- Use HTTPS protocol for updating urls for afraid.org to protect the password.
- Bump/align package version number.
Signed-off-by: Kwonjin Jeong <gram25gwh@gmail.com>
Goes through firewalls easier.
Switched to xz tarball, which is both implicit and smaller.
Rearranged some stuff for consistency between packages.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
ntpd's configuration is stored in /var/etc, but the init script doesn't
create this directory. To be fair this folder is used by other packages
as well, for instance dnsmasq. Still, it's better not to rely on other
packages to create it.
Fixes: #10636
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
* update to 4.9.16
* cherry-pick some musl alpine/openembedded patches
* cleanup/remove AD-DC/Winbind options and related code
* build the compile_et via samba4/host
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* fix reload/restart not applying luci/smb.conf changes
* remove hotfix for 'read only = no' (fixed by upstream)
* update documentation, example
*cifsd: fix the lost of dos file attributes
*cifsd: store FILE_ATTRIBUTE_SPARSE into xattr
*cifsd: release v2.0.2
*cifsd-tools: add smb.conf.list file to show supported parameters list
*cifsd-tools: set CIFSD_SHARE_FLAG_WRITEABLE flags if read only = no
*cifsd-tools: release cifsd-tools v2.0.2
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
Replaces OpenWrt patch with upstream patch. Also removes
0002-Fix-check-for-empty-string.patch as this is included in upstream
OpenSSL 1.1.0 patch.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
This commit makes
- the libgd dependency (as well as specifying libs and includes)
- the configure argument "--with-cgi"
dependant on whether the package nut-web-cgi is selected.
nut-web-cgi is also added to PKG_CONFIG_DEPENDS.
Resolves: #10641
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
The modemmanager.common file includes several utility functions that
are used in several places like the protocol handler and in hotplug
scripts. These utilities should not be installed in /etc as they're
not configuration.
Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
Unlike other modem protocol handlers like the ones implemented by uqmi
or umbim, in the modemmanager protocol handler the 'device' option
does not specify a device node in /dev. Therefore, we shouldn't flag
the option as 'device' type (dt_type_device).
Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
When a USB modem device is unplugged, we had to do two different
things: first, cleanup the sysfs cache; and second, set interface as
unavailable.
Those two things were never being done properly due to several
different issues:
* The parent sysfs path retrieval logic relies on checking for which
sysfs path has the vid/pid files. This logic obviously only works
when the device is available, and cannot be used on e.g. removal
events.
* The command to cleanup the modem wait status from the sysfs cache
was not removing the previous state properly, because the sysfs path
variable wasn't escaped properly for the sed command.
This patch handles those issues in order to have a proper device
removal handling, by making sure the sysfs path is properly escaped in
the sed command, and by introducing a new hotplug script that runs
when the full USB device is removed.
Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
gdlib pc file doesn't set a version, so "pkg-config --modversion gdlib"
returns nothing. Also, the test
if test "$?" != "0" -a -n "${GD_VERSION}"; then
is wrong as pkg-config wouldn't return != 0 on success.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
* 5.01.9672 release
* Cedar: handle UDP acceleration and R-UDP versions
* Mayaqua: implement R-UDP version 2, powered by ChaCha20-Poly1305
* Cedar: implement UDP acceleration version 2, powered by ChaCha20-Poly1305
* Cedar: serve new web management interface
* Cedar: implement detailed protocol info
* Mayaqua: add Windows Server 2019 to the supported operating systems list
* Cedar: various fixes
* Cedar: add "DisableIPsecAggressiveMode" option
* Make install dir for unit files configurable
* Protocol.c: adapt ClientConnectGetSocket() for new proxy functions
* Wpc.c: adapt WpcSockConnectEx() for new proxy functions
* Protocol: add ProxyCodeToCedar()
* Move generic proxy stuff from Cedar to Mayaqua
* Proto_OpenVPN.c: improve OvsProcessData(), fix out-of-bounds access found by Coverity
* Proto_OpenVPN.c: fix segmentation fault in OvsProceccRecvPacket()
* Addressing the UDP reflection amplification attack: https://github.com/SoftEtherVPN/SoftEtherVPN/issues/1001
* Mayaqua.h: include <stdarg.h> for "va_list" on Illumos
* Protocol.c: fix bug in ClientConnectGetSocket() causing custom HTTP header not to work
* Mayaqua: move HTTP functions from "Network" to "HTTP"
* Move GetMimeTypeFromFileName() and related structure to Mayaqua
* Mayaqua.h: include <stdio.h> for "FILE"
* Mayaqua.h: include <stddef.h>, for "wchar_t"
* Bump mixin-deep in /src/bin/hamcore/wwwroot/admin/default
* - Fixed the problem occurs when RPC messages between Cluster Members exceed 64Kbytes. - Fixed the RADIUS PEAP client to use the standard TLS versioning. - Implementation of a function to fix the MAC address of L3 VPN protocol by entering e.g. "MAC: 112233445566" in the "Notes" field of the user information. - Implementation of a function to fix the virtual MAC address to be assigned to the L3 VPN client as a string attribute from RADIUS server when authentication.
* Updating built-in Win32 libraries - OpenSSL 1.1.1 -> 1.1.1d - zlib 1.2.3 -> 1.2.11
* Update strtable_cn.stb
* Avoid using hardcoded paths in log file enumeration
* Fix buffer overflow during NETBIOS name resolution
* Update SEVPN.sln
* Create strtable_pt_br.stb
* ci: display error if vpntest failed
* Fix several compile warnings on MS VC++ 2008.
* Enables crash minidump for Win32 vpntest. Minidump files will be saved to the 'C:\Users\<username>\AppData\Local\Temp\vpn_debug' (for normal user) or 'src\bin\vpn_debug\' (for administrator user).
* OpenVPN: use new protocol interface
* Add interface for easy protocol implementation
* add "no-deprecated" to openssl builds "no-deprecated" is widely used in openwrt devices
* Fix LibreSSL support
* Switch to OpenSSL THREADID API
* travis-ci: update openssl, libressl
* enable sonar-scan in travis-ci builds
* Virtual: fix race condition in DHCP server which resulted in multiple clients receiving the same IP
* Mayaqua: Fix compilation without deprecated OpenSSL APIs
* Mayaqua: Replace GNU specific sys/poll.h header with POSIX poll.h
* systemd: replace deprecated CAP_SYS_ADMIN with CAP_SYSLOG
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
This is useful to assign all traffic to a fw3 zone, e.g.:
/etc/config/ipsec:
config remote 'test'
list tunnel 'dev'
...
config 'tunnel' 'dev'
option reqid '33'
...
/etc/config/firewall:
config zone
option name wan
option extra_src "-m policy --pol none --dir in"
option extra_dest "-m policy --pol none --dir out"
...
config zone
option name vpn
# subnet needed for firewall3 before 22 Nov 2019, 8174814a
list subnet '0.0.0.0/0'
option extra_src "-m policy --pol ipsec --dir in --reqid 33"
option extra_dest "-m policy --pol ipsec --dir out --reqid 33"
...
Signed-off-by: Paul Fertser <fercerpav@gmail.com>
* cifsd-tools: fix Assignment of a signed value which has type 'long'
* init: convert hide_dot_files to yes/no option
* 'read only = no' seems bugged for cifsd/smb.conf, so fix via 'writeable = yes'
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
Change deprecated options to a new one:
DetectBrokenExecutables to AlertBrokenExecutables
ArchiveBlockEncrypted to AlertEncrypted
Fixes: CVE-2019-12900 and CVE-2019-12625
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
* cifsd: fix uninitialized fp could be freed
* cifsd: fix potential uninitialized spnego_blob could be freed
* cifsd: smbd: replace spinlock_irqsave with spinlock
* cifsd: smbd: avoid the lack of client's send credits
* cifsd-tools: add version generation script
* cifsd-tools: do not abbrev git describe
* cifsd-tools: use 'unknown' version string if git describe fails
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* Update nextdns to version 1.1.5 which adds IPv6 dual stack support.
* Add the ability to configure per host configuration id from uci.
Signed-off-by: Olivier Poitrey <rs@nextdns.io>
* some init tweaks
* use the usual wifi wrapper for reloads
* compatibility fix for latest wifi-related changes
in master (dynamic wireless radio reconfiguration)
Signed-off-by: Dirk Brenken <dev@brenken.org>
Fix breaking change introduced in the main tree with a commit
7519a36774ca ("base-files,procd: add generic service status") where the
old service `status` callback function doesn't work anymore and needs to
be renamed to `status_service`. This name was chosen for consistency
with start and stop function callbacks, which are using `start_service`
and `stop_service` naming schemes.
While at it, fix whitespace issues in the status_service as well.
Ref: http://lists.infradead.org/pipermail/openwrt-devel/2019-September/019035.html
Reported-by: Dirk Brenken <dev@brenken.org>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This change:
* Removes building of Lua bindings. These bindings were already removed
upstream[1].
* Fixes building of Python bindings:
* Fix SWIG_DIR path (note that SWIG_VERSION will need to be updated
whenever the swig package is upgraded)
* Fix Python module paths and filenames
* Packages the Python bindings in a new package (python3-sysrepo) and
builds it by default, instead of depending on a config option.
[1]: https://github.com/sysrepo/sysrepo/pull/1429
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
When the user requests 'any' as 'iptype', we may get either IPv4 or
IPv6 settings.
Simplify the logic by not requiring any explicit iptype before loading
the method reported by the bearer object for IPv4 and IPv6; just load
the methods right away and setup settings based on those.
Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>