* fix another vpn corner case
* add support for javascript based captive portals (location.href)
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 3ae7a46b82)
wolfssl/options.h needs to be included before the other wolfssl headers
to enable OpenSSL API required to build the package.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 8fb3fd3dac)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
(cherry picked from commit 591f8cad33)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
(cherry picked from commit 9b1cdb7b52)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
This is the latest commit that touches the xr_usb_serial_common-1a dir.
The changes are restricted to whitespace fixes and kernel version
adaptations:
ecc6ebe xr_usb: Use tty_driver_kref_put for kernel 5.15 and above
caf6d25 xr_usb: Use tty_alloc_driver for kernel 5.15 and above
a42b7e6 xr_usb: Compilation fixes for kernel 5.14
497adb7 #39 fix compilation for newer linux kernels
9103471 xr_usb: fix some whitespace errors
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit eadab32450857dcb98ceb55fbddc8b2a30660a7c)
libarchive looks for ext2fs headers during configure, and if it finds
them it will expect to find them during compile, or on the rare occasion
when they aren't it will fail:
libarchive/archive_entry.c:59:55: fatal error: ext2fs/ext2_fs.h: No such file or directory
As we just need headers for some type constants, let's re-use headers
from tools/e2fsprogs package which are always available.
Reported-by: Adam Dov <adov@maxlinear.com>
Suggested-by: Paul Eggleton <paul.eggleton@linux.intel.com>
References: https://git.yoctoproject.org/poky/commit/?id=f0b9a7cf9f80be1917e45266fa201f464a28c1e5
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 797945dfaa)
Update to v16.16.0
Release for the following issues:
HTTP Request Smuggling - Flawed Parsing of Transfer-Encoding (Medium)(CVE-2022-32213)
HTTP Request Smuggling - Improper Delimiting of Header Fields (Medium)(CVE-2022-32214)
HTTP Request Smuggling - Incorrect Parsing of Multi-line Transfer-Encoding (Medium)(CVE-2022-32215)
DNS rebinding in --inspect via invalid IP addresses (High)(CVE-2022-32212)
https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
No vulnerabilities related with openssl (uses system openssl)
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
(cherry picked from commit 8db0d09823)
This also:
* Adds PKG_SOURCE_DATE and PKG_SOURCE_VERSION to PKG_VERSION (by
default, when PKG_VERSION is defined, PKG_SOURCE_DATE and
PKG_SOURCE_VERSION are not used)
* Fixes package copyright
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 2dd1c17626)
Few minor changes, like -h flag for program (help).
Added URL to package definition.
No new version release with version number, so version stays
as is, but pkg_release is still bumbed with this commit.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit 8f66090160)
* various vpn fixes/optimizations (run tested by forum users)
* refine several log statements
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit cf1f9dc933)
- Handle bool values correctly. We get the values as bool, but collectd
requires a bool value to be numeric in the range [0, 1].
- Remove profile and mode values. Those are strings, which cannot be
represented by collectd.
- Update collectd type for some values.
- Fix latn value being present twice.
Signed-off-by: Dominik Riebeling <bluebrother@posteo.de>
(cherry picked from commit eb632da5bb)
youtube-dl is still maintained, but moves very slowly and many other
distributions instead package an active fork, yt-dlp.
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
(cherry picked from commit 89710ac588)
glib2's meson.build runs check cc.has_function('ngettext', args :
osx_ldflags) and, if successful, it never looks for non-libc libintl.
For musl and glibc this test is always successful.
glib2 unconditionally sets ENABLE_NLS, so during compile <libintl.h>
gets included always. But then we have a disconnect when the OpenWrt pkg
is being built with BUILD_NLS=y, because the <libintl.h> will be from
libintl-full but glib2 will not link to libintl-full.
With BUILD_NLS=n there's no problem, because the <libintl.h> will be
from libc.
In lieu of proper libintl detection in glib2's meson build, removing the
SED call from the Makefile together with the added patch sorts this out.
The SED call can be removed because when we force libintl-full use, the
meson build will put the necessary linker flag into the pkg-config file
itself.
Alpine Linux does something similar (see [1]), but they always force
the use of the external libintl. I assume they always go for full NLS
support.
[1] https://git.alpinelinux.org/aports/tree/main/glib/musl-libintl.patch
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
(cherry picked from commit 721838ddd4)
Use nft instead of iptables to open port 80 in the firewall when getting a
cert. Since nft doesn't allow deleting a rule by its contents, capture and
save the handle when creating the rule, and use that to delete.
Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
(cherry picked from commit d926da5182)
- Update 11 minor version to match the upstream
- Rename patches dir to reflect new gcc 11 minor version
- Drop upstream patch
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 4db8466a14)
This is based on the toolchain GCC, and aims to share as much of its
Makefile and patches with that definition. The package requires two
additional patches:
(1) 003-dont-choke-when-building-32bit-on-64bit.patch, which fixes the
`error: size of array 'test_real_width' is negative` error that occurs
when building a 32-bit GCC on a 64-bit host. (Search the Internet for
examples of this error appearing.)
(2) 980-add-nostdinc++.patch, which backports a fix from 11.3.0 (11.2.0
only).
Signed-off-by: W. Michael Petullo <mike@flyn.org>
(cherry picked from commit ceaa6e840e)
luajit provides higher performance for requests handled in Lua hooks.
It also enables access to dnsdist functionality only exposed via FFI,
and allows configurations/hooks to call functions in any C library
without providing separate bindings.
Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
(cherry picked from commit 283b269c7c)
The postinst script is sourced during image build, which causes the
follow failure:
/home/stijn/Development/OpenWrt/openwrt/build_dir/target-x86_64_musl/root-x86/etc/init.d/lxc-auto: line 3: /lib/functions.sh: No such file or directory
postinst script ./usr/lib/opkg/info/lxc-auto.postinst has failed with exit code 1
Sourcing /lib/functions.sh is not needed, as /etc/rc.common does so
already. Unfortunately removing that line from the init script is not
enough to fix the problem. The postinst script should also check
IPKG_INSTROOT. As these two changes are unrelated, they should go in
separate commits, and the solution to the image build problem is to
revert the commit that introduced the breakage.
This reverts commit 2cde10b950.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 039912dec5)
otherwise, a user would have to either manually run /etc/init.d/lxc-auto
boot or reboot the system to start using lxc.
originally committed in 2cde10b950
reverted in 039912dec5
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
(cherry picked from commit 7da7356539)