From e2b43afc857f9204f1ff234500d533665b8c8d35 Mon Sep 17 00:00:00 2001 From: Stijn Tintel Date: Wed, 18 Feb 2015 04:46:05 +0100 Subject: [PATCH 01/41] net-snmp: remove /etc/default/snmpd Debianism Signed-off-by: Stijn Tintel --- net/net-snmp/Makefile | 6 ------ net/net-snmp/files/snmpd.default | 1 - net/net-snmp/files/snmpd.init | 3 +-- 3 files changed, 1 insertion(+), 9 deletions(-) delete mode 100644 net/net-snmp/files/snmpd.default diff --git a/net/net-snmp/Makefile b/net/net-snmp/Makefile index 6fbf1b8bd..5736e0d7d 100644 --- a/net/net-snmp/Makefile +++ b/net/net-snmp/Makefile @@ -216,7 +216,6 @@ define Package/libnetsnmp/install endef define Package/snmpd/conffiles -/etc/default/snmpd /etc/config/snmpd endef @@ -225,8 +224,6 @@ define Package/snmpd/install $(INSTALL_DATA) ./files/snmpd.conf $(1)/etc/config/snmpd $(INSTALL_DIR) $(1)/etc/snmp ln -sf /var/run/snmpd.conf $(1)/etc/snmp/ - $(INSTALL_DIR) $(1)/etc/default - $(INSTALL_DATA) ./files/snmpd.default $(1)/etc/default/snmpd $(INSTALL_DIR) $(1)/etc/init.d $(INSTALL_BIN) ./files/snmpd.init $(1)/etc/init.d/snmpd $(INSTALL_DIR) $(1)/usr/sbin @@ -234,7 +231,6 @@ define Package/snmpd/install endef define Package/snmpd-static/conffiles -/etc/default/snmpd /etc/config/snmpd endef @@ -243,8 +239,6 @@ define Package/snmpd-static/install $(INSTALL_DATA) ./files/snmpd.conf $(1)/etc/config/snmpd $(INSTALL_DIR) $(1)/etc/snmp ln -sf /var/run/snmpd.conf $(1)/etc/snmp/ - $(INSTALL_DIR) $(1)/etc/default - $(INSTALL_DATA) ./files/snmpd.default $(1)/etc/default/snmpd $(INSTALL_DIR) $(1)/etc/init.d $(INSTALL_BIN) ./files/snmpd.init $(1)/etc/init.d/snmpd $(INSTALL_DIR) $(1)/usr/sbin diff --git a/net/net-snmp/files/snmpd.default b/net/net-snmp/files/snmpd.default deleted file mode 100644 index 758c8e44f..000000000 --- a/net/net-snmp/files/snmpd.default +++ /dev/null @@ -1 +0,0 @@ -OPTIONS="-Lf /dev/null -p /var/run/snmpd.pid" diff --git a/net/net-snmp/files/snmpd.init b/net/net-snmp/files/snmpd.init index 2668b7b3e..bde785a5b 100644 --- a/net/net-snmp/files/snmpd.init +++ b/net/net-snmp/files/snmpd.init @@ -2,7 +2,7 @@ # Copyright (C) 2008 OpenWrt.org START=50 -DEFAULT=/etc/default/snmpd +OPTIONS="-Lf /dev/null -p /var/run/snmpd.pid" LIB_D=/var/lib/snmp LOG_D=/var/log RUN_D=/var/run @@ -148,7 +148,6 @@ start() { config_foreach snmpd_exec_add exec config_foreach snmpd_disk_add disk - [ -f $DEFAULT ] && . $DEFAULT $DEBUG /usr/sbin/snmpd $OPTIONS } stop() { From 8faff3334f319f8a198e0da31b7f25263e407919 Mon Sep 17 00:00:00 2001 From: Stijn Tintel Date: Wed, 18 Feb 2015 05:05:27 +0100 Subject: [PATCH 02/41] net-snmp: convert snmpd to procd Signed-off-by: Stijn Tintel --- net/net-snmp/files/snmpd.init | 32 +++++++++++++++++--------------- 1 file changed, 17 insertions(+), 15 deletions(-) diff --git a/net/net-snmp/files/snmpd.init b/net/net-snmp/files/snmpd.init index bde785a5b..24488e7a5 100644 --- a/net/net-snmp/files/snmpd.init +++ b/net/net-snmp/files/snmpd.init @@ -2,12 +2,10 @@ # Copyright (C) 2008 OpenWrt.org START=50 -OPTIONS="-Lf /dev/null -p /var/run/snmpd.pid" -LIB_D=/var/lib/snmp -LOG_D=/var/log -RUN_D=/var/run -PID_F=$RUN_D/snmpd.pid -RUN_C=$RUN_D/snmpd.conf +USE_PROCD=1 +PROG="/usr/sbin/snmpd" + +RUN_C="/var/run/snmpd.conf" snmpd_agent_add() { local cfg="$1" @@ -129,11 +127,11 @@ snmpd_disk_add() { [ -n "$size" ] || return 0 echo "$disk $partition $size" >> $RUN_C } -start() { - [ -d $LIB_D ] || mkdir -p $LIB_D - [ -d $LOG_D ] || mkdir -p $LOG_D - [ -d $RUN_D ] || mkdir -p $RUN_D - [ -f $RUN_C ] && rm -f $RUN_C + +start_service() { + [ -f "$RUN_C" ] && rm -f "$RUN_C" + + procd_open_instance config_load snmpd @@ -148,9 +146,13 @@ start() { config_foreach snmpd_exec_add exec config_foreach snmpd_disk_add disk - $DEBUG /usr/sbin/snmpd $OPTIONS + procd_set_param command $PROG -Lf /dev/null -f + procd_set_param file $RUN_C + procd_set_param respawn + + procd_close_instance } -stop() { - [ -f $PID_F ] && kill $(cat $PID_F) - [ -f $RUN_C ] && rm -f $RUN_C + +stop_service() { + [ -f "$RUN_C" ] && rm -f "$RUN_C" } From 53fc8d3191cf9dc712cab9d7ae6a4b3d179fbdd1 Mon Sep 17 00:00:00 2001 From: Stijn Tintel Date: Wed, 18 Feb 2015 05:15:01 +0100 Subject: [PATCH 03/41] net-snmp: cosmetic changes in snmpd init script - Refactor RUN_C into CONFIGFILE, as used in dnsmasq and igmpproxy init scripts. - Add a newline after each function definition. Signed-off-by: Stijn Tintel --- net/net-snmp/files/snmpd.init | 47 +++++++++++++++++++++-------------- 1 file changed, 28 insertions(+), 19 deletions(-) diff --git a/net/net-snmp/files/snmpd.init b/net/net-snmp/files/snmpd.init index 24488e7a5..a26144766 100644 --- a/net/net-snmp/files/snmpd.init +++ b/net/net-snmp/files/snmpd.init @@ -5,30 +5,32 @@ START=50 USE_PROCD=1 PROG="/usr/sbin/snmpd" -RUN_C="/var/run/snmpd.conf" +CONFIGFILE="/var/run/snmpd.conf" snmpd_agent_add() { local cfg="$1" config_get agentaddress "$cfg" agentaddress [ -n "$agentaddress" ] || return 0 - echo "agentaddress $agentaddress" >> $RUN_C + echo "agentaddress $agentaddress" >> $CONFIGFILE } + snmpd_system_add() { local cfg="$1" config_get syslocation "$cfg" sysLocation - [ -n "$syslocation" ] && echo "sysLocation $syslocation" >> $RUN_C + [ -n "$syslocation" ] && echo "sysLocation $syslocation" >> $CONFIGFILE config_get syscontact "$cfg" sysContact - [ -n "$syscontact" ] && echo "sysContact $syscontact" >> $RUN_C + [ -n "$syscontact" ] && echo "sysContact $syscontact" >> $CONFIGFILE config_get sysname "$cfg" sysName - [ -n "$sysname" ] && echo "sysName $sysname" >> $RUN_C + [ -n "$sysname" ] && echo "sysName $sysname" >> $CONFIGFILE config_get sysservice "$cfg" sysService - [ -n "$sysservice" ] && echo "sysService $sysservice" >> $RUN_C + [ -n "$sysservice" ] && echo "sysService $sysservice" >> $CONFIGFILE config_get sysdescr "$cfg" sysDescr - [ -n "$sysdescr" ] && echo "sysDescr $sysdescr" >> $RUN_C + [ -n "$sysdescr" ] && echo "sysDescr $sysdescr" >> $CONFIGFILE config_get sysobjectid "$cfg" sysObjectID - [ -n "$sysobjectid" ] && echo "sysObjectID $sysobjectid" >> $RUN_C + [ -n "$sysobjectid" ] && echo "sysObjectID $sysobjectid" >> $CONFIGFILE } + snmpd_com2sec_add() { local cfg="$1" config_get secname "$cfg" secname @@ -37,8 +39,9 @@ snmpd_com2sec_add() { [ -n "$source" ] || return 0 config_get community "$cfg" community [ -n "$community" ] || return 0 - echo "com2sec $secname $source $community" >> $RUN_C + echo "com2sec $secname $source $community" >> $CONFIGFILE } + snmpd_com2sec6_add() { local cfg="$1" config_get secname "$cfg" secname @@ -47,8 +50,9 @@ snmpd_com2sec6_add() { [ -n "$source" ] || return 0 config_get community "$cfg" community [ -n "$community" ] || return 0 - echo "com2sec6 $secname $source $community" >> $RUN_C + echo "com2sec6 $secname $source $community" >> $CONFIGFILE } + snmpd_group_add() { local cfg="$1" config_get group "$cfg" group @@ -57,8 +61,9 @@ snmpd_group_add() { [ -n "$version" ] || return 0 config_get secname "$cfg" secname [ -n "$secname" ] || return 0 - echo "group $group $version $secname" >> $RUN_C + echo "group $group $version $secname" >> $CONFIGFILE } + snmpd_view_add() { local cfg="$1" config_get viewname "$cfg" viewname @@ -69,8 +74,9 @@ snmpd_view_add() { [ -n "$oid" ] || return 0 # optional mask config_get mask "$cfg" mask - echo "view $viewname $type $oid $mask" >> $RUN_C + echo "view $viewname $type $oid $mask" >> $CONFIGFILE } + snmpd_access_add() { local cfg="$1" config_get group "$cfg" group @@ -90,8 +96,9 @@ snmpd_access_add() { [ -n "$write" ] || return 0 config_get notify "$cfg" notify [ -n "$notify" ] || return 0 - echo "access $group $context $version $level $prefix $read $write $notify" >> $RUN_C + echo "access $group $context $version $level $prefix $read $write $notify" >> $CONFIGFILE } + snmpd_pass_add() { local cfg="$1" local pass='pass' @@ -104,8 +111,9 @@ snmpd_pass_add() { [ $persist -ne 0 ] && pass='pass_persist' config_get priority "$cfg" priority priority=${priority:+-p $priority} - echo "$pass $priority $miboid $prog" >> $RUN_C + echo "$pass $priority $miboid $prog" >> $CONFIGFILE } + snmpd_exec_add() { local cfg="$1" @@ -115,8 +123,9 @@ snmpd_exec_add() { [ -n "$prog" ] || return 0 config_get args "$cfg" args config_get miboid "$cfg" miboid - echo "exec $miboid $name $prog $args" >> $RUN_C + echo "exec $miboid $name $prog $args" >> $CONFIGFILE } + snmpd_disk_add() { local cfg="$1" local disk='disk' @@ -125,11 +134,11 @@ snmpd_disk_add() { [ -n "$partition" ] || return 0 config_get size "$cfg" size [ -n "$size" ] || return 0 - echo "$disk $partition $size" >> $RUN_C + echo "$disk $partition $size" >> $CONFIGFILE } start_service() { - [ -f "$RUN_C" ] && rm -f "$RUN_C" + [ -f "$CONFIGFILE" ] && rm -f "$CONFIGFILE" procd_open_instance @@ -147,12 +156,12 @@ start_service() { config_foreach snmpd_disk_add disk procd_set_param command $PROG -Lf /dev/null -f - procd_set_param file $RUN_C + procd_set_param file $CONFIGFILE procd_set_param respawn procd_close_instance } stop_service() { - [ -f "$RUN_C" ] && rm -f "$RUN_C" + [ -f "$CONFIGFILE" ] && rm -f "$CONFIGFILE" } From bee2865492fa8321a74627fd15a24c7caf54790d Mon Sep 17 00:00:00 2001 From: Stijn Tintel Date: Wed, 18 Feb 2015 06:03:54 +0100 Subject: [PATCH 04/41] net-snmp: monitor ifindex changes When an ifindex for an interface changes, some monitoring tools can no longer find the interface and send alerts. Monitor all network interfaces via the procd netdev parameter, so that /etc/init.d/snmpd reload will restart snmpd if any ifindex changed. Signed-off-by: Stijn Tintel --- net/net-snmp/files/snmpd.init | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/net/net-snmp/files/snmpd.init b/net/net-snmp/files/snmpd.init index a26144766..3dd8c41dc 100644 --- a/net/net-snmp/files/snmpd.init +++ b/net/net-snmp/files/snmpd.init @@ -159,6 +159,10 @@ start_service() { procd_set_param file $CONFIGFILE procd_set_param respawn + for iface in $(ls /sys/class/net 2>/dev/null); do + procd_append_param netdev "$iface" + done + procd_close_instance } From 2eaff113bd511f7def4d077465132163a37e8b53 Mon Sep 17 00:00:00 2001 From: Aedan Renner Date: Mon, 9 Mar 2015 15:53:57 -0700 Subject: [PATCH 05/41] version updated to 1.4-2 (mwan3 1.6 compatible) new mwan3 1.6 rule options added: -sticky -timeout -ipset --- net/mwan3-luci/Makefile | 4 +-- .../usr/lib/lua/luci/model/cbi/mwan/rule.lua | 33 +++++++++++++++++++ .../lua/luci/model/cbi/mwan/ruleconfig.lua | 13 ++++++++ 3 files changed, 48 insertions(+), 2 deletions(-) diff --git a/net/mwan3-luci/Makefile b/net/mwan3-luci/Makefile index eed234875..6656806b5 100644 --- a/net/mwan3-luci/Makefile +++ b/net/mwan3-luci/Makefile @@ -8,8 +8,8 @@ include $(TOPDIR)/rules.mk PKG_NAME:=luci-app-mwan3 -PKG_VERSION:=1.3 -PKG_RELEASE:=5 +PKG_VERSION:=1.4 +PKG_RELEASE:=2 PKG_MAINTAINER:=Aedan Renner PKG_LICENSE:=GPLv2 diff --git a/net/mwan3-luci/files/usr/lib/lua/luci/model/cbi/mwan/rule.lua b/net/mwan3-luci/files/usr/lib/lua/luci/model/cbi/mwan/rule.lua index bf524d1df..cbd8bdd03 100644 --- a/net/mwan3-luci/files/usr/lib/lua/luci/model/cbi/mwan/rule.lua +++ b/net/mwan3-luci/files/usr/lib/lua/luci/model/cbi/mwan/rule.lua @@ -88,6 +88,39 @@ proto = mwan_rule:option(DummyValue, "proto", translate("Protocol")) return self.map:get(s, "proto") or "all" end +sticky = mwan_rule:option(DummyValue, "sticky", translate("Sticky")) + sticky.rawhtml = true + function sticky.cfgvalue(self, s) + if self.map:get(s, "sticky") == "1" then + stickied = 1 + return "Yes" + else + stickied = nil + return "No" + end + end + +timeout = mwan_rule:option(DummyValue, "timeout", translate("Sticky timeout")) + timeout.rawhtml = true + function timeout.cfgvalue(self, s) + if stickied then + local timeoutValue = self.map:get(s, "timeout") + if timeoutValue then + return timeoutValue .. "s" + else + return "600s" + end + else + return "—" + end + end + +ipset = mwan_rule:option(DummyValue, "ipset", translate("IPset")) + ipset.rawhtml = true + function ipset.cfgvalue(self, s) + return self.map:get(s, "ipset") or "—" + end + use_policy = mwan_rule:option(DummyValue, "use_policy", translate("Policy assigned")) use_policy.rawhtml = true function use_policy.cfgvalue(self, s) diff --git a/net/mwan3-luci/files/usr/lib/lua/luci/model/cbi/mwan/ruleconfig.lua b/net/mwan3-luci/files/usr/lib/lua/luci/model/cbi/mwan/ruleconfig.lua index 831ab35b9..d880a72e2 100644 --- a/net/mwan3-luci/files/usr/lib/lua/luci/model/cbi/mwan/ruleconfig.lua +++ b/net/mwan3-luci/files/usr/lib/lua/luci/model/cbi/mwan/ruleconfig.lua @@ -81,6 +81,19 @@ proto = mwan_rule:option(Value, "proto", translate("Protocol"), proto:value("esp") cbiAddProtocol(proto) +sticky = mwan_rule:option(ListValue, "sticky", translate("Sticky"), + translate("Traffic from the same source IP address that previously matched this rule within the sticky timeout period will use the same WAN interface")) + sticky.default = "0" + sticky:value("1", translate("Yes")) + sticky:value("0", translate("No")) + +timeout = mwan_rule:option(Value, "timeout", translate("Sticky timeout"), + translate("Seconds. Acceptable values: 1-1000000. Defaults to 600 if not set")) + timeout.datatype = "range(1, 1000000)" + +ipset = mwan_rule:option(Value, "ipset", translate("IPset"), + translate("Name of IPset rule. Requires IPset rule in /etc/dnsmasq.conf (eg \"ipset=/youtube.com/youtube\")")) + use_policy = mwan_rule:option(Value, "use_policy", translate("Policy assigned")) cbiAddPolicy(use_policy) use_policy:value("unreachable", translate("unreachable (reject)")) From 8a307ac786c9e9b1fe4a3ab4eec92f6088d73ac3 Mon Sep 17 00:00:00 2001 From: Dirk Neukirchen Date: Thu, 29 Jan 2015 18:27:13 +0100 Subject: [PATCH 06/41] bogofilter: remove host includes - host GSL libs are sometimes found leading to errors reported by buildbot, replicated locally (Arch Linux) Error: configure: GSL_LIBS=-L/usr/lib -lgsl -lgslcblas -lm leading to /usr/include/features.h:398:23: fatal error: gnu/stubs.h: No such file or directory - explicit libdb location to prevent host includes Signed-off-by: Dirk Neukirchen --- mail/bogofilter/Makefile | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/mail/bogofilter/Makefile b/mail/bogofilter/Makefile index de3646b01..d31dfa8c1 100644 --- a/mail/bogofilter/Makefile +++ b/mail/bogofilter/Makefile @@ -35,7 +35,10 @@ define Package/bogofilter/description Bogofilter is a fast Bayesian spam filter endef -CONFIGURE_ARGS += --disable-unicode +CONFIGURE_ARGS += \ + --disable-unicode \ + --with-libdb-prefix=$(STAGING_DIR) \ + --with-included-gsl define Package/bogofilter/install $(INSTALL_DIR) $(1)/etc/ \ From f59d4a76f843c04f08f8829c96fad041c8011197 Mon Sep 17 00:00:00 2001 From: Michael Heimpold Date: Fri, 13 Mar 2015 21:48:39 +0100 Subject: [PATCH 07/41] collectd: unbreak collectd-mod-modbus I tested it successfully on a Asus WL-500gP V2, querying a Modbus TCP server. Signed-off-by: Michael Heimpold --- utils/collectd/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/collectd/Makefile b/utils/collectd/Makefile index 1127133e4..61b05a884 100644 --- a/utils/collectd/Makefile +++ b/utils/collectd/Makefile @@ -298,7 +298,7 @@ $(eval $(call BuildPlugin,logfile,log files output,logfile,)) $(eval $(call BuildPlugin,madwifi,MadWifi status input,madwifi,)) #$(eval $(call BuildPlugin,mysql,MySQL status input,mysql,+PACKAGE_collectd-mod-mysql:libmysqlclient-r)) $(eval $(call BuildPlugin,memory,physical memory usage input,memory,)) -$(eval $(call BuildPlugin,modbus,read variables through libmodbus,modbus,+PACKAGE_collectd-mod-modbus:libmodbus @BROKEN)) +$(eval $(call BuildPlugin,modbus,read variables through libmodbus,modbus,+PACKAGE_collectd-mod-modbus:libmodbus)) $(eval $(call BuildPlugin,netlink,netlink input,netlink,+PACKAGE_collectd-mod-netlink:ip @BROKEN)) $(eval $(call BuildPlugin,network,network input/output,network)) $(eval $(call BuildPlugin,nginx,nginx status input,nginx,+PACKAGE_collectd-mod-nginx:libcurl)) From 3b6fd83312a8c405fd0bc156d1cb37c376b0f788 Mon Sep 17 00:00:00 2001 From: Hannu Nyman Date: Sat, 14 Mar 2015 12:09:34 +0200 Subject: [PATCH 08/41] patch: bump version to 2.7.5 Bump GNU patch from 2.7.4 to 2.7.5. Changelog: http://git.savannah.gnu.org/cgit/patch.git/tree/NEWS Changes in version 2.7.5: * There are users which expect patch to follow symbolic links in the working directory, so patch now again follows symbolic links as long as they do not leave the working directory. Signed-off-by: Hannu Nyman --- devel/patch/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/devel/patch/Makefile b/devel/patch/Makefile index b7119a485..d705a30a1 100644 --- a/devel/patch/Makefile +++ b/devel/patch/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=patch -PKG_VERSION:=2.7.4 +PKG_VERSION:=2.7.5 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=@GNU/patch -PKG_MD5SUM:=abc59498fcdddd44e0d07764aa105fd2 +PKG_MD5SUM:=e3da7940431633fb65a01b91d3b7a27a PKG_LICENSE:=GPL-3.0+ PKG_LICENSE_FILES:=COPYING From 678e0e46f0b1fa8c3fee4fc1a977f4cedb46bbd8 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Sat, 14 Mar 2015 14:11:57 +0100 Subject: [PATCH 09/41] openconnect: upgraded to 7.05 Signed-off-by: Nikos Mavrogiannopoulos --- net/openconnect/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/net/openconnect/Makefile b/net/openconnect/Makefile index c3098b4d3..605d65380 100644 --- a/net/openconnect/Makefile +++ b/net/openconnect/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openconnect -PKG_VERSION:=7.04 -PKG_RELEASE:=3 +PKG_VERSION:=7.05 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=ftp://ftp.infradead.org/pub/openconnect/ -PKG_MD5SUM:=828fe81388b7ea1155419b8be64a350f +PKG_MD5SUM:=10cd4f61e8a11cdf793da2b0fd7a6003 PKG_CONFIG_DEPENDS:= \ CONFIG_OPENCONNECT_GNUTLS \ From 2ad3706813c21c1f65f4ed5bc910f3d36304ef6b Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Sat, 14 Mar 2015 14:14:19 +0100 Subject: [PATCH 10/41] libtasn1: updated to 4.3 Signed-off-by: Nikos Mavrogiannopoulos --- libs/libtasn1/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libs/libtasn1/Makefile b/libs/libtasn1/Makefile index dd106bd1d..fe8a2c254 100644 --- a/libs/libtasn1/Makefile +++ b/libs/libtasn1/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=libtasn1 -PKG_VERSION:=4.2 +PKG_VERSION:=4.3 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=ftp://ftp.gnu.org/gnu/libtasn1 -PKG_MD5SUM:=414df906df421dee0a5cf7548788d153 +PKG_MD5SUM:=67e98988f966a34fbf1b82d33eef9e7e #PKG_FIXUP:=autoreconf PKG_INSTALL:=1 From e9eea7891049c42d255c87cc5b385e50799b9813 Mon Sep 17 00:00:00 2001 From: Luiz Angelo Daros de Luca Date: Sun, 8 Mar 2015 02:32:02 -0300 Subject: [PATCH 11/41] git: configure as cross compiling Previously, ./configure was running checking local system and not OpenWRT target. This would avoid any configure test about OpenWRT libraries. With a patch in configure, non cross-compiling-friend test are ignored and Makefile can use default configure. As side effect, git commands are now at /usr/lib/git-core and not /usr/libexec/git-core. Signed-off-by: Luiz Angelo Daros de Luca --- net/git/Makefile | 9 +++--- .../patches/300-configure_for_crosscompiling | 32 +++++++++++++++++++ 2 files changed, 36 insertions(+), 5 deletions(-) create mode 100644 net/git/patches/300-configure_for_crosscompiling diff --git a/net/git/Makefile b/net/git/Makefile index eea0593d7..30f8ebd57 100644 --- a/net/git/Makefile +++ b/net/git/Makefile @@ -1,5 +1,5 @@ # -# Copyright (C) 2009-2014 OpenWrt.org +# Copyright (C) 2009-2015 OpenWrt.org # # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=git PKG_VERSION:=2.3.0 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=@KERNEL/software/scm/git/ @@ -17,6 +17,7 @@ PKG_MD5SUM:=e5880760d1f43f4f49b3bf94b9046eee PKG_INSTALL:=1 PKG_BUILD_PARALLEL:=1 +PKG_FIXUP:=autoreconf include $(INCLUDE_DIR)/package.mk @@ -57,9 +58,7 @@ define Build/Configure $(MAKE) -C $(PKG_BUILD_DIR) \ configure - ( cd $(PKG_BUILD_DIR); \ - ./configure --prefix=/usr \ - ); + $(call Build/Configure/Default,) endef define Package/git/install diff --git a/net/git/patches/300-configure_for_crosscompiling b/net/git/patches/300-configure_for_crosscompiling new file mode 100644 index 000000000..a62bcc938 --- /dev/null +++ b/net/git/patches/300-configure_for_crosscompiling @@ -0,0 +1,32 @@ +--- git-2.3.0/configure.ac.old 2015-03-08 01:19:33.675810197 -0300 ++++ git-2.3.0/configure.ac 2015-03-08 01:27:10.688033125 -0300 +@@ -844,7 +844,8 @@ + FILE *f = fopen(".", "r"); + return f && fread(&c, 1, 1, f)]])], + [ac_cv_fread_reads_directories=no], +- [ac_cv_fread_reads_directories=yes]) ++ [ac_cv_fread_reads_directories=yes], ++ [ac_cv_fread_reads_directories=no]) + ]) + if test $ac_cv_fread_reads_directories = yes; then + FREAD_READS_DIRECTORIES=UnfortunatelyYes +@@ -878,7 +879,8 @@ + if (snprintf(buf, 3, "%s", "12345") != 5 + || strcmp(buf, "12")) return 1]])], + [ac_cv_snprintf_returns_bogus=no], +- [ac_cv_snprintf_returns_bogus=yes]) ++ [ac_cv_snprintf_returns_bogus=yes], ++ [ac_cv_snprintf_returns_bogus=no]) + ]) + if test $ac_cv_snprintf_returns_bogus = yes; then + SNPRINTF_RETURNS_BOGUS=UnfortunatelyYes +@@ -901,7 +903,8 @@ + #endif + ]), + [ac_cv_sane_mode_bits=yes], +- [ac_cv_sane_mode_bits=no]) ++ [ac_cv_sane_mode_bits=no], ++ [ac_cv_sane_mode_bits=yes]) + ]) + if test $ac_cv_sane_mode_bits = yes; then + NEEDS_MODE_TRANSLATION= From dccc2268bb11ea65ee98ed7c355b913375d089f5 Mon Sep 17 00:00:00 2001 From: Luiz Angelo Daros de Luca Date: Sun, 8 Mar 2015 05:46:46 -0300 Subject: [PATCH 12/41] git: add subpackage for http(s)/ftp(s) commands This patch add a new package, git-http, that contains all http related commands (and ftp as extra). All http/ftp depends on libcurl. Even without SSL suport in libcurl, git compiles and it returns an informative error only at runtime. The use of symlinks now are trigged using NO_INSTALL_HARDLINKS env and not based only on Makefile patch. imap-send was kept builtin and idependent of curl (just as it was before) Template files, which are not necessary, where removed. Signed-off-by: Luiz Angelo Daros de Luca --- net/git/Makefile | 56 +++++++++++++++++-- net/git/patches/100-convert_builtin.patch | 44 ++------------- .../patches/400-imapsend_without_curl.patch | 11 ++++ 3 files changed, 67 insertions(+), 44 deletions(-) create mode 100644 net/git/patches/400-imapsend_without_curl.patch diff --git a/net/git/Makefile b/net/git/Makefile index 30f8ebd57..6c3ac796e 100644 --- a/net/git/Makefile +++ b/net/git/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=git PKG_VERSION:=2.3.0 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=@KERNEL/software/scm/git/ @@ -21,7 +21,7 @@ PKG_FIXUP:=autoreconf include $(INCLUDE_DIR)/package.mk -define Package/git +define Package/git/Default SECTION:=net CATEGORY:=Network SUBMENU:=Version Control Systems @@ -31,18 +31,35 @@ define Package/git MAINTAINER:=Peter Wagner endef +define Package/git +$(call Package/git/Default) + DEPENDS:=+libopenssl +libpthread +librt + TITLE:=The fast version control system +endef + define Package/git/description Git is a free & open source, distributed version control system designed to handle everything from small to very large projects with speed and efficiency. endef +define Package/git-http +$(call Package/git/Default) + DEPENDS:=git +libcurl +ca-certificates + TITLE:=Git HTTP commands +endef + +define Package/git-http/description +$(call Package/git/description) + + This package allows git push/fetch over http(s) and ftp(s) +endef + MAKE_FLAGS := \ CC="$(TARGET_CC)" \ CFLAGS="$(TARGET_CFLAGS)" \ CPPFLAGS="$(TARGET_CPPFLAGS)" \ LDFLAGS="$(TARGET_LDFLAGS)" \ - NO_CURL="YesPlease" \ NO_EXPAT="YesPlease" \ NO_MKSTEMPS="YesPlease" \ NO_GETTEXT="YesPlease" \ @@ -52,7 +69,11 @@ MAKE_FLAGS := \ NO_NSEC="YesPlease" \ NO_PERL="YesPlease" \ NO_PYTHON="YesPlease" \ - NO_TCLTK="YesPlease" + NO_TCLTK="YesPlease" \ + NO_INSTALL_HARDLINKS="yes" \ + +CONFIGURE_ARGS += \ + --without-iconv \ define Build/Configure $(MAKE) -C $(PKG_BUILD_DIR) \ @@ -62,9 +83,32 @@ define Build/Configure endef define Package/git/install - $(INSTALL_DIR) $(1) + $(INSTALL_DIR) $(1)/usr/bin + $(CP) $(PKG_INSTALL_DIR)/usr/bin/git $(1)/usr/bin $(RM) $(PKG_INSTALL_DIR)/usr/bin/git-cvsserver - $(CP) $(PKG_INSTALL_DIR)/* $(1)/ + $(CP) $(PKG_INSTALL_DIR)/usr/bin/git-* $(1)/usr/bin + $(INSTALL_DIR) $(1)/usr/lib/git-core + ( cd $(PKG_INSTALL_DIR); $(TAR) \ + --exclude=usr/lib/git-core/git-http-backend \ + --exclude=usr/lib/git-core/git-http-fetch \ + --exclude=usr/lib/git-core/git-remote-ftp \ + --exclude=usr/lib/git-core/git-remote-ftps \ + --exclude=usr/lib/git-core/git-remote-http \ + --exclude=usr/lib/git-core/git-remote-https \ + -cf - \ + usr/lib/git-core \ + ) | ( cd $(1); $(TAR) -xf - ) +endef + +define Package/git-http/install + $(INSTALL_DIR) $(1)/usr/lib/git-core + $(CP) $(PKG_INSTALL_DIR)/usr/lib/git-core/git-http-backend $(1)/usr/lib/git-core + $(CP) $(PKG_INSTALL_DIR)/usr/lib/git-core/git-http-fetch $(1)/usr/lib/git-core + $(CP) $(PKG_INSTALL_DIR)/usr/lib/git-core/git-remote-ftp $(1)/usr/lib/git-core + $(CP) $(PKG_INSTALL_DIR)/usr/lib/git-core/git-remote-ftps $(1)/usr/lib/git-core + $(CP) $(PKG_INSTALL_DIR)/usr/lib/git-core/git-remote-http $(1)/usr/lib/git-core + $(CP) $(PKG_INSTALL_DIR)/usr/lib/git-core/git-remote-https $(1)/usr/lib/git-core endef $(eval $(call BuildPackage,git)) +$(eval $(call BuildPackage,git-http)) diff --git a/net/git/patches/100-convert_builtin.patch b/net/git/patches/100-convert_builtin.patch index 20199611c..52bebaa6c 100644 --- a/net/git/patches/100-convert_builtin.patch +++ b/net/git/patches/100-convert_builtin.patch @@ -14,17 +14,16 @@ -PROGRAM_OBJS += show-index.o -PROGRAM_OBJS += upload-pack.o -PROGRAM_OBJS += remote-testsvn.o -+PROGRAM_OBJS = ++PROGRAM_OBJS += http-backend.o # Binary suffix, set to .exe for Windows builds X = -@@ -896,6 +887,12 @@ BUILTIN_OBJS += builtin/verify-commit.o +@@ -896,6 +887,11 @@ BUILTIN_OBJS += builtin/verify-commit.o BUILTIN_OBJS += builtin/verify-pack.o BUILTIN_OBJS += builtin/verify-tag.o BUILTIN_OBJS += builtin/write-tree.o +BUILTIN_OBJS += builtin/daemon.o +BUILTIN_OBJS += builtin/fast-import.o -+BUILTIN_OBJS += builtin/http-backend.o +BUILTIN_OBJS += builtin/imap-send.o +BUILTIN_OBJS += builtin/shell.o +BUILTIN_OBJS += builtin/upload-pack.o @@ -51,7 +50,7 @@ git-http-fetch$X: http.o http-walker.o http-fetch.o GIT-LDFLAGS $(GITLIBS) $(QUIET_LINK)$(CC) $(ALL_CFLAGS) -o $@ $(ALL_LDFLAGS) $(filter %.o,$^) \ $(LIBS) $(CURL_LIBCURL) -@@ -2254,24 +2247,22 @@ endif +@@ -2254,10 +2247,11 @@ endif bindir=$$(cd '$(DESTDIR_SQ)$(bindir_SQ)' && pwd) && \ execdir=$$(cd '$(DESTDIR_SQ)$(gitexec_instdir_SQ)' && pwd) && \ { test "$$bindir/" = "$$execdir/" || \ @@ -59,34 +58,19 @@ + for p in $(filter $(install_bindir_programs),$(ALL_PROGRAMS)); do \ $(RM) "$$execdir/$$p" && \ test -z "$(NO_INSTALL_HARDLINKS)$(NO_CROSS_DIRECTORY_HARDLINKS)" && \ -- ln "$$bindir/$$p" "$$execdir/$$p" 2>/dev/null || \ + ln "$$bindir/$$p" "$$execdir/$$p" 2>/dev/null || \ + ln -s git "$$execdir/$$p" 2>/dev/null || \ cp "$$bindir/$$p" "$$execdir/$$p" || exit; \ done; \ } && \ - for p in $(filter $(install_bindir_programs),$(BUILT_INS)); do \ - $(RM) "$$bindir/$$p" && \ - test -z "$(NO_INSTALL_HARDLINKS)" && \ -- ln "$$bindir/git$X" "$$bindir/$$p" 2>/dev/null || \ - ln -s "git$X" "$$bindir/$$p" 2>/dev/null || \ - cp "$$bindir/git$X" "$$bindir/$$p" || exit; \ - done && \ - for p in $(BUILT_INS); do \ - $(RM) "$$execdir/$$p" && \ - test -z "$(NO_INSTALL_HARDLINKS)" && \ -- ln "$$execdir/git$X" "$$execdir/$$p" 2>/dev/null || \ - ln -s "git$X" "$$execdir/$$p" 2>/dev/null || \ - cp "$$execdir/git$X" "$$execdir/$$p" || exit; \ - done && \ --- a/builtin.h +++ b/builtin.h -@@ -138,5 +138,11 @@ extern int cmd_verify_pack(int argc, con +@@ -138,5 +138,10 @@ extern int cmd_verify_pack(int argc, con extern int cmd_show_ref(int argc, const char **argv, const char *prefix); extern int cmd_pack_refs(int argc, const char **argv, const char *prefix); extern int cmd_replace(int argc, const char **argv, const char *prefix); +extern int cmd_daemon(int argc, char **argv, const char *prefix); +extern int cmd_fast_import(int argc, char **argv, const char *prefix); -+extern int cmd_http_backend(int argc, char **argv, const char *prefix); +extern int cmd_imap_send(int argc, char **argv, const char *prefix); +extern int cmd_shell(int argc, char **argv, const char *prefix); +extern int cmd_upload_pack(int argc, char **argv, const char *prefix); @@ -101,10 +85,6 @@ @@ -0,0 +1 @@ +#include "../fast-import.c" --- /dev/null -+++ b/builtin/http-backend.c -@@ -0,0 +1 @@ -+#include "../http-backend.c" ---- /dev/null +++ b/builtin/imap-send.c @@ -0,0 +1 @@ +#include "../imap-send.c" @@ -181,11 +161,10 @@ { "describe", cmd_describe, RUN_SETUP }, { "diff", cmd_diff }, { "diff-files", cmd_diff_files, RUN_SETUP | NEED_WORK_TREE }, -@@ -411,6 +412,8 @@ static struct cmd_struct commands[] = { +@@ -411,6 +412,7 @@ static struct cmd_struct commands[] = { { "grep", cmd_grep, RUN_SETUP_GENTLY }, { "hash-object", cmd_hash_object }, { "help", cmd_help }, -+ { "http-backend", cmd_http_backend }, + { "imap-send", cmd_imap_send }, { "index-pack", cmd_index_pack, RUN_SETUP_GENTLY }, { "init", cmd_init_db, NO_SETUP }, @@ -206,17 +185,6 @@ { "var", cmd_var, RUN_SETUP_GENTLY }, { "verify-commit", cmd_verify_commit, RUN_SETUP }, { "verify-pack", cmd_verify_pack }, ---- a/http-backend.c -+++ b/http-backend.c -@@ -557,7 +557,7 @@ static struct service_cmd { - {"POST", "/git-receive-pack$", service_rpc} - }; - --int main(int argc, char **argv) -+int cmd_http_backend(int argc, char **argv, const char *prefix) - { - char *method = getenv("REQUEST_METHOD"); - char *dir; --- a/imap-send.c +++ b/imap-send.c @@ -1484,7 +1484,7 @@ static int curl_append_msgs_to_imap(stru diff --git a/net/git/patches/400-imapsend_without_curl.patch b/net/git/patches/400-imapsend_without_curl.patch new file mode 100644 index 000000000..1b5dff30d --- /dev/null +++ b/net/git/patches/400-imapsend_without_curl.patch @@ -0,0 +1,11 @@ +--- git-2.3.0/Makefile.old 2015-03-08 02:14:42.857845824 -0300 ++++ git-2.3.0/Makefile 2015-03-08 02:15:06.697451372 -0300 +@@ -1039,7 +1039,7 @@ + endif + curl_check := $(shell (echo 072200; curl-config --vernum) 2>/dev/null | sort -r | sed -ne 2p) + ifeq "$(curl_check)" "072200" +- USE_CURL_FOR_IMAP_SEND = YesPlease ++# USE_CURL_FOR_IMAP_SEND = YesPlease + endif + ifdef USE_CURL_FOR_IMAP_SEND + BASIC_CFLAGS += -DUSE_CURL_FOR_IMAP_SEND From dd091f235f76bc360f802bcef5033cce5edaced7 Mon Sep 17 00:00:00 2001 From: Alexandru Ardelean Date: Fri, 13 Mar 2015 22:19:13 +0200 Subject: [PATCH 13/41] python3: re-number patches Signed-off-by: Alexandru Ardelean --- .../patches/{110-enable-zlib.patch => 001-enable-zlib.patch} | 0 ...tch => 002-do-not-add-include-dirs-when-cross-compiling.patch} | 0 ...distutils-tests.patch => 003-do-not-run-distutils-tests.patch} | 0 ...write-bytes-codes.patch => 004-do-not-write-bytes-codes.patch} | 0 4 files changed, 0 insertions(+), 0 deletions(-) rename lang/python3/patches/{110-enable-zlib.patch => 001-enable-zlib.patch} (100%) rename lang/python3/patches/{120-do-not-add-include-dirs-when-cross-compiling.patch => 002-do-not-add-include-dirs-when-cross-compiling.patch} (100%) rename lang/python3/patches/{130-do-not-run-distutils-tests.patch => 003-do-not-run-distutils-tests.patch} (100%) rename lang/python3/patches/{140-do-not-write-bytes-codes.patch => 004-do-not-write-bytes-codes.patch} (100%) diff --git a/lang/python3/patches/110-enable-zlib.patch b/lang/python3/patches/001-enable-zlib.patch similarity index 100% rename from lang/python3/patches/110-enable-zlib.patch rename to lang/python3/patches/001-enable-zlib.patch diff --git a/lang/python3/patches/120-do-not-add-include-dirs-when-cross-compiling.patch b/lang/python3/patches/002-do-not-add-include-dirs-when-cross-compiling.patch similarity index 100% rename from lang/python3/patches/120-do-not-add-include-dirs-when-cross-compiling.patch rename to lang/python3/patches/002-do-not-add-include-dirs-when-cross-compiling.patch diff --git a/lang/python3/patches/130-do-not-run-distutils-tests.patch b/lang/python3/patches/003-do-not-run-distutils-tests.patch similarity index 100% rename from lang/python3/patches/130-do-not-run-distutils-tests.patch rename to lang/python3/patches/003-do-not-run-distutils-tests.patch diff --git a/lang/python3/patches/140-do-not-write-bytes-codes.patch b/lang/python3/patches/004-do-not-write-bytes-codes.patch similarity index 100% rename from lang/python3/patches/140-do-not-write-bytes-codes.patch rename to lang/python3/patches/004-do-not-write-bytes-codes.patch From 70df2d9a0c6d7fd40dc0de203cb43ea9008c3169 Mon Sep 17 00:00:00 2001 From: Alexandru Ardelean Date: Thu, 12 Mar 2015 20:02:42 +0200 Subject: [PATCH 14/41] python3: upgrade to version 3.4.3 Signed-off-by: Alexandru Ardelean --- lang/python3/Makefile | 4 ++-- lang/python3/files/python3-package.mk | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/lang/python3/Makefile b/lang/python3/Makefile index d13a9f4da..2c0ecc2b9 100644 --- a/lang/python3/Makefile +++ b/lang/python3/Makefile @@ -14,12 +14,12 @@ PYTHON_VERSION:=$(PYTHON3_VERSION) PYTHON_VERSION_MICRO:=$(PYTHON3_VERSION_MICRO) PKG_NAME:=python3 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_VERSION:=$(PYTHON_VERSION).$(PYTHON_VERSION_MICRO) PKG_SOURCE:=Python-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=http://www.python.org/ftp/python/$(PKG_VERSION) -PKG_MD5SUM:=36fc7327c02c6f12fa24fc9ba78039e3 +PKG_MD5SUM:=7d092d1bba6e17f0d9bd21b49e441dd5 PKG_LICENSE:=PSF PKG_LICENSE_FILES:=LICENSE Modules/_ctypes/libffi_msvc/LICENSE Modules/_ctypes/darwin/LICENSE Modules/_ctypes/libffi/LICENSE Modules/_ctypes/libffi_osx/LICENSE Tools/pybench/LICENSE diff --git a/lang/python3/files/python3-package.mk b/lang/python3/files/python3-package.mk index b28ec5833..e76dc0bc8 100644 --- a/lang/python3/files/python3-package.mk +++ b/lang/python3/files/python3-package.mk @@ -6,7 +6,7 @@ # PYTHON3_VERSION:=3.4 -PYTHON3_VERSION_MICRO:=2 +PYTHON3_VERSION_MICRO:=3 PYTHON3_DIR:=$(STAGING_DIR)/usr PYTHON3_BIN_DIR:=$(PYTHON3_DIR)/bin From 741fdfd1e036bf758262c2ded8a31a1b4c73d8ac Mon Sep 17 00:00:00 2001 From: Alexandru Ardelean Date: Thu, 12 Mar 2015 20:01:20 +0200 Subject: [PATCH 15/41] python3: replicate packaging work done in python package Signed-off-by: Alexandru Ardelean --- lang/python3/Makefile | 92 +++++++++++++++---- lang/python3/files/python3-package-asyncio.mk | 16 ++++ lang/python3/files/python3-package-codecs.mk | 23 +++++ lang/python3/files/python3-package-ctypes.mk | 18 ++++ lang/python3/files/python3-package-dbm.mk | 17 ++++ lang/python3/files/python3-package-decimal.mk | 17 ++++ .../files/python3-package-distutils.mk | 16 ++++ lang/python3/files/python3-package-email.mk | 16 ++++ lang/python3/files/python3-package-gdbm.mk | 16 ++++ lang/python3/files/python3-package-logging.mk | 16 ++++ .../files/python3-package-multiprocessing.mk | 17 ++++ lang/python3/files/python3-package-ncurses.mk | 18 ++++ lang/python3/files/python3-package-openssl.mk | 17 ++++ lang/python3/files/python3-package-pydoc.mk | 18 ++++ lang/python3/files/python3-package-sqlite3.mk | 17 ++++ .../python3/files/python3-package-unittest.mk | 16 ++++ lang/python3/files/python3-package-xml.mk | 19 ++++ 17 files changed, 350 insertions(+), 19 deletions(-) create mode 100644 lang/python3/files/python3-package-asyncio.mk create mode 100644 lang/python3/files/python3-package-codecs.mk create mode 100644 lang/python3/files/python3-package-ctypes.mk create mode 100644 lang/python3/files/python3-package-dbm.mk create mode 100644 lang/python3/files/python3-package-decimal.mk create mode 100644 lang/python3/files/python3-package-distutils.mk create mode 100644 lang/python3/files/python3-package-email.mk create mode 100644 lang/python3/files/python3-package-gdbm.mk create mode 100644 lang/python3/files/python3-package-logging.mk create mode 100644 lang/python3/files/python3-package-multiprocessing.mk create mode 100644 lang/python3/files/python3-package-ncurses.mk create mode 100644 lang/python3/files/python3-package-openssl.mk create mode 100644 lang/python3/files/python3-package-pydoc.mk create mode 100644 lang/python3/files/python3-package-sqlite3.mk create mode 100644 lang/python3/files/python3-package-unittest.mk create mode 100644 lang/python3/files/python3-package-xml.mk diff --git a/lang/python3/Makefile b/lang/python3/Makefile index 2c0ecc2b9..1fb001aa0 100644 --- a/lang/python3/Makefile +++ b/lang/python3/Makefile @@ -1,5 +1,5 @@ # -# Copyright (C) 2006-2014 OpenWrt.org +# Copyright (C) 2006-2015 OpenWrt.org # # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. @@ -57,7 +57,7 @@ endef define Package/python3-base $(call Package/python3/Default) TITLE:=Python $(PYTHON_VERSION) interpreter - DEPENDS:=+libpthread +zlib +libffi +libopenssl + DEPENDS:=+libpthread +zlib endef define Package/python3-base/description @@ -65,13 +65,45 @@ define Package/python3-base/description for the interpreter to start. endef +define Package/python3-light +$(call Package/python3/Default) + TITLE:=Python $(PYTHON_VERSION) light installation + DEPENDS:=+python3-base +libffi +libbz2 +endef + +define Package/python3-light/description + This package is essentially the python3-base package plus + a few of the rarely used (and big) libraries stripped out + into separate packages. +endef + +# Define newline here, since it's not defined in OpenWRT +define newline + + +endef + +PYTHON3_LIB_FILES_DEL:= +PYTHON3_PACKAGES:= +PYTHON3_SO_SUFFIX:=cpython-34.so +define Py3BasePackage + PYTHON3_PACKAGES+=$(1) + PYTHON3_LIB_FILES_DEL+=$(2) + define Py3Package/$(1)/filespec + $(subst $(space),$(newline),$(foreach lib_file,$(2),+|$(lib_file))) + endef +endef + +include ./files/python3-package-*.mk + define Package/python3 $(call Package/python3/Default) - DEPENDS:=+python3-base +libncursesw +libbz2 +libgdbm +libsqlite3 +libdb47 + DEPENDS:=+python3-light $(foreach package,$(PYTHON3_PACKAGES),+$(package)) endef define Package/python3/description This package contains the (almost) full Python install. + It's python3-light + all other packages. endef MAKE_FLAGS+=\ @@ -123,29 +155,34 @@ define Build/InstallDev $(1)/usr/lib/python$(PYTHON_VERSION)/ endef +PYTHON3_BASE_LIB_FILES:= \ + /usr/lib/python$(PYTHON_VERSION)/_collections_abc.py \ + /usr/lib/python$(PYTHON_VERSION)/_sitebuiltins.py \ + /usr/lib/python$(PYTHON_VERSION)/_sysconfigdata.py \ + /usr/lib/python$(PYTHON_VERSION)/_weakrefset.py \ + /usr/lib/python$(PYTHON_VERSION)/abc.py \ + /usr/lib/python$(PYTHON_VERSION)/codecs.py \ + /usr/lib/python$(PYTHON_VERSION)/genericpath.py \ + /usr/lib/python$(PYTHON_VERSION)/io.py \ + /usr/lib/python$(PYTHON_VERSION)/os.py \ + /usr/lib/python$(PYTHON_VERSION)/posixpath.py \ + /usr/lib/python$(PYTHON_VERSION)/site.py \ + /usr/lib/python$(PYTHON_VERSION)/sysconfig.py \ + /usr/lib/python$(PYTHON_VERSION)/stat.py + +PYTHON3_LIB_FILES_DEL+=$(PYTHON3_BASE_LIB_FILES) + define Py3Package/python3-base/filespec +|/usr/bin/python$(PYTHON_VERSION) -+|/usr/lib/python$(PYTHON_VERSION)/encodings -+|/usr/lib/python$(PYTHON_VERSION)/_collections_abc.py -+|/usr/lib/python$(PYTHON_VERSION)/_sitebuiltins.py -+|/usr/lib/python$(PYTHON_VERSION)/_sysconfigdata.py -+|/usr/lib/python$(PYTHON_VERSION)/_weakrefset.py -+|/usr/lib/python$(PYTHON_VERSION)/abc.py -+|/usr/lib/python$(PYTHON_VERSION)/codecs.py -+|/usr/lib/python$(PYTHON_VERSION)/genericpath.py -+|/usr/lib/python$(PYTHON_VERSION)/io.py -+|/usr/lib/python$(PYTHON_VERSION)/os.py -+|/usr/lib/python$(PYTHON_VERSION)/posixpath.py -+|/usr/lib/python$(PYTHON_VERSION)/site.py -+|/usr/lib/python$(PYTHON_VERSION)/sysconfig.py -+|/usr/lib/python$(PYTHON_VERSION)/stat.py +$(subst $(space),$(newline),$(foreach lib_file,$(PYTHON3_BASE_LIB_FILES),+|$(lib_file))) endef -define Py3Package/python3/filespec +define Py3Package/python3-light/filespec +|/usr/lib/python$(PYTHON_VERSION) -|/usr/lib/python$(PYTHON_VERSION)/config-$(PYTHON_VERSION) -|/usr/lib/python$(PYTHON_VERSION)/distutils/cygwinccompiler.py -|/usr/lib/python$(PYTHON_VERSION)/distutils/command/wininst* +-|/usr/lib/python$(PYTHON_VERSION)/ensurepip -|/usr/lib/python$(PYTHON_VERSION)/idlelib -|/usr/lib/python$(PYTHON_VERSION)/lib2to3 -|/usr/lib/python$(PYTHON_VERSION)/tkinter @@ -157,6 +194,8 @@ define Py3Package/python3/filespec -|/usr/lib/python$(PYTHON_VERSION)/webbrowser.py -|/usr/lib/python$(PYTHON_VERSION)/*/test -|/usr/lib/python$(PYTHON_VERSION)/*/tests +-|/usr/lib/python$(PYTHON_VERSION)/_osx_support.py +$(subst $(space),$(newline),$(foreach lib_file,$(PYTHON3_LIB_FILES_DEL),-|$(lib_file))) endef define Py3Package/python3-base/install @@ -167,6 +206,14 @@ define Py3Package/python3-base/install $(CP) $(PKG_INSTALL_DIR)/usr/lib/libpython$(PYTHON_VERSION).so* $(1)/usr/lib/ endef +define Py3Package/python3/filespec +-|$(PYTHON3_PKG_DIR) +endef + +HOST_CFLAGS+= \ + -I/usr/include/ncursesw \ + -I/usr/include/ncurses + HOST_CONFIGURE_ARGS+= \ --without-cxx-main \ --without-pymalloc \ @@ -174,7 +221,7 @@ HOST_CONFIGURE_ARGS+= \ --prefix=$(STAGING_DIR_HOST) \ --with-ensurepip=upgrade \ CONFIG_SITE= \ - OPT="$(HOST_CFLAGS)" + CFLAGS="$(HOST_CFLAGS)" define Host/Compile +$(MAKE) $(HOST_JOBS) -C $(HOST_BUILD_DIR) python Parser/pgen @@ -189,8 +236,15 @@ endef $(eval $(call HostBuild)) +$(foreach package, $(PYTHON3_PACKAGES), \ + $(eval $(call Py3Package,$(package))) \ + $(eval $(call BuildPackage,$(package))) \ +) + $(eval $(call Py3Package,python3-base)) +$(eval $(call Py3Package,python3-light)) $(eval $(call Py3Package,python3)) $(eval $(call BuildPackage,python3-base)) +$(eval $(call BuildPackage,python3-light)) $(eval $(call BuildPackage,python3)) diff --git a/lang/python3/files/python3-package-asyncio.mk b/lang/python3/files/python3-package-asyncio.mk new file mode 100644 index 000000000..1d2faab3f --- /dev/null +++ b/lang/python3/files/python3-package-asyncio.mk @@ -0,0 +1,16 @@ +# +# Copyright (C) 2006-2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +define Package/python3-asyncio +$(call Package/python3/Default) + TITLE:=Python $(PYTHON3_VERSION) asyncio module + DEPENDS:=+python3-light +endef + +$(eval $(call Py3BasePackage,python3-asyncio, \ + /usr/lib/python$(PYTHON3_VERSION)/asyncio \ +)) diff --git a/lang/python3/files/python3-package-codecs.mk b/lang/python3/files/python3-package-codecs.mk new file mode 100644 index 000000000..67c3ee51a --- /dev/null +++ b/lang/python3/files/python3-package-codecs.mk @@ -0,0 +1,23 @@ +# +# Copyright (C) 2006-2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +define Package/python3-codecs +$(call Package/python3/Default) + TITLE:=Python $(PYTHON3_VERSION) codecs + unicode support + DEPENDS:=+python3-light +endef + +$(eval $(call Py3BasePackage,python3-codecs, \ + /usr/lib/python$(PYTHON3_VERSION)/encodings \ + /usr/lib/python$(PYTHON3_VERSION)/lib-dynload/_codecs_cn.$(PYTHON3_SO_SUFFIX) \ + /usr/lib/python$(PYTHON3_VERSION)/lib-dynload/_codecs_hk.$(PYTHON3_SO_SUFFIX) \ + /usr/lib/python$(PYTHON3_VERSION)/lib-dynload/_codecs_iso2022.$(PYTHON3_SO_SUFFIX) \ + /usr/lib/python$(PYTHON3_VERSION)/lib-dynload/_codecs_jp.$(PYTHON3_SO_SUFFIX) \ + /usr/lib/python$(PYTHON3_VERSION)/lib-dynload/_codecs_kr.$(PYTHON3_SO_SUFFIX) \ + /usr/lib/python$(PYTHON3_VERSION)/lib-dynload/_codecs_tw.$(PYTHON3_SO_SUFFIX) \ + /usr/lib/python$(PYTHON3_VERSION)/lib-dynload/unicodedata.$(PYTHON3_SO_SUFFIX) \ +)) diff --git a/lang/python3/files/python3-package-ctypes.mk b/lang/python3/files/python3-package-ctypes.mk new file mode 100644 index 000000000..97c2c768a --- /dev/null +++ b/lang/python3/files/python3-package-ctypes.mk @@ -0,0 +1,18 @@ +# +# Copyright (C) 2006-2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +define Package/python3-ctypes +$(call Package/python3/Default) + TITLE:=Python $(PYTHON3_VERSION) ctypes module + DEPENDS:=+python3-light +endef + +$(eval $(call Py3BasePackage,python3-ctypes, \ + /usr/lib/python$(PYTHON3_VERSION)/ctypes \ + /usr/lib/python$(PYTHON3_VERSION)/lib-dynload/_ctypes.$(PYTHON3_SO_SUFFIX) \ + /usr/lib/python$(PYTHON3_VERSION)/lib-dynload/_ctypes_test.$(PYTHON3_SO_SUFFIX) \ +)) diff --git a/lang/python3/files/python3-package-dbm.mk b/lang/python3/files/python3-package-dbm.mk new file mode 100644 index 000000000..ed343d81a --- /dev/null +++ b/lang/python3/files/python3-package-dbm.mk @@ -0,0 +1,17 @@ +# +# Copyright (C) 2006-2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +define Package/python3-dbm +$(call Package/python3/Default) + TITLE:=Python $(PYTHON3_VERSION) dbm module + DEPENDS:=+python3-light +libdb47 +endef + +$(eval $(call Py3BasePackage,python3-dbm, \ + /usr/lib/python$(PYTHON3_VERSION)/dbm \ + /usr/lib/python$(PYTHON3_VERSION)/lib-dynload/_dbm.$(PYTHON3_SO_SUFFIX) \ +)) diff --git a/lang/python3/files/python3-package-decimal.mk b/lang/python3/files/python3-package-decimal.mk new file mode 100644 index 000000000..81ecbb0d4 --- /dev/null +++ b/lang/python3/files/python3-package-decimal.mk @@ -0,0 +1,17 @@ +# +# Copyright (C) 2006-2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +define Package/python3-decimal +$(call Package/python3/Default) + TITLE:=Python $(PYTHON3_VERSION) decimal module + DEPENDS:=+python3-light +endef + +$(eval $(call Py3BasePackage,python3-decimal, \ + /usr/lib/python$(PYTHON3_VERSION)/decimal.py \ + /usr/lib/python$(PYTHON3_VERSION)/lib-dynload/_decimal.$(PYTHON3_SO_SUFFIX) \ +)) diff --git a/lang/python3/files/python3-package-distutils.mk b/lang/python3/files/python3-package-distutils.mk new file mode 100644 index 000000000..65f4b5aa6 --- /dev/null +++ b/lang/python3/files/python3-package-distutils.mk @@ -0,0 +1,16 @@ +# +# Copyright (C) 2006-2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +define Package/python3-distutils +$(call Package/python3/Default) + TITLE:=Python $(PYTHON3_VERSION) distutils module + DEPENDS:=+python3-light +endef + +$(eval $(call Py3BasePackage,python3-distutils, \ + /usr/lib/python$(PYTHON3_VERSION)/distutils \ +)) diff --git a/lang/python3/files/python3-package-email.mk b/lang/python3/files/python3-package-email.mk new file mode 100644 index 000000000..dae351979 --- /dev/null +++ b/lang/python3/files/python3-package-email.mk @@ -0,0 +1,16 @@ +# +# Copyright (C) 2006-2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +define Package/python3-email +$(call Package/python3/Default) + TITLE:=Python $(PYTHON3_VERSION) email module + DEPENDS:=+python3-light +endef + +$(eval $(call Py3BasePackage,python3-email, \ + /usr/lib/python$(PYTHON3_VERSION)/email \ +)) diff --git a/lang/python3/files/python3-package-gdbm.mk b/lang/python3/files/python3-package-gdbm.mk new file mode 100644 index 000000000..cc929132c --- /dev/null +++ b/lang/python3/files/python3-package-gdbm.mk @@ -0,0 +1,16 @@ +# +# Copyright (C) 2006-2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +define Package/python3-gdbm +$(call Package/python3/Default) + TITLE:=Python $(PYTHON3_VERSION) gdbm module + DEPENDS:=+python3-light +libgdbm +endef + +$(eval $(call Py3BasePackage,python3-gdbm, \ + /usr/lib/python$(PYTHON3_VERSION)/lib-dynload/_gdbm.$(PYTHON3_SO_SUFFIX) \ +)) diff --git a/lang/python3/files/python3-package-logging.mk b/lang/python3/files/python3-package-logging.mk new file mode 100644 index 000000000..4cd6ea979 --- /dev/null +++ b/lang/python3/files/python3-package-logging.mk @@ -0,0 +1,16 @@ +# +# Copyright (C) 2006-2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +define Package/python3-logging +$(call Package/python3/Default) + TITLE:=Python $(PYTHON3_VERSION) logging module + DEPENDS:=+python3-light +endef + +$(eval $(call Py3BasePackage,python3-logging, \ + /usr/lib/python$(PYTHON3_VERSION)/logging \ +)) diff --git a/lang/python3/files/python3-package-multiprocessing.mk b/lang/python3/files/python3-package-multiprocessing.mk new file mode 100644 index 000000000..784aabb8b --- /dev/null +++ b/lang/python3/files/python3-package-multiprocessing.mk @@ -0,0 +1,17 @@ +# +# Copyright (C) 2006-2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +define Package/python3-multiprocessing +$(call Package/python3/Default) + TITLE:=Python $(PYTHON3_VERSION) multiprocessing + DEPENDS:=+python3-light +endef + +$(eval $(call Py3BasePackage,python3-multiprocessing, \ + /usr/lib/python$(PYTHON3_VERSION)/multiprocessing \ + /usr/lib/python$(PYTHON3_VERSION)/lib-dynload/_multiprocessing.$(PYTHON3_SO_SUFFIX) \ +)) diff --git a/lang/python3/files/python3-package-ncurses.mk b/lang/python3/files/python3-package-ncurses.mk new file mode 100644 index 000000000..74bedfe2f --- /dev/null +++ b/lang/python3/files/python3-package-ncurses.mk @@ -0,0 +1,18 @@ +# +# Copyright (C) 2006-2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +define Package/python3-ncurses +$(call Package/python3/Default) + TITLE:=Python $(PYTHON3_VERSION) ncurses module + DEPENDS:=+python3-light +libncursesw +endef + +$(eval $(call Py3BasePackage,python3-ncurses, \ + /usr/lib/python$(PYTHON3_VERSION)/curses \ + /usr/lib/python$(PYTHON3_VERSION)/lib-dynload/_curses.$(PYTHON3_SO_SUFFIX) \ + /usr/lib/python$(PYTHON3_VERSION)/lib-dynload/_curses_panel.$(PYTHON3_SO_SUFFIX) \ +)) diff --git a/lang/python3/files/python3-package-openssl.mk b/lang/python3/files/python3-package-openssl.mk new file mode 100644 index 000000000..255d58099 --- /dev/null +++ b/lang/python3/files/python3-package-openssl.mk @@ -0,0 +1,17 @@ +# +# Copyright (C) 2006-2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +define Package/python3-openssl +$(call Package/python3/Default) + TITLE:=Python $(PYTHON3_VERSION) SSL module + DEPENDS:=+python3-light +libopenssl +endef + +$(eval $(call Py3BasePackage,python3-openssl, \ + /usr/lib/python$(PYTHON3_VERSION)/lib-dynload/_hashlib.$(PYTHON3_SO_SUFFIX) \ + /usr/lib/python$(PYTHON3_VERSION)/lib-dynload/_ssl.$(PYTHON3_SO_SUFFIX) \ +)) diff --git a/lang/python3/files/python3-package-pydoc.mk b/lang/python3/files/python3-package-pydoc.mk new file mode 100644 index 000000000..7ed8c2110 --- /dev/null +++ b/lang/python3/files/python3-package-pydoc.mk @@ -0,0 +1,18 @@ +# +# Copyright (C) 2006-2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +define Package/python3-pydoc +$(call Package/python3/Default) + TITLE:=Python $(PYTHON3_VERSION) pydoc module + DEPENDS:=+python3-light +endef + +$(eval $(call Py3BasePackage,python3-pydoc, \ + /usr/lib/python$(PYTHON3_VERSION)/doctest.py \ + /usr/lib/python$(PYTHON3_VERSION)/pydoc.py \ + /usr/lib/python$(PYTHON3_VERSION)/pydoc_data \ +)) diff --git a/lang/python3/files/python3-package-sqlite3.mk b/lang/python3/files/python3-package-sqlite3.mk new file mode 100644 index 000000000..4b097a36b --- /dev/null +++ b/lang/python3/files/python3-package-sqlite3.mk @@ -0,0 +1,17 @@ +# +# Copyright (C) 2006-2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +define Package/python3-sqlite3 +$(call Package/python3/Default) + TITLE:=Python $(PYTHON3_VERSION) sqlite3 module + DEPENDS:=+python3-light +libsqlite3 +endef + +$(eval $(call Py3BasePackage,python3-sqlite3, \ + /usr/lib/python$(PYTHON3_VERSION)/lib-dynload/_sqlite3.$(PYTHON3_SO_SUFFIX) \ + /usr/lib/python$(PYTHON3_VERSION)/sqlite3 \ +)) diff --git a/lang/python3/files/python3-package-unittest.mk b/lang/python3/files/python3-package-unittest.mk new file mode 100644 index 000000000..6d3643a71 --- /dev/null +++ b/lang/python3/files/python3-package-unittest.mk @@ -0,0 +1,16 @@ +# +# Copyright (C) 2006-2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +define Package/python3-unittest +$(call Package/python3/Default) + TITLE:=Python $(PYTHON3_VERSION) unittest module + DEPENDS:=+python3-light +endef + +$(eval $(call Py3BasePackage,python3-unittest, \ + /usr/lib/python$(PYTHON3_VERSION)/unittest \ +)) diff --git a/lang/python3/files/python3-package-xml.mk b/lang/python3/files/python3-package-xml.mk new file mode 100644 index 000000000..e734f0c72 --- /dev/null +++ b/lang/python3/files/python3-package-xml.mk @@ -0,0 +1,19 @@ +# +# Copyright (C) 2006-2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +define Package/python3-xml +$(call Package/python3/Default) + TITLE:=Python $(PYTHON3_VERSION) xml libs + DEPENDS:=+python3-light +endef + +$(eval $(call Py3BasePackage,python3-xml, \ + /usr/lib/python$(PYTHON3_VERSION)/xml \ + /usr/lib/python$(PYTHON3_VERSION)/xmlrpc \ + /usr/lib/python$(PYTHON3_VERSION)/lib-dynload/_elementtree.$(PYTHON3_SO_SUFFIX) \ + /usr/lib/python$(PYTHON3_VERSION)/lib-dynload/pyexpat.$(PYTHON3_SO_SUFFIX) \ +)) From cfe31ca3d3791fc0559908a254427f35e725ce47 Mon Sep 17 00:00:00 2001 From: Alexandru Ardelean Date: Fri, 13 Mar 2015 22:46:47 +0200 Subject: [PATCH 16/41] python3: port some patches from python Based on the idea that 'what-works-on-python-should-work-on-python3' because they share the same trunk, these patches have been copied over from the python package. Signed-off-by: Alexandru Ardelean --- .../005-fix-libffi-x86-64-configure.patch | 31 +++++++++++++++++++ .../006-remove-debian-multiarch-support.patch | 12 +++++++ .../007-distutils-do-not-adjust-path.patch | 10 ++++++ ...add-rt-lib-dirs-when-cross-compiling.patch | 15 +++++++++ 4 files changed, 68 insertions(+) create mode 100644 lang/python3/patches/005-fix-libffi-x86-64-configure.patch create mode 100644 lang/python3/patches/006-remove-debian-multiarch-support.patch create mode 100644 lang/python3/patches/007-distutils-do-not-adjust-path.patch create mode 100644 lang/python3/patches/010-do-not-add-rt-lib-dirs-when-cross-compiling.patch diff --git a/lang/python3/patches/005-fix-libffi-x86-64-configure.patch b/lang/python3/patches/005-fix-libffi-x86-64-configure.patch new file mode 100644 index 000000000..ea062a350 --- /dev/null +++ b/lang/python3/patches/005-fix-libffi-x86-64-configure.patch @@ -0,0 +1,31 @@ +diff --git a/Modules/_ctypes/libffi/configure b/Modules/_ctypes/libffi/configure +index 75f62a7..4d6c9f2 100755 +--- a/Modules/_ctypes/libffi/configure ++++ b/Modules/_ctypes/libffi/configure +@@ -17257,20 +17257,12 @@ case "$host" in + fi + ;; + +- i?86-*-* | x86_64-*-*) +- TARGETDIR=x86 +- if test $ac_cv_sizeof_size_t = 4; then +- case "$host" in +- *-gnux32) +- TARGET=X86_64 +- ;; +- *) +- TARGET=X86 +- ;; +- esac +- else +- TARGET=X86_64; +- fi ++ i?86-*-*) ++ TARGET=X86; TARGETDIR=x86 ++ ;; ++ ++ x86_64-*-*) ++ TARGET=X86_64; TARGETDIR=x86 + ;; + + ia64*-*-*) diff --git a/lang/python3/patches/006-remove-debian-multiarch-support.patch b/lang/python3/patches/006-remove-debian-multiarch-support.patch new file mode 100644 index 000000000..52d52b94e --- /dev/null +++ b/lang/python3/patches/006-remove-debian-multiarch-support.patch @@ -0,0 +1,12 @@ +diff --git a/setup.py b/setup.py +index 7868b7b..9ae0ef2 100644 +--- a/setup.py ++++ b/setup.py +@@ -444,7 +444,6 @@ class PyBuildExt(build_ext): + add_dir_to_list(self.compiler.include_dirs, '/usr/local/include') + if cross_compiling: + self.add_gcc_paths() +- self.add_multiarch_paths() + + # Add paths specified in the environment variables LDFLAGS and + # CPPFLAGS for header and library files. diff --git a/lang/python3/patches/007-distutils-do-not-adjust-path.patch b/lang/python3/patches/007-distutils-do-not-adjust-path.patch new file mode 100644 index 000000000..49fe92629 --- /dev/null +++ b/lang/python3/patches/007-distutils-do-not-adjust-path.patch @@ -0,0 +1,10 @@ +--- a/Lib/distutils/command/build_scripts.py ++++ b/Lib/distutils/command/build_scripts.py +@@ -89,6 +89,7 @@ class build_scripts (Command): + adjust = 1 + post_interp = match.group(1) or '' + ++ adjust = 0 + if adjust: + log.info("copying and adjusting %s -> %s", script, + self.build_dir) diff --git a/lang/python3/patches/010-do-not-add-rt-lib-dirs-when-cross-compiling.patch b/lang/python3/patches/010-do-not-add-rt-lib-dirs-when-cross-compiling.patch new file mode 100644 index 000000000..5a106d4e8 --- /dev/null +++ b/lang/python3/patches/010-do-not-add-rt-lib-dirs-when-cross-compiling.patch @@ -0,0 +1,15 @@ +diff --git a/setup.py b/setup.py +index 7868b7b..544fa7e 100644 +--- a/setup.py ++++ b/setup.py +@@ -452,8 +452,9 @@ class PyBuildExt(build_ext): + # directly since an inconsistently reproducible issue comes up where + # the environment variable is not set even though the value were passed + # into configure and stored in the Makefile (issue found on OS X 10.3). ++ rt_lib_dirs = [] if cross_compiling else self.compiler.runtime_library_dirs + for env_var, arg_name, dir_list in ( +- ('LDFLAGS', '-R', self.compiler.runtime_library_dirs), ++ ('LDFLAGS', '-R', rt_lib_dirs), + ('LDFLAGS', '-L', self.compiler.library_dirs), + ('CPPFLAGS', '-I', self.compiler.include_dirs)): + env_val = sysconfig.get_config_var(env_var) From 12bba3562773a278dca26c3e7dcf4ee8b6ce0866 Mon Sep 17 00:00:00 2001 From: Alexandru Ardelean Date: Sat, 14 Mar 2015 16:13:51 +0200 Subject: [PATCH 17/41] python3: revert puting the encodings folder into a python3-codecs Some notes about the 'encodings' module, which is about 1.7 MB. Unfortunately that one cannot be moved into the 'python3-codecs' package, because Python tries to load up all available encodings at startup. Some efforts to add a dummy folder/python file have failed so far, since there's a C code (Python/codecs.c) that tries to evaluate that all encodings (in the encodings folder/module) are valid. Basically the encodings module is a repository of encodings, and it seemst there are quite a few of them. Maybe a request to upstream Python would work for this, to make encodings a bit more decoupled from the interpreter. Signed-off-by: Alexandru Ardelean --- lang/python3/Makefile | 1 + lang/python3/files/python3-package-codecs.mk | 1 - 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/lang/python3/Makefile b/lang/python3/Makefile index 1fb001aa0..1cd18750d 100644 --- a/lang/python3/Makefile +++ b/lang/python3/Makefile @@ -156,6 +156,7 @@ define Build/InstallDev endef PYTHON3_BASE_LIB_FILES:= \ + /usr/lib/python$(PYTHON_VERSION)/encodings \ /usr/lib/python$(PYTHON_VERSION)/_collections_abc.py \ /usr/lib/python$(PYTHON_VERSION)/_sitebuiltins.py \ /usr/lib/python$(PYTHON_VERSION)/_sysconfigdata.py \ diff --git a/lang/python3/files/python3-package-codecs.mk b/lang/python3/files/python3-package-codecs.mk index 67c3ee51a..66101e1fb 100644 --- a/lang/python3/files/python3-package-codecs.mk +++ b/lang/python3/files/python3-package-codecs.mk @@ -12,7 +12,6 @@ $(call Package/python3/Default) endef $(eval $(call Py3BasePackage,python3-codecs, \ - /usr/lib/python$(PYTHON3_VERSION)/encodings \ /usr/lib/python$(PYTHON3_VERSION)/lib-dynload/_codecs_cn.$(PYTHON3_SO_SUFFIX) \ /usr/lib/python$(PYTHON3_VERSION)/lib-dynload/_codecs_hk.$(PYTHON3_SO_SUFFIX) \ /usr/lib/python$(PYTHON3_VERSION)/lib-dynload/_codecs_iso2022.$(PYTHON3_SO_SUFFIX) \ From 73094db36f8d1e4fdd5108b8414d0036a5f8eecf Mon Sep 17 00:00:00 2001 From: Daniel Golle Date: Sun, 15 Mar 2015 12:09:05 +0100 Subject: [PATCH 18/41] avahi: avahi-autoipd uses libssp if SSP_SUPPORT is enabled Found on an all-y build with SSP enabled: Package avahi-autoipd is missing dependencies for the following libraries: libssp.so.0 Adding the missing dependency to address that. Signed-off-by: Daniel Golle --- libs/avahi/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libs/avahi/Makefile b/libs/avahi/Makefile index 5f7ac1374..4a56b6155 100644 --- a/libs/avahi/Makefile +++ b/libs/avahi/Makefile @@ -70,7 +70,7 @@ endef define Package/avahi-autoipd $(call Package/avahi/Default) SUBMENU:=IP Addresses and Names - DEPENDS:=+libdaemon + DEPENDS:=+libdaemon +SSP_SUPPORT:libssp TITLE:=IPv4LL network address configuration daemon endef From 387f31560ff66d328cf238b383473b4055d7afed Mon Sep 17 00:00:00 2001 From: Jonathan McCrohan Date: Sun, 15 Mar 2015 18:15:18 +0000 Subject: [PATCH 19/41] sslh: update to 1.17 Signed-off-by: Jonathan McCrohan --- net/sslh/Makefile | 6 +++--- net/sslh/patches/001-no_sslh_select.patch | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/net/sslh/Makefile b/net/sslh/Makefile index 9b13e7db5..e7f1c0e6b 100644 --- a/net/sslh/Makefile +++ b/net/sslh/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=sslh -PKG_VERSION:=v1.16 -PKG_RELEASE:=2 +PKG_VERSION:=v1.17 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://rutschle.net/tech/ -PKG_MD5SUM:=c6e7d1cb0adb15f6efe480e36d98c560 +PKG_MD5SUM:=1fc3ada4bafaca5a9786cc1431f48ed4 PKG_LICENSE:=GPL-2.0+ PKG_LICENSE_FILES:=COPYING diff --git a/net/sslh/patches/001-no_sslh_select.patch b/net/sslh/patches/001-no_sslh_select.patch index 2ff68116f..2b461f672 100644 --- a/net/sslh/patches/001-no_sslh_select.patch +++ b/net/sslh/patches/001-no_sslh_select.patch @@ -18,7 +18,7 @@ echosrv: $(OBJS) echosrv.o $(CC) $(CFLAGS) $(LDFLAGS) -o echosrv echosrv.o probe.o common.o $(LIBS) -@@ -86,7 +82,7 @@ distclean: clean +@@ -85,7 +81,7 @@ distclean: clean rm -f tags cscope.* clean: From ba4338d6f7753c77b03357aa74cc63771e94074a Mon Sep 17 00:00:00 2001 From: Daniel Golle Date: Sun, 15 Mar 2015 12:21:36 +0100 Subject: [PATCH 20/41] mmc-utils: don't set -D_FORTIFY_SOURCE in Makefile Now that security features are set globally, having the FORTIFY_SOURCE option set in Makefile breaks the build when CONFIG_PKG_FORTIFY_SOURCE_{1,2} is enabled as well. arm-openwrt-linux-uclibcgnueabi-gcc -Wall -Werror -Wuninitialized -Wundef -D_FILE_OFFSET_BITS=64 -D_FORTIFY_SOURCE=2 -Os -pipe -march=armv6k -mtune=mpcore -fno-caller-saves -fhonour-copts -Wno-error=unused-but-set-variable -mfloat-abi=soft -Wformat -Werror=format-security -fstack-protector -D_FORTIFY_SOURCE=1 -Wl,-z,now -Wl,-z,relro -Wp,-MMD,./.mmc.o.d,-MT,mmc.o -c mmc.c -o mmc.o :0:0: error: "_FORTIFY_SOURCE" redefined [-Werror] :0:0: note: this is the location of the previous definition cc1: all warnings being treated as errors Makefile:35: recipe for target 'mmc.o' failed Fix this by removing -D_FORTIFY_SOURCE=2 from Makefile. Signed-off-by: Daniel Golle Signed-off-by: Michael Heimpold --- utils/mmc-utils/Makefile | 2 +- .../001-dont-set-fortify-source-in-makefile.patch | 11 +++++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 utils/mmc-utils/patches/001-dont-set-fortify-source-in-makefile.patch diff --git a/utils/mmc-utils/Makefile b/utils/mmc-utils/Makefile index 59da16c6c..a5c425b6a 100644 --- a/utils/mmc-utils/Makefile +++ b/utils/mmc-utils/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=mmc-utils PKG_VERSION=2015-03-06-$(PKG_SOURCE_VERSION) -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://git.kernel.org/pub/scm/linux/kernel/git/cjb/mmc-utils.git diff --git a/utils/mmc-utils/patches/001-dont-set-fortify-source-in-makefile.patch b/utils/mmc-utils/patches/001-dont-set-fortify-source-in-makefile.patch new file mode 100644 index 000000000..9b2b8ba25 --- /dev/null +++ b/utils/mmc-utils/patches/001-dont-set-fortify-source-in-makefile.patch @@ -0,0 +1,11 @@ +Index: mmc-utils-f4eb241519f8d500ce6068a70d2389be39ac5189/Makefile +=================================================================== +--- mmc-utils-f4eb241519f8d500ce6068a70d2389be39ac5189.orig/Makefile ++++ mmc-utils-f4eb241519f8d500ce6068a70d2389be39ac5189/Makefile +@@ -1,5 +1,5 @@ + CC ?= gcc +-AM_CFLAGS = -D_FILE_OFFSET_BITS=64 -D_FORTIFY_SOURCE=2 ++AM_CFLAGS = -D_FILE_OFFSET_BITS=64 + CFLAGS ?= -g -O2 + objects = \ + mmc.o \ From f3527d974eb52e80721f3e9b6e3fbe7590e6d88d Mon Sep 17 00:00:00 2001 From: Peter Wagner Date: Mon, 16 Mar 2015 02:34:13 +0100 Subject: [PATCH 21/41] git: update to 2.3.3 Signed-off-by: Peter Wagner --- net/git/Makefile | 6 +++--- net/git/patches/100-convert_builtin.patch | 19 +++++++++---------- .../patches/300-configure_for_crosscompiling | 10 +++++----- .../patches/400-imapsend_without_curl.patch | 8 ++++---- 4 files changed, 21 insertions(+), 22 deletions(-) diff --git a/net/git/Makefile b/net/git/Makefile index 6c3ac796e..f161dcb13 100644 --- a/net/git/Makefile +++ b/net/git/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=git -PKG_VERSION:=2.3.0 -PKG_RELEASE:=3 +PKG_VERSION:=2.3.3 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=@KERNEL/software/scm/git/ -PKG_MD5SUM:=e5880760d1f43f4f49b3bf94b9046eee +PKG_MD5SUM:=14a885da3b432455b606cc1a25a6c681 PKG_INSTALL:=1 PKG_BUILD_PARALLEL:=1 diff --git a/net/git/patches/100-convert_builtin.patch b/net/git/patches/100-convert_builtin.patch index 52bebaa6c..05a3f3f33 100644 --- a/net/git/patches/100-convert_builtin.patch +++ b/net/git/patches/100-convert_builtin.patch @@ -7,14 +7,13 @@ -PROGRAM_OBJS += credential-store.o -PROGRAM_OBJS += daemon.o -PROGRAM_OBJS += fast-import.o --PROGRAM_OBJS += http-backend.o + PROGRAM_OBJS += http-backend.o -PROGRAM_OBJS += imap-send.o -PROGRAM_OBJS += sh-i18n--envsubst.o -PROGRAM_OBJS += shell.o -PROGRAM_OBJS += show-index.o -PROGRAM_OBJS += upload-pack.o -PROGRAM_OBJS += remote-testsvn.o -+PROGRAM_OBJS += http-backend.o # Binary suffix, set to .exe for Windows builds X = @@ -30,7 +29,7 @@ GITLIBS = $(LIB_FILE) $(XDIFF_LIB) EXTLIBS = -@@ -1070,7 +1067,7 @@ endif +@@ -1070,7 +1066,7 @@ endif EXTLIBS += -lz ifndef NO_OPENSSL @@ -39,7 +38,7 @@ ifdef OPENSSLDIR BASIC_CFLAGS += -I$(OPENSSLDIR)/include OPENSSL_LINK = -L$(OPENSSLDIR)/$(lib) $(CC_LD_DYNPATH)$(OPENSSLDIR)/$(lib) -@@ -1933,10 +1930,6 @@ endif +@@ -1933,10 +1929,6 @@ endif git-%$X: %.o GIT-LDFLAGS $(GITLIBS) $(QUIET_LINK)$(CC) $(ALL_CFLAGS) -o $@ $(ALL_LDFLAGS) $(filter %.o,$^) $(LIBS) @@ -50,7 +49,7 @@ git-http-fetch$X: http.o http-walker.o http-fetch.o GIT-LDFLAGS $(GITLIBS) $(QUIET_LINK)$(CC) $(ALL_CFLAGS) -o $@ $(ALL_LDFLAGS) $(filter %.o,$^) \ $(LIBS) $(CURL_LIBCURL) -@@ -2254,10 +2247,11 @@ endif +@@ -2254,10 +2246,11 @@ endif bindir=$$(cd '$(DESTDIR_SQ)$(bindir_SQ)' && pwd) && \ execdir=$$(cd '$(DESTDIR_SQ)$(gitexec_instdir_SQ)' && pwd) && \ { test "$$bindir/" = "$$execdir/" || \ @@ -98,7 +97,7 @@ +#include "../upload-pack.c" --- a/daemon.c +++ b/daemon.c -@@ -1096,7 +1096,7 @@ static int serve(struct string_list *lis +@@ -1193,7 +1193,7 @@ static int serve(struct string_list *lis return service_loop(&socklist); } @@ -107,7 +106,7 @@ { int listen_port = 0; struct string_list listen_addr = STRING_LIST_INIT_NODUP; -@@ -1292,12 +1292,13 @@ int main(int argc, char **argv) +@@ -1389,12 +1389,13 @@ int main(int argc, char **argv) store_pid(pid_file); /* prepare argv for serving-processes */ @@ -128,7 +127,7 @@ } --- a/fast-import.c +++ b/fast-import.c -@@ -3350,7 +3350,7 @@ static void parse_argv(void) +@@ -3354,7 +3354,7 @@ static void parse_argv(void) read_marks(); } @@ -169,7 +168,7 @@ { "index-pack", cmd_index_pack, RUN_SETUP_GENTLY }, { "init", cmd_init_db, NO_SETUP }, { "init-db", cmd_init_db, NO_SETUP }, -@@ -459,6 +462,7 @@ static struct cmd_struct commands[] = { +@@ -459,6 +461,7 @@ static struct cmd_struct commands[] = { { "revert", cmd_revert, RUN_SETUP | NEED_WORK_TREE }, { "rm", cmd_rm, RUN_SETUP }, { "send-pack", cmd_send_pack, RUN_SETUP }, @@ -177,7 +176,7 @@ { "shortlog", cmd_shortlog, RUN_SETUP_GENTLY | USE_PAGER }, { "show", cmd_show, RUN_SETUP }, { "show-branch", cmd_show_branch, RUN_SETUP }, -@@ -475,6 +479,7 @@ static struct cmd_struct commands[] = { +@@ -475,6 +478,7 @@ static struct cmd_struct commands[] = { { "update-server-info", cmd_update_server_info, RUN_SETUP }, { "upload-archive", cmd_upload_archive }, { "upload-archive--writer", cmd_upload_archive_writer }, diff --git a/net/git/patches/300-configure_for_crosscompiling b/net/git/patches/300-configure_for_crosscompiling index a62bcc938..0ccfaecd0 100644 --- a/net/git/patches/300-configure_for_crosscompiling +++ b/net/git/patches/300-configure_for_crosscompiling @@ -1,6 +1,6 @@ ---- git-2.3.0/configure.ac.old 2015-03-08 01:19:33.675810197 -0300 -+++ git-2.3.0/configure.ac 2015-03-08 01:27:10.688033125 -0300 -@@ -844,7 +844,8 @@ +--- a/configure.ac ++++ b/configure.ac +@@ -844,7 +844,8 @@ AC_RUN_IFELSE( FILE *f = fopen(".", "r"); return f && fread(&c, 1, 1, f)]])], [ac_cv_fread_reads_directories=no], @@ -10,7 +10,7 @@ ]) if test $ac_cv_fread_reads_directories = yes; then FREAD_READS_DIRECTORIES=UnfortunatelyYes -@@ -878,7 +879,8 @@ +@@ -878,7 +879,8 @@ AC_RUN_IFELSE( if (snprintf(buf, 3, "%s", "12345") != 5 || strcmp(buf, "12")) return 1]])], [ac_cv_snprintf_returns_bogus=no], @@ -20,7 +20,7 @@ ]) if test $ac_cv_snprintf_returns_bogus = yes; then SNPRINTF_RETURNS_BOGUS=UnfortunatelyYes -@@ -901,7 +903,8 @@ +@@ -901,7 +903,8 @@ yippeeyeswehaveit #endif ]), [ac_cv_sane_mode_bits=yes], diff --git a/net/git/patches/400-imapsend_without_curl.patch b/net/git/patches/400-imapsend_without_curl.patch index 1b5dff30d..44ceb013f 100644 --- a/net/git/patches/400-imapsend_without_curl.patch +++ b/net/git/patches/400-imapsend_without_curl.patch @@ -1,8 +1,8 @@ ---- git-2.3.0/Makefile.old 2015-03-08 02:14:42.857845824 -0300 -+++ git-2.3.0/Makefile 2015-03-08 02:15:06.697451372 -0300 -@@ -1039,7 +1039,7 @@ +--- a/Makefile ++++ b/Makefile +@@ -1039,7 +1039,7 @@ else endif - curl_check := $(shell (echo 072200; curl-config --vernum) 2>/dev/null | sort -r | sed -ne 2p) + curl_check := $(shell (echo 072200; curl-config --vernum | sed -e '/^70[BC]/s/^/0/') 2>/dev/null | sort -r | sed -ne 2p) ifeq "$(curl_check)" "072200" - USE_CURL_FOR_IMAP_SEND = YesPlease +# USE_CURL_FOR_IMAP_SEND = YesPlease From a5d784de0b8c50d9dc0684879ed7a26687f5c060 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20=C4=8Cerm=C3=A1k?= Date: Mon, 16 Mar 2015 10:41:33 +0100 Subject: [PATCH 22/41] python: added configure args for distutils path detection MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit python-package.mk now defines (extends) CONFIGURE_ARGS that are adjusting PREFIX and EXEC_PREFIX in distutils.sysconfig during compilation. These variables are sometimes used by autotools to detect path to Python header files. Adding these variables to python-package.mk fixes compilation of legacy autotools-configured packages that already include python-package.mk and do not overwrite CONFIGURE_ARGS. Signed-off-by: Jan ÄŒermák Cc: Alexandru Ardelean --- lang/python/files/python-package.mk | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/lang/python/files/python-package.mk b/lang/python/files/python-package.mk index 6936a0748..4895b91a1 100644 --- a/lang/python/files/python-package.mk +++ b/lang/python/files/python-package.mk @@ -33,6 +33,13 @@ define HostPython ) endef +# These configure args are needed in detection of path to Python header files +# using autotools. +CONFIGURE_ARGS += \ + _python_sysroot="$(STAGING_DIR)" \ + _python_prefix="/usr" \ + _python_exec_prefix="/usr" + PKG_USE_MIPS16:=0 # This is required in addition to PKG_USE_MIPS16:=0 because otherwise MIPS16 # flags are inherited from the Python base package (via sysconfig module) From 6aa5742fb56f68d326c7f689d629f1d68772fe1e Mon Sep 17 00:00:00 2001 From: Karl Palsson Date: Mon, 16 Mar 2015 11:09:34 +0000 Subject: [PATCH 23/41] lua-penlight: Bump to version 1.3.2 And include the pkg md5sum finally. Signed-off-by: Karl Palsson --- lang/lua-penlight/Makefile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lang/lua-penlight/Makefile b/lang/lua-penlight/Makefile index e06f4c25b..89192e29a 100644 --- a/lang/lua-penlight/Makefile +++ b/lang/lua-penlight/Makefile @@ -8,11 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=lua-penlight -PKG_VERSION:=1.3.1 +PKG_VERSION:=1.3.2 PKG_RELEASE:=1 PKG_BUILD_DIR:=$(BUILD_DIR)/Penlight-$(PKG_VERSION) PKG_SOURCE:=$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/stevedonovan/Penlight/archive/ +PKG_MD5SUM:=0315a39834bb6fab07741ec04ede1bf4 PKG_LICENSE:=MIT PKG_LICENSE_FILE:=LICENSE.md From f6927350e4f5aedd9870a65923ceff232bd10bf3 Mon Sep 17 00:00:00 2001 From: Michael Haas Date: Tue, 10 Mar 2015 09:54:17 +0100 Subject: [PATCH 24/41] stunnel: Bring it back at v5.10 From: Michael Haas * init script no longer creates certificates (consider client mode as use case) * patches/010_fix_getnameinfo.patch: Fix getnameinfo signature * patches/011_disable_ssp_linking.patch: Disable -fstack-protector as it is not always available in OpenWRT * old patches (in oldpackages) no longer necessary * remove libwrap dependency * remove libpthread dependency * respect CONFIG_IPV6 * init script uses procd * sample stunnel.conf runs in client mode - prevents start failure, does not require cert Possible enhancement: automatically generate certificate as done in uhttpd. However, as client mode is a possible use case, I'd rather not. Additionally, stunnel may use several certs with user-defined locations and we can't easily set a cert location via command-line args. The package is based on https://sites.google.com/site/twisteroidambassador/openwrt/stunnel Signed-off-by: Michael Haas --- net/stunnel/Makefile | 77 ++++++++++ net/stunnel/files/stunnel.conf | 45 ++++++ net/stunnel/files/stunnel.init | 12 ++ net/stunnel/patches/010_fix_getnameinfo.patch | 25 ++++ .../patches/011_disable_ssp_linking.patch | 140 ++++++++++++++++++ 5 files changed, 299 insertions(+) create mode 100644 net/stunnel/Makefile create mode 100644 net/stunnel/files/stunnel.conf create mode 100644 net/stunnel/files/stunnel.init create mode 100644 net/stunnel/patches/010_fix_getnameinfo.patch create mode 100644 net/stunnel/patches/011_disable_ssp_linking.patch diff --git a/net/stunnel/Makefile b/net/stunnel/Makefile new file mode 100644 index 000000000..9238331d7 --- /dev/null +++ b/net/stunnel/Makefile @@ -0,0 +1,77 @@ +# +# Copyright (C) 2006-2014 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=stunnel +PKG_VERSION:=5.10 +PKG_RELEASE:=1 + +PKG_LICENSE:=GPL-2.0+ +PKG_MAINTAINER:=Michael Haas +PKG_LICENSE_FILES:=COPYING COPYRIGHT.GPL + +PKG_SOURCE_URL:=http://stunnel.cybermirror.org/archive/5.x/ +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_MD5SUM:=a0edda805eb7d6ea600a230fb0979ea1 + +PKG_FIXUP:=autoreconf +PKG_INSTALL:=1 + +include $(INCLUDE_DIR)/package.mk + +define Package/stunnel + SECTION:=net + CATEGORY:=Network + DEPENDS:=+libopenssl + TITLE:=SSL TCP Wrapper + URL:=http://www.stunnel.org/ +endef + +define Package/stunnel/description + Stunnel is a program that allows you to encrypt arbitrary TCP + connections inside SSL (Secure Sockets Layer) available on both Unix + and Windows. Stunnel can allow you to secure non-SSL aware daemons and + protocols (like POP, IMAP, LDAP, etc) by having Stunnel provide the + encryption, requiring no changes to the daemon's code. +endef + +define Package/stunnel/conffiles +/etc/stunnel/stunnel.conf +endef + + +CONFIGURE_ARGS+= \ + --with-random=/dev/urandom \ + --with-threads=fork \ + --with-ssl=$(STAGING_DIR)/usr \ + --disable-libwrap \ + --disable-systemd + +ifeq ($(CONFIG_IPV6),n) +CONFIGURE_ARGS+= \ + --disable-ipv6 +endif + +define Build/Compile + mkdir -p $(PKG_INSTALL_DIR)/etc/stunnel + echo '#dummy' > $(PKG_INSTALL_DIR)/etc/stunnel/stunnel.pem + $(call Build/Compile/Default) +endef + +define Package/stunnel/install + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/stunnel $(1)/usr/bin/ + $(INSTALL_DIR) $(1)/usr/lib/stunnel + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/stunnel/libstunnel.so $(1)/usr/lib/stunnel/ + $(INSTALL_DIR) $(1)/etc/stunnel + $(INSTALL_CONF) ./files/stunnel.conf $(1)/etc/stunnel/stunnel.conf + $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_BIN) ./files/stunnel.init $(1)/etc/init.d/stunnel +endef + +$(eval $(call BuildPackage,stunnel)) diff --git a/net/stunnel/files/stunnel.conf b/net/stunnel/files/stunnel.conf new file mode 100644 index 000000000..2f10800b9 --- /dev/null +++ b/net/stunnel/files/stunnel.conf @@ -0,0 +1,45 @@ +; Drop privileges +setuid = nobody +setgid = nogroup + +; When running under procd, stay in foreground +foreground = yes + +; Don't log to stderr, use syslog +syslog = yes + +; 1-7. Use 7 for greatest verbosity +;debug = 5 + +; Starting here, enter your services or uncomment the examples + +; Example: +; If your local httpd does not support HTTPS, use stunnel in remote +; mode to forward TLS connections coming in on port 443 to non-TLS +; on port 80. +; Make sure that the cert is available. +;[httpd] +;accept = 443 +;connect = 127.0.0.1:80 +;cert = /etc/stunnel/stunnel.pem + +; Example: +; If your local email client does not support TLS, +; use stunnel in client mode to forward non-TLS connections on +; port 143 to TLS-enabled servername:993. +;[imap] +;client = yes +;accept = 143 +;connect = servername:993 +; Disable peer verification - be sure to understand the limitations of peer +; verification in stunnel when enabling. +;verify = 0 + +; Default client section: +; stunnel requires at least one section to start successfully. +; You can safely remove this section once you have configured +; your own. We use client mode here as server requires a certificate. +[dummy] +client = yes +accept = localhost:6000 +connect = localhost:6001 diff --git a/net/stunnel/files/stunnel.init b/net/stunnel/files/stunnel.init new file mode 100644 index 000000000..e622205b8 --- /dev/null +++ b/net/stunnel/files/stunnel.init @@ -0,0 +1,12 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2006-2008 OpenWrt.org + +START=90 +USE_PROCD=1 + +start_service() { + procd_open_instance + procd_set_param command /usr/bin/stunnel /etc/stunnel/stunnel.conf + procd_set_param respawn # respawn automatically if something died + procd_close_instance +} diff --git a/net/stunnel/patches/010_fix_getnameinfo.patch b/net/stunnel/patches/010_fix_getnameinfo.patch new file mode 100644 index 000000000..f0a9faa7b --- /dev/null +++ b/net/stunnel/patches/010_fix_getnameinfo.patch @@ -0,0 +1,25 @@ +--- a/src/prototypes.h ++++ b/src/prototypes.h +@@ -559,7 +559,7 @@ extern GETNAMEINFO s_getnameinfo; + + #endif /* USE_WIN32 */ + +-int getnameinfo(const struct sockaddr *, int, char *, int, char *, int, int); ++int getnameinfo(const struct sockaddr *, socklen_t, char *, socklen_t, char *, socklen_t, unsigned int); + + #endif /* !defined HAVE_GETNAMEINFO */ + +--- a/src/resolver.c ++++ b/src/resolver.c +@@ -535,8 +535,9 @@ const char *s_gai_strerror(int err) { + /* implementation is limited to functionality needed by stunnel */ + + #ifndef HAVE_GETNAMEINFO +-int getnameinfo(const struct sockaddr *sa, int salen, +- char *host, int hostlen, char *serv, int servlen, int flags) { ++int getnameinfo(const struct sockaddr *sa, socklen_t salen, ++ char *host, socklen_t hostlen, char *serv, socklen_t servlen, ++ unsigned int flags) { + + #if defined(USE_WIN32) && !defined(_WIN32_WCE) + if(s_getnameinfo) diff --git a/net/stunnel/patches/011_disable_ssp_linking.patch b/net/stunnel/patches/011_disable_ssp_linking.patch new file mode 100644 index 000000000..459c016da --- /dev/null +++ b/net/stunnel/patches/011_disable_ssp_linking.patch @@ -0,0 +1,140 @@ +--- a/configure ++++ b/configure +@@ -5646,66 +5646,66 @@ done + + + +-for flag in -fstack-protector; do +- as_CACHEVAR=`$as_echo "ax_cv_check_cflags__$flag" | $as_tr_sh` +-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +-$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +-if eval \${$as_CACHEVAR+:} false; then : +- $as_echo_n "(cached) " >&6 +-else +- +- ax_check_save_flags=$CFLAGS +- CFLAGS="$CFLAGS $flag" +- cat confdefs.h - <<_ACEOF >conftest.$ac_ext +-/* end confdefs.h. */ +- +-int +-main () +-{ +- +- ; +- return 0; +-} +-_ACEOF +-if ac_fn_c_try_compile "$LINENO"; then : +- eval "$as_CACHEVAR=yes" +-else +- eval "$as_CACHEVAR=no" +-fi +-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +- CFLAGS=$ax_check_save_flags +-fi +-eval ac_res=\$$as_CACHEVAR +- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +-$as_echo "$ac_res" >&6; } +-if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : +- if ${CFLAGS+:} false; then : +- case " $CFLAGS " in +- *" $flag "*) +- { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 +- (: CFLAGS already contains $flag) 2>&5 +- ac_status=$? +- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 +- test $ac_status = 0; } +- ;; +- *) +- { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 +- (: CFLAGS="$CFLAGS $flag") 2>&5 +- ac_status=$? +- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 +- test $ac_status = 0; } +- CFLAGS="$CFLAGS $flag" +- ;; +- esac +-else +- CFLAGS="$flag" +-fi +- +-else +- : +-fi +- +-done ++#for flag in -fstack-protector; do ++# as_CACHEVAR=`$as_echo "ax_cv_check_cflags__$flag" | $as_tr_sh` ++#{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 ++#$as_echo_n "checking whether C compiler accepts $flag... " >&6; } ++#if eval \${$as_CACHEVAR+:} false; then : ++# $as_echo_n "(cached) " >&6 ++#else ++# ++# ax_check_save_flags=$CFLAGS ++# CFLAGS="$CFLAGS $flag" ++# cat confdefs.h - <<_ACEOF >conftest.$ac_ext ++#/* end confdefs.h. */ ++ ++#int ++#main () ++#{ ++# ++# ; ++# return 0; ++#} ++#_ACEOF ++#if ac_fn_c_try_compile "$LINENO"; then : ++# eval "$as_CACHEVAR=yes" ++#else ++# eval "$as_CACHEVAR=no" ++#fi ++#rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ++# CFLAGS=$ax_check_save_flags ++#fi ++#eval ac_res=\$$as_CACHEVAR ++# { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 ++#$as_echo "$ac_res" >&6; } ++#if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : ++# if ${CFLAGS+:} false; then : ++# case " $CFLAGS " in ++# *" $flag "*) ++# { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 ++# (: CFLAGS already contains $flag) 2>&5 ++# ac_status=$? ++# $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 ++# test $ac_status = 0; } ++# ;; ++# *) ++# { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 ++# (: CFLAGS="$CFLAGS $flag") 2>&5 ++# ac_status=$? ++# $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 ++# test $ac_status = 0; } ++# CFLAGS="$CFLAGS $flag" ++# ;; ++# esac ++#else ++# CFLAGS="$flag" ++#fi ++# ++#else ++# : ++#fi ++# ++#done + + + +--- a/configure.ac ++++ b/configure.ac +@@ -71,7 +71,7 @@ AX_APPEND_COMPILE_FLAGS([-Wformat=2]) + AX_APPEND_COMPILE_FLAGS([-Wconversion]) + AX_APPEND_COMPILE_FLAGS([-Wno-long-long]) + AX_APPEND_COMPILE_FLAGS([-Wno-deprecated-declarations]) +-AX_APPEND_COMPILE_FLAGS([-fstack-protector]) ++#AX_APPEND_COMPILE_FLAGS([-fstack-protector]) + AX_APPEND_COMPILE_FLAGS([-fPIE]) + AX_APPEND_COMPILE_FLAGS([-D_FORTIFY_SOURCE=2]) + AX_APPEND_LINK_FLAGS([-fPIE -pie]) From 74c9585abc7ba7495466f5e76767a6353ee33717 Mon Sep 17 00:00:00 2001 From: Adze1502 Date: Tue, 17 Mar 2015 19:57:49 +0100 Subject: [PATCH 25/41] mwan3: update to version 1.6-1 Add ipset support (ipset version >6.22 with ipmark required) Add stickiness feature Signed-off-by: Jeroen Louwes --- net/mwan3/Makefile | 6 +- net/mwan3/files/etc/config/mwan3 | 15 +- net/mwan3/files/etc/hotplug.d/iface/15-mwan3 | 169 +++++++++++++------ net/mwan3/files/usr/sbin/mwan3 | 48 +++--- 4 files changed, 155 insertions(+), 83 deletions(-) diff --git a/net/mwan3/Makefile b/net/mwan3/Makefile index c0f720bae..d714d4fe9 100644 --- a/net/mwan3/Makefile +++ b/net/mwan3/Makefile @@ -8,8 +8,8 @@ include $(TOPDIR)/rules.mk PKG_NAME:=mwan3 -PKG_VERSION:=1.5 -PKG_RELEASE:=10 +PKG_VERSION:=1.6 +PKG_RELEASE:=1 PKG_MAINTAINER:=Jeroen Louwes PKG_LICENSE:=GPLv2 @@ -19,7 +19,7 @@ define Package/mwan3 SECTION:=net CATEGORY:=Network SUBMENU:=Routing and Redirection - DEPENDS:=+ip +iptables +iptables-mod-conntrack-extra +iptables-mod-ipopt + DEPENDS:=+ip +ipset +iptables +iptables-mod-conntrack-extra +iptables-mod-ipopt TITLE:=Multiwan hotplug script with connection tracking support MAINTAINER:=Jeroen Louwes PKGARCH:=all diff --git a/net/mwan3/files/etc/config/mwan3 b/net/mwan3/files/etc/config/mwan3 index 53f2f9832..f66c024c0 100644 --- a/net/mwan3/files/etc/config/mwan3 +++ b/net/mwan3/files/etc/config/mwan3 @@ -61,17 +61,18 @@ config policy 'wan2_wan' list use_member 'wan_m2_w3' list use_member 'wan2_m1_w2' -config rule 'sticky_even' - option src_ip '0.0.0.0/0.0.0.1' - option dest_port '443' +config rule 'youtube' + option sticky '1' + option ipset 'youtube' + option dest_port '80,443' option proto 'tcp' - option use_policy 'wan_wan2' + option use_policy 'balanced' -config rule 'sticky_odd' - option src_ip '0.0.0.1/0.0.0.1' +config rule 'https' + option sticky '1' option dest_port '443' option proto 'tcp' - option use_policy 'wan2_wan' + option use_policy 'balanced' config rule 'default_rule' option dest_ip '0.0.0.0/0' diff --git a/net/mwan3/files/etc/hotplug.d/iface/15-mwan3 b/net/mwan3/files/etc/hotplug.d/iface/15-mwan3 index 25044c4d3..f117e49e6 100644 --- a/net/mwan3/files/etc/hotplug.d/iface/15-mwan3 +++ b/net/mwan3/files/etc/hotplug.d/iface/15-mwan3 @@ -12,12 +12,18 @@ mwan3_set_general_iptables() $IPT -N mwan3_ifaces fi - if ! $IPT -S mwan3_rules &> /dev/null; then - $IPT -N mwan3_rules - fi - if ! $IPT -S mwan3_connected &> /dev/null; then $IPT -N mwan3_connected + $IPS create mwan3_connected hash:net + $IPT -A mwan3_connected -m set --match-set mwan3_connected dst -j MARK --set-xmark 0xff00/0xff00 + fi + + if ! $IPT -S mwan3_track &> /dev/null; then + $IPT -N mwan3_track + fi + + if ! $IPT -S mwan3_rules &> /dev/null; then + $IPT -N mwan3_rules fi if ! $IPT -S mwan3_hook &> /dev/null; then @@ -25,15 +31,12 @@ mwan3_set_general_iptables() $IPT -A mwan3_hook -j CONNMARK --restore-mark --nfmask 0xff00 --ctmask 0xff00 $IPT -A mwan3_hook -m mark --mark 0x0/0xff00 -j mwan3_ifaces $IPT -A mwan3_hook -m mark --mark 0x0/0xff00 -j mwan3_connected + $IPT -A mwan3_hook -m mark --mark 0x0/0xff00 -j mwan3_track $IPT -A mwan3_hook -m mark --mark 0x0/0xff00 -j mwan3_rules $IPT -A mwan3_hook -j CONNMARK --save-mark --nfmask 0xff00 --ctmask 0xff00 $IPT -A mwan3_hook -m mark ! --mark 0xff00/0xff00 -j mwan3_connected fi - if ! $IPT -S mwan3_output_hook &> /dev/null; then - $IPT -N mwan3_output_hook - fi - if ! $IPT -S PREROUTING | grep mwan3_hook &> /dev/null; then $IPT -A PREROUTING -j mwan3_hook fi @@ -42,10 +45,6 @@ mwan3_set_general_iptables() $IPT -A OUTPUT -j mwan3_hook fi - if ! $IPT -S OUTPUT | grep mwan3_output_hook &> /dev/null; then - $IPT -A OUTPUT -j mwan3_output_hook - fi - $IPT -F mwan3_rules } @@ -62,28 +61,29 @@ mwan3_set_general_rules() mwan3_set_connected_iptables() { - local connected_networks + local connected_network if $IPT -S mwan3_connected &> /dev/null; then - $IPT -F mwan3_connected - for connected_networks in $($IP route | awk '{print $1}' | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}'); do - $IPT -A mwan3_connected -d $connected_networks -j MARK --set-xmark 0xff00/0xff00 + $IPS create mwan3_connected_temp hash:net + + for connected_network in $($IP route | awk '{print $1}' | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}'); do + $IPS -! add mwan3_connected_temp $connected_network done - for connected_networks in $($IP route list table 0 | awk '{print $2}' | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}'); do - $IPT -A mwan3_connected -d $connected_networks -j MARK --set-xmark 0xff00/0xff00 + for connected_network in $($IP route list table 0 | awk '{print $2}' | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}'); do + $IPS -! add mwan3_connected_temp $connected_network done - $IPT -I mwan3_connected -d 224.0.0.0/3 -j MARK --set-xmark 0xff00/0xff00 - $IPT -I mwan3_connected -d 127.0.0.0/8 -j MARK --set-xmark 0xff00/0xff00 + $IPS add mwan3_connected_temp 224.0.0.0/3 + $IPS swap mwan3_connected_temp mwan3_connected + $IPS destroy mwan3_connected_temp + fi } mwan3_set_iface_iptables() { - local local_net local_nets - if ! $IPT -S mwan3_iface_$INTERFACE &> /dev/null; then $IPT -N mwan3_iface_$INTERFACE fi @@ -92,16 +92,7 @@ mwan3_set_iface_iptables() $IPT -D mwan3_ifaces -m mark --mark 0x0/0xff00 -j mwan3_iface_$INTERFACE &> /dev/null if [ $ACTION == "ifup" ]; then - local_nets=$($IP route list dev $DEVICE scope link | awk '{print $1}' | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}') - - if [ -n "$local_nets" ]; then - for local_net in $local_nets ; do - if [ $ACTION == "ifup" ]; then - $IPT -I mwan3_iface_$INTERFACE -i $DEVICE -s $local_net -m mark --mark 0x0/0xff00 -m comment --comment "default" -j MARK --set-xmark 0xff00/0xff00 - fi - done - fi - + $IPT -I mwan3_iface_$INTERFACE -i $DEVICE -m set --match-set mwan3_connected src -m mark --mark 0x0/0xff00 -m comment --comment "default" -j MARK --set-xmark 0xff00/0xff00 $IPT -A mwan3_iface_$INTERFACE -i $DEVICE -m mark --mark 0x0/0xff00 -m comment --comment "$INTERFACE" -j MARK --set-xmark $(($iface_id*256))/0xff00 $IPT -A mwan3_ifaces -m mark --mark 0x0/0xff00 -j mwan3_iface_$INTERFACE fi @@ -131,6 +122,17 @@ mwan3_set_iface_rules() [ $ACTION == "ifup" ] && $IP rule add pref $(($iface_id+2000)) fwmark $(($iface_id*256))/0xff00 lookup $iface_id } +mwan3_set_iface_ipset() +{ + local setname entry + + for setname in $(ipset -n list | grep ^mwan3_sticky_); do + for entry in $(ipset list $setname | grep "$(echo $(($iface_id*256)) | awk '{ printf "0x%08x", $1; }')" | cut -d ' ' -f 1); do + $IPS del $setname $entry + done + done +} + mwan3_track() { local track_ip track_ips reliability count timeout interval down up @@ -154,22 +156,23 @@ mwan3_track() config_get down $INTERFACE down 5 config_get up $INTERFACE up 5 - if ! $IPT -S mwan3_track_$INTERFACE &> /dev/null; then - $IPT -N mwan3_track_$INTERFACE - $IPT -A mwan3_output_hook -p icmp -m icmp --icmp-type 8 -m length --length 32 -j mwan3_track_$INTERFACE - fi - - $IPT -F mwan3_track_$INTERFACE + $IPS -! create mwan3_track_$INTERFACE hash:ip + $IPS create mwan3_track_temp_$INTERFACE hash:ip for track_ip in $track_ips; do - $IPT -A mwan3_track_$INTERFACE -d $track_ip -j MARK --set-xmark 0xff00/0xff00 + $IPS -! add mwan3_track_temp_$INTERFACE $track_ip done + $IPS swap mwan3_track_temp_$INTERFACE mwan3_track_$INTERFACE + $IPS destroy mwan3_track_temp_$INTERFACE + + $IPT -D mwan3_track -p icmp -m set --match-set mwan3_track_$INTERFACE dst -m icmp --icmp-type 8 -m length --length 32 -j MARK --set-xmark 0xff00/0xff00 &> /dev/null + $IPT -A mwan3_track -p icmp -m set --match-set mwan3_track_$INTERFACE dst -m icmp --icmp-type 8 -m length --length 32 -j MARK --set-xmark 0xff00/0xff00 + [ -x /usr/sbin/mwan3track ] && /usr/sbin/mwan3track $INTERFACE $DEVICE $reliability $count $timeout $interval $down $up $track_ips & else - $IPT -D mwan3_output_hook -p icmp -m icmp --icmp-type 8 -m length --length 32 -j mwan3_track_$INTERFACE &> /dev/null - $IPT -F mwan3_track_$INTERFACE &> /dev/null - $IPT -X mwan3_track_$INTERFACE &> /dev/null + $IPT -D mwan3_track -p icmp -m set --match-set mwan3_track_$INTERFACE dst -m icmp --icmp-type 8 -m length --length 32 -j MARK --set-xmark 0xff00/0xff00 &> /dev/null + $IPS destroy mwan3_track_$INTERFACE fi } @@ -182,7 +185,7 @@ mwan3_set_policy() config_get weight $1 weight 1 [ -n "$INTERFACE" ] || return 0 - + config_foreach mwan3_get_iface_id interface [ -n "$iface_id" ] || return 0 @@ -200,19 +203,19 @@ mwan3_set_policy() total_weight=$(($total_weight+$weight)) probability=$(($weight*1000/$total_weight)) - + if [ "$probability" -lt 10 ]; then probability="0.00$probability" - elif [ $probability -lt 100 ]; then + elif [ $probability -lt 100 ]; then probability="0.0$probability" - elif [ $probability -lt 1000 ]; then + elif [ $probability -lt 1000 ]; then probability="0.$probability" else probability="1" fi probability="-m statistic --mode random --probability $probability" - + $IPT -I mwan3_policy_$policy -m mark --mark 0x0/0xff00 $probability -m comment --comment "$INTERFACE $weight $total_weight" -j MARK --set-xmark $(($iface_id*256))/0xff00 fi fi @@ -254,10 +257,34 @@ mwan3_set_policies_iptables() config_list_foreach $policy use_member mwan3_set_policy } +mwan3_set_sticky_iptables() +{ + local INTERFACE iface_count iface_id + + INTERFACE="$1" + + config_foreach mwan3_get_iface_id interface + unset iface_count + + $IPS -! create mwan3_sticky_$rule hash:ip,mark markmask 0xff00 timeout $timeout + + if [ -n "$iface_id" ]; then + if [ -n "$($IPT -S mwan3_iface_$1 2> /dev/null)" ]; then + $IPT -I mwan3_rule_$rule -m set ! --match-set mwan3_sticky_$rule src,src -j MARK --set-xmark 0x0/0xff00 + $IPT -I mwan3_rule_$rule -m mark --mark 0/0xff00 -j MARK --set-xmark $(($iface_id*256))/0xff00 + fi + fi + + unset iface_id +} + mwan3_set_user_rules_iptables() { - local proto src_ip src_port dest_ip dest_port use_policy + local ipset proto src_ip src_port sticky dest_ip dest_port use_policy rule timeout + config_get sticky $1 sticky 0 + config_get timeout $1 timeout 600 + config_get ipset $1 ipset config_get proto $1 proto all config_get src_ip $1 src_ip 0.0.0.0/0 config_get src_port $1 src_port 0:65535 @@ -265,6 +292,20 @@ mwan3_set_user_rules_iptables() config_get dest_port $1 dest_port 0:65535 config_get use_policy $1 use_policy + rule="$1" + + if [ "$rule" != $(echo "$rule" | cut -c1-15) ]; then + $LOG warn "Rule $rule exceeds max of 15 chars. Not setting rule" && return 0 + fi + + if [ -n "$ipset" ]; then + if [ -z "$($IPS -n list $ipset)" ]; then + $IPS create $ipset hash:ip timeout 3600 + fi + + ipset="-m set --match-set $ipset dst" + fi + if [ -n "$use_policy" ]; then if [ "$use_policy" == "default" ]; then use_policy="MARK --set-xmark 0xff00/0xff00" @@ -273,15 +314,32 @@ mwan3_set_user_rules_iptables() elif [ "$use_policy" == "blackhole" ]; then use_policy="MARK --set-xmark 0xfd00/0xff00" else - use_policy="mwan3_policy_$use_policy" + if [ "$sticky" -eq 1 ]; then + + if ! $IPT -S mwan3_rule_$rule &> /dev/null; then + $IPT -N mwan3_rule_$rule + fi + + $IPT -F mwan3_rule_$rule + + config_foreach mwan3_set_sticky_iptables interface + + $IPT -A mwan3_rule_$rule -m mark --mark 0/0xff00 -j mwan3_policy_$use_policy + $IPT -A mwan3_rule_$rule -m mark ! --mark 0xfc00/0xfc00 -j SET --del-set mwan3_sticky_$rule src,src + $IPT -A mwan3_rule_$rule -m mark ! --mark 0xfc00/0xfc00 -j SET --add-set mwan3_sticky_$rule src,src + + use_policy="mwan3_rule_$rule" + else + use_policy="mwan3_policy_$use_policy" + fi fi case $proto in tcp|udp) - $IPT -A mwan3_rules -p $proto -s $src_ip -d $dest_ip -m multiport --sports $src_port -m multiport --dports $dest_port -m mark --mark 0/0xff00 -m comment --comment "$1" -j $use_policy &> /dev/null + $IPT -A mwan3_rules -p $proto -s $src_ip -d $dest_ip $ipset -m multiport --sports $src_port -m multiport --dports $dest_port -m mark --mark 0/0xff00 -m comment --comment "$1" -j $use_policy &> /dev/null ;; *) - $IPT -A mwan3_rules -p $proto -s $src_ip -d $dest_ip -m mark --mark 0/0xff00 -m comment --comment "$1" -j $use_policy &> /dev/null + $IPT -A mwan3_rules -p $proto -s $src_ip -d $dest_ip $ipset -m mark --mark 0/0xff00 -m comment --comment "$1" -j $use_policy &> /dev/null ;; esac fi @@ -333,6 +391,7 @@ mwan3_ifupdown() mwan3_set_iface_route mwan3_set_iface_rules + [ $ACTION == "ifdown" ] && mwan3_set_iface_ipset [ $ACTION == "ifup" ] && mwan3_track config_foreach mwan3_set_policies_iptables policy @@ -346,9 +405,15 @@ if [ $ACTION == "ifup" ]; then [ -n "$DEVICE" ] || exit 0 fi -local IP IPT LOG +[ -x /usr/sbin/ip ] || exit 1 +[ -x /usr/sbin/ipset ] || exit 1 +[ -x /usr/sbin/iptables ] || exit 1 +[ -x /usr/bin/logger ] || exit 1 + +local IP IPS IPT LOG IP="/usr/sbin/ip -4" +IPS="/usr/sbin/ipset" IPT="/usr/sbin/iptables -t mangle -w" LOG="/usr/bin/logger -t mwan3 -p" diff --git a/net/mwan3/files/usr/sbin/mwan3 b/net/mwan3/files/usr/sbin/mwan3 index 286603a85..c69d94eeb 100755 --- a/net/mwan3/files/usr/sbin/mwan3 +++ b/net/mwan3/files/usr/sbin/mwan3 @@ -2,14 +2,15 @@ . /lib/functions.sh IP="/usr/sbin/ip -4" +IPS="/usr/sbin/ipset" IPT="/usr/sbin/iptables -t mangle -w" help() -{ - cat <" && exit 0 fi - + config_get enabled "$1" enabled 0 device=$(uci get -p /var/state network.$1.ifname) &> /dev/null - + if [ -n "$device" ] ; then [ "$enabled" -eq 1 ] && ACTION=ifup INTERFACE=$1 DEVICE=$device /sbin/hotplug-call iface fi @@ -71,14 +72,14 @@ interfaces() config_load mwan3 echo "Interface status:" - + check_iface_status() { let iface_id++ device=$(uci get -p /var/state network.$1.ifname) &> /dev/null if [ -z "$device" ]; then - echo "Interface $1 is unknown" + echo " interface $1 is unknown" return 0 fi @@ -92,21 +93,21 @@ interfaces() if [ -n "$($IP rule | awk '$5 == "'$device'"')" -a -n "$($IPT -S mwan3_iface_$1 2> /dev/null)" -a -n "$($IP route list table $iface_id default dev $device 2> /dev/null)" ]; then if [ -n "$(uci get -p /var/state mwan3.$1.track_ip 2> /dev/null)" ]; then - echo "Interface $1 is online (tracking $tracking)" + echo " interface $1 is online (tracking $tracking)" else - echo "Interface $1 is online" + echo " interface $1 is online" fi elif [ -n "$($IP rule | awk '$5 == "'$device'"')" -o -n "$($IPT -S mwan3_iface_$1 2> /dev/null)" -o -n "$($IP route list table $iface_id default dev $device 2> /dev/null)" ]; then - echo "Interface $1 error" + echo " interface $1 error" else if [ "$enabled" -eq 1 ]; then if [ -n "$(uci get -p /var/state mwan3.$1.track_ip 2> /dev/null)" ]; then - echo "Interface $1 is offline (tracking $tracking)" + echo " interface $1 is offline (tracking $tracking)" else - echo "Interface $1 is offline" + echo " interface $1 is offline" fi else - echo "Interface $1 is disabled" + echo " interface $1 is disabled" fi fi } @@ -141,17 +142,19 @@ policies() } rules() { + local address + if [ -n "$($IPT -S mwan3_connected 2> /dev/null)" ]; then echo "Known networks:" - echo "destination policy hits" | awk '{ printf "%-19s%-19s%-9s%s\n",$1,$2,$3}' | awk '1; {gsub(".","-")}1' - $IPT -L mwan3_connected -n -v 2> /dev/null | tail -n+3 | sed 's/mark.*//' | sed 's/mwan3_policy_//' | awk '{printf "%-19s%-19s%-9s%s\n",$9,"default",$1}' + for address in $($IPS list mwan3_connected | egrep '[0-9]{1,3}(\.[0-9]{1,3}){3}'); do + echo " $address" + done echo -e fi if [ -n "$($IPT -S mwan3_rules 2> /dev/null)" ]; then echo "Active rules:" - echo "source destination proto src-port dest-port policy hits" | awk '{ printf "%-19s%-19s%-7s%-14s%-14s%-16s%-9s%s\n",$1,$2,$3,$4,$5,$6,$7}' | awk '1; {gsub(".","-")}1' - $IPT -L mwan3_rules -n -v 2> /dev/null | tail -n+3 | sed 's/mark.*//' | sed 's/mwan3_policy_//' | awk '{ printf "%-19s%-19s%-7s%-14s%-14s%-16s%-9s%s\n",$8,$9,$4,$12,$15,$3,$1}' + $IPT -L mwan3_rules -n -v 2> /dev/null | tail -n+3 | sed 's/mark.*//' | sed 's/mwan3_policy_/- /' | sed 's/mwan3_rule_/S /' echo -e fi } @@ -171,7 +174,7 @@ start() stop() { - local route rule table + local ipset route rule table killall mwan3track &> /dev/null rm /var/run/mwan3track-* &> /dev/null @@ -186,7 +189,6 @@ stop() $IPT -D PREROUTING -j mwan3_hook &> /dev/null $IPT -D OUTPUT -j mwan3_hook &> /dev/null - $IPT -D OUTPUT -j mwan3_output_hook &> /dev/null for table in $($IPT -S | awk '{print $2}' | grep mwan3 | sort -u); do $IPT -F $table &> /dev/null @@ -195,6 +197,10 @@ stop() for table in $($IPT -S | awk '{print $2}' | grep mwan3 | sort -u); do $IPT -X $table &> /dev/null done + + for ipset in $(ipset -n list | grep mwan3); do + $IPS destroy $ipset + done } restart() { From 6f78dcc31d1ba4379003770d68831557423b7b7a Mon Sep 17 00:00:00 2001 From: Othmar Truniger Date: Tue, 17 Mar 2015 20:41:51 +0100 Subject: [PATCH 26/41] linknx: streamline makefile Signed-off-by: Othmar Truniger --- net/linknx/Makefile | 32 ++++++++++++-------------------- 1 file changed, 12 insertions(+), 20 deletions(-) diff --git a/net/linknx/Makefile b/net/linknx/Makefile index e3aed3b15..3472e48c7 100644 --- a/net/linknx/Makefile +++ b/net/linknx/Makefile @@ -1,5 +1,5 @@ # -# Copyright (C) 2008-2014 OpenWrt.org +# Copyright (C) 2008-2015 OpenWrt.org # # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=linknx PKG_VERSION:=0.0.1.32 -PKG_RELEASE:=4 +PKG_RELEASE:=5 PKG_MD5SUM:=7ecc1208f59bceb05068c752b2250b63 PKG_MAINTAINER:=Othmar Truniger @@ -17,7 +17,6 @@ PKG_LICENSE:=GPL-2.0+ PKG_SOURCE_URL:=@SF/linknx PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_BUILD_DEPENDS:=pthsem curl libesmtp include $(INCLUDE_DIR)/package.mk @@ -26,26 +25,19 @@ define Package/linknx CATEGORY:=Network TITLE:=KNX home automation platform URL:=http://sourceforge.net/projects/linknx/ - DEPENDS:=pthsem +lua +luac +libstdcpp +libcurl +libesmtp + DEPENDS:=+pthsem +argp-standalone +lua +luac +libstdcpp +libcurl +libesmtp endef -define Build/Configure - (cd $(PKG_BUILD_DIR); touch aclocal.m4 Makefile.in config.h.in configure; \ - $(SED) 's,\"2.0.4\",\"2.0.4\"\n_pth_version=\"2.0.8\",g' $(PKG_BUILD_DIR)/configure ) - $(call Build/Configure/Default,--verbose --without-pth-test --with-pth=$(STAGING_DIR) --without-log4cpp --with-lua --with-libcurl --without-mysql, \ - CXXFLAGS="$(TARGET_CFLAGS) -fno-builtin -lcrypt" \ - ) -endef +CONFIGURE_ARGS+= \ + --verbose \ + --without-pth-test \ + --without-log4cpp \ + --with-lua \ + --with-libcurl \ + --without-mysql -define Build/Compile - $(MAKE) -C $(PKG_BUILD_DIR)/ \ - LIBDIR="$(TARGET_LDFLAGS)" \ - CC="$(TARGET_CC) $(TARGET_CFLAGS) $(TARGET_CPPFLAGS) " \ - LD="$(TARGET_CROSS)ld -shared" \ - LUA="$(STAGING_DIR_HOST)/bin/lua" \ - LUAC="$(STAGING_DIR_HOST)/bin/luac" \ - CFLAGS="$(TARGET_CFLAGS) -nodefaultlibs" all -endef +EXTRA_LDFLAGS+= \ + -fno-builtin define Package/linknx/install $(INSTALL_DIR) $(1)/usr/bin From 98622bb83ee29d94623aec4b3a1d87913cafd4c8 Mon Sep 17 00:00:00 2001 From: Othmar Truniger Date: Tue, 17 Mar 2015 20:10:13 +0100 Subject: [PATCH 27/41] knxd: tune Makefile, new upstream version Signed-off-by: Othmar Truniger --- net/knxd/Makefile | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/net/knxd/Makefile b/net/knxd/Makefile index 97fcc8ea5..a140aece9 100644 --- a/net/knxd/Makefile +++ b/net/knxd/Makefile @@ -11,13 +11,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=knxd -PKG_VERSION=2015-03-06-$(PKG_SOURCE_VERSION) +PKG_VERSION=2015-03-17-$(PKG_SOURCE_VERSION) PKG_RELEASE:=1 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://github.com/knxd/knxd.git -PKG_SOURCE_VERSION:=a63bc660d305e26ce3ed038607d387758fad8413 -PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_SOURCE_VERSION) +PKG_SOURCE_VERSION:=2c6c6732a684dffb87b391ea92cccdf07c8385b8 +PKG_SOURCE_SUBDIR:=$(PKG_NAME) PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.gz PKG_MAINTAINER:=Othmar Truniger @@ -26,7 +26,7 @@ PKG_LICENSE:=GPL-2.0+ PKG_LICENSE_FILES:=LICENSE PKG_BUILD_PARALLEL:=1 -PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_SOURCE_VERSION) +PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME) PKG_FIXUP:=autoreconf PKG_INSTALL:=1 @@ -37,7 +37,7 @@ define Package/knxd SECTION:=net CATEGORY:=Network TITLE:=EIB KNX daemon - DEPENDS:=+pthsem +libusb-1.0 + DEPENDS:=+pthsem +argp-standalone +libusb-1.0 endef define Package/knxd/description @@ -55,7 +55,7 @@ define Package/libeibclient DEPENDS:=+pthsem endef -define Package/knxd-tools/description +define Package/libeibclient/description EIB KNX client library endef @@ -84,9 +84,8 @@ CONFIGURE_ARGS+= \ --without-pth-test \ --without-libstdc -TARGET_CFLAGS+= \ - $(FPIC) \ - -fno-builtin -nodefaultlibs -lc -lm -lgcc -largp -lpthsem +EXTRA_LDFLAGS+= \ + -fno-builtin -nodefaultlibs -lc -lgcc define Build/InstallDev $(INSTALL_DIR) $(1)/usr/include From 7829fb225a6a744d3d724a7038c8407887882456 Mon Sep 17 00:00:00 2001 From: Mario Halambek Date: Wed, 18 Mar 2015 14:11:06 +0100 Subject: [PATCH 28/41] snort: bump to 2.9.7.2 Signed-off-by: Mario Halambek --- net/snort/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/snort/Makefile b/net/snort/Makefile index 2c948665c..06b690600 100644 --- a/net/snort/Makefile +++ b/net/snort/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=snort -PKG_VERSION:=2.9.7.0 +PKG_VERSION:=2.9.7.2 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://www.snort.org/downloads/snort/ -PKG_MD5SUM:=c2a45bc56441ee9456478f219dd8d1e2 +PKG_MD5SUM:=b01e9964827394c39194a0147bc15705 PKG_BUILD_DEPENDS:=librpc PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION) From 9322b6e80b27f41096b9b1ec72e48d43fb1a95af Mon Sep 17 00:00:00 2001 From: Peter Wagner Date: Thu, 19 Mar 2015 10:35:24 +0100 Subject: [PATCH 29/41] openssh: update to 6.8p1 Signed-off-by: Peter Wagner --- net/openssh/Makefile | 6 +++--- net/openssh/patches/130-implicit_memset_decl_fix.patch | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/net/openssh/Makefile b/net/openssh/Makefile index 055b0030e..0534b2a15 100644 --- a/net/openssh/Makefile +++ b/net/openssh/Makefile @@ -8,13 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openssh -PKG_VERSION:=6.7p1 -PKG_RELEASE:=3 +PKG_VERSION:=6.8p1 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \ http://ftp.belnet.be/pub/OpenBSD/OpenSSH/portable/ -PKG_MD5SUM:=3246aa79317b1d23cae783a3bf8275d6 +PKG_MD5SUM:=08f72de6751acfbd0892b5f003922701 PKG_LICENSE:=BSD ISC PKG_LICENSE_FILES:=LICENCE diff --git a/net/openssh/patches/130-implicit_memset_decl_fix.patch b/net/openssh/patches/130-implicit_memset_decl_fix.patch index be8bbcf9c..7d46d20d3 100644 --- a/net/openssh/patches/130-implicit_memset_decl_fix.patch +++ b/net/openssh/patches/130-implicit_memset_decl_fix.patch @@ -1,6 +1,6 @@ --- a/includes.h +++ b/includes.h -@@ -59,6 +59,9 @@ +@@ -60,6 +60,9 @@ /* *-*-nto-qnx needs these headers for strcasecmp and LASTLOG_FILE respectively */ From 99d0b5147d1c019f6cfc03c374b26dc992f06bdf Mon Sep 17 00:00:00 2001 From: Zero_Chaos Date: Wed, 4 Feb 2015 20:57:33 -0500 Subject: [PATCH 30/41] ethtool: add optional libssp dep Package ethtool is missing dependencies for the following libraries: libssp.so.0 Makefile:45: recipe for target '/home/zero/development/openwrt/bin/ar71xx/packages/packages/ethtool_3.18-1_ar71xx.ipk' failed Signed-off-by: Rick Farina (Zero_Chaos) --- net/ethtool/Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/net/ethtool/Makefile b/net/ethtool/Makefile index 5ffb8253c..dd13277ad 100644 --- a/net/ethtool/Makefile +++ b/net/ethtool/Makefile @@ -29,6 +29,7 @@ define Package/ethtool SECTION:=net CATEGORY:=Network TITLE:=Display or change ethernet card settings + DEPENDS:=+SSP_SUPPORT:libssp URL:=http://www.kernel.org/pub/software/network/ethtool/ endef From 27762817f1493bfdb140707251b0013719717d7e Mon Sep 17 00:00:00 2001 From: Othmar Truniger Date: Thu, 19 Mar 2015 22:48:56 +0100 Subject: [PATCH 31/41] linknx: fix dependency Signed-off-by: Othmar Truniger --- net/linknx/Makefile | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/net/linknx/Makefile b/net/linknx/Makefile index 3472e48c7..06083fc96 100644 --- a/net/linknx/Makefile +++ b/net/linknx/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=linknx PKG_VERSION:=0.0.1.32 -PKG_RELEASE:=5 +PKG_RELEASE:=6 PKG_MD5SUM:=7ecc1208f59bceb05068c752b2250b63 PKG_MAINTAINER:=Othmar Truniger @@ -17,6 +17,7 @@ PKG_LICENSE:=GPL-2.0+ PKG_SOURCE_URL:=@SF/linknx PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_BUILD_DEPENDS:=argp-standalone include $(INCLUDE_DIR)/package.mk @@ -25,7 +26,7 @@ define Package/linknx CATEGORY:=Network TITLE:=KNX home automation platform URL:=http://sourceforge.net/projects/linknx/ - DEPENDS:=+pthsem +argp-standalone +lua +luac +libstdcpp +libcurl +libesmtp + DEPENDS:=+pthsem +lua +luac +libstdcpp +libcurl +libesmtp endef CONFIGURE_ARGS+= \ @@ -37,7 +38,7 @@ CONFIGURE_ARGS+= \ --without-mysql EXTRA_LDFLAGS+= \ - -fno-builtin + -fno-builtin define Package/linknx/install $(INSTALL_DIR) $(1)/usr/bin From 735a525ee8c0b8b1aa8e46e040b08b7554b4ea44 Mon Sep 17 00:00:00 2001 From: Stijn Tintel Date: Fri, 20 Mar 2015 17:45:23 +0100 Subject: [PATCH 32/41] avahi: remove optional dependency on libssp Signed-off-by: Stijn Tintel --- libs/avahi/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/libs/avahi/Makefile b/libs/avahi/Makefile index 4a56b6155..7aaea8968 100644 --- a/libs/avahi/Makefile +++ b/libs/avahi/Makefile @@ -56,7 +56,7 @@ define Package/libavahi/Default SECTION:=libs CATEGORY:=Libraries PROVIDES:=libavahi - DEPENDS:=+libpthread +SSP_SUPPORT:libssp + DEPENDS:=+libpthread endef define Package/libavahi/description @@ -70,7 +70,7 @@ endef define Package/avahi-autoipd $(call Package/avahi/Default) SUBMENU:=IP Addresses and Names - DEPENDS:=+libdaemon +SSP_SUPPORT:libssp + DEPENDS:=+libdaemon TITLE:=IPv4LL network address configuration daemon endef @@ -155,7 +155,7 @@ endef define Package/avahi-dnsconfd $(call Package/avahi/Default) SUBMENU:=IP Addresses and Names - DEPENDS:=+libavahi +libdaemon +libpthread +SSP_SUPPORT:libssp + DEPENDS:=+libavahi +libdaemon +libpthread TITLE:=A Unicast DNS server using avahi-daemon endef From 54b01d214f231d7b7ed5b6b895ddd1e40e3d0057 Mon Sep 17 00:00:00 2001 From: Stijn Tintel Date: Fri, 20 Mar 2015 17:46:00 +0100 Subject: [PATCH 33/41] ethtool: remove optional dependency on libssp Signed-off-by: Stijn Tintel --- net/ethtool/Makefile | 1 - 1 file changed, 1 deletion(-) diff --git a/net/ethtool/Makefile b/net/ethtool/Makefile index dd13277ad..5ffb8253c 100644 --- a/net/ethtool/Makefile +++ b/net/ethtool/Makefile @@ -29,7 +29,6 @@ define Package/ethtool SECTION:=net CATEGORY:=Network TITLE:=Display or change ethernet card settings - DEPENDS:=+SSP_SUPPORT:libssp URL:=http://www.kernel.org/pub/software/network/ethtool/ endef From e996c1cc369620272cdb760fcc836289cfe5df39 Mon Sep 17 00:00:00 2001 From: Stijn Tintel Date: Fri, 20 Mar 2015 17:46:37 +0100 Subject: [PATCH 34/41] openssh: remove optional dependency on libssp Signed-off-by: Stijn Tintel --- net/openssh/Makefile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/net/openssh/Makefile b/net/openssh/Makefile index 0534b2a15..5eb7a2bd8 100644 --- a/net/openssh/Makefile +++ b/net/openssh/Makefile @@ -29,7 +29,7 @@ include $(INCLUDE_DIR)/package.mk define Package/openssh/Default SECTION:=net CATEGORY:=Network - DEPENDS:=+libopenssl +zlib +SSP_SUPPORT:libssp + DEPENDS:=+libopenssl +zlib TITLE:=OpenSSH MAINTAINER:=Peter Wagner URL:=http://www.openssh.com/ @@ -124,7 +124,6 @@ endef define Package/openssh-sftp-server $(call Package/openssh/Default) TITLE+= SFTP server - DEPENDS:=+SSP_SUPPORT:libssp endef define Package/openssh-sftp-server/description From 2eae664f5f2d334be7d9c6285f2473f732ead9c7 Mon Sep 17 00:00:00 2001 From: Stijn Tintel Date: Fri, 20 Mar 2015 18:23:39 +0100 Subject: [PATCH 35/41] tor: remove optional dependency on libssp Signed-off-by: Stijn Tintel --- net/tor/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/tor/Makefile b/net/tor/Makefile index 6ffcf43bd..8550f8358 100644 --- a/net/tor/Makefile +++ b/net/tor/Makefile @@ -41,7 +41,7 @@ endef define Package/tor $(call Package/tor/Default) TITLE:=An anonymous Internet communication system - DEPENDS:=+libevent2 +libopenssl +libpthread +librt +SSP_SUPPORT:libssp + DEPENDS:=+libevent2 +libopenssl +libpthread +librt endef define Package/tor/description From 1ba6028cc1efcfc3eeeaa7120caa3d6bd77aac77 Mon Sep 17 00:00:00 2001 From: Ted Hess Date: Fri, 20 Mar 2015 14:05:22 -0400 Subject: [PATCH 36/41] pianod: Add Pandora Radio player daemon * Integrate as OpenWrt daemon * Build with PolarSSL (replaces GNUTLS) * Add optional client WebUI * Fix some socket failure handling and segfaults Signed-off-by: Ted Hess --- sound/pianod/Makefile | 110 ++++++ sound/pianod/files/pianod.init | 42 +++ .../005-Fix_IPV6_socket_handling.patch | 29 ++ .../010-Configure_add_SSL_options.patch | 42 +++ ...Use_package_config_h_for_all_modules.patch | 59 +++ .../030-Waitress_add_polarssl_variant.patch | 344 ++++++++++++++++++ 6 files changed, 626 insertions(+) create mode 100644 sound/pianod/Makefile create mode 100644 sound/pianod/files/pianod.init create mode 100644 sound/pianod/patches/005-Fix_IPV6_socket_handling.patch create mode 100644 sound/pianod/patches/010-Configure_add_SSL_options.patch create mode 100644 sound/pianod/patches/020-Use_package_config_h_for_all_modules.patch create mode 100644 sound/pianod/patches/030-Waitress_add_polarssl_variant.patch diff --git a/sound/pianod/Makefile b/sound/pianod/Makefile new file mode 100644 index 000000000..758805c70 --- /dev/null +++ b/sound/pianod/Makefile @@ -0,0 +1,110 @@ +# +# Copyright (C) 2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=pianod +PKG_VERSION:=173 +PKG_RELEASE:=2 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=http://deviousfish.com/Downloads/pianod/ +PKG_MD5SUM:=be0cec19ea6df1c4bc6c1cac8e253445 + +PKG_MAINTAINER:=Ted Hess + +PKG_LICENSE:=MIT VARIOUS +PKG_LICENSE_FILES:=COPYING + +PKG_FIXUP:=autoreconf +PKG_INSTALL:=1 + +include $(INCLUDE_DIR)/package.mk + +define Package/pianod + SECTION:=sound + CATEGORY:=Sound + DEPENDS:=+libao +libfaad2 +libmad +libpolarssl +libjson-c +libgcrypt +libpthread + TITLE:=Pandora radio daemon + USERID:=pianod=88:pianod=88 + URL:=http://deviousfish.com/pianod/ +endef + +define Package/pianod/description + pianod is a Pandora music player client with line-oriented and Websocket control interfaces. + A simple protocol makes for easy clients, mix scripting, integration with a + home automation system, use as multiple-user music system for home or office. + Documentation and configuration information can be found at: + http://deviousfish.com/pianod/ +endef + +define Package/pianod-client + SECTION:=sound + CATEGORY:=Sound + DEPENDS:=+pianod + TITLE:=Pandora radio daemon WebUI + URL:=http://deviousfish.com/pianod/ +endef + +define Package/pianod-client/description + Web client UI and remote player viewer for pianod + Examples --- (Note: The viewer.* files need not be on the pianod host) + Main interface: http://pianod-host:4446/pianod + Remote viewer: file:////viewer.html?server=pianod-host:4446 --or-- + http://pianod-host:4446/pianod/viewer.html?server=pianod-host:4446 +endef + +CONFIGURE_ARGS+= --with-polarssl + +PIANOD_CLIENT:=pianod-client-compiled-51.tar.gz + +define Download/pianod-client + URL:=$(PKG_SOURCE_URL)/Devel + FILE:=$(PIANOD_CLIENT) + MD5SUM:=abbdee5627bcee6a00c8304da8b4e2e7 +endef + +define Package/pianod/conffiles +/etc/pianod/startscript +/etc/pianod/users +endef + +define Build/Prepare + $(call Build/Prepare/Default) + ifeq ($(CONFIG_PACKAGE_pianod-client),y) + $(eval $(call Download,pianod-client)) + mkdir -p $(PKG_BUILD_DIR)/pianod-client + $(TAR) -xf $(DL_DIR)/$(PIANOD_CLIENT) --strip=1 -C $(PKG_BUILD_DIR)/pianod-client + endif +endef + +define Package/pianod-client/Configure +endef + +define Package/pianod-client/Compile +endef + +define Package/pianod/install + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/pianod $(1)/usr/bin/ +# These scripts need ksh (install mksh and link) +# $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/piano $(1)/usr/bin/ +# $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/runmix $(1)/usr/bin/ + + $(INSTALL_DIR) $(1)/etc/pianod + $(INSTALL_DATA) $(PKG_BUILD_DIR)/contrib/startscript-example $(1)/etc/pianod/startscript + $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_BIN) ./files/pianod.init $(1)/etc/init.d/pianod +endef + +define Package/pianod-client/install + $(INSTALL_DIR) $(1)/www/pianod + $(INSTALL_DATA) $(PKG_BUILD_DIR)/pianod-client/*.{html,js,gif,jpeg,css} $(1)/www/pianod/ +endef + +$(eval $(call BuildPackage,pianod)) +$(eval $(call BuildPackage,pianod-client)) diff --git a/sound/pianod/files/pianod.init b/sound/pianod/files/pianod.init new file mode 100644 index 000000000..b232944e5 --- /dev/null +++ b/sound/pianod/files/pianod.init @@ -0,0 +1,42 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2015 OpenWrt.org + +NAME=pianod +START=95 + +USE_PROCD=1 + +PD_USER=$NAME +PD_STARTSCRIPT=/etc/$NAME/startscript +PD_PASSWDFILE=/etc/$NAME/users +PD_WEBUI=/www/$NAME + +start_service() { + # Take group ownership of audio devices + chown root:$NAME /dev/snd/* /dev/mixer /dev/dsp + chmod 664 /dev/snd/* /dev/mixer /dev/dsp + + procd_open_instance + + procd_set_param command "/usr/bin/$NAME" + + procd_append_param command -n $PD_USER + procd_append_param command -i "$PD_STARTSCRIPT" + procd_append_param command -u "$PD_PASSWDFILE" + [ -d "$PD_WEBUI" ] && procd_append_param command -c "$PD_WEBUI" + # No HTTPS support without certificates + procd_append_param command -s 0 + + procd_close_instance +} + +# Wait for service to exit and release sockets +reload_service() { + stop + sleep 2 + start +} + +restart() { + reload_service +} diff --git a/sound/pianod/patches/005-Fix_IPV6_socket_handling.patch b/sound/pianod/patches/005-Fix_IPV6_socket_handling.patch new file mode 100644 index 000000000..68f7c365d --- /dev/null +++ b/sound/pianod/patches/005-Fix_IPV6_socket_handling.patch @@ -0,0 +1,29 @@ +--- a/src/libwaitress/waitress.c ++++ b/src/libwaitress/waitress.c +@@ -813,7 +813,14 @@ static WaitressReturn_t WaitressConnect + sizeof (sockopt)); + + /* non-blocking connect will return immediately */ +- connect (sock, gacurr->ai_addr, gacurr->ai_addrlen); ++ if (connect (sock, gacurr->ai_addr, gacurr->ai_addrlen) == -1) { ++ // Error if not in-progress or immediate success ++ if (errno != EINPROGRESS) { ++ // Close socket and try alternatives ++ close (sock); ++ continue; ++ } ++ } + + pollres = WaitressPollLoop (sock, POLLOUT, waith->timeout); + if (pollres == 0) { +--- a/src/libfootball/fb_service.c ++++ b/src/libfootball/fb_service.c +@@ -111,6 +111,8 @@ static bool fb_setup_socket (FB_SERVICE + service->socket [which] = 0; + } else { + fb_perror ("socket"); ++ // Element must be zero (not -1) ++ service->socket [which] = 0; + }; + return false; + } diff --git a/sound/pianod/patches/010-Configure_add_SSL_options.patch b/sound/pianod/patches/010-Configure_add_SSL_options.patch new file mode 100644 index 000000000..2c2677965 --- /dev/null +++ b/sound/pianod/patches/010-Configure_add_SSL_options.patch @@ -0,0 +1,42 @@ +--- a/configure.ac ++++ b/configure.ac +@@ -31,8 +31,6 @@ AC_CHECK_LIB([pthread], [pthread_create] + # with it, but don't consider it an error. + # PKG_CHECK_MODULES only validates that pkg-config returns stuff; it doesn't + # validate that these are correct, so check lib to make sure they're right. +-PKG_CHECK_MODULES([gnutls], [gnutls],, +- [AC_MSG_WARN([No pkg-config for libgnutls])]) + PKG_CHECK_MODULES([ao], [ao],, + [AC_MSG_WARN([No pkg-config for libao])]) + PKG_CHECK_MODULES([mad], [mad],, +@@ -42,12 +40,28 @@ PKG_CHECK_MODULES([json], [json-c],, + [PKG_CHECK_MODULES([json], [json0],, + [AC_MSG_WARN([No pkg-config for json-c (aka libjson0, libjson)])])])]) + ++ + # Network communication stuff: + AC_CHECK_LIB([gcrypt], [gcry_cipher_open],, + [AC_MSG_ERROR([Cannot find required library: libgcrypt],1)]) +-AC_CHECK_LIB([gnutls], [gnutls_record_recv],, ++# Check for SSL option ++AC_ARG_WITH(polarssl, [ --with-polarssl Build waitress with PolarSSL (default GNUTLS)], [ ++ AC_MSG_RESULT(>>Using PolarSSL) ++ HAS_POLARSSL=1 ++ AC_DEFINE([USE_POLARSSL], 1, [Build for PolarSSL]) ++ PKG_CHECK_MODULES([polarssl], [polarssl],, ++ [AC_MSG_WARN([No pkg-config for libpolarssl])]) ++ AC_CHECK_LIB([polarssl], [ssl_set_session],, ++ [AC_MSG_ERROR([Cannot find required library: libpolarssl (aka polarssl)],1)])] ) ++AM_CONDITIONAL([USE_POLARSSL],[test "x$HAS_POLARSSL" = "x1"]) ++ ++if test "x$HAS_POLARSSL" != x1 ; then ++ PKG_CHECK_MODULES([gnutls], [gnutls],, ++ [AC_MSG_WARN([No pkg-config for libgnutls])]) ++ AC_CHECK_LIB([gnutls], [gnutls_record_recv],, + [AC_MSG_ERROR([Cannot find required library: libgnutls (aka gnutls)],1)]) +-AC_CHECK_FUNCS(gnutls_transport_set_int2 gnutls_sec_param_to_pk_bits) ++ AC_CHECK_FUNCS(gnutls_transport_set_int2 gnutls_sec_param_to_pk_bits) ++fi + + # Bloody json library may be linked via -ljson, or -ljson-c depending on + # the platform. Try both. diff --git a/sound/pianod/patches/020-Use_package_config_h_for_all_modules.patch b/sound/pianod/patches/020-Use_package_config_h_for_all_modules.patch new file mode 100644 index 000000000..25569ccc2 --- /dev/null +++ b/sound/pianod/patches/020-Use_package_config_h_for_all_modules.patch @@ -0,0 +1,59 @@ +--- a/src/libpiano/config.h ++++ /dev/null +@@ -1 +0,0 @@ +-#define PACKAGE "libpiano" +--- a/src/libwaitress/config.h ++++ /dev/null +@@ -1 +0,0 @@ +-#define PACKAGE "libwaitress" +--- a/src/libpiano/piano.h ++++ b/src/libpiano/piano.h +@@ -39,6 +39,8 @@ THE SOFTWARE. + * http://pan-do-ra-api.wikia.com + */ + ++#define LIBPIANO_NAME "libpiano" ++ + #define PIANO_RPC_HOST "tuner.pandora.com" + #define PIANO_RPC_PATH "/services/json/?" + +--- a/src/libwaitress/waitress.c ++++ b/src/libwaitress/waitress.c +@@ -922,14 +922,14 @@ static WaitressReturn_t WaitressSendRequ + if (WaitressProxyEnabled (waith) && !waith->url.tls) { + snprintf (buf, WAITRESS_BUFFER_SIZE, + "%s http://%s:%s/%s HTTP/" WAITRESS_HTTP_VERSION "\r\n" +- "Host: %s\r\nUser-Agent: " PACKAGE "\r\nConnection: Close\r\n", ++ "Host: %s\r\nUser-Agent: " LIBWAITRESS_NAME "\r\nConnection: Close\r\n", + (waith->method == WAITRESS_METHOD_GET ? "GET" : "POST"), + waith->url.host, + WaitressDefaultPort (&waith->url), path, waith->url.host); + } else { + snprintf (buf, WAITRESS_BUFFER_SIZE, + "%s /%s HTTP/" WAITRESS_HTTP_VERSION "\r\n" +- "Host: %s\r\nUser-Agent: " PACKAGE "\r\nConnection: Close\r\n", ++ "Host: %s\r\nUser-Agent: " LIBWAITRESS_NAME "\r\nConnection: Close\r\n", + (waith->method == WAITRESS_METHOD_GET ? "GET" : "POST"), + path, waith->url.host); + } +--- a/src/libwaitress/waitress.h ++++ b/src/libwaitress/waitress.h +@@ -29,6 +29,8 @@ THE SOFTWARE. + #include + #include + ++#define LIBWAITRESS_NAME "libwaitress" ++ + #define WAITRESS_BUFFER_SIZE 10*1024 + + typedef enum { +--- a/src/libpiano/request.c ++++ b/src/libpiano/request.c +@@ -40,6 +40,7 @@ THE SOFTWARE. + #include + #include + /* needed for urlencode */ ++#include + #include + + #include "piano.h" diff --git a/sound/pianod/patches/030-Waitress_add_polarssl_variant.patch b/sound/pianod/patches/030-Waitress_add_polarssl_variant.patch new file mode 100644 index 000000000..de40b35c9 --- /dev/null +++ b/sound/pianod/patches/030-Waitress_add_polarssl_variant.patch @@ -0,0 +1,344 @@ +--- a/src/libwaitress/waitress.h ++++ b/src/libwaitress/waitress.h +@@ -27,7 +27,12 @@ THE SOFTWARE. + #include + #include + #include ++ ++#if defined(USE_POLARSSL) ++typedef struct _polarssl_ctx polarssl_ctx; ++#else + #include ++#endif + + #define LIBWAITRESS_NAME "libwaitress" + +@@ -102,8 +107,9 @@ typedef struct { + WaitressUrl_t url; + WaitressUrl_t proxy; + ++#if !defined(USE_POLARSSL) + gnutls_certificate_credentials_t tlsCred; +- ++#endif + /* per-request data */ + struct { + int sockfd; +@@ -121,7 +127,11 @@ typedef struct { + WaitressReturn_t (*read) (void *, char *, const size_t, size_t *); + WaitressReturn_t (*write) (void *, const char *, const size_t); + ++#if defined(USE_POLARSSL) ++ polarssl_ctx* sslCtx; ++#else + gnutls_session_t tlsSession; ++#endif + } request; + } WaitressHandle_t; + +--- a/src/pianod.c ++++ b/src/pianod.c +@@ -531,8 +531,11 @@ static bool initialize_libraries (APPSTA + gcry_check_version (NULL); + gcry_control (GCRYCTL_DISABLE_SECMEM, 0); + gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0); ++ ++#if !defined(USE_POLARSSL) + int crystatus = gnutls_global_init (); + if (crystatus == GNUTLS_E_SUCCESS) { ++#endif + PianoReturn_t status = PianoInit (&app->ph, app->settings.partnerUser, app->settings.partnerPassword, + app->settings.device, app->settings.inkey, app->settings.outkey); + if (status == PIANO_RET_OK) { +@@ -545,11 +548,13 @@ static bool initialize_libraries (APPSTA + } else { + flog (LOG_ERROR, "initialize_libraries: PianoInit: %s", PianoErrorToStr (status)); + } ++#if !defined(USE_POLARSSL) + gnutls_global_deinit (); + } else { + flog (LOG_ERROR, "initialize_libraries: gnutls_global_init: %s", gcry_strerror (crystatus)); + + } ++#endif + return false; + } + +@@ -728,7 +733,9 @@ int main (int argc, char **argv) { + PianoDestroyPlaylist (app.song_history); + PianoDestroyPlaylist (app.playlist); + WaitressFree (&app.waith); ++#if !defined(USE_POLARSSL) + gnutls_global_deinit (); ++#endif + settings_destroy (&app.settings); + } + +--- a/src/libwaitress/waitress.c ++++ b/src/libwaitress/waitress.c +@@ -41,11 +41,33 @@ THE SOFTWARE. + #include + #include + +-#include + + #include "config.h" + #include "waitress.h" + ++#if defined(USE_POLARSSL) ++ ++#include ++#include ++#include ++#include ++#include ++ ++struct _polarssl_ctx ++{ ++ ssl_context ssl; ++ ssl_session session; ++ entropy_context entrophy; ++ ctr_drbg_context rnd; ++}; ++ ++#else ++ ++// Use gnutls by default (USE_POLARSSL not defined) ++#include ++ ++#endif ++ + #define strcaseeq(a,b) (strcasecmp(a,b) == 0) + #define WAITRESS_HTTP_VERSION "1.1" + +@@ -56,6 +78,13 @@ typedef struct { + + static WaitressReturn_t WaitressReceiveHeaders (WaitressHandle_t *, size_t *); + ++// gnutls wants (void *) and polarssl want (unsigned char *) ++#if defined(USE_POLARSSL) ++#define BUFFER_CAST unsigned char ++#else ++#define BUFFER_CAST void ++#endif ++ + #define READ_RET(buf, count, size) \ + if ((wRet = waith->request.read (waith, buf, count, size)) != \ + WAITRESS_RET_OK) { \ +@@ -444,7 +473,7 @@ static int WaitressPollLoop (int fd, sho + * @param write count bytes + * @return number of written bytes or -1 on error + */ +-static ssize_t WaitressPollWrite (void *data, const void *buf, size_t count) { ++static ssize_t WaitressPollWrite (void *data, const BUFFER_CAST *buf, size_t count) { + int pollres = -1; + ssize_t retSize; + WaitressHandle_t *waith = data; +@@ -478,13 +507,20 @@ static WaitressReturn_t WaitressOrdinary + return waith->request.readWriteRet; + } + +-static WaitressReturn_t WaitressGnutlsWrite (void *data, const char *buf, ++static WaitressReturn_t WaitressTlsWrite (void *data, const char *buf, + const size_t size) { + WaitressHandle_t *waith = data; ++#if defined(USE_POLARSSL) ++ ++ if (ssl_write (&waith->request.sslCtx->ssl, buf, size) < 0) { ++ return WAITRESS_RET_TLS_WRITE_ERR; ++ } ++#else + + if (gnutls_record_send (waith->request.tlsSession, buf, size) < 0) { + return WAITRESS_RET_TLS_WRITE_ERR; + } ++#endif + return waith->request.readWriteRet; + } + +@@ -494,7 +530,7 @@ static WaitressReturn_t WaitressGnutlsWr + * @param buffer size + * @return number of read bytes or -1 on error + */ +-static ssize_t WaitressPollRead (void *data, void *buf, size_t count) { ++static ssize_t WaitressPollRead (void *data, BUFFER_CAST *buf, size_t count) { + int pollres = -1; + ssize_t retSize; + WaitressHandle_t *waith = data; +@@ -531,16 +567,34 @@ static WaitressReturn_t WaitressOrdinary + return waith->request.readWriteRet; + } + +-static WaitressReturn_t WaitressGnutlsRead (void *data, char *buf, ++static WaitressReturn_t WaitressTlsRead (void *data, char *buf, + const size_t size, size_t *retSize) { + WaitressHandle_t *waith = data; + ++#if defined(USE_POLARSSL) ++ int ret; ++ ++ *retSize = 0; ++ waith->request.readWriteRet = WAITRESS_RET_OK; ++ ret = ssl_read (&waith->request.sslCtx->ssl, buf, size); ++ ++ if (ret < 0) { ++ if (ret != POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY) { ++ waith->request.readWriteRet = WAITRESS_RET_TLS_READ_ERR; ++ } ++ ++ return waith->request.readWriteRet; ++ } ++ ++ *retSize = ret; ++#else + ssize_t ret = gnutls_record_recv (waith->request.tlsSession, buf, size); + if (ret < 0) { + return WAITRESS_RET_TLS_READ_ERR; + } else { + *retSize = ret; + } ++#endif + return waith->request.readWriteRet; + } + +@@ -727,10 +781,28 @@ static int WaitressParseStatusline (cons + /* verify server certificate + */ + static WaitressReturn_t WaitressTlsVerify (const WaitressHandle_t *waith) { ++ ++#if defined(USE_POLARSSL) ++ unsigned char fingerprint[20]; ++ ++ const x509_crt* cert = ssl_get_peer_cert (&waith->request.sslCtx->ssl); ++ ++ if (NULL == cert) { ++ return WAITRESS_RET_TLS_HANDSHAKE_ERR; ++ } ++ ++ sha1 (cert->raw.p, cert->raw.len, fingerprint); ++ ++ if (memcmp (fingerprint, waith->tlsFingerprint, sizeof (fingerprint)) != 0) { ++ return WAITRESS_RET_TLS_FINGERPRINT_MISMATCH; ++ } ++ ++#else + gnutls_session_t session = waith->request.tlsSession; + unsigned int certListSize; + const gnutls_datum_t *certList; + gnutls_x509_crt_t cert; ++ char fingerprint[20]; + + if (gnutls_certificate_type_get (session) != GNUTLS_CRT_X509) { + return WAITRESS_RET_TLS_HANDSHAKE_ERR; +@@ -750,7 +822,6 @@ static WaitressReturn_t WaitressTlsVerif + return WAITRESS_RET_TLS_HANDSHAKE_ERR; + } + +- char fingerprint[20]; + size_t fingerprintSize = sizeof (fingerprint); + if (gnutls_x509_crt_get_fingerprint (cert, GNUTLS_DIG_SHA1, fingerprint, + &fingerprintSize) != 0) { +@@ -763,7 +834,7 @@ static WaitressReturn_t WaitressTlsVerif + } + + gnutls_x509_crt_deinit (cert); +- ++#endif + return WAITRESS_RET_OK; + } + +@@ -807,11 +878,6 @@ static WaitressReturn_t WaitressConnect + /* we need shorter timeouts for connect() */ + fcntl (sock, F_SETFL, O_NONBLOCK); + +- /* increase socket receive buffer */ +- const int sockopt = 256*1024; +- setsockopt (sock, SOL_SOCKET, SO_RCVBUF, &sockopt, +- sizeof (sockopt)); +- + /* non-blocking connect will return immediately */ + if (connect (sock, gacurr->ai_addr, gacurr->ai_addrlen) == -1) { + // Error if not in-progress or immediate success +@@ -880,6 +946,11 @@ static WaitressReturn_t WaitressConnect + } + } + ++#if defined(USE_POLARSSL) ++ if (ssl_handshake (&waith->request.sslCtx->ssl) != 0) { ++ return WAITRESS_RET_TLS_HANDSHAKE_ERR; ++ } ++#else + /* Ignore return code as connection will likely still succeed */ + gnutls_server_name_set (waith->request.tlsSession, GNUTLS_NAME_DNS, + waith->url.host, strlen (waith->url.host)); +@@ -887,14 +958,15 @@ static WaitressReturn_t WaitressConnect + if (gnutls_handshake (waith->request.tlsSession) != GNUTLS_E_SUCCESS) { + return WAITRESS_RET_TLS_HANDSHAKE_ERR; + } ++#endif + + if ((wRet = WaitressTlsVerify (waith)) != WAITRESS_RET_OK) { + return wRet; + } + + /* now we can talk encrypted */ +- waith->request.read = WaitressGnutlsRead; +- waith->request.write = WaitressGnutlsWrite; ++ waith->request.read = WaitressTlsRead; ++ waith->request.write = WaitressTlsWrite; + } + + return WAITRESS_RET_OK; +@@ -1120,6 +1192,21 @@ WaitressReturn_t WaitressFetchCall (Wait + waith->request.contentLengthKnown = false; + + if (waith->url.tls) { ++#if defined(USE_POLARSSL) ++ waith->request.sslCtx = calloc (1, sizeof(polarssl_ctx)); ++ ++ entropy_init (&waith->request.sslCtx->entrophy); ++ ctr_drbg_init (&waith->request.sslCtx->rnd, entropy_func, &waith->request.sslCtx->entrophy, "libwaitress", 11); ++ ssl_init (&waith->request.sslCtx->ssl); ++ ++ ssl_set_endpoint (&waith->request.sslCtx->ssl, SSL_IS_CLIENT); ++ ssl_set_authmode (&waith->request.sslCtx->ssl, SSL_VERIFY_NONE); ++ ssl_set_rng (&waith->request.sslCtx->ssl, ctr_drbg_random, &waith->request.sslCtx->rnd); ++ ssl_set_session (&waith->request.sslCtx->ssl, &waith->request.sslCtx->session); ++ ssl_set_bio (&waith->request.sslCtx->ssl, ++ WaitressPollRead, waith, ++ WaitressPollWrite, waith); ++#else + gnutls_init (&waith->request.tlsSession, GNUTLS_CLIENT); + gnutls_set_default_priority (waith->request.tlsSession); + +@@ -1137,6 +1224,7 @@ WaitressReturn_t WaitressFetchCall (Wait + WaitressPollRead); + gnutls_transport_set_push_function (waith->request.tlsSession, + WaitressPollWrite); ++#endif + } + + /* buffer is required for connect already */ +@@ -1148,15 +1236,22 @@ WaitressReturn_t WaitressFetchCall (Wait + if ((wRet = WaitressSendRequest (waith)) == WAITRESS_RET_OK) { + wRet = WaitressReceiveResponse (waith); + } ++#if !defined(USE_POLARSSL) + if (waith->url.tls) { + gnutls_bye (waith->request.tlsSession, GNUTLS_SHUT_RDWR); + } ++#endif + } + + /* cleanup */ + if (waith->url.tls) { ++#if defined(USE_POLARSSL) ++ ssl_free (&waith->request.sslCtx->ssl); ++ free (waith->request.sslCtx); ++#else + gnutls_deinit (waith->request.tlsSession); + gnutls_certificate_free_credentials (waith->tlsCred); ++#endif + } + if (waith->request.sockfd != -1) { + close (waith->request.sockfd); From 7c4d779f3e48ce313b201513bee4a25d2bb602da Mon Sep 17 00:00:00 2001 From: Michael Heimpold Date: Sun, 22 Mar 2015 20:17:15 +0100 Subject: [PATCH 37/41] php5: upgrade to 5.6.7 This fixes CVE-2015-0231, CVE-2015-2305 and CVE-2015-2331. Signed-off-by: Michael Heimpold --- lang/php5/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lang/php5/Makefile b/lang/php5/Makefile index ccb55f4a5..1092b5cde 100644 --- a/lang/php5/Makefile +++ b/lang/php5/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=php -PKG_VERSION:=5.6.6 +PKG_VERSION:=5.6.7 PKG_RELEASE:=1 PKG_MAINTAINER:=W. Michael Petullo @@ -18,7 +18,7 @@ PKG_LICENSE_FILES:=LICENSE PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=http://www.php.net/distributions/ -PKG_MD5SUM:=b198117ee1d44c8143e030cee15f1b52 +PKG_MD5SUM:=2e4b0534d4b8aa9aabedeef12e7c0aa8 PKG_FIXUP:=libtool autoreconf PKG_BUILD_PARALLEL:=1 From 623a8a0d0cab1fb5d81c66da10fab8275a69644f Mon Sep 17 00:00:00 2001 From: "W. Michael Petullo" Date: Sun, 22 Mar 2015 17:24:51 -0400 Subject: [PATCH 38/41] dmapd: update to 0.0.71 Signed-off-by: W. Michael Petullo --- net/dmapd/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/dmapd/Makefile b/net/dmapd/Makefile index f69622e9c..e573523bb 100644 --- a/net/dmapd/Makefile +++ b/net/dmapd/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dmapd -PKG_VERSION:=0.0.70 +PKG_VERSION:=0.0.71 PKG_RELEASE:=1 PKG_MAINTAINER:=W. Michael Petullo @@ -18,7 +18,7 @@ PKG_LICENSE_FILES:=COPYING PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://www.flyn.org/projects/dmapd -PKG_MD5SUM:=f503bf95f79b5c1f9418cccf26203952 +PKG_MD5SUM:=cee310509e39db782110267edac4fe9a PKG_FIXUP:=autoreconf PKG_INSTALL:=2 From 471cf1a9ef35566a7dcc3cce179227bda60715af Mon Sep 17 00:00:00 2001 From: Vladimir Ulrich Date: Mon, 23 Mar 2015 18:31:20 +0300 Subject: [PATCH 39/41] [utils/zoneinfo] Updated package to the latest version Signed-off-by: Vladimir Ulrich --- utils/zoneinfo/Makefile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/utils/zoneinfo/Makefile b/utils/zoneinfo/Makefile index 6f1b6ef8f..3327fddc4 100644 --- a/utils/zoneinfo/Makefile +++ b/utils/zoneinfo/Makefile @@ -9,8 +9,8 @@ include $(TOPDIR)/rules.mk PKG_NAME:=zoneinfo -PKG_VERSION:=2015a -PKG_VERSION_CODE:=2015a +PKG_VERSION:=2015b +PKG_VERSION_CODE:=2015b PKG_RELEASE:=1 #As i couldn't find real license used "Public Domain" @@ -20,14 +20,14 @@ PKG_LICENSE:=Public Domain PKG_SOURCE:=tzdata$(PKG_VERSION).tar.gz PKG_SOURCE_CODE:=tzcode$(PKG_VERSION_CODE).tar.gz PKG_SOURCE_URL:=http://www.iana.org/time-zones/repository/releases -PKG_MD5SUM:=4ed11c894a74a5ea64201b1c6dbb8831 +PKG_MD5SUM:=75571bb17c7b6be88a9f8872e45bc726 include $(INCLUDE_DIR)/package.mk define Download/tzcode FILE=$(PKG_SOURCE_CODE) URL=$(PKG_SOURCE_URL) - MD5SUM:=8f375ede46ae137fbac047ac431bda37 + MD5SUM:=f073a7c9bca7f9fe408491f826e92968 endef $(eval $(call Download,tzcode)) From 1f22744069439f2e5ba078bb41cec07dd8faefa0 Mon Sep 17 00:00:00 2001 From: Jonathan Bennett Date: Mon, 23 Mar 2015 08:29:20 -0500 Subject: [PATCH 40/41] Update Nano to 2.4 release, update copyright info, and add license tags Signed-off-by: Jonathan Bennett jbennett@incomsystems.biz --- utils/nano/Makefile | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/utils/nano/Makefile b/utils/nano/Makefile index 49f0b9bb9..6d000425d 100644 --- a/utils/nano/Makefile +++ b/utils/nano/Makefile @@ -1,5 +1,5 @@ # -# Copyright (C) 2007-2014 OpenWrt.org +# Copyright (C) 2007-2015 OpenWrt.org # # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. @@ -8,12 +8,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=nano -PKG_VERSION:=2.3.6 +PKG_VERSION:=2.4.0 PKG_RELEASE:=1 +PKG_LICENSE:=GPL-3.0+ +PKG_LICENSE_FILES:=COPYING PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=http://www.nano-editor.org/dist/v2.3 -PKG_MD5SUM:=df3d201aecb3155a80633990cc467831 +PKG_SOURCE_URL:=http://www.nano-editor.org/dist/v2.4 +PKG_MD5SUM:=e5c9c6424ee2303663ae4b99ecd4b493 PKG_INSTALL:=1 PKG_BUILD_PARALLEL:=1 From c8c6157e7eb3f5f47295d5eac0281f7de583dfa6 Mon Sep 17 00:00:00 2001 From: Steven Barth Date: Mon, 23 Mar 2015 17:28:54 +0100 Subject: [PATCH 41/41] mdnsresponder: bump to 567 Signed-off-by: Steven Barth --- net/mdnsresponder/Makefile | 4 +-- .../patches/001-cross_compile.patch | 32 +++++++------------ .../patches/100-linux_fixes.patch | 24 +++++++------- 3 files changed, 26 insertions(+), 34 deletions(-) diff --git a/net/mdnsresponder/Makefile b/net/mdnsresponder/Makefile index 91e7e9827..5eaedd2ec 100644 --- a/net/mdnsresponder/Makefile +++ b/net/mdnsresponder/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=mDNSResponder -PKG_VERSION:=561.1.1 +PKG_VERSION:=567 PKG_RELEASE:=1 PKG_SOURCE:=mDNSResponder-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://opensource.apple.com/tarballs/mDNSResponder/ -PKG_MD5SUM:=d4b56e22798d6f45e29b42cd6720ab6e +PKG_MD5SUM:=6eff6d243a12a3d4b6fca03c05a9893b PKG_MAINTAINER:=Steven Barth PKG_LICENSE:=Apache-2.0 diff --git a/net/mdnsresponder/patches/001-cross_compile.patch b/net/mdnsresponder/patches/001-cross_compile.patch index ad4eaee44..b1685fc45 100644 --- a/net/mdnsresponder/patches/001-cross_compile.patch +++ b/net/mdnsresponder/patches/001-cross_compile.patch @@ -1,6 +1,6 @@ --- a/Clients/Makefile +++ b/Clients/Makefile -@@ -23,6 +23,8 @@ +@@ -27,6 +27,8 @@ ############################################################################# @@ -9,22 +9,22 @@ # On OS X the dns_sd library functions are included in libSystem, which is implicitly linked with every executable # If /usr/lib/libSystem.dylib exists, then we're on OS X, so we don't need also to link the "dns_sd" shared library ifneq "$(wildcard /usr/lib/libSystem.dylib)" "" -@@ -42,10 +44,10 @@ build: +@@ -46,10 +48,10 @@ build: mkdir build build/dns-sd: build dns-sd.c ClientCommon.c -- cc $(filter %.c %.o, $+) $(LIBS) -I../mDNSShared -Wall -o $@ +- $(CC) $(filter %.c %.o, $+) $(LIBS) -I../mDNSShared -Wall -o $@ + $(CC) $(CFLAGS) $(filter %.c %.o, $+) $(LIBS) -I../mDNSShared -Wall -o $@ build/dns-sd64: build dns-sd.c ClientCommon.c -- cc $(filter %.c %.o, $+) $(LIBS) -I../mDNSShared -Wall -o $@ -m64 +- $(CC) $(filter %.c %.o, $+) $(LIBS) -I../mDNSShared -Wall -o $@ -m64 + $(CC) $(CFLAGS) $(filter %.c %.o, $+) $(LIBS) -I../mDNSShared -Wall -o $@ -m64 # Note, we can make a 'fat' version of dns-sd using 'lipo', as shown below, but we # don't, because we don't want or need a 'fat' version of dns-sd, because it will --- a/mDNSPosix/Makefile +++ b/mDNSPosix/Makefile -@@ -54,10 +54,11 @@ COREDIR = ../mDNSCore +@@ -54,11 +54,12 @@ COREDIR = ../mDNSCore SHAREDDIR ?= ../mDNSShared JDK = /usr/jdk @@ -32,22 +32,14 @@ +CC = @gcc BISON = @bison FLEX = @flex + ST = @strip -LD = ld -shared +LD = @ld +SOOPTS = -shared CP = cp RM = rm LN = ln -s -f -@@ -82,7 +83,7 @@ else - CFLAGS_DEBUG = -Os -DMDNS_DEBUGMSGS=0 - OBJDIR ?= objects/prod - BUILDDIR ?= build/prod --STRIP = strip -S -+STRIP = @strip -S - endif - - # Configure per-OS peculiarities -@@ -91,7 +92,7 @@ CFLAGS_DEBUG = -O0 -DMDNS_DEBUGMSGS=0 +@@ -92,7 +93,7 @@ CFLAGS_DEBUG = -O0 -DMDNS_DEBUGMSGS=0 CFLAGS_OS = -DNOT_HAVE_DAEMON -DNOT_HAVE_SA_LEN -DNOT_HAVE_SOCKLEN_T -DNOT_HAVE_IF_NAMETOINDEX \ -DLOG_PERROR=0 -D_XPG4_2 -D__EXTENSIONS__ -DHAVE_BROKEN_RECVIF_NAME -DTARGET_OS_SOLARIS CC = gcc @@ -56,7 +48,7 @@ LINKOPTS = -lsocket -lnsl -lresolv JAVACFLAGS_OS += -I$(JDK)/include/solaris ifneq ($(DEBUG),1) -@@ -147,7 +148,8 @@ CFLAGS_OS = -DHAVE_IPV6 -no-cpp-precomp +@@ -148,7 +149,8 @@ CFLAGS_OS = -DHAVE_IPV6 -no-cpp-precomp -D__MAC_OS_X_VERSION_MIN_REQUIRED=__MAC_OS_X_VERSION_10_4 \ -D__APPLE_USE_RFC_2292 #-Wunreachable-code CC = gcc @@ -66,7 +58,7 @@ LINKOPTS = -lSystem LDSUFFIX = dylib JDK = /System/Library/Frameworks/JavaVM.framework/Home -@@ -169,8 +171,9 @@ NSSLIBFILE := $(NSSLIBNAME)-$(NSSVERSIO +@@ -170,8 +172,9 @@ NSSLIBFILE := $(NSSLIBNAME)-$(NSSVERSIO NSSLINKNAME := $(NSSLIBNAME).so.2 NSSINSTPATH := /lib @@ -77,7 +69,7 @@ INSTBASE?=/usr STARTUPSCRIPTNAME?=mdns -@@ -256,7 +259,7 @@ libdns_sd: setup $(BUILDDIR)/libdns_sd.$ +@@ -257,7 +260,7 @@ libdns_sd: setup $(BUILDDIR)/libdns_sd.$ CLIENTLIBOBJS = $(OBJDIR)/dnssd_clientlib.c.so.o $(OBJDIR)/dnssd_clientstub.c.so.o $(OBJDIR)/dnssd_ipc.c.so.o $(BUILDDIR)/libdns_sd.$(LDSUFFIX): $(CLIENTLIBOBJS) @@ -86,7 +78,7 @@ @$(STRIP) $@ Clients: setup libdns_sd ../Clients/build/dns-sd -@@ -291,7 +294,7 @@ InstalledManPages: $(MANPATH)/man8/mdnsd +@@ -292,7 +295,7 @@ InstalledManPages: $(MANPATH)/man8/mdnsd InstalledClients: $(INSTBASE)/bin/dns-sd @echo $+ " installed" @@ -95,7 +87,7 @@ @echo $+ " installed" # Note: If daemon already installed, we make sure it's stopped before overwriting it -@@ -346,19 +349,21 @@ $(INSTBASE)/bin/dns-sd: ../Clients/build +@@ -347,19 +350,21 @@ $(INSTBASE)/bin/dns-sd: ../Clients/build $(NSSINSTPATH)/$(NSSLINKNAME): $(NSSINSTPATH)/$(NSSLIBFILE) $(LN) $< $@ diff --git a/net/mdnsresponder/patches/100-linux_fixes.patch b/net/mdnsresponder/patches/100-linux_fixes.patch index ea598a75d..512c1738a 100644 --- a/net/mdnsresponder/patches/100-linux_fixes.patch +++ b/net/mdnsresponder/patches/100-linux_fixes.patch @@ -84,7 +84,7 @@ } --- a/mDNSPosix/mDNSPosix.c +++ b/mDNSPosix/mDNSPosix.c -@@ -136,7 +136,7 @@ mDNSlocal void SockAddrTomDNSAddr(const +@@ -138,7 +138,7 @@ mDNSlocal void SockAddrTomDNSAddr(const // mDNS core calls this routine when it needs to send a packet. mDNSexport mStatus mDNSPlatformSendUDP(const mDNS *const m, const void *const msg, const mDNSu8 *const end, @@ -93,7 +93,7 @@ mDNSIPPort dstPort, mDNSBool useBackgroundTrafficClass) { int err = 0; -@@ -574,9 +574,17 @@ mDNSlocal void FreePosixNetworkInterface +@@ -583,9 +583,17 @@ mDNSlocal void FreePosixNetworkInterface { assert(intf != NULL); if (intf->intfName != NULL) free((void *)intf->intfName); @@ -111,9 +111,9 @@ + assert(rv == 0); + } #endif - free(intf); - } -@@ -703,6 +711,29 @@ mDNSlocal int SetupSocket(struct sockadd + + // Move interface to the RecentInterfaces list for a minute +@@ -724,6 +732,29 @@ mDNSlocal int SetupSocket(struct sockadd if (err < 0) { err = errno; perror("setsockopt - IP_MULTICAST_TTL"); } } @@ -143,7 +143,7 @@ // And start listening for packets if (err == 0) { -@@ -784,6 +815,29 @@ mDNSlocal int SetupSocket(struct sockadd +@@ -805,6 +836,29 @@ mDNSlocal int SetupSocket(struct sockadd if (err < 0) { err = errno; perror("setsockopt - IPV6_MULTICAST_HOPS"); } } @@ -173,7 +173,7 @@ // And start listening for packets if (err == 0) { -@@ -815,7 +869,12 @@ mDNSlocal int SetupSocket(struct sockadd +@@ -836,7 +890,12 @@ mDNSlocal int SetupSocket(struct sockadd } // Clean up @@ -187,7 +187,7 @@ assert((err == 0) == (*sktPtr != -1)); return err; } -@@ -994,7 +1053,7 @@ mDNSlocal mStatus OpenIfNotifySocket(int +@@ -1026,7 +1085,7 @@ mDNSlocal mStatus OpenIfNotifySocket(int /* Subscribe the socket to Link & IP addr notifications. */ mDNSPlatformMemZero(&snl, sizeof snl); snl.nl_family = AF_NETLINK; @@ -196,7 +196,7 @@ ret = bind(sock, (struct sockaddr *) &snl, sizeof snl); if (0 == ret) *pFD = sock; -@@ -1072,11 +1131,18 @@ mDNSlocal mDNSu32 ProcessRoutingNo +@@ -1104,11 +1163,18 @@ mDNSlocal mDNSu32 ProcessRoutingNo PrintNetLinkMsg(pNLMsg); #endif @@ -217,7 +217,7 @@ // Advance pNLMsg to the next message in the buffer if ((pNLMsg->nlmsg_flags & NLM_F_MULTI) != 0 && pNLMsg->nlmsg_type != NLMSG_DONE) -@@ -1247,8 +1313,12 @@ mDNSexport mStatus mDNSPlatformInit(mDNS +@@ -1279,8 +1345,12 @@ mDNSexport mStatus mDNSPlatformInit(mDNS if (err == mStatus_NoError) err = SetupSocket(&sa, zeroIPPort, 0, &m->p->unicastSocket6); #endif @@ -230,7 +230,7 @@ // Tell mDNS core about DNS Servers mDNS_Lock(m); -@@ -1281,9 +1351,17 @@ mDNSexport void mDNSPlatformClose(mDNS * +@@ -1313,9 +1383,17 @@ mDNSexport void mDNSPlatformClose(mDNS * { assert(m != NULL); ClearInterfaceList(m); @@ -250,7 +250,7 @@ #endif } -@@ -1533,14 +1611,14 @@ mDNSexport mStatus mDNSPlatformClearS +@@ -1571,14 +1649,14 @@ mDNSexport mStatus mDNSPlatformClearS mDNSexport mDNSu16 mDNSPlatformGetUDPPort(UDPSocket *sock) { (void) sock; // unused