- Correct SPDX License Identifier
- Move MAINTAINER, SUBMENU to more appropriate place
- Use HTTPS in URL
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
As discussed on GitHub[0] the package should be removed.
[0]: https://github.com/openwrt/packages/issues/7832
> The package is effectively orphaned upstream and has been for some
time. Given the security-sensitive nature of the package, an active
maintainer community is essential for safe usage. Racoon's lack of
support for IKEv2, despite it being stable for a long time, and the
availability of next-generation tunneling systems such as wireguard,
also would seem to limit its future value. Setkey's functionality
has been subsumed by 'ip xfrm'.
> If you disagree that ipsec-tools should be removed from OpenWRT,
please say so now. If there are still use cases for it that are
not met by other IKE implmenentations that would be good to
know. But more importantly, I think you'll need to convince us
that ipsec-tools is actually safe to operate on today's Internet
given its current state of development.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Introduce further ACL checks to verify that the request-supplied
upload location may be written to. This prevents overwriting things
like /bin/busybox and allows to confine uploads to specific directories.
To setup the required ACLs, the following ubus command may be used
on the command line:
ubus call session grant '{
"ubus_rpc_session": "d41d8cd98f00b204e9800998ecf8427e",
"scope": "cgi-io",
"objects": [
[ "/etc/certificates/*", "write" ],
[ "/var/uploads/*", "write" ]
]
}'
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* automatically add open uplinks to your wireless config,
e.g. hotel captive portals (disabled by default)
* shift net status check in a separate function
* (s)hellcheck cosmetics
Signed-off-by: Dirk Brenken <dev@brenken.org>
Fixes issue where CFLAGS were not being passed. This was breaking ASLR
builds.
Added PKG_BUILD_PARALLEL for faster compilation.
Added PKG_INSTALL. Changed install paths based on PKG_INSTALL paths.
Added --disable-debug to make sure debug code is disabled.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
On a Debian system without python3-distutils install, uwsgi-cgi was
failing to build because it couldn't import sysconfig from distutils.
OpenWrt packages should be using the OpenWrt python not the system
python. In addition we need to use python3 not python2, even when
both are available.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
* fix a dns restart issue if 'flush dns cache' is set
* fix a suspend/resume issue, the status wasn't properly updated
* fix a long standing query issue
* rework return code handling, mostly for debugging
* various cleanups & cosmetics
Signed-off-by: Dirk Brenken <dev@brenken.org>
Development moved to GitHub. Update URLs.
Cleaned up Makefile a bit for consistency between packages.
Added patch that removes deprecated bzero.
Ran init script through shellcheck. Fixed minor warnings.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Bidirectional Forwarding Detection (BFD) is a network protocol that is used to
detect faults between two forwarding engines connected by a link.
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
* update to git (2019-08-19)
* use new "kill_server" sysfs option on stop
* ensure reload_service() works correctly
* add inherit owner, force create mode, force directory mode UCI options
* add patches for mips target (vfree, vmalloc)
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* background service: no longer miss "signal" events for the
dns backend (to trigger adblock)
* fix a dns backend reload issue during switch between
different blocking modes
* domain query: report found domains only once in
"null" blocking mode with IPv4 & IPv6 list entries
Signed-off-by: Dirk Brenken <dev@brenken.org>
* fix a possible race condition during DNS file reset on slow hardware
* optimize DNS restart behaviour in 'null' blocking mode
* mute useless warnings
Signed-off-by: Dirk Brenken <dev@brenken.org>
This commit updates:
- bump version to v20190809
- fix PKG_LICENSE_FILES
- rename package names to kcptun-server, kcptun-client
- refactor Makefile
- merge config and service scripts
- add more config options to support all features
- add additional options: gogc, syslog, user
- add README.md
Reference:
- package shadowsocks-libev
Signed-off-by: Chao Liu <expiron18@gmail.com>
* add support for 'DNS File Reset', where the final DNS blockfile
will be purged after DNS backend loading (save storage space).
A small background service will be started to trace/handle
dns backend reloads/restarts
* add support for the 'null' blocking variant in dnsmasq
(via addn-hosts), which may provide better response times
in dnsmasq
* enhance the report & search engine to support
the new blocking variants. Search now includes
backups & black-/whitelist as well
* compressed source list backups are now mandatory (default to '/tmp')
* speed up TLD compression
* E-Mail notification setup is now integrated in UCI/LuCI
* update the LuCI frontend to reflect all changes (separate PR)
* drop preliminary dnscrypt-proxy-support (use dnsmasq instead)
* drop additional 'dnsjail' blocklist support (not used by anyone)
* procd cleanups in init
* various shellcheck cleanups
* update readme
Signed-off-by: Dirk Brenken <dev@brenken.org>
Fixes:
when using HTTP/2 a client might cause excessive memory
consumption and CPU usage (CVE-2019-9511, CVE-2019-9513,
CVE-2019-9516).
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
iotivity's scons build script is not compatible with python3, so use
python2.7 from python/host to run it.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Otherwise compilation fails when clang-tidy is found in the host:
-- clang-tidy found: /usr/lib/llvm/7/bin/clang-tidy
error: unknown argument: '-fhonour-copts' [clang-diagnostic-error]
error: unknown argument:'-iremap[...]:https_dns_proxy-2018-04-23'
[clang-diagnostic-error]
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
This avoids copying /usr/include, unversioned *.so files, pkgconfig,
/usr/lib/*.la, and the build-time libs/cflags configuration utility
clamav-config.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
f5420af phantap: do not capture vlans
5d1bd13 phantap-learn: improve the BPF filter, exclude vlans
be6f7d9 Readme.md: we now support talking to the victim.
8789da5 README.md: fix typo
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
Full changelog here: https://mosquitto.org/blog/2019/08/version-1-6-4-released/
Fixes a regression in persistent session handling, and various other
regressions related to the mqtt5 support.
Signed-off-by: Karl Palsson <karlp@etactica.com>
Rosen Penev
Josef Schlehofer
Paul Spooren
Noah Meyerhans
Eric Luehrsen
Jo-Philipp Wich
W. van den Akker
Christian Lachner
Dirk Brenken
Etienne Champetier
Daniel F. Dickinson
Andreas Nilsen
Jan Pavlinec
Stan Grishin
Lucian Cristian
William Fleurant
Matthias Schiffer
Andy Walsh
Chao Liu
DENG Qingfang
Eneas U de Queiroz
Moritz Warning
Karl Palsson
James Taylor