If a service section is not presented in the configuration then stunnel will
always start anyway. This ends in a crash loop because the configuration is not
valid.
Checking in "uci" mode if a service section is presented and only then
start the stunnel service will solve this issue.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Do not send a SIGHUP on reload configuration let procd restart the
service with stop/start. This is saver.
Add uci generated stunnel file to procd "file" attribute to
reload/restart the stunnel service.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* add config_path option since the controller mode needs a persisting path to be used
* add patch to fix a bug in the controller code (https://github.com/zerotier/ZeroTierOne/issues/553)
* disable zerotier by default, as the default settings let it connect to a public network
Signed-off-by: Moritz Warning <moritzwarning@web.de>
Supersedes #5173 and bumps the version to latest. Tested on ramips (mt7621).
Signed-off-by: Eugene Chekanskiy <echekanskiy@gmail.com>
Signed-off-by: Rosen Penev <rosenp@gmail.com>
That is, since we don't require gssapi or libpskc, avoid
accidental builds with it.
Closes#5474
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
- remove upstreamed patch
- remove dependency to libavahi-common which does not exist,
seems that I have confused library name vs package name (fixes#5480)
(- only compile tested at the moment)
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
matrixssl is still in the oldpackages repo,
so coova-chilli should not depend on it.
Remove the config option for selecting matrixssl lib
and the dependency declaration.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
A vulnerability was discovered in the processing of wildcard synthesized
NSEC records. While synthesis of NSEC records is allowed by RFC4592,
these synthesized owner names should not be used in the NSEC processing.
This does, however, happen in Unbound 1.6.7 and earlier versions.
(see https://unbound.net/downloads/CVE-2017-15105.txt)
Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
OpenWrt build now outputs WARNING on dependencies issues, for exemple
"WARNING: Makefile 'package/feeds/packages/coova-chilli/Makefile' has a dependency on 'libmatrixssl', which does not exist"
Relax the check for now
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
There have been some new dependencies added in recent versions of
Twisted (mostly internal classes that have been spun out into their own
libraries):
* constantly (#5453), since 16.5.0
* incremental (#5454), since 16.5.0
* Automat (#5456), since 17.1.0
* hyperlink (#5455) since 17.5.0
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
When using the configuration under "Unbound and odhcpd" in the package's
README.md, the scripts generated a malformed config file for unbound, due
to an "ip route" command giving extra output lines with the string
"anycast" where the awk script expects an address. These are now filtered.
Signed-off-by: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us>
The collectd network plugin has the ability to sign and/or encrypt its
traffic, allowing secure interaction with other collectd instances. This
had been disabled due to issues with the collectd build system.
Fix up the configure parameters to work correctly and re-add the option.
Signed-off-by: Jonathan McDowell <noodles@earth.li>
New upstream release fixes the following security issues:
* CVE-2017-3145: BIND was improperly sequencing cleanup operations on
upstream recursion fetch contexts, leading in some cases to a use-after-free
error that can trigger an assertion failure and crash in named.
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
For python `src` packages we should clear out the DEPENDS
to prevent recursive deps from happening.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>