cubixle/packages
1
0
Fork 0
mirror of https://github.com/novatiq/packages.git synced 2026-04-30 23:48:39 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge https://github.com/openwrt/packages

Browse Source 
Conflicts:
	net/ipsec-tools/Makefile
This commit is contained in:
aTanW
2015-06-28 17:58:00 +03:00
parent 2564e407d2 9d423ba553
commit f60ca0b30f
805 changed files with 30605 additions and 10373 deletions
Download Patch File Download Diff File Expand all files Collapse all files
net/announce/Makefile
+2 -2
View File
@@ -8,7 +8,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=announce
PKG_VERSION:=1.0
PKG_VERSION:=1.0.1
PKG_RELEASE:=1
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=src/LICENSE.txt
@@ -16,7 +16,7 @@ PKG_MAINTAINER:=Simon Peter <probono@puredarwin.org>
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/probonopd/announce.git
PKG_SOURCE_VERSION:=70d70f998686199deaa5d62b54688c869e237eef
PKG_SOURCE_VERSION:=1368525c7305ca5bb4134242f332344f5f7e94e3
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION)
PKG_SOURCE:=$(PKG_SOURCE_SUBDIR).tar.gz
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_SOURCE_SUBDIR)
net/apinger/Makefile
+67
View File
@@ -0,0 +1,67 @@
#
# Copyright (C) 2006-2014 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=apinger
PKG_VERSION:=0.6.1
PKG_RELEASE=$(PKG_SOURCE_VERSION)
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/Jajcus/apinger.git
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE_VERSION:=c7da72f7ec26eedd7fd8d224c0e10787b204f94e
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
PKG_MAINTAINER:=Alex Samorukov <samm@os2.kiev.ua>
PKG_LICENSE:= GPL-2.0
PKG_FIXUP:=autoreconf
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
define Package/apinger
SECTION:=net
CATEGORY:=Network
TITLE:=Tool which monitors various IP devices by simple ICMP echo requests
URL:=https://github.com/Jajcus/apinger
PKG_MAINTAINER:=Alex Samorukov <samm@os2.kiev.ua>
endef
define Package/apinger/description
Alarm Pinger (apinger) is a little tool which monitors various IP devices by
simple ICMP echo requests. There are various other tools, that can do this,
but most of them are shell or perl scripts, spawning many processes, thus much
CPU-expensive, especially when one wants continuous monitoring and fast
response on target failure. Alarm Pinger is a single program written in C, so
it doesn't need much CPU power even when monitoring many targets with frequent
probes. Alarm Pinger supports both IPv4 and IPv6. The code have been tested
on Linux and FreeBSD.
endef
define Package/apinger/conffiles
/etc/apinger.conf
endef
define Build/Configure
$(call Build/Configure/Default)
endef
define Package/apinger/install
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/apinger $(1)/usr/sbin/
$(INSTALL_DIR) $(1)/etc
$(INSTALL_DATA) $(PKG_BUILD_DIR)/src/apinger.conf $(1)/etc/apinger.conf
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/apinger.init $(1)/etc/init.d/apinger
endef
$(eval $(call BuildPackage,apinger))
net/apinger/files/apinger.init
+18
View File
@@ -0,0 +1,18 @@
#!/bin/sh /etc/rc.common
# Copyright (C) 2006-2011 OpenWrt.org
START=80
SERVICE_USE_PID=1
start() {
service_start /usr/sbin/apinger
}
stop() {
service_stop /usr/sbin/apinger
}
reload() {
service_reload /usr/sbin/apinger
}
net/apinger/patches/001-autoreconf.patch
+13
View File
@@ -0,0 +1,13 @@
--- apinger-0.6.1/acinclude.m4 2003-10-21 12:44:48.000000000 +0000
+++ apinger-0.6.1/acinclude.m4 2015-04-08 15:27:37.451903960 +0000
@@ -39,9 +39,7 @@
[$jk_inet_includes
$jk_icmp_includes])
-AC_CHECK_MEMBERS([struct icmp.icmp_type, struct icmp.icmp_code,\
-struct icmp.icmp_cksum, struct icmp.icmp_seq,\
-struct icmp.icmp_id],[],
+AC_CHECK_MEMBERS([struct icmp.icmp_type, struct icmp.icmp_code,struct icmp.icmp_cksum, struct icmp.icmp_seq,struct icmp.icmp_id],[],
AC_MSG_ERROR(struct icmp not defined or not compatible),
[$jk_inet_includes
$jk_icmp_includes])
net/apinger/patches/002-run_as_user.patch
+11
View File
@@ -0,0 +1,11 @@
--- apinger-0.6.1/src/apinger.conf.orig 2015-04-08 16:05:24.558919722 +0000
+++ apinger-0.6.1/src/apinger.conf 2015-04-08 16:07:47.089170236 +0000
@@ -9,7 +9,7 @@
## User and group the pinger should run as
user "nobody"
-group "nobody"
+group "nogroup"
## Mailer to use (default: "/usr/lib/sendmail -t")
#mailer "/var/qmail/bin/qmail-inject"
net/apinger/patches/003-no_docs.patch
+11
View File
@@ -0,0 +1,11 @@
--- apinger-0.6.1/Makefile.am.orig 2015-04-08 16:47:40.999990050 +0000
+++ apinger-0.6.1/Makefile.am 2015-04-08 16:48:07.565220137 +0000
@@ -1,7 +1,7 @@
EXTRA_DIST = autogen.sh TODO BUGS
-SUBDIRS = src doc
+SUBDIRS = src
.PHONY: ChangeLog
net/bind/patches/002-autoconf-ar-fix.patch
+29
View File
@@ -0,0 +1,29 @@
--- a/configure.in
+++ b/configure.in
@@ -93,26 +93,11 @@ esac
#
AC_CONFIG_FILES([make/rules make/includes])
-AC_PATH_PROG(AR, ar)
-ARFLAGS="cruv"
-AC_SUBST(AR)
-AC_SUBST(ARFLAGS)
-
# The POSIX ln(1) program. Non-POSIX systems may substitute
# "copy" or something.
LN=ln
AC_SUBST(LN)
-case "$AR" in
- "")
- AC_MSG_ERROR([
-ar program not found. Please fix your PATH to include the directory in
-which ar resides, or set AR in the environment with the full path to ar.
-])
-
- ;;
-esac
-
#
# Etags.
#
net/bridge-utils/Makefile
+59
View File
@@ -0,0 +1,59 @@
#
# Copyright (C) 2006-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
include $(INCLUDE_DIR)/kernel.mk
PKG_NAME:=bridge-utils
PKG_VERSION:=1.5
PKG_RELEASE:=5
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://git.kernel.org/pub/scm/linux/kernel/git/shemminger/bridge-utils.git
PKG_SOURCE_VERSION:=v${PKG_VERSION}
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_LICENSE:=GPL-2.0+
PKG_LICENSE_FILES:=COPYING
PKG_FIXUP:=autoreconf
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
include $(INCLUDE_DIR)/package.mk
define Package/bridge
SECTION:=net
CATEGORY:=Base system
TITLE:=Ethernet bridging configuration utility
URL:=http://bridge.sourceforge.net/
PKG_MAINTAINER:=Nikolay Martynov <mar.kolya@gmail.com>
endef
define Package/bridge/description
Manage ethernet bridging: a way to connect networks together to
form a larger network.
endef
TARGET_CFLAGS += -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE
CONFIGURE_ARGS += \
--with-linux-headers="$(LINUX_DIR)" \
define Package/bridge/install
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/brctl/brctl $(1)/usr/sbin
endef
define Package/bridge/prerm
#!/bin/sh
$${IPKG_INSTROOT}/bin/busybox brctl -h 2>&1 | grep -q BusyBox && \
ln -sf ../../bin/busybox $${IPKG_INSTROOT}/usr/sbin/brctl
exit 0
endef
$(eval $(call BuildPackage,bridge))
net/bridge-utils/patches/001-libbridge_cflags.patch
+11
View File
@@ -0,0 +1,11 @@
--- a/libbridge/Makefile.in
+++ b/libbridge/Makefile.in
@@ -5,7 +5,7 @@ AR=ar
RANLIB=@RANLIB@
CC=@CC@
-CFLAGS = -Wall -g $(KERNEL_HEADERS)
+CFLAGS = -Wall -g @CFLAGS@ $(KERNEL_HEADERS)
prefix=@prefix@
exec_prefix=@exec_prefix@
net/bridge-utils/patches/010-fix_struct_in6_addr_usage.patch
+10
View File
@@ -0,0 +1,10 @@
--- a/libbridge/libbridge.h
+++ b/libbridge/libbridge.h
@@ -20,6 +20,7 @@
#define _LIBBRIDGE_H
#include <sys/socket.h>
+#include <netinet/in.h>
#include <linux/if.h>
#include <linux/if_bridge.h>
net/bridge-utils/patches/100-musl-compat.patch
+11
View File
@@ -0,0 +1,11 @@
--- a/libbridge/libbridge.h
+++ b/libbridge/libbridge.h
@@ -19,6 +19,8 @@
#ifndef _LIBBRIDGE_H
#define _LIBBRIDGE_H
+#include <sys/types.h>
+#include <sys/select.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <linux/if.h>
net/bwm-ng/Makefile
+2 -2
View File
@@ -1,12 +1,12 @@
#
# Copyright (C) 2014 OpenWrt.org
# Copyright (C) 2014-2015 OpenWrt.org
#
include $(TOPDIR)/rules.mk
PKG_NAME:=bwm-ng
PKG_VERSION:=0.6
PKG_RELEASE:=1
PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://www.gropp.org/bwm-ng
net/bwm-ng/patches/0001-fix-gcc-security-build.patch
+11
View File
@@ -0,0 +1,11 @@
--- a/src/output.c
+++ b/src/output.c
@@ -234,7 +234,7 @@ int print_header(int option) {
if (output_method==PLAIN_OUT && ansi_output) printf("\033[1;2H");
printf("bwm-ng v" VERSION " (delay %2.3fs); ",(float)delay/1000);
if (output_method==PLAIN_OUT) printf("press 'ctrl-c' to end this%s",(ansi_output ? "\033[2;2H" : "")); else printf("input: ");
- printf(input2str());
+ printf("%s\n",input2str());
printf("%s\n",show_all_if2str());
if (output_method==PLAIN_OUT) {
if (ansi_output)
net/clamav/Makefile
+120
View File
@@ -0,0 +1,120 @@
#
# Copyright (C) 2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=clamav
PKG_VERSION:=0.98.7
PKG_RELEASE:=1
PKG_LICENSE:=GPL-2.0
PKG_MAINTAINER:=Marko Ratkaj <marko.ratkaj@sartura.hr>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://sourceforge.net/projects/clamav/files/clamav/$(PKG_VERSION)/
PKG_MD5SUM:=157c601161da1c2d5a0e48ea1b49e067
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
include $(INCLUDE_DIR)/uclibc++.mk
include $(INCLUDE_DIR)/package.mk
define Package/clamav/Default
SECTION:=net
DEPENDS:=+libpthread +uclibcxx +zlib +libcurl +libopenssl
CATEGORY:=Network
SUBMENU:=Web Servers/Proxies
TITLE:=ClamAV
URL:=http://www.clamav.net/
endef
define Package/clamav
$(call Package/clamav/Default)
endef
define Package/freshclam
$(call Package/clamav/Default)
DEPENDS+= +clamav
TITLE+=database updater
endef
define Package/clamav/description
ClamAV is an open source antivirus engine for detecting trojans,
viruses, malware & other malicious threats.
endef
define Package/freshclam/description
Database updater for ClamAV
endef
define Package/clamav/conffiles
endef
CONFIGURE_VARS += \
INCLUDES="" \
CXXFLAGS="$$$$CXXFLAGS -fno-rtti" \
LIBS="-lpthread" \
define Build/Configure
$(call Build/Configure/Default, \
--sysconfdir=/etc/clamav/ \
--prefix=/usr/ \
--exec-prefix=/usr/ \
--disable-xml \
--disable-bzip2 \
--enable-ltdl-install \
--with-user nobody \
--with-group nogroup \
)
endef
define Build/Compile
$(MAKE) -C $(PKG_BUILD_DIR) \
DESTDIR="$(PKG_INSTALL_DIR)" \
all install
endef
define Package/clamav/install
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/clamd $(1)/usr/sbin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clamav-config $(1)/usr/sbin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clambc $(1)/usr/sbin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clamconf $(1)/usr/sbin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clamdscan $(1)/usr/sbin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clamscan $(1)/usr/sbin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/sigtool $(1)/usr/sbin/
$(INSTALL_DIR) $(1)/usr/include
$(CP) $(PKG_INSTALL_DIR)/usr/include/clamav.h $(1)/usr/include/
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib*/* $(1)/usr/lib/
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_CONF) ./files/clamav.config $(1)/etc/config/clamav
$(INSTALL_DIR) $(1)/etc/init.d/
$(INSTALL_BIN) ./files/clamav.init $(1)/etc/init.d/clamav
$(INSTALL_DIR) $(1)/usr/share/clamav
$(CP) ./files/bytecode.cvd $(1)/usr/share/clamav/
endef
define Package/freshclam/install
$(INSTALL_DIR) $(1)/usr/sbin
$(CP) $(PKG_INSTALL_DIR)/usr/bin/freshclam $(1)/usr/sbin/
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_CONF) ./files/freshclam.config $(1)/etc/config/freshclam
$(INSTALL_DIR) $(1)/etc/init.d/
$(INSTALL_BIN) ./files/freshclam.init $(1)/etc/init.d/freshclam
endef
$(eval $(call BuildPackage,clamav))
$(eval $(call BuildPackage,freshclam))
net/clamav/files/bytecode.cvd
BIN
View File
Binary file not shown.
net/clamav/files/clamav.config
+34
View File
@@ -0,0 +1,34 @@
config clamav 'clamav'
option clamd_config_file '/etc/clamav/clamd.conf'
option LogFile '/tmp/clamd.log'
option LogFileMaxSize '1M'
option LogTime 'no'
option LogVerbose 'no'
option ExtendedDetectionInfo 'no'
option OfficialDatabaseOnly 'no'
option StreamMinPort '1024'
option StreamMaxPort '2048'
option MaxThreads '10'
option ReadTimeout '30'
option CommandReadTimeout '5'
option MaxDirectoryRecursion '15'
option FollowDirectorySymlinks 'no'
option FollowFileSymlinks 'no'
option SelfCheck '600'
option DetectPUA 'yes'
option ScanPE 'yes'
option DisableCertCheck 'no'
option ScanELF 'yes'
option DetectBrokenExecutables 'no'
option ScanOLE2 'yes'
option ScanPDF 'yes'
option ScanSWF 'yes'
option ScanMail 'yes'
option ScanPartialMessages 'no'
option ScanArchive 'yes'
option ArchiveBlockEncrypted 'yes'
option MaxFileSize '10M'
option TemporaryDirectory '/tmp'
option LocalSocket '/var/run/clamav/clamd.sock'
option User 'nobody'
option ExitOnOOM 'yes'
net/clamav/files/clamav.init
+116
View File
@@ -0,0 +1,116 @@
#!/bin/sh /etc/rc.common
# Copyright (C) 2015 OpenWrt.org
START=90
STOP=10
USE_PROCD=1
PROG=/usr/sbin/clamd
CLAMD_CONFIGFILE="/tmp/clamav/clamd.conf"
validate_clamav_section() {
uci_validate_section clamav clamav "${1}" \
'clamd_config_file:string' \
'LogFile:string' \
'LogFileMaxSize:string' \
'LogVerbose:string' \
'ExtendedDetectionInfo:string' \
'LogTime:string' \
'OfficialDatabaseOnly:string' \
'StreamMinPort:uinteger' \
'StreamMaxPort:uinteger' \
'MaxThreads:uinteger' \
'ReadTimeout:uinteger' \
'CommandReadTimeout:uinteger' \
'MaxDirectoryRecursion:uinteger' \
'FollowDirectorySymlinks:string' \
'FollowFileSymlinks:string' \
'SelfCheck:uinteger' \
'DetectPUA:string' \
'ScanPE:string' \
'DisableCertCheck:string' \
'ScanELF:string' \
'DetectBrokenExecutables:string' \
'ScanOLE2:string' \
'ScanPDF:string' \
'ScanSWF:string' \
'ScanMail:string' \
'ScanPartialMessages:string' \
'ScanArchive:string' \
'TemporaryDirectory:string' \
'ArchiveBlockEncrypted:string' \
'MaxFileSize:string' \
'LocalSocket:string' \
'User:string' \
'ExitOnOOM:string'
}
start_service() {
local clamd_config_file LogFile LogTime StreamMinPort \
StreamMaxPort MaxThreads ReadTimeout CommandReadTimeout MaxDirectoryRecursion \
FollowFileSymlinks FollowDirectorySymlinks SelfCheck DetectPUA ScanPE DisableCertCheck \
ScanELF DetectBrokenExecutables ScanOLE2 ScanPDF ScanSWF ScanMail ScanPartialMessages \
ScanArchive TemporaryDirectory ArchiveBlockEncrypted MaxFileSize LocalSocket User
validate_clamav_section clamav || {
echo "validation failed"
return 1
}
mkdir -p /usr/share/clamav
mkdir -p /etc/clamav/
mkdir -p /var/run/clamav/
chmod a+rw /var/run/clamav
mkdir -p $(dirname $CLAMD_CONFIGFILE)
ln -sf $clamd_config_file $CLAMD_CONFIGFILE
echo "LogFile " $LogFile > $CLAMD_CONFIGFILE
echo "LogFileMaxSize " $LogFileMaxSize >> $CLAMD_CONFIGFILE
echo "LogVerbose " $LogVerbose >> $CLAMD_CONFIGFILE
echo "ExtendedDetectionInfo " $ExtendedDetectionInfo >> $CLAMD_CONFIGFILE
echo "LogTime " $LogTime >> $CLAMD_CONFIGFILE
echo "OfficialDatabaseOnly " $OfficialDatabaseOnly >> $CLAMD_CONFIGFILE
echo "StreamMinPort " $StreamMinPort >> $CLAMD_CONFIGFILE
echo "StreamMaxPort " $StreamMaxPort >> $CLAMD_CONFIGFILE
echo "MaxThreads " $MaxThreads >> $CLAMD_CONFIGFILE
echo "ReadTimeout " $ReadTimeout >> $CLAMD_CONFIGFILE
echo "CommandReadTimeout " $CommandReadTimeout >> $CLAMD_CONFIGFILE
echo "MaxDirectoryRecursion " $MaxDirectoryRecursion >> $CLAMD_CONFIGFILE
echo "FollowDirectorySymlinks " $FollowDirectorySymlinks >> $CLAMD_CONFIGFILE
echo "FollowFileSymlinks " $FollowFileSymlinks >> $CLAMD_CONFIGFILE
echo "SelfCheck " $SelfCheck >> $CLAMD_CONFIGFILE
echo "DetectPUA " $DetectPUA >> $CLAMD_CONFIGFILE
echo "ScanPE " $ScanPE >> $CLAMD_CONFIGFILE
echo "DisableCertCheck " $DisableCertCheck >> $CLAMD_CONFIGFILE
echo "ScanELF " $ScanELF >> $CLAMD_CONFIGFILE
echo "DetectBrokenExecutables " $DetectBrokenExecutables >> $CLAMD_CONFIGFILE
echo "ScanOLE2 " $ScanOLE2 >> $CLAMD_CONFIGFILE
echo "ScanPDF " $ScanPDF >> $CLAMD_CONFIGFILE
echo "ScanSWF " $ScanSWF >> $CLAMD_CONFIGFILE
echo "ScanMail " $ScanMail >> $CLAMD_CONFIGFILE
echo "ScanPartialMessages " $ScanPartialMessages >> $CLAMD_CONFIGFILE
echo "ScanArchive " $ScanArchive >> $CLAMD_CONFIGFILE
echo "TemporaryDirectory " $TemporaryDirectory >> $CLAMD_CONFIGFILE
echo "ArchiveBlockEncrypted " $ArchiveBlockEncrypted >> $CLAMD_CONFIGFILE
echo "MaxFileSize " $MaxFileSize >> $CLAMD_CONFIGFILE
echo "LocalSocket " $LocalSocket >> $CLAMD_CONFIGFILE
echo "User " $User >> $CLAMD_CONFIGFILE
echo "ExitOnOOM " $ExitOnOOM >> $CLAMD_CONFIGFILE
procd_open_instance
procd_set_param command $PROG -c $CLAMD_CONFIGFILE
procd_set_param file $CLAMD_CONFIGFILE
procd_close_instance
}
stop_service()
{
service_stop ${PROG}
}
service_triggers()
{
procd_add_reload_trigger "clamav"
procd_add_validation validate_clamav_section
}
net/clamav/files/freshclam.config
+7
View File
@@ -0,0 +1,7 @@
config freshclam 'freshclam'
option freshclam_config_file '/etc/clamav/freshclam.conf'
option UpdateLogFile '/tmp/freshclam.log'
option DatabaseMirror 'database.clamav.net'
option NotifyClamd '/etc/clamav/clamd.conf'
option DatabaseOwner 'root'
option CompressLocalDatabase 'yes'
net/clamav/files/freshclam.init
+63
View File
@@ -0,0 +1,63 @@
#!/bin/sh /etc/rc.common
# Copyright (C) 2015 OpenWrt.org
START=90
STOP=10
USE_PROCD=1
PROG=/usr/sbin/freshclam
FRESHCLAM_CONFIGFILE="/tmp/clamav/freshclam.conf"
validate_freshclam_section() {
uci_validate_section freshclam freshclam "${1}" \
'freshclam_config_file:string' \
'UpdateLogFile:string' \
'DatabaseMirror:string' \
'NotifyClamd:string' \
'DatabaseOwner:string' \
'CompressLocalDatabase:string:'
}
start_service() {
local freshclam_config_file UpdateLogFile DatabaseOwner NotifyClamd DatabaseMirror
validate_freshclam_section freshclam || {
echo "validation failed"
return 1
}
[ -f /tmp/freshclam.pid ] && echo "already running" && return 0
mkdir -p /usr/share/clamav
mkdir -p /etc/clamav
touch /tmp/freshclam.log
touch /tmp/freshclam.pid
mkdir -p $(dirname $FRESHCLAM_CONFIGFILE)
ln -sf $freshclam_config_file $FRESHCLAM_CONFIGFILE
echo "UpdateLogFile " $UpdateLogFile > $FRESHCLAM_CONFIGFILE
echo "DatabaseMirror " $DatabaseMirror >> $FRESHCLAM_CONFIGFILE
echo "NotifyClamd " $NotifyClamd >> $FRESHCLAM_CONFIGFILE
echo "DatabaseOwner " $DatabaseOwner >> $FRESHCLAM_CONFIGFILE
echo "CompressLocalDatabase " $CompressLocalDatabase >> $FRESHCLAM_CONFIGFILE
procd_open_instance
procd_set_param command $PROG -d --config-file=$FRESHCLAM_CONFIGFILE -p /tmp/freshclam.pid --no-warnings
procd_set_param file $FRESHCLAM_CONFIGFILE
procd_close_instance
}
stop_service()
{
[ ! -f /tmp/freshclam.pid ] && echo "not running" && return 0
PID=`cat /tmp/freshclam.pid`
kill $PID
rm -f /tmp/freshclam.pid
}
service_triggers()
{
procd_add_reload_trigger "freshclam"
procd_add_validation validate_freshclam_section
}
net/clamav/patches/001-compile.patch
+10
View File
@@ -0,0 +1,10 @@
--- a/clamdscan/proto.c
+++ b/clamdscan/proto.c
@@ -55,6 +55,7 @@
#include "shared/misc.h"
#include "shared/clamdcom.h"
+#include <sys/un.h>
#include "proto.h"
#include "client.h"
net/coova-chilli/Makefile
+48 -3
View File
@@ -12,7 +12,7 @@ PKG_VERSION:=1.3.0+20141128
PKG_MAINTAINER:=Imre Kaloz <kaloz@openwrt.org>
PKG_LICENSE:=GPL-2.0+
PKG_LICENSE_FILES:=COPYING
PKG_RELEASE:=1
PKG_RELEASE:=2
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=git://github.com/coova/coova-chilli
@@ -36,6 +36,7 @@ PKG_CONFIG_DEPENDS := \
COOVACHILLI_OPENSSL
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/kernel.mk
define Package/coova-chilli
SUBMENU:=Captive Portals
@@ -61,6 +62,38 @@ define Package/coova-chilli/config
source "$(SOURCE)/Config.in"
endef
define KernelPackage/ipt-coova
URL:=http://www.coova.org/CoovaChilli
SUBMENU:=Netfilter Extensions
DEPENDS:=coova-chilli +kmod-ipt-core +libxtables
TITLE:=Coova netfilter module
FILES:=$(PKG_BUILD_DIR)/src/linux/xt_*.$(LINUX_KMOD_SUFFIX)
AUTOLOAD:=$(call AutoProbe,xt_coova)
endef
define KernelPackage/ipt-coova/description
Netfilter kernel module for CoovaChilli
Includes:
- coova
endef
DISABLE_NLS=
TARGET_CFLAGS += $(FPIC)
CONFIGURE_VARS += \
ARCH="$(LINUX_KARCH)" \
KERNEL_DIR="$(LINUX_DIR)"
MAKE_FLAGS += \
ARCH="$(LINUX_KARCH)" \
KERNEL_DIR="$(LINUX_DIR)"
MAKE_INSTALL_FLAGS += \
ARCH="$(LINUX_KARCH)" \
KERNEL_DIR="$(LINUX_DIR)" \
INSTALL_MOD_PATH="$(PKG_INSTALL_DIR)"
define Build/Prepare
$(call Build/Prepare/Default)
( cd $(PKG_BUILD_DIR) ; \
@@ -80,13 +113,14 @@ define Build/Configure
$(if $(CONFIG_COOVACHILLI_LARGELIMITS),--enable,--disable)-largelimits \
$(if $(CONFIG_COOVACHILLI_UAMDOMAINFILE),--enable,--disable)-uamdomainfile \
$(if $(CONFIG_COOVACHILLI_MATRIXSSL),--with,--without)-matrixssl \
$(if $(CONFIG_COOVACHILLI_CYASSL),--with,--without)-cyaxssl \
$(if $(CONFIG_COOVACHILLI_CYASSL),--with,--without)-cyassl \
$(if $(CONFIG_COOVACHILLI_OPENSSL),--with,--without)-openssl \
$(if $(CONFIG_PACKAGE_kmod-ipt-coova),--with-nfcoova) \
)
endef
define Package/coova-chilli/conffiles
/etc/chilli.conf
/etc/config/chilli
endef
define Package/coova-chilli/install
@@ -100,6 +134,17 @@ define Package/coova-chilli/install
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/chilli* $(1)/usr/sbin/
$(INSTALL_DIR) $(1)/usr/lib/
$(CP) $(PKG_INSTALL_DIR)/usr/lib/lib*.so.* $(1)/usr/lib/
$(if $(CONFIG_PACKAGE_kmod-ipt-coova), \
$(INSTALL_DIR) $(1)/usr/lib/iptables; \
$(CP) $(PKG_INSTALL_DIR)/usr/lib/iptables/lib*.so $(1)/usr/lib/iptables/ \
)
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) files/chilli.init $(1)/etc/init.d/chilli
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_DATA) files/chilli.config $(1)/etc/config/chilli
$(INSTALL_DIR) $(1)/lib/firewall
$(CP) files/chilli.firewall $(1)/lib/firewall/chilli.sh
endef
$(eval $(call BuildPackage,coova-chilli))
$(eval $(call KernelPackage,ipt-coova))
net/coova-chilli/files/chilli.config
+230
View File
@@ -0,0 +1,230 @@
#
# Sample Coova-Chilli configuration file
#
config chilli
# disable to running chilli. remove this option before running.
option disabled 1
# name of TUN device name. required.
option tundev 'tun0'
# Include this flag if process is to run in the foreground
#option fg
# Include this flag to include debug information.
#option debug 9
# Re-read configuration file at this interval. Will also cause new domain
# name lookups to be performed. Value is given in seconds.
#option interval 3600
# File to store information about the process id of the program.
# The program must have write access to this file/directory.
#option pidfile /var/run/chilli.pid
# Directory to use for nonvolatile storage.
# The program must have write access to this directory.
# this option is currently ignored
#option statedir ./
# TUN parameters
# IP network address of external packet data network
# Used to allocate dynamic IP addresses and set up routing.
# Normally you do not need to uncomment this option.
#option net 192.168.182.0/24
# Dynamic IP address pool
# Used to allocate dynamic IP addresses to clients.
# If not set it defaults to the net tag.
# Do not uncomment this option unless you are an experienced user!
#option dynip 192.168.182.0/24
# Static IP address pool
# Used to allocate static IP addresses to clients.
# Do not uncomment this option unless you are an experienced user!
#option statip 192.168.182.0/24
# Primary DNS server.
# Will be suggested to the client.
# If omitted the system default will be used.
# Normally you do not need to uncomment this option.
#option dns1 172.16.0.5
# Secondary DNS server.
# Will be suggested to the client.
# If omitted the system default will be used.
# Normally you do not need to uncomment this option.
#option dns2 172.16.0.6
# Domain name
# Will be suggested to the client.
# Normally you do not need to uncomment this option.
#option domain key.chillispot.org
# Script executed after network interface has been brought up.
# Executed with the following parameters: <devicename> <ip address>
# <mask>
# Normally you do not need to uncomment this option.
#option ipup /etc/chilli.ipup
# Script executed after network interface has been taken down.
# Executed with the following parameters: <devicename> <ip address>
# <mask>
# Normally you do not need to uncomment this option.
#option ipdown /etc/chilli.ipdown
# Radius parameters
# IP address to listen to
# Normally you do not need to uncomment this option.
#option radiuslisten 127.0.0.1
# IP address of radius server 1
# For most installations you need to modify this option.
radiusserver1 rad01.chillispot.org
# IP address of radius server 2
# If you have only one radius server you should set radiusserver2 to the
# same value as radiusserver1.
# For most installations you need to modify this option.
radiusserver2 rad02.chillispot.org
# Radius authentication port
# The UDP port number to use for radius authentication requests.
# The same port number is used for both radiusserver1 and radiusserver2.
# Normally you do not need to uncomment this option.
#option radiusauthport 1812
# Radius accounting port
# The UDP port number to use for radius accounting requests.
# The same port number is used for both radiusserver1 and radiusserver2.
# Normally you do not need to uncomment this option.
#option radiusacctport 1813
# Radius shared secret for both servers
# For all installations you should modify this option.
#option radiussecret testing123
# Radius NAS-Identifier
# Normally you do not need to uncomment this option.
#option radiusnasid nas01
# WISPr Location ID. Should be in the format: isocc=<ISO_Country_Code>,
# cc=<E.164_Country_Code>,ac=<E.164_Area_Code>,network=<ssid/ZONE>
# Normally you do not need to uncomment this option.
#option radiuslocationid isocc=us,cc=1,ac=408,network=ACMEWISP_NewarkAirport
# WISPr Location Name. Should be in the format:
# <HOTSPOT_OPERATOR_NAME>,<LOCATION>
# Normally you do not need to uncomment this option.
#option radiuslocationname ACMEWISP,Gate_14_Terminal_C_of_Newark_Airport
# Radius proxy parameters
# IP address to listen to
# Normally you do not need to uncomment this option.
#option proxylisten 10.0.0.1
# UDP port to listen to.
# If not specified a port will be selected by the system
# Normally you do not need to uncomment this option.
#option proxyport 1645
# Client(s) from which we accept radius requests
# Normally you do not need to uncomment this option.
#option proxyclient 10.0.0.1/24
# Radius proxy shared secret for all clients
# If not specified defaults to radiussecret
# Normally you do not need to uncomment this option.
#option proxysecret testing123
# DHCP Parameters
# Ethernet interface to listen to.
# This is the network interface which is connected to the access points.
# In a typical configuration this option should be set to eth1.
dhcpif eth1
# Use specified MAC address.
# An address in the range 00:00:5E:00:02:00 - 00:00:5E:FF:FF:FF falls
# within the IANA range of addresses and is not allocated for other
# purposes.
# Normally you do not need to uncomment this option.
#option dhcpmac 00:00:5E:00:02:00
# Time before DHCP lease expires
# Normally you do not need to uncomment this option.
#option lease 600
# Universal access method (UAM) parameters
# URL of web server handling authentication.
uamserver https://radius.chillispot.org/hotspotlogin
# URL of welcome homepage.
# Unauthenticated users will be redirected to this URL. If not specified
# users will be redirected to the uamserver instead.
# Normally you do not need to uncomment this option.
#option uamhomepage http://192.168.182.1/welcome.html
# Shared between chilli and authentication web server
#option uamsecret ht2eb8ej6s4et3rg1ulp
# IP address to listen to for authentication requests
# Do not uncomment this option unless you are an experienced user!
#option uamlisten 192.168.182.1
# TCP port to listen to for authentication requests
# Do not uncomment this option unless you are an experienced user!
#option uamport 3990
# Comma separated list of domain names, IP addresses or network segments
# the client can access without first authenticating.
# It is possible to specify this option multiple times.
# Normally you do not need to uncomment this option.
#option uamallowed www.chillispot.org,10.11.12.0/24
# Comma separated list of domain names
# the client can access without first authenticating.
# It is possible to specify this option multiple times.
# Normally you do not need to uncomment this option.
#option uamdomain .chillispot.org,.coova.org
# If this flag is given unauthenticated users are allowed to use
# any DNS server.
# Normally you do not need to uncomment this option.
#option uamanydns
# MAC authentication
# If this flag is given users will be authenticated only on their MAC
# address.
# Normally you do not need to uncomment this option.
#option macauth
# List of MAC addresses.
# The MAC addresses specified in this list will be authenticated only on
# their MAC address.
# this option is ignored if the macauth tag is given.
# It is possible to specify this option multiple times.
# Normally you do not need to uncomment this option.
#option macallowed 00-0A-5E-AC-BE-51,00-30-1B-3C-32-E9
# Password to use for MAC authentication.
# Normally you do not need to uncomment this option.
#option macpasswd password
# Suffix to add to MAC address in order to form the username.
# Normally you do not need to uncomment this option.
#option macsuffix suffix
net/coova-chilli/files/chilli.firewall
+41
View File
@@ -0,0 +1,41 @@
#!/bin/sh
chilli_firewall() {
local cfg="$1"
local network ifname tun
config_get network "$cfg" network
. /lib/functions/network.sh
network_get_device ifname ${network:-lan}
if [ "$ifname" = "" ]
then
config_get ifname "$cfg" dhcpif
fi
config_get tun "$cfg" tundev
for n in ACCEPT DROP REJECT
do
iptables -F zone_${network}_${n}
iptables -I zone_${network}_${n} -i $tun -j $n
iptables -I zone_${network}_${n} -o $tun -j $n
done
iptables -D forward -i ${ifname} -j zone_${network}_forward
iptables -A forward -i ${ifname} -j DROP
iptables -A forward -i $tun -j zone_${network}_forward
iptables -D input -i ${ifname} -j zone_${network}
iptables -A input -i $tun -j zone_${network}
iptables -I zone_${network} -p tcp --dport 3990 -j ACCEPT
iptables -I zone_${network} -p tcp --dport 3991 -j ACCEPT
}
chilli_post_core_cb() {
config_load chilli
config_foreach chilli_firewall chilli
}
net/coova-chilli/files/chilli.init
+61
View File
@@ -0,0 +1,61 @@
#!/bin/sh /etc/rc.common
START=30
STOP=90
config_cb() {
chilli_inst=$2
if [ "$chilli_inst" != "" ]
then
rm -f /var/run/chilli_${chilli_inst}*
chilli_conf=/var/run/chilli_${chilli_inst}.conf
eval "start_chilli_$chilli_inst=1"
fi
}
option_cb() {
case "$1" in
# UCI settings
network)
. /lib/functions/network.sh
local ifname
network_get_device ifname $2
echo "dhcpif=\"$ifname\"" >> $chilli_conf
;;
disabled)
eval "start_chilli_$chilli_inst=0"
;;
# boolean settings
dhcpbroadcast|nodynip|vlanlocation|locationstopstart|locationcopycalled|locationimmediateupdate|locationopt82|coanoipcheck|noradallow|proxymacaccept|proxyonacct|dhcpmacset|dhcpradius|noc2c|eapolenable|uamanydns|uamanyip|uamnatanyip|nouamsuccess|nowispr1|nowispr2|domaindnslocal|radsec|macauth|macreauth|macauthdeny|macallowlocal|strictmacauth|strictdhcp|ieee8021q|only8021q|radiusoriginalurl|swapoctets|statusfilesave|wpaguests|openidauth|papalwaysok|mschapv2|chillixml|acctupdate|dnsparanoia|seskeepalive|usetap|noarpentries|framedservice|scalewin|redir|injectwispr|redirurl|routeonetone|nousergardendata|uamgardendata|uamotherdata|withunixipc|uamallowpost|redirssl|uamuissl|layer3|patricia|redirdnsreq|dhcpnotidle|ipv6|ipv6only)
[ "$2" = "true" -o "$2" = "1" ] && echo "$1" >> $chilli_conf
;;
*)
echo "$1=\"$2\"" >> $chilli_conf
;;
esac
}
start_chilli() {
local cfg="$1"
local start_chilli=$(eval "echo \$start_chilli_$cfg")
[ "$start_chilli" = "0" ] && return
local base=/var/run/chilli_${cfg}
chilli -c ${base}.conf \
--pidfile ${base}.pid \
--cmdsocket ${base}.sock \
--unixipc ${base}.ipc &
}
start() {
config_load chilli
config_foreach start_chilli chilli
}
stop() {
ls /var/run/chilli*.pid 2>/dev/null && {
kill $(cat /var/run/chilli*.pid)
sleep 1
killall -9 chilli
rm -f /var/run/chilli*
}
}
net/coova-chilli/patches/200-fix_compile_kmod.patch
+17
View File
@@ -0,0 +1,17 @@
--- a/src/linux/Makefile
+++ b/src/linux/Makefile
@@ -21,11 +21,11 @@ lib%.so: lib%.o
$(CC) $(CFLAGS) -shared -o $@ $^;
lib%.o: lib%.c
- $(CC) $(CFLAGS) -fPIC -O2 -Wall -I${KERNEL_DIR}/include -D_INIT=lib$*_init -c -o $@ $<;
+ $(CC) $(CFLAGS) -D_INIT=lib$*_init -c -o $@ $<;
install: modules_install libxt_coova.so
- mkdir -p $(DESTDIR)/lib/xtables/
- cp libxt_coova.so $(DESTDIR)/lib/xtables/
+ mkdir -p $(DESTDIR)/usr/lib/iptables/
+ cp libxt_coova.so $(DESTDIR)/usr/lib/iptables/
distdir:
net/coova-chilli/patches/201-fix_dereferencing_pointers.patch
+49
View File
@@ -0,0 +1,49 @@
--- a/src/linux/xt_coova.c
+++ b/src/linux/xt_coova.c
@@ -292,6 +292,8 @@ static int coova_mt_check(const struct x
struct coova_table *t;
#ifdef CONFIG_PROC_FS
struct proc_dir_entry *pde;
+ kuid_t uid;
+ kgid_t gid;
#endif
unsigned i;
int ret = 0;
@@ -330,8 +332,9 @@ static int coova_mt_check(const struct x
ret = -ENOMEM;
goto out;
}
- pde->uid = ip_list_uid;
- pde->gid = ip_list_gid;
+ uid = make_kuid(&init_user_ns, ip_list_uid);
+ gid = make_kgid(&init_user_ns, ip_list_gid);
+ proc_set_user(pde, uid, gid);
#endif
spin_lock_bh(&coova_lock);
list_add_tail(&t->list, &tables);
@@ -445,14 +448,13 @@ static const struct seq_operations coova
static int coova_seq_open(struct inode *inode, struct file *file)
{
- struct proc_dir_entry *pde = PDE(inode);
struct coova_iter_state *st;
st = __seq_open_private(file, &coova_seq_ops, sizeof(*st));
if (st == NULL)
return -ENOMEM;
- st->table = pde->data;
+ st->table = PDE_DATA(inode);
return 0;
}
@@ -460,8 +462,7 @@ static ssize_t
coova_mt_proc_write(struct file *file, const char __user *input,
size_t size, loff_t *loff)
{
- const struct proc_dir_entry *pde = PDE(file->f_path.dentry->d_inode);
- struct coova_table *t = pde->data;
+ struct coova_table *t = PDE_DATA(file->f_path.dentry->d_inode);
struct coova_entry *e;
char buf[sizeof("+b335:1d35:1e55:dead:c0de:1715:5afe:c0de")];
const char *c = buf;
net/coova-chilli/patches/300-fix-compile-with-cyassl.patch
+28
View File
@@ -0,0 +1,28 @@
--- a/src/md5.h
+++ b/src/md5.h
@@ -28,6 +28,14 @@
#define MD5Update MD5_Update
#define MD5Final MD5_Final
+#elif HAVE_CYASSL
+#include <cyassl/openssl/md5.h>
+
+#define MD5Init MD5_Init
+#define MD5Update MD5_Update
+#define MD5Final MD5_Final
+
+typedef struct CYASSL_MD5_CTX MD5_CTX;
#else
struct MD5Context {
--- a/src/md5.c
+++ b/src/md5.c
@@ -18,7 +18,7 @@
#include <string.h> /* for memcpy() */
#include "md5.h"
-#ifndef HAVE_OPENSSL
+#if !defined(HAVE_OPENSSL) && !defined(HAVE_CYASSL)
void byteReverse(unsigned char *buf, size_t longs);
net/cshark/Makefile
+3 -3
View File
@@ -1,5 +1,5 @@
#
# Copyright (C) 2014 OpenWrt.org
# Copyright (C) 2014-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
@@ -8,13 +8,13 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=cshark
PKG_VERSION:=2014-07-02
PKG_VERSION:=2015-03-13
PKG_RELEASE=$(PKG_SOURCE_VERSION)
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/cloudshark/cshark.git
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE_VERSION:=ec638311b0b8ef74baf0be06dcf03a641e3308a2
PKG_SOURCE_VERSION:=ab2ae2fbd72b6cbd57c95e3192edc3c1f475412b
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
PKG_BUILD_PARALLEL:=1
net/ddns-scripts/Makefile
Regular → Executable
+86 -33
View File
@@ -1,19 +1,27 @@
#
# Copyright (C) 2008-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=ddns-scripts
# Version == major.minor.patch
# increase on new functionality (minor) or patches (patch)
PKG_VERSION:=2.3.0
PKG_VERSION:=2.4.3
# Release == build
# increase on changes of services files or tld_names.dat
PKG_RELEASE:=1
PKG_LICENSE:=GPL-2.0
PKG_MAINTAINER:=Christian Schoenebeck <christian.schoenebeck@gmail.com>
PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
include $(INCLUDE_DIR)/package.mk
# no default dependencies
PKG_DEFAULT_DEPENDS=
define Package/$(PKG_NAME)/Default
SECTION:=net
CATEGORY:=Network
@@ -21,6 +29,7 @@ define Package/$(PKG_NAME)/Default
PKGARCH:=all
endef
##### **********************************
define Package/$(PKG_NAME)
$(call Package/$(PKG_NAME)/Default)
TITLE:=Dynamic DNS Client scripts (with IPv6 support)
@@ -41,31 +50,53 @@ define Package/$(PKG_NAME)/config
- Proxy server support
- log file support
- support to run once
.
Version: $(PKG_VERSION)-$(PKG_RELEASE)
Info : http://wiki.openwrt.org/doc/howto/ddns.client
.
$(PKG_MAINTAINER)
endef
define Package/$(PKG_NAME)_CloudFlare
##### **********************************
define Package/$(PKG_NAME)_cloudflare
$(call Package/$(PKG_NAME)/Default)
TITLE:=DDNS extension for CloudFlare
DEPENDS:=$(PKG_NAME)
endef
define Package/$(PKG_NAME)_CloudFlare/description
define Package/$(PKG_NAME)_cloudflare/description
Dynamic DNS Client scripts extension for CloudFlare
endef
define Package/$(PKG_NAME)_No-IP_com
##### **********************************
define Package/$(PKG_NAME)_no-ip_com
$(call Package/$(PKG_NAME)/Default)
TITLE:=DDNS extension for No-IP.com
DEPENDS:=$(PKG_NAME)
endef
define Package/$(PKG_NAME)_No-IP_com/description
define Package/$(PKG_NAME)_no-ip_com/description
Dynamic DNS Client scripts extension for No-IP.com
endef
##### **********************************
define Package/$(PKG_NAME)_nsupdate
$(call Package/$(PKG_NAME)/Default)
TITLE:=DDNS extension using Bind nsupdate
DEPENDS:=$(PKG_NAME) +bind-client
endef
define Package/$(PKG_NAME)_nsupdate/description
Dynamic DNS Client scripts extension for direct updates using Bind nsupdate
endef
define Package/$(PKG_NAME)_nsupdate/config
help
The script directly updates a PowerDNS (or maybe bind server) via nsupdate
from bind-client package. It requires
"option dns_server" to be set to the server to be used by nsupdate.
"option username" should be set to the key name and
"option password" to the base64 encoded shared secret.
endef
##### **********************************
define Build/Configure
endef
define Build/Compile
@@ -78,12 +109,14 @@ define Build/Compile
-e '/^\/\/\s/d' \
-e '/^\s*$$$$/d' $$$$FILE; \
done
gzip -f9 $(PKG_BUILD_DIR)/files/tld_names.dat
endef
define Package/$(PKG_NAME)/conffiles
/etc/config/ddns
endef
##### **********************************
define Package/$(PKG_NAME)/install
$(INSTALL_DIR) $(1)/etc/hotplug.d/iface
$(INSTALL_BIN) $(PKG_BUILD_DIR)/files/ddns.hotplug $(1)/etc/hotplug.d/iface/95-ddns
@@ -96,16 +129,6 @@ define Package/$(PKG_NAME)/install
$(INSTALL_DATA) $(PKG_BUILD_DIR)/files/services* $(1)/usr/lib/ddns
$(INSTALL_BIN) $(PKG_BUILD_DIR)/files/dynamic_*.sh $(1)/usr/lib/ddns
endef
define Package/$(PKG_NAME)_CloudFlare/install
$(INSTALL_DIR) $(1)/usr/lib/ddns
$(INSTALL_BIN) $(PKG_BUILD_DIR)/files/update_CloudFlare.sh $(1)/usr/lib/ddns
$(INSTALL_DATA) $(PKG_BUILD_DIR)/files/tld_names.dat $(1)/usr/lib/ddns
endef
define Package/$(PKG_NAME)_No-IP_com/install
$(INSTALL_DIR) $(1)/usr/lib/ddns
$(INSTALL_BIN) $(PKG_BUILD_DIR)/files/update_No-IP.com.sh $(1)/usr/lib/ddns
endef
define Package/$(PKG_NAME)/postinst
#!/bin/sh
# if run within buildroot exit
@@ -123,17 +146,6 @@ define Package/$(PKG_NAME)/postinst
exit 0
endef
define Package/$(PKG_NAME)_CloudFlare/postinst
#!/bin/sh
echo -e '"CloudFlare"\t"update_CloudFlare.sh"' >> $${IPKG_INSTROOT}/usr/lib/ddns/services
echo -e '"CloudFlare"\t"update_CloudFlare.sh"' >> $${IPKG_INSTROOT}/usr/lib/ddns/services_ipv6
endef
define Package/$(PKG_NAME)_No-IP_com/postinst
#!/bin/sh
echo -e '"No-IP.com"\t"update_No-IP.com.sh"' >> $${IPKG_INSTROOT}/usr/lib/ddns/services
echo -e '"NoIP.com"\t"update_No-IP.com.sh"' >> $${IPKG_INSTROOT}/usr/lib/ddns/services
endef
define Package/$(PKG_NAME)/prerm
#!/bin/sh
# if run within buildroot exit
@@ -148,16 +160,57 @@ define Package/$(PKG_NAME)/prerm
exit 0
endef
define Package/$(PKG_NAME)_CloudFlare/prerm
##### **********************************
define Package/$(PKG_NAME)_cloudflare/install
$(INSTALL_DIR) $(1)/usr/lib/ddns
$(INSTALL_BIN) $(PKG_BUILD_DIR)/files/update_CloudFlare.sh $(1)/usr/lib/ddns
$(INSTALL_DATA) $(PKG_BUILD_DIR)/files/tld_names.dat.gz $(1)/usr/lib/ddns
endef
define Package/$(PKG_NAME)_cloudflare/postinst
#!/bin/sh
echo -e '"CloudFlare"\t"update_CloudFlare.sh"' >> $${IPKG_INSTROOT}/usr/lib/ddns/services
echo -e '"CloudFlare"\t"update_CloudFlare.sh"' >> $${IPKG_INSTROOT}/usr/lib/ddns/services_ipv6
endef
define Package/$(PKG_NAME)_cloudflare/prerm
#!/bin/sh
/bin/sed -i '/update_CloudFlare\.sh/ d' $${IPKG_INSTROOT}/usr/lib/ddns/services
/bin/sed -i '/update_CloudFlare\.sh/ d' $${IPKG_INSTROOT}/usr/lib/ddns/services_ipv6
endef
define Package/$(PKG_NAME)_No-IP_com/prerm
##### **********************************
define Package/$(PKG_NAME)_no-ip_com/install
$(INSTALL_DIR) $(1)/usr/lib/ddns
$(INSTALL_BIN) $(PKG_BUILD_DIR)/files/update_No-IP.com.sh $(1)/usr/lib/ddns
endef
define Package/$(PKG_NAME)_no-ip_com/postinst
#!/bin/sh
echo -e '"No-IP.com"\t"update_No-IP.com.sh"' >> $${IPKG_INSTROOT}/usr/lib/ddns/services
echo -e '"NoIP.com"\t"update_No-IP.com.sh"' >> $${IPKG_INSTROOT}/usr/lib/ddns/services
endef
define Package/$(PKG_NAME)_no-ip_com/prerm
#!/bin/sh
/bin/sed -i '/update_No-IP\.com\.sh/ d' $${IPKG_INSTROOT}/usr/lib/ddns/services
endef
##### **********************************
define Package/$(PKG_NAME)_nsupdate/install
$(INSTALL_DIR) $(1)/usr/lib/ddns
$(INSTALL_BIN) $(PKG_BUILD_DIR)/files/update_nsupdate.sh $(1)/usr/lib/ddns
endef
define Package/$(PKG_NAME)_nsupdate/postinst
#!/bin/sh
echo -e '"Bind-nsupdate"\t"update_nsupdate.sh"' >> $${IPKG_INSTROOT}/usr/lib/ddns/services
echo -e '"Bind-nsupdate"\t"update_nsupdate.sh"' >> $${IPKG_INSTROOT}/usr/lib/ddns/services_ipv6
endef
define Package/$(PKG_NAME)_nsupdate/prerm
#!/bin/sh
/bin/sed -i '/update_nsupdate\.sh/ d' $${IPKG_INSTROOT}/usr/lib/ddns/services
/bin/sed -i '/update_nsupdate\.sh/ d' $${IPKG_INSTROOT}/usr/lib/ddns/services_ipv6
endef
##### **********************************
$(eval $(call BuildPackage,$(PKG_NAME)))
$(eval $(call BuildPackage,$(PKG_NAME)_CloudFlare))
$(eval $(call BuildPackage,$(PKG_NAME)_No-IP_com))
$(eval $(call BuildPackage,$(PKG_NAME)_cloudflare))
$(eval $(call BuildPackage,$(PKG_NAME)_no-ip_com))
$(eval $(call BuildPackage,$(PKG_NAME)_nsupdate))
net/ddns-scripts/files/ddns.config
+1 -1
View File
@@ -11,7 +11,7 @@ config ddns "global"
config service "myddns_ipv4"
option service_name "example.org"
option service_name "dyndns.com"
option domain "yourhost.example.com"
option username "your_username"
option password "your_password"
net/ddns-scripts/files/ddns.init
+1
View File
@@ -24,4 +24,5 @@ start() {
stop() {
killall dynamic_dns_updater.sh 2>/dev/null
return 0 # if killall fails, ignore
}
net/ddns-scripts/files/dynamic_dns_functions.sh
Regular → Executable
+53 -33
View File
@@ -37,7 +37,7 @@ PIDFILE="" # pid file
UPDFILE="" # store UPTIME of last update
DATFILE="" # save stdout data of WGet and other external programs called
ERRFILE="" # save stderr output of WGet and other external programs called
TLDFILE=/usr/lib/ddns/tld_names.dat # TLD file used by split_FQDN
TLDFILE=/usr/lib/ddns/tld_names.dat.gz # TLD file used by split_FQDN
CHECK_SECONDS=0 # calculated seconds out of given
FORCE_SECONDS=0 # interval and unit
@@ -486,8 +486,8 @@ verify_host_port() {
__IPV4=$(cat $DATFILE | awk -F "address " '/has address/ {print $2; exit}' )
__IPV6=$(cat $DATFILE | awk -F "address " '/has IPv6/ {print $2; exit}' )
else # use BusyBox nslookup
__IPV4=$(cat $DATFILE | sed -ne "3,\$ { s/^Address[0-9 ]\{0,\}: \($IPV4_REGEX\).*$/\\1/p }")
__IPV6=$(cat $DATFILE | sed -ne "3,\$ { s/^Address[0-9 ]\{0,\}: \($IPV6_REGEX\).*$/\\1/p }")
__IPV4=$(cat $DATFILE | sed -ne "/^Name:/,\$ { s/^Address[0-9 ]\{0,\}: \($IPV4_REGEX\).*$/\\1/p }")
__IPV6=$(cat $DATFILE | sed -ne "/^Name:/,\$ { s/^Address[0-9 ]\{0,\}: \($IPV6_REGEX\).*$/\\1/p }")
fi
}
@@ -966,7 +966,7 @@ get_registered_ip() {
if [ "$__PROG" = "BIND host" ]; then
__DATA=$(cat $DATFILE | awk -F "address " '/has/ {print $2; exit}' )
else
__DATA=$(cat $DATFILE | sed -ne "3,\$ { s/^Address[0-9 ]\{0,\}: \($__REGEX\).*$/\\1/p }" )
__DATA=$(cat $DATFILE | sed -ne "/^Name:/,\$ { s/^Address[0-9 ]\{0,\}: \($__REGEX\).*$/\\1/p }" )
fi
[ -n "$__DATA" ] && {
write_log 7 "Registered IP '$__DATA' detected"
@@ -1058,43 +1058,63 @@ split_FQDN() {
# $4 name of variable to store Host/Subdomain
[ $# -ne 4 ] && write_log 12 "Error calling 'split_FQDN()' - wrong number of parameters"
[ -z "$1" ] && write_log 12 "Error calling 'split_FQDN()' - missing FQDN to split"
[ -f $TLDFILE ] || write_log 12 "Error calling 'split_FQDN()' - missing file '$TLDFILE'"
_SET="$@" # save given parameters
local _FHOST _FTLD _FOUND
local _FDOM=$(echo "$1" | tr [A-Z] [a-z]) # to lower
local _HOST _FDOM _CTLD _FTLD
local _SET="$@" # save given function parameters
set -- $(echo "$_FDOM" | tr "." " ") # replace DOT with SPACE and set as script parameters
_FDOM="" # clear variable for later reuse
local _PAR=$(echo "$1" | tr [A-Z] [a-z] | tr "." " ") # to lower and replace DOT with SPACE
set -- $_PAR # set new as function parameters
_PAR="" # clear variable for later reuse
while [ -n "$1" ] ; do # as long we have parameters
_PAR="$1 $_PAR" # invert order of parameters
shift
done
set -- $_PAR # use new as function parameters
_PAR="" # clear variable
while [ -n "$1" ] ; do # as long we have parameters
_FTLD=$(echo $@ | tr " " ".") # build back dot separated as TLD
# look if match excludes "!" in tld_names.dat
grep -E "^!$_FTLD$" $TLDFILE >/dev/null 2>&1 || {
# Don't match excludes
# check if match any "*" in tld_names.dat
grep -E "^*.$_FTLD$" $TLDFILE >/dev/null 2>&1 && {
_FOUND="VALID"
break # found leave while
}
# check if exact match in tld_names.dat
grep -E "^$_FTLD$" $TLDFILE >/dev/null 2>&1 && {
_FOUND="VALID"
break # found leave while
}
if [ -z "$_CTLD" ]; then # first loop
_CTLD="$1" # CURRENT TLD to look at
shift
else
_CTLD="$1.$_CTLD" # Next TLD to look at
shift
fi
# check if TLD exact match in tld_names.dat, save TLD
zcat $TLDFILE | grep -E "^$_CTLD$" >/dev/null 2>&1 && {
_FTLD="$_CTLD" # save found
_FDOM="$1" # save domain next step might be invalid
continue
}
# nothing match so
_FHOST="$_FHOST $_FDOM" # append DOMAIN to last found HOST
_FDOM="$1" # set 1st parameter as DOMAIN
_FTLD="" # clear TLD
shift # delete 1st parameter and retry with the rest
# check if match any "*" in tld_names.dat,
zcat $TLDFILE | grep -E "^\*.$_CTLD$" >/dev/null 2>&1 && {
[ -z "$1" ] && break # no more data break
# check if next level TLD match excludes "!" in tld_names.dat
if zcat $TLDFILE | grep -E "^!$1.$_CTLD$" >/dev/null 2>&1 ; then
_FTLD="$_CTLD" # Yes
else
_FTLD="$1.$_CTLD"
shift
fi
_FDOM="$1"; shift
}
[ -n "$_FTLD" ] && break # we have something valid, break
done
# the leftover parameters are the HOST/SUBDOMAIN
while [ -n "$1" ]; do
_HOST="$1 $HOST" # remember we need to invert
shift
done
_HOST=$(echo $_HOST | tr " " ".") # insert DOT
set -- $_SET # set back parameters from function call
[ -n "$_FHOST" ] && _FHOST=$(echo $_FHOST | tr " " ".") # put dots back into HOST
[ -n "$_FOUND" ] && {
eval "$2=$_FTLD" # set found TLD
eval "$3=$_FDOM" # set found registrable domain
eval "$4=$_FHOST" # set found HOST/SUBDOMAIN
[ -n "$_FTLD" ] && {
eval "$2=$_FTLD" # set TLD
eval "$3=$_FDOM" # set registrable domain
eval "$4=$_HOST" # set HOST/SUBDOMAIN
return 0
}
eval "$2=''" # clear TLD
net/ddns-scripts/files/dynamic_dns_lucihelper.sh
+2 -2
View File
@@ -22,8 +22,8 @@
# preset some variables, wrong or not set in dynamic_dns_functions.sh
SECTION_ID="lucihelper"
LOGFILE="$LOGDIR/$SECTION_ID.log"
DATFILE="$RUNDIR/$SECTION_ID.dat" # save stdout data of WGet and other extern programs called
ERRFILE="$RUNDIR/$SECTION_ID.err" # save stderr output of WGet and other extern programs called
DATFILE="$RUNDIR/$SECTION_ID.$$.dat" # save stdout data of WGet and other extern programs called
ERRFILE="$RUNDIR/$SECTION_ID.$$.err" # save stderr output of WGet and other extern programs called
VERBOSE_MODE=0 # no console logging
# global variables normally set by reading DDNS UCI configuration
use_syslog=0 # no syslog
net/ddns-scripts/files/dynamic_dns_updater.sh
+1 -1
View File
@@ -120,7 +120,7 @@ ERR_LAST=$? # save return code - equal 0 if SECTION_ID found
# set defaults if not defined
[ -z "$enabled" ] && enabled=0
[ -z "$retry_count" ] && retry_count=5
[ -z "$retry_count" ] && retry_count=0 # endless retry
[ -z "$use_syslog" ] && use_syslog=2 # syslog "Notice"
[ -z "$use_https" ] && use_https=0 # not use https
[ -z "$use_logfile" ] && use_logfile=1 # use logfile by default
net/ddns-scripts/files/services_ipv6
+3
View File
@@ -38,3 +38,6 @@
# IPv6 @ freedns.afraid.org
"freedns.afraid.org" "http://freedns.afraid.org/dynamic/update.php?[PASSWORD]&address=[IP]"
# IPv6 @ LoopiaDNS
"loopia.se" "http://[USERNAME]:[PASSWORD]@dns.loopia.se/XDynDNSServer/XDynDNS.php?system=custom&hostname=[DOMAIN]&myip=[IP]"
net/ddns-scripts/files/tld_names.dat
+697 -85
View File
File diff suppressed because it is too large Load Diff
net/ddns-scripts/files/update_nsupdate.sh
+46
View File
@@ -0,0 +1,46 @@
#
#.Distributed under the terms of the GNU General Public License (GPL) version 2.0
#
# The script directly updates a PowerDNS (or maybe bind server) via nsupdate from bind-client package.
#.based on github request #957 by Jan Riechers <de at r-jan dot de>
#.2015 Christian Schoenebeck <christian dot schoenebeck at gmail dot com>
#
# This script is parsed by dynamic_dns_functions.sh inside send_update() function
#
# using following options from /etc/config/ddns
# option username - keyname
# option password - shared secret (base64 encoded)
# option domain - full qualified domain to update
# option dns_server - DNS server to update
#
# variable __IP already defined with the ip-address to use for update
#
local __TTL=600 #.preset DNS TTL (in seconds)
local __RRTYPE __PW __TCP
[ -x /usr/bin/nsupdate ] || write_log 14 "'nsupdate' not installed or not executable !"
[ -z "$username" ] && write_log 14 "Service section not configured correctly! Missing 'username'"
[ -z "$password" ] && write_log 14 "Service section not configured correctly! Missing 'password'"
[ -z "$dns_server" ] && write_log 14 "Service section not configured correctly! Missing 'dns_server'"
[ $use_ipv6 -ne 0 ] && __RRTYPE="AAAA" || __RRTYPE="A"
[ $force_dnstcp -ne 0 ] && __TCP="-v" || __TCP=""
# create command file
cat >$DATFILE <<-EOF
server $dns_server
key $username $password
update del $domain $__RRTYPE
update add $domain $__TTL $__RRTYPE $__IP
show
send
quit
EOF
/usr/bin/nsupdate -d $__TCP $DATFILE >$ERRFILE 2>&1
# nsupdate always return success
write_log 7 "nsupdate reports:\n$(cat $ERRFILE)"
return 0
net/dmapd/Makefile
+2 -2
View File
@@ -8,7 +8,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=dmapd
PKG_VERSION:=0.0.70
PKG_VERSION:=0.0.72
PKG_RELEASE:=1
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org>
@@ -18,7 +18,7 @@ PKG_LICENSE_FILES:=COPYING
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://www.flyn.org/projects/dmapd
PKG_MD5SUM:=f503bf95f79b5c1f9418cccf26203952
PKG_MD5SUM:=0fe290d1bf003296b1ed9dfcc0108d6f
PKG_FIXUP:=autoreconf
PKG_INSTALL:=2
net/dnscrypt-proxy/Makefile
+2 -2
View File
@@ -8,12 +8,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=dnscrypt-proxy
PKG_VERSION:=1.4.3
PKG_VERSION:=1.5.0
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://download.dnscrypt.org/dnscrypt-proxy
PKG_MD5SUM:=54d172236a8f321fb5689ff81767f1ba
PKG_MD5SUM:=bcaaaae4797082dd7a6ba618cc3e687c
PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
net/e2guardian/Makefile
+9 -6
View File
@@ -8,7 +8,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=e2guardian
PKG_VERSION:=3.0.4
PKG_VERSION:=3.1.2
PKG_RELEASE:=1
PKG_LICENSE:=GPL-2.0
@@ -16,8 +16,8 @@ PKG_MAINTAINER:=Luka Perkov <luka@openwrt.org>
PKG_SOURCE:=v$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/e2guardian/e2guardian/archive/
PKG_MD5SUM:=f8ffac7ac4f040b672cc4e62121bf4c5
PKG_MD5SUM:=85cfa16074737dbc3935f93dfcded285
PKG_FIXUP:=autoreconf
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
@@ -45,9 +45,12 @@ CONFIGURE_VARS += \
CONFIGURE_ARGS += \
--with-sysconfsubdir=e2guardian \
--with-proxyuser=root \
--with-proxygroup=root \
--enable-pcre=yes
--with-proxyuser=nobody \
--with-proxygroup=nogroup \
--enable-pcre=yes \
--with-piddir=/tmp/e2guardian/ \
--enable-sslextralists=no \
--enable-sslmitm=no
define Build/Configure
$(call Build/Configure/Default,$CONFIGURE_ARGS)
net/e2guardian/files/e2guardian.config
+2 -3
View File
@@ -1,13 +1,11 @@
config e2guardian 'e2guardian'
option config_file '/etc/e2guardian/e2guardianf1.conf'
option languagedir '/usr/share/e2guardian/languages'
option language 'ukenglish'
option loglevel '2'
option logexceptionhits '2'
option logfileformat '1'
option loglocation '/dev/null'
option loglocation '/var/log/e2guardian/access.log'
option maxuploadsize '-1'
option filterip ''
option filterports '8080'
option proxyip '127.0.0.1'
option proxyport '3128'
@@ -45,6 +43,7 @@ config e2guardian 'e2guardian'
option deletedownloadedtempfiles 'on'
option initialtrickledelay '20'
option trickledelay '10'
option downloadmanager '/etc/e2guardian/downloadmanagers/fancy.conf'
option downloadmanager '/etc/e2guardian/downloadmanagers/default.conf'
option contentscannertimeout '60'
option contentscanexceptions 'off'
net/e2guardian/files/e2guardian.init
+26 -6
View File
@@ -7,13 +7,15 @@ STOP=10
USE_PROCD=1
PROG=/usr/sbin/e2guardian
CONFIGFILE="/tmp/e2guardian/e2guardian.conf"
LOGFILE="/tmp/e2guardian/access.log"
GROUPCONFIG="/tmp/e2guardian/e2guardianf1.conf"
validate_e2guardian_section() {
uci_validate_section e2guardian e2guardian "${1}" \
'config_file:string' \
'accessdeniedaddress:string' \
'bannediplist:string' \
'contentscanexceptions:string' \
'contentscanner:string'
'contentscannertimeout:uinteger' \
'createlistcachefiles:string' \
'custombannedflashfile:string' \
@@ -83,7 +85,7 @@ validate_e2guardian_section() {
start_service() {
local config_file accessdeniedaddress bannediplist contentscanexceptions contentscannertimeout \
local accessdeniedaddress bannediplist contentscanexceptions contentscanner contentscannertimeout \
createlistcachefiles custombannedflashfile custombannedimagefile deletedownloadedtempfiles \
downloadmanager exceptioniplist filecachedir loglocation \
filtergroups filtergroupslist filterip filterports forcequicksearch forwardedfor hexdecodecontent \
@@ -102,10 +104,26 @@ start_service() {
}
mkdir -p $(dirname $CONFIGFILE)
ln -sf $config_file $(dirname $CONFIGFILE)
chown -R nobody:nogroup $(dirname $CONFIGFILE)
mkdir -p $(dirname $loglocation)
chown -R nobody:nogroup $(dirname $loglocation)
touch $loglocation
chown nobody:nogroup $loglocation
ln -sf $loglocation $(dirname $LOGFILE)
ln -sf /etc/e2guardian/e2guardian.conf $CONFIGFILE
ln -sf /etc/e2guardian/e2guardianf1.conf $GROUPCONFIG
echo "accessdeniedaddress = " $accessdeniedaddress > $CONFIGFILE
echo "bannediplist = " $bannediplist >> $CONFIGFILE
if [ "$contentscanner" != "" ]
then
echo "contentscanner = " $contentscanner >> $CONFIGFILE
fi
echo "contentscanexceptions = " $contentscanexceptions >> $CONFIGFILE
echo "contentscannertimeout = " $contentscannertimeout >> $CONFIGFILE
echo "createlistcachefiles = " $createlistcachefiles >> $CONFIGFILE
@@ -174,15 +192,17 @@ start_service() {
echo "weightedphrasemode = " $weightedphrasemode >> $CONFIGFILE
procd_open_instance
procd_set_param command $PROG -N -c "$CONFIGFILE"
procd_set_param command $PROG -c $CONFIGFILE
procd_set_param file $CONFIGFILE
procd_set_param respawn
procd_close_instance
}
stop_service()
{
e2guardian -s | awk -F':' '{ print $2}' | xargs kill -9
PID=`cat /tmp/e2guardian/e2guardian.pid`
kill $PID
rm -f /tmp/e2guardian/e2guardian.pid
}
service_triggers()
net/e2guardian/files/e2guardianf1.conf
+58 -54
View File
@@ -1,4 +1,4 @@
# e2guardian filter group config file for version 3.0.4
# e2guardian filter group config file for version 3.1.2
# Filter group mode
@@ -25,41 +25,41 @@ groupmode = 1
groupname = ''
# Content filtering files location
bannedphraselist = 'etc/e2guardian/lists/bannedphraselist'
weightedphraselist = 'etc/e2guardian/lists/weightedphraselist'
exceptionphraselist = 'etc/e2guardian/lists/exceptionphraselist'
bannedsitelist = 'etc/e2guardian/lists/bannedsitelist'
greysitelist = 'etc/e2guardian/lists/greysitelist'
bannedsslsitelist = 'etc/e2guardian/lists/bannedsslsitelist'
greysslsitelist = 'etc/e2guardian/lists/greysslsitelist'
exceptionsitelist = 'etc/e2guardian/lists/exceptionsitelist'
bannedurllist = 'etc/e2guardian/lists/bannedurllist'
greyurllist = 'etc/e2guardian/lists/greyurllist'
exceptionurllist = 'etc/e2guardian/lists/exceptionurllist'
exceptionregexpurllist = 'etc/e2guardian/lists/exceptionregexpurllist'
bannedregexpurllist = 'etc/e2guardian/lists/bannedregexpurllist'
picsfile = 'etc/e2guardian/lists/pics'
contentregexplist = 'etc/e2guardian/lists/contentregexplist'
urlregexplist = 'etc/e2guardian/lists/urlregexplist'
refererexceptionsitelist = 'etc/e2guardian/lists/refererexceptionsitelist'
refererexceptionurllist = 'etc/e2guardian/lists/refererexceptionurllist'
embededreferersitelist = 'etc/e2guardian/lists/embededreferersitelist'
embededrefererurllist = 'etc/e2guardian/lists/embededrefererurllist'
urlredirectregexplist = 'etc/e2guardian/lists/urlredirectregexplist'
bannedphraselist = '/etc/e2guardian/lists/bannedphraselist'
weightedphraselist = '/etc/e2guardian/lists/weightedphraselist'
exceptionphraselist = '/etc/e2guardian/lists/exceptionphraselist'
bannedsitelist = '/etc/e2guardian/lists/bannedsitelist'
greysitelist = '/etc/e2guardian/lists/greysitelist'
bannedsslsitelist = '/etc/e2guardian/lists/bannedsslsitelist'
greysslsitelist = '/etc/e2guardian/lists/greysslsitelist'
exceptionsitelist = '/etc/e2guardian/lists/exceptionsitelist'
bannedurllist = '/etc/e2guardian/lists/bannedurllist'
greyurllist = '/etc/e2guardian/lists/greyurllist'
exceptionurllist = '/etc/e2guardian/lists/exceptionurllist'
exceptionregexpurllist = '/etc/e2guardian/lists/exceptionregexpurllist'
bannedregexpurllist = '/etc/e2guardian/lists/bannedregexpurllist'
picsfile = '/etc/e2guardian/lists/pics'
contentregexplist = '/etc/e2guardian/lists/contentregexplist'
urlregexplist = '/etc/e2guardian/lists/urlregexplist'
refererexceptionsitelist = '/etc/e2guardian/lists/refererexceptionsitelist'
refererexceptionurllist = '/etc/e2guardian/lists/refererexceptionurllist'
embededreferersitelist = '/etc/e2guardian/lists/embededreferersitelist'
embededrefererurllist = '/etc/e2guardian/lists/embededrefererurllist'
urlredirectregexplist = '/etc/e2guardian/lists/urlredirectregexplist'
# local versions of lists (where LOCAL_LISTS enabled)
#localbannedsitelist = 'etc/e2guardian/lists/localbannedsitelist'
#localgreysitelist = 'etc/e2guardian/lists/localgreysitelist'
#localexceptionsitelist = 'etc/e2guardian/lists/localexceptionsitelist'
#localbannedurllist = 'etc/e2guardian/lists/localbannedurllist'
#localgreyurllist = 'etc/e2guardian/lists/localgreyurllist'
#localexceptionurllist = 'etc/e2guardian/lists/localexceptionurllist'
#localbannedsslsitelist = 'etc/e2guardian/lists/localbannedsslsitelist'
#localgreysslsitelist = 'etc/e2guardian/lists/localgreysslsitelist'
#localbannedsearchlist = 'etc/e2guardian/lists/localbannedsearchlist'
#localbannedsitelist = '/etc/e2guardian/lists/localbannedsitelist'
#localgreysitelist = '/etc/e2guardian/lists/localgreysitelist'
#localexceptionsitelist = '/etc/e2guardian/lists/localexceptionsitelist'
#localbannedurllist = '/etc/e2guardian/lists/localbannedurllist'
#localgreyurllist = '/etc/e2guardian/lists/localgreyurllist'
#localexceptionurllist = '/etc/e2guardian/lists/localexceptionurllist'
#localbannedsslsitelist = '/etc/e2guardian/lists/localbannedsslsitelist'
#localgreysslsitelist = '/etc/e2guardian/lists/localgreysslsitelist'
#localbannedsearchlist = '/etc/e2guardian/lists/localbannedsearchlist'
!! Not compiled !! authexceptionsitelist = 'etc/e2guardian/lists/authexceptionsitelist'
!! Not compiled !! authexceptionurllist = 'etc/e2guardian/lists/authexceptionurllist'
!! Not compiled !! authexceptionsitelist = '/etc/e2guardian/lists/authexceptionsitelist'
!! Not compiled !! authexceptionurllist = '/etc/e2guardian/lists/authexceptionurllist'
# Filetype filtering
#
@@ -78,20 +78,20 @@ urlredirectregexplist = 'etc/e2guardian/lists/urlredirectregexplist'
# (on | off)
#
blockdownloads = off
exceptionextensionlist = 'etc/e2guardian/lists/exceptionextensionlist'
exceptionmimetypelist = 'etc/e2guardian/lists/exceptionmimetypelist'
exceptionextensionlist = '/etc/e2guardian/lists/exceptionextensionlist'
exceptionmimetypelist = '/etc/e2guardian/lists/exceptionmimetypelist'
#
# Use the following lists to block specific kinds of file downloads.
# The two exception lists above can be used to override these.
#
bannedextensionlist = 'etc/e2guardian/lists/bannedextensionlist'
bannedmimetypelist = 'etc/e2guardian/lists/bannedmimetypelist'
bannedextensionlist = '/etc/e2guardian/lists/bannedextensionlist'
bannedmimetypelist = '/etc/e2guardian/lists/bannedmimetypelist'
#
# In either file filtering mode, the following list can be used to override
# MIME type & extension blocks for particular domains & URLs (trusted download sites).
#
exceptionfilesitelist = 'etc/e2guardian/lists/exceptionfilesitelist'
exceptionfileurllist = 'etc/e2guardian/lists/exceptionfileurllist'
exceptionfilesitelist = '/etc/e2guardian/lists/exceptionfilesitelist'
exceptionfileurllist = '/etc/e2guardian/lists/exceptionfileurllist'
# POST protection (web upload and forms)
# does not block forms without any file upload, i.e. this is just for
@@ -108,9 +108,9 @@ maxuploadsize = -1
# Supply categorised lists here and the category string shall be logged against
# matching requests, but matching these lists does not perform any filtering
# action.
#logsitelist = 'etc/e2guardian/lists/logsitelist'
#logurllist = 'etc/e2guardian/lists/logurllist'
#logregexpurllist = 'etc/e2guardian/lists/logregexpurllist'
#logsitelist = '/etc/e2guardian/lists/logsitelist'
#logurllist = '/etc/e2guardian/lists/logurllist'
#logregexpurllist = '/etc/e2guardian/lists/logregexpurllist'
# Outgoing HTTP header rules:
# Optional lists for blocking based on, and modification of, outgoing HTTP
@@ -121,9 +121,9 @@ maxuploadsize = -1
# Headers are matched/replaced on a line-by-line basis, not as a contiguous
# block.
# Use for example, to remove cookies or prevent certain user-agents.
headerregexplist = 'etc/e2guardian/lists/headerregexplist'
bannedregexpheaderlist = 'etc/e2guardian/lists/bannedregexpheaderlist'
addheaderregexplist = 'etc/e2guardian/lists/addheaderregexplist'
headerregexplist = '/etc/e2guardian/lists/headerregexplist'
bannedregexpheaderlist = '/etc/e2guardian/lists/bannedregexpheaderlist'
addheaderregexplist = '/etc/e2guardian/lists/addheaderregexplist'
# Weighted phrase mode
# Optional; overrides the weightedphrasemode option in e2guardian.conf
@@ -166,11 +166,11 @@ naughtynesslimit = 50
# List of regular expressions for matching search engine URLs. It is assumed
# that the search terms themselves will be contained in the
# of output of each expression.
#searchregexplist = 'etc/e2guardian/lists/searchregexplist'
#searchregexplist = '/etc/e2guardian/lists/searchregexplist'
#
# Banned Search Term list(s) for option 1
#bannedsearchlist = 'etc/e2guardian/lists/bannedsearchlist'
#bannedsearchoveridelist = 'etc/e2guardian/lists/bannedsearchoveridelist'
#bannedsearchlist = '/etc/e2guardian/lists/bannedsearchlist'
#bannedsearchoveridelist = '/etc/e2guardian/lists/bannedsearchoveridelist'
# Search term limit (for Option 2)
@@ -192,9 +192,9 @@ naughtynesslimit = 50
# of text.
# Please note that all or none of the below should be uncommented, not a
# mixture.
#bannedsearchtermlist = 'etc/e2guardian/lists/bannedsearchtermlist'
#weightedsearchtermlist = 'etc/e2guardian/lists/weightedsearchtermlist'
#exceptionsearchtermlist = 'etc/e2guardian/lists/exceptionsearchtermlist'
#bannedsearchtermlist = '/etc/e2guardian/lists/bannedsearchtermlist'
#weightedsearchtermlist = '/etc/e2guardian/lists/weightedsearchtermlist'
#exceptionsearchtermlist = '/etc/e2guardian/lists/exceptionsearchtermlist'
# Category display threshold
# This option only applies to pages blocked by weighted phrase filtering.
@@ -330,12 +330,12 @@ reportinglevel = 3
# only used in reporting level 3.
#
# The default template file path is <languagedir>/<language>/template.h
# e.g. share/e2guardian/languages/ukenglish/template.html when using 'ukenglish'
# e.g. /share/e2guardian/languages/ukenglish/template.html when using 'ukenglish'
# language.
#
# This option generates a file path of the form:
# <languagedir>/<language>/<htmltemplate>
# e.g. share/e2guardian/languages/ukenglish/custom.html
# e.g. /share/e2guardian/languages/ukenglish/custom.html
#
#htmltemplate = 'custom.html'
@@ -420,7 +420,11 @@ reportinglevel = 3
sslcertcheck = off
#SSL man in the middle
# Forge ssl certificates for all sites, decrypt the data then re encrypt it
# Forge ssl certificates for all non-exception sites, decrypt the data then re encrypt it
# using a different private key. Used to filter ssl sites
sslmitm = off
#Limit SSL MITM to sites in greysslsitelist(s)
# ignored if sslmitm is off
# SSL sites not matching greysslsitelist will be treat as if sslmitm is off.
onlymitmsslgrey = off
net/emailrelay/Makefile
+1 -1
View File
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=emailrelay
PKG_VERSION:=1.9
PKG_RELEASE:=1
PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-src.tar.gz
PKG_SOURCE_URL:=@SF/emailrelay/$(PKG_VERSION)
net/emailrelay/files/emailrelay.init
+2 -2
View File
@@ -6,10 +6,10 @@ START=90
start() {
logger -t 'emailrelay' "Starting emailrelay service."
service_start emailrelay --as-server --poll 60 --forward-to smtpserver:smtpport --spool-dir /tmp --client-tls --client-auth /etc/emailrelay.auth --server-auth /etc/emailrelay.auth --log
service_start /usr/bin/emailrelay --as-server --poll 60 --forward-to smtpserver:smtpport --spool-dir /tmp --client-tls --client-auth /etc/emailrelay.auth --server-auth /etc/emailrelay.auth --log
}
stop() {
logger -t 'emailrelay' "Stopping emailrelay service."
killall -9 emailrelay
service_stop /usr/bin/emailrelay
}
net/etherwake/Makefile
+2 -2
View File
@@ -1,5 +1,5 @@
#
# Copyright (C) 2007-2011 OpenWrt.org
# Copyright (C) 2007-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=etherwake
PKG_VERSION:=1.09
PKG_RELEASE:=3
PKG_RELEASE:=4
PKG_SOURCE:=$(PKG_NAME)_$(PKG_VERSION).orig.tar.gz
PKG_SOURCE_URL:=http://ftp.debian.org/debian/pool/main/e/etherwake
net/etherwake/patches/120-musl-compat.patch
+17
View File
@@ -0,0 +1,17 @@
--- a/ether-wake.c
+++ b/ether-wake.c
@@ -82,14 +82,8 @@ static char usage_msg[] =
#include <linux/if.h>
#include <features.h>
-#if __GLIBC__ >= 2 && __GLIBC_MINOR >= 1
#include <netpacket/packet.h>
#include <net/ethernet.h>
-#else
-#include <asm/types.h>
-#include <linux/if_packet.h>
-#include <linux/if_ether.h>
-#endif
#include <netdb.h>
#include <netinet/ether.h>
net/ethtool/Config.in
+7
View File
@@ -0,0 +1,7 @@
menu "Configuration"
depends on PACKAGE_ethtool
config ETHTOOL_PRETTY_DUMP
bool "Enable pretty printing"
endmenu
net/ethtool/Makefile
+14 -2
View File
@@ -8,13 +8,13 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=ethtool
PKG_VERSION:=3.18
PKG_VERSION:=4.0
PKG_RELEASE:=1
PKG_MAINTAINER:=Matthias Schiffer <mschiffer@universe-factory.net>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@KERNEL/software/network/ethtool
PKG_MD5SUM:=fbf1a167b88a5966a2c56a2483af68c6
PKG_MD5SUM:=37c77b02556255e4122c3636f75a8646
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=COPYING
@@ -23,6 +23,8 @@ PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
PKG_CONFIG_DEPENDS:=ETHTOOL_PRETTY_DUMP
include $(INCLUDE_DIR)/package.mk
define Package/ethtool
@@ -37,6 +39,16 @@ define Package/ethtool/description
network interface
endef
define Package/ethtool/config
source "$(SOURCE)/Config.in"
endef
ifeq ($(CONFIG_ETHTOOL_PRETTY_DUMP),y)
CONFIGURE_ARGS += --enable-pretty-dump
else
CONFIGURE_ARGS += --disable-pretty-dump
endif
define Package/ethtool/install
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/ethtool $(1)/usr/sbin
net/fastd/Makefile
+1 -1
View File
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=fastd
PKG_VERSION:=17
PKG_RELEASE:=1
PKG_RELEASE:=2
PKG_MAINTAINER:=Matthias Schiffer <mschiffer@universe-factory.net>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
net/fastd/patches/100-musl-compat.patch
+67
View File
@@ -0,0 +1,67 @@
--- a/cmake/checks.cmake
+++ b/cmake/checks.cmake
@@ -54,9 +54,13 @@ if(NOT DARWIN)
endif(NOT DARWIN)
+set(CMAKE_EXTRA_INCLUDE_FILES "linux/if_ether.h")
+check_type_size("struct ethhdr" SIZEOF_ETHHDR)
+string(COMPARE NOTEQUAL "${SIZEOF_ETHHDR}" "" HAVE_LINUX_ETHHDR)
+
set(CMAKE_EXTRA_INCLUDE_FILES "netinet/if_ether.h")
check_type_size("struct ethhdr" SIZEOF_ETHHDR)
-string(COMPARE NOTEQUAL "${SIZEOF_ETHHDR}" "" HAVE_ETHHDR)
+string(COMPARE NOTEQUAL "${SIZEOF_ETHHDR}" "" HAVE_NETINET_ETHHDR)
set(CMAKE_REQUIRED_INCLUDES "sys/types.h")
--- a/src/compat.h
+++ b/src/compat.h
@@ -45,7 +45,12 @@
#include <net/if.h>
#include <net/if_arp.h>
#include <netinet/in.h>
+
+#if defined(HAVE_LINUX_ETHHDR)
+#include <linux/if_ether.h>
+#elif defined(HAVE_NETINET_ETHHDR)
#include <netinet/if_ether.h>
+#endif
#ifndef ETH_ALEN
/** The length of a MAC address */
@@ -55,9 +60,8 @@
#ifndef ETH_HLEN
/** The length of the standard ethernet header */
#define ETH_HLEN 14
-#endif
-#ifndef HAVE_ETHHDR
+#if !defined(HAVE_LINUX_ETHHDR) && !defined(HAVE_NETINET_ETHHDR)
/** An ethernet header */
struct ethhdr {
uint8_t h_dest[ETH_ALEN]; /**< The destination MAC address field */
@@ -65,6 +69,7 @@ struct ethhdr {
uint16_t h_proto; /**< The EtherType/length field */
} __attribute__((packed));
#endif
+#endif
#if defined(USE_FREEBIND) && !defined(IP_FREEBIND)
/** Compatiblity define for systems supporting, but not defining IP_FREEBIND */
--- a/src/fastd_config.h.in
+++ b/src/fastd_config.h.in
@@ -35,8 +35,11 @@
/** Defined if the platform supports the AI_ADDRCONFIG flag to getaddrinfo() */
#cmakedefine HAVE_AI_ADDRCONFIG
-/** Defined if the platform defines the \e ethhdr struct */
-#cmakedefine HAVE_ETHHDR
+/** Defined if the platform defines the \e ethhdr struct through linux/if_ether.h */
+#cmakedefine HAVE_LINUX_ETHHDR
+
+/** Defined if the platform defines the \e ethhdr struct through netinet/if_ether.h */
+#cmakedefine HAVE_NETINET_ETHHDR
/** Defined if the platform defines get_current_dir_name() */
#cmakedefine HAVE_GET_CURRENT_DIR_NAME
net/freeradius2/Makefile
+5 -3
View File
@@ -8,12 +8,14 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=freeradius2
PKG_VERSION:=2.2.6
PKG_VERSION:=2.2.7
PKG_RELEASE:=1
PKG_SOURCE:=freeradius-server-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=ftp://ftp.freeradius.org/pub/freeradius/
PKG_MD5SUM:=e9a6f9bbee9706b008b924061ab3f915
PKG_SOURCE_URL:=\
ftp://ftp.freeradius.org/pub/freeradius/ \
ftp://ftp.freeradius.org/pub/freeradius/old/
PKG_MD5SUM:=b84b9ffa1ac9b20b2643e5a08ac483a1
PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=COPYRIGHT LICENSE
net/freeradius2/patches/001-fix-makefile.patch
+4 -2
View File
@@ -1,5 +1,7 @@
--- a/Make.inc.in
+++ b/Make.inc.in
Index: freeradius-server-2.2.7/Make.inc.in
===================================================================
--- freeradius-server-2.2.7.orig/Make.inc.in
+++ freeradius-server-2.2.7/Make.inc.in
@@ -5,6 +5,7 @@
#
net/freeradius2/patches/002-config.patch
+64 -39
View File
@@ -1,5 +1,7 @@
--- a/raddb/dictionary.in
+++ b/raddb/dictionary.in
Index: freeradius-server-2.2.7/raddb/dictionary.in
===================================================================
--- freeradius-server-2.2.7.orig/raddb/dictionary.in
+++ freeradius-server-2.2.7/raddb/dictionary.in
@@ -11,7 +11,7 @@
#
# The filename given here should be an absolute path.
@@ -9,8 +11,10 @@
#
# Place additional attributes or $INCLUDEs here. They will
--- a/raddb/eap.conf
+++ b/raddb/eap.conf
Index: freeradius-server-2.2.7/raddb/eap.conf
===================================================================
--- freeradius-server-2.2.7.orig/raddb/eap.conf
+++ freeradius-server-2.2.7/raddb/eap.conf
@@ -27,7 +27,7 @@
# then that EAP type takes precedence over the
# default type configured here.
@@ -206,8 +210,10 @@
# This option enables support for MS-SoH
# see doc/SoH.txt for more info.
--- a/raddb/modules/counter
+++ b/raddb/modules/counter
Index: freeradius-server-2.2.7/raddb/modules/counter
===================================================================
--- freeradius-server-2.2.7.orig/raddb/modules/counter
+++ freeradius-server-2.2.7/raddb/modules/counter
@@ -69,7 +69,7 @@
# 'check-name' attribute.
#
@@ -217,8 +223,10 @@
key = User-Name
count-attribute = Acct-Session-Time
reset = daily
--- a/raddb/modules/pap
+++ b/raddb/modules/pap
Index: freeradius-server-2.2.7/raddb/modules/pap
===================================================================
--- freeradius-server-2.2.7.orig/raddb/modules/pap
+++ freeradius-server-2.2.7/raddb/modules/pap
@@ -18,5 +18,5 @@
#
# http://www.openldap.org/faq/data/cache/347.html
@@ -226,8 +234,10 @@
- auto_header = no
+ auto_header = yes
}
--- a/raddb/modules/radutmp
+++ b/raddb/modules/radutmp
Index: freeradius-server-2.2.7/raddb/modules/radutmp
===================================================================
--- freeradius-server-2.2.7.orig/raddb/modules/radutmp
+++ freeradius-server-2.2.7/raddb/modules/radutmp
@@ -12,7 +12,7 @@ radutmp {
# Where the file is stored. It's not a log file,
# so it doesn't need rotating.
@@ -237,8 +247,10 @@
# The field in the packet to key on for the
# 'user' name, If you have other fields which you want
--- a/raddb/modules/sradutmp
+++ b/raddb/modules/sradutmp
Index: freeradius-server-2.2.7/raddb/modules/sradutmp
===================================================================
--- freeradius-server-2.2.7.orig/raddb/modules/sradutmp
+++ freeradius-server-2.2.7/raddb/modules/sradutmp
@@ -10,7 +10,7 @@
# then name "sradutmp" to identify it later in the "accounting"
# section.
@@ -248,8 +260,10 @@
perm = 0644
callerid = "no"
}
--- a/raddb/radiusd.conf.in
+++ b/raddb/radiusd.conf.in
Index: freeradius-server-2.2.7/raddb/radiusd.conf.in
===================================================================
--- freeradius-server-2.2.7.orig/raddb/radiusd.conf.in
+++ freeradius-server-2.2.7/raddb/radiusd.conf.in
@@ -66,7 +66,7 @@ name = radiusd
# Location of config and logfiles.
@@ -277,7 +291,7 @@
# clients = per_socket_clients
}
@@ -584,8 +584,8 @@ security {
@@ -576,8 +576,8 @@ security {
#
# allowed values: {no, yes}
#
@@ -288,7 +302,7 @@
# CLIENTS CONFIGURATION
@@ -782,7 +782,7 @@ instantiate {
@@ -774,7 +774,7 @@ instantiate {
# The entire command line (and output) must fit into 253 bytes.
#
# e.g. Framed-Pool = `%{exec:/bin/echo foo}`
@@ -297,7 +311,7 @@
#
# The expression module doesn't do authorization,
@@ -799,15 +799,15 @@ instantiate {
@@ -791,15 +791,15 @@ instantiate {
# other xlat functions such as md5, sha1 and lc.
#
# We do not recommend removing it's listing here.
@@ -316,7 +330,7 @@
# subsections here can be thought of as "virtual" modules.
#
@@ -831,7 +831,7 @@ instantiate {
@@ -823,7 +823,7 @@ instantiate {
# to multiple times.
#
######################################################################
@@ -325,7 +339,7 @@
######################################################################
#
@@ -841,9 +841,9 @@ $INCLUDE policy.conf
@@ -833,9 +833,9 @@ $INCLUDE policy.conf
# match the regular expression: /[a-zA-Z0-9_.]+/
#
# It allows you to define new virtual servers simply by placing
@@ -337,7 +351,7 @@
######################################################################
#
@@ -851,7 +851,7 @@ $INCLUDE sites-enabled/
@@ -843,7 +843,7 @@ $INCLUDE sites-enabled/
# "authenticate {}", "accounting {}", have been moved to the
# the file:
#
@@ -346,8 +360,10 @@
#
# This is the "default" virtual server that has the same
# configuration as in version 1.0.x and 1.1.x. The default
--- a/raddb/sites-available/default
+++ b/raddb/sites-available/default
Index: freeradius-server-2.2.7/raddb/sites-available/default
===================================================================
--- freeradius-server-2.2.7.orig/raddb/sites-available/default
+++ freeradius-server-2.2.7/raddb/sites-available/default
@@ -85,7 +85,7 @@ authorize {
#
# It takes care of processing the 'raddb/hints' and the
@@ -391,7 +407,7 @@
# ntdomain
#
@@ -195,8 +195,8 @@ authorize {
@@ -197,8 +197,8 @@ authorize {
# Use the checkval module
# checkval
@@ -402,7 +418,7 @@
#
# If no other module has claimed responsibility for
@@ -277,7 +277,7 @@ authenticate {
@@ -279,7 +279,7 @@ authenticate {
# If you have a Cisco SIP server authenticating against
# FreeRADIUS, uncomment the following line, and the 'digest'
# line in the 'authorize' section.
@@ -411,7 +427,7 @@
#
# Pluggable Authentication Modules.
@@ -294,7 +294,7 @@ authenticate {
@@ -296,7 +296,7 @@ authenticate {
# be used for authentication ONLY for compatibility with legacy
# FreeRADIUS configurations.
#
@@ -420,7 +436,7 @@
# Uncomment it if you want to use ldap for authentication
#
@@ -330,8 +330,8 @@ authenticate {
@@ -332,8 +332,8 @@ authenticate {
#
# Pre-accounting. Decide which accounting type to use.
#
@@ -431,7 +447,7 @@
#
# Session start times are *implied* in RADIUS.
@@ -354,7 +354,7 @@ preacct {
@@ -356,7 +356,7 @@ preacct {
#
# Ensure that we have a semi-unique identifier for every
# request, and many NAS boxes are broken.
@@ -440,7 +456,7 @@
#
# Look for IPASS-style 'realm/', and if not found, look for
@@ -364,13 +364,13 @@ preacct {
@@ -366,13 +366,13 @@ preacct {
# Accounting requests are generally proxied to the same
# home server as authentication requests.
# IPASS
@@ -457,7 +473,7 @@
#
# Accounting. Log the accounting data.
@@ -380,7 +380,7 @@ accounting {
@@ -382,7 +382,7 @@ accounting {
# Create a 'detail'ed log of the packets.
# Note that accounting requests which are proxied
# are also logged in the detail file.
@@ -466,7 +482,7 @@
# daily
# Update the wtmp file
@@ -432,7 +432,7 @@ accounting {
@@ -434,7 +434,7 @@ accounting {
exec
# Filter attributes from the accounting response.
@@ -475,7 +491,7 @@
#
# See "Autz-Type Status-Server" for how this works.
@@ -458,7 +458,7 @@ session {
@@ -460,7 +460,7 @@ session {
# Post-Authentication
# Once we KNOW that the user has been authenticated, there are
# additional steps we can take.
@@ -484,7 +500,7 @@
# Get an address from the IP Pool.
# main_pool
@@ -488,7 +488,7 @@ post-auth {
@@ -490,7 +490,7 @@ post-auth {
# ldap
# For Exec-Program and Exec-Program-Wait
@@ -493,7 +509,7 @@
#
# Calculate the various WiMAX keys. In order for this to work,
@@ -572,12 +572,12 @@ post-auth {
@@ -574,18 +574,18 @@ post-auth {
# Add the ldap module name (or instance) if you have set
# 'edir_account_policy_check = yes' in the ldap module configuration
#
@@ -502,6 +518,13 @@
+# Post-Auth-Type REJECT {
+# # log failed authentications in SQL, too.
# sql
# Insert EAP-Failure message if the request was
# rejected by policy instead of because of an
# authentication failure
- eap
+# eap
- attr_filter.access_reject
- }
-}
@@ -511,7 +534,7 @@
#
# When the server decides to proxy a request to a home server,
@@ -587,7 +587,7 @@ post-auth {
@@ -595,7 +595,7 @@ post-auth {
#
# Only a few modules currently have this method.
#
@@ -520,7 +543,7 @@
# attr_rewrite
# Uncomment the following line if you want to change attributes
@@ -603,14 +603,14 @@ pre-proxy {
@@ -611,14 +611,14 @@ pre-proxy {
# server, un-comment the following line, and the
# 'detail pre_proxy_log' section, above.
# pre_proxy_log
@@ -537,7 +560,7 @@
# If you want to have a log of replies from a home server,
# un-comment the following line, and the 'detail post_proxy_log'
@@ -634,7 +634,7 @@ post-proxy {
@@ -642,7 +642,7 @@ post-proxy {
# hidden inside of the EAP packet, and the end server will
# reject the EAP request.
#
@@ -546,15 +569,17 @@
#
# If the server tries to proxy a request and fails, then the
@@ -656,5 +656,5 @@ post-proxy {
@@ -664,5 +664,5 @@ post-proxy {
# Post-Proxy-Type Fail {
# detail
# }
-}
+#}
--- a/raddb/users
+++ b/raddb/users
Index: freeradius-server-2.2.7/raddb/users
===================================================================
--- freeradius-server-2.2.7.orig/raddb/users
+++ freeradius-server-2.2.7/raddb/users
@@ -169,22 +169,22 @@
# by the terminal server in which case there may not be a "P" suffix.
# The terminal server sends "Framed-Protocol = PPP" for auto PPP.
net/freeradius2/patches/004-ldap_configure.patch
+8 -4
View File
@@ -1,5 +1,7 @@
--- a/src/modules/rlm_ldap/configure
+++ b/src/modules/rlm_ldap/configure
Index: freeradius-server-2.2.7/src/modules/rlm_ldap/configure
===================================================================
--- freeradius-server-2.2.7.orig/src/modules/rlm_ldap/configure
+++ freeradius-server-2.2.7/src/modules/rlm_ldap/configure
@@ -1,10 +1,10 @@
#! /bin/sh
# From configure.in Revision.
@@ -4239,8 +4241,10 @@
+$as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;}
+fi
--- a/src/modules/rlm_ldap/configure.in
Index: freeradius-server-2.2.7/src/modules/rlm_ldap/configure.in
===================================================================
--- freeradius-server-2.2.7.orig/src/modules/rlm_ldap/configure.in
+++ freeradius-server-2.2.7/src/modules/rlm_ldap/configure.in
@@ -87,6 +87,9 @@ if test x$with_[]modname != xno; then
)
net/freeradius2/patches/008-honor_ccpflags.patch
+4 -2
View File
@@ -1,5 +1,7 @@
--- a/src/modules/rules.mak
+++ b/src/modules/rules.mak
Index: freeradius-server-2.2.7/src/modules/rules.mak
===================================================================
--- freeradius-server-2.2.7.orig/src/modules/rules.mak
+++ freeradius-server-2.2.7/src/modules/rules.mak
@@ -63,10 +63,10 @@ $(LT_OBJS): $(SERVER_HEADERS)
#
#######################################################################
net/freeradius2/patches/010-disbale-openssl-check.patch
+5 -3
View File
@@ -1,6 +1,8 @@
--- a/configure.in
+++ b/configure.in
@@ -796,35 +796,6 @@ if test "x$WITH_OPENSSL" = xyes; then
Index: freeradius-server-2.2.7/configure.in
===================================================================
--- freeradius-server-2.2.7.orig/configure.in
+++ freeradius-server-2.2.7/configure.in
@@ -820,35 +820,6 @@ if test "x$WITH_OPENSSL" = xyes; then
OPENSSL_INCLUDE="-DOPENSSL_NO_KRB5"
fi
net/fwknop/Config.in
+12
View File
@@ -0,0 +1,12 @@
#fwknop config
menu "Configuration"
depends on PACKAGE_fwknopd
config FWKNOPD_GPG
bool "Enable GPG support"
select PACKAGE_gnupg
default n
endmenu
net/fwknop/Makefile
+20 -7
View File
@@ -8,12 +8,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=fwknop
PKG_VERSION:=2.6.5
PKG_RELEASE:=1
PKG_VERSION:=2.6.6
PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=http://www.cipherdyne.org/fwknop/download
PKG_MD5SUM:=1ae000a499bf604a2aeef4d0a7a178c8
PKG_MD5SUM:=1372aeaf1e33ab1d6b9906ef9b5cd02e
PKG_MAINTAINER:=Jonathan Bennett <JBennett@incomsystems.biz>
PKG_LICENSE:=GPLv2
PKG_INSTALL:=1
@@ -42,7 +42,7 @@ define Package/fwknopd
CATEGORY:=Network
SUBMENU:=Firewall
TITLE+= Daemon
DEPENDS:=+iptables +libfko +libpcap
DEPENDS:=+iptables +libfko +libpcap +FWKNOP_GPG:gnupg
endef
define Package/fwknopd/description
@@ -55,6 +55,10 @@ define Package/fwknopd/conffiles
/etc/fwknop/fwknopd.conf
endef
define Package/fwknopd/config
source "$(SOURCE)/Config.in"
endef
define Package/fwknop
$(call Package/fwknop/Default)
SECTION:=net
@@ -82,8 +86,12 @@ define Package/libfko/description
This package contains the libfko shared library.
endef
ifeq ($(CONFIG_FWKNOPD_GPG),n)
CONFIGURE_ARGS += --without-gpgme
endif
CONFIGURE_ARGS += \
--without-gpgme \
--with-iptables=/usr/sbin/iptables
define Build/InstallDev
@@ -94,16 +102,21 @@ define Build/InstallDev
endef
define Package/fwknopd/install
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_CONF) ./files/fwknopd $(1)/etc/config/fwknopd
$(INSTALL_DIR) $(1)/etc/fwknop
$(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/fwknop/{access,fwknopd}.conf \
$(1)/etc/fwknop/
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) $(PKG_BUILD_DIR)/extras/fwknop.init.openwrt \
$(1)/etc/init.d/fwknopd
$(INSTALL_BIN) ./files/fwknopd.init $(1)/etc/init.d/fwknopd
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/fwknopd $(1)/usr/sbin/
endef
define Package/fwknopd/conffiles
/etc/config/fwknopd
endef
define Package/fwknop/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/fwknop $(1)/usr/bin/
net/fwknop/files/fwknopd
+9
View File
@@ -0,0 +1,9 @@
config global
# option uci_enabled '1'
config access
option SOURCE 'ANY'
option HMAC_KEY 'CHANGEME'
option KEY 'CHANGEME'
config config
net/fwknop/files/fwknopd.init
+94
View File
@@ -0,0 +1,94 @@
#!/bin/sh /etc/rc.common
#
# Fwknop is developed primarily by the people listed in the file 'AUTHORS'.
# Copyright (C) 2009-2014 fwknop developers and contributors. For a full
# list of contributors, see the file 'CREDITS'.
#
. /lib/functions.sh
START=95
FWKNOPD_BIN=/usr/sbin/fwknopd
start()
{
gen_confs
$FWKNOPD_BIN
}
stop()
{
$FWKNOPD_BIN -K
}
restart()
{
stop;
sleep 1;
start;
}
reload()
{
gen_confs
$FWKNOPD_BIN -R
}
gen_confs()
{
[ -f /tmp/access.conf.tmp ] && rm /tmp/access.conf.tmp
if [`uci get fwknopd.@access[0].PCAP_INTF` = ""]
then
. /lib/functions/network.sh
network_get_physdev device wan
uci set fwknopd.@config[0].PCAP_INTF="$device"
uci commit
fi
config_cb() {
local type="$1"
local name="$2"
if [ "$type" = "global" ]; then
option_cb() {
local option="$1"
local value="$2"
if [ "$option" = "uci_enabled" ] && [ "$value" -eq 1 ] ; then
> /etc/fwknop/fwknopd.conf
> /etc/fwknop/access.conf
UCI_ENABLED=1
fi
}
elif [ "$type" = "config" ]; then
option_cb() {
local option="$1"
local value="$2"
if [ $UCI_ENABLED ]; then
echo "$option $value" >> /etc/fwknop/fwknopd.conf #writing each option to fwknopd.conf
fi
}
elif [ "$type" = "access" ]
then
if [ -f /tmp/access.conf.tmp ] ; then
cat /tmp/access.conf.tmp >> /etc/fwknop/access.conf
rm /tmp/access.conf.tmp
fi
option_cb() {
local option="$1"
local value="$2"
if [ $UCI_ENABLED ] && [ $option = "SOURCE" ]; then
echo "$option $value" >> /etc/fwknop/access.conf #writing each option to access.conf
fi
if [ $UCI_ENABLED ] && [ $option != "SOURCE" ]; then
echo "$option $value" >> /tmp/access.conf.tmp #writing each option to access.conf
fi
}
fi
}
if [ -f /etc/config/fwknopd ]; then
config_load fwknopd
if [ -f /tmp/access.conf.tmp ] ; then
cat /tmp/access.conf.tmp >> /etc/fwknop/access.conf
rm /tmp/access.conf.tmp
fi
fi
}
net/fwknop/patches/001-add-keygen.patch
+427
View File
@@ -0,0 +1,427 @@
diff --git a/CREDITS b/CREDITS
index de17d9e..38e2108 100644
--- a/CREDITS
+++ b/CREDITS
@@ -1,5 +1,6 @@
Jonathan Bennett
- Contributed OpenWRT support - see the extras/openwrt/ directory.
+ - Suggested the addition of the --key-gen option to fwknopd.
Sebastien Jeanquier
- Assisted with getting fwknop included in BackTrack Linux - the choice
diff --git a/ChangeLog b/ChangeLog
index 21a5093..4daf008 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+fwknop-2.6.7 (05//2015):
+ - Added --key-gen to fwknopd. This feature was suggested by Jonathan
+ Bennett, and will help with ease of use efforts. The first platform to
+ take advantage of this will likely be OpenWRT thanks to Jonathan.
+
fwknop-2.6.6 (04/23/2015):
- [server] Add the ability for fwknopd to function as an generic SPA
gateway. This allows scenarios such as the fwknopd system providing DHCP
diff --git a/client/config_init.c b/client/config_init.c
index cdb233d..f0ae135 100644
--- a/client/config_init.c
+++ b/client/config_init.c
@@ -199,7 +199,7 @@ static int critical_var_array[] =
};
/**
- * @brief Generate Rijndael + HMAC keys from /dev/random (base64 encoded) and exit.
+ * @brief Generate Rijndael + HMAC keys from /dev/urandom (base64 encoded).
*
* @param options FKO command line option structure
*/
diff --git a/client/fwknop_common.h b/client/fwknop_common.h
index aef20c4..c57db02 100644
--- a/client/fwknop_common.h
+++ b/client/fwknop_common.h
@@ -69,8 +69,6 @@
#define MAX_HOSTNAME_LEN 70
#define MAX_URL_HOST_LEN 256
#define MAX_URL_PATH_LEN 1024
-#define MAX_KEY_LEN 128
-#define MAX_B64_KEY_LEN 180
/* fwknop client configuration parameters and values
*/
@@ -156,10 +154,10 @@ typedef struct fko_cli_options
unsigned char use_gpg;
unsigned char use_gpg_agent;
unsigned char gpg_no_signing_pw;
+ unsigned char key_gen;
int time_offset_plus;
int time_offset_minus;
int fw_timeout;
- int key_gen;
char use_rc_stanza[MAX_LINE_LEN];
unsigned char got_named_stanza;
diff --git a/common/common.h b/common/common.h
index b63e7c2..c7b2e57 100644
--- a/common/common.h
+++ b/common/common.h
@@ -157,6 +157,9 @@ enum {
#define MAX_GPG_KEY_ID 128
#define MAX_USERNAME_LEN 30
+#define MAX_KEY_LEN 128
+#define MAX_B64_KEY_LEN 180
+
/* Command line argument / argv handling
*/
#define MAX_CMDLINE_ARGS 30 /*!< should be way more than enough */
diff --git a/doc/fwknop.man.asciidoc b/doc/fwknop.man.asciidoc
index 070ac77..efa99a7 100644
--- a/doc/fwknop.man.asciidoc
+++ b/doc/fwknop.man.asciidoc
@@ -196,6 +196,11 @@ GENERAL OPTIONS
keys are generally more secure than passphrases that are typed in from the
command line.
+*--key-gen-file*='<file>'::
+ Write generated keys to the specified file. Note that the file is
+ overwritten if it already exists. If this option is not given, then
+ *--key-gen* writes the keys to stdout.
+
*--key-len*='<length>'::
Specify the number of bytes for a generated Rijndael key. The maximum size
is currently 128 bytes.
diff --git a/server/cmd_opts.h b/server/cmd_opts.h
index bc1eee1..d7a645c 100644
--- a/server/cmd_opts.h
+++ b/server/cmd_opts.h
@@ -141,6 +141,10 @@ enum {
FW_LIST = 0x200,
FW_LIST_ALL,
FW_FLUSH,
+ KEY_GEN_FILE,
+ KEY_LEN,
+ HMAC_KEY_LEN,
+ HMAC_DIGEST_TYPE,
AFL_PKT_FILE,
GPG_HOME_DIR,
GPG_EXE_PATH,
@@ -178,7 +182,12 @@ static struct option cmd_opts[] =
{"fault-injection-tag", 1, NULL, FAULT_INJECTION_TAG},
{"help", 0, NULL, 'h'},
{"interface", 1, NULL, 'i'},
- {"kill", 0, NULL, 'K'},
+ {"key-gen", 0, NULL, 'k'},
+ {"key-gen-file", 1, NULL, KEY_GEN_FILE },
+ {"key-len", 1, NULL, KEY_LEN },
+ {"hmac-key-len", 1, NULL, HMAC_KEY_LEN },
+ {"hmac-digest-type", 1, NULL, HMAC_DIGEST_TYPE },
+ {"kill", 0, NULL, 'K' },
{"fw-flush", 0, NULL, FW_FLUSH },
{"fw-list", 0, NULL, FW_LIST },
{"fw-list-all", 0, NULL, FW_LIST_ALL },
diff --git a/server/config_init.c b/server/config_init.c
index 0ddceee..2f1d293 100644
--- a/server/config_init.c
+++ b/server/config_init.c
@@ -201,6 +201,69 @@ validate_int_var_ranges(fko_srv_options_t *opts)
return;
}
+/**
+ * @brief Generate Rijndael + HMAC keys from /dev/urandom (base64 encoded).
+ *
+ * @param options FKO command line option structure
+ */
+static void
+generate_keys(fko_srv_options_t *options)
+{
+ char key_base64[MAX_B64_KEY_LEN+1];
+ char hmac_key_base64[MAX_B64_KEY_LEN+1];
+
+ FILE *key_gen_file_ptr = NULL;
+ int res;
+
+ /* Set defaults and validate for --key-gen mode
+ */
+ if(options->key_len == 0)
+ options->key_len = FKO_DEFAULT_KEY_LEN;
+
+ if(options->hmac_key_len == 0)
+ options->hmac_key_len = FKO_DEFAULT_HMAC_KEY_LEN;
+
+ if(options->hmac_type == 0)
+ options->hmac_type = FKO_DEFAULT_HMAC_MODE;
+
+ /* Zero out the key buffers */
+ memset(key_base64, 0x00, sizeof(key_base64));
+ memset(hmac_key_base64, 0x00, sizeof(hmac_key_base64));
+
+ /* Generate the key through libfko */
+ res = fko_key_gen(key_base64, options->key_len,
+ hmac_key_base64, options->hmac_key_len,
+ options->hmac_type);
+
+ if(res != FKO_SUCCESS)
+ {
+ log_msg(LOG_ERR, "%s: fko_key_gen: Error %i - %s",
+ MY_NAME, res, fko_errstr(res));
+ clean_exit(options, NO_FW_CLEANUP, EXIT_FAILURE);
+ }
+
+ if(options->key_gen_file[0] != '\0')
+ {
+ if ((key_gen_file_ptr = fopen(options->key_gen_file, "w")) == NULL)
+ {
+ log_msg(LOG_ERR, "Unable to create key gen file: %s: %s",
+ options->key_gen_file, strerror(errno));
+ clean_exit(options, NO_FW_CLEANUP, EXIT_FAILURE);
+ }
+ fprintf(key_gen_file_ptr, "KEY_BASE64: %s\nHMAC_KEY_BASE64: %s\n",
+ key_base64, hmac_key_base64);
+ fclose(key_gen_file_ptr);
+ fprintf(stdout, "[+] Wrote Rijndael and HMAC keys to: %s",
+ options->key_gen_file);
+ }
+ else
+ {
+ fprintf(stdout, "KEY_BASE64: %s\nHMAC_KEY_BASE64: %s\n",
+ key_base64, hmac_key_base64);
+ }
+ clean_exit(options, NO_FW_CLEANUP, EXIT_SUCCESS);
+}
+
/* Parse the config file...
*/
static void
@@ -427,7 +490,7 @@ validate_options(fko_srv_options_t *opts)
if(opts->config[CONF_ENABLE_DIGEST_PERSISTENCE] == NULL)
set_config_entry(opts, CONF_ENABLE_DIGEST_PERSISTENCE,
DEF_ENABLE_DIGEST_PERSISTENCE);
-
+
/* Enable destination rule.
*/
if(opts->config[CONF_ENABLE_DESTINATION_RULE] == NULL)
@@ -928,8 +991,9 @@ config_init(fko_srv_options_t *opts, int argc, char **argv)
/* First, scan the command-line args for -h/--help or an alternate
* configuration file. If we find an alternate config file, use it,
- * otherwise use the default. We also grab any override config files
- * as well.
+ * otherwise use the default. We also grab any override config files
+ * as well. In addition, we handle key generation here since this is
+ * independent of configuration parsing.
*/
while ((cmd_arg = getopt_long(argc, argv,
GETOPTS_OPTION_STRING, cmd_opts, &index)) != -1) {
@@ -952,6 +1016,45 @@ config_init(fko_srv_options_t *opts, int argc, char **argv)
if(got_override_config > 0)
break;
+ case 'k':
+ opts->key_gen = 1;
+ break;
+ case KEY_GEN_FILE:
+ opts->key_gen = 1;
+ strlcpy(opts->key_gen_file, optarg, sizeof(opts->key_gen_file));
+ break;
+ case KEY_LEN: /* used in --key-gen mode only */
+ opts->key_len = strtol_wrapper(optarg, 1,
+ MAX_KEY_LEN, NO_EXIT_UPON_ERR, &is_err);
+ if(is_err != FKO_SUCCESS)
+ {
+ log_msg(LOG_ERR,
+ "Invalid key length '%s', must be in [%d-%d]",
+ optarg, 1, MAX_KEY_LEN);
+ clean_exit(opts, NO_FW_CLEANUP, EXIT_FAILURE);
+ }
+ break;
+ case HMAC_DIGEST_TYPE: /* used in --key-gen mode only */
+ if((opts->hmac_type = hmac_digest_strtoint(optarg)) < 0)
+ {
+ log_msg(LOG_ERR,
+ "* Invalid hmac digest type: %s, use {md5,sha1,sha256,sha384,sha512}",
+ optarg);
+ clean_exit(opts, NO_FW_CLEANUP, EXIT_FAILURE);
+ }
+ break;
+ case HMAC_KEY_LEN: /* used in --key-gen mode only */
+ opts->hmac_key_len = strtol_wrapper(optarg, 1,
+ MAX_KEY_LEN, NO_EXIT_UPON_ERR, &is_err);
+ if(is_err != FKO_SUCCESS)
+ {
+ log_msg(LOG_ERR,
+ "Invalid hmac key length '%s', must be in [%d-%d]",
+ optarg, 1, MAX_KEY_LEN);
+ clean_exit(opts, NO_FW_CLEANUP, EXIT_FAILURE);
+ }
+ break;
+
/* Look for override configuration file arg.
*/
case 'O':
@@ -965,6 +1068,9 @@ config_init(fko_srv_options_t *opts, int argc, char **argv)
}
}
+ if(opts->key_gen)
+ generate_keys(opts);
+
/* If no alternate configuration file was specified, we use the
* default.
*/
diff --git a/server/fwknopd_common.h b/server/fwknopd_common.h
index ecf2a81..8c33eaa 100644
--- a/server/fwknopd_common.h
+++ b/server/fwknopd_common.h
@@ -585,10 +585,14 @@ typedef struct fko_srv_options
unsigned char fw_list; /* List current firewall rules */
unsigned char fw_list_all; /* List all current firewall rules */
unsigned char fw_flush; /* Flush current firewall rules */
+ unsigned char key_gen; /* Generate keys and exit */
+ unsigned char exit_after_parse_config; /* Parse config and exit */
+
+ /* Operational flags
+ */
unsigned char test; /* Test mode flag */
unsigned char afl_fuzzing; /* SPA pkts from stdin for AFL fuzzing */
unsigned char verbose; /* Verbose mode flag */
- unsigned char exit_after_parse_config; /* Parse config and exit */
unsigned char enable_udp_server; /* Enable UDP server mode */
unsigned char firewd_disable_check_support; /* Don't use firewall-cmd ... -C */
@@ -605,6 +609,13 @@ typedef struct fko_srv_options
int tcp_server_pid;
int lock_fd;
+ /* Values used in --key-gen mode only
+ */
+ char key_gen_file[MAX_PATH_LEN];
+ int key_len;
+ int hmac_key_len;
+ int hmac_type;
+
#if USE_FILE_CACHE
struct digest_cache_list *digest_cache; /* In-memory digest cache list */
#endif
diff --git a/test/tests/basic_operations.pl b/test/tests/basic_operations.pl
index f4dde2e..76a509d 100644
--- a/test/tests/basic_operations.pl
+++ b/test/tests/basic_operations.pl
@@ -390,6 +390,14 @@
'exec_err' => $YES,
'cmdline' => "$default_client_args --key-gen -K " . 'A'x1030
},
+ {
+ 'category' => 'basic operations',
+ 'subcategory' => 'server',
+ 'detail' => '--key-gen file path (-K) too long',
+ 'function' => \&generic_exec,
+ 'exec_err' => $YES,
+ 'cmdline' => "$fwknopdCmd --key-gen --key-gen-file " . 'A'x1030
+ },
{
'category' => 'basic operations',
diff --git a/test/tests/rijndael.pl b/test/tests/rijndael.pl
index 26aab6a..34af65e 100644
--- a/test/tests/rijndael.pl
+++ b/test/tests/rijndael.pl
@@ -421,33 +421,6 @@
'key_file' => $cf{'rc_named_key'},
},
- ### --key-gen tests
- {
- 'category' => 'Rijndael',
- 'subcategory' => 'client',
- 'detail' => '--key-gen',
- 'function' => \&generic_exec,
- 'cmdline' => "$fwknopCmd --key-gen",
- 'positive_output_matches' => [qr/^KEY_BASE64\:?\s\S{10}/,
- qw/HMAC_KEY_BASE64\:?\s\S{10}/],
- },
- {
- 'category' => 'Rijndael',
- 'subcategory' => 'client',
- 'detail' => "--key-gen $uniq_keys key uniqueness",
- 'function' => \&key_gen_uniqueness,
- 'cmdline' => "$fwknopCmd --key-gen", ### no valgrind string (too slow for 100 client exec's)
- 'disable_valgrind' => $YES,
- },
- {
- 'category' => 'Rijndael',
- 'subcategory' => 'client',
- 'detail' => '--key-gen to file',
- 'function' => \&generic_exec,
- 'cmdline' => "$fwknopCmd --key-gen --key-gen-file $key_gen_file",
- 'positive_output_matches' => [qr/Wrote.*\skeys/],
- },
-
### rc file tests
{
'category' => 'Rijndael',
diff --git a/test/tests/rijndael_hmac.pl b/test/tests/rijndael_hmac.pl
index fc1a8af..fd80f04 100644
--- a/test/tests/rijndael_hmac.pl
+++ b/test/tests/rijndael_hmac.pl
@@ -58,6 +58,59 @@
'exec_err' => $YES,
},
+ ### --key-gen tests
+ {
+ 'category' => 'Rijndael+HMAC',
+ 'subcategory' => 'client',
+ 'detail' => '--key-gen',
+ 'function' => \&generic_exec,
+ 'cmdline' => "$fwknopCmd --key-gen",
+ 'positive_output_matches' => [qr/^KEY_BASE64\:?\s\S{10}/,
+ qw/HMAC_KEY_BASE64\:?\s\S{10}/],
+ },
+ {
+ 'category' => 'Rijndael+HMAC',
+ 'subcategory' => 'server',
+ 'detail' => '--key-gen',
+ 'function' => \&generic_exec,
+ 'cmdline' => "$fwknopdCmd --key-gen",
+ 'positive_output_matches' => [qr/^KEY_BASE64\:?\s\S{10}/,
+ qw/HMAC_KEY_BASE64\:?\s\S{10}/],
+ },
+ {
+ 'category' => 'Rijndael+HMAC',
+ 'subcategory' => 'client',
+ 'detail' => "--key-gen $uniq_keys key uniqueness",
+ 'function' => \&key_gen_uniqueness,
+ 'cmdline' => "$fwknopCmd --key-gen", ### no valgrind string (too slow for 100 exec's)
+ 'disable_valgrind' => $YES,
+ },
+ {
+ 'category' => 'Rijndael+HMAC',
+ 'subcategory' => 'server',
+ 'detail' => "--key-gen $uniq_keys key uniqueness",
+ 'function' => \&key_gen_uniqueness,
+ 'cmdline' => "$fwknopdCmd --key-gen", ### no valgrind string (too slow for 100 exec's)
+ 'disable_valgrind' => $YES,
+ },
+ {
+ 'category' => 'Rijndael+HMAC',
+ 'subcategory' => 'client',
+ 'detail' => '--key-gen to file',
+ 'function' => \&generic_exec,
+ 'cmdline' => "$fwknopCmd --key-gen --key-gen-file $key_gen_file",
+ 'positive_output_matches' => [qr/Wrote.*\skeys/],
+ },
+ {
+ 'category' => 'Rijndael+HMAC',
+ 'subcategory' => 'server',
+ 'detail' => '--key-gen to file',
+ 'function' => \&generic_exec,
+ 'cmdline' => "$fwknopdCmd --key-gen --key-gen-file $key_gen_file",
+ 'positive_output_matches' => [qr/Wrote.*\skeys/],
+ },
+
+ ### complete cycle tests
{
'category' => 'Rijndael+HMAC',
'subcategory' => 'client+server',
net/fwknop/patches/001-fix_config.patch
-18
View File
@@ -1,18 +0,0 @@
--- a/server/fwknopd.conf.inst
+++ b/server/fwknopd.conf.inst
@@ -402,8 +402,13 @@
# The IPT_FORWARD_ACCESS variable is only used if ENABLE_IPT_FORWARDING is
# enabled.
#
-#IPT_FORWARD_ACCESS ACCEPT, filter, FORWARD, 1, FWKNOP_FORWARD, 1;
-#IPT_DNAT_ACCESS DNAT, nat, PREROUTING, 1, FWKNOP_PREROUTING, 1;
+
+# These two lines are changed specifically for Openwrt, due to
+# different naming conventions. IPT_FORWARD is still disabled
+# by default, and must be enabled earlier in this file to be used.
+
+IPT_FORWARD_ACCESS ACCEPT, filter, zone_wan_forward, 1, FWKNOP_FORWARD, 1;
+IPT_DNAT_ACCESS DNAT, nat, zone_wan_prerouting, 1, FWKNOP_PREROUTING, 1;
# The IPT_SNAT_ACCESS variable is not used unless both ENABLE_IPT_SNAT and
# ENABLE_IPT_FORWARDING are enabled. Also, the external static IP must be
net/fwknop/patches/002-fix_init.patch
-17
View File
@@ -1,17 +0,0 @@
--- a/extras/openwrt/package/fwknop/files/fwknopd.init
+++ b/extras/openwrt/package/fwknop/files/fwknopd.init
@@ -11,12 +11,12 @@ FWKNOPD_BIN=/usr/sbin/fwknopd
start()
{
- $FWKNOPD_BIN
+ service_start $FWKNOPD_BIN
}
stop()
{
- $FWKNOPD_BIN -K
+ service_stop $FWKNOPD_BIN -K
}
restart()
net/git/Makefile
+54 -11
View File
@@ -1,5 +1,5 @@
#
# Copyright (C) 2009-2014 OpenWrt.org
# Copyright (C) 2009-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
@@ -8,19 +8,20 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=git
PKG_VERSION:=2.3.0
PKG_VERSION:=2.4.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@KERNEL/software/scm/git/
PKG_MD5SUM:=e5880760d1f43f4f49b3bf94b9046eee
PKG_MD5SUM:=0b8dc818ed4766342978d744522aec49
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
PKG_FIXUP:=autoreconf
include $(INCLUDE_DIR)/package.mk
define Package/git
define Package/git/Default
SECTION:=net
CATEGORY:=Network
SUBMENU:=Version Control Systems
@@ -30,18 +31,35 @@ define Package/git
MAINTAINER:=Peter Wagner <tripolar@gmx.at>
endef
define Package/git
$(call Package/git/Default)
DEPENDS:=+libopenssl +libpthread +librt
TITLE:=The fast version control system
endef
define Package/git/description
Git is a free & open source, distributed version control system
designed to handle everything from small to very large projects
with speed and efficiency.
endef
define Package/git-http
$(call Package/git/Default)
DEPENDS:=git +libcurl +ca-certificates
TITLE:=Git HTTP commands
endef
define Package/git-http/description
$(call Package/git/description)
This package allows git push/fetch over http(s) and ftp(s)
endef
MAKE_FLAGS := \
CC="$(TARGET_CC)" \
CFLAGS="$(TARGET_CFLAGS)" \
CPPFLAGS="$(TARGET_CPPFLAGS)" \
LDFLAGS="$(TARGET_LDFLAGS)" \
NO_CURL="YesPlease" \
NO_EXPAT="YesPlease" \
NO_MKSTEMPS="YesPlease" \
NO_GETTEXT="YesPlease" \
@@ -51,21 +69,46 @@ MAKE_FLAGS := \
NO_NSEC="YesPlease" \
NO_PERL="YesPlease" \
NO_PYTHON="YesPlease" \
NO_TCLTK="YesPlease"
NO_TCLTK="YesPlease" \
NO_INSTALL_HARDLINKS="yes" \
CONFIGURE_ARGS += \
--without-iconv \
define Build/Configure
$(MAKE) -C $(PKG_BUILD_DIR) \
configure
( cd $(PKG_BUILD_DIR); \
./configure --prefix=/usr \
);
$(call Build/Configure/Default,)
endef
define Package/git/install
$(INSTALL_DIR) $(1)
$(INSTALL_DIR) $(1)/usr/bin
$(CP) $(PKG_INSTALL_DIR)/usr/bin/git $(1)/usr/bin
$(RM) $(PKG_INSTALL_DIR)/usr/bin/git-cvsserver
$(CP) $(PKG_INSTALL_DIR)/* $(1)/
$(CP) $(PKG_INSTALL_DIR)/usr/bin/git-* $(1)/usr/bin
$(INSTALL_DIR) $(1)/usr/lib/git-core
( cd $(PKG_INSTALL_DIR); $(TAR) \
--exclude=usr/lib/git-core/git-http-backend \
--exclude=usr/lib/git-core/git-http-fetch \
--exclude=usr/lib/git-core/git-remote-ftp \
--exclude=usr/lib/git-core/git-remote-ftps \
--exclude=usr/lib/git-core/git-remote-http \
--exclude=usr/lib/git-core/git-remote-https \
-cf - \
usr/lib/git-core \
) | ( cd $(1); $(TAR) -xf - )
endef
define Package/git-http/install
$(INSTALL_DIR) $(1)/usr/lib/git-core
$(CP) $(PKG_INSTALL_DIR)/usr/lib/git-core/git-http-backend $(1)/usr/lib/git-core
$(CP) $(PKG_INSTALL_DIR)/usr/lib/git-core/git-http-fetch $(1)/usr/lib/git-core
$(CP) $(PKG_INSTALL_DIR)/usr/lib/git-core/git-remote-ftp $(1)/usr/lib/git-core
$(CP) $(PKG_INSTALL_DIR)/usr/lib/git-core/git-remote-ftps $(1)/usr/lib/git-core
$(CP) $(PKG_INSTALL_DIR)/usr/lib/git-core/git-remote-http $(1)/usr/lib/git-core
$(CP) $(PKG_INSTALL_DIR)/usr/lib/git-core/git-remote-https $(1)/usr/lib/git-core
endef
$(eval $(call BuildPackage,git))
$(eval $(call BuildPackage,git-http))
net/git/patches/100-convert_builtin.patch
+18 -51
View File
@@ -1,37 +1,35 @@
--- a/Makefile
+++ b/Makefile
@@ -538,16 +538,7 @@ EXTRA_PROGRAMS =
@@ -549,16 +549,7 @@ EXTRA_PROGRAMS =
# ... and all the rest that could be moved out of bindir to gitexecdir
PROGRAMS += $(EXTRA_PROGRAMS)
-PROGRAM_OBJS += credential-store.o
-PROGRAM_OBJS += daemon.o
-PROGRAM_OBJS += fast-import.o
-PROGRAM_OBJS += http-backend.o
PROGRAM_OBJS += http-backend.o
-PROGRAM_OBJS += imap-send.o
-PROGRAM_OBJS += sh-i18n--envsubst.o
-PROGRAM_OBJS += shell.o
-PROGRAM_OBJS += show-index.o
-PROGRAM_OBJS += upload-pack.o
-PROGRAM_OBJS += remote-testsvn.o
+PROGRAM_OBJS =
# Binary suffix, set to .exe for Windows builds
X =
@@ -896,6 +887,12 @@ BUILTIN_OBJS += builtin/verify-commit.o
@@ -907,6 +898,11 @@ BUILTIN_OBJS += builtin/verify-commit.o
BUILTIN_OBJS += builtin/verify-pack.o
BUILTIN_OBJS += builtin/verify-tag.o
BUILTIN_OBJS += builtin/write-tree.o
+BUILTIN_OBJS += builtin/daemon.o
+BUILTIN_OBJS += builtin/fast-import.o
+BUILTIN_OBJS += builtin/http-backend.o
+BUILTIN_OBJS += builtin/imap-send.o
+BUILTIN_OBJS += builtin/shell.o
+BUILTIN_OBJS += builtin/upload-pack.o
GITLIBS = $(LIB_FILE) $(XDIFF_LIB)
EXTLIBS =
@@ -1070,7 +1067,7 @@ endif
@@ -1089,7 +1085,7 @@ endif
EXTLIBS += -lz
ifndef NO_OPENSSL
@@ -40,7 +38,7 @@
ifdef OPENSSLDIR
BASIC_CFLAGS += -I$(OPENSSLDIR)/include
OPENSSL_LINK = -L$(OPENSSLDIR)/$(lib) $(CC_LD_DYNPATH)$(OPENSSLDIR)/$(lib)
@@ -1933,10 +1930,6 @@ endif
@@ -1956,10 +1952,6 @@ endif
git-%$X: %.o GIT-LDFLAGS $(GITLIBS)
$(QUIET_LINK)$(CC) $(ALL_CFLAGS) -o $@ $(ALL_LDFLAGS) $(filter %.o,$^) $(LIBS)
@@ -51,7 +49,7 @@
git-http-fetch$X: http.o http-walker.o http-fetch.o GIT-LDFLAGS $(GITLIBS)
$(QUIET_LINK)$(CC) $(ALL_CFLAGS) -o $@ $(ALL_LDFLAGS) $(filter %.o,$^) \
$(LIBS) $(CURL_LIBCURL)
@@ -2254,24 +2247,22 @@ endif
@@ -2277,10 +2269,11 @@ endif
bindir=$$(cd '$(DESTDIR_SQ)$(bindir_SQ)' && pwd) && \
execdir=$$(cd '$(DESTDIR_SQ)$(gitexec_instdir_SQ)' && pwd) && \
{ test "$$bindir/" = "$$execdir/" || \
@@ -59,34 +57,19 @@
+ for p in $(filter $(install_bindir_programs),$(ALL_PROGRAMS)); do \
$(RM) "$$execdir/$$p" && \
test -z "$(NO_INSTALL_HARDLINKS)$(NO_CROSS_DIRECTORY_HARDLINKS)" && \
- ln "$$bindir/$$p" "$$execdir/$$p" 2>/dev/null || \
ln "$$bindir/$$p" "$$execdir/$$p" 2>/dev/null || \
+ ln -s git "$$execdir/$$p" 2>/dev/null || \
cp "$$bindir/$$p" "$$execdir/$$p" || exit; \
done; \
} && \
for p in $(filter $(install_bindir_programs),$(BUILT_INS)); do \
$(RM) "$$bindir/$$p" && \
test -z "$(NO_INSTALL_HARDLINKS)" && \
- ln "$$bindir/git$X" "$$bindir/$$p" 2>/dev/null || \
ln -s "git$X" "$$bindir/$$p" 2>/dev/null || \
cp "$$bindir/git$X" "$$bindir/$$p" || exit; \
done && \
for p in $(BUILT_INS); do \
$(RM) "$$execdir/$$p" && \
test -z "$(NO_INSTALL_HARDLINKS)" && \
- ln "$$execdir/git$X" "$$execdir/$$p" 2>/dev/null || \
ln -s "git$X" "$$execdir/$$p" 2>/dev/null || \
cp "$$execdir/git$X" "$$execdir/$$p" || exit; \
done && \
--- a/builtin.h
+++ b/builtin.h
@@ -138,5 +138,11 @@ extern int cmd_verify_pack(int argc, con
@@ -138,5 +138,10 @@ extern int cmd_verify_pack(int argc, con
extern int cmd_show_ref(int argc, const char **argv, const char *prefix);
extern int cmd_pack_refs(int argc, const char **argv, const char *prefix);
extern int cmd_replace(int argc, const char **argv, const char *prefix);
+extern int cmd_daemon(int argc, char **argv, const char *prefix);
+extern int cmd_fast_import(int argc, char **argv, const char *prefix);
+extern int cmd_http_backend(int argc, char **argv, const char *prefix);
+extern int cmd_imap_send(int argc, char **argv, const char *prefix);
+extern int cmd_shell(int argc, char **argv, const char *prefix);
+extern int cmd_upload_pack(int argc, char **argv, const char *prefix);
@@ -101,10 +84,6 @@
@@ -0,0 +1 @@
+#include "../fast-import.c"
--- /dev/null
+++ b/builtin/http-backend.c
@@ -0,0 +1 @@
+#include "../http-backend.c"
--- /dev/null
+++ b/builtin/imap-send.c
@@ -0,0 +1 @@
+#include "../imap-send.c"
@@ -118,7 +97,7 @@
+#include "../upload-pack.c"
--- a/daemon.c
+++ b/daemon.c
@@ -1096,7 +1096,7 @@ static int serve(struct string_list *lis
@@ -1192,7 +1192,7 @@ static int serve(struct string_list *lis
return service_loop(&socklist);
}
@@ -127,7 +106,7 @@
{
int listen_port = 0;
struct string_list listen_addr = STRING_LIST_INIT_NODUP;
@@ -1292,12 +1292,13 @@ int main(int argc, char **argv)
@@ -1388,12 +1388,13 @@ int main(int argc, char **argv)
store_pid(pid_file);
/* prepare argv for serving-processes */
@@ -148,7 +127,7 @@
}
--- a/fast-import.c
+++ b/fast-import.c
@@ -3350,7 +3350,7 @@ static void parse_argv(void)
@@ -3351,7 +3351,7 @@ static void parse_argv(void)
read_marks();
}
@@ -159,7 +138,7 @@
--- a/git.c
+++ b/git.c
@@ -309,11 +309,11 @@ static int handle_alias(int *argcp, cons
@@ -311,11 +311,11 @@ static int handle_alias(int *argcp, cons
struct cmd_struct {
const char *cmd;
@@ -173,7 +152,7 @@
{
int status, help;
struct stat st;
@@ -393,6 +393,7 @@ static struct cmd_struct commands[] = {
@@ -395,6 +395,7 @@ static struct cmd_struct commands[] = {
{ "config", cmd_config, RUN_SETUP_GENTLY },
{ "count-objects", cmd_count_objects, RUN_SETUP },
{ "credential", cmd_credential, RUN_SETUP_GENTLY },
@@ -181,16 +160,15 @@
{ "describe", cmd_describe, RUN_SETUP },
{ "diff", cmd_diff },
{ "diff-files", cmd_diff_files, RUN_SETUP | NEED_WORK_TREE },
@@ -411,6 +412,8 @@ static struct cmd_struct commands[] = {
@@ -413,6 +414,7 @@ static struct cmd_struct commands[] = {
{ "grep", cmd_grep, RUN_SETUP_GENTLY },
{ "hash-object", cmd_hash_object },
{ "help", cmd_help },
+ { "http-backend", cmd_http_backend },
+ { "imap-send", cmd_imap_send },
{ "index-pack", cmd_index_pack, RUN_SETUP_GENTLY },
{ "init", cmd_init_db, NO_SETUP },
{ "init-db", cmd_init_db, NO_SETUP },
@@ -459,6 +462,7 @@ static struct cmd_struct commands[] = {
@@ -461,6 +463,7 @@ static struct cmd_struct commands[] = {
{ "revert", cmd_revert, RUN_SETUP | NEED_WORK_TREE },
{ "rm", cmd_rm, RUN_SETUP },
{ "send-pack", cmd_send_pack, RUN_SETUP },
@@ -198,7 +176,7 @@
{ "shortlog", cmd_shortlog, RUN_SETUP_GENTLY | USE_PAGER },
{ "show", cmd_show, RUN_SETUP },
{ "show-branch", cmd_show_branch, RUN_SETUP },
@@ -475,6 +479,7 @@ static struct cmd_struct commands[] = {
@@ -477,6 +480,7 @@ static struct cmd_struct commands[] = {
{ "update-server-info", cmd_update_server_info, RUN_SETUP },
{ "upload-archive", cmd_upload_archive },
{ "upload-archive--writer", cmd_upload_archive_writer },
@@ -206,20 +184,9 @@
{ "var", cmd_var, RUN_SETUP_GENTLY },
{ "verify-commit", cmd_verify_commit, RUN_SETUP },
{ "verify-pack", cmd_verify_pack },
--- a/http-backend.c
+++ b/http-backend.c
@@ -557,7 +557,7 @@ static struct service_cmd {
{"POST", "/git-receive-pack$", service_rpc}
};
-int main(int argc, char **argv)
+int cmd_http_backend(int argc, char **argv, const char *prefix)
{
char *method = getenv("REQUEST_METHOD");
char *dir;
--- a/imap-send.c
+++ b/imap-send.c
@@ -1484,7 +1484,7 @@ static int curl_append_msgs_to_imap(stru
@@ -1492,7 +1492,7 @@ static int curl_append_msgs_to_imap(stru
}
#endif
@@ -241,7 +208,7 @@
const char **user_argv;
--- a/upload-pack.c
+++ b/upload-pack.c
@@ -793,7 +793,7 @@ static int upload_pack_config(const char
@@ -797,7 +797,7 @@ static int upload_pack_config(const char
return parse_hide_refs_config(var, value, "uploadpack");
}
net/git/patches/300-configure_for_crosscompiling
+32
View File
@@ -0,0 +1,32 @@
--- a/configure.ac
+++ b/configure.ac
@@ -844,7 +844,8 @@ AC_RUN_IFELSE(
FILE *f = fopen(".", "r");
return f && fread(&c, 1, 1, f)]])],
[ac_cv_fread_reads_directories=no],
- [ac_cv_fread_reads_directories=yes])
+ [ac_cv_fread_reads_directories=yes],
+ [ac_cv_fread_reads_directories=no])
])
if test $ac_cv_fread_reads_directories = yes; then
FREAD_READS_DIRECTORIES=UnfortunatelyYes
@@ -878,7 +879,8 @@ AC_RUN_IFELSE(
if (snprintf(buf, 3, "%s", "12345") != 5
|| strcmp(buf, "12")) return 1]])],
[ac_cv_snprintf_returns_bogus=no],
- [ac_cv_snprintf_returns_bogus=yes])
+ [ac_cv_snprintf_returns_bogus=yes],
+ [ac_cv_snprintf_returns_bogus=no])
])
if test $ac_cv_snprintf_returns_bogus = yes; then
SNPRINTF_RETURNS_BOGUS=UnfortunatelyYes
@@ -901,7 +903,8 @@ yippeeyeswehaveit
#endif
]),
[ac_cv_sane_mode_bits=yes],
- [ac_cv_sane_mode_bits=no])
+ [ac_cv_sane_mode_bits=no],
+ [ac_cv_sane_mode_bits=yes])
])
if test $ac_cv_sane_mode_bits = yes; then
NEEDS_MODE_TRANSLATION=
net/git/patches/400-imapsend_without_curl.patch
+11
View File
@@ -0,0 +1,11 @@
--- a/Makefile
+++ b/Makefile
@@ -1058,7 +1058,7 @@ else
endif
curl_check := $(shell (echo 072200; curl-config --vernum | sed -e '/^70[BC]/s/^/0/') 2>/dev/null | sort -r | sed -ne 2p)
ifeq "$(curl_check)" "072200"
- USE_CURL_FOR_IMAP_SEND = YesPlease
+# USE_CURL_FOR_IMAP_SEND = YesPlease
endif
ifdef USE_CURL_FOR_IMAP_SEND
BASIC_CFLAGS += -DUSE_CURL_FOR_IMAP_SEND
net/gnunet/Makefile
+247
View File
@@ -0,0 +1,247 @@
#
# Copyright (C) 2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=gnunet
PKG_SOURCE_VERSION:=35991
PKG_VERSION:=0.10.1-svn$(PKG_SOURCE_VERSION)
PKG_RELEASE:=1
# ToDo:
# - break-out transports
# -> get rid of microhttpd and gnurl dependency for gns and vpn
# requires upstream to split config files
# - break-out {peer,name,data}store for each backend
# - package testing stuff
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE_URL:=https://gnunet.org/svn/gnunet/
PKG_SOURCE_PROTO:=svn
PKG_LICENSE:=GPL-3.0
PKG_LICENSE_FILES:=COPYING
PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
PKG_BUILD_PARALLEL:=1
PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
CONFIGURE_ARGS+= \
--with-ltdl \
$(if $(CONFIG_PACKAGE_$(PKG_NAME)-mysql),--with-mysql="$(STAGING_DIR)/usr",--without-mysql) \
$(if $(CONFIG_PACKAGE_$(PKG_NAME)-pgsql),--with-postgresql="$(STAGING_DIR)/usr/bin/pg_config",--without-postgresql) \
$(if $(CONFIG_PACKAGE_$(PKG_NAME)-sqlite),--with-sqlite="$(STAGING_DIR)/usr",--without-sqlite) \
--with-extractor=$(STAGING_DIR)/usr \
--with-gnutls=$(STAGING_DIR)/usr \
--with-libgnurl=$(STAGING_DIR)/usr \
--with-libunistring-prefix=$(STAGING_DIR)/usr \
--with-microhttpd=$(STAGING_DIR)/usr
# ToDo: request upstream to provide --with-pulseaudio=...
TARGET_LDFLAGS+= -Wl,-rpath-link=$(STAGING_DIR)/usr/lib/pulseaudio
define Package/gnunet/Default
SECTION:=net
CATEGORY:=Network
TITLE:=GNUnet
URL:=https://www.gnunet.org/
endef
define Package/gnunet
$(call Package/gnunet/Default)
TITLE+= - a peer-to-peer framework focusing on security
DEPENDS:=+ca-certificates +libgnurl +libgnutls +libidn +libltdl \
+libmicrohttpd +libunistring +librt
USERID:=gnunet=400:gnunet=400
MENU:=1
endef
define Package/gnunet/description
GNUnet is a peer-to-peer framework focusing on security. The first and
primary application for GNUnet is anonymous file-sharing. GNUnet is
currently developed by a worldwide group of independent free software
developers. GNUnet is a GNU package (http://www.gnu.org/).
This is an ALPHA release. There are known and significant bugs as
well as many missing features in this release.
This package provides the core components of GNUnet including the
CADET routing engine, a DHT implementation and most transports as well
as their helpers.
endef
define BuildComponent
define Package/gnunet-$(1)
$$(call Package/gnunet/Default)
TITLE+= $(2)
DEPENDS:=gnunet $(DEPENDS_$(1))
$(if $(3),DEFAULT:=y if PACKAGE_gnunet)
$(if $(USERID_$(1)),USERID:=$(USERID_$(1)))
endef
define Package/gnunet-$(1)/install
( if [ "$(BIN_$(1))" ]; then \
$(INSTALL_DIR) $$(1)/usr/bin ; \
for bin in $(BIN_$(1)); do \
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/gnunet-$$$$$$$$bin $$(1)/usr/bin/ ; \
done \
fi )
( if [ "$(LIB_$(1))" ]; then \
$(INSTALL_DIR) $$(1)/usr/lib ; \
for lib in $(LIB_$(1)); do \
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libgnunet$$$$$$$$lib.so* $$(1)/usr/lib/ ; \
done \
fi )
( if [ "$(PLUGIN_$(1))" ]; then \
$(INSTALL_DIR) $$(1)/usr/lib/gnunet ; \
for plug in $(PLUGIN_$(1)); do \
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/gnunet/libgnunet_plugin_$$$$$$$$plug*.so $$(1)/usr/lib/gnunet ; \
done \
fi )
( if [ "$(LIBEXEC_$(1))" ]; then \
$(INSTALL_DIR) $$(1)/usr/lib/gnunet/libexec ; \
for lex in $(LIBEXEC_$(1)); do \
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/gnunet/libexec/gnunet-$$$$$$$$lex $$(1)/usr/lib/gnunet/libexec ; \
done \
fi )
( if [ "$(CONF_$(1))" ]; then \
$(INSTALL_DIR) $$(1)/usr/share/gnunet/config.d ; \
for conf in $(CONF_$(1)); do \
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/gnunet/config.d/$$$$$$$$conf.conf $$(1)/usr/share/gnunet/config.d ; \
done \
fi )
endef
$$(eval $$(call BuildPackage,gnunet-$(1)))
endef
define Package/gnunet/install
$(INSTALL_DIR) $(1)/usr/bin $(1)/usr/lib/gnunet/libexec
$(INSTALL_DIR) $(1)/usr/share/gnunet/config.d $(1)/usr/share/gnunet/hellos
( for bin in arm ats core config ecc identity nat-server nse \
peerinfo peerstore revocation scalarproduct statistics transport uri; do \
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/gnunet-$$$$bin $(1)/usr/bin/ ; \
done )
( for lib in arm ats block cadet core datacache dht \
dns dnsparser dnsstub fragmentation friends hello identity nat nse \
peerinfo peerstore regexblock regex revocation scalarproduct set \
statistics transport util; do \
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libgnunet$$$$lib.so* $(1)/usr/lib/ ; \
done )
( for plug in ats_proportional block_dht block_regex datacache_heap \
transport_http_client transport_http_server \
transport_https_client transport_https_server \
transport_tcp transport_udp transport_unix transport_wlan; do \
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/gnunet/libgnunet_plugin_$$$$plug*.so $(1)/usr/lib/gnunet ; \
done )
( for lex in daemon-hostlist daemon-topology helper-nat-client \
helper-nat-server service-arm service-ats service-cadet \
service-core service-dht service-identity service-nse \
service-peerinfo service-peerstore service-regex \
service-revocation service-scalarproduct-alice \
service-scalarproduct-bob service-set service-statistics \
service-transport; do \
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/gnunet/libexec/gnunet-$$$$lex $(1)/usr/lib/gnunet/libexec ; \
done )
( for conf in arm ats cadet core datacache dht hostlist identity \
nat nse peerinfo peerstore regex revocation scalarproduct \
set statistics topology transport util; do \
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/gnunet/config.d/$$$$conf.conf $(1)/usr/share/gnunet/config.d ; \
done )
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/gnunet/hellos/* $(1)/usr/share/gnunet/hellos
$(INSTALL_DIR) $(1)/etc/init.d/
$(INSTALL_BIN) ./files/gnunet.init $(1)/etc/init.d/gnunet
endef
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include/gnunet $(1)/usr/lib/pkgconfig
$(CP) $(PKG_INSTALL_DIR)/usr/lib/*.{la,so}* $(1)/usr/lib/
$(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/*.pc $(1)/usr/lib/pkgconfig
$(CP) $(PKG_INSTALL_DIR)/usr/include/gnunet/*.h $(1)/usr/include/gnunet
endef
DEPENDS_conversation:=+gnunet-gns +libgst1app +libgst1audio +libgstreamer1 +glib2 +pulseaudio-daemon +libopus +libogg
BIN_conversation:=conversation conversation-test
LIB_conversation:=conversation microphone speaker
PLUGIN_conversation:=gnsrecord_conversation
LIBEXEC_conversation:=helper-audio-playback helper-audio-record
CONF_conversation:=conversation
DEPENDS_experiments:=+libglpk
PLUGIN_experiments:=ats_mlp ats_ril
DEPENDS_fs:=+gnunet-datastore +libextractor
BIN_fs:=auto-share directory download download-manager.scm fs publish unindex search
LIB_fs:=fs
PLUGIN_fs:=block_fs
LIB_EXEC_fs:=helper-fs-publish service-fs
CONF_fs:=fs
DEPENDS_gns:=+gnunet-vpn
USERID_gns:=gnunetdns=401:gnunetdns=401
BIN_gns:=gns gns-import.sh namecache namestore resolver
LIB_gns:=gns gnsrecord namecache namestore
PLUGIN_gns:=block_dns block_gns gnsrecord_dns gnsrecord_gns
LIBEXEC_gns:=dns2gns gns-proxy helper-dns namestore-fcfsd service-dns service-gns service-namecache service-namestore service-resolver
CONF_gns:=dns gns namecache namestore resolver
DEPENDS_datastore:=+gnunet-gns +libsqlite3
BIN_datastore:=datastore
LIB_datastore:=datastore
PLUGIN_datastore:=datacache_sqlite datastore_heap datastore_sqlite namecache_sqlite namestore_sqlite peerstore_sqlite
LIBEXEC_datastore:=daemon-latency-logger service-datastore
CONF_datastore:=datastore
DEPENDS_mysql:=+gnunet-gns +gnunet-datastore +libmysqlclient
LIB_mysql:=mysql
PLUGIN_mysql:=datastore_mysql
DEPENDS_pgsql:=+gnunet-gns +gnunet-datastore +libpq
LIB_pgsql:=postgres
PLUGIN_pgsql:=datacache_postgres datastore_postgres namecache_postgres namestore_postgres
DEPENDS_sqlite:=+gnunet-gns +gnunet-datastore +libsqlite3
PLUGIN_sqlite:=datacache_sqlite datastore_sqlite namecache_sqlite namestore_sqlite peerstore_sqlite
DEPENDS_transport-bluetooth:=+bluez-libs
PLUGIN_transport-bluetooth:=transport_bluetooth
LIBEXEC_transport-bluetooth:=helper-transport-bluetooth
DEPENDS_utils:=+certtool +openssl-util
BIN_utils:=config gns-import.sh gns-proxy-setup-ca transport-certificate-creation
DEPENDS_vpn:=+kmod-tun
LIB_vpn:=tun vpn
LIBEXEC_vpn:=daemon-exit daemon-pt helper-exit helper-vpn service-vpn
CONF_vpn:=exit pt vpn
$(eval $(call BuildPackage,gnunet))
$(eval $(call BuildComponent,conversation,conversation component,))
$(eval $(call BuildComponent,experiments,experimental components,))
$(eval $(call BuildComponent,fs,file-sharing components,))
$(eval $(call BuildComponent,gns,name resolution components,y))
$(eval $(call BuildComponent,datastore,storage components,))
$(eval $(call BuildComponent,transport-bluetooth,bluetooth transport,))
$(eval $(call BuildComponent,utils,administration utililties,))
$(eval $(call BuildComponent,vpn,vpn components,y))
$(eval $(call BuildComponent,mysql,mySQL datastore backend,))
$(eval $(call BuildComponent,pgsql,PostgreSQL backends,))
$(eval $(call BuildComponent,sqlite,libsqlite3 backends,y))
net/gnunet/files/gnunet.init
+55
View File
@@ -0,0 +1,55 @@
#!/bin/sh /etc/rc.common
# Copyright (C) 2015 OpenWrt.org
START=50
STOP=10
USE_PROCD=1
PROG=/usr/lib/gnunet/libexec/gnunet-service-arm
GNUNET_HOME=/var/run/gnunet
CONFIGFILE=$GNUNET_HOME/gnunet.conf
SUID_ROOT_HELPERS="exit nat-server nat-client transport-bluetooth transport-wlan vpn"
chmodown_execbin() {
execname=/usr/lib/gnunet/libexec/gnunet-$1
if [ -x $execname ]; then
chmod $2 $execname
[ "$3" ] && chown $3 $execname
fi
}
fix_libexec_permissions() {
[ -e /usr/share/gnunet/.permfix ] && return
for helper in $SUID_ROOT_HELPERS; do
chmodown_execbin helper-$helper u+s
done
chmodown_execbin helper-dns 4750 root:gnunetdns
chmodown_execbin service-dns 2750 root:gnunetdns
touch /usr/share/gnunet/.permfix
}
prepare_config() {
mkdir -p $GNUNET_HOME
chown gnunet:gnunet $GNUNET_HOME
chmod 0750 $GNUNET_HOME
touch $CONFIGFILE
chown root:gnunet $CONFIGFILE
chmod 0640 $CONFIGFILE
gnunet-config -c /tmp/run/gnunet/gnunet.conf -s PATHS -o GNUNET_HOME -V $GNUNET_HOME
defaultservices=$( gnunet-config -c /tmp/run/gnunet/gnunet.conf -s arm -o DEFAULTSERVICES )
defaultservices="$defaultservices gns2dns"
gnunet-config -c /tmp/run/gnunet/gnunet.conf -s arm -o DEFAULTSERVICES -V "$defaultservices"
}
start_service() {
fix_libexec_permissions
[ ! -e $GNUNET_HOME ] && prepare_config
procd_open_instance
procd_set_param user gnunet
procd_set_param command $PROG -c $CONFIGFILE
procd_set_param respawn
procd_close_instance
}
net/gnurl/Makefile
+119
View File
@@ -0,0 +1,119 @@
#
# Copyright (C) 2007-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=gnurl
PKG_VERSION:=7.40.0
PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://gnunet.org/sites/default/files
PKG_MD5SUM:=f816deb0c1401c841780ec6b91985a14
PKG_LICENSE:=MIT
PKG_LICENSE_FILES:=COPYING
PKG_FIXUP:=autoreconf
PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
define Package/gnurl/Default
SECTION:=net
CATEGORY:=Network
URL:=https://gnunet.org/gnurl
MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
endef
define Package/gnurl
$(call Package/gnurl/Default)
SUBMENU:=File Transfer
DEPENDS:=+libgnurl
TITLE:=A client-side HTTP/HTTPS transfer utility
endef
define Package/libgnurl
$(call Package/gnurl/Default)
SECTION:=libs
CATEGORY:=Libraries
DEPENDS:=+libgnutls +libidn +zlib
TITLE:=A client-side HTTP/HTTPS transfer library
endef
TARGET_CFLAGS += $(FPIC)
CONFIGURE_ARGS += \
$(call autoconf_bool,CONFIG_IPV6,ipv6) \
--with-gnutls="$(STAGING_DIR)/usr" \
--with-libidn="$(STAGING_DIR)/usr" \
--with-zlib="$(STAGING_DIR)/usr" \
--enable-shared \
--enable-static \
--without-axtls \
--without-libssh2 \
--without-libmetalink \
--without-winidn \
--without-librtmp \
--without-nghttp2 \
--without-nss \
--without-cyassl \
--without-polarssl \
--without-ssl \
--without-winssl \
--without-darwinssl \
--disable-ares \
--disable-sspi \
--disable-ntlm-wb \
--disable-ldap \
--disable-ldaps \
--disable-rtsp \
--disable-dict \
--disable-telnet \
--disable-tftp \
--disable-pop3 \
--disable-imap \
--disable-smtp \
--disable-gopher \
--disable-file \
--disable-ftp \
--disable-smb \
--disable-debug \
--disable-manual \
--disable-verbose
define Build/Compile
+$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \
DESTDIR="$(PKG_INSTALL_DIR)" \
CC="$(TARGET_CC)" \
install
endef
define Build/InstallDev
$(INSTALL_DIR) $(2)/bin $(1)/usr/bin $(1)/usr/include/gnurl $(1)/usr/lib $(1)/usr/lib/pkgconfig
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/gnurl-config $(1)/usr/bin/
$(CP) $(PKG_INSTALL_DIR)/usr/include/curl/*.h $(1)/usr/include/gnurl
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libgnurl.{a,so*} $(1)/usr/lib/
$(CP) $(PKG_BUILD_DIR)/libgnurl.pc $(1)/usr/lib/pkgconfig/
$(SED) 's,-L$$$${exec_prefix}/lib,,g' $(1)/usr/bin/gnurl-config
[ -n "$(TARGET_LDFLAGS)" ] && $(SED) 's#$(TARGET_LDFLAGS)##g' $(1)/usr/lib/pkgconfig/libgnurl.pc || true
$(LN) $(STAGING_DIR)/usr/bin/gnurl-config $(2)/bin/
endef
define Package/gnurl/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/gnurl $(1)/usr/bin/
endef
define Package/libgnurl/install
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libgnurl.so.* $(1)/usr/lib/
endef
$(eval $(call BuildPackage,gnurl))
$(eval $(call BuildPackage,libgnurl))
net/gnurl/patches/100-check_long_long.patch
+10
View File
@@ -0,0 +1,10 @@
--- a/configure.ac
+++ b/configure.ac
@@ -2885,6 +2885,7 @@ CURL_VERIFY_RUNTIMELIBS
AC_CHECK_SIZEOF(size_t)
AC_CHECK_SIZEOF(long)
+AC_CHECK_SIZEOF(long long)
AC_CHECK_SIZEOF(int)
AC_CHECK_SIZEOF(short)
CURL_CONFIGURE_LONG
net/gnurl/patches/200-no_docs_tests.patch
+22
View File
@@ -0,0 +1,22 @@
--- a/Makefile.am
+++ b/Makefile.am
@@ -129,7 +129,7 @@ CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP) $(VC7_LIBVCPROJ) $(VC7_SRCVCPROJ) \
bin_SCRIPTS = curl-config
SUBDIRS = lib src include
-DIST_SUBDIRS = $(SUBDIRS) tests packages docs
+DIST_SUBDIRS = $(SUBDIRS) packages
pkgconfigdir = $(libdir)/pkgconfig
pkgconfig_DATA = libcurl.pc
--- a/Makefile.in
+++ b/Makefile.in
@@ -577,7 +577,7 @@ CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP) $(VC7_LIBVCPROJ) $(VC7_SRCVCPROJ) \
bin_SCRIPTS = curl-config
SUBDIRS = lib src include
-DIST_SUBDIRS = $(SUBDIRS) tests packages docs
+DIST_SUBDIRS = $(SUBDIRS) packages
pkgconfigdir = $(libdir)/pkgconfig
pkgconfig_DATA = libcurl.pc
LIB_VTLS_CFILES = vtls/openssl.c vtls/gtls.c vtls/vtls.c vtls/nss.c \
net/haproxy/Makefile
+6 -10
View File
@@ -9,12 +9,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=haproxy
PKG_VERSION:=1.5.11
PKG_RELEASE:=02
PKG_VERSION:=1.5.13
PKG_RELEASE:=00
PKG_SOURCE:=haproxy-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://haproxy.1wt.eu/download/1.5/src/
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
PKG_MD5SUM:=5500a79d0d2b238d4a1e9749bd0c2cb2
PKG_MD5SUM:=30cf07875ecae4fd6c4c309627afa8f1
PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>
PKG_LICENSE:=GPL-2.0
@@ -88,7 +88,7 @@ define Build/Compile
CFLAGS="$(TARGET_CFLAGS) -fno-align-jumps -fno-align-functions -fno-align-labels -fno-align-loops -pipe -fomit-frame-pointer -fhonour-copts" \
LD="$(TARGET_CC)" \
LDFLAGS="$(TARGET_LDFLAGS)" \
PCREDIR="$(STAGING_DIR)/usr/include" \
PCREDIR="$(STAGING_DIR)/usr" \
SMALL_OPTS="-DBUFSIZE=16384 -DMAXREWRITE=1030 -DSYSTEM_MAXCONN=165530 " \
USE_LINUX_TPROXY=1 USE_LINUX_SPLICE=1 USE_REGPARM=1 $(USE_OPENSSL) \
USE_ZLIB=yes USE_PCRE=1 \
@@ -96,12 +96,8 @@ define Build/Compile
install
$(MAKE) -C $(PKG_BUILD_DIR)/contrib/halog \
DESTDIR="$(PKG_INSTALL_DIR)" \
CC="$(TARGET_CC)" \
CFLAGS="$(TARGET_CFLAGS) -fno-align-jumps -fno-align-functions -fno-align-labels -fno-align-loops -pipe -fomit-frame-pointer -fhonour-copts" \
LD="$(TARGET_CC)" \
LDFLAGS="$(TARGET_LDFLAGS)" \
VERSION="$(PKG_VERSION)-patch$(PKG_RELEASE)" \
CC="$(TARGET_CC) $(TARGET_CFLAGS) $(TARGET_LDFLAGS)" \
OPTIMIZE="" \
halog
endef
net/haproxy/patches/0001-BUG-MINOR-pattern-error-message-missing.patch
-30
View File
@@ -1,30 +0,0 @@
From e338a8741983acc9a4501a03ecd593d89e6fade3 Mon Sep 17 00:00:00 2001
From: Thierry FOURNIER <tfournier@exceliance.fr>
Date: Fri, 6 Feb 2015 17:50:55 +0100
Subject: [PATCH 1/2] BUG/MINOR: pattern: error message missing
This patch must be backported in 1.5 version.
(cherry picked from commit 8aa8384e22dd0b66ded00c70a9c6034278b4bb69)
---
src/pattern.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/pattern.c b/src/pattern.c
index 208e33a..a6fc52d 100644
--- a/src/pattern.c
+++ b/src/pattern.c
@@ -989,8 +989,10 @@ int pat_idx_list_ptr(struct pattern_expr *expr, struct pattern *pat, char **err)
/* allocate pattern */
patl = calloc(1, sizeof(*patl));
- if (!patl)
+ if (!patl) {
+ memprintf(err, "out of memory while indexing pattern");
return 0;
+ }
/* duplicate pattern */
memcpy(&patl->pat, pat, sizeof(*pat));
--
2.0.4
net/haproxy/patches/0002-BUG-MEDIUM-pattern-some-entries-are-not-deleted-with.patch
-38
View File
@@ -1,38 +0,0 @@
From 623401b983185c1e0f6507e96557de3bc46fd41b Mon Sep 17 00:00:00 2001
From: Thierry FOURNIER <tfournier@exceliance.fr>
Date: Fri, 6 Feb 2015 17:53:54 +0100
Subject: [PATCH 2/2] BUG/MEDIUM: pattern: some entries are not deleted with
case insensitive match
ACL or map entries are not deleted with the command "del acl" or "del map"
if the case insentive flag is set.
This is because the the case insensitive string are stored in a list and the
default delete function associated with string looks in a tree. I add a check
of the case insensitive flag and execute the delete function for lists if it
is set.
This patch must be backported in 1.5 version.
(cherry picked from commit 73bc285be194f443dc7eab9c949e87e1dbe8f70c)
---
src/pattern.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/pattern.c b/src/pattern.c
index a6fc52d..b19ffe2 100644
--- a/src/pattern.c
+++ b/src/pattern.c
@@ -1308,6 +1308,10 @@ void pat_del_tree_str(struct pattern_expr *expr, struct pat_ref_elt *ref)
struct ebmb_node *node, *next_node;
struct pattern_tree *elt;
+ /* If the flag PAT_F_IGNORE_CASE is set, we cannot use trees */
+ if (expr->mflags & PAT_MF_IGNORE_CASE)
+ return pat_del_list_ptr(expr, ref);
+
/* browse each node of the tree. */
for (node = ebmb_first(&expr->pattern_tree), next_node = node ? ebmb_next(node) : NULL;
node;
--
2.0.4
net/iodine/Makefile
+1 -1
View File
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=iodine
PKG_VERSION:=0.7.0
PKG_RELEASE:=1
PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://code.kryo.se/iodine/
net/iodine/patches/100-musl-compatibility.patch
+26
View File
@@ -0,0 +1,26 @@
commit 9603c1848ddd4d9bb2d6ab031fcef91f543b71a0
Author: Maxim Storchak <m.storchak@gmail.com>
Date: Thu Jun 25 19:38:24 2015 +0300
Fix compatibility with musl for OpenWRT
This patch breaks builds for Windows and Android, but since the only
libc flavors OpenWRT currently cares about are musl, uClibc and glibc,
this should be fine.
The reason for such brutal intrusiuon is explained in musl FAQ:
http://wiki.musl-libc.org/wiki/FAQ#Q:_why_is_there_no_MUSL_macro_.3F
diff --git a/src/common.c b/src/common.c
index 2715979..5f0e370 100644
--- a/src/common.c
+++ b/src/common.c
@@ -57,7 +57,7 @@
const unsigned char raw_header[RAW_HDR_LEN] = { 0x10, 0xd1, 0x9e, 0x00 };
/* daemon(3) exists only in 4.4BSD or later, and in GNU libc */
-#if !defined(ANDROID) && !defined(WINDOWS32) && !(defined(BSD) && (BSD >= 199306)) && !defined(__GLIBC__)
+#ifdef __UCLIBC__
static int daemon(int nochdir, int noclose)
{
int fd, i;
net/ipsec-tools/Makefile
+3 -3
View File
@@ -1,6 +1,6 @@
#
# Copyright (C) 2006-2011 OpenWrt.org
# 2014-2015 Noah Meyerhans <frodo@morgul.net>
# Copyright (C) 2006-2015 OpenWrt.org
# 2014 Noah Meyerhans <frodo@morgul.net>
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
@@ -11,7 +11,7 @@ include $(INCLUDE_DIR)/kernel.mk
PKG_NAME:=ipsec-tools
PKG_VERSION:=0.8.2
PKG_RELEASE:=3
PKG_RELEASE:=4
PKG_MAINTAINER := "Noah Meyerhans <frodo@morgul.net>"
PKG_LICENSE := BSD-3-Clause
net/ipsec-tools/patches/002-patch8-utmp.patch
+2 -2
View File
@@ -9,7 +9,7 @@
#if defined(__APPLE__) && defined(__MACH__)
#include <util.h>
#endif
@@ -1661,7 +1661,8 @@ isakmp_cfg_accounting_system(port, raddr
@@ -1664,7 +1664,8 @@ isakmp_cfg_accounting_system(port, raddr
int inout;
{
int error = 0;
@@ -19,7 +19,7 @@
char addr[NI_MAXHOST];
if (usr == NULL || usr[0]=='\0') {
@@ -1670,34 +1671,37 @@ isakmp_cfg_accounting_system(port, raddr
@@ -1673,34 +1674,37 @@ isakmp_cfg_accounting_system(port, raddr
return -1;
}
net/ipsec-tools/patches/003-microsoft-fqdn-in-main.patch
+1 -1
View File
@@ -1,6 +1,6 @@
--- a/src/racoon/ipsec_doi.c
+++ b/src/racoon/ipsec_doi.c
@@ -3582,8 +3582,8 @@ ipsecdoi_checkid1(iph1)
@@ -3581,8 +3581,8 @@ ipsecdoi_checkid1(iph1)
iph1->approval->authmethod == OAKLEY_ATTR_AUTH_METHOD_PSKEY) {
if (id_b->type != IPSECDOI_ID_IPV4_ADDR
&& id_b->type != IPSECDOI_ID_IPV6_ADDR) {
net/ipsec-tools/patches/force_HAVE_POLICY_FWD → net/ipsec-tools/patches/007-force_have_policy_fwd.patch
+1 -3
View File
@@ -1,8 +1,6 @@
diff --git a/configure.ac b/configure.ac
index 8506245..eca8895 100644
--- a/configure.ac
+++ b/configure.ac
@@ -724,7 +724,8 @@ case $host in
@@ -732,7 +732,8 @@ case $host in
],
[AC_MSG_RESULT(yes)
AC_DEFINE([HAVE_POLICY_FWD], [], [Have forward policy])],
net/ipsec-tools/patches/008-racoon-fix_dereference_crash.patch
+16
View File
@@ -0,0 +1,16 @@
Fix null dereference in racoon/gssapi.c (CVE-2015-4047)
--- a/src/racoon/gssapi.c
+++ b/src/racoon/gssapi.c
@@ -192,6 +192,11 @@ gssapi_init(struct ph1handle *iph1)
gss_name_t princ, canon_princ;
OM_uint32 maj_stat, min_stat;
+ if (iph1->rmconf == NULL) {
+ plog(LLV_ERROR, LOCATION, NULL, "no remote config\n");
+ return -1;
+ }
+
gps = racoon_calloc(1, sizeof (struct gssapi_ph1_state));
if (gps == NULL) {
plog(LLV_ERROR, LOCATION, NULL, "racoon_calloc failed\n");
net/ipsec-tools/patches/009-musl-compat.patch
+187
View File
@@ -0,0 +1,187 @@
--- a/src/racoon/grabmyaddr.c
+++ b/src/racoon/grabmyaddr.c
@@ -47,7 +47,6 @@
#include <net/route.h>
#include <net/if.h>
#include <net/if_dl.h>
-#include <sys/sysctl.h>
#define USE_ROUTE
#endif
--- a/src/racoon/pfkey.c
+++ b/src/racoon/pfkey.c
@@ -59,7 +59,6 @@
#include <sys/param.h>
#include <sys/socket.h>
#include <sys/queue.h>
-#include <sys/sysctl.h>
#include <net/route.h>
#include <net/pfkeyv2.h>
--- a/src/setkey/setkey.c
+++ b/src/setkey/setkey.c
@@ -40,7 +40,6 @@
#include <sys/socket.h>
#include <sys/time.h>
#include <sys/stat.h>
-#include <sys/sysctl.h>
#include <err.h>
#include <netinet/in.h>
#include <net/pfkeyv2.h>
--- a/src/libipsec/ipsec_strerror.h
+++ b/src/libipsec/ipsec_strerror.h
@@ -34,6 +34,8 @@
#ifndef _IPSEC_STRERROR_H
#define _IPSEC_STRERROR_H
+#include <sys/cdefs.h>
+
extern int __ipsec_errcode;
extern void __ipsec_set_strerror __P((const char *));
--- a/src/libipsec/libpfkey.h
+++ b/src/libipsec/libpfkey.h
@@ -34,6 +34,8 @@
#ifndef _LIBPFKEY_H
#define _LIBPFKEY_H
+#include <sys/cdefs.h>
+
#ifndef KAME_LIBPFKEY_H
#define KAME_LIBPFKEY_H
--- a/src/racoon/backupsa.c
+++ b/src/racoon/backupsa.c
@@ -276,9 +276,9 @@ do { \
GETNEXTNUM(sa_args.a_keylen, strtoul);
GETNEXTNUM(sa_args.flags, strtoul);
GETNEXTNUM(sa_args.l_alloc, strtoul);
- GETNEXTNUM(sa_args.l_bytes, strtouq);
- GETNEXTNUM(sa_args.l_addtime, strtouq);
- GETNEXTNUM(sa_args.l_usetime, strtouq);
+ GETNEXTNUM(sa_args.l_bytes, strtoull);
+ GETNEXTNUM(sa_args.l_addtime, strtoull);
+ GETNEXTNUM(sa_args.l_usetime, strtoull);
GETNEXTNUM(sa_args.seq, strtoul);
#undef GETNEXTNUM
--- a/src/racoon/cftoken.l
+++ b/src/racoon/cftoken.l
@@ -77,6 +77,10 @@
#include "cfparse.h"
+#ifndef GLOB_TILDE
+#define GLOB_TILDE 0
+#endif
+
int yyerrorcount = 0;
#if defined(YIPS_DEBUG)
--- a/src/racoon/logger.h
+++ b/src/racoon/logger.h
@@ -34,6 +34,8 @@
#ifndef _LOGGER_H
#define _LOGGER_H
+#include <sys/cdefs.h>
+
struct log {
int head;
int siz;
--- a/src/racoon/misc.h
+++ b/src/racoon/misc.h
@@ -34,6 +34,8 @@
#ifndef _MISC_H
#define _MISC_H
+#include <sys/cdefs.h>
+
#define BIT2STR(b) bit2str(b, sizeof(b)<<3)
#ifdef HAVE_FUNC_MACRO
--- a/src/racoon/missing/crypto/sha2/sha2.h
+++ b/src/racoon/missing/crypto/sha2/sha2.h
@@ -40,6 +40,8 @@
#ifndef __SHA2_H__
#define __SHA2_H__
+#include <sys/cdefs.h>
+
#ifdef __cplusplus
extern "C" {
#endif
--- a/src/racoon/netdb_dnssec.h
+++ b/src/racoon/netdb_dnssec.h
@@ -34,6 +34,8 @@
#ifndef _NETDB_DNSSEC_H
#define _NETDB_DNSSEC_H
+#include <sys/cdefs.h>
+
#ifndef T_CERT
#define T_CERT 37 /* defined by RFC2538 section 2 */
#endif
--- a/src/racoon/plog.h
+++ b/src/racoon/plog.h
@@ -34,6 +34,8 @@
#ifndef _PLOG_H
#define _PLOG_H
+#include <sys/cdefs.h>
+
#ifdef HAVE_STDARG_H
#include <stdarg.h>
#else
--- a/src/racoon/str2val.h
+++ b/src/racoon/str2val.h
@@ -34,6 +34,8 @@
#ifndef _STR2VAL_H
#define _STR2VAL_H
+#include <sys/cdefs.h>
+
extern caddr_t val2str __P((const char *, size_t));
extern char *str2val __P((const char *, int, size_t *));
--- a/src/racoon/vmbuf.h
+++ b/src/racoon/vmbuf.h
@@ -34,6 +34,8 @@
#ifndef _VMBUF_H
#define _VMBUF_H
+#include <sys/cdefs.h>
+
/*
* bp v
* v v
--- a/src/setkey/extern.h
+++ b/src/setkey/extern.h
@@ -1,6 +1,6 @@
/* $NetBSD: extern.h,v 1.5 2009/03/06 11:45:03 tteras Exp $ */
-
+#include <sys/cdefs.h>
void parse_init __P((void));
int parse __P((FILE **));
--- a/src/racoon/isakmp_cfg.c
+++ b/src/racoon/isakmp_cfg.c
@@ -1694,8 +1694,6 @@ isakmp_cfg_accounting_system(port, raddr
"Accounting : '%s' logging on '%s' from %s.\n",
ut.ut_name, ut.ut_line, ut.ut_host);
- login(&ut);
-
break;
case ISAKMP_CFG_LOGOUT:
@@ -1703,8 +1701,6 @@ isakmp_cfg_accounting_system(port, raddr
"Accounting : '%s' unlogging from '%s'.\n",
usr, term);
- logout(term);
-
break;
default:
plog(LLV_ERROR, LOCATION, NULL, "Unepected inout\n");
net/keepalived/Makefile
+3 -3
View File
@@ -8,12 +8,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=keepalived
PKG_VERSION:=1.2.15
PKG_RELEASE:=1
PKG_VERSION:=1.2.16
PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:= http://www.keepalived.org/software
PKG_MD5SUM:=d85fcb8e564ea03b0ca7b2357bf30c51
PKG_MD5SUM:=f834ab2cfc2e7300edf1bafaf4a5d83e
PKG_LICENSE:=GPL-2.0+
PKG_LICENSE_FILES:=COPYING
net/keepalived/patches/100-musl-compat.patch
+10
View File
@@ -0,0 +1,10 @@
--- a/lib/utils.h
+++ b/lib/utils.h
@@ -31,6 +31,7 @@
#include <arpa/inet.h>
#include <arpa/nameser.h>
#include <sys/param.h>
+#include <sys/types.h>
#include <sys/utsname.h>
#include <netdb.h>
net/knot/Makefile
+2 -2
View File
@@ -8,13 +8,13 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=knot
PKG_VERSION:=1.6.2
PKG_VERSION:=1.6.3
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE_URL:=https://secure.nic.cz/files/knot-dns/
PKG_MD5SUM:=ad0a2d641556ad30d17d45200a2c45df
PKG_MD5SUM:=fb744b50493ac7e724d5228ade2e35b1
PKG_MAINTAINER:=Daniel Salzman <daniel.salzman@nic.cz>
PKG_LICENSE:=GPL-2.0+
net/knot/patches/03_zscanner_tests.patch
+2 -2
View File
@@ -34,8 +34,8 @@ index 846f351..272856c 100644
TESTS_DIR="$SOURCE"/data
ZSCANNER_TOOL="$BUILD"/zscanner-tool
-plan 69
+plan 67
-plan 71
+plan 69
mkdir -p "$TMPDIR"/includes/
for a in 1 2 3 4 5 6; do
net/knxd/Makefile
+87 -88
View File
@@ -11,34 +11,34 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=knxd
PKG_REV:=9cdcf0f25d34ed7939ecc41029caf6213581baa8
PKG_VERSION:=2015-02-13
PKG_VERSION=2015-06-27-$(PKG_SOURCE_VERSION)
PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/knxd/knxd.git
PKG_SOURCE_VERSION:=50e7f6e6bfa13c2b6140b0f76aaa70234bf44b1d
PKG_SOURCE_SUBDIR:=$(PKG_NAME)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.gz
PKG_MAINTAINER:=Othmar Truniger <github@truniger.ch>
PKG_LICENSE:=GPL-2.0+
PKG_LICENSE_FILES:=LICENSE
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=git://github.com/Makki1/knxd.git
PKG_SOURCE_SUBDIR:=$(PKG_NAME)
PKG_SOURCE_VERSION:=$(PKG_REV)
PKG_BUILD_PARALLEL:=1
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)
PKG_BUILD_DEPENDS:=pthsem argp-standalone
PKG_BUILD_DEPENDS:=argp-standalone
PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
define Package/knxd
SECTION:=net
CATEGORY:=Network
TITLE:=Eib KNX deamon
URL:=https://github.com/Makki1/knxd
DEPENDS:=pthsem libusb-1.0
TITLE:=EIB KNX daemon
DEPENDS:=+pthsem +libusb-1.0
endef
define Package/knxd/description
@@ -49,105 +49,104 @@ define Package/knxd/conffiles
/etc/config/knxd
endef
define Package/libeibclient
SECTION:=libs
CATEGORY:=Libraries
TITLE:=Library for EIB clients
DEPENDS:=+pthsem
endef
define Package/libeibclient/description
EIB KNX client library
endef
define Package/knxd-tools
SECTION:=net
CATEGORY:=Network
TITLE:=Eib KNX Utils
URL:=https://github.com/Makki1/knxd
DEPENDS:=pthsem libusb-1.0
TITLE:=EIB KNX Utils
DEPENDS:=+libeibclient
endef
define Package/knxd-tools/description
EIB KNX Tools
endef
define Build/Prepare
$(call Build/Prepare/Default)
endef
CONFIGURE_ARGS+= \
--disable-ft12 \
--enable-eibnetip \
--enable-eibnetiptunnel \
--enable-eibnetipserver \
--enable-usb \
--enable-tpuart \
--enable-tpuarts \
--disable-pei16 \
--disable-pei16s \
--enable-groupcache \
--without-pth-test \
--without-libstdc
define Build/Configure
$(call Build/Configure/Default,\
--disable-ft12 \
--enable-eibnetip \
--enable-eibnetiptunnel \
--enable-eibnetipserver \
--enable-usb \
--enable-tpuart \
--enable-tpuarts \
--disable-pei16 \
--disable-pei16s \
--enable-groupcache \
--without-pth-test \
--without-libstdc )
endef
EXTRA_LDFLAGS+= \
-fno-builtin -nodefaultlibs -lc -lgcc
define Build/Compile
$(MAKE) -C $(PKG_BUILD_DIR) \
CC=$(TARGET_CC) \
LIBS="-L$(STAGING_DIR)/lib -L$(STAGING_DIR)/usr/lib -fno-builtin -nodefaultlibs -lc -lm -lgcc -largp -lpthsem" \
CPPFLAGS="-I$(STAGING_DIR)/include -I$(STAGING_DIR)/usr/include"
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include
$(CP) $(PKG_INSTALL_DIR)/usr/include/eib*.h $(1)/usr/include/
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libeibclient.{a,so*} $(1)/usr/lib/
endef
define Package/knxd/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/server/knxd $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/tools/bcu/bcuaddrtab $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/tools/bcu/bcuread $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/tools/eibnet/eibnetsearch $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/tools/eibnet/eibnetdescribe $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/usb/findknxusb $(1)/usr/bin/
$(CP) $(PKG_INSTALL_DIR)/usr/bin/* $(1)/usr/bin/
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/knxd.init $(1)/etc/init.d/knxd
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_DATA) ./files/knxd.config $(1)/etc/config/knxd
endef
define Package/knxd-tools/install
define Package/libeibclient/install
$(INSTALL_DIR) $(1)/usr/lib
$(INSTALL_DATA) $(PKG_BUILD_DIR)/src/client/c/.libs/libeibclient.so.0.0.0 $(1)/usr/lib/
ln -s libeibclient.so.0.0.0 $(1)/usr/lib/libeibclient.so
ln -s libeibclient.so.0.0.0 $(1)/usr/lib/libeibclient.so.0
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libeibclient.so* $(1)/usr/lib/
endef
define Package/knxd-tools/install
$(INSTALL_DIR) $(1)/usr/bin
-rm -f $(1)/usr/bin/knxread
-rm -f $(1)/usr/bin/knxreadtemp
-rm -f $(1)/usr/bin/knxwrite
-rm -f $(1)/usr/bin/knxlog
-rm -f $(1)/usr/bin/knxon
-rm -f $(1)/usr/bin/knxoff
-rm -f $(1)/usr/bin/knxif
-rm -f $(1)/usr/bin/knxswrite
-rm -f $(1)/usr/bin/knxbool
-rm -f $(1)/usr/bin/knxdimup
ln -s knxtool $(1)/usr/bin/knxread
ln -s knxtool $(1)/usr/bin/knxreadtemp
ln -s knxtool $(1)/usr/bin/knxwrite
ln -s knxtool $(1)/usr/bin/knxlog
ln -s knxtool $(1)/usr/bin/knxon
ln -s knxtool $(1)/usr/bin/knxoff
ln -s knxtool $(1)/usr/bin/knxif
ln -s knxtool $(1)/usr/bin/knxswrite
ln -s knxtool $(1)/usr/bin/knxbool
ln -s knxtool $(1)/usr/bin/knxdimup
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/examples/.libs/knxtool $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/examples/.libs/busmonitor1 $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/examples/.libs/busmonitor2 $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/examples/.libs/busmonitor3 $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/examples/.libs/eibread-cgi $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/examples/.libs/eibwrite-cgi $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/examples/.libs/vbusmonitor1 $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/examples/.libs/vbusmonitor2 $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/examples/.libs/vbusmonitor3 $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/examples/.libs/groupwrite $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/examples/.libs/groupswrite $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/examples/.libs/grouplisten $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/examples/.libs/groupread $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/examples/.libs/groupresponse $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/examples/.libs/groupreadresponse $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/examples/.libs/groupsocketlisten $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/examples/.libs/groupsocketread $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/examples/.libs/groupsocketwrite $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/examples/.libs/groupsocketswrite $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/knxd/examples/bin/knxtool $(1)/usr/bin/
ln -sf knxtool $(1)/usr/bin/knxread
ln -sf knxtool $(1)/usr/bin/knxreadtemp
ln -sf knxtool $(1)/usr/bin/knxwrite
ln -sf knxtool $(1)/usr/bin/knxlog
ln -sf knxtool $(1)/usr/bin/knxon
ln -sf knxtool $(1)/usr/bin/knxoff
ln -sf knxtool $(1)/usr/bin/knxif
ln -sf knxtool $(1)/usr/bin/knxswrite
ln -sf knxtool $(1)/usr/bin/knxbool
ln -sf knxtool $(1)/usr/bin/knxdimup
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/knxd/examples/bin/busmonitor1 $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/knxd/examples/bin/busmonitor2 $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/knxd/examples/bin/busmonitor3 $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/knxd/examples/bin/eibread-cgi $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/knxd/examples/bin/eibwrite-cgi $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/knxd/examples/bin/vbusmonitor1 $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/knxd/examples/bin/vbusmonitor2 $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/knxd/examples/bin/vbusmonitor3 $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/knxd/examples/bin/groupwrite $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/knxd/examples/bin/groupswrite $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/knxd/examples/bin/grouplisten $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/knxd/examples/bin/groupread $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/knxd/examples/bin/groupresponse $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/knxd/examples/bin/groupreadresponse $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/knxd/examples/bin/groupsocketlisten $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/knxd/examples/bin/groupsocketread $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/knxd/examples/bin/groupsocketwrite $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/knxd/examples/bin/groupsocketswrite $(1)/usr/bin/
endef
$(eval $(call BuildPackage,knxd))
$(eval $(call BuildPackage,libeibclient))
$(eval $(call BuildPackage,knxd-tools))
net/knxd/files/knxd.init
-3
View File
@@ -6,8 +6,6 @@ STOP=20
NAME=knxd
PROG=/usr/bin/$NAME
. /lib/functions.sh
start() {
local options url
config_load "$NAME"
@@ -19,4 +17,3 @@ start() {
stop() {
service_stop $PROG
}
net/knxd/patches/0099-openwrt.patch
+2 -2
View File
@@ -1,5 +1,5 @@
--- knxd/src/client/Makefile.am.orig 2014-12-21 20:17:14.000000000 +0100
+++ knxd/src/client/Makefile.am 2014-12-21 20:18:50.639995000 +0100
--- a/src/client/Makefile.am 2014-12-21 20:17:14.000000000 +0100
+++ b/src/client/Makefile.am 2014-12-21 20:18:50.639995000 +0100
@@ -4,5 +4,5 @@
BUILDJAVA =
endif
net/knxd/patches/0100-musl-compat
+10
View File
@@ -0,0 +1,10 @@
--- a/src/examples/common.h 2015-06-27 15:20:15.266563893 +0200
+++ b/src/examples/common.h 2015-06-27 15:23:09.406457392 +0200
@@ -20,6 +20,7 @@
#include <stdlib.h>
#include <errno.h>
#include <unistd.h>
+#include <sys/select.h>
#include "eibclient.h"
/** unsigned char*/
net/krb5/Makefile
+1
View File
@@ -79,6 +79,7 @@ CONFIGURE_VARS += \
ac_cv_file__etc_TIMEZONE=no
CONFIGURE_ARGS += \
--without-system-verto \
--without-tcl \
--without-libedit \
--localstatedir=/etc
net/lftp/Makefile
+8 -3
View File
@@ -8,11 +8,16 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=lftp
PKG_VERSION:=4.6.0
PKG_VERSION:=4.6.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://lftp.yar.ru/ftp \ http://lftp.cybermirror.org \ http://lftp.cybermirror.org/old
PKG_MD5SUM:=fc5f4e3b45c9011a193eb8c0c12eb2eb
PKG_SOURCE_URL:=http://lftp.yar.ru/ftp \
http://lftp.yar.ru/ftp/old \
http://lftp.cybermirror.org \
http://lftp.cybermirror.org/old
PKG_MD5SUM:=487c064ee1bd732e5f95928e530435a8
PKG_LICENSE:=GPL-3.0+
PKG_LICENSE_FILES:=COPYING
net/linknx/Makefile
+14 -20
View File
@@ -1,5 +1,5 @@
#
# Copyright (C) 2008-2014 OpenWrt.org
# Copyright (C) 2008-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=linknx
PKG_VERSION:=0.0.1.32
PKG_RELEASE:=4
PKG_RELEASE:=7
PKG_MD5SUM:=7ecc1208f59bceb05068c752b2250b63
PKG_MAINTAINER:=Othmar Truniger <github@truniger.ch>
@@ -17,7 +17,8 @@ PKG_LICENSE:=GPL-2.0+
PKG_SOURCE_URL:=@SF/linknx
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_BUILD_DEPENDS:=pthsem curl libesmtp
PKG_BUILD_DEPENDS:=argp-standalone
PKG_FORTIFY_SOURCE:=1
include $(INCLUDE_DIR)/package.mk
@@ -26,26 +27,19 @@ define Package/linknx
CATEGORY:=Network
TITLE:=KNX home automation platform
URL:=http://sourceforge.net/projects/linknx/
DEPENDS:=pthsem +lua +luac +libstdcpp +libcurl +libesmtp
DEPENDS:=+pthsem +lua +luac +libstdcpp +libcurl +libesmtp
endef
define Build/Configure
(cd $(PKG_BUILD_DIR); touch aclocal.m4 Makefile.in config.h.in configure; \
$(SED) 's,\"2.0.4\",\"2.0.4\"\n_pth_version=\"2.0.8\",g' $(PKG_BUILD_DIR)/configure )
$(call Build/Configure/Default,--verbose --without-pth-test --with-pth=$(STAGING_DIR) --without-log4cpp --with-lua --with-libcurl --without-mysql, \
CXXFLAGS="$(TARGET_CFLAGS) -fno-builtin -lcrypt" \
)
endef
CONFIGURE_ARGS+= \
--verbose \
--without-pth-test \
--without-log4cpp \
--with-lua \
--with-libcurl \
--without-mysql
define Build/Compile
$(MAKE) -C $(PKG_BUILD_DIR)/ \
LIBDIR="$(TARGET_LDFLAGS)" \
CC="$(TARGET_CC) $(TARGET_CFLAGS) $(TARGET_CPPFLAGS) " \
LD="$(TARGET_CROSS)ld -shared" \
LUA="$(STAGING_DIR_HOST)/bin/lua" \
LUAC="$(STAGING_DIR_HOST)/bin/luac" \
CFLAGS="$(TARGET_CFLAGS) -nodefaultlibs" all
endef
EXTRA_LDFLAGS+= \
-fno-builtin
define Package/linknx/install
$(INSTALL_DIR) $(1)/usr/bin
net/linknx/patches/010-musl-compat
+10
View File
@@ -0,0 +1,10 @@
--- a/src/eibclient.c 2007-10-11 01:55:31.000000000 +0200
+++ b/src/eibclient.c 2015-06-27 22:18:01.433296921 +0200
@@ -32,6 +32,7 @@
#include <netinet/in.h>
#include <netdb.h>
#include <errno.h>
+#include <string.h>
#include "config.h"
net/linknx/patches/012-fix-linknx.cpp
+11
View File
@@ -0,0 +1,11 @@
--- a/src/linknx.cpp 2012-06-04 22:12:13.000000000 +0200
+++ b/src/linknx.cpp 2015-06-27 22:35:23.705721355 +0200
@@ -136,7 +136,7 @@
if (errno)
printf (": %s\n", strerror (errno));
else
- printf ("\n", strerror (errno));
+ printf ("\n");
exit (1);
}
net/lksctp-tools/Makefile
+92
View File
@@ -0,0 +1,92 @@
#
# Copyright (C) 2010-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=lksctp-tools
PKG_VERSION:=1.0.16
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@SF/lksctp
PKG_MD5SUM:=708bb0b5a6806ad6e8d13c55b067518e
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=COPYING
PKG_MAINTAINER:=Nicolas Thill <nico@openwrt.org>
PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
define Package/lksctp-tools/Default
SECTION:=net
CATEGORY:=Network
TITLE:=SCTP user-land
URL:=http://lksctp.sourceforge.net
endef
define Package/libsctp
$(call Package/lksctp-tools/Default)
SUBMENU:=Networking
SECTION:=libs
CATEGORY:=Libraries
TITLE+= library
URL:=http://lksctp.sourceforge.net
DEPENDS:=+kmod-sctp
endef
define Package/sctp
$(call Package/lksctp-tools/Default)
TITLE+= (meta)
URL:=http://lksctp.sourceforge.net
DEPENDS:=+libsctp +sctp-tools
endef
define Package/sctp-tools
$(call Package/lksctp-tools/Default)
TITLE+= tools
URL:=http://lksctp.sourceforge.net
DEPENDS:=+libsctp
endef
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include
$(CP) \
$(PKG_INSTALL_DIR)/usr/include/netinet \
$(STAGING_DIR)/usr/include/
$(INSTALL_DIR) $(1)/usr/lib
$(CP) \
$(PKG_INSTALL_DIR)/usr/lib/libsctp.{a,so*} \
$(1)/usr/lib/
endef
define Package/libsctp/install
$(INSTALL_DIR) $(1)/usr/lib
$(CP) \
$(PKG_INSTALL_DIR)/usr/lib/libsctp.so.* \
$(1)/usr/lib/
endef
define Package/sctp/install
:
endef
define Package/sctp-tools/install
$(INSTALL_DIR) $(1)/usr/bin
$(CP) \
$(PKG_INSTALL_DIR)/usr/bin/checksctp \
$(1)/usr/bin/
$(CP) \
$(PKG_INSTALL_DIR)/usr/bin/sctp_{darn,status,test} \
$(1)/usr/bin/
endef
$(eval $(call BuildPackage,libsctp))
$(eval $(call BuildPackage,sctp))
$(eval $(call BuildPackage,sctp-tools))
net/luci-app-clamav/Makefile
+53
View File
@@ -0,0 +1,53 @@
#
# Copyright (C) 2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=luci-app-clamav
PKG_RELEASE:=20150520
PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
PKG_LICENSE:=Apache-2.0
PKG_MAINTAINER:=Marko Ratkaj <marko.ratkaj@sartura.hr>
include $(INCLUDE_DIR)/package.mk
define Package/luci-app-clamav
SECTION:=luci
CATEGORY:=LuCI
SUBMENU:=3. Applications
TITLE:=ClamAV Web UI
DEPENDS:=+luci-mod-admin-full +clamav
endef
define Package/luci-app-clamav/description
This package will install ClamAV Web UI.
endef
define Build/Prepare
endef
define Build/Configure
endef
define Build/Compile
endef
define Package/luci-app-clamav/install
$(INSTALL_DIR) $(1)/usr/lib/lua/luci/controller/
$(INSTALL_BIN) \
./files/controller/clamav-controller.lua \
$(1)/usr/lib/lua/luci/controller/clamav.lua
$(INSTALL_DIR) $(1)/usr/lib/lua/luci/model/cbi/
$(INSTALL_BIN) \
./files/model/cbi/clamav-cbi.lua \
$(1)/usr/lib/lua/luci/model/cbi/clamav.lua
endef
$(eval $(call BuildPackage,luci-app-clamav))
net/luci-app-clamav/files/controller/clamav-controller.lua
+22
View File
@@ -0,0 +1,22 @@
--[[
LuCI ClamAV module
Copyright (C) 2015, Itus Networks, Inc.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Author: Marko Ratkaj <marko.ratkaj@sartura.hr>
Luka Perkov <luka.perkov@sartura.hr>
]]--
module("luci.controller.clamav", package.seeall)
function index()
entry({"admin", "services", "clamav"}, cbi("clamav"), _("ClamAV"))
end

Some files were not shown because too many files have changed in this diff Show More