aboutsummaryrefslogtreecommitdiff
path: root/net
Commit message (Collapse)AuthorAge
* Merge pull request #10688 from neheb/opeRosen Penev2019-12-01
|\ | | | | openconnect: Switch to HTTPS for the source URL
| * openconnect: Switch to HTTPS for the source URLRosen Penev2019-11-30
| | | | | | | | | | | | | | | | | | | | Goes through firewalls easier. Switched to xz tarball, which is both implicit and smaller. Rearranged some stuff for consistency between packages. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | Merge pull request #10681 from gram25gwh/ddns-scripts-https-afraid-orgRosen Penev2019-11-30
|\ \ | | | | | | ddns-scripts: Change protocols of afraid.org urls to HTTPS.
| * | ddns-scripts: Change protocols of afraid.org urls to HTTPS.Kwonjin Jeong2019-12-01
| | | | | | | | | | | | | | | | | | | | | - Use HTTPS protocol for updating urls for afraid.org to protect the password. - Bump/align package version number. Signed-off-by: Kwonjin Jeong <gram25gwh@gmail.com>
* | | Merge pull request #10668 from Andy2244/samba4_4.9.16_cleanupRosen Penev2019-11-30
|\ \ \ | |_|/ |/| | samba4: update to 4.9.16, remove AD-DC/Winbind options
| * | samba4: update to 4.9.16, remove AD-DC/Winbind optionsAndy Walsh2019-11-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | * update to 4.9.16 * cherry-pick some musl alpine/openembedded patches * cleanup/remove AD-DC/Winbind options and related code * build the compile_et via samba4/host Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* | | banip: update 0.3.11Dirk Brenken2019-11-30
| |/ |/| | | | | | | | | | | * fix ssh daemon autodetection * fix 'sshd' logfile parsing Signed-off-by: Dirk Brenken <dev@brenken.org>
* | Merge pull request #10655 from gladiac1337/haproxy-2.0.10Hannu Nyman2019-11-29
|\ \ | | | | | | haproxy: Update HAProxy to v2.0.10
| * | haproxy: Update HAProxy to v2.0.10Christian Lachner2019-11-29
| | | | | | | | | | | | | | | | | | | | | | | | - Update haproxy download URL and hash - Add new patches (see https://www.haproxy.org/bugs/bugs-2.0.10.html) - This fixes CVE-2019-19330 (See: https://nvd.nist.gov/vuln/detail/CVE-2019-19330) Signed-off-by: Christian Lachner <gladiac@gmail.com>
* | | Merge pull request #10657 from neheb/addrRosen Penev2019-11-29
|\ \ \ | | | | | | | | addrwatch: Add missing limits header for PATH_MAX
| * | | addrwatch: Add missing limits header for PATH_MAXRosen Penev2019-11-27
| |/ / | | | | | | | | | | | | | | | Fixes compilation on musl. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | | Merge pull request #10654 from leonghui/wiki-link-updateRosen Penev2019-11-28
|\ \ \ | | | | | | | | treewide: replace old wiki links
| * | | treewide: update wiki linksLeong Hui Wong2019-11-29
| |/ / | | | | | | | | | Signed-off-by: Leong Hui Wong <wong.leonghui@gmail.com>
* | | ntpd: create config_file directorySebastian Kemper2019-11-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ntpd's configuration is stored in /var/etc, but the init script doesn't create this directory. To be fair this folder is used by other packages as well, for instance dnsmasq. Still, it's better not to rely on other packages to create it. Fixes: #10636 Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
* | | stunnel: update to version 5.56Florian Eckert2019-11-28
| |/ |/| | | | | | | | | Update to version 5.56 Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* | Merge pull request #10511 from SibrenVasse/openssh8.1Josef Schlehofer2019-11-28
|\ \ | |/ |/| openssh: update to 8.1p1
| * openssh: update to 8.1p1Sibren Vasse2019-11-09
| | | | | | | | Signed-off-by: Sibren Vasse <github@sibrenvasse.nl>
* | Merge pull request #10611 from ldir-EDB0/bumpdnsRosen Penev2019-11-27
|\ \ | | | | | | net/https-dns-proxy: Update to 2019-10-09
| * | net/https-dns-proxy: Update to 2019-10-09Kevin Darbyshire-Bryant2019-11-21
| | | | | | | | | | | | Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* | | cifsd: update to git (2019-11-27), fix reload/restart not applying smb.conf ↵Andy Walsh2019-11-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | changes * fix reload/restart not applying luci/smb.conf changes * remove hotfix for 'read only = no' (fixed by upstream) * update documentation, example *cifsd: fix the lost of dos file attributes *cifsd: store FILE_ATTRIBUTE_SPARSE into xattr *cifsd: release v2.0.2 *cifsd-tools: add smb.conf.list file to show supported parameters list *cifsd-tools: set CIFSD_SHARE_FLAG_WRITEABLE flags if read only = no *cifsd-tools: release cifsd-tools v2.0.2 Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* | | modemmanager: install common utils in /usr/share/ModemManagerAleksander Morgado2019-11-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | The modemmanager.common file includes several utility functions that are used in several places like the protocol handler and in hotplug scripts. These utilities should not be installed in /etc as they're not configuration. Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
* | | modemmanager: don't flag the 'device' option as 'device' typeAleksander Morgado2019-11-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | Unlike other modem protocol handlers like the ones implemented by uqmi or umbim, in the modemmanager protocol handler the 'device' option does not specify a device node in /dev. Therefore, we shouldn't flag the option as 'device' type (dt_type_device). Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
* | | modemmanager: fix device unplug handlingAleksander Morgado2019-11-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a USB modem device is unplugged, we had to do two different things: first, cleanup the sysfs cache; and second, set interface as unavailable. Those two things were never being done properly due to several different issues: * The parent sysfs path retrieval logic relies on checking for which sysfs path has the vid/pid files. This logic obviously only works when the device is available, and cannot be used on e.g. removal events. * The command to cleanup the modem wait status from the sysfs cache was not removing the previous state properly, because the sysfs path variable wasn't escaped properly for the sed command. This patch handles those issues in order to have a proper device removal handling, by making sure the sysfs path is properly escaped in the sed command, and by introducing a new hotplug script that runs when the full USB device is removed. Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
* | | modemmanager: flag as available and no_device when initializingAleksander Morgado2019-11-27
| | | | | | | | | | | | | | | | | | | | | Otherwise, if the modem is reseted, netifd will think that the device is gone forever. Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
* | | modemmanager: add default proto configsAleksander Morgado2019-11-27
| | | | | | | | | | | | Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
* | | Merge pull request #10645 from Andy2244/softethervpn5-9672Rosen Penev2019-11-26
|\ \ \ | | | | | | | | softethervpn5: update to 5.01.9672
| * | | softethervpn5: update to 5.01.9672Andy Walsh2019-11-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 5.01.9672 release * Cedar: handle UDP acceleration and R-UDP versions * Mayaqua: implement R-UDP version 2, powered by ChaCha20-Poly1305 * Cedar: implement UDP acceleration version 2, powered by ChaCha20-Poly1305 * Cedar: serve new web management interface * Cedar: implement detailed protocol info * Mayaqua: add Windows Server 2019 to the supported operating systems list * Cedar: various fixes * Cedar: add "DisableIPsecAggressiveMode" option * Make install dir for unit files configurable * Protocol.c: adapt ClientConnectGetSocket() for new proxy functions * Wpc.c: adapt WpcSockConnectEx() for new proxy functions * Protocol: add ProxyCodeToCedar() * Move generic proxy stuff from Cedar to Mayaqua * Proto_OpenVPN.c: improve OvsProcessData(), fix out-of-bounds access found by Coverity * Proto_OpenVPN.c: fix segmentation fault in OvsProceccRecvPacket() * Addressing the UDP reflection amplification attack: https://github.com/SoftEtherVPN/SoftEtherVPN/issues/1001 * Mayaqua.h: include <stdarg.h> for "va_list" on Illumos * Protocol.c: fix bug in ClientConnectGetSocket() causing custom HTTP header not to work * Mayaqua: move HTTP functions from "Network" to "HTTP" * Move GetMimeTypeFromFileName() and related structure to Mayaqua * Mayaqua.h: include <stdio.h> for "FILE" * Mayaqua.h: include <stddef.h>, for "wchar_t" * Bump mixin-deep in /src/bin/hamcore/wwwroot/admin/default * - Fixed the problem occurs when RPC messages between Cluster Members exceed 64Kbytes. - Fixed the RADIUS PEAP client to use the standard TLS versioning. - Implementation of a function to fix the MAC address of L3 VPN protocol by entering e.g. "MAC: 112233445566" in the "Notes" field of the user information. - Implementation of a function to fix the virtual MAC address to be assigned to the L3 VPN client as a string attribute from RADIUS server when authentication. * Updating built-in Win32 libraries - OpenSSL 1.1.1 -> 1.1.1d - zlib 1.2.3 -> 1.2.11 * Update strtable_cn.stb * Avoid using hardcoded paths in log file enumeration * Fix buffer overflow during NETBIOS name resolution * Update SEVPN.sln * Create strtable_pt_br.stb * ci: display error if vpntest failed * Fix several compile warnings on MS VC++ 2008. * Enables crash minidump for Win32 vpntest. Minidump files will be saved to the 'C:\Users\<username>\AppData\Local\Temp\vpn_debug' (for normal user) or 'src\bin\vpn_debug\' (for administrator user). * OpenVPN: use new protocol interface * Add interface for easy protocol implementation * add "no-deprecated" to openssl builds "no-deprecated" is widely used in openwrt devices * Fix LibreSSL support * Switch to OpenSSL THREADID API * travis-ci: update openssl, libressl * enable sonar-scan in travis-ci builds * Virtual: fix race condition in DHCP server which resulted in multiple clients receiving the same IP * Mayaqua: Fix compilation without deprecated OpenSSL APIs * Mayaqua: Replace GNU specific sys/poll.h header with POSIX poll.h * systemd: replace deprecated CAP_SYS_ADMIN with CAP_SYSLOG Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* | | | cifsd-tools: update to git (2019-11-25)Andy Walsh2019-11-25
|/ / / | | | | | | | | | | | | | | | | | | | | | * cifsd-tools: fix Assignment of a signed value which has type 'long' * init: convert hide_dot_files to yes/no option * 'read only = no' seems bugged for cifsd/smb.conf, so fix via 'writeable = yes' Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* | | transmission: Disable webseedingRosen Penev2019-11-24
| | | | | | | | | | | | | | | | | | It causes 100% CPU usage in certain situations. Just disable it. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | | yggdrasil: bump to 0.3.12William Fleurant2019-11-24
| | | | | | | | | | | | Signed-off-by: William Fleurant <meshnet@protonmail.com>
* | | Merge pull request #10519 from BKPepe/gitHannu Nyman2019-11-24
|\ \ \ | | | | | | | | git: Update to version 2.24.0
| * | | git: Update to version 2.24.0Josef Schlehofer2019-11-10
| | | | | | | | | | | | | | | | | | | | | | | | Refresh patch Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
* | | | clamav: Shellcheck fixesRosen Penev2019-11-23
| | | | | | | | | | | | | | | | | | | | | | | | Fix SC2129 Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | | | clamav: Update to version 0.101.4Josef Schlehofer2019-11-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Change deprecated options to a new one: DetectBrokenExecutables to AlertBrokenExecutables ArchiveBlockEncrypted to AlertEncrypted Fixes: CVE-2019-12900 and CVE-2019-12625 Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
* | | | adblock: update 3.8.12Dirk Brenken2019-11-23
| | | | | | | | | | | | | | | | | | | | * fix possible dns restart issue with DNS File Reset (race condition) Signed-off-by: Dirk Brenken <dev@brenken.org>
* | | | Merge pull request #10616 from Andy2244/samba4-22-11-2019Rosen Penev2019-11-22
|\ \ \ \ | | | | | | | | | | samba4: add UCI option 'disable_async_io'
| * | | | samba4: add UCI option 'disable_async_io'Andy Walsh2019-11-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * add UCI option 'disable_async_io' * remove [homes] options Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* | | | | Merge pull request #10615 from Andy2244/cifsd-22-11-2019Rosen Penev2019-11-22
|\ \ \ \ \ | | | | | | | | | | | | cifsd: update to git (2019-11-22)
| * | | | | cifsd: update to git (2019-11-22)Andy Walsh2019-11-22
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * cifsd: fix uninitialized fp could be freed * cifsd: fix potential uninitialized spnego_blob could be freed * cifsd: smbd: replace spinlock_irqsave with spinlock * cifsd: smbd: avoid the lack of client's send credits * cifsd-tools: add version generation script * cifsd-tools: do not abbrev git describe * cifsd-tools: use 'unknown' version string if git describe fails Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* / / / / kcptun: bump to v20191112Chao Liu2019-11-22
|/ / / / | | | | | | | | | | | | Signed-off-by: Chao Liu <expiron18@gmail.com>
* | | | Merge pull request #10547 from zhoreeq/yggdrasil_uciFlorian Eckert2019-11-21
|\ \ \ \ | |_|/ / |/| | | yggdrasil: Change package configuration to UCI
| * | | yggdrasil: Change package configuration to UCIGeorge Iv2019-11-21
| | | | | | | | | | | | | | | | Signed-off-by: George Iv <57254463+zhoreeq@users.noreply.github.com>
* | | | Merge pull request #10605 from rs/nextdns-1.1.5Rosen Penev2019-11-21
|\ \ \ \ | | | | | | | | | | nextdns: Update version 1.1.5 + add per host config option
| * | | | nextdns: Update version 1.1.5 + add per host config optionOlivier Poitrey2019-11-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Update nextdns to version 1.1.5 which adds IPv6 dual stack support. * Add the ability to configure per host configuration id from uci. Signed-off-by: Olivier Poitrey <rs@nextdns.io>
* | | | | Merge pull request #10608 from ja-pa/bind-9.14.8Rosen Penev2019-11-21
|\ \ \ \ \ | |/ / / / |/| | | | bind: update to version 9.14.8 (security fix)
| * | | | bind: update to version 9.14.8 (security fix)Jan Pavlinec2019-11-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes CVE-2019-6477 Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
* | | | | unbound: Update to version 1.9.5Josef Schlehofer2019-11-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes CVE-2019-18934 Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
* | | | | Merge pull request #10583 from neheb/cifRosen Penev2019-11-20
|\ \ \ \ \ | | | | | | | | | | | | cifs-utils: Add smbinfo utility
| * | | | | cifs-utils: Add smbinfo utilityRosen Penev2019-11-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Switched to PKG_INSTALL for simplicity. Added PKG_BUILD_PARALLEL for faster compilation. Added InstallDev section. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | | | | | Merge pull request #10587 from Payne-X6/masterRosen Penev2019-11-19
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | knot: update to version 2.9.1
Powered by cgit, Themed by Ted Yin.