aboutsummaryrefslogtreecommitdiff
path: root/net
Commit message (Collapse)AuthorAge
...
* | | | | tailscale: add version testsMichal Vasilek2022-10-13
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
* | | | | tailscale: fix -versionMichal Vasilek2022-10-13
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | tailscale version, tailscaled -version and the web UI reported the wrong version number which doesn't cause any issues, but it can be confusing. This is fixed by specifying the version in go ldflags similar to how it's done in many other go packages and the official tailscale Dockerfile. version.Long version can not be specified in GO_PKG_LDFLAGS_X because it contains a space and GO_PKG_LDFLAGS_X is always split at a space. Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
* | | | smartdns: update to 1.2022.38.1Nick Peng2022-10-12
| | | | | | | | | | | | | | | | Signed-off-by: Nick Peng <pymumu@gmail.com>
* | | | arp-scan: update to latest 1.9.8 releaseAndrew Sim2022-10-12
| |_|/ |/| | | | | | | | | | | | | | | | | | | | | | | Maintainer: Sergey Urushkin urusha.v1.0@gmail.com Compile tested: mediatek:mt7622 Run tested: mediatek:mt7622 Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
* | | stunnel: update version to 5.66Florian Eckert2022-10-10
| | | | | | | | | | | | Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* | | curl: error out if wolfSSL is not usablePetr Štetiar2022-10-10
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we explicitly declare, that we would like to have curl built with wolfSSL support using `--with-wolfssl` configure option, then we should make sure, that we either endup with curl having that support, or it shouldn't be available at all, otherwise we risk, that we end up with regressions like following: configure:25299: checking for wolfSSL_Init in -lwolfssl configure:25321: x86_64-openwrt-linux-musl-gcc -o conftest [snip] In file included from target-x86_64_musl/usr/include/wolfssl/wolfcrypt/dsa.h:33, from target-x86_64_musl/usr/include/wolfssl/wolfcrypt/asn_public.h:35, from target-x86_64_musl/usr/include/wolfssl/ssl.h:35, from conftest.c:47: target-x86_64_musl/usr/include/wolfssl/wolfcrypt/integer.h:37:14: fatal error: wolfssl/wolfcrypt/sp_int.h: No such file or directory #include <wolfssl/wolfcrypt/sp_int.h> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ compilation terminated. and in the end thus produce curl without https support: curl: (1) Protocol "https" not supported or disabled in libcurl So fix it, by making the working wolfSSL mandatory and error out in configure step when that's not the case: checking for wolfSSL_Init in -lwolfssl... no configure: error: --with-wolfssl but wolfSSL was not found or doesn't work References: #19005, #19547 Upstream-Status: Accepted [https://github.com/curl/curl/pull/9682] Signed-off-by: Petr Štetiar <ynezz@true.cz>
* | unbound: update control cert uci processingRob Ekl2022-10-09
| | | | | | | | Signed-off-by: Rob Ekl <ekl.rob@gmail.com>
* | Merge pull request #19451 from graysky2/rsyncfixAlexandru Ardelean2022-10-09
|\ \ | | | | | | rsync: incorporate upstream fixes
| * | rsync: incorporate upstream fixesJohn Audia2022-09-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | Upstream is requesting that packagers cherry-pick two commits to fix the current release.[1] 1. https://www.mail-archive.com/rsync@lists.samba.org/msg33576.html Signed-off-by: John Audia <therealgraysky@proton.me>
* | | Merge pull request #19546 from PolynomialDivision/update-iperf3Alexandru Ardelean2022-10-09
|\ \ \ | | | | | | | | iperf3: update to 3.12
| * | | iperf3: update to 3.12Nick Hainke2022-10-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Release Notes: https://groups.google.com/g/iperf-dev/c/_DgSWrpl9Gk?pli=1 Signed-off-by: Nick Hainke <vincent@systemli.org>
* | | | cloudflared: Update to 2022.10.0Tianling Shen2022-10-08
| | | | | | | | | | | | | | | | Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | | Merge pull request #19529 from blocktrron/qcsuperDavid Bauer2022-10-08
|\ \ \ \ | | | | | | | | | | qcsuper: add Package w/ necessary dependencies
| * | | | qcsuper: add packageDavid Bauer2022-10-06
| | | | | | | | | | | | | | | | | | | | Signed-off-by: David Bauer <mail@david-bauer.net>
* | | | | Merge pull request #19543 from stangri/master-https-dns-proxyStan Grishin2022-10-07
|\ \ \ \ \ | | | | | | | | | | | | https-dns-proxy: update to 2022-08-12-1
| * | | | | https-dns-proxy: update to 2022-08-12-1Stan Grishin2022-10-07
| | |/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * update to upstream version 2022-08-12 * add ca_certs_file option for CA certs file for curl * add procd_add_interface_trigger for wan6 (hopefully fixes https://github.com/openwrt/packages/issues/19531) Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | | | | samba4: remove duplicate entry from libldb-fix-musl-libc-unkown-type-error.patchAndrew Sim2022-10-07
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
* | | | | samba4: update to 4.17.0Andrew Sim2022-10-07
|/ / / / | | | | | | | | | | | | Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
* | | | snowflake: update to version 2.3.1Daniel Golle2022-10-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | 03b2b56f Fix broker race condition 36f03dfd Record proxy type for proxy relay stats Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* | | | gnunnet: halt build if any command failsEneas U de Queiroz2022-10-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There are many places in the packages' install recipes whith multiple commands being executed in the same shell invocation, separated with a semicolon (;). The return status will depend only on the last command being run. The same thing happens in loops, where only the last file will determine the result of the command. Change the ';' to '&&', and exit the loop if any operation fails. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* | | | gnunnet: don't copy non-existing filesEneas U de Queiroz2022-10-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There are six places pointing to files that do not exist any more: - gns-import.sh in package gnunet-gns (dropped in v0.11.0) - libgnunetdnsstub.so* in gnunet-vpn (integrated into util in v0.11.0) - libgnunettun.so* in gnunet-vpn (integrated into util in v0.11.0) - gnunet-service-ats-new in package gnunet (dropped in v0.12.0) - libgnunetreclaimattribute.so.* (integrated into reclaim in v0.13.0) - libgnunetabe.so.* in gnunet-reclaim (dropped in v0.17.2) They were not noticed because their failing copy commands were part of loops in which only the last operation had its exit status checked. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* | | | gnunet: gnunet-rest: add libjose dependencyEneas U de Queiroz2022-10-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | According to the package's configure.ac, reclaimID OpenID Connect plugin depends on jose. It is installed by the gnunet-rest plugin package: libgnunnetrest_openid_connect.so. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* | | | acme: remove help info of unused commandGlen Huang2022-10-06
| | | | | | | | | | | | | | | | Signed-off-by: Glen Huang <i@glenhuang.com>
* | | | acme: fix acmesh dnsapi dependenciesGlen Huang2022-10-06
|/ / / | | | | | | | | | Signed-off-by: Glen Huang <i@glenhuang.com>
* | | Merge pull request #19532 from ↵Philip Prindeville2022-10-05
|\ \ \ | | | | | | | | | | | | | | | | pprindeville/isc-dhcp-drop-gratuitous-named-reload isc-dhcp: avoid gratuitous reload of named
| * | | isc-dhcp: avoid gratuitous reload of namedPhilip Prindeville2022-10-05
| | | | | | | | | | | | | | | | Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* | | | lighttpd: remove deprecated modulesGlenn Strauss2022-10-05
| | | | | | | | | | | | | | | | Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
* | | | Merge pull request #19520 from dyarkovoy/masterFlorian Eckert2022-10-05
|\ \ \ \ | | | | | | | | | | mwan3: support offload routing modifier
| * | | | mwan3: support offload routing modifierDenys Yarkovyi2022-10-05
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Denys Yarkovyi <dyarkovoy@gmail.com>
* | | | | https-dns-proxy: add settings for canary domainsStan Grishin2022-10-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * add setting to enable/disable blocking access to iCloud Private Relay resolvers * add setting to enable/disable blocking access to Mozilla resolvers * rename variables loaded from config in the init script Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | | | | https-dns-proxy: bugfix: prevent canary domains duplicatesStan Grishin2022-10-04
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | | | | treewide: fix security issues by bumping all packages using libwolfsslPetr Štetiar2022-10-04
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As wolfSSL is having hard time maintaining ABI compatibility between releases, we need to manually force rebuild of packages depending on libwolfssl and thus force their upgrade. Otherwise due to the ABI handling we would endup with possibly two libwolfssl libraries in the system, including the patched libwolfssl-5.5.1, but still have vulnerable services running using the vulnerable libwolfssl-5.4.0. So in order to propagate update of libwolfssl to latest stable release done in commit ec8fb542ec3e4 ("wolfssl: fix TLSv1.3 RCE in uhttpd by using 5.5.1-stable (CVE-2022-39173)") which fixes several remotely exploitable vulnerabilities, we need to bump PKG_RELEASE of all packages using wolfSSL library. Same bump has been done in buildroot in commit f1b7e1434f66 ("treewide: fix security issues by bumping all packages using libwolfssl"). Signed-off-by: Petr Štetiar <ynezz@true.cz>
* | | | Merge pull request #19501 from stangri/master-simple-adblockStan Grishin2022-10-03
|\ \ \ \ | | | | | | | | | | simple-adblock: allow domains bugfix & canary domains support
| * | | | simple-adblock: allow domains bugfix & canary domains supportStan Grishin2022-10-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * fix bug in download_lists and adb_allow to prevent unintended exclisions from the block-lists of domains containing allowed domain. Fixes issue: https://github.com/stangri/source.openwrt.melmac.net/issues/160 * add support for returning NXDOMAIN/blocking iCloud & Mozilla canary domains, disabled by default Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | | | | samba4: update waf-cross-answersAndrew Sim2022-10-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * update waf-cross-answers for 4.14.x Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
* | | | | samba4: update to 4.14.14Andrew Sim2022-10-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * update to 4.14.14 * fixes: CVE-2022-2031, CVE-2022-32744, CVE-2022-32745, CVE-2022-32746, CVE-2022-32742 Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
* | | | | gg: Update to 0.2.13Tianling Shen2022-10-02
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | | | dnsproxy: Update to 0.45.2Tianling Shen2022-10-02
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | | | cloudflared: Update to 2022.9.1Tianling Shen2022-10-02
|/ / / / | | | | | | | | | | | | Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | | https-dns-proxy: uci wrappers & iCloud canary domainsStan Grishin2022-09-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * switch to using uci wrappers instead of direct uci calls * add support for iCloud canary domains https://developer.apple.com/support/prepare-your-network-for-icloud-private-relay Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | | | Merge pull request #19447 from turris-cz/unboundJosef Schlehofer2022-09-29
|\ \ \ \ | | | | | | | | | | unbound: update to version 1.16.3
| * | | | unbound: update to version 1.16.3Josef Schlehofer2022-09-25
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog: https://www.nlnetlabs.nl/projects/unbound/download/#unbound-1-16-3 - Fixes: CVE-2022-3204 Refreshed one patch Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
* | | | ddns-scripts: add explicit "-d" switch for Dry RunRafał Miłecki2022-09-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It was a bit confusing to use *verbosity* level for Dry Run mode. Add explicity switch for it and designed DRY_RUN variable to make code easier to understand. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* | | | ddns-scripts: rename variable: s/ERR_UPDATE/RETRY_COUNT/Rafał Miłecki2022-09-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Rename variable to make code easier to understand. This variable specifies how many times in row ddns script tried to update IP without a success. Previous name ("ERR_UPDATE") didn't suggest it was for counting anything. It also didn't specify was error was it related to. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* | | | ddns-scripts: replace IP type (name) "local" with "current"Rafał Miłecki2022-09-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Local suggests something related to the local network or available locally only. All that code related to the "local" IP was actually dealing with *current* device external IP address. Using name "current" should make code a bit easier to understand. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* | | | ddns-scripts: rename variable: s/retry_count/retry_max_count/Rafał Miłecki2022-09-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Rename variable to make code easier to understand. This variable specifies how many times ddns script should try to send a request. Previous name ("retry_count") suggested it was for *counting* attempts. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* | | | Merge pull request #19448 from stangri/master-simple-adblockStan Grishin2022-09-27
|\ \ \ \ | | | | | | | | | | simple-adblock: update to 1.9.1-1
| * | | | simple-adblock: update to 1.9.1-1Stan Grishin2022-09-25
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * remove obsolete block-lists from config * add removal of obsolete lists to config-update * add AdGuard team's block-list to config * improve allow command * improve nftset support * move config load to uci_load_validate, which required some code refactoring which looks dramatic, but isn't * always use dnsmasq_restart instead of dnsmasq_hup for all dns resolution options for dnsmasq Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | | | Merge pull request #19460 from stangri/master-curlStan Grishin2022-09-26
|\ \ \ \ | | | | | | | | | | curl: bugfix: github source url
| * | | | curl: bugfix: github source urlStan Grishin2022-09-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * fixes https://github.com/openwrt/packages/issues/19456 Signed-off-by: Stan Grishin <stangri@melmac.ca>
Powered by cgit, Themed by Ted Yin.