Drop the config knobs '*_address' and introduce '*_interface'
and '*_ipv6' instead.
'*_interface' takes an openwrt interface name ('loopback', 'lan',
'wan' etc), from which the primary IP is used to listen on. If
the matching '*_ipv6' is set to '1', the IPv6 adress will be used,
IPv4 elsewise.
procd interface triggers are now combined with this, so if a listen
interface is not yet configured when the init script is executed, the
process start is defered, and the trigger takes care of that once
the interfaces are ready.
Signed-off-by: Andre Heider <a.heider@gmail.com>
This is not supported by letsencrypt, so issuing the certificate will fail.
Instead, add 3072 bits as an intermediate option.
Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
As pointed out by @andersk, acme.sh already supports ECC certificates, and
they can be set manually in the uci file, just not in Luci. Fix this by
changing the key size selector into a listbox, and adding ECC certs as
options.
Fixes#7825.
Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
Update the packaging to use the generic bits by @commodo.
Radicale 2.x requires Python3 and python-dateutils, so
build for Python3 as well.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
This change upgrades the version of pyasn1-modules to version 0.2.3.
Run-tested on an x86 VM.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Fix a crashloop under procd when attempting to bind
to any address when no interfaces are yet available.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
It hasn't been maintained for years and doesn't have recent features such as AEAD crypto and IPv6.
(The "recent" update is fix compilation without deprecated OpenSSL APIs, which is made by Rosen Penev)
It has been superseded by shadowsocks-libev, which is recently maintained by community and has LuCI frontend.
Despite its smaller size, it depends on OpenSSL, which is way larger than MbedTLS, the one shadowsocks-libev used. Thus, it doesn't really fit in space-constrained devices.
Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
The configure script checks for the existence of OpenSSL by checking a
deprecated function. This works around it. The other changes have been done
previously
Signed-off-by: Rosen Penev <rosenp@gmail.com>
* add automatic blocklist backup & restore, they will be used
in case of download errors or during startup in backup mode
* add a 'backup mode' to re-use blocklist backups during startup,
get fresh lists via reload or restart action
* procd interface trigger now supports multiple WAN interfaces
* change URL for abuse.ch/feodo list source in default config
* small fixes
* update readme
Signed-off-by: Dirk Brenken <dev@brenken.org>
This package install both server client and bridge app... This is useless if someone needs to run only the server on the device. Split the package in 3 subpackage and a base package that contains file needed by all 3. This also upgrade the package to latest release to fix some bug and memory leak.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
Update to 1.15.8. Also use HTTPS
PKG_VERSION (nginx version) in 3rd-party modules tarball filename is dispensable and can be dropped to avoid unnecessary downloading
Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
Also drop the CVE patches which are already covered by this new release.
Compile tested for and run tested on mxs platform.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Andre Heider
Michael Heimpold
Jan Pavlinec
Hannu Nyman
Andy Walsh
Rosen Penev
Toke Høiland-Jørgensen
Saverio Proto
Daniel F. Dickinson
Alexandru Ardelean
Deng Qingfang
Dirk Brenken
Terry Stockert
Ansuel Smith
Ted Hess
Vladimir Ulrich