Something having to do with passing a file descriptor over spamd's
Unix socket causes the ClamAV milter to fail. The milter says "ERROR:
Unknown reply from clamd," and running strace on spamd reveals "No file
descriptor received. ERROR."
Some work by others can be found on the Internet that suggests using
a TCP socket for the communication between the milter and spamd fixes
this. Lucian Cristian confirmed this on OpenWrt.
I am not sure why the Unix socket does not work. I suspect it is something
related to musl, but I have not yet found evidence of this.
This merge request adds the option to configure spamd to use a TCP
socket, and it uses this as the default. The merge request also adds an
init script for clamav-milter.
Signed-off-by: W. Michael Petullo <mike@flyn.org>
Simplified bsd patch to be compatible with glibc. It's easier to just
use libbsd with glibc. Size shouldn't be an issue.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
* update to 4.13.3
* enable vfs io_uring module by default, if kernel supports it
* fix for possible exploit openwrt/packages#13758
* sanetize all external template/config inputs
* fix some shellcheck warnings
* remove old aio modules/deps
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
Version 8.2[0] added support for two new key types: "ecdsa-sk" and
"ed25519-sk". These two type enable the usage of hardware tokens that
implement the FIDO (or FIDO2) standard, as an authentication method for
SSH.
Since we're already on version 8.4 all we need to do is to explicitly enable
the support for hardware keys when compiling OpenSSH and add all the
missing dependencies OpenSSH requires.
OpenSSH depends on libfido2[1], to communicate with the FIDO devices
over USB. In turn, libfido2 depends on libcbor, a C implementation of
the CBOR protocol[2] and OpenSSL.
[0]: https://lwn.net/Articles/812537/
[1]: https://github.com/Yubico/libfido2
[2]: tools.ietf.org/html/rfc7049
Signed-off-by: Linos Giannopoulos <linosgian00@gmail.com>
libfido2 provides library functionality and command-line
tools to communicate with a FIDO device over USB, and to
verify attestation and assertion signatures.
libfido2 supports the FIDO U2F (CTAP 1) and FIDO 2.0 (CTAP 2) protocols.
Signed-off-by: Linos Giannopoulos <linosgian00@gmail.com>
Libcbor is a C library for parsing and generating CBOR[0],
the general-purpose schema-less binary data format.
[0]: https://tools.ietf.org/html/rfc7049
Signed-off-by: Linos Giannopoulos <linosgian00@gmail.com>
Add fadvise64_64 and fchmod syscalls needed on PowerPC platforms to
seccomp rules of transmission-daemon.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
No package version bump as no change to built package. URL now points
to current useful webpage, and description is based on current release.
Signed-off-by: Karl Palsson <karlp@tweak.net.au>
Rosen Penev
W. Michael Petullo
Josef Schlehofer
Nick Hainke
Tianling Shen
Andy Walsh
Linos Giannopoulos
Daniel Golle
Stan Grishin
Karl Palsson
Matteo Cicuttin