (uint) OPENSSL_VERSION_NUMBER);
+ sm_dprintf(" OpenSSL: linked 0x%08x\n",
+- (uint) SSLeay());
++ (uint) OpenSSL_version_num());
+ }
+ #endif /* STARTTLS */
+
+--- a/sendmail/tls.c
++++ b/sendmail/tls.c
+@@ -16,9 +16,25 @@ SM_RCSID("@(#)$Id: tls.c,v 8.127 2013-11-27 02:51:11 gshapiro Exp $")
+ # include <openssl/err.h>
+ # include <openssl/bio.h>
+ # include <openssl/pem.h>
++# include <openssl/bn.h>
++# include <openssl/dh.h>
++# include <openssl/dsa.h>
++# include <openssl/rsa.h>
+ # ifndef HASURANDOMDEV
+ # include <openssl/rand.h>
+ # endif /* ! HASURANDOMDEV */
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#define OpenSSL_version_num SSLeay
++#endif
++
++#ifndef CRYPTO_thread_id
++#define CRYPTO_thread_id() (0UL)
++#endif
++
++#ifndef SSL_CTX_set_tmp_rsa_callback
++#define SSL_CTX_set_tmp_rsa_callback(ctx, cb) while(0) (cb)(NULL, 0, 0)
++#endif
++
+ # if !TLS_NO_RSA
+ static RSA *rsa_tmp = NULL; /* temporary RSA key */
+ static RSA *tmp_rsa_key __P((SSL *, int, int));
+@@ -380,6 +396,7 @@ init_tls_library(fipsmode)
+ {
+ bool bv;
+
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ /* basic TLS initialization, ignore result for now */
+ SSL_library_init();
+ SSL_load_error_strings();
+@@ -388,6 +405,7 @@ init_tls_library(fipsmode)
+ /* this is currently a macro for SSL_library_init */
+ SSLeay_add_ssl_algorithms();
+ # endif /* 0 */
++#endif /* OPENSSL_VERSION_NUMBER */
+
+ bv = tls_rand_init(RandFile, 7);
+ # if _FFR_FIPSMODE
+@@ -1207,7 +1225,7 @@ inittls(ctx, req, options, srv, certfile, keyfile, cacertpath, cacertfile, dhpar
+ ** just the compile time version.
+ */
+
+- rt_version = SSLeay();
++ rt_version = OpenSSL_version_num();
+ if (rt_version >= 0x00908000L && rt_version <= 0x0090802fL)
+ {
+ comp_methods = SSL_COMP_get_compression_methods();
PKG_NAME:=crtmpserver
PKG_REV:=b6fdcdb953d1e99c48a0c37a8c80f2cad2db443b
PKG_VERSION:=2012-07-18+git-$(PKG_REV)
-PKG_RELEASE:=3
-PKG_BUILD_PARALLEL:=2
+PKG_RELEASE:=4
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://codeload.github.com/j0sh/crtmpserver/tar.gz/$(PKG_REV)?
+PKG_HASH:=e210eeb99d39334e7beb0a1be27dcf23d1f851383f87cf63d7fb98209ef96cee
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_REV)
+
PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>
PKG_LICENSE:=GPL-3.0
+PKG_BUILD_PARALLEL:=1
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_MIRROR_HASH:=8d887996b6b8cb465ec59f3f713fca46161cbb804cacd2b5405f836083fb58ba
-PKG_SOURCE_URL:=https://github.com/j0sh/crtmpserver.git
-PKG_SOURCE_SUBDIR:=crtmpserver-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=$(PKG_REV)
-PKG_SOURCE_PROTO:=git
-
+include $(INCLUDE_DIR)/uclibc++.mk
include $(INCLUDE_DIR)/package.mk
define Package/crtmpserver
SECTION:=multimedia
CATEGORY:=Multimedia
- DEPENDS:=+libopenssl +libstdcpp +liblua
+ DEPENDS:=$(CXX_DEPENDS) +libopenssl +liblua
TITLE:=C++ RTMP Server
- URL:=http://www.rtmpd.com/
endef
define Package/crtmpserver/description
---- a/sources/common/include/common.h
-+++ b/sources/common/include/common.h
-@@ -20,6 +20,10 @@
- #ifndef _COMMON_H
- #define _COMMON_H
-
-+#include <stdio.h>
-+#include <unistd.h>
-+#include <sys/types.h>
-+
- #include "defines.h"
- #include "platform/platform.h"
- #include "utils/utils.h"
--- a/sources/common/src/utils/logging/fileloglocation.cpp
+++ b/sources/common/src/utils/logging/fileloglocation.cpp
-@@ -18,6 +18,10 @@
+@@ -17,6 +17,7 @@
+ * along with crtmpserver. If not, see <http://www.gnu.org/licenses/>.
*/
++#include <ctime>
-+#include <stdio.h>
-+#include <unistd.h>
-+#include <sys/types.h>
-+
#include "utils/logging/fileloglocation.h"
#include "utils/lua/luautils.h"
- #include "utils/misc/file.h"
+++ /dev/null
---- a/sources/applications/applestreamingclient/include/protocols/aes/inboundaesprotocol.h
-+++ b/sources/applications/applestreamingclient/include/protocols/aes/inboundaesprotocol.h
-@@ -30,7 +30,7 @@ namespace app_applestreamingclient {
- private:
- IOBuffer _tempBuffer;
- IOBuffer _inputBuffer;
-- EVP_CIPHER_CTX _decContex;
-+ EVP_CIPHER_CTX *_decContex;
- bool _lastChunk;
- uint8_t *_pIV;
- uint8_t *_pKey;
---- a/sources/applications/applestreamingclient/src/protocols/aes/inboundaesprotocol.cpp
-+++ b/sources/applications/applestreamingclient/src/protocols/aes/inboundaesprotocol.cpp
-@@ -31,13 +31,12 @@ InboundAESProtocol::InboundAESProtocol()
- memset(_pIV, 0, 16);
- _pKey = new uint8_t[16];
- memset(_pKey, 0, 16);
-- memset(&_decContex, 0, sizeof (EVP_CIPHER_CTX));
-+ _decContex = EVP_CIPHER_CTX_new();
- _totalDecrypted = 0;
- }
-
- InboundAESProtocol::~InboundAESProtocol() {
-- EVP_CIPHER_CTX_cleanup(&_decContex);
-- memset(&_decContex, 0, sizeof (EVP_CIPHER_CTX));
-+ EVP_CIPHER_CTX_free(_decContex);
- delete[] _pIV;
- delete[] _pKey;
- }
-@@ -60,11 +59,9 @@ bool InboundAESProtocol::Initialize(Vari
- _inputBuffer.IgnoreAll();
- _tempBuffer.IgnoreAll();
-
-- EVP_CIPHER_CTX_cleanup(&_decContex);
-- memset(&_decContex, 0, sizeof (EVP_CIPHER_CTX));
-- EVP_CIPHER_CTX_init(&_decContex);
-- EVP_DecryptInit_ex(&_decContex, EVP_aes_128_cbc(), NULL, _pKey, _pIV);
-- EVP_CIPHER_CTX_set_padding(&_decContex, 0);
-+ EVP_CIPHER_CTX_reset(_decContex);
-+ EVP_DecryptInit_ex(_decContex, EVP_aes_128_cbc(), NULL, _pKey, _pIV);
-+ EVP_CIPHER_CTX_set_padding(_decContex, 0);
-
- return true;
- }
-@@ -105,14 +102,14 @@ bool InboundAESProtocol::SignalInputData
- int decryptedFinalSize = 0;
- uint32_t padding = 0;
-
-- EVP_DecryptUpdate(&_decContex, pTempData, &decryptedSize, GETIBPOINTER(buffer), safeSize);
-+ EVP_DecryptUpdate(_decContex, pTempData, &decryptedSize, GETIBPOINTER(buffer), safeSize);
- _totalDecrypted += decryptedSize;
-
- //6. Decrypt leftovers
- bool transferCompleted = false;
- if (((HTTPBufferProtocol *) GetFarProtocol())->TransferCompleted()) {
- transferCompleted = true;
-- EVP_DecryptFinal_ex(&_decContex,
-+ EVP_DecryptFinal_ex(_decContex,
- pTempData + decryptedSize,
- &decryptedFinalSize);
- _totalDecrypted += decryptedFinalSize;
---- a/sources/common/include/utils/misc/crypto.h
-+++ b/sources/common/include/utils/misc/crypto.h
-@@ -33,6 +33,7 @@
- #include <openssl/aes.h>
- #include <openssl/engine.h>
- #include <openssl/conf.h>
-+#include "utils/misc/libcrypto-compat.h"
-
- /*!
- @class DHWrapper
-@@ -83,7 +84,7 @@ public:
- bool CopySharedKey(uint8_t *pDst, int32_t dstLength);
- private:
- void Cleanup();
-- bool CopyKey(BIGNUM *pNum, uint8_t *pDst, int32_t dstLength);
-+ bool CopyKey(const BIGNUM *pNum, uint8_t *pDst, int32_t dstLength);
- };
-
- DLLEXP void InitRC4Encryption(uint8_t *secretKey, uint8_t *pubKeyIn, uint8_t *pubKeyOut,
---- a/sources/common/src/utils/misc/crypto.cpp
-+++ b/sources/common/src/utils/misc/crypto.cpp
-@@ -35,6 +35,7 @@ DHWrapper::~DHWrapper() {
- }
-
- bool DHWrapper::Initialize() {
-+ BIGNUM *p = NULL, *g = NULL;
- Cleanup();
-
- //1. Create the DH
-@@ -46,42 +47,53 @@ bool DHWrapper::Initialize() {
- }
-
- //2. Create his internal p and g
-- _pDH->p = BN_new();
-- if (_pDH->p == NULL) {
-+ p = BN_new();
-+ if (p == NULL) {
- FATAL("Unable to create p");
-- Cleanup();
-- return false;
-+ goto return_error;
- }
-- _pDH->g = BN_new();
-- if (_pDH->g == NULL) {
-+ g = BN_new();
-+ if (g == NULL) {
- FATAL("Unable to create g");
-- Cleanup();
-- return false;
-+ goto return_error;
- }
-
- //3. initialize p, g and key length
-- if (BN_hex2bn(&_pDH->p, P1024) == 0) {
-+ if (BN_hex2bn(&p, P1024) == 0) {
- FATAL("Unable to parse P1024");
-- Cleanup();
-- return false;
-+ goto return_error;
- }
-- if (BN_set_word(_pDH->g, 2) != 1) {
-+ if (BN_set_word(g, 2) != 1) {
- FATAL("Unable to set g");
-- Cleanup();
-- return false;
-+ goto return_error;
- }
-
-- //4. Set the key length
-- _pDH->length = _bitsCount;
-+ //4. Set internal p and g
-+ if (DH_set0_pqg(_pDH, p, NULL, g) != 1) {
-+ FATAL("Unable to set internal p and g");
-+ goto return_error;
-+ }
-+ p = g = NULL;
-
-- //5. Generate private and public key
-+ //5. Set the key length
-+ if (DH_set_length(_pDH, _bitsCount) != 1) {
-+ FATAL("Unable to set length");
-+ goto return_error;
-+ }
-+
-+ //6. Generate private and public key
- if (DH_generate_key(_pDH) != 1) {
- FATAL("Unable to generate DH public/private keys");
-- Cleanup();
-- return false;
-+ goto return_error;
- }
-
- return true;
-+
-+return_error:
-+ if (p != NULL) BN_free(p);
-+ if (g != NULL) BN_free(g);
-+ Cleanup();
-+ return false;
- }
-
- bool DHWrapper::CopyPublicKey(uint8_t *pDst, int32_t dstLength) {
-@@ -90,7 +102,9 @@ bool DHWrapper::CopyPublicKey(uint8_t *p
- return false;
- }
-
-- return CopyKey(_pDH->pub_key, pDst, dstLength);
-+ const BIGNUM *pub_key;
-+ DH_get0_key(_pDH, &pub_key, NULL);
-+ return CopyKey(pub_key, pDst, dstLength);
- }
-
- bool DHWrapper::CopyPrivateKey(uint8_t *pDst, int32_t dstLength) {
-@@ -99,7 +113,9 @@ bool DHWrapper::CopyPrivateKey(uint8_t *
- return false;
- }
-
-- return CopyKey(_pDH->priv_key, pDst, dstLength);
-+ const BIGNUM *priv_key;
-+ DH_get0_key(_pDH, NULL, &priv_key);
-+ return CopyKey(priv_key, pDst, dstLength);
- }
-
- bool DHWrapper::CreateSharedKey(uint8_t *pPeerPublicKey, int32_t length) {
-@@ -153,14 +169,6 @@ bool DHWrapper::CopySharedKey(uint8_t *p
-
- void DHWrapper::Cleanup() {
- if (_pDH != NULL) {
-- if (_pDH->p != NULL) {
-- BN_free(_pDH->p);
-- _pDH->p = NULL;
-- }
-- if (_pDH->g != NULL) {
-- BN_free(_pDH->g);
-- _pDH->g = NULL;
-- }
- DH_free(_pDH);
- _pDH = NULL;
- }
-@@ -177,7 +185,7 @@ void DHWrapper::Cleanup() {
- }
- }
-
--bool DHWrapper::CopyKey(BIGNUM *pNum, uint8_t *pDst, int32_t dstLength) {
-+bool DHWrapper::CopyKey(const BIGNUM *pNum, uint8_t *pDst, int32_t dstLength) {
- int32_t keySize = BN_num_bytes(pNum);
- if ((keySize <= 0) || (dstLength <= 0) || (keySize > dstLength)) {
- FATAL("CopyPublicKey failed due to either invalid DH state or invalid call");
-@@ -197,20 +205,21 @@ void InitRC4Encryption(uint8_t *secretKe
- uint8_t digest[SHA256_DIGEST_LENGTH];
- unsigned int digestLen = 0;
-
-- HMAC_CTX ctx;
-- HMAC_CTX_init(&ctx);
-- HMAC_Init_ex(&ctx, secretKey, 128, EVP_sha256(), 0);
-- HMAC_Update(&ctx, pubKeyIn, 128);
-- HMAC_Final(&ctx, digest, &digestLen);
-- HMAC_CTX_cleanup(&ctx);
-+ HMAC_CTX *ctx;
-+ ctx = HMAC_CTX_new();
-+ if (ctx == NULL)
-+ return;
-+ HMAC_Init_ex(ctx, secretKey, 128, EVP_sha256(), 0);
-+ HMAC_Update(ctx, pubKeyIn, 128);
-+ HMAC_Final(ctx, digest, &digestLen);
-+ HMAC_CTX_reset(ctx);
-
- RC4_set_key(rc4keyOut, 16, digest);
-
-- HMAC_CTX_init(&ctx);
-- HMAC_Init_ex(&ctx, secretKey, 128, EVP_sha256(), 0);
-- HMAC_Update(&ctx, pubKeyOut, 128);
-- HMAC_Final(&ctx, digest, &digestLen);
-- HMAC_CTX_cleanup(&ctx);
-+ HMAC_Init_ex(ctx, secretKey, 128, EVP_sha256(), 0);
-+ HMAC_Update(ctx, pubKeyOut, 128);
-+ HMAC_Final(ctx, digest, &digestLen);
-+ HMAC_CTX_free(ctx);
-
- RC4_set_key(rc4keyIn, 16, digest);
- }
-@@ -220,14 +229,17 @@ string md5(string source, bool textResul
- }
-
- string md5(uint8_t *pBuffer, uint32_t length, bool textResult) {
-- EVP_MD_CTX mdctx;
-+ EVP_MD_CTX *mdctx;
- unsigned char md_value[EVP_MAX_MD_SIZE];
- unsigned int md_len;
-
-- EVP_DigestInit(&mdctx, EVP_md5());
-- EVP_DigestUpdate(&mdctx, pBuffer, length);
-- EVP_DigestFinal_ex(&mdctx, md_value, &md_len);
-- EVP_MD_CTX_cleanup(&mdctx);
-+ mdctx = EVP_MD_CTX_new();
-+ if (mdctx == NULL)
-+ return "";
-+ EVP_DigestInit(mdctx, EVP_md5());
-+ EVP_DigestUpdate(mdctx, pBuffer, length);
-+ EVP_DigestFinal_ex(mdctx, md_value, &md_len);
-+ EVP_MD_CTX_free(mdctx);
-
- if (textResult) {
- string result = "";
-@@ -244,12 +256,12 @@ void HMACsha256(const void *pData, uint3
- const void *pKey, uint32_t keyLength, void *pResult) {
- unsigned int digestLen;
-
-- HMAC_CTX ctx;
-- HMAC_CTX_init(&ctx);
-- HMAC_Init_ex(&ctx, (unsigned char*) pKey, keyLength, EVP_sha256(), NULL);
-- HMAC_Update(&ctx, (unsigned char *) pData, dataLength);
-- HMAC_Final(&ctx, (unsigned char *) pResult, &digestLen);
-- HMAC_CTX_cleanup(&ctx);
-+ HMAC_CTX *ctx;
-+ ctx = HMAC_CTX_new();
-+ HMAC_Init_ex(ctx, (unsigned char*) pKey, keyLength, EVP_sha256(), NULL);
-+ HMAC_Update(ctx, (unsigned char *) pData, dataLength);
-+ HMAC_Final(ctx, (unsigned char *) pResult, &digestLen);
-+ HMAC_CTX_free(ctx);
-
- o_assert(digestLen == 32);
- }
---- a/sources/thelib/src/protocols/ssl/basesslprotocol.cpp
-+++ b/sources/thelib/src/protocols/ssl/basesslprotocol.cpp
-@@ -211,6 +211,7 @@ string BaseSSLProtocol::GetSSLErrors() {
-
- string BaseSSLProtocol::DumpBIO(BIO *pBIO) {
- string formatString;
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- formatString = "method: %p\n";
- formatString += "callback: %p\n";
- formatString += "cb_arg: %p\n";
-@@ -240,6 +241,39 @@ string BaseSSLProtocol::DumpBIO(BIO *pBI
- pBIO->references,
- (int64_t) pBIO->num_read,
- (int64_t) pBIO->num_write);
-+#else
-+// Some of these are problematic in openssl >= 1.1, since
-+// the BIO struct is opaque.
-+ formatString = "method: %s\n";
-+ formatString += "callback: %p\n";
-+ formatString += "cb_arg: %p\n";
-+ formatString += "init: %d\n";
-+ formatString += "shutdown: %d\n";
-+ formatString += "flags: %d\n";
-+ formatString += "retry_reason: %d\n";
-+ formatString += "num: %d\n";
-+ formatString += "ptr: %p\n";
-+ formatString += "next_bio: %p\n";
-+ formatString += "prev_bio: %s\n";
-+ formatString += "references: %s\n";
-+ formatString += "num_read: %"PRId64"\n";
-+ formatString += "num_write: %"PRId64;
-+ return format(formatString,
-+ BIO_method_name(pBIO),
-+ BIO_get_callback(pBIO),
-+ BIO_get_callback_arg(pBIO),
-+ BIO_get_init(pBIO),
-+ BIO_get_shutdown(pBIO),
-+ BIO_get_flags(pBIO),
-+ BIO_get_retry_reason(pBIO),
-+ BIO_get_fd(pBIO, NULL),
-+ BIO_get_data(pBIO),
-+ BIO_next(pBIO),
-+ "unknown", //prev_bio
-+ "unknown", //references
-+ BIO_number_read(pBIO),
-+ BIO_number_written(pBIO));
-+#endif
- }
-
- void BaseSSLProtocol::InitRandGenerator() {
---- /dev/null
-+++ b/sources/common/include/utils/misc/libcrypto-compat.h
-@@ -0,0 +1,25 @@
-+#ifndef LIBCRYPTO_COMPAT_H
-+#define LIBCRYPTO_COMPAT_H
-+
-+#include <openssl/opensslv.h>
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+
-+#include <openssl/dh.h>
-+#include <openssl/evp.h>
-+#include <openssl/hmac.h>
-+
-+int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
-+void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key);
-+int DH_set_length(DH *dh, long length);
-+
-+EVP_MD_CTX *EVP_MD_CTX_new(void);
-+void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
-+#define EVP_MD_CTX_reset EVP_MD_CTX_cleanup
-+
-+HMAC_CTX *HMAC_CTX_new(void);
-+void HMAC_CTX_free(HMAC_CTX *ctx);
-+#define HMAC_CTX_reset HMAC_CTX_cleanup
-+
-+#endif /* OPENSSL_VERSION_NUMBER */
-+
-+#endif /* LIBCRYPTO_COMPAT_H */
---- /dev/null
-+++ b/sources/common/src/utils/misc/libcrypto-compat.cpp
-@@ -0,0 +1,90 @@
-+/*
-+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
-+ *
-+ * Licensed under the OpenSSL license (the "License"). You may not use
-+ * this file except in compliance with the License. You can obtain a copy
-+ * in the file LICENSE in the source distribution or at
-+ * https://www.openssl.org/source/license.html
-+ */
-+
-+#include "utils/misc/libcrypto-compat.h"
-+
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+
-+#include <string.h>
-+
-+static void *OPENSSL_zalloc(size_t num)
-+{
-+ void *ret = OPENSSL_malloc(num);
-+
-+ if (ret != NULL)
-+ memset(ret, 0, num);
-+ return ret;
-+}
-+
-+int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
-+{
-+ /* If the fields p and g in d are NULL, the corresponding input
-+ * parameters MUST be non-NULL. q may remain NULL.
-+ */
-+ if ((dh->p == NULL && p == NULL)
-+ || (dh->g == NULL && g == NULL))
-+ return 0;
-+
-+ if (p != NULL) {
-+ BN_free(dh->p);
-+ dh->p = p;
-+ }
-+ if (q != NULL) {
-+ BN_free(dh->q);
-+ dh->q = q;
-+ }
-+ if (g != NULL) {
-+ BN_free(dh->g);
-+ dh->g = g;
-+ }
-+
-+ if (q != NULL) {
-+ dh->length = BN_num_bits(q);
-+ }
-+
-+ return 1;
-+}
-+
-+void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key)
-+{
-+ if (pub_key != NULL)
-+ *pub_key = dh->pub_key;
-+ if (priv_key != NULL)
-+ *priv_key = dh->priv_key;
-+}
-+
-+int DH_set_length(DH *dh, long length)
-+{
-+ dh->length = length;
-+ return 1;
-+}
-+
-+EVP_MD_CTX *EVP_MD_CTX_new(void)
-+{
-+ return (EVP_MD_CTX *)OPENSSL_zalloc(sizeof(EVP_MD_CTX));
-+}
-+
-+void EVP_MD_CTX_free(EVP_MD_CTX *ctx)
-+{
-+ EVP_MD_CTX_cleanup(ctx);
-+ OPENSSL_free(ctx);
-+}
-+
-+HMAC_CTX *HMAC_CTX_new(void)
-+{
-+ return (HMAC_CTX *)OPENSSL_zalloc(sizeof(HMAC_CTX));
-+}
-+
-+void HMAC_CTX_free(HMAC_CTX *ctx)
-+{
-+ HMAC_CTX_cleanup(ctx);
-+ OPENSSL_free(ctx);
-+}
-+
-+#endif /* OPENSSL_VERSION_NUMBER */
--- /dev/null
+--- a/sources/applications/applestreamingclient/include/protocols/aes/inboundaesprotocol.h
++++ b/sources/applications/applestreamingclient/include/protocols/aes/inboundaesprotocol.h
+@@ -30,7 +30,7 @@ namespace app_applestreamingclient {
+ private:
+ IOBuffer _tempBuffer;
+ IOBuffer _inputBuffer;
+- EVP_CIPHER_CTX _decContex;
++ EVP_CIPHER_CTX *_decContex;
+ bool _lastChunk;
+ uint8_t *_pIV;
+ uint8_t *_pKey;
+--- a/sources/applications/applestreamingclient/src/protocols/aes/inboundaesprotocol.cpp
++++ b/sources/applications/applestreamingclient/src/protocols/aes/inboundaesprotocol.cpp
+@@ -31,13 +31,12 @@ InboundAESProtocol::InboundAESProtocol()
+ memset(_pIV, 0, 16);
+ _pKey = new uint8_t[16];
+ memset(_pKey, 0, 16);
+- memset(&_decContex, 0, sizeof (EVP_CIPHER_CTX));
++ _decContex = EVP_CIPHER_CTX_new();
+ _totalDecrypted = 0;
+ }
+
+ InboundAESProtocol::~InboundAESProtocol() {
+- EVP_CIPHER_CTX_cleanup(&_decContex);
+- memset(&_decContex, 0, sizeof (EVP_CIPHER_CTX));
++ EVP_CIPHER_CTX_free(_decContex);
+ delete[] _pIV;
+ delete[] _pKey;
+ }
+@@ -60,11 +59,9 @@ bool InboundAESProtocol::Initialize(Vari
+ _inputBuffer.IgnoreAll();
+ _tempBuffer.IgnoreAll();
+
+- EVP_CIPHER_CTX_cleanup(&_decContex);
+- memset(&_decContex, 0, sizeof (EVP_CIPHER_CTX));
+- EVP_CIPHER_CTX_init(&_decContex);
+- EVP_DecryptInit_ex(&_decContex, EVP_aes_128_cbc(), NULL, _pKey, _pIV);
+- EVP_CIPHER_CTX_set_padding(&_decContex, 0);
++ EVP_CIPHER_CTX_reset(_decContex);
++ EVP_DecryptInit_ex(_decContex, EVP_aes_128_cbc(), NULL, _pKey, _pIV);
++ EVP_CIPHER_CTX_set_padding(_decContex, 0);
+
+ return true;
+ }
+@@ -105,14 +102,14 @@ bool InboundAESProtocol::SignalInputData
+ int decryptedFinalSize = 0;
+ uint32_t padding = 0;
+
+- EVP_DecryptUpdate(&_decContex, pTempData, &decryptedSize, GETIBPOINTER(buffer), safeSize);
++ EVP_DecryptUpdate(_decContex, pTempData, &decryptedSize, GETIBPOINTER(buffer), safeSize);
+ _totalDecrypted += decryptedSize;
+
+ //6. Decrypt leftovers
+ bool transferCompleted = false;
+ if (((HTTPBufferProtocol *) GetFarProtocol())->TransferCompleted()) {
+ transferCompleted = true;
+- EVP_DecryptFinal_ex(&_decContex,
++ EVP_DecryptFinal_ex(_decContex,
+ pTempData + decryptedSize,
+ &decryptedFinalSize);
+ _totalDecrypted += decryptedFinalSize;
+--- a/sources/common/include/utils/misc/crypto.h
++++ b/sources/common/include/utils/misc/crypto.h
+@@ -33,6 +33,7 @@
+ #include <openssl/aes.h>
+ #include <openssl/engine.h>
+ #include <openssl/conf.h>
++#include "utils/misc/libcrypto-compat.h"
+
+ /*!
+ @class DHWrapper
+@@ -83,7 +84,7 @@ public:
+ bool CopySharedKey(uint8_t *pDst, int32_t dstLength);
+ private:
+ void Cleanup();
+- bool CopyKey(BIGNUM *pNum, uint8_t *pDst, int32_t dstLength);
++ bool CopyKey(const BIGNUM *pNum, uint8_t *pDst, int32_t dstLength);
+ };
+
+ DLLEXP void InitRC4Encryption(uint8_t *secretKey, uint8_t *pubKeyIn, uint8_t *pubKeyOut,
+--- a/sources/common/src/utils/misc/crypto.cpp
++++ b/sources/common/src/utils/misc/crypto.cpp
+@@ -35,6 +35,7 @@ DHWrapper::~DHWrapper() {
+ }
+
+ bool DHWrapper::Initialize() {
++ BIGNUM *p = NULL, *g = NULL;
+ Cleanup();
+
+ //1. Create the DH
+@@ -46,42 +47,53 @@ bool DHWrapper::Initialize() {
+ }
+
+ //2. Create his internal p and g
+- _pDH->p = BN_new();
+- if (_pDH->p == NULL) {
++ p = BN_new();
++ if (p == NULL) {
+ FATAL("Unable to create p");
+- Cleanup();
+- return false;
++ goto return_error;
+ }
+- _pDH->g = BN_new();
+- if (_pDH->g == NULL) {
++ g = BN_new();
++ if (g == NULL) {
+ FATAL("Unable to create g");
+- Cleanup();
+- return false;
++ goto return_error;
+ }
+
+ //3. initialize p, g and key length
+- if (BN_hex2bn(&_pDH->p, P1024) == 0) {
++ if (BN_hex2bn(&p, P1024) == 0) {
+ FATAL("Unable to parse P1024");
+- Cleanup();
+- return false;
++ goto return_error;
+ }
+- if (BN_set_word(_pDH->g, 2) != 1) {
++ if (BN_set_word(g, 2) != 1) {
+ FATAL("Unable to set g");
+- Cleanup();
+- return false;
++ goto return_error;
+ }
+
+- //4. Set the key length
+- _pDH->length = _bitsCount;
++ //4. Set internal p and g
++ if (DH_set0_pqg(_pDH, p, NULL, g) != 1) {
++ FATAL("Unable to set internal p and g");
++ goto return_error;
++ }
++ p = g = NULL;
+
+- //5. Generate private and public key
++ //5. Set the key length
++ if (DH_set_length(_pDH, _bitsCount) != 1) {
++ FATAL("Unable to set length");
++ goto return_error;
++ }
++
++ //6. Generate private and public key
+ if (DH_generate_key(_pDH) != 1) {
+ FATAL("Unable to generate DH public/private keys");
+- Cleanup();
+- return false;
++ goto return_error;
+ }
+
+ return true;
++
++return_error:
++ if (p != NULL) BN_free(p);
++ if (g != NULL) BN_free(g);
++ Cleanup();
++ return false;
+ }
+
+ bool DHWrapper::CopyPublicKey(uint8_t *pDst, int32_t dstLength) {
+@@ -90,7 +102,9 @@ bool DHWrapper::CopyPublicKey(uint8_t *p
+ return false;
+ }
+
+- return CopyKey(_pDH->pub_key, pDst, dstLength);
++ const BIGNUM *pub_key;
++ DH_get0_key(_pDH, &pub_key, NULL);
++ return CopyKey(pub_key, pDst, dstLength);
+ }
+
+ bool DHWrapper::CopyPrivateKey(uint8_t *pDst, int32_t dstLength) {
+@@ -99,7 +113,9 @@ bool DHWrapper::CopyPrivateKey(uint8_t *
+ return false;
+ }
+
+- return CopyKey(_pDH->priv_key, pDst, dstLength);
++ const BIGNUM *priv_key;
++ DH_get0_key(_pDH, NULL, &priv_key);
++ return CopyKey(priv_key, pDst, dstLength);
+ }
+
+ bool DHWrapper::CreateSharedKey(uint8_t *pPeerPublicKey, int32_t length) {
+@@ -153,14 +169,6 @@ bool DHWrapper::CopySharedKey(uint8_t *p
+
+ void DHWrapper::Cleanup() {
+ if (_pDH != NULL) {
+- if (_pDH->p != NULL) {
+- BN_free(_pDH->p);
+- _pDH->p = NULL;
+- }
+- if (_pDH->g != NULL) {
+- BN_free(_pDH->g);
+- _pDH->g = NULL;
+- }
+ DH_free(_pDH);
+ _pDH = NULL;
+ }
+@@ -177,7 +185,7 @@ void DHWrapper::Cleanup() {
+ }
+ }
+
+-bool DHWrapper::CopyKey(BIGNUM *pNum, uint8_t *pDst, int32_t dstLength) {
++bool DHWrapper::CopyKey(const BIGNUM *pNum, uint8_t *pDst, int32_t dstLength) {
+ int32_t keySize = BN_num_bytes(pNum);
+ if ((keySize <= 0) || (dstLength <= 0) || (keySize > dstLength)) {
+ FATAL("CopyPublicKey failed due to either invalid DH state or invalid call");
+@@ -197,20 +205,21 @@ void InitRC4Encryption(uint8_t *secretKe
+ uint8_t digest[SHA256_DIGEST_LENGTH];
+ unsigned int digestLen = 0;
+
+- HMAC_CTX ctx;
+- HMAC_CTX_init(&ctx);
+- HMAC_Init_ex(&ctx, secretKey, 128, EVP_sha256(), 0);
+- HMAC_Update(&ctx, pubKeyIn, 128);
+- HMAC_Final(&ctx, digest, &digestLen);
+- HMAC_CTX_cleanup(&ctx);
++ HMAC_CTX *ctx;
++ ctx = HMAC_CTX_new();
++ if (ctx == NULL)
++ return;
++ HMAC_Init_ex(ctx, secretKey, 128, EVP_sha256(), 0);
++ HMAC_Update(ctx, pubKeyIn, 128);
++ HMAC_Final(ctx, digest, &digestLen);
++ HMAC_CTX_reset(ctx);
+
+ RC4_set_key(rc4keyOut, 16, digest);
+
+- HMAC_CTX_init(&ctx);
+- HMAC_Init_ex(&ctx, secretKey, 128, EVP_sha256(), 0);
+- HMAC_Update(&ctx, pubKeyOut, 128);
+- HMAC_Final(&ctx, digest, &digestLen);
+- HMAC_CTX_cleanup(&ctx);
++ HMAC_Init_ex(ctx, secretKey, 128, EVP_sha256(), 0);
++ HMAC_Update(ctx, pubKeyOut, 128);
++ HMAC_Final(ctx, digest, &digestLen);
++ HMAC_CTX_free(ctx);
+
+ RC4_set_key(rc4keyIn, 16, digest);
+ }
+@@ -220,14 +229,17 @@ string md5(string source, bool textResul
+ }
+
+ string md5(uint8_t *pBuffer, uint32_t length, bool textResult) {
+- EVP_MD_CTX mdctx;
++ EVP_MD_CTX *mdctx;
+ unsigned char md_value[EVP_MAX_MD_SIZE];
+ unsigned int md_len;
+
+- EVP_DigestInit(&mdctx, EVP_md5());
+- EVP_DigestUpdate(&mdctx, pBuffer, length);
+- EVP_DigestFinal_ex(&mdctx, md_value, &md_len);
+- EVP_MD_CTX_cleanup(&mdctx);
++ mdctx = EVP_MD_CTX_new();
++ if (mdctx == NULL)
++ return "";
++ EVP_DigestInit(mdctx, EVP_md5());
++ EVP_DigestUpdate(mdctx, pBuffer, length);
++ EVP_DigestFinal_ex(mdctx, md_value, &md_len);
++ EVP_MD_CTX_free(mdctx);
+
+ if (textResult) {
+ string result = "";
+@@ -244,12 +256,12 @@ void HMACsha256(const void *pData, uint3
+ const void *pKey, uint32_t keyLength, void *pResult) {
+ unsigned int digestLen;
+
+- HMAC_CTX ctx;
+- HMAC_CTX_init(&ctx);
+- HMAC_Init_ex(&ctx, (unsigned char*) pKey, keyLength, EVP_sha256(), NULL);
+- HMAC_Update(&ctx, (unsigned char *) pData, dataLength);
+- HMAC_Final(&ctx, (unsigned char *) pResult, &digestLen);
+- HMAC_CTX_cleanup(&ctx);
++ HMAC_CTX *ctx;
++ ctx = HMAC_CTX_new();
++ HMAC_Init_ex(ctx, (unsigned char*) pKey, keyLength, EVP_sha256(), NULL);
++ HMAC_Update(ctx, (unsigned char *) pData, dataLength);
++ HMAC_Final(ctx, (unsigned char *) pResult, &digestLen);
++ HMAC_CTX_free(ctx);
+
+ o_assert(digestLen == 32);
+ }
+--- a/sources/thelib/src/protocols/ssl/basesslprotocol.cpp
++++ b/sources/thelib/src/protocols/ssl/basesslprotocol.cpp
+@@ -211,6 +211,7 @@ string BaseSSLProtocol::GetSSLErrors() {
+
+ string BaseSSLProtocol::DumpBIO(BIO *pBIO) {
+ string formatString;
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ formatString = "method: %p\n";
+ formatString += "callback: %p\n";
+ formatString += "cb_arg: %p\n";
+@@ -240,6 +241,39 @@ string BaseSSLProtocol::DumpBIO(BIO *pBI
+ pBIO->references,
+ (int64_t) pBIO->num_read,
+ (int64_t) pBIO->num_write);
++#else
++// Some of these are problematic in openssl >= 1.1, since
++// the BIO struct is opaque.
++ formatString = "method: %s\n";
++ formatString += "callback: %p\n";
++ formatString += "cb_arg: %p\n";
++ formatString += "init: %d\n";
++ formatString += "shutdown: %d\n";
++ formatString += "flags: %d\n";
++ formatString += "retry_reason: %d\n";
++ formatString += "num: %d\n";
++ formatString += "ptr: %p\n";
++ formatString += "next_bio: %p\n";
++ formatString += "prev_bio: %s\n";
++ formatString += "references: %s\n";
++ formatString += "num_read: %"PRId64"\n";
++ formatString += "num_write: %"PRId64;
++ return format(formatString,
++ BIO_method_name(pBIO),
++ BIO_get_callback(pBIO),
++ BIO_get_callback_arg(pBIO),
++ BIO_get_init(pBIO),
++ BIO_get_shutdown(pBIO),
++ BIO_get_flags(pBIO),
++ BIO_get_retry_reason(pBIO),
++ BIO_get_fd(pBIO, NULL),
++ BIO_get_data(pBIO),
++ BIO_next(pBIO),
++ "unknown", //prev_bio
++ "unknown", //references
++ BIO_number_read(pBIO),
++ BIO_number_written(pBIO));
++#endif
+ }
+
+ void BaseSSLProtocol::InitRandGenerator() {
+--- /dev/null
++++ b/sources/common/include/utils/misc/libcrypto-compat.h
+@@ -0,0 +1,25 @@
++#ifndef LIBCRYPTO_COMPAT_H
++#define LIBCRYPTO_COMPAT_H
++
++#include <openssl/opensslv.h>
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++
++#include <openssl/dh.h>
++#include <openssl/evp.h>
++#include <openssl/hmac.h>
++
++int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
++void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key);
++int DH_set_length(DH *dh, long length);
++
++EVP_MD_CTX *EVP_MD_CTX_new(void);
++void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
++#define EVP_MD_CTX_reset EVP_MD_CTX_cleanup
++
++HMAC_CTX *HMAC_CTX_new(void);
++void HMAC_CTX_free(HMAC_CTX *ctx);
++#define HMAC_CTX_reset HMAC_CTX_cleanup
++
++#endif /* OPENSSL_VERSION_NUMBER */
++
++#endif /* LIBCRYPTO_COMPAT_H */
+--- /dev/null
++++ b/sources/common/src/utils/misc/libcrypto-compat.cpp
+@@ -0,0 +1,90 @@
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++#include "utils/misc/libcrypto-compat.h"
++
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++
++#include <string.h>
++
++static void *OPENSSL_zalloc(size_t num)
++{
++ void *ret = OPENSSL_malloc(num);
++
++ if (ret != NULL)
++ memset(ret, 0, num);
++ return ret;
++}
++
++int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
++{
++ /* If the fields p and g in d are NULL, the corresponding input
++ * parameters MUST be non-NULL. q may remain NULL.
++ */
++ if ((dh->p == NULL && p == NULL)
++ || (dh->g == NULL && g == NULL))
++ return 0;
++
++ if (p != NULL) {
++ BN_free(dh->p);
++ dh->p = p;
++ }
++ if (q != NULL) {
++ BN_free(dh->q);
++ dh->q = q;
++ }
++ if (g != NULL) {
++ BN_free(dh->g);
++ dh->g = g;
++ }
++
++ if (q != NULL) {
++ dh->length = BN_num_bits(q);
++ }
++
++ return 1;
++}
++
++void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key)
++{
++ if (pub_key != NULL)
++ *pub_key = dh->pub_key;
++ if (priv_key != NULL)
++ *priv_key = dh->priv_key;
++}
++
++int DH_set_length(DH *dh, long length)
++{
++ dh->length = length;
++ return 1;
++}
++
++EVP_MD_CTX *EVP_MD_CTX_new(void)
++{
++ return (EVP_MD_CTX *)OPENSSL_zalloc(sizeof(EVP_MD_CTX));
++}
++
++void EVP_MD_CTX_free(EVP_MD_CTX *ctx)
++{
++ EVP_MD_CTX_cleanup(ctx);
++ OPENSSL_free(ctx);
++}
++
++HMAC_CTX *HMAC_CTX_new(void)
++{
++ return (HMAC_CTX *)OPENSSL_zalloc(sizeof(HMAC_CTX));
++}
++
++void HMAC_CTX_free(HMAC_CTX *ctx)
++{
++ HMAC_CTX_cleanup(ctx);
++ OPENSSL_free(ctx);
++}
++
++#endif /* OPENSSL_VERSION_NUMBER */
--- /dev/null
+--- a/sources/common/src/utils/misc/crypto.cpp
++++ b/sources/common/src/utils/misc/crypto.cpp
+@@ -350,6 +350,7 @@ string unhex(string source) {
+ return result;
+ }
+
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ void CleanupSSL() {
+ ERR_remove_state(0);
+ ENGINE_cleanup();
+@@ -358,3 +359,4 @@ void CleanupSSL() {
+ EVP_cleanup();
+ CRYPTO_cleanup_all_ex_data();
+ }
++#endif
+--- a/sources/crtmpserver/src/crtmpserver.cpp
++++ b/sources/crtmpserver/src/crtmpserver.cpp
+@@ -298,8 +298,10 @@ void Cleanup() {
+ delete gRs.pConfigFile;
+ gRs.pConfigFile = NULL;
+
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ WARN("Doing final OpenSSL cleanup");
+ CleanupSSL();
++#endif
+
+ WARN("Shutting down the logger leaving you in the dark. Bye bye... :(");
+ Logger::Free(true);
+--- a/sources/thelib/src/protocols/ssl/basesslprotocol.cpp
++++ b/sources/thelib/src/protocols/ssl/basesslprotocol.cpp
+@@ -43,6 +43,7 @@ BaseSSLProtocol::~BaseSSLProtocol() {
+ bool BaseSSLProtocol::Initialize(Variant ¶meters) {
+ //1. Initialize the SSL library
+ if (!_libraryInitialized) {
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ //3. This is the first time we use the library. So we have to
+ //initialize it first
+ SSL_library_init();
+@@ -55,6 +56,7 @@ bool BaseSSLProtocol::Initialize(Variant ¶meters) {
+ OpenSSL_add_all_algorithms();
+ OpenSSL_add_all_ciphers();
+ OpenSSL_add_all_digests();
++#endif
+
+ //initialize the random numbers generator
+ InitRandGenerator();
PKG_NAME:=gstreamer1
PKG_VERSION:=1.14.4
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org> \
Ted Hess <thess@kitschensync.net>
--disable-gtk-doc-html \
--disable-tests \
--disable-valgrind \
+ --without-dw \
--without-libiconv-prefix \
--without-libintl-prefix \
--without-unwind
include $(TOPDIR)/rules.mk
PKG_NAME:=adblock
-PKG_VERSION:=3.5.5
-PKG_RELEASE:=4
+PKG_VERSION:=3.6.1
+PKG_RELEASE:=1
PKG_LICENSE:=GPL-3.0+
PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>
# dns based ad/abuse domain blocking
## Description
-A lot of people already use adblocker plugins within their desktop browsers, but what if you are using your (smart) phone, tablet, watch or any other wlan gadget...getting rid of annoying ads, trackers and other abuse sites (like facebook ;-) is simple: block them with your router. When the dns server on your router receives dns requests, you will sort out queries that ask for the resource records of ad servers and return a simple 'NXDOMAIN'. This is nothing but **N**on-e**X**istent Internet or Intranet domain name, if domain name is unable to resolved using the dns server, a condition called the 'NXDOMAIN' occurred.
+A lot of people already use adblocker plugins within their desktop browsers, but what if you are using your (smart) phone, tablet, watch or any other (wlan) gadget!? Getting rid of annoying ads, trackers and other abuse sites (like facebook) is simple: block them with your router. When the dns server on your router receives dns requests, you will sort out queries that ask for the resource records of ad servers and return a simple 'NXDOMAIN'. This is nothing but **N**on-e**X**istent Internet or Intranet domain name, if domain name is unable to resolved using the dns server, a condition called the 'NXDOMAIN' occurred.
## Main Features
* support of the following domain blocklist sources (free for private usage, for commercial use please check their individual licenses):
* keep the dns cache intact after adblock processing (currently supported by unbound, named and kresd)
* conditional dns backend restarts by old/new blocklist comparison with sha256sum (default) or md5sum
* suspend & resume adblock actions temporarily without blocklist reloading
-* output comprehensive runtime information via LuCI or via 'status' init command
+* provide comprehensive runtime information via LuCI or via 'status' init command
+* provide a detailed DNS Query Report with dns related information about client requests, top (blocked) domains and more
* query function to quickly identify blocked (sub-)domains, e.g. for whitelisting
+* force dns requests to local resolver
+* force overall sort / duplicate removal for low memory devices (handle with care!)
+* automatic blocklist backup & restore, they will be used in case of download errors or during startup in backup mode
+* 'backup mode' to re-use blocklist backups during startup, get fresh lists only via reload or restart action
+* 'Jail' blocklist generation which builds an additional list (/tmp/adb_list.jail) to block access to all domains except those listed in the whitelist file. You can use this restrictive blocklist manually e.g. for guest wifi or kidsafe configurations
+* send notification emails in case of a processing error or if the overall domain count is ≤ 0
+* add new adblock sources on your own, see example below
* strong LuCI support
-* optional: force dns requests to local resolver
-* optional: force overall sort / duplicate removal for low memory devices (handle with care!)
-* optional: automatic blocklist backup & restore, they will be used in case of download errors or during startup in backup mode
-* optional: 'backup mode' to re-use blocklist backups during startup, get fresh lists only via reload or restart action
-* optional: 'Jail' blocklist generation which builds an additional list (/tmp/adb_list.jail) to block access to all domains except those listed in the whitelist file. You can use this restrictive blocklist manually e.g. for guest wifi or kidsafe configurations
-* optional: send notification emails in case of a processing error or if the overall domain count is ≤ 0
-* optional: add new adblock sources on your own, see example below
## Prerequisites
* [OpenWrt](https://openwrt.org), tested with the stable release series (18.06) and with the latest snapshot
* to support all blocklist sources a full version (with ssl support) of 'wget', 'uclient-fetch' with one of the 'libustream-*' ssl libraries, 'aria2c' or 'curl' is required
* for limited devices with real memory constraints, adblock provides also a 'http only' option and supports wget-nossl and uclient-fetch (without libustream-ssl) as well
* for more configuration options see examples below
+* email notification (optional): for email notification support you need to install and configure the additional 'msmtp' package
+* DNS Query Report (optional): for this detailed report you need to install the additional package 'tcpdump-mini'
## Installation & Usage
* install 'adblock' (_opkg install adblock_)
* control the adblock service manually with _/etc/init.d/adblock_ start/stop/restart/reload/suspend/resume/status or use the LuCI frontend
## LuCI adblock companion package
-* for easy management of the various blocklist sources and adblock runtime options you should use the provided LuCI frontend
+* it's strongly recommended to use the LuCI frontend to easily configure all powerful aspects of adblock
* install 'luci-app-adblock' (_opkg install luci-app-adblock_)
* the application is located in LuCI under 'Services' menu
* adb\_trigger => set the startup trigger to a certain interface, to 'timed' or to 'none' (default: 'wan')
* the following options apply to the 'extra' config section:
+ * adb\_nice => set the nice level of the adblock process and all sub-processes (int/default: '0', standard priority)
* adb\_triggerdelay => additional trigger delay in seconds before adblock processing begins (int/default: '2')
* adb\_forcedns => force dns requests to local resolver (bool/default: '0', disabled)
* adb\_forcesrt => force overall sort on low memory devices with less than 64 MB RAM (bool/default: '0', disabled)
+ * adb\_backup => create compressed blocklist backups, they will be used in case of download errors or during startup in backup mode (bool/default: '0', disabled)
+ * adb\_backupdir => target directory for adblock backups (default: not set)
* adb\_backup_mode => do not automatically update blocklists during startup, use backups instead (bool/default: '0', disabled)
- * adb\_maxqueue => size of the download queue to handle downloads & list processing in parallel (int/default: '4')
+ * adb\_report => enable the background tcpdump gathering process to provide a detailed DNS Query Report (bool/default: '0', disabled)
+ * adb\_repdir => target directory for dns related report files generated by tcpdump (default: '/tmp')
+ * adb\_repiface => reporting interface used by tcpdump, set to 'any' for multiple interfaces (default: 'br-lan')
+ * adb\_replisten => space separated list of reporting port(s) used by tcpdump (default: '53')
+ * adb\_repchunksize => report chunk size used by tcpdump in MB (int/default: '1')
+ * adb\_repchunkcnt => report chunk count used by tcpdump (default: '5')
+ * adb\_maxqueue => size of the download queue to handle downloads & list processing in parallel (int/default: '8')
* adb\_jail => builds an additional 'Jail' list (/tmp/adb_list.jail) to block access to all domains except those listed in the whitelist file (bool/default: '0', disabled)
* adb\_dnsflush => flush DNS cache after adblock processing, i.e. enable the old restart behavior (bool/default: '0', disabled)
* adb\_notify => send notification emails in case of a processing error or if the overall domain count is ≤ 0 (bool/default: '0', disabled)
/etc/init.d/adblock status
::: adblock runtime information
+ adblock_status : enabled
- + adblock_version : 3.5.5
- + overall_domains : 97199 (backup mode)
+ + adblock_version : 3.6.0
+ + overall_domains : 30267 (backup mode)
+ fetch_utility : /bin/uclient-fetch (libustream-ssl)
- + dns_backend : unbound (/var/lib/unbound)
- + last_rundate : 01.09.2018 07:09:16
- + system_release : PC Engines APU, OpenWrt SNAPSHOT r7986-dc9388ac55
+ + dns_backend : dnsmasq (/tmp)
+ + last_rundate : 19.12.2018 16:29:25
+ + system_release : GL-AR750S, OpenWrt SNAPSHOT r8814-6835c13e5a
+</code></pre>
+
+**receive adblock DNS Query Report information:**
+<pre><code>
+/etc/init.d/adblock report
+:::
+::: Adblock DNS-Query Report
+:::
+ + Start ::: 2018-12-19, 16:29:40
+ + End ::: 2018-12-19, 16:45:08
+ + Total ::: 42
+ + Blocked ::: 17 (40.48 %)
+:::
+::: Top 10 Clients
+ + 32 ::: 101.167.1.103
+ + 10 ::: abc1:abc1:abc0:0:abc1:abcb:abc5:abc3
+:::
+::: Top 10 Domains
+ + 7 ::: dns.msftncsi.com
+ + 4 ::: forum.openwrt.org
+ + 2 ::: outlook.office365.com
+ + 1 ::: www.google.com
+ + 1 ::: www.deepl.com
+ + 1 ::: safebrowsing.googleapis.com
+ + 1 ::: play.googleapis.com
+ + 1 ::: odc.officeapps.live.com
+ + 1 ::: login.microsoftonline.com
+ + 1 ::: test-my.sharepoint.com
+:::
+::: Top 10 Blocked Domains
+ + 4 ::: nexus.officeapps.live.com
+ + 4 ::: mobile.pipe.aria.microsoft.com
+ + 3 ::: watson.telemetry.microsoft.com
+ + 2 ::: v10.events.data.microsoft.com
+ + 2 ::: settings-win.data.microsoft.com
+ + 2 ::: nexusrules.officeapps.live.com
</code></pre>
**cronjob for a regular block list update (/etc/crontabs/root):**
To add a really new source with different domain/host format you have to write a suitable awk one-liner on your own, so basic awk skills are needed. As a starting point check the already existing awk rulesets 'adb_src_rset' in the config file, probably you need only small changes for your individual list. Download the desired list and test your new awk string locally. The output result should be a sequential list with one domain/host per line - nothing more. If your awk one-liner works quite well, add a new source section to the adblock config file and test the new source.
## Support
-Please join the adblock discussion in this [forum thread](https://forum.lede-project.org/t/adblock-2-x-support-thread/507) or contact me by mail <dev@brenken.org>
+Please join the adblock discussion in this [forum thread](https://forum.openwrt.org/t/adblock-support-thread/507) or contact me by mail <dev@brenken.org>
## Removal
* stop all adblock related services with _/etc/init.d/adblock stop_
config adblock 'extra'
option adb_debug '0'
- option adb_forcesrt '0'
option adb_forcedns '0'
option adb_backup '0'
- option adb_maxqueue '4'
+ option adb_report '0'
+ option adb_maxqueue '8'
config source 'adaway'
option adb_src 'https://adaway.org/hosts.txt'
START=30
USE_PROCD=1
-EXTRA_COMMANDS="suspend resume query status"
+EXTRA_COMMANDS="suspend resume query report status"
EXTRA_HELP=" suspend Suspend adblock processing
resume Resume adblock processing
query <DOMAIN> Query active blocklists for specific domains
+ report Print dns query statistics
status Print runtime information"
adb_init="/etc/init.d/adblock"
rc_procd "${adb_script}" query "${1}"
}
+report()
+{
+ [ -s "${adb_pidfile}" ] && return 1
+ rc_procd "${adb_script}" report "${1}"
+}
+
status()
{
local key keylist value rtfile="$(uci_get adblock extra adb_rtfile)"
#
LC_ALL=C
PATH="/usr/sbin:/usr/bin:/sbin:/bin"
-adb_ver="3.5.5-4"
+adb_ver="3.6.1"
adb_sysver="unknown"
adb_enabled=0
adb_debug=0
adb_forcesrt=0
adb_forcedns=0
adb_jail=0
-adb_maxqueue=4
+adb_maxqueue=8
adb_notify=0
adb_notifycnt=0
adb_triggerdelay=0
adb_hashutil="$(command -v sha256sum)"
adb_hashold=""
adb_hashnew=""
+adb_report=0
+adb_repiface="br-lan"
+adb_replisten="53"
+adb_repdir="/tmp"
+adb_reputil="$(command -v tcpdump)"
+adb_repchunkcnt="5"
+adb_repchunksize="1"
adb_cnt=""
adb_rc=0
adb_action="${1:-"start"}"
fi
f_rmtemp
fi
- f_log "debug" "f_rmdns::: dns: ${adb_dns}, dns_dir: ${adb_dnsdir}, dns_prefix: ${adb_dnsprefix}, dns_file: ${adb_dnsfile}, rt_file: ${adb_rtfile}, backup_dir: ${adb_backupdir}"
+ f_log "debug" "f_rmdns ::: dns: ${adb_dns}, dns_dir: ${adb_dnsdir}, dns_prefix: ${adb_dnsprefix}, dns_file: ${adb_dnsfile}, rt_file: ${adb_rtfile}, backup_dir: ${adb_backupdir}"
}
# commit uci changes
esac
fi
fi
- f_log "debug" "f_uci ::: config: ${config}, change: ${change}"
+ f_log "debug" "f_uci ::: config: ${config}, change: ${change}"
}
# list/overall count
adb_cnt=0
if [ -s "${adb_dnsdir}/${adb_dnsfile}" ] && ([ -z "${mode}" ] || [ "${mode}" = "final" ])
then
- adb_cnt="$(( $(wc -l 2>/dev/null < "${adb_dnsdir}/${adb_dnsfile}") ))"
+ adb_cnt="$(wc -l 2>/dev/null < "${adb_dnsdir}/${adb_dnsfile}")"
if [ -s "${adb_tmpdir}/tmp.add_whitelist" ]
then
adb_cnt="$(( ${adb_cnt} - $(wc -l 2>/dev/null < "${adb_tmpdir}/tmp.add_whitelist") ))"
cnt=$((cnt+1))
sleep 1
done
- f_log "debug" "f_dnsup::: cache_util: ${cache_util:-"-"}, cache_rc: ${cache_rc:-"-"}, cache_flush: ${adb_dnsflush}, cache_cnt: ${cnt}, rc: ${adb_rc}"
+ f_log "debug" "f_dnsup ::: cache_util: ${cache_util:-"-"}, cache_rc: ${cache_rc:-"-"}, cache_flush: ${adb_dnsflush}, cache_cnt: ${cnt}, rc: ${adb_rc}"
return ${adb_rc}
}
;;
esac
f_count "${mode}"
- f_log "debug" "f_list ::: name: ${src_name:-"-"}, mode: ${mode}, cnt: ${adb_cnt}, in_rc: ${in_rc}, out_rc: ${adb_rc}"
+ f_log "debug" "f_list ::: name: ${src_name:-"-"}, mode: ${mode}, cnt: ${adb_cnt}, in_rc: ${in_rc}, out_rc: ${adb_rc}"
}
# top level domain compression
if [ ${?} -eq 0 ]
then
cnt_tld="$(wc -l 2>/dev/null < "${source}")"
+ rm -f "${temp}"
else
mv -f "${temp}" > "${source}"
fi
mv -f "${temp}" "${source}"
fi
fi
- f_log "debug" "f_tld ::: source: ${source}, cnt: ${cnt:-"-"}, cnt_srt: ${cnt_srt:-"-"}, cnt_tld: ${cnt_tld:-"-"}"
+ f_log "debug" "f_tld ::: source: ${source}, cnt: ${cnt:-"-"}, cnt_srt: ${cnt_srt:-"-"}, cnt_tld: ${cnt_tld:-"-"}"
}
# blocklist hash compare
adb_hashnew=""
fi
fi
- f_log "debug" "f_hash ::: hash_util: ${adb_hashutil}, hash: ${hash}, out_rc: ${hash_rc}"
+ f_log "debug" "f_hash ::: hash_util: ${adb_hashutil}, hash: ${hash}, out_rc: ${hash_rc}"
return ${hash_rc}
}
{
local status cnt mode="${1}"
+ json_load_file "${adb_rtfile}" >/dev/null 2>&1
+ json_select "data"
json_get_var status "adblock_status"
json_get_var cnt "overall_domains"
mode="backup mode"
fi
- if [ -z "${adb_fetchinfo}" ]
- then
- json_get_var adb_fetchinfo "fetch_utility"
- fi
- if [ -z "${adb_cnt}" ]
- then
- json_get_var adb_cnt "overall_domains"
- adb_cnt="${adb_cnt%% *}"
- fi
- if [ -z "${run_time}" ]
+ json_load_file "${adb_rtfile}" >/dev/null 2>&1
+ json_select "data" >/dev/null 2>&1
+ if [ ${?} -eq 0 ]
then
- json_get_var run_time "last_rundate"
+ if [ -z "${adb_fetchinfo}" ]
+ then
+ json_get_var adb_fetchinfo "fetch_utility"
+ fi
+ if [ -z "${adb_cnt}" ]
+ then
+ json_get_var adb_cnt "overall_domains"
+ adb_cnt="${adb_cnt%% *}"
+ fi
+ if [ -z "${run_time}" ]
+ then
+ json_get_var run_time "last_rundate"
+ fi
fi
+
+ > "${adb_rtfile}"
+ json_load_file "${adb_rtfile}" >/dev/null 2>&1
+ json_init
+ json_add_object "data"
json_add_string "adblock_status" "${status}"
json_add_string "adblock_version" "${adb_ver}"
json_add_string "overall_domains" "${adb_cnt:-0} (${mode})"
json_add_string "dns_backend" "${adb_dns} (${adb_dnsdir})"
json_add_string "last_rundate" "${run_time:-"-"}"
json_add_string "system_release" "${adb_sysver}"
+ json_close_object
json_dump > "${adb_rtfile}"
if [ ${adb_notify} -eq 1 ] && [ ${no_mail} -eq 0 ] && [ -x /etc/adblock/adblock.notify ] && \
([ "${status}" = "error" ] || ([ "${status}" = "enabled" ] && [ ${adb_cnt} -le ${adb_notifycnt} ]))
then
- (/etc/adblock/adblock.notify >/dev/null 2>&1) &
+ (/etc/adblock/adblock.notify >/dev/null 2>&1)&
bg_pid=${!}
fi
- f_log "debug" "f_jsnup::: status: ${status}, mode: ${mode}, cnt: ${adb_cnt}, notify: ${adb_notify}, notify_cnt: ${adb_notifycnt}, notify_pid: ${bg_pid:-"-"}"
+ f_log "debug" "f_jsnup ::: status: ${status}, mode: ${mode}, cnt: ${adb_cnt}, notify: ${adb_notify}, notify_cnt: ${adb_notifycnt}, notify_pid: ${bg_pid:-"-"}"
}
# write to syslog
> "${adb_tmpdir}/tmp.raw_whitelist"
> "${adb_tmpdir}/tmp.add_whitelist"
> "${adb_tmpdir}/tmp.rem_whitelist"
- f_log "debug" "f_main ::: dns: ${adb_dns}, fetch_util: ${adb_fetchinfo}, backup: ${adb_backup}, backup_mode: ${adb_backup_mode}, dns_jail: ${adb_jail}, force_srt: ${adb_forcesrt}, force_dns: ${adb_forcedns}, mem_total: ${mem_total:-0}, mem_free: ${mem_free:-0}, max_queue: ${adb_maxqueue}"
+ f_log "debug" "f_main ::: dns: ${adb_dns}, fetch_util: ${adb_fetchinfo}, backup: ${adb_backup}, backup_mode: ${adb_backup_mode}, dns_jail: ${adb_jail}, force_srt: ${adb_forcesrt}, force_dns: ${adb_forcedns}, mem_total: ${mem_total:-0}, mem_free: ${mem_free:-0}, max_queue: ${adb_maxqueue}"
# prepare whitelist entries
#
# basic pre-checks
#
- f_log "debug" "f_main ::: name: ${src_name}, enabled: ${enabled}"
+ f_log "debug" "f_main ::: name: ${src_name}, enabled: ${enabled}"
if [ "${enabled}" != "1" ] || [ -z "${src_url}" ] || [ -z "${src_rset}" ]
then
f_list remove
fi
else
src_log="$(printf '%s' "${src_log}" | awk '{ORS=" ";print $0}')"
- f_log "debug" "f_main ::: name: ${src_name}, url: ${src_url}, rc: ${adb_rc}, log: ${src_log:-"-"}"
+ f_log "debug" "f_main ::: name: ${src_name}, url: ${src_url}, rc: ${adb_rc}, log: ${src_log:-"-"}"
fi
) &
else
done
else
src_log="$(printf '%s' "${src_log}" | awk '{ORS=" ";print $0}')"
- f_log "debug" "f_main ::: name: ${src_name}, url: ${src_url}, rc: ${adb_rc}, log: ${src_log:-"-"}"
+ f_log "debug" "f_main ::: name: ${src_name}, url: ${src_url}, rc: ${adb_rc}, log: ${src_log:-"-"}"
fi
if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpload}" ]
then
fi
else
src_log="$(printf '%s' "${src_log}" | awk '{ORS=" ";print $0}')"
- f_log "debug" "f_main ::: name: ${src_name}, url: ${src_url}, rc: ${adb_rc}, log: ${src_log:-"-"}"
+ f_log "debug" "f_main ::: name: ${src_name}, url: ${src_url}, rc: ${adb_rc}, log: ${src_log:-"-"}"
if [ ${adb_backup} -eq 1 ]
then
f_list restore
exit ${adb_rc}
}
+# trace dns queries via tcpdump and prepare a report
+#
+f_report()
+{
+ local bg_pid total blocked percent rep_clients rep_domains rep_blocked index hold ports cnt=0 print="${1:-"true"}"
+
+ if [ ! -x "${adb_reputil}" ]
+ then
+ f_log "info" "Please install the package 'tcpdump-mini' manually to use the adblock reporting feature!"
+ return 0
+ fi
+
+ bg_pid="$(pgrep -f "^${adb_reputil}.*adb_report\.pcap$" | awk '{ORS=" "; print $1}')"
+ if [ ${adb_report} -eq 0 ] || ([ -n "${bg_pid}" ] && ([ "${adb_action}" = "stop" ] || [ "${adb_action}" = "restart" ]))
+ then
+ if [ -n "${bg_pid}" ]
+ then
+ kill -HUP ${bg_pid}
+ while $(kill -0 ${bg_pid} 2>/dev/null)
+ do
+ sleep 1
+ done
+ unset bg_pid
+ fi
+ fi
+ if [ -z "${bg_pid}" ] && [ "${adb_action}" != "report" ] && [ "${adb_action}" != "stop" ]
+ then
+ for port in ${adb_replisten}
+ do
+ if [ -z "${ports}" ]
+ then
+ ports="port ${port}"
+ else
+ ports="${ports} or port ${port}"
+ fi
+ done
+ ("${adb_reputil}" -nn -s0 -l -i ${adb_repiface} ${ports} -C${adb_repchunksize} -W${adb_repchunkcnt} -w "${adb_repdir}/adb_report.pcap" >/dev/null 2>&1 &)
+ fi
+ if [ "${adb_action}" = "report" ]
+ then
+ > "${adb_repdir}/adb_report.raw"
+ for file in "${adb_repdir}"/adb_report.pcap*
+ do
+ (
+ "${adb_reputil}" -nn -tttt -r $file 2>/dev/null | \
+ awk -v cnt=${cnt} '!/\.lan\. /&&/ A[\? ]+|NXDomain/{a=$1;b=substr($2,0,8);c=$4;sub(/\.[0-9]+$/,"",c); \
+ d=cnt $7;e=$(NF-1);sub(/[0-9]\/[0-9]\/[0-9]/,"NX",e);sub(/\.$/,"",e);sub(/([0-9]{1,3}\.){3}[0-9]{1,3}/,"OK",e);printf("%s\t%s\t%s\t%s\t%s\n", a,b,c,d,e)}' >> "${adb_repdir}/adb_report.raw"
+ )&
+ hold=$(( cnt % adb_maxqueue ))
+ if [ ${hold} -eq 0 ]
+ then
+ wait
+ fi
+ cnt=$(( cnt + 1 ))
+ done
+ wait
+
+ if [ -s "${adb_repdir}/adb_report.raw" ]
+ then
+ awk '{printf("%s\t%s\t%s\t%s\t%s\t%s\n", $4,$5,$1,$2,$3,$4)}' "${adb_repdir}/adb_report.raw" | \
+ sort -ur | uniq -uf2 | awk '{currA=($6+0);currB=$6;currC=substr($6,length($6),1); \
+ if(reqA==currB){reqA=0;printf("%s\t%s\n",d,$2)}else if(currC=="+"){reqA=currA;d=$3"\t"$4"\t"$5"\t"$2}}' | sort -ur > "${adb_repdir}/adb_report"
+ fi
+
+ if [ -s "${adb_repdir}/adb_report" ]
+ then
+ total="$(wc -l < ${adb_repdir}/adb_report)"
+ blocked="$(awk '{if($5=="NX")print $4}' ${adb_repdir}/adb_report | wc -l)"
+ percent="$(awk -v t=${total} -v b=${blocked} 'BEGIN{printf("%.2f %s\n",b/t*100, "%")}')"
+ rep_clients="$(awk '{print $3}' ${adb_repdir}/adb_report | sort | uniq -c | sort -r | awk '{ORS=" ";if(NR<=10) printf("%s_%s ",$1,$2)}')"
+ rep_domains="$(awk '{if($5!="NX")print $4}' ${adb_repdir}/adb_report | sort | uniq -c | sort -r | awk '{ORS=" ";if(NR<=10)printf("%s_%s ",$1,$2)}')"
+ rep_blocked="$(awk '{if($5=="NX")print $4}' ${adb_repdir}/adb_report | sort | uniq -c | sort -r | awk '{ORS=" ";if(NR<=10)printf("%s_%s ",$1,$2)}')"
+
+ > "${adb_repdir}/adb_report.json"
+ json_load_file "${adb_repdir}/adb_report.json" >/dev/null 2>&1
+ json_init
+ json_add_object "data"
+ json_add_string "start_date" "$(awk 'END{printf("%s",$1)}' ${adb_repdir}/adb_report)"
+ json_add_string "start_time" "$(awk 'END{printf("%s",$2)}' ${adb_repdir}/adb_report)"
+ json_add_string "end_date" "$(awk 'NR==1{printf("%s",$1)}' ${adb_repdir}/adb_report)"
+ json_add_string "end_time" "$(awk 'NR==1{printf("%s",$2)}' ${adb_repdir}/adb_report)"
+ json_add_string "total" "${total}"
+ json_add_string "blocked" "${blocked}"
+ json_add_string "percent" "${percent}"
+ json_close_array
+ json_add_array "top_clients"
+ for client in ${rep_clients}
+ do
+ json_add_object
+ json_add_string "count" "${client%_*}"
+ json_add_string "address" "${client#*_}"
+ json_close_object
+ done
+ json_close_array
+ json_add_array "top_domains"
+ for domain in ${rep_domains}
+ do
+ json_add_object
+ json_add_string "count" "${domain%_*}"
+ json_add_string "address" "${domain#*_}"
+ json_close_object
+ done
+ json_close_array
+ json_add_array "top_blocked"
+ for block in ${rep_blocked}
+ do
+ json_add_object
+ json_add_string "count" "${block%_*}"
+ json_add_string "address" "${block#*_}"
+ json_close_object
+ done
+ json_close_object
+ json_dump > "${adb_repdir}/adb_report.json"
+ fi
+ rm -f "${adb_repdir}/adb_report.raw"
+
+ if [ "${print}" = "true" ]
+ then
+ if [ -s "${adb_repdir}/adb_report.json" ]
+ then
+ printf "%s\n%s\n%s\n" ":::" "::: Adblock DNS-Query Report" ":::"
+ json_load_file "${adb_repdir}/adb_report.json"
+ json_select "data"
+ json_get_keys keylist
+ for key in ${keylist}
+ do
+ json_get_var value "${key}"
+ eval "${key}=\"${value}\""
+ done
+ printf " + %s\n + %s\n" "Start ::: ${start_date}, ${start_time}" "End ::: ${end_date}, ${end_time}"
+ printf " + %s\n + %s %s\n" "Total ::: ${total}" "Blocked ::: ${blocked}" "(${percent})"
+ json_select ".."
+ if json_get_type Status "top_clients" && [ "${Status}" = "array" ]
+ then
+ printf "%s\n%s\n" ":::" "::: Top 10 Clients"
+ json_select "top_clients"
+ index=1
+ while json_get_type Status ${index} && [ "${Status}" = "object" ]
+ do
+ json_get_values client ${index}
+ printf " + %-9s::: %s\n" ${client}
+ index=$((index + 1))
+ done
+ fi
+ json_select ".."
+ if json_get_type Status "top_domains" && [ "${Status}" = "array" ]
+ then
+ printf "%s\n%s\n" ":::" "::: Top 10 Domains"
+ json_select "top_domains"
+ index=1
+ while json_get_type Status ${index} && [ "${Status}" = "object" ]
+ do
+ json_get_values domain ${index}
+ printf " + %-9s::: %s\n" ${domain}
+ index=$((index + 1))
+ done
+ fi
+ json_select ".."
+ if json_get_type Status "top_blocked" && [ "${Status}" = "array" ]
+ then
+ printf "%s\n%s\n" ":::" "::: Top 10 Blocked Domains"
+ json_select "top_blocked"
+ index=1
+ while json_get_type Status ${index} && [ "${Status}" = "object" ]
+ do
+ json_get_values blocked ${index}
+ printf " + %-9s::: %s\n" ${blocked}
+ index=$((index + 1))
+ done
+ fi
+ else
+ printf "%s\n" "::: no reporting data available yet"
+ fi
+ fi
+ fi
+ f_log "debug" "f_report ::: action: ${adb_action}, report: ${adb_report}, print: ${print}, reputil: ${adb_reputil}, repdir: ${adb_repdir}, repiface: ${adb_repiface}, replisten: ${adb_replisten}, repchunksize: ${adb_repchunksize}, repchunkcnt: ${adb_repchunkcnt}, bg_pid: ${bg_pid}"
+}
+
# source required system libraries
#
if [ -r "/lib/functions.sh" ] && [ -r "/usr/share/libubox/jshn.sh" ]
f_log "err" "system libraries not found"
fi
-# initialize json runtime file
-#
-json_load_file "${adb_rtfile}" >/dev/null 2>&1
-json_select data >/dev/null 2>&1
-if [ ${?} -ne 0 ]
-then
- > "${adb_rtfile}"
- json_init
- json_add_object "data"
-fi
-
# handle different adblock actions
#
f_envload
case "${adb_action}" in
stop)
+ f_report false
f_rmdns
;;
restart)
+ f_report false
f_rmdns
f_envcheck
f_main
resume)
f_switch resume
;;
+ report)
+ f_report "${2}"
+ ;;
query)
f_query "${2}"
;;
start|reload)
+ f_report false
f_envcheck
f_main
;;
PKG_NAME:=aria2
PKG_VERSION:=1.34.0
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://github.com/aria2/aria2/releases/download/release-$(PKG_VERSION)/
if [ -n "$user" ]; then
if ( user_exists "$user" && _change_owner "$user" "$config_dir" "$log" ); then
- _info "Aria2 will run with uer '${user}'."
+ _info "Aria2 will run with user '${user}'."
if [ "$user" != "root" ]; then
- _info "Please make sure user '${user}' has write access to downlod dir: ${dir}"
+ _info "Please make sure user '${user}' has write access to download dir: ${dir}"
fi
else
_info "Set run user to '${user}' failed, default user will be used."
--- /dev/null
+From 0cfd523a6d0ea16d8b7c94160216838d53c30da6 Mon Sep 17 00:00:00 2001
+From: Rosen Penev <rosenp@gmail.com>
+Date: Sat, 8 Dec 2018 18:39:50 -0800
+Subject: [PATCH] Platform: Fix compilation without deprecated OpenSSL APIs
+
+---
+ src/Platform.cc | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/Platform.cc b/src/Platform.cc
+index ea73b6c6..0af62d18 100644
+--- a/src/Platform.cc
++++ b/src/Platform.cc
+@@ -111,11 +111,13 @@ bool Platform::setUp()
+ #endif // ENABLE_NLS
+
+ #ifdef HAVE_OPENSSL
++#if !OPENSSL_101_API
+ // for SSL initialization
+ SSL_load_error_strings();
+ SSL_library_init();
+ // Need this to "decrypt" p12 files.
+ OpenSSL_add_all_algorithms();
++#endif // !OPENSSL_101_API
+ #endif // HAVE_OPENSSL
+ #ifdef HAVE_LIBGCRYPT
+ if (!gcry_check_version("1.2.4")) {
+--
+2.20.0
+
include $(TOPDIR)/rules.mk
PKG_NAME:=banip
-PKG_VERSION:=0.0.6
+PKG_VERSION:=0.0.7
PKG_RELEASE:=1
PKG_LICENSE:=GPL-3.0+
PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>
#
LC_ALL=C
PATH="/usr/sbin:/usr/bin:/sbin:/bin"
-ban_ver="0.0.6"
+ban_ver="0.0.7"
ban_sysver="unknown"
ban_enabled=0
ban_automatic="1"
for iface in ${ban_iface}
do
- network_get_physdev tmp "${iface}"
+ network_get_device tmp "${iface}"
if [ -n "${tmp}" ]
then
ban_dev="${ban_dev} ${tmp}"
+ else
+ network_get_physdev tmp "${iface}"
+ if [ -n "${tmp}" ]
+ then
+ ban_dev="${ban_dev} ${tmp}"
+ fi
fi
network_get_subnets tmp "${iface}"
if [ -n "${tmp}" ]
PKG_NAME:=chaosvpn
PKG_VERSION:=2.19
-PKG_RELEASE=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/ryd/chaosvpn/tar.gz/v$(PKG_VERSION)?
--- /dev/null
+--- a/crypto.c
++++ b/crypto.c
+@@ -14,6 +14,12 @@
+ #include <openssl/pem.h>
+ #include <openssl/ssl.h>
+
++#ifndef OPENSSL_VERSION
++#define OPENSSL_VERSION SSLEAY_VERSION
++#define OpenSSL_version(x) SSLeay_version(x)
++#define OpenSSL_version_num SSLeay
++#endif
++
+ /*
+
+ This checks data in a struct string against a signature in a second
+@@ -250,14 +256,18 @@ bail_out:
+ void
+ crypto_init(void)
+ {
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ /* Just load the crypto library error strings, not SSL */
+ ERR_load_crypto_strings();
++#endif
+ }
+
+ void
+ crypto_finish(void)
+ {
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ ERR_free_strings();
++#endif
+ }
+
+ void
+@@ -268,10 +278,10 @@ crypto_warn_openssl_version_changed(void)
+ * OpenSSL library used.
+ * Output a warning if not.
+ */
+- if (SSLeay() != OPENSSL_VERSION_NUMBER) {
++ if (OpenSSL_version_num() != OPENSSL_VERSION_NUMBER) {
+ log_info("Note: compiled using OpenSSL version '%s' headers, but linked to "
+ "OpenSSL version '%s' library",
+ OPENSSL_VERSION_TEXT,
+- SSLeay_version(SSLEAY_VERSION));
++ OpenSSL_version(OPENSSL_VERSION));
+ }
+ }
PKG_NAME:=clamav
PKG_VERSION:=0.101.0
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_LICENSE:=GPL-2.0
PKG_MAINTAINER:=Marko Ratkaj <marko.ratkaj@sartura.hr> \
define Package/clamav/Default
SECTION:=net
- DEPENDS:=+libpthread +uclibcxx +zlib +libcurl +libjson-c +libmilter-sendmail +libopenssl +libltdl +libpcre2 +USE_MUSL:musl-fts
+ DEPENDS:=$(CXX_DEPENDS) +libpthread +zlib +libcurl +libjson-c +libmilter-sendmail +libopenssl +libltdl +libpcre2 +USE_MUSL:musl-fts
CATEGORY:=Network
SUBMENU:=Web Servers/Proxies
TITLE:=ClamAV
PKG_MAINTAINER:=Mislav Novakovic <mislav.novakovic@sartura.hr>
PKG_NAME:=go-ethereum
-PKG_VERSION:=1.8.18
+PKG_VERSION:=1.8.20
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/ethereum/go-ethereum/tar.gz/v${PKG_VERSION}?
-PKG_HASH:=cbab18a733298830c9ed1e19c1ece37edf417fd55ec8f198803048ecc3ffa0b9
+PKG_HASH:=7299f72a1d35a2653075a2070babf78f98f6eb3f41da43293304737ac0156658
PKG_BUILD_DEPENDS:=golang/host
PKG_BUILD_PARALLEL:=1
include $(TOPDIR)/rules.mk
PKG_NAME:=git
-PKG_VERSION:=2.20.0
+PKG_VERSION:=2.20.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@KERNEL/software/scm/git/
-PKG_HASH:=bc94735073e14b138a1290cc99af3c379d544f514c43f8ebde988fc50d0ad81f
+PKG_HASH:=9d2e91e2faa2ea61ba0a70201d023b36f54d846314591a002c610ea2ab81c3e9
PKG_INSTALL:=1
PKG_FIXUP:=autoreconf
include $(TOPDIR)/rules.mk
PKG_NAME:=gitolite
-PKG_VERSION:=3.6.8
+PKG_VERSION:=3.6.10
PKG_RELEASE:=1
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE:=$(PKG_NAME)-v$(PKG_VERSION).tar.xz
-PKG_MIRROR_HASH:=652d3b3f8ed93b8ef56153337465cc7260974e5cd2653e949da1bb97a8421ea0
-
-PKG_SOURCE_URL:=https://github.com/sitaramc/gitolite.git
-PKG_SOURCE_VERSION:=e126e97a4d5575821f89ae80dac402b017db94aa
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_HASH:=0ae3bea637b25cff13826e5ecd181c7b74a6eff377cf4c2243d85c2b0a290d3f
+PKG_SOURCE_URL:=https://codeload.github.com/sitaramc/gitolite/tar.gz/v$(PKG_VERSION)?
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_SOURCE_SUBDIR)
SUBMENU:=Version Control Systems
DEPENDS:=+perlbase-essential +perlbase-sys +perlbase-data +perlbase-digest +perlbase-env +perlbase-time +git +perlbase-findbin +perlbase-storable +perlbase-text +perlbase-getopt +perlbase-utf8 +openssh-keygen +openssh-server +openssh-moduli perl
TITLE:=Easy administration of git repositories
- URL:=http://gitolite.com/gitlolite
+ URL:=http://gitolite.com/gitolite
MAINTAINER:=Daniel Dickinson <cshored@thecshore.com>
USERID:=git=382:git=382
endef
include $(TOPDIR)/rules.mk
PKG_NAME:=haproxy
-PKG_VERSION:=1.8.15
+PKG_VERSION:=1.8.16
PKG_RELEASE:=1
PKG_SOURCE:=haproxy-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.haproxy.org/download/1.8/src/
-PKG_HASH:=7113862f1146d7de8b8e64f45826ab3533c7f7f7b7767e24c08f7c762202a032
+PKG_HASH:=5401e4ad243d9e403621e389ec3605d8d43241affe0b72f0b15c0db8a7a3653f
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
PKG_LICENSE:=GPL-2.0
#!/bin/bash
CLONEURL=http://git.haproxy.org/git/haproxy-1.8.git
-BASE_TAG=v1.8.15
+BASE_TAG=v1.8.16
TMP_REPODIR=tmprepo
PATCHESDIR=patches
-diff --git a/src/ssl_sock.c b/src/ssl_sock.c
-index cfbc38b..025a144 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -39,6 +39,7 @@
#include <openssl/crypto.h>
#include <openssl/ssl.h>
#include <openssl/x509.h>
-@@ -229,6 +230,7 @@ unsigned long ssl_id_function(void)
+@@ -60,6 +61,17 @@
+ #include <openssl/async.h>
+ #endif
- void ssl_locking_function(int mode, int n, const char * file, int line)
- {
++#ifndef OPENSSL_VERSION
++#define OPENSSL_VERSION SSLEAY_VERSION
++#define OpenSSL_version(x) SSLeay_version(x)
++#define OpenSSL_version_num SSLeay
++#endif
++
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- if (mode & CRYPTO_LOCK) {
- if (mode & CRYPTO_READ)
- HA_RWLOCK_RDLOCK(SSL_LOCK, &ssl_rwlocks[n]);
-@@ -241,10 +243,12 @@ void ssl_locking_function(int mode, int n, const char * file, int line)
- else
- HA_RWLOCK_WRUNLOCK(SSL_LOCK, &ssl_rwlocks[n]);
- }
++#define X509_getm_notBefore X509_get_notBefore
++#define X509_getm_notAfter X509_get_notAfter
+#endif
- }
++
+ #include <import/lru.h>
+ #include <import/xxhash.h>
- static int ssl_locking_init(void)
- {
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- int i;
+@@ -217,7 +229,7 @@ static struct {
+ .capture_cipherlist = 0,
+ };
- ssl_rwlocks = malloc(sizeof(HA_RWLOCK_T)*CRYPTO_num_locks());
-@@ -256,7 +260,7 @@ static int ssl_locking_init(void)
+-#ifdef USE_THREAD
++#if defined(USE_THREAD) && (OPENSSL_VERSION_NUMBER < 0x10100000L)
- CRYPTO_set_id_callback(ssl_id_function);
- CRYPTO_set_locking_callback(ssl_locking_function);
--
-+#endif
- return 0;
- }
+ static HA_RWLOCK_T *ssl_rwlocks;
-@@ -1711,8 +1715,13 @@ ssl_sock_do_create_cert(const char *servername, struct bind_conf *bind_conf, SSL
+@@ -1711,8 +1723,8 @@ ssl_sock_do_create_cert(const char *servername, struct bind_conf *bind_conf, SSL
ASN1_INTEGER_set(X509_get_serialNumber(newcrt), HA_ATOMIC_ADD(&ssl_ctx_serial, 1));
/* Set duration for the certificate */
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- if (!X509_gmtime_adj(X509_get_notBefore(newcrt), (long)-60*60*24) ||
- !X509_gmtime_adj(X509_get_notAfter(newcrt),(long)60*60*24*365))
-+#else
+- if (!X509_gmtime_adj(X509_get_notBefore(newcrt), (long)-60*60*24) ||
+- !X509_gmtime_adj(X509_get_notAfter(newcrt),(long)60*60*24*365))
+ if (!X509_gmtime_adj(X509_getm_notBefore(newcrt), (long)-60*60*24) ||
+ !X509_gmtime_adj(X509_getm_notAfter(newcrt),(long)60*60*24*365))
-+#endif
goto mkcert_error;
/* set public key in the certificate */
-@@ -6285,7 +6294,11 @@ smp_fetch_ssl_x_notafter(const struct arg *args, struct sample *smp, const char
+@@ -6285,7 +6297,7 @@ smp_fetch_ssl_x_notafter(const struct arg *args, struct sample *smp, const char
goto out;
smp_trash = get_trash_chunk();
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- if (ssl_sock_get_time(X509_get_notAfter(crt), smp_trash) <= 0)
-+#else
+- if (ssl_sock_get_time(X509_get_notAfter(crt), smp_trash) <= 0)
+ if (ssl_sock_get_time(X509_getm_notAfter(crt), smp_trash) <= 0)
-+#endif
goto out;
smp->data.u.str = *smp_trash;
-@@ -6385,7 +6398,11 @@ smp_fetch_ssl_x_notbefore(const struct arg *args, struct sample *smp, const char
+@@ -6385,7 +6397,7 @@ smp_fetch_ssl_x_notbefore(const struct arg *args, struct sample *smp, const char
goto out;
smp_trash = get_trash_chunk();
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- if (ssl_sock_get_time(X509_get_notBefore(crt), smp_trash) <= 0)
-+#else
+- if (ssl_sock_get_time(X509_get_notBefore(crt), smp_trash) <= 0)
+ if (ssl_sock_get_time(X509_getm_notBefore(crt), smp_trash) <= 0)
-+#endif
goto out;
smp->data.u.str = *smp_trash;
-@@ -8935,7 +8952,11 @@ static void __ssl_sock_init(void)
+@@ -8935,10 +8947,12 @@ static void __ssl_sock_init(void)
#endif
xprt_register(XPRT_SSL, &ssl_sock);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
SSL_library_init();
-+#else
-+ OPENSSL_init_ssl(0, NULL);
+#endif
cm = SSL_COMP_get_compression_methods();
sk_SSL_COMP_zero(cm);
- #ifdef USE_THREAD
-@@ -8967,8 +8988,13 @@ static void __ssl_sock_init(void)
+-#ifdef USE_THREAD
++#if defined(USE_THREAD) && (OPENSSL_VERSION_NUMBER < 0x10100000L)
+ ssl_locking_init();
+ #endif
+ #if (OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL && !defined LIBRESSL_VERSION_NUMBER)
+@@ -8967,8 +8981,8 @@ static void __ssl_sock_init(void)
#else /* OPENSSL_IS_BORINGSSL */
OPENSSL_VERSION_TEXT
"\nRunning on OpenSSL version : %s%s",
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- SSLeay_version(SSLEAY_VERSION),
- ((OPENSSL_VERSION_NUMBER ^ SSLeay()) >> 8) ? " (VERSIONS DIFFER!)" : "");
-+#else
+- SSLeay_version(SSLEAY_VERSION),
+- ((OPENSSL_VERSION_NUMBER ^ SSLeay()) >> 8) ? " (VERSIONS DIFFER!)" : "");
+ OpenSSL_version(OPENSSL_VERSION),
+ ((OPENSSL_VERSION_NUMBER ^ OpenSSL_version_num()) >> 8) ? " (VERSIONS DIFFER!)" : "");
-+#endif
#endif
memprintf(&ptr, "%s\nOpenSSL library supports TLS extensions : "
#if OPENSSL_VERSION_NUMBER < 0x00907000L
-@@ -9060,11 +9086,14 @@ static void __ssl_sock_deinit(void)
+@@ -9059,12 +9073,14 @@ static void __ssl_sock_deinit(void)
+ }
#endif
- ERR_remove_state(0);
-+
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ ERR_remove_state(0);
ERR_free_strings();
EVP_cleanup();
include $(TOPDIR)/rules.mk
PKG_NAME:=mDNSResponder
-PKG_VERSION:=878.70.2
+PKG_VERSION:=878.200.35
PKG_RELEASE:=1
PKG_SOURCE:=mDNSResponder-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=http://opensource.apple.com/tarballs/mDNSResponder/
-PKG_HASH:=cdd03171ca05f16ea987bba1f8b0c4847d3035283ea0f5fa0ade75f64ec83ed5
+PKG_SOURCE_URL:=https://opensource.apple.com/tarballs/mDNSResponder/
+PKG_HASH:=e777b4d7dbf5eb1552cb80090ad1ede319067ab6e45e3990d68aabf6e8b3f5a0
PKG_MAINTAINER:=
PKG_LICENSE:=Apache-2.0
/* Converts a prefix length to IPv6 network mask */
void plen_to_mask(int plen, char *addr) {
-@@ -86,7 +87,7 @@ struct ifi_info *get_ifi_info_linuxv6(int family, int doaliases)
- FILE *fp = NULL;
- char addr[8][5];
- int flags, myflags, index, plen, scope;
-- char ifname[9], lastname[IFNAMSIZ];
-+ char ifname[IFNAMSIZ], lastname[IFNAMSIZ];
- char addr6[32+7+1]; /* don't forget the seven ':' */
- struct addrinfo hints, *res0;
- int err;
-@@ -92,7 +93,8 @@ struct ifi_info *get_ifi_info_linuxv6(int family, int doaliases)
- int err;
- int sockfd = -1;
- struct ifreq ifr;
--
-+ char mask[64] = "%4s%4s%4s%4s%4s%4s%4s%4s %02x %02x %02x %02x %";
-+ sprintf(mask+strlen(mask), "%ds\n", IFNAMSIZ);
- res0=NULL;
- ifihead = NULL;
- ifipnext = &ifihead;
-@@ -104,11 +106,12 @@ struct ifi_info *get_ifi_info_linuxv6(int family, int doaliases)
- goto gotError;
- }
- while (fscanf(fp,
-- "%4s%4s%4s%4s%4s%4s%4s%4s %02x %02x %02x %02x %8s\n",
-+ mask,
- addr[0],addr[1],addr[2],addr[3],
- addr[4],addr[5],addr[6],addr[7],
- &index, &plen, &scope, &flags, ifname) != EOF) {
+@@ -127,6 +128,8 @@
+ nitems = fscanf(fp, ifnameFmt, ifname);
+ if (nitems != 1) break;
+ if (flags & IFA_F_DEPRECATED) continue;
- myflags = 0;
- if (strncmp(lastname, ifname, IFNAMSIZ) == 0) {
++
+ if (strcmp(lastname, ifname) == 0) {
if (doaliases == 0)
+ continue; /* already processed this interface */
diff --git a/mDNSShared/dnsextd_parser.y b/mDNSShared/dnsextd_parser.y
index 18c5990..d4b63ce 100644
--- a/mDNSShared/dnsextd_parser.y
--- a/Clients/dns-sd.c
+++ b/Clients/dns-sd.c
-@@ -2288,7 +2288,7 @@ Fail:
+@@ -2281,7 +2281,7 @@ Fail:
// NOT static -- otherwise the compiler may optimize it out
// The "@(#) " pattern is a special prefix the "what" command looks for
// NOT static -- otherwise the compiler may optimize it out
// The "@(#) " pattern is a special prefix the "what" command looks for
--const char VersionString_SCCS_libdnssd[] = "@(#) libdns_sd " STRINGIFY(mDNSResponderVersion) " (" __DATE__ " " __TIME__ ")";
-+const char VersionString_SCCS_libdnssd[] = "@(#) libdns_sd " STRINGIFY(mDNSResponderVersion);
+-const char VersionString_SCCS_libdnssd[] DNSSD_USED = "@(#) libdns_sd " STRINGIFY(mDNSResponderVersion) " (" __DATE__ " " __TIME__ ")";
++const char VersionString_SCCS_libdnssd[] DNSSD_USED = "@(#) libdns_sd " STRINGIFY(mDNSResponderVersion);
include $(TOPDIR)/rules.mk
PKG_NAME:=mosquitto
-PKG_VERSION:=1.5.4
-PKG_RELEASE:=3
+PKG_VERSION:=1.5.5
+PKG_RELEASE:=1
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=LICENSE.txt
PKG_CPE_ID:=cpe:/a:eclipse:mosquitto
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://mosquitto.org/files/source/
-PKG_HASH:=5fd7f3454fd6d286645d032bc07f44a1c8583cec02ef2422c9eb32e0a89a9b2f
+PKG_HASH:=fcdb47e340864c545146681af7253399cc292e41775afd76400fda5b0d23d668
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
include $(INCLUDE_DIR)/package.mk
include $(TOPDIR)/rules.mk
PKG_NAME:=mwan3
-PKG_VERSION:=2.7.6
+PKG_VERSION:=2.7.8
PKG_RELEASE:=1
PKG_MAINTAINER:=Florian Eckert <fe@dev.tdt.de>
PKG_LICENSE:=GPLv2
echo "Too many arguments. Usage: mwan3 ifup <interface>" && exit 0
fi
- config_get_bool enabled globals 'enabled' 0
- [ ${enabled} -gt 0 ] || {
- echo "Warning: mwan3 is global disabled. Usage: /etc/init.d/mwan3 start"
- exit 0
- }
-
status=$(ubus -S call network.interface.$1 status)
[ -n "$status" ] && {
json_load $status
config_get enabled "$1" enabled 0
-
if [ "$up" = "1" ] \
&& [ -n "$l3_device" ] \
&& [ "$enabled" = "1" ]; then
start()
{
- local enabled src_ip local_source
+ local enabled
uci_toggle_state mwan3 globals enabled "1"
- config_get local_source globals local_source 'none'
- [ "${local_source}" = "none" ] || {
- src_ip=$(uci_get_state mwan3 globals src_ip)
- [ "${src_ip}" != "" ] && {
- ip route del default via "${src_ip}" dev lo 1>/dev/null 2>&1
- ip addr del "${src_ip}/32" dev lo 1>/dev/null 2>&1
- }
-
- network_get_ipaddr src_ip "${local_source}"
- if [ "${src_ip}" = "" ]; then
- $LOG warn "Unable to set source ip for own initiated traffic (${local_source})"
- else
- ip addr add "${src_ip}/32" dev lo
- ip route add default via "${src_ip}" dev lo
- uci_toggle_state mwan3 globals src_ip "${src_ip}"
- fi
- }
-
config_foreach ifup interface
}
stop()
{
- local ipset route rule table IP IPT pid src_ip
+ local ipset route rule table IP IPT pid
for pid in $(pgrep -f "mwan3rtmon"); do
kill -TERM "$pid" > /dev/null 2>&1
mwan3_lock_clean
rm -rf $MWAN3_STATUS_DIR $MWAN3TRACK_STATUS_DIR
- src_ip=$(uci_get_state mwan3 globals src_ip)
- [ "${src_ip}" = "" ] || {
- ip route del default via "${src_ip}" dev lo 1>/dev/null 2>&1
- ip addr del "${src_ip}/32" dev lo 1>/dev/null 2>&1
- }
-
uci_toggle_state mwan3 globals enabled "0"
}
return 1
}
;;
+ nping-*)
+ which nping 1>/dev/null 2>&1 || {
+ $LOG warn "Missing nping. Please install nping package."
+ return 1
+ }
+ ;;
*)
$LOG warn "Unsupported tracking method: $track_method"
return 2
httping -y $SRC_IP -c $count -t $timeout -q $track_ip &> /dev/null
result=$?
;;
+ nping-tcp)
+ result=$(nping -e $DEVICE -c $count $track_ip --tcp | grep Lost | awk '{print $12}')
+ ;;
+ nping-udp)
+ result=$(nping -e $DEVICE -c $count $track_ip --udp | grep Lost | awk '{print $12}')
+ ;;
+ nping-icmp)
+ result=$(nping -e $DEVICE -c $count $track_ip --icmp | grep Lost | awk '{print $12}')
+ ;;
+ nping-arp)
+ result=$(nping -e $DEVICE -c $count $track_ip --arp | grep Lost | awk '{print $12}')
+ ;;
esac
if [ $check_quality -eq 0 ]; then
if [ $result -eq 0 ]; then
Add support for NGINX request streaming.
default n
+config NGINX_STREAM_SSL_MODULE
+ bool
+ prompt "Enable stream support with SSL/TLS termination"
+ depends on NGINX_STREAM_CORE_MODULE
+ help
+ Add support for NGINX request streaming with SSL/TLS termination.
+ default n
+
+config NGINX_STREAM_SSL_PREREAD_MODULE
+ bool
+ prompt "Enable stream support with SSL/TLS pre-read"
+ depends on NGINX_STREAM_CORE_MODULE
+ help
+ Add support for NGINX request streaming using information from the ClientHello message without terminating SSL/TLS.
+ default n
+
config NGINX_RTMP_MODULE
bool
prompt "Enable RTMP module"
Add support for NGINX request streaming.
default n
+config NGINX_STREAM_SSL_MODULE
+ bool
+ prompt "Enable stream support with SSL/TLS termination"
+ depends on NGINX_STREAM_CORE_MODULE
+ help
+ Add support for NGINX request streaming with SSL/TLS termination.
+ default n
+
+config NGINX_STREAM_SSL_PREREAD_MODULE
+ bool
+ prompt "Enable stream support with SSL/TLS pre-read"
+ depends on NGINX_STREAM_CORE_MODULE
+ help
+ Add support for NGINX request streaming using information from the ClientHello message without terminating SSL/TLS.
+ default n
+
config NGINX_RTMP_MODULE
bool
prompt "Enable RTMP module"
PKG_NAME:=nginx
PKG_VERSION:=1.15.7
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=nginx-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://nginx.org/download/
CONFIG_NGINX_HTTP_BROTLI \
CONFIG_NGINX_HEADERS_MORE \
CONFIG_NGINX_STREAM_CORE_MODULE \
+ CONFIG_NGINX_STREAM_SSL_MODULE \
+ CONFIG_NGINX_STREAM_SSL_PREREAD_MODULE \
CONFIG_NGINX_RTMP_MODULE \
CONFIG_NGINX_TS_MODULE \
ifeq ($(CONFIG_NGINX_STREAM_CORE_MODULE),y)
ADDITIONAL_MODULES += --with-stream
endif
+ ifeq ($(CONFIG_NGINX_STREAM_SSL_MODULE),y)
+ ADDITIONAL_MODULES += --with-stream_ssl_module
+ endif
+ ifeq ($(CONFIG_NGINX_STREAM_SSL_PREREAD_MODULE),y)
+ ADDITIONAL_MODULES += --with-stream_ssl_preread_module
+ endif
ifeq ($(CONFIG_NGINX_HEADERS_MORE),y)
ADDITIONAL_MODULES += --add-module=$(PKG_BUILD_DIR)/nginx-headers-more
endif
--with-http_dav_module --add-module=$(PKG_BUILD_DIR)/nginx-dav-ext-module \
--with-http_auth_request_module --with-http_v2_module --with-http_realip_module \
--with-http_secure_link_module --with-http_sub_module --add-module=$(PKG_BUILD_DIR)/nginx-headers-more \
- --with-stream \
+ --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module \
--add-module=$(PKG_BUILD_DIR)/nginx-brotli --add-module=$(PKG_BUILD_DIR)/nginx-rtmp \
--add-module=$(PKG_BUILD_DIR)/nginx-ts
config_files += koi-utf koi-win win-utf fastcgi_params
PKG_NAME:=nut
PKG_VERSION:=2.7.4
-PKG_RELEASE:=12
+PKG_RELEASE:=13
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://www.networkupstools.org/source/2.7/
echo "[$cfg]" >>"$UPS_C"
- get_write_driver_config "$cfg" driver "usbhid-ups"
- get_write_driver_config "$cfg" port "auto"
- get_write_driver_config "$cfg" sdorder
+ get_write_driver_config "$cfg" bus
+ get_write_driver_config "$cfg" community
get_write_driver_config "$cfg" desc
- get_write_driver_config "$cfg" nolock 0 1
+ get_write_driver_config "$cfg" driver "usbhid-ups"
get_write_driver_config "$cfg" ignorelb 0 1
+ get_write_driver_config "$cfg" interruptonly 0 1
+ get_write_driver_config "$cfg" interruptsize
+ get_write_driver_config "$cfg" maxreport
+ get_write_driver_config "$cfg" maxstartdelay
get_write_driver_config "$cfg" mfr
get_write_driver_config "$cfg" model
- get_write_driver_config "$cfg" serial
- get_write_driver_config "$cfg" sdtime
+ get_write_driver_config "$cfg" nolock 0 1
+ get_write_driver_config "$cfg" notransferoids 0 1
get_write_driver_config "$cfg" offdelay
get_write_driver_config "$cfg" ondelay
get_write_driver_config "$cfg" pollfreq
- get_write_driver_config "$cfg" vendor
+ get_write_driver_config "$cfg" port "auto"
get_write_driver_config "$cfg" product
- get_write_driver_config "$cfg" bus
- get_write_driver_config "$cfg" interruptonly 0 1
- get_write_driver_config "$cfg" interruptsize
- get_write_driver_config "$cfg" maxreport
- get_write_driver_config "$cfg" vendorid
get_write_driver_config "$cfg" productid
- get_write_driver_config "$cfg" community
+ get_write_driver_config "$cfg" retrydelay
+ get_write_driver_config "$cfg" sdorder
+ get_write_driver_config "$cfg" sdtime
+ get_write_driver_config "$cfg" serial
get_write_driver_config "$cfg" snmp_version
get_write_driver_config "$cfg" snmp_retries
get_write_driver_config "$cfg" snmp_timeout
- get_write_driver_config "$cfg" notransferoids 0 1
- get_write_driver_config "$cfg" maxstartdelay
- get_write_driver_config "$cfg" retrydelay
get_write_driver_config "$cfg" synchronous
- get_write_driver_config "$cfg" other
- get_write_driver_config "$cfg" otherflag
+ get_write_driver_config "$cfg" vendor
+ get_write_driver_config "$cfg" vendorid
defoverride() {
local overvar="$1"
local othervarflag="$2"
if [ "$othervarflag" = "otherflag" ]; then
- config_get_bool otherval "${othervarflag}_${overtype}" value
- [ "$otherval" = "1" ] && echo "${othervarflag}_${othervar}" >>"$UPS_C"
+ config_get_bool otherval "${othervarflag}_${othervar}" value
+ [ "$otherval" = "1" ] && echo "${othervar}" >>"$UPS_C"
else
- config_get otherval "${othervarflag}_${overtype}" value
- [ -n "$otherval" ] && echo "${othervarflag}_${othervar} = $otherval" >>"$UPS_C"
+ config_get otherval "${othervarflag}_${othervar}" value
+ [ -n "$otherval" ] && echo "${othervar} = $otherval" >>"$UPS_C"
fi
}
- config_list_foreach "$cfg" override defoverride override
- config_list_foreach "$cfg" default defoverride default
- config_list_foreach "$cfg" default other other
- config_list_foreach "$cfg" default other otherflag
+ config_list_foreach "$cfg" other other
+ config_list_foreach "$cfg" other otherflag
echo "" >>$UPS_C
havedriver=1
}
}
build_config() {
- local RUNAS=nut
local STATEPATH=/var/run/nut
mkdir -m 0755 -p "$(dirname "$UPS_C")"
}
start_server_instance() {
- local RUNAS
+ local RUNAS=nut
build_config
[ "$haveserver" != 1 ] && return
+#config driver_global 'driver_global'
+# option user nut
+
#config driver 'upsname'
# option driver usbhid-ups
# option port auto
-# option other other-value
-# option runas root
#config user
# option username upsuser
include $(TOPDIR)/rules.mk
PKG_NAME:=samba
-PKG_VERSION:=4.9.2
+PKG_VERSION:=4.9.4
PKG_RELEASE:=1
PKG_MAINTAINER:=Andy Walsh <andy.walsh44+github@gmail.com>
PKG_SOURCE_URL:=https://download.samba.org/pub/samba/stable/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_HASH:=349c17b7bf1bf667167843470533da89ff1b2ca4a768b529aaacf5197af1efa2
+PKG_HASH:=6d98a8d8bcccbe788e4bbb406362e6676311aca711a3f3cc9b3a404bb9ff0b4f
# Buildroot bug? Can't add target deps via '+SAMBA4_SERVER_AD_DC:python-crypto' (as work-around we select via config.in)
PKG_BUILD_DEPENDS:=SAMBA4_SERVER_AD_DC:python-crypto nfs-kernel-server/host
PKG_NAME:=shorewall-core
PKG_MAJOR_MINOR_VERSION:=5.2
PKG_BUGFIX_MAJOR_VERSION:=1
-PKG_BUGFIX_MINOR_VERSION:=.2
+PKG_BUGFIX_MINOR_VERSION:=.4
PKG_VERSION:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION)$(PKG_BUGFIX_MINOR_VERSION)
PKG_DIRECTORY:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION)
PKG_RELEASE:=1
http://shorewall.de/pub/shorewall/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/ \
http://www.shorewall.com.au/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_HASH:=f84852b86c82487f270172f2d00d13b83255dc05eee9be1e8b76fe7b600021b5
+PKG_HASH:=48195c9e4f9ecd75014a36219e4c7b8c15bff36d149284bc6ac29696b475971d
PKG_MAINTAINER:=Willem van den Akker <wvdakker@wilsoft.nl>
PKG_LICENSE:=GPL-2.0+
PKG_NAME:=shorewall-lite
PKG_MAJOR_MINOR_VERSION:=5.2
PKG_BUGFIX_MAJOR_VERSION:=1
-PKG_BUGFIX_MINOR_VERSION:=.2
+PKG_BUGFIX_MINOR_VERSION:=.4
PKG_VERSION:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION)$(PKG_BUGFIX_MINOR_VERSION)
PKG_DIRECTORY:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION)
PKG_RELEASE:=1
http://shorewall.de/pub/shorewall/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/ \
http://www.shorewall.com.au/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_HASH:=8c3ac19563847b30a064fc64f0fd8e64f61db03dc6b9ff28609876dce13af806
+PKG_HASH:=d322121f03a2d6c0845f46a3f1a7d98f9fb0660e6d65b30622154799682ec55f
PKG_MAINTAINER:=Willem van den Akker <wvdakker@wilsoft.nl>
PKG_LICENSE:=GPL-2.0+
PKG_NAME:=shorewall
PKG_MAJOR_MINOR_VERSION:=5.2
PKG_BUGFIX_MAJOR_VERSION:=1
-PKG_BUGFIX_MINOR_VERSION:=.2
+PKG_BUGFIX_MINOR_VERSION:=.4
PKG_VERSION:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION)$(PKG_BUGFIX_MINOR_VERSION)
PKG_DIRECTORY:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION)
PKG_RELEASE:=1
http://shorewall.de/pub/shorewall/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/ \
http://www.shorewall.com.au/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_HASH:=07a914270d169261deff6cc835a031ec187de2575c5476e3bd55224a4855fc64
+PKG_HASH:=420ba5a66b348990388131cdc3821f79d87f00fd1266c904a701b8a5823756e0
PKG_MAINTAINER:=Willem van den Akker <wvdakker@wilsoft.nl>
PKG_LICENSE:=GPL-2.0+
PKG_NAME:=shorewall6-lite
PKG_MAJOR_MINOR_VERSION:=5.2
PKG_BUGFIX_MAJOR_VERSION:=1
-PKG_BUGFIX_MINOR_VERSION:=.2
+PKG_BUGFIX_MINOR_VERSION:=.4
PKG_VERSION:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION)$(PKG_BUGFIX_MINOR_VERSION)
PKG_DIRECTORY:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION)
PKG_RELEASE:=1
http://shorewall.de/pub/shorewall/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/ \
http://www.shorewall.com.au/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_HASH:=859995c6cf86d5f865b842b130ce7bd0c3acfa9efdeedc8484287cab5c94cb03
+PKG_HASH:=6dad347b2202334b9da44b316a25273cdb28401623a6fd0c6bba9c7731e0a280
PKG_MAINTAINER:=Willem van den Akker <wvdakker@wilsoft.nl>
PKG_LICENSE:=GPL-2.0+
PKG_NAME:=shorewall6
PKG_MAJOR_MINOR_VERSION:=5.2
PKG_BUGFIX_MAJOR_VERSION:=1
-PKG_BUGFIX_MINOR_VERSION:=.2
+PKG_BUGFIX_MINOR_VERSION:=.4
PKG_VERSION:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION)$(PKG_BUGFIX_MINOR_VERSION)
PKG_DIRECTORY:=$(PKG_MAJOR_MINOR_VERSION).$(PKG_BUGFIX_MAJOR_VERSION)
PKG_RELEASE:=1
http://shorewall.de/pub/shorewall/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/ \
http://www.shorewall.com.au/$(PKG_MAJOR_MINOR_VERSION)/shorewall-$(PKG_DIRECTORY)/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_HASH:=4f6fc8e9a3494ee6b67ee47e327fccfb8e56b392ea9f7f65344d1b8adaa38018
+PKG_HASH:=eaf6b55c8e9801c89114371dbda37f635ad95cba35519b94b7536c1c7ecb53fa
PKG_MAINTAINER:=Willem van den Akker <wvdakker@wilsoft.nl>
PKG_LICENSE:=GPL-2.0+
PKG_NAME:=snort
PKG_VERSION:=2.9.11.1
-PKG_RELEASE:=6
+PKG_RELEASE:=7
PKG_LICENSE:=GPL-2.0
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org>
--- /dev/null
+--- a/configure.in
++++ b/configure.in
+@@ -67,6 +67,11 @@ case "$host" in
+ AC_DEFINE([SUNOS],[1],[Define if SunOS])
+ sunos4="yes"
+ ;;
++ *-openwrt*)
++ linux="yes"
++ AC_DEFINE([LINUX],[1],[Define if Linux])
++ AC_SUBST(extra_incl)
++ ;;
+ *-linux*)
+ linux="yes"
+ AC_DEFINE([LINUX],[1],[Define if Linux])
PKG_LICENSE_FILES:=COPYING
PKG_BUILD_DEPENDS:=softethervpn/host
+HOST_BUILD_DEPENDS:=readline/host
HAMCORE_SE2:=$(STAGING_DIR_HOST)/share/softethervpn/hamcore.se2
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/host-build.mk
-
-# Override CC to add fake libreadline to linker search path
-HOSTCC += -L./src/readline
-
-# Add defines to turn add_history() and readline() calls into no-ops
-HOSTCC += -D'add_history(x)' -D'readline(x)=\"\"'
-
# Execute in host build directory
HOST_MAKE_FLAGS += -C $(HOST_BUILD_DIR)
endef
define Host/Compile
- # Prepare fake readline headers and library
- mkdir -p $(HOST_BUILD_DIR)/src/readline
- touch $(HOST_BUILD_DIR)/src/readline/readline.h
- touch $(HOST_BUILD_DIR)/src/readline/history.h
- ar rcs $(HOST_BUILD_DIR)/src/readline/libreadline.a
-
# Build hamcorebuilder using host compiler and let it generate
# the hamcore.se2 archive file
- CC="$(HOSTCC)" $(MAKE) $(HOST_MAKE_FLAGS) \
+ # CFLAGS, CPPFLAGS & LDFLAGS need to be passed with CC because they are being ingored
+ CC="$(HOSTCC) $(HOST_CFLAGS) $(HOST_CPPFLAGS) $(HOST_LDFLAGS)" $(MAKE) $(HOST_MAKE_FLAGS) \
src/bin/BuiltHamcoreFiles/unix/hamcore.se2
endef
PKG_NAME:=subversion
PKG_RELEASE:=1
-PKG_VERSION:=1.10.2
+PKG_VERSION:=1.11.0
PKG_SOURCE_URL:=@APACHE/subversion
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_HASH:=5b35e3a858d948de9e8892bf494893c9f7886782f6abbe166c0487c19cf6ed88
+PKG_HASH:=87c44344b074ac2e9ed7ca9675fb1e5b197051c3deecfe5934e5f6aefbf83e56
PKG_LICENSE:=Apache-2.0
PKG_LICENSE_FILES:=LICENSE
PKG_MAINTAINER:=Val Kulkov <val.kulkov@gmail.com>
PKG_NAME:=tinc
PKG_VERSION:=1.0.35
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=http://www.tinc-vpn.org/packages
+PKG_SOURCE_URL:=https://www.tinc-vpn.org/packages
PKG_HASH:=18c83b147cc3e2133a7ac2543eeb014d52070de01c7474287d3ccecc9b16895e
+PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
--- /dev/null
+From 43e323f5fd61ddf2c2adc2a5c12455b6578c059a Mon Sep 17 00:00:00 2001
+From: Rosen Penev <rosenp@gmail.com>
+Date: Wed, 12 Dec 2018 13:40:37 -0800
+Subject: [PATCH 1/2] Fix compilation when OpenSSL has no ENGINE support
+
+This will be the case in OpenWrt soon.
+---
+ src/tincd.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/tincd.c b/src/tincd.c
+index 7b882c7a..bdac0c9d 100644
+--- a/src/tincd.c
++++ b/src/tincd.c
+@@ -37,7 +37,9 @@
+ #include <openssl/rsa.h>
+ #include <openssl/pem.h>
+ #include <openssl/evp.h>
++#ifndef OPENSSL_NO_ENGINE
+ #include <openssl/engine.h>
++#endif
+
+ #ifdef HAVE_LZO
+ #include LZO1X_H
+@@ -685,8 +687,10 @@ int main(int argc, char **argv) {
+
+ init_configuration(&config_tree);
+
++#ifndef OPENSSL_NO_ENGINE
+ ENGINE_load_builtin_engines();
+ ENGINE_register_all_complete();
++#endif
+
+ OpenSSL_add_all_algorithms();
+
+@@ -809,7 +813,9 @@ end:
+
+ EVP_cleanup();
+ ERR_free_strings();
++#ifndef OPENSSL_NO_ENGINE
+ ENGINE_cleanup();
++#endif
+
+ exit_configuration(&config_tree);
+ list_delete_list(cmdline_conf);
+--
+2.20.0
+
--- /dev/null
+From 5e0e401dc69b9c25e5f85de7484a70ea97862e16 Mon Sep 17 00:00:00 2001
+From: Rosen Penev <rosenp@gmail.com>
+Date: Wed, 12 Dec 2018 13:45:59 -0800
+Subject: [PATCH 2/2] Fix compilation without deprecated OpenSSL APIs
+
+This is an optional part of OpenWrt designed to save space.
+---
+ src/connection.c | 4 ++--
+ src/connection.h | 4 ++++
+ src/net_setup.c | 1 +
+ src/tincd.c | 5 +++++
+ 4 files changed, 12 insertions(+), 2 deletions(-)
+
+diff --git a/src/connection.c b/src/connection.c
+index 38b3ccfe..d137af12 100644
+--- a/src/connection.c
++++ b/src/connection.c
+@@ -96,13 +96,13 @@ void free_connection_partially(connection_t *c) {
+ c->outbudget = 0;
+
+ if(c->inctx) {
+- EVP_CIPHER_CTX_cleanup(c->inctx);
++ EVP_CIPHER_CTX_reset(c->inctx);
+ free(c->inctx);
+ c->inctx = NULL;
+ }
+
+ if(c->outctx) {
+- EVP_CIPHER_CTX_cleanup(c->outctx);
++ EVP_CIPHER_CTX_reset(c->outctx);
+ free(c->outctx);
+ c->outctx = NULL;
+ }
+diff --git a/src/connection.h b/src/connection.h
+index 629e16b9..4f554672 100644
+--- a/src/connection.h
++++ b/src/connection.h
+@@ -24,6 +24,10 @@
+ #include <openssl/rsa.h>
+ #include <openssl/evp.h>
+
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#define EVP_CIPHER_CTX_reset(c) EVP_CIPHER_CTX_cleanup(c)
++#endif
++
+ #include "avl_tree.h"
+
+ #define OPTION_INDIRECT 0x0001
+diff --git a/src/net_setup.c b/src/net_setup.c
+index cac7455d..f26007bd 100644
+--- a/src/net_setup.c
++++ b/src/net_setup.c
+@@ -27,6 +27,7 @@
+ #include <openssl/rand.h>
+ #include <openssl/err.h>
+ #include <openssl/evp.h>
++#include <openssl/bn.h>
+
+ #include "avl_tree.h"
+ #include "conf.h"
+diff --git a/src/tincd.c b/src/tincd.c
+index bdac0c9d..e8a60449 100644
+--- a/src/tincd.c
++++ b/src/tincd.c
+@@ -40,6 +40,7 @@
+ #ifndef OPENSSL_NO_ENGINE
+ #include <openssl/engine.h>
+ #endif
++#include <openssl/bn.h>
+
+ #ifdef HAVE_LZO
+ #include LZO1X_H
+@@ -692,7 +693,9 @@ int main(int argc, char **argv) {
+ ENGINE_register_all_complete();
+ #endif
+
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ OpenSSL_add_all_algorithms();
++#endif
+
+ if(generate_keys) {
+ read_server_config();
+@@ -811,10 +814,12 @@ end:
+
+ free(priority);
+
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ EVP_cleanup();
+ ERR_free_strings();
+ #ifndef OPENSSL_NO_ENGINE
+ ENGINE_cleanup();
++#endif
+ #endif
+
+ exit_configuration(&config_tree);
+--
+2.20.0
+
PKG_NAME:=unbound
PKG_VERSION:=1.8.3
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=LICENSE
--- /dev/null
+From 023411f97505c8c7e375112ad853b6a40ef848a6 Mon Sep 17 00:00:00 2001
+From: Wouter Wijngaards <wouter@nlnetlabs.nl>
+Date: Wed, 12 Dec 2018 16:03:05 +0000
+Subject: [PATCH] - Fix for crash in dns64 module if response is null.
+
+git-svn-id: file:///svn/unbound/trunk@5025 be551aaa-1e26-0410-a405-d3ace91eadb9
+---
+ dns64/dns64.c | 1 +
+ doc/Changelog | 3 +++
+ 2 files changed, 4 insertions(+)
+
+diff --git a/dns64/dns64.c b/dns64/dns64.c
+index 77e68900..f2834da2 100644
+--- a/dns64/dns64.c
++++ b/dns64/dns64.c
+@@ -628,6 +628,7 @@ handle_event_moddone(struct module_qstate* qstate, int id)
+
+ /* Store the response in cache. */
+ if ( (!iq || !iq->started_no_cache_store) &&
++ qstate->return_msg && qstate->return_msg->rep &&
+ !dns_cache_store(qstate->env, &qstate->qinfo, qstate->return_msg->rep,
+ 0, 0, 0, NULL, qstate->query_flags))
+ log_err("out of memory");
PKG_NAME:=xtables-addons
PKG_VERSION:=2.14
-PKG_RELEASE:=5
+PKG_RELEASE:=6
PKG_HASH:=d215a9a8b8e66aae04b982fa2e1228e8a71e7dfe42320df99e34e5000cbdf152
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
+#endif /* _IP_CONNTRACK_RTSP_H */
--- /dev/null
+++ b/extensions/rtsp/nf_nat_rtsp.c
-@@ -0,0 +1,634 @@
+@@ -0,0 +1,636 @@
+/*
+ * RTSP extension for TCP NAT alteration
+ * (C) 2003 by Tom Marshall <tmarshall at real.com>
+
+static void nf_nat_rtsp_expected(struct nf_conn* ct, struct nf_conntrack_expect *exp)
+{
-+#if LINUX_VERSION_CODE < KERNEL_VERSION(3,3,0) || LINUX_VERSION_CODE >= KERNEL_VERSION(3,7,0)
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,18,0)
++ struct nf_nat_range2 range;
++#elif LINUX_VERSION_CODE < KERNEL_VERSION(3,3,0) || LINUX_VERSION_CODE >= KERNEL_VERSION(3,7,0)
+ struct nf_nat_range range;
+#else
+ struct nf_nat_ipv4_range range;
PKG_NAME:=shairport-sync
PKG_VERSION:=3.2.2
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/mikebrady/shairport-sync/tar.gz/$(PKG_VERSION)?
PKG_BUILD_PARALLEL:=1
PKG_FIXUP:=autoreconf
+include $(INCLUDE_DIR)/uclibc++.mk
include $(INCLUDE_DIR)/package.mk
define Package/shairport-sync/default
SECTION:=sound
CATEGORY:=Sound
TITLE:=AirPlay compatible audio player
- DEPENDS:=@AUDIO_SUPPORT +libpthread +libstdcpp +alsa-lib +libconfig +libdaemon +libpopt
+ DEPENDS:=@AUDIO_SUPPORT $(CXX_DEPENDS) +libpthread +alsa-lib +libconfig +libdaemon +libpopt
PROVIDES:=shairport-sync
URL:=https://github.com/mikebrady/shairport-sync
endef
include $(TOPDIR)/rules.mk
PKG_NAME:=acpica-unix
-PKG_VERSION:=20180927
+PKG_VERSION:=20181213
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://acpica.org/sites/$(patsubst %-unix,%,$(PKG_NAME))/files/$(PKG_SOURCE_URL)
-PKG_HASH:=dc408d11889bcbedcfe9cc5b7ed23f65e857ca8fd5125f8c7a9e075e0b282db1
+PKG_HASH:=fc90006775c635ba86c5bbf08590ac98ab10e1f9eff6d8951385f57dd3a6f8ed
PKG_MAINTAINER:=Philip Prindeville <philipp@redfish-solutions.com>
PKG_LICENSE:=GPL-2.0
include $(TOPDIR)/rules.mk
PKG_NAME:=dbus
-PKG_VERSION:=1.12.10
+PKG_VERSION:=1.12.12
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://dbus.freedesktop.org/releases/dbus/
-PKG_HASH:=4b693d24976258c3f2fa9cc33ad9288c5fbfa7a16481dbd9a8a429f7aa8cdcf7
+PKG_HASH:=9546f226011a1e5d9d77245fe5549ef25af4694053189d624d0d6ac127ecf5f8
PKG_MAINTAINER:=
PKG_LICENSE:=AFL-2.1
PKG_NAME:=fish
PKG_VERSION:=2.7.1
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/fish-shell/fish-shell/tar.gz/$(PKG_VERSION)?
if [[ -e /bin/fish ]] && ([[ ! -L /bin/fish ]] || [[ "$(readlink -fn $${IPKG_INSTROOT}/bin/fish)" != "../$(CONFIGURE_PREFIX)/bin/fish" ]]); then
ln -fs "../$(CONFIGURE_PREFIX)/bin/fish" "$${IPKG_INSTROOT}/bin/fish"
fi
+ echo '#!/bin/sh' > /usr/bin/apropos
+ chmod +x /usr/bin/apropos
endef
define Package/fish/postrm
rm -rf "$${IPKG_INSTROOT}/$(CONFIGURE_PREFIX)/share/fish/$(PKG_VERSION)"
+ rm -f /usr/bin/apropos
endef
$(eval $(call BuildPackage,fish))
PKG_NAME:=gammu
PKG_VERSION:=1.39.0
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE_URL:=https://dl.cihar.com/gammu/releases
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/gammu $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/gammu-{smsd,smsd-inject,smsd-monitor} $(1)/usr/bin
$(INSTALL_DIR) $(1)/usr/lib
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib$(LIB_SUFFIX)/lib{Gammu*,gsmsd*} $(1)/usr/lib
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/lib{Gammu*,gsmsd*} $(1)/usr/lib
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_CONF) ./files/gammu $(1)/etc/config/gammu
include $(TOPDIR)/rules.mk
PKG_NAME:=logrotate
-PKG_VERSION:=3.14.0
+PKG_VERSION:=3.15.0
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:= https://github.com/logrotate/logrotate/releases/download/$(PKG_VERSION)
-PKG_HASH:=4703bdc0e2df3b322f9dff0aafc99aa9172c9e4acae28b7c924cc7d4e5b29d55
+PKG_HASH:=313612c4776a305393454c874ef590d8acf84c9ffa648717731dfe902284ff8f
PKG_LICENSE:=GPL-2.0
include $(INCLUDE_DIR)/package.mk
PKG_NAME:=mariadb
PKG_VERSION:=10.2.19
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL := \
CMAKE_INSTALL:=1
-PLUGIN_DIR:=/usr/lib/mysql/plugin
+CONF_DIR:=/etc/mysql
+PLUGIN_DIR:=/usr/lib/mariadb/plugin
+SHARE_DIR:=/usr/share/mariadb
+
+MARIADB_DISABLE_ENGINES := \
+ cassandra \
+ example \
+ mroonga \
+ oqgraph \
+ rocksdb \
+ test_sql_discovery \
+ tokudb
+
+MARIADB_DISABLE_PLUGINS := \
+ audit_null \
+ auth_examples \
+ aws_key_management \
+ cracklib_password_check \
+ daemon_example \
+ debug_key_management \
+ example_key_management \
+ fulltext
+
+MARIADB_LIB_PLUGINS := \
+ auth_gssapi_client
MARIADB_SERVER_PLUGINS := \
- adt_null \
- auth_0x0100 \
auth_ed25519 \
- auth_socket \
- auth_test_plugin \
+ auth_gssapi \
+ auth_pam \
client_ed25519 \
- debug_key_management \
- dialog_examples \
disks \
- example_key_management \
feedback \
file_key_management \
ha_archive \
ha_blackhole \
ha_connect \
- ha_example \
ha_federated \
ha_federatedx \
- ha_sequence \
ha_sphinx \
ha_spider \
- ha_test_sql_discovery \
handlersocket \
- libdaemon_example \
locales \
metadata_lock_info \
- mypluglib \
- qa_auth_client \
- qa_auth_interface \
- qa_auth_server \
query_cache_info \
query_response_time \
semisync_master \
wsrep_info
PKG_CONFIG_DEPENDS := \
+ $(patsubst %,CONFIG_PACKAGE_lib$(PKG_NAME)-plugin-%,$(subst _,-,$(MARIADB_LIB_PLUGINS))) \
$(patsubst %,CONFIG_PACKAGE_$(PKG_NAME)-server-plugin-%,$(subst _,-,$(MARIADB_SERVER_PLUGINS))) \
CONFIG_PACKAGE_mariadb-server
-plugin-adt_null := PLUGIN_AUDIT_NULL
-plugin-auth_0x0100 := PLUGIN_AUTH_0X0100
+plugin-auth_gssapi_client := PLUGIN_AUTH_GSSAPI_CLIENT
+
plugin-auth_ed25519 := PLUGIN_AUTH_ED25519
-plugin-auth_socket := PLUGIN_AUTH_SOCKET
-plugin-auth_test_plugin := PLUGIN_AUTH_TEST_PLUGIN
+plugin-auth_gssapi := PLUGIN_AUTH_GSSAPI
+plugin-auth_pam := PLUGIN_AUTH_PAM
plugin-client_ed25519 := PLUGIN_CLIENT_ED25519
-plugin-debug_key_management := PLUGIN_DEBUG_KEY_MANAGEMENT
-plugin-dialog_examples := PLUGIN_DIALOG_EXAMPLES
plugin-disks := PLUGIN_DISKS
-plugin-example_key_management := PLUGIN_EXAMPLE_KEY_MANAGEMENT
plugin-feedback := PLUGIN_FEEDBACK
plugin-file_key_management := PLUGIN_FILE_KEY_MANAGEMENT
plugin-ha_archive := PLUGIN_ARCHIVE
plugin-ha_blackhole := PLUGIN_BLACKHOLE
plugin-ha_connect := PLUGIN_CONNECT
-plugin-ha_example := PLUGIN_EXAMPLE
plugin-ha_federated := PLUGIN_FEDERATED
plugin-ha_federatedx := PLUGIN_FEDERATEDX
-plugin-ha_sequence := PLUGIN_SEQUENCE
plugin-ha_sphinx := PLUGIN_SPHINX
plugin-ha_spider := PLUGIN_SPIDER
-plugin-ha_test_sql_discovery := PLUGIN_TEST_SQL_DISCOVERY
plugin-handlersocket := PLUGIN_HANDLERSOCKET
-plugin-libdaemon_example := PLUGIN_DAEMON_EXAMPLE
plugin-locales := PLUGIN_LOCALES
plugin-metadata_lock_info := PLUGIN_METADATA_LOCK_INFO
-plugin-mypluglib := PLUGIN_FTEXAMPLE
-plugin-qa_auth_client := PLUGIN_QA_AUTH_CLIENT
-plugin-qa_auth_interface := PLUGIN_QA_AUTH_INTERFACE
-plugin-qa_auth_server := PLUGIN_QA_AUTH_SERVER
plugin-query_cache_info := PLUGIN_QUERY_CACHE_INFO
plugin-query_response_time := PLUGIN_QUERY_RESPONSE_TIME
plugin-semisync_master := PLUGIN_SEMISYNC_MASTER
mysql_tzinfo_to_sql \
mysqlbinlog \
mysqld_multi \
- mysqld_safe \
- mysqld_safe_helper \
mysqldumpslow \
mysqlhotcopy \
perror \
replace \
- resolve_stack_dump
+ resolve_stack_dump \
+ wsrep_sst_*
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/host-build.mk
# ignore them.
TARGET_CFLAGS+=$(TARGET_CPPFLAGS)
+define Package/mariadb/disable/engine
+ echo > $(1)/storage/$(2)/CMakeLists.txt
+endef
+
+define Package/mariadb/disable/plugin
+ echo > $(1)/plugin/$(2)/CMakeLists.txt
+endef
+
define Package/mariadb/install/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/$(2) $(1)/usr/bin
endef
+define Package/mariadb/install/plugin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)$(PLUGIN_DIR)/$(2).so $(1)$(PLUGIN_DIR)
+endef
+
define Package/mariadb/description/Default
MariaDB is a fast, stable and true multi-user, multi-threaded SQL
database server. SQL (Structured Query Language) is the most popular
speed, robustness and ease of use.
endef
-define Package/libmariadb
+define Package/libmariadb/Default
SECTION:=libs
CATEGORY:=Libraries
+ URL:=https://mariadb.org/
+endef
+
+define Package/libmariadb
+ $(call Package/libmariadb/Default)
DEPENDS:=$(MARIADB_COMMON_DEPENDS)
TITLE:=MariaDB database client library
- URL:=https://mariadb.org/
+ MENU:=1
PROVIDES:=libmariadbclient libmysqlclient libmysqlclient-r
endef
define Package/mariadb-client
$(call Package/mariadb/Default)
- TITLE:=MariaDB database core client binaries
- DEPENDS:= \
- $(MARIADB_COMMON_DEPENDS) \
- +libncursesw
+ TITLE:=MariaDB database client
+ MENU:=1
+ DEPENDS:=mariadb-client-base
endef
define Package/mariadb-client/description
endef
+define Package/mariadb-client-base
+ $(call Package/mariadb/Default)
+ TITLE:=MariaDB database client base
+ DEPENDS:=mariadb-common \
+ $(MARIADB_COMMON_DEPENDS) \
+ +libedit
+endef
+
+define Package/mariadb-client-base/conffiles
+$(CONF_DIR)/conf.d/50-client.cnf
+$(CONF_DIR)/conf.d/50-mysql-clients.cnf
+endef
+
+define Package/mariadb-client-base/description
+$(call Package/mariadb/description/Default)
+
+This package provides the foundation for mariadb-client. It installs the
+configuration and the dependencies.
+
+endef
+
define Package/mariadb-client-extra
$(call Package/mariadb/Default)
- TITLE:=MariaDB database extra client binaries
+ TITLE:=MariaDB database client extra
DEPENDS:=mariadb-client
endef
endef
-define Package/mariadb-extra-charsets
+define Package/mariadb-common
$(call Package/mariadb/Default)
- TITLE:=MariaDB database extra character sets
- DEPENDS:=mariadb-server
+ TITLE:=MariaDB database common files
+ DEPENDS:=
+endef
+
+define Package/mariadb-common/conffiles
+$(CONF_DIR)/my.cnf
endef
-define Package/mariadb-extra-charsets/description
+define Package/mariadb-common/description
$(call Package/mariadb/description/Default)
-This package contains single Byte character sets and collations that can
-be added at run time.
+This package includes shared files, for example $(CONF_DIR)/my.cnf.
endef
define Package/mariadb-server
$(call Package/mariadb/Default)
- DEPENDS:= \
- $(MARIADB_COMMON_DEPENDS) \
- +!arc:libaio \
- +liblzma \
- +libpcre \
- +resolveip
- TITLE:=MariaDB database core server binaries
+ DEPENDS:=mariadb-server-base
+ TITLE:=MariaDB database server
MENU:=1
PROVIDES:=mysql-server
- USERID:=mariadb=376:mariadb=376
endef
define Package/mariadb-server/description
endef
+define Package/mariadb-server-base
+ $(call Package/mariadb/Default)
+ DEPENDS:=mariadb-common \
+ $(MARIADB_COMMON_DEPENDS) \
+ +!arc:libaio \
+ +liblzma \
+ +libpcre \
+ +resolveip
+ TITLE:=MariaDB database server base
+ USERID:=mariadb=376:mariadb=376
+endef
+
+define Package/mariadb-server-base/conffiles
+$(CONF_DIR)/conf.d/50-server.cnf
+$(CONF_DIR)/conf.d/60-galera.cnf
+/etc/config/mysqld
+endef
+
+define Package/mariadb-server-base/description
+$(call Package/mariadb/description/Default)
+
+This package provides the foundation for mariadb-server. It installs the
+init script, support files (configuration etc.), the user "mariadb" and
+the dependencies.
+
+endef
+
define Package/mariadb-server-extra
$(call Package/mariadb/Default)
- TITLE:=MariaDB database extra server binaries
+ TITLE:=MariaDB database server extra
DEPENDS:=mariadb-server
endef
# time.
CMAKE_OPTIONS += -DSTACK_DIRECTION=-1
-# Jemalloc was added for TokuDB. Since its configure script seems somewhat broken
-# when it comes to cross-compilation we shall disable it and also disable TokuDB.
-CMAKE_OPTIONS += -DWITH_JEMALLOC=no -DWITHOUT_TOKUDB=1
-
# Make it explicit that we are cross-compiling
CMAKE_OPTIONS += -DCMAKE_CROSSCOMPILING=1
# Explicitly disable dtrace to avoid detection of a host version
CMAKE_OPTIONS += -DENABLE_DTRACE=0
-# Prevent mariadb from messing with OpenWrt's C(XX)FLAGS
+# Prevent MariaDB from messing with OpenWrt's C(XX)FLAGS
CMAKE_OPTIONS += -DSECURITY_HARDENED=OFF
ifeq ($(CONFIG_PACKAGE_mariadb-server),)
CMAKE_OPTIONS += -DWITHOUT_SERVER=ON
else
-CMAKE_OPTIONS += -DWITHOUT_SERVER=OFF
+# Enable the auth_socket plugin and let unix user root access MariaDB without a
+# separate password.
+CMAKE_OPTIONS += -DWITHOUT_SERVER=OFF -DPLUGIN_AUTH_SOCKET=STATIC
endif
CMAKE_OPTIONS += \
-DCONNECT_WITH_JDBC=NO \
-DCONNECT_WITH_LIBXML2=system \
+ -DCONNECT_WITH_MONGO=NO \
-DCONNECT_WITH_ODBC=NO \
- -DDEFAULT_CHARSET=utf8 \
- -DDEFAULT_COLLATION=utf8_general_ci \
-DDISABLE_SHARED=NO \
-DENABLED_PROFILING=OFF \
-DENABLE_STATIC_LIBS=OFF \
-DINSTALL_DOCDIR=share/doc/mariadb \
-DINSTALL_DOCREADMEDIR=share/doc/mariadb \
+ -DINSTALL_INFODIR=share/info \
-DINSTALL_MANDIR=share/man \
- -DINSTALL_MYSQLSHAREDIR=share/mysql \
+ -DINSTALL_MYSQLSHAREDIR=share/mariadb \
-DINSTALL_MYSQLTESTDIR="" \
- -DINSTALL_PLUGINDIR=lib/mysql/plugin \
+ -DINSTALL_PLUGINDIR=lib/mariadb/plugin \
-DINSTALL_SBINDIR=bin \
-DINSTALL_SCRIPTDIR=bin \
-DINSTALL_SQLBENCHDIR="" \
- -DINSTALL_SUPPORTFILESDIR=share/mysql \
+ -DINSTALL_SUPPORTFILESDIR=share/mariadb \
-DINSTALL_UNIX_ADDRDIR=/var/run/mysqld/mysqld.sock \
- -DMYSQLD_USER=mariadb \
-DMYSQL_DATADIR=/var/lib/mysql \
-DMYSQL_UNIX_ADDR=/var/run/mysqld/mysqld.sock \
-DSKIP_TESTS=ON \
- -DWITH_ASAN=OFF \
+ -DWITH_DEBUG=OFF \
-DWITH_EMBEDDED_SERVER=OFF \
- -DWITH_EXTRA_CHARSETS=complex \
-DWITH_INNODB_BZIP2=OFF \
-DWITH_INNODB_LZ4=OFF \
-DWITH_INNODB_LZMA=ON \
-DWITH_INNODB_LZO=OFF \
-DWITH_INNODB_SNAPPY=OFF \
- -DWITH_LIBEDIT=OFF \
- -DWITH_LIBNUMA=NO \
+ -DWITH_JEMALLOC=OFF \
+ -DWITH_LIBARCHIVE=OFF \
-DWITH_LIBWRAP=OFF \
- -DWITH_LIBWSEP=OFF \
-DWITH_MARIABACKUP=ON \
-DWITH_PCRE=system \
- -DWITH_READLINE=OFF \
-DWITH_SAFEMALLOC=OFF \
-DWITH_SSL=system \
-DWITH_SYSTEMD=no \
-DWITH_VALGRIND=OFF \
-DWITH_ZLIB=system
-# Default-disable some modules
-CMAKE_OPTIONS += \
- -DPLUGIN_CASSANDRA=NO \
- -DPLUGIN_MROONGA=NO \
- -DPLUGIN_OQGRAPH=NO \
- -DPLUGIN_ROCKSDB=NO \
- -DPLUGIN_TOKUDB=NO \
- -DPLUGIN_AUTH_PAM=NO \
- -DPLUGIN_AUTH_GSSAPI=NO \
- -DPLUGIN_AUTH_GSSAPI_CLIENT=OFF \
- -DPLUGIN_CRACKLIB_PASSWORD_CHECK=NO
-
# Help MariaDB find the correct libiconv.
# nls.mk sets it up so that with CONFIG_BUILD_NLS libiconv-full would be used,
# otherwise libiconv-stub (independent of the selected libc). MariaDB needs a
-DICONV_LIBRARIES=$(ICONV_PREFIX)/lib/libiconv.$(if $(CONFIG_BUILD_NLS),so,a)
CMAKE_OPTIONS += \
+ $(foreach p,$(MARIADB_LIB_PLUGINS),-D$(plugin-$(p))=$(if $(CONFIG_PACKAGE_lib$(PKG_NAME)-plugin-$(subst _,-,$(p))),DYNAMIC,OFF)) \
$(foreach p,$(MARIADB_SERVER_PLUGINS),-D$(plugin-$(p))=$(if $(CONFIG_PACKAGE_$(PKG_NAME)-server-plugin-$(subst _,-,$(p))),DYNAMIC,NO))
# Set CMAKE_FIND_ROOT_PATH_MODE_INCLUDE and CMAKE_FIND_ROOT_PATH_MODE_LIBRARY
-DCMAKE_FIND_ROOT_PATH_MODE_LIBRARY=BOTH \
-DCMAKE_INSTALL_RPATH="$(STAGING_DIR_HOSTPKG)/lib" \
-DCMAKE_SKIP_RPATH=FALSE \
- -DWITHOUT_SERVER=OFF \
- -DWITHOUT_TOKUDB=1
+ -DWITHOUT_SERVER=OFF
-# Some helpers must be compiled for host in order to crosscompile mariadb for
+# Some helpers must be compiled for host in order to crosscompile MariaDB for
# the target. They are then included by import_executables.cmake which is
# generated during the build of the host helpers. It is not necessary to build
# the whole host package, only the "import_executables" target.
CMAKE_OPTIONS += -DIMPORT_EXECUTABLES=$(STAGING_DIR_HOSTPKG)/share/mariadb/import_executables.cmake
+# Disable some engines/plugins here as well - decreases the number of cmake checks.
+define Host/Prepare
+ $(call Host/Prepare/Default)
+ $(foreach e,$(MARIADB_DISABLE_ENGINES),$(call Package/mariadb/disable/engine,$(HOST_BUILD_DIR),$(e));)
+ $(foreach p,$(MARIADB_DISABLE_PLUGINS),$(call Package/mariadb/disable/plugin,$(HOST_BUILD_DIR),$(p));)
+endef
+
define Host/Compile
$(call Host/Compile/Default,import_executables)
endef
# LIBICONV_PLUG is used in GNU's libiconv for redefinition of exports [e.g.
# from libiconv_open() to iconv_open()]. But in OpenWrt this variable is not set
-# when building libiconv-full. So when mariadb sets LIBICONV_PLUG it expects
+# when building libiconv-full. So when MariaDB sets LIBICONV_PLUG it expects
# iconv_open() to be available for example, which is not the case - only
# libiconv_open() is. To address this prevent the variable from being set.
# libiconv-stub does not use this variable, so there is no harm in always doing
define Build/Prepare
$(call Build/Prepare/Default)
$(SED) '/ADD_DEFINITIONS(-DLIBICONV_PLUG)/d' $(PKG_BUILD_DIR)/libmariadb/libmariadb/CMakeLists.txt
+ $(foreach e,$(MARIADB_DISABLE_ENGINES),$(call Package/mariadb/disable/engine,$(PKG_BUILD_DIR),$(e));)
+ $(foreach p,$(MARIADB_DISABLE_PLUGINS),$(call Package/mariadb/disable/plugin,$(PKG_BUILD_DIR),$(p));)
endef
define Build/InstallDev
cd $(1)/usr/bin; $(LN) mysqlcheck mysqloptimize
endef
+define Package/mariadb-client-base/install
+ $(INSTALL_DIR) $(1)$(CONF_DIR)/conf.d
+ $(INSTALL_CONF) conf/50-client.cnf $(1)$(CONF_DIR)/conf.d
+ $(INSTALL_CONF) conf/50-mysql-clients.cnf $(1)$(CONF_DIR)/conf.d
+endef
+
define Package/mariadb-client-extra/install
$(INSTALL_DIR) $(1)/usr/bin
$(foreach b,$(MARIADB_CLIENT_EXTRA),$(call Package/mariadb/install/bin,$(1),$(b));)
endef
-define Package/mariadb-extra-charsets/install
- $(INSTALL_DIR) $(1)/usr/share/mysql/charsets
- $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/mysql/charsets/* $(1)/usr/share/mysql/charsets
+define Package/mariadb-common/install
+ $(INSTALL_DIR) $(1)$(CONF_DIR)
+ $(INSTALL_CONF) conf/my.cnf $(1)$(CONF_DIR)
endef
define Package/mariadb-server/install
$(INSTALL_DIR) $(1)/usr/bin
$(foreach b,$(MARIADB_SERVER),$(call Package/mariadb/install/bin,$(1),$(b));)
- $(INSTALL_DIR) $(1)/etc/default
+endef
+
+define Package/mariadb-server-base/install
+ $(INSTALL_DIR) $(1)$(CONF_DIR)/conf.d
+ $(INSTALL_DIR) $(1)$(SHARE_DIR)/charsets
+ $(INSTALL_DIR) $(1)$(SHARE_DIR)/english
+ $(INSTALL_DIR) $(1)/etc/config
$(INSTALL_DIR) $(1)/etc/init.d
- $(INSTALL_DIR) $(1)/etc/mysql/conf.d
$(INSTALL_BIN) files/mysqld.init $(1)/etc/init.d/mysqld
- $(INSTALL_CONF) conf/my.cnf $(1)/etc/mysql
- $(INSTALL_CONF) conf/mysqld.default $(1)/etc/default/mysqld
- $(INSTALL_DIR) $(1)$(PLUGIN_DIR)
- $(INSTALL_CONF) $(PKG_INSTALL_DIR)$(PLUGIN_DIR)/daemon_example.ini $(1)$(PLUGIN_DIR)
- $(INSTALL_DIR) $(1)/usr/share/mysql/english
- $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/mysql/english/errmsg.sys $(1)/usr/share/mysql/english
- $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/mysql/fill_help_tables.sql $(1)/usr/share/mysql
- $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/mysql/maria_add_gis_sp_bootstrap.sql $(1)/usr/share/mysql
- $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/mysql/mysql_performance_tables.sql $(1)/usr/share/mysql
- $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/mysql/mysql_system_tables.sql $(1)/usr/share/mysql
- $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/mysql/mysql_system_tables_data.sql $(1)/usr/share/mysql
+ $(SED) '/^[a-z]/s/^/#/' $(PKG_INSTALL_DIR)$(SHARE_DIR)/wsrep.cnf
+ $(INSTALL_CONF) $(PKG_INSTALL_DIR)$(SHARE_DIR)/wsrep.cnf $(1)$(CONF_DIR)/conf.d/60-galera.cnf
+ $(INSTALL_CONF) conf/50-server.cnf $(1)$(CONF_DIR)/conf.d
+ $(INSTALL_CONF) files/mysqld.config $(1)/etc/config/mysqld
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)$(SHARE_DIR)/charsets/* $(1)$(SHARE_DIR)/charsets
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)$(SHARE_DIR)/english/errmsg.sys $(1)$(SHARE_DIR)/english
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)$(SHARE_DIR)/fill_help_tables.sql $(1)$(SHARE_DIR)
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)$(SHARE_DIR)/maria_add_gis_sp_bootstrap.sql $(1)$(SHARE_DIR)
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)$(SHARE_DIR)/mysql_performance_tables.sql $(1)$(SHARE_DIR)
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)$(SHARE_DIR)/mysql_system_tables.sql $(1)$(SHARE_DIR)
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)$(SHARE_DIR)/mysql_system_tables_data.sql $(1)$(SHARE_DIR)
endef
define Package/mariadb-server-extra/install
$(INSTALL_DIR) $(1)/usr/bin
+ $(SED) 's,/bin/bash,/bin/sh,g' $(PKG_INSTALL_DIR)/usr/bin/wsrep_sst_*
$(foreach b,$(MARIADB_SERVER_EXTRA),$(call Package/mariadb/install/bin,$(1),$(b));)
endef
-define Package/mariadb-server/conffiles
-/etc/default/mysqld
-/etc/mysql/my.cnf
-$(PLUGIN_DIR)/daemon_example.ini
-endef
-
define BuildPlugin
- define Package/$(PKG_NAME)-server-plugin-$(subst _,-,$(1))
- $$(call Package/mariadb/Default)
- TITLE:=MariaDB database plugin
- DEPENDS:=mariadb-server $(patsubst +%,+PACKAGE_$(PKG_NAME)-server-plugin-$(subst _,-,$(1)):%,$(2))
+ define Package/$(1)-plugin-$(subst _,-,$(2))
+ $(call Package/$(subst mariadb-server,mariadb,$(1))/Default)
+ TITLE:=$(1) plugin
+ DEPENDS:=$(1) $(patsubst +%,+PACKAGE_$(1)-plugin-$(subst _,-,$(2)):%,$(3))
endef
- define Package/$(PKG_NAME)-server-plugin-$(subst _,-,$(1))/description
- $$(call Package/mariadb/description/Default)
+ define Package/$(1)-plugin-$(subst _,-,$(2))/description
+ $(call Package/mariadb/description/Default)
-This package provides the $(1) plugin.
+This package provides the $(2) plugin.
endef
- define Package/$(PKG_NAME)-server-plugin-$(subst _,-,$(1))/install
- $(INSTALL_DIR) $$(1)$(PLUGIN_DIR)
- $(INSTALL_BIN) \
- $(PKG_INSTALL_DIR)$(PLUGIN_DIR)/$(1).so \
- $$(1)$(PLUGIN_DIR)
+ define Package/$(1)-plugin-$(subst _,-,$(2))/install
+ $(INSTALL_DIR) $$(1)$(PLUGIN_DIR)
+ $(call Package/mariadb/install/plugin,$$(1),$(2))
endef
- $$(eval $$(call BuildPackage,$(PKG_NAME)-server-plugin-$(subst _,-,$(1))))
+ $$(eval $$(call BuildPackage,$(1)-plugin-$(subst _,-,$(2))))
endef
$(eval $(call HostBuild))
$(eval $(call BuildPackage,libmariadb))
$(eval $(call BuildPackage,mariadb-client))
+$(eval $(call BuildPackage,mariadb-client-base))
$(eval $(call BuildPackage,mariadb-client-extra))
-$(eval $(call BuildPackage,mariadb-extra-charsets))
+$(eval $(call BuildPackage,mariadb-common))
$(eval $(call BuildPackage,mariadb-server))
+$(eval $(call BuildPackage,mariadb-server-base))
$(eval $(call BuildPackage,mariadb-server-extra))
-$(eval $(call BuildPlugin,adt_null,))
-$(eval $(call BuildPlugin,auth_0x0100,))
-$(eval $(call BuildPlugin,auth_ed25519,))
-$(eval $(call BuildPlugin,auth_socket,))
-$(eval $(call BuildPlugin,auth_test_plugin,))
-$(eval $(call BuildPlugin,client_ed25519,))
-$(eval $(call BuildPlugin,debug_key_management,))
-$(eval $(call BuildPlugin,dialog_examples,))
-$(eval $(call BuildPlugin,disks,))
-$(eval $(call BuildPlugin,example_key_management,))
-$(eval $(call BuildPlugin,feedback,))
-$(eval $(call BuildPlugin,file_key_management,))
-$(eval $(call BuildPlugin,ha_archive,))
-$(eval $(call BuildPlugin,ha_blackhole,))
-$(eval $(call BuildPlugin,ha_connect,+libxml2))
-$(eval $(call BuildPlugin,ha_example,))
-$(eval $(call BuildPlugin,ha_federated,))
-$(eval $(call BuildPlugin,ha_federatedx,))
-$(eval $(call BuildPlugin,ha_sequence,))
-$(eval $(call BuildPlugin,ha_sphinx,))
-$(eval $(call BuildPlugin,ha_spider,))
-$(eval $(call BuildPlugin,ha_test_sql_discovery,))
-$(eval $(call BuildPlugin,handlersocket,))
-$(eval $(call BuildPlugin,libdaemon_example,))
-$(eval $(call BuildPlugin,locales,))
-$(eval $(call BuildPlugin,metadata_lock_info,))
-$(eval $(call BuildPlugin,mypluglib,))
-$(eval $(call BuildPlugin,qa_auth_client,))
-$(eval $(call BuildPlugin,qa_auth_interface,))
-$(eval $(call BuildPlugin,qa_auth_server,))
-$(eval $(call BuildPlugin,query_cache_info,))
-$(eval $(call BuildPlugin,query_response_time,))
-$(eval $(call BuildPlugin,semisync_master,))
-$(eval $(call BuildPlugin,semisync_slave,))
-$(eval $(call BuildPlugin,server_audit,))
-$(eval $(call BuildPlugin,simple_password_check,))
-$(eval $(call BuildPlugin,sql_errlog,))
-$(eval $(call BuildPlugin,wsrep_info,))
+$(eval $(call BuildPlugin,libmariadb,auth_gssapi_client,+krb5-libs))
+$(eval $(call BuildPlugin,mariadb-server,auth_ed25519,))
+$(eval $(call BuildPlugin,mariadb-server,auth_gssapi,+krb5-libs))
+$(eval $(call BuildPlugin,mariadb-server,auth_pam,+libpam))
+$(eval $(call BuildPlugin,mariadb-server,client_ed25519,))
+$(eval $(call BuildPlugin,mariadb-server,disks,))
+$(eval $(call BuildPlugin,mariadb-server,feedback,))
+$(eval $(call BuildPlugin,mariadb-server,file_key_management,))
+$(eval $(call BuildPlugin,mariadb-server,ha_archive,))
+$(eval $(call BuildPlugin,mariadb-server,ha_blackhole,))
+$(eval $(call BuildPlugin,mariadb-server,ha_connect,+libxml2))
+$(eval $(call BuildPlugin,mariadb-server,ha_federated,))
+$(eval $(call BuildPlugin,mariadb-server,ha_federatedx,))
+$(eval $(call BuildPlugin,mariadb-server,ha_sphinx,))
+$(eval $(call BuildPlugin,mariadb-server,ha_spider,))
+$(eval $(call BuildPlugin,mariadb-server,handlersocket,))
+$(eval $(call BuildPlugin,mariadb-server,locales,))
+$(eval $(call BuildPlugin,mariadb-server,metadata_lock_info,))
+$(eval $(call BuildPlugin,mariadb-server,query_cache_info,))
+$(eval $(call BuildPlugin,mariadb-server,query_response_time,))
+$(eval $(call BuildPlugin,mariadb-server,semisync_master,))
+$(eval $(call BuildPlugin,mariadb-server,semisync_slave,))
+$(eval $(call BuildPlugin,mariadb-server,server_audit,))
+$(eval $(call BuildPlugin,mariadb-server,simple_password_check,))
+$(eval $(call BuildPlugin,mariadb-server,sql_errlog,))
+$(eval $(call BuildPlugin,mariadb-server,wsrep_info,))
+
--- /dev/null
+#
+# This group is read by the client library
+# Use it for options that affect all clients, but not the server
+#
+
+[client]
+# Default is Latin1, if you need UTF-8 set this (also in server section)
+default-character-set = utf8mb4
+
+# Example of client certificate usage
+# ssl-cert=/etc/mysql/client-cert.pem
+# ssl-key=/etc/mysql/client-key.pem
+#
+# Allow only TLS encrypted connections
+# ssl-verify-server-cert=on
+
+# This group is *never* read by mysql client library
+# If you use the same .cnf file for MySQL and MariaDB, use it for
+# MariaDB-only client options
+[client-mariadb]
+
--- /dev/null
+#
+# These groups are read by MariaDB command-line tools
+# Use it for options that affect only one utility
+#
+
+[mysql]
+# Default is Latin1, if you need UTF-8 set this (also in server section)
+default-character-set = utf8mb4
+
+[mysql_upgrade]
+
+[mysqladmin]
+
+[mysqlbinlog]
+
+[mysqlcheck]
+
+[mysqldump]
+
+[mysqlimport]
+
+[mysqlshow]
+
+[mysqlslap]
+
--- /dev/null
+#
+# These groups are read by MariaDB server.
+# Use it for options that only the server (but not clients) should see
+#
+# See the examples of server my.cnf files in /usr/share/mysql/
+#
+
+# this is read by the standalone daemon and embedded servers
+[server]
+
+# this is only for the mysqld standalone daemon
+[mysqld]
+
+#
+# * Basic Settings
+#
+user = mariadb
+pid-file = /var/run/mysqld/mysqld.pid
+socket = /var/run/mysqld/mysqld.sock
+port = 3306
+basedir = /usr
+# Don't put this on flash memory
+# Figure out where you are going to put the databases and run
+# mysql_install_db --force
+datadir = /mnt/data/mysql
+# tmpdir should also not go on flash memory
+tmpdir = /tmp
+lc-messages-dir = /usr/share/mariadb
+
+skip-external-locking
+
+# Instead of skip-networking the default is now to listen only on
+# localhost which is more compatible and is not less secure.
+bind-address = 127.0.0.1
+
+#
+# * Fine Tuning
+#
+key_buffer_size = 16M
+max_allowed_packet = 16M
+thread_stack = 192K
+thread_cache_size = 8
+# This replaces the startup script and checks MyISAM tables if needed
+# the first time they are touched
+myisam_recover_options = BACKUP
+#max_connections = 100
+#table_cache = 64
+#thread_concurrency = 10
+
+#
+# * Query Cache Configuration
+#
+query_cache_limit = 1M
+query_cache_size = 16M
+
+#
+# * Logging and Replication
+#
+# Both location gets rotated by the cronjob.
+# Be aware that this log type is a performance killer.
+# As of 5.1 you can enable the log at runtime!
+#general_log_file = /var/log/mysql/mysql.log
+#general_log = 1
+#
+# Error log - should be very few entries.
+# Note that if unset the errors will go to stdout and can be seen in syslog
+# (check "logread")
+#
+#log_error = /var/log/mysql/error.log
+#
+# Enable the slow query log to see queries with especially long duration
+#slow_query_log_file = /var/log/mysql/mariadb-slow.log
+#long_query_time = 10
+#log_slow_rate_limit = 1000
+#log_slow_verbosity = query_plan
+#
+#log-queries-not-using-indexes
+#
+# The following can be used as easy to replay backup logs or for replication.
+#server-id = 1
+#log_bin = /var/log/mysql/mysql-bin.log
+expire_logs_days = 10
+max_binlog_size = 100M
+#binlog_do_db = include_database_name
+#binlog_ignore_db = exclude_database_name
+
+#
+# * InnoDB
+#
+# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/.
+# Read the manual for more InnoDB related options. There are many!
+
+#
+# * Security Features
+#
+# Read the manual, too, if you want chroot!
+# chroot = /var/lib/mysql/
+#
+# For generating SSL certificates you can use for example the GUI tool "tinyca".
+#
+# ssl-ca=/etc/mysql/cacert.pem
+# ssl-cert=/etc/mysql/server-cert.pem
+# ssl-key=/etc/mysql/server-key.pem
+#
+# Accept only connections using the latest and most secure TLS protocol version.
+# ..when MariaDB is compiled with OpenSSL:
+# ssl-cipher=TLSv1.2
+
+#
+# * Character sets
+#
+# MySQL/MariaDB default is Latin1, but in OpenWrt we rather default to the full
+# utf8 4-byte character set. See also client.cnf
+#
+# Note: In OpenWrt until mariadb 10.2.19-2 the baked-in defaults were
+# "DEFAULT_CHARSET=utf8" and "DEFAULT_COLLATION=utf8_general_ci". As MariaDB's
+# utf8 (supports three bytes per character) is not really UTF-8 (which needs up
+# to four bytes per character) this was changed. Now the baked in-defaults are
+# the upstream defaults (Latin1), but in the default configuration (like in the
+# file you are currently reading) utf8mb4 is set, which is real UTF-8.
+#
+# Of course you are free to change this, either here or in a configuration file
+# of your own which is read after this .cnf file, see my.cnf in parent folder
+# (files are read in alphabetical order).
+character-set-server = utf8mb4
+collation-server = utf8mb4_general_ci
+
+#
+# * Unix socket authentication plugin is built-in
+#
+# Needed so the root database user can authenticate without a password but
+# only when running as the unix root user.
+#
+# Also available for other users if required.
+# See https://mariadb.com/kb/en/unix_socket-authentication-plugin/
+
-[client]
-port = 3306
-socket = /var/run/mysqld/mysqld.sock
-
-[mysqld]
-user = mariadb
-socket = /var/run/mysqld/mysqld.sock
-port = 3306
-basedir = /usr
-
-############ Don't put this on the NAND #############
-# Figure out where you are going to put the databases
-# And run mysql_install_db --force
-datadir = /mnt/data/mysql/
-
-######### This should also not go on the NAND #######
-tmpdir = /mnt/data/tmp/
-
-skip-external-locking
-
-bind-address = 127.0.0.1
-
-# Fine Tuning
-key_buffer_size = 16M
-max_allowed_packet = 16M
-thread_stack = 192K
-thread_cache_size = 8
-
-# Here you can see queries with especially long duration
-#log_slow_queries = /var/log/mysql/mysql-slow.log
-#long_query_time = 2
-#log-queries-not-using-indexes
-
-# The following can be used as easy to replay backup logs or for replication.
-#server-id = 1
-#log_bin = /var/log/mysql/mysql-bin.log
-#expire_logs_days = 10
-#max_binlog_size = 100M
-#binlog_do_db = include_database_name
-#binlog_ignore_db = include_database_name
-
-
-[mysqldump]
-quick
-quote-names
-max_allowed_packet = 16M
-
-[mysql]
-#no-auto-rehash # faster start of mysql but no tab completition
-
-[isamchk]
-key_buffer = 16M
-
+# The MariaDB configuration file
+#
+# The MariaDB/MySQL tools read configuration files in the following order:
+# 1. "/etc/mysql/my.cnf" (this file) to set global defaults,
+# 2. "/etc/mysql/conf.d/*.cnf" to set global options.
+# 3. "~/.my.cnf" to set user-specific options.
+#
+# If the same option is defined multiple times, the last one will apply.
+#
+# One can use all long options that the program supports.
+# Run program with --help to get a list of available options and with
+# --print-defaults to see which it would actually understand and use.
+
+#
+# This group is read both both by the client and the server
+# use it for options that affect everything
+#
+[client-server]
+
+# Import all .cnf files from configuration directory
+!includedir /etc/mysql/conf.d/
+++ /dev/null
-# The user and group that will run the MySQL server. The user mariadb is
-# automatically created by the mariadb-server package, hence that is the
-# default choice.
-
-#MY_USER=mariadb
-#MY_GROUP=mariadb
-
-# Additional arguments you want to pass to the MySQL server.
-
-#MY_ARGS=""
--- /dev/null
+
+config mysqld 'general'
+ option enabled '0'
+ option log_stderr '1'
+ option log_stdout '1'
+ option options ''
+
#PROCD_DEBUG=1
-MYSQLD=mysqld
+NAME=mysqld
-DEFAULT=/etc/default/$MYSQLD
-LOGGER="/usr/bin/logger -p user.err -s -t $MYSQLD"
-PROG=/usr/bin/$MYSQLD
+LOGGER="/usr/bin/logger -p user.err -s -t $NAME"
+COMMAND=/usr/bin/$NAME
-unset MY_ARGS MY_GROUP MY_USER
-
-[ -f $DEFAULT ] && . $DEFAULT
-
-my_user="${MY_USER:-mariadb}"
-my_group="${MY_GROUP:-mariadb}"
+mysqld_get_param() {
+ $COMMAND --print-defaults \
+ | tr " " "\n" \
+ | grep -- "--$1" \
+ | tail -n 1 \
+ | cut -d= -f2
+}
start_service() {
- local conf='/etc/mysql/my.cnf'
- local datadir="$( sed -nE "s/^\s*datadir\s*=\s*('([^']*)'|\x22([^\x22]*)\x22|(.*\S))\s*$/\2\3\4/p" "$conf" )"
-
- [ -d "$datadir" ] || {
- $LOGGER "datadir '$datadir' in '$conf' does not exist"
- return 1
- }
-
- [ -f "$datadir/mysql/tables_priv.MYD" ] || {
+ local conf=/etc/mysql/my.cnf
+ local dir
+ local user=mariadb
+
+ local datadir
+ local logdir=/var/log/mysql
+ local rundir=/var/run/mysqld
+ local tmpdir
+
+ local enabled
+ local log_stderr
+ local log_stdout
+ local options
+
+ if [ ! -x $COMMAND ]; then
+ $LOGGER $COMMAND is missing
+ exit 1
+ fi
+
+ if [ ! -r $conf ]; then
+ $LOGGER $conf cannot be read
+ exit 1
+ fi
+
+ config_load $NAME
+
+ config_get_bool enabled general enabled 0
+ if [ $enabled -eq 0 ]; then
+ $LOGGER service not enabled in /etc/config/$NAME
+ exit 1
+ fi
+
+ config_get_bool log_stderr general log_stderr 1
+ config_get_bool log_stdout general log_stdout 1
+
+ config_get options general options
+
+ datadir=$(mysqld_get_param datadir)
+ tmpdir=$(mysqld_get_param tmpdir)
+
+ if [ -z "$datadir" ]; then
+ $LOGGER datadir is not set
+ exit 1
+ fi
+
+ if [ -z "$tmpdir" ]; then
+ $LOGGER tmpdir is not set.
+ exit 1
+ fi
+
+ [ -e "$datadir" ] || mkdir -p "$datadir"
+
+ for dir in "$logdir" "$rundir" "$tmpdir"; do
+ if [ ! -e "$dir" ]; then
+ mkdir -p "$dir"
+ chown $user "$dir"
+ fi
+ done
+
+ if [ ! -f "$datadir/mysql/tables_priv.MYD" ]; then
$LOGGER "cannot detect privileges table, you might need to"
$LOGGER "run 'mysql_install_db --force' to initialize the system tables"
- return 1
- }
-
- mkdir -p /var/lib/mysql
- chown "$my_user":"$my_group" /var/lib/mysql
-
- mkdir -p /var/run/mysqld
- chown "$my_user":"$my_group" /var/run/mysqld
+ exit 1
+ fi
procd_open_instance
- procd_set_param command $PROG $MY_ARGS
- procd_set_param pidfile /var/run/mysqld.pid
+ procd_set_param command $COMMAND $options
+
# forward stderr to logd
- procd_set_param stderr 1
+ procd_set_param stderr $log_stderr
+ # same for stdout
+ procd_set_param stdout $log_stdout
procd_close_instance
}
+
--- /dev/null
+commit 2220f7458ef90829eacc457167a28aeba75ca1bc
+Author: Sebastian Kemper <sebastian_ml@gmx.net>
+Date: Sun Dec 9 21:19:24 2018 +0100
+
+ cmake: support new libedit interface
+
+ libedit changed it's interface a while ago. MariaDB's cmake file doesn't
+ recognize the new interface, the compile test fails:
+
+ /mariadb-10.2.19/CMakeFiles/CMakeTmp/src.cxx: In function 'int main(int, char**)':
+ /mariadb-10.2.19/CMakeFiles/CMakeTmp/src.cxx:6:47: error: invalid conversion from 'char*' to 'int' [-fpermissive]
+ int res= (*rl_completion_entry_function)(0,0);
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~
+
+ Fix this by adding a detection for the new interface as well.
+
+ In client/mysql.cc the ifdefs for the new readline interface are
+ extended to also check for the new libedit interface. They work the same
+ way.
+
+ Run-tested on a MIPS machine.
+
+ Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
+
+--- a/client/mysql.cc
++++ b/client/mysql.cc
+@@ -2577,7 +2577,7 @@ C_MODE_END
+ if not.
+ */
+
+-#if defined(USE_NEW_READLINE_INTERFACE)
++#if defined(USE_NEW_READLINE_INTERFACE) || defined(USE_NEW_LIBEDIT_INTERFACE)
+ static int fake_magic_space(int, int);
+ extern "C" char *no_completion(const char*,int)
+ #elif defined(USE_LIBEDIT_INTERFACE)
+@@ -2659,7 +2659,7 @@ static int not_in_history(const char *li
+ }
+
+
+-#if defined(USE_NEW_READLINE_INTERFACE)
++#if defined(USE_NEW_READLINE_INTERFACE) || defined(USE_NEW_LIBEDIT_INTERFACE)
+ static int fake_magic_space(int, int)
+ #else
+ static int fake_magic_space(const char *, int)
+@@ -2676,7 +2676,7 @@ static void initialize_readline (char *n
+ rl_readline_name = name;
+
+ /* Tell the completer that we want a crack first. */
+-#if defined(USE_NEW_READLINE_INTERFACE)
++#if defined(USE_NEW_READLINE_INTERFACE) || defined(USE_NEW_LIBEDIT_INTERFACE)
+ rl_attempted_completion_function= (rl_completion_func_t*)&new_mysql_completion;
+ rl_completion_entry_function= (rl_compentry_func_t*)&no_completion;
+
+@@ -2706,7 +2706,7 @@ static char **new_mysql_completion(const
+ int end __attribute__((unused)))
+ {
+ if (!status.batch && !quick)
+-#if defined(USE_NEW_READLINE_INTERFACE)
++#if defined(USE_NEW_READLINE_INTERFACE) || defined(USE_NEW_LIBEDIT_INTERFACE)
+ return rl_completion_matches(text, new_command_generator);
+ #else
+ return completion_matches((char *)text, (CPFunction *)new_command_generator);
+--- a/cmake/readline.cmake
++++ b/cmake/readline.cmake
+@@ -160,8 +160,20 @@ MACRO (MYSQL_FIND_SYSTEM_LIBEDIT)
+ int res= (*rl_completion_entry_function)(0,0);
+ completion_matches(0,0);
+ }"
+- LIBEDIT_INTERFACE)
+- SET(USE_LIBEDIT_INTERFACE ${LIBEDIT_INTERFACE})
++ LIBEDIT_HAVE_COMPLETION_INT)
++
++ CHECK_CXX_SOURCE_COMPILES("
++ #include <stdio.h>
++ #include <readline.h>
++ int main(int argc, char **argv)
++ {
++ char res= *(*rl_completion_entry_function)(0,0);
++ completion_matches(0,0);
++ }"
++ LIBEDIT_HAVE_COMPLETION_CHAR)
++ IF(LIBEDIT_HAVE_COMPLETION_INT OR LIBEDIT_HAVE_COMPLETION_CHAR)
++ SET(USE_LIBEDIT_INTERFACE 1)
++ ENDIF()
+ ENDIF()
+ ENDMACRO()
+
+@@ -187,6 +199,7 @@ MACRO (MYSQL_CHECK_READLINE)
+ IF(USE_LIBEDIT_INTERFACE)
+ SET(MY_READLINE_INCLUDE_DIR ${LIBEDIT_INCLUDE_DIR})
+ SET(MY_READLINE_LIBRARY ${LIBEDIT_LIBRARY} ${CURSES_LIBRARY})
++ SET(USE_NEW_LIBEDIT_INTERFACE ${LIBEDIT_HAVE_COMPLETION_CHAR})
+ ELSE()
+ MYSQL_USE_BUNDLED_READLINE()
+ ENDIF()
+--- a/config.h.cmake
++++ b/config.h.cmake
+@@ -113,6 +113,7 @@
+ /* Readline */
+ #cmakedefine HAVE_HIST_ENTRY 1
+ #cmakedefine USE_LIBEDIT_INTERFACE 1
++#cmakedefine USE_NEW_LIBEDIT_INTERFACE 1
+ #cmakedefine USE_NEW_READLINE_INTERFACE 1
+
+ #cmakedefine FIONREAD_IN_SYS_IOCTL 1
PKG_NAME:=prometheus-node-exporter-lua
PKG_VERSION:=2018.07.23
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_MAINTAINER:=Etienne CHAMPETIER <champetier.etienne@gmail.com>
PKG_LICENSE:=Apache-2.0
DEPENDS:=prometheus-node-exporter-lua
endef
+define Package/prometheus-node-exporter-lua-ltq-dsl
+ $(call Package/prometheus-node-exporter-lua/Default)
+ TITLE+= (lantiq dsl collector)
+ DEPENDS:=prometheus-node-exporter-lua @(PACKAGE_ltq-adsl-app||PACKAGE_ltq-vdsl-app)
+endef
+
Build/Compile=
define Package/prometheus-node-exporter-lua/install
$(INSTALL_BIN) ./files/usr/lib/lua/prometheus-collectors/openwrt.lua $(1)/usr/lib/lua/prometheus-collectors/
endef
+define Package/prometheus-node-exporter-lua-ltq-dsl/install
+ $(INSTALL_DIR) $(1)/usr/lib/lua/prometheus-collectors
+ $(INSTALL_BIN) ./files/usr/lib/lua/prometheus-collectors/ltq-dsl.lua $(1)/usr/lib/lua/prometheus-collectors/
+endef
+
$(eval $(call BuildPackage,prometheus-node-exporter-lua))
$(eval $(call BuildPackage,prometheus-node-exporter-lua-nat_traffic))
$(eval $(call BuildPackage,prometheus-node-exporter-lua-netstat))
$(eval $(call BuildPackage,prometheus-node-exporter-lua-bmx7))
$(eval $(call BuildPackage,prometheus-node-exporter-lua-textfile))
$(eval $(call BuildPackage,prometheus-node-exporter-lua-openwrt))
+$(eval $(call BuildPackage,prometheus-node-exporter-lua-ltq-dsl))
--- /dev/null
+local function scrape()
+ local fd = io.popen("/etc/init.d/dsl_control lucistat")
+ local dsl_func = loadstring(fd:read("*a"))
+ fd:close()
+
+ if not dsl_func then
+ return
+ end
+
+ local dsl_stat = dsl_func()
+
+ local dsl_line_attenuation = metric("dsl_line_attenuation_db", "gauge")
+ local dsl_signal_attenuation = metric("dsl_signal_attenuation_db", "gauge")
+ local dsl_snr = metric("dsl_signal_to_noise_margin_db", "gauge")
+ local dsl_aggregated_transmit_power = metric("dsl_aggregated_transmit_power_db", "gauge")
+ local dsl_latency = metric("dsl_latency_seconds", "gauge")
+ local dsl_datarate = metric("dsl_datarate", "gauge")
+ local dsl_max_datarate = metric("dsl_max_datarate", "gauge")
+ local dsl_error_seconds_total = metric("dsl_error_seconds_total", "counter")
+ local dsl_errors_total = metric("dsl_errors_total", "counter")
+
+ -- dsl hardware/firmware information
+ metric("dsl_info", "gauge", {
+ atuc_vendor_id = dsl_stat.atuc_vendor_id,
+ atuc_system_vendor_id = dsl_stat.atuc_system_vendor_id,
+ chipset = dsl_stat.chipset,
+ firmware_version = dsl_stat.firmware_version,
+ api_version = dsl_stat.api_version,
+ }, 1)
+
+ -- dsl line settings information
+ metric("dsl_line_info", "gauge", {
+ xtse1 = dsl_stat.xtse1,
+ xtse2 = dsl_stat.xtse2,
+ xtse3 = dsl_stat.xtse3,
+ xtse4 = dsl_stat.xtse4,
+ xtse5 = dsl_stat.xtse5,
+ xtse6 = dsl_stat.xtse6,
+ xtse7 = dsl_stat.xtse7,
+ xtse8 = dsl_stat.xtse8,
+ annex = dsl_stat.annex_s,
+ mode = dsl_stat.line_mode_s,
+ profile = dsl_stat.profile_s,
+ }, 1)
+
+ -- dsl up is 1 if the line is up and running
+ local dsl_up
+ if dsl_stat.line_state == "UP" then
+ dsl_up = 1
+ else
+ dsl_up = 0
+ end
+
+ metric("dsl_up", "gauge", {
+ detail = dsl_stat.line_state_detail,
+ }, dsl_up)
+
+ -- dsl line status data
+ metric("dsl_uptime_seconds", "gauge", {}, dsl_stat.line_uptime)
+
+ -- dsl db measurements
+ dsl_line_attenuation({direction="down"}, dsl_stat.line_attenuation_down)
+ dsl_line_attenuation({direction="up"}, dsl_stat.line_attenuation_up)
+ dsl_signal_attenuation({direction="down"}, dsl_stat.signal_attenuation_down)
+ dsl_signal_attenuation({direction="up"}, dsl_stat.signal_attenuation_up)
+ dsl_snr({direction="down"}, dsl_stat.noise_margin_down)
+ dsl_snr({direction="up"}, dsl_stat.noise_margin_up)
+ dsl_aggregated_transmit_power({direction="down"}, dsl_stat.actatp_down)
+ dsl_aggregated_transmit_power({direction="up"}, dsl_stat.actatp_up)
+
+ -- dsl performance data
+ if dsl_stat.latency_down ~= nil then
+ dsl_latency({direction="down"}, dsl_stat.latency_down / 1000000)
+ dsl_latency({direction="up"}, dsl_stat.latency_up / 1000000)
+ end
+ dsl_datarate({direction="down"}, dsl_stat.data_rate_down)
+ dsl_datarate({direction="up"}, dsl_stat.data_rate_up)
+ dsl_max_datarate({direction="down"}, dsl_stat.max_data_rate_down)
+ dsl_max_datarate({direction="up"}, dsl_stat.max_data_rate_up)
+
+ -- dsl errors
+ dsl_error_seconds_total({err="forward error correction",loc="near"}, dsl_stat.errors_fec_near)
+ dsl_error_seconds_total({err="forward error correction",loc="far"}, dsl_stat.errors_fec_far)
+ dsl_error_seconds_total({err="errored",loc="near"}, dsl_stat.errors_es_near)
+ dsl_error_seconds_total({err="errored",loc="far"}, dsl_stat.errors_es_near)
+ dsl_error_seconds_total({err="severely errored",loc="near"}, dsl_stat.errors_ses_near)
+ dsl_error_seconds_total({err="severely errored",loc="near"}, dsl_stat.errors_ses_near)
+ dsl_error_seconds_total({err="loss of signal",loc="near"}, dsl_stat.errors_loss_near)
+ dsl_error_seconds_total({err="loss of signal",loc="far"}, dsl_stat.errors_loss_far)
+ dsl_error_seconds_total({err="unavailable",loc="near"}, dsl_stat.errors_uas_near)
+ dsl_error_seconds_total({err="unavailable",loc="far"}, dsl_stat.errors_uas_far)
+ dsl_errors_total({err="header error code error",loc="near"}, dsl_stat.errors_hec_near)
+ dsl_errors_total({err="header error code error",loc="far"}, dsl_stat.errors_hec_far)
+ dsl_errors_total({err="non pre-emptive crc error",loc="near"}, dsl_stat.errors_crc_p_near)
+ dsl_errors_total({err="non pre-emptive crc error",loc="far"}, dsl_stat.errors_crc_p_far)
+ dsl_errors_total({err="pre-emptive crc error",loc="near"}, dsl_stat.errors_crcp_p_near)
+ dsl_errors_total({err="pre-emptive crc error",loc="far"}, dsl_stat.errors_crcp_p_far)
+end
+
+return { scrape = scrape }
include $(TOPDIR)/rules.mk
PKG_NAME:=prometheus
-PKG_VERSION:=2.3.2
+PKG_VERSION:=2.6.0
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/prometheus/prometheus/tar.gz/v${PKG_VERSION}?
-PKG_HASH:=008282497e2e85de6fb17a698dfdae4a942026f623d8a9d45b911a765442cb58
+PKG_HASH:=e0d3e77e45466fd055726268354a02834968a3275791be6cbd17513ec7860c1d
PKG_LICENSE:=Apache-2.0
PKG_LICENSE_FILES:=LICENSE
include $(TOPDIR)/rules.mk
PKG_NAME:=pv
-PKG_VERSION:=1.5.3
+PKG_VERSION:=1.6.6
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_SOURCE_URL:=http://www.ivarch.com/programs/sources/
-PKG_HASH:=76f3999b1c3b3027163dce6ef667cdf8dafb75218ee25e54a03bfe590478f90e
+PKG_SOURCE_URL:=https://www.ivarch.com/programs/sources
+PKG_HASH:=608ef935f7a377e1439c181c4fc188d247da10d51a19ef79bcdee5043b0973f1
PKG_LICENSE:=Artistic-2.0
PKG_MAINTAINER:=Jo-Philipp Wich <jo@mein.io>
SECTION:=utils
CATEGORY:=Utilities
TITLE:=Shell pipeline element to meter data passing through
- URL:=http://www.ivarch.com/programs/pv.shtml
+ URL:=https://www.ivarch.com/programs/pv.shtml
endef
define Package/pv/description
include $(TOPDIR)/rules.mk
PKG_NAME:=qemu
-PKG_VERSION:=3.0.0
+PKG_VERSION:=3.1.0
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_HASH:=8d7af64fe8bd5ea5c3bdf17131a8b858491bcce1ee3839425a6d91fb821b5713
+PKG_HASH:=6a0508df079a0a33c2487ca936a56c12122f105b8a96a44374704bef6c69abfc
PKG_SOURCE_URL:=http://download.qemu.org/
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=LICENSE tcg/LICENSE
include $(TOPDIR)/rules.mk
PKG_NAME:=rtty
-PKG_VERSION:=6.3.1
+PKG_VERSION:=6.4.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_VERSION:=v$(PKG_VERSION)
PKG_SOURCE_URL=https://codeload.github.com/zhaojh329/rtty/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=1dd7852cd5a3615134dc1c6266157072652592bda847b44cc747ccfcaa27ce2f
+PKG_HASH:=9f3d792115f268f659c8d3e009591c5e92e2527427623db961f714c59fabe5fb
CMAKE_INSTALL:=1
PKG_BUILD_DIR=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_SOURCE_SUBDIR)
include $(TOPDIR)/rules.mk
PKG_NAME:=tio
-PKG_VERSION:=1.31
+PKG_VERSION:=1.32
PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
+PKG_SOURCE_URL:=https://github.com/tio/tio/releases/download/v$(PKG_VERSION)
+PKG_HASH:=a8f5ed6994cacb96780baa416b19e5a6d7d67e8c162a8ea4fd9eccd64984ae44
+
PKG_MAINTAINER:=
PKG_LICENSE:=GPL-2.0+
PKG_LICENSE_FILES:=COPYING
-PKG_SOURCE_URL:=https://github.com/$(PKG_NAME)/$(PKG_NAME)/releases/download/v$(PKG_VERSION)/
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_HASH:=4e72825914dac77c4587c0772accbd7a1292d5c5895bd49ad1477707b3203e42
-
PKG_FIXUP:=autoreconf
include $(INCLUDE_DIR)/package.mk
projects / feed / packages.git / commitdiff