* fix reload/restart not applying luci/smb.conf changes
* remove hotfix for 'read only = no' (fixed by upstream)
* update documentation, example
*cifsd: fix the lost of dos file attributes
*cifsd: store FILE_ATTRIBUTE_SPARSE into xattr
*cifsd: release v2.0.2
*cifsd-tools: add smb.conf.list file to show supported parameters list
*cifsd-tools: set CIFSD_SHARE_FLAG_WRITEABLE flags if read only = no
*cifsd-tools: release cifsd-tools v2.0.2
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
The modemmanager.common file includes several utility functions that
are used in several places like the protocol handler and in hotplug
scripts. These utilities should not be installed in /etc as they're
not configuration.
Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
Unlike other modem protocol handlers like the ones implemented by uqmi
or umbim, in the modemmanager protocol handler the 'device' option
does not specify a device node in /dev. Therefore, we shouldn't flag
the option as 'device' type (dt_type_device).
Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
When a USB modem device is unplugged, we had to do two different
things: first, cleanup the sysfs cache; and second, set interface as
unavailable.
Those two things were never being done properly due to several
different issues:
* The parent sysfs path retrieval logic relies on checking for which
sysfs path has the vid/pid files. This logic obviously only works
when the device is available, and cannot be used on e.g. removal
events.
* The command to cleanup the modem wait status from the sysfs cache
was not removing the previous state properly, because the sysfs path
variable wasn't escaped properly for the sed command.
This patch handles those issues in order to have a proper device
removal handling, by making sure the sysfs path is properly escaped in
the sed command, and by introducing a new hotplug script that runs
when the full USB device is removed.
Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
The intended behavior is to has the buildbot select all the applets
as well as packages only selecting what they need. This should do it.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
* 5.01.9672 release
* Cedar: handle UDP acceleration and R-UDP versions
* Mayaqua: implement R-UDP version 2, powered by ChaCha20-Poly1305
* Cedar: implement UDP acceleration version 2, powered by ChaCha20-Poly1305
* Cedar: serve new web management interface
* Cedar: implement detailed protocol info
* Mayaqua: add Windows Server 2019 to the supported operating systems list
* Cedar: various fixes
* Cedar: add "DisableIPsecAggressiveMode" option
* Make install dir for unit files configurable
* Protocol.c: adapt ClientConnectGetSocket() for new proxy functions
* Wpc.c: adapt WpcSockConnectEx() for new proxy functions
* Protocol: add ProxyCodeToCedar()
* Move generic proxy stuff from Cedar to Mayaqua
* Proto_OpenVPN.c: improve OvsProcessData(), fix out-of-bounds access found by Coverity
* Proto_OpenVPN.c: fix segmentation fault in OvsProceccRecvPacket()
* Addressing the UDP reflection amplification attack: https://github.com/SoftEtherVPN/SoftEtherVPN/issues/1001
* Mayaqua.h: include <stdarg.h> for "va_list" on Illumos
* Protocol.c: fix bug in ClientConnectGetSocket() causing custom HTTP header not to work
* Mayaqua: move HTTP functions from "Network" to "HTTP"
* Move GetMimeTypeFromFileName() and related structure to Mayaqua
* Mayaqua.h: include <stdio.h> for "FILE"
* Mayaqua.h: include <stddef.h>, for "wchar_t"
* Bump mixin-deep in /src/bin/hamcore/wwwroot/admin/default
* - Fixed the problem occurs when RPC messages between Cluster Members exceed 64Kbytes. - Fixed the RADIUS PEAP client to use the standard TLS versioning. - Implementation of a function to fix the MAC address of L3 VPN protocol by entering e.g. "MAC: 112233445566" in the "Notes" field of the user information. - Implementation of a function to fix the virtual MAC address to be assigned to the L3 VPN client as a string attribute from RADIUS server when authentication.
* Updating built-in Win32 libraries - OpenSSL 1.1.1 -> 1.1.1d - zlib 1.2.3 -> 1.2.11
* Update strtable_cn.stb
* Avoid using hardcoded paths in log file enumeration
* Fix buffer overflow during NETBIOS name resolution
* Update SEVPN.sln
* Create strtable_pt_br.stb
* ci: display error if vpntest failed
* Fix several compile warnings on MS VC++ 2008.
* Enables crash minidump for Win32 vpntest. Minidump files will be saved to the 'C:\Users\<username>\AppData\Local\Temp\vpn_debug' (for normal user) or 'src\bin\vpn_debug\' (for administrator user).
* OpenVPN: use new protocol interface
* Add interface for easy protocol implementation
* add "no-deprecated" to openssl builds "no-deprecated" is widely used in openwrt devices
* Fix LibreSSL support
* Switch to OpenSSL THREADID API
* travis-ci: update openssl, libressl
* enable sonar-scan in travis-ci builds
* Virtual: fix race condition in DHCP server which resulted in multiple clients receiving the same IP
* Mayaqua: Fix compilation without deprecated OpenSSL APIs
* Mayaqua: Replace GNU specific sys/poll.h header with POSIX poll.h
* systemd: replace deprecated CAP_SYS_ADMIN with CAP_SYSLOG
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
This is useful to assign all traffic to a fw3 zone, e.g.:
/etc/config/ipsec:
config remote 'test'
list tunnel 'dev'
...
config 'tunnel' 'dev'
option reqid '33'
...
/etc/config/firewall:
config zone
option name wan
option extra_src "-m policy --pol none --dir in"
option extra_dest "-m policy --pol none --dir out"
...
config zone
option name vpn
# subnet needed for firewall3 before 22 Nov 2019, 8174814a
list subnet '0.0.0.0/0'
option extra_src "-m policy --pol ipsec --dir in --reqid 33"
option extra_dest "-m policy --pol ipsec --dir out --reqid 33"
...
Signed-off-by: Paul Fertser <fercerpav@gmail.com>
It seems that OpenSSL is bugged. While OpenSSL uses this code, it doesn't
export these defines anywhere. Match against the API version instead.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
* cifsd-tools: fix Assignment of a signed value which has type 'long'
* init: convert hide_dot_files to yes/no option
* 'read only = no' seems bugged for cifsd/smb.conf, so fix via 'writeable = yes'
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
As some ipq40xx CPUs support frequency scaling, enable building
collectd-mod-cpufreq for ipq40xx (for private builds) and
its package architecture brcm2708_bcm2709 (for buildbot)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Change deprecated options to a new one:
DetectBrokenExecutables to AlertBrokenExecutables
ArchiveBlockEncrypted to AlertEncrypted
Fixes: CVE-2019-12900 and CVE-2019-12625
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
* cifsd: fix uninitialized fp could be freed
* cifsd: fix potential uninitialized spnego_blob could be freed
* cifsd: smbd: replace spinlock_irqsave with spinlock
* cifsd: smbd: avoid the lack of client's send credits
* cifsd-tools: add version generation script
* cifsd-tools: do not abbrev git describe
* cifsd-tools: use 'unknown' version string if git describe fails
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
- This commit adds a config-option for JIT in libpcre(1).
According to research published on
https://rust-leipzig.github.io/regex/2017/03/28/comparison-of-regex-engines/
this should give a 10x performance increase on JIT operations
which can be desireable for high performance Apache mod_rewrite
or haproxy reqrep operations.
This option is available on all officially supported architecutres
which are listed on https://pcre.org/original/doc/html/pcrejit.html#SEC3.
Furthermore, it is enabled by default on the following
architectures: arm, i686, x86_64.
Signed-off-by: Christian Lachner <gladiac@gmail.com>