Compile tested: arm_cortex-a15_neon-vfpv4, TP-Link Archer C2600, master
Run tested: TP-Link Archer C2600
Change log for v2.99:
[FIX] Fixed broken JSON parsing (include missing uuid_site).
[FIX] FreeBSD: Fixed 10x support.
[FIX] OPNsense: Fixed path to xmllint.
[IMP] Switched to libtcmalloc minimal.
[IMP] Added metadata extraction from SSDP queries/responses.
[IMP] Added automatic building of bundled gperftools when enabled.
[IMP] Removed bundled packages that are no longer needed.
[IMP] Always display JSON status even when stale.
[IMP] CentOS: Added support for CentOS 8.
[IMP] CentOS: Removed support for CentOS 6.
[IMP] OPNsense: Added support for OPNsense 19x.
Signed-off-by: Darryl Sokoloski <darryl@sokoloski.ca>
Instead of the default nginx.conf file this file is a small variant
without examples that enables the /etc/nginx/conf.d/ directory.
It will pull in all configuration files from the conf.d directory.
So, other packages can add their server parts in the conf.d directory
without modifying the main nginx.conf file (cf. #9860).
Changed also the default logging behavior:
error_log stderr; # the init forwards it to logd
access_log off;
See the updated documentation at:
https://openwrt.org/docs/guide-user/services/webserver/nginx
Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at>
Hurricane Electric provides a free IPv6inIPv4 tunnel. It changed its ipv4 ddns service, fully needed to keep the ipv6 tunnel up, to the domain tunnelbroker.net. Besides, the old he.net script was bugged because it doesn't had a [USERNAME] placement but instead two [DOMAIN]. The new tunnelbroker.net update URL, still provided by Hurricane Electric, is https://[USERNAME]:[PASSWORD]@ipv4.tunnelbroker.net/nic/update?hostname=[DOMAIN]&myip=[IP] and it gets the response good or nochg
Signed-off-by: Euler Alves <euler@alves.pro.br>
(fixed-signed-off-by and prefixed)
Signed-off-by: Rosen Penev <rosenp@gmail.com>
PKG_RELEASE was incremented to 15 because of a fix in files/services
Signed-off-by: Euler Alves <euler@alves.pro.br>
(fixed-signed-off-by and prefixed)
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Since commit a62c0e5 apu-1-config is no longer being stipped down with
regards to being called with "--link-libtool". Example:
$ ./staging_dir/target-mips_24kc_musl/usr/bin/apu-1-config --link-libtool
-L/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/lib -R/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/lib -laprutil-1
$
Before the mentioned commit the "-R" argument was stripped off. And when the
Makefile adds this to TARGET_LDFLAGS this then ends up in the compiler test, as
an argument for the compiler, causing build failure:
checking whether the C compiler works... no
configure: error: in `/builder/shared-workdir/build/sdk/build_dir/target-arm_mpcore+vfp_musl_eabi/subversion-1.13.0':
configure: error: C compiler cannot create executables
config.log shows what's wrong:
configure:3140: x86_64-openwrt-linux-musl-gcc -Os -pipe ... <snip> ... -R/home/sk/tmp/sdk/master-x86-64/staging_dir/target-x86_64_musl/usr/lib -laprutil-1 conftest.c >&5
x86_64-openwrt-linux-musl-gcc: error: unrecognized command line option '-R'
This commit does away with these flags, they're not needed anyway. FPIC
is also removed, because it's detrimental to the applications [1] and
unnecessary as well.
Fixes: #11139
[1] https://wiki.gentoo.org/wiki/Project:Hardened/Position_Independent_Code_internals
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
In OpenWrt this module is available, but not part of the main package.
This commit disables the LoadModule directive for this module. Otherwise
following the installation of the main apache package the start of the
server would fail (due to the absence of this particular module).
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
This way there's no need to worry about overwriting another httpd binary
or symlink from another package, for example busyboxes httpd.
The init script is also renamed to apache2 for consistency.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
* rename smbd->ksmbd (upstream name change)
* ksmbd-tools: build with static glib2 (usmbd = ~90kb, smbuseradd = ~40kb)
* new etc folder location = /etc/ksmbd/smb.conf
* new database name = /etc/ksmbd/ksmbdpwd.db
* fixes "map to guest = Bad User" while userdb is also used
* fixes missing ipv6 support
* update/rename to "luci-app-ksmbd"
* remove UCI samba compatibility code for section names (ksmbd uses [share] + [globals] not [sambashare] + [global])
* ksmbd: release 3.1.1 version
* ksmbd: does not work if ipv6 module is not loaded or compiled in
* ksmbd: capsule ifdef CONFIG_SMB_INSECURE_SERVER with smb1 codes
* ksmbd: release 3.1.0 version
* ksmbd: fix over 80 character warnings
* ksmbd: rename smbd-tools to ksmbd-tools in travis.yml
* ksmbd: fix password db file location in travis.yml
* ksmbd: rename smbd prefix function to ksmbd
* ksmbd: rename smbd prefix source files to ksmbd
* Revert "smbd: set connection status with SMBD_SESS_EXITING instead of direct destory"
* ksmbd: rename smbd to ksmbd in .travis.yml
* smbd: rename module name to ksmbd.ko
* smbd: set connection status with SMBD_SESS_EXITING instead of direct destory
* smbd: previous session with same user and same password should be deleted
* smbd: only use global session table in smb2 session
* smbd: add support for ipv6
* smbd: fix empty macro issue from smbd_debug
* cifsd: fix printing of file names in find_next
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
Latest stable release, contains security fixes for EAP-PWD (side-channel leak), logrotate settings (CVE-2019-10143) and a DoS issue due to multithreaded BN_CTX access (CVE-2019-17185).
Also refreshed patches/002-disable-session-cache-CVE-2017-9148.patch due to the following changes/commits in freeradius:
bf1a1eda23a3c46544b3
Signed-off-by: Robby K <robbyke@gmail.com>
This should hopefully prevent issues with that option not showing up in the
GUI, like in #11095.
Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
nginx-ssl-util and nginx-ssl-util-nopcre are replacements for each other,
but cannot replace nginx-util (instead conflict with it).
The hard coded [::1] could lead to a nginx error if build without IPv6.
So, get the loopback addresses dynamically.
Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at>
* Do not destroy the iterator twice if cur==this (segfault).
* Do not add the delimiter clim=='\0' when creating the SSL directives.
* Set the right SSL_SESSION_CACHE_ARG for nginx-util get_env.
* Remove static from the constexpr that are used only for Line::build.
* Concat strings instead of appending them for not using a non-const ref
(to remove some warnings of clang-tidy -checks=google-runtime-references)
Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at>
This allows custom config parameters to be added to the generated config
files, enabling the original intended functionality per
https://openwrt.org/docs/guide-user/services/ups/software.nut.
Example usage from /etc/config/nut_server:
config driver 'apc'
option driver 'snmp-ups'
option snmp_version 'v3'
option port '172.16.100.5'
list other 'secLevel'
list other 'secName'
list other 'authPassword'
list otherflag 'notransferoids'
config other 'other_secLevel'
option value 'authNoPriv'
config other 'other_secName'
option value 'some_username'
config other 'other_authPassword'
option value 'some_password'
config other 'otherflag_notransferoids'
option value '1'
Signed-off-by: Matt Merhar <mattmerhar@protonmail.com>
add missing 'peer_id_ttl_hours' and remove 'scrape_paused_torrents'
which is not exist in transmission wiki.
Signed-off-by: Richard Yu <yurichard3839@gmail.com>
We depend on luci-compat now, which will pull in luci-base, which in turn
will pull in lua. So remove those two dependencies to maybe help with
recursive dependency resolution errors.
Fixes#5320.
Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
Ran init script through shellcheck. Simplified several statements.
Replaced INSTALL_CONF with INSTALL_DATA. i2pd runs as non-root and so the
conf file must be accessible.
Fixed: https://github.com/openwrt/packages/issues/10977
Signed-off-by: Rosen Penev <rosenp@gmail.com>
This can do the main work of nginx/nginx-ssl init script.
For nginx-ssl it can create selfsigned certificates, too.
It uses libpcre and libopenssl iff nginx(-ssl) uses them.
Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at>
Rosen Penev
Sebastian Kemper
Andy Walsh
Darryl Sokoloski
Peter Stadler
Euler Alves
Jeffery To
Michele Primavera
Josef Schlehofer
Robby K
Stan Grishin
Toke Høiland-Jørgensen
Shane Peelar
Nick Peng
Jan Hoffmann
Lucian Cristian
Richard Yu
Matt Merhar
W. van den Akker
Eric Luehrsen
Stijn Tintel