aboutsummaryrefslogtreecommitdiffstats
path: root/package/network
Commit message (Collapse)AuthorAgeFilesLines
* lantiq: Deactivate ASLR support for some applicationsHauke Mehrtens2018-03-031-0/+1
| | | | | | | | | The lantiq components still leak some user space linker options into the kernel space. This breaks with build when ASLR is activated, deactivate it for now on these packages. Fixes: FS#1391 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* gre: squash grev4 and grev6 packages into gre (FS#1399)Hans Dedecker2018-03-021-34/+5
| | | | | | | | | The split-up into packages gre, grev4 and grev6 causes confusion for the users as reported in FS#1399. As IPv4 and IPv6 are considered now as bundled; squash the grev4 and grev6 packages into the gre package and let gre provide both grev4 and grev6. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: add udhcpc link check to dhcp shell handler scriptHans Dedecker2018-03-022-1/+3
| | | | | | | | Fixes the assumption the busybox udhcpc applet is always enabled; in case the symbolic link check fails the DHCP shell handler script will exit and as result the DHCP protocol handler will not be registered in netifd. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* iw: update to version 4.14Felix Fietkau2018-02-284-676/+101
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* netifd: update to the latest version, rewrite RPS/XPS handlingFelix Fietkau2018-02-282-3/+70
| | | | | | | | Remove RPS/XPS support from netifd core, move the logic to a hotplug script that uses a different policy which provides better performance and more fairness across flows Signed-off-by: Felix Fietkau <nbd@nbd.name>
* netifd: support DHCP sendopts as list optionsHans Dedecker2018-02-272-6/+8
| | | | | | | | | | | Support config in the form of .... add_list sendopts=router:10.10.10.2 add_list sendopts=nissrv:20.20.20.2 add_list sendopts=0x7D:abba This allows to configure sendopts having white spaces as option value Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* iptables: fix compile with kernel 3.18Hauke Mehrtens2018-02-261-0/+40
| | | | | | This fixes a compile bug found by build bot with kernel 3.18 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* hostapd: do not register ubus objects for mesh interfacesFelix Fietkau2018-02-241-0/+5
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* odhcp6c: rework sendopts handlingHans Dedecker2018-02-242-7/+6
| | | | | | Bring logic of sendopts handling in line with ip6prefix handling Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* odhcp6c: support multiple additional user prefixesJo-Philipp Wich2018-02-243-6/+13
| | | | | | | | | | | | | Support configuration in the form... list ip6prefix 2001:db8:1234::/64 list ip6prefix 2001:db8:5678::/64 ... to allow specifying multiple additional IPv6 prefixes. Implements feature request FS#1361. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ethtool: import from packages, add myself as maintainerFelix Fietkau2018-02-241-0/+59
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* samba36: fix build (issue #5574)Jakub Tymejczyk2018-02-241-0/+1
| | | | | | | | | | | | As indicated in #5574 samba fails to build with linker error due to lack of talloc_* functions when the packet libtalloc also gets build. According to Makefile it is compiled with "--without-libtalloc" option. Running ./configure --help shows that there is another option connected to libtalloc: --enable/disable-external-libtalloc. Adding this option fixes build. Signed-off-by: Jakub Tymejczyk <jakub@tymejczyk.pl>
* iproute2: Add support for ports in xfrm on SCTPHauke Mehrtens2018-02-241-18/+0
| | | | | | | | Remove this old patch which prevents showing the xfrm ports for SCTP This was added in commit 60c1f0f64d23 ("finally move buildroot-ng to trunk") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* iptables: update to 1.6.2Ansuel Smith2018-02-231-4/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 459b6932 policy: add nft translation for simple policy none/strict use case 255e55b7 tests: xlate-test: no need to require superuser privileges 6990bbc5 extensions: hashlimit: remove space before burst in translation to nft 13ecaeb0 extensions: hashlimit: Rename 'flow table' keyword to meter c252a2b0 extensions: Add test for cluster nft translation bda1daa4 extensions: ip6t_{S,D}NAT: add more tests 88fa4543 extensions: ip6t_{S,D}NAT: multiple to-dst/to-src arguments not reported 64a0e098 extensions: libxt_cluster: Add translation to nft 6067208f extensions: add support for 'srh' match 0f387b07 extensions: hashlimit: fix incorrect burst in translations 1ffe6a74 extensions: libxt_hashlimit: Do not print default timeout and burst 27de281d extensions: Add macro _DEFAULT_SOURCE. 75364151 iptables: Remove const qualifier from struct option. 8b0da213 iptables: masquerade: add randomize-full support e64db006 iptables: patch to correct linker flag sequence 033eac81 extensions: libxt_tcpmss: Add test case for invalid ranges. 505bfa11 iptables: xtables-eb: Remove const qualifier from struct option a6d6821a iptables: extensions: Fix MARK target help 71de414c libxt_sctp: fix array out of range in print_chunk 1a32381a extensions: add tests for ipcomp protocol 4bd51770 tests: xlate: print output in same way as nft-test.py d0e3d95f libxt_recent: Remove ineffective checks for info->name 23e6ed71 libxt_TOS: add tests for translation infrastructure 9564595e Update .gitignore bebce197 iptables: iptables-compat translation for TCPMSS dbbab0aa extensions: libxt_tcpmss: Detect invalid ranges 0e958281 iptables-translate: add test file for TCPMSS extension de3c68b6 iptables-compat: do not allow to delete populated user define chains f4b80ce7 iptables: change large file support handling f5b46c2f iptables: Constify option struct 21ba5b38 ip{,6}tables-restore: Don't accept wait-interval without wait 60e0ffd3 ip{,6}tables-restore: Don't ignore missing wait-interval value af468b6e utils: Add a man page for nfnl_osf 1773dcaa utils: nfnl_osf: Fix synopsis in help text 895ce096 extensions: libxt_bpf: fix missing __NR_bpf declaration 3c633296 xtables-compat-restore: fix translation of mangle's OUTPUT 1c32e560 netfilter: xt_hashlimit: add rate match mode b5331f88 xtables-compat: fix memory leak when listing 91ae12e3 xtables-compat-restore: fix several memory leaks 79e1edd1 iptables-xml: Fix segfault on jump without a target c49a93f1 xtables-translate: fix double space before comment 79fa7cc2 libip6t_icmp6: xlate: remove leftover space 8e62f572 tests: xlate: generalize owner 8d994bcf iptables: Add file output option to iptables-save f8e5ebc5 iptables: Fix crash on malformed iptables-restore 80d8bfaa iptables: insist that the lock is held. c29d99c8 libxtables: Display weird character warning for wildcards 1fe96cfb tests: xlate: check if it is being run as root 3f92b259 tests: xlate: remove python 3.5 dependency d89dc47a iptables-restore/save: exit when given an unknown option 65801d02 iptables-restore.8: document -w/-W options 9cd3adbe iptables-restore/ip6tables-restore: add --version/-V argument 1ec1fb7a extensions: libxt_hashlimit: fix 64-bit printf formats 27f69f4a iptables: extensions: Remove typedef in struct. 340105fa tests: add regression tests for xtables-translate b669e184 extensions: libxt_TOS: Add translation to nft b2a84476 iptables: Remove unnecessary braces. 2963a8df iptables: Remove explicit static variables initalization. 1cf4ba6f iptables: Constify option struct 999eaa24 iptables-restore: support acquiring the lock. 6e2e169e iptables: remove duplicated argument parsing code 836846f0 iptables: move XT_LOCK_NAME from CFLAGS to config.h. b91af533 iptables: set the path of the lock file via a configure option. 0e94eb2e iptables-translate: print nft iff there are more expanded rules to print 48ad179b libxtables: abolish AI_CANONNAME 9f50bbdf libxtables: remove unnecessary nesting from host_to_ip(6)addr c6df55d6 iptables-translate: print nft command for each expand rules via dns names 82dacbb8 xtables-translate: Avoid querying the kernel 9f972f45 extensions: libxt_addrtype: Add translation to nft 2c8e251e utils: nfsynproxy: fix build with musl libc 9b8cb756 libiptc: don't set_changed() when checking rules with module jumps eb66632d extensions: libxt_hashlimit: Add translation to nft 72bb3dbf xshared: using the blocking file lock request when we wait indefinitely 24f81746 xshared: do not lock again and again if "-w" option is not specified fc3c3b4e libxt_hashlimit: add new unit test to catch kernel bug 516d9191 iptables: update pf.os Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
* netfilter: add a xt_FLOWOFFLOAD target for NAT/routing offload supportFelix Fietkau2018-02-211-0/+18
| | | | | | | | | | This makes it possible to add an iptables rule that offloads routing/NAT packet processing to a software fast path. This fast path is much quicker than running packets through the regular tables/chains. Requires Linux 4.14 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* nftables: update to 0.8.2, backport flowtable supportFelix Fietkau2018-02-216-0/+1581
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: add support for sending 802.11v disassoc imminent notifications to ↵Felix Fietkau2018-02-211-0/+97
| | | | | | clients via ubus Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: add support for issuing 802.11k beacon measurement requests via ubusFelix Fietkau2018-02-211-0/+90
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: expose client 802.11k capabilities via ubusFelix Fietkau2018-02-211-0/+6
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: return with 80211 codes in handle event functionNick Hainke2018-02-212-23/+36
| | | | | | | | | | | If the auth or assoc request was denied the reason was always WLAN_STATUS_UNSPECIFIED_FAILURE. That's why for example the wpa supplicant was always trying to reconnect to the AP. Now it's possible to give reasoncodes why the auth or assoc was denied. Signed-off-by: Nick Hainke <vincent@systemli.org>
* hostapd: add IEEE 802.11v supportLorenzo Santina2018-02-213-2/+21
| | | | | | | | | | | | | | | | | | Add Wireless Network Management (IEEE 802.11v) support to: - hostapd-full - wpa_supplicant-full It must be enabled at runtime via UCI with: - option ieee80211v '1' Add UCI support for: - time_advertisement - time_zone - wnm_sleep_mode - bss_transition Signed-off-by: Lorenzo Santina <lorenzo.santina@edu.unito.it>
* hostapd: add support for turning on 802.11k/v features via ubusFelix Fietkau2018-02-212-7/+125
| | | | | | | Neighbor reports are enabled implicitly on use, beacon reports and BSS transition management need to be enabled explicitly Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ppp: fix build with kernel 4.14.9+Mathias Kresin2018-02-201-1/+6
| | | | | | | | With a9772285a724 ("linux/compiler.h: Split into compiler.h and compiler_types.h") compiler.h was refactored and most its content was moved to compiler_types.h. Both files are required to build ppp-mod-pppoa. Signed-off-by: Mathias Kresin <dev@kresin.me>
* odhcpd: fix interop with wide DHCPv6 client (FS#1377)Hans Dedecker2018-02-201-4/+4
| | | | | | 96033e9 dhcpv6-ia: don't always send reconf accept option (FS#1377) Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* uqmi: ensure CID is a numeric value before proceedingKoen Vandeputte2018-02-201-4/+4
| | | | | | | | | | | The current implementation only checked if uqmi itself executed correctly which is also the case when the returned value is actually an error. Rework this, checking that CID is a numeric value, which can only be true if uqmi itself also executed correctly. Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* dnsmasq: bump to 2.79rc1Kevin Darbyshire-Bryant2018-02-186-376/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1721453 Remove special handling of A-for-A queries. 499d8dd Fix boundary for test introduced in 3e3f1029c9ec6c63e430ff51063a6301d4b2262 6f1cbfd Fix debian/readme typo. 55ecde7 Inotify: Ignore backup files created by editors 6b54d69 Make failure to chown() pidfile a warning. 246a31c Change ownership of pid file, to keep systemd happy. 83e4b73 Remove confusion between --user and --script-user. 6340ca7 Tweak heuristic for initial DNSSEC memory allocation. baf553d Default min-port to 1024 to avoid reserved ports. 486bcd5 Simplify and correct bindtodevice(). be9a74d Close Debian bug for CVE-2017-15107. ffcbc0f Example config typo fixes. a969ba6 Special case NSEC processing for root DS record, to avoid spurious BOGUS. f178172 Add homepage to Debian control file. cd7df61 Fix DNSSEC validation errors introduced in 4fe6744a220eddd3f1749b40cac3dfc510787de6 c1a4e25 Try to be a little more clever at falling back to smaller DNS packet sizes. 4fe6744 DNSSEC fix for wildcard NSEC records. CVE-2017-15107 applies. 3bd4c47 Remove limit on length of command-line options. 98196c4 Typo fix. 22cd860 Allow more than one --bridge-interface option to refer to an interface. 3c973ad Use SIGINT (instead of overloading SIGHUP) to turn on DNSSEC time validation. faaf306 Spelling fixes. c7e6aea Change references to gPXE to iPXE. Development of EtherBoot gPXE was always development of iPXE core developer Michael Brown. e541245 Handle duplicate RRs in DNSSEC validation. 84a01be Bump year in Debian copyright notice. d1ced3a Update copyrights to 2018. a6cee69 Fix exit code from dhcp_release6. 0039920 Severely fix code formating of contrib/lease-tools/dhcp_release6.c 39d8550 Run Debian startup regex in "C" locale. ef3d137 Fix infinite retries in strict-order mode. 8c707e1 Make 373e91738929a3d416e6292e65824184ba8428a6 compile without DNSSEC. 373e917 Fix a6004d7f17687ac2455f724d0b57098c413f128d to cope with >256 RRs in answer section. 74f0f9a Commment language tweaks. ed6bdb0 Man page typos. c88af04 Modify doc.html to mention git-over-http is now available. ae0187d Fix trust-anchor regexp in Debian init script. 0c50e3d Bump version in Debian package. 075366a Open inotify socket only when used. 8e8b2d6 Release notes update. 087eb76 Always return a SERVFAIL response to DNS queries with RD=0. ebedcba Typo in printf format string added in 22dee512f3738f87539a79aeb52b9e670b3bd104 0954a97 Remove RSA/MD5 DNSSEC algorithm. b77efc1 Tidy DNSSEC algorithm table use. 3b0cb34 Fix manpage which said ZSK but meant KSK. aa6f832 Add a few DNS RRs to the table. ad9c6f0 Add support for Ed25519 DNSSEC signature algorithm. a6004d7 Fix caching logic for validated answers. c366717 Tidy up add_resource_record() buffer size checks. 22dee51 Log DNS server max packet size reduction. 6fd5d79 Fix logic on EDNS0 headers. 9d6918d Use IP[V6]_UNICAST_IF socket option instead of SO_BINDTODEVICE for DNS. a49c5c2 Fix search_servers() segfault with DNSSEC. 30858e3 Spaces in CNAME options break parsing. Refresh patches. Remove upstreamed patches: 250-Fix-infinite-retries-in-strict-order-mode.patch 260-dnssec-SIGINT.patch 270-dnssec-wildcards.patch Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* dropbear: add option to set receive window sizeStijn Tintel2018-02-181-1/+4
| | | | | | | | | | | | | | | | | The default receive window size in dropbear is hardcoded to 24576 byte to limit memory usage. This value was chosen for 100Mbps networks, and limits the throughput of scp on faster networks. It also severely limits scp throughput on high-latency links. Add an option to set the receive window size so that people can improve performance without having to recompile dropbear. Setting the window size to the highest value supported by dropbear improves throughput from my build machine to an APU2 on the same LAN from 7MB/s to 7.9MB/s, and to an APU2 over a link with ~65ms latency from 320KB/s to 7.5MB/s. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* iperf3: update to 3.4Philip Prindeville2018-02-172-240/+5
| | | | Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* openvpn: fix interface with mbedtls_sha256Russell Senior2018-02-171-0/+11
| | | | | | | | | Between mbedtls 2.6.0 and 2.7.0, the void returning mbedtls_MODULE* functions were deprecated in favor of functions returning an int error code. Use the new function mbedtls_sha256_ret(). Signed-off-by: Russell Senior <russell@personaltelco.net> Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* curl: fix interface with mbedtls_sha256Russell Senior2018-02-171-0/+11
| | | | | | | | | Between mbedtls 2.6.0 and 2.7.0, the void returning mbedtls_MODULE* functions were deprecated in favor of functions returning an int error code. Use the new function mbedtls_sha256_ret(). Signed-off-by: Russell Senior <russell@personaltelco.net> Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* nftables: update to version 0.8.2Hauke Mehrtens2018-02-152-3/+5
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* iproute2: update to version 4.15.0Hauke Mehrtens2018-02-1511-225/+23
| | | | | | The musl compatibility patches are now included in the upstream version. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* iwinfo: update to latest git HEADDaniel Golle2018-02-151-3/+3
| | | | | | 223e09b add support for expected throughput Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* uqmi: bump package releaseKoen Vandeputte2018-02-131-1/+1
| | | | | | fixes: da8990e717e1 ("uqmi: use built-in command for data-link verification") Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* uqmi: use built-in command for data-link verificationKoen Vandeputte2018-02-131-1/+19
| | | | | | | | | | | uqmi contains a command for directly querying the modem if there is a valid data connection, so let's use it. This avoids the cases were all previous tests are succesful, but the actual data link is not up for some reasons, leading to states were we thought the link was up when it actually wasn't .. Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* uqmi: use correct value for connection checkingKoen Vandeputte2018-02-131-4/+8
| | | | | | | | | | | | | | Originally, the implementation only checked if uqmi command execution succeeded properly without actually checking it's returned data. This lead to a pass, even when the returned data was indicating an error. Rework the verification to actually check the returned data, which can only be correct if the uqmi command itself also executed correctly. On command execution success, value "pdh_" is a pure numeric value. Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* uqmi: use general method for state cleaningKoen Vandeputte2018-02-131-10/+4
| | | | | | | | | | Debugging shows that using the general method properly cleans on each run, while the method specifying the client-ID shows "No effect" even while in connected state. Fixes several connectivity issues seen on specific modems. Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* iptables: Support building connlabel moduleKristian Evensen2018-02-131-0/+15
| | | | | | | | | | It is currently possible to enable connlabel-support in iptables. However, in order for connlabel to work properly, the kernel module must also be present. This patch adds support for building the connlabel-module, and selects it by default when connlabel-support is enabled. Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
* layerscape: update restool to 2017-12-03Yangbo Lu2018-02-1313-759/+3
| | | | | | | Updated restool to 2017-12-03 and removed patches since the new version had involved them. Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
* odhcp6c: fix appending of emtpy sendopt value (FS#1336)Hans Dedecker2018-02-082-2/+2
| | | | | | | | Don't append an empty sendopts value as odhcp6c bails out immediately on an empty -x option triggering an infinite start loop of odhcp6c Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* odhcp6c: change sendopts option into listHans Dedecker2018-02-082-7/+9
| | | | | | | | Commit a26045049b added support for sendopts as a string; since multiple sendopts values can be specified it makes more sense to model it as a list of strings. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: update to latest git HEADHans Dedecker2018-02-071-3/+3
| | | | | | 1be329c netifd-proto: add proto_config_add_array wrapper Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* wireguard: bump to 20180202Kevin Darbyshire-Bryant2018-02-031-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bump to latest wireguard release snapshot: 2675814 version: bump snapshot 381d703 qemu: update base versions c3fbd9d curve25519: break more things with more test cases 93fa0d9 curve25519: replace fiat64 with faster hacl64 6177bdd curve25519: replace hacl64 with fiat64 b9bf37d curve25519: verify that specialized basepoint implementations are correct bd3f0d8 tools: dedup secret normalization 1f87434 chacha20poly1305: better buffer alignment 78959ed chacha20poly1305: use existing rol32 function 494cdea tools: fread doesn't change errno ab89bdc device: let udev know what kind of device we are 62e8720 qemu: disable AVX-512 in userland 6342bf7 qemu: disable PIE for compilation e23e451 contrib: keygen-html: share curve25519 implementation with kernel 6b28fa6 tools: share curve25519 implementations with kernel c80cbfa poly1305: add poly-specific self-tests 10a2edf curve25519-fiat32: uninline certain functions No patch refresh required. Compile-tested-for: ar71xx Run-tested-on: ar71xx Archer C7 v2 Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* firewall: depend on kmod-nf-conntrack6Matthias Schiffer2018-02-021-2/+2
| | | | | | | | Firewall rules don't work as intended without conntrack support. The recent cleanup removed the kmod-nf-conntrack6 dependency from the iptables modules; add it to the firewall package instead. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* netifd: add defaultreqopts config optionHans Dedecker2018-02-012-4/+6
| | | | | | | | | By default udhcpc asks for a default list of options; the config option defaultreqopts allows to tweak this behavior. When set to 0 udhcpc will not ask for any options except for the options specified in the reqopts config option. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* odhcp6c: add defaultreqopts config optionHans Dedecker2018-02-012-3/+6
| | | | | | | | | By default odhcp6c asks for a default list of options; the config option defaultreqopts allows to tweak this behavior. When set to 0 odhcp6c will not ask for any options except for the options specified in the reqopts config option. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* nftables: remove dependency on kmod-nf-natMatthias Schiffer2018-01-311-1/+1
| | | | | | | | | | | | For minimal firewall setups, NAT support may be unnecessary. It would be possible to further reduce the minimum number of installed modules, e.g. by separating IPv4 and IPv6 support or moving conntrack support into a separate kmod package. We go with a more complete kmod-nft-core for now, until a concrete usecase for smaller packages arises. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* curl: bump to 7.58.0Hans Dedecker2018-01-282-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a0b5e8944 progress-bar: get screen width on windows 65ceb20df test1454: --connect-to with IPv6 address w/o IPv6 support! eb6e3c4f6 CONNECT_TO: fail attempt to set an IPv6 numerical without IPv6 support 96186de1f docs: fix man page syntax to make test 1140 OK again af32cd385 http: prevent custom Authorization headers in redirects 993dd5651 curl: progress bar refresh, get width using ioctl() 9d82cde7b RELEASE-NOTES: synced with bb0ffcc36 bb0ffcc36 libcurl-env.3: first take ec122c4c8 TODO: two possible name resolver improvements a5e6d6ebc http2: don't close connection when single transfer is stopped 87ddeee59 test558: fix for multissl builds da07dbb86 examples/url2file.c: add missing curl_global_cleanup() call ddafd45af SSH: Fix state machine for ssh-agent authentication 9e4ad1e2a openssl: fix potential memory leak in SSLKEYLOGFILE logic ca9c93e3e openssl: fix the libressl build again 2c0c4dff0 unit1307: test many wildcards too 2a1b2b4ef curl_fnmatch: only allow 5 '*' sections in a single pattern cb5accab9 ftp-wildcard: fix matching an empty string with "*[^a]" 25c40c9af SMB: fix numeric constant suffix and variable types 945df7410 CURLOPT_TCP_NODELAY.3: fix typo 8dd4edeb9 smtp/pop3/imap_get_message: decrease the data length too... 84fcaa2e7 openssl: enable SSLKEYLOGFILE support by default e44ddfd47 mime: clone mime tree upon easy handle duplication. 2c821bba8 docs: comment about CURLE_READ_ERROR returned by curl_mime_filedata a06311be2 test395: HTTP with overflow Content-Length value 67595e7d2 test394: verify abort of rubbish in Content-Length: value ac17d7947 test393: verify --max-filesize with excessive Content-Length f68e67271 HTTP: bail out on negative Content-Length: values 0616dfa1e configure.ac: append extra linker flags instead of prepending them. 650b9c1d6 RELEASE-NOTES: synced with 6fa10c8fa 6fa10c8fa setopt: fix SSLVERSION to allow CURL_SSLVERSION_MAX_ values 3b548ffde setopt: reintroduce non-static Curl_vsetopt() for OS400 support fa3dbb9a1 http2: fix incorrect trailer buffer size 2a6dbb815 easy: fix connection ownership in curl_easy_pause 89f680473 system.h: Additionally check __LONG_MAX__ for defining curl_off_t 14d07be37 COPYING: it's 2018! a8ce5efba progress: calculate transfer speed on milliseconds if possible d4e40f069 scripts: allow all perl scripts to be run directly e4f86025d mail-rcpt.d: fix short-text description 908a9a674 build: remove HAVE_LIMITS_H check 129390a51 openssl: fix memory leak of SSLKEYLOGFILE filename 272613df0 Revert "curl/system.h: fix compilation with gcc on AIX PPC and IA64 HP-UX" 481539e90 test1554: improve the error handling 593dcc553 test1554: add global initialization and cleanup dc831260b curl_version_info.3: call the argument 'age' 58d7cd28a brotli: data at the end of content can be lost a0f3eaf25 examples/cacertinmem: ignore cert-already-exists error 859ac3602 tool_getparam: Support size modifiers for --max-filesize b399b0490 build: Fixed incorrect script termination from commit ad1dc10e61 a9b774a77 Makefile.vc: Added our standard copyright header 22fddb85a winbuild: Added support for VC15 ad1dc10e6 build: Added Visual Studio 2017 project files d409640d6 build-wolfssl.bat: Added support for VC15 a4e88317d build-openssl.bat: Added support for VC15 c97648b55 curl/system.h: fix compilation with gcc on AIX PPC and IA64 HP-UX b43755789 examples/rtsp: fix error handling macros f009bbe1f curl_easy_reset: release mime-related data. 4acc9d3d1 content_encoding: rework zlib_inflate e639d4ca4 brotli: allow compiling with version 0.6.0. 9c6a6be88 CURLOPT_READFUNCTION.3: refer to argument with correct name 02f207a76 rand: add a clang-analyzer work-around 13ce373a5 krb5: fix a potential access of uninitialized memory 41982b6ac conncache: fix a return code [regression] 5d0ba70e1 curl: support >256 bytes warning messsages 188a43a8f libssh: fix a syntax error in configure.ac 7ef0c2d86 examples/smtp-mail.c: use separate defines for options and mail 621b24505 THANKS: added missing names cc0cca1ba mailmap: added/clarified several names 9d7a59c8f setopt: less *or equal* than INT_MAX/1000 should be fine 2437dbbf1 vtls: replaced getenv() with curl_getenv() ef5633d4b RELEASE-NOTES: synced with 3b9ea70ee 3b9ea70ee TODO: Expose tried IP addresses that failed 48c184a60 curl.1: mention http:// and https:// as valid proxy prefixes 76db03dd9 curl.1: documented two missing valid exit codes 63e58b8b4 CURLOPT_DNS_LOCAL_IP4.3: fixed the seel also to not self-reference 671f0b506 Revert "curl: don't set CURLOPT_INTERLEAVEDATA" 4b6f3cff7 tests: mark data files as non-executable in git 98c572ed3 tests: update .gitignore for libtests e959f16c5 multi_done: prune DNS cache 06a0a26fb mailmap: fixup two old git Author "aliases" 7ab4e7adb openssl: Disable file buffering for Win32 SSLKEYLOGFILE b1b94305d RESOLVE: output verbose text when trying to set a duplicate name bbea75ad6 CURLOPT_DNS_CACHE_TIMEOUT.3: see also CURLOPT_RESOLVE a4a56ec93 sftp: allow quoted commands to use relative paths 9fb5a943f CURLOPT_PRIVATE.3: fix grammar 179ee78e8 curl: remove __EMX__ #ifdefs 9dfb19483 openssl: improve data-pending check for https proxy 9ffad8eb1 curl: don't set CURLOPT_INTERLEAVEDATA 912324024 curl.h: remove incorrect comment about ERRORBUFFER ebaab4d17 configure: add AX_CODE_COVERAGE only if using gcc b5881d1fb curl: limit -# update frequency for unknown total size 546e7db78 BINDINGS: another PostgreSQL client 55e609890 CONNECT: keep close connection flag in http_connect_state struct c103cac3c include: get netinet/in.h before linux/tcp.h 00cda0f9b openldap: fix checksrc nits ff07f07cc openldap: add commented out debug possibilities bb0ca2d44 examples: move threaded-shared-conn.c to the "complicated" ones 4fb85b87b RELEASE-NOTES: synced with b261c44e8 b261c44e8 URL: tolerate backslash after drive letter for FILE: 24dcd7466 tests: added netinet/in6.h includes in test servers 76ebd5417 configure: check for netinet/in6.h 0c65678e7 curl-config: add --ssl-backends ea3a5d07d conncache: only allow multiplexing within same multi handle 415b8dff8 threaded-shared-conn.c: fixed typo in commenta 5254d8bf2 threaded-shared-conn.c: new example 07cb27c98 conncache: fix several lock issues 85f0133ea libssh: remove dead code in sftp_qoute 615edc1f7 sasl_getmesssage: make sure we have a long enough string to pass 440140946 libssh2: remove dead code from SSH_SFTP_QUOTE 6401ddad4 ssh-libssh.c: please checksrc 918530752 libssh: fixed dereference in statvfs access 8dad32bcf RESOURCES: update spec names a08f5a77c libssh: corrected use of sftp_statvfs() in SSH_SFTP_QUOTE_STATVFS 8843c0939 libssh: no need to call sftp_get_error as ssh_get_error is sufficient 3cef6f22e libssh: fix minor static code analyzer nits 10bb0b471 openssl: pkcs12 is supported by boringssl 8eff32f0b travis: use pip2 instead of pip b7f534597 lib582: do not verify host for SFTP a2f396680 libssh: added SFTP support c75c9d4fb symbols-in-versions: added new symbols with 7.56.3 version 05675ab5a .travis.yml: added build --with-libssh 38aef6dc4 libssh2: return CURLE_UPLOAD_FAILED on failure to upload 75427291e libssh2: send the correct CURLE error code on scp file not found c92d2e14c Added support for libssh SSH SCP back-end 3973ee6a6 RELEASE-NOTES: synced with af8cc7a69 af8cc7a69 curlver: towards 7.57.1 4b4142491 lib: don't export all symbols, just everything curl_* 9194a9959 SSL: Avoid magic allocation of SSL backend specific data 744ee5838 examples/xmlstream.c: don't switch off CURL_GLOBAL_SSL 270494e1a travis: add boringssl build Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* hostapd: add support for hostapd's radius_client_addrStephan Brunner2018-01-271-1/+3
| | | | | | | | Add support for hostapd's radius_client_addr in order to force hostapd to send RADIUS packets from the correct source interface rather than letting linux select the most appropriate. Signed-off-by: Stephan Brunner <s.brunner@stephan-brunner.net>
* iptables: make kmod-ipt-debug part of default ALL buildYousong Zhou2018-01-261-2/+2
| | | | | | | | | The iptables TRACE target is only available in raw table that's why the dependency was moved from iptables-mod-trace into kmod-ipt-debug Fixes FS#1219 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>