From: Rosen Penev Date: Thu, 29 Jul 2021 19:37:06 +0000 (-0700) Subject: Merge pull request #16078 from ja-pa/fix-email X-Git-Url: http://git.openwrt.org/?a=commitdiff_plain;h=5ad6bb0a016d81eac015b167a513f263b0d5f0ef;hp=3ee2a087a393e02e40fb49345059d0f2f62a6556;p=feed%2Fpackages.git Merge pull request #16078 from ja-pa/fix-email treewide: change email address in PKG_MAINTAINER --- diff --git a/admin/syslog-ng/Makefile b/admin/syslog-ng/Makefile index 29692f6067..857b84dd0f 100644 --- a/admin/syslog-ng/Makefile +++ b/admin/syslog-ng/Makefile @@ -1,7 +1,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=syslog-ng -PKG_VERSION:=3.32.1 +PKG_VERSION:=3.33.2 PKG_RELEASE:=$(AUTORELEASE) PKG_MAINTAINER:=Josef Schlehofer @@ -11,7 +11,7 @@ PKG_CPE_ID:=cpe:/a:balabit:syslog-ng PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/syslog-ng/syslog-ng/releases/download/$(PKG_NAME)-$(PKG_VERSION)/ -PKG_HASH:=19e3b76552d82c71c04230526925402c9f05fa5e6ea19b912b061850929b712d +PKG_HASH:=0b786a06077b9150191d714f45a1b4b3792952cb58163a3af336f074da9fb14b PKG_BUILD_PARALLEL:=1 PKG_INSTALL:=1 @@ -58,6 +58,7 @@ CONFIGURE_ARGS += \ --enable-json=yes \ --enable-http=yes \ --disable-smtp \ + --disable-mqtt \ --disable-redis \ --disable-dependency-tracking \ --disable-python \ diff --git a/admin/syslog-ng/files/syslog-ng.conf b/admin/syslog-ng/files/syslog-ng.conf index 3f39a2fe46..6474d9cc21 100644 --- a/admin/syslog-ng/files/syslog-ng.conf +++ b/admin/syslog-ng/files/syslog-ng.conf @@ -4,7 +4,7 @@ # More details about these settings can be found here: # https://www.syslog-ng.com/technical-documents/list/syslog-ng-open-source-edition -@version: 3.31 +@version: 3.33 @include "scl.conf" options { diff --git a/devel/delve/Makefile b/devel/delve/Makefile index fc56d87d41..8d04344079 100644 --- a/devel/delve/Makefile +++ b/devel/delve/Makefile @@ -1,12 +1,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=delve -PKG_VERSION:=1.6.1 +PKG_VERSION:=1.7.0 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/go-delve/delve/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=e73f7fc063632268d3bdf53486aeafd98cceb8f86f4af56903dedfebaefe690d +PKG_HASH:=0504f7ea8d63a8f6eccac9f7071f9ac45f8123151ce53aedbf539f83808d122b PKG_LICENSE:=MIT PKG_LICENSE_FILES:=LICENSE diff --git a/devel/gitlab-runner/Makefile b/devel/gitlab-runner/Makefile index 57aae7c8c6..e9cc886e97 100644 --- a/devel/gitlab-runner/Makefile +++ b/devel/gitlab-runner/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=gitlab-runner -PKG_VERSION:=13.12.0 -PKG_RELEASE:=1 +PKG_VERSION:=14.0.1 +PKG_RELEASE:=$(AUTORELEASE) PKG_SOURCE:=$(PKG_NAME)-v$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://gitlab.com/gitlab-org/gitlab-runner/-/archive/v$(PKG_VERSION) -PKG_HASH:=5cf7c2af3a3682f1044ef374dfe7f014febba6e5a53fa442b7f114b10811831e +PKG_HASH:=22fe41816bb288c6f6513214f0d1d68d33d298aeaa9cd3a4f0a8393e6b20415f PKG_MAINTAINER:=Jan Pavlinec PKG_LICENSE:=MIT diff --git a/lang/erlang/Makefile b/lang/erlang/Makefile index 2be208715e..4d2adc57ea 100644 --- a/lang/erlang/Makefile +++ b/lang/erlang/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=erlang PKG_VERSION:=23.0 -PKG_RELEASE:=4 +PKG_RELEASE:=5 PKG_SOURCE:=otp_src_$(PKG_VERSION).tar.gz PKG_SOURCE_URL:= http://www.erlang.org/download/ @@ -22,6 +22,7 @@ PKG_CPE_ID:=cpe:/a:erlang:erlang PKG_BUILD_DEPENDS:=erlang/host openssl PKG_USE_MIPS16:=0 +PKG_ASLR_PIE:=0 HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/otp_src_$(PKG_VERSION) PKG_BUILD_DIR:=$(BUILD_DIR)/otp_src_$(PKG_VERSION) diff --git a/lang/golang/golang/Makefile b/lang/golang/golang/Makefile index 655a06d393..2beff8ca9a 100644 --- a/lang/golang/golang/Makefile +++ b/lang/golang/golang/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk GO_VERSION_MAJOR_MINOR:=1.16 -GO_VERSION_PATCH:=5 +GO_VERSION_PATCH:=6 PKG_NAME:=golang PKG_VERSION:=$(GO_VERSION_MAJOR_MINOR)$(if $(GO_VERSION_PATCH),.$(GO_VERSION_PATCH)) @@ -20,7 +20,7 @@ GO_SOURCE_URLS:=https://dl.google.com/go/ \ PKG_SOURCE:=go$(PKG_VERSION).src.tar.gz PKG_SOURCE_URL:=$(GO_SOURCE_URLS) -PKG_HASH:=7bfa7e5908c7cc9e75da5ddf3066d7cbcf3fd9fa51945851325eebc17f50ba80 +PKG_HASH:=a3a5d4bc401b51db065e4f93b523347a4d343ae0c0b08a65c3423b05a138037d PKG_MAINTAINER:=Jeffery To PKG_LICENSE:=BSD-3-Clause diff --git a/lang/lua-curl-v3/Makefile b/lang/lua-curl-v3/Makefile new file mode 100644 index 0000000000..5855b61a45 --- /dev/null +++ b/lang/lua-curl-v3/Makefile @@ -0,0 +1,43 @@ +# +# Copyright (C) 2021 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=lua-curl-v3 +PKG_VERSION:=0.3.13-snapshot +PKG_RELEASE:=1 +PKG_LICENSE:=MIT +PKG_LICENSE_FILES:=LICENSE + +PKG_SOURCE_URL:=https://github.com/Lua-cURL/Lua-cURLv3.git +PKG_MIRROR_HASH:=84a12b287cafc984df3e58b438b2b2d1092054e002144f225dee1c2efb18c8d3 +PKG_SOURCE_PROTO:=git +PKG_SOURCE_VERSION:=9f8b6dba8b5ef1b26309a571ae75cda4034279e5 + +include $(INCLUDE_DIR)/package.mk + +define Package/lua-curl-v3 + SUBMENU:=Lua + SECTION:=lang + CATEGORY:=Languages + TITLE:=Lua-curl + DEPENDS:=+libcurl +lua + MAINTAINER:=Rainer Poisel +endef + +define Package/lua-curl-v3/description + Lua bindings to libcurl (Lua-cURLv3) +endef + +define Package/lua-curl-v3/install + $(INSTALL_DIR) $(1)/usr/lib/lua + $(INSTALL_BIN) $(PKG_BUILD_DIR)/lcurl.so $(1)/usr/lib/lua + $(CP) $(PKG_BUILD_DIR)/src/lua/* $(1)/usr/lib/lua +endef + +$(eval $(call BuildPackage,lua-curl-v3)) + diff --git a/lang/luaossl/Makefile b/lang/luaossl/Makefile new file mode 100644 index 0000000000..62e6c427df --- /dev/null +++ b/lang/luaossl/Makefile @@ -0,0 +1,59 @@ +# +# Copyright (C) 2021 Siger Yang +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=luaossl +PKG_VERSION:=20200709 +PKG_RELEASE:=1 +PKG_MAINTAINER:=Siger Yang + +PKG_MIRROR_HASH:=6dbca3cdc50ed7e3b0821783da2407accfb6d25addc3edf1d8e17b00530f5a25 +PKG_SOURCE_URL:=https://github.com/wahern/luaossl.git +PKG_SOURCE_VERSION:=rel-$(PKG_VERSION) +PKG_SOURCE_PROTO:=git + +PKG_LICENSE:=MIT +PKG_LICENSE_FILES:=LICENSE + +PKG_INSTALL:=1 + +include $(INCLUDE_DIR)/package.mk + +define Package/luaossl + SUBMENU:=Lua + SECTION:=lang + CATEGORY:=Languages + TITLE:=Comprehensive binding to OpenSSL for Lua 5.1, 5.2, and later + URL:=http://25thandclement.com/~william/projects/luaossl.html + DEPENDS:=+liblua +libopenssl +endef + +define Package/luaossl/description + luaossl is a comprehensive binding to OpenSSL for Lua 5.1, 5.2, and + later. It includes support for certificate and key management, key + generation, signature verification, and deep bindings to the + distinguished name, alternative name, and X.509v3 extension interfaces. +endef + +TARGET_CFLAGS += $(FPIC) +TARGET_LDFLAGS += $(FPIC) + +MAKE_FLAGS += \ + LUA_APIS="5.1" \ + lua51cpath="/usr/lib/lua" \ + lua51path="/usr/lib/lua" + +define Package/luaossl/install + $(INSTALL_DIR) $(1)/usr/lib/lua + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/lua/_openssl.so $(1)/usr/lib/lua/ + $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/lua/openssl.lua $(1)/usr/lib/lua/ + + $(CP) $(PKG_INSTALL_DIR)/usr/lib/lua/openssl $(1)/usr/lib/lua/ +endef + +$(eval $(call BuildPackage,luaossl)) diff --git a/lang/python/host-pip-requirements/Cython.txt b/lang/python/host-pip-requirements/Cython.txt index fb7a7f4726..bf3e501140 100644 --- a/lang/python/host-pip-requirements/Cython.txt +++ b/lang/python/host-pip-requirements/Cython.txt @@ -1 +1 @@ -Cython==0.29.21 --hash=sha256:e57acb89bd55943c8d8bf813763d20b9099cc7165c0f16b707631a7654be9cad +Cython==0.29.23 --hash=sha256:6a0d31452f0245daacb14c979c77e093eb1a546c760816b5eed0047686baad8e diff --git a/lang/python/host-pip-requirements/cffi.txt b/lang/python/host-pip-requirements/cffi.txt index 197978aad8..f76447d86c 100644 --- a/lang/python/host-pip-requirements/cffi.txt +++ b/lang/python/host-pip-requirements/cffi.txt @@ -1,2 +1,2 @@ -cffi==1.14.5 --hash=sha256:fd78e5fee591709f32ef6edb9a015b4aa1a5022598e36227500c8f4e02328d9c +cffi==1.14.6 --hash=sha256:c9a875ce9d7fe32887784274dd533c57909b7b1dcadcc128a2ac21331a9765dd pycparser==2.20 --hash=sha256:2d475327684562c3a96cc71adf7dc8c4f0565175cf86b6d7a404ff4c771f15f0 diff --git a/lang/python/numpy/Makefile b/lang/python/numpy/Makefile index 6b417a775c..f3b38a819d 100644 --- a/lang/python/numpy/Makefile +++ b/lang/python/numpy/Makefile @@ -6,11 +6,11 @@ include $(TOPDIR)/rules.mk PKG_NAME:=numpy -PKG_VERSION:=1.20.2 -PKG_RELEASE:=1 +PKG_VERSION:=1.21.1 +PKG_RELEASE:=2 PYPI_NAME:=$(PKG_NAME) -PKG_HASH:=878922bf5ad7550aa044aa9301d417e2d3ae50f0f577de92051d739ac6096cee +PKG_HASH:=dff4af63638afcc57a3dfb9e4b26d434a7a602d225b42d746ea7fe2edf1342fd PKG_MAINTAINER:=Alexandru Ardelean @@ -18,6 +18,9 @@ PKG_LICENSE:=BSD-3-Clause PKG_LICENSE_FILES:=LICENSE.txt PKG_CPE_ID:=cpe:/a:numpy:numpy +PKG_CONFIG_DEPENDS:= \ + CONFIG_NUMPY_OPENBLAS_SUPPORT + # yes, zip... sigh PYPI_SOURCE_EXT:=zip HOST_PYTHON3_PACKAGE_BUILD_DEPENDS:=Cython @@ -32,7 +35,38 @@ define Package/python3-numpy CATEGORY:=Languages TITLE:=The fundamental package for scientific computing with Python URL:=https://www.numpy.org/ - DEPENDS:=@!SOFT_FLOAT +INSTALL_GFORTRAN:libgfortran +python3 + DEPENDS:=@!SOFT_FLOAT +INSTALL_GFORTRAN:libgfortran +python3 \ + +NUMPY_OPENBLAS_SUPPORT:openblas +endef + +# We need to duplicate the omitted arhitectures same as openblas +define Package/python3-numpy/config +menu "Configuration" +depends on !powerpc +depends on !arc + +config NUMPY_OPENBLAS_SUPPORT + bool "Enable OpenBLAS support" + default n + +endmenu +endef + +ifdef CONFIG_NUMPY_OPENBLAS_SUPPORT +define Build/Prepare/numpy-sitecfg + echo "[DEFAULT]" > $(PKG_BUILD_DIR)/site.cfg + echo "library_dirs = $(STAGING_DIR)/usr/lib" >> $(PKG_BUILD_DIR)/site.cfg + echo "include_dirs = $(STAGING_DIR)/usr/include" >> $(PKG_BUILD_DIR)/site.cfg + echo >> $(PKG_BUILD_DIR)/site.cfg + echo "[openblas]" >> $(PKG_BUILD_DIR)/site.cfg + echo "libraries = openblas" >> $(PKG_BUILD_DIR)/site.cfg + echo "runtime_library_dirs = /usr/lib" >> $(PKG_BUILD_DIR)/site.cfg +endef +endif + +define Build/Prepare + $(call Build/Prepare/Default) + $(call Build/Prepare/numpy-sitecfg) endef define Package/python3-numpy/description diff --git a/lang/python/pillow/Makefile b/lang/python/pillow/Makefile index 90599ac0ee..828afd8eef 100644 --- a/lang/python/pillow/Makefile +++ b/lang/python/pillow/Makefile @@ -7,11 +7,11 @@ include $(TOPDIR)/rules.mk PKG_NAME:=pillow -PKG_VERSION:=8.3.0 +PKG_VERSION:=8.3.1 PKG_RELEASE:=1 PYPI_NAME:=Pillow -PKG_HASH:=803606e206f3e366eea46b1e7ab4dac74cfac770d04de9c35319814e11e47c46 +PKG_HASH:=2cac53839bfc5cece8fdbe7f084d5e3ee61e1303cccc86511d351adcb9e2c792 PKG_MAINTAINER:=Alexandru Ardelean PKG_LICENSE:=HPND diff --git a/lang/python/python-cffi/Makefile b/lang/python/python-cffi/Makefile index aeff3bae55..502a6f77a8 100644 --- a/lang/python/python-cffi/Makefile +++ b/lang/python/python-cffi/Makefile @@ -8,11 +8,11 @@ include $(TOPDIR)/rules.mk PKG_NAME:=python-cffi -PKG_VERSION:=1.14.5 +PKG_VERSION:=1.14.6 PKG_RELEASE:=1 PYPI_NAME:=cffi -PKG_HASH:=fd78e5fee591709f32ef6edb9a015b4aa1a5022598e36227500c8f4e02328d9c +PKG_HASH:=c9a875ce9d7fe32887784274dd533c57909b7b1dcadcc128a2ac21331a9765dd PKG_LICENSE:=MIT PKG_LICENSE_FILES:=LICENSE diff --git a/lang/python/python-dateutil/Makefile b/lang/python/python-dateutil/Makefile index 7c8de81678..394a307b6f 100644 --- a/lang/python/python-dateutil/Makefile +++ b/lang/python/python-dateutil/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=python-dateutil -PKG_VERSION:=2.8.1 -PKG_RELEASE:=3 +PKG_VERSION:=2.8.2 +PKG_RELEASE:=1 PKG_LICENSE:=BSD-2-Clause PYPI_NAME:=$(PKG_NAME) -PKG_HASH:=73ebfe9dbf22e832286dafa60473e4cd239f8592f699aa5adaf10050e6e1823c +PKG_HASH:=0123cacc1627ae19ddf3c27a5de5bd67ee4586fbdd6440d9748f8abb483d3e86 PKG_MAINTAINER:=Alexandru Ardelean HOST_PYTHON3_PACKAGE_BUILD_DEPENDS:=setuptools-scm diff --git a/lang/python/python-requests/Makefile b/lang/python/python-requests/Makefile index a32e590a55..5853897bee 100644 --- a/lang/python/python-requests/Makefile +++ b/lang/python/python-requests/Makefile @@ -8,8 +8,8 @@ include $(TOPDIR)/rules.mk PKG_NAME:=python-requests -PKG_VERSION:=2.25.1 -PKG_RELEASE:=2 +PKG_VERSION:=2.26.0 +PKG_RELEASE:=1 PKG_MAINTAINER:=Josef Schlehofer , Alexandru Ardelean PKG_LICENSE:=Apache-2.0 @@ -17,7 +17,7 @@ PKG_LICENSE_FILES:=LICENSE PKG_CPE_ID:=cpe:/a:python-requests:requests PYPI_NAME:=requests -PKG_HASH:=27973dd4a904a4f13b263a19c866c13b92a39ed1c964655f025f3f8d3d75b804 +PKG_HASH:=b8aa58f8cf793ffd8782d3d8cb19e66ef36f7aba4353eec859e74678b01b07a7 include ../pypi.mk include $(INCLUDE_DIR)/package.mk diff --git a/lang/python/python-requests/patches/0001-idna-dependency-bump.patch b/lang/python/python-requests/patches/0001-idna-dependency-bump.patch deleted file mode 100644 index 72ffb45261..0000000000 --- a/lang/python/python-requests/patches/0001-idna-dependency-bump.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 9484e13c7da927119fe82794bb5571cec144b6d7 Mon Sep 17 00:00:00 2001 -From: Naor Livne -Date: Fri, 1 Jan 2021 14:31:14 +0200 -Subject: [PATCH 1/2] bump idna has version 3.0 was released - -Fixes issue (https://github.com/psf/requests/issues/5710): -pkg_resources.ContextualVersionConflict: (idna 3.0 (/usr/lib/python3.9/site-packages), Requirement.parse('idna<3,>=2.5'), {'requests'}) -Origin of this patch: -https://github.com/psf/requests/pull/5711 - ---- - setup.py | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - ---- a/setup.py -+++ b/setup.py -@@ -43,7 +43,7 @@ packages = ['requests'] - - requires = [ - 'chardet>=3.0.2,<5', -- 'idna>=2.5,<3', -+ 'idna>=2.5,<4', - 'urllib3>=1.21.1,<1.27', - 'certifi>=2017.4.17' - diff --git a/lang/python/python-requests/patches/0002-idna-dependency-bump.patch b/lang/python/python-requests/patches/0002-idna-dependency-bump.patch deleted file mode 100644 index 9df2ddc898..0000000000 --- a/lang/python/python-requests/patches/0002-idna-dependency-bump.patch +++ /dev/null @@ -1,25 +0,0 @@ -From d3e00a4958af046879f24de365d5589d861ea6ef Mon Sep 17 00:00:00 2001 -From: Naor Livne -Date: Tue, 5 Jan 2021 16:31:15 +0200 -Subject: [PATCH 2/2] Update setup.py -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Co-authored-by: Mickaël Schoentgen ---- - setup.py | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - ---- a/setup.py -+++ b/setup.py -@@ -43,7 +43,8 @@ packages = ['requests'] - - requires = [ - 'chardet>=3.0.2,<5', -- 'idna>=2.5,<4', -+ 'idna>=2.5,<3 ; python_version < "3"', -+ 'idna>=2.5,<4 ; python_version >= "3"', - 'urllib3>=1.21.1,<1.27', - 'certifi>=2017.4.17' - diff --git a/lang/python/python-simplejson/Makefile b/lang/python/python-simplejson/Makefile index 1d3c646836..bd4f4f2b8b 100644 --- a/lang/python/python-simplejson/Makefile +++ b/lang/python/python-simplejson/Makefile @@ -8,13 +8,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=python-simplejson -PKG_VERSION:=3.17.2 +PKG_VERSION:=3.17.3 PKG_RELEASE:=1 PKG_LICENSE:=MIT PKG_CPE_ID:=cpe:/a:simplejson_project:simplejson PYPI_NAME:=simplejson -PKG_HASH:=75ecc79f26d99222a084fbdd1ce5aad3ac3a8bd535cd9059528452da38b68841 +PKG_HASH:=da72a452bcf4349fc467a12b54ab0e63e654a571cacc44084826d52bde12b6ee +PKG_MAINTAINER:=Alexandru Ardelean include ../pypi.mk include $(INCLUDE_DIR)/package.mk @@ -24,7 +25,6 @@ define Package/python3-simplejson SUBMENU:=Python SECTION:=lang CATEGORY:=Languages - MAINTAINER:=Alexandru Ardelean TITLE:=Simple, fast, extensible JSON encoder/decoder URL:=https://simplejson.readthedocs.org/ DEPENDS:=+python3-light +python3-decimal diff --git a/lang/python/python3/Makefile b/lang/python/python3/Makefile index 17356c71e2..794d003b1f 100644 --- a/lang/python/python3/Makefile +++ b/lang/python/python3/Makefile @@ -11,7 +11,7 @@ include $(TOPDIR)/rules.mk include ../python3-version.mk PKG_NAME:=python3 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_VERSION:=$(PYTHON3_VERSION).$(PYTHON3_VERSION_MICRO) PKG_SOURCE:=Python-$(PKG_VERSION).tar.xz diff --git a/lang/python/python3/files/python3-package-dbm.mk b/lang/python/python3/files/python3-package-dbm.mk index 409940229a..ede9af1631 100644 --- a/lang/python/python3/files/python3-package-dbm.mk +++ b/lang/python/python3/files/python3-package-dbm.mk @@ -8,10 +8,11 @@ define Package/python3-dbm $(call Package/python3/Default) TITLE:=Python $(PYTHON3_VERSION) dbm module - DEPENDS:=+python3-light +libdb47 + DEPENDS:=+python3-light +libgdbm endef $(eval $(call Py3BasePackage,python3-dbm, \ /usr/lib/python$(PYTHON3_VERSION)/dbm \ /usr/lib/python$(PYTHON3_VERSION)/lib-dynload/_dbm.$(PYTHON3_SO_SUFFIX) \ + /usr/lib/python$(PYTHON3_VERSION)/lib-dynload/_gdbm.$(PYTHON3_SO_SUFFIX) \ )) diff --git a/lang/python/python3/files/python3-package-gdbm.mk b/lang/python/python3/files/python3-package-gdbm.mk deleted file mode 100644 index 7f98badf37..0000000000 --- a/lang/python/python3/files/python3-package-gdbm.mk +++ /dev/null @@ -1,16 +0,0 @@ -# -# Copyright (C) 2006-2016 OpenWrt.org -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -define Package/python3-gdbm -$(call Package/python3/Default) - TITLE:=Python $(PYTHON3_VERSION) gdbm module - DEPENDS:=+python3-light +libgdbm -endef - -$(eval $(call Py3BasePackage,python3-gdbm, \ - /usr/lib/python$(PYTHON3_VERSION)/lib-dynload/_gdbm.$(PYTHON3_SO_SUFFIX) \ -)) diff --git a/lang/ruby/Makefile b/lang/ruby/Makefile index 47413eead1..b28c68b2c2 100644 --- a/lang/ruby/Makefile +++ b/lang/ruby/Makefile @@ -11,7 +11,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=ruby -PKG_VERSION:=3.0.1 +PKG_VERSION:=3.0.2 PKG_RELEASE:=1 # First two numbes @@ -19,7 +19,7 @@ PKG_ABI_VERSION:=$(subst $(space),.,$(wordlist 1, 2, $(subst .,$(space),$(PKG_VE PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://cache.ruby-lang.org/pub/ruby/$(PKG_ABI_VERSION)/ -PKG_HASH:=d06bccd382d03724b69f674bc46cd6957ba08ed07522694ce44b9e8ffc9c48e2 +PKG_HASH:=570e7773100f625599575f363831166d91d49a1ab97d3ab6495af44774155c40 PKG_MAINTAINER:=Luiz Angelo Daros de Luca PKG_LICENSE:=BSD-2-Clause PKG_LICENSE_FILES:=COPYING diff --git a/lang/ruby/patches/100-musl.patch b/lang/ruby/patches/100-musl.patch index 7ae57f0106..21645b7a0a 100644 --- a/lang/ruby/patches/100-musl.patch +++ b/lang/ruby/patches/100-musl.patch @@ -3,7 +3,7 @@ which was originally based on this file. --- a/configure.ac +++ b/configure.ac -@@ -2441,7 +2441,10 @@ AS_CASE([$rb_cv_coroutine], [yes|''], [ +@@ -2471,7 +2471,10 @@ AS_CASE([$rb_cv_coroutine], [yes|''], [ rb_cv_coroutine=copy ], [ diff --git a/libs/alsa-lib/Makefile b/libs/alsa-lib/Makefile index 691ab4fbfe..ffdba1103a 100644 --- a/libs/alsa-lib/Makefile +++ b/libs/alsa-lib/Makefile @@ -100,10 +100,13 @@ define Package/alsa-lib/install $(PKG_INSTALL_DIR)/usr/lib/libatopology.so.* \ $(1)/usr/lib/ - $(INSTALL_DIR) $(1)/usr/share/alsa/{cards,pcm} + $(INSTALL_DIR) $(1)/usr/share/alsa/{cards,ctl,pcm} $(INSTALL_DATA) \ $(PKG_INSTALL_DIR)/usr/share/alsa/alsa.conf \ $(1)/usr/share/alsa/ + $(INSTALL_DATA) \ + $(PKG_INSTALL_DIR)/usr/share/alsa/ctl/* \ + $(1)/usr/share/alsa/ctl/ $(INSTALL_DATA) \ $(PKG_INSTALL_DIR)/usr/share/alsa/pcm/* \ $(1)/usr/share/alsa/pcm/ diff --git a/libs/boost/patches/030-sparc.patch b/libs/boost/patches/030-sparc.patch new file mode 100644 index 0000000000..da5a3a4c59 --- /dev/null +++ b/libs/boost/patches/030-sparc.patch @@ -0,0 +1,15 @@ +--- a/boost/predef/architecture/sparc.h ++++ b/boost/predef/architecture/sparc.h +@@ -34,10 +34,10 @@ http://en.wikipedia.org/wiki/SPARC[SPARC + + #if defined(__sparc__) || defined(__sparc) + # undef BOOST_ARCH_SPARC +-# if !defined(BOOST_ARCH_SPARC) && (defined(__sparcv9) || defined(__sparc_v9__) ++# if !defined(BOOST_ARCH_SPARC) && (defined(__sparcv9) || defined(__sparc_v9__)) + # define BOOST_ARCH_SPARC BOOST_VERSION_NUMBER(9,0,0) + # endif +-# if !defined(BOOST_ARCH_SPARC) && (defined(__sparcv8) || defined(__sparc_v8__) ++# if !defined(BOOST_ARCH_SPARC) && (defined(__sparcv8) || defined(__sparc_v8__)) + # define BOOST_ARCH_SPARC BOOST_VERSION_NUMBER(8,0,0) + # endif + # if !defined(BOOST_ARCH_SPARC) diff --git a/libs/elektra/Makefile b/libs/elektra/Makefile index 7a900e57b8..fd48fb79b3 100644 --- a/libs/elektra/Makefile +++ b/libs/elektra/Makefile @@ -14,11 +14,11 @@ PKG_MAINTAINER:=Harald Geyer PKG_NAME:=elektra PKG_LICENSE:=BSD-3-Clause PKG_LICENSE_FILES:=LICENSE.md -PKG_VERSION:=0.9.2 -PKG_RELEASE:=3 +PKG_VERSION:=0.9.7 +PKG_RELEASE:=1 # Use this for official releasees -PKG_HASH:=6f2fcf8aaed8863e1cc323265ca2617751ca50dac974b43a0811bcfd4a511f2e +PKG_HASH:=12b7b046004db29317b7b937dc794abf719c400ba3115af8d41849127b562681 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://ftp.libelektra.org/ftp/elektra/releases @@ -98,8 +98,8 @@ endef define CONTENT_ELEKTRA_PLUGINS_TEXT base64 conditionals csvstorage date file filecheck glob hexcode -hexnumber hidden hosts iconv ipaddr keytometa line lineendings list -mathcheck macaddr mini network null path profile quickdump +hexnumber hosts iconv ipaddr keytometa line lineendings list +mathcheck macaddr mini network path profile quickdump range reference rgbcolor shell syslog type uname unit validation endef @@ -130,19 +130,6 @@ Currently these are: $(CONTENT_ELEKTRA_CPP) endef -define Package/libelektra-boost - $(call Package/libelektra/Default) - TITLE:=Elektra plugins depending on boost - DEPENDS:=+libelektra-core +libstdcpp +boost -endef - -define Package/libelektra-boost/description -$(call Package/libelektra/Default-description) - -This package contains plugins written in C++ with an dependency on -boost. Currently this is a plugin for a tcl like format. -endef - define Package/libelektra-crypto $(call Package/libelektra/Default) TITLE:=Elektra crypto plugin @@ -180,6 +167,32 @@ This package contains support for dbus notification on configuration changes. endef +define Package/libelektra-ev + $(call Package/libelektra/Default) + TITLE:=Elektra libev binding plugin + DEPENDS:=+libelektra-core +libev +endef + +define Package/libelektra-ev/description +$(call Package/libelektra/Default-description) + +This package contains support for notification on configuration +changes via libev events. +endef + +define Package/libelektra-uv + $(call Package/libelektra/Default) + TITLE:=Elektra libuv binding plugin + DEPENDS:=+libelektra-core +libuv +endef + +define Package/libelektra-uv/description +$(call Package/libelektra/Default-description) + +This package contains support for notification on configuration +changes via libuv events. +endef + define Package/libelektra-xerces $(call Package/libelektra/Default) TITLE:=Elektra xerces based xml plugin @@ -270,7 +283,7 @@ endef define CONTENT_EXTRA_PLUGINS_TEXT blockresolver c constants counter desktop dpkg error fcrypt fstab logchange mozprefs passwd process rename -timeofday tracer yamlsmith +timeofday tracer endef CONTENT_ELEKTRA_EXTRA:=$(strip $(CONTENT_EXTRA_PLUGINS_TEXT)) @@ -295,16 +308,18 @@ CMAKE_OPTIONS += \ -DFORCE_IN_SOURCE_BUILD=ON \ -DBUILD_TESTING=OFF \ -DKDB_DEFAULT_RESOLVER=resolver_fm_pb_b \ - -DKDB_DEFAULT_STORAGE=ini \ + -DKDB_DEFAULT_STORAGE=toml \ -DENABLE_OPTIMIZATIONS=OFF \ - -DPLUGINS="ALL;-gpgme;-internalnotification;-multifile;-simpleini" \ + -DPLUGINS="ALL;-gpgme;-multifile;-simpleini" \ -DIconv_INCLUDE_DIR="$(ICONV_PREFIX)/include" \ -DIconv_LIBRARY="$(ICONV_PREFIX)/lib/libiconv.$(if $(CONFIG_BUILD_NLS),so,a)" \ - -DBINDINGS="MAINTAINED;-intercept_env;-intercept_fs;-io_uv;-io_ev;-io_glib" + -DBINDINGS="MAINTAINED;-intercept_env;-intercept_fs;-io_glib" define Package/libelektra-core/install $(INSTALL_DIR) $(1)/etc/kdb/ + $(INSTALL_DIR) $(1)/etc/profile.d/ $(INSTALL_DIR) $(1)/usr/lib/ + $(INSTALL_DATA) files/elektra.profile $(1)/etc/profile.d/elektra.sh $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-core.so* $(1)/usr/lib/ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-ease.so* $(1)/usr/lib/ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-globbing.so* $(1)/usr/lib/ @@ -314,22 +329,22 @@ define Package/libelektra-core/install $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-kdb.so* $(1)/usr/lib/ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-merge.so* $(1)/usr/lib/ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-meta.so* $(1)/usr/lib/ - #The next is excluded because of an upstream bug - #$(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-notification.so* $(1)/usr/lib/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-notification.so* $(1)/usr/lib/ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-opts.so* $(1)/usr/lib/ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-plugin.so* $(1)/usr/lib/ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-pluginprocess.so* $(1)/usr/lib/ - $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-proposal.so* $(1)/usr/lib/ #The next is only supported with glibc, so skip it. #$(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektraintercept-* $(1)/usr/lib/ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-resolver_fm_pb_b.so $(1)/usr/lib/ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-utility.so* $(1)/usr/lib/ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-cache.so $(1)/usr/lib/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-internalnotification.so $(1)/usr/lib/ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-mmapstorage.so $(1)/usr/lib/ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-ni.so $(1)/usr/lib/ - $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-ini.so $(1)/usr/lib/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-spec.so $(1)/usr/lib/ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-sync.so $(1)/usr/lib/ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-storage.so $(1)/usr/lib/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-toml.so $(1)/usr/lib/ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-resolver.so $(1)/usr/lib/ endef @@ -354,11 +369,6 @@ define Package/libelektra-plugins/install $(CP) $(foreach plugin,$(CONTENT_ELEKTRA_PLUGINS),$(PKG_INSTALL_DIR)/usr/lib/libelektra-$(plugin).so) $(1)/usr/lib/ endef -define Package/libelektra-boost/install - $(INSTALL_DIR) $(1)/usr/lib/ - $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-tcl.so $(1)/usr/lib/ -endef - define Package/libelektra-cpp/install $(INSTALL_DIR) $(1)/usr/lib/ $(CP) $(foreach plugin,$(CONTENT_ELEKTRA_CPP),$(PKG_INSTALL_DIR)/usr/lib/libelektra-$(plugin).so) $(1)/usr/lib/ @@ -380,6 +390,16 @@ define Package/libelektra-dbus/install $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-dbusrecv.so $(1)/usr/lib/ endef +define Package/libelektra-ev/install + $(INSTALL_DIR) $(1)/usr/lib/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-io-ev.so $(1)/usr/lib/ +endef + +define Package/libelektra-uv/install + $(INSTALL_DIR) $(1)/usr/lib/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-io-uv.so $(1)/usr/lib/ +endef + define Package/libelektra-xerces/install $(INSTALL_DIR) $(1)/usr/lib/ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libelektra-xerces.so $(1)/usr/lib/ @@ -432,15 +452,16 @@ $(eval $(call BuildPackage,libelektra-core)) $(eval $(call BuildPackage,elektra-kdb)) $(eval $(call BuildPackage,libelektra-resolvers)) $(eval $(call BuildPackage,libelektra-plugins)) -$(eval $(call BuildPackage,libelektra-boost)) $(eval $(call BuildPackage,libelektra-cpp)) $(eval $(call BuildPackage,libelektra-curlget)) $(eval $(call BuildPackage,libelektra-crypto)) $(eval $(call BuildPackage,libelektra-dbus)) +$(eval $(call BuildPackage,libelektra-ev)) +$(eval $(call BuildPackage,libelektra-uv)) $(eval $(call BuildPackage,libelektra-xerces)) -$(eval $(call BuildPackage,libelektra-yamlcpp)) $(eval $(call BuildPackage,libelektra-xml)) $(eval $(call BuildPackage,libelektra-yajl)) +$(eval $(call BuildPackage,libelektra-yamlcpp)) $(eval $(call BuildPackage,libelektra-python3)) $(eval $(call BuildPackage,libelektra-lua)) $(eval $(call BuildPackage,libelektra-zmq)) diff --git a/libs/elektra/files/elektra.profile b/libs/elektra/files/elektra.profile new file mode 100644 index 0000000000..3df9be8fbb --- /dev/null +++ b/libs/elektra/files/elektra.profile @@ -0,0 +1 @@ +export XDG_CACHE_HOME=/tmp/ diff --git a/libs/elektra/patches/010-gcc11.patch b/libs/elektra/patches/010-gcc11.patch deleted file mode 100644 index 3a91cbe975..0000000000 --- a/libs/elektra/patches/010-gcc11.patch +++ /dev/null @@ -1,19 +0,0 @@ -From 7b57dc698834937b6913887544c6416e7f39192d Mon Sep 17 00:00:00 2001 -From: Mihael Pranjic -Date: Mon, 26 Apr 2021 14:53:21 +0200 -Subject: [PATCH] kdb: add missing include - ---- - src/tools/kdb/cmdline.cpp | 1 + - 1 file changed, 1 insertion(+) - ---- a/src/tools/kdb/cmdline.cpp -+++ b/src/tools/kdb/cmdline.cpp -@@ -16,6 +16,7 @@ - - #include - #include -+#include - #include - #include - diff --git a/libs/file/patches/100-magic-remove-u-from-pattern.patch b/libs/file/patches/100-magic-remove-u-from-pattern.patch new file mode 100644 index 0000000000..a69e65f32c --- /dev/null +++ b/libs/file/patches/100-magic-remove-u-from-pattern.patch @@ -0,0 +1,24 @@ +From 6b34436ac766dae64749b8d14f18c6910be40131 Mon Sep 17 00:00:00 2001 +From: Christos Zoulas +Date: Mon, 5 Apr 2021 16:36:14 +0000 +Subject: [PATCH] remove "u" from the pattern (Joerg Jenderek) + +--- + magic/Magdir/mail.news | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/magic/Magdir/mail.news ++++ b/magic/Magdir/mail.news +@@ -1,5 +1,5 @@ + #------------------------------------------------------------------------------ +-# $File: mail.news,v 1.26 2021/03/21 14:37:03 christos Exp $ ++# $File: mail.news,v 1.27 2021/04/05 16:36:14 christos Exp $ + # mail.news: file(1) magic for mail and news + # + # Unfortunately, saved netnews also has From line added in some news software. +@@ -81,4 +81,4 @@ + # File format spec: https://wiki.dovecot.org/Design/Dcrypt/#File_format + # From: Stephen Gildea + 0 string CRYPTED\003\007 Dovecot encrypted message +->9 byte xu \b, dcrypt version %d ++>9 byte x \b, dcrypt version %d diff --git a/libs/gdbm/Makefile b/libs/gdbm/Makefile index 8e0e85d706..b23cb74c96 100644 --- a/libs/gdbm/Makefile +++ b/libs/gdbm/Makefile @@ -19,7 +19,7 @@ PKG_MAINTAINER:=Marcel Denia PKG_LICENSE:=GPL-3.0-or-later PKG_LICENSE_FILES:=COPYING -PKG_INSTALL:=1 +PKG_INSTALL:=2 PKG_BUILD_PARALLEL:=0 include $(INCLUDE_DIR)/package.mk @@ -38,8 +38,8 @@ define Package/libgdbm/description endef CONFIGURE_ARGS += \ - --enable-shared \ - --enable-static + --enable-libgdbm-compat \ + --enable-shared define Build/Compile +$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \ @@ -51,14 +51,16 @@ endef define Build/InstallDev $(INSTALL_DIR) $(1)/usr/include - $(CP) $(PKG_INSTALL_DIR)/usr/include/gdbm.h $(1)/usr/include/ + $(CP) $(PKG_INSTALL_DIR)/usr/include/{gdbm,ndbm}.h $(1)/usr/include/ $(INSTALL_DIR) $(1)/usr/lib - $(CP) $(PKG_INSTALL_DIR)/usr/lib/libgdbm.{a,so*} $(1)/usr/lib/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libgdbm.so* $(1)/usr/lib/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libgdbm_compat.so* $(1)/usr/lib/ endef define Package/libgdbm/install $(INSTALL_DIR) $(1)/usr/lib $(CP) $(PKG_INSTALL_DIR)/usr/lib/libgdbm.so.* $(1)/usr/lib/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libgdbm_compat.so* $(1)/usr/lib/ endef $(eval $(call BuildPackage,libgdbm)) diff --git a/libs/ibrcommon/Makefile b/libs/ibrcommon/Makefile index 43e26252d9..b1adfd39fd 100644 --- a/libs/ibrcommon/Makefile +++ b/libs/ibrcommon/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=ibrcommon PKG_VERSION:=1.0.1 -PKG_RELEASE:=8 +PKG_RELEASE:=9 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://www.ibr.cs.tu-bs.de/projects/ibr-dtn/releases @@ -32,6 +32,8 @@ endef CONFIGURE_ARGS += \ --with-openssl +TARGET_CXXFLAGS += -std=c++11 + define Package/ibrcommon/description A library with common functions for C++. endef diff --git a/libs/ibrdtn/Makefile b/libs/ibrdtn/Makefile index d85b2573a0..a318084abc 100644 --- a/libs/ibrdtn/Makefile +++ b/libs/ibrdtn/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=ibrdtn PKG_VERSION:=1.0.1 -PKG_RELEASE:=3 +PKG_RELEASE:=4 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://www.ibr.cs.tu-bs.de/projects/ibr-dtn/releases @@ -37,6 +37,8 @@ CONFIGURE_ARGS += \ --with-compression \ --without-glib +TARGET_CXXFLAGS +=-std=c++11 + define Build/InstallDev $(INSTALL_DIR) $(1) $(CP) $(PKG_INSTALL_DIR)/* $(1)/ diff --git a/libs/libndpi/Makefile b/libs/libndpi/Makefile index bc4437dfa5..772c2d76bd 100644 --- a/libs/libndpi/Makefile +++ b/libs/libndpi/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=libndpi -PKG_VERSION:=3.4 -PKG_RELEASE:=2 +PKG_VERSION:=4.0 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/ntop/nDPI/tar.gz/$(PKG_VERSION)? -PKG_HASH:=dc9b291c7fde94edb45fb0f222e0d93c93f8d6d37f4efba20ebd9c655bfcedf9 +PKG_HASH:=99e0aba6396fd633c3840f30e4942f6591a08066d037f560b65ba64e7310f4d6 PKG_BUILD_DIR:=$(BUILD_DIR)/nDPI-$(PKG_VERSION) PKG_MAINTAINER:=Banglang Huang , Toni Uhlig @@ -31,12 +31,16 @@ ifeq ($(CONFIG_LIBNDPI_GCRYPT),) CONFIGURE_ARGS += --disable-gcrypt endif +ifneq ($(CONFIG_LIBNDPI_MAXMINDDB),) +CONFIGURE_ARGS += --with-maxminddb +endif + define Package/libndpi SECTION:=libs CATEGORY:=Libraries TITLE:=Library for deep-packet inspection URL:=https://github.com/ntop/nDPI - DEPENDS:=+LIBNDPI_GCRYPT:libgcrypt +libpcap +libjson-c + DEPENDS:=+LIBNDPI_GCRYPT:libgcrypt +LIBNDPI_MAXMINDDB:libmaxminddb +libpcap +libjson-c endef define Package/libndpi/description @@ -52,6 +56,15 @@ config LIBNDPI_GCRYPT help This option enables QUIC client hello decryption. Disabled by default. + +config LIBNDPI_MAXMINDDB + bool "Maxmind GeoIP support" + depends on PACKAGE_libndpi + default n + help + This options enables geographical information processing + and serialization based on IP addresses. + Disabled by default. endef define Build/Prepare diff --git a/libs/librouteros/Makefile b/libs/librouteros/Makefile index 2908de0774..1d5a6b454d 100644 --- a/libs/librouteros/Makefile +++ b/libs/librouteros/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=librouteros PKG_SOURCE_DATE:=2018-07-19 PKG_SOURCE_VERSION:=c485c777ffbbbd87c3d72d843af36ba016803cae -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_MAINTAINER:=Sven Roederer PKG_LICENSE:=ISC diff --git a/libs/librouteros/patches/010-no-doc.patch b/libs/librouteros/patches/010-no-doc.patch new file mode 100644 index 0000000000..8a07e30b2e --- /dev/null +++ b/libs/librouteros/patches/010-no-doc.patch @@ -0,0 +1,7 @@ +--- a/Makefile.am ++++ b/Makefile.am +@@ -1,3 +1,3 @@ +-SUBDIRS = src doc ++SUBDIRS = src + + README: README.md diff --git a/libs/libuv/Makefile b/libs/libuv/Makefile index 251cc55f70..0eed2b408a 100644 --- a/libs/libuv/Makefile +++ b/libs/libuv/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=libuv -PKG_VERSION:=1.41.0 +PKG_VERSION:=1.41.1 PKG_RELEASE:=$(AUTORELEASE) PKG_SOURCE:=$(PKG_NAME)-v$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://dist.libuv.org/dist/v$(PKG_VERSION)/ -PKG_HASH:=1184533907e1ddad9c0dcd30a5abb0fe25288c287ff7fee303fff7b9b2d6eb6e +PKG_HASH:=65db0c7f2438bc8cd48865de282bf6670027f3557d6e3cb62fb65b2e350a687d PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-v$(PKG_VERSION) PKG_MAINTAINER:=Marko Ratkaj diff --git a/libs/libuv/patches/CVE-2021-22918.patch b/libs/libuv/patches/CVE-2021-22918.patch deleted file mode 100644 index 075800c2f6..0000000000 --- a/libs/libuv/patches/CVE-2021-22918.patch +++ /dev/null @@ -1,166 +0,0 @@ -From b7466e31e4bee160d82a68fca11b1f61d46debae Mon Sep 17 00:00:00 2001 -From: Ben Noordhuis -Date: Fri, 21 May 2021 11:23:36 +0200 -Subject: [PATCH] idna: fix OOB read in punycode decoder - -libuv was vulnerable to out-of-bounds reads in the uv__idna_toascii() -function which is used to convert strings to ASCII. This is called by -the DNS resolution function and can lead to information disclosures or -crashes. - -Reported by Eric Sesterhenn in collaboration with Cure53 and ExpressVPN. - -Reported-By: Eric Sesterhenn -Fixes: https://github.com/libuv/libuv/issues/3147 -PR-URL: https://github.com/libuv/libuv-private/pull/1 -Refs: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22918 -Reviewed-By: Colin Ihrig -Reviewed-By: Richard Lau ---- - src/idna.c | 49 +++++++++++++++++++++++++++++++++++------------- - test/test-idna.c | 19 +++++++++++++++++++ - test/test-list.h | 2 ++ - 3 files changed, 57 insertions(+), 13 deletions(-) - ---- a/src/idna.c -+++ b/src/idna.c -@@ -19,6 +19,7 @@ - - #include "uv.h" - #include "idna.h" -+#include - #include - - static unsigned uv__utf8_decode1_slow(const char** p, -@@ -32,7 +33,7 @@ static unsigned uv__utf8_decode1_slow(co - if (a > 0xF7) - return -1; - -- switch (*p - pe) { -+ switch (pe - *p) { - default: - if (a > 0xEF) { - min = 0x10000; -@@ -62,6 +63,8 @@ static unsigned uv__utf8_decode1_slow(co - a = 0; - break; - } -+ /* Fall through. */ -+ case 0: - return -1; /* Invalid continuation byte. */ - } - -@@ -88,6 +91,8 @@ static unsigned uv__utf8_decode1_slow(co - unsigned uv__utf8_decode1(const char** p, const char* pe) { - unsigned a; - -+ assert(*p < pe); -+ - a = (unsigned char) *(*p)++; - - if (a < 128) -@@ -96,9 +101,6 @@ unsigned uv__utf8_decode1(const char** p - return uv__utf8_decode1_slow(p, pe, a); - } - --#define foreach_codepoint(c, p, pe) \ -- for (; (void) (*p <= pe && (c = uv__utf8_decode1(p, pe))), *p <= pe;) -- - static int uv__idna_toascii_label(const char* s, const char* se, - char** d, char* de) { - static const char alphabet[] = "abcdefghijklmnopqrstuvwxyz0123456789"; -@@ -121,15 +123,22 @@ static int uv__idna_toascii_label(const - ss = s; - todo = 0; - -- foreach_codepoint(c, &s, se) { -+ /* Note: after this loop we've visited all UTF-8 characters and know -+ * they're legal so we no longer need to check for decode errors. -+ */ -+ while (s < se) { -+ c = uv__utf8_decode1(&s, se); -+ -+ if (c == -1u) -+ return UV_EINVAL; -+ - if (c < 128) - h++; -- else if (c == (unsigned) -1) -- return UV_EINVAL; - else - todo++; - } - -+ /* Only write "xn--" when there are non-ASCII characters. */ - if (todo > 0) { - if (*d < de) *(*d)++ = 'x'; - if (*d < de) *(*d)++ = 'n'; -@@ -137,9 +146,13 @@ static int uv__idna_toascii_label(const - if (*d < de) *(*d)++ = '-'; - } - -+ /* Write ASCII characters. */ - x = 0; - s = ss; -- foreach_codepoint(c, &s, se) { -+ while (s < se) { -+ c = uv__utf8_decode1(&s, se); -+ assert(c != -1u); -+ - if (c > 127) - continue; - -@@ -166,10 +179,15 @@ static int uv__idna_toascii_label(const - while (todo > 0) { - m = -1; - s = ss; -- foreach_codepoint(c, &s, se) -+ -+ while (s < se) { -+ c = uv__utf8_decode1(&s, se); -+ assert(c != -1u); -+ - if (c >= n) - if (c < m) - m = c; -+ } - - x = m - n; - y = h + 1; -@@ -181,7 +199,10 @@ static int uv__idna_toascii_label(const - n = m; - - s = ss; -- foreach_codepoint(c, &s, se) { -+ while (s < se) { -+ c = uv__utf8_decode1(&s, se); -+ assert(c != -1u); -+ - if (c < n) - if (++delta == 0) - return UV_E2BIG; /* Overflow. */ -@@ -245,8 +266,6 @@ static int uv__idna_toascii_label(const - return 0; - } - --#undef foreach_codepoint -- - long uv__idna_toascii(const char* s, const char* se, char* d, char* de) { - const char* si; - const char* st; -@@ -256,10 +275,14 @@ long uv__idna_toascii(const char* s, con - - ds = d; - -- for (si = s; si < se; /* empty */) { -+ si = s; -+ while (si < se) { - st = si; - c = uv__utf8_decode1(&si, se); - -+ if (c == -1u) -+ return UV_EINVAL; -+ - if (c != '.') - if (c != 0x3002) /* 。 */ - if (c != 0xFF0E) /* . */ diff --git a/libs/libvpx/Makefile b/libs/libvpx/Makefile index 9cd671f917..5cea27e735 100644 --- a/libs/libvpx/Makefile +++ b/libs/libvpx/Makefile @@ -9,12 +9,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=libvpx -PKG_VERSION:=1.9.0 -PKG_RELEASE:=1 +PKG_VERSION:=1.10.0 +PKG_RELEASE:=$(AUTORELEASE) PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://chromium.googlesource.com/webm/libvpx -PKG_MIRROR_HASH:=0984f8c899b345f6be6f52f5e4888a6d654a45641b7b36de49e1aab22e1ecb58 +PKG_MIRROR_HASH:=2f4d342e8efe566449dc5b2211dac22df81ec28792804b34d47c7dadf5c8a136 PKG_SOURCE_VERSION:=v$(PKG_VERSION) PKG_MAINTAINER:=Luiz Angelo Daros de Luca diff --git a/libs/nss/Makefile b/libs/nss/Makefile index 28f107a5bc..4519b3d520 100644 --- a/libs/nss/Makefile +++ b/libs/nss/Makefile @@ -7,21 +7,21 @@ include $(TOPDIR)/rules.mk PKG_NAME:=nss -PKG_VERSION:=3.65 -PKG_RELEASE:=1 +PKG_VERSION:=3.67 +PKG_RELEASE:=$(AUTORELEASE) PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:= \ https://download.cdn.mozilla.net/pub/security/$(PKG_NAME)/releases/NSS_$(subst .,_,$(PKG_VERSION))_RTM/src \ https://archive.mozilla.org/pub/security/$(PKG_NAME)/releases/NSS_$(subst .,_,$(PKG_VERSION))_RTM/src -PKG_HASH:=32170f6c188212a78bf9fdacffa2eeed0d564ef8faae63fd8ae971b208e8c637 +PKG_HASH:=f6549a9148cd27b394b40c77fa73111d5ea23cdb51d796665de1b7458f88ce7f PKG_MAINTAINER:=Lucian Cristian PKG_LICENCE:=MPL-2.0 PKG_LICENSE_FILES:=nss/COPYING PKG_CPE_ID:=cpe:/a:mozilla:network_security_services -PKG_BUILD_PARALLEL:=1 +PKG_BUILD_PARALLEL:=0 include $(INCLUDE_DIR)/package.mk diff --git a/libs/openblas/Makefile b/libs/openblas/Makefile new file mode 100644 index 0000000000..4fc8eb2a00 --- /dev/null +++ b/libs/openblas/Makefile @@ -0,0 +1,106 @@ +# +# Copyright (C) 2021 Alexandru Ardelean +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=OpenBLAS +PKG_VERSION:=0.3.15 +PKG_RELEASE:=$(AUTORELEASE) + +PKG_SOURCE:=OpenBLAS-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=https://github.com/xianyi/OpenBLAS/releases/download/v$(PKG_VERSION)/ +PKG_HASH:=30a99dec977594b387a17f49904523e6bc8dd88bd247266e83485803759e4bbe +PKG_LICENSE:=BSD 3-Clause +PKG_MAINTAINER:=Alexandru Ardelean + +PKG_BUILD_PARALLEL:=1 +PKG_INSTALL:=1 + +include $(INCLUDE_DIR)/package.mk + +define Package/openblas + SECTION:=libs + CATEGORY:=Libraries + TITLE:=An optimized library for BLAS (Basic Linear Algebra Subprograms) + URL:=https://www.openblas.net/ + DEPENDS:= \ + @!arc \ + @!powerpc \ + +INSTALL_GFORTRAN:libgfortran +endef + +define Package/openblas/description + OpenBLAS is an optimized BLAS (Basic Linear Algebra Subprograms) library + based on GotoBLAS2 1.13 BSD version. +endef + +define Package/openblas/config +menu "Configuration" +depends on PACKAGE_openblas + +config OPENBLAS_TARGET_OVERRIDE + string + prompt "Manual CPU target override (from the OpenBLAS TargetList.txt file)" + +endmenu +endef + +OPENBLAS_TARGET=$(call qstrip,$(CONFIG_OPENBLAS_TARGET_OVERRIDE)) + +ifeq ($(OPENBLAS_TARGET),) +ifeq ($(ARCH),aarch64) + OPENBLAS_TARGET:=ARMV8 +else ifeq ($(ARCH),arm) + OPENBLAS_TARGET:=ARMV5 +else ifeq ($(ARCH),mips) + OPENBLAS_TARGET:=MIPS24K +else ifeq ($(ARCH),mipsel) + OPENBLAS_TARGET:=MIPS24K +else ifeq ($(ARCH),powerpc) + OPENBLAS_TARGET:=PPC440 +else ifeq ($(ARCH),mips64) + OPENBLAS_TARGET:=I6400 +else ifeq ($(ARCH),mips64el) + OPENBLAS_TARGET:=I6400 +else ifeq ($(ARCH),i386) + OPENBLAS_TARGET:=GENERIC +else ifeq ($(ARCH),x86_64) + OPENBLAS_TARGET:=GENERIC +endif +endif # ifeq ($(OPENBLAS_TARGET),) + +ifeq ($(CONFIG_ARCH_64BIT),y) +OPENBLAS_BINARY:=64 +else +OPENBLAS_BINARY:=32 +endif + +MAKE_FLAGS += \ + CROSS=1 \ + HOSTCC=$(HOSTCC) \ + CROSS_SUFFIX=$(TARGET_CROSS) \ + BINARY=$(OPENBLAS_BINARY) \ + NUM_THREADS=2 \ + PREFIX=/usr \ + COMMON_OPT="" \ + TARGET=$(call qstrip,$(OPENBLAS_TARGET)) + +ifneq ($(CONFIG_INSTALL_GFORTRAN),y) +MAKE_FLAGS += NOFORTRAN=1 +endif + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/lib/pkgconfig + $(INSTALL_DIR) $(1)/usr/include + $(CP) $(PKG_INSTALL_DIR)/usr/lib/* $(1)/usr/lib/ + $(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/* $(1)/usr/lib/pkgconfig/ +endef + +define Package/openblas/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libopenblas*.so* $(1)/usr/lib/ +endef + +$(eval $(call BuildPackage,openblas)) diff --git a/libs/p11-kit/Makefile b/libs/p11-kit/Makefile index 21c63ac19f..bf5724144d 100644 --- a/libs/p11-kit/Makefile +++ b/libs/p11-kit/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=p11-kit -PKG_VERSION:=0.23.22 -PKG_RELEASE:=1 +PKG_VERSION:=0.24.0 +PKG_RELEASE:=$(AUTORELEASE) PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://github.com/p11-glue/p11-kit/releases/download/$(PKG_VERSION) -PKG_HASH:=8a8f40153dd5a3f8e7c03e641f8db400133fb2a6a9ab2aee1b6d0cb0495ec6b6 +PKG_HASH:=81e6140584f635e4e956a1b93a32239acf3811ff5b2d3a5c6094e94e99d2c685 PKG_MAINTAINER:=Nikos Mavrogiannopoulos PKG_LICENSE:=BSD-3-Clause diff --git a/libs/p11-kit/patches/010-stdint.patch b/libs/p11-kit/patches/010-stdint.patch deleted file mode 100644 index 546c062b5e..0000000000 --- a/libs/p11-kit/patches/010-stdint.patch +++ /dev/null @@ -1,22 +0,0 @@ -From 507c394cfcf4edffc5e4450c5d737e545c26b857 Mon Sep 17 00:00:00 2001 -From: Daniel Engberg -Date: Sat, 12 Dec 2020 18:56:38 +0100 -Subject: [PATCH] p11-kit/lists.c: Add stdint.h to fix compilation - -Add stdint.h otherwise compilation fails on FreeBSD 13-CURRENT with "use of undeclared identifier 'SIZE_MAX'" - -Signed-off-by: Daniel Engberg ---- - p11-kit/lists.c | 1 + - 1 file changed, 1 insertion(+) - ---- a/p11-kit/lists.c -+++ b/p11-kit/lists.c -@@ -39,6 +39,7 @@ - - #include - #include -+#include - #include - #include - #include diff --git a/libs/uci2/Makefile b/libs/uci2/Makefile index 456701c4d6..c876a84a18 100644 --- a/libs/uci2/Makefile +++ b/libs/uci2/Makefile @@ -2,12 +2,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=uci2 PKG_VERSION:=1.0 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE_URL:=https://github.com/sartura/uci2.git PKG_SOURCE_PROTO:=git -PKG_SOURCE_VERSION:=24b7471a0aead99115c189f04236f5fe52492579 -PKG_MIRROR_HASH:=ea8f4627163ce40f62393a87a0155869f034bb78c9f7fb644f18461cbdaf5333 +PKG_SOURCE_DATE:=2021-07-12 +PKG_SOURCE_VERSION:=56064182acdd8fa522abab67fdbaa10c2a28165c +PKG_MIRROR_HASH:=94059a5cf110ecc04cfb9a8ffc160f9bd6a03518d4c4b195500d8eff001be9aa +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_DATE).tar.gz PKG_MAINTAINER:=Jakov Petrina PKG_LICENSE:=BSD-3-Clause diff --git a/mail/emailrelay/patches/010-gcc11.patch b/mail/emailrelay/patches/010-gcc11.patch new file mode 100644 index 0000000000..29ad358e81 --- /dev/null +++ b/mail/emailrelay/patches/010-gcc11.patch @@ -0,0 +1,20 @@ +--- a/src/gnet/gsocket.h ++++ b/src/gnet/gsocket.h +@@ -27,6 +27,7 @@ + #include "gevent.h" + #include "gdescriptor.h" + #include "greadwrite.h" ++#include + #include + #include + +--- a/src/gssl/gssl.h ++++ b/src/gssl/gssl.h +@@ -26,6 +26,7 @@ + #include "gdef.h" + #include "gstrings.h" + #include "greadwrite.h" ++#include + #include + #include + diff --git a/multimedia/tvheadend/Makefile b/multimedia/tvheadend/Makefile index e75e90cf04..12bb08103e 100644 --- a/multimedia/tvheadend/Makefile +++ b/multimedia/tvheadend/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=tvheadend PKG_VERSION:=4.0.10 -PKG_RELEASE:=5 +PKG_RELEASE:=6 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/tvheadend/tvheadend/tar.gz/v$(PKG_VERSION)? diff --git a/multimedia/tvheadend/patches/040-fortify.patch b/multimedia/tvheadend/patches/040-fortify.patch new file mode 100644 index 0000000000..429791ad19 --- /dev/null +++ b/multimedia/tvheadend/patches/040-fortify.patch @@ -0,0 +1,9 @@ +--- a/src/intlconv.c ++++ b/src/intlconv.c +@@ -1,3 +1,6 @@ ++#ifndef _GNU_SOURCE ++#define _GNU_SOURCE ++#endif + #include + #include "tvheadend.h" + #include "intlconv.h" diff --git a/net/adblock/Makefile b/net/adblock/Makefile index 3d3b2940e9..c8e0e536b0 100644 --- a/net/adblock/Makefile +++ b/net/adblock/Makefile @@ -7,7 +7,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=adblock PKG_VERSION:=4.1.3 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_LICENSE:=GPL-3.0-or-later PKG_MAINTAINER:=Dirk Brenken diff --git a/net/adblock/files/adblock.sh b/net/adblock/files/adblock.sh index 139aefb4f2..916de3c1fd 100755 --- a/net/adblock/files/adblock.sh +++ b/net/adblock/files/adblock.sh @@ -916,7 +916,7 @@ f_list() "safesearch") case "${src_name}" in "google") - rset="/^(\\.[[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{printf \"%s\n%s\n\",tolower(\"www\"\$1),tolower(substr(\$1,2,length(\$1)))}" + rset="/^\\.([[:alnum:]_-]{1,63}\\.)+[[:alpha:]]+([[:space:]]|$)/{printf \"%s\n%s\n\",tolower(\"www\"\$1),tolower(substr(\$1,2,length(\$1)))}" safe_url="https://www.google.com/supported_domains" safe_cname="forcesafesearch.google.com" safe_domains="${adb_tmpdir}/tmp.load.safesearch.${src_name}" diff --git a/net/addrwatch/Makefile b/net/addrwatch/Makefile index f91ff2bfa1..fa6c91ecfa 100644 --- a/net/addrwatch/Makefile +++ b/net/addrwatch/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=addrwatch PKG_VERSION:=1.0.2 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/fln/addrwatch/releases/download/v$(PKG_VERSION) @@ -21,34 +21,102 @@ PKG_LICENSE_FILES:=COPYING PKG_INSTALL:=1 PKG_BUILD_PARALLEL:=1 -PKG_BUILD_DEPENDS:=USE_UCLIBC:argp-standalone USE_MUSL:argp-standalone +PKG_BUILD_DEPENDS:=USE_MUSL:argp-standalone +PKG_FIXUP:=autoreconf include $(INCLUDE_DIR)/package.mk -define Package/addrwatch +define Package/addrwatch/Default SECTION:=net CATEGORY:=Network - DEPENDS:=+libpcap +libevent2 TITLE:=IPv4/IPv6 and ethernet address pairing tool URL:=https://github.com/fln/addrwatch endef -define Package/addrwatch/description +define Package/addrwatch/Default/description This is a tool similar to arpwatch. It main purpose is to monitor network and log discovered ethernet/ip pairings. Addrwatch is extremely useful in networks with IPv6 autoconfiguration (RFC4862) enabled. It allows to track IPv6 addresses of hosts using IPv6 privacy extensions (RFC4941). endef +define Package/addrwatch +$(call Package/addrwatch/Default) + DEPENDS:=+libpcap +libevent2 +endef + +define Package/addrwatch/description +$(call Package/addrwatch/Default/description) + + This contains the main addrwatch program. +endef + +define Package/addrwatch-mysql +$(call Package/addrwatch/Default) + TITLE+= (MySQL output module) + DEPENDS:=+addrwatch +libmariadb +endef + +define Package/addrwatch-mysql/description +$(call Package/addrwatch/Default/description) + + This contains the MySQL output module. +endef + +define Package/addrwatch-stdout +$(call Package/addrwatch/Default) + TITLE+= (stdout output module) + DEPENDS:=+addrwatch +endef + +define Package/addrwatch-stdout/description +$(call Package/addrwatch/Default/description) + + This contains the stdout output module. +endef + +define Package/addrwatch-syslog +$(call Package/addrwatch/Default) + TITLE+= (syslog output module) + DEPENDS:=+addrwatch +endef + +define Package/addrwatch-syslog/description +$(call Package/addrwatch/Default/description) + + This contains the syslog output module. +endef + define Package/addrwatch/conffiles /etc/config/addrwatch endef +CONFIGURE_ARGS+= \ + --enable-mysql + define Package/addrwatch/install - $(INSTALL_DIR) $(1)/usr/bin $(1)/etc/config $(1)/etc/init.d - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/addrwatch $(1)/usr/bin/ + $(INSTALL_DIR) $(1)/usr/sbin $(1)/etc/config $(1)/etc/init.d + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/addrwatch $(1)/usr/sbin/ $(INSTALL_BIN) ./files/addrwatch.init $(1)/etc/init.d/addrwatch $(INSTALL_CONF) ./files/addrwatch.config $(1)/etc/config/addrwatch endef +define Package/addrwatch-mysql/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/addrwatch_mysql $(1)/usr/sbin/ +endef + +define Package/addrwatch-stdout/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/addrwatch_stdout $(1)/usr/sbin/ +endef + +define Package/addrwatch-syslog/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/addrwatch_syslog $(1)/usr/sbin/ +endef + $(eval $(call BuildPackage,addrwatch)) +$(eval $(call BuildPackage,addrwatch-mysql)) +$(eval $(call BuildPackage,addrwatch-stdout)) +$(eval $(call BuildPackage,addrwatch-syslog)) diff --git a/net/addrwatch/files/addrwatch.config b/net/addrwatch/files/addrwatch.config index 177eeef49d..0d1166ffea 100644 --- a/net/addrwatch/files/addrwatch.config +++ b/net/addrwatch/files/addrwatch.config @@ -1,12 +1,12 @@ config addrwatch - option disabled '0' + option enabled '0' list interface 'lan' #list interface 'wan' - #option syslog '1' + #option syslog '0' #option verbose '0' #option output '/var/log/addrwatch' #list blacklist '192.168.1.1' #option hashsize '1' - #option ratelimit '-1' + #option ratelimit '0' diff --git a/net/addrwatch/files/addrwatch.init b/net/addrwatch/files/addrwatch.init index 7b0f74cf79..d6d260b90a 100644 --- a/net/addrwatch/files/addrwatch.init +++ b/net/addrwatch/files/addrwatch.init @@ -6,17 +6,16 @@ USE_PROCD=1 validate_section_addrwatch() { uci_load_validate addrwatch addrwatch "$1" "$2" \ - 'disabled:bool:0' \ + 'enabled:bool:0' \ 'interface:list(string):lan' \ - 'syslog:bool:1' \ + 'syslog:bool:0' \ 'output:string' \ - 'quiet:bool:0' \ 'verbose:bool:0' \ 'ipv4only:bool:0' \ 'ipv6only:bool:0' \ 'blacklist:list(or(ip4addr,ip6addr))' \ - 'hashsize:range(1,65536):1024'\ - 'ratelimit:integer:3600' + 'hashsize:range(1,65536):1'\ + 'ratelimit:integer:0' } start_instance() { @@ -27,7 +26,7 @@ start_instance() { echo "validation of config $cfg failed" return 1 } - [ $disabled -ne 0 ] && return 1 + [ $enabled -eq 1 ] || return 1 for iface in $interface; do local netdev @@ -36,15 +35,13 @@ start_instance() { done procd_open_instance - procd_set_param command /usr/sbin/addrwatch - [ "$syslog" -eq 1 ] && procd_append_param command --syslog - [ -n "$output" ] && procd_append_param command --output "$output" - [ "$quiet" -eq 1 ] && procd_append_param command --quiet - [ "$verbose" -eq 1 ] && procd_append_param command --verbose - [ "$ipv4only" -eq 1 ] && procd_append_param command --ipv4only - [ "$ipv6only" -eq 1 ] && procd_append_param command --ipv6only - [ -n "$hashsize" ] && procd_append_param command --hashsize "$hashsize" - [ -n "$ratelimit" ] && procd_append_param command --ratelimit "$ratelimit" + procd_set_param command /usr/sbin/addrwatch --quiet + [ -n "$output" ] && procd_append_param command "--output=$output" + [ "$verbose" -eq 1 ] && procd_append_param command "--verbose" + [ "$ipv4only" -eq 1 ] && procd_append_param command "--ipv4-only" + [ "$ipv6only" -eq 1 ] && procd_append_param command "--ipv6-only" + [ -n "$hashsize" ] && procd_append_param command "--hashsize=$hashsize" + [ -n "$ratelimit" ] && procd_append_param command "--ratelimit=$ratelimit" for blitem in $blacklist; do procd_append_param command "--blacklist=$blitem" done @@ -57,6 +54,18 @@ start_instance() { done procd_close_trigger procd_close_instance + + [ "$syslog" -eq 1 ] && { + if [ -x /usr/sbin/addrwatch_syslog ]; then + procd_open_instance + procd_set_param command /usr/sbin/addrwatch_syslog + procd_set_param respawn + procd_close_instance + else + echo "Cannot find /usr/sbin/addrwatch_syslog" >&2 + echo "Install the addrwatch-syslog package to enable syslog output" >&2 + fi + } } start_service() { diff --git a/net/addrwatch/patches/003-add-space-for-null-byte.patch b/net/addrwatch/patches/003-add-space-for-null-byte.patch new file mode 100644 index 0000000000..a55270743b --- /dev/null +++ b/net/addrwatch/patches/003-add-space-for-null-byte.patch @@ -0,0 +1,20 @@ +From 374cfd2cabe4db9882d8a210adff430cc579f859 Mon Sep 17 00:00:00 2001 +From: Julius Kriukas +Date: Sun, 8 Mar 2020 12:46:55 +0200 +Subject: [PATCH] Use HOST_NAME_MAX+1 to add space for null byte + +--- + src/addrwatch.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/src/addrwatch.c ++++ b/src/addrwatch.c +@@ -501,7 +501,7 @@ int main(int argc, char *argv[]) + argp_parse(&argp, argc, argv, 0, &optind, 0); + + if (!cfg.hostname) { +- cfg.hostname_len = HOST_NAME_MAX; ++ cfg.hostname_len = HOST_NAME_MAX + 1; + cfg.hostname = (char *)calloc(cfg.hostname_len, sizeof(char)); + gethostname(cfg.hostname, cfg.hostname_len); + } diff --git a/net/addrwatch/patches/004-more-specific-library-linking.patch b/net/addrwatch/patches/004-more-specific-library-linking.patch new file mode 100644 index 0000000000..289763664c --- /dev/null +++ b/net/addrwatch/patches/004-more-specific-library-linking.patch @@ -0,0 +1,46 @@ +From 1988f6228225e10bccc50941798f1e1b4ca1ff62 Mon Sep 17 00:00:00 2001 +From: Jeffery To +Date: Fri, 18 Jun 2021 15:46:47 +0800 +Subject: [PATCH] More specific library linking + +Currently, the main binary and all output modules are linked to the same +set of libraries. This changes the linking so that only the main binary +is linked to pcap, and only addrwatch_mysql is linked to mysqlclient. + +This allows the main binary and output modules to be packaged separately +with fewer dependencies for each individual package. +--- + configure.ac | 4 ++-- + src/Makefile.am | 3 ++- + 2 files changed, 4 insertions(+), 3 deletions(-) + +--- a/configure.ac ++++ b/configure.ac +@@ -12,7 +12,7 @@ optional_modules="" + AC_SUBST([optional_modules]) + + # Checks for libraries. +-AC_CHECK_LIB([pcap], [pcap_open_live]) ++AC_CHECK_LIB([pcap], [pcap_open_live], :) + AC_CHECK_LIB([rt], [shm_open]) + + PKG_CHECK_MODULES(LIBEVENT, [libevent >= 1.4], , [ +@@ -46,7 +46,7 @@ AC_ARG_ENABLE([sqlite3], + ) + AC_ARG_ENABLE([mysql], + AS_HELP_STRING([--enable-mysql], [Enable MySQL database output]), +- AC_CHECK_LIB([mysqlclient], [mysql_real_connect], , [ ++ AC_CHECK_LIB([mysqlclient], [mysql_real_connect], :, [ + AC_MSG_ERROR([Unable to find libmysqlclient.]) + ]) + optional_modules="${optional_modules} addrwatch_mysql" +--- a/src/Makefile.am ++++ b/src/Makefile.am +@@ -9,5 +9,6 @@ addrwatch_stdout_SOURCES = addrwatch_std + addrwatch_syslog_SOURCES = addrwatch_syslog.c shm_client.c shm_client.h + addrwatch_mysql_SOURCES = addrwatch_mysql.c shm_client.c shm_client.h util.c util.h + +-addrwatch_LDADD = @LIBEVENT_LIBS@ ++addrwatch_LDADD = @LIBEVENT_LIBS@ -lpcap ++addrwatch_mysql_LDADD = -lmysqlclient + diff --git a/net/addrwatch/patches/005-use-c99-format-macro-constants.patch b/net/addrwatch/patches/005-use-c99-format-macro-constants.patch new file mode 100644 index 0000000000..44aed5f507 --- /dev/null +++ b/net/addrwatch/patches/005-use-c99-format-macro-constants.patch @@ -0,0 +1,175 @@ +From 11f224baeede709a181a9ccb01558ff39432a994 Mon Sep 17 00:00:00 2001 +From: Jeffery To +Date: Mon, 5 Jul 2021 04:23:19 +0800 +Subject: [PATCH] Use C99 format macro constants for timestamp and vlan_tag + +Since timestamp and vlan_tag in the shm_log_entry struct are C99 fixed +width integer types (uint64_t and uint16_t), the cross-platform way to +print these values is to use the corresponding format macro +constants[1], PRIu64 and PRIu16. + +This also adjusts the places where the time_t timestamp value is +printed, casting it to uint64_t, for consistency. + +Fixes https://github.com/fln/addrwatch/issues/25 +Fixes https://github.com/fln/addrwatch/issues/26 + +[1]: https://en.cppreference.com/w/c/types/integer#Format_macro_constants +--- + configure.ac | 2 +- + src/addrwatch.c | 2 +- + src/addrwatch_stdout.c | 2 +- + src/addrwatch_syslog.c | 2 +- + src/base64.h | 2 +- + src/common.h | 2 +- + src/mcache.h | 2 +- + src/output_flatfile.c | 4 ++-- + src/parse.c | 2 +- + src/shm.h | 2 +- + src/shm_client.c | 2 +- + src/storage.c | 2 +- + src/util.h | 2 +- + 13 files changed, 14 insertions(+), 14 deletions(-) + +--- a/configure.ac ++++ b/configure.ac +@@ -53,7 +53,7 @@ AC_ARG_ENABLE([mysql], + ) + + # Checks for header files. +-AC_CHECK_HEADERS([arpa/inet.h netinet/in.h stdint.h stdlib.h syslog.h unistd.h]) ++AC_CHECK_HEADERS([arpa/inet.h netinet/in.h inttypes.h stdlib.h syslog.h unistd.h]) + + # Checks for typedefs, structures, and compiler characteristics. + AC_C_INLINE +--- a/src/addrwatch.c ++++ b/src/addrwatch.c +@@ -3,7 +3,7 @@ + #include + #include + #include +-#include ++#include + #include + #include + #include +--- a/src/addrwatch_stdout.c ++++ b/src/addrwatch_stdout.c +@@ -16,7 +16,7 @@ void process_entry(struct shm_log_entry + ip4_ntoa(e->ip_address, ip_str); + } + +- printf("%lu %s %u %s %s %s\n", e->timestamp, e->interface, e->vlan_tag, ++ printf("%" PRIu64 " %s %" PRIu16 " %s %s %s\n", e->timestamp, e->interface, e->vlan_tag, + mac_str, ip_str, pkt_origin_str[e->origin]); + } + +--- a/src/addrwatch_syslog.c ++++ b/src/addrwatch_syslog.c +@@ -18,7 +18,7 @@ void process_entry(struct shm_log_entry + ip4_ntoa(e->ip_address, ip_str); + } + +- syslog(LOG_INFO, "%lu %s %u %s %s %s", e->timestamp, e->interface, ++ syslog(LOG_INFO, "%" PRIu64 " %s %" PRIu16 " %s %s %s", e->timestamp, e->interface, + e->vlan_tag, mac_str, ip_str, pkt_origin_str[e->origin]); + } + +--- a/src/base64.h ++++ b/src/base64.h +@@ -2,7 +2,7 @@ + #define BASE64_H + + #include "addrwatch.h" +-#include ++#include + + void base64_encode(const uint8_t *src, char *dst, int ssize, int dsize); + char *base64_encode_packet(struct pkt *p); +--- a/src/common.h ++++ b/src/common.h +@@ -2,7 +2,7 @@ + #define COMMON_H + + #include +-#include ++#include + #include + #include + +--- a/src/mcache.h ++++ b/src/mcache.h +@@ -6,7 +6,7 @@ + + #include + #include +-#include ++#include + + struct mcache_node { + uint8_t l2_addr[ETHER_ADDR_LEN]; +--- a/src/output_flatfile.c ++++ b/src/output_flatfile.c +@@ -22,8 +22,8 @@ void output_flatfile_reload() + void output_flatfile_save(struct pkt *p, char *mac_str, char *ip_str) + { + if (cfg.data_fd) { +- fprintf(cfg.data_fd, "%lu %s %u %s %s %s\n", +- p->pcap_header->ts.tv_sec, p->ifc->name, p->vlan_tag, ++ fprintf(cfg.data_fd, "%" PRIu64 " %s %" PRIu16 " %s %s %s\n", ++ (uint64_t)p->pcap_header->ts.tv_sec, p->ifc->name, p->vlan_tag, + mac_str, ip_str, pkt_origin_str[p->origin]); + fflush(cfg.data_fd); + } +--- a/src/parse.c ++++ b/src/parse.c +@@ -1,4 +1,4 @@ +-//#include ++//#include + //#include + //#include + +--- a/src/shm.h ++++ b/src/shm.h +@@ -4,7 +4,7 @@ + #include + #include + #include +-#include ++#include + #include + + #define DEFAULT_SHM_LOG_NAME "/addrwatch-shm-log" +--- a/src/shm_client.c ++++ b/src/shm_client.c +@@ -2,7 +2,7 @@ + + #include + #include +-#include ++#include + #include + #include + #include +--- a/src/storage.c ++++ b/src/storage.c +@@ -129,7 +129,7 @@ void save_pairing(struct pkt *p) + + output_shm_save(p, mac_str, ip_str); + if (!cfg.quiet) { +- printf("%lu %s %u %s %s %s\n", tstamp, p->ifc->name, ++ printf("%" PRIu64 " %s %" PRIu16 " %s %s %s\n", (uint64_t)tstamp, p->ifc->name, + p->vlan_tag, mac_str, ip_str, pkt_origin_str[p->origin]); + fflush(stdout); + } +--- a/src/util.h ++++ b/src/util.h +@@ -5,7 +5,7 @@ + #include "config.h" + #endif + +-#include ++#include + #include + + #include diff --git a/net/apache/Makefile b/net/apache/Makefile index d558675f53..f1dcbe6cd5 100644 --- a/net/apache/Makefile +++ b/net/apache/Makefile @@ -8,13 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=apache -PKG_VERSION:=2.4.46 -PKG_RELEASE:=2 +PKG_VERSION:=2.4.48 +PKG_RELEASE:=1 PKG_SOURCE_NAME:=httpd PKG_SOURCE:=$(PKG_SOURCE_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=@APACHE/httpd/ -PKG_HASH:=740eddf6e1c641992b22359cabc66e6325868c3c5e2e3f98faf349b61ecf41ea +PKG_HASH:=1bc826e7b2e88108c7e4bf43c026636f77a41d849cfb667aa7b5c0b86dbf966c PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_SOURCE_NAME)-$(PKG_VERSION) diff --git a/net/apache/patches/020-openssl-deprecated.patch b/net/apache/patches/020-openssl-deprecated.patch index 667a24c68e..68909332fa 100644 --- a/net/apache/patches/020-openssl-deprecated.patch +++ b/net/apache/patches/020-openssl-deprecated.patch @@ -1,6 +1,6 @@ --- a/modules/md/md_crypt.c +++ b/modules/md/md_crypt.c -@@ -708,23 +708,23 @@ const char *md_cert_get_serial_number(co +@@ -1098,23 +1098,23 @@ const char *md_cert_get_serial_number(co int md_cert_is_valid_now(const md_cert_t *cert) { @@ -28,10 +28,10 @@ + return md_asn1_time_get(X509_get0_notBefore(cert->x509)); } - int md_cert_covers_domain(md_cert_t *cert, const char *domain_name) + md_timeperiod_t md_cert_get_valid(const md_cert_t *cert) --- a/modules/ssl/ssl_engine_init.c +++ b/modules/ssl/ssl_engine_init.c -@@ -226,7 +226,7 @@ apr_status_t ssl_init_Module(apr_pool_t +@@ -231,7 +231,7 @@ apr_status_t ssl_init_Module(apr_pool_t apr_status_t rv; apr_array_header_t *pphrases; @@ -42,7 +42,7 @@ "a newer library (%s, version currently loaded is %s)" --- a/modules/ssl/ssl_engine_io.c +++ b/modules/ssl/ssl_engine_io.c -@@ -1255,9 +1255,9 @@ static apr_status_t ssl_io_filter_handsh +@@ -1264,9 +1264,9 @@ static apr_status_t ssl_io_filter_handsh if (dc->proxy->ssl_check_peer_expire != FALSE) { if (!cert || (X509_cmp_current_time( @@ -90,7 +90,7 @@ else if (*var && strcEQ(var+1, "_DN")) { --- a/modules/ssl/ssl_private.h +++ b/modules/ssl/ssl_private.h -@@ -98,6 +98,9 @@ +@@ -99,6 +99,9 @@ #include #include #include diff --git a/net/bonding/Makefile b/net/bonding/Makefile index d3c1855f02..d9bafe21c8 100644 --- a/net/bonding/Makefile +++ b/net/bonding/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=proto-bonding PKG_VERSION:=2021-04-09 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_LICENSE:=GPL-2.0 PKG_LICENSE_FILES:= diff --git a/net/bonding/files/lib/netifd/proto/bonding.sh b/net/bonding/files/lib/netifd/proto/bonding.sh index ac65516371..04cec109ce 100755 --- a/net/bonding/files/lib/netifd/proto/bonding.sh +++ b/net/bonding/files/lib/netifd/proto/bonding.sh @@ -111,7 +111,7 @@ proto_bonding_setup() { 802.3ad) echo "$bonding_policy" > /sys/class/net/"$link"/bonding/mode - set_driver_values min_links ad_actor_sys_prio ad_actor_system ad_select lacp_rate + set_driver_values min_links ad_actor_sys_prio ad_actor_system ad_select lacp_rate xmit_hash_policy ;; balance-rr) diff --git a/net/clamav/Makefile b/net/clamav/Makefile index 970a5c1884..a6939f02ed 100644 --- a/net/clamav/Makefile +++ b/net/clamav/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=clamav -PKG_VERSION:=0.103.1 -PKG_RELEASE:=2 +PKG_VERSION:=0.103.3 +PKG_RELEASE:=$(AUTORELEASE) PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://www.clamav.net/downloads/production/ -PKG_HASH:=7308c47b89b268af3b9f36140528927a49ff3e633a9c9c0aac2712d81056e257 +PKG_HASH:=9f6e3d18449f3d1a3992771d696685249dfa12736fe2b2929858f2c7d8276ae9 PKG_MAINTAINER:=Marko Ratkaj \ Lucian Cristian diff --git a/net/dawn/Makefile b/net/dawn/Makefile index a337393689..99eeb351cb 100644 --- a/net/dawn/Makefile +++ b/net/dawn/Makefile @@ -5,13 +5,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dawn -PKG_SOURCE_DATE:=2020-12-31 +PKG_SOURCE_DATE:=2021-07-27 PKG_RELEASE:=$(AUTORELEASE) PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://github.com/berlin-open-wireless-lab/DAWN.git -PKG_SOURCE_VERSION:=8ce09d64def9a1ad4bbf57dd3fe724a8a9b93334 -PKG_MIRROR_HASH:=cc33ca6ab1c4bd3e9e2a7a380700c6c15d222b3fd7064a3ce2963abb0965f078 +PKG_SOURCE_VERSION:=276ca169a7c5c07932e54c03f4aa05c9eb192b38 +PKG_MIRROR_HASH:=4abc5b0aa14553c8b9787641da009efbf7fc4f2994720c2ccf1b2b31fc949ca5 PKG_MAINTAINER:=Nick Hainke PKG_LICENSE:=GPL-2.0-only diff --git a/net/ddns-scripts/Makefile b/net/ddns-scripts/Makefile index 272136f808..21a39efb9b 100644 --- a/net/ddns-scripts/Makefile +++ b/net/ddns-scripts/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=ddns-scripts PKG_VERSION:=2.8.2 -PKG_RELEASE:=10 +PKG_RELEASE:=11 PKG_LICENSE:=GPL-2.0 diff --git a/net/ddns-scripts/files/usr/share/ddns/default/google.com.json b/net/ddns-scripts/files/usr/share/ddns/default/google.com.json index f1e2f953ff..edfe461c86 100644 --- a/net/ddns-scripts/files/usr/share/ddns/default/google.com.json +++ b/net/ddns-scripts/files/usr/share/ddns/default/google.com.json @@ -5,7 +5,7 @@ "answer": "good|nochg" }, "ipv6": { - "url": "http://[USERNAME]:[PASSWORD]@domains.google.com/nic/update?hostname=[DOMAIN]&myip=[IP]", + "url": "https://[USERNAME]:[PASSWORD]@domains.google.com/nic/update?hostname=[DOMAIN]&myip=[IP]", "answer": "good|nochg" } } diff --git a/net/dnsdist/patches/020-gcc11.patch b/net/dnsdist/patches/020-gcc11.patch new file mode 100644 index 0000000000..485beabea5 --- /dev/null +++ b/net/dnsdist/patches/020-gcc11.patch @@ -0,0 +1,10 @@ +--- a/lock.hh ++++ b/lock.hh +@@ -20,6 +20,7 @@ + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + #pragma once ++#include + #include + + class ReadWriteLock diff --git a/net/dnslookup/Makefile b/net/dnslookup/Makefile new file mode 100644 index 0000000000..56351e48cd --- /dev/null +++ b/net/dnslookup/Makefile @@ -0,0 +1,45 @@ +# SPDX-License-Identifier: GPL-3.0-only +# +# Copyright (C) 2021 ImmortalWrt.org + +include $(TOPDIR)/rules.mk + +PKG_NAME:=dnslookup +PKG_VERSION:=1.4.8 +PKG_RELEASE:=$(AUTORELESE) + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=https://codeload.github.com/ameshkov/dnslookup/tar.gz/v$(PKG_VERSION)? +PKG_HASH:=0086616a57e43b6d4f513b79ec99f997649d449729b366b40a83b09c23432c20 + +PKG_MAINTAINER:=Tianling Shen +PKG_LICENSE:=MIT +PKG_LICENSE_FILES:=LICENSE + +PKG_BUILD_DEPENDS:=golang/host +PKG_BUILD_PARALLEL:=1 +PKG_USE_MIPS16:=0 + +GO_PKG:=github.com/ameshkov/dnslookup +GO_PKG_LDFLAGS:=-s -w +GO_PKG_LDFLAGS_X:=main.VersionString=v$(PKG_VERSION) + +include $(INCLUDE_DIR)/package.mk +include ../../lang/golang/golang-package.mk + +define Package/dnslookup + SECTION:=net + CATEGORY:=Network + SUBMENU:=IP Addresses and Names + TITLE:=Simple command line utility to make DNS lookups to the specified server + URL:=https://github.com/ameshkov/dnslookup + DEPENDS:=$(GO_ARCH_DEPENDS) +ca-bundle +endef + +define Package/dnslookup/description + Simple command line utility to make DNS lookups. + Supports all known DNS protocols: plain DNS, DoH, DoT, DoQ, DNSCrypt. +endef + +$(eval $(call GoBinPackage,dnslookup)) +$(eval $(call BuildPackage,dnslookup)) diff --git a/net/dnslookup/test.sh b/net/dnslookup/test.sh new file mode 100644 index 0000000000..4e12ad2a6f --- /dev/null +++ b/net/dnslookup/test.sh @@ -0,0 +1,3 @@ +#!/bin/sh + +dnslookup --version | grep "$PKG_VERSION" diff --git a/net/dnsproxy/Makefile b/net/dnsproxy/Makefile new file mode 100644 index 0000000000..abb292b963 --- /dev/null +++ b/net/dnsproxy/Makefile @@ -0,0 +1,56 @@ +# SPDX-License-Identifier: GPL-3.0-only +# +# Copyright (C) 2021 ImmortalWrt.org + +include $(TOPDIR)/rules.mk + +PKG_NAME:=dnsproxy +PKG_VERSION:=0.39.0 +PKG_RELEASE:=$(AUTORELESE) + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=https://codeload.github.com/AdguardTeam/dnsproxy/tar.gz/v$(PKG_VERSION)? +PKG_HASH:=00cf9978670e51be14cab262638735321afa917c3b4f46c0c5a189731ee124bf + +PKG_MAINTAINER:=Tianling Shen +PKG_LICENSE:=Apache-2.0 +PKG_LICENSE_FILES:=LICENSE + +PKG_BUILD_DEPENDS:=golang/host +PKG_BUILD_PARALLEL:=1 +PKG_USE_MIPS16:=0 + +GO_PKG:=github.com/AdguardTeam/dnsproxy +GO_PKG_LDFLAGS:=-s -w +GO_PKG_LDFLAGS_X:=main.VersionString=v$(PKG_VERSION) + +include $(INCLUDE_DIR)/package.mk +include ../../lang/golang/golang-package.mk + +define Package/dnsproxy + SECTION:=net + CATEGORY:=Network + SUBMENU:=IP Addresses and Names + TITLE:=Simple DNS proxy with DoH, DoT, DoQ and DNSCrypt support + URL:=https://github.com/AdguardTeam/dnsproxy + DEPENDS:=$(GO_ARCH_DEPENDS) +ca-bundle + USERID:=dnsproxy=411:dnsproxy=411 +endef + +define Package/dnsproxy/description + A simple DNS proxy server that supports all existing DNS protocols including + DNS-over-TLS, DNS-over-HTTPS, DNSCrypt, and DNS-over-QUIC.Moreover, it can + work as a DNS-over-HTTPS, DNS-over-TLS or DNS-over-QUIC server. +endef + +define Package/dnsproxy/install + $(call GoPackage/Package/Install/Bin,$(1)) + + $(INSTALL_DIR) $(1)/etc/config/ + $(INSTALL_CONF) $(CURDIR)/files/dnsproxy.config $(1)/etc/config/dnsproxy + $(INSTALL_DIR) $(1)/etc/init.d/ + $(INSTALL_BIN) $(CURDIR)/files/dnsproxy.init $(1)/etc/init.d/dnsproxy +endef + +$(eval $(call GoBinPackage,dnsproxy)) +$(eval $(call BuildPackage,dnsproxy)) diff --git a/net/dnsproxy/files/dnsproxy.config b/net/dnsproxy/files/dnsproxy.config new file mode 100644 index 0000000000..a9fa020280 --- /dev/null +++ b/net/dnsproxy/files/dnsproxy.config @@ -0,0 +1,41 @@ + +# For documents, please see https://github.com/AdguardTeam/dnsproxy#usage + +config dnsproxy 'global' + option enabled '0' + option listen_addr '127.0.0.1' + option listen_port '5353' + option log_file '' + option all_servers '0' + option fastest_addr '0' + option insecure '0' + option ipv6_disabled '0' + option max_go_routines '' + option rate_limit '' + option refuse_any '0' + option udp_buf_size '' + option verbose '0' + +config dnsproxy 'bogus_nxdomain' + list ip_addr '' + +config dnsproxy 'cache' + option enabled '0' + option cache_optimistic '0' + option size '65535' + option min_ttl '' + option max_ttl '' + +config dnsproxy 'dns64' + option enabled '0' + option dns64_prefix '64:ff9b::' + +config dnsproxy 'edns' + option enabled '0' + option edns_addr '' + +config dnsproxy 'servers' + list bootstrap 'tls://8.8.8.8' + list fallback 'tls://9.9.9.9' + list upstream 'tls://1.1.1.1' + diff --git a/net/dnsproxy/files/dnsproxy.init b/net/dnsproxy/files/dnsproxy.init new file mode 100644 index 0000000000..9ac2751b3e --- /dev/null +++ b/net/dnsproxy/files/dnsproxy.init @@ -0,0 +1,115 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2021 Tianling Shen + +USE_PROCD=1 +START=90 + +CONF="dnsproxy" +PROG="/usr/bin/dnsproxy" + +is_enabled() { + local enabled + config_get enabled "$1" "$2" "0" + if [ "$enabled" -eq "1" ]; then + return 0 + else + return 1 + fi +} + +is_empty() { + local empty + config_get empty "$1" "$2" $3 + if [ -z "$empty" ]; then + return 0 + else + return 1 + fi +} + +append_param() { + procd_append_param command "$1" $2 +} + +append_param_arg() { + local value + config_get value "$1" "$2" $4 + [ -n "$value" ] && append_param "$3" "$value" +} + +append_param_bool() { + is_enabled "$1" "$2" && append_param "--${2//_/-}" +} + +load_config_arg() { + append_param_bool "$1" "all_servers" + append_param_bool "$1" "fastest_addr" + append_param_bool "$1" "insecure" + append_param_bool "$1" "ipv6_disabled" + append_param_bool "$1" "refuse_any" + append_param_bool "$1" "verbose" +} + +load_config_list() { + is_empty "bogus_nxdomain" "ip_addr" || config_list_foreach "bogus_nxdomain" "ip_addr" "append_param '--bogus-nxdomain'" + + for i in "bootstrap" "fallback" "upstream"; do + is_empty "servers" "$i" || config_list_foreach "servers" "$i" "append_param '--$i'" + done +} + +load_config_param() { + append_param_arg "global" "listen_addr" "--listen" "127.0.0.1" + append_param_arg "global" "listen_port" "--port" "5353" + append_param_arg "global" "log_file" "--output" + append_param_arg "global" "max_go_routines" "--max-go-routines" + append_param_arg "global" "rate_limit" "--ratelimit" + append_param_arg "global" "udp_buf_size" "--udp-buf-size" + + is_enabled "cache" "enabled" && { + append_param "--cache" + append_param_bool "cache" "cache_optimistic" + append_param_arg "cache" "size" "--cache-size" + append_param_arg "cache" "min_ttl" "--cache-min-ttl" + append_param_arg "cache" "max_ttl" "--cache-max-ttl" + } + + is_enabled "dns64" "enabled" && { + append_param "--dns64" + append_param_arg "dns64" "dns64_prefix" "--dns64-prefix" + } + + is_enabled "edns" "enabled" && { + append_param "--edns" + append_param_arg "edns" "edns_addr" "--edns-addr" + } +} + +start_service() { + config_load "$CONF" + + is_enabled "global" "enabled" || exit 1 + + procd_open_instance "$CONF" + procd_set_param command "$PROG" + + load_config_arg "global" + load_config_list + load_config_param + + procd_set_param respawn + procd_set_param stdout 1 + procd_set_param stderr 1 + procd_set_param user dnsproxy + + procd_close_instance +} + +reload_service() { + stop + start +} + +service_triggers() { + procd_add_reload_trigger "$CONF" +} diff --git a/net/dnsproxy/test.sh b/net/dnsproxy/test.sh new file mode 100644 index 0000000000..60e06a25dd --- /dev/null +++ b/net/dnsproxy/test.sh @@ -0,0 +1,3 @@ +#!/bin/sh + +dnsproxy --version | grep "$PKG_VERSION" diff --git a/net/hs20/Makefile b/net/hs20/Makefile index 330fb335ac..e244f50a1c 100644 --- a/net/hs20/Makefile +++ b/net/hs20/Makefile @@ -12,6 +12,7 @@ PKG_SOURCE_NAME:=hostapd PKG_MIRROR_HASH:=1b2a4947034142587a3f81eac2ea27dd64650e77f8943d973623b47533be2393 PKG_MIRROR_VERSION:=$(PKG_SOURCE_DATE)-$(call version_abbrev,$(PKG_SOURCE_VERSION)) PKG_SOURCE:=$(PKG_SOURCE_NAME)-$(PKG_MIRROR_VERSION).tar.xz +PKG_SOURCE_SUBDIR:=$(PKG_SOURCE_NAME)-$(PKG_MIRROR_VERSION) PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)/$(PKG_SOURCE_NAME)-$(PKG_MIRROR_VERSION) PKG_MAINTAINER:=Daniel Golle diff --git a/net/httptunnel/Makefile b/net/httptunnel/Makefile new file mode 100644 index 0000000000..7340b4607e --- /dev/null +++ b/net/httptunnel/Makefile @@ -0,0 +1,41 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=httptunnel +PKG_VERSION:=3.3 +PKG_RELEASE:=$(AUTORELEASE) + +PKG_SOURCE_PROTO:=git +PKG_SOURCE_URL:=https://github.com/larsbrinkhoff/httptunnel.git +PKG_SOURCE_VERSION:=f213e0549a9ee79488a9be260495c2bae34918fb +PKG_MIRROR_HASH:=bd2168ff97db19ef03b13882d51fa61bc942f5a4ad946bb79d45b7747ea0783d + +PKG_MAINTAINER:=Toni Uhlig +PKG_LICENSE:=GPL-2.0-only +PKG_LICENSE_FILES:=COPYING + +PKG_BUILD_PARALLEL:=1 +PKG_FIXUP:=autoreconf +PKG_REMOVE_FILES:=autogen.sh +PKG_INSTALL:=1 + +include $(INCLUDE_DIR)/package.mk + +define Package/httptunnel + TITLE:=Bidirectional data stream tunnelled in HTTP requests. + SECTION:=net + CATEGORY:=Network + URL:=http://github.com/larsbrinkhoff/httptunnel.git +endef + +define Package/httptunnel/description + httptunnel creates a bidirectional virtual data path tunnelled in HTTP + requests. The requests can be sent via an HTTP proxy if so desired. +endef + +define Package/httptunnel/install + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/hts $(1)/usr/bin/hts + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/htc $(1)/usr/bin/htc +endef + +$(eval $(call BuildPackage,httptunnel)) diff --git a/net/ibrdtn-tools/Makefile b/net/ibrdtn-tools/Makefile index f717f277a9..8286b9bb3f 100644 --- a/net/ibrdtn-tools/Makefile +++ b/net/ibrdtn-tools/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=ibrdtn-tools PKG_VERSION:=1.0.1 -PKG_RELEASE:=3 +PKG_RELEASE:=4 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://www.ibr.cs.tu-bs.de/projects/ibr-dtn/releases @@ -36,6 +36,8 @@ endef CONFIGURE_ARGS += \ --without-libdaemon +TARGET_CXXFLAGS += -std=c++11 + define Package/ibrdtn-tools/install $(INSTALL_DIR) $(1)/usr/bin/ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/dtnping $(1)/usr/bin/dtnping diff --git a/net/ibrdtnd/Makefile b/net/ibrdtnd/Makefile index c23bc325c7..f3e4bb5d0a 100644 --- a/net/ibrdtnd/Makefile +++ b/net/ibrdtnd/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=ibrdtnd PKG_VERSION:=1.0.1 -PKG_RELEASE:=6 +PKG_RELEASE:=7 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://www.ibr.cs.tu-bs.de/projects/ibr-dtn/releases @@ -46,6 +46,8 @@ CONFIGURE_ARGS += \ --without-vmime \ --disable-libdaemon +TARGET_CXXFLAGS += -std=c++11 + define Package/ibrdtnd/install $(INSTALL_DIR) $(1)/usr/sbin/ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/dtnd $(1)/usr/sbin/ diff --git a/net/iperf/Makefile b/net/iperf/Makefile index 5757875966..d071d0c031 100644 --- a/net/iperf/Makefile +++ b/net/iperf/Makefile @@ -8,11 +8,11 @@ include $(TOPDIR)/rules.mk PKG_NAME:=iperf -PKG_VERSION:=2.0.13 -PKG_RELEASE:=3 +PKG_VERSION:=2.1.3 +PKG_RELEASE:=$(AUTORELEASE) PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_HASH:=c88adec966096a81136dda91b4bd19c27aae06df4d45a7f547a8e50d723778ad +PKG_HASH:=dfe2197e2842fe9c9d9677bf1cb20a5a9ccfcb9a9de79f9927c39f73204ba003 PKG_SOURCE_URL:=@SF/iperf2 PKG_MAINTAINER:=Felix Fietkau diff --git a/net/iperf/patches/0003-fix-non-ipv6-builds.patch b/net/iperf/patches/0003-fix-non-ipv6-builds.patch deleted file mode 100644 index c6afa3e160..0000000000 --- a/net/iperf/patches/0003-fix-non-ipv6-builds.patch +++ /dev/null @@ -1,20 +0,0 @@ ---- a/src/Listener.cpp -+++ b/src/Listener.cpp -@@ -723,6 +723,7 @@ int Listener::L2_setup (void) { - - // Now optimize packet flow up the raw socket - // Establish the flow BPF to forward up only "connected" packets to this raw socket -+#ifdef HAVE_IPV6 - if (l->sa_family == AF_INET6) { - #ifdef HAVE_IPV6 - struct in6_addr *v6peer = SockAddr_get_in6_addr(&server->peer); -@@ -740,6 +741,9 @@ int Listener::L2_setup (void) { - return -1; - #endif /* HAVE_IPV6 */ - } else { -+#else -+ { -+#endif - rc = SockAddr_v4_Connect_BPF(server->mSock, ((struct sockaddr_in *)(l))->sin_addr.s_addr, ((struct sockaddr_in *)(p))->sin_addr.s_addr, ((struct sockaddr_in *)(l))->sin_port, ((struct sockaddr_in *)(p))->sin_port); - WARN_errno( rc == SOCKET_ERROR, "l2 connect ip bpf"); - } diff --git a/net/iperf/patches/010-libcxx.patch b/net/iperf/patches/010-libcxx.patch deleted file mode 100644 index cf0124232f..0000000000 --- a/net/iperf/patches/010-libcxx.patch +++ /dev/null @@ -1,12 +0,0 @@ ---- a/config.h.in -+++ b/config.h.in -@@ -360,7 +360,9 @@ - #undef _REENTRANT - - /* */ -+#ifndef __cplusplus - #undef bool -+#endif - - /* Define to empty if `const' does not conform to ANSI C. */ - #undef const diff --git a/net/iperf/patches/020-math.patch b/net/iperf/patches/020-math.patch deleted file mode 100644 index da255c2042..0000000000 --- a/net/iperf/patches/020-math.patch +++ /dev/null @@ -1,24 +0,0 @@ ---- a/src/pdfs.c -+++ b/src/pdfs.c -@@ -80,7 +80,7 @@ float box_muller(void) { - fprintf(stderr, "pdf box_muller() rand() error\n"); - return 0; - } else { -- w = sqrt( (-2.0 * log( w ) ) / w ); -+ w = sqrt( (-2.0 * logf( w ) ) / w ); - y1 = x1 * w; - y2 = x2 * w; - } -@@ -93,8 +93,8 @@ float normal(float mean, float variance) - } - - float lognormal(float mu, float sigma) { -- float phi = sqrt((mu * mu) + (sigma * sigma)); -- float mu_prime = log(((mu * mu)/phi)); -- float sigma_prime = sqrt(log((phi * phi)/(mu * mu))); -- return (exp(normal(mu_prime,sigma_prime))); -+ float phi = sqrtf((mu * mu) + (sigma * sigma)); -+ float mu_prime = logf(((mu * mu)/phi)); -+ float sigma_prime = sqrtf(logf((phi * phi)/(mu * mu))); -+ return (expf(normal(mu_prime,sigma_prime))); - } diff --git a/net/irssi/Makefile b/net/irssi/Makefile index 95e841f484..554f3115de 100644 --- a/net/irssi/Makefile +++ b/net/irssi/Makefile @@ -8,14 +8,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=irssi -PKG_VERSION:=1.2.2 -PKG_RELEASE:=1 +PKG_VERSION:=1.2.3 +PKG_RELEASE:=$(AUTORELEASE) PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://github.com/irssi/irssi/releases/download/$(PKG_VERSION)/ -PKG_HASH:=6727060c918568ba2ff4295ad736128dba0b995d7b20491bca11f593bd857578 +PKG_HASH:=a647bfefed14d2221fa77b6edac594934dc672c4a560417b1abcbbc6b88d769f -PKG_LICENSE:=GPL-2.0 +PKG_LICENSE:=GPL-2.0-or-later PKG_LICENSE_FILES:=COPYING PKG_CPE_ID:=cpe:/a:irssi:irssi diff --git a/net/irssi/test.sh b/net/irssi/test.sh new file mode 100644 index 0000000000..31804af793 --- /dev/null +++ b/net/irssi/test.sh @@ -0,0 +1,3 @@ +#!/bin/sh + +irssi --version 2>&1 | grep "$2" diff --git a/net/kea/patches/030-gcc11.patch b/net/kea/patches/030-gcc11.patch new file mode 100644 index 0000000000..51108154c7 --- /dev/null +++ b/net/kea/patches/030-gcc11.patch @@ -0,0 +1,21 @@ +--- a/src/lib/database/backend_selector.cc ++++ b/src/lib/database/backend_selector.cc +@@ -6,7 +6,7 @@ + + #include + #include +-#include ++#include + #include + + using namespace isc::data; +--- a/src/lib/dhcpsrv/subnet_id.h ++++ b/src/lib/dhcpsrv/subnet_id.h +@@ -10,6 +10,7 @@ + #include + #include + #include ++#include + + namespace isc { + namespace dhcp { diff --git a/net/knot/Makefile b/net/knot/Makefile index 756c858705..12fda09640 100644 --- a/net/knot/Makefile +++ b/net/knot/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=knot -PKG_VERSION:=3.0.7 +PKG_VERSION:=3.0.8 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://secure.nic.cz/files/knot-dns/ -PKG_HASH:=2bad8be0be95c8f54a26d1e16299e65f31ae1b34bd6ad3819aa50e7b40521484 +PKG_HASH:=df723949c19ebecf9a7118894c3127e292eb09dc7274b5ce9b527409f42edfb0 PKG_MAINTAINER:=Daniel Salzman PKG_LICENSE:=GPL-3.0 LGPL-2.0 0BSD BSD-3-Clause OLDAP-2.8 diff --git a/net/kplex/Makefile b/net/kplex/Makefile index 1c0aae9935..edccb5cc1b 100644 --- a/net/kplex/Makefile +++ b/net/kplex/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=kplex PKG_VERSION:=1.4 -PKG_RELEASE=2 +PKG_RELEASE=3 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tgz PKG_SOURCE_URL:=http://www.stripydog.com/download diff --git a/net/kplex/patches/100-add-support-for-Sierra-Wireless-qcserial-NMEA-0183-i.patch b/net/kplex/patches/100-add-support-for-Sierra-Wireless-qcserial-NMEA-0183-i.patch new file mode 100644 index 0000000000..359f31d77f --- /dev/null +++ b/net/kplex/patches/100-add-support-for-Sierra-Wireless-qcserial-NMEA-0183-i.patch @@ -0,0 +1,65 @@ +From a3dec2cbe5e539b5a270bed86eed78b283c79cdb Mon Sep 17 00:00:00 2001 +From: Daniel Golle +Date: Thu, 27 May 2021 01:18:20 +0200 +Subject: [PATCH] add support for Sierra Wireless qcserial NMEA-0183 interface + +Sierra Wireless EM 74xx modems come with a serial port outputting +NMEA-0183 GPS sentences. In order to make it work, the magic string +'$GPS_START' needs to be written to the modem, as only then the modem +firmware starts sending NMEA-0183 output. +Add option 'sierragpsstart' which if set to anything else than 0 will +make kplex send the magic string when the device is opened. +--- + serial.c | 13 ++++++++++--- + 1 file changed, 10 insertions(+), 3 deletions(-) + +--- a/serial.c ++++ b/serial.c +@@ -24,6 +24,7 @@ + #include + + #define DEFSERIALQSIZE 32 ++#define SIERRA_GPS_START "$GPS_START\n" + + struct if_serial { + int fd; +@@ -290,7 +291,8 @@ struct iface *init_serial (struct iface + int ret; + struct kopts *opt; + int qsize=DEFSERIALQSIZE; +- ++ int send_gps_start = 0; ++ + for(opt=ifa->options;opt;opt=opt->next) { + if (!strcasecmp(opt->var,"filename")) + devname=opt->val; +@@ -324,7 +326,9 @@ struct iface *init_serial (struct iface + logerr(0,"Invalid queue size specified: %s",opt->val); + return(NULL); + } +- } else { ++ } else if (!strcasecmp(opt->var, "sierragpsstart")) { ++ send_gps_start=atoi(opt->val); ++ } else { + logerr(0,"unknown interface option %s",opt->var); + return(NULL); + } +@@ -337,7 +341,7 @@ struct iface *init_serial (struct iface + } + + /* Open interface or die */ +- if ((ifs->fd=ttyopen(devname,ifa->direction)) < 0) { ++ if ((ifs->fd=ttyopen(devname, send_gps_start?BOTH:ifa->direction)) < 0) { + return(NULL); + } + DEBUG(3,"%s: opened serial device %s for %s",ifa->name,devname, +@@ -358,6 +362,9 @@ struct iface *init_serial (struct iface + ifs->saved=1; + ifs->slavename=NULL; + ++ if (send_gps_start) ++ write(ifs->fd, SIERRA_GPS_START, strlen(SIERRA_GPS_START)); ++ + /* Assign pointers to read, write and cleanup routines */ + ifa->read=do_read; + ifa->readbuf=read_serial; diff --git a/net/linuxptp/Makefile b/net/linuxptp/Makefile index e804cf527c..2a30c8bb34 100644 --- a/net/linuxptp/Makefile +++ b/net/linuxptp/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=linuxptp -PKG_VERSION:=3.1 +PKG_VERSION:=3.1.1 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tgz PKG_SOURCE_URL:=@SF/$(PKG_NAME)/v$(PKG_VERSION) -PKG_HASH:=f58f5b11cf14dc7c4f7c9efdfb27190e43d02cf20c3525f6639edac10528ce7d +PKG_HASH:=94d6855f9b7f2d8e9b0ca6d384e3fae6226ce6fc012dbad02608bdef3be1c0d9 PKG_MAINTAINER:=Wojciech Dubowik PKG_LICENSE:=GPL-2.0 diff --git a/net/lksctp-tools/Makefile b/net/lksctp-tools/Makefile index a57c336d68..1cb4ea9731 100644 --- a/net/lksctp-tools/Makefile +++ b/net/lksctp-tools/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=lksctp-tools -PKG_VERSION:=1.0.18 -PKG_RELEASE:=1 +PKG_VERSION:=1.0.19 +PKG_RELEASE:=$(AUTORELEASE) PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/sctp/lksctp-tools/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=3e9ab5b3844a8b65fc8152633aafe85f406e6da463e53921583dfc4a443ff03a +PKG_HASH:=9251b1368472fb55aaeafe4787131bdde4e96758f6170620bc75b638449cef01 PKG_MAINTAINER:= PKG_LICENSE:=GPL-2.0 diff --git a/net/lksctp-tools/patches/010-build-fix-netinet-sctp.h-not-to-be-installed.patch b/net/lksctp-tools/patches/010-build-fix-netinet-sctp.h-not-to-be-installed.patch deleted file mode 100644 index 389138a814..0000000000 --- a/net/lksctp-tools/patches/010-build-fix-netinet-sctp.h-not-to-be-installed.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 378560050a8f93786c590cc99a55461666205b61 Mon Sep 17 00:00:00 2001 -From: Xin Long -Date: Fri, 24 Aug 2018 01:13:32 +0800 -Subject: [PATCH] build: fix netinet/sctp.h not to be installed - -After libcnetinet_HEADERS was set to sctp.h.in, netinet/sctp.h can -no longer be installed into ${includedir}. - -Since "AC_CONFIG_HEADERS([src/include/netinet/sctp.h])" is already -added into configure.ac, there's no need to generate sctp.h by -automake. - -So we simply set libcnetinet_HEADERS back to sctp.h. - -Fixes: 9607dd85e70a ("netinet/sctp.h: dynamically build based on system setup") -Signed-off-by: Xin Long -Signed-off-by: Marcelo Ricardo Leitner ---- - src/include/netinet/Makefile.am | 3 +-- - 1 file changed, 1 insertion(+), 2 deletions(-) - ---- a/src/include/netinet/Makefile.am -+++ b/src/include/netinet/Makefile.am -@@ -11,5 +11,4 @@ libcnetinetdir = $(includedir)/netinet - # API. - include_HEADERS = - --libcnetinet_HEADERS = sctp.h.in --BUILT_SOURCES = sctp.h -+libcnetinet_HEADERS = sctp.h diff --git a/net/miniupnpd/Makefile b/net/miniupnpd/Makefile index c6152648ec..519e151522 100644 --- a/net/miniupnpd/Makefile +++ b/net/miniupnpd/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=miniupnpd PKG_VERSION:=2.2.2 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_SOURCE_URL:=https://miniupnp.tuxfamily.org/files PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz diff --git a/net/miniupnpd/files/miniupnpd.init b/net/miniupnpd/files/miniupnpd.init index a37c5e8a73..cc13e04407 100644 --- a/net/miniupnpd/files/miniupnpd.init +++ b/net/miniupnpd/files/miniupnpd.init @@ -62,7 +62,6 @@ upnpd() { local use_stun stun_host stun_port uuid notify_interval presentation_url local upnp_lease_file clean_ruleset_threshold clean_ruleset_interval local ipv6_disable - local ext_ip_reserved_ignore local enabled config_get_bool enabled config enabled 1 @@ -90,7 +89,6 @@ upnpd() { config_get clean_ruleset_threshold config clean_ruleset_threshold config_get clean_ruleset_interval config clean_ruleset_interval config_get ipv6_disable config ipv6_disable 0 - config_get ext_ip_reserved_ignore config ext_ip_reserved_ignore 0 local conf ifname ifname6 @@ -143,7 +141,6 @@ upnpd() { upnpd_write_bool igdv1 0 force_igd_desc_v1 upnpd_write_bool use_stun 0 ext_perform_stun upnpd_write_bool ipv6_disable $ipv6_disable - upnpd_write_bool ext_ip_reserved_ignore $ext_ip_reserved_ignore [ "$use_stun" -eq 0 ] || { [ -n "$stun_host" ] && echo "ext_stun_host=$stun_host" diff --git a/net/miniupnpd/patches/301-ext_ip_reserved_ignore.patch b/net/miniupnpd/patches/301-ext_ip_reserved_ignore.patch deleted file mode 100644 index 5ec145e713..0000000000 --- a/net/miniupnpd/patches/301-ext_ip_reserved_ignore.patch +++ /dev/null @@ -1,110 +0,0 @@ -commit cb046cfef1d6b954d3fc09f09a1fc3a7ffeb7593 -Author: Chen Minqiang -Date: Sun Jul 5 10:42:52 2020 +0800 - - options: ext_ip_reserved_ignore support - - This make the port forwarding force to work even - when the router is behind NAT - - Signed-off-by: Chen Minqiang - ---- a/getifaddr.c -+++ b/getifaddr.c -@@ -25,6 +25,7 @@ - #if defined(USE_GETIFADDRS) || defined(ENABLE_IPV6) || defined(ENABLE_PCP) - #include - #endif -+#include "upnpglobalvars.h" - - int - getifaddr(const char * ifname, char * buf, int len, -@@ -295,6 +296,11 @@ addr_is_reserved(struct in_addr * addr) - uint32_t address = ntohl(addr->s_addr); - size_t i; - -+ if(GETFLAG(EXTIPRESERVEDIGNOREMASK)) { -+ syslog(LOG_NOTICE, "private/reserved address checking is ignored"); -+ return 0; -+ } -+ - for (i = 0; i < sizeof(reserved)/sizeof(reserved[0]); ++i) { - if ((address >> reserved[i].rmask) == (reserved[i].address >> reserved[i].rmask)) - return 1; ---- a/miniupnpd.c -+++ b/miniupnpd.c -@@ -1241,6 +1241,10 @@ init(int argc, char * * argv, struct run - case UPNPEXT_IP: - use_ext_ip_addr = ary_options[i].value; - break; -+ case UPNPEXT_IP_RESERVED_IGNORE: -+ if(strcmp(ary_options[i].value, "yes") == 0) -+ SETFLAG(EXTIPRESERVEDIGNOREMASK); -+ break; - case UPNPEXT_PERFORM_STUN: - if(strcmp(ary_options[i].value, "yes") == 0) - SETFLAG(PERFORMSTUNMASK); ---- a/miniupnpd.conf -+++ b/miniupnpd.conf -@@ -9,6 +9,8 @@ - # Setting ext_ip is also useful in double NAT setup, you can declare here - # the public IP address. - #ext_ip= -+#ignore even if ext_ip is reserved: default is no -+#ext_ip_reserved_ignore=yes - # WAN interface must have public IP address. Otherwise it is behind NAT - # and port forwarding is impossible. In some cases WAN interface can be - # behind unrestricted full-cone NAT 1:1 when all incoming traffic is NAT-ed and ---- a/options.c -+++ b/options.c -@@ -34,6 +34,7 @@ static const struct { - { UPNPEXT_IFNAME6, "ext_ifname6" }, - #endif - { UPNPEXT_IP, "ext_ip" }, -+ { UPNPEXT_IP_RESERVED_IGNORE, "ext_ip_reserved_ignore" }, - { UPNPEXT_PERFORM_STUN, "ext_perform_stun" }, - { UPNPEXT_STUN_HOST, "ext_stun_host" }, - { UPNPEXT_STUN_PORT, "ext_stun_port" }, ---- a/options.h -+++ b/options.h -@@ -21,6 +21,7 @@ enum upnpconfigoptions { - UPNPEXT_IFNAME6, /* ext_ifname6 */ - #endif - UPNPEXT_IP, /* ext_ip */ -+ UPNPEXT_IP_RESERVED_IGNORE, /* ignore if ext_ip is reserved */ - UPNPEXT_PERFORM_STUN, /* ext_perform_stun */ - UPNPEXT_STUN_HOST, /* ext_stun_host */ - UPNPEXT_STUN_PORT, /* ext_stun_port */ ---- a/testgetifaddr.c -+++ b/testgetifaddr.c -@@ -13,6 +13,8 @@ - #include "config.h" - #include "getifaddr.h" - -+int runtime_flags = 0; -+ - #if defined(__sun) - /* solaris 10 does not define LOG_PERROR */ - #define LOG_PERROR 0 ---- a/testportinuse.c -+++ b/testportinuse.c -@@ -14,6 +14,8 @@ - #include "config.h" - #include "portinuse.h" - -+int runtime_flags = 0; -+ - int main(int argc, char * * argv) - { - #ifndef CHECK_PORTINUSE ---- a/upnpglobalvars.h -+++ b/upnpglobalvars.h -@@ -84,6 +84,8 @@ extern int runtime_flags; - - #define PERFORMSTUNMASK 0x1000 - -+#define EXTIPRESERVEDIGNOREMASK 0x2000 -+ - #define SETFLAG(mask) runtime_flags |= mask - #define GETFLAG(mask) (runtime_flags & mask) - #define CLEARFLAG(mask) runtime_flags &= ~mask diff --git a/net/mwan3/Makefile b/net/mwan3/Makefile index e292966531..614c68b0c5 100644 --- a/net/mwan3/Makefile +++ b/net/mwan3/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=mwan3 -PKG_VERSION:=2.10.10 +PKG_VERSION:=2.10.11 PKG_RELEASE:=1 PKG_MAINTAINER:=Florian Eckert , \ Aaron Goodman diff --git a/net/mwan3/files/usr/sbin/mwan3 b/net/mwan3/files/usr/sbin/mwan3 index 51f4686760..1ba6004bb4 100755 --- a/net/mwan3/files/usr/sbin/mwan3 +++ b/net/mwan3/files/usr/sbin/mwan3 @@ -6,27 +6,34 @@ . /lib/mwan3/mwan3.sh . /lib/mwan3/common.sh +command_help() { + local cmd="$1" + local help="$2" + + echo "$(printf "%-25s%s" "${cmd}" "${help}")" +} + help() { cat < Load rules and routes for specific interface - ifdown Unload rules and routes for specific interface - interfaces Show interfaces status - policies Show currently active policy - connected Show directly connected networks - rules Show active rules - status Show all status - use Run a command bound to and avoid mwan3 rules EOF + command_help "start" "Load iptables rules, ip rules and ip routes" + command_help "stop" "Unload iptables rules, ip rules and ip routes" + command_help "restart" "Reload iptables rules, ip rules and ip routes" + command_help "ifup " "Load rules and routes for specific interface" + command_help "ifdown " "Unload rules and routes for specific interface" + command_help "interfaces" "Show interfaces status" + command_help "policies" "Show currently active policy" + command_help "connected" "Show directly connected networks" + command_help "rules" "Show active rules" + command_help "status" "Show all status" + command_help "internal " "Show internal configuration " + command_help "use " "Run a command bound to and avoid mwan3 rules" } - ifdown() { if [ -z "$1" ]; then echo "Error: Expecting interface. Usage: mwan3 ifdown " @@ -107,6 +114,92 @@ status() rules } +internal() +{ + local family="$1" + local dash="-------------------------------------------------" + + if [ -f "/etc/openwrt_release" ]; then + . /etc/openwrt_release + fi + + local ipt ip output + + if [ "$family" = "ipv6" ]; then + ipt="$IPT6" + ip="$IP6" + else + ipt="$IPT4" + ip="$IP4" + fi + + echo "Software-Version" + echo "$dash" + + if [ "$DISTRIB_RELEASE" != "" ]; then + echo "OpenWrt - $DISTRIB_RELEASE" + else + echo "OpenWrt - unknown" + fi + + echo "" + echo "Output of \"$ip a show\"" + echo "$dash" + output="$($ip a show)" + if [ "$output" != "" ]; then + echo "$output" + else + echo "No data found" + fi + + echo "" + echo "Output of \"$ip route show\"" + echo "$dash" + output="$($ip route show)" + if [ "$output" != "" ]; then + echo "$output" + else + echo "No data found" + fi + + echo "" + echo "Output of \"$ip rule show\"" + echo "$dash" + output="$($ip rule show)" + if [ "$output" != "" ]; then + echo "$output" + else + echo "No data found" + fi + + echo "" + echo "Output of \"$ip route list table 1-250\"" + echo "$dash" + local dump=0 + for i in $(seq 1 250); do + output=$($ip route list table $i 2>/dev/null) + if [ "$output" != "" ];then + dump=1 + echo "Routing table $i:" + echo "$output" + echo "" + fi + done + if [ "$dump" = "0" ]; then + echo "No data found" + echo "" + fi + + echo "Output of \"$ipt -L -v -n\"" + echo "$dash" + output="$($ipt -L -v -n)" + if [ "$output" != "" ]; then + echo "$output" + else + echo "No data found" + fi +} + start() { /etc/init.d/mwan3 enable /etc/init.d/mwan3 start @@ -148,7 +241,7 @@ use() { } case "$1" in - ifup|ifdown|interfaces|policies|connected|rules|status|start|stop|restart|use) + ifup|ifdown|interfaces|policies|connected|rules|status|start|stop|restart|use|internal) mwan3_init # shellcheck disable=SC2048 $* diff --git a/net/nut/Makefile b/net/nut/Makefile index c26c5832c2..0cc4afc320 100644 --- a/net/nut/Makefile +++ b/net/nut/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=nut PKG_VERSION:=2.7.4 -PKG_RELEASE:=22 +PKG_RELEASE:=23 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://www.networkupstools.org/source/2.7/ @@ -542,6 +542,8 @@ CONFIGURE_ARGS += \ $(if $(CONFIG_PACKAGE_nut-web-cgi),--with-gd-includes="`pkg-config --cflags gdlib`") \ $(if $(CONFIG_PACKAGE_nut-web-cgi),--with-gd-libs="`pkg-config --libs gdlib`") +TARGET_CXXFLAGS += -std=c++98 + define Build/InstallDev $(INSTALL_DIR) $(1)/usr/include $(1)/usr/lib/pkgconfig $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib*.so* $(1)/usr/lib/ diff --git a/net/openvpn/Config-openssl.in b/net/openvpn/Config-openssl.in index 335bbaa2c4..7a7be74db9 100644 --- a/net/openvpn/Config-openssl.in +++ b/net/openvpn/Config-openssl.in @@ -2,7 +2,7 @@ if PACKAGE_openvpn-openssl config OPENVPN_openssl_ENABLE_LZO bool "Enable LZO compression support" - default n + default y config OPENVPN_openssl_ENABLE_LZ4 bool "Enable LZ4 compression support" diff --git a/net/openvpn/Makefile b/net/openvpn/Makefile index 8afad6f151..8bab17a40f 100644 --- a/net/openvpn/Makefile +++ b/net/openvpn/Makefile @@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openvpn PKG_VERSION:=2.5.3 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE_URL:=\ https://build.openvpn.net/downloads/releases/ \ diff --git a/net/openvpn/files/openvpn.config b/net/openvpn/files/openvpn.config index 57fb385d7f..ea442c7656 100644 --- a/net/openvpn/files/openvpn.config +++ b/net/openvpn/files/openvpn.config @@ -300,6 +300,9 @@ config openvpn sample_server # # LZ4 requires OpenVPN 2.4+ client and server # option compress lz4 + # LZO is available by default only in openvpn-openssl variant + # LZO is compatible with most OpenVPN versions +# option compress lzo # Control how OpenVPN handles peers using compression # @@ -492,6 +495,9 @@ config openvpn sample_client # # LZ4 requires OpenVPN 2.4+ on server and client # option compress lz4 + # LZO is available by default only in openvpn-openssl variant + # LZO is compatible with most OpenVPN versions +# option compress lzo # Set log file verbosity. option verb 3 diff --git a/net/openvswitch/Config.in b/net/openvswitch/Config.in new file mode 100644 index 0000000000..ba17072f89 --- /dev/null +++ b/net/openvswitch/Config.in @@ -0,0 +1,8 @@ +menu "Configuration" + depends on PACKAGE_openvswitch + + config OPENVSWITCH_WITH_LIBUNBOUND + bool + default y + prompt "Build with libunbound library." +endmenu diff --git a/net/openvswitch/Makefile b/net/openvswitch/Makefile index 312cae4638..6883ba4ba2 100644 --- a/net/openvswitch/Makefile +++ b/net/openvswitch/Makefile @@ -17,7 +17,7 @@ include ./openvswitch.mk # PKG_NAME:=openvswitch PKG_VERSION:=$(ovs_version) -PKG_RELEASE:=1 +PKG_RELEASE:=6 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://www.openvswitch.org/releases/ PKG_HASH:=7d5797f2bf2449c6a266149e88f72123540f7fe7f31ad52902057ae8d8f88c38 @@ -40,6 +40,9 @@ include $(INCLUDE_DIR)/package.mk include ../../lang/python/python3-host.mk include ../../lang/python/python3-package.mk +define Package/openvswitch/config +source "$(SOURCE)/Config.in" +endef ovs_kmod_packages:= ovs_kmod_intree_kernel_patchver_min:=3.10 @@ -150,8 +153,11 @@ $(eval $(call OvsKmodPackageTemplate,openvswitch-lisp-intree)) # ovs_libopenvswitch_title:=Open vSwitch (libopenvswitch.so) ovs_libopenvswitch_hidden:=1 -ovs_libopenvswitch_depends:=+libopenssl +libunbound +!(arc||arceb):libunwind +ovs_libopenvswitch_depends:=+libopenssl +!(arc||arceb):libunwind ovs_libopenvswitch_depends+=+libatomic +ifeq ($(CONFIG_KEEPALIVED_ROUTES),y) +ovs_libopenvswitch_depends+=+libunbound +endif ovs_libopenvswitch_files:=usr/lib/libopenvswitch*.so* $(eval $(call OvsPackageTemplate,libopenvswitch)) @@ -243,6 +249,7 @@ CONFIGURE_ARGS+= \ --disable-silent-rules \ CONFIGURE_VARS += \ + $(if $(CONFIG_OPENVSWITCH_WITH_LIBUNBOUND),,ac_cv_lib_unbound_ub_ctx_create=no) \ ovs_cv_flake8=no \ ovs_cv_python3=$(PYTHON3) \ ovs_cv_python3_host=$(HOST_PYTHON3_BIN) \ diff --git a/net/openvswitch/README.md b/net/openvswitch/README.md index 9008a886b8..5cc8bbffe5 100644 --- a/net/openvswitch/README.md +++ b/net/openvswitch/README.md @@ -63,17 +63,42 @@ E.g. replace in-tree datapath module with upstream version # UCI configuration options -There are 4 config section types in package openvswitch: +There are 5 config section types in package openvswitch: ovs ovn_northd, ovn_controller & ovs_bridge. Each of these supports a disabled option, which should be set to 0 to launch the respective daemons. +The ovs section section also supports the options below, to configure a set of +SSL CA, certificate and private key. After adding these to Open vSwitch, you +may specify ssl: connection methods for e.g. the OpenFlow controller. Note that +Open vSwitch only reads these files during startup, so it needs to be restarted +after adding or changing these options. + +| Name | Type | Required | Default | Description | +|----------|---------|----------|---------|-----------------------------------| +| disabled | boolean | no | 0 | If set to 1, do not configure SSL | +| ca | string | no | (none) | Path to CA certificate | +| cert | string | no | (none) | Path to certificate | +| key | string | no | (none) | Path to private key | + The ovs_bridge section also supports the options below, for initialising a virtual bridge with an OpenFlow controller. -| Name | Type | Required | Default | Description | -|------------|---------|----------|--------------------------------|------------------------------------------------------------| -| disabled | boolean | no | 0 | If set to true, disable initialisation of the named bridge | -| name | string | no | Inherits UCI config block name | The name of the switch in the OVS daemon | -| controller | string | no | (none) | The endpoint of an OpenFlow controller for this bridge | +| Name | Type | Required | Default | Description | +|-------------|---------|----------|--------------------------------|------------------------------------------------------------| +| disabled | boolean | no | 0 | If set to true, disable initialisation of the named bridge | +| name | string | no | Inherits UCI config block name | The name of the switch in the OVS daemon | +| controller | string | no | (none) | The endpoint of an OpenFlow controller for this bridge | +| datapath_id | string | no | (none) | The OpenFlow datapath ID for this bridge | + +The ovs_port section can be used to add ports to a bridge. It supports the options below. + +| Name | Type | Required | Default | Description +| ---------|---------|----------|---------|------------------------------------------------| +| disabled | boolean | no | 0 | If set to 1, do not add the port to the bridge | +| bridge | string | yes | (none) | Name of the bridge to add the port to | +| port | string | yes | (none) | Name of the port to add to the bridge | +| ofport | integer | no | (none) | OpenFlow port number to be used by the port | +| tag | integer | no | (none) | 802.1Q VLAN tag to set on the port | +| type | string | no | (none) | Port type, e.g. internal, erspan, type, ... | diff --git a/net/openvswitch/files/openvswitch.config b/net/openvswitch/files/openvswitch.config index 88c2ebc254..c812b7dd67 100644 --- a/net/openvswitch/files/openvswitch.config +++ b/net/openvswitch/files/openvswitch.config @@ -1,5 +1,8 @@ config ovs ovs option disabled 1 + option ca '/etc/openvswitch/example_ca.crt' + option cert '/etc/openvswitch/example_cert.crt' + option key '/etc/openvswitch/example_key.crt' config ovn_northd north option disabled 1 @@ -10,4 +13,13 @@ config ovn_controller controller config ovs_bridge option disabled 1 option name 'my-bridge' - option controller 'tcp:192.168.0.1' \ No newline at end of file + option controller 'tcp:192.168.0.1' + option datapath_id '' + +config ovs_port + option disabled 1 + option bridge 'my-bridge' + option port 'ovs-port1' + option ofport '1' + option tag '123' + option type 'internal' diff --git a/net/openvswitch/files/openvswitch.init b/net/openvswitch/files/openvswitch.init index 0789021c37..229e6869b9 100755 --- a/net/openvswitch/files/openvswitch.init +++ b/net/openvswitch/files/openvswitch.init @@ -7,6 +7,8 @@ . /lib/functions/procd.sh START=15 +basescript=$(readlink "$initscript") + ovs_ctl="/usr/share/openvswitch/scripts/ovs-ctl"; [ -x "$ovs_ctl" ] || ovs_ctl=: ovn_ctl="/usr/share/ovn/scripts/ovn-ctl"; [ -x "$ovn_ctl" ] || ovn_ctl=: @@ -59,7 +61,12 @@ ovs_action() { config_foreach "ovs_xx" "$cfgtype" "$action" "$cfgtype" done - config_foreach ovs_bridge_init "ovs_bridge" + case "$action" in + restart|start) + config_foreach ovs_bridge_init "ovs_bridge" + ;; + esac + } ovs_xx() { @@ -82,7 +89,8 @@ ovs_xx() { case "$cfgtype" in ovs) "$ovs_ctl" "$action" \ - --system-id=random + --system-id=random 1000>&- + ovs_set_ssl ;; ovn_*) "$ovn_ctl" "${action}_${cfgtype#ovn_}" @@ -116,6 +124,47 @@ ovs_bridge_port_add() { __port_list="$__port_list ${port} " } +ovs_bridge_port_add_complex() { + local cfg="$1" + local cur_bridge="$2" + + local bridge disabled ofport port tag type + local cur_tag cur_type del_port + + config_get_bool disabled "$cfg" disabled 0 + [ "$disabled" = "0" ] || return + + config_get bridge "$cfg" bridge + [ "$bridge" = "$cur_bridge" ] || return + ovs-vsctl br-exists "$bridge" || return + + config_get port "$cfg" port + [ -n "$port" ] || return + + config_get ofport "$cfg" ofport + + config_get tag "$cfg" tag + if [ -n "$tag" ]; then + if cur_tag="$(ovs-vsctl get port "$port" tag 2>/dev/null)"; then + [ "$tag" = "$cur_tag" ] || del_port=1 + fi + fi + + config_get type "$cfg" type + if [ -n "$type" ]; then + if cur_type="$(ovs-vsctl get interface "$port" type 2>/dev/null)"; then + [ "$type" = "$cur_type" ] || del_port=1 + fi + fi + + [ "${del_port:-0}" -eq 1 ] && ovs-vsctl --if-exists del-port "$bridge" "$port" + + ovs-vsctl --may-exist add-port "$bridge" "$port" ${tag:+tag="$tag"} \ + ${ofport:+ -- set interface "$port" ofport_request="$ofport"} \ + ${type:+ -- set interface "$port" type="$type"} + __port_list="$__port_list ${port} " +} + ovs_bridge_port_cleanup() { for port in `ovs-vsctl list-ports "$name"`; do case "$__port_list" in @@ -125,12 +174,26 @@ ovs_bridge_port_cleanup() { done } +ovs_bridge_validate_datapath_id() { + local dpid="$1" + + if expr "$dpid" : '[[:xdigit:]]\{16\}$' > /dev/null; then + return 0 + elif expr "$dpid" : '0x[[:xdigit:]]\{1,16\}$' > /dev/null; then + return 0 + else + logger -t openvswitch "invalid datapath_id: $dpid" + return 1 + fi +} + ovs_bridge_init() { local cfg="$1" local disabled local name local controller + local datapath_id config_get_bool disabled "$cfg" disabled 0 [ "$disabled" == "0" ] || return @@ -138,7 +201,15 @@ ovs_bridge_init() { config_get name "$cfg" name $cfg ovs-vsctl --may-exist add-br "$name" + config_get datapath_id "$cfg" datapath_id + [ -n "$datapath_id" ] && { + ovs_bridge_validate_datapath_id "$datapath_id" && { + ovs-vsctl --if-exists set bridge "$name" other-config:datapath-id="$datapath_id" + } + } + config_list_foreach "$cfg" "ports" ovs_bridge_port_add + config_foreach ovs_bridge_port_add_complex ovs_port "$name" config_get_bool drop "$cfg" "drop_unknown_ports" 0 [ "$drop" == 1 ] && ovs_bridge_port_cleanup @@ -146,3 +217,14 @@ ovs_bridge_init() { [ -n "$controller" ] && \ ovs-vsctl set-controller "$name" "$controller" } + +ovs_set_ssl() { + local ca="$(uci -q get openvswitch.ovs.ca)" + [ -f "$ca" ] || return + local cert="$(uci get openvswitch.ovs.cert)" + [ -f "$cert" ] || return + local key="$(uci get openvswitch.ovs.key)" + [ -f "$key" ] || return + + ovs-vsctl set-ssl "$key" "$cert" "$ca" +} diff --git a/net/openvswitch/patches/0002-python-separate-host-target-python-for-cross-compile.patch b/net/openvswitch/patches/0002-python-separate-host-target-python-for-cross-compile.patch index 2c86a3048f..434b56e670 100644 --- a/net/openvswitch/patches/0002-python-separate-host-target-python-for-cross-compile.patch +++ b/net/openvswitch/patches/0002-python-separate-host-target-python-for-cross-compile.patch @@ -22,7 +22,7 @@ Signed-off-by: Yousong Zhou BUILT_SOURCES = --- a/m4/openvswitch.m4 +++ b/m4/openvswitch.m4 -@@ -383,6 +383,8 @@ else: +@@ -372,6 +372,8 @@ else: AC_MSG_ERROR([Python 3.4 or later is required but not found in $PATH, please install it or set $PYTHON3 to point to it]) fi AC_ARG_VAR([PYTHON3]) diff --git a/net/openvswitch/patches/0004-build-trim-build.patch b/net/openvswitch/patches/0004-build-trim-build.patch index 19ea959ef6..3e0eca5158 100644 --- a/net/openvswitch/patches/0004-build-trim-build.patch +++ b/net/openvswitch/patches/0004-build-trim-build.patch @@ -10,7 +10,7 @@ Signed-off-by: Yousong Zhou --- a/Makefile.am +++ b/Makefile.am -@@ -475,12 +475,10 @@ dist-docs: +@@ -477,12 +477,10 @@ dist-docs: VERSION=$(VERSION) MAKE='$(MAKE)' $(srcdir)/build-aux/dist-docs $(srcdir) $(docs) .PHONY: dist-docs diff --git a/net/openvswitch/patches/0007-build-only-link-libopenvswitch-with-libunwind-libunb.patch b/net/openvswitch/patches/0007-build-only-link-libopenvswitch-with-libunwind-libunb.patch index 86c1d41bff..1491af51d5 100644 --- a/net/openvswitch/patches/0007-build-only-link-libopenvswitch-with-libunwind-libunb.patch +++ b/net/openvswitch/patches/0007-build-only-link-libopenvswitch-with-libunwind-libunb.patch @@ -32,7 +32,7 @@ Signed-off-by: Yousong Zhou Cflags: -I${includedir}/openvswitch --- a/m4/openvswitch.m4 +++ b/m4/openvswitch.m4 -@@ -657,7 +657,8 @@ AC_DEFUN([OVS_CHECK_UNBOUND], +@@ -646,7 +646,8 @@ AC_DEFUN([OVS_CHECK_UNBOUND], [AC_CHECK_LIB(unbound, ub_ctx_create, [HAVE_UNBOUND=yes], [HAVE_UNBOUND=no]) if test "$HAVE_UNBOUND" = yes; then AC_DEFINE([HAVE_UNBOUND], [1], [Define to 1 if unbound is detected.]) @@ -42,7 +42,7 @@ Signed-off-by: Yousong Zhou fi AM_CONDITIONAL([HAVE_UNBOUND], [test "$HAVE_UNBOUND" = yes]) AC_SUBST([HAVE_UNBOUND])]) -@@ -669,7 +670,8 @@ AC_DEFUN([OVS_CHECK_UNWIND], +@@ -658,7 +659,8 @@ AC_DEFUN([OVS_CHECK_UNWIND], [HAVE_UNWIND=no]) if test "$HAVE_UNWIND" = yes; then AC_DEFINE([HAVE_UNWIND], [1], [Define to 1 if unwind is detected.]) diff --git a/net/strongswan/Makefile b/net/strongswan/Makefile index cba7e073dc..0ac0dd1fd6 100644 --- a/net/strongswan/Makefile +++ b/net/strongswan/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=strongswan -PKG_VERSION:=5.9.2 -PKG_RELEASE:=12 +PKG_VERSION:=5.9.3 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=https://download.strongswan.org/ https://download2.strongswan.org/ -PKG_HASH:=61c72f741edb2c1295a7b7ccce0317a104b3f9d39efd04c52cd05b01b55ab063 +PKG_HASH:=9325ab56a0a4e97e379401e1d942ce3e0d8b6372291350ab2caae0755862c6f7 PKG_LICENSE:=GPL-2.0-or-later PKG_MAINTAINER:=Philip Prindeville , Noel Kuntze PKG_CPE_ID:=cpe:/a:strongswan:strongswan diff --git a/net/strongswan/patches/0900-src-Patch-for-building-with-musl-on-openwrt-taken-ve.patch b/net/strongswan/patches/0900-src-Patch-for-building-with-musl-on-openwrt-taken-ve.patch new file mode 100644 index 0000000000..e602067739 --- /dev/null +++ b/net/strongswan/patches/0900-src-Patch-for-building-with-musl-on-openwrt-taken-ve.patch @@ -0,0 +1,110 @@ +From 27a54379cf3c48ff63c02a4a9f023297bba60d45 Mon Sep 17 00:00:00 2001 +From: Noel Kuntze +Date: Mon, 12 Jul 2021 01:29:43 +0200 +Subject: [PATCH 900/904] src: Patch for building with musl on openwrt (taken + verbatim from openwrt package sources) + +--- + .../kernel_netlink/kernel_netlink_ipsec.c | 1 + + .../kernel_netlink/kernel_netlink_net.c | 2 + + .../kernel_netlink/kernel_netlink_shared.c | 2 + + src/libstrongswan/library.h | 1 + + src/libstrongswan/musl.h | 38 +++++++++++++++++++ + .../plugins/bliss/bliss_huffman.c | 2 + + 6 files changed, 46 insertions(+) + create mode 100644 src/libstrongswan/musl.h + +--- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c ++++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c +@@ -40,6 +40,7 @@ + */ + + #define _GNU_SOURCE ++#include + #include + #include + #include +--- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c ++++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c +@@ -37,6 +37,8 @@ + * THE SOFTWARE. + */ + ++#include "musl.h" ++ + #include + #include + #include +--- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c ++++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c +@@ -39,6 +39,8 @@ + * THE SOFTWARE. + */ + ++#include "musl.h" ++ + #include + #include + #include +--- a/src/libstrongswan/library.h ++++ b/src/libstrongswan/library.h +@@ -118,6 +118,7 @@ + #include "utils/leak_detective.h" + #include "plugins/plugin_loader.h" + #include "settings/settings.h" ++#include "musl.h" + + typedef struct library_t library_t; + +--- /dev/null ++++ b/src/libstrongswan/musl.h +@@ -0,0 +1,38 @@ ++#include ++ ++#define crypt x_crypt ++#define encrypt x_encrypt ++#include ++ ++#define fd_set x_fd_set ++#define ino_t x_ino_t ++#define off_t x_off_t ++#define loff_t x_loff_t ++#define dev_t x_dev_t ++#define mode_t x_mode_t ++#define uid_t x_uid_t ++#define gid_t x_gid_t ++#define uint64_t x_uint64_t ++#define u_int64_t x_u_int64_t ++#define int64_t x_int64_t ++#define nlink_t x_nlink_t ++#define timer_t x_timer_t ++#define blkcnt_t x_blkcnt_t ++ ++#include ++ ++#undef fd_set ++#undef ino_t ++#undef off_t ++#undef dev_t ++#undef mode_t ++#undef uid_t ++#undef gid_t ++#undef uint64_t ++#undef u_int64_t ++#undef int64_t ++#undef nlink_t ++#undef timer_t ++#undef blkcnt_t ++#undef crypt ++#undef encrypt +--- a/src/libstrongswan/plugins/bliss/bliss_huffman.c ++++ b/src/libstrongswan/plugins/bliss/bliss_huffman.c +@@ -17,6 +17,8 @@ + #include "bliss_param_set.h" + + #include ++#undef fprintf ++#undef printf + + #include + #include diff --git a/net/strongswan/patches/0901-uci-verbatim-patch-from-openwrt-package-sources.patch b/net/strongswan/patches/0901-uci-verbatim-patch-from-openwrt-package-sources.patch new file mode 100644 index 0000000000..4056fe3450 --- /dev/null +++ b/net/strongswan/patches/0901-uci-verbatim-patch-from-openwrt-package-sources.patch @@ -0,0 +1,29 @@ +From 81be4fa54760aa4fed53c6d93da443f57a66f262 Mon Sep 17 00:00:00 2001 +From: Noel Kuntze +Date: Mon, 12 Jul 2021 01:30:32 +0200 +Subject: [PATCH 901/904] uci: verbatim patch from openwrt package sources + +--- + src/libcharon/plugins/uci/uci_parser.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/src/libcharon/plugins/uci/uci_parser.c ++++ b/src/libcharon/plugins/uci/uci_parser.c +@@ -75,7 +75,7 @@ METHOD(enumerator_t, section_enumerator_ + if (uci_lookup(this->ctx, &element, this->package, + this->current->name, "name") == UCI_OK) + { /* use "name" attribute as config name if available ... */ +- *value = uci_to_option(element)->value; ++ *value = uci_to_option(element)->v.string; + } + else + { /* ... or the section name becomes config name */ +@@ -90,7 +90,7 @@ METHOD(enumerator_t, section_enumerator_ + if (value && uci_lookup(this->ctx, &element, this->package, + this->current->name, this->keywords[i]) == UCI_OK) + { +- *value = uci_to_option(element)->value; ++ *value = uci_to_option(element)->v.string; + } + } + diff --git a/net/strongswan/patches/0902-ipsec-Patch-ipsec-script-to-work-with-musl-sleep-.-P.patch b/net/strongswan/patches/0902-ipsec-Patch-ipsec-script-to-work-with-musl-sleep-.-P.patch new file mode 100644 index 0000000000..830ff939f6 --- /dev/null +++ b/net/strongswan/patches/0902-ipsec-Patch-ipsec-script-to-work-with-musl-sleep-.-P.patch @@ -0,0 +1,21 @@ +From d71ec4f26a1334e78a38fa44a1271c52a029e3b4 Mon Sep 17 00:00:00 2001 +From: Noel Kuntze +Date: Mon, 12 Jul 2021 01:31:36 +0200 +Subject: [PATCH 902/904] ipsec: Patch `ipsec` script to work with musl + `sleep`. Patch taken verbatim from openwrt package sources. + +--- + src/ipsec/_ipsec.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/src/ipsec/_ipsec.in ++++ b/src/ipsec/_ipsec.in +@@ -257,7 +257,7 @@ stop) + loop=110 + while [ $loop -gt 0 ] ; do + kill -0 $spid 2>/dev/null || break +- sleep 0.1 2>/dev/null ++ sleep 1 2>/dev/null + if [ $? -ne 0 ] + then + sleep 1 diff --git a/net/strongswan/patches/0903-updown-Call-sbin-hotplug-call-ipsec-1-in-updown-scri.patch b/net/strongswan/patches/0903-updown-Call-sbin-hotplug-call-ipsec-1-in-updown-scri.patch new file mode 100644 index 0000000000..e6721fc988 --- /dev/null +++ b/net/strongswan/patches/0903-updown-Call-sbin-hotplug-call-ipsec-1-in-updown-scri.patch @@ -0,0 +1,26 @@ +From c779da992bdd440e336383da0eb75ef3a2ea6cde Mon Sep 17 00:00:00 2001 +From: Noel Kuntze +Date: Mon, 12 Jul 2021 01:32:20 +0200 +Subject: [PATCH 903/904] updown: Call /sbin/hotplug-call ipsec "$1" in updown + script. Patch taken verbatim from openwrt package sources. + +--- + src/_updown/_updown.in | 7 +++++++ + 1 file changed, 7 insertions(+) + +--- a/src/_updown/_updown.in ++++ b/src/_updown/_updown.in +@@ -22,6 +22,13 @@ + # that, and use the (left/right)updown parameters in ipsec.conf to make + # strongSwan use yours instead of this default one. + ++# Add your custom commands to the file "/etc/ipsec.user". Other packages could ++# also install their scripts in the directory "/etc/hotplug.d/ipsec". ++# This files/scripts are executed by the openwrt hotplug functionality on ++# ipsec events. ++ ++/sbin/hotplug-call ipsec "$1" ++ + # PLUTO_VERSION + # indicates what version of this interface is being + # used. This document describes version 1.1. This diff --git a/net/strongswan/patches/0904-gmpdh-Plugin-that-implements-gmp-DH-functions-in-an-.patch b/net/strongswan/patches/0904-gmpdh-Plugin-that-implements-gmp-DH-functions-in-an-.patch new file mode 100644 index 0000000000..eb3c38c3df --- /dev/null +++ b/net/strongswan/patches/0904-gmpdh-Plugin-that-implements-gmp-DH-functions-in-an-.patch @@ -0,0 +1,239 @@ +From 9f60c2ea6394facac55b90ef66466e1b9edef2a9 Mon Sep 17 00:00:00 2001 +From: Noel Kuntze +Date: Mon, 12 Jul 2021 01:34:23 +0200 +Subject: [PATCH 904/904] gmpdh: Plugin that implements gmp DH functions in an + extra plugin. Links and uses gmp plugin source and header files. Patch taken + verbatim from openwrt package sources. + +--- + configure.ac | 4 + + src/libstrongswan/Makefile.am | 7 ++ + src/libstrongswan/plugins/gmpdh/Makefile.am | 19 ++++ + .../plugins/gmpdh/gmpdh_plugin.c | 101 ++++++++++++++++++ + .../plugins/gmpdh/gmpdh_plugin.h | 42 ++++++++ + 5 files changed, 173 insertions(+) + create mode 100644 src/libstrongswan/plugins/gmpdh/Makefile.am + create mode 100644 src/libstrongswan/plugins/gmpdh/gmpdh_plugin.c + create mode 100644 src/libstrongswan/plugins/gmpdh/gmpdh_plugin.h + +--- a/configure.ac ++++ b/configure.ac +@@ -146,6 +146,7 @@ ARG_DISBL_SET([fips-prf], [disable + ARG_ENABL_SET([gcm], [enables the GCM AEAD wrapper crypto plugin.]) + ARG_ENABL_SET([gcrypt], [enables the libgcrypt plugin.]) + ARG_DISBL_SET([gmp], [disable GNU MP (libgmp) based crypto implementation plugin.]) ++ARG_DISBL_SET([gmpdh], [disable GNU MP (libgmp) based static-linked crypto DH minimal implementation plugin.]) + ARG_DISBL_SET([curve25519], [disable Curve25519 Diffie-Hellman plugin.]) + ARG_DISBL_SET([hmac], [disable HMAC crypto implementation plugin.]) + ARG_ENABL_SET([md4], [enable MD4 software implementation plugin.]) +@@ -1483,6 +1484,7 @@ ADD_PLUGIN([botan], [s ch + ADD_PLUGIN([af-alg], [s charon scepclient pki scripts medsrv attest nm cmd aikgen]) + ADD_PLUGIN([fips-prf], [s charon nm cmd]) + ADD_PLUGIN([gmp], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen fuzz]) ++ADD_PLUGIN([gmpdh], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen]) + ADD_PLUGIN([curve25519], [s charon pki scripts nm cmd]) + ADD_PLUGIN([agent], [s charon nm cmd]) + ADD_PLUGIN([keychain], [s charon cmd]) +@@ -1624,6 +1626,7 @@ AM_CONDITIONAL(USE_SHA3, test x$sha3 = x + AM_CONDITIONAL(USE_MGF1, test x$mgf1 = xtrue) + AM_CONDITIONAL(USE_FIPS_PRF, test x$fips_prf = xtrue) + AM_CONDITIONAL(USE_GMP, test x$gmp = xtrue) ++AM_CONDITIONAL(USE_GMPDH, test x$gmpdh = xtrue) + AM_CONDITIONAL(USE_CURVE25519, test x$curve25519 = xtrue) + AM_CONDITIONAL(USE_RDRAND, test x$rdrand = xtrue) + AM_CONDITIONAL(USE_AESNI, test x$aesni = xtrue) +@@ -1901,6 +1904,7 @@ AC_CONFIG_FILES([ + src/libstrongswan/plugins/mgf1/Makefile + src/libstrongswan/plugins/fips_prf/Makefile + src/libstrongswan/plugins/gmp/Makefile ++ src/libstrongswan/plugins/gmpdh/Makefile + src/libstrongswan/plugins/curve25519/Makefile + src/libstrongswan/plugins/rdrand/Makefile + src/libstrongswan/plugins/aesni/Makefile +--- a/src/libstrongswan/Makefile.am ++++ b/src/libstrongswan/Makefile.am +@@ -345,6 +345,13 @@ if MONOLITHIC + endif + endif + ++if USE_GMPDH ++ SUBDIRS += plugins/gmpdh ++if MONOLITHIC ++ libstrongswan_la_LIBADD += plugins/gmpdh/libstrongswan-gmpdh.la ++endif ++endif ++ + if USE_CURVE25519 + SUBDIRS += plugins/curve25519 + if MONOLITHIC +--- /dev/null ++++ b/src/libstrongswan/plugins/gmpdh/Makefile.am +@@ -0,0 +1,19 @@ ++AM_CPPFLAGS = \ ++ -I$(top_srcdir)/src/libstrongswan ++ ++AM_CFLAGS = \ ++ $(PLUGIN_CFLAGS) ++ ++if MONOLITHIC ++noinst_LTLIBRARIES = libstrongswan-gmpdh.la ++else ++plugin_LTLIBRARIES = libstrongswan-gmpdh.la ++endif ++ ++libstrongswan_gmpdh_la_SOURCES = \ ++ gmpdh_plugin.h gmpdh_plugin.c \ ++ ../gmp/gmp_diffie_hellman.c ../gmp/gmp_diffie_hellman.h ++ ++ ++libstrongswan_gmpdh_la_LDFLAGS = -module -avoid-version -Wl,-Bstatic -Wl,-lgmp -Wl,-Bdynamic -Wl,--as-needed $(FPIC) ++libstrongswan_gmpdh_la_LIBADD = +--- /dev/null ++++ b/src/libstrongswan/plugins/gmpdh/gmpdh_plugin.c +@@ -0,0 +1,101 @@ ++/* ++ * Copyright (C) 2008-2009 Martin Willi ++ * Hochschule fuer Technik Rapperswil ++ * ++ * This program is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by the ++ * Free Software Foundation; either version 2 of the License, or (at your ++ * option) any later version. See . ++ * ++ * This program is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY ++ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * for more details. ++ */ ++ ++#include "gmpdh_plugin.h" ++ ++#include ++#include "../gmp/gmp_diffie_hellman.h" ++ ++typedef struct private_gmpdh_plugin_t private_gmpdh_plugin_t; ++ ++/** ++ * private data of gmp_plugin ++ */ ++struct private_gmpdh_plugin_t { ++ ++ /** ++ * public functions ++ */ ++ gmpdh_plugin_t public; ++}; ++ ++METHOD(plugin_t, get_name, char*, ++ private_gmpdh_plugin_t *this) ++{ ++ return "gmpdh"; ++} ++ ++METHOD(plugin_t, get_features, int, ++ private_gmpdh_plugin_t *this, plugin_feature_t *features[]) ++{ ++ static plugin_feature_t f[] = { ++ /* DH groups */ ++ PLUGIN_REGISTER(DH, gmp_diffie_hellman_create), ++ PLUGIN_PROVIDE(DH, MODP_2048_BIT), ++ PLUGIN_DEPENDS(RNG, RNG_STRONG), ++ PLUGIN_PROVIDE(DH, MODP_2048_224), ++ PLUGIN_DEPENDS(RNG, RNG_STRONG), ++ PLUGIN_PROVIDE(DH, MODP_2048_256), ++ PLUGIN_DEPENDS(RNG, RNG_STRONG), ++ PLUGIN_PROVIDE(DH, MODP_1536_BIT), ++ PLUGIN_DEPENDS(RNG, RNG_STRONG), ++ PLUGIN_PROVIDE(DH, MODP_3072_BIT), ++ PLUGIN_DEPENDS(RNG, RNG_STRONG), ++ PLUGIN_PROVIDE(DH, MODP_4096_BIT), ++ PLUGIN_DEPENDS(RNG, RNG_STRONG), ++ PLUGIN_PROVIDE(DH, MODP_6144_BIT), ++ PLUGIN_DEPENDS(RNG, RNG_STRONG), ++ PLUGIN_PROVIDE(DH, MODP_8192_BIT), ++ PLUGIN_DEPENDS(RNG, RNG_STRONG), ++ PLUGIN_PROVIDE(DH, MODP_1024_BIT), ++ PLUGIN_DEPENDS(RNG, RNG_STRONG), ++ PLUGIN_PROVIDE(DH, MODP_1024_160), ++ PLUGIN_DEPENDS(RNG, RNG_STRONG), ++ PLUGIN_PROVIDE(DH, MODP_768_BIT), ++ PLUGIN_DEPENDS(RNG, RNG_STRONG), ++ PLUGIN_REGISTER(DH, gmp_diffie_hellman_create_custom), ++ PLUGIN_PROVIDE(DH, MODP_CUSTOM), ++ PLUGIN_DEPENDS(RNG, RNG_STRONG), ++ }; ++ *features = f; ++ return countof(f); ++} ++ ++METHOD(plugin_t, destroy, void, ++ private_gmpdh_plugin_t *this) ++{ ++ free(this); ++} ++ ++/* ++ * see header file ++ */ ++plugin_t *gmpdh_plugin_create() ++{ ++ private_gmpdh_plugin_t *this; ++ ++ INIT(this, ++ .public = { ++ .plugin = { ++ .get_name = _get_name, ++ .get_features = _get_features, ++ .destroy = _destroy, ++ }, ++ }, ++ ); ++ ++ return &this->public.plugin; ++} ++ +--- /dev/null ++++ b/src/libstrongswan/plugins/gmpdh/gmpdh_plugin.h +@@ -0,0 +1,42 @@ ++/* ++ * Copyright (C) 2008 Martin Willi ++ * Hochschule fuer Technik Rapperswil ++ * ++ * This program is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by the ++ * Free Software Foundation; either version 2 of the License, or (at your ++ * option) any later version. See . ++ * ++ * This program is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY ++ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * for more details. ++ */ ++ ++/** ++ * @defgroup gmpdh_p gmpdh ++ * @ingroup plugins ++ * ++ * @defgroup gmpdh_plugin gmpdh_plugin ++ * @{ @ingroup gmpdh_p ++ */ ++ ++#ifndef GMPDH_PLUGIN_H_ ++#define GMPDH_PLUGIN_H_ ++ ++#include ++ ++typedef struct gmpdh_plugin_t gmpdh_plugin_t; ++ ++/** ++ * Plugin implementing asymmetric crypto algorithms using the GNU MP library. ++ */ ++struct gmpdh_plugin_t { ++ ++ /** ++ * implements plugin interface ++ */ ++ plugin_t plugin; ++}; ++ ++#endif /** GMPDH_PLUGIN_H_ @}*/ diff --git a/net/strongswan/patches/101-musl-fixes.patch b/net/strongswan/patches/101-musl-fixes.patch deleted file mode 100644 index d17a3c6cee..0000000000 --- a/net/strongswan/patches/101-musl-fixes.patch +++ /dev/null @@ -1,94 +0,0 @@ ---- a/src/libstrongswan/library.h -+++ b/src/libstrongswan/library.h -@@ -118,6 +118,7 @@ - #include "utils/leak_detective.h" - #include "plugins/plugin_loader.h" - #include "settings/settings.h" -+#include "musl.h" - - typedef struct library_t library_t; - ---- /dev/null -+++ b/src/libstrongswan/musl.h -@@ -0,0 +1,38 @@ -+#include -+ -+#define crypt x_crypt -+#define encrypt x_encrypt -+#include -+ -+#define fd_set x_fd_set -+#define ino_t x_ino_t -+#define off_t x_off_t -+#define loff_t x_loff_t -+#define dev_t x_dev_t -+#define mode_t x_mode_t -+#define uid_t x_uid_t -+#define gid_t x_gid_t -+#define uint64_t x_uint64_t -+#define u_int64_t x_u_int64_t -+#define int64_t x_int64_t -+#define nlink_t x_nlink_t -+#define timer_t x_timer_t -+#define blkcnt_t x_blkcnt_t -+ -+#include -+ -+#undef fd_set -+#undef ino_t -+#undef off_t -+#undef dev_t -+#undef mode_t -+#undef uid_t -+#undef gid_t -+#undef uint64_t -+#undef u_int64_t -+#undef int64_t -+#undef nlink_t -+#undef timer_t -+#undef blkcnt_t -+#undef crypt -+#undef encrypt ---- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c -+++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c -@@ -40,6 +40,7 @@ - */ - - #define _GNU_SOURCE -+#include - #include - #include - #include ---- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c -+++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c -@@ -37,6 +37,8 @@ - * THE SOFTWARE. - */ - -+#include "musl.h" -+ - #include - #include - #include ---- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c -+++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c -@@ -39,6 +39,8 @@ - * THE SOFTWARE. - */ - -+#include "musl.h" -+ - #include - #include - #include ---- a/src/libstrongswan/plugins/bliss/bliss_huffman.c -+++ b/src/libstrongswan/plugins/bliss/bliss_huffman.c -@@ -17,6 +17,8 @@ - #include "bliss_param_set.h" - - #include -+#undef fprintf -+#undef printf - - #include - #include diff --git a/net/strongswan/patches/203-uci.patch b/net/strongswan/patches/203-uci.patch deleted file mode 100644 index 21ae848bf1..0000000000 --- a/net/strongswan/patches/203-uci.patch +++ /dev/null @@ -1,20 +0,0 @@ ---- a/src/libcharon/plugins/uci/uci_parser.c -+++ b/src/libcharon/plugins/uci/uci_parser.c -@@ -75,7 +75,7 @@ METHOD(enumerator_t, section_enumerator_ - if (uci_lookup(this->ctx, &element, this->package, - this->current->name, "name") == UCI_OK) - { /* use "name" attribute as config name if available ... */ -- *value = uci_to_option(element)->value; -+ *value = uci_to_option(element)->v.string; - } - else - { /* ... or the section name becomes config name */ -@@ -90,7 +90,7 @@ METHOD(enumerator_t, section_enumerator_ - if (value && uci_lookup(this->ctx, &element, this->package, - this->current->name, this->keywords[i]) == UCI_OK) - { -- *value = uci_to_option(element)->value; -+ *value = uci_to_option(element)->v.string; - } - } - diff --git a/net/strongswan/patches/210-sleep.patch b/net/strongswan/patches/210-sleep.patch deleted file mode 100644 index d8f2f3be25..0000000000 --- a/net/strongswan/patches/210-sleep.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/src/ipsec/_ipsec.in -+++ b/src/ipsec/_ipsec.in -@@ -257,7 +257,7 @@ stop) - loop=110 - while [ $loop -gt 0 ] ; do - kill -0 $spid 2>/dev/null || break -- sleep 0.1 2>/dev/null -+ sleep 1 2>/dev/null - if [ $? -ne 0 ] - then - sleep 1 diff --git a/net/strongswan/patches/300-include-ipsec-hotplug.patch b/net/strongswan/patches/300-include-ipsec-hotplug.patch deleted file mode 100644 index a61da3a48f..0000000000 --- a/net/strongswan/patches/300-include-ipsec-hotplug.patch +++ /dev/null @@ -1,16 +0,0 @@ ---- a/src/_updown/_updown.in -+++ b/src/_updown/_updown.in -@@ -22,6 +22,13 @@ - # that, and use the (left/right)updown parameters in ipsec.conf to make - # strongSwan use yours instead of this default one. - -+# Add your custom commands to the file "/etc/ipsec.user". Other packages could -+# also install their scripts in the directory "/etc/hotplug.d/ipsec". -+# This files/scripts are executed by the openwrt hotplug functionality on -+# ipsec events. -+ -+/sbin/hotplug-call ipsec "$1" -+ - # PLUTO_VERSION - # indicates what version of this interface is being - # used. This document describes version 1.1. This diff --git a/net/strongswan/patches/305-minimal_dh_plugin.patch b/net/strongswan/patches/305-minimal_dh_plugin.patch deleted file mode 100644 index 2302f17ee4..0000000000 --- a/net/strongswan/patches/305-minimal_dh_plugin.patch +++ /dev/null @@ -1,221 +0,0 @@ ---- a/configure.ac -+++ b/configure.ac -@@ -146,6 +146,7 @@ ARG_DISBL_SET([fips-prf], [disable - ARG_ENABL_SET([gcm], [enables the GCM AEAD wrapper crypto plugin.]) - ARG_ENABL_SET([gcrypt], [enables the libgcrypt plugin.]) - ARG_DISBL_SET([gmp], [disable GNU MP (libgmp) based crypto implementation plugin.]) -+ARG_DISBL_SET([gmpdh], [disable GNU MP (libgmp) based static-linked crypto DH minimal implementation plugin.]) - ARG_DISBL_SET([curve25519], [disable Curve25519 Diffie-Hellman plugin.]) - ARG_DISBL_SET([hmac], [disable HMAC crypto implementation plugin.]) - ARG_ENABL_SET([md4], [enable MD4 software implementation plugin.]) -@@ -1478,6 +1479,7 @@ ADD_PLUGIN([botan], [s ch - ADD_PLUGIN([af-alg], [s charon scepclient pki scripts medsrv attest nm cmd aikgen]) - ADD_PLUGIN([fips-prf], [s charon nm cmd]) - ADD_PLUGIN([gmp], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen fuzz]) -+ADD_PLUGIN([gmpdh], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen]) - ADD_PLUGIN([curve25519], [s charon pki scripts nm cmd]) - ADD_PLUGIN([agent], [s charon nm cmd]) - ADD_PLUGIN([keychain], [s charon cmd]) -@@ -1619,6 +1621,7 @@ AM_CONDITIONAL(USE_SHA3, test x$sha3 = x - AM_CONDITIONAL(USE_MGF1, test x$mgf1 = xtrue) - AM_CONDITIONAL(USE_FIPS_PRF, test x$fips_prf = xtrue) - AM_CONDITIONAL(USE_GMP, test x$gmp = xtrue) -+AM_CONDITIONAL(USE_GMPDH, test x$gmpdh = xtrue) - AM_CONDITIONAL(USE_CURVE25519, test x$curve25519 = xtrue) - AM_CONDITIONAL(USE_RDRAND, test x$rdrand = xtrue) - AM_CONDITIONAL(USE_AESNI, test x$aesni = xtrue) -@@ -1896,6 +1899,7 @@ AC_CONFIG_FILES([ - src/libstrongswan/plugins/mgf1/Makefile - src/libstrongswan/plugins/fips_prf/Makefile - src/libstrongswan/plugins/gmp/Makefile -+ src/libstrongswan/plugins/gmpdh/Makefile - src/libstrongswan/plugins/curve25519/Makefile - src/libstrongswan/plugins/rdrand/Makefile - src/libstrongswan/plugins/aesni/Makefile ---- a/src/libstrongswan/Makefile.am -+++ b/src/libstrongswan/Makefile.am -@@ -345,6 +345,13 @@ if MONOLITHIC - endif - endif - -+if USE_GMPDH -+ SUBDIRS += plugins/gmpdh -+if MONOLITHIC -+ libstrongswan_la_LIBADD += plugins/gmpdh/libstrongswan-gmpdh.la -+endif -+endif -+ - if USE_CURVE25519 - SUBDIRS += plugins/curve25519 - if MONOLITHIC ---- /dev/null -+++ b/src/libstrongswan/plugins/gmpdh/Makefile.am -@@ -0,0 +1,19 @@ -+AM_CPPFLAGS = \ -+ -I$(top_srcdir)/src/libstrongswan -+ -+AM_CFLAGS = \ -+ $(PLUGIN_CFLAGS) -+ -+if MONOLITHIC -+noinst_LTLIBRARIES = libstrongswan-gmpdh.la -+else -+plugin_LTLIBRARIES = libstrongswan-gmpdh.la -+endif -+ -+libstrongswan_gmpdh_la_SOURCES = \ -+ gmpdh_plugin.h gmpdh_plugin.c \ -+ ../gmp/gmp_diffie_hellman.c ../gmp/gmp_diffie_hellman.h -+ -+ -+libstrongswan_gmpdh_la_LDFLAGS = -module -avoid-version -Wl,-Bstatic -Wl,-lgmp -Wl,-Bdynamic -Wl,--as-needed $(FPIC) -+libstrongswan_gmpdh_la_LIBADD = ---- /dev/null -+++ b/src/libstrongswan/plugins/gmpdh/gmpdh_plugin.c -@@ -0,0 +1,101 @@ -+/* -+ * Copyright (C) 2008-2009 Martin Willi -+ * Hochschule fuer Technik Rapperswil -+ * -+ * This program is free software; you can redistribute it and/or modify it -+ * under the terms of the GNU General Public License as published by the -+ * Free Software Foundation; either version 2 of the License, or (at your -+ * option) any later version. See . -+ * -+ * This program is distributed in the hope that it will be useful, but -+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License -+ * for more details. -+ */ -+ -+#include "gmpdh_plugin.h" -+ -+#include -+#include "../gmp/gmp_diffie_hellman.h" -+ -+typedef struct private_gmpdh_plugin_t private_gmpdh_plugin_t; -+ -+/** -+ * private data of gmp_plugin -+ */ -+struct private_gmpdh_plugin_t { -+ -+ /** -+ * public functions -+ */ -+ gmpdh_plugin_t public; -+}; -+ -+METHOD(plugin_t, get_name, char*, -+ private_gmpdh_plugin_t *this) -+{ -+ return "gmpdh"; -+} -+ -+METHOD(plugin_t, get_features, int, -+ private_gmpdh_plugin_t *this, plugin_feature_t *features[]) -+{ -+ static plugin_feature_t f[] = { -+ /* DH groups */ -+ PLUGIN_REGISTER(DH, gmp_diffie_hellman_create), -+ PLUGIN_PROVIDE(DH, MODP_2048_BIT), -+ PLUGIN_DEPENDS(RNG, RNG_STRONG), -+ PLUGIN_PROVIDE(DH, MODP_2048_224), -+ PLUGIN_DEPENDS(RNG, RNG_STRONG), -+ PLUGIN_PROVIDE(DH, MODP_2048_256), -+ PLUGIN_DEPENDS(RNG, RNG_STRONG), -+ PLUGIN_PROVIDE(DH, MODP_1536_BIT), -+ PLUGIN_DEPENDS(RNG, RNG_STRONG), -+ PLUGIN_PROVIDE(DH, MODP_3072_BIT), -+ PLUGIN_DEPENDS(RNG, RNG_STRONG), -+ PLUGIN_PROVIDE(DH, MODP_4096_BIT), -+ PLUGIN_DEPENDS(RNG, RNG_STRONG), -+ PLUGIN_PROVIDE(DH, MODP_6144_BIT), -+ PLUGIN_DEPENDS(RNG, RNG_STRONG), -+ PLUGIN_PROVIDE(DH, MODP_8192_BIT), -+ PLUGIN_DEPENDS(RNG, RNG_STRONG), -+ PLUGIN_PROVIDE(DH, MODP_1024_BIT), -+ PLUGIN_DEPENDS(RNG, RNG_STRONG), -+ PLUGIN_PROVIDE(DH, MODP_1024_160), -+ PLUGIN_DEPENDS(RNG, RNG_STRONG), -+ PLUGIN_PROVIDE(DH, MODP_768_BIT), -+ PLUGIN_DEPENDS(RNG, RNG_STRONG), -+ PLUGIN_REGISTER(DH, gmp_diffie_hellman_create_custom), -+ PLUGIN_PROVIDE(DH, MODP_CUSTOM), -+ PLUGIN_DEPENDS(RNG, RNG_STRONG), -+ }; -+ *features = f; -+ return countof(f); -+} -+ -+METHOD(plugin_t, destroy, void, -+ private_gmpdh_plugin_t *this) -+{ -+ free(this); -+} -+ -+/* -+ * see header file -+ */ -+plugin_t *gmpdh_plugin_create() -+{ -+ private_gmpdh_plugin_t *this; -+ -+ INIT(this, -+ .public = { -+ .plugin = { -+ .get_name = _get_name, -+ .get_features = _get_features, -+ .destroy = _destroy, -+ }, -+ }, -+ ); -+ -+ return &this->public.plugin; -+} -+ ---- /dev/null -+++ b/src/libstrongswan/plugins/gmpdh/gmpdh_plugin.h -@@ -0,0 +1,42 @@ -+/* -+ * Copyright (C) 2008 Martin Willi -+ * Hochschule fuer Technik Rapperswil -+ * -+ * This program is free software; you can redistribute it and/or modify it -+ * under the terms of the GNU General Public License as published by the -+ * Free Software Foundation; either version 2 of the License, or (at your -+ * option) any later version. See . -+ * -+ * This program is distributed in the hope that it will be useful, but -+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License -+ * for more details. -+ */ -+ -+/** -+ * @defgroup gmpdh_p gmpdh -+ * @ingroup plugins -+ * -+ * @defgroup gmpdh_plugin gmpdh_plugin -+ * @{ @ingroup gmpdh_p -+ */ -+ -+#ifndef GMPDH_PLUGIN_H_ -+#define GMPDH_PLUGIN_H_ -+ -+#include -+ -+typedef struct gmpdh_plugin_t gmpdh_plugin_t; -+ -+/** -+ * Plugin implementing asymmetric crypto algorithms using the GNU MP library. -+ */ -+struct gmpdh_plugin_t { -+ -+ /** -+ * implements plugin interface -+ */ -+ plugin_t plugin; -+}; -+ -+#endif /** GMPDH_PLUGIN_H_ @}*/ diff --git a/net/transmission/Makefile b/net/transmission/Makefile index 255ad8cfc0..4fafe228b5 100644 --- a/net/transmission/Makefile +++ b/net/transmission/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=transmission PKG_VERSION:=3.00 -PKG_RELEASE:=11 +PKG_RELEASE:=12 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=@GITHUB/transmission/transmission-releases/master diff --git a/net/transmission/files/transmission-daemon.json b/net/transmission/files/transmission-daemon.json index e7cf1dd530..7711f15611 100644 --- a/net/transmission/files/transmission-daemon.json +++ b/net/transmission/files/transmission-daemon.json @@ -29,8 +29,12 @@ "fsync", "futex", "getdents64", + "getegid32", + "geteuid32", + "getgid32", "getpeername", "getpid", + "getrandom", "getsockname", "getsockopt", "getuid", diff --git a/net/travelmate/Makefile b/net/travelmate/Makefile index 8a31e5e167..00caaf467b 100644 --- a/net/travelmate/Makefile +++ b/net/travelmate/Makefile @@ -6,8 +6,8 @@ include $(TOPDIR)/rules.mk PKG_NAME:=travelmate -PKG_VERSION:=2.0.3 -PKG_RELEASE:=2 +PKG_VERSION:=2.0.4 +PKG_RELEASE:=1 PKG_LICENSE:=GPL-3.0-or-later PKG_MAINTAINER:=Dirk Brenken diff --git a/net/travelmate/files/chs-hotel.login b/net/travelmate/files/chs-hotel.login index 3b23f467c5..905824ad79 100755 --- a/net/travelmate/files/chs-hotel.login +++ b/net/travelmate/files/chs-hotel.login @@ -1,43 +1,40 @@ #!/bin/sh -# captive portal auto-login script for german chs hotels -# Copyright (c) 2020 Dirk Brenken (dev@brenken.org) +# captive portal auto-login script for chs hotels (DE) +# Copyright (c) 2020-2021 Dirk Brenken (dev@brenken.org) # This is free software, licensed under the GNU General Public License v3. # set (s)hellcheck exceptions -# shellcheck disable=1091,2016,2039,2059,2086,2143,2181,2188 +# shellcheck disable=1091,2181,3040 export LC_ALL=C export PATH="/usr/sbin:/usr/bin:/sbin:/bin" set -o pipefail -if [ "$(uci_get 2>/dev/null; printf "%u" "${?}")" = "127" ] -then +# source function library if necessary +# +if [ -z "${_C}" ]; then . "/lib/functions.sh" fi trm_domain="hotspot.internet-for-guests.com" -trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (Linux x86_64; rv:80.0) Gecko/20100101 Firefox/80.0")" +trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0")" trm_maxwait="$(uci_get travelmate global trm_maxwait "30")" trm_fetch="$(command -v curl)" -# initial get request to receive & extract valid security tokens +# get security tokens # -"${trm_fetch}" --user-agent "${trm_useragent}" --referer "http://www.example.com" --silent --connect-timeout $((trm_maxwait/6)) --cookie-jar "/tmp/${trm_domain}.cookie" --output /dev/null "https://${trm_domain}/logon/cgi/index.cgi" -if [ -r "/tmp/${trm_domain}.cookie" ] -then - lg_id="$(awk '/LGNSID/{print $7}' "/tmp/${trm_domain}.cookie")" - ta_id="$(awk '/ta_id/{print $7}' "/tmp/${trm_domain}.cookie")" - cl_id="$(awk '/cl_id/{print $7}' "/tmp/${trm_domain}.cookie")" - rm -f "/tmp/${trm_domain}.cookie" -else - exit 2 +"${trm_fetch}" --user-agent "${trm_useragent}" --referer "http://www.example.com" --silent --connect-timeout $((trm_maxwait / 6)) --cookie-jar "/tmp/${trm_domain}.cookie" --output /dev/null "https://${trm_domain}/logon/cgi/index.cgi" +lg_id="$(awk '/LGNSID/{print $7}' "/tmp/${trm_domain}.cookie" 2>/dev/null)" +ta_id="$(awk '/ta_id/{print $7}' "/tmp/${trm_domain}.cookie" 2>/dev/null)" +cl_id="$(awk '/cl_id/{print $7}' "/tmp/${trm_domain}.cookie" 2>/dev/null)" +rm -f "/tmp/${trm_domain}.cookie" +if [ -z "${lg_id}" ] || [ -z "${ta_id}" ] || [ -z "${cl_id}" ]; then + exit 1 fi -# final post request/login with valid session cookie/security token +# final login request # -if [ -n "${lg_id}" ] && [ -n "${ta_id}" ] && [ -n "${cl_id}" ] -then - "${trm_fetch}" --user-agent "${trm_useragent}" --referer "https://${trm_domain}/logon/cgi/index.cgi" --silent --connect-timeout $((trm_maxwait/6)) --header "Cookie: LGNSID=${lg_id}; lang=en_US; use_mobile_interface=0; ta_id=${ta_id}; cl_id=${cl_id}" --data "accept_termsofuse=&freeperperiod=1&device_infos=1125:2048:1152:2048" --output /dev/null "https://${trm_domain}/logon/cgi/index.cgi" -else - exit 3 +"${trm_fetch}" --user-agent "${trm_useragent}" --referer "https://${trm_domain}/logon/cgi/index.cgi" --silent --connect-timeout $((trm_maxwait / 6)) --header "Cookie: LGNSID=${lg_id}; lang=en_US; use_mobile_interface=0; ta_id=${ta_id}; cl_id=${cl_id}" --data "accept_termsofuse=&freeperperiod=1&device_infos=1125:2048:1152:2048" --output /dev/null "https://${trm_domain}/logon/cgi/index.cgi" +if [ "${?}" != "0" ]; then + exit 2 fi diff --git a/net/travelmate/files/db-bahn.login b/net/travelmate/files/db-bahn.login index a0ab505b50..2b4bf30f52 100755 --- a/net/travelmate/files/db-bahn.login +++ b/net/travelmate/files/db-bahn.login @@ -1,65 +1,49 @@ #!/bin/sh -# captive portal auto-login script for german DB hotspots via portal login API -# Copyright (c) 2020 Dirk Brenken (dev@brenken.org) +# captive portal auto-login script for DB hotspots (DE) +# Copyright (c) 2020-2021 Dirk Brenken (dev@brenken.org) # This is free software, licensed under the GNU General Public License v3. # set (s)hellcheck exceptions -# shellcheck disable=1091,2016,2039,2059,2086,2143,2181,2188 +# shellcheck disable=1091,2181,3040 export LC_ALL=C export PATH="/usr/sbin:/usr/bin:/sbin:/bin" set -o pipefail -if [ "$(uci_get 2>/dev/null; printf "%u" "${?}")" = "127" ] -then +# source function library if necessary +# +if [ -z "${_C}" ]; then . "/lib/functions.sh" fi trm_domain="wifi.bahn.de" -trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (Linux x86_64; rv:80.0) Gecko/20100101 Firefox/80.0")" +trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0")" trm_maxwait="$(uci_get travelmate global trm_maxwait "30")" trm_fetch="$(command -v curl)" -# initial get request to receive all header information -# -"${trm_fetch}" --user-agent "${trm_useragent}" --referer "http://www.example.com" --silent --connect-timeout $((trm_maxwait/6)) --include --cookie-jar "/tmp/${trm_domain}.cookie" --output /dev/null "http://${trm_domain}" - -# extract the session cookie and the hotspot location +# get all header information # -if [ -s "/tmp/${trm_domain}.cookie" ] -then - sec_token="$(awk 'BEGIN{FS="[ ;]"}/^Set-Cookie:/{print $2}' "/tmp/${trm_domain}.cookie")" - location="$(awk '/^Location:/{print $2}' "/tmp/${trm_domain}.cookie")" - rm -f "/tmp/${trm_domain}.cookie" -else - exit 2 +"${trm_fetch}" --user-agent "${trm_useragent}" --referer "http://www.example.com" --silent --connect-timeout $((trm_maxwait / 6)) --include --cookie-jar "/tmp/${trm_domain}.cookie" --output /dev/null "http://${trm_domain}" +sec_token="$(awk 'BEGIN{FS="[ ;]"}/^Set-Cookie:/{print $2}' "/tmp/${trm_domain}.cookie" 2>/dev/null)" +location="$(awk '/^Location:/{print $2}' "/tmp/${trm_domain}.cookie" 2>/dev/null)" +rm -f "/tmp/${trm_domain}.cookie" +if [ -z "${sec_token}" ] || [ -z "${location}" ]; then + exit 1 fi # post request to subscribe to the portal API # -if [ -n "${sec_token}" ] && [ -n "${location}" ] -then - "${trm_fetch}" --user-agent "${trm_useragent}" --referer "${location}" --silent --connect-timeout $((trm_maxwait/6)) --include --cookie-jar "/tmp/${trm_domain}.cookie" --header "Cookie: ${sec_token}" --data "action=subscribe&type=one&connect_policy_accept=false&user_login=&user_password=&user_password_confirm=&email_address=&prefix=&phone=&policy_accept=false&gender=&interests=" --output /dev/null "https://${trm_domain}/portal_api.php" -else - exit 3 -fi - -# extract additional login and password information from the portal API -# -if [ -s "/tmp/${trm_domain}.cookie" ] -then - login="$(awk 'BEGIN{FS="[\"]"}/^\{\"info/{print $12}' "/tmp/${trm_domain}.cookie")" - password="$(awk 'BEGIN{FS="[\"]"}/^\{\"info/{print $16}' "/tmp/${trm_domain}.cookie")" - rm -f "/tmp/${trm_domain}.cookie" -else - exit 4 +"${trm_fetch}" --user-agent "${trm_useragent}" --referer "${location}" --silent --connect-timeout $((trm_maxwait / 6)) --include --cookie-jar "/tmp/${trm_domain}.cookie" --header "Cookie: ${sec_token}" --data "action=subscribe&type=one&connect_policy_accept=false&user_login=&user_password=&user_password_confirm=&email_address=&prefix=&phone=&policy_accept=false&gender=&interests=" --output /dev/null "https://${trm_domain}/portal_api.php" +login="$(awk 'BEGIN{FS="[\"]"}/^\{\"info/{print $12}' "/tmp/${trm_domain}.cookie" 2>/dev/null)" +password="$(awk 'BEGIN{FS="[\"]"}/^\{\"info/{print $16}' "/tmp/${trm_domain}.cookie" 2>/dev/null)" +rm -f "/tmp/${trm_domain}.cookie" +if [ -z "${login}" ] && [ -z "${password}" ]; then + exit 2 fi # final post request to authenticate to the portal API # -if [ -n "${login}" ] && [ -n "${password}" ] -then - "${trm_fetch}" --user-agent "${trm_useragent}" --referer "${location}" --silent --connect-timeout $((trm_maxwait/6)) --header "Cookie: ${sec_token}" --data "action=authenticate&login=${login}&password=${password}&policy_accept=false&from_ajax=true&wispr_mode=false" "https://${trm_domain}/portal_api.php" -else - exit 5 +"${trm_fetch}" --user-agent "${trm_useragent}" --referer "${location}" --silent --connect-timeout $((trm_maxwait / 6)) --header "Cookie: ${sec_token}" --data "action=authenticate&login=${login}&password=${password}&policy_accept=false&from_ajax=true&wispr_mode=false" "https://${trm_domain}/portal_api.php" +if [ "${?}" != "0" ]; then + exit 3 fi diff --git a/net/travelmate/files/generic-user-pass.login b/net/travelmate/files/generic-user-pass.login index 60c3b5a92c..687a183589 100755 --- a/net/travelmate/files/generic-user-pass.login +++ b/net/travelmate/files/generic-user-pass.login @@ -1,35 +1,32 @@ #!/bin/sh # captive portal auto-login script template with credentials as parameters -# Copyright (c) 2020 Dirk Brenken (dev@brenken.org) +# Copyright (c) 2020-2021 Dirk Brenken (dev@brenken.org) # This is free software, licensed under the GNU General Public License v3. # set (s)hellcheck exceptions -# shellcheck disable=1091,2016,2039,2059,2086,2143,2181,2188 +# shellcheck disable=1091,2039,3040 export LC_ALL=C export PATH="/usr/sbin:/usr/bin:/sbin:/bin" set -o pipefail -if [ "$(uci_get 2>/dev/null; printf "%u" "${?}")" = "127" ] -then +# source function library if necessary +# +if [ -z "${_C}" ]; then . "/lib/functions.sh" fi -trm_domain="example.com" -trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (Linux x86_64; rv:80.0) Gecko/20100101 Firefox/80.0")" -trm_maxwait="$(uci_get travelmate global trm_maxwait "30")" -trm_fetch="$(command -v curl)" - user="${1}" password="${2}" success="Thank you!" +trm_domain="example.com" +trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0")" +trm_maxwait="$(uci_get travelmate global trm_maxwait "30")" +trm_fetch="$(command -v curl)" # login with credentials # -response="$("${trm_fetch}" --user-agent "${trm_useragent}" --referer "http://www.example.com" --silent --connect-timeout $((trm_maxwait/6)) --data "username=${user}&password=${password}" --header "Content-Type:application/x-www-form-urlencoded" "http://${trm_domain}")" -if [ -n "$(printf "%s" "${response}" | grep "${success}")" ] -then - exit 0 -else - exit 2 +raw_html="$("${trm_fetch}" --user-agent "${trm_useragent}" --referer "http://www.example.com" --connect-timeout $((trm_maxwait / 6)) --silent --show-error --header "Content-Type:application/x-www-form-urlencoded" --data "username=${user}&password=${password}" "http://${trm_domain}")" +if [ -n "${raw_html##*${success}*}" ]; then + exit 1 fi diff --git a/net/travelmate/files/h-hotels.login b/net/travelmate/files/h-hotels.login index a72e217f73..fa55f7d36e 100755 --- a/net/travelmate/files/h-hotels.login +++ b/net/travelmate/files/h-hotels.login @@ -1,43 +1,40 @@ #!/bin/sh -# captive portal auto-login script for Telekom hotspots in german h+hotels -# Copyright (c) 2020 Dirk Brenken (dev@brenken.org) +# captive portal auto-login script for Telekom hotspots in h+hotels (DE) +# Copyright (c) 2020-2021 Dirk Brenken (dev@brenken.org) # This is free software, licensed under the GNU General Public License v3. # set (s)hellcheck exceptions -# shellcheck disable=1091,2016,2039,2059,2086,2143,2181,2188 +# shellcheck disable=1091,2181,3040 export LC_ALL=C export PATH="/usr/sbin:/usr/bin:/sbin:/bin" set -o pipefail -if [ "$(uci_get 2>/dev/null; printf "%u" "${?}")" = "127" ] -then - . "/lib/functions.sh" +# source function library if necessary +# +if [ -z "${_C}" ]; then + . "/lib/functions.sh" fi trm_domain="hotspot.t-mobile.net" -trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (Linux x86_64; rv:80.0) Gecko/20100101 Firefox/80.0")" +trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0")" trm_maxwait="$(uci_get travelmate global trm_maxwait "30")" trm_fetch="$(command -v curl)" -# initial get request to receive & extract valid security tokens +# get security tokens # -"${trm_fetch}" --user-agent "${trm_useragent}" --referer "http://www.example.com" --silent --connect-timeout $((trm_maxwait/6)) --cookie-jar "/tmp/${trm_domain}.cookie" --output /dev/null "https://${trm_domain}/wlan/rest/freeLogin" -if [ -r "/tmp/${trm_domain}.cookie" ] -then - ses_id="$(awk '/JSESSIONID/{print $7}' "/tmp/${trm_domain}.cookie")" - sec_id="$(awk '/DT_H/{print $7}' "/tmp/${trm_domain}.cookie")" - dev_id="$(sha256sum /etc/config/wireless | awk '{printf "%s",substr($1,1,13)}')" - rm -f "/tmp/${trm_domain}.cookie" -else - exit 2 +"${trm_fetch}" --user-agent "${trm_useragent}" --referer "http://www.example.com" --silent --connect-timeout $((trm_maxwait / 6)) --cookie-jar "/tmp/${trm_domain}.cookie" --output /dev/null "https://${trm_domain}/wlan/rest/freeLogin" +ses_id="$(awk '/JSESSIONID/{print $7}' "/tmp/${trm_domain}.cookie" 2>/dev/null)" +sec_id="$(awk '/DT_H/{print $7}' "/tmp/${trm_domain}.cookie" 2>/dev/null)" +dev_id="$(sha256sum /etc/config/wireless 2>/dev/null | awk '{printf "%s",substr($1,1,13)}' 2>/dev/null)" +rm -f "/tmp/${trm_domain}.cookie" +if [ -z "${ses_id}" ] || [ -z "${sec_id}" ] || [ -z "${dev_id}" ]; then + exit 1 fi -# final post request/login with valid session cookie/security token +# final post request # -if [ -n "${ses_id}" ] && [ -n "${sec_id}" ] && [ -n "${dev_id}" ] -then - "${trm_fetch}" --user-agent "${trm_useragent}" --referer "https://${trm_domain}/TD/hotspot/H_Hotels/en_GB/index.html" --silent --connect-timeout $((trm_maxwait/6)) --header "Cookie: JSESSIONID=${ses_id}; DT_DEV_ID=${dev_id}; DT_H=${sec_id}" --data "rememberMe=true" --output /dev/null "https://${trm_domain}/wlan/rest/freeLogin" -else - exit 3 +"${trm_fetch}" --user-agent "${trm_useragent}" --referer "https://${trm_domain}/TD/hotspot/H_Hotels/en_GB/index.html" --silent --connect-timeout $((trm_maxwait / 6)) --header "Cookie: JSESSIONID=${ses_id}; DT_DEV_ID=${dev_id}; DT_H=${sec_id}" --data "rememberMe=true" --output /dev/null "https://${trm_domain}/wlan/rest/freeLogin" +if [ "${?}" != "0" ]; then + exit 2 fi diff --git a/net/travelmate/files/julianahoeve.login b/net/travelmate/files/julianahoeve.login new file mode 100755 index 0000000000..f4927c3360 --- /dev/null +++ b/net/travelmate/files/julianahoeve.login @@ -0,0 +1,46 @@ +#!/bin/sh +# captive portal auto-login script for Julianahoeve beach resort (NL) +# Copyright (c) 2021 Dirk Brenken (dev@brenken.org) +# This is free software, licensed under the GNU General Public License v3. + +# set (s)hellcheck exceptions +# shellcheck disable=1091,2039,2181,3040 + +export LC_ALL=C +export PATH="/usr/sbin:/usr/bin:/sbin:/bin" +set -o pipefail + +# source function library if necessary +# +if [ -z "${_C}" ]; then + . "/lib/functions.sh" +fi + +trm_domain="n23.network-auth.com" +trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0")" +trm_captiveurl="$(uci_get travelmate global trm_captiveurl "http://detectportal.firefox.com")" +trm_maxwait="$(uci_get travelmate global trm_maxwait "30")" +trm_fetch="$(command -v curl)" + +# get redirect url +# +redirect_url="$(${trm_fetch} --user-agent "${trm_useragent}" --referer "http://www.example.com" --connect-timeout $((trm_maxwait / 6)) --write-out "%{redirect_url}" --silent --show-error --output /dev/null "${trm_captiveurl}")" +if [ -z "${redirect_url}" ]; then + exit 1 +fi + +# get session cookie +# +"${trm_fetch}" --user-agent "${trm_useragent}" --referer "http://${trm_domain}" --silent --connect-timeout $((trm_maxwait / 6)) --cookie-jar "/tmp/${trm_domain}.cookie" --output /dev/null "${redirect_url}" +session_id="$(awk '/p_splash_session/{print $7}' "/tmp/${trm_domain}.cookie" 2>/dev/null)" +rm -f "/tmp/${trm_domain}.cookie" +if [ -z "${session_id}" ]; then + exit 2 +fi + +# final login request +# +"${trm_fetch}" --user-agent "${trm_useragent}" --referer "${redirect_url}" --silent --connect-timeout $((trm_maxwait / 6)) --header "Cookie: p_splash_session=${session_id};" --output /dev/null "https://${trm_domain}/Camping-Julianah/hi/IHYW9cx/grant" +if [ "${?}" != "0" ]; then + exit 3 +fi diff --git a/net/travelmate/files/telekom.login b/net/travelmate/files/telekom.login new file mode 100755 index 0000000000..060bce7ff9 --- /dev/null +++ b/net/travelmate/files/telekom.login @@ -0,0 +1,64 @@ +#!/bin/sh +# captive portal auto-login script for telekom hotspots (DE) +# Copyright (c) 2021 Dirk Brenken (dev@brenken.org) +# This is free software, licensed under the GNU General Public License v3. + +# set (s)hellcheck exceptions +# shellcheck disable=1091,3040,3043,3057 + +export LC_ALL=C +export PATH="/usr/sbin:/usr/bin:/sbin:/bin" +set -o pipefail + +# source function library if necessary +# +if [ -z "${_C}" ]; then + . "/lib/functions.sh" +fi + +# url encoding function +# +urlencode() +{ + local chr str="${1}" len="${#1}" pos=0 + + while [ "${pos}" -lt "${len}" ]; do + chr="${str:pos:1}" + case "${chr}" in + [a-zA-Z0-9.~_-]) + printf "%s" "${chr}" + ;; + " ") + printf "%%20" + ;; + *) + printf "%%%02X" "'${chr}" + ;; + esac + pos=$((pos + 1)) + done +} + +username="$(urlencode "${1}")" +password="$(urlencode "${2}")" +trm_domain="telekom.portal.fon.com" +trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0")" +trm_captiveurl="$(uci_get travelmate global trm_captiveurl "http://detectportal.firefox.com")" +trm_maxwait="$(uci_get travelmate global trm_maxwait "30")" +trm_fetch="$(command -v curl)" + +# get redirect url +# +raw_html="$(${trm_fetch} --user-agent "${trm_useragent}" --referer "http://www.example.com" --connect-timeout $((trm_maxwait / 6)) --location --silent --show-error "${trm_captiveurl}")" +redirect_url="$(printf "%s" "${raw_html}" | awk 'match(tolower($0),/.*<\/loginurl>/){printf "%s",substr($0,RSTART+10,RLENGTH-21)}' 2>/dev/null | awk '{gsub("&","\\&");printf "%s",$0}' 2>/dev/null)" +if [ -z "${redirect_url}" ]; then + exit 1 +fi + +# final login request +# +raw_html="$("${trm_fetch}" --user-agent "${trm_useragent}" --referer "https://${trm_domain}" --connect-timeout $((trm_maxwait / 6)) --header "content-type: application/x-www-form-urlencoded" --location --silent --show-error --data "UserName=${username}&Password=${password}&FNAME=0&button=Login&OriginatingServer=http%3A%2F%2F${trm_captiveurl}" "${redirect_url}")" +login_url="$(printf "%s" "${raw_html}" | awk 'match(tolower($0),/.*<\/logoffurl>/){printf "%s",substr($0,RSTART+11,RLENGTH-23)}' 2>/dev/null)" +if [ -z "${login_url}" ]; then + exit 2 +fi diff --git a/net/travelmate/files/travelmate.init b/net/travelmate/files/travelmate.init index 1346bc6dcc..2017ba9331 100755 --- a/net/travelmate/files/travelmate.init +++ b/net/travelmate/files/travelmate.init @@ -3,7 +3,7 @@ # This is free software, licensed under the GNU General Public License v3. # set (s)hellcheck exceptions -# shellcheck disable=1091,2016,2034,2039,2059,2086,2143,2154,2181,2188 +# shellcheck disable=2034,2086,2154,3043,3060 START=25 USE_PROCD=1 @@ -17,19 +17,16 @@ trm_pidfile="/var/run/travelmate.pid" boot() { - if [ -s "${trm_pidfile}" ] - then - > "${trm_pidfile}" + if [ -s "${trm_pidfile}" ]; then + : >"${trm_pidfile}" fi rc_procd start_service } start_service() { - if [ "$("${trm_init}" enabled; printf "%u" ${?})" = "0" ] - then - if [ "${action}" = "boot" ] - then + if "${trm_init}" enabled; then + if [ "${action}" = "boot" ]; then return 0 fi procd_open_instance "travelmate" @@ -45,17 +42,14 @@ start_service() reload_service() { local ppid pid timeout - + timeout="$(uci_get travelmate global trm_timeout)" - if [ -s "${trm_pidfile}" ] - then + if [ -s "${trm_pidfile}" ]; then ppid="$(cat "${trm_pidfile}" 2>/dev/null)" - if [ -n "${ppid}" ] - then + if [ -n "${ppid}" ]; then pid="$(pgrep -xnf "sleep ${timeout:-60} 0" -P ${ppid} 2>/dev/null)" - if [ -n "${pid}" ] - then + if [ -n "${pid}" ]; then kill -INT ${pid} 2>/dev/null fi fi @@ -73,13 +67,10 @@ status_service() rtfile="$(uci_get travelmate global trm_rtfile "/tmp/trm_runtime.json")" json_load_file "${rtfile}" >/dev/null 2>&1 - json_select data >/dev/null 2>&1 - if [ "${?}" = "0" ] - then + if json_select data >/dev/null 2>&1; then printf "%s\n" "::: travelmate runtime information" json_get_keys keylist - for key in ${keylist} - do + for key in ${keylist}; do json_get_var value "${key}" printf " + %-18s : %s\n" "${key}" "${value}" done @@ -92,21 +83,20 @@ scan() { local result scan_dev radio="${1:-"radio0"}" - scan_dev="$(ubus -S call network.wireless status 2>/dev/null | jsonfilter -l1 -e "@.${radio}.interfaces[0].ifname")" - result="$(iwinfo "${scan_dev:-${radio}}" scan 2>/dev/null | \ + scan_dev="$(ubus -S call network.wireless status 2>/dev/null | jsonfilter -q -l1 -e "@.${radio}.interfaces[0].ifname")" + result="$(iwinfo "${scan_dev:-${radio}}" scan 2>/dev/null | awk 'BEGIN{FS="[[:space:]]"}/Address:/{var1=$NF}/ESSID:/{var2=""; for(i=12;i<=NF;i++)if(var2==""){var2=$i}else{var2=var2" "$i}}/Channel:/{var3=$NF}/Quality:/{split($NF,var0,"/")}/Encryption:/{var4=""; - for(j=12;j<=NF;j++)if(var4==""){var4=$j}else{var4=var4" "$j};printf " %-11i%-10s%-35s%-20s%s\n",(var0[1]*100/var0[2]),var3,var2,var1,var4}' | \ + for(j=12;j<=NF;j++)if(var4==""){var4=$j}else{var4=var4" "$j};printf " %-11i%-10s%-35s%-20s%s\n",(var0[1]*100/var0[2]),var3,var2,var1,var4}' | sort -rn)" - printf "%s\\n" "::: Available nearby uplinks on '${scan_dev:-${radio}}'" - printf "%s\\n" ":::" - if [ -n "${result}" ] - then - printf "%-15s%-10s%-35s%-20s%s\\n" " Strength" "Channel" "ESSID" "BSSID" "Encryption" - printf "%s\\n" " --------------------------------------------------------------------------------------" - printf "%s\\n" "${result}" + printf '%s\n' "::: Available nearby uplinks on '${scan_dev:-${radio}}'" + printf '%s\n' ":::" + if [ -n "${result}" ]; then + printf '%-15s%-10s%-35s%-20s%s\n' " Strength" "Channel" "ESSID" "BSSID" "Encryption" + printf '%s\n' " --------------------------------------------------------------------------------------" + printf '%s\n' "${result}" else - printf "%s\\n" "::: No scan results" + printf '%s\n' "::: No scan results" fi } @@ -119,13 +109,10 @@ setup() zone="${zone//[+*~%&\$@\"\' ]/}" metric="${metric//[^0-9]/}" - if [ -n "${iface}" ] && [ "${iface}" = "${input}" ] - then + if [ -n "${iface}" ] && [ "${iface}" = "${input}" ]; then printf "%s\n" "The uplink interface '${input}' has been already configured" - elif [ -n "${input}" ] - then - if [ -n "${iface}" ] - then + elif [ -n "${input}" ]; then + if [ -n "${iface}" ]; then uci -q batch <<-EOC del network."${iface}" del network."${iface}6" @@ -144,12 +131,9 @@ setup() commit network EOC - while [ -n "$(uci -q get firewall.@zone["${cnt}"].name)" ] - do - if [ "$(uci -q get firewall.@zone["${cnt}"].name)" = "${zone}" ] - then - if [ -n "${iface}" ] - then + while [ -n "$(uci -q get firewall.@zone["${cnt}"].name)" ]; do + if [ "$(uci -q get firewall.@zone["${cnt}"].name)" = "${zone}" ]; then + if [ -n "${iface}" ]; then uci -q batch <<-EOC del_list firewall.@zone["${cnt}"].network="${iface}" del_list firewall.@zone["${cnt}"].network="${iface}6" @@ -162,19 +146,16 @@ setup() EOC break fi - cnt=$((cnt+1)) + cnt=$((cnt + 1)) done - if [ -n "${iface}" ] - then + if [ -n "${iface}" ]; then cnt=0 - while [ -n "$(uci -q get wireless.@wifi-iface["${cnt}"].network)" ] - do - if [ "$(uci -q get wireless.@wifi-iface["${cnt}"].network)" = "${iface}" ] - then + while [ -n "$(uci -q get wireless.@wifi-iface["${cnt}"].network)" ]; do + if [ "$(uci -q get wireless.@wifi-iface["${cnt}"].network)" = "${iface}" ]; then uci -q set wireless.@wifi-iface["${cnt}"].network="${input}" fi - cnt=$((cnt+1)) + cnt=$((cnt + 1)) done uci -q commit wireless fi @@ -192,8 +173,7 @@ service_triggers() delay="$(uci_get travelmate global trm_triggerdelay "2")" PROCD_RELOAD_DELAY=$((delay * 1000)) - if [ -n "${iface}" ] - then + if [ -n "${iface}" ]; then procd_add_interface_trigger "interface.*.down" "${iface}" "${trm_init}" reload fi procd_add_raw_trigger "interface.*.up" "${PROCD_RELOAD_DELAY}" "${trm_init}" start diff --git a/net/travelmate/files/travelmate.mail b/net/travelmate/files/travelmate.mail index 42da3ccf33..ec789625aa 100755 --- a/net/travelmate/files/travelmate.mail +++ b/net/travelmate/files/travelmate.mail @@ -1,10 +1,10 @@ #!/bin/sh # send mail script for travelmate notifications -# Copyright (c) 2020 Dirk Brenken (dev@brenken.org) +# Copyright (c) 2020-2021 Dirk Brenken (dev@brenken.org) # This is free software, licensed under the GNU General Public License v3. # set (s)hellcheck exceptions -# shellcheck disable=1091,2016,2039,2059,2086,2143,2181,2188 +# shellcheck disable=1091,3040 # Please note: you have to setup the package 'msmtp' before using this script @@ -12,8 +12,9 @@ export LC_ALL=C export PATH="/usr/sbin:/usr/bin:/sbin:/bin" set -o pipefail -if [ "$(uci_get 2>/dev/null; printf "%u" "${?}")" = "127" ] -then +# source function library if necessary +# +if [ -z "${_C}" ]; then . "/lib/functions.sh" fi @@ -25,32 +26,21 @@ trm_rtfile="$(uci_get travelmate global trm_rtfile "/tmp/trm_runtime.json")" trm_mailpgm="$(command -v msmtp)" trm_logger="$(command -v logger)" -f_log() -{ - local class="${1}" log_msg="${2}" - - if [ -x "${trm_logger}" ] - then - "${trm_logger}" -p "${class}" -t "trm-mail [${$}]" "${log_msg}" - else - printf "%s %s %s\\n" "${class}" "trm-mail [${$}]" "${log_msg}" - fi -} - -if [ -z "${trm_mailreceiver}" ] -then - f_log "err" "please set the mail receiver with the 'trm_mailreceiver' option" +if [ -z "${trm_mailreceiver}" ]; then + "${trm_logger}" -p "err" -t "trm-mail [${$}]" "please set the mail receiver with the 'trm_mailreceiver' option" 2>/dev/null exit 1 fi -if [ "${trm_debug}" = "1" ] -then +if [ "${trm_debug}" = "1" ]; then debug="--debug" fi # info preparation # -sys_info="$(strings /etc/banner 2>/dev/null; ubus call system board | sed -e 's/\"release\": {//' | sed -e 's/^[ \t]*//' | sed -e 's/[{}\",]//g' | sed -e 's/[ ]/ \t/' | sed '/^$/d' 2>/dev/null)" +sys_info="$( + strings /etc/banner 2>/dev/null + ubus call system board | sed -e 's/\"release\": {//' | sed -e 's/^[ \t]*//' | sed -e 's/[{}\",]//g' | sed -e 's/[ ]/ \t/' | sed '/^$/d' 2>/dev/null +)" trm_info="$(/etc/init.d/travelmate status 2>/dev/null)" sta_info="$(jsonfilter -i "${trm_rtfile}" -l1 -e '@.data.station_id')" trm_mailtopic="$(uci_get travelmate global trm_mailtopic "travelmate connection to '${sta_info}'")" @@ -66,6 +56,4 @@ trm_mailtext="${trm_mailtext}" # send mail # printf "%b" "${trm_mailhead}${trm_mailtext}" 2>/dev/null | "${trm_mailpgm}" ${debug} -a "${trm_mailprofile}" "${trm_mailreceiver}" >/dev/null 2>&1 -mail_rc="${?}" -f_log "info" "mail sent to '${trm_mailreceiver}' with rc '${mail_rc}'" -exit ${mail_rc} +"${trm_logger}" -p "info" -t "trm-mail [${$}]" "mail sent to '${trm_mailreceiver}' with rc '${?}'" 2>/dev/null diff --git a/net/travelmate/files/travelmate.sh b/net/travelmate/files/travelmate.sh index 37dacfce33..cd4313989e 100755 --- a/net/travelmate/files/travelmate.sh +++ b/net/travelmate/files/travelmate.sh @@ -4,13 +4,13 @@ # This is free software, licensed under the GNU General Public License v3. # set (s)hellcheck exceptions -# shellcheck disable=1091,2016,2039,2059,2086,2143,2181,2188 +# shellcheck disable=1091,2086,3040,3043,3057,3060 export LC_ALL=C export PATH="/usr/sbin:/usr/bin:/sbin:/bin" set -o pipefail -trm_ver="2.0.3" +trm_ver="2.0.4" trm_enabled=0 trm_debug=0 trm_iface="" @@ -38,8 +38,8 @@ trm_fetch="$(command -v curl)" trm_iwinfo="$(command -v iwinfo)" trm_logger="$(command -v logger)" trm_wpa="$(command -v wpa_supplicant)" -trm_captiveurl="http://captive.apple.com" -trm_useragent="Mozilla/5.0 (Linux x86_64; rv:80.0) Gecko/20100101 Firefox/80.0" +trm_captiveurl="http://detectportal.firefox.com" +trm_useragent="Mozilla/5.0 (Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0" trm_ntpfile="/var/state/travelmate.ntp" trm_vpnfile="/var/state/travelmate.vpn" trm_mailfile="/var/state/travelmate.mail" @@ -55,8 +55,7 @@ f_env() # do nothing on stop # - if [ "${trm_action}" = "stop" ] - then + if [ "${trm_action}" = "stop" ]; then return fi @@ -66,13 +65,12 @@ f_env() # get system information # - trm_sysver="$(ubus -S call system board 2>/dev/null | jsonfilter -e '@.model' -e '@.release.description' | \ + trm_sysver="$(ubus -S call system board 2>/dev/null | jsonfilter -q -e '@.model' -e '@.release.description' | awk 'BEGIN{ORS=", "}{print $0}' | awk '{print substr($0,1,length($0)-2)}')" # check travelmate config # - if [ ! -r "/etc/config/travelmate" ] || [ -z "$(uci -q show travelmate.global.trm_vpn)" ] - then + if [ ! -r "/etc/config/travelmate" ] || [ -z "$(uci -q show travelmate.global.trm_vpn)" ]; then f_log "err" "invalid travelmate config, please re-install the package via opkg with the '--force-reinstall --force-maintainer' options" fi @@ -81,8 +79,7 @@ f_env() config_cb() { local name="${1}" type="${2}" - if [ "${name}" = "travelmate" ] && [ "${type}" = "global" ] - then + if [ "${name}" = "travelmate" ] && [ "${type}" = "global" ]; then option_cb() { local option="${1}" value="${2}" @@ -99,19 +96,16 @@ f_env() # check 'enabled' option # - if [ "${trm_enabled}" != "1" ] - then + if [ "${trm_enabled}" != "1" ]; then f_log "info" "travelmate is currently disabled, please set 'trm_enabled' to '1' to use this service" /etc/init.d/travelmate stop fi # check ubus network interface # - if [ -n "${trm_iface}" ] - then + if [ -n "${trm_iface}" ]; then ubus_check="$(ubus -t "${trm_maxwait}" wait_for network.wireless network.interface."${trm_iface}" 2>&1)" - if [ -n "${ubus_check}" ] - then + if [ -n "${ubus_check}" ]; then f_log "info" "travelmate interface '${trm_iface}' does not appear on ubus, please check your network setup" /etc/init.d/travelmate stop fi @@ -123,22 +117,20 @@ f_env() # check wpa capabilities # wpa_checks="sae owe eap suiteb192" - for check in ${wpa_checks} - do - if [ -x "${trm_wpa}" ] - then - result="$("${trm_wpa}" -v${check} >/dev/null 2>&1; printf "%u" "${?}")" - if [ -z "${trm_wpaflags}" ] - then - if [ "${result}" = "0" ] - then + for check in ${wpa_checks}; do + if [ -x "${trm_wpa}" ]; then + result="$( + "${trm_wpa}" -v${check} >/dev/null 2>&1 + printf "%u" "${?}" + )" + if [ -z "${trm_wpaflags}" ]; then + if [ "${result}" = "0" ]; then trm_wpaflags="${check}: $(f_char 1)" else trm_wpaflags="${check}: $(f_char 0)" fi else - if [ "${result}" = "0" ] - then + if [ "${result}" = "0" ]; then trm_wpaflags="$(f_trim "${trm_wpaflags}, ${check}: $(f_char 1)")" else trm_wpaflags="$(f_trim "${trm_wpaflags}, ${check}: $(f_char 0)")" @@ -151,8 +143,7 @@ f_env() # config_load wireless config_foreach f_prepdev wifi-device - if [ -n "$(uci -q changes "wireless")" ] - then + if [ -n "$(uci -q changes "wireless")" ]; then uci_commit "wireless" f_reconf fi @@ -160,10 +151,9 @@ f_env() # load json runtime file # json_load_file "${trm_rtfile}" >/dev/null 2>&1 - json_select data >/dev/null 2>&1 - if [ "${?}" != "0" ] - then - > "${trm_rtfile}" + + if ! json_select data >/dev/null 2>&1; then + : >"${trm_rtfile}" json_init json_add_object "data" fi @@ -187,8 +177,7 @@ f_char() { local result input="${1}" - if [ "${input}" = "1" ] - then + if [ "${input}" = "1" ]; then result="✔" else result="✘" @@ -203,20 +192,16 @@ f_reconf() local radio tmp_radio cnt="0" "${trm_wifi}" reconf - for radio in ${trm_radiolist} - do - while [ "$(ubus -S call network.wireless status | jsonfilter -l1 -e "@.${radio}.up")" != "true" ] - do - if [ "${cnt}" -ge "${trm_maxwait}" ] - then + for radio in ${trm_radiolist}; do + while [ "$(ubus -S call network.wireless status | jsonfilter -q -l1 -e "@.${radio}.up")" != "true" ]; do + if [ "${cnt}" -ge "${trm_maxwait}" ]; then break 2 fi - if [ "${radio}" != "${tmp_radio}" ] - then + if [ "${radio}" != "${tmp_radio}" ]; then "${trm_wifi}" up "${radio}" tmp_radio="${radio}" fi - cnt="$((cnt+1))" + cnt="$((cnt + 1))" sleep 1 done done @@ -229,18 +214,16 @@ f_vpn() { local IFS rc action="${1}" - if [ "${trm_vpn}" = "1" ] && [ -x "${trm_vpnpgm}" ] - then - if [ "${action}" = "disable" ] || { [ "${action}" = "enable" ] && [ ! -f "${trm_vpnfile}" ]; } - then + if [ "${trm_vpn}" = "1" ] && [ -x "${trm_vpnpgm}" ]; then + if [ "${action}" = "disable" ] || { + [ "${action}" = "enable" ] && [ ! -f "${trm_vpnfile}" ] + }; then "${trm_vpnpgm}" "${action}" >/dev/null 2>&1 rc="${?}" fi - if [ "${action}" = "enable" ] && [ "${rc}" = "0" ] - then - > "${trm_vpnfile}" - elif [ "${action}" = "disable" ] && [ -f "${trm_vpnfile}" ] - then + if [ "${action}" = "enable" ] && [ "${rc}" = "0" ]; then + : >"${trm_vpnfile}" + elif [ "${action}" = "disable" ] && [ -f "${trm_vpnfile}" ]; then rm -f "${trm_vpnfile}" fi fi @@ -253,16 +236,14 @@ f_mac() { local result ifname action="${1}" section="${2}" - if [ "${trm_randomize}" = "1" ] && [ "${action}" = "set" ] - then - result="$(hexdump -n6 -ve '/1 "%.02X "' /dev/random 2>/dev/null | \ + if [ "${trm_randomize}" = "1" ] && [ "${action}" = "set" ]; then + result="$(hexdump -n6 -ve '/1 "%.02X "' /dev/random 2>/dev/null | awk -v local="2,6,A,E" -v seed="$(date +%s)" 'BEGIN{srand(seed)}NR==1{split(local,b,",");seed=int(rand()*4+1);printf "%s%s:%s:%s:%s:%s:%s",substr($1,0,1),b[seed],$2,$3,$4,$5,$6}')" uci_set "wireless" "${section}" "macaddr" "${result}" else result="$(uci_get "wireless" "${section}" "macaddr")" - if [ -z "${result}" ] - then - ifname="$(ubus -S call network.wireless status 2>/dev/null | jsonfilter -l1 -e '@.*.interfaces[@.config.mode="sta"].ifname')" + if [ -z "${result}" ]; then + ifname="$(ubus -S call network.wireless status 2>/dev/null | jsonfilter -q -l1 -e '@.*.interfaces[@.config.mode="sta"].ifname')" result="$(${trm_iwinfo} "${ifname}" info 2>/dev/null | awk '/Access Point:/{printf "%s",$3}')" fi fi @@ -276,73 +257,65 @@ f_contrack() { local uplink_config radio_config essid_config bssid_config expiry action="${1}" radio="${2}" essid="${3}" bssid="${4}" cnt=0 - while [ "$(uci_get "travelmate" "@uplink[$cnt]" >/dev/null 2>&1; echo $?)" = "0" ] - do + while [ "$( + uci_get "travelmate" "@uplink[$cnt]" >/dev/null 2>&1 + echo $? + )" = "0" ]; do radio_config="$(uci_get "travelmate" "@uplink[$cnt]" "device")" essid_config="$(uci_get "travelmate" "@uplink[$cnt]" "ssid")" bssid_config="$(uci_get "travelmate" "@uplink[$cnt]" "bssid")" - if [ "${radio_config}" = "${radio}" ] && [ "${essid_config}" = "${essid}" ] && [ "${bssid_config}" = "${bssid}" ] - then + if [ "${radio_config}" = "${radio}" ] && [ "${essid_config}" = "${essid}" ] && [ "${bssid_config}" = "${bssid}" ]; then uplink_config="@uplink[$cnt]" fi - cnt="$((cnt+1))" + cnt="$((cnt + 1))" done - if [ -n "${uplink_config}" ] - then + if [ -n "${uplink_config}" ]; then case "${action}" in "start") uci_remove "travelmate" "${uplink_config}" "con_start" 2>/dev/null uci_remove "travelmate" "${uplink_config}" "con_end" 2>/dev/null - if [ -f "${trm_ntpfile}" ] - then + if [ -f "${trm_ntpfile}" ]; then uci_set "travelmate" "${uplink_config}" "con_start" "$(date "+%Y.%m.%d-%H:%M:%S")" fi - ;; + ;; "refresh") - if [ -f "${trm_ntpfile}" ] && [ -z "$(uci_get "travelmate" "${uplink_config}" "con_start")" ] - then + if [ -f "${trm_ntpfile}" ] && [ -z "$(uci_get "travelmate" "${uplink_config}" "con_start")" ]; then uci_set "travelmate" "${uplink_config}" "con_start" "$(date "+%Y.%m.%d-%H:%M:%S")" fi - ;; + ;; "end") - if [ -f "${trm_ntpfile}" ] - then + if [ -f "${trm_ntpfile}" ]; then uci_set "travelmate" "${uplink_config}" "con_end" "$(date "+%Y.%m.%d-%H:%M:%S")" fi - ;; + ;; "start_expiry") - if [ -f "${trm_ntpfile}" ] - then + if [ -f "${trm_ntpfile}" ]; then expiry="$(uci_get "travelmate" "${uplink_config}" "con_start_expiry")" uci_set "travelmate" "${uplink_config}" "enabled" "0" uci_set "travelmate" "${uplink_config}" "con_end" "$(date "+%Y.%m.%d-%H:%M:%S")" f_log "info" "uplink '${radio}/${essid}/${bssid:-"-"}' expired after ${expiry} minutes" fi - ;; + ;; "end_expiry") - if [ -f "${trm_ntpfile}" ] - then + if [ -f "${trm_ntpfile}" ]; then expiry="$(uci_get "travelmate" "${uplink_config}" "con_end_expiry")" uci_set "travelmate" "${uplink_config}" "enabled" "1" uci_remove "travelmate" "${uplink_config}" "con_start" 2>/dev/null uci_remove "travelmate" "${uplink_config}" "con_end" 2>/dev/null f_log "info" "uplink '${radio}/${essid}/${bssid:-"-"}' re-enabled after ${expiry} minutes" fi - ;; + ;; "disabled") uci_set "travelmate" "${uplink_config}" "enabled" "0" - if [ -f "${trm_ntpfile}" ] - then + if [ -f "${trm_ntpfile}" ]; then uci_set "travelmate" "${uplink_config}" "con_end" "$(date "+%Y.%m.%d-%H:%M:%S")" fi - ;; + ;; esac - if [ -n "$(uci -q changes "travelmate")" ] - then + if [ -n "$(uci -q changes "travelmate")" ]; then uci_commit "travelmate" - if [ ! -f "${trm_refreshfile}" ] - then - printf "%s" "cfg_reload" > "${trm_refreshfile}" + if [ ! -f "${trm_refreshfile}" ]; then + printf "%s" "cfg_reload" >"${trm_refreshfile}" fi fi fi @@ -354,18 +327,19 @@ f_uplink() { local IFS result t_radio t_essid t_bssid t_option="${1}" w_radio="${2}" w_essid="${3}" w_bssid="${4}" cnt=0 - while [ "$(uci_get "travelmate" "@uplink[$cnt]" >/dev/null 2>&1; echo $?)" = "0" ] - do + while [ "$( + uci_get "travelmate" "@uplink[$cnt]" >/dev/null 2>&1 + echo $? + )" = "0" ]; do t_radio="$(uci_get "travelmate" "@uplink[$cnt]" "device")" t_essid="$(uci_get "travelmate" "@uplink[$cnt]" "ssid")" t_bssid="$(uci_get "travelmate" "@uplink[$cnt]" "bssid")" - if [ -n "${w_radio}" ] && [ -n "${w_essid}" ] && \ - [ "${t_radio}" = "${w_radio}" ] && [ "${t_essid}" = "${w_essid}" ] && [ "${t_bssid}" = "${w_bssid}" ] - then + if [ -n "${w_radio}" ] && [ -n "${w_essid}" ] && + [ "${t_radio}" = "${w_radio}" ] && [ "${t_essid}" = "${w_essid}" ] && [ "${t_bssid}" = "${w_bssid}" ]; then result="$(uci_get "travelmate" "@uplink[$cnt]" "${t_option}")" break fi - cnt="$((cnt+1))" + cnt="$((cnt + 1))" done printf "%s" "${result}" f_log "debug" "f_uplink ::: option: ${t_option}, result: ${result}" @@ -378,17 +352,14 @@ f_prepdev() local IFS disabled radio="${1}" disabled="$(uci_get "wireless" "${radio}" "disabled")" - if [ "${disabled}" = "1" ] - then + if [ "${disabled}" = "1" ]; then uci_set wireless "${radio}" disabled 0 fi - if [ -z "${trm_radio}" ] && [ -z "$(printf "%s" "${trm_radiolist}" | grep -Fo "${radio}")" ] - then + if [ -z "${trm_radio}" ] && ! printf "%s" "${trm_radiolist}" | grep -q "${radio}"; then trm_radiolist="$(f_trim "${trm_radiolist} ${radio}")" - elif [ -n "${trm_radio}" ] && [ -z "${trm_radiolist}" ] - then - trm_radiolist="$(f_trim "$(printf "%s" "${trm_radio}" | \ + elif [ -n "${trm_radio}" ] && [ -z "${trm_radiolist}" ]; then + trm_radiolist="$(f_trim "$(printf "%s" "${trm_radio}" | awk '{while(match(tolower($0),/[a-z0-9_]+/)){ORS=" ";print substr(tolower($0),RSTART,RLENGTH);$0=substr($0,RSTART+RLENGTH)}}')")" fi f_log "debug" "f_prepdev ::: trm_radio: ${trm_radio:-"-"}, radio: ${radio}, radio_list: ${trm_radiolist:-"-"}, disabled: ${disabled:-"-"}" @@ -403,26 +374,21 @@ f_addif() config_cb() { local type="${1}" name="${2}" - if [ "${type}" = "wifi-iface" ] - then - if [ "$(uci -q get "wireless.${name}.ssid")" = "${essid}" ] - then + if [ "${type}" = "wifi-iface" ]; then + if [ "$(uci -q get "wireless.${name}.ssid")" = "${essid}" ]; then offset=0 - elif [ "${offset}" != "0" ] - then - offset="$((offset+1))" + elif [ "${offset}" != "0" ]; then + offset="$((offset + 1))" fi fi return "${offset}" } config_load wireless - if [ "${offset}" != "0" ] - then + if [ "${offset}" != "0" ]; then uci_cfg="trm_uplink${offset}" - while [ -n "$(uci -q get "wireless.${uci_cfg}")" ] - do - offset="$((offset+1))" + while [ -n "$(uci -q get "wireless.${uci_cfg}")" ]; do + offset="$((offset + 1))" uci_cfg="trm_uplink${offset}" done uci -q batch <<-EOC @@ -442,14 +408,12 @@ f_addif() set travelmate."${uci_cfg}".con_end_expiry="0" set travelmate."${uci_cfg}".enabled="1" EOC - if [ -n "$(uci -q changes "travelmate")" ] || [ -n "$(uci -q changes "wireless")" ] - then + if [ -n "$(uci -q changes "travelmate")" ] || [ -n "$(uci -q changes "wireless")" ]; then uci_commit "travelmate" uci_commit "wireless" f_reconf - if [ ! -f "${trm_refreshfile}" ] - then - printf "%s" "ui_reload" > "${trm_refreshfile}" + if [ ! -f "${trm_refreshfile}" ]; then + printf "%s" "ui_reload" >"${trm_refreshfile}" fi f_log "info" "open uplink '${radio}/${essid}' added to wireless config" fi @@ -474,45 +438,42 @@ f_prepif() con_start_expiry="$(f_uplink "con_start_expiry" "${radio}" "${essid}" "${bssid}")" con_end_expiry="$(f_uplink "con_end_expiry" "${radio}" "${essid}" "${bssid}")" - if [ "${status}" = "0" ] && [ -n "${con_end}" ] && [ -n "${con_end_expiry}" ] && [ "${con_end_expiry}" != "0" ] - then + if [ "${status}" = "0" ] && [ -n "${con_end}" ] && [ -n "${con_end_expiry}" ] && [ "${con_end_expiry}" != "0" ]; then d1="$(date -d "${con_end}" "+%s")" d2="$(date "+%s")" - d3="$(((d2-d1)/60))" - if [ "${d3}" -ge "${con_end_expiry}" ] - then + d3="$(((d2 - d1) / 60))" + if [ "${d3}" -ge "${con_end_expiry}" ]; then status="1" f_contrack "end_expiry" "${radio}" "${essid}" "${bssid}" fi - elif [ "${status}" = "1" ] && [ -n "${con_start}" ] && [ -n "${con_start_expiry}" ] && [ "${con_start_expiry}" != "0" ] - then + elif [ "${status}" = "1" ] && [ -n "${con_start}" ] && [ -n "${con_start_expiry}" ] && [ "${con_start_expiry}" != "0" ]; then d1="$(date -d "${con_start}" "+%s")" d2="$(date "+%s")" - d3="$((d1+(con_start_expiry*60)))" - if [ "${d2}" -gt "${d3}" ] - then + d3="$((d1 + (con_start_expiry * 60)))" + if [ "${d2}" -gt "${d3}" ]; then status="0" f_contrack "start_expiry" "${radio}" "${essid}" "${bssid}" fi fi - if [ "${mode}" = "sta" ] - then - if [ "${status}" = "0" ] || \ - { { [ -z "${disabled}" ] || [ "${disabled}" = "0" ]; } && { [ "${proactive}" = "0" ] || [ "${trm_ifstatus}" != "true" ]; } } - then + if [ "${mode}" = "sta" ]; then + if [ "${status}" = "0" ] || + { + { + [ -z "${disabled}" ] || [ "${disabled}" = "0" ] + } && { + [ "${proactive}" = "0" ] || [ "${trm_ifstatus}" != "true" ] + } + }; then uci_set "wireless" "${section}" "disabled" "1" - elif [ "${disabled}" = "0" ] && [ "${trm_ifstatus}" = "true" ] && [ "${proactive}" = "1" ] - then - if [ -z "${trm_activesta}" ] - then + elif [ "${disabled}" = "0" ] && [ "${trm_ifstatus}" = "true" ] && [ "${proactive}" = "1" ]; then + if [ -z "${trm_activesta}" ]; then trm_activesta="${section}" else uci_set "wireless" "${section}" "disabled" "1" fi fi - if [ "${status}" = "1" ] - then + if [ "${status}" = "1" ]; then trm_stalist="$(f_trim "${trm_stalist} ${section}-${radio}")" fi fi @@ -523,41 +484,39 @@ f_prepif() # f_net() { - local IFS err err_rc err_domain json_raw json_cp json_rc cp_domain result="net nok" + local IFS err err_rc err_domain raw html_raw html_cp json_raw json_cp json_rc result="net nok" - json_raw="$(${trm_fetch} --user-agent "${trm_useragent}" --referer "http://www.example.com" --write-out "%{json}" --silent --show-error --connect-timeout $((trm_maxwait/10)) "${trm_captiveurl}" 2>/tmp/trm_fetch.err)" - json_raw="${json_raw#*\{}" - if [ -s "/tmp/trm_fetch.err" ] - then + raw="$(${trm_fetch} --user-agent "${trm_useragent}" --referer "http://www.example.com" --header "Cache-Control: no-cache, no-store, must-revalidate" --header "Pragma: no-cache" --header "Expires: 0" --write-out "%{json}" --silent --show-error --connect-timeout $((trm_maxwait / 10)) "${trm_captiveurl}" 2>/tmp/trm_fetch.err)" + json_raw="${raw#*\{}" + html_raw="${raw%%\{*}" + if [ -s "/tmp/trm_fetch.err" ]; then err="$(awk 'BEGIN{FS="[()'\'' ]"}{printf "%s %s",$3,$(NF-1)}' "/tmp/trm_fetch.err")" err_rc="${err% *}" err_domain="${err#* }" - if [ "${err_rc}" = "6" ] - then - if [ -n "${err_domain}" ] && [ "${err_domain}" != "timed" ] && [ "${err_domain}" != "${trm_captiveurl#http*://*}" ] - then + if [ "${err_rc}" = "6" ]; then + if [ -n "${err_domain}" ] && [ "${err_domain}" != "timed" ] && [ "${err_domain}" != "${trm_captiveurl#http*://*}" ]; then result="net cp '${err_domain}'" fi fi - elif [ -n "${json_raw}" ] - then - json_cp="$(printf "%s" "{${json_raw}" | jsonfilter -l1 -e '@.redirect_url' 2>/dev/null)" - json_rc="$(printf "%s" "{${json_raw}" | jsonfilter -l1 -e '@.response_code' 2>/dev/null)" - if [ -n "${json_cp}" ] - then - cp_domain="${json_cp#http*://*}" - cp_domain="${cp_domain%%/*}" - result="net cp '${cp_domain}'" + elif [ -n "${json_raw}" ]; then + json_cp="$(printf "%s" "{${json_raw}" | jsonfilter -q -l1 -e '@.redirect_url' | awk 'BEGIN{FS="/"}{printf "%s",$3}')" + json_rc="$(printf "%s" "{${json_raw}" | jsonfilter -q -l1 -e '@.response_code')" + if [ -n "${json_cp}" ]; then + result="net cp '${json_cp}'" else - if [ "${json_rc}" = "200" ] || [ "${json_rc}" = "204" ] - then - result="net ok" + if [ "${json_rc}" = "200" ] || [ "${json_rc}" = "204" ]; then + html_cp="$(printf "%s" "${html_raw}" | awk 'match(tolower($0),/^.*/dev/null | awk -F '[ ]' '/Link Quality:/{split($NF,var0,"/");printf "%i\n",(var0[1]*100/var0[2])}')" - if [ "${trm_ifquality}" -ge "${trm_minquality}" ] - then - trm_ifstatus="$(ubus -S call network.interface dump 2>/dev/null | jsonfilter -l1 -e "@.interface[@.device=\"${ifname}\"].up")" - if [ "${trm_ifstatus}" = "true" ] - then - if [ "${trm_captive}" = "1" ] - then + if [ "${trm_ifquality}" -ge "${trm_minquality}" ]; then + trm_ifstatus="$(ubus -S call network.interface dump 2>/dev/null | jsonfilter -q -l1 -e "@.interface[@.device=\"${ifname}\"].up")" + if [ "${trm_ifstatus}" = "true" ]; then + if [ "${trm_captive}" = "1" ]; then cp_domain="$(printf "%s" "${result}" | awk -F '['\''| ]' '/^net cp/{printf "%s",$4}')" - if [ -x "/etc/init.d/dnsmasq" ] && [ -f "/etc/config/dhcp" ] && \ - [ -n "${cp_domain}" ] && [ -z "$(uci_get "dhcp" "@dnsmasq[0]" "rebind_domain" | grep -Fo "${cp_domain}")" ] - then + if [ -x "/etc/init.d/dnsmasq" ] && [ -f "/etc/config/dhcp" ] && + [ -n "${cp_domain}" ] && ! uci_get "dhcp" "@dnsmasq[0]" "rebind_domain" | grep -q "${cp_domain}"; then uci_add_list "dhcp" "@dnsmasq[0]" "rebind_domain" "${cp_domain}" uci_commit "dhcp" /etc/init.d/dnsmasq reload f_log "info" "captive portal domain '${cp_domain}' added to to dhcp rebind whitelist" fi - if [ -n "${cp_domain}" ] && [ "${trm_captive}" = "1" ] - then + if [ -n "${cp_domain}" ] && [ "${trm_captive}" = "1" ]; then trm_connection="${result:-"-"}/${trm_ifquality}" f_jsnup login_script="$(f_uplink "script" "${sta_radio}" "${sta_essid}" "${sta_bssid}")" - if [ -x "${login_script}" ] - then + if [ -x "${login_script}" ]; then login_script_args="$(f_uplink "script_args" "${sta_radio}" "${sta_essid}" "${sta_bssid}")" "${login_script}" ${login_script_args} >/dev/null 2>&1 rc="${?}" - f_log "info" "captive portal login '${login_script:0:40} ${login_script_args:0:20}' for '${cp_domain}' has been executed with rc '${rc}'" - if [ "${rc}" = "0" ] - then + f_log "info" "captive portal login for '${cp_domain}' has been executed with rc '${rc}'" + if [ "${rc}" = "0" ]; then result="$(f_net)" fi fi fi fi - if [ "${trm_netcheck}" = "1" ] && [ "${result}" = "net nok" ] - then + if [ "${trm_netcheck}" = "1" ] && [ "${result}" = "net nok" ]; then f_log "info" "uplink has no internet (new connection)" f_vpn "disable" trm_ifstatus="${status}" @@ -656,17 +605,14 @@ f_check() f_jsnup break fi - elif [ -n "${trm_connection}" ] - then - if [ "${trm_ifquality}" -lt "${trm_minquality}" ] - then + elif [ -n "${trm_connection}" ]; then + if [ "${trm_ifquality}" -lt "${trm_minquality}" ]; then f_log "info" "uplink is out of range (${trm_ifquality}/${trm_minquality})" f_vpn "disable" unset trm_connection trm_ifstatus="${status}" f_contrack "end" "${sta_radio}" "${sta_essid}" "${sta_bssid}" - elif [ "${trm_netcheck}" = "1" ] && [ "${result}" = "net nok" ] - then + elif [ "${trm_netcheck}" = "1" ] && [ "${result}" = "net nok" ]; then f_log "info" "uplink has no internet (existing connection)" f_vpn "disable" unset trm_connection @@ -674,34 +620,30 @@ f_check() fi f_jsnup break - elif [ "${mode}" = "initial" ] - then + elif [ "${mode}" = "initial" ]; then trm_ifstatus="${status}" f_jsnup break fi - elif [ -n "${trm_connection}" ] - then + elif [ -n "${trm_connection}" ]; then f_vpn "disable" unset trm_connection trm_ifstatus="${status}" f_jsnup break - elif [ "${mode}" = "initial" ] - then + elif [ "${mode}" = "initial" ]; then trm_ifstatus="${status}" f_jsnup break fi fi fi - if [ "${mode}" = "initial" ] - then + if [ "${mode}" = "initial" ]; then trm_ifstatus="${status}" f_jsnup break fi - wait_time="$((wait_time+1))" + wait_time="$((wait_time + 1))" sleep 1 done f_log "debug" "f_check ::: mode: ${mode}, name: ${ifname:-"-"}, status: ${trm_ifstatus}, enabled: ${enabled}, connection: ${trm_connection:-"-"}, wait: ${wait_time}, max_wait: ${trm_maxwait}, min_quality: ${trm_minquality}, captive: ${trm_captive}, netcheck: ${trm_netcheck}" @@ -713,15 +655,12 @@ f_jsnup() { local IFS section last_date last_station sta_iface sta_radio sta_essid sta_bssid sta_mac dev_status last_status status="${trm_ifstatus}" ntp_done="0" vpn_done="0" mail_done="0" - if [ "${status}" = "true" ] - then + if [ "${status}" = "true" ]; then status="connected (${trm_connection:-"-"})" dev_status="$(ubus -S call network.wireless status 2>/dev/null)" - if [ -n "${dev_status}" ] - then - section="$(printf "%s" "${dev_status}" | jsonfilter -l1 -e '@.*.interfaces[@.config.mode="sta"].section')" - if [ -n "${section}" ] - then + if [ -n "${dev_status}" ]; then + section="$(printf "%s" "${dev_status}" | jsonfilter -q -l1 -e '@.*.interfaces[@.config.mode="sta"].section')" + if [ -n "${section}" ]; then sta_iface="$(uci_get "wireless" "${section}" "network")" sta_radio="$(uci_get "wireless" "${section}" "device")" sta_essid="$(uci_get "wireless" "${section}" "ssid")" @@ -733,17 +672,18 @@ f_jsnup() json_get_var last_station "station_id" json_get_var last_status "travelmate_status" - if { [ -f "${trm_ntpfile}" ] && [ ! -s "${trm_ntpfile}" ]; } || [ "${last_status}" = "running (not connected)" ] || \ - { [ -n "${last_station}" ] && [ "${last_station}" != "${sta_radio:-"-"}/${sta_essid:-"-"}/${sta_bssid:-"-"}" ]; } - then + if { + [ -f "${trm_ntpfile}" ] && [ ! -s "${trm_ntpfile}" ] + } || [ "${last_status}" = "running (not connected)" ] || + { + [ -n "${last_station}" ] && [ "${last_station}" != "${sta_radio:-"-"}/${sta_essid:-"-"}/${sta_bssid:-"-"}" ] + }; then last_date="$(date "+%Y.%m.%d-%H:%M:%S")" - if [ -f "${trm_ntpfile}" ] && [ ! -s "${trm_ntpfile}" ] - then - printf "%s" "${last_date}" > "${trm_ntpfile}" + if [ -f "${trm_ntpfile}" ] && [ ! -s "${trm_ntpfile}" ]; then + printf "%s" "${last_date}" >"${trm_ntpfile}" fi fi - elif [ "${status}" = "error" ] - then + elif [ "${status}" = "error" ]; then unset trm_connection status="program error" else @@ -751,20 +691,16 @@ f_jsnup() status="running (not connected)" fi - if [ -z "${last_date}" ] - then + if [ -z "${last_date}" ]; then last_date="$(date "+%Y.%m.%d-%H:%M:%S")" fi - if [ -s "${trm_ntpfile}" ] - then + if [ -s "${trm_ntpfile}" ]; then ntp_done="1" fi - if [ "${trm_vpn}" = "1" ] && [ -f "${trm_vpnfile}" ] - then + if [ "${trm_vpn}" = "1" ] && [ -f "${trm_vpnfile}" ]; then vpn_done="1" fi - if [ "${trm_mail}" = "1" ] && [ -f "${trm_mailfile}" ] - then + if [ "${trm_mail}" = "1" ] && [ -f "${trm_mailfile}" ]; then mail_done="1" fi json_add_string "travelmate_status" "${status}" @@ -777,16 +713,13 @@ f_jsnup() json_add_string "ext_hooks" "ntp: $(f_char ${ntp_done}), vpn: $(f_char ${vpn_done}), mail: $(f_char ${mail_done})" json_add_string "last_run" "${last_date}" json_add_string "system" "${trm_sysver}" - json_dump > "${trm_rtfile}" + json_dump >"${trm_rtfile}" - if [ "${status%% (net ok/*}" = "connected" ] - then + if [ "${status%% (net ok/*}" = "connected" ]; then f_vpn "enable" - if [ "${trm_mail}" = "1" ] && [ -x "${trm_mailpgm}" ] && [ "${ntp_done}" = "1" ] && [ "${mail_done}" = "0" ] - then - if [ "${trm_vpn}" = "0" ] || [ "${vpn_done}" = "1" ] - then - > "${trm_mailfile}" + if [ "${trm_mail}" = "1" ] && [ -x "${trm_mailpgm}" ] && [ "${ntp_done}" = "1" ] && [ "${mail_done}" = "0" ]; then + if [ "${trm_vpn}" = "0" ] || [ "${vpn_done}" = "1" ]; then + : >"${trm_mailfile}" "${trm_mailpgm}" >/dev/null 2>&1 fi fi @@ -802,19 +735,18 @@ f_log() { local IFS class="${1}" log_msg="${2}" - if [ -n "${log_msg}" ] && { [ "${class}" != "debug" ] || [ "${trm_debug}" = "1" ]; } - then - if [ -x "${trm_logger}" ] - then + if [ -n "${log_msg}" ] && { + [ "${class}" != "debug" ] || [ "${trm_debug}" = "1" ] + }; then + if [ -x "${trm_logger}" ]; then "${trm_logger}" -p "${class}" -t "trm-${trm_ver}[${$}]" "${log_msg}" else - printf "%s %s %s\\n" "${class}" "trm-${trm_ver}[${$}]" "${log_msg}" + printf '%s %s %s\n' "${class}" "trm-${trm_ver}[${$}]" "${log_msg}" fi - if [ "${class}" = "err" ] - then + if [ "${class}" = "err" ]; then trm_ifstatus="error" f_jsnup - > "${trm_pidfile}" + : >"${trm_pidfile}" exit 1 fi fi @@ -829,12 +761,10 @@ f_main() f_check "initial" "false" f_log "debug" "f_main ::: status: ${trm_ifstatus}, proactive: ${trm_proactive}" - if [ "${trm_ifstatus}" != "true" ] || [ "${trm_proactive}" = "1" ] - then + if [ "${trm_ifstatus}" != "true" ] || [ "${trm_proactive}" = "1" ]; then config_load wireless config_foreach f_prepif wifi-iface ${trm_proactive} - if [ "${trm_ifstatus}" = "true" ] && [ -n "${trm_activesta}" ] && [ "${trm_proactive}" = "1" ] - then + if [ "${trm_ifstatus}" = "true" ] && [ -n "${trm_activesta}" ] && [ "${trm_proactive}" = "1" ]; then json_get_var station_id "station_id" config_radio="${station_id%%/*}" config_essid="${station_id%/*}" @@ -847,50 +777,43 @@ f_main() uci_commit "wireless" f_check "dev" "false" fi - f_log "debug" "f_main ::: radio_list: ${trm_radiolist}, sta_list: ${trm_stalist:0:${trm_scanbuffer}}" + f_log "debug" "f_main ::: radio_list: ${trm_radiolist}, sta_list: ${trm_stalist:0:trm_scanbuffer}" # radio loop # - for radio in ${trm_radiolist} - do - if [ -z "$(printf "%s" "${trm_stalist}" | grep -o "\\-${radio}")" ] - then + for radio in ${trm_radiolist}; do + if ! printf "%s" "${trm_stalist}" | grep -q "\\-${radio}"; then f_log "info" "no station on radio '${radio}'" continue fi # station loop # - for sta in ${trm_stalist} - do + for sta in ${trm_stalist}; do section="${sta%%-*}" sta_radio="$(uci_get "wireless" "${section}" "device")" sta_essid="$(uci_get "wireless" "${section}" "ssid")" sta_bssid="$(uci_get "wireless" "${section}" "bssid")" sta_iface="$(uci_get "wireless" "${section}" "network")" sta_mac="$(f_mac "get" "${section}")" - if [ -z "${sta_radio}" ] || [ -z "${sta_essid}" ] || [ -z "${sta_iface}" ] - then + if [ -z "${sta_radio}" ] || [ -z "${sta_essid}" ] || [ -z "${sta_iface}" ]; then f_log "info" "invalid wireless section '${section}'" continue fi - if [ "${sta_radio}" = "${config_radio}" ] && [ "${sta_essid}" = "${config_essid}" ] && [ "${sta_bssid}" = "${config_bssid}" ] - then + if [ "${sta_radio}" = "${config_radio}" ] && [ "${sta_essid}" = "${config_essid}" ] && [ "${sta_bssid}" = "${config_bssid}" ]; then f_contrack "refresh" "${config_radio}" "${config_essid}" "${config_bssid}" f_log "info" "uplink still in range '${config_radio}/${config_essid}/${config_bssid:-"-"}' with mac '${sta_mac:-"-"}'" break 2 fi f_log "debug" "f_main ::: sta_radio: ${sta_radio}, sta_essid: \"${sta_essid}\", sta_bssid: ${sta_bssid:-"-"}" - if [ -z "${scan_list}" ] - then - scan_dev="$(ubus -S call network.wireless status 2>/dev/null | jsonfilter -l1 -e "@.${radio}.interfaces[0].ifname")" - scan_list="$("${trm_iwinfo}" "${scan_dev:-${radio}}" scan 2>/dev/null | \ + if [ -z "${scan_list}" ]; then + scan_dev="$(ubus -S call network.wireless status 2>/dev/null | jsonfilter -q -l1 -e "@.${radio}.interfaces[0].ifname")" + scan_list="$("${trm_iwinfo}" "${scan_dev:-${radio}}" scan 2>/dev/null | awk 'BEGIN{FS="[[:space:]]"}/Address:/{var1=$NF}/ESSID:/{var2="";for(i=12;i<=NF;i++)if(var2==""){var2=$i}else{var2=var2" "$i}; - gsub(/,/,".",var2)}/Quality:/{split($NF,var0,"/")}/Encryption:/{if($NF=="none"){var3="+"}else{var3="-"};printf "%i,%s,%s,%s\n",(var0[1]*100/var0[2]),var1,var2,var3}' | \ + gsub(/,/,".",var2)}/Quality:/{split($NF,var0,"/")}/Encryption:/{if($NF=="none"){var3="+"}else{var3="-"};printf "%i,%s,%s,%s\n",(var0[1]*100/var0[2]),var1,var2,var3}' | sort -rn | awk -v buf="${trm_scanbuffer}" 'BEGIN{ORS=","}{print substr($0,1,buf)}')" f_log "debug" "f_main ::: radio: ${radio}, scan_device: ${scan_dev}, scan_buffer: ${trm_scanbuffer}, scan_list: ${scan_list:-"-"}" - if [ -z "${scan_list}" ] - then + if [ -z "${scan_list}" ]; then f_log "info" "no scan results on '${radio}'" continue 2 fi @@ -899,32 +822,31 @@ f_main() # scan loop # IFS="," - for spec in ${scan_list} - do - if [ -z "${scan_quality}" ] - then + for spec in ${scan_list}; do + if [ -z "${scan_quality}" ]; then scan_quality="${spec}" - elif [ -z "${scan_bssid}" ] - then + elif [ -z "${scan_bssid}" ]; then scan_bssid="${spec}" - elif [ -z "${scan_essid}" ] - then + elif [ -z "${scan_essid}" ]; then scan_essid="${spec}" - elif [ -z "${scan_open}" ] - then + elif [ -z "${scan_open}" ]; then scan_open="${spec}" fi - if [ -n "${scan_quality}" ] && [ -n "${scan_bssid}" ] && [ -n "${scan_essid}" ] && [ -n "${scan_open}" ] - then - if [ "${scan_quality}" -ge "${trm_minquality}" ] - then - if { { [ "${scan_essid}" = "\"${sta_essid//,/.}\"" ] && { [ -z "${sta_bssid}" ] || [ "${scan_bssid}" = "${sta_bssid}" ]; } } || \ - { [ "${scan_bssid}" = "${sta_bssid}" ] && [ "${scan_essid}" = "unknown" ]; } } && [ "${radio}" = "${sta_radio}" ] - then + if [ -n "${scan_quality}" ] && [ -n "${scan_bssid}" ] && [ -n "${scan_essid}" ] && [ -n "${scan_open}" ]; then + if [ "${scan_quality}" -ge "${trm_minquality}" ]; then + if { + { + [ "${scan_essid}" = "\"${sta_essid//,/.}\"" ] && { + [ -z "${sta_bssid}" ] || [ "${scan_bssid}" = "${sta_bssid}" ] + } + } || + { + [ "${scan_bssid}" = "${sta_bssid}" ] && [ "${scan_essid}" = "unknown" ] + } + } && [ "${radio}" = "${sta_radio}" ]; then f_vpn "disable" f_log "debug" "f_main ::: scan_quality: ${scan_quality}, scan_essid: ${scan_essid}, scan_bssid: ${scan_bssid:-"-"}, scan_open: ${scan_open}" - if [ -n "${config_radio}" ] - then + if [ -n "${config_radio}" ]; then uci_set "wireless" "${trm_activesta}" "disabled" "1" uci_commit "wireless" f_contrack "end" "${config_radio}" "${config_essid}" "${config_bssid}" @@ -936,22 +858,18 @@ f_main() # retrycnt=1 trm_radio="${sta_radio}" - while [ "${retrycnt}" -le "${trm_maxretry}" ] - do - if [ "${trm_randomize}" = "1" ] - then + while [ "${retrycnt}" -le "${trm_maxretry}" ]; do + if [ "${trm_randomize}" = "1" ]; then sta_mac="$(f_mac "set" "${section}")" fi uci_set "wireless" "${section}" "disabled" "0" f_check "sta" "false" "${sta_radio}" "${sta_essid}" "${sta_bssid}" - if [ "${trm_ifstatus}" = "true" ] - then + if [ "${trm_ifstatus}" = "true" ]; then unset IFS scan_list rm -f "${trm_mailfile}" uci_commit "wireless" f_contrack "start" "${sta_radio}" "${sta_essid}" "${sta_bssid}" - if [ "${trm_randomize}" = "0" ] - then + if [ "${trm_randomize}" = "0" ]; then sta_mac="$(f_mac "get" "${section}")" fi f_log "info" "connected to uplink '${sta_radio}/${sta_essid}/${sta_bssid:-"-"}' with mac '${sta_mac:-"-"}' (${retrycnt}/${trm_maxretry})" @@ -959,8 +877,7 @@ f_main() else uci -q revert "wireless" f_check "rev" "false" - if [ "${retrycnt}" = "${trm_maxretry}" ] - then + if [ "${retrycnt}" = "${trm_maxretry}" ]; then f_contrack "disabled" "${sta_radio}" "${sta_essid}" "${sta_bssid}" f_log "info" "uplink has been disabled '${sta_radio}/${sta_essid}/${sta_bssid:-"-"}' (${retrycnt}/${trm_maxretry})" break 2 @@ -969,11 +886,10 @@ f_main() f_log "info" "can't connect to uplink '${sta_radio}/${sta_essid}/${sta_bssid:-"-"}' (${retrycnt}/${trm_maxretry})" fi fi - retrycnt="$((retrycnt+1))" - sleep "$((trm_maxwait/6))" + retrycnt="$((retrycnt + 1))" + sleep "$((trm_maxwait / 6))" done - elif [ "${trm_autoadd}" = "1" ] && [ "${scan_open}" = "+" ] && [ "${scan_essid}" != "unknown" ] - then + elif [ "${trm_autoadd}" = "1" ] && [ "${scan_open}" = "+" ] && [ "${scan_essid}" != "unknown" ]; then scan_essid="${scan_essid%?}" scan_essid="${scan_essid:1}" f_addif "${sta_radio}" "${scan_essid}" @@ -995,8 +911,7 @@ f_main() # source required system libraries # -if [ -r "/lib/functions.sh" ] && [ -r "/usr/share/libubox/jshn.sh" ] -then +if [ -r "/lib/functions.sh" ] && [ -r "/usr/share/libubox/jshn.sh" ]; then . "/lib/functions.sh" . "/usr/share/libubox/jshn.sh" else @@ -1005,39 +920,32 @@ fi # control travelmate actions # -if [ "${trm_action}" != "stop" ] -then +if [ "${trm_action}" != "stop" ]; then f_env fi -while true -do - if [ -z "${trm_action}" ] - then +while true; do + if [ -z "${trm_action}" ]; then rc=0 - while true - do - if [ "${rc}" = "0" ] - then + while true; do + if [ "${rc}" = "0" ]; then f_check "initial" "false" fi sleep "${trm_timeout}" 0 rc=${?} - if [ "${rc}" != "0" ] - then + if [ "${rc}" != "0" ]; then f_check "initial" "false" fi - if [ "${rc}" = "0" ] || { [ "${rc}" != "0" ] && [ "${trm_ifstatus}" = "false" ]; } - then + if [ "${rc}" = "0" ] || { + [ "${rc}" != "0" ] && [ "${trm_ifstatus}" = "false" ] + }; then break fi done - elif [ "${trm_action}" = "stop" ] - then - if [ -s "${trm_pidfile}" ] - then + elif [ "${trm_action}" = "stop" ]; then + if [ -s "${trm_pidfile}" ]; then f_log "info" "travelmate instance stopped ::: action: ${trm_action}, pid: $(cat ${trm_pidfile} 2>/dev/null)" - > "${trm_rtfile}" - > "${trm_pidfile}" + : >"${trm_rtfile}" + : >"${trm_pidfile}" fi break else diff --git a/net/travelmate/files/travelmate.vpn b/net/travelmate/files/travelmate.vpn index 94da997a13..3ee18fea7f 100755 --- a/net/travelmate/files/travelmate.vpn +++ b/net/travelmate/files/travelmate.vpn @@ -1,10 +1,10 @@ #!/bin/sh # vpn switch for travelmate -# Copyright (c) 2020 Dirk Brenken (dev@brenken.org) +# Copyright (c) 2020-2021 Dirk Brenken (dev@brenken.org) # This is free software, licensed under the GNU General Public License v3. # set (s)hellcheck exceptions -# shellcheck disable=1091,2016,2039,2059,2086,2143,2181,2188 +# shellcheck disable=1091,3040,3043 # Please note: you have to setup the package 'wireguard' or 'openvpn' before using this script @@ -12,9 +12,10 @@ export LC_ALL=C export PATH="/usr/sbin:/usr/bin:/sbin:/bin" set -o pipefail -if [ "$(uci_get 2>/dev/null; printf "%u" "${?}")" = "127" ] -then - . "/lib/functions.sh" +# source function library if necessary +# +if [ -z "${_C}" ]; then + . "/lib/functions.sh" fi vpn_action="${1}" @@ -22,129 +23,93 @@ trm_vpnservice="$(uci_get travelmate global trm_vpnservice)" trm_vpniface="$(uci_get travelmate global trm_vpniface)" trm_landevice="$(uci_get travelmate global trm_landevice)" trm_maxwait="$(uci_get travelmate global trm_maxwait "30")" -trm_captiveurl="$(uci_get travelmate global trm_captiveurl "http://captive.apple.com")" -trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (Linux x86_64; rv:80.0) Gecko/20100101 Firefox/80.0")" +trm_captiveurl="$(uci_get travelmate global trm_captiveurl "http://detectportal.firefox.com")" +trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0")" trm_iptrule_accept="FORWARD -i ${trm_landevice} -p tcp --match multiport --dports 80,443 -j ACCEPT" trm_iptrule_drop="FORWARD -i ${trm_landevice} -j DROP" trm_iptables="$(command -v iptables)" trm_logger="$(command -v logger)" trm_fetch="$(command -v curl)" -f_log() -{ - local class="${1}" log_msg="${2}" - - if [ -x "${trm_logger}" ] - then - "${trm_logger}" -p "${class}" -t "trm-vpn [${$}]" "${log_msg}" - else - printf "%s %s %s\\n" "${class}" "trm-vpn [${$}]" "${log_msg}" - fi -} - f_net() { - local IFS json_raw json_rc result="net nok" + local IFS json_rc result="net nok" - json_raw="$(${trm_fetch} --user-agent "${trm_useragent}" --referer "http://www.example.com" --write-out "%{json}" --silent --show-error --connect-timeout $((trm_maxwait/10)) "${trm_captiveurl}" 2>/dev/null)" - json_raw="${json_raw#*\{}" - if [ -n "${json_raw}" ] - then - json_rc="$(printf "%s" "{${json_raw}" | jsonfilter -l1 -e '@.response_code' 2>/dev/null)" - if [ "${json_rc}" = "200" ] || [ "${json_rc}" = "204" ] - then - result="net ok" - fi + json_rc="$(${trm_fetch} --user-agent "${trm_useragent}" --referer "http://www.example.com" --connect-timeout $((trm_maxwait / 10)) --header "Cache-Control: no-cache, no-store, must-revalidate" --header "Pragma: no-cache" --header "Expires: 0" --write-out "%{response_code}" --silent --show-error --output /dev/null "${trm_captiveurl}")" + if [ "${json_rc}" = "200" ] || [ "${json_rc}" = "204" ]; then + result="net ok" fi printf "%s" "${result}" } -if [ -n "${trm_vpnservice}" ] && [ -n "${trm_vpniface}" ] && [ -n "${trm_landevice}" ] && [ -f "/tmp/trm_runtime.json" ] -then +if [ -n "${trm_vpnservice}" ] && [ -n "${trm_vpniface}" ] && [ -n "${trm_landevice}" ] && [ -f "/tmp/trm_runtime.json" ]; then status="$(jsonfilter -i "/tmp/trm_runtime.json" -l1 -e '@.data.travelmate_status' 2>/dev/null)" vpn_status="$(ubus -S call network.interface."${trm_vpniface}" status 2>/dev/null | jsonfilter -l1 -e '@.up')" - if [ "${vpn_action}" = "disable" ] && [ "${vpn_status}" = "true" ] - then - if [ -n "$("${trm_iptables}" "-w $((trm_maxwait/6))" -C ${trm_iptrule_drop} 2>&1)" ] && \ - [ -n "$("${trm_iptables}" "-w $((trm_maxwait/6))" -C ${trm_iptrule_accept} 2>&1)" ] - then - "${trm_iptables}" "-w $((trm_maxwait/6))" -I ${trm_iptrule_drop} 2>&1 - f_log "info" "lan forward blocked for device '${trm_landevice}'" + if [ "${vpn_action}" = "disable" ] && [ "${vpn_status}" = "true" ]; then + if [ -n "$("${trm_iptables}" "-w $((trm_maxwait / 6))" -C "${trm_iptrule_drop}" 2>&1)" ] && + [ -n "$("${trm_iptables}" "-w $((trm_maxwait / 6))" -C "${trm_iptrule_accept}" 2>&1)" ]; then + "${trm_iptables}" "-w $((trm_maxwait / 6))" -I "${trm_iptrule_drop}" 2>&1 + "${trm_logger}" -p "info" -t "trm-vpn [${$}]" "lan forward blocked for device '${trm_landevice}'" 2>/dev/null fi fi - if [ "${vpn_action}" = "disable" ] && [ "${status%% (net cp *}" = "connected" ] - then - if [ -n "$("${trm_iptables}" "-w $((trm_maxwait/6))" -C ${trm_iptrule_accept} 2>&1)" ] && \ - [ -z "$("${trm_iptables}" "-w $((trm_maxwait/6))" -C ${trm_iptrule_drop} 2>&1)" ] - then - "${trm_iptables}" "-w $((trm_maxwait/6))" -I ${trm_iptrule_accept} 2>&1 - f_log "info" "lan forward on ports 80/443 freed for device '${trm_landevice}'" + if [ "${vpn_action}" = "disable" ] && [ "${status%% (net cp *}" = "connected" ]; then + if [ -n "$("${trm_iptables}" "-w $((trm_maxwait / 6))" -C "${trm_iptrule_accept}" 2>&1)" ] && + [ -z "$("${trm_iptables}" "-w $((trm_maxwait / 6))" -C "${trm_iptrule_drop}" 2>&1)" ]; then + "${trm_iptables}" "-w $((trm_maxwait / 6))" -I "${trm_iptrule_accept}" 2>&1 + "${trm_logger}" -p "info" -t "trm-vpn [${$}]" "lan forward on ports 80/443 freed for device '${trm_landevice}'" 2>/dev/null fi fi case "${trm_vpnservice}" in "wireguard") - if [ "${vpn_action}" = "enable" ] && [ "${vpn_status}" != "true" ] - then + if [ "${vpn_action}" = "enable" ] && [ "${vpn_status}" != "true" ]; then ubus call network.interface."${trm_vpniface}" up - elif [ "${vpn_action}" = "disable" ] && [ "${vpn_status}" = "true" ] - then + elif [ "${vpn_action}" = "disable" ] && [ "${vpn_status}" = "true" ]; then ubus call network.interface."${trm_vpniface}" down - f_log "info" "${trm_vpnservice} client connection disabled" + "${trm_logger}" -p "info" -t "trm-vpn [${$}]" "${trm_vpnservice} client connection disabled" 2>/dev/null fi - ;; + ;; "openvpn") - if [ "${vpn_action}" = "enable" ] && [ "${vpn_status}" != "true" ] - then + if [ "${vpn_action}" = "enable" ] && [ "${vpn_status}" != "true" ]; then ubus call network.interface."${trm_vpniface}" up /etc/init.d/openvpn restart >/dev/null 2>&1 - elif [ "${vpn_action}" = "disable" ] && [ "${vpn_status}" = "true" ] - then + elif [ "${vpn_action}" = "disable" ] && [ "${vpn_status}" = "true" ]; then ubus call network.interface."${trm_vpniface}" down /etc/init.d/openvpn stop >/dev/null 2>&1 - f_log "info" "${trm_vpnservice} client connection disabled" + "${trm_logger}" -p "info" -t "trm-vpn [${$}]" "${trm_vpnservice} client connection disabled" 2>/dev/null fi - ;; + ;; esac - if [ "${vpn_action}" = "enable" ] && [ "${vpn_status}" != "true" ] - then + if [ "${vpn_action}" = "enable" ] && [ "${vpn_status}" != "true" ]; then cnt=0 - while true - do + while true; do vpn_status="$(ubus -S call network.interface."${trm_vpniface}" status 2>/dev/null | jsonfilter -l1 -e '@.up')" - if [ "${vpn_status}" = "true" ] - then + if [ "${vpn_status}" = "true" ]; then net_status="$(f_net)" - if [ "${net_status}" = "net ok" ] - then - f_log "info" "${trm_vpnservice} client connection enabled" - if [ -z "$("${trm_iptables}" "-w $((trm_maxwait/6))" -C ${trm_iptrule_drop} 2>&1)" ] - then - "${trm_iptables}" "-w $((trm_maxwait/6))" -D ${trm_iptrule_drop} 2>&1 - if [ -z "$("${trm_iptables}" "-w $((trm_maxwait/6))" -C ${trm_iptrule_accept} 2>&1)" ] - then - "${trm_iptables}" "-w $((trm_maxwait/6))" -D ${trm_iptrule_accept} 2>&1 + if [ "${net_status}" = "net ok" ]; then + "${trm_logger}" -p "info" -t "trm-vpn [${$}]" "${trm_vpnservice} client connection enabled" 2>/dev/null + if [ -z "$("${trm_iptables}" "-w $((trm_maxwait / 6))" -C "${trm_iptrule_drop}" 2>&1)" ]; then + "${trm_iptables}" "-w $((trm_maxwait / 6))" -D "${trm_iptrule_drop}" 2>&1 + if [ -z "$("${trm_iptables}" "-w $((trm_maxwait / 6))" -C "${trm_iptrule_accept}" 2>&1)" ]; then + "${trm_iptables}" "-w $((trm_maxwait / 6))" -D "${trm_iptrule_accept}" 2>&1 fi - f_log "info" "lan forward freed for device '${trm_landevice}'" + "${trm_logger}" -p "info" -t "trm-vpn [${$}]" "lan forward freed for device '${trm_landevice}'" 2>/dev/null fi break fi fi - if [ "${cnt}" -ge "$((trm_maxwait/6))" ] - then - f_log "info" "${trm_vpnservice} restart failed, lan forward for device '${trm_landevice}' still blocked" + if [ "${cnt}" -ge "$((trm_maxwait / 6))" ]; then + "${trm_logger}" -p "info" -t "trm-vpn [${$}]" "${trm_vpnservice} restart failed, lan forward for device '${trm_landevice}' still blocked" 2>/dev/null ubus call network.interface."${trm_vpniface}" down exit 2 fi sleep 1 - cnt="$((cnt+1))" + cnt="$((cnt + 1))" done fi - if [ "${vpn_action}" = "enable" ] && [ "${vpn_status}" = "true" ] - then - if [ -f "/etc/init.d/sysntpd" ] - then + if [ "${vpn_action}" = "enable" ] && [ "${vpn_status}" = "true" ]; then + if [ -f "/etc/init.d/sysntpd" ]; then /etc/init.d/sysntpd restart >/dev/null 2>&1 fi fi diff --git a/net/travelmate/files/travelmate_ntp.hotplug b/net/travelmate/files/travelmate_ntp.hotplug index 2a215e4ba4..6a9be8219a 100755 --- a/net/travelmate/files/travelmate_ntp.hotplug +++ b/net/travelmate/files/travelmate_ntp.hotplug @@ -1,34 +1,19 @@ #!/bin/sh # ntp hotplug script for travelmate -# Copyright (c) 2020 Dirk Brenken (dev@brenken.org) +# Copyright (c) 2020-2021 Dirk Brenken (dev@brenken.org) # This is free software, licensed under the GNU General Public License v3. # set (s)hellcheck exceptions -# shellcheck disable=1091,2016,2039,2059,2086,2143,2181,2188 +# shellcheck disable=3023 trm_init="/etc/init.d/travelmate" trm_ntpfile="/var/state/travelmate.ntp" trm_logger="$(command -v logger)" -f_log() -{ - local class="${1}" log_msg="${2}" - - if [ -x "${trm_logger}" ] - then - "${trm_logger}" -p "${class}" -t "trm-ntp [${$}]" "${log_msg}" - else - printf "%s %s %s\\n" "${class}" "trm-ntp [${$}]" "${log_msg}" - fi -} - -if [ "${ACTION}" = "stratum" ] && [ ! -f "${trm_ntpfile}" ] && [ "$("${trm_init}" enabled; printf "%u" ${?})" = "0" ] -then +if [ "${ACTION}" = "stratum" ] && [ ! -f "${trm_ntpfile}" ] && "${trm_init}" enabled; then { - flock -xn 1001 - if [ "$?" = "0" ] - then - f_log "info" "get ntp time sync" + if flock -xn 1001; then + "${trm_logger}" -p "info" -t "trm-ntp [${$}]" "get ntp time sync" 2>/dev/null "${trm_init}" restart fi } 1001>"${trm_ntpfile}" diff --git a/net/travelmate/files/vodafone.login b/net/travelmate/files/vodafone.login new file mode 100755 index 0000000000..17628da624 --- /dev/null +++ b/net/travelmate/files/vodafone.login @@ -0,0 +1,49 @@ +#!/bin/sh +# captive portal auto-login script for vodafone hotspots (DE) +# Copyright (c) 2021 Dirk Brenken (dev@brenken.org) +# This is free software, licensed under the GNU General Public License v3. + +# set (s)hellcheck exceptions +# shellcheck disable=1091,3040 + +export LC_ALL=C +export PATH="/usr/sbin:/usr/bin:/sbin:/bin" +set -o pipefail + +# source function library if necessary +# +if [ -z "${_C}" ]; then + . "/lib/functions.sh" +fi + +username="${1}" +password="${2}" +trm_domain="hotspot.vodafone.de" +trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0")" +trm_captiveurl="$(uci_get travelmate global trm_captiveurl "http://detectportal.firefox.com")" +trm_maxwait="$(uci_get travelmate global trm_maxwait "30")" +trm_fetch="$(command -v curl)" + +# get sid +# +raw_html="$(${trm_fetch} --user-agent "${trm_useragent}" --referer "http://www.example.com" --connect-timeout $((trm_maxwait / 6)) --write-out "%{redirect_url}" --silent --show-error --output /dev/null "${trm_captiveurl}")" +sid="$(printf "%s" "${raw_html}" 2>/dev/null | awk 'BEGIN{FS="[=&]"}{printf "%s",$2}')" +if [ -z "${sid}" ]; then + exit 1 +fi + +# get session +# +raw_html="$("${trm_fetch}" --user-agent "${trm_useragent}" --referer "http://${trm_domain}/portal/?sid=${sid}" --silent --connect-timeout $((trm_maxwait / 6)) "https://${trm_domain}/api/v4/session?sid=${sid}")" +session="$(printf "%s" "${raw_html}" 2>/dev/null | jsonfilter -q -l1 -e '@.session')" +if [ -z "${session}" ]; then + exit 2 +fi + +# final login request +# +raw_html="$("${trm_fetch}" --user-agent "${trm_useragent}" --referer "http://${trm_domain}/portal/?sid=${sid}" --silent --connect-timeout $((trm_maxwait / 6)) --data "accessType=csc-community&accountType=csc&loginProfile=4&password=${password}&session=${session}&username=${username}&save=true" "https://${trm_domain}/api/v4/login?sid=${sid}")" +success="$(printf "%s" "${raw_html}" 2>/dev/null | jsonfilter -q -l1 -e '@.success')" +if [ "${success}" != "true" ]; then + exit 3 +fi diff --git a/net/travelmate/files/wifionice.login b/net/travelmate/files/wifionice.login index c74a2bf14d..316c747013 100755 --- a/net/travelmate/files/wifionice.login +++ b/net/travelmate/files/wifionice.login @@ -1,41 +1,38 @@ #!/bin/sh -# captive portal auto-login script for german ICE hotspots -# Copyright (c) 2020 Dirk Brenken (dev@brenken.org) +# captive portal auto-login script for ICE hotspots (DE) +# Copyright (c) 2020-2021 Dirk Brenken (dev@brenken.org) # This is free software, licensed under the GNU General Public License v3. # set (s)hellcheck exceptions -# shellcheck disable=1091,2016,2039,2059,2086,2143,2181,2188 +# shellcheck disable=1091,2181,3040 export LC_ALL=C export PATH="/usr/sbin:/usr/bin:/sbin:/bin" set -o pipefail -if [ "$(uci_get 2>/dev/null; printf "%u" "${?}")" = "127" ] -then - . "/lib/functions.sh" +# source function library if necessary +# +if [ -z "${_C}" ]; then + . "/lib/functions.sh" fi trm_domain="www.wifionice.de" -trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (Linux x86_64; rv:80.0) Gecko/20100101 Firefox/80.0")" +trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0")" trm_maxwait="$(uci_get travelmate global trm_maxwait "30")" trm_fetch="$(command -v curl)" -# initial get request to receive & extract a valid security token +# get security token # -"${trm_fetch}" --user-agent "${trm_useragent}" --referer "http://www.example.com" --silent --connect-timeout $((trm_maxwait/6)) --cookie-jar "/tmp/${trm_domain}.cookie" --output /dev/null "http://${trm_domain}/en/" -if [ -f "/tmp/${trm_domain}.cookie" ] -then - sec_token="$(awk '/csrf/{print $7}' "/tmp/${trm_domain}.cookie")" - rm -f "/tmp/${trm_domain}.cookie" -else - exit 2 +"${trm_fetch}" --user-agent "${trm_useragent}" --referer "http://www.example.com" --silent --connect-timeout $((trm_maxwait / 6)) --cookie-jar "/tmp/${trm_domain}.cookie" --output /dev/null "http://${trm_domain}/en/" +sec_token="$(awk '/csrf/{print $7}' "/tmp/${trm_domain}.cookie" 2>/dev/null)" +rm -f "/tmp/${trm_domain}.cookie" +if [ -z "${sec_token}" ]; then + exit 1 fi -# final post request/login with valid session cookie/security token +# final post request # -if [ -n "${sec_token}" ] -then - "${trm_fetch}" --user-agent "${trm_useragent}" --silent --connect-timeout $((trm_maxwait/6)) --header "Cookie: csrf=${sec_token}" --data "login=true&CSRFToken=${sec_token}&connect=" --output /dev/null "http://${trm_domain}/en/" -else - exit 3 +"${trm_fetch}" --user-agent "${trm_useragent}" --silent --connect-timeout $((trm_maxwait / 6)) --header "Cookie: csrf=${sec_token}" --data "login=true&CSRFToken=${sec_token}&connect=" --output /dev/null "http://${trm_domain}/en/" +if [ "${?}" != "0" ]; then + exit 2 fi diff --git a/net/uacme/Makefile b/net/uacme/Makefile index 5f017cc75c..9f2d6d7e86 100644 --- a/net/uacme/Makefile +++ b/net/uacme/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=uacme -PKG_VERSION:=1.7 +PKG_VERSION:=1.7.1 PKG_RELEASE:=$(AUTORELEASE) PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/ndilieto/uacme/tar.gz/upstream/$(PKG_VERSION)? -PKG_HASH:=32ca99851194cadb16c05f3c5d32892b0b93fc247321de2b560fa0f667e6cf04 +PKG_HASH:=36027a587256cbaa86650cec2a5b3eb000480e1150bd83941565661b392625ac PKG_MAINTAINER:=Lucian Cristian PKG_LICENSE:=GPL-3.0-or-later diff --git a/net/vpn-policy-routing/Makefile b/net/vpn-policy-routing/Makefile index f5ac833384..d1476bbc42 100644 --- a/net/vpn-policy-routing/Makefile +++ b/net/vpn-policy-routing/Makefile @@ -4,8 +4,8 @@ include $(TOPDIR)/rules.mk PKG_NAME:=vpn-policy-routing -PKG_VERSION:=0.3.2 -PKG_RELEASE:=20 +PKG_VERSION:=0.3.5 +PKG_RELEASE:=1 PKG_LICENSE:=GPL-3.0-or-later PKG_MAINTAINER:=Stan Grishin @@ -39,8 +39,8 @@ define Package/vpn-policy-routing/install $(INSTALL_DIR) $(1)/etc/init.d $(1)/etc/config $(1)/etc/hotplug.d/firewall $(1)/etc/ $(INSTALL_BIN) ./files/vpn-policy-routing.init $(1)/etc/init.d/vpn-policy-routing $(SED) "s|^\(PKG_VERSION\).*|\1='$(PKG_VERSION)-$(PKG_RELEASE)'|" $(1)/etc/init.d/vpn-policy-routing - $(INSTALL_CONF) ./files/vpn-policy-routing.conf $(1)/etc/config/vpn-policy-routing - $(INSTALL_DATA) ./files/vpn-policy-routing.firewall.hotplug $(1)/etc/hotplug.d/firewall/99-vpn-policy-routing + $(INSTALL_CONF) ./files/vpn-policy-routing.config $(1)/etc/config/vpn-policy-routing + $(INSTALL_DATA) ./files/vpn-policy-routing.firewall.hotplug $(1)/etc/hotplug.d/firewall/70-vpn-policy-routing $(INSTALL_DATA) ./files/vpn-policy-routing.aws.user $(1)/etc/vpn-policy-routing.aws.user $(INSTALL_DATA) ./files/vpn-policy-routing.netflix.user $(1)/etc/vpn-policy-routing.netflix.user endef diff --git a/net/vpn-policy-routing/files/vpn-policy-routing.aws.user b/net/vpn-policy-routing/files/vpn-policy-routing.aws.user index a00770be75..4f99ed5e43 100644 --- a/net/vpn-policy-routing/files/vpn-policy-routing.aws.user +++ b/net/vpn-policy-routing/files/vpn-policy-routing.aws.user @@ -9,7 +9,7 @@ TARGET_FNAME="/var/vpn-policy-routing_tmp_aws_ip_ranges" _ret=1 if [ ! -s "$TARGET_FNAME" ]; then - curl "$TARGET_URL" 2>/dev/null | grep "ip_prefix" | sed 's/^.*\"ip_prefix\": \"//; s/\",//' > "$TARGET_FNAME" + uclient-fetch --no-check-certificate -qO- "$TARGET_URL" 2>/dev/null | grep "ip_prefix" | sed 's/^.*\"ip_prefix\": \"//; s/\",//' > "$TARGET_FNAME" fi if [ -s "$TARGET_FNAME" ]; then awk -v ipset="$TARGET_IPSET" '{print "add " ipset " " $1}' "$TARGET_FNAME" | ipset restore -! && _ret=0 diff --git a/net/vpn-policy-routing/files/vpn-policy-routing.conf b/net/vpn-policy-routing/files/vpn-policy-routing.conf deleted file mode 100644 index ed6f01cdd4..0000000000 --- a/net/vpn-policy-routing/files/vpn-policy-routing.conf +++ /dev/null @@ -1,30 +0,0 @@ -config vpn-policy-routing 'config' - option enabled '0' - option verbosity '2' - option strict_enforcement '1' - option src_ipset '0' - option dest_ipset '0' - option resolver_ipset 'dnsmasq.ipset' - option ipv6_enabled '0' - list ignored_interface 'vpnserver wgserver' - option boot_timeout '30' - option iptables_rule_option 'append' - option procd_reload_delay '1' - option webui_enable_column '0' - option webui_protocol_column '0' - option webui_chain_column '0' - option webui_show_ignore_target '0' - option webui_sorting '1' - list webui_supported_protocol 'tcp' - list webui_supported_protocol 'udp' - list webui_supported_protocol 'tcp udp' - list webui_supported_protocol 'icmp' - list webui_supported_protocol 'all' - -config include - option path '/etc/vpn-policy-routing.netflix.user' - option enabled 0 - -config include - option path '/etc/vpn-policy-routing.aws.user' - option enabled 0 diff --git a/net/vpn-policy-routing/files/vpn-policy-routing.config b/net/vpn-policy-routing/files/vpn-policy-routing.config new file mode 100644 index 0000000000..ed6f01cdd4 --- /dev/null +++ b/net/vpn-policy-routing/files/vpn-policy-routing.config @@ -0,0 +1,30 @@ +config vpn-policy-routing 'config' + option enabled '0' + option verbosity '2' + option strict_enforcement '1' + option src_ipset '0' + option dest_ipset '0' + option resolver_ipset 'dnsmasq.ipset' + option ipv6_enabled '0' + list ignored_interface 'vpnserver wgserver' + option boot_timeout '30' + option iptables_rule_option 'append' + option procd_reload_delay '1' + option webui_enable_column '0' + option webui_protocol_column '0' + option webui_chain_column '0' + option webui_show_ignore_target '0' + option webui_sorting '1' + list webui_supported_protocol 'tcp' + list webui_supported_protocol 'udp' + list webui_supported_protocol 'tcp udp' + list webui_supported_protocol 'icmp' + list webui_supported_protocol 'all' + +config include + option path '/etc/vpn-policy-routing.netflix.user' + option enabled 0 + +config include + option path '/etc/vpn-policy-routing.aws.user' + option enabled 0 diff --git a/net/vpn-policy-routing/files/vpn-policy-routing.init b/net/vpn-policy-routing/files/vpn-policy-routing.init index 0950698232..b15b1af498 100755 --- a/net/vpn-policy-routing/files/vpn-policy-routing.init +++ b/net/vpn-policy-routing/files/vpn-policy-routing.init @@ -1,6 +1,6 @@ #!/bin/sh /etc/rc.common # Copyright 2017-2020 Stan Grishin (stangri@melmac.net) -# shellcheck disable=SC2039,SC1091,SC2018,SC2019 +# shellcheck disable=SC2039,SC1091,SC2018,SC2019,SC3043,SC3057,SC3060 PKG_VERSION='dev-test' # sysctl net.ipv4.conf.default.rp_filter=1 @@ -18,9 +18,10 @@ if type extra_command 1>/dev/null 2>&1; then WARNING: while paste.ee uploads are unlisted, they are still publicly available List domain names after options to include their lookup in report" extra_command 'version' 'Show version information' + extra_command 'reload_interface' 'Reload specific interface only' else # shellcheck disable=SC2034 - EXTRA_COMMANDS='support version' + EXTRA_COMMANDS='reload_interface support version' # shellcheck disable=SC2034 EXTRA_HELP=" support Generates output required to troubleshoot routing issues Use '-d' option for more detailed output @@ -50,15 +51,12 @@ wanIface4=''; wanIface6=''; ifaceMark=''; ifaceTableID=''; ifAll=''; ifSupported=''; ignoredIfaces=''; supportedIfaces=''; icmpIface=''; wanGW4=''; wanGW6=''; bootTimeout=''; insertOption=''; webuiChainColumn=''; webuiShowIgnore=''; dnsmasqIpsetSupported=''; -procdReloadDelay=''; +procdReloadDelay=''; mainTableListing=''; usedChainsList='PREROUTING' ipsetSupported='true' configLoaded='false' version() { echo "$PKG_VERSION"; } -create_lock() { [ -e "$PIDFile" ] && return 1; touch "$PIDFile"; } -remove_lock() { [ -e "$PIDFile" ] && rm -f "$PIDFile"; } -trap remove_lock EXIT output_ok() { output 1 "$_OK_"; output 2 "$__OK__\\n"; } output_okn() { output 1 "$_OK_\\n"; output 2 "$__OK__\\n"; } output_fail() { s=1; output 1 "$_FAIL_"; output 2 "$__FAIL__\\n"; } @@ -75,7 +73,7 @@ output() { # Can take a single parameter (text) to be output at any verbosity # Or target verbosity level and text to be output at specifc verbosity local msg memmsg logmsg - if [ $# -ne 1 ]; then + if [ "$#" -ne 1 ]; then if [ $((verbosity & $1)) -gt 0 ] || [ "$verbosity" = "$1" ]; then shift; else return 0; fi fi [ -t 1 ] && printf "%b" "$1" @@ -125,7 +123,7 @@ vpr_get_gateway6() { } is_l2tp() { local proto; proto=$(uci -q get network."$1".proto); [ "${proto:0:4}" = "l2tp" ]; } is_oc() { local proto; proto=$(uci -q get network."$1".proto); [ "${proto:0:11}" = "openconnect" ]; } -is_ovpn() { local dev; dev=$(uci -q get network."$1".ifname); [ "${dev:0:3}" = "tun" ] || [ "${dev:0:3}" = "tap" ] || [ -f "/sys/devices/virtual/net/${dev}/tun_flags" ]; } +is_ovpn() { local dev i; for i in ifname device; do [ -z "$dev" ] && dev="$(uci -q get "network.${1}.${i}")"; done; [ "${dev:0:3}" = "tun" ] || [ "${dev:0:3}" = "tap" ] || [ -f "/sys/devices/virtual/net/${dev}/tun_flags" ]; } is_pptp() { local proto; proto=$(uci -q get network."$1".proto); [ "${proto:0:4}" = "pptp" ]; } is_tor() { [ "$(str_to_lower "$1")" = "tor" ]; } is_tor_running() { @@ -160,13 +158,15 @@ dnsmasq_kill() { killall -q -HUP dnsmasq; } dnsmasq_restart() { output 3 'Restarting DNSMASQ '; if /etc/init.d/dnsmasq restart >/dev/null 2>&1; then output_okn; else output_failn; fi; } is_default_dev() { [ "$1" = "$(ip -4 r | grep -m1 'dev' | grep -Eso 'dev [^ ]*' | awk '{print $2}')" ]; } is_supported_iface_dev() { + local n for n in $ifSupported; do if [ "$1" = "$(uci -q get "network.${n}.ifname" || echo "$n")" ] || \ + [ "$1" = "$(uci -q get "network.${n}.device" || echo "$n")" ] || \ [ "$1" = "$(uci -q get "network.${n}.proto")-${n}" ] ; then return 0; fi done return 1 } -is_supported_protocol () { grep -o '^[^#]*' /etc/protocols | grep -w -v '0' | grep . | awk '{print $1}' | grep -q "$1"; } +is_supported_protocol() { grep -o '^[^#]*' /etc/protocols | grep -w -v '0' | grep . | awk '{print $1}' | grep -q "$1"; } append_chains_targets() { local chain iface name config_get name "$1" 'name' 'blank' @@ -195,6 +195,7 @@ load_package_config() { config_get_bool ipv6Enabled 'config' 'ipv6_enabled' 0 config_get_bool srcIpset 'config' 'src_ipset' 0 config_get_bool destIpset 'config' 'dest_ipset' 0 + config_get_bool mainTableListing 'config' 'quick_table_create' 0 config_get resolverIpset 'config' 'resolver_ipset' 'dnsmasq.ipset' config_get verbosity 'config' 'verbosity' '2' config_get wanTableID 'config' 'wan_tid' '201' @@ -220,6 +221,12 @@ load_package_config() { mkdir -p "${jsonFile%/*}" mkdir -p "${dnsmasqFile%/*}" + if [ "$mainTableListing" -ne 0 ]; then + mainTableListing='default' + else + mainTableListing='' + fi + if [ -n "$icmpIface" ] && ! str_contains_word "$usedChainsList" 'OUTPUT'; then usedChainsList="$usedChainsList OUTPUT" fi @@ -482,7 +489,7 @@ insert_policy() { return 0 } -r_process_policy(){ +r_process_policy() { local comment="$1" iface="$2" laddr="$3" lport="$4" raddr="$5" rport="$6" proto="$7" chain="$8" resolved_laddr resolved_raddr i ipsFailFlag if str_contains "$laddr" '[ ;\{\}]'; then for i in $(str_extras_to_space "$laddr"); do [ -n "$i" ] && r_process_policy "$comment" "$iface" "$i" "$lport" "$raddr" "$rport" "$proto" "$chain"; done @@ -546,7 +553,7 @@ r_process_policy(){ fi } -process_policy(){ +process_policy() { local name comment iface laddr lport raddr rport param mark processPolicyError processPolicyWarning proto chain enabled config_get comment "$1" 'comment' config_get name "$1" 'name' 'blank' @@ -597,22 +604,18 @@ process_policy(){ fi } -table_destroy(){ +table_destroy() { local tid="$1" iface="$2" mark="$3" if [ -n "$tid" ] && [ -n "$iface" ] && [ -n "$mark" ]; then ipt -t mangle -F "VPR_MARK${mark}" ipt -t mangle -X "VPR_MARK${mark}" - ip -4 rule del fwmark "$mark" table "$tid" >/dev/null 2>&1 - ip -6 rule del fwmark "$mark" table "$tid" >/dev/null 2>&1 - ip -4 rule del table "$tid" >/dev/null 2>&1 - ip -6 rule del table "$tid" >/dev/null 2>&1 - ip -4 route flush table "$tid" >/dev/null 2>&1 - ip -6 route flush table "$tid" >/dev/null 2>&1 + ip rule del fwmark "$mark" table "$tid" >/dev/null 2>&1 + ip rule del table "$tid" >/dev/null 2>&1 + ip route flush table "$tid" >/dev/null 2>&1 ips 'flush' "${iface}"; ips 'destroy' "${iface}"; ips 'flush' "${iface}_ip"; ips 'destroy' "${iface}_ip"; ips 'flush' "${iface}_mac"; ips 'destroy' "${iface}_mac"; - ip -4 route flush cache - ip -6 route flush cache + ip route flush cache sed -i "/$iface/d" /etc/iproute2/rt_tables return 0 else @@ -621,31 +624,33 @@ table_destroy(){ } # shellcheck disable=SC2086 -table_create(){ - local tid="$1" mark="$2" iface="$3" gw4="$4" dev="$5" gw6="$6" dev6="$7" dscp s=0 i ipv4_error=0 ipv6_error=1 +table_create() { + local tid="$1" mark="$2" iface="$3" gw4="$4" dev="$5" gw6="$6" dev6="$7" match="$8" dscp s=0 i ipv4_error=0 ipv6_error=1 if [ -z "$tid" ] || [ -z "$mark" ] || [ -z "$iface" ]; then return 1 fi - table_destroy "$tid" "$iface" "$mark" + sed -i "/$iface/d" /etc/iproute2/rt_tables + ip route flush table "$tid" >/dev/null 2>&1 if [ -n "$gw4" ] || [ "$strictMode" -ne 0 ]; then - echo "$tid" "$iface" >> /etc/iproute2/rt_tables + echo "$tid $iface" >> /etc/iproute2/rt_tables if [ -z "$gw4" ]; then ip -4 route add unreachable default table "$tid" >/dev/null 2>&1 || ipv4_error=1 else ip -4 route add default via "$gw4" dev "$dev" table "$tid" >/dev/null 2>&1 || ipv4_error=1 fi -# ip -4 route list table main | grep -v 'br-lan' | while read -r i; do - ip -4 route list table main | while read -r i; do + while read -r i; do idev="$(echo "$i" | grep -Eso 'dev [^ ]*' | awk '{print $2}')" if ! is_supported_iface_dev "$idev"; then ip -4 route add $i table "$tid" >/dev/null 2>&1 || ipv4_error=1 fi - done - ip -4 route flush cache || ipv4_error=1 - ip -4 rule add fwmark "${mark}/${fwMask}" table "$tid" || ipv4_error=1 + done << EOF +$(ip -4 route list $mainTableListing table main) +EOF + [ -n "$(ip rule list fwmark "${mark}/${fwMask}" table "$tid")" ] || \ + ip rule add fwmark "${mark}/${fwMask}" table "$tid" || ipv4_error=1 ipt -t mangle -N "VPR_MARK${mark}" || ipv4_error=1 ipt -t mangle -A "VPR_MARK${mark}" -j MARK --set-xmark "${mark}/${fwMask}" || ipv4_error=1 ipt -t mangle -A "VPR_MARK${mark}" -j RETURN || ipv4_error=1 @@ -657,16 +662,16 @@ table_create(){ if [ -z "$gw6" ] || [ "$gw6" = "::/0" ]; then ip -6 route add unreachable default table "$tid" || ipv6_error=1 else - ip -6 route list table main | grep " dev $dev6 " | while read -r i; do + while read -r i; do ip -6 route add $i table "$tid" >/dev/null 2>&1 || ipv6_error=1 - done + done << EOF +$(ip -6 route list $mainTableListing table main | grep " dev $dev6 ") +EOF fi - ip -6 route flush cache || ipv6_error=1 - ip -6 rule add fwmark "${mark}/${fwMask}" table "$tid" || ipv6_error=1 fi fi - if [ $ipv4_error -eq 0 ] || [ $ipv6_error -eq 0 ]; then + if [ "$ipv4_error" -eq 0 ] || [ "$ipv6_error" -eq 0 ]; then dscp="$(uci -q get "${packageName}".config."${iface}"_dscp)" if [ "${dscp:-0}" -ge 1 ] && [ "${dscp:-0}" -le 63 ]; then ipt -t mangle -I VPR_PREROUTING -m dscp --dscp "${dscp}" -g "VPR_MARK${mark}" || s=1 @@ -704,8 +709,59 @@ table_create(){ return $s } -process_interface(){ - local gw4 gw6 dev dev6 s=0 dscp iface="$1" action="$2" displayText +table_reload() { + local tid="$1" mark="$2" iface="$3" gw4="$4" dev="$5" gw6="$6" dev6="$7" match="$8" dscp s=0 i ipv4_error=0 ipv6_error=1 + + if [ -z "$tid" ] || [ -z "$mark" ] || [ -z "$iface" ]; then + return 1 + fi + + ip -4 route del default table "$tid" >/dev/null 2>&1 + if [ -n "$gw4" ] || [ "$strictMode" -ne 0 ]; then + if [ -z "$gw4" ]; then + ip -4 route add unreachable default table "$tid" >/dev/null 2>&1 || ipv4_error=1 + else + ip -4 route add default via "$gw4" dev "$dev" table "$tid" >/dev/null 2>&1 || ipv4_error=1 + fi + ip -4 route flush cache || ipv4_error=1 + ip -4 rule del fwmark "${mark}/${fwMask}" table "$tid" >/dev/null 2>&1 + ip -4 rule add fwmark "${mark}/${fwMask}" table "$tid" || ipv4_error=1 + fi + + if [ "$ipv6Enabled" -ne 0 ]; then + ip -6 route del default table "$tid" >/dev/null 2>&1 + ipv6_error=0 + if { [ -n "$gw6" ] && [ "$gw6" != "::/0" ]; } || [ "$strictMode" -ne 0 ]; then + if [ -z "$gw6" ] || [ "$gw6" = "::/0" ]; then + ip -6 route add unreachable default table "$tid" || ipv6_error=1 + else + ip -6 route list table main | grep " dev $dev6 " | while read -r i; do + ip -6 route add "$i" table "$tid" >/dev/null 2>&1 || ipv6_error=1 + done + fi + ip -6 route flush cache || ipv6_error=1 + ip -6 rule del fwmark "${mark}/${fwMask}" table "$tid" >/dev/null 2>&1 + ip -6 rule add fwmark "${mark}/${fwMask}" table "$tid" || ipv6_error=1 + fi + fi + + if [ "$ipv4_error" -eq 0 ] || [ "$ipv6_error" -eq 0 ]; then + dscp="$(uci -q get "${packageName}".config."${iface}"_dscp)" + if [ "${dscp:-0}" -ge 1 ] && [ "${dscp:-0}" -le 63 ]; then + ipt -t mangle -I VPR_PREROUTING -m dscp --dscp "${dscp}" -g "VPR_MARK${mark}" || s=1 + fi + if [ "$iface" = "$icmpIface" ]; then + ipt -t mangle -I VPR_OUTPUT -p icmp -g "VPR_MARK${mark}" || s=1 + fi + else + s=1 + fi + + return $s +} + +process_interface() { + local gw4 gw6 dev dev6 s=0 dscp iface="$1" action="$2" match="$3" displayText is_supported_interface "$iface" || return 0 is_wan6 "$iface" && return 0 @@ -713,9 +769,11 @@ process_interface(){ network_get_device dev "$iface" [ -z "$dev" ] && config_get dev "$iface" 'ifname' + [ -z "$dev" ] && config_get dev "$iface" 'device' if is_wan "$iface" && [ -n "$wanIface6" ]; then network_get_device dev6 "$wanIface6" [ -z "$dev6" ] && config_get dev6 "$wanIface6" 'ifname' + [ -z "$dev6" ] && config_get dev6 "$wanIface6" 'device' fi [ -z "$dev6" ] && dev6="$dev" @@ -729,7 +787,6 @@ process_interface(){ create) eval "mark_${iface//-/_}"='$ifaceMark' eval "tid_${iface//-/_}"='$ifaceTableID' - table_destroy "${ifaceTableID}" "${iface}" vpr_get_gateway gw4 "$iface" "$dev" vpr_get_gateway6 gw6 "$iface" "$dev6" if [ "$iface" = "$dev" ]; then @@ -738,14 +795,29 @@ process_interface(){ displayText="${iface}/${dev}/${gw4:-0.0.0.0}" fi [ "$ipv6Enabled" -ne 0 ] && displayText="${displayText}/${gw6:-::/0}" - output 2 "Creating table '$displayText' " - is_default_dev "$dev" && displayText="${displayText} ${__OK__}" - if table_create "$ifaceTableID" "$ifaceMark" "$iface" "$gw4" "$dev" "$gw6" "$dev6"; then - gatewaySummary="${gatewaySummary}${displayText}\\n" - output_ok + if [ -z "$match" ]; then + output 2 "Creating table '$displayText' " + is_default_dev "$dev" && displayText="${displayText} ${__OK__}" + if table_create "$ifaceTableID" "$ifaceMark" "$iface" "$gw4" "$dev" "$gw6" "$dev6" "$match"; then + gatewaySummary="${gatewaySummary}${displayText}\\n" + output_ok + else + errorSummary="${errorSummary}${_ERROR_}: Failed to set up '$displayText'\\n" + output_fail + fi + elif [ "$iface" = "$match" ]; then + output 2 "Reloading table '$displayText' " + is_default_dev "$dev" && displayText="${displayText} ${__OK__}" + if table_reload "$ifaceTableID" "$ifaceMark" "$iface" "$gw4" "$dev" "$gw6" "$dev6" "$match"; then + gatewaySummary="${gatewaySummary}${displayText}\\n" + output_ok + else + errorSummary="${errorSummary}${_ERROR_}: Failed to reload '$displayText'\\n" + output_fail + fi else - errorSummary="${errorSummary}${_ERROR_}: Failed to set up '$displayText'\\n" - output_fail + is_default_dev "$dev" && displayText="${displayText} ${__OK__}" + gatewaySummary="${gatewaySummary}${displayText}\\n" fi ifaceTableID="$((ifaceTableID + 1))"; ifaceMark="$(printf '0x%06x' $((ifaceMark + wanMark)))"; ;; @@ -753,7 +825,7 @@ process_interface(){ return $s } -process_tor_interface(){ +process_tor_interface() { local s=0 iface="$1" action="$2" displayText case "$action" in destroy) @@ -783,7 +855,7 @@ process_tor_interface(){ s=1 fi displayText="${iface}/53->${dnsPort}/80,443->${transPort}" - if [ "$s" -eq "0" ]; then + if [ "$s" -eq 0 ]; then gatewaySummary="${gatewaySummary}${displayText}\\n" output_ok else @@ -795,7 +867,7 @@ process_tor_interface(){ return $s } -convert_config(){ +convert_config() { local i src_ipset dest_ipset resolver_ipset [ -s "/etc/config/${packageName}" ] || return 0 grep -q "ignored_interfaces" "/etc/config/${packageName}" && sed -i 's/ignored_interfaces/ignored_interface/g' "/etc/config/${packageName}" @@ -853,8 +925,8 @@ convert_config(){ done } -check_config(){ local en; config_get_bool en "$1" 'enabled' 1; [ "$en" -gt 0 ] && _cfg_enabled=0; } -is_config_enabled(){ +check_config() { local en; config_get_bool en "$1" 'enabled' 1; [ "$en" -gt 0 ] && _cfg_enabled=0; } +is_config_enabled() { local cfg="$1" _cfg_enabled=1 [ -n "$1" ] || return 1 config_load "$packageName" @@ -862,7 +934,7 @@ is_config_enabled(){ return "$_cfg_enabled" } -process_user_file(){ +process_user_file() { local path enabled shellBin="${SHELL:-/bin/ash}" config_get_bool enabled "$1" 'enabled' 1 config_get path "$1" 'path' @@ -893,37 +965,46 @@ process_user_file(){ fi } +boot() { rc_procd start_service && rc_procd service_triggers; } + start_service() { - local dnsmasqStoredHash dnsmasqNewHash i modprobeStatus=0 + local dnsmasqStoredHash dnsmasqNewHash i modprobeStatus=0 reloadedIface="$1" convert_config is_enabled 'on_start' || return 1 is_wan_up || return 1 - if create_lock; then - if [ -s "$dnsmasqFile" ]; then - dnsmasqStoredHash="$(md5sum $dnsmasqFile | awk '{ print $1; }')" - rm -f "$dnsmasqFile" - fi - for i in xt_set ip_set ip_set_hash_ip; do - modprobe "$i" >/dev/null 2>/dev/null || modprobeStatus=$((modprobeStatus + 1)) - done + iptables -t 'mangle' --list 'VPR_PREROUTING' >/dev/null 2>&1 || unset reloadedIface + [ -n "$(tmpfs get status)" ] || unset reloadedIface - if [ "$modprobeStatus" -gt 0 ] && ! is_chaos_calmer; then - errorSummary="${errorSummary}${_ERROR_}: Failed to load kernel modules\\n" - fi + if [ -s "$dnsmasqFile" ]; then + dnsmasqStoredHash="$(md5sum $dnsmasqFile | awk '{ print $1; }')" + rm -f "$dnsmasqFile" + fi + for i in xt_set ip_set ip_set_hash_ip; do + modprobe "$i" >/dev/null 2>/dev/null || modprobeStatus=$((modprobeStatus + 1)) + done + + if [ "$modprobeStatus" -gt 0 ] && ! is_chaos_calmer; then + errorSummary="${errorSummary}${_ERROR_}: Failed to load kernel modules\\n" + fi + + if [ -z "$reloadedIface" ]; then for i in $usedChainsList; do ipt -t mangle -N "VPR_${i}" ipt -t mangle "$insertOption" "$i" -m mark --mark "0x0/${fwMask}" -j "VPR_${i}" done + fi + if [ -z "$reloadedIface" ]; then output 1 'Processing Interfaces ' config_load 'network'; config_foreach process_interface 'interface' 'create'; process_tor_interface 'tor' 'destroy'; is_tor_running && process_tor_interface 'tor' 'create'; + ip route flush cache output 1 '\n' if is_config_enabled 'policy'; then output 1 'Processing Policies ' - config_load "$packageName"; config_foreach process_policy 'policy'; + config_load "$packageName"; config_foreach process_policy 'policy' "$reloadedIface"; output 1 '\n' fi if is_config_enabled 'include'; then @@ -931,38 +1012,37 @@ start_service() { config_load "$packageName"; config_foreach process_user_file 'include'; output 1 '\n' fi + else + output 1 "Reloading Interface: $reloadedIface " + config_load 'network'; config_foreach process_interface 'interface' 'create' "$reloadedIface"; + output 1 '\n' + fi - if [ -s "$dnsmasqFile" ]; then - dnsmasqNewHash="$(md5sum $dnsmasqFile | awk '{ print $1; }')" - fi - [ "$dnsmasqNewHash" != "$dnsmasqStoredHash" ] && dnsmasq_restart + if [ -s "$dnsmasqFile" ]; then + dnsmasqNewHash="$(md5sum $dnsmasqFile | awk '{ print $1; }')" + fi + [ "$dnsmasqNewHash" != "$dnsmasqStoredHash" ] && dnsmasq_restart - if [ -z "$gatewaySummary" ]; then - errorSummary="${errorSummary}${_ERROR_}: failed to set up any gateway!\\n" - fi - procd_open_instance "main" - procd_set_param command /bin/true - procd_set_param stdout 1 - procd_set_param stderr 1 - procd_open_data - json_add_array 'status' - json_add_object '' - [ -n "$gatewaySummary" ] && json_add_string gateway "$gatewaySummary" - [ -n "$errorSummary" ] && json_add_string error "$errorSummary" - [ -n "$warningSummary" ] && json_add_string warning "$warningSummary" - if [ "$strictMode" -ne 0 ] && str_contains "$gatewaySummary" '0.0.0.0'; then - json_add_string mode "strict" - fi - json_close_object - json_close_array - procd_close_data - procd_close_instance - remove_lock - else - output "$serviceName: another instance of ${packageName} is currently running " - output_failn - return 1 + if [ -z "$gatewaySummary" ]; then + errorSummary="${errorSummary}${_ERROR_}: failed to set up any gateway!\\n" fi + procd_open_instance "main" + procd_set_param command /bin/true + procd_set_param stdout 1 + procd_set_param stderr 1 + procd_open_data + json_add_array 'status' + json_add_object '' + [ -n "$gatewaySummary" ] && json_add_string gateway "$gatewaySummary" + [ -n "$errorSummary" ] && json_add_string error "$errorSummary" + [ -n "$warningSummary" ] && json_add_string warning "$warningSummary" + if [ "$strictMode" -ne 0 ] && str_contains "$gatewaySummary" '0.0.0.0'; then + json_add_string mode "strict" + fi + json_close_object + json_close_array + procd_close_data + procd_close_instance } tmpfs() { @@ -1025,30 +1105,25 @@ service_started() { stop_service() { local i iptables -t mangle -L | grep -q VPR_PREROUTING || return 0 - if create_lock; then - load_package_config - for i in PREROUTING FORWARD INPUT OUTPUT; do - ipt -t mangle -D "${i}" -m mark --mark "0x0/${fwMask}" -j "VPR_${i}" - ipt -t mangle -F "VPR_${i}"; ipt -t mangle -X "VPR_${i}"; - done - config_load 'network'; config_foreach process_interface 'interface' 'destroy'; - process_tor_interface 'tor' 'destroy' - unset ifaceTableID; unset ifaceMark; - if [ -s "$dnsmasqFile" ]; then - rm -f "$dnsmasqFile" - dnsmasq_restart - fi - if [ "$serviceEnabled" -ne 0 ]; then - output "$serviceName stopped "; output_okn; - fi - remove_lock - else - output "$serviceName: another instance of ${packageName} is currently running "; output_failn; - return 1 + load_package_config + for i in PREROUTING FORWARD INPUT OUTPUT; do + ipt -t mangle -D "${i}" -m mark --mark "0x0/${fwMask}" -j "VPR_${i}" + ipt -t mangle -F "VPR_${i}"; ipt -t mangle -X "VPR_${i}"; + done + config_load 'network'; config_foreach process_interface 'interface' 'destroy'; + process_tor_interface 'tor' 'destroy' + unset ifaceTableID; unset ifaceMark; + if [ -s "$dnsmasqFile" ]; then + rm -f "$dnsmasqFile" + dnsmasq_restart + fi + if [ "$serviceEnabled" -ne 0 ]; then + output "$serviceName stopped "; output_okn; fi } -# shellcheck disable=SC2119 +reload_interface() { rc_procd start_service "$1"; } + service_triggers() { local n is_enabled || return 1 @@ -1070,7 +1145,9 @@ service_triggers() { procd_add_service_trigger "service.restart" "firewall" /etc/init.d/${packageName} reload fi procd_add_config_trigger "config.change" "${packageName}" /etc/init.d/${packageName} reload - for n in $ifSupported; do procd_add_reload_interface_trigger "$n"; procd_add_interface_trigger "interface.*" "$n" /etc/init.d/${packageName} reload; done; + for n in $ifSupported; do + procd_add_interface_trigger "interface.*" "$n" /etc/init.d/${packageName} reload_interface "$n" + done procd_close_trigger output 3 "$serviceName monitoring interfaces: $ifSupported"; output_okn; @@ -1085,10 +1162,12 @@ support() { json_load "$(ubus call system board)"; json_select release; json_get_var dist distribution; json_get_var vers version if [ -n "$wanIface4" ]; then network_get_gateway wanGW4 "$wanIface4" - dev="$(uci -q get network."${wanIface4}".ifname)" + [ -z "$dev" ] && dev="$(uci -q get network."${wanIface4}".ifname)" + [ -z "$dev" ] && dev="$(uci -q get network."${wanIface4}".device)" fi if [ -n "$wanIface6" ]; then - dev6="$(uci -q get network."${wanIface6}".ifname)" + [ -z "$dev6" ] && dev6="$(uci -q get network."${wanIface6}".ifname)" + [ -z "$dev6" ] && dev6="$(uci -q get network."${wanIface6}".device)" wanGW6=$(ip -6 route show | grep -m1 " dev $dev6 " | awk '{print $1}') [ "$wanGW6" = "default" ] && wanGW6=$(ip -6 route show | grep -m1 " dev $dev6 " | awk '{print $3}') fi diff --git a/net/vpn-policy-routing/files/vpn-policy-routing.netflix.user b/net/vpn-policy-routing/files/vpn-policy-routing.netflix.user index 02335c4b35..1a287d5678 100644 --- a/net/vpn-policy-routing/files/vpn-policy-routing.netflix.user +++ b/net/vpn-policy-routing/files/vpn-policy-routing.netflix.user @@ -15,17 +15,17 @@ _ret=1 if [ ! -s "$TARGET_FNAME" ]; then if [ "$DB_SOURCE" = "ipinfo.io" ]; then TARGET_URL="https://ipinfo.io/AS${TARGET_ASN}" - curl "$TARGET_URL" 2>/dev/null | grep -E "a href.*${TARGET_ASN}\/" | grep -v ":" | sed "s/^.*//" > "$TARGET_FNAME" + uclient-fetch --no-check-certificate -qO- "$TARGET_URL" 2>/dev/null | grep -E "a href.*${TARGET_ASN}\/" | grep -v ":" | sed "s/^.*//" > "$TARGET_FNAME" fi if [ "$DB_SOURCE" = "api.hackertarget.com" ]; then TARGET_URL="https://api.hackertarget.com/aslookup/?q=AS${TARGET_ASN}" - curl "$TARGET_URL" 2>/dev/null | sed '1d' > "$TARGET_FNAME" + uclient-fetch --no-check-certificate -qO- "$TARGET_URL" 2>/dev/null | sed '1d' > "$TARGET_FNAME" fi if [ "$DB_SOURCE" = "api.bgpview.io" ]; then TARGET_URL="https://api.bgpview.io/asn/${TARGET_ASN}/prefixes" - curl -s "$TARGET_URL" 2>/dev/null | jsonfilter -e '@.data.ipv4_prefixes[*].prefix' > "$TARGET_FNAME" + uclient-fetch --no-check-certificate -qO- "$TARGET_URL" 2>/dev/null | jsonfilter -e '@.data.ipv4_prefixes[*].prefix' > "$TARGET_FNAME" fi fi diff --git a/net/vpnbypass/Makefile b/net/vpnbypass/Makefile index 618ca6a6d1..83a4786ba2 100644 --- a/net/vpnbypass/Makefile +++ b/net/vpnbypass/Makefile @@ -4,8 +4,8 @@ include $(TOPDIR)/rules.mk PKG_NAME:=vpnbypass -PKG_VERSION:=1.3.1 -PKG_RELEASE:=10 +PKG_VERSION:=1.3.2 +PKG_RELEASE:=1 PKG_LICENSE:=GPL-3.0-or-later PKG_MAINTAINER:=Stan Grishin @@ -15,6 +15,7 @@ define Package/vpnbypass SECTION:=net CATEGORY:=Network TITLE:=VPN Bypass Service + URL:=https://docs.openwrt.melmac.net/vpnbypass/ DEPENDS:=+ipset +iptables PKGARCH:=all endef @@ -31,12 +32,6 @@ define Package/vpnbypass/conffiles /etc/config/vpnbypass endef -define Build/Prepare - mkdir -p $(PKG_BUILD_DIR)/files/ - $(CP) ./files/vpnbypass.init $(PKG_BUILD_DIR)/files/vpnbypass.init - sed -i "s|^\(PKG_VERSION\).*|\1='$(PKG_VERSION)-$(PKG_RELEASE)'|" $(PKG_BUILD_DIR)/files/vpnbypass.init -endef - define Build/Configure endef @@ -44,11 +39,10 @@ define Build/Compile endef define Package/vpnbypass/install - $(INSTALL_DIR) $(1)/etc/init.d - $(INSTALL_BIN) $(PKG_BUILD_DIR)/files/vpnbypass.init $(1)/etc/init.d/vpnbypass - $(INSTALL_DIR) $(1)/etc/config - $(INSTALL_CONF) ./files/vpnbypass.conf $(1)/etc/config/vpnbypass - $(INSTALL_DIR) $(1)/etc/hotplug.d/firewall + $(INSTALL_DIR) $(1)/etc/init.d $(1)/etc/config $(1)/etc/hotplug.d/firewall + $(INSTALL_BIN) ./files/vpnbypass.init $(1)/etc/init.d/vpnbypass + $(SED) "s|^\(PKG_VERSION\).*|\1='$(PKG_VERSION)-$(PKG_RELEASE)'|" $(1)/etc/init.d/vpnbypass + $(INSTALL_CONF) ./files/vpnbypass.config $(1)/etc/config/vpnbypass $(INSTALL_DATA) ./files/vpnbypass.hotplug $(1)/etc/hotplug.d/firewall/94-vpnbypass endef diff --git a/net/vpnbypass/files/README.md b/net/vpnbypass/files/README.md index 50fdb8c927..886ac7c554 100644 --- a/net/vpnbypass/files/README.md +++ b/net/vpnbypass/files/README.md @@ -1,100 +1,3 @@ - -# VPN Bypass +# README -[![HitCount](http://hits.dwyl.com/stangri/openwrt/vpnbypass.svg)](http://hits.dwyl.com/stangri/openwrt/vpnbypass) - -A simple [procd](https://openwrt.org/docs/techref/procd)-based ```vpnbypass``` service for OpenWrt/LEDE Project. This is useful if your router accesses Internet through a VPN client/tunnel, but you want specific traffic (ports, IP ranges, domains or local IP ranges) to be routed outside of this tunnel. - -## Features - -- Define local ports so traffic to them is routed outside of the VPN tunnel (by default it routes Plex Media Server traffic (port 32400) outside of the VPN tunnel). -- Define IPs/subnets in local networks so their traffic is routed outside the VPN tunnel (by default it routes traffic from 192.168.1.81-192.168.1.87 outside the VPN tunnel). -- Define remote IP ranges that are accessed outside the VPN tunnel (by default, LogmeIn Hamachi traffic (25.0.0.0/8) is routed outside the VPN tunnel). -- Creates list of domain names which should be accessed outside the VPN tunnel (useful for Netflix, Hulu, etc). -- Does not reside in RAM -- creates `iptables` rules which are automatically updated on WAN up/down events. -- A companion package (`luci-app-vpnbypass`) is provided so all features may be configured from the Web UI. -- Proudly made in Canada, using locally-sourced electrons. - -## Screenshot (luci-app-vpnbypass) - -![screenshot](https://cdn.jsdelivr.net/gh/stangri/openwrt_packages/screenshots/vpnbypass/screenshot02.png "screenshot") - -## Requirements - -This service requires the following packages to be installed on your router: ```ipset``` and ```iptables```. Additionally, if you want to use the Domain Bypass feature, you need to install ```dnsmasq-full``` (```dnsmasq-full``` requires you uninstall ```dnsmasq``` first). - -To fully satisfy the requirements for both IP/Port VPN Bypass and Domain Bypass features connect via ssh to your router and run the following commands: - -```sh -opkg update; opkg remove dnsmasq; opkg install ipset iptables dnsmasq-full -``` - -To satisfy the requirements for just IP/Port VPN Bypass connect to your router via ssh and run the following commands: - -```sh -opkg update; opkg install ipset iptables -``` - -### Unmet dependencies - -If you are running a development (trunk/snapshot) build of OpenWrt/LEDE Project on your router and your build is outdated (meaning that packages of the same revision/commit hash are no longer available and when you try to satisfy the [requirements](#requirements) you get errors), please flash either current LEDE release image or current development/snapshot image. - -## How to install - - -Please ensure that the [requirements](#requirements) are satisfied and install ```vpnbypass``` and ```luci-app-vpnbypass``` from the Web UI or connect to your router via ssh and run the following commands: - -```sh -opkg update -opkg install vpnbypass luci-app-vpnbypass -``` - -If these packages are not found in the official feed/repo for your version of OpenWrt/LEDE Project, you will need to add a custom repo to your router following instructions on [GitHub](https://github.com/stangri/openwrt_packages/blob/master/README.md#on-your-router)/[jsDelivr](https://cdn.jsdelivr.net/gh/stangri/openwrt_packages/README.md#on-your-router) first. - -These packages have been designed to be backwards compatible with OpenWrt 19.07, OpenWrt 18.06, LEDE Project 17.01 and OpenWrt 15.05. However, on systems older than OpenWrt 18.06.6 and/or a system which has deviated too far (or haven't been updated to keep in-sync) with official OpenWrt release you may get a message about missing ```luci-compat``` dependency, which (and only which) you can safely ignore and force-install the luci app using ```opkg install --force-depends``` command instead of ```opkg install```. - -## Default Settings - -The default configuration ships with the service disabled, use the Web UI to enable/start the service or run ```uci set vpnbypass.config.enabled=1; uci commit vpnbypass;```. It routes Plex Media Server traffic (port 32400) and LogmeIn Hamachi traffic (25.0.0.0/8) outside of the VPN tunnel. Internet traffic from local IPs `192.168.1.81-192.168.1.87` is also routed outside the VPN tunnel. You can safely delete these example rules if they do not apply to you. - -## Documentation / Discussion - -Please head to [OpenWrt Forum](https://forum.openwrt.org/t/vpn-bypass-split-tunneling-service-luci-ui/1106) for discussions of this service. - -### Bypass Domains Format/Syntax - -Domain lists should be in the following format/syntax: ```/domain1.com/domain2.com/vpnbypass```. Please do not forget the leading ```/``` and trailing ```/vpnbypass```. There is no validation if you enter something incorrectly -- it simply will not work. Please see [Notes/Known Issues](#notesknown-issues) if you wish to edit this setting manually, without using the Web UI. - -## What's New - -1.3.0: - -- No longer depends on hardcoded WAN interface name (```wan```) works with other interface names (like ```wwan```). -- Table ID, IPSET name and FW_MARK as well as FW_MASK can be defined in config file. -- Uses iptables, not ip rules for handling local IPs/ranges. -- More reliable creation/destruction of VPNBYPASS iptables chain. -- Updated Web UI enables, starts and stops the service. - -## Notes/Known Issues - -1. Domains to be accessed outside of VPN tunnel are handled by dnsmasq and thus are not defined in ```/etc/config/vpnpass```, but rather in ```/etc/config/dhcp```. To add/delete/edit domains you can use VPN Bypass Web UI or you can edit ```/etc/config/dhcp``` manually or run the following commands: - -```sh -uci add_list dhcp.@dnsmasq[-1].ipset='/github.com/plex.tv/google.com/vpnbypass' -uci add_list dhcp.@dnsmasq[-1].ipset='/hulu.com/netflix.com/nhl.com/vpnbypass' -uci commit dhcp -/etc/init.d/dnsmasq restart -``` - -This feature requires ```dnsmasq-full``` to work. See the [Requirements](#requirements) section for more details. +README has been moved to [https://docs.openwrt.melmac.net/vpnbypass/](https://docs.openwrt.melmac.net/vpnbypass/). diff --git a/net/vpnbypass/files/vpnbypass.conf b/net/vpnbypass/files/vpnbypass.conf deleted file mode 100644 index 0768e865c9..0000000000 --- a/net/vpnbypass/files/vpnbypass.conf +++ /dev/null @@ -1,5 +0,0 @@ -config vpnbypass 'config' - option enabled '0' - list localport '32400' - list localsubnet '192.168.1.81/29' - list remotesubnet '25.0.0.0/8' diff --git a/net/vpnbypass/files/vpnbypass.config b/net/vpnbypass/files/vpnbypass.config new file mode 100644 index 0000000000..0768e865c9 --- /dev/null +++ b/net/vpnbypass/files/vpnbypass.config @@ -0,0 +1,5 @@ +config vpnbypass 'config' + option enabled '0' + list localport '32400' + list localsubnet '192.168.1.81/29' + list remotesubnet '25.0.0.0/8' diff --git a/net/vpnbypass/files/vpnbypass.init b/net/vpnbypass/files/vpnbypass.init index 241f5543bc..03a95ae68f 100644 --- a/net/vpnbypass/files/vpnbypass.init +++ b/net/vpnbypass/files/vpnbypass.init @@ -1,6 +1,6 @@ #!/bin/sh /etc/rc.common # Copyright 2017-2020 Stan Grishin (stangri@melmac.net) -# shellcheck disable=SC2039,SC1091,SC2086 +# shellcheck disable=SC2039,SC1091,SC2086,SC3043,SC3057,SC3060 PKG_VERSION='dev-test' # shellcheck disable=SC2034 @@ -8,8 +8,13 @@ START=94 # shellcheck disable=SC2034 USE_PROCD=1 +if type extra_command 1>/dev/null 2>&1; then + extra_command 'version' 'Show version information' +else # shellcheck disable=SC2034 -extra_command "version" "Print version information" + EXTRA_COMMANDS='version' +fi + version() { echo "$PKG_VERSION"; } readonly __ERROR__='\033[0;31mERROR\033[0m' @@ -65,13 +70,13 @@ is_enabled() { [ -n "$wan_if4" ] && network_get_gateway wan_gw "$wan_if4" if [ $sleepCount -ge 25 ] || [ -n "$wan_gw" ]; then break; fi output "$serviceName waiting for wan gateway...\\n" - sleep 2; network_flush_cache; let "sleepCount+=1"; + sleep 2; network_flush_cache; sleepCount=$((sleepCount+1)); done [ -n "$wan_gw" ] && return 0 output "$__ERROR__: $serviceName failed to discover WAN gateway.\\n"; return 1; } -is_ovpn() { local dev; dev=$(uci -q get network."$1".ifname); if [ "${dev:0:3}" = "tun" ] || [ "${dev:0:3}" = "tap" ] || [ -f "/sys/devices/virtual/net/${dev}/tun_flags" ]; then return 0; else return 1; fi; } +is_ovpn() { local dev i; for i in ifname device; do [ -z "$dev" ] && dev="$(uci -q get "network.${1}.${i}")"; done; if [ "${dev:0:3}" = "tun" ] || [ "${dev:0:3}" = "tap" ] || [ -f "/sys/devices/virtual/net/${dev}/tun_flags" ]; then return 0; else return 1; fi; } is_wan() { if [ -n "$wan_if4" ] && [ "$1" = "$wan_if4" ]; then return 0; else return 1; fi; } is_supported_interface() { if is_wan "$1" || is_ovpn "$1"; then return 0; else return 1; fi; } @@ -98,20 +103,20 @@ start_service() { procd_set_param stderr 1 procd_close_instance - ipt -t mangle -D PREROUTING -m mark --mark 0x00/${FW_MASK} -g VPNBYPASS >/dev/null 2>&1 - { ipt -t mangle -N VPNBYPASS; ipt -t mangle -A PREROUTING -m mark --mark 0x00/${FW_MASK} -g VPNBYPASS; } >/dev/null 2>&1 - ipt -t mangle -A VPNBYPASS -m set --match-set $IPSET dst -j MARK --set-mark ${FW_MARK}/${FW_MASK} >/dev/null 2>&1 ip rule del fwmark "$FW_MARK" table "$TID" >/dev/null 2>&1; ipset -q flush "$IPSET"; ipset -q destroy "$IPSET"; ip route flush table "$TID"; ip route flush cache; ip route add default via "$wan_gw" table "$TID"; ip route flush cache; - ipset -q -exist create "$IPSET" hash:ip; ipset -q flush "$IPSET" ip rule add fwmark "$FW_MARK" table "$TID" + ipset -q -exist create "$IPSET" hash:ip; ipset -q flush "$IPSET" { modprobe xt_set; modprobe ip_set; modprobe ip_set_hash_ip; } >/dev/null 2>&1 - for ll in ${ranges}; do ipt -t mangle -I VPNBYPASS 1 -j MARK --set-mark ${FW_MARK}/${FW_MASK} -s "$ll"; done - for ll in ${lports}; do ipt -t mangle -I VPNBYPASS 1 -j MARK --set-mark ${FW_MARK}/${FW_MASK} -p tcp -m multiport --sport "${ll//-/:}"; done - for ll in ${routes}; do ipt -t mangle -I VPNBYPASS 1 -j MARK --set-mark ${FW_MARK}/${FW_MASK} -d "$ll"; done - for ll in ${rports}; do ipt -t mangle -I VPNBYPASS 1 -j MARK --set-mark ${FW_MARK}/${FW_MASK} -p tcp -m multiport --dport "${ll//-/:}"; done + ipt -t mangle -D PREROUTING -m mark --mark 0x00/${FW_MASK} -g VPNBYPASS >/dev/null 2>&1 + { ipt -t mangle -N VPNBYPASS; ipt -t mangle -A PREROUTING -m mark --mark 0x00/${FW_MASK} -g VPNBYPASS; } >/dev/null 2>&1 + ipt -t mangle -A VPNBYPASS -m set --match-set $IPSET dst -j MARK --set-mark ${FW_MARK}/${FW_MASK} >/dev/null 2>&1 + for ll in ${ranges}; do ipt -t mangle -A VPNBYPASS -j MARK --set-mark ${FW_MARK}/${FW_MASK} -s "$ll"; done + for ll in ${lports}; do ipt -t mangle -A VPNBYPASS -j MARK --set-mark ${FW_MARK}/${FW_MASK} -p tcp -m multiport --sport "${ll//-/:}"; done + for ll in ${routes}; do ipt -t mangle -A VPNBYPASS -j MARK --set-mark ${FW_MARK}/${FW_MASK} -d "$ll"; done + for ll in ${rports}; do ipt -t mangle -A VPNBYPASS -j MARK --set-mark ${FW_MARK}/${FW_MASK} -p tcp -m multiport --dport "${ll//-/:}"; done output "$serviceName started with TID: $TID; FW_MARK: $FW_MARK\\n" } @@ -127,11 +132,15 @@ stop_service() { service_triggers_load_interface() { is_supported_interface "$1" && ifaces="${ifaces}${1} "; } service_triggers() { - local ifaces n - config_load network; config_foreach service_triggers_load_interface 'interface'; - procd_add_reload_trigger 'firewall' 'openvpn' 'vpnbypass' - procd_open_trigger - for n in $ifaces; do procd_add_reload_interface_trigger "$n"; procd_add_interface_trigger "interface.*" "$n" /etc/init.d/vpnbypass reload; done; - output "$serviceName monitoring interfaces: $ifaces\\n" - procd_close_trigger + local ifaces n + config_load network; config_foreach service_triggers_load_interface 'interface'; + procd_open_trigger + procd_add_reload_trigger 'openvpn' + if type procd_add_service_trigger 1>/dev/null 2>&1; then + procd_add_service_trigger "service.restart" "firewall" /etc/init.d/${packageName} reload + fi + procd_add_config_trigger "config.change" "${packageName}" /etc/init.d/${packageName} reload + for n in $ifaces; do procd_add_reload_interface_trigger "$n"; procd_add_interface_trigger "interface.*" "$n" /etc/init.d/vpnbypass reload; done; + output "$serviceName monitoring interfaces: $ifaces\\n" + procd_close_trigger } diff --git a/net/vpnbypass/test.sh b/net/vpnbypass/test.sh index e51c480568..45469ed96e 100644 --- a/net/vpnbypass/test.sh +++ b/net/vpnbypass/test.sh @@ -1,3 +1,3 @@ #!/bin/sh -/etc/init.d/"$1" version 2>&1 | grep "$2" \ No newline at end of file +/etc/init.d/"$1" version 2>&1 | grep "$2" diff --git a/net/yggdrasil/Makefile b/net/yggdrasil/Makefile index 5be4aa0756..b7bf0ad797 100644 --- a/net/yggdrasil/Makefile +++ b/net/yggdrasil/Makefile @@ -1,12 +1,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=yggdrasil -PKG_VERSION:=0.3.16 -PKG_RELEASE:=2 +PKG_VERSION:=0.4.0 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/yggdrasil-network/yggdrasil-go/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=e03595b78906b171155aaa11c922be3418bd056f8547e4d9f5123b6047316eac +PKG_HASH:=6ad762012ef1a73bfb718db4a23c5a0067e13939d0655221afc4c1f723736cbf PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-go-$(PKG_VERSION) PKG_MAINTAINER:=William Fleurant diff --git a/net/yggdrasil/files/yggdrasil.init b/net/yggdrasil/files/yggdrasil.init index d981834bd5..38971281ea 100755 --- a/net/yggdrasil/files/yggdrasil.init +++ b/net/yggdrasil/files/yggdrasil.init @@ -4,15 +4,19 @@ START=90 STOP=85 USE_PROCD=1 +BIN_FILE="/usr/sbin/yggdrasil" +CONFIG_FILE="/tmp/yggdrasil.conf" +DAEMON_OPTS="-useconffile $CONFIG_FILE" start_service() { [ -f /etc/uci-defaults/yggdrasil ] && ( . /etc/uci-defaults/yggdrasil ) + /usr/sbin/ygguci get | $BIN_FILE -useconf -normaliseconf -json > $CONFIG_FILE + procd_open_instance procd_set_param respawn - - procd_set_param command /bin/ash -c "ygguci get | yggdrasil -useconf -normaliseconf -json | yggdrasil -useconf" + procd_set_param command $BIN_FILE $DAEMON_OPTS procd_set_param stdout 1 procd_set_param stderr 1 procd_close_instance diff --git a/net/yggdrasil/files/ygguci b/net/yggdrasil/files/ygguci index f9c964a247..cdeb3c1a99 100755 --- a/net/yggdrasil/files/ygguci +++ b/net/yggdrasil/files/ygguci @@ -13,28 +13,11 @@ function UCI.defaults() return { AdminListen = "unix:///var/run/yggdrasil.sock", IfName = "ygg0", NodeInfoPrivacy = false, - LinkLocalTCPPort = 0, IfMTU = 65535, + IfMTU = 65535, - Peers = { }, Listen = { }, MulticastInterfaces = { }, AllowedEncryptionPublicKeys = { }, + Peers = { }, Listen = { }, MulticastInterfaces = { }, AllowedPublicKeys = { }, InterfacePeers = setmetatable({ }, {__jsontype = "object"}), - NodeInfo = setmetatable({ }, {__jsontype = "object"}), - - SessionFirewall = { - Enable = false, - AllowFromDirect = true, - AllowFromRemote = true, - AlwaysAllowOutbound = true, - WhitelistEncryptionPublicKeys = { }, - BlacklistEncryptionPublicKeys = { } - }, - TunnelRouting = { - Enable = false, - IPv6RemoteSubnets = setmetatable({ }, {__jsontype = "object"}), - IPv6LocalSubnets = { }, - IPv4RemoteSubnets = setmetatable({ }, {__jsontype = "object"}), - IPv4LocalSubnets = { } - }, - SwitchOptions = { MaxTotalQueueSize = 4194304 } + NodeInfo = setmetatable({ }, {__jsontype = "object"}) } end @@ -48,19 +31,15 @@ function UCI.get() local config = cursor:get_all("yggdrasil", "yggdrasil") if not config then return obj end - obj.EncryptionPublicKey = config.EncryptionPublicKey - obj.EncryptionPrivateKey = config.EncryptionPrivateKey - obj.SigningPublicKey = config.SigningPublicKey - obj.SigningPrivateKey = config.SigningPrivateKey + obj.PublicKey = config.PublicKey + obj.PrivateKey = config.PrivateKey obj.AdminListen = config.AdminListen or obj.AdminListen obj.IfName = config.IfName or obj.IfName obj.NodeInfo = dkjson.decode(config.NodeInfo) or obj.NodeInfo for _, v in pairs({ "NodeInfoPrivacy" }) do if config[v] ~= nil then obj[v] = to_bool(config[v]) end end - for _, v in pairs({ "LinkLocalTCPPort", "IfMTU" }) do - if config[v] ~= nil then obj[v] = tonumber(config[v]) end - end + if config["IfMTU"] ~= nil then obj["IfMTU"] = tonumber(config["IfMTU"]) end cursor:foreach("yggdrasil", "peer", function (s) table.insert(obj.Peers, s.uri) @@ -69,10 +48,13 @@ function UCI.get() table.insert(obj.Listen, s.uri) end) cursor:foreach("yggdrasil", "multicast_interface", function (s) - table.insert(obj.MulticastInterfaces, s.name) + table.insert(obj.MulticastInterfaces, { + Beacon = to_bool(s.beacon), Listen = to_bool(s.listen), + Port = tonumber(s.port), Regex = s.regex + }) end) - cursor:foreach("yggdrasil", "allowed_encryption_public_key", function (s) - table.insert(obj.AllowedEncryptionPublicKeys, s.key) + cursor:foreach("yggdrasil", "allowed_public_key", function (s) + table.insert(obj.AllowedPublicKeys, s.key) end) cursor:foreach("yggdrasil", "interface_peer", function (s) @@ -82,43 +64,6 @@ function UCI.get() table.insert(obj.InterfacePeers[s["interface"]], s.uri) end) - -- session firewall config - local session_firewall_config = { "Enable", "AllowFromDirect", "AllowFromRemote", "AlwaysAllowOutbound" } - for _, v in pairs(session_firewall_config) do - if config["SessionFirewall_"..v] ~= nil then - obj.SessionFirewall[v] = to_bool(config["SessionFirewall_"..v]) - end - end - cursor:foreach("yggdrasil", "whitelisted_encryption_public_key", function (s) - table.insert(obj.SessionFirewall.WhitelistEncryptionPublicKeys, s.key) - end) - cursor:foreach("yggdrasil", "blacklisted_encryption_public_key", function (s) - table.insert(obj.SessionFirewall.BlacklistEncryptionPublicKeys, s.key) - end) - -- /session firewall config - - -- tunnel routing config - if config.TunnelRouting_Enable ~= nil then - obj.TunnelRouting.Enable = to_bool(config.TunnelRouting_Enable) - end - cursor:foreach("yggdrasil", "ipv6_remote_subnet", function (s) - obj.TunnelRouting.IPv6RemoteSubnets[s.subnet] = s.key - end) - cursor:foreach("yggdrasil", "ipv6_local_subnet", function (s) - table.insert(obj.TunnelRouting.IPv6LocalSubnets, s.subnet) - end) - cursor:foreach("yggdrasil", "ipv4_remote_subnet", function (s) - obj.TunnelRouting.IPv4RemoteSubnets[s.subnet] = s.key - end) - cursor:foreach("yggdrasil", "ipv4_local_subnet", function (s) - table.insert(obj.TunnelRouting.IPv4LocalSubnets, s.subnet) - end) - -- /tunnel routing config - - if config.SwitchOptions_MaxTotalQueueSize ~= nil then - obj.SwitchOptions.MaxTotalQueueSize = tonumber(config.SwitchOptions_MaxTotalQueueSize) - end - return obj end @@ -137,21 +82,26 @@ function UCI.set(obj) cursor:set("yggdrasil", "yggdrasil", "yggdrasil") - cursor:set("yggdrasil", "yggdrasil", "EncryptionPublicKey", obj.EncryptionPublicKey) - cursor:set("yggdrasil", "yggdrasil", "EncryptionPrivateKey", obj.EncryptionPrivateKey) - cursor:set("yggdrasil", "yggdrasil", "SigningPublicKey", obj.SigningPublicKey) - cursor:set("yggdrasil", "yggdrasil", "SigningPrivateKey", obj.SigningPrivateKey) + cursor:set("yggdrasil", "yggdrasil", "PublicKey", obj.PublicKey) + cursor:set("yggdrasil", "yggdrasil", "PrivateKey", obj.PrivateKey) cursor:set("yggdrasil", "yggdrasil", "AdminListen", obj.AdminListen) cursor:set("yggdrasil", "yggdrasil", "IfName", obj.IfName) cursor:set("yggdrasil", "yggdrasil", "NodeInfoPrivacy", to_int(obj.NodeInfoPrivacy)) cursor:set("yggdrasil", "yggdrasil", "NodeInfo", dkjson.encode(obj.NodeInfo)) - cursor:set("yggdrasil", "yggdrasil", "LinkLocalTCPPort", obj.LinkLocalTCPPort) cursor:set("yggdrasil", "yggdrasil", "IfMTU", obj.IfMTU) set_values(cursor, "peer", "uri", obj.Peers) set_values(cursor, "listen_address", "uri", obj.Listen) - set_values(cursor, "multicast_interface", "name", obj.MulticastInterfaces) - set_values(cursor, "allowed_encryption_public_key", "key", obj.AllowedEncryptionPublicKeys) + + for _, interface in pairs(obj.MulticastInterfaces) do + local name = cursor:add("yggdrasil", "multicast_interface") + cursor:set("yggdrasil", name, "beacon", to_int(interface.Beacon)) + cursor:set("yggdrasil", name, "listen", to_int(interface.Listen)) + cursor:set("yggdrasil", name, "port", interface.Port) + cursor:set("yggdrasil", name, "regex", interface.Regex) + end + + set_values(cursor, "allowed_public_key", "key", obj.AllowedPublicKeys) for interface, peers in pairs(obj.InterfacePeers) do for _, v in pairs(peers) do @@ -161,37 +111,6 @@ function UCI.set(obj) end end - -- session firewall config - cursor:set("yggdrasil", "yggdrasil", "SessionFirewall_Enable", to_int(obj.SessionFirewall.Enable)) - cursor:set("yggdrasil", "yggdrasil", "SessionFirewall_AllowFromDirect", to_int(obj.SessionFirewall.AllowFromDirect)) - cursor:set("yggdrasil", "yggdrasil", "SessionFirewall_AllowFromRemote", to_int(obj.SessionFirewall.AllowFromRemote)) - cursor:set("yggdrasil", "yggdrasil", "SessionFirewall_AlwaysAllowOutbound", to_int(obj.SessionFirewall.AlwaysAllowOutbound)) - set_values(cursor, "whitelisted_encryption_public_key", "key", obj.SessionFirewall.WhitelistEncryptionPublicKeys) - set_values(cursor, "blacklisted_encryption_public_key", "key", obj.SessionFirewall.BlacklistEncryptionPublicKeys) - -- /session firewall config - - -- tunnel routing config - cursor:set("yggdrasil", "yggdrasil", "TunnelRouting_Enable", to_int(obj.TunnelRouting.Enable)) - if obj.TunnelRouting.IPv6RemoteSubnets ~= nil then - for subnet, key in pairs(obj.TunnelRouting.IPv6RemoteSubnets) do - local name = cursor:add("yggdrasil", "ipv6_remote_subnet") - cursor:set("yggdrasil", name, "subnet", subnet) - cursor:set("yggdrasil", name, "key", key) - end - end - set_values(cursor, "ipv6_local_subnet", "subnet", obj.TunnelRouting.IPv6LocalSubnets) - if obj.TunnelRouting.IPv4RemoteSubnets ~= nil then - for subnet, key in pairs(obj.TunnelRouting.IPv4RemoteSubnets) do - local name = cursor:add("yggdrasil", "ipv4_remote_subnet") - cursor:set("yggdrasil", name, "subnet", subnet) - cursor:set("yggdrasil", name, "key", key) - end - end - set_values(cursor, "ipv4_local_subnet", "subnet", obj.TunnelRouting.IPv4LocalSubnets) - -- /tunnel routing config - - cursor:set("yggdrasil", "yggdrasil", "SwitchOptions_MaxTotalQueueSize", obj.SwitchOptions.MaxTotalQueueSize) - return cursor:commit("yggdrasil") end diff --git a/sound/mpd/Makefile b/sound/mpd/Makefile index 890553ab68..0a617eaa70 100644 --- a/sound/mpd/Makefile +++ b/sound/mpd/Makefile @@ -6,12 +6,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=mpd -PKG_VERSION:=0.22.8 +PKG_VERSION:=0.22.9 PKG_RELEASE:=$(AUTORELEASE) PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://www.musicpd.org/download/mpd/0.22/ -PKG_HASH:=9617ed08c9ffafcf5f925819251f6b90df3f4f73cf2838c41033e1962104286d +PKG_HASH:=f937403297c2240bd4a569f4b937ee7ab17398a5284ba9df4d6d4c3a0512bc64 PKG_MAINTAINER:= PKG_LICENSE:=GPL-2.0-or-later diff --git a/utils/bash/Makefile b/utils/bash/Makefile index b15a145d45..ca276fb36f 100644 --- a/utils/bash/Makefile +++ b/utils/bash/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=bash -PKG_VERSION:=5.1 -PKG_RELEASE:=3 +PKG_VERSION:=5.1.8 +PKG_RELEASE:=$(AUTORELEASE) PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=@GNU/bash -PKG_HASH:=cc012bc860406dcf42f64431bcd3d2fa7560c02915a601aba9cd597a39329baa +PKG_HASH:=0cfb5c9bb1a29f800a97bd242d19511c997a1013815b805e0fdd32214113d6be PKG_MAINTAINER:=Marcel Denia PKG_LICENSE:=GPL-3.0-or-later diff --git a/utils/bash/patches/101-bash51-001.patch b/utils/bash/patches/101-bash51-001.patch deleted file mode 100644 index 02898aaf32..0000000000 --- a/utils/bash/patches/101-bash51-001.patch +++ /dev/null @@ -1,64 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 5.1 -Patch-ID: bash51-001 - -Bug-Reported-by: Fazal Majid -Bug-Reference-ID: -Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2020-12/msg00000.html - -Bug-Description: - -There is a missing dependency on a constructed file, which can cause highly -parellel builds to fail. - -Patch (apply with `patch -p0'): - ---- a/Makefile.in -+++ b/Makefile.in -@@ -1315,6 +1315,7 @@ bashline.o: trap.h flags.h assoc.h $(BAS - bashline.o: $(DEFSRC)/common.h $(GLOB_LIBSRC)/glob.h alias.h - bashline.o: pcomplete.h ${BASHINCDIR}/chartypes.h input.h - bashline.o: ${BASHINCDIR}/shmbutil.h ${BASHINCDIR}/shmbchar.h -+bashline.o: ${DEFDIR}/builtext.h - bracecomp.o: config.h bashansi.h ${BASHINCDIR}/ansi_stdlib.h - bracecomp.o: shell.h syntax.h config.h bashjmp.h ${BASHINCDIR}/posixjmp.h - bracecomp.o: command.h ${BASHINCDIR}/stdc.h error.h -@@ -1435,6 +1436,7 @@ builtins/evalstring.o: quit.h unwind_pro - builtins/evalstring.o: dispose_cmd.h make_cmd.h subst.h externs.h - builtins/evalstring.o: jobs.h builtins.h flags.h input.h execute_cmd.h - builtins/evalstring.o: bashhist.h $(DEFSRC)/common.h pathnames.h -+builtins/evalstring.o: ${DEFDIR}/builtext.h - builtins/getopt.o: config.h ${BASHINCDIR}/memalloc.h - builtins/getopt.o: shell.h syntax.h bashjmp.h command.h general.h xmalloc.h error.h - builtins/getopt.o: variables.h arrayfunc.h conftypes.h quit.h ${BASHINCDIR}/maxpath.h unwind_prot.h dispose_cmd.h ---- a/builtins/Makefile.in -+++ b/builtins/Makefile.in -@@ -361,7 +361,7 @@ evalstring.o: $(topdir)/dispose_cmd.h $( - evalstring.o: $(topdir)/externs.h $(topdir)/jobs.h $(topdir)/builtins.h - evalstring.o: $(topdir)/flags.h $(topdir)/input.h $(topdir)/execute_cmd.h - evalstring.o: $(topdir)/bashhist.h $(srcdir)/common.h --evalstring.o: $(topdir)/trap.h $(topdir)/redir.h ../pathnames.h -+evalstring.o: $(topdir)/trap.h $(topdir)/redir.h ../pathnames.h ./builtext.h - #evalstring.o: $(topdir)/y.tab.h - getopt.o: ../config.h $(BASHINCDIR)/memalloc.h - getopt.o: $(topdir)/shell.h $(topdir)/syntax.h $(topdir)/bashjmp.h $(topdir)/command.h ---- a/patchlevel.h -+++ b/patchlevel.h -@@ -1,6 +1,6 @@ - /* patchlevel.h -- current bash patch level */ - --/* Copyright (C) 2001-2016 Free Software Foundation, Inc. -+/* Copyright (C) 2001-2020 Free Software Foundation, Inc. - - This file is part of GNU Bash, the Bourne Again SHell. - -@@ -25,6 +25,6 @@ - regexp `^#define[ ]*PATCHLEVEL', since that's what support/mkversion.sh - looks for to find the patch level (for the sccs version string). */ - --#define PATCHLEVEL 0 -+#define PATCHLEVEL 1 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/utils/bash/patches/102-bash51-002.patch b/utils/bash/patches/102-bash51-002.patch deleted file mode 100644 index 2faa881891..0000000000 --- a/utils/bash/patches/102-bash51-002.patch +++ /dev/null @@ -1,45 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 5.1 -Patch-ID: bash51-002 - -Bug-Reported-by: oguzismailuysal@gmail.com -Bug-Reference-ID: -Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2020-12/msg00037.html - -Bug-Description: - -If there are no jobs, and the `-n' and `-p' options are both supplied to -`wait', bash can assign a value to the variable name specified with `-p' -instead of leaving it unset. - -Patch (apply with `patch -p0'): - ---- a/builtins/wait.def -+++ b/builtins/wait.def -@@ -213,11 +213,11 @@ wait_builtin (list) - } - - status = wait_for_any_job (wflags, &pstat); -- if (status < 0) -- status = 127; -- - if (vname && status >= 0) - bind_var_to_int (vname, pstat.pid); -+ -+ if (status < 0) -+ status = 127; - if (list) - unset_waitlist (); - WAIT_RETURN (status); ---- a/patchlevel.h -+++ b/patchlevel.h -@@ -25,6 +25,6 @@ - regexp `^#define[ ]*PATCHLEVEL', since that's what support/mkversion.sh - looks for to find the patch level (for the sccs version string). */ - --#define PATCHLEVEL 1 -+#define PATCHLEVEL 2 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/utils/bash/patches/103-bash51-003.patch b/utils/bash/patches/103-bash51-003.patch deleted file mode 100644 index 72c251b987..0000000000 --- a/utils/bash/patches/103-bash51-003.patch +++ /dev/null @@ -1,43 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 5.1 -Patch-ID: bash51-003 - -Bug-Reported-by: oguzismailuysal@gmail.com -Bug-Reference-ID: -Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2020-12/msg00050.html - -Bug-Description: - -Bash does not put a command substitution process that is started to perform an -expansion in a child process into the right process group where it can receive -keyboard-generated signals. - -Patch (apply with `patch -p0'): - ---- a/subst.c -+++ b/subst.c -@@ -6356,8 +6356,10 @@ command_substitute (string, quoted, flag - - #if defined (JOB_CONTROL) - old_pipeline_pgrp = pipeline_pgrp; -- /* Don't reset the pipeline pgrp if we're already a subshell in a pipeline. */ -- if ((subshell_environment & SUBSHELL_PIPE) == 0) -+ /* Don't reset the pipeline pgrp if we're already a subshell in a pipeline or -+ we've already forked to run a disk command (and are expanding redirections, -+ for example). */ -+ if ((subshell_environment & (SUBSHELL_FORK|SUBSHELL_PIPE)) == 0) - pipeline_pgrp = shell_pgrp; - cleanup_the_pipeline (); - #endif /* JOB_CONTROL */ ---- a/patchlevel.h -+++ b/patchlevel.h -@@ -25,6 +25,6 @@ - regexp `^#define[ ]*PATCHLEVEL', since that's what support/mkversion.sh - looks for to find the patch level (for the sccs version string). */ - --#define PATCHLEVEL 2 -+#define PATCHLEVEL 3 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/utils/bash/patches/104-bash51-004.patch b/utils/bash/patches/104-bash51-004.patch deleted file mode 100644 index 218b8434c2..0000000000 --- a/utils/bash/patches/104-bash51-004.patch +++ /dev/null @@ -1,114 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 5.1 -Patch-ID: bash51-004 - -Bug-Reported-by: oguzismailuysal@gmail.com -Bug-Reference-ID: -Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2020-12/msg00039.html - -Bug-Description: - -If a key-value compound array assignment to an associative array is supplied -as an assignment statement argument to the `declare' command that declares the -array, the assignment doesn't perform the correct word expansions. - -This patch makes key-value assignment and subscript assignment perform the -same expansions when they're supplied as an argument to `declare'. - -Patch (apply with `patch -p0'): - ---- a/arrayfunc.c -+++ b/arrayfunc.c -@@ -597,6 +597,27 @@ assign_assoc_from_kvlist (var, nlist, h, - free (aval); - } - } -+ -+/* Return non-zero if L appears to be a key-value pair associative array -+ compound assignment. */ -+int -+kvpair_assignment_p (l) -+ WORD_LIST *l; -+{ -+ return (l && (l->word->flags & W_ASSIGNMENT) == 0 && l->word->word[0] != '['); /*]*/ -+} -+ -+char * -+expand_and_quote_kvpair_word (w) -+ char *w; -+{ -+ char *t, *r; -+ -+ t = w ? expand_assignment_string_to_string (w, 0) : 0; -+ r = sh_single_quote (t ? t : ""); -+ free (t); -+ return r; -+} - #endif - - /* Callers ensure that VAR is not NULL. Associative array assignments have not -@@ -640,7 +661,7 @@ assign_compound_array_list (var, nlist, - last_ind = (a && (flags & ASS_APPEND)) ? array_max_index (a) + 1 : 0; - - #if ASSOC_KVPAIR_ASSIGNMENT -- if (assoc_p (var) && nlist && (nlist->word->flags & W_ASSIGNMENT) == 0 && nlist->word->word[0] != '[') /*]*/ -+ if (assoc_p (var) && kvpair_assignment_p (nlist)) - { - iflags = flags & ~ASS_APPEND; - assign_assoc_from_kvlist (var, nlist, nhash, iflags); ---- a/arrayfunc.h -+++ b/arrayfunc.h -@@ -67,6 +67,9 @@ extern SHELL_VAR *assign_array_var_from_ - extern char *expand_and_quote_assoc_word PARAMS((char *, int)); - extern void quote_compound_array_list PARAMS((WORD_LIST *, int)); - -+extern int kvpair_assignment_p PARAMS((WORD_LIST *)); -+extern char *expand_and_quote_kvpair_word PARAMS((char *)); -+ - extern int unbind_array_element PARAMS((SHELL_VAR *, char *, int)); - extern int skipsubscript PARAMS((const char *, int, int)); - ---- a/subst.c -+++ b/subst.c -@@ -11604,6 +11604,7 @@ expand_oneword (value, flags) - { - WORD_LIST *l, *nl; - char *t; -+ int kvpair; - - if (flags == 0) - { -@@ -11618,11 +11619,21 @@ expand_oneword (value, flags) - { - /* Associative array */ - l = parse_string_to_word_list (value, 1, "array assign"); -+#if ASSOC_KVPAIR_ASSIGNMENT -+ kvpair = kvpair_assignment_p (l); -+#endif -+ - /* For associative arrays, with their arbitrary subscripts, we have to - expand and quote in one step so we don't have to search for the - closing right bracket more than once. */ - for (nl = l; nl; nl = nl->next) - { -+#if ASSOC_KVPAIR_ASSIGNMENT -+ if (kvpair) -+ /* keys and values undergo the same set of expansions */ -+ t = expand_and_quote_kvpair_word (nl->word->word); -+ else -+#endif - if ((nl->word->flags & W_ASSIGNMENT) == 0) - t = sh_single_quote (nl->word->word ? nl->word->word : ""); - else ---- a/patchlevel.h -+++ b/patchlevel.h -@@ -25,6 +25,6 @@ - regexp `^#define[ ]*PATCHLEVEL', since that's what support/mkversion.sh - looks for to find the patch level (for the sccs version string). */ - --#define PATCHLEVEL 3 -+#define PATCHLEVEL 4 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/utils/bluez/Makefile b/utils/bluez/Makefile index 3e3c89b735..6d3407eccc 100644 --- a/utils/bluez/Makefile +++ b/utils/bluez/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=bluez -PKG_VERSION:=5.56 -PKG_RELEASE:=1 +PKG_VERSION:=5.60 +PKG_RELEASE:=$(AUTORELEASE) PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=@KERNEL/linux/bluetooth/ -PKG_HASH:=59c4dba9fc8aae2a6a5f8f12f19bc1b0c2dc27355c7ca3123eed3fe6bd7d0b9d +PKG_HASH:=710999580d01ee59ec585e5e7c07fd94eddedc001aa26fe7464c546f9d945304 PKG_LICENSE:=GPL-2.0-or-later PKG_LICENSE_FILES:=COPYING diff --git a/utils/bluez/patches/201-readline.patch b/utils/bluez/patches/201-readline.patch index 0a2f20eb32..f6dd716624 100644 --- a/utils/bluez/patches/201-readline.patch +++ b/utils/bluez/patches/201-readline.patch @@ -1,6 +1,6 @@ --- a/Makefile.in +++ b/Makefile.in -@@ -3225,7 +3225,7 @@ unit_tests = $(am__append_54) unit/test- +@@ -3326,7 +3326,7 @@ unit_tests = $(am__append_52) unit/test- @CLIENT_TRUE@ client/gatt.h client/gatt.c @CLIENT_TRUE@client_bluetoothctl_LDADD = gdbus/libgdbus-internal.la src/libshared-glib.la \ @@ -9,7 +9,7 @@ @ZSH_COMPLETIONS_TRUE@zshcompletiondir = $(ZSH_COMPLETIONDIR) @ZSH_COMPLETIONS_TRUE@dist_zshcompletion_DATA = completion/zsh/_bluetoothctl -@@ -3457,7 +3457,7 @@ unit_tests = $(am__append_54) unit/test- +@@ -3559,7 +3559,7 @@ unit_tests = $(am__append_52) unit/test- @MESH_TRUE@@TOOLS_TRUE@tools_meshctl_LDADD = gdbus/libgdbus-internal.la src/libshared-glib.la \ @MESH_TRUE@@TOOLS_TRUE@ lib/libbluetooth-internal.la \ @@ -18,7 +18,7 @@ @MESH_TRUE@@TOOLS_TRUE@tools_mesh_cfgclient_SOURCES = tools/mesh-cfgclient.c \ @MESH_TRUE@@TOOLS_TRUE@ tools/mesh/model.h tools/mesh/config-model.h \ -@@ -3524,7 +3524,7 @@ unit_tests = $(am__append_54) unit/test- +@@ -3630,7 +3630,7 @@ unit_tests = $(am__append_52) unit/test- @READLINE_TRUE@ tools/obex-client-tool.c @READLINE_TRUE@tools_obex_client_tool_LDADD = lib/libbluetooth-internal.la \ @@ -27,7 +27,7 @@ @READLINE_TRUE@tools_obex_server_tool_SOURCES = $(gobex_sources) $(btio_sources) \ @READLINE_TRUE@ tools/obex-server-tool.c -@@ -3533,15 +3533,15 @@ unit_tests = $(am__append_54) unit/test- +@@ -3639,15 +3639,15 @@ unit_tests = $(am__append_52) unit/test- @READLINE_TRUE@tools_bluetooth_player_SOURCES = tools/bluetooth-player.c @READLINE_TRUE@tools_bluetooth_player_LDADD = gdbus/libgdbus-internal.la \ @READLINE_TRUE@ src/libshared-glib.la \ @@ -46,7 +46,7 @@ @DEPRECATED_TRUE@@READLINE_TRUE@attrib_gatttool_SOURCES = attrib/gatttool.c attrib/att.c attrib/gatt.c \ @DEPRECATED_TRUE@@READLINE_TRUE@ attrib/gattrib.c btio/btio.c \ -@@ -3550,7 +3550,7 @@ unit_tests = $(am__append_54) unit/test- +@@ -3656,7 +3656,7 @@ unit_tests = $(am__append_52) unit/test- @DEPRECATED_TRUE@@READLINE_TRUE@ client/display.h @DEPRECATED_TRUE@@READLINE_TRUE@attrib_gatttool_LDADD = lib/libbluetooth-internal.la \ diff --git a/utils/bluez/patches/205-refresh_adv_manager_for_non-LE_devices.patch b/utils/bluez/patches/205-refresh_adv_manager_for_non-LE_devices.patch index 005684add9..c42739ea8c 100644 --- a/utils/bluez/patches/205-refresh_adv_manager_for_non-LE_devices.patch +++ b/utils/bluez/patches/205-refresh_adv_manager_for_non-LE_devices.patch @@ -34,7 +34,7 @@ This commit prevents the call to btd_adv_manager_refresh for non-LE devices. --- a/src/adapter.c +++ b/src/adapter.c -@@ -557,7 +557,8 @@ static void settings_changed(struct btd_ +@@ -560,7 +560,8 @@ static void settings_changed(struct btd_ g_dbus_emit_property_changed(dbus_conn, adapter->path, ADAPTER_INTERFACE, "Discoverable"); store_adapter_info(adapter); diff --git a/utils/canutils/Makefile b/utils/canutils/Makefile index d1d94229eb..741bbeb9d7 100644 --- a/utils/canutils/Makefile +++ b/utils/canutils/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=canutils -PKG_VERSION:=2020.12.0 -PKG_RELEASE:=1 +PKG_VERSION:=2021.06.0 +PKG_RELEASE:=$(AUTORELEASE) PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/linux-can/can-utils/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=c5c22a00ce2ea7578d7617ac0affef8f47a349be58e708780d703b979f324a2b +PKG_HASH:=f7874457224c89f8b2eb55ab741935ddb7f1c9bc52de2642330b0799f89d1040 PKG_BUILD_DIR:=$(BUILD_DIR)/can-utils-$(PKG_VERSION) PKG_MAINTAINER:=Anton Glukhov diff --git a/utils/cryptsetup/Makefile b/utils/cryptsetup/Makefile index fd623c4a71..c17f27595b 100644 --- a/utils/cryptsetup/Makefile +++ b/utils/cryptsetup/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=cryptsetup -PKG_VERSION:=2.3.5 +PKG_VERSION:=2.3.6 PKG_RELEASE:=$(AUTORELEASE) PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=@KERNEL/linux/utils/cryptsetup/v2.3 -PKG_HASH:=ced9946f444d132536daf92fc8aca4277638a3c2d96e20540b2bae4d36fd70c1 +PKG_HASH:=b296b7a21ea576c2b180611ccb19d06aec8dddaedf7c704b0c6a81210c25635f PKG_MAINTAINER:=Daniel Golle PKG_LICENSE:=GPL-2.0-or-later LGPL-2.1-or-later diff --git a/utils/ctop/Makefile b/utils/ctop/Makefile index 4486fc8aa3..28fcf92675 100644 --- a/utils/ctop/Makefile +++ b/utils/ctop/Makefile @@ -1,12 +1,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=ctop -PKG_VERSION:=0.7.5 +PKG_VERSION:=0.7.6 PKG_RELEASE:=1 PKG_SOURCE:=v$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/bcicen/ctop/archive -PKG_HASH:=a9a3be0e5eab2fee6b44a5d063188a354f9c0dde3d96a169d1490981f7826e9a +PKG_HASH:=8ef76a7d4d725f750a5d8a6ee330e81b3b845a91fbd50ae3e746cead74736391 PKG_MAINTAINER:=Javier Marcet PKG_LICENSE:=MIT diff --git a/utils/fuse3/Makefile b/utils/fuse3/Makefile index 9dd18a802a..cd0911899f 100644 --- a/utils/fuse3/Makefile +++ b/utils/fuse3/Makefile @@ -9,12 +9,12 @@ include $(TOPDIR)/rules.mk include $(INCLUDE_DIR)/kernel.mk PKG_NAME:=fuse3 -PKG_VERSION:=3.10.1 -PKG_RELEASE:=1 +PKG_VERSION:=3.10.4 +PKG_RELEASE:=$(AUTORELEASE) PKG_SOURCE:=fuse-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://github.com/libfuse/libfuse/releases/download/fuse-$(PKG_VERSION) -PKG_HASH:=d82d74d4c03e099f806e4bb31483955637c69226576bf0ca9bd142f1d50ae451 +PKG_HASH:=9365b74fd8471caecdb3cc5adf25a821f70a931317ee9103d15bd39089e3590d PKG_BUILD_DIR:=$(BUILD_DIR)/fuse-$(PKG_VERSION) PKG_MAINTAINER:= diff --git a/utils/hashdeep/Makefile b/utils/hashdeep/Makefile index 673d389c0b..3a706ae8b4 100644 --- a/utils/hashdeep/Makefile +++ b/utils/hashdeep/Makefile @@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=hashdeep PKG_VERSION:=4.4 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/jessek/hashdeep/tar.gz/v$(PKG_VERSION)? diff --git a/utils/hashdeep/patches/010-gcc11.patch b/utils/hashdeep/patches/010-gcc11.patch new file mode 100644 index 0000000000..f9606c0384 --- /dev/null +++ b/utils/hashdeep/patches/010-gcc11.patch @@ -0,0 +1,27 @@ +From 6ef69a26126ee4e69a25392fd456b8a66c51dffd Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Tue, 15 Nov 2016 02:46:55 +0000 +Subject: [PATCH] Fix errors found by clang + +Fixes errors like + +../../git/src/hash.cpp:282:19: error: ordered comparison between pointer and zero ('const unsigned char *' and 'int') + if(fdht->base>0){ + ~~~~~~~~~~^~ + +Signed-off-by: Khem Raj +--- + src/hash.cpp | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/src/hash.cpp ++++ b/src/hash.cpp +@@ -279,7 +279,7 @@ void file_data_hasher_t::hash() + MAP_FILE| + #endif + MAP_SHARED,fd,0); +- if(fdht->base>0){ ++ if(fdht->base != (void *) -1){ + /* mmap is successful, so set the bounds. + * if it is not successful, we default to reading the fd + */ diff --git a/utils/lxc/Makefile b/utils/lxc/Makefile index 7cdc8abe2b..2713eaf267 100644 --- a/utils/lxc/Makefile +++ b/utils/lxc/Makefile @@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=lxc PKG_VERSION:=4.0.5 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://linuxcontainers.org/downloads/lxc/ diff --git a/utils/lxc/patches/040-gpg.patch b/utils/lxc/patches/040-gpg.patch new file mode 100644 index 0000000000..a08c8b8b09 --- /dev/null +++ b/utils/lxc/patches/040-gpg.patch @@ -0,0 +1,29 @@ +From 3efa0cf3455cbe330b4e79a647a57ad8e9cf3476 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?St=C3=A9phane=20Graber?= +Date: Sun, 27 Jun 2021 23:42:52 -0400 +Subject: [PATCH] lxc-download: Switch GPG server +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Stéphane Graber +--- + templates/lxc-download.in | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/templates/lxc-download.in ++++ b/templates/lxc-download.in +@@ -55,11 +55,11 @@ LXC_PATH= + LXC_ROOTFS= + + if [ -z "${DOWNLOAD_KEYSERVER:-}" ]; then +- DOWNLOAD_KEYSERVER="hkp://pool.sks-keyservers.net" ++ DOWNLOAD_KEYSERVER="hkp://keyserver.ubuntu.com" + + # Deal with GPG over http proxy + if [ -n "${http_proxy:-}" ]; then +- DOWNLOAD_KEYSERVER="hkp://p80.pool.sks-keyservers.net:80" ++ DOWNLOAD_KEYSERVER="hkp://keyserver.ubuntu.com:80" + DOWNLOAD_GPG_PROXY="--keyserver-options http-proxy=\"${http_proxy}\"" + fi + fi diff --git a/utils/minicom/Makefile b/utils/minicom/Makefile index f216501913..bc40b4e05e 100644 --- a/utils/minicom/Makefile +++ b/utils/minicom/Makefile @@ -8,15 +8,15 @@ include $(TOPDIR)/rules.mk PKG_NAME:=minicom -PKG_VERSION:=2.7.1 -PKG_RELEASE:=2 +PKG_VERSION:=2.8 +PKG_RELEASE:=$(AUTORELEASE) -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=https://alioth.debian.org/frs/download.php/file/4215 -PKG_HASH:=532f836b7a677eb0cb1dca8d70302b73729c3d30df26d58368d712e5cca041f1 +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 +PKG_SOURCE_URL:=https://salsa.debian.org/minicom-team/minicom/-/archive/$(PKG_VERSION) +PKG_HASH:=38cea30913a20349326ff3f1763ee1512b7b41601c24f065f365e18e9db0beba PKG_MAINTAINER:=Álvaro Fernández Rojas -PKG_LICENSE:=GPL-2.0 +PKG_LICENSE:=GPL-2.0-or-later PKG_LICENSE_FILES:=COPYING PKG_CPE_ID:=cpe:/a:minicom:minicom @@ -30,7 +30,7 @@ define Package/minicom CATEGORY:=Utilities DEPENDS:=$(ICONV_DEPENDS) $(INTL_DEPENDS) +libncurses TITLE:=Terminal emulation program - URL:=http://alioth.debian.org/projects/minicom/ + URL:=https://salsa.debian.org/minicom-team/minicom SUBMENU:=Terminal endef diff --git a/utils/minicom/patches/100-fix_iconv_include.patch b/utils/minicom/patches/100-fix_iconv_include.patch deleted file mode 100644 index 88190faae4..0000000000 --- a/utils/minicom/patches/100-fix_iconv_include.patch +++ /dev/null @@ -1,12 +0,0 @@ ---- a/src/minicom.c -+++ b/src/minicom.c -@@ -31,7 +31,9 @@ - #include - #include - #include -+#ifdef HAVE_ICONV - #include -+#endif - #include - - #define EXTERN diff --git a/utils/minicom/patches/101-fix_music_includes.patch b/utils/minicom/patches/101-fix_music_includes.patch deleted file mode 100644 index a74d1233d9..0000000000 --- a/utils/minicom/patches/101-fix_music_includes.patch +++ /dev/null @@ -1,14 +0,0 @@ ---- a/src/dial.c -+++ b/src/dial.c -@@ -39,11 +39,9 @@ - #include "intl.h" - - #ifdef VC_MUSIC --# if defined(__GLIBC__) - # include - # include - # include --# endif - #endif - - enum { CURRENT_VERSION = 6 }; diff --git a/utils/minicom/patches/102-fix_musl_compatibility.patch b/utils/minicom/patches/102-fix_musl_compatibility.patch deleted file mode 100644 index 4524b22d8e..0000000000 --- a/utils/minicom/patches/102-fix_musl_compatibility.patch +++ /dev/null @@ -1,13 +0,0 @@ ---- a/src/getsdir.h -+++ b/src/getsdir.h -@@ -24,6 +24,10 @@ - - #include - -+#ifndef MAXNAMLEN -+#define MAXNAMLEN 255 -+#endif -+ - typedef struct dirEntry { /* structure of data item */ - char fname[MAXNAMLEN + 1]; /* filename + terminating null */ - time_t time; /* last modification date */ diff --git a/utils/minicom/patches/110-reproducible-builds.patch b/utils/minicom/patches/110-reproducible-builds.patch index 1302f5b815..82aaa13556 100644 --- a/utils/minicom/patches/110-reproducible-builds.patch +++ b/utils/minicom/patches/110-reproducible-builds.patch @@ -1,15 +1,15 @@ --- a/src/minicom.c +++ b/src/minicom.c -@@ -1161,7 +1161,7 @@ int main(int argc, char **argv) +@@ -1248,7 +1248,7 @@ int main(int argc, char **argv) switch(c) { - case 'v': - printf(_("%s version %s"), PACKAGE, VERSION); + case 'v': + printf(_("%s version %s"), PACKAGE, VERSION); -#ifdef __DATE__ -+#if 0 - printf(_(" (compiled %s)"), __DATE__); ++#if 0 + printf(_(" (compiled %s)"), __DATE__); #endif - printf("\n"); -@@ -1464,7 +1464,7 @@ int main(int argc, char **argv) + printf("\n"); +@@ -1580,7 +1580,7 @@ int main(int argc, char **argv) mc_wprintf(us, "\n%s %s\r\n", _("Welcome to minicom"), VERSION); mc_wprintf(us, "\n%s: %s\r\n", _("OPTIONS"), option_string); diff --git a/utils/minicom/patches/200-gcc10.patch b/utils/minicom/patches/200-gcc10.patch deleted file mode 100644 index 987e16e1a3..0000000000 --- a/utils/minicom/patches/200-gcc10.patch +++ /dev/null @@ -1,30 +0,0 @@ ---- a/src/minicom.h -+++ b/src/minicom.h -@@ -109,13 +109,13 @@ EXTERN char *dial_tty; /* tty to use - - EXTERN char *dial_name; /* System we're conneced to */ - EXTERN char *dial_number; /* Number we've dialed. */ --EXTERN char *dial_user; /* Our username there */ --EXTERN char *dial_pass; /* Our password */ -+extern char *dial_user; /* Our username there */ -+extern char *dial_pass; /* Our password */ - - #ifdef USE_SOCKET --EXTERN int portfd_is_socket; /* File descriptor is a unix socket */ --EXTERN int portfd_is_connected; /* 1 if the socket is connected */ --EXTERN struct sockaddr_un portfd_sock_addr; /* the unix socket address */ -+extern int portfd_is_socket; /* File descriptor is a unix socket */ -+extern int portfd_is_connected; /* 1 if the socket is connected */ -+extern struct sockaddr_un portfd_sock_addr; /* the unix socket address */ - #define portfd_connected ((portfd_is_socket && !portfd_is_connected) \ - ? -1 : portfd) - #else -@@ -141,7 +141,7 @@ EXTERN int sbcolor; /* Status Bar Ba - EXTERN int st_attr; /* Status Bar attributes. */ - - /* jl 04.09.97 conversion tables */ --EXTERN unsigned char vt_outmap[256], vt_inmap[256]; -+extern unsigned char vt_outmap[256], vt_inmap[256]; - - /* MARK updated 02/17/95 - history buffer */ - EXTERN int num_hist_lines; /* History buffer size */ diff --git a/utils/prometheus-node-exporter-lua/Makefile b/utils/prometheus-node-exporter-lua/Makefile index 6d757a2ee5..fb3fa682f7 100644 --- a/utils/prometheus-node-exporter-lua/Makefile +++ b/utils/prometheus-node-exporter-lua/Makefile @@ -4,7 +4,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=prometheus-node-exporter-lua -PKG_VERSION:=2021.07.04 +PKG_VERSION:=2021.07.24 PKG_RELEASE:=1 PKG_MAINTAINER:=Etienne CHAMPETIER diff --git a/utils/prometheus-node-exporter-lua/files/usr/lib/lua/prometheus-collectors/hostapd_stations.lua b/utils/prometheus-node-exporter-lua/files/usr/lib/lua/prometheus-collectors/hostapd_stations.lua index a3e6c331a2..a176b02e8c 100644 --- a/utils/prometheus-node-exporter-lua/files/usr/lib/lua/prometheus-collectors/hostapd_stations.lua +++ b/utils/prometheus-node-exporter-lua/files/usr/lib/lua/prometheus-collectors/hostapd_stations.lua @@ -16,23 +16,29 @@ local function get_wifi_interface_labels() handle:close() local hostapd = {} + local bss_idx = -1 for line in hostapd_status:gmatch("[^\r\n]+") do local name, value = string.match(line, "(.+)=(.+)") - if name == "phy" then - hostapd["vif"] = value elseif name == "freq" then hostapd["freq"] = value elseif name == "channel" then hostapd["channel"] = value - elseif name == "bssid[0]" then - hostapd["bssid"] = value - elseif name == "ssid[0]" then - hostapd["ssid"] = value + -- hostapd gives us all bss on the relevant phy, find the one we're interested in + elseif string.match(name, "bss%[%d%]") then + if value == cfg['ifname'] then + bss_idx = tonumber(string.match(name, "bss%[(%d)%]")) + end + elseif bss_idx >= 0 then + if name == "bssid[" .. bss_idx .. "]" then + hostapd["bssid"] = value + elseif name == "ssid[" .. bss_idx .. "]" then + hostapd["ssid"] = value + end end end local labels = { - vif = hostapd['vif'], + vif = cfg['ifname'], ssid = hostapd['ssid'], bssid = hostapd['bssid'], encryption = cfg['encryption'], -- In a mixed scenario it would be good to know if A or B was used diff --git a/utils/rrdtool1/Makefile b/utils/rrdtool1/Makefile index a031c17d56..171c9b3f39 100644 --- a/utils/rrdtool1/Makefile +++ b/utils/rrdtool1/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=rrdtool1 PKG_VERSION:=1.0.50 -PKG_RELEASE:=3 +PKG_RELEASE:=4 PKG_BUILD_DIR:=$(BUILD_DIR)/rrdtool-$(PKG_VERSION) PKG_SOURCE:=rrdtool-$(PKG_VERSION).tar.gz diff --git a/utils/rrdtool1/patches/050-no-doc.patch b/utils/rrdtool1/patches/050-no-doc.patch new file mode 100644 index 0000000000..5d450ac0d3 --- /dev/null +++ b/utils/rrdtool1/patches/050-no-doc.patch @@ -0,0 +1,11 @@ +--- a/Makefile.am ++++ b/Makefile.am +@@ -17,7 +17,7 @@ endif + + # build the following subdirectories + SUBDIRS = cgilib-0.4 gd1.3 $(SUBDIRS_1) $(SUBDIRS_2) \ +- src doc examples contrib tcl ++ src examples contrib tcl + + # the following files are not mentioned in any other Makefile + # LWT 24Jul03 - removed redundant spec file listed diff --git a/utils/sane-backends/Makefile b/utils/sane-backends/Makefile index 214e2269d6..82acefcb25 100644 --- a/utils/sane-backends/Makefile +++ b/utils/sane-backends/Makefile @@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=sane-backends PKG_VERSION:=1.0.32 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://gitlab.com/sane-project/backends/uploads/104f09c07d35519cc8e72e604f11643f @@ -187,19 +187,19 @@ CONFIGURE_VARS += \ ac_cv_func_mmap_fixed_mapped="yes" define Build/Configure - mkdir -p $(PKG_BUILD_DIR)/backend/.libs + $(INSTALL_DIR) $(PKG_BUILD_DIR)/backend/.libs $(Build/Configure/Default) endef define Build/Install $(call Build/Install/Default) - mkdir -p $(PKG_INSTALL_DIR)/usr/share/sane - $(foreach file, $(filter-out %/unsupported.desc ,$(wildcard $(PKG_BUILD_DIR)/doc/descriptions/*.desc)), - sed -rn -e '/^:usbid[[:blank:]]+"?0x(....)"?[[:blank:]]+"?0x(....)"?.*/{s//\1 \2/;p}' $(file) | \ - sort -u > $(PKG_INSTALL_DIR)/usr/share/sane/$(basename $(notdir $(file))).usbid; \ - awk '{ print $$$$2 > "$(PKG_INSTALL_DIR)/usr/share/sane/"$$$$1"-$(basename $(notdir $(file))).usbid" }' \ - $(PKG_INSTALL_DIR)/usr/share/sane/$(basename $(notdir $(file))).usbid ; - ) + $(INSTALL_DIR) $(PKG_INSTALL_DIR)/usr/share/sane + cd $(PKG_BUILD_DIR)/doc/descriptions && for file in *.desc; do \ + sed -rn -e '/^:usbid[[:blank:]]+"?0x(....)"?[[:blank:]]+"?0x(....)"?.*/{s//\1 \2/;p}' $$$$file | \ + sort -u > $(PKG_INSTALL_DIR)/usr/share/sane/$$$${file/\.desc/}.usbid; \ + awk -v path=$(PKG_INSTALL_DIR)/usr/share/sane -v file=$$$${file/\.desc/}.usbid '{ print $$$$2 > path"/"$$$$1"-"file }' \ + $(PKG_INSTALL_DIR)/usr/share/sane/$$$${file/\.desc/}.usbid ; \ + done endef define Package/libsane/install @@ -207,8 +207,7 @@ define Package/libsane/install $(CP) $(PKG_INSTALL_DIR)/usr/lib/libsane.so.* $(1)/usr/lib/ $(CP) $(PKG_INSTALL_DIR)/usr/lib/sane/libsane-dll.so.* $(1)/usr/lib/sane/ $(INSTALL_DIR) $(1)/etc/sane.d/dll.d - $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/sane.d/dll.conf $(1)/etc/sane.d/ - chmod 0644 $(1)/etc/sane.d/dll.conf + $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/sane.d/dll.conf $(1)/etc/sane.d/ endef define Package/libsane/conffiles @@ -217,14 +216,13 @@ endef define Package/sane-daemon/install $(INSTALL_DIR) $(1)/etc/sane.d - $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/sane.d/saned.conf $(1)/etc/sane.d/ - chmod 0644 $(1)/etc/sane.d/saned.conf + $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/sane.d/saned.conf $(1)/etc/sane.d/ $(INSTALL_DIR) $(1)/usr/sbin $(INSTALL_BIN) ./files/saned.sbin $(1)/usr/sbin/saned $(INSTALL_DIR) $(1)/usr/lib/sane/ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/saned $(1)/usr/lib/sane/saned $(INSTALL_DIR) $(1)/etc/xinetd.d - $(INSTALL_CONF) ./files/saned.xinetd $(1)/etc/xinetd.d/sane-port + $(INSTALL_DATA) ./files/saned.xinetd $(1)/etc/xinetd.d/sane-port $(INSTALL_DIR) $(1)/etc/hotplug.d/usb/ $(INSTALL_BIN) ./files/saned.hotplug $(1)/etc/hotplug.d/usb/20-saned endef @@ -274,8 +272,7 @@ This package contains the SANE backend for $(2). define Package/sane-$(1)/install if [ -f "$(PKG_INSTALL_DIR)/etc/sane.d/$(1).conf" ]; then \ $(INSTALL_DIR) $$(1)/etc/sane.d ; \ - $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/sane.d/$(1).conf $$(1)/etc/sane.d/ ; \ - chmod 0644 $$(1)/etc/sane.d/$(1).conf ; \ + $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/sane.d/$(1).conf $$(1)/etc/sane.d/ ; \ fi ; \ $(INSTALL_DIR) $$(1)/usr/lib/sane ; \ $(CP) $(PKG_INSTALL_DIR)/usr/lib/sane/libsane-$(1).so.* $$(1)/usr/lib/sane/ ; \ diff --git a/utils/spi-tools/Makefile b/utils/spi-tools/Makefile index 1019eba6f0..a60e27468d 100644 --- a/utils/spi-tools/Makefile +++ b/utils/spi-tools/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=spi-tools -PKG_VERSION:=0.8.7 +PKG_VERSION:=1.0.0 PKG_RELEASE:=$(AUTORELEASE) PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/cpb-/spi-tools/tar.gz/$(PKG_VERSION)? -PKG_HASH:=550f505cc5c34a50d5cd36c49c69b2709fca3f0be4f0777e3f96a45c1ffdbd79 +PKG_HASH:=5eb24670461dcf2c58471114dc69b5204dab1c0cc5053878f6de79503bd8cc9f PKG_MAINTAINER:=John Crispin PKG_LICENSE:=GPL-2.0-only diff --git a/utils/squashfs-tools/Makefile b/utils/squashfs-tools/Makefile index 687fc41343..2235d5e4b9 100644 --- a/utils/squashfs-tools/Makefile +++ b/utils/squashfs-tools/Makefile @@ -8,8 +8,8 @@ include $(TOPDIR)/rules.mk PKG_NAME:=squashfs-tools -PKG_VERSION:=4.4 -PKG_RELEASE:=3 +PKG_VERSION:=4.5 +PKG_RELEASE:=$(AUTORELEASE) PKG_LICENSE:=GPL-2.0-only PKG_LICENSE_FILES:=COPYING @@ -18,7 +18,7 @@ PKG_CPE_ID:=cpe:/a:phillip_lougher:squashfs PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/plougher/squashfs-tools/tar.gz/${PKG_VERSION}? -PKG_HASH:=a7fa4845e9908523c38d4acf92f8a41fdfcd19def41bd5090d7ad767a6dc75c3 +PKG_HASH:=b9e16188e6dc1857fe312633920f7d71cc36b0162eb50f3ecb1f0040f02edddd PKG_BUILD_PARALLEL:=1 include $(INCLUDE_DIR)/package.mk @@ -83,11 +83,13 @@ endef define Package/squashfs-tools-mksquashfs/install $(INSTALL_DIR) $(1)/usr/sbin $(INSTALL_BIN) $(PKG_BUILD_DIR)/squashfs-tools/mksquashfs $(1)/usr/sbin/mksquashfs + $(LN) mksquashfs $(1)/usr/sbin/sqfstar endef define Package/squashfs-tools-unsquashfs/install $(INSTALL_DIR) $(1)/usr/sbin $(INSTALL_BIN) $(PKG_BUILD_DIR)/squashfs-tools/unsquashfs $(1)/usr/sbin/unsquashfs + $(LN) unsquashfs $(1)/usr/sbin/sqfscat endef $(eval $(call BuildPackage,squashfs-tools-mksquashfs)) diff --git a/utils/squashfs-tools/patches/010-gcc10.patch b/utils/squashfs-tools/patches/010-gcc10.patch deleted file mode 100644 index bbd4909ba8..0000000000 --- a/utils/squashfs-tools/patches/010-gcc10.patch +++ /dev/null @@ -1,41 +0,0 @@ -From fe2f5da4b0f8994169c53e84b7cb8a0feefc97b5 Mon Sep 17 00:00:00 2001 -From: Sergei Trofimovich -Date: Sun, 26 Jan 2020 18:35:13 +0000 -Subject: [PATCH] squashfs-tools: fix build failure against gcc-10 -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -On gcc-10 (and gcc-9 -fno-common) build fails as: - -``` -cc ... -o mksquashfs -ld: read_fs.o:(.bss+0x0): - multiple definition of `fwriter_buffer'; mksquashfs.o:(.bss+0x400c90): first defined here -ld: read_fs.o:(.bss+0x8): - multiple definition of `bwriter_buffer'; mksquashfs.o:(.bss+0x400c98): first defined here -``` - -gcc-10 will change the default from -fcommon to fno-common: -https://gcc.gnu.org/PR85678. - -The error also happens if CFLAGS=-fno-common passed explicitly. - -Reported-by: Toralf Förster -Bug: https://bugs.gentoo.org/706456 -Signed-off-by: Sergei Trofimovich ---- - squashfs-tools/mksquashfs.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - ---- a/squashfs-tools/mksquashfs.h -+++ b/squashfs-tools/mksquashfs.h -@@ -143,7 +143,7 @@ struct append_file { - #endif - - extern struct cache *reader_buffer, *fragment_buffer, *reserve_cache; --struct cache *bwriter_buffer, *fwriter_buffer; -+extern struct cache *bwriter_buffer, *fwriter_buffer; - extern struct queue *to_reader, *to_deflate, *to_writer, *from_writer, - *to_frag, *locked_fragment, *to_process_frag; - extern struct append_file **file_mapping; diff --git a/utils/telldus-core/Makefile b/utils/telldus-core/Makefile index 96d7dfc64e..70374ce1a0 100644 --- a/utils/telldus-core/Makefile +++ b/utils/telldus-core/Makefile @@ -7,7 +7,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=telldus-core PKG_VERSION:=2.1.2 -PKG_RELEASE:=6 +PKG_RELEASE:=7 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://download.telldus.com/TellStick/Software/telldus-core/ diff --git a/utils/telldus-core/patches/970-gcc11.patch b/utils/telldus-core/patches/970-gcc11.patch new file mode 100644 index 0000000000..a575647d7b --- /dev/null +++ b/utils/telldus-core/patches/970-gcc11.patch @@ -0,0 +1,33 @@ +--- a/service/SettingsConfuse.cpp ++++ b/service/SettingsConfuse.cpp +@@ -42,10 +42,10 @@ Settings::Settings(void) { + */ + Settings::~Settings(void) { + TelldusCore::MutexLocker locker(&mutex); +- if (d->cfg > 0) { ++ if (d->cfg) { + cfg_free(d->cfg); + } +- if (d->var_cfg > 0) { ++ if (d->var_cfg) { + cfg_free(d->var_cfg); + } + delete d; +@@ -56,7 +56,7 @@ Settings::~Settings(void) { + */ + std::wstring Settings::getSetting(const std::wstring &strName) const { + TelldusCore::MutexLocker locker(&mutex); +- if (d->cfg > 0) { ++ if (d->cfg) { + std::string setting(cfg_getstr(d->cfg, TelldusCore::wideToString(strName).c_str())); + return TelldusCore::charToWstring(setting.c_str()); + } +@@ -68,7 +68,7 @@ std::wstring Settings::getSetting(const + */ + int Settings::getNumberOfNodes(Node node) const { + TelldusCore::MutexLocker locker(&mutex); +- if (d->cfg > 0) { ++ if (d->cfg) { + if (node == Device) { + return cfg_size(d->cfg, "device"); + } else if (node == Controller) { diff --git a/utils/uvol/Makefile b/utils/uvol/Makefile index f470e51431..f929ba5154 100644 --- a/utils/uvol/Makefile +++ b/utils/uvol/Makefile @@ -1,7 +1,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=uvol -PKG_VERSION:=0.2 +PKG_VERSION:=0.3 PKG_RELEASE:=$(AUTORELEASE) PKG_MAINTAINER:=Daniel Golle @@ -28,6 +28,7 @@ define Package/uvol CATEGORY:=Utilities SUBMENU:=Disc TITLE:=OpenWrt UBI/LVM volume abstraction + DEPENDS:=+blockd PKGARCH=all endef @@ -63,8 +64,9 @@ define Package/autopart/install endef define Package/uvol/install - $(INSTALL_DIR) $(1)/etc/init.d $(1)/usr/libexec/uvol $(1)/usr/sbin + $(INSTALL_DIR) $(1)/etc/init.d $(1)/usr/libexec/uvol $(1)/usr/sbin $(1)/lib/functions $(INSTALL_BIN) ./files/uvol.init $(1)/etc/init.d/uvol + $(INSTALL_BIN) ./files/common.sh $(1)/lib/functions/uvol.sh $(INSTALL_BIN) ./files/ubi.sh $(1)/usr/libexec/uvol/20-ubi.sh $(INSTALL_BIN) ./files/lvm.sh $(1)/usr/libexec/uvol/50-lvm.sh $(INSTALL_BIN) ./files/uvol $(1)/usr/sbin diff --git a/utils/uvol/files/autopart.defaults b/utils/uvol/files/autopart.defaults index 0df2829c67..870cd44156 100644 --- a/utils/uvol/files/autopart.defaults +++ b/utils/uvol/files/autopart.defaults @@ -6,27 +6,52 @@ OWRT_VOLUMES=owrt-volumes +load_partitions() { + local dev="$1" + json_init + json_load "$(sfdisk -J "$dev" 2>/dev/null)" + json_select "partitiontable" || return 1 + return 0 +} get_partition_by_name_gpt() { - local dev="$1" - local part parts node name - json_load "$(sfdisk -J "/dev/$dev" 2>/dev/null)" - json_select "partitiontable" || return + local label part parts node name + json_get_vars label + [ "$label" = "gpt" ] || return json_select "partitions" || return json_get_keys parts for part in $parts; do json_select "$part" json_get_vars node name - if [ "$2" = "$name" ]; then + if [ "$1" = "$name" ]; then echo "$node" break fi json_select .. done + json_select .. +} + +get_partition_by_type_mbr() { + local label part parts node type + json_get_vars label + [ "$label" = "dos" ] || return + json_select "partitions" || return + json_get_keys parts + for part in $parts; do + json_select "$part" + json_get_vars node type + if [ "$1" = "$type" ]; then + echo "$node" + break + fi + json_select .. + done + json_select .. } part_fixup() { - echo "write" | sfdisk --force -q -w never "$1" + echo "write" | sfdisk --force -q -w never "$1" 1>/dev/null 2>/dev/null } get_free_area() { @@ -60,7 +85,7 @@ create_lvm_part() { freepart="$(get_free_area "$disk")" if [ "$freepart" ]; then - echo "$freepart, type=lvm, name=$OWRT_VOLUMES" | sfdisk --force -w never -a "$disk" + echo "$freepart, type=lvm, name=$OWRT_VOLUMES" | sfdisk --force -w never -a "$disk" || return 1 partx -a "$disk" 1>/dev/null 2>/dev/null || true return 0 else @@ -87,11 +112,14 @@ autopart_init() { [ -e "/sys/class/block/$diskdev/device/cid" ] && diskserial="$diskserial$(cat "/sys/class/block/$diskdev/device/cid")" [ "$diskserial" ] || diskserial="$(cat /proc/sys/kernel/random/uuid)" diskhash="$(echo "$diskserial" | sha256sum | cut -d' ' -f1)" + part_fixup "/dev/$diskdev" create_lvm_part "/dev/$diskdev" || return - lvmpart="$(get_partition_by_name_gpt "$diskdev" "$OWRT_VOLUMES")" - + load_partitions "/dev/$diskdev" || return + lvmpart="$(get_partition_by_name_gpt "$OWRT_VOLUMES")" + [ "$lvmpart" ] || lvmpart="$(get_partition_by_type_mbr "8e")" [ "$lvmpart" ] || return + lvm_init "$lvmpart" "${OWRT_VOLUMES}-${diskhash:0:16}" } diff --git a/utils/uvol/files/common.sh b/utils/uvol/files/common.sh new file mode 100644 index 0000000000..0eee6d432f --- /dev/null +++ b/utils/uvol/files/common.sh @@ -0,0 +1,66 @@ +#!/bin/sh + +UCI_SPOOLDIR="/var/spool/uvol" + +_uvol_init_spooldir() { + [ ! -d "$(dirname "$UCI_SPOOLDIR")" ] && mkdir -p "$(dirname "$UCI_SPOOLDIR")" + mkdir -m 0700 -p "$UCI_SPOOLDIR" +} + +uvol_uci_add() { + local volname="$1" + local devname="$2" + local mode="$3" + local autofs uuid uciname + + uciname=${volname//-/_} + uuid="$(/sbin/block info | grep "^$2" | xargs -n 1 echo | grep "^UUID=.*")" + [ "$uuid" ] || return 22 + _uvol_init_spooldir + uuid="${uuid:5}" + autofs=0 + [ "$mode" = "ro" ] && autofs=1 + if [ -e "${UCI_SPOOLDIR}/remove-$1" ]; then + rm "${UCI_SPOOLDIR}/remove-$1" + fi + + cat >"${UCI_SPOOLDIR}/add-$1" <"${UCI_SPOOLDIR}/remove-$1" </dev/null || return 1 . /lib/functions.sh +. /lib/functions/uvol.sh . /lib/upgrade/common.sh . /usr/share/libubox/jshn.sh @@ -146,9 +147,20 @@ exportlv() { } getdev() { + local dms dm_name + + for dms in /sys/devices/virtual/block/dm-* ; do + [ "$dms" = "/sys/devices/virtual/block/dm-*" ] && break + read -r dm_name < "$dms/dm/name" + [ $(basename "$lv_dm_path") = "$dm_name" ] && echo "$(basename "$dms")" + done +} + +getuserdev() { + local dms dm_name existvol "$1" || return 1 exportlv "$1" - echo "$lv_dm_path" + getdev "$@" } getsize() { @@ -166,9 +178,9 @@ activatevol() { ;; *) [ "$lv_active" = "active" ] && return 0 - lvm_cmd lvchange -k n "$lv_full_name" || return $? + uvol_uci_commit "$1" lvm_cmd lvchange -a y "$lv_full_name" || return $? - ubus send block.volume "{\"name\": \"$1\", \"action\": \"up\", \"mode\": \"${lv_name:0:2}\", \"device\": \"$lv_dm_path\"}" + lvm_cmd lvchange -k n "$lv_full_name" || return $? return 0 ;; esac @@ -176,6 +188,7 @@ activatevol() { disactivatevol() { exportlv "$1" + local devname [ "$lv_path" ] || return 2 case "$lv_path" in /dev/*/wo_*|\ @@ -184,9 +197,10 @@ disactivatevol() { ;; *) [ "$lv_active" = "active" ] || return 0 - lvm_cmd lvchange -a n "$lv_full_name" || return $? + devname="$(getdev "$1")" + [ "$devname" ] && /sbin/block umount "$devname" + lvm_cmd lvchange -a n "$lv_full_name" lvm_cmd lvchange -k y "$lv_full_name" || return $? - ubus send block.volume "{\"name\": \"$1\", \"action\": \"down\", \"mode\": \"${lv_name:0:2}\", \"device\": \"$lv_dm_path\"}" return 0 ;; esac @@ -222,32 +236,41 @@ createvol() { ;; esac - lvm_cmd lvcreate -p "$lvmode" -a n -y -W n -Z n -n "${mode}_$1" -l "$size_ext" "$vg_name" + lvm_cmd lvcreate -p "$lvmode" -a n -y -W n -Z n -n "${mode}_$1" -l "$size_ext" "$vg_name" || return $? ret=$? if [ ! $ret -eq 0 ] || [ "$lvmode" = "r" ]; then return $ret fi exportlv "$1" [ "$lv_full_name" ] || return 22 - lvm_cmd lvchange -a y "$lv_full_name" || return 1 + lvm_cmd lvchange -a y "$lv_full_name" || return $? if [ "$lv_size" -gt $(( 100 * 1024 * 1024 )) ]; then mkfs.f2fs -f -l "$1" "$lv_path" ret=$? - [ $ret != 0 ] && [ $ret != 134 ] && return 1 + [ $ret != 0 ] && [ $ret != 134 ] && { + lvm_cmd lvchange -a n "$lv_full_name" || return $? + return $ret + } else - mke2fs -F -L "$1" "$lv_path" || return 1 + mke2fs -F -L "$1" "$lv_path" || { + ret=$? + lvm_cmd lvchange -a n "$lv_full_name" || return $? + return $ret + } fi - lvm_cmd lvrename "$vg_name" "wp_$1" "rw_$1" - exportlv "$1" - ubus send block.volume "{\"name\": \"$1\", \"action\": \"up\", \"mode\": \"${lv_name:0:2}\", \"device\": \"$lv_dm_path\"}" + uvol_uci_add "$1" "/dev/$(getdev "$1")" "rw" + lvm_cmd lvchange -a n "$lv_full_name" || return $? + lvm_cmd lvrename "$vg_name" "wp_$1" "rw_$1" || return $? return 0 } removevol() { exportlv "$1" [ "$lv_full_name" ] || return 2 - lvm_cmd lvremove -y "$lv_full_name" - ubus send block.volume "{\"name\": \"$1\", \"action\": \"down\", \"mode\": \"${lv_name:0:2}\", \"device\": \"$lv_dm_path\"}" + [ "$lv_active" = "active" ] && return 16 + lvm_cmd lvremove -y "$lv_full_name" || return $? + uvol_uci_remove "$1" + uvol_uci_commit "$1" } updatevol() { @@ -256,11 +279,13 @@ updatevol() { [ "$lv_size" -ge "$2" ] || return 27 case "$lv_path" in /dev/*/wo_*) - lvm_cmd lvchange -a y -p rw "$lv_full_name" + lvm_cmd lvchange -p rw "$lv_full_name" || return $? + lvm_cmd lvchange -a y "$lv_full_name" || return $? dd of="$lv_path" - lvm_cmd lvchange -p r "$lv_full_name" - lvm_cmd lvrename "$lv_full_name" "${lv_full_name%%/*}/ro_$1" - ubus send block.volume "{\"name\": \"$1\", \"action\": \"up\", \"mode\": \"ro\", \"device\": \"$(getdev "$@")\"}" + uvol_uci_add "$1" "/dev/$(getdev "$1")" "ro" + lvm_cmd lvchange -a n "$lv_full_name" || return $? + lvm_cmd lvchange -p r "$lv_full_name" || return $? + lvm_cmd lvrename "$lv_full_name" "${lv_full_name%%/*}/ro_$1" || return $? return 0 ;; default) @@ -309,7 +334,6 @@ boot() { json_get_vars lv_name lv_dm_path lv_mode="${lv_name:0:2}" lv_name="${lv_name:3}" - ubus send block.volume "{\"name\": \"$lv_name\", \"action\": \"up\", \"mode\": \"$lv_mode\", \"device\": \"$lv_dm_path\"}" json_select .. done json_select .. @@ -343,7 +367,7 @@ case "$cmd" in removevol "$@" ;; device) - getdev "$@" + getuserdev "$@" ;; size) getsize "$@" diff --git a/utils/uvol/files/ubi.sh b/utils/uvol/files/ubi.sh index 0664ce9350..0a43224fbb 100644 --- a/utils/uvol/files/ubi.sh +++ b/utils/uvol/files/ubi.sh @@ -17,6 +17,8 @@ ubidev=$(ls -1 /sys/devices/virtual/ubi | head -n 1) read -r ebsize < "/sys/devices/virtual/ubi/${ubidev}/eraseblock_size" +. /lib/functions/uvol.sh + freebytes() { read -r availeb < "/sys/devices/virtual/ubi/${ubidev}/avail_eraseblocks" echo $((availeb * ebsize)) @@ -87,9 +89,10 @@ getuserdev() { mkubifs() { local tmp_mp tmp_mp="$(mktemp -d)" - mount -t ubifs "$1" "$tmp_mp" - umount "$tmp_mp" - rmdir "$tmp_mp" + mount -t ubifs "$1" "$tmp_mp" || return $? + umount "$tmp_mp" || return $? + rmdir "$tmp_mp" || return $? + return 0 } createvol() { @@ -107,29 +110,33 @@ createvol() { return 22 ;; esac - ubimkvol "/dev/$ubidev" -N "uvol-$mode-$1" -s "$2" + ubimkvol "/dev/$ubidev" -N "uvol-$mode-$1" -s "$2" || return $? ret=$? [ $ret -eq 0 ] || return $ret voldev="$(getdev "$@")" - ubiupdatevol -t "/dev/$voldev" + ubiupdatevol -t "/dev/$voldev" || return $? [ "$mode" = "wp" ] || return 0 - mkubifs "/dev/$voldev" - ubirename "/dev/$ubidev" "uvol-wp-$1" "uvol-rw-$1" - ubus send block.volume "{\"name\": \"$1\", \"action\": \"up\", \"mode\": \"rw\", \"fstype\": \"ubifs\", \"device\": \"/dev/$voldev\"}" + mkubifs "/dev/$voldev" || return $? + uvol_uci_add "$1" "/dev/$voldev" "rw" + ubirename "/dev/$ubidev" "uvol-wp-$1" "uvol-wd-$1" || return $? } removevol() { - local voldev evdata + local voldev volnum voldev=$(getdev "$@") [ "$voldev" ] || return 2 - if vol_is_mode "$voldev" rw ; then - evdata="{\"name\": \"$1\", \"action\": \"down\", \"device\": \"/dev/$voldev\"}" - elif vol_is_mode "$voldev" ro && [ -e "/dev/ubiblock${voldev:3}" ]; then - evdata="{\"name\": \"$1\", \"action\": \"down\", \"device\": \"/dev/ubiblock${voldev:3}\"}" - fi - local volnum="${voldev#${ubidev}_}" + vol_is_mode "$voldev" rw && return 16 + vol_is_mode "$voldev" ro && return 16 + volnum="${voldev#${ubidev}_}" ubirmvol "/dev/$ubidev" -n "$volnum" || return $? - [ "$evdata" ] && ubus send block.volume "$evdata" + uvol_uci_remove "$1" + uvol_uci_commit "$1" +} + +block_hotplug() { + export ACTION="$1" + export DEVNAME="$2" + /sbin/block hotplug } activatevol() { @@ -137,16 +144,17 @@ activatevol() { voldev="$(getdev "$@")" [ "$voldev" ] || return 2 vol_is_mode "$voldev" rw && return 0 + vol_is_mode "$voldev" ro && return 0 vol_is_mode "$voldev" wo && return 22 vol_is_mode "$voldev" wp && return 16 - if vol_is_mode "$voldev" ro; then - [ -e "/dev/ubiblock${voldev:3}" ] && return 0 - ubiblock --create "/dev/$voldev" - ubus send block.volume "{\"name\": \"$1\", \"action\": \"up\", \"mode\": \"ro\", \"device\": \"/dev/ubiblock${voldev:3}\"}" + uvol_uci_commit "$1" + if vol_is_mode "$voldev" rd; then + ubirename "/dev/$ubidev" "uvol-rd-$1" "uvol-ro-$1" || return $? + ubiblock --create "/dev/$voldev" || return $? return 0 elif vol_is_mode "$voldev" wd; then - ubirename "/dev/$ubidev" "uvol-wd-$1" "uvol-rw-$1" - ubus send block.volume "{\"name\": \"$1\", \"action\": \"up\", \"mode\": \"rw\", \"fstype\": \"ubifs\", \"device\": \"/dev/$voldev\"}" + ubirename "/dev/$ubidev" "uvol-wd-$1" "uvol-rw-$1" || return $? + block_hotplug add "$voldev" return 0 fi } @@ -155,16 +163,19 @@ disactivatevol() { local voldev voldev="$(getdev "$@")" [ "$voldev" ] || return 2 + vol_is_mode "$voldev" rd && return 0 + vol_is_mode "$voldev" wd && return 0 vol_is_mode "$voldev" wo && return 22 vol_is_mode "$voldev" wp && return 16 if vol_is_mode "$voldev" ro; then - [ -e "/dev/ubiblock${voldev:3}" ] || return 0 - ubiblock --remove "/dev/$voldev" || return $? - ubus send block.volume "{\"name\": \"$1\", \"action\": \"down\", \"mode\": \"ro\", \"device\": \"/dev/ubiblock${voldev:3}\"}" + /sbin/block umount "ubiblock${voldev:3}" + ubiblock --remove "/dev/$voldev" + ubirename "/dev/$ubidev" "uvol-ro-$1" "uvol-rd-$1" || return $? return 0 elif vol_is_mode "$voldev" rw; then + /sbin/block umount "$voldev" ubirename "/dev/$ubidev" "uvol-rw-$1" "uvol-wd-$1" || return $? - ubus send block.volume "{\"name\": \"$1\", \"action\": \"down\", \"mode\": \"rw\", \"device\": \"/dev/$voldev\"}" + block_hotplug remove "$voldev" return 0 fi } @@ -176,9 +187,10 @@ updatevol() { [ "$2" ] || return 22 vol_is_mode "$voldev" wo || return 22 ubiupdatevol -s "$2" "/dev/$voldev" - - ubirename "/dev/$ubidev" "uvol-wo-$1" "uvol-ro-$1" ubiblock --create "/dev/$voldev" - ubus send block.volume "{\"name\": \"$1\", \"action\": \"up\", \"mode\": \"ro\", \"device\": \"/dev/ubiblock${voldev:3}\"}" + uvol_uci_add "$1" "/dev/ubiblock${voldev:3}" "ro" + ubiblock --remove "/dev/$voldev" + ubirename "/dev/$ubidev" "uvol-wo-$1" "uvol-rd-$1" } listvols() { @@ -207,12 +219,7 @@ bootvols() { fstype= case "$volname" in uvol-ro-*) - voldev="/dev/ubiblock${voldev:3}" - ubiblock --create "/dev/$voldev" - ;; - uvol-rw-*) - voldev="/dev/$voldev" - fstype="ubifs" + ubiblock --create "/dev/$voldev" || return $? ;; *) continue @@ -220,7 +227,6 @@ bootvols() { esac volmode="${volname:5:2}" volname="${volname:8}" - ubus send block.volume "{\"name\": \"$volname\", \"action\": \"up\", \"mode\": \"$volmode\",${fstype:+ \"fstype\": \"$fstype\", }\"device\": \"$voldev\"}" done } diff --git a/utils/uvol/files/uvol.init b/utils/uvol/files/uvol.init index 7c290d7323..1f6e2aac08 100644 --- a/utils/uvol/files/uvol.init +++ b/utils/uvol/files/uvol.init @@ -6,7 +6,7 @@ NAME=uvol PROG=/usr/sbin/uvol start_service() { - [ "${__BOOT_UVOL}" = "1" ] || return 0 + [ "${__BOOT_UVOL}" = "1" ] && return 0 procd_open_instance "$NAME" procd_set_param command "$PROG" boot procd_close_instance @@ -16,3 +16,8 @@ boot() { __BOOT_UVOL=1 start } + +service_triggers() { + procd_add_raw_trigger "mount.ready" 200 /etc/init.d/uvol start +} + diff --git a/utils/whois/Makefile b/utils/whois/Makefile index 9e16a02400..6bde91ca2f 100644 --- a/utils/whois/Makefile +++ b/utils/whois/Makefile @@ -19,7 +19,6 @@ PKG_INSTALL:=1 PKG_BUILD_PARALLEL:=1 include $(INCLUDE_DIR)/package.mk -include $(INCLUDE_DIR)/nls.mk define Package/whois SECTION:=utils diff --git a/utils/yara/Makefile b/utils/yara/Makefile index 9eae278c8d..87fc2432b2 100644 --- a/utils/yara/Makefile +++ b/utils/yara/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=yara -PKG_VERSION:=4.0.5 +PKG_VERSION:=4.1.1 PKG_RELEASE:=$(AUTORELEASE) PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/VirusTotal/yara/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=ea7ebefad05831faf6f780cab721611b0135803f03a84c27eeba7bfe0afc3aae +PKG_HASH:=5f85c69606fad5cdb42e8f8101c96f6962a4928667395d9471e5aaea961e9b1d PKG_MAINTAINER:=Marko Ratkaj PKG_LICENSE:=BSD-3-Clause diff --git a/utils/yara/patches/010-openssl.patch b/utils/yara/patches/010-openssl.patch deleted file mode 100644 index a54b0001a9..0000000000 --- a/utils/yara/patches/010-openssl.patch +++ /dev/null @@ -1,48 +0,0 @@ ---- a/libyara/include/yara/pe_utils.h -+++ b/libyara/include/yara/pe_utils.h -@@ -102,7 +102,7 @@ char *ord_lookup( - - #if HAVE_LIBCRYPTO - #include --time_t ASN1_get_time_t(ASN1_TIME* time); -+time_t ASN1_get_time_t(const ASN1_TIME* time); - #endif - - #endif ---- a/libyara/modules/pe/pe.c -+++ b/libyara/modules/pe/pe.c -@@ -44,8 +44,8 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBI - #endif - - #if OPENSSL_VERSION_NUMBER < 0x10100000L --#define X509_getm_notBefore X509_get_notBefore --#define X509_getm_notAfter X509_get_notAfter -+#define X509_get0_notBefore X509_get_notBefore -+#define X509_get0_notAfter X509_get_notAfter - #endif - #endif - -@@ -1433,10 +1433,10 @@ void _parse_pkcs7( - } - } - -- date_time = ASN1_get_time_t(X509_get_notBefore(cert)); -+ date_time = ASN1_get_time_t(X509_get0_notBefore(cert)); - set_integer(date_time, pe->object, "signatures[%i].not_before", *counter); - -- date_time = ASN1_get_time_t(X509_get_notAfter(cert)); -+ date_time = ASN1_get_time_t(X509_get0_notAfter(cert)); - set_integer(date_time, pe->object, "signatures[%i].not_after", *counter); - - (*counter)++; ---- a/libyara/modules/pe/pe_utils.c -+++ b/libyara/modules/pe/pe_utils.c -@@ -307,7 +307,7 @@ time_t timegm( - // and cleaned up. Also uses timegm(3) instead of mktime(3). - - time_t ASN1_get_time_t( -- ASN1_TIME* time) -+ const ASN1_TIME* time) - { - struct tm t; - const char* str = (const char*) time->data; diff --git a/utils/yq/Makefile b/utils/yq/Makefile index 8a1946d0a6..ceb26399bf 100644 --- a/utils/yq/Makefile +++ b/utils/yq/Makefile @@ -1,12 +1,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=yq -PKG_VERSION:=4.9.7 +PKG_VERSION:=4.11.2 PKG_RELEASE:=$(AUTORELEASE) PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/mikefarah/yq/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=1247e7f0de1f66367b1082c62ecf25e704994a34acc7d2280dac3a30052e2348 +PKG_HASH:=910f64ceceabed5f63550a29923c158612be94f2855b0d10fdb549d8ad826a5f PKG_MAINTAINER:=Tianling Shen PKG_LICENSE:=MIT