This adds a patch from Open embedded to fix compilation with glibc 2.34.
This patch was taken from here:
https://github.com/openembedded/meta-openembedded/blob/master/meta-networking/recipes-daemons/postfix/files/0007-correct-signature-of-closefrom-API.patch
It fixes the following build problem:
/builder/shared-workdir/build/sdk/staging_dir/toolchain-arc_arc700_gcc-11.2.0_glibc/include/unistd.h:366:13: error: conflicting types for 'closefrom'; have 'void(int)'
366 | extern void closefrom (int __lowfd) __THROW;
| ^~~~~~~~~
In file included from attr_clnt.c:87:
./sys_defs.h:1511:12: note: previous declaration of 'closefrom' with type 'int(int)'
1511 | extern int closefrom(int);
| ^~~~~~~~~
make: *** [Makefile:192: attr_clnt.o] Error 1
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
- [Bug]: Enhanced log output when connecting to servers that do not
support server-sig-algs extensions, making the new-as-of-2.9
defaulting to SHA2 pubkey algorithms more obvious when it kicks in.
- [Bug]: Connecting to servers which support server-sig-algs but
which have no overlap between that list and what a Paramiko client
supports, now raise an exception instead of defaulting to
rsa-sha2-512 (since the use of server-sig-algs allows us to know
what the server supports).
Signed-off-by: Javier Marcet <javier@marcet.info>
What's Changed
- compose images should list images of created containers by @kiniou
- Ignore missing (swarm) overlay networks by @ndeloof
- Remove intermediate containers when build succeeded in classic
build by @notok
- compose ps: fix typo "unknow" -> "unknown" by @webignition
- Add 2 modes test mechanism by @ulyssessouza
- Handle "stop" event by @ndeloof
- Only kill running containers by @ulyssessouza
- compose cp doesn't need a full project and can copy from stopped
containers by @ndeloof
- Add dependabot by @ulyssessouza
- Do not try to guess when to allocate a TTY and keep it as default
by @ulyssessouza
- Bump github.com/golang/mock from 1.5.0 to 1.6.0 by @dependabot
- Bump github.com/spf13/cobra from 1.2.1 to 1.3.0 by @dependabot
- Bump github.com/hashicorp/go-multierror from 1.1.0 to 1.1.1 by
@dependabot
- Bump github.com/buger/goterm from 1.0.0 to 1.0.3 by @dependabot
- Propagate GroupAdd from ServiceConfig to HostConfig by
@lancechentw
- Bump github.com/containerd/console from 1.0.2 to 1.0.3 by
@dependabot
- Bump github.com/AlecAivazis/survey/v2 from 2.2.3 to 2.3.2 by
@dependabot
- Added volume bind option SELinux label :z :Z by @tymonx
- Downgrade goterm to 1.0.1 by @ulyssessouza
Signed-off-by: Javier Marcet <javier@marcet.info>
1. updated to 24.2 (RN: https://github.com/erlang/otp/releases/tag/OTP-24.2)
2. added libstdcpp dependency
3. erlang-hipe was removed in upstream
(ref fccb8482ef)
everything related to erlang-hipe was removed from Makefile
4. updated and refreshed patches
5. host-compile ssl library forced to OpenWrt LibreSSL to avoid using system library
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
Update crowdsec-firewall-bouncer to latest upstream release version 0.0.21
Makefile rework
- use tagged version for download
Fixes
- set API_KEY in firewall bouncer config file
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
backport of upstream commit
3c66c1fec7
Original author: Nikhil Benesch <nikhil.benesch@gmail.com>
Remove unnecessary flag in macOS build
The configuration logic for adding the `-search_paths_first` linker
flag on Darwin does not correctly handle cross compilation. It should
check the value of $krb5_cv_host rather than `uname -s` to detect when
the compilation target is Darwin, rather than the build machine.
It turns out `-search_paths_first` has been the default behavior of ld
on macOS since XCode 4. So just remove that bit of logic entirely.
(The flag was added in commit acd27af0e8
in 2004; XCode 4 was released in 2010.)
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
With procd-ujail enabled, it is not possible to use HTTPS URLs, for
example when either for downloading torrent files or blocklists. The
followig example occurs when downloading a URL from the "Upload Torrent
Files" dialogue box:
Error adding
"https://releases.ubuntu.com/21.10/ubuntu-21.10-desktop-amd64.iso.torrent":
gotMetadataFromURL: http error 0: No Response
syslog will also hint that no CA_BUNDLE is being used:
transmission-daemon[6683]: [2021-12-30 20:01:30.990] web will verify
tracker certs using envvar CURL_CA_BUNDLE: none (web.c:455)
This patch rectifies this issue by adding a ca_bundle configurable,
enabled by default. This explicitly fixes the ca_bundle file location
to /etc/ssl/certs/ca-certificates.crt and adds this file to the procd
jail. On subsequent testing, HTTPS URL download functionality is
restored.
Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>
The delete variable was misspelled leading to devices always being
removed although they had connected neighbors.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Update crowdsec to latest upstream release version 1.2.2
Makefile rework
- use tagged version for download
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
Issue: 2to3 support has been removed in setuptools since version 58.0.0.
Fix: openwrt/packages#17311
Requirements: 2to3/host openwrt/packages#17429
Add upstream patch: 196c55e931
To install/build for python3 from source, it is necessary to convert to py3
codebase before setup (invoke 2to3 or ./fail2ban-2to3 firstly).
> ./fail2ban-2to3
> python3 setup.py build
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
lua-curl-v3 detects OS and changes compilation flags depends on OS.
If Darwin is detected then it adds GCC non-compatible flags.
OpenWrt is always Linux, OS detection is disabled via UNAME=Linux
as a part of MAKE_FLAGS
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
NTRU support has been removed in wolfssl 5.0 so it is required to
mask NTRU specific code if wolfssl >= 5.0
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
NTRU support has been removed in wolfssl 5.0 so it is required to
mask NTRU specific code if wolfssl >= 5.0
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
2to3 is a Python program that reads Python 2.x source code and applies a
series of fixers to transform it into valid Python 3.x code. The standard
library contains a rich set of fixers that will handle almost all code. 2to3
supporting library lib2to3 is, however, a flexible and generic library, so it
is possible to write your own fixers for 2to3. lib2to3 could also be adapted
to custom applications in which Python code needs to be edited automatically.
This tool is necessary for fail2ban package because of issue
https://github.com/openwrt/packages/issues/17311https://github.com/openwrt/packages/pull/17341
Simple 2to3.py script from Debian, thanks to Matthias Klose <doko@ubuntu.com>
From: https://salsa.debian.org/cpython-team/python3-defaults
Co-authored-by: Jeffery To <jeffery.to@gmail.com>
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
The next OpenWrt stable release aims to use firewall4 by default. As
this uses nftables as backend, miniupnpd will no longer work. Create an
iptables and nftables variant of the miniupnpd package so that miniupnpd
can be used with either firewall variant.
See #16818 for more info.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Since version 2.2.3, miniupnpd will detect MS clients and force IGDv1.
This reverts commit 7f5534ac7a.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Removed patches:
* 027-bpo-43158-Use-configure-values-for-building-_uuid-ex.patch
Already merged.
* 029-disable-deprecation-warning.patch
Packages should be patched/fixed to remove the use of distutils
instead of disabling this warning.
Also:
* Updates PKG_LICENSE to use the correct SPDX license identifier
* Fixes build for mipsel_24kc_24kf
Fixes https://github.com/openwrt/packages/issues/17217.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>