aboutsummaryrefslogtreecommitdiffstats
path: root/package/libs
Commit message (Collapse)AuthorAgeFilesLines
* libusb: Update to 1.0.21Daniel Engberg2017-01-031-2/+2
| | | | | | Update libusb to 1.0.21 Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* uclient: Update to 2016-12-09Florian Fainelli2017-01-021-3/+3
| | | | | | | | | | Brings in the following changes: 52d955fd802a remove obsolete mac os x /opt/local include/library search path a4e49b4163b2 Fix unused results warnings 48cfff3fbec9 uclient-http: send correct "Host:" header if port is set Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* ustream-ssl: remove extra DEFAULT_VARIANT from libustream-polarsslHannu Nyman2016-12-301-2/+1
| | | | | | | | | Currently both libustream-polarssl and libustream-mbedtls variants define themselves as the DEFAULT_VARIANT Remove extra DEFAULT_VARIANT from libustream-polarssl. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* mbedtls: enable DHE-RSA key exchangeMagnus Kroken2016-12-301-9/+0
| | | | | | | | | | | | Later OpenVPN 2.3-openssl versions only enable TLS cipher suites with perfect forward secrecy, i.e. DHE and ECDHE cipher suites. ECDHE key exchange is not supported by OpenVPN 2.3-openssl, enable DHE key exchange to allow LEDE OpenVPN 2.4-mbedtls clients to connect to such servers. Signed-off-by: Magnus Kroken <mkroken@gmail.com> Reported-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com> Reported-by: Lucian Cristian <luci@createc.ro>
* mbedtls: enable secp384r1 elliptic curve supportMagnus Kroken2016-12-301-2/+1
| | | | | | | | | Secp384r1 is the default curve for OpenVPN 2.4+. Enable this to make OpenVPN-mbedtls clients able to perform ECDHE key exchange with remote OpenVPN 2.4-openssl servers that use the default OpenVPN curve. Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* mbedtls: enable support for external private RSA keys to fix openvpn build issueFelix Fietkau2016-12-281-9/+0
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* libpcap: Fix build when PACKAGECONFIG ipv6 is not enabledZefir Kurtisi2016-12-242-0/+108
| | | | | | | | | | | | | | | | | | Add patches provided upstream [1] by Fabio Berton to fix error: > ./gencode.c: In function 'pcap_compile': > ./gencode.c:693:8: error: 'compiler_state_t {aka struct _compiler_state}' has no member named 'ai' > cstate.ai = NULL; > ^ > ./gencode.c: In function 'gen_gateway': > ./gencode.c:4914:13: error: 'cstate' undeclared (first use in this function) > bpf_error(cstate, "direction applied to 'gateway'"); > ^ [1] https://github.com/the-tcpdump-group/libpcap/pull/541 Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br> Tested-by: Zefir Kurtisi <zefir.kurtisi@neratec.com>
* ncurses: rename libncursesw to libncurses (more common name)Felix Fietkau2016-12-221-4/+4
| | | | | | provide libncursesw via PROVIDES instead Signed-off-by: Felix Fietkau <nbd@nbd.name>
* treewide: clean up and unify PKG_VERSION for git based downloadsFelix Fietkau2016-12-226-27/+15
| | | | | | Also use default defintions for PKG_SOURCE_SUBDIR, PKG_SOURCE Signed-off-by: Felix Fietkau <nbd@nbd.name>
* gettext-full: enforce only static lib on the host buildAlexandru Ardelean2016-12-221-0/+2
| | | | | | | | | | | | | | | | | | | | Sometimes I'm getting error on the host-side build: ``` /usr/lib64/gcc/x86_64-suse-linux/4.8/../../../../x86_64-suse-linux/bin/ld: /home/sandu/work/lede/staging_dir/host/lib/liblzma.a(liblzma_la-common.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a shared object; recompile with -fPIC /home/sandu/work/lede/staging_dir/host/lib/liblzma.a: error adding symbols: Bad value collect2: error: ld returned 1 exit status Makefile:2847: recipe for target 'libgettextlib.la' failed make[9]: *** [libgettextlib.la] Error 1 make[9]: Leaving directory '/home/sandu/work/lede/build_dir/target-x86_64_musl-1.1.15/host/gettext-0.19.8.1/gettext-tools/gnulib-lib' Makefile:2597: recipe for target 'all' failed ``` Disabling the shared-lib build, seems to fix this. This is when building glib2 on the host-side. glib2 is required by newer QEMU package [which is in the feeds]. Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* ncurses: set ABI_VERSION to avoid running into rebuild issuesFelix Fietkau2016-12-201-0/+1
| | | | | | | When the version changes, this will force rebuild of packages depending on it. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* libs/cyassl: re-enable the stunnel flagFelix Fietkau2016-12-201-1/+3
| | | | | | | | This partially reverts commit 15734b023b7e04d12d258ea28bfb5e6e735f10b7. --enable-stunnel was actually important and properly described in commit 9b118cde898e. Removing it broke ustream-cyassl Signed-off-by: Felix Fietkau <nbd@nbd.name>
* libnl-tiny: define _GNU_SOURCE if not definedAlexandru Ardelean2016-12-201-0/+2
| | | | | | | | If _GNU_SOURCE was added as part of a package's TARGET_CFLAGS, then compilation would fail for that module (especially if warnings get treated as errors). Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* libs/cyassl: Enable multithreading, drop stunnelDaniel Engberg2016-12-201-3/+1
| | | | | | | More and more platforms are multicore SoCs, don't enforce singlethreading. Drop stunnel option as stunnel code isn't available for download from upstream website. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* libs/ncurses: update to 6.0p-wassi2016-12-207-116/+32
| | | | | | Update libncurses to upstream release 6.0 Signed-off-by: Paul Wassi <p.wassi@gmx.at>
* treewide: clean up download hashesFelix Fietkau2016-12-1640-39/+40
| | | | | | Replace *MD5SUM with *HASH, replace MD5 hashes with SHA256 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* libs/libpcap: update to 1.8.1p-wassi2016-12-148-202/+81
| | | | | | | | | | Update libpcap to upstream release 1.8.1 Change the name from libpcap.so.1.3 to libpcap.so.1 Remove parts of patch 201 which moved code among src files. Import patch 204 from Debian to update the USB path. Signed-off-by: Paul Wassi <p.wassi@gmx.at> Signed-off-by: Felix Fietkau <nbd@nbd.name> [fix parallel build bug]
* mbedtls: tune config to reduce size and improve performanceFelix Fietkau2016-12-121-5/+43
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mbedtls: sync with polarssl configFelix Fietkau2016-12-121-9/+80
| | | | | | | One of those changes is re-enabling blowfish support to make openvpn-mbedtls compatible with common configurations Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mbedtls: enable MBEDTLS_DHM_CMagnus Kroken2016-12-122-10/+1
| | | | | | | This option is required by OpenVPN, and OpenVPN 2.4 uses mbedTLS 2.x. DHM_C is also already enabled in the PolarSSL 1.3.x config.h. Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* libs: libnetfilter-queue: update to a newer version in git repoAlexandru Ardelean2016-12-042-34/+36
| | | | | | | | | Last release of libnetfilter-queue was in 2012. There don't seem to be any release tarballs since then. This updates it to a more recent version, pointing to the git repo. Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* cyassl: update to wolfssl version 3.9.10Hauke Mehrtens2016-12-031-2/+2
| | | | | | | | | | This fixes the following security problems: CVE-2016-7440: Software AES table lookups do not properly consider cache-bank access times CVE-2016-7439: Software RSA does not properly consider cache-bank monitoring CVE-2016-7438: Software ECC does not properly consider cache-bank monitoring SWEET32 Attack Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mbedtls: update to version 2.4.0Hauke Mehrtens2016-12-033-46/+25
| | | | | | This fixes two minor security problems. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* polarssl: update to version 1.3.18Hauke Mehrtens2016-12-032-17/+17
| | | | | | This fixes two minor security problems. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* libubox: update to the latest versionFelix Fietkau2016-12-011-3/+3
| | | | | | | - Improves C++ compatibility - Adds static initializers for the kvlist API Signed-off-by: Felix Fietkau <nbd@nbd.name>
* libnl-tiny: Remove GENL_ID_GENERATEFlorian Fainelli2016-11-241-1/+1
| | | | | | | | | | | This constant was always defined to 0, and recently got removed in upstream commit a07ea4d9941af5a0c6f0be2a71b51ac9c083c5e5 ("genetlink: no longer support using static family IDs") Fixes libnl-tiny builds with latest upstream kernels. Fixes: d723f2573af3 ("libnl-tiny: remove include/linux overrides to fix various build issues") Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* libnl-tiny: remove include/linux overrides to fix various build issuesFelix Fietkau2016-11-175-506/+0
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* libnetfilter-conntrack: update to v1.0.6Jo-Philipp Wich2016-11-141-2/+2
| | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* nettle: enable fat buildNikos Mavrogiannopoulos2016-11-141-0/+1
| | | | | | | | | This allows to include optimizations such as ARM neon which are detected on run-time. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> [Jo-Philipp Wich: picked from openwrt#191 and rebased onto LEDE master] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* elfutils: bump to 0.167Luiz Angelo Daros de Luca2016-11-038-134/+16
| | | | Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
* libreadline: set ABI_VERSION to force rebuild of dependent packagesFelix Fietkau2016-10-191-0/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* libs/gettext: drop Build/Prepare rule in favor of default oneAlexandru Ardelean2016-10-151-5/+0
| | | | Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* libs/libiconv: drop Build/Prepare rule in favor of default oneAlexandru Ardelean2016-10-151-5/+0
| | | | Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* libs/libnl-tiny: drop Build/Prepare rule in favor of default oneAlexandru Ardelean2016-10-151-5/+0
| | | | Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* package/libs/libreadline: Update to 7.0Daniel Engberg2016-10-151-4/+4
| | | | | | Update libreadline to 7.0 Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* package/libs/libconfig: Update to 1.5Daniel Engberg2016-10-151-2/+2
| | | | | | Update libconfig to 1.5 Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* package/libs/libnftnl: Update to 1.0.6Daniel Engberg2016-10-151-3/+3
| | | | | | Update libnftnl to 1.0.6 Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* package/libs/libtool: Switch to xz tarballDaniel Engberg2016-10-151-2/+2
| | | | | | Switch to xz tarball, there's no point pulling two different tarballs of the same source code (tools/libtool uses xz). Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* package/libs/nettle: Update to 3.3Daniel Engberg2016-10-151-2/+2
| | | | | | Update to 3.3 Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* package/libs/libnl: Update to 3.2.28Daniel Engberg2016-10-152-16/+3
| | | | | | | Update to 3.2.28 Remove patch as its in upstream Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* package/libs/libmnl: Update to 1.0.4Daniel Engberg2016-10-152-419/+3
| | | | | | | * Update to 1.0.4 * Remove patch as it's upstreamed Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* mbedtls: enable NIST curves optimisation.Kevin Darbyshire-Bryant2016-10-131-9/+0
| | | | | | | | | | | | | luci using ustream-mbedtls is extremely slow vs ustream-polarssl. polarssl alias mbedtls v1 is configured to use NIST prime speed optimisation, so no longer disable the default optimisation for mbedtls v2. Compile & run tested: Archer C7v2 Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk> [Jo-Philipp Wich: refresh patch to use common format] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* gettext-full: update to 0.19.8.1Dirk Neukirchen2016-10-135-10/+20
| | | | | | | | | - unify configs of host/target - disable stuff to decrease build time - disable interactive gettextize: see http://lists.busybox.net/pipermail/buildroot/2014-April/093394.html Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
* gettext: fix whitespaceDirk Neukirchen2016-10-131-1/+1
| | | | Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
* source: Switch to xz for packages and tools where possibleDaniel Engberg2016-10-065-7/+10
| | | | | | | | | | | * Change git packages to xz * Update mirror checksums in packages where they are used * Change a few source tarballs to xz if available upstream * Remove unused lines in packages we're touching, requested by jow- and blogic * We're relying more on xz-utils so add official mirror as primary source, master site as secondary. * Add SHA256 checksums to multiple git tarball packages Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* toolchain: Force installation into /libFlorian Fainelli2016-09-281-24/+16
| | | | | | | | For 64-bit capable systems, a symbolic link is set up for /lib64 to point to /lib, so make sure the installation goes into /lib, irrespective of where the C library files come from in an external toolchain. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* openssl: update to 1.0.2jMagnus Kroken2016-09-273-49/+2
| | | | | | | | | | | | | | A bug fix which included a CRL sanity check was added to OpenSSL 1.1.0 but was omitted from OpenSSL 1.0.2i. As a result any attempt to use CRLs in OpenSSL 1.0.2i will crash with a null pointer exception. Patches applied upstream: * 301-fix_no_nextprotoneg_build.patch * 302-Fix_typo_introduced_by_a03f81f4.patch Security advisory: https://www.openssl.org/news/secadv/20160926.txt Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* openssl: Make DTLS configurable.Rosen Penev2016-09-272-0/+10
| | | | Signed-off by: Rosen Penev <rosenp@gmail.com>
* openssl: Remove J-PAKE. Nothing uses it.Rosen Penev2016-09-271-1/+2
| | | | Signed-off by: Rosen Penev <rosenp@gmail.com>
* libjson-c: Update to 0.12.1Daniel Engberg2016-09-272-26/+5
| | | | | | Updates libjson-c and removes backport patch. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>