feed/packages.git
2 years agopcapplusplus: Add new package
Michal Hrusecky [Mon, 15 Nov 2021 10:59:39 +0000 (11:59 +0100)]
pcapplusplus: Add new package

PcapPlusPlus is a multiplatform C++ library for capturing, parsing and
crafting of network packets. It is designed to be efficient, powerful
and easy to use. It provides C++ wrappers for the most popular packet
processing engines such as libpcap, WinPcap, DPDK and PF_RING.

Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
(cherry picked from commit 2d8e396be33463e7ba8df7f1ff3b08d0443e54cb)

2 years agoMerge pull request #17895 from jefferyto/slide-switch-0.9.7-openwrt-21.02
Josef Schlehofer [Fri, 18 Feb 2022 22:43:52 +0000 (23:43 +0100)]
Merge pull request #17895 from jefferyto/slide-switch-0.9.7-openwrt-21.02

[openwrt-21.02] slide-switch: Update to 0.9.7

2 years agovnstat2: update to version 2.9
Jan Hoffmann [Tue, 25 Jan 2022 19:10:09 +0000 (20:10 +0100)]
vnstat2: update to version 2.9

Signed-off-by: Jan Hoffmann <jan@3e8.eu>
(cherry picked from commit 948f0d29ccd825f5370d87549f8977b851db756e)

2 years agovnstat2: add hotplug script for adding interfaces
Jan Hoffmann [Wed, 27 Oct 2021 21:55:28 +0000 (23:55 +0200)]
vnstat2: add hotplug script for adding interfaces

If an interface doesn't exist yet when vnStat is started, it won't be
monitored, as only existing interfaces can be added to the database via
the vnstat command.

This adds a hotplug script which adds any configured interfaces to the
vnStat database when it goes up.

Signed-off-by: Jan Hoffmann <jan@3e8.eu>
(cherry picked from commit f9ea8142601cee5542f9ba0f4e5a24e53ab59a6d)

2 years agovnstat2: fix all interfaces being monitored when none are configured
Jan Hoffmann [Thu, 21 Oct 2021 21:38:58 +0000 (23:38 +0200)]
vnstat2: fix all interfaces being monitored when none are configured

By default, vnstatd adds all available interfaces on startup when its
database is empty. The --noadd option prevents this, but it breaks
import of legacy databases, and causes vnstatd to exit immediately
after startup, which breaks reloading.

This changes the init script to add the --noadd option when no legacy
databases need to be imported, and patches vnstatd to keep running
even when no interfaces are configured.

Signed-off-by: Jan Hoffmann <jan@3e8.eu>
(cherry picked from commit ecae7dedde0ccd2a636e93620ced41bca807d405)

2 years agovnstat2: update to version 2.8
Jan Hoffmann [Fri, 10 Sep 2021 16:25:34 +0000 (18:25 +0200)]
vnstat2: update to version 2.8

Signed-off-by: Jan Hoffmann <jan@3e8.eu>
(cherry picked from commit 73fff7a4ed0687996cc43d7ad4878161b5bd21e5)

2 years agoslide-switch: Update to 0.9.7 17895/head
Jeffery To [Fri, 18 Feb 2022 10:24:33 +0000 (18:24 +0800)]
slide-switch: Update to 0.9.7

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 12930f4ec33dff832bfbb309b1092709ba017797)

2 years agoMerge pull request #17866 from neheb/1
Hauke Mehrtens [Thu, 17 Feb 2022 17:57:20 +0000 (17:57 +0000)]
Merge pull request #17866 from neheb/1

[21.02] ksmbd: update to 3.44

2 years agogolang: Update to 1.17.7, refresh patch
Jeffery To [Mon, 14 Feb 2022 19:31:36 +0000 (03:31 +0800)]
golang: Update to 1.17.7, refresh patch

This includes fixes for:

* CVE-2022-23772: math/big: Rat.SetString may consume large amount of
  RAM and crash

* CVE-2022-23806: crypto/elliptic: IsOnCurve returns true for invalid
  field elements

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 69c53fcb6ce58a23c51cb9c1a403f5843a565f44)

2 years agotvheadend: fix first-run
Marius Dinu [Tue, 15 Feb 2022 20:44:20 +0000 (22:44 +0200)]
tvheadend: fix first-run

The first-run command should create a new tvheadend configuration including an admin account with no name and no password, but it aborts (-A) too early without saving the files. I reported the bug here: https://tvheadend.org/issues/6140
This workaround fixes the problem by removing the tvheadend -A switch and replacing it with a 10s delay and a kill signal. That should be enough even for slow routers to generate and save the configuration. It is meant to be a temporary fix until tvheadend bug is resolved.

Signed-off-by: Marius Dinu <m95d+git@psihoexpert.ro>
2 years agoksmbd-tools: update to 3.4.4
Rosen Penev [Tue, 15 Feb 2022 02:31:34 +0000 (18:31 -0800)]
ksmbd-tools: update to 3.4.4

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 3ffd540b049dd521dd62f43427f61f264396ad97)

2 years agoksmbd-tools: Fix ksmbd service is semi-killed at system startup
Georgi Valkov [Sun, 28 Nov 2021 17:22:56 +0000 (19:22 +0200)]
ksmbd-tools: Fix ksmbd service is semi-killed at system startup

The configuration for the ksmbd service is auto-generated when
the OpenWRT configuration changes, and also during startup,
hence ksmbd.init has to reload the kernel module. It does that by
calling kill_server, which does not perform cleanup. This results
in ksmbd being killed but not restarted properly during boot.
This patch resolves the issue by using stop_service, which performs
proper cleanup.

https://forum.openwrt.org/t/ksmbd-samba3-4-alternative-ex-cifsd-smbd-package-support-thread/51695/68

Signed-off-by: Georgi Valkov <gvalkov@abv.bg>
(cherry picked from commit 4af04cdc05af1e78dab310550fae5bae21d51c8c)

2 years agoksmbd: update to 3.4.4 17866/head
Rosen Penev [Tue, 15 Feb 2022 01:14:15 +0000 (17:14 -0800)]
ksmbd: update to 3.4.4

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 4adeed48797610f9e2304c84b65593c3aedf04e8)

2 years agoksmbd: update to 3.4.2
Marcos Del Sol Vives [Sun, 17 Oct 2021 11:28:51 +0000 (13:28 +0200)]
ksmbd: update to 3.4.2

Signed-off-by: Marcos Del Sol Vives <marcos@orca.pet>
(cherry picked from commit 2b48a6952a4d3283164b2e4df1bdfdc7e4c32fde)

2 years agoksmbd: update to 3.4.1
Rosen Penev [Wed, 11 Aug 2021 23:19:58 +0000 (16:19 -0700)]
ksmbd: update to 3.4.1

Add AUTORELEASE as 19.07 compatibility is not needed.

Add dependency hacks and add comments.

Add upstream patch to get rid of FS_POSIX_ACL requirement.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit c732305ad3f9f282f4601a2418c0f6595a3aa40e)

2 years agodockerd: Update to 20.10.12
Gerard Ryan [Sat, 12 Feb 2022 11:33:51 +0000 (21:33 +1000)]
dockerd: Update to 20.10.12

Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
2 years agodocker: Update to 20.10.12
Gerard Ryan [Sat, 12 Feb 2022 11:32:30 +0000 (21:32 +1000)]
docker: Update to 20.10.12

Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
2 years agoyq: Update to 4.19.1
Tianling Shen [Sun, 6 Feb 2022 11:57:57 +0000 (19:57 +0800)]
yq: Update to 4.19.1

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 4454f8bb3efb4353633e67fc4cfd38d15cf678f6)

2 years agodtc: drop package
Rafał Miłecki [Mon, 3 Jan 2022 12:47:45 +0000 (13:47 +0100)]
dtc: drop package

It has been imported as core package into OpenWrt repository. Its fdtget
is required by sysupgrade on U-Boot devices so it couldn't live in an
extra feed.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit c8d4c89daae4c406f3744ca52c7451fe07c9a59e)

2 years agoknot: update to 3.1.6
Jan Hák [Wed, 9 Feb 2022 13:16:04 +0000 (14:16 +0100)]
knot: update to 3.1.6

Signed-off-by: Jan Hák <jan.hak@nic.cz>
(cherry picked from commit 4de863e418f80cd52293e1ae0de153dcc2cb7141)

2 years agoknot: update to 3.1.5
Jan Hák [Tue, 21 Dec 2021 14:44:57 +0000 (15:44 +0100)]
knot: update to 3.1.5

Signed-off-by: Jan Hák <jan.hak@nic.cz>
(cherry picked from commit 2a56e478f57faad7a4346f5aef843bae517027e7)

2 years agonano: update to 6.1
Hannu Nyman [Wed, 9 Feb 2022 16:26:49 +0000 (18:26 +0200)]
nano: update to 6.1

Update nano to version 6.1.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 717efb8c9622cc73bc8ab1c4ac2e67252b9c4401)

2 years agoxray-core: Update to 1.5.3
Tianling Shen [Fri, 4 Feb 2022 09:34:24 +0000 (17:34 +0800)]
xray-core: Update to 1.5.3

Removed outdated `alterId` in sample config.

Updated geodata to latest version while at it.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit d8d261fe2d728213d60d12c9a247e057926d79d2)

2 years agoruby: update to 3.0.3
Michal Vasilek [Fri, 4 Feb 2022 14:04:17 +0000 (15:04 +0100)]
ruby: update to 3.0.3

* fixes CVE-2021-41817, CVE-2021-41816 and CVE-2021-41819

Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
(cherry picked from commit 51cf0dc2cc4b159bc80b70c90ed1c1abe1f59936)

2 years agoMerge pull request #17812 from stangri/openwrt-21.02
Stan Grishin [Sun, 6 Feb 2022 06:12:14 +0000 (22:12 -0800)]
Merge pull request #17812 from stangri/openwrt-21.02

[21.02] https-dns-proxy: init script refactoring

2 years agohttps-dns-proxy: init script refactoring 17812/head
Stan Grishin [Sun, 6 Feb 2022 05:58:03 +0000 (05:58 +0000)]
https-dns-proxy: init script refactoring

* consolidate dnsmasq config manipulation into one function
* more elegant code for PROCD data processing (Thanks @jow-!)

Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit 88265c4fb93e42e7f96ee555019715e78639f093)

2 years agoslide-switch: Update to 0.9.6
Jeffery To [Fri, 4 Feb 2022 11:22:06 +0000 (19:22 +0800)]
slide-switch: Update to 0.9.6

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit c5e0785795a1810adac661fe7ffe458e6d85d71f)

2 years agoffmpeg: update to version 4.3.3
Josef Schlehofer [Sat, 29 Jan 2022 10:34:56 +0000 (11:34 +0100)]
ffmpeg: update to version 4.3.3

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit a68e9db8d4c3a29c86261cd6bb1933fab1cc3a35)

2 years agotinyionice: add package
Michal Vasilek [Thu, 3 Feb 2022 18:52:50 +0000 (19:52 +0100)]
tinyionice: add package

Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
(cherry picked from commit bb801a5a6fa287eb4d17f7f4372285d3a5aec9fd)

2 years agoyq: Update to 4.18.1
Tianling Shen [Sun, 30 Jan 2022 06:02:57 +0000 (14:02 +0800)]
yq: Update to 4.18.1

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit c665f0b50c391a78fc664673ce6bbeea64f477a8)

2 years agoyq: Update to 4.17.2
Tianling Shen [Sun, 23 Jan 2022 09:49:01 +0000 (17:49 +0800)]
yq: Update to 4.17.2

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 029b37aad0e2a72f58c28aaa89cb3ca339be32d3)

2 years agoMerge pull request #17737 from JonnyTischbein/telegraf-1.21.3-openwrt_21.02
Josef Schlehofer [Thu, 3 Feb 2022 15:24:02 +0000 (16:24 +0100)]
Merge pull request #17737 from JonnyTischbein/telegraf-1.21.3-openwrt_21.02

telegraf: add package version 1.21.3 to openwrt 21.02

2 years agoapache2: security update to version 2.4.52
Josef Schlehofer [Fri, 28 Jan 2022 16:05:28 +0000 (17:05 +0100)]
apache2: security update to version 2.4.52

Fixes CVEs:
- CVE-2021-44790
- CVE-2021-44224

Refreshed patches

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 6c6c99ffb54f06031443c17023bd9891c449410b)

2 years agobind: bump to 9.18.0
Noah Meyerhans [Tue, 1 Feb 2022 05:04:14 +0000 (21:04 -0800)]
bind: bump to 9.18.0

Signed-off-by: Noah Meyerhans <frodo@morgul.net>
(cherry picked from commit 127ef1207ba0484fadb224a46155a46b48150e34)

2 years agoMerge pull request #17764 from stangri/openwrt-21.02
Stan Grishin [Wed, 2 Feb 2022 17:12:45 +0000 (09:12 -0800)]
Merge pull request #17764 from stangri/openwrt-21.02

[21.02] https-dns-proxy: update to 2021-11-22-1

2 years agocrowdsec: update from latest upstream release 1.3.0
Kerma Gérald [Wed, 26 Jan 2022 08:45:39 +0000 (09:45 +0100)]
crowdsec: update from latest upstream release 1.3.0

Changes (from 1.2.3):
https://github.com/crowdsecurity/crowdsec/compare/v1.2.3...v1.3.0

(cherry picked from commit d2fd1f8346de74caf6b069bd61fa9d358d0789f6)
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
2 years agowg-installer: use babeld add_interface function
Nick Hainke [Tue, 1 Feb 2022 20:56:23 +0000 (21:56 +0100)]
wg-installer: use babeld add_interface function

With commit 385200443554 ("babeld: add add_interface function") babeld
has a new ubus function allowing to dynamically add an interface.

Before the add_interface function, we were required to reload babeld.
The reload influenced the babeld routing. However, the remove part is
still missing and will be added at a later stage.

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 40b87aac950db3e310b6a353392a7ecd66e7c6f2)

2 years agocrowdsec-firewall-bouncer: fix name in initd to start the process
Kerma Gérald [Sat, 15 Jan 2022 07:33:46 +0000 (08:33 +0100)]
crowdsec-firewall-bouncer: fix name in initd to start the process

crowdsec rename the binary from crowdsec-firewall-bouncer to cs-firewall-bouncer
the initd need the correct binary name to start the process
the link for github source need also to be fixed (only the information one)
fix the BuildDate
updated copyright

Signed-off-by: Kerma Gérald <gandalf@gk2.net>
(cherry picked from commit d6b116cb43802048d883a13e2d2e95eea76ad565)

2 years agonano: Add a plus variant with more features
Hannu Nyman [Tue, 1 Feb 2022 21:41:59 +0000 (23:41 +0200)]
nano: Add a plus variant with more features

Nano is by default built as "tiny" with most features disabled.
That is suitable for basic tasks in routers with small flash.

Add a new nano-plus variant that enables selected additional
features in the build config:
 * multiple files (multibuffer)
 * Unicode/utf8
 * justify
 * .nanorc support
 * help
 * also some key bindings get enabled as "tiny" configure option
   is removed.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 85cb71d8d81af3c549406d5f42080ed58be9b9b0)

2 years agohttps-dns-proxy: update to 2021-11-22-1 17764/head
Stan Grishin [Mon, 31 Jan 2022 21:42:59 +0000 (21:42 +0000)]
https-dns-proxy: update to 2021-11-22-1

* update to 2021-11-22 upstream source
* update patch file
* update init script to preserve manual entries
(fixes https://github.com/stangri/source.openwrt.melmac.net/issues/149)
* update init script service_triggers

Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit 1e5e7ce469b1df0e2481ea2f0f65521c44531182)

2 years agodawn: update to 2022-01-17 17552/head
Nick Hainke [Mon, 17 Jan 2022 09:16:59 +0000 (10:16 +0100)]
dawn: update to 2022-01-17

877e2dc iwinfo: fix get_bandwidth_iwinfo
9ce01ec datastorage: fix multi-SSID
9187665 treewide: improve maintaince
6bf9b6d memory: Tighten up some memory handling to help spot errors
4df0c98 treewide: improve logging

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 7cb73ae3b9d0f7cf3f5846bd76cffac6feaa5ef7)

2 years agopython-dns: update to version 2.1.0
Josef Schlehofer [Thu, 30 Dec 2021 19:02:47 +0000 (20:02 +0100)]
python-dns: update to version 2.1.0

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 447c6fd57b5ed92f82ab9945e1bd350f3e4866d5)

2 years agoprosody: update to version 0.11.13
Josef Schlehofer [Fri, 28 Jan 2022 14:48:47 +0000 (15:48 +0100)]
prosody: update to version 0.11.13

Fixes CVEs:
- CVE-2022-0217
- CVE-2021-37601
- CVE-2021-32918
- CVE-2021-32920
- CVE-2021-32921
- CVE-2021-32917
- CVE-2021-32919

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit dcedbe802744102b215835f1dd53bc2bb5756807)

2 years agotelegraf: Update package to version 1.21.3 17737/head
Jonathan Pagel [Sat, 29 Jan 2022 10:39:06 +0000 (11:39 +0100)]
telegraf: Update package to version 1.21.3

Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
(cherry picked from commit 912bb2c803e7e6d1c0020a59e08fab72d077a7a7)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
2 years agotelegraf: Move config file to /etc/telegraf.conf because
Jonathan Pagel [Sun, 31 Oct 2021 16:43:25 +0000 (17:43 +0100)]
telegraf: Move config file to /etc/telegraf.conf because
/etc/config is the default uci folder. Also marking it as
configuration file prevents overwriting it on updates.

Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
(cherry picked from commit abb33331e532b1de40adea6553589770b3e9ddb9)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
2 years agotelegraf: Add package for telegraf
Jonathan Pagel [Wed, 28 Jul 2021 07:33:15 +0000 (09:33 +0200)]
telegraf: Add package for telegraf

Telegraf is a plugin-driven agent for collecting and sending metrics
and events. It supports various inputs (including prometheus
endpoints) and is able to send data into InfluxDB.
https://www.influxdata.com/time-series-platform/telegraf/

Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
(cherry picked from commit 0781a15c932187788a69d9a3eb005062fb8eaf7b)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
2 years agoffmpeg: update to 4.3.2
Bernd Kuhls [Sat, 27 Feb 2021 18:51:57 +0000 (19:51 +0100)]
ffmpeg: update to 4.3.2

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
(cherry picked from commit 900a146de306c500849b93bc2e36977958f308ff)

2 years agoclamav: update to version 0.104.2
Josef Schlehofer [Fri, 28 Jan 2022 14:03:36 +0000 (15:03 +0100)]
clamav: update to version 0.104.2

Backported upstream pending pull request to fix following error:

CMake Error at /foo/staging_dir/host/share/cmake-3.19/Modules/FindPackageHandleStandardArgs.cmake:218 (message):
  Could NOT find CURSES (missing: CURSES_LIBRARY)

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit eddbb64bc98a6b4fb50e9ae069ce3383e079a8c0)

2 years agoclamav: update to 0.104.0
Lucian Cristian [Sun, 19 Sep 2021 18:27:33 +0000 (21:27 +0300)]
clamav: update to 0.104.0

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
(cherry picked from commit 44eb2ae61901888f023e8dee295610436fb875c9)

2 years agonode: January 10th 2022 Security Releases
Hirokazu MORIKAWA [Mon, 24 Jan 2022 07:27:30 +0000 (16:27 +0900)]
node: January 10th 2022 Security Releases

Update to v14.18.3

January 10th 2022 Security Releases:
Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531)
Certificate Verification Bypass via String Injection (Medium)(CVE-2021-44532)
Incorrect handling of certificate subject and issuer fields (Medium)(CVE-2021-44533)
Prototype pollution via console.table properties (Low)(CVE-2022-21824)

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
(cherry picked from commit 8278998e48565090fc1c75da8e0921aa6cd4a4b6)

2 years agotvheadend: fix conffiles section
Josef Schlehofer [Mon, 24 Jan 2022 22:04:13 +0000 (23:04 +0100)]
tvheadend: fix conffiles section

The previous one was wrong, and it did not work. It could be checked
inside compiled package in control.tar.gz that there was missing
``conffiles`` file with content `/etc/config/tvheadend`

It is also possible to verify that the config is not overwritten on the router
by running ``opkg install tvheadend --force-reinstall``

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 752d1ffc28971b9b641162498a877750fa687bbd)

2 years agolighttpd: update to lighttpd 1.4.64 release hash
Glenn Strauss [Fri, 29 Oct 2021 03:16:03 +0000 (23:16 -0400)]
lighttpd: update to lighttpd 1.4.64 release hash

remove long-deprecated modules

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
(cherry picked from commit 3badd766681460bde8025d401b36dfc400c01cda)

2 years agolighttpd: update to lighttpd 1.4.63 release hash
Glenn Strauss [Sat, 4 Dec 2021 15:15:37 +0000 (10:15 -0500)]
lighttpd: update to lighttpd 1.4.63 release hash

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
(cherry picked from commit 35dff58b3ae34361c2c31ea48b10377205bcc6c6)

2 years agolighttpd: update to lighttpd 1.4.62 release hash
Glenn Strauss [Thu, 2 Dec 2021 06:49:49 +0000 (01:49 -0500)]
lighttpd: update to lighttpd 1.4.62 release hash

depend on libpcre2 instead of libpcre

also remove patches incorporated upstream into lighttpd 1.4.62

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
(cherry picked from commit ddecac45c8f813b0711ec625ab424e33e7a8da9c)

2 years agotvheadend: fix typo in uriparser
Josef Schlehofer [Mon, 24 Jan 2022 11:25:00 +0000 (12:25 +0100)]
tvheadend: fix typo in uriparser

Fixes: 0449c109e78d4e5b998fc26415ecaa5bb5c274c3 ("tvheadend: disable
uriparser")

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 5879260515332a338e77776a7cbb50b56a48f03a)

2 years agoMerge pull request #17677 from mhei/21.02-php8-update
Michael Heimpold [Mon, 24 Jan 2022 06:45:04 +0000 (07:45 +0100)]
Merge pull request #17677 from mhei/21.02-php8-update

[21.02] php8: update to 8.0.15

2 years agowg-installer: fix multiple namespaces
Nick Hainke [Sat, 22 Jan 2022 22:27:02 +0000 (23:27 +0100)]
wg-installer: fix multiple namespaces

Add flag "--lookup-default-namespace" to signal that wg-installer should
look already established wireguard sessions in the default namespace.

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 94efdcf02a723fbcdcc6a192e026e0c2f766a158)

2 years agophp8: update to 8.0.15 17677/head
Michael Heimpold [Sat, 22 Jan 2022 20:24:37 +0000 (21:24 +0100)]
php8: update to 8.0.15

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
2 years agotvheadend: disable uriparser
Josef Schlehofer [Fri, 21 Jan 2022 10:01:29 +0000 (11:01 +0100)]
tvheadend: disable uriparser

This avoids to add liburiparser as dependency.

Package tvheadend is missing dependencies for the following libraries:
liburiparser.so.1

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 0449c109e78d4e5b998fc26415ecaa5bb5c274c3)

2 years agopython3: Update to 3.9.10, refresh patches
Jeffery To [Sun, 16 Jan 2022 20:32:03 +0000 (04:32 +0800)]
python3: Update to 3.9.10, refresh patches

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
2 years agowg-installer: remove unused dependency
Nick Hainke [Thu, 20 Jan 2022 14:24:05 +0000 (15:24 +0100)]
wg-installer: remove unused dependency

Remove the dependency "coreutils-realpath" from
wg-installer-server-hotplug-olsrd.

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit fab86eb626b677f8329482f427c6837e59fe4597)

2 years agowg-installer: create wireguard key if it does not exist
Nick Hainke [Thu, 20 Jan 2022 13:10:12 +0000 (14:10 +0100)]
wg-installer: create wireguard key if it does not exist

Check if the key exists which is given by
    option wg_key '/etc/wgserver/wg.key'

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 324fa79d7c8a90e899a81bbb3ae0c5a5a602f88e)

2 years agowg-installer: install cronjob
Nick Hainke [Thu, 20 Jan 2022 08:06:24 +0000 (09:06 +0100)]
wg-installer: install cronjob

Install a cronjob that removes unused wireguard interfaces every 10
minutes.

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 432a965689f09c6bb86cd24753f79d739b9bcf46)

2 years agowg-installer: check if a key is already inserted
Nick Hainke [Tue, 18 Jan 2022 17:31:46 +0000 (18:31 +0100)]
wg-installer: check if a key is already inserted

Check if a peer is already existing with a given public key. Introduce a
response code for signaling why the server rejected the request.

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit da48bc3792705b12fc104459ed9f5f1b73544d17)

2 years agowg-installer: rework code
Nick Hainke [Wed, 19 Jan 2022 17:40:16 +0000 (18:40 +0100)]
wg-installer: rework code

Use shellcheck to rework the code. Use "export" to return variables from
a function call. Further, fix typos.

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 69c81790d1045e064cd9c643a1643a0f919f448d)

2 years agowg-installer: cosmetic changes
Nick Hainke [Tue, 18 Jan 2022 16:39:53 +0000 (17:39 +0100)]
wg-installer: cosmetic changes

Use "ip addr" instead of "ip addres" or "ip a".

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 38a9a3e0dc9713af7509e455ca9a71567d80323f)

2 years agocryptsetup: update to version 2.4.3
Josef Schlehofer [Tue, 18 Jan 2022 15:24:52 +0000 (16:24 +0100)]
cryptsetup: update to version 2.4.3

Fixes: CVE-2021-4122
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit a2427edf76fffd294fbcc70f94c7d59d420d07b4)

2 years agogit: update to version 2.34.1
Josef Schlehofer [Thu, 30 Dec 2021 17:24:39 +0000 (18:24 +0100)]
git: update to version 2.34.1

- Refreshed patches

- Release notes 2.34.0:
https://github.com/git/git/blob/2ae0a9cb8298185a94e5998086f380a355dd8907/Documentation/RelNotes/2.34.0.txt

- Release notes 2.34.1:
https://github.com/git/git/blob/2ae0a9cb8298185a94e5998086f380a355dd8907/Documentation/RelNotes/2.34.1.txt

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 042bf16072627d763ba22a4d80c03cb32406a936)

2 years agocrowdsec: update from upstream latest release 1.2.3
Kerma Gérald [Sat, 15 Jan 2022 09:59:49 +0000 (10:59 +0100)]
crowdsec: update from upstream latest release 1.2.3

update from latest upstream release 1.2.3
updated copyright

(cherry picked from commit de41b63ca45be91273e0ea97213b2a6a29ba2a9a)
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
2 years agosmcroute: update to 2.5.5
Moritz Warning [Tue, 23 Nov 2021 20:19:57 +0000 (21:19 +0100)]
smcroute: update to 2.5.5

Signed-off-by: Moritz Warning <moritzwarning@web.de>
2 years agosmcroute: update to 2.5.4
Moritz Warning [Sun, 14 Nov 2021 23:53:40 +0000 (00:53 +0100)]
smcroute: update to 2.5.4

Signed-off-by: Moritz Warning <moritzwarning@web.de>
2 years agoMerge pull request #17619 from erdoukki/21.02-2to3
Jeffery To [Mon, 17 Jan 2022 11:10:26 +0000 (19:10 +0800)]
Merge pull request #17619 from erdoukki/21.02-2to3

[21.02] 2to3: add package host tool

2 years agowg-installer: switch to ubus call for olsrd hotplug
Nick Hainke [Sun, 16 Jan 2022 09:21:53 +0000 (10:21 +0100)]
wg-installer: switch to ubus call for olsrd hotplug

Use ubus ipc calls to add and remove interfaces.

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit b89eb0115fc21183175af68c0a8807b25bd71c99)

2 years agowg-installer: rework iproute2 commands
Nick Hainke [Sun, 16 Jan 2022 09:04:36 +0000 (10:04 +0100)]
wg-installer: rework iproute2 commands

- Use ip address add instead of ip a a
- Directly add broadcast address

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit fea27cec05c0d76d3bb6aad1b4bfd53270c1c263)

2 years ago2to3: add package host tool 17619/head
Kerma Gérald [Sat, 25 Dec 2021 10:46:36 +0000 (11:46 +0100)]
2to3: add package host tool

2to3 is a Python program that reads Python 2.x source code and applies a
  series of fixers to transform it into valid Python 3.x code. The standard
  library contains a rich set of fixers that will handle almost all code. 2to3
  supporting library lib2to3 is, however, a flexible and generic library, so it
  is possible to write your own fixers for 2to3. lib2to3 could also be adapted
  to custom applications in which Python code needs to be edited automatically.

This tool is necessary for fail2ban package because of issue
  https://github.com/openwrt/packages/issues/17311
  https://github.com/openwrt/packages/pull/17341

Simple 2to3.py script from Debian, thanks to Matthias Klose <doko@ubuntu.com>
From: https://salsa.debian.org/cpython-team/python3-defaults

(cherry picked from commit 2f91e1c9c5876bcdac4630fdc0e417903d8f9eb9)
Co-authored-by: Jeffery To <jeffery.to@gmail.com>
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
2 years agoCI: fix runtime testing for non master branch
Paul Spooren [Thu, 13 Jan 2022 23:55:36 +0000 (00:55 +0100)]
CI: fix runtime testing for non master branch

The runtime testing always ran on master branch aka snapshots since the
branch wasn't passed over to the container execution!

Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit f535d770901674d7d9f3d8cd9abe566d9db63ebe)

2 years agoi2pd: Update to 2.40.0 and update package sources
R4SAS I2P [Sun, 26 Dec 2021 04:29:58 +0000 (04:29 +0000)]
i2pd: Update to 2.40.0 and update package sources

* Updating i2pd package to 2.40.0
* Rewrite Makefile
* Remove usage of PKG_INSTALL (package's make install)
* Rewrite init.rc configuration and script
* Remove '--service' option from init, which only sets datadir to /var/lib/i2pd
* Use '--datadir' option in init, otherwise datadir changing via uci is not works
* Update patch for i2pd.conf

Signed-off-by: R4SAS I2P <r4sas@i2pmail.org>
(cherry picked from commit ac27fffff9159be7b0b6529797ca45d7dc4136c0)

2 years agoi2pd: remove unneeded functions.sh
Dirk Neukirchen [Tue, 2 Mar 2021 19:10:03 +0000 (20:10 +0100)]
i2pd: remove unneeded functions.sh

its included via rc.common, see
https://openwrt.org/docs/guide-developer/config-scripting

Signed-off-by: Dirk Neukirchen <plntyk.lede@plntyk.name>
(cherry picked from commit 266deb586686bfdd5e95c451284541a06c3d5d25)

2 years agoi2pd: Update to 2.38.0
R4SAS I2P [Sun, 30 May 2021 11:48:46 +0000 (14:48 +0300)]
i2pd: Update to 2.38.0

Remove USE_AVX and USE_AESNI make options as it is correclty handled by
internal code.

Signed-off-by: R4SAS I2P <r4sas@i2pmail.org>
(cherry picked from commit 1025dd7c76706a4130a636b61eb112052617c082)

2 years agoi2pd: update to 2.36
Dirk Neukirchen [Thu, 4 Mar 2021 11:51:24 +0000 (12:51 +0100)]
i2pd: update to 2.36

remove AVX patches as upstream has integrated and closed
all AVX issues

compiled on :  x86-64, i386 generic
tested on : x86-64 VM, i386 VM

Signed-off-by: Dirk Neukirchen <plntyk.lede@plntyk.name>
(cherry picked from commit fc7d710e626f73029597d1f6811d0bd26d587c4d)

2 years agomariadb: Add sudo dependency
Michal Hrusecky [Thu, 13 Jan 2022 14:11:01 +0000 (15:11 +0100)]
mariadb: Add sudo dependency

During update we use sudo to start an instance. It probably could be
workarounded, but given the MariaDB size, dependency on sudo shouldn't
be an issue.

Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
(cherry picked from commit 0ffec9bd4bf91118d33203d93d53b316b43115ce)

2 years agomariadb: Check and fix datadir owner issues during upgrade
Michal Hrusecky [Thu, 13 Jan 2022 14:04:57 +0000 (15:04 +0100)]
mariadb: Check and fix datadir owner issues during upgrade

If you are migrating to MariaDB package, you might have old datadir
stored somewhere using different setup with different users. If you
trust us enough to enable autoupgrade, you probably trust us enough to
chown your datadir as well. This can prevent some potential issues.

Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
(cherry picked from commit b41525cef4171c7f3200afc41dca5e3837cbd2ec)

2 years agoMerge pull request #17603 from BKPepe/mariadb-bump
Josef Schlehofer [Fri, 14 Jan 2022 12:14:53 +0000 (13:14 +0100)]
Merge pull request #17603 from BKPepe/mariadb-bump

mariadb: update to version 10.4.22

2 years agomariadb: update to version 10.4.22 17603/head
Josef Schlehofer [Thu, 13 Jan 2022 13:46:40 +0000 (14:46 +0100)]
mariadb: update to version 10.4.22

Fixes: CVE-2021-35604
Removed two patches:
130-c11_atomics.patch - included in upstream now [1]
140-mips-connect-unaligned.patch - included in upstream, too. [2]

[1] https://github.com/MariaDB/server/commit/f502ccbcb5dfce29067434885a23db8d1bd5f134#diff-6ef8fc82162068daeab927be94e246b202eb39323a102273b9448219da24172f
[2] https://github.com/MariaDB/server/commit/a33c1082dab7ab4b08acf957d6364be95e4c6a9f#diff-821e2c7a49184a660339b094f437fcd1e9aea997a86391467a657088234ebca0

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2 years agomg: bump to 7.0
Hirokazu MORIKAWA [Tue, 28 Dec 2021 06:36:55 +0000 (15:36 +0900)]
mg: bump to 7.0

This is mg as it appears in OpenBSD 7.0.

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
2 years agozerotier: add configuration reload trigger
Jo-Philipp Wich [Wed, 1 Dec 2021 14:50:52 +0000 (15:50 +0100)]
zerotier: add configuration reload trigger

Ensure that the zerotier service is automatically restarted when the uci
configuration is modified.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 04d0e45da1b6126643c54a22c39488b7095a5594)

2 years agonetdata: Update init script to use -D rather than -nd
James White [Fri, 31 Dec 2021 16:45:25 +0000 (16:45 +0000)]
netdata: Update init script to use -D rather than -nd

The current init script is using the deprecated -nd flag. This updates netdata to be started with -D.

Signed-off-by: James White <james@jmwhite.co.uk>
(cherry picked from commit cf9d5a887031f245fbae6f8bcd3366078996f123)

2 years agoatlas-probe: update to version 2.4.1
Josef Schlehofer [Tue, 4 Jan 2022 11:26:52 +0000 (12:26 +0100)]
atlas-probe: update to version 2.4.1

Removed patches:
001-fix-stime-glibc-remove.patch - it is included in upstream
003-Fix-compilation-with-gcc11.patch - no longer necessary

Updated patches:
002-Avoid-problems-with-64-bit-time_t.patch

Refreshed patches:
004-Comment-out-librt-testing.patch

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit cf65ca2db009cc69aa4eedea7116727704c84c48)

2 years agoatlas-sw-probe: update to version 5040
Josef Schlehofer [Tue, 4 Jan 2022 11:26:25 +0000 (12:26 +0100)]
atlas-sw-probe: update to version 5040

Update copyright

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit ec767eb499dfa9269cf0f454b6f6446bf4235340)

2 years agocrowdsec-firewall-bouncer: update to 0.0.21
Kerma Gérald [Fri, 7 Jan 2022 13:41:00 +0000 (14:41 +0100)]
crowdsec-firewall-bouncer: update to 0.0.21

Update crowdsec-firewall-bouncer to latest upstream release version 0.0.21

Makefile rework
- use tagged version for download

Fixes
- set API_KEY in firewall bouncer config file

(cherry picked from commit b4f48b5c23d0b5d2ab9de2041edbf69a8f6ca013)
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
2 years agocrowdsec: update to 1.2.2
Kerma Gérald [Fri, 7 Jan 2022 13:29:58 +0000 (14:29 +0100)]
crowdsec: update to 1.2.2

Update crowdsec to latest upstream release version 1.2.2

Makefile rework
- use tagged version for download

(cherry picked from commit 2a34e4987bbd60091150de1886017426f10634ab)
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
2 years agoapache: fixup apxs
Sebastian Kemper [Sun, 24 Oct 2021 13:36:22 +0000 (15:36 +0200)]
apache: fixup apxs

apxs is used to get information about the apache installation when
building external modules. Currently there are issues:

1.

./staging_dir/target-mips_24kc_musl/usr/bin/apxs -q TARGET
apache2
apxs:Error: ./staging_dir/target-mips_24kc_musl/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/bin/apr-1-config not found!.

This error is fixed by sed script #2.

2.

./staging_dir/target-mips_24kc_musl/usr/bin/apxs -q TARGET
cannot open ./staging_dir/target-mips_24kc_musl/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/share/apache2/build/config_vars.mk: No such file or directory at ./staging_dir/target-mips_24kc_musl/usr/bin/apxs line 213.

This error is fixed by sed scipt #1.

Both sed scripts taken from buildroot (see [1]).

[1] https://github.com/buildroot/buildroot/blob/master/package/apache/apache.mk

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
(cherry picked from commit 83d1cdaf3f1392a67aaa9d10f544680805229019)

2 years agoapache: security bump to 2.4.51
Sebastian Kemper [Sun, 24 Oct 2021 13:32:06 +0000 (15:32 +0200)]
apache: security bump to 2.4.51

Fixes (see [1] for details):

  CVE-2021-33193
  CVE-2021-41524
  CVE-2021-41773
  CVE-2021-42013

[1] https://httpd.apache.org/security/vulnerabilities_24.html

Patch 020-openssl-deprecated.patch refreshed.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
(cherry picked from commit da4b1ca8d65b788d85489cd3ca83d91b0fd72f0f)

2 years agowg-installer: fix shell typo
Nick Hainke [Wed, 12 Jan 2022 17:25:13 +0000 (18:25 +0100)]
wg-installer: fix shell typo

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 53503c4a3a6660a67e88a37876a87e9b824ee03c)

2 years agowg-installer: allow defining link costs for hotplugs
Nick Hainke [Tue, 11 Jan 2022 11:18:49 +0000 (12:18 +0100)]
wg-installer: allow defining link costs for hotplugs

Add options to set link costs in mesh routing daemons.

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit ee879d37479cf66f8caf8d4354a0aeae3764f0a8)

2 years agowg-installer: private key as parameter
Nick Hainke [Tue, 11 Jan 2022 23:19:44 +0000 (00:19 +0100)]
wg-installer: private key as parameter

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 6a59d41fbf4ea61b1ee8b6e2ccc47d9a10529b0e)

2 years agowg-installer: generate new keys for every connection
Nick Hainke [Tue, 11 Jan 2022 22:06:22 +0000 (23:06 +0100)]
wg-installer: generate new keys for every connection

Generate new keys on every new connection.

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 8ab044712abb7e1a319099a419b1265ea04fb53c)

2 years agogolang: Update to 1.17.6
Jeffery To [Tue, 11 Jan 2022 13:13:00 +0000 (21:13 +0800)]
golang: Update to 1.17.6

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 45208db29bd22238d355f4f8fdcc02fd2045c78a)

2 years agowg-installer: fix using symlinks for conf files
Nick Hainke [Mon, 10 Jan 2022 22:56:36 +0000 (23:56 +0100)]
wg-installer: fix using symlinks for conf files

It is useful to symlink babeld and olsrd to /tmp/ if we frequently
write to those config files.

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 5e8301d7dc154b27b03dc2c24c111e41bb897293)

2 years agofail2ban: fix 2to3 error
Kerma Gérald [Sun, 12 Dec 2021 10:59:39 +0000 (11:59 +0100)]
fail2ban: fix 2to3 error

Issue: 2to3 support has been removed in setuptools since version 58.0.0.

Fix: openwrt/packages#17311

Requirements: 2to3/host openwrt/packages#17429

Add upstream patch: https://github.com/fail2ban/fail2ban/commit/196c55e93103d1e56d1336f27a5f2591b4e54fef

To install/build for python3 from source, it is necessary to convert to py3
codebase before setup (invoke 2to3 or ./fail2ban-2to3 firstly).
> ./fail2ban-2to3
> python3 setup.py build

(cherry picked from commit ad0e1a1c3ce871da079779bf9ac706859445f3c5)
Signed-off-by: Kerma Gérald <gandalf@gk2.net>