Unbound UCI so far has limited forward configuration lacking
DNS over TLS connection setup tools. User override files
'unbound_srv.conf' and 'unbound_ext.conf' can implement this.
Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
They are missed out from the FIXUP check probably because of a flaw in
the fixup-makefile.pl script
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
uwsgi-cgi's build system requires CPP to be set to avoid using include
path from the build system. Otherwise it may wrongly detect
sys/capability.h of the host system and enables libcap support
CPP variable was once introduced into build system in 2017 but then
reverted in b957e45 ("rukes.mk: this patch broken grub2 builds")
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
libmariadb 10.2.x needs to be linked in together with iconv. On glibc
and musl iconv is part of libc. But on uclibc libiconv-full needs to be
used.
gnunet only has access to iconv on uclibc when BUILD_NLS is selected.
This commit adds hidden symbol GNUNET_HAS_ICONV_SUPPORT which sorts this
out.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
This add 2 variant of nginx so we can have package with SSL config flag preselected. This also add support for 2 more module and upgrade gninx to latest version. Also add myself as secondary maintainer to apply luci modification quickly.
Use of autoreconf to fix problems with recompilation on every new build (even if the version is the same). Add a patch to ignore on invalid configure option instead of trow error.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
The package was tested on raspberry pi 3. Geth needs about two hours to
fully sync the first try and uses an additional 250Mb of storage.
Signed-off-by: Mislav Novakovic <mislav.novakovic@sartura.hr>
Some of them forgot to update MIRROR_HASH on version change, others
updated with wrong hash value. The new values were generated from
tarballs prepared by the newly introduced github-tarball download
methoded and confirmed consistent with those from sources.openwrt.org
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
By default, libatomic is conditionally enabled on some platforms, but it's not
strictly necessary. We'll disable it here globally rather than introduce an
unnecessary dependency.
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
Make sure ccnet-server is running during the final setup step to avoid
an error creating django superuser
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
obfs4proxy is a Tor pluggable transport proxy, implementing obfs4.
This commit also includes obfs4proxy's build time dependencies:
* golang-github-agl-ed25519: Go implementation of Ed25519 signature
algorithm
* golang-github-dchest-siphash: Go implementation of SipHash-2-4
* golang-golang-x-crypto: Go supplementary cryptography libraries
* golang-golang-x-net: Go supplementary network libraries
* golang-golang-x-sys: Go packages for interaction with the OS
* golang-golang-x-text: Go text processing support
* golang-torproject-pluggable-transports-goptlib: Tor pluggable
transports library for Go
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Make OLA more useful for untrained users which depend on the built-in
webserver. We may split the ola package into smaller parts to allow
not having web-stuff in case this breaks the space-constraints for some
users.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Several required dependencies were added:
django-formtools
django-simple-captcha
django-webpack-loader
python-qrcode
python-requests
python-requests-oauthlib
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Added a patch applied upstream.
- Fix that table SystemInfo can't be created in sqlite db.
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Recent protobuf requires C++11 while OLA was forcing C++98 in order
to keep using auto_ptr without getting warnings... Use gnu++11 to make
everyone happy and live with the warnings about auto_ptr being
deprecated.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This adds an additional file for ngix that contains all the files need to make luci works on the nginx webserver.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
EdDSA support is optional and currently defaults to being disabled.
The following security issues are addressed with this update:
* An error in TSIG handling could permit unauthorized zone transfers
or zone updates. These flaws are disclosed in CVE-2017-3142 and
CVE-2017-3143.
* The BIND installer on Windows used an unquoted service path, which
can enable privilege escalation. This flaw is disclosed in
CVE-2017-3141.
* With certain RPZ configurations, a response with TTL 0 could cause
named to go into an infinite query loop. This flaw is disclosed in
CVE-2017-3140.
* Addresses could be referenced after being freed during resolver
processing, causing an assertion failure. The chances of this
happening were remote, but the introduction of a delay in
resolution increased them. This bug is disclosed in CVE-2017-3145.
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
When UCI local zone is private and static, Unbound covered private
addresses with defaults. Optional delegated global IP6 prefix
protection lacked a static zone, but it was prevented from appearing
in global DNS responses. Domain names router-as-TLD, "lan." and
"local." were static, but they lacked default SOA or NS such as
Unbound had assinged to private addresses. Clean up these local
zones UCI evaluation and block global DNS inclusion.
Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
A few bug fixes but importantly fix a deadlock on
AXFR configuration when notify occurs (auth-zone:)
Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
The internal nameservers and the DHCP default domain should be
squirted into /tmp/resolv.conf.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>