Remove hack to avoid readline host dependency, now that readline is
being host/built.
Pass on HOST_CFLAGS, HOST_CPPFLAGS, & HOST_LDFLAGS, to fix buildbots
host-compile errors about not finding openssl headers.
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
(cherry-picked from e3c6fcb796)
Update commit 3d59ce6f50 ("lighttpd: update to 1.4.48") resulted in
plain auth regression: it simply stopped working with:
(mod_auth.c.525) password doesn't match for (...)
appearing on every authentication try.
This regression was fixed in 1.4.49 release. Backport the fix instead of
updating to the 1.4.49 to avoid risking more/other regressions.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 4cc0c88713)
Not all interfaces may have been allocated address at nlbwmon startup so
it may not collect statistics as expected/configured.
Add interface triggers to catch dhcp events and restart as required.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 662d3f16d2)
Even on a powerful platform a nlbwmon process'
activities are sometimes affecting throoughput and
latency. This is a backgroud process, that should not
be running with default priority.
Even if it is a little deplayed, that is not a worry in
this case. The routing should be the main priority,
bandwidth stats collection can wait a bit.
Tested on Netgear R7800
Signed-off-by: Marc Benoit <marcb62185@gmail.com>
(cherry picked from commit 9b3ecbd64a)
Update to latest Git HEAD in order to solve a number of issues.
- Improves MAC address lookup reliability
- Properly counts DNAT-ed connections (e.g. for port forwards)
- Fixes stack corruption when parsing netlink records
- Fixes deletion of gzipped databases
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 70858690c0)
Define package config files to preserve
/usr/share/nlbwmon/protocols across sysupgrade
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
(cherry picked from commit 2305de5f2e)
When the server hostname resolved to both IPv4 and IPv6 addresses,
connecting would fail with nothing in syslog. This corrects that oversight.
Originally signedoffby: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us>
cherry picked from ca56324
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
I got into troubles to be behind a proxy and my build then fails
because it cannot connect to git://github.com urls
To avoid such problems for others I think it is useful to replace
them for the whole repo. This changes make it work for me again.
Signed-off-by: Matthias Kesler <krombel@krombel.de>
If we're built with CONFIG_LIGHTTPD_SSL then mod_openssl.so should
be included into the base package. Fixes issue #5343.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
All of the bugs for which we had patches have been fixed upstream
in 1.4.46, so the patches can be dropped.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Conflicts:
net/lighttpd/Makefile
The script removes the UCI option ucitrack.@sqm[0] if present and then
returns success. If that UCI option is already absent however, the
script incorrectly returns failure, which blocks upgrade of the
luci-app-sqm package.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Add dependency on ca-bundle without which the HTTPS fetches fail.
Add "-x" option to force HTTP/1.1 instead of HTTP/2.0
Add a workaround for bug in libcurl <7.530 that prevents it from
working at all when built with mbedtls.
Signed-off-by: Darren Tucker <dtucker@dtucker.net>
Acked-by: Aaron Drew <aarond10@gmail.com>
A vulnerability was discovered in the processing of wildcard synthesized
NSEC records. While synthesis of NSEC records is allowed by RFC4592,
these synthesized owner names should not be used in the NSEC processing.
This does, however, happen in Unbound 1.6.7 and earlier versions.
(see https://unbound.net/downloads/CVE-2017-15105.txt)
Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
Backport the update to 1.19.2 from master.
Fixes e.g. CVE-2017-13089 and CVE-2017-13090
(tested in my own ipq806x and ar71xx lede-17.01 builds)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Since commit 4739584c24 the status of the
interface is not reported correctly anymore. To fix this issue do not test
if the routing table is presented use instead the "/var/run/iface_state/[iface]"
to get the interface state because the routing table will not get deleted
anymore if the interface is offline.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
As jool builds a kernel module, a PKG_BUILD_DIR under KERNEL_BUILD_DIR must
be used to avoid reusing build artifacts when switching to a different
target of the same architecture. Otherwise, kernel ABI mismatches may
result, leading to an unusuable module, or build failures like the
following:
Package kmod-jool is missing dependencies for the following libraries:
crypto_hash.ko
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
WireGuard is well documented for being an experimental project, not
currently ready to be stabilized. As such, it's important for packagers
to always keep the project up to date in all contexts.
However, it is common for some projects, such as LEDE/OpenWrt to have
stable branches, which don't expect a lot of churn or modification.
The WireGuard that happened to ship with 17.01 is broken and crufty and
shouldn't be used at all. It's highly unlikely that there's anybody out
there even using it; it won't work with anything else.
So, this commit updates the 17.01 package to the latest upstream
version. Because the 17.01 stable branch can't be updated all the time,
it's important that this bump here in this commit is a stable one.
I believe 0.0.20171005 to be a fairly stable snapshot, which should be
suitable for the 17.01 branch. As stated earlier, the 0.0.20170115
currently in this branch is highly problematic. 0.0.20171005 offers
extremely important changes.
I'll continue to send package bumps for 17.01, but only for snapshot
releases that I think fix an important bug or provide a noted increase
in stability, or have similar goals to this commit.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Eneas U de Queiroz