- Ensure only valid UTF-8 is passed to libidn. It was found
(CVE-2015-2059) that libidn can read beyond the boundaries of the
provided buffer when an input string contains invalid UTF-8 sequences.
Signed-off-by: Thomas Heil <heil@terminal-consulting.de>
The initial conversion to restart sqm on interfaces it is configured
for in case of (transient) dis- and reappearance was half finished.
These changes clean up the handling of exlicitly passed interfaces
in run.sh: no second argument defaults to all configured interfaces
the alternative is an individual interface name passed as 2nd
argument to run.sh. The first argument either is start or stop.
No argument at all will behave as if start was passed.
Survives light testing...
Signed-off-by: Sebastian Moeller <moeller0@gmx.de>
Alan Jenkins noted a bug in the smq luci GUI that effectively
erased several configuration paramters if two checkboxes were deselected.
This behaviour seems consistent in luci but certainly has the potential
to confuse users. While confusion can not really be avoided generally
it seems wise to change the default interpretation for empty or non-existent
itarget and etarget variables from the qdisc's default (5ms in the case of
one of the codels) to automatic determination of tghis variable dependent on
the configured bandwidth, as codels target variable should be large enough
to contain at least one full packet. With this change sqm-scripts will
do the right thing by default, but will yet allow the user to specify
over-ridding values (as long as the user does not un-check the
entry-field exposing check boxes). Survives light testing...
This change set also changes the sqm-scripts luci gui to note the user
of the change. For compatibility with existing setups sqm-scripts
will still honor "auto" as an alternative explicit way of requesting
automatic target selection. This might turn into a warning in the future
and might be phased out...
Signed-off-by: Sebastian Moeller <moeller0@gmx.de>
Package ethtool is missing dependencies for the following libraries:
libssp.so.0
Makefile:45: recipe for target '/home/zero/development/openwrt/bin/ar71xx/packages/packages/ethtool_3.18-1_ar71xx.ipk' failed
Signed-off-by: Rick Farina (Zero_Chaos) <zerochaos@gentoo.org>
From: Michael Haas <haas@computerlinguist.org>
* init script no longer creates certificates (consider client mode as use
case)
* patches/010_fix_getnameinfo.patch: Fix getnameinfo signature
* patches/011_disable_ssp_linking.patch: Disable -fstack-protector as it
is not always available in OpenWRT
* old patches (in oldpackages) no longer necessary
* remove libwrap dependency
* remove libpthread dependency
* respect CONFIG_IPV6
* init script uses procd
* sample stunnel.conf runs in client mode - prevents start failure,
does not require cert
Possible enhancement: automatically generate certificate as done in
uhttpd. However, as client mode is a possible use case, I'd rather not.
Additionally, stunnel may use several certs with user-defined locations
and we can't easily set a cert location via command-line args.
The package is based on
https://sites.google.com/site/twisteroidambassador/openwrt/stunnel
Signed-off-by: Michael Haas <haas@computerlinguist.org>
This patch add a new package, git-http, that contains all
http related commands (and ftp as extra). All http/ftp
depends on libcurl. Even without SSL suport in libcurl,
git compiles and it returns an informative error only
at runtime.
The use of symlinks now are trigged using NO_INSTALL_HARDLINKS env
and not based only on Makefile patch.
imap-send was kept builtin and idependent of curl (just as it was
before)
Template files, which are not necessary, where removed.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Previously, ./configure was running checking local system and not
OpenWRT target. This would avoid any configure test about OpenWRT
libraries.
With a patch in configure, non cross-compiling-friend test are
ignored and Makefile can use default configure.
As side effect, git commands are now at /usr/lib/git-core and not
/usr/libexec/git-core.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
- use https URL for fetching sources from GitHub, otherwise cloning
sources could stall buildbots by asking to accept a/the SSH host key
- do not _depend_ on DEPENDS but _select_ them, so the package(s) always
appear in menuconfig, not only when all dependencies are already
selected --> dependencies are automatically pulled in when package
is selected by user
- use PKG_INSTALL
- factor out the libeibclient library as own package
- use CONFIGURE_ARGS instead of dedicated Build/Configure
- same for TARGET_CFLAGS and Build/Compile
- do not include /etc/functions, already included by /etc/rc.common
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
During system start up pppoe devices seem to receice ifup events before
the interface actually exists. This commit makes sqm's run.sh script
test whether the sys files for an interface exist before actually trying
to start an SQM instance on an interface. This seems to nicely avoid
starting on an not fully established pppoe interface and avoids a number
of error messages during startup.
In addition, debug logging is disabled.
Signed-off-by: Sebastian Moeller <moeller0@gmx.de>
fix build errors on Arch Linux/Fedora 20
config.log trying to link with /usr/lib/libcrypt.so
/usr/lib/libcrypt.so: undefined reference to `memset@GLIBC_2.2.5'
linkage is AC_LIB_HAVE_LINKFLAGS macro behaviour
see http://marc.info/?l=gnulib-bug&m=129660262901148
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
config.log reports
WARNING: uuid support disabled as libblkid is too old
because the test macro AC_BLKID_VERS is not cross compile friendly
resulting in libblkid_cv_is_recent=unknown
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
Some interfaces like wan-pppoe go away, when the ppp connection is lost
and get recreated once the link is established again. SQM now
has its own hotplug script to re-enable itself on the interfae just hotplugged.
SQM will not touch other instances of itself running on other interfaces
if called by hotplug.d. The implementation now allows this functionality by
calling run.sh like:
/usr/lib/sqm/run.sh interface YOUR_INTERFACE_NAME_HERE
e.g.: /usr/lib/sqm/run.sh interface ge00-pppoe
If called with a specific interface SQM will only try to disable itself
on that interface to clean up all left over state and the re-enable
itself on just that interface. Hopefully that allows for better service
with instable interfaces like pppoe. The current code passes a simple manual
stop start test of the ge00-pppoe interface from the GUI and does seem
to do the right thing, at least on cerowrt 3.10.50-1...
The cross-compiling patch is no longer necessary. Also added librt as a
dependency, since it is required. This also fixes an issue where
support for linux/errqueue.h was not being detected correctly and
causing a build failure with 3.18.
Signed-off-by: John Szakmeister <john@szakmeister.net>
* new service "bind-nsupdate" using nsupdate to directly updates a PowerDNS or Bind server via nsupdate.
suggested by Jan Riechers (Pull #957) many thanks!
* updated tld-names.dat
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Thomas Heil
Daniel Golle
Nikos Mavrogiannopoulos
Cezary Jackiewicz
Maxim Storchak
Lawrence D'Anna
Sebastian Moeller
Steven Barth
Oliver Middleton
W. Michael Petullo
Stijn Tintel
Othmar Truniger
Zero_Chaos
Peter Wagner
Mario Halambek
Adze1502
Michael Haas
Jonathan McCrohan
Luiz Angelo Daros de Luca
Luka Perkov
Stanislav German-Evtushenko
Aedan Renner
Nicolas Thill
Alexandru Ardelean
Álvaro Fernández Rojas
probonopd
Michael Heimpold
Gergely Kiss
Marko Ratkaj
Dirk Neukirchen
John Szakmeister
Christian Schoenebeck