Commit Graph

1026 Commits

Author SHA1 Message Date
Nikos Mavrogiannopoulos 3b3df642e4 ocserv: updated license
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
2016-06-16 22:35:19 +02:00
Nikos Mavrogiannopoulos d5d893c31f ocserv: updated to 0.11.3
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
2016-06-16 22:26:13 +02:00
Dirk Brenken d89f201d66 adblock: update 1.2.1
* small optimizations & cosmetics

adblock: release 1.2.0

* rework download/backup/restore handling
* rework firewall handling
* refine whitelist parsing
* changed default null-ip to 198.18.0.1 to prevent conflicts with bcp38
* spread traffic from ad servers (port 80/443) on two uhttpd instances,
this fixes timeouts on sites with many ssl ad server connections, i.e.
youtube.com
* provide statistics & last runtime for LuCI interface
* documentation update

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 8ab3d8bdc2)
(cherry picked from commit 672dd10b10)
2016-06-16 11:18:10 +03:00
Karl Palsson f43f01ea15 net/mosquitto: update maintainer email address
Signed-off-by: Karl Palsson <karlp@remake.is>
Signed-off-by: Karl Palsson <karlp@etactica.com>
2016-06-06 10:52:41 +00:00
Karl Palsson bf92a7b74d net/mosquitto: bump to v1.4.9
Bugfix release.  Full changelog available at
http://mosquitto.org/2016/06/version-1-4-9-released/

Signed-off-by: Karl Palsson <karlp@etactica.com>
2016-06-06 10:51:10 +00:00
Dirk Brenken 2f637babe8 adblock: update 1.1.17
* change winspy url again
* various cosmetics left out in former release
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit d0eceb6b25)

adblock: update 1.1.16, release 2
* workaround for LuCI search path issue
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 26fa1c5df0)

adblock: update 1.1.16
* new config option 'adb_restricted' to disable updates of the adblock
config during runtime (no flash writes, disabled by default)
* new update function, to apply latest configuration changes if needed
(/etc/init.d/adblock cfgup)
* fix dns redirect rule
* various optimizations
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 41b05a5532)
2016-06-04 10:38:53 +03:00
Dirk Brenken 6b5a320bed adblock: update 1.1.15
* toggle to quickly switch adblocking 'on' or 'off' (/etc/init.d/adblock
toggle)
* new config option 'fetchttl' to set download timeouts (default: 5
seconds)
* better config check, distinct between major/minor changes
* documentation update

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 4f3f239ff2)
2016-06-03 10:14:48 +03:00
Dirk Brenken 72d2cfe064 adblock: update 1.1.12
* change wget binary naming
* change winspy source url
* documentation update

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit bad84563dc)
2016-05-25 22:50:41 +03:00
Dirk Brenken ffae0de40c adblock: update 1.1.11
* fix changed winspy source url in default config
* fix adblock counters in config
* cosmetics

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 54b0115d25)
2016-05-23 17:40:39 +03:00
Dirk Brenken dd2c7136d3 adblock: update 1.1.10
* automatic AP mode detection (change nullip address accordingly)
* (de-)compress backups on the fly
* remove hardcoded path for logger
* documentation update
* change maintainer email address
* cosmetics

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 57853a6c14)
2016-05-23 17:40:15 +03:00
Nikos Mavrogiannopoulos 3164b99f2f openconnect: use proto_add_host_dependency
This ensures that a direct route to the connected host is added
by netifd.

Resolves #2548

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
2016-05-22 17:45:00 +02:00
Jo-Philipp Wich d45a8bb443 openconnect: avoid possible implicit dependency on liblz4
If the liblz4 library exists within the build environment, the openconnect
configure will pick it up and start depending on it, leading to the following
build error:

    Package openconnect is missing dependencies for the following libraries:
    liblz4.so.1

Disable LZ4 support in configure in order to avoid this implicit,
nondeterministic dependency.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-05-22 17:44:51 +02:00
Hannu Nyman 2c7e41efeb fwknop: bump PKG_RELEASE
Bump PKG_RELEASE after #2670

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-05-12 10:46:02 +03:00
Dirk Brenken da4115d276 adblock: update 1.1.2
* remove hardcoded paths for system tools like iptables, uci & fetch
(wget)
* support openwrt & lede spin-off
* cosmetics & cleanups

Signed-off-by: Dirk Brenken <openwrt@brenken.org>

(cherry picked from commit 7b4ad33255)
2016-05-10 16:40:27 +03:00
Dirk Brenken 0f34254995 adblock: update to 1.1.1
* discard uncommitted uci changes in case of processing errors
* init script (stop action) now removes all 'adb_src_count' &
'adb_src_timestamp' entries in config
* updated documentation

Signed-off-by: Dirk Brenken <openwrt@brenken.org>

(cherry picked from commit 262f4551e2)
2016-05-10 16:40:16 +03:00
Dirk Brenken bb5f4f6d29 adblock: release 1.1.0
* support more router modes, as long as the firewall and the DNS server
are enabled
* new source sites can be added & changed via awk ruleset in uci config
* source domain count, last update time & overall count will be stored
in uci config
* added 3 new source sites:
   ransomware tracker
   rolist/easylist
   winspy
* switch to minimal inline base64 encoded 1×1 GIF for pixel server
(separate png image no longer needed)
* simplified uci parser
* source download & domain sort optimization
* add whitelist parser with wildcard support
* reduced code size & various cleanups
* updated documentation

Signed-off-by: Dirk Brenken <openwrt@brenken.org>
(cherry picked from commit b9aeb82c95)
2016-05-10 16:40:08 +03:00
Jonathan Bennett a105a0ce53 Fwknop: Fix setting getting overwritten
A typo in the init file was causing a certain setting to be overwritten on every daemon start.
Signed-off-by: Jonathan Bennett <JBennett@incomsystems.biz>
2016-05-08 13:35:46 -05:00
champtar 21fe2da3a6 Merge pull request #2509 from wimanwifi/for-15.05-coova-fix-backport
coova-chilli: fix stat failed error when compile without kmod
2016-05-03 21:11:23 +02:00
champtar beb295fad0 Merge pull request #2380 from chris5560/for-15.05
[for-15.05] privoxy: bump to 3.0.24 incl. fix for CVE-2016-1982, CVE-2016-1983
2016-04-10 15:06:33 +02:00
Dirk Brenken 4044c55847 adblock: update 1.0.3
* remove syntax glitch & cosmetics
* probably the last 1.0.x release

Signed-off-by: Dirk Brenken <openwrt@brenken.org>
(cherry picked from commit 40a9c0a92d)
2016-04-07 23:23:29 +03:00
Dirk Brenken 289549a6e1 adblock: update 1.0.2
* fix corner case during shallalist backup/restore

Signed-off-by: Dirk Brenken <openwrt@brenken.org>
(cherry picked from commit e32bbffc7b)
2016-04-04 00:45:59 +03:00
Dirk Brenken 3587540ea5 adblock: update 1.0.1
* optimize list sort
* simplified block list removal

Signed-off-by: Dirk Brenken <openwrt@brenken.org>
(cherry picked from commit a066df55a5)
2016-04-04 00:44:01 +03:00
heil 19c5dcf528 haproxy: bump to version 1.5.16
[RELEASE] Released version 1.5.16

  Released version 1.5.16 with the following main changes :
    - BUG/BUILD: replace haproxy-systemd-wrapper with $(EXTRA) in install-bin.
    - BUG/MINOR: acl: don't use record layer in req_ssl_ver
    - BUG: http: do not abort keep-alive connections on server timeout
    - BUG/MEDIUM: http: switch the request channel to no-delay once done.
    - MINOR: config: extend the default max hostname length to 64 and beyond
    - BUG/MEDIUM: http: don't enable auto-close on the response side
    - BUG/MEDIUM: stream: fix half-closed timeout handling
    - BUG/MEDIUM: cli: changing compression rate-limiting must require admin level
    - BUILD: freebsd: double declaration
    - BUG/MEDIUM: sample: urlp can't match an empty value
    - BUG/MEDIUM: peers: table entries learned from a remote are pushed to others after a random delay.
    - BUG/MEDIUM: peers: old stick table updates could be repushed.
    - CLEANUP: haproxy: using _GNU_SOURCE instead of __USE_GNU macro.
    - BUG/MINOR: chunk: make chunk_dup() always check and set dst->size
    - MINOR: chunks: ensure that chunk_strcpy() adds a trailing zero
    - MINOR: chunks: add chunk_strcat() and chunk_newstr()
    - MINOR: chunk: make chunk_initstr() take a const string
    - BUG/MEDIUM: config: Adding validation to stick-table expire value.
    - BUG/MEDIUM: sample: http_date() doesn't provide the right day of the week
    - BUG/MEDIUM: channel: fix miscalculation of available buffer space.
    - BUG/MINOR: stream: don't force retries if the server is DOWN
    - MINOR: unix: don't mention free ports on EAGAIN
    - BUG/CLEANUP: CLI: report the proper field states in "show sess"
    - MINOR: stats: send content-length with the redirect to allow keep-alive
    - BUG: stream_interface: Reuse connection even if the output channel is empty
    - DOC: remove old tunnel mode assumptions
    - DOC: add server name at rate-limit sessions example
    - BUG/MEDIUM: ssl: fix off-by-one in ALPN list allocation
    - BUG/MEDIUM: ssl: fix off-by-one in NPN list allocation
    - BUG/MEDIUM: stats: stats bind-process doesn't propagate the process mask correctly
    - BUG/MINOR: http: Be sure to process all the data received from a server
    - BUG/MEDIUM: chunks: always reject negative-length chunks
    - BUG/MINOR: systemd: ensure we don't miss signals
    - BUG/MINOR: systemd: report the correct signal in debug message output
    - BUG/MINOR: systemd: propagate the correct signal to haproxy
    - MINOR: systemd: ensure a reload doesn't mask a stop
    - CLEANUP: stats: Avoid computation with uninitialized bits.
    - CLEANUP: pattern: Ignore unknown samples in pat_match_ip().
    - CLEANUP: map: Avoid memory leak in out-of-memory condition.
    - BUG/MINOR: tcpcheck: conf parsing error when no port configured on server and last rule is a CONNECT with no port
    - BUG/MINOR: tcpcheck: fix incorrect list usage resulting in failure to load certain configs
    - MINOR: cfgparse: warn when uid parameter is not a number
    - MINOR: cfgparse: warn when gid parameter is not a number
    - BUG/MINOR: standard: Avoid free of non-allocated pointer
    - BUG/MINOR: pattern: Avoid memory leak on out-of-memory condition
    - CLEANUP: http: fix a build warning introduced by a recent fix
    - BUG/MINOR: log: GMT offset not updated when entering/leaving DST

Signed-off-by: heil <heil@terminal-consulting.de>
2016-03-29 13:10:34 +02:00
dirk 081f255ac3 adblock: release 1.0.0 (backport from trunk)
Bckport the adblock package from master.

Signed-off-by:  Hannu Nyman <hannu.nyman@iki.fi>
(backport from commit 9f719e4c2c)
2016-03-16 16:11:49 +02:00
Jaehoon You 3c129346a2 coova-chilli: fix stat failed error when compile without kmod
This patch fixes #1261.

Signed-off-by: Jaehoon You <teslamint@gmail.com>
2016-03-15 17:15:03 +01:00
Karl Palsson 637ea2abea mosquitto: Bump to version 1.4.8
Changelog and release notes:
http://mosquitto.org/2016/02/version-1-4-8-released/

Signed-off-by: Karl Palsson <karlp@etactica.com>
2016-03-07 11:42:41 +00:00
heil b6c9f34a47 [RFC] prosody: update to 0.9.10, switch to procd init script
- backport from master

Signed-off-by: heil <heil@terminal-consulting.de>
2016-02-28 15:34:53 +01:00
Nikos Mavrogiannopoulos 183e5a5e34 ocserv: updated to 0.10.12
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
2016-02-19 17:02:35 +01:00
Toke Høiland-Jørgensen 2f36f666e5 sqm-scripts: Bump to v1.0.7.
Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
2016-02-16 12:33:11 +01:00
Christian Schoenebeck 1adba81824 [for-15.05] privoxy: bump to 3.0.24 incl. fix for CVE-2016-1982, CVE-2016-1983
* upstream to Privoxy 3.0.24
 - incl. fix for CVE-2016-1982 and CVE-2016-1983
* add facility to set compile options
* add file list to be saved on sysupgrade
* fixed PKG_MAINTAINER string
* add port 8118 used by privoxy to /etc/services
* new "boot_delay" option (default 10 seconds) to wait for interfaces to come up before hotplug restarts are enabled

Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2016-02-13 17:39:10 +01:00
Peter Wagner 770b0d6113 ntpd: update to 4.2.8p6
Signed-off-by: Peter Wagner <tripolar@gmx.at>
2016-01-25 20:22:58 +01:00
heil 0bc0190b59 haproxy: add pending patches from upstream
- [PATCH 11/13] BUG/MEDIUM: peers: table entries learned from a remote
 - [PATCH 12/13] BUG/MEDIUM: peers: old stick table updates could be
 - [PATCH 13/13] CLEANUP: haproxy: using _GNU_SOURCE instead of

Signed-off-by: heil <heil@terminal-consulting.de>
2016-01-25 17:01:48 +01:00
heil bb23089e84 prosody: upgrade to 0.9.9
fixes:
    * path traversal vulnerability in mod_http_files (CVE-2016-1231)
    * use of weak PRNG in generation of dialback secrets (CVE-2016-1232)

Signed-off-by: heil <heil@terminal-consulting.de>
2016-01-25 13:31:29 +01:00
Noah Meyerhans 41dcf83e53 bind: upgrade to 9.9.8-P3
Fixes:
 * CVE-2015-8704
 * CVE-2015-3193
 * CVE-2015-8000
 * CVE-2015-8461

Signed-off-by: Noah Meyerhans <frodo@morgul.net>
2016-01-24 12:43:29 +01:00
Karl Palsson 97a33d77ef mosquitto: properly separate the passwd utility
Building both variants improperly tried to include the passwd utility
for the non-ssl variant, as the variable was set for the ssl variant.

Use properly separated install tasks to install additional files, rather
than hacking around inside the single target.

Signed-off-by: Karl Palsson <karlp@remake.is>
2016-01-19 12:05:48 +00:00
Karl Palsson 6ff7317492 mosquitto: fix old whitespace bug
Introduced back in 2014

Fixes: cd21cbb82e
Signed-off-by: Karl Palsson <karlp@tweak.net.au>
2016-01-19 12:05:48 +00:00
Jo-Philipp Wich 472f8c826e mosquitto: fix whitespace error introduced with 7a6a575887
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-01-18 09:53:55 +01:00
Peter Wagner 400d01d37f tor: update to 0.2.7.6
Signed-off-by: Peter Wagner <tripolar@gmx.at>
2016-01-16 20:42:48 +01:00
Peter Wagner 6052829a43 ntpd: update to 4.2.8p5
Signed-off-by: Peter Wagner <tripolar@gmx.at>
2016-01-16 12:47:09 +01:00
Heinrich Schuchardt fc7fc89ee7 net/openssh: version 7.1p2
Use version 7.1p2 due to several security bulletins.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2016-01-16 11:46:32 +01:00
Karl Palsson 18d05777af mosquitto: Bump to version 1.4.7
Minor changes mostly unrelated to OpenWRT.
Full changelog at http://mosquitto.org/2015/12/version-1-4-7-released/

Signed-off-by: Karl Palsson <karlp@remake.is>
2016-01-15 09:33:59 +00:00
Karl Palsson 5dda75f84c mosquitto: optionally include mosquitto_passwd utility
Many users of the SSL build of mosquitto need the passwd utility for
managing keys.

Fixes github issue #1909

Signed-off-by: Karl Palsson <karlp@remake.is>
2016-01-15 09:33:59 +00:00
Nikolay Martynov d9c2951b19 bridge-utils: copy from oldpackages
* update Makefile accoring to CONTRIBUTING.md, set maintainer
* fix file offset handling
* use https://git.kernel.org/pub/scm/linux/kernel/git/shemminger/bridge-utils.git for source code

Signed-off-by: Nikolay Martynov <mar.kolya@gmail.com>
2016-01-15 08:45:42 +01:00
Mislav Novakovic 04d79438d2 squid: update to 3.5.12
Signed-off-by: Mislav Novakovic <mislav.novakovic@sartura.hr>
2016-01-13 00:59:37 +01:00
Leonardo Brondani Schenkel 163252fcec ddns-scripts: bump 2.4.3 to release 2 2016-01-08 20:10:58 +01:00
Leonardo Brondani Schenkel 57ba3be8e0 ddns-scripts: allow setting CloudFlare 'rec_id' in the config
This is necessary when there are multiple records for the same domain,
otherwise the script will overwrite the first one returned by the API.
It has the secondary benefit of allowing faster updates by performing
only one API call instead of two.

In case 'rec_id' is not set the script behaves exactly as before.

Signed-off-by: Leonardo Brondani Schenkel <leonardo@schenkel.net>
(grafted from 019ba13d01e93c18d0ed35b0aeb3399f28108e0e)
2016-01-08 19:47:57 +01:00
Nikos Mavrogiannopoulos 25de619b04 ocserv: updated to 0.10.11
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
2016-01-10 08:35:27 +01:00
Hannu Nyman 594e6a4916 Merge pull request #2230 from MikePetullo/for-15.05
For 15.05: Cherry pick a number of updates from maintainer into 15.05
2016-01-09 17:06:44 +02:00
Nikos Mavrogiannopoulos 57c660e98d ocserv: prevent a crash if the per-user dir does not exist
Relates #2167

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
2016-01-05 21:49:13 +01:00
W. Michael Petullo 23fbc85322 krb5: port removal of Prepare target from master
Signed-off-by: W. Michael Petullo <mike@flyn.org>
2016-01-01 17:23:27 -05:00