feed/packages.git
3 years agoap_config: remove accidentally added package
Daniel Golle [Sat, 10 Apr 2021 11:51:28 +0000 (12:51 +0100)]
ap_config: remove accidentally added package

Fixes: 312594f86 ("uvol: add new package")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agouvol: add new package
Daniel Golle [Sat, 10 Apr 2021 03:04:09 +0000 (04:04 +0100)]
uvol: add new package

uvol is a wrapper-script which allows automated handling of storage
volumes. uvol currently comes with backend support for LVM2 and UBI,
covering practically all options for storage large enough to be
managed (NAND, SPI-NAND, eMMC, SATA, NVME, virtio-blk, ...).

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agolvm2: don't use `-normal` suffix for non-SELinux variants
Daniel Golle [Sat, 10 Apr 2021 10:54:50 +0000 (11:54 +0100)]
lvm2: don't use `-normal` suffix for non-SELinux variants

This was probably a work-around for an issue with dependencies which
was fixed by
https://github.com/openwrt/openwrt/commit/988ed0080284903d1fe4851c5ae8f1238bc61da2

Remove it as all other packages with `-selinux` variants do provide
a non-SELinux-variant without any suffix and that works now, see
procd vs. procd-selinux
busybox vs. busybox-selinux

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agoadblock: fix games_tracking source url
Dirk Brenken [Fri, 9 Apr 2021 16:42:30 +0000 (18:42 +0200)]
adblock: fix games_tracking source url

Signed-off-by: Dirk Brenken <dev@brenken.org>
3 years agoautopart: use '-' to separate drive serial in volume name
Daniel Golle [Fri, 9 Apr 2021 16:33:21 +0000 (17:33 +0100)]
autopart: use '-' to separate drive serial in volume name

Instead of just appending the driver serial including the '0x' prefix,
use '-' prefix instead to make it more readable.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agolibuhttpd: Update to 3.11.0
Jianhui Zhao [Thu, 8 Apr 2021 06:58:57 +0000 (14:58 +0800)]
libuhttpd: Update to 3.11.0

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
3 years agoMerge pull request #6924 from derekyerger/strongswan-lattice-sha3
Philip Prindeville [Fri, 9 Apr 2021 04:26:56 +0000 (22:26 -0600)]
Merge pull request #6924 from derekyerger/strongswan-lattice-sha3

strongswan: add more crypto plugins

3 years agoMerge pull request #15353 from ja-pa/knot-resolver-5.3.1
Josef Schlehofer [Wed, 7 Apr 2021 12:17:57 +0000 (14:17 +0200)]
Merge pull request #15353 from ja-pa/knot-resolver-5.3.1

knot-resolver: update to version 5.3.1

3 years agoksmbd-tools: update to 3.3.8
Rosen Penev [Wed, 7 Apr 2021 04:50:36 +0000 (21:50 -0700)]
ksmbd-tools: update to 3.3.8

Major changes are:
  disable symlink by default.
  remove smack inherit leftovers.
  Enable guest access on IPC$ share by default.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agoksmbd-tools: Add a mDNS TXT record for the ksmbd service
Kirill Nikolaev [Mon, 5 Apr 2021 23:03:18 +0000 (01:03 +0200)]
ksmbd-tools: Add a mDNS TXT record for the ksmbd service

MacOS ignores Bonjour services for which TXT records are not returned. This changes forces umdns service to return a TXT record (`daemon=ksmbd`) for the ksmbd service. The exact content is unimportant and to the best of my knowledge nothing reads the `daemon` tag.

Symptoms of the problem (which are also debugging steps):
* Finder refuses to open the OpenWRT "computer" in the Network list.
* Discovery.app (Bonjour Browser) lists the _ssh._tcp service, but the submenu for it doesn't unfold and no address is shown.
* `dns-sd -L OpenWrt _smb._tcp` doesn't return any address.

Signed-off-by: Kirill Nikolaev <cyril7@gmail.com>
3 years agoksmbd: update to 3.3.8
Rosen Penev [Wed, 7 Apr 2021 04:48:16 +0000 (21:48 -0700)]
ksmbd: update to 3.3.8

Major changes are:
  clean-up codes using checkpatch --strict option.
  fix several warning and build failure from linux-next.
  change the minimum supported kernel version to v5.4.
  use xarray for tree connect list.
  fix reviews from lkml.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agoooniprobe: update to version 3.9.0
Jan Pavlinec [Tue, 6 Apr 2021 09:47:18 +0000 (11:47 +0200)]
ooniprobe: update to version 3.9.0

Remove getrescources call because it is no longer
required.

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
3 years agopython-pytest: update to version 6.2.3
Jan Pavlinec [Tue, 6 Apr 2021 10:00:28 +0000 (12:00 +0200)]
python-pytest: update to version 6.2.3

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
3 years agoMerge pull request #15235 from TDT-AG/pr/20210323-collectd-mod-ubi
Hannu Nyman [Wed, 7 Apr 2021 07:16:28 +0000 (10:16 +0300)]
Merge pull request #15235 from TDT-AG/pr/20210323-collectd-mod-ubi

collectd: add bad blocks percent calculation for ubi plugin

3 years agoMerge pull request #15359 from BKPepe/zeroconf
Josef Schlehofer [Tue, 6 Apr 2021 22:23:19 +0000 (00:23 +0200)]
Merge pull request #15359 from BKPepe/zeroconf

zeroconf: update to version 0.29.0

3 years agoMerge pull request #15358 from BKPepe/ytdl
Josef Schlehofer [Tue, 6 Apr 2021 22:23:08 +0000 (00:23 +0200)]
Merge pull request #15358 from BKPepe/ytdl

youtube-dl: update to version 2021.4.7

3 years agominisatip: add libdvbcsa support
Rosen Penev [Mon, 5 Apr 2021 02:31:56 +0000 (19:31 -0700)]
minisatip: add libdvbcsa support

Unconditionally enable with BUILD_PATENTED.

Simplify configure args.

Add missing PKG_CONFIG_DEPENDS

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agolualanes: build with CMake
Rosen Penev [Fri, 2 Apr 2021 23:22:34 +0000 (16:22 -0700)]
lualanes: build with CMake

Faster to compile.

Add license information.

Several cleanups for consistency between packages.

Small patch fix now that uClibc-ng is gone.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agozeroconf: update to version 0.29.0
Josef Schlehofer [Tue, 6 Apr 2021 20:48:19 +0000 (22:48 +0200)]
zeroconf: update to version 0.29.0

Update copyright in Makefile

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
3 years agoyoutube-dl: update to version 2021.4.7
Josef Schlehofer [Tue, 6 Apr 2021 20:45:06 +0000 (22:45 +0200)]
youtube-dl: update to version 2021.4.7

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
3 years agoknot-resolver: update to version 5.3.1
Jan Pavlinec [Tue, 6 Apr 2021 10:41:02 +0000 (12:41 +0200)]
knot-resolver: update to version 5.3.1

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
3 years agomosquitto: bump to 2.0.10
Karl Palsson [Tue, 6 Apr 2021 10:33:56 +0000 (10:33 +0000)]
mosquitto: bump to 2.0.10

This is a security fix, affecting 2.0.0 through to 2.0.9.  Mosquitto instances
could be remotely DoS'd by authenticated clients.

Release notes at: https://github.com/eclipse/mosquitto/blob/v2.0.10/ChangeLog.txt
CVE number has not yet been assigned.

Signed-off-by: Karl Palsson <karlp@etactica.com>
3 years agohaproxy: Update HAProxy to v2.2.13
Christian Lachner [Tue, 6 Apr 2021 05:46:03 +0000 (07:46 +0200)]
haproxy: Update HAProxy to v2.2.13

- Update haproxy download URL and hash

Signed-off-by: Christian Lachner <gladiac@gmail.com>
3 years agoMerge pull request #15337 from SvenRoederer/xinetd-include
Florian Eckert [Tue, 6 Apr 2021 05:51:43 +0000 (07:51 +0200)]
Merge pull request #15337 from SvenRoederer/xinetd-include

xinetd: honor ${IPKG_INSTROOT} when sourcing /lib/functions.sh

3 years agomeson: fix compilation with at least spice
Rosen Penev [Mon, 5 Apr 2021 22:29:37 +0000 (15:29 -0700)]
meson: fix compilation with at least spice

This commit should also get rid of pointless option warnings.

Also removed an extra ) that was causing a bad cpu value.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agopillow: bump to version 8.2.0
Alexandru Ardelean [Mon, 5 Apr 2021 15:37:06 +0000 (18:37 +0300)]
pillow: bump to version 8.2.0

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
3 years agolibmaxminddb: build with CMake
Rosen Penev [Fri, 2 Apr 2021 23:35:44 +0000 (16:35 -0700)]
libmaxminddb: build with CMake

Faster and less error prone.

Small cleanups.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agostrongswan: bump to 5.9.2
Philip Prindeville [Sun, 4 Apr 2021 20:17:15 +0000 (14:17 -0600)]
strongswan: bump to 5.9.2

Retire weak algorithms like MD5 and 3DES.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
3 years agostrongswan: add more crypto plugins
Derek Yerger [Mon, 5 Apr 2021 19:31:49 +0000 (14:31 -0500)]
strongswan: add more crypto plugins

Adds modules for BLISS signature scheme, NTRU and New Hope key
exchange algorithms, and dependencies ChaCha20-Poly1305 AEAD,
ChaCha20 XOF, MGF1 mask generation function, SHA3 hasher SHAKE
XOF, and the Number Theoretic Transform library.

Signed-off-by: Derek Yerger <derek@altdevs.net>
3 years agostrongswan: force PIC on all builds
Philip Prindeville [Wed, 24 Feb 2021 21:46:33 +0000 (14:46 -0700)]
strongswan: force PIC on all builds

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
3 years agolibcap: drop from feed
Stijn Tintel [Mon, 5 Apr 2021 17:01:28 +0000 (20:01 +0300)]
libcap: drop from feed

The libcap package was moved to OpenWrt base.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
3 years agopython3: bump to version 3.9.4
Alexandru Ardelean [Mon, 5 Apr 2021 14:53:18 +0000 (17:53 +0300)]
python3: bump to version 3.9.4

For some reason Python3 jumped from 3.9.2 to 3.9.4 in about a week.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
3 years agouacme: add retries
Leonardo Mörlein [Fri, 26 Mar 2021 22:04:32 +0000 (23:04 +0100)]
uacme: add retries

Prior to this commit, the acme service attempted to obtain certificates
once and then terminated, regardless of whether the certificate could be
obtained or not. This commit introduces a new uci option "retries" to
the "certificate" section. If this option is set to N, the acme service
will attempt to obtain the certificate up to N times before terminating.
There is a waiting pause between the retries to comply with the rate
limits of Let'sEncrypt.

The waiting pause is:
-  2 minutes for staging certificates
- 24 minutes for production certificates

The current "Failed Validation" rate limits of Let'sEncrypt are:
- staging:   60 per hour -> 1 failure every 1 minute in avg.
- production: 5 per hour -> 1 failure every 12 minutes in avg.

This means that we are within rate limits by a factor of two.

By default the option "retries" is set to "1", which means that acme
behaves as before by default. If the variable is set to "0", infinite
retries are performed.

This feature is helpful, when you already want to initiate the
certificate request, but you are still waiting for your dns server to be
configured, your network to appear or other conditions.

Signed-off-by: Leonardo Mörlein <git@irrelefant.net>
3 years agolua-openssl: try to fix buildbot
Rosen Penev [Mon, 5 Apr 2021 02:51:27 +0000 (19:51 -0700)]
lua-openssl: try to fix buildbot

Something is weird there. Can't reproduce on CI or locally.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agolibdvbcsa: add BUILD_PATENTED
Rosen Penev [Mon, 5 Apr 2021 02:27:13 +0000 (19:27 -0700)]
libdvbcsa: add BUILD_PATENTED

This was missing in the initial commit.

Add AUTORELEASE as well for simplicity.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agouacme: propagate rc of uacme in issue_cert()
Leonardo Mörlein [Thu, 25 Mar 2021 22:22:28 +0000 (23:22 +0100)]
uacme: propagate rc of uacme in issue_cert()

Before this commit, issue_cert always returned 1 no matter if uacme
returned 1, 2, 3, ... With this commit, the return code of the uacme
binary is propagated. Therefore the caller of issue_cert can
differentiate between "no renew necessary" and "an error occurred".

Signed-off-by: Leonardo Mörlein <me@irrelefant.net>
3 years agouacme: allow including run-uacme
Leonardo Mörlein [Thu, 25 Mar 2021 22:22:19 +0000 (23:22 +0100)]
uacme: allow including run-uacme

With this commit, the run-acme script can be included into other scripts
by setting INLCUDE_ONLY=1.

Signed-off-by: Leonardo Mörlein <me@irrelefant.net>
3 years agojool: Update to 4.1.5
Ondřej Caletka [Sun, 4 Apr 2021 19:53:39 +0000 (21:53 +0200)]
jool: Update to 4.1.5

Compile and run tested on: mvebu (Turris Omnia)

Signed-off-by: Ondřej Caletka <ondrej@caletka.cz>
3 years agopython-dotenv: update to v0.17.0
Javier Marcet [Sun, 4 Apr 2021 20:10:30 +0000 (20:10 +0000)]
python-dotenv: update to v0.17.0

Signed-off-by: Javier Marcet <javier@marcet.info>
3 years agoMerge pull request #14708 from pprindeville/strongswan-add-swanctl-initd
Philip Prindeville [Sun, 4 Apr 2021 19:08:26 +0000 (13:08 -0600)]
Merge pull request #14708 from pprindeville/strongswan-add-swanctl-initd

strongswan: migrate to swanctl configs

3 years agostrongswan: migrate to swanctl configs
Philip Prindeville [Wed, 10 Feb 2021 05:49:30 +0000 (22:49 -0700)]
strongswan: migrate to swanctl configs

Derived from the ipsec initd script, with the following changes:

(1) various code improvements, corrections (get rid of left/right
    updown scripts, since there's only one), etc;
(2) add reauth and fragmentation parameters;
(3) add x.509 certificate-based authentication;

and other minor changes.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
3 years agoMerge pull request #15339 from pprindeville/strongswan-reset-ipsec.conf
Philip Prindeville [Sun, 4 Apr 2021 04:18:08 +0000 (22:18 -0600)]
Merge pull request #15339 from pprindeville/strongswan-reset-ipsec.conf

strongswan: remove synthesized ipsec conf files

3 years agodbus: update to 1.13.18
Rosen Penev [Fri, 2 Apr 2021 23:04:59 +0000 (16:04 -0700)]
dbus: update to 1.13.18

Switch to building with CMake for faster compilation.

Switch to AUTORELEASE for simplicity.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agoMerge pull request #15329 from G-M0N3Y-2503/cache-domains-fix
Rosen Penev [Sun, 4 Apr 2021 02:07:43 +0000 (19:07 -0700)]
Merge pull request #15329 from G-M0N3Y-2503/cache-domains-fix

cache-domains: Fixed host files directory

3 years agoMerge pull request #15330 from 1715173329/xray
Rosen Penev [Sun, 4 Apr 2021 02:07:17 +0000 (19:07 -0700)]
Merge pull request #15330 from 1715173329/xray

xray-core: Update to 1.4.2

3 years agobash: fixing missing PARAMS() macro in strtod.c
Philip Prindeville [Tue, 2 Mar 2021 21:43:37 +0000 (14:43 -0700)]
bash: fixing missing PARAMS() macro in strtod.c

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
3 years agolibdvbcsa: add new package
Rafał Dzięgiel [Sun, 2 Aug 2020 09:52:07 +0000 (11:52 +0200)]
libdvbcsa: add new package

Libdvbcsa is a free implementation of the DVB Common Scrambling Algorithm DVB/CSA - with encryption and decryption capabilities.

OpenWrt packages like `tvheadend` and `minisatip` can benefit from it.

Signed-off-by: Rafał Dzięgiel <rafostar.github@gmail.com>
3 years agoMerge pull request #15074 from ja-pa/python-greenlet
Rosen Penev [Sun, 4 Apr 2021 01:46:39 +0000 (18:46 -0700)]
Merge pull request #15074 from ja-pa/python-greenlet

python-eventlet & python-greenlet: add new packages

3 years agoMerge pull request #15025 from ja-pa/python-flask-socketio
Rosen Penev [Sun, 4 Apr 2021 01:45:21 +0000 (18:45 -0700)]
Merge pull request #15025 from ja-pa/python-flask-socketio

python-flask-socketio: add new package

3 years agoMerge pull request #15080 from ja-pa/python-pysocks
Rosen Penev [Sun, 4 Apr 2021 01:43:17 +0000 (18:43 -0700)]
Merge pull request #15080 from ja-pa/python-pysocks

python-pysocks: add new package

3 years agooverture: update to 1.7
Huangbin Zhan [Sat, 6 Feb 2021 23:12:56 +0000 (07:12 +0800)]
overture: update to 1.7

Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
3 years agonetifyd: support filter parameter
Kevin Darbyshire-Bryant [Sun, 21 Mar 2021 00:05:58 +0000 (00:05 +0000)]
netifyd: support filter parameter

netifyd supports a '-F' filter option in 'bpf' notation to filter
packets from its consideration.

Add support for a uci 'filter' option. eg. filter to exclude SSDP
multicasts from a particularly noisy device:

option filter 'not (udp and dst 239.255.255.250 and dst port 1900 and src 192.168.1.5)'

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
3 years agopython-flask-httpauth: add new package
Jan Pavlinec [Mon, 15 Mar 2021 08:58:51 +0000 (09:58 +0100)]
python-flask-httpauth: add new package

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
3 years agorestic-rest-server: fix configuration option names
Anton Ryzhov [Wed, 17 Mar 2021 23:09:24 +0000 (00:09 +0100)]
restic-rest-server: fix configuration option names

Signed-off-by: Anton Ryzhov <anton@ryzhov.me>
3 years agoyggdrasil: bump to 0.3.16
George Iv [Sun, 28 Mar 2021 17:39:44 +0000 (13:39 -0400)]
yggdrasil: bump to 0.3.16

Signed-off-by: George Iv <zhoreeq@users.noreply.github.com>
3 years agorp-pppoe: use pppoe.so instead of rp-pppoe.so
Jianhui Zhao [Fri, 2 Apr 2021 13:47:11 +0000 (21:47 +0800)]
rp-pppoe: use pppoe.so instead of rp-pppoe.so

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
3 years agonut: fix typo in nutshutdown script
Sven Roederer [Sat, 3 Apr 2021 20:00:31 +0000 (22:00 +0200)]
nut: fix typo in nutshutdown script

Even it's only cosmetic and should not affect the function of regular system,
fix the name of the IPKG_INSTROOT variable.
Typo was added long ago with 8400c9a6ec799.

Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
3 years agoxinetd: honor ${IPKG_INSTROOT} when sourcing /lib/functions.sh
Sven Roederer [Sat, 3 Apr 2021 16:47:02 +0000 (18:47 +0200)]
xinetd: honor ${IPKG_INSTROOT} when sourcing /lib/functions.sh

Avoid "file not found"-error when embedding via Imagebuilder.

Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
3 years agobanip: bugfix 0.7.6-2
Dirk Brenken [Sat, 3 Apr 2021 17:16:39 +0000 (19:16 +0200)]
banip: bugfix 0.7.6-2

* fix housekeeping of external list sources

Signed-off-by: Dirk Brenken <dev@brenken.org>
3 years agolua-openssl: update to 0.7.8-0
Rosen Penev [Fri, 26 Mar 2021 03:37:37 +0000 (20:37 -0700)]
lua-openssl: update to 0.7.8-0

Swith to building with CMake to avoid huge patching of the stock
Makefile.

Reorganize Makefile for consistency between packages.

Add patch to fix deprecated OpenSSL functions.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agopoco: update to 1.10.1
Rosen Penev [Fri, 26 Mar 2021 02:58:02 +0000 (19:58 -0700)]
poco: update to 1.10.1

Switch to AUTORELEASE for simplicity.

Move MAINTAINER line up for consistency.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agoxray-core: Update to 1.4.2
Tianling Shen [Fri, 2 Apr 2021 08:59:11 +0000 (16:59 +0800)]
xray-core: Update to 1.4.2

Updated geo datas to latest version.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
3 years agoxray-core: init: add browser dialer support
Tianling Shen [Fri, 2 Apr 2021 09:06:19 +0000 (17:06 +0800)]
xray-core: init: add browser dialer support

Since v1.4.1, Xray has introduced a new feature to transfer data via
browsers, which can disguise itself as a normal browser to cheat
network censorship.

For more details, see https://github.com/XTLS/Xray-core/pull/421.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
3 years agocache-domains: Fixed host files directory
Gerard Ryan [Fri, 2 Apr 2021 05:22:55 +0000 (15:22 +1000)]
cache-domains: Fixed host files directory
* Hid unnecessary output

Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
3 years agoMerge pull request #15301 from ja-pa/git-lfs-2.13.3
Josef Schlehofer [Thu, 1 Apr 2021 23:41:16 +0000 (01:41 +0200)]
Merge pull request #15301 from ja-pa/git-lfs-2.13.3

git-lfs: update to version 2.13.3

3 years agostrongswan: remove synthesized ipsec conf files
Philip Prindeville [Thu, 1 Apr 2021 20:43:12 +0000 (14:43 -0600)]
strongswan: remove synthesized ipsec conf files

If you shutdown ipsec service, and it doesn't clean up
/var/ipsec/ipsec.conf, then when you start swanctl service it
might see an incompatible file on startup.  Remedy is to
remove unneeded files when shutting down the service.  They
can always be regenerated when the service starts again.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
3 years agoMerge pull request #15286 from pprindeville/strongswan-move-ipsec.secrets
Philip Prindeville [Thu, 1 Apr 2021 20:16:35 +0000 (14:16 -0600)]
Merge pull request #15286 from pprindeville/strongswan-move-ipsec.secrets

strongswan: move ipsec conf files to subpackage

3 years agoopenvpn: fix invoking user up & down commands from hotplug wrapper
Jo-Philipp Wich [Sat, 27 Mar 2021 19:33:44 +0000 (20:33 +0100)]
openvpn: fix invoking user up & down commands from hotplug wrapper

This commit adds a number of fixes to the OpenVPN up/down hotplug command
wrapper which currently fails to actually invoke user defined up and down
commands for uci configurations not using external native configurations.

 - Use the `--setenv` to pass the user configured `up` and `down` commands
   as `user_up` and `user_down` environment variables respectively

 - Instead of attempting to scrape the `up` and `down` settings from the
   (possibly generated) native OpenVPN configuration in
   `/etc/hotplug.d/openvpn/01-user`, read them from the respective
   environment variables instead

 - Fix parsing of native configuration values in `get_openvpn_option()`;
   first try to parse a given setting as single quoted value, then as
   double quoted and finally as non-quoted, potentially white-space
   escaped one. This ensures that `up '/bin/foo'` is interpreted as
   `/bin/foo` and not `'/bin/foo'`

Ref: https://forum.openwrt.org/t/openvpn-up-down-configuration-ignored/91126
Supersedes: #15121, #15284
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
3 years agoMerge pull request #15327 from ja-pa/curl-7.76.0
Rosen Penev [Thu, 1 Apr 2021 11:08:58 +0000 (04:08 -0700)]
Merge pull request #15327 from ja-pa/curl-7.76.0

curl: update to version 7.76.0 (security fix)

3 years agotmate-ssh-server: add package
Paul Spooren [Mon, 29 Mar 2021 09:06:35 +0000 (23:06 -1000)]
tmate-ssh-server: add package

The `tmate` tool is a fork of `tmux` which allows remote access to a
device without setting up any port forwarding. This commits adds the
backend server which handles connections.

Signed-off-by: Paul Spooren <mail@aparcar.org>
3 years agocurl: update to version 7.76.0
Jan Pavlinec [Thu, 1 Apr 2021 08:58:11 +0000 (10:58 +0200)]
curl: update to version 7.76.0

Fixes CVE-2021-22876 and CVE-2021-22890

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
3 years agoxray-core: Update to 1.4.1
Tianling Shen [Wed, 31 Mar 2021 08:09:36 +0000 (16:09 +0800)]
xray-core: Update to 1.4.1

Updated geodata to latest version.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
3 years agoyq: Update to 4.6.3
Tianling Shen [Wed, 31 Mar 2021 08:17:18 +0000 (16:17 +0800)]
yq: Update to 4.6.3

- Re-assigned myself as the maintainer
- Used $(AUTORELEASE) for PKG_RELEASE

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
3 years agostrongswan: move ipsec conf files to subpackage
Philip Prindeville [Sat, 27 Mar 2021 19:37:21 +0000 (13:37 -0600)]
strongswan: move ipsec conf files to subpackage

These config files are only used by the ipsec interface to charon,
and shouldn't be part of the base package.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
3 years agoautopart: add package
Daniel Golle [Wed, 31 Mar 2021 23:07:03 +0000 (00:07 +0100)]
autopart: add package

The 'autopart' package is intended for devices with rather large
block device storage (ie. SATA or MMC).
It automatically allocates the free space on the block device used
for booting into an LVM2 physical volume.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agoovsd: add package
Daniel Golle [Wed, 31 Mar 2021 00:31:32 +0000 (01:31 +0100)]
ovsd: add package

Add Open vSwtich configuration daemon for netifd.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agopodman: Add selinux variant and several improvements
Oskari Rauta [Tue, 30 Mar 2021 11:55:57 +0000 (14:55 +0300)]
podman: Add selinux variant and several improvements

* add -selinux variant which depends on libselinux
* init script for background service
* updated configurations
* maintainer change as requested

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
3 years agopython3-pyroute2: update to version 0.5.16
Martin Matějek [Mon, 29 Mar 2021 20:20:57 +0000 (22:20 +0200)]
python3-pyroute2: update to version 0.5.16

Signed-off-by: Martin Matějek <martin.matejek@gmx.com>
3 years agoMerge pull request #15311 from commodo/stress-ng
Rosen Penev [Tue, 30 Mar 2021 10:30:46 +0000 (03:30 -0700)]
Merge pull request #15311 from commodo/stress-ng

stress-ng: bump to version 0.12.06

3 years agooci-runtime-tools: provide rootfs-arm64 for oci-runtime-tests
Daniel Golle [Mon, 29 Mar 2021 21:06:13 +0000 (22:06 +0100)]
oci-runtime-tools: provide rootfs-arm64 for oci-runtime-tests

Download static busybox to provide rootfs-amd64.tar.gz for test-suite.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agopodman: add 'crun' to containers.conf
Daniel Golle [Mon, 29 Mar 2021 22:14:41 +0000 (23:14 +0100)]
podman: add 'crun' to containers.conf

Now that 'crun' has been packaged, add support for it in podman.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agocrun: add package crun
Oskari Rauta [Mon, 29 Mar 2021 21:42:15 +0000 (00:42 +0300)]
crun: add package crun

crun is the prefered container run-time of podman, it's faster than
runc and has a much lower memory footprint.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
3 years agocni-plugins: depend on kmod-veth
Daniel Golle [Mon, 29 Mar 2021 21:23:54 +0000 (22:23 +0100)]
cni-plugins: depend on kmod-veth

cni-plugins makes use of veth, make sure kernel module is installed.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agolibseccomp: don't build on ARC
Daniel Golle [Mon, 29 Mar 2021 21:05:10 +0000 (22:05 +0100)]
libseccomp: don't build on ARC

ARC architecture is not yet supported by libseccomp.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agoMerge pull request #15300 from commodo/python-updates1
Rosen Penev [Mon, 29 Mar 2021 20:05:18 +0000 (13:05 -0700)]
Merge pull request #15300 from commodo/python-updates1

Python updates1

3 years agoMerge pull request #15298 from egorenar/icecast
Rosen Penev [Mon, 29 Mar 2021 20:04:59 +0000 (13:04 -0700)]
Merge pull request #15298 from egorenar/icecast

icecast: fix whitespace in init file

3 years agoMerge pull request #15299 from egorenar/mpd
Rosen Penev [Mon, 29 Mar 2021 20:04:42 +0000 (13:04 -0700)]
Merge pull request #15299 from egorenar/mpd

mpd: run mpd as a non-root user

3 years agoMerge pull request #15303 from Payne-X6/master
Josef Schlehofer [Mon, 29 Mar 2021 19:53:12 +0000 (21:53 +0200)]
Merge pull request #15303 from Payne-X6/master

knot: update to version 3.0.5

3 years agoconmon: fix segfault, correct a typo and update description
Oskari Rauta [Mon, 29 Mar 2021 15:02:11 +0000 (18:02 +0300)]
conmon: fix segfault, correct a typo and update description

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
3 years agoknot: update to version 3.0.5
Jan Hak [Mon, 29 Mar 2021 09:48:21 +0000 (11:48 +0200)]
knot: update to version 3.0.5

Signed-off-by: Jan Hak <jan.hak@nic.cz>
3 years agostress-ng: bump to version 0.12.06
Alexandru Ardelean [Mon, 29 Mar 2021 08:51:51 +0000 (11:51 +0300)]
stress-ng: bump to version 0.12.06

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
3 years agogit-lfs: update to version 2.13.3
Jan Pavlinec [Mon, 29 Mar 2021 08:47:53 +0000 (10:47 +0200)]
git-lfs: update to version 2.13.3

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
3 years agoicecast: fix whitespace in init file
Alexander Egorenkov [Mon, 29 Mar 2021 05:55:28 +0000 (07:55 +0200)]
icecast: fix whitespace in init file

Signed-off-by: Alexander Egorenkov <egorenar-dev@posteo.net>
3 years agompd: run mpd as a non-root user
Alexander Egorenkov [Mon, 29 Mar 2021 06:06:10 +0000 (08:06 +0200)]
mpd: run mpd as a non-root user

* Make /etc/mpd.conf worldreadable.

Signed-off-by: Alexander Egorenkov <egorenar-dev@posteo.net>
3 years agonumpy: bump to version 1.20.2
Alexandru Ardelean [Mon, 29 Mar 2021 06:51:56 +0000 (09:51 +0300)]
numpy: bump to version 1.20.2

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
3 years agopython-lxml: bump to version 4.6.3
Alexandru Ardelean [Mon, 29 Mar 2021 06:49:47 +0000 (09:49 +0300)]
python-lxml: bump to version 4.6.3

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
3 years agogunicorn: bump to version 20.1.0
Alexandru Ardelean [Mon, 29 Mar 2021 06:47:07 +0000 (09:47 +0300)]
gunicorn: bump to version 20.1.0

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
3 years agodjango-restframework: bump to version 3.12.4
Alexandru Ardelean [Mon, 29 Mar 2021 06:46:09 +0000 (09:46 +0300)]
django-restframework: bump to version 3.12.4

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
3 years agowhois: update to 5.5.9
Paul Spooren [Sun, 28 Mar 2021 19:30:59 +0000 (09:30 -1000)]
whois: update to 5.5.9

* Updated the .ga TLD server.
* Removed the .cd and cf TLD servers.
* Removed 72 new gTLDs which are no longer active.

Signed-off-by: Paul Spooren <mail@aparcar.org>
3 years agoapk: update to 2.12.4
Paul Spooren [Sun, 28 Mar 2021 19:35:24 +0000 (09:35 -1000)]
apk: update to 2.12.4

Ariadne Conill (1):
      database: do not chroot(".") unless actually necessary

Martin Vahlensieck (1):
      Use correct port when redirected

Timo Teräs (5):
      db: fix control character check to use uint8_t
      libfetch: send Proxy-Authorization also for https connect
      del: report correctly package's provides names

Signed-off-by: Paul Spooren <mail@aparcar.org>