feed/packages.git
4 years agoMerge pull request #11203 from micmac1/19.07-xml2 11211/head
Michael Heimpold [Sat, 1 Feb 2020 21:54:41 +0000 (22:54 +0100)]
Merge pull request #11203 from micmac1/19.07-xml2

[19.07] libxml2: fix libxslt host build

4 years agolibxml2: install xml2-config with host triplet 11203/head
Sebastian Kemper [Sun, 27 Oct 2019 09:06:35 +0000 (10:06 +0100)]
libxml2: install xml2-config with host triplet

Currently only xml2-config is installed, for both the normal libxml2
package as well as the host package. The problem with that is that due
to multilib considerations the build host may have xml2-config installed
with a host triplet prefix, like x86_64-pc-linux-gnu-xml2-config (and
xml2-config as a symbolic link to it). Gentoo for instance sets it up
like this.

Packages may actually search for a prefixed xml2-config before searching
for xml2-config. An example would be Asterisk:

checking for x86_64-pc-linux-gnu-xml2-config... /usr/bin/x86_64-pc-linux-gnu-xml2-config

This then introduces wrong information into the build, for instance
bad includes:

~/tmp/openwrt $ /usr/bin/x86_64-pc-linux-gnu-xml2-config --cflags
-I/usr/include/libxml2

When the intention is to use OpenWrt's own (host) libxml2 one would like
to see this output used instead:

~/tmp/openwrt $ ./staging_dir/hostpkg/bin/xml2-config --cflags
-I/home/sk/tmp/openwrt/staging_dir/hostpkg/include/libxml2

This commit addresses this by installing xml2-config with a suitable
prefix and creating a symbolic link xml2-config. This is done for both
the host package and the normal package. The latter also needs this fix
because the target may use the same triplet as the host system (for
instance x86_64 cross-compiling for x86_64).

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agolibxml2/host: revert xml2-config prefix fix
Sebastian Kemper [Tue, 22 Oct 2019 21:58:12 +0000 (23:58 +0200)]
libxml2/host: revert xml2-config prefix fix

Commit 218f0229a4594b32d9db6ad0678cdce7e2663e27 added a workaround for a
problem. The host compile overwrote xml2-config in
"$(STAGING_DIR)/host/bin". The workaround fixed the issue for regular
target packages. But it didn't leave a proper xml2-config script for
host packages.

Times have changed. Host packages are now installed in
"$(STAGING_DIR_HOSTPKG). So there is no longer any danger of the host
package overwriting the xml2-config script for target packages. So
revert the mentioned commit, leaving us with two proper xml2-config
scripts, one for target package builds and one for host package builds.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agonextdns: Update to version 1.4.23
Olivier Poitrey [Sat, 1 Feb 2020 07:58:58 +0000 (09:58 +0200)]
nextdns: Update to version 1.4.23

Changelog:

* Fix OpenWRT with existing forwarder + fix dnsmasq restore issue
* Refactor service execution to better report errors
* Refactor merlin tz setup so it does not need to curl on boot
* Improve upgrade command for install.sh
* Do not mask curl error on install
* Fix timezone logging issue with Merlin
* Add support for Merlin John's fork
* Add raspbian support to installer
* Fix upgrade not reinstalling service
* Limit the aarch64 fix to merlin
* Reset DHCP DNS to self on Merlin router setup
* Fix memory issue with aarch64 based router
* Update Go version
* Allow override of detected env
* Setup timezone correctly on Merlin init script
* Don't ignore curl error on install
* Fix Asus Merlin John’s fork trust store issue
* Fix synology auto setup
* Fix report client info not enabled with setup-router option
* Add support for edgeos DHCP lease file locations
* Fix signal handling when running as a service
* Fix exit menu keyboard shortcut
* Do not fail on upgrade if uninstall failed
* Fix exit menu in installer
* Remove failing upx (for now)
* Make sure nextdns keeps running once ssh session is closed
* Add auto setup of Synology with DHCP server enabled
* Use router's DNS to discover more names
* Get A/AAAA from both answer and addition sections
* Ignore certain invalid names during discovery
* Fix activate with setup-router
* Fix serveral install issues
* Add exponential backoff to mdns probe retry
* Correctly end dhcp lease probing when discovery is cancelled
* Store DHCP/MDNS discovered addrs separately to avoid ping/pong
discovery
* Add DHCP lease support to client discovery
* Do not report mdns listen unreachable error as start will retry
* Reimplement mdns client discovery
* Fix installer GOARCH detection with arm6+
* Fix bin install on platforms needing sudo
* Correctly detect edgeos and ddwrt as routers
* Fix install.sh sudo
* Disable upx as it break many platforms
* Fix installer regression with merlin
* Fix mips64 detection
* Fix OpenWRT detection
* Fix UPX post build script
* Fix install with John's Asuswrt-Merlin fork
* Fix more DDWRT
* Fix DDWRT support
* Fix merlin service add/remove
* Use UPX to compress binaries typicially used on routers
* Revert "Remove direct dep on reflect"
* Use letters for installer menus
* Fix install script for upgrades not working if binary is running
* Do not return an error on mdns listen if at least one interface worked
* Fix installer for synology
* Fix pfSense support
* Remove the logs for each server on each connect
* Move install instructions to wiki
* Fix install.sh uid detection with merlin
* Fix install.sh for arm6+
* Add Synology init system support
* Fix install.sh
* Add a generic router setup that just changes the listen to public
* Update README
* Add auto setup support for EdgeOS
* Restore per OS install instruction in readme during installer beta
* Refactor install.sh
* Remove dep on golang.org/x/net/ipv[4|6]
* Remove direct dep on reflect
* Rewrite the zeroconf code to use dnsmessage instead miekg/dns
* Add auto setup support for DD-WRT
* Improve arch detection
* Add auto setup support for OpenWRT
* Add automatic router setup support
* Fix service
* Remove dep en seq on sysv style init scripts
* Add Entware init system support
* Report init system used on install and in UA
* Add EdgeOS support
* Reads /etc/hosts before forwarding queries to the upstream
* Fix localhost resolution with Linux arch empty /etc/hosts
* Use /etc/hosts file to resolve listen address and list on all IPs
listed
* Add support for multiple router firmware
* Fix hardened privacy disabling dual stack
* Add a config set sub command and refactor commands handling
* Add support for activate on freebsd
* Fix inverted MAC matching
* Add unit test for conf prefix match #35
* Activate uses listen address instead of static 127.0.0.1
* Improve FreeBSD integration
* Add FreeBSD support
* Fix a typo
* Use zip for windows archive

Signed-off-by: Olivier Poitrey <rs@nextdns.io>
Edited PKG_RELEASE to 1
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit a3b028b3579ca43f91879726f73b331d46cce433)

4 years agoMerge pull request #11197 from Ansuel/backport
Hannu Nyman [Sat, 1 Feb 2020 07:28:04 +0000 (09:28 +0200)]
Merge pull request #11197 from Ansuel/backport

Backport

4 years agouwsgi: backport master changes to 19.07 11197/head
Ansuel Smith [Fri, 31 Jan 2020 22:07:54 +0000 (23:07 +0100)]
uwsgi: backport master changes to 19.07

To support new luci version uwsgi has been changed.
Backport this changes to 19.07

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
4 years agonginx: backport master changes to 19.07
Ansuel Smith [Fri, 31 Jan 2020 22:06:46 +0000 (23:06 +0100)]
nginx: backport master changes to 19.07

Currently luci is broken in 19.07.
Changes done to fix this problem didn't merge in the
19.07 release.

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
4 years agoMerge pull request #11184 from micmac1/19.07-maria-10.2.31
Rosen Penev [Fri, 31 Jan 2020 00:30:01 +0000 (16:30 -0800)]
Merge pull request #11184 from micmac1/19.07-maria-10.2.31

[19.07] mariadb: security bump to 10.2.31

4 years agoMerge pull request #11176 from jefferyto/python-fix-float-byte-order-openwrt-19.07
Rosen Penev [Fri, 31 Jan 2020 00:27:49 +0000 (16:27 -0800)]
Merge pull request #11176 from jefferyto/python-fix-float-byte-order-openwrt-19.07

[openwrt-19.07] python,python3: Fix float byte order detection

4 years agomariadb: security bump to 10.2.31 11184/head
Sebastian Kemper [Thu, 30 Jan 2020 20:33:56 +0000 (21:33 +0100)]
mariadb: security bump to 10.2.31

Addresses CVE-2020-2574.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agopython-certify: bump to 2019.11.28
Eneas U de Queiroz [Thu, 16 Jan 2020 17:07:40 +0000 (14:07 -0300)]
python-certify: bump to 2019.11.28

This is a regular Mozilla CA bundle update.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit c799f2a913cedfba87d57ecb0ea0cbc8a186489f)

4 years agopython3: Fix float byte order detection 11176/head
Jeffery To [Thu, 30 Jan 2020 11:12:25 +0000 (19:12 +0800)]
python3: Fix float byte order detection

This backports patches from bpo-34585[1] to fix byte order detection of
floats.

Fixing byte order detection allows the repr() of floats to be
shorter[2]. sys.float_repr_style should be 'short' instead of 'legacy'
on supported platforms.

See #11134.

[1]: https://bugs.python.org/issue34585
[2]: https://docs.python.org/3.8/whatsnew/3.1.html#other-language-changes

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
4 years agopython: Fix float byte order detection
Jeffery To [Thu, 30 Jan 2020 10:28:49 +0000 (18:28 +0800)]
python: Fix float byte order detection

This backports patches from bpo-34585[1] to fix byte order detection of
floats.

Fixing byte order detection allows the repr() of floats to be shorter (a
feature backported to Python 2.7 from Python 3.1[2]).
sys.float_repr_style should be 'short' instead of 'legacy' on supported
platforms.

See #11134.

[1]: https://bugs.python.org/issue34585
[2]: https://docs.python.org/2.7/whatsnew/2.7.html#python-3-1-features

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from a0da5aec7f4ae24feb3c4f2fb3bf3c1c9cb9e639)
Omitted PKG_RELEASE change

4 years agopython: Replace utime with utimes
Rosen Penev [Wed, 31 Jul 2019 06:33:40 +0000 (23:33 -0700)]
python: Replace utime with utimes

Optionally fixes compilation with uClibc-ng.

Based on the surrounding code, this looks like an oversight.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from 608df65a627e22db08f04bab0cb97c246ff40449)
Adjusted PKG_RELEASE
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
4 years agolibxslt/host: depend on libxml2/host
Sebastian Kemper [Sat, 26 Oct 2019 12:47:52 +0000 (14:47 +0200)]
libxslt/host: depend on libxml2/host

The host build requires libxml2-dev. This commit adds the dependency for
libxml2/host, as the host system may not have it installed. This also
avoids using the host's xml2-config (in /usr/bin for instance) while
linking to libraries in staging_dir/hostpkg.

ldd staging_dir/hostpkg/bin/xsltproc | grep xml2
libxml2.so.2 => /home/sk/tmp/openwrt/staging_dir/hostpkg/lib/libxml2.so.2 (0x00007fcc0644c000)

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
(cherry-picked from 05f0beb6a82c43838196035d15d6757b1e571aa6)

4 years agolibxslt: patch security issues
Jan Pavlinec [Wed, 24 Jul 2019 13:33:48 +0000 (15:33 +0200)]
libxslt: patch security issues

Fixes:
CVE-2019-13117
CVE-2019-13118

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry-picked from f77c53cff150d99fd0e27de670fa87f11246310d)

4 years agolibxslt: add host build
Florian Eckert [Mon, 14 Oct 2019 10:38:02 +0000 (12:38 +0200)]
libxslt: add host build

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry-picked from 48ad713a1407711404a7913f179702d30632da5a)

4 years agoMerge pull request #11149 from nickberry17/add_mm_to_19
Rosen Penev [Tue, 28 Jan 2020 09:57:06 +0000 (01:57 -0800)]
Merge pull request #11149 from nickberry17/add_mm_to_19

backport ModemManager and dependencies to 19.07

4 years agomodemmanager: add ModemManager to packages 11149/head
Nicholas Smith [Tue, 28 Jan 2020 01:52:04 +0000 (11:52 +1000)]
modemmanager: add ModemManager to packages

Signed-off-by: Nicholas Smith <nicholas.smith@telcoantennas.com.au>
4 years agolibqmi: add libqmi to packages
Nicholas Smith [Tue, 28 Jan 2020 01:51:42 +0000 (11:51 +1000)]
libqmi: add libqmi to packages

Signed-off-by: Nicholas Smith <nicholas.smith@telcoantennas.com.au>
4 years agolibmbim: add libmbim to packages
Nicholas Smith [Tue, 28 Jan 2020 01:51:25 +0000 (11:51 +1000)]
libmbim: add libmbim to packages

Signed-off-by: Nicholas Smith <nicholas.smith@telcoantennas.com.au>
4 years agoMerge pull request #11143 from Andy2244/smbd-rename_ksmbd-update-3.1.1-(19.07)
Rosen Penev [Mon, 27 Jan 2020 23:48:22 +0000 (15:48 -0800)]
Merge pull request #11143 from Andy2244/smbd-rename_ksmbd-update-3.1.1-(19.07)

[19.07] smbd: update to 3.1.1, rename to "ksmbd", "ksmbd-tools"

4 years agoMerge pull request #11144 from Andy2244/wsdd2-rename_ksmbd-(19.07)
Rosen Penev [Mon, 27 Jan 2020 23:48:09 +0000 (15:48 -0800)]
Merge pull request #11144 from Andy2244/wsdd2-rename_ksmbd-(19.07)

[19.07] wsdd2: update for renamed smbd->ksmbd

4 years agoglib2: fix mips16 build, add size reducing static link, fpic CFLAGS
Andy Walsh [Fri, 13 Dec 2019 14:29:32 +0000 (15:29 +0100)]
glib2: fix mips16 build, add size reducing static link, fpic CFLAGS

* allows building as mips16 (fixes broken mips16/32 mixed static linking)
* add some static link related flags to reduce target binary size

Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
(cherry-picked from a558b209440590deb5fae5ff32e4731c5e516194)

4 years agoglib2: Disable Werror
Rosen Penev [Sun, 3 Nov 2019 04:54:54 +0000 (21:54 -0700)]
glib2: Disable Werror

On GCC9, it throws a Wformat-nonliteral error. Unfortunately, there's no
easy was to fix it as it is fortify-headers where the warning ultimately
comes from.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from abdec8939e0d7cadaf0e82d9e7bb17e843525ad7)

4 years agowsdd2: update for renamed smbd->ksmbd 11144/head
Andy Walsh [Mon, 27 Jan 2020 21:16:27 +0000 (22:16 +0100)]
wsdd2: update for renamed smbd->ksmbd

* update for renamed smbd->ksmbd
* fix build warning for global network.sh include

Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
4 years agosmbd: update to 3.1.1, rename to "ksmbd", "ksmbd-tools" 11143/head
Andy Walsh [Mon, 27 Jan 2020 21:03:28 +0000 (22:03 +0100)]
smbd: update to 3.1.1, rename to "ksmbd", "ksmbd-tools"

* rename smbd->ksmbd (upstream name change)
* ksmbd-tools: build with static glib2 (usmbd = ~90kb, smbuseradd = ~40kb)
* new etc folder location = /etc/ksmbd/smb.conf
* new database name = /etc/ksmbd/ksmbdpwd.db
* fixes "map to guest = Bad User" while userdb is also used
* fixes missing ipv6 support
* update/rename to "luci-app-ksmbd"
* remove UCI samba compatibility code for section names (ksmbd uses [share] + [globals] not [sambashare] + [global])

* ksmbd: release 3.1.1 version
* ksmbd: does not work if ipv6 module is not loaded or compiled in
* ksmbd: capsule ifdef CONFIG_SMB_INSECURE_SERVER with smb1 codes
* ksmbd: release 3.1.0 version
* ksmbd: fix over 80 character warnings
* ksmbd: rename smbd-tools to ksmbd-tools in travis.yml
* ksmbd: fix password db file location in travis.yml
* ksmbd: rename smbd prefix function to ksmbd
* ksmbd: rename smbd prefix source files to ksmbd
* Revert "smbd: set connection status with SMBD_SESS_EXITING instead of direct destory"
* ksmbd: rename smbd to ksmbd in .travis.yml
* smbd: rename module name to ksmbd.ko
* smbd: set connection status with SMBD_SESS_EXITING instead of direct destory
* smbd: previous session with same user and same password should be deleted
* smbd: only use global session table in smb2 session
* smbd: add support for ipv6
* smbd: fix empty macro issue from smbd_debug
* cifsd: fix printing of file names in find_next

Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
4 years agoMerge pull request #11123 from stangri/19.07-https-dns-proxy
Hannu Nyman [Sun, 26 Jan 2020 20:39:33 +0000 (22:39 +0200)]
Merge pull request #11123 from stangri/19.07-https-dns-proxy

[19.07] https-dns-proxy: fix deleting server items, configurable dnsmasq settings change

4 years agoMerge pull request #11129 from Robby-/openwrt-19.07-freeradius3_update_3_0_20
Rosen Penev [Sun, 26 Jan 2020 18:48:13 +0000 (10:48 -0800)]
Merge pull request #11129 from Robby-/openwrt-19.07-freeradius3_update_3_0_20

[19.07] freeradius3: Update to 3.0.20

4 years agoMerge pull request #11126 from micmac1/19.07-tiff
Jiri Slachta [Sun, 26 Jan 2020 17:27:49 +0000 (18:27 +0100)]
Merge pull request #11126 from micmac1/19.07-tiff

[19.07] tiff: update version to 4.1.0

4 years agofreeradius3: Update to 3.0.20 11129/head
Robby K [Sun, 26 Jan 2020 13:43:06 +0000 (14:43 +0100)]
freeradius3: Update to 3.0.20

Latest stable release, contains security fixes for EAP-PWD (side-channel leak), logrotate settings (CVE-2019-10143) and a DoS issue due to multithreaded BN_CTX access (CVE-2019-17185).

Also refreshed patches/002-disable-session-cache-CVE-2017-9148.patch due to the following changes/commits in freeradius:
https://github.com/FreeRADIUS/freeradius-server/commit/bf1a1eda2387745bbe538998f3d2e6514f981bfd
https://github.com/FreeRADIUS/freeradius-server/commit/a3c46544b38ab46218c385d0ee197538fad5b3da

Signed-off-by: Robby K <robbyke@gmail.com>
4 years agotiff: update version to 4.1.0 11126/head
Jiri Slachta [Mon, 11 Nov 2019 20:49:06 +0000 (21:49 +0100)]
tiff: update version to 4.1.0

Signed-off-by: Jiri Slachta <jiri@slachta.eu>
4 years agohttps-dns-proxy: fix deleting server items, configurable dnsmasq settings change 11123/head
Stan Grishin [Sun, 26 Jan 2020 04:14:56 +0000 (21:14 -0700)]
https-dns-proxy: fix deleting server items, configurable dnsmasq settings change

Signed-off-by: Stan Grishin <stangri@melmac.net>
4 years agoavrdude: Fix GPIO path building
Rosen Penev [Tue, 2 Jul 2019 17:07:53 +0000 (10:07 -0700)]
avrdude: Fix GPIO path building

%ud is a GNU extension. It's not really supported elsewhere.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 536c6b8be7cb620f6258cbcb7e85a50662976f2b)

4 years agoMerge pull request #10990 from BKPepe/django-19.07
Rosen Penev [Thu, 23 Jan 2020 02:41:20 +0000 (18:41 -0800)]
Merge pull request #10990 from BKPepe/django-19.07

[OpenWrt 19.07] django: update to version 1.11.27

4 years agoMerge pull request #11078 from ddast/radicale_add_urllib_dep
Rosen Penev [Mon, 20 Jan 2020 22:55:29 +0000 (14:55 -0800)]
Merge pull request #11078 from ddast/radicale_add_urllib_dep

radicale-py3: Add python3-urllib dependency

4 years agoradicale-py3: Add python3-urllib dependency 11078/head
Dennis Dast [Mon, 20 Jan 2020 19:43:34 +0000 (20:43 +0100)]
radicale-py3: Add python3-urllib dependency

Depend on python3-urllib instead of python3-email (python3-urllib has
python3-email as a dependency).

Signed-off-by: Dennis Dast <mail@ddast.de>
4 years agonut: fix other/otherflag custom variables in nut-server.init
Matt Merhar [Mon, 20 Jan 2020 03:39:44 +0000 (22:39 -0500)]
nut: fix other/otherflag custom variables in nut-server.init

This allows custom config parameters to be added to the generated config
files, enabling the original intended functionality per
https://openwrt.org/docs/guide-user/services/ups/software.nut.

Example usage from /etc/config/nut_server:

config driver 'apc'
option driver 'snmp-ups'
option snmp_version 'v3'
option port '172.16.100.5'
list other 'secLevel'
list other 'secName'
list other 'authPassword'
list otherflag 'notransferoids'

config other 'other_secLevel'
option value 'authNoPriv'

config other 'other_secName'
option value 'some_username'

config other 'other_authPassword'
option value 'some_password'

config other 'otherflag_notransferoids'
option value '1'

Signed-off-by: Matt Merhar <mattmerhar@protonmail.com>
(cherry-picked from 0b04dd34a0cd706a7be33da3b7536f3c50714c8e)

4 years agonut: update OpenSSL 1.1.0 patch
Sebastian Kemper [Wed, 27 Nov 2019 18:52:27 +0000 (19:52 +0100)]
nut: update OpenSSL 1.1.0 patch

Replaces OpenWrt patch with upstream patch. Also removes
0002-Fix-check-for-empty-string.patch as this is included in upstream
OpenSSL 1.1.0 patch.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
(cherry-picked from 7d4f1b8589bc425acfd4d71a6e6be08a66d8f3dc)

4 years agonut: fix CGI setup
Sebastian Kemper [Wed, 27 Nov 2019 18:41:40 +0000 (19:41 +0100)]
nut: fix CGI setup

This commit makes

 - the libgd dependency (as well as specifying libs and includes)
 - the configure argument "--with-cgi"

dependant on whether the package nut-web-cgi is selected.

nut-web-cgi is also added to PKG_CONFIG_DEPENDS.

Resolves: #10641

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
(cherry-picked from cdd660a41dbfb87c9a253a7ebf856d7b733b752f)

4 years agoMerge pull request #11063 from EricLuehrsen/openwrt-19.07-unbound
Hannu Nyman [Sun, 19 Jan 2020 20:49:31 +0000 (22:49 +0200)]
Merge pull request #11063 from EricLuehrsen/openwrt-19.07-unbound

[openwrt-19.07] unbound: improve dependencies for okpg

4 years agounbound: improve dependencies for okpg 11063/head
Eric Luehrsen [Sat, 18 Jan 2020 02:42:40 +0000 (21:42 -0500)]
unbound: improve dependencies for okpg

Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
cherry pick 6505154a7450fe871396a4a05bcd2423f0f8aafb

4 years agoMerge pull request #11061 from cotequeiroz/afalg_1.1.0-19.07
Rosen Penev [Sun, 19 Jan 2020 20:17:06 +0000 (12:17 -0800)]
Merge pull request #11061 from cotequeiroz/afalg_1.1.0-19.07

[19.07] afalg_engine: bump to v1.1.0

4 years agoafalg_engine: bump to v1.1.0 11061/head
Eneas U de Queiroz [Sun, 19 Jan 2020 18:55:37 +0000 (15:55 -0300)]
afalg_engine: bump to v1.1.0

This version is up to 20% faster than 1.0.1.
Build without cryptouser information, which is not available in 19.07.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
4 years agobtrfs-progs: update to version 5.4.1
Josef Schlehofer [Sat, 11 Jan 2020 22:11:02 +0000 (23:11 +0100)]
btrfs-progs: update to version 5.4.1

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit c864563372d45c6040366d4f39447e6c8a5e6aab)

4 years agolibseccomp: add seccomp-syscalls.h to InstallDev
Josef Schlehofer [Thu, 16 Jan 2020 11:45:15 +0000 (12:45 +0100)]
libseccomp: add seccomp-syscalls.h to InstallDev

In the version 2.4.2, there was introduced a new header file.
Ship it to InstallDev

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
4 years agoMerge pull request #11051 from wvdakker/openwrt-19.07
Hannu Nyman [Sat, 18 Jan 2020 22:08:39 +0000 (00:08 +0200)]
Merge pull request #11051 from wvdakker/openwrt-19.07

[Openwrt 19.07] Shorewall: Bump to 5.2.3.5

4 years agoShorewall6-lite: Bump to 5.2.3.5 11051/head
W. van den Akker [Sat, 18 Jan 2020 21:25:26 +0000 (22:25 +0100)]
Shorewall6-lite: Bump to 5.2.3.5

Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl>
4 years agoShorewall6: Bump to 5.2.3.5
W. van den Akker [Sat, 18 Jan 2020 21:23:30 +0000 (22:23 +0100)]
Shorewall6: Bump to 5.2.3.5

Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl>
4 years agoShorewall: Bump to 5.2.3.5
W. van den Akker [Sat, 18 Jan 2020 21:22:12 +0000 (22:22 +0100)]
Shorewall: Bump to 5.2.3.5

Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl>
4 years agoShorewall-lite: Bump to 5.2.3.5
W. van den Akker [Sat, 18 Jan 2020 21:21:10 +0000 (22:21 +0100)]
Shorewall-lite: Bump to 5.2.3.5

Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl>
4 years agoShorewall-core: Bump to 5.2.3.5
W. van den Akker [Sat, 18 Jan 2020 21:20:18 +0000 (22:20 +0100)]
Shorewall-core: Bump to 5.2.3.5

Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl>
4 years agoafalg_engine: fix ENGINES location, zero-copy
Eneas U de Queiroz [Thu, 16 Jan 2020 18:21:21 +0000 (15:21 -0300)]
afalg_engine: fix ENGINES location, zero-copy

Use a fixed ENGINES_DIR location, instead of trying to read it from the
openssl Makefile.

It also fixes the zero-copy config option not being passed down to the
cmake options.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry-picked from 6a5f7920e96ca8718129041c048d638c62e65959)

4 years agoafalg_engine: add new package
Eneas U de Queiroz [Fri, 1 Nov 2019 03:00:27 +0000 (00:00 -0300)]
afalg_engine: add new package

This is an alternate AF_ALG engine for openssl, based on the devcrypto
engine, but using the AF_ALG interface instead of /dev/crypto.

It is different than the AF_ALG engine that ships with OpenSSL:
  - it uses sync calls, instead of async
  - it suports more algorithms

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 0e0bd6da4b1a658165e4985ee00822f4eeabe5f6)

4 years agostrongswan: bump to 5.8.2
Stijn Tintel [Thu, 16 Jan 2020 21:28:55 +0000 (23:28 +0200)]
strongswan: bump to 5.8.2

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
4 years agostrongswan: allow to specify per-connection reqid with UCI
Paul Fertser [Thu, 21 Nov 2019 17:26:46 +0000 (20:26 +0300)]
strongswan: allow to specify per-connection reqid with UCI

This is useful to assign all traffic to a fw3 zone, e.g.:

/etc/config/ipsec:

config remote 'test'
list tunnel 'dev'
...

config 'tunnel' 'dev'
option reqid '33'
...

/etc/config/firewall:

config zone
option name wan
option extra_src "-m policy --pol none --dir in"
option extra_dest "-m policy --pol none --dir out"
...

config zone
option name vpn
# subnet needed for firewall3 before 22 Nov 2019, 8174814a
list subnet '0.0.0.0/0'
option extra_src "-m policy --pol ipsec --dir in --reqid 33"
option extra_dest "-m policy --pol ipsec --dir out --reqid 33"
...

Signed-off-by: Paul Fertser <fercerpav@gmail.com>
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
4 years agostrongswan: bump to 5.8.1
Stijn Tintel [Sun, 15 Sep 2019 14:46:15 +0000 (17:46 +0300)]
strongswan: bump to 5.8.1

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
4 years agolibarchive: update to version 3.4.1 (security fix)
Jan Pavlinec [Thu, 16 Jan 2020 14:47:08 +0000 (15:47 +0100)]
libarchive: update to version 3.4.1 (security fix)

Fixes CVE-2019-19221

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry-picked from df634dcc926650de22248b89620c649c0fef7602)

4 years agooniguruma: bump to version 6.9.4
Eneas U de Queiroz [Fri, 6 Dec 2019 20:26:40 +0000 (17:26 -0300)]
oniguruma: bump to version 6.9.4

This version adds a new RegSet API, and fixes the following:
 - CVE-2019-19012
 - CVE-2019-19203
 - CVE-2019-19204
 - CVE-2019-19246
 - some problems (found by libFuzzer test)

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry-picked from 94895ec81838c02b8aa4bbc1d4af45ff2e01f004)

4 years agovpn-policy-routing: bugfix: remove conflict with vpnbypass
Stan Grishin [Thu, 16 Jan 2020 17:51:55 +0000 (10:51 -0700)]
vpn-policy-routing: bugfix: remove conflict with vpnbypass

Signed-off-by: Stan Grishin <stangri@melmac.net>
(cherry picked from commit 05603822d3b5ad3644db65a5d48983ca2b6f52fc)

4 years agoMerge pull request #11021 from jefferyto/golang-updates-openwrt-19.07
Rosen Penev [Tue, 14 Jan 2020 20:11:06 +0000 (12:11 -0800)]
Merge pull request #11021 from jefferyto/golang-updates-openwrt-19.07

[openwrt-19.07] golang: Updates

4 years agogolang: Update to 1.13.6 11021/head
Jeffery To [Tue, 14 Jan 2020 17:26:40 +0000 (01:26 +0800)]
golang: Update to 1.13.6

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
4 years agogolang: Fix selection of GOARM value
Jeffery To [Tue, 14 Jan 2020 16:58:28 +0000 (00:58 +0800)]
golang: Fix selection of GOARM value

This fixes how GOARM is selected for arm platforms, based on support for
VFP/VFPv3 rather than CPU version.

Fixes #10967.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
4 years agolibseccomp: update to version 2.4.2
Josef Schlehofer [Sun, 12 Jan 2020 11:28:37 +0000 (12:28 +0100)]
libseccomp: update to version 2.4.2

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
4 years agodjango: update to version 1.11.27 10990/head
Josef Schlehofer [Sat, 11 Jan 2020 22:14:45 +0000 (23:14 +0100)]
django: update to version 1.11.27

Fixes: CVE-2019-19844
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
4 years agounbound: fix TLS forwards with optional suffix
Eric Luehrsen [Sat, 11 Jan 2020 19:13:56 +0000 (14:13 -0500)]
unbound: fix TLS forwards with optional suffix

Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
(cherry picked from commit b101dd76fb4fd29cea53dbdabe7f302bdb48dca3)

4 years agomeasurement-kit: update to version 0.10.8
Jan Pavlinec [Thu, 9 Jan 2020 00:22:26 +0000 (01:22 +0100)]
measurement-kit: update to version 0.10.8

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry picked from commit 744e2dd19d2a9cbd0dee6a88c19743429b8aec21)

4 years agomeasurement-kit: update package
Jan Pavlinec [Fri, 29 Nov 2019 10:48:01 +0000 (11:48 +0100)]
measurement-kit: update package

Changes:
-add InstallDev section
-remove uclibc patch (issue fixed in upstream)

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry picked from commit df853b2d202d6bb1ecbfce8b7c72513db3b5a36c)

4 years agomeasurement-kit: update to version 0.10.6
Jan Pavlinec [Wed, 25 Sep 2019 10:34:30 +0000 (12:34 +0200)]
measurement-kit: update to version 0.10.6

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry picked from commit 2949906ec47470cd49f0a1d2f35305c4998e7711)

4 years agosmbd: Update to 3.0.2
Rosen Penev [Sat, 11 Jan 2020 02:18:59 +0000 (18:18 -0800)]
smbd: Update to 3.0.2

Fixes a nasty stack corruption issue and a big endian fix.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 232a271f4081ffa8bcfc591558eccab24500c526)

4 years agotransmission: Sync with master
Rosen Penev [Sat, 11 Jan 2020 02:07:42 +0000 (18:07 -0800)]
transmission: Sync with master

Signed-off-by: Rosen Penev <rosenp@gmail.com>
4 years agopython,python3: split python[3]-pkg-resources from setuptools
Alexandru Ardelean [Tue, 10 Sep 2019 16:51:03 +0000 (19:51 +0300)]
python,python3: split python[3]-pkg-resources from setuptools

This package is required by other packages to run some binaries via
`load_entry_point`.

So, this splits this package away from setuptools.
setuptools is pretty big, akd pkg-resources is also big, but not as big.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry picked from commit ed0e77f3c385770065bf6ec6ed7c3bbbb6deb395)
Reference to discussion at
https://github.com/openwrt/packages/commit/c61579b564a3877235d74684b1a75915d77e42a9#commitcomment-36665837
Adjusted python PKG_RELEASE items to current situation
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
4 years agoopenvswitch: bump PKG_RELEASE
Yousong Zhou [Wed, 8 Jan 2020 05:03:19 +0000 (13:03 +0800)]
openvswitch: bump PKG_RELEASE

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
4 years agoopenvswitch: backport patch to fix compilation
Yousong Zhou [Wed, 8 Jan 2020 04:58:54 +0000 (12:58 +0800)]
openvswitch: backport patch to fix compilation

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
4 years agoopenvswitch: fix building failure caused by dst_ops api change
Yousong Zhou [Wed, 8 Jan 2020 04:03:06 +0000 (12:03 +0800)]
openvswitch: fix building failure caused by dst_ops api change

Ref: https://github.com/openwrt/packages/issues/10961
Reported-by: Sven Roederer <devel-sven@geroedel.de>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
4 years agoopenvswitch: bump to version 2.11.1
Yousong Zhou [Wed, 8 Jan 2020 03:57:10 +0000 (11:57 +0800)]
openvswitch: bump to version 2.11.1

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
4 years agoMerge pull request #10920 from Rixerx/openwrt-19.07
Rosen Penev [Mon, 6 Jan 2020 01:15:37 +0000 (17:15 -0800)]
Merge pull request #10920 from Rixerx/openwrt-19.07

[19.07] zabbix: update to 4.0.16

4 years agoMerge pull request #10881 from mstorchak/stubby-19.07
Rosen Penev [Sun, 5 Jan 2020 23:38:13 +0000 (15:38 -0800)]
Merge pull request #10881 from mstorchak/stubby-19.07

[19.07] stubby: switch to ca-bundle

4 years agosqlite3: bump to version 3.30.1
Sebastian Kemper [Mon, 14 Oct 2019 20:01:01 +0000 (22:01 +0200)]
sqlite3: bump to version 3.30.1

Fixes CVE-2019-16168

In other news:

- adds ABI_VERSION
- prefers INSTALL_DATA over CP
- removes gratuitous trailing slashes

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
(cherry-picked from commit 33fecfefec690e7593dac3959ca5302c73dd8e3f)

4 years agosqlite3: bump to 3.29.0
Sebastian Kemper [Fri, 19 Jul 2019 19:21:08 +0000 (21:21 +0200)]
sqlite3: bump to 3.29.0

Fixes CVE-2019-5018
Also drops upstreamed patch.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
(cherry picked from commit 2f7fbde7d6e6297dae1e35df64a3b6af456536a9)

4 years agonginx: update to 1.16.1
DENG Qingfang [Wed, 14 Aug 2019 18:42:24 +0000 (02:42 +0800)]
nginx: update to 1.16.1

Fixes:
when using HTTP/2 a client might cause excessive memory
consumption and CPU usage (CVE-2019-9511, CVE-2019-9513,
CVE-2019-9516).

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
(cherry picked from commit 5ffc744018a3a36a059ccb91c8ee17c51c93eb0c)

4 years agotor: add respawn to init script
Jan Pavlinec [Mon, 30 Dec 2019 12:23:05 +0000 (13:23 +0100)]
tor: add respawn to init script

Note:
In some cases when tor daemon starts before
than the router is connected to the Internet.
Tor will exit and you have to run it manually.
This should fix this case.

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry picked from commit 5bce9c3e1d043e90fb31920e7a1ff5dbe1116124)

4 years agotor: update to version 0.4.2.5
Jan Pavlinec [Tue, 17 Dec 2019 12:44:29 +0000 (13:44 +0100)]
tor: update to version 0.4.2.5

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry picked from commit a339e0ede37de1dbbb15240d6d6907b063b9866c)

4 years agoyoutube-dl: update to version 2020.1.1
Josef Schlehofer [Sat, 4 Jan 2020 19:50:31 +0000 (20:50 +0100)]
youtube-dl: update to version 2020.1.1

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
4 years agoMerge pull request #10940 from Andy2244/samba-4.11.4-(19.07)
Rosen Penev [Sat, 4 Jan 2020 00:32:02 +0000 (16:32 -0800)]
Merge pull request #10940 from Andy2244/samba-4.11.4-(19.07)

[19.07] samba4: update to 4.11.4 (python3 version), add rpcsvc-proto, add libasn1 host build

4 years agoMerge pull request #10938 from Andy2244/smbd-rename-3.0.1-(19.07)
Rosen Penev [Sat, 4 Jan 2020 00:15:54 +0000 (16:15 -0800)]
Merge pull request #10938 from Andy2244/smbd-rename-3.0.1-(19.07)

[19.07] smbd: rename from cifsd, update to 3.0.1

4 years agoMerge pull request #10939 from Andy2244/wsdd2-init-update-(19.07)
Rosen Penev [Sat, 4 Jan 2020 00:09:13 +0000 (16:09 -0800)]
Merge pull request #10939 from Andy2244/wsdd2-init-update-(19.07)

[19.07] wsdd2: update to git (2019-12-15), bind to 'lan' only, update init for smbd

4 years agoMerge pull request #10937 from Andy2244/libtirpc-1.2.5-(19.07)
Rosen Penev [Sat, 4 Jan 2020 00:08:32 +0000 (16:08 -0800)]
Merge pull request #10937 from Andy2244/libtirpc-1.2.5-(19.07)

[19.07] libtirpc: update to 1.2.5

4 years agosamba4: update to 4.11.4 (python3 version), add rpcsvc-proto, add libasn1 host build 10940/head
Andy Walsh [Sat, 4 Jan 2020 00:08:11 +0000 (01:08 +0100)]
samba4: update to 4.11.4 (python3 version), add rpcsvc-proto, add libasn1 host build

* update to 4.11.4 (python3 version)
* re-enable AD-DC option
* add 'samba_nice' UCI option via "config procd 'extra'"
* restructure buildsteps (don't rely on waf --targets logic)
* move quota option into VFS
* move ACL option into AC-DC
* add more admin-tools
* use rpath_install for libs
* fix rpath + rstrip

extra:
* add rpcsvc-proto package _(don't rely on nfs-utils/host for headers, rpcgen anymore)_
* add libasn1 host build _(samba4 is looking for the bins)_

Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
4 years agowsdd2: update to git (2019-12-15), bind to 'lan' only, update init for smbd 10939/head
Andy Walsh [Sat, 4 Jan 2020 00:01:43 +0000 (01:01 +0100)]
wsdd2: update to git (2019-12-15), bind to 'lan' only, update init for smbd

* update to git (2019-12-15)
* bind to 'lan' interface only
* update init for renamed cifsd->smbd
* make smbd/samba compatible _(avoid testparm dependency)_
* only start if needed
* add meta data _(vendor, model, sku)_
* update smb.conf procd location
* lower restart delay
* remove outdated patch

Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
4 years agosmbd: rename from cifsd, update to 3.0.1 10938/head
Andy Walsh [Fri, 3 Jan 2020 23:55:40 +0000 (00:55 +0100)]
smbd: rename from cifsd, update to 3.0.1

* follow upstream rename to 'smbd' and 'smbd-tools'
* config is '/config/smbd' and '/etc/smbd/smb.conf'
* smbd: update to 3.0.1
* smbd: fixes delete access on readonly shares
* smbd: add patch to keep version metadata in kmod
* smbd: remove synchrous kill_server patches
* smbd-tools: update to 3.0.1
* smbd-tools: userspace service is now 'usmbd'
* smbd-tools: userspace tools are: 'smbuseradd', 'smbshareadd' with /etc/smbd/smbdpwd.db
* smbd-tools: split package into server/utils (reduce size)
* smbd-tools: fix init (luci save&apply)
* smbd-tools: remove kill_server related timeouts
* smbd-tools: add low memory options to template, to prevent oom

Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
4 years agolibtirpc: update to 1.2.5 10937/head
Andy Walsh [Fri, 3 Jan 2020 23:48:23 +0000 (00:48 +0100)]
libtirpc: update to 1.2.5

* update to 1.2.5
* remove upstream merged patches

Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
4 years agozabbix: update to 4.0.16 10920/head
Krystian Kozak [Wed, 1 Jan 2020 10:19:49 +0000 (11:19 +0100)]
zabbix: update to 4.0.16

Updated to 4.0.16 LTS version.

Compile tested: Yes, x86_64
Run tested: Yes, x86_64

Signed-off-by: Krystian Kozak <krystian.kozak20@gmail.com>
4 years agoMerge pull request #10903 from stangri/19.07-vpn-policy-routing
Hannu Nyman [Tue, 31 Dec 2019 15:23:20 +0000 (17:23 +0200)]
Merge pull request #10903 from stangri/19.07-vpn-policy-routing

[19.07] vpn-policy-routing: initial release

4 years agoyoutube-dl: update to version 2019.12.25
Josef Schlehofer [Tue, 31 Dec 2019 02:06:29 +0000 (03:06 +0100)]
youtube-dl: update to version 2019.12.25

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
4 years agovpn-policy-routing: initial release 10903/head
Stan Grishin [Mon, 30 Dec 2019 14:40:38 +0000 (07:40 -0700)]
vpn-policy-routing: initial release

Signed-off-by: Stan Grishin <stangri@melmac.net>
4 years agonano: update to 4.7
Hannu Nyman [Sun, 29 Dec 2019 13:18:27 +0000 (15:18 +0200)]
nano: update to 4.7

Update nano to version 4.7

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit c62f8962ba3cf4e044941e372a155a97e5438ebd)

4 years agoMerge pull request #10897 from jefferyto/golang-format-ldflags-openwrt-19.07
Rosen Penev [Sun, 29 Dec 2019 12:36:16 +0000 (04:36 -0800)]
Merge pull request #10897 from jefferyto/golang-format-ldflags-openwrt-19.07

[openwrt-19.07] golang: Format TARGET_LDFLAGS for gcc

4 years agogolang: Format TARGET_LDFLAGS for gcc 10897/head
Jeffery To [Sun, 29 Dec 2019 10:43:01 +0000 (18:43 +0800)]
golang: Format TARGET_LDFLAGS for gcc

go invokes the external linker by calling gcc, so -zxxx options in
TARGET_LDFLAGS (in golang-package.mk) need to be formatted as -Wl,z,xxx.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from dbd6f224c38367fb3a26b1ed0b76dd5e284a98a7)

4 years agoMerge pull request #10892 from cshoredaniel/pr-19.07-radicale2-doc-passlib-bcrypt
Hannu Nyman [Sat, 28 Dec 2019 21:52:37 +0000 (23:52 +0200)]
Merge pull request #10892 from cshoredaniel/pr-19.07-radicale2-doc-passlib-bcrypt

[19.07] radicale2: Document suggested use of passlib and bcrypt