This prevents auto-detection of libxml2 and thus the error:
Package lldpd is missing dependencies for the following libraries:
libxml2.so.2
Preventing a dependency to libxml2 is preferred, since libxml2
would be a out-of-(core-)tree dependency.
Reported-by: Buildbot
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45859 3c298f89-4303-0410-b956-a3cf2f4a3e73
Also set HTTPS environment variable for CGI programs on SSL connections.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45852 3c298f89-4303-0410-b956-a3cf2f4a3e73
* Rework hostapd and wpa_supplicant status parsing code
* Add support for querying available HT rates
* Relax definition of restricted channels
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45766 3c298f89-4303-0410-b956-a3cf2f4a3e73
Use shared libipt{,4,6}ext.so libraries instead of statically linking
the userspace matches into the fw3 executable.
As a side effect the match initialization is extremely simplified
compared to the weak function pointer juggling performed before.
This also fixes the initialization of the multiport match.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45764 3c298f89-4303-0410-b956-a3cf2f4a3e73
* drop unused lenient restore patch
* instead of statically linking core extensions, build shared libraries
for reuse in fw3
* strip outdated match revisions and aliases to trim down library size
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45758 3c298f89-4303-0410-b956-a3cf2f4a3e73
This introduces a new config parameter "no-proto-task" useful for
xl2tpd.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45748 3c298f89-4303-0410-b956-a3cf2f4a3e73
If the first resolveip call will fail, peeraddr will be now empty, and
the subsequent resolveip call will try to resolve an empty string.
Fix this by storing the result in a temporary variable.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45712 3c298f89-4303-0410-b956-a3cf2f4a3e73
Bump dnsmasq to v2.73rc8
Important - fixes remotely exploitable buffer overflow introduced in all v2.73 test/release candidates.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45693 3c298f89-4303-0410-b956-a3cf2f4a3e73
hand over parameters to user-script e.g. $1=deconfig
Signed-off-by: Leon George <leon@georgemail.de>
Signed-off-by: Christian Mehlis <christian@m3hlis.de>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45626 3c298f89-4303-0410-b956-a3cf2f4a3e73
The WAN port should at least respond to IGMP and MLD queries as
otherwise a snooping bridge/switch might drop traffic.
RFC4890 recommends to leave IGMP and MLD unfiltered as they are always
link-scoped anyways.
Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45613 3c298f89-4303-0410-b956-a3cf2f4a3e73
OpenVPN assumes that its control channel messages are sent and received
unfragmented, this assumption is broken when CBC record splitting is
enabled in mbedTLS.
The record splitting is intended as countermeasure against BEAST attacks
which do not apply to OpenVPN, therefore we simply disable it until
upstream OpenVPN gains the ability to process fragmented control
messages.
Disabling the splitting also works around a (not remotely triggerable)
segmentation fault in mbedTLS.
References:
* https://dev.openwrt.org/ticket/19101
* https://community.openvpn.net/openvpn/ticket/524
* https://github.com/ARMmbed/mbedtls/pull/185
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45602 3c298f89-4303-0410-b956-a3cf2f4a3e73
Felix Fietkau
Steven Barth
Jo-Philipp Wich
John Crispin
Jonas Gorski
Nicolas Thill