Daniel Golle [Fri, 18 Mar 2022 18:40:15 +0000 (18:40 +0000)]
ccid: update to version 1.5.0
1.5.0 - 27 January 2022, Ludovic Rousseau
- Add support of
- ACS ACR1281U
- Circle CCR7125 ICC
- Circle CIR125 ICC
- Circle CIR125-DOT ICC
- Circle CIR215 CL with iProduct 0x2100
- Circle CIR315 DI
- Circle CIR315 with idProduct: 0x0324
- Circle CIR315 with idProduct: 0x7004
- Circle CIR415 CL
- Circle CIR515 ICC
- Circle CIR615 CL
- Circle CIR615 CL & 1S
- ELYCTIS CL reader
- Nitrokey Nitrokey 3
- Thales Shield M4 Reader
- Add support of simultaneous slot access on multi slots readers
- Use FeliCa instead of Felica on SONY request
- Fix SafeNet eToken 5110 SC issue
- Allow vendor control commands for Omnikey 5427 CK
- always compute readTimeout to use a value greater than default 3 seconds
- Check the bSeq value when receiving a CCID frame
- Avoid logging errors when a reader is removed
- Some other minor improvements
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Fri, 18 Mar 2022 18:36:16 +0000 (18:36 +0000)]
pcsc-lite: update to version 1.9.5
1.9.5: Ludovic Rousseau 4 December 2021
- pcscd: autoexit even if no client connects
- Fix variable substitution in systemd units
- fix potential race conditions with powerState handling
- Add and use tag TAG_IFD_DEVICE_REMOVED
- UnitaryTests: port code to Python 3
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
David Bauer [Fri, 18 Mar 2022 21:45:18 +0000 (22:45 +0100)]
usteer: update to latest version
f4e120c band-steering: add band-steering component
439acc5 policy: add steer-reject-timeout
648c6f3 policy: make roam-steers client-rejectable
1fa3210 policy: update roam-state after hard-kicks
c19c885 policy: move load-kick out of kick meta-function
96ef3a6 ubus: skip neighbors which exceed their assoc limit
86e7297 policy: export below_max_assoc
33a5acd policy: make policy helpers more generic
32fed79 add local_mode config option
Signed-off-by: David Bauer <mail@david-bauer.net>
Michael Heimpold [Fri, 18 Mar 2022 20:16:03 +0000 (21:16 +0100)]
Merge pull request #17903 from WereCatf/feature_gensio
gensio: Add new package
Stan Grishin [Fri, 18 Mar 2022 16:38:32 +0000 (09:38 -0700)]
Merge pull request #18091 from c---/fixcurlwolfssl
curl: Fix compiling curl wolfSSL when IPv6 is disabled
Chris Osgood [Fri, 18 Mar 2022 14:48:07 +0000 (10:48 -0400)]
curl: Fix compiling curl wolfSSL IPv6 disabled
Fixes #18082
Signed-off-by: Chris Osgood <chris_github@functionalfuture.com>
Jeffery To [Fri, 18 Mar 2022 08:42:21 +0000 (16:42 +0800)]
Mako: Remove package
This package (more specifically, the host version) was added for mesa in
the video feed[1]; no packages in the packages feed require this
package.
As mesa will be updated to install Mako using host pip[2], there is no
need to continue maintaining the package here. It will be imported into
the abandoned packages repo[3].
[1]: https://github.com/openwrt/packages/commit/
2e17cb9a1b336f4b53146bdedbc583a03092e424#commitcomment-
63047904
[2]: https://github.com/openwrt/video/pull/25
[3]: https://github.com/openwrt/packages-abandoned/pull/26
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Noah Meyerhans [Fri, 18 Mar 2022 01:32:38 +0000 (18:32 -0700)]
bind: bump to 9.18.1
Fixes multiple security issues:
* CVE-2022-0667 -- An assertion could occur in resume_dslookup() if the
fetch had been shut down earlier
* CVE-2022-0635 -- Lookups involving a DNAME could trigger an INSIST when
"synth-from-dnssec" was enabled
* CVE-2022-0396 -- A synchronous call to closehandle_cb() caused
isc__nm_process_sock_buffer() to be called recursively,
which in turn left TCP connections hanging in the CLOSE_WAIT
state blocking indefinitely when out-of-order processing was
disabled.
* CVE-2021-25220 -- The rules for acceptance of records into the cache
have been tightened to prevent the possibility of
poisoning if forwarders send records outside the
configured bailiwick
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
Rosen Penev [Sun, 13 Mar 2022 08:09:52 +0000 (00:09 -0800)]
glib2: fix compilation with Alpine Linux
Patch taken from Alpine Linux git. The problem is missing -lintl linker
flag. Placed in a separate directory as the patch interferes with the
way libintl is implemented in OpenWrt.
Also removed rpath hack, which is not needed as all libraries are
static.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Jeffery To [Tue, 8 Mar 2022 21:29:22 +0000 (05:29 +0800)]
Revert "expat: add host build"
This reverts commit
ca21bbf2edd64fffd044e0d6caf6975243a3fa4b.
5bf74f2 removed the host build of expat and updated packages to use
tools/expat instead.
ca21bbf re-added the host build of expat for mesa (actually wayland) in
the video feed.
Changing wayland to use tools/expat is the proper fix, and there is a
PR[1] open with this change. Therefore this commit can and should be
reverted.
[1]: https://github.com/openwrt/video/pull/24
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Nita Vesa [Sat, 19 Feb 2022 09:21:47 +0000 (11:21 +0200)]
gensio: Add new package
A library to abstract stream I/O like serial port, TCP, telnet,
UDP, SSL, IPMI SOL, etc.
Signed-off-by: Nita Vesa <werecatf@outlook.com>
Jeffery To [Thu, 17 Mar 2022 15:46:41 +0000 (23:46 +0800)]
slide-switch: Update to 1.0.0
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Tianling Shen [Thu, 17 Mar 2022 16:51:26 +0000 (00:51 +0800)]
cloudflared: Update to 2022.3.2
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Jeffery To [Mon, 7 Mar 2022 13:29:56 +0000 (21:29 +0800)]
python3: Add Py3Build/InstallBuildDepends recipe
This adds a recipe, Py3Build/InstallBuildDepends, that installs the
requirements listed in HOST_PYTHON3_PACKAGE_BUILD_DEPENDS. This allows
other (non-Python) packages to install host Python packages by calling
this recipe, without having to know the internals of python3-package.mk.
This also updates apparmor to call this recipe.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Rosen Penev [Sun, 13 Mar 2022 08:09:10 +0000 (00:09 -0800)]
libextractor: remove ffmpeg plugin
This was removed upstream. It also doesn't build with ffmpeg 5.0
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Philip Prindeville [Tue, 15 Mar 2022 22:46:08 +0000 (16:46 -0600)]
bind: fix warnings about unknown options
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Florian Eckert [Thu, 17 Mar 2022 14:33:29 +0000 (15:33 +0100)]
Merge pull request #18066 from TDT-AG/pr/
20220315-collectd
collectd: update smart plugin
Florian Eckert [Tue, 15 Mar 2022 14:03:46 +0000 (15:03 +0100)]
collectd: smart: add patch to check udev_enumerate_scan_devices return value
The function udev_enumarte_scan_devices returns a value less than 0 on
failure. If this is the case then we terminate the read for this smart
information.
This change was already send upstream. And could be delete in feature
collectd versions.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Tue, 15 Mar 2022 13:52:05 +0000 (14:52 +0100)]
collectd: remove not needed fix
This was not a real fix but a workaround. It is no longer clear to me
why this was necessary. Deleting the patch restores the upstream
behaviour of the collected for the smart plugin. I have tested it and on
my system the hard disk to be monitored is recognised.
root@system ~ # cat /sys/class/block/sda/uevent
MAJOR=8
MINOR=0
DEVNAME=sda
DEVTYPE=disk
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Thu, 17 Mar 2022 13:01:43 +0000 (14:01 +0100)]
Merge pull request #17940 from TDT-AG/pr/
20220225-mwan3
mwan3: update to version 2.11.0
Rosen Penev [Tue, 15 Mar 2022 23:24:35 +0000 (16:24 -0700)]
vim: remove vim/host
The only use of it is for xxd. tools/xxd was added in base so this can
go.
https://github.com/openwrt/openwrt/commit/
c4dd2441e7
added it.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Florian Eckert [Thu, 17 Mar 2022 07:04:32 +0000 (08:04 +0100)]
Merge pull request #18079 from TDT-AG/pr/
20220316-libqmi-libmbim
ibqmi/libmbim: fix configure warning on unrecognized options
Michael Heimpold [Thu, 17 Mar 2022 07:02:48 +0000 (08:02 +0100)]
Merge pull request #18070 from mhei/libxml2-update
libxml2: update to 2.9.13
Michal Vasilek [Thu, 3 Mar 2022 18:38:51 +0000 (19:38 +0100)]
openssh: update to 8.9p1
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
Josef Schlehofer [Sat, 5 Mar 2022 10:35:40 +0000 (11:35 +0100)]
libarchive: add conflict to bsdtar/bsdtar-noopenssl
Fixes:
Packages 'bsdtar' and 'bsdtar-noopenssl' do not conflict while providing same file: /usr/bin/bsdtar
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Florian Eckert [Tue, 15 Mar 2022 14:04:55 +0000 (15:04 +0100)]
libudev-zero: backport latest changes to fix blocking on devices scan
This change added the latest upstream changes since version 1.0.0.
When using the smart plugin from collectd, there are problems with the
function udev_enumerate_scan_devices. This function is blocked and no
longer returns. Backporting the latest fixes from libudev-zero solves
the problem.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Tianling Shen [Tue, 1 Mar 2022 09:29:16 +0000 (17:29 +0800)]
cloudflared: add new package
Contains the command-line client for Cloudflare Tunnel, a tunneling
daemon that proxies traffic from the Cloudflare network to your origins.
Docs: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel-guide
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Christian Lachner [Tue, 15 Mar 2022 11:41:37 +0000 (12:41 +0100)]
haproxy: Update HAProxy to v2.4.15
- Update haproxy download URL and hash
Signed-off-by: Christian Lachner <gladiac@gmail.com>
Javier Marcet [Mon, 14 Mar 2022 07:32:58 +0000 (08:32 +0100)]
python3-paramiko: update to version 2.10.1
2.10.1:
- [Bug]: (CVE-2022-24302) Creation of new private key files using
PKey subclasses was subject to a race condition between file creation
& mode modification, which could be exploited by an attacker with
knowledge of where the Paramiko-using code would write out such
files.
- This has been patched by using os.open and os.fdopen to ensure new
files are opened with the correct mode immediately. We’ve left the
subsequent explicit chmod in place to minimize any possible
disruption, though it may get removed in future backwards-
incompatible updates.
- Thanks to Jan Schejbal for the report & feedback on the solution,
and to Jeremy Katz at Tidelift for coordinating the disclosure.
2.10.0:
- [Feature] Add support for OpenSSH’s Windows agent as a fallback
when Putty/WinPageant isn’t available or functional. Reported by
@benj56 with patches/PRs from @lewgordon and Patrick Spendrin.
- [Feature] Add support for the %C token when parsing SSH config
files. Foundational PR submitted by @jbrand42.
- [Bug] Significantly speed up low-level read/write actions on
SFTPFile objects by using bytearray/memoryview. This is unlikely to
change anything for users of the higher level methods like
SFTPClient.get or SFTPClient.getfo, but users of SFTPClient.open will
likely see orders of magnitude improvements for files larger than a
few megabytes in size.
- Thanks to @jkji for the original report and to Sevastian Tchernov
for the patch.
- [Support] Add six explicitly to install-requires; it snuck into
active use at some point but has only been indicated by transitive
dependency on bcrypt until they somewhat-recently dropped it. This
will be short-lived until we drop Python 2 support. Thanks to
Sondre Lillebø Gundersen for catch & patch.
Signed-off-by: Javier Marcet <javier@marcet.info>
Marc Egerton [Mon, 14 Mar 2022 20:16:47 +0000 (20:16 +0000)]
mtr: bump version to 0.95, split package for JSON and non-JSON variants
As per the discussion in PR #18047, split the MTR package into
two, one with jansson enabled for JSON output, and one without.
This commit also bumps the version to 0.95. Since the MTR project
website does not seem to be updated with builds any longer, switch
to GitHub Codeload instead.
Also enable PKG_FIXUP:=autoreconf so that MTRs bootstrap.sh process
is executed properly.
Signed-off-by: Marc Egerton <marc@malloc.me>
Moritz Warning [Tue, 8 Mar 2022 14:55:58 +0000 (15:55 +0100)]
zerotier: update to 1.8.6
* remove upstreamed gcc10 and cerrno patches
* disable SSO and OIDC as it needs Rust/Cargo support
Signed-off-by: Moritz Warning <moritzwarning@web.de>
Alexandru Ardelean [Tue, 15 Mar 2022 11:50:22 +0000 (13:50 +0200)]
sudo: bump to version 1.9.10
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Javier Marcet [Mon, 14 Mar 2022 07:31:23 +0000 (08:31 +0100)]
docker-compose: Update to version 2.3.3
What's Changed:
- use plain text progress when ansi=never is set by @ndeloof
- build full compose model from resources, then filter by services by
@ndeloof
- add run with dependencies e2e test by @glours
- add support for device_cgroup_rules by @ndeloof
- composeService to use dockerCli's In/Out/Err streams by @ndeloof
- fix generated YAML missing an "examples" section, and update
cli-docs-tool to v0.4.0 by @thaJeztah
Signed-off-by: Javier Marcet <javier@marcet.info>
Josef Schlehofer [Sat, 5 Mar 2022 11:26:50 +0000 (12:26 +0100)]
chicken-scheme: add conflict and small Makefile polishing
- No need to explicitly state two times section and category since this is
already done in define Package/chicken-scheme/Default
- Also add TITLE to Default
- Add conflict between chicken-scheme-interpreter and
chicken-scheme-full
They both provide the same files:
/usr/lib/libchicken.so
/usr/lib/chicken/11/chicken.time.import.so
/usr/lib/chicken/11/chicken.fixnum.import.so
/usr/lib/chicken/11/chicken.internal.import.so
/usr/lib/chicken/11/chicken.tcp.import.so
/usr/lib/chicken/11/chicken.continuation.import.so
/usr/lib/chicken/11/chicken.port.import.so
/usr/lib/chicken/11/chicken.random.import.so
/usr/lib/chicken/11/chicken.compiler.user-pass.import.so
/usr/lib/chicken/11/chicken.process-context.import.so
/usr/lib/chicken/11/chicken.bitwise.import.so
/usr/lib/chicken/11/srfi-4.import.so
/usr/lib/chicken/11/chicken.load.import.so
/usr/lib/chicken/11/chicken.blob.import.so
/usr/lib/chicken/11/chicken.time.posix.import.so
/usr/lib/chicken/11/chicken.file.posix.import.so
/usr/lib/chicken/11/chicken.flonum.import.so
/usr/lib/chicken/11/chicken.condition.import.so
/usr/lib/chicken/11/chicken.pretty-print.import.so
/usr/lib/chicken/11/types.db
/usr/lib/chicken/11/chicken.foreign.import.so
/usr/lib/chicken/11/chicken.repl.import.so
/usr/lib/chicken/11/chicken.pathname.import.so
/usr/lib/chicken/11/chicken.sort.import.so
/usr/lib/chicken/11/chicken.keyword.import.so
/usr/lib/chicken/11/chicken.process.signal.import.so
/usr/lib/chicken/11/chicken.platform.import.so
/usr/lib/chicken/11/chicken.base.import.so
/usr/lib/chicken/11/chicken.syntax.import.so
/usr/lib/chicken/11/chicken.file.import.so
/usr/lib/chicken/11/chicken.memory.import.so
/usr/lib/chicken/11/chicken.gc.import.so
/usr/lib/chicken/11/chicken.io.import.so
/usr/lib/chicken/11/chicken.memory.representation.import.so
/usr/lib/chicken/11/chicken.process.import.so
/usr/lib/chicken/11/chicken.plist.import.so
/usr/lib/chicken/11/chicken.string.import.so
/usr/lib/chicken/11/chicken.errno.import.so
/usr/lib/chicken/11/chicken.format.import.so
/usr/lib/chicken/11/chicken.eval.import.so
/usr/lib/chicken/11/chicken.irregex.import.so
/usr/lib/chicken/11/chicken.process-context.posix.import.so
/usr/lib/chicken/11/chicken.read-syntax.import.so
/usr/lib/chicken/11/chicken.csi.import.so
/usr/lib/chicken/11/chicken.locative.import.so
/usr/bin/csi
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Alexandru Ardelean [Tue, 15 Mar 2022 12:39:14 +0000 (14:39 +0200)]
python-asn1crypto: drop package
I can't seem to see any package that needs it.
This was added for cryptography, since it was needed up to version 2.7
asn1-crypto doesn't have a user since commit
9d892e3cf88bd7c5f2c61117df2f3c2fd6c0e960
So, remove it.
Abandoned packaged PR: https://github.com/openwrt/packages-abandoned/pull/23
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Oskari Rauta [Thu, 10 Mar 2022 01:51:30 +0000 (03:51 +0200)]
podman: updates podman package
- add missing runtime depency catatonit
- removed SELinux variant, add config option for it instead, I do not believe we need variant of EVERY SELinux support capable software
- add config option for iptables firewall setup in default cni network config, otherwise skip iptables part (part of nftables transition, use cni-plugins-nft for nftables fw support or better; forget about cni fw completely, instead use openwrt's own as that way your rules for containers do not disappear on firewall restart)
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
Jeffery To [Mon, 7 Mar 2022 16:37:51 +0000 (00:37 +0800)]
python-packages: Remove unused library packages
With the removal of Seafile, these library packages no longer have any
in-repo users. They will be imported into the abandoned packages
repo[1].
[1]: https://github.com/openwrt/packages-abandoned/pull/24
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Jeffery To [Mon, 7 Mar 2022 21:28:38 +0000 (05:28 +0800)]
libevhtp: Remove package
With the removal of Seafile, there are no more in-repo users of this
package. It will be imported into the abandoned packages repo[1].
[1]: https://github.com/openwrt/packages-abandoned/pull/25
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Stijn Tintel [Wed, 16 Mar 2022 00:06:35 +0000 (02:06 +0200)]
chrony: enable LTO
Size difference of the ipk on qoriq:
* chrony: 718571 676886
* chrony-nts: 786960 757064
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Stijn Tintel [Wed, 16 Mar 2022 00:04:43 +0000 (02:04 +0200)]
chrony: enable AUTORELEASE
Enable AUTORELEASE in a separate commit so that the next commit can be
reverted without having to manually re-introduce it.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Florian Eckert [Mon, 13 Dec 2021 13:33:19 +0000 (14:33 +0100)]
libmbim: remove unknown configure option
The configure option --enable-more-warnings and --without-udev are not
recognized by configure.
Buildlog:
configure: WARNING: unrecognized options: --disable-nls,
--enable-more-warnings, --without-udev
Therefore this unkown configure options are removed with this commit.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Mon, 13 Dec 2021 13:11:33 +0000 (14:11 +0100)]
libqmi: remove unknown configure option
The configure option --enable-more-warnings is not recognized by
configure.
Buildlog:
configure: WARNING: unrecognized options: --disable-nls, --enable-more-warnings
Therefore this configure option is removed with this commit.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Philip Prindeville [Tue, 15 Mar 2022 23:59:58 +0000 (17:59 -0600)]
Merge pull request #18056 from pprindeville/isc-dhcp-update-4.4.3
isc-dhcp: Update to 4.4.3
Philip Prindeville [Sun, 13 Mar 2022 21:14:21 +0000 (15:14 -0600)]
isc-dhcp: Update to 4.4.3
Note that on 32-bit ARM with MUSL we don't have Unwind_GetIP() so
we need to disable backtraces.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Philip Prindeville [Tue, 15 Mar 2022 01:52:18 +0000 (19:52 -0600)]
named: don't leak mktemp files on reload
Unless we're using "mktemp -u ..." (not recommended), it will
create the temp file as part of its safety checking. Thus you
should only create the name (file) if you're going to use it,
and always remove it if you have created it.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Michael Heimpold [Tue, 15 Mar 2022 20:24:32 +0000 (21:24 +0100)]
libxml2: update to 2.9.13
This fixes CVE-2022-23308.
Also switch to GNOME as download source and xz tarball.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Philip Prindeville [Tue, 15 Mar 2022 19:56:35 +0000 (13:56 -0600)]
Merge pull request #18061 from pprindeville/isc-dhcp-fix-ddns-updates
isc-dhcp: detect whether ddns transfers are IPv4 only
Philip Prindeville [Tue, 15 Mar 2022 01:40:48 +0000 (19:40 -0600)]
isc-dhcp: detect whether ddns transfers are IPv4 only
If named is configured to not listen on any IPv6 interfaces,
then we should run 'nsupdate' with the '-4' argument.
Also:
* cleanup RFC-1918 address detection;
* don't generate PTR records for domain entries that aren't
RFC-1918 addresses or these will generate NOTAUTH failures;
We're assuming that we're doing DNS split-horizon and that
internal addresses aren't routable.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Philip Prindeville [Tue, 15 Mar 2022 19:25:08 +0000 (13:25 -0600)]
Merge pull request #18069 from pprindeville/isc-dhcp-dont-leak-mktemp-files
isc-dhcp: don't leak mktemp files
Philip Prindeville [Tue, 15 Mar 2022 18:39:16 +0000 (12:39 -0600)]
isc-dhcp: don't leak mktemp files
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Daniel Golle [Tue, 15 Mar 2022 18:32:32 +0000 (18:32 +0000)]
gnunet: improve init script
Ensure correct ownership of /etc/gnunet.
Quote variables and more or less make shellcheck happy.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Engberg [Tue, 15 Mar 2022 10:25:31 +0000 (11:25 +0100)]
Merge pull request #18063 from turris-cz/netdata-disable-liblz4
netdata: disable LZ4 compression support
Josef Schlehofer [Tue, 15 Mar 2022 09:51:42 +0000 (10:51 +0100)]
netdata: disable LZ4 compression support
To avoid unnecessary dependency, let's disable it for now.
LZ4 can be also used for DB engine and HTTPS
Fixes:
Package netdata is missing dependencies for the following libraries:
liblz4.so.1
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Daniel Golle [Tue, 15 Mar 2022 02:39:52 +0000 (02:39 +0000)]
gnunet: depend on 'uci-firewall' instead of 'firewall'
To allow using gnunet on systems with firewall4, add replace direct
dependency on 'firewall' with 'uci-firewall' which is satisfied by
either 'firewall' or 'firewall4'.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Etienne Champetier [Mon, 14 Mar 2022 04:43:51 +0000 (00:43 -0400)]
shorewall6-lite: add @IPV6 to DEPENDS
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
Etienne Champetier [Mon, 14 Mar 2022 04:42:16 +0000 (00:42 -0400)]
shorewall6: add @IPV6 to DEPENDS
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
Florian Eckert [Mon, 14 Mar 2022 12:24:51 +0000 (13:24 +0100)]
Merge pull request #18058 from TDT-AG/pr/
20220314-keepalived
keepalived: enable nftables filtering
Florian Eckert [Tue, 8 Mar 2022 13:52:37 +0000 (14:52 +0100)]
keepalived: enable nftables filtering
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Mon, 14 Mar 2022 10:34:10 +0000 (11:34 +0100)]
mwan3: update version to 2.11.0
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Josef Schlehofer [Mon, 14 Mar 2022 09:03:31 +0000 (10:03 +0100)]
Merge pull request #18002 from BKPepe/haproxy-conflicts
haproxy: Makefile polishing and add conflict to SSL/non-SSL variant
Florian Eckert [Tue, 8 Mar 2022 11:52:11 +0000 (12:52 +0100)]
mwan3: dump iptables and ipset command for debugging
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Tue, 8 Mar 2022 10:51:02 +0000 (11:51 +0100)]
mwan3: unify error messages
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Tue, 8 Mar 2022 10:04:21 +0000 (11:04 +0100)]
mwan3: add sleep to release ipset reference
It turns out that under high system load, ipsets cannot be deleted. This
is because there is still a reference in iptables. A short sleep should
give the system time to clean this up.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Tue, 8 Mar 2022 10:03:08 +0000 (11:03 +0100)]
mwan3: remove not needed ipset del cmd
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Tue, 1 Mar 2022 07:58:32 +0000 (08:58 +0100)]
mwan3: Split ipsets into separate ipv4 and ipv6 sets
Nft does not directly support ipsets, nft sets must be used instead.
The mwan3 uses ipsets for certain tasks. They can be combinded. So called
an ipset of ipsets. This list type is not available in nft. So that
mwan3 could be ported to nft in the feature, the ipset handling should be
split. So we have for each ipset an iptables rule.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Fri, 25 Feb 2022 15:17:39 +0000 (16:17 +0100)]
mwan3: use mwan3_push_update function for mwan3_delete_iface_iptables
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Fri, 25 Feb 2022 15:04:09 +0000 (16:04 +0100)]
mwan3: remove ipset generation from mwan3_set_general_iptables
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Fri, 25 Feb 2022 15:02:49 +0000 (16:02 +0100)]
mwan3: use sticky ipset generation mwan3_push_update pattern
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Fri, 25 Feb 2022 14:58:49 +0000 (15:58 +0100)]
mwan3: do not create dynamic ipset for IPv6 if not supported
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Fri, 25 Feb 2022 11:04:57 +0000 (12:04 +0100)]
mwan3: do not add mwan3_custom_v6 set if ipv6 is not available
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Thu, 24 Feb 2022 11:59:31 +0000 (12:59 +0100)]
mwan3: use also ipset restore for connected ipv4 sets
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Tue, 8 Mar 2022 09:15:04 +0000 (10:15 +0100)]
mwan3: move command definitions to common.sh
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Wed, 23 Feb 2022 11:20:26 +0000 (12:20 +0100)]
mwan3: update iptables dependencies
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Daniel Golle [Sun, 13 Mar 2022 23:48:28 +0000 (23:48 +0000)]
auc: don't segfault on invalid URL
Show error message instead of segfaulting in case of an invalid URL
being read from UCI config.
Fixes: #17971
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Etienne Champetier [Sun, 13 Mar 2022 16:37:32 +0000 (12:37 -0400)]
Merge pull request #18052 from
1715173329/va
v2raya: add iptables as dependency
Tianling Shen [Tue, 8 Mar 2022 06:02:27 +0000 (14:02 +0800)]
v2raya: add iptables as dependency
This package requires to use iptables (no matter which variant).
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Daniel Golle [Sun, 13 Mar 2022 01:29:49 +0000 (01:29 +0000)]
gnunet: update to version 0.16.1
* OPUS and Pulse can be configured nicely by default now, no longer
need a local patch for that
* mysql version checks fail when cross-compiling, add patch to remove
them and always assume MySQL >8.0.
* Package new services, communicators, ...
This is a new major release. It breaks protocol compatibility with the
0.15.x versions. Please be aware that Git master is thus henceforth
(and has been for a while) INCOMPATIBLE with the 0.15.x GNUnet network,
and interactions between old and new peers will result in issues.
0.15.x peers will be able to communicate with Git master or 0.16.x
peers, but some services - in particular GNS - will not be compatible.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Rosen Penev [Thu, 10 Mar 2022 23:17:45 +0000 (15:17 -0800)]
treewide: remove rpath-link
Most usages seem to be outdated and fixed a long time ago.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Josef Schlehofer [Sat, 12 Mar 2022 05:50:54 +0000 (06:50 +0100)]
Merge pull request #18041 from turris-cz/syslog-ng-bump
syslog-ng: update to version 3.36.1 and add test.sh
Oskari Rauta [Mon, 7 Mar 2022 07:42:31 +0000 (09:42 +0200)]
catatonit: add new package
podman uses catatonit now for container init, so new package for
catatonit is required.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
Florian Eckert [Fri, 11 Mar 2022 07:47:44 +0000 (08:47 +0100)]
Merge pull request #18042 from nwidger/delve-1.8.2
delve: Update to 1.8.2
Rosen Penev [Fri, 11 Mar 2022 04:49:02 +0000 (20:49 -0800)]
softethervpn: remove rpath hack
This was needed when readline was a shared library. Now that it's
static, this can be removed.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Tianling Shen [Thu, 10 Mar 2022 12:08:35 +0000 (20:08 +0800)]
yq: Update to 4.22.1
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Niels Widger [Thu, 10 Mar 2022 15:50:46 +0000 (10:50 -0500)]
delve: Update to 1.8.2
See https://github.com/go-delve/delve/blob/master/CHANGELOG.md for
changes.
Signed-off-by: Niels Widger <niels@qacafe.com>
Josef Schlehofer [Thu, 10 Mar 2022 15:20:22 +0000 (16:20 +0100)]
Merge pull request #16339 from paper42/netdata-1.31
netdata: update to version 1.33.1
Josef Schlehofer [Thu, 10 Mar 2022 15:19:19 +0000 (16:19 +0100)]
syslog-ng: update to version 3.36.1
- Bump version in config file
Release notes:
https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-3.36.1
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Rosen Penev [Wed, 9 Mar 2022 05:16:04 +0000 (21:16 -0800)]
gerbera: update to 1.10.0
Backport some bug fixes.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Wed, 9 Mar 2022 05:02:35 +0000 (21:02 -0800)]
pugixml: update to 1.12.1
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Wed, 9 Mar 2022 05:03:29 +0000 (21:03 -0800)]
libnpupnp: update to 4.2.1
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Wed, 9 Mar 2022 05:03:02 +0000 (21:03 -0800)]
libmicrohttpd: update to 0.9.75
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Wed, 9 Mar 2022 05:02:02 +0000 (21:02 -0800)]
expat: update to 2.4.7
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Michal Vasilek [Thu, 3 Mar 2022 15:30:16 +0000 (16:30 +0100)]
netdata: update to version 1.33.1
- Switch to upstream's release tarball
Requires to add PKG_BUILD_DIR since netdata is extracted to the folder
netdata-v1.33.1 instead of the previous solution where there was
missing v
- Disable anomaly detection by default
This avoids adding a new dependencies to netdata
Fixes:
Package netdata is missing dependencies for the following libraries:
libatomic.so.1
libstdc++.so.6
- Add FreeBSD patch to have smaller package and to avoid clutter in
WebUI
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
[add commit message, add FreeBSD patch]
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Tianling Shen [Wed, 9 Mar 2022 13:48:32 +0000 (21:48 +0800)]
dnsproxy: Update to 0.41.4
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Kuan-Yi Li [Thu, 3 Mar 2022 18:47:14 +0000 (02:47 +0800)]
modemmanager: bump to 1.18.6
Remove upstreamed patch.
Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
Kuan-Yi Li [Thu, 3 Mar 2022 18:44:38 +0000 (02:44 +0800)]
libmbim: bump to 1.26.2
Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
Kuan-Yi Li [Thu, 3 Mar 2022 18:44:22 +0000 (02:44 +0800)]
libqmi: bump to 1.30.4
Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
Kuan-Yi Li [Thu, 3 Mar 2022 18:38:07 +0000 (02:38 +0800)]
libqrtr-glib: bump to 1.2.2
Builds are now done from git repository based on release tag. [1][2]
Switch to meson as GNU autotools based build is no longer supported. [2]
Update SPDX license identifier [3] and switch to AUTORELEASE to avoid
manual increments.
[1] https://www.freedesktop.org/software/libqmi/libqrtr-glib-RELEASES-README
[2] https://lists.freedesktop.org/archives/libqmi-devel/2021-November/003721.html
[3] https://gitlab.freedesktop.org/mobile-broadband/libqrtr-glib/-/tree/1.2.2#license
Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
James White [Sat, 5 Mar 2022 08:14:27 +0000 (08:14 +0000)]
adguardhome: Update adguardhome to v0.107.5
Signed-off-by: James White <james@jmwhite.co.uk>
Thibaut VARÈNE [Mon, 7 Mar 2022 12:02:15 +0000 (13:02 +0100)]
coova-chilli: remove kmod dep on binary package
There is no reason for the kmod to depend on the binary package
itself, neither for building nor for installing.
That dependency prevents phase1 from building the kmod even though
support is enabled in the binary.
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
Erwan MAS [Sat, 5 Mar 2022 21:00:21 +0000 (16:00 -0500)]
tinc: add creation of hosts directory for each network configuration
Signed-off-by: Erwan MAS <erwan@mas.nom.fr>
projects / feed / packages.git / log