Primarily a bugfix release for a CVE that doesn't affect lede/openwrt,
but also includes some websockets perfomance fixes.
Release notes at https://mosquitto.org/2017/07/version-1-4-13-released/
Signed-off-by: Karl Palsson <karlp@etactica.com>
In kernel commit f1160434c7658af3f7b0926b88df49a66cb3c3e0 many stats
that we read with zabbix-extra-mac80211 have been renamed
One commit after (c206ca670974cefec7ac3732db5c8156e8081a8d) those renamed
stats have been hidden behind MAC80211_DEBUG_COUNTERS compile flag
For now you have to edit mac80211 Makefile / do a custom build to access
most of these stats
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
The most important change is local redirects being disabled by default.
There is an option called cgi.local-redir that allows enabling this
optimization manually back if needed.
Local redirects were initially introduced in 1.4.40 but caused many
problems for *some* web services.
One of problems is breaking Post/Redirect/Get design pattern. With
redirects handled on server side there is no browser redirection making
it "lose" the POST data.
Another possible issue are HTML forms with action="". With CGI local
redirects browser may be sending form data to the wrong URL (the one
that was supposed to redirect the browser).
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
According to openconnect --help output:
-m, --mtu=MTU Request MTU from server
--base-mtu=MTU Indicate path MTU to/from server
Fixes#2099 by allowing setting tunnel mtu
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
It was introduced with 41f8d5465 ("openconnect: fix a couple of minor
things and add an interface option") and not needed since 4083de9d7
("openconnect: use proto_add_host_dependency")
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* create /etc/vsftpd directory for extra config files
like userlist, certificate and key
* modify config file to use that directory
* include that directory in conffiles for backup
* use PKG_HASH
* update URL
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 3f390c5509)
Full changelog available at:
https://mosquitto.org/2017/02/version-1-4-11-released/
Mostly ipv6 and websockets fixes, but requires a patch (submitted
upstream) to work around an accidental glibc dependency upstream.
Signed-off-by: Karl Palsson <karlp@etactica.com>
Adds the "notifications" option which is important when connecting
mosquitto to rabbitmq for instance.
Signed-off-by: Karl Palsson <karlp@etactica.com>
Earlier, PROVIDES handling was clarified for the broker and the library.
Use the same style to properly provide the -client-ssl and -client-nossl
packages.
Signed-off-by: Karl Palsson <karlp@etactica.com>
Enable collectd-mod-cpufreq also for armvirt to make it
available for ipq806x devices in LEDE buildbot builds.
LEDE phase2 buildbot for arm_cortex-a15_neon-vfpv4 that is
the package arch for ipq806x, uses armvirt SDK instead of
ipq806x SDK.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Description: fixes a crash with zero-length regex matches and further updates
Signed-off-by: Daniel Albers <Daniel.Albers@public-files.de>
(cherry picked from commit 249ae1f164)
The purpose of irqbalance is to distribute hardware interrupts across
processors/cores on a multiprocessor/-core system in order to increase
performance.
Only the cmd-line tool is compiled and installed.
Run-tested with ipq806x / R7800.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit c5913bd12d)
(cherry picked from commit c42ecd05a1)
(cherry picked from commit a1a96fc9fa)
Compile tested: LEDE HEAD
If unixodbc package is present in the environment, subversion
fails to compile due to missing dependencies.
Fixes the dependency on unixodbc if unixodbc package is selected.
Signed-off-by: Val Kulkov <val.kulkov@gmail.com>
(cherry picked from commit 06a529df35)
Backport an upstream fix for a DDoS vulnerability in the
network plugin: CVE-2017-7401
The patch has been adapted from the fix for 5.6 branch,
as 5.5 is already EoL in practice.
Run-tested with R7800/ipq806x.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Avoid using 'hg' (Mercurial) to download sources.
'hg' is not an official prerequisite and it is not installed
in all buildslaves in Openwrt and LEDE buildbots, which
leads to frequent build failures.
Download the .tar.gz source archive instead.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 74e53c4842)
trigger_b4_dl fails to build in the 17.01 buildbot and that causes
also three other modules to be unbuilt (userdir, usertrack, webdav).
As a quick fix, disable trigger_b4_dl to see if the three missing
modules then build ok in the buildbot.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
This reverts commit 18d7593c72.
Buildbot did not build the new version successfully due to
krb5 detection problems. Let's revert to the previous version,
so that 17.01.1 can be built in a stable way.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
cherry picked from commit 6e788aca0c
Hopefully this will fix compilation of some plugins in the 17.01 buildbot.
signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
procd interface triggers may be busy. Unbound hard restarts will
flush the cache. This might happen frequently depending on how
interface triggers occur.
Change the procd trigger to reduce occurences. Load this trigger
prior to netifd (START=20), but only truly start Unbound from
the trigger rather than immediately in init. Clean up log entries
in scripts after Unbound, NTP, and DNSSEC are established.
Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
Unbound is configured to restart on hotplug/iface but this can result
in numerous restarts at boot. Unbound also has a restart for NTP.
This was observed to generate trouble and even with procd robustness
too many crashes might occur (rare). Unbound would not be running.
Give more care to /var/lib/unbound/root.key during restarts. Use procd
for iface restarts. Check pidof() to wait one more second for Unbound.
Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
Karl Palsson