• R/O
  • HTTP
  • SSH
  • HTTPS

packages: Commit

Community maintained packages for ImmortalWrt.


Commit MetaInfo

Révisiond81825598f926cd49747ce2d87015500ee0362c6 (tree)
l'heure2022-05-25 22:12:29
AuteurTianling Shen <cnsztl@immo...>
CommiterTianling Shen

Message de Log

Merge Official Source

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>

Change Summary

Modification

--- a/libs/glib2/Makefile
+++ b/libs/glib2/Makefile
@@ -8,12 +8,12 @@
88 include $(TOPDIR)/rules.mk
99
1010 PKG_NAME:=glib2
11-PKG_VERSION:=2.70.4
11+PKG_VERSION:=2.70.5
1212 PKG_RELEASE:=$(AUTORELEASE)
1313
1414 PKG_SOURCE:=glib-$(PKG_VERSION).tar.xz
1515 PKG_SOURCE_URL:=@GNOME/glib/2.70
16-PKG_HASH:=ab3d176f3115dcc4e5d02db795984e04e4f4b48d836252e23e8c468e9d423c33
16+PKG_HASH:=f70bf76ebcc84e0705722f038be8e2f9a58d17e1a700810c635fcc18b8974b7e
1717
1818 PKG_MAINTAINER:=Peter Wagner <tripolar@gmx.at>
1919 PKG_LICENSE:=LGPL-2.1-or-later
@@ -65,7 +65,7 @@ COMP_ARGS= \
6565 -Doss_fuzz=disabled \
6666 -Dglib_debug=disabled \
6767 -Dglib_assert=false \
68- -Dglib_checks=false \
68+ -Dglib_checks=true \
6969 -Dlibelf=disabled
7070
7171 MESON_HOST_ARGS += $(COMP_ARGS) -Dxattr=false -Ddefault_library=static -Dnls=disabled
--- a/libs/libcoap/Makefile
+++ b/libs/libcoap/Makefile
@@ -79,7 +79,7 @@ endef
7979
8080 define Package/libcoap/install
8181 $(INSTALL_DIR) $(1)/usr/lib
82- $(CP) $(PKG_INSTALL_DIR)/usr/lib/libcoap-$(ABI_VERSION).so* $(1)/usr/lib/
82+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libcoap-$(ABI_VERSION)*.so* $(1)/usr/lib/
8383 endef
8484
8585 define Package/coap-client/install
--- a/libs/openldap/Makefile
+++ b/libs/openldap/Makefile
@@ -13,8 +13,7 @@ PKG_RELEASE:=$(AUTORELEASE)
1313
1414 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tgz
1515 PKG_SOURCE_URL:=https://gpl.savoirfairelinux.net/pub/mirrors/openldap/openldap-release/ \
16- http://mirror.eu.oneandone.net/software/openldap/openldap-release/ \
17- http://mirror.switch.ch/ftp/software/mirror/OpenLDAP/openldap-release/ \
16+ https://mirror.eu.oneandone.net/software/openldap/openldap-release/ \
1817 https://www.openldap.org/software/download/OpenLDAP/openldap-release/
1918 PKG_HASH:=81d09345232eb62486ecf5acacd2c56c0c45b4a6c8c066612e7f421a23a1cf87
2019 PKG_LICENSE:=OLDAP-2.8
@@ -44,7 +43,7 @@ define Package/libopenldap/Default
4443 CATEGORY:=Network
4544 SUBMENU:=OpenLDAP
4645 TITLE:=LDAP directory suite
47- URL:=http://www.openldap.org/
46+ URL:=https://www.openldap.org/
4847 MAINTAINER:=W. Michael Petullo <mike@flyn.org>
4948 endef
5049
--- a/net/acme/files/run.sh
+++ b/net/acme/files/run.sh
@@ -21,6 +21,7 @@ NGINX_WEBSERVER=0
2121 UPDATE_NGINX=0
2222 UPDATE_UHTTPD=0
2323 UPDATE_HAPROXY=0
24+NFT_HANDLE=
2425 USER_CLEANUP=
2526
2627 . /lib/functions.sh
@@ -126,19 +127,17 @@ pre_checks() {
126127 esac
127128 done
128129
129- iptables -I input_rule -p tcp --dport 80 -j ACCEPT -m comment --comment "ACME" || return 1
130- ip6tables -I input_rule -p tcp --dport 80 -j ACCEPT -m comment --comment "ACME" || return 1
131- debug "v4 input_rule: $(iptables -nvL input_rule)"
132- debug "v6 input_rule: $(ip6tables -nvL input_rule)"
130+ NFT_HANDLE=$(nft -a -e insert rule inet fw4 input tcp dport 80 counter accept comment ACME | grep -o 'handle [0-9]\+')
131+ ret=$?
132+ [ "$ret" -eq "0" ] || return 1
133+ debug "added nft rule: $NFT_HANDLE"
133134 return 0
134135 }
135136
136137 post_checks() {
137138 log "Running post checks (cleanup)."
138- # The comment ensures we only touch our own rules. If no rules exist, that
139- # is fine, so hide any errors
140- iptables -D input_rule -p tcp --dport 80 -j ACCEPT -m comment --comment "ACME" 2> /dev/null
141- ip6tables -D input_rule -p tcp --dport 80 -j ACCEPT -m comment --comment "ACME" 2> /dev/null
139+ # $NFT_HANDLE contains the string 'handle XX' so pass it unquoted to nft
140+ [ -n "$NFT_HANDLE" ] && nft delete rule inet fw4 input $NFT_HANDLE
142141
143142 if [ -e /etc/init.d/uhttpd ] && { [ -n "$UHTTPD_LISTEN_HTTP" ] || [ "$UPDATE_UHTTPD" -eq 1 ]; }; then
144143 if [ -n "$UHTTPD_LISTEN_HTTP" ]; then
--- a/net/openconnect/Config.in
+++ b/net/openconnect/Config.in
@@ -12,7 +12,7 @@ config OPENCONNECT_GNUTLS
1212
1313 config OPENCONNECT_OPENSSL
1414 bool "OpenSSL"
15- select OPENSSL_WITH_DEPRECATED
15+ select OPENSSL_WITH_DTLS
1616
1717 endchoice
1818
--- a/net/openconnect/Makefile
+++ b/net/openconnect/Makefile
@@ -35,7 +35,7 @@ endef
3535 define Package/openconnect
3636 SECTION:=net
3737 CATEGORY:=Network
38- DEPENDS:=+libxml2 +kmod-tun +resolveip +vpnc-scripts +OPENCONNECT_OPENSSL:libopenssl +OPENCONNECT_OPENSSL:p11-kit +OPENCONNECT_OPENSSL:libp11 +OPENCONNECT_GNUTLS:libgnutls +OPENCONNECT_GNUTLS:libtasn1 +OPENCONNECT_STOKEN:libstoken $(ICONV_DEPENDS) $(INTL_DEPENDS)
38+ DEPENDS:=+libxml2 +kmod-tun +vpnc-scripts +OPENCONNECT_OPENSSL:libopenssl +OPENCONNECT_OPENSSL:p11-kit +OPENCONNECT_OPENSSL:libp11 +OPENCONNECT_GNUTLS:libgnutls +OPENCONNECT_GNUTLS:libtasn1 +OPENCONNECT_STOKEN:libstoken $(ICONV_DEPENDS) $(INTL_DEPENDS)
3939 TITLE:=OpenConnect VPN client (Cisco AnyConnect and Juniper/Pulse compatible)
4040 MAINTAINER:=Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
4141 URL:=https://www.infradead.org/openconnect/
--- a/net/openconnect/files/openconnect.sh
+++ b/net/openconnect/files/openconnect.sh
@@ -62,13 +62,12 @@ proto_openconnect_setup() {
6262 usergroup \
6363 username \
6464
65- grep -q tun /proc/modules || insmod tun
6665 ifname="vpn-$config"
6766
6867 logger -t openconnect "initializing..."
6968
7069 logger -t "openconnect" "adding host dependency for $server at $config"
71- for ip in $(resolveip -t 10 "$server"); do
70+ for ip in $(nslookup "$server" | awk '/^Name:/ {getline; print $2;}'); do
7271 logger -t "openconnect" "adding host dependency for $ip at $config"
7372 proto_add_host_dependency "$config" "$ip" "$interface"
7473 done
--- /dev/null
+++ b/net/openconnect/patches/001-Use-OpenSSL_version-not-deprecated-SSLeay_version.patch
@@ -0,0 +1,34 @@
1+From 01b7e75034e6d838d7750a828eccaa8dd534f152 Mon Sep 17 00:00:00 2001
2+From: David Woodhouse <dwmw2@infradead.org>
3+Date: Thu, 12 May 2022 15:55:59 +0100
4+Subject: [PATCH] Use OpenSSL_version() not deprecated SSLeay_version()
5+
6+Fixes: #428
7+
8+Signed-off-by: David Woodhouse <dwmw2@infradead.org>
9+---
10+ openssl.c | 6 +++++-
11+ 1 file changed, 5 insertions(+), 1 deletion(-)
12+
13+--- a/openssl.c
14++++ b/openssl.c
15+@@ -49,6 +49,8 @@
16+ typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
17+ X509_STORE_CTX *ctx, X509 *x);
18+ #define X509_STORE_CTX_get_get_issuer(ctx) ((ctx)->get_issuer)
19++#define OpenSSL_version SSLeay_version
20++#define OPENSSL_VERSION SSLEAY_VERSION
21+ #endif
22+
23+ static char tls_library_version[32] = "";
24+@@ -56,7 +58,9 @@ static char tls_library_version[32] = ""
25+ const char *openconnect_get_tls_library_version(void)
26+ {
27+ if (!*tls_library_version) {
28+- strncpy(tls_library_version, SSLeay_version(SSLEAY_VERSION), sizeof(tls_library_version));
29++ strncpy(tls_library_version,
30++ OpenSSL_version(OPENSSL_VERSION),
31++ sizeof(tls_library_version));
32+ tls_library_version[sizeof(tls_library_version)-1]='\0';
33+ }
34+ return tls_library_version;
--- a/net/samba4/Makefile
+++ b/net/samba4/Makefile
@@ -351,6 +351,9 @@ ifeq ($(CONFIG_SAMBA4_SERVER_AD_DC),)
351351 # unbundle iso8601
352352 $(SED) '/"iso8601":/d' $(PKG_BUILD_DIR)/third_party/wscript
353353 endif
354+ifeq ($(CONFIG_HOST_OS_MACOS),y)
355+ $(SED) "/^VERSION=/i sys.platform='linux'" $(PKG_BUILD_DIR)/buildtools/bin/waf
356+endif
354357 endef
355358
356359 define Build/Configure
--- /dev/null
+++ b/net/samba4/patches/030_wafsamba-replace-echo-n-with-printf.patch
@@ -0,0 +1,30 @@
1+From: https://gitlab.com/samba-team/samba/-/commit/29f11005f56ebc2202e7883ea4d9ca7e7a46d9bb
2+
3+From 29f11005f56ebc2202e7883ea4d9ca7e7a46d9bb Mon Sep 17 00:00:00 2001
4+From: "Sergey V. Lobanov" <sergey@lobanov.in>
5+Date: Thu, 10 Feb 2022 00:02:17 +0300
6+Subject: [PATCH] wafsamba: replace 'echo -n' with printf
7+
8+This patch makes samba_cross.py compatible with old bash (e.g. 3.2)
9+
10+Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
11+Reviewed-by: Christof Schmitt <cs@samba.org>
12+Reviewed-by: Andreas Schneider <asn@samba.org>
13+
14+Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
15+Autobuild-Date(master): Fri Feb 11 07:58:57 UTC 2022 on sn-devel-184
16+---
17+ buildtools/wafsamba/samba_cross.py | 2 +-
18+ 1 file changed, 1 insertion(+), 1 deletion(-)
19+
20+--- a/buildtools/wafsamba/samba_cross.py
21++++ b/buildtools/wafsamba/samba_cross.py
22+@@ -134,7 +134,7 @@ class cross_Popen(Utils.subprocess.Popen
23+ cross_answers_incomplete = True
24+ add_answer(ca_file, msg, ans)
25+ (retcode, retstring) = ans
26+- args = ['/bin/sh', '-c', "echo -n '%s'; exit %d" % (retstring, retcode)]
27++ args = ['/bin/sh', '-c', "printf %%s '%s'; exit %d" % (retstring, retcode)]
28+ real_Popen.__init__(*(obj, args), **kw)
29+
30+
--- a/net/wifi-presence/Makefile
+++ b/net/wifi-presence/Makefile
@@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk
22
33 PKG_NAME:=wifi-presence
44 PKG_VERSION:=0.1.2
5-PKG_RELEASE:=1
5+PKG_RELEASE:=2
66
77 PKG_SOURCE:=-$(PKG_NAME)-$(PKG_VERSION).tar.gz
88 PKG_SOURCE_URL:=https://codeload.github.com/awilliams/wifi-presence/tar.gz/v$(PKG_VERSION)?
--- a/net/wifi-presence/files/wifi-presence.conf
+++ b/net/wifi-presence/files/wifi-presence.conf
@@ -44,3 +44,12 @@ config wifi-presence main
4444 ## Set the MQTT topic prefix used by Home Assistant.
4545 ## Default is 'homeassistant' (also Home Assistant's default value).
4646 # option hassPrefix 'homeassistant'
47+
48+ ## Set the user and group that runs the wifi-presence process.
49+ ## This can be useful to change if using seccomp, where the hostapd
50+ ## socket files are owned by the 'network' user and group.
51+ ## Use network / network when seccomp is enabled, otherwise root / root.
52+ ## If unspecified, then the owner of the sockets in the /var/run/hostapd/
53+ ## directory will be used.
54+ # option runAsUser 'network'
55+ # option runAsGroup 'network'
--- a/net/wifi-presence/files/wifi-presence.init
+++ b/net/wifi-presence/files/wifi-presence.init
@@ -26,6 +26,9 @@ start_service() {
2626 local sockDir
2727 local verbose
2828
29+ local runAsUser
30+ local runAsGroup
31+
2932 config_get apName main apName
3033 config_get debounce main debounce
3134 config_get hassAutodiscovery main hassAutodiscovery
@@ -39,6 +42,9 @@ start_service() {
3942 config_get sockDir main sockDir
4043 config_get_bool verbose main verbose
4144
45+ config_get runAsUser main runAsUser
46+ config_get runAsGroup main runAsGroup
47+
4248 procd_open_instance
4349
4450 procd_set_param command ${PROG}
@@ -55,6 +61,22 @@ start_service() {
5561 [ -n "${sockDir}" ] && procd_append_param command "-sockDir=${sockDir}"
5662 [ -n "${verbose}" ] && procd_append_param command "-verbose=${verbose}"
5763
64+ if [ -z "${runAsUser}" ] && [ -z "${runAsGroup}" ]; then
65+ # If both runAsUser and runAsGroup are unspecified, then
66+ # determine their values by looking at the owner of the hostapd sockets.
67+ #
68+ # It would be preferable to use 'stat' to determine the owner of the socket,
69+ # but it may not be present on all systems, so instead we revert to parsing ls output.
70+ local sockOwner=$(find /var/run/hostapd/ -type s -maxdepth 1 -exec ls -ld {} \; | head -n 1 | awk '{ print $3 }')
71+ if [ -n "${sockOwner}" ]; then
72+ runAsUser="${sockOwner}"
73+ runAsGroup="${sockOwner}"
74+ fi
75+ fi
76+
77+ [ -n "${runAsUser}" ] && procd_set_param user "${runAsUser}"
78+ [ -n "${runAsGroup}" ] && procd_set_param group "${runAsGroup}"
79+
5880 procd_set_param file "/etc/config/${CONF}"
5981 procd_set_param stdout 1
6082 procd_set_param stderr 1
--- a/utils/audit/Makefile
+++ b/utils/audit/Makefile
@@ -7,7 +7,7 @@ include $(TOPDIR)/rules.mk
77
88 PKG_NAME:=audit
99 PKG_VERSION:=2.8.5
10-PKG_RELEASE:=2
10+PKG_RELEASE:=$(AUTORELEASE)
1111
1212 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
1313 PKG_SOURCE_URL:=http://people.redhat.com/sgrubb/audit
@@ -19,11 +19,11 @@ PKG_LICENSE_FILES:=COPYING
1919 PKG_CPE_ID:=cpe:/a:linux_audit_project:linux_audit
2020
2121 PKG_FIXUP:=autoreconf
22+PKG_BUILD_DIR=$(BUILD_DIR)/$(PKG_NAME)-packages/$(PKG_NAME)-$(PKG_VERSION)
2223
2324 PKG_USE_MIPS16:=0
2425
2526 include $(INCLUDE_DIR)/package.mk
26-include $(INCLUDE_DIR)/host-build.mk
2727
2828 define Package/audit/Default
2929 TITLE:=Audit Daemon
@@ -138,7 +138,6 @@ define Package/audit/install
138138 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/auditd $(1)/usr/sbin/
139139 endef
140140
141-$(eval $(call HostBuild))
142141 $(eval $(call BuildPackage,libauparse))
143142 $(eval $(call BuildPackage,audit-utils))
144143 $(eval $(call BuildPackage,audit))
--- /dev/null
+++ b/utils/audit/patches/0003-Make-IPX-packet-interpretation-dependent-on-th.patch
@@ -0,0 +1,52 @@
1+From 6b09724c69d91668418ddb3af00da6db6755208c Mon Sep 17 00:00:00 2001
2+From: Steve Grubb <sgrubb@redhat.com>
3+Date: Thu, 2 Sep 2021 15:01:12 -0400
4+Subject: [PATCH] Make IPX packet interpretation dependent on the ipx header
5+ file existing
6+
7+--- a/auparse/interpret.c
8++++ b/auparse/interpret.c
9+@@ -44,8 +44,10 @@
10+ #include <linux/ax25.h>
11+ #include <linux/atm.h>
12+ #include <linux/x25.h>
13+-#include <linux/if.h> // FIXME: remove when ipx.h is fixed
14+-#include <linux/ipx.h>
15++#ifdef HAVE_IPX_HEADERS
16++ #include <linux/if.h> // FIXME: remove when ipx.h is fixed
17++ #include <linux/ipx.h>
18++#endif
19+ #include <linux/capability.h>
20+ #include <sys/personality.h>
21+ #include <sys/prctl.h>
22+@@ -1158,6 +1160,7 @@ static const char *print_sockaddr(const
23+ x->sax25_call.ax25_call[6]);
24+ }
25+ break;
26++#ifdef HAVE_IPX_HEADERS
27+ case AF_IPX:
28+ {
29+ const struct sockaddr_ipx *ip =
30+@@ -1167,6 +1170,7 @@ static const char *print_sockaddr(const
31+ str, ip->sipx_port, ip->sipx_network);
32+ }
33+ break;
34++#endif
35+ case AF_ATMPVC:
36+ {
37+ const struct sockaddr_atmpvc* at =
38+--- a/configure.ac
39++++ b/configure.ac
40+@@ -414,6 +414,12 @@ if test x"$LIBWRAP_LIBS" != "x"; then
41+ AC_DEFINE_UNQUOTED(HAVE_LIBWRAP, [], Define if tcp_wrappers support is enabled )
42+ fi
43+
44++# linux/ipx.h - deprecated in 2018
45++AC_CHECK_HEADER(linux/ipx.h, ipx_headers=yes, ipx_headers=no)
46++if test $ipx_headers = yes ; then
47++ AC_DEFINE(HAVE_IPX_HEADERS,1,[IPX packet interpretation])
48++fi
49++
50+ # See if we want to support lower capabilities for plugins
51+ LIBCAP_NG_PATH
52+
--- a/utils/rtty/Makefile
+++ b/utils/rtty/Makefile
@@ -8,12 +8,12 @@
88 include $(TOPDIR)/rules.mk
99
1010 PKG_NAME:=rtty
11-PKG_VERSION:=8.0.0
12-PKG_RELEASE:=2
11+PKG_VERSION:=8.0.1
12+PKG_RELEASE:=1
1313
1414 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
1515 PKG_SOURCE_URL=https://github.com/zhaojh329/rtty/releases/download/v$(PKG_VERSION)
16-PKG_HASH:=b9c555005b76c1ad0f5af891964375bbdf50ee22b9a9f53ddd48d2cdb4e53b49
16+PKG_HASH:=b1a21819c2256b3364b8c64dfcc56583b9647409ab8b39ff54e00e242e44028e
1717
1818 PKG_MAINTAINER:=Jianhui Zhao <zhaojh329@gmail.com>
1919 PKG_LICENSE:=MIT
--- a/utils/rtty/patches/100-wolfssl_5_support.patch
+++ /dev/null
@@ -1,21 +0,0 @@
1-commit 91b66a6b402b790f3c8cebb0420ef549744ee197
2-Author: Sergey V. Lobanov <sergey@lobanov.in>
3-Date: Mon Jan 3 19:25:45 2022 +0300
4-
5- add compatibility for wolfssl >= 5.0
6-
7- NTRU support has been removed in wolfssl 5.0 so it is required to
8- mask NTRU specific code if wolfssl >= 5.0
9-
10---- a/src/ssl/openssl.c
11-+++ b/src/ssl/openssl.c
12-@@ -336,7 +336,9 @@ static bool handle_wolfssl_asn_error(voi
13- case ASN_SIG_HASH_E:
14- case ASN_SIG_KEY_E:
15- case ASN_DH_KEY_E:
16-+#if LIBWOLFSSL_VERSION_HEX < 0x05000000
17- case ASN_NTRU_KEY_E:
18-+#endif
19- case ASN_CRIT_EXT_E:
20- case ASN_ALT_NAME_E:
21- case ASN_NO_PEM_HEADER:
Afficher sur ancien navigateur de dépôt.