- DNS Flag Day 2020
(default EDNS buffer size changed from 4096 to 1232 bytes)
-- Added patch, which should be part of the next release
It fixes an issue while cross-compilation (I linked it in the commit
message with issue link)
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
When the ModemManager daemon is started by the init script, we're
explicitly calling mm_report_events_from_cache() so that all the
hotplug events that happened before that moment are properly notified
to the newly launched daemon.
This initial reporting of events does a wait for the ModemManager
process to be available in DBus, and if the daemon isn't registered in
the bus in a given time, the process is considered failed:
Sun Sep 6 16:20:02 2020 ModemManager: hotplug: checking if ModemManager is available...
Sun Sep 6 16:20:02 2020 ModemManager: hotplug: ModemManager not yet available
Sun Sep 6 16:20:03 2020 [2180]: <info> ModemManager (version 1.14.6) starting in system bus...
Sun Sep 6 16:20:03 2020 ModemManager: hotplug: checking if ModemManager is available...
Sun Sep 6 16:20:04 2020 ModemManager: hotplug: ModemManager not yet available
Sun Sep 6 16:20:05 2020 ModemManager: hotplug: checking if ModemManager is available...
Sun Sep 6 16:20:05 2020 ModemManager: hotplug: ModemManager not yet available
Sun Sep 6 16:20:06 2020 ModemManager: hotplug: checking if ModemManager is available...
Sun Sep 6 16:20:06 2020 ModemManager: hotplug: ModemManager not yet available
Sun Sep 6 16:20:07 2020 ModemManager: hotplug: checking if ModemManager is available...
Sun Sep 6 16:20:07 2020 ModemManager: hotplug: ModemManager not yet available
Sun Sep 6 16:20:08 2020 ModemManager: hotplug: checking if ModemManager is available...
Sun Sep 6 16:20:08 2020 ModemManager: hotplug: ModemManager not yet available
Sun Sep 6 16:20:09 2020 ModemManager: hotplug: checking if ModemManager is available...
Sun Sep 6 16:20:09 2020 ModemManager: hotplug: ModemManager not yet available
Sun Sep 6 16:20:10 2020 ModemManager: hotplug: checking if ModemManager is available...
Sun Sep 6 16:20:10 2020 ModemManager: hotplug: ModemManager not yet available
Sun Sep 6 16:20:11 2020 ModemManager: hotplug: checking if ModemManager is available...
Sun Sep 6 16:20:11 2020 ModemManager: hotplug: ModemManager not yet available
Sun Sep 6 16:20:12 2020 ModemManager: hotplug: checking if ModemManager is available...
Sun Sep 6 16:20:12 2020 ModemManager: hotplug: ModemManager not yet available
Sun Sep 6 16:20:12 2020 ModemManager: hotplug: error: couldn't report initial kernel events: ModemManager not running
Update the default wait time for this initial event notification from
10s to 60s, because there are cases where the daemon is slower to
boot, e.g. during the first boot after a sysupgrade.
Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
Extend configuration of NTP sources in UCI:
- Add nts option to enable NTS
- Add disabled option to allow inactive sources
Add nts section to UCI with:
- rtccheck option to disable certificate time checks on systems that
don't have an RTC to avoid the chicken-and-egg problem (it is less
secure, but still should be better than no NTS at all)
- systemcerts option to disable system certificates
- trustedcerts option to specify path to trusted certificates
Save NTS keys and cookies by default to avoid unnecessary NTS-KE
sessions when restarted or switching back to an already used NTS source.
Also, save the drift to stabilize the clock after chronyd restart.
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
- Use the chronyc onoffline command to update state of all sources
per current routing configuration
- Don't ignore the "ifupdate" action
- Add NTP servers from DHCP for the interface that went up instead of
the wan4+wan6 interfaces
- Save the servers to files loaded by the sourcedir directive to not
lose them when chronyd is restarted, and remove them when the
interface goes down
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
Instead of loading /etc/chrony/chrony.conf from the file generated from
the chrony UCI configuration, use the confdir directive in the main
config to load the generated file. This should make it obvious that
chrony is configured in UCI and it can also be easily disabled.
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
If relay/bridge support isn't required, this variant is about 300 kiB smaller
than the full tor daemon.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Extracted from:
http://deb.debian.org/debian/pool/main/i/ifstat/ifstat_1.1-8.1.diff.gz
Note that I also created a new git repository with these fixes:
https://github.com/matttbe/ifstat/
The original author of these modification is:
Goswin von Brederlow <goswin-v-b@web.de>
ChangeLog:
* snmp.c: fix 2 pointer targets differ in signedness warnings
* Adding upport for 64bit /proc/net/dev counters.
* Clean up compiler warnings.
More modifications are available in the patch from the Debian project
but mostly related to the "debian" dir, man page and debug mode. Here I
only took the modifications related to the .c and .h files.
The most important fix is related to the support for 64bit counters in
/proc/net/dev instead of displaying 0 after a while.
Signed-off-by: Matthieu Baerts <matthieu.baerts@tessares.net>
- support trailing route space from iproute2
- add routes even when iface is down
- fix source_routing argument check
- add quotes in logging to better detect issues with trailing spaces
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
Contains following list of changes:
ab4c3471b261 tests: add cram based unit tests
7b4e3241e1bd tests: add cgi-io built with clang sanitizers
21831f45d16d Disable session ACLs during unit testing
2f525417b5df Add initial GitLab CI support
57f1c4f18cb6 Add .gitignore
09f9ac5066ee Fix off-by-one in postdecode_fields
ed8ce0d5d28b Add fuzzing of utility functions
a61581819800 Add fuzzing of multipart_parser
6b0615b728ed Refactor utility functions into static library
a0ed2c9a7a72 Fix clang compiler errors
232659da19a4 Fix possible NULL dereference
8e5719b37a67 Fix warnings reported by clang-10 static analyzer
b99aa8a64cca Remove Makefile
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Allows the Makefile to be cleaned up and to have fewer dependencies.
There's no need for multiple TLS libraries to be installed.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
openconnect v8.10 supports 4 VPN protocols
--protocol=anyconnect Compatible with Cisco AnyConnect SSL VPN, as well as ocserv (default)
--protocol=nc Compatible with Juniper Network Connect
--protocol=gp Compatible with Palo Alto Networks (PAN) GlobalProtect SSL VPN
--protocol=pulse Compatible with Pulse Connect Secure SSL VPN
This patch allows user to specify protocol use the new "vpn_protocol"
option and deprecate the old option "juniper" which seems to be missing in
the current openconnect client.
Signed-off-by: Mengyang Li <mayli.he@gmail.com>
version 8.2.6 (October 19, 2020):
- try and address license concerns with LICENSE.md
- replace usleep with nanosleep (Rosen Penev <rosenp@gmail.com>)
- console: Add 'k' option to exit on console-down (Mylène Josserand <mylene.josserand@collabora.com>)
- Fix#48 - apply ipv4 CIDR access list when compiled with ipv6 support
Signed-off-by: Bjørn Mork <bjorn@mork.no>
The additional directory is created and can be used e.g. for configurations
which are created e.g. dynamically from an uci config.
Signed-off-by: Helge Mader <ma@dev.tdt.de>
For applications writing their own xinetd configuration to the /etc/xinetd.d
directory it would be necessary to save them (e.g. a user edits them manually)
Signed-off-by: Helge Mader <ma@dev.tdt.de>
When the interface section was changed, the changed configuration
options were not applied.
This commit adds the service reload handling again.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* switch all safesearch providers to dynamic ips (derived from cname)
* made the new safesearch approach compatible with bind-nslookup
* removed 3.x config compatibility code
Signed-off-by: Dirk Brenken <dev@brenken.org>
Django 3.1 supports relative paths for static_url.
Use it to make it more flexible.
Minor fixes for upgrade:
* ignore-fail-on-non-empty for rmdir /usr/share/etesync-server/etesync_server
* do not stop service (it is stopped already and init file is removed)
Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at>
The underlying `acme.sh` allows custom ACME server URLs (using `--server`). Adding the necessary field to specify a custom ACME server URL from UCI.
Signed-off-by: Jannis Pinter <jannis+openwrt@pinterjann.is>
Use "mwan3 use" to wrap a command with interface bindings so that you can
avoid the mwan3 rules and test behavior on a specific interface.
eg "mwan3 use wan ping -c1 1.1.1.1"
Additional binding arguments to the command will have their system
calls intercepted and ignored.
eg "mwan3 use wan ping -c1 -I tun0 1.1.1.1" will use the
device associated with "wan", rather than "tun0".
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
Rather than using a special mwan3 user to manage mwan3track's tracking
packets, this commit implements a small helper library to bind to
device and to set a fwmark so that the tracking packets can be routed
out of the correct interface.
This provides a consistent method for binding to a device rather than
relying on various packages potentially buggy implementations. For
example: #8139 and #12836
This helper issue also allows for more tracking methods to be added
even if they do not have a command line option to bind to device,
such as iperf3 (eg #13050).
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
Josef Schlehofer
Aleksander Morgado
Miroslav Lichvar
Yousong Zhou
Aaron Goodman
Daniel Golle
Jan Pavlinec
Florian Eckert
Jannis Pinter
Rui Salvaterra
Matthieu Baerts
Petr Štetiar
Daniel Salzman
Rosen Penev
Olivier Poitrey
Jan Hak
Mengyang Li
Bjørn Mork
Lucian Cristian
Richard Gering
Helge Mader
Joel Johnson
Meano
Pavel Demkovich
Matthias Schiffer
Dirk Brenken
Peter Stadler
Jannis Pinter
James White