aboutsummaryrefslogtreecommitdiff
path: root/net
Commit message (Collapse)AuthorAge
* stubby: add SPKI pin set for Cloudflare certTony Ambardar2018-09-23
| | | | | | | | | | | | | Add an SPKI pin for Cloudflare to help prevent MITM and downgrade attacks, as described in RFC7858 (DNS over TLS). The setup of SPKI and the specific SHA256 certificate hash are taken from Cloudflare's DoT configuration guide published at https://developers.cloudflare.com/1.1.1.1/dns-over-tls/. Note that the certificate is valid to March 25th 2020, 13:00 CET, which provides ample time for issuance of a backup pin to support future key rollover. Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
* stubby: add Cloudflare 1.0.0.1 and ::1001 serversTony Ambardar2018-09-23
| | | | Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
* stubby: use EDNS client-subnet privacy by defaultTony Ambardar2018-09-23
| | | | | | | | Retain the upstream value since privacy is usually the key user motivation for using DNS-over-TLS, and simply note that those encountering sub-optimal routing may consider disabling the setting. Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
* stubby: fix config file definitionTony Ambardar2018-09-23
| | | | | | | The config file /etc/stubby/stubby.yml is not registered properly and any local changes are being overwritten on upgrade or reinstall. Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
* stubby: rearrange Makefile for clarityTony Ambardar2018-09-23
| | | | Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
* Merge pull request #7086 from gladiac1337/feature-haproxy-v1.8.14Thomas Heil2018-09-23
|\ | | | | haproxy: Update HAProxy to v1.8.14
| * haproxy: Update HAProxy to v1.8.14Christian Lachner2018-09-22
| | | | | | | | | | | | | | | | - Update haproxy download URL and hash - Removed all obsolete patches - This fixes CVE-2018-14645 (See: https://nvd.nist.gov/vuln/detail/CVE-2018-14645) Signed-off-by: Christian Lachner <gladiac@gmail.com>
* | Merge pull request #7025 from Andy2244/krb5-keyutil-fixDirk Brenken2018-09-23
|\ \ | |/ |/| krb5: fix keyutils dependency
| * krb5: fix keyutils dependencyAndy Walsh2018-09-15
| | | | | | | | | | | | | | * if <keyutils.h> is found krb5 pulls in the lib, which than fails to link because of a missing -fPic in libkeyutils.so * keyutils 1.5.11 will depend on krb5, so we disable it in krb5 to avoid circular dependency Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* | Merge pull request #7079 from valdi74/update_package_aria2Dirk Brenken2018-09-22
|\ \ | | | | | | aria2: handle check_certificate=false config option
| * | aria2: handle check_certificate=false config optionWaldemar Konik2018-09-20
| | | | | | | | | | | | Signed-off-by: Waldemar Konik <informatyk74@interia.pl>
* | | Merge pull request #7008 from TDT-AG/pr/20180912-keepalived-enable-ipvsDirk Brenken2018-09-22
|\ \ \ | | | | | | | | net/keepalived: update to version 2.0.7 and enable ipvs support
| * | | net/keepalived: enable lvs supportFlorian Eckert2018-09-13
| | | | | | | | | | | | | | | | | | | | | | | | Enable IPVS support. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
| * | | net/keepalived: update to version 2.0.7Florian Eckert2018-09-13
| | | | | | | | | | | | | | | | | | | | | | | | Update keepalived to version 2.0.7. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* | | | Merge pull request #6990 from ptpt52/mwan3-fixDirk Brenken2018-09-22
|\ \ \ \ | | | | | | | | | | mwan3: optimize the process of copying routing tables
| * | | | mwan3: optimize the process of copying routing tablesChen Minqiang2018-09-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - The original copy process is to delete all routing tables first, then add new routing table. This process is too slow and very dirty. - We use grep to identify the changes and apply them. - ignore ipv6 unreachable routes - update version number Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
* | | | | Merge pull request #7030 from ↵Dirk Brenken2018-09-22
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | jonathanunderwood/stubby_ca_certificates_dependency stubby: add missing dependency on ca-certificates
| * | | | | stubby: add missing dependency on ca-certificatesTony Ambardar2018-09-16
| | |_|_|/ | |/| | | | | | | | | | | | | Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
* | | | | git: simplify install codePeter Wagner2018-09-22
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* | | | | git: don't hard link to symlinks, to avoid ending up with a git executeable ↵Peter Wagner2018-09-22
| |/ / / |/| | | | | | | | | | | | | | | | | | | with 0777 access rights Signed-off-by: Peter Wagner <tripolar@gmx.at>
* | | | Merge pull request #7068 from neheb/joolHannu Nyman2018-09-20
|\ \ \ \ | | | | | | | | | | jool: Update to 3.5.7 and switch to tarballs
| * | | | jool: Update to 3.5.7 and switch to tarballsRosen Penev2018-09-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Should be faster. Rearranged Makefile slightly for consistency with other packages. Version 3.5.6 and above are relicensed to GPL-2.0. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | | | | Merge pull request #7076 from mlichvar/chrony-update-3.4Hannu Nyman2018-09-20
|\ \ \ \ \ | | | | | | | | | | | | chrony: update to 3.4
| * | | | | chrony: update to 3.4Miroslav Lichvar2018-09-19
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
* | | | | | Merge pull request #7069 from sartura/geth_1.8.15Hannu Nyman2018-09-19
|\ \ \ \ \ \ | | | | | | | | | | | | | | geth: Update to 1.8.15
| * | | | | | geth: Update to 1.8.15Mislav Novakovic2018-09-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Mislav Novakovic <mislav.novakovic@sartura.hr>
* | | | | | | acme: Fix arithmetic syntaxToke Høiland-Jørgensen2018-09-19
| |/ / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Thanks to @jow- for pointing out the mistake. Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
* | | | | | acme: Fix whitespace and long lines, bump package revToke Høiland-Jørgensen2018-09-19
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
* | | | | | acme: add support for nginx webserverAnsuel Smith2018-09-19
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | This adds a metapakcge for acme luci ap without uhttpd dependency and adds entities and check to stop handle nginx server and modify the certificate set automatically. Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
* | | | | Merge pull request #6820 from notnyt/update_csharkHannu Nyman2018-09-17
|\ \ \ \ \ | | | | | | | | | | | | cshark: update to latest git HEAD
| * | | | | cshark: update to latest git HEADRob Mosher2018-08-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes GCC8 compile due to buffer overrun Signed-off-by: Rob Mosher <nyt-openwrt@countercultured.net>
* | | | | | git: update to 2.19.0Peter Wagner2018-09-17
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* | | | | | tor: update to 0.3.4.8Peter Wagner2018-09-17
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* | | | | | chrony: fix configuration of IPv6 client accessMiroslav Lichvar2018-09-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix the init script to allow access from IPv6 subnets of the interface specified in allow section in /etc/config/chrony. Fixes issue #7039. Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
* | | | | | git: drop git-http ca-certificates dependencyPeter Wagner2018-09-17
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* | | | | | Merge pull request #7040 from Andy2244/samba4-fix-typoHannu Nyman2018-09-16
|\ \ \ \ \ \ | | | | | | | | | | | | | | samba4: fix typo
| * | | | | | samba4: fix typoAndy Walsh2018-09-16
| | |_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | * fix a typo in vfs_extd_audit Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* | | | | | Merge pull request #7037 from neheb/rsyDirk Brenken2018-09-16
|\ \ \ \ \ \ | | | | | | | | | | | | | | rsyslog: Disable fmhttp as it relies on libcurl
| * | | | | | rsyslog: Disable fmhttp as it relies on libcurlRosen Penev2018-09-15
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes the buildbot currently. Also disabled tests for faster builds. And potential libsystemd. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* / / / / / unbound: update to 1.8.0Eric Luehrsen2018-09-15
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - adjust a few UCI translations to coordinate with upstream defaults - remove OpenSSL < 1.1.0 API log error patch which is included upstream Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
* | | | | Merge pull request #6800 from neheb/patch-28Dirk Brenken2018-09-14
|\ \ \ \ \ | | | | | | | | | | | | rsyslog: Update to 8.37.0
| * | | | | rsyslog: Update to 8.37.0Rosen Penev2018-08-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | HTTPS to everything Remove autoreconf as it's not needed and slows down the build. Build in parallel for faster building. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | | | | | Merge pull request #7018 from Andy2244/samba-4-9-0Dirk Brenken2018-09-14
|\ \ \ \ \ \ | | | | | | | | | | | | | | samba4: update to 4.9.0
| * | | | | | samba4: update to 4.9.0Andy Walsh2018-09-14
| | |_|_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * update to 4.9.0 * move vfs_xattr_tdb to defaults * add vfs_audit, vfs_extd_audit, vfs_full_audit to AD-DC variant * disable jansson, libarchive by default, enabled for AD-DC variant * update waf answers Noteable smb.conf changes: * store dos attributes Default changed yes * ea support Default changed yes Fixes: Timemachine "The identity of the Backup disk ... has changed since the previous backup." Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* | | | | | strongswan: refresh patchesHans Dedecker2018-09-13
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* | | | | | strongswan: fix OpenWrt hotplug script handlingHans Dedecker2018-09-13
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit 6cd8fcabe added ipsec hotplug script support by calling "exec /sbin/hotplug-call ipsec". Using the exec call breaks the insertion of iptables rules by the _updown.in script as hotplug-call just replaces the current shell meaning the commands following exec do not run since the shell is replaced and as a result lead to connectivity issues. Fix this by removing the exec command in front of /sbin/hotplug-call. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* | | | | nfs-kernel-server: fix missing libbsd dependencyGuo Li2018-09-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | libbsd may compile before nfs-kernel-server, it will make nfs-kernel-server depends libbsd.so.0, that is not we want to see. so gave option to 'configure' to disable libbsd detect and tell it we have no libbsd Signed-off-by: Guo Li <uxgood.org@gmail.com>
* | | | | Merge pull request #6948 from yangfl/masterHannu Nyman2018-09-11
|\ \ \ \ \ | | | | | | | | | | | | i2pd: Update to 2.20.0
| * | | | | i2pd: Update to 2.20.0David Yang2018-09-10
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: David Yang <mmyangfl@gmail.com>
* | | | | | Merge pull request #6992 from Andy2244/wsdd2-fixDirk Brenken2018-09-11
|\ \ \ \ \ \ | | | | | | | | | | | | | | wsdd2: fix invalid error message
Powered by cgit, Themed by Ted Yin.