aboutsummaryrefslogtreecommitdiff
path: root/net
Commit message (Collapse)AuthorAge
* scapy: update to 2.4.3W. Michael Petullo2019-09-14
| | | | Signed-off-by: W. Michael Petullo <mike@flyn.org>
* banip: update 0.2.1Dirk Brenken2019-09-10
| | | | | * fix for #9954 Signed-off-by: Dirk Brenken <dev@brenken.org>
* treewide: Change .*GPL.*+ licenses to SPDX compatible identifierSven Eckelmann2019-09-10
| | | | | | | | The CONTRIBUTING.md requests an (or multiple) SPDX identifier for GPL licenses. But a lot of packages did use a different, non-SPDX style with a "+" at the end instead of "-or-later". Signed-off-by: Sven Eckelmann <sven@narfation.org>
* Merge pull request #9947 from eglooca/masterRosen Penev2019-09-09
|\ | | | | netifyd: Updated to v2.92.
| * netifyd: Updated to v2.92.Darryl Sokoloski2019-09-09
| | | | | | | | Signed-off-by: Darryl Sokoloski <darryl@sokoloski.ca>
* | Merge pull request #9948 from dibdot/banIPDirk Brenken2019-09-09
|\ \ | |/ |/| banip: update 0.2.0
| * banip: update 0.2.0Dirk Brenken2019-09-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * remove 'http-only' mode, all sources are now fetched from https sites * the backup mode is now mandatory ('/tmp' is the default backup directory), always create and re-use backups if available. To force a re-download take the 'reload' action. * support 'sshd' in addition to 'dropbear' for logfile parsing to detect break-in events * always update the black-/whitelist with logfile parsing results in 'refresh' mode (no new downloads) * rework the return code handling * tweak procd trigger * various small fixes * (s)hellsheck cosmetics Signed-off-by: Dirk Brenken <dev@brenken.org>
* | acme: depends on gnu-wgetYousong Zhou2019-09-09
| | | | | | | | | | | | | | Fixes openwrt/packages#9456 Ref: https://github.com/openwrt/packages/issues/9456 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* | wget: provides gnu-wgetYousong Zhou2019-09-09
| | | | | | | | | | | | | | | | So that packages like acme requiring features from it can depend on it explicitly, not the more basic "wget" which is also provided by "uclient-fetch" Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* | softethervpn: Fix openssl header patchRosen Penev2019-09-06
| | | | | | | | Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | Merge pull request #9929 from dibdot/adblockDirk Brenken2019-09-06
|\ \ | | | | | | adblock: update 3.8.5
| * | adblock: update 3.8.5Dirk Brenken2019-09-06
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * use raw procd interface trigger as last resort, if the adblock config is not available during startup * fix selective subdomain whitelisting for dnsmasq * fix a kresd restart issue with 'DNS File Reset' * fix a suspend/resume cornercase * disable the tld compression, if the number of blocked domains is greater than 'adb_maxtld' (default: 100000) * made the fw portlist configurable (default '53 853 5353') * preliminary support for inotify-like autoload features of dns backends like kresd in future Turris OS. If 'adb_dnsinotify' is set to 'true', all adblock related restarts and the 'DNS File Reset' will be disabled Signed-off-by: Dirk Brenken <dev@brenken.org>
* | Merge pull request #9931 from sebastian-de/ipfixRosen Penev2019-09-06
|\ \ | | | | | | ulogd2: Build IPFIX module
| * | ulogd2: Build IPFIX moduleSebastian Fleer2019-09-06
| |/ | | | | | | | | | | add ulogd_output_IPFIX.so to ulogd-mod-extra Signed-off-by: Sebastian Fleer <dev@dwurp.de>
* / lcdringer: Depend on vala/host insteadRosen Penev2019-09-06
|/ | | | Signed-off-by: Rosen Penev <rosenp@gmail.com>
* Merge pull request #9922 from neheb/ulRosen Penev2019-09-05
|\ | | | | ulogd2: Backport upstream patches
| * ulogd2: Backport upstream patchesRosen Penev2019-09-05
| | | | | | | | | | | | IPFIX support was requested. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | Merge pull request #9891 from BKPepe/lighttpdJosef Schlehofer2019-09-05
|\ \ | |/ |/| lighttpd: Update to version 1.4.54
| * lighttpd: Makefile polishingJosef Schlehofer2019-09-01
| | | | | | | | | | | | | | | | - Correct SPDX License Identifier - Move MAINTAINER, SUBMENU to more appropriate place - Use HTTPS in URL Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
| * lighttpd: Update to version 1.4.54Josef Schlehofer2019-09-01
| | | | | | | | | | | | Fixes CVE-2019-11072 Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
* | fastd: fix init script for multiple VPN instancesMatthias Schiffer2019-09-04
| | | | | | | | Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* | Merge pull request #9919 from ja-pa/samba4-security-fixJosef Schlehofer2019-09-04
|\ \ | | | | | | samba4: update to version 4.9.13 (security fix)
| * | samba4: update to version 4.9.13 (security fix)Jan Pavlinec2019-09-04
| | | | | | | | | | | | | | | | | | Fixes CVE-2019-10197 Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
| * | samba4: remove double quotes for reniceOever González2019-09-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The double quote thells the shell that the list returned from `pidof` is a single argument, therefore, `renice` will cry about a malformed input. With this commit, `renice` will be applied correctly to all the returned PIDs from `pidof`. The output of `renice` for the quoted list is as follows: `renice: invalid number '6592 6587 6586 6574'` `renice` does not show and does apply the nice value if the list is unquoted. Signed-off-by: Oever González <notengobattery@gmail.com> Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
* | | Merge pull request #9845 from ja-pa/fix-aslr-pieRosen Penev2019-09-04
|\ \ \ | | | | | | | | Disable ASLR PIE in selected packages
| * | | usbip: disable ASLR PIEJan Pavlinec2019-09-04
| | | | | | | | | | | | | | | | Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
* | | | softethervpn: Add missing OpenSSL headerRosen Penev2019-09-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes compilation without OpenSSL deprecated APIs as well as -Werror=implicit-function-declaration. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | | | Merge pull request #9902 from neheb/mosh5Rosen Penev2019-09-03
|\ \ \ \ | | | | | | | | | | mosh: add package
| * | | | mosh: add packageJakub Tymejczyk2019-09-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Maintainer: Jakub Tymejczyk <jakub@tymejczyk.pl> Compile tested: ramips, Xiaomi Router 3G, fc54256 Run tested: ramips, Xiaomi Router 3G, 0f54d96 Description: Mosh is "Remote terminal application that allows roaming, supports intermittent connectivity, and provides intelligent local echo and line editing of user keystrokes". Project's site: https://mosh.org Makefile and patch taken from: https://github.com/mchwalisz/mosh-openwrt updated by me Signed-off-by: Jakub Tymejczyk <jakub@tymejczyk.pl> (Makefile cleanup and size optimizations) Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | | | | Merge pull request #9903 from mwarning/zerotierRosen Penev2019-09-03
|\ \ \ \ \ | |_|_|/ / |/| | | | zerotier: update to 1.4.4
| * | | | zerotier: update to release 1.4.4Moritz Warning2019-09-03
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | Also allow path to local.conf to be set and enable linker optimisations to save a few bytes. Signed-off-by: Moritz Warning <moritzwarning@web.de>
* / / / apinger: Fix PKG_SOURCE_VERSIONRosen Penev2019-09-01
|/ / / | | | | | | | | | | | | | | | Too short Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | | Merge pull request #9881 from aparcar/ipsec-toolsRosen Penev2019-09-01
|\ \ \ | |_|/ |/| | remove ipsec-tools and opennhrp
| * | ipsec-tools: removePaul Spooren2019-08-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As discussed on GitHub[0] the package should be removed. [0]: https://github.com/openwrt/packages/issues/7832 > The package is effectively orphaned upstream and has been for some time. Given the security-sensitive nature of the package, an active maintainer community is essential for safe usage. Racoon's lack of support for IKEv2, despite it being stable for a long time, and the availability of next-generation tunneling systems such as wireguard, also would seem to limit its future value. Setkey's functionality has been subsumed by 'ip xfrm'. > If you disagree that ipsec-tools should be removed from OpenWRT, please say so now. If there are still use cases for it that are not met by other IKE implmenentations that would be good to know. But more importantly, I think you'll need to convince us that ipsec-tools is actually safe to operate on today's Internet given its current state of development. Signed-off-by: Paul Spooren <mail@aparcar.org>
| * | opennhrp: removePaul Spooren2019-08-31
| | | | | | | | | | | | | | | | | | The package requires ipsec-tools which will be removed from packages.git Signed-off-by: Paul Spooren <mail@aparcar.org>
* | | Merge pull request #9877 from EricLuehrsen/unbound_193Dirk Brenken2019-09-01
|\ \ \ | | | | | | | | unbound: update to 1.9.3
| * | | unbound: update to 1.9.3Eric Luehrsen2019-08-31
| |/ / | | | | | | | | | Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
* / / net: remove ipsec-toolsNoah Meyerhans2019-08-31
|/ / | | | | | | | | | | | | As discussed in #7832, ipsec-tools is no longer suitable for inclusion in the distribution. Signed-off-by: Noah Meyerhans <frodo@morgul.net>
* | Merge pull request #9732 from dengqf6/ngxRosen Penev2019-08-30
|\ \ | | | | | | nginx: update to 1.16.1
| * | nginx: update to 1.16.1DENG Qingfang2019-08-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes: when using HTTP/2 a client might cause excessive memory consumption and CPU usage (CVE-2019-9511, CVE-2019-9513, CVE-2019-9516). Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
* | | Merge pull request #9853 from neheb/atfRosen Penev2019-08-30
|\ \ \ | | | | | | | | atftp: Update to 0.7.2
| * | | atftp: Update to 0.7.2Rosen Penev2019-08-27
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes issue where CFLAGS were not being passed. This was breaking ASLR builds. Added PKG_BUILD_PARALLEL for faster compilation. Added PKG_INSTALL. Changed install paths based on PKG_INSTALL paths. Added --disable-debug to make sure debug code is disabled. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | | Merge pull request #9868 from gladiac1337/haproxy-2.0.5Rosen Penev2019-08-30
|\ \ \ | | | | | | | | haproxy: Update HAProxy to v2.0.5
| * | | haproxy: Update HAProxy to v2.0.5Christian Lachner2019-08-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | - Update haproxy download URL and hash - Add new patches Signed-off-by: Christian Lachner <gladiac@gmail.com>
* | | | Merge pull request #9871 from wvdakker/masterRosen Penev2019-08-30
|\ \ \ \ | | | | | | | | | | Shorewall: Bump to 5.2.3.4
| * | | | Shorewall6: Bump to version 5.2.3.4W. van den Akker2019-08-30
| | | | | | | | | | | | | | | | | | | | Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl>
| * | | | Shorewall: Bump to version 5.2.3.4W. van den Akker2019-08-30
| | | | | | | | | | | | | | | | | | | | Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl>
| * | | | Shorewall6-lite: Bump to version 5.2.3.4W. van den Akker2019-08-30
| | | | | | | | | | | | | | | | | | | | Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl>
| * | | | Shorewall-lite: Bump to version 5.2.3.4W. van den Akker2019-08-30
| | | | | | | | | | | | | | | | | | | | Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl>
| * | | | Shorewall-core: Bump to version 5.2.3.4W. van den Akker2019-08-30
| | | | | | | | | | | | | | | | | | | | Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl>
Powered by cgit, Themed by Ted Yin.