- UCI to take advantage of "qname-minimisation-strict:"
- UCI to block chaos reponses bind, server, and version
- UCI to limit or prefer recrusion over IP4 or IP6
Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
- UCI option dnsmasq_gate_name typo in few locations
- NTP hotplug to check /etc/init.d/unbound not ..dnsmasq
Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
- update_cloudflare_com_v4.sh: enclose urls in single quotes
- dynamic_dns_functions.sh: force to return only one ip, if using nslookup to get registered ip
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Update to new snapshot version. We also make IPV6 optional, and
conditionally selecting the udptunnel6 module, using the same trick that
the strongswan package also uses for this kind of dependency expression.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
When only kmod-openvswitch is enabled, which commonly happens during LEDE
release builds, there is no need to build the entire userland of openvswitch
as this is done at a later stage on systems dedicated to build only userspace
packages.
This change conditionalizes the dependency on python, which means that python
prerequisites are only compiled if the openvswitch-python package is enabled,
which allows us to eliminate the entire python dependency chain.
Furthermore, this change sets MAKE_PATH to the kernel module sub directory
if only kmod-openvswitch is enabled which causes the openvswitch build system
to only process sources related to the .ko files.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This patch prepares for another future package (ecdsautils),
which builds multiple binaries all linked to libuecc.
The changes are a direct copy of [1]. The original commit
message was:
> commit cb2ecbfdf0
> From: Matthias Schiffer <mschiffer@universe-factory.net>
> Date: Tue, 3 May 2016 21:33:34 +0200
> Subject: libuecc: use shared instead of static library
>
> Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
[1]: cb2ecbfdf0/patches/packages/openwrt/0007-libuecc-use-shared-instead-of-static-library.patch
Signed-off-by: Dominik Menke <dom@digineo.de>
modified Makefile to:
- stop service before install when updating reported at http://forum.lede-project.org/t/ddns-scripts-upgrade-issue/456/1
- run uci-defaults for all packages
- modify services files only on new installation
still some commands already covered by default_postinst() etc. but they are in there for backward compatibilty.
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
This version of ocserv needs us to explicitly specify the prefix
for libev. Add a --with-libev-prefix parameter to make the
configure stage to get the right library.
Signed-off-by: Angelo G. Del Regno <kholk11@gmail.com>
- History: prior to package 1.5.10-3 /var/lib/unbound was not used
- History: prior to package 1.5.10-4 no UCI scripts were provided
- Problem: UCI 'option manual_conf 1' only copied unbound.conf and root.key
- Problem: power users that had complex file nests cannot use this
- Fix: README.md includes instructions for /var/lib/unbound jail
- Fix: unbound.sh copies ALL of /etc/unbound for 'option manual_conf 1'
Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
- tld_names.dat.gz
- rename to public_suffix_list.dat.gz
- (re)created during build
- new location /usr/share
- move services files to /etc/ddns
- new services
- CloudFlare.com-v4 using API-Version 4 without using public_suffix_list.dat
- GoDaddy.com
- both depending on cURL package
- both with modified syntax for option domain ( NEW: [host[.subdom]@]domain.tld )
- new service
- Now-DNS.com formerly Now-IP.com
- service afraid.org now supports key-auth and basic-auth
- new command line options for dynamic_dns_updater.sh and dynamic_dns_updater.sh
- adapted ddns.init and ddns.hotplug to new command line options
- renaming config options inside section global
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Now that we don't ship any modules by default, znc might be started
without any modules. Unfortunately znc refuses to start without any
modules, so patch out the appropriate check.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
-unbound.sh implements the majority of requirements in README.md
-rootzone.sh reloads a small subset for alternate trigger maintenance
-unbound.init sets procd triggers on Unbound and dnsmasq (dhcp) UCI
-two part commit squashed with Makefile included
Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
-dnsmasq really provides nice local DHCP-DNS records
-Unbound host records would be clumsy to update
-Unbound can be configured to forward to dnsmasq
-iptools provided to facilitate PTR records
-flexible ipv6 colon notation is a bit complex
Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
-DNSSEC needs time, time needs ntp, or power off RTC
-Many consumer routers are cost thrifted without RTC
-Conf "val-override-date: -1" disables time inside DNSSEC
-Need restart as option is not dynamically switchable
-hotplug/ntp is used to set file /var/lib/unbound/unbound.time
-UCI will add or remove option depending on flag-like-file
Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
If libjson-c is detected during bind-libs configure phase, bind-libs
will be built with libjson support. This results in a missing dependency
error during install phase. Solve this by disabling libjson support.
This updates to the latest git version of acme.sh and drops the patch to
disable timestamps from the output (since that is now supported
upstream).
Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
This version handles transitioning from a previous certificate that was
issues using the staging server, adds more debug logging, and handles
state directories better if issuing fails.
Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>