| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
What's Changed:
- Extend dynamicRef keyword by @nezhar
- Add FORMAT_CHECKER attribute for Validator by @TiborVoelcker
- Remove stray double-quote by @lurch
- Ensure proper sorting of list in error message by @ssbarnea
Signed-off-by: Javier Marcet <javier@marcet.info>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
2.11.0:
- [Feature] Add SSH config token expansion (eg %h, %p) when parsing
ProxyJump directives. Patch courtesy of Bruno Inec.
- [Support] (via #2011) Apply unittest skipIf to tests currently
using SHA1 in their critical path, to avoid failures on systems
starting to disable SHA1 outright in their crypto backends (eg RHEL
9). Report & patch via Paul Howarth.
- [Support] Update camelCase method calls against the threading
module to be snake_case; this and related tweaks should fix some
deprecation warnings under Python 3.10. Thanks to Karthikeyan
Singaravelan for the report, @Narendra-Neerukonda for the patch,
and to Thomas Grainger and Jun Omae for patch workshopping.
- [Support] Recent versions of Cryptography have deprecated Blowfish
algorithm support; in lieu of an easy method for users to remove it
from the list of algorithms Paramiko tries to import and use, we’ve
decided to remove it from our “preferred algorithms” list. This will
both discourage use of a weak algorithm, and avoid warnings. Credit
for report/patch goes to Mike Roest.
2.10.5:
- [Bug] Windows-native SSH agent support as merged in 2.10 could
encounter Errno 22 OSError exceptions in some scenarios (eg server
not cleanly closing a relevant named pipe). This has been worked
around and should be less problematic. Reported by Danilo Campana
Fuchs and patched by Jun Omae.
- [Bug] OpenSSH 7.7 and older has a bug preventing it from
understanding how to perform SHA2 signature verification for RSA
certificates (specifically certs - not keys), so when we added SHA2
support it broke all clients using RSA certificates with these
servers. This has been fixed in a manner similar to what OpenSSH’s
own client does: a version check is performed and the algorithm used
is downgraded if needed. Reported by Adarsh Chauhan, with fix
suggested by Jun Omae.
- [Bug] Align signature verification algorithm with OpenSSH re:
zero-padding signatures which don’t match their nominal size/length.
This shouldn’t affect most users, but will help Paramiko-implemented
SSH servers handle poorly behaved clients such as PuTTY. Thanks to
Jun Omae for catch & patch.
Signed-off-by: Javier Marcet <javier@marcet.info>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
What's Changed:
- Fix relative paths on envfile label by @ulyssessouza
- down: Reject all arguments by @Jille
- Clarify what default work dir is when multiple compose files by
@quite
- compose down exit=0 if nothing to remove by @ndeloof
- cp command: copy to all containers of a service as default
behaviour by @glours
- Fix extra space printed with --no-log-prefix option by @jan4843
- bump compose-go to 1.2.5 by @ndeloof
New Contributors:
- @Jille made their first contribution
- @quite made their first contribution
- @jan4843 made their first contribution
Signed-off-by: Javier Marcet <javier@marcet.info>
|
| |
|
|
| |
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| |
|
|
| |
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| |\
| |
| | |
openconnect: three misc fixes
|
| | |
| |
| |
| |
| |
| | |
Otherwise, OpenConnect will fail to connect with DTLS.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
|
| | |
| |
| |
| |
| |
| | |
If it exists (if it isn't built-in), it will be loaded automatically at boot.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
|
| |/
|
|
|
|
| |
We have nslookup and awk, let's use them.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
|
| |
|
|
| |
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
This commit fixes two issues on macos:
1. Added a patch to fix 'echo -n' issue with MacOS shell
(backported from upstream)
2. Redefined sys.platform='linux' for target build if build host is
MacOS (otherwise, build script tries to use MacOS logic for
OpenWrt(Linux) target build)
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
|
| |
|
|
|
|
| |
Enabled glib_checks to fix podman.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
| |
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
|
| |
|
|
|
|
|
|
| |
Use nft instead of iptables to open port 80 in the firewall when getting a
cert. Since nft doesn't allow deleting a rule by its contents, capture and
save the handle when creating the rule, and use that to delete.
Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
|
| |
|
|
|
|
|
|
|
|
|
| |
The audit package in the packages feed share the same sources as the
libaudit package in the base repo. libaudit performs a host build, used
only by libsemanage in base.
There is no package depending on 'audit/host', so we can remove it to
avoid possible confusion.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Both audit in the packages feed and libaudito from the base repo use the
same sources.
Have 'audit' use a different build directory than 'libaudit' package to
avoid interference between them.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Linux 5.15 does not have the linux/ipx.h header.
The patch is a partial cherry-pick (skipped ChangeLog) of upstream
commit 6b09724c6 ("Make IPX packet interpretation dependent on the ipx
header file existing").
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
|
| |
|
|
|
|
|
|
| |
Backport a patch in order to allow building OpenConnect against OpenSSL 1.1.x
without the need for deprecated API (further fixes will be required for OpenSSL
3.x, though).
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
|
| |
|
|
|
|
|
|
| |
This commit fixes an issue where the `libcoap-3-notls.so` is not installed,
in some cases leaving the target's root with no library and just a broken link
from `libcoap-3.so` to `libcoap-3-notls.so`.
Signed-off-by: Leo Soares <leo@hyper.ag>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On systems using seccomp, the hostapd socket files will be owned by the
'network' user/group ([source][0]). In this case, if wifi-presence is
run as root/root, then it does not have permissions to open the
hostapd socket files. This was discussed in awilliams/wifi-presence#3.
This change allows the process user/group to be specified in
/etc/config/wifi-presence. If no explicit user/group is set, then the
init script will use the owner of the socket files in /var/run/hostapd/
to determine the appropriate process user/group.
[0]: https://github.com/openwrt/openwrt/blob/ec6293febc244d187e71a6e54f44920be679cde4/package/network/services/hostapd/files/wpad.init#L35-L36
Signed-off-by: Adam Williams <pwnfactory@gmail.com>
|
| |\
| |
| | |
openldap: drop use of HTTP in favor of HTTPS
|
| |/
|
|
| |
Signed-off-by: W. Michael Petullo <mike@flyn.org>
|
| |\
| |
| | |
openwisp-config: update to 1.0.0
|
| | |
| |
| |
| | |
Signed-off-by: Federico Capoano <f.capoano@openwisp.io>
|
| | |
| |
| |
| | |
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| | |
| |
| |
| |
| |
| | |
The elfutils package moved to tools and elfutils/host no longer exists.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
|
| | |
| |
| |
| | |
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
| |\ \
| | |
| | | |
https-dns-proxy: 2021-11-22-3: add support for Canary Domains
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fixes https://github.com/stangri/source.openwrt.melmac.net/issues/155.
Background: https://support.mozilla.org/en-US/kb/canary-domain-use-application-dnsnet
Signed-off-by: Stan Grishin <stangri@melmac.ca>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This is based on the toolchain GCC, and aims to share as much of its
Makefile and patches with that definition. The package requires two
additional patches:
(1) 003-dont-choke-when-building-32bit-on-64bit.patch, which fixes the
`error: size of array 'test_real_width' is negative` error that occurs
when building a 32-bit GCC on a 64-bit host. (Search the Internet for
examples of this error appearing.)
(2) 980-add-nostdinc++.patch, which backports a fix from 11.3.0 (11.2.0
only).
Signed-off-by: W. Michael Petullo <mike@flyn.org>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: W. Michael Petullo <mike@flyn.org>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bump to latest release
Build system: x86_64
Build-tested: bcm2711/RPi4B
Run-tested: bcm2711/RPi4B
Signed-off-by: John Audia <therealgraysky@proton.me>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The postinst script is sourced during image build, which causes the
follow failure:
/home/stijn/Development/OpenWrt/openwrt/build_dir/target-x86_64_musl/root-x86/etc/init.d/lxc-auto: line 3: /lib/functions.sh: No such file or directory
postinst script ./usr/lib/opkg/info/lxc-auto.postinst has failed with exit code 1
Sourcing /lib/functions.sh is not needed, as /etc/rc.common does so
already. Unfortunately removing that line from the init script is not
enough to fix the problem. The postinst script should also check
IPKG_INSTROOT. As these two changes are unrelated, they should go in
separate commits, and the solution to the image build problem is to
revert the commit that introduced the breakage.
This reverts commit 2cde10b95053bf958a4001fb0a82c4563bf345e2.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
|
| | | |
| | |
| | |
| | | |
This reverts commit 7b7265293f953c71a65099ecbdbfbaf5f14bf4f8.
|
| | | |
| | |
| | |
| | |
| | |
| | | |
This version builds packages as a normal user instead of as root.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
|
| | | |
| | |
| | |
| | |
| | |
| | | |
7afab96 usteer: Fix better candidate not being set in policy
Signed-off-by: David Bauer <mail@david-bauer.net>
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Git compare: https://github.com/raspberrypi/rpi-eeprom/compare/47976e4409c6999a8e211976c75c60a97c90275c...v2022.04.26-138a1
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
|
| |\ \ \
| | | |
| | | | |
kcptun: add tcp option
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Zheng Qian <sotux82@gmail.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
softflowd can filter the traffic with an optional bpf program,
specified on the command-line as a BPF expression
Signed-off-by: Jesus Fernandez Manzano <jesus.manzano@galgus.net>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* Overrode `PREFIX` to have the old behaviour
Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This also:
* Adds PKG_SOURCE_DATE and PKG_SOURCE_VERSION to PKG_VERSION (by
default, when PKG_VERSION is defined, PKG_SOURCE_DATE and
PKG_SOURCE_VERSION are not used)
* Fixes package copyright
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Lua-eco is a `Lua coroutine` library which was implemented based on `IO event`.
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Avoids linking to argp-standalone with glibc.
Some other minor fixes.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: W. Michael Petullo <mike@flyn.org>
|