Tianling Shen [Tue, 7 Jun 2022 09:48:41 +0000 (17:48 +0800)]
dnsproxy: Update to 0.43.1
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Tianling Shen [Tue, 7 Jun 2022 08:51:44 +0000 (16:51 +0800)]
xray-core: increase nofile limitation
This fixes "too many open files" error caused by max-file limitation
when xray processes large traffic.
Reported-by: Terry Ding <terryding77@gmail.com>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Jeffery To [Wed, 8 Jun 2022 15:15:04 +0000 (23:15 +0800)]
Merge pull request #18711 from BKPepe/beep-update
beep: change git repository includes CVE fixes
Josef Schlehofer [Tue, 1 Jan 2019 02:38:00 +0000 (03:38 +0100)]
beep: change git repository to fix CVE-2018-0492 and CVE-2018-
1000532
1. Changed Git repository, which is used for Fedora packaging
https://github.com/johnath/beep/issues/11#issuecomment-
450277122
Fixed CVEs:
CVE-2018-0492 - https://nvd.nist.gov/vuln/detail/CVE-2018-0492
CVE-2018-
1000532 - https://nvd.nist.gov/vuln/detail/CVE-2018-
1000532
2. Fixed SPDX License Identifier
3. Add patch to comment out -D_FORTIFY_SOURCE
Otherwise, it can not be built by default.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Jeffery To [Tue, 7 Jun 2022 07:49:28 +0000 (15:49 +0800)]
Merge pull request #18680 from graysky2/htop
htop: update to 3.2.1
Stan Grishin [Mon, 6 Jun 2022 22:56:19 +0000 (01:56 +0300)]
Merge pull request #18576 from stangri/master-curl
curl: bump to 7.83.1
Stan Grishin [Thu, 19 May 2022 09:17:21 +0000 (09:17 +0000)]
curl: bump to 7.83.1
* https://curl.se/changes.html#7_83_1
Signed-off-by: Stan Grishin <stangri@melmac.ca>
Jeffery To [Mon, 6 Jun 2022 09:24:31 +0000 (17:24 +0800)]
micropython-lib: Update to latest master
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Tianling Shen [Sun, 5 Jun 2022 20:13:17 +0000 (04:13 +0800)]
gg: Update to 0.2.6
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Jeffery To [Mon, 6 Jun 2022 08:24:05 +0000 (16:24 +0800)]
golang: Update to 1.18.3
Includes fix for CVE-2022-30634 (crypto/rand: Read hangs when passed
buffer larger than 1<<32 - 1).
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Tianling Shen [Sun, 5 Jun 2022 12:41:16 +0000 (20:41 +0800)]
xray-core: Update to 1.5.7
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Sebastian Kemper [Mon, 6 Jun 2022 08:07:08 +0000 (10:07 +0200)]
glib2: update libintl handling
glib2's meson.build runs check cc.has_function('ngettext', args :
osx_ldflags) and, if successful, it never looks for non-libc libintl.
For musl and glibc this test is always successful.
glib2 unconditionally sets ENABLE_NLS, so during compile <libintl.h>
gets included always. But then we have a disconnect when the OpenWrt pkg
is being built with BUILD_NLS=y, because the <libintl.h> will be from
libintl-full but glib2 will not link to libintl-full.
With BUILD_NLS=n there's no problem, because the <libintl.h> will be
from libc.
In lieu of proper libintl detection in glib2's meson build, removing the
SED call from the Makefile together with the added patch sorts this out.
The SED call can be removed because when we force libintl-full use, the
meson build will put the necessary linker flag into the pkg-config file
itself.
Alpine Linux does something similar (see [1]), but they always force
the use of the external libintl. I assume they always go for full NLS
support.
[1] https://git.alpinelinux.org/aports/tree/main/glib/musl-libintl.patch
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Rosen Penev [Wed, 9 Mar 2022 04:48:10 +0000 (20:48 -0800)]
nfs-kernel-server: disable IPv6 for host
Some issue with static libtirpc
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Sun, 6 Mar 2022 06:55:31 +0000 (22:55 -0800)]
libtirpc: don't build host shared libraries
Avoids having to use rpath hacks.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Thu, 2 Jun 2022 23:01:50 +0000 (16:01 -0700)]
ntfs-3g: update to 2022.5.17
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Fri, 3 Jun 2022 23:48:12 +0000 (16:48 -0700)]
ksmbd-tools: update to 3.4.5
Major changes are:
Add support for Heimdal as the Kerberos 5 implementation.
Add smbd max io size parameter.
Accept global share options.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Toni Uhlig [Sat, 4 Jun 2022 11:20:16 +0000 (13:20 +0200)]
libndpi: fix pcre2 dependency name
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Dengfeng Liu [Sat, 4 Jun 2022 11:55:27 +0000 (19:55 +0800)]
xfrpc: fix bug of xfrpc.init
replace xfrpc with xfrp
Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
Dengfeng Liu [Sat, 4 Jun 2022 04:28:55 +0000 (12:28 +0800)]
xfrpc: update to 1.05.561
support tcp mux and default to turn it on
Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
John Audia [Sat, 4 Jun 2022 12:58:11 +0000 (08:58 -0400)]
htop: update to 3.2.1
Build-tested: x86/64
Run-tested: bcm2711/RPi4B
Signed-off-by: John Audia <therealgraysky@proton.me>
Hannu Nyman [Sat, 4 Jun 2022 11:12:28 +0000 (14:12 +0300)]
irqbalance: remove local patch for socket directory
Upstream has finally patched the UI communication socket
creation to happen only if the irqbalance UI is enabled.
As we do not use the irqbalance UI, we can remove
our local fix implemented by
4f0c847828.
(If you want to enable irqbalance UI, the fix is still needed.)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Hannu Nyman [Sat, 4 Jun 2022 09:11:11 +0000 (12:11 +0300)]
irqbalance: update to 1.9.0
Update irqbalance to version 1.9.0
* adopt AUTORELEASE
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Lucian Cristian [Wed, 1 Jun 2022 17:02:46 +0000 (17:02 +0000)]
open-iscsi: update to 2.1.7
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
Alexandru Ardelean [Fri, 3 Jun 2022 07:12:14 +0000 (10:12 +0300)]
openpyxl: bump to version 3.0.10
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Alexandru Ardelean [Fri, 3 Jun 2022 07:11:11 +0000 (10:11 +0300)]
pillow: bump to version 9.1.1
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Michal Vasilek [Fri, 3 Jun 2022 14:52:51 +0000 (16:52 +0200)]
miniflux: update to 2.0.37
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
Toni Uhlig [Fri, 3 Jun 2022 20:20:51 +0000 (22:20 +0200)]
libndpi: update to 4.2
- removed clunky sed patching, issue was fixed upstream
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Zoltan HERPAI [Mon, 30 May 2022 17:52:51 +0000 (19:52 +0200)]
samba4: add riscv64 support
Required for sifiveu target.
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Josef Schlehofer [Thu, 2 Jun 2022 20:19:57 +0000 (22:19 +0200)]
Merge pull request #18515 from paper42/yt-dlp
youtube-dl: drop package, yt-dlp: add package
Philip Prindeville [Thu, 2 Jun 2022 19:25:30 +0000 (13:25 -0600)]
Merge pull request #18654 from pprindeville/strongswan-need-kmod-chapoly
strongswan: add kernel module dependency on chapoly
Maciej Krüger [Wed, 1 Jun 2022 04:44:10 +0000 (06:44 +0200)]
yggdrasil: stop properly
Previously it was using killall with procd respand enabled
This was causing yggdrasil to restart after being killed
root@r3test-hap:/# service yggdrasil stop ; echo $? ; sleep 10s ; ps | grep yggdrasil
Terminated
143
6701 root 653m S /usr/sbin/yggdrasil -useconffile /tmp/yggdrasil.conf
6748 root 1308 S grep yggdrasil
Now it's just using whatever procd is using and see there, it actually stops
root@r3test-hap:/# service yggdrasil stop ; echo $? ; sleep 10s ; ps | grep yggdrasil
0
6802 root 1308 S grep yggdrasil
I assume there was some procd bug that kept it from being used properly
Signed-off-by: Maciej Krüger <mkg20001@gmail.com>
Alexandru Ardelean [Thu, 2 Jun 2022 11:27:37 +0000 (14:27 +0300)]
Merge pull request #18669 from wigyori/openblas-riscv
openblas: compile with RISCV64_GENERIC target on riscv64 arch
Jottr Doe [Wed, 18 May 2022 17:15:19 +0000 (19:15 +0200)]
mosh-full: Add perlbase-text dependency
Fixes https://github.com/openwrt/packages/issues/18182
Signed-off-by: Jottr Doe <jottr@users.noreply.github.com>
Jottr Doe [Wed, 18 May 2022 17:13:47 +0000 (19:13 +0200)]
mosh-full: Sort dependencies alphabetically
Signed-off-by: Jottr Doe <jottr@users.noreply.github.com>
Rui Salvaterra [Tue, 31 May 2022 07:36:33 +0000 (08:36 +0100)]
openconnect: make the host dependency optional
According to David Woodhouse, OpenConnect has no issues reconnecting on any
interface. Make the host dependency optional, as it can cause issues in multiple
WAN scenarios.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Rui Salvaterra [Tue, 31 May 2022 08:06:49 +0000 (09:06 +0100)]
openconnect: avoid using the --juniper switch
The --juniper switch has been deprecated in favour of --protocol=nc. Fix the
proto script thusly, while keeping compatibility with existing configurations.
Note that, as far as UCI is concerned, if both options juniper and vpn_protocol
are specified, the latter takes precedence.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Rui Salvaterra [Tue, 24 May 2022 16:13:04 +0000 (17:13 +0100)]
openconnect: fix inclusion of netifd proto scripts
This is the preferred way, according to the wiki.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Rui Salvaterra [Tue, 31 May 2022 09:47:01 +0000 (10:47 +0100)]
Revert "openconnect: drop the dependency on resolveip"
Using resolveip is more robust and predictable than depending on nslookup and
awk.
This reverts commit
131ec7b3bd6895aa3f86f57169dd23c15f174fe2.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Javier Marcet [Tue, 31 May 2022 19:03:28 +0000 (21:03 +0200)]
docker-compose: Update to version 2.6.0
What's Changed:
- fix TestLocalComposeUp which fail locally and bump compose-go to
1.2.7 by @glours
- attach only to services declared by project applying profiles by
@ndeloof
- Add ddev's e2e test by @ulyssessouza
- Fix local run of make e2e-compose-standalone by @ulyssessouza
- fix: prevent flickering prompt when pulling same image from N
services by @maxcleme
- add tags property to build section by @glours
- update golang version to 1.18 by @glours
- bump compose-go to 1.2.6 by @maxcleme
- add e2e tests to verify env variables priority by @glours
- Import dotenv file to os environment by @ulyssessouza
New Contributors:
- @maxcleme made their first contribution
Signed-off-by: Javier Marcet <javier@marcet.info>
Lucian Cristian [Wed, 1 Jun 2022 14:51:07 +0000 (14:51 +0000)]
openfortivpn: update to 1.17.3
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
Lucian Cristian [Wed, 1 Jun 2022 14:53:16 +0000 (14:53 +0000)]
gddrescue: update to 1.26
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
Hirokazu MORIKAWA [Wed, 1 Jun 2022 03:22:34 +0000 (12:22 +0900)]
node: bump to v16.15.0
Description:
Update from v16.15.0
Changed handling of host's npm problems due to npm updates.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Philip Prindeville [Wed, 1 Jun 2022 00:41:28 +0000 (18:41 -0600)]
strongswan: add kernel module dependency on chapoly
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Zoltan HERPAI [Mon, 23 May 2022 21:25:55 +0000 (23:25 +0200)]
libs: openblas: compile with RISCV64_GENERIC target on riscv64 arch
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Jeffery To [Tue, 31 May 2022 07:02:04 +0000 (15:02 +0800)]
ci: Use openwrt/gh-action-sdk@v5
The previous build errors with v5 have been fixed. This version builds
packages as a normal user instead of as root.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Jeffery To [Tue, 31 May 2022 06:59:04 +0000 (14:59 +0800)]
Merge pull request #18584 from mpratt14/golang-bootstrap-arch
golang: some makefile fixes
Lucian Cristian [Mon, 30 May 2022 17:26:40 +0000 (20:26 +0300)]
libreswan: update to 4.7
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
Peter van Dijk [Mon, 30 May 2022 15:07:28 +0000 (17:07 +0200)]
pdns-recursor: update to 4.7.0
Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
Tianling Shen [Mon, 30 May 2022 16:33:29 +0000 (00:33 +0800)]
xray-core: Update to 1.5.6
Updated geodata to latest version while at it.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Tianling Shen [Mon, 30 May 2022 13:11:52 +0000 (21:11 +0800)]
yq: Update to 4.25.2
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Tianling Shen [Mon, 30 May 2022 13:11:34 +0000 (21:11 +0800)]
cloudflared: Update to 2022.5.3
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Lucian Cristian [Mon, 30 May 2022 17:21:23 +0000 (20:21 +0300)]
nspr: update to 4.34
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
Lucian Cristian [Mon, 30 May 2022 17:25:08 +0000 (20:25 +0300)]
nss: update to 3.78
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
Michael Heimpold [Mon, 30 May 2022 21:07:33 +0000 (23:07 +0200)]
Merge pull request #18631 from mhei/php8-update
php8: update to 8.1.6
Michael Heimpold [Mon, 30 May 2022 21:07:21 +0000 (23:07 +0200)]
Merge pull request #18632 from mhei/libxml2-update
libxml2: update to 2.9.14
Nick Hainke [Sat, 30 Apr 2022 05:31:52 +0000 (07:31 +0200)]
prometheus-node-exporter: fix ubus stations
Not every radio has also ubus support. Only query radios with ubus
functions.
Signed-off-by: Nick Hainke <vincent@systemli.org>
[fixup, call ubus.connect() once per scrape]
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
Michael Heimpold [Sun, 29 May 2022 20:01:45 +0000 (22:01 +0200)]
libxml2: update to 2.9.14
This fixes CVE-2022-29824.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Michael Heimpold [Sun, 29 May 2022 09:05:11 +0000 (11:05 +0200)]
php8: update to 8.1.6
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
R4SAS I2P [Sat, 28 May 2022 17:41:49 +0000 (20:41 +0300)]
i2pd: Update package
* Update to 2.42.1
* Replace spaces with tabulation in init file
Signed-off-by: R4SAS I2P <r4sas@i2pmail.org>
Etienne Champetier [Sun, 29 May 2022 01:16:46 +0000 (21:16 -0400)]
Merge pull request #18511 from jefferyto/circleci-add-keys
CircleCI: Add 22.03 public keys, 18.06 v2 gpg key, 18.06 usign key
Dirk Brenken [Fri, 27 May 2022 19:23:56 +0000 (21:23 +0200)]
banip: mark as broken
banIP 0.7.x is not compatible with new nft firewall (default in master and 22.03).
Mark the package as BROKEN for now.
Signed-off-by: Dirk Brenken <dev@brenken.org>
Michael Pratt [Fri, 27 May 2022 06:25:52 +0000 (02:25 -0400)]
golang: do not rely on Go script host detection
for some use cases, for example:
a system with 64 bit kernel
and 32 bit userspace programs
the local Go installation is "detected"
using the kernel "uname",
causing build failure if they happen to differ
by adding the argument GOHOSTARCH using the corresponding make variable
it would be fully controlled in the openwrt git tree
based on the HOST_ARCH make variable.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
Michael Pratt [Fri, 20 May 2022 09:09:40 +0000 (05:09 -0400)]
golang: enable verbose output
allow the building script of Go to output verbose
when make is executed with "V=s..."
Signed-off-by: Michael Pratt <mcpratt@pm.me>
Michael Pratt [Fri, 20 May 2022 08:38:41 +0000 (04:38 -0400)]
golang: split compile recipe into configure and compile
the default Configure recipe for packages
assumes that there is a "configure" script
in the source tree directory
Go does not have such a script,
configure and compile is done with the same script
so split the current Compile recipe
into both Configure and Compile recipes
Signed-off-by: Michael Pratt <mcpratt@pm.me>
Maciej Krüger [Wed, 25 May 2022 14:56:59 +0000 (16:56 +0200)]
lua-openssl: update to version 0.8.2-1
Signed-off-by: Maciej Krüger <mkg20001@gmail.com>
W. Michael Petullo [Thu, 26 May 2022 00:19:03 +0000 (19:19 -0500)]
gcc: depend on libzstd
Signed-off-by: W. Michael Petullo <mike@flyn.org>
Aleksandr V. Piskunov [Mon, 23 May 2022 17:06:37 +0000 (20:06 +0300)]
stubby: restart on trigger interfaces
Force restart stubby if any of the trigger interfaces goes up or down.
Avoids DoT DNS lookup timeouts when default route changes, in case of multiple
upstream interfaces.
Signed-off-by: Aleksandr V. Piskunov <aleksandr.v.piskunov@gmail.com>
Rosen Penev [Fri, 29 Apr 2022 20:36:04 +0000 (13:36 -0700)]
hfsprogs: update to 540.1.linux3
Updates hfsprogs from 2011 to 2013 version.
Updated patches to latest Debian ones. Kept custom OpenWrt ones.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Andreas Erhard [Wed, 18 May 2022 08:04:39 +0000 (10:04 +0200)]
vpnc: Update to 0.5.3+git20220517
The new version of vpnc supports additional DH groups for improved key exchange security.
Signed-off-by: Andreas Erhard <andreas.erhard@i-med.ac.at>
Christian Lachner [Mon, 16 May 2022 06:45:59 +0000 (08:45 +0200)]
haproxy: Update HAProxy to v2.4.17
- Update haproxy download URL and hash
Signed-off-by: Christian Lachner <gladiac@gmail.com>
Javier Marcet [Tue, 24 May 2022 16:39:32 +0000 (18:39 +0200)]
python-jsonschema: Update to 4.5.1
What's Changed:
- Extend dynamicRef keyword by @nezhar
- Add FORMAT_CHECKER attribute for Validator by @TiborVoelcker
- Remove stray double-quote by @lurch
- Ensure proper sorting of list in error message by @ssbarnea
Signed-off-by: Javier Marcet <javier@marcet.info>
Javier Marcet [Tue, 24 May 2022 16:40:38 +0000 (18:40 +0200)]
python3-paramiko: update to version 2.11.0
2.11.0:
- [Feature] Add SSH config token expansion (eg %h, %p) when parsing
ProxyJump directives. Patch courtesy of Bruno Inec.
- [Support] (via #2011) Apply unittest skipIf to tests currently
using SHA1 in their critical path, to avoid failures on systems
starting to disable SHA1 outright in their crypto backends (eg RHEL
9). Report & patch via Paul Howarth.
- [Support] Update camelCase method calls against the threading
module to be snake_case; this and related tweaks should fix some
deprecation warnings under Python 3.10. Thanks to Karthikeyan
Singaravelan for the report, @Narendra-Neerukonda for the patch,
and to Thomas Grainger and Jun Omae for patch workshopping.
- [Support] Recent versions of Cryptography have deprecated Blowfish
algorithm support; in lieu of an easy method for users to remove it
from the list of algorithms Paramiko tries to import and use, we’ve
decided to remove it from our “preferred algorithms” list. This will
both discourage use of a weak algorithm, and avoid warnings. Credit
for report/patch goes to Mike Roest.
2.10.5:
- [Bug] Windows-native SSH agent support as merged in 2.10 could
encounter Errno 22 OSError exceptions in some scenarios (eg server
not cleanly closing a relevant named pipe). This has been worked
around and should be less problematic. Reported by Danilo Campana
Fuchs and patched by Jun Omae.
- [Bug] OpenSSH 7.7 and older has a bug preventing it from
understanding how to perform SHA2 signature verification for RSA
certificates (specifically certs - not keys), so when we added SHA2
support it broke all clients using RSA certificates with these
servers. This has been fixed in a manner similar to what OpenSSH’s
own client does: a version check is performed and the algorithm used
is downgraded if needed. Reported by Adarsh Chauhan, with fix
suggested by Jun Omae.
- [Bug] Align signature verification algorithm with OpenSSH re:
zero-padding signatures which don’t match their nominal size/length.
This shouldn’t affect most users, but will help Paramiko-implemented
SSH servers handle poorly behaved clients such as PuTTY. Thanks to
Jun Omae for catch & patch.
Signed-off-by: Javier Marcet <javier@marcet.info>
Javier Marcet [Tue, 24 May 2022 16:45:21 +0000 (18:45 +0200)]
docker-compose: Update to version 2.5.1
What's Changed:
- Fix relative paths on envfile label by @ulyssessouza
- down: Reject all arguments by @Jille
- Clarify what default work dir is when multiple compose files by
@quite
- compose down exit=0 if nothing to remove by @ndeloof
- cp command: copy to all containers of a service as default
behaviour by @glours
- Fix extra space printed with --no-log-prefix option by @jan4843
- bump compose-go to 1.2.5 by @ndeloof
New Contributors:
- @Jille made their first contribution
- @quite made their first contribution
- @jan4843 made their first contribution
Signed-off-by: Javier Marcet <javier@marcet.info>
Tianling Shen [Wed, 25 May 2022 08:27:50 +0000 (16:27 +0800)]
dnslookup: Update to 1.7.0
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Tianling Shen [Wed, 25 May 2022 08:26:52 +0000 (16:26 +0800)]
dnsproxy: Update to 0.43.0
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Nikos Mavrogiannopoulos [Tue, 24 May 2022 12:34:58 +0000 (14:34 +0200)]
Merge pull request #18605 from rsalvaterra/oc
openconnect: three misc fixes
Rui Salvaterra [Tue, 24 May 2022 11:03:06 +0000 (12:03 +0100)]
openconnect: make sure OpenSSL is built with DTLS support
Otherwise, OpenConnect will fail to connect with DTLS.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Rui Salvaterra [Thu, 19 May 2022 13:01:00 +0000 (14:01 +0100)]
openconnect: don't bother loading the tun module
If it exists (if it isn't built-in), it will be loaded automatically at boot.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Rui Salvaterra [Tue, 17 May 2022 15:29:14 +0000 (16:29 +0100)]
openconnect: drop the dependency on resolveip
We have nslookup and awk, let's use them.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Tianling Shen [Mon, 23 May 2022 05:47:13 +0000 (13:47 +0800)]
dnsproxy: Update to 0.42.4
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Sergey V. Lobanov [Tue, 15 Feb 2022 23:48:08 +0000 (02:48 +0300)]
samba4: fix build on macos
This commit fixes two issues on macos:
1. Added a patch to fix 'echo -n' issue with MacOS shell
(backported from upstream)
2. Redefined sys.platform='linux' for target build if build host is
MacOS (otherwise, build script tries to use MacOS logic for
OpenWrt(Linux) target build)
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
Rosen Penev [Mon, 16 May 2022 13:52:37 +0000 (06:52 -0700)]
glib2: update to 2.70.5
Enabled glib_checks to fix podman.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Jianhui Zhao [Sun, 22 May 2022 14:01:18 +0000 (22:01 +0800)]
rtty: update to 8.0.1
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Toke Høiland-Jørgensen [Wed, 30 Mar 2022 10:54:51 +0000 (12:54 +0200)]
acme: switch from iptables to nft
Use nft instead of iptables to open port 80 in the firewall when getting a
cert. Since nft doesn't allow deleting a rule by its contents, capture and
save the handle when creating the rule, and use that to delete.
Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
Eneas U de Queiroz [Wed, 11 May 2022 22:37:12 +0000 (19:37 -0300)]
audit: remove host build
The audit package in the packages feed share the same sources as the
libaudit package in the base repo. libaudit performs a host build, used
only by libsemanage in base.
There is no package depending on 'audit/host', so we can remove it to
avoid possible confusion.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Eneas U de Queiroz [Wed, 11 May 2022 22:08:13 +0000 (19:08 -0300)]
audit: avoid interferece with base libaudit build
Both audit in the packages feed and libaudito from the base repo use the
same sources.
Have 'audit' use a different build directory than 'libaudit' package to
avoid interference between them.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Eneas U de Queiroz [Thu, 5 May 2022 12:58:02 +0000 (09:58 -0300)]
audit: Fix compilation with kernel 5.15
Linux 5.15 does not have the linux/ipx.h header.
The patch is a partial cherry-pick (skipped ChangeLog) of upstream
commit
6b09724c6 ("Make IPX packet interpretation dependent on the ipx
header file existing").
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Rui Salvaterra [Mon, 16 May 2022 14:10:27 +0000 (15:10 +0100)]
openconnect: fix OpenSSL build without deprecated API
Backport a patch in order to allow building OpenConnect against OpenSSL 1.1.x
without the need for deprecated API (further fixes will be required for OpenSSL
3.x, though).
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Leo Soares [Mon, 16 May 2022 23:02:26 +0000 (00:02 +0100)]
libcoap: make sure `libcoap-3-notls.so` is installed
This commit fixes an issue where the `libcoap-3-notls.so` is not installed,
in some cases leaving the target's root with no library and just a broken link
from `libcoap-3.so` to `libcoap-3-notls.so`.
Signed-off-by: Leo Soares <leo@hyper.ag>
Adam Williams [Thu, 19 May 2022 03:08:01 +0000 (21:08 -0600)]
wifi-presence: Add config for process user/group
On systems using seccomp, the hostapd socket files will be owned by the
'network' user/group ([source][0]). In this case, if wifi-presence is
run as root/root, then it does not have permissions to open the
hostapd socket files. This was discussed in awilliams/wifi-presence#3.
This change allows the process user/group to be specified in
/etc/config/wifi-presence. If no explicit user/group is set, then the
init script will use the owner of the socket files in /var/run/hostapd/
to determine the appropriate process user/group.
[0]: https://github.com/openwrt/openwrt/blob/
ec6293febc244d187e71a6e54f44920be679cde4/package/network/services/hostapd/files/wpad.init#L35-L36
Signed-off-by: Adam Williams <pwnfactory@gmail.com>
Florian Eckert [Fri, 20 May 2022 14:21:51 +0000 (16:21 +0200)]
Merge pull request #18586 from flyn-org/openldap
openldap: drop use of HTTP in favor of HTTPS
W. Michael Petullo [Fri, 20 May 2022 13:14:33 +0000 (08:14 -0500)]
openldap: drop use of HTTP in favor of HTTPS
Signed-off-by: W. Michael Petullo <mike@flyn.org>
Florian Eckert [Fri, 20 May 2022 07:59:34 +0000 (09:59 +0200)]
Merge pull request #18494 from nemesisdesign/master
openwisp-config: update to 1.0.0
Jeffery To [Tue, 17 May 2022 09:38:45 +0000 (17:38 +0800)]
bluez: Update to 5.64, update/refresh patches
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Stijn Tintel [Wed, 18 May 2022 12:35:24 +0000 (15:35 +0300)]
frr: drop elfutils/host dependency
The elfutils package moved to tools and elfutils/host no longer exists.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Michal Vasilek [Wed, 11 May 2022 16:17:15 +0000 (18:17 +0200)]
yt-dlp: add package
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
Michal Vasilek [Wed, 11 May 2022 16:17:43 +0000 (18:17 +0200)]
youtube-dl: drop package
youtube-dl is still maintained, but moves very slowly and many other
distributions instead package an active fork, yt-dlp.
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
Florian Eckert [Mon, 21 Mar 2022 09:22:13 +0000 (10:22 +0100)]
stunnel: update to version 5.64
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Stan Grishin [Thu, 19 May 2022 09:00:31 +0000 (12:00 +0300)]
Merge pull request #18361 from stangri/master-https-dns-proxy
https-dns-proxy: 2021-11-22-3: add support for Canary Domains
W. Michael Petullo [Wed, 18 May 2022 22:06:25 +0000 (17:06 -0500)]
gcc: update to allow compiling different versions
This is based on the toolchain GCC, and aims to share as much of its
Makefile and patches with that definition. The package requires two
additional patches:
(1) 003-dont-choke-when-building-32bit-on-64bit.patch, which fixes the
`error: size of array 'test_real_width' is negative` error that occurs
when building a 32-bit GCC on a 64-bit host. (Search the Internet for
examples of this error appearing.)
(2) 980-add-nostdinc++.patch, which backports a fix from 11.3.0 (11.2.0
only).
Signed-off-by: W. Michael Petullo <mike@flyn.org>