Commit Graph

5939 Commits

Author SHA1 Message Date
Hauke Mehrtens 275874dc22 tor: log to syslog by default
Make tor log to syslog by default instead of stdout.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-01-15 23:18:47 +01:00
Hauke Mehrtens 239ed96b0d tor: add tor-gencert, tor-resolve and torify
These are some additional applications build by the tor package.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-01-15 23:18:47 +01:00
Hauke Mehrtens f382d5da0d tor: add geoip6 to tor-geoip
This add the IPv6 addresses to the tor-geoip6 package.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-01-15 23:18:47 +01:00
Hauke Mehrtens 3c3f709792 tor: preserve tor keys over sysupgrade
Mark the directories containing the keys for hidden services as
conffiles to preserve them over sysupgrade.

Fixes: #2247

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-01-15 23:18:47 +01:00
Hauke Mehrtens 66b9522c26 tor: update to version 0.2.9.8
In addition update some configure options and use EXTRA_CFLAGS.
Setting RunAsDaemon to 1 will be overwritten by the init script option
"--runasdaemon 0" anyway and we want it in foreground for procd.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-01-15 23:18:47 +01:00
Jonathan Bennett e5251d1815 Fwknopd: Various updates
Adds configuration option for NFQ capture, moves often written
configuration files to /var/etc.

Signed-off-by: Jonathan Bennett <JBennett@incomsystems.biz>
2017-01-15 15:52:54 -06:00
Peter Wagner 91d59c5d02 nfs-kernel-sever: update to 2.1.1
Signed-off-by: Peter Wagner <tripolar@gmx.at>
2017-01-15 21:31:44 +01:00
heil 0086667b91 memcached: bump to version 1.4.34
Signed-off-by: heil <heil@terminal-consulting.de>
2017-01-15 21:29:16 +01:00
heil eb0309bc87 prosody: bump to version 0.9.12
Signed-off-by: heil <heil@terminal-consulting.de>
2017-01-15 21:28:23 +01:00
heil 0424c1f723 haproxy: bump to version 1.7.2
Released version 1.7.2 with the following main changes :

  - BUG/MEDIUM: lua: In some case, the return of sample-fetches is ignored (2)
  - SCRIPTS: git-show-backports: fix a harmless typo
  - SCRIPTS: git-show-backports: add -H to use the hash of the commit message
  - BUG/MINOR: stream-int: automatically release SI_FL_WAIT_DATA on SHUTW_NOW
  - DOC: lua: documentation about time parser functions
  - DOC: lua: section declared twice
  - BUG/MINOR: lua/cli: bad error message
  - DOC: fix small typo in fe_id (backend instead of frontend)
  - BUG/MINOR: Fix the sending function in Lua's cosocket
  - BUG/MINOR: lua: memory leak executing tasks
  - BUG/MINOR: lua: bad return code
  - BUG/MEDIUM: ssl: properly reset the reused_sess during a forced handshake
  - BUG/MEDIUM: ssl: avoid double free when releasing bind_confs
  - BUG/MINOR: stats: fix be/sessions/current out in typed stats
  - BUG/MINOR: backend: nbsrv() should return 0 if backend is disabled
  - BUG/MEDIUM: ssl: for a handshake when server-side SNI changes
  - BUG/MINOR: systemd: potential zombie processes
  - DOC: Add timings events schemas
  - BUILD: lua: build failed on FreeBSD.
  - BUG/MINOR: option prefer-last-server must be ignored in some case
  - MINOR: stats: Support "select all" for backend actions
  - BUG/MINOR: sample-fetches/stick-tables: bad type for the sample fetches sc*_get_gpt0
  - BUG/MAJOR: channel: Fix the definition order of channel analyzers
  - BUG/MINOR: http: report real parser state in error captures
  - BUILD: scripts: automatically update the branch in version.h when releasing
  - BUG/MAJOR: http: fix risk of getting invalid reports of bad requests
  - MINOR: http: custom status reason.
  - MINOR: connection: add sample fetch "fc_rcvd_proxy"
  - BUG/MINOR: config: emit a warning if http-reuse is enabled with incompatible options
  - BUG/MINOR: tools: fix off-by-one in port size check
  - BUG/MEDIUM: server: consider AF_UNSPEC as a valid address family
  - MEDIUM: server: split the address and the port into two different fields
  - MINOR: tools: make str2sa_range() return the port in a separate argument
  - MINOR: server: take the destination port from the port field, not the addr
  - MEDIUM: server: disable protocol validations when the server doesn't resolve
  - BUG/MEDIUM: tools: do not force an unresolved address to AF_INET:0.0.0.0
  - BUG/MINOR: ssl: EVP_PKEY must be freed after X509_get_pubkey usage
  - MINOR: proto_http.c 502 error txt typo.
  - DOC: add deprecation notice to "block"
  - BUG/MINOR: Reset errno variable before calling strtol(3)

Signed-off-by: heil <heil@terminal-consulting.de>
2017-01-15 21:26:00 +01:00
Stijn Tintel 42aeb06308 net-snmpd: convert snmpd-static to dummy package
We believe snmpd-static isn't useful, but download stats show it's still
being downloaded. Instead of dropping it, make it a dummy package that
depends on snmpd.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2017-01-15 18:17:58 +01:00
Peter Wagner 68689341dc git: update to 2.11.0
Signed-off-by: Peter Wagner <tripolar@gmx.at>
2017-01-15 14:30:57 +01:00
Christian Schoenebeck d093904bc1 ddns-scripts: fix detecting local ip from ip command
fix detecting local ip from ip command #3834

Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2017-01-15 10:30:38 +01:00
Stijn Tintel 2335ad51d6 vallumd: new package
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-01-14 05:49:21 +01:00
Stijn Tintel bf5c92a265 Merge pull request #3775 from jow-/net-snmp-nl-tiny
net-snmp: build against libnl-tiny
2017-01-13 19:48:02 +01:00
Hannu Nyman 8153fd3c00 Merge pull request #3729 from diizzyy/patch-1
net/shadowsocks-libev: Update to 2.6.1
2017-01-13 00:33:33 +02:00
Daniel Engberg 961c97b881 net/shadowsocks-libev: Update to 2.6.1
Update to 2.6.0 to support mbed TLS
Use xz instead of gz git tarball

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-01-12 23:07:11 +01:00
Thomas Huehn e0da6bf5bb mosquitto: Fix host UNAME detection
This fixes a bug when mosquitto is crosscompiled in LEDE on OS X.
UNAME is explicitly executed on the host, when we want it to be treated
as a regular linux build.

This patch passes the proper UNAME=Linux variable to the mosquitto
make file in order to respect linux as cross-compiler.

Signed-off-by: Thomas Huehn <thomas@net.t-labs.tu-berlin.de>
Reviewed-by: Karl Palsson <karlp@tweak.net.au>
2017-01-12 16:17:53 +00:00
Hannu Nyman 462219ca74 https-dns-proxy: bump PKG_RELEASE
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2017-01-12 13:14:42 +02:00
Aaron Drew d7a41ee08a https-dns-proxy: Fix wrong commandline argument
Init scripts were configuring daemon to write log to file "127.0.0.1" instead.
Signed-off-by: Aaron Drew <aarond10@gmail.com>
2017-01-12 20:33:08 +11:00
Noah Meyerhans 15460572ab bind: update to bind-9.10.4-P5
This change fixes multiple denial-of-service vulnerabilities:
 * CVE-2016-9131: A malformed response to an ANY query can cause an
   assertion failure during recursion
 * CVE-2016-9147: An error handling a query response containing
   inconsistent DNSSEC information could cause an assertion failure
 * CVE-2016-9444: An unusually-formed DS record response could cause
   an assertion failure
 * CVE-2016-9778: An error handling certain queries using the
   nxdomain-redirect feature could cause a REQUIRE assertion failure
   in db.c

Signed-off-by: Noah Meyerhans <frodo@morgul.net>
2017-01-11 22:04:54 -08:00
Daniel Dickinson 604f22ee69 net/nut: Ship upsset.conf for nut-cgi
Per user request ship the sample upsset.conf file so that
upsset functionality can be used with nut-cgi

Signed-off-by: Daniel Dickinson <lede@cshore.thecshore.com>
2017-01-11 18:59:15 -05:00
Daniel Dickinson a69c25d5e3 net/nut: Avoid building with libwrap when present
We don't want non-deterministic builds do turn off
libwrap in configure options.

Signed-off-by: Daniel Dickinson <lede@cshore.thecshore.com>
2017-01-11 18:55:32 -05:00
Daniel Dickinson b27c7fd64b net/nut: Make myself maintainer per private mail
Current maintainer (Martin Rowe) offered to hand over
maintership because I'm interested in doing more with
the package than he requires for his own use, so he
felt it made sense for me to maintain the package.
I accepted, hence this commit.

Signed-off-by: Daniel Dickinson <lede@cshore.thecshore.com>
2017-01-11 18:55:19 -05:00
Daniel Dickinson c00d89593e net/nut: Fix '/var/run' world readable warning
Use /var/run/nut as statepath and set appropriate owner
and permissions on /var/run/nut in order to avoid pidfile
for nut being world-readable.

Signed-off-by: Daniel Dickinson <lede@cshore.thecshore.com>
2017-01-11 18:54:51 -05:00
Daniel Dickinson c94e334c4e net-nut: Add UPS notifications via sendmail
Add option to send email notification via sendmail
(or replacement).

Signed-off-by: Daniel Dickinson <lede@cshore.thecshore.com>
2017-01-11 18:54:40 -05:00
Daniel Dickinson 5503dac806 net/nut: Add back serial support
It looks like serial support was accidentally dropped due to missing
pieces on Config.in and Makefile.  Add back serial support by fixing
that.

Signed-off-by: Daniel Dickinson <lede@cshore.thecshore.com>
2017-01-11 18:54:29 -05:00
Daniel Dickinson c1d26bacdf net/nut: Protect CGI via HTTP Basic Auth
When using uhttpd (the default), protect NUT CGI
via HTTP Basic Auth.

Signed-off-by: Daniel Dickinson <lede@cshore.thecshore.com>
2017-01-11 18:54:16 -05:00
Daniel Dickinson a23c4e85c5 net/nut: Build optional separate packages and ucify
With a LuCI app (of which I have one written) ucification makes
sense (and is in fact needed), so ucify the initscripts.

Also, rather than making selection of things to include an image
a matter of selecting compile-time config options, make optional
things into seperate packages that are built in default builds,
and leave selection of what to include or not up to the user
(e.g. using ImageBuilder, or adding packages via opkg).

Signed-off-by: Daniel Dickinson <lede@cshore.thecshore.com>
2017-01-11 18:53:58 -05:00
Daniel Golle 80f93e5513 gnunet: fix build
a missing empty file caused the build to break

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2017-01-11 23:21:47 +01:00
Christian Schoenebeck 71b50a7acc ddns-scripts: fixes for nslookup and khost
- fix ip extraction if knot host is used together with glue records
- fix ip extraction from nslookup if reverse dns record has ip with dot reported at http://forum.lede-project.org/t/ddns-scripts-error/909

Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2017-01-11 22:08:42 +01:00
Matthias Schiffer 3823ef9bc4 Merge pull request #3813 from NeoRaider/hostpkg
Use STAGING_DIR_HOSTPKG where appropriate
2017-01-11 21:54:09 +01:00
Hannu Nyman 3b2e6cad2c Merge pull request #3816 from danrl/wireguard
wireguard: new upstream version
2017-01-11 22:41:21 +02:00
danrl 65cd2a6e43 wireguard: version bump
Signed-off-by: Dan Luedtke <mail@danrl.com>
2017-01-11 21:09:11 +01:00
Daniel Golle b8cd28f12e gnunet: update source
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2017-01-11 02:09:20 +01:00
Peter Wagner 9e269e39c3 net/openssh: Offload main site
Add a few mirrors in-front of main site for offloading

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Signed-off-by: Peter Wagner <tripolar@gmx.at>
2017-01-11 00:58:26 +01:00
Daniel Dickinson eb374e2d4d net/rsync: Make using ACL/XATTR the default if it's core default
Core has an option to enable ACL/XATTR by default;
if that is set default rsync to use it.

Signed-off-by: Daniel Dickinson <lede@cshore.thecshore.com>
2017-01-10 16:26:10 -05:00
Hannu Nyman a41987324c Merge pull request #3490 from t-8ch/esniper_2.32
esniper: to 2.32.0
2017-01-10 22:09:33 +02:00
Thomas Weißschuh b8565dea98 esniper: to 2.32.0
Ebay changed their login API, breaking 2.31.0

Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
2017-01-10 20:04:37 +00:00
Hannu Nyman f3cd14d2d0 Merge pull request #3736 from damianorenfer/master
net/dnscrypt-proxy: update to 1.9.1. Change config system, use config…
2017-01-10 20:45:45 +02:00
Ted Hess c361090b31 Merge pull request #3807 from thess/umurmur-update
umurmur: Update to lastest version. Replace PolarSSL with mbed TLS
2017-01-10 13:43:44 -05:00
Peter Wagner 83f2f0a35e irssi: update to 0.8.21
Signed-off-by: Peter Wagner <tripolar@gmx.at>
2017-01-10 19:01:52 +01:00
Matthias Schiffer 4a984a8d60 treewide: replace $(STAGING_DIR)/host and $(HOST_BUILD_PREFIX) with $(STAGING_DIR_HOSTPKG)
As both LEDE and OpenWrt have STAGING_DIR_HOSTPKG now, we can start to rely
on it. See 73b7f55424 for more information on
STAGING_DIR_HOSTPKG.

STAGING_DIR_HOSTPKG won't actually be changed before the first LEDE release
(it is equivalent to $(STAGING_DIR)/host), so this simple search/replace
cleanup is safe to apply. Doing this cleanup now will be useful for the
Gluon project (an OpenWrt/LEDE based firmware framework) for experimenting
with modifying STAGING_DIR_HOSTPKG before doing this in the LEDE upstream.

Also fixes a typo in the dbus Makefile ("STAGIND_DIR").

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-01-10 18:25:54 +01:00
Hannu Nyman 43f6c05b6b Merge pull request #3777 from pprindeville/update-isc-dhcp
isc-dhcp: bump version to latest and fix build issues
2017-01-10 18:23:32 +02:00
Ted Hess 85881594e1 umurmur: Update to lastest version. Replace PolarSSL with mbed TLS
Signed-off-by: Ted Hess <thess@kitschensync.net>
2017-01-10 08:59:23 -05:00
Daniel Golle 9a30e8af42 gnunet: upstream fixes and packaging improvements
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2017-01-10 06:14:28 +01:00
Hauke Mehrtens 0c5eb5aff1 iotivity: make logging configurable
Before this change logging was always activated and then IoTivity wrote
a lot of debug messages. Make it now configurable.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-01-09 23:31:22 +01:00
Hauke Mehrtens a2bc69df69 iotivity: install the header files
Install the header files needed to build something against IoTivity.
This will have it easier to build an application using IoTivity library.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-01-09 23:31:22 +01:00
Hauke Mehrtens 2734f86e6e iotivity: replace environment patches with upstream versions
These patches are making it possible to provide the compiler settings
from the environment so LEDE can change them. This replaces the old
patches with the versions send for upstream inclusion.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-01-09 23:31:22 +01:00
Hauke Mehrtens 1e28dfe214 iotivity: update to version 1.2.1
This does the following changes:
* update to version 1.2.1
* add iotivity-resource-directory-lib, this is needed by most
  applications now
* do not activate security support by default, this caused some
  problems and needs some more settings to setup.
* use sqlite version from normal package feed instead of using an own
  version
* build against LEDE version of mbedtls
* update example security configuration
* remove some patches that went upstream
* add some new patches fixing problems observed in my environment, most
  of them are on their way upstream.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-01-09 23:31:22 +01:00