aboutsummaryrefslogtreecommitdiff
path: root/net
Commit message (Collapse)AuthorAge
* smartsnmpd: Properly pass down TARGET_CPPFLAGSFlorian Fainelli2017-06-05
| | | | | | | | | | The smartsnmpd SConstruct file only accepts setting CFLAGS and does not use CPPFLAGS, so pass both down using CFLAGS. This fixes build errors with external toolchains that don't automatically search for headers in $(STAGING_DIR). Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* tgt: Pass down TARGET_CPPFLAGS and TARGET_LDFLAGSFlorian Fainelli2017-06-05
| | | | | | | | Make sure we pass down TARGET_CPPFLAGS and TARGET_LDFLAGS to fix build with external toolchains that don't automatically search for headers and libraries in $(STAGING_DIR). Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* tgt: Drop dependency against KERNEL_DIRECT_IOFlorian Fainelli2017-06-05
| | | | | | | This was removed in LEDE commit 0b7ed65cec8084bb98ae0e2758b7aca6c447cd4b ("kernel: remove out of tree direct-io disable hack") Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* netatalk: fix config files permissionsAlexandru Ardelean2017-06-05
| | | | | | | | | | | | | | | | | | | | | | | | After checking in the ipkg-install dir of netatalk, it seems that the permissions it sets to the conf-files are 644. # ls -la lede/build_dir/target-mips_24kc_musl/netatalk-3.1.11/ipkg-install/etc -rw-r--r-- 1 sandu sandu 226 iun 5 20:53 afp.conf -rw-r--r-- 1 sandu sandu 1948 iun 5 20:53 dbus-session.conf -rw-r--r-- 1 sandu sandu 25037 iun 5 20:53 extmap.conf While the Package/netatalk/install build rule overrides them to 600. According to * https://github.com/openwrt/packages/issues/4318 * https://forum.lede-project.org/t/help-with-apple-filesharing-protocol-for-time-machine/3259/5 this is a problem in some setups. So, this patch changes them to what the netatalk package creators intended initially (i.e. 644). Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* Merge pull request #3769 from wvdakker/masterHauke Mehrtens2017-06-05
|\ | | | | Added Shorewall(6)-lite.
| * Add package shorewall(6)-lite.W. van den Akker2017-06-05
| | | | | | | | | | | | Bump to version 5.1.4.1 Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl>
* | openssh: if we don't generate a dsa key we shouldn't look for itPhilip Prindeville2017-06-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The earlier commit ea119211b21 removed 'dsa' as one of the ssh_host_*_key types that got generated. Problem was that it didn't remove that key as one of the paths that the server looks for by default. As a consequence, your log file might fill up with messages like: 2017-06-01T15:43:07-06:00 openwrt sshd[31929]: error: Could not load host key: /etc/ssh/ssh_host_dsa_key The patch is forunately trivial. Don't set the path for the dsa key file in the server configuration. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com> Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* | Revert "The earlier commit ea119211b21 removed 'dsa' as one of the ↵Daniel Golle2017-06-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | ssh_host_*_key" The author (@pprindeville) of the original commit noted that the wrong commit was picked, see https://github.com/openwrt/packages/commit/325b7d2cd2d6e9d4903c6e7628c7c9ae0ddab564#commitcomment-22387528 "Err... looks like the wrong fix got committed. I was hoping that this commit d902e5d would have gone in instead." This reverts commit 325b7d2cd2d6e9d4903c6e7628c7c9ae0ddab564. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* | netatalk: switch maintainer to meAlexandru Ardelean2017-06-05
| | | | | | | | Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* | Merge pull request #4402 from commodo/netatalk-upgradeDaniel Golle2017-06-05
|\ \ | | | | | | netatalk: upgrade to version 3.1.11
| * | netatalk: upgrade to version 3.1.11Alexandru Ardelean2017-05-29
| | | | | | | | | | | | Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* | | Merge pull request #4099 from dangowrt/freeradius3-ldapDaniel Golle2017-06-05
|\ \ \ | | | | | | | | freeradius3: build and package support for LDAP
| * | | freeradius3: build and package support for LDAPDaniel Golle2017-03-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The lack of LDAP support was one of the things which prevented users from migrating from freeradius2 to freeradius3. Enable LDAP in freeradius3 so we can finally burry freeradius2. Reported-by: Martin Mueller <mm@sig21.net> Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* | | | Merge pull request #4284 from bmork/conserverHauke Mehrtens2017-06-05
|\ \ \ \ | | | | | | | | | | conserver: add advanced serial console package
| * | | | conserver: add advanced serial console packageBjørn Mork2017-06-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conserver is an application that allows multiple users to use serial consoles at the same time, with logging. It has a client- server design which makes it easy to manage a distributed set of serial consoles. Logging makes post-crash analyses easier. Signed-off-by: Bjørn Mork <bjorn@mork.no>
* | | | | Merge pull request #4423 from pprindeville/lighttpd-use-procdDaniel Golle2017-06-05
|\ \ \ \ \ | | | | | | | | | | | | lighttpd: use procd-based init.d script
| * | | | | lighttpd: use procd-based init.d scriptPhilip Prindeville2017-06-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This will allow procd to restart the service if it crashes or otherwise exits. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* | | | | | Merge pull request #4419 from danrl/wireguardHannu Nyman2017-06-05
|\ \ \ \ \ \ | | | | | | | | | | | | | | wireguard: version bump
| * | | | | | wireguard: version bumpdanrl2017-06-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | From upstreams changelog: This rather large snapshot touches quite a few sensitive areas, so I'm releasing it now rather than later to receive feedback on any possible issues. It also contains fixes, so everybody should upgrade. * man: fix psk mention in wg-quick man page * man: update wg-quick(8) to show Debian resolvconf braindamage Documentation cleanups. * wg-quick: use src routing for default routes in v6 ip-rule(8) doesn't do the right thing with source addresses, unless we explicitly set it inside the route. This fixes wg-quick on IPv6 systems. * curve25519: actually, do some things on heap sometimes * curve25519: align the basepoint to 32 bytes * curve25519: add NEON versions for ARM * data: enable BH during parallel crypto on ARM/NEON * chacha20poly1305: move constants to rodata * chacha20poly1305: add NEON versions for ARM and ARM64 We now have faster primitives on ARM and ARM64 processors, which should improve performance. * handshake: process in parallel Handshakes are now processed in parallel using all cores, which should improve throughput during a storm. * noise: no need to store ephemeral public key * noise: precompute static-static ECDH operation We can precompute the ECDH(s, s) calculation, which improves handshake initiation message performance by double. * style: spaces after for loops * peer: use iterator macro instead of callback The most unreadable C ever produced. It might be wise to find a sexier-looking alternative at some point. * compat: remove warning for < 4.1 * compat: ship padata if kernel doesn't have it The usual array of annoying compat things. * rust test: convert screech test to snow * rust test: add icmp ping We now use Jake's snow library for Noise in the test, which we've expanded to complete a ping. * config: do not error out when getting if no peers * tools: allow creating device with no peers Fixing some small things in the tool/config interaction. * device: keep going when share_check fails * routingtable: remove unnecessary check in node_placement() * config: it's faster to memcpy than strncpy * timers: fix typo in comment Nits. * debug: print interface name in dmesg For those who compile with `make debug`, you'll be happy to see a bit better information in dmesg. * timers: rework handshake reply control flow * timers: the completion of a handshake also is on key confirmation * timers: reset retry-attempt counter when not retrying Tightening up our timer implementation, which is quite important. Signed-off-by: Dan Luedtke <mail@danrl.com>
* | | | | | | fossil: Explicitly link with libmFlorian Fainelli2017-06-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes the following build error with an external toolchain: ./bld/sqlite3.o: In function `fts5Bm25Function': sqlite3.c:(.text+0x27234): undefined reference to `log' ./bld/piechart.o: In function `piechart_render': piechart_.c:(.text+0x430): undefined reference to `sincos' piechart_.c:(.text+0x47c): undefined reference to `sincos' piechart_.c:(.text+0x548): undefined reference to `sincos' collect2: error: ld returned 1 exit status src/main.mk:526: recipe for target 'fossil' failed make[3]: *** [fossil] Error 1 Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* | | | | | | linuxptp: Remove unnecessary netdb.h includesFlorian Fainelli2017-06-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This backports a patch that has been accepted upstream in linuxptp: 8b61aa2c3f3103db1d4ca1d1e49bb4f8831c1abf ("udp: Avoid including netdb.h") to fix build errors with external glibc toolchains that provide rpc/types.h. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* | | | | | | Merge pull request #4220 from p-wassi/atftpHauke Mehrtens2017-06-04
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | net/atftp: update source URL and checksum
| * | | | | | | net/atftp: update source URL and checksumPaul Wassi2017-04-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update package source to use '@SF' (SourceForge) instead of URL Replace md5sum by new hash Signed-off-by: Paul Wassi <p.wassi@gmx.at>
* | | | | | | | Merge pull request #4427 from diizzyy/patch-57Ted Hess2017-06-03
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | net/socat: Update to 1.7.3.2
| * | | | | | | | net/socat: Update to 1.7.3.2Daniel Engberg2017-06-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update socat to 1.7.3.2 Remove SSLv3 patch, workaround added upstream Remove inclusion of stddef.h, fix added upstream Replace obsolete tarball hash variable with PKG_HASH Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* | | | | | | | | The earlier commit ea119211b21 removed 'dsa' as one of the ssh_host_*_keyPeter Wagner2017-06-03
|/ / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | types that got generated. Problem was that it didn't remove that key as one of the paths that the server looks for by default. As a consequence, your log file might fill up with messages like: 2017-06-01T15:43:07-06:00 openwrt sshd[31929]: error: Could not load host key: /etc/ssh/ssh_host_dsa_key The patch is forunately trivial. Don't set the path for the dsa key file in the server configuration. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com> Signed-off-by: Peter Wagner <tripolar@gmx.at>
* | | | | | | | Merge pull request #4403 from sartura/symlink-soversion-sysrepoLuka Perkov2017-06-01
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | sysrepo: modify copy of .so files
| * | | | | | | | sysrepo: modify copy of .so filesAntonio Paunovic2017-05-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Antonio Paunovic <antonio.paunovic@sartura.hr>
* | | | | | | | | Merge pull request #4388 from sartura/netopeer2-dependencyLuka Perkov2017-06-01
|\ \ \ \ \ \ \ \ \ | |_|_|/ / / / / / |/| | | | | | | | sysrepo: add patch for disabling autostart
| * | | | | | | | sysrepo: bump PKG_RELEASE versionAntonio Paunovic2017-05-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Antonio Paunovic <antonio.paunovic@sartura.hr>
| * | | | | | | | sysrepo: add patch for diabling autostartAntonio Paunovic2017-05-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Antonio Paunovic <antonio.paunovic@sartura.hr>
* | | | | | | | | Merge pull request #4400 from starcms/masterHannu Nyman2017-05-31
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | net/dnscrypt-proxy: add support for LogLevel; update dnscrypt-proxy-resolvers
| * | | | | | | | | net/dnscrypt-proxy: add LogLevel support, update dnscrypt-resolvers.csv,starcms2017-05-30
| | |_|_|_|_|_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | bump version number. Signed-off-by: Chris Saaidi <starcms@gmail.com>
* | | | | | | | | radicale: update to version 1.1.3Christian Schoenebeck2017-05-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | update to version 1.1.3 Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
* | | | | | | | | strongswan: fix typoStijn Tintel2017-05-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* | | | | | | | | Merge pull request #4208 from dedeckeh/pr-netsnmp-fwStijn Tintel2017-05-30
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | net-snmp: add inbound firewall rule support
| * | | | | | | | | net-snmp: add inbound firewall rule supportHans Dedecker2017-05-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add UCI section general which holds the uci parameter network defining on which interface(s) the snmp agent is reachable for inbound snmp requests in case the firewall zone does not allow INPUT traffic by default. For the different zones to which the different interfaces belong firewall procd input rules are created making the snmp agent reachable on udp port 161. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* | | | | | | | | | strongswan: add curve25519 pluginStijn Tintel2017-05-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* | | | | | | | | | strongswan: bump to 5.5.3Stijn Tintel2017-05-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes CVE-2017-9022, CVE-2017-9023. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* | | | | | | | | | Merge pull request #4381 from commodo/ovs-fixHannu Nyman2017-05-30
|\ \ \ \ \ \ \ \ \ \ | |_|_|_|/ / / / / / |/| | | | | | | | | openvswitch: fix build for ovs python libs & related packages
| * | | | | | | | | openvswitch: disable built-in kernel module buildAlexandru Ardelean2017-05-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since we're using the kernel's module, this is un-necessary. Should speed up the build a bit. Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
| * | | | | | | | | openvswitch: fix build for ovs python libs & related packagesAlexandru Ardelean2017-05-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Admittedly I never used those Python libs. And the setup I was trying it on, did not have the Python interpreter packaged, so these build failures went un-noticed. That's my fault for not trying it out properly on a full LEDE repo, with all packages. Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* | | | | | | | | | net/mosquitto: bump to 1.4.12 for CVE-2017-7650Karl Palsson2017-05-29
| |_|/ / / / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Dot release, primarily due to CVE-2017-7650 but also rolls up some earlier patches. Signed-off-by: Karl Palsson <karlp@etactica.com>
* | | | | | | | | Merge pull request #4379 from val-kulkov/nginx-packageThomas Heil2017-05-28
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | nginx: update to 1.12.0, the latest stable version
| * | | | | | | | | nginx: update to 1.12.0, the latest stable versionVal Kulkov2017-05-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a straightforward update to the latest stable version. Signed-off-by: Val Kulkov <val.kulkov@gmail.com>
* | | | | | | | | | net/dnscrypt-proxy: fix block_ipv6 param in init scriptDamiano Renfer2017-05-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Damiano Renfer <damiano.renfer@gmail.com>
* | | | | | | | | | git: update to 2.13.0Peter Wagner2017-05-27
| |_|_|_|_|/ / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* | | | | | | | | netopeer2-keystored: add new dependencyAntonio Paunovic2017-05-26
| |_|_|/ / / / / |/| | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Antonio Paunovic <antonio.paunovic@sartura.hr>
* | | | | | | | webui-aria2: Bump to 2017-05-21kuoruan2017-05-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: kuoruan <kuoruan@gmail.com>
* | | | | | | | yaaw: Bump to 2017-04-11kuoruan2017-05-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: kuoruan <kuoruan@gmail.com>