Merge branch 'openwrt:master' into master
This commit is contained in:
commit
81550265cb
|
@ -1,93 +0,0 @@
|
|||
FROM debian:10
|
||||
|
||||
|
||||
# Configuration version history
|
||||
# v1.0 - Initial version by Etienne Champetier
|
||||
# v1.0.1 - Run as non-root, add unzip, xz-utils
|
||||
# v1.0.2 - Add bzr
|
||||
# v1.0.3 - Verify usign signatures
|
||||
# v1.0.4 - Add support for Python3
|
||||
# v1.0.5 - Add 19.07 public keys, verify keys
|
||||
# v1.0.6 - Add 21.02 public keys, update Debian image to version 10, add rsync
|
||||
# v1.0.7 - Add 22.03 public keys, 18.06 v2 gpg key, 18.06 usign key
|
||||
|
||||
RUN apt update && apt install -y \
|
||||
build-essential \
|
||||
bzr \
|
||||
curl \
|
||||
jq \
|
||||
gawk \
|
||||
gettext \
|
||||
git \
|
||||
libncurses5-dev \
|
||||
libssl-dev \
|
||||
python \
|
||||
python3 \
|
||||
signify-openbsd \
|
||||
subversion \
|
||||
rsync \
|
||||
time \
|
||||
unzip \
|
||||
wget \
|
||||
xz-utils \
|
||||
zlib1g-dev \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
RUN useradd -c "OpenWrt Builder" -m -d /home/build -s /bin/bash build
|
||||
USER build
|
||||
ENV HOME /home/build
|
||||
|
||||
# OpenWrt Build System (PGP key for unattended snapshot builds)
|
||||
RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/626471F1.asc' | gpg --import \
|
||||
&& gpg --fingerprint --with-colons '<pgpsign-snapshots@openwrt.org>' | grep '^fpr:::::::::54CC74307A2C6DC9CE618269CD84BCED626471F1:$' \
|
||||
&& echo '54CC74307A2C6DC9CE618269CD84BCED626471F1:6:' | gpg --import-ownertrust
|
||||
|
||||
# OpenWrt Build System (PGP key for 17.01 "Reboot" release builds)
|
||||
RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/D52BBB6B.asc' | gpg --import \
|
||||
&& gpg --fingerprint --with-colons '<pgpsign-17.01@openwrt.org>' | grep '^fpr:::::::::B09BE781AE8A0CD4702FDCD3833C6010D52BBB6B:$' \
|
||||
&& echo 'B09BE781AE8A0CD4702FDCD3833C6010D52BBB6B:6:' | gpg --import-ownertrust
|
||||
|
||||
# OpenWrt Release Builder (18.06 Signing Key)
|
||||
RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/17E1CE16.asc' | gpg --import \
|
||||
&& gpg --fingerprint --with-colons '<openwrt-devel@lists.openwrt.org>' | grep '^fpr:::::::::6768C55E79B032D77A28DA5F0F20257417E1CE16:$' \
|
||||
&& echo '6768C55E79B032D77A28DA5F0F20257417E1CE16:6:' | gpg --import-ownertrust
|
||||
|
||||
# OpenWrt Build System (PGP key for 18.06 release builds)
|
||||
RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/15807931.asc' | gpg --import \
|
||||
&& gpg --fingerprint --with-colons '<pgpsign-18.06@openwrt.org>' | grep '^fpr:::::::::AD0507363D2BCE9C9E36CEC4FBCB78F015807931:$' \
|
||||
&& echo 'AD0507363D2BCE9C9E36CEC4FBCB78F015807931:6:' | gpg --import-ownertrust
|
||||
|
||||
# OpenWrt Build System (PGP key for 19.07 release builds)
|
||||
RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/2074BE7A.asc' | gpg --import \
|
||||
&& gpg --fingerprint --with-colons '<pgpsign-19.07@openwrt.org>' | grep '^fpr:::::::::D9C6901F45C9B86858687DFF28A39BC32074BE7A:$' \
|
||||
&& echo 'D9C6901F45C9B86858687DFF28A39BC32074BE7A:6:' | gpg --import-ownertrust
|
||||
|
||||
# OpenWrt Build System (PGP key for 21.02 release builds)
|
||||
RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/88CA59E8.asc' | gpg --import \
|
||||
&& gpg --fingerprint --with-colons '<pgpsign-21.02@openwrt.org>' | grep '^fpr:::::::::667205E379BAF348863A5C6688CA59E88F681580:$' \
|
||||
&& echo '667205E379BAF348863A5C6688CA59E88F681580:6:' | gpg --import-ownertrust
|
||||
|
||||
# OpenWrt Build System (GnuPGP key for 22.03 release builds)
|
||||
RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/CD54E82DADB3684D.asc' | gpg --import \
|
||||
&& gpg --fingerprint --with-colons '<pgpsign-22.03@openwrt.org>' | grep '^fpr:::::::::BF856781A01293C8409ABE72CD54E82DADB3684D:$' \
|
||||
&& echo 'BF856781A01293C8409ABE72CD54E82DADB3684D:6:' | gpg --import-ownertrust
|
||||
|
||||
# untrusted comment: Public usign key for unattended snapshot builds
|
||||
RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=usign/b5043e70f9a75cde' --create-dirs -o /home/build/usign/b5043e70f9a75cde \
|
||||
&& echo 'd7ac10f9ed1b38033855f3d27c9327d558444fca804c685b17d9dcfb0648228f */home/build/usign/b5043e70f9a75cde' | sha256sum --check
|
||||
|
||||
# untrusted comment: Public usign key for 18.06 release builds
|
||||
RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=usign/1035ac73cc4e59e3' --create-dirs -o /home/build/usign/1035ac73cc4e59e3 \
|
||||
&& echo '8dc2e7f5c4e634437e6641f4df77a18bf59f0c8e9016c8ba4be5d4a0111e68c2 */home/build/usign/1035ac73cc4e59e3' | sha256sum --check
|
||||
|
||||
# untrusted comment: Public usign key for 19.07 release builds
|
||||
RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=usign/f94b9dd6febac963' --create-dirs -o /home/build/usign/f94b9dd6febac963 \
|
||||
&& echo 'b1d09457cfbc36fccfe18382d65c54a2ade3e7fd3902da490a53aa517b512755 */home/build/usign/f94b9dd6febac963' | sha256sum --check
|
||||
|
||||
# untrusted comment: Public usign key for 21.02 release builds
|
||||
RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=usign/2f8b0b98e08306bf' --create-dirs -o /home/build/usign/2f8b0b98e08306bf \
|
||||
&& echo 'd102bdd75421c62490b97f520f9db06aadb44ad408b244755d26e96ea5cd3b7f */home/build/usign/2f8b0b98e08306bf' | sha256sum --check
|
||||
|
||||
# untrusted comment: Public usign key for 22.03 release builds
|
||||
RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=usign/4d017e6f1ed5d616' --create-dirs -o /home/build/usign/4d017e6f1ed5d616 \
|
||||
&& echo 'f3c5fdf447d7c2743442e68077d60acc7c3e91754849e1f4b6be837b4204b7e2 */home/build/usign/4d017e6f1ed5d616' | sha256sum --check
|
|
@ -1,6 +0,0 @@
|
|||
# Build/update the docker image
|
||||
|
||||
docker pull debian:10
|
||||
docker build --rm -t docker.io/openwrtorg/packages-cci:latest .
|
||||
docker tag <IMAGE ID> docker.io/openwrtorg/packages-cci:<VERSION-TAG>
|
||||
docker push docker.io/openwrtorg/packages-cci
|
|
@ -1,182 +0,0 @@
|
|||
version: 2.0
|
||||
jobs:
|
||||
build:
|
||||
docker:
|
||||
- image: docker.io/openwrtorg/packages-cci:v1.0.7
|
||||
environment:
|
||||
- SDK_HOST: "downloads.openwrt.org"
|
||||
- SDK_PATH: "snapshots/targets/ath79/generic"
|
||||
- SDK_FILE: "openwrt-sdk-ath79-generic_*.Linux-x86_64.tar.xz"
|
||||
- BRANCH: "master"
|
||||
steps:
|
||||
- checkout:
|
||||
path: ~/openwrt_packages
|
||||
|
||||
- run:
|
||||
name: Check changes / verify commits
|
||||
working_directory: ~/openwrt_packages
|
||||
command: |
|
||||
cat >> $BASH_ENV <<EOF
|
||||
echo_red() { printf "\033[1;31m\$*\033[m\n"; }
|
||||
echo_green() { printf "\033[1;32m\$*\033[m\n"; }
|
||||
echo_blue() { printf "\033[1;34m\$*\033[m\n"; }
|
||||
EOF
|
||||
source $BASH_ENV
|
||||
|
||||
RET=0
|
||||
for commit in $(git rev-list HEAD ^origin/$BRANCH); do
|
||||
echo_blue "=== Checking commit '$commit'"
|
||||
if git show --format='%P' -s $commit | grep -qF ' '; then
|
||||
echo_red "Pull request should not include merge commits"
|
||||
RET=1
|
||||
fi
|
||||
|
||||
author="$(git show -s --format=%aN $commit)"
|
||||
if echo $author | grep -q '\S\+\s\+\S\+'; then
|
||||
echo_green "Author name ($author) seems ok"
|
||||
else
|
||||
echo_red "Author name ($author) need to be your real name 'firstname lastname'"
|
||||
RET=1
|
||||
fi
|
||||
|
||||
subject="$(git show -s --format=%s $commit)"
|
||||
if echo "$subject" | grep -q -e '^[0-9A-Za-z,+/_-]\+: ' -e '^Revert '; then
|
||||
echo_green "Commit subject line seems ok ($subject)"
|
||||
else
|
||||
echo_red "Commit subject line MUST start with '<package name>: ' ($subject)"
|
||||
RET=1
|
||||
fi
|
||||
|
||||
body="$(git show -s --format=%b $commit)"
|
||||
sob="$(git show -s --format='Signed-off-by: %aN <%aE>' $commit)"
|
||||
if echo "$body" | grep -qF "$sob"; then
|
||||
echo_green "Signed-off-by match author"
|
||||
else
|
||||
echo_red "Signed-off-by is missing or doesn't match author (should be '$sob')"
|
||||
RET=1
|
||||
fi
|
||||
done
|
||||
|
||||
exit $RET
|
||||
|
||||
- run:
|
||||
name: Download the SDK
|
||||
working_directory: ~/sdk
|
||||
command: |
|
||||
curl "https://$SDK_HOST/$SDK_PATH/sha256sums" -sS -o sha256sums
|
||||
curl "https://$SDK_HOST/$SDK_PATH/sha256sums.asc" -fs -o sha256sums.asc || true
|
||||
curl "https://$SDK_HOST/$SDK_PATH/sha256sums.sig" -fs -o sha256sums.sig || true
|
||||
if [ ! -f sha256sums.asc ] && [ ! -f sha256sums.sig ]; then
|
||||
echo_red "Missing sha256sums signature files"
|
||||
exit 1
|
||||
fi
|
||||
[ ! -f sha256sums.asc ] || gpg --with-fingerprint --verify sha256sums.asc sha256sums
|
||||
if [ -f sha256sums.sig ]; then
|
||||
VERIFIED=
|
||||
for KEY in ~/usign/*; do
|
||||
echo "Trying $KEY..."
|
||||
if signify-openbsd -V -q -p "$KEY" -x sha256sums.sig -m sha256sums; then
|
||||
echo "...verified"
|
||||
VERIFIED=1
|
||||
break
|
||||
fi
|
||||
done
|
||||
if [ -z "$VERIFIED" ]; then
|
||||
echo_red "Could not verify usign signature"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
rsync -av "$SDK_HOST::downloads/$SDK_PATH/$SDK_FILE" .
|
||||
sha256sum -c --ignore-missing sha256sums
|
||||
|
||||
- run:
|
||||
name: Prepare build_dir
|
||||
working_directory: ~/build_dir
|
||||
command: |
|
||||
tar Jxf ~/sdk/$SDK_FILE --strip=1
|
||||
touch .config
|
||||
make prepare-tmpinfo scripts/config/conf
|
||||
./scripts/config/conf --defconfig=.config Config.in
|
||||
make prereq
|
||||
rm .config
|
||||
cat > feeds.conf <<EOF
|
||||
src-git base https://github.com/openwrt/openwrt.git;$BRANCH
|
||||
src-link packages $HOME/openwrt_packages
|
||||
src-git luci https://github.com/openwrt/luci.git;$BRANCH
|
||||
EOF
|
||||
cat feeds.conf
|
||||
./scripts/feeds update -a > /dev/null
|
||||
make defconfig > /dev/null
|
||||
# enable BUILD_LOG
|
||||
sed -i 's/# CONFIG_BUILD_LOG is not set/CONFIG_BUILD_LOG=y/' .config
|
||||
|
||||
- run:
|
||||
name: Install & download source, check package, compile
|
||||
working_directory: ~/build_dir
|
||||
command: |
|
||||
set +o pipefail
|
||||
PKGS=$(cd ~/openwrt_packages; git diff --diff-filter=d --name-only "origin/$BRANCH..." | grep 'Makefile$' | grep -Ev '/files/|/src/' | awk -F/ '{ print $(NF-1) }')
|
||||
if [ -z "$PKGS" ] ; then
|
||||
echo_blue "WARNING: No new or modified packages found!"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
echo_blue "=== Found new/modified packages: $PKGS"
|
||||
for PKG in $PKGS ; do
|
||||
echo_blue "===+ Install: $PKG"
|
||||
./scripts/feeds install "$PKG"
|
||||
|
||||
echo_blue "===+ Download: $PKG"
|
||||
make "package/$PKG/download" V=s
|
||||
|
||||
echo_blue "===+ Check package: $PKG"
|
||||
make "package/$PKG/check" V=s 2>&1 | tee logtmp
|
||||
RET=${PIPESTATUS[0]}
|
||||
|
||||
if [ $RET -ne 0 ]; then
|
||||
echo_red "=> Package check failed: $RET)"
|
||||
exit $RET
|
||||
fi
|
||||
|
||||
badhash_msg="HASH does not match "
|
||||
badhash_msg+="|HASH uses deprecated hash,"
|
||||
badhash_msg+="|HASH is missing,"
|
||||
if grep -qE "$badhash_msg" logtmp; then
|
||||
echo_red "=> Package HASH check failed"
|
||||
exit 1
|
||||
fi
|
||||
echo_green "=> Package check OK"
|
||||
done
|
||||
|
||||
make \
|
||||
-f .config \
|
||||
-f tmp/.packagedeps \
|
||||
-f <(echo '$(info $(sort $(package-y) $(package-m)))'; echo -en 'a:\n\t@:') \
|
||||
| tr ' ' '\n' >enabled-package-subdirs.txt
|
||||
for PKG in $PKGS ; do
|
||||
if ! grep -m1 -qE "(^|/)$PKG$" enabled-package-subdirs.txt; then
|
||||
echo_red "===+ Building: $PKG skipped. It cannot be enabled with $SDK_FILE"
|
||||
continue
|
||||
fi
|
||||
echo_blue "===+ Building: $PKG"
|
||||
make "package/$PKG/compile" -j3 V=s || {
|
||||
RET=$?
|
||||
echo_red "===+ Building: $PKG failed, rebuilding with -j1 for human readable error log"
|
||||
make "package/$PKG/compile" -j1 V=s; exit $RET
|
||||
}
|
||||
done
|
||||
|
||||
- store_artifacts:
|
||||
path: ~/build_dir/logs
|
||||
|
||||
- store_artifacts:
|
||||
path: ~/build_dir/bin
|
||||
|
||||
workflows:
|
||||
version: 2
|
||||
buildpr:
|
||||
jobs:
|
||||
- build:
|
||||
filters:
|
||||
branches:
|
||||
ignore: master
|
|
@ -1,8 +1,8 @@
|
|||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=syslog-ng
|
||||
PKG_VERSION:=4.6.0
|
||||
PKG_RELEASE:=2
|
||||
PKG_VERSION:=4.7.1
|
||||
PKG_RELEASE:=1
|
||||
|
||||
PKG_MAINTAINER:=Josef Schlehofer <pepe.schlehofer@gmail.com>
|
||||
PKG_LICENSE:=LGPL-2.1-or-later GPL-2.0-or-later
|
||||
|
@ -11,7 +11,7 @@ PKG_CPE_ID:=cpe:/a:balabit:syslog-ng
|
|||
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
||||
PKG_SOURCE_URL:=https://github.com/syslog-ng/syslog-ng/releases/download/$(PKG_NAME)-$(PKG_VERSION)/
|
||||
PKG_HASH:=b69e3360dfb96a754a4e1cbead4daef37128b1152a23572356db4ab64a475d4f
|
||||
PKG_HASH:=5477189a2d12325aa4faebfcf59f5bdd9084234732f0c3ec16dd253847dacf1c
|
||||
|
||||
PKG_BUILD_PARALLEL:=1
|
||||
PKG_INSTALL:=1
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# Collect all local logs into a single file /var/log/messages.
|
||||
# See https://www.syslog-ng.com/technical-documents/list/syslog-ng-open-source-edition
|
||||
|
||||
@version: 4.6
|
||||
@version: 4.7
|
||||
@include "scl.conf"
|
||||
|
||||
options {
|
||||
|
|
|
@ -0,0 +1,165 @@
|
|||
#
|
||||
# Copyright (C) 2006-2023 OpenWrt.org
|
||||
#
|
||||
# This is free software, licensed under the GNU General Public License v2.
|
||||
# See /LICENSE for more information.
|
||||
#
|
||||
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=lua
|
||||
PKG_VERSION:=5.4.6
|
||||
PKG_RELEASE:=1
|
||||
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
||||
PKG_SOURCE_URL:=https://www.lua.org/ftp/ \
|
||||
https://www.tecgraf.puc-rio.br/lua/ftp/
|
||||
PKG_HASH:=7d5ea1b9cb6aa0b59ca3dde1c6adcb57ef83a1ba8e5432c0ecd06bf439b3ad88
|
||||
PKG_BUILD_PARALLEL:=1
|
||||
|
||||
PKG_MAINTAINER:=Christian Marangi <ansuelsmth@gmail.com>
|
||||
|
||||
PKG_LICENSE:=MIT
|
||||
PKG_LICENSE_FILES:=COPYRIGHT
|
||||
PKG_CPE_ID:=cpe:/a:lua:lua
|
||||
|
||||
HOST_PATCH_DIR := ./patches-host
|
||||
|
||||
include $(INCLUDE_DIR)/package.mk
|
||||
include $(INCLUDE_DIR)/host-build.mk
|
||||
|
||||
define Package/lua5.4/Default
|
||||
SUBMENU:=Lua
|
||||
SECTION:=lang
|
||||
CATEGORY:=Languages
|
||||
TITLE:=Lua programming language (version 5.4)
|
||||
URL:=https://www.lua.org/
|
||||
endef
|
||||
|
||||
define Package/lua5.4/Default/description
|
||||
Lua is a powerful, efficient, lightweight, embeddable scripting language. It
|
||||
supports procedural programming, object-oriented programming, functional
|
||||
programming, data-driven programming, and data description.
|
||||
endef
|
||||
|
||||
define Package/liblua5.4
|
||||
$(call Package/lua5.4/Default)
|
||||
SUBMENU:=
|
||||
SECTION:=libs
|
||||
CATEGORY:=Libraries
|
||||
TITLE+= (libraries)
|
||||
ABI_VERSION:=5.4
|
||||
endef
|
||||
|
||||
define Package/liblua5.4/description
|
||||
$(call Package/lua5.4/Default/description)
|
||||
This package contains the Lua shared libraries, needed by other programs.
|
||||
endef
|
||||
|
||||
define Package/lua5.4
|
||||
$(call Package/lua5.4/Default)
|
||||
DEPENDS:=+liblua5.4
|
||||
TITLE+= (interpreter)
|
||||
endef
|
||||
|
||||
define Package/lua5.4/description
|
||||
$(call Package/lua5.4/Default/description)
|
||||
This package contains the Lua language interpreter.
|
||||
endef
|
||||
|
||||
define Package/luac5.4
|
||||
$(call Package/lua5.4/Default)
|
||||
DEPENDS:=+liblua5.4
|
||||
TITLE+= (compiler)
|
||||
endef
|
||||
|
||||
define Package/luac5.4/description
|
||||
$(call Package/lua5.4/Default/description)
|
||||
This package contains the Lua language compiler.
|
||||
endef
|
||||
|
||||
define Build/Prepare
|
||||
$(call Build/Prepare/Default)
|
||||
mv $(PKG_BUILD_DIR)/doc/lua.1 $(PKG_BUILD_DIR)/doc/lua5.4.1
|
||||
mv $(PKG_BUILD_DIR)/doc/luac.1 $(PKG_BUILD_DIR)/doc/luac5.4.1
|
||||
endef
|
||||
|
||||
TARGET_CFLAGS += -DLUA_USE_LINUX $(FPIC) -std=gnu99
|
||||
|
||||
define Build/Compile
|
||||
$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \
|
||||
CC="$(TARGET_CROSS)gcc" \
|
||||
AR="$(TARGET_CROSS)ar rcu" \
|
||||
RANLIB="$(TARGET_CROSS)ranlib" \
|
||||
INSTALL_ROOT=/usr \
|
||||
CFLAGS="$(TARGET_CPPFLAGS) $(TARGET_CFLAGS)" \
|
||||
PKG_VERSION=$(PKG_VERSION) \
|
||||
linux
|
||||
rm -rf $(PKG_INSTALL_DIR)
|
||||
mkdir -p $(PKG_INSTALL_DIR)
|
||||
$(MAKE) -C $(PKG_BUILD_DIR) \
|
||||
INSTALL_TOP="$(PKG_INSTALL_DIR)/usr" \
|
||||
install
|
||||
endef
|
||||
|
||||
define Host/Prepare
|
||||
$(call Host/Prepare/Default)
|
||||
mv $(HOST_BUILD_DIR)/doc/lua.1 $(HOST_BUILD_DIR)/doc/lua5.4.1
|
||||
mv $(HOST_BUILD_DIR)/doc/luac.1 $(HOST_BUILD_DIR)/doc/luac5.4.1
|
||||
endef
|
||||
|
||||
define Host/Configure
|
||||
$(SED) 's,"/usr/local/","$(STAGING_DIR_HOSTPKG)/",' $(HOST_BUILD_DIR)/src/luaconf.h
|
||||
endef
|
||||
|
||||
ifeq ($(HOST_OS),Darwin)
|
||||
LUA_OS:=macosx
|
||||
else
|
||||
ifeq ($(HOST_OS),FreeBSD)
|
||||
LUA_OS:=freebsd
|
||||
else
|
||||
LUA_OS:=linux
|
||||
endif
|
||||
endif
|
||||
|
||||
define Host/Compile
|
||||
$(MAKE) -C $(HOST_BUILD_DIR) \
|
||||
CC="$(HOSTCC) $(HOST_FPIC) -std=gnu99" \
|
||||
$(LUA_OS)
|
||||
endef
|
||||
|
||||
define Host/Install
|
||||
$(MAKE) -C $(HOST_BUILD_DIR) \
|
||||
INSTALL_TOP="$(STAGING_DIR_HOSTPKG)" \
|
||||
install
|
||||
endef
|
||||
|
||||
define Build/InstallDev
|
||||
$(INSTALL_DIR) $(1)/usr/include/lua5.4 $(1)/usr/lib
|
||||
$(CP) $(PKG_INSTALL_DIR)/usr/include/lua5.4/lua{,lib,conf}.h $(1)/usr/include/lua5.4/
|
||||
$(CP) $(PKG_INSTALL_DIR)/usr/include/lua5.4/lua.hpp $(1)/usr/include/lua5.4/
|
||||
$(CP) $(PKG_INSTALL_DIR)/usr/include/lua5.4/lauxlib.h $(1)/usr/include/lua5.4/
|
||||
$(INSTALL_DIR) $(1)/usr/lib
|
||||
$(CP) $(PKG_INSTALL_DIR)/usr/lib/liblua5.4.{a,so*} $(1)/usr/lib/
|
||||
$(LN) liblua5.4.so.0.0.0 $(1)/usr/lib/liblualib5.4.so
|
||||
endef
|
||||
|
||||
define Package/liblua5.4/install
|
||||
$(INSTALL_DIR) $(1)/usr/lib
|
||||
$(CP) $(PKG_INSTALL_DIR)/usr/lib/liblua5.4.so* $(1)/usr/lib/
|
||||
endef
|
||||
|
||||
define Package/lua5.4/install
|
||||
$(INSTALL_DIR) $(1)/usr/bin
|
||||
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/lua5.4 $(1)/usr/bin/
|
||||
endef
|
||||
|
||||
define Package/luac5.4/install
|
||||
$(INSTALL_DIR) $(1)/usr/bin
|
||||
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/luac5.4 $(1)/usr/bin/
|
||||
endef
|
||||
|
||||
$(eval $(call BuildPackage,liblua5.4))
|
||||
$(eval $(call BuildPackage,lua5.4))
|
||||
$(eval $(call BuildPackage,luac5.4))
|
||||
$(eval $(call HostBuild))
|
|
@ -0,0 +1,65 @@
|
|||
From 96576b44a1b368bd6590eb0778ae45cc9ccede3f Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Rafa=C5=82=20Mi=C5=82ecki?= <rafal@milecki.pl>
|
||||
Date: Fri, 21 Jun 2019 14:08:38 +0200
|
||||
Subject: [PATCH] include version number
|
||||
|
||||
Including it allows multiple lua versions to coexist.
|
||||
|
||||
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
||||
---
|
||||
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -12,7 +12,7 @@ PLAT= guess
|
||||
# LUA_ROOT, LUA_LDIR, and LUA_CDIR in luaconf.h.
|
||||
INSTALL_TOP= /usr/local
|
||||
INSTALL_BIN= $(INSTALL_TOP)/bin
|
||||
-INSTALL_INC= $(INSTALL_TOP)/include
|
||||
+INSTALL_INC= $(INSTALL_TOP)/include/lua$V
|
||||
INSTALL_LIB= $(INSTALL_TOP)/lib
|
||||
INSTALL_MAN= $(INSTALL_TOP)/man/man1
|
||||
INSTALL_LMOD= $(INSTALL_TOP)/share/lua/$V
|
||||
@@ -39,10 +39,10 @@ RM= rm -f
|
||||
PLATS= guess aix bsd c89 freebsd generic ios linux linux-readline macosx mingw posix solaris
|
||||
|
||||
# What to install.
|
||||
-TO_BIN= lua luac
|
||||
+TO_BIN= lua$V luac$V
|
||||
TO_INC= lua.h luaconf.h lualib.h lauxlib.h lua.hpp
|
||||
-TO_LIB= liblua.a
|
||||
-TO_MAN= lua.1 luac.1
|
||||
+TO_LIB= liblua$V.a
|
||||
+TO_MAN= lua$V.1 luac$V.1
|
||||
|
||||
# Lua version and release.
|
||||
V= 5.4
|
||||
@@ -52,7 +52,7 @@ R= $V.6
|
||||
all: $(PLAT)
|
||||
|
||||
$(PLATS) help test clean:
|
||||
- @cd src && $(MAKE) $@
|
||||
+ @cd src && $(MAKE) $@ V=$V
|
||||
|
||||
install: dummy
|
||||
cd src && $(MKDIR) $(INSTALL_BIN) $(INSTALL_INC) $(INSTALL_LIB) $(INSTALL_MAN) $(INSTALL_LMOD) $(INSTALL_CMOD)
|
||||
--- a/src/Makefile
|
||||
+++ b/src/Makefile
|
||||
@@ -32,15 +32,15 @@ CMCFLAGS=
|
||||
|
||||
PLATS= guess aix bsd c89 freebsd generic ios linux linux-readline macosx mingw posix solaris
|
||||
|
||||
-LUA_A= liblua.a
|
||||
+LUA_A= liblua$V.a
|
||||
CORE_O= lapi.o lcode.o lctype.o ldebug.o ldo.o ldump.o lfunc.o lgc.o llex.o lmem.o lobject.o lopcodes.o lparser.o lstate.o lstring.o ltable.o ltm.o lundump.o lvm.o lzio.o
|
||||
LIB_O= lauxlib.o lbaselib.o lcorolib.o ldblib.o liolib.o lmathlib.o loadlib.o loslib.o lstrlib.o ltablib.o lutf8lib.o linit.o
|
||||
BASE_O= $(CORE_O) $(LIB_O) $(MYOBJS)
|
||||
|
||||
-LUA_T= lua
|
||||
+LUA_T= lua$V
|
||||
LUA_O= lua.o
|
||||
|
||||
-LUAC_T= luac
|
||||
+LUAC_T= luac$V
|
||||
LUAC_O= luac.o
|
||||
|
||||
ALL_O= $(BASE_O) $(LUA_O) $(LUAC_O)
|
|
@ -0,0 +1,27 @@
|
|||
--- a/src/Makefile
|
||||
+++ b/src/Makefile
|
||||
@@ -126,7 +126,7 @@ c89:
|
||||
@echo ''
|
||||
|
||||
FreeBSD NetBSD OpenBSD freebsd:
|
||||
- $(MAKE) $(ALL) SYSCFLAGS="-DLUA_USE_LINUX -DLUA_USE_READLINE -I/usr/include/edit" SYSLIBS="-Wl,-E -ledit" CC="cc"
|
||||
+ $(MAKE) $(ALL) SYSCFLAGS="-DLUA_USE_LINUX $(if $(USE_READLINE), -DLUA_USE_READLINE) -I/usr/include/edit" SYSLIBS="-Wl,-E -ledit" CC="cc"
|
||||
|
||||
generic: $(ALL)
|
||||
|
||||
@@ -136,13 +136,13 @@ ios:
|
||||
Linux linux: linux-noreadline
|
||||
|
||||
linux-noreadline:
|
||||
- $(MAKE) $(ALL) SYSCFLAGS="-DLUA_USE_LINUX" SYSLIBS="-Wl,-E -ldl"
|
||||
+ $(MAKE) $(ALL) SYSCFLAGS="-DLUA_USE_LINUX $(if $(USE_READLINE), -DLUA_USE_READLINE)" SYSLIBS="-Wl,-E -ldl $(if $(USE_READLINE), -lreadline)"
|
||||
|
||||
linux-readline:
|
||||
$(MAKE) $(ALL) SYSCFLAGS="-DLUA_USE_LINUX -DLUA_USE_READLINE" SYSLIBS="-Wl,-E -ldl -lreadline"
|
||||
|
||||
Darwin macos macosx:
|
||||
- $(MAKE) $(ALL) SYSCFLAGS="-DLUA_USE_MACOSX -DLUA_USE_READLINE" SYSLIBS="-lreadline"
|
||||
+ $(MAKE) $(ALL) SYSCFLAGS="-DLUA_USE_MACOSX $(if $(USE_READLINE), -DLUA_USE_READLINE)" SYSLIBS="$(if $(USE_READLINE), -lreadline)"
|
||||
|
||||
mingw:
|
||||
$(MAKE) "LUA_A=lua54.dll" "LUA_T=lua.exe" \
|
|
@ -0,0 +1,65 @@
|
|||
From 96576b44a1b368bd6590eb0778ae45cc9ccede3f Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Rafa=C5=82=20Mi=C5=82ecki?= <rafal@milecki.pl>
|
||||
Date: Fri, 21 Jun 2019 14:08:38 +0200
|
||||
Subject: [PATCH] include version number
|
||||
|
||||
Including it allows multiple lua versions to coexist.
|
||||
|
||||
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
||||
---
|
||||
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -12,7 +12,7 @@ PLAT= guess
|
||||
# LUA_ROOT, LUA_LDIR, and LUA_CDIR in luaconf.h.
|
||||
INSTALL_TOP= /usr/local
|
||||
INSTALL_BIN= $(INSTALL_TOP)/bin
|
||||
-INSTALL_INC= $(INSTALL_TOP)/include
|
||||
+INSTALL_INC= $(INSTALL_TOP)/include/lua$V
|
||||
INSTALL_LIB= $(INSTALL_TOP)/lib
|
||||
INSTALL_MAN= $(INSTALL_TOP)/man/man1
|
||||
INSTALL_LMOD= $(INSTALL_TOP)/share/lua/$V
|
||||
@@ -39,10 +39,10 @@ RM= rm -f
|
||||
PLATS= guess aix bsd c89 freebsd generic ios linux linux-readline macosx mingw posix solaris
|
||||
|
||||
# What to install.
|
||||
-TO_BIN= lua luac
|
||||
+TO_BIN= lua$V luac$V
|
||||
TO_INC= lua.h luaconf.h lualib.h lauxlib.h lua.hpp
|
||||
-TO_LIB= liblua.a
|
||||
-TO_MAN= lua.1 luac.1
|
||||
+TO_LIB= liblua$V.a
|
||||
+TO_MAN= lua$V.1 luac$V.1
|
||||
|
||||
# Lua version and release.
|
||||
V= 5.4
|
||||
@@ -52,7 +52,7 @@ R= $V.6
|
||||
all: $(PLAT)
|
||||
|
||||
$(PLATS) help test clean:
|
||||
- @cd src && $(MAKE) $@
|
||||
+ @cd src && $(MAKE) $@ V=$V
|
||||
|
||||
install: dummy
|
||||
cd src && $(MKDIR) $(INSTALL_BIN) $(INSTALL_INC) $(INSTALL_LIB) $(INSTALL_MAN) $(INSTALL_LMOD) $(INSTALL_CMOD)
|
||||
--- a/src/Makefile
|
||||
+++ b/src/Makefile
|
||||
@@ -32,15 +32,15 @@ CMCFLAGS=
|
||||
|
||||
PLATS= guess aix bsd c89 freebsd generic ios linux linux-readline macosx mingw posix solaris
|
||||
|
||||
-LUA_A= liblua.a
|
||||
+LUA_A= liblua$V.a
|
||||
CORE_O= lapi.o lcode.o lctype.o ldebug.o ldo.o ldump.o lfunc.o lgc.o llex.o lmem.o lobject.o lopcodes.o lparser.o lstate.o lstring.o ltable.o ltm.o lundump.o lvm.o lzio.o
|
||||
LIB_O= lauxlib.o lbaselib.o lcorolib.o ldblib.o liolib.o lmathlib.o loadlib.o loslib.o lstrlib.o ltablib.o lutf8lib.o linit.o
|
||||
BASE_O= $(CORE_O) $(LIB_O) $(MYOBJS)
|
||||
|
||||
-LUA_T= lua
|
||||
+LUA_T= lua$V
|
||||
LUA_O= lua.o
|
||||
|
||||
-LUAC_T= luac
|
||||
+LUAC_T= luac$V
|
||||
LUAC_O= luac.o
|
||||
|
||||
ALL_O= $(BASE_O) $(LUA_O) $(LUAC_O)
|
|
@ -0,0 +1,115 @@
|
|||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -41,7 +41,7 @@ PLATS= guess aix bsd c89 freebsd generic
|
||||
# What to install.
|
||||
TO_BIN= lua$V luac$V
|
||||
TO_INC= lua.h luaconf.h lualib.h lauxlib.h lua.hpp
|
||||
-TO_LIB= liblua$V.a
|
||||
+TO_LIB= liblua$V.a liblua$V.so.0.0.0
|
||||
TO_MAN= lua$V.1 luac$V.1
|
||||
|
||||
# Lua version and release.
|
||||
@@ -59,6 +59,9 @@ install: dummy
|
||||
cd src && $(INSTALL_EXEC) $(TO_BIN) $(INSTALL_BIN)
|
||||
cd src && $(INSTALL_DATA) $(TO_INC) $(INSTALL_INC)
|
||||
cd src && $(INSTALL_DATA) $(TO_LIB) $(INSTALL_LIB)
|
||||
+ ln -s liblua$V.so.0.0.0 $(INSTALL_LIB)/liblua$V.so.0.0
|
||||
+ ln -s liblua$V.so.0.0.0 $(INSTALL_LIB)/liblua$V.so.0
|
||||
+ ln -s liblua$V.so.0.0.0 $(INSTALL_LIB)/liblua$V.so
|
||||
cd doc && $(INSTALL_DATA) $(TO_MAN) $(INSTALL_MAN)
|
||||
|
||||
uninstall:
|
||||
--- a/src/ldebug.h
|
||||
+++ b/src/ldebug.h
|
||||
@@ -36,7 +36,7 @@
|
||||
#endif
|
||||
|
||||
|
||||
-LUAI_FUNC int luaG_getfuncline (const Proto *f, int pc);
|
||||
+LUA_API int luaG_getfuncline (const Proto *f, int pc);
|
||||
LUAI_FUNC const char *luaG_findlocal (lua_State *L, CallInfo *ci, int n,
|
||||
StkId *pos);
|
||||
LUAI_FUNC l_noret luaG_typeerror (lua_State *L, const TValue *o,
|
||||
--- a/src/lstring.h
|
||||
+++ b/src/lstring.h
|
||||
@@ -50,7 +50,7 @@ LUAI_FUNC void luaS_init (lua_State *L);
|
||||
LUAI_FUNC void luaS_remove (lua_State *L, TString *ts);
|
||||
LUAI_FUNC Udata *luaS_newudata (lua_State *L, size_t s, int nuvalue);
|
||||
LUAI_FUNC TString *luaS_newlstr (lua_State *L, const char *str, size_t l);
|
||||
-LUAI_FUNC TString *luaS_new (lua_State *L, const char *str);
|
||||
+LUA_API TString *luaS_new (lua_State *L, const char *str);
|
||||
LUAI_FUNC TString *luaS_createlngstrobj (lua_State *L, size_t l);
|
||||
|
||||
|
||||
--- a/src/lundump.h
|
||||
+++ b/src/lundump.h
|
||||
@@ -30,7 +30,7 @@
|
||||
LUAI_FUNC LClosure* luaU_undump (lua_State* L, ZIO* Z, const char* name);
|
||||
|
||||
/* dump one chunk; from ldump.c */
|
||||
-LUAI_FUNC int luaU_dump (lua_State* L, const Proto* f, lua_Writer w,
|
||||
+LUA_API int luaU_dump (lua_State* L, const Proto* f, lua_Writer w,
|
||||
void* data, int strip);
|
||||
|
||||
#endif
|
||||
--- a/src/lzio.h
|
||||
+++ b/src/lzio.h
|
||||
@@ -44,7 +44,7 @@ typedef struct Mbuffer {
|
||||
#define luaZ_freebuffer(L, buff) luaZ_resizebuffer(L, buff, 0)
|
||||
|
||||
|
||||
-LUAI_FUNC void luaZ_init (lua_State *L, ZIO *z, lua_Reader reader,
|
||||
+LUA_API void luaZ_init (lua_State *L, ZIO *z, lua_Reader reader,
|
||||
void *data);
|
||||
LUAI_FUNC size_t luaZ_read (ZIO* z, void *b, size_t n); /* read next n bytes */
|
||||
|
||||
--- a/src/Makefile
|
||||
+++ b/src/Makefile
|
||||
@@ -33,6 +33,7 @@ CMCFLAGS=
|
||||
PLATS= guess aix bsd c89 freebsd generic ios linux linux-readline macosx mingw posix solaris
|
||||
|
||||
LUA_A= liblua$V.a
|
||||
+LUA_SO= liblua$V.so.0.0.0
|
||||
CORE_O= lapi.o lcode.o lctype.o ldebug.o ldo.o ldump.o lfunc.o lgc.o llex.o lmem.o lobject.o lopcodes.o lparser.o lstate.o lstring.o ltable.o ltm.o lundump.o lvm.o lzio.o
|
||||
LIB_O= lauxlib.o lbaselib.o lcorolib.o ldblib.o liolib.o lmathlib.o loadlib.o loslib.o lstrlib.o ltablib.o lutf8lib.o linit.o
|
||||
BASE_O= $(CORE_O) $(LIB_O) $(MYOBJS)
|
||||
@@ -44,8 +45,9 @@ LUAC_T= luac$V
|
||||
LUAC_O= luac.o
|
||||
|
||||
ALL_O= $(BASE_O) $(LUA_O) $(LUAC_O)
|
||||
-ALL_T= $(LUA_A) $(LUA_T) $(LUAC_T)
|
||||
+ALL_T= $(LUA_A) $(LUA_SO) $(LUA_T) $(LUAC_T)
|
||||
ALL_A= $(LUA_A)
|
||||
+ALL_SO= $(LUA_SO)
|
||||
|
||||
# Targets start here.
|
||||
default: $(PLAT)
|
||||
@@ -56,14 +58,25 @@ o: $(ALL_O)
|
||||
|
||||
a: $(ALL_A)
|
||||
|
||||
+so: $(ALL_SO)
|
||||
+
|
||||
$(LUA_A): $(BASE_O)
|
||||
$(AR) $@ $(BASE_O)
|
||||
$(RANLIB) $@
|
||||
|
||||
-$(LUA_T): $(LUA_O) $(LUA_A)
|
||||
- $(CC) -o $@ $(LDFLAGS) $(LUA_O) $(LUA_A) $(LIBS)
|
||||
+$(LUA_SO): $(CORE_O) $(LIB_O)
|
||||
+ $(CC) -o $@ -Wl,-Bsymbolic-functions -shared -Wl,-soname="$@" $?
|
||||
+ ln -fs $@ liblua$V.so.0.0
|
||||
+ ln -fs $@ liblua$V.so.0
|
||||
+ ln -fs $@ liblua$V.so
|
||||
+
|
||||
+$(LUA_T): $(LUA_O) $(LUA_SO)
|
||||
+ $(CC) -o $@ -L. -llua$V $(MYLDFLAGS) $(LUA_O) $(LIBS)
|
||||
+
|
||||
+$(LUAC_T): $(LUAC_O) $(LUA_SO)
|
||||
+ $(CC) -o $@ -L. -llua$V $(MYLDFLAGS) $(LUAC_O) $(LIBS)
|
||||
|
||||
-$(LUAC_T): $(LUAC_O) $(LUA_A)
|
||||
+$(LUAC_T)-host: $(LUAC_O) $(LUA_A)
|
||||
$(CC) -o $@ $(LDFLAGS) $(LUAC_O) $(LUA_A) $(LIBS)
|
||||
|
||||
test:
|
|
@ -0,0 +1,27 @@
|
|||
--- a/src/Makefile
|
||||
+++ b/src/Makefile
|
||||
@@ -126,7 +126,7 @@ c89:
|
||||
@echo ''
|
||||
|
||||
FreeBSD NetBSD OpenBSD freebsd:
|
||||
- $(MAKE) $(ALL) SYSCFLAGS="-DLUA_USE_LINUX -DLUA_USE_READLINE -I/usr/include/edit" SYSLIBS="-Wl,-E -ledit" CC="cc"
|
||||
+ $(MAKE) $(ALL) SYSCFLAGS="-DLUA_USE_LINUX $(if $(USE_READLINE), -DLUA_USE_READLINE) -I/usr/include/edit" SYSLIBS="-Wl,-E -ledit" CC="cc"
|
||||
|
||||
generic: $(ALL)
|
||||
|
||||
@@ -136,13 +136,13 @@ ios:
|
||||
Linux linux: linux-noreadline
|
||||
|
||||
linux-noreadline:
|
||||
- $(MAKE) $(ALL) SYSCFLAGS="-DLUA_USE_LINUX" SYSLIBS="-Wl,-E -ldl"
|
||||
+ $(MAKE) $(ALL) SYSCFLAGS="-DLUA_USE_LINUX $(if $(USE_READLINE), -DLUA_USE_READLINE)" SYSLIBS="-Wl,-E -ldl $(if $(USE_READLINE), -lreadline)"
|
||||
|
||||
linux-readline:
|
||||
$(MAKE) $(ALL) SYSCFLAGS="-DLUA_USE_LINUX -DLUA_USE_READLINE" SYSLIBS="-Wl,-E -ldl -lreadline"
|
||||
|
||||
Darwin macos macosx:
|
||||
- $(MAKE) $(ALL) SYSCFLAGS="-DLUA_USE_MACOSX -DLUA_USE_READLINE" SYSLIBS="-lreadline"
|
||||
+ $(MAKE) $(ALL) SYSCFLAGS="-DLUA_USE_MACOSX $(if $(USE_READLINE), -DLUA_USE_READLINE)" SYSLIBS="$(if $(USE_READLINE), -lreadline)"
|
||||
|
||||
mingw:
|
||||
$(MAKE) "LUA_A=lua54.dll" "LUA_T=lua.exe" \
|
|
@ -6,7 +6,7 @@ include $(TOPDIR)/rules.mk
|
|||
|
||||
PKG_NAME:=banip
|
||||
PKG_VERSION:=0.9.5
|
||||
PKG_RELEASE:=2
|
||||
PKG_RELEASE:=3
|
||||
PKG_LICENSE:=GPL-3.0-or-later
|
||||
PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>
|
||||
|
||||
|
|
|
@ -15,7 +15,7 @@ IP address blocking is commonly used to protect against brute force attacks, pre
|
|||
| adguard | adguard IPs | | | x | tcp: 80, 443 | [Link](https://github.com/dibdot/banIP-IP-blocklists) |
|
||||
| adguardtrackers | adguardtracker IPs | | | x | tcp: 80, 443 | [Link](https://github.com/dibdot/banIP-IP-blocklists) |
|
||||
| antipopads | antipopads IPs | | | x | tcp: 80, 443 | [Link](https://github.com/dibdot/banIP-IP-blocklists) |
|
||||
| asn | ASN segments | | | x | tcp: 80, 443 | [Link](https://asn.ipinfo.app) |
|
||||
| asn | ASN segments | x | x | x | | [Link](https://asn.ipinfo.app) |
|
||||
| backscatterer | backscatterer IPs | x | x | | | [Link](https://www.uceprotect.net/en/index.php) |
|
||||
| becyber | malicious attacker IPs | x | x | | | [Link](https://github.com/duggytuxy/malicious_ip_addresses) |
|
||||
| binarydefense | binary defense banlist | x | x | | | [Link](https://iplists.firehol.org/?ipset=bds_atif) |
|
||||
|
@ -114,7 +114,7 @@ IP address blocking is commonly used to protect against brute force attacks, pre
|
|||
* It's strongly recommended to use the LuCI frontend to easily configure all aspects of banIP, the application is located in LuCI under the 'Services' menu
|
||||
* If you're using a complex network setup, e.g. special tunnel interfaces, than untick the 'Auto Detection' option under the 'General Settings' tab and set the required options manually
|
||||
* Start the service with '/etc/init.d/banip start' and check everything is working by running '/etc/init.d/banip status' and also check the 'Firewall Log' and 'Processing Log' tabs
|
||||
* If you're going to configure banIP via CLI, edit the config file '/etc/config/banip' and enable the service (set ban\_enabled to '1'), then add pre-configured feeds via 'ban\_feed' (see the feed list above) and add/change other options to your needs (see the options reference below)
|
||||
* If you're going to configure banIP via CLI, edit the config file '/etc/config/banip' and enable the service (set ban\_enabled to '1'), then add pre-configured feeds via 'ban\_feed' (see the feed list above) and add/change other options to your needs, see the options reference table below
|
||||
|
||||
## banIP CLI interface
|
||||
* All important banIP functions are accessible via CLI.
|
||||
|
@ -428,12 +428,12 @@ A valid JSON source object contains the following information, e.g.:
|
|||
"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)$/{printf \"%s,\\n\",$1}",
|
||||
"rule_6": "/^(([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\\/(1?[0-2][0-8]|[0-9][0-9]))?)$/{printf \"%s,\\n\",$1}",
|
||||
"descr": "tor exit nodes",
|
||||
"flag": "tcp 80-89 443"
|
||||
"flag": "gz tcp 80-88 udp 50000"
|
||||
},
|
||||
[...]
|
||||
```
|
||||
Add an unique feed name (no spaces, no special chars) and make the required changes: adapt at least the URL, the regex and the description for a new feed.
|
||||
Please note: the flag field is optional, it's a space separated list of options: supported are 'gz' as an archive format, protocols 'tcp' or 'udp' with port numbers/port ranges for destination port limitations.
|
||||
Please note: the flag field is optional, it's a space separated list of options: supported are 'gz' as an archive format, protocols 'tcp' or 'udp' with port numbers/port ranges for destination port limitations - multiple definitions are possible.
|
||||
|
||||
## Support
|
||||
Please join the banIP discussion in this [forum thread](https://forum.openwrt.org/t/banip-support-thread/16985) or contact me by mail <dev@brenken.org>
|
||||
|
|
|
@ -595,24 +595,30 @@ f_etag() {
|
|||
# build initial nft file with base table, chains and rules
|
||||
#
|
||||
f_nftinit() {
|
||||
local wan_dev vlan_allow vlan_block log_ct log_icmp log_syn log_udp log_tcp feed_log feed_rc allow_proto allow_dport flag file="${1}"
|
||||
local wan_dev vlan_allow vlan_block log_ct log_icmp log_syn log_udp log_tcp feed_log feed_rc flag tmp_proto tmp_port allow_dport file="${1}"
|
||||
|
||||
wan_dev="$(printf "%s" "${ban_dev}" | "${ban_sedcmd}" 's/^/\"/;s/$/\"/;s/ /\", \"/g')"
|
||||
[ -n "${ban_vlanallow}" ] && vlan_allow="$(printf "%s" "${ban_vlanallow%%?}" | "${ban_sedcmd}" 's/^/\"/;s/$/\"/;s/ /\", \"/g')"
|
||||
[ -n "${ban_vlanblock}" ] && vlan_block="$(printf "%s" "${ban_vlanblock%%?}" | "${ban_sedcmd}" 's/^/\"/;s/$/\"/;s/ /\", \"/g')"
|
||||
|
||||
for flag in ${ban_allowflag}; do
|
||||
if [ -z "${allow_proto}" ] && { [ "${flag}" = "tcp" ] || [ "${flag}" = "udp" ]; }; then
|
||||
allow_proto="${flag}"
|
||||
elif [ -n "${allow_proto}" ] && [ -n "${flag//[![:digit]-]/}" ] && ! printf "%s" "${allow_dport}" | "${ban_grepcmd}" -qw "${flag}"; then
|
||||
if [ -z "${allow_dport}" ]; then
|
||||
allow_dport="${flag}"
|
||||
else
|
||||
allow_dport="${allow_dport}, ${flag}"
|
||||
if [ "${flag}" = "tcp" ] || [ "${flag}" = "udp" ]; then
|
||||
if [ -z "${tmp_proto}" ]; then
|
||||
tmp_proto="${flag}"
|
||||
elif ! printf "%s" "${tmp_proto}" | "${ban_grepcmd}" -qw "${flag}"; then
|
||||
tmp_proto="${tmp_proto}, ${flag}"
|
||||
fi
|
||||
elif [ -n "${flag//[![:digit]-]/}" ]; then
|
||||
if [ -z "${tmp_port}" ]; then
|
||||
tmp_port="${flag}"
|
||||
elif ! printf "%s" "${tmp_port}" | "${ban_grepcmd}" -qw "${flag}"; then
|
||||
tmp_port="${tmp_port}, ${flag}"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
[ -n "${allow_dport}" ] && allow_dport="${allow_proto} dport { ${allow_dport} }"
|
||||
if [ -n "${tmp_proto}" ] && [ -n "${tmp_port}" ]; then
|
||||
allow_dport="meta l4proto { ${tmp_proto} } th dport { ${tmp_port} }"
|
||||
fi
|
||||
|
||||
if [ "${ban_logprerouting}" = "1" ]; then
|
||||
log_icmp="log level ${ban_nftloglevel} prefix \"banIP/pre-icmp/drop: \""
|
||||
|
@ -697,7 +703,7 @@ f_nftinit() {
|
|||
#
|
||||
f_down() {
|
||||
local log_input log_forwardwan log_forwardlan start_ts end_ts tmp_raw tmp_load tmp_file split_file ruleset_raw handle rc etag_rc
|
||||
local expr cnt_set cnt_dl restore_rc feed_direction feed_rc feed_log feed_comp feed_proto feed_dport feed_target
|
||||
local expr cnt_set cnt_dl restore_rc feed_direction feed_rc feed_log feed_comp feed_target feed_dport tmp_proto tmp_port flag
|
||||
local feed="${1}" proto="${2}" feed_url="${3}" feed_rule="${4}" feed_flag="${5}"
|
||||
|
||||
start_ts="$(date +%s)"
|
||||
|
@ -756,19 +762,25 @@ f_down() {
|
|||
# prepare feed flags
|
||||
#
|
||||
for flag in ${feed_flag}; do
|
||||
if [ "${flag}" = "gz" ] && ! printf "%s" "${feed_comp}" | "${ban_grepcmd}" -qw "${flag}"; then
|
||||
if [ "${flag}" = "gz" ]; then
|
||||
feed_comp="${flag}"
|
||||
elif [ -z "${feed_proto}" ] && { [ "${flag}" = "tcp" ] || [ "${flag}" = "udp" ]; }; then
|
||||
feed_proto="${flag}"
|
||||
elif [ -n "${feed_proto}" ] && [ -n "${flag//[![:digit]-]/}" ] && ! printf "%s" "${feed_dport}" | "${ban_grepcmd}" -qw "${flag}"; then
|
||||
if [ -z "${feed_dport}" ]; then
|
||||
feed_dport="${flag}"
|
||||
else
|
||||
feed_dport="${feed_dport}, ${flag}"
|
||||
elif [ "${flag}" = "tcp" ] || [ "${flag}" = "udp" ]; then
|
||||
if [ -z "${tmp_proto}" ]; then
|
||||
tmp_proto="${flag}"
|
||||
elif ! printf "%s" "${tmp_proto}" | "${ban_grepcmd}" -qw "${flag}"; then
|
||||
tmp_proto="${tmp_proto}, ${flag}"
|
||||
fi
|
||||
elif [ -n "${flag//[![:digit]-]/}" ]; then
|
||||
if [ -z "${tmp_port}" ]; then
|
||||
tmp_port="${flag}"
|
||||
elif ! printf "%s" "${tmp_port}" | "${ban_grepcmd}" -qw "${flag}"; then
|
||||
tmp_port="${tmp_port}, ${flag}"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
[ -n "${feed_dport}" ] && feed_dport="${feed_proto} dport { ${feed_dport} }"
|
||||
if [ -n "${tmp_proto}" ] && [ -n "${tmp_port}" ]; then
|
||||
feed_dport="meta l4proto { ${tmp_proto} } th dport { ${tmp_port} }"
|
||||
fi
|
||||
|
||||
# chain/rule maintenance
|
||||
#
|
||||
|
|
|
@ -36,8 +36,7 @@
|
|||
"url_6": "https://asn.ipinfo.app/api/text/list/",
|
||||
"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)$/{printf \"%s,\\n\",$1}",
|
||||
"rule_6": "/^(([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\\/(1?[0-2][0-8]|[0-9][0-9]))?)$/{printf \"%s,\\n\",$1}",
|
||||
"descr": "ASN IP segments",
|
||||
"flag": "tcp 80 443"
|
||||
"descr": "ASN IP segments"
|
||||
},
|
||||
"backscatterer":{
|
||||
"url_4": "http://wget-mirrors.uceprotect.net/rbldnsd-all/ips.backscatterer.org.gz",
|
||||
|
|
|
@ -5,12 +5,12 @@
|
|||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=cloudflared
|
||||
PKG_VERSION:=2024.4.0
|
||||
PKG_VERSION:=2024.4.1
|
||||
PKG_RELEASE:=1
|
||||
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
||||
PKG_SOURCE_URL:=https://codeload.github.com/cloudflare/cloudflared/tar.gz/$(PKG_VERSION)?
|
||||
PKG_HASH:=a68882beb5ec2855a17253a751295c4cc4f8f9ca3b49920ffa7e398995f85055
|
||||
PKG_HASH:=11bed2bd793cc03775aa6270797ed328434bc982e09fd3597e267590f28d2436
|
||||
|
||||
PKG_LICENSE:=Apache-2.0
|
||||
PKG_LICENSE_FILES:=LICENSE
|
||||
|
|
|
@ -0,0 +1,49 @@
|
|||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=hev-socks5-server
|
||||
PKG_VERSION:=2.6.5
|
||||
PKG_RELEASE:=1
|
||||
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
||||
PKG_SOURCE_URL:=https://github.com/heiher/hev-socks5-server/releases/download/$(PKG_VERSION)
|
||||
PKG_HASH:=07d3297483cc624464eec424f7dd27f2028f4f56c70c2c9d0b6902e181a32ccb
|
||||
|
||||
PKG_MAINTAINER:=Ray Wang <r@hev.cc>
|
||||
PKG_LICENSE:=GPL-3.0-only
|
||||
PKG_LICENSE_FILES:=License
|
||||
|
||||
PKG_BUILD_FLAGS:=no-mips16
|
||||
PKG_BUILD_PARALLEL:=1
|
||||
|
||||
include $(INCLUDE_DIR)/package.mk
|
||||
|
||||
define Package/hev-socks5-server
|
||||
SECTION:=net
|
||||
CATEGORY:=Network
|
||||
TITLE:=A high-performance socks5 server for Unix
|
||||
URL:=https://github.com/heiher/hev-socks5-server
|
||||
endef
|
||||
|
||||
MAKE_FLAGS += REV_ID="$(PKG_VERSION)"
|
||||
|
||||
define Package/hev-socks5-server/conffiles
|
||||
/etc/config/hev-socks5-server
|
||||
/etc/hev-socks5-server/
|
||||
endef
|
||||
|
||||
define Package/hev-socks5-server/install
|
||||
$(INSTALL_DIR) $(1)/usr/bin
|
||||
$(INSTALL_BIN) $(PKG_BUILD_DIR)/bin/hev-socks5-server $(1)/usr/bin/
|
||||
|
||||
$(INSTALL_DIR) $(1)/etc/hev-socks5-server/
|
||||
$(INSTALL_CONF) $(PKG_BUILD_DIR)/conf/main.yml $(1)/etc/hev-socks5-server/main.yml
|
||||
$(INSTALL_CONF) $(PKG_BUILD_DIR)/conf/auth.txt $(1)/etc/hev-socks5-server/auth.txt
|
||||
|
||||
$(INSTALL_DIR) $(1)/etc/config/
|
||||
$(INSTALL_CONF) ./files/hev-socks5-server.config $(1)/etc/config/hev-socks5-server
|
||||
|
||||
$(INSTALL_DIR) $(1)/etc/init.d/
|
||||
$(INSTALL_BIN) ./files/hev-socks5-server.init $(1)/etc/init.d/hev-socks5-server
|
||||
endef
|
||||
|
||||
$(eval $(call BuildPackage,hev-socks5-server))
|
|
@ -0,0 +1,3 @@
|
|||
config hev-socks5-server 'config'
|
||||
option enabled '0'
|
||||
option conffile '/etc/hev-socks5-server/main.yml'
|
|
@ -0,0 +1,34 @@
|
|||
#!/bin/sh /etc/rc.common
|
||||
|
||||
USE_PROCD=1
|
||||
START=99
|
||||
|
||||
CONF="hev-socks5-server"
|
||||
PROG="/usr/bin/hev-socks5-server"
|
||||
|
||||
start_service() {
|
||||
config_load "$CONF"
|
||||
|
||||
local enabled
|
||||
config_get_bool enabled "config" "enabled" "0"
|
||||
[ "$enabled" -eq "1" ] || return 1
|
||||
|
||||
local conffile
|
||||
config_get conffile "config" "conffile"
|
||||
|
||||
procd_open_instance "$CONF"
|
||||
procd_set_param command "$PROG" "$conffile"
|
||||
procd_set_param file "$conffile"
|
||||
|
||||
procd_set_param limits core="unlimited"
|
||||
procd_set_param limits nofile="1000000 1000000"
|
||||
procd_set_param stdout 1
|
||||
procd_set_param stderr 1
|
||||
procd_set_param respawn
|
||||
|
||||
procd_close_instance
|
||||
}
|
||||
|
||||
service_triggers() {
|
||||
procd_add_reload_trigger "$CONF"
|
||||
}
|
|
@ -0,0 +1,3 @@
|
|||
#!/bin/sh
|
||||
|
||||
"$1" 2>&1 | grep "$2"
|
|
@ -1,28 +1,35 @@
|
|||
# [Jool](https://www.jool.mx)
|
||||
# [Jool](https://nicmx.github.io/Jool/en/index.html)
|
||||
|
||||
## Documentation
|
||||
|
||||
[See here](https://www.jool.mx/en/documentation.html).
|
||||
[See here](https://nicmx.github.io/Jool/en/documentation.html).
|
||||
|
||||
You might also want to see [contact info](https://www.jool.mx/en/contact.html).
|
||||
You might also want to see [contact info](https://nicmx.github.io/Jool/en/contact.html).
|
||||
|
||||
## Usage
|
||||
|
||||
### Start script
|
||||
|
||||
This package includes a start script that will:
|
||||
1. Read the configuration file `/etc/config/jool`
|
||||
2. Determine what services are active
|
||||
3. Run jool with procd
|
||||
|
||||
For now this means that:
|
||||
* The services will be disabled by default in the uci config `(/etc/config/jool)`
|
||||
* The only uci configuration support available for the package is to enable or disable each instance or the entire deamon
|
||||
* There is no uci support and configuration will be saved at `/etc/jool/*
|
||||
* Only one instance of jool(nat64) can run with the boot script
|
||||
* Only one instance of jool(siit) can run with the boot script
|
||||
* For now there is no way of overriding of the configuration file's paths
|
||||
1. Read the configuration file `/etc/config/jool`
|
||||
2. Determine what services are active
|
||||
3. Run `jool` with procd
|
||||
|
||||
The configuration files the startup script useses for each jool instance are:
|
||||
* jool(nat64): `/etc/jool/jool-nat64.conf.json`
|
||||
* jool(siit): `/etc/jool/jool-siit.conf.json`
|
||||
### For now this means that
|
||||
|
||||
- The services will be disabled by default in the uci config `(/etc/config/jool)`
|
||||
- The only uci configuration support available for the package is to enable or disable each instance or the entire deamon
|
||||
- There is no uci support and configuration will be saved at `/etc/jool/`
|
||||
- Only one instance of jool(nat64) can run with the boot script
|
||||
- Only one instance of jool(siit) can run with the boot script
|
||||
- For now there is no way of overriding of the configuration file's paths
|
||||
|
||||
The configuration files the startup script uses for each jool instance are:
|
||||
|
||||
- jool(nat64): `/etc/jool/jool-nat64.conf.json`
|
||||
- jool(siit): `/etc/jool/jool-siit.conf.json`
|
||||
|
||||
### OpenWrt tutorial
|
||||
|
||||
For a more detailed tutorial refer to this [wiki page](https://openwrt.org/docs/guide-user/network/ipv6/nat64).
|
||||
|
|
|
@ -6,7 +6,7 @@ include $(TOPDIR)/rules.mk
|
|||
|
||||
PKG_NAME:=librespeed-go
|
||||
PKG_VERSION:=1.1.5
|
||||
PKG_RELEASE:=3
|
||||
PKG_RELEASE:=4
|
||||
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
||||
PKG_SOURCE_URL:=https://codeload.github.com/librespeed/speedtest-go/tar.gz/v$(PKG_VERSION)?
|
||||
|
@ -39,10 +39,10 @@ define Package/librespeed-go
|
|||
endef
|
||||
|
||||
define Package/librespeed-go/description
|
||||
No Flash, No Java, No WebSocket, No Bullshit.
|
||||
|
||||
This is a very lightweight speed test implemented in JavaScript,
|
||||
using XMLHttpRequest and Web Workers.
|
||||
|
||||
No Flash, No Java, No WebSocket, No Bullshit.
|
||||
endef
|
||||
|
||||
define Package/librespeed-go/conffiles
|
||||
|
|
|
@ -8,13 +8,13 @@
|
|||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=nextdns
|
||||
PKG_VERSION:=1.42.0
|
||||
PKG_VERSION:=1.43.1
|
||||
PKG_RELEASE:=1
|
||||
|
||||
PKG_SOURCE:=nextdns-$(PKG_VERSION).tar.gz
|
||||
PKG_SOURCE_VERSION:=v$(PKG_VERSION)
|
||||
PKG_SOURCE_URL:=https://codeload.github.com/nextdns/nextdns/tar.gz/v$(PKG_VERSION)?
|
||||
PKG_HASH:=893692bea9015116d6ce610c94dccf744f3aa29aeb716a15cca17dd6e6b837c1
|
||||
PKG_HASH:=39d6073dc89b2bb91d03c2e9a4b5d6717ed8d6435232c02b18301ea9dfc5a6ad
|
||||
|
||||
PKG_MAINTAINER:=Olivier Poitrey <rs@nextdns.io>
|
||||
PKG_LICENSE:=MIT
|
||||
|
|
|
@ -13,13 +13,14 @@
|
|||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=nmap
|
||||
PKG_VERSION:=7.93
|
||||
PKG_RELEASE:=4
|
||||
PKG_VERSION:=7.95
|
||||
PKG_RELEASE:=1
|
||||
PKG_MAINTAINER:=Nuno Gonçalves <nunojpg@gmail.com>
|
||||
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
|
||||
PKG_SOURCE_URL:=https://nmap.org/dist/
|
||||
PKG_HASH:=55bcfe4793e25acc96ba4274d8c4228db550b8e8efd72004b38ec55a2dd16651
|
||||
PKG_HASH:=e14ab530e47b5afd88f1c8a2bac7f89cd8fe6b478e22d255c5b9bddb7a1c5778
|
||||
|
||||
PKG_LICENSE:=NPSL-0.94-or-NPSL-0.95
|
||||
PKG_LICENSE_FILES:=LICENSE
|
||||
PKG_CPE_ID:=cpe:/a:nmap:nmap
|
||||
|
@ -32,7 +33,7 @@ PYTHON3_PKG_FORCE_DISTUTILS_SETUP:=1
|
|||
include $(INCLUDE_DIR)/package.mk
|
||||
include ../../lang/python/python3-package.mk
|
||||
|
||||
NMAP_DEPENDS:=+libpcap +libstdcpp +zlib +libpcre
|
||||
NMAP_DEPENDS:=+libpcap +libstdcpp +zlib +libpcre2
|
||||
NCAT_DEPENDS:=+libpcap
|
||||
NPING_DEPENDS:=+libpcap +libpthread +libstdcpp
|
||||
SSL_DEPENDS:=+libopenssl +ca-certs
|
||||
|
@ -60,7 +61,7 @@ endef
|
|||
|
||||
define Package/nmap-full
|
||||
$(call Package/nmap/default)
|
||||
DEPENDS:=$(NMAP_DEPENDS) $(SSL_DEPENDS) +liblua5.3 +libssh2
|
||||
DEPENDS:=$(NMAP_DEPENDS) $(SSL_DEPENDS) +liblua5.4 +libssh2
|
||||
VARIANT:=full
|
||||
TITLE:=Nmap (with OpenSSL and scripting support)
|
||||
endef
|
||||
|
@ -81,7 +82,7 @@ endef
|
|||
|
||||
define Package/ncat-full
|
||||
$(call Package/nmap/default)
|
||||
DEPENDS:=$(NCAT_DEPENDS) $(SSL_DEPENDS) +liblua5.3
|
||||
DEPENDS:=$(NCAT_DEPENDS) $(SSL_DEPENDS) +liblua5.4
|
||||
VARIANT:=full
|
||||
TITLE:=Ncat (with OpenSSL and scripting support)
|
||||
endef
|
||||
|
|
|
@ -1,295 +0,0 @@
|
|||
From d6bea8dcdee36a3902cece14097993350306f1b6 Mon Sep 17 00:00:00 2001
|
||||
From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
|
||||
Date: Tue, 6 Sep 2022 22:39:34 +0000
|
||||
Subject: [PATCH] Build based on OpenSSL version, not API level. Fixes #2516
|
||||
|
||||
---
|
||||
ncat/http_digest.c | 2 +-
|
||||
ncat/ncat_connect.c | 4 ++--
|
||||
ncat/ncat_ssl.c | 6 +++---
|
||||
ncat/ncat_ssl.h | 12 ------------
|
||||
ncat/test/test-wildcard.c | 4 ++--
|
||||
nse_openssl.cc | 28 +++++++---------------------
|
||||
nse_ssl_cert.cc | 24 ++++++------------------
|
||||
nsock/src/nsock_ssl.c | 4 ++--
|
||||
nsock/src/nsock_ssl.h | 15 +--------------
|
||||
9 files changed, 24 insertions(+), 75 deletions(-)
|
||||
|
||||
--- a/ncat/http_digest.c
|
||||
+++ b/ncat/http_digest.c
|
||||
@@ -133,7 +133,7 @@ int http_digest_init_secret(void)
|
||||
return 0;
|
||||
}
|
||||
|
||||
-#if OPENSSL_API_LEVEL < 10100
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||
#define EVP_MD_CTX_new EVP_MD_CTX_create
|
||||
#define EVP_MD_CTX_free EVP_MD_CTX_destroy
|
||||
#endif
|
||||
--- a/ncat/ncat_connect.c
|
||||
+++ b/ncat/ncat_connect.c
|
||||
@@ -82,8 +82,8 @@
|
||||
#include <openssl/err.h>
|
||||
|
||||
/* Deprecated in OpenSSL 3.0 */
|
||||
-#if OPENSSL_API_LEVEL >= 30000
|
||||
-#define SSL_get_peer_certificate SSL_get1_peer_certificate
|
||||
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
+# define SSL_get_peer_certificate SSL_get1_peer_certificate
|
||||
#endif
|
||||
#endif
|
||||
|
||||
--- a/ncat/ncat_ssl.c
|
||||
+++ b/ncat/ncat_ssl.c
|
||||
@@ -80,7 +80,7 @@
|
||||
#define FUNC_ASN1_STRING_data ASN1_STRING_data
|
||||
#endif
|
||||
|
||||
-#if OPENSSL_API_LEVEL >= 30000
|
||||
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
#include <openssl/provider.h>
|
||||
/* Deprecated in OpenSSL 3.0 */
|
||||
#define SSL_get_peer_certificate SSL_get1_peer_certificate
|
||||
@@ -117,7 +117,7 @@ SSL_CTX *setup_ssl_listen(void)
|
||||
OpenSSL_add_all_algorithms();
|
||||
ERR_load_crypto_strings();
|
||||
SSL_load_error_strings();
|
||||
-#elif OPENSSL_API_LEVEL >= 30000
|
||||
+#elif OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
if (NULL == OSSL_PROVIDER_load(NULL, "legacy"))
|
||||
{
|
||||
loguser("OpenSSL legacy provider failed to load.\n");
|
||||
@@ -477,7 +477,7 @@ static int ssl_gen_cert(X509 **cert, EVP
|
||||
const char *commonName = "localhost";
|
||||
char dNSName[128];
|
||||
int rc;
|
||||
-#if OPENSSL_API_LEVEL < 30000
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
|
||||
int ret = 0;
|
||||
RSA *rsa = NULL;
|
||||
BIGNUM *bne = NULL;
|
||||
--- a/ncat/ncat_ssl.h
|
||||
+++ b/ncat/ncat_ssl.h
|
||||
@@ -67,18 +67,6 @@
|
||||
#include <openssl/ssl.h>
|
||||
#include <openssl/err.h>
|
||||
|
||||
-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
|
||||
-#ifndef OPENSSL_API_LEVEL
|
||||
-# if OPENSSL_API_COMPAT < 0x900000L
|
||||
-# define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
|
||||
-# else
|
||||
-# define OPENSSL_API_LEVEL \
|
||||
- (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000 \
|
||||
- + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
|
||||
- + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
|
||||
-# endif
|
||||
-#endif
|
||||
-
|
||||
#define NCAT_CA_CERTS_FILE "ca-bundle.crt"
|
||||
|
||||
enum {
|
||||
--- a/ncat/test/test-wildcard.c
|
||||
+++ b/ncat/test/test-wildcard.c
|
||||
@@ -20,7 +20,7 @@ are rejected. The SSL transactions happe
|
||||
|
||||
#include "ncat_core.h"
|
||||
#include "ncat_ssl.h"
|
||||
-#if OPENSSL_API_LEVEL < 30000
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
|
||||
#include <openssl/bn.h>
|
||||
#endif
|
||||
|
||||
@@ -294,7 +294,7 @@ stack_err:
|
||||
static int gen_cert(X509 **cert, EVP_PKEY **key,
|
||||
const struct lstr commonNames[], const struct lstr dNSNames[])
|
||||
{
|
||||
-#if OPENSSL_API_LEVEL < 30000
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
|
||||
int rc, ret=0;
|
||||
RSA *rsa = NULL;
|
||||
BIGNUM *bne = NULL;
|
||||
--- a/nse_openssl.cc
|
||||
+++ b/nse_openssl.cc
|
||||
@@ -20,6 +20,9 @@
|
||||
#define FUNC_EVP_CIPHER_CTX_init EVP_CIPHER_CTX_reset
|
||||
#define FUNC_EVP_CIPHER_CTX_cleanup EVP_CIPHER_CTX_reset
|
||||
#define PASS_EVP_CTX(ctx) (ctx)
|
||||
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
+# include <openssl/provider.h>
|
||||
+#endif
|
||||
#else
|
||||
#define FUNC_EVP_MD_CTX_init EVP_MD_CTX_init
|
||||
#define FUNC_EVP_MD_CTX_cleanup EVP_MD_CTX_cleanup
|
||||
@@ -37,23 +40,6 @@ extern NmapOps o;
|
||||
|
||||
#include "nse_openssl.h"
|
||||
|
||||
-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
|
||||
-#ifndef OPENSSL_API_LEVEL
|
||||
-# if OPENSSL_API_COMPAT < 0x900000L
|
||||
-# define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
|
||||
-# else
|
||||
-# define OPENSSL_API_LEVEL \
|
||||
- (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000 \
|
||||
- + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
|
||||
- + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
|
||||
-# endif
|
||||
-#endif
|
||||
-
|
||||
-
|
||||
-#if OPENSSL_API_LEVEL >= 30000
|
||||
-#include <openssl/provider.h>
|
||||
-#endif
|
||||
-
|
||||
#define NSE_SSL_LUA_ERR(_L) \
|
||||
luaL_error(_L, "OpenSSL error: %s", ERR_error_string(ERR_get_error(), NULL))
|
||||
|
||||
@@ -184,7 +170,7 @@ static int l_bignum_is_prime( lua_State
|
||||
bignum_data_t * p = (bignum_data_t *) luaL_checkudata( L, 1, "BIGNUM" );
|
||||
BN_CTX * ctx = BN_CTX_new();
|
||||
int is_prime =
|
||||
-#if OPENSSL_API_LEVEL < 30000
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
|
||||
BN_is_prime_ex( p->bn, BN_prime_checks, ctx, NULL );
|
||||
#else
|
||||
BN_check_prime( p->bn, ctx, NULL );
|
||||
@@ -199,7 +185,7 @@ static int l_bignum_is_safe_prime( lua_S
|
||||
bignum_data_t * p = (bignum_data_t *) luaL_checkudata( L, 1, "BIGNUM" );
|
||||
BN_CTX * ctx = BN_CTX_new();
|
||||
int is_prime =
|
||||
-#if OPENSSL_API_LEVEL < 30000
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
|
||||
BN_is_prime_ex( p->bn, BN_prime_checks, ctx, NULL );
|
||||
#else
|
||||
BN_check_prime( p->bn, ctx, NULL );
|
||||
@@ -210,7 +196,7 @@ static int l_bignum_is_safe_prime( lua_S
|
||||
BN_sub_word( n, (BN_ULONG)1 );
|
||||
BN_div_word( n, (BN_ULONG)2 );
|
||||
is_safe =
|
||||
-#if OPENSSL_API_LEVEL < 30000
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
|
||||
BN_is_prime_ex( n, BN_prime_checks, ctx, NULL );
|
||||
#else
|
||||
BN_check_prime( n, ctx, NULL );
|
||||
@@ -582,7 +568,7 @@ LUALIB_API int luaopen_openssl(lua_State
|
||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined LIBRESSL_VERSION_NUMBER
|
||||
OpenSSL_add_all_algorithms();
|
||||
ERR_load_crypto_strings();
|
||||
-#elif OPENSSL_API_LEVEL >= 30000
|
||||
+#elif OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
if (NULL == OSSL_PROVIDER_load(NULL, "legacy") && o.debugging > 1)
|
||||
{
|
||||
// Legacy provider may not be available.
|
||||
--- a/nse_ssl_cert.cc
|
||||
+++ b/nse_ssl_cert.cc
|
||||
@@ -89,19 +89,7 @@
|
||||
#define X509_get0_notAfter X509_get_notAfter
|
||||
#endif
|
||||
|
||||
-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
|
||||
-#ifndef OPENSSL_API_LEVEL
|
||||
-# if OPENSSL_API_COMPAT < 0x900000L
|
||||
-# define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
|
||||
-# else
|
||||
-# define OPENSSL_API_LEVEL \
|
||||
- (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000 \
|
||||
- + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
|
||||
- + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
|
||||
-# endif
|
||||
-#endif
|
||||
-
|
||||
-#if OPENSSL_API_LEVEL >= 30000
|
||||
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
#include <openssl/core_names.h>
|
||||
/* Deprecated in OpenSSL 3.0 */
|
||||
#define SSL_get_peer_certificate SSL_get1_peer_certificate
|
||||
@@ -459,7 +447,7 @@ static const char *pkey_type_to_string(i
|
||||
}
|
||||
|
||||
int lua_push_ecdhparams(lua_State *L, EVP_PKEY *pubkey) {
|
||||
-#if OPENSSL_API_LEVEL >= 30000
|
||||
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
char tmp[64] = {0};
|
||||
size_t len = 0;
|
||||
/* This structure (ecdhparams.curve_params) comes from tls.lua */
|
||||
@@ -634,7 +622,7 @@ static int parse_ssl_cert(lua_State *L,
|
||||
else
|
||||
#endif
|
||||
if (pkey_type == EVP_PKEY_RSA) {
|
||||
-#if OPENSSL_API_LEVEL < 30000
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
|
||||
RSA *rsa = EVP_PKEY_get1_RSA(pubkey);
|
||||
if (rsa) {
|
||||
#endif
|
||||
@@ -643,7 +631,7 @@ static int parse_ssl_cert(lua_State *L,
|
||||
luaL_getmetatable( L, "BIGNUM" );
|
||||
lua_setmetatable( L, -2 );
|
||||
#if HAVE_OPAQUE_STRUCTS
|
||||
-#if OPENSSL_API_LEVEL < 30000
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
|
||||
const BIGNUM *n = NULL, *e = NULL;
|
||||
data->should_free = false;
|
||||
RSA_get0_key(rsa, &n, &e, NULL);
|
||||
@@ -663,7 +651,7 @@ static int parse_ssl_cert(lua_State *L,
|
||||
luaL_getmetatable( L, "BIGNUM" );
|
||||
lua_setmetatable( L, -2 );
|
||||
#if HAVE_OPAQUE_STRUCTS
|
||||
-#if OPENSSL_API_LEVEL < 30000
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
|
||||
data->should_free = false;
|
||||
#else
|
||||
data->should_free = true;
|
||||
@@ -673,7 +661,7 @@ static int parse_ssl_cert(lua_State *L,
|
||||
data->bn = rsa->n;
|
||||
#endif
|
||||
lua_setfield(L, -2, "modulus");
|
||||
-#if OPENSSL_API_LEVEL < 30000
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
|
||||
RSA_free(rsa);
|
||||
}
|
||||
#endif
|
||||
--- a/nsock/src/nsock_ssl.c
|
||||
+++ b/nsock/src/nsock_ssl.c
|
||||
@@ -64,7 +64,7 @@
|
||||
#include "netutils.h"
|
||||
|
||||
#if HAVE_OPENSSL
|
||||
-#if OPENSSL_API_LEVEL >= 30000
|
||||
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
#include <openssl/provider.h>
|
||||
#endif
|
||||
|
||||
@@ -120,7 +120,7 @@ static SSL_CTX *ssl_init_helper(const SS
|
||||
SSL_library_init();
|
||||
#else
|
||||
OPENSSL_atexit(nsock_ssl_atexit);
|
||||
-#if OPENSSL_API_LEVEL >= 30000
|
||||
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
if (NULL == OSSL_PROVIDER_load(NULL, "legacy"))
|
||||
{
|
||||
nsock_log_error("OpenSSL legacy provider failed to load.\n");
|
||||
--- a/nsock/src/nsock_ssl.h
|
||||
+++ b/nsock/src/nsock_ssl.h
|
||||
@@ -69,20 +69,7 @@
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/rand.h>
|
||||
|
||||
-/* OPENSSL_API_LEVEL per OpenSSL 3.0: decimal MMmmpp */
|
||||
-#ifndef OPENSSL_API_LEVEL
|
||||
-# if OPENSSL_API_COMPAT < 0x900000L
|
||||
-# define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
|
||||
-# else
|
||||
-# define OPENSSL_API_LEVEL \
|
||||
- (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000 \
|
||||
- + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
|
||||
- + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
|
||||
-# endif
|
||||
-#endif
|
||||
-
|
||||
-
|
||||
-#if OPENSSL_API_LEVEL >= 30000
|
||||
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
||||
/* Deprecated in OpenSSL 3.0 */
|
||||
#define SSL_get_peer_certificate SSL_get1_peer_certificate
|
||||
#endif
|
File diff suppressed because it is too large
Load Diff
|
@ -23,7 +23,7 @@ Also remove references to NCAT_CA_CERTS_FILE and NCAT_CA_CERTS_PATH in order to
|
|||
ifneq ($(NOLUA),yes)
|
||||
--- a/ncat/ncat_posix.c
|
||||
+++ b/ncat/ncat_posix.c
|
||||
@@ -347,28 +347,17 @@ void set_lf_mode(void)
|
||||
@@ -357,28 +357,17 @@ void set_lf_mode(void)
|
||||
|
||||
#ifdef HAVE_OPENSSL
|
||||
|
||||
|
@ -55,7 +55,7 @@ Also remove references to NCAT_CA_CERTS_FILE and NCAT_CA_CERTS_PATH in order to
|
|||
#endif
|
||||
--- a/ncat/ncat_ssl.h
|
||||
+++ b/ncat/ncat_ssl.h
|
||||
@@ -67,8 +67,6 @@
|
||||
@@ -66,8 +66,6 @@
|
||||
#include <openssl/ssl.h>
|
||||
#include <openssl/err.h>
|
||||
|
||||
|
|
|
@ -0,0 +1,67 @@
|
|||
From 707812db69cc5fdb8b6b4417d3a6b18405116d9f Mon Sep 17 00:00:00 2001
|
||||
From: Christian Marangi <ansuelsmth@gmail.com>
|
||||
Date: Sun, 28 Apr 2024 12:00:02 +0200
|
||||
Subject: [PATCH] nsock: Fix compilation error with OPENSSL_NO_DTLS
|
||||
|
||||
Commit ba26cc78f207 ("Replace check for DTLS_client_method with
|
||||
OPENSSL_NO_DTLS") made DTLS support depend on the openssl define
|
||||
directly but leave some use of dtlsctx not guarded by ifdef.
|
||||
|
||||
Fix this by adding to the remaining use of dtlsctx ifdef guard and
|
||||
return fatal print for running function with unsupported OpenSSL
|
||||
feature.
|
||||
|
||||
Fixes: ba26cc78f207 ("Replace check for DTLS_client_method with OPENSSL_NO_DTLS")
|
||||
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
||||
---
|
||||
nsock/src/nsock_connect.c | 4 ++++
|
||||
nsock/src/nsock_core.c | 9 ++++++++-
|
||||
nsock/src/nsock_pool.c | 2 ++
|
||||
3 files changed, 14 insertions(+), 1 deletion(-)
|
||||
|
||||
--- a/nsock/src/nsock_connect.c
|
||||
+++ b/nsock/src/nsock_connect.c
|
||||
@@ -472,8 +472,12 @@ nsock_event_id nsock_connect_ssl(nsock_p
|
||||
|
||||
if (proto == IPPROTO_UDP)
|
||||
{
|
||||
+#ifndef OPENSSL_NO_DTLS
|
||||
if (!ms->dtlsctx)
|
||||
nsock_pool_dtls_init(ms, 0);
|
||||
+#else
|
||||
+ fatal("%s called with no OpenSSL DTLS support", __func__);
|
||||
+#endif
|
||||
}
|
||||
else
|
||||
{
|
||||
--- a/nsock/src/nsock_core.c
|
||||
+++ b/nsock/src/nsock_core.c
|
||||
@@ -364,7 +364,14 @@ void handle_connect_result(struct npool
|
||||
if (nse->type == NSE_TYPE_CONNECT_SSL &&
|
||||
nse->status == NSE_STATUS_SUCCESS) {
|
||||
#if HAVE_OPENSSL
|
||||
- sslctx = iod->lastproto == IPPROTO_UDP ? ms->dtlsctx : ms->sslctx;
|
||||
+ if (iod->lastproto == IPPROTO_UDP)
|
||||
+#ifndef OPENSSL_NO_DTLS
|
||||
+ sslctx = ms->dtlsctx;
|
||||
+#else
|
||||
+ fatal("%s called with no OpenSSL DTLS support", __func__);
|
||||
+#endif
|
||||
+ else
|
||||
+ sslctx = ms->sslctx;
|
||||
assert(sslctx != NULL);
|
||||
/* Reuse iod->ssl if present. If set, this is the second try at connection
|
||||
without the SSL_OP_NO_SSLv2 option set. */
|
||||
--- a/nsock/src/nsock_pool.c
|
||||
+++ b/nsock/src/nsock_pool.c
|
||||
@@ -178,8 +178,10 @@ nsock_pool nsock_pool_new(void *userdata
|
||||
|
||||
#if HAVE_OPENSSL
|
||||
nsp->sslctx = NULL;
|
||||
+#ifndef OPENSSL_NO_DTLS
|
||||
nsp->dtlsctx = NULL;
|
||||
#endif
|
||||
+#endif
|
||||
|
||||
nsp->px_chain = NULL;
|
||||
|
|
@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
|
|||
|
||||
PKG_NAME:=p910nd
|
||||
PKG_VERSION:=0.97
|
||||
PKG_RELEASE:=13
|
||||
PKG_RELEASE:=14
|
||||
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
|
||||
PKG_SOURCE_URL:=@SF/p910nd
|
||||
|
|
|
@ -281,8 +281,7 @@ get_and_store_printer_info() {
|
|||
[ "$DEBUG" ] && echo ${MFG:+MFG=$MFG} ${MDL:+MDL=$MDL} ${CMD:+CMD=$CMD} ${CLS:+CLS=$CLS} ${DES:+DES=$DES} ${SN:+SN=$SN}
|
||||
|
||||
[ "$DEBUG" ] && echo 'uci set' for UCI_DEV_CFG_NUMBER: $UCI_DEV_CFG_NUMBER
|
||||
# Take the USB info as fact: set bidir regardless. It seems to be a source of confusion.
|
||||
eval "$uqsddu_cmd.bidirectional='$BIDIR'"
|
||||
[ -z "$(eval "$uqgddu_cmd".bidirectional)" ] && eval "$uqsddu_cmd.bidirectional='$BIDIR'"
|
||||
[ -z "$(eval "$uqgddu_cmd".port)" ] && eval "$uqsddu_cmd.port='0'"
|
||||
[ -z "$(eval "$uqgddu_cmd".enabled)" ] && eval "$uqsddu_cmd.enabled='1'"
|
||||
[ -z "$(eval "$uqgddu_cmd".usbvidpid)" ] && [ -n "$THIS_USB_VIDPID" ] && eval "$uqsddu_cmd.usbvidpid='$THIS_USB_VIDPID'"
|
||||
|
|
|
@ -1,12 +1,12 @@
|
|||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=sing-box
|
||||
PKG_VERSION:=1.8.10
|
||||
PKG_VERSION:=1.8.12
|
||||
PKG_RELEASE:=1
|
||||
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
||||
PKG_SOURCE_URL:=https://codeload.github.com/SagerNet/sing-box/tar.gz/v$(PKG_VERSION)?
|
||||
PKG_HASH:=a959f9a40148ed4166b8161072672f3ce1532957adef7717132c7277bb96dcf6
|
||||
PKG_HASH:=802eb5e202ac1dd846b1f529b3df9e5d69452182fd5d70f7c8f2a819c9e86162
|
||||
|
||||
PKG_LICENSE:=GPL-3.0-or-later
|
||||
PKG_LICENSE_FILES:=LICENSE
|
||||
|
|
|
@ -7,7 +7,7 @@ include $(TOPDIR)/rules.mk
|
|||
|
||||
PKG_NAME:=snort3
|
||||
PKG_VERSION:=3.1.84.0
|
||||
PKG_RELEASE:=1
|
||||
PKG_RELEASE:=2
|
||||
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_VERSION:=$(PKG_VERSION)
|
||||
|
@ -29,7 +29,7 @@ define Package/snort3
|
|||
DEPENDS:= \
|
||||
+(TARGET_x86||TARGET_x86_64):hyperscan-runtime \
|
||||
+(TARGET_x86||TARGET_x86_64):gperftools-runtime \
|
||||
+libstdcpp +libdaq3 +libdnet +libopenssl +libpcap +libpcre +libpthread \
|
||||
+libstdcpp +libdaq3 +libdnet +libopenssl +libpcap +libpcre2 +libpthread \
|
||||
+libuuid +zlib +libhwloc +libtirpc @HAS_LUAJIT_ARCH +luajit +libatomic \
|
||||
+kmod-nft-queue +liblzma +ucode +ucode-mod-fs +ucode-mod-uci
|
||||
TITLE:=Lightweight Network Intrusion Detection System
|
||||
|
|
|
@ -54,7 +54,7 @@ nft_rm_table() {
|
|||
|
||||
nft_add_table() {
|
||||
if [ "$(uci -q get snort.snort.method)" = "nfq" ]; then
|
||||
local options
|
||||
local options=''
|
||||
$VERBOSE && options='-e'
|
||||
print nftables | nft $options -f $STDIN
|
||||
$VERBOSE && nft list table inet snort
|
||||
|
@ -118,7 +118,7 @@ check() {
|
|||
fi
|
||||
|
||||
if [ "$(uci -q get snort.snort.method)" = "nfq" ]; then
|
||||
local options
|
||||
local options=''
|
||||
local test_nft="${CONF_DIR}/test_conf.nft"
|
||||
print nftables > "${test_nft}" || die "Errors during generation of nftables config"
|
||||
$VERBOSE && options='-e'
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -1,75 +0,0 @@
|
|||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=apk
|
||||
PKG_VERSION:=2.14.0
|
||||
PKG_RELEASE:=1
|
||||
|
||||
PKG_SOURCE:=apk-tools-v$(PKG_VERSION).tar.gz
|
||||
PKG_SOURCE_URL:=https://gitlab.alpinelinux.org/alpine/apk-tools/-/archive/v$(PKG_VERSION)
|
||||
PKG_HASH:=4c6db13039280814a10a3b3d89b29837b59769c69214a1861997e088eac107a5
|
||||
PKG_BUILD_DIR:=$(BUILD_DIR)/apk-tools-v$(PKG_VERSION)
|
||||
|
||||
PKG_MAINTAINER:=Paul Spooren <mail@aparcar.org>
|
||||
PKG_LICENSE:=GPL-2.0-only
|
||||
PKG_LICENSE_FILES:=LICENSE
|
||||
|
||||
PKG_INSTALL:=1
|
||||
PKG_BUILD_PARALLEL:=1
|
||||
|
||||
include $(INCLUDE_DIR)/package.mk
|
||||
|
||||
define Package/apk
|
||||
SECTION:=utils
|
||||
CATEGORY:=Utilities
|
||||
TITLE:=apk package manager
|
||||
DEPENDS:=+zlib +libopenssl @!arc
|
||||
URL:=$(PKG_SOURCE_URL)
|
||||
endef
|
||||
|
||||
define Package/alpine-keys
|
||||
SECTION:=utils
|
||||
CATEGORY:=Utilities
|
||||
TITLE:=Alpine apk public signing keys
|
||||
DEPENDS:=apk
|
||||
endef
|
||||
|
||||
define Package/alpine-repositories
|
||||
SECTION:=utils
|
||||
CATEGORY:=Utilities
|
||||
TITLE:=Official Alpine repositories
|
||||
DEPENDS:=apk
|
||||
endef
|
||||
|
||||
MAKE_FLAGS += LUA=no
|
||||
|
||||
define Package/apk/install
|
||||
$(INSTALL_DIR) $(1)/lib/apk/db
|
||||
|
||||
$(INSTALL_DIR) $(1)/bin
|
||||
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/sbin/apk $(1)/bin/apk
|
||||
|
||||
$(INSTALL_DIR) $(1)/usr/lib
|
||||
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/lib/* $(1)/usr/lib/
|
||||
|
||||
$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
|
||||
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/apk.pc \
|
||||
$(1)/usr/lib/pkgconfig/
|
||||
|
||||
$(INSTALL_DIR) $(1)/etc/apk/
|
||||
echo $(ARCH) > $(1)/etc/apk/arch
|
||||
touch $(1)/etc/apk/world
|
||||
endef
|
||||
|
||||
define Package/alpine-keys/install
|
||||
$(INSTALL_DIR) $(1)/etc/apk/keys
|
||||
$(INSTALL_DATA) ./files/alpine-keys/* $(1)/etc/apk/keys
|
||||
endef
|
||||
|
||||
define Package/alpine-repositories/install
|
||||
$(INSTALL_DIR) $(1)/etc/apk/keys
|
||||
$(INSTALL_DATA) ./files/alpine-repositories $(1)/etc/apk/repositories
|
||||
endef
|
||||
|
||||
$(eval $(call BuildPackage,apk))
|
||||
$(eval $(call BuildPackage,alpine-keys))
|
||||
$(eval $(call BuildPackage,alpine-repositories))
|
|
@ -1,9 +0,0 @@
|
|||
-----BEGIN PUBLIC KEY-----
|
||||
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1yHJxQgsHQREclQu4Ohe
|
||||
qxTxd1tHcNnvnQTu/UrTky8wWvgXT+jpveroeWWnzmsYlDI93eLI2ORakxb3gA2O
|
||||
Q0Ry4ws8vhaxLQGC74uQR5+/yYrLuTKydFzuPaS1dK19qJPXB8GMdmFOijnXX4SA
|
||||
jixuHLe1WW7kZVtjL7nufvpXkWBGjsfrvskdNA/5MfxAeBbqPgaq0QMEfxMAn6/R
|
||||
L5kNepi/Vr4S39Xvf2DzWkTLEK8pcnjNkt9/aafhWqFVW7m3HCAII6h/qlQNQKSo
|
||||
GuH34Q8GsFG30izUENV9avY7hSLq7nggsvknlNBZtFUcmGoQrtx3FmyYsIC8/R+B
|
||||
ywIDAQAB
|
||||
-----END PUBLIC KEY-----
|
|
@ -1,9 +0,0 @@
|
|||
-----BEGIN PUBLIC KEY-----
|
||||
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNijDxJ8kloskKQpJdx+
|
||||
mTMVFFUGDoDCbulnhZMJoKNkSuZOzBoFC94omYPtxnIcBdWBGnrm6ncbKRlR+6oy
|
||||
DO0W7c44uHKCFGFqBhDasdI4RCYP+fcIX/lyMh6MLbOxqS22TwSLhCVjTyJeeH7K
|
||||
aA7vqk+QSsF4TGbYzQDDpg7+6aAcNzg6InNePaywA6hbT0JXbxnDWsB+2/LLSF2G
|
||||
mnhJlJrWB1WGjkz23ONIWk85W4S0XB/ewDefd4Ly/zyIciastA7Zqnh7p3Ody6Q0
|
||||
sS2MJzo7p3os1smGjUF158s6m/JbVh4DN6YIsxwl2OjDOz9R0OycfJSDaBVIGZzg
|
||||
cQIDAQAB
|
||||
-----END PUBLIC KEY-----
|
|
@ -1,9 +0,0 @@
|
|||
-----BEGIN PUBLIC KEY-----
|
||||
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlzMkl7b5PBdfMzGdCT0
|
||||
cGloRr5xGgVmsdq5EtJvFkFAiN8Ac9MCFy/vAFmS8/7ZaGOXoCDWbYVLTLOO2qtX
|
||||
yHRl+7fJVh2N6qrDDFPmdgCi8NaE+3rITWXGrrQ1spJ0B6HIzTDNEjRKnD4xyg4j
|
||||
g01FMcJTU6E+V2JBY45CKN9dWr1JDM/nei/Pf0byBJlMp/mSSfjodykmz4Oe13xB
|
||||
Ca1WTwgFykKYthoLGYrmo+LKIGpMoeEbY1kuUe04UiDe47l6Oggwnl+8XD1MeRWY
|
||||
sWgj8sF4dTcSfCMavK4zHRFFQbGp/YFJ/Ww6U9lA3Vq0wyEI6MCMQnoSMFwrbgZw
|
||||
wwIDAQAB
|
||||
-----END PUBLIC KEY-----
|
|
@ -1,3 +0,0 @@
|
|||
https://dl-cdn.alpinelinux.org/alpine/edge/main
|
||||
https://dl-cdn.alpinelinux.org/alpine/edge/community
|
||||
|
|
@ -1,21 +0,0 @@
|
|||
From b05a93c48fdbb50f0c464310dc2ce45777d32ea2 Mon Sep 17 00:00:00 2001
|
||||
From: Paul Spooren <mail@aparcar.org>
|
||||
Date: Fri, 2 Oct 2020 14:08:52 -1000
|
||||
Subject: [PATCH] remove doc generation
|
||||
|
||||
Signed-off-by: Paul Spooren <mail@aparcar.org>
|
||||
---
|
||||
Makefile | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -25,7 +25,7 @@ export DESTDIR SBINDIR LIBDIR CONFDIR MA
|
||||
##
|
||||
# Top-level subdirs
|
||||
|
||||
-subdirs := libfetch/ src/ doc/
|
||||
+subdirs := libfetch/ src/
|
||||
|
||||
##
|
||||
# Include all rules and stuff
|
|
@ -1,131 +0,0 @@
|
|||
From c4c8aa5ba0ec6bf4c6d74c4807b66edfbd91be7c Mon Sep 17 00:00:00 2001
|
||||
From: Rosen Penev <rosenp@gmail.com>
|
||||
Date: Mon, 11 Jan 2021 01:51:58 -0800
|
||||
Subject: [PATCH] fix compilation without deprecated OpenSSL APIs
|
||||
|
||||
(De)initialization is deprecated under OpenSSL 1.0 and above.
|
||||
|
||||
[TT: Some simplifications, and additional edits.]
|
||||
|
||||
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
||||
---
|
||||
libfetch/common.c | 12 ++++--------
|
||||
src/apk.c | 26 +-------------------------
|
||||
src/apk_openssl.h | 27 +++++++++++++++++++++++++++
|
||||
3 files changed, 32 insertions(+), 33 deletions(-)
|
||||
|
||||
--- a/libfetch/common.c
|
||||
+++ b/libfetch/common.c
|
||||
@@ -583,15 +583,11 @@ static int fetch_ssl_setup_client_certif
|
||||
int
|
||||
fetch_ssl(conn_t *conn, const struct url *URL, int verbose)
|
||||
{
|
||||
- /* Init the SSL library and context */
|
||||
- if (!SSL_library_init()){
|
||||
- fprintf(stderr, "SSL library init failed\n");
|
||||
- return (-1);
|
||||
- }
|
||||
-
|
||||
- SSL_load_error_strings();
|
||||
-
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||
conn->ssl_meth = SSLv23_client_method();
|
||||
+#else
|
||||
+ conn->ssl_meth = TLS_client_method();
|
||||
+#endif
|
||||
conn->ssl_ctx = SSL_CTX_new(conn->ssl_meth);
|
||||
SSL_CTX_set_mode(conn->ssl_ctx, SSL_MODE_AUTO_RETRY);
|
||||
|
||||
--- a/src/apk.c
|
||||
+++ b/src/apk.c
|
||||
@@ -20,11 +20,6 @@
|
||||
#include <unistd.h>
|
||||
#include <sys/stat.h>
|
||||
|
||||
-#include <openssl/crypto.h>
|
||||
-#ifndef OPENSSL_NO_ENGINE
|
||||
-#include <openssl/engine.h>
|
||||
-#endif
|
||||
-
|
||||
#include <fetch.h>
|
||||
|
||||
#include "apk_defines.h"
|
||||
@@ -423,25 +418,6 @@ static int parse_options(int argc, char
|
||||
return 0;
|
||||
}
|
||||
|
||||
-static void fini_openssl(void)
|
||||
-{
|
||||
- EVP_cleanup();
|
||||
-#ifndef OPENSSL_NO_ENGINE
|
||||
- ENGINE_cleanup();
|
||||
-#endif
|
||||
- CRYPTO_cleanup_all_ex_data();
|
||||
-}
|
||||
-
|
||||
-static void init_openssl(void)
|
||||
-{
|
||||
- atexit(fini_openssl);
|
||||
- OpenSSL_add_all_algorithms();
|
||||
-#ifndef OPENSSL_NO_ENGINE
|
||||
- ENGINE_load_builtin_engines();
|
||||
- ENGINE_register_all_complete();
|
||||
-#endif
|
||||
-}
|
||||
-
|
||||
static void on_sigwinch(int s)
|
||||
{
|
||||
apk_reset_screen_width();
|
||||
@@ -534,7 +510,7 @@ int main(int argc, char **argv)
|
||||
apk_force |= applet->forced_force;
|
||||
}
|
||||
|
||||
- init_openssl();
|
||||
+ apk_openssl_init();
|
||||
setup_automatic_flags();
|
||||
fetchTimeout = 60;
|
||||
fetchRedirectMethod = fetch_redirect;
|
||||
--- a/src/apk_openssl.h
|
||||
+++ b/src/apk_openssl.h
|
||||
@@ -11,7 +11,11 @@
|
||||
#define APK_SSL_COMPAT_H
|
||||
|
||||
#include <openssl/opensslv.h>
|
||||
+#include <openssl/crypto.h>
|
||||
#include <openssl/evp.h>
|
||||
+#ifndef OPENSSL_NO_ENGINE
|
||||
+#include <openssl/engine.h>
|
||||
+#endif
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER < 0x1010000fL || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
|
||||
|
||||
@@ -25,6 +29,29 @@ static inline void EVP_MD_CTX_free(EVP_M
|
||||
return EVP_MD_CTX_destroy(mdctx);
|
||||
}
|
||||
|
||||
+static inline void apk_openssl_cleanup(void)
|
||||
+{
|
||||
+ EVP_cleanup();
|
||||
+#ifndef OPENSSL_NO_ENGINE
|
||||
+ ENGINE_cleanup();
|
||||
+#endif
|
||||
+ CRYPTO_cleanup_all_ex_data();
|
||||
+}
|
||||
+
|
||||
+static inline void apk_openssl_init(void)
|
||||
+{
|
||||
+ atexit(apk_openssl_cleanup);
|
||||
+ OpenSSL_add_all_algorithms();
|
||||
+#ifndef OPENSSL_NO_ENGINE
|
||||
+ ENGINE_load_builtin_engines();
|
||||
+ ENGINE_register_all_complete();
|
||||
+#endif
|
||||
+}
|
||||
+
|
||||
+#else
|
||||
+
|
||||
+static inline void apk_openssl_init(void) {}
|
||||
+
|
||||
#endif
|
||||
|
||||
#endif
|
|
@ -1,7 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
case "$1" in
|
||||
"apk")
|
||||
apk --version | grep "${2#*v}"
|
||||
;;
|
||||
esac
|
|
@ -1,143 +0,0 @@
|
|||
#
|
||||
# This is free software, licensed under the GNU General Public License v2.
|
||||
# See /LICENSE for more information.
|
||||
#
|
||||
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=audit
|
||||
PKG_VERSION:=2.8.5
|
||||
PKG_RELEASE:=7
|
||||
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
||||
PKG_SOURCE_URL:=http://people.redhat.com/sgrubb/audit
|
||||
PKG_HASH:=0e5d4103646e00f8d1981e1cd2faea7a2ae28e854c31a803e907a383c5e2ecb7
|
||||
|
||||
PKG_MAINTAINER:=Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
||||
PKG_LICENSE:=GPL-2.0-or-later
|
||||
PKG_LICENSE_FILES:=COPYING
|
||||
PKG_CPE_ID:=cpe:/a:linux_audit_project:linux_audit
|
||||
|
||||
PKG_FIXUP:=autoreconf
|
||||
PKG_BUILD_DIR=$(BUILD_DIR)/$(PKG_NAME)-packages/$(PKG_NAME)-$(PKG_VERSION)
|
||||
|
||||
PKG_BUILD_FLAGS:=no-mips16
|
||||
|
||||
include $(INCLUDE_DIR)/package.mk
|
||||
|
||||
define Package/audit/Default
|
||||
TITLE:=Audit Daemon
|
||||
URL:=http://people.redhat.com/sgrubb/audit/
|
||||
endef
|
||||
|
||||
define Package/audit/Default/description
|
||||
The audit package contains the user space utilities for
|
||||
storing and searching the audit records generated by
|
||||
the audit subsystem in the Linux 2.6 kernel
|
||||
endef
|
||||
|
||||
define Package/libauparse
|
||||
$(call Package/audit/Default)
|
||||
SECTION:=libs
|
||||
CATEGORY:=Libraries
|
||||
TITLE+= (parsing shared library)
|
||||
DEPENDS:= +libaudit
|
||||
endef
|
||||
|
||||
define Package/libauparse/description
|
||||
$(call Package/audit/Default/description)
|
||||
This package contains the audit parsing shared library.
|
||||
endef
|
||||
|
||||
define Package/audit-utils
|
||||
$(call Package/audit/Default)
|
||||
SECTION:=utils
|
||||
CATEGORY:=Utilities
|
||||
TITLE+= (utilities)
|
||||
DEPENDS:= +libaudit +libauparse
|
||||
endef
|
||||
|
||||
define Package/audit-utils/description
|
||||
$(call Package/audit/Default/description)
|
||||
This package contains the audit utilities.
|
||||
endef
|
||||
|
||||
define Package/audit
|
||||
$(call Package/audit/Default)
|
||||
SECTION:=utils
|
||||
CATEGORY:=Utilities
|
||||
TITLE+= (daemon)
|
||||
DEPENDS:= +libaudit +libauparse +audit-utils +libev
|
||||
endef
|
||||
|
||||
define Package/audit/description
|
||||
$(call Package/audit/Default/description)
|
||||
This package contains the audit daemon.
|
||||
endef
|
||||
|
||||
CONFIGURE_VARS += \
|
||||
LDFLAGS_FOR_BUILD="$(HOST_LDFLAGS)" \
|
||||
CPPFLAGS_FOR_BUILD="$(HOST_CPPFLAGS)" \
|
||||
CFLAGS_FOR_BUILD="$(HOST_CFLAGS)" \
|
||||
CC_FOR_BUILD="$(HOSTCC)"
|
||||
|
||||
CONFIGURE_ARGS += \
|
||||
--without-libcap-ng \
|
||||
--disable-systemd \
|
||||
--without-python \
|
||||
--without-python3 \
|
||||
--disable-zos-remote
|
||||
|
||||
ifeq ($(ARCH),aarch64)
|
||||
CONFIGURE_ARGS += --with-aarch64
|
||||
else ifeq ($(ARCH),arm)
|
||||
CONFIGURE_ARGS += --with-arm
|
||||
endif
|
||||
|
||||
# We can't use the default, as the default passes $(MAKE_ARGS), which
|
||||
# overrides CC, CFLAGS, etc. and defeats the *_FOR_BUILD definitions
|
||||
# passed in CONFIGURE_VARS
|
||||
define Build/Compile
|
||||
$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/$(MAKE_PATH)
|
||||
endef
|
||||
|
||||
define Build/Install
|
||||
$(call Build/Install/Default,install)
|
||||
$(SED) 's%^dispatcher *=.*%dispatcher = /usr/sbin/audispd%' $(PKG_INSTALL_DIR)/etc/audit/auditd.conf
|
||||
endef
|
||||
|
||||
define Build/InstallDev
|
||||
$(INSTALL_DIR) $(1)/usr/include
|
||||
$(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
|
||||
$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
|
||||
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/*.pc $(1)/usr/lib/pkgconfig/
|
||||
$(INSTALL_DIR) $(1)/usr/lib
|
||||
$(CP) $(PKG_INSTALL_DIR)/usr/lib/* $(1)/usr/lib/
|
||||
endef
|
||||
|
||||
define Package/libauparse/install
|
||||
$(INSTALL_DIR) $(1)/usr/lib
|
||||
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libauparse.so.* $(1)/usr/lib/
|
||||
endef
|
||||
|
||||
define Package/audit-utils/install
|
||||
$(INSTALL_DIR) $(1)/usr/bin
|
||||
$(CP) $(PKG_INSTALL_DIR)/usr/bin/* $(1)/usr/bin/
|
||||
$(INSTALL_DIR) $(1)/usr/sbin
|
||||
$(CP) \
|
||||
$(PKG_INSTALL_DIR)/usr/sbin/{augenrules,audispd,audisp-remote,auditctl,autrace,aureport,ausearch} \
|
||||
$(1)/usr/sbin/
|
||||
endef
|
||||
|
||||
define Package/audit/install
|
||||
$(INSTALL_DIR) $(1)/etc/audit
|
||||
$(CP) $(PKG_INSTALL_DIR)/etc/audit/* $(1)/etc/audit/
|
||||
$(INSTALL_DIR) $(1)/etc/init.d
|
||||
$(INSTALL_BIN) ./files/audit.init $(1)/etc/init.d/audit
|
||||
$(INSTALL_DIR) $(1)/usr/sbin
|
||||
$(CP) $(PKG_INSTALL_DIR)/usr/sbin/auditd $(1)/usr/sbin/
|
||||
endef
|
||||
|
||||
$(eval $(call BuildPackage,libauparse))
|
||||
$(eval $(call BuildPackage,audit-utils))
|
||||
$(eval $(call BuildPackage,audit))
|
|
@ -1,16 +0,0 @@
|
|||
#!/bin/sh /etc/rc.common
|
||||
# Copyright (c) 2014 OpenWrt.org
|
||||
|
||||
START=11
|
||||
|
||||
USE_PROCD=1
|
||||
PROG=/usr/sbin/auditd
|
||||
|
||||
start_service() {
|
||||
mkdir -p /var/log/audit
|
||||
procd_open_instance
|
||||
procd_set_param command "$PROG" -n
|
||||
procd_set_param respawn
|
||||
procd_close_instance
|
||||
test -f /etc/audit/rules.d/audit.rules && /usr/sbin/auditctl -R /etc/audit/rules.d/audit.rules
|
||||
}
|
|
@ -1,122 +0,0 @@
|
|||
From c39a071e7c021f6ff3554aca2758e97b47a9777c Mon Sep 17 00:00:00 2001
|
||||
From: Steve Grubb <sgrubb@redhat.com>
|
||||
Date: Tue, 26 Feb 2019 18:33:33 -0500
|
||||
Subject: [PATCH] Add substitue functions for strndupa & rawmemchr
|
||||
|
||||
(cherry picked from commit d579a08bb1cde71f939c13ac6b2261052ae9f77e)
|
||||
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
||||
---
|
||||
auparse/auparse.c | 12 +++++++++++-
|
||||
auparse/interpret.c | 9 ++++++++-
|
||||
configure.ac | 14 +++++++++++++-
|
||||
src/ausearch-lol.c | 12 +++++++++++-
|
||||
4 files changed, 43 insertions(+), 4 deletions(-)
|
||||
|
||||
--- a/auparse/auparse.c
|
||||
+++ b/auparse/auparse.c
|
||||
@@ -1,5 +1,5 @@
|
||||
/* auparse.c --
|
||||
- * Copyright 2006-08,2012-17 Red Hat Inc., Durham, North Carolina.
|
||||
+ * Copyright 2006-08,2012-19 Red Hat Inc., Durham, North Carolina.
|
||||
* All Rights Reserved.
|
||||
*
|
||||
* This library is free software; you can redistribute it and/or
|
||||
@@ -1118,6 +1118,16 @@ static int str2event(char *s, au_event_t
|
||||
return 0;
|
||||
}
|
||||
|
||||
+#ifndef HAVE_STRNDUPA
|
||||
+static inline char *strndupa(const char *old, size_t n)
|
||||
+{
|
||||
+ size_t len = strnlen(old, n);
|
||||
+ char *tmp = alloca(len + 1);
|
||||
+ tmp[len] = 0;
|
||||
+ return memcpy(tmp, old, len);
|
||||
+}
|
||||
+#endif
|
||||
+
|
||||
/* Returns 0 on success and 1 on error */
|
||||
static int extract_timestamp(const char *b, au_event_t *e)
|
||||
{
|
||||
--- a/auparse/interpret.c
|
||||
+++ b/auparse/interpret.c
|
||||
@@ -853,6 +853,13 @@ err_out:
|
||||
return print_escaped(id->val);
|
||||
}
|
||||
|
||||
+// rawmemchr is faster. Let's use it if we have it.
|
||||
+#ifdef HAVE_RAWMEMCHR
|
||||
+#define STRCHR rawmemchr
|
||||
+#else
|
||||
+#define STRCHR strchr
|
||||
+#endif
|
||||
+
|
||||
static const char *print_proctitle(const char *val)
|
||||
{
|
||||
char *out = (char *)print_escaped(val);
|
||||
@@ -863,7 +870,7 @@ static const char *print_proctitle(const
|
||||
// Proctitle has arguments separated by NUL bytes
|
||||
// We need to write over the NUL bytes with a space
|
||||
// so that we can see the arguments
|
||||
- while ((ptr = rawmemchr(ptr, '\0'))) {
|
||||
+ while ((ptr = STRCHR(ptr, '\0'))) {
|
||||
if (ptr >= end)
|
||||
break;
|
||||
*ptr = ' ';
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -1,7 +1,7 @@
|
||||
dnl
|
||||
define([AC_INIT_NOTICE],
|
||||
[### Generated automatically using autoconf version] AC_ACVERSION [
|
||||
-### Copyright 2005-18 Steve Grubb <sgrubb@redhat.com>
|
||||
+### Copyright 2005-19 Steve Grubb <sgrubb@redhat.com>
|
||||
###
|
||||
### Permission is hereby granted, free of charge, to any person obtaining a
|
||||
### copy of this software and associated documentation files (the "Software"),
|
||||
@@ -72,6 +72,18 @@ dnl; posix_fallocate is used in audisp-r
|
||||
AC_CHECK_FUNCS([posix_fallocate])
|
||||
dnl; signalfd is needed for libev
|
||||
AC_CHECK_FUNC([signalfd], [], [ AC_MSG_ERROR([The signalfd system call is necessary for auditd]) ])
|
||||
+dnl; check if rawmemchr is available
|
||||
+AC_CHECK_FUNCS([rawmemchr])
|
||||
+dnl; check if strndupa is available
|
||||
+AC_LINK_IFELSE(
|
||||
+ [AC_LANG_SOURCE(
|
||||
+ [[
|
||||
+ #define _GNU_SOURCE
|
||||
+ #include <string.h>
|
||||
+ int main() { (void) strndupa("test", 10); return 0; }]])],
|
||||
+ [AC_DEFINE(HAVE_STRNDUPA, 1, [Let us know if we have it or not])],
|
||||
+ []
|
||||
+)
|
||||
|
||||
ALLWARNS=""
|
||||
ALLDEBUG="-g"
|
||||
--- a/src/ausearch-lol.c
|
||||
+++ b/src/ausearch-lol.c
|
||||
@@ -1,6 +1,6 @@
|
||||
/*
|
||||
* ausearch-lol.c - linked list of linked lists library
|
||||
-* Copyright (c) 2008,2010,2014,2016 Red Hat Inc., Durham, North Carolina.
|
||||
+* Copyright (c) 2008,2010,2014,2016,2019 Red Hat Inc., Durham, North Carolina.
|
||||
* All Rights Reserved.
|
||||
*
|
||||
* This software may be freely redistributed and/or modified under the
|
||||
@@ -152,6 +152,16 @@ static int compare_event_time(event *e1,
|
||||
return 0;
|
||||
}
|
||||
|
||||
+#ifndef HAVE_STRNDUPA
|
||||
+static inline char *strndupa(const char *old, size_t n)
|
||||
+{
|
||||
+ size_t len = strnlen(old, n);
|
||||
+ char *tmp = alloca(len + 1);
|
||||
+ tmp[len] = 0;
|
||||
+ return memcpy(tmp, old, len);
|
||||
+}
|
||||
+#endif
|
||||
+
|
||||
/*
|
||||
* This function will look at the line and pick out pieces of it.
|
||||
*/
|
|
@ -1,21 +0,0 @@
|
|||
From 017e6c6ab95df55f34e339d2139def83e5dada1f Mon Sep 17 00:00:00 2001
|
||||
From: Steve Grubb <sgrubb@redhat.com>
|
||||
Date: Fri, 10 Jan 2020 21:13:50 -0500
|
||||
Subject: [PATCH 01/30] Header definitions need to be external when building
|
||||
with -fno-common (which is default in GCC 10) - Tony Jones
|
||||
|
||||
---
|
||||
src/ausearch-common.h | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
--- a/src/ausearch-common.h
|
||||
+++ b/src/ausearch-common.h
|
||||
@@ -50,7 +50,7 @@ extern pid_t event_pid;
|
||||
extern int event_exact_match;
|
||||
extern uid_t event_uid, event_euid, event_loginuid;
|
||||
extern const char *event_tuid, *event_teuid, *event_tauid;
|
||||
-slist *event_node_list;
|
||||
+extern slist *event_node_list;
|
||||
extern const char *event_comm;
|
||||
extern const char *event_filename;
|
||||
extern const char *event_hostname;
|
|
@ -1,52 +0,0 @@
|
|||
From 6b09724c69d91668418ddb3af00da6db6755208c Mon Sep 17 00:00:00 2001
|
||||
From: Steve Grubb <sgrubb@redhat.com>
|
||||
Date: Thu, 2 Sep 2021 15:01:12 -0400
|
||||
Subject: [PATCH] Make IPX packet interpretation dependent on the ipx header
|
||||
file existing
|
||||
|
||||
--- a/auparse/interpret.c
|
||||
+++ b/auparse/interpret.c
|
||||
@@ -44,8 +44,10 @@
|
||||
#include <linux/ax25.h>
|
||||
#include <linux/atm.h>
|
||||
#include <linux/x25.h>
|
||||
-#include <linux/if.h> // FIXME: remove when ipx.h is fixed
|
||||
-#include <linux/ipx.h>
|
||||
+#ifdef HAVE_IPX_HEADERS
|
||||
+ #include <linux/if.h> // FIXME: remove when ipx.h is fixed
|
||||
+ #include <linux/ipx.h>
|
||||
+#endif
|
||||
#include <linux/capability.h>
|
||||
#include <sys/personality.h>
|
||||
#include <sys/prctl.h>
|
||||
@@ -1158,6 +1160,7 @@ static const char *print_sockaddr(const
|
||||
x->sax25_call.ax25_call[6]);
|
||||
}
|
||||
break;
|
||||
+#ifdef HAVE_IPX_HEADERS
|
||||
case AF_IPX:
|
||||
{
|
||||
const struct sockaddr_ipx *ip =
|
||||
@@ -1167,6 +1170,7 @@ static const char *print_sockaddr(const
|
||||
str, ip->sipx_port, ip->sipx_network);
|
||||
}
|
||||
break;
|
||||
+#endif
|
||||
case AF_ATMPVC:
|
||||
{
|
||||
const struct sockaddr_atmpvc* at =
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -414,6 +414,12 @@ if test x"$LIBWRAP_LIBS" != "x"; then
|
||||
AC_DEFINE_UNQUOTED(HAVE_LIBWRAP, [], Define if tcp_wrappers support is enabled )
|
||||
fi
|
||||
|
||||
+# linux/ipx.h - deprecated in 2018
|
||||
+AC_CHECK_HEADER(linux/ipx.h, ipx_headers=yes, ipx_headers=no)
|
||||
+if test $ipx_headers = yes ; then
|
||||
+ AC_DEFINE(HAVE_IPX_HEADERS,1,[IPX packet interpretation])
|
||||
+fi
|
||||
+
|
||||
# See if we want to support lower capabilities for plugins
|
||||
LIBCAP_NG_PATH
|
||||
|
Loading…
Reference in New Issue