Fresh pull from upstream (stable) package feed
authorRISCi_ATOM <bob@bobcall.me>
Thu, 29 Mar 2018 02:43:21 +0000 (22:43 -0400)
committerRISCi_ATOM <bob@bobcall.me>
Thu, 29 Mar 2018 02:43:21 +0000 (22:43 -0400)
223 files changed:
admin/monit/Makefile
admin/monit/patches/001-fix-default-piddir.patch
admin/zabbix/Makefile
admin/zabbix/files/mac80211
devel/automake/Makefile [new file with mode: 0644]
devel/lpc21isp/Makefile [deleted file]
lang/lua-mosquitto/Makefile [new file with mode: 0644]
lang/luajit/Makefile [new file with mode: 0644]
lang/luajit/patches/010-lua-path.patch [new file with mode: 0644]
lang/python/Makefile
lang/python/files/python-version.mk
lang/python/patches/001-enable-zlib.patch
lang/python/patches/002-do-not-add-include-dirs-when-cross-compiling.patch
lang/python/patches/003-do-not-compile-tests-at-build.patch
lang/python/patches/004-do-not-write-bytes-codes.patch
lang/python/patches/005-fix-bluetooth-support.patch [new file with mode: 0644]
lang/python/patches/006-remove-debian-multiarch-support.patch [deleted file]
lang/python/patches/006-remove-multi-arch-and-local-paths.patch [new file with mode: 0644]
lang/python/patches/008-distutils-use-python-sysroot.patch
lang/python/patches/009-do-not-use-dblib_dir-when-cross-compiling.patch
lang/python/patches/010-do-not-add-rt-lib-dirs-when-cross-compiling.patch
lang/python/patches/011-remove-setupterm-definition.patch
lang/ruby/Makefile
libs/alsa-lib/Makefile
libs/alsa-lib/patches/006-properly-define-S_IRUSR.patch [new file with mode: 0644]
libs/gnutls/Makefile
libs/icu/Makefile
libs/icu/patches/CVE-2017-14952.patch [new file with mode: 0644]
libs/icu/patches/CVE-2017-15422.patch [new file with mode: 0644]
libs/libevhtp/Makefile [new file with mode: 0644]
libs/libevhtp/patches/010-strcmp-endianness-fix.patch [new file with mode: 0644]
libs/libmraa/Makefile [new file with mode: 0644]
libs/libmraa/patches/0001-base.patch [new file with mode: 0644]
libs/libmraa/patches/0002-add-mips-support.patch [new file with mode: 0644]
libs/libmraa/patches/0003-uart.patch [new file with mode: 0644]
libs/libmraa/patches/0004-fixes.patch [new file with mode: 0644]
libs/libradcli/Config.in [deleted file]
libs/libradcli/Makefile [deleted file]
libs/libssh2/Makefile
libs/libtasn1/Makefile
libs/libtins/Makefile [new file with mode: 0644]
libs/libwebsockets/Makefile [new file with mode: 0644]
libs/libxslt/Makefile
libs/libxslt/patches/0005-Fix-a-couple-of-places-where-f-printf-parameters-wer.patch [new file with mode: 0644]
libs/libxslt/patches/0006-Initialize-pseudo-random-number-generator-with-curre.patch [new file with mode: 0644]
libs/libxslt/patches/0007-EXSLT-function-str-replace-is-broken-as-is.patch [new file with mode: 0644]
libs/libxslt/patches/0008-Fix-quoting-of-xlocale-test-program-in-configure.in.patch [new file with mode: 0644]
libs/libxslt/patches/0009-Fix-for-type-confusion-in-preprocessing-attributes.patch [new file with mode: 0644]
libs/libxslt/patches/0010-Always-initialize-EXSLT-month-and-day-to-1.patch [new file with mode: 0644]
libs/libxslt/patches/0011-Fix-use-after-free-in-xsltDocumentFunctionLoadDocume.patch [new file with mode: 0644]
libs/libxslt/patches/0012-Fix-xsltNumberFormatGetMultipleLevel.patch [new file with mode: 0644]
libs/libxslt/patches/0013-Round-xsl-number-values-to-nearest-integer.patch [new file with mode: 0644]
libs/libxslt/patches/0014-Handle-negative-xsl-number-values.patch [new file with mode: 0644]
libs/libxslt/patches/0015-Lower-bound-for-format-token-a.patch [new file with mode: 0644]
libs/libxslt/patches/0016-Lower-and-upper-bound-for-format-token-i.patch [new file with mode: 0644]
libs/libxslt/patches/0017-Fix-double-free-in-libexslt-hash-functions.patch [new file with mode: 0644]
libs/libxslt/patches/0018-Fix-buffer-overflow-in-exsltDateFormat.patch [new file with mode: 0644]
libs/libxslt/patches/0019-Fix-OOB-heap-read-in-xsltExtModuleRegisterDynamic.patch [new file with mode: 0644]
libs/libxslt/patches/0020-Fix-heap-overread-in-xsltFormatNumberConversion.patch [new file with mode: 0644]
libs/libxslt/patches/0021-Check-for-integer-overflow-in-xsltAddTextString.patch [new file with mode: 0644]
libs/loudmouth/Makefile [new file with mode: 0644]
libs/openldap/Makefile
libs/p11-kit/Makefile
libs/pcre/Makefile
libs/pcre/patches/001-CVE-2017-7186 [deleted file]
libs/postgresql/Makefile
libs/sqlite3/Makefile
libs/tiff/Makefile [deleted file]
libs/tiff/patches/001-autoconf-compat.patch [deleted file]
libs/tiff/patches/002-CVE-2015-8665_and_CVE-2015-8683.patch [deleted file]
libs/tiff/patches/003-fix_potential_out-of-bound_writes_in_decode_functions.patch [deleted file]
libs/tiff/patches/004-fix_potential_out-of-bound_write_in_NeXTDecode.patch [deleted file]
libs/tiff/patches/005-fix-ftell-macro.patch [deleted file]
mail/nail/Makefile [new file with mode: 0644]
mail/nail/patches/100-handle-openssl-without-sslv2-sslv3.patch [new file with mode: 0644]
multimedia/ffmpeg/Config.in [deleted file]
multimedia/ffmpeg/Makefile [deleted file]
multimedia/gst1-plugins-bad/Makefile [deleted file]
multimedia/gst1-plugins-bad/patches/001-no-translations.patch [deleted file]
multimedia/gst1-plugins-bad/patches/002-no-tests.patch [deleted file]
multimedia/gst1-plugins-good/Makefile [new file with mode: 0644]
multimedia/gst1-plugins-good/patches/001-no-translations.patch [new file with mode: 0644]
multimedia/gst1-plugins-good/patches/002-no-tests.patch [new file with mode: 0644]
multimedia/gst1-plugins-good/patches/003-no-docs.patch [new file with mode: 0644]
multimedia/gst1-plugins-ugly/Makefile [deleted file]
multimedia/gst1-plugins-ugly/patches/001-no-translations.patch [deleted file]
multimedia/gst1-plugins-ugly/patches/002-no-tests.patch [deleted file]
multimedia/gst1-plugins-ugly/patches/003-no-docs.patch [deleted file]
multimedia/minidlna/Makefile [deleted file]
multimedia/minidlna/files/minidlna.config [deleted file]
multimedia/minidlna/files/minidlna.init [deleted file]
multimedia/minidlna/patches/010-libav-fix.patch [deleted file]
net/acme/Makefile
net/acme/files/run.sh
net/adblock/Makefile
net/adblock/files/README.md
net/adblock/files/adblock.conf
net/adblock/files/adblock.init
net/adblock/files/adblock.notify [new file with mode: 0644]
net/adblock/files/adblock.sh
net/cjdns/Makefile [deleted file]
net/cjdns/files/cjdns.defaults [deleted file]
net/cjdns/files/cjdns.init [deleted file]
net/cjdns/files/cjdrouteconf [deleted file]
net/cjdns/lua/cjdns/admin.lua [deleted file]
net/cjdns/lua/cjdns/common.lua [deleted file]
net/cjdns/lua/cjdns/init.lua [deleted file]
net/cjdns/lua/cjdns/uci.lua [deleted file]
net/cjdns/lua/cjdns/udp.lua [deleted file]
net/freeradius2/Config.in [new file with mode: 0644]
net/freeradius2/Makefile [new file with mode: 0644]
net/freeradius2/files/radiusd.init [new file with mode: 0644]
net/freeradius2/patches/001-fix-makefile.patch [new file with mode: 0644]
net/freeradius2/patches/002-config.patch [new file with mode: 0644]
net/freeradius2/patches/004-ldap_configure.patch [new file with mode: 0644]
net/freeradius2/patches/008-honor_ccpflags.patch [new file with mode: 0644]
net/freeradius2/patches/010-disbale-openssl-check.patch [new file with mode: 0644]
net/git/Makefile
net/haproxy/Makefile
net/haproxy/patches/0001-BUG-MINOR-peers-peer-synchronization-issue-with-seve.patch [new file with mode: 0644]
net/haproxy/patches/0002-BUG-MINOR-lua-In-error-case-the-safe-mode-is-not-rem.patch [new file with mode: 0644]
net/haproxy/patches/0003-BUG-MINOR-lua-executes-the-function-destroying-the-L.patch [new file with mode: 0644]
net/haproxy/patches/0004-BUG-MAJOR-lua-socket-resources-not-detroyed-when-the.patch [new file with mode: 0644]
net/haproxy/patches/0005-BUG-MEDIUM-lua-bad-memory-access.patch [new file with mode: 0644]
net/haproxy/patches/0006-DOC-update-CONTRIBUTING-regarding-optional-parts-and.patch [new file with mode: 0644]
net/haproxy/patches/0007-DOC-update-the-list-of-OpenSSL-versions-in-the-READM.patch [new file with mode: 0644]
net/haproxy/patches/0008-MINOR-tools-add-a-portable-timegm-alternative.patch [new file with mode: 0644]
net/haproxy/patches/0009-BUILD-lua-replace-timegm-with-my_timegm-to-fix-build.patch [new file with mode: 0644]
net/haproxy/patches/0010-DOC-Updated-51Degrees-git-URL-to-point-to-a-stable-v.patch [new file with mode: 0644]
net/haproxy/patches/0011-BUG-MINOR-http-Set-the-response-error-state-in-http_.patch [new file with mode: 0644]
net/haproxy/patches/0012-MINOR-http-Reorder-rewrite-checks-in-http_resync_sta.patch [new file with mode: 0644]
net/haproxy/patches/0013-MINOR-http-Switch-requests-responses-in-TUNNEL-mode-.patch [new file with mode: 0644]
net/haproxy/patches/0014-BUG-MEDIUM-http-Switch-HTTP-responses-in-TUNNEL-mode.patch [new file with mode: 0644]
net/haproxy/patches/0015-BUG-MAJOR-http-Fix-possible-infinity-loop-in-http_sy.patch [new file with mode: 0644]
net/haproxy/patches/0016-BUG-MINOR-lua-Fix-Server.get_addr-port-values.patch [new file with mode: 0644]
net/haproxy/patches/0017-BUG-MINOR-lua-Correctly-use-INET6_ADDRSTRLEN-in-Serv.patch [new file with mode: 0644]
net/haproxy/patches/0018-BUG-MINOR-lua-always-detach-the-tcp-http-tasks-befor.patch [new file with mode: 0644]
net/horst/Makefile [new file with mode: 0644]
net/https-dns-proxy/Makefile
net/jool/Makefile
net/luci-app-cjdns/Makefile [deleted file]
net/luci-app-cjdns/luasrc/controller/cjdns.lua [deleted file]
net/luci-app-cjdns/luasrc/model/cbi/cjdns/cjdrouteconf.lua [deleted file]
net/luci-app-cjdns/luasrc/model/cbi/cjdns/iptunnel.lua [deleted file]
net/luci-app-cjdns/luasrc/model/cbi/cjdns/overview.lua [deleted file]
net/luci-app-cjdns/luasrc/model/cbi/cjdns/peering.lua [deleted file]
net/luci-app-cjdns/luasrc/model/cbi/cjdns/settings.lua [deleted file]
net/luci-app-cjdns/luasrc/view/admin_status/index/cjdns.htm [deleted file]
net/luci-app-cjdns/luasrc/view/cjdns/status.htm [deleted file]
net/luci-app-cjdns/luasrc/view/cjdns/value.htm [deleted file]
net/miniupnpd/Makefile [deleted file]
net/miniupnpd/files/firewall.include [deleted file]
net/miniupnpd/files/miniupnpd.defaults [deleted file]
net/miniupnpd/files/miniupnpd.hotplug [deleted file]
net/miniupnpd/files/miniupnpd.init [deleted file]
net/miniupnpd/files/upnpd.config [deleted file]
net/miniupnpd/patches/101-no-ssl-uuid.patch [deleted file]
net/miniupnpd/patches/102-ipv6-ext-port.patch [deleted file]
net/miniupnpd/patches/103-no-ipv6-autodetection.patch [deleted file]
net/miniupnpd/patches/104-always-libuuid.patch [deleted file]
net/mwan3-luci/Makefile
net/mwan3-luci/files/usr/lib/lua/luci/controller/mwan3.lua
net/mwan3/Makefile
net/mwan3/files/etc/hotplug.d/iface/15-mwan3
net/mwan3/files/etc/hotplug.d/iface/16-mwan3-user [deleted file]
net/mwan3/files/etc/mwan3.user [deleted file]
net/mwan3/files/lib/mwan3/mwan3.sh
net/mwan3/files/usr/libexec/rpcd/mwan3 [deleted file]
net/mwan3/files/usr/sbin/mwan3
net/mwan3/files/usr/sbin/mwan3track
net/nlbwmon/Makefile [new file with mode: 0644]
net/nlbwmon/files/nlbwmon.config [new file with mode: 0644]
net/nlbwmon/files/nlbwmon.init [new file with mode: 0755]
net/seafile-ccnet/Makefile [deleted file]
net/seafile-ccnet/patches/010-Makefile.patch [deleted file]
net/seafile-seahub/Makefile [deleted file]
net/seafile-seahub/patches/010-default-config.patch [deleted file]
net/seafile-seahub/patches/020-Makefile-fixes.patch [deleted file]
net/sqm-scripts/Makefile
net/strongswan/Makefile
net/strongswan/patches/101-musl-fixes.patch
net/strongswan/patches/203-uci.patch
net/strongswan/patches/210-sleep.patch
net/strongswan/patches/305-minimal_dh_plugin.patch
net/subversion/Makefile
net/tinc/Makefile
net/tor/Makefile
net/travelmate/Makefile
net/travelmate/files/README.md
net/travelmate/files/travelmate.conf
net/travelmate/files/travelmate.init
net/travelmate/files/travelmate.sh
net/ulogd/Makefile
net/ulogd/patches/101-ulogd-use-strncpy-instead-of-memcpy.patch [new file with mode: 0644]
net/unbound/Makefile
net/unbound/patches/001-conf.patch
net/vallumd/Makefile [new file with mode: 0644]
net/vallumd/files/vallumd.conf [new file with mode: 0644]
net/vallumd/files/vallumd.init [new file with mode: 0644]
net/vpnc/Makefile
net/vpnc/files/vpnc.sh
net/wget/Makefile
net/wireguard/Makefile [deleted file]
net/wireguard/files/wireguard.sh [deleted file]
utils/attendedsysupgrade-common/Makefile [new file with mode: 0644]
utils/attendedsysupgrade-common/files/attendedsysupgrade.defaults [new file with mode: 0644]
utils/bluez/Makefile [deleted file]
utils/bluez/files/bluetooth.config [deleted file]
utils/bluez/files/bluetooth.dbus [deleted file]
utils/bluez/files/bluetoothd.init [deleted file]
utils/bluez/files/givepin [deleted file]
utils/bluez/patches/001-bcm43xx-Add-bcm43xx-3wire-variant.patch [deleted file]
utils/bluez/patches/002-bcm43xx-The-UART-speed-must-be-reset-after-the-firmw.patch [deleted file]
utils/bluez/patches/003-Increase-firmware-load-timeout-to-30s.patch [deleted file]
utils/bluez/patches/004-Move-the-43xx-firmware-into-lib-firmware.patch [deleted file]
utils/bluez/patches/200-uart-speed.patch [deleted file]
utils/bluez/patches/201-readline.patch [deleted file]
utils/canutils/Makefile
utils/collectd/Makefile
utils/collectd/patches/500-fix-uptime-reading.patch [new file with mode: 0644]
utils/coreutils/Makefile
utils/tree/Makefile [new file with mode: 0644]
utils/ttyd/Makefile [new file with mode: 0644]

index 4f8c14a29e4ffd7865ac11ab8b58138fd035d4a1..3c6bf6352f31a94a53e2adf14b06fc07963cddc4 100644 (file)
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=monit
-PKG_VERSION:=5.18
+PKG_VERSION:=5.24.0
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=http://mmonit.com/monit/dist
-PKG_MD5SUM:=a1bfac0fbb83439435f8616200d2364d
+PKG_HASH:=754d1f0e165e5a26d4639a6a83f44ccf839e381f2622e0946d5302fa1f2d2414
+PKG_SOURCE_URL:=https://mmonit.com/monit/dist
 
 PKG_LICENSE:=AGPL-3.0
 PKG_LICENSE_FILES:=COPYING
@@ -26,9 +26,9 @@ include $(INCLUDE_DIR)/package.mk
 define Package/monit/Default
   SECTION:=admin
   CATEGORY:=Administration
-  DEPENDS:= +libpthread
+  DEPENDS:= +libpthread +zlib
   TITLE:=System services monitoring utility
-  URL:=http://mmonit.com/monit/
+  URL:=https://mmonit.com/monit/
   MAINTAINER:=Etienne CHAMPETIER <champetier.etienne@gmail.com>
 endef
 
index 7af871f0deb4492e927c697caf1c5b2f9aee00ac..6382f6f40af7fcf0359d3e88c9e08425c622cfdc 100644 (file)
@@ -1,6 +1,6 @@
 --- a/configure
 +++ b/configure
-@@ -13849,14 +13849,7 @@ fi
+@@ -13852,14 +13852,7 @@ fi
  # Find the right directory to put the root-mode PID file in
  { $as_echo "$as_me:${as_lineno-$LINENO}: checking pid file location" >&5
  $as_echo_n "checking pid file location... " >&6; }
index f66c237d074fa48ee653f7dd6cc72fb61c8d4bf5..c681984753a6ab7c83f9f6536d355728473c4215 100644 (file)
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=zabbix
-PKG_VERSION:=3.0.3
+PKG_VERSION:=3.2.6
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_HASH:=98f025b39515b196552b8a23e2fe20a8180b5e99e613ce7378725a46ed8b62d6
 PKG_SOURCE_URL:=@SF/zabbix
-PKG_MD5SUM:=7c45d37000e67d75042695344c9937e0
 
 PKG_LICENSE:=GPL-2.0
 PKG_LICENSE_FILES:=COPYING
index afa50aeba5e9d2ecd594fa1ba023b250a0e62107..a567f85ce2864f8f0684263ba44594136cda5129 100644 (file)
@@ -15,13 +15,15 @@ UserParameter=mac80211.ACKFailureCount[*],zabbix_helper_mac80211 $1 dot11ACKFail
 UserParameter=mac80211.FCSErrorCount[*],zabbix_helper_mac80211 $1 dot11FCSErrorCount
 UserParameter=mac80211.RTSFailureCount[*],zabbix_helper_mac80211 $1 dot11RTSFailureCount
 UserParameter=mac80211.RTSSuccessCount[*],zabbix_helper_mac80211 $1 dot11RTSSuccessCount
-UserParameter=mac80211.FailedCount[*],zabbix_helper_mac80211 $1 failed_count
-UserParameter=mac80211.FrameDuplicateCount[*],zabbix_helper_mac80211 $1 frame_duplicate_count
-UserParameter=mac80211.MulticastReceivedFrameCount[*],zabbix_helper_mac80211 $1 multicast_received_frame_count
-UserParameter=mac80211.MulticastTransmittedFrameCount[*],zabbix_helper_mac80211 $1 multicast_transmitted_frame_count
-UserParameter=mac80211.MultipleRetryCount[*],zabbix_helper_mac80211 $1 multiple_retry_count
-UserParameter=mac80211.ReceivedFragmentCount[*],zabbix_helper_mac80211 $1 received_fragment_count
-UserParameter=mac80211.RetryCount[*],zabbix_helper_mac80211 $1 retry_count
-UserParameter=mac80211.TransmittedFragmentCount[*],zabbix_helper_mac80211 $1 transmitted_fragment_count
-UserParameter=mac80211.TransmittedFrameCount[*],zabbix_helper_mac80211 $1 transmitted_frame_count
+
+# hidden behind MAC80211_DEBUG_COUNTERS
+UserParameter=mac80211.FailedCount[*],zabbix_helper_mac80211 $1 dot11FailedCount
+UserParameter=mac80211.FrameDuplicateCount[*],zabbix_helper_mac80211 $1 dot11FrameDuplicateCount
+UserParameter=mac80211.MulticastReceivedFrameCount[*],zabbix_helper_mac80211 $1 dot11MulticastReceivedFrameCount
+UserParameter=mac80211.MulticastTransmittedFrameCount[*],zabbix_helper_mac80211 $1 dot11MulticastTransmittedFrameCount
+UserParameter=mac80211.MultipleRetryCount[*],zabbix_helper_mac80211 $1 dot11MultipleRetryCount
+UserParameter=mac80211.ReceivedFragmentCount[*],zabbix_helper_mac80211 $1 dot11ReceivedFragmentCount
+UserParameter=mac80211.RetryCount[*],zabbix_helper_mac80211 $1 dot11RetryCount
+UserParameter=mac80211.TransmittedFragmentCount[*],zabbix_helper_mac80211 $1 dot11TransmittedFragmentCount
+UserParameter=mac80211.TransmittedFrameCount[*],zabbix_helper_mac80211 $1 dot11TransmittedFrameCount
 
diff --git a/devel/automake/Makefile b/devel/automake/Makefile
new file mode 100644 (file)
index 0000000..8357011
--- /dev/null
@@ -0,0 +1,65 @@
+#
+# Copyright (C) 2015-2016 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=automake
+PKG_VERSION:=1.15
+PKG_RELEASE:=4
+
+PKG_SOURCE_URL:=@GNU/automake
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
+PKG_MD5SUM:=9a1ddb0e053474d9d1105cfe39b0c48d
+PKG_MAINTAINER:=Heinrich Schuchardt <xypron.glpk@gmx.de>
+PKG_LICENSE:=GPL-3.0+
+
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/automake
+  SECTION:=devel
+  CATEGORY:=Development
+  TITLE:=automake
+  URL:=https://www.gnu.org/software/automake/
+  DEPENDS:=+autoconf +perlbase-thread +perlbase-attributes
+endef
+
+define Package/automake/description
+  Automake is a tool for automatically generating Makefile.in files compliant
+  with the GNU Coding Standards.
+endef
+
+FIX_PATHS = $(SED) '1c \#!/usr/bin/perl' -e 's| /[^ ]*/bin/perl| /usr/bin/perl|g'
+
+define Package/automake/install
+       $(INSTALL_DIR) $(1)/usr/bin
+       $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/automake-$(PKG_VERSION) \
+         $(1)/usr/bin/automake-$(PKG_VERSION)
+       $(LN) automake-$(PKG_VERSION) $(1)/usr/bin/automake
+       $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/aclocal-$(PKG_VERSION) \
+         $(1)/usr/bin/aclocal-$(PKG_VERSION)
+       $(LN) aclocal-$(PKG_VERSION) $(1)/usr/bin/aclocal
+       $(FIX_PATHS) $(1)/usr/bin/automake-$(PKG_VERSION)
+       $(FIX_PATHS) $(1)/usr/bin/aclocal-$(PKG_VERSION)
+       $(INSTALL_DIR) $(1)/usr/share/automake-$(PKG_VERSION)
+
+       for dir in \
+         automake-$(PKG_VERSION) automake-$(PKG_VERSION)/Automake \
+         automake-$(PKG_VERSION)/am aclocal \
+         aclocal-$(PKG_VERSION) aclocal-$(PKG_VERSION)/internal \
+       ; do \
+               $(INSTALL_DIR) $(1)/usr/share/$$$$dir; \
+               for file in $$$$(cd $(PKG_INSTALL_DIR) && \
+                 find usr/share/$$$$dir -maxdepth 1 -type f); do \
+                       $(INSTALL_DATA) $$(PKG_INSTALL_DIR)/$$$$file \
+                       $(1)/$$$$file; \
+               done; \
+       done
+endef
+
+$(eval $(call BuildPackage,automake))
diff --git a/devel/lpc21isp/Makefile b/devel/lpc21isp/Makefile
deleted file mode 100644 (file)
index 292b7a4..0000000
+++ /dev/null
@@ -1,42 +0,0 @@
-#
-# Copyright (C) 2016 OpenWrt.org
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=lpc21isp
-PKG_VERSION:=197
-PKG_RELEASE:=1
-PKG_LICENSE:=LGPL-3.0+
-PKG_LICENSE_FILES:=README gpl.txt lgpl-3.0.txt
-
-PKG_BUILD_DIR:=$(BUILD_DIR)/lpc21isp_$(PKG_VERSION)
-PKG_SOURCE:=lpc21isp_$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=@SF/lpc21isp
-PKG_MD5SUM:=0b286859a05a725647ecb1b3fe9ba606
-PKG_CAT:=zcat
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/lpc21isp
-  SECTION:=base
-  CATEGORY:=Development
-  TITLE:=Command line ISP for NXP LPC family and ADUC70xx
-  URL:=http://lpc21isp.sourceforge.net/
-  MAINTAINER:=Emil 'Skeen' Madsen <sovende@gmail.com>
-endef
-
-define Package/lpc21isp/description
- Portable command line ISP (In-circuit Programmer) for NXP LPC family
- and Analog Devices ADUC70xx.
-endef
-
-define Package/lpc21isp/install
-               $(INSTALL_DIR) $(1)/usr/sbin
-               $(INSTALL_BIN) $(PKG_BUILD_DIR)/lpc21isp $(1)/usr/sbin/
-endef
-
-$(eval $(call BuildPackage,lpc21isp))
diff --git a/lang/lua-mosquitto/Makefile b/lang/lua-mosquitto/Makefile
new file mode 100644 (file)
index 0000000..2220b2e
--- /dev/null
@@ -0,0 +1,42 @@
+#
+# Copyright (C) 2013-2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=lua-mosquitto
+PKG_VERSION:=0.2
+PKG_RELEASE:=1
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=LICENSE
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE_URL:=https://github.com/flukso/lua-mosquitto.git
+PKG_SOURCE_VERSION:=v$(PKG_VERSION)
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/$(PKG_NAME)
+    SUBMENU:=Lua
+    SECTION:=lang
+    CATEGORY:=Languages
+    TITLE:=Lua-mosquitto
+    DEPENDS:=+libmosquitto +lua
+    MAINTAINER:=Karl Palsson <karlp@remake.is>
+endef
+
+define Package/$(PKG_NAME)/description
+       Lua bindings to libmosquitto
+endef
+
+define Package/$(PKG_NAME)/install
+       $(INSTALL_DIR) $(1)/usr/lib/lua
+       $(INSTALL_BIN) $(PKG_BUILD_DIR)/mosquitto.so $(1)/usr/lib/lua
+endef
+
+$(eval $(call BuildPackage,$(PKG_NAME)))
diff --git a/lang/luajit/Makefile b/lang/luajit/Makefile
new file mode 100644 (file)
index 0000000..3606d24
--- /dev/null
@@ -0,0 +1,91 @@
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=luajit
+PKG_VERSION:=2016-06-05-8e5d7be
+PKG_RELEASE:=1
+PKG_MAINTAINER:=Morteza Milani <milani@pichak.co>
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=COPYRIGHT
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://github.com/LuaJIT/LuaJIT.git
+PKG_SOURCE_VERSION:=8e5d7bec0d110aa4ccd7e8492f697ff2a88a55ed
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
+PKG_BUILD_DIR=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
+
+PKG_USE_MIPS16:=0
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/host-build.mk
+
+define Package/luajit
+ SUBMENU:=Lua
+ SECTION:=lang
+ CATEGORY:=Languages
+ TITLE:=LuaJIT
+ URL:=http://www.luajit.org
+ DEPENDS:=@(i386||x86_64||arm||armeb||powerpc||mips||mipsel)
+endef
+
+define Package/luajit/description
+ LuaJIT is a Just-In-Time (JIT) compiler for the Lua programming language.
+endef
+
+TARGET_CFLAGS += $(FPIC) -std=gnu99
+HOST_CFLAGS += $(FPIC) -std=gnu99
+
+ifeq ($(HOST_ARCH),x86_64)
+  ifeq ($(CONFIG_x86_64),)
+    HOST_BITS := -m32
+  endif
+endif
+
+define Build/Compile
+       $(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \
+               HOST_CC="$(HOSTCC) $(HOST_CFLAGS) $(HOST_BITS)" \
+               CROSS="$(TARGET_CROSS)" \
+               DPREFIX=$(PKG_INSTALL_DIR)/usr \
+               PREFIX=/usr \
+               TARGET_CFLAGS="$(TARGET_CFLAGS)"
+       rm -rf $(PKG_INSTALL_DIR)
+       mkdir -p $(PKG_INSTALL_DIR)
+       $(MAKE) -C $(PKG_BUILD_DIR) \
+               DPREFIX=$(PKG_INSTALL_DIR)/usr \
+               PREFIX=/usr \
+               install
+endef
+
+define Build/InstallDev
+       $(INSTALL_DIR) $(1)/usr/include/luajit-2.1
+       $(CP) $(PKG_INSTALL_DIR)/usr/include/luajit-2.1/*.h $(1)/usr/include/luajit-2.1
+       $(INSTALL_DIR) $(1)/usr/lib
+       $(CP) $(PKG_INSTALL_DIR)/usr/lib/*.{a,so*} $(1)/usr/lib/
+       $(INSTALL_DIR) $(1)/usr/lib/pkgconfig
+       $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/luajit.pc $(1)/usr/lib/pkgconfig/
+       $(CP) $(PKG_INSTALL_DIR)/usr/bin/luajit-2.1.0-beta2 $(PKG_INSTALL_DIR)/usr/bin/$(PKG_NAME)
+endef
+
+define Package/luajit/install
+       $(INSTALL_DIR) $(1)/usr/lib/
+       $(CP) $(PKG_INSTALL_DIR)/usr/lib/*.so $(1)/usr/lib/
+       $(INSTALL_DIR) $(1)/usr/bin
+       $(CP) $(PKG_INSTALL_DIR)/usr/bin/luajit-2.1.0-beta2 $(1)/usr/bin/$(PKG_NAME)
+endef
+
+define Host/Compile
+       $(MAKE) $(HOST_JOBS) -C $(HOST_BUILD_DIR) \
+               DPREFIX=$(STAGING_DIR_HOSTPKG) \
+               TARGET_CFLAGS="$(HOST_CFLAGS)" \
+               TARGET_LDFLAGS="$(HOST_LDFLAGS)"
+endef
+
+define Host/Install
+       $(MAKE) $(HOST_JOBS) -C $(HOST_BUILD_DIR) \
+               DPREFIX=$(STAGING_DIR_HOSTPKG) \
+               install
+       $(CP) $(STAGING_DIR_HOSTPKG)/bin/luajit-2.1.0-beta2 $(STAGING_DIR_HOSTPKG)/bin/$(PKG_NAME)
+endef
+
+$(eval $(call HostBuild,luajit))
+$(eval $(call BuildPackage,luajit))
diff --git a/lang/luajit/patches/010-lua-path.patch b/lang/luajit/patches/010-lua-path.patch
new file mode 100644 (file)
index 0000000..63df9a1
--- /dev/null
@@ -0,0 +1,13 @@
+--- a/src/luaconf.h
++++ b/src/luaconf.h
+@@ -35,8 +35,8 @@
+ #ifndef LUA_LMULTILIB
+ #define LUA_LMULTILIB "lib"
+ #endif
+-#define LUA_LROOT     "/usr/local"
+-#define LUA_LUADIR    "/lua/5.1/"
++#define LUA_LROOT     "/usr"
++#define LUA_LUADIR    "/lua/"
+ #define LUA_LJDIR     "/luajit-2.1.0-beta2/"
+
+ #ifdef LUA_ROOT
index d17b6e1341d8d40217c4cd9a7421ef0f22df43ad..0b15a001c3f4d86d60e7b4bff597554c0e30a436 100644 (file)
@@ -12,12 +12,12 @@ include ./files/python-version.mk
 
 PKG_NAME:=python
 PKG_VERSION:=$(PYTHON_VERSION).$(PYTHON_VERSION_MICRO)
-PKG_RELEASE:=4
+PKG_RELEASE:=5
 
 PKG_SOURCE:=Python-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=https://www.python.org/ftp/python/$(PKG_VERSION)
-PKG_MD5SUM:=53b43534153bb2a0363f08bae8b9d990
-PKG_HASH:=35d543986882f78261f97787fd3e06274bfa6df29fac9b4a94f73930ff98f731
+PKG_MD5SUM:=1f6db41ad91d9eb0a6f0c769b8613c5b
+PKG_HASH:=71ffb26e09e78650e424929b2b457b9c912ac216576e6bd9e7d204ed03296a66
 
 PKG_LICENSE:=PSF
 PKG_LICENSE_FILES:=LICENSE Modules/_ctypes/libffi_msvc/LICENSE Modules/_ctypes/darwin/LICENSE Modules/_ctypes/libffi/LICENSE Modules/_ctypes/libffi_osx/LICENSE Tools/pybench/LICENSE
@@ -242,6 +242,10 @@ HOST_CONFIGURE_ARGS+= \
        --with-system-ffi=no \
        CONFIG_SITE=
 
+define Host/Compile
+       $(call Host/Compile/Default,python Parser/pgen sharedmods)
+endef
+
 define Host/Install
        $(MAKE) -C $(HOST_BUILD_DIR) install
        $(INSTALL_DIR) $(HOST_PYTHON_DIR)/bin/
index 847eaf5c729269c61de360f46b93586b96c4d836..3e04727b27e45e4e8f0eae4a51475f5790060099 100644 (file)
@@ -6,5 +6,5 @@
 #
 
 PYTHON_VERSION:=2.7
-PYTHON_VERSION_MICRO:=13
+PYTHON_VERSION_MICRO:=14
 
index 780831e86c89033fd5667d07e4be21b469dc02c6..e85b53c8d970dad829010585888074e86b23acf4 100644 (file)
@@ -7,11 +7,9 @@ Subject: [PATCH] enable zlib
  Modules/Setup.dist | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
 
-diff --git a/Modules/Setup.dist b/Modules/Setup.dist
-index 01fb85f..01ac492 100644
 --- a/Modules/Setup.dist
 +++ b/Modules/Setup.dist
-@@ -358,7 +358,7 @@ _symtable symtablemodule.c
+@@ -464,7 +464,7 @@ GLHACK=-Dclear=__GLclear
  # Andrew Kuchling's zlib module.
  # This require zlib 1.1.3 (or later).
  # See http://www.gzip.org/zlib/
@@ -20,6 +18,3 @@ index 01fb85f..01ac492 100644
  
  # Interface to the Expat XML parser
  #
--- 
-1.8.4.5
-
index fb2fe8a77550d7332cff77ff3b20ca154e0a29ee..0099abf74fe43114c9e79332785d0b1dc2b68eca 100644 (file)
@@ -1,8 +1,6 @@
-diff --git a/setup.py b/setup.py
-index cbdeaf3..5154412 100644
 --- a/setup.py
 +++ b/setup.py
-@@ -480,7 +480,8 @@ class PyBuildExt(build_ext):
+@@ -497,7 +497,8 @@ class PyBuildExt(build_ext):
                          add_dir_to_list(dir_list, directory)
  
          if os.path.normpath(sys.prefix) != '/usr' \
index a6774e174101a0c82174536cafde8501887dada2..5bd07b122a0522a43514a0bf17ee0dfa59740957 100644 (file)
@@ -1,8 +1,6 @@
-diff --git a/Makefile.pre.in b/Makefile.pre.in
-index 7f4ec2f..e270bf2 100644
 --- a/Makefile.pre.in
 +++ b/Makefile.pre.in
-@@ -1038,6 +1038,7 @@ libinstall:      build_all $(srcdir)/Lib/$(PLATDIR) $(srcdir)/Modules/xxmodule.c
+@@ -1110,6 +1110,7 @@ libinstall:      build_all $(srcdir)/Lib/$(PL
                done; \
        done
        $(INSTALL_DATA) $(srcdir)/LICENSE $(DESTDIR)$(LIBDEST)/LICENSE.txt
@@ -10,7 +8,7 @@ index 7f4ec2f..e270bf2 100644
        if test -d $(DESTDIR)$(LIBDEST)/distutils/tests; then \
                $(INSTALL_DATA) $(srcdir)/Modules/xxmodule.c \
                        $(DESTDIR)$(LIBDEST)/distutils/tests ; \
-@@ -1064,6 +1065,7 @@ libinstall:      build_all $(srcdir)/Lib/$(PLATDIR) $(srcdir)/Modules/xxmodule.c
+@@ -1136,6 +1137,7 @@ libinstall:      build_all $(srcdir)/Lib/$(PL
                $(PYTHON_FOR_BUILD) -m lib2to3.pgen2.driver $(DESTDIR)$(LIBDEST)/lib2to3/Grammar.txt
        -PYTHONPATH=$(DESTDIR)$(LIBDEST) $(RUNSHARED) \
                $(PYTHON_FOR_BUILD) -m lib2to3.pgen2.driver $(DESTDIR)$(LIBDEST)/lib2to3/PatternGrammar.txt
index f67e7dcad8259a4cc444910c7b078ee53293c7d9..66c007799fe09466bd6778343ebe78b8efb8920b 100644 (file)
@@ -1,8 +1,6 @@
-diff --git a/Python/pythonrun.c b/Python/pythonrun.c
-index 748a63b..cb6e291 100644
 --- a/Python/pythonrun.c
 +++ b/Python/pythonrun.c
-@@ -79,7 +79,7 @@ int Py_InteractiveFlag; /* Needed by Py_FdIsInteractive() below */
+@@ -79,7 +79,7 @@ int Py_InteractiveFlag; /* Needed by Py_
  int Py_InspectFlag; /* Needed to determine whether to exit at SystemExit */
  int Py_NoSiteFlag; /* Suppress 'import site' */
  int Py_BytesWarningFlag; /* Warn on str(bytes) and str(buffer) */
@@ -11,7 +9,7 @@ index 748a63b..cb6e291 100644
  int Py_UseClassExceptionsFlag = 1; /* Needed by bltinmodule.c: deprecated */
  int Py_FrozenFlag; /* Needed by getpath.c */
  int Py_UnicodeFlag = 0; /* Needed by compile.c */
-@@ -174,7 +174,7 @@ Py_InitializeEx(int install_sigs)
+@@ -185,7 +185,7 @@ Py_InitializeEx(int install_sigs)
      if ((p = Py_GETENV("PYTHONOPTIMIZE")) && *p != '\0')
          Py_OptimizeFlag = add_flag(Py_OptimizeFlag, p);
      if ((p = Py_GETENV("PYTHONDONTWRITEBYTECODE")) && *p != '\0')
diff --git a/lang/python/patches/005-fix-bluetooth-support.patch b/lang/python/patches/005-fix-bluetooth-support.patch
new file mode 100644 (file)
index 0000000..ccc2936
--- /dev/null
@@ -0,0 +1,61 @@
+diff --git a/configure b/configure
+index 4c0435e..0068a9d 100755
+--- a/configure
++++ b/configure
+@@ -7045,7 +7045,7 @@ sys/param.h sys/poll.h sys/random.h sys/select.h sys/socket.h sys/statvfs.h sys/
+ sys/termio.h sys/time.h \
+ sys/times.h sys/types.h sys/un.h sys/utsname.h sys/wait.h pty.h libutil.h \
+ sys/resource.h netpacket/packet.h sysexits.h bluetooth.h \
+-bluetooth/bluetooth.h linux/tipc.h spawn.h util.h alloca.h
++linux/tipc.h spawn.h util.h alloca.h
+ do :
+   as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
+ ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default"
+@@ -7267,6 +7267,24 @@ fi
+ fi
++# bluetooth/bluetooth.h has been known to not compile with -std=c99.
++# http://permalink.gmane.org/gmane.linux.bluez.kernel/22294
++SAVE_CFLAGS=$CFLAGS
++CFLAGS="-std=c99 $CFLAGS"
++for ac_header in bluetooth/bluetooth.h
++do :
++  ac_fn_c_check_header_mongrel "$LINENO" "bluetooth/bluetooth.h" "ac_cv_header_bluetooth_bluetooth_h" "$ac_includes_default"
++if test "x$ac_cv_header_bluetooth_bluetooth_h" = xyes; then :
++  cat >>confdefs.h <<_ACEOF
++#define HAVE_BLUETOOTH_BLUETOOTH_H 1
++_ACEOF
++
++fi
++
++done
++
++CFLAGS=$SAVE_CFLAGS
++
+ # On Linux, netlink.h requires asm/types.h
+ for ac_header in linux/netlink.h
+ do :
+diff --git a/configure.ac b/configure.ac
+index 780f275..dceca1c 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -1702,10 +1702,17 @@ sys/param.h sys/poll.h sys/random.h sys/select.h sys/socket.h sys/statvfs.h sys/
+ sys/termio.h sys/time.h \
+ sys/times.h sys/types.h sys/un.h sys/utsname.h sys/wait.h pty.h libutil.h \
+ sys/resource.h netpacket/packet.h sysexits.h bluetooth.h \
+-bluetooth/bluetooth.h linux/tipc.h spawn.h util.h alloca.h)
++linux/tipc.h spawn.h util.h alloca.h)
+ AC_HEADER_DIRENT
+ AC_HEADER_MAJOR
++# bluetooth/bluetooth.h has been known to not compile with -std=c99.
++# http://permalink.gmane.org/gmane.linux.bluez.kernel/22294
++SAVE_CFLAGS=$CFLAGS
++CFLAGS="-std=c99 $CFLAGS"
++AC_CHECK_HEADERS(bluetooth/bluetooth.h)
++CFLAGS=$SAVE_CFLAGS
++
+ # On Linux, netlink.h requires asm/types.h
+ AC_CHECK_HEADERS(linux/netlink.h,,,[
+ #ifdef HAVE_ASM_TYPES_H
diff --git a/lang/python/patches/006-remove-debian-multiarch-support.patch b/lang/python/patches/006-remove-debian-multiarch-support.patch
deleted file mode 100644 (file)
index 01aa924..0000000
+++ /dev/null
@@ -1,14 +0,0 @@
-diff --git a/setup.py b/setup.py
-index 1d1ae72..511aed5 100644
---- a/setup.py
-+++ b/setup.py
-@@ -444,7 +444,8 @@ class PyBuildExt(build_ext):
-             add_dir_to_list(self.compiler.include_dirs, '/usr/local/include')
-         if cross_compiling:
-             self.add_gcc_paths()
--        self.add_multiarch_paths()
-+        else:
-+            self.add_multiarch_paths()
-         # Add paths specified in the environment variables LDFLAGS and
-         # CPPFLAGS for header and library files.
diff --git a/lang/python/patches/006-remove-multi-arch-and-local-paths.patch b/lang/python/patches/006-remove-multi-arch-and-local-paths.patch
new file mode 100644 (file)
index 0000000..5d886df
--- /dev/null
@@ -0,0 +1,16 @@
+--- a/setup.py
++++ b/setup.py
+@@ -454,13 +454,8 @@ class PyBuildExt(build_ext):
+             os.unlink(tmpfile)
+     def detect_modules(self):
+-        # Ensure that /usr/local is always used
+-        if not cross_compiling:
+-            add_dir_to_list(self.compiler.library_dirs, '/usr/local/lib')
+-            add_dir_to_list(self.compiler.include_dirs, '/usr/local/include')
+         if cross_compiling:
+             self.add_gcc_paths()
+-        self.add_multiarch_paths()
+         # Add paths specified in the environment variables LDFLAGS and
+         # CPPFLAGS for header and library files.
index 7cd748761a5476e4951e7e55f862a0d735e2e141..4aeb7ff31eb8190fc80f5a4bea8e3142f6bbdb3f 100644 (file)
@@ -16,11 +16,9 @@ taken from the sysconfigdata module.
 
 Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 
-Index: b/Lib/distutils/sysconfig.py
-===================================================================
 --- a/Lib/distutils/sysconfig.py
 +++ b/Lib/distutils/sysconfig.py
-@@ -19,8 +19,13 @@
+@@ -19,8 +19,13 @@ import sys
  from distutils.errors import DistutilsPlatformError
  
  # These are needed in a couple of spots, so just compute them once.
@@ -36,11 +34,9 @@ Index: b/Lib/distutils/sysconfig.py
  
  # Path to the base directory of the project. On Windows the binary may
  # live in project/PCBuild9.  If we're dealing with an x64 Windows build,
-Index: b/Lib/distutils/command/build_ext.py
-===================================================================
 --- a/Lib/distutils/command/build_ext.py
 +++ b/Lib/distutils/command/build_ext.py
-@@ -237,7 +237,10 @@
+@@ -240,7 +240,10 @@ class build_ext (Command):
          if (sysconfig.get_config_var('Py_ENABLE_SHARED')):
              if not sysconfig.python_build:
                  # building third party extensions
index b59809754b64451bef3659006fe6ffa243a91b13..ffc80a418e41569db76bcb0be403708b5bc993f7 100644 (file)
@@ -1,8 +1,6 @@
-diff --git a/setup.py b/setup.py
-index 7868b7b..10ec68f 100644
 --- a/setup.py
 +++ b/setup.py
-@@ -1067,6 +1067,7 @@ class PyBuildExt(build_ext):
+@@ -1083,6 +1083,7 @@ class PyBuildExt(build_ext):
                          if db_setup_debug: print "db lib: ", dblib, "not found"
  
          except db_found:
@@ -10,7 +8,7 @@ index 7868b7b..10ec68f 100644
              if db_setup_debug:
                  print "bsddb using BerkeleyDB lib:", db_ver, dblib
                  print "bsddb lib dir:", dblib_dir, " inc dir:", db_incdir
-@@ -1081,7 +1082,7 @@ class PyBuildExt(build_ext):
+@@ -1097,7 +1098,7 @@ class PyBuildExt(build_ext):
              exts.append(Extension('_bsddb', ['_bsddb.c'],
                                    depends = ['bsddb.h'],
                                    library_dirs=dblib_dir,
@@ -19,7 +17,7 @@ index 7868b7b..10ec68f 100644
                                    include_dirs=db_incs,
                                    libraries=dblibs))
          else:
-@@ -1292,10 +1293,11 @@ class PyBuildExt(build_ext):
+@@ -1308,10 +1309,11 @@ class PyBuildExt(build_ext):
                              break
                  elif cand == "bdb":
                      if db_incs is not None:
index 5a106d4e855eec540f886ed3a2f0a2ef32f03feb..c319fd5f3213ab84f8544c7ef61dde4b89c2a884 100644 (file)
@@ -1,8 +1,6 @@
-diff --git a/setup.py b/setup.py
-index 7868b7b..544fa7e 100644
 --- a/setup.py
 +++ b/setup.py
-@@ -452,8 +452,9 @@ class PyBuildExt(build_ext):
+@@ -463,8 +463,9 @@ class PyBuildExt(build_ext):
          # directly since an inconsistently reproducible issue comes up where
          # the environment variable is not set even though the value were passed
          # into configure and stored in the Makefile (issue found on OS X 10.3).
index e55d7081814cfc2b5960c69ec3f4193a6f9e3a94..6cad20434d4f26906f2dc2d3297f2ca1ceb006c2 100644 (file)
@@ -1,5 +1,3 @@
-diff --git a/Modules/_cursesmodule.c b/Modules/_cursesmodule.c
-index e478a57..eb297b4 100644
 --- a/Modules/_cursesmodule.c
 +++ b/Modules/_cursesmodule.c
 @@ -117,7 +117,6 @@ char *PyCursesVersion = "2.2";
index adca82f64d22d2a63606e305d24cec71a3ec4d92..6b53d4267d2cbc841522c17a61774d0e12c25639 100644 (file)
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ruby
-PKG_VERSION:=2.4.1
+PKG_VERSION:=2.4.3
 PKG_RELEASE:=1
 
 # First two numbes
 PKG_ABI_VERSION:=$(subst $(space),.,$(wordlist 1, 2, $(subst .,$(space),$(PKG_VERSION))))
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=http://cache.ruby-lang.org/pub/ruby/$(PKG_ABI_VERSION)/
-PKG_HASH:=4fc8a9992de3e90191de369270ea4b6c1b171b7941743614cc50822ddc1fe654
+PKG_SOURCE_URL:=https://cache.ruby-lang.org/pub/ruby/$(PKG_ABI_VERSION)/
+PKG_HASH:=23677d40bf3b7621ba64593c978df40b1e026d8653c74a0599f0ead78ed92b51
 PKG_MAINTAINER:=Luiz Angelo Daros de Luca <luizluca@gmail.com>
 PKG_LICENSE:=BSD-2-Clause
 PKG_LICENSE_FILES:=COPYING
index a97caf008e0cfd1186cf1561be7aaadc2e39fff4..72619d872ba0e0c99814f076f3e57585b2c5d459 100644 (file)
@@ -1,5 +1,5 @@
 #
-# Copyright (C) 2006-2016 OpenWrt.org
+# Copyright (C) 2006-2018 OpenWrt.org
 #
 # This is free software, licensed under the GNU General Public License v2.
 # See /LICENSE for more information.
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=alsa-lib
 PKG_VERSION:=1.1.0
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:=ftp://ftp.alsa-project.org/pub/lib/ \
diff --git a/libs/alsa-lib/patches/006-properly-define-S_IRUSR.patch b/libs/alsa-lib/patches/006-properly-define-S_IRUSR.patch
new file mode 100644 (file)
index 0000000..d24e358
--- /dev/null
@@ -0,0 +1,32 @@
+From 3f1dba9a821b53b42001605f9a126a958804884f Mon Sep 17 00:00:00 2001
+From: Takashi Iwai <tiwai@suse.de>
+Date: Mon, 9 Nov 2015 13:37:26 +0100
+Subject: [PATCH] topology: Add missing include sys/stat.h
+
+Necessary for proper definitions of S_IRUSR & co.  Otherwise it
+results in compile errors with old glibc:
+  parser.c: In function 'snd_tplg_build_file':
+  parser.c:262: error: 'S_IRUSR' undeclared (first use in this function)
+  parser.c:262: error: (Each undeclared identifier is reported only once
+  parser.c:262: error: for each function it appears in.)
+
+Signed-off-by: Takashi Iwai <tiwai@suse.de>
+---
+ src/topology/parser.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/topology/parser.c b/src/topology/parser.c
+index 80a0ae0..18bb9c7 100644
+--- a/src/topology/parser.c
++++ b/src/topology/parser.c
+@@ -16,6 +16,7 @@
+            Liam Girdwood <liam.r.girdwood@linux.intel.com>
+ */
++#include <sys/stat.h>
+ #include "list.h"
+ #include "tplg_local.h"
+-- 
+1.7.11.7
+
index aba32559efa1c537fbf39acce131ca04bcba85ca..b5bbd157c16f1c717a9ac002df41b56ad120a9e5 100644 (file)
@@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=gnutls
-PKG_VERSION:=3.5.11
+PKG_VERSION:=3.5.16
 PKG_RELEASE:=1
 PKG_USE_MIPS16:=0
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=ftp://ftp.gnutls.org/gcrypt/gnutls/v3.5
-PKG_HASH:=51765cc5579e250da77fbd7871507c517d01b15353cc40af7b67e9ec7b6fe28f
+PKG_SOURCE_URL:=https://www.gnupg.org/ftp/gcrypt/gnutls/v3.5
+PKG_HASH:=0924dec90c37c05f49fec966eba3672dab4d336d879e5c06e06e13325cbfec25
 #PKG_FIXUP:=autoreconf gettext-version
 PKG_MAINTAINER:=Nikos Mavrogiannopoulos <nmav@gnutls.org>
 PKG_LICENSE:=LGPLv2.1+
index ecf261e03f81cf594a64195a52583d8ad79f8ecf..2fb0a85593e4ca8995373f969ed80c463d19f700 100644 (file)
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=icu4c
 PKG_VERSION:=58.2
-PKG_RELEASE:=2
+PKG_RELEASE:=4
 
 PKG_SOURCE:=$(PKG_NAME)-58_2-src.tgz
 PKG_SOURCE_URL:=http://download.icu-project.org/files/$(PKG_NAME)/$(PKG_VERSION)
diff --git a/libs/icu/patches/CVE-2017-14952.patch b/libs/icu/patches/CVE-2017-14952.patch
new file mode 100644 (file)
index 0000000..b1fc144
--- /dev/null
@@ -0,0 +1,10 @@
+Index: source/i18n/zonemeta.cpp
+===================================================================
+--- source/i18n/zonemeta.cpp   (revision 40283)
++++ source/i18n/zonemeta.cpp   (revision 40324)
+@@ -684,5 +684,4 @@
+                     if (U_FAILURE(status)) {
+                         delete mzMappings;
+-                        deleteOlsonToMetaMappingEntry(entry);
+                         uprv_free(entry);
+                         break;
diff --git a/libs/icu/patches/CVE-2017-15422.patch b/libs/icu/patches/CVE-2017-15422.patch
new file mode 100644 (file)
index 0000000..50e6f25
--- /dev/null
@@ -0,0 +1,106 @@
+Index: source/i18n/gregoimp.cpp
+===================================================================
+--- source/i18n/gregoimp.cpp   (revision 40653)
++++ source/i18n/gregoimp.cpp   (revision 40654)
+@@ -24,4 +24,9 @@
+ int32_t ClockMath::floorDivide(int32_t numerator, int32_t denominator) {
++    return (numerator >= 0) ?
++        numerator / denominator : ((numerator + 1) / denominator) - 1;
++}
++
++int64_t ClockMath::floorDivide(int64_t numerator, int64_t denominator) {
+     return (numerator >= 0) ?
+         numerator / denominator : ((numerator + 1) / denominator) - 1;
+Index: source/i18n/gregoimp.h
+===================================================================
+--- source/i18n/gregoimp.h     (revision 40653)
++++ source/i18n/gregoimp.h     (revision 40654)
+@@ -40,4 +40,15 @@
+      */
+     static int32_t floorDivide(int32_t numerator, int32_t denominator);
++
++    /**
++     * Divide two integers, returning the floor of the quotient.
++     * Unlike the built-in division, this is mathematically
++     * well-behaved.  E.g., <code>-1/4</code> => 0 but
++     * <code>floorDivide(-1,4)</code> => -1.
++     * @param numerator the numerator
++     * @param denominator a divisor which must be != 0
++     * @return the floor of the quotient
++     */
++    static int64_t floorDivide(int64_t numerator, int64_t denominator);
+     /**
+Index: source/i18n/persncal.cpp
+===================================================================
+--- source/i18n/persncal.cpp   (revision 40653)
++++ source/i18n/persncal.cpp   (revision 40654)
+@@ -214,5 +214,5 @@
+     int32_t daysSinceEpoch = julianDay - PERSIAN_EPOCH;
+-    year = 1 + ClockMath::floorDivide(33 * daysSinceEpoch + 3, 12053);
++    year = 1 + (int32_t)ClockMath::floorDivide(33 * (int64_t)daysSinceEpoch + 3, (int64_t)12053);
+     int32_t farvardin1 = 365 * (year - 1) + ClockMath::floorDivide(8 * year + 21, 33);
+Index: source/test/intltest/calregts.cpp
+===================================================================
+--- source/test/intltest/calregts.cpp  (revision 40653)
++++ source/test/intltest/calregts.cpp  (revision 40654)
+@@ -13,4 +13,5 @@
+ #include "calregts.h"
++#include "unicode/calendar.h"
+ #include "unicode/gregocal.h"
+ #include "unicode/simpletz.h"
+@@ -91,4 +92,5 @@
+         CASE(49,Test9019);
+         CASE(50,TestT9452);
++        CASE(51,TestPersianCalOverflow);
+     default: name = ""; break;
+     }
+@@ -2946,4 +2948,34 @@
+     }
+ }
++
++/**
++ * @bug ticket 13454
++ */
++void CalendarRegressionTest::TestPersianCalOverflow(void) {
++    const char* localeID = "bs_Cyrl@calendar=persian";
++    UErrorCode status = U_ZERO_ERROR;
++    Calendar* cal = Calendar::createInstance(Locale(localeID), status);
++    if(U_FAILURE(status)) {
++        dataerrln("FAIL: Calendar::createInstance for localeID %s: %s", localeID, u_errorName(status));
++    } else {
++        int32_t maxMonth = cal->getMaximum(UCAL_MONTH);
++        int32_t maxDayOfMonth = cal->getMaximum(UCAL_DATE);
++        int32_t jd, month, dayOfMonth;
++        for (jd = 67023580; jd <= 67023584; jd++) { // year 178171, int32_t overflow if jd >= 67023582
++            status = U_ZERO_ERROR;
++            cal->clear();
++            cal->set(UCAL_JULIAN_DAY, jd);
++            month = cal->get(UCAL_MONTH, status);
++            dayOfMonth = cal->get(UCAL_DATE, status);
++            if ( U_FAILURE(status) ) {
++                errln("FAIL: Calendar->get MONTH/DATE for localeID %s, julianDay %d, status %s\n", localeID, jd, u_errorName(status)); 
++            } else if (month > maxMonth || dayOfMonth > maxDayOfMonth) {
++                errln("FAIL: localeID %s, julianDay %d; maxMonth %d, got month %d; maxDayOfMonth %d, got dayOfMonth %d\n",
++                        localeID, jd, maxMonth, month, maxDayOfMonth, dayOfMonth); 
++            }
++        }
++        delete cal;
++    }
++}
+ #endif /* #if !UCONFIG_NO_FORMATTING */
+Index: source/test/intltest/calregts.h
+===================================================================
+--- source/test/intltest/calregts.h    (revision 40653)
++++ source/test/intltest/calregts.h    (revision 40654)
+@@ -78,4 +78,5 @@
+     void Test9019(void);
+     void TestT9452(void);
++    void TestPersianCalOverflow(void);
+     void printdate(GregorianCalendar *cal, const char *string);
diff --git a/libs/libevhtp/Makefile b/libs/libevhtp/Makefile
new file mode 100644 (file)
index 0000000..a81e7ab
--- /dev/null
@@ -0,0 +1,51 @@
+#
+# Copyright (C) 2007-2016 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+# NOTE: please DO NOT update this package without the maintainer's consent.
+# See https://github.com/haiwen/seafile/issues/1119
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=libevhtp
+PKG_VERSION:=1.1.6
+PKG_RELEASE:=1
+PKG_LICENSE:=BSD-3-Clause
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://github.com/ellzey/libevhtp.git
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE_VERSION:=91071e2f20749cd469b87ac2ef1c158dc2a6806f
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
+
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/libevhtp
+    SECTION:=libs
+    CATEGORY:=Libraries
+    TITLE:=A more flexible replacement for libevent's httpd API
+    MAINTAINER:=Gergely Kiss <mail.gery@gmail.com>
+    URL:=https://github.com/ellzey/libevhtp
+    DEPENDS:=+libevent2 +libevent2-openssl +libevent2-pthreads +libopenssl +libpthread
+endef
+
+define Package/libevhtp/description
+   Libevhtp was created as a replacement API for Libevent's current HTTP API.
+   The reality of libevent's http interface is that it was created as a JIT server,
+   meaning the developer never thought of it being used for creating a full-fledged HTTP service.
+endef
+
+include $(INCLUDE_DIR)/cmake.mk
+
+define Build/InstallDev
+       $(INSTALL_DIR) $(1)/usr/{include,lib}
+       $(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
+       $(CP) $(PKG_INSTALL_DIR)/usr/lib/* $(1)/usr/lib/
+endef
+
+$(eval $(call BuildPackage,libevhtp))
diff --git a/libs/libevhtp/patches/010-strcmp-endianness-fix.patch b/libs/libevhtp/patches/010-strcmp-endianness-fix.patch
new file mode 100644 (file)
index 0000000..072b76b
--- /dev/null
@@ -0,0 +1,49 @@
+diff -rupN libevhtp-1.2.9.orig/htparse/htparse.c libevhtp-1.2.9/htparse/htparse.c
+--- libevhtp-1.2.9.orig/htparse/htparse.c      2014-03-23 12:50:50.000000000 +0100
++++ libevhtp-1.2.9/htparse/htparse.c   2014-12-09 01:12:22.242001241 +0100
+@@ -197,6 +197,7 @@ static const char * method_strmap[] = {
+ #define _MIN_READ(a, b) ((a) < (b) ? (a) : (b))
++#if __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__
+ #define _str3_cmp(m, c0, c1, c2, c3) \
+     *(uint32_t *)m == ((c3 << 24) | (c2 << 16) | (c1 << 8) | c0)
+@@ -226,6 +227,37 @@ static const char * method_strmap[] = {
+     *(uint32_t *)m == ((c3 << 24) | (c2 << 16) | (c1 << 8) | c0)        \
+     && ((uint32_t *)m)[1] == ((c7 << 24) | (c6 << 16) | (c5 << 8) | c4) \
+     && m[8] == c8
++#elif __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__
++#define _str3_cmp(m, c0, c1, c2, c3) \
++    *(uint32_t *)m == ((c0 << 24) | (c1 << 16) | (c2 << 8) | c3)
++
++#define _str3Ocmp(m, c0, c1, c2, c3) \
++    *(uint32_t *)m == ((c0 << 24) | (c1 << 16) | (c2 << 8) | c3)
++
++#define _str4cmp(m, c0, c1, c2, c3) \
++    *(uint32_t *)m == ((c0 << 24) | (c1 << 16) | (c2 << 8) | c3)
++
++#define _str5cmp(m, c0, c1, c2, c3, c4)                          \
++    *(uint32_t *)m == ((c0 << 24) | (c1 << 16) | (c2 << 8) | c3) \
++    && m[4] == c4
++
++#define _str6cmp(m, c0, c1, c2, c3, c4, c5)                      \
++    *(uint32_t *)m == ((c0 << 24) | (c1 << 16) | (c2 << 8) | c3) \
++    && (((uint32_t *)m)[1] & 0xffff0000) == ((c4 << 24) | c5 << 16)
++
++#define _str7_cmp(m, c0, c1, c2, c3, c4, c5, c6, c7)             \
++    *(uint32_t *)m == ((c0 << 24) | (c1 << 16) | (c2 << 8) | c3) \
++    && ((uint32_t *)m)[1] == ((c4 << 24) | (c5 << 16) | (c6 << 8) | c7)
++
++#define _str8cmp(m, c0, c1, c2, c3, c4, c5, c6, c7)              \
++    *(uint32_t *)m == ((c0 << 24) | (c1 << 16) | (c2 << 8) | c3) \
++    && ((uint32_t *)m)[1] == ((c4 << 24) | (c5 << 16) | (c6 << 8) | c7)
++
++#define _str9cmp(m, c0, c1, c2, c3, c4, c5, c6, c7, c8)                 \
++    *(uint32_t *)m == ((c0 << 24) | (c1 << 16) | (c2 << 8) | c3)        \
++    && ((uint32_t *)m)[1] == ((c4 << 24) | (c5 << 16) | (c6 << 8) | c7) \
++    && m[8] == c8
++#endif
+ #define __HTPARSE_GENHOOK(__n)                                                    \
+     static inline int hook_ ## __n ## _run(htparser * p, htparse_hooks * hooks) { \
diff --git a/libs/libmraa/Makefile b/libs/libmraa/Makefile
new file mode 100644 (file)
index 0000000..6908569
--- /dev/null
@@ -0,0 +1,51 @@
+#
+# Copyright (C) 2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=libmraa
+PKG_VERSION:=0.8.0
+
+PKG_RELEASE=$(PKG_SOURCE_VERSION)
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://github.com/intel-iot-devkit/mraa.git
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE_VERSION:=70600dece4138b0c0dbaff42f57828f1559cd840
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
+PKG_BUILD_DEPENDS:=node python/host swig/host node/host
+CMAKE_INSTALL:=1
+
+PKG_MAINTAINER:=John Crispin <blogic@openwrt.org>
+PKG_LICENSE:=LGPL-2.1
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
+
+CMAKE_OPTIONS=-DBUILDARCH=$(CONFIG_ARCH) \
+       -DENABLEEXAMPLES=0 \
+       -DNODE_EXECUTABLE=$(STAGING_DIR_HOSTPKG)/bin/node \
+       -DSWIG_DIR=$(STAGING_DIR_HOSTPKG)/bin
+
+TARGET_CFLAGS+=-I$(STAGING_DIR)/usr/include/node
+
+define Package/libmraa
+  SECTION:=libs
+  CATEGORY:=Libraries
+  DEPENDS:=+python +libstdcpp
+  TITLE:=Intel IoT lowlevel IO library
+endef
+
+define Package/libmraa/install
+       $(INSTALL_DIR) $(1)/usr/lib/{node/mraa,python2.7/site-packages} $(1)/usr/bin
+       $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/libmraa.so* $(1)/usr/lib/
+       $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/node_modules/mraa/* $(1)/usr/lib/node/mraa/
+       $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/python2.7/site-packages/* $(1)/usr/lib/python2.7/site-packages/
+#      $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/mraa/examples/python/blink-io8.py $(1)/usr/bin/
+endef
+
+$(eval $(call BuildPackage,libmraa))
diff --git a/libs/libmraa/patches/0001-base.patch b/libs/libmraa/patches/0001-base.patch
new file mode 100644 (file)
index 0000000..5094389
--- /dev/null
@@ -0,0 +1,118 @@
+From 6fecad819376442d057bdd35a0909cfac9df02f5 Mon Sep 17 00:00:00 2001
+From: John Crispin <blogic@openwrt.org>
+Date: Thu, 23 Jul 2015 12:18:39 +0200
+Subject: [PATCH 1/4] base
+
+---
+ CMakeLists.txt          |   10 ++++------
+ api/mraa/types.h        |    1 +
+ include/mraa_internal.h |    7 +++++++
+ src/CMakeLists.txt      |    5 +++++
+ src/i2c/i2c.c           |    2 +-
+ src/mraa.c              |    3 +++
+ src/uart/uart.c         |    1 +
+ 7 files changed, 22 insertions(+), 7 deletions(-)
+
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -14,12 +14,7 @@
+ set (CMAKE_MODULE_PATH ${CMAKE_CURRENT_SOURCE_DIR}/cmake/modules ${CMAKE_MODULE_PATH})
+ # Make a version file containing the current version from git.
+-include (GetGitRevisionDescription)
+-git_describe (VERSION "--tags")
+-if ("x_${VERSION}" STREQUAL "x_GIT-NOTFOUND" OR "x_${VERSION}" STREQUAL "x_HEAD-HASH-NOTFOUND")
+-  message (WARNING " - Install git to compile a production libmraa!")
+-  set (VERSION "v0.8.0-dirty")
+-endif ()
++set (VERSION "v0.8.0")
+ message (INFO " - libmraa Version ${VERSION}")
+@@ -84,8 +79,10 @@
+   set (X86PLAT ON)
+ elseif (DETECTED_ARCH MATCHES "arm.*")
+   set (ARMPLAT ON)
++elseif (DETECTED_ARCH MATCHES "mips")
++  set (MIPSPLAT ON)
+ else ()
+-  message(FATAL_ERROR "Only x86 and arm platforms currently supported")
++  message(FATAL_ERROR "Only x86, arm and mips platforms currently supported")
+ endif()
+ if (BUILDSWIGPYTHON)
+--- a/api/mraa/types.h
++++ b/api/mraa/types.h
+@@ -46,6 +46,7 @@
+     MRAA_BEAGLEBONE = 6,            /**< The different BeagleBone Black Modes B/C */
+     MRAA_BANANA = 7,                /**< Allwinner A20 based Banana Pi and Banana Pro */
+     MRAA_INTEL_NUC5 = 8,            /**< The Intel 5th generations Broadwell NUCs */
++    MRAA_MTK_LINKIT = 9,            /**< Mediatek MT7688 based Linkit (Air) */
+     // USB platform extenders start at 256
+     MRAA_FTDI_FT4222 = 256,         /**< FTDI FT4222 USB to i2c bridge */
+--- a/include/mraa_internal.h
++++ b/include/mraa_internal.h
+@@ -66,6 +66,13 @@
+ mraa_platform_t mraa_usb_platform_extender(mraa_board_t* board);
+ /**
++ * runtime detect running arm platforms
++ *
++ * @return mraa_platform_t of the init'ed platform
++ */
++mraa_platform_t mraa_mips_platform();
++
++/**
+  * helper function to check if file exists
+  *
+  * @param filename to check
+--- a/src/CMakeLists.txt
++++ b/src/CMakeLists.txt
+@@ -71,6 +71,11 @@
+   add_subdirectory(usb)
+ endif ()
++if (MIPSPLAT)
++  add_subdirectory(mips)
++  set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DMIPSPLAT=1")
++endif()
++
+ set (mraa_LIB_SRCS
+   ${mraa_LIB_PLAT_SRCS_NOAUTO}
+ # autogenerated version file
+--- a/src/i2c/i2c.c
++++ b/src/i2c/i2c.c
+@@ -31,9 +31,9 @@
+ #include <stdlib.h>
+ #include <unistd.h>
+ #include <fcntl.h>
++#include <errno.h>
+ #include <inttypes.h>
+ #include <sys/types.h>
+-#include <sys/errno.h>
+ #include <sys/ioctl.h>
+ #include "linux/i2c-dev.h"
+--- a/src/mraa.c
++++ b/src/mraa.c
+@@ -111,6 +111,9 @@
+ #elif defined(ARMPLAT)
+     // Use runtime ARM platform detection
+     platform_type = mraa_arm_platform();
++#elif MIPSPLAT
++    // Use runtime ARM platform detection
++    platform_type = mraa_mips_platform();
+ #else
+ #error mraa_ARCH NOTHING
+ #endif
+--- a/src/uart/uart.c
++++ b/src/uart/uart.c
+@@ -26,6 +26,7 @@
+ #include <stdlib.h>
+ #include <sys/stat.h>
++#include <sys/time.h>
+ #include <unistd.h>
+ #include <string.h>
+ #include <termios.h>
diff --git a/libs/libmraa/patches/0002-add-mips-support.patch b/libs/libmraa/patches/0002-add-mips-support.patch
new file mode 100644 (file)
index 0000000..1936624
--- /dev/null
@@ -0,0 +1,483 @@
+From 2c67c6f51ce5bab18c79f4304ccf42716f59f13c Mon Sep 17 00:00:00 2001
+From: John Crispin <blogic@openwrt.org>
+Date: Thu, 23 Jul 2015 13:21:25 +0200
+Subject: [PATCH 2/4] add mips support
+
+Signed-off-by: John Crispin <blogic@openwrt.org>
+---
+ include/mips/mediatek.h |   39 ++++++
+ src/mips/CMakeLists.txt |    6 +
+ src/mips/mediatek.c     |  349 +++++++++++++++++++++++++++++++++++++++++++++++
+ src/mips/mips.c         |   60 ++++++++
+ 4 files changed, 454 insertions(+)
+ create mode 100644 include/mips/mediatek.h
+ create mode 100644 src/mips/CMakeLists.txt
+ create mode 100644 src/mips/mediatek.c
+ create mode 100644 src/mips/mips.c
+
+--- /dev/null
++++ b/include/mips/mediatek.h
+@@ -0,0 +1,39 @@
++/*
++ * Author: Thomas Ingleby <thomas.c.ingleby@intel.com>
++ * Author: Michael Ring <mail@michael-ring.org>
++ * Copyright (c) 2014 Intel Corporation.
++ *
++ * Permission is hereby granted, free of charge, to any person obtaining
++ * a copy of this software and associated documentation files (the
++ * "Software"), to deal in the Software without restriction, including
++ * without limitation the rights to use, copy, modify, merge, publish,
++ * distribute, sublicense, and/or sell copies of the Software, and to
++ * permit persons to whom the Software is furnished to do so, subject to
++ * the following conditions:
++ *
++ * The above copyright notice and this permission notice shall be
++ * included in all copies or substantial portions of the Software.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
++ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
++ * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
++ * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
++ * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
++ */
++
++#pragma once
++
++#ifdef __cplusplus
++extern "C" {
++#endif
++
++#include "mraa_internal.h"
++
++mraa_board_t *
++        mraa_mtk_linkit();
++
++#ifdef __cplusplus
++}
++#endif
+--- /dev/null
++++ b/src/mips/CMakeLists.txt
+@@ -0,0 +1,6 @@
++message (INFO " - Adding MIPS platforms")
++set (mraa_LIB_PLAT_SRCS_NOAUTO ${mraa_LIB_SRCS_NOAUTO}
++  ${PROJECT_SOURCE_DIR}/src/mips/mips.c
++  ${PROJECT_SOURCE_DIR}/src/mips/mediatek.c
++  PARENT_SCOPE
++)
+--- /dev/null
++++ b/src/mips/mediatek.c
+@@ -0,0 +1,349 @@
++/*
++ * Author: Thomas Ingleby <thomas.c.ingleby@intel.com>
++ * Author: Michael Ring <mail@michael-ring.org>
++ * Copyright (c) 2014 Intel Corporation.
++ *
++ * Permission is hereby granted, free of charge, to any person obtaining
++ * a copy of this software and associated documentation files (the
++ * "Software"), to deal in the Software without restriction, including
++ * without limitation the rights to use, copy, modify, merge, publish,
++ * distribute, sublicense, and/or sell copies of the Software, and to
++ * permit persons to whom the Software is furnished to do so, subject to
++ * the following conditions:
++ *
++ * The above copyright notice and this permission notice shall be
++ * included in all copies or substantial portions of the Software.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
++ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
++ * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
++ * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
++ * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
++ */
++
++#include <stdio.h>
++#include <stdint.h>
++#include <stdlib.h>
++#include <string.h>
++#include <sys/mman.h>
++#include <mraa/common.h>
++
++#include "mraa_internal.h"
++
++#include "common.h"
++
++#define PLATFORM_MEDIATEK_LINKIT      1
++#define PLATFORM_MEDIATEK_LINKIT_AIR  2
++#define MMAP_PATH                     "/dev/mem"
++#define MT7628_GPIO_BASE              0x100
++#define MT7628_BLOCK_SIZE             (4 * 1024)
++#define MT7628_GPIO_CTRL              0x00
++#define MT7628_GPIO_DATA              0x20
++#define MT7628_GPIO_SET                       0x30
++#define MT7628_GPIO_CLEAR             0x40
++
++#define MAX_SIZE 64
++
++// MMAP
++static uint8_t* mmap_reg = NULL;
++static int mmap_fd = 0;
++static int mmap_size;
++static unsigned int mmap_count = 0;
++static int platform_detected = 0;
++
++mraa_result_t
++mraa_mtk_linkit_mmap_write(mraa_gpio_context dev, int value)
++{
++    volatile uint32_t* addr;
++    if (value) {
++        *(volatile uint32_t*) (mmap_reg + MT7628_GPIO_SET + (dev->pin / 32) * 4) =
++        (uint32_t)(1 << (dev->pin % 32));
++    } else {
++        *(volatile uint32_t*) (mmap_reg + MT7628_GPIO_CLEAR + (dev->pin / 32) * 4) =
++        (uint32_t)(1 << (dev->pin % 32));
++    }
++    return MRAA_SUCCESS;
++}
++
++static mraa_result_t
++mraa_mtk_linkit_mmap_unsetup()
++{
++    if (mmap_reg == NULL) {
++        syslog(LOG_ERR, "linkit mmap: null register can't unsetup");
++        return MRAA_ERROR_INVALID_RESOURCE;
++    }
++    munmap(mmap_reg, mmap_size);
++    mmap_reg = NULL;
++    if (close(mmap_fd) != 0) {
++        return MRAA_ERROR_INVALID_RESOURCE;
++    }
++    return MRAA_SUCCESS;
++}
++
++int
++mraa_mtk_linkit_mmap_read(mraa_gpio_context dev)
++{
++    uint32_t value = *(volatile uint32_t*) (mmap_reg + MT7628_GPIO_DATA + (dev->pin / 32) * 4);
++    if (value & (uint32_t)(1 << (dev->pin % 32))) {
++        return 1;
++    }
++    return 0;
++}
++
++mraa_result_t
++mraa_mtk_linkit_mmap_setup(mraa_gpio_context dev, mraa_boolean_t en)
++{
++    if (dev == NULL) {
++        syslog(LOG_ERR, "linkit mmap: context not valid");
++        return MRAA_ERROR_INVALID_HANDLE;
++    }
++
++    if (en == 0) {
++        if (dev->mmap_write == NULL && dev->mmap_read == NULL) {
++            syslog(LOG_ERR, "linkit mmap: can't disable disabled mmap gpio");
++            return MRAA_ERROR_INVALID_PARAMETER;
++        }
++        dev->mmap_write = NULL;
++        dev->mmap_read = NULL;
++        mmap_count--;
++        if (mmap_count == 0) {
++            return mraa_mtk_linkit_mmap_unsetup();
++        }
++        return MRAA_SUCCESS;
++    }
++
++    if (dev->mmap_write != NULL && dev->mmap_read != NULL) {
++        syslog(LOG_ERR, "linkit mmap: can't enable enabled mmap gpio");
++        return MRAA_ERROR_INVALID_PARAMETER;
++    }
++
++    // Might need to make some elements of this thread safe.
++    // For example only allow one thread to enter the following block
++    // to prevent mmap'ing twice.
++    if (mmap_reg == NULL) {
++        if ((mmap_fd = open(MMAP_PATH, O_RDWR)) < 0) {
++            syslog(LOG_ERR, "linkit map: unable to open resource0 file");
++            return MRAA_ERROR_INVALID_HANDLE;
++        }
++
++        mmap_reg = (uint8_t*) mmap(NULL, MT7628_BLOCK_SIZE, PROT_READ | PROT_WRITE,
++                                       MAP_FILE | MAP_SHARED, mmap_fd, MT7628_GPIO_BASE);
++        if (mmap_reg == MAP_FAILED) {
++            syslog(LOG_ERR, "linkit mmap: failed to mmap");
++            mmap_reg = NULL;
++            close(mmap_fd);
++            return MRAA_ERROR_NO_RESOURCES;
++        }
++    }
++    dev->mmap_write = &mraa_mtk_linkit_mmap_write;
++    dev->mmap_read = &mraa_mtk_linkit_mmap_read;
++    mmap_count++;
++
++    return MRAA_SUCCESS;
++}
++
++mraa_board_t*
++mraa_mtk_linkit()
++{
++    mraa_board_t* b = (mraa_board_t*) malloc(sizeof(mraa_board_t));
++    if (b == NULL) {
++        return NULL;
++    }
++
++    b->platform_name = "LINKIT";
++    platform_detected = PLATFORM_MEDIATEK_LINKIT;
++    b->phy_pin_count = 31;
++
++    b->aio_count = 0;
++    b->adc_raw = 0;
++    b->adc_supported = 0;
++    b->pwm_default_period = 500;
++    b->pwm_max_period = 2147483;
++    b->pwm_min_period = 1;
++
++    b->pins = (mraa_pininfo_t*) malloc(sizeof(mraa_pininfo_t) * b->phy_pin_count);
++
++    advance_func->gpio_mmap_setup = &mraa_mtk_linkit_mmap_setup;
++
++    strncpy(b->pins[0].name, "P0", MRAA_PIN_NAME_SIZE);
++    b->pins[0].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 };
++
++    strncpy(b->pins[1].name, "P1", MRAA_PIN_NAME_SIZE);
++    b->pins[1].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 };
++
++    strncpy(b->pins[2].name, "P2", MRAA_PIN_NAME_SIZE);
++    b->pins[2].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 };
++
++    strncpy(b->pins[3].name, "P3", MRAA_PIN_NAME_SIZE);
++    b->pins[3].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 };
++
++    strncpy(b->pins[4].name, "P4", MRAA_PIN_NAME_SIZE);
++    b->pins[4].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 };
++
++    strncpy(b->pins[5].name, "P5", MRAA_PIN_NAME_SIZE);
++    b->pins[5].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 };
++
++    strncpy(b->pins[6].name, "P6", MRAA_PIN_NAME_SIZE);
++    b->pins[6].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 };
++
++    strncpy(b->pins[7].name, "P7", MRAA_PIN_NAME_SIZE);
++    b->pins[7].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 };
++
++    strncpy(b->pins[8].name, "P8", MRAA_PIN_NAME_SIZE);
++    b->pins[8].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 };
++    b->pins[8].gpio.pinmap = 21;
++    b->pins[8].uart.parent_id = 2;
++    b->pins[8].uart.mux_total = 0;
++
++    strncpy(b->pins[9].name, "P9", MRAA_PIN_NAME_SIZE);
++    b->pins[9].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 };
++    b->pins[9].gpio.pinmap = 20;
++    b->pins[9].uart.parent_id = 2;
++    b->pins[9].uart.mux_total = 0;
++
++    strncpy(b->pins[10].name, "P10", MRAA_PIN_NAME_SIZE);
++    b->pins[10].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
++    b->pins[10].gpio.pinmap = 2;
++
++    strncpy(b->pins[11].name, "P11", MRAA_PIN_NAME_SIZE);
++    b->pins[11].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
++    b->pins[11].gpio.pinmap = 3;
++
++    strncpy(b->pins[12].name, "P12", MRAA_PIN_NAME_SIZE);
++    b->pins[12].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
++    b->pins[12].gpio.pinmap = 0;
++
++    strncpy(b->pins[13].name, "P13", MRAA_PIN_NAME_SIZE);
++    b->pins[13].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
++    b->pins[13].gpio.pinmap = 1;
++
++    strncpy(b->pins[14].name, "P14", MRAA_PIN_NAME_SIZE);
++    b->pins[14].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 };
++
++    strncpy(b->pins[15].name, "P15", MRAA_PIN_NAME_SIZE);
++    b->pins[15].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
++    b->pins[15].gpio.pinmap = 44;
++
++    strncpy(b->pins[16].name, "P16", MRAA_PIN_NAME_SIZE);
++    b->pins[16].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 };
++    b->pins[16].gpio.pinmap = 46;
++    b->pins[16].uart.parent_id = 1;
++    b->pins[16].uart.mux_total = 0;
++
++    strncpy(b->pins[17].name, "P17", MRAA_PIN_NAME_SIZE);
++    b->pins[17].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 };
++    b->pins[17].gpio.pinmap = 45;
++    b->pins[17].uart.parent_id = 1;
++    b->pins[17].uart.mux_total = 0;
++
++    strncpy(b->pins[18].name, "P18", MRAA_PIN_NAME_SIZE);
++    b->pins[18].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 };
++    b->pins[18].gpio.pinmap = 13;
++    b->pins[18].uart.parent_id = 1;
++    b->pins[18].uart.mux_total = 0;
++
++    strncpy(b->pins[19].name, "P19", MRAA_PIN_NAME_SIZE);
++    b->pins[19].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 };
++    b->pins[19].gpio.pinmap = 12;
++    b->pins[19].uart.parent_id = 0;
++    b->pins[19].uart.mux_total = 0;
++
++    strncpy(b->pins[20].name, "P20", MRAA_PIN_NAME_SIZE);
++    b->pins[20].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 1, 0, 0 };
++    b->pins[20].gpio.pinmap = 5;
++    b->pins[20].i2c.pinmap = 0;
++    b->pins[20].i2c.mux_total = 0;
++
++    strncpy(b->pins[21].name, "P21", MRAA_PIN_NAME_SIZE);
++    b->pins[21].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 1, 0, 0 };
++    b->pins[21].gpio.pinmap = 4;
++    b->pins[21].i2c.pinmap = 0;
++    b->pins[21].i2c.mux_total = 0;
++
++    strncpy(b->pins[22].name, "P22", MRAA_PIN_NAME_SIZE);
++    b->pins[22].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 1, 0, 0, 0 };
++    b->pins[22].gpio.pinmap = 8;
++    b->pins[22].spi.pinmap = 0;
++    b->pins[22].spi.mux_total = 0;
++
++    strncpy(b->pins[23].name, "P23", MRAA_PIN_NAME_SIZE);
++    b->pins[23].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 1, 0, 0, 0 };
++    b->pins[23].gpio.pinmap = 9;
++    b->pins[23].spi.pinmap = 0;
++    b->pins[23].spi.mux_total = 0;
++
++    strncpy(b->pins[24].name, "P24", MRAA_PIN_NAME_SIZE);
++    b->pins[24].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 1, 0, 0, 0 };
++    b->pins[24].gpio.pinmap = 7;
++    b->pins[24].spi.pinmap = 0;
++    b->pins[24].spi.mux_total = 0;
++
++    strncpy(b->pins[25].name, "P25", MRAA_PIN_NAME_SIZE);
++    b->pins[25].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 1, 0, 0, 0 };
++    b->pins[25].gpio.pinmap = 6;
++    b->pins[25].spi.pinmap = 0;
++    b->pins[25].spi.mux_total = 0;
++
++    strncpy(b->pins[26].name, "P26", MRAA_PIN_NAME_SIZE);
++    b->pins[26].capabilites = (mraa_pincapabilities_t){ 1, 1, 1, 0, 0, 0, 0, 0 };
++    b->pins[26].gpio.pinmap = 18;
++
++    strncpy(b->pins[27].name, "P27", MRAA_PIN_NAME_SIZE);
++    b->pins[27].capabilites = (mraa_pincapabilities_t){ 1, 1, 1, 0, 0, 0, 0, 0 };
++    b->pins[27].gpio.pinmap = 19;
++
++    strncpy(b->pins[28].name, "P28", MRAA_PIN_NAME_SIZE);
++    b->pins[28].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
++    b->pins[28].gpio.pinmap = 16;
++
++    strncpy(b->pins[29].name, "P29", MRAA_PIN_NAME_SIZE);
++    b->pins[29].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
++    b->pins[29].gpio.pinmap = 17;
++
++    strncpy(b->pins[30].name, "P30", MRAA_PIN_NAME_SIZE);
++    b->pins[30].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
++    b->pins[30].gpio.pinmap = 14;
++
++    strncpy(b->pins[31].name, "P31", MRAA_PIN_NAME_SIZE);
++    b->pins[31].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
++    b->pins[31].gpio.pinmap = 15;
++
++    // BUS DEFINITIONS
++    b->i2c_bus_count = 1;
++    b->def_i2c_bus = 0;
++        b->i2c_bus[0].bus_id = 0;
++    b->i2c_bus[0].sda = 20;
++    b->i2c_bus[0].scl = 21;
++
++    b->spi_bus_count = 1;
++    b->def_spi_bus = 0;
++    b->spi_bus[0].bus_id = 0;
++    b->spi_bus[0].slave_s = 0;
++    b->spi_bus[0].cs = 25;
++    b->spi_bus[0].mosi = 22;
++    b->spi_bus[0].miso = 23;
++    b->spi_bus[0].sclk = 21;
++
++    b->uart_dev_count = 3;
++    b->def_uart_dev = 0;
++    b->uart_dev[0].rx = 18;
++    b->uart_dev[0].tx = 19;
++
++    b->uart_dev[1].rx = 16;
++    b->uart_dev[1].tx = 17;
++
++    b->uart_dev[2].rx = 9;
++    b->uart_dev[2].tx = 8;
++
++    b->gpio_count = 0;
++    int i;
++    for (i = 0; i < b->phy_pin_count; i++) {
++        if (b->pins[i].capabilites.gpio) {
++            b->gpio_count++;
++        }
++    }
++
++    return b;
++}
+--- /dev/null
++++ b/src/mips/mips.c
+@@ -0,0 +1,60 @@
++/*
++ * Author: Thomas Ingleby <thomas.c.ingleby@intel.com>
++ * Author: Michael Ring <mail@michael-ring.org>
++ * Copyright (c) 2014 Intel Corporation.
++ *
++ * Permission is hereby granted, free of charge, to any person obtaining
++ * a copy of this software and associated documentation files (the
++ * "Software"), to deal in the Software without restriction, including
++ * without limitation the rights to use, copy, modify, merge, publish,
++ * distribute, sublicense, and/or sell copies of the Software, and to
++ * permit persons to whom the Software is furnished to do so, subject to
++ * the following conditions:
++ *
++ * The above copyright notice and this permission notice shall be
++ * included in all copies or substantial portions of the Software.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
++ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
++ * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
++ * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
++ * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
++ */
++
++#include <stdlib.h>
++#include <string.h>
++
++#include "mraa_internal.h"
++#include "mips/mediatek.h"
++
++mraa_platform_t
++mraa_mips_platform()
++{
++    mraa_platform_t platform_type = MRAA_UNKNOWN_PLATFORM;
++    size_t len = 100;
++    char* line = malloc(len);
++    FILE* fh = fopen("/proc/cpuinfo", "r");
++    if (fh != NULL) {
++        while (getline(&line, &len, fh) != -1) {
++            if (strncmp(line, "machine", 7) == 0) {
++                if (strstr(line, "MediaTek LinkIt Smart 7688")) {
++                    platform_type = MRAA_MTK_LINKIT;
++                }
++            }
++        }
++        fclose(fh);
++    }
++    free(line);
++
++    switch (platform_type) {
++        case MRAA_MTK_LINKIT:
++            plat = mraa_mtk_linkit();
++            break;
++        default:
++            plat = NULL;
++            syslog(LOG_ERR, "Unknown Platform, currently not supported by MRAA");
++    }
++    return platform_type;
++}
diff --git a/libs/libmraa/patches/0003-uart.patch b/libs/libmraa/patches/0003-uart.patch
new file mode 100644 (file)
index 0000000..647abc5
--- /dev/null
@@ -0,0 +1,26 @@
+From 9540f9b93704e8e80ab2048954ca88d8e6eddf86 Mon Sep 17 00:00:00 2001
+From: John Crispin <blogic@openwrt.org>
+Date: Thu, 23 Jul 2015 16:43:42 +0200
+Subject: [PATCH 3/4] uart
+
+---
+ src/uart/uart.c |    3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/uart/uart.c b/src/uart/uart.c
+index 3ef55a4..5102f81 100644
+--- a/src/uart/uart.c
++++ b/src/uart/uart.c
+@@ -34,6 +34,9 @@
+ #include "uart.h"
+ #include "mraa_internal.h"
++#ifndef CMSPAR
++#define CMSPAR          010000000000
++#endif
+ // This function takes an unsigned int and converts it to a B* speed_t
+ // that can be used with linux/posix termios
+ static speed_t
+-- 
+1.7.10.4
+
diff --git a/libs/libmraa/patches/0004-fixes.patch b/libs/libmraa/patches/0004-fixes.patch
new file mode 100644 (file)
index 0000000..40e5930
--- /dev/null
@@ -0,0 +1,666 @@
+From 3c34e5f87a741ec2fc7809fc8c169a832275d32c Mon Sep 17 00:00:00 2001
+From: John Crispin <blogic@openwrt.org>
+Date: Thu, 23 Jul 2015 18:19:32 +0200
+Subject: [PATCH 4/4] fixes
+
+---
+ src/mips/mediatek.c |    6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+--- a/src/mips/mediatek.c
++++ b/src/mips/mediatek.c
+@@ -37,12 +37,12 @@
+ #define PLATFORM_MEDIATEK_LINKIT      1
+ #define PLATFORM_MEDIATEK_LINKIT_AIR  2
+ #define MMAP_PATH                     "/dev/mem"
+-#define MT7628_GPIO_BASE              0x100
+-#define MT7628_BLOCK_SIZE             (4 * 1024)
+-#define MT7628_GPIO_CTRL              0x00
+-#define MT7628_GPIO_DATA              0x20
+-#define MT7628_GPIO_SET                       0x30
+-#define MT7628_GPIO_CLEAR             0x40
++#define MT7628_GPIOMODE_BASE          0x10000000
++#define MT7628_BLOCK_SIZE             0x1000
++#define MT7628_GPIO_CTRL              0x600
++#define MT7628_GPIO_DATA              0x620
++#define MT7628_GPIO_SET                       0x630
++#define MT7628_GPIO_CLEAR             0x640
+ #define MAX_SIZE 64
+@@ -50,6 +50,9 @@
+ static uint8_t* mmap_reg = NULL;
+ static int mmap_fd = 0;
+ static int mmap_size;
++static uint8_t* gpio_mmap_reg = NULL;
++static int gpio_mmap_fd = 0;
++static int gpio_mmap_size;
+ static unsigned int mmap_count = 0;
+ static int platform_detected = 0;
+@@ -129,9 +132,10 @@
+         }
+         mmap_reg = (uint8_t*) mmap(NULL, MT7628_BLOCK_SIZE, PROT_READ | PROT_WRITE,
+-                                       MAP_FILE | MAP_SHARED, mmap_fd, MT7628_GPIO_BASE);
++                                       MAP_FILE | MAP_SHARED, mmap_fd, 0x10000000);
+         if (mmap_reg == MAP_FAILED) {
+-            syslog(LOG_ERR, "linkit mmap: failed to mmap");
++            perror("foo");
++          syslog(LOG_ERR, "linkit mmap: failed to mmap");
+             mmap_reg = NULL;
+             close(mmap_fd);
+             return MRAA_ERROR_NO_RESOURCES;
+@@ -144,201 +148,442 @@
+     return MRAA_SUCCESS;
+ }
++static int mmap_gpiomode(void)
++{
++    if ((gpio_mmap_fd = open(MMAP_PATH, O_RDWR)) < 0) {
++        syslog(LOG_ERR, "linkit map: unable to open resource0 file");
++        return MRAA_ERROR_INVALID_HANDLE;
++    }
++
++    gpio_mmap_reg = (uint8_t*) mmap(NULL, MT7628_BLOCK_SIZE, PROT_READ | PROT_WRITE,
++                                   MAP_FILE | MAP_SHARED, gpio_mmap_fd, MT7628_GPIOMODE_BASE);
++    if (gpio_mmap_reg == MAP_FAILED) {
++        syslog(LOG_ERR, "linkit gpio_mmap: failed to mmap");
++        gpio_mmap_reg = NULL;
++        close(gpio_mmap_fd);
++        return MRAA_ERROR_NO_RESOURCES;
++    }
++    return 0;
++}
++
++static void set_gpiomode(unsigned int mask, unsigned int shift, unsigned int val)
++{
++    unsigned int reg;
++    unsigned int offset = 0x60;
++
++    if (shift >= 32) {
++              shift -= 32;
++              offset += 4;
++    }
++
++    reg = *(volatile uint32_t*) (gpio_mmap_reg + offset);
++
++    reg &= ~(mask << shift);
++    reg |= (val << shift);
++    *(volatile uint32_t*) (gpio_mmap_reg + offset) = reg;
++}
++
++enum {
++      MUX_GPIO = 0,
++      MUX_SPI_S,
++      MUX_SPI_CS1,
++      MUX_I2S,
++      MUX_UART0,
++      MUX_I2C,
++      MUX_UART1,
++      MUX_UART2,
++      MUX_PWM0,
++      MUX_PWM1,
++      MUX_EPHY,
++      MUX_WLED,
++      __MUX_MAX,
++};
++
++static unsigned char gpio_mux_groups[64];
++static struct pinmux {
++      char *name;
++      char *func[4];
++      unsigned int shift;
++      unsigned int mask;
++} mt7688_mux[] = {
++      {
++              .name = "refclk",
++              .func = { "refclk", "gpio", NULL, NULL },
++              .shift = 18,
++              .mask = 0x1,
++      }, {
++              .name = "spi_s",
++              .func = { "spi_s", "gpio", "utif", "pwm" },
++              .shift = 2,
++              .mask = 0x3,
++      }, {
++              .name = "spi_cs1",
++              .func = { "spi_cs1", "gpio", NULL, "refclk" },
++              .shift = 4,
++              .mask = 0x3,
++      }, {
++              .name = "i2s",
++              .func = { "i2s", "gpio", "pcm", NULL },
++              .shift = 6,
++              .mask = 0x3,
++      }, {
++              .name = "uart0",
++              .func = { "uart", "gpio", NULL, NULL },
++              .shift = 8,
++              .mask = 0x3,
++      }, {
++              .name = "i2c",
++              .func = { "i2c", "gpio", NULL, NULL },
++              .shift = 20,
++              .mask = 0x3,
++      }, {
++              .name = "uart1",
++              .func = { "uart", "gpio", NULL, NULL },
++              .shift = 24,
++              .mask = 0x3,
++      }, {
++              .name = "uart2",
++              .func = { "uart", "gpio", "pwm", NULL },
++              .shift = 26,
++              .mask = 0x3,
++      }, {
++              .name = "pwm0",
++              .func = { "pwm", "gpio", NULL, NULL },
++              .shift = 28,
++              .mask = 0x3,
++      }, {
++              .name = "pwm1",
++              .func = { "pwm", "gpio", NULL, NULL },
++              .shift = 30,
++              .mask = 0x3,
++      }, {
++              .name = "ephy",
++              .func = { "ephy", "gpio", NULL, NULL },
++              .shift = 34,
++              .mask = 0x3,
++      }, {
++              .name = "wled",
++              .func = { "wled", "gpio", NULL, NULL },
++              .shift = 32,
++              .mask = 0x3,
++      },
++};
++
++mraa_result_t gpio_init_pre(int pin)
++{
++      struct pinmux *m = &mt7688_mux[gpio_mux_groups[pin]];
++
++      set_gpiomode(m->mask, m->shift, 1);
++
++      return 0;
++}
++
++static void gpiomode_set(unsigned int id, char *name)
++{
++      int i;
++
++      if (id >= __MUX_MAX)
++              return;
++
++      for (i = 0; i < 4; i++) {
++              if (!mt7688_mux[id].func[i] || strcmp(mt7688_mux[id].func[i], name))
++                      continue;
++              set_gpiomode(mt7688_mux[id].mask, mt7688_mux[id].shift, i);
++              syslog(0, "mraa: set pinmux %s -> %s\n", mt7688_mux[id].name, name);
++              return;
++      }
++}
++
++mraa_result_t i2c_init_pre(unsigned int bus)
++{
++      gpiomode_set(MUX_I2C, "i2c");
++      return 0;
++}
++
++mraa_result_t
++pwm_init_post(mraa_pwm_context pwm)
++{
++      switch(pwm->pin) {
++      case 0:
++              gpiomode_set(MUX_PWM0, "pwm");
++              break;
++      case 1:
++              gpiomode_set(MUX_PWM1, "pwm");
++              break;
++      case 2:
++      case 3:
++              gpiomode_set(MUX_UART2, "pwm");
++              break;
++      }
++      return 0;
++}
++
++mraa_result_t spi_init_pre(int bus)
++{
++      gpiomode_set(MUX_SPI_CS1, "spi_cs1");
++      return 0;
++}
++
++mraa_result_t uart_init_pre(int index)
++{
++      switch(index) {
++      case 0:
++              gpiomode_set(MUX_UART0, "uart");
++              break;
++      case 1:
++              gpiomode_set(MUX_UART1, "uart");
++              break;
++      case 2:
++              gpiomode_set(MUX_UART2, "uart");
++              break;
++      }
++      return 0;
++}
++
++mraa_result_t
++i2c_freq(mraa_i2c_context dev, mraa_i2c_mode_t mode)
++{
++    switch (mode) {
++        case MRAA_I2C_STD:
++            break;
++        default:
++            syslog(LOG_ERR, "Invalid i2c frequency");
++            break;
++    }
++    return MRAA_SUCCESS;
++}
++
++
+ mraa_board_t*
+ mraa_mtk_linkit()
+ {
++    int i;
++
++    if (mmap_gpiomode())
++          return NULL;
++
+     mraa_board_t* b = (mraa_board_t*) malloc(sizeof(mraa_board_t));
+     if (b == NULL) {
+         return NULL;
+     }
+-    b->platform_name = "LINKIT";
++    memset(b, 0, sizeof(mraa_board_t));
++
++    b->platform_name = "LinkIt Smart 7688";
+     platform_detected = PLATFORM_MEDIATEK_LINKIT;
+-    b->phy_pin_count = 31;
++    b->phy_pin_count = 64;
+     b->aio_count = 0;
+     b->adc_raw = 0;
+     b->adc_supported = 0;
+     b->pwm_default_period = 500;
+-    b->pwm_max_period = 2147483;
++    b->pwm_max_period = 1000000;
+     b->pwm_min_period = 1;
+-    b->pins = (mraa_pininfo_t*) malloc(sizeof(mraa_pininfo_t) * b->phy_pin_count);
+-
+-    advance_func->gpio_mmap_setup = &mraa_mtk_linkit_mmap_setup;
+-
+-    strncpy(b->pins[0].name, "P0", MRAA_PIN_NAME_SIZE);
+-    b->pins[0].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 };
+-
+-    strncpy(b->pins[1].name, "P1", MRAA_PIN_NAME_SIZE);
+-    b->pins[1].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 };
+-
+-    strncpy(b->pins[2].name, "P2", MRAA_PIN_NAME_SIZE);
+-    b->pins[2].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 };
+-
+-    strncpy(b->pins[3].name, "P3", MRAA_PIN_NAME_SIZE);
+-    b->pins[3].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 };
+-
+-    strncpy(b->pins[4].name, "P4", MRAA_PIN_NAME_SIZE);
+-    b->pins[4].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 };
+-
+-    strncpy(b->pins[5].name, "P5", MRAA_PIN_NAME_SIZE);
+-    b->pins[5].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 };
+-
+-    strncpy(b->pins[6].name, "P6", MRAA_PIN_NAME_SIZE);
+-    b->pins[6].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 };
+-
+-    strncpy(b->pins[7].name, "P7", MRAA_PIN_NAME_SIZE);
+-    b->pins[7].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 };
+-
+-    strncpy(b->pins[8].name, "P8", MRAA_PIN_NAME_SIZE);
+-    b->pins[8].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 };
+-    b->pins[8].gpio.pinmap = 21;
+-    b->pins[8].uart.parent_id = 2;
+-    b->pins[8].uart.mux_total = 0;
++    b->adv_func = (mraa_adv_func_t*) calloc(1, sizeof(mraa_adv_func_t));
++    if (b->adv_func == NULL) {
++        return NULL;
++    }
+-    strncpy(b->pins[9].name, "P9", MRAA_PIN_NAME_SIZE);
+-    b->pins[9].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 };
+-    b->pins[9].gpio.pinmap = 20;
+-    b->pins[9].uart.parent_id = 2;
+-    b->pins[9].uart.mux_total = 0;
++    b->adv_func->i2c_init_pre = i2c_init_pre;
++    b->adv_func->pwm_init_post = pwm_init_post;
++    b->adv_func->spi_init_pre = spi_init_pre;
++    b->adv_func->uart_init_pre = uart_init_pre;
++    b->adv_func->gpio_init_pre = gpio_init_pre;
++    b->adv_func->i2c_set_frequency_replace = &i2c_freq;
+-    strncpy(b->pins[10].name, "P10", MRAA_PIN_NAME_SIZE);
+-    b->pins[10].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
+-    b->pins[10].gpio.pinmap = 2;
++    b->pins = (mraa_pininfo_t*) malloc(sizeof(mraa_pininfo_t) * b->phy_pin_count);
+-    strncpy(b->pins[11].name, "P11", MRAA_PIN_NAME_SIZE);
+-    b->pins[11].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
+-    b->pins[11].gpio.pinmap = 3;
++    memset(b->pins, 0, sizeof(mraa_pininfo_t) * b->phy_pin_count);
++    memset(gpio_mux_groups, -1, sizeof(gpio_mux_groups));
+-    strncpy(b->pins[12].name, "P12", MRAA_PIN_NAME_SIZE);
+-    b->pins[12].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
+-    b->pins[12].gpio.pinmap = 0;
++    b->adv_func->gpio_mmap_setup = &mraa_mtk_linkit_mmap_setup;
+-    strncpy(b->pins[13].name, "P13", MRAA_PIN_NAME_SIZE);
+-    b->pins[13].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
+-    b->pins[13].gpio.pinmap = 1;
++    for (i = 0; i < b->phy_pin_count; i++) {
++        snprintf(b->pins[i].name, MRAA_PIN_NAME_SIZE, "GPIO%d", i);
++        b->pins[i].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 };
++    }
+-    strncpy(b->pins[14].name, "P14", MRAA_PIN_NAME_SIZE);
+-    b->pins[14].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 };
++    strncpy(b->pins[43].name, "GPIO43", MRAA_PIN_NAME_SIZE);
++    b->pins[43].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
++    b->pins[43].gpio.pinmap = 43;
++    gpio_mux_groups[43] = MUX_EPHY;
++
++    strncpy(b->pins[20].name, "GPIO20", MRAA_PIN_NAME_SIZE);
++    b->pins[20].capabilites = (mraa_pincapabilities_t){ 1, 1, 1, 0, 0, 0, 0, 1 };
++    b->pins[20].gpio.pinmap = 20;
++    b->pins[20].uart.parent_id = 2;
++    b->pins[20].uart.mux_total = 0;
++    b->pins[20].pwm.parent_id = 0;
++    b->pins[20].pwm.pinmap = 2;
++    gpio_mux_groups[20] = MUX_UART2;
++
++    strncpy(b->pins[21].name, "GPIO21", MRAA_PIN_NAME_SIZE);
++    b->pins[21].capabilites = (mraa_pincapabilities_t){ 1, 1, 1, 0, 0, 0, 0, 1 };
++    b->pins[21].gpio.pinmap = 21;
++    b->pins[21].uart.parent_id = 2;
++    b->pins[21].uart.mux_total = 0;
++    b->pins[21].pwm.parent_id = 0;
++    b->pins[21].pwm.pinmap = 3;
++    gpio_mux_groups[21] = MUX_UART2;
++
++    strncpy(b->pins[2].name, "GPIO2", MRAA_PIN_NAME_SIZE);
++    b->pins[2].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
++    b->pins[2].gpio.pinmap = 2;
++    gpio_mux_groups[2] = MUX_I2S;
++
++    strncpy(b->pins[3].name, "GPIO3", MRAA_PIN_NAME_SIZE);
++    b->pins[3].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
++    b->pins[3].gpio.pinmap = 3;
++    gpio_mux_groups[3] = MUX_I2S;
++
++    strncpy(b->pins[0].name, "GPIO0", MRAA_PIN_NAME_SIZE);
++    b->pins[0].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
++    b->pins[0].gpio.pinmap = 0;
++    gpio_mux_groups[0] = MUX_I2S;
++
++    strncpy(b->pins[1].name, "GPIO1", MRAA_PIN_NAME_SIZE);
++    b->pins[1].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
++    b->pins[1].gpio.pinmap = 1;
++    gpio_mux_groups[1] = MUX_I2S;
++
++    strncpy(b->pins[37].name, "GPIO37", MRAA_PIN_NAME_SIZE);
++    b->pins[37].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
++    b->pins[37].gpio.pinmap = 37;
++    gpio_mux_groups[37] = MUX_GPIO;
++
++    strncpy(b->pins[44].name, "GPIO44", MRAA_PIN_NAME_SIZE);
++    b->pins[44].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
++    b->pins[44].gpio.pinmap = 44;
++    gpio_mux_groups[44] = MUX_WLED;
++
++    strncpy(b->pins[46].name, "GPIO46", MRAA_PIN_NAME_SIZE);
++    b->pins[46].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 };
++    b->pins[46].gpio.pinmap = 46;
++    b->pins[46].uart.parent_id = 1;
++    b->pins[46].uart.mux_total = 0;
++    gpio_mux_groups[46] = MUX_UART1;
++
++    strncpy(b->pins[45].name, "GPIO45", MRAA_PIN_NAME_SIZE);
++    b->pins[45].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 };
++    b->pins[45].gpio.pinmap = 45;
++    b->pins[45].uart.parent_id = 1;
++    b->pins[45].uart.mux_total = 0;
++    gpio_mux_groups[45] = MUX_UART1;
++
++    strncpy(b->pins[13].name, "GPIO13", MRAA_PIN_NAME_SIZE);
++    b->pins[13].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 };
++    b->pins[13].gpio.pinmap = 13;
++    b->pins[13].uart.parent_id = 1;
++    b->pins[13].uart.mux_total = 0;
++    gpio_mux_groups[13] = MUX_UART0;
++
++    strncpy(b->pins[12].name, "GPIO12", MRAA_PIN_NAME_SIZE);
++    b->pins[12].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 };
++    b->pins[12].gpio.pinmap = 12;
++    b->pins[12].uart.parent_id = 0;
++    b->pins[12].uart.mux_total = 0;
++    gpio_mux_groups[12] = MUX_UART0;
++
++    strncpy(b->pins[5].name, "GPIO5", MRAA_PIN_NAME_SIZE);
++    b->pins[5].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 1, 0, 0 };
++    b->pins[5].gpio.pinmap = 5;
++    b->pins[5].i2c.pinmap = 0;
++    b->pins[5].i2c.mux_total = 0;
++    gpio_mux_groups[5] = MUX_I2C;
++
++    strncpy(b->pins[4].name, "GPIO4", MRAA_PIN_NAME_SIZE);
++    b->pins[4].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 1, 0, 0 };
++    b->pins[4].gpio.pinmap = 4;
++    b->pins[4].i2c.pinmap = 0;
++    b->pins[4].i2c.mux_total = 0;
++    gpio_mux_groups[4] = MUX_I2C;
++
++    strncpy(b->pins[6].name, "GPIO6", MRAA_PIN_NAME_SIZE);
++    b->pins[6].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 1, 0, 0, 0 };
++    b->pins[6].gpio.pinmap = 6;
++    b->pins[6].spi.pinmap = 0;
++    b->pins[6].spi.mux_total = 0;
++    gpio_mux_groups[6] = MUX_SPI_CS1;
++
++    strncpy(b->pins[7].name, "GPIO7", MRAA_PIN_NAME_SIZE);
++    b->pins[7].capabilites = (mraa_pincapabilities_t){ 1, 0, 0, 0, 1, 0, 0, 0 };
++    b->pins[7].spi.pinmap = 0;
++    b->pins[7].spi.mux_total = 0;
++
++    strncpy(b->pins[8].name, "GPIO8", MRAA_PIN_NAME_SIZE);
++    b->pins[8].capabilites = (mraa_pincapabilities_t){ 1, 0, 0, 0, 1, 0, 0, 0 };
++    b->pins[8].spi.pinmap = 0;
++    b->pins[8].spi.mux_total = 0;
++
++    strncpy(b->pins[9].name, "GPIO9", MRAA_PIN_NAME_SIZE);
++    b->pins[9].capabilites = (mraa_pincapabilities_t){ 1, 0, 0, 0, 1, 0, 0, 0 };
++    b->pins[9].spi.pinmap = 0;
++    b->pins[9].spi.mux_total = 0;
++
++    strncpy(b->pins[18].name, "GPIO18", MRAA_PIN_NAME_SIZE);
++    b->pins[18].capabilites = (mraa_pincapabilities_t){ 1, 1, 1, 0, 0, 0, 0, 0 };
++    b->pins[18].gpio.pinmap = 18;
++    b->pins[18].pwm.parent_id = 0;
++    b->pins[18].pwm.pinmap = 0;
++    gpio_mux_groups[18] = MUX_PWM0;
++
++    strncpy(b->pins[19].name, "GPIO19", MRAA_PIN_NAME_SIZE);
++    b->pins[19].capabilites = (mraa_pincapabilities_t){ 1, 1, 1, 0, 0, 0, 0, 0 };
++    b->pins[19].gpio.pinmap = 19;
++    b->pins[19].pwm.parent_id = 0;
++    b->pins[19].pwm.pinmap = 1;
++    gpio_mux_groups[19] = MUX_PWM1;
++
++    strncpy(b->pins[16].name, "GPIO16", MRAA_PIN_NAME_SIZE);
++    b->pins[16].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
++    b->pins[16].gpio.pinmap = 16;
++    gpio_mux_groups[16] = MUX_SPI_S;
++
++    strncpy(b->pins[17].name, "GPIO17", MRAA_PIN_NAME_SIZE);
++    b->pins[17].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
++    b->pins[17].gpio.pinmap = 17;
++    gpio_mux_groups[17] = MUX_SPI_S;
++
++    strncpy(b->pins[14].name, "GPIO14", MRAA_PIN_NAME_SIZE);
++    b->pins[14].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
++    b->pins[14].gpio.pinmap = 14;
++    gpio_mux_groups[14] = MUX_SPI_S;
+-    strncpy(b->pins[15].name, "P15", MRAA_PIN_NAME_SIZE);
++    strncpy(b->pins[15].name, "GPIO15", MRAA_PIN_NAME_SIZE);
+     b->pins[15].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
+-    b->pins[15].gpio.pinmap = 44;
+-
+-    strncpy(b->pins[16].name, "P16", MRAA_PIN_NAME_SIZE);
+-    b->pins[16].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 };
+-    b->pins[16].gpio.pinmap = 46;
+-    b->pins[16].uart.parent_id = 1;
+-    b->pins[16].uart.mux_total = 0;
+-
+-    strncpy(b->pins[17].name, "P17", MRAA_PIN_NAME_SIZE);
+-    b->pins[17].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 };
+-    b->pins[17].gpio.pinmap = 45;
+-    b->pins[17].uart.parent_id = 1;
+-    b->pins[17].uart.mux_total = 0;
+-
+-    strncpy(b->pins[18].name, "P18", MRAA_PIN_NAME_SIZE);
+-    b->pins[18].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 };
+-    b->pins[18].gpio.pinmap = 13;
+-    b->pins[18].uart.parent_id = 1;
+-    b->pins[18].uart.mux_total = 0;
+-
+-    strncpy(b->pins[19].name, "P19", MRAA_PIN_NAME_SIZE);
+-    b->pins[19].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 };
+-    b->pins[19].gpio.pinmap = 12;
+-    b->pins[19].uart.parent_id = 0;
+-    b->pins[19].uart.mux_total = 0;
+-
+-    strncpy(b->pins[20].name, "P20", MRAA_PIN_NAME_SIZE);
+-    b->pins[20].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 1, 0, 0 };
+-    b->pins[20].gpio.pinmap = 5;
+-    b->pins[20].i2c.pinmap = 0;
+-    b->pins[20].i2c.mux_total = 0;
+-
+-    strncpy(b->pins[21].name, "P21", MRAA_PIN_NAME_SIZE);
+-    b->pins[21].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 1, 0, 0 };
+-    b->pins[21].gpio.pinmap = 4;
+-    b->pins[21].i2c.pinmap = 0;
+-    b->pins[21].i2c.mux_total = 0;
+-
+-    strncpy(b->pins[22].name, "P22", MRAA_PIN_NAME_SIZE);
+-    b->pins[22].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 1, 0, 0, 0 };
+-    b->pins[22].gpio.pinmap = 8;
+-    b->pins[22].spi.pinmap = 0;
+-    b->pins[22].spi.mux_total = 0;
+-
+-    strncpy(b->pins[23].name, "P23", MRAA_PIN_NAME_SIZE);
+-    b->pins[23].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 1, 0, 0, 0 };
+-    b->pins[23].gpio.pinmap = 9;
+-    b->pins[23].spi.pinmap = 0;
+-    b->pins[23].spi.mux_total = 0;
+-
+-    strncpy(b->pins[24].name, "P24", MRAA_PIN_NAME_SIZE);
+-    b->pins[24].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 1, 0, 0, 0 };
+-    b->pins[24].gpio.pinmap = 7;
+-    b->pins[24].spi.pinmap = 0;
+-    b->pins[24].spi.mux_total = 0;
+-
+-    strncpy(b->pins[25].name, "P25", MRAA_PIN_NAME_SIZE);
+-    b->pins[25].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 1, 0, 0, 0 };
+-    b->pins[25].gpio.pinmap = 6;
+-    b->pins[25].spi.pinmap = 0;
+-    b->pins[25].spi.mux_total = 0;
+-
+-    strncpy(b->pins[26].name, "P26", MRAA_PIN_NAME_SIZE);
+-    b->pins[26].capabilites = (mraa_pincapabilities_t){ 1, 1, 1, 0, 0, 0, 0, 0 };
+-    b->pins[26].gpio.pinmap = 18;
+-
+-    strncpy(b->pins[27].name, "P27", MRAA_PIN_NAME_SIZE);
+-    b->pins[27].capabilites = (mraa_pincapabilities_t){ 1, 1, 1, 0, 0, 0, 0, 0 };
+-    b->pins[27].gpio.pinmap = 19;
+-
+-    strncpy(b->pins[28].name, "P28", MRAA_PIN_NAME_SIZE);
+-    b->pins[28].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
+-    b->pins[28].gpio.pinmap = 16;
+-
+-    strncpy(b->pins[29].name, "P29", MRAA_PIN_NAME_SIZE);
+-    b->pins[29].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
+-    b->pins[29].gpio.pinmap = 17;
+-
+-    strncpy(b->pins[30].name, "P30", MRAA_PIN_NAME_SIZE);
+-    b->pins[30].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
+-    b->pins[30].gpio.pinmap = 14;
+-
+-    strncpy(b->pins[31].name, "P31", MRAA_PIN_NAME_SIZE);
+-    b->pins[31].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 };
+-    b->pins[31].gpio.pinmap = 15;
++    b->pins[15].gpio.pinmap = 15;
++    gpio_mux_groups[15] = MUX_SPI_S;
+     // BUS DEFINITIONS
+     b->i2c_bus_count = 1;
+     b->def_i2c_bus = 0;
+-        b->i2c_bus[0].bus_id = 0;
+-    b->i2c_bus[0].sda = 20;
+-    b->i2c_bus[0].scl = 21;
++    b->i2c_bus[0].bus_id = 0;
++    b->i2c_bus[0].sda = 5;
++    b->i2c_bus[0].scl = 4;
+     b->spi_bus_count = 1;
+     b->def_spi_bus = 0;
+-    b->spi_bus[0].bus_id = 0;
+-    b->spi_bus[0].slave_s = 0;
+-    b->spi_bus[0].cs = 25;
+-    b->spi_bus[0].mosi = 22;
+-    b->spi_bus[0].miso = 23;
+-    b->spi_bus[0].sclk = 21;
++    b->spi_bus[0].bus_id = 32766;
++    b->spi_bus[0].slave_s = 1;
++    b->spi_bus[0].cs = 6;
++    b->spi_bus[0].mosi = 8;
++    b->spi_bus[0].miso = 9;
++    b->spi_bus[0].sclk = 7;
+     b->uart_dev_count = 3;
+     b->def_uart_dev = 0;
+-    b->uart_dev[0].rx = 18;
+-    b->uart_dev[0].tx = 19;
+-
+-    b->uart_dev[1].rx = 16;
+-    b->uart_dev[1].tx = 17;
+-
+-    b->uart_dev[2].rx = 9;
+-    b->uart_dev[2].tx = 8;
++    b->uart_dev[0].rx = 13;
++    b->uart_dev[0].tx = 12;
++    b->uart_dev[0].device_path = "/dev/ttyS0";
++    b->uart_dev[1].rx = 46;
++    b->uart_dev[1].tx = 45;
++    b->uart_dev[1].device_path = "/dev/ttyS1";
++    b->uart_dev[2].rx = 21;
++    b->uart_dev[2].tx = 20;
++    b->uart_dev[2].device_path = "/dev/ttyS2";
+     b->gpio_count = 0;
+-    int i;
+     for (i = 0; i < b->phy_pin_count; i++) {
+         if (b->pins[i].capabilites.gpio) {
+             b->gpio_count++;
+--- a/src/gpio/gpio.c
++++ b/src/gpio/gpio.c
+@@ -113,6 +113,8 @@
+         close(export);
+     }
++    mraa_gpio_use_mmaped(dev, 1);
++
+ init_internal_cleanup:
+     if (status != MRAA_SUCCESS) {
+         if (dev != NULL)
diff --git a/libs/libradcli/Config.in b/libs/libradcli/Config.in
deleted file mode 100644 (file)
index 35c3a22..0000000
+++ /dev/null
@@ -1,10 +0,0 @@
-# radcli avanced configuration
-
-menu "Configuration"
-       depends on PACKAGE_libradcli
-
-config RADCLI_TLS
-       bool "enable TLS support"
-       default y
-
-endmenu
diff --git a/libs/libradcli/Makefile b/libs/libradcli/Makefile
deleted file mode 100644 (file)
index e420a8e..0000000
+++ /dev/null
@@ -1,75 +0,0 @@
-#
-# Copyright (C) 2015 OpenWrt.org
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=libradcli
-PKG_VERSION:=1.2.5
-PKG_RELEASE:=1
-
-PKG_SOURCE:=radcli-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://github.com/radcli/radcli/releases/download/$(PKG_VERSION)/
-PKG_MD5SUM:=b94e46e37668cc562ea5420d095a836b
-PKG_BUILD_DIR:=$(BUILD_DIR)/radcli-$(PKG_VERSION)
-
-PKG_INSTALL:=1
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/libradcli
-  SECTION:=libs
-  CATEGORY:=Libraries
-  TITLE:=A library for radius clients
-  URL:=http://radcli.github.io/radcli/
-  MAINTAINER:=Nikos Mavrogiannopoulos <nmav@gnutls.org>
-  DEPENDS:= +RADCLI_TLS:libgnutls +libnettle
-endef
-
-define Package/libradcli/decription
-  The radcli library is a library for writing RADIUS Clients. The library's
-  approach is to allow writing RADIUS-aware application in less than 50 lines
-  of C code. It was based originally on freeradius-client and is source 
-  compatible with it.
-endef
-
-CONFIGURE_ARGS+= \
-       --enable-legacy-compat
-
-ifneq ($(CONFIG_RADCLI_TLS),y)
-CONFIGURE_ARGS += --without-tls
-endif
-
-define Build/InstallDev
-       $(INSTALL_DIR) $(1)/usr/include/radcli
-       $(CP) \
-               $(PKG_INSTALL_DIR)/usr/include/radcli/radcli.h \
-               $(PKG_INSTALL_DIR)/usr/include/radcli/version.h \
-               $(1)/usr/include/radcli
-       $(CP) \
-               $(PKG_INSTALL_DIR)/usr/include/freeradius-client.h \
-               $(1)/usr/include/
-       $(INSTALL_DIR) $(1)/usr/lib
-       $(CP) \
-               $(PKG_INSTALL_DIR)/usr/lib/libradcli.so* \
-               $(PKG_INSTALL_DIR)/usr/lib/libfreeradius-client.so \
-               $(1)/usr/lib/
-endef
-
-define Package/libradcli/conffiles
-/etc/radcli/radiusclient.conf
-endef
-
-define Package/libradcli/install
-       $(INSTALL_DIR) $(1)/etc/radcli
-       $(INSTALL_CONF) $(PKG_BUILD_DIR)/etc/radiusclient.conf $(1)/etc/radcli/
-       $(INSTALL_DIR) $(1)/usr/lib
-       $(CP) \
-               $(PKG_INSTALL_DIR)/usr/lib/libradcli.so.* \
-               $(1)/usr/lib/
-endef
-
-$(eval $(call BuildPackage,libradcli))
index 911d34e812d838073dbdefbe782ea1f8c7cbd2eb..f591953bbcafb25f431a9e55635ff8456b1e4ea0 100644 (file)
@@ -1,5 +1,5 @@
 #
-# Copyright (C) 2015-2016 OpenWrt.org
+# Copyright (C) 2015-2018 OpenWrt.org
 #
 # This is free software, licensed under the GNU General Public License v2.
 # See /LICENSE for more information.
@@ -9,10 +9,10 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libssh2
 PKG_VERSION:=1.7.0
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=http://www.libssh2.org/download
+PKG_SOURCE_URL:=https://www.libssh2.org/download
 PKG_MD5SUM:=b01662a210e94cccf2f76094db7dac5c
 
 PKG_INSTALL:=1
@@ -26,7 +26,7 @@ define Package/libssh2
   SECTION:=libs
   CATEGORY:=Libraries
   TITLE:=SSH2 library
-  URL:=http://www.libssh2.org/
+  URL:=https://www.libssh2.org/
   DEPENDS:=+libopenssl +zlib
   MAINTAINER:=Jiri Slachta <jiri@slachta.eu>
 endef
@@ -39,7 +39,8 @@ TARGET_CFLAGS += $(FPIC)
 
 CONFIGURE_ARGS += \
        --disable-examples-build \
-       --with-libssl-prefix=$(STAGING_DIR)/usr
+       --with-libssl-prefix=$(STAGING_DIR)/usr \
+       --with-libz-prefix=$(STAGING_DIR)/usr
 
 define Build/InstallDev
        $(INSTALL_DIR) $(1)/usr/include
index 466547d463f1364908523deffacd483c4ae79d66..b6cf94503ca93a9c8166f51f331fd161f172b0f0 100644 (file)
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libtasn1
-PKG_VERSION:=4.9
+PKG_VERSION:=4.12
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=@GNU/$(PKG_NAME)
-PKG_MD5SUM:=4f6f7a8fd691ac2b8307c8ca365bad711db607d4ad5966f6938a9d2ecd65c920
+PKG_HASH:=6753da2e621257f33f5b051cc114d417e5206a0818fe0b1ecfd6153f70934753
 PKG_LICENSE:=LGPLv2.1+
 PKG_LICENSE_FILES:=COPYING.LIB
 
diff --git a/libs/libtins/Makefile b/libs/libtins/Makefile
new file mode 100644 (file)
index 0000000..05d0aac
--- /dev/null
@@ -0,0 +1,53 @@
+#
+# Copyright (C) 2017 Steven Hessing
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=libtins
+PKG_RELEASE:=1
+
+PKG_MAINTAINER:= Steven Hessing <steven.hessing@gmail.com>
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://github.com/mfontanini/libtins.git
+PKG_SOURCE_VERSION:=v3.5
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.xz
+PKG_HASH:=47cd7d659ffa75dcfc2172ef54151fd36dc87de9e0f04bb066f6b076a7df7b57
+PKG_MIRROR_HASH:=47cd7d659ffa75dcfc2172ef54151fd36dc87de9e0f04bb066f6b076a7df7b57
+
+PKG_LICENSE:=BSD-2-Clause
+PKG_LICENSE_FILES:=LICENSE
+
+PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
+PKG_BUILD_PARALLEL:=1
+
+CMAKE_INSTALL:=1
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
+CMAKE_OPTIONS += -D_RUN_RESULT_VAR=FORCE
+CMAKE_OPTIONS += -DLIBTINS_ENABLE_WPA2=0
+CMAKE_OPTIONS += -DLIBTINS_ENABLE_CXX11=1
+
+define Package/libtins
+       SECTION:=net
+       CATEGORY:=Libraries
+       TITLE:=libtins 
+       URL:=http://libtins.github.io/
+       DEPENDS:=+libstdcpp +libpcap 
+endef
+
+define Package/libtins/description
+libtins is a high-level, multiplatform C++ network packet sniffing and crafting library.
+endef
+
+define Package/libtins/install
+    $(INSTALL_DIR) $(1)/usr/lib
+       $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libtins.so.3.5 $(1)/usr/lib/
+endef
+
+$(eval $(call BuildPackage,libtins))
diff --git a/libs/libwebsockets/Makefile b/libs/libwebsockets/Makefile
new file mode 100644 (file)
index 0000000..df36301
--- /dev/null
@@ -0,0 +1,112 @@
+#
+# Copyright (C) 2014-2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=libwebsockets
+PKG_VERSION:=2.0.3
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE_URL:=https://codeload.github.com/warmcat/libwebsockets/tar.gz/v$(PKG_VERSION)?
+PKG_MD5SUM:=a025156d606d90579e65d53ccd062a94
+
+
+PKG_SOURCE_VERSION:=v$(PKG_VERSION)
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_SOURCE_SUBDIR)
+
+PKG_LICENSE:=LGPL-2.1+exception
+PKG_LICENSE_FILES:=LICENSE
+
+CMAKE_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
+
+CMAKE_OPTIONS += -DLWS_IPV6=$(if $(CONFIG_IPV6),ON,OFF)
+CMAKE_OPTIONS += -DLWS_WITHOUT_TESTAPPS=ON
+
+# other options worth noting
+# CMAKE_OPTIONS += -DLWS_WITHOUT_EXTENSIONS=ON
+# CMAKE_OPTIONS += -DLWS_WITHOUT_DAEMONIZE=ON
+# CMAKE_OPTIONS += -DLWS_WITHOUT_SERVER=ON
+# CMAKE_OPTIONS += -DLWS_WITHOUT_DEBUG=ON
+
+
+define Package/$(PKG_NAME)/Default
+       SECTION:=libs
+       CATEGORY:=Libraries
+       TITLE:=libwebsockets
+       PROVIDES:=libwebsockets
+       DEPENDS:=+zlib
+       URL:=https://libwebsockets.org
+       MAINTAINER:=Karl Palsson <karlp@etactica.com>
+endef
+
+define Package/libwebsockets-openssl
+       $(call Package/$(PKG_NAME)/Default)
+       TITLE += (OpenSSL)
+       DEPENDS += +libopenssl
+       VARIANT:=openssl
+endef
+
+define Package/libwebsockets-cyassl
+       $(call Package/$(PKG_NAME)/Default)
+       TITLE += (CyaSSL)
+       DEPENDS += +libcyassl
+       VARIANT:=cyassl
+endef
+
+define Package/libwebsockets-full
+       $(call Package/$(PKG_NAME)/Default)
+       TITLE += (Full - OpenSSL, libuv, plugins, CGI)
+       DEPENDS += +libopenssl +libuv
+       VARIANT:=full
+endef
+
+ifeq ($(BUILD_VARIANT),openssl)
+    CMAKE_OPTIONS += -DLWS_OPENSSL_CLIENT_CERTS=/etc/ssl/certs
+    CMAKE_OPTIONS += -DLWS_OPENSSL_SUPPORT=ON
+    CMAKE_OPTIONS += -DLWS_WITH_SSL=ON
+endif
+
+ifeq ($(BUILD_VARIANT),cyassl)
+    CMAKE_OPTIONS += -DLWS_OPENSSL_CLIENT_CERTS=/etc/ssl/certs
+    CMAKE_OPTIONS += -DLWS_OPENSSL_SUPPORT=ON
+    CMAKE_OPTIONS += -DLWS_WITH_SSL=ON
+# for cyassl, edit package/libs/cyassl/Makefile to include --enable-opensslextra
+# NOTE: it will compile without it, untested whether it it's needed?!
+    CMAKE_OPTIONS += -DLWS_USE_CYASSL=ON
+    CMAKE_OPTIONS += -DLWS_CYASSL_LIBRARIES=$(STAGING_DIR)/usr/lib/libcyassl.so
+    CMAKE_OPTIONS += -DLWS_CYASSL_INCLUDE_DIRS=$(STAGING_DIR)/usr/include
+endif
+
+ifeq ($(BUILD_VARIANT),full)
+    CMAKE_OPTIONS += -DLWS_OPENSSL_CLIENT_CERTS=/etc/ssl/certs
+    CMAKE_OPTIONS += -DLWS_OPENSSL_SUPPORT=ON
+    CMAKE_OPTIONS += -DLWS_WITH_SSL=ON
+    CMAKE_OPTIONS += -DLWS_WITH_LIBUV=ON
+    CMAKE_OPTIONS += -DLWS_WITH_PLUGINS=ON
+    CMAKE_OPTIONS += -DLWS_WITH_SERVER_STATUS=ON
+    CMAKE_OPTIONS += -DLWS_WITH_ACCESS_LOG=ON
+    CMAKE_OPTIONS += -DLWS_WITH_CGI=ON
+endif
+
+define Package/libwebsockets/install
+       $(INSTALL_DIR) $(1)/usr/lib
+       $(CP) $(PKG_INSTALL_DIR)/usr/lib/libwebsockets.so* $(1)/usr/lib/
+endef
+
+Package/$(PKG_NAME)-cyassl/install = $(Package/$(PKG_NAME)/install)
+Package/$(PKG_NAME)-openssl/install = $(Package/$(PKG_NAME)/install)
+Package/$(PKG_NAME)-full/install = $(Package/$(PKG_NAME)/install)
+
+$(eval $(call BuildPackage,libwebsockets-openssl))
+$(eval $(call BuildPackage,libwebsockets-cyassl))
+$(eval $(call BuildPackage,libwebsockets-full))
index 955073a0073e2c7c2bf3cf9234011d9317004f9b..2d867c182d07820979b514109a295761fcea204a 100644 (file)
@@ -1,5 +1,5 @@
 #
-# Copyright (C) 2014 OpenWrt.org
+# Copyright (C) 2014 - 2018 OpenWrt.org
 #
 # This is free software, licensed under the GNU General Public License v2.
 # See /LICENSE for more information.
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libxslt
 PKG_VERSION:=1.1.28
-PKG_RELEASE:=2
+PKG_RELEASE:=3
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:= \
@@ -64,6 +64,7 @@ define Package/xsltproc/description
 endef
 
 CONFIGURE_ARGS+= \
+       --disable-silent-rules \
        --enable-shared \
        --enable-static \
        --without-python \
diff --git a/libs/libxslt/patches/0005-Fix-a-couple-of-places-where-f-printf-parameters-wer.patch b/libs/libxslt/patches/0005-Fix-a-couple-of-places-where-f-printf-parameters-wer.patch
new file mode 100644 (file)
index 0000000..2313388
--- /dev/null
@@ -0,0 +1,48 @@
+From: Daniel Veillard <veillard@redhat.com>
+Date: Wed, 30 Jan 2013 16:31:37 +0000
+Subject: Fix a couple of places where (f)printf parameters were broken
+
+As reported by Thomas Jarosch <thomas.jarosch@intra2net.com>
+---
+ python/libxslt.c    |   10 +++++-----
+ xsltproc/xsltproc.c |    2 +-
+ 2 files changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/python/libxslt.c b/python/libxslt.c
+index 6a4f1c3..8dd6c78 100644
+--- a/python/libxslt.c
++++ b/python/libxslt.c
+@@ -356,15 +356,15 @@ libxslt_xsltRegisterExtModuleElement(PyObject *self ATTRIBUTE_UNUSED,
+     PyObject *pyobj_element_f;
+     PyObject *pyobj_precomp_f;
+-#ifdef DEBUG_EXTENSIONS
+-    printf("libxslt_xsltRegisterExtModuleElement called\n",
+-         name, ns_uri);
+-#endif
+-
+     if (!PyArg_ParseTuple(args, (char *)"szOO:registerExtModuleElement",
+                         &name, &ns_uri, &pyobj_precomp_f, &pyobj_element_f))
+         return(NULL);
++#ifdef DEBUG_EXTENSIONS
++    printf("libxslt_xsltRegisterExtModuleElement called: %s %s\n",
++         name, ns_uri);
++#endif
++
+     if ((name == NULL) || (pyobj_element_f == NULL) || (pyobj_precomp_f == NULL)) {
+       py_retval = libxml_intWrap(-1);
+       return(py_retval);
+diff --git a/xsltproc/xsltproc.c b/xsltproc/xsltproc.c
+index 9ec4b76..33beddf 100644
+--- a/xsltproc/xsltproc.c
++++ b/xsltproc/xsltproc.c
+@@ -319,7 +319,7 @@ static void endTimer(char *format, ...)
+     va_start(ap, format);
+     vfprintf(stderr,format,ap);
+     va_end(ap);
+-    fprintf(stderr, " was not timed\n", msec);
++    fprintf(stderr, " was not timed\n");
+ #else
+   /* We don't have gettimeofday, time or stdarg.h, what crazy world is
+    * this ?!
diff --git a/libs/libxslt/patches/0006-Initialize-pseudo-random-number-generator-with-curre.patch b/libs/libxslt/patches/0006-Initialize-pseudo-random-number-generator-with-curre.patch
new file mode 100644 (file)
index 0000000..2d38ba2
--- /dev/null
@@ -0,0 +1,56 @@
+From: Nils Werner <wernerns@iis.fraunhofer.de>
+Date: Thu, 24 Jan 2013 18:44:03 +0000
+Subject: Initialize pseudo random number generator with current time or
+ optional command line parameter
+
+---
+ xsltproc/xsltproc.c |   15 +++++++++++++++
+ 1 file changed, 15 insertions(+)
+
+diff --git a/xsltproc/xsltproc.c b/xsltproc/xsltproc.c
+index 33beddf..7d1fe61 100644
+--- a/xsltproc/xsltproc.c
++++ b/xsltproc/xsltproc.c
+@@ -514,6 +514,7 @@ static void usage(const char *name) {
+     printf("\t--maxdepth val : increase the maximum depth (default %d)\n", xsltMaxDepth);
+     printf("\t--maxvars val : increase the maximum variables (default %d)\n", xsltMaxVars);
+     printf("\t--maxparserdepth val : increase the maximum parser depth\n");
++    printf("\t--seed-rand val : initialize pseudo random number generator with specific seed\n");
+ #ifdef LIBXML_HTML_ENABLED
+     printf("\t--html: the input document is(are) an HTML file(s)\n");
+ #endif
+@@ -556,6 +557,7 @@ main(int argc, char **argv)
+         return (1);
+     }
++    srand(time(NULL));
+     xmlInitMemory();
+     LIBXML_TEST_VERSION
+@@ -750,6 +752,15 @@ main(int argc, char **argv)
+                 if (value > 0)
+                     xmlParserMaxDepth = value;
+             }
++        } else if ((!strcmp(argv[i], "-seed-rand")) ||
++                   (!strcmp(argv[i], "--seed-rand"))) {
++            int value;
++
++            i++;
++            if (sscanf(argv[i], "%d", &value) == 1) {
++                if (value > 0)
++                    srand(value);
++            }
+         } else if ((!strcmp(argv[i],"-dumpextensions"))||
+                       (!strcmp(argv[i],"--dumpextensions"))) {
+               dumpextensions++;
+@@ -786,6 +797,10 @@ main(int argc, char **argv)
+             (!strcmp(argv[i], "--maxparserdepth"))) {
+             i++;
+             continue;
++        } else if ((!strcmp(argv[i], "-seed-rand")) ||
++            (!strcmp(argv[i], "--seed-rand"))) {
++            i++;
++            continue;
+         } else if ((!strcmp(argv[i], "-o")) ||
+                    (!strcmp(argv[i], "-output")) ||
+                    (!strcmp(argv[i], "--output"))) {
diff --git a/libs/libxslt/patches/0007-EXSLT-function-str-replace-is-broken-as-is.patch b/libs/libxslt/patches/0007-EXSLT-function-str-replace-is-broken-as-is.patch
new file mode 100644 (file)
index 0000000..6bb238d
--- /dev/null
@@ -0,0 +1,38 @@
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Mon, 1 Jul 2013 13:10:10 +0000
+Subject: EXSLT function str:replace() is broken as-is
+
+the str:replace() function is no longer usable without a transform
+context. I take it from the bug report that it is not supposed to be used
+from plain XPath but only from XSLT according to the EXSLT specification.
+
+However, the previous implementation used to work in XPath and is still
+registered on an xmlXPathContext by the exsltStrXpathCtxtRegister()
+function. When called from plain XPath, it results in a memory error in
+line 526 (exsltStrReturnString()) of strings.c because xsltCreateRVT()
+returns NULL as an error indicator due to a NULL transform context being
+passed in, which was the return value from xsltXPathGetTransformContext() a
+bit further up (and the code doesn't validate that).
+
+Since fixing the function looks impossible, best is to remove it.
+---
+ libexslt/strings.c |    6 +-----
+ 1 file changed, 1 insertion(+), 5 deletions(-)
+
+diff --git a/libexslt/strings.c b/libexslt/strings.c
+index 045cc14..c0c7a18 100644
+--- a/libexslt/strings.c
++++ b/libexslt/strings.c
+@@ -838,11 +838,7 @@ exsltStrXpathCtxtRegister (xmlXPathContextPtr ctxt, const xmlChar *prefix)
+         && !xmlXPathRegisterFuncNS(ctxt,
+                                    (const xmlChar *) "concat",
+                                    (const xmlChar *) EXSLT_STRINGS_NAMESPACE,
+-                                   exsltStrConcatFunction)
+-        && !xmlXPathRegisterFuncNS(ctxt,
+-                                   (const xmlChar *) "replace",
+-                                   (const xmlChar *) EXSLT_STRINGS_NAMESPACE,
+-                                   exsltStrReplaceFunction)) {
++                                   exsltStrConcatFunction)) {
+         return 0;
+     }
+     return -1;
diff --git a/libs/libxslt/patches/0008-Fix-quoting-of-xlocale-test-program-in-configure.in.patch b/libs/libxslt/patches/0008-Fix-quoting-of-xlocale-test-program-in-configure.in.patch
new file mode 100644 (file)
index 0000000..f6ba74c
--- /dev/null
@@ -0,0 +1,43 @@
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Tue, 30 Jul 2013 11:57:28 +0000
+Subject: Fix quoting of xlocale test program in configure.in
+
+Double square brackets aren't needed anymore, probably due to the
+changes in commit a2cd8a03.
+---
+ configure.in |   14 +++++++-------
+ 1 file changed, 7 insertions(+), 7 deletions(-)
+
+diff --git a/configure.in b/configure.in
+index 767e980..ac004fe 100644
+--- a/configure.in
++++ b/configure.in
+@@ -196,21 +196,21 @@ typedef locale_t xsltLocale;
+ #endif
+ ]],[[
+     xsltLocale locale;
+-    const char *src[[2]] = { "\xc3\x84rger", "Zeppelin" };
+-    char *dst[[2]];
++    const char *src[2] = { "\xc3\x84rger", "Zeppelin" };
++    char *dst[2];
+     size_t len, r;
+     int i;
+     locale = newlocale(LC_COLLATE_MASK, "en_US.utf8", NULL);
+     if (locale == NULL) exit(1);
+     for (i=0; i<2; ++i) {
+-        len = strxfrm_l(NULL, src[[i]], 0, locale) + 1;
+-        dst[[i]] = malloc(len);
+-        if(dst[[i]] == NULL) exit(1);
+-        r = strxfrm_l(dst[[i]], src[[i]], len, locale);
++        len = strxfrm_l(NULL, src[i], 0, locale) + 1;
++        dst[i] = malloc(len);
++        if(dst[i] == NULL) exit(1);
++        r = strxfrm_l(dst[i], src[i], len, locale);
+         if(r >= len) exit(1);
+     }
+-    if (strcmp(dst[[0]], dst[[1]]) >= 0) exit(1);
++    if (strcmp(dst[0], dst[1]) >= 0) exit(1);
+     exit(0);
+     return(0);
diff --git a/libs/libxslt/patches/0009-Fix-for-type-confusion-in-preprocessing-attributes.patch b/libs/libxslt/patches/0009-Fix-for-type-confusion-in-preprocessing-attributes.patch
new file mode 100644 (file)
index 0000000..9f2d7ac
--- /dev/null
@@ -0,0 +1,29 @@
+From 7ca19df892ca22d9314e95d59ce2abdeff46b617 Mon Sep 17 00:00:00 2001
+From: Daniel Veillard <veillard@redhat.com>
+Date: Thu, 29 Oct 2015 19:33:23 +0800
+Subject: [PATCH] Fix for type confusion in preprocessing attributes
+
+CVE-2015-7995 http://www.openwall.com/lists/oss-security/2015/10/27/10
+We need to check that the parent node is an element before dereferencing
+its namespace
+---
+ libxslt/preproc.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/libxslt/preproc.c b/libxslt/preproc.c
+index 0eb80a0..7f69325 100644
+--- a/libxslt/preproc.c
++++ b/libxslt/preproc.c
+@@ -2249,7 +2249,8 @@ xsltStylePreCompute(xsltStylesheetPtr style, xmlNodePtr inst) {
+       } else if (IS_XSLT_NAME(inst, "attribute")) {
+           xmlNodePtr parent = inst->parent;
+-          if ((parent == NULL) || (parent->ns == NULL) ||
++          if ((parent == NULL) ||
++              (parent->type != XML_ELEMENT_NODE) || (parent->ns == NULL) ||
+               ((parent->ns != inst->ns) &&
+                (!xmlStrEqual(parent->ns->href, inst->ns->href))) ||
+               (!xmlStrEqual(parent->name, BAD_CAST "attribute-set"))) {
+-- 
+2.8.1
+
diff --git a/libs/libxslt/patches/0010-Always-initialize-EXSLT-month-and-day-to-1.patch b/libs/libxslt/patches/0010-Always-initialize-EXSLT-month-and-day-to-1.patch
new file mode 100644 (file)
index 0000000..183cabb
--- /dev/null
@@ -0,0 +1,62 @@
+From 3309feb654036280d2355f8025150a69bfded6e2 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Sun, 3 Jan 2016 16:45:24 +0100
+Subject: [PATCH] Always initialize EXSLT month and day to 1
+
+Fixes bug #757970
+https://bugzilla.gnome.org/show_bug.cgi?id=757970
+---
+ libexslt/date.c | 17 +++++++----------
+ 1 file changed, 7 insertions(+), 10 deletions(-)
+
+diff --git a/libexslt/date.c b/libexslt/date.c
+index 9ca993c..272c61b 100644
+--- a/libexslt/date.c
++++ b/libexslt/date.c
+@@ -667,6 +667,11 @@ exsltDateCreateDate (exsltDateType type)
+     }
+     memset (ret, 0, sizeof(exsltDateVal));
++    if (type != XS_DURATION) {
++        ret->value.date.mon = 1;
++        ret->value.date.day = 1;
++    }
++
+     if (type != EXSLT_UNKNOWN)
+         ret->type = type;
+@@ -1395,10 +1400,10 @@ _exsltDateTruncateDate (exsltDateValPtr dt, exsltDateType type)
+     }
+     if ((type & XS_GDAY) != XS_GDAY)
+-        dt->value.date.day = 0;
++        dt->value.date.day = 1;
+     if ((type & XS_GMONTH) != XS_GMONTH)
+-        dt->value.date.mon = 0;
++        dt->value.date.mon = 1;
+     if ((type & XS_GYEAR) != XS_GYEAR)
+         dt->value.date.year = 0;
+@@ -1473,18 +1478,10 @@ _exsltDateAdd (exsltDateValPtr dt, exsltDateValPtr dur)
+     d = &(dt->value.date);
+     u = &(dur->value.dur);
+-    /* normalization */
+-    if (d->mon == 0)
+-        d->mon = 1;
+-
+     /* normalize for time zone offset */
+     u->sec -= (d->tzo * 60);  /* changed from + to - (bug 153000) */
+     d->tzo = 0;
+-    /* normalization */
+-    if (d->day == 0)
+-        d->day = 1;
+-
+     /* month */
+     carry  = d->mon + u->mon;
+     r->mon = (unsigned int)MODULO_RANGE(carry, 1, 13);
+-- 
+2.8.1
+
diff --git a/libs/libxslt/patches/0011-Fix-use-after-free-in-xsltDocumentFunctionLoadDocume.patch b/libs/libxslt/patches/0011-Fix-use-after-free-in-xsltDocumentFunctionLoadDocume.patch
new file mode 100644 (file)
index 0000000..aec622f
--- /dev/null
@@ -0,0 +1,105 @@
+From fc1ff481fd01e9a65a921c542fed68d8c965e8a3 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Thu, 25 Feb 2016 17:16:06 +0100
+Subject: [PATCH] Fix use-after-free in xsltDocumentFunctionLoadDocument
+
+Also fixes a memory leak in an unlikely error case.
+
+Fixes bug #758291
+https://bugzilla.gnome.org/show_bug.cgi?id=758291
+---
+ libxslt/functions.c         |  3 ++-
+ tests/docs/bug-185-data.xml |  5 +++++
+ tests/docs/bug-185.xml      |  2 ++
+ tests/general/bug-185.err   |  3 +++
+ tests/general/bug-185.out   |  0
+ tests/general/bug-185.xsl   | 14 ++++++++++++++
+ 6 files changed, 26 insertions(+), 1 deletion(-)
+ create mode 100644 tests/docs/bug-185-data.xml
+ create mode 100644 tests/docs/bug-185.xml
+ create mode 100644 tests/general/bug-185.err
+ create mode 100644 tests/general/bug-185.out
+ create mode 100644 tests/general/bug-185.xsl
+
+diff --git a/libxslt/functions.c b/libxslt/functions.c
+index 549649c..a5e7021 100644
+--- a/libxslt/functions.c
++++ b/libxslt/functions.c
+@@ -180,7 +180,6 @@ xsltDocumentFunctionLoadDocument(xmlXPathParserContextPtr ctxt, xmlChar* URI)
+     resObj = xmlXPtrEval(fragment, xptrctxt);
+     xmlXPathFreeContext(xptrctxt);
+ #endif
+-    xmlFree(fragment);
+     if (resObj == NULL)
+       goto out_fragment;
+@@ -204,6 +203,7 @@ xsltDocumentFunctionLoadDocument(xmlXPathParserContextPtr ctxt, xmlChar* URI)
+     }
+     valuePush(ctxt, resObj);
++    xmlFree(fragment);
+     return;
+ out_object:
+@@ -211,6 +211,7 @@ out_object:
+ out_fragment:
+     valuePush(ctxt, xmlXPathNewNodeSet(NULL));
++    xmlFree(fragment);
+ }
+ /**
+diff --git a/tests/docs/bug-185-data.xml b/tests/docs/bug-185-data.xml
+new file mode 100644
+index 0000000..166ef17
+--- /dev/null
++++ b/tests/docs/bug-185-data.xml
+@@ -0,0 +1,5 @@
++<!DOCTYPE test [ <!ATTLIST A id ID #REQUIRED> ] >
++<test>
++  <A id="X"/>
++  <A id="Y"/>
++</test>
+diff --git a/tests/docs/bug-185.xml b/tests/docs/bug-185.xml
+new file mode 100644
+index 0000000..72bfdc4
+--- /dev/null
++++ b/tests/docs/bug-185.xml
+@@ -0,0 +1,2 @@
++<?xml-stylesheet href="poc.xsl" type="text/xsl"?>
++<in>bug-185-data.xml#xpointer(id('X')/range-to(id('Y')))</in>
+diff --git a/tests/general/bug-185.err b/tests/general/bug-185.err
+new file mode 100644
+index 0000000..d7bbe92
+--- /dev/null
++++ b/tests/general/bug-185.err
+@@ -0,0 +1,3 @@
++runtime error: file ./bug-185.xsl line 7 element copy-of
++document() : XPointer does not select a node set: #xpointer(id('X')/range-to(id('Y')))
++no result for ./../docs/bug-185.xml
+diff --git a/tests/general/bug-185.out b/tests/general/bug-185.out
+new file mode 100644
+index 0000000..e69de29
+diff --git a/tests/general/bug-185.xsl b/tests/general/bug-185.xsl
+new file mode 100644
+index 0000000..1c5c7d1
+--- /dev/null
++++ b/tests/general/bug-185.xsl
+@@ -0,0 +1,14 @@
++<?xml version="1.0" encoding="utf-8"?>
++<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
++  <xsl:template match="in">
++    <annotation>
++      <xsl:copy-of select="."/>
++      <value>
++        <xsl:copy-of select="document(.)"/>
++      </value>
++    </annotation>
++  </xsl:template>
++  <xsl:template match="@*|node()">
++    <xsl:apply-templates/>
++  </xsl:template>
++</xsl:stylesheet>
+-- 
+2.8.1
+
diff --git a/libs/libxslt/patches/0012-Fix-xsltNumberFormatGetMultipleLevel.patch b/libs/libxslt/patches/0012-Fix-xsltNumberFormatGetMultipleLevel.patch
new file mode 100644 (file)
index 0000000..871fcfb
--- /dev/null
@@ -0,0 +1,171 @@
+From d182d8f6ba3071503d96ce17395c9d55871f0242 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Tue, 22 Mar 2016 18:20:01 +0100
+Subject: [PATCH] Fix xsltNumberFormatGetMultipleLevel
+
+Namespace nodes are actually an xmlNs, not an xmlNode. They must be
+special-cased in xsltNumberFormatGetMultipleLevel to avoid an
+out-of-bounds heap access.
+
+Move the test whether a node matches the "count" pattern to a separate
+function to make the code more readable. As a side effect, we also
+compare expanded names when walking up the ancestor axis, fixing an
+insignificant bug.
+---
+ libxslt/numbers.c         | 82 +++++++++++++++++++++++++++--------------------
+ tests/docs/bug-186.xml    |  4 +++
+ tests/general/bug-186.out |  5 +++
+ tests/general/bug-186.xsl |  7 ++++
+ 4 files changed, 63 insertions(+), 35 deletions(-)
+ create mode 100644 tests/docs/bug-186.xml
+ create mode 100644 tests/general/bug-186.out
+ create mode 100644 tests/general/bug-186.xsl
+
+diff --git a/libxslt/numbers.c b/libxslt/numbers.c
+index e3209e0..184ee6f 100644
+--- a/libxslt/numbers.c
++++ b/libxslt/numbers.c
+@@ -532,6 +532,43 @@ xsltNumberFormatInsertNumbers(xsltNumberDataPtr data,
+ }
+ static int
++xsltTestCompMatchCount(xsltTransformContextPtr context,
++                       xmlNodePtr node,
++                       xsltCompMatchPtr countPat,
++                       xmlNodePtr cur)
++{
++    if (countPat != NULL) {
++        return xsltTestCompMatchList(context, node, countPat);
++    }
++    else {
++        /*
++         * 7.7 Numbering
++         *
++         * If count attribute is not specified, then it defaults to the
++         * pattern that matches any node with the same node type as the
++         * current node and, if the current node has an expanded-name, with
++         * the same expanded-name as the current node.
++         */
++        if (node->type != cur->type)
++            return 0;
++        if (node->type == XML_NAMESPACE_DECL)
++            /*
++             * Namespace nodes have no preceding siblings and no parents
++             * that are namespace nodes. This means that node == cur.
++             */
++            return 1;
++        /* TODO: Skip node types without expanded names like text nodes. */
++        if (!xmlStrEqual(node->name, cur->name))
++            return 0;
++        if (node->ns == cur->ns)
++            return 1;
++        if ((node->ns == NULL) || (cur->ns == NULL))
++            return 0;
++        return (xmlStrEqual(node->ns->href, cur->ns->href));
++    }
++}
++
++static int
+ xsltNumberFormatGetAnyLevel(xsltTransformContextPtr context,
+                           xmlNodePtr node,
+                           xsltCompMatchPtr countPat,
+@@ -562,21 +599,8 @@ xsltNumberFormatGetAnyLevel(xsltTransformContextPtr context,
+     while (cur != NULL) {
+       /* process current node */
+-      if (countPat == NULL) {
+-          if ((node->type == cur->type) &&
+-              /* FIXME: must use expanded-name instead of local name */
+-              xmlStrEqual(node->name, cur->name)) {
+-                  if ((node->ns == cur->ns) ||
+-                      ((node->ns != NULL) &&
+-                       (cur->ns != NULL) &&
+-                       (xmlStrEqual(node->ns->href,
+-                           cur->ns->href) )))
+-                      cnt++;
+-          }
+-      } else {
+-          if (xsltTestCompMatchList(context, cur, countPat))
+-              cnt++;
+-      }
++      if (xsltTestCompMatchCount(context, cur, countPat, node))
++          cnt++;
+       if ((fromPat != NULL) &&
+           xsltTestCompMatchList(context, cur, fromPat)) {
+           break; /* while */
+@@ -633,30 +657,18 @@ xsltNumberFormatGetMultipleLevel(xsltTransformContextPtr context,
+               xsltTestCompMatchList(context, ancestor, fromPat))
+               break; /* for */
+-          if ((countPat == NULL && node->type == ancestor->type &&
+-              xmlStrEqual(node->name, ancestor->name)) ||
+-              xsltTestCompMatchList(context, ancestor, countPat)) {
++          if (xsltTestCompMatchCount(context, ancestor, countPat, node)) {
+               /* count(preceding-sibling::*) */
+-              cnt = 0;
+-              for (preceding = ancestor;
++              cnt = 1;
++              for (preceding =
++                        xmlXPathNextPrecedingSibling(parser, ancestor);
+                    preceding != NULL;
+                    preceding =
+                       xmlXPathNextPrecedingSibling(parser, preceding)) {
+-                  if (countPat == NULL) {
+-                      if ((preceding->type == ancestor->type) &&
+-                          xmlStrEqual(preceding->name, ancestor->name)){
+-                          if ((preceding->ns == ancestor->ns) ||
+-                              ((preceding->ns != NULL) &&
+-                               (ancestor->ns != NULL) &&
+-                               (xmlStrEqual(preceding->ns->href,
+-                                   ancestor->ns->href) )))
+-                              cnt++;
+-                      }
+-                  } else {
+-                      if (xsltTestCompMatchList(context, preceding,
+-                                                countPat))
+-                          cnt++;
+-                  }
++
++                  if (xsltTestCompMatchCount(context, preceding, countPat,
++                                               node))
++                      cnt++;
+               }
+               array[amount++] = (double)cnt;
+               if (amount >= max)
+diff --git a/tests/docs/bug-186.xml b/tests/docs/bug-186.xml
+new file mode 100644
+index 0000000..424db6b
+--- /dev/null
++++ b/tests/docs/bug-186.xml
+@@ -0,0 +1,4 @@
++<top xmlns:a="AAAA" xmlns:b="BBBB" xmlns:c="CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC">
++<foo/>
++<bar/>
++</top>
+diff --git a/tests/general/bug-186.out b/tests/general/bug-186.out
+new file mode 100644
+index 0000000..01a59f8
+--- /dev/null
++++ b/tests/general/bug-186.out
+@@ -0,0 +1,5 @@
++<?xml version="1.0"?>
++
++1111
++1111
++
+diff --git a/tests/general/bug-186.xsl b/tests/general/bug-186.xsl
+new file mode 100644
+index 0000000..9c491dd
+--- /dev/null
++++ b/tests/general/bug-186.xsl
+@@ -0,0 +1,7 @@
++<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
++ <xsl:template match="*/*">
++  <xsl:for-each select="namespace::*">
++   <xsl:number/>
++  </xsl:for-each>
++ </xsl:template>
++</xsl:stylesheet>
+-- 
+2.8.1
+
diff --git a/libs/libxslt/patches/0013-Round-xsl-number-values-to-nearest-integer.patch b/libs/libxslt/patches/0013-Round-xsl-number-values-to-nearest-integer.patch
new file mode 100644 (file)
index 0000000..bed1b04
--- /dev/null
@@ -0,0 +1,26 @@
+From 345e0bfb1c1131155a32dfbdfc8f78d1c602dc40 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Sun, 10 Apr 2016 12:50:02 +0200
+Subject: [PATCH] Round xsl:number values to nearest integer
+
+This matches XSLT 2.0 behavior.
+---
+ libxslt/numbers.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libxslt/numbers.c b/libxslt/numbers.c
+index 184ee6f..eb087bc 100644
+--- a/libxslt/numbers.c
++++ b/libxslt/numbers.c
+@@ -440,6 +440,8 @@ xsltNumberFormatInsertNumbers(xsltNumberDataPtr data,
+     for (i = 0; i < numbers_max; i++) {
+       /* Insert number */
+       number = numbers[(numbers_max - 1) - i];
++        /* Round to nearest like XSLT 2.0 */
++        number = floor(number + 0.5);
+       if (i < tokens->nTokens) {
+         /*
+          * The "n"th format token will be used to format the "n"th
+-- 
+2.8.1
+
diff --git a/libs/libxslt/patches/0014-Handle-negative-xsl-number-values.patch b/libs/libxslt/patches/0014-Handle-negative-xsl-number-values.patch
new file mode 100644 (file)
index 0000000..d5b54f4
--- /dev/null
@@ -0,0 +1,51 @@
+From 69ec3da1b653024aca6515ddd4adc91919dd188e Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Sun, 10 Apr 2016 12:51:57 +0200
+Subject: [PATCH] Handle negative xsl:number values
+
+According to XSLT 2.0, negative values are a non-recoverable dynamic error.
+Print an error message and treat negative values as zero.
+
+Fixes an OOB array access in xsltNumberFormatAlpha.
+---
+ libxslt/numbers.c | 17 ++++++++++++++++-
+ 1 file changed, 16 insertions(+), 1 deletion(-)
+
+diff --git a/libxslt/numbers.c b/libxslt/numbers.c
+index eb087bc..a3cabcf 100644
+--- a/libxslt/numbers.c
++++ b/libxslt/numbers.c
+@@ -246,7 +246,7 @@ xsltNumberFormatAlpha(xmlBufferPtr buffer,
+       number--;
+       *(--pointer) = alpha_list[((int)fmod(number, alpha_size))];
+       number /= alpha_size;
+-      if (fabs(number) < 1.0)
++      if (number < 1.0)
+           break; /* for */
+     }
+     xmlBufferCCat(buffer, pointer);
+@@ -442,6 +442,21 @@ xsltNumberFormatInsertNumbers(xsltNumberDataPtr data,
+       number = numbers[(numbers_max - 1) - i];
+         /* Round to nearest like XSLT 2.0 */
+         number = floor(number + 0.5);
++        /*
++         * XSLT 1.0 isn't clear on how to handle negative numbers, but XSLT
++         * 2.0 says:
++         *
++         *     It is a non-recoverable dynamic error if any undiscarded item
++         *     in the atomized sequence supplied as the value of the value
++         *     attribute of xsl:number cannot be converted to an integer, or
++         *     if the resulting integer is less than 0 (zero).
++         */
++        if (number < 0.0) {
++            xsltTransformError(NULL, NULL, NULL,
++                    "xsl-number : negative value\n");
++            /* Recover by treating negative values as zero. */
++            number = 0.0;
++        }
+       if (i < tokens->nTokens) {
+         /*
+          * The "n"th format token will be used to format the "n"th
+-- 
+2.8.1
+
diff --git a/libs/libxslt/patches/0015-Lower-bound-for-format-token-a.patch b/libs/libxslt/patches/0015-Lower-bound-for-format-token-a.patch
new file mode 100644 (file)
index 0000000..e5149a9
--- /dev/null
@@ -0,0 +1,75 @@
+From 405034286fbdd6166229335b7203a41bf53b40fc Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Sun, 10 Apr 2016 13:11:31 +0200
+Subject: [PATCH] Lower bound for format token "a"
+
+Handle xsl:number with format "a" and value 0 according to XSLT 2.0.
+
+Fixes an OOB array access in xsltNumberFormatAlpha.
+---
+ libxslt/numbers.c | 33 ++++++++++++++++++++++++---------
+ 1 file changed, 24 insertions(+), 9 deletions(-)
+
+diff --git a/libxslt/numbers.c b/libxslt/numbers.c
+index a3cabcf..af52883 100644
+--- a/libxslt/numbers.c
++++ b/libxslt/numbers.c
+@@ -227,7 +227,8 @@ xsltNumberFormatDecimal(xmlBufferPtr buffer,
+ }
+ static void
+-xsltNumberFormatAlpha(xmlBufferPtr buffer,
++xsltNumberFormatAlpha(xsltNumberDataPtr data,
++                    xmlBufferPtr buffer,
+                     double number,
+                     int is_upper)
+ {
+@@ -237,6 +238,26 @@ xsltNumberFormatAlpha(xmlBufferPtr buffer,
+     char *alpha_list;
+     double alpha_size = (double)(sizeof(alpha_upper_list) - 1);
++    /*
++     * XSLT 1.0 isn't clear on how to handle zero, but XSLT 2.0 says:
++     *
++     *     For all format tokens other than the first kind above (one that
++     *     consists of decimal digits), there may be implementation-defined
++     *     lower and upper bounds on the range of numbers that can be
++     *     formatted using this format token; indeed, for some numbering
++     *     sequences there may be intrinsic limits. [...] Numbers that fall
++     *     outside this range must be formatted using the format token 1.
++     *
++     * The "a" token has an intrinsic lower limit of 1.
++     */
++    if (number < 1.0) {
++        xsltNumberFormatDecimal(buffer, number, '0', 1,
++                                data->digitsPerGroup,
++                                data->groupingCharacter,
++                                data->groupingCharacterLen);
++        return;
++    }
++
+     /* Build buffer from back */
+     pointer = &temp_string[sizeof(temp_string)];
+     *(--pointer) = 0;
+@@ -500,16 +521,10 @@ xsltNumberFormatInsertNumbers(xsltNumberDataPtr data,
+               switch (token->token) {
+               case 'A':
+-                  xsltNumberFormatAlpha(buffer,
+-                                        number,
+-                                        TRUE);
+-
++                  xsltNumberFormatAlpha(data, buffer, number, TRUE);
+                   break;
+               case 'a':
+-                  xsltNumberFormatAlpha(buffer,
+-                                        number,
+-                                        FALSE);
+-
++                  xsltNumberFormatAlpha(data, buffer, number, FALSE);
+                   break;
+               case 'I':
+                   xsltNumberFormatRoman(buffer,
+-- 
+2.8.1
+
diff --git a/libs/libxslt/patches/0016-Lower-and-upper-bound-for-format-token-i.patch b/libs/libxslt/patches/0016-Lower-and-upper-bound-for-format-token-i.patch
new file mode 100644 (file)
index 0000000..d000c45
--- /dev/null
@@ -0,0 +1,64 @@
+From 91d0540ac9beaa86719a05b749219a69baa0dd8d Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Sun, 10 Apr 2016 13:12:28 +0200
+Subject: [PATCH] Lower and upper bound for format token "i"
+
+Handle xsl:number with format "i" and value 0 according to XSLT 2.0.
+
+Also introduce an upper bound to fix a denial of service.
+---
+ libxslt/numbers.c | 25 ++++++++++++++++---------
+ 1 file changed, 16 insertions(+), 9 deletions(-)
+
+diff --git a/libxslt/numbers.c b/libxslt/numbers.c
+index af52883..e769c42 100644
+--- a/libxslt/numbers.c
++++ b/libxslt/numbers.c
+@@ -274,11 +274,24 @@ xsltNumberFormatAlpha(xsltNumberDataPtr data,
+ }
+ static void
+-xsltNumberFormatRoman(xmlBufferPtr buffer,
++xsltNumberFormatRoman(xsltNumberDataPtr data,
++                    xmlBufferPtr buffer,
+                     double number,
+                     int is_upper)
+ {
+     /*
++     * See discussion in xsltNumberFormatAlpha. Also use a reasonable upper
++     * bound to avoid denial of service.
++     */
++    if (number < 1.0 || number > 5000.0) {
++        xsltNumberFormatDecimal(buffer, number, '0', 1,
++                                data->digitsPerGroup,
++                                data->groupingCharacter,
++                                data->groupingCharacterLen);
++        return;
++    }
++
++    /*
+      * Based on an example by Jim Walsh
+      */
+     while (number >= 1000.0) {
+@@ -527,16 +540,10 @@ xsltNumberFormatInsertNumbers(xsltNumberDataPtr data,
+                   xsltNumberFormatAlpha(data, buffer, number, FALSE);
+                   break;
+               case 'I':
+-                  xsltNumberFormatRoman(buffer,
+-                                        number,
+-                                        TRUE);
+-
++                  xsltNumberFormatRoman(data, buffer, number, TRUE);
+                   break;
+               case 'i':
+-                  xsltNumberFormatRoman(buffer,
+-                                        number,
+-                                        FALSE);
+-
++                  xsltNumberFormatRoman(data, buffer, number, FALSE);
+                   break;
+               default:
+                   if (IS_DIGIT_ZERO(token->token)) {
+-- 
+2.8.1
+
diff --git a/libs/libxslt/patches/0017-Fix-double-free-in-libexslt-hash-functions.patch b/libs/libxslt/patches/0017-Fix-double-free-in-libexslt-hash-functions.patch
new file mode 100644 (file)
index 0000000..eafdee1
--- /dev/null
@@ -0,0 +1,62 @@
+From d8862309f08054218b28e2c8f5fb3cb2f650cac7 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Wed, 20 Apr 2016 14:35:43 +0200
+Subject: [PATCH] Fix double free in libexslt hash functions
+
+Thanks to Nicolas Gregoire for the report.
+
+Fixes bug #765271:
+
+https://bugzilla.gnome.org/show_bug.cgi?id=765271
+---
+ libexslt/crypto.c             | 15 +++------------
+ tests/exslt/crypto/hash.1.out |  2 ++
+ tests/exslt/crypto/hash.1.xml |  5 +++++
+ 3 files changed, 10 insertions(+), 12 deletions(-)
+
+diff --git a/libexslt/crypto.c b/libexslt/crypto.c
+index 6aa9dd2..e13db8b 100644
+--- a/libexslt/crypto.c
++++ b/libexslt/crypto.c
+@@ -499,11 +499,8 @@ exsltCryptoMd4Function (xmlXPathParserContextPtr ctxt, int nargs) {
+     unsigned char hex[MD5_DIGEST_LENGTH * 2 + 1];
+     str_len = exsltCryptoPopString (ctxt, nargs, &str);
+-    if (str_len == 0) {
+-      xmlXPathReturnEmptyString (ctxt);
+-      xmlFree (str);
++    if (str_len == 0)
+       return;
+-    }
+     PLATFORM_HASH (ctxt, PLATFORM_MD4, (const char *) str, str_len,
+                  (char *) hash);
+@@ -532,11 +529,8 @@ exsltCryptoMd5Function (xmlXPathParserContextPtr ctxt, int nargs) {
+     unsigned char hex[MD5_DIGEST_LENGTH * 2 + 1];
+     str_len = exsltCryptoPopString (ctxt, nargs, &str);
+-    if (str_len == 0) {
+-      xmlXPathReturnEmptyString (ctxt);
+-      xmlFree (str);
++    if (str_len == 0)
+       return;
+-    }
+     PLATFORM_HASH (ctxt, PLATFORM_MD5, (const char *) str, str_len,
+                  (char *) hash);
+@@ -565,11 +559,8 @@ exsltCryptoSha1Function (xmlXPathParserContextPtr ctxt, int nargs) {
+     unsigned char hex[SHA1_DIGEST_LENGTH * 2 + 1];
+     str_len = exsltCryptoPopString (ctxt, nargs, &str);
+-    if (str_len == 0) {
+-      xmlXPathReturnEmptyString (ctxt);
+-      xmlFree (str);
++    if (str_len == 0)
+       return;
+-    }
+     PLATFORM_HASH (ctxt, PLATFORM_SHA1, (const char *) str, str_len,
+                  (char *) hash);
+-- 
+2.8.1
+
diff --git a/libs/libxslt/patches/0018-Fix-buffer-overflow-in-exsltDateFormat.patch b/libs/libxslt/patches/0018-Fix-buffer-overflow-in-exsltDateFormat.patch
new file mode 100644 (file)
index 0000000..3125c33
--- /dev/null
@@ -0,0 +1,33 @@
+From 5d0c6565bab5b9b7efceb33b626916d22b4101a7 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Thu, 28 Apr 2016 17:34:27 +0200
+Subject: [PATCH] Fix buffer overflow in exsltDateFormat
+
+Long years can overflow a stack-based buffer on 64-bit platforms by
+up to four bytes.
+
+Thanks to Nicolas Gregoire for the report.
+
+Fixes bug #765380:
+
+https://bugzilla.gnome.org/show_bug.cgi?id=765380
+---
+ libexslt/date.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libexslt/date.c b/libexslt/date.c
+index 272c61b..12c9919 100644
+--- a/libexslt/date.c
++++ b/libexslt/date.c
+@@ -1283,7 +1283,7 @@ exsltDateFormat (const exsltDateValPtr dt)
+     }
+     if (dt->type & XS_GYEAR) {
+-        xmlChar buf[20], *cur = buf;
++        xmlChar buf[100], *cur = buf;
+         FORMAT_GYEAR(dt->value.date.year, cur);
+         if (dt->type == XS_GYEARMONTH) {
+-- 
+2.8.1
+
diff --git a/libs/libxslt/patches/0019-Fix-OOB-heap-read-in-xsltExtModuleRegisterDynamic.patch b/libs/libxslt/patches/0019-Fix-OOB-heap-read-in-xsltExtModuleRegisterDynamic.patch
new file mode 100644 (file)
index 0000000..cddc2a6
--- /dev/null
@@ -0,0 +1,36 @@
+From 87c3d9ea214fc0503fd8130b6dd97431d69cc066 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Thu, 5 May 2016 15:12:48 +0200
+Subject: [PATCH] Fix OOB heap read in xsltExtModuleRegisterDynamic
+
+xsltExtModuleRegisterDynamic would read a byte before the start of a
+string under certain circumstances. I looks like this piece code was
+supposed to strip characters from the end of the extension name, but
+it didn't have any effect. Don't read beyond the beginning of the
+string and actually strip unwanted characters.
+
+Found with afl-fuzz and ASan.
+---
+ libxslt/extensions.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/libxslt/extensions.c b/libxslt/extensions.c
+index 5ad73cb..ae6eef0 100644
+--- a/libxslt/extensions.c
++++ b/libxslt/extensions.c
+@@ -367,8 +367,11 @@ xsltExtModuleRegisterDynamic(const xmlChar * URI)
+         i++;
+     }
+-    if (*(i - 1) == '_')
++    /* Strip underscores from end of string. */
++    while (i > ext_name && *(i - 1) == '_') {
++        i--;
+         *i = '\0';
++    }
+     /* determine module directory */
+     ext_directory = (xmlChar *) getenv("LIBXSLT_PLUGINS_PATH");
+-- 
+2.8.1
+
diff --git a/libs/libxslt/patches/0020-Fix-heap-overread-in-xsltFormatNumberConversion.patch b/libs/libxslt/patches/0020-Fix-heap-overread-in-xsltFormatNumberConversion.patch
new file mode 100644 (file)
index 0000000..60ead15
--- /dev/null
@@ -0,0 +1,31 @@
+From eb1030de31165b68487f288308f9d1810fed6880 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Fri, 10 Jun 2016 14:23:58 +0200
+Subject: [PATCH] Fix heap overread in xsltFormatNumberConversion
+
+An empty decimal-separator could cause a heap overread. This can be
+exploited to leak a couple of bytes after the buffer that holds the
+pattern string.
+
+Found with afl-fuzz and ASan.
+---
+ libxslt/numbers.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/libxslt/numbers.c b/libxslt/numbers.c
+index d1549b4..e78c46b 100644
+--- a/libxslt/numbers.c
++++ b/libxslt/numbers.c
+@@ -1090,7 +1090,8 @@ xsltFormatNumberConversion(xsltDecimalFormatPtr self,
+     }
+     /* We have finished the integer part, now work on fraction */
+-    if (xsltUTF8Charcmp(the_format, self->decimalPoint) == 0) {
++    if ( (*the_format != 0) &&
++         (xsltUTF8Charcmp(the_format, self->decimalPoint) == 0) ) {
+         format_info.add_decimal = TRUE;
+       the_format += xsltUTF8Size(the_format); /* Skip over the decimal */
+     }
+-- 
+2.10.2
+
diff --git a/libs/libxslt/patches/0021-Check-for-integer-overflow-in-xsltAddTextString.patch b/libs/libxslt/patches/0021-Check-for-integer-overflow-in-xsltAddTextString.patch
new file mode 100644 (file)
index 0000000..ea941db
--- /dev/null
@@ -0,0 +1,74 @@
+From 08ab2774b870de1c7b5a48693df75e8154addae5 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Thu, 12 Jan 2017 15:39:52 +0100
+Subject: [PATCH] Check for integer overflow in xsltAddTextString
+
+Limit buffer size in xsltAddTextString to INT_MAX. The issue can be
+exploited to trigger an out of bounds write on 64-bit systems.
+
+Originally reported to Chromium:
+
+https://crbug.com/676623
+---
+ libxslt/transform.c     | 25 ++++++++++++++++++++++---
+ libxslt/xsltInternals.h |  4 ++--
+ 2 files changed, 24 insertions(+), 5 deletions(-)
+
+diff --git a/libxslt/transform.c b/libxslt/transform.c
+index 519133fc..02bff34a 100644
+--- a/libxslt/transform.c
++++ b/libxslt/transform.c
+@@ -813,13 +813,32 @@ xsltAddTextString(xsltTransformContextPtr ctxt, xmlNodePtr target,
+         return(target);
+     if (ctxt->lasttext == target->content) {
++        int minSize;
+-      if (ctxt->lasttuse + len >= ctxt->lasttsize) {
++        /* Check for integer overflow accounting for NUL terminator. */
++        if (len >= INT_MAX - ctxt->lasttuse) {
++            xsltTransformError(ctxt, NULL, target,
++                "xsltCopyText: text allocation failed\n");
++            return(NULL);
++        }
++        minSize = ctxt->lasttuse + len + 1;
++
++        if (ctxt->lasttsize < minSize) {
+           xmlChar *newbuf;
+           int size;
++            int extra;
++
++            /* Double buffer size but increase by at least 100 bytes. */
++            extra = minSize < 100 ? 100 : minSize;
++
++            /* Check for integer overflow. */
++            if (extra > INT_MAX - ctxt->lasttsize) {
++                size = INT_MAX;
++            }
++            else {
++                size = ctxt->lasttsize + extra;
++            }
+-          size = ctxt->lasttsize + len + 100;
+-          size *= 2;
+           newbuf = (xmlChar *) xmlRealloc(target->content,size);
+           if (newbuf == NULL) {
+               xsltTransformError(ctxt, NULL, target,
+diff --git a/libxslt/xsltInternals.h b/libxslt/xsltInternals.h
+index 060b1783..5ad17719 100644
+--- a/libxslt/xsltInternals.h
++++ b/libxslt/xsltInternals.h
+@@ -1754,8 +1754,8 @@ struct _xsltTransformContext {
+      * Speed optimization when coalescing text nodes
+      */
+     const xmlChar  *lasttext;         /* last text node content */
+-    unsigned int    lasttsize;                /* last text node size */
+-    unsigned int    lasttuse;         /* last text node use */
++    int             lasttsize;                /* last text node size */
++    int             lasttuse;         /* last text node use */
+     /*
+      * Per Context Debugging
+      */
+-- 
+2.11.0
+
diff --git a/libs/loudmouth/Makefile b/libs/loudmouth/Makefile
new file mode 100644 (file)
index 0000000..1f06209
--- /dev/null
@@ -0,0 +1,73 @@
+#
+# Copyright (C) 2007-2016 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=loudmouth
+PKG_VERSION:=1.5.3
+PKG_RELEASE:=1
+
+PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org>
+
+PKG_LICENSE:=LGPLv2.1
+PKG_LICENSE_FILES:=COPYING
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE_URL:=https://github.com/mcabber/loudmouth.git
+PKG_SOURCE_VERSION:=$(PKG_VERSION)
+PKG_MD5SUM:=7616cf124a8d72d007e7475b5aeb20ad
+
+PKG_FIXUP:=autoreconf
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/loudmouth
+  SECTION:=libs
+  CATEGORY:=Libraries
+  DEPENDS:=+glib2 +libopenssl
+  TITLE:=loudmouth
+  URL:=https://github.com/mcabber/loudmouth
+endef
+
+define Package/loudmouth/description
+  Lightweight and easy-to-use C library for programming with the Jabber protocol
+endef
+
+CONFIGURE_ARGS += \
+       --with-ssl=openssl
+
+define Build/Configure
+       ( cd $(PKG_BUILD_DIR); ./autogen.sh )
+       $(call Build/Configure/Default)
+endef
+
+define Build/InstallDev
+       $(INSTALL_DIR) $(1)/usr/include/
+       $(CP) \
+               $(PKG_INSTALL_DIR)/usr/include/loudmouth-1.0/ \
+               $(1)/usr/include/
+       $(INSTALL_DIR) $(1)/usr/lib/
+       $(CP) \
+               $(PKG_INSTALL_DIR)/usr/lib/*.so* \
+               $(1)/usr/lib/
+       $(INSTALL_DIR) $(1)/usr/lib/pkgconfig/
+       $(INSTALL_DATA) \
+               $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/*.pc \
+               $(1)/usr/lib/pkgconfig/
+endef
+
+define Package/loudmouth/install
+       $(INSTALL_DIR) $(1)/usr/lib
+       $(CP) \
+               $(PKG_INSTALL_DIR)/usr/lib/*.so* \
+               $(1)/usr/lib/
+endef
+
+$(eval $(call BuildPackage,loudmouth))
index a1e40625f7973ec6786f314ddca1f9c9fb5fd4b7..d9e1e922cd05fc70cf568366b261e56250b56cd9 100644 (file)
@@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openldap
-PKG_VERSION:=2.4.44
+PKG_VERSION:=2.4.45
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tgz
@@ -16,7 +16,7 @@ PKG_SOURCE_URL:=ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/ \
        ftp://sunsite.cnlab-switch.ch/mirror/OpenLDAP/openldap-release/ \
        ftp://ftp.nl.uu.net/pub/unix/db/openldap/openldap-release/ \
        ftp://ftp.plig.org/pub/OpenLDAP/openldap-release/
-PKG_MD5SUM:=693ac26de86231f8dcae2b4e9d768e51
+PKG_MD5SUM:=00ff8301277cdfd0af728a6927042a13
 
 PKG_FIXUP:=autoreconf
 
index a9facc13fd5a55946d480f5d898a6a12dbaf227d..4642ff8eeb64c375cb098fdab662869c83f9dcf0 100644 (file)
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=p11-kit
 PKG_VERSION:=0.23.1
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 PKG_MAINTAINER:=Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
@@ -35,7 +35,8 @@ define Package/p11-kit/description
 endef
 
 CONFIGURE_ARGS+= \
-       --without-libffi
+       --without-libffi \
+       --disable-trust-module
 
 define Build/InstallDev
        $(INSTALL_DIR) $(1)/usr/include/p11-kit-1/p11-kit/
index 861b561e2f8841d844e2ac6752b923cba21b7628..3171d2f4b289276ac62f2d8aa5f2246892cf2943 100644 (file)
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=pcre
-PKG_VERSION:=8.40
+PKG_VERSION:=8.41
 PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:=ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/
-PKG_MD5SUM:=41a842bf7dcecd6634219336e2167d1d
+PKG_MD5SUM:=c160d22723b1670447341b08c58981c1
 PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>
 
 PKG_LICENSE:=BSD-3-Clause
@@ -53,6 +53,7 @@ CONFIGURE_ARGS += \
        --enable-utf8 \
        --enable-unicode-properties \
        --enable-pcre16 \
+       --with-match-limit-recursion=16000 \
 
 ifneq ($(CONFIG_PACKAGE_libpcrecpp),)
   CONFIGURE_ARGS+= --enable-cpp
diff --git a/libs/pcre/patches/001-CVE-2017-7186 b/libs/pcre/patches/001-CVE-2017-7186
deleted file mode 100644 (file)
index 984cf81..0000000
+++ /dev/null
@@ -1,53 +0,0 @@
-#CVE-2017-7186 patch
---- trunk/pcre_internal.h      2016/05/21 13:34:44     1649
-+++ trunk/pcre_internal.h      2017/02/24 17:30:30     1688
-@@ -2772,6 +2772,9 @@
- extern const pcre_uint16 PRIV(ucd_stage2)[];
- extern const pcre_uint32 PRIV(ucp_gentype)[];
- extern const pcre_uint32 PRIV(ucp_gbtable)[];
-+#ifdef COMPILE_PCRE32
-+extern const ucd_record  PRIV(dummy_ucd_record)[];
-+#endif
- #ifdef SUPPORT_JIT
- extern const int         PRIV(ucp_typerange)[];
- #endif
-@@ -2780,9 +2783,15 @@
- /* UCD access macros */
- #define UCD_BLOCK_SIZE 128
--#define GET_UCD(ch) (PRIV(ucd_records) + \
-+#define REAL_GET_UCD(ch) (PRIV(ucd_records) + \
-         PRIV(ucd_stage2)[PRIV(ucd_stage1)[(int)(ch) / UCD_BLOCK_SIZE] * \
-         UCD_BLOCK_SIZE + (int)(ch) % UCD_BLOCK_SIZE])
-+        
-+#ifdef COMPILE_PCRE32
-+#define GET_UCD(ch) ((ch > 0x10ffff)? PRIV(dummy_ucd_record) : REAL_GET_UCD(ch))
-+#else
-+#define GET_UCD(ch) REAL_GET_UCD(ch)
-+#endif 
- #define UCD_CHARTYPE(ch)    GET_UCD(ch)->chartype
- #define UCD_SCRIPT(ch)      GET_UCD(ch)->script
---- trunk/pcre_ucd.c   2014/06/19 07:51:39     1490
-+++ trunk/pcre_ucd.c   2017/02/24 17:30:30     1688
-@@ -38,6 +38,20 @@
- const pcre_uint32 PRIV(ucd_caseless_sets)[] = {0};
- #else
-+/* If the 32-bit library is run in non-32-bit mode, character values
-+greater than 0x10ffff may be encountered. For these we set up a
-+special record. */
-+
-+#ifdef COMPILE_PCRE32
-+const ucd_record PRIV(dummy_ucd_record)[] = {{
-+  ucp_Common,    /* script */
-+  ucp_Cn,        /* type unassigned */
-+  ucp_gbOther,   /* grapheme break property */
-+  0,             /* case set */
-+  0,             /* other case */
-+  }};
-+#endif
-+
- /* When recompiling tables with a new Unicode version, please check the
- types in this structure definition from pcre_internal.h (the actual
- field names will be different):
index 05071468d243084ffd76ea9f055497330a134e6e..9660f8e5bb7d8816b485d00da7837811118955df 100644 (file)
@@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=postgresql
-PKG_VERSION:=9.5.4
+PKG_VERSION:=9.5.10
 PKG_RELEASE:=4
 PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
 PKG_LICENSE:=PostgreSQL
@@ -18,7 +18,7 @@ PKG_SOURCE_URL:=\
        https://ftp.postgresql.org/pub/source/v$(PKG_VERSION) \
        http://ftp.postgresql.org/pub/source/v$(PKG_VERSION) \
        ftp://ftp.postgresql.org/pub/source/v$(PKG_VERSION)
-PKG_MD5SUM:=cf5e571164ad66028ecd7dd8819e3765470d45bcd440d258b686be7e69c76ed0
+PKG_MD5SUM:=945d7ade094dded6b95495d8f1561a12ac9608276858ed30adf3c3658275f281
 PKG_BUILD_PARALLEL:=1
 PKG_USE_MIPS16:=0
 PKG_FIXUP:=autoreconf
index 7f9b1b34ce940b8ba5b36c635d32f56a51457249..5cdd1e5223a512247d956e23b2fe30eb6c049449 100644 (file)
@@ -1,5 +1,5 @@
 #
-# Copyright (C) 2006-2014 OpenWrt.org
+# Copyright (C) 2006-2018 OpenWrt.org
 #
 # This is free software, licensed under the GNU General Public License v2.
 # See /LICENSE for more information.
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=sqlite
-PKG_VERSION:=3160000
-PKG_RELEASE:=1
+PKG_VERSION:=3190300
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-autoconf-$(PKG_VERSION).tar.gz
+PKG_HASH:=06129c03dced9f87733a8cba408871bd60673b8f93b920ba8d815efab0a06301
 PKG_SOURCE_URL:=http://www.sqlite.org/2017/
-PKG_MD5SUM:=5102404047054b2cec2f43463293f94dea39425d42bf386d24596ab4fac7c7ff
 
 PKG_LICENSE:=PUBLICDOMAIN
 PKG_LICENSE_FILES:=
@@ -68,6 +68,9 @@ $(call Package/sqlite3/Default/description)
  formats.
 endef
 
+# On uClibc libm needs to be linked in for ISNAN()
+TARGET_LDFLAGS += $(if $(CONFIG_USE_UCLIBC),-lm)
+
 TARGET_CFLAGS += $(FPIC) \
        -DSQLITE_ENABLE_UNLOCK_NOTIFY=1 \
        -DHAVE_ISNAN=1 \
diff --git a/libs/tiff/Makefile b/libs/tiff/Makefile
deleted file mode 100644 (file)
index 7c8d18e..0000000
+++ /dev/null
@@ -1,109 +0,0 @@
-#
-# Copyright (C) 2006-2016 OpenWrt.org
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=tiff
-PKG_VERSION:=4.0.6
-PKG_RELEASE:=2
-
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=http://download.osgeo.org/libtiff
-PKG_MD5SUM:=d1d2e940dea0b5ad435f21f03d96dd72
-
-PKG_FIXUP:=autoreconf
-PKG_REMOVE_FILES:=autogen.sh aclocal.m4
-
-PKG_LICENSE:=BSD
-PKG_LICENSE_FILES:=COPYRIGHT
-
-PKG_INSTALL:=1
-
-PKG_CONFIG_DEPENDS:=CONFIG_PACKAGE_libtiffxx
-
-include $(INCLUDE_DIR)/uclibc++.mk
-include $(INCLUDE_DIR)/package.mk
-
-define Package/tiff/Default
-  TITLE:=TIFF
-  URL:=http://www.remotesensing.org/libtiff/
-  MAINTAINER:=Jiri Slachta <jiri@slachta.eu>
-endef
-
-define Package/libtiff
-$(call Package/tiff/Default)
-  SECTION:=libs
-  CATEGORY:=Libraries
-  TITLE+= library
-  DEPENDS:=+zlib +libjpeg
-endef
-
-define Package/libtiffxx
-$(call Package/tiff/Default)
-  SECTION:=libs
-  CATEGORY:=Libraries
-  TITLE+= library(c++ bindings)
-  DEPENDS:=+libtiff $(CXX_DEPENDS)
-endef
-
-define Package/tiff-utils
-$(call Package/tiff/Default)
-  SECTION:=utils
-  CATEGORY:=Utilities
-  SUBMENU:=Image Manipulation
-  TITLE+= utilities
-  DEPENDS:=+libtiff
-endef
-
-TARGET_CFLAGS += $(FPIC)
-
-define Build/Configure
-       $(call Build/Configure/Default, \
-               $(if $(CONFIG_PACKAGE_libtiffxx), \
-                       --enable-cxx, \
-                       --disable-cxx \
-               ) \
-               --disable-lzma \
-               --enable-ccitt \
-               --enable-packbits \
-               --enable-lzw \
-               --enable-thunder \
-               --enable-next \
-               --enable-logluv \
-               --enable-mdi \
-               --enable-zlib \
-               --enable-jpeg \
-               --disable-old-jpeg \
-               --disable-jbig \
-               --without-x \
-       )
-endef
-
-define Build/InstallDev
-       $(INSTALL_DIR) $(1)/usr/{lib,include}
-       $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib* $(1)/usr/lib/
-       $(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
-endef
-
-define Package/libtiff/install
-       $(INSTALL_DIR) $(1)/usr/lib
-       $(CP) $(PKG_INSTALL_DIR)/usr/lib/libtiff.so.* $(1)/usr/lib/
-endef
-
-define Package/libtiffxx/install
-       $(INSTALL_DIR) $(1)/usr/lib
-       $(CP) $(PKG_INSTALL_DIR)/usr/lib/libtiffxx.so.* $(1)/usr/lib/
-endef
-
-define Package/tiff-utils/install
-       $(INSTALL_DIR) $(1)/usr/bin
-       $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/* $(1)/usr/bin/
-endef
-
-$(eval $(call BuildPackage,libtiff))
-$(eval $(call BuildPackage,libtiffxx))
-$(eval $(call BuildPackage,tiff-utils))
diff --git a/libs/tiff/patches/001-autoconf-compat.patch b/libs/tiff/patches/001-autoconf-compat.patch
deleted file mode 100644 (file)
index 16a88e3..0000000
+++ /dev/null
@@ -1,33 +0,0 @@
-diff -rupN tiff-4.0.6/Makefile.am tiff-new/Makefile.am
---- tiff-4.0.6/Makefile.am     2015-09-06 21:30:46.179705536 +0200
-+++ tiff-new/Makefile.am       2016-04-05 14:26:09.539194844 +0200
-@@ -25,7 +25,7 @@
- docdir = $(LIBTIFF_DOCDIR)
--AUTOMAKE_OPTIONS = 1.12 dist-zip foreign
-+AUTOMAKE_OPTIONS = dist-zip foreign
- ACLOCAL_AMFLAGS = -I m4
- docfiles = \
-@@ -61,7 +61,7 @@ distcheck-hook:
-       rm -rf $(distdir)/_build/cmake
-       rm -rf $(distdir)/_inst/cmake
--SUBDIRS = port libtiff tools build contrib test man html
-+SUBDIRS = port libtiff tools build contrib
- release:
-       (rm -f $(top_srcdir)/RELEASE-DATE && echo $(LIBTIFF_RELEASE_DATE) > $(top_srcdir)/RELEASE-DATE)
-diff -rupN tiff-4.0.6/test/Makefile.am tiff-new/test/Makefile.am
---- tiff-4.0.6/test/Makefile.am        2015-09-01 04:41:07.598381354 +0200
-+++ tiff-new/test/Makefile.am  2016-04-05 14:26:39.763453075 +0200
-@@ -23,7 +23,7 @@
- # Process this file with automake to produce Makefile.in.
--AUTOMAKE_OPTIONS = 1.12 color-tests parallel-tests foreign
-+AUTOMAKE_OPTIONS = color-tests parallel-tests foreign
- LIBTIFF = $(top_builddir)/libtiff/libtiff.la
diff --git a/libs/tiff/patches/002-CVE-2015-8665_and_CVE-2015-8683.patch b/libs/tiff/patches/002-CVE-2015-8665_and_CVE-2015-8683.patch
deleted file mode 100644 (file)
index 15807e1..0000000
+++ /dev/null
@@ -1,136 +0,0 @@
-From f3f0cad770593eaef0766e5be896a6a034fc6313 Mon Sep 17 00:00:00 2001
-From: erouault <erouault>
-Date: Sat, 26 Dec 2015 17:32:03 +0000
-Subject: [PATCH] * libtiff/tif_getimage.c: fix out-of-bound reads in
- TIFFRGBAImage interface in case of unsupported values of
- SamplesPerPixel/ExtraSamples for LogLUV / CIELab. Add explicit call to
- TIFFRGBAImageOK() in TIFFRGBAImageBegin(). Fix CVE-2015-8665 reported by
- limingxing and CVE-2015-8683 reported by zzf of Alibaba.
-
----
- ChangeLog              |  8 ++++++++
- libtiff/tif_getimage.c | 37 +++++++++++++++++++++++--------------
- 2 files changed, 31 insertions(+), 14 deletions(-)
-
-diff --git a/ChangeLog b/ChangeLog
-index a7d283a..4beb30b 100644
---- a/ChangeLog
-+++ b/ChangeLog
-@@ -1,3 +1,11 @@
-+2015-12-26  Even Rouault <even.rouault at spatialys.com>
-+
-+      * libtiff/tif_getimage.c: fix out-of-bound reads in TIFFRGBAImage
-+      interface in case of unsupported values of SamplesPerPixel/ExtraSamples
-+      for LogLUV / CIELab. Add explicit call to TIFFRGBAImageOK() in
-+      TIFFRGBAImageBegin(). Fix CVE-2015-8665 reported by limingxing and
-+      CVE-2015-8683 reported by zzf of Alibaba.
-+
- 2015-09-12  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>
-       * libtiff 4.0.6 released.
-diff --git a/libtiff/tif_getimage.c b/libtiff/tif_getimage.c
-index fd0a4f9..fae1e31 100644
---- a/libtiff/tif_getimage.c
-+++ b/libtiff/tif_getimage.c
-@@ -1,4 +1,4 @@
--/* $Id: tif_getimage.c,v 1.90 2015-06-17 01:34:08 bfriesen Exp $ */
-+/* $Id: tif_getimage.c,v 1.94 2015-12-26 17:32:03 erouault Exp $ */
- /*
-  * Copyright (c) 1991-1997 Sam Leffler
-@@ -182,20 +182,22 @@ TIFFRGBAImageOK(TIFF* tif, char emsg[1024])
-                                   "Planarconfiguration", td->td_planarconfig);
-                               return (0);
-                       }
--                      if( td->td_samplesperpixel != 3 )
-+                      if( td->td_samplesperpixel != 3 || colorchannels != 3 )
-             {
-                 sprintf(emsg,
--                        "Sorry, can not handle image with %s=%d",
--                        "Samples/pixel", td->td_samplesperpixel);
-+                        "Sorry, can not handle image with %s=%d, %s=%d",
-+                        "Samples/pixel", td->td_samplesperpixel,
-+                        "colorchannels", colorchannels);
-                 return 0;
-             }
-                       break;
-               case PHOTOMETRIC_CIELAB:
--            if( td->td_samplesperpixel != 3 || td->td_bitspersample != 8 )
-+            if( td->td_samplesperpixel != 3 || colorchannels != 3 || td->td_bitspersample != 8 )
-             {
-                 sprintf(emsg,
--                        "Sorry, can not handle image with %s=%d and %s=%d",
-+                        "Sorry, can not handle image with %s=%d, %s=%d and %s=%d",
-                         "Samples/pixel", td->td_samplesperpixel,
-+                        "colorchannels", colorchannels,
-                         "Bits/sample", td->td_bitspersample);
-                 return 0;
-             }
-@@ -255,6 +257,9 @@ TIFFRGBAImageBegin(TIFFRGBAImage* img, TIFF* tif, int stop, char emsg[1024])
-       int colorchannels;
-       uint16 *red_orig, *green_orig, *blue_orig;
-       int n_color;
-+      
-+      if( !TIFFRGBAImageOK(tif, emsg) )
-+              return 0;
-       /* Initialize to normal values */
-       img->row_offset = 0;
-@@ -2508,29 +2513,33 @@ PickContigCase(TIFFRGBAImage* img)
-               case PHOTOMETRIC_RGB:
-                       switch (img->bitspersample) {
-                               case 8:
--                                      if (img->alpha == EXTRASAMPLE_ASSOCALPHA)
-+                                      if (img->alpha == EXTRASAMPLE_ASSOCALPHA &&
-+                                              img->samplesperpixel >= 4)
-                                               img->put.contig = putRGBAAcontig8bittile;
--                                      else if (img->alpha == EXTRASAMPLE_UNASSALPHA)
-+                                      else if (img->alpha == EXTRASAMPLE_UNASSALPHA &&
-+                                                       img->samplesperpixel >= 4)
-                                       {
-                                               if (BuildMapUaToAa(img))
-                                                       img->put.contig = putRGBUAcontig8bittile;
-                                       }
--                                      else
-+                                      else if( img->samplesperpixel >= 3 )
-                                               img->put.contig = putRGBcontig8bittile;
-                                       break;
-                               case 16:
--                                      if (img->alpha == EXTRASAMPLE_ASSOCALPHA)
-+                                      if (img->alpha == EXTRASAMPLE_ASSOCALPHA &&
-+                                              img->samplesperpixel >=4 )
-                                       {
-                                               if (BuildMapBitdepth16To8(img))
-                                                       img->put.contig = putRGBAAcontig16bittile;
-                                       }
--                                      else if (img->alpha == EXTRASAMPLE_UNASSALPHA)
-+                                      else if (img->alpha == EXTRASAMPLE_UNASSALPHA &&
-+                                                       img->samplesperpixel >=4 )
-                                       {
-                                               if (BuildMapBitdepth16To8(img) &&
-                                                   BuildMapUaToAa(img))
-                                                       img->put.contig = putRGBUAcontig16bittile;
-                                       }
--                                      else
-+                                      else if( img->samplesperpixel >=3 )
-                                       {
-                                               if (BuildMapBitdepth16To8(img))
-                                                       img->put.contig = putRGBcontig16bittile;
-@@ -2539,7 +2548,7 @@ PickContigCase(TIFFRGBAImage* img)
-                       }
-                       break;
-               case PHOTOMETRIC_SEPARATED:
--                      if (buildMap(img)) {
-+                      if (img->samplesperpixel >=4 && buildMap(img)) {
-                               if (img->bitspersample == 8) {
-                                       if (!img->Map)
-                                               img->put.contig = putRGBcontig8bitCMYKtile;
-@@ -2635,7 +2644,7 @@ PickContigCase(TIFFRGBAImage* img)
-                       }
-                       break;
-               case PHOTOMETRIC_CIELAB:
--                      if (buildMap(img)) {
-+                      if (img->samplesperpixel == 3 && buildMap(img)) {
-                               if (img->bitspersample == 8)
-                                       img->put.contig = initCIELabConversion(img);
-                               break;
diff --git a/libs/tiff/patches/003-fix_potential_out-of-bound_writes_in_decode_functions.patch b/libs/tiff/patches/003-fix_potential_out-of-bound_writes_in_decode_functions.patch
deleted file mode 100644 (file)
index 716ddfd..0000000
+++ /dev/null
@@ -1,193 +0,0 @@
-From 3899f0ab62dd307f63f87ec99aaf289e104f4070 Mon Sep 17 00:00:00 2001
-From: erouault <erouault>
-Date: Sun, 27 Dec 2015 16:25:11 +0000
-Subject: [PATCH] * libtiff/tif_luv.c: fix potential out-of-bound writes in
- decode functions in non debug builds by replacing assert()s by regular if
- checks (bugzilla #2522). Fix potential out-of-bound reads in case of short
- input data.
-
----
- ChangeLog         |  7 +++++++
- libtiff/tif_luv.c | 57 +++++++++++++++++++++++++++++++++++++++++++------------
- 2 files changed, 52 insertions(+), 12 deletions(-)
-
-diff --git a/ChangeLog b/ChangeLog
-index 4beb30b..b8aa23c 100644
---- a/ChangeLog
-+++ b/ChangeLog
-@@ -1,3 +1,10 @@
-+2015-12-27  Even Rouault <even.rouault at spatialys.com>
-+
-+      * libtiff/tif_luv.c: fix potential out-of-bound writes in decode
-+      functions in non debug builds by replacing assert()s by regular if
-+      checks (bugzilla #2522).
-+      Fix potential out-of-bound reads in case of short input data.
-+
- 2015-12-26  Even Rouault <even.rouault at spatialys.com>
-       * libtiff/tif_getimage.c: fix out-of-bound reads in TIFFRGBAImage
-diff --git a/libtiff/tif_luv.c b/libtiff/tif_luv.c
-index 4e328ba..60a174d 100644
---- a/libtiff/tif_luv.c
-+++ b/libtiff/tif_luv.c
-@@ -1,4 +1,4 @@
--/* $Id: tif_luv.c,v 1.40 2015-06-21 01:09:09 bfriesen Exp $ */
-+/* $Id: tif_luv.c,v 1.41 2015-12-27 16:25:11 erouault Exp $ */
- /*
-  * Copyright (c) 1997 Greg Ward Larson
-@@ -202,7 +202,11 @@ LogL16Decode(TIFF* tif, uint8* op, tmsize_t occ, uint16 s)
-       if (sp->user_datafmt == SGILOGDATAFMT_16BIT)
-               tp = (int16*) op;
-       else {
--              assert(sp->tbuflen >= npixels);
-+              if(sp->tbuflen < npixels) {
-+                      TIFFErrorExt(tif->tif_clientdata, module,
-+                                               "Translation buffer too short");
-+                      return (0);
-+              }
-               tp = (int16*) sp->tbuf;
-       }
-       _TIFFmemset((void*) tp, 0, npixels*sizeof (tp[0]));
-@@ -211,9 +215,11 @@ LogL16Decode(TIFF* tif, uint8* op, tmsize_t occ, uint16 s)
-       cc = tif->tif_rawcc;
-       /* get each byte string */
-       for (shft = 2*8; (shft -= 8) >= 0; ) {
--              for (i = 0; i < npixels && cc > 0; )
-+              for (i = 0; i < npixels && cc > 0; ) {
-                       if (*bp >= 128) {               /* run */
--                              rc = *bp++ + (2-128);   /* TODO: potential input buffer overrun when decoding corrupt or truncated data */
-+                              if( cc < 2 )
-+                                      break;
-+                              rc = *bp++ + (2-128);
-                               b = (int16)(*bp++ << shft);
-                               cc -= 2;
-                               while (rc-- && i < npixels)
-@@ -223,6 +229,7 @@ LogL16Decode(TIFF* tif, uint8* op, tmsize_t occ, uint16 s)
-                               while (--cc && rc-- && i < npixels)
-                                       tp[i++] |= (int16)*bp++ << shft;
-                       }
-+              }
-               if (i != npixels) {
- #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__))
-                       TIFFErrorExt(tif->tif_clientdata, module,
-@@ -268,13 +275,17 @@ LogLuvDecode24(TIFF* tif, uint8* op, tmsize_t occ, uint16 s)
-       if (sp->user_datafmt == SGILOGDATAFMT_RAW)
-               tp = (uint32 *)op;
-       else {
--              assert(sp->tbuflen >= npixels);
-+              if(sp->tbuflen < npixels) {
-+                      TIFFErrorExt(tif->tif_clientdata, module,
-+                                               "Translation buffer too short");
-+                      return (0);
-+              }
-               tp = (uint32 *) sp->tbuf;
-       }
-       /* copy to array of uint32 */
-       bp = (unsigned char*) tif->tif_rawcp;
-       cc = tif->tif_rawcc;
--      for (i = 0; i < npixels && cc > 0; i++) {
-+      for (i = 0; i < npixels && cc >= 3; i++) {
-               tp[i] = bp[0] << 16 | bp[1] << 8 | bp[2];
-               bp += 3;
-               cc -= 3;
-@@ -325,7 +336,11 @@ LogLuvDecode32(TIFF* tif, uint8* op, tmsize_t occ, uint16 s)
-       if (sp->user_datafmt == SGILOGDATAFMT_RAW)
-               tp = (uint32*) op;
-       else {
--              assert(sp->tbuflen >= npixels);
-+              if(sp->tbuflen < npixels) {
-+                      TIFFErrorExt(tif->tif_clientdata, module,
-+                                               "Translation buffer too short");
-+                      return (0);
-+              }
-               tp = (uint32*) sp->tbuf;
-       }
-       _TIFFmemset((void*) tp, 0, npixels*sizeof (tp[0]));
-@@ -334,11 +349,13 @@ LogLuvDecode32(TIFF* tif, uint8* op, tmsize_t occ, uint16 s)
-       cc = tif->tif_rawcc;
-       /* get each byte string */
-       for (shft = 4*8; (shft -= 8) >= 0; ) {
--              for (i = 0; i < npixels && cc > 0; )
-+              for (i = 0; i < npixels && cc > 0; ) {
-                       if (*bp >= 128) {               /* run */
-+                              if( cc < 2 )
-+                                      break;
-                               rc = *bp++ + (2-128);
-                               b = (uint32)*bp++ << shft;
--                              cc -= 2;                /* TODO: potential input buffer overrun when decoding corrupt or truncated data */
-+                              cc -= 2;
-                               while (rc-- && i < npixels)
-                                       tp[i++] |= b;
-                       } else {                        /* non-run */
-@@ -346,6 +363,7 @@ LogLuvDecode32(TIFF* tif, uint8* op, tmsize_t occ, uint16 s)
-                               while (--cc && rc-- && i < npixels)
-                                       tp[i++] |= (uint32)*bp++ << shft;
-                       }
-+              }
-               if (i != npixels) {
- #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__))
-                       TIFFErrorExt(tif->tif_clientdata, module,
-@@ -413,6 +431,7 @@ LogLuvDecodeTile(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s)
- static int
- LogL16Encode(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s)
- {
-+      static const char module[] = "LogL16Encode";
-       LogLuvState* sp = EncoderState(tif);
-       int shft;
-       tmsize_t i;
-@@ -433,7 +452,11 @@ LogL16Encode(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s)
-               tp = (int16*) bp;
-       else {
-               tp = (int16*) sp->tbuf;
--              assert(sp->tbuflen >= npixels);
-+              if(sp->tbuflen < npixels) {
-+                      TIFFErrorExt(tif->tif_clientdata, module,
-+                                               "Translation buffer too short");
-+                      return (0);
-+              }
-               (*sp->tfunc)(sp, bp, npixels);
-       }
-       /* compress each byte string */
-@@ -506,6 +529,7 @@ LogL16Encode(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s)
- static int
- LogLuvEncode24(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s)
- {
-+      static const char module[] = "LogLuvEncode24";
-       LogLuvState* sp = EncoderState(tif);
-       tmsize_t i;
-       tmsize_t npixels;
-@@ -521,7 +545,11 @@ LogLuvEncode24(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s)
-               tp = (uint32*) bp;
-       else {
-               tp = (uint32*) sp->tbuf;
--              assert(sp->tbuflen >= npixels);
-+              if(sp->tbuflen < npixels) {
-+                      TIFFErrorExt(tif->tif_clientdata, module,
-+                                               "Translation buffer too short");
-+                      return (0);
-+              }
-               (*sp->tfunc)(sp, bp, npixels);
-       }
-       /* write out encoded pixels */
-@@ -553,6 +581,7 @@ LogLuvEncode24(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s)
- static int
- LogLuvEncode32(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s)
- {
-+      static const char module[] = "LogLuvEncode32";
-       LogLuvState* sp = EncoderState(tif);
-       int shft;
-       tmsize_t i;
-@@ -574,7 +603,11 @@ LogLuvEncode32(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s)
-               tp = (uint32*) bp;
-       else {
-               tp = (uint32*) sp->tbuf;
--              assert(sp->tbuflen >= npixels);
-+              if(sp->tbuflen < npixels) {
-+                      TIFFErrorExt(tif->tif_clientdata, module,
-+                                               "Translation buffer too short");
-+                      return (0);
-+              }
-               (*sp->tfunc)(sp, bp, npixels);
-       }
-       /* compress each byte string */
diff --git a/libs/tiff/patches/004-fix_potential_out-of-bound_write_in_NeXTDecode.patch b/libs/tiff/patches/004-fix_potential_out-of-bound_write_in_NeXTDecode.patch
deleted file mode 100644 (file)
index f2b6b31..0000000
+++ /dev/null
@@ -1,72 +0,0 @@
-From 237c9c18b0b3479950e54a755ae428bf0f55f754 Mon Sep 17 00:00:00 2001
-From: erouault <erouault>
-Date: Sun, 27 Dec 2015 16:55:20 +0000
-Subject: [PATCH] * libtiff/tif_next.c: fix potential out-of-bound write in
- NeXTDecode() triggered by http://lcamtuf.coredump.cx/afl/vulns/libtiff5.tif
- (bugzilla #2508)
-
----
- ChangeLog          |  6 ++++++
- libtiff/tif_next.c | 12 +++++++++---
- 2 files changed, 15 insertions(+), 3 deletions(-)
-
-diff --git a/ChangeLog b/ChangeLog
-index b8aa23c..04926a3 100644
---- a/ChangeLog
-+++ b/ChangeLog
-@@ -1,5 +1,11 @@
- 2015-12-27  Even Rouault <even.rouault at spatialys.com>
-+      * libtiff/tif_next.c: fix potential out-of-bound write in NeXTDecode()
-+      triggered by http://lcamtuf.coredump.cx/afl/vulns/libtiff5.tif
-+      (bugzilla #2508)
-+
-+2015-12-27  Even Rouault <even.rouault at spatialys.com>
-+
-       * libtiff/tif_luv.c: fix potential out-of-bound writes in decode
-       functions in non debug builds by replacing assert()s by regular if
-       checks (bugzilla #2522).
-diff --git a/libtiff/tif_next.c b/libtiff/tif_next.c
-index 17e0311..1248caa 100644
---- a/libtiff/tif_next.c
-+++ b/libtiff/tif_next.c
-@@ -1,4 +1,4 @@
--/* $Id: tif_next.c,v 1.16 2014-12-29 12:09:11 erouault Exp $ */
-+/* $Id: tif_next.c,v 1.17 2015-12-27 16:55:20 erouault Exp $ */
- /*
-  * Copyright (c) 1988-1997 Sam Leffler
-@@ -37,7 +37,7 @@
-       case 0: op[0]  = (unsigned char) ((v) << 6); break;     \
-       case 1: op[0] |= (v) << 4; break;       \
-       case 2: op[0] |= (v) << 2; break;       \
--      case 3: *op++ |= (v);      break;       \
-+      case 3: *op++ |= (v);      op_offset++; break;  \
-       }                                       \
- }
-@@ -106,6 +106,7 @@ NeXTDecode(TIFF* tif, uint8* buf, tmsize_t occ, uint16 s)
-                       uint32 imagewidth = tif->tif_dir.td_imagewidth;
-             if( isTiled(tif) )
-                 imagewidth = tif->tif_dir.td_tilewidth;
-+            tmsize_t op_offset = 0;
-                       /*
-                        * The scanline is composed of a sequence of constant
-@@ -122,10 +123,15 @@ NeXTDecode(TIFF* tif, uint8* buf, tmsize_t occ, uint16 s)
-                                * bounds, potentially resulting in a security
-                                * issue.
-                                */
--                              while (n-- > 0 && npixels < imagewidth)
-+                              while (n-- > 0 && npixels < imagewidth && op_offset < scanline)
-                                       SETPIXEL(op, grey);
-                               if (npixels >= imagewidth)
-                                       break;
-+                if (op_offset >= scanline ) {
-+                    TIFFErrorExt(tif->tif_clientdata, module, "Invalid data for scanline %ld",
-+                        (long) tif->tif_row);
-+                    return (0);
-+                }
-                               if (cc == 0)
-                                       goto bad;
-                               n = *bp++, cc--;
diff --git a/libs/tiff/patches/005-fix-ftell-macro.patch b/libs/tiff/patches/005-fix-ftell-macro.patch
deleted file mode 100644 (file)
index 6ab0932..0000000
+++ /dev/null
@@ -1,11 +0,0 @@
---- a/libtiff/tiffiop.h
-+++ b/libtiff/tiffiop.h
-@@ -284,7 +284,7 @@ struct tiff {
- */
- #if defined(HAVE_FSEEKO)
- #  define fseek(stream,offset,whence)  fseeko(stream,offset,whence)
--#  define ftell(stream,offset,whence)  ftello(stream,offset,whence)
-+#  define ftell(stream)  ftello(stream)
- #endif
- #endif
- #if defined(__WIN32__) && \
diff --git a/mail/nail/Makefile b/mail/nail/Makefile
new file mode 100644 (file)
index 0000000..addc0f4
--- /dev/null
@@ -0,0 +1,59 @@
+#
+# Copyright (C) 2007-2014 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=nail
+PKG_VERSION:=12.5
+PKG_RELEASE:=2
+PKG_LICENSE:=BSD-2-Clause
+
+PKG_SOURCE:=heirloom-mailx_$(PKG_VERSION).orig.tar.gz
+PKG_SOURCE_URL:=http://ftp.de.debian.org/debian/pool/main/h/heirloom-mailx/
+PKG_MD5SUM:=29a6033ef1412824d02eb9d9213cb1f2
+PKG_BUILD_DIR:=$(BUILD_DIR)/heirloom-mailx-$(PKG_VERSION)
+
+PKG_INSTALL:=0
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/nail
+  SECTION:=mail
+  CATEGORY:=Mail
+  TITLE:=Heirloom mailx (nail)
+  URL:=http://heirloom.sourceforge.net/mailx.html
+  MAINTAINER:=Dmitry V. Zimin <pfzim@mail.ru>
+  DEPENDS:=+libopenssl
+endef
+
+define Package/nail/description
+  Heirloom mailx (formerly known as "nail") is intended provide
+  the functionality of the POSIX mailx command with additional
+  support for MIME messages, IMAP (including caching), POP3,
+  SMTP, S/MIME, message threading/sorting, scoring, and filtering
+endef
+
+define Package/nail/conffiles
+/etc/nail.rc
+endef
+
+define Build/Install
+       $(INSTALL_DIR) $(PKG_INSTALL_DIR)/usr/bin
+       $(CP) $(PKG_BUILD_DIR)/mailx $(PKG_INSTALL_DIR)/usr/bin/
+       $(INSTALL_DIR) $(PKG_INSTALL_DIR)/etc
+       $(CP) $(PKG_BUILD_DIR)/nail.rc $(PKG_INSTALL_DIR)/etc/
+endef
+
+define Package/nail/install
+       $(INSTALL_DIR) $(1)/usr/bin
+       $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/* $(1)/usr/bin/
+       $(INSTALL_DIR) $(1)/etc
+       $(INSTALL_BIN) $(PKG_INSTALL_DIR)/etc/* $(1)/etc/
+endef
+
+$(eval $(call BuildPackage,nail))
+
diff --git a/mail/nail/patches/100-handle-openssl-without-sslv2-sslv3.patch b/mail/nail/patches/100-handle-openssl-without-sslv2-sslv3.patch
new file mode 100644 (file)
index 0000000..793bc3d
--- /dev/null
@@ -0,0 +1,22 @@
+--- a/openssl.c
++++ b/openssl.c
+@@ -216,11 +216,17 @@ ssl_select_method(const char *uhp)
+       cp = ssl_method_string(uhp);
+       if (cp != NULL) {
++#ifndef OPENSSL_NO_SSL2
+               if (equal(cp, "ssl2"))
+                       method = SSLv2_client_method();
+-              else if (equal(cp, "ssl3"))
++              else
++#endif
++#ifndef OPENSSL_NO_SSL3
++              if (equal(cp, "ssl3"))
+                       method = SSLv3_client_method();
+-              else if (equal(cp, "tls1"))
++              else
++#endif
++              if (equal(cp, "tls1"))
+                       method = TLSv1_client_method();
+               else {
+                       fprintf(stderr, catgets(catd, CATSET, 244,
diff --git a/multimedia/ffmpeg/Config.in b/multimedia/ffmpeg/Config.in
deleted file mode 100644 (file)
index d2ab7d1..0000000
+++ /dev/null
@@ -1,473 +0,0 @@
-if PACKAGE_libffmpeg-custom
-
-config FFMPEG_CUSTOM_PATENTED
-       bool "Include patented codecs and technologies"
-       default BUILD_PATENTED
-
-comment "Profiles"
-
-config FFMPEG_CUSTOM_FFSERVER_SUPPORT
-       bool "Include support for ffserver (FFmpeg streaming server)"
-       select FFMPEG_CUSTOM_MUXER_ffm
-       select FFMPEG_CUSTOM_DEMUXER_ffm
-       select FFMPEG_CUSTOM_DEMUXER_rtsp
-       select FFMPEG_CUSTOM_PROTOCOL_rtp
-
-config FFMPEG_CUSTOM_MINIDLNA_SUPPORT
-       bool "Include support for minidlna"
-       depends on FFMPEG_CUSTOM_PATENTED
-       select FFMPEG_CUSTOM_DECODER_aac
-       select FFMPEG_CUSTOM_DECODER_ac3
-       select FFMPEG_CUSTOM_DECODER_flac
-       select FFMPEG_CUSTOM_DECODER_h264
-       select FFMPEG_CUSTOM_DECODER_hevc
-       select FFMPEG_CUSTOM_DECODER_jpegls
-       select FFMPEG_CUSTOM_DECODER_mp3
-       select FFMPEG_CUSTOM_DECODER_mpeg1video
-       select FFMPEG_CUSTOM_DECODER_mpeg2video
-       select FFMPEG_CUSTOM_DECODER_mpeg4
-       select FFMPEG_CUSTOM_DECODER_mpegvideo
-       select FFMPEG_CUSTOM_DECODER_png
-       select FFMPEG_CUSTOM_DECODER_opus
-       select FFMPEG_CUSTOM_DECODER_vc1
-       select FFMPEG_CUSTOM_DECODER_vorbis
-       select FFMPEG_CUSTOM_DECODER_wmav1
-       select FFMPEG_CUSTOM_DECODER_wmav2
-       select FFMPEG_CUSTOM_DEMUXER_avi
-       select FFMPEG_CUSTOM_DEMUXER_flac
-       select FFMPEG_CUSTOM_DEMUXER_matroska
-       select FFMPEG_CUSTOM_DEMUXER_mov
-       select FFMPEG_CUSTOM_DEMUXER_mp3
-       select FFMPEG_CUSTOM_DEMUXER_mpegts
-       select FFMPEG_CUSTOM_DEMUXER_mpegvideo
-       select FFMPEG_CUSTOM_DEMUXER_ogg
-       select FFMPEG_CUSTOM_PROTOCOL_file
-
-config FFMPEG_CUSTOM_AUDIO_DEC_SUPPORT
-       bool "Include support for most audio decoding requirements"
-       depends on FFMPEG_CUSTOM_PATENTED
-       select FFMPEG_CUSTOM_DECODER_aac
-       select FFMPEG_CUSTOM_DECODER_aac_latm
-       select FFMPEG_CUSTOM_DECODER_ac3
-       select FFMPEG_CUSTOM_SELECT_adpcm
-       select FFMPEG_CUSTOM_DECODER_alac
-       select FFMPEG_CUSTOM_DECODER_amrnb
-       select FFMPEG_CUSTOM_DECODER_amrwb
-       select FFMPEG_CUSTOM_DECODER_ape
-       select FFMPEG_CUSTOM_DECODER_atrac3
-       select FFMPEG_CUSTOM_DECODER_flac
-       select FFMPEG_CUSTOM_DECODER_mp2
-       select FFMPEG_CUSTOM_DECODER_mp3
-       select FFMPEG_CUSTOM_DECODER_mpc7
-       select FFMPEG_CUSTOM_DECODER_mpc8
-       select FFMPEG_CUSTOM_DECODER_opus
-       select FFMPEG_CUSTOM_DECODER_pcm_s16be
-       select FFMPEG_CUSTOM_DECODER_pcm_s16le
-       select FFMPEG_CUSTOM_DECODER_vorbis
-       select FFMPEG_CUSTOM_DECODER_wavpack
-       select FFMPEG_CUSTOM_DECODER_wmav1
-       select FFMPEG_CUSTOM_DECODER_wmav2
-       select FFMPEG_CUSTOM_DECODER_wmalossless
-       select FFMPEG_CUSTOM_DECODER_wmapro
-       select FFMPEG_CUSTOM_DECODER_zlib
-       select FFMPEG_CUSTOM_DEMUXER_aac
-       select FFMPEG_CUSTOM_DEMUXER_ac3
-       select FFMPEG_CUSTOM_DEMUXER_aiff
-       select FFMPEG_CUSTOM_DEMUXER_amr
-       select FFMPEG_CUSTOM_DEMUXER_ape
-       select FFMPEG_CUSTOM_DEMUXER_avi
-       select FFMPEG_CUSTOM_DEMUXER_flac
-       select FFMPEG_CUSTOM_DEMUXER_ffm
-       select FFMPEG_CUSTOM_DEMUXER_matroska
-       select FFMPEG_CUSTOM_DEMUXER_mp3
-       select FFMPEG_CUSTOM_DEMUXER_mov
-       select FFMPEG_CUSTOM_DEMUXER_mpc
-       select FFMPEG_CUSTOM_DEMUXER_mpc8
-       select FFMPEG_CUSTOM_DEMUXER_mpegts
-       select FFMPEG_CUSTOM_DEMUXER_ogg
-       select FFMPEG_CUSTOM_DEMUXER_rm
-       select FFMPEG_CUSTOM_DEMUXER_rtsp
-       select FFMPEG_CUSTOM_DEMUXER_rtp
-       select FFMPEG_CUSTOM_DEMUXER_sdp
-       select FFMPEG_CUSTOM_DEMUXER_wav
-       select FFMPEG_CUSTOM_DEMUXER_wv
-       select FFMPEG_CUSTOM_PARSER_aac
-       select FFMPEG_CUSTOM_PARSER_aac_latm
-       select FFMPEG_CUSTOM_PARSER_ac3
-       select FFMPEG_CUSTOM_PARSER_flac
-       select FFMPEG_CUSTOM_PARSER_mpegaudio
-       select FFMPEG_CUSTOM_PARSER_opus
-       select FFMPEG_CUSTOM_PROTOCOL_file
-       select FFMPEG_CUSTOM_PROTOCOL_http
-       select FFMPEG_CUSTOM_PROTOCOL_rtp
-       select FFMPEG_CUSTOM_PROTOCOL_tcp
-       select FFMPEG_CUSTOM_PROTOCOL_udp
-
-comment "External Libraries"
-
-config FFMPEG_CUSTOM_SELECT_mp3lame
-       bool "MP3 LAME"
-       depends on FFMPEG_CUSTOM_PATENTED
-       depends on PACKAGE_lame-lib
-       select FFMPEG_CUSTOM_DECODER_mp3
-       select FFMPEG_CUSTOM_MUXER_mp3
-       select FFMPEG_CUSTOM_DEMUXER_mp3
-
-config FFMPEG_CUSTOM_SELECT_libopus
-       bool "Opus"
-
-config FFMPEG_CUSTOM_SELECT_x264
-       bool "x264"
-       depends on FFMPEG_CUSTOM_PATENTED
-       depends on PACKAGE_libx264
-       select FFMPEG_CUSTOM_DECODER_h264
-       select FFMPEG_CUSTOM_MUXER_h264
-       select FFMPEG_CUSTOM_DEMUXER_h264
-       select FFMPEG_CUSTOM_PARSER_h264
-
-comment "Encoders"
-
-config FFMPEG_CUSTOM_ENCODER_ac3
-       bool "AC3"
-       depends on FFMPEG_CUSTOM_PATENTED
-       select FFMPEG_CUSTOM_PARSER_ac3
-
-config FFMPEG_CUSTOM_ENCODER_jpegls
-       bool "JPEG-LS"
-
-config FFMPEG_CUSTOM_ENCODER_mpeg1video
-       bool "MPEG-1 Video"
-
-config FFMPEG_CUSTOM_ENCODER_mpeg2video
-       bool "MPEG-2 Video"
-       depends on FFMPEG_CUSTOM_PATENTED
-
-config FFMPEG_CUSTOM_ENCODER_mpeg4
-       bool "MPEG-4"
-       depends on FFMPEG_CUSTOM_PATENTED
-
-config FFMPEG_CUSTOM_ENCODER_pcm_s16be
-       bool "PCM signed 16-bit big-endian"
-
-config FFMPEG_CUSTOM_ENCODER_pcm_s16le
-       bool "PCM signed 16-bit little-endian"
-
-config FFMPEG_CUSTOM_ENCODER_png
-       bool "PNG"
-       select FFMPEG_CUSTOM_ENCODER_zlib
-
-config FFMPEG_CUSTOM_ENCODER_vorbis
-       bool "Vorbis"
-
-config FFMPEG_CUSTOM_ENCODER_zlib
-       bool "Zlib"
-
-comment "Decoders"
-
-config FFMPEG_CUSTOM_DECODER_aac
-       bool "AAC (Advanced Audio Coding)"
-       depends on FFMPEG_CUSTOM_PATENTED
-       select FFMPEG_CUSTOM_PARSER_aac
-
-config FFMPEG_CUSTOM_SELECT_adpcm
-       bool "ADPCM (multiple types)"
-
-config FFMPEG_CUSTOM_DECODER_ac3
-       bool "AC3"
-       depends on FFMPEG_CUSTOM_PATENTED
-       select FFMPEG_CUSTOM_PARSER_ac3
-
-config FFMPEG_CUSTOM_DECODER_alac
-       bool "ALAC"
-
-config FFMPEG_CUSTOM_DECODER_amrnb
-       bool "AMR-NB"
-       select FFMPEG_CUSTOM_DEMUXER_amr
-
-config FFMPEG_CUSTOM_DECODER_amrwb
-       bool "AMR-WB"
-       select FFMPEG_CUSTOM_DEMUXER_amr
-
-config FFMPEG_CUSTOM_DECODER_ape
-       bool "APE"
-
-config FFMPEG_CUSTOM_DECODER_atrac3
-       bool "ATRAC3"
-       depends on FFMPEG_CUSTOM_PATENTED
-
-config FFMPEG_CUSTOM_DECODER_flac
-       bool "FLAC"
-       select FFMPEG_CUSTOM_PARSER_flac
-
-config FFMPEG_CUSTOM_DECODER_gif
-       bool "GIF"
-
-config FFMPEG_CUSTOM_DECODER_h264
-       bool "H.264"
-       depends on FFMPEG_CUSTOM_PATENTED
-
-config FFMPEG_CUSTOM_DECODER_hevc
-       bool "HEVC / H.265 Video"
-       depends on FFMPEG_CUSTOM_PATENTED
-
-config FFMPEG_CUSTOM_DECODER_jpegls
-       bool "JPEG-LS"
-
-config FFMPEG_CUSTOM_DECODER_mp2
-       bool "MP2 (MPEG Audio Layer 2)"
-       depends on FFMPEG_CUSTOM_PATENTED
-
-config FFMPEG_CUSTOM_DECODER_mp3
-       bool "MP3 (MPEG Audio Layer 2)"
-       depends on FFMPEG_CUSTOM_PATENTED
-
-config FFMPEG_CUSTOM_DECODER_mpegvideo
-       bool "MPEG Video"
-
-config FFMPEG_CUSTOM_DECODER_mpeg1video
-       bool "MPEG-1 Video"
-
-config FFMPEG_CUSTOM_DECODER_mpeg2video
-       bool "MPEG-2 Video"
-       depends on FFMPEG_CUSTOM_PATENTED
-
-config FFMPEG_CUSTOM_DECODER_mpeg4
-       bool "MPEG-4"
-       depends on FFMPEG_CUSTOM_PATENTED
-
-config FFMPEG_CUSTOM_DECODER_mpc7
-       bool "Musepack 7"
-       select FFMPEG_CUSTOM_DEMUXER_mpc
-
-config FFMPEG_CUSTOM_DECODER_mpc8
-       bool "Musepack 8"
-       select FFMPEG_CUSTOM_DEMUXER_mpc8
-
-config FFMPEG_CUSTOM_DECODER_opus
-       bool "Opus"
-
-config FFMPEG_CUSTOM_DECODER_pcm_s16be
-       bool "PCM signed 16-bit big-endian"
-
-config FFMPEG_CUSTOM_DECODER_pcm_s16le
-       bool "PCM signed 16-bit little-endian"
-
-config FFMPEG_CUSTOM_DECODER_png
-       bool "PNG"
-       select FFMPEG_CUSTOM_DECODER_zlib
-
-config FFMPEG_CUSTOM_DECODER_vc1
-       bool "VC-1 / WMV9"
-       depends on FFMPEG_CUSTOM_PATENTED
-
-config FFMPEG_CUSTOM_DECODER_vorbis
-       bool "Vorbis"
-       select FFMPEG_CUSTOM_DEMUXER_ogg
-
-config FFMPEG_CUSTOM_DECODER_wavpack
-       bool "Wavpack"
-
-config FFMPEG_CUSTOM_DECODER_wmav1
-       bool "WMAv1"
-       depends on FFMPEG_CUSTOM_PATENTED
-
-config FFMPEG_CUSTOM_DECODER_wmav2
-       bool "WMAv2"
-       depends on FFMPEG_CUSTOM_PATENTED
-
-config FFMPEG_CUSTOM_DECODER_zlib
-       bool "Zlib"
-
-comment "Muxers"
-
-config FFMPEG_CUSTOM_MUXER_ac3
-       bool "AC3"
-       depends on FFMPEG_CUSTOM_PATENTED
-
-config FFMPEG_CUSTOM_MUXER_ffm
-       bool "FFM (ffserver live feed)"
-
-config FFMPEG_CUSTOM_MUXER_h264
-       bool "H.264 Raw Video"
-       depends on FFMPEG_CUSTOM_PATENTED
-
-config FFMPEG_CUSTOM_MUXER_hevc
-       bool "HEVC / H265 Raw Video"
-       depends on FFMPEG_CUSTOM_PATENTED
-
-config FFMPEG_CUSTOM_MUXER_mp3
-       bool "MP3 (MPEG Audio Layer 3)"
-
-config FFMPEG_CUSTOM_MUXER_mp4
-       bool "MP4"
-
-config FFMPEG_CUSTOM_MUXER_mpeg1video
-       bool "MPEG-1 Video"
-
-config FFMPEG_CUSTOM_MUXER_mpeg2video
-       bool "MPEG-2 Video"
-
-config FFMPEG_CUSTOM_MUXER_mpegts
-       bool "MPEG-2 (TS)"
-
-config FFMPEG_CUSTOM_MUXER_ogg
-       bool "Ogg"
-
-config FFMPEG_CUSTOM_MUXER_rtp
-       bool "RTP"
-
-comment "Demuxers"
-
-config FFMPEG_CUSTOM_DEMUXER_aac
-       bool "AAC"
-
-config FFMPEG_CUSTOM_DEMUXER_avi
-       bool "AVI (Audio Video Interleave)"
-
-config FFMPEG_CUSTOM_DEMUXER_ac3
-       bool "AC3"
-
-config FFMPEG_CUSTOM_DEMUXER_amr
-       bool "AMR"
-
-config FFMPEG_CUSTOM_DEMUXER_ape
-       bool "APE"
-
-config FFMPEG_CUSTOM_DEMUXER_flac
-       bool "FLAC"
-
-config FFMPEG_CUSTOM_DEMUXER_ffm
-       bool "FFM (ffserver live feed)"
-
-config FFMPEG_CUSTOM_DEMUXER_h264
-       bool "H.264 Raw Video"
-       depends on FFMPEG_CUSTOM_PATENTED
-
-config FFMPEG_CUSTOM_DEMUXER_hevc
-       bool "HEVC / H265 Raw Video"
-       depends on FFMPEG_CUSTOM_PATENTED
-
-config FFMPEG_CUSTOM_DEMUXER_matroska
-       bool "Matroska (MKA,MKV)"
-       select FFMPEG_CUSTOM_DECODER_zlib
-
-config FFMPEG_CUSTOM_DEMUXER_mov
-       bool "MOV/MP4/M4A/3GP/3G2/MJ2"
-       select FFMPEG_CUSTOM_DECODER_zlib
-
-config FFMPEG_CUSTOM_DEMUXER_mp3
-       bool "MP3 (MPEG Audio Layer 3)"
-       select FFMPEG_CUSTOM_PARSER_mpegaudio
-
-config FFMPEG_CUSTOM_DEMUXER_mpegvideo
-       bool "MPEG Video"
-
-config FFMPEG_CUSTOM_DEMUXER_mpegps
-       bool "MPEG-2 (PS)"
-
-config FFMPEG_CUSTOM_DEMUXER_mpegts
-       bool "MPEG-2 (TS)"
-
-config FFMPEG_CUSTOM_DEMUXER_mpc
-       bool "Musepack"
-
-config FFMPEG_CUSTOM_DEMUXER_mpc8
-       bool "Musepack 8"
-
-config FFMPEG_CUSTOM_DEMUXER_ogg
-       bool "Ogg"
-
-config FFMPEG_CUSTOM_DEMUXER_rm
-       bool "RM"
-       help
-         RealMedia format demuxer
-
-config FFMPEG_CUSTOM_DEMUXER_rtsp
-       bool "RTSP"
-       select FFMPEG_CUSTOM_DEMUXER_rm
-       select FFMPEG_CUSTOM_DEMUXER_sdp
-       select FFMPEG_CUSTOM_DEMUXER_rtp
-
-config FFMPEG_CUSTOM_DEMUXER_sdp
-       bool "SDP"
-       select FFMPEG_CUSTOM_DEMUXER_mpegts
-
-config FFMPEG_CUSTOM_DEMUXER_rtp
-       bool "RTP"
-
-config FFMPEG_CUSTOM_DEMUXER_vc1
-       bool "VC-1 / WMV9 Raw Video"
-       depends on FFMPEG_CUSTOM_PATENTED
-
-config FFMPEG_CUSTOM_DEMUXER_wav
-       bool "WAV"
-
-config FFMPEG_CUSTOM_DEMUXER_wv
-       bool "WV"
-
-comment "Parsers"
-
-config FFMPEG_CUSTOM_PARSER_aac
-       bool "AAC (Advanced Audio Coding)"
-       depends on FFMPEG_CUSTOM_PATENTED
-
-config FFMPEG_CUSTOM_PARSER_ac3
-       bool "AC3"
-
-config FFMPEG_CUSTOM_PARSER_flac
-       bool "FLAC"
-
-config FFMPEG_CUSTOM_PARSER_h264
-       bool "H.264"
-       depends on FFMPEG_CUSTOM_PATENTED
-       select FFMPEG_CUSTOM_DECODER_h264
-
-config FFMPEG_CUSTOM_PARSER_hevc
-       bool "HEVC / H265"
-       depends on FFMPEG_CUSTOM_PATENTED
-       select FFMPEG_CUSTOM_DECODER_hevc
-
-config FFMPEG_CUSTOM_PARSER_mpegaudio
-       bool "MPEG Audio"
-
-config FFMPEG_CUSTOM_PARSER_mpegvideo
-       bool "MPEG Video"
-
-config FFMPEG_CUSTOM_PARSER_mpeg4video
-       bool "MPEG-4 Video"
-
-config FFMPEG_CUSTOM_PARSER_opus
-       bool "Opus"
-
-config FFMPEG_CUSTOM_PARSER_vc1
-       bool "VC-1 / WMV9"
-       depends on FFMPEG_CUSTOM_PATENTED
-       select FFMPEG_CUSTOM_DECODER_vc1
-
-comment "Protocols"
-
-config FFMPEG_CUSTOM_PROTOCOL_file
-       bool "file:"
-
-config FFMPEG_CUSTOM_PROTOCOL_http
-       bool "http:"
-
-config FFMPEG_CUSTOM_PROTOCOL_icecast
-       bool "icecast:"
-       select FFMPEG_CUSTOM_PROTOCOL_http
-
-config FFMPEG_CUSTOM_PROTOCOL_pipe
-       bool "pipe:"
-
-config FFMPEG_CUSTOM_PROTOCOL_rtp
-       bool "rtp:"
-       select FFMPEG_CUSTOM_PROTOCOL_udp
-
-config FFMPEG_CUSTOM_PROTOCOL_tcp
-       bool "tcp:"
-
-config FFMPEG_CUSTOM_PROTOCOL_udp
-       bool "udp:"
-
-
-endif
diff --git a/multimedia/ffmpeg/Makefile b/multimedia/ffmpeg/Makefile
deleted file mode 100644 (file)
index f874014..0000000
+++ /dev/null
@@ -1,645 +0,0 @@
-#
-# Copyright (C) 2006-2017 OpenWrt.org
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=ffmpeg
-PKG_VERSION:=3.2.2
-PKG_RELEASE:=1
-
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=https://ffmpeg.org/releases/
-PKG_MD5SUM:=e34d1b92c5d844f2a3611c741a6dba18
-PKG_HASH:=3f01bd1fe1a17a277f8c84869e5d9192b4b978cb660872aa2b54c3cc8a2fedfc
-PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
-
-PKG_LICENSE:=LGPL-2.1+ GPL-2+ LGPL-3
-PKG_LICENSE_FILES:=COPYING.GPLv2 COPYING.GPLv3 COPYING.LGPLv2.1 COPYING.LGPLv3
-
-FFMPEG_CUSTOM_ENCODERS:= \
-       ac3 \
-       jpegls \
-       mpeg1video \
-       mpeg2video \
-       mpeg4 \
-       pcm_s16be \
-       pcm_s16le \
-       png \
-       vorbis \
-       zlib \
-
-FFMPEG_CUSTOM_DECODERS:= \
-       aac \
-       ac3 \
-       alac \
-       amrnb \
-       amrwb \
-       ape \
-       atrac3 \
-       flac \
-       gif \
-       h264 \
-       hevc \
-       jpegls \
-       mp2 \
-       mp3 \
-       mpeg1video \
-       mpeg2video \
-       mpeg4 \
-       mpegvideo \
-       mpc7 \
-       mpc8 \
-       pcm_s16be \
-       pcm_s16le \
-       png \
-       vc1 \
-       vorbis \
-       wavpack \
-       wmav1 \
-       wmav2 \
-       zlib \
-
-FFMPEG_CUSTOM_MUXERS:= \
-       ac3 \
-       ffm \
-       h264 \
-       hevc \
-       mp3 \
-       mp4 \
-       mpeg1video \
-       mpeg2video \
-       mpegts \
-       ogg \
-       rtp \
-
-FFMPEG_CUSTOM_DEMUXERS:= \
-       aac \
-       ac3 \
-       amr \
-       ape \
-       avi \
-       flac \
-       ffm \
-       h264 \
-       hevc \
-       matroska \
-       mov \
-       mp3 \
-       mpegps \
-       mpegts \
-       mpegvideo \
-       mpc \
-       mpc8 \
-       ogg \
-       rm \
-       rtsp \
-       rtp \
-       sdp \
-       v4l2 \
-       vc1 \
-       wav \
-       wv \
-
-FFMPEG_CUSTOM_PARSERS:= \
-       aac \
-       flac \
-       ac3 \
-       h264 \
-       hevc \
-       mpegaudio \
-       mpeg4video \
-       mpegvideo \
-       vc1 \
-
-FFMPEG_CUSTOM_PROTOCOLS:= \
-       file http icecast pipe rtp tcp udp
-
-FFMPEG_MINI_DECODERS:= \
-       aac \
-       ac3 \
-       flac \
-       h264 \
-       hevc \
-       jpegls \
-       mp3 \
-       mpeg1video \
-       mpeg2video \
-       mpeg4 \
-       mpegvideo \
-       opus \
-       png \
-       vc1 \
-       vorbis \
-       wmav1 \
-       wmav2 \
-
-FFMPEG_MINI_DEMUXERS:= \
-       avi \
-       flac \
-       matroska \
-       mov \
-       mp3 \
-       mpegts \
-       mpegvideo \
-       ogg \
-
-FFMPEG_MINI_PROTOCOLS:= \
-       file \
-
-FFMPEG_AUDIO_DECODERS:= \
-       aac \
-       aac_latm \
-       ac3 \
-       adpcm_* \
-       alac \
-       amrnb \
-       amrwb \
-       ape \
-       atrac3 \
-       flac \
-       mp2 \
-       mp3* \
-       mpc7 \
-       mpc8 \
-       opus \
-       pcm_* \
-       vorbis \
-       wavpack \
-       wmav1 \
-       wmav2 \
-       wmalossless \
-       wmapro \
-       zlib \
-
-FFMPEG_AUDIO_DEMUXERS:= \
-       aac \
-       ac3 \
-       aiff \
-       amr \
-       ape \
-       avi \
-       flac \
-       ffm \
-       matroska \
-       mp3 \
-       mov \
-       mpc \
-       mpc8 \
-       mpegts \
-       ogg \
-       rm \
-       rtsp \
-       rtp \
-       sdp \
-       wav \
-       wv \
-
-FFMPEG_AUDIO_PARSERS:= \
-       aac \
-       aac_latm \
-       ac3 \
-       flac \
-       mpegaudio \
-       opus \
-
-FFMPEG_AUDIO_PROTOCOLS:= \
-       file http icecast rtp tcp udp
-
-
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
-
-PKG_CONFIG_DEPENDS:= \
-       $(patsubst %,CONFIG_FFMPEG_CUSTOM_ENCODER_%,$(FFMPEG_CUSTOM_ENCODERS)) \
-       $(patsubst %,CONFIG_FFMPEG_CUSTOM_DECODER_%,$(FFMPEG_CUSTOM_DECODERS)) \
-       $(patsubst %,CONFIG_FFMPEG_CUSTOM_MUXER_%,$(FFMPEG_CUSTOM_DEMUXERS)) \
-       $(patsubst %,CONFIG_FFMPEG_CUSTOM_DEMUXER_%,$(FFMPEG_CUSTOM_DEMUXERS)) \
-       $(patsubst %,CONFIG_FFMPEG_CUSTOM_PARSER_%,$(FFMPEG_CUSTOM_PARSERS)) \
-       $(patsubst %,CONFIG_FFMPEG_CUSTOM_PROTOCOL_%,$(FFMPEG_CUSTOM_PROTOCOLS))
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/ffmpeg/Default
- TITLE:=FFmpeg
- URL:=http://ffmpeg.mplayerhq.hu/
-endef
-
-define Package/ffmpeg/Default/description
- FFmpeg is a a software package that can record, convert and stream digital
- audio and video in numerous formats.
-endef
-
-
-define Package/ffmpeg
-$(call Package/ffmpeg/Default)
- SECTION:=multimedia
- CATEGORY:=Multimedia
- TITLE+= program
- DEPENDS+= +libpthread +libffmpeg-full
- VARIANT:=full
-endef
-
-define Package/ffmpeg/description
-$(call Package/ffmpeg/Default/description)
- .
- This package contains the FFmpeg command line tool.
-endef
-
-
-define Package/ffprobe
-$(call Package/ffmpeg/Default)
- SECTION:=multimedia
- CATEGORY:=Multimedia
- TITLE+= CLI media identifier
- DEPENDS+= +libffmpeg-full
- VARIANT:=full
-endef
-
-define Package/ffprobe/description
-$(call Package/ffmpeg/Default/description)
- .
- This package contains the FFprobe command line tool.
-endef
-
-
-define Package/ffserver
-$(call Package/ffserver/Default)
- SECTION:=multimedia
- CATEGORY:=Multimedia
- TITLE+= streaming server
- DEPENDS+= +libpthread +libffmpeg-full
- VARIANT:=full
-endef
-
-define Package/ffserver/description
-$(call Package/ffmpeg/Default/description)
- .
- This package contains the FFmpeg streaming server.
-endef
-
-define Package/libffmpeg/Default
-$(call Package/ffmpeg/Default)
- SECTION:=libs
- CATEGORY:=Libraries
- TITLE+= libraries
- DEPENDS+= @BUILD_PATENTED +libpthread +zlib +libbz2
- PROVIDES:= libffmpeg
-endef
-
-
-define Package/libffmpeg-custom
-$(call Package/libffmpeg/Default)
- TITLE+= (custom)
- DEPENDS+= +FFMPEG_CUSTOM_SELECT_libopus:libopus \
-           +PACKAGE_libx264:libx264 +PACKAGE_lame-lib:lame-lib
-
- VARIANT:=custom
- MENU:=1
-endef
-
-define Package/libffmpeg-custom/config
-source "$(SOURCE)/Config.in"
-endef
-
-define Package/libffmpeg-custom/description
-$(call Package/ffmpeg/Default/description)
- .
- This package contains customized FFmpeg shared libraries.
-endef
-
-
-define Package/libffmpeg-audio-dec
-$(call Package/libffmpeg/Default)
- TITLE+= (audio)
- VARIANT:=audio-dec
-endef
-
-define Package/libffmpeg-audio-dec/description
-$(call Package/ffmpeg/Default/description)
- .
- This package contains FFmpeg shared libraries for audio decoding
-endef
-
-
-define Package/libffmpeg-full
-$(call Package/libffmpeg/Default)
- TITLE+= (full)
- DEPENDS+= +alsa-lib +PACKAGE_libx264:libx264 +PACKAGE_lame-lib:lame-lib +libopus
- VARIANT:=full
-endef
-
-define Package/libffmpeg-full/description
-$(call Package/ffmpeg/Default/description)
- .
- This package contains full-featured FFmpeg shared libraries.
-endef
-
-
-define Package/libffmpeg-mini
-$(call Package/libffmpeg/Default)
- TITLE+= (mini)
- VARIANT:=mini
-endef
-
-define Package/libffmpeg-mini/description
-$(call Package/ffmpeg/Default/description)
- .
- This package contains minimal-featured FFmpeg shared libraries.
-endef
-
-
-FFMPEG_CONFIGURE:= \
-       CFLAGS="$(TARGET_CFLAGS) $(TARGET_CPPFLAGS) $(FPIC)" \
-       LDFLAGS="$(TARGET_LDFLAGS)" \
-       ./configure \
-       --enable-cross-compile \
-       --cross-prefix="$(TARGET_CROSS)" \
-       --arch="$(ARCH)" \
-       --target-os=linux \
-       --prefix="/usr" \
-       --pkg-config="pkg-config" \
-       --enable-shared \
-       --enable-static \
-       --enable-small \
-       --enable-pthreads \
-       --enable-zlib \
-       --disable-doc \
-       --disable-debug \
-       \
-       --enable-gpl \
-       --enable-version3 \
-       \
-       --disable-dxva2 \
-       --disable-lzma \
-       --disable-vaapi \
-       --disable-vda \
-       --disable-vdpau \
-       --disable-outdevs
-
-ifeq ($(CONFIG_SOFT_FLOAT),y)
-FFMPEG_CONFIGURE += \
-       --disable-altivec \
-       --disable-vsx \
-       --disable-power8 \
-       --disable-amd3dnow \
-       --disable-amd3dnowext \
-       --disable-mmx \
-       --disable-mmxext \
-       --disable-sse \
-       --disable-sse2 \
-       --disable-sse3 \
-       --disable-ssse3 \
-       --disable-sse4 \
-       --disable-sse42 \
-       --disable-avx \
-       --disable-xop \
-       --disable-fma3 \
-       --disable-fma4 \
-       --disable-avx2 \
-       --disable-aesni \
-       --disable-armv5te \
-       --disable-armv6 \
-       --disable-armv6t2 \
-       --disable-inline-asm \
-       --disable-mipsdsp \
-       --disable-mipsdspr2 \
-       --disable-mipsfpu \
-       --disable-msa \
-       --disable-mmi \
-       --disable-fast-unaligned \
-       --disable-runtime-cpudetect
-
-else ifneq ($(findstring arm,$(CONFIG_ARCH)),)
-FFMPEG_CONFIGURE += \
-       --disable-runtime-cpudetect
-else ifneq ($(findstring powerpc,$(CONFIG_ARCH)),)
-FFMPEG_CONFIGURE += \
-       --disable-altivec
-endif
-
-ifneq ($(CONFIG_YASM),y)
-FFMPEG_CONFIGURE += \
-       --disable-yasm
-
-endif
-
-#selectibly disable optimizations according to arch/cpu type
-ifneq ($(findstring arm,$(CONFIG_ARCH)),)
-       ifeq (,$(findstring vfp,$(CONFIG_TARGET_OPTIMIZATION)))
-               FFMPEG_CONFIGURE+= \
-                       --disable-vfp
-       endif
-       ifeq (,$(findstring neon,$(CONFIG_TARGET_OPTIMIZATION)))
-               FFMPEG_CONFIGURE+= \
-                       --disable-neon
-       endif
-
-endif
-
-ifeq ($(BUILD_VARIANT),full)
-       FFMPEG_CONFIGURE+= \
-               --enable-libopus --enable-decoder=libopus \
-               $(if $(CONFIG_PACKAGE_libx264),--enable-libx264) \
-               $(if $(CONFIG_PACKAGE_lame-lib),--enable-libmp3lame)
-endif
-
-ifeq ($(BUILD_VARIANT),custom)
-
-  FFMPEG_ENABLE= \
-       $(foreach c, $(2), \
-               $(if $($(3)_$(c)),--enable-$(1)="$(c)") \
-       )
-
-  FFMPEG_CONFIGURE+= \
-       --disable-programs \
-       --disable-avfilter \
-       --disable-postproc \
-       --disable-swresample \
-       --disable-swscale \
-       --disable-everything \
-       $(call FFMPEG_ENABLE,encoder,$(FFMPEG_CUSTOM_ENCODERS),CONFIG_FFMPEG_CUSTOM_ENCODER) \
-       $(call FFMPEG_ENABLE,decoder,$(FFMPEG_CUSTOM_DECODERS),CONFIG_FFMPEG_CUSTOM_DECODER) \
-       $(call FFMPEG_ENABLE,muxer,$(FFMPEG_CUSTOM_MUXERS),CONFIG_FFMPEG_CUSTOM_MUXER) \
-       $(call FFMPEG_ENABLE,demuxer,$(FFMPEG_CUSTOM_DEMUXERS),CONFIG_FFMPEG_CUSTOM_DEMUXER) \
-       $(call FFMPEG_ENABLE,parser,$(FFMPEG_CUSTOM_PARSERS),CONFIG_FFMPEG_CUSTOM_PARSER) \
-       $(call FFMPEG_ENABLE,protocol,$(FFMPEG_CUSTOM_PROTOCOLS),CONFIG_FFMPEG_CUSTOM_PROTOCOL) \
-
-ifeq ($(CONFIG_FFMPEG_CUSTOM_SELECT_adpcm),y)
-  FFMPEG_CONFIGURE+= \
-       --enable-decoder=adpcm_ima_wav \
-       --enable-decoder=adpcm_ima_qt \
-       --enable-decoder=adpcm_ms \
-
-endif
-
-ifeq ($(CONFIG_FFMPEG_CUSTOM_SELECT_libopus),y)
-  FFMPEG_CONFIGURE+= \
-       --enable-libopus --enable-decoder=libopus
-endif
-
-ifeq ($(CONFIG_FFMPEG_CUSTOM_SELECT_x264),y)
-  FFMPEG_CONFIGURE+= \
-       --enable-libx264
-endif
-
-ifeq ($(CONFIG_FFMPEG_CUSTOM_SELECT_mp3lame),y)
-  FFMPEG_CONFIGURE+= \
-       --enable-libmp3lame
-endif
-
-endif
-
-ifeq ($(BUILD_VARIANT),audio-dec)
-
-  FFMPEG_ENABLE= \
-       $(foreach c, $(2), \
-               --enable-$(1)="$(c)" \
-       )
-
-  FFMPEG_CONFIGURE+= \
-       --disable-programs \
-       --disable-avfilter \
-       --disable-postproc \
-       --disable-swresample \
-       --disable-swscale \
-       --disable-everything \
-       $(call FFMPEG_ENABLE,decoder,$(FFMPEG_AUDIO_DECODERS)) \
-       $(call FFMPEG_ENABLE,demuxer,$(FFMPEG_AUDIO_DEMUXERS)) \
-       $(call FFMPEG_ENABLE,parser,$(FFMPEG_AUDIO_PARSERS)) \
-       $(call FFMPEG_ENABLE,protocol,$(FFMPEG_AUDIO_PROTOCOLS)) \
-       --disable-decoder=pcm_bluray,pcm_dvd \
-
-endif
-
-ifeq ($(BUILD_VARIANT),mini)
-
-  FFMPEG_ENABLE= \
-       $(foreach c, $(2), \
-               --enable-$(1)="$(c)" \
-       )
-
-  FFMPEG_CONFIGURE+= \
-       --disable-programs \
-       --disable-avdevice \
-       --disable-avfilter \
-       --disable-postproc \
-       --disable-swresample \
-       --disable-swscale \
-       --disable-everything \
-       $(call FFMPEG_ENABLE,decoder,$(FFMPEG_MINI_DECODERS)) \
-       $(call FFMPEG_ENABLE,demuxer,$(FFMPEG_MINI_DEMUXERS)) \
-       $(call FFMPEG_ENABLE,protocol,$(FFMPEG_MINI_PROTOCOLS)) \
-
-endif
-
-ifneq ($(CONFIG_TARGET_x86),)
-  TARGET_CFLAGS += -fomit-frame-pointer
-endif
-
-define Build/Configure
-       ( cd $(PKG_BUILD_DIR); $(FFMPEG_CONFIGURE) )
-endef
-
-define Build/Compile
-       $(MAKE) -C $(PKG_BUILD_DIR) \
-               DESTDIR="$(PKG_INSTALL_DIR)" \
-               all install
-endef
-
-define Build/InstallDev/custom
-       $(INSTALL_DIR) $(1)/usr/include
-       $(CP) $(PKG_INSTALL_DIR)/usr/include/lib{avcodec,avdevice,avformat,avutil} $(1)/usr/include/
-       $(INSTALL_DIR) $(1)/usr/lib
-       $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{avcodec,avdevice,avformat,avutil}.{a,so*} $(1)/usr/lib/
-       $(INSTALL_DIR) $(1)/usr/lib/pkgconfig
-       $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/lib{avcodec,avdevice,avformat,avutil}.pc $(1)/usr/lib/pkgconfig/
-endef
-
-define Build/InstallDev/full
-       $(INSTALL_DIR) $(1)/usr/include
-       $(CP) $(PKG_INSTALL_DIR)/usr/include/lib{avcodec,avdevice,avfilter,avformat,avutil,postproc,swresample,swscale} $(1)/usr/include/
-       $(INSTALL_DIR) $(1)/usr/lib
-       $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{avcodec,avdevice,avfilter,avformat,avutil,postproc,swresample,swscale}.{a,so*} $(1)/usr/lib/
-       $(INSTALL_DIR) $(1)/usr/lib/pkgconfig
-       $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/lib{avcodec,avdevice,avfilter,avformat,avutil,postproc,swresample,swscale}.pc $(1)/usr/lib/pkgconfig/
-endef
-
-define Build/InstallDev/mini
-       $(INSTALL_DIR) $(1)/usr/include
-       $(CP) $(PKG_INSTALL_DIR)/usr/include/lib{avcodec,avformat,avutil} $(1)/usr/include/
-       $(INSTALL_DIR) $(1)/usr/lib
-       $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{avcodec,avformat,avutil}.{a,so*} $(1)/usr/lib/
-       $(INSTALL_DIR) $(1)/usr/lib/pkgconfig
-       $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/lib{avcodec,avformat,avutil}.pc $(1)/usr/lib/pkgconfig/
-endef
-
-Build/InstallDev/audio-dec = $(Build/InstallDev/custom)
-
-# XXX: attempt at installing "best" dev files available
-ifeq ($(BUILD_VARIANT),custom)
-  # XXX: only install "custom" dev files if -full & -mini are not selected
-  ifeq ($(CONFIG_PACKAGE_libffmpeg-full)$(CONFIG_PACKAGE_libffmpeg-mini),)
-    Build/InstallDev = $(Build/InstallDev/custom)
-  endif
-endif
-ifeq ($(BUILD_VARIANT),audio-dec)
-  # XXX: only install "audio-dec" dev files if -full & -mini are not selected
-  ifeq ($(CONFIG_PACKAGE_libffmpeg-full)$(CONFIG_PACKAGE_libffmpeg-mini),)
-    Build/InstallDev = $(Build/InstallDev/audio-dec)
-  endif
-endif
-ifeq ($(BUILD_VARIANT),full)
-  # XXX: always install "full" dev files if -full is selected
-  Build/InstallDev = $(Build/InstallDev/full)
-endif
-ifeq ($(BUILD_VARIANT),mini)
-  # XXX: only install "mini" dev files if -full is not selected
-  ifeq ($(CONFIG_PACKAGE_libffmpeg-full),)
-    Build/InstallDev = $(Build/InstallDev/mini)
-  endif
-endif
-
-define Package/ffmpeg/install
-       $(INSTALL_DIR) $(1)/usr/bin
-       $(CP) $(PKG_INSTALL_DIR)/usr/bin/ffmpeg $(1)/usr/bin/
-endef
-
-define Package/ffprobe/install
-       $(INSTALL_DIR) $(1)/usr/bin
-       $(CP) $(PKG_INSTALL_DIR)/usr/bin/ffprobe $(1)/usr/bin/
-endef
-
-define Package/ffserver/install
-       $(INSTALL_DIR) $(1)/usr/bin
-       $(CP) $(PKG_INSTALL_DIR)/usr/bin/ffserver $(1)/usr/bin/
-endef
-
-define Package/libffmpeg-custom/install
-       $(INSTALL_DIR) $(1)/usr/lib
-       $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{avcodec,avdevice,avformat,avutil}.so.* $(1)/usr/lib/
-endef
-
-define Package/libffmpeg-full/install
-       $(INSTALL_DIR) $(1)/usr/lib
-       $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{avcodec,avdevice,avfilter,avformat,avutil,postproc,swresample,swscale}.so.* $(1)/usr/lib/
-endef
-
-define Package/libffmpeg-mini/install
-       $(INSTALL_DIR) $(1)/usr/lib
-       $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{avcodec,avformat,avutil}.so.* $(1)/usr/lib/
-endef
-
-Package/libffmpeg-audio-dec/install = $(Package/libffmpeg-custom/install)
-
-$(eval $(call BuildPackage,ffmpeg))
-$(eval $(call BuildPackage,ffprobe))
-$(eval $(call BuildPackage,ffserver))
-$(eval $(call BuildPackage,libffmpeg-audio-dec))
-$(eval $(call BuildPackage,libffmpeg-full))
-$(eval $(call BuildPackage,libffmpeg-mini))
-ifneq ($(CONFIG_ALL),y)
-   $(eval $(call BuildPackage,libffmpeg-custom))
-endif
diff --git a/multimedia/gst1-plugins-bad/Makefile b/multimedia/gst1-plugins-bad/Makefile
deleted file mode 100644 (file)
index a284145..0000000
+++ /dev/null
@@ -1,277 +0,0 @@
-#
-# Copyright (C) 2011-2016 OpenWrt.org
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=gst1-plugins-bad
-PKG_VERSION:=1.8.2
-PKG_RELEASE:=1
-
-PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org> \
-               Ted Hess <thess@kitschensync.net>
-
-PKG_LICENSE:=LGPLv2 GPLv2
-PKG_LICENSE_FILES:=COPYING.LIB COPYING
-
-PKG_BUILD_DIR:=$(BUILD_DIR)/gst-plugins-bad-$(PKG_VERSION)
-PKG_SOURCE:=gst-plugins-bad-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=http://gstreamer.freedesktop.org/src/gst-plugins-bad/
-PKG_MD5SUM:=d7995317530c8773ec088f94d9320909d41da61996b801ebacce9a56af493f97
-
-PKG_BUILD_DEPENDS:= libgstreamer1 gstreamer1-plugins-base
-
-PKG_FIXUP:=autoreconf
-PKG_INSTALL:=1
-
-include $(INCLUDE_DIR)/package.mk
-include $(INCLUDE_DIR)/nls.mk
-
-GST_BAD_LIBS:=
-GST_BAD_MODULES:=
-
-define Package/gstreamer1-bad/Default
-  CATEGORY:=Multimedia
-  SECTION:=multimedia
-  TITLE:=GStreamer
-  URL:=http://gstreamer.freedesktop.org/
-  DEPENDS:= +libgstreamer1 $(ICONV_DEPENDS)
-endef
-
-define Package/gstreamer1-bad/description/Default
- GStreamer open source multimedia framework
-endef
-
-
-define Package/gst1-plugins-bad
-$(call Package/gstreamer1-bad/Default)
-  TITLE+= plugins collection (bad)
-  DEPENDS+= $(GST_DEPENDS)
-  HIDDEN:=1
-endef
-
-define Package/gts1-plugins-bad/description
-$(call Package/gstreamer1-bad/description/Default)
- .
- This meta package contains only dependencies to the other plugins from
- the bad plugins collection.
-endef
-
-define Package/gstreamer1-plugins-bad
-  $(call Package/gstreamer1-bad/Default)
-  TITLE+= plugins collection (bad)
-  DEPENDS:=+ALL:gst1-plugins-bad +gstreamer1-plugins-base
-endef
-
-define Package/gstreamer1-plugins-bad/config
-    menu "Select GStreamer bad modules and libraries"
-      depends on PACKAGE_gstreamer1-plugins-bad
-
-
-    config gst1-plugins-bad-all
-      bool "Include all GStreamer bad plugins"
-      select PACKAGE_gst1-plugins-bad
-
-    comment "Modules"
-
-   $(foreach mod,$(GST_BAD_MODULES), \
-    config PACKAGE_gst1-mod-$(mod)
-      prompt "GStreamer $(mod) module"
-
-   )
-
-    comment "Libraries"
-
-   $(foreach lib,$(GST_BAD_LIBS), \
-    config PACKAGE_libgst1$(lib)
-      prompt "GStreamer $(lib) library"
-
-   )
-
-  endmenu
-
-endef
-
-GST_VERSION:=1.0
-
-CONFIGURE_ARGS += \
-       --disable-debug \
-       --disable-examples \
-       --disable-nls   \
-       \
-       --disable-directsound \
-       --disable-directdraw \
-       --disable-osx_video \
-       --disable-quicktime \
-       --disable-vcd \
-       --disable-assrender \
-       --disable-apexsink \
-       --disable-bz2 \
-       --disable-dc1394 \
-       --disable-directfb \
-       --disable-dts \
-       --disable-resindvd \
-       --disable-faac \
-       --disable-faad \
-       --disable-flite \
-       --disable-gsm \
-       --disable-kate \
-       --disable-ladspa \
-       --disable-lv2 \
-       --disable-modplug \
-       --disable-mimic \
-       --disable-libmms \
-       --disable-mpeg2enc \
-       --disable-mplex \
-       --disable-musepack \
-       --disable-mythtv \
-       --disable-nas \
-       --disable-neon \
-       --disable-ofa \
-       --disable-rsvg \
-       --disable-timidity \
-       --disable-wildmidi \
-       --disable-sdl \
-       --disable-sdltest \
-       --disable-sndfile \
-       --disable-soundtouch \
-       --disable-spc \
-       --disable-gme \
-       --disable-xvid \
-       --disable-dvb \
-       --disable-wininet \
-       --disable-acm \
-       --disable-vdpau \
-       --disable-schro \
-       --disable-zbar \
-       --disable-srtp \
-       \
-       --without-libiconv-prefix \
-       --without-libintl-prefix \
-       --with-libgcrypt-prefix="$(STAGING_DIR)/usr" \
-       --without-x \
-
-TARGET_CFLAGS+= -std=gnu99
-
-EXTRA_LDFLAGS+= \
-       -Wl,-rpath-link=$(STAGING_DIR)/usr/lib \
-       $(if $(ICONV_FULL),-liconv) \
-
-
-define Package/gst1-plugins-bad/install
-       /bin/true
-endef
-
-# 1: short name
-# 2: description
-# 3: dependencies on other gstreamer libraries (short name)
-# 4: dependencies on other packages
-define GstBuildLibrary
-
-  GST_DEPENDS += +libgst1$(1)
-
-  GST_BAD_LIBS+= $(1)
-  define Package/libgst1$(1)
-    $(call Package/gstreamer1-bad/Default)
-    TITLE+= $(2) library (base)
-    DEPENDS+= $$(foreach p,$(3),+libgst1$$(p)) $(4)
-    HIDDEN:=1
-  endef
-
-  define Package/libgst1$(1)/description
-   $(call Package/gstreamer1-bad/description/Default)
-   .
-   This package contains the GStreamer $(2) library.
-  endef
-
-  define Package/libgst1$(1)/install
-       $(INSTALL_DIR) $$(1)/usr/lib
-       ( cd $(PKG_INSTALL_DIR); $(CP) \
-               ./usr/lib/libgst$(1)-$(GST_VERSION).so.* \
-               $$(1)/usr/lib/ \
-       )
-  endef
-
-  $$(eval $$(call BuildPackage,libgst1$(1)))
-endef
-
-$(eval $(call GstBuildLibrary,adaptivedemux,adaptivedemux,app uridownloader,))
-$(eval $(call GstBuildLibrary,photography,photography,,))
-$(eval $(call GstBuildLibrary,basecamerabinsrc,basecamerabinsrc,app,))
-$(eval $(call GstBuildLibrary,uridownloader,uridownloader,,))
-$(eval $(call GstBuildLibrary,badbase,badbase,,))
-
-# 1: short name
-# 2: description
-# 3: dependencies on other gstreamer libraries (short name)
-# 4: dependencies on other gstreamer plugins (short name)
-# 5: dependencies on other packages
-define GstBuildPlugin
-
-  GST_DEPENDS += +gst1-mod-$(1)
-
-  GST_BAD_MODULES+= $(1)
-
-  define Package/gst1-mod-$(1)
-    $(call Package/gstreamer1-bad/Default)
-    TITLE+= $(2) plugin (bad)
-    DEPENDS+= $$(foreach p,$(3),+libgst1$$(p)) $$(foreach p,$(4),+gst1-mod-$$(p)) $(5)
-    HIDDEN:=1
-  endef
-
-  define Package/gst1-mod-$(1)/description
-   $(call Package/gstreamer1-bad/description/Default)
-   .
-   This package contains the GStreamer $(2) plugin.
-  endef
-
-  define Package/gst1-mod-$(1)/install
-       $(INSTALL_DIR) $$(1)/usr/lib/gstreamer-$(GST_VERSION)
-       ( cd $(PKG_INSTALL_DIR); $(CP) \
-               ./usr/lib/gstreamer-$(GST_VERSION)/libgst$(1).so* \
-               $$(1)/usr/lib/gstreamer-$(GST_VERSION)/ \
-       )
-  endef
-
-  $$(eval $$(call BuildPackage,gst1-mod-$(1)))
-endef
-
-$(eval $(call GstBuildPlugin,adpcmdec,adpcm decoding support,audio,,))
-$(eval $(call GstBuildPlugin,adpcmenc,adpcm encoding support,audio,,))
-$(eval $(call GstBuildPlugin,aiff,aiff support,audio tag,,))
-$(eval $(call GstBuildPlugin,asfmux,asf muxing support,rtp,,))
-$(eval $(call GstBuildPlugin,autoconvert,autoconvert support,,,))
-$(eval $(call GstBuildPlugin,bayer,bayer support,video,,))
-$(eval $(call GstBuildPlugin,camerabin2,camerabin support,basecamerabinsrc photography pbutils app,,))
-$(eval $(call GstBuildPlugin,dataurisrc,dataurisrc support,,,))
-$(eval $(call GstBuildPlugin,debugutilsbad,debugutils support,video,,))
-$(eval $(call GstBuildPlugin,dvdspu,dvdspu support,video,,))
-$(eval $(call GstBuildPlugin,fbdevsink,fbdev support,video,,))
-$(eval $(call GstBuildPlugin,festival,festival support,audio,,))
-$(eval $(call GstBuildPlugin,hls,HLS support,pbutils adaptivedemux,multifile,+libnettle))
-$(eval $(call GstBuildPlugin,frei0r,frei0r support,controller video,,))
-$(eval $(call GstBuildPlugin,id3tag,id3tag support,tag,,))
-$(eval $(call GstBuildPlugin,jpegformat,jpegformat support,tag,,))
-$(eval $(call GstBuildPlugin,mpegpsdemux,mpegpsdemux support,pbutils,,))
-$(eval $(call GstBuildPlugin,mpegpsmux,mpegpsmux support,,,))
-#$(eval $(call GstBuildPlugin,mpegtsdemux,mpegtsdemux support,mpegts pbutils,,))
-#$(eval $(call GstBuildPlugin,mpegtsmux,mpegtsmux support,video,,))
-$(eval $(call GstBuildPlugin,mxf,mxf support,badbase audio video,,))
-$(eval $(call GstBuildPlugin,opusparse,OPUS streams library,pbutils,,+libopus))
-$(eval $(call GstBuildPlugin,pcapparse,pcapparse support,,,))
-$(eval $(call GstBuildPlugin,pnm,pnm support,video,,))
-$(eval $(call GstBuildPlugin,rawparse,rawparse support,audio video,,))
-$(eval $(call GstBuildPlugin,rfbsrc,librfb support,video,,))
-$(eval $(call GstBuildPlugin,sdpelem,sdp support,rtp sdp,,))
-$(eval $(call GstBuildPlugin,segmentclip,segmentclip support,audio,,))
-$(eval $(call GstBuildPlugin,shm,POSIX shared memory source and sink,,,+librt))
-$(eval $(call GstBuildPlugin,siren,siren support,audio rtp,,))
-$(eval $(call GstBuildPlugin,speed,speed support,audio,,))
-$(eval $(call GstBuildPlugin,subenc,subenc support,controller,,))
-#$(eval $(call GstBuildPlugin,srtp,srtp support,rtp,,+libsrtp))
-
-$(eval $(call BuildPackage,gstreamer1-plugins-bad))
-$(eval $(call BuildPackage,gst1-plugins-bad))
diff --git a/multimedia/gst1-plugins-bad/patches/001-no-translations.patch b/multimedia/gst1-plugins-bad/patches/001-no-translations.patch
deleted file mode 100644 (file)
index ee5d05b..0000000
+++ /dev/null
@@ -1,26 +0,0 @@
---- a/configure.ac
-+++ b/configure.ac
-@@ -3717,7 +3717,6 @@ ext/x265/Makefile
- ext/xvid/Makefile
- ext/zbar/Makefile
- ext/dtls/Makefile
--po/Makefile.in
- docs/Makefile
- docs/plugins/Makefile
- docs/libs/Makefile
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -2,11 +2,11 @@ DISTCHECK_CONFIGURE_FLAGS=--enable-gtk-d
- SUBDIRS = \
-       gst-libs gst sys ext pkgconfig \
--      m4 common docs tests po tools
-+      m4 common docs tests tools
- DIST_SUBDIRS = \
-       gst gst-libs sys ext pkgconfig \
--      m4 common docs tests po tools
-+      m4 common docs tests tools
- # include before EXTRA_DIST for win32 assignment
- include $(top_srcdir)/common/win32.mak
diff --git a/multimedia/gst1-plugins-bad/patches/002-no-tests.patch b/multimedia/gst1-plugins-bad/patches/002-no-tests.patch
deleted file mode 100644 (file)
index 3bef421..0000000
+++ /dev/null
@@ -1,57 +0,0 @@
---- a/configure.ac
-+++ b/configure.ac
-@@ -3617,38 +3617,6 @@ sys/wasapi/Makefile
- sys/wininet/Makefile
- sys/winks/Makefile
- sys/winscreencap/Makefile
--tests/Makefile
--tests/check/Makefile
--tests/files/Makefile
--tests/examples/Makefile
--tests/examples/avsamplesink/Makefile
--tests/examples/camerabin2/Makefile
--tests/examples/codecparsers/Makefile
--tests/examples/directfb/Makefile
--tests/examples/gl/Makefile
--tests/examples/gl/cocoa/Makefile
--tests/examples/gl/clutter/Makefile
--tests/examples/gl/generic/Makefile
--tests/examples/gl/generic/cube/Makefile
--tests/examples/gl/generic/cubeyuv/Makefile
--tests/examples/gl/generic/doublecube/Makefile
--tests/examples/gl/generic/recordgraphic/Makefile
--tests/examples/gl/gtk/Makefile
--tests/examples/gl/gtk/gtkvideooverlay/Makefile
--tests/examples/gl/gtk/3dvideo/Makefile
--tests/examples/gl/gtk/filternovideooverlay/Makefile
--tests/examples/gl/gtk/filtervideooverlay/Makefile
--tests/examples/gl/gtk/fxtest/Makefile
--tests/examples/gl/gtk/switchvideooverlay/Makefile
--tests/examples/gl/qt/Makefile
--tests/examples/gl/sdl/Makefile
--tests/examples/gtk/Makefile
--tests/examples/mpegts/Makefile
--tests/examples/mxf/Makefile
--tests/examples/opencv/Makefile
--tests/examples/uvch264/Makefile
--tests/examples/waylandsink/Makefile
--tests/icles/Makefile
- ext/voamrwbenc/Makefile
- ext/voaacenc/Makefile
- ext/assrender/Makefile
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -2,11 +2,11 @@ DISTCHECK_CONFIGURE_FLAGS=--enable-gtk-d
- SUBDIRS = \
-       gst-libs gst sys ext pkgconfig \
--      m4 common docs tests tools
-+      m4 common docs tools
- DIST_SUBDIRS = \
-       gst gst-libs sys ext pkgconfig \
--      m4 common docs tests tools
-+      m4 common docs tools
- # include before EXTRA_DIST for win32 assignment
- include $(top_srcdir)/common/win32.mak
diff --git a/multimedia/gst1-plugins-good/Makefile b/multimedia/gst1-plugins-good/Makefile
new file mode 100644 (file)
index 0000000..27b4e69
--- /dev/null
@@ -0,0 +1,237 @@
+#
+# Copyright (C) 2009-2016 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=gst1-plugins-good
+PKG_VERSION:=1.8.2
+PKG_RELEASE:=1
+
+PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org> \
+               Ted Hess <thess@kitschensync.net>
+
+PKG_LICENSE:=LGPLv2
+PKG_LICENSE_FILES:=COPYING
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/gst-plugins-good-$(PKG_VERSION)
+PKG_SOURCE:=gst-plugins-good-$(PKG_VERSION).tar.xz
+PKG_SOURCE_URL:=http://gstreamer.freedesktop.org/src/gst-plugins-good/
+PKG_MD5SUM:=8d7549118a3b7a009ece6bb38a05b66709c551d32d2adfd89eded4d1d7a23944
+
+PKG_BUILD_DEPENDS:= libgstreamer1 gstreamer1-plugins-base
+
+PKG_FIXUP:=autoreconf
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/nls.mk
+
+GST_GOOD_MODULES:=
+
+define Package/gstreamer1-good/Default
+  CATEGORY:=Multimedia
+  SECTION:=multimedia
+  TITLE:=GStreamer
+  URL:=http://gstreamer.freedesktop.org/
+  DEPENDS:= +libgstreamer1 $(ICONV_DEPENDS)
+endef
+
+define Package/gstreamer1-good/description/Default
+ GStreamer open source multimedia framework
+endef
+
+
+define Package/gst1-plugins-good
+$(call Package/gstreamer1-good/Default)
+  TITLE+= plugins collection (good)
+  DEPENDS+= $(GST_DEPENDS)
+  HIDDEN:=1
+endef
+
+define Package/gst1-plugins-good/description
+$(call Package/gstreamer1-good/description/Default)
+ .
+ This meta package contains only dependencies to the other plugins from
+ the good plugins collection.
+endef
+
+
+define Package/gstreamer1-plugins-good
+  $(call Package/gstreamer1-good/Default)
+  TITLE+= plugins collection (good)
+  DEPENDS:=+ALL:gst1-plugins-good +gstreamer1-plugins-base
+endef
+
+define Package/gstreamer1-plugins-good/config
+    menu "Select GStreamer good modules"
+      depends on PACKAGE_gstreamer1-plugins-good
+
+
+    config gst1-plugins-good-all
+      bool "Include all GStreamer good plugins"
+      select PACKAGE_gst1-plugins-good
+
+    comment "Modules"
+
+   $(foreach mod,$(GST_GOOD_MODULES), \
+    config PACKAGE_gst1-mod-$(mod)
+      prompt "GStreamer $(mod) module"
+
+   )
+
+  endmenu
+
+endef
+
+GST_VERSION:=1.0
+
+CONFIGURE_ARGS += \
+       --disable-debug \
+       --disable-examples \
+       \
+       --disable-aalib \
+       --disable-annodex \
+       --disable-bz2 \
+       --disable-cairo \
+       --disable-directsound \
+       --disable-dv1394 \
+       --disable-esd \
+       --disable-gconf \
+       --disable-gconftool \
+       --disable-gdk_pixbuf \
+       --disable-hal \
+       --disable-libcaca \
+       --disable-libdv \
+       --disable-osx_audio \
+       --disable-osx_video \
+       --disable-pulse \
+       --disable-qtdemux \
+       --disable-rtspmanager \
+       --disable-shout2 \
+       --disable-sunaudio \
+       --disable-wavpack \
+       --disable-x \
+       --disable-xshm \
+       --disable-xvideo \
+       --disable-y4m \
+       --disable-zlib \
+       \
+       --without-libiconv-prefix \
+       --without-libintl-prefix \
+       --without-x \
+
+EXTRA_LDFLAGS+= \
+       -Wl,-rpath-link=$(STAGING_DIR)/usr/lib \
+       $(if $(ICONV_FULL),-liconv) \
+
+
+define Package/gst1-plugins-good/install
+       /bin/true
+endef
+
+
+# 1: short name
+# 2: description
+# 3: dependencies on other gstreamer libraries (short name)
+# 4: dependencies on other gstreamer plugins (short name)
+# 5: dependencies on other packages
+define GstBuildPlugin
+
+  GST_DEPENDS += +gst1-mod-$(1)
+
+  GST_GOOD_MODULES+= $(1)
+
+  define Package/gst1-mod-$(1)
+    $(call Package/gstreamer1-good/Default)
+    TITLE+= $(2) plugin (good)
+    DEPENDS+= $$(foreach p,$(3),+libgst1$$(p)) $$(foreach p,$(4),+gst1-mod-$$(p)) $(5)
+    HIDDEN:=1
+  endef
+
+  define Package/gst1-mod-$(1)/description
+   $(call Package/gstreamer1-good/description/Default)
+   .
+   This package contains the GStreamer $(2) plugin.
+  endef
+
+  define Package/gst1-mod-$(1)/install
+       $(INSTALL_DIR) $$(1)/usr/lib/gstreamer-$(GST_VERSION)
+       ( cd $(PKG_INSTALL_DIR); $(CP) \
+               ./usr/lib/gstreamer-$(GST_VERSION)/libgst$(1).so* \
+               $$(1)/usr/lib/gstreamer-$(GST_VERSION)/ \
+       )
+  endef
+
+  $$(eval $$(call BuildPackage,gst1-mod-$(1)))
+endef
+
+#$(eval $(call GstBuildPlugin,1394,IEEE 1394 support,,,))
+$(eval $(call GstBuildPlugin,alaw,alaw codec,audio,,))
+$(eval $(call GstBuildPlugin,alpha,alpha support,video,,))
+$(eval $(call GstBuildPlugin,alphacolor,alphacolor support,video,,))
+$(eval $(call GstBuildPlugin,apetag,apetag support,audio pbutils tag video,,))
+$(eval $(call GstBuildPlugin,audiofx,audio effects,audio fft controller,,))
+$(eval $(call GstBuildPlugin,audioparsers,audioparsers,audio tag pbutils,,))
+$(eval $(call GstBuildPlugin,auparse,auparse,audio tag pbutils,,))
+$(eval $(call GstBuildPlugin,autodetect,format auto-detection,,,))
+$(eval $(call GstBuildPlugin,avi,avi support,audio riff tag video,,))
+$(eval $(call GstBuildPlugin,cutter,audio cutter,audio,,))
+$(eval $(call GstBuildPlugin,debug,debugging,,,))
+$(eval $(call GstBuildPlugin,deinterlace,deinterlace support,video,,))
+$(eval $(call GstBuildPlugin,dtmf,dtmf support,rtp,,))
+#$(eval $(call GstBuildPlugin,dv,dv support,audio tag video,,))
+$(eval $(call GstBuildPlugin,effectv,effectvsupport,video,,))
+$(eval $(call GstBuildPlugin,equalizer,audio equalizer,audio controller,,))
+$(eval $(call GstBuildPlugin,flac,FLAC codec,audio pbutils tag,,+libflac))
+$(eval $(call GstBuildPlugin,flv,flv codec,audio pbutils tag video,,))
+$(eval $(call GstBuildPlugin,flxdec,flx codec,,,))
+#$(eval $(call GstBuildPlugin,gdkpixbuf,gdkpixbuf support,video,,))
+$(eval $(call GstBuildPlugin,goom2k1,goom support,audio video pbutils,,))
+$(eval $(call GstBuildPlugin,goom,goom support,audio video pbutils,,))
+$(eval $(call GstBuildPlugin,icydemux,icy demuxer,audio tag,,))
+$(eval $(call GstBuildPlugin,id3demux,ID3v1/v2 demuxer,pbutils tag,,))
+$(eval $(call GstBuildPlugin,imagefreeze,imagefreeze support,,,))
+$(eval $(call GstBuildPlugin,interleave,audio interleave,audio,,))
+$(eval $(call GstBuildPlugin,isomp4,isomp4 support,audio pbutils riff rtp tag video,,))
+#$(eval $(call GstBuildPlugin,jack,jack support,audio,,))
+$(eval $(call GstBuildPlugin,jpeg,jpeg support,video,,+libjpeg))
+$(eval $(call GstBuildPlugin,level,audio level,audio,,))
+$(eval $(call GstBuildPlugin,matroska,matroska support,audio pbutils riff tag video,,))
+$(eval $(call GstBuildPlugin,mulaw,mulaw support,audio,,))
+$(eval $(call GstBuildPlugin,multifile,multiple files access,video,,))
+$(eval $(call GstBuildPlugin,multipart,multipart stream handling,,,))
+$(eval $(call GstBuildPlugin,navigationtest,navigationtest support,video,,))
+$(eval $(call GstBuildPlugin,oss4audio,OSS 4 audio support,audio tag,,))
+$(eval $(call GstBuildPlugin,ossaudio,OSS audio support,audio,,))
+$(eval $(call GstBuildPlugin,png,png support,video,,+libpng))
+#$(eval $(call GstBuildPlugin,pulse,pulse support,audio pbutils tag video,,))
+$(eval $(call GstBuildPlugin,replaygain,volume normalization,pbutils,,))
+$(eval $(call GstBuildPlugin,rtpmanager,RTP manager,audio net rtp tag pbutils video,,))
+$(eval $(call GstBuildPlugin,rtp,RTP,audio rtp tag pbutils video,,))
+$(eval $(call GstBuildPlugin,rtsp,RTSP,net rtp rtsp sdp,,))
+$(eval $(call GstBuildPlugin,shapewipe,shapewipe support,video,,))
+#$(eval $(call GstBuildPlugin,shout2,shout2 support,,,))
+$(eval $(call GstBuildPlugin,smpte,smpte support,video,,))
+$(eval $(call GstBuildPlugin,souphttpsrc,soup input,audio tag,,+libsoup))
+$(eval $(call GstBuildPlugin,spectrum,spectrum data output,audio fft,,))
+#$(eval $(call GstBuildPlugin,speex,speex support,audio tag,,))
+#$(eval $(call GstBuildPlugin,sty4menc,sty4menc support,video,,))
+#$(eval $(call GstBuildPlugin,taglib,taglib support,tag,,))
+$(eval $(call GstBuildPlugin,udp,UDP,net,,))
+$(eval $(call GstBuildPlugin,video4linux2,video4linux2 support,video allocators,,+libv4l))
+$(eval $(call GstBuildPlugin,videobox,videobox support,video,,))
+$(eval $(call GstBuildPlugin,videocrop,videocrop support,video,,))
+$(eval $(call GstBuildPlugin,videofilter,videofilter support,video,,))
+$(eval $(call GstBuildPlugin,videomixer,videomixer support,video,,))
+$(eval $(call GstBuildPlugin,vpx,vpx support,tag video,,+libvpx))
+$(eval $(call GstBuildPlugin,wavenc,Wav encoder,riff,,))
+#$(eval $(call GstBuildPlugin,wavpack,Wav packer,audio riff tag,,))
+$(eval $(call GstBuildPlugin,wavparse,Wav parser,audio riff tag,,))
+#$(eval $(call GstBuildPlugin,ximagesrc,ximagesrc support,video,,))
+
+$(eval $(call BuildPackage,gstreamer1-plugins-good))
+$(eval $(call BuildPackage,gst1-plugins-good))
diff --git a/multimedia/gst1-plugins-good/patches/001-no-translations.patch b/multimedia/gst1-plugins-good/patches/001-no-translations.patch
new file mode 100644 (file)
index 0000000..1411875
--- /dev/null
@@ -0,0 +1,20 @@
+--- a/configure.ac
++++ b/configure.ac
+@@ -1049,7 +1049,6 @@ sys/sunaudio/Makefile
+ sys/v4l2/Makefile
+ sys/waveform/Makefile
+ sys/ximage/Makefile
+-po/Makefile.in
+ tests/Makefile
+ tests/check/Makefile
+ tests/examples/Makefile
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -4,7 +4,6 @@ ALWAYS_SUBDIRS =               \
+       gst sys ext             \
+       tests                   \
+       docs                    \
+-      po                      \
+       common                  \
+       m4                      \
+       pkgconfig
diff --git a/multimedia/gst1-plugins-good/patches/002-no-tests.patch b/multimedia/gst1-plugins-good/patches/002-no-tests.patch
new file mode 100644 (file)
index 0000000..b7a7dc7
--- /dev/null
@@ -0,0 +1,34 @@
+--- a/configure.ac
++++ b/configure.ac
+@@ -1049,21 +1049,6 @@ sys/sunaudio/Makefile
+ sys/v4l2/Makefile
+ sys/waveform/Makefile
+ sys/ximage/Makefile
+-tests/Makefile
+-tests/check/Makefile
+-tests/examples/Makefile
+-tests/examples/audiofx/Makefile
+-tests/examples/cairo/Makefile
+-tests/examples/equalizer/Makefile
+-tests/examples/jack/Makefile
+-tests/examples/level/Makefile
+-tests/examples/pulse/Makefile
+-tests/examples/rtp/Makefile
+-tests/examples/shapewipe/Makefile
+-tests/examples/spectrum/Makefile
+-tests/examples/v4l2/Makefile
+-tests/files/Makefile
+-tests/icles/Makefile
+ common/Makefile
+ common/m4/Makefile
+ m4/Makefile
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -2,7 +2,6 @@ DISTCHECK_CONFIGURE_FLAGS=--enable-gtk-d
+ ALWAYS_SUBDIRS =              \
+       gst sys ext             \
+-      tests                   \
+       docs                    \
+       common                  \
+       m4                      \
diff --git a/multimedia/gst1-plugins-good/patches/003-no-docs.patch b/multimedia/gst1-plugins-good/patches/003-no-docs.patch
new file mode 100644 (file)
index 0000000..38a876f
--- /dev/null
@@ -0,0 +1,22 @@
+--- a/configure.ac
++++ b/configure.ac
+@@ -1052,9 +1052,6 @@ sys/ximage/Makefile
+ common/Makefile
+ common/m4/Makefile
+ m4/Makefile
+-docs/Makefile
+-docs/plugins/Makefile
+-docs/version.entities
+ pkgconfig/Makefile
+ pkgconfig/gstreamer-plugins-good-uninstalled.pc
+ gst-plugins-good.spec
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -2,7 +2,6 @@ DISTCHECK_CONFIGURE_FLAGS=--enable-gtk-d
+ ALWAYS_SUBDIRS =              \
+       gst sys ext             \
+-      docs                    \
+       common                  \
+       m4                      \
+       pkgconfig
diff --git a/multimedia/gst1-plugins-ugly/Makefile b/multimedia/gst1-plugins-ugly/Makefile
deleted file mode 100644 (file)
index 2f6c334..0000000
+++ /dev/null
@@ -1,177 +0,0 @@
-#
-# Copyright (C) 2009-2016 OpenWrt.org
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=gst1-plugins-ugly
-PKG_VERSION:=1.8.2
-PKG_RELEASE:=1
-
-PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org> \
-               Ted Hess <thess@kitschensync.net>
-
-PKG_LICENSE:=LGPLv2
-PKG_LICENSE_FILES:=COPYING
-
-PKG_BUILD_DIR:=$(BUILD_DIR)/gst-plugins-ugly-$(PKG_VERSION)
-PKG_SOURCE:=gst-plugins-ugly-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=http://gstreamer.freedesktop.org/src/gst-plugins-ugly/
-PKG_MD5SUM:=9c5b33a2a98fc1d6d6c99a1b536b1fb2de45f53cc8bf8ab85a8b8141fed1a8ac
-
-PKG_BUILD_DEPENDS:= libgstreamer1 gstreamer1-plugins-base
-PKG_CONFIG_DEPENDS:= \
-       CONFIG_PACKAGE_gst1-mod-asf \
-       CONFIG_PACKAGE_gst1-mod-lame \
-       CONFIG_PACKAGE_gst1-mod-mad \
-       CONFIG_PACKAGE_gst1-mod-mpeg2dec \
-
-PKG_FIXUP:=autoreconf
-PKG_INSTALL:=1
-
-include $(INCLUDE_DIR)/package.mk
-include $(INCLUDE_DIR)/nls.mk
-
-GST_UGLY_MODULES:=
-
-define Package/gstreamer1-ugly/Default
-  CATEGORY:=Multimedia
-  SECTION:=multimedia
-  TITLE:=GStreamer
-  URL:=http://gstreamer.freedesktop.org/
-  DEPENDS:= +libgstreamer1 $(ICONV_DEPENDS)
-endef
-
-define Package/gstreamer1-ugly/description/Default
- GStreamer open source multimedia framework
-endef
-
-
-define Package/gst1-plugins-ugly
-$(call Package/gstreamer1-ugly/Default)
-  TITLE+= plugins collection (ugly)
-  DEPENDS+= $(GST_DEPENDS)
-  HIDDEN:=1
-endef
-
-define Package/gts-plugins-ugly/description
-$(call Package/gstreamer1-ugly/description/Default)
- .
- This meta package contains only dependencies to the other plugins from
- the ugly plugins collection.
-endef
-
-
-define Package/gstreamer1-plugins-ugly
-  $(call Package/gstreamer1-ugly/Default)
-  TITLE+= plugins collection (ugly)
-  DEPENDS:=+ALL:gst1-plugins-ugly +gstreamer1-plugins-base
-endef
-
-define Package/gstreamer1-plugins-ugly/config
-    menu "Select GStreamer ugly modules"
-      depends on PACKAGE_gstreamer1-plugins-ugly
-
-
-    config gst1-plugins-ugly-all
-      bool "Include all GStreamer ugly plugins"
-      select PACKAGE_gst1-plugins-ugly
-
-    comment "Modules"
-
-   $(foreach mod,$(GST_UGLY_MODULES), \
-    config PACKAGE_gst1-mod-$(mod)
-      prompt "GStreamer $(mod) module"
-
-   )
-
-  endmenu
-
-endef
-
-GST_COND_SELECT = $(patsubst %,$(if $(CONFIG_PACKAGE_gst1-mod-$(1)),--enable,--disable)-%,$(1))
-
-GST_VERSION:=1.0
-
-CONFIGURE_ARGS += \
-       --disable-debug \
-       --disable-examples \
-       \
-       --disable-a52dec \
-       --disable-amrnb \
-       --disable-amrwb \
-       $(call GST_COND_SELECT,asf) \
-       --disable-cdio \
-       --disable-dvdlpcmdec \
-       --disable-dvdread \
-       --disable-dvdsub \
-       --disable-iec958 \
-       $(call GST_COND_SELECT,lame) \
-       $(call GST_COND_SELECT,mad) \
-       $(call GST_COND_SELECT,mpeg2dec) \
-       --disable-mpegaudioparse \
-       --disable-mpegstream \
-       --disable-realmedia \
-       --disable-sidplay \
-       --disable-synaesthesia \
-       --disable-twolame \
-       --disable-x264 \
-       \
-       --without-libiconv-prefix \
-       --without-libintl-prefix \
-
-EXTRA_LDFLAGS+= \
-       -Wl,-rpath-link=$(STAGING_DIR)/usr/lib \
-       $(if $(ICONV_FULL),-liconv) \
-
-
-define Package/gst1-plugins-ugly/install
-       /bin/true
-endef
-
-
-# 1: short name
-# 2: description
-# 3: dependencies on other gstreamer libraries (short name)
-# 4: dependencies on other gstreamer plugins (short name)
-# 5: dependencies on other packages
-define GstBuildPlugin
-
-  GST_DEPENDS += +gst1-mod-$(1)
-
-  GST_UGLY_MODULES+= $(1)
-
-  define Package/gst1-mod-$(1)
-    $(call Package/gstreamer1-ugly/Default)
-    TITLE+= $(2) plugin (ugly)
-    DEPENDS+= +libgstreamer1 $$(foreach p,$(3),+libgst1$$(p)) $$(foreach p,$(4),+gst1-mod-$$(p)) $(5)
-    HIDDEN:=1
-  endef
-
-  define Package/gst1-mod-$(1)/description
-   $(call Package/gstreamer1-ugly/description/Default)
-   .
-   This package contains the GStreamer $(2) plugin.
-  endef
-
-  define Package/gst1-mod-$(1)/install
-       $(INSTALL_DIR) $$(1)/usr/lib/gstreamer-$(GST_VERSION)
-       ( cd $(PKG_INSTALL_DIR); $(CP) \
-               ./usr/lib/gstreamer-$(GST_VERSION)/libgst$(1).so* \
-               $$(1)/usr/lib/gstreamer-$(GST_VERSION)/ \
-       )
-  endef
-
-  $$(eval $$(call BuildPackage,gst1-mod-$(1)))
-endef
-
-$(eval $(call GstBuildPlugin,asf,ASF demuxer,audio video riff rtp rtsp sdp tag,,))
-$(eval $(call GstBuildPlugin,lame,MP3 encoder (using LAME),audio,,+lame-lib))
-$(eval $(call GstBuildPlugin,mad,MP3 decoder (using MAD),audio tag,,+libid3tag +libmad))
-$(eval $(call GstBuildPlugin,mpeg2dec,MPEG decoder,video,,+libmpeg2))
-
-$(eval $(call BuildPackage,gstreamer1-plugins-ugly))
-$(eval $(call BuildPackage,gst1-plugins-ugly))
diff --git a/multimedia/gst1-plugins-ugly/patches/001-no-translations.patch b/multimedia/gst1-plugins-ugly/patches/001-no-translations.patch
deleted file mode 100644 (file)
index ea02ec8..0000000
+++ /dev/null
@@ -1,23 +0,0 @@
-diff -u --recursive gst-plugins-ugly-1.6.2-vanilla/configure.ac gst-plugins-ugly-1.6.2/configure.ac
---- gst-plugins-ugly-1.6.2-vanilla/configure.ac        2016-01-01 10:47:06.333623730 -0500
-+++ gst-plugins-ugly-1.6.2/configure.ac        2016-01-01 10:47:20.211613708 -0500
-@@ -470,7 +470,6 @@
- tests/Makefile
- tests/check/Makefile
- m4/Makefile
--po/Makefile.in
- pkgconfig/Makefile
- pkgconfig/gstreamer-plugins-ugly-uninstalled.pc
- gst-plugins-ugly.spec
-diff -u --recursive gst-plugins-ugly-1.6.2-vanilla/Makefile.am gst-plugins-ugly-1.6.2/Makefile.am
---- gst-plugins-ugly-1.6.2-vanilla/Makefile.am 2016-01-01 10:47:06.333623730 -0500
-+++ gst-plugins-ugly-1.6.2/Makefile.am 2016-01-01 10:47:14.523210855 -0500
-@@ -1,7 +1,7 @@
- DISTCHECK_CONFIGURE_FLAGS=--enable-gtk-doc
- SUBDIRS = \
--      gst-libs gst ext docs m4 tests common pkgconfig po
-+      gst-libs gst ext docs m4 tests common pkgconfig
- # include before EXTRA_DIST for win32 assignment
- include $(top_srcdir)/common/win32.mak
diff --git a/multimedia/gst1-plugins-ugly/patches/002-no-tests.patch b/multimedia/gst1-plugins-ugly/patches/002-no-tests.patch
deleted file mode 100644 (file)
index 26cd48a..0000000
+++ /dev/null
@@ -1,23 +0,0 @@
---- a/configure.ac
-+++ b/configure.ac
-@@ -478,9 +478,6 @@ ext/x264/Makefile
- docs/Makefile
- docs/plugins/Makefile
- docs/version.entities
--tests/Makefile
--tests/check/Makefile
--tests/files/Makefile
- m4/Makefile
- pkgconfig/Makefile
- pkgconfig/gstreamer-plugins-ugly-uninstalled.pc
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -1,7 +1,7 @@
- DISTCHECK_CONFIGURE_FLAGS=--enable-gtk-doc
- SUBDIRS = \
--      gst-libs gst ext docs m4 tests common pkgconfig
-+      gst-libs gst ext docs m4 common pkgconfig
- # include before EXTRA_DIST for win32 assignment
- include $(top_srcdir)/common/win32.mak
diff --git a/multimedia/gst1-plugins-ugly/patches/003-no-docs.patch b/multimedia/gst1-plugins-ugly/patches/003-no-docs.patch
deleted file mode 100644 (file)
index 3ef1255..0000000
+++ /dev/null
@@ -1,23 +0,0 @@
---- a/configure.ac
-+++ b/configure.ac
-@@ -475,9 +475,6 @@ ext/mpg123/Makefile
- ext/sidplay/Makefile
- ext/twolame/Makefile
- ext/x264/Makefile
--docs/Makefile
--docs/plugins/Makefile
--docs/version.entities
- m4/Makefile
- pkgconfig/Makefile
- pkgconfig/gstreamer-plugins-ugly-uninstalled.pc
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -1,7 +1,7 @@
- DISTCHECK_CONFIGURE_FLAGS=--enable-gtk-doc
- SUBDIRS = \
--      gst-libs gst ext docs m4 common pkgconfig
-+      gst-libs gst ext m4 common pkgconfig
- # include before EXTRA_DIST for win32 assignment
- include $(top_srcdir)/common/win32.mak
diff --git a/multimedia/minidlna/Makefile b/multimedia/minidlna/Makefile
deleted file mode 100644 (file)
index 144da20..0000000
+++ /dev/null
@@ -1,85 +0,0 @@
-#
-# Copyright (C) 2010-2014 OpenWrt.org
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=minidlna
-PKG_VERSION:=1.1.5
-PKG_RELEASE:=1
-
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=@SF/minidlna
-PKG_MD5SUM:=1970e553a1eb8a3e7e302e2ce292cbc4
-PKG_LICENSE:=GPL-2.0 BSD-3-Clause
-PKG_LICENSE_FILES:=COPYING LICENCE.miniupnpd
-
-PKG_MAINTAINER:=Knyazkov Dmitry <medavedik@gmail.com>
-
-PKG_BUILD_PARALLEL:=0
-PKG_BUILD_DEPENDS:=util-linux
-
-include $(INCLUDE_DIR)/package.mk
-include $(INCLUDE_DIR)/nls.mk
-
-define Package/minidlna
-  SECTION:=multimedia
-  CATEGORY:=Multimedia
-  TITLE:=UPnP A/V & DLNA Media Server
-  URL:=http://minidlna.sourceforge.net/
-  DEPENDS:= +libpthread +libexif +libjpeg +libsqlite3 +libffmpeg \
-       +libid3tag +libflac +libvorbis +libuuid \
-       $(ICONV_DEPENDS) $(INTL_DEPENDS)
-endef
-
-define Package/minidlna/description
-  MiniDLNA (aka ReadyDLNA) is server software with the aim of
-  being fully compliant with DLNA/UPnP-AV clients.
-endef
-
-define Package/minidlna/conffiles
-/etc/config/minidlna
-endef
-
-TARGET_CPPFLAGS += \
-       -I$(STAGING_DIR)/usr/include \
-       -I$(STAGING_DIR)/usr/include/FLAC \
-       -I$(STAGING_DIR)/usr/include/libexif \
-       -I$(STAGING_DIR)/usr/include/uuid \
-       -I$(STAGING_DIR)/usr/include/vorbis \
-       -I$(ICONV_PREFIX)/include \
-       -I$(INTL_PREFIX)/include \
-       -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 \
-
-TARGET_LDFLAGS += \
-       -L$(ICONV_PREFIX)/lib \
-       -L$(INTL_PREFIX)/lib \
-       -Wl,-rpath-link=$(STAGING_DIR)/usr/lib \
-
-MAKE_FLAGS +=\
-       CFLAGS="$(TARGET_CFLAGS) $(TARGET_CPPFLAGS)" \
-       LDFLAGS="$(TARGET_LDFLAGS)" \
-       ICONV_LIBS="-liconv $(if $(INTL_FULL),-lintl)" \
-
-CONFIGURE_ARGS +=\
-       --with-libiconv-prefix="$(ICONV_PREFIX)" \
-       --with-libintl-prefix="$(INTL_PREFIX)" \
-       --with-os-name="OpenWrt Linux" \
-       --with-os-version="$(LINUX_VERSION)" \
-       --with-os-url="http://openwrt.org/" \
-       --with-db-path="/var/run/minidlna" \
-       --with-log-path="/var/log" \
-
-define Package/minidlna/install
-       $(INSTALL_DIR) $(1)/usr/bin
-       $(INSTALL_BIN) $(PKG_BUILD_DIR)/minidlnad $(1)/usr/bin/minidlna
-       $(INSTALL_DIR) $(1)/etc/init.d
-       $(INSTALL_BIN) ./files/minidlna.init $(1)/etc/init.d/minidlna
-       $(INSTALL_DIR) $(1)/etc/config
-       $(INSTALL_CONF) ./files/minidlna.config $(1)/etc/config/minidlna
-endef
-
-$(eval $(call BuildPackage,minidlna))
diff --git a/multimedia/minidlna/files/minidlna.config b/multimedia/minidlna/files/minidlna.config
deleted file mode 100644 (file)
index 91a5cc3..0000000
+++ /dev/null
@@ -1,17 +0,0 @@
-config minidlna config
-       option 'enabled' '1'
-       option port '8200'
-       option interface 'br-lan'
-       option friendly_name 'OpenWrt DLNA Server'
-       option db_dir '/var/run/minidlna'
-       option log_dir '/var/log'
-       option inotify '1'
-       option enable_tivo '0'
-       option strict_dlna '0'
-       option presentation_url ''
-       option notify_interval '900'
-       option serial '12345678'
-       option model_number '1'
-       option root_container '.'
-       list media_dir '/mnt'
-       option album_art_names 'Cover.jpg/cover.jpg/AlbumArtSmall.jpg/albumartsmall.jpg/AlbumArt.jpg/albumart.jpg/Album.jpg/album.jpg/Folder.jpg/folder.jpg/Thumb.jpg/thumb.jpg'
diff --git a/multimedia/minidlna/files/minidlna.init b/multimedia/minidlna/files/minidlna.init
deleted file mode 100644 (file)
index a92a064..0000000
+++ /dev/null
@@ -1,97 +0,0 @@
-#!/bin/sh /etc/rc.common
-# Copyright (C) 2010 OpenWrt.org
-
-START=50
-
-SERVICE_USE_PID=1
-SERVICE_PID_FILE=/var/run/minidlna/minidlna.pid
-
-MINIDLNA_CONFIG_FILE="/tmp/minidlna.conf"
-
-minidlna_cfg_append() {
-       echo "$1" >> "$MINIDLNA_CONFIG_FILE"
-}
-
-minidlna_cfg_addbool() {
-       local cfg="$1"
-       local key="$2"
-       local def="$3"
-       local val
-
-       config_get_bool val "$cfg" "$key" "$def"
-       [ "$val" -gt 0 ] && val="yes" || val="no"
-       minidlna_cfg_append "$key=$val"
-}
-
-minidlna_cfg_addstr() {
-       local cfg="$1"
-       local key="$2"
-       local def="$3"
-       local val
-
-       config_get val "$cfg" "$key" "$def"
-       [ -n "$val" ] && minidlna_cfg_append "$key=$val"
-}
-
-minidlna_cfg_add_media_dir() {
-       local val=$1
-
-       minidlna_cfg_append "media_dir=$val"
-}
-
-minidlna_create_config() {
-       local cfg=$1
-       local port
-       local interface
-
-       config_get port $cfg port
-       config_get interface $cfg interface
-
-       [ -z "$interface" -o -t "$port" ] && return 1
-
-       echo "# this file is generated automatically, don't edit" > "$MINIDLNA_CONFIG_FILE"
-
-       minidlna_cfg_append "port=$port"
-       minidlna_cfg_append "network_interface=$interface"
-
-       minidlna_cfg_addstr $cfg friendly_name
-       minidlna_cfg_addstr $cfg db_dir
-       minidlna_cfg_addstr $cfg log_dir
-       minidlna_cfg_addbool $cfg inotify '1'
-       minidlna_cfg_addbool $cfg enable_tivo '0'
-       minidlna_cfg_addbool $cfg strict_dlna '0'
-       minidlna_cfg_addstr $cfg album_art_names
-       minidlna_cfg_addstr $cfg presentation_url
-       minidlna_cfg_addstr $cfg notify_interval '900'
-       minidlna_cfg_addstr $cfg serial '12345678'
-       minidlna_cfg_addstr $cfg model_number '1'
-       minidlna_cfg_addstr $cfg minissdpsocket
-       minidlna_cfg_addstr $cfg root_container '.'
-       config_list_foreach "$cfg" "media_dir" minidlna_cfg_add_media_dir
-
-       return 0
-}
-
-start() {
-       local enabled
-       local db_dir
-       local log_dir
-
-       config_load 'minidlna'
-       config_get_bool enabled config 'enabled' '0'
-
-       [ "$enabled" -gt 0 ] || return 1
-
-       minidlna_create_config config || return 1
-       
-       config_get db_dir config 'db_dir' '/var/run/minidlna'
-       config_get log_dir config 'log_dir' '/var/log'
-
-       mkdir -m 0755 -p $db_dir
-       mkdir -m 0755 -p $log_dir
-       service_start /usr/bin/minidlna -f "$MINIDLNA_CONFIG_FILE"
-}
-
-stop() {
-       service_stop /usr/bin/minidlna
-}
diff --git a/multimedia/minidlna/patches/010-libav-fix.patch b/multimedia/minidlna/patches/010-libav-fix.patch
deleted file mode 100644 (file)
index 5924599..0000000
+++ /dev/null
@@ -1,19 +0,0 @@
---- a/libav.h
-+++ b/libav.h
-@@ -167,7 +167,7 @@
- static inline int
- lav_is_thumbnail_stream(AVStream *s, uint8_t **data, int *size)
- {
--#if LIBAVFORMAT_VERSION_INT >= ((54<<16)+(6<<8))
-+/*if LIBAVFORMAT_VERSION_INT >= ((54<<16)+(6<<8))
-       if (s->disposition & AV_DISPOSITION_ATTACHED_PIC &&
-           s->codec->codec_id == AV_CODEC_ID_MJPEG)
-       {
-@@ -177,6 +177,6 @@
-                       *size = s->attached_pic.size;
-               return 1;
-       }
--#endif
-+endif*/
-       return 0;
- }
index 9d35f8005fcd29fe24b219e55bd0d2e584ed0d77..64796cc66b6655199a148c575a0d0537e050f507 100644 (file)
@@ -8,9 +8,9 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=acme
-PKG_SOURCE_VERSION:=6d84da588b98733dd9c4f5b88440281ab1eb4989
-PKG_VERSION:=1.4
-PKG_RELEASE:=1
+PKG_SOURCE_VERSION:=7b40cbe8c1a52041351524bcde4b37665a7cdf79
+PKG_VERSION:=1.5
+PKG_RELEASE:=2
 PKG_LICENSE:=GPLv3
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_RELEASE).tar.xz
@@ -25,7 +25,7 @@ include $(INCLUDE_DIR)/package.mk
 define Package/acme
   SECTION:=net
   CATEGORY:=Network
-  DEPENDS:=+curl +ca-certificates +openssl-util +netcat
+  DEPENDS:=+curl +ca-bundle +openssl-util +netcat
   TITLE:=ACME (Letsencrypt) client
   PKGARCH:=all
   MAINTAINER:=Toke Høiland-Jørgensen <toke@toke.dk>
@@ -90,6 +90,7 @@ uci -q get ucitrack.@acme[0] > /dev/null && {
   uci delete ucitrack.@acme[0]
   uci commit
 }
+exit 0
 endef
 
 
index 94fd62426235607ef3d84af220947ca5d94bc5cd..d395b5bea7de4f51c8ca32f93e6197cf9e988c77 100644 (file)
 
 CHECK_CRON=$1
 ACME=/usr/lib/acme/acme.sh
+# We export both ca variables in an attempts to keep backwards
+# compatibility with older versions of curl that was linked against
+# openssl
 export SSL_CERT_DIR=/etc/ssl/certs
+export CURL_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt
 export NO_TIMESTAMP=1
 
 UHTTPD_LISTEN_HTTP=
index 15117902e94944258feb999e3fddf89d4f8aceb2..e40e18c2b7d7f8fe253135d33263c9515bb0a688 100644 (file)
@@ -1,12 +1,12 @@
 #
-# Copyright (c) 2015-2017 Dirk Brenken (dev@brenken.org)
+# Copyright (c) 2015-2018 Dirk Brenken (dev@brenken.org)
 # This is free software, licensed under the GNU General Public License v3.
 #
 
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=adblock
-PKG_VERSION:=2.6.2
+PKG_VERSION:=3.4.3
 PKG_RELEASE:=1
 PKG_LICENSE:=GPL-3.0+
 PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>
@@ -16,12 +16,13 @@ include $(INCLUDE_DIR)/package.mk
 define Package/adblock
        SECTION:=net
        CATEGORY:=Network
-       TITLE:=Powerful adblock script to block ad/abuse domains
+       TITLE:=Powerful adblock script to block ad/abuse domains by using DNS
+       DEPENDS:=+jshn +jsonfilter
        PKGARCH:=all
 endef
 
 define Package/adblock/description
-Powerful adblock script to block ad/abuse domains via dnsmasq or unbound dns backend.
+Powerful adblock script to block ad/abuse domains via dnsmasq, unbound, named, kresd or dnscrypt-proxy.
 The script supports many domain blacklist sites plus manual black- and whitelist overrides.
 Please see https://github.com/openwrt/packages/blob/master/net/adblock/files/README.md for further information.
 
@@ -53,6 +54,7 @@ define Package/adblock/install
        $(INSTALL_CONF) ./files/adblock.conf $(1)/etc/config/adblock
 
        $(INSTALL_DIR) $(1)/etc/adblock
+       $(INSTALL_CONF) ./files/adblock.notify $(1)/etc/adblock/
        $(INSTALL_CONF) ./files/adblock.blacklist $(1)/etc/adblock/
        $(INSTALL_CONF) ./files/adblock.whitelist $(1)/etc/adblock/
 endef
index 6950ec792be239258fb0a2699c67897c0f30bc69..71d67ef4f90af3ac04cec99672d9c63543cd5311 100644 (file)
@@ -4,11 +4,13 @@
 A lot of people already use adblocker plugins within their desktop browsers, but what if you are using your (smart) phone, tablet, watch or any other wlan gadget...getting rid of annoying ads, trackers and other abuse sites (like facebook ;-) is simple: block them with your router. When the dns server on your router receives dns requests, you will sort out queries that ask for the resource records of ad servers and return a simple 'NXDOMAIN'. This is nothing but **N**on-e**X**istent Internet or Intranet domain name, if domain name is unable to resolved using the dns server, a condition called the 'NXDOMAIN' occurred.  
 
 ## Main Features
-* support of the following domain block list sources (free for private usage, for commercial use please check their individual licenses):
+* support of the following domain blocklist sources (free for private usage, for commercial use please check their individual licenses):
     * [adaway](https://adaway.org)
     * => infrequent updates, approx. 400 entries (enabled by default)
     * [adguard](https://adguard.com)
     * => numerous updates on the same day, approx. 12.000 entries
+    * [bitcoin](https://github.com/hoshsadiq/adblock-nocoin-list)
+    * => infrequent updates, approx. 15 entries
     * [blacklist]()
     * => static local blacklist, located by default in '/etc/adblock/adblock.blacklist'
     * [disconnect](https://disconnect.me)
@@ -25,20 +27,22 @@ A lot of people already use adblocker plugins within their desktop browsers, but
     * => daily updates, approx. 1.500 entries
     * [openphish](https://openphish.com)
     * => numerous updates on the same day, approx. 1.800 entries
-    * [palevo tracker](https://palevotracker.abuse.ch)
-    * => daily updates, approx. 15 entries
     * [ransomware tracker](https://ransomwaretracker.abuse.ch)
     * => daily updates, approx. 150 entries
     * [reg_cn](https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt)
     * => regional blocklist for China, daily updates, approx. 1.600 entries
+    * [reg_de](https://easylist-downloads.adblockplus.org/easylistgermany+easylist.txt)
+    * => regional blocklist for Germany, daily updates, approx. 9.200 entries
+    * [reg_id](https://easylist-downloads.adblockplus.org/abpindo+easylist.txt)
+    * => regional blocklist for Indonesia, daily updates, approx. 800 entries
+    * [reg_nl](https://easylist-downloads.adblockplus.org/easylistdutch+easylist.txt)
+    * => regional blocklist for the Netherlands, weekly updates, approx. 1300 entries
     * [reg_pl](http://adblocklist.org)
     * => regional blocklist for Poland, daily updates, approx. 50 entries
     * [reg_ro](https://easylist-downloads.adblockplus.org/rolist+easylist.txt)
     * => regional blocklist for Romania, weekly updates, approx. 600 entries
     * [reg_ru](https://code.google.com/p/ruadlist)
     * => regional blocklist for Russia, weekly updates, approx. 2.000 entries
-    * [securemecca](http://www.securemecca.com)
-    * => infrequent updates, approx. 25.000 entries
     * [shallalist](http://www.shallalist.de) (categories "adv" "costtraps" "spyware" "tracker" "warez" enabled by default)
     * => daily updates, approx. 32.000 entries (a short description of all shallalist categories can be found [online](http://www.shallalist.de/categories.html))
     * [spam404](http://www.spam404.com)
@@ -57,26 +61,31 @@ A lot of people already use adblocker plugins within their desktop browsers, but
     * => daily updates, approx. 440 entries
 * zero-conf like automatic installation & setup, usually no manual changes needed
 * simple but yet powerful adblock engine: adblock does not use error prone external iptables rulesets, http pixel server instances and things like that
-* automatically selects dnsmasq or unbound as dns backend
-* automatically selects uclient-fetch or wget as download utility (other tools like curl or aria2c are supported as well)
-* support http only mode (without installed ssl library) for all non-SSL blocklist sources
-* automatically supports a wide range of router modes, even AP modes are supported
+* supports five different dns backends / blocklist formats: dnsmasq, unbound, named (bind), kresd and dnscrypt-proxy
+* supports six different download utilities: uclient-fetch, wget, curl, aria2c, wget-nossl, busybox-wget
+* provides 'http only' mode without installed ssl library for all non-SSL blocklist sources
+* supports a wide range of router modes, even AP modes are supported
 * full IPv4 and IPv6 support
-* supports tld compression (top level domain compression), this feature removes thousands of needless host entries from the block lists and lowers the memory footprint for the dns backends
-* each block list source will be updated and processed separately
-* block list source parsing by fast & flexible regex rulesets
-* overall duplicate removal in separate block lists
+* provides top level domain compression ('tld compression'), this feature removes thousands of needless host entries from the blocklist and lowers the memory footprint for the dns backends
+* blocklist source parsing by fast & flexible regex rulesets
+* overall duplicate removal in central blocklist 'adb_list.overall'
 * additional whitelist for manual overrides, located by default in /etc/adblock/adblock.whitelist
-* quality checks during block list update to ensure a reliable dns backend service
+* quality checks during blocklist update to ensure a reliable dns backend service
 * minimal status & error logging to syslog, enable debug logging to receive more output
 * procd based init system support (start/stop/restart/reload/suspend/resume/query/status)
-* procd based hotplug support, the adblock start will be solely triggered by network interface triggers
-* suspend & resume adblock actions temporarily without block list reloading
-* runtime information available via LuCI & via 'status' init command
+* procd network interface trigger support or classic time based startup
+* keep the dns cache intact after adblock processing (currently supported by unbound and named)
+* conditional dns backend restarts by old/new blocklist comparison with sha256sum (default) or md5sum
+* suspend & resume adblock actions temporarily without blocklist reloading
+* output comprehensive runtime information via LuCI or via 'status' init command
 * query function to quickly identify blocked (sub-)domains, e.g. for whitelisting
+* strong LuCI support
 * optional: force dns requests to local resolver
 * optional: force overall sort / duplicate removal for low memory devices (handle with care!)
-* optional: automatic block list backup & restore, backups will be (de-)compressed and restored on the fly in case of any runtime error
+* optional: automatic blocklist backup & restore, they will be used in case of download errors or during startup in backup mode
+* optional: 'backup mode' to re-use blocklist backups during startup, get fresh lists only via reload or restart action
+* optional: 'whitelist mode' to block access to all domains except those explicitly listed in the whitelist file
+* optional: send notification emails in case of a processing error or if the overall domain count is &le; 0
 * optional: add new adblock sources on your own via uci config
 
 ## Prerequisites
@@ -84,91 +93,136 @@ A lot of people already use adblocker plugins within their desktop browsers, but
 * a usual setup with an enabled dns backend at minimum - dump AP modes without a working dns backend are _not_ supported
 * a download utility:
     * to support all blocklist sources a full version (with ssl support) of 'wget', 'uclient-fetch' with one of the 'libustream-*' ssl libraries, 'aria2c' or 'curl' is required
-    * for limited devices with real memory constraints, adblock provides also a plain http option and supports wget-nossl and uclient-fetch (without libustream-ssl), too
+    * for limited devices with real memory constraints, adblock provides also a 'http only' option and supports wget-nossl and uclient-fetch (without libustream-ssl) as well
     * for more configuration options see examples below
 
-## LEDE trunk Installation & Usage
-* install 'adblock' (_opkg install adblock_) and that's it - the adblock start will be automatically triggered by procd interface trigger
+## Installation & Usage
+* install 'adblock' (_opkg install adblock_)
+* at minimum configure the appropriate dns backend ('dnsmasq' by default) and enable the adblock service in _/etc/config/adblock_
 * control the adblock service manually with _/etc/init.d/adblock_ start/stop/restart/reload/suspend/resume/status or use the LuCI frontend
-* enable/disable your favored block list sources in _/etc/config/adblock_ - 'adaway', 'disconnect' and 'yoyo' are enabled by default
 
 ## LuCI adblock companion package
-* for easy management of the various block list sources and all other adblock options you can also use a nice & efficient LuCI frontend
+* for easy management of the various blocklist sources and all other adblock options you should use the provided LuCI frontend
 * install 'luci-app-adblock' (_opkg install luci-app-adblock_)
 * the application is located in LuCI under 'Services' menu
 
 ## Tweaks
 * **runtime information:** the adblock status is available via _/etc/init.d/adblock status_ (see example below)
 * **debug logging:** for script debugging please set the config option 'adb\_debug' to '1' and check the runtime output with _logread -e "adblock"_
-* **storage expansion:** to process and store all block list sources at once it might helpful to enlarge your temp directory with a swap partition => see [openwrt wiki](https://wiki.openwrt.org/doc/uci/fstab) for further details
+* **storage expansion:** to process and store all blocklist sources at once it might helpful to enlarge your temp directory with a swap partition => see [openwrt wiki](https://wiki.openwrt.org/doc/uci/fstab) for further details
 * **add white- / blacklist entries:** add domain white- or blacklist entries to always-allow or -deny certain (sub) domains, by default both lists are empty and located in _/etc/adblock_. Please add one domain per line - ip addresses, wildcards & regex are _not_ allowed (see example below)
-* **backup & restore block lists:** enable this feature, to restore automatically the latest compressed backup of your block lists in case of any processing error (e.g. a single block list source is not available during update). Please use an (external) solid partition and _not_ your volatile router temp directory for this
+* **backup & restore blocklists:** enable this feature, to restore automatically the latest compressed backup of your blocklists in case of any processing error (e.g. a single blocklist source is not available during update). Please use an (external) solid partition and _not_ your volatile router temp directory for this
 * **scheduled list updates:** for a scheduled call of the adblock service add an appropriate crontab entry (see example below)
-* **restrict procd interface trigger:** restrict the procd interface trigger to a (list of) certain interface(s) (default: wan). To disable it at all, remove all entries
+* **change startup behaviour:** by default the startup will be triggered by the 'wan' procd interface trigger. Choose 'none' to disable automatic startups, 'timed' to use a classic timeout (default 30 sec.) or select another trigger interface.
 * **suspend & resume adblocking:** to quickly switch the adblock service 'on' or 'off', simply use _/etc/init.d/adblock [suspend|resume]_
-* **domain query:** to query the active block lists for a specific domain, please run _/etc/init.d/adblock query `<DOMAIN>`_ (see example below)
-* **add new list sources:** you could add new block list sources on your own via uci config, all you need is a source url and an awk one-liner (see example below)
+* **domain query:** to query the active blocklist for a specific domain, please run _/etc/init.d/adblock query `<DOMAIN>`_ (see example below)
+* **add new list sources:** you could add new blocklist sources on your own via uci config, all you need is a source url and an awk one-liner (see example below)
 * **disable active dns probing in windows 10:** to prevent a yellow exclamation mark on your internet connection icon (which wrongly means connected, but no internet), please change the following registry key/value from "1" to "0" _HKLM\SYSTEM\CurrentControlSet\Services\NlaSvc\Parameters\Internet\EnableActiveProbing_
 
 ## Further adblock config options
-* usually the pre-configured adblock setup works quite well and no manual config overrides are needed, all listed options apply to the 'global' config section:
-    * adb\_enabled => main switch to enable/disable adblock service (default: '1', enabled)
+* usually the pre-configured adblock setup works quite well and no manual overrides are needed
+* the following options apply to the 'global' config section:
+    * adb\_enabled => main switch to enable/disable adblock service (default: '0', disabled)
     * adb\_debug => enable/disable adblock debug output (default: '0', disabled)
-    * adb\_iface => set the procd interface trigger to a (list of) lan / wan interface(s) (default: 'wan')
-    * adb\_fetch => full path to a different download utility, see example below (default: not set, use wget)
-    * adb\_fetchparm => options for the download utility, see example below (default: not set, use wget options)
-    * adb\_triggerdelay => additional trigger delay in seconds before adblock processing starts (default: '2')
+    * adb\_fetchutil => name of the used download utility: 'uclient-fetch', 'wget', 'curl', 'aria2c', 'wget-nossl'. 'busybox' (default: 'uclient-fetch')
+    * adb\_fetchparm => special config options for the download utility (default: not set)
+    * adb\_dns => select the dns backend for your environment: 'dnsmasq', 'unbound', 'named', 'kresd' or 'dnscrypt-proxy' (default: 'dnsmasq')
+    * adb\_dnsdir => target directory for the generated blocklist 'adb_list.overall' (default: not set, use dns backend default)
+    * adb\_trigger => set the startup trigger to a certain interface, to 'timed' or to 'none' (default: 'wan')
+
+* the following options apply to the 'extra' config section:
+    * adb\_triggerdelay => additional trigger delay in seconds before adblock processing begins (default: '1')
     * adb\_forcedns => force dns requests to local resolver (default: '0', disabled)
     * adb\_forcesrt => force overall sort on low memory devices with less than 64 MB RAM (default: '0', disabled)
+    * adb\_backup_mode => do not automatically update blocklists during startup, use backups instead (default: '0', disabled)
+    * adb\_whitelist_mode => block access to all domains except those explicitly listed in the whitelist file (default: '0', disabled)
+    * adb\_dnsflush => flush DNS cache after adblock processing, i.e. enable the old restart behavior (default: '0', disabled)
+    * adb\_notify => send notification emails in case of a processing error or if the overall domain count is &le; 0 (default: '0', disabled)
+    * adb\_notifycnt => Raise minimum domain count email notification trigger (default: '0')
 
 ## Examples
 **change default dns backend to 'unbound':**
+
+Adblock deposits the final blocklist 'adb_list.overall' in '/var/lib/unbound' where unbound can find them in its jail.  
+To preserve the DNS cache after adblock processing you need to install 'unbound-control'.  
+  
+**change default dns backend to 'named' (bind):**
+
+Adblock deposits the final blocklist 'adb_list.overall' in '/var/lib/bind'.  
+To preserve the DNS cache after adblock processing you need to install & configure 'bind-rdnc'.  
+To use the blocklist please modify '/etc/bind/named.conf':
 <pre><code>
-Adblock detects the presence of an active unbound dns backend and the block lists will be automatically pulled in by unbound.
-The adblock script deposits the sorted and filtered block lists in '/var/lib/unbound' where unbound can find them in its jail.
-If you use manual configuration for unbound, then just include the following line in your 'server:' clause:
+in the 'options' namespace add:
+  response-policy { zone "rpz"; };
 
-  include: "/var/lib/unbound/adb_list.*"
+and at the end of the file add:
+  zone "rpz" {
+    type master;
+    file "/var/lib/bind/adb_list.overall";
+    allow-query { none; };
+    allow-transfer { none; };
+  };
 </code></pre>
   
-**configuration for different download utilities:**
-<pre><code>
-wget (default):
-  option adb_fetch="/usr/bin/wget"
-  option adb_fetchparm="--no-config --quiet --no-cache --no-cookies --max-redirect=0 --timeout=10 --no-check-certificate -O"
+**change default dns backend to 'kresd':**
 
-aria2c:
-  option adb_fetch '/usr/bin/aria2c'
-  option adb_fetchparm '-q --timeout=10 --allow-overwrite=true --auto-file-renaming=false --check-certificate=false -o'
+The knot-resolver (kresd) is only available on Turris Omnia devices.  
+Adblock deposits the final blocklist 'adb_list.overall' in '/etc/kresd', no further configuration needed.
+  
+**change default dns backend to 'dnscrypt-proxy':**
 
-uclient-fetch:
-  option adb_fetch '/bin/uclient-fetch'
-  option adb_fetchparm '-q --timeout=10 --no-check-certificate -O'
+The required 'blacklist' option of dnscrypt-proxy is not enabled by default, because the package will be compiled without plugins support.  
+Take a custom LEDE build with plugins support to use this feature. Adblock deposits the final blocklist 'adb_list.overall' in '/tmp'.  
+To use the blocklist please modify '/etc/config/dnscrypt-proxy' per instance:
+<pre><code>
+  list blacklist 'domains:/tmp/adb_list.overall'
+</code></pre>
+  
+**enable email notification via msmtp:**
 
-curl:
-  option adb_fetch '/usr/bin/curl'
-  option adb_fetchparm '-s --connect-timeout 10 --insecure -o'
+To use the email notification you have to install & configure the package 'msmtp'.  
+Modify the file '/etc/msmtprc':
+<pre><code>
+[...]
+defaults
+auth            on
+tls             on
+tls_certcheck   off
+timeout         5
+syslog          LOG_MAIL
+[...]
+account         adb_notify
+host            smtp.gmail.com
+port            587
+from            dev.adblock@gmail.com
+user            dev.adblock
+password        xxx
 </code></pre>
+Edit the file '/etc/adblock/adblock.notify' and change at least the 'mail_receiver'.  
+Finally make this file executable via 'chmod' and test it directly. If no more errors come up you can comment 'mail_debug', too.
   
 **receive adblock runtime information:**
+
 <pre><code>
-root@blackhole:~# /etc/init.d/adblock status
+/etc/init.d/adblock status
 ::: adblock runtime information
- status          : active
adblock_version : 2.6.0
- blocked_domains : 113711
fetch_info      : wget (built-in)
- dns_backend     : dnsmasq
- last_rundate    : 12.04.2017 13:08:26
- system          : LEDE Reboot SNAPSHOT r3900-399d5cf532
+  + adblock_status  : enabled
 + adblock_version : 3.4.0
+  + overall_domains : 5167 (normal/backup mode)
 + fetch_utility   : wget (built-in)
+  + dns_backend     : kresd (/etc/kresd)
+  + last_rundate    : 27.12.2017 20:52:35
+  + system_release  : Turris Omnia, OpenWrt omnia 15.05/3.9.1
 </code></pre>
   
 **cronjob for a regular block list update (/etc/crontabs/root):**
+
 <pre><code>
-0 06 * * *    /etc/init.d/adblock start
+0 06 * * *    /etc/init.d/adblock reload
 </code></pre>
   
 **blacklist entry (/etc/adblock/adblock.blacklist):**
+
 <pre><code>
 ads.example.com
 
@@ -183,10 +237,11 @@ This entry does not block:
 </code></pre>
   
 **whitelist entry (/etc/adblock/adblock.whitelist):**
+
 <pre><code>
 here.com
 
-This entry removes the following (sub)domains from the block lists:
+This entry removes the following (sub)domains from the blocklist:
   maps.here.com
   here.com
 
@@ -195,53 +250,42 @@ This entry does not remove:
   www.adwhere.com
 </code></pre>
   
-**query active block lists for a certain (sub-)domain, e.g. for whitelisting:**
+**query the active blocklist for a certain (sub-)domain, e.g. for whitelisting:**
+
+The query function checks against the submitted (sub-)domain and recurses automatically to the upper top level domain. For every (sub-)domain it returns the first ten relevant results.
 <pre><code>
-/etc/init.d/adblock query example.www.doubleclick.net
-::: distinct results for domain 'example.www.doubleclick.net'
- no match
-::: distinct results for domain 'www.doubleclick.net'
- adb_list.sysctl      : www.doubleclick.net
-::: distinct results for domain 'doubleclick.net'
- adb_list.adaway      : ad-g.doubleclick.net
- adb_list.securemecca : 1168945.fls.doubleclick.net
- adb_list.sysctl      : 1435575.fls.doubleclick.net
- adb_list.whocares    : 3ad.doubleclick.net
-
-The query function checks against the submitted (sub-)domain and recurses automatically to the upper top level domain(s).
-For every domain it returns the overall count plus a distinct list of active block lists with the first relevant result.
-In the example above whitelist "www.doubleclick.net" to free the submitted domain.
+/etc/init.d/adblock query www.example.google.com
+::: max. ten results for domain 'www.example.google.com'
+  - no match
+::: max. ten results for domain 'example.google.com'
+  - no match
+::: max. ten results for domain 'google.com'
+  + analytics.google.com
+  + googleadapis.l.google.com
+  + pagead.l.google.com
+  + partnerad.l.google.com
+  + ssl-google-analytics.l.google.com
+  + video-stats.video.google.com
+  + www-google-analytics.l.google.com
 </code></pre>
   
-**add a new block list source:**
-<pre><code>
-1. the easy way ...
-example: https://easylist-downloads.adblockplus.org/rolist+easylist.txt
-adblock already supports an easylist source, called 'ruadlist'. To add the additional local easylist
-as a new source, copy the existing config source 'ruadlist' section and change only
-the source name, the url and the description - that's all!
+**add a new blocklist source:**
 
-config source 'rolist'
+1. the easy way ...  
+example: https://easylist-downloads.adblockplus.org/rolist+easylist.txt  
+Adblock already supports an easylist source, called 'reg_ru'. To add the additional local easylist as a new source, copy the existing config source section and change only
+the source name, the url and the description - that's all!
+<pre><code>
+config source 'reg_ro'
   option enabled '0'
   option adb_src 'https://easylist-downloads.adblockplus.org/rolist+easylist.txt'
-  option adb_src_rset '{FS=\"[|^]\"} \$0 ~/^\|\|([A-Za-z0-9_-]+\.){1,}[A-Za-z]+\^$/{print tolower(\$3)}'
-  option adb_src_desc 'focus on romanian ad related domains plus generic easylist additions, weekly updates, approx. 600 entries'
-
-2. a bit harder ...
-to add a really new source with different domain/host format you have to write a suitable
-awk one-liner on your own, so basic awk skills are needed. As a starting point check the already
-existing awk strings (adb_src_rset) in adblock config, maybe you need only small changes for your individual list.
-Download the desired list and test your new awk string locally with:
-  cat new.list | awk 'fs__individual search__search core__result'
-  'fs' => field separator (optional)
-  'individual search' => individual search part to filter out needless list information
-  'search core' => always '([A-Za-z0-9_-]+\.){1,}[A-Za-z]+', this is part of all list sources and should be unchanged
-  'result' => always '{print tolower(\$n)}', only the output column 'n' may vary
-the output result should be a sequential list with one domain/host per line - nothing more.
-
-If your awk one-liner works quite well, add a new source section in adblock config and test your new source
+  option adb_src_rset 'BEGIN{FS=\"[|^]\"}\$0~/^\|\|([[:alnum:]_-]+\.){1,}[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
+  option adb_src_desc 'focus on romanian ads plus generic easylist additions, weekly updates, approx. 9.400 entries'
 </code></pre>
-  
+
+2. a bit harder ...  
+To add a really new source with different domain/host format you have to write a suitable awk one-liner on your own, so basic awk skills are needed. As a starting point check the already existing awk rulesets 'adb_src_rset' in the config file, probably you need only small changes for your individual list. Download the desired list and test your new awk string locally. The output result should be a sequential list with one domain/host per line - nothing more. If your awk one-liner works quite well, add a new source section to the adblock config file and test the new source.  
+
 ## Support
 Please join the adblock discussion in this [forum thread](https://forum.lede-project.org/t/adblock-2-x-support-thread/507) or contact me by mail <dev@brenken.org>  
 
index 0e4fd0257774c0add0370cb91c93cdb36a849eab..16a3436f1e17ec2cab18f36da0f9708ef7b9405e 100644 (file)
 # see 'https://github.com/openwrt/packages/blob/master/net/adblock/files/README.md'
 
 config adblock 'global'
-       option adb_enabled '1'
+       option adb_enabled '0'
+       option adb_dns 'dnsmasq'
+       option adb_fetchutil 'uclient-fetch'
+       option adb_trigger 'wan'
+
+config adblock 'extra'
        option adb_debug '0'
        option adb_forcesrt '0'
        option adb_forcedns '0'
-       option adb_iface 'wan'
-       option adb_triggerdelay '2'
-       option adb_whitelist '/etc/adblock/adblock.whitelist'
-       option adb_whitelist_rset '\$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\"^\"\$1\"\\\|[.]\"\$1)}'
        option adb_backup '0'
-       option adb_backupdir '/mnt'
-       option adb_rtfile '/tmp/adb_runtime.json'
 
 config source 'adaway'
        option enabled '1'
        option adb_src 'https://adaway.org/hosts.txt'
-       option adb_src_rset '\$0 ~/^127\.0\.0\.1[ \t]+([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$2)}'
+       option adb_src_rset '\$0~/^127\.0\.0\.1[[:space:]]+([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
        option adb_src_desc 'focus on mobile ads, infrequent updates, approx. 400 entries'
 
 config source 'adguard'
        option enabled '0'
-       option adb_src 'https://raw.githubusercontent.com/AdguardTeam/AdguardDNS/master/Filters/filter.txt'
-       option adb_src_rset '{FS=\"[|^]\"} \$0 ~/^\|\|([A-Za-z0-9_-]+\.){1,}[A-Za-z]+\^$/{print tolower(\$3)}'
-       option adb_src_desc 'combined adguard dns filter list, approx. 12.000 entries'
+       option adb_src 'https://filters.adtidy.org/windows/filters/15.txt'
+       option adb_src_rset 'BEGIN{FS=\"[/|^|\r]\"}\$0~/^\|\|([[:alnum:]_-]+\.){1,}[[:alpha:]]+([\/\^\r]|$)/{print tolower(\$3)}'
+       option adb_src_desc 'combined adguard dns filter list, frequent updates, approx. 15.700 entries'
 
-config source 'blacklist'
+config source 'bitcoin'
        option enabled '0'
+       option adb_src 'https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/hosts.txt'
+       option adb_src_rset '\$0~/^0\.0\.0\.0[[:space:]]+([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
+       option adb_src_desc 'focus on malicious bitcoin mining sites, infrequent updates, approx. 20 entries'
+
+config source 'blacklist'
+       option enabled '1'
        option adb_src '/etc/adblock/adblock.blacklist'
-       option adb_src_rset '\$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$1)}'
-       option adb_src_desc 'static local domain blacklist (always deny these domains)'
+       option adb_src_rset '\$0~/^([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+       option adb_src_desc 'static local domain blacklist, always deny these domains'
 
 config source 'disconnect'
        option enabled '1'
        option adb_src 'https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt'
-       option adb_src_rset '\$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$1)}'
-       option adb_src_desc 'mozilla driven blocklist, numerous updates on the same day, approx. 6.500 entries'
+       option adb_src_rset '\$0~/^([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+       option adb_src_desc 'mozilla driven blocklist, numerous updates on the same day, approx. 4.600 entries'
 
 config source 'dshield'
        option enabled '0'
        option adb_src 'https://www.dshield.org/feeds/suspiciousdomains_Low.txt'
-       option adb_src_rset '\$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$1)}'
-       option adb_src_desc 'generic blocklist, daily updates, approx. 4.500 entries'
+       option adb_src_rset '\$0~/^([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+       option adb_src_desc 'generic blocklist, daily updates, approx. 3.500 entries'
 
 config source 'feodo'
        option enabled '0'
        option adb_src 'https://feodotracker.abuse.ch/blocklist/?download=domainblocklist'
-       option adb_src_rset '\$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$1)}'
+       option adb_src_rset '\$0~/^([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
        option adb_src_desc 'focus on feodo botnet, daily updates, approx. 0-10 entries'
 
 config source 'hphosts'
        option enabled '0'
        option adb_src 'https://hosts-file.net/ad_servers.txt'
-       option adb_src_rset '\$0 ~/^127\.0\.0\.1[ \t]+([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$2)}'
-       option adb_src_desc 'broad blocklist, monthly updates, approx. 50.000 entries'
+       option adb_src_rset '\$0~/^127\.0\.0\.1[[:space:]]+([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
+       option adb_src_desc 'broad blocklist, monthly updates, approx. 19.200 entries'
 
 config source 'malware'
        option enabled '0'
-       option adb_src 'https://mirror.cedia.org.ec/malwaredomains/justdomains'
-       option adb_src_rset '\$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$1)}'
-       option adb_src_desc 'broad blocklist, daily updates, approx. 16.000 entries'
+       option adb_src 'https://mirror.espoch.edu.ec/malwaredomains/justdomains'
+       option adb_src_rset '\$0~/^([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+       option adb_src_desc 'broad blocklist, daily updates, approx. 18.300 entries'
 
 config source 'malwarelist'
        option enabled '0'
        option adb_src 'http://www.malwaredomainlist.com/hostslist/hosts.txt'
-       option adb_src_rset '\$0 ~/^127\.0\.0\.1[ \t]+([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$2)}'
-       option adb_src_desc 'focus on malware, daily updates, approx. 1.500 entries'
+       option adb_src_rset '\$0~/^127\.0\.0\.1[[:space:]]+([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
+       option adb_src_desc 'focus on malware, daily updates, approx. 1.200 entries'
 
 config source 'openphish'
        option enabled '0'
        option adb_src 'https://openphish.com/feed.txt'
-       option adb_src_rset '{FS=\"/\"} \$3 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$3)}'
-       option adb_src_desc 'focus on phishing, numerous updates on the same day, approx. 1.800 entries'
-
-config source 'palevo'
-       option enabled '0'
-       option adb_src 'https://palevotracker.abuse.ch/blocklists.php?download=domainblocklist'
-       option adb_src_rset '\$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$1)}'
-       option adb_src_desc 'focus on palevo worm, daily updates, approx. 15 entries'
+       option adb_src_rset 'BEGIN{FS=\"/\"}\$0~/^http[s]?:\/\/([[:alnum:]_-]+\.){1,}[[:alpha:]]+(\/|$)/{print tolower(\$3)}'
+       option adb_src_desc 'focus on phishing, numerous updates on the same day, approx. 2.400 entries'
 
 config source 'ransomware'
        option enabled '0'
        option adb_src 'https://ransomwaretracker.abuse.ch/downloads/RW_DOMBL.txt'
-       option adb_src_rset '\$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$1)}'
-       option adb_src_desc 'focus on ransomware, numerous updates on the same day, approx. 130 entries'
+       option adb_src_rset '\$0~/^([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|\r|$)/{print tolower(\$1)}'
+       option adb_src_desc 'focus on ransomware, numerous updates on the same day, approx. 1900 entries'
 
 config source 'reg_cn'
        option enabled '0'
        option adb_src 'https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt'
-       option adb_src_rset '{FS=\"[|^]\"} \$0 ~/^\|\|([A-Za-z0-9_-]+\.){1,}[A-Za-z]+\^$/{print tolower(\$3)}'
-       option adb_src_desc 'focus on chinese ads, daily updates, approx. 1.600 entries'
+       option adb_src_rset 'BEGIN{FS=\"[|^]\"}\$0~/^\|\|([[:alnum:]_-]+\.){1,}[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
+       option adb_src_desc 'focus on chinese ads plus generic easylist additions, daily updates, approx. 11.700 entries'
+
+config source 'reg_de'
+       option enabled '0'
+       option adb_src 'https://easylist-downloads.adblockplus.org/easylistgermany+easylist.txt'
+       option adb_src_rset 'BEGIN{FS=\"[|^]\"}\$0~/^\|\|([[:alnum:]_-]+\.){1,}[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
+       option adb_src_desc 'focus on german ads plus generic easylist additions, daily updates, approx. 9.200 entries'
+
+config source 'reg_id'
+       option enabled '0'
+       option adb_src 'https://easylist-downloads.adblockplus.org/abpindo+easylist.txt'
+       option adb_src_rset 'BEGIN{FS=\"[|^]\"}\$0~/^\|\|([[:alnum:]_-]+\.){1,}[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
+       option adb_src_desc 'focus on indonesian ads plus generic easylist additions, weekly updates, approx. 9.600 entries'
+
+config source 'reg_nl'
+       option enabled '0'
+       option adb_src 'https://easylist-downloads.adblockplus.org/easylistdutch+easylist.txt'
+       option adb_src_rset 'BEGIN{FS=\"[|^]\"}\$0~/^\|\|([[:alnum:]_-]+\.){1,}[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
+       option adb_src_desc 'focus on dutch ads plus generic easylist additions, weekly updates, approx. 9.400 entries'
 
 config source 'reg_pl'
        option enabled '0'
        option adb_src 'http://adblocklist.org/adblock-pxf-polish.txt'
-       option adb_src_rset '{FS=\"[|^]\"} \$0 ~/^\|\|([A-Za-z0-9_-]+\.){1,}[A-Za-z]+\^$/{print tolower(\$3)}'
-       option adb_src_desc 'focus on polish ads, daily updates, approx. 50 entries'
+       option adb_src_rset 'BEGIN{FS=\"[|^]\"}\$0~/^\|\|([[:alnum:]_-]+\.){1,}[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
+       option adb_src_desc 'focus on polish ads, daily updates, approx. 90 entries'
 
 config source 'reg_ro'
        option enabled '0'
        option adb_src 'https://easylist-downloads.adblockplus.org/rolist+easylist.txt'
-       option adb_src_rset '{FS=\"[|^]\"} \$0 ~/^\|\|([A-Za-z0-9_-]+\.){1,}[A-Za-z]+\^$/{print tolower(\$3)}'
-       option adb_src_desc 'focus on romanian ads plus generic easylist additions, weekly updates, approx. 600 entries'
+       option adb_src_rset 'BEGIN{FS=\"[|^]\"}\$0~/^\|\|([[:alnum:]_-]+\.){1,}[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
+       option adb_src_desc 'focus on romanian ads plus generic easylist additions, weekly updates, approx. 9.400 entries'
 
 config source 'reg_ru'
        option enabled '0'
        option adb_src 'https://easylist-downloads.adblockplus.org/ruadlist+easylist.txt'
-       option adb_src_rset '{FS=\"[|^]\"} \$0 ~/^\|\|([A-Za-z0-9_-]+\.){1,}[A-Za-z]+\^$/{print tolower(\$3)}'
-       option adb_src_desc 'focus on russian ads plus generic easylist additions, weekly updates, approx. 2.000 entries'
-
-config source 'securemecca'
-       option enabled '0'
-       option adb_src 'http://securemecca.com/Downloads/hosts.txt'
-       option adb_src_rset '\$0 ~/^127\.0\.0\.1[ \t]+([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$2)}'
-       option adb_src_desc 'broad blocklist, infrequent updates, approx. 25.000 entries'
+       option adb_src_rset 'BEGIN{FS=\"[|^]\"}\$0~/^\|\|([[:alnum:]_-]+\.){1,}[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
+       option adb_src_desc 'focus on russian ads plus generic easylist additions, weekly updates, approx. 14.500 entries'
 
 config source 'shalla'
        option enabled '0'
        option adb_src 'http://www.shallalist.de/Downloads/shallalist.tar.gz'
-       option adb_src_rset '{FS=\"/\"} \$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$1)}'
-       option adb_src_desc 'broad blocklist subdivided in different categories, daily updates, approx. 32.000 entries'
+       option adb_src_rset '\$0~/^([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+       option adb_src_desc 'broad blocklist subdivided in different categories, daily updates, approx. 31.700 entries'
        list adb_src_cat 'adv'
        list adb_src_cat 'costtraps'
        list adb_src_cat 'spyware'
@@ -130,41 +141,41 @@ config source 'shalla'
 config source 'spam404'
        option enabled '0'
        option adb_src 'https://raw.githubusercontent.com/Dawsey21/Lists/master/main-blacklist.txt'
-       option adb_src_rset '\$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$1)}'
-       option adb_src_desc 'generic blocklist, infrequent updates, approx. 5.000 entries'
+       option adb_src_rset '\$0~/^([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+       option adb_src_desc 'generic blocklist, infrequent updates, approx. 6.000 entries'
 
 config source 'sysctl' 
        option enabled '0'
        option adb_src 'http://sysctl.org/cameleon/hosts'
-       option adb_src_rset '\$0 ~/^127\.0\.0\.1[ \t]+([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$2)}'
-       option adb_src_desc 'broad blocklist, weekly updates, approx. 21.000 entries'
+       option adb_src_rset '\$0~/^127\.0\.0\.1[[:space:]]+([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
+       option adb_src_desc 'broad blocklist, weekly updates, approx. 16.500 entries'
 
 config source 'whocares'
        option enabled '0'
        option adb_src 'http://someonewhocares.org/hosts/hosts'
-       option adb_src_rset '\$0 ~/^127\.0\.0\.1[ \t]+([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$2)}'
-       option adb_src_desc 'broad blocklist, weekly updates, approx. 12.000 entries'
+       option adb_src_rset '\$0~/^127\.0\.0\.1[[:space:]]+([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
+       option adb_src_desc 'broad blocklist, weekly updates, approx. 10.000 entries'
 
 config source 'winspy'
        option enabled '0'
        option adb_src 'https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/win10/spy.txt'
-       option adb_src_rset '\$0 ~/^0\.0\.0\.0[ \t]+([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$2)}'
-       option adb_src_desc 'focus on windows spy & telemetry, infrequent updates, approx. 140 entries'
+       option adb_src_rset '\$0~/^0\.0\.0\.0[[:space:]]+([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
+       option adb_src_desc 'focus on windows spy & telemetry domains, infrequent updates, approx. 300 entries'
 
 config source 'winhelp'
        option enabled '0'
        option adb_src 'http://winhelp2002.mvps.org/hosts.txt'
-       option adb_src_rset '\$0 ~/^0\.0\.0\.0[ \t]+([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$2)}'
-       option adb_src_desc 'broad blocklist, infrequent updates, approx. 15.000 entries'
+       option adb_src_rset '\$0~/^0\.0\.0\.0[[:space:]]+([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
+       option adb_src_desc 'broad blocklist, infrequent updates, approx. 13.000 entries'
 
 config source 'yoyo'
        option enabled '1'
        option adb_src 'https://pgl.yoyo.org/adservers/serverlist.php?hostformat=nohtml&showintro=0&mimetype=plaintext'
-       option adb_src_rset '\$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$1)}'
-       option adb_src_desc 'focus on ad related domains, weekly updates, approx. 2.500 entries'
+       option adb_src_rset '\$0~/^([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+       option adb_src_desc 'focus on ad related domains, weekly updates, approx. 2.400 entries'
 
 config source 'zeus'
        option enabled '0'
        option adb_src 'https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist'
-       option adb_src_rset '\$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$1)}'
-       option adb_src_desc 'focus on zeus botnet, daily updates, approx. 440 entries'
+       option adb_src_rset '\$0~/^([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+       option adb_src_desc 'focus on zeus botnet, daily updates, approx. 400 entries'
index ee94aa8228dabe6574a029c83bee18650cf6c3ab..5ca4d1176a8e9be0af9c5b6f064f95c51d59b06d 100755 (executable)
@@ -1,7 +1,7 @@
 #!/bin/sh /etc/rc.common
 #
 
-START=50
+START=30
 USE_PROCD=1
 
 EXTRA_COMMANDS="suspend resume query status"
@@ -12,30 +12,40 @@ EXTRA_HELP="        suspend Suspend adblock processing
 
 adb_init="/etc/init.d/adblock"
 adb_script="/usr/bin/adblock.sh"
+adb_pidfile="/var/run/adblock.pid"
 
 boot()
 {
     adb_boot=1
-    ubus -t 30 wait_for network.interface 2>/dev/null
     rc_procd start_service
 }
 
 start_service()
 {
-    if [ $("${adb_init}" enabled; printf ${?}) -eq 0 ]
+    if [ $("${adb_init}" enabled; printf "%u" ${?}) -eq 0 ]
     then
         if [ -n "${adb_boot}" ]
         then
-            return 0
+            local trigger="$(uci_get adblock.global.adb_trigger)"
+            if [ "${trigger}" != "timed" ]
+            then
+                return 0
+            fi
         fi
         procd_open_instance "adblock"
         procd_set_param command "${adb_script}" "${@}"
+        procd_set_param pidfile "${adb_pidfile}"
         procd_set_param stdout 1
         procd_set_param stderr 1
         procd_close_instance
     fi
 }
 
+reload_service()
+{
+    rc_procd start_service reload
+}
+
 stop_service()
 {
     rc_procd "${adb_script}" stop
@@ -49,34 +59,52 @@ restart()
 
 suspend()
 {
+    [ -s "${adb_pidfile}" ] && return 1
     rc_procd "${adb_script}" suspend
 }
 
 resume()
 {
+    [ -s "${adb_pidfile}" ] && return 1
     rc_procd "${adb_script}" resume
 }
 
 query()
 {
+    [ -s "${adb_pidfile}" ] && return 1
     rc_procd "${adb_script}" query "${1}"
 }
 
 status()
 {
-    rc_procd "${adb_script}" status
+    local key keylist value rtfile="$(uci_get adblock.extra.adb_rtfile)"
+
+    rtfile="${rtfile:-"/tmp/adb_runtime.json"}"
+    if [ -s "${rtfile}" ]
+    then
+        printf "%s\n" "::: adblock runtime information"
+        json_load "$(cat "${rtfile}" 2>/dev/null)"
+        json_select data
+        json_get_keys keylist
+        for key in ${keylist}
+        do
+            json_get_var value "${key}"
+            printf "  + %-15s : %s\n" "${key}" "${value}"
+        done
+    else
+        printf "%s\n" "::: no adblock runtime information available"
+    fi
 }
 
 service_triggers()
 {
-    local iface="$(uci -q get adblock.global.adb_iface)"
-    local delay="$(uci -q get adblock.global.adb_triggerdelay)"
+    local trigger="$(uci_get adblock.global.adb_trigger)"
+    local delay="$(uci_get adblock.extra.adb_triggerdelay)"
 
-    PROCD_RELOAD_DELAY=$((${delay:=2} * 1000))
-    for name in ${iface}
-    do
-        procd_add_interface_trigger "interface.*.up" "${name}" "${adb_init}" start
-    done
-    PROCD_RELOAD_DELAY=1000
-    procd_add_config_trigger "config.change" "adblock" "${adb_init}" start
+    if [ "${trigger}" != "none" ] && [ "${trigger}" != "timed" ]
+    then
+        PROCD_RELOAD_DELAY=$((${delay:-2} * 1000))
+        procd_add_interface_trigger "interface.*.up" "${trigger}" "${adb_init}" start
+    fi
+    procd_add_reload_trigger "adblock"
 }
diff --git a/net/adblock/files/adblock.notify b/net/adblock/files/adblock.notify
new file mode 100644 (file)
index 0000000..dc5acf5
--- /dev/null
@@ -0,0 +1,56 @@
+#!/bin/sh
+#
+# adblock send mail script for mstmp
+# written by Dirk Brenken (dev@brenken.org)
+# Please note: you have to install and configure the package 'mstmp' before using this script.
+
+# This is free software, licensed under the GNU General Public License v3.
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+LC_ALL=C
+PATH="/usr/sbin:/usr/bin:/sbin:/bin"
+mail_ver="1.0.1"
+mail_daemon="$(command -v msmtp)"
+mail_profile="adb_notify"
+mail_debug="--debug"
+mail_rc=1
+
+if [ ! -x "${mail_daemon}" ]
+then
+    mail_daemon="$(command -v sendmail)"
+fi
+
+if [ -f "/var/log/messages" ]
+then
+    logfile="$(cat /var/log/messages | grep "adblock-")"
+else
+    logfile="$(logread -e "adblock-")"
+fi
+
+# mail header
+#
+mail_sender="no-reply@adblock"
+mail_receiver="!!!ChangeMe!!!"
+mail_topic="adblock notification"
+mail_head="From: ${mail_sender}\nTo: ${mail_receiver}\nSubject: ${mail_topic}\nReply-to: ${mail_sender}\n\n"
+
+# mail body
+#
+mail_text="adblock status, generated at $(date 2>&1)!"
+mail_text="${mail_text}\n++\n++ System Information ++\n++\n$(cat /etc/banner 2>&1)"
+mail_text="${mail_text}\n\n++\n++ Adblock Information ++\n++\n$(/etc/init.d/adblock status 2>&1)"
+mail_text="${mail_text}\n\n++\n++ Logfile Information ++\n++\n${logfile}\n++\n++\n"
+
+# send mail
+#
+if [ -x "${mail_daemon}" ]
+then
+    printf "%b" "${mail_head}${mail_text}" 2>/dev/null | "${mail_daemon}" ${mail_debug} -a "${mail_profile}" "${mail_receiver}" >/dev/null 2>&1
+    mail_rc=${?}
+    logger -p "info" -t "adblock-notify-[${mail_ver}]" "mail sent to '${mail_receiver}' with rc '${mail_rc}'"
+else
+    logger -p "err" -t "adblock-notify-[${mail_ver}]" "msmtp mail daemon not found"
+fi
+
+exit ${mail_rc}
index 03f86b03e4fdc1257f36fbc31394730d394bf810..465da07c8a260b70dbe9cf025891cd50dca55a16 100755 (executable)
 #
 LC_ALL=C
 PATH="/usr/sbin:/usr/bin:/sbin:/bin"
-adb_ver="2.6.2"
-adb_sysver="$(ubus -S call system board | jsonfilter -e '@.release.description')"
-adb_enabled=1
+adb_ver="3.4.3"
+adb_sysver="unknown"
+adb_enabled=0
 adb_debug=0
+adb_backup_mode=0
+adb_whitelist_mode=0
 adb_forcesrt=0
 adb_forcedns=0
+adb_notify=0
+adb_notifycnt=0
+adb_triggerdelay=0
 adb_backup=0
 adb_backupdir="/mnt"
-adb_whitelist="/etc/adblock/adblock.whitelist"
-adb_whitelist_rset="\$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\"^\"\$1\"\\\|[.]\"\$1)}"
-adb_fetch="/usr/bin/wget"
-adb_fetchparm="--no-config --quiet --no-cache --no-cookies --max-redirect=0 --timeout=10 --no-check-certificate -O"
-adb_dnslist="dnsmasq unbound"
+adb_fetchutil="uclient-fetch"
+adb_dns="dnsmasq"
 adb_dnsprefix="adb_list"
+adb_dnsfile="${adb_dnsprefix}.overall"
+adb_dnsflush=0
+adb_whitelist="/etc/adblock/adblock.whitelist"
 adb_rtfile="/tmp/adb_runtime.json"
-
-# f_envload: load adblock environment
+adb_hashutil="$(command -v sha256sum)"
+adb_hashold=""
+adb_hashnew=""
+adb_cnt=0
+adb_rc=0
+adb_action="${1:-"start"}"
+adb_pidfile="/var/run/adblock.pid"
+
+# load adblock environment
 #
 f_envload()
 {
-    local dns_up cnt=0
+    local dns_up sys_call sys_desc sys_model sys_ver cnt=0
 
-    # source in system library
+    # get system information
     #
-    if [ -r "/lib/functions.sh" ] && [ -r "/usr/share/libubox/jshn.sh" ]
+    sys_call="$(ubus -S call system board 2>/dev/null)"
+    if [ -n "${sys_call}" ]
     then
-        . "/lib/functions.sh"
-        . "/usr/share/libubox/jshn.sh"
-    else
-        f_log "error" "system libraries not found"
+        sys_desc="$(printf '%s' "${sys_call}" | jsonfilter -e '@.release.description')"
+        sys_model="$(printf '%s' "${sys_call}" | jsonfilter -e '@.model')"
+        sys_ver="$(cat /etc/turris-version 2>/dev/null)"
+        if [ -n "${sys_ver}" ]
+        then
+            sys_desc="${sys_desc}/${sys_ver}"
+        fi
+        adb_sysver="${sys_model}, ${sys_desc}"
     fi
 
-    # set dns backend environment
+    # check hash utility
     #
-    while [ ${cnt} -le 20 ]
-    do
-        for dns in ${adb_dnslist}
-        do
-            dns_up="$(ubus -S call service list "{\"name\":\"${dns}\"}" | jsonfilter -l1 -e "@.${dns}.instances.*.running")"
-            if [ "${dns_up}" = "true" ]
-            then
-                case "${dns}" in
-                    dnsmasq)
-                        adb_dns="dnsmasq"
-                        adb_dnsdir="/tmp/dnsmasq.d"
-                        adb_dnshidedir="${adb_dnsdir}/.adb_hidden"
-                        adb_dnsformat="awk '{print \"local=/\"\$0\"/\"}'"
-                        break 2
-                        ;;
-                    unbound)
-                        adb_dns="unbound"
-                        adb_dnsdir="/var/lib/unbound"
-                        adb_dnshidedir="${adb_dnsdir}/.adb_hidden"
-                        adb_dnsformat="awk '{print \"local-zone: \042\"\$0\"\042 static\"}'"
-                        break 2
-                        ;;
-                esac
-            fi
-        done
-        sleep 1
-        cnt=$((cnt+1))
-    done
-    if [ -z "${adb_dns}" ]
+    if [ ! -x "${adb_hashutil}" ]
+    then
+        adb_hashutil="$(command -v md5sum)"
+    fi
+
+    # source in system libraries
+    #
+    if [ -r "/lib/functions.sh" ] && [ -r "/usr/share/libubox/jshn.sh" ]
     then
-        f_log "error" "no active/supported DNS backend found"
+        . "/lib/functions.sh"
+        . "/usr/share/libubox/jshn.sh"
+    else
+        f_log "err" "system libraries not found"
     fi
 
-    # parse global section by callback
+    # parse 'global' and 'extra' section by callback
     #
     config_cb()
     {
@@ -95,7 +94,7 @@ f_envload()
         fi
     }
 
-    # parse 'source' section
+    # parse 'source' typed sections
     #
     parse_config()
     {
@@ -116,280 +115,613 @@ f_envload()
     config_load adblock
     config_foreach parse_config source
 
-    # force dns to local resolver
+    # check dns backend
+    #
+    case "${adb_dns}" in
+        dnsmasq)
+            adb_dnsinstance="${adb_dnsinstance:-"0"}"
+            adb_dnsuser="${adb_dnsuser:-"dnsmasq"}"
+            adb_dnsdir="${adb_dnsdir:-"/tmp"}"
+            adb_dnsheader=""
+            adb_dnsformat="awk '{print \"server=/\"\$0\"/\"}'"
+            if [ ${adb_whitelist_mode} -eq 1 ]
+            then
+                adb_dnsformat="awk '{print \"server=/\"\$0\"/#\"}'"
+                adb_dnsblock="server=/#/"
+            fi
+        ;;
+        unbound)
+            adb_dnsinstance="${adb_dnsinstance:-"0"}"
+            adb_dnsuser="${adb_dnsuser:-"unbound"}"
+            adb_dnsdir="${adb_dnsdir:-"/var/lib/unbound"}"
+            adb_dnsheader=""
+            adb_dnsformat="awk '{print \"local-zone: \042\"\$0\"\042 static\"}'"
+            if [ ${adb_whitelist_mode} -eq 1 ]
+            then
+                adb_dnsformat="awk '{print \"local-zone: \042\"\$0\"\042 transparent\"}'"
+                adb_dnsblock="local-zone: \".\" static"
+            fi
+        ;;
+        named)
+            adb_dnsinstance="${adb_dnsinstance:-"0"}"
+            adb_dnsuser="${adb_dnsuser:-"bind"}"
+            adb_dnsdir="${adb_dnsdir:-"/var/lib/bind"}"
+            adb_dnsheader="\$TTL 2h"$'\n'"@ IN SOA localhost. root.localhost. (1 6h 1h 1w 2h)"$'\n'"  IN NS localhost."
+            adb_dnsformat="awk '{print \"\"\$0\" CNAME .\n*.\"\$0\" CNAME .\"}'"
+            if [ ${adb_whitelist_mode} -eq 1 ]
+            then
+                adb_dnsformat="awk '{print \"\"\$0\" CNAME rpz-passthru.\n*.\"\$0\" CNAME rpz-passthru.\"}'"
+                adb_dnsblock="* CNAME ."
+            fi
+        ;;
+        kresd)
+            adb_dnsinstance="${adb_dnsinstance:-"0"}"
+            adb_dnsuser="${adb_dnsuser:-"root"}"
+            adb_dnsdir="${adb_dnsdir:-"/etc/kresd"}"
+            adb_dnsheader="\$TTL 2h"$'\n'"@ IN SOA localhost. root.localhost. (1 6h 1h 1w 2h)"$'\n'"  IN NS  localhost."
+            adb_dnsformat="awk '{print \"\"\$0\" CNAME .\n*.\"\$0\" CNAME .\"}'"
+            if [ ${adb_whitelist_mode} -eq 1 ]
+            then
+                adb_dnsformat="awk '{print \"\"\$0\" CNAME rpz-passthru.\n*.\"\$0\" CNAME rpz-passthru.\"}'"
+                adb_dnsblock="* CNAME ."
+            fi
+        ;;
+        dnscrypt-proxy)
+            adb_dnsinstance="${adb_dnsinstance:-"0"}"
+            adb_dnsuser="${adb_dnsuser:-"nobody"}"
+            adb_dnsdir="${adb_dnsdir:-"/tmp"}"
+            adb_dnsheader=""
+            adb_dnsformat="awk '{print \$0}'"
+        ;;
+    esac
+
+    # check adblock status
     #
-    if [ ${adb_forcedns} -eq 1 ] && [ -z "$(uci -q get firewall.adblock_dns)" ]
+    if [ ${adb_enabled} -eq 0 ]
     then
-        uci -q set firewall.adblock_dns="redirect"
-        uci -q set firewall.adblock_dns.name="Adblock DNS"
-        uci -q set firewall.adblock_dns.src="lan"
-        uci -q set firewall.adblock_dns.proto="tcp udp"
-        uci -q set firewall.adblock_dns.src_dport="53"
-        uci -q set firewall.adblock_dns.dest_port="53"
-        uci -q set firewall.adblock_dns.target="DNAT"
-    elif [ ${adb_forcedns} -eq 0 ] && [ -n "$(uci -q get firewall.adblock_dns)" ]
+        f_extconf
+        f_temp
+        f_rmdns
+        f_jsnup
+        f_log "info" "adblock is currently disabled, please set adb_enabled to '1' to use this service"
+        exit 0
+    fi
+
+    if [ "${adb_dns}" = "dnsmasq" ] && [ ${adb_dnsinstance} -ne 0 ]
     then
-        uci -q delete firewall.adblock_dns
+        adb_dnsfile="${adb_dnsprefix}.overall.${adb_dnsinstance}"
+    fi
+
+    if [ -d "${adb_dnsdir}" ] && [ ! -f "${adb_dnsdir}/${adb_dnsfile}" ]
+    then
+        printf '%s\n' "${adb_dnsheader}" > "${adb_dnsdir}/${adb_dnsfile}"
     fi
-    if [ -n "$(uci -q changes firewall)" ]
+
+    if [ "${adb_action}" = "start" ] && [ "${adb_trigger}" = "timed" ]
     then
-        uci -q commit firewall
-        if [ $(/etc/init.d/firewall enabled; printf ${?}) -eq 0 ]
+        sleep ${adb_triggerdelay}
+    fi
+
+    while [ ${cnt} -le 30 ]
+    do
+        dns_up="$(ubus -S call service list "{\"name\":\"${adb_dns}\"}" 2>/dev/null | jsonfilter -l1 -e "@[\"${adb_dns}\"].instances.*.running" 2>/dev/null)"
+        if [ "${dns_up}" = "true" ]
         then
-            /etc/init.d/firewall reload >/dev/null 2>&1
+            break
         fi
+        sleep 1
+        cnt=$((cnt+1))
+    done
+
+    if [ -z "${adb_dns}" ] || [ -z "${adb_dnsformat}" ] || [ ! -x "$(command -v ${adb_dns})" ] || [ ! -d "${adb_dnsdir}" ]
+    then
+        f_log "err" "'${adb_dns}' not running, DNS backend not found"
     fi
 }
 
-# f_envcheck: check/set environment prerequisites
+# check environment
 #
 f_envcheck()
 {
     local ssl_lib
 
-    # check 'enabled' option
+    # check external uci config files
     #
-    if [ ${adb_enabled} -ne 1 ]
-    then
-        if [ -n "$(ls -dA "${adb_dnsdir}/${adb_dnsprefix}"* 2>/dev/null)" ]
-        then
-            f_rmdns
-            f_dnsrestart
-        fi
-        f_log "info " "adblock is currently disabled, please set adb_enabled to '1' to use this service"
-        exit 0
-    fi
+    f_extconf
 
     # check fetch utility
     #
-    ssl_lib="-"
-    if [ -x "${adb_fetch}" ]
-    then
-        if [ "$(readlink -fn "${adb_fetch}")" = "/usr/bin/wget-nossl" ]
-        then
-            adb_fetchparm="--no-config --quiet --no-cache --no-cookies --max-redirect=0 --timeout=10 -O"
-        elif [ "$(readlink -fn "/bin/wget")" = "/bin/busybox" ] || [ "$(readlink -fn "${adb_fetch}")" = "/bin/busybox" ]
-        then
-            adb_fetch="/bin/busybox"
-            adb_fetchparm="-q -O"
-        else
+    case "${adb_fetchutil}" in
+        uclient-fetch)
+            if [ -f "/lib/libustream-ssl.so" ]
+            then
+                adb_fetchparm="${adb_fetchparm:-"--timeout=10 --no-check-certificate -O"}"
+                ssl_lib="libustream-ssl"
+            else
+                adb_fetchparm="${adb_fetchparm:-"--timeout=10 -O"}"
+            fi
+        ;;
+        wget)
+            adb_fetchparm="${adb_fetchparm:-"--no-cache --no-cookies --max-redirect=0 --timeout=10 --no-check-certificate -O"}"
             ssl_lib="built-in"
-        fi
-    fi
-    if [ ! -x "${adb_fetch}" ] && [ "$(readlink -fn "/bin/wget")" = "/bin/uclient-fetch" ]
-    then
-        adb_fetch="/bin/uclient-fetch"
-        if [ -f "/lib/libustream-ssl.so" ]
-        then
-            adb_fetchparm="-q --timeout=10 --no-check-certificate -O"
-            ssl_lib="libustream-ssl"
-        else
-            adb_fetchparm="-q --timeout=10 -O"
-        fi
-    fi
-    if [ ! -x "${adb_fetch}" ] || [ -z "${adb_fetch}" ] || [ -z "${adb_fetchparm}" ]
-    then
-        f_log "error" "no download utility found, please install 'uclient-fetch' with 'libustream-mbedtls' or the full 'wget' package"
-    fi
-    adb_fetchinfo="${adb_fetch##*/} (${ssl_lib})"
+        ;;
+        wget-nossl)
+            adb_fetchparm="${adb_fetchparm:-"--no-cache --no-cookies --max-redirect=0 --timeout=10 -O"}"
+        ;;
+        busybox)
+            adb_fetchparm="${adb_fetchparm:-"-O"}"
+        ;;
+        curl)
+            adb_fetchparm="${adb_fetchparm:-"--connect-timeout 10 --insecure -o"}"
+            ssl_lib="built-in"
+        ;;
+        aria2c)
+            adb_fetchparm="${adb_fetchparm:-"--timeout=10 --allow-overwrite=true --auto-file-renaming=false --check-certificate=false -o"}"
+            ssl_lib="built-in"
+        ;;
+    esac
+    adb_fetchutil="$(command -v "${adb_fetchutil}")"
 
-    # create dns hideout directory
-    #
-    if [ ! -d "${adb_dnshidedir}" ]
+    if [ ! -x "${adb_fetchutil}" ] || [ -z "${adb_fetchutil}" ] || [ -z "${adb_fetchparm}" ]
     then
-        mkdir -p -m 660 "${adb_dnshidedir}"
-        chown -R "${adb_dns}":"${adb_dns}" "${adb_dnshidedir}" 2>/dev/null
-    else
-        rm -f "${adb_dnshidedir}/${adb_dnsprefix}"*
+        f_log "err" "download utility not found, please install 'uclient-fetch' with 'libustream-mbedtls' or the full 'wget' package"
     fi
+    adb_fetchinfo="${adb_fetchutil} (${ssl_lib:-"-"})"
 
-    # create adblock temp file/directory
-    #
-    adb_tmpload="$(mktemp -tu)"
-    adb_tmpfile="$(mktemp -tu)"
-    adb_tmpdir="$(mktemp -p /tmp -d)"
+    f_temp
+    f_jsnup "running"
+    f_log "info" "start adblock processing (${adb_action})"
+}
 
-    # prepare whitelist entries
-    #
-    if [ -s "${adb_whitelist}" ]
+# create temporay files and directories
+#
+f_temp()
+{
+    if [ -z "${adb_tmpdir}" ]
     then
-        awk "${adb_whitelist_rset}" "${adb_whitelist}" > "${adb_tmpdir}/tmp.whitelist"
+        adb_tmpdir="$(mktemp -p /tmp -d)"
+        adb_tmpload="$(mktemp -tu)"
+        adb_tmpfile="$(mktemp -tu)"
+    fi
+    if [ ! -s "${adb_pidfile}" ]
+    then
+        printf '%s' "${$}" > "${adb_pidfile}"
     fi
 }
 
-# f_rmtemp: remove temporary files & directories
+# remove temporay files and directories
 #
 f_rmtemp()
 {
     if [ -d "${adb_tmpdir}" ]
     then
+        rm -rf "${adb_tmpdir}"
         rm -f "${adb_tmpload}"
         rm -f "${adb_tmpfile}"
-        rm -rf "${adb_tmpdir}"
     fi
+    > "${adb_pidfile}"
 }
 
-# f_rmdns: remove dns related files & directories
+# remove dns related files and directories
 #
 f_rmdns()
 {
     if [ -n "${adb_dns}" ]
     then
-        rm -f "${adb_dnsdir}/${adb_dnsprefix}"*
-        rm -f "${adb_backupdir}/${adb_dnsprefix}"*.gz
-        rm -rf "${adb_dnshidedir}"
+        f_hash
+        printf '%s\n' "${adb_dnsheader}" > "${adb_dnsdir}/${adb_dnsfile}"
+        > "${adb_dnsdir}/.${adb_dnsfile}"
         > "${adb_rtfile}"
+        rm -f "${adb_backupdir}/${adb_dnsprefix}"*.gz
+        f_hash
+        if [ ${?} -eq 1 ]
+        then
+            f_dnsup
+        fi
+        f_rmtemp
+    fi
+    f_log "debug" "f_rmdns::: dns: ${adb_dns}, dns_dir: ${adb_dnsdir}, dns_prefix: ${adb_dnsprefix}, dns_file: ${adb_dnsfile}, rt_file: ${adb_rtfile}, backup_dir: ${adb_backupdir}"
+}
+
+# commit uci changes
+#
+f_uci()
+{
+    local change config="${1}"
+
+    if [ -n "${config}" ]
+    then
+        change="$(uci -q changes "${config}" | awk '{ORS=" "; print $0}')"
+        if [ -n "${change}" ]
+        then
+            uci -q commit "${config}"
+            case "${config}" in
+                firewall)
+                    /etc/init.d/firewall reload >/dev/null 2>&1
+                ;;
+                *)
+                    /etc/init.d/"${adb_dns}" reload >/dev/null 2>&1
+                ;;
+            esac
+        fi
+    fi
+    f_log "debug" "f_uci  ::: config: ${config}, change: ${change}"
+}
+
+# list/overall count
+#
+f_count()
+{
+    local mode="${1}"
+
+    adb_cnt=0
+    if [ -s "${adb_dnsdir}/${adb_dnsfile}" ] && ([ -z "${mode}" ] || [ "${mode}" = "final" ])
+    then
+        if [ "${adb_dns}" = "named" ] || [ "${adb_dns}" = "kresd" ]
+        then
+            adb_cnt="$(( ($(wc -l 2>/dev/null < "${adb_dnsdir}/${adb_dnsfile}") - $(printf "%s" "${adb_dnsheader}" | grep -c "^")) / 2 ))"
+        else
+            adb_cnt="$(wc -l 2>/dev/null < "${adb_dnsdir}/${adb_dnsfile}")"
+        fi
+    elif [ -s "${adb_tmpfile}" ]
+    then
+        adb_cnt="$(wc -l 2>/dev/null < "${adb_tmpfile}")"
     fi
 }
 
-# f_dnsrestart: restart the dns backend
+# set external config options
 #
-f_dnsrestart()
+f_extconf()
 {
-    local cnt=0
+    local uci_config
+
+    case "${adb_dns}" in
+        dnsmasq)
+            uci_config="dhcp"
+            if [ ${adb_enabled} -eq 1 ] && [ -z "$(uci -q get dhcp.@dnsmasq[${adb_dnsinstance}].serversfile | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+            then
+                uci -q set dhcp.@dnsmasq[${adb_dnsinstance}].serversfile="${adb_dnsdir}/${adb_dnsfile}"
+            elif [ ${adb_enabled} -eq 0 ] && [ -n "$(uci -q get dhcp.@dnsmasq[${adb_dnsinstance}].serversfile | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+            then
+                uci -q delete dhcp.@dnsmasq[${adb_dnsinstance}].serversfile
+            fi
+        ;;
+        kresd)
+            uci_config="resolver"
+            if [ ${adb_enabled} -eq 1 ] && [ -z "$(uci -q get resolver.kresd.rpz_file | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+            then
+                uci -q add_list resolver.kresd.rpz_file="${adb_dnsdir}/${adb_dnsfile}"
+            elif [ ${adb_enabled} -eq 0 ] && [ -n "$(uci -q get resolver.kresd.rpz_file | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+            then
+                uci -q del_list resolver.kresd.rpz_file="${adb_dnsdir}/${adb_dnsfile}"
+            fi
+            if [ ${adb_enabled} -eq 1 ] && [ ${adb_dnsflush} -eq 0 ] && [ "$(uci -q get resolver.kresd.keep_cache)" != "1" ]
+            then
+                uci -q set resolver.kresd.keep_cache="1"
+            elif [ ${adb_enabled} -eq 0 ] || ([ ${adb_dnsflush} -eq 1 ] && [ "$(uci -q get resolver.kresd.keep_cache)" = "1" ])
+            then
+                uci -q delete resolver.kresd.keep_cache
+            fi
+        ;;
+    esac
+    f_uci "${uci_config}"
 
-    "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
+    uci_config="firewall"
+    if [ ${adb_enabled} -eq 1 ] && [ ${adb_forcedns} -eq 1 ] && \
+       [ -z "$(uci -q get firewall.adblock_dns)" ] && [ $(/etc/init.d/firewall enabled; printf "%u" ${?}) -eq 0 ]
+    then
+        uci -q set firewall.adblock_dns="redirect"
+        uci -q set firewall.adblock_dns.name="Adblock DNS"
+        uci -q set firewall.adblock_dns.src="lan"
+        uci -q set firewall.adblock_dns.proto="tcp udp"
+        uci -q set firewall.adblock_dns.src_dport="53"
+        uci -q set firewall.adblock_dns.dest_port="53"
+        uci -q set firewall.adblock_dns.target="DNAT"
+    elif [ -n "$(uci -q get firewall.adblock_dns)" ] && ([ ${adb_enabled} -eq 0 ] || [ ${adb_forcedns} -eq 0 ])
+    then
+        uci -q delete firewall.adblock_dns
+    fi
+    f_uci "${uci_config}"
+}
+
+# restart of the dns backend
+#
+f_dnsup()
+{
+    local dns_up cache_util cache_rc cnt=0
+
+    if [ ${adb_dnsflush} -eq 0 ] && [ ${adb_enabled} -eq 1 ] && [ "${adb_rc}" -eq 0 ]
+    then
+        case "${adb_dns}" in
+            dnsmasq)
+                killall -q -HUP "${adb_dns}"
+                cache_rc=${?}
+            ;;
+            unbound)
+                cache_util="$(command -v unbound-control)"
+                if [ -x "${cache_util}" ] && [ -d "${adb_tmpdir}" ] && [ -f "${adb_dnsdir}"/unbound.conf ]
+                then
+                    "${cache_util}" -c "${adb_dnsdir}"/unbound.conf dump_cache > "${adb_tmpdir}"/adb_cache.dump 2>/dev/null
+                fi
+                "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
+            ;;
+            kresd)
+                cache_util="keep_cache"
+                "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
+                cache_rc=${?}
+            ;;
+            named)
+                cache_util="$(command -v rndc)"
+                if [ -x "${cache_util}" ] && [ -f /etc/bind/rndc.conf ]
+                then
+                    "${cache_util}" -c /etc/bind/rndc.conf reload >/dev/null 2>&1
+                    cache_rc=${?}
+                else
+                    "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
+                fi
+            ;;
+            *)
+                "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
+            ;;
+        esac
+    else
+        "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
+    fi
+
+    adb_rc=1
     while [ ${cnt} -le 10 ]
     do
-        adb_dnsup="$(ubus -S call service list "{\"name\":\"${adb_dns}\"}" | jsonfilter -l1 -e "@.${adb_dns}.instances.*.running")"
-        if [ "${adb_dnsup}" = "true" ]
+        dns_up="$(ubus -S call service list "{\"name\":\"${adb_dns}\"}" | jsonfilter -l1 -e "@[\"${adb_dns}\"].instances.*.running")"
+        if [ "${dns_up}" = "true" ]
         then
+            case "${adb_dns}" in
+                unbound)
+                    cache_util="$(command -v unbound-control)"
+                    if [ -x "${cache_util}" ] && [ -d "${adb_tmpdir}" ] && [ -s "${adb_tmpdir}"/adb_cache.dump ]
+                    then
+                        while [ ${cnt} -le 10 ]
+                        do
+                            "${cache_util}" -c "${adb_dnsdir}"/unbound.conf load_cache < "${adb_tmpdir}"/adb_cache.dump >/dev/null 2>&1
+                            cache_rc=${?}
+                            if [ ${cache_rc} -eq 0 ]
+                            then
+                                break
+                            fi
+                            cnt=$((cnt+1))
+                            sleep 1
+                        done
+                    fi
+                ;;
+            esac
+            adb_rc=0
             break
         fi
         cnt=$((cnt+1))
         sleep 1
     done
+    f_log "debug" "f_dnsup::: cache_util: ${cache_util:-"-"}, cache_rc: ${cache_rc:-"-"}, cache_flush: ${adb_dnsflush}, cache_cnt: ${cnt}, out_rc: ${adb_rc}"
 }
 
-# f_list: backup/restore/remove block lists
+# backup/restore/remove blocklists
 #
 f_list()
 {
-    local mode="${1}" in_rc="${adb_rc}" cnt=0
+    local mode="${1}" in_rc="${adb_rc}"
 
     case "${mode}" in
         backup)
-            cnt="$(wc -l < "${adb_tmpfile}")"
-            if [ ${adb_backup} -eq 1 ] && [ -d "${adb_backupdir}" ]
+            if [ -d "${adb_backupdir}" ]
             then
-                gzip -cf "${adb_tmpfile}" > "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz"
+                gzip -cf "${adb_tmpfile}" > "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz" 2>/dev/null
                 adb_rc=${?}
             fi
-            ;;
+        ;;
         restore)
-            if [ ${adb_backup} -eq 1 ] && [ -d "${adb_backupdir}" ]
+            if [ -d "${adb_backupdir}" ] && [ -f "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz" ]
             then
-                rm -f "${adb_dnsdir}/${adb_dnsprefix}.${src_name}"
-                if [ -f "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz" ]
-                then
-                    gunzip -cf "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz" > "${adb_tmpfile}"
-                    adb_rc=${?}
-                fi
+                gunzip -cf "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz" > "${adb_tmpfile}" 2>/dev/null
+                adb_rc=${?}
             fi
-            ;;
+        ;;
         remove)
-            rm -f "${adb_dnsdir}/${adb_dnsprefix}.${src_name}"
             if [ -d "${adb_backupdir}" ]
             then
                 rm -f "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz"
             fi
             adb_rc=${?}
-            ;;
+        ;;
+        merge)
+            if [ -s "${adb_tmpfile}" ]
+            then
+                cat "${adb_tmpfile}" >> "${adb_tmpdir}/${adb_dnsfile}"
+                adb_rc=${?}
+            fi
+        ;;
+        final)
+            if [ -s "${adb_tmpdir}/tmp.whitelist" ]
+            then
+                grep -vf "${adb_tmpdir}/tmp.whitelist" "${adb_tmpdir}/${adb_dnsfile}" | eval "${adb_dnsformat}" > "${adb_dnsdir}/${adb_dnsfile}"
+            else
+                eval "${adb_dnsformat}" "${adb_tmpdir}/${adb_dnsfile}" > "${adb_dnsdir}/${adb_dnsfile}"
+            fi
+            if [ ${?} -eq 0 ] && [ -n "${adb_dnsheader}" ]
+            then
+                printf '%s\n' "${adb_dnsheader}" | cat - "${adb_dnsdir}/${adb_dnsfile}" > "${adb_tmpdir}/${adb_dnsfile}"
+                cat "${adb_tmpdir}/${adb_dnsfile}" > "${adb_dnsdir}/${adb_dnsfile}"
+            fi
+            adb_rc=${?}
+        ;;
     esac
-    f_log "debug" "name: ${src_name}, mode: ${mode}, count: ${cnt}, in_rc: ${in_rc}, out_rc: ${adb_rc}"
+    f_count "${mode}"
+    f_log "debug" "f_list ::: mode: ${mode}, cnt: ${adb_cnt}, in_rc: ${in_rc}, out_rc: ${adb_rc}"
 }
 
-# f_switch: suspend/resume adblock processing
+# top level domain compression
 #
-f_switch()
+f_tld()
 {
-    if [ -d "${adb_dnshidedir}" ]
-    then
-        local source target status mode="${1}"
-        local dns_active="$(find "${adb_dnsdir}" -maxdepth 1 -type f -name "${adb_dnsprefix}*" -print)"
-        local dns_passive="$(find "${adb_dnshidedir}" -maxdepth 1 -type f -name "${adb_dnsprefix}*" -print)"
+    local cnt cnt_srt cnt_tld source="${1}" temp="${adb_tmpload}"
+
+    cnt="$(wc -l 2>/dev/null < "${source}")"
+    awk -F "." '{for(f=NF;f>1;f--)printf "%s.",$f;print $1}' "${source}" 2>/dev/null | sort -u > "${temp}"
+    cnt_srt="$(wc -l 2>/dev/null < "${temp}")"
+    awk '{if(NR==1){tld=$NF};while(getline){if($NF!~tld"\\."){print tld;tld=$NF}}print tld}' "${temp}" 2>/dev/null |\
+    awk -F "." '{for(f=NF;f>1;f--)printf "%s.",$f;print $1}' 2>/dev/null | sort > "${source}"
+    cnt_tld="$(wc -l 2>/dev/null < "${source}")"
+    f_log "debug" "f_tld  ::: source: ${source}, cnt: ${cnt}, cnt_srt: ${cnt_srt}, cnt_tld: ${cnt_tld}"
+}
+
+# blocklist hash compare
+#
+f_hash()
+{
+    local hash hash_rc=1
 
-        if [ -n "${dns_active}" ] && [ "${mode}" = "suspend" ]
+    if [ -x "${adb_hashutil}" ] && [ -f "${adb_dnsdir}/${adb_dnsfile}" ]
+    then
+        hash="$(${adb_hashutil} "${adb_dnsdir}/${adb_dnsfile}" 2>/dev/null | awk '{print $1}')"
+        if [ -z "${adb_hashold}" ] && [ -n "${hash}" ]
         then
-            source="${adb_dnsdir}/${adb_dnsprefix}"
-            target="${adb_dnshidedir}"
-            status="suspended"
-        elif [ -n "${dns_passive}" ] && [ "${mode}" = "resume" ]
+            adb_hashold="${hash}"
+        elif [ -z "${adb_hashnew}" ] && [ -n "${hash}" ]
         then
-            source="${adb_dnshidedir}/${adb_dnsprefix}"
-            target="${adb_dnsdir}"
-            status="resumed"
+            adb_hashnew="${hash}"
         fi
-        if [ -n "${status}" ]
+        if [ -n "${adb_hashold}" ] && [ -n "${adb_hashnew}" ]
         then
-            mv -f "${source}"* "${target}"
-            f_dnsrestart
-            f_log "info " "adblock processing ${status}"
+            if [ "${adb_hashold}" = "${adb_hashnew}" ]
+            then
+                hash_rc=0
+            fi
+            adb_hashold=""
+            adb_hashnew=""
         fi
     fi
+    f_log "debug" "f_hash ::: hash_util: ${adb_hashutil}, hash: ${hash}, out_rc: ${hash_rc}"
+    return ${hash_rc}
+}
+
+# suspend/resume adblock processing
+#
+f_switch()
+{
+    local mode="${1}"
+
+    if [ ! -s "${adb_dnsdir}/.${adb_dnsfile}" ] && [ "${mode}" = "suspend" ]
+    then
+        f_hash
+        cat "${adb_dnsdir}/${adb_dnsfile}" > "${adb_dnsdir}/.${adb_dnsfile}"
+        printf '%s\n' "${adb_dnsheader}" > "${adb_dnsdir}/${adb_dnsfile}"
+        f_hash
+    elif [ -s "${adb_dnsdir}/.${adb_dnsfile}" ] && [ "${mode}" = "resume" ]
+    then
+        f_hash
+        cat "${adb_dnsdir}/.${adb_dnsfile}" > "${adb_dnsdir}/${adb_dnsfile}"
+        > "${adb_dnsdir}/.${adb_dnsfile}"
+        f_hash
+    fi
+    if [ ${?} -eq 1 ]
+    then
+        f_temp
+        f_dnsup
+        f_jsnup
+        f_log "info" "${mode} adblock processing"
+        f_rmtemp
+        exit 0
+    fi
 }
 
-# f_query: query block lists for certain (sub-)domains
+# query blocklist for certain (sub-)domains
 #
 f_query()
 {
     local search result cnt
     local domain="${1}"
     local tld="${domain#*.}"
-    local dns_active="$(find "${adb_dnsdir}" -maxdepth 1 -type f -name "${adb_dnsprefix}*" -print)"
 
-    if [ -z "${dns_active}" ]
-    then
-         printf "%s\n" "::: no active block lists found, please start / resume adblock first"
-    elif [ -z "${domain}" ] || [ "${domain}" = "${tld}" ]
+    if [ -z "${domain}" ] || [ "${domain}" = "${tld}" ]
     then
-        printf "%s\n" "::: invalid domain input, please submit a specific (sub-)domain, e.g. 'www.abc.xyz'"
+        printf "%s\n" "::: invalid domain input, please submit a single domain, e.g. 'doubleclick.net'"
     else
         cd "${adb_dnsdir}"
         while [ "${domain}" != "${tld}" ]
         do
             search="${domain//./\.}"
-            result="$(grep -Hm1 "[/\"\.]${search}[/\"]" "${adb_dnsprefix}"* | awk -F ':|=|/|\"' '{printf(" %-20s : %s\n",$1,$4)}')"
-            printf "%s\n" "::: distinct results for domain '${domain}'"
-            printf "%s\n" "${result:=" no match"}"
+            if [ "${adb_dns}" = "dnsmasq" ] || [ "${adb_dns}" = "unbound" ]
+            then
+                result="$(awk -F '/|\"' "/[\/\"\.]${search}/{i++;{printf(\"  + %s\n\",\$2)};if(i>9){exit}}" "${adb_dnsfile}")"
+            else
+                result="$(awk "/(^[^\*][[:alpha:]]*[\.]+${search}|^${search})/{i++;{printf(\"  + %s\n\",\$1)};if(i>9){exit}}" "${adb_dnsfile}")"
+            fi
+            printf "%s\n" "::: results for domain '${domain}' (max. 10)"
+            printf "%s\n" "${result:-"  - no match"}"
             domain="${tld}"
             tld="${domain#*.}"
         done
     fi
 }
 
-# f_status: output runtime information
+# update runtime information
 #
-f_status()
+f_jsnup()
 {
-    local key keylist value
+    local bg_pid rundate status="${1}" mode="normal mode"
 
-    if [ -s "${adb_rtfile}" ]
+    if [ -z "${status}" ]
     then
-        local dns_active="$(find "${adb_dnsdir}" -maxdepth 1 -type f -name "${adb_dnsprefix}*" -print)"
-        local dns_passive="$(find "${adb_dnshidedir}" -maxdepth 1 -type f -name "${adb_dnsprefix}*" -print)"
-
-        if [ -n "${dns_active}" ]
+        rundate="$(/bin/date "+%d.%m.%Y %H:%M:%S")"
+        if [ ${adb_rc} -gt 0 ]
+        then
+            status="error"
+        elif [ ${adb_enabled} -eq 0 ]
         then
-            value="active"
-        elif [ -n "${dns_passive}" ] || [ -z "${dns_active}" ]
+            status="disabled"
+        elif [ -s "${adb_dnsdir}/.${adb_dnsfile}" ]
         then
-            value="no domains blocked"
+            status="paused"
+        else
+            status="enabled"
+            f_count
         fi
-        printf "%s\n" "::: adblock runtime information"
-        printf " %-15s : %s\n" "status" "${value}"
+    fi
+
+    if [ ${adb_backup_mode} -eq 1 ]
+    then
+        mode="normal/backup mode"
+    elif [ ${adb_whitelist_mode} -eq 1 ]
+    then
+        mode="whitelist mode"
+    fi
+
+    if [ -z "${adb_fetchinfo}" ] && [ -s "${adb_rtfile}" ]
+    then
         json_load "$(cat "${adb_rtfile}" 2>/dev/null)"
         json_select data
-        json_get_keys keylist
-        for key in ${keylist}
-        do
-            json_get_var value ${key}
-            printf " %-15s : %s\n" "${key}" "${value}"
-        done
+        json_get_var adb_fetchinfo "fetch_utility"
+    fi
+
+    json_init
+    json_add_object "data"
+    json_add_string "adblock_status" "${status}"
+    json_add_string "adblock_version" "${adb_ver}"
+    json_add_string "overall_domains" "${adb_cnt} (${mode})"
+    json_add_string "fetch_utility" "${adb_fetchinfo:-"-"}"
+    json_add_string "dns_backend" "${adb_dns} (${adb_dnsdir})"
+    json_add_string "last_rundate" "${rundate:-"-"}"
+    json_add_string "system_release" "${adb_sysver}"
+    json_close_object
+    json_dump > "${adb_rtfile}"
+
+    if [ ${adb_notify} -eq 1 ] && [ -x /etc/adblock/adblock.notify ] && ([ "${status}" = "error" ] ||\
+        ([ "${status}" = "enabled" ] && [ ${adb_whitelist_mode} -eq 0 ] && [ ${adb_cnt} -le ${adb_notifycnt} ]))
+    then
+        (/etc/adblock/adblock.notify >/dev/null 2>&1) &
+        bg_pid=${!}
     fi
+    f_log "debug" "f_jsnup::: status: ${status}, mode: ${mode}, cnt: ${adb_cnt}, notify: ${adb_notify}, notify_cnt: ${adb_notifycnt}, notify_pid: ${bg_pid:-"-"}"
 }
 
-# f_log: write to syslog, exit on error
+# write to syslog
 #
 f_log()
 {
@@ -397,66 +729,119 @@ f_log()
 
     if [ -n "${log_msg}" ] && ([ "${class}" != "debug" ] || [ ${adb_debug} -eq 1 ])
     then
-        logger -t "adblock-[${adb_ver}] ${class}" "${log_msg}"
-        if [ "${class}" = "error" ]
+        logger -p "${class}" -t "adblock-[${adb_ver}]" "${log_msg}"
+        if [ "${class}" = "err" ]
         then
-            logger -t "adblock-[${adb_ver}] ${class}" "Please check 'https://github.com/openwrt/packages/blob/master/net/adblock/files/README.md' (${adb_sysver})"
-            f_rmtemp
-            if [ -n "$(ls -dA "${adb_dnsdir}/${adb_dnsprefix}"* 2>/dev/null)" ]
-            then
-                f_rmdns
-                f_dnsrestart
-            fi
-            exit 255
+            f_rmdns
+            f_jsnup
+            logger -p "${class}" -t "adblock-[${adb_ver}]" "Please also check 'https://github.com/openwrt/packages/blob/master/net/adblock/files/README.md' (${adb_sysver})"
+            exit 1
         fi
     fi
 }
 
-# main function for block list processing
+# main function for blocklist processing
 #
 f_main()
 {
-    local enabled url cnt sum_cnt=0 mem_total=0
-    local src_name src_rset shalla_archive
-    mem_total="$(awk '$1 ~ /^MemTotal/ {printf $2}' "/proc/meminfo" 2>/dev/null)"
+    local src_name src_rset src_log src_arc enabled url mem_total="$(awk '/^MemTotal/ {print int($2/1000)}' "/proc/meminfo")"
+
+    f_log "debug" "f_main ::: dns: ${adb_dns}, fetch_util: ${adb_fetchinfo}, backup: ${adb_backup}, backup_mode: ${adb_backup_mode}, whitelist_mode: ${adb_whitelist_mode}, force_srt: ${adb_forcesrt}, force_dns: ${adb_forcedns}, mem_total: ${mem_total}"
+    > "${adb_dnsdir}/.${adb_dnsfile}"
+    > "${adb_tmpdir}/tmp.whitelist"
+
+    # prepare whitelist entries
+    #
+    if [ -s "${adb_whitelist}" ]
+    then
+        if [ ${adb_whitelist_mode} -eq 1 ] && [ "${adb_dns}" != "dnscrypt-proxy" ]
+        then
+            adb_whitelist_rset="\$0~/^([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}"
+        else
+            adb_whitelist_rset="\$0~/^([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{gsub(\"\\\.\",\"\\\.\",\$1);print tolower(\"^\"\$1\"\\\|\\\.\"\$1)}"
+        fi
+        awk "${adb_whitelist_rset}" "${adb_whitelist}" > "${adb_tmpdir}/tmp.whitelist"
+    fi
+
+    # whitelist mode processing
+    #
+    if [ ${adb_whitelist_mode} -eq 1 ] && [ "${adb_dns}" != "dnscrypt-proxy" ]
+    then
+        f_hash
+        f_tld "${adb_tmpdir}/tmp.whitelist"
+        eval "${adb_dnsformat}" "${adb_tmpdir}/tmp.whitelist" > "${adb_dnsdir}/${adb_dnsfile}"
+        printf '%s\n' "${adb_dnsblock}" >> "${adb_dnsdir}/${adb_dnsfile}"
+        if [ -n "${adb_dnsheader}" ]
+        then
+            printf '%s\n' "${adb_dnsheader}" | cat - "${adb_dnsdir}/${adb_dnsfile}" > "${adb_tmpdir}/${adb_dnsfile}"
+            cat "${adb_tmpdir}/${adb_dnsfile}" > "${adb_dnsdir}/${adb_dnsfile}"
+        fi
+        f_hash
+        if [ ${?} -eq 1 ]
+        then
+            f_dnsup
+        fi
+        f_jsnup
+        if [ ${adb_rc} -eq 0 ]
+        then
+            f_log "info" "whitelist with overall ${adb_cnt} domains loaded successfully (${adb_sysver})"
+            return 0
+        else
+            f_log "err" "dns backend restart with active whitelist failed"
+        fi
+    fi
 
-    f_log "info " "start adblock processing ..."
-    > "${adb_rtfile}"
+    # normal & backup mode processing
+    #
     for src_name in ${adb_sources}
     do
         eval "enabled=\"\${enabled_${src_name}}\""
         eval "url=\"\${adb_src_${src_name}}\""
         eval "src_rset=\"\${adb_src_rset_${src_name}}\""
-        adb_dnsfile="${adb_tmpdir}/${adb_dnsprefix}.${src_name}"
         > "${adb_tmpload}"
         > "${adb_tmpfile}"
-        adb_rc=0
+        adb_rc=1
 
         # basic pre-checks
         #
+        f_log "debug" "f_main ::: name: ${src_name}, enabled: ${enabled}"
         if [ "${enabled}" != "1" ] || [ -z "${url}" ] || [ -z "${src_rset}" ]
         then
             f_list remove
             continue
         fi
 
-        # download block list
+        # backup mode
+        #
+        if [ ${adb_backup_mode} -eq 1 ] && [ "${adb_action}" = "start" ] && [ "${src_name}" != "blacklist" ]
+        then
+            f_list restore
+            if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpfile}" ]
+            then
+                f_list merge
+                continue
+            fi
+        fi
+
+        # download blocklist
         #
-        f_log "debug" "name: ${src_name}, enabled: ${enabled}, backup: ${adb_backup}, dns: ${adb_dns}, fetch: ${adb_fetchinfo}, memory: ${mem_total}, force srt/dns: ${adb_forcesrt}/${adb_forcedns}"
         if [ "${src_name}" = "blacklist" ]
         then
-            cat "${url}" 2>/dev/null > "${adb_tmpload}"
-            adb_rc=${?}
+            if [ -s "${url}" ]
+            then
+                cat "${url}" > "${adb_tmpload}"
+                adb_rc=${?}
+            fi
         elif [ "${src_name}" = "shalla" ]
         then
-            shalla_archive="${adb_tmpdir}/shallalist.tar.gz"
-            "${adb_fetch}" ${adb_fetchparm} "${shalla_archive}" "${url}" 2>/dev/null
+            src_arc="${adb_tmpdir}/shallalist.tar.gz"
+            src_log="$("${adb_fetchutil}" ${adb_fetchparm} "${src_arc}" "${url}" 2>&1)"
             adb_rc=${?}
             if [ ${adb_rc} -eq 0 ]
             then
                 for category in ${adb_src_cat_shalla}
                 do
-                    tar -xOzf "${shalla_archive}" BL/${category}/domains >> "${adb_tmpload}"
+                    tar -xOzf "${src_arc}" "BL/${category}/domains" >> "${adb_tmpload}"
                     adb_rc=${?}
                     if [ ${adb_rc} -ne 0 ]
                     then
@@ -464,43 +849,46 @@ f_main()
                     fi
                 done
             fi
-            rm -f "${shalla_archive}"
+            rm -f "${src_arc}"
             rm -rf "${adb_tmpdir}/BL"
         else
-            "${adb_fetch}" ${adb_fetchparm} "${adb_tmpload}" "${url}" 2>/dev/null
+            src_log="$("${adb_fetchutil}" ${adb_fetchparm} "${adb_tmpload}" "${url}" 2>&1)"
             adb_rc=${?}
         fi
+        if [ ${adb_rc} -ne 0 ] && [ "${src_name}" != "blacklist" ]
+        then
+            f_log "debug" "f_main ::: url: ${url}, rc: ${adb_rc}, src_log: ${src_log:-"-"}"
+        fi
 
-        # check download result and prepare domain output (incl. tld compression, list backup & restore)
+        # check download result and prepare list output
         #
         if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpload}" ]
         then
             awk "${src_rset}" "${adb_tmpload}" 2>/dev/null > "${adb_tmpfile}"
             if [ -s "${adb_tmpfile}" ]
             then
-                awk -F "." '{for(f=NF;f > 1;f--) printf "%s.", $f;print $1}' "${adb_tmpfile}" 2>/dev/null | sort -u > "${adb_tmpload}"
-                awk '{if(NR==1){tld=$NF};while(getline){if($NF !~ tld"\\."){print tld;tld=$NF}}print tld}' "${adb_tmpload}" 2>/dev/null > "${adb_tmpfile}"
-                awk -F "." '{for(f=NF;f > 1;f--) printf "%s.", $f;print $1}' "${adb_tmpfile}" 2>/dev/null > "${adb_tmpload}"
-                mv -f "${adb_tmpload}" "${adb_tmpfile}"
-                f_list backup
-            else
+                if [ ${mem_total} -lt 64 ] && [ ${adb_forcesrt} -eq 0 ]
+                then
+                    f_tld "${adb_tmpfile}"
+                fi
+                if [ ${adb_backup} -eq 1 ] && [ "${src_name}" != "blacklist" ]
+                then
+                    f_list backup
+                fi
+            elif [ ${adb_backup} -eq 1 ]
+            then
                 f_list restore
             fi
-        else
+        elif [ ${adb_backup} -eq 1 ] && [ "${src_name}" != "blacklist" ]
+        then
             f_list restore
         fi
 
-        # remove whitelist domains, final list preparation
+        # list merge
         #
         if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpfile}" ]
         then
-            if [ -s "${adb_tmpdir}/tmp.whitelist" ]
-            then
-                grep -vf "${adb_tmpdir}/tmp.whitelist" "${adb_tmpfile}" 2>/dev/null | eval "${adb_dnsformat}" > "${adb_dnsfile}"
-            else
-                cat "${adb_tmpfile}" 2>/dev/null | eval "${adb_dnsformat}" > "${adb_dnsfile}"
-            fi
-            adb_rc=${?}
+            f_list merge
             if [ ${adb_rc} -ne 0 ]
             then
                 f_list remove
@@ -510,77 +898,60 @@ f_main()
         fi
     done
 
-    # overall sort
+    # overall sort and conditional dns restart
     #
-    for src_name in $(ls -dASr "${adb_tmpdir}/${adb_dnsprefix}"* 2>/dev/null)
-    do
-        if [ ${mem_total} -ge 64000 ] || [ ${adb_forcesrt} -eq 1 ]
+    f_hash
+    if [ -s "${adb_tmpdir}/${adb_dnsfile}" ]
+    then
+        if [ ${mem_total} -ge 64 ] || [ ${adb_forcesrt} -eq 1 ]
         then
-            if [ -s "${adb_tmpdir}/blocklist.overall" ]
-            then
-                sort "${adb_tmpdir}/blocklist.overall" "${adb_tmpdir}/blocklist.overall" "${src_name}" | uniq -u > "${adb_tmpdir}/tmp.blocklist"
-                mv -f "${adb_tmpdir}/tmp.blocklist" "${src_name}"
-            fi
-            cat "${src_name}" >> "${adb_tmpdir}/blocklist.overall"
+            f_tld "${adb_tmpdir}/${adb_dnsfile}"
         fi
-        cnt="$(wc -l < "${src_name}")"
-        sum_cnt=$((sum_cnt + cnt))
-    done
+        f_list final
+    else
+        > "${adb_dnsdir}/${adb_dnsfile}"
+    fi
+    chown "${adb_dnsuser}" "${adb_dnsdir}/${adb_dnsfile}" 2>/dev/null
 
-    # restart the dns backend and export runtime information
-    #
-    mv -f "${adb_tmpdir}/${adb_dnsprefix}"* "${adb_dnsdir}" 2>/dev/null
-    chown "${adb_dns}":"${adb_dns}" "${adb_dnsdir}/${adb_dnsprefix}"* 2>/dev/null
-    f_rmtemp
-    f_dnsrestart
-    if [ "${adb_dnsup}" = "true" ]
-    then
-        json_init
-        json_add_object "data"
-        json_add_string "adblock_version" "${adb_ver}"
-        json_add_string "blocked_domains" "${sum_cnt}"
-        json_add_string "fetch_info" "${adb_fetchinfo}"
-        json_add_string "dns_backend" "${adb_dns}"
-        json_add_string "last_rundate" "$(/bin/date "+%d.%m.%Y %H:%M:%S")"
-        json_add_string "system" "${adb_sysver}"
-        json_close_object
-        json_dump > "${adb_rtfile}"
-        f_log "info " "block lists with overall ${sum_cnt} domains loaded successfully (${adb_sysver})"
+    f_hash
+    if [ ${?} -eq 1 ]
+    then
+        f_dnsup
+    fi
+    f_jsnup
+    if [ ${adb_rc} -eq 0 ]
+    then
+        f_log "info" "blocklist with overall ${adb_cnt} domains loaded successfully (${adb_sysver})"
     else
-        f_log "error" "dns backend restart with active block lists failed"
+        f_log "err" "dns backend restart with active blocklist failed"
     fi
+    f_rmtemp
+    exit ${adb_rc}
 }
 
 # handle different adblock actions
 #
 f_envload
-case "${1}" in
+case "${adb_action}" in
     stop)
-        f_rmtemp
         f_rmdns
-        f_dnsrestart
-        ;;
+    ;;
     restart)
-        f_rmtemp
         f_rmdns
         f_envcheck
         f_main
-        ;;
+    ;;
     suspend)
         f_switch suspend
-        ;;
+    ;;
     resume)
         f_switch resume
-        ;;
+    ;;
     query)
         f_query "${2}"
-        ;;
-    status)
-        f_status
-        ;;
-    *)
+    ;;
+    start|reload)
         f_envcheck
         f_main
-        ;;
+    ;;
 esac
-exit 0
diff --git a/net/cjdns/Makefile b/net/cjdns/Makefile
deleted file mode 100644 (file)
index 8efd282..0000000
+++ /dev/null
@@ -1,148 +0,0 @@
-#
-# Copyright (C) 2014,2015 Hyperboria.net
-#
-# You may redistribute this program and/or modify it under the terms of
-# the GNU General Public License as published by the Free Software Foundation,
-# either version 3 of the License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=cjdns
-PKG_VERSION:=0.17
-PKG_RELEASE:=3
-
-PKG_SOURCE_URL:=https://github.com/hyperboria/cjdns.git
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=40e87d9419c19063e772e39c7c59a8a8771c5ee8
-PKG_LICENSE:=GPL-3.0
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.bz2
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_SOURCE_VERSION)
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_SOURCE_VERSION)
-
-include $(INCLUDE_DIR)/package.mk
-
-
-define Package/cjdns
-       SECTION:=net
-       CATEGORY:=Network
-       SUBMENU:=Routing and Redirection
-       TITLE:=Encrypted near-zero-conf mesh routing protocol
-       URL:=https://github.com/hyperboria/cjdns
-       MAINTAINER:=Lars Gierth <larsg@systemli.org>
-       DEPENDS:=@IPV6 +kmod-tun +libnl-tiny +libpthread +librt \
-               +libuci-lua +lua-bencode +dkjson +luasocket +lua-sha2
-endef
-
-define Package/cjdns/description
-       Cjdns implements an encrypted IPv6 network using public-key cryptography \
-       for address allocation and a distributed hash table for routing. \
-       This provides near-zero-configuration networking, and prevents many \
-       of the security and scalability issues that plague existing networks.
-endef
-
-define Package/cjdns-tests
-       SECTION:=net
-       CATEGORY:=Network
-       SUBMENU:=Routing and Redirection
-       TITLE:=cjdns test cases
-       URL:=https://github.com/hyperboria/cjdns
-       MAINTAINER:=Lars Gierth <larsg@systemli.org>
-       DEPENDS:=+libpthread +librt
-endef
-
-define Package/cjdns-test/description
-       cjdns test cases
-endef
-
-define Build/Configure
-endef
-
-PKG_DO_VARS:=CJDNS_RELEASE_VERSION=$(PKG_SOURCE_VERSION)
-
-ifneq ($(CONFIG_KERNEL_SECCOMP_FILTER),y)
-PKG_DO_VARS+= Seccomp_NO=1
-endif
-
-ifneq ($(CONFIG_USE_UCLIBC),)
-PKG_DO_VARS+= UCLIBC=1
-endif
-
-define Build/Compile
-       $(INSTALL_DIR) $(PKG_BUILD_DIR)/tmp
-       CROSS="true" \
-       CC="$(TARGET_CC)" \
-       AR="$(TARGET_AR)" \
-       RANLIB="$(TARGET_RANLIB)" \
-       CFLAGS="$(TARGET_CFLAGS)" \
-       LDFLAGS="$(TARGET_LDFLAGS)" \
-       SYSTEM="linux" \
-       TARGET_ARCH="$(CONFIG_ARCH)" \
-       SSP_SUPPORT="$(CONFIG_SSP_SUPPORT)" \
-       GYP_ADDITIONAL_ARGS="-f make-linux" \
-       CJDNS_BUILD_TMPDIR="$(PKG_BUILD_DIR)/tmp" \
-       $(PKG_DO_VARS) \
-       $(PKG_BUILD_DIR)/do
-endef
-
-define Package/cjdns/install
-       $(INSTALL_DIR) \
-               $(1)/usr/sbin \
-               $(1)/usr/bin \
-               $(1)/etc/config \
-               $(1)/etc/init.d \
-               $(1)/etc/uci-defaults \
-               $(1)/usr/lib/lua/cjdns
-
-       $(INSTALL_BIN) \
-               ./files/cjdrouteconf \
-               $(1)/usr/bin
-
-       $(INSTALL_BIN) \
-               $(PKG_BUILD_DIR)/cjdroute \
-               $(1)/usr/sbin
-
-       $(INSTALL_BIN) \
-               $(PKG_BUILD_DIR)/publictoip6 \
-               $(1)/usr/bin
-
-       $(INSTALL_BIN) \
-               ./files/cjdns.init \
-               $(1)/etc/init.d/cjdns
-
-       $(INSTALL_BIN) \
-               ./files/cjdns.defaults \
-               $(1)/etc/uci-defaults/cjdns
-
-       $(CP) \
-               ./lua/cjdns/* \
-               $(1)/usr/lib/lua/cjdns
-endef
-
-define Package/cjdns/postinst
-#!/bin/sh
-if [ -z $${IPKG_INSTROOT} ] ; then
-       ( . /etc/uci-defaults/cjdns ) && rm -f /etc/uci-defaults/cjdns
-       # TODO: we should have an 'Enable' button instead
-       /etc/init.d/cjdns enabled || /etc/init.d/cjdns enable
-       exit 0
-fi
-endef
-
-define Package/cjdns-tests/install
-       $(INSTALL_DIR) $(1)/usr/bin
-       $(INSTALL_BIN) \
-               $(PKG_BUILD_DIR)/build_linux/test_testcjdroute_c \
-               $(1)/usr/bin
-endef
-
-$(eval $(call BuildPackage,cjdns))
-$(eval $(call BuildPackage,cjdns-tests))
diff --git a/net/cjdns/files/cjdns.defaults b/net/cjdns/files/cjdns.defaults
deleted file mode 100644 (file)
index f2baf6d..0000000
+++ /dev/null
@@ -1,127 +0,0 @@
-#!/bin/sh
-
-# if there is an existing config, our work is already done
-uci get cjdns.cjdns.ipv6 >/dev/null 2>&1
-if [ $? -ne 0 ]; then
-
-  # register commit handler
-  uci -q batch <<-EOF >/dev/null
-    delete ucitrack.@cjdns[-1]
-    add ucitrack cjdns
-    set ucitrack.@cjdns[-1].init=cjdns
-    commit ucitrack
-EOF
-
-  # generate configuration
-  touch /etc/config/cjdns
-  cjdroute --genconf | cjdroute --cleanconf | cjdrouteconf set
-
-  # make sure config is present (might fail for any reason)
-  uci get cjdns.cjdns.ipv6 >/dev/null 2>&1
-  if [ $? -ne 0 ]; then
-    exit 1
-  fi
-
-  # enable auto-peering on ethernet interface lan, if existing
-  uci get network.lan | grep interface >/dev/null 2>&1
-  if [ $? -eq 0 ]; then
-    uci get network.lan.type | grep bridge >/dev/null 2>&1
-    if [ $? -eq 0 ]; then
-      # most routers will set up an ethernet bridge for the lan
-      ifname="br-lan"
-    else
-      # docker containers don't have permission to create bridges by default,
-      # so we bind to the underlying interface instead (likely eth0)
-      ifname=`uci get network.lan.ifname`
-    fi
-    uci -q batch <<-EOF >/dev/null
-      add cjdns eth_interface
-      set cjdns.@eth_interface[-1].beacon=2
-      set cjdns.@eth_interface[-1].bind=$ifname
-EOF
-  fi
-  # set the tun interface name
-  uci set cjdns.cjdns.tun_device=tuncjdns
-
-  # create the network interface
-  uci -q batch <<-EOF >/dev/null
-    set network.cjdns=interface
-    set network.cjdns.ifname=tuncjdns
-    set network.cjdns.proto=none
-EOF
-
-  # firewall rules by @dangowrt -- thanks <3
-
-  # create the firewall zone
-  uci -q batch <<-EOF >/dev/null
-    add firewall zone
-    set firewall.@zone[-1].name=cjdns
-    add_list firewall.@zone[-1].network=cjdns
-    set firewall.@zone[-1].input=REJECT
-    set firewall.@zone[-1].output=ACCEPT
-    set firewall.@zone[-1].forward=REJECT
-    set firewall.@zone[-1].conntrack=1
-    set firewall.@zone[-1].family=ipv6
-EOF
-
-  # allow ICMP from cjdns zone, e.g. ping6
-  uci -q batch <<-EOF >/dev/null
-    add firewall rule
-    set firewall.@rule[-1].name='Allow-ICMPv6-cjdns'
-    set firewall.@rule[-1].src=cjdns
-    set firewall.@rule[-1].proto=icmp
-    add_list firewall.@rule[-1].icmp_type=echo-request
-    add_list firewall.@rule[-1].icmp_type=echo-reply
-    add_list firewall.@rule[-1].icmp_type=destination-unreachable
-    add_list firewall.@rule[-1].icmp_type=packet-too-big
-    add_list firewall.@rule[-1].icmp_type=time-exceeded
-    add_list firewall.@rule[-1].icmp_type=bad-header
-    add_list firewall.@rule[-1].icmp_type=unknown-header-type
-    set firewall.@rule[-1].limit='1000/sec'
-    set firewall.@rule[-1].family=ipv6
-    set firewall.@rule[-1].target=ACCEPT
-EOF
-
-  # allow SSH from cjdns zone, needs to be explicitly enabled
-  uci -q batch <<-EOF >/dev/null
-    add firewall rule
-    set firewall.@rule[-1].enabled=0
-    set firewall.@rule[-1].name='Allow-SSH-cjdns'
-    set firewall.@rule[-1].src=cjdns
-    set firewall.@rule[-1].proto=tcp
-    set firewall.@rule[-1].dest_port=22
-    set firewall.@rule[-1].target=ACCEPT
-EOF
-
-  # allow LuCI access from cjdns zone, needs to be explicitly enabled
-  uci -q batch <<-EOF >/dev/null
-    add firewall rule
-    set firewall.@rule[-1].enabled=0
-    set firewall.@rule[-1].name='Allow-HTTP-cjdns'
-    set firewall.@rule[-1].src=cjdns
-    set firewall.@rule[-1].proto=tcp
-    set firewall.@rule[-1].dest_port=80
-    set firewall.@rule[-1].target=ACCEPT
-EOF
-
-  # allow UDP peering from wan zone, if it exists
-  uci show network.wan >/dev/null 2>&1
-  if [ $? -eq 0 ]; then
-    peeringPort=`uci get cjdns.@udp_interface[0].port`
-    uci -q batch <<-EOF >/dev/null
-      add firewall rule
-      set firewall.@rule[-1].name='Allow-cjdns-wan'
-      set firewall.@rule[-1].src=wan
-      set firewall.@rule[-1].proto=udp
-      set firewall.@rule[-1].dest_port=$peeringPort
-      set firewall.@rule[-1].target=ACCEPT
-EOF
-  fi
-
-  uci commit cjdns
-  uci commit firewall
-  uci commit network
-
-fi
-
-exit 0
diff --git a/net/cjdns/files/cjdns.init b/net/cjdns/files/cjdns.init
deleted file mode 100755 (executable)
index b6371d7..0000000
+++ /dev/null
@@ -1,32 +0,0 @@
-#!/bin/sh /etc/rc.common
-
-START=90
-STOP=85
-
-USE_PROCD=1
-
-start_service()
-{
-       [ -f /etc/uci-defaults/cjdns ] && ( . /etc/uci-defaults/cjdns )
-
-       procd_open_instance
-       procd_set_param respawn
-       procd_set_param command /bin/ash -c "cjdrouteconf get | tee /tmp/etc/cjdroute.conf | cjdroute --nobg | logger -t cjdns"
-       procd_close_instance
-}
-
-stop_service()
-{
-       killall cjdroute
-}
-
-reload_service()
-{
-       # cat /tmp/etc/cjdroute.conf | cjdrouteconf reload
-       restart
-}
-
-service_triggers()
-{
-       procd_add_reload_trigger cjdns
-}
diff --git a/net/cjdns/files/cjdrouteconf b/net/cjdns/files/cjdrouteconf
deleted file mode 100755 (executable)
index fa5e073..0000000
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/usr/bin/env lua
-
-dkjson = require("dkjson")
-cjdns = require("cjdns")
-require("cjdns/uci")
-
-function help()
-  print("JSON interface to /etc/config/cjdns\n\nExamples: \
-    cjdrouteconf get > /tmp/etc/cjdroute.conf \
-    cat /tmp/etc/cjdroute.conf | cjdrouteconf set \
-    uci changes \
-    cjdrouteconf get | cjdroute")
-end
-
-if arg[1] == "get" then
-  local json = dkjson.encode(cjdns.uci.get(), { indent = true })
-  print(json)
-elseif arg[1] == "set" then
-  local json = io.stdin:read("*a")
-  local obj, pos, err = dkjson.decode(json, 1, nil)
-
-  if obj then
-    cjdns.uci.set(obj)
-  else
-    print("dkjson: " .. err .. " (try cjdroute --cleanconf)")
-    os.exit(1)
-  end
-else
-  help()
-end
diff --git a/net/cjdns/lua/cjdns/admin.lua b/net/cjdns/lua/cjdns/admin.lua
deleted file mode 100644 (file)
index 2bb58d2..0000000
+++ /dev/null
@@ -1,105 +0,0 @@
--- Cjdns admin module for Lua
--- Written by Philip Horger
-
-common = require 'cjdns/common'
-
-AdminInterface = {}
-AdminInterface.__index = AdminInterface
-common.AdminInterface = AdminInterface
-
-function AdminInterface.new(properties)
-    properties = properties or {}
-
-    properties.host     = properties.host or "127.0.0.1"
-    properties.port     = properties.port or 11234
-    properties.password = properties.password or nil
-    properties.config   = properties.config   or common.ConfigFile.new("/etc/cjdroute.conf", false)
-    properties.timeout  = properties.timeout  or 2
-
-    properties.udp      = common.UDPInterface.new(properties)
-
-    return setmetatable(properties, AdminInterface)
-end
-
-function AdminInterface:send(object)
-    local bencoded, err = bencode.encode(object)
-    if err then
-        return nil, err
-    end
-
-    local sock_obj = assert(socket.udp())
-    sock_obj:settimeout(self.timeout)
-
-    local _, err = sock_obj:sendto(bencoded, self.host, self.port)
-    if err then
-        return nil, err
-    end
-
-    return sock_obj
-end
-
-function AdminInterface:recv(sock_obj)
-    local retrieved, err = sock_obj:receive()
-    if not retrieved then
-        return nil, "ai:recv > " .. err
-    end
-    local bencoded, err = bencode.decode(retrieved)
-    if bencoded then
-        return bencoded
-    else
-        return nil, "ai:recv > " .. err
-    end
-end
-
-function AdminInterface:call(request)
-    local sock_obj, err = self:send(request)
-    if err then
-        return nil, "ai:call > " .. err
-    end
-
-    return self:recv(sock_obj)
-end
-
-function AdminInterface:getCookie()
-    local cookie_response, err = self:call({ q = "cookie" })
-    if not cookie_response then
-        return nil, "ai:getCookie > " .. err
-    end
-    return cookie_response.cookie
-end
-
-function AdminInterface:auth(request)
-    local funcname = request.q
-    local args = {}
-    for k, v in pairs(request) do
-        args[k] = v
-    end
-
-    -- Step 1: Get cookie
-    local cookie, err = self:getCookie()
-    if err then
-        return nil, err
-    end
-
-    -- Step 2: Calculate hash1 (password + cookie)
-    local plaintext1 = self.password .. cookie
-    local hash1 = sha2.sha256hex(plaintext1)
-
-    -- Step 3: Calculate hash2 (intermediate stage request)
-    local request = {
-        q      = "auth",
-        aq     = funcname,
-        args   = args,
-        hash   = hash1,
-        cookie = cookie
-    }
-    local plaintext2, err = bencode.encode(request)
-    if err then
-        return nil, err
-    end
-    local hash2 = sha2.sha256hex(plaintext2)
-
-    -- Step 4: Update hash in request, then ship it out
-    request.hash = hash2
-    return self:call(request)
-end
diff --git a/net/cjdns/lua/cjdns/common.lua b/net/cjdns/lua/cjdns/common.lua
deleted file mode 100644 (file)
index 45f7dad..0000000
+++ /dev/null
@@ -1,7 +0,0 @@
--- Cjdns admin module for Lua
--- Written by Philip Horger
-
--- This table is preserved over multiple imports, and collects
--- submodules import-by-import via init.lua.
-
-return {}
diff --git a/net/cjdns/lua/cjdns/init.lua b/net/cjdns/lua/cjdns/init.lua
deleted file mode 100644 (file)
index 32abbfc..0000000
+++ /dev/null
@@ -1,12 +0,0 @@
--- Cjdns admin module for Lua
--- Written by Philip Horger
-
-bencode = require "bencode" -- https://bitbucket.org/wilhelmy/lua-bencode/
-dkjson  = require "dkjson"  -- http://dkolf.de/src/dkjson-lua.fsl/home
-socket  = require "socket"  -- http://w3.impa.br/~diego/software/luasocket/
-sha2    = require "sha2"    -- https://code.google.com/p/sha2/
-
-require "cjdns/admin"
-require "cjdns/udp"
-
-return require "cjdns/common"
diff --git a/net/cjdns/lua/cjdns/uci.lua b/net/cjdns/lua/cjdns/uci.lua
deleted file mode 100644 (file)
index 0127f44..0000000
+++ /dev/null
@@ -1,289 +0,0 @@
-common = require("cjdns/common")
-uci    = require("uci")
-
-UCI = {}
-common.uci = UCI
-
---- Return the configuration defaults as a table suitable for JSON output
---
--- Mostly taken from cjdroute --genconf
--- @return table with configuration defaults
-function UCI.defaults()
-  return {
-    security = {
-      { setuser = "nobody", keepNetAdmin = 1 },
-      { chroot = "/var/run/" },
-      { nofiles = 0 },
-      { noforks = 1 },
-      { seccomp = 0 },
-      { setupComplete = 1 }
-    },
-    router = {
-        ipTunnel = { outgoingConnections = {}, allowedConnections = {} },
-        interface = { type = "TUNInterface" }
-    },
-    interfaces = { UDPInterface = {}, ETHInterface = {} },
-    authorizedPasswords = {},
-    logging = { logTo = "stdout" }
-  }
-end
-
---- Return the cjdns configuration as a table suitable for JSON output
---
--- Iterates over cjdns, eth_interface, udp_interface, eth_peer, udp_peer,
--- and password sections. Doesn't include IPTunnel related options yet.
--- @return table with cjdns configuration
-function UCI.get()
-  local obj = UCI.defaults()
-
-  local cursor = uci.cursor()
-
-  local config = cursor:get_all("cjdns", "cjdns")
-  if not config then return obj end
-
-  obj.ipv6 = config.ipv6
-  obj.publicKey = config.public_key
-  obj.privateKey = config.private_key
-  obj.admin = {
-    bind = config.admin_address .. ":" .. config.admin_port,
-    password = config.admin_password }
-
-  if config.tun_device and string.len(config.tun_device) > 0 then
-    obj.router.interface.tunDevice = config.tun_device
-  end
-
-  for i,section in pairs(obj.security) do
-    if type(section.seccomp) == "number" then
-      obj.security[i].seccomp = tonumber(config.seccomp)
-    end
-  end
-
-  cursor:foreach("cjdns", "iptunnel_outgoing", function(outgoing)
-    table.insert(obj.router.ipTunnel.outgoingConnections, outgoing.public_key)
-  end)
-
-  cursor:foreach("cjdns", "iptunnel_allowed", function(allowed)
-    entry = { publicKey = allowed.public_key }
-    if allowed.ipv4 then
-      entry["ip4Address"] = allowed.ipv4
-    end
-    if allowed.ipv6 then
-      entry["ip6Address"] = allowed.ipv6
-    end
-    table.insert(obj.router.ipTunnel.allowedConnections, entry)
-  end)
-
-  cursor:foreach("cjdns", "eth_interface", function(eth_interface)
-    table.insert(obj.interfaces.ETHInterface, {
-      bind = eth_interface.bind,
-      beacon = tonumber(eth_interface.beacon),
-      connectTo = {}
-    })
-  end)
-
-  cursor:foreach("cjdns", "udp_interface", function(udp_interface)
-    table.insert(obj.interfaces.UDPInterface, {
-      bind = udp_interface.address .. ":" .. udp_interface.port,
-      connectTo = {}
-    })
-  end)
-
-  cursor:foreach("cjdns", "eth_peer", function(eth_peer)
-    if not eth_peer.address == "" then
-      local i = tonumber(eth_peer.interface)
-      obj.interfaces.ETHInterface[i].connectTo[eth_peer.address] = {
-        publicKey = eth_peer.public_key,
-        password = eth_peer.password
-      }
-    end
-  end)
-
-  cursor:foreach("cjdns", "udp_peer", function(udp_peer)
-    local bind = udp_peer.address .. ":" .. udp_peer.port
-    local i = tonumber(udp_peer.interface)
-    obj.interfaces.UDPInterface[i].connectTo[bind] = {
-      user = udp_peer.user,
-      publicKey = udp_peer.public_key,
-      password = udp_peer.password
-    }
-  end)
-
-  cursor:foreach("cjdns", "password", function(password)
-    table.insert(obj.authorizedPasswords, {
-      password = password.password,
-      user = password.user,
-      contact = password.contact
-    })
-  end)
-
-  return obj
-end
-
---- Parse and save updated configuration from JSON input
---
--- Transforms general settings, ETHInterface, UDPInterface, connectTo, and
--- authorizedPasswords fields into UCI sections, and replaces the UCI config's
--- contents with them.
--- @param table JSON input
--- @return Boolean whether saving succeeded
-function UCI.set(obj)
-  local cursor = uci.cursor()
-
-  for i, section in pairs(cursor:get_all("cjdns")) do
-    cursor:delete("cjdns", section[".name"])
-  end
-
-  local admin_address, admin_port = string.match(obj.admin.bind, "^(.*):(.*)$")
-  UCI.cursor_section(cursor, "cjdns", "cjdns", "cjdns", {
-    ipv6 = obj.ipv6,
-    public_key = obj.publicKey,
-    private_key = obj.privateKey,
-    admin_password = obj.admin.password,
-    admin_address = admin_address,
-    admin_port = admin_port
-  })
-
-  if obj.router.interface.tunDevice then
-    UCI.cursor_section(cursor, "cjdns", "cjdns", "cjdns", {
-      tun_device = tostring(obj.router.interface.tunDevice)
-    })
-  end
-
-  if obj.security then
-    for i,section in pairs(obj.security) do
-      for key,value in pairs(section) do
-        if key == "seccomp" then
-          UCI.cursor_section(cursor, "cjdns", "cjdns", "cjdns", {
-            seccomp = tonumber(value)
-          })
-        end
-      end
-    end
-  end
-
-  if obj.router.ipTunnel.outgoingConnections then
-    for i,public_key in pairs(obj.router.ipTunnel.outgoingConnections) do
-      UCI.cursor_section(cursor, "cjdns", "iptunnel_outgoing", nil, {
-        public_key = public_key
-      })
-    end
-  end
-
-  if obj.router.ipTunnel.allowedConnections then
-    for i,allowed in pairs(obj.router.ipTunnel.allowedConnections) do
-      entry = { public_key = allowed.publicKey }
-      if allowed.ip4Address then
-        entry["ipv4"] = allowed.ip4Address
-      end
-      if allowed.ip6Address then
-        entry["ipv6"] = allowed.ip6Address
-      end
-
-      UCI.cursor_section(cursor, "cjdns", "iptunnel_allowed", nil, entry)
-    end
-  end
-
-  if obj.interfaces.ETHInterface then
-    for i,interface in pairs(obj.interfaces.ETHInterface) do
-      UCI.cursor_section(cursor, "cjdns", "eth_interface", nil, {
-        bind = interface.bind,
-        beacon = tostring(interface.beacon)
-      })
-
-      if interface.connectTo then
-        for peer_address,peer in pairs(interface.connectTo) do
-          UCI.cursor_section(cursor, "cjdns", "eth_peer", nil, {
-            interface = i,
-            address = peer_address,
-            public_key = peer.publicKey,
-            password = peer.password
-          })
-        end
-      end
-    end
-  end
-
-  if obj.interfaces.UDPInterface then
-    for i,interface in pairs(obj.interfaces.UDPInterface) do
-      local address, port = string.match(interface.bind, "^(.*):(.*)$")
-      UCI.cursor_section(cursor, "cjdns", "udp_interface", nil, {
-        address = address,
-        port = port
-      })
-
-      if interface.connectTo then
-        for peer_bind,peer in pairs(interface.connectTo) do
-          local peer_address, peer_port = string.match(peer_bind, "^(.*):(.*)$")
-          UCI.cursor_section(cursor, "cjdns", "udp_peer", nil, {
-            interface = i,
-            address = peer_address,
-            port = peer_port,
-            user = peer.user,
-            public_key = peer.publicKey,
-            password = peer.password
-          })
-        end
-      end
-    end
-  end
-
-  if obj.authorizedPasswords then
-    for i,password in pairs(obj.authorizedPasswords) do
-      local user = password.user
-      if not user or string.len(user) == 0 then
-        user = "user-" .. UCI.random_string(6)
-      end
-
-      UCI.cursor_section(cursor, "cjdns", "password", nil, {
-        password = password.password,
-        user = user,
-        contact = password.contact
-      })
-    end
-  end
-
-  return cursor:save("cjdns")
-end
-
---- Simple backport of Cursor:section from luci.model.uci
---
--- Backport reason: we don't wanna depend on LuCI.
--- @param Cursor the UCI cursor to operate on
--- @param string name of the config
--- @param string type of the section
--- @param string name of the section (optional)
--- @param table config values
-function UCI.cursor_section(cursor, config, type, section, values)
-  if section then
-    cursor:set(config, section, type)
-  else
-    section = cursor:add("cjdns", type)
-  end
-
-  for k,v in pairs(values) do
-    cursor:set(config, section, k, v)
-  end
-end
-
-function UCI.makeInterface()
-  local cursor = uci.cursor()
-
-  local config = cursor:get_all("cjdns", "cjdns")
-  if not config then return nil end
-
-  return common.AdminInterface.new({
-    host = config.admin_address,
-    port = config.admin_port,
-    password = config.admin_password,
-    config = UCI.get(),
-    timeout = 2
-  })
-end
-
-function UCI.random_string(length)
-  -- tr -cd 'A-Za-z0-9' < /dev/urandom
-  local urandom = io.popen("tr -cd 'A-Za-z0-9' 2> /dev/null < /dev/urandom", "r")
-  local string = urandom:read(length)
-  urandom:close()
-  return string
-end
diff --git a/net/cjdns/lua/cjdns/udp.lua b/net/cjdns/lua/cjdns/udp.lua
deleted file mode 100644 (file)
index 9dd5901..0000000
+++ /dev/null
@@ -1,102 +0,0 @@
--- Cjdns admin module for Lua
--- Written by Philip Horger
-
-common = require 'cjdns/common'
-
-UDPInterface = {}
-UDPInterface.__index = UDPInterface
-common.UDPInterface = UDPInterface
-
-function UDPInterface.new(ai, config, ptype)
-    properties = {
-        ai     = ai,
-        config = config or ai.config,
-        ptype  = ptype or "ai"
-    }
-
-    return setmetatable(properties, UDPInterface)
-end
-
-function UDPInterface:call(name, args)
-    local func = self[name .. "_" .. self.ptype]
-    return func(self, unpack(args))
-end
-
-function UDPInterface:newBind(...)
-    return self:call("newBind", arg)
-end
-
-function UDPInterface:beginConnection(...)
-    return self:call("beginConnection", arg)
-end
-
-function UDPInterface:newBind_ai(address)
-    local response, err = self.ai:auth({
-        q = "UDPInterface_new",
-        bindAddress = address
-    })
-    if not response then
-        return nil, err
-    elseif response.error ~= "none" then
-        return nil, response.error
-    elseif response.interfaceNumber then
-        return response.interfaceNumber
-    else
-        return nil, "bad response format"
-    end
-end
-
-function UDPInterface:newBind_config(address)
-    local udpif       = self.config.contents.interfaces.UDPInterface
-    local new_interface = {
-        bind = address,
-        connectTo = {}
-    }
-    table.insert(udpif, new_interface)
-    return (#udpif - 1), new_interface
-end
-
-function UDPInterface:newBind_perm(...)
-    return
-        self:newBind_config(unpack(arg)),
-        self:newBind_ai(unpack(arg))
-end
-
-function UDPInterface:beginConnection_ai(pubkey, addr, password, interface)
-    local request = {
-        q = "UDPInterface_beginConnection",
-        publicKey = pubkey,
-        address   = addr,
-        password  = password
-    }
-    if interface then
-        request.interfaceNumber = interface
-    end
-
-    local response, err = self.ai:auth(request)
-    if not response then
-        return nil, err
-    elseif response.error == "none" then
-        -- Unfortunately, no real success indicator either.
-        return "No error"
-    else
-        return nil, response.error
-    end
-end
-
-function UDPInterface:beginConnection_config(pubkey, addr, password, interface)
-    local udpif       = self.config.contents.interfaces.UDPInterface
-    local connections = udpif[(interface or 0) + 1].connectTo
-    local this_conn   = {
-        password  = password,
-        publicKey = pubkey
-    }
-    connections[addr] = this_conn
-    return this_conn -- allows adding metadata fields afterwards
-end
-
-function UDPInterface:beginConnection_perm(...)
-    return
-        self:beginConnection_config(unpack(arg)),
-        self:beginConnection_ai(unpack(arg))
-end
diff --git a/net/freeradius2/Config.in b/net/freeradius2/Config.in
new file mode 100644 (file)
index 0000000..cd0141e
--- /dev/null
@@ -0,0 +1,14 @@
+# FreeRADIUS avanced configuration
+
+choice
+       prompt "SSL library"
+       default FREERADIUS_OPENSSL
+       depends on PACKAGE_freeradius2-common
+
+config FREERADIUS_NOSSL
+       bool "No SSL support"
+
+config FREERADIUS_OPENSSL
+       bool "OpenSSL"
+
+endchoice
diff --git a/net/freeradius2/Makefile b/net/freeradius2/Makefile
new file mode 100644 (file)
index 0000000..b55b9bf
--- /dev/null
@@ -0,0 +1,636 @@
+#
+# Copyright (C) 2008-2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=freeradius2
+PKG_VERSION:=2.2.9
+PKG_RELEASE:=1
+
+PKG_SOURCE:=freeradius-server-$(PKG_VERSION).tar.bz2
+PKG_SOURCE_URL:=\
+       ftp://ftp.freeradius.org/pub/freeradius/ \
+       ftp://ftp.freeradius.org/pub/freeradius/old/
+PKG_MD5SUM:=d1398327ba4e23c75da06d8a0e01096b
+PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
+PKG_LICENSE:=GPL-2.0
+PKG_LICENSE_FILES:=COPYRIGHT LICENSE
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/freeradius-server-$(PKG_VERSION)
+PKG_FIXUP:=autoreconf
+PKG_CHECK_FORMAT_SECURITY:=0
+
+PKG_CONFIG_DEPENDS := \
+  FREERADIUS_OPENSSL \
+  FREERADIUS_NOSSL
+
+PKG_CHECK_FORMAT_SECURITY:=0
+include $(INCLUDE_DIR)/package.mk
+
+define Package/freeradius2/config
+  source "$(SOURCE)/Config.in"
+endef
+
+define Package/freeradius2/Default
+  SECTION:=net
+  CATEGORY:=Network
+  URL:=http://freeradius.org/
+  SUBMENU:=FreeRADIUS (version 2)
+endef
+
+define Package/freeradius2
+  $(call Package/freeradius2/Default)
+  DEPENDS:=+libltdl +libreadline +freeradius2-common
+  TITLE:=A flexible RADIUS server (version 2)
+endef
+
+define Package/freeradius2/conffiles
+/etc/freeradius2/clients.conf
+/etc/freeradius2/radiusd.conf
+/etc/freeradius2/sites/default
+endef
+
+define Package/freeradius2-democerts
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=Demo certificates to test the server
+endef
+
+define Package/freeradius2-common
+  $(call Package/freeradius2/Default)
+  TITLE:=common files
+  DEPENDS:=+libpthread +FREERADIUS_OPENSSL:libopenssl +zlib
+endef
+
+define Package/freeradius2-mod-chap
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=CHAP module
+endef
+
+define Package/freeradius2-mod-chap/conffiles
+/etc/freeradius2/modules/chap
+endef
+
+define Package/freeradius2-mod-detail
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=Detailed accounting module
+endef
+
+define Package/freeradius2-mod-detail/conffiles
+/etc/freeradius2/modules/detail
+endef
+
+define Package/freeradius2-mod-eap
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=Base EAP module
+endef
+
+define Package/freeradius2-mod-eap/conffiles
+/etc/freeradius2/eap.conf
+endef
+
+define Package/freeradius2-mod-eap-gtc
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2-mod-eap
+  TITLE:=EAP/GTC module
+endef
+
+define Package/freeradius2-mod-eap-md5
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2-mod-eap
+  TITLE:=EAP/MD5 module
+endef
+
+define Package/freeradius2-mod-eap-mschapv2
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2-mod-eap +freeradius2-mod-mschap
+  TITLE:=EAP/MS-CHAPv2 module
+endef
+
+define Package/freeradius2-mod-eap-peap
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2-mod-eap @FREERADIUS_OPENSSL
+  TITLE:=EAP/PEAP module
+endef
+
+define Package/freeradius2-mod-eap-tls
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2-mod-eap @FREERADIUS_OPENSSL
+  TITLE:=EAP/TLS module
+endef
+
+define Package/freeradius2-mod-eap-ttls
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2-mod-eap-tls
+  TITLE:=EAP/TTLS module
+endef
+
+define Package/freeradius2-mod-exec
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=EXEC module
+endef
+
+define Package/freeradius2-mod-exec/conffiles
+/etc/freeradius2/modules/exec
+endef
+
+define Package/freeradius2-mod-expiration
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=Expiration module
+endef
+
+define Package/freeradius2-mod-expiration/conffiles
+/etc/freeradius2/modules/expiration
+endef
+
+define Package/freeradius2-mod-always
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=Always module
+endef
+
+define Package/freeradius2-mod-always/conffiles
+/etc/freeradius2/modules/always
+endef
+
+define Package/freeradius2-mod-expr
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=EXPR module
+endef
+
+define Package/freeradius2-mod-expr/conffiles
+/etc/freeradius2/modules/expr
+endef
+
+define Package/freeradius2-mod-attr-filter
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=ATTR filter module
+endef
+
+define Package/freeradius2-mod-attr-filter/conffiles
+/etc/freeradius2/modules/attr_filter
+/etc/freeradius2/attrs
+/etc/freeradius2/attrs.access_reject
+/etc/freeradius2/attrs.accounting_response
+/etc/freeradius2/attrs.pre-proxy
+endef
+
+define Package/freeradius2-mod-attr-rewrite
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=ATTR rewrite module
+endef
+
+define Package/freeradius2-mod-attr-rewrite/conffiles
+/etc/freeradius2/modules/attr_rewrite
+endef
+
+define Package/freeradius2-mod-files
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=Module using local files for authorization
+endef
+
+define Package/freeradius2-mod-files/conffiles
+/etc/freeradius2/acct_users
+/etc/freeradius2/preproxy_users
+/etc/freeradius2/users
+/etc/freeradius2/modules/files
+endef
+
+define Package/freeradius2-mod-passwd
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=Rlm passwd module
+endef
+
+define Package/freeradius2-mod-passwd/conffiles
+/etc/freeradius2/modules/passwd
+endef
+
+define Package/freeradius2-mod-ldap
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2 +libopenldap
+  TITLE:=LDAP module
+endef
+
+define Package/freeradius2-mod-ldap/conffiles
+/etc/freeradius2/ldap.attrmap
+/etc/freeradius2/modules/ldap
+endef
+
+define Package/freeradius2-mod-logintime
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=Logintime module
+endef
+
+define Package/freeradius2-mod-logintime/conffiles
+/etc/freeradius2/modules/logintime
+endef
+
+define Package/freeradius2-mod-mschap
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=MS-CHAP and MS-CHAPv2 module
+endef
+
+define Package/freeradius2-mod-mschap/conffiles
+/etc/freeradius2/modules/mschap
+endef
+
+define Package/freeradius2-mod-pap
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=PAP module
+endef
+
+define Package/freeradius2-mod-pap/conffiles
+/etc/freeradius2/modules/pap
+endef
+
+define Package/freeradius2-mod-preprocess
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=Request pre-processing module
+endef
+
+define Package/freeradius2-mod-preprocess/conffiles
+/etc/freeradius2/hints
+/etc/freeradius2/huntgroups
+/etc/freeradius2/modules/preprocess
+endef
+
+define Package/freeradius2-mod-realm
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=Realms handling module
+endef
+
+define Package/freeradius2-mod-realm/conffiles
+/etc/freeradius2/proxy.conf
+/etc/freeradius2/modules/realm
+endef
+
+define Package/freeradius2-mod-sql
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=Base SQL module
+endef
+
+define Package/freeradius2-mod-sql/conffiles
+/etc/freeradius2/sql.conf
+endef
+
+define Package/freeradius2-mod-sql-mysql
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2-mod-sql +libmysqlclient-r
+  TITLE:=MySQL module
+endef
+
+define Package/freeradius2-mod-sql-pgsql
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2-mod-sql +libpq
+  TITLE:=PostgreSQL module
+endef
+
+define Package/freeradius2-mod-sql-sqlite
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2-mod-sql +libsqlite3
+  TITLE:=SQLite module
+endef
+
+define Package/freeradius2-mod-sqlcounter
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2-mod-sql
+  TITLE:=Generic SQL Counter module
+endef
+
+define Package/freeradius2-mod-radutmp
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=Radius UTMP module
+endef
+
+define Package/freeradius2-mod-radutmp/conffiles
+/etc/freeradius2/modules/radutmp
+/etc/freeradius2/modules/sradutmp
+endef
+
+define Package/freeradius2-utils
+  $(call Package/freeradius2/Default)
+  DEPENDS:=+freeradius2-common
+  TITLE:=Misc. client utilities
+endef
+
+define Package/freeradius2-mod-sqllog
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=SQL Logging module
+endef
+
+CONFIGURE_ARGS+= \
+       --libdir=/usr/lib/freeradius2 \
+       --libexecdir=/usr/lib/freeradius2 \
+       --enable-shared \
+       --disable-static \
+       --disable-developer \
+       --with-threads \
+       $(if $(CONFIG_FREERADIUS_OPENSSL),--with,--without)-openssl \
+       $(if $(CONFIG_FREERADIUS_OPENSSL),--with-openssl-includes="$(STAGING_DIR)/usr/include",) \
+       $(if $(CONFIG_FREERADIUS_OPENSSL),--with-openssl-libraries="$(STAGING_DIR)/usr/lib",) \
+       $(if $(CONFIG_FREERADIUS_OPENSSL),--disable-openssl-version-check,) \
+       --with-system-libtool \
+       --with-system-libltdl \
+       --enable-strict-dependencies \
+       --with-raddbdir=/etc/freeradius2 \
+       --with-radacctdir=/var/db/radacct \
+       --with-logdir=/var/log \
+       --without-edir \
+       --without-snmp \
+       --without-rlm_checkval \
+       --without-rlm_dbm \
+       --without-rlm_counter \
+       --with-rlm_expr \
+       --with-rlm_eap \
+       --without-rlm_eap_sim \
+       --without-rlm_example \
+       --without-rlm_ippool \
+       --without-rlm_krb5 \
+       --without-rlm_otp \
+       --without-rlm_smsotp \
+       --without-rlm_pam \
+       --without-rlm_perl \
+       --without-rlm_python \
+       --without-rlm_smb \
+       --with-rlm_sql \
+       --with-rlm_sqlcounter \
+       --without-rlm_sqlhpwippool \
+       --without-rlm_sqlippool \
+       --without-rlm_sql_db2 \
+       --without-rlm_sql_firebird \
+       --without-rlm_sql_freetds \
+       --without-rlm_sql_iodbc \
+       --without-rlm_sql_oracle \
+       --without-rlm_sql_sybase \
+       --without-rlm_sql_unixodbc \
+       --without-rlm_sql_log \
+       --without-rlm_unix \
+       --without-rlm_eap_tnc \
+       --without-rlm_eap_ikev2 \
+       --without-rlm_opendirectory \
+       --without-rlm_wimax \
+       --without-rlm_ruby \
+       --without-rlm_caching \
+       --without-rlm_redis \
+       --without-rlm_rediswho \
+       --without-rlm_soh \
+       --without-rlm_sim \
+       --without-rlm_replicate \
+       --without-rlm_protocol_filter \
+       --without-rlm_policy \
+       --without-rlm_linelog \
+       --without-rlm_jradius \
+       --without-rlm_fastusers \
+       --without-rlm_eap_leap \
+       --without-rlm_dynamic_clients \
+       --without-rlm_digest \
+       --without-rlm_cram \
+       --without-rlm_copy_packet \
+       --without-rlm_acct_unique \
+       --without-rlm_acctlog
+       
+
+PKG_DICTIONARIES:= \
+       freeradius freeradius.internal \
+       rfc2865 rfc2866 rfc2867 rfc2868 rfc2869 rfc3162 rfc3576 rfc3580 \
+       rfc4372 rfc4675 rfc4679 \
+       microsoft \
+       wispr \
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-ldap),)
+  CONFIGURE_ARGS+= \
+               --with-rlm_ldap-include-dir="$(STAGING_DIR)/usr/include" \
+               --with-rlm_ldap-lib-dir="$(STAGING_DIR)/usr/lib"
+  CONFIGURE_LIBS+= -lcrypto -lssl
+else
+  CONFIGURE_ARGS+= --without-rlm_ldap
+endif
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-sql-mysql),)
+  CONFIGURE_ARGS+= \
+               --with-mysql-include-dir="$(STAGING_DIR)/usr/include" \
+               --with-mysql-lib-dir="$(STAGING_DIR)/usr/lib/mysql"
+  CONFIGURE_LIBS+= -lz
+  CONFIGURE_VARS+= ac_cv_lib_mysqlclient_r_mysql_init=yes
+else
+  CONFIGURE_ARGS+= --without-rlm_sql_mysql
+endif
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-sql-pgsql),)
+  CONFIGURE_ARGS+= \
+               --with-rlm_sql_postgresql-include-dir="$(STAGING_DIR)/usr/include" \
+               --with-rlm_sql_postgresql-lib-dir="$(STAGING_DIR)/usr/lib"
+else
+  CONFIGURE_ARGS+= --without-rlm_sql_postgresql
+endif
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-sqllog),)
+  CONFIGURE_ARGS+= \
+        --with-rlm_sql_log \
+        --with-experimental-modules \
+else
+  CONFIGURE_ARGS+= --without-rlm_sql_log
+endif
+
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-sql-sqlite),)
+  CONFIGURE_ARGS+= \
+       --with-rlm_sql_sqlite \
+       --with-experimental-modules \
+       --with-sqlite-include-dir="$(STAGING_DIR)/usr/include" \
+       --with-sqlite-lib-dir="$(STAGING_DIR)/usr/lib"
+else
+  CONFIGURE_ARGS+= --without-rlm_sql_sqlite
+endif
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-eap-peap),)
+  CONFIGURE_ARGS+= \
+               --with-rlm_eap_peap \
+               --with-rlm_eap_peap-include-dir="$(STAGING_DIR)/usr/include" \
+               --with-rlm_eap_peap-lib-dir="$(STAGING_DIR)/usr/lib"
+  CONFIGURE_LIBS+= -lcrypto -lssl
+else
+  CONFIGURE_ARGS+= --without-rlm_eap_peap
+endif
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-eap-tls),)
+  CONFIGURE_ARGS+= \
+               --with-rlm_eap_tls \
+               --with-rlm_eap_tls-include-dir="$(STAGING_DIR)/usr/include" \
+               --with-rlm_eap_tls-lib-dir="$(STAGING_DIR)/usr/lib"
+  CONFIGURE_LIBS+= -lcrypto -lssl
+else
+  CONFIGURE_ARGS+= --without-rlm_eap_tls
+endif
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-eap-ttls),)
+  CONFIGURE_ARGS+= \
+               --with-rlm_eap_ttls \
+               --with-rlm_eap_ttls-include-dir="$(STAGING_DIR)/usr/include" \
+               --with-rlm_eap_ttls-lib-dir="$(STAGING_DIR)/usr/lib"
+  CONFIGURE_LIBS+= -lcrypto -lssl
+else
+  CONFIGURE_ARGS+= --without-rlm_eap_ttls
+endif
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-attr-rewrite),)
+  CONFIGURE_ARGS+= --with-rlm_attr-rewrite
+else
+  CONFIGURE_ARGS+= --without-rlm_attr-rewrite
+endif
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-radutmp),)
+  CONFIGURE_ARGS+= --with-rlm_radutmp
+else
+  CONFIGURE_ARGS+= --without-rlm_radutmp
+endif
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-logintime),)
+  CONFIGURE_ARGS+= --with-rlm_logintime
+else
+  CONFIGURE_ARGS+= --without-rlm_logintime
+endif
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-expiration),)
+  CONFIGURE_ARGS+= --with-rlm_expiration
+else
+  CONFIGURE_ARGS+= --without-rlm_expiration
+endif
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-always),)
+  CONFIGURE_ARGS+= --with-rlm_always
+else
+  CONFIGURE_ARGS+= --without-rlm_always
+endif
+
+CONFIGURE_VARS+= \
+       LDFLAGS="$$$$LDFLAGS" \
+       LIBS="$(CONFIGURE_LIBS)" \
+       MYSQL_CONFIG="no" \
+       ac_cv_lib_readline=no \
+
+define Build/Compile
+       $(MAKE) -C $(PKG_BUILD_DIR) \
+               R="$(PKG_INSTALL_DIR)" \
+               INSTALLSTRIP="" \
+               all certs install
+endef
+
+define Package/freeradius2-common/install
+       $(INSTALL_DIR) $(1)/etc/freeradius2
+       chmod 771 $(1)/etc/freeradius2
+       $(CP) $(PKG_INSTALL_DIR)/etc/freeradius2/dictionary $(1)/etc/freeradius2/ ; \
+       $(INSTALL_DIR) $(1)/usr/lib/freeradius2
+       $(CP) $(PKG_INSTALL_DIR)/usr/lib/freeradius2/libfreeradius-radius{,-*}.so $(1)/usr/lib/freeradius2
+       $(CP) $(PKG_INSTALL_DIR)/usr/lib/freeradius2/libfreeradius-eap{,-*}.so $(1)/usr/lib/freeradius2
+       $(INSTALL_DIR) $(1)/usr/share/freeradius2
+       $(CP) $(PKG_INSTALL_DIR)/usr/share/freeradius/dictionary $(1)/usr/share/freeradius2/
+       $(SED) "s,^\(\$$$$INCLUDE\),#\1,g" $(1)/usr/share/freeradius2/dictionary
+       for f in $(PKG_DICTIONARIES); do \
+               $(CP) $(PKG_INSTALL_DIR)/usr/share/freeradius/dictionary.$$$${f} $(1)/usr/share/freeradius2/ ; \
+               $(SED) "s,^#\(\$$$$INCLUDE dictionary\.$$$${f}\),\1,g" $(1)/usr/share/freeradius2/dictionary ; \
+       done
+endef
+
+define Package/freeradius2/install
+       $(INSTALL_DIR) $(1)/etc/freeradius2/modules
+       $(INSTALL_DIR) $(1)/etc/freeradius2/sites
+       for f in clients.conf radiusd.conf policy.conf; do \
+               $(CP) $(PKG_INSTALL_DIR)/etc/freeradius2/$$$${f} $(1)/etc/freeradius2/ ; \
+       done
+       $(CP) $(PKG_INSTALL_DIR)/etc/freeradius2/sites-available/default $(1)/etc/freeradius2/sites/default
+       $(INSTALL_DIR) $(1)/usr/sbin
+       $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/radiusd $(1)/usr/sbin/
+       $(INSTALL_DIR) $(1)/etc/init.d
+       $(INSTALL_BIN) ./files/radiusd.init $(1)/etc/init.d/radiusd
+endef
+
+define Package/freeradius2-democerts/install
+       $(INSTALL_DIR) $(1)/etc/freeradius2/certs
+       $(CP) \
+               $(PKG_BUILD_DIR)/raddb/certs/ca.pem \
+               $(PKG_BUILD_DIR)/raddb/certs/dh \
+               $(PKG_BUILD_DIR)/raddb/certs/random \
+               $(PKG_BUILD_DIR)/raddb/certs/server.pem \
+               $(1)/etc/freeradius2/certs/
+endef
+
+define Package/freeradius2-utils/install
+       $(INSTALL_DIR) $(1)/usr/bin
+       for f in radclient radeapclient radwho; do \
+               $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/$$$${f} $(1)/usr/bin/ ; \
+       done
+endef
+
+define BuildPlugin
+  define Package/$(1)/install
+       [ -z "$(2)" ] || $(INSTALL_DIR) $$(1)/usr/lib/freeradius2
+       for m in $(2); do \
+               $(CP) $(PKG_INSTALL_DIR)/usr/lib/freeradius2/$$$$$$$${m}{,-*}.so $$(1)/usr/lib/freeradius2 ; \
+       done
+       [ -z "$(3)" ] || $(INSTALL_DIR) $$(1)/etc/freeradius2
+       [ -z "$(4)" ] || $(INSTALL_DIR) $$(1)/etc/freeradius2/$(4)
+       for f in $(3); do \
+               $(CP) $(PKG_INSTALL_DIR)/etc/freeradius2/$$$$$$$${f} $$(1)/etc/freeradius2/$$$$$$$${f} ; \
+       done
+  endef
+
+  $$(eval $$(call BuildPackage,$(1)))
+endef
+
+$(eval $(call BuildPackage,freeradius2))
+$(eval $(call BuildPackage,freeradius2-common))
+$(eval $(call BuildPackage,freeradius2-democerts))
+$(eval $(call BuildPlugin,freeradius2-mod-chap,rlm_chap,modules/chap,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-detail,rlm_detail,modules/detail,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-eap,rlm_eap,eap.conf))
+$(eval $(call BuildPlugin,freeradius2-mod-eap-gtc,rlm_eap_gtc,))
+$(eval $(call BuildPlugin,freeradius2-mod-eap-md5,rlm_eap_md5,))
+$(eval $(call BuildPlugin,freeradius2-mod-eap-mschapv2,rlm_eap_mschapv2,))
+$(eval $(call BuildPlugin,freeradius2-mod-eap-peap,rlm_eap_peap,))
+$(eval $(call BuildPlugin,freeradius2-mod-eap-tls,rlm_eap_tls,))
+$(eval $(call BuildPlugin,freeradius2-mod-eap-ttls,rlm_eap_ttls,))
+$(eval $(call BuildPlugin,freeradius2-mod-exec,rlm_exec,modules/exec modules/echo ,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-attr-rewrite,rlm_attr_rewrite,modules/attr_rewrite,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-files,rlm_files,acct_users preproxy_users users modules/files,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-passwd,rlm_passwd,modules/passwd,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-ldap,rlm_ldap,ldap.attrmap modules/ldap,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-mschap,rlm_mschap,modules/mschap,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-pap,rlm_pap,modules/pap,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-preprocess,rlm_preprocess,hints huntgroups modules/preprocess,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-realm,rlm_realm,proxy.conf modules/realm modules/inner-eap,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-sql,rlm_sql,sql.conf,))
+$(eval $(call BuildPlugin,freeradius2-mod-sql-mysql,rlm_sql_mysql,))
+$(eval $(call BuildPlugin,freeradius2-mod-sql-pgsql,rlm_sql_postgresql,))
+$(eval $(call BuildPlugin,freeradius2-mod-sql-sqlite,rlm_sql_sqlite,))
+$(eval $(call BuildPlugin,freeradius2-mod-sqlcounter,rlm_sqlcounter,))
+$(eval $(call BuildPlugin,freeradius2-mod-sqllog,rlm_sql_log,))
+$(eval $(call BuildPlugin,freeradius2-mod-radutmp,rlm_radutmp,modules/radutmp modules/sradutmp,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-logintime,rlm_logintime,modules/logintime,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-expr,rlm_expr,modules/expr,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-attr-filter,rlm_attr_filter,modules/attr_filter attrs attrs.access_reject attrs.accounting_response attrs.pre-proxy,modules,,))
+$(eval $(call BuildPlugin,freeradius2-mod-expiration,rlm_expiration,modules/expiration,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-always,rlm_always,modules/always,modules,))
+$(eval $(call BuildPackage,freeradius2-utils))
diff --git a/net/freeradius2/files/radiusd.init b/net/freeradius2/files/radiusd.init
new file mode 100644 (file)
index 0000000..2127e98
--- /dev/null
@@ -0,0 +1,29 @@
+#!/bin/sh /etc/rc.common
+#
+# Copyright (C) 2006-2015 OpenWrt.org
+#
+
+USE_PROCD=1
+
+START=50
+
+NAME=radiusd
+PROG=/usr/sbin/radiusd
+DEFAULT=/etc/default/radiusd
+
+start_service()
+{
+       [ -f $DEFAULT ] && . $DEFAULT
+       mkdir -p /var/log
+       mkdir -p /var/run
+       mkdir -p /var/db/radacct
+       mkdir -p /tmp/radiusd
+
+       procd_open_instance
+       procd_set_param command $PROG -f
+       procd_set_param env LD_LIBRARY_PATH=/usr/lib/freeradius2
+       [ -n "$IPADDR" ] && procd_append_param command -i $IPADDR
+       [ -n "$OPTIONS" ] && procd_append_param command $OPTIONS
+       procd_set_param respawn
+       procd_close_instance
+}
diff --git a/net/freeradius2/patches/001-fix-makefile.patch b/net/freeradius2/patches/001-fix-makefile.patch
new file mode 100644 (file)
index 0000000..676f99c
--- /dev/null
@@ -0,0 +1,12 @@
+Index: freeradius-server-2.2.7/Make.inc.in
+===================================================================
+--- freeradius-server-2.2.7.orig/Make.inc.in
++++ freeradius-server-2.2.7/Make.inc.in
+@@ -5,6 +5,7 @@
+ #
+ # Location of files.
++SHELL         = @SHELL@
+ prefix                = @prefix@
+ exec_prefix   = @exec_prefix@
+ sysconfdir    = @sysconfdir@
diff --git a/net/freeradius2/patches/002-config.patch b/net/freeradius2/patches/002-config.patch
new file mode 100644 (file)
index 0000000..c486389
--- /dev/null
@@ -0,0 +1,613 @@
+Index: freeradius-server-2.2.7/raddb/dictionary.in
+===================================================================
+--- freeradius-server-2.2.7.orig/raddb/dictionary.in
++++ freeradius-server-2.2.7/raddb/dictionary.in
+@@ -11,7 +11,7 @@
+ #
+ #     The filename given here should be an absolute path. 
+ #
+-$INCLUDE      @prefix@/share/freeradius/dictionary
++$INCLUDE      @prefix@/share/freeradius2/dictionary
+ #
+ #     Place additional attributes or $INCLUDEs here.  They will
+Index: freeradius-server-2.2.7/raddb/eap.conf
+===================================================================
+--- freeradius-server-2.2.7.orig/raddb/eap.conf
++++ freeradius-server-2.2.7/raddb/eap.conf
+@@ -27,7 +27,7 @@
+               #  then that EAP type takes precedence over the
+               #  default type configured here.
+               #
+-              default_eap_type = md5
++              default_eap_type = peap
+               #  A list is maintained to correlate EAP-Response
+               #  packets with EAP-Request packets.  After a
+@@ -72,8 +72,8 @@
+               #  for wireless connections.  It is insecure, and does
+               #  not provide for dynamic WEP keys.
+               #
+-              md5 {
+-              }
++#             md5 {
++#             }
+               # Cisco LEAP
+               #
+@@ -87,8 +87,8 @@
+               #  User-Password, or the NT-Password attributes.
+               #  'System' authentication is impossible with LEAP.
+               #
+-              leap {
+-              }
++#             leap {
++#             }
+               #  Generic Token Card.
+               #
+@@ -101,7 +101,7 @@
+               #  the users password will go over the wire in plain-text,
+               #  for anyone to see.
+               #
+-              gtc {
++#             gtc {
+                       #  The default challenge, which many clients
+                       #  ignore..
+                       #challenge = "Password: "
+@@ -118,8 +118,8 @@
+                       #  configured for the request, and do the
+                       #  authentication itself.
+                       #
+-                      auth_type = PAP
+-              }
++#                     auth_type = PAP
++#             }
+               ## EAP-TLS
+               #
+@@ -215,7 +215,7 @@
+                       #  In these cases, fragment size should be
+                       #  1024 or less.
+                       #
+-              #       fragment_size = 1024
++                      fragment_size = 1024
+                       #  include_length is a flag which is
+                       #  by default set to yes If set to
+@@ -225,7 +225,7 @@
+                       #  message is included ONLY in the
+                       #  First packet of a fragment series.
+                       #
+-              #       include_length = yes
++                      include_length = yes
+                       #  Check the Certificate Revocation List
+                       #
+@@ -297,7 +297,7 @@
+                       # for the server to print out an error message,
+                       # and refuse to start.
+                       #
+-                      make_cert_command = "${certdir}/bootstrap"
++              #       make_cert_command = "${certdir}/bootstrap"
+                       #
+                       #  Elliptical cryptography configuration
+@@ -332,7 +332,7 @@
+                       #  You probably also want "use_tunneled_reply = yes"
+                       #  when using fast session resumption.
+                       #
+-                      cache {
++              #       cache {
+                             #
+                             #  Enable it.  The default is "no".
+                             #  Deleting the entire "cache" subsection
+@@ -348,14 +348,14 @@
+                             #  enable resumption for just one user
+                             #  by setting the above attribute to "yes".
+                             #
+-                            enable = no
++              #             enable = no
+                             #
+                             #  Lifetime of the cached entries, in hours.
+                             #  The sessions will be deleted after this
+                             #  time.
+                             #
+-                            lifetime = 24 # hours
++              #             lifetime = 24 # hours
+                             #
+                             #  The maximum number of entries in the
+@@ -364,8 +364,8 @@
+                             #  This could be set to the number of users
+                             #  who are logged in... which can be a LOT.
+                             #
+-                            max_entries = 255
+-                      }
++              #             max_entries = 255
++              #       }
+                       #
+                       #  As of version 2.1.10, client certificates can be
+@@ -503,7 +503,7 @@
+               #
+               #  in the control items for a request.
+               #
+-              ttls {
++#             ttls {
+                       #  The tunneled EAP session needs a default
+                       #  EAP type which is separate from the one for
+                       #  the non-tunneled EAP module.  Inside of the
+@@ -511,7 +511,7 @@
+                       #  If the request does not contain an EAP
+                       #  conversation, then this configuration entry
+                       #  is ignored.
+-                      default_eap_type = md5
++#                     default_eap_type = mschapv2
+                       #  The tunneled authentication request does
+                       #  not usually contain useful attributes
+@@ -527,7 +527,7 @@
+                       #  is copied to the tunneled request.
+                       #
+                       # allowed values: {no, yes}
+-                      copy_request_to_tunnel = no
++#                     copy_request_to_tunnel = yes
+                       #  The reply attributes sent to the NAS are
+                       #  usually based on the name of the user
+@@ -540,7 +540,7 @@
+                       #  the tunneled request.
+                       #
+                       # allowed values: {no, yes}
+-                      use_tunneled_reply = no
++#                     use_tunneled_reply = no
+                       #
+                       #  The inner tunneled request can be sent
+@@ -552,13 +552,13 @@
+                       #  the virtual server that processed the
+                       #  outer requests.
+                       #
+-                      virtual_server = "inner-tunnel"
++#                     virtual_server = "inner-tunnel"
+                       #  This has the same meaning as the
+                       #  same field in the "tls" module, above.
+                       #  The default value here is "yes".
+               #       include_length = yes
+-              }
++#             }
+               ##################################################
+               #
+@@ -627,14 +627,14 @@
+                       #  the PEAP module also has these configuration
+                       #  items, which are the same as for TTLS.
+-                      copy_request_to_tunnel = no
+-                      use_tunneled_reply = no
++                      copy_request_to_tunnel = yes
++                      use_tunneled_reply = yes
+                       #  When the tunneled session is proxied, the
+                       #  home server may not understand EAP-MSCHAP-V2.
+                       #  Set this entry to "no" to proxy the tunneled
+                       #  EAP-MSCHAP-V2 as normal MSCHAPv2.
+-              #       proxy_tunneled_request_as_eap = yes
++                      proxy_tunneled_request_as_eap = no
+                       #
+                       #  The inner tunneled request can be sent
+@@ -646,7 +646,8 @@
+                       #  the virtual server that processed the
+                       #  outer requests.
+                       #
+-                      virtual_server = "inner-tunnel"
++              #       virtual_server = "inner-tunnel"
++                      EAP-TLS-Require-Client-Cert = no
+                       # This option enables support for MS-SoH
+                       # see doc/SoH.txt for more info.
+Index: freeradius-server-2.2.7/raddb/modules/counter
+===================================================================
+--- freeradius-server-2.2.7.orig/raddb/modules/counter
++++ freeradius-server-2.2.7/raddb/modules/counter
+@@ -69,7 +69,7 @@
+ #  'check-name' attribute.
+ #
+ counter daily {
+-      filename = ${db_dir}/db.daily
++      filename = ${radacctdir}/db.daily
+       key = User-Name
+       count-attribute = Acct-Session-Time
+       reset = daily
+Index: freeradius-server-2.2.7/raddb/modules/pap
+===================================================================
+--- freeradius-server-2.2.7.orig/raddb/modules/pap
++++ freeradius-server-2.2.7/raddb/modules/pap
+@@ -18,5 +18,5 @@
+ #
+ #  http://www.openldap.org/faq/data/cache/347.html
+ pap {
+-      auto_header = no
++      auto_header = yes
+ }
+Index: freeradius-server-2.2.7/raddb/modules/radutmp
+===================================================================
+--- freeradius-server-2.2.7.orig/raddb/modules/radutmp
++++ freeradius-server-2.2.7/raddb/modules/radutmp
+@@ -12,7 +12,7 @@ radutmp {
+       #  Where the file is stored.  It's not a log file,
+       #  so it doesn't need rotating.
+       #
+-      filename = ${logdir}/radutmp
++      filename = ${radacctdir}/radutmp
+       #  The field in the packet to key on for the
+       #  'user' name,  If you have other fields which you want
+Index: freeradius-server-2.2.7/raddb/modules/sradutmp
+===================================================================
+--- freeradius-server-2.2.7.orig/raddb/modules/sradutmp
++++ freeradius-server-2.2.7/raddb/modules/sradutmp
+@@ -10,7 +10,7 @@
+ # then name "sradutmp" to identify it later in the "accounting"
+ # section.
+ radutmp sradutmp {
+-      filename = ${logdir}/sradutmp
++      filename = ${radacctdir}/sradutmp
+       perm = 0644
+       callerid = "no"
+ }
+Index: freeradius-server-2.2.7/raddb/radiusd.conf.in
+===================================================================
+--- freeradius-server-2.2.7.orig/raddb/radiusd.conf.in
++++ freeradius-server-2.2.7/raddb/radiusd.conf.in
+@@ -66,7 +66,7 @@ name = radiusd
+ #  Location of config and logfiles.
+ confdir = ${raddbdir}
+-run_dir = ${localstatedir}/run/${name}
++run_dir = ${localstatedir}/run
+ # Should likely be ${localstatedir}/lib/radiusd
+ db_dir = ${raddbdir}
+@@ -323,7 +323,7 @@ listen {
+       #  If your system does not support this feature, you will
+       #  get an error if you try to use it.
+       #
+-#     interface = eth0
++      interface = br-lan
+       #  Per-socket lists of clients.  This is a very useful feature.
+       #
+@@ -350,7 +350,7 @@ listen {
+ #     ipv6addr = ::
+       port = 0
+       type = acct
+-#     interface = eth0
++      interface = br-lan
+ #     clients = per_socket_clients
+ }
+@@ -576,8 +576,8 @@ security {
+ #
+ #  allowed values: {no, yes}
+ #
+-proxy_requests  = yes
+-$INCLUDE proxy.conf
++proxy_requests  = no
++#$INCLUDE proxy.conf
+ # CLIENTS CONFIGURATION
+@@ -774,7 +774,7 @@ instantiate {
+       #  The entire command line (and output) must fit into 253 bytes.
+       #
+       #  e.g. Framed-Pool = `%{exec:/bin/echo foo}`
+-      exec
++#     exec
+       #
+       #  The expression module doesn't do authorization,
+@@ -791,15 +791,15 @@ instantiate {
+       #  other xlat functions such as md5, sha1 and lc.
+       #
+       #  We do not recommend removing it's listing here.
+-      expr
++#     expr
+       #
+       # We add the counter module here so that it registers
+       # the check-name attribute before any module which sets
+       # it
+ #     daily
+-      expiration
+-      logintime
++#     expiration
++#     logintime
+       # subsections here can be thought of as "virtual" modules.
+       #
+@@ -823,7 +823,7 @@ instantiate {
+ #     to multiple times.
+ #
+ ######################################################################
+-$INCLUDE policy.conf
++#$INCLUDE policy.conf
+ ######################################################################
+ #
+@@ -833,9 +833,9 @@ $INCLUDE policy.conf
+ #     match the regular expression: /[a-zA-Z0-9_.]+/
+ #
+ #     It allows you to define new virtual servers simply by placing
+-#     a file into the raddb/sites-enabled/ directory.
++#     a file into the /etc/freeradius2/sites/ directory.
+ #
+-$INCLUDE sites-enabled/
++$INCLUDE sites/
+ ######################################################################
+ #
+@@ -843,7 +843,7 @@ $INCLUDE sites-enabled/
+ #     "authenticate {}", "accounting {}", have been moved to the
+ #     the file:
+ #
+-#             raddb/sites-available/default
++#             /etc/freeradius2/sites/default
+ #
+ #     This is the "default" virtual server that has the same
+ #     configuration as in version 1.0.x and 1.1.x.  The default
+Index: freeradius-server-2.2.7/raddb/sites-available/default
+===================================================================
+--- freeradius-server-2.2.7.orig/raddb/sites-available/default
++++ freeradius-server-2.2.7/raddb/sites-available/default
+@@ -85,7 +85,7 @@ authorize {
+       #
+       #  It takes care of processing the 'raddb/hints' and the
+       #  'raddb/huntgroups' files.
+-      preprocess
++#     preprocess
+       #
+       #  If you want to have a log of authentication requests,
+@@ -96,7 +96,7 @@ authorize {
+       #
+       #  The chap module will set 'Auth-Type := CHAP' if we are
+       #  handling a CHAP request and Auth-Type has not already been set
+-      chap
++#     chap
+       #
+       #  If the users are logging in with an MS-CHAP-Challenge
+@@ -104,13 +104,13 @@ authorize {
+       #  the MS-CHAP-Challenge attribute, and add 'Auth-Type := MS-CHAP'
+       #  to the request, which will cause the server to then use
+       #  the mschap module for authentication.
+-      mschap
++#     mschap
+       #
+       #  If you have a Cisco SIP server authenticating against
+       #  FreeRADIUS, uncomment the following line, and the 'digest'
+       #  line in the 'authenticate' section.
+-      digest
++#     digest
+       #
+       #  The WiMAX specification says that the Calling-Station-Id
+@@ -133,7 +133,7 @@ authorize {
+       #  Otherwise, when the first style of realm doesn't match,
+       #  the other styles won't be checked.
+       #
+-      suffix
++#     suffix
+ #     ntdomain
+       #
+@@ -197,8 +197,8 @@ authorize {
+       # Use the checkval module
+ #     checkval
+-      expiration
+-      logintime
++#     expiration
++#     logintime
+       #
+       #  If no other module has claimed responsibility for
+@@ -279,7 +279,7 @@ authenticate {
+       #  If you have a Cisco SIP server authenticating against
+       #  FreeRADIUS, uncomment the following line, and the 'digest'
+       #  line in the 'authorize' section.
+-      digest
++#     digest
+       #
+       #  Pluggable Authentication Modules.
+@@ -296,7 +296,7 @@ authenticate {
+       #  be used for authentication ONLY for compatibility with legacy
+       #  FreeRADIUS configurations.
+       #
+-      unix
++#     unix
+       # Uncomment it if you want to use ldap for authentication
+       #
+@@ -332,8 +332,8 @@ authenticate {
+ #
+ #  Pre-accounting.  Decide which accounting type to use.
+ #
+-preacct {
+-      preprocess
++#preacct {
++#     preprocess
+       #
+       #  Session start times are *implied* in RADIUS.
+@@ -356,7 +356,7 @@ preacct {
+       #
+       #  Ensure that we have a semi-unique identifier for every
+       #  request, and many NAS boxes are broken.
+-      acct_unique
++#     acct_unique
+       #
+       #  Look for IPASS-style 'realm/', and if not found, look for
+@@ -366,13 +366,13 @@ preacct {
+       #  Accounting requests are generally proxied to the same
+       #  home server as authentication requests.
+ #     IPASS
+-      suffix
++#     suffix
+ #     ntdomain
+       #
+       #  Read the 'acct_users' file
+-      files
+-}
++#     files
++#}
+ #
+ #  Accounting.  Log the accounting data.
+@@ -382,7 +382,7 @@ accounting {
+       #  Create a 'detail'ed log of the packets.
+       #  Note that accounting requests which are proxied
+       #  are also logged in the detail file.
+-      detail
++#     detail
+ #     daily
+       #  Update the wtmp file
+@@ -434,7 +434,7 @@ accounting {
+       exec
+       #  Filter attributes from the accounting response.
+-      attr_filter.accounting_response
++      #attr_filter.accounting_response
+       #
+       #  See "Autz-Type Status-Server" for how this works.
+@@ -460,7 +460,7 @@ session {
+ #  Post-Authentication
+ #  Once we KNOW that the user has been authenticated, there are
+ #  additional steps we can take.
+-post-auth {
++#post-auth {
+       #  Get an address from the IP Pool.
+ #     main_pool
+@@ -490,7 +490,7 @@ post-auth {
+ #     ldap
+       # For Exec-Program and Exec-Program-Wait
+-      exec
++#     exec
+       #
+       #  Calculate the various WiMAX keys.  In order for this to work,
+@@ -574,18 +574,18 @@ post-auth {
+       #  Add the ldap module name (or instance) if you have set 
+       #  'edir_account_policy_check = yes' in the ldap module configuration
+       #
+-      Post-Auth-Type REJECT {
+-              # log failed authentications in SQL, too.
++#     Post-Auth-Type REJECT {
++#             # log failed authentications in SQL, too.
+ #             sql
+               # Insert EAP-Failure message if the request was
+               # rejected by policy instead of because of an
+               # authentication failure
+-              eap
++#             eap
+-              attr_filter.access_reject
+-      }
+-}
++#             attr_filter.access_reject
++#     }
++#}
+ #
+ #  When the server decides to proxy a request to a home server,
+@@ -595,7 +595,7 @@ post-auth {
+ #
+ #  Only a few modules currently have this method.
+ #
+-pre-proxy {
++#pre-proxy {
+ #     attr_rewrite
+       #  Uncomment the following line if you want to change attributes
+@@ -611,14 +611,14 @@ pre-proxy {
+       #  server, un-comment the following line, and the
+       #  'detail pre_proxy_log' section, above.
+ #     pre_proxy_log
+-}
++#}
+ #
+ #  When the server receives a reply to a request it proxied
+ #  to a home server, the request may be massaged here, in the
+ #  post-proxy stage.
+ #
+-post-proxy {
++#post-proxy {
+       #  If you want to have a log of replies from a home server,
+       #  un-comment the following line, and the 'detail post_proxy_log'
+@@ -642,7 +642,7 @@ post-proxy {
+       #  hidden inside of the EAP packet, and the end server will
+       #  reject the EAP request.
+       #
+-      eap
++#     eap
+       #
+       #  If the server tries to proxy a request and fails, then the
+@@ -664,5 +664,5 @@ post-proxy {
+ #     Post-Proxy-Type Fail {
+ #                     detail
+ #     }
+-}
++#}
+Index: freeradius-server-2.2.7/raddb/users
+===================================================================
+--- freeradius-server-2.2.7.orig/raddb/users
++++ freeradius-server-2.2.7/raddb/users
+@@ -169,22 +169,22 @@
+ #     by the terminal server in which case there may not be a "P" suffix.
+ #     The terminal server sends "Framed-Protocol = PPP" for auto PPP.
+ #
+-DEFAULT       Framed-Protocol == PPP
+-      Framed-Protocol = PPP,
+-      Framed-Compression = Van-Jacobson-TCP-IP
++#DEFAULT      Framed-Protocol == PPP
++#     Framed-Protocol = PPP,
++#     Framed-Compression = Van-Jacobson-TCP-IP
+ #
+ # Default for CSLIP: dynamic IP address, SLIP mode, VJ-compression.
+ #
+-DEFAULT       Hint == "CSLIP"
+-      Framed-Protocol = SLIP,
+-      Framed-Compression = Van-Jacobson-TCP-IP
++#DEFAULT      Hint == "CSLIP"
++#     Framed-Protocol = SLIP,
++#     Framed-Compression = Van-Jacobson-TCP-IP
+ #
+ # Default for SLIP: dynamic IP address, SLIP mode.
+ #
+-DEFAULT       Hint == "SLIP"
+-      Framed-Protocol = SLIP
++#DEFAULT      Hint == "SLIP"
++#     Framed-Protocol = SLIP
+ #
+ # Last default: rlogin to our main server.
diff --git a/net/freeradius2/patches/004-ldap_configure.patch b/net/freeradius2/patches/004-ldap_configure.patch
new file mode 100644 (file)
index 0000000..05b6789
--- /dev/null
@@ -0,0 +1,4257 @@
+Index: freeradius-server-2.2.7/src/modules/rlm_ldap/configure
+===================================================================
+--- freeradius-server-2.2.7.orig/src/modules/rlm_ldap/configure
++++ freeradius-server-2.2.7/src/modules/rlm_ldap/configure
+@@ -1,10 +1,10 @@
+ #! /bin/sh
+ # From configure.in Revision.
+ # Guess values for system-dependent variables and create Makefiles.
+-# Generated by GNU Autoconf 2.61.
++# Generated by GNU Autoconf 2.63.
+ #
+ # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
+-# 2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
++# 2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
+ # This configure script is free software; the Free Software Foundation
+ # gives unlimited permission to copy, distribute and modify it.
+ ## --------------------- ##
+@@ -16,7 +16,7 @@ DUALCASE=1; export DUALCASE # for MKS sh
+ if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then
+   emulate sh
+   NULLCMD=:
+-  # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which
++  # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
+   # is contrary to our usage.  Disable this feature.
+   alias -g '${1+"$@"}'='"$@"'
+   setopt NO_GLOB_SUBST
+@@ -38,17 +38,45 @@ as_cr_Letters=$as_cr_letters$as_cr_LETTE
+ as_cr_digits='0123456789'
+ as_cr_alnum=$as_cr_Letters$as_cr_digits
+-# The user is always right.
+-if test "${PATH_SEPARATOR+set}" != set; then
+-  echo "#! /bin/sh" >conf$$.sh
+-  echo  "exit 0"   >>conf$$.sh
+-  chmod +x conf$$.sh
+-  if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then
+-    PATH_SEPARATOR=';'
++as_nl='
++'
++export as_nl
++# Printing a long string crashes Solaris 7 /usr/bin/printf.
++as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
++as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo
++as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo
++if (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then
++  as_echo='printf %s\n'
++  as_echo_n='printf %s'
++else
++  if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then
++    as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"'
++    as_echo_n='/usr/ucb/echo -n'
+   else
+-    PATH_SEPARATOR=:
++    as_echo_body='eval expr "X$1" : "X\\(.*\\)"'
++    as_echo_n_body='eval
++      arg=$1;
++      case $arg in
++      *"$as_nl"*)
++      expr "X$arg" : "X\\(.*\\)$as_nl";
++      arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;;
++      esac;
++      expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl"
++    '
++    export as_echo_n_body
++    as_echo_n='sh -c $as_echo_n_body as_echo'
+   fi
+-  rm -f conf$$.sh
++  export as_echo_body
++  as_echo='sh -c $as_echo_body as_echo'
++fi
++
++# The user is always right.
++if test "${PATH_SEPARATOR+set}" != set; then
++  PATH_SEPARATOR=:
++  (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && {
++    (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 ||
++      PATH_SEPARATOR=';'
++  }
+ fi
+ # Support unset when possible.
+@@ -64,8 +92,6 @@ fi
+ # there to prevent editors from complaining about space-tab.
+ # (If _AS_PATH_WALK were called with IFS unset, it would disable word
+ # splitting by setting IFS to empty value.)
+-as_nl='
+-'
+ IFS=" ""      $as_nl"
+ # Find who we are.  Look in the path if we contain no directory separator.
+@@ -88,7 +114,7 @@ if test "x$as_myself" = x; then
+   as_myself=$0
+ fi
+ if test ! -f "$as_myself"; then
+-  echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
++  $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
+   { (exit 1); exit 1; }
+ fi
+@@ -101,17 +127,10 @@ PS2='> '
+ PS4='+ '
+ # NLS nuisances.
+-for as_var in \
+-  LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \
+-  LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \
+-  LC_TELEPHONE LC_TIME
+-do
+-  if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then
+-    eval $as_var=C; export $as_var
+-  else
+-    ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var
+-  fi
+-done
++LC_ALL=C
++export LC_ALL
++LANGUAGE=C
++export LANGUAGE
+ # Required to use basename.
+ if expr a : '\(a\)' >/dev/null 2>&1 &&
+@@ -133,7 +152,7 @@ as_me=`$as_basename -- "$0" ||
+ $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
+        X"$0" : 'X\(//\)$' \| \
+        X"$0" : 'X\(/\)' \| . 2>/dev/null ||
+-echo X/"$0" |
++$as_echo X/"$0" |
+     sed '/^.*\/\([^/][^/]*\)\/*$/{
+           s//\1/
+           q
+@@ -159,7 +178,7 @@ else
+   as_have_required=no
+ fi
+-  if test $as_have_required = yes &&   (eval ":
++  if test $as_have_required = yes &&   (eval ":
+ (as_func_return () {
+   (exit \$1)
+ }
+@@ -241,7 +260,7 @@ IFS=$as_save_IFS
+ if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then
+   emulate sh
+   NULLCMD=:
+-  # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which
++  # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
+   # is contrary to our usage.  Disable this feature.
+   alias -g '${1+"$@"}'='"$@"'
+   setopt NO_GLOB_SUBST
+@@ -262,7 +281,7 @@ _ASEOF
+ if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then
+   emulate sh
+   NULLCMD=:
+-  # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which
++  # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
+   # is contrary to our usage.  Disable this feature.
+   alias -g '${1+"$@"}'='"$@"'
+   setopt NO_GLOB_SUBST
+@@ -342,10 +361,10 @@ fi
+       if test "x$CONFIG_SHELL" != x; then
+   for as_var in BASH_ENV ENV
+-        do ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var
+-        done
+-        export CONFIG_SHELL
+-        exec "$CONFIG_SHELL" "$as_myself" ${1+"$@"}
++      do ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var
++      done
++      export CONFIG_SHELL
++      exec "$CONFIG_SHELL" "$as_myself" ${1+"$@"}
+ fi
+@@ -414,9 +433,10 @@ fi
+ test \$exitcode = 0") || {
+   echo No shell found that supports shell functions.
+-  echo Please tell autoconf@gnu.org about your system,
+-  echo including any error possibly output before this
+-  echo message
++  echo Please tell bug-autoconf@gnu.org about your system,
++  echo including any error possibly output before this message.
++  echo This can help us improve future autoconf versions.
++  echo Configuration will now proceed without shell functions.
+ }
+@@ -452,7 +472,7 @@ test \$exitcode = 0") || {
+       s/-\n.*//
+     ' >$as_me.lineno &&
+   chmod +x "$as_me.lineno" ||
+-    { echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2
++    { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2
+    { (exit 1); exit 1; }; }
+   # Don't try to exec as it changes $[0], causing all sort of problems
+@@ -480,7 +500,6 @@ case `echo -n x` in
+ *)
+   ECHO_N='-n';;
+ esac
+-
+ if expr a : '\(a\)' >/dev/null 2>&1 &&
+    test "X`expr 00001 : '.*\(...\)'`" = X001; then
+   as_expr=expr
+@@ -493,19 +512,22 @@ if test -d conf$$.dir; then
+   rm -f conf$$.dir/conf$$.file
+ else
+   rm -f conf$$.dir
+-  mkdir conf$$.dir
++  mkdir conf$$.dir 2>/dev/null
+ fi
+-echo >conf$$.file
+-if ln -s conf$$.file conf$$ 2>/dev/null; then
+-  as_ln_s='ln -s'
+-  # ... but there are two gotchas:
+-  # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
+-  # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
+-  # In both cases, we have to default to `cp -p'.
+-  ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
++if (echo >conf$$.file) 2>/dev/null; then
++  if ln -s conf$$.file conf$$ 2>/dev/null; then
++    as_ln_s='ln -s'
++    # ... but there are two gotchas:
++    # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
++    # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
++    # In both cases, we have to default to `cp -p'.
++    ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
++      as_ln_s='cp -p'
++  elif ln conf$$.file conf$$ 2>/dev/null; then
++    as_ln_s=ln
++  else
+     as_ln_s='cp -p'
+-elif ln conf$$.file conf$$ 2>/dev/null; then
+-  as_ln_s=ln
++  fi
+ else
+   as_ln_s='cp -p'
+ fi
+@@ -530,10 +552,10 @@ else
+   as_test_x='
+     eval sh -c '\''
+       if test -d "$1"; then
+-        test -d "$1/.";
++      test -d "$1/.";
+       else
+       case $1 in
+-        -*)set "./$1";;
++      -*)set "./$1";;
+       esac;
+       case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in
+       ???[sx]*):;;*)false;;esac;fi
+@@ -578,57 +600,65 @@ PACKAGE_STRING=
+ PACKAGE_BUGREPORT=
+ ac_unique_file="rlm_ldap.c"
+-ac_subst_vars='SHELL
+-PATH_SEPARATOR
+-PACKAGE_NAME
+-PACKAGE_TARNAME
+-PACKAGE_VERSION
+-PACKAGE_STRING
+-PACKAGE_BUGREPORT
+-exec_prefix
+-prefix
+-program_transform_name
+-bindir
+-sbindir
+-libexecdir
+-datarootdir
+-datadir
+-sysconfdir
+-sharedstatedir
+-localstatedir
+-includedir
+-oldincludedir
+-docdir
+-infodir
+-htmldir
+-dvidir
+-pdfdir
+-psdir
+-libdir
+-localedir
+-mandir
+-DEFS
+-ECHO_C
+-ECHO_N
+-ECHO_T
+-LIBS
+-build_alias
+-host_alias
+-target_alias
+-CC
+-CFLAGS
+-LDFLAGS
+-CPPFLAGS
+-ac_ct_CC
+-EXEEXT
+-OBJEXT
+-edir
+-ldap_ldflags
+-ldap_cflags
+-targetname
++ac_subst_vars='LTLIBOBJS
+ LIBOBJS
+-LTLIBOBJS'
++targetname
++ldap_cflags
++ldap_ldflags
++edir
++OBJEXT
++EXEEXT
++ac_ct_CC
++CPPFLAGS
++LDFLAGS
++CFLAGS
++CC
++target_alias
++host_alias
++build_alias
++LIBS
++ECHO_T
++ECHO_N
++ECHO_C
++DEFS
++mandir
++localedir
++libdir
++psdir
++pdfdir
++dvidir
++htmldir
++infodir
++docdir
++oldincludedir
++includedir
++localstatedir
++sharedstatedir
++sysconfdir
++datadir
++datarootdir
++libexecdir
++sbindir
++bindir
++program_transform_name
++prefix
++exec_prefix
++PACKAGE_BUGREPORT
++PACKAGE_STRING
++PACKAGE_VERSION
++PACKAGE_TARNAME
++PACKAGE_NAME
++PATH_SEPARATOR
++SHELL'
+ ac_subst_files=''
++ac_user_opts='
++enable_option_checking
++with_rlm_ldap_lib_dir
++with_rlm_ldap_include_dir
++enable_shared
++with_threads
++with_edir
++'
+       ac_precious_vars='build_alias
+ host_alias
+ target_alias
+@@ -642,6 +672,8 @@ CPPFLAGS'
+ # Initialize some variables set by options.
+ ac_init_help=
+ ac_init_version=false
++ac_unrecognized_opts=
++ac_unrecognized_sep=
+ # The variables have the same names as the options, with
+ # dashes changed to underlines.
+ cache_file=/dev/null
+@@ -740,13 +772,21 @@ do
+     datarootdir=$ac_optarg ;;
+   -disable-* | --disable-*)
+-    ac_feature=`expr "x$ac_option" : 'x-*disable-\(.*\)'`
++    ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'`
+     # Reject names that are not valid shell variable names.
+-    expr "x$ac_feature" : ".*[^-._$as_cr_alnum]" >/dev/null &&
+-      { echo "$as_me: error: invalid feature name: $ac_feature" >&2
++    expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
++      { $as_echo "$as_me: error: invalid feature name: $ac_useropt" >&2
+    { (exit 1); exit 1; }; }
+-    ac_feature=`echo $ac_feature | sed 's/[-.]/_/g'`
+-    eval enable_$ac_feature=no ;;
++    ac_useropt_orig=$ac_useropt
++    ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
++    case $ac_user_opts in
++      *"
++"enable_$ac_useropt"
++"*) ;;
++      *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig"
++       ac_unrecognized_sep=', ';;
++    esac
++    eval enable_$ac_useropt=no ;;
+   -docdir | --docdir | --docdi | --doc | --do)
+     ac_prev=docdir ;;
+@@ -759,13 +799,21 @@ do
+     dvidir=$ac_optarg ;;
+   -enable-* | --enable-*)
+-    ac_feature=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'`
++    ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'`
+     # Reject names that are not valid shell variable names.
+-    expr "x$ac_feature" : ".*[^-._$as_cr_alnum]" >/dev/null &&
+-      { echo "$as_me: error: invalid feature name: $ac_feature" >&2
++    expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
++      { $as_echo "$as_me: error: invalid feature name: $ac_useropt" >&2
+    { (exit 1); exit 1; }; }
+-    ac_feature=`echo $ac_feature | sed 's/[-.]/_/g'`
+-    eval enable_$ac_feature=\$ac_optarg ;;
++    ac_useropt_orig=$ac_useropt
++    ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
++    case $ac_user_opts in
++      *"
++"enable_$ac_useropt"
++"*) ;;
++      *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig"
++       ac_unrecognized_sep=', ';;
++    esac
++    eval enable_$ac_useropt=\$ac_optarg ;;
+   -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \
+   | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \
+@@ -956,22 +1004,38 @@ do
+     ac_init_version=: ;;
+   -with-* | --with-*)
+-    ac_package=`expr "x$ac_option" : 'x-*with-\([^=]*\)'`
++    ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'`
+     # Reject names that are not valid shell variable names.
+-    expr "x$ac_package" : ".*[^-._$as_cr_alnum]" >/dev/null &&
+-      { echo "$as_me: error: invalid package name: $ac_package" >&2
++    expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
++      { $as_echo "$as_me: error: invalid package name: $ac_useropt" >&2
+    { (exit 1); exit 1; }; }
+-    ac_package=`echo $ac_package | sed 's/[-.]/_/g'`
+-    eval with_$ac_package=\$ac_optarg ;;
++    ac_useropt_orig=$ac_useropt
++    ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
++    case $ac_user_opts in
++      *"
++"with_$ac_useropt"
++"*) ;;
++      *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig"
++       ac_unrecognized_sep=', ';;
++    esac
++    eval with_$ac_useropt=\$ac_optarg ;;
+   -without-* | --without-*)
+-    ac_package=`expr "x$ac_option" : 'x-*without-\(.*\)'`
++    ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'`
+     # Reject names that are not valid shell variable names.
+-    expr "x$ac_package" : ".*[^-._$as_cr_alnum]" >/dev/null &&
+-      { echo "$as_me: error: invalid package name: $ac_package" >&2
++    expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
++      { $as_echo "$as_me: error: invalid package name: $ac_useropt" >&2
+    { (exit 1); exit 1; }; }
+-    ac_package=`echo $ac_package | sed 's/[-.]/_/g'`
+-    eval with_$ac_package=no ;;
++    ac_useropt_orig=$ac_useropt
++    ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
++    case $ac_user_opts in
++      *"
++"with_$ac_useropt"
++"*) ;;
++      *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig"
++       ac_unrecognized_sep=', ';;
++    esac
++    eval with_$ac_useropt=no ;;
+   --x)
+     # Obsolete; use --with-x.
+@@ -991,7 +1055,7 @@ do
+   | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*)
+     x_libraries=$ac_optarg ;;
+-  -*) { echo "$as_me: error: unrecognized option: $ac_option
++  -*) { $as_echo "$as_me: error: unrecognized option: $ac_option
+ Try \`$0 --help' for more information." >&2
+    { (exit 1); exit 1; }; }
+     ;;
+@@ -1000,16 +1064,16 @@ Try \`$0 --help' for more information."
+     ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='`
+     # Reject names that are not valid shell variable names.
+     expr "x$ac_envvar" : ".*[^_$as_cr_alnum]" >/dev/null &&
+-      { echo "$as_me: error: invalid variable name: $ac_envvar" >&2
++      { $as_echo "$as_me: error: invalid variable name: $ac_envvar" >&2
+    { (exit 1); exit 1; }; }
+     eval $ac_envvar=\$ac_optarg
+     export $ac_envvar ;;
+   *)
+     # FIXME: should be removed in autoconf 3.0.
+-    echo "$as_me: WARNING: you should use --build, --host, --target" >&2
++    $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2
+     expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null &&
+-      echo "$as_me: WARNING: invalid host type: $ac_option" >&2
++      $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2
+     : ${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}
+     ;;
+@@ -1018,22 +1082,38 @@ done
+ if test -n "$ac_prev"; then
+   ac_option=--`echo $ac_prev | sed 's/_/-/g'`
+-  { echo "$as_me: error: missing argument to $ac_option" >&2
++  { $as_echo "$as_me: error: missing argument to $ac_option" >&2
+    { (exit 1); exit 1; }; }
+ fi
+-# Be sure to have absolute directory names.
++if test -n "$ac_unrecognized_opts"; then
++  case $enable_option_checking in
++    no) ;;
++    fatal) { $as_echo "$as_me: error: unrecognized options: $ac_unrecognized_opts" >&2
++   { (exit 1); exit 1; }; } ;;
++    *)     $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;;
++  esac
++fi
++
++# Check all directory arguments for consistency.
+ for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
+               datadir sysconfdir sharedstatedir localstatedir includedir \
+               oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
+               libdir localedir mandir
+ do
+   eval ac_val=\$$ac_var
++  # Remove trailing slashes.
++  case $ac_val in
++    */ )
++      ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'`
++      eval $ac_var=\$ac_val;;
++  esac
++  # Be sure to have absolute directory names.
+   case $ac_val in
+     [\\/$]* | ?:[\\/]* )  continue;;
+     NONE | '' ) case $ac_var in *prefix ) continue;; esac;;
+   esac
+-  { echo "$as_me: error: expected an absolute directory name for --$ac_var: $ac_val" >&2
++  { $as_echo "$as_me: error: expected an absolute directory name for --$ac_var: $ac_val" >&2
+    { (exit 1); exit 1; }; }
+ done
+@@ -1048,7 +1128,7 @@ target=$target_alias
+ if test "x$host_alias" != x; then
+   if test "x$build_alias" = x; then
+     cross_compiling=maybe
+-    echo "$as_me: WARNING: If you wanted to set the --build type, don't use --host.
++    $as_echo "$as_me: WARNING: If you wanted to set the --build type, don't use --host.
+     If a cross compiler is detected then cross compile mode will be used." >&2
+   elif test "x$build_alias" != "x$host_alias"; then
+     cross_compiling=yes
+@@ -1064,10 +1144,10 @@ test "$silent" = yes && exec 6>/dev/null
+ ac_pwd=`pwd` && test -n "$ac_pwd" &&
+ ac_ls_di=`ls -di .` &&
+ ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` ||
+-  { echo "$as_me: error: Working directory cannot be determined" >&2
++  { $as_echo "$as_me: error: working directory cannot be determined" >&2
+    { (exit 1); exit 1; }; }
+ test "X$ac_ls_di" = "X$ac_pwd_ls_di" ||
+-  { echo "$as_me: error: pwd does not report name of working directory" >&2
++  { $as_echo "$as_me: error: pwd does not report name of working directory" >&2
+    { (exit 1); exit 1; }; }
+@@ -1075,12 +1155,12 @@ test "X$ac_ls_di" = "X$ac_pwd_ls_di" ||
+ if test -z "$srcdir"; then
+   ac_srcdir_defaulted=yes
+   # Try the directory containing this script, then the parent directory.
+-  ac_confdir=`$as_dirname -- "$0" ||
+-$as_expr X"$0" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+-       X"$0" : 'X\(//\)[^/]' \| \
+-       X"$0" : 'X\(//\)$' \| \
+-       X"$0" : 'X\(/\)' \| . 2>/dev/null ||
+-echo X"$0" |
++  ac_confdir=`$as_dirname -- "$as_myself" ||
++$as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
++       X"$as_myself" : 'X\(//\)[^/]' \| \
++       X"$as_myself" : 'X\(//\)$' \| \
++       X"$as_myself" : 'X\(/\)' \| . 2>/dev/null ||
++$as_echo X"$as_myself" |
+     sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+           s//\1/
+           q
+@@ -1107,12 +1187,12 @@ else
+ fi
+ if test ! -r "$srcdir/$ac_unique_file"; then
+   test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .."
+-  { echo "$as_me: error: cannot find sources ($ac_unique_file) in $srcdir" >&2
++  { $as_echo "$as_me: error: cannot find sources ($ac_unique_file) in $srcdir" >&2
+    { (exit 1); exit 1; }; }
+ fi
+ ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work"
+ ac_abs_confdir=`(
+-      cd "$srcdir" && test -r "./$ac_unique_file" || { echo "$as_me: error: $ac_msg" >&2
++      cd "$srcdir" && test -r "./$ac_unique_file" || { $as_echo "$as_me: error: $ac_msg" >&2
+    { (exit 1); exit 1; }; }
+       pwd)`
+ # When building in place, set srcdir=.
+@@ -1161,9 +1241,9 @@ Configuration:
+ Installation directories:
+   --prefix=PREFIX         install architecture-independent files in PREFIX
+-                        [$ac_default_prefix]
++                          [$ac_default_prefix]
+   --exec-prefix=EPREFIX   install architecture-dependent files in EPREFIX
+-                        [PREFIX]
++                          [PREFIX]
+ By default, \`make install' will install all the files in
+ \`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc.  You can specify
+@@ -1173,25 +1253,25 @@ for instance \`--prefix=\$HOME'.
+ For better control, use the options below.
+ Fine tuning of the installation directories:
+-  --bindir=DIR           user executables [EPREFIX/bin]
+-  --sbindir=DIR          system admin executables [EPREFIX/sbin]
+-  --libexecdir=DIR       program executables [EPREFIX/libexec]
+-  --sysconfdir=DIR       read-only single-machine data [PREFIX/etc]
+-  --sharedstatedir=DIR   modifiable architecture-independent data [PREFIX/com]
+-  --localstatedir=DIR    modifiable single-machine data [PREFIX/var]
+-  --libdir=DIR           object code libraries [EPREFIX/lib]
+-  --includedir=DIR       C header files [PREFIX/include]
+-  --oldincludedir=DIR    C header files for non-gcc [/usr/include]
+-  --datarootdir=DIR      read-only arch.-independent data root [PREFIX/share]
+-  --datadir=DIR          read-only architecture-independent data [DATAROOTDIR]
+-  --infodir=DIR          info documentation [DATAROOTDIR/info]
+-  --localedir=DIR        locale-dependent data [DATAROOTDIR/locale]
+-  --mandir=DIR           man documentation [DATAROOTDIR/man]
+-  --docdir=DIR           documentation root [DATAROOTDIR/doc/PACKAGE]
+-  --htmldir=DIR          html documentation [DOCDIR]
+-  --dvidir=DIR           dvi documentation [DOCDIR]
+-  --pdfdir=DIR           pdf documentation [DOCDIR]
+-  --psdir=DIR            ps documentation [DOCDIR]
++  --bindir=DIR            user executables [EPREFIX/bin]
++  --sbindir=DIR           system admin executables [EPREFIX/sbin]
++  --libexecdir=DIR        program executables [EPREFIX/libexec]
++  --sysconfdir=DIR        read-only single-machine data [PREFIX/etc]
++  --sharedstatedir=DIR    modifiable architecture-independent data [PREFIX/com]
++  --localstatedir=DIR     modifiable single-machine data [PREFIX/var]
++  --libdir=DIR            object code libraries [EPREFIX/lib]
++  --includedir=DIR        C header files [PREFIX/include]
++  --oldincludedir=DIR     C header files for non-gcc [/usr/include]
++  --datarootdir=DIR       read-only arch.-independent data root [PREFIX/share]
++  --datadir=DIR           read-only architecture-independent data [DATAROOTDIR]
++  --infodir=DIR           info documentation [DATAROOTDIR/info]
++  --localedir=DIR         locale-dependent data [DATAROOTDIR/locale]
++  --mandir=DIR            man documentation [DATAROOTDIR/man]
++  --docdir=DIR            documentation root [DATAROOTDIR/doc/PACKAGE]
++  --htmldir=DIR           html documentation [DOCDIR]
++  --dvidir=DIR            dvi documentation [DOCDIR]
++  --pdfdir=DIR            pdf documentation [DOCDIR]
++  --psdir=DIR             ps documentation [DOCDIR]
+ _ACEOF
+   cat <<\_ACEOF
+@@ -1203,6 +1283,7 @@ if test -n "$ac_init_help"; then
+   cat <<\_ACEOF
+ Optional Features:
++  --disable-option-checking  ignore unrecognized --enable/--with options
+   --disable-FEATURE       do not include FEATURE (same as --enable-FEATURE=no)
+   --enable-FEATURE[=ARG]  include FEATURE [ARG=yes]
+   --enable-shared[=PKGS]  build shared libraries [default=yes]
+@@ -1234,15 +1315,17 @@ fi
+ if test "$ac_init_help" = "recursive"; then
+   # If there are subdirs, report their specific --help.
+   for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue
+-    test -d "$ac_dir" || continue
++    test -d "$ac_dir" ||
++      { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } ||
++      continue
+     ac_builddir=.
+ case "$ac_dir" in
+ .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;;
+ *)
+-  ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'`
++  ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'`
+   # A ".." for each directory in $ac_dir_suffix.
+-  ac_top_builddir_sub=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,/..,g;s,/,,'`
++  ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'`
+   case $ac_top_builddir_sub in
+   "") ac_top_builddir_sub=. ac_top_build_prefix= ;;
+   *)  ac_top_build_prefix=$ac_top_builddir_sub/ ;;
+@@ -1278,7 +1361,7 @@ ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_
+       echo &&
+       $SHELL "$ac_srcdir/configure" --help=recursive
+     else
+-      echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2
++      $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2
+     fi || ac_status=$?
+     cd "$ac_pwd" || { ac_status=$?; break; }
+   done
+@@ -1288,10 +1371,10 @@ test -n "$ac_init_help" && exit $ac_stat
+ if $ac_init_version; then
+   cat <<\_ACEOF
+ configure
+-generated by GNU Autoconf 2.61
++generated by GNU Autoconf 2.63
+ Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
+-2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
++2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
+ This configure script is free software; the Free Software Foundation
+ gives unlimited permission to copy, distribute and modify it.
+ _ACEOF
+@@ -1302,7 +1385,7 @@ This file contains any messages produced
+ running configure, to aid debugging if configure makes a mistake.
+ It was created by $as_me, which was
+-generated by GNU Autoconf 2.61.  Invocation command line was
++generated by GNU Autoconf 2.63.  Invocation command line was
+   $ $0 $@
+@@ -1338,7 +1421,7 @@ for as_dir in $PATH
+ do
+   IFS=$as_save_IFS
+   test -z "$as_dir" && as_dir=.
+-  echo "PATH: $as_dir"
++  $as_echo "PATH: $as_dir"
+ done
+ IFS=$as_save_IFS
+@@ -1373,7 +1456,7 @@ do
+     | -silent | --silent | --silen | --sile | --sil)
+       continue ;;
+     *\'*)
+-      ac_arg=`echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;;
++      ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;;
+     esac
+     case $ac_pass in
+     1) ac_configure_args0="$ac_configure_args0 '$ac_arg'" ;;
+@@ -1425,11 +1508,12 @@ _ASBOX
+     case $ac_val in #(
+     *${as_nl}*)
+       case $ac_var in #(
+-      *_cv_*) { echo "$as_me:$LINENO: WARNING: Cache variable $ac_var contains a newline." >&5
+-echo "$as_me: WARNING: Cache variable $ac_var contains a newline." >&2;} ;;
++      *_cv_*) { $as_echo "$as_me:$LINENO: WARNING: cache variable $ac_var contains a newline" >&5
++$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;;
+       esac
+       case $ac_var in #(
+       _ | IFS | as_nl) ;; #(
++      BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #(
+       *) $as_unset $ac_var ;;
+       esac ;;
+     esac
+@@ -1459,9 +1543,9 @@ _ASBOX
+     do
+       eval ac_val=\$$ac_var
+       case $ac_val in
+-      *\'\''*) ac_val=`echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;;
++      *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;;
+       esac
+-      echo "$ac_var='\''$ac_val'\''"
++      $as_echo "$ac_var='\''$ac_val'\''"
+     done | sort
+     echo
+@@ -1476,9 +1560,9 @@ _ASBOX
+       do
+       eval ac_val=\$$ac_var
+       case $ac_val in
+-      *\'\''*) ac_val=`echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;;
++      *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;;
+       esac
+-      echo "$ac_var='\''$ac_val'\''"
++      $as_echo "$ac_var='\''$ac_val'\''"
+       done | sort
+       echo
+     fi
+@@ -1494,8 +1578,8 @@ _ASBOX
+       echo
+     fi
+     test "$ac_signal" != 0 &&
+-      echo "$as_me: caught signal $ac_signal"
+-    echo "$as_me: exit $exit_status"
++      $as_echo "$as_me: caught signal $ac_signal"
++    $as_echo "$as_me: exit $exit_status"
+   } >&5
+   rm -f core *.core core.conftest.* &&
+     rm -f -r conftest* confdefs* conf$$* $ac_clean_files &&
+@@ -1537,21 +1621,24 @@ _ACEOF
+ # Let the site file select an alternate cache file if it wants to.
+-# Prefer explicitly selected file to automatically selected ones.
++# Prefer an explicitly selected file to automatically selected ones.
++ac_site_file1=NONE
++ac_site_file2=NONE
+ if test -n "$CONFIG_SITE"; then
+-  set x "$CONFIG_SITE"
++  ac_site_file1=$CONFIG_SITE
+ elif test "x$prefix" != xNONE; then
+-  set x "$prefix/share/config.site" "$prefix/etc/config.site"
++  ac_site_file1=$prefix/share/config.site
++  ac_site_file2=$prefix/etc/config.site
+ else
+-  set x "$ac_default_prefix/share/config.site" \
+-      "$ac_default_prefix/etc/config.site"
++  ac_site_file1=$ac_default_prefix/share/config.site
++  ac_site_file2=$ac_default_prefix/etc/config.site
+ fi
+-shift
+-for ac_site_file
++for ac_site_file in "$ac_site_file1" "$ac_site_file2"
+ do
++  test "x$ac_site_file" = xNONE && continue
+   if test -r "$ac_site_file"; then
+-    { echo "$as_me:$LINENO: loading site script $ac_site_file" >&5
+-echo "$as_me: loading site script $ac_site_file" >&6;}
++    { $as_echo "$as_me:$LINENO: loading site script $ac_site_file" >&5
++$as_echo "$as_me: loading site script $ac_site_file" >&6;}
+     sed 's/^/| /' "$ac_site_file" >&5
+     . "$ac_site_file"
+   fi
+@@ -1561,16 +1648,16 @@ if test -r "$cache_file"; then
+   # Some versions of bash will fail to source /dev/null (special
+   # files actually), so we avoid doing that.
+   if test -f "$cache_file"; then
+-    { echo "$as_me:$LINENO: loading cache $cache_file" >&5
+-echo "$as_me: loading cache $cache_file" >&6;}
++    { $as_echo "$as_me:$LINENO: loading cache $cache_file" >&5
++$as_echo "$as_me: loading cache $cache_file" >&6;}
+     case $cache_file in
+       [\\/]* | ?:[\\/]* ) . "$cache_file";;
+       *)                      . "./$cache_file";;
+     esac
+   fi
+ else
+-  { echo "$as_me:$LINENO: creating cache $cache_file" >&5
+-echo "$as_me: creating cache $cache_file" >&6;}
++  { $as_echo "$as_me:$LINENO: creating cache $cache_file" >&5
++$as_echo "$as_me: creating cache $cache_file" >&6;}
+   >$cache_file
+ fi
+@@ -1584,29 +1671,38 @@ for ac_var in $ac_precious_vars; do
+   eval ac_new_val=\$ac_env_${ac_var}_value
+   case $ac_old_set,$ac_new_set in
+     set,)
+-      { echo "$as_me:$LINENO: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5
+-echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;}
++      { $as_echo "$as_me:$LINENO: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5
++$as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;}
+       ac_cache_corrupted=: ;;
+     ,set)
+-      { echo "$as_me:$LINENO: error: \`$ac_var' was not set in the previous run" >&5
+-echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;}
++      { $as_echo "$as_me:$LINENO: error: \`$ac_var' was not set in the previous run" >&5
++$as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;}
+       ac_cache_corrupted=: ;;
+     ,);;
+     *)
+       if test "x$ac_old_val" != "x$ac_new_val"; then
+-      { echo "$as_me:$LINENO: error: \`$ac_var' has changed since the previous run:" >&5
+-echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;}
+-      { echo "$as_me:$LINENO:   former value:  $ac_old_val" >&5
+-echo "$as_me:   former value:  $ac_old_val" >&2;}
+-      { echo "$as_me:$LINENO:   current value: $ac_new_val" >&5
+-echo "$as_me:   current value: $ac_new_val" >&2;}
+-      ac_cache_corrupted=:
++      # differences in whitespace do not lead to failure.
++      ac_old_val_w=`echo x $ac_old_val`
++      ac_new_val_w=`echo x $ac_new_val`
++      if test "$ac_old_val_w" != "$ac_new_val_w"; then
++        { $as_echo "$as_me:$LINENO: error: \`$ac_var' has changed since the previous run:" >&5
++$as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;}
++        ac_cache_corrupted=:
++      else
++        { $as_echo "$as_me:$LINENO: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5
++$as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;}
++        eval $ac_var=\$ac_old_val
++      fi
++      { $as_echo "$as_me:$LINENO:   former value:  \`$ac_old_val'" >&5
++$as_echo "$as_me:   former value:  \`$ac_old_val'" >&2;}
++      { $as_echo "$as_me:$LINENO:   current value: \`$ac_new_val'" >&5
++$as_echo "$as_me:   current value: \`$ac_new_val'" >&2;}
+       fi;;
+   esac
+   # Pass precious variables to config.status.
+   if test "$ac_new_set" = set; then
+     case $ac_new_val in
+-    *\'*) ac_arg=$ac_var=`echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;;
++    *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;;
+     *) ac_arg=$ac_var=$ac_new_val ;;
+     esac
+     case " $ac_configure_args " in
+@@ -1616,10 +1712,12 @@ echo "$as_me:   current value: $ac_new_v
+   fi
+ done
+ if $ac_cache_corrupted; then
+-  { echo "$as_me:$LINENO: error: changes in the environment can compromise the build" >&5
+-echo "$as_me: error: changes in the environment can compromise the build" >&2;}
+-  { { echo "$as_me:$LINENO: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&5
+-echo "$as_me: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&2;}
++  { $as_echo "$as_me:$LINENO: error: in \`$ac_pwd':" >&5
++$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
++  { $as_echo "$as_me:$LINENO: error: changes in the environment can compromise the build" >&5
++$as_echo "$as_me: error: changes in the environment can compromise the build" >&2;}
++  { { $as_echo "$as_me:$LINENO: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&5
++$as_echo "$as_me: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&2;}
+    { (exit 1); exit 1; }; }
+ fi
+@@ -1662,10 +1760,10 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
+ if test -n "$ac_tool_prefix"; then
+   # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args.
+ set dummy ${ac_tool_prefix}gcc; ac_word=$2
+-{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
++{ $as_echo "$as_me:$LINENO: checking for $ac_word" >&5
++$as_echo_n "checking for $ac_word... " >&6; }
+ if test "${ac_cv_prog_CC+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   if test -n "$CC"; then
+   ac_cv_prog_CC="$CC" # Let the user override the test.
+@@ -1678,7 +1776,7 @@ do
+   for ac_exec_ext in '' $ac_executable_extensions; do
+   if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+     ac_cv_prog_CC="${ac_tool_prefix}gcc"
+-    echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
++    $as_echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+     break 2
+   fi
+ done
+@@ -1689,11 +1787,11 @@ fi
+ fi
+ CC=$ac_cv_prog_CC
+ if test -n "$CC"; then
+-  { echo "$as_me:$LINENO: result: $CC" >&5
+-echo "${ECHO_T}$CC" >&6; }
++  { $as_echo "$as_me:$LINENO: result: $CC" >&5
++$as_echo "$CC" >&6; }
+ else
+-  { echo "$as_me:$LINENO: result: no" >&5
+-echo "${ECHO_T}no" >&6; }
++  { $as_echo "$as_me:$LINENO: result: no" >&5
++$as_echo "no" >&6; }
+ fi
+@@ -1702,10 +1800,10 @@ if test -z "$ac_cv_prog_CC"; then
+   ac_ct_CC=$CC
+   # Extract the first word of "gcc", so it can be a program name with args.
+ set dummy gcc; ac_word=$2
+-{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
++{ $as_echo "$as_me:$LINENO: checking for $ac_word" >&5
++$as_echo_n "checking for $ac_word... " >&6; }
+ if test "${ac_cv_prog_ac_ct_CC+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   if test -n "$ac_ct_CC"; then
+   ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
+@@ -1718,7 +1816,7 @@ do
+   for ac_exec_ext in '' $ac_executable_extensions; do
+   if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+     ac_cv_prog_ac_ct_CC="gcc"
+-    echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
++    $as_echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+     break 2
+   fi
+ done
+@@ -1729,11 +1827,11 @@ fi
+ fi
+ ac_ct_CC=$ac_cv_prog_ac_ct_CC
+ if test -n "$ac_ct_CC"; then
+-  { echo "$as_me:$LINENO: result: $ac_ct_CC" >&5
+-echo "${ECHO_T}$ac_ct_CC" >&6; }
++  { $as_echo "$as_me:$LINENO: result: $ac_ct_CC" >&5
++$as_echo "$ac_ct_CC" >&6; }
+ else
+-  { echo "$as_me:$LINENO: result: no" >&5
+-echo "${ECHO_T}no" >&6; }
++  { $as_echo "$as_me:$LINENO: result: no" >&5
++$as_echo "no" >&6; }
+ fi
+   if test "x$ac_ct_CC" = x; then
+@@ -1741,12 +1839,8 @@ fi
+   else
+     case $cross_compiling:$ac_tool_warned in
+ yes:)
+-{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools
+-whose name does not start with the host triplet.  If you think this
+-configuration is useful to you, please write to autoconf@gnu.org." >&5
+-echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools
+-whose name does not start with the host triplet.  If you think this
+-configuration is useful to you, please write to autoconf@gnu.org." >&2;}
++{ $as_echo "$as_me:$LINENO: WARNING: using cross tools not prefixed with host triplet" >&5
++$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ ac_tool_warned=yes ;;
+ esac
+     CC=$ac_ct_CC
+@@ -1759,10 +1853,10 @@ if test -z "$CC"; then
+           if test -n "$ac_tool_prefix"; then
+     # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args.
+ set dummy ${ac_tool_prefix}cc; ac_word=$2
+-{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
++{ $as_echo "$as_me:$LINENO: checking for $ac_word" >&5
++$as_echo_n "checking for $ac_word... " >&6; }
+ if test "${ac_cv_prog_CC+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   if test -n "$CC"; then
+   ac_cv_prog_CC="$CC" # Let the user override the test.
+@@ -1775,7 +1869,7 @@ do
+   for ac_exec_ext in '' $ac_executable_extensions; do
+   if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+     ac_cv_prog_CC="${ac_tool_prefix}cc"
+-    echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
++    $as_echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+     break 2
+   fi
+ done
+@@ -1786,11 +1880,11 @@ fi
+ fi
+ CC=$ac_cv_prog_CC
+ if test -n "$CC"; then
+-  { echo "$as_me:$LINENO: result: $CC" >&5
+-echo "${ECHO_T}$CC" >&6; }
++  { $as_echo "$as_me:$LINENO: result: $CC" >&5
++$as_echo "$CC" >&6; }
+ else
+-  { echo "$as_me:$LINENO: result: no" >&5
+-echo "${ECHO_T}no" >&6; }
++  { $as_echo "$as_me:$LINENO: result: no" >&5
++$as_echo "no" >&6; }
+ fi
+@@ -1799,10 +1893,10 @@ fi
+ if test -z "$CC"; then
+   # Extract the first word of "cc", so it can be a program name with args.
+ set dummy cc; ac_word=$2
+-{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
++{ $as_echo "$as_me:$LINENO: checking for $ac_word" >&5
++$as_echo_n "checking for $ac_word... " >&6; }
+ if test "${ac_cv_prog_CC+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   if test -n "$CC"; then
+   ac_cv_prog_CC="$CC" # Let the user override the test.
+@@ -1820,7 +1914,7 @@ do
+        continue
+      fi
+     ac_cv_prog_CC="cc"
+-    echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
++    $as_echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+     break 2
+   fi
+ done
+@@ -1843,11 +1937,11 @@ fi
+ fi
+ CC=$ac_cv_prog_CC
+ if test -n "$CC"; then
+-  { echo "$as_me:$LINENO: result: $CC" >&5
+-echo "${ECHO_T}$CC" >&6; }
++  { $as_echo "$as_me:$LINENO: result: $CC" >&5
++$as_echo "$CC" >&6; }
+ else
+-  { echo "$as_me:$LINENO: result: no" >&5
+-echo "${ECHO_T}no" >&6; }
++  { $as_echo "$as_me:$LINENO: result: no" >&5
++$as_echo "no" >&6; }
+ fi
+@@ -1858,10 +1952,10 @@ if test -z "$CC"; then
+   do
+     # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
+ set dummy $ac_tool_prefix$ac_prog; ac_word=$2
+-{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
++{ $as_echo "$as_me:$LINENO: checking for $ac_word" >&5
++$as_echo_n "checking for $ac_word... " >&6; }
+ if test "${ac_cv_prog_CC+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   if test -n "$CC"; then
+   ac_cv_prog_CC="$CC" # Let the user override the test.
+@@ -1874,7 +1968,7 @@ do
+   for ac_exec_ext in '' $ac_executable_extensions; do
+   if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+     ac_cv_prog_CC="$ac_tool_prefix$ac_prog"
+-    echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
++    $as_echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+     break 2
+   fi
+ done
+@@ -1885,11 +1979,11 @@ fi
+ fi
+ CC=$ac_cv_prog_CC
+ if test -n "$CC"; then
+-  { echo "$as_me:$LINENO: result: $CC" >&5
+-echo "${ECHO_T}$CC" >&6; }
++  { $as_echo "$as_me:$LINENO: result: $CC" >&5
++$as_echo "$CC" >&6; }
+ else
+-  { echo "$as_me:$LINENO: result: no" >&5
+-echo "${ECHO_T}no" >&6; }
++  { $as_echo "$as_me:$LINENO: result: no" >&5
++$as_echo "no" >&6; }
+ fi
+@@ -1902,10 +1996,10 @@ if test -z "$CC"; then
+ do
+   # Extract the first word of "$ac_prog", so it can be a program name with args.
+ set dummy $ac_prog; ac_word=$2
+-{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
++{ $as_echo "$as_me:$LINENO: checking for $ac_word" >&5
++$as_echo_n "checking for $ac_word... " >&6; }
+ if test "${ac_cv_prog_ac_ct_CC+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   if test -n "$ac_ct_CC"; then
+   ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
+@@ -1918,7 +2012,7 @@ do
+   for ac_exec_ext in '' $ac_executable_extensions; do
+   if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+     ac_cv_prog_ac_ct_CC="$ac_prog"
+-    echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
++    $as_echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+     break 2
+   fi
+ done
+@@ -1929,11 +2023,11 @@ fi
+ fi
+ ac_ct_CC=$ac_cv_prog_ac_ct_CC
+ if test -n "$ac_ct_CC"; then
+-  { echo "$as_me:$LINENO: result: $ac_ct_CC" >&5
+-echo "${ECHO_T}$ac_ct_CC" >&6; }
++  { $as_echo "$as_me:$LINENO: result: $ac_ct_CC" >&5
++$as_echo "$ac_ct_CC" >&6; }
+ else
+-  { echo "$as_me:$LINENO: result: no" >&5
+-echo "${ECHO_T}no" >&6; }
++  { $as_echo "$as_me:$LINENO: result: no" >&5
++$as_echo "no" >&6; }
+ fi
+@@ -1945,12 +2039,8 @@ done
+   else
+     case $cross_compiling:$ac_tool_warned in
+ yes:)
+-{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools
+-whose name does not start with the host triplet.  If you think this
+-configuration is useful to you, please write to autoconf@gnu.org." >&5
+-echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools
+-whose name does not start with the host triplet.  If you think this
+-configuration is useful to you, please write to autoconf@gnu.org." >&2;}
++{ $as_echo "$as_me:$LINENO: WARNING: using cross tools not prefixed with host triplet" >&5
++$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ ac_tool_warned=yes ;;
+ esac
+     CC=$ac_ct_CC
+@@ -1960,44 +2050,50 @@ fi
+ fi
+-test -z "$CC" && { { echo "$as_me:$LINENO: error: no acceptable C compiler found in \$PATH
++test -z "$CC" && { { $as_echo "$as_me:$LINENO: error: in \`$ac_pwd':" >&5
++$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
++{ { $as_echo "$as_me:$LINENO: error: no acceptable C compiler found in \$PATH
+ See \`config.log' for more details." >&5
+-echo "$as_me: error: no acceptable C compiler found in \$PATH
++$as_echo "$as_me: error: no acceptable C compiler found in \$PATH
+ See \`config.log' for more details." >&2;}
+-   { (exit 1); exit 1; }; }
++   { (exit 1); exit 1; }; }; }
+ # Provide some information about the compiler.
+-echo "$as_me:$LINENO: checking for C compiler version" >&5
+-ac_compiler=`set X $ac_compile; echo $2`
++$as_echo "$as_me:$LINENO: checking for C compiler version" >&5
++set X $ac_compile
++ac_compiler=$2
+ { (ac_try="$ac_compiler --version >&5"
+ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_compiler --version >&5") 2>&5
+   ac_status=$?
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); }
+ { (ac_try="$ac_compiler -v >&5"
+ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_compiler -v >&5") 2>&5
+   ac_status=$?
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); }
+ { (ac_try="$ac_compiler -V >&5"
+ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_compiler -V >&5") 2>&5
+   ac_status=$?
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); }
+ cat >conftest.$ac_ext <<_ACEOF
+@@ -2016,27 +2112,22 @@ main ()
+ }
+ _ACEOF
+ ac_clean_files_save=$ac_clean_files
+-ac_clean_files="$ac_clean_files a.out a.exe b.out"
++ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out"
+ # Try to create an executable without -o first, disregard a.out.
+ # It will help us diagnose broken compilers, and finding out an intuition
+ # of exeext.
+-{ echo "$as_me:$LINENO: checking for C compiler default output file name" >&5
+-echo $ECHO_N "checking for C compiler default output file name... $ECHO_C" >&6; }
+-ac_link_default=`echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'`
+-#
+-# List of possible output files, starting from the most likely.
+-# The algorithm is not robust to junk in `.', hence go to wildcards (a.*)
+-# only as a last resort.  b.out is created by i960 compilers.
+-ac_files='a_out.exe a.exe conftest.exe a.out conftest a.* conftest.* b.out'
+-#
+-# The IRIX 6 linker writes into existing files which may not be
+-# executable, retaining their permissions.  Remove them first so a
+-# subsequent execution test works.
++{ $as_echo "$as_me:$LINENO: checking for C compiler default output file name" >&5
++$as_echo_n "checking for C compiler default output file name... " >&6; }
++ac_link_default=`$as_echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'`
++
++# The possible output files:
++ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*"
++
+ ac_rmfiles=
+ for ac_file in $ac_files
+ do
+   case $ac_file in
+-    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.o | *.obj ) ;;
++    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;;
+     * ) ac_rmfiles="$ac_rmfiles $ac_file";;
+   esac
+ done
+@@ -2047,10 +2138,11 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link_default") 2>&5
+   ac_status=$?
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); }; then
+   # Autoconf-2.13 could set the ac_cv_exeext variable to `no'.
+ # So ignore a value of `no', otherwise this would lead to `EXEEXT = no'
+@@ -2061,7 +2153,7 @@ for ac_file in $ac_files ''
+ do
+   test -f "$ac_file" || continue
+   case $ac_file in
+-    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.o | *.obj )
++    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj )
+       ;;
+     [ab].out )
+       # We found the default executable, but exeext='' is most
+@@ -2088,25 +2180,27 @@ else
+   ac_file=''
+ fi
+-{ echo "$as_me:$LINENO: result: $ac_file" >&5
+-echo "${ECHO_T}$ac_file" >&6; }
++{ $as_echo "$as_me:$LINENO: result: $ac_file" >&5
++$as_echo "$ac_file" >&6; }
+ if test -z "$ac_file"; then
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+-{ { echo "$as_me:$LINENO: error: C compiler cannot create executables
++{ { $as_echo "$as_me:$LINENO: error: in \`$ac_pwd':" >&5
++$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
++{ { $as_echo "$as_me:$LINENO: error: C compiler cannot create executables
+ See \`config.log' for more details." >&5
+-echo "$as_me: error: C compiler cannot create executables
++$as_echo "$as_me: error: C compiler cannot create executables
+ See \`config.log' for more details." >&2;}
+-   { (exit 77); exit 77; }; }
++   { (exit 77); exit 77; }; }; }
+ fi
+ ac_exeext=$ac_cv_exeext
+ # Check that the compiler produces executables we can run.  If not, either
+ # the compiler is broken, or we cross compile.
+-{ echo "$as_me:$LINENO: checking whether the C compiler works" >&5
+-echo $ECHO_N "checking whether the C compiler works... $ECHO_C" >&6; }
++{ $as_echo "$as_me:$LINENO: checking whether the C compiler works" >&5
++$as_echo_n "checking whether the C compiler works... " >&6; }
+ # FIXME: These cross compiler hacks should be removed for Autoconf 3.0
+ # If not cross compiling, check that we can run a simple program.
+ if test "$cross_compiling" != yes; then
+@@ -2115,49 +2209,53 @@ if test "$cross_compiling" != yes; then
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_try") 2>&5
+   ac_status=$?
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); }; }; then
+     cross_compiling=no
+   else
+     if test "$cross_compiling" = maybe; then
+       cross_compiling=yes
+     else
+-      { { echo "$as_me:$LINENO: error: cannot run C compiled programs.
++      { { $as_echo "$as_me:$LINENO: error: in \`$ac_pwd':" >&5
++$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
++{ { $as_echo "$as_me:$LINENO: error: cannot run C compiled programs.
+ If you meant to cross compile, use \`--host'.
+ See \`config.log' for more details." >&5
+-echo "$as_me: error: cannot run C compiled programs.
++$as_echo "$as_me: error: cannot run C compiled programs.
+ If you meant to cross compile, use \`--host'.
+ See \`config.log' for more details." >&2;}
+-   { (exit 1); exit 1; }; }
++   { (exit 1); exit 1; }; }; }
+     fi
+   fi
+ fi
+-{ echo "$as_me:$LINENO: result: yes" >&5
+-echo "${ECHO_T}yes" >&6; }
++{ $as_echo "$as_me:$LINENO: result: yes" >&5
++$as_echo "yes" >&6; }
+-rm -f a.out a.exe conftest$ac_cv_exeext b.out
++rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out
+ ac_clean_files=$ac_clean_files_save
+ # Check that the compiler produces executables we can run.  If not, either
+ # the compiler is broken, or we cross compile.
+-{ echo "$as_me:$LINENO: checking whether we are cross compiling" >&5
+-echo $ECHO_N "checking whether we are cross compiling... $ECHO_C" >&6; }
+-{ echo "$as_me:$LINENO: result: $cross_compiling" >&5
+-echo "${ECHO_T}$cross_compiling" >&6; }
++{ $as_echo "$as_me:$LINENO: checking whether we are cross compiling" >&5
++$as_echo_n "checking whether we are cross compiling... " >&6; }
++{ $as_echo "$as_me:$LINENO: result: $cross_compiling" >&5
++$as_echo "$cross_compiling" >&6; }
+-{ echo "$as_me:$LINENO: checking for suffix of executables" >&5
+-echo $ECHO_N "checking for suffix of executables... $ECHO_C" >&6; }
++{ $as_echo "$as_me:$LINENO: checking for suffix of executables" >&5
++$as_echo_n "checking for suffix of executables... " >&6; }
+ if { (ac_try="$ac_link"
+ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link") 2>&5
+   ac_status=$?
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); }; then
+   # If both `conftest.exe' and `conftest' are `present' (well, observable)
+ # catch `conftest.exe'.  For instance with Cygwin, `ls conftest' will
+@@ -2166,31 +2264,33 @@ eval "echo \"\$as_me:$LINENO: $ac_try_ec
+ for ac_file in conftest.exe conftest conftest.*; do
+   test -f "$ac_file" || continue
+   case $ac_file in
+-    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.o | *.obj ) ;;
++    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;;
+     *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'`
+         break;;
+     * ) break;;
+   esac
+ done
+ else
+-  { { echo "$as_me:$LINENO: error: cannot compute suffix of executables: cannot compile and link
++  { { $as_echo "$as_me:$LINENO: error: in \`$ac_pwd':" >&5
++$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
++{ { $as_echo "$as_me:$LINENO: error: cannot compute suffix of executables: cannot compile and link
+ See \`config.log' for more details." >&5
+-echo "$as_me: error: cannot compute suffix of executables: cannot compile and link
++$as_echo "$as_me: error: cannot compute suffix of executables: cannot compile and link
+ See \`config.log' for more details." >&2;}
+-   { (exit 1); exit 1; }; }
++   { (exit 1); exit 1; }; }; }
+ fi
+ rm -f conftest$ac_cv_exeext
+-{ echo "$as_me:$LINENO: result: $ac_cv_exeext" >&5
+-echo "${ECHO_T}$ac_cv_exeext" >&6; }
++{ $as_echo "$as_me:$LINENO: result: $ac_cv_exeext" >&5
++$as_echo "$ac_cv_exeext" >&6; }
+ rm -f conftest.$ac_ext
+ EXEEXT=$ac_cv_exeext
+ ac_exeext=$EXEEXT
+-{ echo "$as_me:$LINENO: checking for suffix of object files" >&5
+-echo $ECHO_N "checking for suffix of object files... $ECHO_C" >&6; }
++{ $as_echo "$as_me:$LINENO: checking for suffix of object files" >&5
++$as_echo_n "checking for suffix of object files... " >&6; }
+ if test "${ac_cv_objext+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+@@ -2213,40 +2313,43 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_compile") 2>&5
+   ac_status=$?
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); }; then
+   for ac_file in conftest.o conftest.obj conftest.*; do
+   test -f "$ac_file" || continue;
+   case $ac_file in
+-    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf ) ;;
++    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;;
+     *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'`
+        break;;
+   esac
+ done
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+-{ { echo "$as_me:$LINENO: error: cannot compute suffix of object files: cannot compile
++{ { $as_echo "$as_me:$LINENO: error: in \`$ac_pwd':" >&5
++$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
++{ { $as_echo "$as_me:$LINENO: error: cannot compute suffix of object files: cannot compile
+ See \`config.log' for more details." >&5
+-echo "$as_me: error: cannot compute suffix of object files: cannot compile
++$as_echo "$as_me: error: cannot compute suffix of object files: cannot compile
+ See \`config.log' for more details." >&2;}
+-   { (exit 1); exit 1; }; }
++   { (exit 1); exit 1; }; }; }
+ fi
+ rm -f conftest.$ac_cv_objext conftest.$ac_ext
+ fi
+-{ echo "$as_me:$LINENO: result: $ac_cv_objext" >&5
+-echo "${ECHO_T}$ac_cv_objext" >&6; }
++{ $as_echo "$as_me:$LINENO: result: $ac_cv_objext" >&5
++$as_echo "$ac_cv_objext" >&6; }
+ OBJEXT=$ac_cv_objext
+ ac_objext=$OBJEXT
+-{ echo "$as_me:$LINENO: checking whether we are using the GNU C compiler" >&5
+-echo $ECHO_N "checking whether we are using the GNU C compiler... $ECHO_C" >&6; }
++{ $as_echo "$as_me:$LINENO: checking whether we are using the GNU C compiler" >&5
++$as_echo_n "checking whether we are using the GNU C compiler... " >&6; }
+ if test "${ac_cv_c_compiler_gnu+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+@@ -2272,20 +2375,21 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_compile") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+        test -z "$ac_c_werror_flag" ||
+        test ! -s conftest.err
+        } && test -s conftest.$ac_objext; then
+   ac_compiler_gnu=yes
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+       ac_compiler_gnu=no
+@@ -2295,15 +2399,19 @@ rm -f core conftest.err conftest.$ac_obj
+ ac_cv_c_compiler_gnu=$ac_compiler_gnu
+ fi
+-{ echo "$as_me:$LINENO: result: $ac_cv_c_compiler_gnu" >&5
+-echo "${ECHO_T}$ac_cv_c_compiler_gnu" >&6; }
+-GCC=`test $ac_compiler_gnu = yes && echo yes`
++{ $as_echo "$as_me:$LINENO: result: $ac_cv_c_compiler_gnu" >&5
++$as_echo "$ac_cv_c_compiler_gnu" >&6; }
++if test $ac_compiler_gnu = yes; then
++  GCC=yes
++else
++  GCC=
++fi
+ ac_test_CFLAGS=${CFLAGS+set}
+ ac_save_CFLAGS=$CFLAGS
+-{ echo "$as_me:$LINENO: checking whether $CC accepts -g" >&5
+-echo $ECHO_N "checking whether $CC accepts -g... $ECHO_C" >&6; }
++{ $as_echo "$as_me:$LINENO: checking whether $CC accepts -g" >&5
++$as_echo_n "checking whether $CC accepts -g... " >&6; }
+ if test "${ac_cv_prog_cc_g+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   ac_save_c_werror_flag=$ac_c_werror_flag
+    ac_c_werror_flag=yes
+@@ -2330,20 +2438,21 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_compile") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+        test -z "$ac_c_werror_flag" ||
+        test ! -s conftest.err
+        } && test -s conftest.$ac_objext; then
+   ac_cv_prog_cc_g=yes
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+       CFLAGS=""
+@@ -2368,20 +2477,21 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_compile") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+        test -z "$ac_c_werror_flag" ||
+        test ! -s conftest.err
+        } && test -s conftest.$ac_objext; then
+   :
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+       ac_c_werror_flag=$ac_save_c_werror_flag
+@@ -2407,20 +2517,21 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_compile") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+        test -z "$ac_c_werror_flag" ||
+        test ! -s conftest.err
+        } && test -s conftest.$ac_objext; then
+   ac_cv_prog_cc_g=yes
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+@@ -2435,8 +2546,8 @@ fi
+ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+    ac_c_werror_flag=$ac_save_c_werror_flag
+ fi
+-{ echo "$as_me:$LINENO: result: $ac_cv_prog_cc_g" >&5
+-echo "${ECHO_T}$ac_cv_prog_cc_g" >&6; }
++{ $as_echo "$as_me:$LINENO: result: $ac_cv_prog_cc_g" >&5
++$as_echo "$ac_cv_prog_cc_g" >&6; }
+ if test "$ac_test_CFLAGS" = set; then
+   CFLAGS=$ac_save_CFLAGS
+ elif test $ac_cv_prog_cc_g = yes; then
+@@ -2452,10 +2563,10 @@ else
+     CFLAGS=
+   fi
+ fi
+-{ echo "$as_me:$LINENO: checking for $CC option to accept ISO C89" >&5
+-echo $ECHO_N "checking for $CC option to accept ISO C89... $ECHO_C" >&6; }
++{ $as_echo "$as_me:$LINENO: checking for $CC option to accept ISO C89" >&5
++$as_echo_n "checking for $CC option to accept ISO C89... " >&6; }
+ if test "${ac_cv_prog_cc_c89+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   ac_cv_prog_cc_c89=no
+ ac_save_CC=$CC
+@@ -2526,20 +2637,21 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_compile") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+        test -z "$ac_c_werror_flag" ||
+        test ! -s conftest.err
+        } && test -s conftest.$ac_objext; then
+   ac_cv_prog_cc_c89=$ac_arg
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+@@ -2555,15 +2667,15 @@ fi
+ # AC_CACHE_VAL
+ case "x$ac_cv_prog_cc_c89" in
+   x)
+-    { echo "$as_me:$LINENO: result: none needed" >&5
+-echo "${ECHO_T}none needed" >&6; } ;;
++    { $as_echo "$as_me:$LINENO: result: none needed" >&5
++$as_echo "none needed" >&6; } ;;
+   xno)
+-    { echo "$as_me:$LINENO: result: unsupported" >&5
+-echo "${ECHO_T}unsupported" >&6; } ;;
++    { $as_echo "$as_me:$LINENO: result: unsupported" >&5
++$as_echo "unsupported" >&6; } ;;
+   *)
+     CC="$CC $ac_cv_prog_cc_c89"
+-    { echo "$as_me:$LINENO: result: $ac_cv_prog_cc_c89" >&5
+-echo "${ECHO_T}$ac_cv_prog_cc_c89" >&6; } ;;
++    { $as_echo "$as_me:$LINENO: result: $ac_cv_prog_cc_c89" >&5
++$as_echo "$ac_cv_prog_cc_c89" >&6; } ;;
+ esac
+@@ -2581,8 +2693,8 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
+ if test "${with_rlm_ldap_lib_dir+set}" = set; then
+   withval=$with_rlm_ldap_lib_dir;  case "$withval" in
+           no)
+-              { { echo "$as_me:$LINENO: error: Need rlm-ldap-lib-dir" >&5
+-echo "$as_me: error: Need rlm-ldap-lib-dir" >&2;}
++              { { $as_echo "$as_me:$LINENO: error: Need rlm-ldap-lib-dir" >&5
++$as_echo "$as_me: error: Need rlm-ldap-lib-dir" >&2;}
+    { (exit 1); exit 1; }; }
+               ;;
+           yes)
+@@ -2601,8 +2713,8 @@ fi
+ if test "${with_rlm_ldap_include_dir+set}" = set; then
+   withval=$with_rlm_ldap_include_dir;  case "$withval" in
+           no)
+-              { { echo "$as_me:$LINENO: error: Need rlm-ldap-include-dir" >&5
+-echo "$as_me: error: Need rlm-ldap-include-dir" >&2;}
++              { { $as_echo "$as_me:$LINENO: error: Need rlm-ldap-include-dir" >&5
++$as_echo "$as_me: error: Need rlm-ldap-include-dir" >&2;}
+    { (exit 1); exit 1; }; }
+               ;;
+           yes)
+@@ -2641,8 +2753,8 @@ fi
+                               if test "x$enable_shared" = "xno"; then
+-              { echo "$as_me:$LINENO: WARNING: Static linking with libldap will probably result in unresolved symbols." >&5
+-echo "$as_me: WARNING: Static linking with libldap will probably result in unresolved symbols." >&2;}
++              { $as_echo "$as_me:$LINENO: WARNING: Static linking with libldap will probably result in unresolved symbols." >&5
++$as_echo "$as_me: WARNING: Static linking with libldap will probably result in unresolved symbols." >&2;}
+       fi
+               rlm_ldap_with_threads=yes
+@@ -2661,10 +2773,10 @@ fi
+                       if test "x$rlm_ldap_with_threads" = "xyes"; then
+-          { echo "$as_me:$LINENO: checking for pthread_create in -lpthread" >&5
+-echo $ECHO_N "checking for pthread_create in -lpthread... $ECHO_C" >&6; }
++          { $as_echo "$as_me:$LINENO: checking for pthread_create in -lpthread" >&5
++$as_echo_n "checking for pthread_create in -lpthread... " >&6; }
+ if test "${ac_cv_lib_pthread_pthread_create+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   ac_check_lib_save_LIBS=$LIBS
+ LIBS="-lpthread  $LIBS"
+@@ -2696,39 +2808,43 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+        test -z "$ac_c_werror_flag" ||
+        test ! -s conftest.err
+-       } && test -s conftest$ac_exeext &&
+-       $as_test_x conftest$ac_exeext; then
++       } && test -s conftest$ac_exeext && {
++       test "$cross_compiling" = yes ||
++       $as_test_x conftest$ac_exeext
++       }; then
+   ac_cv_lib_pthread_pthread_create=yes
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+       ac_cv_lib_pthread_pthread_create=no
+ fi
++rm -rf conftest.dSYM
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+       conftest$ac_exeext conftest.$ac_ext
+ LIBS=$ac_check_lib_save_LIBS
+ fi
+-{ echo "$as_me:$LINENO: result: $ac_cv_lib_pthread_pthread_create" >&5
+-echo "${ECHO_T}$ac_cv_lib_pthread_pthread_create" >&6; }
+-if test $ac_cv_lib_pthread_pthread_create = yes; then
++{ $as_echo "$as_me:$LINENO: result: $ac_cv_lib_pthread_pthread_create" >&5
++$as_echo "$ac_cv_lib_pthread_pthread_create" >&6; }
++if test "x$ac_cv_lib_pthread_pthread_create" = x""yes; then
+    LIBS="-lpthread $LIBS"
+ else
+-  { echo "$as_me:$LINENO: checking for pthread_create in -lc_r" >&5
+-echo $ECHO_N "checking for pthread_create in -lc_r... $ECHO_C" >&6; }
++  { $as_echo "$as_me:$LINENO: checking for pthread_create in -lc_r" >&5
++$as_echo_n "checking for pthread_create in -lc_r... " >&6; }
+ if test "${ac_cv_lib_c_r_pthread_create+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   ac_check_lib_save_LIBS=$LIBS
+ LIBS="-lc_r  $LIBS"
+@@ -2761,33 +2877,37 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+        test -z "$ac_c_werror_flag" ||
+        test ! -s conftest.err
+-       } && test -s conftest$ac_exeext &&
+-       $as_test_x conftest$ac_exeext; then
++       } && test -s conftest$ac_exeext && {
++       test "$cross_compiling" = yes ||
++       $as_test_x conftest$ac_exeext
++       }; then
+   ac_cv_lib_c_r_pthread_create=yes
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+       ac_cv_lib_c_r_pthread_create=no
+ fi
++rm -rf conftest.dSYM
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+       conftest$ac_exeext conftest.$ac_ext
+ LIBS=$ac_check_lib_save_LIBS
+ fi
+-{ echo "$as_me:$LINENO: result: $ac_cv_lib_c_r_pthread_create" >&5
+-echo "${ECHO_T}$ac_cv_lib_c_r_pthread_create" >&6; }
+-if test $ac_cv_lib_c_r_pthread_create = yes; then
++{ $as_echo "$as_me:$LINENO: result: $ac_cv_lib_c_r_pthread_create" >&5
++$as_echo "$ac_cv_lib_c_r_pthread_create" >&6; }
++if test "x$ac_cv_lib_c_r_pthread_create" = x""yes; then
+    LIBS="-lc_r $LIBS"
+ else
+    rlm_ldap_with_threads="no"
+@@ -2799,14 +2919,12 @@ fi
+       fi
+-                              smart_try_dir=$rlm_ldap_lib_dir
+-      if test "x$rlm_ldap_with_threads" = "xyes"; then
+-sm_lib_safe=`echo "ldap_r" | sed 'y%./+-%__p_%'`
+-sm_func_safe=`echo "ldap_init" | sed 'y%./+-%__p_%'`
+-{ echo "$as_me:$LINENO: checking for ldap_init in -lldap_r" >&5
+-echo $ECHO_N "checking for ldap_init in -lldap_r... $ECHO_C" >&6; }
++sm_lib_safe=`echo "sasl" | sed 'y%./+-%__p_%'`
++sm_func_safe=`echo "sasl_encode" | sed 'y%./+-%__p_%'`
++{ $as_echo "$as_me:$LINENO: checking for sasl_encode in -lsasl" >&5
++$as_echo_n "checking for sasl_encode in -lsasl... " >&6; }
+ old_LIBS="$LIBS"
+ smart_lib=
+@@ -2814,18 +2932,18 @@ smart_lib_dir=
+ if test "x$smart_try_dir" != "x"; then
+   for try in $smart_try_dir; do
+-    LIBS="-L$try -lldap_r $old_LIBS"
++    LIBS="-L$try -lsasl $old_LIBS"
+     cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+ _ACEOF
+ cat confdefs.h >>conftest.$ac_ext
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h.  */
+-extern char ldap_init();
++extern char sasl_encode();
+ int
+ main ()
+ {
+- ldap_init()
++ sasl_encode()
+   ;
+   return 0;
+ }
+@@ -2836,26 +2954,30 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+        test -z "$ac_c_werror_flag" ||
+        test ! -s conftest.err
+-       } && test -s conftest$ac_exeext &&
+-       $as_test_x conftest$ac_exeext; then
+-  smart_lib="-L$try -lldap_r"
++       } && test -s conftest$ac_exeext && {
++       test "$cross_compiling" = yes ||
++       $as_test_x conftest$ac_exeext
++       }; then
++  smart_lib="-L$try -lsasl"
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ fi
++rm -rf conftest.dSYM
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+       conftest$ac_exeext conftest.$ac_ext
+     if test "x$smart_lib" != "x"; then
+@@ -2866,18 +2988,18 @@ rm -f core conftest.err conftest.$ac_obj
+ fi
+ if test "x$smart_lib" = "x"; then
+-  LIBS="-lldap_r $old_LIBS"
++  LIBS="-lsasl $old_LIBS"
+   cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+ _ACEOF
+ cat confdefs.h >>conftest.$ac_ext
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h.  */
+-extern char ldap_init();
++extern char sasl_encode();
+ int
+ main ()
+ {
+- ldap_init()
++ sasl_encode()
+   ;
+   return 0;
+ }
+@@ -2888,26 +3010,30 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+        test -z "$ac_c_werror_flag" ||
+        test ! -s conftest.err
+-       } && test -s conftest$ac_exeext &&
+-       $as_test_x conftest$ac_exeext; then
+-  smart_lib="-lldap_r"
++       } && test -s conftest$ac_exeext && {
++       test "$cross_compiling" = yes ||
++       $as_test_x conftest$ac_exeext
++       }; then
++  smart_lib="-lsasl"
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ fi
++rm -rf conftest.dSYM
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+       conftest$ac_exeext conftest.$ac_ext
+   LIBS="$old_LIBS"
+@@ -2918,7 +3044,7 @@ if test "x$smart_lib" = "x"; then
+ if test "x$LOCATE" != "x"; then
+         DIRS=
+-  file=libldap_r${libltdl_cv_shlibext}
++  file=libsasl${libltdl_cv_shlibext}
+   for x in `${LOCATE} $file 2>/dev/null`; do
+                                         base=`echo $x | sed "s%/${file}%%"`
+@@ -2945,7 +3071,7 @@ eval "smart_lib_dir=\"\$smart_lib_dir $D
+ if test "x$LOCATE" != "x"; then
+         DIRS=
+-  file=libldap_r.a
++  file=libsasl.a
+   for x in `${LOCATE} $file 2>/dev/null`; do
+                                         base=`echo $x | sed "s%/${file}%%"`
+@@ -2970,18 +3096,18 @@ eval "smart_lib_dir=\"\$smart_lib_dir $D
+   for try in $smart_lib_dir /usr/local/lib /opt/lib; do
+-    LIBS="-L$try -lldap_r $old_LIBS"
++    LIBS="-L$try -lsasl $old_LIBS"
+     cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+ _ACEOF
+ cat confdefs.h >>conftest.$ac_ext
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h.  */
+-extern char ldap_init();
++extern char sasl_encode();
+ int
+ main ()
+ {
+- ldap_init()
++ sasl_encode()
+   ;
+   return 0;
+ }
+@@ -2992,26 +3118,30 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+        test -z "$ac_c_werror_flag" ||
+        test ! -s conftest.err
+-       } && test -s conftest$ac_exeext &&
+-       $as_test_x conftest$ac_exeext; then
+-  smart_lib="-L$try -lldap_r"
++       } && test -s conftest$ac_exeext && {
++       test "$cross_compiling" = yes ||
++       $as_test_x conftest$ac_exeext
++       }; then
++  smart_lib="-L$try -lsasl"
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ fi
++rm -rf conftest.dSYM
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+       conftest$ac_exeext conftest.$ac_ext
+     if test "x$smart_lib" != "x"; then
+@@ -3022,26 +3152,22 @@ rm -f core conftest.err conftest.$ac_obj
+ fi
+ if test "x$smart_lib" != "x"; then
+-  { echo "$as_me:$LINENO: result: yes" >&5
+-echo "${ECHO_T}yes" >&6; }
++  { $as_echo "$as_me:$LINENO: result: yes" >&5
++$as_echo "yes" >&6; }
+   eval "ac_cv_lib_${sm_lib_safe}_${sm_func_safe}=yes"
+   LIBS="$smart_lib $old_LIBS"
+   SMART_LIBS="$smart_lib $SMART_LIBS"
+ else
+-  { echo "$as_me:$LINENO: result: no" >&5
+-echo "${ECHO_T}no" >&6; }
++  { $as_echo "$as_me:$LINENO: result: no" >&5
++$as_echo "no" >&6; }
+ fi
+-          if test "x$ac_cv_lib_ldap_r_ldap_init" != "xyes"; then
+-              fail="$fail libldap_r"
+-          fi
+-      else
+-sm_lib_safe=`echo "ldap" | sed 'y%./+-%__p_%'`
+-sm_func_safe=`echo "ldap_init" | sed 'y%./+-%__p_%'`
+-{ echo "$as_me:$LINENO: checking for ldap_init in -lldap" >&5
+-echo $ECHO_N "checking for ldap_init in -lldap... $ECHO_C" >&6; }
++sm_lib_safe=`echo "lber" | sed 'y%./+-%__p_%'`
++sm_func_safe=`echo "ber_init" | sed 'y%./+-%__p_%'`
++{ $as_echo "$as_me:$LINENO: checking for ber_init in -llber" >&5
++$as_echo_n "checking for ber_init in -llber... " >&6; }
+ old_LIBS="$LIBS"
+ smart_lib=
+@@ -3049,18 +3175,18 @@ smart_lib_dir=
+ if test "x$smart_try_dir" != "x"; then
+   for try in $smart_try_dir; do
+-    LIBS="-L$try -lldap $old_LIBS"
++    LIBS="-L$try -llber $old_LIBS"
+     cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+ _ACEOF
+ cat confdefs.h >>conftest.$ac_ext
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h.  */
+-extern char ldap_init();
++extern char ber_init();
+ int
+ main ()
+ {
+- ldap_init()
++ ber_init()
+   ;
+   return 0;
+ }
+@@ -3071,26 +3197,30 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+        test -z "$ac_c_werror_flag" ||
+        test ! -s conftest.err
+-       } && test -s conftest$ac_exeext &&
+-       $as_test_x conftest$ac_exeext; then
+-  smart_lib="-L$try -lldap"
++       } && test -s conftest$ac_exeext && {
++       test "$cross_compiling" = yes ||
++       $as_test_x conftest$ac_exeext
++       }; then
++  smart_lib="-L$try -llber"
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ fi
++rm -rf conftest.dSYM
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+       conftest$ac_exeext conftest.$ac_ext
+     if test "x$smart_lib" != "x"; then
+@@ -3101,18 +3231,18 @@ rm -f core conftest.err conftest.$ac_obj
+ fi
+ if test "x$smart_lib" = "x"; then
+-  LIBS="-lldap $old_LIBS"
++  LIBS="-llber $old_LIBS"
+   cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+ _ACEOF
+ cat confdefs.h >>conftest.$ac_ext
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h.  */
+-extern char ldap_init();
++extern char ber_init();
+ int
+ main ()
+ {
+- ldap_init()
++ ber_init()
+   ;
+   return 0;
+ }
+@@ -3123,26 +3253,30 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+        test -z "$ac_c_werror_flag" ||
+        test ! -s conftest.err
+-       } && test -s conftest$ac_exeext &&
+-       $as_test_x conftest$ac_exeext; then
+-  smart_lib="-lldap"
++       } && test -s conftest$ac_exeext && {
++       test "$cross_compiling" = yes ||
++       $as_test_x conftest$ac_exeext
++       }; then
++  smart_lib="-llber"
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ fi
++rm -rf conftest.dSYM
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+       conftest$ac_exeext conftest.$ac_ext
+   LIBS="$old_LIBS"
+@@ -3153,7 +3287,7 @@ if test "x$smart_lib" = "x"; then
+ if test "x$LOCATE" != "x"; then
+         DIRS=
+-  file=libldap${libltdl_cv_shlibext}
++  file=liblber${libltdl_cv_shlibext}
+   for x in `${LOCATE} $file 2>/dev/null`; do
+                                         base=`echo $x | sed "s%/${file}%%"`
+@@ -3180,7 +3314,7 @@ eval "smart_lib_dir=\"\$smart_lib_dir $D
+ if test "x$LOCATE" != "x"; then
+         DIRS=
+-  file=libldap.a
++  file=liblber.a
+   for x in `${LOCATE} $file 2>/dev/null`; do
+                                         base=`echo $x | sed "s%/${file}%%"`
+@@ -3205,18 +3339,18 @@ eval "smart_lib_dir=\"\$smart_lib_dir $D
+   for try in $smart_lib_dir /usr/local/lib /opt/lib; do
+-    LIBS="-L$try -lldap $old_LIBS"
++    LIBS="-L$try -llber $old_LIBS"
+     cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+ _ACEOF
+ cat confdefs.h >>conftest.$ac_ext
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h.  */
+-extern char ldap_init();
++extern char ber_init();
+ int
+ main ()
+ {
+- ldap_init()
++ ber_init()
+   ;
+   return 0;
+ }
+@@ -3227,26 +3361,30 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+        test -z "$ac_c_werror_flag" ||
+        test ! -s conftest.err
+-       } && test -s conftest$ac_exeext &&
+-       $as_test_x conftest$ac_exeext; then
+-  smart_lib="-L$try -lldap"
++       } && test -s conftest$ac_exeext && {
++       test "$cross_compiling" = yes ||
++       $as_test_x conftest$ac_exeext
++       }; then
++  smart_lib="-L$try -llber"
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ fi
++rm -rf conftest.dSYM
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+       conftest$ac_exeext conftest.$ac_ext
+     if test "x$smart_lib" != "x"; then
+@@ -3257,136 +3395,145 @@ rm -f core conftest.err conftest.$ac_obj
+ fi
+ if test "x$smart_lib" != "x"; then
+-  { echo "$as_me:$LINENO: result: yes" >&5
+-echo "${ECHO_T}yes" >&6; }
++  { $as_echo "$as_me:$LINENO: result: yes" >&5
++$as_echo "yes" >&6; }
+   eval "ac_cv_lib_${sm_lib_safe}_${sm_func_safe}=yes"
+   LIBS="$smart_lib $old_LIBS"
+   SMART_LIBS="$smart_lib $SMART_LIBS"
+ else
+-  { echo "$as_me:$LINENO: result: no" >&5
+-echo "${ECHO_T}no" >&6; }
++  { $as_echo "$as_me:$LINENO: result: no" >&5
++$as_echo "no" >&6; }
+ fi
+-          if test "x$ac_cv_lib_ldap_ldap_init" != "xyes"; then
+-              fail="$fail libldap"
+-          fi
+-      fi
+-
+-      smart_try_dir=$rlm_ldap_include_dir
++                              smart_try_dir=$rlm_ldap_lib_dir
++      if test "x$rlm_ldap_with_threads" = "xyes"; then
+-ac_safe=`echo "ldap.h" | sed 'y%./+-%__pm%'`
+-{ echo "$as_me:$LINENO: checking for ldap.h" >&5
+-echo $ECHO_N "checking for ldap.h... $ECHO_C" >&6; }
++sm_lib_safe=`echo "ldap_r" | sed 'y%./+-%__p_%'`
++sm_func_safe=`echo "ldap_init" | sed 'y%./+-%__p_%'`
++{ $as_echo "$as_me:$LINENO: checking for ldap_init in -lldap_r" >&5
++$as_echo_n "checking for ldap_init in -lldap_r... " >&6; }
+-old_CFLAGS="$CFLAGS"
+-smart_include=
+-smart_include_dir=
++old_LIBS="$LIBS"
++smart_lib=
++smart_lib_dir=
+ if test "x$smart_try_dir" != "x"; then
+   for try in $smart_try_dir; do
+-    CFLAGS="$old_CFLAGS -I$try"
++    LIBS="-L$try -lldap_r $old_LIBS"
+     cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+ _ACEOF
+ cat confdefs.h >>conftest.$ac_ext
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h.  */
+-
+-                  #include <ldap.h>
++extern char ldap_init();
+ int
+ main ()
+ {
+- int a = 1;
++ ldap_init()
+   ;
+   return 0;
+ }
+ _ACEOF
+-rm -f conftest.$ac_objext
+-if { (ac_try="$ac_compile"
++rm -f conftest.$ac_objext conftest$ac_exeext
++if { (ac_try="$ac_link"
+ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+-  (eval "$ac_compile") 2>conftest.er1
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
++  (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+        test -z "$ac_c_werror_flag" ||
+        test ! -s conftest.err
+-       } && test -s conftest.$ac_objext; then
+-  smart_include="-I$try"
++       } && test -s conftest$ac_exeext && {
++       test "$cross_compiling" = yes ||
++       $as_test_x conftest$ac_exeext
++       }; then
++  smart_lib="-L$try -lldap_r"
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+-      smart_include=
++
+ fi
+-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+-    if test "x$smart_include" != "x"; then
++rm -rf conftest.dSYM
++rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
++      conftest$ac_exeext conftest.$ac_ext
++    if test "x$smart_lib" != "x"; then
+       break;
+     fi
+   done
+-  CFLAGS="$old_CFLAGS"
++  LIBS="$old_LIBS"
+ fi
+-if test "x$smart_include" = "x"; then
++if test "x$smart_lib" = "x"; then
++  LIBS="-lldap_r $old_LIBS"
+   cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+ _ACEOF
+ cat confdefs.h >>conftest.$ac_ext
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h.  */
+-
+-                #include <ldap.h>
++extern char ldap_init();
+ int
+ main ()
+ {
+- int a = 1;
++ ldap_init()
+   ;
+   return 0;
+ }
+ _ACEOF
+-rm -f conftest.$ac_objext
+-if { (ac_try="$ac_compile"
++rm -f conftest.$ac_objext conftest$ac_exeext
++if { (ac_try="$ac_link"
+ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+-  (eval "$ac_compile") 2>conftest.er1
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
++  (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+        test -z "$ac_c_werror_flag" ||
+        test ! -s conftest.err
+-       } && test -s conftest.$ac_objext; then
+-  smart_include=" "
++       } && test -s conftest$ac_exeext && {
++       test "$cross_compiling" = yes ||
++       $as_test_x conftest$ac_exeext
++       }; then
++  smart_lib="-lldap_r"
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+-      smart_include=
++
+ fi
+-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
++rm -rf conftest.dSYM
++rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
++      conftest$ac_exeext conftest.$ac_ext
++  LIBS="$old_LIBS"
+ fi
+-if test "x$smart_include" = "x"; then
++if test "x$smart_lib" = "x"; then
+ if test "x$LOCATE" != "x"; then
+         DIRS=
+-  file=ldap.h
++  file=libldap_r${libltdl_cv_shlibext}
+   for x in `${LOCATE} $file 2>/dev/null`; do
+                                         base=`echo $x | sed "s%/${file}%%"`
+@@ -3400,19 +3547,505 @@ if test "x$LOCATE" != "x"; then
+       continue
+     fi
+-                    already=`echo \$smart_include_dir ${DIRS} | ${GREP} ${dir}`
++                    already=`echo \$smart_lib_dir ${DIRS} | ${GREP} ${dir}`
+     if test "x$already" = "x"; then
+       DIRS="$DIRS $dir"
+     fi
+   done
+ fi
+-eval "smart_include_dir=\"\$smart_include_dir $DIRS\""
++eval "smart_lib_dir=\"\$smart_lib_dir $DIRS\""
+-  for try in $smart_include_dir /usr/local/include /opt/include; do
+-    CFLAGS="$old_CFLAGS -I$try"
+-    cat >conftest.$ac_ext <<_ACEOF
++
++if test "x$LOCATE" != "x"; then
++        DIRS=
++  file=libldap_r.a
++
++  for x in `${LOCATE} $file 2>/dev/null`; do
++                                        base=`echo $x | sed "s%/${file}%%"`
++    if test "x$x" = "x$base"; then
++      continue;
++    fi
++
++    dir=`${DIRNAME} $x 2>/dev/null`
++                exclude=`echo ${dir} | ${GREP} /home`
++    if test "x$exclude" != "x"; then
++      continue
++    fi
++
++                    already=`echo \$smart_lib_dir ${DIRS} | ${GREP} ${dir}`
++    if test "x$already" = "x"; then
++      DIRS="$DIRS $dir"
++    fi
++  done
++fi
++
++eval "smart_lib_dir=\"\$smart_lib_dir $DIRS\""
++
++
++  for try in $smart_lib_dir /usr/local/lib /opt/lib; do
++    LIBS="-L$try -lldap_r $old_LIBS"
++    cat >conftest.$ac_ext <<_ACEOF
++/* confdefs.h.  */
++_ACEOF
++cat confdefs.h >>conftest.$ac_ext
++cat >>conftest.$ac_ext <<_ACEOF
++/* end confdefs.h.  */
++extern char ldap_init();
++int
++main ()
++{
++ ldap_init()
++  ;
++  return 0;
++}
++_ACEOF
++rm -f conftest.$ac_objext conftest$ac_exeext
++if { (ac_try="$ac_link"
++case "(($ac_try" in
++  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
++  *) ac_try_echo=$ac_try;;
++esac
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
++  (eval "$ac_link") 2>conftest.er1
++  ac_status=$?
++  grep -v '^ *+' conftest.er1 >conftest.err
++  rm -f conftest.er1
++  cat conftest.err >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  (exit $ac_status); } && {
++       test -z "$ac_c_werror_flag" ||
++       test ! -s conftest.err
++       } && test -s conftest$ac_exeext && {
++       test "$cross_compiling" = yes ||
++       $as_test_x conftest$ac_exeext
++       }; then
++  smart_lib="-L$try -lldap_r"
++else
++  $as_echo "$as_me: failed program was:" >&5
++sed 's/^/| /' conftest.$ac_ext >&5
++
++
++fi
++
++rm -rf conftest.dSYM
++rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
++      conftest$ac_exeext conftest.$ac_ext
++    if test "x$smart_lib" != "x"; then
++      break;
++    fi
++  done
++  LIBS="$old_LIBS"
++fi
++
++if test "x$smart_lib" != "x"; then
++  { $as_echo "$as_me:$LINENO: result: yes" >&5
++$as_echo "yes" >&6; }
++  eval "ac_cv_lib_${sm_lib_safe}_${sm_func_safe}=yes"
++  LIBS="$smart_lib $old_LIBS"
++  SMART_LIBS="$smart_lib $SMART_LIBS"
++else
++  { $as_echo "$as_me:$LINENO: result: no" >&5
++$as_echo "no" >&6; }
++fi
++
++          if test "x$ac_cv_lib_ldap_r_ldap_init" != "xyes"; then
++              fail="$fail libldap_r"
++          fi
++      else
++
++
++sm_lib_safe=`echo "ldap" | sed 'y%./+-%__p_%'`
++sm_func_safe=`echo "ldap_init" | sed 'y%./+-%__p_%'`
++{ $as_echo "$as_me:$LINENO: checking for ldap_init in -lldap" >&5
++$as_echo_n "checking for ldap_init in -lldap... " >&6; }
++
++old_LIBS="$LIBS"
++smart_lib=
++smart_lib_dir=
++
++if test "x$smart_try_dir" != "x"; then
++  for try in $smart_try_dir; do
++    LIBS="-L$try -lldap $old_LIBS"
++    cat >conftest.$ac_ext <<_ACEOF
++/* confdefs.h.  */
++_ACEOF
++cat confdefs.h >>conftest.$ac_ext
++cat >>conftest.$ac_ext <<_ACEOF
++/* end confdefs.h.  */
++extern char ldap_init();
++int
++main ()
++{
++ ldap_init()
++  ;
++  return 0;
++}
++_ACEOF
++rm -f conftest.$ac_objext conftest$ac_exeext
++if { (ac_try="$ac_link"
++case "(($ac_try" in
++  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
++  *) ac_try_echo=$ac_try;;
++esac
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
++  (eval "$ac_link") 2>conftest.er1
++  ac_status=$?
++  grep -v '^ *+' conftest.er1 >conftest.err
++  rm -f conftest.er1
++  cat conftest.err >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  (exit $ac_status); } && {
++       test -z "$ac_c_werror_flag" ||
++       test ! -s conftest.err
++       } && test -s conftest$ac_exeext && {
++       test "$cross_compiling" = yes ||
++       $as_test_x conftest$ac_exeext
++       }; then
++  smart_lib="-L$try -lldap"
++else
++  $as_echo "$as_me: failed program was:" >&5
++sed 's/^/| /' conftest.$ac_ext >&5
++
++
++fi
++
++rm -rf conftest.dSYM
++rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
++      conftest$ac_exeext conftest.$ac_ext
++    if test "x$smart_lib" != "x"; then
++      break;
++    fi
++  done
++  LIBS="$old_LIBS"
++fi
++
++if test "x$smart_lib" = "x"; then
++  LIBS="-lldap $old_LIBS"
++  cat >conftest.$ac_ext <<_ACEOF
++/* confdefs.h.  */
++_ACEOF
++cat confdefs.h >>conftest.$ac_ext
++cat >>conftest.$ac_ext <<_ACEOF
++/* end confdefs.h.  */
++extern char ldap_init();
++int
++main ()
++{
++ ldap_init()
++  ;
++  return 0;
++}
++_ACEOF
++rm -f conftest.$ac_objext conftest$ac_exeext
++if { (ac_try="$ac_link"
++case "(($ac_try" in
++  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
++  *) ac_try_echo=$ac_try;;
++esac
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
++  (eval "$ac_link") 2>conftest.er1
++  ac_status=$?
++  grep -v '^ *+' conftest.er1 >conftest.err
++  rm -f conftest.er1
++  cat conftest.err >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  (exit $ac_status); } && {
++       test -z "$ac_c_werror_flag" ||
++       test ! -s conftest.err
++       } && test -s conftest$ac_exeext && {
++       test "$cross_compiling" = yes ||
++       $as_test_x conftest$ac_exeext
++       }; then
++  smart_lib="-lldap"
++else
++  $as_echo "$as_me: failed program was:" >&5
++sed 's/^/| /' conftest.$ac_ext >&5
++
++
++fi
++
++rm -rf conftest.dSYM
++rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
++      conftest$ac_exeext conftest.$ac_ext
++  LIBS="$old_LIBS"
++fi
++
++if test "x$smart_lib" = "x"; then
++
++
++if test "x$LOCATE" != "x"; then
++        DIRS=
++  file=libldap${libltdl_cv_shlibext}
++
++  for x in `${LOCATE} $file 2>/dev/null`; do
++                                        base=`echo $x | sed "s%/${file}%%"`
++    if test "x$x" = "x$base"; then
++      continue;
++    fi
++
++    dir=`${DIRNAME} $x 2>/dev/null`
++                exclude=`echo ${dir} | ${GREP} /home`
++    if test "x$exclude" != "x"; then
++      continue
++    fi
++
++                    already=`echo \$smart_lib_dir ${DIRS} | ${GREP} ${dir}`
++    if test "x$already" = "x"; then
++      DIRS="$DIRS $dir"
++    fi
++  done
++fi
++
++eval "smart_lib_dir=\"\$smart_lib_dir $DIRS\""
++
++
++
++if test "x$LOCATE" != "x"; then
++        DIRS=
++  file=libldap.a
++
++  for x in `${LOCATE} $file 2>/dev/null`; do
++                                        base=`echo $x | sed "s%/${file}%%"`
++    if test "x$x" = "x$base"; then
++      continue;
++    fi
++
++    dir=`${DIRNAME} $x 2>/dev/null`
++                exclude=`echo ${dir} | ${GREP} /home`
++    if test "x$exclude" != "x"; then
++      continue
++    fi
++
++                    already=`echo \$smart_lib_dir ${DIRS} | ${GREP} ${dir}`
++    if test "x$already" = "x"; then
++      DIRS="$DIRS $dir"
++    fi
++  done
++fi
++
++eval "smart_lib_dir=\"\$smart_lib_dir $DIRS\""
++
++
++  for try in $smart_lib_dir /usr/local/lib /opt/lib; do
++    LIBS="-L$try -lldap $old_LIBS"
++    cat >conftest.$ac_ext <<_ACEOF
++/* confdefs.h.  */
++_ACEOF
++cat confdefs.h >>conftest.$ac_ext
++cat >>conftest.$ac_ext <<_ACEOF
++/* end confdefs.h.  */
++extern char ldap_init();
++int
++main ()
++{
++ ldap_init()
++  ;
++  return 0;
++}
++_ACEOF
++rm -f conftest.$ac_objext conftest$ac_exeext
++if { (ac_try="$ac_link"
++case "(($ac_try" in
++  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
++  *) ac_try_echo=$ac_try;;
++esac
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
++  (eval "$ac_link") 2>conftest.er1
++  ac_status=$?
++  grep -v '^ *+' conftest.er1 >conftest.err
++  rm -f conftest.er1
++  cat conftest.err >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  (exit $ac_status); } && {
++       test -z "$ac_c_werror_flag" ||
++       test ! -s conftest.err
++       } && test -s conftest$ac_exeext && {
++       test "$cross_compiling" = yes ||
++       $as_test_x conftest$ac_exeext
++       }; then
++  smart_lib="-L$try -lldap"
++else
++  $as_echo "$as_me: failed program was:" >&5
++sed 's/^/| /' conftest.$ac_ext >&5
++
++
++fi
++
++rm -rf conftest.dSYM
++rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
++      conftest$ac_exeext conftest.$ac_ext
++    if test "x$smart_lib" != "x"; then
++      break;
++    fi
++  done
++  LIBS="$old_LIBS"
++fi
++
++if test "x$smart_lib" != "x"; then
++  { $as_echo "$as_me:$LINENO: result: yes" >&5
++$as_echo "yes" >&6; }
++  eval "ac_cv_lib_${sm_lib_safe}_${sm_func_safe}=yes"
++  LIBS="$smart_lib $old_LIBS"
++  SMART_LIBS="$smart_lib $SMART_LIBS"
++else
++  { $as_echo "$as_me:$LINENO: result: no" >&5
++$as_echo "no" >&6; }
++fi
++
++          if test "x$ac_cv_lib_ldap_ldap_init" != "xyes"; then
++              fail="$fail libldap"
++          fi
++      fi
++
++
++      smart_try_dir=$rlm_ldap_include_dir
++
++
++ac_safe=`echo "ldap.h" | sed 'y%./+-%__pm%'`
++{ $as_echo "$as_me:$LINENO: checking for ldap.h" >&5
++$as_echo_n "checking for ldap.h... " >&6; }
++
++old_CFLAGS="$CFLAGS"
++smart_include=
++smart_include_dir=
++
++if test "x$smart_try_dir" != "x"; then
++  for try in $smart_try_dir; do
++    CFLAGS="$old_CFLAGS -I$try"
++    cat >conftest.$ac_ext <<_ACEOF
++/* confdefs.h.  */
++_ACEOF
++cat confdefs.h >>conftest.$ac_ext
++cat >>conftest.$ac_ext <<_ACEOF
++/* end confdefs.h.  */
++
++                  #include <ldap.h>
++int
++main ()
++{
++ int a = 1;
++  ;
++  return 0;
++}
++_ACEOF
++rm -f conftest.$ac_objext
++if { (ac_try="$ac_compile"
++case "(($ac_try" in
++  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
++  *) ac_try_echo=$ac_try;;
++esac
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
++  (eval "$ac_compile") 2>conftest.er1
++  ac_status=$?
++  grep -v '^ *+' conftest.er1 >conftest.err
++  rm -f conftest.er1
++  cat conftest.err >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  (exit $ac_status); } && {
++       test -z "$ac_c_werror_flag" ||
++       test ! -s conftest.err
++       } && test -s conftest.$ac_objext; then
++  smart_include="-I$try"
++else
++  $as_echo "$as_me: failed program was:" >&5
++sed 's/^/| /' conftest.$ac_ext >&5
++
++      smart_include=
++fi
++
++rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
++    if test "x$smart_include" != "x"; then
++      break;
++    fi
++  done
++  CFLAGS="$old_CFLAGS"
++fi
++
++if test "x$smart_include" = "x"; then
++  cat >conftest.$ac_ext <<_ACEOF
++/* confdefs.h.  */
++_ACEOF
++cat confdefs.h >>conftest.$ac_ext
++cat >>conftest.$ac_ext <<_ACEOF
++/* end confdefs.h.  */
++
++                #include <ldap.h>
++int
++main ()
++{
++ int a = 1;
++  ;
++  return 0;
++}
++_ACEOF
++rm -f conftest.$ac_objext
++if { (ac_try="$ac_compile"
++case "(($ac_try" in
++  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
++  *) ac_try_echo=$ac_try;;
++esac
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
++  (eval "$ac_compile") 2>conftest.er1
++  ac_status=$?
++  grep -v '^ *+' conftest.er1 >conftest.err
++  rm -f conftest.er1
++  cat conftest.err >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  (exit $ac_status); } && {
++       test -z "$ac_c_werror_flag" ||
++       test ! -s conftest.err
++       } && test -s conftest.$ac_objext; then
++  smart_include=" "
++else
++  $as_echo "$as_me: failed program was:" >&5
++sed 's/^/| /' conftest.$ac_ext >&5
++
++      smart_include=
++fi
++
++rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
++fi
++
++if test "x$smart_include" = "x"; then
++
++
++if test "x$LOCATE" != "x"; then
++        DIRS=
++  file=ldap.h
++
++  for x in `${LOCATE} $file 2>/dev/null`; do
++                                        base=`echo $x | sed "s%/${file}%%"`
++    if test "x$x" = "x$base"; then
++      continue;
++    fi
++
++    dir=`${DIRNAME} $x 2>/dev/null`
++                exclude=`echo ${dir} | ${GREP} /home`
++    if test "x$exclude" != "x"; then
++      continue
++    fi
++
++                    already=`echo \$smart_include_dir ${DIRS} | ${GREP} ${dir}`
++    if test "x$already" = "x"; then
++      DIRS="$DIRS $dir"
++    fi
++  done
++fi
++
++eval "smart_include_dir=\"\$smart_include_dir $DIRS\""
++
++
++  for try in $smart_include_dir /usr/local/include /opt/include; do
++    CFLAGS="$old_CFLAGS -I$try"
++    cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+ _ACEOF
+ cat confdefs.h >>conftest.$ac_ext
+@@ -3434,20 +4067,21 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_compile") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+        test -z "$ac_c_werror_flag" ||
+        test ! -s conftest.err
+        } && test -s conftest.$ac_objext; then
+   smart_include="-I$try"
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+       smart_include=
+@@ -3462,14 +4096,14 @@ rm -f core conftest.err conftest.$ac_obj
+ fi
+ if test "x$smart_include" != "x"; then
+-  { echo "$as_me:$LINENO: result: yes" >&5
+-echo "${ECHO_T}yes" >&6; }
++  { $as_echo "$as_me:$LINENO: result: yes" >&5
++$as_echo "yes" >&6; }
+   eval "ac_cv_header_$ac_safe=yes"
+   CFLAGS="$old_CFLAGS $smart_include"
+   SMART_CFLAGS="$SMART_CFLAGS $smart_include"
+ else
+-  { echo "$as_me:$LINENO: result: no" >&5
+-echo "${ECHO_T}no" >&6; }
++  { $as_echo "$as_me:$LINENO: result: no" >&5
++$as_echo "no" >&6; }
+ fi
+       if test "$ac_cv_header_ldap_h" != "yes"; then
+@@ -3478,10 +4112,10 @@ fi
+       if test "x$fail" = "x"; then
+-          { echo "$as_me:$LINENO: checking for ldap_start_tls_s" >&5
+-echo $ECHO_N "checking for ldap_start_tls_s... $ECHO_C" >&6; }
++          { $as_echo "$as_me:$LINENO: checking for ldap_start_tls_s" >&5
++$as_echo_n "checking for ldap_start_tls_s... " >&6; }
+ if test "${ac_cv_func_ldap_start_tls_s+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+@@ -3534,39 +4168,43 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+        test -z "$ac_c_werror_flag" ||
+        test ! -s conftest.err
+-       } && test -s conftest$ac_exeext &&
+-       $as_test_x conftest$ac_exeext; then
++       } && test -s conftest$ac_exeext && {
++       test "$cross_compiling" = yes ||
++       $as_test_x conftest$ac_exeext
++       }; then
+   ac_cv_func_ldap_start_tls_s=yes
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+       ac_cv_func_ldap_start_tls_s=no
+ fi
++rm -rf conftest.dSYM
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+       conftest$ac_exeext conftest.$ac_ext
+ fi
+-{ echo "$as_me:$LINENO: result: $ac_cv_func_ldap_start_tls_s" >&5
+-echo "${ECHO_T}$ac_cv_func_ldap_start_tls_s" >&6; }
+-if test $ac_cv_func_ldap_start_tls_s = yes; then
++{ $as_echo "$as_me:$LINENO: result: $ac_cv_func_ldap_start_tls_s" >&5
++$as_echo "$ac_cv_func_ldap_start_tls_s" >&6; }
++if test "x$ac_cv_func_ldap_start_tls_s" = x""yes; then
+    SMART_CFLAGS="$SMART_CFLAGS -DHAVE_LDAP_START_TLS"
+ fi
+-          { echo "$as_me:$LINENO: checking for ldap_initialize" >&5
+-echo $ECHO_N "checking for ldap_initialize... $ECHO_C" >&6; }
++          { $as_echo "$as_me:$LINENO: checking for ldap_initialize" >&5
++$as_echo_n "checking for ldap_initialize... " >&6; }
+ if test "${ac_cv_func_ldap_initialize+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+@@ -3619,39 +4257,43 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+        test -z "$ac_c_werror_flag" ||
+        test ! -s conftest.err
+-       } && test -s conftest$ac_exeext &&
+-       $as_test_x conftest$ac_exeext; then
++       } && test -s conftest$ac_exeext && {
++       test "$cross_compiling" = yes ||
++       $as_test_x conftest$ac_exeext
++       }; then
+   ac_cv_func_ldap_initialize=yes
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+       ac_cv_func_ldap_initialize=no
+ fi
++rm -rf conftest.dSYM
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+       conftest$ac_exeext conftest.$ac_ext
+ fi
+-{ echo "$as_me:$LINENO: result: $ac_cv_func_ldap_initialize" >&5
+-echo "${ECHO_T}$ac_cv_func_ldap_initialize" >&6; }
+-if test $ac_cv_func_ldap_initialize = yes; then
++{ $as_echo "$as_me:$LINENO: result: $ac_cv_func_ldap_initialize" >&5
++$as_echo "$ac_cv_func_ldap_initialize" >&6; }
++if test "x$ac_cv_func_ldap_initialize" = x""yes; then
+    SMART_CFLAGS="$SMART_CFLAGS -DHAVE_LDAP_INITIALIZE"
+ fi
+-          { echo "$as_me:$LINENO: checking for ldap_int_tls_config" >&5
+-echo $ECHO_N "checking for ldap_int_tls_config... $ECHO_C" >&6; }
++          { $as_echo "$as_me:$LINENO: checking for ldap_int_tls_config" >&5
++$as_echo_n "checking for ldap_int_tls_config... " >&6; }
+ if test "${ac_cv_func_ldap_int_tls_config+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+@@ -3704,32 +4346,36 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+        test -z "$ac_c_werror_flag" ||
+        test ! -s conftest.err
+-       } && test -s conftest$ac_exeext &&
+-       $as_test_x conftest$ac_exeext; then
++       } && test -s conftest$ac_exeext && {
++       test "$cross_compiling" = yes ||
++       $as_test_x conftest$ac_exeext
++       }; then
+   ac_cv_func_ldap_int_tls_config=yes
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+       ac_cv_func_ldap_int_tls_config=no
+ fi
++rm -rf conftest.dSYM
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+       conftest$ac_exeext conftest.$ac_ext
+ fi
+-{ echo "$as_me:$LINENO: result: $ac_cv_func_ldap_int_tls_config" >&5
+-echo "${ECHO_T}$ac_cv_func_ldap_int_tls_config" >&6; }
+-if test $ac_cv_func_ldap_int_tls_config = yes; then
++{ $as_echo "$as_me:$LINENO: result: $ac_cv_func_ldap_int_tls_config" >&5
++$as_echo "$ac_cv_func_ldap_int_tls_config" >&6; }
++if test "x$ac_cv_func_ldap_int_tls_config" = x""yes; then
+    SMART_CFLAGS="$SMART_CFLAGS -DHAVE_LDAP_INT_TLS_CONFIG"
+ fi
+@@ -3738,11 +4384,11 @@ fi
+ for ac_func in ldap_set_rebind_proc
+ do
+-as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
+-{ echo "$as_me:$LINENO: checking for $ac_func" >&5
+-echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; }
++as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
++{ $as_echo "$as_me:$LINENO: checking for $ac_func" >&5
++$as_echo_n "checking for $ac_func... " >&6; }
+ if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+@@ -3795,44 +4441,51 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+        test -z "$ac_c_werror_flag" ||
+        test ! -s conftest.err
+-       } && test -s conftest$ac_exeext &&
+-       $as_test_x conftest$ac_exeext; then
++       } && test -s conftest$ac_exeext && {
++       test "$cross_compiling" = yes ||
++       $as_test_x conftest$ac_exeext
++       }; then
+   eval "$as_ac_var=yes"
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+       eval "$as_ac_var=no"
+ fi
++rm -rf conftest.dSYM
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+       conftest$ac_exeext conftest.$ac_ext
+ fi
+-ac_res=`eval echo '${'$as_ac_var'}'`
+-             { echo "$as_me:$LINENO: result: $ac_res" >&5
+-echo "${ECHO_T}$ac_res" >&6; }
+-if test `eval echo '${'$as_ac_var'}'` = yes; then
++ac_res=`eval 'as_val=${'$as_ac_var'}
++               $as_echo "$as_val"'`
++             { $as_echo "$as_me:$LINENO: result: $ac_res" >&5
++$as_echo "$ac_res" >&6; }
++as_val=`eval 'as_val=${'$as_ac_var'}
++               $as_echo "$as_val"'`
++   if test "x$as_val" = x""yes; then
+   cat >>confdefs.h <<_ACEOF
+-#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
++#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
+ _ACEOF
+ fi
+ done
+-        { echo "$as_me:$LINENO: checking whether ldap_set_rebind_proc takes 3 arguments" >&5
+-echo $ECHO_N "checking whether ldap_set_rebind_proc takes 3 arguments... $ECHO_C" >&6; }
++        { $as_echo "$as_me:$LINENO: checking whether ldap_set_rebind_proc takes 3 arguments" >&5
++$as_echo_n "checking whether ldap_set_rebind_proc takes 3 arguments... " >&6; }
+ if test "${ac_cv_ldap_set_rebind_proc+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+         cat >conftest.$ac_ext <<_ACEOF
+@@ -3858,20 +4511,21 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_compile") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+        test -z "$ac_c_werror_flag" ||
+        test ! -s conftest.err
+        } && test -s conftest.$ac_objext; then
+   ac_cv_ldap_set_rebind_proc=3
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+       ac_cv_ldap_set_rebind_proc=2
+@@ -3879,8 +4533,8 @@ fi
+ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ fi
+-{ echo "$as_me:$LINENO: result: $ac_cv_ldap_set_rebind_proc" >&5
+-echo "${ECHO_T}$ac_cv_ldap_set_rebind_proc" >&6; }
++{ $as_echo "$as_me:$LINENO: result: $ac_cv_ldap_set_rebind_proc" >&5
++$as_echo "$ac_cv_ldap_set_rebind_proc" >&6; }
+       fi
+       targetname=rlm_ldap
+@@ -3891,21 +4545,21 @@ fi
+ if test x"$fail" != x""; then
+       if test x"${enable_strict_dependencies}" = x"yes"; then
+-              { { echo "$as_me:$LINENO: error: set --without-rlm_ldap to disable it explicitly." >&5
+-echo "$as_me: error: set --without-rlm_ldap to disable it explicitly." >&2;}
++              { { $as_echo "$as_me:$LINENO: error: set --without-rlm_ldap to disable it explicitly." >&5
++$as_echo "$as_me: error: set --without-rlm_ldap to disable it explicitly." >&2;}
+    { (exit 1); exit 1; }; }
+       else
+-              { echo "$as_me:$LINENO: WARNING: silently not building rlm_ldap." >&5
+-echo "$as_me: WARNING: silently not building rlm_ldap." >&2;}
+-              { echo "$as_me:$LINENO: WARNING: FAILURE: rlm_ldap requires: $fail." >&5
+-echo "$as_me: WARNING: FAILURE: rlm_ldap requires: $fail." >&2;}
++              { $as_echo "$as_me:$LINENO: WARNING: silently not building rlm_ldap." >&5
++$as_echo "$as_me: WARNING: silently not building rlm_ldap." >&2;}
++              { $as_echo "$as_me:$LINENO: WARNING: FAILURE: rlm_ldap requires: $fail." >&5
++$as_echo "$as_me: WARNING: FAILURE: rlm_ldap requires: $fail." >&2;}
+               if test x"$headersuggestion" != x; then
+-                      { echo "$as_me:$LINENO: WARNING: $headersuggestion" >&5
+-echo "$as_me: WARNING: $headersuggestion" >&2;}
++                      { $as_echo "$as_me:$LINENO: WARNING: $headersuggestion" >&5
++$as_echo "$as_me: WARNING: $headersuggestion" >&2;}
+               fi
+               if test x"$libsuggestion" != x; then
+-                      { echo "$as_me:$LINENO: WARNING: $libsuggestion" >&5
+-echo "$as_me: WARNING: $libsuggestion" >&2;}
++                      { $as_echo "$as_me:$LINENO: WARNING: $libsuggestion" >&5
++$as_echo "$as_me: WARNING: $libsuggestion" >&2;}
+               fi
+               targetname=""
+       fi
+@@ -3966,11 +4620,12 @@ _ACEOF
+     case $ac_val in #(
+     *${as_nl}*)
+       case $ac_var in #(
+-      *_cv_*) { echo "$as_me:$LINENO: WARNING: Cache variable $ac_var contains a newline." >&5
+-echo "$as_me: WARNING: Cache variable $ac_var contains a newline." >&2;} ;;
++      *_cv_*) { $as_echo "$as_me:$LINENO: WARNING: cache variable $ac_var contains a newline" >&5
++$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;;
+       esac
+       case $ac_var in #(
+       _ | IFS | as_nl) ;; #(
++      BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #(
+       *) $as_unset $ac_var ;;
+       esac ;;
+     esac
+@@ -4003,12 +4658,12 @@ echo "$as_me: WARNING: Cache variable $a
+ if diff "$cache_file" confcache >/dev/null 2>&1; then :; else
+   if test -w "$cache_file"; then
+     test "x$cache_file" != "x/dev/null" &&
+-      { echo "$as_me:$LINENO: updating cache $cache_file" >&5
+-echo "$as_me: updating cache $cache_file" >&6;}
++      { $as_echo "$as_me:$LINENO: updating cache $cache_file" >&5
++$as_echo "$as_me: updating cache $cache_file" >&6;}
+     cat confcache >$cache_file
+   else
+-    { echo "$as_me:$LINENO: not updating unwritable cache $cache_file" >&5
+-echo "$as_me: not updating unwritable cache $cache_file" >&6;}
++    { $as_echo "$as_me:$LINENO: not updating unwritable cache $cache_file" >&5
++$as_echo "$as_me: not updating unwritable cache $cache_file" >&6;}
+   fi
+ fi
+ rm -f confcache
+@@ -4025,6 +4680,12 @@ test "x$exec_prefix" = xNONE && exec_pre
+ # take arguments), then branch to the quote section.  Otherwise,
+ # look for a macro that doesn't take arguments.
+ ac_script='
++:mline
++/\\$/{
++ N
++ s,\\\n,,
++ b mline
++}
+ t clear
+ :clear
+ s/^[   ]*#[    ]*define[       ][      ]*\([^  (][^    (]*([^)]*)\)[   ]*\(.*\)/-D\1=\2/g
+@@ -4054,7 +4715,7 @@ ac_ltlibobjs=
+ for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue
+   # 1. Remove the extension, and $U if already installed.
+   ac_script='s/\$U\././;s/\.o$//;s/\.obj$//'
+-  ac_i=`echo "$ac_i" | sed "$ac_script"`
++  ac_i=`$as_echo "$ac_i" | sed "$ac_script"`
+   # 2. Prepend LIBOBJDIR.  When used with automake>=1.10 LIBOBJDIR
+   #    will be set to the directory where LIBOBJS objects are built.
+   ac_libobjs="$ac_libobjs \${LIBOBJDIR}$ac_i\$U.$ac_objext"
+@@ -4067,11 +4728,12 @@ LTLIBOBJS=$ac_ltlibobjs
+ : ${CONFIG_STATUS=./config.status}
++ac_write_fail=0
+ ac_clean_files_save=$ac_clean_files
+ ac_clean_files="$ac_clean_files $CONFIG_STATUS"
+-{ echo "$as_me:$LINENO: creating $CONFIG_STATUS" >&5
+-echo "$as_me: creating $CONFIG_STATUS" >&6;}
+-cat >$CONFIG_STATUS <<_ACEOF
++{ $as_echo "$as_me:$LINENO: creating $CONFIG_STATUS" >&5
++$as_echo "$as_me: creating $CONFIG_STATUS" >&6;}
++cat >$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+ #! $SHELL
+ # Generated by $as_me.
+ # Run this file to recreate the current configuration.
+@@ -4084,7 +4746,7 @@ ac_cs_silent=false
+ SHELL=\${CONFIG_SHELL-$SHELL}
+ _ACEOF
+-cat >>$CONFIG_STATUS <<\_ACEOF
++cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+ ## --------------------- ##
+ ## M4sh Initialization.  ##
+ ## --------------------- ##
+@@ -4094,7 +4756,7 @@ DUALCASE=1; export DUALCASE # for MKS sh
+ if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then
+   emulate sh
+   NULLCMD=:
+-  # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which
++  # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
+   # is contrary to our usage.  Disable this feature.
+   alias -g '${1+"$@"}'='"$@"'
+   setopt NO_GLOB_SUBST
+@@ -4116,17 +4778,45 @@ as_cr_Letters=$as_cr_letters$as_cr_LETTE
+ as_cr_digits='0123456789'
+ as_cr_alnum=$as_cr_Letters$as_cr_digits
+-# The user is always right.
+-if test "${PATH_SEPARATOR+set}" != set; then
+-  echo "#! /bin/sh" >conf$$.sh
+-  echo  "exit 0"   >>conf$$.sh
+-  chmod +x conf$$.sh
+-  if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then
+-    PATH_SEPARATOR=';'
++as_nl='
++'
++export as_nl
++# Printing a long string crashes Solaris 7 /usr/bin/printf.
++as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
++as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo
++as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo
++if (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then
++  as_echo='printf %s\n'
++  as_echo_n='printf %s'
++else
++  if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then
++    as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"'
++    as_echo_n='/usr/ucb/echo -n'
+   else
+-    PATH_SEPARATOR=:
++    as_echo_body='eval expr "X$1" : "X\\(.*\\)"'
++    as_echo_n_body='eval
++      arg=$1;
++      case $arg in
++      *"$as_nl"*)
++      expr "X$arg" : "X\\(.*\\)$as_nl";
++      arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;;
++      esac;
++      expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl"
++    '
++    export as_echo_n_body
++    as_echo_n='sh -c $as_echo_n_body as_echo'
+   fi
+-  rm -f conf$$.sh
++  export as_echo_body
++  as_echo='sh -c $as_echo_body as_echo'
++fi
++
++# The user is always right.
++if test "${PATH_SEPARATOR+set}" != set; then
++  PATH_SEPARATOR=:
++  (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && {
++    (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 ||
++      PATH_SEPARATOR=';'
++  }
+ fi
+ # Support unset when possible.
+@@ -4142,8 +4832,6 @@ fi
+ # there to prevent editors from complaining about space-tab.
+ # (If _AS_PATH_WALK were called with IFS unset, it would disable word
+ # splitting by setting IFS to empty value.)
+-as_nl='
+-'
+ IFS=" ""      $as_nl"
+ # Find who we are.  Look in the path if we contain no directory separator.
+@@ -4166,7 +4854,7 @@ if test "x$as_myself" = x; then
+   as_myself=$0
+ fi
+ if test ! -f "$as_myself"; then
+-  echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
++  $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
+   { (exit 1); exit 1; }
+ fi
+@@ -4179,17 +4867,10 @@ PS2='> '
+ PS4='+ '
+ # NLS nuisances.
+-for as_var in \
+-  LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \
+-  LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \
+-  LC_TELEPHONE LC_TIME
+-do
+-  if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then
+-    eval $as_var=C; export $as_var
+-  else
+-    ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var
+-  fi
+-done
++LC_ALL=C
++export LC_ALL
++LANGUAGE=C
++export LANGUAGE
+ # Required to use basename.
+ if expr a : '\(a\)' >/dev/null 2>&1 &&
+@@ -4211,7 +4892,7 @@ as_me=`$as_basename -- "$0" ||
+ $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
+        X"$0" : 'X\(//\)$' \| \
+        X"$0" : 'X\(/\)' \| . 2>/dev/null ||
+-echo X/"$0" |
++$as_echo X/"$0" |
+     sed '/^.*\/\([^/][^/]*\)\/*$/{
+           s//\1/
+           q
+@@ -4262,7 +4943,7 @@ $as_unset CDPATH
+       s/-\n.*//
+     ' >$as_me.lineno &&
+   chmod +x "$as_me.lineno" ||
+-    { echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2
++    { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2
+    { (exit 1); exit 1; }; }
+   # Don't try to exec as it changes $[0], causing all sort of problems
+@@ -4290,7 +4971,6 @@ case `echo -n x` in
+ *)
+   ECHO_N='-n';;
+ esac
+-
+ if expr a : '\(a\)' >/dev/null 2>&1 &&
+    test "X`expr 00001 : '.*\(...\)'`" = X001; then
+   as_expr=expr
+@@ -4303,19 +4983,22 @@ if test -d conf$$.dir; then
+   rm -f conf$$.dir/conf$$.file
+ else
+   rm -f conf$$.dir
+-  mkdir conf$$.dir
++  mkdir conf$$.dir 2>/dev/null
+ fi
+-echo >conf$$.file
+-if ln -s conf$$.file conf$$ 2>/dev/null; then
+-  as_ln_s='ln -s'
+-  # ... but there are two gotchas:
+-  # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
+-  # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
+-  # In both cases, we have to default to `cp -p'.
+-  ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
++if (echo >conf$$.file) 2>/dev/null; then
++  if ln -s conf$$.file conf$$ 2>/dev/null; then
++    as_ln_s='ln -s'
++    # ... but there are two gotchas:
++    # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
++    # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
++    # In both cases, we have to default to `cp -p'.
++    ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
++      as_ln_s='cp -p'
++  elif ln conf$$.file conf$$ 2>/dev/null; then
++    as_ln_s=ln
++  else
+     as_ln_s='cp -p'
+-elif ln conf$$.file conf$$ 2>/dev/null; then
+-  as_ln_s=ln
++  fi
+ else
+   as_ln_s='cp -p'
+ fi
+@@ -4340,10 +5023,10 @@ else
+   as_test_x='
+     eval sh -c '\''
+       if test -d "$1"; then
+-        test -d "$1/.";
++      test -d "$1/.";
+       else
+       case $1 in
+-        -*)set "./$1";;
++      -*)set "./$1";;
+       esac;
+       case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in
+       ???[sx]*):;;*)false;;esac;fi
+@@ -4366,7 +5049,7 @@ exec 6>&1
+ # values after options handling.
+ ac_log="
+ This file was extended by $as_me, which was
+-generated by GNU Autoconf 2.61.  Invocation command line was
++generated by GNU Autoconf 2.63.  Invocation command line was
+   CONFIG_FILES    = $CONFIG_FILES
+   CONFIG_HEADERS  = $CONFIG_HEADERS
+@@ -4379,26 +5062,33 @@ on `(hostname || uname -n) 2>/dev/null |
+ _ACEOF
+-cat >>$CONFIG_STATUS <<_ACEOF
++case $ac_config_files in *"
++"*) set x $ac_config_files; shift; ac_config_files=$*;;
++esac
++
++
++
++cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+ # Files that config.status was made for.
+ config_files="$ac_config_files"
+ _ACEOF
+-cat >>$CONFIG_STATUS <<\_ACEOF
++cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+ ac_cs_usage="\
+ \`$as_me' instantiates files from templates according to the
+ current configuration.
+-Usage: $0 [OPTIONS] [FILE]...
++Usage: $0 [OPTION]... [FILE]...
+   -h, --help       print this help, then exit
+   -V, --version    print version number and configuration settings, then exit
+-  -q, --quiet      do not print progress messages
++  -q, --quiet, --silent
++                   do not print progress messages
+   -d, --debug      don't remove temporary files
+       --recheck    update $as_me by reconfiguring in the same conditions
+-  --file=FILE[:TEMPLATE]
+-                 instantiate the configuration file FILE
++      --file=FILE[:TEMPLATE]
++                   instantiate the configuration file FILE
+ Configuration files:
+ $config_files
+@@ -4406,23 +5096,23 @@ $config_files
+ Report bugs to <bug-autoconf@gnu.org>."
+ _ACEOF
+-cat >>$CONFIG_STATUS <<_ACEOF
++cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+ ac_cs_version="\\
+ config.status
+-configured by $0, generated by GNU Autoconf 2.61,
+-  with options \\"`echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\"
++configured by $0, generated by GNU Autoconf 2.63,
++  with options \\"`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\"
+-Copyright (C) 2006 Free Software Foundation, Inc.
++Copyright (C) 2008 Free Software Foundation, Inc.
+ This config.status script is free software; the Free Software Foundation
+ gives unlimited permission to copy, distribute and modify it."
+ ac_pwd='$ac_pwd'
+ srcdir='$srcdir'
++test -n "\$AWK" || AWK=awk
+ _ACEOF
+-cat >>$CONFIG_STATUS <<\_ACEOF
+-# If no file are specified by the user, then we need to provide default
+-# value.  By we need to know if files were specified by the user.
++cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
++# The default lists apply if the user does not specify any file.
+ ac_need_defaults=:
+ while test $# != 0
+ do
+@@ -4444,21 +5134,24 @@ do
+   -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r)
+     ac_cs_recheck=: ;;
+   --version | --versio | --versi | --vers | --ver | --ve | --v | -V )
+-    echo "$ac_cs_version"; exit ;;
++    $as_echo "$ac_cs_version"; exit ;;
+   --debug | --debu | --deb | --de | --d | -d )
+     debug=: ;;
+   --file | --fil | --fi | --f )
+     $ac_shift
+-    CONFIG_FILES="$CONFIG_FILES $ac_optarg"
++    case $ac_optarg in
++    *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;;
++    esac
++    CONFIG_FILES="$CONFIG_FILES '$ac_optarg'"
+     ac_need_defaults=false;;
+   --he | --h |  --help | --hel | -h )
+-    echo "$ac_cs_usage"; exit ;;
++    $as_echo "$ac_cs_usage"; exit ;;
+   -q | -quiet | --quiet | --quie | --qui | --qu | --q \
+   | -silent | --silent | --silen | --sile | --sil | --si | --s)
+     ac_cs_silent=: ;;
+   # This is an error.
+-  -*) { echo "$as_me: error: unrecognized option: $1
++  -*) { $as_echo "$as_me: error: unrecognized option: $1
+ Try \`$0 --help' for more information." >&2
+    { (exit 1); exit 1; }; } ;;
+@@ -4477,30 +5170,32 @@ if $ac_cs_silent; then
+ fi
+ _ACEOF
+-cat >>$CONFIG_STATUS <<_ACEOF
++cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+ if \$ac_cs_recheck; then
+-  echo "running CONFIG_SHELL=$SHELL $SHELL $0 "$ac_configure_args \$ac_configure_extra_args " --no-create --no-recursion" >&6
+-  CONFIG_SHELL=$SHELL
++  set X '$SHELL' '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion
++  shift
++  \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6
++  CONFIG_SHELL='$SHELL'
+   export CONFIG_SHELL
+-  exec $SHELL "$0"$ac_configure_args \$ac_configure_extra_args --no-create --no-recursion
++  exec "\$@"
+ fi
+ _ACEOF
+-cat >>$CONFIG_STATUS <<\_ACEOF
++cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+ exec 5>>config.log
+ {
+   echo
+   sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX
+ ## Running $as_me. ##
+ _ASBOX
+-  echo "$ac_log"
++  $as_echo "$ac_log"
+ } >&5
+ _ACEOF
+-cat >>$CONFIG_STATUS <<_ACEOF
++cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+ _ACEOF
+-cat >>$CONFIG_STATUS <<\_ACEOF
++cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+ # Handling of arguments.
+ for ac_config_target in $ac_config_targets
+@@ -4508,8 +5203,8 @@ do
+   case $ac_config_target in
+     "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;;
+-  *) { { echo "$as_me:$LINENO: error: invalid argument: $ac_config_target" >&5
+-echo "$as_me: error: invalid argument: $ac_config_target" >&2;}
++  *) { { $as_echo "$as_me:$LINENO: error: invalid argument: $ac_config_target" >&5
++$as_echo "$as_me: error: invalid argument: $ac_config_target" >&2;}
+    { (exit 1); exit 1; }; };;
+   esac
+ done
+@@ -4548,114 +5243,143 @@ $debug ||
+   (umask 077 && mkdir "$tmp")
+ } ||
+ {
+-   echo "$me: cannot create a temporary directory in ." >&2
++   $as_echo "$as_me: cannot create a temporary directory in ." >&2
+    { (exit 1); exit 1; }
+ }
+-#
+-# Set up the sed scripts for CONFIG_FILES section.
+-#
+-
+-# No need to generate the scripts if there are no CONFIG_FILES.
+-# This happens for instance when ./config.status config.h
++# Set up the scripts for CONFIG_FILES section.
++# No need to generate them if there are no CONFIG_FILES.
++# This happens for instance with `./config.status config.h'.
+ if test -n "$CONFIG_FILES"; then
+-_ACEOF
++ac_cr='\r'
++ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' </dev/null 2>/dev/null`
++if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then
++  ac_cs_awk_cr='\\r'
++else
++  ac_cs_awk_cr=$ac_cr
++fi
++
++echo 'BEGIN {' >"$tmp/subs1.awk" &&
++_ACEOF
++{
++  echo "cat >conf$$subs.awk <<_ACEOF" &&
++  echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' &&
++  echo "_ACEOF"
++} >conf$$subs.sh ||
++  { { $as_echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5
++$as_echo "$as_me: error: could not make $CONFIG_STATUS" >&2;}
++   { (exit 1); exit 1; }; }
++ac_delim_num=`echo "$ac_subst_vars" | grep -c '$'`
+ ac_delim='%!_!# '
+ for ac_last_try in false false false false false :; do
+-  cat >conf$$subs.sed <<_ACEOF
+-SHELL!$SHELL$ac_delim
+-PATH_SEPARATOR!$PATH_SEPARATOR$ac_delim
+-PACKAGE_NAME!$PACKAGE_NAME$ac_delim
+-PACKAGE_TARNAME!$PACKAGE_TARNAME$ac_delim
+-PACKAGE_VERSION!$PACKAGE_VERSION$ac_delim
+-PACKAGE_STRING!$PACKAGE_STRING$ac_delim
+-PACKAGE_BUGREPORT!$PACKAGE_BUGREPORT$ac_delim
+-exec_prefix!$exec_prefix$ac_delim
+-prefix!$prefix$ac_delim
+-program_transform_name!$program_transform_name$ac_delim
+-bindir!$bindir$ac_delim
+-sbindir!$sbindir$ac_delim
+-libexecdir!$libexecdir$ac_delim
+-datarootdir!$datarootdir$ac_delim
+-datadir!$datadir$ac_delim
+-sysconfdir!$sysconfdir$ac_delim
+-sharedstatedir!$sharedstatedir$ac_delim
+-localstatedir!$localstatedir$ac_delim
+-includedir!$includedir$ac_delim
+-oldincludedir!$oldincludedir$ac_delim
+-docdir!$docdir$ac_delim
+-infodir!$infodir$ac_delim
+-htmldir!$htmldir$ac_delim
+-dvidir!$dvidir$ac_delim
+-pdfdir!$pdfdir$ac_delim
+-psdir!$psdir$ac_delim
+-libdir!$libdir$ac_delim
+-localedir!$localedir$ac_delim
+-mandir!$mandir$ac_delim
+-DEFS!$DEFS$ac_delim
+-ECHO_C!$ECHO_C$ac_delim
+-ECHO_N!$ECHO_N$ac_delim
+-ECHO_T!$ECHO_T$ac_delim
+-LIBS!$LIBS$ac_delim
+-build_alias!$build_alias$ac_delim
+-host_alias!$host_alias$ac_delim
+-target_alias!$target_alias$ac_delim
+-CC!$CC$ac_delim
+-CFLAGS!$CFLAGS$ac_delim
+-LDFLAGS!$LDFLAGS$ac_delim
+-CPPFLAGS!$CPPFLAGS$ac_delim
+-ac_ct_CC!$ac_ct_CC$ac_delim
+-EXEEXT!$EXEEXT$ac_delim
+-OBJEXT!$OBJEXT$ac_delim
+-edir!$edir$ac_delim
+-ldap_ldflags!$ldap_ldflags$ac_delim
+-ldap_cflags!$ldap_cflags$ac_delim
+-targetname!$targetname$ac_delim
+-LIBOBJS!$LIBOBJS$ac_delim
+-LTLIBOBJS!$LTLIBOBJS$ac_delim
+-_ACEOF
++  . ./conf$$subs.sh ||
++    { { $as_echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5
++$as_echo "$as_me: error: could not make $CONFIG_STATUS" >&2;}
++   { (exit 1); exit 1; }; }
+-  if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 50; then
++  ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X`
++  if test $ac_delim_n = $ac_delim_num; then
+     break
+   elif $ac_last_try; then
+-    { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5
+-echo "$as_me: error: could not make $CONFIG_STATUS" >&2;}
++    { { $as_echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5
++$as_echo "$as_me: error: could not make $CONFIG_STATUS" >&2;}
+    { (exit 1); exit 1; }; }
+   else
+     ac_delim="$ac_delim!$ac_delim _$ac_delim!! "
+   fi
+ done
++rm -f conf$$subs.sh
+-ac_eof=`sed -n '/^CEOF[0-9]*$/s/CEOF/0/p' conf$$subs.sed`
+-if test -n "$ac_eof"; then
+-  ac_eof=`echo "$ac_eof" | sort -nru | sed 1q`
+-  ac_eof=`expr $ac_eof + 1`
+-fi
+-
+-cat >>$CONFIG_STATUS <<_ACEOF
+-cat >"\$tmp/subs-1.sed" <<\CEOF$ac_eof
+-/@[a-zA-Z_][a-zA-Z_0-9]*@/!b end
+-_ACEOF
+-sed '
+-s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g
+-s/^/s,@/; s/!/@,|#_!!_#|/
+-:n
+-t n
+-s/'"$ac_delim"'$/,g/; t
+-s/$/\\/; p
+-N; s/^.*\n//; s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g; b n
+-' >>$CONFIG_STATUS <conf$$subs.sed
+-rm -f conf$$subs.sed
+-cat >>$CONFIG_STATUS <<_ACEOF
+-:end
+-s/|#_!!_#|//g
+-CEOF$ac_eof
++cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
++cat >>"\$tmp/subs1.awk" <<\\_ACAWK &&
+ _ACEOF
++sed -n '
++h
++s/^/S["/; s/!.*/"]=/
++p
++g
++s/^[^!]*!//
++:repl
++t repl
++s/'"$ac_delim"'$//
++t delim
++:nl
++h
++s/\(.\{148\}\).*/\1/
++t more1
++s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/
++p
++n
++b repl
++:more1
++s/["\\]/\\&/g; s/^/"/; s/$/"\\/
++p
++g
++s/.\{148\}//
++t nl
++:delim
++h
++s/\(.\{148\}\).*/\1/
++t more2
++s/["\\]/\\&/g; s/^/"/; s/$/"/
++p
++b
++:more2
++s/["\\]/\\&/g; s/^/"/; s/$/"\\/
++p
++g
++s/.\{148\}//
++t delim
++' <conf$$subs.awk | sed '
++/^[^""]/{
++  N
++  s/\n//
++}
++' >>$CONFIG_STATUS || ac_write_fail=1
++rm -f conf$$subs.awk
++cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
++_ACAWK
++cat >>"\$tmp/subs1.awk" <<_ACAWK &&
++  for (key in S) S_is_set[key] = 1
++  FS = "\a"
++}
++{
++  line = $ 0
++  nfields = split(line, field, "@")
++  substed = 0
++  len = length(field[1])
++  for (i = 2; i < nfields; i++) {
++    key = field[i]
++    keylen = length(key)
++    if (S_is_set[key]) {
++      value = S[key]
++      line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3)
++      len += length(value) + length(field[++i])
++      substed = 1
++    } else
++      len += 1 + keylen
++  }
++
++  print line
++}
++
++_ACAWK
++_ACEOF
++cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
++if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then
++  sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g"
++else
++  cat
++fi < "$tmp/subs1.awk" > "$tmp/subs.awk" \
++  || { { $as_echo "$as_me:$LINENO: error: could not setup config files machinery" >&5
++$as_echo "$as_me: error: could not setup config files machinery" >&2;}
++   { (exit 1); exit 1; }; }
++_ACEOF
+ # VPATH may cause trouble with some makes, so we remove $(srcdir),
+ # ${srcdir} and @srcdir@ from VPATH if srcdir is ".", strip leading and
+@@ -4672,19 +5396,21 @@ s/^[^=]*=[      ]*$//
+ }'
+ fi
+-cat >>$CONFIG_STATUS <<\_ACEOF
++cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+ fi # test -n "$CONFIG_FILES"
+-for ac_tag in  :F $CONFIG_FILES
++eval set X "  :F $CONFIG_FILES      "
++shift
++for ac_tag
+ do
+   case $ac_tag in
+   :[FHLC]) ac_mode=$ac_tag; continue;;
+   esac
+   case $ac_mode$ac_tag in
+   :[FHL]*:*);;
+-  :L* | :C*:*) { { echo "$as_me:$LINENO: error: Invalid tag $ac_tag." >&5
+-echo "$as_me: error: Invalid tag $ac_tag." >&2;}
++  :L* | :C*:*) { { $as_echo "$as_me:$LINENO: error: invalid tag $ac_tag" >&5
++$as_echo "$as_me: error: invalid tag $ac_tag" >&2;}
+    { (exit 1); exit 1; }; };;
+   :[FH]-) ac_tag=-:-;;
+   :[FH]*) ac_tag=$ac_tag:$ac_tag.in;;
+@@ -4713,26 +5439,38 @@ echo "$as_me: error: Invalid tag $ac_tag
+          [\\/$]*) false;;
+          *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";;
+          esac ||
+-         { { echo "$as_me:$LINENO: error: cannot find input file: $ac_f" >&5
+-echo "$as_me: error: cannot find input file: $ac_f" >&2;}
++         { { $as_echo "$as_me:$LINENO: error: cannot find input file: $ac_f" >&5
++$as_echo "$as_me: error: cannot find input file: $ac_f" >&2;}
+    { (exit 1); exit 1; }; };;
+       esac
+-      ac_file_inputs="$ac_file_inputs $ac_f"
++      case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac
++      ac_file_inputs="$ac_file_inputs '$ac_f'"
+     done
+     # Let's still pretend it is `configure' which instantiates (i.e., don't
+     # use $as_me), people would be surprised to read:
+     #    /* config.h.  Generated by config.status.  */
+-    configure_input="Generated from "`IFS=:
+-        echo $* | sed 's|^[^:]*/||;s|:[^:]*/|, |g'`" by configure."
++    configure_input='Generated from '`
++        $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g'
++      `' by configure.'
+     if test x"$ac_file" != x-; then
+       configure_input="$ac_file.  $configure_input"
+-      { echo "$as_me:$LINENO: creating $ac_file" >&5
+-echo "$as_me: creating $ac_file" >&6;}
++      { $as_echo "$as_me:$LINENO: creating $ac_file" >&5
++$as_echo "$as_me: creating $ac_file" >&6;}
+     fi
++    # Neutralize special characters interpreted by sed in replacement strings.
++    case $configure_input in #(
++    *\&* | *\|* | *\\* )
++       ac_sed_conf_input=`$as_echo "$configure_input" |
++       sed 's/[\\\\&|]/\\\\&/g'`;; #(
++    *) ac_sed_conf_input=$configure_input;;
++    esac
+     case $ac_tag in
+-    *:-:* | *:-) cat >"$tmp/stdin";;
++    *:-:* | *:-) cat >"$tmp/stdin" \
++      || { { $as_echo "$as_me:$LINENO: error: could not create $ac_file" >&5
++$as_echo "$as_me: error: could not create $ac_file" >&2;}
++   { (exit 1); exit 1; }; } ;;
+     esac
+     ;;
+   esac
+@@ -4742,7 +5480,7 @@ $as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^
+        X"$ac_file" : 'X\(//\)[^/]' \| \
+        X"$ac_file" : 'X\(//\)$' \| \
+        X"$ac_file" : 'X\(/\)' \| . 2>/dev/null ||
+-echo X"$ac_file" |
++$as_echo X"$ac_file" |
+     sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+           s//\1/
+           q
+@@ -4768,7 +5506,7 @@ echo X"$ac_file" |
+     as_dirs=
+     while :; do
+       case $as_dir in #(
+-      *\'*) as_qdir=`echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #(
++      *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'(
+       *) as_qdir=$as_dir;;
+       esac
+       as_dirs="'$as_qdir' $as_dirs"
+@@ -4777,7 +5515,7 @@ $as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/
+        X"$as_dir" : 'X\(//\)[^/]' \| \
+        X"$as_dir" : 'X\(//\)$' \| \
+        X"$as_dir" : 'X\(/\)' \| . 2>/dev/null ||
+-echo X"$as_dir" |
++$as_echo X"$as_dir" |
+     sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+           s//\1/
+           q
+@@ -4798,17 +5536,17 @@ echo X"$as_dir" |
+       test -d "$as_dir" && break
+     done
+     test -z "$as_dirs" || eval "mkdir $as_dirs"
+-  } || test -d "$as_dir" || { { echo "$as_me:$LINENO: error: cannot create directory $as_dir" >&5
+-echo "$as_me: error: cannot create directory $as_dir" >&2;}
++  } || test -d "$as_dir" || { { $as_echo "$as_me:$LINENO: error: cannot create directory $as_dir" >&5
++$as_echo "$as_me: error: cannot create directory $as_dir" >&2;}
+    { (exit 1); exit 1; }; }; }
+   ac_builddir=.
+ case "$ac_dir" in
+ .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;;
+ *)
+-  ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'`
++  ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'`
+   # A ".." for each directory in $ac_dir_suffix.
+-  ac_top_builddir_sub=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,/..,g;s,/,,'`
++  ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'`
+   case $ac_top_builddir_sub in
+   "") ac_top_builddir_sub=. ac_top_build_prefix= ;;
+   *)  ac_top_build_prefix=$ac_top_builddir_sub/ ;;
+@@ -4844,12 +5582,13 @@ ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_
+ _ACEOF
+-cat >>$CONFIG_STATUS <<\_ACEOF
++cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+ # If the template does not know about datarootdir, expand it.
+ # FIXME: This hack should be removed a few years after 2.60.
+ ac_datarootdir_hack=; ac_datarootdir_seen=
+-case `sed -n '/datarootdir/ {
++ac_sed_dataroot='
++/datarootdir/ {
+   p
+   q
+ }
+@@ -4858,13 +5597,14 @@ case `sed -n '/datarootdir/ {
+ /@infodir@/p
+ /@localedir@/p
+ /@mandir@/p
+-' $ac_file_inputs` in
++'
++case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in
+ *datarootdir*) ac_datarootdir_seen=yes;;
+ *@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*)
+-  { echo "$as_me:$LINENO: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5
+-echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;}
++  { $as_echo "$as_me:$LINENO: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5
++$as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;}
+ _ACEOF
+-cat >>$CONFIG_STATUS <<_ACEOF
++cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+   ac_datarootdir_hack='
+   s&@datadir@&$datadir&g
+   s&@docdir@&$docdir&g
+@@ -4878,15 +5618,16 @@ _ACEOF
+ # Neutralize VPATH when `$srcdir' = `.'.
+ # Shell code in configure.ac might set extrasub.
+ # FIXME: do we really want to maintain this feature?
+-cat >>$CONFIG_STATUS <<_ACEOF
+-  sed "$ac_vpsub
++cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
++ac_sed_extra="$ac_vpsub
+ $extrasub
+ _ACEOF
+-cat >>$CONFIG_STATUS <<\_ACEOF
++cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+ :t
+ /@[a-zA-Z_][a-zA-Z_0-9]*@/!b
+-s&@configure_input@&$configure_input&;t t
++s|@configure_input@|$ac_sed_conf_input|;t t
+ s&@top_builddir@&$ac_top_builddir_sub&;t t
++s&@top_build_prefix@&$ac_top_build_prefix&;t t
+ s&@srcdir@&$ac_srcdir&;t t
+ s&@abs_srcdir@&$ac_abs_srcdir&;t t
+ s&@top_srcdir@&$ac_top_srcdir&;t t
+@@ -4895,21 +5636,28 @@ s&@builddir@&$ac_builddir&;t t
+ s&@abs_builddir@&$ac_abs_builddir&;t t
+ s&@abs_top_builddir@&$ac_abs_top_builddir&;t t
+ $ac_datarootdir_hack
+-" $ac_file_inputs | sed -f "$tmp/subs-1.sed" >$tmp/out
++"
++eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$tmp/subs.awk" >$tmp/out \
++  || { { $as_echo "$as_me:$LINENO: error: could not create $ac_file" >&5
++$as_echo "$as_me: error: could not create $ac_file" >&2;}
++   { (exit 1); exit 1; }; }
+ test -z "$ac_datarootdir_hack$ac_datarootdir_seen" &&
+   { ac_out=`sed -n '/\${datarootdir}/p' "$tmp/out"`; test -n "$ac_out"; } &&
+   { ac_out=`sed -n '/^[        ]*datarootdir[  ]*:*=/p' "$tmp/out"`; test -z "$ac_out"; } &&
+-  { echo "$as_me:$LINENO: WARNING: $ac_file contains a reference to the variable \`datarootdir'
++  { $as_echo "$as_me:$LINENO: WARNING: $ac_file contains a reference to the variable \`datarootdir'
+ which seems to be undefined.  Please make sure it is defined." >&5
+-echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir'
++$as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir'
+ which seems to be undefined.  Please make sure it is defined." >&2;}
+   rm -f "$tmp/stdin"
+   case $ac_file in
+-  -) cat "$tmp/out"; rm -f "$tmp/out";;
+-  *) rm -f "$ac_file"; mv "$tmp/out" $ac_file;;
+-  esac
++  -) cat "$tmp/out" && rm -f "$tmp/out";;
++  *) rm -f "$ac_file" && mv "$tmp/out" "$ac_file";;
++  esac \
++  || { { $as_echo "$as_me:$LINENO: error: could not create $ac_file" >&5
++$as_echo "$as_me: error: could not create $ac_file" >&2;}
++   { (exit 1); exit 1; }; }
+  ;;
+@@ -4924,6 +5672,11 @@ _ACEOF
+ chmod +x $CONFIG_STATUS
+ ac_clean_files=$ac_clean_files_save
++test $ac_write_fail = 0 ||
++  { { $as_echo "$as_me:$LINENO: error: write failure creating $CONFIG_STATUS" >&5
++$as_echo "$as_me: error: write failure creating $CONFIG_STATUS" >&2;}
++   { (exit 1); exit 1; }; }
++
+ # configure is writing to config.log, and then calls config.status.
+ # config.status does its own redirection, appending to config.log.
+@@ -4945,5 +5698,9 @@ if test "$no_create" != yes; then
+   # would make configure fail if this is the last instruction.
+   $ac_cs_success || { (exit 1); exit 1; }
+ fi
++if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then
++  { $as_echo "$as_me:$LINENO: WARNING: unrecognized options: $ac_unrecognized_opts" >&5
++$as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;}
++fi
+Index: freeradius-server-2.2.7/src/modules/rlm_ldap/configure.in
+===================================================================
+--- freeradius-server-2.2.7.orig/src/modules/rlm_ldap/configure.in
++++ freeradius-server-2.2.7/src/modules/rlm_ldap/configure.in
+@@ -87,6 +87,9 @@ if test x$with_[]modname != xno; then
+                        )
+       fi
++      FR_SMART_CHECK_LIB(sasl, sasl_encode)
++      FR_SMART_CHECK_LIB(lber, ber_init)
++
+       dnl Try only "-lldap_r" or "-lldap"
+       dnl Static linking will probably not work, but nobody ever
+       dnl complained about it.
diff --git a/net/freeradius2/patches/008-honor_ccpflags.patch b/net/freeradius2/patches/008-honor_ccpflags.patch
new file mode 100644 (file)
index 0000000..7e6d81e
--- /dev/null
@@ -0,0 +1,17 @@
+Index: freeradius-server-2.2.7/src/modules/rules.mak
+===================================================================
+--- freeradius-server-2.2.7.orig/src/modules/rules.mak
++++ freeradius-server-2.2.7/src/modules/rules.mak
+@@ -63,10 +63,10 @@ $(LT_OBJS): $(SERVER_HEADERS)
+ #
+ #######################################################################
+ %.lo: %.c
+-      $(LIBTOOL) --mode=compile --tag=CC $(CC) $(CFLAGS) $(RLM_CFLAGS) -c $<
++      $(LIBTOOL) --mode=compile --tag=CC $(CC) $(CFLAGS) $(CPPFLAGS) $(RLM_CFLAGS) -c $<
+ %.lo: %.cpp
+-      $(LIBTOOL) --mode=compile --tag=CXX $(CXX) $(CFLAGS) $(RLM_CFLAGS) -c $<
++      $(LIBTOOL) --mode=compile --tag=CXX $(CXX) $(CFLAGS) $(CPPFLAGS) $(RLM_CFLAGS) -c $<
+ ifneq ($(TARGET),)
+ #######################################################################
diff --git a/net/freeradius2/patches/010-disbale-openssl-check.patch b/net/freeradius2/patches/010-disbale-openssl-check.patch
new file mode 100644 (file)
index 0000000..483221d
--- /dev/null
@@ -0,0 +1,40 @@
+Index: freeradius-server-2.2.7/configure.in
+===================================================================
+--- freeradius-server-2.2.7.orig/configure.in
++++ freeradius-server-2.2.7/configure.in
+@@ -820,35 +820,6 @@ if test "x$WITH_OPENSSL" = xyes; then
+     OPENSSL_INCLUDE="-DOPENSSL_NO_KRB5"
+   fi
+-  dnl #
+-  dnl #  Now check that the header versions match the library
+-  dnl #
+-  AC_MSG_CHECKING([OpenSSL library and header version consistency])
+-  AC_RUN_IFELSE(
+-    [AC_LANG_PROGRAM(
+-      [[
+-        #include <stdio.h>
+-        #include <openssl/opensslv.h>
+-        #include <openssl/crypto.h>
+-      ]],
+-      [[
+-        if (SSLeay() == OPENSSL_VERSION_NUMBER) {
+-          return 0;
+-        } else {
+-          printf("library: %lx header: %lx... ", (unsigned long) SSLeay(), (unsigned long) OPENSSL_VERSION_NUMBER);
+-          return 1;
+-        }
+-      ]]
+-    )],
+-    [
+-      AC_MSG_RESULT(yes)
+-    ],
+-    [
+-      AC_MSG_RESULT(no)
+-      AC_MSG_FAILURE([OpenSSL library version does not match header version])
+-    ]
+-  )
+-
+   if test "x$OPENSSL_LIBS" = x; then
+     LIBS=$old_LIBS
+     LDFLAGS="$old_LDFLAGS"
index 8598d8dd00cc4613f365ab2e2877558f6be4f4f9..387701262e07bf7029a6e81a92cfff45a57811fb 100644 (file)
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=git
-PKG_VERSION:=2.11.3
+PKG_VERSION:=2.11.0
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=@KERNEL/software/scm/git/
-PKG_HASH:=7343bbd489f59531d66bc086393f0d5f530b5175927c29fb97b07f9d2cbc31ac
+PKG_MD5SUM:=dd4e3360e28aec5bb902fb34dd7fce3b
 
 PKG_INSTALL:=1
 PKG_BUILD_PARALLEL:=1
index 830633f72d6e44e9adb422a83605a6f55af6a410..e4eb34a00a645f9961cac91c4eda82f3dc27e012 100644 (file)
@@ -9,12 +9,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=haproxy
-PKG_VERSION:=1.7.5
-PKG_RELEASE:=01
+PKG_VERSION:=1.7.8
+PKG_RELEASE:=18
 
 PKG_SOURCE:=haproxy-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=http://www.haproxy.org/download/1.7/src/
-PKG_MD5SUM:=ed84c80cb97852d2aa3161ed16c48a1c
+PKG_MD5SUM:=7e94653cc5a1dba006bbe43736f53595
 
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
 PKG_LICENSE:=GPL-2.0
diff --git a/net/haproxy/patches/0001-BUG-MINOR-peers-peer-synchronization-issue-with-seve.patch b/net/haproxy/patches/0001-BUG-MINOR-peers-peer-synchronization-issue-with-seve.patch
new file mode 100644 (file)
index 0000000..a24c967
--- /dev/null
@@ -0,0 +1,299 @@
+From fa73e6b0d5f64eb8a6fd8a1706d7ec03293a943e Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20L=C3=A9caille?= <flecaille@haproxy.com>
+Date: Thu, 13 Jul 2017 09:07:09 +0200
+Subject: [PATCH 01/18] BUG/MINOR: peers: peer synchronization issue (with
+ several peers sections).
+
+When several stick-tables were configured with several peers sections,
+only a part of them could be synchronized: the ones attached to the last
+parsed 'peers' section. This was due to the fact that, at least, the peer I/O handler
+refered to the wrong peer section list, in fact always the same: the last one parsed.
+
+The fact that the global peer section list was named "struct peers *peers"
+lead to this issue. This variable name is dangerous ;).
+
+So this patch renames global 'peers' variable to 'cfg_peers' to ensure that
+no such wrong references are still in use, then all the functions wich used
+old 'peers' variable have been modified to refer to the correct peer list.
+
+Must be backported to 1.6 and 1.7.
+(cherry picked from commit ed2b4a6b793d062000518e51ed71e014c649c313)
+
+Signed-off-by: Willy Tarreau <w@1wt.eu>
+---
+ include/types/peers.h |  2 +-
+ src/cfgparse.c        | 18 +++++++++---------
+ src/haproxy.c         | 10 +++++-----
+ src/peers.c           | 40 ++++++++++++++++++++--------------------
+ src/proxy.c           |  6 +++---
+ 5 files changed, 38 insertions(+), 38 deletions(-)
+
+diff --git a/include/types/peers.h b/include/types/peers.h
+index 105dffb0..a77a0942 100644
+--- a/include/types/peers.h
++++ b/include/types/peers.h
+@@ -91,7 +91,7 @@ struct peers {
+ };
+-extern struct peers *peers;
++extern struct peers *cfg_peers;
+ #endif /* _TYPES_PEERS_H */
+diff --git a/src/cfgparse.c b/src/cfgparse.c
+index 8c0906bf..1b53006b 100644
+--- a/src/cfgparse.c
++++ b/src/cfgparse.c
+@@ -2124,7 +2124,7 @@ int cfg_parse_peers(const char *file, int linenum, char **args, int kwm)
+                       goto out;
+               }
+-              for (curpeers = peers; curpeers != NULL; curpeers = curpeers->next) {
++              for (curpeers = cfg_peers; curpeers != NULL; curpeers = curpeers->next) {
+                       /*
+                        * If there are two proxies with the same name only following
+                        * combinations are allowed:
+@@ -2142,8 +2142,8 @@ int cfg_parse_peers(const char *file, int linenum, char **args, int kwm)
+                       goto out;
+               }
+-              curpeers->next = peers;
+-              peers = curpeers;
++              curpeers->next = cfg_peers;
++              cfg_peers = curpeers;
+               curpeers->conf.file = strdup(file);
+               curpeers->conf.line = linenum;
+               curpeers->last_change = now.tv_sec;
+@@ -2223,7 +2223,7 @@ int cfg_parse_peers(const char *file, int linenum, char **args, int kwm)
+               if (strcmp(newpeer->id, localpeer) == 0) {
+                       /* Current is local peer, it define a frontend */
+                       newpeer->local = 1;
+-                      peers->local = newpeer;
++                      cfg_peers->local = newpeer;
+                       if (!curpeers->peers_fe) {
+                               if ((curpeers->peers_fe  = calloc(1, sizeof(struct proxy))) == NULL) {
+@@ -8189,9 +8189,9 @@ int check_config_validity()
+               }
+               if (curproxy->table.peers.name) {
+-                      struct peers *curpeers = peers;
++                      struct peers *curpeers;
+-                      for (curpeers = peers; curpeers; curpeers = curpeers->next) {
++                      for (curpeers = cfg_peers; curpeers; curpeers = curpeers->next) {
+                               if (strcmp(curpeers->id, curproxy->table.peers.name) == 0) {
+                                       free((void *)curproxy->table.peers.name);
+                                       curproxy->table.peers.p = curpeers;
+@@ -9279,15 +9279,15 @@ out_uri_auth_compat:
+               if (curproxy->table.peers.p)
+                       curproxy->table.peers.p->peers_fe->bind_proc |= curproxy->bind_proc;
+-      if (peers) {
+-              struct peers *curpeers = peers, **last;
++      if (cfg_peers) {
++              struct peers *curpeers = cfg_peers, **last;
+               struct peer *p, *pb;
+               /* Remove all peers sections which don't have a valid listener,
+                * which are not used by any table, or which are bound to more
+                * than one process.
+                */
+-              last = &peers;
++              last = &cfg_peers;
+               while (*last) {
+                       curpeers = *last;
+diff --git a/src/haproxy.c b/src/haproxy.c
+index 6d09aed4..25cea0cd 100644
+--- a/src/haproxy.c
++++ b/src/haproxy.c
+@@ -988,7 +988,7 @@ void init(int argc, char **argv)
+               struct peers *pr;
+               struct proxy *px;
+-              for (pr = peers; pr; pr = pr->next)
++              for (pr = cfg_peers; pr; pr = pr->next)
+                       if (pr->peers_fe)
+                               break;
+@@ -1217,11 +1217,11 @@ void init(int argc, char **argv)
+       if (global.stats_fe)
+               global.maxsock += global.stats_fe->maxconn;
+-      if (peers) {
++      if (cfg_peers) {
+               /* peers also need to bypass global maxconn */
+-              struct peers *p = peers;
++              struct peers *p = cfg_peers;
+-              for (p = peers; p; p = p->next)
++              for (p = cfg_peers; p; p = p->next)
+                       if (p->peers_fe)
+                               global.maxsock += p->peers_fe->maxconn;
+       }
+@@ -2067,7 +2067,7 @@ int main(int argc, char **argv)
+               }
+               /* we might have to unbind some peers sections from some processes */
+-              for (curpeers = peers; curpeers; curpeers = curpeers->next) {
++              for (curpeers = cfg_peers; curpeers; curpeers = curpeers->next) {
+                       if (!curpeers->peers_fe)
+                               continue;
+diff --git a/src/peers.c b/src/peers.c
+index 543c84c1..5b8a287a 100644
+--- a/src/peers.c
++++ b/src/peers.c
+@@ -171,7 +171,7 @@ enum {
+ #define PEER_MINOR_VER        1
+ #define PEER_DWNGRD_MINOR_VER 0
+-struct peers *peers = NULL;
++struct peers *cfg_peers = NULL;
+ static void peer_session_forceshutdown(struct appctx *appctx);
+ /* This function encode an uint64 to 'dynamic' length format.
+@@ -727,19 +727,19 @@ switchstate:
+                               /* if current peer is local */
+                                 if (curpeer->local) {
+                                         /* if current host need resyncfrom local and no process assined  */
+-                                        if ((peers->flags & PEERS_RESYNC_STATEMASK) == PEERS_RESYNC_FROMLOCAL &&
+-                                            !(peers->flags & PEERS_F_RESYNC_ASSIGN)) {
++                                        if ((curpeers->flags & PEERS_RESYNC_STATEMASK) == PEERS_RESYNC_FROMLOCAL &&
++                                            !(curpeers->flags & PEERS_F_RESYNC_ASSIGN)) {
+                                                 /* assign local peer for a lesson, consider lesson already requested */
+                                                 curpeer->flags |= PEER_F_LEARN_ASSIGN;
+-                                                peers->flags |= (PEERS_F_RESYNC_ASSIGN|PEERS_F_RESYNC_PROCESS);
++                                                curpeers->flags |= (PEERS_F_RESYNC_ASSIGN|PEERS_F_RESYNC_PROCESS);
+                                         }
+                                 }
+-                                else if ((peers->flags & PEERS_RESYNC_STATEMASK) == PEERS_RESYNC_FROMREMOTE &&
+-                                         !(peers->flags & PEERS_F_RESYNC_ASSIGN)) {
++                                else if ((curpeers->flags & PEERS_RESYNC_STATEMASK) == PEERS_RESYNC_FROMREMOTE &&
++                                         !(curpeers->flags & PEERS_F_RESYNC_ASSIGN)) {
+                                         /* assign peer for a lesson  */
+                                         curpeer->flags |= PEER_F_LEARN_ASSIGN;
+-                                        peers->flags |= PEERS_F_RESYNC_ASSIGN;
++                                        curpeers->flags |= PEERS_F_RESYNC_ASSIGN;
+                                 }
+@@ -807,7 +807,7 @@ switchstate:
+                               curpeer->statuscode = atoi(trash.str);
+                               /* Awake main task */
+-                              task_wakeup(peers->sync_task, TASK_WOKEN_MSG);
++                              task_wakeup(curpeers->sync_task, TASK_WOKEN_MSG);
+                               /* If status code is success */
+                               if (curpeer->statuscode == PEER_SESS_SC_SUCCESSCODE) {
+@@ -830,14 +830,14 @@ switchstate:
+                                                 curpeer->flags |= PEER_F_TEACH_PROCESS;
+                                         }
+-                                        else if ((peers->flags & PEERS_RESYNC_STATEMASK) == PEERS_RESYNC_FROMREMOTE &&
+-                                                    !(peers->flags & PEERS_F_RESYNC_ASSIGN)) {
++                                        else if ((curpeers->flags & PEERS_RESYNC_STATEMASK) == PEERS_RESYNC_FROMREMOTE &&
++                                                    !(curpeers->flags & PEERS_F_RESYNC_ASSIGN)) {
+                                                 /* If peer is remote and resync from remote is needed,
+                                                    and no peer currently assigned */
+                                                 /* assign peer for a lesson */
+                                                 curpeer->flags |= PEER_F_LEARN_ASSIGN;
+-                                              peers->flags |= PEERS_F_RESYNC_ASSIGN;
++                                              curpeers->flags |= PEERS_F_RESYNC_ASSIGN;
+                                       }
+                               }
+@@ -950,8 +950,8 @@ switchstate:
+                                               if (curpeer->flags & PEER_F_LEARN_ASSIGN) {
+                                                       curpeer->flags &= ~PEER_F_LEARN_ASSIGN;
+-                                                      peers->flags &= ~(PEERS_F_RESYNC_ASSIGN|PEERS_F_RESYNC_PROCESS);
+-                                                      peers->flags |= (PEERS_F_RESYNC_LOCAL|PEERS_F_RESYNC_REMOTE);
++                                                      curpeers->flags &= ~(PEERS_F_RESYNC_ASSIGN|PEERS_F_RESYNC_PROCESS);
++                                                      curpeers->flags |= (PEERS_F_RESYNC_LOCAL|PEERS_F_RESYNC_REMOTE);
+                                               }
+                                               curpeer->confirm++;
+                                       }
+@@ -959,11 +959,11 @@ switchstate:
+                                               if (curpeer->flags & PEER_F_LEARN_ASSIGN) {
+                                                       curpeer->flags &= ~PEER_F_LEARN_ASSIGN;
+-                                                      peers->flags &= ~(PEERS_F_RESYNC_ASSIGN|PEERS_F_RESYNC_PROCESS);
++                                                      curpeers->flags &= ~(PEERS_F_RESYNC_ASSIGN|PEERS_F_RESYNC_PROCESS);
+                                                       curpeer->flags |= PEER_F_LEARN_NOTUP2DATE;
+-                                                      peers->resync_timeout = tick_add(now_ms, MS_TO_TICKS(5000));
+-                                                      task_wakeup(peers->sync_task, TASK_WOKEN_MSG);
++                                                      curpeers->resync_timeout = tick_add(now_ms, MS_TO_TICKS(5000));
++                                                      task_wakeup(curpeers->sync_task, TASK_WOKEN_MSG);
+                                               }
+                                               curpeer->confirm++;
+                                       }
+@@ -1334,8 +1334,8 @@ incomplete:
+                               /* Need to request a resync */
+                                 if ((curpeer->flags & PEER_F_LEARN_ASSIGN) &&
+-                                        (peers->flags & PEERS_F_RESYNC_ASSIGN) &&
+-                                        !(peers->flags & PEERS_F_RESYNC_PROCESS)) {
++                                        (curpeers->flags & PEERS_F_RESYNC_ASSIGN) &&
++                                        !(curpeers->flags & PEERS_F_RESYNC_PROCESS)) {
+                                       unsigned char msg[2];
+                                         /* Current peer was elected to request a resync */
+@@ -1351,7 +1351,7 @@ incomplete:
+                                                 appctx->st0 = PEER_SESS_ST_END;
+                                                 goto switchstate;
+                                         }
+-                                        peers->flags |= PEERS_F_RESYNC_PROCESS;
++                                        curpeers->flags |= PEERS_F_RESYNC_PROCESS;
+                                 }
+                               /* Nothing to read, now we start to write */
+@@ -1624,7 +1624,7 @@ incomplete:
+                                         /* Current peer was elected to request a resync */
+                                       msg[0] = PEER_MSG_CLASS_CONTROL;
+-                                      msg[1] = ((peers->flags & PEERS_RESYNC_STATEMASK) == PEERS_RESYNC_FINISHED) ? PEER_MSG_CTRL_RESYNCFINISHED : PEER_MSG_CTRL_RESYNCPARTIAL;
++                                      msg[1] = ((curpeers->flags & PEERS_RESYNC_STATEMASK) == PEERS_RESYNC_FINISHED) ? PEER_MSG_CTRL_RESYNCFINISHED : PEER_MSG_CTRL_RESYNCPARTIAL;
+                                       /* process final lesson message */
+                                       repl = bi_putblk(si_ic(si), (char *)msg, sizeof(msg));
+                                       if (repl <= 0) {
+diff --git a/src/proxy.c b/src/proxy.c
+index 78120d9b..bedc7ae0 100644
+--- a/src/proxy.c
++++ b/src/proxy.c
+@@ -1007,7 +1007,7 @@ void soft_stop(void)
+               p = p->next;
+       }
+-      prs = peers;
++      prs = cfg_peers;
+       while (prs) {
+               if (prs->peers_fe)
+                       stop_proxy(prs->peers_fe);
+@@ -1142,7 +1142,7 @@ void pause_proxies(void)
+               p = p->next;
+       }
+-      prs = peers;
++      prs = cfg_peers;
+       while (prs) {
+               if (prs->peers_fe)
+                       err |= !pause_proxy(prs->peers_fe);
+@@ -1176,7 +1176,7 @@ void resume_proxies(void)
+               p = p->next;
+       }
+-      prs = peers;
++      prs = cfg_peers;
+       while (prs) {
+               if (prs->peers_fe)
+                       err |= !resume_proxy(prs->peers_fe);
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0002-BUG-MINOR-lua-In-error-case-the-safe-mode-is-not-rem.patch b/net/haproxy/patches/0002-BUG-MINOR-lua-In-error-case-the-safe-mode-is-not-rem.patch
new file mode 100644 (file)
index 0000000..ea4651d
--- /dev/null
@@ -0,0 +1,36 @@
+From bcc483a9edfeb8ab69d1af83886d9e1323cffd06 Mon Sep 17 00:00:00 2001
+From: Thierry FOURNIER <thierry.fournier@ozon.io>
+Date: Wed, 12 Jul 2017 11:18:00 +0200
+Subject: [PATCH 02/18] BUG/MINOR: lua: In error case, the safe mode is not
+ removed
+
+Just forgot of reset the safe mode. This have not consequences
+the safe mode just set a pointer on fucntion which is called only
+and initialises a longjmp.
+
+Out of lua execution, this longjmp is never executed and the
+function is never called.
+
+This patch should be backported in 1.6 and 1.7
+(cherry picked from commit 0a97620c080232a21ad7fce2c859a2edc9d7147e)
+
+Signed-off-by: Willy Tarreau <w@1wt.eu>
+---
+ src/hlua.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/hlua.c b/src/hlua.c
+index c862102d..4c1c2d21 100644
+--- a/src/hlua.c
++++ b/src/hlua.c
+@@ -854,6 +854,7 @@ int hlua_ctx_init(struct hlua *lua, struct task *task)
+       lua->T = lua_newthread(gL.T);
+       if (!lua->T) {
+               lua->Tref = LUA_REFNIL;
++              RESET_SAFE_LJMP(gL.T);
+               return 0;
+       }
+       hlua_sethlua(lua);
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0003-BUG-MINOR-lua-executes-the-function-destroying-the-L.patch b/net/haproxy/patches/0003-BUG-MINOR-lua-executes-the-function-destroying-the-L.patch
new file mode 100644 (file)
index 0000000..2b200ee
--- /dev/null
@@ -0,0 +1,59 @@
+From 49d319a677432b69c6a69ef5331ae2ed592075c9 Mon Sep 17 00:00:00 2001
+From: Thierry FOURNIER <thierry.fournier@ozon.io>
+Date: Wed, 12 Jul 2017 13:41:33 +0200
+Subject: [PATCH 03/18] BUG/MINOR: lua: executes the function destroying the
+ Lua session in safe mode
+
+When we destroy the Lua session, we manipulates Lua stack,
+so errors can raises. It will be better to catch these errors.
+
+This patch should be backported in 1.6 and 1.7
+(cherry picked from commit 75d0208009c3189b5d10793e08f27dd62a76c3ae)
+
+Signed-off-by: Willy Tarreau <w@1wt.eu>
+---
+ src/hlua.c | 17 +++++++++++++++--
+ 1 file changed, 15 insertions(+), 2 deletions(-)
+
+diff --git a/src/hlua.c b/src/hlua.c
+index 4c1c2d21..2d312804 100644
+--- a/src/hlua.c
++++ b/src/hlua.c
+@@ -876,9 +876,15 @@ void hlua_ctx_destroy(struct hlua *lua)
+       /* Purge all the pending signals. */
+       hlua_com_purge(lua);
++      if (!SET_SAFE_LJMP(lua->T))
++              return;
+       luaL_unref(lua->T, LUA_REGISTRYINDEX, lua->Mref);
+-      luaL_unref(gL.T, LUA_REGISTRYINDEX, lua->Tref);
++      RESET_SAFE_LJMP(lua->T);
++      if (!SET_SAFE_LJMP(gL.T))
++              return;
++      luaL_unref(gL.T, LUA_REGISTRYINDEX, lua->Tref);
++      RESET_SAFE_LJMP(gL.T);
+       /* Forces a garbage collecting process. If the Lua program is finished
+        * without error, we run the GC on the thread pointer. Its freed all
+        * the unused memory.
+@@ -889,9 +895,16 @@ void hlua_ctx_destroy(struct hlua *lua)
+        * the garbage collection.
+        */
+       if (lua->flags & HLUA_MUST_GC) {
++              if (!SET_SAFE_LJMP(lua->T))
++                      return;
+               lua_gc(lua->T, LUA_GCCOLLECT, 0);
+-              if (lua_status(lua->T) != LUA_OK)
++              RESET_SAFE_LJMP(lua->T);
++              if (lua_status(lua->T) != LUA_OK) {
++                      if (!SET_SAFE_LJMP(gL.T))
++                              return;
+                       lua_gc(gL.T, LUA_GCCOLLECT, 0);
++                      RESET_SAFE_LJMP(gL.T);
++              }
+       }
+       lua->T = NULL;
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0004-BUG-MAJOR-lua-socket-resources-not-detroyed-when-the.patch b/net/haproxy/patches/0004-BUG-MAJOR-lua-socket-resources-not-detroyed-when-the.patch
new file mode 100644 (file)
index 0000000..ced02f5
--- /dev/null
@@ -0,0 +1,97 @@
+From 2823f54f706f56304970313cb14a98a4ce20d5ab Mon Sep 17 00:00:00 2001
+From: Thierry FOURNIER <thierry.fournier@ozon.io>
+Date: Sun, 16 Jul 2017 20:48:54 +0200
+Subject: [PATCH 04/18] BUG/MAJOR: lua/socket: resources not detroyed when the
+ socket is aborted
+
+In some cases, the socket is misused. The user can open socket and never
+close it, or open the socket and close it without sending data. This
+causes resources leak on all resources associated to the stream (buffer,
+spoe, ...)
+
+This is caused by the stream_shutdown function which is called outside
+of the stream execution process. Sometimes, the shtudown is required
+while the stream is not started, so the cleanup is ignored.
+
+This patch change the shutdown mode of the session. Now if the session is
+no longer used and the Lua want to destroy it, it just set a destroy flag
+and the session kill itself.
+
+This patch should be backported in 1.6 and 1.7
+
+(cherry picked from cmomit b13b20a19aacb039a33f886e38a181b00c9a6d41)
+
+Signed-off-by: Willy Tarreau <w@1wt.eu>
+---
+ include/types/applet.h |  1 +
+ src/hlua.c             | 16 ++++++++++++++--
+ 2 files changed, 15 insertions(+), 2 deletions(-)
+
+diff --git a/include/types/applet.h b/include/types/applet.h
+index 46b2bc10..aee9167e 100644
+--- a/include/types/applet.h
++++ b/include/types/applet.h
+@@ -122,6 +122,7 @@ struct appctx {
+                       struct hlua_socket *socket;
+                       struct list wake_on_read;
+                       struct list wake_on_write;
++                      int die;
+               } hlua;
+               struct {
+                       struct hlua hlua;
+diff --git a/src/hlua.c b/src/hlua.c
+index 2d312804..eb003558 100644
+--- a/src/hlua.c
++++ b/src/hlua.c
+@@ -1544,6 +1544,15 @@ static void hlua_socket_handler(struct appctx *appctx)
+       struct stream_interface *si = appctx->owner;
+       struct connection *c = objt_conn(si_opposite(si)->end);
++      if (appctx->ctx.hlua.die) {
++              si_shutw(si);
++              si_shutr(si);
++              si_ic(si)->flags |= CF_READ_NULL;
++              hlua_com_wake(&appctx->ctx.hlua.wake_on_read);
++              hlua_com_wake(&appctx->ctx.hlua.wake_on_write);
++              stream_shutdown(si_strm(si), SF_ERR_KILLED);
++      }
++
+       /* If the connection object is not avalaible, close all the
+        * streams and wakeup everithing waiting for.
+        */
+@@ -1619,9 +1628,10 @@ __LJMP static int hlua_socket_gc(lua_State *L)
+       /* Remove all reference between the Lua stack and the coroutine stream. */
+       appctx = objt_appctx(socket->s->si[0].end);
+-      stream_shutdown(socket->s, SF_ERR_KILLED);
+       socket->s = NULL;
+       appctx->ctx.hlua.socket = NULL;
++      appctx->ctx.hlua.die = 1;
++      appctx_wakeup(appctx);
+       return 0;
+ }
+@@ -1641,10 +1651,11 @@ __LJMP static int hlua_socket_close(lua_State *L)
+               return 0;
+       /* Close the stream and remove the associated stop task. */
+-      stream_shutdown(socket->s, SF_ERR_KILLED);
+       appctx = objt_appctx(socket->s->si[0].end);
+       appctx->ctx.hlua.socket = NULL;
+       socket->s = NULL;
++      appctx->ctx.hlua.die = 1;
++      appctx_wakeup(appctx);
+       return 0;
+ }
+@@ -2316,6 +2327,7 @@ __LJMP static int hlua_socket_new(lua_State *L)
+       appctx->ctx.hlua.socket = socket;
+       appctx->ctx.hlua.connected = 0;
++      appctx->ctx.hlua.die = 0;
+       LIST_INIT(&appctx->ctx.hlua.wake_on_write);
+       LIST_INIT(&appctx->ctx.hlua.wake_on_read);
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0005-BUG-MEDIUM-lua-bad-memory-access.patch b/net/haproxy/patches/0005-BUG-MEDIUM-lua-bad-memory-access.patch
new file mode 100644 (file)
index 0000000..97e4d9e
--- /dev/null
@@ -0,0 +1,46 @@
+From ea3b479be6cacb399a6541a00b1bdce17b0179d0 Mon Sep 17 00:00:00 2001
+From: Thierry FOURNIER <thierry.fournier@ozon.io>
+Date: Mon, 17 Jul 2017 00:44:40 +0200
+Subject: [PATCH 05/18] BUG/MEDIUM: lua: bad memory access
+
+We cannot perform garbage collection on unreferenced thread.
+This memory is now free and another Lua process can use it for
+other things.
+
+HAProxy is monothread, so this bug doesn't cause crash.
+
+This patch must be backported in 1.6 and 1.7
+(cherry picked from commit 7bd10d58d3aecf7cf1e5ee7df01193e07128a52d)
+
+Signed-off-by: Willy Tarreau <w@1wt.eu>
+---
+ src/hlua.c | 12 +++---------
+ 1 file changed, 3 insertions(+), 9 deletions(-)
+
+diff --git a/src/hlua.c b/src/hlua.c
+index eb003558..a998860e 100644
+--- a/src/hlua.c
++++ b/src/hlua.c
+@@ -895,16 +895,10 @@ void hlua_ctx_destroy(struct hlua *lua)
+        * the garbage collection.
+        */
+       if (lua->flags & HLUA_MUST_GC) {
+-              if (!SET_SAFE_LJMP(lua->T))
++              if (!SET_SAFE_LJMP(gL.T))
+                       return;
+-              lua_gc(lua->T, LUA_GCCOLLECT, 0);
+-              RESET_SAFE_LJMP(lua->T);
+-              if (lua_status(lua->T) != LUA_OK) {
+-                      if (!SET_SAFE_LJMP(gL.T))
+-                              return;
+-                      lua_gc(gL.T, LUA_GCCOLLECT, 0);
+-                      RESET_SAFE_LJMP(gL.T);
+-              }
++              lua_gc(gL.T, LUA_GCCOLLECT, 0);
++              RESET_SAFE_LJMP(gL.T);
+       }
+       lua->T = NULL;
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0006-DOC-update-CONTRIBUTING-regarding-optional-parts-and.patch b/net/haproxy/patches/0006-DOC-update-CONTRIBUTING-regarding-optional-parts-and.patch
new file mode 100644 (file)
index 0000000..7fb83b1
--- /dev/null
@@ -0,0 +1,64 @@
+From 20850d19250eb530cab889bb9059a630b3f805a3 Mon Sep 17 00:00:00 2001
+From: Willy Tarreau <w@1wt.eu>
+Date: Tue, 18 Jul 2017 06:56:40 +0200
+Subject: [PATCH 06/18] DOC: update CONTRIBUTING regarding optional parts and
+ message format
+
+Make it clear that optional components must not break when disabled,
+that openssl is the only officially supported library and its support
+must not be broken, and that bug fixes must always be detailed.
+(cherry picked from commit 9d84cd602f4adb3954209eb14c94eea9254d1b5b)
+
+Signed-off-by: Willy Tarreau <w@1wt.eu>
+---
+ CONTRIBUTING | 21 ++++++++++++++++++++-
+ 1 file changed, 20 insertions(+), 1 deletion(-)
+
+diff --git a/CONTRIBUTING b/CONTRIBUTING
+index 74a099bc..b2c2b493 100644
+--- a/CONTRIBUTING
++++ b/CONTRIBUTING
+@@ -69,6 +69,16 @@ code :
+ Since most of these restrictions are just a matter of coding style, it is
+ normally not a problem to comply.
++When modifying some optional subsystem (SSL, Lua, compression, device detection
++engines), please make sure the code continues to build (and to work) when these
++features are disabled. Similarly, when modifying the SSL stack, please always
++ensure that supported OpenSSL versions continue to build and to work, especially
++if you modify support for alternate libraries. Clean support for the legacy
++OpenSSL libraries is mandatory, support for its derivatives is a bonus and may
++occasionally break eventhough a great care is taken. In other words, if you
++provide a patch for OpenSSL you don't need to test its derivatives, but if you
++provide a patch for a derivative you also need to test with OpenSSL.
++
+ If your work is very confidential and you can't publicly discuss it, you can
+ also mail willy@haproxy.org directly about it, but your mail may be waiting
+ several days in the queue before you get a response, if you get a response at
+@@ -441,13 +451,22 @@ do not think about them anymore after a few patches.
+    way the subject is built. Please see the section below for more information
+    regarding this formatting.
+-   As a rule of thumb, your patch must never be made only of a subject line,
++   As a rule of thumb, your patch MUST NEVER be made only of a subject line,
+    it *must* contain a description. Even one or two lines, or indicating
+    whether a backport is desired or not. It turns out that single-line commits
+    are so rare in the Git world that they require special manual (hence
+    painful) handling when they are backported, and at least for this reason
+    it's important to keep this in mind.
++   Each patch fixing a bug MUST be tagged with "BUG", a severity level, an
++   indication of the affected subsystem and a brief description of the nature
++   of the issue in the subject line, and a detailed analysis in the message
++   body. The explanation of the user-visible impact and the need for
++   backporting to stable branches or not are MANDATORY. Bug fixes with no
++   indication will simply be rejected as they are very likely to cause more
++   harm when nobody is able to tell whether or not the patch needs to be
++   backported or can be reverted in case of regression.
++
+ 12) Discuss on the mailing list
+    When submitting changes, please always CC the mailing list address so that
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0007-DOC-update-the-list-of-OpenSSL-versions-in-the-READM.patch b/net/haproxy/patches/0007-DOC-update-the-list-of-OpenSSL-versions-in-the-READM.patch
new file mode 100644 (file)
index 0000000..7be8bc0
--- /dev/null
@@ -0,0 +1,36 @@
+From 8d99949c4c51d95c14fb2b09d18e1cff058f0c17 Mon Sep 17 00:00:00 2001
+From: Willy Tarreau <w@1wt.eu>
+Date: Tue, 18 Jul 2017 06:58:16 +0200
+Subject: [PATCH 07/18] DOC: update the list of OpenSSL versions in the README
+
+1.1.0 is also supported nowadays. Also mention the best effort support
+for derivatives.
+(cherry picked from commit 7ab16868bc6e9d5ef879e1046effa035789835cc)
+
+Signed-off-by: Willy Tarreau <w@1wt.eu>
+---
+ README | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/README b/README
+index 839d06ec..8ad70e66 100644
+--- a/README
++++ b/README
+@@ -113,8 +113,12 @@ build fails due to missing symbols such as deflateInit(), then try again with
+ Your are strongly encouraged to always use an up-to-date version of OpenSSL, as
+ found on https://www.openssl.org/ as vulnerabilities are occasionally found and
+ you don't want them on your systems. HAProxy is known to build correctly on all
+-currently supported branches (0.9.8, 1.0.0, 1.0.1 and 1.0.2 at the time of
+-writing). Branch 1.0.2 is recommended for the richest features.
++currently supported branches (0.9.8, 1.0.0, 1.0.1, 1.0.2 and 1.1.0 at the time
++of writing). Branch 1.0.2 is currently recommended for the best combination of
++features and stability. Asynchronous engines require OpenSSL 1.1.0 though. It's
++worth mentionning that some OpenSSL derivatives are also reported to work but
++may occasionally break. Patches to fix them are welcome but please read the
++CONTRIBUTING file first.
+ To link OpenSSL statically against haproxy, build OpenSSL with the no-shared
+ keyword and install it to a local directory, so your system is not affected :
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0008-MINOR-tools-add-a-portable-timegm-alternative.patch b/net/haproxy/patches/0008-MINOR-tools-add-a-portable-timegm-alternative.patch
new file mode 100644 (file)
index 0000000..4546258
--- /dev/null
@@ -0,0 +1,129 @@
+From 3e21b8d25ad148ef4e6544f28a8b2305f9484a7b Mon Sep 17 00:00:00 2001
+From: Willy Tarreau <w@1wt.eu>
+Date: Wed, 19 Jul 2017 19:05:29 +0200
+Subject: [PATCH 08/18] MINOR: tools: add a portable timegm() alternative
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+timegm() is not provided everywhere and the documentation on how to
+replace it is bogus as it proposes an inefficient and non-thread safe
+alternative.
+
+Here we reimplement everything needed to compute the number of seconds
+since Epoch based on the broken down fields in struct tm. It is only
+guaranteed to return correct values for correct inputs. It was successfully
+tested with all possible 32-bit values of time_t converted to struct tm
+using gmtime() and back to time_t using the legacy timegm() and this
+function, and both functions always produced the same result.
+
+Thanks to Benoît Garnier for an instructive discussion and detailed
+explanations of the various time functions, leading to this solution.
+(cherry picked from commit cb1949b8b30b8db7e05546da2939eff2b5973321)
+
+Signed-off-by: Willy Tarreau <w@1wt.eu>
+---
+ include/common/standard.h | 21 ++++++++++++++++++
+ src/standard.c            | 54 +++++++++++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 75 insertions(+)
+
+diff --git a/include/common/standard.h b/include/common/standard.h
+index 87f90a65..c19c368b 100644
+--- a/include/common/standard.h
++++ b/include/common/standard.h
+@@ -624,6 +624,27 @@ static inline void get_gmtime(const time_t now, struct tm *tm)
+       gmtime_r(&now, tm);
+ }
++/* Counts a number of elapsed days since 01/01/0000 based solely on elapsed
++ * years and assuming the regular rule for leap years applies. It's fake but
++ * serves as a temporary origin. It's worth remembering that it's the first
++ * year of each period that is leap and not the last one, so for instance year
++ * 1 sees 366 days since year 0 was leap. For this reason we have to apply
++ * modular arithmetics which is why we offset the year by 399 before
++ * subtracting the excess at the end. No overflow here before ~11.7 million
++ * years.
++ */
++static inline unsigned int days_since_zero(unsigned int y)
++{
++      return y * 365 + (y + 399) / 4 - (y + 399) / 100 + (y + 399) / 400
++             - 399 / 4 + 399 / 100;
++}
++
++/* Returns the number of seconds since 01/01/1970 0:0:0 GMT for GMT date <tm>.
++ * It is meant as a portable replacement for timegm() for use with valid inputs.
++ * Returns undefined results for invalid dates (eg: months out of range 0..11).
++ */
++extern time_t my_timegm(const struct tm *tm);
++
+ /* This function parses a time value optionally followed by a unit suffix among
+  * "d", "h", "m", "s", "ms" or "us". It converts the value into the unit
+  * expected by the caller. The computation does its best to avoid overflows.
+diff --git a/src/standard.c b/src/standard.c
+index 8df1da6c..e1d414f3 100644
+--- a/src/standard.c
++++ b/src/standard.c
+@@ -2841,6 +2841,60 @@ char *localdate2str_log(char *dst, time_t t, struct tm *tm, size_t size)
+       return dst;
+ }
++/* Returns the number of seconds since 01/01/1970 0:0:0 GMT for GMT date <tm>.
++ * It is meant as a portable replacement for timegm() for use with valid inputs.
++ * Returns undefined results for invalid dates (eg: months out of range 0..11).
++ */
++time_t my_timegm(const struct tm *tm)
++{
++      /* Each month has 28, 29, 30 or 31 days, or 28+N. The date in the year
++       * is thus (current month - 1)*28 + cumulated_N[month] to count the
++       * sum of the extra N days for elapsed months. The sum of all these N
++       * days doesn't exceed 30 for a complete year (366-12*28) so it fits
++       * in a 5-bit word. This means that with 60 bits we can represent a
++       * matrix of all these values at once, which is fast and efficient to
++       * access. The extra February day for leap years is not counted here.
++       *
++       * Jan : none      =  0 (0)
++       * Feb : Jan       =  3 (3)
++       * Mar : Jan..Feb  =  3 (3 + 0)
++       * Apr : Jan..Mar  =  6 (3 + 0 + 3)
++       * May : Jan..Apr  =  8 (3 + 0 + 3 + 2)
++       * Jun : Jan..May  = 11 (3 + 0 + 3 + 2 + 3)
++       * Jul : Jan..Jun  = 13 (3 + 0 + 3 + 2 + 3 + 2)
++       * Aug : Jan..Jul  = 16 (3 + 0 + 3 + 2 + 3 + 2 + 3)
++       * Sep : Jan..Aug  = 19 (3 + 0 + 3 + 2 + 3 + 2 + 3 + 3)
++       * Oct : Jan..Sep  = 21 (3 + 0 + 3 + 2 + 3 + 2 + 3 + 3 + 2)
++       * Nov : Jan..Oct  = 24 (3 + 0 + 3 + 2 + 3 + 2 + 3 + 3 + 2 + 3)
++       * Dec : Jan..Nov  = 26 (3 + 0 + 3 + 2 + 3 + 2 + 3 + 3 + 2 + 3 + 2)
++       */
++      uint64_t extra =
++              ( 0ULL <<  0*5) + ( 3ULL <<  1*5) + ( 3ULL <<  2*5) + /* Jan, Feb, Mar, */
++              ( 6ULL <<  3*5) + ( 8ULL <<  4*5) + (11ULL <<  5*5) + /* Apr, May, Jun, */
++              (13ULL <<  6*5) + (16ULL <<  7*5) + (19ULL <<  8*5) + /* Jul, Aug, Sep, */
++              (21ULL <<  9*5) + (24ULL << 10*5) + (26ULL << 11*5);  /* Oct, Nov, Dec, */
++
++      unsigned int y = tm->tm_year + 1900;
++      unsigned int m = tm->tm_mon;
++      unsigned long days = 0;
++
++      /* days since 1/1/1970 for full years */
++      days += days_since_zero(y) - days_since_zero(1970);
++
++      /* days for full months in the current year */
++      days += 28 * m + ((extra >> (m * 5)) & 0x1f);
++
++      /* count + 1 after March for leap years. A leap year is a year multiple
++       * of 4, unless it's multiple of 100 without being multiple of 400. 2000
++       * is leap, 1900 isn't, 1904 is.
++       */
++      if ((m > 1) && !(y & 3) && ((y % 100) || !(y % 400)))
++              days++;
++
++      days += tm->tm_mday - 1;
++      return days * 86400ULL + tm->tm_hour * 3600 + tm->tm_min * 60 + tm->tm_sec;
++}
++
+ /* This function check a char. It returns true and updates
+  * <date> and <len> pointer to the new position if the
+  * character is found.
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0009-BUILD-lua-replace-timegm-with-my_timegm-to-fix-build.patch b/net/haproxy/patches/0009-BUILD-lua-replace-timegm-with-my_timegm-to-fix-build.patch
new file mode 100644 (file)
index 0000000..623ce95
--- /dev/null
@@ -0,0 +1,38 @@
+From df1655a6c0e4431317cc66c67693281092a952b0 Mon Sep 17 00:00:00 2001
+From: Willy Tarreau <w@1wt.eu>
+Date: Wed, 19 Jul 2017 19:08:48 +0200
+Subject: [PATCH 09/18] BUILD: lua: replace timegm() with my_timegm() to fix
+ build on Solaris 10
+
+Akhnin Nikita reported that Lua doesn't build on Solaris 10 because
+the code uses timegm() to parse a date, which is not provided there.
+The recommended way to implement timegm() is broken in the man page,
+as it is based on a change of the TZ environment variable at run time
+before calling the function (which is obviously not thread safe, and
+terribly inefficient).
+
+Here instead we rely on the new my_timegm() function, it should be
+sufficient for all known use cases.
+(cherry picked from commit abd9bb20b76818c9f461a82b72b10818736ff8b3)
+
+Signed-off-by: Willy Tarreau <w@1wt.eu>
+---
+ src/hlua_fcn.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/hlua_fcn.c b/src/hlua_fcn.c
+index 58905d7d..fe899a4a 100644
+--- a/src/hlua_fcn.c
++++ b/src/hlua_fcn.c
+@@ -287,7 +287,7 @@ static int hlua_parse_date(lua_State *L, int (*fcn)(const char *, int, struct tm
+        * the timezone from the broken-down time, it must be fixed
+        * after the conversion.
+        */
+-      time = timegm(&tm);
++      time = my_timegm(&tm);
+       if (time == -1) {
+               lua_pushnil(L);
+               return 1;
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0010-DOC-Updated-51Degrees-git-URL-to-point-to-a-stable-v.patch b/net/haproxy/patches/0010-DOC-Updated-51Degrees-git-URL-to-point-to-a-stable-v.patch
new file mode 100644 (file)
index 0000000..2deb9a3
--- /dev/null
@@ -0,0 +1,32 @@
+From e14ec1d816de60b648dd7cb6c55b665f5163156b Mon Sep 17 00:00:00 2001
+From: ben51degrees <ben@51degrees.com>
+Date: Wed, 19 Jul 2017 16:22:04 +0100
+Subject: [PATCH 10/18] DOC: Updated 51Degrees git URL to point to a stable
+ version.
+
+The previously documented location doesn't work anymore and must not be
+used. Warning for backports, different branches are in use depending on
+the version (v3.2.10 for 1.7, v3.2.5 for 1.6).
+(cherry picked from commit ac752ff68cd3ac88a7a27ce17daa5c3f0c839694)
+
+Signed-off-by: Willy Tarreau <w@1wt.eu>
+---
+ doc/51Degrees-device-detection.txt | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/doc/51Degrees-device-detection.txt b/doc/51Degrees-device-detection.txt
+index 1ee912d9..71b2eb76 100644
+--- a/doc/51Degrees-device-detection.txt
++++ b/doc/51Degrees-device-detection.txt
+@@ -14,7 +14,7 @@ headers as configurable parameters.
+ In order to enable 51Degrees download the 51Degrees source code from the
+ official github repository :
+-    git clone https://github.com/51Degrees/Device-Detection
++    git clone https://git.51Degrees.com/Device-Detection.git -b v3.2.10
+ then run 'make' with USE_51DEGREES and 51DEGREES_SRC set. Both 51DEGREES_INC
+ and 51DEGREES_LIB may additionally be used to force specific different paths
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0011-BUG-MINOR-http-Set-the-response-error-state-in-http_.patch b/net/haproxy/patches/0011-BUG-MINOR-http-Set-the-response-error-state-in-http_.patch
new file mode 100644 (file)
index 0000000..435a457
--- /dev/null
@@ -0,0 +1,33 @@
+From 9304b76fb37a36f6249ec963093d74210bd237f6 Mon Sep 17 00:00:00 2001
+From: Christopher Faulet <cfaulet@haproxy.com>
+Date: Tue, 18 Jul 2017 10:35:55 +0200
+Subject: [PATCH 11/18] BUG/MINOR: http: Set the response error state in
+ http_sync_res_state
+
+This is just typo. It may only report a wrong response message state in
+"show errors" on the CLI.
+
+This patch must be backported in 1.7.
+
+(cherry picked from commit a3992e06a6e74142d9784d18d8cb3527fadb64d6)
+Signed-off-by: William Lallemand <wlallemand@haproxy.org>
+---
+ src/proto_http.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/proto_http.c b/src/proto_http.c
+index 94c8d639..796955f5 100644
+--- a/src/proto_http.c
++++ b/src/proto_http.c
+@@ -5530,7 +5530,7 @@ int http_sync_res_state(struct stream *s)
+                       goto http_msg_closed;
+               }
+               else if (chn->flags & CF_SHUTW) {
+-                      txn->req.err_state = txn->req.msg_state;
++                      txn->rsp.err_state = txn->rsp.msg_state;
+                       txn->rsp.msg_state = HTTP_MSG_ERROR;
+                       s->be->be_counters.cli_aborts++;
+                       if (objt_server(s->target))
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0012-MINOR-http-Reorder-rewrite-checks-in-http_resync_sta.patch b/net/haproxy/patches/0012-MINOR-http-Reorder-rewrite-checks-in-http_resync_sta.patch
new file mode 100644 (file)
index 0000000..c26e080
--- /dev/null
@@ -0,0 +1,100 @@
+From a49007a187ab7fddfcec58e1d9fc8a707e4531c9 Mon Sep 17 00:00:00 2001
+From: Christopher Faulet <cfaulet@haproxy.com>
+Date: Tue, 18 Jul 2017 11:18:46 +0200
+Subject: [PATCH 12/18] MINOR: http: Reorder/rewrite checks in
+ http_resync_states
+
+The previous patch removed the forced symmetry of the TUNNEL mode during the
+state synchronization. Here, we take care to remove body analyzer only on the
+channel in TUNNEL mode. In fact, today, this change has no effect because both
+sides are switched in same time. But this way, with some changes, it will be
+possible to keep body analyzer on a side (to finish the states synchronization)
+with the other one in TUNNEL mode.
+
+WARNING: This patch will be used to fix a bug. The fix will be commited in a
+very next commit. So if the fix is backported, this one must be backported too.
+
+(cherry picked from commit f77bb539d4846ab278269b99a3165a5608ca0cf4)
+Signed-off-by: William Lallemand <wlallemand@haproxy.org>
+---
+ src/proto_http.c | 48 +++++++++++++++++++++++++++++-------------------
+ 1 file changed, 29 insertions(+), 19 deletions(-)
+
+diff --git a/src/proto_http.c b/src/proto_http.c
+index 796955f5..aaf9f648 100644
+--- a/src/proto_http.c
++++ b/src/proto_http.c
+@@ -5577,34 +5577,27 @@ int http_resync_states(struct stream *s)
+       /* OK, both state machines agree on a compatible state.
+        * There are a few cases we're interested in :
+-       *  - HTTP_MSG_TUNNEL on either means we have to disable both analysers
+        *  - HTTP_MSG_CLOSED on both sides means we've reached the end in both
+        *    directions, so let's simply disable both analysers.
+-       *  - HTTP_MSG_CLOSED on the response only means we must abort the
+-       *    request.
+-       *  - HTTP_MSG_CLOSED on the request and HTTP_MSG_DONE on the response
+-       *    with server-close mode means we've completed one request and we
+-       *    must re-initialize the server connection.
++       *  - HTTP_MSG_CLOSED on the response only or HTTP_MSG_ERROR on either
++       *    means we must abort the request.
++       *  - HTTP_MSG_TUNNEL on either means we have to disable analyser on
++       *    corresponding channel.
++       *  - HTTP_MSG_DONE or HTTP_MSG_CLOSED on the request and HTTP_MSG_DONE
++       *    on the response with server-close mode means we've completed one
++       *    request and we must re-initialize the server connection.
+        */
+-
+-      if (txn->req.msg_state == HTTP_MSG_TUNNEL ||
+-          txn->rsp.msg_state == HTTP_MSG_TUNNEL ||
+-          (txn->req.msg_state == HTTP_MSG_CLOSED &&
+-           txn->rsp.msg_state == HTTP_MSG_CLOSED)) {
++      if (txn->req.msg_state == HTTP_MSG_CLOSED &&
++          txn->rsp.msg_state == HTTP_MSG_CLOSED) {
+               s->req.analysers &= AN_REQ_FLT_END;
+               channel_auto_close(&s->req);
+               channel_auto_read(&s->req);
+               s->res.analysers &= AN_RES_FLT_END;
+               channel_auto_close(&s->res);
+               channel_auto_read(&s->res);
+-              if (txn->req.msg_state == HTTP_MSG_TUNNEL && HAS_REQ_DATA_FILTERS(s))
+-                      s->req.analysers |= AN_REQ_FLT_XFER_DATA;
+-              if (txn->rsp.msg_state == HTTP_MSG_TUNNEL && HAS_RSP_DATA_FILTERS(s))
+-                      s->res.analysers |= AN_RES_FLT_XFER_DATA;
+-      }
+-      else if ((txn->req.msg_state >= HTTP_MSG_DONE &&
+-                (txn->rsp.msg_state == HTTP_MSG_CLOSED || (s->res.flags & CF_SHUTW))) ||
+-               txn->rsp.msg_state == HTTP_MSG_ERROR ||
++      }
++      else if (txn->rsp.msg_state == HTTP_MSG_CLOSED ||
++               txn->rsp.msg_state == HTTP_MSG_ERROR  ||
+                txn->req.msg_state == HTTP_MSG_ERROR) {
+               s->res.analysers &= AN_RES_FLT_END;
+               channel_auto_close(&s->res);
+@@ -5615,6 +5608,23 @@ int http_resync_states(struct stream *s)
+               channel_auto_read(&s->req);
+               channel_truncate(&s->req);
+       }
++      else if (txn->req.msg_state == HTTP_MSG_TUNNEL ||
++               txn->rsp.msg_state == HTTP_MSG_TUNNEL) {
++              if (txn->req.msg_state == HTTP_MSG_TUNNEL) {
++                      s->req.analysers &= AN_REQ_FLT_END;
++                      if (HAS_REQ_DATA_FILTERS(s))
++                              s->req.analysers |= AN_REQ_FLT_XFER_DATA;
++              }
++              if (txn->rsp.msg_state == HTTP_MSG_TUNNEL) {
++                      s->res.analysers &= AN_RES_FLT_END;
++                      if (HAS_RSP_DATA_FILTERS(s))
++                              s->res.analysers |= AN_RES_FLT_XFER_DATA;
++              }
++              channel_auto_close(&s->req);
++              channel_auto_read(&s->req);
++              channel_auto_close(&s->res);
++              channel_auto_read(&s->res);
++      }
+       else if ((txn->req.msg_state == HTTP_MSG_DONE ||
+                 txn->req.msg_state == HTTP_MSG_CLOSED) &&
+                txn->rsp.msg_state == HTTP_MSG_DONE &&
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0013-MINOR-http-Switch-requests-responses-in-TUNNEL-mode-.patch b/net/haproxy/patches/0013-MINOR-http-Switch-requests-responses-in-TUNNEL-mode-.patch
new file mode 100644 (file)
index 0000000..ea2923d
--- /dev/null
@@ -0,0 +1,153 @@
+From 1430a0c0f62fcff4303706f5baf2b544e00fcda3 Mon Sep 17 00:00:00 2001
+From: Christopher Faulet <cfaulet@haproxy.com>
+Date: Tue, 18 Jul 2017 10:48:24 +0200
+Subject: [PATCH 13/18] MINOR: http: Switch requests/responses in TUNNEL mode
+ only by checking txn flags
+
+Today, the only way to have a request or a response in HTTP_MSG_TUNNEL state is
+to have the flag TX_CON_WANT_TUN set on the transaction. So this is a symmetric
+state. Both the request and the response are switch in same time in this
+state. This can be done only by checking transaction flags instead of relying on
+the other side state. This is the purpose of this patch.
+
+This way, if for any reason we need to switch only one side in TUNNEL mode, it
+will be possible. And to prepare asymmetric cases, we check channel flags in
+DONE _AND_ TUNNEL states.
+
+WARNING: This patch will be used to fix a bug. The fix will be commited in a
+very next commit. So if the fix is backported, this one must be backported too.
+
+(cherry picked from commit 4be9803914ae7156109c915659aad216e4a3c6c1)
+Signed-off-by: William Lallemand <wlallemand@haproxy.org>
+---
+ src/proto_http.c | 65 +++++++++++++++++++-------------------------------------
+ 1 file changed, 22 insertions(+), 43 deletions(-)
+
+diff --git a/src/proto_http.c b/src/proto_http.c
+index aaf9f648..00a92cdb 100644
+--- a/src/proto_http.c
++++ b/src/proto_http.c
+@@ -5294,7 +5294,7 @@ int http_sync_req_state(struct stream *s)
+       unsigned int old_flags = chn->flags;
+       unsigned int old_state = txn->req.msg_state;
+-      if (unlikely(txn->req.msg_state < HTTP_MSG_BODY))
++      if (unlikely(txn->req.msg_state < HTTP_MSG_DONE))
+               return 0;
+       if (txn->req.msg_state == HTTP_MSG_DONE) {
+@@ -5338,13 +5338,6 @@ int http_sync_req_state(struct stream *s)
+                       goto wait_other_side;
+               }
+-              if (txn->rsp.msg_state == HTTP_MSG_TUNNEL) {
+-                      /* if any side switches to tunnel mode, the other one does too */
+-                      channel_auto_read(chn);
+-                      txn->req.msg_state = HTTP_MSG_TUNNEL;
+-                      goto wait_other_side;
+-              }
+-
+               /* When we get here, it means that both the request and the
+                * response have finished receiving. Depending on the connection
+                * mode, we'll have to wait for the last bytes to leave in either
+@@ -5377,20 +5370,7 @@ int http_sync_req_state(struct stream *s)
+                       }
+               }
+-              if (chn->flags & (CF_SHUTW|CF_SHUTW_NOW)) {
+-                      /* if we've just closed an output, let's switch */
+-                      s->si[1].flags |= SI_FL_NOLINGER;  /* we want to close ASAP */
+-
+-                      if (!channel_is_empty(chn)) {
+-                              txn->req.msg_state = HTTP_MSG_CLOSING;
+-                              goto http_msg_closing;
+-                      }
+-                      else {
+-                              txn->req.msg_state = HTTP_MSG_CLOSED;
+-                              goto http_msg_closed;
+-                      }
+-              }
+-              goto wait_other_side;
++              goto check_channel_flags;
+       }
+       if (txn->req.msg_state == HTTP_MSG_CLOSING) {
+@@ -5419,6 +5399,16 @@ int http_sync_req_state(struct stream *s)
+               goto wait_other_side;
+       }
++ check_channel_flags:
++      /* Here, we are in HTTP_MSG_DONE or HTTP_MSG_TUNNEL */
++      if (chn->flags & (CF_SHUTW|CF_SHUTW_NOW)) {
++              /* if we've just closed an output, let's switch */
++              s->si[1].flags |= SI_FL_NOLINGER;  /* we want to close ASAP */
++              txn->req.msg_state = HTTP_MSG_CLOSING;
++              goto http_msg_closing;
++      }
++
++
+  wait_other_side:
+       return txn->req.msg_state != old_state || chn->flags != old_flags;
+ }
+@@ -5438,7 +5428,7 @@ int http_sync_res_state(struct stream *s)
+       unsigned int old_flags = chn->flags;
+       unsigned int old_state = txn->rsp.msg_state;
+-      if (unlikely(txn->rsp.msg_state < HTTP_MSG_BODY))
++      if (unlikely(txn->rsp.msg_state < HTTP_MSG_DONE))
+               return 0;
+       if (txn->rsp.msg_state == HTTP_MSG_DONE) {
+@@ -5461,14 +5451,6 @@ int http_sync_res_state(struct stream *s)
+                       goto wait_other_side;
+               }
+-              if (txn->req.msg_state == HTTP_MSG_TUNNEL) {
+-                      /* if any side switches to tunnel mode, the other one does too */
+-                      channel_auto_read(chn);
+-                      txn->rsp.msg_state = HTTP_MSG_TUNNEL;
+-                      chn->flags |= CF_NEVER_WAIT;
+-                      goto wait_other_side;
+-              }
+-
+               /* When we get here, it means that both the request and the
+                * response have finished receiving. Depending on the connection
+                * mode, we'll have to wait for the last bytes to leave in either
+@@ -5506,18 +5488,7 @@ int http_sync_res_state(struct stream *s)
+                               txn->rsp.msg_state = HTTP_MSG_TUNNEL;
+               }
+-              if (chn->flags & (CF_SHUTW|CF_SHUTW_NOW)) {
+-                      /* if we've just closed an output, let's switch */
+-                      if (!channel_is_empty(chn)) {
+-                              txn->rsp.msg_state = HTTP_MSG_CLOSING;
+-                              goto http_msg_closing;
+-                      }
+-                      else {
+-                              txn->rsp.msg_state = HTTP_MSG_CLOSED;
+-                              goto http_msg_closed;
+-                      }
+-              }
+-              goto wait_other_side;
++              goto check_channel_flags;
+       }
+       if (txn->rsp.msg_state == HTTP_MSG_CLOSING) {
+@@ -5548,6 +5519,14 @@ int http_sync_res_state(struct stream *s)
+               goto wait_other_side;
+       }
++ check_channel_flags:
++      /* Here, we are in HTTP_MSG_DONE or HTTP_MSG_TUNNEL */
++      if (chn->flags & (CF_SHUTW|CF_SHUTW_NOW)) {
++              /* if we've just closed an output, let's switch */
++              txn->rsp.msg_state = HTTP_MSG_CLOSING;
++              goto http_msg_closing;
++      }
++
+  wait_other_side:
+       /* We force the response to leave immediately if we're waiting for the
+        * other side, since there is no pending shutdown to push it out.
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0014-BUG-MEDIUM-http-Switch-HTTP-responses-in-TUNNEL-mode.patch b/net/haproxy/patches/0014-BUG-MEDIUM-http-Switch-HTTP-responses-in-TUNNEL-mode.patch
new file mode 100644 (file)
index 0000000..aca24c1
--- /dev/null
@@ -0,0 +1,118 @@
+From f82344c1cf20afcf77e8c3df8f9d341d659da93b Mon Sep 17 00:00:00 2001
+From: Christopher Faulet <cfaulet@haproxy.com>
+Date: Tue, 18 Jul 2017 11:42:08 +0200
+Subject: [PATCH 14/18] BUG/MEDIUM: http: Switch HTTP responses in TUNNEL mode
+ when body length is undefined
+
+When the body length of a HTTP response is undefined, the HTTP parser is blocked
+in the body parsing. Before HAProxy 1.7, in this case, because
+AN_RES_HTTP_XFER_BODY is never set, there is no visible effect. When the server
+closes its connection to terminate the response, HAProxy catches it as a normal
+closure. Since 1.7, we always set this analyzer to enter at least once in
+http_response_forward_body. But, in the present case, when the server connection
+is closed, http_response_forward_body is called one time too many. The response
+is correctly sent to the client, but an error is catched and logged with "SD--"
+flags.
+
+To reproduce the bug, you can use the configuration "tests/test-fsm.cfg". The
+tests 3 and 21 hit the bug.
+
+Idea to fix the bug is to switch the response in TUNNEL mode without switching
+the request. This is possible because of previous patches.
+
+First, we need to detect responses with undefined body length during states
+synchronization. Excluding tunnelled transactions, when the response length is
+undefined, TX_CON_WANT_CLO is always set on the transaction. So, when states are
+synchronized, if TX_CON_WANT_CLO is set, the response is switched in TUNNEL mode
+and the request remains unchanged.
+
+Then, in http_msg_forward_body, we add a specific check to switch the response
+in DONE mode if the body length is undefined and if there is no data filter.
+
+This patch depends on following previous commits:
+
+  * MINOR: http: Switch requests/responses in TUNNEL mode only by checking txn flags
+  * MINOR: http: Reorder/rewrite checks in http_resync_states
+
+This patch must be backported in 1.7 with 2 previous ones.
+
+(cherry picked from commit 1486b0ab6de744e14ae684af105951345534f9ec)
+Signed-off-by: William Lallemand <wlallemand@haproxy.org>
+---
+ src/proto_http.c | 37 +++++++++++++++++++++++++------------
+ 1 file changed, 25 insertions(+), 12 deletions(-)
+
+diff --git a/src/proto_http.c b/src/proto_http.c
+index 00a92cdb..e776e4d5 100644
+--- a/src/proto_http.c
++++ b/src/proto_http.c
+@@ -5354,7 +5354,16 @@ int http_sync_req_state(struct stream *s)
+                        * let's enforce it now that we're not expecting any new
+                        * data to come. The caller knows the stream is complete
+                        * once both states are CLOSED.
++                       *
++                       *  However, there is an exception if the response
++                       *  length is undefined. In this case, we need to wait
++                       *  the close from the server. The response will be
++                       *  switched in TUNNEL mode until the end.
+                        */
++                      if (!(txn->rsp.flags & HTTP_MSGF_XFER_LEN) &&
++                          txn->rsp.msg_state != HTTP_MSG_CLOSED)
++                              goto check_channel_flags;
++
+                       if (!(chn->flags & (CF_SHUTW|CF_SHUTW_NOW))) {
+                               channel_shutr_now(chn);
+                               channel_shutw_now(chn);
+@@ -5471,8 +5480,16 @@ int http_sync_res_state(struct stream *s)
+                        * let's enforce it now that we're not expecting any new
+                        * data to come. The caller knows the stream is complete
+                        * once both states are CLOSED.
++                       *
++                       * However, there is an exception if the response length
++                       * is undefined. In this case, we switch in TUNNEL mode.
+                        */
+-                      if (!(chn->flags & (CF_SHUTW|CF_SHUTW_NOW))) {
++                      if (!(txn->rsp.flags & HTTP_MSGF_XFER_LEN)) {
++                              channel_auto_read(chn);
++                              txn->rsp.msg_state = HTTP_MSG_TUNNEL;
++                              chn->flags |= CF_NEVER_WAIT;
++                      }
++                      else if (!(chn->flags & (CF_SHUTW|CF_SHUTW_NOW))) {
+                               channel_shutr_now(chn);
+                               channel_shutw_now(chn);
+                       }
+@@ -6952,14 +6969,6 @@ int http_response_forward_body(struct stream *s, struct channel *res, int an_bit
+       if ((msg->flags & HTTP_MSGF_TE_CHNK) || (msg->flags & HTTP_MSGF_COMPRESSING))
+               res->flags |= CF_EXPECT_MORE;
+-      /* If there is neither content-length, nor transfer-encoding header
+-       * _AND_ there is no data filtering, we can safely forward all data
+-       * indefinitely. */
+-      if (!(msg->flags & HTTP_MSGF_XFER_LEN) && !HAS_DATA_FILTERS(s, res)) {
+-              buffer_flush(res->buf);
+-              channel_forward_forever(res);
+-      }
+-
+       /* the stream handler will take care of timeouts and errors */
+       return 0;
+@@ -7036,9 +7045,13 @@ http_msg_forward_body(struct stream *s, struct http_msg *msg)
+               goto missing_data_or_waiting;
+       }
+-      /* The server still sending data that should be filtered */
+-      if (!(msg->flags & HTTP_MSGF_XFER_LEN) && !(chn->flags & CF_SHUTR))
+-              goto missing_data_or_waiting;
++      /* This check can only be true for a response. HTTP_MSGF_XFER_LEN is
++       * always set for a request. */
++      if (!(msg->flags & HTTP_MSGF_XFER_LEN)) {
++              /* The server still sending data that should be filtered */
++              if (!(chn->flags & CF_SHUTR) && HAS_DATA_FILTERS(s, chn))
++                      goto missing_data_or_waiting;
++      }
+       msg->msg_state = HTTP_MSG_ENDING;
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0015-BUG-MAJOR-http-Fix-possible-infinity-loop-in-http_sy.patch b/net/haproxy/patches/0015-BUG-MAJOR-http-Fix-possible-infinity-loop-in-http_sy.patch
new file mode 100644 (file)
index 0000000..1552dfc
--- /dev/null
@@ -0,0 +1,43 @@
+From af9b52e92be8ca6a07f9156dcb0b08dd2ad8db75 Mon Sep 17 00:00:00 2001
+From: Christopher Faulet <cfaulet@haproxy.com>
+Date: Thu, 20 Jul 2017 11:05:10 +0200
+Subject: [PATCH 15/18] BUG/MAJOR: http: Fix possible infinity loop in
+ http_sync_(req|res)_state
+
+In commit "MINOR: http: Switch requests/responses in TUNNEL mode only by
+checking txn flags", it is possible to have an infinite loop on HTTP_MSG_CLOSING
+state.
+
+(cherry picked from commit 56d260916f61e48c8b2f1fd2f9431afac776d160)
+Signed-off-by: William Lallemand <wlallemand@haproxy.org>
+---
+ src/proto_http.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/proto_http.c b/src/proto_http.c
+index e776e4d5..4a030013 100644
+--- a/src/proto_http.c
++++ b/src/proto_http.c
+@@ -5394,8 +5394,8 @@ int http_sync_req_state(struct stream *s)
+               else if (chn->flags & CF_SHUTW) {
+                       txn->req.err_state = txn->req.msg_state;
+                       txn->req.msg_state = HTTP_MSG_ERROR;
+-                      goto wait_other_side;
+               }
++              goto wait_other_side;
+       }
+       if (txn->req.msg_state == HTTP_MSG_CLOSED) {
+@@ -5523,8 +5523,8 @@ int http_sync_res_state(struct stream *s)
+                       s->be->be_counters.cli_aborts++;
+                       if (objt_server(s->target))
+                               objt_server(s->target)->counters.cli_aborts++;
+-                      goto wait_other_side;
+               }
++              goto wait_other_side;
+       }
+       if (txn->rsp.msg_state == HTTP_MSG_CLOSED) {
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0016-BUG-MINOR-lua-Fix-Server.get_addr-port-values.patch b/net/haproxy/patches/0016-BUG-MINOR-lua-Fix-Server.get_addr-port-values.patch
new file mode 100644 (file)
index 0000000..0e1d9ab
--- /dev/null
@@ -0,0 +1,45 @@
+From c00347899e9f0c3420f98c53eab1469644e28e06 Mon Sep 17 00:00:00 2001
+From: Nenad Merdanovic <nmerdan@haproxy.com>
+Date: Sun, 23 Jul 2017 22:04:58 -0400
+Subject: [PATCH 16/18] BUG/MINOR: lua: Fix Server.get_addr() port values
+
+The get_addr() method of the Lua Server class was using the
+'sockaddr_storage addr' member to get the port value. HAProxy does not
+store ports in this member as it uses a separate member, called
+'svc_port'.
+
+This fix should be backported to 1.7.
+
+(cherry picked from commit 3849473828f319829aff422d2fbbce0823e65d64)
+Signed-off-by: William Lallemand <wlallemand@haproxy.org>
+---
+ src/hlua_fcn.c | 6 ++----
+ 1 file changed, 2 insertions(+), 4 deletions(-)
+
+diff --git a/src/hlua_fcn.c b/src/hlua_fcn.c
+index fe899a4a..0752220e 100644
+--- a/src/hlua_fcn.c
++++ b/src/hlua_fcn.c
+@@ -545,8 +545,7 @@ int hlua_server_get_addr(lua_State *L)
+                         addr, INET_ADDRSTRLEN);
+               luaL_addstring(&b, addr);
+               luaL_addstring(&b, ":");
+-              snprintf(addr, INET_ADDRSTRLEN, "%d",
+-                       ntohs(((struct sockaddr_in *)&srv->addr)->sin_port));
++              snprintf(addr, INET_ADDRSTRLEN, "%d", srv->svc_port);
+               luaL_addstring(&b, addr);
+               break;
+       case AF_INET6:
+@@ -554,8 +553,7 @@ int hlua_server_get_addr(lua_State *L)
+                         addr, INET_ADDRSTRLEN);
+               luaL_addstring(&b, addr);
+               luaL_addstring(&b, ":");
+-              snprintf(addr, INET_ADDRSTRLEN, "%d",
+-                       ntohs(((struct sockaddr_in6 *)&srv->addr)->sin6_port));
++              snprintf(addr, INET_ADDRSTRLEN, "%d", srv->svc_port);
+               luaL_addstring(&b, addr);
+               break;
+       case AF_UNIX:
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0017-BUG-MINOR-lua-Correctly-use-INET6_ADDRSTRLEN-in-Serv.patch b/net/haproxy/patches/0017-BUG-MINOR-lua-Correctly-use-INET6_ADDRSTRLEN-in-Serv.patch
new file mode 100644 (file)
index 0000000..408b42d
--- /dev/null
@@ -0,0 +1,34 @@
+From e79fe9bc0ae363e91555f1ba64889e2ddf475b8e Mon Sep 17 00:00:00 2001
+From: Nenad Merdanovic <nmerdan@haproxy.com>
+Date: Sun, 23 Jul 2017 22:04:59 -0400
+Subject: [PATCH 17/18] BUG/MINOR: lua: Correctly use INET6_ADDRSTRLEN in
+ Server.get_addr()
+
+The get_addr() method of the Lua Server class incorrectly used
+INET_ADDRSTRLEN for IPv6 addresses resulting in failing to convert
+longer IPv6 addresses to strings.
+
+This fix should be backported to 1.7.
+
+(cherry picked from commit a9f040453acc09e888c3f2dc983f15dcf3fa66e3)
+Signed-off-by: William Lallemand <wlallemand@haproxy.org>
+---
+ src/hlua_fcn.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/hlua_fcn.c b/src/hlua_fcn.c
+index 0752220e..f8b9b5ec 100644
+--- a/src/hlua_fcn.c
++++ b/src/hlua_fcn.c
+@@ -550,7 +550,7 @@ int hlua_server_get_addr(lua_State *L)
+               break;
+       case AF_INET6:
+               inet_ntop(AF_INET6, &((struct sockaddr_in6 *)&srv->addr)->sin6_addr,
+-                        addr, INET_ADDRSTRLEN);
++                        addr, INET6_ADDRSTRLEN);
+               luaL_addstring(&b, addr);
+               luaL_addstring(&b, ":");
+               snprintf(addr, INET_ADDRSTRLEN, "%d", srv->svc_port);
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0018-BUG-MINOR-lua-always-detach-the-tcp-http-tasks-befor.patch b/net/haproxy/patches/0018-BUG-MINOR-lua-always-detach-the-tcp-http-tasks-befor.patch
new file mode 100644 (file)
index 0000000..c1f2310
--- /dev/null
@@ -0,0 +1,45 @@
+From dd18f945c26fc30872a52c66b06b5a0a86b10060 Mon Sep 17 00:00:00 2001
+From: Willy Tarreau <w@1wt.eu>
+Date: Mon, 24 Jul 2017 17:35:27 +0200
+Subject: [PATCH 18/18] BUG/MINOR: lua: always detach the tcp/http tasks before
+ freeing them
+
+In hlua_{http,tcp}_applet_release(), a call to task_free() is performed
+to release the task, but no task_delete() is made on these tasks. Till
+now it wasn't much of a problem because this was normally not done with
+the task in the run queue, and the task was never put into the wait queue
+since it doesn't have any timer. But with threading it will become an
+issue. And not having this already prevents another bug from being fixed.
+
+Thanks to Christopher for spotting this one. A backport to 1.7 and 1.6 is
+preferred for safety.
+
+(cherry picked from commit bd7fc95edbce821f1d7b745a7b75deef4d6b1e27)
+Signed-off-by: William Lallemand <wlallemand@haproxy.org>
+---
+ src/hlua.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/hlua.c b/src/hlua.c
+index a998860e..67b9458c 100644
+--- a/src/hlua.c
++++ b/src/hlua.c
+@@ -5948,6 +5948,7 @@ error:
+ static void hlua_applet_tcp_release(struct appctx *ctx)
+ {
++      task_delete(ctx->ctx.hlua_apptcp.task);
+       task_free(ctx->ctx.hlua_apptcp.task);
+       ctx->ctx.hlua_apptcp.task = NULL;
+       hlua_ctx_destroy(&ctx->ctx.hlua_apptcp.hlua);
+@@ -6226,6 +6227,7 @@ error:
+ static void hlua_applet_http_release(struct appctx *ctx)
+ {
++      task_delete(ctx->ctx.hlua_apphttp.task);
+       task_free(ctx->ctx.hlua_apphttp.task);
+       ctx->ctx.hlua_apphttp.task = NULL;
+       hlua_ctx_destroy(&ctx->ctx.hlua_apphttp.hlua);
+-- 
+2.13.0
+
diff --git a/net/horst/Makefile b/net/horst/Makefile
new file mode 100644 (file)
index 0000000..1eb7409
--- /dev/null
@@ -0,0 +1,51 @@
+#
+# Copyright (C) 2006-2016 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=horst
+PKG_VERSION:=5.0
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-git.tar.gz
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE_URL:=git://github.com/br101/horst.git
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_VERSION:=version-$(PKG_VERSION)
+
+PKG_MAINTAINER:=Bruno Randolf <br1@einfach.org>
+PKG_LICENSE:=GPL-2.0+
+PKG_LICENSE_FILES:=LICENSE
+
+PKG_BUILD_PARALLEL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+MAKE_FLAGS += DEBUG=1 LIBNL=tiny
+
+define Package/horst
+       SECTION:=net
+       CATEGORY:=Network
+       SUBMENU:=wireless
+       DEPENDS:=+libncurses +libnl-tiny
+       MAINTAINER:=Bruno Randolf <br1@einfach.org>
+       TITLE:=Highly Optimized 802.11 Radio Scanning Tool
+       URL:=http://br1.einfach.org/tech/horst/
+endef
+
+define Package/horst/description
+       [horst] is a scanning and analysis tool for 802.11 wireless networks
+       and especially IBSS (ad-hoc) mode and mesh networks (OLSR).
+endef
+
+define Package/horst/install
+       $(INSTALL_DIR) $(1)/usr/sbin
+       $(INSTALL_BIN) $(PKG_BUILD_DIR)/horst $(1)/usr/sbin/
+       $(INSTALL_BIN) $(PKG_BUILD_DIR)/horst.sh $(1)/usr/sbin/
+endef
+
+$(eval $(call BuildPackage,horst))
index 42e154ce705a3293c8f485ec6385faf2d6bfd8cc..daecceba75844dc59bbe79887815377ab685a866 100644 (file)
@@ -1,14 +1,15 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=https_dns_proxy
-PKG_VERSION:=2017-01-07
-PKG_RELEASE=2
+PKG_VERSION:=2018-01-24
+PKG_RELEASE=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
+PKG_MIRROR_HASH:=0eef98106c584b986117f33458e8d1e2447a8b6eb12a2e3bfc5df06d45114144
 PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
 PKG_SOURCE_URL:=https://github.com/aarond10/https_dns_proxy/
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=c62ce3f6807a4067230a8bc5ea5a829f532de785
+PKG_SOURCE_VERSION:=f08b51d7c07c0156794e2c23d7a4d1a5344b2e07
 PKG_MAINTAINER:=Aaron Drew <aarond10@gmail.com>
 PKG_LICENSE:=MIT
 
@@ -19,7 +20,7 @@ define Package/https_dns_proxy
   SECTION:=net
   CATEGORY:=Network
   TITLE:=DNS over HTTPS proxy server
-  DEPENDS:=+libcares +libcurl +libev
+  DEPENDS:=+libcares +libcurl +libev +ca-bundle
 endef
 
 define Package/https_dns_proxy/install
index aa0e1b97703f61e91f2bfdb4cba6b00d1ad39ebb..0a6d69156869d13cc06627dad0e711f569cf8e3f 100644 (file)
@@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=jool
 PKG_VERSION:=2016.12.17
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_LICENSE:=GPL-3.0
 PKG_LICENSE_FILES:=COPYING
@@ -19,7 +19,7 @@ PKG_SOURCE_VERSION:=66a791c90751d7941b08c142babe1deec73d0996
 PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_SOURCE_VERSION)
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.xz
 
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_SOURCE_SUBDIR)
+PKG_BUILD_DIR=$(KERNEL_BUILD_DIR)/$(PKG_SOURCE_SUBDIR)
 PKG_BUILD_PARALLEL:=1
 PKG_BUILD_DEPENDS:=USE_UCLIBC:argp-standalone USE_MUSL:argp-standalone
 
diff --git a/net/luci-app-cjdns/Makefile b/net/luci-app-cjdns/Makefile
deleted file mode 100644 (file)
index 793b4ec..0000000
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# Copyright (C) 2014,2015 Hyperboria.net
-#
-# You may redistribute this program and/or modify it under the terms of
-# the GNU General Public License as published by the Free Software Foundation,
-# either version 3 of the License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=luci-app-cjdns
-PKG_VERSION:=1.3
-PKG_RELEASE:=5
-
-PKG_LICENSE:=GPL-3.0
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/luci-app-cjdns
-       SECTION:=luci
-       CATEGORY:=LuCI
-       SUBMENU:=3. Applications
-       TITLE:=Encrypted near-zero-conf mesh routing protocol
-       URL:=https://github.com/hyperboria/cjdns
-       MAINTAINER:=Lars Gierth <larsg@systemli.org>
-       DEPENDS:=+cjdns +luci-base
-endef
-
-define Package/luci-app-cjdns/description
-       This package allows you to configure and inspect cjdns networking using LuCI.
-
-       Cjdns implements an encrypted IPv6 network using public-key cryptography
-       for address allocation and a distributed hash table for routing.
-       This provides near-zero-configuration networking, and prevents many
-       of the security and scalability issues that plague existing networks.
-endef
-
-define Build/Compile
-endef
-
-define Package/luci-app-cjdns/install
-       $(INSTALL_DIR) $(1)/usr/lib/lua/luci
-       $(CP) ./luasrc/* $(1)/usr/lib/lua/luci
-endef
-
-$(eval $(call BuildPackage,luci-app-cjdns))
diff --git a/net/luci-app-cjdns/luasrc/controller/cjdns.lua b/net/luci-app-cjdns/luasrc/controller/cjdns.lua
deleted file mode 100644 (file)
index 63644cb..0000000
+++ /dev/null
@@ -1,105 +0,0 @@
-module("luci.controller.cjdns", package.seeall)
-
-cjdns  = require "cjdns/init"
-dkjson = require "dkjson"
-
-function index()
-       if not nixio.fs.access("/etc/config/cjdns") then
-               return
-       end
-
-       entry({"admin", "services", "cjdns"},
-               cbi("cjdns/overview"), _("cjdns")).dependent = true
-
-       entry({"admin", "services", "cjdns", "overview"},
-               cbi("cjdns/overview"), _("Overview"), 1).leaf = false
-
-       entry({"admin", "services", "cjdns", "peering"},
-               cbi("cjdns/peering"), _("Peers"), 2).leaf = false
-
-       entry({"admin", "services", "cjdns", "iptunnel"},
-               cbi("cjdns/iptunnel"), _("IP Tunnel"), 3).leaf = false
-
-       entry({"admin", "services", "cjdns", "settings"},
-               cbi("cjdns/settings"), _("Settings"), 4).leaf = false
-
-       entry({"admin", "services", "cjdns", "cjdrouteconf"},
-               cbi("cjdns/cjdrouteconf"), _("cjdroute.conf"), 5).leaf = false
-
-       entry({"admin", "services", "cjdns", "peers"}, call("act_peers")).leaf = true
-       entry({"admin", "services", "cjdns", "ping"}, call("act_ping")).leaf = true
-end
-
-function act_peers()
-       require("cjdns/uci")
-       admin = cjdns.uci.makeInterface()
-
-       local page = 0
-       local peers = {}
-
-       while page do
-               local response, err = admin:auth({
-                       q = "InterfaceController_peerStats",
-                       page = page
-               })
-
-               if err or response.error then
-                       luci.http.status(502, "Bad Gateway")
-                       luci.http.prepare_content("application/json")
-                       luci.http.write_json({ err = err, response = response })
-                       return
-               end
-
-               for i,peer in pairs(response.peers) do
-                       peer.ipv6 = publictoip6(peer.publicKey)
-                       if peer.user == nil then
-                               peer.user = ''
-                               uci.cursor():foreach("cjdns", "udp_peer", function(udp_peer)
-                                       if peer.publicKey == udp_peer.public_key then
-                                               peer.user = udp_peer.user
-                                       end
-                               end)
-                       end
-                       peers[#peers + 1] = peer
-               end
-
-               if response.more then
-                       page = page + 1
-               else
-                       page = nil
-               end
-       end
-
-       luci.http.status(200, "OK")
-       luci.http.prepare_content("application/json")
-       luci.http.write_json(peers)
-end
-
-function act_ping()
-       require("cjdns/uci")
-       admin = cjdns.uci.makeInterface()
-
-       local response, err = admin:auth({
-               q = "SwitchPinger_ping",
-               path = luci.http.formvalue("label"),
-               timeout = tonumber(luci.http.formvalue("timeout"))
-       })
-
-       if err or response.error then
-               luci.http.status(502, "Bad Gateway")
-               luci.http.prepare_content("application/json")
-               luci.http.write_json({ err = err, response = response })
-               return
-       end
-
-       luci.http.status(200, "OK")
-       luci.http.prepare_content("application/json")
-       luci.http.write_json(response)
-end
-
-function publictoip6(publicKey)
-       local process = io.popen("/usr/bin/publictoip6 " .. publicKey, "r")
-       local ipv6    = process:read()
-       process:close()
-       return ipv6
-end
diff --git a/net/luci-app-cjdns/luasrc/model/cbi/cjdns/cjdrouteconf.lua b/net/luci-app-cjdns/luasrc/model/cbi/cjdns/cjdrouteconf.lua
deleted file mode 100644 (file)
index 00e9ae0..0000000
+++ /dev/null
@@ -1,32 +0,0 @@
-m = Map("cjdns", translate("cjdns"),
-  translate("Implements an encrypted IPv6 network using public-key \
-    cryptography for address allocation and a distributed hash table for \
-    routing. This provides near-zero-configuration networking, and prevents \
-    many of the security and scalability issues that plague existing \
-    networks."))
-
-dkjson = require("dkjson")
-cjdns = require("cjdns")
-require("cjdns/uci")
-
-local f = SimpleForm("cjdrouteconf", translate("Edit cjdroute.conf"),
-       translate("JSON interface to what's /etc/cjdroute.conf on other systems. \
-    Will be parsed and written to UCI by <code>cjdrouteconf set</code>."))
-
-local o = f:field(Value, "_cjdrouteconf")
-o.template = "cbi/tvalue"
-o.rows = 25
-
-function o.cfgvalue(self, section)
-       return dkjson.encode(cjdns.uci.get(), { indent = true })
-end
-
-function o.write(self, section, value)
-  local obj, pos, err = dkjson.decode(value, 1, nil)
-
-  if obj then
-    cjdns.uci.set(obj)
-  end
-end
-
-return f
diff --git a/net/luci-app-cjdns/luasrc/model/cbi/cjdns/iptunnel.lua b/net/luci-app-cjdns/luasrc/model/cbi/cjdns/iptunnel.lua
deleted file mode 100644 (file)
index 02b37dd..0000000
+++ /dev/null
@@ -1,46 +0,0 @@
-uci = require "luci.model.uci"
-cursor = uci:cursor_state()
-
-m = Map("cjdns", translate("cjdns"),
-  translate("Implements an encrypted IPv6 network using public-key \
-    cryptography for address allocation and a distributed hash table for \
-    routing. This provides near-zero-configuration networking, and prevents \
-    many of the security and scalability issues that plague existing \
-    networks."))
-
-m.on_after_commit = function(self)
-  os.execute("/etc/init.d/cjdns restart")
-end
-
--- Outgoing
-outgoing = m:section(TypedSection, "iptunnel_outgoing", translate("Outgoing IP Tunnel Connections"),
-  translate("Enter the public keys of the nodes that will provide Internet access."))
-outgoing.anonymous = true
-outgoing.addremove = true
-outgoing.template  = "cbi/tblsection"
-
-outgoing:option(Value, "public_key", translate("Public Key")).size = 55
-
--- Allowed
-allowed = m:section(TypedSection, "iptunnel_allowed", translate("Allowed IP Tunnel Connections"),
-  translate("Enter the public key of the node you will provide Internet access to, along with the \
-             IPv4 and/or IPv6 address you will assign them."))
-allowed.anonymous = true
-allowed.addremove = true
-
-public_key = allowed:option(Value, "public_key", translate("Public Key"))
-public_key.template = "cjdns/value"
-public_key.size = 55
-
-ipv4 = allowed:option(Value, "ipv4", translate("IPv4"))
-ipv4.template = "cjdns/value"
-ipv4.datatype = 'ipaddr'
-ipv4.size = 55
-
-ipv6 = allowed:option(Value, "ipv6", translate("IPv6"),
-  translate("IPv6 addresses should be entered <em>without</em> brackets here, e.g. <code>2001:123:ab::10</code>."))
-ipv6.template = "cjdns/value"
-ipv6.datatype = 'ip6addr'
-ipv6.size = 55
-
-return m
diff --git a/net/luci-app-cjdns/luasrc/model/cbi/cjdns/overview.lua b/net/luci-app-cjdns/luasrc/model/cbi/cjdns/overview.lua
deleted file mode 100644 (file)
index efa3a03..0000000
+++ /dev/null
@@ -1,10 +0,0 @@
-m = Map("cjdns", translate("cjdns"),
-  translate("Implements an encrypted IPv6 network using public-key \
-    cryptography for address allocation and a distributed hash table for \
-    routing. This provides near-zero-configuration networking, and prevents \
-    many of the security and scalability issues that plague existing \
-    networks."))
-
-m:section(SimpleSection).template  = "cjdns/status"
-
-return m
diff --git a/net/luci-app-cjdns/luasrc/model/cbi/cjdns/peering.lua b/net/luci-app-cjdns/luasrc/model/cbi/cjdns/peering.lua
deleted file mode 100644 (file)
index 2b1fc1b..0000000
+++ /dev/null
@@ -1,73 +0,0 @@
-uci = require "luci.model.uci"
-cursor = uci:cursor_state()
-
-cjdns = require("cjdns")
-require("cjdns/uci")
-
-m = Map("cjdns", translate("cjdns"),
-  translate("Implements an encrypted IPv6 network using public-key \
-    cryptography for address allocation and a distributed hash table for \
-    routing. This provides near-zero-configuration networking, and prevents \
-    many of the security and scalability issues that plague existing \
-    networks."))
-
-m.on_after_commit = function(self)
-  os.execute("/etc/init.d/cjdns restart")
-end
-
--- Authorized Passwords
-passwords = m:section(TypedSection, "password", translate("Authorized Passwords"),
-  translate("Anyone offering one of the these passwords will be allowed to peer with you on the existing UDP and Ethernet interfaces."))
-passwords.anonymous = true
-passwords.addremove = true
-passwords.template  = "cbi/tblsection"
-
-passwords:option(Value, "user", translate("User/Name"),
-  translate("Must be unique.")
-).default = "user-" .. cjdns.uci.random_string(6)
-passwords:option(Value, "contact", translate("Contact"), translate("Optional, for out-of-band communication."))
-passwords:option(Value, "password", translate("Password"),
-  translate("Hand out to your peer, in accordance with the peering best practices of the network.")
-).default = cjdns.uci.random_string(32)
-
--- UDP Peers
-udp_peers = m:section(TypedSection, "udp_peer", translate("Outgoing UDP Peers"),
-  translate("For peering via public IP networks, the peer handed you their Public Key and IP address/port along with a password. IPv6 addresses should be entered with square brackets, like so: <code>[2001::1]</code>."))
-udp_peers.anonymous = true
-udp_peers.addremove = true
-udp_peers.template  = "cbi/tblsection"
-udp_peers:option(Value, "user", translate("User/Name")).datatype = "string"
-
-udp_interface = udp_peers:option(Value, "interface", translate("UDP interface"))
-local index = 1
-for i,section in pairs(cursor:get_all("cjdns")) do
-  if section[".type"] == "udp_interface" then
-    udp_interface:value(index, section.address .. ":" .. section.port)
-  end
-end
-udp_interface.default = 1
-udp_peers:option(Value, "address", translate("IP address"))
-udp_peers:option(Value, "port", translate("Port")).datatype = "portrange"
-udp_peers:option(Value, "public_key", translate("Public key"))
-udp_peers:option(Value, "password", translate("Password"))
-
--- Ethernet Peers
-eth_peers = m:section(TypedSection, "eth_peer", translate("Outgoing Ethernet Peers"),
-  translate("For peering via local Ethernet networks, the peer handed you their Public Key and MAC address along with a password."))
-eth_peers.anonymous = true
-eth_peers.addremove = true
-eth_peers.template  = "cbi/tblsection"
-
-eth_interface = eth_peers:option(Value, "interface", translate("Ethernet interface"))
-local index = 1
-for i,section in pairs(cursor:get_all("cjdns")) do
-  if section[".type"] == "eth_interface" then
-    eth_interface:value(index, section.bind)
-  end
-end
-eth_interface.default = 1
-eth_peers:option(Value, "address", translate("MAC address")).datatype = "macaddr"
-eth_peers:option(Value, "public_key", translate("Public key"))
-eth_peers:option(Value, "password", translate("Password"))
-
-return m
diff --git a/net/luci-app-cjdns/luasrc/model/cbi/cjdns/settings.lua b/net/luci-app-cjdns/luasrc/model/cbi/cjdns/settings.lua
deleted file mode 100644 (file)
index d188915..0000000
+++ /dev/null
@@ -1,67 +0,0 @@
-m = Map("cjdns", translate("cjdns"),
-  translate("Implements an encrypted IPv6 network using public-key \
-    cryptography for address allocation and a distributed hash table for \
-    routing. This provides near-zero-configuration networking, and prevents \
-    many of the security and scalability issues that plague existing \
-    networks."))
-
-m.on_after_commit = function(self)
-  os.execute("/etc/init.d/cjdns restart")
-end
-
-s = m:section(NamedSection, "cjdns", nil, translate("Settings"))
-s.addremove = false
-
--- Identity
-s:tab("identity", translate("Identity"))
-node6 = s:taboption("identity", Value, "ipv6", translate("IPv6 address"),
-      translate("This node's IPv6 address within the cjdns network."))
-node6.datatype = "ip6addr"
-pbkey = s:taboption("identity", Value, "public_key", translate("Public key"),
-      translate("Used for packet encryption and authentication."))
-pbkey.datatype = "string"
-prkey = s:taboption("identity", Value, "private_key", translate("Private key"),
-      translate("Keep this private. When compromised, generate a new keypair and IPv6."))
-prkey.datatype = "string"
-
--- Admin Interface
-s:tab("admin", translate("Admin API"), translate("The Admin API can be used by other applications or services to configure and inspect cjdns' routing and peering.<br/><br/>Documentation: <a href=\"https://github.com/cjdelisle/cjdns/tree/master/admin#cjdns-admin-api\">admin/README.md</a>"))
-aip = s:taboption("admin", Value, "admin_address", translate("IP Address"),
-      translate("IPv6 addresses should be entered like so: <code>[2001::1]</code>."))
-apt = s:taboption("admin", Value, "admin_port", translate("Port"))
-apt.datatype = "port"
-apw = s:taboption("admin", Value, "admin_password", translate("Password"))
-apw.datatype = "string"
-
--- Security
-s:tab("security", translate("Security"), translate("Functionality related to hardening the cjdroute process."))
-s:taboption("security", Flag, "seccomp", translate("SecComp sandboxing"))
-
--- UDP Interfaces
-udp_interfaces = m:section(TypedSection, "udp_interface", translate("UDP Interfaces"),
-  translate("These interfaces allow peering via public IP networks, such as the Internet, or many community-operated wireless networks. IPv6 addresses should be entered with square brackets, like so: <code>[2001::1]</code>."))
-udp_interfaces.anonymous = true
-udp_interfaces.addremove = true
-udp_interfaces.template = "cbi/tblsection"
-
-udp_address = udp_interfaces:option(Value, "address", translate("IP Address"))
-udp_address.placeholder = "0.0.0.0"
-udp_interfaces:option(Value, "port", translate("Port")).datatype = "portrange"
-
--- Ethernet Interfaces
-eth_interfaces = m:section(TypedSection, "eth_interface", translate("Ethernet Interfaces"),
-  translate("These interfaces allow peering via local Ethernet networks, such as home or office networks, or phone tethering. If an interface name is set to \"all\" each available device will be used."))
-eth_interfaces.anonymous = true
-eth_interfaces.addremove = true
-eth_interfaces.template = "cbi/tblsection"
-
-eth_bind = eth_interfaces:option(Value, "bind", translate("Network Interface"))
-eth_bind.placeholder = "br-lan"
-eth_beacon = eth_interfaces:option(Value, "beacon", translate("Beacon Mode"))
-eth_beacon:value(0, translate("0 -- Disabled"))
-eth_beacon:value(1, translate("1 -- Accept beacons"))
-eth_beacon:value(2, translate("2 -- Accept and send beacons"))
-eth_beacon.default = 2
-eth_beacon.datatype = "integer(range(0,2))"
-
-return m
diff --git a/net/luci-app-cjdns/luasrc/view/admin_status/index/cjdns.htm b/net/luci-app-cjdns/luasrc/view/admin_status/index/cjdns.htm
deleted file mode 100644 (file)
index 58c3843..0000000
+++ /dev/null
@@ -1 +0,0 @@
-<%+cjdns/status%>
diff --git a/net/luci-app-cjdns/luasrc/view/cjdns/status.htm b/net/luci-app-cjdns/luasrc/view/cjdns/status.htm
deleted file mode 100644 (file)
index 9d43e85..0000000
+++ /dev/null
@@ -1,116 +0,0 @@
-<script type="text/javascript">//<![CDATA[
-
-       var peersURI = '<%=luci.dispatcher.build_url("admin", "services", "cjdns", "peers")%>';
-       var updatePeers = function(x, peers) {
-               var table = document.getElementById('cjdns-peerings');
-               while (table.rows.length > 1) {
-                       table.deleteRow(1);
-               }
-
-               if ((peers) && ((peers.err) || (typeof peers.length === 'undefined'))) {
-                       var errpeer = (peers.err)
-                                               ? 'Socket Error: unable to connect to Admin API'
-                                               : 'No active peers';
-                       var row = table.insertRow(-1);
-                       row.className = 'cbi-section-table-row';
-                       var cell = row.insertCell(-1);
-                       cell.colSpan = 7;
-                       cell.textContent = errpeer;
-                       return;
-               };
-
-               peers.forEach(function(peer, i) {
-                       if (peer.user == null) {
-                               var user = '';
-                       } else if (peer.user == 'Local Peers') {
-                               var user = 'beacon';
-                       } else {
-                               var user = peer.user;
-                       }
-
-                       if (peer.isIncoming === 0) {
-                               var interface = 'outgoing';
-                       } else {
-                               var interface = 'incoming';
-                       }
-
-                       var status = interface + ', ' + peer.state.toLowerCase();
-
-                       if (peer.version === 0) {
-                               var version = '-';
-                       } else {
-                               var version = 'v' + peer.version;
-                       }
-
-                       var rxtx = lbbytes(peer.bytesIn) + ' / ' + lbbytes(peer.bytesOut);
-
-                       var row = table.insertRow(-1);
-                       row.className = 'cbi-section-table-row cbi-rowstyle-' + ((i % 2) + 1);
-                       row.insertCell(-1).textContent = user;
-                       row.insertCell(-1).textContent = peer.ipv6;
-                       row.insertCell(-1).textContent = status;
-                       row.insertCell(-1).textContent = version;
-                       row.insertCell(-1).textContent = rxtx;
-                       var latencyCell = row.insertCell(-1);
-                       latencyCell.textContent = 'waiting';
-
-                       var pingURI = '<%=luci.dispatcher.build_url("admin", "services", "cjdns", "ping")%>';
-                       var timeout = 2000;
-                       XHR.get(pingURI, { label: peer.switchLabel, timeout: timeout }, function(x, pong) {
-                               var pongrsp = ((pong.err == "ai:recv > timeout") || (pong == "undefined") || (pong.ms >= timeout))
-                                       ? '> ' + timeout + ' ms'
-                                       : pong.ms + ' ms';
-                               latencyCell.textContent = pongrsp;
-                       })
-               });
-
-       };
-
-       XHR.get(peersURI, null, updatePeers);
-       XHR.poll(5, peersURI, null, updatePeers);
-
-//]]></script>
-
-<script type="text/javascript">
-<%# Author: [GitHub/75lb] -%>
-//<![CDATA[
-function lbbytes (bytes){
-
-       var kilobyte = 1024,
-           megabyte = kilobyte * 1024,
-           gigabyte = megabyte * 1024,
-           terabyte = gigabyte * 1024;
-
-       if ((bytes >= 0) && (bytes < kilobyte)) {
-               return bytes + " B";
-       } else if ((bytes >= kilobyte) && (bytes < megabyte)) {
-               return (bytes / kilobyte).toFixed(2) + " KB";
-       } else if ((bytes >= megabyte) && (bytes < gigabyte)) {
-               return (bytes / megabyte).toFixed(2) + " MB";
-       } else if ((bytes >= gigabyte) && (bytes < terabyte)) {
-               return (bytes / gigabyte).toFixed(2) + " GB";
-       } else if (bytes >= terabyte) {
-               return (bytes / terabyte).toFixed(2) + " TB";
-       } else {
-               return bytes + " B";
-       }
-};
-//]]>
-</script>
-
-<fieldset class="cbi-section">
-       <legend>Active cjdns peers</legend>
-       <table class="cbi-section-table" id="cjdns-peerings">
-               <tr class="cbi-section-table-titles">
-                       <th class="cbi-section-table-cell">User/Name</th>
-                       <th class="cbi-section-table-cell">IPv6</th>
-                       <th class="cbi-section-table-cell">Status</th>
-                       <th class="cbi-section-table-cell">Version</th>
-                       <th class="cbi-section-table-cell">Rx / Tx</th>
-                       <th class="cbi-section-table-cell">Latency</th>
-               </tr>
-               <tr class="cbi-section-table-row">
-                       <td colspan="7">Querying Admin API</td>
-               </tr>
-       </table>
-</fieldset>
diff --git a/net/luci-app-cjdns/luasrc/view/cjdns/value.htm b/net/luci-app-cjdns/luasrc/view/cjdns/value.htm
deleted file mode 100644 (file)
index d1e54bb..0000000
+++ /dev/null
@@ -1,35 +0,0 @@
-<%+cbi/valueheader%>
-       <input type="<%=self.password and 'password" class="cbi-input-password' or 'text" class="cbi-input-text' %>" onchange="cbi_d_update(this.id)"<%=
-               attr("name", cbid) .. attr("id", cbid) .. attr("value", self:cfgvalue(section) or self.default) ..
-               ifattr(self.size, "size") .. ifattr(self.placeholder, "placeholder")
-       %> style="width: auto" />
-       <% if self.password then %><img src="<%=resource%>/cbi/reload.gif" style="vertical-align:middle" title="<%:Reveal/hide password%>" onclick="var e = document.getElementById('<%=cbid%>'); e.type = (e.type=='password') ? 'text' : 'password';" /><% end %>
-       <% if #self.keylist > 0 or self.datatype then -%>
-       <script type="text/javascript">//<![CDATA[
-               <% if #self.keylist > 0 then -%>
-               cbi_combobox_init('<%=cbid%>', {
-               <%-
-                       for i, k in ipairs(self.keylist) do
-               -%>
-                       <%-=string.format("%q", k) .. ":" .. string.format("%q", self.vallist[i])-%>
-                       <%-if i<#self.keylist then-%>,<%-end-%>
-               <%-
-                       end
-               -%>
-               }, '<%- if not self.rmempty and not self.optional then -%>
-                       <%-: -- Please choose -- -%>
-                       <%- elseif self.placeholder then -%>
-                       <%-= pcdata(self.placeholder) -%>
-               <%- end -%>', '
-               <%- if self.combobox_manual then -%>
-                       <%-=self.combobox_manual-%>
-               <%- else -%>
-                       <%-: -- custom -- -%>
-               <%- end -%>');
-               <%- end %>
-               <% if self.datatype then -%>
-               cbi_validate_field('<%=cbid%>', <%=tostring((self.optional or self.rmempty) == true)%>, '<%=self.datatype:gsub("'", "\\'")%>');
-               <%- end %>
-       //]]></script>
-       <% end -%>
-<%+cbi/valuefooter%>
diff --git a/net/miniupnpd/Makefile b/net/miniupnpd/Makefile
deleted file mode 100644 (file)
index 42023ff..0000000
+++ /dev/null
@@ -1,81 +0,0 @@
-#
-# Copyright (C) 2006-2014 OpenWrt.org
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=miniupnpd
-PKG_VERSION:=2.0.20170421
-PKG_RELEASE:=1
-
-PKG_SOURCE_URL:=http://miniupnp.free.fr/files
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_HASH:=9677aeccadf73b4bf8bb9d832c32b5da8266b4d58eed888f3fd43d7656405643
-
-PKG_MAINTAINER:=Markus Stenberg <fingon@iki.fi>
-PKG_LICENSE:=BSD-3-Clause
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/miniupnpd
-  SECTION:=net
-  CATEGORY:=Network
-  DEPENDS:=+iptables +libip4tc +IPV6:libip6tc +IPV6:ip6tables +libuuid
-  TITLE:=Lightweight UPnP IGD, NAT-PMP & PCP daemon
-  SUBMENU:=Firewall
-  URL:=http://miniupnp.free.fr/
-endef
-
-define Package/miniupnpd/config
-config MINIUPNPD_IGDv2
-       bool
-       default y
-       prompt "Enable IGDv2"
-endef
-
-define Package/miniupnpd/conffiles
-/etc/config/upnpd
-endef
-
-define Package/miniupnpd/postinst
-#!/bin/sh
-
-if [ -z "$$IPKG_INSTROOT" ]; then
-  ( . /etc/uci-defaults/99-miniupnpd )
-  rm -f /etc/uci-defaults/99-miniupnpd
-fi
-
-exit 0
-endef
-
-define Build/Prepare
-       $(call Build/Prepare/Default)
-       echo "OpenWrt" | tr \(\)\  _ >$(PKG_BUILD_DIR)/os.openwrt
-endef
-
-MAKE_FLAGS += \
-       TARGET_OPENWRT=1 TEST=0 \
-       LIBS="" \
-       CC="$(TARGET_CC) -DIPTABLES_143 \
-               -lip4tc $(if $(CONFIG_IPV6),-lip6tc) -luuid" \
-       CONFIG_OPTIONS="--portinuse --leasefile \
-               $(if $(CONFIG_IPV6),--ipv6) \
-               $(if $(CONFIG_MINIUPNPD_IGDv2),--igd2)" \
-       -f Makefile.linux \
-       miniupnpd
-
-
-define Package/miniupnpd/install
-       $(INSTALL_DIR) $(1)/usr/sbin $(1)/etc/init.d $(1)/etc/config $(1)/etc/uci-defaults $(1)/etc/hotplug.d/iface $(1)/usr/share/miniupnpd
-       $(INSTALL_BIN) $(PKG_BUILD_DIR)/miniupnpd $(1)/usr/sbin/miniupnpd
-       $(INSTALL_BIN) ./files/miniupnpd.init $(1)/etc/init.d/miniupnpd
-       $(INSTALL_CONF) ./files/upnpd.config $(1)/etc/config/upnpd
-       $(INSTALL_DATA) ./files/miniupnpd.hotplug $(1)/etc/hotplug.d/iface/50-miniupnpd
-       $(INSTALL_DATA) ./files/miniupnpd.defaults $(1)/etc/uci-defaults/99-miniupnpd
-       $(INSTALL_DATA) ./files/firewall.include $(1)/usr/share/miniupnpd/firewall.include
-endef
-
-$(eval $(call BuildPackage,miniupnpd))
diff --git a/net/miniupnpd/files/firewall.include b/net/miniupnpd/files/firewall.include
deleted file mode 100644 (file)
index 0eb96d7..0000000
+++ /dev/null
@@ -1,57 +0,0 @@
-#!/bin/sh
-# miniupnpd integration for firewall3
-
-IP6TABLES=/usr/sbin/ip6tables
-
-iptables -t filter -N MINIUPNPD 2>/dev/null
-iptables -t nat -N MINIUPNPD 2>/dev/null
-iptables -t nat -N MINIUPNPD-POSTROUTING 2>/dev/null
-
-[ -x $IP6TABLES ] && $IP6TABLES -t filter -N MINIUPNPD 2>/dev/null
-
-. /lib/functions/network.sh
-
-ADDED=0
-
-add_extzone_rules() {
-    local ext_zone=$1
-
-    [ -z "$ext_zone" ] && return
-
-    # IPv4 - due to NAT, need to add both to nat and filter table
-    iptables -t filter -I zone_${ext_zone}_forward -j MINIUPNPD
-    iptables -t nat -I zone_${ext_zone}_prerouting -j MINIUPNPD
-    iptables -t nat -I zone_${ext_zone}_postrouting -j MINIUPNPD-POSTROUTING
-
-    # IPv6 if available - filter only
-    [ -x $IP6TABLES ] && {
-        $IP6TABLES -t filter -I zone_${ext_zone}_forward -j MINIUPNPD
-    }
-    ADDED=$(($ADDED + 1))
-}
-
-# By default, user configuration is king.
-
-for ext_iface in $(uci -q get upnpd.config.external_iface); do
-    add_extzone_rules $(fw3 -q network "$ext_iface")
-done
-
-add_extzone_rules $(uci -q get upnpd.config.external_zone)
-
-[ ! $ADDED = 0 ] && exit 0
-
-
-# If really nothing is available, resort to network_find_wan{,6} and
-# assume external interfaces all have same firewall zone.
-
-# (This heuristic may fail horribly, in case of e.g. multihoming, so
-# please set external_zone in that case!)
-
-network_find_wan wan_iface
-network_find_wan6 wan6_iface
-
-for ext_iface in $wan_iface $wan6_iface; do
-    # fw3 -q network fails on sub-interfaces => map to device first
-    network_get_device ext_device $ext_iface
-    add_extzone_rules $(fw3 -q device "$ext_device")
-done
diff --git a/net/miniupnpd/files/miniupnpd.defaults b/net/miniupnpd/files/miniupnpd.defaults
deleted file mode 100644 (file)
index 7271389..0000000
+++ /dev/null
@@ -1,13 +0,0 @@
-#!/bin/sh
-
-uci -q batch <<-EOT
-       delete firewall.miniupnpd
-       set firewall.miniupnpd=include
-       set firewall.miniupnpd.type=script
-       set firewall.miniupnpd.path=/usr/share/miniupnpd/firewall.include
-       set firewall.miniupnpd.family=any
-       set firewall.miniupnpd.reload=1
-       commit firewall
-EOT
-
-exit 0
diff --git a/net/miniupnpd/files/miniupnpd.hotplug b/net/miniupnpd/files/miniupnpd.hotplug
deleted file mode 100644 (file)
index 320437e..0000000
+++ /dev/null
@@ -1,39 +0,0 @@
-#!/bin/sh
-
-/etc/init.d/miniupnpd enabled || exit 0
-
-. /lib/functions/service.sh
-
-# If miniupnpd is not running:
-# - check on _any_ event (even updates may contribute to network_find_wan*)
-
-# If miniupnpd _is_ running:
-# - check only on ifup (otherwise lease updates etc would cause
-#   miniupnpd state loss)
-
-[ ! "$ACTION" = "ifup" ] && service_check /usr/sbin/miniupnpd && exit 0
-
-tmpconf="/var/etc/miniupnpd.conf"
-extiface=$(uci get upnpd.config.external_iface)
-extzone=$(uci get upnpd.config.external_zone)
-
-. /lib/functions/network.sh
-
-for iface in $(uci get upnpd.config.internal_iface); do
-    network_get_device device $iface
-    [ "$DEVICE" = "$device" ] && /etc/init.d/miniupnpd restart && exit 0
-done
-
-
-if [ -z "$extiface" ] ; then
-  # manual external zone (if dynamically find interfaces
-  # belonging to it) overrides network_find_wan*
-  if [ -n "$extzone" ] ; then
-    ifname=$(fw3 -q zone $extzone | head -1)
-  fi
-  [ -n "$extiface" ] || network_find_wan extiface
-  [ -n "$extiface" ] || network_find_wan6 extiface
-fi
-
-[ -n "$ifname" ] || network_get_device ifname ${extiface}
-grep -q "ext_ifname=$ifname" $tmpconf || /etc/init.d/miniupnpd restart
diff --git a/net/miniupnpd/files/miniupnpd.init b/net/miniupnpd/files/miniupnpd.init
deleted file mode 100644 (file)
index c934a28..0000000
+++ /dev/null
@@ -1,212 +0,0 @@
-#!/bin/sh /etc/rc.common
-# Copyright (C) 2006-2014 OpenWrt.org
-
-START=94
-STOP=15
-
-SERVICE_USE_PID=1
-
-upnpd_get_port_range() {
-       local _var="$1"; shift
-       local _val
-
-       config_get _val "$@"
-
-       case "$_val" in
-               [0-9]*[:-][0-9]*)
-                       export -n -- "${_var}_start=${_val%%[:-]*}"
-                       export -n -- "${_var}_end=${_val##*[:-]}"
-               ;;
-               [0-9]*)
-                       export -n -- "${_var}_start=$_val"
-                       export -n -- "${_var}_end="
-               ;;
-       esac
-}
-
-conf_rule_add() {
-       local cfg="$1"
-       local tmpconf="$2"
-       local action external_port_start external_port_end int_addr
-       local internal_port_start internal_port_end
-
-       config_get action "$cfg" action "deny"               # allow or deny
-       upnpd_get_port_range "ext" "$cfg" ext_ports "0-65535" # external ports: x, x-y, x:y
-       config_get int_addr "$cfg" int_addr "0.0.0.0/0"       # ip or network and subnet mask (internal)
-       upnpd_get_port_range "int" "$cfg" int_ports "0-65535" # internal ports: x, x-y, x:y or range
-
-       # Make a single IP IP/32 so that miniupnpd.conf can use it.
-       case "$int_addr" in
-               */*) ;;
-               *) int_addr="$int_addr/32" ;;
-       esac
-
-       echo "${action} ${ext_start}${ext_end:+-}${ext_end} ${int_addr} ${int_start}${int_end:+-}${int_end}" >>$tmpconf
-}
-
-upnpd_write_bool() {
-       local opt="$1"
-       local def="${2:-0}"
-       local alt="$3"
-       local val
-
-       config_get_bool val config "$opt" "$def"
-       if [ "$val" -eq 0 ]; then
-               echo "${alt:-$opt}=no" >> $tmpconf
-       else
-               echo "${alt:-$opt}=yes" >> $tmpconf
-       fi
-}
-
-boot() {
-       return
-}
-
-start() {
-       config_load "upnpd"
-       local extiface intiface upload download logging secure enabled natpmp
-       local extip port usesysuptime conffile serial_number model_number
-       local uuid notify_interval presentation_url enable_upnp
-       local upnp_lease_file clean_ruleset_threshold clean_ruleset_interval
-        local ipv6_listening_ip enabled
-
-       config_get_bool enabled config enabled 1
-
-       [ "$enabled" -gt 0 ] || return 1
-
-       config_get extiface config external_iface
-       config_get extzone config external_zone
-       config_get intiface config internal_iface
-       config_get extip config external_ip
-       config_get port config port 5000
-       config_get upload   config upload
-       config_get download config download
-       config_get_bool logging config log_output 0
-       config_get conffile config config_file
-       config_get serial_number config serial_number
-       config_get model_number config model_number
-       config_get uuid config uuid
-       config_get notify_interval config notify_interval
-       config_get presentation_url config presentation_url
-       config_get upnp_lease_file config upnp_lease_file
-       config_get clean_ruleset_threshold config clean_ruleset_threshold
-       config_get clean_ruleset_interval config clean_ruleset_interval
-       config_get ipv6_listening_ip config ipv6_listening_ip
-
-       local args
-
-       . /lib/functions/network.sh
-
-       local ifname
-
-        # manual external interface overrides everything
-        if [ -z "$extiface" ] ; then
-            # manual external zone (if dynamically find interfaces
-            # belonging to it) overrides network_find_wan*
-            if [ -n "$extzone" ] ; then
-                ifname=$(fw3 -q zone $extzone | head -1)
-            fi
-            [ -n "$extiface" ] || network_find_wan extiface
-            [ -n "$extiface" ] || network_find_wan6 extiface
-        fi
-
-       [ -n "$ifname" ] || network_get_device ifname ${extiface}
-
-       if [ -n "$conffile" ]; then
-               args="-f $conffile"
-       else
-               local tmpconf="/var/etc/miniupnpd.conf"
-               args="-f $tmpconf"
-               mkdir -p /var/etc
-
-               echo "ext_ifname=$ifname" >$tmpconf
-
-               [ -n "$extip" ] && \
-                       echo "ext_ip=$extip" >>$tmpconf
-
-               local iface
-               for iface in ${intiface:-lan}; do
-                       local device
-                       network_get_device device "$iface" && {
-                               echo "listening_ip=$device" >>$tmpconf
-                       }
-               done
-
-               [ "$port" != "auto" ] && \
-                       echo "port=$port" >>$tmpconf
-
-               config_load "upnpd"
-               upnpd_write_bool enable_natpmp 1
-               upnpd_write_bool enable_upnp 1
-               upnpd_write_bool secure_mode 1
-               upnpd_write_bool pcp_allow_thirdparty 0
-               upnpd_write_bool system_uptime 1
-
-               [ -n "$upnp_lease_file" ] && \
-                       echo "lease_file=$upnp_lease_file" >>$tmpconf
-
-               [ -n "$upload" -a -n "$download" ] && {
-                       echo "bitrate_down=$(($download * 1024 * 8))" >>$tmpconf
-                       echo "bitrate_up=$(($upload * 1024 * 8))" >>$tmpconf
-               }
-
-               [ -n "${presentation_url}" ] && \
-                       echo "presentation_url=${presentation_url}" >>$tmpconf
-
-               [ -n "${notify_interval}" ] && \
-                       echo "notify_interval=${notify_interval}" >>$tmpconf
-
-               [ -n "${clean_ruleset_threshold}" ] && \
-                       echo "clean_ruleset_threshold=${clean_ruleset_threshold}" >>$tmpconf
-
-               [ -n "${clean_ruleset_interval}" ] && \
-                       echo "clean_ruleset_interval=${clean_ruleset_interval}" >>$tmpconf
-
-               [ -n "${ipv6_listening_ip}" ] && \
-                       echo "ipv6_listening_ip=${ipv6_listening_ip}" >>$tmpconf
-
-               [ -z "$uuid" ] && {
-                       uuid="$(cat /proc/sys/kernel/random/uuid)"
-                       uci set upnpd.config.uuid=$uuid
-                       uci commit upnpd
-               }
-
-               [ "$uuid" = "nocli" ] || \
-                       echo "uuid=$uuid" >>$tmpconf
-
-               [ -n "${serial_number}" ] && \
-                       echo "serial=${serial_number}" >>$tmpconf
-
-               [ -n "${model_number}" ] && \
-                       echo "model_number=${model_number}" >>$tmpconf
-
-           config_foreach conf_rule_add perm_rule "$tmpconf"
-       fi
-
-
-       if [ -n "$ifname" ]; then
-               # start firewall
-               iptables -L MINIUPNPD >/dev/null 2>/dev/null || fw3 reload
-
-               if [ "$logging" = "1" ]; then
-                       SERVICE_DAEMONIZE=1 \
-                       service_start /usr/sbin/miniupnpd $args -d
-               else
-                       SERVICE_DAEMONIZE= \
-                       service_start /usr/sbin/miniupnpd $args
-               fi
-       else
-               logger -t "upnp daemon" "external interface not found, not starting"
-       fi
-}
-
-stop() {
-       service_stop /usr/sbin/miniupnpd
-
-       iptables -t nat -F MINIUPNPD 2>/dev/null
-       iptables -t filter -F MINIUPNPD 2>/dev/null
-
-        [ -x /usr/sbin/ip6tables ] && {
-           ip6tables -t filter -F MINIUPNPD 2>/dev/null
-        }
-}
diff --git a/net/miniupnpd/files/upnpd.config b/net/miniupnpd/files/upnpd.config
deleted file mode 100644 (file)
index 9a65bfa..0000000
+++ /dev/null
@@ -1,27 +0,0 @@
-config upnpd config
-       option enabled          0
-       option enable_natpmp    1
-       option enable_upnp      1
-       option secure_mode      1
-       option log_output       0
-       option download         1024
-       option upload           512
-        #by default, looked up dynamically from ubus
-       #option external_iface  wan
-       option internal_iface   lan
-       option port             5000
-       option upnp_lease_file  /var/upnp.leases
-       
-config perm_rule
-       option action           allow
-       option ext_ports        1024-65535
-       option int_addr         0.0.0.0/0       # Does not override secure_mode
-       option int_ports        1024-65535
-       option comment          "Allow high ports"
-
-config perm_rule
-       option action           deny
-       option ext_ports                0-65535
-       option int_addr         0.0.0.0/0
-       option int_ports                0-65535
-       option comment          "Default deny"
diff --git a/net/miniupnpd/patches/101-no-ssl-uuid.patch b/net/miniupnpd/patches/101-no-ssl-uuid.patch
deleted file mode 100644 (file)
index 81cea10..0000000
+++ /dev/null
@@ -1,23 +0,0 @@
-We do not need to autodetect SSL/UUID; SSL we do not support, UUID we always do.
-
---- a/Makefile.linux
-+++ b/Makefile.linux
-@@ -153,14 +153,18 @@ LDLIBS += $(shell $(PKG_CONFIG) --static
- LDLIBS += $(shell $(PKG_CONFIG) --static --libs-only-l libnetfilter_conntrack)
- endif # ($(TEST),1)
-+ifeq ($(TARGET_OPENWRT),)
-+# n/a - we don't enable https server for IGD v2 anyway in OpenWrt
- LDLIBS += $(shell $(PKG_CONFIG) --static --libs-only-l libssl)
-+# n/a - we hardcodedly support libuuid
- TEST := $(shell $(PKG_CONFIG) --exists uuid && echo 1)
- ifeq ($(TEST),1)
- LDLIBS += $(shell $(PKG_CONFIG) --static --libs-only-l uuid)
- else
- $(info please install uuid-dev package / libuuid)
- endif # ($(TEST),1)
-+endif
- TESTUPNPDESCGENOBJS = testupnpdescgen.o upnpdescgen.o
diff --git a/net/miniupnpd/patches/102-ipv6-ext-port.patch b/net/miniupnpd/patches/102-ipv6-ext-port.patch
deleted file mode 100644 (file)
index 806c7fd..0000000
+++ /dev/null
@@ -1,10 +0,0 @@
---- a/pcpserver.c
-+++ b/pcpserver.c
-@@ -982,6 +982,7 @@ static int CreatePCPMap_NAT(pcp_info_t *
-                                  timestamp);
-       if (r < 0)
-               return PCP_ERR_NO_RESOURCES;
-+      pcp_msg_info->ext_port = pcp_msg_info->int_port;
-       return PCP_SUCCESS;
- }
diff --git a/net/miniupnpd/patches/103-no-ipv6-autodetection.patch b/net/miniupnpd/patches/103-no-ipv6-autodetection.patch
deleted file mode 100644 (file)
index 50d5a39..0000000
+++ /dev/null
@@ -1,27 +0,0 @@
-The miniupnpd makefile tries to autodetect iptables capabilities.
-This will incorrectly detect capabilities such as ipv6 support even though it is disabled for the target build.
-
-As the OpenWRT buildsystem already passes the right compile flags, we can skip the autodetection.
-
-
---- a/netfilter/Makefile
-+++ b/netfilter/Makefile
-@@ -38,8 +38,6 @@ endif
- endif
- endif
--LIBS +=  /lib/libip4tc.so /lib/libip6tc.so
--
- all:  iptcrdr.o testiptcrdr iptpinhole.o \
-         testiptcrdr_peer testiptcrdr_dscp test_nfct_get
- #        testiptpinhole
---- a/Makefile.linux
-+++ b/Makefile.linux
-@@ -73,7 +73,6 @@ CPPFLAGS += -DIPTABLES_143
- endif
- CFLAGS  += $(shell $(PKG_CONFIG) --cflags libiptc)
--LDLIBS  += $(shell $(PKG_CONFIG) --static --libs-only-l libiptc)
- LDFLAGS += $(shell $(PKG_CONFIG) --libs-only-L libiptc)
- LDFLAGS += $(shell $(PKG_CONFIG) --libs-only-other libiptc)
- else
diff --git a/net/miniupnpd/patches/104-always-libuuid.patch b/net/miniupnpd/patches/104-always-libuuid.patch
deleted file mode 100644 (file)
index d6c0770..0000000
+++ /dev/null
@@ -1,20 +0,0 @@
-As it turns out, the 'magic' libuuid/bsd uuid check just checks
-outside buildtree altogether for the uuid_generate. So we just
-hardcode it.
-
---- a/genconfig.sh
-+++ b/genconfig.sh
-@@ -367,12 +367,7 @@ case $FW in
- esac
- # UUID API
--if grep uuid_create /usr/include/uuid.h > /dev/null 2>&1 ; then
--      echo "#define BSD_UUID" >> ${CONFIGFILE}
--fi
--if grep uuid_generate /usr/include/uuid/uuid.h > /dev/null 2>&1 ; then
--      echo "#define LIB_UUID" >> ${CONFIGFILE}
--fi
-+echo "#define LIB_UUID" >> ${CONFIGFILE}
- # set V6SOCKETS_ARE_V6ONLY to 0 if it was not set above
- if [ -z "$V6SOCKETS_ARE_V6ONLY" ] ; then
index 8c77394da2bbacd2752fea1a00a157f6bc002a5d..fa2a24409aa069be9bab17935df1d407a3b1f902 100644 (file)
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=luci-app-mwan3
 PKG_VERSION:=1.4
-PKG_RELEASE:=5
+PKG_RELEASE:=6
 PKG_MAINTAINER:=Aedan Renner <chipdankly@gmail.com>
 PKG_LICENSE:=GPLv2
 
index 3d5a23dd03aa15f71788646e9bbbededf0fac1ce..bec0e6b27aa1c4d758b1203b5c0eb9e88bacdd33 100644 (file)
@@ -65,7 +65,8 @@ end
 
 function getInterfaceStatus(ruleNumber, interfaceName)
        if ut.trim(sys.exec("uci -p /var/state get mwan3." .. interfaceName .. ".enabled")) == "1" then
-               if ut.trim(sys.exec(ip .. "route list table " .. ruleNumber)) ~= "" then
+               local fs = require "nixio.fs"
+               if fs.readfile("/var/run/mwan3/iface_state/%s" % interfaceName) == "online" then
                        if ut.trim(sys.exec("uci -p /var/state get mwan3." .. interfaceName .. ".track_ip")) ~= "" then
                                return "online"
                        else
index 394a642f9a823fcc15429b4028901c4e4b93d6f0..b75b71b16d1c00aaa46cbe3978f348abb2f75655 100644 (file)
@@ -8,8 +8,8 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=mwan3
-PKG_VERSION:=2.5.2
-PKG_RELEASE:=5
+PKG_VERSION:=2.0.2
+PKG_RELEASE:=1
 PKG_MAINTAINER:=Florian Eckert <fe@dev.tdt.de>
 PKG_LICENSE:=GPLv2
 
@@ -21,7 +21,6 @@ define Package/mwan3
    SUBMENU:=Routing and Redirection
    DEPENDS:=+ip +ipset +iptables +iptables-mod-conntrack-extra +iptables-mod-ipopt
    TITLE:=Multiwan hotplug script with connection tracking support
-   MAINTAINER:=Florian Eckert <fe@dev.tdt.de>
    PKGARCH:=all
 endef
 
@@ -33,7 +32,6 @@ endef
 
 define Package/mwan3/conffiles
 /etc/config/mwan3
-/etc/mwan3.user
 endef
 
 define Build/Compile
index e3fd16cef0f27f492bb78f288e4ffdc9ef23f078..1e9599e958a1b629082bf58591bf0728ec1eff5a 100644 (file)
@@ -11,33 +11,33 @@ if [ "$ACTION" == "ifup" ]; then
         [ -n "$DEVICE" ] || exit 3
 fi
 
+[ -x /usr/bin/ip ] || exit 4
+[ -x /usr/sbin/ipset ] || exit 5
+[ -x /usr/sbin/iptables ] || exit 6
+[ -x /usr/sbin/ip6tables ] || exit 7
+[ -x /usr/bin/logger ] || exit 8
+
+mwan3_lock
 mwan3_set_connected_iptables
+mwan3_unlock
 
 config_load mwan3
 config_get enabled $INTERFACE enabled 0
 [ "$enabled" == "1" ] || exit 0
 
-if [ "$ACTION" == "ifup" ]; then
-       config_get family $INTERFACE family ipv4
-       if [ "$family" = "ipv4" ]; then
-               ubus call network.interface.${INTERFACE}_4 status &>/dev/null
-               if [ "$?" -eq "0" ]; then
-                       network_get_gateway gateway ${INTERFACE}_4
-               else
-                       network_get_gateway gateway $INTERFACE
-               fi
-       elif [ "$family" = "ipv6" ]; then
-               ubus call network.interface.${INTERFACE}_6 status &>/dev/null
-               if [ "$?" -eq "0" ]; then
-                       network_get_gateway6 gateway ${INTERFACE}_6
-               else
-                       network_get_gateway6 gateway ${INTERFACE}
-               fi
-       fi
+config_get family $INTERFACE family ipv4
+
+if [ "$family" == "ipv4" ]; then
+       network_get_gateway gateway $INTERFACE
+elif [ "$family" == "ipv6" ]; then
+       network_get_gateway6 gateway $INTERFACE
+fi
 
+if [ "$ACTION" == "ifup" ]; then
        [ -n "$gateway" ] || exit 9
 fi
 
+mwan3_lock
 $LOG notice "$ACTION interface $INTERFACE (${DEVICE:-unknown})"
 
 case "$ACTION" in
@@ -47,21 +47,19 @@ case "$ACTION" in
                mwan3_create_iface_rules $INTERFACE $DEVICE
                mwan3_create_iface_iptables $INTERFACE $DEVICE
                mwan3_create_iface_route $INTERFACE $DEVICE
+               mwan3_set_iface_hotplug_state $INTERFACE "online"
                mwan3_track $INTERFACE $DEVICE
                mwan3_set_policies_iptables
                mwan3_set_user_rules
-               mwan3_flush_conntrack $INTERFACE $DEVICE "ifup"
        ;;
        ifdown)
-               mwan3_delete_iface_rules $INTERFACE
-               mwan3_delete_iface_iptables $INTERFACE
-               mwan3_delete_iface_route $INTERFACE
+               mwan3_set_iface_hotplug_state $INTERFACE "offline"
                mwan3_delete_iface_ipset_entries $INTERFACE
-               mwan3_track_signal $INTERFACE $DEVICE
                mwan3_set_policies_iptables
                mwan3_set_user_rules
-               mwan3_flush_conntrack $INTERFACE $DEVICE "ifdown"
        ;;
 esac
 
+mwan3_unlock
+
 exit 0
diff --git a/net/mwan3/files/etc/hotplug.d/iface/16-mwan3-user b/net/mwan3/files/etc/hotplug.d/iface/16-mwan3-user
deleted file mode 100644 (file)
index 485f8de..0000000
+++ /dev/null
@@ -1,13 +0,0 @@
-#!/bin/sh
-
-[ -f "/etc/mwan3.user" ] && {
-       . /lib/functions.sh
-
-       config_load mwan3
-       config_get enabled "$INTERFACE" enabled 0
-       [ "${enabled}" = "1" ] || exit 0
-       env -i ACTION="$ACTION" INTERFACE="$INTERFACE" DEVICE="$DEVICE" \
-               /bin/sh /etc/mwan3.user
-}
-
-exit 0
diff --git a/net/mwan3/files/etc/mwan3.user b/net/mwan3/files/etc/mwan3.user
deleted file mode 100644 (file)
index 3c1f9fb..0000000
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/sh
-#
-# This file is interpreted as shell script.
-# Put your custom mwan3 action here, they will
-# be executed with each netifd hotplug interface event
-# on interfaces for which mwan3 is enabled.
-#
-# There are three main environment variables that are passed to this script.
-#
-# $ACTION      Either "ifup" or "ifdown"
-# $INTERFACE   Name of the interface which went up or down (e.g. "wan" or "wwan")
-# $DEVICE      Physical device name which interface went up or down (e.g. "eth0" or "wwan0")
index 3798d7eb055c00e4d09a8497bdc8bcbe8618d68d..f7baccd3e1a1a41b8e0c1673f9585726a24f8211 100644 (file)
@@ -1,12 +1,27 @@
 #!/bin/sh
 
-IP4="ip -4"
-IP6="ip -6"
-IPS="ipset"
-IPT4="iptables -t mangle -w"
-IPT6="ip6tables -t mangle -w"
-LOG="logger -t mwan3 -p"
-CONNTRACK_FILE="/proc/net/nf_conntrack"
+IP4="/usr/bin/ip -4"
+IP6="/usr/bin/ip -6"
+IPS="/usr/sbin/ipset"
+IPT4="/usr/sbin/iptables -t mangle -w"
+IPT6="/usr/sbin/ip6tables -t mangle -w"
+LOG="/usr/bin/logger -t mwan3 -p"
+
+MWAN3_STATUS_DIR="/var/run/mwan3"
+
+[ -d $MWAN3_STATUS_DIR ] || mkdir -p $MWAN3_STATUS_DIR/iface_state
+
+mwan3_lock() {
+       lock /var/run/mwan3.lock
+}
+
+mwan3_unlock() {
+       lock -u /var/run/mwan3.lock
+}
+
+mwan3_lock_clean() {
+       rm -rf /var/run/mwan3.lock
+}
 
 mwan3_get_iface_id()
 {
@@ -130,12 +145,7 @@ mwan3_create_iface_iptables()
 
        if [ "$family" == "ipv4" ]; then
 
-               ubus call network.interface.${1}_4 status &>/dev/null
-               if [ "$?" -eq "0" ]; then
-                       network_get_ipaddr src_ip ${1}_4
-               else
-                       network_get_ipaddr src_ip $1
-               fi
+               network_get_ipaddr src_ip $1
 
                $IPS -! create mwan3_connected list:set
 
@@ -171,12 +181,7 @@ mwan3_create_iface_iptables()
 
        if [ "$family" == "ipv6" ]; then
 
-               ubus call network.interface.${1}_6 status &>/dev/null
-               if [ "$?" -eq "0" ]; then
-                       network_get_ipaddr6 src_ipv6 ${1}_6
-               else
-                       network_get_ipaddr6 src_ipv6 $1
-               fi
+               network_get_ipaddr6 src_ipv6 $1
 
                $IPS -! create mwan3_connected_v6 hash:net family inet6
 
@@ -248,13 +253,8 @@ mwan3_create_iface_route()
        [ -n "$id" ] || return 0
 
        if [ "$family" == "ipv4" ]; then
-               ubus call network.interface.${1}_4 status &>/dev/null
-               if [ "$?" -eq "0" ]; then
-                       network_get_gateway route_args ${1}_4
-               else
-                       network_get_gateway route_args $1
-               fi
 
+               network_get_gateway route_args $1
                route_args="via $route_args dev $2"
 
                $IP4 route flush table $id
@@ -263,13 +263,7 @@ mwan3_create_iface_route()
 
        if [ "$family" == "ipv6" ]; then
 
-               ubus call network.interface.${1}_6 status &>/dev/null
-               if [ "$?" -eq "0" ]; then
-                       network_get_gateway6 route_args ${1}_6
-               else
-                       network_get_gateway6 route_args $1
-               fi
-
+               network_get_gateway6 route_args $1
                route_args="via $route_args dev $2"
 
                $IP6 route flush table $id
@@ -382,7 +376,7 @@ mwan3_delete_iface_ipset_entries()
 
 mwan3_track()
 {
-       local track_ip track_ips
+       local track_ip track_ips reliability count timeout interval down up
 
        mwan3_list_track_ips()
        {
@@ -390,21 +384,20 @@ mwan3_track()
        }
        config_list_foreach $1 track_ip mwan3_list_track_ips
 
-       kill $(pgrep -f "mwan3track $1") &> /dev/null
-       if [ -n "$track_ips" ]; then
-               [ -x /usr/sbin/mwan3track ] && /usr/sbin/mwan3track $1 $2 $track_ips &
+       if [ -e /var/run/mwan3track-$1.pid ] ; then
+               kill $(cat /var/run/mwan3track-$1.pid) &> /dev/null
+               rm /var/run/mwan3track-$1.pid &> /dev/null
        fi
-}
 
-mwan3_track_signal()
-{
-       local pid
-
-       pid="$(pgrep -f "mwan3track $1")"
-       if [ "${pid}" != "" ]; then
-               kill -USR1 "${pid}"
-       else
-               $LOG warn "Unable to send signal USR1 to mwan3track on interface $1 with pid ${pid}"
+       if [ -n "$track_ips" ]; then
+               config_get reliability $1 reliability 1
+               config_get count $1 count 1
+               config_get timeout $1 timeout 4
+               config_get interval $1 interval 10
+               config_get down $1 down 5
+               config_get up $1 up 5
+
+               [ -x /usr/sbin/mwan3track ] && /usr/sbin/mwan3track $1 $2 $reliability $count $timeout $interval $down $up $track_ips &
        fi
 }
 
@@ -426,7 +419,7 @@ mwan3_set_policy()
 
        if [ "$family" == "ipv4" ]; then
 
-               if [ -n "$($IP4 route list table $id)" ]; then
+               if [ "$(mwan3_get_iface_hotplug_state $iface)" = "online" ]; then
                        if [ "$metric" -lt "$lowest_metric_v4" ]; then
 
                                total_weight_v4=$weight
@@ -459,7 +452,7 @@ mwan3_set_policy()
 
        if [ "$family" == "ipv6" ]; then
 
-               if [ -n "$($IP6 route list table $id)" ]; then
+               if [ "$(mwan3_get_iface_hotplug_state $iface)" = "online" ]; then
                        if [ "$metric" -lt "$lowest_metric_v6" ]; then
 
                                total_weight_v6=$weight
@@ -690,6 +683,19 @@ mwan3_set_user_rules()
        config_foreach mwan3_set_user_iptables_rule rule
 }
 
+mwan3_set_iface_hotplug_state() {
+       local iface=$1
+       local state=$2
+
+       echo -n $state > $MWAN3_STATUS_DIR/iface_state/$iface
+}
+
+mwan3_get_iface_hotplug_state() {
+       local iface=$1
+
+       cat $MWAN3_STATUS_DIR/iface_state/$iface 2>/dev/null || echo "unknown"
+}
+
 mwan3_report_iface_status()
 {
        local device result track_ips tracking IP IPT
@@ -711,16 +717,14 @@ mwan3_report_iface_status()
 
        if [ -z "$id" -o -z "$device" ]; then
                result="unknown"
-       elif [ -n "$($IP rule | awk '$1 == "'$(($id+1000)):'"')"i -a -n "$($IP rule | awk '$1 == "'$(($id+2000)):'"')" -a -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" -a -n "$($IPT -S mwan3_iface_out_$1 2> /dev/null)" -a -n "$($IP route list table $id default dev $device 2> /dev/null)" ]; then
-               result="online"
+       elif [ -n "$($IP rule | awk '$1 == "'$(($id+1000)):'"')" -a -n "$($IP rule | awk '$1 == "'$(($id+2000)):'"')" -a -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" -a -n "$($IPT -S mwan3_iface_out_$1 2> /dev/null)" -a -n "$($IP route list table $id default dev $device 2> /dev/null)" ]; then
+               result="$(mwan3_get_iface_hotplug_state $1)"
        elif [ -n "$($IP rule | awk '$1 == "'$(($id+1000)):'"')" -o -n "$($IP rule | awk '$1 == "'$(($id+2000)):'"')" -o -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" -o -n "$($IPT -S mwan3_iface_out_$1 2> /dev/null)" -o -n "$($IP route list table $id default dev $device 2> /dev/null)" ]; then
                result="error"
+       elif [ "$enabled" == "1" ]; then
+               result="offline"
        else
-               if [ "$enabled" == "1" ]; then
-                       result="offline"
-               else
-                       result="disabled"
-               fi
+               result="disabled"
        fi
 
        mwan3_list_track_ips()
@@ -827,36 +831,3 @@ mwan3_report_rules_v6()
                $IPT6 -L mwan3_rules -n -v 2> /dev/null | tail -n+3 | sed 's/mark.*//' | sed 's/mwan3_policy_/- /' | sed 's/mwan3_rule_/S /'
        fi
 }
-
-mwan3_flush_conntrack()
-{
-       local flush_conntrack
-
-       config_get flush_conntrack $1 flush_conntrack never
-
-       if [ -e "$CONNTRACK_FILE" ]; then
-               case $flush_conntrack in
-                       ifup)
-                               [ "$3" = "ifup" ] && {
-                                       echo f > ${CONNTRACK_FILE}
-                                       $LOG info "connection tracking flushed on interface $1 ($2) $3"
-                               }
-                               ;;
-                       ifdown)
-                               [ "$3" = "ifdown" ] && {
-                                       echo f > ${CONNTRACK_FILE}
-                                       $LOG info "connection tracking flushed on interface $1 ($2) $3"
-                               }
-                               ;;
-                       always)
-                               echo f > ${CONNTRACK_FILE}
-                               $LOG info "connection tracking flushed on interface $1 ($2) $3"
-                               ;;
-                       never)
-                               $LOG info "connection tracking not flushed on interface $1 ($2) $3"
-                               ;;
-               esac
-       else
-               $LOG warning "connection tracking not enabled"
-       fi
-}
diff --git a/net/mwan3/files/usr/libexec/rpcd/mwan3 b/net/mwan3/files/usr/libexec/rpcd/mwan3
deleted file mode 100755 (executable)
index bbc570f..0000000
+++ /dev/null
@@ -1,122 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-. /usr/share/libubox/jshn.sh
-
-MWAN3_STATUS_DIR="/var/run/mwan3track"
-MWAN3_PID_FILE="/var/run/mwan3track"
-
-IPS="ipset"
-IPT4="iptables -t mangle -w"
-IPT6="ip6tables -t mangle -w"
-
-report_connected_v4() {
-       local address
-
-       if [ -n "$($IPT4 -S mwan3_connected 2> /dev/null)" ]; then
-               for address in $($IPS list mwan3_connected_v4 | tail -n +8); do
-                       json_add_string "" "${address}"
-               done
-       fi
-}
-
-report_connected_v6() {
-       local address
-
-       if [ -n "$($IPT6 -S mwan3_connected 2> /dev/null)" ]; then
-               for address in $($IPS list mwan3_connected_v6 | tail -n +8); do
-                       json_add_string "" "${address}"
-               done
-       fi
-}
-
-get_mwan3_status() {
-       local iface="${1}"
-       local iface_select="${2}"
-       local running="0"
-       local pid
-
-       if [ "${iface}" = "${iface_select}" ] || [ "${iface_select}" = "" ]; then
-               pid="$(pgrep -f "mwan3track $iface_selected")"
-               if [ "${pid}" != "" ]; then
-                       running="1"
-               fi
-
-               json_add_object "${iface}"
-               json_add_string "score" "$(cat "$MWAN3_STATUS_DIR/${iface}/SCORE")"
-               json_add_string "lost" "$(cat "$MWAN3_STATUS_DIR/${iface}/LOST")"
-               json_add_string "turn" "$(cat "$MWAN3_STATUS_DIR/${iface}/TURN")"
-               json_add_string "status" "$(cat "$MWAN3_STATUS_DIR/${iface}/STATUS")"
-               json_add_boolean "running" "${running}"
-               json_add_array "track_ip"
-               for file in $MWAN3_STATUS_DIR/${iface}/*; do
-                       track="${file#*/TRACK_}"
-                       if [ "${track}" != "${file}" ]; then
-                               json_add_object
-                               json_add_string ip "${track}"
-                               json_add_string status "$(cat "${file}")"
-                               json_close_object
-                       fi
-               done
-               json_close_array
-               json_close_object
-       fi
-}
-
-case "$1" in
-       list)
-               json_init
-               json_add_object "status"
-               json_add_string "section" "x"
-               json_add_string "interface" "x"
-               json_close_object
-               json_dump
-               ;;
-       call)
-               case "$2" in
-               status)
-                       local section iface
-                       read input;
-                       json_load "$input"
-                       json_get_var section section
-                       json_get_var iface interface
-
-                       config_load mwan3
-                       json_init
-                       case "$section" in
-                               interfaces)
-                                       json_add_object interfaces
-                                       config_foreach get_mwan3_status interface "${iface}"
-                                       json_close_object
-                                       ;;
-                               connected)
-                                       json_add_object connected
-                                       json_add_array ipv4
-                                       report_connected_v4
-                                       json_close_array
-                                       json_add_array ipv6
-                                       report_connected_v6
-                                       json_close_array
-                                       json_close_object
-                                       ;;
-                               *)
-                                       # interfaces
-                                       json_add_object interfaces
-                                       config_foreach get_mwan3_status interface
-                                       json_close_object
-                                       # connected
-                                       json_add_object connected
-                                       json_add_array ipv4
-                                       report_connected_v4
-                                       json_close_array
-                                       json_add_array ipv6
-                                       report_connected_v6
-                                       json_close_array
-                                       json_close_object
-                                       ;;
-                       esac
-                       json_dump
-                       ;;
-               esac
-               ;;
-esac
index f23d2e71b72c468c871feb454d6842b5e2e7b020..3355a0f07a2b3dd067a960dd9824ebf5d13942f0 100755 (executable)
@@ -1,5 +1,11 @@
 #!/bin/sh
 
+[ -x /usr/bin/ip ] || exit 4
+[ -x /usr/sbin/ipset ] || exit 5
+[ -x /usr/sbin/iptables ] || exit 6
+[ -x /usr/sbin/ip6tables ] || exit 7
+[ -x /usr/bin/logger ] || exit 8
+
 . /lib/functions.sh
 . /lib/functions/network.sh
 . /lib/mwan3/mwan3.sh
@@ -36,7 +42,10 @@ ifdown()
 
        ACTION=ifdown INTERFACE=$1 /sbin/hotplug-call iface
 
-       kill $(pgrep -f "mwan3track $1") &> /dev/null
+       if [ -e /var/run/mwan3track-$1.pid ] ; then
+               kill $(cat /var/run/mwan3track-$1.pid)
+               rm /var/run/mwan3track-$1.pid
+       fi
 }
 
 ifup()
@@ -120,6 +129,7 @@ stop()
        local ipset route rule table IP IPT
 
        killall mwan3track &> /dev/null
+       rm /var/run/mwan3track-* &> /dev/null
 
        for IP in "$IP4" "$IP6"; do
 
@@ -153,6 +163,9 @@ stop()
        for ipset in $($IPS -n list | grep mwan3 | grep -E '_v4|_v6'); do
                $IPS -q destroy $ipset
        done
+
+       mwan3_lock_clean
+       rm -rf $MWAN3_STATUS_DIR
 }
 
 restart() {
index 8afe9012939b91cd13ba0b6efb9508b37e1fd0eb..326d8ab52c79eb8d349ec14dc40bdfba118ebeff 100755 (executable)
 #!/bin/sh
 
-. /lib/functions.sh
+[ -z "$9" ] && echo "Error: should not be started manually" && exit 0
 
-LOG="logger -t $(basename "$0")[$$] -p"
-INTERFACE=""
-DEVICE=""
+if [ -e /var/run/mwan3track-$1.pid ] ; then
+       kill $(cat /var/run/mwan3track-$1.pid) &> /dev/null
+       rm /var/run/mwan3track-$1.pid &> /dev/null
+fi
 
-IFDOWN_EVENT=0
+echo "$$" > /var/run/mwan3track-$1.pid
 
-clean_up() {
-       $LOG notice "Stopping mwan3track for interface \"${INTERFACE}\""
-       if [ "$(pgrep -f "mwan3track ${INTERFACE}")" = "" ]; then
-               rm -rf "/var/run/mwan3track/${INTERFACE}" &> /dev/null
-       fi
-       if [ -z "$(ls -A "/var/run/mwan3track")" ]; then
-               rm -rf "/var/run/mwan3track"
-       fi
-       exit 0
-}
-
-if_down() {
-       $LOG info "Detect ifdown event on interface ${INTERFACE} (${DEVICE})"
-       IFDOWN_EVENT=1
-}
-
-main() {
-       local reliability count timeout interval failure_interval
-       local recovery_interval down up size
-
-       [ -z "$3" ] && echo "Error: should not be started manually" && exit 0
-
-       INTERFACE=$1
-       DEVICE=$2
-       mkdir -p /var/run/mwan3track/$1
-       trap clean_up SIGINT SIGTERM
-       trap if_down SIGUSR1
-
-       config_load mwan3
-       config_get reliability $1 reliability 1
-       config_get count $1 count 1
-       config_get timeout $1 timeout 4
-       config_get interval $1 interval 10
-       config_get down $1 down 5
-       config_get up $1 up 5
-       config_get size $1 size 56
-       config_get failure_interval $1 failure_interval $interval
-       config_get recovery_interval $1 recovery_interval $interval
-
-       local score=$(($down+$up))
-       local track_ips=$(echo $* | cut -d ' ' -f 3-99)
-       local host_up_count=0
-       local lost=0
-       local sleep_time=0
-       local turn=0
-
-       echo "offline" > /var/run/mwan3track/$1/STATUS
-       while true; do
-
-               sleep_time=$interval
-
-               for track_ip in $track_ips; do
-                       ping -I $2 -c $count -W $timeout -s $size -q $track_ip &> /dev/null
-                       if [ $? -eq 0 ]; then
-                               let host_up_count++
-                               echo "up" > /var/run/mwan3track/$1/TRACK_${track_ip}
-                       else
-                               let lost++
-                               echo "down" > /var/run/mwan3track/$1/TRACK_${track_ip}
-                       fi
-               done
-
-               if [ $host_up_count -lt $reliability ]; then
-                       let score--
-
-                       if [ $score -lt $up ]; then
-                               score=0
-                       else
-                               sleep_time=$failure_interval
-                       fi
-
-                       if [ $score -eq $up ]; then
-                               echo "offline" > /var/run/mwan3track/$1/STATUS
-                               $LOG notice "Interface $1 ($2) is offline"
-                               env -i ACTION=ifdown INTERFACE=$1 DEVICE=$2 /sbin/hotplug-call iface
-                               score=0
-                       fi
+score=$(($7+$8))
+track_ips=$(echo $* | cut -d ' ' -f 9-99)
+host_up_count=0
+lost=0
+
+while true; do
+
+       for track_ip in $track_ips; do
+               ping -I $2 -c $4 -W $5 -q $track_ip &> /dev/null
+               if [ $? -eq 0 ]; then
+                       let host_up_count++
                else
-                       if [ $score -lt $(($down+$up)) ] && [ $lost -gt 0 ]; then
-                               $LOG info "Lost $(($lost*$count)) ping(s) on interface $1 ($2)"
-                       fi
-
-                       let score++
-                       lost=0
-
-                       if [ $score -gt $up ]; then
-                               echo "online" > /var/run/mwan3track/$1/STATUS
-                               score=$(($down+$up))
-                       elif [ $score -le $up ]; then
-                               sleep_time=$recovery_interval
-                       fi
-
-                       if [ $score -eq $up ]; then
-                               $LOG notice "Interface $1 ($2) is online"
-                               env -i ACTION=ifup INTERFACE=$1 DEVICE=$2 /sbin/hotplug-call iface
-                               rm -rf "/var/run/mwan3track/${1}" &> /dev/null
-                               exit 0
-                       fi
+                       let lost++
                fi
+       done
 
-               let turn++
-               mkdir -p "/var/run/mwan3track/${1}"
-               echo "${lost}" > /var/run/mwan3track/$1/LOST
-               echo "${score}" > /var/run/mwan3track/$1/SCORE
-               echo "${turn}" > /var/run/mwan3track/$1/TURN
+       if [ $host_up_count -lt $3 ]; then
+               let score--
 
-               host_up_count=0
-               sleep "${sleep_time}" &
-               wait
+               if [ $score -lt $8 ]; then score=0 ; fi
+               if [ $score -eq $8 ]; then
 
-               if [ "${IFDOWN_EVENT}" -eq 1 ]; then
+                       logger -t mwan3track -p notice "Interface $1 ($2) is offline"
+                       env -i ACTION=ifdown INTERFACE=$1 DEVICE=$2 /sbin/hotplug-call iface
                        score=0
-                       echo "offline" > /var/run/mwan3track/$1/STATUS
-                       IFDOWN_EVENT=0
+
                fi
-       done
-}
 
-main "$@"
+       else
+
+               if [ $score -lt $(($7+$8)) ] && [ $lost -gt 0 ]; then
+
+                       logger -t mwan3track -p info "Lost $(($lost*$4)) ping(s) on interface $1 ($2)"
+
+               fi
+
+               let score++
+               lost=0
+
+               if [ $score -gt $8 ]; then score=$(($7+$8)); fi
+               if [ $score -eq $8 ]; then
+
+                       logger -t mwan3track -p notice "Interface $1 ($2) is online"
+                       env -i ACTION=ifup INTERFACE=$1 DEVICE=$2 /sbin/hotplug-call iface
+                       rm /var/run/mwan3track-$1.pid
+                       exit 0
+               fi
+       fi
+
+       host_up_count=0
+       sleep $6 &
+       wait
+done
+
+exit 1
diff --git a/net/nlbwmon/Makefile b/net/nlbwmon/Makefile
new file mode 100644 (file)
index 0000000..009592e
--- /dev/null
@@ -0,0 +1,42 @@
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=nlbwmon
+PKG_RELEASE:=1
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://github.com/jow-/nlbwmon.git
+PKG_SOURCE_DATE:=2017-08-02
+PKG_SOURCE_VERSION:=32fc0925cbc30a4a8f71392e976aa94b586c4086
+PKG_MIRROR_HASH:=caedb66cf6dcbdcee0d1525923e203d003ef15f34a13a328686794666f16171f
+
+CMAKE_INSTALL:=1
+
+PKG_MAINTAINER:=Jo-Philipp Wich <jo@mein.io>
+PKG_LICENSE:=ISC
+PKG_LICENSE_FILES:=COPYING
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
+
+TARGET_CFLAGS += -I$(STAGING_DIR)/usr/include/libnl-tiny
+
+define Package/nlbwmon
+  SECTION:=net
+  CATEGORY:=Network
+  DEPENDS:=+libubox +libnl-tiny +zlib +kmod-nf-conntrack-netlink
+  TITLE:=LEDE Traffic Usage Monitor
+endef
+
+define Package/nlbwmon/install
+       $(INSTALL_DIR) $(1)/usr/sbin
+       $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/nlbwmon $(1)/usr/sbin/nlbwmon
+       $(LN) nlbwmon $(1)/usr/sbin/nlbw
+       $(INSTALL_DIR) $(1)/usr/share/nlbwmon
+       $(INSTALL_DATA) $(PKG_BUILD_DIR)/protocols.txt $(1)/usr/share/nlbwmon/protocols
+       $(INSTALL_DIR) $(1)/etc/init.d
+       $(INSTALL_BIN) ./files/nlbwmon.init $(1)/etc/init.d/nlbwmon
+       $(INSTALL_DIR) $(1)/etc/config
+       $(INSTALL_CONF) ./files/nlbwmon.config $(1)/etc/config/nlbwmon
+endef
+
+$(eval $(call BuildPackage,nlbwmon))
diff --git a/net/nlbwmon/files/nlbwmon.config b/net/nlbwmon/files/nlbwmon.config
new file mode 100644 (file)
index 0000000..3b15396
--- /dev/null
@@ -0,0 +1,51 @@
+config nlbwmon
+       # Interval at which the temporary in-memory database is committed to
+       # the persistent database directory
+       option commit_interval 24h
+
+       # Interval at which traffic counters of still established connections
+       # are refreshed from netlink information
+       option refresh_interval 30s
+
+       # Storage directory for the database files
+       option database_directory /var/lib/nlbwmon
+
+       # Amount of database generations to retain. If the limit is reached,
+       # the oldest database files are deleted.
+       option database_generations 10
+
+       # Accounting period interval; may be either in the format YYYY-MM-DD/NN
+       # to start a new accounting period exactly every NN days, beginning at
+       # the given date, or a number specifiying the day of month at which to
+       # start the next accounting period.
+       #option database_interval '2017-01-17/14' # every 14 days, starting at Tue
+       #option database_interval '-2' # second last day of month, e.g. 30th in March
+       option database_interval '1' # first day of month (default)
+
+       # The maximum amount of entries that should be put into the database,
+       # setting the limit to 0 will allow databases to grow indefinitely.
+       option database_limit 10000
+
+       # Whether to preallocate the maximum possible database size in memory.
+       # This is mainly useful for memory constrained systems which might not
+       # be able to satisfy memory allocation after longer uptime periods.
+       # Only effective in conjunction with database_limit, ignored otherwise.
+       #option database_prealloc 0
+
+       # Whether to gzip compress archive databases. Compressing the database
+       # files makes accessing old data slightly slower but helps to reduce
+       # storage requirements.
+       #option database_compress 1
+
+       # Protocol description file, used to distinguish traffic streams by
+       # IP protocol number and port
+       option protocol_database /usr/share/nlbwmon/protocols
+
+       # List of local subnets. Only conntrack streams from or to any of these
+       # subnets are counted. Logical interface names may be specified to
+       # resolve the local subnets on the fly.
+       list local_network '192.168.0.0/16'
+       list local_network '172.16.0.0/12'
+       list local_network '10.0.0.0/8'
+       list local_network 'lan'
+
diff --git a/net/nlbwmon/files/nlbwmon.init b/net/nlbwmon/files/nlbwmon.init
new file mode 100755 (executable)
index 0000000..3f01d0f
--- /dev/null
@@ -0,0 +1,89 @@
+#!/bin/sh /etc/rc.common
+
+START=60
+
+USE_PROCD=1
+NAME=nlbwmon
+PROG=/usr/sbin/nlbwmon
+
+add_subnet() {
+       local network="$1"
+       local range ranges
+
+       case "$network" in
+               *.*|*:*)
+                       procd_append_param command '-s' "$network"
+               ;;
+               *)
+                       if network_get_subnets ranges "$network"; then
+                               for range in $ranges; do
+                                       procd_append_param command '-s' "$range"
+                               done
+                       fi
+
+                       if network_get_subnets6 ranges "$network"; then
+                               for range in $ranges; do
+                                       procd_append_param command '-s' "$range"
+                               done
+                       fi
+               ;;
+       esac
+}
+
+add_option() {
+       local cfg="$1"
+       local flag="$2"
+       local option="$3"
+       local default="$4"
+       local value
+
+       config_get value "$cfg" "$option" "$default"
+       [ -n "$value" ] && procd_append_param command "$flag" "$value"
+}
+
+add_bool() {
+       local cfg="$1"
+       local flag="$2"
+       local option="$3"
+       local default="$4"
+       local value
+
+       config_get_bool value "$cfg" "$option" "$default"
+       [ $value -eq 1 ] && procd_append_param command "$flag"
+}
+
+parse_config() {
+       . /lib/functions/network.sh
+
+       local cfg="$1"
+       local dir
+
+       config_get dir "$cfg" database_directory /var/lib/nlbwmon
+
+       mkdir -p "$dir"
+       procd_append_param command -o "$dir"
+
+       add_option "$cfg" -i commit_interval 24h
+       add_option "$cfg" -r refresh_interval 30s
+       add_option "$cfg" -p protocol_database /usr/share/nlbwmon/protocols
+       add_option "$cfg" -G database_generations 10
+       add_option "$cfg" -I database_interval 1
+       add_option "$cfg" -L database_limit 10000
+
+       add_bool "$cfg" -P database_prealloc 0
+       add_bool "$cfg" -Z database_compress 1
+
+       config_list_foreach "$cfg" local_network add_subnet
+}
+
+start_service() {
+       procd_open_instance
+       procd_set_param stderr 1
+       procd_set_param command "$PROG"
+
+       config_load nlbwmon
+       config_foreach parse_config nlbwmon
+
+       procd_close_instance
+}
+
diff --git a/net/seafile-ccnet/Makefile b/net/seafile-ccnet/Makefile
deleted file mode 100644 (file)
index 384fe46..0000000
+++ /dev/null
@@ -1,75 +0,0 @@
-#
-# Copyright (C) 2007-2016 OpenWrt.org
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=seafile-ccnet
-PKG_VERSION:=5.1.4
-PKG_RELEASE=$(PKG_SOURCE_VERSION)-1
-PKG_LICENSE:=GPL-3.0
-
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://github.com/haiwen/ccnet.git
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=44f74fdc5160c1bf16a92e71d79b856763ddbc15
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
-PKG_FIXUP:=autoreconf
-PKG_INSTALL:=1
-
-include $(INCLUDE_DIR)/package.mk
-include $(INCLUDE_DIR)/nls.mk
-$(call include_mk, python-package.mk)
-
-define Package/seafile-ccnet
-    SECTION:=net
-    CATEGORY:=Network
-    TITLE:=Seafile server - ccnet component
-    MAINTAINER:=Gergely Kiss <mail.gery@gmail.com>
-    URL:=http://seafile.com/
-    DEPENDS:=+libsearpc +libevent2 +libopenssl \
-               +glib2 +python +libzdb +libuuid \
-               +libpthread +libsqlite3 +jansson $(ICONV_DEPENDS)
-    EXTRA_DEPENDS:=libsearpc (=5.1.4-8998e7b2c5587f0b94c48db24e2952d08def5add-1)
-endef
-
-define Package/seafile-ccnet/description
-   Ccnet is a framework for writing networked applications in C.
-endef
-
-CONFIGURE_ARGS += --disable-client \
-                   --enable-server \
-                   --disable-ldap \
-                   --disable-cluster \
-                   --enable-python \
-                   --disable-server-pkg \
-                   --disable-static-build \
-                   --disable-compile-demo \
-                   --disable-console
-
-PKG_BUILD_DEPENDS:=vala/host
-
-TARGET_LDFLAGS += -Wl,-rpath-link=$(STAGING_DIR)/usr/lib -liconv \
-                   -L$(STAGING_DIR)/usr/lib/mysql -lmysqlclient -lz
-
-define Package/seafile-ccnet/install
-       $(INSTALL_DIR) $(1)/usr/{bin,lib}
-       $(INSTALL_DIR) $(1)$(PYTHON_PKG_DIR)
-       $(CP) $(PKG_INSTALL_DIR)/usr/bin/ccnet* $(1)/usr/bin/
-       $(CP) $(PKG_INSTALL_DIR)$(PYTHON_PKG_DIR)/ccnet $(1)$(PYTHON_PKG_DIR)
-       $(CP) $(PKG_INSTALL_DIR)/usr/lib/libccnet.so* $(1)/usr/lib/
-       find $(1) -name "*\.pyc" -o -name "*\.pyo" | xargs rm -f
-endef
-
-define Build/InstallDev
-       $(INSTALL_DIR) $(1)/usr/include
-       $(INSTALL_DIR) $(1)/usr/lib/pkgconfig
-       $(CP) $(PKG_INSTALL_DIR)/usr/include/ccnet* $(1)/usr/include/
-       $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libccnet.pc $(1)/usr/lib/pkgconfig/
-       $(CP) $(PKG_INSTALL_DIR)/usr/lib/libccnet.so* $(1)/usr/lib/
-endef
-
-$(eval $(call BuildPackage,seafile-ccnet))
diff --git a/net/seafile-ccnet/patches/010-Makefile.patch b/net/seafile-ccnet/patches/010-Makefile.patch
deleted file mode 100644 (file)
index a30abbd..0000000
+++ /dev/null
@@ -1,31 +0,0 @@
-diff -rupN seafile-ccnet-5.1.1.orig/lib/Makefile.am seafile-ccnet-5.1.1/lib/Makefile.am
---- seafile-ccnet-5.1.1.orig/lib/Makefile.am   2016-04-21 11:04:46.000000000 +0200
-+++ seafile-ccnet-5.1.1/lib/Makefile.am        2016-04-22 10:02:52.583732050 +0200
-@@ -1,3 +1,4 @@
-+include $(TOPDIR)/rules.mk
- AM_CPPFLAGS = @GLIB2_CFLAGS@ -I$(top_srcdir)/include \
-       -I$(top_srcdir)/include/ccnet \
-@@ -72,11 +73,11 @@ ccnet-client.c: ccnet-object.h
- ccnet-object.h: ${ccnet_object_define}
-       rm -f $@
--      valac --pkg posix ${ccnet_object_define} -C -H ccnet-object.h
-+      "$(STAGING_DIR_HOSTPKG)/bin/valac" --pkg posix ${ccnet_object_define} -C -H ccnet-object.h
- ccnetobj.c: ${ccnet_object_define}
-       rm -f $@
--      valac -C --pkg posix ${ccnet_object_define}
-+      "$(STAGING_DIR_HOSTPKG)/bin/valac" -C --pkg posix ${ccnet_object_define}
- searpc_gen = searpc-signature.h searpc-marshal.h
-@@ -86,7 +87,7 @@ rpc_table.stamp: ${top_srcdir}/lib/rpc_t
-       @rm -f rpc_table.tmp
-       @touch rpc_table.tmp
-       @echo "[libsearpc]: generating rpc header files"
--      @PYTHON@ `which searpc-codegen.py` ${top_srcdir}/lib/rpc_table.py
-+      @PYTHON@ "$(STAGING_DIR)/usr/bin/searpc-codegen.py" ${top_srcdir}/lib/rpc_table.py
-       @echo "[libsearpc]: done"
-       @mv -f rpc_table.tmp $@
diff --git a/net/seafile-seahub/Makefile b/net/seafile-seahub/Makefile
deleted file mode 100644 (file)
index 09458b6..0000000
+++ /dev/null
@@ -1,60 +0,0 @@
-#
-# Copyright (C) 2007-2016 OpenWrt.org
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=seafile-seahub
-PKG_VERSION:=5.1.4
-PKG_RELEASE=$(PKG_SOURCE_VERSION)-1
-PKG_LICENSE:=Apache-2.0
-
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://github.com/haiwen/seahub.git
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=1e1c02aa4f2a0256ffa29a28224aad2d678f43a0
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
-
-include $(INCLUDE_DIR)/package.mk
-$(call include_mk, python-package.mk)
-
-define Package/seafile-seahub
-    SECTION:=net
-    CATEGORY:=Network
-    TITLE:=Seafile server - seahub component
-    MAINTAINER:=Gergely Kiss <mail.gery@gmail.com>
-    URL:=http://seafile.com/
-    DEPENDS:=+simplejson +python +pillow +chardet +django +django-appconf \
-               +django-compressor +django-constance +django-jsonfield +django-picklefield \
-               +django-postoffice +django-restframework +django-statici18n +et_xmlfile \
-               +flup +gunicorn +jdcal +openpyxl +python-dateutil +python-mysql +pytz +rcssmin
-endef
-
-define Build/Configure
-endef
-
-define Build/Compile
-       $(call Build/Compile/Default,locale)
-endef
-
-define Package/seafile-seahub/description
-   The web end of seafile server.
-
-   NOTE: in order to have better performance, localization support is turned off by default.
-   Please set 'USE_I18N = True' in seahub_settings.py if you intend to use languages other than English.
-endef
-
-define Package/seafile-seahub/install
-       $(INSTALL_DIR) $(1)/usr/share/seafile/seafile-server/seahub
-       $(CP) $(PKG_BUILD_DIR)/{locale,media,fabfile,seahub,sql,tests,thirdpart,tools} $(1)/usr/share/seafile/seafile-server/seahub/
-       $(CP) $(PKG_BUILD_DIR)/*.{sh,template,py,txt} $(1)/usr/share/seafile/seafile-server/seahub/
-       $(CP) $(PKG_BUILD_DIR)/{CONTRIBUTORS,HACKING,README.markdown} $(1)/usr/share/seafile/seafile-server/seahub/
-       $(CP) $(PKG_BUILD_DIR)/pylintrc* $(1)/usr/share/seafile/seafile-server/seahub/
-       find $(1) -name "*\.pyc" -o -name "*\.pyo" | xargs rm -f
-       $(SED) "s/\(SEAFILE_VERSION\s*=\s*\)'\([0-9]\.[0-9]\.[0-9]\)'/\1'$(PKG_VERSION)'/g" $(1)/usr/share/seafile/seafile-server/seahub/seahub/settings.py
-endef
-
-$(eval $(call BuildPackage,seafile-seahub))
diff --git a/net/seafile-seahub/patches/010-default-config.patch b/net/seafile-seahub/patches/010-default-config.patch
deleted file mode 100644 (file)
index 4168dc1..0000000
+++ /dev/null
@@ -1,30 +0,0 @@
-diff -rupN seahub-3.1.7-server.orig/seahub/settings.py seahub-3.1.7-server/seahub/settings.py
---- seahub-3.1.7-server.orig/seahub/settings.py        2014-10-20 09:32:35.000000000 +0200
-+++ seahub-3.1.7-server/seahub/settings.py     2014-12-10 15:47:21.625104606 +0100
-@@ -46,7 +46,7 @@ SITE_ID = 1
- # If you set this to False, Django will make some optimizations so as not
- # to load the internationalization machinery.
--USE_I18N = True
-+USE_I18N = False
- # If you set this to False, Django will not format dates, numbers and
- # calendars according to the current locale.
-@@ -209,7 +209,7 @@ SHOW_REPO_DOWNLOAD_BUTTON = False
- REPO_PASSWORD_MIN_LENGTH = 8
- # mininum length for user's password
--USER_PASSWORD_MIN_LENGTH = 6
-+USER_PASSWORD_MIN_LENGTH = 8
- # LEVEL based on four types of input:
- # num, upper letter, lower letter, other symbols
-@@ -218,7 +218,7 @@ USER_PASSWORD_STRENGTH_LEVEL = 3
- # default False, only check USER_PASSWORD_MIN_LENGTH
- # when True, check password strength level, STRONG(or above) is allowed
--USER_STRONG_PASSWORD_REQUIRED = False
-+USER_STRONG_PASSWORD_REQUIRED = True
- # Using server side crypto by default, otherwise, let user choose crypto method.
- FORCE_SERVER_CRYPTO = True
diff --git a/net/seafile-seahub/patches/020-Makefile-fixes.patch b/net/seafile-seahub/patches/020-Makefile-fixes.patch
deleted file mode 100644 (file)
index 49b67f8..0000000
+++ /dev/null
@@ -1,28 +0,0 @@
-diff -rupN seafile-seahub-5.1.1.orig/Makefile seafile-seahub-5.1.1/Makefile
---- seafile-seahub-5.1.1.orig/Makefile 2016-04-26 23:59:48.000000000 +0200
-+++ seafile-seahub-5.1.1/Makefile      2016-04-28 09:03:35.507105416 +0200
-@@ -1,3 +1,6 @@
-+include $(TOPDIR)/rules.mk
-+$(call include_mk, python-package.mk)
-+
- PROJECT=seahub
- develop: setup-git
-@@ -9,7 +12,7 @@ dist: locale uglify statici18n collectst
- locale:
-       @echo "--> Compile locales"
--      django-admin.py compilemessages
-+      $(call HostPython,,$(STAGING_DIR)/usr/bin/django-admin.py compilemessages)
-       @echo ""
- uglify:
-@@ -19,7 +22,7 @@ uglify:
- statici18n:
-       @echo "--> Generate JS locale files in static/scripts/i18n"
--      python manage.py compilejsi18n
-+      $(call HostPython,,manage.py compilejsi18n)
- collectstatic:
-       @echo "--> Collect django static files to media/assets"
index 3aa81b18fefede22c748250fb6fa2ba7de5a7abf..4b28755f7f0b2c710a4034a6bd2271c6e0307c5d 100644 (file)
@@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk
 PKG_NAME:=sqm-scripts
 PKG_SOURCE_VERSION:=8217081f7e52af342c362b29480461575c496387
 PKG_VERSION:=1.1.3
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 PKG_LICENSE:=GPLv2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_RELEASE).tar.xz
@@ -80,7 +80,7 @@ uci -q get ucitrack.@sqm[0] > /dev/null && {
   uci delete ucitrack.@sqm[0]
   uci del_list ucitrack.@firewall[0].affects=sqm
   uci commit
-}
+} || exit 0
 endef
 
 $(eval $(call BuildPackage,sqm-scripts))
index 5289d3f9740d062735d76ce2aa9aa56b2f487385..4223d295926cccf05bec0b51d6ced441a0fdd4a0 100644 (file)
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=strongswan
-PKG_VERSION:=5.5.1
+PKG_VERSION:=5.5.3
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
+PKG_HASH:=c5ea54b199174708de11af9b8f4ecf28b5b0743d4bc0e380e741f25b28c0f8d4
 PKG_SOURCE_URL:=http://download.strongswan.org/ http://download2.strongswan.org/
-PKG_MD5SUM:=4eba9474f7dc6c8c8d7037261358e68d
 PKG_LICENSE:=GPL-2.0+
 PKG_MAINTAINER:=Stijn Tintel <stijn@linux-ipv6.be>
 
@@ -32,6 +32,7 @@ PKG_MOD_AVAILABLE:= \
        coupling \
        ctr \
        curl \
+       curve25519 \
        des \
        dhcp \
        dnskey \
@@ -150,6 +151,7 @@ $(call Package/strongswan/Default)
        +strongswan-mod-coupling \
        +strongswan-mod-ctr \
        +strongswan-mod-curl \
+       +strongswan-mod-curve25519 \
        +strongswan-mod-des \
        +strongswan-mod-dhcp \
        +strongswan-mod-dnskey \
@@ -517,6 +519,7 @@ $(eval $(call BuildPlugin,constraints,advanced X509 constraint checking,))
 $(eval $(call BuildPlugin,coupling,IKEv2 plugin to couple peer certificates permanently to authentication,))
 $(eval $(call BuildPlugin,ctr,Counter Mode wrapper crypto,))
 $(eval $(call BuildPlugin,curl,cURL fetcher plugin,+PACKAGE_strongswan-mod-curl:libcurl))
+$(eval $(call BuildPlugin,curve25519,Curve25519 Diffie-Hellman,))
 $(eval $(call BuildPlugin,des,DES crypto,))
 $(eval $(call BuildPlugin,dhcp,DHCP based attribute provider,))
 $(eval $(call BuildPlugin,dnskey,DNS RR key decoding,))
index e48d22b41d77bac1e88a50d8a93e6bd6ba81f93b..753bd8e8d68421423d25a17b9d6c86c6f721dc65 100644 (file)
@@ -72,8 +72,8 @@
  #include <linux/netlink.h>
 --- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c
 +++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c
-@@ -15,6 +15,8 @@
-  * for more details.
+@@ -38,6 +38,8 @@
+  * THE SOFTWARE.
   */
  
 +#include "musl.h"
index 274ea8694225bd1ba0a3ff8336b9e0014279a8bf..21ae848bf17f23d8ab6f3cb8da6e7b3e314b0add 100644 (file)
@@ -1,6 +1,6 @@
 --- a/src/libcharon/plugins/uci/uci_parser.c
 +++ b/src/libcharon/plugins/uci/uci_parser.c
-@@ -78,7 +78,7 @@ METHOD(enumerator_t, section_enumerator_
+@@ -75,7 +75,7 @@ METHOD(enumerator_t, section_enumerator_
                if (uci_lookup(this->ctx, &element, this->package,
                                           this->current->name, "name") == UCI_OK)
                {       /* use "name" attribute as config name if available ... */
@@ -9,7 +9,7 @@
                }
                else
                {       /* ... or the section name becomes config name */
-@@ -93,7 +93,7 @@ METHOD(enumerator_t, section_enumerator_
+@@ -90,7 +90,7 @@ METHOD(enumerator_t, section_enumerator_
                if (value && uci_lookup(this->ctx, &element, this->package,
                                                  this->current->name, this->keywords[i]) == UCI_OK)
                {
@@ -17,4 +17,4 @@
 +                      *value = uci_to_option(element)->v.string;
                }
        }
-       va_end(args);
index d8adec3d0510634363cf467cd03297bd9d8566df..d8f2f3be25b06cdae89dc6c1f12aaf542a5b3d11 100644 (file)
@@ -1,6 +1,6 @@
 --- a/src/ipsec/_ipsec.in
 +++ b/src/ipsec/_ipsec.in
-@@ -259,7 +259,7 @@ stop)
+@@ -257,7 +257,7 @@ stop)
                        loop=110
                        while [ $loop -gt 0 ] ; do
                                kill -0 $spid 2>/dev/null || break
index 597510f19049a81b6ce002ba3a3748801122e3a8..eb8d83c4a3b7aaa0f5a99162c0bbf3ea7871d346 100644 (file)
@@ -1,40 +1,40 @@
 --- a/configure.ac
 +++ b/configure.ac
-@@ -133,6 +133,7 @@ ARG_DISBL_SET([fips-prf],       [disable
+@@ -135,6 +135,7 @@ ARG_DISBL_SET([fips-prf],       [disable
  ARG_ENABL_SET([gcm],            [enables the GCM AEAD wrapper crypto plugin.])
  ARG_ENABL_SET([gcrypt],         [enables the libgcrypt plugin.])
  ARG_DISBL_SET([gmp],            [disable GNU MP (libgmp) based crypto implementation plugin.])
 +ARG_DISBL_SET([gmpdh],          [disable GNU MP (libgmp) based static-linked crypto DH minimal implementation plugin.])
+ ARG_DISBL_SET([curve25519],     [disable Curve25519 Diffie-Hellman plugin.])
  ARG_DISBL_SET([hmac],           [disable HMAC crypto implementation plugin.])
  ARG_ENABL_SET([md4],            [enable MD4 software implementation plugin.])
- ARG_DISBL_SET([md5],            [disable MD5 software implementation plugin.])
-@@ -1347,6 +1348,7 @@ ADD_PLUGIN([gcrypt],               [s ch
+@@ -1379,6 +1380,7 @@ ADD_PLUGIN([gcrypt],               [s ch
  ADD_PLUGIN([af-alg],               [s charon scepclient pki scripts medsrv attest nm cmd aikgen])
  ADD_PLUGIN([fips-prf],             [s charon nm cmd])
- ADD_PLUGIN([gmp],                  [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen])
+ ADD_PLUGIN([gmp],                  [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen fuzz])
 +ADD_PLUGIN([gmpdh],                [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen])
+ ADD_PLUGIN([curve25519],           [s charon pki scripts nm cmd])
  ADD_PLUGIN([agent],                [s charon nm cmd])
  ADD_PLUGIN([keychain],             [s charon cmd])
- ADD_PLUGIN([chapoly],              [s charon scripts nm cmd])
-@@ -1480,6 +1482,7 @@ AM_CONDITIONAL(USE_SHA2, test x$sha2 = x
- AM_CONDITIONAL(USE_SHA3, test x$sha3 = xtrue)
+@@ -1516,6 +1518,7 @@ AM_CONDITIONAL(USE_SHA3, test x$sha3 = x
+ AM_CONDITIONAL(USE_MGF1, test x$mgf1 = xtrue)
  AM_CONDITIONAL(USE_FIPS_PRF, test x$fips_prf = xtrue)
  AM_CONDITIONAL(USE_GMP, test x$gmp = xtrue)
 +AM_CONDITIONAL(USE_GMPDH, test x$gmpdh = xtrue)
+ AM_CONDITIONAL(USE_CURVE25519, test x$curve25519 = xtrue)
  AM_CONDITIONAL(USE_RDRAND, test x$rdrand = xtrue)
  AM_CONDITIONAL(USE_AESNI, test x$aesni = xtrue)
- AM_CONDITIONAL(USE_RANDOM, test x$random = xtrue)
-@@ -1733,6 +1736,7 @@ AC_CONFIG_FILES([
-       src/libstrongswan/plugins/sha3/Makefile
+@@ -1783,6 +1786,7 @@ AC_CONFIG_FILES([
+       src/libstrongswan/plugins/mgf1/Makefile
        src/libstrongswan/plugins/fips_prf/Makefile
        src/libstrongswan/plugins/gmp/Makefile
 +      src/libstrongswan/plugins/gmpdh/Makefile
+       src/libstrongswan/plugins/curve25519/Makefile
        src/libstrongswan/plugins/rdrand/Makefile
        src/libstrongswan/plugins/aesni/Makefile
-       src/libstrongswan/plugins/random/Makefile
 --- a/src/libstrongswan/Makefile.am
 +++ b/src/libstrongswan/Makefile.am
-@@ -307,6 +307,13 @@ if MONOLITHIC
+@@ -323,6 +323,13 @@ if MONOLITHIC
  endif
  endif
  
@@ -45,8 +45,8 @@
 +endif
 +endif
 +
- if USE_RDRAND
-   SUBDIRS += plugins/rdrand
+ if USE_CURVE25519
+   SUBDIRS += plugins/curve25519
  if MONOLITHIC
 --- /dev/null
 +++ b/src/libstrongswan/plugins/gmpdh/Makefile.am
index 976ca3b1142633a8c267affd40066eb6b3481e63..561322a7491e8d31d2f7ab8c80861031d2855926 100644 (file)
@@ -9,13 +9,13 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=subversion
 PKG_RELEASE:=2
-PKG_VERSION:=1.9.7
+PKG_VERSION:=1.9.5
 PKG_SOURCE_URL:=@APACHE/subversion
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_HASH:=c3b118333ce12e501d509e66bb0a47bcc34d053990acab45559431ac3e491623
+PKG_MD5SUM:=9fcbae352a5efe73d46a88c97c6bba14
 PKG_LICENSE:=Apache-2.0
 PKG_LICENSE_FILES:=LICENSE
-PKG_MAINTAINER:=
+PKG_MAINTAINER:=Val Kulkov <val.kulkov@gmail.com>
 
 PKG_FIXUP:=autoreconf
 PKG_MACRO_PATHS:=build/ac-macros
index d8f4c0026577c0fdb648ef1eb195d8e93c0af96b..dcc3a073a3816da2e2c232cb9deadb31a4ff9673 100644 (file)
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=tinc
-PKG_VERSION:=1.0.30
+PKG_VERSION:=1.0.33
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=http://www.tinc-vpn.org/packages
-PKG_MD5SUM:=f3ca1fc1154ed1f2cac408ea06a1c1ca
+PKG_HASH:=7f6f5dc6444bc651ac635c81f4745bcce581bbd1d45ed60cbdc4ee11bebb10f4
 
 PKG_INSTALL:=1
 
index b6ab886c2a6453f96ec3553ebc2306327695178b..f5778ff1a80ff0f748c4ce92a17384d2c3c6caf9 100644 (file)
@@ -8,13 +8,14 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=tor
-PKG_VERSION:=0.2.9.9
+PKG_VERSION:=0.2.9.12
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://dist.torproject.org/ \
        https://archive.torproject.org/tor-package-archive
-PKG_MD5SUM:=33325d2b250fd047ba2ddc5d11c2190c4e2951f4b03ec48ebd8bf0666e990d43
+PKG_MD5SUM:=12e50d893c1a34e6c7a241abf3e00807
+PKG_HASH:=6e7466625d53812f23c2ad60a873c5855f63f756fde0fc5cbeda8d32cee1086b
 PKG_MAINTAINER:=Hauke Mehrtens <hauke@hauke-m.de>
 PKG_LICENSE_FILES:=LICENSE
 
index 6f2d2a0d2cec69562ccd373e3805bdccd0e6e5cb..71e196c42ed02d6456710ed9f1c85ddc6128d64e 100644 (file)
@@ -1,32 +1,33 @@
 #
-# Copyright (c) 2016-2017 Dirk Brenken (dev@brenken.org)
+# Copyright (c) 2016-2018 Dirk Brenken (dev@brenken.org)
 # This is free software, licensed under the GNU General Public License v3.
 #
 
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=travelmate
-PKG_VERSION:=0.3.2
+PKG_VERSION:=1.0.2
 PKG_RELEASE:=1
 PKG_LICENSE:=GPL-3.0+
 PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>
 
 include $(INCLUDE_DIR)/package.mk
 
-define Package/$(PKG_NAME)
+define Package/travelmate
        SECTION:=net
        CATEGORY:=Network
        TITLE:=A wlan connection manager for travel router
+       DEPENDS:=+iwinfo +jshn +jsonfilter
        PKGARCH:=all
 endef
 
-define Package/$(PKG_NAME)/description
+define Package/travelmate/description
 A wlan connection manager for travel router.
 Please see https://github.com/openwrt/packages/blob/master/net/travelmate/files/README.md for further information.
 
 endef
 
-define Package/$(PKG_NAME)/conffiles
+define Package/travelmate/conffiles
 /etc/config/travelmate
 endef
 
@@ -39,7 +40,7 @@ endef
 define Build/Compile
 endef
 
-define Package/$(PKG_NAME)/install
+define Package/travelmate/install
        $(INSTALL_DIR) $(1)/usr/bin
        $(INSTALL_BIN) ./files/travelmate.sh $(1)/usr/bin/
 
@@ -50,4 +51,4 @@ define Package/$(PKG_NAME)/install
        $(INSTALL_CONF) ./files/travelmate.conf $(1)/etc/config/travelmate
 endef
 
-$(eval $(call BuildPackage,$(PKG_NAME)))
+$(eval $(call BuildPackage,travelmate))
index 4cd39d60d285fdbff831b6a9baac6d3fdb414fea..486145b8cfc75d53cd0c63f398cf6d6ad0d3db9d 100644 (file)
@@ -8,48 +8,63 @@ To avoid these kind of deadlocks, travelmate set all station interfaces in an "a
 ## Main Features
 * STA interfaces operating in an "always off" mode, to make sure that the AP is always accessible
 * easy setup within normal OpenWrt/LEDE environment
+* strong LuCI-Support with builtin interface wizard and a wireless station manager
 * fast uplink connections
-* procd init system support
-* procd based hotplug support, the travelmate start will be triggered by interface triggers
+* support all kinds of uplinks, incl. hidden and enterprise uplinks
+* trigger- or automatic-mode support, the latter one is the default and checks the existing uplink connection regardless of ifdown event trigger actions every n seconds
+* support of devices with multiple radios
+* procd init and hotplug support
+* runtime information available via LuCI & via 'status' init command
 * status & debug logging to syslog
 
 ## Prerequisites
-* [OpenWrt](https://openwrt.org) or [LEDE](https://www.lede-project.org) trunk
-* iw (default) or iwinfo for wlan scanning
+* [LEDE](https://www.lede-project.org) 17.01 or latest snapshot
+* iwinfo for wlan scanning
 
-## OpenWrt / LEDE trunk Installation & Usage
+## LEDE trunk Installation & Usage
 * download the package [here](https://downloads.lede-project.org/snapshots/packages/x86_64/packages)
 * install 'travelmate' (_opkg install travelmate_)
-* configure your network to support (multiple) wlan uplinks and set travelmate config options (details see below)
-* set 'trm\_enabled' option in travelmate config to '1'
-* travelmate starts automatically during boot and will be triggered by procd interface triggers
+* configure your network:
+    * recommended: use the LuCI frontend with builtin interface wizard and a wireless station manager
+    * manual: see detailed configure steps below
+    * at least you need one configured AP and one STA interface
 
 ## LuCI travelmate companion package
 * download the package [here](https://downloads.lede-project.org/snapshots/packages/x86_64/luci)
 * install 'luci-app-travelmate' (_opkg install luci-app-travelmate_)
 * the application is located in LuCI under 'Services' menu
-* _Thanks to Hannu Nyman for this great LuCI frontend!_
-
-## Chaos Calmer installation notes
-* 'travelmate' and 'luci-app-travelmate' are _not_ available as ipk packages in the Chaos Calmer download repository
-* download the packages from a development snapshot directory (see download links above)
-* manually transfer the packages to your routers temp directory (with tools like _sshfs_ or _winscp_)
-* install the packages as described above
 
 ## Travelmate config options
-* travelmate config options:
+* usually the pre-configured travelmate setup works quite well and no manual config overrides are needed, all listed options apply to the 'global' config section:
     * trm\_enabled => main switch to enable/disable the travelmate service (default: '0', disabled)
     * trm\_debug => enable/disable debug logging (default: '0', disabled)
-    * trm\_maxwait => how long (in seconds) should travelmate wait for wlan interface reload action (default: '20')
-    * trm\_maxretry => how many times should travelmate try to find an uplink after a trigger event (default: '3')
-    * trm\_iw => set this option to '0' to use iwinfo for wlan scanning (default: '1', use iw)
-    * trm\_iface => restrict the procd interface trigger to a (list of) certain wan interface(s) or disable it at all (default: not set, disabled)
+    * trm\_automatic => keep travelmate in an active state (default: '1', enabled)
+    * trm\_maxwait => how long (in seconds) should travelmate wait for a successful wlan interface reload action (default: '30')
+    * trm\_maxretry => how many times should travelmate try to connect to an uplink, '0' means unlimited retries. (default: '3')
+    * trm\_timeout => timeout in seconds for "automatic mode" (default: '60')
+    * trm\_radio => limit travelmate to a dedicated radio, e.g. 'radio0' (default: not set, use all radios)
+    * trm\_iface => main uplink / procd trigger network interface (default: trm_wwan)
+    * trm\_triggerdelay => additional trigger delay in seconds before travelmate processing starts (default: '2')
+
+## Runtime information
 
-## Setup
-**1. configure a wwan interface in /etc/config/network:**
+**receive travelmate runtime information:**
+<pre><code>
+::: travelmate runtime information
+ travelmate_version : 1.0.0
+ station_connection : true
+ station_id         : blackhole/04:F0:21:2F:B7:64
+ station_interface  : trm_wwan
+ station_radio      : radio1
+ last_rundate       : 15.12.2017 13:51:30
+ system             : TP-LINK RE450, OpenWrt SNAPSHOT r5422+84-9fe59abef8
+</code></pre>
+
+## Manual Setup
+**1. configure the travelmate wwan interface in /etc/config/network:**
 <pre><code>
 [...]
-config interface 'wwan'
+config interface 'trm_wwan'
         option proto 'dhcp'
 [...]
 </code></pre>
@@ -59,22 +74,16 @@ config interface 'wwan'
 [...]
 config zone
         option name 'wan'
-        option input 'REJECT'
-        option output 'ACCEPT'
-        option forward 'REJECT'
-        option masq '1'
-        option mtu_fix '1'
-        option network 'wan wan6 wwan'
+        option network 'wan wan6 trm_wwan'
 [...]
 </code></pre>
 
-**3. add required ap and wwan stations to your wireless configuration in etc/config/wireless:**
+**3. at least add one ap and (multiple) wwan stations to your wireless configuration in etc/config/wireless:**
 <pre><code>
 [...]
 config wifi-iface
         option device 'radio0'
         option network 'lan'
-        option ifname 'wlan0'
         option mode 'ap'
         option ssid 'example_ap'
         option encryption 'psk2+ccmp'
@@ -83,41 +92,43 @@ config wifi-iface
 [...]
 config wifi-iface
         option device 'radio0'
-        option network 'wwan'
+        option network 'trm_wwan'
         option mode 'sta'
         option ssid 'example_01'
-        option ifname 'wwan01'
         option encryption 'psk2+ccmp'
         option key 'abc'
         option disabled '1'
+[...]
 config wifi-iface
         option device 'radio0'
-        option network 'wwan'
+        option network 'trm_wwan'
         option mode 'sta'
         option ssid 'example_02'
-        option ifname 'wwan02'
         option encryption 'psk2+ccmp'
         option key 'xyz'
         option disabled '1'
-config wifi-iface
-        option device 'radio0'
-        option network 'wwan'
-        option mode 'sta'
-        option ssid 'example_03'
-        option ifname 'wwan03'
-        option encryption 'none'
-        option disabled '1'
 [...]
 </code></pre>
 
-**4. reload network configuration & start travelmate:**
+**4. start travelmate:**
 <pre><code>
-/etc/init.d/network reload
-/etc/init.d/travelmate start
+edit /etc/config/travelmate and set 'trm_enabled' to '1'
+/etc/init.d/travelmate restart
 </code></pre>
 
+## FAQ
+**Q:** What's about 'trigger' and 'automatic' mode?  
+**A:** In "trigger" mode travelmate will be triggered solely by procd interface down events, whenever an uplink disappears travelmate tries n times (default 3) to find a new uplink or reconnect to the old one. The 'automatic' mode keeps travelmate in an active state and checks every n seconds the connection status / the uplink availability regardless of procd event trigger.  
+
+**Q:** What happen with misconfigured uplinks, e.g. due to outdated wlan passwords?  
+**A:** Travelmate tries n times (default 3) to connect, then the respective uplink SSID will be marked / renamed to '_SSID_\_err'. In this case use the builtin wireless station manager to update your wireless credentials. To disable this functionality at all set the Connection Limit ('trm\_maxretry') to '0', which means unlimited retries.  
+
+**Q:** Is travelmate compatible with CC/Openwrt?  
+**A:** Travelmate was never tested with an ancient CC/OpenWrt release ... it should still work, but no promises.  
+
+[...] to be continued [...]
 ## Support
-Please join the travelmate discussion in this [forum thread](https://forum.openwrt.org/viewtopic.php?id=67697) or contact me by [mail](mailto:dev@brenken.org)  
+Please join the travelmate discussion in this [forum thread](https://forum.lede-project.org/t/travelmate-support-thread/5155) or contact me by [mail](mailto:dev@brenken.org)  
 
 ## Removal
 * stop the travelmate daemon with _/etc/init.d/travelmate stop_
index c63000f3806b7969a8beab630ea6e23b8ffb4419..5674ed2e7b85013b320fb4f6c42175628275ca51 100644 (file)
@@ -4,6 +4,10 @@
 config travelmate 'global'
        option trm_enabled '0'
        option trm_debug '0'
-       option trm_maxwait '20'
+       option trm_triggerdelay '1'
+       option trm_automatic '1'
+       option trm_maxwait '30'
        option trm_maxretry '3'
-       option trm_iw '1'
+       option trm_timeout '60'
+       option trm_iface 'trm_wwan'
+       option trm_rtfile '/tmp/trm_runtime.json'
index 255a641879611dc136843b21aef8a37f345cb80b..52609c01704df7fb96ba0984fb156a1ae76e420c 100755 (executable)
@@ -1,39 +1,73 @@
 #!/bin/sh /etc/rc.common
 
-START=85
+START=25
 USE_PROCD=1
 
+EXTRA_COMMANDS="status"
+EXTRA_HELP="   status  Print runtime information"
+
+trm_init="/etc/init.d/travelmate"
 trm_script="/usr/bin/travelmate.sh"
 
 boot()
 {
-    ubus -t 30 wait_for network.interface
+    ubus -t 30 wait_for network.interface network.wireless 2>/dev/null
     rc_procd start_service
 }
 
 start_service()
 {
-    procd_open_instance "travelmate"
-    procd_set_param env trm_procd="true"
-    procd_set_param command "${trm_script}" "${@}"
-    procd_set_param stdout 1
-    procd_set_param stderr 1
-    procd_close_instance
+    if [ $("${trm_init}" enabled; printf "%u" ${?}) -eq 0 ]
+    then
+        procd_open_instance "travelmate"
+        procd_set_param command "${trm_script}" "${@}"
+        procd_set_param stdout 1
+        procd_set_param stderr 1
+        procd_close_instance
+    fi
 }
 
-service_triggers()
+stop_service()
+{
+    local rtfile="$(uci -q get travelmate.global.trm_rtfile)"
+
+    rtfile="${rtfile:-"/tmp/trm_runtime.json"}"
+    > "${rtfile}"
+    rc_procd start_service
+}
+
+status()
 {
-    local iface="$(uci -q get travelmate.global.trm_iface)"
+    local key keylist value rtfile="$(uci_get travelmate.global.trm_rtfile)"
 
-    if [ -z "${iface}" ]
+    rtfile="${rtfile:-"/tmp/trm_runtime.json"}"
+    if [ -s "${rtfile}" ]
     then
-        procd_add_raw_trigger "interface.*.down" 1000 /etc/init.d/travelmate start
-    else
-        for name in ${iface}
+        printf "%s\n" "::: travelmate runtime information"
+        json_load "$(cat "${rtfile}" 2>/dev/null)"
+        json_select data
+        json_get_keys keylist
+        for key in ${keylist}
         do
-            procd_add_interface_trigger "interface.*.down" "${name}" /etc/init.d/travelmate start
+            json_get_var value "${key}"
+            printf "  + %-18s : %s\n" "${key}" "${value}"
         done
+    else
+        printf "%s\n" "::: no travelmate runtime information available"
     fi
+}
 
-    procd_add_config_trigger "config.change" "travelmate" /etc/init.d/travelmate start
+service_triggers()
+{
+    local auto="$(uci_get travelmate.global.trm_automatic)"
+
+    if [ "${auto}" = "0" ]
+    then
+        local trigger="$(uci_get travelmate.global.trm_iface)"
+        local delay="$(uci_get travelmate.global.trm_triggerdelay)"
+
+        PROCD_RELOAD_DELAY=$((${delay:-2} * 1000))
+        procd_add_interface_trigger "interface.*.down" "${trigger}" "${trm_init}" start
+    fi
+    procd_add_reload_trigger "travelmate"
 }
index f626f390c01a85ee343e78427439916904dd5372..39bc79e11e9a8db2f54ff7935d976d142f830258 100755 (executable)
@@ -6,28 +6,50 @@
 # You should have received a copy of the GNU General Public License
 # along with this program. If not, see <http://www.gnu.org/licenses/>.
 
-# prepare environment
+# set initial defaults
 #
 LC_ALL=C
 PATH="/usr/sbin:/usr/bin:/sbin:/bin"
-trm_ver="0.3.2"
-trm_enabled=1
+trm_ver="1.0.2"
+trm_sysver="unknown"
+trm_enabled=0
 trm_debug=0
-trm_maxwait=20
+trm_automatic=1
 trm_maxretry=3
-trm_iw=1
+trm_maxwait=30
+trm_timeout=60
+trm_iwinfo="$(command -v iwinfo)"
+trm_radio=""
+trm_rtfile="/tmp/trm_runtime.json"
+trm_wpa="$(command -v wpa_supplicant)"
 
+# load travelmate environment
+#
 f_envload()
 {
-    # source required system libraries
+    local sys_call sys_desc sys_model sys_ver
+
+    # get system information
     #
-    if [ -r "/lib/functions.sh" ]
+    sys_call="$(ubus -S call system board 2>/dev/null)"
+    if [ -n "${sys_call}" ]
     then
-        . "/lib/functions.sh"
-    else
-        f_log "error" "status  ::: required system library not found"
+        sys_desc="$(printf '%s' "${sys_call}" | jsonfilter -e '@.release.description')"
+        sys_model="$(printf '%s' "${sys_call}" | jsonfilter -e '@.model')"
+        sys_ver="$(cat /etc/turris-version 2>/dev/null)"
+        if [ -n "${sys_ver}" ]
+        then
+            sys_desc="${sys_desc}/${sys_ver}"
+        fi
+        trm_sysver="${sys_model}, ${sys_desc}"
     fi
 
+    # initialize lists
+    #
+    trm_devlist=""
+    trm_stalist=""
+    trm_radiolist=""
+
     # load uci config and check 'enabled' option
     #
     option_cb()
@@ -40,72 +62,134 @@ f_envload()
 
     if [ ${trm_enabled} -ne 1 ]
     then
-        f_log "info " "status  ::: travelmate is currently disabled, please set 'trm_enabled' to '1' to use this service"
+        f_log "info" "travelmate is currently disabled, please set 'trm_enabled' to '1' to use this service"
         exit 0
     fi
 
-    # check for preferred wireless tool
+    # check eap capabilities
     #
-    if [ ${trm_iw} -eq 1 ]
-    then
-        trm_scanner="$(which iw)"
-    else
-        trm_scanner="$(which iwinfo)"
-    fi
-    if [ -z "${trm_scanner}" ]
-    then
-        f_log "error" "status  ::: no wireless tool for wlan scanning found, please install 'iw' or 'iwinfo'"
-    fi
+    trm_eap="$("${trm_wpa}" -veap >/dev/null 2>&1; printf "%u" ${?})"
 }
 
-# function to bring down all STA interfaces
+# gather radio information & bring down all STA interfaces
 #
-f_prepare()
+f_prep()
 {
     local config="${1}"
     local mode="$(uci -q get wireless."${config}".mode)"
     local network="$(uci -q get wireless."${config}".network)"
+    local radio="$(uci -q get wireless."${config}".device)"
     local disabled="$(uci -q get wireless."${config}".disabled)"
+    local eaptype="$(uci -q get wireless."${config}".eap_type)"
 
-    if [ "${mode}" = "sta" ] && [ -n "${network}" ]
+    if ([ -z "${trm_radio}" ] || [ "${trm_radio}" = "${radio}" ]) && \
+        [ -z "$(printf "%s" "${trm_radiolist}" | grep -Fo " ${radio}")" ]
+    then
+        trm_radiolist="${trm_radiolist} ${radio}"
+    fi
+    if [ "${mode}" = "sta" ] && [ "${network}" = "${trm_iface}" ]
     then
-        trm_stalist="${trm_stalist} ${config}_${network}"
         if [ -z "${disabled}" ] || [ "${disabled}" = "0" ]
         then
             uci -q set wireless."${config}".disabled=1
-            f_log "debug" "prepare ::: config: ${config}, interface: ${network}"
+        fi
+        if [ -z "${eaptype}" ] || [ ${trm_eap} -eq 0 ]
+        then
+            trm_stalist="${trm_stalist} ${config}_${radio}"
         fi
     fi
+    f_log "debug" "f_prep ::: config: ${config}, mode: ${mode}, network: ${network}, radio: ${radio}, disabled: ${disabled}"
 }
 
+# check interface status
+#
 f_check()
 {
-    local ifname cnt=1 mode="${1}"
-    trm_ifstatus="false"
+    local ifname radio dev_status cnt=1 mode="${1}" status="${2:-"false"}"
 
+    trm_ifstatus="false"
+    ubus call network reload
     while [ ${cnt} -le ${trm_maxwait} ]
     do
-        if [ "${mode}" = "ap" ]
+        dev_status="$(ubus -S call network.wireless status 2>/dev/null)"
+        if [ -n "${dev_status}" ]
         then
-            trm_ifstatus="$(ubus -S call network.wireless status | jsonfilter -l1 -e '@.*.up')"
-        else
-            ifname="$(ubus -S call network.wireless status | jsonfilter -l1 -e '@.*.interfaces[@.config.mode="sta"].ifname')"
-            if [ -n "${ifname}" ]
+            if [ "${mode}" = "dev" ]
             then
-                trm_ifstatus="$(ubus -S call network.interface dump | jsonfilter -e "@.interface[@.device=\"${ifname}\"].up")"
+                if [ "${trm_ifstatus}" != "${status}" ]
+                then
+                    trm_ifstatus="${status}"
+                    f_jsnup
+                fi
+                for radio in ${trm_radiolist}
+                do
+                    trm_ifstatus="$(printf "%s" "${dev_status}" | jsonfilter -l1 -e "@.${radio}.up")"
+                    if [ "${trm_ifstatus}" = "true" ] && [ -z "$(printf "%s" "${trm_devlist}" | grep -Fo " ${radio}")" ]
+                    then
+                        trm_devlist="${trm_devlist} ${radio}"
+                    fi
+                done
+                if [ "${trm_radiolist}" = "${trm_devlist}" ] || [ ${cnt} -eq ${trm_maxwait} ] || [ "${status}" = "false" ]
+                then
+                    ifname="${trm_devlist}"
+                    break
+                fi
+            else
+                ifname="$(printf "%s" "${dev_status}" | jsonfilter -l1 -e '@.*.interfaces[@.config.mode="sta"].ifname')"
+                if [ -n "${ifname}" ]
+                then
+                    trm_ifstatus="$(ubus -S call network.interface dump 2>/dev/null | jsonfilter -l1 -e "@.interface[@.device=\"${ifname}\"].up")"
+                fi
+            fi
+            if [ "${mode}" = "initial" ] || [ "${trm_ifstatus}" = "true" ]
+            then
+                if [ "${mode}" != "initial" ] && [ "${trm_ifstatus}" != "${status}" ]
+                then
+                    f_jsnup
+                fi
+                break
             fi
-        fi
-        if [ "${mode}" = "initial" ] || [ "${trm_ifstatus}" = "true" ]
-        then
-            break
         fi
         cnt=$((cnt+1))
         sleep 1
     done
-    f_log "debug" "check   ::: mode: ${mode}, name: ${ifname}, status: ${trm_ifstatus}, count: ${cnt}, max-wait: ${trm_maxwait}"
+    f_log "debug" "f_check::: mode: ${mode}, name: ${ifname}, status: ${trm_ifstatus}, cnt: ${cnt}, max-wait: ${trm_maxwait}, automatic: ${trm_automatic}"
 }
 
-# function to write to syslog
+# update runtime information
+#
+f_jsnup()
+{
+    local status iface="${1}" radio="${2}" essid="${3}" bssid="${4}"
+
+    if [ "${trm_ifstatus}" = "true" ]
+    then
+        status="connected"
+    elif [ "${trm_ifstatus}" = "false" ]
+    then
+        status="not connected"
+    elif [ "${trm_ifstatus}" = "running" ]
+    then
+        status="running"
+    elif [ "${trm_ifstatus}" = "error" ]
+    then
+        status="error"
+    fi
+
+    json_init
+    json_add_object "data"
+    json_add_string "travelmate_status" "${status}"
+    json_add_string "travelmate_version" "${trm_ver}"
+    json_add_string "station_id" "${essid:-"-"}/${bssid:-"-"}"
+    json_add_string "station_interface" "${iface:-"n/a"}"
+    json_add_string "station_radio" "${radio:-"n/a"}"
+    json_add_string "last_rundate" "$(/bin/date "+%d.%m.%Y %H:%M:%S")"
+    json_add_string "system" "${trm_sysver}"
+    json_close_object
+    json_dump > "${trm_rtfile}"
+}
+
+# write to syslog
 #
 f_log()
 {
@@ -114,91 +198,136 @@ f_log()
 
     if [ -n "${log_msg}" ] && ([ "${class}" != "debug" ] || [ ${trm_debug} -eq 1 ])
     then
-        logger -t "travelmate-[${trm_ver}] ${class}" "${log_msg}"
-        if [ "${class}" = "error" ]
+        logger -p "${class}" -t "travelmate-[${trm_ver}]" "${log_msg}"
+        if [ "${class}" = "err" ]
         then
-            exit 255
+            trm_ifstatus="error"
+            f_jsnup
+            logger -p "${class}" -t "travelmate-[${trm_ver}]" "Please check 'https://github.com/openwrt/packages/blob/master/net/travelmate/files/README.md' (${trm_sysver})"
+            exit 1
         fi
     fi
 }
 
+# main function for connection handling
+#
 f_main()
 {
-    local ap_list ssid_list config network ssid cnt=1
-    local sysver="$(ubus -S call system board | jsonfilter -e '@.release.description')"
+    local dev config raw_scan essid_list bssid_list sta_essid sta_bssid sta_radio sta_iface cnt=1
 
     f_check "initial"
     if [ "${trm_ifstatus}" != "true" ]
     then
         config_load wireless
-        config_foreach f_prepare wifi-iface
+        config_foreach f_prep wifi-iface
         if [ -n "$(uci -q changes wireless)" ]
         then
             uci -q commit wireless
-            ubus call network reload
         fi
-        f_check "ap"
-        ap_list="$(ubus -S call network.wireless status | jsonfilter -e '@.*.interfaces[@.config.mode="ap"].ifname')"
-        f_log "debug" "main    ::: ap-list: ${ap_list}, sta-list: ${trm_stalist}"
-        if [ -z "${ap_list}" ] || [ -z "${trm_stalist}" ]
-        then
-            f_log "error" "status  ::: no usable AP/STA configuration found"
-        fi
-        for ap in ${ap_list}
+        f_check "dev" "running"
+        f_log "debug" "f_main ::: iwinfo: ${trm_iwinfo}, eap_rc: ${trm_eap}, dev_list: ${trm_devlist}, sta_list: ${trm_stalist}"
+        for dev in ${trm_devlist}
         do
-            while [ ${cnt} -le ${trm_maxretry} ]
+            cnt=1
+            if [ -z "$(printf "%s" "${trm_stalist}" | grep -Fo "_${dev}")" ]
+            then
+                continue
+            fi
+            while [ ${trm_maxretry} -eq 0 ] || [ ${cnt} -le ${trm_maxretry} ]
             do
-                if [ ${trm_iw} -eq 1 ]
-                then
-                    ssid_list="$(${trm_scanner} dev "${ap}" scan 2>/dev/null | \
-                        awk '/SSID: /{if(!seen[$0]++){printf "\"";for(i=2; i<=NF; i++)if(i==2)printf $i;else printf " "$i;printf "\" "}}')"
-                else
-                    ssid_list="$(${trm_scanner} "${ap}" scan | \
-                        awk '/ESSID: ".*"/{ORS=" ";if (!seen[$0]++) for(i=2; i<=NF; i++) print $i}')"
-                fi
-                f_log "debug" "main    ::: scan-tool: ${trm_scanner}, ssidlist: ${ssid_list}"
-                if [ -n "${ssid_list}" ]
+                raw_scan="$(${trm_iwinfo} "${dev}" scan)"
+                essid_list="$(printf "%s" "${raw_scan}" | awk '/ESSID: "/{ORS=" ";if (!seen[$0]++) for(i=2; i<=NF; i++) print $i}')"
+                bssid_list="$(printf "%s" "${raw_scan}" | awk '/Address: /{ORS=" ";if (!seen[$5]++) print $5}')"
+                f_log "debug" "f_main ::: dev: ${dev}, ssid_list: ${essid_list}, bssid_list: ${bssid_list}"
+                if [ -n "${essid_list}" ] || [ -n "${bssid_list}" ]
                 then
                     for sta in ${trm_stalist}
                     do
                         config="${sta%%_*}"
-                        network="${sta##*_}"
-                        ssid="\"$(uci -q get wireless."${config}".ssid)\""
-                        if [ -n "$(printf "${ssid_list}" | grep -Fo "${ssid}")" ]
+                        sta_radio="${sta##*_}"
+                        sta_essid="$(uci -q get wireless."${config}".ssid)"
+                        sta_bssid="$(uci -q get wireless."${config}".bssid)"
+                        sta_iface="$(uci -q get wireless."${config}".network)"
+                        if (([ -n "$(printf "%s" "${essid_list}" | grep -Fo "\"${sta_essid}\"")" ] && [ -z "${sta_bssid}" ]) || \
+                            ([ -n "$(printf "%s" "${bssid_list}" | grep -Fo "${sta_bssid}")" ] && [ -z "$(printf "%s" "${essid_list}" | grep -Fo "\"${sta_essid}\"")" ]) || \
+                            ([ -n "$(printf "%s" "${essid_list}" | grep -Fo "\"${sta_essid}\"")" ] && [ -n "$(printf "%s" "${bssid_list}" | grep -Fo "${sta_bssid}")" ])) && \
+                             [ "${dev}" = "${sta_radio}" ]
                         then
                             uci -q set wireless."${config}".disabled=0
-                            uci -q commit wireless
-                            ubus call network reload
                             f_check "sta"
                             if [ "${trm_ifstatus}" = "true" ]
                             then
-                                f_log "info " "status  ::: wwan interface connected to uplink ${ssid} (${cnt}/${trm_maxretry}, ${sysver})"
-                                sleep 5
+                                uci -q commit wireless
+                                f_log "info" "interface '${sta_iface}' on '${sta_radio}' connected to uplink '${sta_essid:-"-"}/${sta_bssid:-"-"}' (${trm_sysver})"
+                                f_jsnup "${sta_iface}" "${sta_radio}" "${sta_essid}" "${sta_bssid}"
                                 return 0
-                            else
+                            elif [ ${trm_maxretry} -ne 0 ] && [ ${cnt} -eq ${trm_maxretry} ]
+                            then
                                 uci -q set wireless."${config}".disabled=1
+                                if [ -n "${sta_essid}" ]
+                                then
+                                    uci -q set wireless."${config}".ssid="${sta_essid}_err"
+                                fi
+                                if [ -n "${sta_bssid}" ]
+                                then
+                                    uci -q set wireless."${config}".bssid="${sta_bssid}_err"
+                                fi
                                 uci -q commit wireless
-                                ubus call network reload
-                                f_log "info " "status  ::: wwan interface can't connect to uplink ${ssid} (${cnt}/${trm_maxretry}, ${sysver})"
+                                f_check "dev"
+                                f_log "info" "can't connect to uplink '${sta_essid:-"-"}/${sta_bssid:-"-"}' (${cnt}/${trm_maxretry}), uplink disabled (${trm_sysver})"
+                            else
+                                if [ ${trm_maxretry} -eq 0 ]
+                                then
+                                    cnt=0
+                                fi
+                                uci -q revert wireless
+                                f_check "dev"
+                                f_log "info" "can't connect to uplink '${sta_essid:-"-"}/${sta_bssid:-"-"}' (${cnt}/${trm_maxretry}) (${trm_sysver})"
                             fi
+                            f_jsnup "${sta_iface}" "${sta_radio}" "${sta_essid}" "${sta_bssid}"
                         fi
                     done
-                else
-                    f_log "info " "status  ::: empty uplink list (${cnt}/${trm_maxretry}, ${sysver})"
                 fi
                 cnt=$((cnt+1))
                 sleep 5
             done
         done
-        f_log "info " "status  ::: no wwan uplink found (${sysver})"
+        if [ ! -s "${trm_rtfile}" ]
+        then
+            trm_ifstatus="false"
+            f_jsnup
+        fi
     else
-        f_log "info " "status  ::: wwan uplink still connected (${sysver})"
+        if [ ! -s "${trm_rtfile}" ]
+        then
+            config="$(ubus -S call network.wireless status | jsonfilter -l1 -e '@.*.interfaces[@.config.mode="sta"].section')"
+            sta_radio="$(uci -q get wireless."${config}".device)"
+            sta_essid="$(uci -q get wireless."${config}".ssid)"
+            sta_bssid="$(uci -q get wireless."${config}".bssid)"
+            sta_iface="$(uci -q get wireless."${config}".network)"
+            f_jsnup "${sta_iface}" "${sta_radio}" "${sta_essid}" "${sta_bssid}"
+        fi
     fi
 }
 
-if [ "${trm_procd}" = "true" ]
+# source required system libraries
+#
+if [ -r "/lib/functions.sh" ] && [ -r "/usr/share/libubox/jshn.sh" ]
 then
+    . "/lib/functions.sh"
+    . "/usr/share/libubox/jshn.sh"
+else
+    f_log "err" "system libraries not found"
+fi
+
+# control travelmate actions
+#
+f_envload
+f_main
+while [ ${trm_automatic} -eq 1 ]
+do
+    sleep ${trm_timeout}
     f_envload
     f_main
-fi
-exit 0
\ No newline at end of file
+done
+exit 0
index 2fa9f6c780075a0017c21cb1ef1f67d728b22839..c6c5eb5ff6f4f3d07e4c9858492474f7da334e4f 100644 (file)
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ulogd
 PKG_VERSION:=2.0.5
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:=ftp://ftp.netfilter.org/pub/ulogd/ \
diff --git a/net/ulogd/patches/101-ulogd-use-strncpy-instead-of-memcpy.patch b/net/ulogd/patches/101-ulogd-use-strncpy-instead-of-memcpy.patch
new file mode 100644 (file)
index 0000000..3671a95
--- /dev/null
@@ -0,0 +1,31 @@
+From e0c75c9d20b76ff3d496a776ce43341c752914c3 Mon Sep 17 00:00:00 2001
+From: Eric Leblond <eric@regit.org>
+Date: Tue, 21 Mar 2017 21:49:46 +0100
+Subject: [PATCH] ulogd: use strncpy instead of memcpy
+
+On some architecture, ulogd is not starting due to a
+crash in memcpy. This patch switches to strncpy to
+avoid the problem.
+
+Reported-by: Alexandru Ardelean <ardeleanalex@gmail.com>
+Signed-off-by: Eric Leblond <eric@regit.org>
+---
+ src/ulogd.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/ulogd.c b/src/ulogd.c
+index 5b9a586..919a317 100644
+--- a/src/ulogd.c
++++ b/src/ulogd.c
+@@ -668,7 +668,7 @@ pluginstance_alloc_init(struct ulogd_plugin *pl, char *pi_id,
+       INIT_LLIST_HEAD(&pi->plist);
+       pi->plugin = pl;
+       pi->stack = stack;
+-      memcpy(pi->id, pi_id, sizeof(pi->id));
++      strncpy(pi->id, pi_id, ULOGD_MAX_KEYLEN);
+       ptr = (void *)pi + sizeof(*pi);
+-- 
+2.7.4
+
index d8db017a4b365517447a8248ec7300a5f5f5dab9..5adcd867e7d27b07ed63a5edee7847749e9516fe 100644 (file)
@@ -8,8 +8,8 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=unbound
-PKG_VERSION:=1.6.1
-PKG_RELEASE:=6
+PKG_VERSION:=1.6.8
+PKG_RELEASE:=1
 
 PKG_LICENSE:=BSD-3-Clause
 PKG_LICENSE_FILES:=LICENSE
@@ -17,9 +17,8 @@ PKG_MAINTAINER:=Eric Luehrsen <ericluehrsen@hotmail.com>
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=http://www.unbound.net/downloads
-PKG_HASH:=42df63f743c0fe8424aeafcf003ad4b880b46c14149d696057313f5c1ef51400
+PKG_HASH:=e3b428e33f56a45417107448418865fe08d58e0e7fea199b855515f60884dd49
 
-PKG_BUILD_DEPENDS:=libexpat
 PKG_BUILD_PARALLEL:=1
 PKG_FIXUP:=autoreconf
 PKG_INSTALL:=1
index 8aa0502024aa70fef632b32996e04d7bf431bed9..4fd77d6d93f96fb7517df61b1e0fb921df39a6a2 100644 (file)
@@ -1,12 +1,12 @@
 diff --git a/doc/example.conf.in b/doc/example.conf.in
-index 83e7c5c..3ea2b28 100644
+index 5396029..cbb51ec 100644
 --- a/doc/example.conf.in
 +++ b/doc/example.conf.in
 @@ -1,9 +1,10 @@
 -#
 -# Example configuration file.
 -#
--# See unbound.conf(5) man page, version 1.6.1.
+-# See unbound.conf(5) man page, version 1.6.8.
 -#
 -# this is a comment.
 +##############################################################################
@@ -16,17 +16,17 @@ index 83e7c5c..3ea2b28 100644
 +# no longer supported ... are exceptional for the DNS.
 +# (http://unbound.net/documentation/unbound.conf.html)
 +##############################################################################
+
  #Use this to include other text into the file.
  #include: "otherfile.conf"
 @@ -12,9 +13,71 @@
  server:
        # whitespace is not necessary, but looks cleaner.
+
 -      # verbosity number, 0 is least verbose. 1 is default.
 +      # verbosity 1 is default
        verbosity: 1
+
 +      # Self jail Unbound with user "unbound" to /var/lib/unbound
 +      # The script /etc/init.d/unbound will setup the location
 +      username: "unbound"
diff --git a/net/vallumd/Makefile b/net/vallumd/Makefile
new file mode 100644 (file)
index 0000000..37e34ee
--- /dev/null
@@ -0,0 +1,49 @@
+#
+# Copyright (C) 2017 Stijn Tintel <stijn@linux-ipv6.be>
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=vallumd
+PKG_VERSION:=0.1.3
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://github.com/stintel/vallumd/archive/$(PKG_VERSION)/
+PKG_MD5SUM:=b40bede34ea321daf799276111e0e804007dc7c10eb031a0a654982957dcfb25
+
+PKG_LICENSE:=GPL-3.0
+PKG_LICENSE_FILES:=COPYING
+
+PKG_MAINTAINER:=Stijn Tintel <stijn@linux-ipv6.be>
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
+
+define Package/vallumd
+  SECTION:=net
+  CATEGORY:=Network
+  TITLE:=Centralized or distributed blacklist
+  DEPENDS:=+ipset +libmosquitto
+endef
+
+define Package/vallumd/description
+  Centralized or distributed blacklist
+endef
+
+define Package/vallumd/conffiles
+/etc/config/vallumd
+endef
+
+define Package/vallumd/install
+       $(INSTALL_DIR) $(1)/etc/config $(1)/etc/init.d $(1)/usr/sbin
+       $(INSTALL_CONF) ./files/vallumd.conf $(1)/etc/config/vallumd
+       $(INSTALL_BIN) ./files/vallumd.init $(1)/etc/init.d/vallumd
+       $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/vallumd $(1)/usr/sbin/vallumd
+endef
+
+
+$(eval $(call BuildPackage,vallumd))
diff --git a/net/vallumd/files/vallumd.conf b/net/vallumd/files/vallumd.conf
new file mode 100644 (file)
index 0000000..75703ab
--- /dev/null
@@ -0,0 +1,6 @@
+config vallumd mqtt
+       option host 127.0.0.1
+       option port 1883
+       list topics blacklist4
+       list topics blacklist6
+       option enabled 0
diff --git a/net/vallumd/files/vallumd.init b/net/vallumd/files/vallumd.init
new file mode 100644 (file)
index 0000000..d0cb781
--- /dev/null
@@ -0,0 +1,34 @@
+#!/bin/sh /etc/rc.common
+
+START=99
+USE_PROCD=1
+PROG=/usr/sbin/vallumd
+
+add_topic() {
+       procd_append_param command -t "$1"
+}
+
+start_service() {
+       local enabled
+       local mqtt_host
+       local mqtt_port
+
+       config_load "vallumd"
+       config_get_bool enabled "mqtt" "enabled" 1
+       [ "$enabled" -gt 0 ] || return 1
+
+       config_get mqtt_host "mqtt" "host"
+       config_get mqtt_port "mqtt" "port"
+
+       procd_open_instance
+
+       procd_set_param command $PROG
+
+       [ -n "$mqtt_host" ] && procd_append_param command -h "$mqtt_host"
+       [ -n "$mqtt_port" ] && procd_append_param command -p "$mqtt_port"
+       config_list_foreach mqtt topics add_topic
+
+       procd_set_param respawn
+
+       procd_close_instance
+}
index 147bca93ff09e675d5b9ac02da75d8d87b086aa9..df9ed0076115c3c515433310f47c2d72d2b76fc7 100644 (file)
@@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk
 PKG_NAME:=vpnc
 PKG_REV:=550
 PKG_VERSION:=0.5.3.r$(PKG_REV)
-PKG_RELEASE:=5
+PKG_RELEASE:=6
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=http://svn.unix-ag.uni-kl.de/vpnc/trunk/
index 971b823b8d668fb07436fc78a3eb0849c197876d..bc3f912b36c83ce5683f9f1daed1ddb4697fe24c 100755 (executable)
@@ -43,7 +43,7 @@ proto_vpnc_setup() {
        logger -t vpnc "initializing..."
        serv_addr=
        for ip in $(resolveip -t 10 "$server"); do
-               ( proto_add_host_dependency "vpn-$config" "$ip" $interface )
+               ( proto_add_host_dependency "$config" "$ip" $interface )
                serv_addr=1
        done
        [ -n "$serv_addr" ] || {
index 052f2d81e8cd4f9c3a1b5b37cbb5082813c55507..3fcd321bbcd0ee36acc754f2192db8dcd78a7232 100644 (file)
@@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=wget
-PKG_VERSION:=1.18
+PKG_VERSION:=1.19.2
 PKG_RELEASE:=2
 
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=@GNU/$(PKG_NAME)
-PKG_MD5SUM:=af9ca95a4bb8ac4a9bf10aeae66fa5ec
-PKG_MAINTAINER:=Maxim Storchak <m.storchak@gmail.com>
+PKG_HASH:=4f4a673b6d466efa50fbfba796bd84a46ae24e370fa562ede5b21ab53c11a920
+PKG_MAINTAINER:=Peter Wagner <tripolar@gmx.at>
 PKG_LICENSE:=GPL-3.0+
 PKG_LICENSE_FILES:=COPYING
 
@@ -66,6 +66,7 @@ endef
 CONFIGURE_ARGS+= \
        --disable-rpath \
        --disable-iri \
+       --with-included-libunistring \
        --without-libuuid
 
 CONFIGURE_VARS += \
diff --git a/net/wireguard/Makefile b/net/wireguard/Makefile
deleted file mode 100644 (file)
index 8dacfeb..0000000
+++ /dev/null
@@ -1,110 +0,0 @@
-#
-# Copyright (C) 2016 Jason A. Donenfeld <Jason@zx2c4.com>
-# Copyright (C) 2016 Baptiste Jonglez <openwrt@bitsofnetworks.org>
-# Copyright (C) 2016-2017 Dan Luedtke <mail@danrl.com>
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-
-include $(TOPDIR)/rules.mk
-include $(INCLUDE_DIR)/kernel.mk
-
-PKG_NAME:=wireguard
-
-PKG_VERSION:=0.0.20170115
-PKG_RELEASE:=1
-
-PKG_SOURCE:=WireGuard-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=https://git.zx2c4.com/WireGuard/snapshot/
-PKG_MD5SUM:=7e5f9f4699a2d4ace90d0df5d81bf0f67205ee08c45b95e0acc379bedef5ffe8
-
-PKG_LICENSE:=GPL-2.0
-PKG_LICENSE_FILES:=COPYING
-
-PKG_BUILD_DIR:=$(BUILD_DIR)/WireGuard-$(PKG_VERSION)
-PKG_BUILD_PARALLEL:=1
-PKG_USE_MIPS16:=0
-
-# Wireguard's makefile needs this to know where to build the kernel module
-export KERNELDIR:=$(LINUX_DIR)
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/wireguard/Default
-  SECTION:=net
-  CATEGORY:=Network
-  URL:=https://www.wireguard.io
-  MAINTAINER:=Baptiste Jonglez <openwrt@bitsofnetworks.org>, \
-              Dan Luedtke <mail@danrl.com>
-endef
-
-define Package/wireguard/Default/description
-  WireGuard is a novel VPN that runs inside the Linux Kernel and utilizes
-  state-of-the-art cryptography. It aims to be faster, simpler, leaner, and
-  more useful than IPSec, while avoiding the massive headache. It intends to
-  be considerably more performant than OpenVPN.  WireGuard is designed as a
-  general purpose VPN for running on embedded interfaces and super computers
-  alike, fit for many different circumstances.
-  It runs over UDP.
-endef
-
-define Package/wireguard
-  $(call Package/wireguard/Default)
-  TITLE:=Wireguard meta-package
-  DEPENDS:=+wireguard-tools +kmod-wireguard
-endef
-
-include $(INCLUDE_DIR)/kernel-defaults.mk
-include $(INCLUDE_DIR)/package-defaults.mk
-
-# Used by Build/Compile/Default
-MAKE_PATH:=src/tools
-
-define Build/Compile
-       $(MAKE) $(KERNEL_MAKEOPTS) M="$(PKG_BUILD_DIR)/src" modules
-       $(call Build/Compile/Default)
-endef
-
-define Package/wireguard/description
-  $(call Package/wireguard/Default/description)
-endef
-
-define Package/wireguard-tools
-  $(call Package/wireguard/Default)
-  TITLE:=Wireguard userspace control program (wg)
-  DEPENDS:=+libmnl
-endef
-
-define Package/wireguard-tools/description
-  $(call Package/wireguard/Default/description)
-
-  This package provides the userspace control program for wireguard, `wg`,
-  and a netifd protocol helper.
-endef
-
-define Package/wireguard-tools/install
-       $(INSTALL_DIR) $(1)/usr/bin/
-       $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/tools/wg $(1)/usr/bin/
-       $(INSTALL_DIR) $(1)/lib/netifd/proto/
-       $(INSTALL_BIN) ./files/wireguard.sh $(1)/lib/netifd/proto/
-endef
-
-define KernelPackage/wireguard
-  SECTION:=kernel
-  CATEGORY:=Kernel modules
-  SUBMENU:=Network Support
-  TITLE:=Wireguard kernel module
-  DEPENDS:=+IPV6:kmod-udptunnel6 +kmod-udptunnel4 +kmod-ipt-hashlimit
-  FILES:= $(PKG_BUILD_DIR)/src/wireguard.$(LINUX_KMOD_SUFFIX)
-  AUTOLOAD:=$(call AutoProbe,wireguard)
-endef
-
-define KernelPackage/wireguard/description
-  $(call Package/wireguard/Default/description)
-
-  This package provides the kernel module for wireguard.
-endef
-
-$(eval $(call BuildPackage,wireguard))
-$(eval $(call BuildPackage,wireguard-tools))
-$(eval $(call KernelPackage,wireguard))
diff --git a/net/wireguard/files/wireguard.sh b/net/wireguard/files/wireguard.sh
deleted file mode 100644 (file)
index 2eb3024..0000000
+++ /dev/null
@@ -1,183 +0,0 @@
-#!/bin/sh
-# Copyright 2016-2017 Dan Luedtke <mail@danrl.com>
-# Licensed to the public under the Apache License 2.0.
-
-
-WG=/usr/bin/wg
-if [ ! -x $WG ]; then
-  logger -t "wireguard" "error: missing wireguard-tools (${WG})"
-  exit 0
-fi
-
-
-[ -n "$INCLUDE_ONLY" ] || {
-  . /lib/functions.sh
-  . ../netifd-proto.sh
-  init_proto "$@"
-}
-
-
-proto_wireguard_init_config() {
-  proto_config_add_string "private_key"
-  proto_config_add_int    "listen_port"
-  proto_config_add_int    "mtu"
-  proto_config_add_string "preshared_key"
-  available=1
-  no_proto_task=1
-}
-
-
-proto_wireguard_setup_peer() {
-  local peer_config="$1"
-
-  local public_key
-  local allowed_ips
-  local route_allowed_ips
-  local endpoint_host
-  local endpoint_port
-  local persistent_keepalive
-
-  config_get      public_key           "${peer_config}" "public_key"
-  config_get      allowed_ips          "${peer_config}" "allowed_ips"
-  config_get_bool route_allowed_ips    "${peer_config}" "route_allowed_ips" 0
-  config_get      endpoint_host        "${peer_config}" "endpoint_host"
-  config_get      endpoint_port        "${peer_config}" "endpoint_port"
-  config_get      persistent_keepalive "${peer_config}" "persistent_keepalive"
-
-  # peer configuration
-  echo "[Peer]"                                         >> "${wg_cfg}"
-  echo "PublicKey=${public_key}"                        >> "${wg_cfg}"
-  for allowed_ip in $allowed_ips; do
-    echo "AllowedIPs=${allowed_ip}"                     >> "${wg_cfg}"
-  done
-  if [ "${endpoint_host}" ]; then
-    case "${endpoint_host}" in
-      *:*)
-        endpoint="[${endpoint_host}]"
-      ;;
-      *)
-        endpoint="${endpoint_host}"
-      ;;
-    esac
-    if [ "${endpoint_port}" ]; then
-      endpoint="${endpoint}:${endpoint_port}"
-    else
-      endpoint="${endpoint}:51820"
-    fi
-    echo "Endpoint=${endpoint}"                         >> "${wg_cfg}"
-  fi
-  if [ "${persistent_keepalive}" ]; then
-    echo "PersistentKeepalive=${persistent_keepalive}"  >> "${wg_cfg}"
-  fi
-
-  # add routes for allowed ips
-  if [ ${route_allowed_ips} -ne 0 ]; then
-    for allowed_ip in ${allowed_ips}; do
-      case "${allowed_ip}" in
-        *:*/*)
-          proto_add_ipv6_route "${allowed_ip%%/*}" "${allowed_ip##*/}"
-        ;;
-        */*)
-          proto_add_ipv4_route "${allowed_ip%%/*}" "${allowed_ip##*/}"
-        ;;
-      esac
-    done
-  fi
-}
-
-
-proto_wireguard_setup() {
-  local config="$1"
-  local wg_dir="/tmp/wireguard"
-  local wg_cfg="${wg_dir}/${config}"
-
-  local private_key
-  local listen_port
-  local mtu
-  local preshared_key
-
-  # load configuration
-  config_load network
-  config_get private_key   "${config}" "private_key"
-  config_get listen_port   "${config}" "listen_port"
-  config_get addresses     "${config}" "addresses"
-  config_get mtu           "${config}" "mtu"
-  config_get preshared_key "${config}" "preshared_key"
-
-  # create interface
-  ip link del dev "${config}" 2>/dev/null
-  ip link add dev "${config}" type wireguard
-
-  if [ "${mtu}" ]; then
-    ip link set mtu "${mtu}" dev "${config}"
-  fi
-
-  proto_init_update "${config}" 1
-
-  # generate configuration file
-  umask 077
-  mkdir -p "${wg_dir}"
-  echo "[Interface]"                     >  "${wg_cfg}"
-  echo "PrivateKey=${private_key}"       >> "${wg_cfg}"
-  if [ "${listen_port}" ]; then
-    echo "ListenPort=${listen_port}"     >> "${wg_cfg}"
-  fi
-  if [ "${preshared_key}" ]; then
-    echo "PresharedKey=${preshared_key}" >> "${wg_cfg}"
-  fi
-  config_foreach proto_wireguard_setup_peer "wireguard_${config}"
-
-  # apply configuration file
-  ${WG} setconf ${config} "${wg_cfg}"
-  WG_RETURN=$?
-
-  # delete configuration file
-  rm -f "${wg_cfg}"
-
-  # check status
-  if [ ${WG_RETURN} -ne 0 ]; then
-    sleep 5
-    proto_setup_failed "${config}"
-    exit 1
-  fi
-
-  # add ip addresses
-  for address in ${addresses}; do
-    case "${address}" in
-      *:*/*)
-        proto_add_ipv6_address "${address%%/*}" "${address##*/}"
-      ;;
-      *.*/*)
-        proto_add_ipv4_address "${address%%/*}" "${address##*/}"
-      ;;
-      *:*)
-        proto_add_ipv6_address "${address%%/*}" "128"
-      ;;
-      *.*)
-        proto_add_ipv4_address "${address%%/*}" "32"
-      ;;
-    esac
-  done
-
-  # endpoint dependency
-  wg show "${config}" endpoints | \
-    sed -E 's/\[?([0-9.:a-f]+)\]?:([0-9]+)/\1 \2/' | \
-    while IFS=$'\t ' read -r key address port; do
-    [ -n "${port}" ] || continue
-    echo "adding host depedency for ${address} at ${config}"
-    proto_add_host_dependency "${config}" "${address}"
-  done
-
-  proto_send_update "${config}"
-}
-
-
-proto_wireguard_teardown() {
-  local config="$1"
-  ip link del dev "${config}" >/dev/null 2>&1
-}
-
-
-[ -n "$INCLUDE_ONLY" ] || {
-  add_protocol wireguard
-}
diff --git a/utils/attendedsysupgrade-common/Makefile b/utils/attendedsysupgrade-common/Makefile
new file mode 100644 (file)
index 0000000..d1419ae
--- /dev/null
@@ -0,0 +1,56 @@
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=attendedsysupgrade-common
+PKG_VERSION:=0.1
+PKG_RELEASE:=2
+PKG_LICENSE:=GPL-2.0
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/attendedsysupgrade-common
+  SECTION:=utils
+  CATEGORY:=Base system
+  TITLE:=Common files neede by attendedsysupgrade packages
+  MAINTAINER:=Paul Spooren <paul@spooren.de>
+  DEPENDS:=+rpcd +rpcd-mod-rpcsys
+endef
+
+define Package/attendedsysupgrade-common/description
+       Common needed files for attendedsysupgrade tool
+
+       Manages dependencies and brings settings used by clients.
+
+       UCI options:
+
+       attendedsysupgrade.server.url
+       URL of compatible upgrade server [1]
+
+       attendedsysupgrade.client.upgrade_packages
+       Client should request image also if no new release but new packages upgrade are available.
+
+       attendedsysupgrade.client.advanced_mode
+       Offer advanced options like editing packages before request and show additional information.
+
+       attendedsysupgrade.client.auto_search
+       Tells the client to automattically search for upgrades
+       This can be done when opening luci or login in to console - depends on client.
+
+       [1]: https://github.com/aparcar/gsoc17-attended-sysupgrade
+endef
+
+define Build/Compile
+endef
+
+define Build/Configure
+endef
+
+define Package/attendedsysupgrade-common/install
+       $(INSTALL_DIR) $(1)/etc/uci-defaults/
+       $(INSTALL_BIN) ./files/attendedsysupgrade.defaults $(1)/etc/uci-defaults/attendedsysupgrade
+endef
+
+$(eval $(call BuildPackage,attendedsysupgrade-common))
diff --git a/utils/attendedsysupgrade-common/files/attendedsysupgrade.defaults b/utils/attendedsysupgrade-common/files/attendedsysupgrade.defaults
new file mode 100644 (file)
index 0000000..f7fb1eb
--- /dev/null
@@ -0,0 +1,17 @@
+#!/bin/sh
+
+[ -e /etc/config/attendedsysupgrade ] && return 0
+
+touch /etc/config/attendedsysupgrade
+
+uci -q batch <<EOF
+set attendedsysupgrade.server=server
+set attendedsysupgrade.server.url='https://example.org'
+
+set attendedsysupgrade.client=client
+set attendedsysupgrade.client.upgrade_packages='1'
+set attendedsysupgrade.client.auto_search='0'
+set attendedsysupgrade.client.advanced_mode='0'
+
+commit attendedsysupgrade
+EOF
diff --git a/utils/bluez/Makefile b/utils/bluez/Makefile
deleted file mode 100644 (file)
index 0430cd6..0000000
+++ /dev/null
@@ -1,159 +0,0 @@
-#
-# Copyright (C) 2006-2016 OpenWrt.org
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=bluez
-PKG_VERSION:=5.38
-PKG_RELEASE:=1
-
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=@KERNEL/linux/bluetooth/
-PKG_MD5SUM:=dae2ed00c63791800ea7d10a381270a5
-
-PKG_LICENSE:=GPL-2.0+
-PKG_LICENSE_FILES:=COPYING
-PKG_MAINTAINER:=Nicolas Thill <nico@openwrt.org>
-
-PKG_BUILD_PARALLEL:=1
-PKG_INSTALL:=1
-
-include $(INCLUDE_DIR)/package.mk
-include $(INCLUDE_DIR)/nls.mk
-
-define Package/bluez/Default
-  TITLE:=Bluetooth
-  URL:=http://www.bluez.org/
-endef
-
-define Package/bluez-examples
-$(call Package/bluez/Default)
-  SECTION:=utils
-  CATEGORY:=Utilities
-  TITLE+= python example apps
-  DEPENDS:=+python
-endef
-
-define Package/bluez-examples/description
-  contains many examples apps for bluetooth, requiring python
-endef
-
-define Package/bluez-libs
-$(call Package/bluez/Default)
-  SECTION:=libs
-  CATEGORY:=Libraries
-  TITLE+= library
-  DEPENDS:=+libpthread +kmod-bluetooth
-endef
-
-define Package/bluez-utils
-$(call Package/bluez/Default)
-  SECTION:=utils
-  CATEGORY:=Utilities
-  TITLE+= utilities
-  DEPENDS:=+bluez-libs +libpthread +librt +glib2 +libncurses +libreadline $(INTL_DEPENDS) $(ICONV_DEPENDS)
-endef
-
-define Package/bluez-daemon
-$(call Package/bluez/Default)
-  SECTION:=utils
-  CATEGORY:=Utilities
-  TITLE+= daemon
-  DEPENDS:=+bluez-libs +bluez-utils +dbus +libical $(INTL_DEPENDS) $(ICONV_DEPENDS)
-endef
-
-define Package/bluez-daemon/conffiles
-/etc/bluetooth/main.conf
-/etc/bluetooth/network.conf
-/etc/bluetooth/input.conf
-/etc/bluetooth/proximity.conf
-/etc/config/bluetooth
-endef
-
-CONFIGURE_ARGS += \
-       --enable-static \
-       --enable-shared \
-       --enable-client \
-       --enable-datafiles \
-       --enable-experimental \
-       --enable-library \
-       --enable-monitor \
-       --enable-obex \
-       --enable-threads \
-       --enable-tools \
-       --disable-android \
-       --disable-cups \
-       --disable-manpages \
-       --disable-sixaxis \
-       --disable-systemd \
-       --disable-test \
-       --disable-udev \
-
-TARGET_CPPFLAGS += \
-       -D_GNU_SOURCE
-
-define Build/InstallDev
-       $(INSTALL_DIR) $(1)/usr/include
-       $(CP) $(PKG_INSTALL_DIR)/usr/include/bluetooth $(1)/usr/include/
-       $(INSTALL_DIR) $(1)/usr/lib
-       $(CP) $(PKG_INSTALL_DIR)/usr/lib/libbluetooth.{a,so*} $(1)/usr/lib/
-       $(INSTALL_DIR) $(1)/usr/lib/pkgconfig
-       $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/bluez.pc $(1)/usr/lib/pkgconfig/
-endef
-
-define Package/bluez-examples/install
-       $(INSTALL_DIR) $(1)/usr/bin/bluez
-       $(INSTALL_DATA) $(PKG_BUILD_DIR)/test/* $(1)/usr/bin/bluez/
-endef
-
-define Package/bluez-libs/install
-       $(INSTALL_DIR) $(1)/usr/lib
-       $(CP) $(PKG_INSTALL_DIR)/usr/lib/libbluetooth.so.* $(1)/usr/lib/
-endef
-
-define Package/bluez-utils/install
-       $(INSTALL_DIR) $(1)/usr/bin
-       $(CP) $(PKG_INSTALL_DIR)/usr/bin/bccmd $(1)/usr/bin/
-       $(CP) $(PKG_INSTALL_DIR)/usr/bin/bluemoon $(1)/usr/bin/
-       $(CP) $(PKG_INSTALL_DIR)/usr/bin/btmon $(1)/usr/bin/
-       $(CP) $(PKG_BUILD_DIR)/tools/btmgmt $(1)/usr/bin/
-       $(CP) $(PKG_INSTALL_DIR)/usr/bin/ciptool $(1)/usr/bin/
-       $(CP) $(PKG_INSTALL_DIR)/usr/bin/hciattach $(1)/usr/bin/
-       $(CP) $(PKG_INSTALL_DIR)/usr/bin/hciconfig $(1)/usr/bin/
-       $(CP) $(PKG_INSTALL_DIR)/usr/bin/hcidump $(1)/usr/bin/
-       $(CP) $(PKG_INSTALL_DIR)/usr/bin/hcitool $(1)/usr/bin/
-       $(CP) $(PKG_INSTALL_DIR)/usr/bin/hex2hcd $(1)/usr/bin/
-       $(CP) $(PKG_INSTALL_DIR)/usr/bin/l2ping $(1)/usr/bin/
-       $(CP) $(PKG_INSTALL_DIR)/usr/bin/l2test $(1)/usr/bin/
-       $(CP) $(PKG_INSTALL_DIR)/usr/bin/rctest $(1)/usr/bin/
-       $(CP) $(PKG_INSTALL_DIR)/usr/bin/rfcomm $(1)/usr/bin/
-       $(CP) $(PKG_INSTALL_DIR)/usr/bin/sdptool $(1)/usr/bin/
-       $(INSTALL_BIN) $(PKG_BUILD_DIR)/attrib/gatttool $(1)/usr/bin/
-endef
-
-define Package/bluez-daemon/install
-       $(INSTALL_DIR) $(1)/usr/bin
-       $(CP) $(PKG_INSTALL_DIR)/usr/lib/bluetooth/bluetoothd $(1)/usr/bin/
-       $(CP) $(PKG_INSTALL_DIR)/usr/bin/bluetoothctl $(1)/usr/bin/
-       $(CP) $(PKG_INSTALL_DIR)/usr/lib/bluetooth/obexd $(1)/usr/bin/
-       $(INSTALL_DIR) $(1)/etc/config
-       $(INSTALL_DATA) ./files/bluetooth.config $(1)/etc/config/bluetooth
-       $(INSTALL_DIR) $(1)/etc/dbus-1/system.d/
-       $(INSTALL_DATA) ./files/bluetooth.dbus $(1)/etc/dbus-1/system.d/bluetooth.conf
-       $(INSTALL_DIR) $(1)/etc/bluetooth
-       $(INSTALL_DATA) $(PKG_BUILD_DIR)/src/main.conf $(1)/etc/bluetooth/main.conf
-       $(INSTALL_DATA) $(PKG_BUILD_DIR)/profiles/network/network.conf $(1)/etc/bluetooth/network.conf
-       $(INSTALL_DATA) $(PKG_BUILD_DIR)/profiles/input/input.conf $(1)/etc/bluetooth/input.conf
-       $(INSTALL_DATA) $(PKG_BUILD_DIR)/profiles/proximity/proximity.conf $(1)/etc/bluetooth/proximity.conf
-       $(INSTALL_DIR) $(1)/etc/init.d
-       $(INSTALL_BIN) ./files/bluetoothd.init $(1)/etc/init.d/bluetoothd
-endef
-
-$(eval $(call BuildPackage,bluez-examples))
-$(eval $(call BuildPackage,bluez-libs))
-$(eval $(call BuildPackage,bluez-utils))
-$(eval $(call BuildPackage,bluez-daemon))
diff --git a/utils/bluez/files/bluetooth.config b/utils/bluez/files/bluetooth.config
deleted file mode 100644 (file)
index 6f23617..0000000
+++ /dev/null
@@ -1,15 +0,0 @@
-config bluetoothd
-#      option config   /etc/bluetooth/main.conf
-       option enabled  1
-
-config hciattach
-       option initspeed        115200
-       option tty      ttyS1
-       option type     csr
-       option speed    115200
-       option flow     noflow
-       option enabled  0
-
-config rfcomm
-#      option config   /etc/bluetooth/rfcomm.conf
-       option enabled  0
diff --git a/utils/bluez/files/bluetooth.dbus b/utils/bluez/files/bluetooth.dbus
deleted file mode 100644 (file)
index 88545fa..0000000
+++ /dev/null
@@ -1,37 +0,0 @@
-<!-- This configuration file specifies the required security policies
-     for Bluetooth core daemon to work. -->
-
-<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
- "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
-<busconfig>
-
-  <!-- ../system.conf have denied everything, so we just punch some holes -->
-
-  <policy user="root">
-    <allow own="org.bluez"/>
-  </policy>
-
-  <policy at_console="true">
-    <allow send_path="/"/>
-    <allow send_path="/org/bluez"/>
-
-    <allow send_destination="org.bluez.Manager"/>
-    <allow receive_sender="org.bluez.Manager"/>
-
-    <allow send_destination="org.bluez.Adapter"/>
-    <allow receive_sender="org.bluez.Adapter"/>
-
-    <allow send_destination="org.bluez.Device"/>
-    <allow receive_sender="org.bluez.Device"/>
-
-    <allow send_destination="org.bluez.Service"/>
-    <allow receive_sender="org.bluez.Service"/>
-
-    <allow send_destination="org.bluez.Database"/>
-    <allow receive_sender="org.bluez.Database"/>
-
-    <allow send_destination="org.bluez.Security"/>
-    <allow receive_sender="org.bluez.Security"/>
-  </policy>
-
-</busconfig>
diff --git a/utils/bluez/files/bluetoothd.init b/utils/bluez/files/bluetoothd.init
deleted file mode 100644 (file)
index 75f4d96..0000000
+++ /dev/null
@@ -1,13 +0,0 @@
-#!/bin/sh /etc/rc.common
-# Copyright (C) 2007 OpenWrt.org
-
-#start after dbus (60)
-START=62
-USE_PROCD=1
-PROG=/usr/bin/bluetoothd
-
-start_service() {
-       procd_open_instance
-       procd_set_param command "$PROG" -n
-       procd_close_instance
-}
diff --git a/utils/bluez/files/givepin b/utils/bluez/files/givepin
deleted file mode 100644 (file)
index e52a338..0000000
+++ /dev/null
@@ -1,14 +0,0 @@
-#!/bin/sh
-
-# Write bluetooth PIN number here:
-pin=
-
-if [ -z "$pin" ]; then
-       msg="Set bluetooth PIN in file $0"
-       logger -p user.err "$msg"
-       for i in /dev/pts/* ; do
-               [ -w $i ] && echo "$msg" > $i
-       done
-else
-       echo "PIN:$pin"
-fi
diff --git a/utils/bluez/patches/001-bcm43xx-Add-bcm43xx-3wire-variant.patch b/utils/bluez/patches/001-bcm43xx-Add-bcm43xx-3wire-variant.patch
deleted file mode 100644 (file)
index 96e8a26..0000000
+++ /dev/null
@@ -1,21 +0,0 @@
-From b4f2b77472aeb967d3a7595e8a965785c7a37c87 Mon Sep 17 00:00:00 2001
-From: Phil Elwell <phil@raspberrypi.org>
-Date: Tue, 16 Feb 2016 16:40:46 +0000
-Subject: [PATCH 1/4] bcm43xx: Add bcm43xx-3wire variant
-
----
- tools/hciattach.c | 3 +++
- 1 file changed, 3 insertions(+)
-
---- a/tools/hciattach.c
-+++ b/tools/hciattach.c
-@@ -1144,6 +1144,9 @@ struct uart_t uart[] = {
-       { "bcm43xx",    0x0000, 0x0000, HCI_UART_H4,   115200, 3000000,
-                               FLOW_CTL, DISABLE_PM, NULL, bcm43xx, NULL  },
-+      { "bcm43xx-3wire",    0x0000, 0x0000, HCI_UART_3WIRE, 115200, 3000000,
-+                              0, DISABLE_PM, NULL, bcm43xx, NULL  },
-+
-       { "ath3k",    0x0000, 0x0000, HCI_UART_ATH3K, 115200, 115200,
-                       FLOW_CTL, DISABLE_PM, NULL, ath3k_ps, ath3k_pm  },
diff --git a/utils/bluez/patches/002-bcm43xx-The-UART-speed-must-be-reset-after-the-firmw.patch b/utils/bluez/patches/002-bcm43xx-The-UART-speed-must-be-reset-after-the-firmw.patch
deleted file mode 100644 (file)
index a221861..0000000
+++ /dev/null
@@ -1,33 +0,0 @@
-From e145c9621f976063e5c573db1f2053d906f63427 Mon Sep 17 00:00:00 2001
-From: Phil Elwell <phil@raspberrypi.org>
-Date: Tue, 16 Feb 2016 16:39:09 +0000
-Subject: [PATCH 2/4] bcm43xx: The UART speed must be reset after the firmware
- download
-
----
- tools/hciattach_bcm43xx.c | 6 ++----
- 1 file changed, 2 insertions(+), 4 deletions(-)
-
---- a/tools/hciattach_bcm43xx.c
-+++ b/tools/hciattach_bcm43xx.c
-@@ -366,11 +366,8 @@ int bcm43xx_init(int fd, int def_speed,
-               return -1;
-       if (bcm43xx_locate_patch(FIRMWARE_DIR, chip_name, fw_path)) {
--              fprintf(stderr, "Patch not found, continue anyway\n");
-+              fprintf(stderr, "Patch not found for %s, continue anyway\n", chip_name);
-       } else {
--              if (bcm43xx_set_speed(fd, ti, speed))
--                      return -1;
--
-               if (bcm43xx_load_firmware(fd, fw_path))
-                       return -1;
-@@ -380,6 +377,7 @@ int bcm43xx_init(int fd, int def_speed,
-                       return -1;
-               }
-+              sleep(1);
-               if (bcm43xx_reset(fd))
-                       return -1;
-       }
diff --git a/utils/bluez/patches/003-Increase-firmware-load-timeout-to-30s.patch b/utils/bluez/patches/003-Increase-firmware-load-timeout-to-30s.patch
deleted file mode 100644 (file)
index fa0948d..0000000
+++ /dev/null
@@ -1,20 +0,0 @@
-From d41dc2046dd08d8c95197f677e224506f5b39bdd Mon Sep 17 00:00:00 2001
-From: Phil Elwell <phil@raspberrypi.org>
-Date: Wed, 20 Jan 2016 16:00:37 +0000
-Subject: [PATCH 3/4] Increase firmware load timeout to 30s
-
----
- tools/hciattach.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
---- a/tools/hciattach.c
-+++ b/tools/hciattach.c
-@@ -1293,7 +1293,7 @@ int main(int argc, char *argv[])
- {
-       struct uart_t *u = NULL;
-       int detach, printpid, raw, opt, i, n, ld, err;
--      int to = 10;
-+      int to = 30;
-       int init_speed = 0;
-       int send_break = 0;
-       pid_t pid;
diff --git a/utils/bluez/patches/004-Move-the-43xx-firmware-into-lib-firmware.patch b/utils/bluez/patches/004-Move-the-43xx-firmware-into-lib-firmware.patch
deleted file mode 100644 (file)
index 80b052d..0000000
+++ /dev/null
@@ -1,20 +0,0 @@
-From 76681284b0ea49852041fdb97a35175089a08781 Mon Sep 17 00:00:00 2001
-From: Phil Elwell <phil@raspberrypi.org>
-Date: Tue, 23 Feb 2016 17:52:29 +0000
-Subject: [PATCH 4/4] Move the 43xx firmware into /lib/firmware
-
----
- tools/hciattach_bcm43xx.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
---- a/tools/hciattach_bcm43xx.c
-+++ b/tools/hciattach_bcm43xx.c
-@@ -43,7 +43,7 @@
- #include "hciattach.h"
- #ifndef FIRMWARE_DIR
--#define FIRMWARE_DIR "/etc/firmware"
-+#define FIRMWARE_DIR "/lib/firmware/brcm"
- #endif
- #define FW_EXT ".hcd"
diff --git a/utils/bluez/patches/200-uart-speed.patch b/utils/bluez/patches/200-uart-speed.patch
deleted file mode 100644 (file)
index ebe0153..0000000
+++ /dev/null
@@ -1,40 +0,0 @@
---- a/tools/hciattach.c
-+++ b/tools/hciattach.c
-@@ -101,20 +101,37 @@ int uart_speed(int s)
-               return B230400;
-       case 460800:
-               return B460800;
-+/* FIX: Not all platform support this high serial speed
-+   claudyus84 @gamil.com
-+*/
-+#ifdef B500000
-       case 500000:
-               return B500000;
-+#endif
-+#ifdef B576000
-       case 576000:
-               return B576000;
-+#endif
-+#ifdef B921600
-       case 921600:
-               return B921600;
-+#endif
-+#ifdef B1000000
-       case 1000000:
-               return B1000000;
-+#endif
-+#ifdef B1152000
-       case 1152000:
-               return B1152000;
-+#endif
-+#ifdef B1500000
-       case 1500000:
-               return B1500000;
-+#endif
-+#ifdef B2000000
-       case 2000000:
-               return B2000000;
-+#endif
- #ifdef B2500000
-       case 2500000:
-               return B2500000;
diff --git a/utils/bluez/patches/201-readline.patch b/utils/bluez/patches/201-readline.patch
deleted file mode 100644 (file)
index 45e1553..0000000
+++ /dev/null
@@ -1,48 +0,0 @@
---- a/Makefile.in
-+++ b/Makefile.in
-@@ -2441,7 +2441,7 @@ unit_tests = $(am__append_35) unit/test-
- @CLIENT_TRUE@                                 monitor/uuid.h monitor/uuid.c
- @CLIENT_TRUE@client_bluetoothctl_LDADD = gdbus/libgdbus-internal.la @GLIB_LIBS@ @DBUS_LIBS@ \
--@CLIENT_TRUE@                         -lreadline
-+@CLIENT_TRUE@                         -lreadline -lncurses
- @MONITOR_TRUE@monitor_btmon_SOURCES = monitor/main.c monitor/bt.h \
- @MONITOR_TRUE@                                monitor/display.h monitor/display.c \
-@@ -2691,13 +2691,13 @@ unit_tests = $(am__append_35) unit/test-
- @READLINE_TRUE@                               client/display.h
- @READLINE_TRUE@attrib_gatttool_LDADD = lib/libbluetooth-internal.la \
--@READLINE_TRUE@                       src/libshared-glib.la @GLIB_LIBS@ -lreadline
-+@READLINE_TRUE@                       src/libshared-glib.la @GLIB_LIBS@ -lreadline -lncurses
- @READLINE_TRUE@tools_obex_client_tool_SOURCES = $(gobex_sources) $(btio_sources) \
- @READLINE_TRUE@                                               tools/obex-client-tool.c
- @READLINE_TRUE@tools_obex_client_tool_LDADD = lib/libbluetooth-internal.la \
--@READLINE_TRUE@                                               @GLIB_LIBS@ -lreadline
-+@READLINE_TRUE@                                               @GLIB_LIBS@ -lreadline -lncurses
- @READLINE_TRUE@tools_obex_server_tool_SOURCES = $(gobex_sources) $(btio_sources) \
- @READLINE_TRUE@                                               tools/obex-server-tool.c
-@@ -2707,17 +2707,17 @@ unit_tests = $(am__append_35) unit/test-
- @READLINE_TRUE@                               client/display.h client/display.c
- @READLINE_TRUE@tools_bluetooth_player_LDADD = gdbus/libgdbus-internal.la \
--@READLINE_TRUE@                               @GLIB_LIBS@ @DBUS_LIBS@ -lreadline
-+@READLINE_TRUE@                               @GLIB_LIBS@ @DBUS_LIBS@ -lreadline -lncurses
- @READLINE_TRUE@tools_obexctl_SOURCES = tools/obexctl.c \
- @READLINE_TRUE@                               client/display.h client/display.c
- @READLINE_TRUE@tools_obexctl_LDADD = gdbus/libgdbus-internal.la \
--@READLINE_TRUE@                               @GLIB_LIBS@ @DBUS_LIBS@ -lreadline
-+@READLINE_TRUE@                               @GLIB_LIBS@ @DBUS_LIBS@ -lreadline -lncurses
- @READLINE_TRUE@tools_btmgmt_SOURCES = tools/btmgmt.c src/uuid-helper.c client/display.c
- @READLINE_TRUE@tools_btmgmt_LDADD = lib/libbluetooth-internal.la src/libshared-mainloop.la \
--@READLINE_TRUE@                               -lreadline
-+@READLINE_TRUE@                               -lreadline -lncurses
- @EXPERIMENTAL_TRUE@tools_gatt_service_SOURCES = tools/gatt-service.c
- @EXPERIMENTAL_TRUE@tools_gatt_service_LDADD = @GLIB_LIBS@ @DBUS_LIBS@ gdbus/libgdbus-internal.la
index 58ae762abd47e28f6930e649941b703abab569d2..853b926847ab7e68a8f7e00b00efb7629ed86670 100644 (file)
@@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=canutils
-PKG_RELEASE=1
+PKG_RELEASE=2
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://github.com/linux-can/can-utils
@@ -24,9 +24,6 @@ PKG_FIXUP:=autoreconf
 
 include $(INCLUDE_DIR)/package.mk
 
-FILES:=canbusload can-calc-bit-timing candump \
-       cangen cangw canplayer cansniffer cansend
-
 define Package/canutils/Default
   SECTION:=utils
   CATEGORY:=Utilities
@@ -39,30 +36,30 @@ define Package/canutils
   MENU:=1
 endef
 
-define Package/canutils-log-conversion
-  $(call Package/canutils/Default)
-  TITLE:=canutils log conversion
-  DEPENDS:=canutils
-endef
+define GenPlugin
+  define Package/$(addprefix canutils-,$(1))
+    $(call Package/canutils/Default)
+    DEPENDS:=canutils
+    TITLE:=Utility $(1) from the CAN utilities
+  endef
 
-define PartGen
-define Package/canutils-$(1)
-  $(call Package/canutils/Default)
-  TITLE:=$(1) tool from canutils
-  DEPENDS:=canutils
-endef
+   define Package/$(addprefix canutils-,$(1))/description
+     Utility $(1) from the CAN utilities package.
+   endef
 endef
 
-$(foreach file,$(FILES),$(eval $(call PartGen,$(file))))
+FILES:=canbusload can-calc-bit-timing candump \
+       cangen cangw canplayer cansniffer cansend \
+       canfdtest asc2log log2asc log2long bcmserver \
+       canlogserver isotpdump isotpperf isotprecv \
+       isotpsend isotpserver isotpsniffer isotptun \
+       slcan_attach slcand slcanpty
+
 
-define Package/canutils/install
-endef
+$(foreach a,$(FILES),$(eval $(call GenPlugin,$(a))))
 
-define Package/canutils-log-conversion/install
-       $(INSTALL_DIR) $(1)/usr/bin
-       $(INSTALL_BIN) $(PKG_BUILD_DIR)/asc2log $(1)/usr/bin/
-       $(INSTALL_BIN) $(PKG_BUILD_DIR)/log2asc $(1)/usr/bin/
-       $(INSTALL_BIN) $(PKG_BUILD_DIR)/log2long $(1)/usr/bin/
+define Package/canutils/install
+       true
 endef
 
 define PartInstall
@@ -74,43 +71,7 @@ define Package/canutils-$(1)/install
 endef
 endef
 
-define Package/canutils-log-conversion/description
-asc2log - convert ASC logfile to compact CAN frame logfile.
-log2asc - convert compact CAN frame logfile to ASC logfile.
-log2long - convert compact CAN frame representation into user readable.
-endef
-
-define Package/canutils-canbusload/description
-canbusload - display the load percentage of can buses.
-endef
-
-define Package/canutils-can-calc-bit-timing/description
-can-calc-bit-timing - calculate hw bittiming for supported can chips.
-endef
-
-define Package/canutils-candump/description
-candump - dumps can frames to terminal, logfile or another can device,
-with optional filtering.
-endef
-
-define Package/canutils-cangen/description
-cangen - CAN frames generator for testing purposes.
-endef
-
-define Package/canutils-cangw/description
-cangw - manage PF_CAN netlink gateway.
-endef
-
-define Package/canutils-canplayer/description
-canplayer - replay a compact CAN frame logfile to CAN devices.
-endef
-
-define Package/canutils-cansend/description
-cansend - simple command line tool to send CAN-frames via CAN_RAW sockets.
-endef
-
 $(foreach file,$(FILES),$(eval $(call PartInstall,$(file))))
 
 $(eval $(call BuildPackage,canutils))
-$(eval $(call BuildPackage,canutils-log-conversion))
 $(foreach file,$(FILES),$(eval $(call BuildPackage,canutils-$(file))))
index 27491c6fe9c1cd57a278e2af90aa270ac62ee2c2..77ffd23d77b25c13f49c9694e99d91178d5920f9 100644 (file)
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=collectd
 PKG_VERSION:=5.5.3
-PKG_RELEASE:=3
+PKG_RELEASE:=4
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:=http://collectd.org/files/
diff --git a/utils/collectd/patches/500-fix-uptime-reading.patch b/utils/collectd/patches/500-fix-uptime-reading.patch
new file mode 100644 (file)
index 0000000..2e77c95
--- /dev/null
@@ -0,0 +1,173 @@
+From af01dd6fa3eb458e2fbb272703b0cae37ea54a9b Mon Sep 17 00:00:00 2001
+From: Marcin Jurkowski <marcin1j@gmail.com>
+Date: Tue, 11 Jul 2017 15:00:25 +0200
+Subject: [PATCH] uptime plugin: don't cache boot time and simplify Linux code
+
+Caching boottime on startup yields incorrect uptime values if system
+date changes after the daemon is started.
+This is almost certain to happen on embedded systems without RTC, where
+clock is set from NTP server at some point after boot process.
+
+On Linux, we can retrieve uptime directly by either reading /proc/uptime
+(it's sufficient to read a few bytes) or calling sysinfo() function.
+Use the latter since it's the most efficient way in speed, memory
+requirements and code simplicity terms.
+
+--- a/src/uptime.c
++++ b/src/uptime.c
+@@ -24,8 +24,7 @@
+ #include "plugin.h"
+ #if KERNEL_LINUX
+-# define STAT_FILE "/proc/stat"
+-/* Using /proc filesystem to retrieve the boot time, Linux only. */
++#include <sys/sysinfo.h>
+ /* #endif KERNEL_LINUX */
+ #elif HAVE_LIBKSTAT
+@@ -50,8 +49,6 @@
+ /*
+  * Global variables
+  */
+-/* boottime always used, no OS distinction */
+-static time_t boottime;
+ #if HAVE_LIBKSTAT
+ extern kstat_ctl_t *kc;
+@@ -74,8 +71,6 @@ static void uptime_submit (gauge_t uptim
+       plugin_dispatch_values (&vl);
+ }
+-static int uptime_init (void) /* {{{ */
+-{
+       /*
+        * On most unix systems the uptime is calculated by looking at the boot
+        * time (stored in unix time, since epoch) and the current one. We are
+@@ -86,52 +81,21 @@ static int uptime_init (void) /* {{{ */
+        * the boot time, the plugin is unregistered and there is no chance to
+        * try again later. Nevertheless, this is very unlikely to happen.
+        */
+-
++static time_t uptime_get_sys(void) { /* {{{ */
++  time_t result;
+ #if KERNEL_LINUX
+-      unsigned long starttime;
+-      char buffer[1024];
+-      int ret;
+-      FILE *fh;
+-
+-      ret = 0;
+-
+-      fh = fopen (STAT_FILE, "r");
++      struct sysinfo info;
++      int status;
+-      if (fh == NULL)
+-      {
++      status = sysinfo(&info);
++      if (status != 0) {
+               char errbuf[1024];
+-              ERROR ("uptime plugin: Cannot open "STAT_FILE": %s",
++              ERROR ("uptime plugin: Error calling sysinfo: %s",
+                       sstrerror (errno, errbuf, sizeof (errbuf)));
+               return (-1);
+       }
+-      while (fgets (buffer, 1024, fh) != NULL)
+-      {
+-              /* look for the btime string and read the value */
+-              ret = sscanf (buffer, "btime %lu", &starttime);
+-              /* avoid further loops if btime has been found and read
+-               * correctly (hopefully) */
+-              if (ret == 1)
+-                      break;
+-      }
+-
+-      fclose (fh);
+-
+-      /* loop done, check if no value has been found/read */
+-      if (ret != 1)
+-      {
+-              ERROR ("uptime plugin: No value read from "STAT_FILE"");
+-              return (-1);
+-      }
+-
+-      boottime = (time_t) starttime;
+-
+-      if (boottime == 0)
+-      {
+-              ERROR ("uptime plugin: btime read from "STAT_FILE", "
+-                              "but `boottime' is zero!");
+-              return (-1);
+-      }
++      result = (time_t)info.uptime;
+ /* #endif KERNEL_LINUX */
+ #elif HAVE_LIBKSTAT
+@@ -168,14 +132,13 @@ static int uptime_init (void) /* {{{ */
+               return (-1);
+       }
+-      boottime = (time_t) knp->value.ui32;
+-
+-      if (boottime == 0)
+-      {
++      if (knp->value.ui32 == 0) {
+               ERROR ("uptime plugin: kstat_data_lookup returned success, "
+                       "but `boottime' is zero!");
+               return (-1);
+       }
++
++  result = time(NULL) - (time_t)knp->value.ui32;
+ /* #endif HAVE_LIBKSTAT */
+ # elif HAVE_SYS_SYSCTL_H
+@@ -201,14 +164,13 @@ static int uptime_init (void) /* {{{ */
+               return (-1);
+       }
+-      boottime = boottv.tv_sec;
+-
+-      if (boottime == 0)
+-      {
++      if (boottv.tv_sec == 0) {
+               ERROR ("uptime plugin: sysctl(3) returned success, "
+                               "but `boottime' is zero!");
+               return (-1);
+       }
++
++      result = time(NULL) - boottv.tv_sec;
+ /* #endif HAVE_SYS_SYSCTL_H */
+ #elif HAVE_PERFSTAT
+@@ -230,11 +192,11 @@ static int uptime_init (void) /* {{{ */
+       if (hertz <= 0)
+               hertz = HZ;
+-      boottime = time(NULL) - cputotal.lbolt / hertz;
++      result = cputotal.lbolt / hertz;
+ #endif /* HAVE_PERFSTAT */
+-      return (0);
+-} /* }}} int uptime_init */
++      return result;
++} /* }}} int uptime_get_sys */
+ static int uptime_read (void)
+ {
+@@ -242,7 +204,7 @@ static int uptime_read (void)
+       time_t elapsed;
+       /* calculate the amount of time elapsed since boot, AKA uptime */
+-      elapsed = time (NULL) - boottime;
++      elapsed = uptime_get_sys();
+       uptime = (gauge_t) elapsed;
+@@ -253,6 +215,5 @@ static int uptime_read (void)
+ void module_register (void)
+ {
+-      plugin_register_init ("uptime", uptime_init);
+       plugin_register_read ("uptime", uptime_read);
+ } /* void module_register */
index 0d52b60ea4c1bab51a5bcaf280c54858404deff4..3fbc75e09f1ba52e26caba7fd7eb4b48c9432f93 100644 (file)
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=coreutils
 PKG_VERSION:=8.23
-PKG_RELEASE:=2
+PKG_RELEASE:=3
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=@GNU/coreutils
@@ -43,6 +43,8 @@ DEPENDS_ls = +libacl +libcap
 DEPENDS_mv = +libacl
 DEPENDS_vdir = +libacl +libcap
 
+FILES_stdbuf := usr/lib/coreutils/libstdbuf.so
+
 define Package/coreutils/Default
   SECTION:=utils
   CATEGORY:=Utilities
@@ -105,6 +107,10 @@ define BuildPlugin
   define Package/$(1)/install
        $(INSTALL_DIR) $$(1)/usr/bin
        $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/$(2) $$(1)/usr/bin/
+       $(foreach f,$(FILES_$(2)),
+               $(INSTALL_DIR) $$(1)/$(dir $(f))
+               $(INSTALL_BIN) $(PKG_INSTALL_DIR)/$(f) $$(1)/$(f)
+       )
   endef
 
   $$(eval $$(call BuildPackage,$(1)))
diff --git a/utils/tree/Makefile b/utils/tree/Makefile
new file mode 100644 (file)
index 0000000..b7ff3d4
--- /dev/null
@@ -0,0 +1,33 @@
+#
+# Copyright (C) 2017 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=tree
+PKG_RELEASE:=1
+PKG_VERSION:=1.7.0
+PKG_SOURCE_URL:=ftp://mama.indstate.edu/linux/tree/
+PKG_HASH:=6957c20e82561ac4231638996e74f4cfa4e6faabc5a2f511f0b4e3940e8f7b12
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tgz
+PKG_MAINTAINER:=Banglang Huang <banglang.huang@foxmail.com>
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/tree
+  SECTION:=utils
+  CATEGORY:=Utilities
+  TITLE:=List contents of directories in a tree-like format
+  DEPENDS:=+libc +libgcc
+endef
+
+define Package/tree/install
+       $(INSTALL_DIR) $(1)/usr/sbin
+       $(INSTALL_BIN) $(PKG_BUILD_DIR)/tree $(1)/usr/sbin/
+endef
+
+$(eval $(call BuildPackage,tree))
diff --git a/utils/ttyd/Makefile b/utils/ttyd/Makefile
new file mode 100644 (file)
index 0000000..3927cd0
--- /dev/null
@@ -0,0 +1,47 @@
+#
+# Copyright (C) 2016 Shuanglei Tao <tsl0922@gmail.com>
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=ttyd
+PKG_VERSION:=1.2.1
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE_URL:=https://github.com/tsl0922/ttyd.git
+PKG_SOURCE_VERSION:=$(PKG_VERSION)
+
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=LICENSE
+
+CMAKE_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
+
+define Package/ttyd
+       SECTION:=utils
+       CATEGORY:=Utilities
+       TITLE:=Command-line tool for sharing terminal over the web
+       DEPENDS:=+libopenssl +libjson-c +libpthread +libwebsockets-openssl
+       URL:=https://github.com/tsl0922/ttyd
+       SUBMENU:=Terminal
+       MAINTAINER:=Shuanglei Tao <tsl0922@gmail.com>
+endef
+
+define Package/ttyd/description
+ttyd is a command-line tool for sharing terminal over the web.
+endef
+
+define Package/ttyd/install
+       $(INSTALL_DIR) $(1)/usr/bin
+       $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/ttyd $(1)/usr/bin/
+endef
+
+$(eval $(call BuildPackage,ttyd))