feed/packages.git
4 years agocgi-io: implement exec action
Jo-Philipp Wich [Fri, 13 Dec 2019 08:08:51 +0000 (09:08 +0100)]
cgi-io: implement exec action

Implement a new "cgi-exec" applet which allows to invoke remote commands
and stream their stdandard output back to the client via HTTP. This is
needed in cases where large amounts of data or binary encoded contents
such as tar archives need to be transferred, which are unsuitable to be
transported via ubus directly.

The exec call is guarded by the same ACL semantics as rpcd's file plugin,
means in order to be able to execute a command remotely, the ubus session
identified by the given session ID must have read access to the "exec"
function of the "cgi-io" scope and an explicit "exec" permission rule for
the invoked command in the "file" scope.

In order to initiate a transfer, a POST request in x-www-form-urlencoded
format must be sent to the applet, with one field "sessionid" holding
the login session and another field "command" specifiying the commandline
to invoke.

Further optional fields are "filename" which - if present - will cause
the download applet to set a Content-Dispostition header and "mimetype"
which allows to let the applet respond with a specific type instead of
the default "application/octet-stream".

Below is an example for the required ACL rules to grant exec access to
both the "date" and "iptables" commands. The "date" rule specifies the
base name of the executable and thus allows invocation with arbitrary
parameters while the latter "iptables" rule merely allows one specific
set of arguments which must appear exactly in the given order.

    ubus call session grant '{
        "ubus_rpc_session": "...",
        "scope": "cgi-io",
        "objects": [
            [ "exec", "read" ]
        ]
    }'

    ubus call session grant '{
        "ubus_rpc_session": "...",
        "scope": "file",
        "objects": [
            [ "/bin/date", "exec" ],
            [ "/usr/sbin/iptables -n -v -L", "exec" ]
        ]
   }'

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit b2a890f6adb9014a6db38c0b4231c42598a8512d)

4 years agoMerge pull request #10809 from etactica/mb-1907
Michael Heimpold [Tue, 17 Dec 2019 19:31:53 +0000 (20:31 +0100)]
Merge pull request #10809 from etactica/mb-1907

[19.07] libmodbus update to 3.1.6

4 years agolibmodbus: update to 3.1.6 10809/head
Michael Heimpold [Sun, 15 Sep 2019 09:09:48 +0000 (11:09 +0200)]
libmodbus: update to 3.1.6

Also fix the license information: in older versions the test programs
were GPL 3 licensed, but meanwhile it changed to BSD license.
But since this package only packages the library itself, we can
safely focus only on the LGPL here which covers the library itself.

While at, fix a minor nitpick during library symlink installation.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
4 years agotor: update to 0.4.1.6
Jan Pavlinec [Mon, 16 Dec 2019 17:37:08 +0000 (19:37 +0200)]
tor: update to 0.4.1.6

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry picked from commit 390da39191736111516848af9687749f55cedb24)

4 years agotor: update to version 0.4.1.5
Jan Pavlinec [Fri, 23 Aug 2019 12:23:11 +0000 (14:23 +0200)]
tor: update to version 0.4.1.5

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry picked from commit 1ac69ffc594fc8e3692ceb63a2013f909033307c)

4 years agoMerge pull request #10801 from gladiac1337/haproxy-2.0.11-openwrt-19.07
Rosen Penev [Mon, 16 Dec 2019 15:53:20 +0000 (07:53 -0800)]
Merge pull request #10801 from gladiac1337/haproxy-2.0.11-openwrt-19.07

[openwrt-19.07] haproxy: Update HAProxy to v2.0.11

4 years agohaproxy: Update HAProxy to v2.0.11 10801/head
Christian Lachner [Sun, 15 Dec 2019 12:47:37 +0000 (13:47 +0100)]
haproxy: Update HAProxy to v2.0.11

- Update haproxy download URL and hash
- Remove obsolete patches

Signed-off-by: Christian Lachner <gladiac@gmail.com>
4 years agoMerge pull request #10776 from rs/nextdns-1.3.1_19.07
Rosen Penev [Fri, 13 Dec 2019 15:20:57 +0000 (07:20 -0800)]
Merge pull request #10776 from rs/nextdns-1.3.1_19.07

[OpenWRT 19.07] nextdns: update to version 1.3.1

4 years agonextdns: update to version 1.3.1 10776/head
Olivier Poitrey [Fri, 13 Dec 2019 08:49:21 +0000 (00:49 -0800)]
nextdns: update to version 1.3.1

- IPv6 support
- Fix HTTP/2 negociation
- Improve endpoint fallback
- Add support for unencrypted DNS
- Many other fixes and features

Signed-off-by: Olivier Poitrey <rs@nextdns.io>
4 years agocollectd: add vmem uci config
Marcin Jurkowski [Thu, 12 Dec 2019 20:07:29 +0000 (22:07 +0200)]
collectd: add vmem uci config

Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
(cherry picked from commit 3763b238e72c7db69398376007833fd78d67f4a6)

4 years agoadblock: bugfix 3.8.14
Dirk Brenken [Wed, 11 Dec 2019 09:39:10 +0000 (10:39 +0100)]
adblock: bugfix 3.8.14

* fix some whitelist issues (see
https://forum.openwrt.org/t/adblock-support-thread/507/1101)

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 5369d0dbbfc5233ac1f630b93273f40899342cc8)

4 years agonet/pagekitec: Update to 20191211 version
Karl Palsson [Mon, 3 Jun 2019 12:05:55 +0000 (12:05 +0000)]
net/pagekitec: Update to 20191211 version

While outwardly a major update, this mainly pulls in fixes related to
openssl verson changes that ensure this continues running on OpenWrt

Signed-off-by: Karl Palsson <karlp@etactica.com>
4 years agoadblock: bugfix 3.8.13
Dirk Brenken [Tue, 10 Dec 2019 14:01:16 +0000 (15:01 +0100)]
adblock: bugfix 3.8.13

* remove 'ransomware' blocklist by abbuse.ch (discontinued)
  from default adblock config
* fix/switch 'someonewhocares' config to https only
* fix curl download parameters to follow redirects and
  suppress needless output
* made the tmp directory of sort operations configurable,
  set 'adb_sorttmp' accordingly (only supported by 'coreutils-sort')

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 21a85fef22d75b6085ed7ce643a3293214b09e4c)

4 years agomeson: add new package
Andre Heider [Fri, 20 Sep 2019 11:27:21 +0000 (13:27 +0200)]
meson: add new package

This adds a host as well as a target package.

meson.mk is provided to build packages using meson.

Signed-off-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit d83cba79c11a557abb11a0c8ea09bf7c5d6e79ef)

4 years agoninja: add new package
Andre Heider [Fri, 20 Sep 2019 10:23:41 +0000 (12:23 +0200)]
ninja: add new package

This adds a host as well as a target package.

ninja.mk is provided to execute ninja.

The two patches have been taken from upstream to fix compile issues.

Signed-off-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit 5ead78be5a7a60448e37ae3a468f503f162b33bd)

4 years agogolang: Update to 1.13.5
Josef Schlehofer [Sun, 8 Dec 2019 23:41:56 +0000 (00:41 +0100)]
golang: Update to 1.13.5

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 791729cfc06ab6608018c15ce84d7f6e37ba3f5a)

4 years agotransmission: bump PKG_RELEASE
Daniel Golle [Mon, 9 Dec 2019 01:40:23 +0000 (02:40 +0100)]
transmission: bump PKG_RELEASE

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 years agogeth: Update to 1.9.9
Rosen Penev [Sun, 8 Dec 2019 22:33:37 +0000 (14:33 -0800)]
geth: Update to 1.9.9

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from cbcfc7a3e2ca8162dfba12ae805dd247e52522c2)

4 years agogeth: Update to 1.9.6
Rosen Penev [Fri, 1 Nov 2019 01:12:24 +0000 (18:12 -0700)]
geth: Update to 1.9.6

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from c5b7a6958b3fbd69b192cecf781e3051262486f7)

4 years agonnn: Update to version 2.8.1
Josef Schlehofer [Fri, 6 Dec 2019 13:16:12 +0000 (14:16 +0100)]
nnn: Update to version 2.8.1

Removed findutils-xargs dependency due to added busybox support in version 2.8

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 2c22dcd3dc7878817bc788eb8a8de5ae81e9e4ae)

4 years agopython-more-itertools: add new package
Jan Pavlinec [Thu, 31 Oct 2019 12:26:48 +0000 (13:26 +0100)]
python-more-itertools: add new package

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry-picked from 4bade3b2f7448150d6ca210a1bd27b352efe7b42)

4 years agomotion: fix streaming
Stijn Tintel [Sun, 1 Dec 2019 22:08:30 +0000 (00:08 +0200)]
motion: fix streaming

Streaming was broken since version 4.2. Backport upstream fix.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry-picked from 34718f5c1daac7691c2039a443a45ae000d4da5b)

4 years agomotion: add basic procd init script
Stijn Tintel [Tue, 4 Dec 2018 22:53:00 +0000 (00:53 +0200)]
motion: add basic procd init script

Disable the init script by default to avoid log pollution; motion is
very verbose when it cannot open the configured camera.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry-picked from eaa1d5aa18b28cf354a9c481eb036b317d1a7591)

4 years agomotion: Update to 4.2.2
Rosen Penev [Fri, 13 Sep 2019 20:11:07 +0000 (13:11 -0700)]
motion: Update to 4.2.2

Removed webp support. motion picks it up now that it's in the tree.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 1236cab60de25760aaaf85ed8b3b79f7c7f1b811)

4 years agoMerge pull request #10682 from hnyman/collectd-backport
Hannu Nyman [Wed, 4 Dec 2019 17:52:16 +0000 (19:52 +0200)]
Merge pull request #10682 from hnyman/collectd-backport

[19.07] Collectd: backport changes from master to 19.07

4 years agomosquitto: bump to version 1.6.8
Karl Palsson [Tue, 3 Dec 2019 13:07:22 +0000 (13:07 +0000)]
mosquitto: bump to version 1.6.8

This is a bugfix release.
Full changelog available at:
https://mosquitto.org/blog/2019/11/version-1-6-8-released/

Many smaller fixes in various areas, nothing particularly standout as of
special interest to OpenWrt.

Signed-off-by: Karl Palsson <karlp@etactica.com>
4 years agoMerge pull request #10697 from jefferyto/byobu-1.130-openwrt-19.07
Rosen Penev [Mon, 2 Dec 2019 21:29:42 +0000 (13:29 -0800)]
Merge pull request #10697 from jefferyto/byobu-1.130-openwrt-19.07

[openwrt-19.07] byobu: Update to 5.130

4 years agognutls: fixed pkg-hash to the right one
Nikos Mavrogiannopoulos [Mon, 2 Dec 2019 16:41:50 +0000 (17:41 +0100)]
gnutls: fixed pkg-hash to the right one

Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
4 years agoopenconnect: updated to 8.05
Nikos Mavrogiannopoulos [Mon, 2 Dec 2019 16:26:55 +0000 (17:26 +0100)]
openconnect: updated to 8.05

Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
4 years agognutls: updated to 3.6.11
Nikos Mavrogiannopoulos [Mon, 2 Dec 2019 16:11:39 +0000 (17:11 +0100)]
gnutls: updated to 3.6.11

Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
4 years agobyobu: Update to 5.130 10697/head
Jeffery To [Mon, 2 Dec 2019 13:15:41 +0000 (21:15 +0800)]
byobu: Update to 5.130

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from 51a047b96fe6e7e2830e3ef8b442cfa4306e261d)

4 years agobyobu: Update to 5.129
Jeffery To [Fri, 14 Jun 2019 18:53:59 +0000 (02:53 +0800)]
byobu: Update to 5.129

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from 492cbd53cb46e0817f13c8f0a5317745a620715a)

4 years agonano: update to 4.6
Hannu Nyman [Sun, 1 Dec 2019 12:18:08 +0000 (14:18 +0200)]
nano: update to 4.6

Update nano editor to version 4.6

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 421dae85a3525f9772bbada523758490a926be3c)

4 years agobanip: update 0.3.11
Dirk Brenken [Sat, 30 Nov 2019 16:26:41 +0000 (17:26 +0100)]
banip: update 0.3.11

* fix ssh daemon autodetection
* fix 'sshd' logfile parsing

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit e97f350a00e120037f9d00b669fdd8bde00ea12d)

4 years agocollectd: update to 5.10.0 10682/head
Hannu Nyman [Sat, 30 Nov 2019 17:19:10 +0000 (19:19 +0200)]
collectd: update to 5.10.0

Update collectd to 5.10.0
* leave new plugins as disabled for now (procevent, sysevent)
* refresh patches. Remove unenecessary version fix

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry-picked for 19.07. PKG_RELEASE=2 as cpufreq was already backported)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
4 years agocollectd: adjust reaction to ntp time at boot time
Hannu Nyman [Sun, 3 Nov 2019 15:48:11 +0000 (17:48 +0200)]
collectd: adjust reaction to ntp time at boot time

Adjust the reaction to a polling interval timestamp that references
to a past time.

Past timestamps can happen when ntpd adjusts router's time after network
connectivity is obtained after boot. Collectd shows warnings for each plugin
as it tries to enter new values with the same timestamp as the previous one.

This patch adjusts the next polling time to be now+2 seconds for the main
loop and for the plugin-specific read loops. That avoids the warnings, but
does not overreact in case there are shorter polling intervals or the time
gets adjusted for other reasons.

Additionally some debug statements are aded, but they are visible only
when --enable-debug configure option is used in Makefile.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry-picked for 19.07)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
4 years agocollectd: update to 5.9.2
Hannu Nyman [Wed, 9 Oct 2019 17:56:21 +0000 (20:56 +0300)]
collectd: update to 5.9.2

Update collectd to 5.9.2

Mainly bug fixes:
https://github.com/collectd/collectd/blob/dfb9dd09fe3a6864c8cf85eb92e826c289e6d6d2/ChangeLog

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry-picked for 19.07)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
4 years agocollectd: bump PKG_PACKAGE version
Florian Eckert [Fri, 20 Sep 2019 14:12:26 +0000 (16:12 +0200)]
collectd: bump PKG_PACKAGE version

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry-picked for 19.07)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
4 years agocollectd: add reload and service trigger
Florian Eckert [Fri, 20 Sep 2019 13:46:53 +0000 (15:46 +0200)]
collectd: add reload and service trigger

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry-picked for 19.07)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
4 years agocollectd: add logfile plugin definitions
Florian Eckert [Fri, 20 Sep 2019 13:21:36 +0000 (15:21 +0200)]
collectd: add logfile plugin definitions

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry-picked for 19.07)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
4 years agocollectd: add iptables uci config
Florian Eckert [Tue, 17 Sep 2019 08:08:01 +0000 (10:08 +0200)]
collectd: add iptables uci config

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry-picked for 19.07)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
4 years agocollectd: add network uci config
Florian Eckert [Mon, 16 Sep 2019 13:48:02 +0000 (15:48 +0200)]
collectd: add network uci config

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry-picked for 19.07)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
4 years agocollectd: add curl uci config
Florian Eckert [Mon, 16 Sep 2019 12:55:17 +0000 (14:55 +0200)]
collectd: add curl uci config

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry-picked for 19.07)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
4 years agocollectd: add apcups uci config
Florian Eckert [Mon, 16 Sep 2019 12:27:47 +0000 (14:27 +0200)]
collectd: add apcups uci config

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry-picked for 19.07)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
4 years agocollectd: add new memory config values
Florian Eckert [Fri, 13 Sep 2019 10:50:26 +0000 (12:50 +0200)]
collectd: add new memory config values

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry-picked for 19.07)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
4 years agocollectd: add new cpu config values
Florian Eckert [Fri, 13 Sep 2019 10:50:15 +0000 (12:50 +0200)]
collectd: add new cpu config values

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry-picked for 19.07)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
4 years agocollectd: use uname to get default Hostname
Yousong Zhou [Fri, 9 Aug 2019 13:08:39 +0000 (13:08 +0000)]
collectd: use uname to get default Hostname

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry-picked for 19.07)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
4 years agocollectd: log stderr output
Yousong Zhou [Fri, 9 Aug 2019 03:10:08 +0000 (03:10 +0000)]
collectd: log stderr output

Collectd without log type plugin loaded will write log lines to stderr.

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry-picked for 19.07)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
4 years agocollectd: enable threshold plugin
Florian Eckert [Fri, 8 Feb 2019 13:52:23 +0000 (14:52 +0100)]
collectd: enable threshold plugin

The only action the Threshold plugin takes itself is to generate and
dispatch a notification. Other plugins can register to receive
notifications and perform appropriate further actions.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry-picked for 19.07, line numbers adjusted)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
4 years agocollectd: move jshn.sh include to remove warning
Florian Eckert [Wed, 3 Jul 2019 08:08:44 +0000 (10:08 +0200)]
collectd: move jshn.sh include to remove warning

Redmine-patch-id: 3680
If I build an image with the imagebuilder I get the following output
during image building:

../root-x86/etc/init.d/collectd: line 4: /usr/share/libubox/jshn.sh:
No such file or directory

To remove this messsage move include to the needed postion, so that the
message does not occur during image building on the host system anymore.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry-picked, modified to match 19.07)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
4 years agocollectd: enable cpufreq module for ipq40xx and brcm2708_bcm2709
Hannu Nyman [Sat, 30 Nov 2019 11:01:21 +0000 (13:01 +0200)]
collectd: enable cpufreq module for ipq40xx and brcm2708_bcm2709

As some ipq40xx CPUs support frequency scaling, enable building
collectd-mod-cpufreq for ipq40xx (for private builds) and
its package architecture brcm2708_bcm2709 (for buildbot)

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 5e0d5c9c7fd9d6637af0c3443e495f7492e19460)

5 years agoMerge pull request #10676 from gladiac1337/haproxy-2.0.10-openwrt-19.07
Hannu Nyman [Fri, 29 Nov 2019 15:29:01 +0000 (17:29 +0200)]
Merge pull request #10676 from gladiac1337/haproxy-2.0.10-openwrt-19.07

[openwrt-19.07] haproxy: Update HAProxy to v2.0.10

5 years agohaproxy: Update HAProxy to v2.0.10 10676/head
Christian Lachner [Thu, 28 Nov 2019 06:51:55 +0000 (07:51 +0100)]
haproxy: Update HAProxy to v2.0.10

- Update haproxy download URL and hash
- Add new patches (see https://www.haproxy.org/bugs/bugs-2.0.10.html)
- This fixes CVE-2019-19330 (See: https://nvd.nist.gov/vuln/detail/CVE-2019-19330)

Signed-off-by: Christian Lachner <gladiac@gmail.com>
5 years agotransmission: sync with master branch
Daniel Golle [Thu, 28 Nov 2019 17:38:11 +0000 (18:38 +0100)]
transmission: sync with master branch

Fixes to init-script were not cherry-picked properly, sync it with
version found in master branch.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
5 years agoMerge pull request #10646 from Andy2244/softethervpn5-9672_19.07
Rosen Penev [Tue, 26 Nov 2019 22:23:50 +0000 (14:23 -0800)]
Merge pull request #10646 from Andy2244/softethervpn5-9672_19.07

[19.07] softethervpn5: update to 5.01.9672

5 years agoluasrcdiet: add package (moved from luci-base package)
Matthias Schiffer [Sat, 23 Nov 2019 12:39:45 +0000 (13:39 +0100)]
luasrcdiet: add package (moved from luci-base package)

We use luasrcdiet in Gluon as well. Move it from the luci feed to packages.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit 46d68b869951854206b0c95423480881d3356c90)

5 years agosoftethervpn5: update to 5.01.9672 10646/head
Andy Walsh [Tue, 26 Nov 2019 14:50:20 +0000 (15:50 +0100)]
softethervpn5: update to 5.01.9672

* 5.01.9672 release
* Cedar: handle UDP acceleration and R-UDP versions
* Mayaqua: implement R-UDP version 2, powered by ChaCha20-Poly1305
* Cedar: implement UDP acceleration version 2, powered by ChaCha20-Poly1305
* Cedar: serve new web management interface
* Cedar: implement detailed protocol info
* Mayaqua: add Windows Server 2019 to the supported operating systems list
* Cedar: various fixes
* Cedar: add "DisableIPsecAggressiveMode" option
* Make install dir for unit files configurable
* Protocol.c: adapt ClientConnectGetSocket() for new proxy functions
* Wpc.c: adapt WpcSockConnectEx() for new proxy functions
* Protocol: add ProxyCodeToCedar()
* Move generic proxy stuff from Cedar to Mayaqua
* Proto_OpenVPN.c: improve OvsProcessData(), fix out-of-bounds access found by Coverity
* Proto_OpenVPN.c: fix segmentation fault in OvsProceccRecvPacket()
* Addressing the UDP reflection amplification attack: https://github.com/SoftEtherVPN/SoftEtherVPN/issues/1001
* Mayaqua.h: include <stdarg.h> for "va_list" on Illumos
* Protocol.c: fix bug in ClientConnectGetSocket() causing custom HTTP header not to work
* Mayaqua: move HTTP functions from "Network" to "HTTP"
* Move GetMimeTypeFromFileName() and related structure to Mayaqua
* Mayaqua.h: include <stdio.h> for "FILE"
* Mayaqua.h: include <stddef.h>, for "wchar_t"
* Bump mixin-deep in /src/bin/hamcore/wwwroot/admin/default
* - Fixed the problem occurs when RPC messages between Cluster Members exceed 64Kbytes. - Fixed the RADIUS PEAP client to use the standard TLS versioning. - Implementation of a function to fix the MAC address of L3 VPN protocol by entering e.g. "MAC: 112233445566" in the "Notes" field of the user information. - Implementation of a function to fix the virtual MAC address to be assigned to the L3 VPN client as a string attribute from RADIUS server when authentication.
* Updating built-in Win32 libraries - OpenSSL 1.1.1 -> 1.1.1d - zlib 1.2.3 -> 1.2.11
* Update strtable_cn.stb
* Avoid using hardcoded paths in log file enumeration
* Fix buffer overflow during NETBIOS name resolution
* Update SEVPN.sln
* Create strtable_pt_br.stb
* ci: display error if vpntest failed
* Fix several compile warnings on MS VC++ 2008.
* Enables crash minidump for Win32 vpntest. Minidump files will be saved to the 'C:\Users\<username>\AppData\Local\Temp\vpn_debug' (for normal user) or 'src\bin\vpn_debug\' (for administrator user).
* OpenVPN: use new protocol interface
* Add interface for easy protocol implementation
* add "no-deprecated" to openssl builds "no-deprecated" is widely used in openwrt devices
* Fix LibreSSL support
* Switch to OpenSSL THREADID API
* travis-ci: update openssl, libressl
* enable sonar-scan in travis-ci builds
* Virtual: fix race condition in DHCP server which resulted in multiple clients receiving the same IP
* Mayaqua: Fix compilation without deprecated OpenSSL APIs
* Mayaqua: Replace GNU specific sys/poll.h header with POSIX poll.h
* systemd: replace deprecated CAP_SYS_ADMIN with CAP_SYSLOG

Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
5 years agoMerge pull request #10638 from Andy2244/cifsd-tools_update-2019-11-25_19.07
Rosen Penev [Tue, 26 Nov 2019 04:15:21 +0000 (20:15 -0800)]
Merge pull request #10638 from Andy2244/cifsd-tools_update-2019-11-25_19.07

cifsd-tools: update to git (2019-11-25) [19.07]

5 years agoMerge pull request #10631 from jefferyto/python-pyopenssl-19.1.0-openwrt-19.07
Rosen Penev [Mon, 25 Nov 2019 19:14:29 +0000 (11:14 -0800)]
Merge pull request #10631 from jefferyto/python-pyopenssl-19.1.0-openwrt-19.07

[openwrt-19.07] python-pyopenssl: Update to 19.1.0

5 years agocifsd-tools: update to git (2019-11-25) 10638/head
Andy Walsh [Mon, 25 Nov 2019 14:15:47 +0000 (15:15 +0100)]
cifsd-tools: update to git (2019-11-25)

* cifsd-tools: fix Assignment of a signed value which has type 'long'
* init: convert hide_dot_files to yes/no option
* 'read only = no' seems bugged for cifsd/smb.conf, so fix via 'writeable = yes'

Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
5 years agoadblock: update 3.8.12
Dirk Brenken [Sat, 23 Nov 2019 12:44:54 +0000 (13:44 +0100)]
adblock: update 3.8.12

* fix possible dns restart issue with DNS File Reset (race condition)

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 219abdc5a13cfe7b4c1e567c586d992f03e2d73f)

5 years agotransmission: Disable webseeding
Rosen Penev [Mon, 25 Nov 2019 03:01:58 +0000 (19:01 -0800)]
transmission: Disable webseeding

It causes 100% CPU usage in certain situations. Just disable it.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 6d9ee2ec86a461bbc976eaf7f97490657dc97e5c)

5 years agotransmission: Fix tracker issue with some firewalls
Rosen Penev [Mon, 9 Sep 2019 01:39:33 +0000 (18:39 -0700)]
transmission: Fix tracker issue with some firewalls

Some firewalls mandate a minimum size of 4k for SYN packets, which
transmission does not do by default. Upstream issue here:

https://github.com/transmission/transmission/issues/964

Cleanup:

Fixed license info.

Removed two unnecessary patches.

Ran shell script through shellcheck.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 730a1697fed07269a3cca7c90878b50d3ef26465)

5 years agophp7: Update to version 7.2.25
Josef Schlehofer [Sat, 23 Nov 2019 19:11:57 +0000 (20:11 +0100)]
php7: Update to version 7.2.25

- Fixes CVE-2019-11043

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 9bc48abd2ae6e23907d2ccb07bdaed1b6345da64)

5 years agophp7: mark /etc/config/php7-fastcgi as conffile
W. Michael Petullo [Sat, 19 Oct 2019 22:13:41 +0000 (18:13 -0400)]
php7: mark /etc/config/php7-fastcgi as conffile

Signed-off-by: W. Michael Petullo <mike@flyn.org>
(cherry picked from commit 5bc9bb04c5d19ea679a687f6731457e7492d4744)

5 years agophp7-mod-xmlreader: add conditional dependency to php7-mod-dom (fixes #10201)
Michael Heimpold [Tue, 15 Oct 2019 22:01:51 +0000 (00:01 +0200)]
php7-mod-xmlreader: add conditional dependency to php7-mod-dom (fixes #10201)

PHP7 fails to load xmlreader.so (php7-mod-xmlreader) module without
dom.so (php7-mod-dom) module loaded:

-snip-
PHP Warning:  PHP Startup: Unable to load dynamic library 'xmlreader.so'
 (tried: /usr/lib/php/xmlreader.so (Error relocating /usr/lib/php/xmlreader.so:
 dom_node_class_entry: symbol not found), /usr/lib/php/xmlreader.so.so (Error
 loading shared library /usr/lib/php/xmlreader.so.so: No such file or
 directory)) in Unknown on line 0
^C
-snap-

However, this dependency only exists when during build also php7-mod-dom
is selected.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit b8c22fc1ec392272235ce78ddc0ddfc40de5037d)

5 years agophp7: bump to 7.2.23
Stefaan Ghysels [Thu, 3 Oct 2019 11:44:23 +0000 (13:44 +0200)]
php7: bump to 7.2.23

Signed-off-by: Stefaan Ghysels <stefaang@gmail.com>
(cherry picked from commit dacda44755b391b7bd09a15ea762ee551f7d2ce6)

5 years agopython-pyopenssl: Update to 19.1.0 10631/head
Jeffery To [Sun, 24 Nov 2019 19:23:26 +0000 (03:23 +0800)]
python-pyopenssl: Update to 19.1.0

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from aff03aee1f4aac7c3598ae3e20dceb5064f72b5a)

5 years agoMerge pull request #10619 from Andy2244/samba4_19.07_22-11-2019
Rosen Penev [Fri, 22 Nov 2019 16:34:04 +0000 (08:34 -0800)]
Merge pull request #10619 from Andy2244/samba4_19.07_22-11-2019

samba4: add UCI option 'disable_async_io' [19.07]

5 years agoMerge pull request #10617 from Andy2244/cifsd_22-11-2019_19.07
Rosen Penev [Fri, 22 Nov 2019 16:27:33 +0000 (08:27 -0800)]
Merge pull request #10617 from Andy2244/cifsd_22-11-2019_19.07

cifsd: update to git (2019-11-22) [19.07]

5 years agosamba4: add UCI option 'disable_async_io' 10619/head
Andy Walsh [Fri, 22 Nov 2019 13:15:12 +0000 (14:15 +0100)]
samba4: add UCI option 'disable_async_io'

* add UCI option 'disable_async_io'
* remove [homes] options

Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
5 years agocifsd: update to git (2019-11-22) 10617/head
Andy Walsh [Fri, 22 Nov 2019 13:09:23 +0000 (14:09 +0100)]
cifsd: update to git (2019-11-22)

cifsd: fix uninitialized fp could be freed
cifsd: fix potential uninitialized spnego_blob could be freed
cifsd: smbd: replace spinlock_irqsave with spinlock
cifsd: smbd: avoid the lack of client's send credits

Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
5 years agobind: update to version 9.14.8 (security fix)
Jan Pavlinec [Thu, 21 Nov 2019 12:13:18 +0000 (13:13 +0100)]
bind: update to version 9.14.8 (security fix)

Fixes CVE-2019-6477

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry-picked from commit 46ca2c7)

5 years agoMerge pull request #10606 from rs/nextdns-1.1.5_19.07
Rosen Penev [Thu, 21 Nov 2019 17:35:50 +0000 (09:35 -0800)]
Merge pull request #10606 from rs/nextdns-1.1.5_19.07

[OpenWRT 19.07] nextdns: Update version 1.1.5 + add per host config option

5 years agonextdns: Update version 1.1.5 + add per host config option 10606/head
Olivier Poitrey [Thu, 21 Nov 2019 10:26:31 +0000 (02:26 -0800)]
nextdns: Update version 1.1.5 + add per host config option

* Update nextdns to version 1.1.5 which adds IPv6 dual stack support.
* Add the ability to configure per host configuration id from uci.

Signed-off-by: Olivier Poitrey <rs@nextdns.io>
5 years agonnn: Add a new package
Josef Schlehofer [Sun, 17 Nov 2019 09:43:58 +0000 (10:43 +0100)]
nnn: Add a new package

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from commit 32cbfce0514ec37fe174a92860c36fc70a91b301)

5 years agounbound: Update to version 1.9.5
Josef Schlehofer [Tue, 19 Nov 2019 23:29:37 +0000 (00:29 +0100)]
unbound: Update to version 1.9.5

Fixes CVE-2019-18934

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from commit 24667753a20250e3df33ffe7f30b063a02ff01ee)

5 years agoMerge pull request #10603 from Andy2244/cifsd-19.07
Rosen Penev [Thu, 21 Nov 2019 00:45:32 +0000 (16:45 -0800)]
Merge pull request #10603 from Andy2244/cifsd-19.07

cifsd: add package cifsd [backport]

5 years agocifsd: add package cifsd [backport] 10603/head
Andy Walsh [Wed, 20 Nov 2019 21:24:29 +0000 (22:24 +0100)]
cifsd: add package cifsd [backport]

* adds cifsd (cifs kernel server) + tools

Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
5 years agoknot: update to version 2.9.1
Jan Hak [Mon, 18 Nov 2019 16:13:17 +0000 (17:13 +0100)]
knot: update to version 2.9.1

Signed-off-by: Jan Hak <jan.hak@nic.cz>
(cherry-picked from commit 559672d)

5 years agoMerge pull request #10586 from commodo/openwrt-19.07-django1
Rosen Penev [Tue, 19 Nov 2019 19:14:34 +0000 (11:14 -0800)]
Merge pull request #10586 from commodo/openwrt-19.07-django1

django: bump to version 1.11.26

5 years agoMerge pull request #10580 from gladiac1337/haproxy-2.0.9-openwrt-19.07
Hannu Nyman [Tue, 19 Nov 2019 17:14:37 +0000 (19:14 +0200)]
Merge pull request #10580 from gladiac1337/haproxy-2.0.9-openwrt-19.07

[openwrt-19.07] haproxy: Update HAProxy to v2.0.9

5 years agotravelmate: update 1.5.3
Dirk Brenken [Mon, 18 Nov 2019 18:28:23 +0000 (19:28 +0100)]
travelmate: update 1.5.3

* some init tweaks
* use the usual wifi wrapper for reloads
* compatibility fix for latest wifi-related changes
  in master (dynamic wireless radio reconfiguration)

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 05c3153bb7ba627f297dd64954fbe321b7617d90)

5 years agodjango: bump to version 1.11.26 10586/head
Alexandru Ardelean [Tue, 19 Nov 2019 08:49:50 +0000 (10:49 +0200)]
django: bump to version 1.11.26

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
5 years agoadblock: update 3.8.11
Dirk Brenken [Sat, 16 Nov 2019 16:36:08 +0000 (17:36 +0100)]
adblock: update 3.8.11

* some more init tweaks
* update/cleanup readme

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit bc299d03f23a8c9d306868de34c191e4bb0ee19c)

5 years agohaproxy: Update HAProxy to v2.0.9 10580/head
Christian Lachner [Sun, 17 Nov 2019 09:23:39 +0000 (10:23 +0100)]
haproxy: Update HAProxy to v2.0.9

- Update haproxy download URL and hash

Signed-off-by: Christian Lachner <gladiac@gmail.com>
5 years agoprometheus-node-exporter-lua: bump version
Etienne Champetier [Mon, 18 Nov 2019 01:33:49 +0000 (17:33 -0800)]
prometheus-node-exporter-lua: bump version

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
(cherry picked from commit 50b825e7faf0f1b5e1a260280fbe6c5b9916bc8d)

5 years agoprometheus-node-exporter-lua: an unavaliable wifi interface may have stopped the...
Zoltan Haindrich [Fri, 4 Oct 2019 15:43:50 +0000 (15:43 +0000)]
prometheus-node-exporter-lua: an unavaliable wifi interface may have stopped the scraper from functioning

Signed-off-by: Zoltan Haindrich <kirk@rxd.hu>
(cherry picked from commit 7bec619f5367110b9e336ef1a65737d37b1f0056)

5 years agoprometheus-node-exporter-lua: respawn the process
Andre Heider [Wed, 2 Jan 2019 14:33:16 +0000 (15:33 +0100)]
prometheus-node-exporter-lua: respawn the process

Signed-off-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit a3af4c36916997d3972272bfd0242bb012783eda)

5 years agoprometheus-node-exporter-lua: add a config reload trigger
Andre Heider [Wed, 2 Jan 2019 14:33:08 +0000 (15:33 +0100)]
prometheus-node-exporter-lua: add a config reload trigger

Signed-off-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit d8e637d064ba62d60649bc11c2fd4b41ff9e7710)

5 years agoprometheus-node-exporter-lua: switch config to openwrt interface names
Andre Heider [Sun, 23 Dec 2018 10:43:25 +0000 (11:43 +0100)]
prometheus-node-exporter-lua: switch config to openwrt interface names

Drop the config knob 'listen_address' and introduce 'listen_interface'
and 'listen_ipv6' instead.

'listen_interface' takes an openwrt interface name ('loopback', 'lan',
'wan' etc, or "*" for all), from which the primary IP is used to listen
on. If 'listen_ipv6' is set to '1', the IPv6 adress will be used, IPv4
elsewise.

procd interface triggers are now combined with this, so if the listen
interface is not yet configured when the init script is executed, the
process start is defered, and the trigger takes care of that once
the interface is ready.

Fixes #7670

Signed-off-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit 48568ad9f9dfca6cecdcf1eabda629d8ccb77f42)

5 years agoMerge pull request #10577 from jefferyto/python-zope-interface-4.7.1-openwrt-19.07
Rosen Penev [Mon, 18 Nov 2019 02:11:45 +0000 (18:11 -0800)]
Merge pull request #10577 from jefferyto/python-zope-interface-4.7.1-openwrt-19.07

[openwrt-19.07] python-zope-interface: Update to 4.7.1, refresh patch

5 years agoMerge pull request #10575 from jefferyto/python-twisted-19.10.0-openwrt-19.07
Rosen Penev [Mon, 18 Nov 2019 02:11:27 +0000 (18:11 -0800)]
Merge pull request #10575 from jefferyto/python-twisted-19.10.0-openwrt-19.07

[openwrt-19.07] python-twisted: Update to 19.10.0, refresh patches

5 years agoMerge pull request #10567 from rs/nextdns-1.1.3_19.07
Rosen Penev [Mon, 18 Nov 2019 01:52:47 +0000 (17:52 -0800)]
Merge pull request #10567 from rs/nextdns-1.1.3_19.07

[19.07] nextdns: update to 1.1.3

5 years agonextdns: update to 1.1.3 10567/head
Olivier Poitrey [Sun, 17 Nov 2019 06:57:53 +0000 (22:57 -0800)]
nextdns: update to 1.1.3

Signed-off-by: Olivier Poitrey <rs@nextdns.io>
5 years agodcwapd: Update init script to use procd
Carey Sonsino [Wed, 13 Nov 2019 18:05:47 +0000 (13:05 -0500)]
dcwapd: Update init script to use procd

consolidate shell scripts into init script
remove "litter" from uci file
update default UCI values

Signed-off-by: Carey Sonsino <careys@edgewaterwireless.com>
Signed-off-by: Carey Sonsino <csonsino@gmail.com>
(cherry-picked from 0d5b50c4b)

5 years agopython-zope-interface: Update to 4.7.1, refresh patch 10577/head
Jeffery To [Sun, 17 Nov 2019 20:45:58 +0000 (04:45 +0800)]
python-zope-interface: Update to 4.7.1, refresh patch

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from 5e8feda04a9b458ce2e61c111ea8256ce7031557)

5 years agoMerge pull request #10573 from jefferyto/python-pyasn1-0.4.8-openwrt-19.07
Hannu Nyman [Sun, 17 Nov 2019 20:44:11 +0000 (22:44 +0200)]
Merge pull request #10573 from jefferyto/python-pyasn1-0.4.8-openwrt-19.07

[openwrt-19.07] python-pyasn1: Update to 0.4.8

5 years agopython-twisted: Update to 19.10.0, refresh patches 10575/head
Jeffery To [Sun, 17 Nov 2019 20:33:26 +0000 (04:33 +0800)]
python-twisted: Update to 19.10.0, refresh patches

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from c56770a570d6e87b0bc06dba5c552f5f35253728)

5 years agopython-pyasn1: Update to 0.4.8 10573/head
Jeffery To [Sun, 17 Nov 2019 20:04:35 +0000 (04:04 +0800)]
python-pyasn1: Update to 0.4.8

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from b99abe8dd8a3c3cd9118e891dd8353802d660ad0)