aboutsummaryrefslogtreecommitdiff
path: root/net
Commit message (Collapse)AuthorAge
* python: Use locked for host pipJeffery To2020-08-31
| | | | | | | This also removes PKG_BUILD_PARALLEL:=0 that was added for packages that use HOST_PYTHON3_PACKAGE_BUILD_DEPENDS. Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* mstpd: fix compilation with uClibc-ngRosen Penev2020-08-31
| | | | | | bcopy/bzero are no longer available. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* Merge pull request #13227 from neheb/slhhRosen Penev2020-08-30
|\ | | | | sslh: update to 1.21c
| * sslh: update to 1.21cRosen Penev2020-08-27
| | | | | | | | | | | | Refresh patches. Remove now pointless format patch. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | Merge pull request #13253 from liudf0716/apfree-wifidogRosen Penev2020-08-30
|\ \ | | | | | | apfree-wifidog: update to 4.08.1771
| * | apfree-wifidog: update to 4.08.1771Dengfeng Liu2020-08-31
| | | | | | | | | | | | Signed-off-by: Dengfeng Liu <dfliuc@isoftstone.com>
* | | Merge pull request #13223 from mikebaz/masterStijn Tintel2020-08-30
|\ \ \ | | | | | | | | strongswan: add left and mark configuration to UCI
| * | | strongswan: add left and mark configuration to UCIMichael C. Bazarewsky2020-08-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit allows for UCI configuration of the "left=" and the "mark=" values in a StrongSwan IPSec connection. This improves VTI support and allows certain stricter connection scenarios. Signed-off-by: Michael C. Bazarewsky <github@bazstuff.com>
* | | | Merge pull request #13221 from yousong/ocNikos Mavrogiannopoulos2020-08-30
|\ \ \ \ | | | | | | | | | | openconnect: allow disable dtls with bool option no_dtls
| * | | | openconnect: allow disable dtls with bool option no_dtlsYousong Zhou2020-08-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | openconnect may emit following error logs every minute when negotiating with deployments forbidding usage of dtls Thu Aug 27 04:11:59 2020 daemon.notice openconnect[12024]: DTLS handshake failed: Error in the push function. Thu Aug 27 04:11:59 2020 daemon.notice openconnect[12024]: (Is a firewall preventing you from sending UDP packets?) Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
| * | | | openconnect: break each var into its own line in orderYousong Zhou2020-08-27
| |/ / / | | | | | | | | | | | | | | | | | | | | For easier review Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* | / / isc-dhcp: add support for RFC-3442 classless IPv4 routesPhilip Prindeville2020-08-28
| |/ / |/| | | | | | | | Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* | | lftp: update to 4.9.2Rosen Penev2020-08-27
| |/ |/| | | | | | | | | Remove upstreamed patch. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | Merge pull request #13218 from neheb/waveRosen Penev2020-08-27
|\ \ | | | | | | wavemon: fix compilation with glibc
| * | wavemon: fix compilation with glibcRosen Penev2020-08-26
| | | | | | | | | | | | | | | | | | -lpthread is needed. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | | Merge pull request #13220 from aaronjg/openfortivpn/config-varname-fixRosen Penev2020-08-27
|\ \ \ | |_|/ |/| | openfortivpn: use more standard config option names
| * | openfortivpn: use more standard config option namesAaron Goodman2020-08-26
| |/ | | | | | | | | | | | | | | | | change 'server' to 'peeraddr' change 'iface_name' to 'tunlink' fix some indentation issues Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
* | ovn: include ovn-appctlYousong Zhou2020-08-27
| | | | | | | | | | | | | | | | | | Required by ovn-ctl for stopping ovn ovsdb instances This utility was introduced since 20.03.0 after the project was maintained in its own repo Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* | curl: add optional zlib supportTony Butler2020-08-26
| | | | | | | | | | | | | | | | | | | | | | | | | | Package libcurl is missing dependencies for the following libraries: libzstd.so.1 Previous patch by Hans Dedecker <dedeckeh@gmail.com> took the easy way out :) Suggested-by: Syrone Wong <wong.syrone@gmail.com> Signed-off-by: Tony Butler <spudz76@gmail.com> [fixed title] Signed-off-by: Paul Spooren <mail@aparcar.org>
* | curl: Use wolfssl by defaultHauke Mehrtens2020-08-26
| | | | | | | | | | | | | | | | Instead of using mbedtls by default use wolfssl. We now integrate wolfssl in the default build so use it also as default ssl library for curl. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* | curl: Fix build with wolfsslHauke Mehrtens2020-08-26
| | | | | | | | | | | | | | | | | | Backport a commit from upstream curl to fix a problem in configure with wolfssl. checking size of time_t... configure: error: cannot determine a size for time_t Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* | curl: add package (previously in base)Paul Spooren2020-08-26
|/ | | | | | | Move package over from openwrt.git based on the Hamburg 2019 decision that non essential packages should be maintained in packages.git Signed-off-by: Paul Spooren <mail@aparcar.org>
* dawn: bump versionNick Hainke2020-08-26
| | | | | | | Includes: - datastorage: fix hearingmap not synced Signed-off-by: Nick Hainke <vincent@systemli.org>
* Merge pull request #13139 from aaronjg/openfortivpn/ppp-netifd-fixRosen Penev2020-08-25
|\ | | | | openfortivpn: fix routes passed to netifd
| * openfortivpn: fix routes passed to netifdAaron Goodman2020-08-22
| | | | | | | | | | | | | | | | | | | | The openfortivpn routes are a bit different than the standard ppp routes so we need to handle them with a custom ppp-up script. Gateway should not be set, and src should be set to the PPP local ip address. Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
* | ovn: bump to version 20.06.2Yousong Zhou2020-08-25
| | | | | | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* | openvswitch: bump to version 2.14.0Yousong Zhou2020-08-25
| | | | | | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* | sshtunnel: correct access of config fileRosen Penev2020-08-24
| | | | | | | | | | | | | | With this change the `/etc/config/sshtunnel` file has the correct access. It's a sensible file. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | Merge pull request #12762 from ngrsdhbw/feature_ddns_cloudflare_bearerRosen Penev2020-08-24
|\ \ | | | | | | ddns-scripts: Support Bearer Token for Cloudflare
| * | ddns-scripts: cloudflare.com-v4: Simplify Bearer Token supportNorman Gehrsitz2020-08-18
| | | | | | | | | | | | Signed-off-by: Norman Gehrsitz <gehrsitz.norman@student.dhbw-kahlsruhe.de>
* | | Merge pull request #13193 from sartura/sysrepoRosen Penev2020-08-24
|\ \ \ | | | | | | | | Update sysrepo, libyang, libnetconf2 and netopeer2 packages to latest versions
| * | | netopeer2: update to 1.1.39Jakov Smolic2020-08-22
| | | | | | | | | | | | | | | | Signed-off-by: Jakov Smolic <jakov.smolic@sartura.hr>
| * | | sysrepo: update to 1.4.70Jakov Smolic2020-08-22
| | | | | | | | | | | | | | | | Signed-off-by: Jakov Smolic <jakov.smolic@sartura.hr>
* | | | Merge pull request #13174 from neheb/davRosen Penev2020-08-24
|\ \ \ \ | | | | | | | | | | davfs2: update to 1.6.0
| * | | | davfs2: update to 1.6.0Rosen Penev2020-08-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Removed now unnecessary gcc10 patch. Removed neon patch. It's now upstream. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | | | | Merge pull request #13192 from peter-stadler/nginxRosen Penev2020-08-23
|\ \ \ \ \ | | | | | | | | | | | | nginx: update to version 1.19.2
| * | | | | nginx: update to version 1.19.2Peter Stadler2020-08-22
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at>
* | | | | | bind: New upstream version 9.16.6Noah Meyerhans2020-08-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Several security issures are addressed: - CVE-2020-8620 It was possible to trigger an assertion failure by sending a specially crafted large TCP DNS message. - CVE-2020-8621 named could crash after failing an assertion check in certain query resolution scenarios where QNAME minimization and forwarding were both enabled. To prevent such crashes, QNAME minimization is now always disabled for a given query resolution process, if forwarders are used at any point. - CVE-2020-8622 It was possible to trigger an assertion failure when verifying the response to a TSIG-signed request. - CVE-2020-8623 When BIND 9 was compiled with native PKCS#11 support, it was possible to trigger an assertion failure in code determining the number of bits in the PKCS#11 RSA public key with a specially crafted packet. - CVE-2020-8624 update-policy rules of type subdomain were incorrectly treated as zonesub rules, which allowed keys used in subdomain rules to update names outside of the specified subdomains. The problem was fixed by making sure subdomain rules are again processed as described in the ARM. Full release notes are available at https://ftp.isc.org/isc/bind9/9.16.6/doc/arm/html/notes.html#notes-for-bind-9-16-6 Signed-off-by: Noah Meyerhans <frodo@morgul.net>
* | | | | | Merge PR #13179 via local branch.Michael Heimpold2020-08-23
|\ \ \ \ \ \
| * | | | | | net/u2pnpd: convert init to procdKarl Palsson2020-08-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Drops pid files, no longer needed with procd management. Now properly reloads on reload_config after UCI changes. Signed-off-by: Karl Palsson <karlp@etactica.com> [ Fixed two shellcheck warnings and bump PKG_RELEASE ] Signed-off-by: Michael Heimpold <mhei@heimpold.de>
* | | | | | | Merge pull request #13137 from neheb/iscRosen Penev2020-08-23
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | isc-dhcp: fix compilation with GCC 10
| * | | | | | | isc-dhcp: fix compilation with GCC 10Rosen Penev2020-08-15
| | |_|_|_|_|/ | |/| | | | | | | | | | | | | | | | | | | Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | | | | | | Merge pull request #13191 from Foxtrot/add-fakepopRosen Penev2020-08-23
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | fakepop: add new package
| * | | | | | | fakepop: Fix PKG_LICENSE, remove libc dependencyMarc Egerton2020-08-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Marc Egerton <foxtrot@realloc.me>
| * | | | | | | fakepop: new packageMarc Egerton2020-08-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fakepop is a fake pop3 daemon. It returns always the same messages to all users, it does not care about usernames and passwords. All user/pass combinations are accepted. Signed-off-by: Marc Egerton <foxtrot@realloc.me>
* | | | | | | | i2pd: Update to 2.32.1David Yang2020-08-23
| |_|_|/ / / / |/| | | | | | | | | | | | | | | | | | | | Signed-off-by: David Yang <mmyangfl@gmail.com>
* | | | | | | Merge pull request #13097 from lzto/nft-qos-macRosen Penev2020-08-21
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | nft-qos: support mac address based speed limit
| * | | | | | | nft-qos: support mac address based speed limitTong Zhang2020-08-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch makes it possible to configure and limit per-client internet speed based on MAC address and it can work with SQM. This feature is what OpenWRT currently lacks. This patch is largely based on static.sh and the configuration file is similar to original nft-qos. New configuration options and examples are listed below config default 'default' option limit_mac_enable '1' config client option drunit 'kbytes' option urunit 'kbytes' option hostname 'tv-box' option macaddr 'AB:CD:EF:01:23:45' option drate '1000' option urate '50' config client option drunit 'kbytes' option urunit 'kbytes' option hostname 'my-pc' option macaddr 'AB:CD:EF:01:23:46' option drate '3000' option urate '2000' limit_mac_enable - enable rate limit based on MAC address drunit - download rate unit urunit - upload rate unit macaddr - client MAC address drate - download rate urate - upload rate Signed-off-by: Tong Zhang <ztong0001@gmail.com>
* | | | | | | | simple-adblock: bugfix: update config; use command -vStan Grishin2020-08-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Stan Grishin <stangri@melmac.net>
* | | | | | | | Merge pull request #13184 from PolynomialDivision/feature/dawnupdateRosen Penev2020-08-21
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | dawn: bump to latest version
Powered by cgit, Themed by Ted Yin.