Remove several configure options. apr-(utils) has been fixed, which
makes them useless. Also removed PKG_BUILD_DEPENDS for that reason.
Simplify NLS with autoreconf_bool.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Added a patch to remove BUILDCXXFLAGS. For some reason, TARGET_CXXFLAGS
are leaking.
Removed custom Build/Compile section. There's already PKG_INSTALL.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Updating the system image or the package should not obliterate
the downloaded/unpacked geolocation database. If you use xt_geoip
in /etc/firewall.user you don't want the database disappearing
when sysupgrade runs and then reboots your system as you'll be
left exposed.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Major change for version 3.3.1 are:
* Fix a segfault issue in ksmbd.mountd.
* Reorganize ndr write functions.
Major changes for version 3.3.0 are:
* Add samr and lsarpc RPC support.
* Generate subauth values for domain.
* Add Kerberos support.
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Unlike ipv4, this option is supposed to be an IP address, otherwise, an
error occurs on startup:
can't parse "br-lan" as valid IPv6 listening address
Signed-off-by: Jitao Lu <dianlujitao@gmail.com>
OpenVPN recommends disabling compression, as it may weaken the security
of the connection. For users who need compression, we build with LZ4
support by default. LZO in OpenVPN pulls in liblzo at approx. 32 kB.
OpenWrt users will no longer be able to connect to OpenVPN peers that
require LZO compression, unless they build the OpenVPN package themselves.
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
New features:
* Per client tls-crypt keys
* ChaCha20-Poly1305 can be used to encrypt the data channel
* Routes are added/removed via Netlink instead of ifconfig/route
(unless iproute2 support is enabled).
* VLAN support when using a TAP device
Significant changes:
* Server support can no longer be disabled.
* Crypto support can no longer be disabled, remove nossl variant.
* Blowfish (BF-CBC) is no longer implicitly the default cipher.
OpenVPN peers prior to 2.4, or peers with data cipher negotiation
disabled, will not be able to connect to a 2.5 peer unless
option data_fallback_ciphers is set on the 2.5 peer and it contains a
cipher supported by the client.
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
reload_server() gracefully with SIGUSR1 to lighttpd
relog() to reopen log files with SIGHUP to lighttpd
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
* update upstream version to lighttpd-1.4.56
* depend on Nettle for MD5, SHA1, SHA256
* multiple TLS options: gnutls, mbedtls, nss, openssl, wolfssl
* new module mod_authn_dbi
* mod_authn_* depend on mod_auth
* mod_authn_file is included if mod_auth is selected in build
* mod_vhostdb_* depend on mod_vhostdb
* mod_deflate subsumes mod_compress
* remove from Makefile the include of nls.mk (no longer needed)
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>