aboutsummaryrefslogtreecommitdiffstats
path: root/package/libs
Commit message (Collapse)AuthorAgeFilesLines
* nghttp2: bump to 1.34.0Hans Dedecker2018-10-071-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 2b085815 (tag: v1.34.0) Update manual pages 986fa302 Bump up version number to 1.34.0, LT revision to 31:1:17 7c8cb3a0 nghttpx: Improve CONNECT response status handling 334c439c Fix bug that regular CONNECT does not work 6700626c Rule out content-length in the successful response to CONNECT 15162add Update manual pages 93270777 Merge pull request #1235 from nghttp2/backend-conn-timeout aeb92bbb nghttpx: Add read/write-timeout parameters to backend option fc7489e0 nghttpx: Fix mruby parameter validation 87ac872f nghttpx: Update doc c278adde nghttpx: Log error when mruby file cannot be opened f94d7209 Merge pull request #1234 from nghttp2/nghttpx-rfc8441 9b9baa6b Update doc 02566ee3 nghttpx: Update doc 3002f31b src: Add debug output for SETTINGS_ENABLE_CONNECT_PROTOCOL d2a594a7 nghttpx: Implement RFC 8441 Bootstrapping WebSocket with HTTP/2 651e1477 Allow client sending :protocol optimistically a42faf1c nghttpx: Write TLS alert during handshake 4aac05e1 Merge pull request #1231 from nghttp2/ws-lib-only b80dfaa8 Adjustment for RFC 8441 a19d8f5d Deal with :protocol pseudo header 33f6e90a Add NGHTTP2_TOKEN__PROTOCOL ed7fabcb Add SETTINGS_ENABLE_CONNECT_PROTOCOL 8753b6da Update doc f2de733b Update neverbleed to fix OpenSSL 1.1.1 issues 88ff8c69 Update mruby 1.4.1 a63558a1 nghttpx: Call OCSP_response_get1_basic only when OCSP status is successful 3575a132 nghttpx: Fix crash with plain text HTTP e2de2fee Update bash_completion 9f415979 Update manual pages 4bfc0cd1 Merge pull request #1230 from nghttp2/nghttpx-faster-logging 9c824b87 nghttpx: Get rid of std::stringstream from Log a1ea1696 Make VALID_HD_NAME_CHARS and VALID_HD_VALUE_CHARS const qualified dfc0f248 Make static_table const qualified ed7c9db2 nghttpx: Add mruby env.tls_handshake_finished 5b42815a nghttpx: Strip incoming Early-Data header field by default cfe7fa9a nghttpx: Add --tls13-ciphers and --tls-client-ciphers options cb8a9d58 src: Remove TLSv1.3 ciphers from DEFAULT_CIPHER_LIST 023b9448 Merge branch 'tls13-early-data' 9b03c64f nghttpx: Should postpone early data by default b8eccec6 nghttpx: Disable OpenSSL anti-replay 9f212587 Specify SSL_CTX_set_max_early_data and add an option to change max value 47f60124 nghttpx: Add an option to postpone early data processing 770e44de Implement draft-ietf-httpbis-replay-02 2ab319c1 Don't hide error code from openssl 39923024 Remove SSL_ERROR_WANT_WRITE handling b30f312a Honor SSL_read semantics c5cdb78a nghttpx: Add TLSv1.3 0-RTT early data support f79a5812 Bump up version number to 1.34.0 Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* ncurses: use default host installAndy Walsh2018-09-241-6/+0
| | | | | | * just use default host/install, so libs/headers get properly generated/installed Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* gettext-full: host compile with -fpicAndy Walsh2018-09-241-0/+2
| | | | Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* mbedtls: update to 2.13.0Magnus Kroken2018-09-221-2/+2
| | | | | | | | * Fixed a security issue in the X.509 module which could lead to a buffer overread during certificate extensions parsing. * Several bugfixes. * Improvements for better support for DTLS on low-bandwidth, high latency networks with high packet loss. Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* elfutils: bump to 0.174Luiz Angelo Daros de Luca2018-09-212-533/+7
| | | | | | - Simplified musl patch with error.h concentrated into system.h Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
* libpcap: patch to add limits.h to pcap-usb-linux.cEneas U de Queiroz2018-09-101-0/+22
| | | | | | | | | | | | | | The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header. To mitigate this problem, the original message has been wrapped automatically by the mailing list software. This is an upstream-applied patch that fixes 'PATH_MAX' and 'NAME_MAX' undeclared when compiling on musl with CONFIG_PCAP_HAS_USB. [aafa351] pcap-usb-linux.c: add missing limits.h for musl systems. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
* nghttp2: bump to 1.33.0Hans Dedecker2018-09-031-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 9d843334 Update bash_completion 23cb3f38 Update manual pages 1d682dcd Bump up version number to 1.33.0, LT revision to 31:0:17 601fbbb4 Update doc f44aa246 Update AUTHORS dd74a6dd Update manual pages e959e733 src: Refactor utos fb9a204d nghttpx: Fix compile error without mruby cd096802 Update doc 7417fd71 nghttpx: Per-pattern not per-backend 2d1a981c Merge branch 'akonskarm-master' 45acc922 clang-format 214d0899 Merge branch 'master' of https://github.com/akonskarm/nghttp2 into akonskarm-master 31fd707d nghttpx: Fix broken healthmon frontend 9a2e38e0 fix code for reuse addr on asio client d24527e7 Bump up LT revision due to v1.32.1 release 6195d747 nghttpx: Share mruby context if it is compiled from same file fb97f596 nghttpx: Allocate mruby file because fopen requires NULL terminated string 0ccc7a77 nghttpx: Move blocked request data to request buffer for API request 32826466 nghttpx: Fix crash with API request 0422f8a8 nghttpx: Fix worker process crash with neverbleed write error e329479a Merge pull request #1215 from nghttp2/mruby-per-backend f80a7873 Merge branch 'akonskarm-reuse_addr' 866ac6ab add option reuse addr in local endpoint configuration of asio client b574ae6a nghttpx: Support per-backend mruby script de4fd7cd doc: Update doc 32d7883c nghttpx: Downstream::request_buf_full: take into account blocked_request_buf_ 9b24e197 nghttpx: Choose h1 protocol if headers have been sent to backend on retry 13ffece1 Merge pull request #1214 from nghttp2/fix-rst-without-dconn 9d5b781d Fix stream reset if data from client is arrived before dconn is attached Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* nghttp2: bump to 1.32.1Hans Dedecker2018-08-271-2/+2
| | | | | | | | | 4c76aaee Update manual pages 2b51ad67 Bump up version number to 1.32.1, LT revision to 30:3:16 708379dc Tweak nghttp2_session_set_stream_user_data 73106b0d Compile with clang-6.0 Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* libbsd: Update to 0.8.7Daniel Engberg2018-08-254-45/+272
| | | | | | | | | | Update libbsd to 0.8.7 Remove glibc dependency Clean up InstallDev and install entries Use /usr path for consistency Cherry pick patches from upstream to fix musl compilation Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* libevent2: Switch to using release tarballRosen Penev2018-08-252-45/+8
| | | | | | | | | | | | | Starting with version 2.1.8, a release tarball is available. Simplifies the Makefile slightly. Updated the project URL. HTTPS is broken. Issue has been reported upstream Adjusted patches. CMake support is not present in the tarball. It's made for Windows anyway. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* wolfssl: disable broken shipped Job server macroJo-Philipp Wich2018-08-231-0/+21
| | | | | | | | | | | | | | | | The AX_AM_JOBSERVER macro shipped with m4/ax_am_jobserver.m4 is broken on plain POSIX shells due to the use of `let`. Shells lacking `let` will fail to run the generated m4sh code and end up invoking "make" with "-jyes" as argument, fialing the build. Since there is no reason in the first place for some random package to muck with the make job server settings and since we do not want it to randomly override "-j" either, simply remove references to this defunct macro to let the build succeed on platforms which not happen to use bash as default shell. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* openssl: update to version 1.0.2pHauke Mehrtens2018-08-153-4/+4
| | | | | | | | This fixes the following security problems: * CVE-2018-0732: Client DoS due to large DH parameter * CVE-2018-0737: Cache timing vulnerability in RSA Key Generation Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* libubox: set RPATH for host buildJo-Philipp Wich2018-08-141-0/+3
| | | | | | | This is required for programs that indirectly link libjson-c through the libubox blobmsg_json library. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* libubox: set HOST_BUILD_PREFIXDaniel Golle2018-08-071-1/+2
| | | | | | | Install into STAGING_DIR_HOST rather than STAGING_DIR_HOSTPKG to make bundle-libraries.sh happy. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* libjson-c: set HOST_BUILD_PREFIXDaniel Golle2018-08-071-1/+2
| | | | | | | Install into STAGING_DIR_HOST rather than STAGING_DIR_HOSTPKG to make bundle-libraries.sh happy. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* libubox: fix source version dateJo-Philipp Wich2018-08-071-1/+1
| | | | | | | | The referenced Git commit was made on the 25th of July, not June. Fixes 432eaa940f ("libubox: fix mirror hash") Fixes 5dc32620c4 ("libubox: update to latest git HEAD") Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* libubox: fix mirror hashJo-Philipp Wich2018-08-071-1/+1
| | | | | | | | | | | Correct the mirror hash to reflect whats on the download server. A locally produced libubox SCM tarball was also verified to yield an identical checksum compared to the one currently on the download server. Fixes FS#1707. Fixes 5dc32620c4 ("libubox: update to latest git HEAD") Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ustream-ssl: update to latest git HEADEneas U de Queiroz2018-08-071-4/+4
| | | | | | | | 23a3f28 openssl, wolfssl: match mbedTLS ciphersuite list 450ada0 ustream-ssl: Revised security on mbedtls 34b0b80 ustream-ssl: add openssl-1.1.0 compatibility Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
* uclient: update to latest git HEADJo-Philipp Wich2018-08-031-3/+3
| | | | | | | | | | | | | | f2573da uclient-fetch: use package name pattern in message for missing SSL library 9fd8070 uclient-fetch: Check for nullpointer returned by uclient_get_url_filename f41ff60 uclient-http: basic auth: Handle memory allocation failure a73b23b uclient-http: auth digest: Handle multiple possible memory allocation failures 66fb58d uclient-http: Handle memory allocation failure 2ac991b uclient: Handle memory allocation failure for url 63beea4 uclient-http: Implement error handling for header-sending eb850df uclient-utils: Handle memory allocation failure for url file name ae1c656 uclient-http: Close ustream file handle only if allocated Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* wolfssl: remove myself as maintainerAlexandru Ardelean2018-07-301-1/+0
| | | | | | | I no longer have the time, nor the desire to maintain this package. Remove myself as maintainer. Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* libevent2: Don't build tests and samplesEneas U de Queiroz2018-07-301-0/+13
| | | | | | | | | | | The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header. To mitigate this problem, the original message has been wrapped automatically by the mailing list software. This reduces build time significantly. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
* libevent: update to 2.1.8Leon M. George2018-07-302-15/+102
| | | | Signed-off-by: Leon M. George <leon@georgemail.eu>
* ncurses: install lib on host buildAndy Walsh2018-07-301-0/+2
| | | | Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* treewide: Bump PKG_RELEASE due to mbedtls updateDaniel Engberg2018-07-301-1/+1
| | | | | | | Bump PKG_RELEASE on packages that depends on (lib)mbedtls to avoid library mismatch. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* mbedtls: Update to 2.12.0Daniel Engberg2018-07-302-28/+28
| | | | | | | | | | | | | | | Update mbedtls to 2.12.0 Multiple security fixes Add support for Chacha20 and Poly1305 cryptographic primitives and their associated ciphersuites Difference in size on mips_24kc (ipk): 164kbytes (167882 bytes) 170kbytes (173563 bytes) https://tls.mbed.org/tech-updates/releases/mbedtls-2.12.0-2.7.5-and-2.1.14-released Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* libjson-c: Update package URLRosen Penev2018-07-291-1/+1
| | | | | | Found through UScan. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* libpcap: update to 1.9.0Syrone Wong2018-07-279-306/+50
| | | | | | | | | | | | | 001-Fix-compiler_state_t.ai-usage-when-INET6-is-not-defi.patch dropped due to upstream 002-Add-missing-compiler_state_t-parameter.patch dropped due to upstream 202-protocol_api.patch dropped due to implemented upstream by another way upstream commit: https://github.com/the-tcpdump-group/libpcap/commit/55c690f6f834b4762697d7a134de439c9096c921 and renamed via: https://github.com/the-tcpdump-group/libpcap/commit/697b1f7e9b1d6f5a5be04f821d7c5dc62458bb3b ead is the only user who use the protocol api, we have to use the new api since libpcap 1.9.0 Signed-off-by: Syrone Wong <wong.syrone@gmail.com>
* libubox: update to latest git HEADJohn Crispin2018-07-251-4/+4
| | | | | | c83a84a fix segfault when passed blobmsg attr is NULL Signed-off-by: John Crispin <john@phrozen.org>
* elfutils: Copy missing libraries to staging and packagesTed Hess2018-07-241-6/+6
| | | | | | | Newer shared libraries seem to have the package version as part of their name. E.g.: libelf-0.173.so Signed-off-by: Ted Hess <thess@kitschensync.net>
* librpc: add host build to install h files needed for nfs-kernel-server to ↵Peter Wagner2018-07-161-0/+9
| | | | | | get compiled Signed-off-by: Peter Wagner <tripolar@gmx.at>
* popt: Replace dead upstream site with mirrorDaniel Engberg2018-07-161-1/+1
| | | | | | | We can safely assume by now that rpm5.org is dead and isn't coming back so just add another mirror instead. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* libnl: bump to 3.4.0Konstantin Demin2018-07-074-31/+15
| | | | | | refresh patches Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* mbedtls: Activate deterministic ECDSAHauke Mehrtens2018-07-071-18/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | With deterministic ECDSA the value k needed for the ECDSA signature is not randomly generated any more, but generated from a hash over the private key and the message to sign. If the value k used in a ECDSA signature or the relationship between the two values k used in two different ECDSA signatures over the same content is know to an attacker he can derive the private key pretty easily. Using deterministic ECDSA as defined in the RFC6979 removes this problem by deriving the value k deterministically from the private key and the content which gets signed. The resulting signature is still compatible to signatures generated not deterministic. This increases the size of the ipk on mips 24Kc by about 2 KByte. old: 166.240 libmbedtls_2.11.0-1_mips_24kc.ipk new: 167.811 libmbedtls_2.11.0-1_mips_24kc.ipk This does not change the ECDSA performance in a measurable way. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mbedtls: Disable MBEDTLS_SHA256_SMALLER implementationDaniel Engberg2018-07-071-9/+0
| | | | | | | | | | | | | | | | | | | | | | | | Disable MBEDTLS_SHA256_SMALLER implementation, not enabled by default in upstream and reduces performance by quite a bit. Source: include/mbedtls/config.h Enable an implementation of SHA-256 that has lower ROM footprint but also lower performance. The default implementation is meant to be a reasonnable compromise between performance and size. This version optimizes more aggressively for size at the expense of performance. Eg on Cortex-M4 it reduces the size of mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about 30%. The size of mbedtls increased a little bit: ipkg for mips_24kc before: 164.382 Bytes ipkg for mips_24kc after: 166.240 Bytes Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* mbedtls: Update to 2.11.0Daniel Engberg2018-07-073-29/+55
| | | | | | | | | | | | | | | | Update mbed TLS to 2.11.0 Disable OFB block mode and XTS block cipher mode, added in 2.11.0. The soVersion of mbedtls changed, bump PKG_RELEASE for packages that use mbedTLS This is to avoid having a mismatch between packages when upgrading. The size of mbedtls increased a little bit: ipkg for mips_24kc before: 163.846 Bytes ipkg for mips_24kc after: 164.382 Bytes Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* mbedtls: cleanup config patchDaniel Engberg2018-07-071-35/+28
| | | | | | | Clean up patch, use "//" consistently. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* libconfig: update to version 1.7.2Enrico Mioso2018-07-071-4/+4
| | | | | | | | | The previous link did not work here. Compile-tested on: bcm47xx Runtime-tested on: bcm47xx Signed-off-by: Enrico Mioso <mrkiko.rs@gmail.com>
* libubox: update to the latest versionFelix Fietkau2018-07-071-3/+3
| | | | | | 3c1b33b utils: add const_* byteswapping functions Signed-off-by: Felix Fietkau <nbd@nbd.name>
* elfutils: bump to 0.173Luiz Angelo Daros de Luca2018-07-047-351/+149
| | | | | | | | | - Removed hacks to use standalone argp as upstream now detects it nicely. - As we are already installing files, use files from PKG_INSTALL_DIR and not PKG_BUILD_DIR - Only changes Makefile.am as PKG_FIXUP:=autoreconf is in use Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
* mbedtls: Cosmetic cleanupsDaniel Engberg2018-06-181-1/+1
| | | | | | | | | | | | | This is more of a cosmetic change and a reminder that the CMake script hardcodes -O2. Source: https://github.com/ARMmbed/mbedtls/blob/mbedtls-2.7/CMakeLists.txt#L73 https://github.com/ARMmbed/mbedtls/blob/master/CMakeLists.txt#L97 Remove the release type option as it's already provided by the toolchain. Source: https://github.com/openwrt/openwrt/blob/master/include/cmake.mk#L50 Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* libnftnl: bump to version 1.1.1Rosy Song2018-06-181-2/+2
| | | | Signed-off-by: Rosy Song <rosysong@rosinson.com>
* libjson-c: fix host-buildDaniel Golle2018-06-141-0/+1
| | | | | | Add -Wno-implicit-fallthrough to HOST_CFLAGS. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* package/libs/libnfnetlink: Remove dead mirrorDaniel Engberg2018-06-141-2/+1
| | | | | | Remove mirrors.evolva.ro as it's no longer available Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* libubox: make sure blobmsg-json is included in host-buildDaniel Golle2018-06-141-1/+2
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* libjson-c: add host build (for libblobmsg-json)Daniel Golle2018-06-141-0/+2
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* popt: Add backup siteDaniel Engberg2018-06-131-1/+1
| | | | | | Add Gentoo's distfiles repo as backup site. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* nettle: bump to 3.4Kevin Darbyshire-Bryant2018-06-011-2/+2
| | | | | | | | | | | 3.4 is mainly a bug fix/maintenance release. 3KB increase in ipk lib size on mips. Compile tested for: ar71xx, ramips Run tested on: ar71xx Archer C7 v2, ramips mir3g Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* wolfssl: change defaults to cover wpa_supplicant needsDaniel Golle2018-05-312-10/+10
| | | | | | | | | | | | | Implicetely selecting the required options via Kconfig snippet from hostapd worked fine in local builds when using menuconfig but confused the buildbots which (in phase1) may build wpad-mini and hence already come with CONFIG_WPA_WOLFSSL being defined as unset which then won't trigger changing the defaults of wolfssl. Work around by explicitely reflecting wpa_supplicant's needs in wolfssl's default settings to make buildbots happy. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* wolfssl: add PKG_CONFIG_DEPENDS symbolsDaniel Golle2018-05-251-1/+10
| | | | | | | | This change will trigger rebuild on buildbots in case of changed config symbols, like in the case of hostapd selecting some wolfssl symbols lately. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* wolfssl: update to version 3.14.4Daniel Golle2018-05-243-149/+6
| | | | | | | | Use download from github archive corresponding to v3.14.4 tag because the project's website apparently only offers 3.14.0-stable release downloads. Signed-off-by: Daniel Golle <daniel@makrotopia.org>