diff options
Diffstat (limited to 'package/network/services')
15 files changed, 72 insertions, 44 deletions
diff --git a/package/network/services/dnsmasq/Makefile b/package/network/services/dnsmasq/Makefile index 3f12a40cd3..3f70275b92 100644 --- a/package/network/services/dnsmasq/Makefile +++ b/package/network/services/dnsmasq/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dnsmasq -PKG_VERSION:=2.75 -PKG_RELEASE:=7 +PKG_VERSION:=2.76 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq -PKG_MD5SUM:=887236f1ddde6eb57cdb9d01916c9f72 +PKG_MD5SUM:=00f5ee66b4e4b7f14538bf62ae3c9461 PKG_LICENSE:=GPL-2.0 PKG_LICENSE_FILES:=COPYING diff --git a/package/network/services/dnsmasq/patches/100-fix-dhcp-no-address-warning.patch b/package/network/services/dnsmasq/patches/100-fix-dhcp-no-address-warning.patch index f5b5ca04ec..5fc62ffab3 100644 --- a/package/network/services/dnsmasq/patches/100-fix-dhcp-no-address-warning.patch +++ b/package/network/services/dnsmasq/patches/100-fix-dhcp-no-address-warning.patch @@ -1,15 +1,15 @@ --- a/src/dhcp.c +++ b/src/dhcp.c -@@ -146,7 +146,7 @@ void dhcp_packet(time_t now, int pxe_fd) - struct iovec iov; +@@ -147,7 +147,7 @@ void dhcp_packet(time_t now, int pxe_fd) ssize_t sz; int iface_index = 0, unicast_dest = 0, is_inform = 0; + int rcvd_iface_index; - struct in_addr iface_addr; + struct in_addr iface_addr, *addrp = NULL; struct iface_param parm; #ifdef HAVE_LINUX_NETWORK struct arpreq arp_req; -@@ -275,11 +275,9 @@ void dhcp_packet(time_t now, int pxe_fd) +@@ -277,11 +277,9 @@ void dhcp_packet(time_t now, int pxe_fd) { ifr.ifr_addr.sa_family = AF_INET; if (ioctl(daemon->dhcpfd, SIOCGIFADDR, &ifr) != -1 ) @@ -23,7 +23,7 @@ } for (tmp = daemon->dhcp_except; tmp; tmp = tmp->next) -@@ -298,7 +296,7 @@ void dhcp_packet(time_t now, int pxe_fd) +@@ -300,7 +298,7 @@ void dhcp_packet(time_t now, int pxe_fd) parm.relay_local.s_addr = 0; parm.ind = iface_index; @@ -32,7 +32,7 @@ { /* If we failed to match the primary address of the interface, see if we've got a --listen-address for a secondary */ -@@ -318,6 +316,12 @@ void dhcp_packet(time_t now, int pxe_fd) +@@ -320,6 +318,12 @@ void dhcp_packet(time_t now, int pxe_fd) complete_context(match.addr, iface_index, NULL, match.netmask, match.broadcast, &parm); } diff --git a/package/network/services/dnsmasq/patches/210-dnssec-improve-timestamp-heuristic.patch b/package/network/services/dnsmasq/patches/210-dnssec-improve-timestamp-heuristic.patch index 81fbf185b1..ca5a806696 100644 --- a/package/network/services/dnsmasq/patches/210-dnssec-improve-timestamp-heuristic.patch +++ b/package/network/services/dnsmasq/patches/210-dnssec-improve-timestamp-heuristic.patch @@ -10,7 +10,7 @@ Signed-off-by: Steven Barth <steven@midlink.org> --- a/src/dnssec.c +++ b/src/dnssec.c -@@ -429,17 +429,24 @@ static time_t timestamp_time; +@@ -462,17 +462,24 @@ static time_t timestamp_time; int setup_timestamp(void) { struct stat statbuf; @@ -36,7 +36,7 @@ Signed-off-by: Steven Barth <steven@midlink.org> { /* time already OK, update timestamp, and do key checking from the start. */ if (utime(daemon->timestamp_file, NULL) == -1) -@@ -460,7 +467,7 @@ int setup_timestamp(void) +@@ -493,7 +500,7 @@ int setup_timestamp(void) close(fd); diff --git a/package/network/services/dnsmasq/patches/230-fix-poll-h-include-warning-on-musl.patch b/package/network/services/dnsmasq/patches/230-fix-poll-h-include-warning-on-musl.patch new file mode 100644 index 0000000000..19300f7d66 --- /dev/null +++ b/package/network/services/dnsmasq/patches/230-fix-poll-h-include-warning-on-musl.patch @@ -0,0 +1,18 @@ +dnsmasq: fix warning with poll.h include on musl + +Warning is: + #warning redirecting incorrect #include <sys/poll.h> to <poll.h> + +Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk> + +--- a/src/dnsmasq.h ++++ b/src/dnsmasq.h +@@ -82,7 +82,7 @@ typedef unsigned long long u64; + #if defined(HAVE_SOLARIS_NETWORK) + # include <sys/sockio.h> + #endif +-#include <sys/poll.h> ++#include <poll.h> + #include <sys/wait.h> + #include <sys/time.h> + #include <sys/un.h> diff --git a/package/network/services/dropbear/Makefile b/package/network/services/dropbear/Makefile index 8d4e7bc7fa..c873611688 100644 --- a/package/network/services/dropbear/Makefile +++ b/package/network/services/dropbear/Makefile @@ -8,14 +8,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dropbear -PKG_VERSION:=2015.71 -PKG_RELEASE:=3 +PKG_VERSION:=2016.73 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:= \ http://matt.ucc.asn.au/dropbear/releases/ \ https://dropbear.nl/mirror/releases/ -PKG_MD5SUM:=2ccc0a2f3e37ca221db12c5af6a88137 +PKG_MD5SUM:=8d6d78ce60ca52350ec04fcbd711ce9b PKG_LICENSE:=MIT PKG_LICENSE_FILES:=LICENSE libtomcrypt/LICENSE libtommath/LICENSE diff --git a/package/network/services/dropbear/patches/120-openwrt_options.patch b/package/network/services/dropbear/patches/120-openwrt_options.patch index f020208090..f16aaf001e 100644 --- a/package/network/services/dropbear/patches/120-openwrt_options.patch +++ b/package/network/services/dropbear/patches/120-openwrt_options.patch @@ -61,7 +61,7 @@ /* ECDSA is significantly faster than RSA or DSS. Compiling in ECC * code (either ECDSA or ECDH) increases binary size - around 30kB * on x86-64 */ -@@ -189,7 +189,7 @@ If you test it please contact the Dropbe +@@ -194,7 +194,7 @@ If you test it please contact the Dropbe /* Whether to print the message of the day (MOTD). This doesn't add much code * size */ @@ -70,7 +70,7 @@ /* The MOTD file path */ #ifndef MOTD_FILENAME -@@ -237,7 +237,7 @@ Homedir is prepended unless path begins +@@ -242,7 +242,7 @@ Homedir is prepended unless path begins * note that it will be provided for all "hidden" client-interactive * style prompts - if you want something more sophisticated, use * SSH_ASKPASS instead. Comment out this var to remove this functionality.*/ diff --git a/package/network/services/dropbear/patches/130-ssh_ignore_o_and_x_args.patch b/package/network/services/dropbear/patches/130-ssh_ignore_o_and_x_args.patch deleted file mode 100644 index bf1641b8bf..0000000000 --- a/package/network/services/dropbear/patches/130-ssh_ignore_o_and_x_args.patch +++ /dev/null @@ -1,21 +0,0 @@ ---- a/cli-runopts.c -+++ b/cli-runopts.c -@@ -284,6 +284,10 @@ void cli_getopts(int argc, char ** argv) - debug_trace = 1; - break; - #endif -+ case 'o': -+ next = &dummy; -+ case 'x': -+ break; - case 'F': - case 'e': - #ifndef ENABLE_USER_ALGO_LIST -@@ -301,7 +305,6 @@ void cli_getopts(int argc, char ** argv) - print_version(); - exit(EXIT_SUCCESS); - break; -- case 'o': - case 'b': - next = &dummy; - default: diff --git a/package/network/services/dropbear/patches/130-ssh_ignore_x_args.patch b/package/network/services/dropbear/patches/130-ssh_ignore_x_args.patch new file mode 100644 index 0000000000..ab09c2f3dc --- /dev/null +++ b/package/network/services/dropbear/patches/130-ssh_ignore_x_args.patch @@ -0,0 +1,11 @@ +--- a/cli-runopts.c ++++ b/cli-runopts.c +@@ -296,6 +296,8 @@ void cli_getopts(int argc, char ** argv) + debug_trace = 1; + break; + #endif ++ case 'x': ++ break; + case 'F': + case 'e': + #ifndef ENABLE_USER_ALGO_LIST diff --git a/package/network/services/dropbear/patches/140-disable_assert.patch b/package/network/services/dropbear/patches/140-disable_assert.patch index 667d69cb38..78b54acfa0 100644 --- a/package/network/services/dropbear/patches/140-disable_assert.patch +++ b/package/network/services/dropbear/patches/140-disable_assert.patch @@ -1,6 +1,6 @@ --- a/dbutil.h +++ b/dbutil.h -@@ -88,7 +88,11 @@ int m_str_to_uint(const char* str, unsig +@@ -78,7 +78,11 @@ int m_str_to_uint(const char* str, unsig #define DEF_MP_INT(X) mp_int X = {0, 0, 0, NULL} /* Dropbear assertion */ diff --git a/package/network/services/dropbear/patches/500-set-default-path.patch b/package/network/services/dropbear/patches/500-set-default-path.patch index 3f65250a97..da6b9ae0ce 100644 --- a/package/network/services/dropbear/patches/500-set-default-path.patch +++ b/package/network/services/dropbear/patches/500-set-default-path.patch @@ -1,6 +1,6 @@ --- a/options.h +++ b/options.h -@@ -347,7 +347,9 @@ be overridden at runtime with -I. 0 disa +@@ -352,7 +352,9 @@ be overridden at runtime with -I. 0 disa #define DEFAULT_IDLE_TIMEOUT 0 /* The default path. This will often get replaced by the shell */ diff --git a/package/network/services/mdns/Makefile b/package/network/services/mdns/Makefile index 2f467e3e4c..ec4efa7d4c 100644 --- a/package/network/services/mdns/Makefile +++ b/package/network/services/mdns/Makefile @@ -17,7 +17,7 @@ PKG_SOURCE_URL=$(OPENWRT_GIT)/project/mdnsd.git PKG_SOURCE_PROTO:=git PKG_SOURCE_VERSION:=ae8773477c31b741ba8b47f8898e4c0a1c834b85 -PKG_MAINTAINER:=John Crispin <blogic@openwrt.org> +PKG_MAINTAINER:=John Crispin <john@phrozen.org> PKG_LICENSE:=LGPL-2.1 include $(INCLUDE_DIR)/package-seccomp.mk diff --git a/package/network/services/openvpn/Makefile b/package/network/services/openvpn/Makefile index 6c68b49ac4..19f78bc508 100644 --- a/package/network/services/openvpn/Makefile +++ b/package/network/services/openvpn/Makefile @@ -9,12 +9,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openvpn -PKG_VERSION:=2.3.10 +PKG_VERSION:=2.3.11 PKG_RELEASE:=1 PKG_SOURCE_URL:=http://swupdate.openvpn.net/community/releases PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz -PKG_MD5SUM:=8831ded42db4317e287157b6b8cba74c +PKG_MD5SUM:=0f5f1ca1dc5743fa166d93dd4ec952f014b5f33bafd88f0ea34b455cae1434a7 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION) @@ -73,7 +73,6 @@ define Build/Configure --disable-plugins \ --disable-debug \ --disable-pkcs11 \ - --enable-password-save \ $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_LZO),--enable,--disable)-lzo \ $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_X509_ALT_USERNAME),enable,disable-x509-alt-username)-ssl \ $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_SERVER),--enable,--disable)-server \ diff --git a/package/network/services/openvpn/files/openvpn.init b/package/network/services/openvpn/files/openvpn.init index 5396d0bf47..6dac7b3fa1 100644 --- a/package/network/services/openvpn/files/openvpn.init +++ b/package/network/services/openvpn/files/openvpn.init @@ -121,7 +121,7 @@ start_instance() { reneg_bytes reneg_pkts reneg_sec \ replay_persist replay_window resolv_retry route route_delay route_gateway \ route_metric route_pre_down route_up rport script_security secret server server_bridge setenv shaper sndbuf \ - socks_proxy status status_version syslog tcp_queue_limit tls_auth \ + socks_proxy status status_version syslog tcp_queue_limit tls_auth tls_version_min \ tls_cipher tls_remote tls_timeout tls_verify tmp_dir topology tran_window \ tun_mtu tun_mtu_extra txqueuelen user verb down push up \ verify_x509_name x509_username_field \ diff --git a/package/network/services/openvpn/patches/100-polarssl-disable-runtime-version-check.patch b/package/network/services/openvpn/patches/100-polarssl-disable-runtime-version-check.patch index 73ab40649d..bd8e5b780d 100644 --- a/package/network/services/openvpn/patches/100-polarssl-disable-runtime-version-check.patch +++ b/package/network/services/openvpn/patches/100-polarssl-disable-runtime-version-check.patch @@ -1,6 +1,6 @@ --- a/src/openvpn/ssl_polarssl.c +++ b/src/openvpn/ssl_polarssl.c -@@ -1153,7 +1153,7 @@ const char * +@@ -1151,7 +1151,7 @@ const char * get_ssl_library_version(void) { static char polar_version[30]; diff --git a/package/network/services/openvpn/patches/101-remove_polarssl_debug_call.patch b/package/network/services/openvpn/patches/101-remove_polarssl_debug_call.patch new file mode 100644 index 0000000000..3cef32395e --- /dev/null +++ b/package/network/services/openvpn/patches/101-remove_polarssl_debug_call.patch @@ -0,0 +1,21 @@ +openvpn: remove call to PolarSSL debug function + +OpenVPN >=2.3.11 uses PolarSSL debug functions for improved logging. +This requires that PolarSSL is built with POLARSSL_DEBUG_C, which increases +its size significantly. + +This change does not impact OpenVPN operation, see: +https://sourceforge.net/p/openvpn/mailman/message/35153943/ + +Signed-off-by: Magnus Kroken <mkroken@gmail.com> + +--- a/src/openvpn/ssl_polarssl.c ++++ b/src/openvpn/ssl_polarssl.c +@@ -742,7 +742,7 @@ void key_state_ssl_init(struct key_state + if (polar_ok(ssl_init(ks_ssl->ctx))) + { + /* Initialise SSL context */ +- debug_set_threshold(3); ++ /*debug_set_threshold(3);*/ + ssl_set_dbg (ks_ssl->ctx, my_debug, NULL); + ssl_set_endpoint (ks_ssl->ctx, ssl_ctx->endpoint); |