feed/packages.git
2 years agocloudflared: Update to 2022.3.2
Tianling Shen [Thu, 17 Mar 2022 16:51:26 +0000 (00:51 +0800)]
cloudflared: Update to 2022.3.2

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2 years agopython3: Add Py3Build/InstallBuildDepends recipe
Jeffery To [Mon, 7 Mar 2022 13:29:56 +0000 (21:29 +0800)]
python3: Add Py3Build/InstallBuildDepends recipe

This adds a recipe, Py3Build/InstallBuildDepends, that installs the
requirements listed in HOST_PYTHON3_PACKAGE_BUILD_DEPENDS. This allows
other (non-Python) packages to install host Python packages by calling
this recipe, without having to know the internals of python3-package.mk.

This also updates apparmor to call this recipe.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
2 years agolibextractor: remove ffmpeg plugin
Rosen Penev [Sun, 13 Mar 2022 08:09:10 +0000 (00:09 -0800)]
libextractor: remove ffmpeg plugin

This was removed upstream. It also doesn't build with ffmpeg 5.0

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2 years agobind: fix warnings about unknown options
Philip Prindeville [Tue, 15 Mar 2022 22:46:08 +0000 (16:46 -0600)]
bind: fix warnings about unknown options

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2 years agoMerge pull request #18066 from TDT-AG/pr/20220315-collectd
Florian Eckert [Thu, 17 Mar 2022 14:33:29 +0000 (15:33 +0100)]
Merge pull request #18066 from TDT-AG/pr/20220315-collectd

collectd: update smart plugin

2 years agocollectd: smart: add patch to check udev_enumerate_scan_devices return value 18066/head
Florian Eckert [Tue, 15 Mar 2022 14:03:46 +0000 (15:03 +0100)]
collectd: smart: add patch to check udev_enumerate_scan_devices return value

The function udev_enumarte_scan_devices returns a value less than 0 on
failure. If this is the case then we terminate the read for this smart
information.

This change was already send upstream. And could be delete in feature
collectd versions.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agocollectd: remove not needed fix
Florian Eckert [Tue, 15 Mar 2022 13:52:05 +0000 (14:52 +0100)]
collectd: remove not needed fix

This was not a real fix but a workaround. It is no longer clear to me
why this was necessary. Deleting the patch restores the upstream
behaviour of the collected for the smart plugin. I have tested it and on
my system the hard disk to be monitored is recognised.

root@system ~ # cat /sys/class/block/sda/uevent
MAJOR=8
MINOR=0
DEVNAME=sda
DEVTYPE=disk

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agoMerge pull request #17940 from TDT-AG/pr/20220225-mwan3
Florian Eckert [Thu, 17 Mar 2022 13:01:43 +0000 (14:01 +0100)]
Merge pull request #17940 from TDT-AG/pr/20220225-mwan3

mwan3: update to version 2.11.0

2 years agovim: remove vim/host
Rosen Penev [Tue, 15 Mar 2022 23:24:35 +0000 (16:24 -0700)]
vim: remove vim/host

The only use of it is for xxd. tools/xxd was added in base so this can
go.

https://github.com/openwrt/openwrt/commit/c4dd2441e7

added it.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2 years agoMerge pull request #18079 from TDT-AG/pr/20220316-libqmi-libmbim
Florian Eckert [Thu, 17 Mar 2022 07:04:32 +0000 (08:04 +0100)]
Merge pull request #18079 from TDT-AG/pr/20220316-libqmi-libmbim

ibqmi/libmbim: fix configure warning on unrecognized options

2 years agoMerge pull request #18070 from mhei/libxml2-update
Michael Heimpold [Thu, 17 Mar 2022 07:02:48 +0000 (08:02 +0100)]
Merge pull request #18070 from mhei/libxml2-update

libxml2: update to 2.9.13

2 years agoopenssh: update to 8.9p1
Michal Vasilek [Thu, 3 Mar 2022 18:38:51 +0000 (19:38 +0100)]
openssh: update to 8.9p1

Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
2 years agolibarchive: add conflict to bsdtar/bsdtar-noopenssl
Josef Schlehofer [Sat, 5 Mar 2022 10:35:40 +0000 (11:35 +0100)]
libarchive: add conflict to bsdtar/bsdtar-noopenssl

Fixes:
Packages 'bsdtar' and 'bsdtar-noopenssl' do not conflict while providing same file: /usr/bin/bsdtar

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2 years agolibudev-zero: backport latest changes to fix blocking on devices scan
Florian Eckert [Tue, 15 Mar 2022 14:04:55 +0000 (15:04 +0100)]
libudev-zero: backport latest changes to fix blocking on devices scan

This change added the latest upstream changes since version 1.0.0.

When using the smart plugin from collectd, there are problems with the
function udev_enumerate_scan_devices. This function is blocked and no
longer returns. Backporting the latest fixes from libudev-zero solves
the problem.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agocloudflared: add new package
Tianling Shen [Tue, 1 Mar 2022 09:29:16 +0000 (17:29 +0800)]
cloudflared: add new package

Contains the command-line client for Cloudflare Tunnel, a tunneling
daemon that proxies traffic from the Cloudflare network to your origins.

Docs: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel-guide

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2 years agohaproxy: Update HAProxy to v2.4.15
Christian Lachner [Tue, 15 Mar 2022 11:41:37 +0000 (12:41 +0100)]
haproxy: Update HAProxy to v2.4.15

- Update haproxy download URL and hash

Signed-off-by: Christian Lachner <gladiac@gmail.com>
2 years agopython3-paramiko: update to version 2.10.1
Javier Marcet [Mon, 14 Mar 2022 07:32:58 +0000 (08:32 +0100)]
python3-paramiko: update to version 2.10.1

2.10.1:

 - [Bug]: (CVE-2022-24302) Creation of new private key files using
 PKey subclasses was subject to a race condition between file creation
 & mode modification, which could be exploited by an attacker with
 knowledge of where the Paramiko-using code would write out such
 files.

 - This has been patched by using os.open and os.fdopen to ensure new
 files are opened with the correct mode immediately. We’ve left the
 subsequent explicit chmod in place to minimize any possible
 disruption, though it may get removed in future backwards-
 incompatible updates.

 - Thanks to Jan Schejbal for the report & feedback on the solution,
 and to Jeremy Katz at Tidelift for coordinating the disclosure.

2.10.0:

 - [Feature] Add support for OpenSSH’s Windows agent as a fallback
 when Putty/WinPageant isn’t available or functional. Reported by
 @benj56 with patches/PRs from @lewgordon and Patrick Spendrin.

 - [Feature] Add support for the %C token when parsing SSH config
 files. Foundational PR submitted by @jbrand42.

 - [Bug] Significantly speed up low-level read/write actions on
 SFTPFile objects by using bytearray/memoryview. This is unlikely to
 change anything for users of the higher level methods like
 SFTPClient.get or SFTPClient.getfo, but users of SFTPClient.open will
 likely see orders of magnitude improvements for files larger than a
 few megabytes in size.

 - Thanks to @jkji for the original report and to Sevastian Tchernov
 for the patch.

 - [Support] Add six explicitly to install-requires; it snuck into
 active use at some point but has only been indicated by transitive
 dependency on bcrypt until they somewhat-recently dropped it. This
 will be short-lived until we drop Python 2 support. Thanks to
 Sondre Lillebø Gundersen for catch & patch.

Signed-off-by: Javier Marcet <javier@marcet.info>
2 years agomtr: bump version to 0.95, split package for JSON and non-JSON variants
Marc Egerton [Mon, 14 Mar 2022 20:16:47 +0000 (20:16 +0000)]
mtr: bump version to 0.95, split package for JSON and non-JSON variants

As per the discussion in PR #18047, split the MTR package into
two, one with jansson enabled for JSON output, and one without.

This commit also bumps the version to 0.95. Since the MTR project
website does not seem to be updated with builds any longer, switch
to GitHub Codeload instead.

Also enable PKG_FIXUP:=autoreconf so that MTRs bootstrap.sh process
is executed properly.

Signed-off-by: Marc Egerton <marc@malloc.me>
2 years agozerotier: update to 1.8.6
Moritz Warning [Tue, 8 Mar 2022 14:55:58 +0000 (15:55 +0100)]
zerotier: update to 1.8.6

* remove upstreamed gcc10 and cerrno patches
* disable SSO and OIDC as it needs Rust/Cargo support

Signed-off-by: Moritz Warning <moritzwarning@web.de>
2 years agosudo: bump to version 1.9.10
Alexandru Ardelean [Tue, 15 Mar 2022 11:50:22 +0000 (13:50 +0200)]
sudo: bump to version 1.9.10

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2 years agodocker-compose: Update to version 2.3.3
Javier Marcet [Mon, 14 Mar 2022 07:31:23 +0000 (08:31 +0100)]
docker-compose: Update to version 2.3.3

What's Changed:

 - use plain text progress when ansi=never is set by @ndeloof
 - build full compose model from resources, then filter by services by
 @ndeloof
 - add run with dependencies e2e test by @glours
 - add support for device_cgroup_rules by @ndeloof
 - composeService to use dockerCli's In/Out/Err streams by @ndeloof
 - fix generated YAML missing an "examples" section, and update
 cli-docs-tool to v0.4.0 by @thaJeztah

Signed-off-by: Javier Marcet <javier@marcet.info>
2 years agochicken-scheme: add conflict and small Makefile polishing
Josef Schlehofer [Sat, 5 Mar 2022 11:26:50 +0000 (12:26 +0100)]
chicken-scheme: add conflict and small Makefile polishing

- No need to explicitly state two times section and category since this is
already done in define Package/chicken-scheme/Default
- Also add TITLE to Default

- Add conflict between chicken-scheme-interpreter and
  chicken-scheme-full
They both provide the same files:
/usr/lib/libchicken.so
/usr/lib/chicken/11/chicken.time.import.so
/usr/lib/chicken/11/chicken.fixnum.import.so
/usr/lib/chicken/11/chicken.internal.import.so
/usr/lib/chicken/11/chicken.tcp.import.so
/usr/lib/chicken/11/chicken.continuation.import.so
/usr/lib/chicken/11/chicken.port.import.so
/usr/lib/chicken/11/chicken.random.import.so
/usr/lib/chicken/11/chicken.compiler.user-pass.import.so
/usr/lib/chicken/11/chicken.process-context.import.so
/usr/lib/chicken/11/chicken.bitwise.import.so
/usr/lib/chicken/11/srfi-4.import.so
/usr/lib/chicken/11/chicken.load.import.so
/usr/lib/chicken/11/chicken.blob.import.so
/usr/lib/chicken/11/chicken.time.posix.import.so
/usr/lib/chicken/11/chicken.file.posix.import.so
/usr/lib/chicken/11/chicken.flonum.import.so
/usr/lib/chicken/11/chicken.condition.import.so
/usr/lib/chicken/11/chicken.pretty-print.import.so
/usr/lib/chicken/11/types.db
/usr/lib/chicken/11/chicken.foreign.import.so
/usr/lib/chicken/11/chicken.repl.import.so
/usr/lib/chicken/11/chicken.pathname.import.so
/usr/lib/chicken/11/chicken.sort.import.so
/usr/lib/chicken/11/chicken.keyword.import.so
/usr/lib/chicken/11/chicken.process.signal.import.so
/usr/lib/chicken/11/chicken.platform.import.so
/usr/lib/chicken/11/chicken.base.import.so
/usr/lib/chicken/11/chicken.syntax.import.so
/usr/lib/chicken/11/chicken.file.import.so
/usr/lib/chicken/11/chicken.memory.import.so
/usr/lib/chicken/11/chicken.gc.import.so
/usr/lib/chicken/11/chicken.io.import.so
/usr/lib/chicken/11/chicken.memory.representation.import.so
/usr/lib/chicken/11/chicken.process.import.so
/usr/lib/chicken/11/chicken.plist.import.so
/usr/lib/chicken/11/chicken.string.import.so
/usr/lib/chicken/11/chicken.errno.import.so
/usr/lib/chicken/11/chicken.format.import.so
/usr/lib/chicken/11/chicken.eval.import.so
/usr/lib/chicken/11/chicken.irregex.import.so
/usr/lib/chicken/11/chicken.process-context.posix.import.so
/usr/lib/chicken/11/chicken.read-syntax.import.so
/usr/lib/chicken/11/chicken.csi.import.so
/usr/lib/chicken/11/chicken.locative.import.so
/usr/bin/csi

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2 years agopython-asn1crypto: drop package
Alexandru Ardelean [Tue, 15 Mar 2022 12:39:14 +0000 (14:39 +0200)]
python-asn1crypto: drop package

I can't seem to see any package that needs it.
This was added for cryptography, since it was needed up to version 2.7
asn1-crypto doesn't have a user since commit 9d892e3cf88bd7c5f2c61117df2f3c2fd6c0e960
So, remove it.

Abandoned packaged PR: https://github.com/openwrt/packages-abandoned/pull/23

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2 years agopodman: updates podman package
Oskari Rauta [Thu, 10 Mar 2022 01:51:30 +0000 (03:51 +0200)]
podman: updates podman package

 - add missing runtime depency catatonit
 - removed SELinux variant, add config option for it instead, I do not believe we need variant of EVERY SELinux support capable software
 - add config option for iptables firewall setup in default cni network config, otherwise skip iptables part (part of nftables transition, use cni-plugins-nft for nftables fw support or better; forget about cni fw completely, instead use openwrt's own as that way your rules for containers do not disappear on firewall restart)

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
2 years agopython-packages: Remove unused library packages
Jeffery To [Mon, 7 Mar 2022 16:37:51 +0000 (00:37 +0800)]
python-packages: Remove unused library packages

With the removal of Seafile, these library packages no longer have any
in-repo users. They will be imported into the abandoned packages
repo[1].

[1]: https://github.com/openwrt/packages-abandoned/pull/24

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
2 years agolibevhtp: Remove package
Jeffery To [Mon, 7 Mar 2022 21:28:38 +0000 (05:28 +0800)]
libevhtp: Remove package

With the removal of Seafile, there are no more in-repo users of this
package. It will be imported into the abandoned packages repo[1].

[1]: https://github.com/openwrt/packages-abandoned/pull/25

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
2 years agochrony: enable LTO
Stijn Tintel [Wed, 16 Mar 2022 00:06:35 +0000 (02:06 +0200)]
chrony: enable LTO

Size difference of the ipk on qoriq:
* chrony: 718571 676886
* chrony-nts: 786960 757064

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2 years agochrony: enable AUTORELEASE
Stijn Tintel [Wed, 16 Mar 2022 00:04:43 +0000 (02:04 +0200)]
chrony: enable AUTORELEASE

Enable AUTORELEASE in a separate commit so that the next commit can be
reverted without having to manually re-introduce it.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2 years agolibmbim: remove unknown configure option 18079/head
Florian Eckert [Mon, 13 Dec 2021 13:33:19 +0000 (14:33 +0100)]
libmbim: remove unknown configure option

The configure option --enable-more-warnings and --without-udev are not
recognized by configure.

Buildlog:
configure: WARNING: unrecognized options: --disable-nls,
--enable-more-warnings, --without-udev

Therefore this unkown configure options are removed with this commit.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agolibqmi: remove unknown configure option
Florian Eckert [Mon, 13 Dec 2021 13:11:33 +0000 (14:11 +0100)]
libqmi: remove unknown configure option

The configure option --enable-more-warnings is not recognized by
configure.

Buildlog:
configure: WARNING: unrecognized options: --disable-nls, --enable-more-warnings

Therefore this configure option is removed with this commit.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agoMerge pull request #18056 from pprindeville/isc-dhcp-update-4.4.3
Philip Prindeville [Tue, 15 Mar 2022 23:59:58 +0000 (17:59 -0600)]
Merge pull request #18056 from pprindeville/isc-dhcp-update-4.4.3

isc-dhcp: Update to 4.4.3

2 years agoisc-dhcp: Update to 4.4.3 18056/head
Philip Prindeville [Sun, 13 Mar 2022 21:14:21 +0000 (15:14 -0600)]
isc-dhcp: Update to 4.4.3

Note that on 32-bit ARM with MUSL we don't have Unwind_GetIP() so
we need to disable backtraces.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2 years agonamed: don't leak mktemp files on reload
Philip Prindeville [Tue, 15 Mar 2022 01:52:18 +0000 (19:52 -0600)]
named: don't leak mktemp files on reload

Unless we're using "mktemp -u ..." (not recommended), it will
create the temp file as part of its safety checking.  Thus you
should only create the name (file) if you're going to use it,
and always remove it if you have created it.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2 years agolibxml2: update to 2.9.13 18070/head
Michael Heimpold [Tue, 15 Mar 2022 20:24:32 +0000 (21:24 +0100)]
libxml2: update to 2.9.13

This fixes CVE-2022-23308.

Also switch to GNOME as download source and xz tarball.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
2 years agoMerge pull request #18061 from pprindeville/isc-dhcp-fix-ddns-updates
Philip Prindeville [Tue, 15 Mar 2022 19:56:35 +0000 (13:56 -0600)]
Merge pull request #18061 from pprindeville/isc-dhcp-fix-ddns-updates

isc-dhcp: detect whether ddns transfers are IPv4 only

2 years agoisc-dhcp: detect whether ddns transfers are IPv4 only 18061/head
Philip Prindeville [Tue, 15 Mar 2022 01:40:48 +0000 (19:40 -0600)]
isc-dhcp: detect whether ddns transfers are IPv4 only

If named is configured to not listen on any IPv6 interfaces,
then we should run 'nsupdate' with the '-4' argument.

Also:

* cleanup RFC-1918 address detection;
* don't generate PTR records for domain entries that aren't
  RFC-1918 addresses or these will generate NOTAUTH failures;

We're assuming that we're doing DNS split-horizon and that
internal addresses aren't routable.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2 years agoMerge pull request #18069 from pprindeville/isc-dhcp-dont-leak-mktemp-files
Philip Prindeville [Tue, 15 Mar 2022 19:25:08 +0000 (13:25 -0600)]
Merge pull request #18069 from pprindeville/isc-dhcp-dont-leak-mktemp-files

isc-dhcp: don't leak mktemp files

2 years agoisc-dhcp: don't leak mktemp files 18069/head
Philip Prindeville [Tue, 15 Mar 2022 18:39:16 +0000 (12:39 -0600)]
isc-dhcp: don't leak mktemp files

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2 years agognunet: improve init script
Daniel Golle [Tue, 15 Mar 2022 18:32:32 +0000 (18:32 +0000)]
gnunet: improve init script

Ensure correct ownership of /etc/gnunet.
Quote variables and more or less make shellcheck happy.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2 years agoMerge pull request #18063 from turris-cz/netdata-disable-liblz4
Daniel Engberg [Tue, 15 Mar 2022 10:25:31 +0000 (11:25 +0100)]
Merge pull request #18063 from turris-cz/netdata-disable-liblz4

netdata: disable LZ4 compression support

2 years agonetdata: disable LZ4 compression support 18063/head
Josef Schlehofer [Tue, 15 Mar 2022 09:51:42 +0000 (10:51 +0100)]
netdata: disable LZ4 compression support

To avoid unnecessary dependency, let's disable it for now.
LZ4 can be also used for DB engine and HTTPS

Fixes:
Package netdata is missing dependencies for the following libraries:
liblz4.so.1

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2 years agognunet: depend on 'uci-firewall' instead of 'firewall'
Daniel Golle [Tue, 15 Mar 2022 02:39:52 +0000 (02:39 +0000)]
gnunet: depend on 'uci-firewall' instead of 'firewall'

To allow using gnunet on systems with firewall4, add replace direct
dependency on 'firewall' with 'uci-firewall' which is satisfied by
either 'firewall' or 'firewall4'.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2 years agoshorewall6-lite: add @IPV6 to DEPENDS
Etienne Champetier [Mon, 14 Mar 2022 04:43:51 +0000 (00:43 -0400)]
shorewall6-lite: add @IPV6 to DEPENDS

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2 years agoshorewall6: add @IPV6 to DEPENDS
Etienne Champetier [Mon, 14 Mar 2022 04:42:16 +0000 (00:42 -0400)]
shorewall6: add @IPV6 to DEPENDS

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2 years agoMerge pull request #18058 from TDT-AG/pr/20220314-keepalived
Florian Eckert [Mon, 14 Mar 2022 12:24:51 +0000 (13:24 +0100)]
Merge pull request #18058 from TDT-AG/pr/20220314-keepalived

keepalived: enable nftables filtering

2 years agokeepalived: enable nftables filtering 18058/head
Florian Eckert [Tue, 8 Mar 2022 13:52:37 +0000 (14:52 +0100)]
keepalived: enable nftables filtering

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agomwan3: update version to 2.11.0 17940/head
Florian Eckert [Mon, 14 Mar 2022 10:34:10 +0000 (11:34 +0100)]
mwan3: update version to 2.11.0

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agoMerge pull request #18002 from BKPepe/haproxy-conflicts
Josef Schlehofer [Mon, 14 Mar 2022 09:03:31 +0000 (10:03 +0100)]
Merge pull request #18002 from BKPepe/haproxy-conflicts

haproxy: Makefile polishing and add conflict to SSL/non-SSL variant

2 years agomwan3: dump iptables and ipset command for debugging
Florian Eckert [Tue, 8 Mar 2022 11:52:11 +0000 (12:52 +0100)]
mwan3: dump iptables and ipset command for debugging

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agomwan3: unify error messages
Florian Eckert [Tue, 8 Mar 2022 10:51:02 +0000 (11:51 +0100)]
mwan3: unify error messages

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agomwan3: add sleep to release ipset reference
Florian Eckert [Tue, 8 Mar 2022 10:04:21 +0000 (11:04 +0100)]
mwan3: add sleep to release ipset reference

It turns out that under high system load, ipsets cannot be deleted. This
is because there is still a reference in iptables. A short sleep should
give the system time to clean this up.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agomwan3: remove not needed ipset del cmd
Florian Eckert [Tue, 8 Mar 2022 10:03:08 +0000 (11:03 +0100)]
mwan3: remove not needed ipset del cmd

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agomwan3: Split ipsets into separate ipv4 and ipv6 sets
Florian Eckert [Tue, 1 Mar 2022 07:58:32 +0000 (08:58 +0100)]
mwan3: Split ipsets into separate ipv4 and ipv6 sets

Nft does not directly support ipsets, nft sets must be used instead.
The mwan3 uses ipsets for certain tasks. They can be combinded. So called
an ipset of ipsets. This list type is not available in nft. So that
mwan3 could be ported to nft in the feature, the ipset handling should be
split. So we have for each ipset an iptables rule.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agomwan3: use mwan3_push_update function for mwan3_delete_iface_iptables
Florian Eckert [Fri, 25 Feb 2022 15:17:39 +0000 (16:17 +0100)]
mwan3: use mwan3_push_update function for mwan3_delete_iface_iptables

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agomwan3: remove ipset generation from mwan3_set_general_iptables
Florian Eckert [Fri, 25 Feb 2022 15:04:09 +0000 (16:04 +0100)]
mwan3: remove ipset generation from mwan3_set_general_iptables

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agomwan3: use sticky ipset generation mwan3_push_update pattern
Florian Eckert [Fri, 25 Feb 2022 15:02:49 +0000 (16:02 +0100)]
mwan3: use sticky ipset generation mwan3_push_update pattern

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agomwan3: do not create dynamic ipset for IPv6 if not supported
Florian Eckert [Fri, 25 Feb 2022 14:58:49 +0000 (15:58 +0100)]
mwan3: do not create dynamic ipset for IPv6 if not supported

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agomwan3: do not add mwan3_custom_v6 set if ipv6 is not available
Florian Eckert [Fri, 25 Feb 2022 11:04:57 +0000 (12:04 +0100)]
mwan3: do not add mwan3_custom_v6 set if ipv6 is not available

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agomwan3: use also ipset restore for connected ipv4 sets
Florian Eckert [Thu, 24 Feb 2022 11:59:31 +0000 (12:59 +0100)]
mwan3: use also ipset restore for connected ipv4 sets

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agomwan3: move command definitions to common.sh
Florian Eckert [Tue, 8 Mar 2022 09:15:04 +0000 (10:15 +0100)]
mwan3: move command definitions to common.sh

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agomwan3: update iptables dependencies
Florian Eckert [Wed, 23 Feb 2022 11:20:26 +0000 (12:20 +0100)]
mwan3: update iptables dependencies

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agoauc: don't segfault on invalid URL
Daniel Golle [Sun, 13 Mar 2022 23:48:28 +0000 (23:48 +0000)]
auc: don't segfault on invalid URL

Show error message instead of segfaulting in case of an invalid URL
being read from UCI config.

Fixes: #17971
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2 years agoMerge pull request #18052 from 1715173329/va
Etienne Champetier [Sun, 13 Mar 2022 16:37:32 +0000 (12:37 -0400)]
Merge pull request #18052 from 1715173329/va

v2raya: add iptables as dependency

2 years agov2raya: add iptables as dependency 18052/head
Tianling Shen [Tue, 8 Mar 2022 06:02:27 +0000 (14:02 +0800)]
v2raya: add iptables as dependency

This package requires to use iptables (no matter which variant).

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2 years agognunet: update to version 0.16.1
Daniel Golle [Sun, 13 Mar 2022 01:29:49 +0000 (01:29 +0000)]
gnunet: update to version 0.16.1

 * OPUS and Pulse can be configured nicely by default now, no longer
   need a local patch for that
 * mysql version checks fail when cross-compiling, add patch to remove
   them and always assume MySQL >8.0.
 * Package new services, communicators, ...

This is a new major release. It breaks protocol compatibility with the
0.15.x versions. Please be aware that Git master is thus henceforth
(and has been for a while) INCOMPATIBLE with the 0.15.x GNUnet network,
and interactions between old and new peers will result in issues.
0.15.x peers will be able to communicate with Git master or 0.16.x
peers, but some services - in particular GNS - will not be compatible.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2 years agotreewide: remove rpath-link
Rosen Penev [Thu, 10 Mar 2022 23:17:45 +0000 (15:17 -0800)]
treewide: remove rpath-link

Most usages seem to be outdated and fixed a long time ago.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2 years agoMerge pull request #18041 from turris-cz/syslog-ng-bump
Josef Schlehofer [Sat, 12 Mar 2022 05:50:54 +0000 (06:50 +0100)]
Merge pull request #18041 from turris-cz/syslog-ng-bump

syslog-ng: update to version 3.36.1 and add test.sh

2 years agocatatonit: add new package
Oskari Rauta [Mon, 7 Mar 2022 07:42:31 +0000 (09:42 +0200)]
catatonit: add new package

podman uses catatonit now for container init, so new package for
catatonit is required.

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
2 years agoMerge pull request #18042 from nwidger/delve-1.8.2
Florian Eckert [Fri, 11 Mar 2022 07:47:44 +0000 (08:47 +0100)]
Merge pull request #18042 from nwidger/delve-1.8.2

delve: Update to 1.8.2

2 years agosoftethervpn: remove rpath hack
Rosen Penev [Fri, 11 Mar 2022 04:49:02 +0000 (20:49 -0800)]
softethervpn: remove rpath hack

This was needed when readline was a shared library. Now that it's
static, this can be removed.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2 years agoyq: Update to 4.22.1
Tianling Shen [Thu, 10 Mar 2022 12:08:35 +0000 (20:08 +0800)]
yq: Update to 4.22.1

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2 years agodelve: Update to 1.8.2 18042/head
Niels Widger [Thu, 10 Mar 2022 15:50:46 +0000 (10:50 -0500)]
delve: Update to 1.8.2

See https://github.com/go-delve/delve/blob/master/CHANGELOG.md for
changes.

Signed-off-by: Niels Widger <niels@qacafe.com>
2 years agoMerge pull request #16339 from paper42/netdata-1.31
Josef Schlehofer [Thu, 10 Mar 2022 15:20:22 +0000 (16:20 +0100)]
Merge pull request #16339 from paper42/netdata-1.31

netdata: update to version 1.33.1

2 years agosyslog-ng: update to version 3.36.1 18041/head
Josef Schlehofer [Thu, 10 Mar 2022 15:19:19 +0000 (16:19 +0100)]
syslog-ng: update to version 3.36.1

- Bump version in config file

Release notes:
https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-3.36.1

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2 years agogerbera: update to 1.10.0
Rosen Penev [Wed, 9 Mar 2022 05:16:04 +0000 (21:16 -0800)]
gerbera: update to 1.10.0

Backport some bug fixes.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2 years agopugixml: update to 1.12.1
Rosen Penev [Wed, 9 Mar 2022 05:02:35 +0000 (21:02 -0800)]
pugixml: update to 1.12.1

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2 years agolibnpupnp: update to 4.2.1
Rosen Penev [Wed, 9 Mar 2022 05:03:29 +0000 (21:03 -0800)]
libnpupnp: update to 4.2.1

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2 years agolibmicrohttpd: update to 0.9.75
Rosen Penev [Wed, 9 Mar 2022 05:03:02 +0000 (21:03 -0800)]
libmicrohttpd: update to 0.9.75

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2 years agoexpat: update to 2.4.7
Rosen Penev [Wed, 9 Mar 2022 05:02:02 +0000 (21:02 -0800)]
expat: update to 2.4.7

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2 years agonetdata: update to version 1.33.1 16339/head
Michal Vasilek [Thu, 3 Mar 2022 15:30:16 +0000 (16:30 +0100)]
netdata: update to version 1.33.1

- Switch to upstream's release tarball
  Requires to add PKG_BUILD_DIR since netdata is extracted to the folder
  netdata-v1.33.1 instead of the previous solution where there was
missing v

- Disable anomaly detection by default
This avoids adding a new dependencies to netdata

Fixes:
Package netdata is missing dependencies for the following libraries:
libatomic.so.1
libstdc++.so.6

- Add FreeBSD patch to have smaller package and to avoid clutter in
  WebUI

Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
[add commit message, add FreeBSD patch]
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2 years agodnsproxy: Update to 0.41.4
Tianling Shen [Wed, 9 Mar 2022 13:48:32 +0000 (21:48 +0800)]
dnsproxy: Update to 0.41.4

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2 years agomodemmanager: bump to 1.18.6
Kuan-Yi Li [Thu, 3 Mar 2022 18:47:14 +0000 (02:47 +0800)]
modemmanager: bump to 1.18.6

Remove upstreamed patch.

Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
2 years agolibmbim: bump to 1.26.2
Kuan-Yi Li [Thu, 3 Mar 2022 18:44:38 +0000 (02:44 +0800)]
libmbim: bump to 1.26.2

Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
2 years agolibqmi: bump to 1.30.4
Kuan-Yi Li [Thu, 3 Mar 2022 18:44:22 +0000 (02:44 +0800)]
libqmi: bump to 1.30.4

Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
2 years agolibqrtr-glib: bump to 1.2.2
Kuan-Yi Li [Thu, 3 Mar 2022 18:38:07 +0000 (02:38 +0800)]
libqrtr-glib: bump to 1.2.2

Builds are now done from git repository based on release tag. [1][2]

Switch to meson as GNU autotools based build is no longer supported. [2]

Update SPDX license identifier [3] and switch to AUTORELEASE to avoid
manual increments.

[1] https://www.freedesktop.org/software/libqmi/libqrtr-glib-RELEASES-README
[2] https://lists.freedesktop.org/archives/libqmi-devel/2021-November/003721.html
[3] https://gitlab.freedesktop.org/mobile-broadband/libqrtr-glib/-/tree/1.2.2#license

Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
2 years agoadguardhome: Update adguardhome to v0.107.5
James White [Sat, 5 Mar 2022 08:14:27 +0000 (08:14 +0000)]
adguardhome: Update adguardhome to v0.107.5

Signed-off-by: James White <james@jmwhite.co.uk>
2 years agocoova-chilli: remove kmod dep on binary package
Thibaut VARÈNE [Mon, 7 Mar 2022 12:02:15 +0000 (13:02 +0100)]
coova-chilli: remove kmod dep on binary package

There is no reason for the kmod to depend on the binary package
itself, neither for building nor for installing.

That dependency prevents phase1 from building the kmod even though
support is enabled in the binary.

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
2 years agotinc: add creation of hosts directory for each network configuration
Erwan MAS [Sat, 5 Mar 2022 21:00:21 +0000 (16:00 -0500)]
tinc: add creation  of hosts directory for each network configuration

Signed-off-by: Erwan MAS <erwan@mas.nom.fr>
2 years agofrr: update to 8.2
Lucian Cristian [Mon, 7 Mar 2022 17:26:52 +0000 (19:26 +0200)]
frr: update to 8.2

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
2 years agopython-jsonschema: Update to 4.4.0
Jeffery To [Sun, 6 Mar 2022 21:23:43 +0000 (05:23 +0800)]
python-jsonschema: Update to 4.4.0

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
2 years agocache-domains: Fixed hotplug script not running
Gerard Ryan [Tue, 8 Mar 2022 12:33:52 +0000 (22:33 +1000)]
cache-domains: Fixed hotplug script not running

Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
2 years agodocker-compose: Update to version 2.3.2
Javier Marcet [Tue, 8 Mar 2022 16:23:59 +0000 (17:23 +0100)]
docker-compose: Update to version 2.3.2

What's Changed:

- 2.3.2:
  - Fix json format for version command by @victor-timofei
  - filter containers after project has been rebuilt from resources by
  @ndeloof
  - publish a draft release with auto generate release notes by
  @glours
  - map --interactive to StdinOpen by @ndeloof

- 2.3.1:
  - Support COMPOSE_IGNORE_ORPHANS for compose run by @PIG208
  - don't try to start dependencies when there are none by @ndeloof
  - don't failed when trying to stop or rm services with no containers
  ru… by @glours

- 2.3.0:
  - Don't wait forever for unhealthy dependencies by @benesch
  - Add progress output while waiting for dependencies by @benesch
  - Discard env_file section on convert/config by @ulyssessouza
  - Return only numbers in short version by @guillaumerose
  - Don't SetRawTerminal() when exec is run with -T by @x-yuri
  - only remove volumes set by compose file by @ndeloof
  - Set NetworkMode correctly according to network priorities by
  @laurazard
  - go.mod: github.com/buger/goterm v1.0.4 by @thaJeztah
  - Fix typo in reference/compose_up.md by @danBamikiya
  - Fix pause/unpause by only applying to running containers by
  @ulyssessouza
  - use CustomLabels for composeV2 metadata and not impact service
  hash by @ndeloof
  - use golangci-lint-action by @ndeloof
  - Adds support to list the config files on docker compose ls by
  @KoditkarVedant
  - declare --volume as an alias for --volumes by @ndeloof
  - bump buildx to 0.7.1 by @ndeloof
  - Wait and scale 0 by @glours
  - Bump github.com/containerd/containerd from 1.5.8 to 1.6.0 by
  @dependabot
  - COMPOSE_REMOVE_ORPHANS can be set to always apply --remove-orphans
  by @ndeloof
  - Using start, stop, restart from outside the working directory
  using --project-name (#9147) by @arhemd
  - exclude com.docker.compose.image label from service hash by
  @ndeloof
  - Bump compose-go 1.0.9 by @ulyssessouza
  - Bump compose-go 1.1.0 by @ulyssessouza
  - Bump docker/distribution -> v2.8.0 by @ulyssessouza
  - report external volume name not found by @ndeloof
  - Bump github.com/containerd/containerd from 1.6.0 to 1.6.1 by
  @dependabot
  - CONTRIBUTING.md file. Update slack sign-up link by @teror4uks
  - Add function to convert strings to bool by @ulyssessouza
  - Add -i and -t to run and exec by @ulyssessouza

Signed-off-by: Javier Marcet <javier@marcet.info>
2 years agopython-websocket-client: update to 1.3.1
Javier Marcet [Tue, 8 Mar 2022 16:07:14 +0000 (17:07 +0100)]
python-websocket-client: update to 1.3.1

- 1.3.1:
  - Fix 10 year old bug and improve dispatcher handling for
  run_forever
  - Fix run_forever to never return None, only return True or False,
  and add two tests
  - Remove Python 3.6 support, EOL in Dec 2021

- 1.3.0:
  - BREAKING: Set Origin header to use https:// scheme when wss://
  WebSocket URL is passed
  - Replace deprecated/broken WebSocket URLs with working ones
  (6ad5197)
  - Add documentation referencing rel for automatic reconnection with
  run_forever()
  - Add missing opcodes 1012, 1013
  - Add errno.ENETUNREACH to improve error handling (da1b050)
  - Minor documentation improvements and typo fixes

- 1.2.3:
  - Fix broken run_forever() functionality

- 1.2.2:
  - Migrate wsdump script in setup.py from scripts to newer
  entry_points
  - Add support for ssl.SSLContext for arbitrary SSL parameters
  - Remove keep_running variable
  - Remove HAVE_CONTEXT_CHECK_HOSTNAME variable (dac1692)
  - Replace deprecated ssl.PROTOCOL_TLS with ssl.PROTOCOL_TLS_CLIENT
  - Simplify code and improve Python 3 support
  - Fill default license template fields
  - Update CI tests
  - Improve documentation

Signed-off-by: Javier Marcet <javier@marcet.info>
2 years agopython3-distro: update to version 1.7.0
Javier Marcet [Tue, 8 Mar 2022 16:02:25 +0000 (17:02 +0100)]
python3-distro: update to version 1.7.0

- BACKWARD COMPATIBILITY:

  - Dropped support for EOL Pythons 2.7, 3.4 and 3.5
  - Dropped support for LSB and uname back-ends when --root-dir is
  specified
  - Moved distro.py to src/distro/distro.py

- ENHANCEMENTS:

  - Documented that distro.version() can return an empty string on
  - rolling releases
  - Documented support for Python 3.10
  - Added official support for Rocky Linux distribution
  - Added a shebang to distro.py to allow standalone execution
  - Added support for AIX platforms
  - Added compliance for PEP-561

- BUG FIXES:

  - Fixed include_uname parameter oversight
  - Fixed crash when uname -rs output is empty
  - Fixed Amazon Linux identifier in distro.id() documentation
  - Fixed OpenSuse >= 15 support
  - Fixed encoding issues when opening distro release files
  - Fixed linux_distribution regression

Signed-off-by: Javier Marcet <javier@marcet.info>
2 years agozstd: update to 1.5.2
Rosen Penev [Thu, 3 Mar 2022 03:12:59 +0000 (19:12 -0800)]
zstd: update to 1.5.2

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2 years agoiperf3: bump to 3.11
John Audia [Tue, 8 Mar 2022 23:03:37 +0000 (18:03 -0500)]
iperf3: bump to 3.11

Update to latest upstream version

Signed-off-by: John Audia <graysky@archlinux.us>
2 years agoshadowsocks-libev: remove now unused file firewall.ss-rules
Yousong Zhou [Tue, 8 Mar 2022 07:22:49 +0000 (15:22 +0800)]
shadowsocks-libev: remove now unused file firewall.ss-rules

It was leftover from the previous rewrite of ss-rules.  The built
package has no ref to it so no need to update PKG_RELEASE

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2 years agoMerge pull request #18018 from rs/nextdns-1.37.10-master
Stan Grishin [Mon, 7 Mar 2022 21:35:37 +0000 (13:35 -0800)]
Merge pull request #18018 from rs/nextdns-1.37.10-master

nextdns: Update to version 1.37.10

2 years agoMerge pull request #18001 from turris-cz/chrony-conflicts
Josef Schlehofer [Mon, 7 Mar 2022 20:41:48 +0000 (21:41 +0100)]
Merge pull request #18001 from turris-cz/chrony-conflicts

chrony: add conflict between without NTS and NTS variant

2 years agoadblock: 4.1.3-6
Dirk Brenken [Mon, 7 Mar 2022 20:25:31 +0000 (21:25 +0100)]
adblock: 4.1.3-6

* remove discontinued sources: shallalist, stalkerware
* fix a logical glitch in startup trigger handling

Signed-off-by: Dirk Brenken <dev@brenken.org>